diff --git a/CHANGELOG.md b/CHANGELOG.md
index ff837985593..e44e87db88e 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -6,6 +6,7 @@
 * [CHANGE] Remove deprecated method `Push` from `tempopb.Pusher` [#1173](https://github.com/grafana/tempo/pull/1173) (@kvrhdn)
 * [CHANGE] Upgrade cristalhq/hedgedhttp from v0.6.0 to v0.7.0 [#1159](https://github.com/grafana/tempo/pull/1159) (@cristaloleg)
 * [CHANGE] Export trace id constant in api package [#1176](https://github.com/grafana/tempo/pull/1176)
+* [CHANGE] GRPC `1.33.3` => `1.38.0` broke compatibility with `gogoproto.customtype`. Enforce the use of gogoproto marshalling/unmarshalling for Tempo, Cortex & Jaeger structs. [#1186](https://github.com/grafana/tempo/pull/1186) (@annanay25)
 * [FEATURE] Added support for full backend search. [#1174](https://github.com/grafana/tempo/pull/1174) (@joe-elliott)
   **BREAKING CHANGE** Moved `querier.search_max_result_limit` and `querier.search_default_result_limit` to `query_frontend.search.max_result_limit` and `query_frontend.search.default_result_limit`
 * [ENHANCEMENT] Expose `upto` parameter on hedged requests for each backend with `hedge_requests_up_to`. [#1085](https://github.com/grafana/tempo/pull/1085) (@joe-elliott)
diff --git a/cmd/tempo-serverless/go.mod b/cmd/tempo-serverless/go.mod
index c95f6347661..33a829c5f15 100644
--- a/cmd/tempo-serverless/go.mod
+++ b/cmd/tempo-serverless/go.mod
@@ -32,4 +32,4 @@ replace (
 // Pin to the latest release of grpc-go with GenerateAndRegisterManualResolver
 // This function is used by jeagertracing/jaeger, but we can't update jaeger
 // without updating the open-telemetry/collector as well
-replace google.golang.org/grpc => google.golang.org/grpc v1.33.3
+replace google.golang.org/grpc => google.golang.org/grpc v1.38.0
diff --git a/cmd/tempo-serverless/go.sum b/cmd/tempo-serverless/go.sum
index f2c9eff3f96..a170b42800f 100644
--- a/cmd/tempo-serverless/go.sum
+++ b/cmd/tempo-serverless/go.sum
@@ -83,34 +83,32 @@ github.com/Azure/azure-sdk-for-go v48.2.0+incompatible/go.mod h1:9XXNKU+eRnpl9mo
 github.com/Azure/azure-sdk-for-go v51.2.0+incompatible/go.mod h1:9XXNKU+eRnpl9moKnB4QOLf1HestfXbmab5FXxiDBjc=
 github.com/Azure/azure-sdk-for-go v52.5.0+incompatible/go.mod h1:9XXNKU+eRnpl9moKnB4QOLf1HestfXbmab5FXxiDBjc=
 github.com/Azure/azure-sdk-for-go v54.0.0+incompatible/go.mod h1:9XXNKU+eRnpl9moKnB4QOLf1HestfXbmab5FXxiDBjc=
-github.com/Azure/azure-sdk-for-go v57.1.0+incompatible/go.mod h1:9XXNKU+eRnpl9moKnB4QOLf1HestfXbmab5FXxiDBjc=
+github.com/Azure/azure-sdk-for-go v58.3.0+incompatible/go.mod h1:9XXNKU+eRnpl9moKnB4QOLf1HestfXbmab5FXxiDBjc=
 github.com/Azure/azure-storage-blob-go v0.8.0/go.mod h1:lPI3aLPpuLTeUwh1sViKXFxwl2B6teiRqI0deQUvsw0=
 github.com/Azure/azure-storage-blob-go v0.13.0 h1:lgWHvFh+UYBNVQLFHXkvul2f6yOPA9PIH82RTG2cSwc=
 github.com/Azure/azure-storage-blob-go v0.13.0/go.mod h1:pA9kNqtjUeQF2zOSu4s//nUdBD+e64lEuc4sVnuOfNs=
 github.com/Azure/go-ansiterm v0.0.0-20170929234023-d6e3b3328b78/go.mod h1:LmzpDX56iTiv29bbRTIsUNlaFfuhWRQBWjQdVyAevI8=
+github.com/Azure/go-ansiterm v0.0.0-20210617225240-d185dfc1b5a1/go.mod h1:xomTg63KZ2rFqZQzSB4Vz2SUXa1BpHTVz9L5PTmPC4E=
 github.com/Azure/go-autorest v10.8.1+incompatible/go.mod h1:r+4oMnoxhatjLLJ6zxSWATqVooLgysK6ZNox3g/xq24=
 github.com/Azure/go-autorest v11.2.8+incompatible/go.mod h1:r+4oMnoxhatjLLJ6zxSWATqVooLgysK6ZNox3g/xq24=
 github.com/Azure/go-autorest v14.2.0+incompatible h1:V5VMDjClD3GiElqLWO7mz2MxNAK/vTfRHdAubSIPRgs=
 github.com/Azure/go-autorest v14.2.0+incompatible/go.mod h1:r+4oMnoxhatjLLJ6zxSWATqVooLgysK6ZNox3g/xq24=
 github.com/Azure/go-autorest/autorest v0.9.0/go.mod h1:xyHB1BMZT0cuDHU7I0+g046+BFDTQ8rEZB0s4Yfa6bI=
 github.com/Azure/go-autorest/autorest v0.9.3-0.20191028180845-3492b2aff503/go.mod h1:xyHB1BMZT0cuDHU7I0+g046+BFDTQ8rEZB0s4Yfa6bI=
-github.com/Azure/go-autorest/autorest v0.9.3/go.mod h1:GsRuLYvwzLjjjRoWEIyMUaYq8GNUx2nRB378IPt/1p0=
 github.com/Azure/go-autorest/autorest v0.10.0/go.mod h1:/FALq9T/kS7b5J5qsQ+RSTUdAmGFqi0vUdVNNx8q630=
-github.com/Azure/go-autorest/autorest v0.10.1/go.mod h1:/FALq9T/kS7b5J5qsQ+RSTUdAmGFqi0vUdVNNx8q630=
 github.com/Azure/go-autorest/autorest v0.10.2/go.mod h1:/FALq9T/kS7b5J5qsQ+RSTUdAmGFqi0vUdVNNx8q630=
 github.com/Azure/go-autorest/autorest v0.11.1/go.mod h1:JFgpikqFJ/MleTTxwepExTKnFUKKszPS8UavbQYUMuw=
 github.com/Azure/go-autorest/autorest v0.11.2/go.mod h1:JFgpikqFJ/MleTTxwepExTKnFUKKszPS8UavbQYUMuw=
 github.com/Azure/go-autorest/autorest v0.11.4/go.mod h1:JFgpikqFJ/MleTTxwepExTKnFUKKszPS8UavbQYUMuw=
+github.com/Azure/go-autorest/autorest v0.11.9/go.mod h1:eipySxLmqSyC5s5k1CLupqet0PSENBEDP93LQ9a8QYw=
 github.com/Azure/go-autorest/autorest v0.11.10/go.mod h1:eipySxLmqSyC5s5k1CLupqet0PSENBEDP93LQ9a8QYw=
 github.com/Azure/go-autorest/autorest v0.11.11/go.mod h1:eipySxLmqSyC5s5k1CLupqet0PSENBEDP93LQ9a8QYw=
 github.com/Azure/go-autorest/autorest v0.11.17/go.mod h1:eipySxLmqSyC5s5k1CLupqet0PSENBEDP93LQ9a8QYw=
 github.com/Azure/go-autorest/autorest v0.11.18/go.mod h1:dSiJPy22c3u0OtOKDNttNgqpNFY/GeWa7GH/Pz56QRA=
-github.com/Azure/go-autorest/autorest v0.11.20 h1:s8H1PbCZSqg/DH7JMlOz6YMig6htWLNPsjDdlLqCx3M=
-github.com/Azure/go-autorest/autorest v0.11.20/go.mod h1:o3tqFY+QR40VOlk+pV4d77mORO64jOXSgEnPQgLK6JY=
+github.com/Azure/go-autorest/autorest v0.11.22 h1:bXiQwDjrRmBQOE67bwlvUKAC1EU1yZTPQ38c+bstZws=
+github.com/Azure/go-autorest/autorest v0.11.22/go.mod h1:BAWYUWGPEtKPzjVkp0Q6an0MJcJDsoh5Z1BFAEFs4Xs=
 github.com/Azure/go-autorest/autorest/adal v0.5.0/go.mod h1:8Z9fGy2MpX0PvDjB1pEgQTmVqjGhiHBW7RJJEciWzS0=
-github.com/Azure/go-autorest/autorest/adal v0.8.0/go.mod h1:Z6vX6WXXuyieHAXwMj0S6HY6e6wcHn37qQMBQlvY3lc=
 github.com/Azure/go-autorest/autorest/adal v0.8.1-0.20191028180845-3492b2aff503/go.mod h1:Z6vX6WXXuyieHAXwMj0S6HY6e6wcHn37qQMBQlvY3lc=
-github.com/Azure/go-autorest/autorest/adal v0.8.1/go.mod h1:ZjhuQClTqx435SRJ2iMlOxPYt3d2C/T/7TiQCVZSn3Q=
 github.com/Azure/go-autorest/autorest/adal v0.8.2/go.mod h1:ZjhuQClTqx435SRJ2iMlOxPYt3d2C/T/7TiQCVZSn3Q=
 github.com/Azure/go-autorest/autorest/adal v0.8.3/go.mod h1:ZjhuQClTqx435SRJ2iMlOxPYt3d2C/T/7TiQCVZSn3Q=
 github.com/Azure/go-autorest/autorest/adal v0.9.0/go.mod h1:/c022QCutn2P7uY+/oQWWNcK9YU+MH96NgK+jErpbcg=
@@ -118,11 +116,11 @@ github.com/Azure/go-autorest/autorest/adal v0.9.2/go.mod h1:/3SMAM86bP6wC9Ev35pe
 github.com/Azure/go-autorest/autorest/adal v0.9.5/go.mod h1:B7KF7jKIeC9Mct5spmyCB/A8CG/sEz1vwIRGv/bbw7A=
 github.com/Azure/go-autorest/autorest/adal v0.9.11/go.mod h1:nBKAnTomx8gDtl+3ZCJv2v0KACFHWTB2drffI1B68Pk=
 github.com/Azure/go-autorest/autorest/adal v0.9.13/go.mod h1:W/MM4U6nLxnIskrw4UwWzlHfGjwUS50aOsc/I3yuU8M=
-github.com/Azure/go-autorest/autorest/adal v0.9.15 h1:X+p2GF0GWyOiSmqohIaEeuNFNDY4I4EOlVuUQvFdWMk=
-github.com/Azure/go-autorest/autorest/adal v0.9.15/go.mod h1:tGMin8I49Yij6AQ+rvV+Xa/zwxYQB5hmsd6DkfAx2+A=
-github.com/Azure/go-autorest/autorest/azure/auth v0.4.2/go.mod h1:90gmfKdlmKgfjUpnCEpOJzsUEjrWDSLwHIG73tSXddM=
+github.com/Azure/go-autorest/autorest/adal v0.9.14/go.mod h1:W/MM4U6nLxnIskrw4UwWzlHfGjwUS50aOsc/I3yuU8M=
+github.com/Azure/go-autorest/autorest/adal v0.9.17 h1:esOPl2dhcz9P3jqBSJ8tPGEj2EqzPPT6zfyuloiogKY=
+github.com/Azure/go-autorest/autorest/adal v0.9.17/go.mod h1:XVVeme+LZwABT8K5Lc3hA4nAe8LDBVle26gTrguhhPQ=
+github.com/Azure/go-autorest/autorest/azure/auth v0.5.3/go.mod h1:4bJZhUhcq8LB20TruwHbAQsmUs2Xh+QR7utuJpLXX3A=
 github.com/Azure/go-autorest/autorest/azure/auth v0.5.8/go.mod h1:kxyKZTSfKh8OVFWPAgOgQ/frrJgeYQJPyR5fLFmXko4=
-github.com/Azure/go-autorest/autorest/azure/cli v0.3.1/go.mod h1:ZG5p860J94/0kI9mNJVoIoLgXcirM2gF5i2kWloofxw=
 github.com/Azure/go-autorest/autorest/azure/cli v0.4.2/go.mod h1:7qkJkT+j6b+hIpzMOwPChJhTqS8VbsqqgULzMNRugoM=
 github.com/Azure/go-autorest/autorest/date v0.1.0/go.mod h1:plvfp3oPSKwf2DNjlBjWF/7vwR+cUD/ELuzDCXwHUVA=
 github.com/Azure/go-autorest/autorest/date v0.2.0/go.mod h1:vcORJHLJEh643/Ioh9+vPmf1Ij9AEBM5FuBIXLmIy0g=
@@ -178,7 +176,7 @@ github.com/Microsoft/hcsshim v0.8.9/go.mod h1:5692vkUqntj1idxauYlpoINNKeqCiG6Sg3
 github.com/Microsoft/hcsshim v0.8.14/go.mod h1:NtVKoYxQuTLx6gEq0L96c9Ju4JbRJ4nY2ow3VK6a9Lg=
 github.com/Microsoft/hcsshim v0.8.15/go.mod h1:x38A4YbHbdxJtc0sF6oIz+RG0npwSCAvn69iY6URG00=
 github.com/Microsoft/hcsshim v0.8.16/go.mod h1:o5/SZqmR7x9JNKsW3pu+nqHm0MF8vbA+VxGOoXdC600=
-github.com/Microsoft/hcsshim v0.8.18/go.mod h1:+w2gRZ5ReXQhFOrvSQeNfhrYB/dg3oDwTOcER2fw4I4=
+github.com/Microsoft/hcsshim v0.8.21/go.mod h1:+w2gRZ5ReXQhFOrvSQeNfhrYB/dg3oDwTOcER2fw4I4=
 github.com/Microsoft/hcsshim/test v0.0.0-20201218223536-d3e5debf77da/go.mod h1:5hlzMzRKMLyo42nCZ9oml8AdTlq/0cvIaBv6tK1RehU=
 github.com/Microsoft/hcsshim/test v0.0.0-20210227013316-43a75bb4edd3/go.mod h1:mw7qgWloBUl75W/gVH3cQszUg1+gUITj7D6NY7ywVnY=
 github.com/NYTimes/gziphandler v0.0.0-20170623195520-56545f4a5d46/go.mod h1:3wb06e3pkSAbeQ52E9H9iFoQsEEwGN64994WTCIhntQ=
@@ -212,8 +210,8 @@ github.com/alecthomas/units v0.0.0-20151022065526-2efee857e7cf/go.mod h1:ybxpYRF
 github.com/alecthomas/units v0.0.0-20190717042225-c3de453c63f4/go.mod h1:ybxpYRFXyAe+OPACYpWeL0wqObRcbAqCMya13uyzqw0=
 github.com/alecthomas/units v0.0.0-20190924025748-f65c72e2690d/go.mod h1:rBZYJk541a8SKzHPHnH3zbiI+7dagKZ0cgpgrD7Fyho=
 github.com/alecthomas/units v0.0.0-20210208195552-ff826a37aa15/go.mod h1:OMCwj8VM1Kc9e19TLln2VL61YJF0x1XFtfdL4JdbSyE=
-github.com/alecthomas/units v0.0.0-20210912230133-d1bdfacee922 h1:8ypNbf5sd3Sm3cKJ9waOGoQv6dKAFiFty9L6NP1AqJ4=
-github.com/alecthomas/units v0.0.0-20210912230133-d1bdfacee922/go.mod h1:OMCwj8VM1Kc9e19TLln2VL61YJF0x1XFtfdL4JdbSyE=
+github.com/alecthomas/units v0.0.0-20210927113745-59d0afb8317a h1:E/8AP5dFtMhl5KPJz66Kt9G0n+7Sn41Fy1wv9/jHOrc=
+github.com/alecthomas/units v0.0.0-20210927113745-59d0afb8317a/go.mod h1:OMCwj8VM1Kc9e19TLln2VL61YJF0x1XFtfdL4JdbSyE=
 github.com/alexflint/go-filemutex v0.0.0-20171022225611-72bdc8eae2ae/go.mod h1:CgnQgUtFrFz9mxFNtED3jI5tLDjKlOM+oUF/sTk6ps0=
 github.com/alicebob/gopher-json v0.0.0-20200520072559-a9ecdc9d1d3a h1:HbKu58rmZpUGpz5+4FfNmIU+FmZg2P3Xaj2v2bfNWmk=
 github.com/alicebob/gopher-json v0.0.0-20200520072559-a9ecdc9d1d3a/go.mod h1:SGnFV6hVsYE877CKEZ6tDNTjaSXYUk6QqoIK6PrAtcc=
@@ -228,6 +226,7 @@ github.com/antihax/optional v1.0.0/go.mod h1:uupD/76wgC+ih3iEmQUL+0Ugr19nfwCT1kd
 github.com/antonmedv/expr v1.9.0/go.mod h1:5qsM3oLGDND7sDmQGDXHkYfkjYMUX14qsgqmHhwGEk8=
 github.com/aokoli/goutils v1.0.1/go.mod h1:SijmP0QR8LtwsmDs8Yii5Z/S4trXFGFC2oO5g9DP+DQ=
 github.com/apache/arrow/go/arrow v0.0.0-20191024131854-af6fa24be0db/go.mod h1:VTxUBvSJ3s3eHAg65PNgrsn5BtqCRPdmyXh6rAfdxN0=
+github.com/apache/arrow/go/arrow v0.0.0-20200601151325-b2287a20f230/go.mod h1:QNYViu/X0HXDHw7m3KXzWSVXIbfUvJqBFe6Gj8/pYA0=
 github.com/apache/arrow/go/arrow v0.0.0-20200923215132-ac86123a3f01/go.mod h1:QNYViu/X0HXDHw7m3KXzWSVXIbfUvJqBFe6Gj8/pYA0=
 github.com/apache/thrift v0.12.0/go.mod h1:cp2SuWMxlEZw2r+iP2GNCdIi4C1qmUzdZFSVb+bacwQ=
 github.com/apache/thrift v0.13.0/go.mod h1:cp2SuWMxlEZw2r+iP2GNCdIi4C1qmUzdZFSVb+bacwQ=
@@ -272,10 +271,11 @@ github.com/aws/aws-sdk-go v1.38.3/go.mod h1:hcU610XS61/+aQV88ixoOzUoG7v3b31pl2zK
 github.com/aws/aws-sdk-go v1.38.35/go.mod h1:hcU610XS61/+aQV88ixoOzUoG7v3b31pl2zKMmprdro=
 github.com/aws/aws-sdk-go v1.38.68/go.mod h1:hcU610XS61/+aQV88ixoOzUoG7v3b31pl2zKMmprdro=
 github.com/aws/aws-sdk-go v1.40.11/go.mod h1:585smgzpB/KqRA+K3y/NL/oYRqQvpNJYvLm+LY1U59Q=
-github.com/aws/aws-sdk-go v1.40.37/go.mod h1:585smgzpB/KqRA+K3y/NL/oYRqQvpNJYvLm+LY1U59Q=
 github.com/aws/aws-sdk-go v1.40.45/go.mod h1:585smgzpB/KqRA+K3y/NL/oYRqQvpNJYvLm+LY1U59Q=
-github.com/aws/aws-sdk-go v1.42.9 h1:8ptAGgA+uC2TUbdvUeOVSfBocIZvGE2NKiLxkAcn1GA=
+github.com/aws/aws-sdk-go v1.42.8/go.mod h1:585smgzpB/KqRA+K3y/NL/oYRqQvpNJYvLm+LY1U59Q=
 github.com/aws/aws-sdk-go v1.42.9/go.mod h1:585smgzpB/KqRA+K3y/NL/oYRqQvpNJYvLm+LY1U59Q=
+github.com/aws/aws-sdk-go v1.42.16 h1:jOUmYYpC77NZYQVHTOTFT4lwFBT1u3s8ETKciU4l6gQ=
+github.com/aws/aws-sdk-go v1.42.16/go.mod h1:585smgzpB/KqRA+K3y/NL/oYRqQvpNJYvLm+LY1U59Q=
 github.com/aws/aws-sdk-go-v2 v0.18.0/go.mod h1:JWVYvqSMppoMJC0x5wdwiImzgXTI9FuZwxzkQq9wy+g=
 github.com/aws/aws-sdk-go-v2 v1.7.0/go.mod h1:tb9wi5s61kTDA5qCkcDbt3KRVV74GGslQkl/DRdX/P4=
 github.com/aws/aws-sdk-go-v2 v1.9.1/go.mod h1:cK/D0BBs0b/oWPIcX/Z/obahJK1TT7IPVjy53i/mX/4=
@@ -307,6 +307,7 @@ github.com/beorn7/perks v1.0.1/go.mod h1:G2ZrVWU2WbWT9wwq4/hrbKbnv/1ERSJQ0ibhJ6r
 github.com/bgentry/speakeasy v0.1.0/go.mod h1:+zsyZBPWlz7T6j88CTgSN5bM796AkVf0kBD4zp0CCIs=
 github.com/bitly/go-hostpool v0.0.0-20171023180738-a3a6125de932/go.mod h1:NOuUCSz6Q9T7+igc/hlvDOUdtWKryOrtFyIVABv/p7k=
 github.com/bitly/go-simplejson v0.5.0/go.mod h1:cXHtHw4XUPsvGaxgjIAn8PhEWG9NfngEKAMDJEczWVA=
+github.com/bits-and-blooms/bitset v1.2.0/go.mod h1:gIdJ4wp64HaoK2YrL1Q5/N7Y16edYb8uY+O0FJTyyDA=
 github.com/bketelsen/crypt v0.0.3-0.20200106085610-5cbc8cc4026c/go.mod h1:MKsuJmJgSg28kpZDP6UIiPt0e0Oz0kqKNGyRaWEPv84=
 github.com/bketelsen/crypt v0.0.4/go.mod h1:aI6NrJ0pMGgvZKL1iVgXLnfIFJtfV+bKCoqOes/6LfM=
 github.com/blang/semver v3.1.0+incompatible/go.mod h1:kRBLl5iJ+tD4TcOOxsy/0fnwebNt5EWlYSAyrTnjyyk=
@@ -336,6 +337,7 @@ github.com/cenkalti/backoff/v4 v4.1.0/go.mod h1:scbssz8iZGpm3xbr14ovlUdkxfGXNInq
 github.com/cenkalti/backoff/v4 v4.1.1/go.mod h1:scbssz8iZGpm3xbr14ovlUdkxfGXNInqkPWOWmG2CLw=
 github.com/cenkalti/backoff/v4 v4.1.2/go.mod h1:scbssz8iZGpm3xbr14ovlUdkxfGXNInqkPWOWmG2CLw=
 github.com/census-instrumentation/opencensus-proto v0.2.1/go.mod h1:f6KPmirojxKA12rnyqOA5BBL4O983OfeGPqjHWSTneU=
+github.com/census-instrumentation/opencensus-proto v0.3.0 h1:t/LhUZLVitR1Ow2YOnduCsavhwFUklBMoGVYUCqmCqk=
 github.com/census-instrumentation/opencensus-proto v0.3.0/go.mod h1:f6KPmirojxKA12rnyqOA5BBL4O983OfeGPqjHWSTneU=
 github.com/certifi/gocertifi v0.0.0-20191021191039-0944d244cd40/go.mod h1:sGbDF6GwGcLpkNXPUTkMRoywsNa/ol15pxFe6ERfguA=
 github.com/cespare/xxhash v0.0.0-20181017004759-096ff4a8a059/go.mod h1:XrSqR1VqqWfGrhpAt58auRo0WTKS1nRRg3ghfAqPWnc=
@@ -346,6 +348,7 @@ github.com/cespare/xxhash/v2 v2.1.1/go.mod h1:VGX0DQ3Q6kWi7AoAeZDth3/j3BFtOZR5XL
 github.com/cespare/xxhash/v2 v2.1.2 h1:YRXhKfTDauu4ajMg1TPgFO5jnlC2HCbmLXMcTG5cbYE=
 github.com/cespare/xxhash/v2 v2.1.2/go.mod h1:VGX0DQ3Q6kWi7AoAeZDth3/j3BFtOZR5XLFGgcrjCOs=
 github.com/checkpoint-restore/go-criu/v4 v4.1.0/go.mod h1:xUQBLp4RLc5zJtWY++yjOoMoB5lihDt7fai+75m+rGw=
+github.com/checkpoint-restore/go-criu/v5 v5.0.0/go.mod h1:cfwC0EG7HMUenopBsUf9d89JlCLQIfgVcNsNN0t6T2M=
 github.com/chromedp/cdproto v0.0.0-20200116234248-4da64dd111ac/go.mod h1:PfAWWKJqjlGFYJEidUM6aVIWPr0EpobeyVWEEmplX7g=
 github.com/chromedp/cdproto v0.0.0-20200424080200-0de008e41fa0/go.mod h1:PfAWWKJqjlGFYJEidUM6aVIWPr0EpobeyVWEEmplX7g=
 github.com/chromedp/chromedp v0.5.3/go.mod h1:YLdPtndaHQ4rCpSpBG+IPpy9JvX0VD+7aaLxYgYj28w=
@@ -356,14 +359,17 @@ github.com/cilium/ebpf v0.0.0-20200110133405-4032b1d8aae3/go.mod h1:MA5e5Lr8slmE
 github.com/cilium/ebpf v0.0.0-20200702112145-1c8d4c9ef775/go.mod h1:7cR51M8ViRLIdUjrmSXlK9pkrsDlLHbO8jiB8X8JnOc=
 github.com/cilium/ebpf v0.2.0/go.mod h1:To2CFviqOWL/M0gIMsvSMlqe7em/l1ALkX1PyjrX2Qs=
 github.com/cilium/ebpf v0.4.0/go.mod h1:4tRaxcgiL706VnOzHOdBlY8IEAIdxINsQBcU4xJJXRs=
+github.com/cilium/ebpf v0.6.2/go.mod h1:4tRaxcgiL706VnOzHOdBlY8IEAIdxINsQBcU4xJJXRs=
 github.com/circonus-labs/circonus-gometrics v2.3.1+incompatible/go.mod h1:nmEj6Dob7S7YxXgwXpfOuvO54S+tGdZdw9fuRZt25Ag=
 github.com/circonus-labs/circonusllhist v0.1.3/go.mod h1:kMXHVDlOchFAehlya5ePtbp5jckzBHf4XRpQvBOLI+I=
 github.com/clbanning/mxj v1.8.4/go.mod h1:BVjHeAH+rl9rs6f+QIpeRl0tfu10SXn1pUSa5PVGJng=
 github.com/clbanning/x2j v0.0.0-20191024224557-825249438eec/go.mod h1:jMjuTZXRI4dUb/I5gc9Hdhagfvm9+RyrPryS/auMzxE=
 github.com/cloudevents/sdk-go/v2 v2.2.0 h1:FlBJg7W0QywbOjuZGmRXUyFk8qkCHx2euETp+tuopSU=
 github.com/cloudevents/sdk-go/v2 v2.2.0/go.mod h1:3CTrpB4+u7Iaj6fd7E2Xvm5IxMdRoaAhqaRVnOr2rCU=
-github.com/cncf/udpa/go v0.0.0-20191209042840-269d4d468f6f/go.mod h1:M8M6+tZqaGXZJjfX53e64911xZQV5JYwmTeXPW+k8Sc=
-github.com/cncf/xds/go v0.0.0-20210312221358-fbca930ec8ed/go.mod h1:eXthEFrGJvWHgFFCl3hGmgk+/aYT6PnTQLykKQRLhEs=
+github.com/cncf/udpa/go v0.0.0-20201120205902-5459f2c99403 h1:cqQfy1jclcSy/FwLjemeg3SR1yaINm74aQyupQ0Bl8M=
+github.com/cncf/udpa/go v0.0.0-20201120205902-5459f2c99403/go.mod h1:WmhPx2Nbnhtbo57+VJT5O0JRkEi1Wbu0z5j0R8u5Hbk=
+github.com/cncf/xds/go v0.0.0-20211001041855-01bcc9b48dfe h1:QJDJubh0OEcpeGjC7/8uF9tt4e39U/Ya1uyK+itnNPQ=
+github.com/cncf/xds/go v0.0.0-20211001041855-01bcc9b48dfe/go.mod h1:eXthEFrGJvWHgFFCl3hGmgk+/aYT6PnTQLykKQRLhEs=
 github.com/cockroachdb/apd v1.1.0/go.mod h1:8Sl8LxpKi29FqWXR16WEFZRNSz3SoPzUzeMeY4+DwBQ=
 github.com/cockroachdb/cockroach-go v0.0.0-20181001143604-e0a95dfd547c/go.mod h1:XGLbWH/ujMcbPbhZq52Nv6UrCghb1yGn//133kEsvDk=
 github.com/cockroachdb/datadriven v0.0.0-20190531201743-edce55837238/go.mod h1:zn76sxSg3SzpJ0PPJaLDCu+Bu0Lg3sKTORVIj19EIF8=
@@ -406,7 +412,7 @@ github.com/containerd/containerd v1.5.0-beta.3/go.mod h1:/wr9AVtEM7x9c+n0+stptlo
 github.com/containerd/containerd v1.5.0-beta.4/go.mod h1:GmdgZd2zA2GYIBZ0w09ZvgqEq8EfBp/m3lcVZIvPHhI=
 github.com/containerd/containerd v1.5.0-rc.0/go.mod h1:V/IXoMqNGgBlabz3tHD2TWDoTJseu1FGOKuoA4nNb2s=
 github.com/containerd/containerd v1.5.1/go.mod h1:0DOxVqwDy2iZvrZp2JUx/E+hS0UNTVn7dJnIOwtYR4g=
-github.com/containerd/containerd v1.5.4/go.mod h1:sx18RgvW6ABJ4iYUw7Q5x7bgFOAB9B6G7+yO0XBc4zw=
+github.com/containerd/containerd v1.5.7/go.mod h1:gyvv6+ugqY25TiXxcZC3L5yOeYgEw0QMhscqVp1AR9c=
 github.com/containerd/continuity v0.0.0-20190426062206-aaeac12a7ffc/go.mod h1:GL3xCUCBDV3CZiTSEKksMWbLE66hEyuu9qyDOOqM47Y=
 github.com/containerd/continuity v0.0.0-20190815185530-f2a389ac0a02/go.mod h1:GL3xCUCBDV3CZiTSEKksMWbLE66hEyuu9qyDOOqM47Y=
 github.com/containerd/continuity v0.0.0-20191127005431-f65d91d395eb/go.mod h1:GL3xCUCBDV3CZiTSEKksMWbLE66hEyuu9qyDOOqM47Y=
@@ -486,8 +492,8 @@ github.com/cortexproject/cortex v1.6.1-0.20210215155036-dfededd9f331/go.mod h1:8
 github.com/cortexproject/cortex v1.7.1-0.20210224085859-66d6fb5b0d42/go.mod h1:u2dxcHInYbe45wxhLoWVdlFJyDhXewsMcxtnbq/QbH4=
 github.com/cortexproject/cortex v1.7.1-0.20210316085356-3fedc1108a49/go.mod h1:/DBOW8TzYBTE/U+O7Whs7i7E2eeeZl1iRVDtIqxn5kg=
 github.com/cortexproject/cortex v1.8.1-0.20210422151339-cf1c444e0905/go.mod h1:xxm4/CLvTmDxwE7yXwtClR4dIvkG4S09o5DygPOgc1U=
-github.com/cortexproject/cortex v1.10.1-0.20211104100946-3f329a21cad4 h1:UmeSnQx9LDkclyvdwg+JdPT0ZJBDPetgLMGOUQSEHL0=
-github.com/cortexproject/cortex v1.10.1-0.20211104100946-3f329a21cad4/go.mod h1:ce+HHGktmHrcpBNN1dV6q1MksC38KR2s6BKZwiQTYyc=
+github.com/cortexproject/cortex v1.10.1-0.20211214110443-07d6cfc4eb84 h1:hWWucked7CXd1ySo4OaZttwGJST57fq/g9FNsLgotlY=
+github.com/cortexproject/cortex v1.10.1-0.20211214110443-07d6cfc4eb84/go.mod h1:YVKUfeEvo1Nm9xd3LTU6+Rl9u9jglFP/bUPMFy7I+OA=
 github.com/cpuguy83/go-md2man v1.0.10/go.mod h1:SmD6nW6nTyfqj6ABTjUi3V3JVMnlJmwcJI5acqYI6dE=
 github.com/cpuguy83/go-md2man/v2 v2.0.0-20190314233015-f79a8a8ca69d/go.mod h1:maD7wRr/U5Z6m/iR4s+kqSMx2CaBsrgA7czyZG/E6dU=
 github.com/cpuguy83/go-md2man/v2 v2.0.0/go.mod h1:maD7wRr/U5Z6m/iR4s+kqSMx2CaBsrgA7czyZG/E6dU=
@@ -548,7 +554,7 @@ github.com/digitalocean/godo v1.52.0/go.mod h1:p7dOjjtSBqCTUksqtA5Fd3uaKs9kyTq2x
 github.com/digitalocean/godo v1.57.0/go.mod h1:p7dOjjtSBqCTUksqtA5Fd3uaKs9kyTq2xcz76ulEJRU=
 github.com/digitalocean/godo v1.58.0/go.mod h1:p7dOjjtSBqCTUksqtA5Fd3uaKs9kyTq2xcz76ulEJRU=
 github.com/digitalocean/godo v1.60.0/go.mod h1:p7dOjjtSBqCTUksqtA5Fd3uaKs9kyTq2xcz76ulEJRU=
-github.com/digitalocean/godo v1.65.0/go.mod h1:p7dOjjtSBqCTUksqtA5Fd3uaKs9kyTq2xcz76ulEJRU=
+github.com/digitalocean/godo v1.71.0/go.mod h1:GBmu8MkjZmNARE7IXRPmkbbnocNN8+uBm0xbEVw2LCs=
 github.com/dimchansky/utfbom v1.1.0/go.mod h1:rO41eb7gLfo8SF1jd9F8HplJm1Fewwi4mQvIirEdv+8=
 github.com/dimchansky/utfbom v1.1.1/go.mod h1:SxdoEBH5qIqFocHMyGOXVAybYJdr71b1Q/j0mACtrfE=
 github.com/dnaeon/go-vcr v1.0.1/go.mod h1:aBB1+wY4s93YsC3HHjMBMrwTj2R9FHDzUr9KyGc8n1E=
@@ -562,7 +568,7 @@ github.com/docker/docker v17.12.0-ce-rc1.0.20200706150819-a40b877fbb9e+incompati
 github.com/docker/docker v20.10.3+incompatible/go.mod h1:eEKB0N0r5NX/I1kEveEz05bcu8tLC/8azJZsviup8Sk=
 github.com/docker/docker v20.10.5+incompatible/go.mod h1:eEKB0N0r5NX/I1kEveEz05bcu8tLC/8azJZsviup8Sk=
 github.com/docker/docker v20.10.6+incompatible/go.mod h1:eEKB0N0r5NX/I1kEveEz05bcu8tLC/8azJZsviup8Sk=
-github.com/docker/docker v20.10.8+incompatible/go.mod h1:eEKB0N0r5NX/I1kEveEz05bcu8tLC/8azJZsviup8Sk=
+github.com/docker/docker v20.10.10+incompatible/go.mod h1:eEKB0N0r5NX/I1kEveEz05bcu8tLC/8azJZsviup8Sk=
 github.com/docker/go-connections v0.4.0/go.mod h1:Gbd7IOopHjR8Iph03tsViu4nIes5XhDvyHbTtUxmeec=
 github.com/docker/go-events v0.0.0-20170721190031-9461782956ad/go.mod h1:Uw6UezgYA44ePAFQYUehOuCzmy5zmg/+nl2ZfMWGkpA=
 github.com/docker/go-events v0.0.0-20190806004212-e31b211e4f1c/go.mod h1:Uw6UezgYA44ePAFQYUehOuCzmy5zmg/+nl2ZfMWGkpA=
@@ -595,10 +601,12 @@ github.com/elazarl/goproxy v0.0.0-20180725130230-947c36da3153/go.mod h1:/Zj4wYkg
 github.com/ema/qdisc v0.0.0-20190904071900-b82c76788043/go.mod h1:ix4kG2zvdUd8kEKSW0ZTr1XLks0epFpI4j745DXxlNE=
 github.com/emicklei/go-restful v0.0.0-20170410110728-ff4f55a20633/go.mod h1:otzb+WCGbkyDHkqmQmT5YD2WR4BBwUdeQoFo8l/7tVs=
 github.com/emicklei/go-restful v2.9.5+incompatible/go.mod h1:otzb+WCGbkyDHkqmQmT5YD2WR4BBwUdeQoFo8l/7tVs=
-github.com/envoyproxy/go-control-plane v0.9.4/go.mod h1:6rpuAdCZL397s3pYoYcLgu1mIlRU8Am5FuJP05cCM98=
-github.com/envoyproxy/go-control-plane v0.9.9/go.mod h1:hliV/p42l8fGbc6Y9bQ70uLwIvmJyVE5k4iMKlh8wCQ=
+github.com/envoyproxy/go-control-plane v0.9.9-0.20210217033140-668b12f5399d/go.mod h1:cXg6YxExXjJnVBQHBLXeUAgxn2UodCpnH306RInaBQk=
+github.com/envoyproxy/go-control-plane v0.10.1 h1:cgDRLG7bs59Zd+apAWuzLQL95obVYAymNJek76W3mgw=
+github.com/envoyproxy/go-control-plane v0.10.1/go.mod h1:AY7fTTXNdv/aJ2O5jwpxAPOWUZ7hQAEvzN5Pf27BkQQ=
 github.com/envoyproxy/protoc-gen-validate v0.1.0/go.mod h1:iSmxcyjqTsJpI2R4NaDN7+kN2VEUnK/pcBlmesArF7c=
-github.com/envoyproxy/protoc-gen-validate v0.6.1/go.mod h1:txg5va2Qkip90uYoSKH+nkAAmXrb2j3iq4FLwdrCbXQ=
+github.com/envoyproxy/protoc-gen-validate v0.6.2 h1:JiO+kJTpmYGjEodY7O1Zk8oZcNz1+f30UtwtXoFUPzE=
+github.com/envoyproxy/protoc-gen-validate v0.6.2/go.mod h1:2t7qjJNvHPx8IjnBOzl9E9/baC+qXE/TeeyBRzgJDws=
 github.com/evanphx/json-patch v0.0.0-20200808040245-162e5629780b/go.mod h1:NAJj0yf/KaRKURN6nyi7A9IZydMivZEm9oQLWNjfKDc=
 github.com/evanphx/json-patch v4.2.0+incompatible/go.mod h1:50XU6AFN0ol/bzJsmQLiYLvXMP4fmwYFNcr97nuDLSk=
 github.com/evanphx/json-patch v4.5.0+incompatible/go.mod h1:50XU6AFN0ol/bzJsmQLiYLvXMP4fmwYFNcr97nuDLSk=
@@ -670,6 +678,7 @@ github.com/go-logfmt/logfmt v0.5.1/go.mod h1:WYhtIu8zTZfxdn5+rREduYbwxfcBr/Vr6KE
 github.com/go-logr/logr v0.1.0/go.mod h1:ixOQHD9gLJUVQQ2ZOR7zLEifBX6tGkNJF4QyIY7sIas=
 github.com/go-logr/logr v0.2.0/go.mod h1:z6/tIYblkpsD+a4lm/fGIIU9mZ+XfAiaFtq7xTgseGU=
 github.com/go-logr/logr v0.4.0/go.mod h1:z6/tIYblkpsD+a4lm/fGIIU9mZ+XfAiaFtq7xTgseGU=
+github.com/go-logr/logr v1.0.0/go.mod h1:jdQByPbusPIv2/zmleS9BjJVeZ6kBagPoEUsqbVz/1A=
 github.com/go-ole/go-ole v1.2.5/go.mod h1:pprOEPIfldk/42T2oK7lQ4v4JSDwmV0As9GaiUsvbm0=
 github.com/go-ole/go-ole v1.2.6/go.mod h1:pprOEPIfldk/42T2oK7lQ4v4JSDwmV0As9GaiUsvbm0=
 github.com/go-openapi/analysis v0.0.0-20180825180245-b006789cd277/go.mod h1:k70tL6pCuVxPJOHXQ+wIac1FUrvNkHolPie/cLEU6hI=
@@ -764,6 +773,7 @@ github.com/go-openapi/strfmt v0.20.0/go.mod h1:UukAYgTaQfqJuAFlNxxMWNvMYiwiXtLsF
 github.com/go-openapi/strfmt v0.20.1/go.mod h1:43urheQI9dNtE5lTZQfuFJvjYJKPrxicATpEfZwHUNk=
 github.com/go-openapi/strfmt v0.20.2/go.mod h1:43urheQI9dNtE5lTZQfuFJvjYJKPrxicATpEfZwHUNk=
 github.com/go-openapi/strfmt v0.21.0/go.mod h1:ZRQ409bWMj+SOgXofQAGTIo2Ebu72Gs+WaRADcS5iNg=
+github.com/go-openapi/strfmt v0.21.1/go.mod h1:I/XVKeLc5+MM5oPNN7P6urMOpuLXEcNrCX/rPGuWb0k=
 github.com/go-openapi/swag v0.0.0-20160704191624-1d0bd113de87/go.mod h1:DXUve3Dpr1UfpPtxFw+EFuQ41HhCWZfha5jSVRG7C7I=
 github.com/go-openapi/swag v0.17.0/go.mod h1:AByQ+nYG6gQg71GINrmuDXCPWdL640yX49/kXLo40Tg=
 github.com/go-openapi/swag v0.17.2/go.mod h1:AByQ+nYG6gQg71GINrmuDXCPWdL640yX49/kXLo40Tg=
@@ -859,6 +869,8 @@ github.com/gogo/protobuf v1.3.2/go.mod h1:P1XiOD3dCwIKUDQYPy72D8LYyHL2YPYrpS2s69
 github.com/gogo/status v1.0.3/go.mod h1:SavQ51ycCLnc7dGyJxp8YAmudx8xqiVrRf+6IXRsugc=
 github.com/gogo/status v1.1.0 h1:+eIkrewn5q6b30y+g/BJINVVdi2xH7je5MPJ3ZPK3JA=
 github.com/gogo/status v1.1.0/go.mod h1:BFv9nrluPLmrS0EmGVvLaPNmRosr9KapBYd5/hpY1WM=
+github.com/golang-jwt/jwt v3.2.1+incompatible h1:73Z+4BJcrTC+KczS6WvTPvRGOp1WmfEP4Q1lOd9Z/+c=
+github.com/golang-jwt/jwt v3.2.1+incompatible/go.mod h1:8pz2t5EyA70fFQQSrl6XZXzqecmYZeUEB8OUGHkxJ+I=
 github.com/golang-jwt/jwt/v4 v4.0.0 h1:RAqyYixv1p7uEnocuy8P1nru5wprCh/MH2BIlW5z5/o=
 github.com/golang-jwt/jwt/v4 v4.0.0/go.mod h1:/xlHOz8bRuivTWchD4jCa+NbatV+wEUSzwAxVc6locg=
 github.com/golang-migrate/migrate/v4 v4.7.0/go.mod h1:Qvut3N4xKWjoH3sokBccML6WyHSnggXm/DvMMnTsQIc=
@@ -967,7 +979,8 @@ github.com/google/pprof v0.0.0-20210504235042-3a04a4d88a10/go.mod h1:kpwsk12EmLe
 github.com/google/pprof v0.0.0-20210601050228-01bbb1931b22/go.mod h1:kpwsk12EmLew5upagYY7GY0pfYCcupk39gWOCRROcvE=
 github.com/google/pprof v0.0.0-20210609004039-a478d1d731e9/go.mod h1:kpwsk12EmLew5upagYY7GY0pfYCcupk39gWOCRROcvE=
 github.com/google/pprof v0.0.0-20210720184732-4bb14d4b1be1/go.mod h1:kpwsk12EmLew5upagYY7GY0pfYCcupk39gWOCRROcvE=
-github.com/google/pprof v0.0.0-20210827144239-02619b876842/go.mod h1:kpwsk12EmLew5upagYY7GY0pfYCcupk39gWOCRROcvE=
+github.com/google/pprof v0.0.0-20211008130755-947d60d73cc0/go.mod h1:KgnwoLYCZ8IQu3XUZ8Nc/bM9CCZFOyjUNOSygVozoDg=
+github.com/google/pprof v0.0.0-20211122183932-1daafda22083/go.mod h1:KgnwoLYCZ8IQu3XUZ8Nc/bM9CCZFOyjUNOSygVozoDg=
 github.com/google/renameio v0.1.0/go.mod h1:KWCgfxg9yswjAJkECMjeO8J8rahYeXnNhOm40UhjYkI=
 github.com/google/uuid v1.0.0/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo=
 github.com/google/uuid v1.1.0/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo=
@@ -1002,7 +1015,7 @@ github.com/gophercloud/gophercloud v0.14.0/go.mod h1:VX0Ibx85B60B5XOrZr6kaNwrmPU
 github.com/gophercloud/gophercloud v0.15.0/go.mod h1:VX0Ibx85B60B5XOrZr6kaNwrmPUzcmMpwxvQ1WQIIWM=
 github.com/gophercloud/gophercloud v0.16.0/go.mod h1:wRtmUelyIIv3CSSDI47aUwbs075O6i+LY+pXsKCBsb4=
 github.com/gophercloud/gophercloud v0.17.0/go.mod h1:wRtmUelyIIv3CSSDI47aUwbs075O6i+LY+pXsKCBsb4=
-github.com/gophercloud/gophercloud v0.20.0/go.mod h1:wRtmUelyIIv3CSSDI47aUwbs075O6i+LY+pXsKCBsb4=
+github.com/gophercloud/gophercloud v0.23.0/go.mod h1:MRw6uyLj8uCGbIvBlqL7QW67t0QtNZnzydUzewo1Ioc=
 github.com/gopherjs/gopherjs v0.0.0-20181017120253-0766667cb4d1/go.mod h1:wJfORRmW1u3UXTncJ5qlYoELFm8eSnnEO6hX4iZ3EWY=
 github.com/gopherjs/gopherjs v0.0.0-20191106031601-ce3c9ade29de/go.mod h1:wJfORRmW1u3UXTncJ5qlYoELFm8eSnnEO6hX4iZ3EWY=
 github.com/gorilla/context v1.1.1/go.mod h1:kBGZzfjB9CEq2AlWe17Uuf7NDRt0dE0s8S51q0aT7Yg=
@@ -1054,6 +1067,7 @@ github.com/hashicorp/consul/api v1.7.0/go.mod h1:1NSuaUUkFaJzMasbfq/11wKYWSR67Xn
 github.com/hashicorp/consul/api v1.8.1/go.mod h1:sDjTOq0yUyv5G4h+BqSea7Fn6BU+XbolEz1952UB+mk=
 github.com/hashicorp/consul/api v1.9.1/go.mod h1:XjsvQN+RJGWI2TWy1/kqaE16HrR2J/FWgkYjdZQsX9M=
 github.com/hashicorp/consul/api v1.10.1/go.mod h1:XjsvQN+RJGWI2TWy1/kqaE16HrR2J/FWgkYjdZQsX9M=
+github.com/hashicorp/consul/api v1.11.0/go.mod h1:XjsvQN+RJGWI2TWy1/kqaE16HrR2J/FWgkYjdZQsX9M=
 github.com/hashicorp/consul/sdk v0.1.1/go.mod h1:VKf9jXwCTEY1QZP2MOLRhb5i/I/ssyNV1vwHyQBF0x8=
 github.com/hashicorp/consul/sdk v0.3.0/go.mod h1:VKf9jXwCTEY1QZP2MOLRhb5i/I/ssyNV1vwHyQBF0x8=
 github.com/hashicorp/consul/sdk v0.4.0/go.mod h1:fY08Y9z5SvJqevyZNy6WWPXiG3KwBPAvlcdx16zZ0fM=
@@ -1132,25 +1146,27 @@ github.com/hetznercloud/hcloud-go v1.22.0/go.mod h1:xng8lbDUg+xM1dgc0yGHX5EeqbwI
 github.com/hetznercloud/hcloud-go v1.23.1/go.mod h1:xng8lbDUg+xM1dgc0yGHX5EeqbwIq7UYlMWMTx3SQVg=
 github.com/hetznercloud/hcloud-go v1.24.0/go.mod h1:3YmyK8yaZZ48syie6xpm3dt26rtB6s65AisBHylXYFA=
 github.com/hetznercloud/hcloud-go v1.25.0/go.mod h1:2C5uMtBiMoFr3m7lBFPf7wXTdh33CevmZpQIIDPGYJI=
-github.com/hetznercloud/hcloud-go v1.32.0/go.mod h1:XX/TQub3ge0yWR2yHWmnDVIrB+MQbda1pHxkUmDlUME=
+github.com/hetznercloud/hcloud-go v1.33.1/go.mod h1:XX/TQub3ge0yWR2yHWmnDVIrB+MQbda1pHxkUmDlUME=
 github.com/hodgesds/perf-utils v0.0.8/go.mod h1:F6TfvsbtrF88i++hou29dTXlI2sfsJv+gRZDtmTJkAs=
 github.com/hpcloud/tail v1.0.0/go.mod h1:ab1qPbhIpdTxEkNHXyeSf5vhxWSCs/tWer42PpOxQnU=
 github.com/huandu/xstrings v1.0.0/go.mod h1:4qWG/gcEcfX4z/mBDHJ++3ReCw9ibxbsNJbcucJdbSo=
 github.com/hudl/fargo v1.3.0/go.mod h1:y3CKSmjA+wD2gak7sUSXTAoopbhU08POFhmITJgmKTg=
 github.com/hudl/fargo v1.4.0/go.mod h1:9Ai6uvFy5fQNq6VPKtg+Ceq1+eTY4nKUlR2JElEOcDo=
-github.com/iancoleman/strcase v0.0.0-20180726023541-3605ed457bf7/go.mod h1:SK73tn/9oHe+/Y0h39VT4UCxmurVJkR5NA7kMEAOgSE=
+github.com/iancoleman/strcase v0.2.0/go.mod h1:iwCmte+B7n89clKwxIoIXy/HfoL7AsD47ZCWhYzw7ho=
 github.com/ianlancetaylor/demangle v0.0.0-20181102032728-5e5cf60278f6/go.mod h1:aSSvb/t6k1mPoxDqO4vJh6VOCGPwU4O0C2/Eqndh1Sc=
 github.com/ianlancetaylor/demangle v0.0.0-20200824232613-28f6c0f3b639/go.mod h1:aSSvb/t6k1mPoxDqO4vJh6VOCGPwU4O0C2/Eqndh1Sc=
+github.com/ianlancetaylor/demangle v0.0.0-20210905161508-09a460cdf81d/go.mod h1:aYm2/VgdVmcIU8iMfdMvDMsRAQjcfZSKFby6HOFvi/w=
 github.com/imdario/mergo v0.3.4/go.mod h1:2EnlNZ0deacrJVfApfmtdGgDfMuh/nq6Ok1EcJh5FfA=
 github.com/imdario/mergo v0.3.5/go.mod h1:2EnlNZ0deacrJVfApfmtdGgDfMuh/nq6Ok1EcJh5FfA=
 github.com/imdario/mergo v0.3.8/go.mod h1:2EnlNZ0deacrJVfApfmtdGgDfMuh/nq6Ok1EcJh5FfA=
 github.com/imdario/mergo v0.3.10/go.mod h1:jmQim1M+e3UYxmgPu/WyfjB3N3VflVyUjjjwH0dnCYA=
 github.com/imdario/mergo v0.3.11/go.mod h1:jmQim1M+e3UYxmgPu/WyfjB3N3VflVyUjjjwH0dnCYA=
+github.com/imdario/mergo v0.3.12/go.mod h1:jmQim1M+e3UYxmgPu/WyfjB3N3VflVyUjjjwH0dnCYA=
 github.com/inconshreveable/mousetrap v1.0.0 h1:Z8tu5sraLXCXIcARxBp/8cbvlwVa7Z1NHg9XEKhtSvM=
 github.com/inconshreveable/mousetrap v1.0.0/go.mod h1:PxqpIevigyE2G7u3NXJIT2ANytuPF1OarO4DADm73n8=
 github.com/influxdata/flux v0.65.0/go.mod h1:BwN2XG2lMszOoquQaFdPET8FRQfrXiZsWmcMO9rkaVY=
 github.com/influxdata/flux v0.65.1/go.mod h1:J754/zds0vvpfwuq7Gc2wRdVwEodfpCFM7mYlOw2LqY=
-github.com/influxdata/flux v0.120.1/go.mod h1:pGSAvyAA5d3et7SSzajaYShWYXmnRnJJq2qWi+WWZ2I=
+github.com/influxdata/flux v0.131.0/go.mod h1:CKvnYe6FHpTj/E0YGI7TcOZdGiYHoToOPSnoa12RtKI=
 github.com/influxdata/httprouter v1.3.1-0.20191122104820-ee83e2772f69/go.mod h1:pwymjR6SrP3gD3pRj9RJwdl1j5s3doEEV8gS4X9qSzA=
 github.com/influxdata/influxdb v1.7.7/go.mod h1:qZna6X/4elxqT3yI9iZYdZrWWdeFOOprn86kgg4+IzY=
 github.com/influxdata/influxdb v1.8.0/go.mod h1:SIzcnsjaHRFpmlxpJ4S3NT64qtEKYweNTUMb/vh0OMQ=
@@ -1159,7 +1175,7 @@ github.com/influxdata/influxdb v1.8.2/go.mod h1:SIzcnsjaHRFpmlxpJ4S3NT64qtEKYweN
 github.com/influxdata/influxdb v1.8.3/go.mod h1:JugdFhsvvI8gadxOI6noqNeeBHvWNTbfYGtiAn+2jhI=
 github.com/influxdata/influxdb v1.8.4/go.mod h1:JugdFhsvvI8gadxOI6noqNeeBHvWNTbfYGtiAn+2jhI=
 github.com/influxdata/influxdb v1.8.5/go.mod h1:oFH+pbEyDln/1TKwa98oJzVrkZwdjrJOwIDGYZj7Ma0=
-github.com/influxdata/influxdb v1.9.3/go.mod h1:xD4ZjAgEJQO9/bX3NhFrssKtdNPi+ki1kjrttJRDhGc=
+github.com/influxdata/influxdb v1.9.5/go.mod h1:4uPVvcry9KWQVWLxyT9641qpkRXUBN+xa0MJFFNNLKo=
 github.com/influxdata/influxdb-client-go/v2 v2.3.1-0.20210518120617-5d1fff431040/go.mod h1:vLNHdxTJkIf2mSLvGrpj8TCcISApPoXkaxP8g9uRlW8=
 github.com/influxdata/influxdb1-client v0.0.0-20191209144304-8bf82d3c094d/go.mod h1:qj24IKcXYK6Iy9ceXlo3Tc+vtHo9lIhSX5JddghvEPo=
 github.com/influxdata/influxdb1-client v0.0.0-20200827194710-b269163b24ab/go.mod h1:qj24IKcXYK6Iy9ceXlo3Tc+vtHo9lIhSX5JddghvEPo=
@@ -1168,7 +1184,7 @@ github.com/influxdata/influxql v1.1.1-0.20200828144457-65d3ef77d385/go.mod h1:gH
 github.com/influxdata/influxql v1.1.1-0.20210223160523-b6ab99450c93/go.mod h1:gHp9y86a/pxhjJ+zMjNXiQAA197Xk9wLxaz+fGG+kWk=
 github.com/influxdata/line-protocol v0.0.0-20180522152040-32c6aa80de5e/go.mod h1:4kt73NQhadE3daL3WhR5EJ/J2ocX0PZzwxQ0gXJ7oFE=
 github.com/influxdata/line-protocol v0.0.0-20200327222509-2487e7298839/go.mod h1:xaLFMmpvUxqXtVkUJfg9QmT88cDaCJ3ZKgdZ78oO8Qo=
-github.com/influxdata/pkg-config v0.2.7/go.mod h1:EMS7Ll0S4qkzDk53XS3Z72/egBsPInt+BeRxb0WeSwk=
+github.com/influxdata/pkg-config v0.2.8/go.mod h1:EMS7Ll0S4qkzDk53XS3Z72/egBsPInt+BeRxb0WeSwk=
 github.com/influxdata/promql/v2 v2.12.0/go.mod h1:fxOPu+DY0bqCTCECchSRtWfc+0X19ybifQhZoQNF5D8=
 github.com/influxdata/roaring v0.4.13-0.20180809181101-fc520f41fab6/go.mod h1:bSgUQ7q5ZLSO+bKBGqJiCBGAl+9DxyW63zLTujjUlOE=
 github.com/influxdata/tdigest v0.0.0-20181121200506-bf2b5ad3c0a9/go.mod h1:Js0mqiSBE6Ffsg94weZZ2c+v/ciT8QRHFOap7EKDrR0=
@@ -1243,6 +1259,7 @@ github.com/klauspost/compress v1.11.13/go.mod h1:aoV0uJVorq1K+umq18yTdKaF57EivdY
 github.com/klauspost/compress v1.12.3/go.mod h1:8dP1Hq4DHOhN9w426knH3Rhby4rFm6D8eO+e+Dq5Gzg=
 github.com/klauspost/compress v1.13.1/go.mod h1:8dP1Hq4DHOhN9w426knH3Rhby4rFm6D8eO+e+Dq5Gzg=
 github.com/klauspost/compress v1.13.4/go.mod h1:8dP1Hq4DHOhN9w426knH3Rhby4rFm6D8eO+e+Dq5Gzg=
+github.com/klauspost/compress v1.13.5/go.mod h1:/3/Vjq9QcHkK5uEr5lBEmyoZ1iFhe47etQ6QUkpK6sk=
 github.com/klauspost/compress v1.13.6 h1:P76CopJELS0TiO2mebmnzgWaajssP/EszplttgQxcgc=
 github.com/klauspost/compress v1.13.6/go.mod h1:/3/Vjq9QcHkK5uEr5lBEmyoZ1iFhe47etQ6QUkpK6sk=
 github.com/klauspost/cpuid v0.0.0-20170728055534-ae7887de9fa5/go.mod h1:Pj4uuM528wm8OyEC2QMXAi2YiTZ96dNQPGgoMS4s3ek=
@@ -1253,6 +1270,7 @@ github.com/klauspost/crc32 v0.0.0-20161016154125-cb6bfca970f6/go.mod h1:+ZoRqAPR
 github.com/klauspost/pgzip v1.0.2-0.20170402124221-0bf5dcad4ada/go.mod h1:Ch1tH69qFZu15pkjo5kYi6mth2Zzwzt50oCQKQE9RUs=
 github.com/knadh/koanf v1.3.2/go.mod h1:HZ7HMLIGbrWJUfgtEzfHvzR/rX+eIqQlBNPRr4Vt42s=
 github.com/knq/sysutil v0.0.0-20191005231841-15668db23d08/go.mod h1:dFWs1zEqDjFtnBXsd1vPOZaLsESovai349994nHx3e0=
+github.com/kolo/xmlrpc v0.0.0-20201022064351-38db28db192b/go.mod h1:pcaDhQK0/NJZEvtCO0qQPPropqV0sJOJ6YW7X+9kRwM=
 github.com/konsorten/go-windows-terminal-sequences v1.0.1/go.mod h1:T0+1ngSBFLxvqU3pZ+m/2kptfBszLMUkC4ZK/EgS/cQ=
 github.com/konsorten/go-windows-terminal-sequences v1.0.2/go.mod h1:T0+1ngSBFLxvqU3pZ+m/2kptfBszLMUkC4ZK/EgS/cQ=
 github.com/konsorten/go-windows-terminal-sequences v1.0.3/go.mod h1:T0+1ngSBFLxvqU3pZ+m/2kptfBszLMUkC4ZK/EgS/cQ=
@@ -1287,13 +1305,13 @@ github.com/lightstep/lightstep-tracer-go v0.18.0/go.mod h1:jlF1pusYV4pidLvZ+XD0U
 github.com/lightstep/lightstep-tracer-go v0.18.1/go.mod h1:jlF1pusYV4pidLvZ+XD0UBX0ZE6WURAspgAczcDHrL4=
 github.com/lightstep/tracecontext.go v0.0.0-20181129014701-1757c391b1ac h1:+2b6iGRJe3hvV/yVXrd41yVEjxuFHxasJqDhkIjS4gk=
 github.com/lightstep/tracecontext.go v0.0.0-20181129014701-1757c391b1ac/go.mod h1:Frd2bnT3w5FB5q49ENTfVlztJES+1k/7lyWX2+9gq/M=
-github.com/linode/linodego v0.32.0/go.mod h1:BR0gVkCJffEdIGJSl6bHR80Ty+Uvg/2jkjmrWaFectM=
+github.com/linode/linodego v1.2.1/go.mod h1:x/7+BoaKd4unViBmS2umdjYyVAmpFtBtEXZ0wou7FYQ=
 github.com/lovoo/gcloud-opentracing v0.3.0/go.mod h1:ZFqk2y38kMDDikZPAK7ynTTGuyt17nSPdS3K5e+ZTBY=
 github.com/lucasb-eyer/go-colorful v1.0.2/go.mod h1:0MS4r+7BZKSJ5mw4/S5MPN+qHFF1fYclkSPilDOKW0s=
 github.com/lucasb-eyer/go-colorful v1.0.3/go.mod h1:R4dSotOR9KMtayYi1e77YzuveK+i7ruzyGqttikkLy0=
 github.com/lufia/iostat v1.1.0/go.mod h1:rEPNA0xXgjHQjuI5Cy05sLlS2oRcSlWHRLrvh/AQ+Pg=
 github.com/lufia/plan9stats v0.0.0-20211012122336-39d0f177ccd0/go.mod h1:zJYVVT2jmtg6P3p1VtQj7WsuWi/y4VnjVBn7F8KPB3I=
-github.com/lyft/protoc-gen-star v0.5.1/go.mod h1:9toiA3cC7z5uVbODF7kEQ91Xn7XNFkVUl+SrEe+ZORU=
+github.com/lyft/protoc-gen-star v0.5.3/go.mod h1:V0xaHgaf5oCCqmcxYcWiDfTiKsZsRc87/1qhoTACD8w=
 github.com/magiconair/properties v1.8.0/go.mod h1:PppfXfuXeibc/6YijjN8zIbojt8czPbwD3XqdrwzmxQ=
 github.com/magiconair/properties v1.8.1/go.mod h1:PppfXfuXeibc/6YijjN8zIbojt8czPbwD3XqdrwzmxQ=
 github.com/magiconair/properties v1.8.5 h1:b6kJs+EmPFMYGkow9GiUyCyOvIwYetYJ3fSaWak/Gls=
@@ -1375,8 +1393,9 @@ github.com/minio/md5-simd v1.1.0/go.mod h1:XpBqgZULrMYD3R+M28PcmP0CkI7PEMzB3U77Z
 github.com/minio/minio-go/v6 v6.0.44/go.mod h1:qD0lajrGW49lKZLtXKtCB4X/qkMf0a5tBvN2PaZg7Gg=
 github.com/minio/minio-go/v6 v6.0.56/go.mod h1:KQMM+/44DSlSGSQWSfRrAZ12FVMmpWNuX37i2AX0jfI=
 github.com/minio/minio-go/v7 v7.0.2/go.mod h1:dJ80Mv2HeGkYLH1sqS/ksz07ON6csH3S6JUMSQ2zAns=
-github.com/minio/minio-go/v7 v7.0.10 h1:1oUKe4EOPUEhw2qnPQaPsJ0lmVTYLFu03SiItauXs94=
 github.com/minio/minio-go/v7 v7.0.10/go.mod h1:td4gW1ldOsj1PbSNS+WYK43j+P1XVhX/8W8awaYlBFo=
+github.com/minio/minio-go/v7 v7.0.16-0.20211116163909-d00629356463 h1:SXUyVAheCoi5HvKsrKWzMxMi5eCfZctZcEpJVgFKaMM=
+github.com/minio/minio-go/v7 v7.0.16-0.20211116163909-d00629356463/go.mod h1:pUV0Pc+hPd1nccgmzQF/EXh48l/Z/yps6QPF1aaie4g=
 github.com/minio/sha256-simd v0.1.1 h1:5QHSlgo3nt5yKOJrC7W8w7X+NFl8cMPZm96iu8kKUJU=
 github.com/minio/sha256-simd v0.1.1/go.mod h1:B5e1o+1/KgNmWrSQK08Y6Z1Vb5pwIktudl0J58iy0KM=
 github.com/mistifyio/go-zfs v2.1.2-0.20190413222219-f784269be439+incompatible/go.mod h1:8AuVvqP/mXw1px98n46wfvcGfQ4ci2FwoAjKYxuo3Z4=
@@ -1413,6 +1432,7 @@ github.com/moby/sys/mountinfo v0.4.1/go.mod h1:rEr8tzG/lsIZHBtN/JjGG+LMYx9eXgW2J
 github.com/moby/sys/symlink v0.1.0/go.mod h1:GGDODQmbFOjFsXvfLVn3+ZRxkch54RkSiGqsZeMYowQ=
 github.com/moby/term v0.0.0-20200312100748-672ec06f55cd/go.mod h1:DdlQx2hp0Ss5/fLikoLlEeIYiATotOjgB//nb973jeo=
 github.com/moby/term v0.0.0-20201216013528-df9cb8a40635/go.mod h1:FBS0z0QWA44HXygs7VXDUOGoN/1TV3RuWkLO04am3wc=
+github.com/moby/term v0.0.0-20210619224110-3f7ff695adc6/go.mod h1:E2VnQOmVuvZB6UYnnDB0qG5Nq/1tD9acaOpo6xmt0Kw=
 github.com/modern-go/concurrent v0.0.0-20180228061459-e0a39a4cb421/go.mod h1:6dJC0mAP4ikYIbvyc7fijjWJddQyLn8Ig3JB5CqoB9Q=
 github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd h1:TRLaZ9cD/w8PVh93nsPXa1VrQ6jlwL5oN8l14QlcNfg=
 github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd/go.mod h1:6dJC0mAP4ikYIbvyc7fijjWJddQyLn8Ig3JB5CqoB9Q=
@@ -1525,14 +1545,17 @@ github.com/opencontainers/runc v0.1.1/go.mod h1:qT5XzbpPznkRYVz/mWwUaVBUv2rmF59P
 github.com/opencontainers/runc v1.0.0-rc8.0.20190926000215-3e425f80a8c9/go.mod h1:qT5XzbpPznkRYVz/mWwUaVBUv2rmF59PVA73FjuZG0U=
 github.com/opencontainers/runc v1.0.0-rc9/go.mod h1:qT5XzbpPznkRYVz/mWwUaVBUv2rmF59PVA73FjuZG0U=
 github.com/opencontainers/runc v1.0.0-rc93/go.mod h1:3NOsor4w32B2tC0Zbl8Knk4Wg84SM2ImC1fxBuqJ/H0=
+github.com/opencontainers/runc v1.0.2/go.mod h1:aTaHFFwQXuA71CiyxOdFFIorAoemI04suvGRQFzWTD0=
 github.com/opencontainers/runtime-spec v0.1.2-0.20190507144316-5b71a03e2700/go.mod h1:jwyrGlmzljRJv/Fgzds9SsS/C5hL+LL3ko9hs6T5lQ0=
 github.com/opencontainers/runtime-spec v1.0.1/go.mod h1:jwyrGlmzljRJv/Fgzds9SsS/C5hL+LL3ko9hs6T5lQ0=
 github.com/opencontainers/runtime-spec v1.0.2-0.20190207185410-29686dbc5559/go.mod h1:jwyrGlmzljRJv/Fgzds9SsS/C5hL+LL3ko9hs6T5lQ0=
 github.com/opencontainers/runtime-spec v1.0.2/go.mod h1:jwyrGlmzljRJv/Fgzds9SsS/C5hL+LL3ko9hs6T5lQ0=
 github.com/opencontainers/runtime-spec v1.0.3-0.20200929063507-e6143ca7d51d/go.mod h1:jwyrGlmzljRJv/Fgzds9SsS/C5hL+LL3ko9hs6T5lQ0=
+github.com/opencontainers/runtime-spec v1.0.3-0.20210326190908-1c3f411f0417/go.mod h1:jwyrGlmzljRJv/Fgzds9SsS/C5hL+LL3ko9hs6T5lQ0=
 github.com/opencontainers/runtime-tools v0.0.0-20181011054405-1d69bd0f9c39/go.mod h1:r3f7wjNzSs2extwzU3Y+6pKfobzPh+kKFJ3ofN+3nfs=
 github.com/opencontainers/selinux v1.6.0/go.mod h1:VVGKuOLlE7v4PJyT6h7mNWvq1rzqiriPsEqVhc+svHE=
 github.com/opencontainers/selinux v1.8.0/go.mod h1:RScLhm78qiWa2gbVCcGkC7tCGdgk3ogry1nUQF8Evvo=
+github.com/opencontainers/selinux v1.8.2/go.mod h1:MUIHuUEvKB1wtJjQdOyYRgOnLD2xAPP8dBsCoU0KuF8=
 github.com/opentracing-contrib/go-grpc v0.0.0-20180928155321-4b5a12d3ff02/go.mod h1:JNdpVEzCpXBgIiv4ds+TzhN1hrtxq6ClLrTlT9OQRSc=
 github.com/opentracing-contrib/go-grpc v0.0.0-20191001143057-db30781987df/go.mod h1:DYR5Eij8rJl8h7gblRrOZ8g0kW1umSpKqYIBTgeDtLo=
 github.com/opentracing-contrib/go-grpc v0.0.0-20210225150812-73cb765af46e h1:4cPxUYdgaGzZIT5/j0IfqOrrXmq6bG8AwvwisMXpdrg=
@@ -1659,7 +1682,6 @@ github.com/prometheus/common v0.26.0/go.mod h1:M7rCNAaPfAosfx8veZJCuw84e35h3Cfd9
 github.com/prometheus/common v0.28.0/go.mod h1:vu+V0TpY+O6vW9J44gczi3Ap/oXXR10b+M/gUGO4Hls=
 github.com/prometheus/common v0.29.0/go.mod h1:vu+V0TpY+O6vW9J44gczi3Ap/oXXR10b+M/gUGO4Hls=
 github.com/prometheus/common v0.30.0/go.mod h1:vu+V0TpY+O6vW9J44gczi3Ap/oXXR10b+M/gUGO4Hls=
-github.com/prometheus/common v0.31.1/go.mod h1:vu+V0TpY+O6vW9J44gczi3Ap/oXXR10b+M/gUGO4Hls=
 github.com/prometheus/common v0.32.1 h1:hWIdL3N2HoUx3B8j3YN9mWor0qhY/NlEKZEaXxuIRh4=
 github.com/prometheus/common v0.32.1/go.mod h1:vu+V0TpY+O6vW9J44gczi3Ap/oXXR10b+M/gUGO4Hls=
 github.com/prometheus/common/sigv4 v0.1.0 h1:qoVebwtwwEhS85Czm2dSROY5fTo2PAPEVdDeppTwGX4=
@@ -1667,6 +1689,7 @@ github.com/prometheus/common/sigv4 v0.1.0/go.mod h1:2Jkxxk9yYvCkE5G1sQT7GuEXm57J
 github.com/prometheus/exporter-toolkit v0.5.0/go.mod h1:OCkM4805mmisBhLmVFw858QYi3v0wKdY6/UxrT0pZVg=
 github.com/prometheus/exporter-toolkit v0.5.1/go.mod h1:OCkM4805mmisBhLmVFw858QYi3v0wKdY6/UxrT0pZVg=
 github.com/prometheus/exporter-toolkit v0.6.1/go.mod h1:ZUBIj498ePooX9t/2xtDjeQYwvRpiPP2lh5u4iblj2g=
+github.com/prometheus/exporter-toolkit v0.7.0/go.mod h1:ZUBIj498ePooX9t/2xtDjeQYwvRpiPP2lh5u4iblj2g=
 github.com/prometheus/node_exporter v1.0.0-rc.0.0.20200428091818-01054558c289 h1:dTUS1vaLWq+Y6XKOTnrFpoVsQKLCbCp1OLj24TDi7oM=
 github.com/prometheus/node_exporter v1.0.0-rc.0.0.20200428091818-01054558c289/go.mod h1:FGbBv5OPKjch+jNUJmEQpMZytIdyW0NdBtWFcfSKusc=
 github.com/prometheus/procfs v0.0.0-20180125133057-cb4147076ac7/go.mod h1:c3At6R/oaqEKCNdg8wHV1ftS6bRYblBhIjjI8uT2IGk=
@@ -1706,8 +1729,8 @@ github.com/prometheus/prometheus v1.8.2-0.20210215121130-6f488061dfb4/go.mod h1:
 github.com/prometheus/prometheus v1.8.2-0.20210315220929-1cba1741828b/go.mod h1:MS/bpdil77lPbfQeKk6OqVQ9OLnpN3Rszd0hka0EOWE=
 github.com/prometheus/prometheus v1.8.2-0.20210324152458-c7a62b95cea0/go.mod h1:sf7j/iAbhZahjeC0s3wwMmp5dksrJ/Za1UKdR+j6Hmw=
 github.com/prometheus/prometheus v1.8.2-0.20210519120135-d95b0972505f/go.mod h1:yUzDYX0hIYu5YVHmpj/JXLOclB6QcLNDgmagD3FUnSU=
-github.com/prometheus/prometheus v1.8.2-0.20211011171444-354d8d2ecfac h1:emphJoDK6yZ1GxyFbyYa7ByoWkl3dXfOmPvHAy0L0XI=
-github.com/prometheus/prometheus v1.8.2-0.20211011171444-354d8d2ecfac/go.mod h1:wP6L5BiOZ1JZYadRh17u5RujSS19zNSGZfGUi/MZUpM=
+github.com/prometheus/prometheus v1.8.2-0.20211119115433-692a54649ed7 h1:8rwRA5BKEAWtawaP4ozroDm3xMDrp9POAoT3HkQ3ZHw=
+github.com/prometheus/prometheus v1.8.2-0.20211119115433-692a54649ed7/go.mod h1:outfylaI89+D5IO87TRPRmxfucIobTO3Rb0l2TKqpj0=
 github.com/prometheus/statsd_exporter v0.21.0/go.mod h1:rbT83sZq2V+p73lHhPZfMc3MLCHmSHelCh9hSGYNLTQ=
 github.com/prometheus/tsdb v0.7.1/go.mod h1:qhTCs0VvXwvX/y3TZrWD7rabWM+ijKTux40TwIPHuXU=
 github.com/rabbitmq/amqp091-go v1.1.0/go.mod h1:ogQDLSOACsLPsIq0NpbtiifNZi2YOz0VTJ0kHRghqbM=
@@ -1784,7 +1807,7 @@ github.com/smartystreets/assertions v0.0.0-20180927180507-b2de0cb4f26d/go.mod h1
 github.com/smartystreets/assertions v1.0.1/go.mod h1:kHHU4qYBaI3q23Pp3VPrmWhuIUrLW/7eUrw0BU5VaoM=
 github.com/smartystreets/goconvey v0.0.0-20190330032615-68dc04aab96a/go.mod h1:syvi0/a8iFYH4r/RixwvyeAJjdLS9QV7WQ/tjFTllLA=
 github.com/smartystreets/goconvey v1.6.4/go.mod h1:syvi0/a8iFYH4r/RixwvyeAJjdLS9QV7WQ/tjFTllLA=
-github.com/snowflakedb/gosnowflake v1.3.4/go.mod h1:NsRq2QeiMUuoNUJhp5Q6xGC4uBrsS9g6LwZVEkTWgsE=
+github.com/snowflakedb/gosnowflake v1.3.13/go.mod h1:6nfka9aTXkUNha1p1cjeeyjDvcyh7jfjp0l8kGpDBok=
 github.com/soheilhy/cmux v0.1.4/go.mod h1:IM3LyeVVIOuxMH7sFAkER9+bJ4dT7Ms6E4xg4kGIyLM=
 github.com/soheilhy/cmux v0.1.5-0.20210205191134-5ec6847320e5/go.mod h1:T7TcVDs9LWfQgPlPsdngu6I6QIoyIFZDDC6sNE1GqG0=
 github.com/soheilhy/cmux v0.1.5/go.mod h1:T7TcVDs9LWfQgPlPsdngu6I6QIoyIFZDDC6sNE1GqG0=
@@ -1797,7 +1820,6 @@ github.com/spaolacci/murmur3 v1.1.0/go.mod h1:JwIasOWyU6f++ZhiEuf87xNszmSA2myDM2
 github.com/spf13/afero v1.1.2/go.mod h1:j4pytiNVoe2o6bmDsKpLACNPDBIoEAkihy7loJ1B0CQ=
 github.com/spf13/afero v1.2.2/go.mod h1:9ZxEEn6pIJ8Rxe320qSDBk6AsU0r9pR7Q4OcevTdifk=
 github.com/spf13/afero v1.3.3/go.mod h1:5KUK8ByomD5Ti5Artl0RtHeI5pTF7MIDuXL3yY520V4=
-github.com/spf13/afero v1.3.4/go.mod h1:Ai8FlHk4v/PARR026UzYexafAt9roJ7LcLMAmO6Z93I=
 github.com/spf13/afero v1.6.0 h1:xoax2sJ2DT8S8xA2paPFjDCScCNeWsg75VG0DLRreiY=
 github.com/spf13/afero v1.6.0/go.mod h1:Ai8FlHk4v/PARR026UzYexafAt9roJ7LcLMAmO6Z93I=
 github.com/spf13/cast v1.3.0/go.mod h1:Qx5cxh0v+4UWYiBimWS+eyWzqEqokIECu5etghLkUJE=
@@ -1956,6 +1978,7 @@ github.com/yuin/goldmark v1.1.27/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9de
 github.com/yuin/goldmark v1.1.32/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74=
 github.com/yuin/goldmark v1.2.1/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74=
 github.com/yuin/goldmark v1.3.5/go.mod h1:mwnBkeHKe2W/ZEtQ+71ViKU8L12m81fl3OWwC1Zlc8k=
+github.com/yuin/goldmark v1.4.0/go.mod h1:mwnBkeHKe2W/ZEtQ+71ViKU8L12m81fl3OWwC1Zlc8k=
 github.com/yuin/gopher-lua v0.0.0-20200816102855-ee81675732da h1:NimzV1aGyq29m5ukMK0AMWEhFaL/lrEOaephfuoiARg=
 github.com/yuin/gopher-lua v0.0.0-20200816102855-ee81675732da/go.mod h1:E1AXubJBdNmFERAOucpDIxNzeGfLzg0mYh+UfMWdChA=
 github.com/yvasiyarov/go-metrics v0.0.0-20140926110328-57bccd1ccd43/go.mod h1:aX5oPXxHm3bOH+xeAttToC8pqch2ScQN/JoXYupl6xs=
@@ -2004,6 +2027,7 @@ go.mongodb.org/mongo-driver v1.4.4/go.mod h1:WcMNYLx/IlOxLe6JRJiv2uXuCz6zBLndR4S
 go.mongodb.org/mongo-driver v1.4.6/go.mod h1:WcMNYLx/IlOxLe6JRJiv2uXuCz6zBLndR4SoGjYphSc=
 go.mongodb.org/mongo-driver v1.5.1/go.mod h1:gRXCHX4Jo7J0IJ1oDQyUxF7jfy19UfxniMS4xxMmUqw=
 go.mongodb.org/mongo-driver v1.7.3/go.mod h1:NqaYOwnXWr5Pm7AOpO5QFxKJ503nbMse/R79oO62zWg=
+go.mongodb.org/mongo-driver v1.7.5/go.mod h1:VXEWRZ6URJIkUq2SCAyapmhH0ZLRBP+FT4xhp5Zvxng=
 go.mozilla.org/pkcs7 v0.0.0-20200128120323-432b2356ecb1/go.mod h1:SNgMg+EgDFwmvSmLRTNKC5fegJjB7v23qTQ0XLGUNHk=
 go.opencensus.io v0.20.1/go.mod h1:6WKK9ahsWS3RSO+PY9ZHZUfv2irvY6gN279GOPZjmmk=
 go.opencensus.io v0.20.2/go.mod h1:6WKK9ahsWS3RSO+PY9ZHZUfv2irvY6gN279GOPZjmmk=
@@ -2051,8 +2075,9 @@ go.uber.org/automaxprocs v1.2.0/go.mod h1:YfO3fm683kQpzETxlTGZhGIVmXAhaw3gxeBADb
 go.uber.org/automaxprocs v1.4.0/go.mod h1:/mTEdr7LvHhs0v7mjdxDreTz1OG5zdZGqgOnhWiR/+Q=
 go.uber.org/goleak v1.0.0/go.mod h1:8a7PlsEVH3e/a/GLqe5IIrQx6GzcnRmZEufDUTk4A7A=
 go.uber.org/goleak v1.1.10/go.mod h1:8a7PlsEVH3e/a/GLqe5IIrQx6GzcnRmZEufDUTk4A7A=
-go.uber.org/goleak v1.1.11-0.20210813005559-691160354723 h1:sHOAIxRGBp443oHZIPB+HsUGaksVCXVQENPxwTfQdH4=
 go.uber.org/goleak v1.1.11-0.20210813005559-691160354723/go.mod h1:cwTWslyiVhfpKIDGSZEM2HlOvcqm+tG4zioyIeLoqMQ=
+go.uber.org/goleak v1.1.12 h1:gZAh5/EyT/HQwlpkCy6wTpqfH9H8Lz8zbm3dZh+OyzA=
+go.uber.org/goleak v1.1.12/go.mod h1:cwTWslyiVhfpKIDGSZEM2HlOvcqm+tG4zioyIeLoqMQ=
 go.uber.org/multierr v1.1.0/go.mod h1:wR5kodmAFQ0UK8QlbwjlSNy0Z68gJhDJUG5sjR94q/0=
 go.uber.org/multierr v1.3.0/go.mod h1:VgVr7evmIr6uPjLBxg28wmKNXyqE9akIJ5XnfpiKl+4=
 go.uber.org/multierr v1.4.0/go.mod h1:VgVr7evmIr6uPjLBxg28wmKNXyqE9akIJ5XnfpiKl+4=
@@ -2099,6 +2124,7 @@ golang.org/x/crypto v0.0.0-20191206172530-e9b2fee46413/go.mod h1:LzIPMQfyMNhhGPh
 golang.org/x/crypto v0.0.0-20200302210943-78000ba7a073/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto=
 golang.org/x/crypto v0.0.0-20200323165209-0ec3e9974c59/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto=
 golang.org/x/crypto v0.0.0-20200422194213-44a606286825/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto=
+golang.org/x/crypto v0.0.0-20200510223506-06a226fb4e37/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto=
 golang.org/x/crypto v0.0.0-20200622213623-75b288015ac9/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto=
 golang.org/x/crypto v0.0.0-20200709230013-948cd5f35899/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto=
 golang.org/x/crypto v0.0.0-20200728195943-123391ffb6de/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto=
@@ -2106,6 +2132,7 @@ golang.org/x/crypto v0.0.0-20200820211705-5c72a883971a/go.mod h1:LzIPMQfyMNhhGPh
 golang.org/x/crypto v0.0.0-20201002170205-7f63de1d35b0/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto=
 golang.org/x/crypto v0.0.0-20201112155050-0c6587e931a9/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto=
 golang.org/x/crypto v0.0.0-20201208171446-5f87f3452ae9/go.mod h1:jdWPYTVW3xRLrWPugEBEK3UY2ZEsg3UU495nc5E+M+I=
+golang.org/x/crypto v0.0.0-20201216223049-8b5274cf687f/go.mod h1:jdWPYTVW3xRLrWPugEBEK3UY2ZEsg3UU495nc5E+M+I=
 golang.org/x/crypto v0.0.0-20201221181555-eec23a3978ad/go.mod h1:jdWPYTVW3xRLrWPugEBEK3UY2ZEsg3UU495nc5E+M+I=
 golang.org/x/crypto v0.0.0-20210314154223-e6e6c4f2bb5b/go.mod h1:T9bdIzuCu7OtxOm1hfPfRQxPLYneinmdGuTeoZ9dtd4=
 golang.org/x/crypto v0.0.0-20210322153248-0c34fe9e7dc2/go.mod h1:T9bdIzuCu7OtxOm1hfPfRQxPLYneinmdGuTeoZ9dtd4=
@@ -2113,8 +2140,9 @@ golang.org/x/crypto v0.0.0-20210513164829-c07d793c2f9a/go.mod h1:P+XmwS30IXTQdn5
 golang.org/x/crypto v0.0.0-20210616213533-5ff15b29337e/go.mod h1:GvvjBRRGRdwPK5ydBHafDWAxML/pGHZbMvKqRZ5+Abc=
 golang.org/x/crypto v0.0.0-20210817164053-32db794688a5/go.mod h1:GvvjBRRGRdwPK5ydBHafDWAxML/pGHZbMvKqRZ5+Abc=
 golang.org/x/crypto v0.0.0-20210915214749-c084706c2272/go.mod h1:GvvjBRRGRdwPK5ydBHafDWAxML/pGHZbMvKqRZ5+Abc=
-golang.org/x/crypto v0.0.0-20210920023735-84f357641f63 h1:kETrAMYZq6WVGPa8IIixL0CaEcIUNi+1WX7grUoi3y8=
 golang.org/x/crypto v0.0.0-20210920023735-84f357641f63/go.mod h1:GvvjBRRGRdwPK5ydBHafDWAxML/pGHZbMvKqRZ5+Abc=
+golang.org/x/crypto v0.0.0-20210921155107-089bfa567519 h1:7I4JAnoQBe7ZtJcBaYHi5UtiO8tQHbUSXxL+pnGRANg=
+golang.org/x/crypto v0.0.0-20210921155107-089bfa567519/go.mod h1:GvvjBRRGRdwPK5ydBHafDWAxML/pGHZbMvKqRZ5+Abc=
 golang.org/x/exp v0.0.0-20180321215751-8460e604b9de/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA=
 golang.org/x/exp v0.0.0-20180807140117-3d87b88a115f/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA=
 golang.org/x/exp v0.0.0-20190121172915-509febef88a4/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA=
@@ -2157,6 +2185,7 @@ golang.org/x/mod v0.3.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA=
 golang.org/x/mod v0.4.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA=
 golang.org/x/mod v0.4.1/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA=
 golang.org/x/mod v0.4.2/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA=
+golang.org/x/mod v0.5.0/go.mod h1:5OXOZSfqPIIbmVBIIKWRFfZjPR0E5r58TLhUjH0a2Ro=
 golang.org/x/net v0.0.0-20170114055629-f2499483f923/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4=
 golang.org/x/net v0.0.0-20180530234432-1e491301e022/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4=
 golang.org/x/net v0.0.0-20180724234803-3673e40ba225/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4=
@@ -2233,9 +2262,12 @@ golang.org/x/net v0.0.0-20210525063256-abc453219eb5/go.mod h1:9nx3DQGgdP8bBQD5qx
 golang.org/x/net v0.0.0-20210610132358-84b48f89b13b/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y=
 golang.org/x/net v0.0.0-20210614182718-04defd469f4e/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y=
 golang.org/x/net v0.0.0-20210726213435-c6fcb2dbf985/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y=
-golang.org/x/net v0.0.0-20210903162142-ad29c8ab022f/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y=
-golang.org/x/net v0.0.0-20210917221730-978cfadd31cf h1:R150MpwJIv1MpS0N/pc+NhTM8ajzvlmxlY5OYsrevXQ=
+golang.org/x/net v0.0.0-20210805182204-aaa1db679c0d/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y=
+golang.org/x/net v0.0.0-20210813160813-60bc85c4be6d/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y=
 golang.org/x/net v0.0.0-20210917221730-978cfadd31cf/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y=
+golang.org/x/net v0.0.0-20211020060615-d418f374d309/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y=
+golang.org/x/net v0.0.0-20211123203042-d83791d6bcd9 h1:0qxwC5n+ttVOINCBeRHO0nq9X7uy8SDsPoi5OaCdIEI=
+golang.org/x/net v0.0.0-20211123203042-d83791d6bcd9/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y=
 golang.org/x/oauth2 v0.0.0-20180821212333-d2e6202438be/go.mod h1:N/0e6XlmueqKjAGxoOufVs8QHGRruUQn6yWY3a++T0U=
 golang.org/x/oauth2 v0.0.0-20181106182150-f42d05182288/go.mod h1:N/0e6XlmueqKjAGxoOufVs8QHGRruUQn6yWY3a++T0U=
 golang.org/x/oauth2 v0.0.0-20190226205417-e64efc72b421/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw=
@@ -2257,8 +2289,9 @@ golang.org/x/oauth2 v0.0.0-20210514164344-f6687ab2804c/go.mod h1:KelEdhl1UZF7XfJ
 golang.org/x/oauth2 v0.0.0-20210628180205-a41e5a781914/go.mod h1:KelEdhl1UZF7XfJ4dDtk6s++YSgaE7mD/BuKKDLBl4A=
 golang.org/x/oauth2 v0.0.0-20210805134026-6f1e6394065a/go.mod h1:KelEdhl1UZF7XfJ4dDtk6s++YSgaE7mD/BuKKDLBl4A=
 golang.org/x/oauth2 v0.0.0-20210819190943-2bc19b11175f/go.mod h1:KelEdhl1UZF7XfJ4dDtk6s++YSgaE7mD/BuKKDLBl4A=
-golang.org/x/oauth2 v0.0.0-20211005180243-6b3c2da341f1 h1:B333XXssMuKQeBwiNODx4TupZy7bf4sxFZnN2ZOcvUE=
 golang.org/x/oauth2 v0.0.0-20211005180243-6b3c2da341f1/go.mod h1:KelEdhl1UZF7XfJ4dDtk6s++YSgaE7mD/BuKKDLBl4A=
+golang.org/x/oauth2 v0.0.0-20211104180415-d3ed0bb246c8 h1:RerP+noqYHUQ8CMRcPlC2nvTa4dcBIjegkuWdcUDuqg=
+golang.org/x/oauth2 v0.0.0-20211104180415-d3ed0bb246c8/go.mod h1:KelEdhl1UZF7XfJ4dDtk6s++YSgaE7mD/BuKKDLBl4A=
 golang.org/x/sync v0.0.0-20180314180146-1d60e4601c6f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
 golang.org/x/sync v0.0.0-20181108010431-42b317875d0f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
 golang.org/x/sync v0.0.0-20181221193216-37e7f081c4d4/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
@@ -2401,6 +2434,7 @@ golang.org/x/sys v0.0.0-20210403161142-5e06dd20ab57/go.mod h1:h1NjWce9XRLGQEsW7w
 golang.org/x/sys v0.0.0-20210420072515-93ed5bcd2bfe/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
 golang.org/x/sys v0.0.0-20210423082822-04245dca01da/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
 golang.org/x/sys v0.0.0-20210423185535-09eb48e85fd7/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
+golang.org/x/sys v0.0.0-20210426230700-d19ff857e887/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
 golang.org/x/sys v0.0.0-20210503080704-8803ae5d1324/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
 golang.org/x/sys v0.0.0-20210503173754-0981d6026fa6/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
 golang.org/x/sys v0.0.0-20210510120138-977fb7262007/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
@@ -2412,13 +2446,17 @@ golang.org/x/sys v0.0.0-20210615035016-665e8c7367d1/go.mod h1:oPkhp1MJrh7nUepCBc
 golang.org/x/sys v0.0.0-20210616094352-59db8d763f22/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
 golang.org/x/sys v0.0.0-20210630005230-0f9fa26af87c/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
 golang.org/x/sys v0.0.0-20210806184541-e5e7981a1069/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
+golang.org/x/sys v0.0.0-20210809222454-d867a43fc93e/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
 golang.org/x/sys v0.0.0-20210816074244-15123e1e1f71/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
+golang.org/x/sys v0.0.0-20210816183151-1e6c022a8912/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
 golang.org/x/sys v0.0.0-20210823070655-63515b42dcdf/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
-golang.org/x/sys v0.0.0-20210906170528-6f6e22806c34/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
 golang.org/x/sys v0.0.0-20210908233432-aa78b53d3365/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
 golang.org/x/sys v0.0.0-20210917161153-d61c044b1678/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
-golang.org/x/sys v0.0.0-20211013075003-97ac67df715c h1:taxlMj0D/1sOAuv/CbSD+MMDof2vbyPTqz5FNYKpXt8=
+golang.org/x/sys v0.0.0-20211007075335-d3039528d8ac/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
 golang.org/x/sys v0.0.0-20211013075003-97ac67df715c/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
+golang.org/x/sys v0.0.0-20211025201205-69cdffdb9359/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
+golang.org/x/sys v0.0.0-20211124211545-fe61309f8881 h1:TyHqChC80pFkXWraUUf6RuB5IqFdQieMLwwCJokV2pc=
+golang.org/x/sys v0.0.0-20211124211545-fe61309f8881/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
 golang.org/x/term v0.0.0-20201117132131-f5c789dd3221/go.mod h1:Nr5EML6q2oocZ2LXRh80K7BxOlk5/8JxuGnuhpl+muw=
 golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo=
 golang.org/x/text v0.0.0-20160726164857-2910a502d2bf/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
@@ -2443,8 +2481,9 @@ golang.org/x/time v0.0.0-20200630173020-3af7569d3a1e/go.mod h1:tRJNPiyCQ0inRvYxb
 golang.org/x/time v0.0.0-20201208040808-7e3f01d25324/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ=
 golang.org/x/time v0.0.0-20210220033141-f8bda1e9f3ba/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ=
 golang.org/x/time v0.0.0-20210611083556-38a9dc6acbc6/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ=
-golang.org/x/time v0.0.0-20210723032227-1f47c861a9ac h1:7zkz7BUtwNFFqcowJ+RIgu2MaV/MapERkDIy+mwPyjs=
 golang.org/x/time v0.0.0-20210723032227-1f47c861a9ac/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ=
+golang.org/x/time v0.0.0-20211116232009-f0f3c7e86c11 h1:GZokNIeuVkl3aZHJchRrr13WCsols02MLUcz1U9is6M=
+golang.org/x/time v0.0.0-20211116232009-f0f3c7e86c11/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ=
 golang.org/x/tools v0.0.0-20180221164845-07fd8470d635/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ=
 golang.org/x/tools v0.0.0-20180525024113-a5b4c53f6e8b/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ=
 golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ=
@@ -2513,7 +2552,6 @@ golang.org/x/tools v0.0.0-20200509030707-2212a7e161a5/go.mod h1:EkVYQZoAsY45+roY
 golang.org/x/tools v0.0.0-20200512131952-2bc93b1c0c88/go.mod h1:EkVYQZoAsY45+roYkvgYkIh4xh/qjgUK9TdY2XT94GE=
 golang.org/x/tools v0.0.0-20200513201620-d5fe73897c97/go.mod h1:EkVYQZoAsY45+roYkvgYkIh4xh/qjgUK9TdY2XT94GE=
 golang.org/x/tools v0.0.0-20200515010526-7d3b6ebf133d/go.mod h1:EkVYQZoAsY45+roYkvgYkIh4xh/qjgUK9TdY2XT94GE=
-golang.org/x/tools v0.0.0-20200522201501-cb1345f3a375/go.mod h1:EkVYQZoAsY45+roYkvgYkIh4xh/qjgUK9TdY2XT94GE=
 golang.org/x/tools v0.0.0-20200603131246-cc40288be839/go.mod h1:EkVYQZoAsY45+roYkvgYkIh4xh/qjgUK9TdY2XT94GE=
 golang.org/x/tools v0.0.0-20200618134242-20370b0cb4b2/go.mod h1:EkVYQZoAsY45+roYkvgYkIh4xh/qjgUK9TdY2XT94GE=
 golang.org/x/tools v0.0.0-20200619180055-7c47624df98f/go.mod h1:EkVYQZoAsY45+roYkvgYkIh4xh/qjgUK9TdY2XT94GE=
@@ -2540,8 +2578,9 @@ golang.org/x/tools v0.1.1/go.mod h1:o0xws9oXOQQZyjljx8fwUC0k7L1pTE6eaCbjGeHmOkk=
 golang.org/x/tools v0.1.2/go.mod h1:o0xws9oXOQQZyjljx8fwUC0k7L1pTE6eaCbjGeHmOkk=
 golang.org/x/tools v0.1.3/go.mod h1:o0xws9oXOQQZyjljx8fwUC0k7L1pTE6eaCbjGeHmOkk=
 golang.org/x/tools v0.1.4/go.mod h1:o0xws9oXOQQZyjljx8fwUC0k7L1pTE6eaCbjGeHmOkk=
-golang.org/x/tools v0.1.5 h1:ouewzE6p+/VEB31YYnTbEJdi8pFqKp4P4n85vwo3DHA=
 golang.org/x/tools v0.1.5/go.mod h1:o0xws9oXOQQZyjljx8fwUC0k7L1pTE6eaCbjGeHmOkk=
+golang.org/x/tools v0.1.7 h1:6j8CgantCy3yc8JGBqkDLMKWqZ0RDU2g1HVgacojGWQ=
+golang.org/x/tools v0.1.7/go.mod h1:LGqMHiF4EqQNHR1JncWGqT5BVaXmza+X+BDGol+dOxo=
 golang.org/x/xerrors v0.0.0-20190717185122-a985d3407aa7/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
 golang.org/x/xerrors v0.0.0-20191011141410-1b5146add898/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
 golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
@@ -2592,8 +2631,9 @@ google.golang.org/api v0.54.0/go.mod h1:7C4bFFOvVDGXjfDTAsgGwDgAxRDeQ4X8NvUedIt6
 google.golang.org/api v0.55.0/go.mod h1:38yMfeP1kfjsl8isn0tliTjIb1rJXcQi4UXlbqivdVE=
 google.golang.org/api v0.56.0/go.mod h1:38yMfeP1kfjsl8isn0tliTjIb1rJXcQi4UXlbqivdVE=
 google.golang.org/api v0.57.0/go.mod h1:dVPlbZyBo2/OjBpmvNdpn2GRm6rPy75jyU7bmhdrMgI=
-google.golang.org/api v0.58.0 h1:MDkAbYIB1JpSgCTOCYYoIec/coMlKK4oVbpnBLLcyT0=
 google.golang.org/api v0.58.0/go.mod h1:cAbP2FsxoGVNwtgNAmmn3y5G1TWAiVYRmg4yku3lv+E=
+google.golang.org/api v0.60.0 h1:eq/zs5WPH4J9undYM9IP1O7dSr7Yh8Y0GtSCpzGzIUk=
+google.golang.org/api v0.60.0/go.mod h1:d7rl65NZAkEQ90JFzqBjcRq1TVeG5ZoGV3sSpEnnVb4=
 google.golang.org/appengine v1.2.0/go.mod h1:xpcJRLb0r/rnEns0DIKYYv+WjYCduHsrkT7/EB5XEv4=
 google.golang.org/appengine v1.3.0/go.mod h1:xpcJRLb0r/rnEns0DIKYYv+WjYCduHsrkT7/EB5XEv4=
 google.golang.org/appengine v1.4.0/go.mod h1:xpcJRLb0r/rnEns0DIKYYv+WjYCduHsrkT7/EB5XEv4=
@@ -2685,10 +2725,12 @@ google.golang.org/genproto v0.0.0-20210917145530-b395a37504d4/go.mod h1:eFjDcFEc
 google.golang.org/genproto v0.0.0-20210921142501-181ce0d877f6/go.mod h1:5CzLGKJ67TSI2B9POpiiyGha0AjJvZIUgRMt1dSmuhc=
 google.golang.org/genproto v0.0.0-20210924002016-3dee208752a0/go.mod h1:5CzLGKJ67TSI2B9POpiiyGha0AjJvZIUgRMt1dSmuhc=
 google.golang.org/genproto v0.0.0-20211016002631-37fc39342514/go.mod h1:5CzLGKJ67TSI2B9POpiiyGha0AjJvZIUgRMt1dSmuhc=
-google.golang.org/genproto v0.0.0-20211018162055-cf77aa76bad2 h1:CUp93KYgL06Y/PdI8aRJaFiAHevPIGWQmijSqaUhue8=
 google.golang.org/genproto v0.0.0-20211018162055-cf77aa76bad2/go.mod h1:5CzLGKJ67TSI2B9POpiiyGha0AjJvZIUgRMt1dSmuhc=
-google.golang.org/grpc v1.33.3 h1:VaMn+f1s2DUcJW/nvLfhZqlRl4dWwbZ5GwmAGs823ac=
-google.golang.org/grpc v1.33.3/go.mod h1:JMHMWHQWaTccqQQlmk3MJZS+GWXOdAesneDmEnv2fbc=
+google.golang.org/genproto v0.0.0-20211021150943-2b146023228c/go.mod h1:5CzLGKJ67TSI2B9POpiiyGha0AjJvZIUgRMt1dSmuhc=
+google.golang.org/genproto v0.0.0-20211129164237-f09f9a12af12 h1:DN5b3HU13J4sMd/QjDx34U6afpaexKTDdop+26pdjdk=
+google.golang.org/genproto v0.0.0-20211129164237-f09f9a12af12/go.mod h1:5CzLGKJ67TSI2B9POpiiyGha0AjJvZIUgRMt1dSmuhc=
+google.golang.org/grpc v1.38.0 h1:/9BgsAsa5nWe26HqOlvlgJnqBuktYOLCgjCPqsa56W0=
+google.golang.org/grpc v1.38.0/go.mod h1:NREThFqKR1f3iQ6oBuvc5LadQuXVGo9rkm5ZGrQdJfM=
 google.golang.org/grpc/cmd/protoc-gen-go-grpc v1.1.0/go.mod h1:6Kw0yEErY5E/yWrBtf03jp27GLLJujG4z/JK95pnjjw=
 google.golang.org/protobuf v0.0.0-20200109180630-ec00e32a8dfd/go.mod h1:DFci5gLYBciE7Vtevhsrf46CRTquxDuWsQurQQe4oz8=
 google.golang.org/protobuf v0.0.0-20200221191635-4d8936d0db64/go.mod h1:kwYJMbMJ01Woi6D6+Kah6886xMZcty6N08ah7+eCXa0=
@@ -2783,7 +2825,7 @@ k8s.io/apimachinery v0.20.4/go.mod h1:WlLqWAHZGg07AeltaI0MV5uk1Omp8xaN0JGLY6gkRp
 k8s.io/apimachinery v0.20.5/go.mod h1:WlLqWAHZGg07AeltaI0MV5uk1Omp8xaN0JGLY6gkRpU=
 k8s.io/apimachinery v0.20.6/go.mod h1:ejZXtW1Ra6V1O5H8xPBGz+T3+4gfkTCeExAHKU57MAc=
 k8s.io/apimachinery v0.21.0/go.mod h1:jbreFvJo3ov9rj7eWT7+sYiRx+qZuCYXwWT1bcDswPY=
-k8s.io/apimachinery v0.22.1/go.mod h1:O3oNtNadZdeOMxHFVxOreoznohCpy0z6mocxbZr7oJ0=
+k8s.io/apimachinery v0.22.4/go.mod h1:yU6oA6Gnax9RrxGzVvPFFJ+mpnW6PBSqp0sx0I0HHW0=
 k8s.io/apiserver v0.20.1/go.mod h1:ro5QHeQkgMS7ZGpvf4tSMx6bBOgPfE+f52KwvXfScaU=
 k8s.io/apiserver v0.20.4/go.mod h1:Mc80thBKOyy7tbvFtB4kJv1kbdD0eIH8k8vianJcbFM=
 k8s.io/apiserver v0.20.6/go.mod h1:QIJXNt6i6JB+0YQRNcS0hdRHJlMhflFmsBDeSgT1r8Q=
@@ -2809,7 +2851,7 @@ k8s.io/klog/v2 v2.4.0/go.mod h1:Od+F08eJP+W3HUb4pSrPpgp9DGU4GzlpG/TmITuYh/Y=
 k8s.io/klog/v2 v2.5.0/go.mod h1:hy9LJ/NvuK+iVyP4Ehqva4HxZG/oXyIS3n3Jmire4Ec=
 k8s.io/klog/v2 v2.8.0/go.mod h1:hy9LJ/NvuK+iVyP4Ehqva4HxZG/oXyIS3n3Jmire4Ec=
 k8s.io/klog/v2 v2.9.0/go.mod h1:hy9LJ/NvuK+iVyP4Ehqva4HxZG/oXyIS3n3Jmire4Ec=
-k8s.io/klog/v2 v2.10.0/go.mod h1:hy9LJ/NvuK+iVyP4Ehqva4HxZG/oXyIS3n3Jmire4Ec=
+k8s.io/klog/v2 v2.20.0/go.mod h1:Gm8eSIfQN6457haJuPaMxZw4wyP5k+ykPFlrhQDvhvw=
 k8s.io/kube-openapi v0.0.0-20190709113604-33be087ad058/go.mod h1:nfDlWeOsu3pUf4yWGL+ERqohP4YsZcBJXWMK+gkzOA4=
 k8s.io/kube-openapi v0.0.0-20190722073852-5e22f3d471e6/go.mod h1:RZvgC8MSN6DjiMV6oIfEE9pDL9CYXokkfaCKZeHm3nc=
 k8s.io/kube-openapi v0.0.0-20191107075043-30be4d16710a/go.mod h1:1TqjTSzOxsLGIKfj0lK8EeCP7K1iUG65v09OM0/WG5E=
@@ -2818,7 +2860,7 @@ k8s.io/kube-openapi v0.0.0-20200410145947-61e04a5be9a6/go.mod h1:GRQhZsXIAJ1xR0C
 k8s.io/kube-openapi v0.0.0-20200805222855-6aeccd4b50c6/go.mod h1:UuqjUnNftUyPE5H64/qeyjQoUZhGpeFDVdxjTeEVN2o=
 k8s.io/kube-openapi v0.0.0-20201113171705-d219536bb9fd/go.mod h1:WOJ3KddDSol4tAGcJo0Tvi+dK12EcqSLqcWsryKMpfM=
 k8s.io/kube-openapi v0.0.0-20210305001622-591a79e4bda7/go.mod h1:wXW5VT87nVfh/iLV8FpR2uDvrFyomxbtb1KivDbvPTE=
-k8s.io/kube-openapi v0.0.0-20210421082810-95288971da7e/go.mod h1:vHXdDvt9+2spS2Rx9ql3I8tycm3H9FDfdUoIuKCefvw=
+k8s.io/kube-openapi v0.0.0-20211109043538-20434351676c/go.mod h1:vHXdDvt9+2spS2Rx9ql3I8tycm3H9FDfdUoIuKCefvw=
 k8s.io/kubernetes v1.13.0/go.mod h1:ocZa8+6APFNC2tX1DZASIbocyYT5jHzqFVsY5aoB7Jk=
 k8s.io/utils v0.0.0-20190809000727-6c36bc71fc4a/go.mod h1:sZAwmy6armz5eXlNoLmJcl4F1QuKu7sr+mFQ0byX7Ew=
 k8s.io/utils v0.0.0-20191114200735-6ca3b61696b6/go.mod h1:sZAwmy6armz5eXlNoLmJcl4F1QuKu7sr+mFQ0byX7Ew=
diff --git a/go.mod b/go.mod
index 72e3f339585..4157f264bb8 100644
--- a/go.mod
+++ b/go.mod
@@ -8,9 +8,9 @@ require (
 	github.com/Azure/azure-pipeline-go v0.2.3
 	github.com/Azure/azure-storage-blob-go v0.13.0
 	github.com/alecthomas/kong v0.2.11
-	github.com/aws/aws-sdk-go v1.42.9
+	github.com/aws/aws-sdk-go v1.42.16
 	github.com/cespare/xxhash v1.1.0
-	github.com/cortexproject/cortex v1.10.1-0.20211104100946-3f329a21cad4
+	github.com/cortexproject/cortex v1.10.1-0.20211214110443-07d6cfc4eb84
 	github.com/cristalhq/hedgedhttp v0.7.0
 	github.com/drone/envsubst v1.0.3
 	github.com/dustin/go-humanize v1.0.0
@@ -33,7 +33,7 @@ require (
 	github.com/jedib0t/go-pretty/v6 v6.2.4
 	github.com/jsternberg/zap-logfmt v1.2.0
 	github.com/klauspost/compress v1.13.6
-	github.com/minio/minio-go/v7 v7.0.10
+	github.com/minio/minio-go/v7 v7.0.16-0.20211116163909-d00629356463
 	github.com/olekukonko/tablewriter v0.0.2
 	github.com/open-telemetry/opentelemetry-collector-contrib/pkg/translator/jaeger v0.40.0
 	github.com/open-telemetry/opentelemetry-collector-contrib/receiver/jaegerreceiver v0.40.0
@@ -47,7 +47,7 @@ require (
 	github.com/prometheus/client_golang v1.11.0
 	github.com/prometheus/client_model v0.2.0
 	github.com/prometheus/common v0.32.1
-	github.com/prometheus/prometheus v1.8.2-0.20211011171444-354d8d2ecfac
+	github.com/prometheus/prometheus v1.8.2-0.20211119115433-692a54649ed7
 	github.com/prometheus/statsd_exporter v0.21.0 // indirect
 	github.com/segmentio/fasthash v0.0.0-20180216231524-a72b379d632e
 	github.com/sirupsen/logrus v1.8.1
@@ -69,12 +69,13 @@ require (
 	go.opentelemetry.io/otel/sdk v1.2.0
 	go.opentelemetry.io/otel/trace v1.2.0
 	go.uber.org/atomic v1.9.0
-	go.uber.org/goleak v1.1.11-0.20210813005559-691160354723
+	go.uber.org/goleak v1.1.12
 	go.uber.org/multierr v1.7.0
 	go.uber.org/zap v1.19.1
-	golang.org/x/time v0.0.0-20210723032227-1f47c861a9ac
-	google.golang.org/api v0.58.0
+	golang.org/x/time v0.0.0-20211116232009-f0f3c7e86c11
+	google.golang.org/api v0.60.0
 	google.golang.org/grpc v1.42.0
+	google.golang.org/protobuf v1.27.1
 	gopkg.in/yaml.v2 v2.4.0
 	gopkg.in/yaml.v3 v3.0.0-20210107192922-496545a6307b
 )
@@ -83,8 +84,8 @@ require (
 	cloud.google.com/go v0.97.0 // indirect
 	cloud.google.com/go/bigtable v1.3.0 // indirect
 	github.com/Azure/go-autorest v14.2.0+incompatible // indirect
-	github.com/Azure/go-autorest/autorest v0.11.20 // indirect
-	github.com/Azure/go-autorest/autorest/adal v0.9.15 // indirect
+	github.com/Azure/go-autorest/autorest v0.11.22 // indirect
+	github.com/Azure/go-autorest/autorest/adal v0.9.17 // indirect
 	github.com/Azure/go-autorest/autorest/azure/auth v0.5.8 // indirect
 	github.com/Azure/go-autorest/autorest/azure/cli v0.4.2 // indirect
 	github.com/Azure/go-autorest/autorest/date v0.3.0 // indirect
@@ -97,7 +98,7 @@ require (
 	github.com/Shopify/sarama v1.30.0 // indirect
 	github.com/VividCortex/gohistogram v1.0.0 // indirect
 	github.com/alecthomas/template v0.0.0-20190718012654-fb15b899a751 // indirect
-	github.com/alecthomas/units v0.0.0-20210912230133-d1bdfacee922 // indirect
+	github.com/alecthomas/units v0.0.0-20210927113745-59d0afb8317a // indirect
 	github.com/apache/thrift v0.15.0 // indirect
 	github.com/armon/go-metrics v0.3.9 // indirect
 	github.com/asaskevich/govalidator v0.0.0-20210307081110-f21760c49a8d // indirect
@@ -107,6 +108,8 @@ require (
 	github.com/cenkalti/backoff/v4 v4.1.2 // indirect
 	github.com/census-instrumentation/opencensus-proto v0.3.0 // indirect
 	github.com/cespare/xxhash/v2 v2.1.2 // indirect
+	github.com/cncf/udpa/go v0.0.0-20201120205902-5459f2c99403 // indirect
+	github.com/cncf/xds/go v0.0.0-20211001041855-01bcc9b48dfe // indirect
 	github.com/coreos/etcd v3.3.25+incompatible // indirect
 	github.com/coreos/go-semver v0.3.0 // indirect
 	github.com/coreos/go-systemd v0.0.0-20191104093116-d3cd4ed1dbcf // indirect
@@ -121,6 +124,8 @@ require (
 	github.com/eapache/go-xerial-snappy v0.0.0-20180814174437-776d5712da21 // indirect
 	github.com/eapache/queue v1.1.0 // indirect
 	github.com/edsrzf/mmap-go v1.0.0 // indirect
+	github.com/envoyproxy/go-control-plane v0.10.1 // indirect
+	github.com/envoyproxy/protoc-gen-validate v0.6.2 // indirect
 	github.com/facette/natsort v0.0.0-20181210072756-2cd4dd1e2dcb // indirect
 	github.com/fatih/color v1.12.0 // indirect
 	github.com/felixge/fgprof v0.9.1 // indirect
@@ -135,7 +140,7 @@ require (
 	github.com/go-openapi/loads v0.21.0 // indirect
 	github.com/go-openapi/runtime v0.21.0 // indirect
 	github.com/go-openapi/spec v0.20.4 // indirect
-	github.com/go-openapi/strfmt v0.21.0 // indirect
+	github.com/go-openapi/strfmt v0.21.1 // indirect
 	github.com/go-openapi/swag v0.19.15 // indirect
 	github.com/go-openapi/validate v0.20.3 // indirect
 	github.com/go-redis/redis/v8 v8.11.4 // indirect
@@ -147,14 +152,14 @@ require (
 	github.com/golang-migrate/migrate/v4 v4.7.0 // indirect
 	github.com/golang/groupcache v0.0.0-20210331224755-41bb18bfe9da // indirect
 	github.com/google/btree v1.0.1 // indirect
-	github.com/google/pprof v0.0.0-20210827144239-02619b876842 // indirect
+	github.com/google/pprof v0.0.0-20211122183932-1daafda22083 // indirect
 	github.com/googleapis/gax-go/v2 v2.1.1 // indirect
 	github.com/gorilla/handlers v1.5.1 // indirect
 	github.com/grpc-ecosystem/go-grpc-middleware v1.3.0 // indirect
 	github.com/grpc-ecosystem/go-grpc-middleware/v2 v2.0.0-rc.2.0.20201207153454-9f6bf00c00a7 // indirect
 	github.com/grpc-ecosystem/grpc-gateway v1.16.0 // indirect
 	github.com/hailocab/go-hostpool v0.0.0-20160125115350-e80d13ce29ed // indirect
-	github.com/hashicorp/consul/api v1.10.1 // indirect
+	github.com/hashicorp/consul/api v1.11.0 // indirect
 	github.com/hashicorp/errwrap v1.0.0 // indirect
 	github.com/hashicorp/go-cleanhttp v0.5.2 // indirect
 	github.com/hashicorp/go-immutable-radix v1.3.1 // indirect
@@ -219,7 +224,7 @@ require (
 	github.com/pmezard/go-difflib v1.0.0 // indirect
 	github.com/prometheus/alertmanager v0.23.1-0.20210914172521-e35efbddb66a // indirect
 	github.com/prometheus/common/sigv4 v0.1.0 // indirect
-	github.com/prometheus/exporter-toolkit v0.6.1 // indirect
+	github.com/prometheus/exporter-toolkit v0.7.0 // indirect
 	github.com/prometheus/node_exporter v1.0.0-rc.0.0.20200428091818-01054558c289 // indirect
 	github.com/prometheus/procfs v0.7.3 // indirect
 	github.com/rcrowley/go-metrics v0.0.0-20201227073835-cf1acfcdf475 // indirect
@@ -250,23 +255,21 @@ require (
 	go.etcd.io/etcd/api/v3 v3.5.0 // indirect
 	go.etcd.io/etcd/client/pkg/v3 v3.5.0 // indirect
 	go.etcd.io/etcd/client/v3 v3.5.0 // indirect
-	go.mongodb.org/mongo-driver v1.7.3 // indirect
+	go.mongodb.org/mongo-driver v1.7.5 // indirect
 	go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc v0.27.0 // indirect
 	go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.27.0 // indirect
 	go.opentelemetry.io/otel/internal/metric v0.25.0 // indirect
 	go.opentelemetry.io/otel/sdk/export/metric v0.25.0 // indirect
-	golang.org/x/crypto v0.0.0-20210920023735-84f357641f63 // indirect
-	golang.org/x/net v0.0.0-20210917221730-978cfadd31cf // indirect
-	golang.org/x/oauth2 v0.0.0-20211005180243-6b3c2da341f1 // indirect
+	golang.org/x/crypto v0.0.0-20210921155107-089bfa567519 // indirect
+	golang.org/x/net v0.0.0-20211123203042-d83791d6bcd9 // indirect
+	golang.org/x/oauth2 v0.0.0-20211104180415-d3ed0bb246c8 // indirect
 	golang.org/x/sync v0.0.0-20210220032951-036812b2e83c // indirect
-	golang.org/x/sys v0.0.0-20211013075003-97ac67df715c // indirect
+	golang.org/x/sys v0.0.0-20211124211545-fe61309f8881 // indirect
 	golang.org/x/text v0.3.7 // indirect
 	golang.org/x/xerrors v0.0.0-20200804184101-5ec99f83aff1 // indirect
 	google.golang.org/appengine v1.6.7 // indirect
-	google.golang.org/genproto v0.0.0-20211016002631-37fc39342514 // indirect
-	google.golang.org/protobuf v1.27.1 // indirect
+	google.golang.org/genproto v0.0.0-20211129164237-f09f9a12af12 // indirect
 	gopkg.in/alecthomas/kingpin.v2 v2.2.6 // indirect
-	gopkg.in/fsnotify/fsnotify.v1 v1.4.7 // indirect
 	gopkg.in/inf.v0 v0.9.1 // indirect
 	gopkg.in/ini.v1 v1.63.2 // indirect
 	rsc.io/binaryregexp v0.2.0 // indirect
@@ -286,7 +289,7 @@ replace github.com/go-redis/redis/v8 => github.com/go-redis/redis/v8 v8.11.0
 // Pin to the latest release of grpc-go with GenerateAndRegisterManualResolver
 // This function is used by jeagertracing/jaeger, but we can't update jaeger
 // without updating the open-telemetry/collector as well
-replace google.golang.org/grpc => google.golang.org/grpc v1.33.3
+replace google.golang.org/grpc => google.golang.org/grpc v1.38.0
 
 // Pin github.com/soheilhy/cmux to control grpc required version.
 // Before v0.1.5 it contained examples in the root folder that imported grpc without a version,
@@ -297,11 +300,12 @@ replace github.com/soheilhy/cmux => github.com/soheilhy/cmux v0.1.5
 // Can be removed when https://github.com/open-telemetry/opentelemetry-go/pull/2141 is merged
 replace go.opentelemetry.io/otel/bridge/opentracing => github.com/bboreham/opentelemetry-go/bridge/opentracing v0.13.1-0.20210728105346-81ca3b18d348
 
+// Comment is from https://github.com/cortexproject/cortex/blob/07d6cfc4eb848fc410262773255dfec750c0a64f/go.mod#L83-L87
 // We only pin this version to avoid problems with running go get: github.com/thanos-io/thanos@main. That
 // currently fails because Thanos isn't merging release branches to main branch, and Go modules system is then
 // confused about which version is the latest one. v0.22.0 was released in July, but latest tag reachable from main
-// is v0.19.1. We pin version from late september here. Feel free to remove when updating to later version.
-replace github.com/thanos-io/thanos v0.22.0 => github.com/thanos-io/thanos v0.19.1-0.20210923155558-c15594a03c45
+// is v0.19.1. We pin version from early December here. Feel free to remove when updating to later version.
+replace github.com/thanos-io/thanos v0.22.0 => github.com/thanos-io/thanos v0.19.1-0.20211208205607-d1acaea2a11a
 
 // Replacing for an internal fork that exposes internal folders
 // Some funtionalities of the collector have been made internal and it's more difficult to build and configure pipelines in the newer versions.
diff --git a/go.sum b/go.sum
index 59f1eca3750..443dc26788f 100644
--- a/go.sum
+++ b/go.sum
@@ -7,7 +7,6 @@ cloud.google.com/go v0.44.1/go.mod h1:iSa0KzasP4Uvy3f1mN/7PiObzGgflwredwwASm/v6A
 cloud.google.com/go v0.44.2/go.mod h1:60680Gw3Yr4ikxnPRS/oxxkBccT6SA1yMk63TGekxKY=
 cloud.google.com/go v0.45.1/go.mod h1:RpBamKRgapWJb87xiFSdk4g1CME7QZg3uwTez+TSTjc=
 cloud.google.com/go v0.46.3/go.mod h1:a6bKKbmY7er1mI7TEI4lsAkts/mkhTSZK8w33B4RAg0=
-cloud.google.com/go v0.49.0/go.mod h1:hGvAdzcWNbyuxS3nWhD7H2cIJxjRRTRLQVB0bdputVY=
 cloud.google.com/go v0.50.0/go.mod h1:r9sluTvynVuxRIOHXQEHMFffphuXHOMZMycpNR5e6To=
 cloud.google.com/go v0.51.0/go.mod h1:hWtGJ6gnXH+KgDv+V0zFGDvpi07n3z8ZNj3T1RW0Gcw=
 cloud.google.com/go v0.52.0/go.mod h1:pXajvRH/6o3+F9jDHZWQ5PbGhn+o8w9qiu/CffaVdO4=
@@ -37,7 +36,6 @@ cloud.google.com/go/bigquery v1.4.0/go.mod h1:S8dzgnTigyfTmLBfrtrhyYhwRxG72rYxvf
 cloud.google.com/go/bigquery v1.5.0/go.mod h1:snEHRnqQbz117VIFhE8bmtwIDY80NLUZUMb4Nv6dBIg=
 cloud.google.com/go/bigquery v1.7.0/go.mod h1://okPTzCYNXSlb24MZs83e2Do+h+VXtc4gLoIoXIAPc=
 cloud.google.com/go/bigquery v1.8.0/go.mod h1:J5hqkt3O0uAFnINi6JXValWIb1v0goeZM77hZzJN/fQ=
-cloud.google.com/go/bigtable v1.1.0/go.mod h1:B6ByKcIdYmhoyDzmOnQxyOhN6r05qnewYIxxG6L0/b4=
 cloud.google.com/go/bigtable v1.2.0/go.mod h1:JcVAOl45lrTmQfLj7T6TxyMzIN/3FGGcFm+2xVAli2o=
 cloud.google.com/go/bigtable v1.3.0 h1:PAplkJLXheOLlK5PPyy4/HXtPzHn+1/LaYDWIeGxnio=
 cloud.google.com/go/bigtable v1.3.0/go.mod h1:z5EyKrPE8OQmeg4h5MNdKvuSnI9CCT49Ki3f23aBzio=
@@ -50,7 +48,6 @@ cloud.google.com/go/pubsub v1.1.0/go.mod h1:EwwdRX2sKPjnvnqCa270oGRyludottCI76h+
 cloud.google.com/go/pubsub v1.2.0/go.mod h1:jhfEVHT8odbXTkndysNHCcx0awwzvfOlguIAii9o8iA=
 cloud.google.com/go/pubsub v1.3.1/go.mod h1:i+ucay31+CNRpDW4Lu78I4xXG+O1r/MAHgjpRVR+TSU=
 cloud.google.com/go/storage v1.0.0/go.mod h1:IhtSnM/ZTZV8YYJWCY8RULGVqBDmpoyjwiyrjsg+URw=
-cloud.google.com/go/storage v1.3.0/go.mod h1:9IAwXhoyBJ7z9LcAwkj0/7NnPzYaPeZxxVp3zm+5IqA=
 cloud.google.com/go/storage v1.5.0/go.mod h1:tpKbwo567HUNpVclU5sGELwQWBDZ8gh0ZeosJ0Rtdos=
 cloud.google.com/go/storage v1.6.0/go.mod h1:N7U0C8pVQ/+NIKOBQyamJIeKQKkZ+mxpohlUTyfDhBk=
 cloud.google.com/go/storage v1.8.0/go.mod h1:Wv1Oy7z6Yz3DshWRJFhqM/UCfaWIRTdp0RXyy7KQOVs=
@@ -60,73 +57,43 @@ cloud.google.com/go/storage v1.18.2/go.mod h1:AiIj7BWXyhO5gGVmYJ+S8tbkCx3yb0IMju
 cloud.google.com/go/trace v0.1.0/go.mod h1:wxEwsoeRVPbeSkt7ZC9nWCgmoKQRAoySN7XHW2AmI7g=
 code.cloudfoundry.org/bytefmt v0.0.0-20190710193110-1eb035ffe2b6/go.mod h1:wN/zk7mhREp/oviagqUXY3EwuHhWyOvAdsn5Y4CzOrc=
 collectd.org v0.3.0/go.mod h1:A/8DzQBkF6abtvrT2j/AU/4tiBgJWYyh0y/oB/4MlWE=
-contrib.go.opencensus.io/exporter/ocagent v0.6.0/go.mod h1:zmKjrJcdo0aYcVS7bmEeSEBLPA9YJp5bjrofdU3pIXs=
 contrib.go.opencensus.io/exporter/prometheus v0.4.0 h1:0QfIkj9z/iVZgK31D9H9ohjjIDApI2GOPScCKwxedbs=
 contrib.go.opencensus.io/exporter/prometheus v0.4.0/go.mod h1:o7cosnyfuPVK0tB8q0QmaQNhGnptITnPQB+z1+qeFB0=
 dmitri.shuralyov.com/gpu/mtl v0.0.0-20190408044501-666a987793e9/go.mod h1:H6x//7gZCb22OMCxBHrMx7a5I7Hp++hsVxbQ4BYO7hU=
-github.com/Azure/azure-pipeline-go v0.2.1/go.mod h1:UGSo8XybXnIGZ3epmeBw7Jdz+HiUVpqIlpz/HKHylF4=
-github.com/Azure/azure-pipeline-go v0.2.2/go.mod h1:4rQ/NZncSvGqNkkOsNpOU1tgoNuIlp9AfUH5G1tvCHc=
 github.com/Azure/azure-pipeline-go v0.2.3 h1:7U9HBg1JFK3jHl5qmo4CTZKFTVgMwdFHMVtCdfBE21U=
 github.com/Azure/azure-pipeline-go v0.2.3/go.mod h1:x841ezTBIMG6O3lAcl8ATHnsOPVl2bqk7S3ta6S6u4k=
 github.com/Azure/azure-sdk-for-go v16.2.1+incompatible/go.mod h1:9XXNKU+eRnpl9moKnB4QOLf1HestfXbmab5FXxiDBjc=
-github.com/Azure/azure-sdk-for-go v23.2.0+incompatible/go.mod h1:9XXNKU+eRnpl9moKnB4QOLf1HestfXbmab5FXxiDBjc=
-github.com/Azure/azure-sdk-for-go v36.1.0+incompatible/go.mod h1:9XXNKU+eRnpl9moKnB4QOLf1HestfXbmab5FXxiDBjc=
 github.com/Azure/azure-sdk-for-go v41.3.0+incompatible/go.mod h1:9XXNKU+eRnpl9moKnB4QOLf1HestfXbmab5FXxiDBjc=
-github.com/Azure/azure-sdk-for-go v43.0.0+incompatible/go.mod h1:9XXNKU+eRnpl9moKnB4QOLf1HestfXbmab5FXxiDBjc=
-github.com/Azure/azure-sdk-for-go v44.0.0+incompatible/go.mod h1:9XXNKU+eRnpl9moKnB4QOLf1HestfXbmab5FXxiDBjc=
-github.com/Azure/azure-sdk-for-go v44.2.0+incompatible/go.mod h1:9XXNKU+eRnpl9moKnB4QOLf1HestfXbmab5FXxiDBjc=
-github.com/Azure/azure-sdk-for-go v45.1.0+incompatible/go.mod h1:9XXNKU+eRnpl9moKnB4QOLf1HestfXbmab5FXxiDBjc=
-github.com/Azure/azure-sdk-for-go v46.4.0+incompatible/go.mod h1:9XXNKU+eRnpl9moKnB4QOLf1HestfXbmab5FXxiDBjc=
-github.com/Azure/azure-sdk-for-go v48.2.0+incompatible/go.mod h1:9XXNKU+eRnpl9moKnB4QOLf1HestfXbmab5FXxiDBjc=
-github.com/Azure/azure-sdk-for-go v51.2.0+incompatible/go.mod h1:9XXNKU+eRnpl9moKnB4QOLf1HestfXbmab5FXxiDBjc=
-github.com/Azure/azure-sdk-for-go v52.5.0+incompatible/go.mod h1:9XXNKU+eRnpl9moKnB4QOLf1HestfXbmab5FXxiDBjc=
-github.com/Azure/azure-sdk-for-go v54.0.0+incompatible/go.mod h1:9XXNKU+eRnpl9moKnB4QOLf1HestfXbmab5FXxiDBjc=
-github.com/Azure/azure-sdk-for-go v55.2.0+incompatible/go.mod h1:9XXNKU+eRnpl9moKnB4QOLf1HestfXbmab5FXxiDBjc=
-github.com/Azure/azure-sdk-for-go v57.1.0+incompatible h1:TKQ3ieyB0vVKkF6t9dsWbMjq56O1xU3eh3Ec09v6ajM=
-github.com/Azure/azure-sdk-for-go v57.1.0+incompatible/go.mod h1:9XXNKU+eRnpl9moKnB4QOLf1HestfXbmab5FXxiDBjc=
-github.com/Azure/azure-storage-blob-go v0.8.0/go.mod h1:lPI3aLPpuLTeUwh1sViKXFxwl2B6teiRqI0deQUvsw0=
+github.com/Azure/azure-sdk-for-go v58.3.0+incompatible h1:lb9OWePNuJMiibdxg9XvdbiOldR0Yifge37L4LoOxIs=
+github.com/Azure/azure-sdk-for-go v58.3.0+incompatible/go.mod h1:9XXNKU+eRnpl9moKnB4QOLf1HestfXbmab5FXxiDBjc=
 github.com/Azure/azure-storage-blob-go v0.13.0 h1:lgWHvFh+UYBNVQLFHXkvul2f6yOPA9PIH82RTG2cSwc=
 github.com/Azure/azure-storage-blob-go v0.13.0/go.mod h1:pA9kNqtjUeQF2zOSu4s//nUdBD+e64lEuc4sVnuOfNs=
-github.com/Azure/go-ansiterm v0.0.0-20170929234023-d6e3b3328b78 h1:w+iIsaOQNcT7OZ575w+acHgRric5iCyQh+xv+KJ4HB8=
 github.com/Azure/go-ansiterm v0.0.0-20170929234023-d6e3b3328b78/go.mod h1:LmzpDX56iTiv29bbRTIsUNlaFfuhWRQBWjQdVyAevI8=
+github.com/Azure/go-ansiterm v0.0.0-20210617225240-d185dfc1b5a1 h1:UQHMgLO+TxOElx5B5HZ4hJQsoJ/PvUvKRhJHDQXO8P8=
+github.com/Azure/go-ansiterm v0.0.0-20210617225240-d185dfc1b5a1/go.mod h1:xomTg63KZ2rFqZQzSB4Vz2SUXa1BpHTVz9L5PTmPC4E=
 github.com/Azure/go-autorest v10.8.1+incompatible/go.mod h1:r+4oMnoxhatjLLJ6zxSWATqVooLgysK6ZNox3g/xq24=
-github.com/Azure/go-autorest v11.2.8+incompatible/go.mod h1:r+4oMnoxhatjLLJ6zxSWATqVooLgysK6ZNox3g/xq24=
 github.com/Azure/go-autorest v14.2.0+incompatible h1:V5VMDjClD3GiElqLWO7mz2MxNAK/vTfRHdAubSIPRgs=
 github.com/Azure/go-autorest v14.2.0+incompatible/go.mod h1:r+4oMnoxhatjLLJ6zxSWATqVooLgysK6ZNox3g/xq24=
 github.com/Azure/go-autorest/autorest v0.9.0/go.mod h1:xyHB1BMZT0cuDHU7I0+g046+BFDTQ8rEZB0s4Yfa6bI=
-github.com/Azure/go-autorest/autorest v0.9.3-0.20191028180845-3492b2aff503/go.mod h1:xyHB1BMZT0cuDHU7I0+g046+BFDTQ8rEZB0s4Yfa6bI=
-github.com/Azure/go-autorest/autorest v0.9.3/go.mod h1:GsRuLYvwzLjjjRoWEIyMUaYq8GNUx2nRB378IPt/1p0=
 github.com/Azure/go-autorest/autorest v0.10.0/go.mod h1:/FALq9T/kS7b5J5qsQ+RSTUdAmGFqi0vUdVNNx8q630=
-github.com/Azure/go-autorest/autorest v0.10.1/go.mod h1:/FALq9T/kS7b5J5qsQ+RSTUdAmGFqi0vUdVNNx8q630=
-github.com/Azure/go-autorest/autorest v0.10.2/go.mod h1:/FALq9T/kS7b5J5qsQ+RSTUdAmGFqi0vUdVNNx8q630=
 github.com/Azure/go-autorest/autorest v0.11.1/go.mod h1:JFgpikqFJ/MleTTxwepExTKnFUKKszPS8UavbQYUMuw=
-github.com/Azure/go-autorest/autorest v0.11.2/go.mod h1:JFgpikqFJ/MleTTxwepExTKnFUKKszPS8UavbQYUMuw=
-github.com/Azure/go-autorest/autorest v0.11.4/go.mod h1:JFgpikqFJ/MleTTxwepExTKnFUKKszPS8UavbQYUMuw=
-github.com/Azure/go-autorest/autorest v0.11.10/go.mod h1:eipySxLmqSyC5s5k1CLupqet0PSENBEDP93LQ9a8QYw=
-github.com/Azure/go-autorest/autorest v0.11.11/go.mod h1:eipySxLmqSyC5s5k1CLupqet0PSENBEDP93LQ9a8QYw=
+github.com/Azure/go-autorest/autorest v0.11.9/go.mod h1:eipySxLmqSyC5s5k1CLupqet0PSENBEDP93LQ9a8QYw=
 github.com/Azure/go-autorest/autorest v0.11.17/go.mod h1:eipySxLmqSyC5s5k1CLupqet0PSENBEDP93LQ9a8QYw=
-github.com/Azure/go-autorest/autorest v0.11.18/go.mod h1:dSiJPy22c3u0OtOKDNttNgqpNFY/GeWa7GH/Pz56QRA=
-github.com/Azure/go-autorest/autorest v0.11.19/go.mod h1:dSiJPy22c3u0OtOKDNttNgqpNFY/GeWa7GH/Pz56QRA=
-github.com/Azure/go-autorest/autorest v0.11.20 h1:s8H1PbCZSqg/DH7JMlOz6YMig6htWLNPsjDdlLqCx3M=
-github.com/Azure/go-autorest/autorest v0.11.20/go.mod h1:o3tqFY+QR40VOlk+pV4d77mORO64jOXSgEnPQgLK6JY=
+github.com/Azure/go-autorest/autorest v0.11.22 h1:bXiQwDjrRmBQOE67bwlvUKAC1EU1yZTPQ38c+bstZws=
+github.com/Azure/go-autorest/autorest v0.11.22/go.mod h1:BAWYUWGPEtKPzjVkp0Q6an0MJcJDsoh5Z1BFAEFs4Xs=
 github.com/Azure/go-autorest/autorest/adal v0.5.0/go.mod h1:8Z9fGy2MpX0PvDjB1pEgQTmVqjGhiHBW7RJJEciWzS0=
-github.com/Azure/go-autorest/autorest/adal v0.8.0/go.mod h1:Z6vX6WXXuyieHAXwMj0S6HY6e6wcHn37qQMBQlvY3lc=
-github.com/Azure/go-autorest/autorest/adal v0.8.1-0.20191028180845-3492b2aff503/go.mod h1:Z6vX6WXXuyieHAXwMj0S6HY6e6wcHn37qQMBQlvY3lc=
-github.com/Azure/go-autorest/autorest/adal v0.8.1/go.mod h1:ZjhuQClTqx435SRJ2iMlOxPYt3d2C/T/7TiQCVZSn3Q=
 github.com/Azure/go-autorest/autorest/adal v0.8.2/go.mod h1:ZjhuQClTqx435SRJ2iMlOxPYt3d2C/T/7TiQCVZSn3Q=
 github.com/Azure/go-autorest/autorest/adal v0.8.3/go.mod h1:ZjhuQClTqx435SRJ2iMlOxPYt3d2C/T/7TiQCVZSn3Q=
 github.com/Azure/go-autorest/autorest/adal v0.9.0/go.mod h1:/c022QCutn2P7uY+/oQWWNcK9YU+MH96NgK+jErpbcg=
 github.com/Azure/go-autorest/autorest/adal v0.9.2/go.mod h1:/3SMAM86bP6wC9Ev35peQDUeqFZBMH07vvUOmg4z/fE=
 github.com/Azure/go-autorest/autorest/adal v0.9.5/go.mod h1:B7KF7jKIeC9Mct5spmyCB/A8CG/sEz1vwIRGv/bbw7A=
 github.com/Azure/go-autorest/autorest/adal v0.9.11/go.mod h1:nBKAnTomx8gDtl+3ZCJv2v0KACFHWTB2drffI1B68Pk=
-github.com/Azure/go-autorest/autorest/adal v0.9.13/go.mod h1:W/MM4U6nLxnIskrw4UwWzlHfGjwUS50aOsc/I3yuU8M=
 github.com/Azure/go-autorest/autorest/adal v0.9.14/go.mod h1:W/MM4U6nLxnIskrw4UwWzlHfGjwUS50aOsc/I3yuU8M=
-github.com/Azure/go-autorest/autorest/adal v0.9.15 h1:X+p2GF0GWyOiSmqohIaEeuNFNDY4I4EOlVuUQvFdWMk=
-github.com/Azure/go-autorest/autorest/adal v0.9.15/go.mod h1:tGMin8I49Yij6AQ+rvV+Xa/zwxYQB5hmsd6DkfAx2+A=
-github.com/Azure/go-autorest/autorest/azure/auth v0.4.2/go.mod h1:90gmfKdlmKgfjUpnCEpOJzsUEjrWDSLwHIG73tSXddM=
+github.com/Azure/go-autorest/autorest/adal v0.9.17 h1:esOPl2dhcz9P3jqBSJ8tPGEj2EqzPPT6zfyuloiogKY=
+github.com/Azure/go-autorest/autorest/adal v0.9.17/go.mod h1:XVVeme+LZwABT8K5Lc3hA4nAe8LDBVle26gTrguhhPQ=
+github.com/Azure/go-autorest/autorest/azure/auth v0.5.3/go.mod h1:4bJZhUhcq8LB20TruwHbAQsmUs2Xh+QR7utuJpLXX3A=
 github.com/Azure/go-autorest/autorest/azure/auth v0.5.8 h1:TzPg6B6fTZ0G1zBf3T54aI7p3cAT6u//TOXGPmFMOXg=
 github.com/Azure/go-autorest/autorest/azure/auth v0.5.8/go.mod h1:kxyKZTSfKh8OVFWPAgOgQ/frrJgeYQJPyR5fLFmXko4=
-github.com/Azure/go-autorest/autorest/azure/cli v0.3.1/go.mod h1:ZG5p860J94/0kI9mNJVoIoLgXcirM2gF5i2kWloofxw=
 github.com/Azure/go-autorest/autorest/azure/cli v0.4.2 h1:dMOmEJfkLKW/7JsokJqkyoYSgmR08hi9KrhjZb+JALY=
 github.com/Azure/go-autorest/autorest/azure/cli v0.4.2/go.mod h1:7qkJkT+j6b+hIpzMOwPChJhTqS8VbsqqgULzMNRugoM=
 github.com/Azure/go-autorest/autorest/date v0.1.0/go.mod h1:plvfp3oPSKwf2DNjlBjWF/7vwR+cUD/ELuzDCXwHUVA=
@@ -140,11 +107,9 @@ github.com/Azure/go-autorest/autorest/mocks v0.4.0/go.mod h1:LTp+uSrOhSkaKrUy935
 github.com/Azure/go-autorest/autorest/mocks v0.4.1 h1:K0laFcLE6VLTOwNgSxaGbUcLPuGXlNkbVvq4cW4nIHk=
 github.com/Azure/go-autorest/autorest/mocks v0.4.1/go.mod h1:LTp+uSrOhSkaKrUy935gNZuuIPPVsHlr9DSOxSayd+k=
 github.com/Azure/go-autorest/autorest/to v0.3.0/go.mod h1:MgwOyqaIuKdG4TL/2ywSsIWKAfJfgHDo8ObuUk3t5sA=
-github.com/Azure/go-autorest/autorest/to v0.3.1-0.20191028180845-3492b2aff503/go.mod h1:MgwOyqaIuKdG4TL/2ywSsIWKAfJfgHDo8ObuUk3t5sA=
 github.com/Azure/go-autorest/autorest/to v0.4.0 h1:oXVqrxakqqV1UZdSazDOPOLvOIz+XA683u8EctwboHk=
 github.com/Azure/go-autorest/autorest/to v0.4.0/go.mod h1:fE8iZBn7LQR7zH/9XU2NcPR4o9jEImooCeWJcYV/zLE=
 github.com/Azure/go-autorest/autorest/validation v0.2.0/go.mod h1:3EEqHnBxQGHXRYq3HT1WyXAvT7LLY3tl70hw6tQIbjI=
-github.com/Azure/go-autorest/autorest/validation v0.2.1-0.20191028180845-3492b2aff503/go.mod h1:3EEqHnBxQGHXRYq3HT1WyXAvT7LLY3tl70hw6tQIbjI=
 github.com/Azure/go-autorest/autorest/validation v0.3.1 h1:AgyqjAd94fwNAoTjl/WQXg4VvFeRFpO+UhNyRXqF1ac=
 github.com/Azure/go-autorest/autorest/validation v0.3.1/go.mod h1:yhLgjC0Wda5DYXl6JAsWyUe4KVNffhoDhG0zVzUMo3E=
 github.com/Azure/go-autorest/logger v0.1.0/go.mod h1:oExouG+K6PryycPJfVSxi/koC6LSNgds39diKLz7Vrc=
@@ -158,9 +123,7 @@ github.com/BurntSushi/toml v0.3.1/go.mod h1:xHWCNGjB5oqiDr8zfno3MHue2Ht5sIBksp03
 github.com/BurntSushi/xgb v0.0.0-20160522181843-27f122750802/go.mod h1:IVnqGOEym/WlBOVXweHU+Q+/VP0lqqI8lqeDx9IjBqo=
 github.com/DATA-DOG/go-sqlmock v1.3.3/go.mod h1:f/Ixk793poVmq4qj/V1dPUg2JEAKC73Q5eFN3EC/SaM=
 github.com/DATA-DOG/go-sqlmock v1.4.1/go.mod h1:f/Ixk793poVmq4qj/V1dPUg2JEAKC73Q5eFN3EC/SaM=
-github.com/DataDog/datadog-go v2.2.0+incompatible/go.mod h1:LButxg5PwREeZtORoXG3tL4fMGNddJ+vMq1mwgfaqoQ=
 github.com/DataDog/datadog-go v3.2.0+incompatible/go.mod h1:LButxg5PwREeZtORoXG3tL4fMGNddJ+vMq1mwgfaqoQ=
-github.com/HdrHistogram/hdrhistogram-go v0.9.0/go.mod h1:nxrse8/Tzg2tg3DZcZjm6qEclQKK70g0KxO61gFFZD4=
 github.com/HdrHistogram/hdrhistogram-go v1.0.1/go.mod h1:BWJ+nMSHY3L41Zj7CA3uXnloDp7xxV0YvstAE7nKTaM=
 github.com/HdrHistogram/hdrhistogram-go v1.1.0/go.mod h1:yDgFjdqOqDEKOvasDdhWNXYg9BVp4O+o5f6V/ehm6Oo=
 github.com/HdrHistogram/hdrhistogram-go v1.1.2 h1:5IcZpTvzydCQeHzK4Ef/D5rrSqwxob0t8PQPMybUNFM=
@@ -186,17 +149,15 @@ github.com/Microsoft/hcsshim v0.8.9/go.mod h1:5692vkUqntj1idxauYlpoINNKeqCiG6Sg3
 github.com/Microsoft/hcsshim v0.8.14/go.mod h1:NtVKoYxQuTLx6gEq0L96c9Ju4JbRJ4nY2ow3VK6a9Lg=
 github.com/Microsoft/hcsshim v0.8.15/go.mod h1:x38A4YbHbdxJtc0sF6oIz+RG0npwSCAvn69iY6URG00=
 github.com/Microsoft/hcsshim v0.8.16/go.mod h1:o5/SZqmR7x9JNKsW3pu+nqHm0MF8vbA+VxGOoXdC600=
-github.com/Microsoft/hcsshim v0.8.18/go.mod h1:+w2gRZ5ReXQhFOrvSQeNfhrYB/dg3oDwTOcER2fw4I4=
+github.com/Microsoft/hcsshim v0.8.21/go.mod h1:+w2gRZ5ReXQhFOrvSQeNfhrYB/dg3oDwTOcER2fw4I4=
 github.com/Microsoft/hcsshim/test v0.0.0-20201218223536-d3e5debf77da/go.mod h1:5hlzMzRKMLyo42nCZ9oml8AdTlq/0cvIaBv6tK1RehU=
 github.com/Microsoft/hcsshim/test v0.0.0-20210227013316-43a75bb4edd3/go.mod h1:mw7qgWloBUl75W/gVH3cQszUg1+gUITj7D6NY7ywVnY=
 github.com/NYTimes/gziphandler v0.0.0-20170623195520-56545f4a5d46/go.mod h1:3wb06e3pkSAbeQ52E9H9iFoQsEEwGN64994WTCIhntQ=
 github.com/NYTimes/gziphandler v1.1.1 h1:ZUDjpQae29j0ryrS0u/B8HZfJBtBQHjqw2rQ2cqUQ3I=
 github.com/NYTimes/gziphandler v1.1.1/go.mod h1:n/CVRwUEOgIxrgPvAQhUUr9oeUtvrhMomdKFjzJNB0c=
 github.com/Nvveen/Gotty v0.0.0-20120604004816-cd527374f1e5/go.mod h1:lmUJ/7eu/Q8D7ML55dXQrVaamCz2vxCfdQBasLZfHKk=
+github.com/OneOfOne/xxhash v1.2.2 h1:KMrpdQIwFcEqXDklaen+P1axHaj9BSKzvpUUfnHldSE=
 github.com/OneOfOne/xxhash v1.2.2/go.mod h1:HSdplMjZKSmBqAxg5vPj2TmRDmfkzw+cTzAElWljhcU=
-github.com/OneOfOne/xxhash v1.2.5/go.mod h1:eZbhyaAYD41SGSSsnmcpxVoRiQ/MPUTjUdIIOT9Um7Q=
-github.com/OneOfOne/xxhash v1.2.6 h1:U68crOE3y3MPttCMQGywZOLrTeF5HHJ3/vDBCJn9/bA=
-github.com/OneOfOne/xxhash v1.2.6/go.mod h1:eZbhyaAYD41SGSSsnmcpxVoRiQ/MPUTjUdIIOT9Um7Q=
 github.com/PuerkitoBio/purell v1.0.0/go.mod h1:c11w/QuzBsJSee3cPx9rAFu61PvFxuPbtSwDGJws/X0=
 github.com/PuerkitoBio/purell v1.1.0/go.mod h1:c11w/QuzBsJSee3cPx9rAFu61PvFxuPbtSwDGJws/X0=
 github.com/PuerkitoBio/purell v1.1.1 h1:WEQqlqaGbrPkxLJWfBwQmfEAE1Z7ONdDLqrN38tNFfI=
@@ -229,13 +190,11 @@ github.com/alecthomas/units v0.0.0-20151022065526-2efee857e7cf/go.mod h1:ybxpYRF
 github.com/alecthomas/units v0.0.0-20190717042225-c3de453c63f4/go.mod h1:ybxpYRFXyAe+OPACYpWeL0wqObRcbAqCMya13uyzqw0=
 github.com/alecthomas/units v0.0.0-20190924025748-f65c72e2690d/go.mod h1:rBZYJk541a8SKzHPHnH3zbiI+7dagKZ0cgpgrD7Fyho=
 github.com/alecthomas/units v0.0.0-20210208195552-ff826a37aa15/go.mod h1:OMCwj8VM1Kc9e19TLln2VL61YJF0x1XFtfdL4JdbSyE=
-github.com/alecthomas/units v0.0.0-20210912230133-d1bdfacee922 h1:8ypNbf5sd3Sm3cKJ9waOGoQv6dKAFiFty9L6NP1AqJ4=
-github.com/alecthomas/units v0.0.0-20210912230133-d1bdfacee922/go.mod h1:OMCwj8VM1Kc9e19TLln2VL61YJF0x1XFtfdL4JdbSyE=
+github.com/alecthomas/units v0.0.0-20210927113745-59d0afb8317a h1:E/8AP5dFtMhl5KPJz66Kt9G0n+7Sn41Fy1wv9/jHOrc=
+github.com/alecthomas/units v0.0.0-20210927113745-59d0afb8317a/go.mod h1:OMCwj8VM1Kc9e19TLln2VL61YJF0x1XFtfdL4JdbSyE=
 github.com/alexflint/go-filemutex v0.0.0-20171022225611-72bdc8eae2ae/go.mod h1:CgnQgUtFrFz9mxFNtED3jI5tLDjKlOM+oUF/sTk6ps0=
 github.com/alicebob/gopher-json v0.0.0-20200520072559-a9ecdc9d1d3a h1:HbKu58rmZpUGpz5+4FfNmIU+FmZg2P3Xaj2v2bfNWmk=
 github.com/alicebob/gopher-json v0.0.0-20200520072559-a9ecdc9d1d3a/go.mod h1:SGnFV6hVsYE877CKEZ6tDNTjaSXYUk6QqoIK6PrAtcc=
-github.com/alicebob/miniredis v2.5.0+incompatible h1:yBHoLpsyjupjz3NL3MhKMVkR41j82Yjf3KFv7ApYzUI=
-github.com/alicebob/miniredis v2.5.0+incompatible/go.mod h1:8HZjEj4yU0dwhYHky+DxYx+6BMjkBbe5ONFIF1MXffk=
 github.com/alicebob/miniredis/v2 v2.14.3 h1:QWoo2wchYmLgOB6ctlTt2dewQ1Vu6phl+iQbwT8SYGo=
 github.com/alicebob/miniredis/v2 v2.14.3/go.mod h1:gquAfGbzn92jvtrSC69+6zZnwSODVXVpYDRaGhWaL6I=
 github.com/aliyun/aliyun-oss-go-sdk v2.0.4+incompatible h1:EaK5256H3ELiyaq5O/Zwd6fnghD6DqmZDQmmzzJklUU=
@@ -246,6 +205,7 @@ github.com/antihax/optional v1.0.0/go.mod h1:uupD/76wgC+ih3iEmQUL+0Ugr19nfwCT1kd
 github.com/antonmedv/expr v1.9.0/go.mod h1:5qsM3oLGDND7sDmQGDXHkYfkjYMUX14qsgqmHhwGEk8=
 github.com/aokoli/goutils v1.0.1/go.mod h1:SijmP0QR8LtwsmDs8Yii5Z/S4trXFGFC2oO5g9DP+DQ=
 github.com/apache/arrow/go/arrow v0.0.0-20191024131854-af6fa24be0db/go.mod h1:VTxUBvSJ3s3eHAg65PNgrsn5BtqCRPdmyXh6rAfdxN0=
+github.com/apache/arrow/go/arrow v0.0.0-20200601151325-b2287a20f230/go.mod h1:QNYViu/X0HXDHw7m3KXzWSVXIbfUvJqBFe6Gj8/pYA0=
 github.com/apache/arrow/go/arrow v0.0.0-20200923215132-ac86123a3f01/go.mod h1:QNYViu/X0HXDHw7m3KXzWSVXIbfUvJqBFe6Gj8/pYA0=
 github.com/apache/thrift v0.12.0/go.mod h1:cp2SuWMxlEZw2r+iP2GNCdIi4C1qmUzdZFSVb+bacwQ=
 github.com/apache/thrift v0.13.0/go.mod h1:cp2SuWMxlEZw2r+iP2GNCdIi4C1qmUzdZFSVb+bacwQ=
@@ -254,10 +214,8 @@ github.com/apache/thrift v0.15.0/go.mod h1:PHK3hniurgQaNMZYaCLEqXKsYK8upmhPbmdP2
 github.com/armon/circbuf v0.0.0-20150827004946-bbbad097214e/go.mod h1:3U/XgcO3hCbHZ8TKRvWD2dDTCfh9M9ya+I9JpbB7O8o=
 github.com/armon/consul-api v0.0.0-20180202201655-eb2c6b5be1b6/go.mod h1:grANhF5doyWs3UAsr3K4I6qtAmlQcZDesFNEHPZAzj8=
 github.com/armon/go-metrics v0.0.0-20180917152333-f0300d1749da/go.mod h1:Q73ZrmVTwzkszR9V5SSuryQ31EELlFMUz1kKyl939pY=
-github.com/armon/go-metrics v0.0.0-20190430140413-ec5e00d3c878/go.mod h1:3AMJUQhVx52RsWOnlkpikZr01T/yAVN2gn0861vByNg=
 github.com/armon/go-metrics v0.3.0/go.mod h1:zXjbSimjXTd7vOpY8B0/2LpvNvDoXBuplAD+gJD3GYs=
 github.com/armon/go-metrics v0.3.3/go.mod h1:4O98XIr/9W0sxpJ8UaYkvjk10Iff7SnFrb4QAOwNTFc=
-github.com/armon/go-metrics v0.3.6/go.mod h1:4O98XIr/9W0sxpJ8UaYkvjk10Iff7SnFrb4QAOwNTFc=
 github.com/armon/go-metrics v0.3.9 h1:O2sNqxBdvq8Eq5xmzljcYzAORli6RWCvEym4cJf9m18=
 github.com/armon/go-metrics v0.3.9/go.mod h1:4O98XIr/9W0sxpJ8UaYkvjk10Iff7SnFrb4QAOwNTFc=
 github.com/armon/go-radix v0.0.0-20180808171621-7fddfc383310/go.mod h1:ufUuZ+zHj4x4TnLV4JWEpy2hxWSpsRywHrMgIH9cCH8=
@@ -273,30 +231,19 @@ github.com/asaskevich/govalidator v0.0.0-20210307081110-f21760c49a8d h1:Byv0BzEl
 github.com/asaskevich/govalidator v0.0.0-20210307081110-f21760c49a8d/go.mod h1:WaHUgvxTVq04UNunO+XhnAqY/wQc+bxr74GqbsZ/Jqw=
 github.com/aws/aws-lambda-go v1.13.3/go.mod h1:4UKl9IzQMoD+QF79YdCuzCwp8VbmG4VAQwij/eHl5CU=
 github.com/aws/aws-sdk-go v1.15.11/go.mod h1:mFuSZ37Z9YOHbQEwBWztmVzqXrEkub65tZoCYDt7FT0=
-github.com/aws/aws-sdk-go v1.15.78/go.mod h1:E3/ieXAlvM0XWO57iftYVDLLvQ824smPP3ATZkfNZeM=
 github.com/aws/aws-sdk-go v1.17.7/go.mod h1:KmX6BPdI08NWTb3/sm4ZGu5ShLoqVDhKgpiN924inxo=
-github.com/aws/aws-sdk-go v1.22.4/go.mod h1:KmX6BPdI08NWTb3/sm4ZGu5ShLoqVDhKgpiN924inxo=
-github.com/aws/aws-sdk-go v1.25.48/go.mod h1:KmX6BPdI08NWTb3/sm4ZGu5ShLoqVDhKgpiN924inxo=
 github.com/aws/aws-sdk-go v1.27.0/go.mod h1:KmX6BPdI08NWTb3/sm4ZGu5ShLoqVDhKgpiN924inxo=
 github.com/aws/aws-sdk-go v1.29.16/go.mod h1:1KvfttTE3SPKMpo8g2c6jL3ZKfXtFvKscTgahTma5Xg=
 github.com/aws/aws-sdk-go v1.30.12/go.mod h1:5zCpMtNQVjRREroY7sYe8lOMRSxkhG6MZveU8YkpAk0=
-github.com/aws/aws-sdk-go v1.31.9/go.mod h1:5zCpMtNQVjRREroY7sYe8lOMRSxkhG6MZveU8YkpAk0=
-github.com/aws/aws-sdk-go v1.33.5/go.mod h1:5zCpMtNQVjRREroY7sYe8lOMRSxkhG6MZveU8YkpAk0=
-github.com/aws/aws-sdk-go v1.33.12/go.mod h1:5zCpMtNQVjRREroY7sYe8lOMRSxkhG6MZveU8YkpAk0=
-github.com/aws/aws-sdk-go v1.34.9/go.mod h1:5zCpMtNQVjRREroY7sYe8lOMRSxkhG6MZveU8YkpAk0=
 github.com/aws/aws-sdk-go v1.34.28/go.mod h1:H7NKnBqNVzoTJpGfLrQkkD+ytBA93eiDYi/+8rV9s48=
-github.com/aws/aws-sdk-go v1.35.5/go.mod h1:tlPOdRjfxPBpNIwqDj61rmsnA85v9jc0Ps9+muhnW+k=
-github.com/aws/aws-sdk-go v1.35.31/go.mod h1:hcU610XS61/+aQV88ixoOzUoG7v3b31pl2zKMmprdro=
-github.com/aws/aws-sdk-go v1.37.8/go.mod h1:hcU610XS61/+aQV88ixoOzUoG7v3b31pl2zKMmprdro=
-github.com/aws/aws-sdk-go v1.38.3/go.mod h1:hcU610XS61/+aQV88ixoOzUoG7v3b31pl2zKMmprdro=
 github.com/aws/aws-sdk-go v1.38.35/go.mod h1:hcU610XS61/+aQV88ixoOzUoG7v3b31pl2zKMmprdro=
-github.com/aws/aws-sdk-go v1.38.60/go.mod h1:hcU610XS61/+aQV88ixoOzUoG7v3b31pl2zKMmprdro=
 github.com/aws/aws-sdk-go v1.38.68/go.mod h1:hcU610XS61/+aQV88ixoOzUoG7v3b31pl2zKMmprdro=
 github.com/aws/aws-sdk-go v1.40.11/go.mod h1:585smgzpB/KqRA+K3y/NL/oYRqQvpNJYvLm+LY1U59Q=
-github.com/aws/aws-sdk-go v1.40.37/go.mod h1:585smgzpB/KqRA+K3y/NL/oYRqQvpNJYvLm+LY1U59Q=
 github.com/aws/aws-sdk-go v1.40.45/go.mod h1:585smgzpB/KqRA+K3y/NL/oYRqQvpNJYvLm+LY1U59Q=
-github.com/aws/aws-sdk-go v1.42.9 h1:8ptAGgA+uC2TUbdvUeOVSfBocIZvGE2NKiLxkAcn1GA=
+github.com/aws/aws-sdk-go v1.42.8/go.mod h1:585smgzpB/KqRA+K3y/NL/oYRqQvpNJYvLm+LY1U59Q=
 github.com/aws/aws-sdk-go v1.42.9/go.mod h1:585smgzpB/KqRA+K3y/NL/oYRqQvpNJYvLm+LY1U59Q=
+github.com/aws/aws-sdk-go v1.42.16 h1:jOUmYYpC77NZYQVHTOTFT4lwFBT1u3s8ETKciU4l6gQ=
+github.com/aws/aws-sdk-go v1.42.16/go.mod h1:585smgzpB/KqRA+K3y/NL/oYRqQvpNJYvLm+LY1U59Q=
 github.com/aws/aws-sdk-go-v2 v0.18.0/go.mod h1:JWVYvqSMppoMJC0x5wdwiImzgXTI9FuZwxzkQq9wy+g=
 github.com/aws/aws-sdk-go-v2 v1.7.0/go.mod h1:tb9wi5s61kTDA5qCkcDbt3KRVV74GGslQkl/DRdX/P4=
 github.com/aws/aws-sdk-go-v2 v1.9.1/go.mod h1:cK/D0BBs0b/oWPIcX/Z/obahJK1TT7IPVjy53i/mX/4=
@@ -315,11 +262,9 @@ github.com/aws/smithy-go v1.5.0/go.mod h1:SObp3lf9smib00L/v3U2eAKG8FyQ7iLrJnQiAm
 github.com/aws/smithy-go v1.8.0/go.mod h1:SObp3lf9smib00L/v3U2eAKG8FyQ7iLrJnQiAmR5n+E=
 github.com/baidubce/bce-sdk-go v0.9.81 h1:n8KfThLG9fvGv3A+RtTt/jKhg/FPPRpo+iNnS2r+iPI=
 github.com/baidubce/bce-sdk-go v0.9.81/go.mod h1:zbYJMQwE4IZuyrJiFO8tO8NbtYiKTFTbwh4eIsqjVdg=
-github.com/baiyubin/aliyun-sts-go-sdk v0.0.0-20180326062324-cfa1a18b161f/go.mod h1:AuiFmCCPBSrqvVMvuqFuk0qogytodnVFVSN5CeJB8Gc=
 github.com/bboreham/opentelemetry-go/bridge/opentracing v0.13.1-0.20210728105346-81ca3b18d348 h1:stTbdADjWTkqArDq7xQqQgFH0X15p8YRPGvKpEsJcQQ=
 github.com/bboreham/opentelemetry-go/bridge/opentracing v0.13.1-0.20210728105346-81ca3b18d348/go.mod h1:Fwl2xhMnMJSzPU7pGK+oM/277hRM2qgkja/a8ieGJbY=
 github.com/beevik/ntp v0.2.0/go.mod h1:hIHWr+l3+/clUnF44zdK+CWW7fO8dR5cIylAQ76NRpg=
-github.com/benbjohnson/clock v1.0.3/go.mod h1:bGMdMPoPVvcYyt1gHDf4J2KE153Yf9BuiUKYMaxlTDM=
 github.com/benbjohnson/clock v1.1.0/go.mod h1:J11/hYXuz8f4ySSvYwY0FKfm+ezbsZBKZxNJlLklBHA=
 github.com/benbjohnson/clock v1.2.0 h1:9Re3G2TWxkE06LdMWMpcY6KV81GLXMGiYpPYUPkFAws=
 github.com/benbjohnson/clock v1.2.0/go.mod h1:J11/hYXuz8f4ySSvYwY0FKfm+ezbsZBKZxNJlLklBHA=
@@ -334,10 +279,9 @@ github.com/bgentry/speakeasy v0.1.0/go.mod h1:+zsyZBPWlz7T6j88CTgSN5bM796AkVf0kB
 github.com/bitly/go-hostpool v0.0.0-20171023180738-a3a6125de932 h1:mXoPYz/Ul5HYEDvkta6I8/rnYM5gSdSV2tJ6XbZuEtY=
 github.com/bitly/go-hostpool v0.0.0-20171023180738-a3a6125de932/go.mod h1:NOuUCSz6Q9T7+igc/hlvDOUdtWKryOrtFyIVABv/p7k=
 github.com/bitly/go-simplejson v0.5.0/go.mod h1:cXHtHw4XUPsvGaxgjIAn8PhEWG9NfngEKAMDJEczWVA=
-github.com/bketelsen/crypt v0.0.3-0.20200106085610-5cbc8cc4026c/go.mod h1:MKsuJmJgSg28kpZDP6UIiPt0e0Oz0kqKNGyRaWEPv84=
+github.com/bits-and-blooms/bitset v1.2.0/go.mod h1:gIdJ4wp64HaoK2YrL1Q5/N7Y16edYb8uY+O0FJTyyDA=
 github.com/bketelsen/crypt v0.0.4/go.mod h1:aI6NrJ0pMGgvZKL1iVgXLnfIFJtfV+bKCoqOes/6LfM=
 github.com/blang/semver v3.1.0+incompatible/go.mod h1:kRBLl5iJ+tD4TcOOxsy/0fnwebNt5EWlYSAyrTnjyyk=
-github.com/blang/semver v3.5.0+incompatible/go.mod h1:kRBLl5iJ+tD4TcOOxsy/0fnwebNt5EWlYSAyrTnjyyk=
 github.com/blang/semver v3.5.1+incompatible h1:cQNTCjp13qL8KC3Nbxr/y2Bqb63oX6wdnnjpJbkM4JQ=
 github.com/blang/semver v3.5.1+incompatible/go.mod h1:kRBLl5iJ+tD4TcOOxsy/0fnwebNt5EWlYSAyrTnjyyk=
 github.com/blang/semver/v4 v4.0.0 h1:1PFHFE6yCCTv8C1TeyNNarDzntLi7wMI5i/pzqYIsAM=
@@ -359,20 +303,14 @@ github.com/casbin/casbin/v2 v2.1.2/go.mod h1:YcPU1XXisHhLzuxH9coDNf2FbKpjGlbCg3n
 github.com/casbin/casbin/v2 v2.31.6/go.mod h1:vByNa/Fchek0KZUgG5wEsl7iFsiviAYKRtgrQfcJqHg=
 github.com/casbin/casbin/v2 v2.37.0/go.mod h1:vByNa/Fchek0KZUgG5wEsl7iFsiviAYKRtgrQfcJqHg=
 github.com/cenkalti/backoff v0.0.0-20181003080854-62661b46c409/go.mod h1:90ReRw6GdpyfrHakVjL/QHaoyV4aDUVVkXQJJJ3NXXM=
-github.com/cenkalti/backoff v1.0.0/go.mod h1:90ReRw6GdpyfrHakVjL/QHaoyV4aDUVVkXQJJJ3NXXM=
 github.com/cenkalti/backoff v2.2.1+incompatible h1:tNowT99t7UNflLxfYYSlKYsBpXdEet03Pg2g16Swow4=
 github.com/cenkalti/backoff v2.2.1+incompatible/go.mod h1:90ReRw6GdpyfrHakVjL/QHaoyV4aDUVVkXQJJJ3NXXM=
-github.com/cenkalti/backoff/v4 v4.0.2/go.mod h1:eEew/i+1Q6OrCDZh3WiXYv3+nJwBASZ8Bog/87DQnVg=
-github.com/cenkalti/backoff/v4 v4.1.0/go.mod h1:scbssz8iZGpm3xbr14ovlUdkxfGXNInqkPWOWmG2CLw=
 github.com/cenkalti/backoff/v4 v4.1.1/go.mod h1:scbssz8iZGpm3xbr14ovlUdkxfGXNInqkPWOWmG2CLw=
 github.com/cenkalti/backoff/v4 v4.1.2 h1:6Yo7N8UP2K6LWZnW94DLVSSrbobcWdVzAYOisuDPIFo=
 github.com/cenkalti/backoff/v4 v4.1.2/go.mod h1:scbssz8iZGpm3xbr14ovlUdkxfGXNInqkPWOWmG2CLw=
 github.com/census-instrumentation/opencensus-proto v0.2.1/go.mod h1:f6KPmirojxKA12rnyqOA5BBL4O983OfeGPqjHWSTneU=
 github.com/census-instrumentation/opencensus-proto v0.3.0 h1:t/LhUZLVitR1Ow2YOnduCsavhwFUklBMoGVYUCqmCqk=
 github.com/census-instrumentation/opencensus-proto v0.3.0/go.mod h1:f6KPmirojxKA12rnyqOA5BBL4O983OfeGPqjHWSTneU=
-github.com/certifi/gocertifi v0.0.0-20191021191039-0944d244cd40/go.mod h1:sGbDF6GwGcLpkNXPUTkMRoywsNa/ol15pxFe6ERfguA=
-github.com/certifi/gocertifi v0.0.0-20200922220541-2c3bb06c6054/go.mod h1:sGbDF6GwGcLpkNXPUTkMRoywsNa/ol15pxFe6ERfguA=
-github.com/cespare/xxhash v0.0.0-20181017004759-096ff4a8a059/go.mod h1:XrSqR1VqqWfGrhpAt58auRo0WTKS1nRRg3ghfAqPWnc=
 github.com/cespare/xxhash v1.1.0 h1:a6HrQnmkObjyL+Gs60czilIUGqrzKutQD6XZog3p+ko=
 github.com/cespare/xxhash v1.1.0/go.mod h1:XrSqR1VqqWfGrhpAt58auRo0WTKS1nRRg3ghfAqPWnc=
 github.com/cespare/xxhash/v2 v2.1.0/go.mod h1:dgIUBU3pDso/gPgZ1osOZ0iQf77oPR28Tjxl5dIMyVM=
@@ -380,6 +318,7 @@ github.com/cespare/xxhash/v2 v2.1.1/go.mod h1:VGX0DQ3Q6kWi7AoAeZDth3/j3BFtOZR5XL
 github.com/cespare/xxhash/v2 v2.1.2 h1:YRXhKfTDauu4ajMg1TPgFO5jnlC2HCbmLXMcTG5cbYE=
 github.com/cespare/xxhash/v2 v2.1.2/go.mod h1:VGX0DQ3Q6kWi7AoAeZDth3/j3BFtOZR5XLFGgcrjCOs=
 github.com/checkpoint-restore/go-criu/v4 v4.1.0/go.mod h1:xUQBLp4RLc5zJtWY++yjOoMoB5lihDt7fai+75m+rGw=
+github.com/checkpoint-restore/go-criu/v5 v5.0.0/go.mod h1:cfwC0EG7HMUenopBsUf9d89JlCLQIfgVcNsNN0t6T2M=
 github.com/chromedp/cdproto v0.0.0-20200116234248-4da64dd111ac/go.mod h1:PfAWWKJqjlGFYJEidUM6aVIWPr0EpobeyVWEEmplX7g=
 github.com/chromedp/cdproto v0.0.0-20200424080200-0de008e41fa0/go.mod h1:PfAWWKJqjlGFYJEidUM6aVIWPr0EpobeyVWEEmplX7g=
 github.com/chromedp/chromedp v0.5.3/go.mod h1:YLdPtndaHQ4rCpSpBG+IPpy9JvX0VD+7aaLxYgYj28w=
@@ -390,20 +329,18 @@ github.com/cilium/ebpf v0.0.0-20200110133405-4032b1d8aae3/go.mod h1:MA5e5Lr8slmE
 github.com/cilium/ebpf v0.0.0-20200702112145-1c8d4c9ef775/go.mod h1:7cR51M8ViRLIdUjrmSXlK9pkrsDlLHbO8jiB8X8JnOc=
 github.com/cilium/ebpf v0.2.0/go.mod h1:To2CFviqOWL/M0gIMsvSMlqe7em/l1ALkX1PyjrX2Qs=
 github.com/cilium/ebpf v0.4.0/go.mod h1:4tRaxcgiL706VnOzHOdBlY8IEAIdxINsQBcU4xJJXRs=
+github.com/cilium/ebpf v0.6.2/go.mod h1:4tRaxcgiL706VnOzHOdBlY8IEAIdxINsQBcU4xJJXRs=
 github.com/circonus-labs/circonus-gometrics v2.3.1+incompatible/go.mod h1:nmEj6Dob7S7YxXgwXpfOuvO54S+tGdZdw9fuRZt25Ag=
 github.com/circonus-labs/circonusllhist v0.1.3/go.mod h1:kMXHVDlOchFAehlya5ePtbp5jckzBHf4XRpQvBOLI+I=
 github.com/clbanning/mxj v1.8.4/go.mod h1:BVjHeAH+rl9rs6f+QIpeRl0tfu10SXn1pUSa5PVGJng=
 github.com/clbanning/x2j v0.0.0-20191024224557-825249438eec/go.mod h1:jMjuTZXRI4dUb/I5gc9Hdhagfvm9+RyrPryS/auMzxE=
-github.com/cncf/udpa/go v0.0.0-20191209042840-269d4d468f6f/go.mod h1:M8M6+tZqaGXZJjfX53e64911xZQV5JYwmTeXPW+k8Sc=
-github.com/cncf/xds/go v0.0.0-20210312221358-fbca930ec8ed h1:OZmjad4L3H8ncOIR8rnb5MREYqG8ixi5+WbeUsquF0c=
-github.com/cncf/xds/go v0.0.0-20210312221358-fbca930ec8ed/go.mod h1:eXthEFrGJvWHgFFCl3hGmgk+/aYT6PnTQLykKQRLhEs=
+github.com/cncf/udpa/go v0.0.0-20201120205902-5459f2c99403 h1:cqQfy1jclcSy/FwLjemeg3SR1yaINm74aQyupQ0Bl8M=
+github.com/cncf/udpa/go v0.0.0-20201120205902-5459f2c99403/go.mod h1:WmhPx2Nbnhtbo57+VJT5O0JRkEi1Wbu0z5j0R8u5Hbk=
+github.com/cncf/xds/go v0.0.0-20211001041855-01bcc9b48dfe h1:QJDJubh0OEcpeGjC7/8uF9tt4e39U/Ya1uyK+itnNPQ=
+github.com/cncf/xds/go v0.0.0-20211001041855-01bcc9b48dfe/go.mod h1:eXthEFrGJvWHgFFCl3hGmgk+/aYT6PnTQLykKQRLhEs=
 github.com/cockroachdb/apd v1.1.0/go.mod h1:8Sl8LxpKi29FqWXR16WEFZRNSz3SoPzUzeMeY4+DwBQ=
 github.com/cockroachdb/cockroach-go v0.0.0-20181001143604-e0a95dfd547c/go.mod h1:XGLbWH/ujMcbPbhZq52Nv6UrCghb1yGn//133kEsvDk=
-github.com/cockroachdb/datadriven v0.0.0-20190531201743-edce55837238/go.mod h1:zn76sxSg3SzpJ0PPJaLDCu+Bu0Lg3sKTORVIj19EIF8=
 github.com/cockroachdb/datadriven v0.0.0-20190809214429-80d97fb3cbaa/go.mod h1:zn76sxSg3SzpJ0PPJaLDCu+Bu0Lg3sKTORVIj19EIF8=
-github.com/cockroachdb/datadriven v0.0.0-20200714090401-bf6692d28da5/go.mod h1:h6jFvWxBdQXxjopDMZyH2UVceIRfR84bdzbkoKrsWNo=
-github.com/cockroachdb/errors v1.2.4/go.mod h1:rQD95gz6FARkaKkQXUksEje/d9a6wBJoCr5oaCLELYA=
-github.com/cockroachdb/logtags v0.0.0-20190617123548-eb05cc24525f/go.mod h1:i/u985jwjWRlyHXQbwatDASoW0RMlZ/3i9yJHE2xLkI=
 github.com/codahale/hdrhistogram v0.0.0-20161010025455-3a0bb77429bd/go.mod h1:sE/e/2PUdi/liOCUjSTXgM1o87ZssimdTWN964YiIeI=
 github.com/containerd/aufs v0.0.0-20200908144142-dab0cbea06f4/go.mod h1:nukgQABAEopAHvB6j7cnP5zJ+/3aVcE7hCYqvIwAHyE=
 github.com/containerd/aufs v0.0.0-20201003224125-76a6863f2989/go.mod h1:AkGGQs9NM2vtYHaUen+NljV0/baGCAPELGm2q9ZXpWU=
@@ -430,7 +367,6 @@ github.com/containerd/containerd v1.3.0-beta.2.0.20190828155532-0293cbd26c69/go.
 github.com/containerd/containerd v1.3.0/go.mod h1:bC6axHOhabU15QhwfG7w5PipXdVtMXFTttgp+kVtyUA=
 github.com/containerd/containerd v1.3.1-0.20191213020239-082f7e3aed57/go.mod h1:bC6axHOhabU15QhwfG7w5PipXdVtMXFTttgp+kVtyUA=
 github.com/containerd/containerd v1.3.2/go.mod h1:bC6axHOhabU15QhwfG7w5PipXdVtMXFTttgp+kVtyUA=
-github.com/containerd/containerd v1.3.4/go.mod h1:bC6axHOhabU15QhwfG7w5PipXdVtMXFTttgp+kVtyUA=
 github.com/containerd/containerd v1.4.0-beta.2.0.20200729163537-40b22ef07410/go.mod h1:bC6axHOhabU15QhwfG7w5PipXdVtMXFTttgp+kVtyUA=
 github.com/containerd/containerd v1.4.1/go.mod h1:bC6axHOhabU15QhwfG7w5PipXdVtMXFTttgp+kVtyUA=
 github.com/containerd/containerd v1.4.3/go.mod h1:bC6axHOhabU15QhwfG7w5PipXdVtMXFTttgp+kVtyUA=
@@ -439,9 +375,8 @@ github.com/containerd/containerd v1.5.0-beta.3/go.mod h1:/wr9AVtEM7x9c+n0+stptlo
 github.com/containerd/containerd v1.5.0-beta.4/go.mod h1:GmdgZd2zA2GYIBZ0w09ZvgqEq8EfBp/m3lcVZIvPHhI=
 github.com/containerd/containerd v1.5.0-rc.0/go.mod h1:V/IXoMqNGgBlabz3tHD2TWDoTJseu1FGOKuoA4nNb2s=
 github.com/containerd/containerd v1.5.1/go.mod h1:0DOxVqwDy2iZvrZp2JUx/E+hS0UNTVn7dJnIOwtYR4g=
-github.com/containerd/containerd v1.5.3/go.mod h1:sx18RgvW6ABJ4iYUw7Q5x7bgFOAB9B6G7+yO0XBc4zw=
-github.com/containerd/containerd v1.5.4 h1:uPF0og3ByFzDnaStfiQj3fVGTEtaSNyU+bW7GR/nqGA=
-github.com/containerd/containerd v1.5.4/go.mod h1:sx18RgvW6ABJ4iYUw7Q5x7bgFOAB9B6G7+yO0XBc4zw=
+github.com/containerd/containerd v1.5.7 h1:rQyoYtj4KddB3bxG6SAqd4+08gePNyJjRqvOIfV3rkM=
+github.com/containerd/containerd v1.5.7/go.mod h1:gyvv6+ugqY25TiXxcZC3L5yOeYgEw0QMhscqVp1AR9c=
 github.com/containerd/continuity v0.0.0-20190426062206-aaeac12a7ffc/go.mod h1:GL3xCUCBDV3CZiTSEKksMWbLE66hEyuu9qyDOOqM47Y=
 github.com/containerd/continuity v0.0.0-20190815185530-f2a389ac0a02/go.mod h1:GL3xCUCBDV3CZiTSEKksMWbLE66hEyuu9qyDOOqM47Y=
 github.com/containerd/continuity v0.0.0-20191127005431-f65d91d395eb/go.mod h1:GL3xCUCBDV3CZiTSEKksMWbLE66hEyuu9qyDOOqM47Y=
@@ -493,7 +428,6 @@ github.com/containers/ocicrypt v1.1.0/go.mod h1:b8AOe0YR67uU8OqfVNcznfFpAzu3rdgU
 github.com/containers/ocicrypt v1.1.1/go.mod h1:Dm55fwWm1YZAjYRaJ94z2mfZikIyIN4B0oB3dj3jFxY=
 github.com/coreos/bbolt v1.3.2/go.mod h1:iRUV2dpdMOn7Bo10OQBFzIJO9kkE559Wcmn+qkEiiKk=
 github.com/coreos/etcd v3.3.10+incompatible/go.mod h1:uF7uidLiAD3TWHmW31ZFd/JWoc32PjwdhPthX9715RE=
-github.com/coreos/etcd v3.3.13+incompatible/go.mod h1:uF7uidLiAD3TWHmW31ZFd/JWoc32PjwdhPthX9715RE=
 github.com/coreos/etcd v3.3.25+incompatible h1:0GQEw6h3YnuOVdtwygkIfJ+Omx0tZ8/QkVyXI4LkbeY=
 github.com/coreos/etcd v3.3.25+incompatible/go.mod h1:uF7uidLiAD3TWHmW31ZFd/JWoc32PjwdhPthX9715RE=
 github.com/coreos/go-etcd v2.0.0+incompatible/go.mod h1:Jez6KQU2B/sWsbdaef3ED8NzMklzPG4d5KIOhIy30Tk=
@@ -505,7 +439,6 @@ github.com/coreos/go-semver v0.3.0 h1:wkHLiw0WNATZnSG7epLsujiMCgPAc9xhjJ4tgnAxmf
 github.com/coreos/go-semver v0.3.0/go.mod h1:nnelYz7RCh+5ahJtPPxZlU+153eP4D4r3EedlOD2RNk=
 github.com/coreos/go-systemd v0.0.0-20161114122254-48702e0da86b/go.mod h1:F5haX7vjVVG0kc13fIWeqUViNPyEJxv/OmvnBo0Yme4=
 github.com/coreos/go-systemd v0.0.0-20180511133405-39ca1b05acc7/go.mod h1:F5haX7vjVVG0kc13fIWeqUViNPyEJxv/OmvnBo0Yme4=
-github.com/coreos/go-systemd v0.0.0-20181012123002-c6f51f82210d/go.mod h1:F5haX7vjVVG0kc13fIWeqUViNPyEJxv/OmvnBo0Yme4=
 github.com/coreos/go-systemd v0.0.0-20190321100706-95778dfbb74e/go.mod h1:F5haX7vjVVG0kc13fIWeqUViNPyEJxv/OmvnBo0Yme4=
 github.com/coreos/go-systemd v0.0.0-20191104093116-d3cd4ed1dbcf h1:iW4rZ826su+pqaw19uhpSCzhj44qo35pNgKFGqzDKkU=
 github.com/coreos/go-systemd v0.0.0-20191104093116-d3cd4ed1dbcf/go.mod h1:F5haX7vjVVG0kc13fIWeqUViNPyEJxv/OmvnBo0Yme4=
@@ -516,19 +449,9 @@ github.com/coreos/go-systemd/v22 v22.3.2/go.mod h1:Y58oyj3AT4RCenI/lSvhwexgC+NSV
 github.com/coreos/pkg v0.0.0-20160727233714-3ac0863d7acf/go.mod h1:E3G3o1h8I7cfcXa63jLwjI0eiQQMgzzUDFVpN/nH/eA=
 github.com/coreos/pkg v0.0.0-20180928190104-399ea9e2e55f h1:lBNOc5arjvs8E5mO2tbpBpLoyyu8B6e44T7hJy6potg=
 github.com/coreos/pkg v0.0.0-20180928190104-399ea9e2e55f/go.mod h1:E3G3o1h8I7cfcXa63jLwjI0eiQQMgzzUDFVpN/nH/eA=
-github.com/cortexproject/cortex v0.6.1-0.20200228110116-92ab6cbe0995/go.mod h1:3Xa3DjJxtpXqxcMGdk850lcIRb81M0fyY1MQ6udY134=
-github.com/cortexproject/cortex v1.2.1-0.20200805064754-d8edc95e2c91/go.mod h1:PVPxNLrxKH+yc8asaJOxuz7TiRmMizFfnSMOnRzM6oM=
-github.com/cortexproject/cortex v1.3.1-0.20200923145333-8587ea61fe17/go.mod h1:dJ9gpW7dzQ7z09cKtNN9PfebumgyO4dtNdFQ6eQEed0=
-github.com/cortexproject/cortex v1.4.1-0.20201030080541-83ad6df2abea/go.mod h1:kXo5F3jlF7Ky3+I31jt/bXTzOlQjl2X/vGDpy0RY1gU=
-github.com/cortexproject/cortex v1.5.1-0.20201111110551-ba512881b076/go.mod h1:zFBGVsvRBfVp6ARXZ7pmiLaGlbjda5ZnA4Y6qSJyrQg=
-github.com/cortexproject/cortex v1.6.1-0.20210108144208-6c2dab103f20/go.mod h1:fOsaeeFSyWrjd9nFJO8KVUpsikcxnYsjEzQyjURBoQk=
-github.com/cortexproject/cortex v1.6.1-0.20210215155036-dfededd9f331/go.mod h1:8bRHNDawVx8te5lIqJ+/AcNTyfosYNC34Qah7+jX/8c=
-github.com/cortexproject/cortex v1.7.1-0.20210224085859-66d6fb5b0d42/go.mod h1:u2dxcHInYbe45wxhLoWVdlFJyDhXewsMcxtnbq/QbH4=
-github.com/cortexproject/cortex v1.7.1-0.20210316085356-3fedc1108a49/go.mod h1:/DBOW8TzYBTE/U+O7Whs7i7E2eeeZl1iRVDtIqxn5kg=
-github.com/cortexproject/cortex v1.8.1-0.20210422151339-cf1c444e0905/go.mod h1:xxm4/CLvTmDxwE7yXwtClR4dIvkG4S09o5DygPOgc1U=
-github.com/cortexproject/cortex v1.10.1-0.20210820081236-70dddb6b70b8/go.mod h1:F8PX2IHaeFvqCci46Y+fhskJkCtLvh0OqCKFtWyjP7w=
-github.com/cortexproject/cortex v1.10.1-0.20211104100946-3f329a21cad4 h1:UmeSnQx9LDkclyvdwg+JdPT0ZJBDPetgLMGOUQSEHL0=
-github.com/cortexproject/cortex v1.10.1-0.20211104100946-3f329a21cad4/go.mod h1:ce+HHGktmHrcpBNN1dV6q1MksC38KR2s6BKZwiQTYyc=
+github.com/cortexproject/cortex v1.10.1-0.20211124141505-4e9fc3a2b5ab/go.mod h1:njSBkQ1wUNx9X4knV/j65Pi4ItlJXX4QwXRKoMflJd8=
+github.com/cortexproject/cortex v1.10.1-0.20211214110443-07d6cfc4eb84 h1:hWWucked7CXd1ySo4OaZttwGJST57fq/g9FNsLgotlY=
+github.com/cortexproject/cortex v1.10.1-0.20211214110443-07d6cfc4eb84/go.mod h1:YVKUfeEvo1Nm9xd3LTU6+Rl9u9jglFP/bUPMFy7I+OA=
 github.com/cpuguy83/go-md2man v1.0.10/go.mod h1:SmD6nW6nTyfqj6ABTjUi3V3JVMnlJmwcJI5acqYI6dE=
 github.com/cpuguy83/go-md2man/v2 v2.0.0-20190314233015-f79a8a8ca69d/go.mod h1:maD7wRr/U5Z6m/iR4s+kqSMx2CaBsrgA7czyZG/E6dU=
 github.com/cpuguy83/go-md2man/v2 v2.0.0/go.mod h1:maD7wRr/U5Z6m/iR4s+kqSMx2CaBsrgA7czyZG/E6dU=
@@ -556,14 +479,12 @@ github.com/d2g/dhcp4client v1.0.0/go.mod h1:j0hNfjhrt2SxUOw55nL0ATM/z4Yt3t2Kd1mW
 github.com/d2g/dhcp4server v0.0.0-20181031114812-7d4a0a7f59a5/go.mod h1:Eo87+Kg/IX2hfWJfwxMzLyuSZyxSoAug2nGa1G2QAi8=
 github.com/d2g/hardwareaddr v0.0.0-20190221164911-e7d9fbe030e4/go.mod h1:bMl4RjIciD2oAxI7DmWRx6gbeqrkoLqv3MV0vzNad+I=
 github.com/dave/jennifer v1.2.0/go.mod h1:fIb+770HOpJ2fmN9EPPKOqm1vMGhB+TwXKMZhrIygKg=
-github.com/davecgh/go-spew v0.0.0-20151105211317-5215b55f46b2/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
 github.com/davecgh/go-spew v0.0.0-20161028175848-04cdfd42973b/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
 github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
 github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c=
 github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
 github.com/deepmap/oapi-codegen v1.6.0/go.mod h1:ryDa9AgbELGeB+YEXE1dR53yAjHwFvE9iAUlWl9Al3M=
 github.com/denisenkom/go-mssqldb v0.0.0-20190515213511-eb9f6a1743f3/go.mod h1:zAg7JM8CkOJ43xKXIj7eRO9kmWm/TW578qo+oDO6tuM=
-github.com/denisenkom/go-mssqldb v0.0.0-20200428022330-06a60b6afbbc/go.mod h1:xbL0rPBG9cCiLr28tMa8zpbdarY27NDyej4t/EjAShU=
 github.com/denisenkom/go-mssqldb v0.10.0/go.mod h1:xbL0rPBG9cCiLr28tMa8zpbdarY27NDyej4t/EjAShU=
 github.com/dennwc/varint v1.0.0 h1:kGNFFSSw8ToIy3obO/kKr8U9GZYUAxQEVuix4zfDWzE=
 github.com/dennwc/varint v1.0.0/go.mod h1:hnItb35rvZvJrbTALZtY/iQfDs48JKRG1RPpgziApxA=
@@ -572,7 +493,6 @@ github.com/dgraph-io/badger/v3 v3.2103.2/go.mod h1:RHo4/GmYcKKh5Lxu63wLEMHJ70Pac
 github.com/dgraph-io/ristretto v0.1.0/go.mod h1:fux0lOrBhrVCJd3lcTHsIJhq1T2rokOu6v9Vcb3Q9ug=
 github.com/dgrijalva/jwt-go v0.0.0-20170104182250-a601269ab70c/go.mod h1:E3ru+11k8xSBh+hMPgOLZmtrrCbhqsmaPHjLKYnJCaQ=
 github.com/dgrijalva/jwt-go v3.2.0+incompatible/go.mod h1:E3ru+11k8xSBh+hMPgOLZmtrrCbhqsmaPHjLKYnJCaQ=
-github.com/dgrijalva/jwt-go/v4 v4.0.0-preview1/go.mod h1:+hnT3ywWDTAFrW5aE+u2Sa/wT555ZqwoCS+pk3p6ry4=
 github.com/dgryski/go-bitstream v0.0.0-20180413035011-3522498ce2c8/go.mod h1:VMaSuZ+SZcx/wljOQKvp5srsbCiKDEb6K2wC4+PiBmQ=
 github.com/dgryski/go-farm v0.0.0-20190423205320-6a90982ecee2/go.mod h1:SqUrOPUnsFjfmXRMNPybcSiG0BgUW2AuFH8PAnS2iTw=
 github.com/dgryski/go-rendezvous v0.0.0-20200823014737-9f7001d12a5f h1:lO4WD4F/rVNCu3HqELle0jiPLLBs70cWOduZpkS1E78=
@@ -582,18 +502,8 @@ github.com/dgryski/go-sip13 v0.0.0-20190329191031-25c5027a8c7b/go.mod h1:vAd38F8
 github.com/dgryski/go-sip13 v0.0.0-20200911182023-62edffca9245/go.mod h1:vAd38F8PWV+bWy6jNmig1y/TA+kYO4g3RSRF0IAv0no=
 github.com/dhui/dktest v0.3.0 h1:kwX5a7EkLcjo7VpsPQSYJcKGbXBXdjI9FGjuUj1jn6I=
 github.com/dhui/dktest v0.3.0/go.mod h1:cyzIUfGsBEbZ6BT7tnXqAShHSXCZhSNmFl70sZ7c1yc=
-github.com/digitalocean/godo v1.37.0/go.mod h1:p7dOjjtSBqCTUksqtA5Fd3uaKs9kyTq2xcz76ulEJRU=
-github.com/digitalocean/godo v1.38.0/go.mod h1:p7dOjjtSBqCTUksqtA5Fd3uaKs9kyTq2xcz76ulEJRU=
-github.com/digitalocean/godo v1.42.0/go.mod h1:p7dOjjtSBqCTUksqtA5Fd3uaKs9kyTq2xcz76ulEJRU=
-github.com/digitalocean/godo v1.42.1/go.mod h1:p7dOjjtSBqCTUksqtA5Fd3uaKs9kyTq2xcz76ulEJRU=
-github.com/digitalocean/godo v1.46.0/go.mod h1:p7dOjjtSBqCTUksqtA5Fd3uaKs9kyTq2xcz76ulEJRU=
-github.com/digitalocean/godo v1.52.0/go.mod h1:p7dOjjtSBqCTUksqtA5Fd3uaKs9kyTq2xcz76ulEJRU=
-github.com/digitalocean/godo v1.57.0/go.mod h1:p7dOjjtSBqCTUksqtA5Fd3uaKs9kyTq2xcz76ulEJRU=
-github.com/digitalocean/godo v1.58.0/go.mod h1:p7dOjjtSBqCTUksqtA5Fd3uaKs9kyTq2xcz76ulEJRU=
-github.com/digitalocean/godo v1.60.0/go.mod h1:p7dOjjtSBqCTUksqtA5Fd3uaKs9kyTq2xcz76ulEJRU=
-github.com/digitalocean/godo v1.62.0/go.mod h1:p7dOjjtSBqCTUksqtA5Fd3uaKs9kyTq2xcz76ulEJRU=
-github.com/digitalocean/godo v1.65.0 h1:3SywGJBC18HaYtPQF+T36jYzXBi+a6eIMonSjDll7TA=
-github.com/digitalocean/godo v1.65.0/go.mod h1:p7dOjjtSBqCTUksqtA5Fd3uaKs9kyTq2xcz76ulEJRU=
+github.com/digitalocean/godo v1.71.0 h1:a4UZCG1kr8eQ3MmsGoPzcAwkEtJG2Lc7eelzEkfZwtA=
+github.com/digitalocean/godo v1.71.0/go.mod h1:GBmu8MkjZmNARE7IXRPmkbbnocNN8+uBm0xbEVw2LCs=
 github.com/dimchansky/utfbom v1.1.0/go.mod h1:rO41eb7gLfo8SF1jd9F8HplJm1Fewwi4mQvIirEdv+8=
 github.com/dimchansky/utfbom v1.1.1 h1:vV6w1AhK4VMnhBno/TPVCoK9U/LP0PkLCS9tbxHdi/U=
 github.com/dimchansky/utfbom v1.1.1/go.mod h1:SxdoEBH5qIqFocHMyGOXVAybYJdr71b1Q/j0mACtrfE=
@@ -605,13 +515,8 @@ github.com/docker/distribution v2.7.1+incompatible h1:a5mlkVzth6W5A4fOsS3D2EO5BU
 github.com/docker/distribution v2.7.1+incompatible/go.mod h1:J2gT2udsDAN96Uj4KfcMRqY0/ypR+oyYUYmja8H+y+w=
 github.com/docker/docker v0.7.3-0.20190103212154-2b7e084dc98b/go.mod h1:eEKB0N0r5NX/I1kEveEz05bcu8tLC/8azJZsviup8Sk=
 github.com/docker/docker v0.7.3-0.20190817195342-4760db040282/go.mod h1:eEKB0N0r5NX/I1kEveEz05bcu8tLC/8azJZsviup8Sk=
-github.com/docker/docker v17.12.0-ce-rc1.0.20200706150819-a40b877fbb9e+incompatible/go.mod h1:eEKB0N0r5NX/I1kEveEz05bcu8tLC/8azJZsviup8Sk=
-github.com/docker/docker v20.10.3+incompatible/go.mod h1:eEKB0N0r5NX/I1kEveEz05bcu8tLC/8azJZsviup8Sk=
-github.com/docker/docker v20.10.5+incompatible/go.mod h1:eEKB0N0r5NX/I1kEveEz05bcu8tLC/8azJZsviup8Sk=
-github.com/docker/docker v20.10.6+incompatible/go.mod h1:eEKB0N0r5NX/I1kEveEz05bcu8tLC/8azJZsviup8Sk=
-github.com/docker/docker v20.10.7+incompatible/go.mod h1:eEKB0N0r5NX/I1kEveEz05bcu8tLC/8azJZsviup8Sk=
-github.com/docker/docker v20.10.8+incompatible h1:RVqD337BgQicVCzYrrlhLDWhq6OAD2PJDUg2LsEUvKM=
-github.com/docker/docker v20.10.8+incompatible/go.mod h1:eEKB0N0r5NX/I1kEveEz05bcu8tLC/8azJZsviup8Sk=
+github.com/docker/docker v20.10.10+incompatible h1:GKkP0T7U4ks6X3lmmHKC2QDprnpRJor2Z5a8m62R9ZM=
+github.com/docker/docker v20.10.10+incompatible/go.mod h1:eEKB0N0r5NX/I1kEveEz05bcu8tLC/8azJZsviup8Sk=
 github.com/docker/go-connections v0.4.0 h1:El9xVISelRB7BuFusrZozjnkIM5YnzCViNKohAFqRJQ=
 github.com/docker/go-connections v0.4.0/go.mod h1:Gbd7IOopHjR8Iph03tsViu4nIes5XhDvyHbTtUxmeec=
 github.com/docker/go-events v0.0.0-20170721190031-9461782956ad/go.mod h1:Uw6UezgYA44ePAFQYUehOuCzmy5zmg/+nl2ZfMWGkpA=
@@ -640,28 +545,27 @@ github.com/eclipse/paho.mqtt.golang v1.2.0/go.mod h1:H9keYFcgq3Qr5OUJm/JZI/i6U7j
 github.com/edsrzf/mmap-go v0.0.0-20170320065105-0bce6a688712/go.mod h1:YO35OhQPt3KJa3ryjFM5Bs14WD66h8eGKpfaBNrHW5M=
 github.com/edsrzf/mmap-go v1.0.0 h1:CEBF7HpRnUCSJgGUb5h1Gm7e3VkmVDrR8lvWVLtrOFw=
 github.com/edsrzf/mmap-go v1.0.0/go.mod h1:YO35OhQPt3KJa3ryjFM5Bs14WD66h8eGKpfaBNrHW5M=
-github.com/efficientgo/e2e v0.11.1-0.20210829161758-f4cc6dbdc6ea/go.mod h1:vDnF4AAEZmO0mvyFIATeDJPFaSRM7ywaOnKd61zaSoE=
+github.com/efficientgo/e2e v0.11.2-0.20211027134903-67d538984a47 h1:k0qDUhOU0KJqKztQYJL1qMBR9nCOntuIRWYwA56Z634=
+github.com/efficientgo/e2e v0.11.2-0.20211027134903-67d538984a47/go.mod h1:vDnF4AAEZmO0mvyFIATeDJPFaSRM7ywaOnKd61zaSoE=
 github.com/efficientgo/tools/core v0.0.0-20210129205121-421d0828c9a6/go.mod h1:OmVcnJopJL8d3X3sSXTiypGoUSgFq1aDGmlrdi9dn/M=
+github.com/efficientgo/tools/core v0.0.0-20210829154005-c7bad8450208 h1:jIALuFymwBqVsF32JhgzVsbCB6QsWvXqhetn8QgyrZ4=
+github.com/efficientgo/tools/core v0.0.0-20210829154005-c7bad8450208/go.mod h1:OmVcnJopJL8d3X3sSXTiypGoUSgFq1aDGmlrdi9dn/M=
 github.com/efficientgo/tools/extkingpin v0.0.0-20210609125236-d73259166f20 h1:kM/ALyvAnTrwSB+nlKqoKaDnZbInp1YImZvW+gtHwc8=
 github.com/efficientgo/tools/extkingpin v0.0.0-20210609125236-d73259166f20/go.mod h1:ZV0utlglOczUWv3ih2AbqPSoLoFzdplUYxwV62eZi6Q=
-github.com/elastic/go-sysinfo v1.0.1/go.mod h1:O/D5m1VpYLwGjCYzEt63g3Z1uO3jXfwyzzjiW90t8cY=
 github.com/elastic/go-sysinfo v1.1.1/go.mod h1:i1ZYdU10oLNfRzq4vq62BEwD2fH8KaWh6eh0ikPT9F0=
 github.com/elastic/go-windows v1.0.0/go.mod h1:TsU0Nrp7/y3+VwE82FoZF8gC/XFg/Elz6CcloAxnPgU=
-github.com/elastic/go-windows v1.0.1/go.mod h1:FoVvqWSun28vaDQPbj2Elfc0JahhPB7WQEGa3c814Ss=
 github.com/elazarl/goproxy v0.0.0-20170405201442-c4fc26588b6e/go.mod h1:/Zj4wYkgs4iZTTu3o/KG3Itv/qCCa8VVMlb3i9OVuzc=
 github.com/elazarl/goproxy v0.0.0-20180725130230-947c36da3153/go.mod h1:/Zj4wYkgs4iZTTu3o/KG3Itv/qCCa8VVMlb3i9OVuzc=
 github.com/ema/qdisc v0.0.0-20190904071900-b82c76788043/go.mod h1:ix4kG2zvdUd8kEKSW0ZTr1XLks0epFpI4j745DXxlNE=
 github.com/emicklei/go-restful v0.0.0-20170410110728-ff4f55a20633/go.mod h1:otzb+WCGbkyDHkqmQmT5YD2WR4BBwUdeQoFo8l/7tVs=
 github.com/emicklei/go-restful v2.9.5+incompatible/go.mod h1:otzb+WCGbkyDHkqmQmT5YD2WR4BBwUdeQoFo8l/7tVs=
-github.com/envoyproxy/go-control-plane v0.9.4/go.mod h1:6rpuAdCZL397s3pYoYcLgu1mIlRU8Am5FuJP05cCM98=
-github.com/envoyproxy/go-control-plane v0.9.9 h1:vQLjymTobffN2R0F8eTqw6q7iozfRO5Z0m+/4Vw+/uA=
-github.com/envoyproxy/go-control-plane v0.9.9/go.mod h1:hliV/p42l8fGbc6Y9bQ70uLwIvmJyVE5k4iMKlh8wCQ=
+github.com/envoyproxy/go-control-plane v0.9.9-0.20210217033140-668b12f5399d/go.mod h1:cXg6YxExXjJnVBQHBLXeUAgxn2UodCpnH306RInaBQk=
+github.com/envoyproxy/go-control-plane v0.10.1 h1:cgDRLG7bs59Zd+apAWuzLQL95obVYAymNJek76W3mgw=
+github.com/envoyproxy/go-control-plane v0.10.1/go.mod h1:AY7fTTXNdv/aJ2O5jwpxAPOWUZ7hQAEvzN5Pf27BkQQ=
 github.com/envoyproxy/protoc-gen-validate v0.1.0/go.mod h1:iSmxcyjqTsJpI2R4NaDN7+kN2VEUnK/pcBlmesArF7c=
-github.com/envoyproxy/protoc-gen-validate v0.6.1 h1:4CF52PCseTFt4bE+Yk3dIpdVi7XWuPVMhPtm4FaIJPM=
-github.com/envoyproxy/protoc-gen-validate v0.6.1/go.mod h1:txg5va2Qkip90uYoSKH+nkAAmXrb2j3iq4FLwdrCbXQ=
-github.com/evanphx/json-patch v0.0.0-20200808040245-162e5629780b/go.mod h1:NAJj0yf/KaRKURN6nyi7A9IZydMivZEm9oQLWNjfKDc=
+github.com/envoyproxy/protoc-gen-validate v0.6.2 h1:JiO+kJTpmYGjEodY7O1Zk8oZcNz1+f30UtwtXoFUPzE=
+github.com/envoyproxy/protoc-gen-validate v0.6.2/go.mod h1:2t7qjJNvHPx8IjnBOzl9E9/baC+qXE/TeeyBRzgJDws=
 github.com/evanphx/json-patch v4.2.0+incompatible/go.mod h1:50XU6AFN0ol/bzJsmQLiYLvXMP4fmwYFNcr97nuDLSk=
-github.com/evanphx/json-patch v4.5.0+incompatible/go.mod h1:50XU6AFN0ol/bzJsmQLiYLvXMP4fmwYFNcr97nuDLSk=
 github.com/evanphx/json-patch v4.9.0+incompatible/go.mod h1:50XU6AFN0ol/bzJsmQLiYLvXMP4fmwYFNcr97nuDLSk=
 github.com/evanphx/json-patch v4.11.0+incompatible/go.mod h1:50XU6AFN0ol/bzJsmQLiYLvXMP4fmwYFNcr97nuDLSk=
 github.com/facette/natsort v0.0.0-20181210072756-2cd4dd1e2dcb h1:IT4JYU7k4ikYg1SCxNI1/Tieq/NFvh6dzLdgi7eu0tM=
@@ -679,7 +583,6 @@ github.com/felixge/httpsnoop v1.0.2 h1:+nS9g82KMXccJ/wp0zyRW9ZBHFETmMGtkk+2CTTrW
 github.com/felixge/httpsnoop v1.0.2/go.mod h1:m8KPJKqk1gH5J9DgRY2ASl2lWCfGKXixSwevea8zH2U=
 github.com/fogleman/gg v1.2.1-0.20190220221249-0403632d5b90/go.mod h1:R/bRT+9gY/C5z7JzPU0zXsXHKM4/ayA+zqcVNZzPa1k=
 github.com/form3tech-oss/jwt-go v3.2.2+incompatible/go.mod h1:pbq4aXjuKjdthFRnoDwaVPLA+WlJuPGy+QneDUgJi2k=
-github.com/form3tech-oss/jwt-go v3.2.3+incompatible/go.mod h1:pbq4aXjuKjdthFRnoDwaVPLA+WlJuPGy+QneDUgJi2k=
 github.com/fortytw2/leaktest v1.3.0 h1:u8491cBMTQ8ft8aeV+adlcytMZylmA5nnwwkRZjI8vw=
 github.com/fortytw2/leaktest v1.3.0/go.mod h1:jDsjWgpAGjm2CA7WthBh/CdZYEPF31XHquHwclZch5g=
 github.com/foxcpp/go-mockdns v0.0.0-20201212160233-ede2f9158d15/go.mod h1:tPg4cp4nseejPd+UKxtCVQ2hUxNTZ7qQZJa7CLriIeo=
@@ -702,7 +605,6 @@ github.com/garyburd/redigo v0.0.0-20150301180006-535138d7bcd7/go.mod h1:NR3MbYis
 github.com/gdamore/encoding v1.0.0/go.mod h1:alR0ol34c49FCSBLjhosxzcPHQbf2trDkoo5dl+VrEg=
 github.com/gdamore/tcell v1.3.0/go.mod h1:Hjvr+Ofd+gLglo7RYKxxnzCBmev3BzsS67MebKS4zMM=
 github.com/getkin/kin-openapi v0.53.0/go.mod h1:7Yn5whZr5kJi6t+kShccXS8ae1APpYTW6yheSwk8Yi4=
-github.com/getsentry/raven-go v0.2.0/go.mod h1:KungGk8q33+aIAZUIVWZDr2OfAEBsO49PX4NzFV5kcQ=
 github.com/ghodss/yaml v0.0.0-20150909031657-73d445a93680/go.mod h1:4dBDuWmgqj2HViK6kFavaiC9ZROes6MMH2rRYeMEF04=
 github.com/ghodss/yaml v1.0.0/go.mod h1:4dBDuWmgqj2HViK6kFavaiC9ZROes6MMH2rRYeMEF04=
 github.com/gin-contrib/sse v0.1.0/go.mod h1:RHrZQHXnP2xjPF+u1gW/2HnVO7nvIa9PG3Gm+fLHvGI=
@@ -734,25 +636,23 @@ github.com/go-logfmt/logfmt v0.5.1 h1:otpy5pqBCBZ1ng9RQ0dPu4PN7ba75Y/aA+UpowDyNV
 github.com/go-logfmt/logfmt v0.5.1/go.mod h1:WYhtIu8zTZfxdn5+rREduYbwxfcBr/Vr6KEVveWlfTs=
 github.com/go-logr/logr v0.1.0/go.mod h1:ixOQHD9gLJUVQQ2ZOR7zLEifBX6tGkNJF4QyIY7sIas=
 github.com/go-logr/logr v0.2.0/go.mod h1:z6/tIYblkpsD+a4lm/fGIIU9mZ+XfAiaFtq7xTgseGU=
-github.com/go-logr/logr v0.4.0 h1:K7/B1jt6fIBQVd4Owv2MqGQClcgf0R266+7C/QjRcLc=
 github.com/go-logr/logr v0.4.0/go.mod h1:z6/tIYblkpsD+a4lm/fGIIU9mZ+XfAiaFtq7xTgseGU=
+github.com/go-logr/logr v1.0.0 h1:kH951GinvFVaQgy/ki/B3YYmQtRpExGigSJg6O8z5jo=
+github.com/go-logr/logr v1.0.0/go.mod h1:jdQByPbusPIv2/zmleS9BjJVeZ6kBagPoEUsqbVz/1A=
 github.com/go-ole/go-ole v1.2.5/go.mod h1:pprOEPIfldk/42T2oK7lQ4v4JSDwmV0As9GaiUsvbm0=
 github.com/go-ole/go-ole v1.2.6/go.mod h1:pprOEPIfldk/42T2oK7lQ4v4JSDwmV0As9GaiUsvbm0=
 github.com/go-openapi/analysis v0.0.0-20180825180245-b006789cd277/go.mod h1:k70tL6pCuVxPJOHXQ+wIac1FUrvNkHolPie/cLEU6hI=
 github.com/go-openapi/analysis v0.17.0/go.mod h1:IowGgpVeD0vNm45So8nr+IcQ3pxVtpRoBWb8PVZO0ik=
-github.com/go-openapi/analysis v0.17.2/go.mod h1:IowGgpVeD0vNm45So8nr+IcQ3pxVtpRoBWb8PVZO0ik=
 github.com/go-openapi/analysis v0.18.0/go.mod h1:IowGgpVeD0vNm45So8nr+IcQ3pxVtpRoBWb8PVZO0ik=
 github.com/go-openapi/analysis v0.19.2/go.mod h1:3P1osvZa9jKjb8ed2TPng3f0i/UY9snX6gxi44djMjk=
 github.com/go-openapi/analysis v0.19.4/go.mod h1:3P1osvZa9jKjb8ed2TPng3f0i/UY9snX6gxi44djMjk=
 github.com/go-openapi/analysis v0.19.5/go.mod h1:hkEAkxagaIvIP7VTn8ygJNkd4kAYON2rCu0v0ObL0AU=
 github.com/go-openapi/analysis v0.19.10/go.mod h1:qmhS3VNFxBlquFJ0RGoDtylO9y4pgTAUNE9AEEMdlJQ=
-github.com/go-openapi/analysis v0.19.14/go.mod h1:zN0kY6i38wo2LQOwltVyMk61bqlqOm86n1/Iszo8F8Y=
 github.com/go-openapi/analysis v0.19.16/go.mod h1:GLInF007N83Ad3m8a/CbQ5TPzdnGT7workfHwuVjNVk=
 github.com/go-openapi/analysis v0.20.0/go.mod h1:BMchjvaHDykmRMsK40iPtvyOfFdMMxlOmQr9FBZk+Og=
 github.com/go-openapi/analysis v0.20.1 h1:zdVbw8yoD4SWZeq+cWdGgquaB0W4VrsJvDJHJND/Ktc=
 github.com/go-openapi/analysis v0.20.1/go.mod h1:BMchjvaHDykmRMsK40iPtvyOfFdMMxlOmQr9FBZk+Og=
 github.com/go-openapi/errors v0.17.0/go.mod h1:LcZQpmvG4wyF5j4IhA73wkLFQg+QJXOQHVjmcZxhka0=
-github.com/go-openapi/errors v0.17.2/go.mod h1:LcZQpmvG4wyF5j4IhA73wkLFQg+QJXOQHVjmcZxhka0=
 github.com/go-openapi/errors v0.18.0/go.mod h1:LcZQpmvG4wyF5j4IhA73wkLFQg+QJXOQHVjmcZxhka0=
 github.com/go-openapi/errors v0.19.2/go.mod h1:qX0BLWsyaKfvhluLejVpVNwNRdXZhEbTA4kxxpKBC94=
 github.com/go-openapi/errors v0.19.3/go.mod h1:qX0BLWsyaKfvhluLejVpVNwNRdXZhEbTA4kxxpKBC94=
@@ -766,7 +666,6 @@ github.com/go-openapi/errors v0.20.1 h1:j23mMDtRxMwIobkpId7sWh7Ddcx4ivaoqUbfXx5P
 github.com/go-openapi/errors v0.20.1/go.mod h1:cM//ZKUKyO06HSwqAelJ5NsEMMcpa6VpXe8DOa1Mi1M=
 github.com/go-openapi/jsonpointer v0.0.0-20160704185906-46af16f9f7b1/go.mod h1:+35s3my2LFTysnkMfxsJBAMHj/DoqoB9knIWoYG/Vk0=
 github.com/go-openapi/jsonpointer v0.17.0/go.mod h1:cOnomiV+CVVwFLk0A/MExoFMjwdsUdVpsRhURCKh+3M=
-github.com/go-openapi/jsonpointer v0.17.2/go.mod h1:cOnomiV+CVVwFLk0A/MExoFMjwdsUdVpsRhURCKh+3M=
 github.com/go-openapi/jsonpointer v0.18.0/go.mod h1:cOnomiV+CVVwFLk0A/MExoFMjwdsUdVpsRhURCKh+3M=
 github.com/go-openapi/jsonpointer v0.19.2/go.mod h1:3akKfEdA7DF1sugOqz1dVQHBcuDBPKZGEoHC/NkiQRg=
 github.com/go-openapi/jsonpointer v0.19.3/go.mod h1:Pl9vOtqEWErmShwVjC8pYs9cog34VGT37dQOVbmoatg=
@@ -774,16 +673,13 @@ github.com/go-openapi/jsonpointer v0.19.5 h1:gZr+CIYByUqjcgeLXnQu2gHYQC9o73G2XUe
 github.com/go-openapi/jsonpointer v0.19.5/go.mod h1:Pl9vOtqEWErmShwVjC8pYs9cog34VGT37dQOVbmoatg=
 github.com/go-openapi/jsonreference v0.0.0-20160704190145-13c6e3589ad9/go.mod h1:W3Z9FmVs9qj+KR4zFKmDPGiLdk1D9Rlm7cyMvf57TTg=
 github.com/go-openapi/jsonreference v0.17.0/go.mod h1:g4xxGn04lDIRh0GJb5QlpE3HfopLOL6uZrK/VgnsK9I=
-github.com/go-openapi/jsonreference v0.17.2/go.mod h1:g4xxGn04lDIRh0GJb5QlpE3HfopLOL6uZrK/VgnsK9I=
 github.com/go-openapi/jsonreference v0.18.0/go.mod h1:g4xxGn04lDIRh0GJb5QlpE3HfopLOL6uZrK/VgnsK9I=
 github.com/go-openapi/jsonreference v0.19.2/go.mod h1:jMjeRr2HHw6nAVajTXJ4eiUwohSTlpa0o73RUL1owJc=
 github.com/go-openapi/jsonreference v0.19.3/go.mod h1:rjx6GuL8TTa9VaixXglHmQmIL98+wF9xc8zWvFonSJ8=
-github.com/go-openapi/jsonreference v0.19.4/go.mod h1:RdybgQwPxbL4UEjuAruzK1x3nE69AqPYEJeo/TWfEeg=
 github.com/go-openapi/jsonreference v0.19.5/go.mod h1:RdybgQwPxbL4UEjuAruzK1x3nE69AqPYEJeo/TWfEeg=
 github.com/go-openapi/jsonreference v0.19.6 h1:UBIxjkht+AWIgYzCDSv2GN+E/togfwXUJFRTWhl2Jjs=
 github.com/go-openapi/jsonreference v0.19.6/go.mod h1:diGHMEHg2IqXZGKxqyvWdfWU/aim5Dprw5bqpKkTvns=
 github.com/go-openapi/loads v0.17.0/go.mod h1:72tmFy5wsWx89uEVddd0RjRWPZm92WRLhf7AC+0+OOU=
-github.com/go-openapi/loads v0.17.2/go.mod h1:72tmFy5wsWx89uEVddd0RjRWPZm92WRLhf7AC+0+OOU=
 github.com/go-openapi/loads v0.18.0/go.mod h1:72tmFy5wsWx89uEVddd0RjRWPZm92WRLhf7AC+0+OOU=
 github.com/go-openapi/loads v0.19.0/go.mod h1:72tmFy5wsWx89uEVddd0RjRWPZm92WRLhf7AC+0+OOU=
 github.com/go-openapi/loads v0.19.2/go.mod h1:QAskZPMX5V0C2gvfkGZzJlINuP7Hx/4+ix5jWFxsNPs=
@@ -797,28 +693,22 @@ github.com/go-openapi/loads v0.20.2/go.mod h1:hTVUotJ+UonAMMZsvakEgmWKgtulweO9vY
 github.com/go-openapi/loads v0.21.0 h1:jYtUO4wwP7psAweisP/MDoOpdzsYEESdoPcsWjHDR68=
 github.com/go-openapi/loads v0.21.0/go.mod h1:rHYve9nZrQ4CJhyeIIFJINGCg1tQpx2yJrrNo8sf1ws=
 github.com/go-openapi/runtime v0.0.0-20180920151709-4f900dc2ade9/go.mod h1:6v9a6LTXWQCdL8k1AO3cvqx5OtZY/Y9wKTgaoP6YRfA=
-github.com/go-openapi/runtime v0.18.0/go.mod h1:uI6pHuxWYTy94zZxgcwJkUWa9wbIlhteGfloI10GD4U=
 github.com/go-openapi/runtime v0.19.0/go.mod h1:OwNfisksmmaZse4+gpV3Ne9AyMOlP1lt4sK4FXt0O64=
-github.com/go-openapi/runtime v0.19.3/go.mod h1:X277bwSUBxVlCYR3r7xgZZGKVvBd/29gLDlFGtJ8NL4=
 github.com/go-openapi/runtime v0.19.4/go.mod h1:X277bwSUBxVlCYR3r7xgZZGKVvBd/29gLDlFGtJ8NL4=
 github.com/go-openapi/runtime v0.19.15/go.mod h1:dhGWCTKRXlAfGnQG0ONViOZpjfg0m2gUt9nTQPQZuoo=
 github.com/go-openapi/runtime v0.19.16/go.mod h1:5P9104EJgYcizotuXhEuUrzVc+j1RiSjahULvYmlv98=
 github.com/go-openapi/runtime v0.19.24/go.mod h1:Lm9YGCeecBnUUkFTxPC4s1+lwrkJ0pthx8YvyjCfkgk=
-github.com/go-openapi/runtime v0.19.26/go.mod h1:BvrQtn6iVb2QmiVXRsFAm6ZCAZBpbVKFfN6QWCp582M=
-github.com/go-openapi/runtime v0.19.28/go.mod h1:BvrQtn6iVb2QmiVXRsFAm6ZCAZBpbVKFfN6QWCp582M=
 github.com/go-openapi/runtime v0.19.29/go.mod h1:BvrQtn6iVb2QmiVXRsFAm6ZCAZBpbVKFfN6QWCp582M=
 github.com/go-openapi/runtime v0.21.0 h1:giZ8eT26R+/rx6RX2MkYjZPY8vPYVKDhP/mOazrQHzM=
 github.com/go-openapi/runtime v0.21.0/go.mod h1:aQg+kaIQEn+A2CRSY1TxbM8+sT9g2V3aLc1FbIAnbbs=
 github.com/go-openapi/spec v0.0.0-20160808142527-6aced65f8501/go.mod h1:J8+jY1nAiCcj+friV/PDoE1/3eeccG9LYBs0tYvLOWc=
 github.com/go-openapi/spec v0.17.0/go.mod h1:XkF/MOi14NmjsfZ8VtAKf8pIlbZzyoTvZsdfssdxcBI=
-github.com/go-openapi/spec v0.17.2/go.mod h1:XkF/MOi14NmjsfZ8VtAKf8pIlbZzyoTvZsdfssdxcBI=
 github.com/go-openapi/spec v0.18.0/go.mod h1:XkF/MOi14NmjsfZ8VtAKf8pIlbZzyoTvZsdfssdxcBI=
 github.com/go-openapi/spec v0.19.2/go.mod h1:sCxk3jxKgioEJikev4fgkNmwS+3kuYdJtcsZsD5zxMY=
 github.com/go-openapi/spec v0.19.3/go.mod h1:FpwSN1ksY1eteniUU7X0N/BgJ7a4WvBFVA8Lj9mJglo=
 github.com/go-openapi/spec v0.19.6/go.mod h1:Hm2Jr4jv8G1ciIAo+frC/Ft+rR2kQDh8JHKHb3gWUSk=
 github.com/go-openapi/spec v0.19.7/go.mod h1:Hm2Jr4jv8G1ciIAo+frC/Ft+rR2kQDh8JHKHb3gWUSk=
 github.com/go-openapi/spec v0.19.8/go.mod h1:Hm2Jr4jv8G1ciIAo+frC/Ft+rR2kQDh8JHKHb3gWUSk=
-github.com/go-openapi/spec v0.19.14/go.mod h1:gwrgJS15eCUgjLpMjBJmbZezCsw88LmgeEip0M63doA=
 github.com/go-openapi/spec v0.19.15/go.mod h1:+81FIL1JwC5P3/Iuuozq3pPE9dXdIEGxFutcFKaVbmU=
 github.com/go-openapi/spec v0.20.0/go.mod h1:+81FIL1JwC5P3/Iuuozq3pPE9dXdIEGxFutcFKaVbmU=
 github.com/go-openapi/spec v0.20.1/go.mod h1:93x7oh+d+FQsmsieroS4cmR3u0p/ywH649a3qwC9OsQ=
@@ -826,7 +716,6 @@ github.com/go-openapi/spec v0.20.3/go.mod h1:gG4F8wdEDN+YPBMVnzE85Rbhf+Th2DTvA9n
 github.com/go-openapi/spec v0.20.4 h1:O8hJrt0UMnhHcluhIdUgCLRWyM2x7QkBXRvOs7m+O1M=
 github.com/go-openapi/spec v0.20.4/go.mod h1:faYFR1CvsJZ0mNsmsphTMSoRrNV3TEDoAM7FOEWeq8I=
 github.com/go-openapi/strfmt v0.17.0/go.mod h1:P82hnJI0CXkErkXi8IKjPbNBM6lV6+5pLP5l494TcyU=
-github.com/go-openapi/strfmt v0.17.2/go.mod h1:P82hnJI0CXkErkXi8IKjPbNBM6lV6+5pLP5l494TcyU=
 github.com/go-openapi/strfmt v0.18.0/go.mod h1:P82hnJI0CXkErkXi8IKjPbNBM6lV6+5pLP5l494TcyU=
 github.com/go-openapi/strfmt v0.19.0/go.mod h1:+uW+93UVvGGq2qGaZxdDeJqSAqBqBdl+ZPMF/cC8nDY=
 github.com/go-openapi/strfmt v0.19.2/go.mod h1:0yX7dbo8mKIvc3XSKp7MNfxw4JytCfCD6+bY1AVL9LU=
@@ -837,31 +726,27 @@ github.com/go-openapi/strfmt v0.19.11/go.mod h1:UukAYgTaQfqJuAFlNxxMWNvMYiwiXtLs
 github.com/go-openapi/strfmt v0.20.0/go.mod h1:UukAYgTaQfqJuAFlNxxMWNvMYiwiXtLsF2VwmoFtbtc=
 github.com/go-openapi/strfmt v0.20.1/go.mod h1:43urheQI9dNtE5lTZQfuFJvjYJKPrxicATpEfZwHUNk=
 github.com/go-openapi/strfmt v0.20.2/go.mod h1:43urheQI9dNtE5lTZQfuFJvjYJKPrxicATpEfZwHUNk=
-github.com/go-openapi/strfmt v0.21.0 h1:hX2qEZKmYks+t0hKeb4VTJpUm2UYsdL3+DCid5swxIs=
 github.com/go-openapi/strfmt v0.21.0/go.mod h1:ZRQ409bWMj+SOgXofQAGTIo2Ebu72Gs+WaRADcS5iNg=
+github.com/go-openapi/strfmt v0.21.1 h1:G6s2t5V5kGCHLVbSdZ/6lI8Wm4OzoPFkc3/cjAsKQrM=
+github.com/go-openapi/strfmt v0.21.1/go.mod h1:I/XVKeLc5+MM5oPNN7P6urMOpuLXEcNrCX/rPGuWb0k=
 github.com/go-openapi/swag v0.0.0-20160704191624-1d0bd113de87/go.mod h1:DXUve3Dpr1UfpPtxFw+EFuQ41HhCWZfha5jSVRG7C7I=
 github.com/go-openapi/swag v0.17.0/go.mod h1:AByQ+nYG6gQg71GINrmuDXCPWdL640yX49/kXLo40Tg=
-github.com/go-openapi/swag v0.17.2/go.mod h1:AByQ+nYG6gQg71GINrmuDXCPWdL640yX49/kXLo40Tg=
 github.com/go-openapi/swag v0.18.0/go.mod h1:AByQ+nYG6gQg71GINrmuDXCPWdL640yX49/kXLo40Tg=
 github.com/go-openapi/swag v0.19.2/go.mod h1:POnQmlKehdgb5mhVOsnJFsivZCEZ/vjK9gh66Z9tfKk=
-github.com/go-openapi/swag v0.19.4/go.mod h1:POnQmlKehdgb5mhVOsnJFsivZCEZ/vjK9gh66Z9tfKk=
 github.com/go-openapi/swag v0.19.5/go.mod h1:POnQmlKehdgb5mhVOsnJFsivZCEZ/vjK9gh66Z9tfKk=
 github.com/go-openapi/swag v0.19.7/go.mod h1:ao+8BpOPyKdpQz3AOJfbeEVpLmWAvlT1IfTe5McPyhY=
 github.com/go-openapi/swag v0.19.9/go.mod h1:ao+8BpOPyKdpQz3AOJfbeEVpLmWAvlT1IfTe5McPyhY=
-github.com/go-openapi/swag v0.19.11/go.mod h1:Uc0gKkdR+ojzsEpjh39QChyu92vPgIr72POcgHMAgSY=
 github.com/go-openapi/swag v0.19.12/go.mod h1:eFdyEBkTdoAf/9RXBvj4cr1nH7GD8Kzo5HTt47gr72M=
 github.com/go-openapi/swag v0.19.13/go.mod h1:QYRuS/SOXUCsnplDa677K7+DxSOj6IPNl/eQntq43wQ=
 github.com/go-openapi/swag v0.19.14/go.mod h1:QYRuS/SOXUCsnplDa677K7+DxSOj6IPNl/eQntq43wQ=
 github.com/go-openapi/swag v0.19.15 h1:D2NRCBzS9/pEY3gP9Nl8aDqGUcPFrwG2p+CNFrLyrCM=
 github.com/go-openapi/swag v0.19.15/go.mod h1:QYRuS/SOXUCsnplDa677K7+DxSOj6IPNl/eQntq43wQ=
-github.com/go-openapi/validate v0.17.2/go.mod h1:Uh4HdOzKt19xGIGm1qHf/ofbX1YQ4Y+MYsct2VUrAJ4=
 github.com/go-openapi/validate v0.18.0/go.mod h1:Uh4HdOzKt19xGIGm1qHf/ofbX1YQ4Y+MYsct2VUrAJ4=
 github.com/go-openapi/validate v0.19.2/go.mod h1:1tRCw7m3jtI8eNWEEliiAqUIcBztB2KDnRCRMUi7GTA=
 github.com/go-openapi/validate v0.19.3/go.mod h1:90Vh6jjkTn+OT1Eefm0ZixWNFjhtOH7vS9k0lo6zwJo=
 github.com/go-openapi/validate v0.19.8/go.mod h1:8DJv2CVJQ6kGNpFW6eV9N3JviE1C85nY1c2z52x1Gk4=
 github.com/go-openapi/validate v0.19.10/go.mod h1:RKEZTUWDkxKQxN2jDT7ZnZi2bhZlbNMAuKvKB+IaGx8=
 github.com/go-openapi/validate v0.19.12/go.mod h1:Rzou8hA/CBw8donlS6WNEUQupNvUZ0waH08tGe6kAQ4=
-github.com/go-openapi/validate v0.19.14/go.mod h1:PdGrHe0rp6MG3A1SrAY/rIHATqzJEEhohGE1atLkBEQ=
 github.com/go-openapi/validate v0.19.15/go.mod h1:tbn/fdOwYHgrhPBzidZfJC2MIVvs9GA7monOmWBbeCI=
 github.com/go-openapi/validate v0.20.1/go.mod h1:b60iJT+xNNLfaQJUqLI7946tYiFEOuE9E4k54HpKcJ0=
 github.com/go-openapi/validate v0.20.2/go.mod h1:e7OJoKNgd0twXZwIn0A43tHbvIcr/rZIVCbJBpTUoY0=
@@ -926,7 +811,6 @@ github.com/gogo/googleapis v1.2.0/go.mod h1:Njal3psf3qN6dwBtQfUmBZh2ybovJ0tlu3o/
 github.com/gogo/googleapis v1.4.0/go.mod h1:5YRNX2z1oM5gXdAkurHa942MDgEJyk02w4OecKY87+c=
 github.com/gogo/googleapis v1.4.1 h1:1Yx4Myt7BxzvUr5ldGSbwYiZG6t9wGBZ+8/fX3Wvtq0=
 github.com/gogo/googleapis v1.4.1/go.mod h1:2lpHqI5OcWCtVElxXnPt+s8oJvMpySlOyM6xDCrzib4=
-github.com/gogo/protobuf v1.0.0/go.mod h1:r8qH/GZQm5c6nD/R0oafs1akxWv10x8SbQlK7atdtwQ=
 github.com/gogo/protobuf v1.1.1/go.mod h1:r8qH/GZQm5c6nD/R0oafs1akxWv10x8SbQlK7atdtwQ=
 github.com/gogo/protobuf v1.2.0/go.mod h1:r8qH/GZQm5c6nD/R0oafs1akxWv10x8SbQlK7atdtwQ=
 github.com/gogo/protobuf v1.2.1/go.mod h1:hp+jE20tsWTFYpLwKvXlhS1hjn+gTNwPg2I6zVXpSg4=
@@ -939,6 +823,8 @@ github.com/gogo/protobuf v1.3.2/go.mod h1:P1XiOD3dCwIKUDQYPy72D8LYyHL2YPYrpS2s69
 github.com/gogo/status v1.0.3/go.mod h1:SavQ51ycCLnc7dGyJxp8YAmudx8xqiVrRf+6IXRsugc=
 github.com/gogo/status v1.1.0 h1:+eIkrewn5q6b30y+g/BJINVVdi2xH7je5MPJ3ZPK3JA=
 github.com/gogo/status v1.1.0/go.mod h1:BFv9nrluPLmrS0EmGVvLaPNmRosr9KapBYd5/hpY1WM=
+github.com/golang-jwt/jwt v3.2.1+incompatible h1:73Z+4BJcrTC+KczS6WvTPvRGOp1WmfEP4Q1lOd9Z/+c=
+github.com/golang-jwt/jwt v3.2.1+incompatible/go.mod h1:8pz2t5EyA70fFQQSrl6XZXzqecmYZeUEB8OUGHkxJ+I=
 github.com/golang-jwt/jwt/v4 v4.0.0 h1:RAqyYixv1p7uEnocuy8P1nru5wprCh/MH2BIlW5z5/o=
 github.com/golang-jwt/jwt/v4 v4.0.0/go.mod h1:/xlHOz8bRuivTWchD4jCa+NbatV+wEUSzwAxVc6locg=
 github.com/golang-migrate/migrate/v4 v4.7.0 h1:gONcHxHApDTKXDyLH/H97gEHmpu1zcnnbAaq2zgrPrs=
@@ -950,12 +836,10 @@ github.com/golang/glog v0.0.0-20160126235308-23def4e6c14b/go.mod h1:SBH7ygxi8pfU
 github.com/golang/groupcache v0.0.0-20160516000752-02826c3e7903/go.mod h1:cIg4eruTrX1D+g88fzRXU5OdNfaM+9IcxsU14FzY7Hc=
 github.com/golang/groupcache v0.0.0-20190129154638-5b532d6fd5ef/go.mod h1:cIg4eruTrX1D+g88fzRXU5OdNfaM+9IcxsU14FzY7Hc=
 github.com/golang/groupcache v0.0.0-20190702054246-869f871628b6/go.mod h1:cIg4eruTrX1D+g88fzRXU5OdNfaM+9IcxsU14FzY7Hc=
-github.com/golang/groupcache v0.0.0-20191027212112-611e8accdfc9/go.mod h1:cIg4eruTrX1D+g88fzRXU5OdNfaM+9IcxsU14FzY7Hc=
 github.com/golang/groupcache v0.0.0-20191227052852-215e87163ea7/go.mod h1:cIg4eruTrX1D+g88fzRXU5OdNfaM+9IcxsU14FzY7Hc=
 github.com/golang/groupcache v0.0.0-20200121045136-8c9f03a8e57e/go.mod h1:cIg4eruTrX1D+g88fzRXU5OdNfaM+9IcxsU14FzY7Hc=
 github.com/golang/groupcache v0.0.0-20210331224755-41bb18bfe9da h1:oI5xCqsCo564l8iNU+DwB5epxmsaqB+rhGL0m5jtYqE=
 github.com/golang/groupcache v0.0.0-20210331224755-41bb18bfe9da/go.mod h1:cIg4eruTrX1D+g88fzRXU5OdNfaM+9IcxsU14FzY7Hc=
-github.com/golang/lint v0.0.0-20180702182130-06c8688daad7/go.mod h1:tluoj9z5200jBnyusfRPU2LqT6J+DAorxEvtC7LHB+E=
 github.com/golang/mock v1.2.0/go.mod h1:oTYuIxOrZwtPieC+H1uAHpcLFnEyAGVDL/k47Jfbm0A=
 github.com/golang/mock v1.3.1/go.mod h1:sBzyDLLjw3U8JLTeZvSv8jJB+tU5PVekmnlKIyFUx0Y=
 github.com/golang/mock v1.4.0/go.mod h1:UOMv5ysSaYNkG+OFQykRIcU/QvvxJf3p21QfJ2Bt3cw=
@@ -985,15 +869,10 @@ github.com/golang/protobuf v1.5.2 h1:ROPKBNFfQgOUMifHyP+KYbvpjbdoFNs+aK7DXlji0Tw
 github.com/golang/protobuf v1.5.2/go.mod h1:XVQd3VNwM+JqD3oG2Ue2ip4fOMUkwXdXDdiuN0vRsmY=
 github.com/golang/snappy v0.0.0-20180518054509-2e65f85255db/go.mod h1:/XxbfmMg8lxefKM7IXC3fBNl/7bRcc72aCRzEWrmP2Q=
 github.com/golang/snappy v0.0.1/go.mod h1:/XxbfmMg8lxefKM7IXC3fBNl/7bRcc72aCRzEWrmP2Q=
-github.com/golang/snappy v0.0.2/go.mod h1:/XxbfmMg8lxefKM7IXC3fBNl/7bRcc72aCRzEWrmP2Q=
-github.com/golang/snappy v0.0.3-0.20201103224600-674baa8c7fc3/go.mod h1:/XxbfmMg8lxefKM7IXC3fBNl/7bRcc72aCRzEWrmP2Q=
 github.com/golang/snappy v0.0.3/go.mod h1:/XxbfmMg8lxefKM7IXC3fBNl/7bRcc72aCRzEWrmP2Q=
 github.com/golang/snappy v0.0.4 h1:yAGX7huGHXlcLOEtBnF4w7FQwA26wojNCwOYAEhLjQM=
 github.com/golang/snappy v0.0.4/go.mod h1:/XxbfmMg8lxefKM7IXC3fBNl/7bRcc72aCRzEWrmP2Q=
 github.com/golangci/lint-1 v0.0.0-20181222135242-d2cdd8c08219/go.mod h1:/X8TswGSh1pIozq4ZwCfxS0WA5JGXguxk94ar/4c87Y=
-github.com/gomodule/redigo v1.8.4/go.mod h1:P9dn9mFrCBvWhGE1wpxx6fgq7BAeLBk+UUUzlpkBYO0=
-github.com/gomodule/redigo v2.0.0+incompatible/go.mod h1:B4C85qUVwatsJoIUNIfCRsp7qO0iAmpGFZ4EELWSbC4=
-github.com/google/btree v0.0.0-20180124185431-e89373fe6b4a/go.mod h1:lNA+9X1NB3Zf8V7Ke586lFgjr2dZNuvo3lPJSGZ5JPQ=
 github.com/google/btree v0.0.0-20180813153112-4030bb1f1f0c/go.mod h1:lNA+9X1NB3Zf8V7Ke586lFgjr2dZNuvo3lPJSGZ5JPQ=
 github.com/google/btree v1.0.0/go.mod h1:lNA+9X1NB3Zf8V7Ke586lFgjr2dZNuvo3lPJSGZ5JPQ=
 github.com/google/btree v1.0.1 h1:gK4Kx5IaGY9CD5sPJ36FHiBJ6ZXl0kilRiiCj+jdYp4=
@@ -1018,7 +897,6 @@ github.com/google/go-cmp v0.5.6/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/
 github.com/google/go-github v17.0.0+incompatible/go.mod h1:zLgOLi98H3fifZn+44m+umXrS52loVEgC2AApnigrVQ=
 github.com/google/go-querystring v1.0.0 h1:Xkwi/a1rcvNg1PPYe5vI8GbeBY/jrVuDX5ASuANWTrk=
 github.com/google/go-querystring v1.0.0/go.mod h1:odCYkC5MyYFN7vkCjXpyrEuKhc/BUO6wN/zVPAxq5ck=
-github.com/google/gofuzz v0.0.0-20161122191042-44d81051d367/go.mod h1:HP5RmnzzSNb993RKQDq4+1A4ia9nllfqcQFTQJedwGI=
 github.com/google/gofuzz v1.0.0/go.mod h1:dBl0BpW6vV/+mYPU4Po3pmUjxk6FQPldtuIdl/M65Eg=
 github.com/google/gofuzz v1.1.0 h1:Hsa8mG0dQ46ij8Sl2AYJDUv1oA9/d6Vk+3LG99Oe02g=
 github.com/google/gofuzz v1.1.0/go.mod h1:dBl0BpW6vV/+mYPU4Po3pmUjxk6FQPldtuIdl/M65Eg=
@@ -1030,32 +908,25 @@ github.com/google/martian/v3 v3.2.1 h1:d8MncMlErDFTwQGBK1xhv026j9kqhvw1Qv9IbWT1V
 github.com/google/martian/v3 v3.2.1/go.mod h1:oBOf6HBosgwRXnUGWUB05QECsc6uvmMiJ3+6W4l/CUk=
 github.com/google/pprof v0.0.0-20181206194817-3ea8567a2e57/go.mod h1:zfwlbNMJ+OItoe0UupaVj+oy1omPYYDuagoSzA8v9mc=
 github.com/google/pprof v0.0.0-20190515194954-54271f7e092f/go.mod h1:zfwlbNMJ+OItoe0UupaVj+oy1omPYYDuagoSzA8v9mc=
-github.com/google/pprof v0.0.0-20190723021845-34ac40c74b70/go.mod h1:zfwlbNMJ+OItoe0UupaVj+oy1omPYYDuagoSzA8v9mc=
 github.com/google/pprof v0.0.0-20191218002539-d4f498aebedc/go.mod h1:ZgVRPoUq/hfqzAqh7sHMqb3I9Rq5C59dIz2SbBwJ4eM=
 github.com/google/pprof v0.0.0-20200212024743-f11f1df84d12/go.mod h1:ZgVRPoUq/hfqzAqh7sHMqb3I9Rq5C59dIz2SbBwJ4eM=
 github.com/google/pprof v0.0.0-20200229191704-1ebb73c60ed3/go.mod h1:ZgVRPoUq/hfqzAqh7sHMqb3I9Rq5C59dIz2SbBwJ4eM=
 github.com/google/pprof v0.0.0-20200417002340-c6e0a841f49a/go.mod h1:ZgVRPoUq/hfqzAqh7sHMqb3I9Rq5C59dIz2SbBwJ4eM=
 github.com/google/pprof v0.0.0-20200430221834-fc25d7d30c6d/go.mod h1:ZgVRPoUq/hfqzAqh7sHMqb3I9Rq5C59dIz2SbBwJ4eM=
-github.com/google/pprof v0.0.0-20200507031123-427632fa3b1c/go.mod h1:ZgVRPoUq/hfqzAqh7sHMqb3I9Rq5C59dIz2SbBwJ4eM=
 github.com/google/pprof v0.0.0-20200615235658-03e1cf38a040/go.mod h1:ZgVRPoUq/hfqzAqh7sHMqb3I9Rq5C59dIz2SbBwJ4eM=
 github.com/google/pprof v0.0.0-20200708004538-1a94d8640e99/go.mod h1:ZgVRPoUq/hfqzAqh7sHMqb3I9Rq5C59dIz2SbBwJ4eM=
-github.com/google/pprof v0.0.0-20201007051231-1066cbb265c7/go.mod h1:ZgVRPoUq/hfqzAqh7sHMqb3I9Rq5C59dIz2SbBwJ4eM=
 github.com/google/pprof v0.0.0-20201023163331-3e6fc7fc9c4c/go.mod h1:kpwsk12EmLew5upagYY7GY0pfYCcupk39gWOCRROcvE=
-github.com/google/pprof v0.0.0-20201117184057-ae444373da19/go.mod h1:kpwsk12EmLew5upagYY7GY0pfYCcupk39gWOCRROcvE=
 github.com/google/pprof v0.0.0-20201203190320-1bf35d6f28c2/go.mod h1:kpwsk12EmLew5upagYY7GY0pfYCcupk39gWOCRROcvE=
 github.com/google/pprof v0.0.0-20210122040257-d980be63207e/go.mod h1:kpwsk12EmLew5upagYY7GY0pfYCcupk39gWOCRROcvE=
-github.com/google/pprof v0.0.0-20210208152844-1612e9be7af6/go.mod h1:kpwsk12EmLew5upagYY7GY0pfYCcupk39gWOCRROcvE=
 github.com/google/pprof v0.0.0-20210226084205-cbba55b83ad5/go.mod h1:kpwsk12EmLew5upagYY7GY0pfYCcupk39gWOCRROcvE=
-github.com/google/pprof v0.0.0-20210323184331-8eee2492667d/go.mod h1:kpwsk12EmLew5upagYY7GY0pfYCcupk39gWOCRROcvE=
-github.com/google/pprof v0.0.0-20210504235042-3a04a4d88a10/go.mod h1:kpwsk12EmLew5upagYY7GY0pfYCcupk39gWOCRROcvE=
 github.com/google/pprof v0.0.0-20210601050228-01bbb1931b22/go.mod h1:kpwsk12EmLew5upagYY7GY0pfYCcupk39gWOCRROcvE=
 github.com/google/pprof v0.0.0-20210609004039-a478d1d731e9/go.mod h1:kpwsk12EmLew5upagYY7GY0pfYCcupk39gWOCRROcvE=
 github.com/google/pprof v0.0.0-20210720184732-4bb14d4b1be1/go.mod h1:kpwsk12EmLew5upagYY7GY0pfYCcupk39gWOCRROcvE=
-github.com/google/pprof v0.0.0-20210827144239-02619b876842 h1:JCrt5MIE1fHQtdy1825HwJ45oVQaqHE6lgssRhjcg/o=
-github.com/google/pprof v0.0.0-20210827144239-02619b876842/go.mod h1:kpwsk12EmLew5upagYY7GY0pfYCcupk39gWOCRROcvE=
+github.com/google/pprof v0.0.0-20211008130755-947d60d73cc0/go.mod h1:KgnwoLYCZ8IQu3XUZ8Nc/bM9CCZFOyjUNOSygVozoDg=
+github.com/google/pprof v0.0.0-20211122183932-1daafda22083 h1:c8EUapQFi+kjzedr4c6WqbwMdmB95+oDBWZ5XFHFYxY=
+github.com/google/pprof v0.0.0-20211122183932-1daafda22083/go.mod h1:KgnwoLYCZ8IQu3XUZ8Nc/bM9CCZFOyjUNOSygVozoDg=
 github.com/google/renameio v0.1.0/go.mod h1:KWCgfxg9yswjAJkECMjeO8J8rahYeXnNhOm40UhjYkI=
 github.com/google/uuid v1.0.0/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo=
-github.com/google/uuid v1.1.0/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo=
 github.com/google/uuid v1.1.1/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo=
 github.com/google/uuid v1.1.2/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo=
 github.com/google/uuid v1.2.0/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo=
@@ -1068,31 +939,16 @@ github.com/googleapis/gax-go/v2 v2.0.5/go.mod h1:DWXyrwAJ9X0FpwwEdw+IPEYBICEFu5m
 github.com/googleapis/gax-go/v2 v2.1.0/go.mod h1:Q3nei7sK6ybPYH7twZdmQpAd1MKb7pfu6SK+H1/DsU0=
 github.com/googleapis/gax-go/v2 v2.1.1 h1:dp3bWCh+PPO1zjRRiCSczJav13sBvG4UhNyVTa1KqdU=
 github.com/googleapis/gax-go/v2 v2.1.1/go.mod h1:hddJymUZASv3XPyGkUpKj8pPO47Rmb0eJc8R6ouapiM=
-github.com/googleapis/gnostic v0.0.0-20170426233943-68f4ded48ba9/go.mod h1:sJBsCZ4ayReDTBIg8b9dl28c5xFWyhBTVRp3pOg5EKY=
 github.com/googleapis/gnostic v0.0.0-20170729233727-0c5108395e2d/go.mod h1:sJBsCZ4ayReDTBIg8b9dl28c5xFWyhBTVRp3pOg5EKY=
-github.com/googleapis/gnostic v0.1.0/go.mod h1:sJBsCZ4ayReDTBIg8b9dl28c5xFWyhBTVRp3pOg5EKY=
-github.com/googleapis/gnostic v0.3.0/go.mod h1:sJBsCZ4ayReDTBIg8b9dl28c5xFWyhBTVRp3pOg5EKY=
-github.com/googleapis/gnostic v0.3.1/go.mod h1:on+2t9HRStVgn95RSsFWFz+6Q0Snyqv1awfrALZdbtU=
 github.com/googleapis/gnostic v0.4.0/go.mod h1:on+2t9HRStVgn95RSsFWFz+6Q0Snyqv1awfrALZdbtU=
 github.com/googleapis/gnostic v0.4.1/go.mod h1:LRhVm6pbyptWbWbuZ38d1eyptfvIytN3ir6b65WBswg=
 github.com/googleapis/gnostic v0.5.1/go.mod h1:6U4PtQXGIEt/Z3h5MAT7FNofLnw9vXk2cUuW7uA/OeU=
 github.com/googleapis/gnostic v0.5.5 h1:9fHAtK0uDfpveeqqo1hkEZJcFvYXAiCN3UutL8F9xHw=
 github.com/googleapis/gnostic v0.5.5/go.mod h1:7+EbHbldMins07ALC74bsA81Ovc97DwqyJO1AENw9kA=
-github.com/gophercloud/gophercloud v0.3.0/go.mod h1:vxM41WHh5uqHVBMZHzuwNOHh8XEoIEcSTewFxm1c5g8=
-github.com/gophercloud/gophercloud v0.6.0/go.mod h1:GICNByuaEBibcjmjvI7QvYJSZEbGkcYwAR7EZK2WMqM=
 github.com/gophercloud/gophercloud v0.10.0/go.mod h1:gmC5oQqMDOMO1t1gq5DquX/yAU808e/4mzjjDA76+Ss=
-github.com/gophercloud/gophercloud v0.11.0/go.mod h1:gmC5oQqMDOMO1t1gq5DquX/yAU808e/4mzjjDA76+Ss=
-github.com/gophercloud/gophercloud v0.12.0/go.mod h1:gmC5oQqMDOMO1t1gq5DquX/yAU808e/4mzjjDA76+Ss=
-github.com/gophercloud/gophercloud v0.13.0/go.mod h1:VX0Ibx85B60B5XOrZr6kaNwrmPUzcmMpwxvQ1WQIIWM=
-github.com/gophercloud/gophercloud v0.14.0/go.mod h1:VX0Ibx85B60B5XOrZr6kaNwrmPUzcmMpwxvQ1WQIIWM=
-github.com/gophercloud/gophercloud v0.15.0/go.mod h1:VX0Ibx85B60B5XOrZr6kaNwrmPUzcmMpwxvQ1WQIIWM=
-github.com/gophercloud/gophercloud v0.16.0/go.mod h1:wRtmUelyIIv3CSSDI47aUwbs075O6i+LY+pXsKCBsb4=
-github.com/gophercloud/gophercloud v0.17.0/go.mod h1:wRtmUelyIIv3CSSDI47aUwbs075O6i+LY+pXsKCBsb4=
-github.com/gophercloud/gophercloud v0.18.0/go.mod h1:wRtmUelyIIv3CSSDI47aUwbs075O6i+LY+pXsKCBsb4=
-github.com/gophercloud/gophercloud v0.20.0 h1:1+4jrsjVhdX5omlAo4jkmFc6ftLbuXLzgFo4i6lH+Gk=
-github.com/gophercloud/gophercloud v0.20.0/go.mod h1:wRtmUelyIIv3CSSDI47aUwbs075O6i+LY+pXsKCBsb4=
+github.com/gophercloud/gophercloud v0.23.0 h1:I3P10oKlGu3DHP9PrEWMr1ya+/+3Rc9uRHNkRZ9wO7g=
+github.com/gophercloud/gophercloud v0.23.0/go.mod h1:MRw6uyLj8uCGbIvBlqL7QW67t0QtNZnzydUzewo1Ioc=
 github.com/gopherjs/gopherjs v0.0.0-20181017120253-0766667cb4d1/go.mod h1:wJfORRmW1u3UXTncJ5qlYoELFm8eSnnEO6hX4iZ3EWY=
-github.com/gopherjs/gopherjs v0.0.0-20191106031601-ce3c9ade29de/go.mod h1:wJfORRmW1u3UXTncJ5qlYoELFm8eSnnEO6hX4iZ3EWY=
 github.com/gorilla/context v1.1.1/go.mod h1:kBGZzfjB9CEq2AlWe17Uuf7NDRt0dE0s8S51q0aT7Yg=
 github.com/gorilla/handlers v0.0.0-20150720190736-60c7bfde3e33/go.mod h1:Qkdc/uu4tH4g6mTK6auzZ766c4CA0Ng8+o/OAirnOIQ=
 github.com/gorilla/handlers v1.5.1 h1:9lRY6j8DEeeBT10CvO9hGW0gmky0BprnvDI5vfhUHH4=
@@ -1108,8 +964,6 @@ github.com/gorilla/sessions v1.2.1/go.mod h1:dk2InVEVJ0sfLlnXv9EAgkf6ecYs/i80K/z
 github.com/gorilla/websocket v0.0.0-20170926233335-4201258b820c/go.mod h1:E7qHFY5m1UJ88s3WnNqhKjPHQ0heANvMoAMk2YaljkQ=
 github.com/gorilla/websocket v1.4.0/go.mod h1:E7qHFY5m1UJ88s3WnNqhKjPHQ0heANvMoAMk2YaljkQ=
 github.com/gorilla/websocket v1.4.2/go.mod h1:YR8l580nyteQvAITg2hZ9XVh4b55+EU/adAjf1fMHhE=
-github.com/grafana/dskit v0.0.0-20210818123532-6645f87e9e12/go.mod h1:QaNAQaCSFOtG/NHf6Jd/zh67H25kkrVCq36U61Y2Mhw=
-github.com/grafana/dskit v0.0.0-20210819132858-471020752967/go.mod h1:uF46UNN1/feB1egpq8UGbBBKvJjGgZauW7pcVbeFLLM=
 github.com/grafana/dskit v0.0.0-20211021180445-3bd016e9d7f1 h1:Qf+/W3Tup0nO21tgJmO14WJK0yyrm4L2UJipZP+Zoow=
 github.com/grafana/dskit v0.0.0-20211021180445-3bd016e9d7f1/go.mod h1:uPG2nyK4CtgNDmWv7qyzYcdI+S90kHHRWvHnBtEMBXM=
 github.com/grafana/gocql v0.0.0-20200605141915-ba5dc39ece85 h1:xLuzPoOzdfNb/RF/IENCw+oLVdZB4G21VPhkHBgwSHY=
@@ -1120,7 +974,6 @@ github.com/gregjones/httpcache v0.0.0-20180305231024-9cad4c3443a7/go.mod h1:Fecb
 github.com/grpc-ecosystem/go-grpc-middleware v1.0.0/go.mod h1:FiyG127CGDf3tlThmgyCl78X/SZQqEOJBCDaAfeWzPs=
 github.com/grpc-ecosystem/go-grpc-middleware v1.0.1-0.20190118093823-f849b5445de4/go.mod h1:FiyG127CGDf3tlThmgyCl78X/SZQqEOJBCDaAfeWzPs=
 github.com/grpc-ecosystem/go-grpc-middleware v1.1.0/go.mod h1:f5nM7jw/oeRSadq3xCzHAvxcr8HZnzsqU6ILg/0NiiE=
-github.com/grpc-ecosystem/go-grpc-middleware v1.2.2/go.mod h1:EaizFBKfUKtMIF5iaDEhniwNedqGo9FuLFzppDr3uwI=
 github.com/grpc-ecosystem/go-grpc-middleware v1.3.0 h1:+9834+KizmvFV7pXQGSXQTsaWhq2GjuNUt0aUU0YBYw=
 github.com/grpc-ecosystem/go-grpc-middleware v1.3.0/go.mod h1:z0ButlSOZa5vEBq9m2m2hlwIgKw+rp3sdCBRoJY+30Y=
 github.com/grpc-ecosystem/go-grpc-middleware/providers/kit/v2 v2.0.0-20201002093600-73cf2ae9d891/go.mod h1:516cTXxZzi4NBUBbKcwmO4Eqbb6GHAEd3o4N+GYyCBY=
@@ -1128,14 +981,9 @@ github.com/grpc-ecosystem/go-grpc-middleware/v2 v2.0.0-20200501113911-9a95f0fdbf
 github.com/grpc-ecosystem/go-grpc-middleware/v2 v2.0.0-rc.2.0.20201207153454-9f6bf00c00a7 h1:guQyUpELu4I0wKgdsRBZDA5blfGiUleuppRSVy9Qbi0=
 github.com/grpc-ecosystem/go-grpc-middleware/v2 v2.0.0-rc.2.0.20201207153454-9f6bf00c00a7/go.mod h1:GhphxcdlaRyAuBSvo6rV71BvQcvB/vuX8ugCyybuS2k=
 github.com/grpc-ecosystem/go-grpc-prometheus v1.2.0/go.mod h1:8NvIoxWQoOIhqOTXgfV/d3M/q6VIi02HzZEHgUlZvzk=
-github.com/grpc-ecosystem/grpc-gateway v1.4.1/go.mod h1:RSKVYQBd5MCa4OVpNdGskqpgL2+G+NZTnrVHpWWfpdw=
 github.com/grpc-ecosystem/grpc-gateway v1.9.0/go.mod h1:vNeuVxBJEsws4ogUvrchl83t/GYV9WGTSLVdBhOQFDY=
-github.com/grpc-ecosystem/grpc-gateway v1.9.4/go.mod h1:vNeuVxBJEsws4ogUvrchl83t/GYV9WGTSLVdBhOQFDY=
 github.com/grpc-ecosystem/grpc-gateway v1.9.5/go.mod h1:vNeuVxBJEsws4ogUvrchl83t/GYV9WGTSLVdBhOQFDY=
-github.com/grpc-ecosystem/grpc-gateway v1.12.1/go.mod h1:8XEsbTttt/W+VvjtQhLACqCisSPWTxCZ7sBRjU6iH9c=
 github.com/grpc-ecosystem/grpc-gateway v1.14.4/go.mod h1:6CwZWGDSPRJidgKAtJVvND6soZe6fT7iteq8wDPdhb0=
-github.com/grpc-ecosystem/grpc-gateway v1.14.6/go.mod h1:zdiPV4Yse/1gnckTHtghG4GkDEdKCRJduHpTxT3/jcw=
-github.com/grpc-ecosystem/grpc-gateway v1.15.0/go.mod h1:vO11I9oWA+KsxmfFQPhLnnIb1VDE24M+pdxZFiuZcA8=
 github.com/grpc-ecosystem/grpc-gateway v1.16.0 h1:gmcG1KaJ57LophUzW0Hy8NmPhnMZb4M0+kPpLofRdBo=
 github.com/grpc-ecosystem/grpc-gateway v1.16.0/go.mod h1:BDjrQk3hbvj6Nolgz8mAMFbcEtjT1g+wF4CSlocrBnw=
 github.com/grpc-ecosystem/grpc-opentracing v0.0.0-20180507213350-8e809c8a8645 h1:MJG/KsmcqMwFAkh8mTnAwhyKoB+sTAnY4CACC110tbU=
@@ -1145,18 +993,14 @@ github.com/hailocab/go-hostpool v0.0.0-20160125115350-e80d13ce29ed/go.mod h1:tMW
 github.com/hashicorp/consul/api v1.1.0/go.mod h1:VmuI/Lkw1nC05EYQWNKwWGbkg+FbDBtguAZLlVdkD9Q=
 github.com/hashicorp/consul/api v1.3.0/go.mod h1:MmDNSzIMUjNpY/mQ398R4bk2FnqQLoPndWW5VkKPlCE=
 github.com/hashicorp/consul/api v1.4.0/go.mod h1:xc8u05kyMa3Wjr9eEAsIAo3dg8+LywT5E/Cl7cNS5nU=
-github.com/hashicorp/consul/api v1.5.0/go.mod h1:LqwrLNW876eYSuUOo4ZLHBcdKc038txr/IMfbLPATa4=
-github.com/hashicorp/consul/api v1.6.0/go.mod h1:1NSuaUUkFaJzMasbfq/11wKYWSR67Xn6r2DXKhuDNFg=
-github.com/hashicorp/consul/api v1.7.0/go.mod h1:1NSuaUUkFaJzMasbfq/11wKYWSR67Xn6r2DXKhuDNFg=
 github.com/hashicorp/consul/api v1.8.1/go.mod h1:sDjTOq0yUyv5G4h+BqSea7Fn6BU+XbolEz1952UB+mk=
 github.com/hashicorp/consul/api v1.9.1/go.mod h1:XjsvQN+RJGWI2TWy1/kqaE16HrR2J/FWgkYjdZQsX9M=
-github.com/hashicorp/consul/api v1.10.1 h1:MwZJp86nlnL+6+W1Zly4JUuVn9YHhMggBirMpHGD7kw=
 github.com/hashicorp/consul/api v1.10.1/go.mod h1:XjsvQN+RJGWI2TWy1/kqaE16HrR2J/FWgkYjdZQsX9M=
+github.com/hashicorp/consul/api v1.11.0 h1:Hw/G8TtRvOElqxVIhBzXciiSTbapq8hZ2XKZsXk5ZCE=
+github.com/hashicorp/consul/api v1.11.0/go.mod h1:XjsvQN+RJGWI2TWy1/kqaE16HrR2J/FWgkYjdZQsX9M=
 github.com/hashicorp/consul/sdk v0.1.1/go.mod h1:VKf9jXwCTEY1QZP2MOLRhb5i/I/ssyNV1vwHyQBF0x8=
 github.com/hashicorp/consul/sdk v0.3.0/go.mod h1:VKf9jXwCTEY1QZP2MOLRhb5i/I/ssyNV1vwHyQBF0x8=
 github.com/hashicorp/consul/sdk v0.4.0/go.mod h1:fY08Y9z5SvJqevyZNy6WWPXiG3KwBPAvlcdx16zZ0fM=
-github.com/hashicorp/consul/sdk v0.5.0/go.mod h1:fY08Y9z5SvJqevyZNy6WWPXiG3KwBPAvlcdx16zZ0fM=
-github.com/hashicorp/consul/sdk v0.6.0/go.mod h1:fY08Y9z5SvJqevyZNy6WWPXiG3KwBPAvlcdx16zZ0fM=
 github.com/hashicorp/consul/sdk v0.7.0/go.mod h1:fY08Y9z5SvJqevyZNy6WWPXiG3KwBPAvlcdx16zZ0fM=
 github.com/hashicorp/consul/sdk v0.8.0 h1:OJtKBtEjboEZvG6AOUdh4Z1Zbyu0WcxQ0qatRrZHTVU=
 github.com/hashicorp/consul/sdk v0.8.0/go.mod h1:GBvyrGALthsZObzUGsfgHZQDXjg4lOjagTIwIR1vPms=
@@ -1175,7 +1019,6 @@ github.com/hashicorp/go-hclog v0.14.1/go.mod h1:whpDNt7SSdeAju8AWKIWsul05p54N/39
 github.com/hashicorp/go-hclog v0.16.2 h1:K4ev2ib4LdQETX5cSZBG0DVLk1jwGqSPXBjdah3veNs=
 github.com/hashicorp/go-hclog v0.16.2/go.mod h1:whpDNt7SSdeAju8AWKIWsul05p54N/39EeqMAyrmvFQ=
 github.com/hashicorp/go-immutable-radix v1.0.0/go.mod h1:0y9vanUI8NX6FsYoO3zeMjhV/C5i9g4Q3DwcSNZ4P60=
-github.com/hashicorp/go-immutable-radix v1.1.0/go.mod h1:0y9vanUI8NX6FsYoO3zeMjhV/C5i9g4Q3DwcSNZ4P60=
 github.com/hashicorp/go-immutable-radix v1.2.0/go.mod h1:0y9vanUI8NX6FsYoO3zeMjhV/C5i9g4Q3DwcSNZ4P60=
 github.com/hashicorp/go-immutable-radix v1.3.1 h1:DKHmCUm2hRBK510BaiZlwvpD40f8bJFeZnpfm2KLowc=
 github.com/hashicorp/go-immutable-radix v1.3.1/go.mod h1:0y9vanUI8NX6FsYoO3zeMjhV/C5i9g4Q3DwcSNZ4P60=
@@ -1208,7 +1051,6 @@ github.com/hashicorp/go-version v1.2.0/go.mod h1:fltr4n8CU8Ke44wwGCBoEymUuxUHl09
 github.com/hashicorp/go.net v0.0.1/go.mod h1:hjKkEWcCURg++eb33jQU7oqQcI9XDCnUzHA0oac0k90=
 github.com/hashicorp/golang-lru v0.5.0/go.mod h1:/m3WP610KZHVQ1SGc6re/UDhFvYD7pJ4Ao+sR/qLZy8=
 github.com/hashicorp/golang-lru v0.5.1/go.mod h1:/m3WP610KZHVQ1SGc6re/UDhFvYD7pJ4Ao+sR/qLZy8=
-github.com/hashicorp/golang-lru v0.5.3/go.mod h1:iADmTwqILo4mZ8BN3D2Q6+9jd8WM5uGBxy+E8yxSoD4=
 github.com/hashicorp/golang-lru v0.5.4 h1:YDjusn29QI/Das2iO9M0BHnIbxPeyuCHsjMW+lJfyTc=
 github.com/hashicorp/golang-lru v0.5.4/go.mod h1:iADmTwqILo4mZ8BN3D2Q6+9jd8WM5uGBxy+E8yxSoD4=
 github.com/hashicorp/hcl v1.0.0 h1:0Anlzjpi4vEasTeNFn2mLJgTSwt0+6sfsiTG8qcWGx4=
@@ -1218,17 +1060,13 @@ github.com/hashicorp/mdns v1.0.0/go.mod h1:tL+uN++7HEJ6SQLQ2/p+z2pH24WQKWjBPkE0m
 github.com/hashicorp/mdns v1.0.1/go.mod h1:4gW7WsVCke5TE7EPeYliwHlRUyBtfCwuFwuMg2DmyNY=
 github.com/hashicorp/memberlist v0.1.3/go.mod h1:ajVTdAv/9Im8oMAAj5G31PhhMCZJV2pPBoIllUwCN7I=
 github.com/hashicorp/memberlist v0.1.4/go.mod h1:ajVTdAv/9Im8oMAAj5G31PhhMCZJV2pPBoIllUwCN7I=
-github.com/hashicorp/memberlist v0.1.5/go.mod h1:ajVTdAv/9Im8oMAAj5G31PhhMCZJV2pPBoIllUwCN7I=
 github.com/hashicorp/memberlist v0.2.0/go.mod h1:MS2lj3INKhZjWNqd3N0m3J+Jxf3DAOnAH9VT3Sh9MUE=
 github.com/hashicorp/memberlist v0.2.2/go.mod h1:MS2lj3INKhZjWNqd3N0m3J+Jxf3DAOnAH9VT3Sh9MUE=
 github.com/hashicorp/memberlist v0.2.3/go.mod h1:MS2lj3INKhZjWNqd3N0m3J+Jxf3DAOnAH9VT3Sh9MUE=
 github.com/hashicorp/memberlist v0.2.4 h1:OOhYzSvFnkFQXm1ysE8RjXTHsqSRDyP4emusC9K7DYg=
 github.com/hashicorp/memberlist v0.2.4/go.mod h1:MS2lj3INKhZjWNqd3N0m3J+Jxf3DAOnAH9VT3Sh9MUE=
 github.com/hashicorp/serf v0.8.2/go.mod h1:6hOLApaqBFA1NXqRQAsxw9QxuDEvNxSQRwA/JwenrHc=
-github.com/hashicorp/serf v0.8.3/go.mod h1:UpNcs7fFbpKIyZaUuSW6EPiH+eZC7OuyFD+wc1oal+k=
-github.com/hashicorp/serf v0.8.5/go.mod h1:UpNcs7fFbpKIyZaUuSW6EPiH+eZC7OuyFD+wc1oal+k=
 github.com/hashicorp/serf v0.9.0/go.mod h1:YL0HO+FifKOW2u1ke99DGVu1zhcpZzNwrLIqBC7vbYU=
-github.com/hashicorp/serf v0.9.3/go.mod h1:UWDWwZeL5cuWDJdl0C6wrvrUwEqtQ4ZKBKKENpqIUyk=
 github.com/hashicorp/serf v0.9.5 h1:EBWvyu9tcRszt3Bxp3KNssBMP1KuHWyO51lz9+786iM=
 github.com/hashicorp/serf v0.9.5/go.mod h1:UWDWwZeL5cuWDJdl0C6wrvrUwEqtQ4ZKBKKENpqIUyk=
 github.com/hashicorp/vault/api v1.0.4/go.mod h1:gDcqh3WGcR1cpF5AJz/B1UFheUEneMoIospckxBxk6Q=
@@ -1237,54 +1075,39 @@ github.com/hashicorp/yamux v0.0.0-20180604194846-3520598351bb/go.mod h1:+NfK9FKe
 github.com/hashicorp/yamux v0.0.0-20181012175058-2f1d1f20f75d/go.mod h1:+NfK9FKeTrX5uv1uIXGdwYDTeHna2qgaIlx54MXqjAM=
 github.com/hashicorp/yamux v0.0.0-20190923154419-df201c70410d h1:W+SIwDdl3+jXWeidYySAgzytE3piq6GumXeBjFBG67c=
 github.com/hashicorp/yamux v0.0.0-20190923154419-df201c70410d/go.mod h1:+NfK9FKeTrX5uv1uIXGdwYDTeHna2qgaIlx54MXqjAM=
-github.com/hetznercloud/hcloud-go v1.21.1/go.mod h1:xng8lbDUg+xM1dgc0yGHX5EeqbwIq7UYlMWMTx3SQVg=
-github.com/hetznercloud/hcloud-go v1.22.0/go.mod h1:xng8lbDUg+xM1dgc0yGHX5EeqbwIq7UYlMWMTx3SQVg=
-github.com/hetznercloud/hcloud-go v1.23.1/go.mod h1:xng8lbDUg+xM1dgc0yGHX5EeqbwIq7UYlMWMTx3SQVg=
-github.com/hetznercloud/hcloud-go v1.24.0/go.mod h1:3YmyK8yaZZ48syie6xpm3dt26rtB6s65AisBHylXYFA=
-github.com/hetznercloud/hcloud-go v1.25.0/go.mod h1:2C5uMtBiMoFr3m7lBFPf7wXTdh33CevmZpQIIDPGYJI=
-github.com/hetznercloud/hcloud-go v1.26.2/go.mod h1:2C5uMtBiMoFr3m7lBFPf7wXTdh33CevmZpQIIDPGYJI=
-github.com/hetznercloud/hcloud-go v1.32.0 h1:7zyN2V7hMlhm3HZdxOarmOtvzKvkcYKjM0hcwYMQZz0=
-github.com/hetznercloud/hcloud-go v1.32.0/go.mod h1:XX/TQub3ge0yWR2yHWmnDVIrB+MQbda1pHxkUmDlUME=
+github.com/hetznercloud/hcloud-go v1.33.1 h1:W1HdO2bRLTKU4WsyqAasDSpt54fYO4WNckWYfH5AuCQ=
+github.com/hetznercloud/hcloud-go v1.33.1/go.mod h1:XX/TQub3ge0yWR2yHWmnDVIrB+MQbda1pHxkUmDlUME=
 github.com/hodgesds/perf-utils v0.0.8/go.mod h1:F6TfvsbtrF88i++hou29dTXlI2sfsJv+gRZDtmTJkAs=
 github.com/hpcloud/tail v1.0.0/go.mod h1:ab1qPbhIpdTxEkNHXyeSf5vhxWSCs/tWer42PpOxQnU=
 github.com/huandu/xstrings v1.0.0/go.mod h1:4qWG/gcEcfX4z/mBDHJ++3ReCw9ibxbsNJbcucJdbSo=
 github.com/hudl/fargo v1.3.0/go.mod h1:y3CKSmjA+wD2gak7sUSXTAoopbhU08POFhmITJgmKTg=
 github.com/hudl/fargo v1.4.0/go.mod h1:9Ai6uvFy5fQNq6VPKtg+Ceq1+eTY4nKUlR2JElEOcDo=
-github.com/iancoleman/strcase v0.0.0-20180726023541-3605ed457bf7/go.mod h1:SK73tn/9oHe+/Y0h39VT4UCxmurVJkR5NA7kMEAOgSE=
+github.com/iancoleman/strcase v0.2.0/go.mod h1:iwCmte+B7n89clKwxIoIXy/HfoL7AsD47ZCWhYzw7ho=
 github.com/ianlancetaylor/demangle v0.0.0-20181102032728-5e5cf60278f6/go.mod h1:aSSvb/t6k1mPoxDqO4vJh6VOCGPwU4O0C2/Eqndh1Sc=
 github.com/ianlancetaylor/demangle v0.0.0-20200824232613-28f6c0f3b639/go.mod h1:aSSvb/t6k1mPoxDqO4vJh6VOCGPwU4O0C2/Eqndh1Sc=
+github.com/ianlancetaylor/demangle v0.0.0-20210905161508-09a460cdf81d/go.mod h1:aYm2/VgdVmcIU8iMfdMvDMsRAQjcfZSKFby6HOFvi/w=
 github.com/imdario/mergo v0.3.4/go.mod h1:2EnlNZ0deacrJVfApfmtdGgDfMuh/nq6Ok1EcJh5FfA=
 github.com/imdario/mergo v0.3.5/go.mod h1:2EnlNZ0deacrJVfApfmtdGgDfMuh/nq6Ok1EcJh5FfA=
 github.com/imdario/mergo v0.3.8/go.mod h1:2EnlNZ0deacrJVfApfmtdGgDfMuh/nq6Ok1EcJh5FfA=
 github.com/imdario/mergo v0.3.10/go.mod h1:jmQim1M+e3UYxmgPu/WyfjB3N3VflVyUjjjwH0dnCYA=
-github.com/imdario/mergo v0.3.11 h1:3tnifQM4i+fbajXKBHXWEH+KvNHqojZ778UH75j3bGA=
 github.com/imdario/mergo v0.3.11/go.mod h1:jmQim1M+e3UYxmgPu/WyfjB3N3VflVyUjjjwH0dnCYA=
+github.com/imdario/mergo v0.3.12 h1:b6R2BslTbIEToALKP7LxUvijTsNI9TAe80pLWN2g/HU=
+github.com/imdario/mergo v0.3.12/go.mod h1:jmQim1M+e3UYxmgPu/WyfjB3N3VflVyUjjjwH0dnCYA=
 github.com/inconshreveable/mousetrap v1.0.0 h1:Z8tu5sraLXCXIcARxBp/8cbvlwVa7Z1NHg9XEKhtSvM=
 github.com/inconshreveable/mousetrap v1.0.0/go.mod h1:PxqpIevigyE2G7u3NXJIT2ANytuPF1OarO4DADm73n8=
 github.com/influxdata/flux v0.65.0/go.mod h1:BwN2XG2lMszOoquQaFdPET8FRQfrXiZsWmcMO9rkaVY=
-github.com/influxdata/flux v0.65.1/go.mod h1:J754/zds0vvpfwuq7Gc2wRdVwEodfpCFM7mYlOw2LqY=
-github.com/influxdata/flux v0.113.0/go.mod h1:3TJtvbm/Kwuo5/PEo5P6HUzwVg4bXWkb2wPQHPtQdlU=
-github.com/influxdata/flux v0.120.1/go.mod h1:pGSAvyAA5d3et7SSzajaYShWYXmnRnJJq2qWi+WWZ2I=
+github.com/influxdata/flux v0.131.0/go.mod h1:CKvnYe6FHpTj/E0YGI7TcOZdGiYHoToOPSnoa12RtKI=
 github.com/influxdata/httprouter v1.3.1-0.20191122104820-ee83e2772f69/go.mod h1:pwymjR6SrP3gD3pRj9RJwdl1j5s3doEEV8gS4X9qSzA=
-github.com/influxdata/influxdb v1.7.7/go.mod h1:qZna6X/4elxqT3yI9iZYdZrWWdeFOOprn86kgg4+IzY=
 github.com/influxdata/influxdb v1.8.0/go.mod h1:SIzcnsjaHRFpmlxpJ4S3NT64qtEKYweNTUMb/vh0OMQ=
-github.com/influxdata/influxdb v1.8.1/go.mod h1:SIzcnsjaHRFpmlxpJ4S3NT64qtEKYweNTUMb/vh0OMQ=
-github.com/influxdata/influxdb v1.8.2/go.mod h1:SIzcnsjaHRFpmlxpJ4S3NT64qtEKYweNTUMb/vh0OMQ=
-github.com/influxdata/influxdb v1.8.3/go.mod h1:JugdFhsvvI8gadxOI6noqNeeBHvWNTbfYGtiAn+2jhI=
-github.com/influxdata/influxdb v1.8.4/go.mod h1:JugdFhsvvI8gadxOI6noqNeeBHvWNTbfYGtiAn+2jhI=
-github.com/influxdata/influxdb v1.8.5/go.mod h1:oFH+pbEyDln/1TKwa98oJzVrkZwdjrJOwIDGYZj7Ma0=
-github.com/influxdata/influxdb v1.9.2/go.mod h1:UEe3MeD9AaP5rlPIes102IhYua3FhIWZuOXNHxDjSrI=
-github.com/influxdata/influxdb v1.9.3/go.mod h1:xD4ZjAgEJQO9/bX3NhFrssKtdNPi+ki1kjrttJRDhGc=
+github.com/influxdata/influxdb v1.9.5/go.mod h1:4uPVvcry9KWQVWLxyT9641qpkRXUBN+xa0MJFFNNLKo=
 github.com/influxdata/influxdb-client-go/v2 v2.3.1-0.20210518120617-5d1fff431040/go.mod h1:vLNHdxTJkIf2mSLvGrpj8TCcISApPoXkaxP8g9uRlW8=
 github.com/influxdata/influxdb1-client v0.0.0-20191209144304-8bf82d3c094d/go.mod h1:qj24IKcXYK6Iy9ceXlo3Tc+vtHo9lIhSX5JddghvEPo=
 github.com/influxdata/influxdb1-client v0.0.0-20200827194710-b269163b24ab/go.mod h1:qj24IKcXYK6Iy9ceXlo3Tc+vtHo9lIhSX5JddghvEPo=
 github.com/influxdata/influxql v1.1.0/go.mod h1:KpVI7okXjK6PRi3Z5B+mtKZli+R1DnZgb3N+tzevNgo=
-github.com/influxdata/influxql v1.1.1-0.20200828144457-65d3ef77d385/go.mod h1:gHp9y86a/pxhjJ+zMjNXiQAA197Xk9wLxaz+fGG+kWk=
 github.com/influxdata/influxql v1.1.1-0.20210223160523-b6ab99450c93/go.mod h1:gHp9y86a/pxhjJ+zMjNXiQAA197Xk9wLxaz+fGG+kWk=
 github.com/influxdata/line-protocol v0.0.0-20180522152040-32c6aa80de5e/go.mod h1:4kt73NQhadE3daL3WhR5EJ/J2ocX0PZzwxQ0gXJ7oFE=
 github.com/influxdata/line-protocol v0.0.0-20200327222509-2487e7298839/go.mod h1:xaLFMmpvUxqXtVkUJfg9QmT88cDaCJ3ZKgdZ78oO8Qo=
-github.com/influxdata/pkg-config v0.2.6/go.mod h1:EMS7Ll0S4qkzDk53XS3Z72/egBsPInt+BeRxb0WeSwk=
-github.com/influxdata/pkg-config v0.2.7/go.mod h1:EMS7Ll0S4qkzDk53XS3Z72/egBsPInt+BeRxb0WeSwk=
+github.com/influxdata/pkg-config v0.2.8/go.mod h1:EMS7Ll0S4qkzDk53XS3Z72/egBsPInt+BeRxb0WeSwk=
 github.com/influxdata/promql/v2 v2.12.0/go.mod h1:fxOPu+DY0bqCTCECchSRtWfc+0X19ybifQhZoQNF5D8=
 github.com/influxdata/roaring v0.4.13-0.20180809181101-fc520f41fab6/go.mod h1:bSgUQ7q5ZLSO+bKBGqJiCBGAl+9DxyW63zLTujjUlOE=
 github.com/influxdata/tdigest v0.0.0-20181121200506-bf2b5ad3c0a9/go.mod h1:Js0mqiSBE6Ffsg94weZZ2c+v/ciT8QRHFOap7EKDrR0=
@@ -1309,7 +1132,6 @@ github.com/jcmturner/rpc/v2 v2.0.3 h1:7FXXj8Ti1IaVFpSAziCZWNzbNuZmnvw/i6CqLNdWfZ
 github.com/jcmturner/rpc/v2 v2.0.3/go.mod h1:VUJYCIDm3PVOEHw8sgt091/20OJjskO/YJki3ELg/Hc=
 github.com/jedib0t/go-pretty/v6 v6.2.4 h1:wdaj2KHD2W+mz8JgJ/Q6L/T5dB7kyqEFI16eLq7GEmk=
 github.com/jedib0t/go-pretty/v6 v6.2.4/go.mod h1:+nE9fyyHGil+PuISTCrp7avEdo6bqoMwqZnuiK2r2a0=
-github.com/jessevdk/go-flags v0.0.0-20180331124232-1c38ed7ad0cc/go.mod h1:4FA24M0QyGHXBuZZK/XkWh8h0e1EYbRYJSGM75WSRxI=
 github.com/jessevdk/go-flags v1.4.0/go.mod h1:4FA24M0QyGHXBuZZK/XkWh8h0e1EYbRYJSGM75WSRxI=
 github.com/jessevdk/go-flags v1.5.0 h1:1jKYvbxEjfUl0fmqTCOfonvskHHXMjBySTLW4y9LFvc=
 github.com/jessevdk/go-flags v1.5.0/go.mod h1:Fw0T6WPc1dYxT4mKEZRfG5kJhaTDP9pj1c2EWnYs/m4=
@@ -1327,17 +1149,13 @@ github.com/joeshaw/multierror v0.0.0-20140124173710-69b34d4ec901/go.mod h1:Z86h9
 github.com/joho/godotenv v1.3.0 h1:Zjp+RcGpHhGlrMbJzXTrZZPrWj+1vfm90La1wgB6Bhc=
 github.com/joho/godotenv v1.3.0/go.mod h1:7hK45KPybAkOC6peb+G5yklZfMxEjkZhHbwpqxOKXbg=
 github.com/jonboulle/clockwork v0.1.0/go.mod h1:Ii8DK3G1RaLaWxj9trq07+26W01tbo22gdxWY5EU2bo=
-github.com/jonboulle/clockwork v0.2.2/go.mod h1:Pkfl5aHPm1nk2H9h0bjmnJD/BcgbGXUBGnn1kMkgxc8=
 github.com/josharian/intern v1.0.0 h1:vlS4z54oSdjm0bgjRigI+G1HpF+tI+9rE5LLzOg8HmY=
 github.com/josharian/intern v1.0.0/go.mod h1:5DoeVV0s6jJacbCEi61lwdGj/aVlrQvzHFFd8Hwg//Y=
-github.com/jpillora/backoff v0.0.0-20180909062703-3050d21c67d7/go.mod h1:2iMrUgbbvHEiQClaW2NsSzMyGHqN+rDFqY705q49KG0=
 github.com/jpillora/backoff v1.0.0 h1:uvFg412JmmHBHw7iwprIxkPMI+sGQ4kzOWsMeHnm2EA=
 github.com/jpillora/backoff v1.0.0/go.mod h1:J/6gKK9jxlEcS3zixgDgUAsiuZ7yrSoa/FX5e0EB2j4=
 github.com/jsimonetti/rtnetlink v0.0.0-20190606172950-9527aa82566a/go.mod h1:Oz+70psSo5OFh8DBl0Zv2ACw7Esh6pPUphlvZG9x7uw=
 github.com/jsimonetti/rtnetlink v0.0.0-20190830100107-3784a6c7c552/go.mod h1:Oz+70psSo5OFh8DBl0Zv2ACw7Esh6pPUphlvZG9x7uw=
 github.com/jsimonetti/rtnetlink v0.0.0-20200117123717-f846d4f6c1f4/go.mod h1:WGuG/smIU4J/54PblvSbh+xvCZmpJnFgr3ds6Z55XMQ=
-github.com/json-iterator/go v0.0.0-20180612202835-f2b4162afba3/go.mod h1:+SdeFBvtyEkXs7REEP0seUULqWtbJapLOCVDaaPEHmU=
-github.com/json-iterator/go v1.1.5/go.mod h1:+SdeFBvtyEkXs7REEP0seUULqWtbJapLOCVDaaPEHmU=
 github.com/json-iterator/go v1.1.6/go.mod h1:+SdeFBvtyEkXs7REEP0seUULqWtbJapLOCVDaaPEHmU=
 github.com/json-iterator/go v1.1.7/go.mod h1:KdQUCv79m/52Kvf8AW2vK1V8akMuk1QjK/uOdHXbAo4=
 github.com/json-iterator/go v1.1.8/go.mod h1:KdQUCv79m/52Kvf8AW2vK1V8akMuk1QjK/uOdHXbAo4=
@@ -1370,8 +1188,8 @@ github.com/klauspost/compress v1.11.3/go.mod h1:aoV0uJVorq1K+umq18yTdKaF57EivdYs
 github.com/klauspost/compress v1.11.12/go.mod h1:aoV0uJVorq1K+umq18yTdKaF57EivdYsUV+/s2qKfXs=
 github.com/klauspost/compress v1.11.13/go.mod h1:aoV0uJVorq1K+umq18yTdKaF57EivdYsUV+/s2qKfXs=
 github.com/klauspost/compress v1.12.3/go.mod h1:8dP1Hq4DHOhN9w426knH3Rhby4rFm6D8eO+e+Dq5Gzg=
-github.com/klauspost/compress v1.13.1/go.mod h1:8dP1Hq4DHOhN9w426knH3Rhby4rFm6D8eO+e+Dq5Gzg=
 github.com/klauspost/compress v1.13.4/go.mod h1:8dP1Hq4DHOhN9w426knH3Rhby4rFm6D8eO+e+Dq5Gzg=
+github.com/klauspost/compress v1.13.5/go.mod h1:/3/Vjq9QcHkK5uEr5lBEmyoZ1iFhe47etQ6QUkpK6sk=
 github.com/klauspost/compress v1.13.6 h1:P76CopJELS0TiO2mebmnzgWaajssP/EszplttgQxcgc=
 github.com/klauspost/compress v1.13.6/go.mod h1:/3/Vjq9QcHkK5uEr5lBEmyoZ1iFhe47etQ6QUkpK6sk=
 github.com/klauspost/cpuid v0.0.0-20170728055534-ae7887de9fa5/go.mod h1:Pj4uuM528wm8OyEC2QMXAi2YiTZ96dNQPGgoMS4s3ek=
@@ -1383,6 +1201,8 @@ github.com/klauspost/pgzip v1.0.2-0.20170402124221-0bf5dcad4ada/go.mod h1:Ch1tH6
 github.com/knadh/koanf v1.3.2 h1:0JKfmTLcvEmdJwjY16BMOVKpqThxRwj29CtQvZiCsAA=
 github.com/knadh/koanf v1.3.2/go.mod h1:HZ7HMLIGbrWJUfgtEzfHvzR/rX+eIqQlBNPRr4Vt42s=
 github.com/knq/sysutil v0.0.0-20191005231841-15668db23d08/go.mod h1:dFWs1zEqDjFtnBXsd1vPOZaLsESovai349994nHx3e0=
+github.com/kolo/xmlrpc v0.0.0-20201022064351-38db28db192b h1:iNjcivnc6lhbvJA3LD622NPrUponluJrBWPIwGG/3Bg=
+github.com/kolo/xmlrpc v0.0.0-20201022064351-38db28db192b/go.mod h1:pcaDhQK0/NJZEvtCO0qQPPropqV0sJOJ6YW7X+9kRwM=
 github.com/konsorten/go-windows-terminal-sequences v1.0.1/go.mod h1:T0+1ngSBFLxvqU3pZ+m/2kptfBszLMUkC4ZK/EgS/cQ=
 github.com/konsorten/go-windows-terminal-sequences v1.0.2/go.mod h1:T0+1ngSBFLxvqU3pZ+m/2kptfBszLMUkC4ZK/EgS/cQ=
 github.com/konsorten/go-windows-terminal-sequences v1.0.3/go.mod h1:T0+1ngSBFLxvqU3pZ+m/2kptfBszLMUkC4ZK/EgS/cQ=
@@ -1393,7 +1213,6 @@ github.com/kr/pretty v0.2.0/go.mod h1:ipq/a2n7PKx3OHsz4KJII5eveXtPO4qwEXGdVfWzfn
 github.com/kr/pretty v0.2.1/go.mod h1:ipq/a2n7PKx3OHsz4KJII5eveXtPO4qwEXGdVfWzfnI=
 github.com/kr/pretty v0.3.0 h1:WgNl7dwNpEZ6jJ9k1snq4pZsg7DOEN8hP9Xw0Tsjwk0=
 github.com/kr/pretty v0.3.0/go.mod h1:640gp4NfQd8pI5XOwp5fnNeVWj67G7CFk/SaSQn7NBk=
-github.com/kr/pty v1.0.0/go.mod h1:pFQYn66WHrOpPYNljwOMqo10TkYh1fy3cYio2l3bCsQ=
 github.com/kr/pty v1.1.1/go.mod h1:pFQYn66WHrOpPYNljwOMqo10TkYh1fy3cYio2l3bCsQ=
 github.com/kr/pty v1.1.5/go.mod h1:9r2w37qlBe7rQ6e1fg1S/9xpWHSnaqNdHD3WcMdbPDA=
 github.com/kr/text v0.1.0/go.mod h1:4Jbv+DJW3UT/LiOwJeYQe1efqtUx/iVham/4vfdArNI=
@@ -1401,12 +1220,10 @@ github.com/kr/text v0.2.0 h1:5Nx0Ya0ZqY2ygV366QzturHI13Jq95ApcVaJBhpS+AY=
 github.com/kr/text v0.2.0/go.mod h1:eLer722TekiGuMkidMxC/pM04lWEeraHUUmBw8l2grE=
 github.com/kshvakov/clickhouse v1.3.5/go.mod h1:DMzX7FxRymoNkVgizH0DWAL8Cur7wHLgx3MUnGwJqpE=
 github.com/kylelemons/godebug v0.0.0-20160406211939-eadb3ce320cb/go.mod h1:B69LEHPfb2qLo0BaaOLcbitczOKLWTsrBG9LczfCD4k=
-github.com/kylelemons/godebug v0.0.0-20170820004349-d65d576e9348/go.mod h1:B69LEHPfb2qLo0BaaOLcbitczOKLWTsrBG9LczfCD4k=
 github.com/kylelemons/godebug v1.1.0 h1:RPNrshWIDI6G2gRW9EHilWtl7Z6Sb1BR0xunSBf0SNc=
 github.com/kylelemons/godebug v1.1.0/go.mod h1:9/0rRGxNHcop5bhtWyNeEfOS8JIWk580+fNqagV/RAw=
 github.com/labstack/echo/v4 v4.2.1/go.mod h1:AA49e0DZ8kk5jTOOCKNuPR6oTnBS0dYiM4FW1e6jwpg=
 github.com/labstack/gommon v0.3.0/go.mod h1:MULnywXg0yavhxWKc+lOruYdAhDwPK9wf0OL7NoOu+k=
-github.com/lann/builder v0.0.0-20150808151131-f22ce00fd939/go.mod h1:dXGbAdH5GtBTC4WfIxhKZfyBF/HBFgRZSWwZ9g/He9o=
 github.com/lann/builder v0.0.0-20180802200727-47ae307949d0 h1:SOEGU9fKiNWd/HOJuq6+3iTQz8KNCLtVX6idSoTLdUw=
 github.com/lann/builder v0.0.0-20180802200727-47ae307949d0/go.mod h1:dXGbAdH5GtBTC4WfIxhKZfyBF/HBFgRZSWwZ9g/He9o=
 github.com/lann/ps v0.0.0-20150810152359-62de8c46ede0 h1:P6pPBnrTSX3DEVR4fDembhRWSsG5rVo6hYhAB/ADZrk=
@@ -1418,19 +1235,16 @@ github.com/lib/pq v1.0.0/go.mod h1:5WUZQaWbwv1U+lTReE5YruASi9Al49XbQIvNi/34Woo=
 github.com/lib/pq v1.3.0 h1:/qkRGz8zljWiDcFvgpwUpwIAPu3r07TDvs3Rws+o/pU=
 github.com/lib/pq v1.3.0/go.mod h1:5WUZQaWbwv1U+lTReE5YruASi9Al49XbQIvNi/34Woo=
 github.com/lightstep/lightstep-tracer-common/golang/gogo v0.0.0-20190605223551-bc2310a04743/go.mod h1:qklhhLq1aX+mtWk9cPHPzaBjWImj5ULL6C7HFJtXQMM=
-github.com/lightstep/lightstep-tracer-go v0.18.0/go.mod h1:jlF1pusYV4pidLvZ+XD0UBX0ZE6WURAspgAczcDHrL4=
 github.com/lightstep/lightstep-tracer-go v0.18.1/go.mod h1:jlF1pusYV4pidLvZ+XD0UBX0ZE6WURAspgAczcDHrL4=
-github.com/linode/linodego v0.28.5/go.mod h1:BR0gVkCJffEdIGJSl6bHR80Ty+Uvg/2jkjmrWaFectM=
-github.com/linode/linodego v0.32.0 h1:IK04cx2b/IwAAd6XLruf1Dl/n3dRXj87Uw/5qo6afVU=
-github.com/linode/linodego v0.32.0/go.mod h1:BR0gVkCJffEdIGJSl6bHR80Ty+Uvg/2jkjmrWaFectM=
+github.com/linode/linodego v1.2.1 h1:v0vS/n9dGMA9evG+fhLJcy7hsf6TUVmacfYiYzARhts=
+github.com/linode/linodego v1.2.1/go.mod h1:x/7+BoaKd4unViBmS2umdjYyVAmpFtBtEXZ0wou7FYQ=
 github.com/lovoo/gcloud-opentracing v0.3.0/go.mod h1:ZFqk2y38kMDDikZPAK7ynTTGuyt17nSPdS3K5e+ZTBY=
 github.com/lucasb-eyer/go-colorful v1.0.2/go.mod h1:0MS4r+7BZKSJ5mw4/S5MPN+qHFF1fYclkSPilDOKW0s=
 github.com/lucasb-eyer/go-colorful v1.0.3/go.mod h1:R4dSotOR9KMtayYi1e77YzuveK+i7ruzyGqttikkLy0=
 github.com/lufia/iostat v1.1.0/go.mod h1:rEPNA0xXgjHQjuI5Cy05sLlS2oRcSlWHRLrvh/AQ+Pg=
 github.com/lufia/plan9stats v0.0.0-20211012122336-39d0f177ccd0/go.mod h1:zJYVVT2jmtg6P3p1VtQj7WsuWi/y4VnjVBn7F8KPB3I=
-github.com/lyft/protoc-gen-star v0.5.1/go.mod h1:9toiA3cC7z5uVbODF7kEQ91Xn7XNFkVUl+SrEe+ZORU=
+github.com/lyft/protoc-gen-star v0.5.3/go.mod h1:V0xaHgaf5oCCqmcxYcWiDfTiKsZsRc87/1qhoTACD8w=
 github.com/magiconair/properties v1.8.0/go.mod h1:PppfXfuXeibc/6YijjN8zIbojt8czPbwD3XqdrwzmxQ=
-github.com/magiconair/properties v1.8.1/go.mod h1:PppfXfuXeibc/6YijjN8zIbojt8czPbwD3XqdrwzmxQ=
 github.com/magiconair/properties v1.8.5 h1:b6kJs+EmPFMYGkow9GiUyCyOvIwYetYJ3fSaWak/Gls=
 github.com/magiconair/properties v1.8.5/go.mod h1:y3VJvCyxH9uVvJTWEGAELF3aiYNyPKd5NZ3oSwXrF60=
 github.com/mailru/easyjson v0.0.0-20160728113105-d5b7844b561a/go.mod h1:C1wdFJiN94OJF2b5HbByQZoLdCWB1Yqtg26g4irojpc=
@@ -1454,9 +1268,6 @@ github.com/mattn/go-colorable v0.1.6/go.mod h1:u6P/XSegPjTcexA+o6vUJrdnUu04hMope
 github.com/mattn/go-colorable v0.1.7/go.mod h1:u6P/XSegPjTcexA+o6vUJrdnUu04hMope9wVRipJSqc=
 github.com/mattn/go-colorable v0.1.8 h1:c1ghPdyEDarC70ftn0y+A/Ee++9zz8ljHG1b13eJ0s8=
 github.com/mattn/go-colorable v0.1.8/go.mod h1:u6P/XSegPjTcexA+o6vUJrdnUu04hMope9wVRipJSqc=
-github.com/mattn/go-ieproxy v0.0.0-20190610004146-91bb50d98149/go.mod h1:31jz6HNzdxOmlERGGEc4v/dMssOfmp2p5bT/okiKFFc=
-github.com/mattn/go-ieproxy v0.0.0-20190702010315-6dee0af9227d/go.mod h1:31jz6HNzdxOmlERGGEc4v/dMssOfmp2p5bT/okiKFFc=
-github.com/mattn/go-ieproxy v0.0.0-20191113090002-7c0f6868bffe/go.mod h1:pYabZ6IHcRpFh7vIaLfK7rdcWgFEb3SFJ6/gNWuh88E=
 github.com/mattn/go-ieproxy v0.0.1 h1:qiyop7gCflfhwCzGyeT0gro3sF9AIg9HU98JORTkqfI=
 github.com/mattn/go-ieproxy v0.0.1/go.mod h1:pYabZ6IHcRpFh7vIaLfK7rdcWgFEb3SFJ6/gNWuh88E=
 github.com/mattn/go-isatty v0.0.3/go.mod h1:M+lRXTBqGeGNdLjl/ufCoiOlB5xdOkqRJdNxMWT7Zi4=
@@ -1471,7 +1282,6 @@ github.com/mattn/go-isatty v0.0.14/go.mod h1:7GGIvUiUoEMVVmxf/4nioHXj79iQHKdU27k
 github.com/mattn/go-runewidth v0.0.2/go.mod h1:LwmH8dsx7+W8Uxz3IHJYH5QSwggIsqBzpuz5H//U1FU=
 github.com/mattn/go-runewidth v0.0.3/go.mod h1:LwmH8dsx7+W8Uxz3IHJYH5QSwggIsqBzpuz5H//U1FU=
 github.com/mattn/go-runewidth v0.0.4/go.mod h1:LwmH8dsx7+W8Uxz3IHJYH5QSwggIsqBzpuz5H//U1FU=
-github.com/mattn/go-runewidth v0.0.6/go.mod h1:H031xJmbD/WCDINGzjvQ9THkh0rPKHF+m2gUSrubnMI=
 github.com/mattn/go-runewidth v0.0.8/go.mod h1:H031xJmbD/WCDINGzjvQ9THkh0rPKHF+m2gUSrubnMI=
 github.com/mattn/go-runewidth v0.0.9 h1:Lm995f3rfxdpd6TSmuVCHVb/QhupuXlYr8sCI/QdE+0=
 github.com/mattn/go-runewidth v0.0.9/go.mod h1:H031xJmbD/WCDINGzjvQ9THkh0rPKHF+m2gUSrubnMI=
@@ -1480,7 +1290,6 @@ github.com/mattn/go-sqlite3 v1.10.0/go.mod h1:FPy6KqzDD04eiIsT53CuJW3U88zkxoIYsO
 github.com/mattn/go-sqlite3 v1.11.0/go.mod h1:FPy6KqzDD04eiIsT53CuJW3U88zkxoIYsOqkbpncsNc=
 github.com/mattn/go-tty v0.0.0-20180907095812-13ff1204f104/go.mod h1:XPvLUNfbS4fJH25nqRHfWLMa1ONC8Amw+mIA639KxkE=
 github.com/mattn/go-xmlrpc v0.0.3/go.mod h1:mqc2dz7tP5x5BKlCahN/n+hs7OSZKJkS9JsHNBRlrxA=
-github.com/matttproud/golang_protobuf_extensions v1.0.0/go.mod h1:D8He9yQNgCq6Z5Ld7szi9bcBfOoFv/3dc6xSMkL2PC0=
 github.com/matttproud/golang_protobuf_extensions v1.0.1/go.mod h1:D8He9yQNgCq6Z5Ld7szi9bcBfOoFv/3dc6xSMkL2PC0=
 github.com/matttproud/golang_protobuf_extensions v1.0.2-0.20181231171920-c182affec369 h1:I0XW9+e1XWDxdcEniV4rQAIOPUGDq67JSCiRCgGCZLI=
 github.com/matttproud/golang_protobuf_extensions v1.0.2-0.20181231171920-c182affec369/go.mod h1:BSXmuO+STAnVfrANrmjBb36TMTDstsz7MSK+HVaYKv4=
@@ -1492,16 +1301,9 @@ github.com/mdlayher/netlink v1.1.0/go.mod h1:H4WCitaheIsdF9yOYu8CFmCgQthAPIWZmcK
 github.com/mdlayher/wifi v0.0.0-20190303161829-b1436901ddee/go.mod h1:Evt/EIne46u9PtQbeTx2NTcqURpr5K4SvKtGmBuDPN8=
 github.com/mgutz/ansi v0.0.0-20170206155736-9520e82c474b/go.mod h1:01TrycV0kFyexm33Z7vhZRXopbI8J3TDReVlkTgMUxE=
 github.com/miekg/dns v1.0.14/go.mod h1:W1PPwlIAgtquWBMBEV9nkV9Cazfe8ScdGz/Lj7v3Nrg=
-github.com/miekg/dns v1.1.15/go.mod h1:W1PPwlIAgtquWBMBEV9nkV9Cazfe8ScdGz/Lj7v3Nrg=
 github.com/miekg/dns v1.1.22/go.mod h1:bPDLeHnStXmXAq1m/Ch/hvfNHr14JKNPMBo3VZKjuso=
 github.com/miekg/dns v1.1.26/go.mod h1:bPDLeHnStXmXAq1m/Ch/hvfNHr14JKNPMBo3VZKjuso=
 github.com/miekg/dns v1.1.29/go.mod h1:KNUDUusw/aVsxyTYZM1oqvCicbwhgbNgztCETuNZ7xM=
-github.com/miekg/dns v1.1.30/go.mod h1:KNUDUusw/aVsxyTYZM1oqvCicbwhgbNgztCETuNZ7xM=
-github.com/miekg/dns v1.1.31/go.mod h1:KNUDUusw/aVsxyTYZM1oqvCicbwhgbNgztCETuNZ7xM=
-github.com/miekg/dns v1.1.35/go.mod h1:KNUDUusw/aVsxyTYZM1oqvCicbwhgbNgztCETuNZ7xM=
-github.com/miekg/dns v1.1.38/go.mod h1:KNUDUusw/aVsxyTYZM1oqvCicbwhgbNgztCETuNZ7xM=
-github.com/miekg/dns v1.1.41/go.mod h1:p6aan82bvRIyn+zDIv9xYNUpwa73JcSh9BKwknJysuI=
-github.com/miekg/dns v1.1.42/go.mod h1:+evo5L0630/F6ca/Z9+GAqzhjGyn8/c+TBaOyfEl0V4=
 github.com/miekg/dns v1.1.43 h1:JKfpVSCB84vrAmHzyrsxB5NAr5kLoMXZArPSw7Qlgyg=
 github.com/miekg/dns v1.1.43/go.mod h1:+evo5L0630/F6ca/Z9+GAqzhjGyn8/c+TBaOyfEl0V4=
 github.com/miekg/pkcs11 v1.0.3/go.mod h1:XsNlhZGX73bx86s2hdc/FuaLm2CPZJemRLMA+WTFxgs=
@@ -1510,11 +1312,9 @@ github.com/minio/highwayhash v1.0.1/go.mod h1:BQskDq+xkJ12lmlUUi7U0M5Swg3EWR+dLT
 github.com/minio/highwayhash v1.0.2/go.mod h1:BQskDq+xkJ12lmlUUi7U0M5Swg3EWR+dLTk+kldvVxY=
 github.com/minio/md5-simd v1.1.0 h1:QPfiOqlZH+Cj9teu0t9b1nTBfPbyTl16Of5MeuShdK4=
 github.com/minio/md5-simd v1.1.0/go.mod h1:XpBqgZULrMYD3R+M28PcmP0CkI7PEMzB3U77ZrKZ0Gw=
-github.com/minio/minio-go/v6 v6.0.44/go.mod h1:qD0lajrGW49lKZLtXKtCB4X/qkMf0a5tBvN2PaZg7Gg=
-github.com/minio/minio-go/v6 v6.0.56/go.mod h1:KQMM+/44DSlSGSQWSfRrAZ12FVMmpWNuX37i2AX0jfI=
-github.com/minio/minio-go/v7 v7.0.2/go.mod h1:dJ80Mv2HeGkYLH1sqS/ksz07ON6csH3S6JUMSQ2zAns=
-github.com/minio/minio-go/v7 v7.0.10 h1:1oUKe4EOPUEhw2qnPQaPsJ0lmVTYLFu03SiItauXs94=
 github.com/minio/minio-go/v7 v7.0.10/go.mod h1:td4gW1ldOsj1PbSNS+WYK43j+P1XVhX/8W8awaYlBFo=
+github.com/minio/minio-go/v7 v7.0.16-0.20211116163909-d00629356463 h1:SXUyVAheCoi5HvKsrKWzMxMi5eCfZctZcEpJVgFKaMM=
+github.com/minio/minio-go/v7 v7.0.16-0.20211116163909-d00629356463/go.mod h1:pUV0Pc+hPd1nccgmzQF/EXh48l/Z/yps6QPF1aaie4g=
 github.com/minio/sha256-simd v0.1.1 h1:5QHSlgo3nt5yKOJrC7W8w7X+NFl8cMPZm96iu8kKUJU=
 github.com/minio/sha256-simd v0.1.1/go.mod h1:B5e1o+1/KgNmWrSQK08Y6Z1Vb5pwIktudl0J58iy0KM=
 github.com/mistifyio/go-zfs v2.1.2-0.20190413222219-f784269be439+incompatible/go.mod h1:8AuVvqP/mXw1px98n46wfvcGfQ4ci2FwoAjKYxuo3Z4=
@@ -1552,12 +1352,11 @@ github.com/moby/sys/mountinfo v0.4.0/go.mod h1:rEr8tzG/lsIZHBtN/JjGG+LMYx9eXgW2J
 github.com/moby/sys/mountinfo v0.4.1/go.mod h1:rEr8tzG/lsIZHBtN/JjGG+LMYx9eXgW2JI+6q0qou+A=
 github.com/moby/sys/symlink v0.1.0/go.mod h1:GGDODQmbFOjFsXvfLVn3+ZRxkch54RkSiGqsZeMYowQ=
 github.com/moby/term v0.0.0-20200312100748-672ec06f55cd/go.mod h1:DdlQx2hp0Ss5/fLikoLlEeIYiATotOjgB//nb973jeo=
-github.com/moby/term v0.0.0-20201216013528-df9cb8a40635 h1:rzf0wL0CHVc8CEsgyygG0Mn9CNCCPZqOPaz8RiiHYQk=
-github.com/moby/term v0.0.0-20201216013528-df9cb8a40635/go.mod h1:FBS0z0QWA44HXygs7VXDUOGoN/1TV3RuWkLO04am3wc=
+github.com/moby/term v0.0.0-20210619224110-3f7ff695adc6 h1:dcztxKSvZ4Id8iPpHERQBbIJfabdt4wUm5qy3wOL2Zc=
+github.com/moby/term v0.0.0-20210619224110-3f7ff695adc6/go.mod h1:E2VnQOmVuvZB6UYnnDB0qG5Nq/1tD9acaOpo6xmt0Kw=
 github.com/modern-go/concurrent v0.0.0-20180228061459-e0a39a4cb421/go.mod h1:6dJC0mAP4ikYIbvyc7fijjWJddQyLn8Ig3JB5CqoB9Q=
 github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd h1:TRLaZ9cD/w8PVh93nsPXa1VrQ6jlwL5oN8l14QlcNfg=
 github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd/go.mod h1:6dJC0mAP4ikYIbvyc7fijjWJddQyLn8Ig3JB5CqoB9Q=
-github.com/modern-go/reflect2 v0.0.0-20180320133207-05fbef0ca5da/go.mod h1:bx2lNnkwVCuqBIxFjflWJWanXIb3RllmbCylyMrvgv0=
 github.com/modern-go/reflect2 v0.0.0-20180701023420-4b7aa43c6742/go.mod h1:bx2lNnkwVCuqBIxFjflWJWanXIb3RllmbCylyMrvgv0=
 github.com/modern-go/reflect2 v1.0.1/go.mod h1:bx2lNnkwVCuqBIxFjflWJWanXIb3RllmbCylyMrvgv0=
 github.com/modern-go/reflect2 v1.0.2 h1:xBagoLtFs94CBntxluKeaWgTMpvLxC4ur3nMaC9Gz0M=
@@ -1568,7 +1367,6 @@ github.com/morikuni/aec v1.0.0 h1:nP9CBfwrvYnBRgY6qfDQkygYDmYwOilePFkwzv4dU8A=
 github.com/morikuni/aec v1.0.0/go.mod h1:BbKIizmSmc5MMPqRYbxO4ZU0S0+P200+tUnFx7PXmsc=
 github.com/mostynb/go-grpc-compression v1.1.15 h1:9pLWmZldgo3vstd3yGyNgpCzY5gvhCrCj3PyvnvlDiY=
 github.com/mostynb/go-grpc-compression v1.1.15/go.mod h1:OTK+ha9cKfSY0Pb3ESCzvGhzStJrudBxXPzuC3PaA5A=
-github.com/mozillazg/go-cos v0.13.0/go.mod h1:Zp6DvvXn0RUOXGJ2chmWt2bLEqRAnJnS3DnAZsJsoaE=
 github.com/mozillazg/go-httpheader v0.2.1 h1:geV7TrjbL8KXSyvghnFm+NyTux/hxwueTSrwhe88TQQ=
 github.com/mozillazg/go-httpheader v0.2.1/go.mod h1:jJ8xECTlalr6ValeXYdOF8fFUISeBAdw6E61aqQma60=
 github.com/mrunalp/fileutils v0.5.0/go.mod h1:M1WthSahJixYnrXQl/DFQuteStB1weuxD2QJNHXfbSQ=
@@ -1597,7 +1395,6 @@ github.com/nats-io/nkeys v0.2.0/go.mod h1:XdZpAbhgyyODYqjTawOnIOI7VlbKSarI9Gfy1t
 github.com/nats-io/nkeys v0.3.0/go.mod h1:gvUNGjVcM2IPr5rCsRsC6Wb3Hr2CQAm08dsxtV6A5y4=
 github.com/nats-io/nuid v1.0.1/go.mod h1:19wcPz3Ph3q0Jbyiqsd0kePYG7A95tJPxeL+1OSON2c=
 github.com/ncw/swift v1.0.47/go.mod h1:23YIA4yWVnGwv2dQlN4bB7egfYX6YLn0Yo/S6zZO/ZM=
-github.com/ncw/swift v1.0.50/go.mod h1:23YIA4yWVnGwv2dQlN4bB7egfYX6YLn0Yo/S6zZO/ZM=
 github.com/ncw/swift v1.0.52 h1:ACF3JufDGgeKp/9mrDgQlEgS8kRYC4XKcuzj/8EJjQU=
 github.com/ncw/swift v1.0.52/go.mod h1:23YIA4yWVnGwv2dQlN4bB7egfYX6YLn0Yo/S6zZO/ZM=
 github.com/niemeyer/pretty v0.0.0-20200227124842-a10e7caefd8e/go.mod h1:zD1mROLANZcx1PVRCS0qkT7pwLkGfwJo4zjcN/Tysno=
@@ -1608,7 +1405,6 @@ github.com/oklog/oklog v0.3.2/go.mod h1:FCV+B7mhrz4o+ueLpx+KqkyXRGMWOYEvfiXtdGtb
 github.com/oklog/run v1.0.0/go.mod h1:dlhp/R75TPv97u0XWUtDeV/lRKWPKSdTuV0TZvrmrQA=
 github.com/oklog/run v1.1.0 h1:GEenZ1cK0+q0+wsJew9qUg/DyD8k3JzYsZAi5gYi2mA=
 github.com/oklog/run v1.1.0/go.mod h1:sVPdnTZT1zYwAJeCMu2Th4T21pA3FPOQRfWjQlk7DVU=
-github.com/oklog/ulid v0.0.0-20170117200651-66bb6560562f/go.mod h1:CirwcVhetQ6Lv90oh/F+FBtV6XMibvdAFo93nm5qn4U=
 github.com/oklog/ulid v1.3.1 h1:EGfNDEx6MqHz8B3uNV6QAib1UR2Lm97sHi3ocA6ESJ4=
 github.com/oklog/ulid v1.3.1/go.mod h1:CirwcVhetQ6Lv90oh/F+FBtV6XMibvdAFo93nm5qn4U=
 github.com/olekukonko/tablewriter v0.0.0-20170122224234-a0225b3f23b5/go.mod h1:vsDQFd/mU46D+Z4whnwzcISnGGzXWMclvtLoiIKAKIo=
@@ -1633,7 +1429,6 @@ github.com/onsi/ginkgo v1.16.5 h1:8xi0RTUf59SOSfEtZMvwTvXYMzG4gV23XVHOZiXNtnE=
 github.com/onsi/ginkgo v1.16.5/go.mod h1:+E8gABHa3K6zRBolWtd+ROzc/U5bkGt0FwiG042wbpU=
 github.com/onsi/gomega v0.0.0-20151007035656-2152b45fa28a/go.mod h1:C1qb7wdrVGGVU+Z6iS04AVkA3Q65CEZX59MT0QO5uiA=
 github.com/onsi/gomega v0.0.0-20170829124025-dcabb60a477c/go.mod h1:C1qb7wdrVGGVU+Z6iS04AVkA3Q65CEZX59MT0QO5uiA=
-github.com/onsi/gomega v1.4.2/go.mod h1:ex+gbHU/CVuBBDIJjb2X0qEXbFg53c61hWP/1CpauHY=
 github.com/onsi/gomega v1.4.3/go.mod h1:ex+gbHU/CVuBBDIJjb2X0qEXbFg53c61hWP/1CpauHY=
 github.com/onsi/gomega v1.5.0/go.mod h1:ex+gbHU/CVuBBDIJjb2X0qEXbFg53c61hWP/1CpauHY=
 github.com/onsi/gomega v1.7.0/go.mod h1:ex+gbHU/CVuBBDIJjb2X0qEXbFg53c61hWP/1CpauHY=
@@ -1679,14 +1474,17 @@ github.com/opencontainers/runc v0.1.1/go.mod h1:qT5XzbpPznkRYVz/mWwUaVBUv2rmF59P
 github.com/opencontainers/runc v1.0.0-rc8.0.20190926000215-3e425f80a8c9/go.mod h1:qT5XzbpPznkRYVz/mWwUaVBUv2rmF59PVA73FjuZG0U=
 github.com/opencontainers/runc v1.0.0-rc9/go.mod h1:qT5XzbpPznkRYVz/mWwUaVBUv2rmF59PVA73FjuZG0U=
 github.com/opencontainers/runc v1.0.0-rc93/go.mod h1:3NOsor4w32B2tC0Zbl8Knk4Wg84SM2ImC1fxBuqJ/H0=
+github.com/opencontainers/runc v1.0.2/go.mod h1:aTaHFFwQXuA71CiyxOdFFIorAoemI04suvGRQFzWTD0=
 github.com/opencontainers/runtime-spec v0.1.2-0.20190507144316-5b71a03e2700/go.mod h1:jwyrGlmzljRJv/Fgzds9SsS/C5hL+LL3ko9hs6T5lQ0=
 github.com/opencontainers/runtime-spec v1.0.1/go.mod h1:jwyrGlmzljRJv/Fgzds9SsS/C5hL+LL3ko9hs6T5lQ0=
 github.com/opencontainers/runtime-spec v1.0.2-0.20190207185410-29686dbc5559/go.mod h1:jwyrGlmzljRJv/Fgzds9SsS/C5hL+LL3ko9hs6T5lQ0=
 github.com/opencontainers/runtime-spec v1.0.2/go.mod h1:jwyrGlmzljRJv/Fgzds9SsS/C5hL+LL3ko9hs6T5lQ0=
 github.com/opencontainers/runtime-spec v1.0.3-0.20200929063507-e6143ca7d51d/go.mod h1:jwyrGlmzljRJv/Fgzds9SsS/C5hL+LL3ko9hs6T5lQ0=
+github.com/opencontainers/runtime-spec v1.0.3-0.20210326190908-1c3f411f0417/go.mod h1:jwyrGlmzljRJv/Fgzds9SsS/C5hL+LL3ko9hs6T5lQ0=
 github.com/opencontainers/runtime-tools v0.0.0-20181011054405-1d69bd0f9c39/go.mod h1:r3f7wjNzSs2extwzU3Y+6pKfobzPh+kKFJ3ofN+3nfs=
 github.com/opencontainers/selinux v1.6.0/go.mod h1:VVGKuOLlE7v4PJyT6h7mNWvq1rzqiriPsEqVhc+svHE=
 github.com/opencontainers/selinux v1.8.0/go.mod h1:RScLhm78qiWa2gbVCcGkC7tCGdgk3ogry1nUQF8Evvo=
+github.com/opencontainers/selinux v1.8.2/go.mod h1:MUIHuUEvKB1wtJjQdOyYRgOnLD2xAPP8dBsCoU0KuF8=
 github.com/opentracing-contrib/go-grpc v0.0.0-20180928155321-4b5a12d3ff02/go.mod h1:JNdpVEzCpXBgIiv4ds+TzhN1hrtxq6ClLrTlT9OQRSc=
 github.com/opentracing-contrib/go-grpc v0.0.0-20191001143057-db30781987df/go.mod h1:DYR5Eij8rJl8h7gblRrOZ8g0kW1umSpKqYIBTgeDtLo=
 github.com/opentracing-contrib/go-grpc v0.0.0-20210225150812-73cb765af46e h1:4cPxUYdgaGzZIT5/j0IfqOrrXmq6bG8AwvwisMXpdrg=
@@ -1699,7 +1497,6 @@ github.com/opentracing/basictracer-go v1.0.0/go.mod h1:QfBfYuafItcjQuMwinw9GhYKw
 github.com/opentracing/opentracing-go v1.0.2/go.mod h1:UkNAQd3GIcIGf0SeVgPpRdFStlNbqXla1AfSYxPUl2o=
 github.com/opentracing/opentracing-go v1.0.3-0.20180606204148-bd9c31933947/go.mod h1:UkNAQd3GIcIGf0SeVgPpRdFStlNbqXla1AfSYxPUl2o=
 github.com/opentracing/opentracing-go v1.1.0/go.mod h1:UkNAQd3GIcIGf0SeVgPpRdFStlNbqXla1AfSYxPUl2o=
-github.com/opentracing/opentracing-go v1.1.1-0.20200124165624-2876d2018785/go.mod h1:C+iumr2ni468+1jvcHXLCdqP9uQnoQbdX93F3aWahWU=
 github.com/opentracing/opentracing-go v1.2.0 h1:uEJPy/1a5RIPAJ0Ov+OIO8OxWu77jEv+1B0VhjKrZUs=
 github.com/opentracing/opentracing-go v1.2.0/go.mod h1:GxEUsuufX4nBwe+T+Wl9TAgYrxe9dPLANfrWvHYVTgc=
 github.com/openzipkin-contrib/zipkin-go-opentracing v0.4.5/go.mod h1:/wsWhb9smxSfWAKL3wpBW7V8scJMt8N8gnaMCS9E/cA=
@@ -1750,42 +1547,26 @@ github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZN
 github.com/posener/complete v1.1.1/go.mod h1:em0nMJCgc9GFtwrmVmEMR/ZL6WyhyjMBndrE9hABlRI=
 github.com/posener/complete v1.2.3/go.mod h1:WZIdtGGp+qx0sLrYKtIRAruyNpv6hFCicSgv7Sy7s/s=
 github.com/pquerna/cachecontrol v0.0.0-20171018203845-0dec1b30a021/go.mod h1:prYjPmNq4d1NPVmpShWobRqXY3q7Vp+80DqgxxUrUIA=
-github.com/prometheus/alertmanager v0.18.0/go.mod h1:WcxHBl40VSPuOaqWae6l6HpnEOVRIycEJ7i9iYkadEE=
-github.com/prometheus/alertmanager v0.19.0/go.mod h1:Eyp94Yi/T+kdeb2qvq66E3RGuph5T/jm/RBVh4yz1xo=
 github.com/prometheus/alertmanager v0.20.0/go.mod h1:9g2i48FAyZW6BtbsnvHtMHQXl2aVtrORKwKVCQ+nbrg=
-github.com/prometheus/alertmanager v0.21.0/go.mod h1:h7tJ81NA0VLWvWEayi1QltevFkLF3KxmC/malTcT8Go=
-github.com/prometheus/alertmanager v0.21.1-0.20200911160112-1fdff6b3f939/go.mod h1:imXRHOP6QTsE0fFsIsAV/cXimS32m7gVZOiUj11m6Ig=
-github.com/prometheus/alertmanager v0.21.1-0.20201106142418-c39b78780054/go.mod h1:imXRHOP6QTsE0fFsIsAV/cXimS32m7gVZOiUj11m6Ig=
-github.com/prometheus/alertmanager v0.21.1-0.20210310093010-0f9cab6991e6/go.mod h1:MTqVn+vIupE0dzdgo+sMcNCp37SCAi8vPrvKTTnTz9g=
-github.com/prometheus/alertmanager v0.21.1-0.20210422101724-8176f78a70e1/go.mod h1:gsEqwD5BHHW9RNKvCuPOrrTMiP5I+faJUyLXvnivHik=
-github.com/prometheus/alertmanager v0.22.2/go.mod h1:rYinOWxFuCnNssc3iOjn2oMTlhLaPcUuqV5yk5JKUAE=
-github.com/prometheus/alertmanager v0.22.3-0.20210726110322-3d86bd709df8/go.mod h1:BBhEP06PwDGsIKsQzOeTNe2jU6tU19SzhJ41C2ib4XE=
 github.com/prometheus/alertmanager v0.23.0/go.mod h1:0MLTrjQI8EuVmvykEhcfr/7X0xmaDAZrqMgxIq3OXHk=
 github.com/prometheus/alertmanager v0.23.1-0.20210914172521-e35efbddb66a h1:qroc/F4ygaQ0uc2S+Pyk/exMwnSpokGyN1QjfZ1DiWU=
 github.com/prometheus/alertmanager v0.23.1-0.20210914172521-e35efbddb66a/go.mod h1:U7pGu+z7A9ZKhK8lq1MvIOp5GdVlZjwOYk+S0h3LSbA=
 github.com/prometheus/client_golang v0.0.0-20180209125602-c332b6f63c06/go.mod h1:7SWBe2y4D6OKWSNQJUaRYU/AaXPKyh/dDVn+NZz0KFw=
-github.com/prometheus/client_golang v0.8.0/go.mod h1:7SWBe2y4D6OKWSNQJUaRYU/AaXPKyh/dDVn+NZz0KFw=
 github.com/prometheus/client_golang v0.9.1/go.mod h1:7SWBe2y4D6OKWSNQJUaRYU/AaXPKyh/dDVn+NZz0KFw=
 github.com/prometheus/client_golang v0.9.2/go.mod h1:OsXs2jCmiKlQ1lTBmv21f2mNfw4xf/QclQDMrYNZzcM=
 github.com/prometheus/client_golang v0.9.3-0.20190127221311-3c4408c8b829/go.mod h1:p2iRAGwDERtqlqzRXnrOVns+ignqQo//hLXqYxZYVNs=
 github.com/prometheus/client_golang v0.9.3/go.mod h1:/TN21ttK/J9q6uSwhBd54HahCDft0ttaMvbicHlPoso=
 github.com/prometheus/client_golang v1.0.0/go.mod h1:db9x61etRT2tGnBNRi70OPL5FsnadC4Ky3P0J6CfImo=
 github.com/prometheus/client_golang v1.1.0/go.mod h1:I1FGZT9+L76gKKOs5djB6ezCbFQP1xR9D75/vuwEF3g=
-github.com/prometheus/client_golang v1.2.0/go.mod h1:XMU6Z2MjaRKVu/dC1qupJI9SiNkDYzz3xecMgSW/F+U=
 github.com/prometheus/client_golang v1.2.1/go.mod h1:XMU6Z2MjaRKVu/dC1qupJI9SiNkDYzz3xecMgSW/F+U=
 github.com/prometheus/client_golang v1.3.0/go.mod h1:hJaj2vgQTGQmVCsAACORcieXFeDPbaTKGT+JTgUa3og=
 github.com/prometheus/client_golang v1.4.0/go.mod h1:e9GMxYsXl05ICDXkRhurwBS4Q3OK1iX/F2sw+iXX5zU=
 github.com/prometheus/client_golang v1.4.1/go.mod h1:e9GMxYsXl05ICDXkRhurwBS4Q3OK1iX/F2sw+iXX5zU=
 github.com/prometheus/client_golang v1.5.1/go.mod h1:e9GMxYsXl05ICDXkRhurwBS4Q3OK1iX/F2sw+iXX5zU=
-github.com/prometheus/client_golang v1.6.0/go.mod h1:ZLOG9ck3JLRdB5MgO8f+lLTe83AXG6ro35rLTxvnIl4=
 github.com/prometheus/client_golang v1.6.1-0.20200604110148-03575cad4e55/go.mod h1:25h+Uz1WvXDBZYwqGX8PAb71RBkcjxEVV/R5wGnsq4I=
 github.com/prometheus/client_golang v1.7.1/go.mod h1:PY5Wy2awLA44sXw4AOSfFBetzPP4j5+D6mVACh+pe2M=
-github.com/prometheus/client_golang v1.8.0/go.mod h1:O9VU6huf47PktckDQfMTX0Y8tY0/7TSWwj+ITvv0TnM=
-github.com/prometheus/client_golang v1.9.0/go.mod h1:FqZLKOZnGdFAhOK4nqGHa7D66IdsO+O441Eve7ptJDU=
-github.com/prometheus/client_golang v1.10.0/go.mod h1:WJM3cc3yu7XKBKa/I8WeZm+V3eltZnBwfENSU7mdogU=
 github.com/prometheus/client_golang v1.11.0 h1:HNkLOAEQMIDv/K+04rukrLx6ch7msSRwf3/SASFAGtQ=
 github.com/prometheus/client_golang v1.11.0/go.mod h1:Z6t4BnS23TR94PD6BsDNk8yVqroYurpAkEiz0P2BEV0=
-github.com/prometheus/client_model v0.0.0-20170216185247-6f3806018612/go.mod h1:MbSGuTsp3dbXC40dX6PRTWyKYBIrTGTE9sqQNg2J8bo=
 github.com/prometheus/client_model v0.0.0-20171117100541-99fa1f4be8e5/go.mod h1:MbSGuTsp3dbXC40dX6PRTWyKYBIrTGTE9sqQNg2J8bo=
 github.com/prometheus/client_model v0.0.0-20180712105110-5c3871d89910/go.mod h1:MbSGuTsp3dbXC40dX6PRTWyKYBIrTGTE9sqQNg2J8bo=
 github.com/prometheus/client_model v0.0.0-20190115171406-56726106282f/go.mod h1:MbSGuTsp3dbXC40dX6PRTWyKYBIrTGTE9sqQNg2J8bo=
@@ -1795,7 +1576,6 @@ github.com/prometheus/client_model v0.1.0/go.mod h1:xMI15A0UPsDsEKsMN9yxemIoYk6T
 github.com/prometheus/client_model v0.2.0 h1:uq5h0d+GuxiXLJLNABMgp2qUWDPiLvgCzz2dUR+/W/M=
 github.com/prometheus/client_model v0.2.0/go.mod h1:xMI15A0UPsDsEKsMN9yxemIoYk6Tm2C1GtYGdfGttqA=
 github.com/prometheus/common v0.0.0-20180110214958-89604d197083/go.mod h1:daVV7qP5qjZbuso7PdcryaAu0sAZbrN9i7WWcTMWvro=
-github.com/prometheus/common v0.0.0-20180518154759-7600349dcfe1/go.mod h1:daVV7qP5qjZbuso7PdcryaAu0sAZbrN9i7WWcTMWvro=
 github.com/prometheus/common v0.0.0-20181113130724-41aa239b4cce/go.mod h1:daVV7qP5qjZbuso7PdcryaAu0sAZbrN9i7WWcTMWvro=
 github.com/prometheus/common v0.0.0-20181126121408-4724e9255275/go.mod h1:daVV7qP5qjZbuso7PdcryaAu0sAZbrN9i7WWcTMWvro=
 github.com/prometheus/common v0.2.0/go.mod h1:TNfzLD0ON7rHzMJeJkieUDPYmFC7Snx/y86RQel1bk4=
@@ -1803,35 +1583,23 @@ github.com/prometheus/common v0.4.0/go.mod h1:TNfzLD0ON7rHzMJeJkieUDPYmFC7Snx/y8
 github.com/prometheus/common v0.4.1/go.mod h1:TNfzLD0ON7rHzMJeJkieUDPYmFC7Snx/y86RQel1bk4=
 github.com/prometheus/common v0.6.0/go.mod h1:eBmuwkDJBwy6iBfxCBob6t6dR6ENT/y+J+Zk0j9GMYc=
 github.com/prometheus/common v0.7.0/go.mod h1:DjGbpBbp5NYNiECxcL/VnbXCCaQpKd3tt26CguLLsqA=
-github.com/prometheus/common v0.8.0/go.mod h1:PC/OgXc+UN7B4ALwvn1yzVZmVwvhXp5JsbBv6wSv6i0=
 github.com/prometheus/common v0.9.1/go.mod h1:yhUN8i9wzaXS3w1O07YhxHEBxD+W35wd8bs7vj7HSQ4=
 github.com/prometheus/common v0.10.0/go.mod h1:Tlit/dnDKsSWFlCLTWaA1cyBgKHSMdTB80sz/V91rCo=
-github.com/prometheus/common v0.11.1/go.mod h1:U+gB1OBLb1lF3O42bTCL+FK18tX9Oar16Clt/msog/s=
-github.com/prometheus/common v0.12.0/go.mod h1:U+gB1OBLb1lF3O42bTCL+FK18tX9Oar16Clt/msog/s=
-github.com/prometheus/common v0.14.0/go.mod h1:U+gB1OBLb1lF3O42bTCL+FK18tX9Oar16Clt/msog/s=
 github.com/prometheus/common v0.15.0/go.mod h1:U+gB1OBLb1lF3O42bTCL+FK18tX9Oar16Clt/msog/s=
-github.com/prometheus/common v0.18.0/go.mod h1:U+gB1OBLb1lF3O42bTCL+FK18tX9Oar16Clt/msog/s=
-github.com/prometheus/common v0.20.0/go.mod h1:U+gB1OBLb1lF3O42bTCL+FK18tX9Oar16Clt/msog/s=
-github.com/prometheus/common v0.21.0/go.mod h1:U+gB1OBLb1lF3O42bTCL+FK18tX9Oar16Clt/msog/s=
-github.com/prometheus/common v0.23.0/go.mod h1:H6QK/N6XVT42whUeIdI3dp36w49c+/iMDk7UAI2qm7Q=
 github.com/prometheus/common v0.26.0/go.mod h1:M7rCNAaPfAosfx8veZJCuw84e35h3Cfd9VFqTh1DIvc=
 github.com/prometheus/common v0.28.0/go.mod h1:vu+V0TpY+O6vW9J44gczi3Ap/oXXR10b+M/gUGO4Hls=
 github.com/prometheus/common v0.29.0/go.mod h1:vu+V0TpY+O6vW9J44gczi3Ap/oXXR10b+M/gUGO4Hls=
 github.com/prometheus/common v0.30.0/go.mod h1:vu+V0TpY+O6vW9J44gczi3Ap/oXXR10b+M/gUGO4Hls=
-github.com/prometheus/common v0.31.1/go.mod h1:vu+V0TpY+O6vW9J44gczi3Ap/oXXR10b+M/gUGO4Hls=
 github.com/prometheus/common v0.32.1 h1:hWIdL3N2HoUx3B8j3YN9mWor0qhY/NlEKZEaXxuIRh4=
 github.com/prometheus/common v0.32.1/go.mod h1:vu+V0TpY+O6vW9J44gczi3Ap/oXXR10b+M/gUGO4Hls=
 github.com/prometheus/common/sigv4 v0.1.0 h1:qoVebwtwwEhS85Czm2dSROY5fTo2PAPEVdDeppTwGX4=
 github.com/prometheus/common/sigv4 v0.1.0/go.mod h1:2Jkxxk9yYvCkE5G1sQT7GuEXm57JrvHu9k5YwTjsNtI=
-github.com/prometheus/exporter-toolkit v0.5.0/go.mod h1:OCkM4805mmisBhLmVFw858QYi3v0wKdY6/UxrT0pZVg=
-github.com/prometheus/exporter-toolkit v0.5.1/go.mod h1:OCkM4805mmisBhLmVFw858QYi3v0wKdY6/UxrT0pZVg=
-github.com/prometheus/exporter-toolkit v0.6.0/go.mod h1:ZUBIj498ePooX9t/2xtDjeQYwvRpiPP2lh5u4iblj2g=
-github.com/prometheus/exporter-toolkit v0.6.1 h1:Aqk75wQD92N9CqmTlZwjKwq6272nOGrWIbc8Z7+xQO0=
 github.com/prometheus/exporter-toolkit v0.6.1/go.mod h1:ZUBIj498ePooX9t/2xtDjeQYwvRpiPP2lh5u4iblj2g=
+github.com/prometheus/exporter-toolkit v0.7.0 h1:XtYeVeeC5daG4txbc9+mieKq+/AK4gtIBLl9Mulrjnk=
+github.com/prometheus/exporter-toolkit v0.7.0/go.mod h1:ZUBIj498ePooX9t/2xtDjeQYwvRpiPP2lh5u4iblj2g=
 github.com/prometheus/node_exporter v1.0.0-rc.0.0.20200428091818-01054558c289 h1:dTUS1vaLWq+Y6XKOTnrFpoVsQKLCbCp1OLj24TDi7oM=
 github.com/prometheus/node_exporter v1.0.0-rc.0.0.20200428091818-01054558c289/go.mod h1:FGbBv5OPKjch+jNUJmEQpMZytIdyW0NdBtWFcfSKusc=
 github.com/prometheus/procfs v0.0.0-20180125133057-cb4147076ac7/go.mod h1:c3At6R/oaqEKCNdg8wHV1ftS6bRYblBhIjjI8uT2IGk=
-github.com/prometheus/procfs v0.0.0-20180612222113-7d6f385de8be/go.mod h1:c3At6R/oaqEKCNdg8wHV1ftS6bRYblBhIjjI8uT2IGk=
 github.com/prometheus/procfs v0.0.0-20181005140218-185b4288413d/go.mod h1:c3At6R/oaqEKCNdg8wHV1ftS6bRYblBhIjjI8uT2IGk=
 github.com/prometheus/procfs v0.0.0-20181204211112-1dc9a6cbc91a/go.mod h1:c3At6R/oaqEKCNdg8wHV1ftS6bRYblBhIjjI8uT2IGk=
 github.com/prometheus/procfs v0.0.0-20190117184657-bf6a532e95b1/go.mod h1:c3At6R/oaqEKCNdg8wHV1ftS6bRYblBhIjjI8uT2IGk=
@@ -1841,7 +1609,6 @@ github.com/prometheus/procfs v0.0.0-20190522114515-bc1a522cf7b1/go.mod h1:TjEm7z
 github.com/prometheus/procfs v0.0.2/go.mod h1:TjEm7ze935MbeOT/UhFTIMYKhuLP4wbCsTZCD3I8kEA=
 github.com/prometheus/procfs v0.0.3/go.mod h1:4A/X28fw3Fc593LaREMrKMqOKvUAntwMDaekg4FpcdQ=
 github.com/prometheus/procfs v0.0.5/go.mod h1:4A/X28fw3Fc593LaREMrKMqOKvUAntwMDaekg4FpcdQ=
-github.com/prometheus/procfs v0.0.6/go.mod h1:7Qr8sr6344vo1JqZ6HhLceV9o3AJ1Ff+GxbHq6oeK9A=
 github.com/prometheus/procfs v0.0.8/go.mod h1:7Qr8sr6344vo1JqZ6HhLceV9o3AJ1Ff+GxbHq6oeK9A=
 github.com/prometheus/procfs v0.0.11/go.mod h1:lV6e/gmhEcM9IjHGsFOCxxuZ+z1YqCvr4OA4YeYWdaU=
 github.com/prometheus/procfs v0.1.3/go.mod h1:lV6e/gmhEcM9IjHGsFOCxxuZ+z1YqCvr4OA4YeYWdaU=
@@ -1849,33 +1616,13 @@ github.com/prometheus/procfs v0.2.0/go.mod h1:lV6e/gmhEcM9IjHGsFOCxxuZ+z1YqCvr4O
 github.com/prometheus/procfs v0.6.0/go.mod h1:cz+aTbrPOrUb4q7XlbU9ygM+/jj0fzG6c1xBZuNvfVA=
 github.com/prometheus/procfs v0.7.3 h1:4jVXhlkAyzOScmCkXBTOLRLTz8EeU+eyjrwB/EPq0VU=
 github.com/prometheus/procfs v0.7.3/go.mod h1:cz+aTbrPOrUb4q7XlbU9ygM+/jj0fzG6c1xBZuNvfVA=
-github.com/prometheus/prometheus v0.0.0-20180315085919-58e2a31db8de/go.mod h1:oAIUtOny2rjMX0OWN5vPR5/q/twIROJvdqnQKDdil/s=
-github.com/prometheus/prometheus v0.0.0-20190818123050-43acd0e2e93f/go.mod h1:rMTlmxGCvukf2KMu3fClMDKLLoJ5hl61MhcJ7xKakf0=
 github.com/prometheus/prometheus v0.0.0-20200609090129-a6600f564e3c/go.mod h1:S5n0C6tSgdnwWshBUceRx5G1OsjLv/EeZ9t3wIfEtsY=
-github.com/prometheus/prometheus v1.8.2-0.20200107122003-4708915ac6ef/go.mod h1:7U90zPoLkWjEIQcy/rweQla82OCTUzxVHE51G3OhJbI=
-github.com/prometheus/prometheus v1.8.2-0.20200213233353-b90be6f32a33/go.mod h1:fkIPPkuZnkXyopYHmXPxf9rgiPkVgZCN8w9o8+UgBlY=
-github.com/prometheus/prometheus v1.8.2-0.20200707115909-30505a202a4c/go.mod h1:/kMSPIRsxr/apyHxlzYMdFnaPXUXXqILU5uzIoNhOvc=
-github.com/prometheus/prometheus v1.8.2-0.20200722151933-4a8531a64b32/go.mod h1:+/y4DzJ62qmhy0o/H4PtXegRXw+80E8RVRHhLbv+bkM=
-github.com/prometheus/prometheus v1.8.2-0.20200805082714-e0cf219f0de2/go.mod h1:i1KZsZmyDTJRvnR7zE8z/u2v+tkpPjoiPpnWp6nwhr0=
-github.com/prometheus/prometheus v1.8.2-0.20200819132913-cb830b0a9c78/go.mod h1:zfAqy/MwhMFajB9E2n12/9gG2fvofIE9uKDtlZCDxqs=
-github.com/prometheus/prometheus v1.8.2-0.20200923143134-7e2db3d092f3/go.mod h1:9VNWoDFHOMovlubld5uKKxfCDcPBj2GMOCjcUFXkYaM=
-github.com/prometheus/prometheus v1.8.2-0.20201028100903-3245b3267b24/go.mod h1:MDRkz271loM/PrYN+wUNEaTMDGSP760MQzB0yEjdgSQ=
-github.com/prometheus/prometheus v1.8.2-0.20201029103703-63be30dceed9/go.mod h1:MDRkz271loM/PrYN+wUNEaTMDGSP760MQzB0yEjdgSQ=
-github.com/prometheus/prometheus v1.8.2-0.20201119142752-3ad25a6dc3d9/go.mod h1:1MDE/bXgu4gqd5w/otko6WQpXZX9vu8QX4KbitCmaPg=
-github.com/prometheus/prometheus v1.8.2-0.20201119181812-c8f810083d3f/go.mod h1:1MDE/bXgu4gqd5w/otko6WQpXZX9vu8QX4KbitCmaPg=
-github.com/prometheus/prometheus v1.8.2-0.20210215121130-6f488061dfb4/go.mod h1:NAYujktP0dmSSpeV155mtnwX2pndLpVVK/Ps68R01TA=
-github.com/prometheus/prometheus v1.8.2-0.20210315220929-1cba1741828b/go.mod h1:MS/bpdil77lPbfQeKk6OqVQ9OLnpN3Rszd0hka0EOWE=
-github.com/prometheus/prometheus v1.8.2-0.20210324152458-c7a62b95cea0/go.mod h1:sf7j/iAbhZahjeC0s3wwMmp5dksrJ/Za1UKdR+j6Hmw=
-github.com/prometheus/prometheus v1.8.2-0.20210519120135-d95b0972505f/go.mod h1:yUzDYX0hIYu5YVHmpj/JXLOclB6QcLNDgmagD3FUnSU=
-github.com/prometheus/prometheus v1.8.2-0.20210720123808-b1ed4a0a663d/go.mod h1:o6V+A4iPEWjLG0rSEKeev3OzfBZwP+ay+4iS4dkfLI4=
-github.com/prometheus/prometheus v1.8.2-0.20210914090109-37468d88dce8/go.mod h1:02eURgmH1YsgJ2TtWNUGMQMCnLxmtHH9nOgvYxIjGAo=
-github.com/prometheus/prometheus v1.8.2-0.20211011171444-354d8d2ecfac h1:emphJoDK6yZ1GxyFbyYa7ByoWkl3dXfOmPvHAy0L0XI=
-github.com/prometheus/prometheus v1.8.2-0.20211011171444-354d8d2ecfac/go.mod h1:wP6L5BiOZ1JZYadRh17u5RujSS19zNSGZfGUi/MZUpM=
+github.com/prometheus/prometheus v1.8.2-0.20211119115433-692a54649ed7 h1:8rwRA5BKEAWtawaP4ozroDm3xMDrp9POAoT3HkQ3ZHw=
+github.com/prometheus/prometheus v1.8.2-0.20211119115433-692a54649ed7/go.mod h1:outfylaI89+D5IO87TRPRmxfucIobTO3Rb0l2TKqpj0=
 github.com/prometheus/statsd_exporter v0.21.0 h1:hA05Q5RFeIjgwKIYEdFd59xu5Wwaznf33yKI+pyX6T8=
 github.com/prometheus/statsd_exporter v0.21.0/go.mod h1:rbT83sZq2V+p73lHhPZfMc3MLCHmSHelCh9hSGYNLTQ=
 github.com/prometheus/tsdb v0.7.1/go.mod h1:qhTCs0VvXwvX/y3TZrWD7rabWM+ijKTux40TwIPHuXU=
 github.com/rabbitmq/amqp091-go v1.1.0/go.mod h1:ogQDLSOACsLPsIq0NpbtiifNZi2YOz0VTJ0kHRghqbM=
-github.com/rafaeljusto/redigomock v0.0.0-20190202135759-257e089e14a1/go.mod h1:JaY6n2sDr+z2WTsXkOmNRUfDy6FN0L6Nk7x06ndm4tY=
 github.com/rcrowley/go-metrics v0.0.0-20181016184325-3113b8401b8a/go.mod h1:bCqnVzQkZxMG4s8nGwiZ5l3QUCyqpo9Y+/ZMZ9VjZe4=
 github.com/rcrowley/go-metrics v0.0.0-20201227073835-cf1acfcdf475 h1:N/ElC8H3+5XpJzTSTfLsJV/mx9Q9g7kxmchpfZyxgzM=
 github.com/rcrowley/go-metrics v0.0.0-20201227073835-cf1acfcdf475/go.mod h1:bCqnVzQkZxMG4s8nGwiZ5l3QUCyqpo9Y+/ZMZ9VjZe4=
@@ -1892,7 +1639,6 @@ github.com/rogpeppe/go-internal v1.6.1/go.mod h1:xXDCJY+GAPziupqXw64V24skbSoqbTE
 github.com/rogpeppe/go-internal v1.6.2 h1:aIihoIOHCiLZHxyoNQ+ABL4NKhFTgKLBdMLyEAh98m0=
 github.com/rogpeppe/go-internal v1.6.2/go.mod h1:xXDCJY+GAPziupqXw64V24skbSoqbTEfhy4qGm1nDQc=
 github.com/rs/cors v1.6.0/go.mod h1:gFx+x8UowdsKA9AchylcLynDq+nNFfI8FkUZdN/jGCU=
-github.com/rs/cors v1.7.0/go.mod h1:gFx+x8UowdsKA9AchylcLynDq+nNFfI8FkUZdN/jGCU=
 github.com/rs/cors v1.8.0 h1:P2KMzcFwrPoSjkF1WLRPsp3UMLyql8L4v9hQpVeK5so=
 github.com/rs/cors v1.8.0/go.mod h1:EBwu+T5AvHOcXwvZIkQFjUN6s8Czyqw12GL/Y0tUyRM=
 github.com/rs/xid v1.2.1 h1:mhH9Nq+C1fY2l1XIpgxIiUOfNpRBYH1kKcr+qfKgjRc=
@@ -1904,10 +1650,7 @@ github.com/ryanuber/columnize v2.1.0+incompatible/go.mod h1:sm1tb6uqfes/u+d4ooFo
 github.com/ryanuber/go-glob v1.0.0/go.mod h1:807d1WSdnB0XRJzKNil9Om6lcp/3a0v4qIHxIXzX/Yc=
 github.com/safchain/ethtool v0.0.0-20190326074333-42ed695e3de8/go.mod h1:Z0q5wiBQGYcxhMZ6gUqHn6pYNLypFAvaL3UvgZLR0U4=
 github.com/sagikazarmark/crypt v0.1.0/go.mod h1:B/mN0msZuINBtQ1zZLEQcegFJJf9vnYIR88KRMEuODE=
-github.com/samuel/go-zookeeper v0.0.0-20190810000440-0ceca61e4d75/go.mod h1:gi+0XIa01GRL2eRQVjQkKGqKF3SF9vZR/HnPullcV2E=
 github.com/samuel/go-zookeeper v0.0.0-20190923202752-2cc03de413da/go.mod h1:gi+0XIa01GRL2eRQVjQkKGqKF3SF9vZR/HnPullcV2E=
-github.com/samuel/go-zookeeper v0.0.0-20200724154423-2164a8ac840e/go.mod h1:gi+0XIa01GRL2eRQVjQkKGqKF3SF9vZR/HnPullcV2E=
-github.com/samuel/go-zookeeper v0.0.0-20201211165307-7117e9ea2414/go.mod h1:gi+0XIa01GRL2eRQVjQkKGqKF3SF9vZR/HnPullcV2E=
 github.com/sanity-io/litter v1.2.0/go.mod h1:JF6pZUFgu2Q0sBZ+HSV35P8TVPI1TTzEwyu9FXAw2W4=
 github.com/santhosh-tekuri/jsonschema v1.2.4/go.mod h1:TEAUOeZSmIxTTuHatJzrvARHiuO9LYd+cIxzgEHCQI4=
 github.com/satori/go.uuid v0.0.0-20160603004225-b111a074d5ef/go.mod h1:dA0hQrYB0VpLJoorglMZABFdXlWrHn1NEOzdhQKdks0=
@@ -1929,33 +1672,27 @@ github.com/sercand/kuberesolver v2.4.0+incompatible/go.mod h1:lWF3GL0xptCB/vCiJP
 github.com/sergi/go-diff v1.0.0/go.mod h1:0CfEIISq7TuYL3j771MWULgwwjU+GofnZX9QAmXWZgo=
 github.com/shirou/gopsutil/v3 v3.21.10/go.mod h1:t75NhzCZ/dYyPQjyQmrAYP6c8+LCdFANeBMdLPCNnew=
 github.com/shopspring/decimal v0.0.0-20180709203117-cd690d0c9e24/go.mod h1:M+9NzErvs504Cn4c5DxATwIqPbtswREoFCre64PpcG4=
-github.com/shurcooL/httpfs v0.0.0-20171119174359-809beceb2371/go.mod h1:ZY1cvUeJuFPAdZ/B6v7RHavJWZn2YPVFQ1OSXhCGOkg=
 github.com/shurcooL/httpfs v0.0.0-20190707220628-8d4bc4ba7749 h1:bUGsEnyNbVPw06Bs80sCeARAlK8lhwqGyi6UT8ymuGk=
 github.com/shurcooL/httpfs v0.0.0-20190707220628-8d4bc4ba7749/go.mod h1:ZY1cvUeJuFPAdZ/B6v7RHavJWZn2YPVFQ1OSXhCGOkg=
 github.com/shurcooL/sanitized_anchor_name v1.0.0/go.mod h1:1NzhyTcUVG4SuEtjjoZeVRXNmyL/1OwPU0+IJeTBvfc=
-github.com/shurcooL/vfsgen v0.0.0-20180825020608-02ddb050ef6b/go.mod h1:TrYk7fJVaAttu97ZZKrO9UbRa8izdowaMIZcxYMbVaw=
 github.com/shurcooL/vfsgen v0.0.0-20181202132449-6a9ea43bcacd/go.mod h1:TrYk7fJVaAttu97ZZKrO9UbRa8izdowaMIZcxYMbVaw=
-github.com/shurcooL/vfsgen v0.0.0-20200627165143-92b8a710ab6c/go.mod h1:TrYk7fJVaAttu97ZZKrO9UbRa8izdowaMIZcxYMbVaw=
 github.com/shurcooL/vfsgen v0.0.0-20200824052919-0d455de96546 h1:pXY9qYc/MP5zdvqWEUH6SjNiu7VhSjuVFTFiTcphaLU=
 github.com/shurcooL/vfsgen v0.0.0-20200824052919-0d455de96546/go.mod h1:TrYk7fJVaAttu97ZZKrO9UbRa8izdowaMIZcxYMbVaw=
 github.com/siebenmann/go-kstat v0.0.0-20160321171754-d34789b79745/go.mod h1:G81aIFAMS9ECrwBYR9YxhlPjWgrItd+Kje78O6+uqm8=
 github.com/sirupsen/logrus v1.0.4-0.20170822132746-89742aefa4b2/go.mod h1:pMByvHTf9Beacp5x1UXfOR9xyW/9antXMhjMPG0dEzc=
-github.com/sirupsen/logrus v1.0.5/go.mod h1:pMByvHTf9Beacp5x1UXfOR9xyW/9antXMhjMPG0dEzc=
 github.com/sirupsen/logrus v1.0.6/go.mod h1:pMByvHTf9Beacp5x1UXfOR9xyW/9antXMhjMPG0dEzc=
 github.com/sirupsen/logrus v1.2.0/go.mod h1:LxeOpSwHxABJmUn/MG1IvRgCAasNZTLOkJPxbbu5VWo=
 github.com/sirupsen/logrus v1.4.0/go.mod h1:LxeOpSwHxABJmUn/MG1IvRgCAasNZTLOkJPxbbu5VWo=
 github.com/sirupsen/logrus v1.4.1/go.mod h1:ni0Sbl8bgC9z8RoU9G6nDWqqs/fq4eDPysMBDgk/93Q=
 github.com/sirupsen/logrus v1.4.2/go.mod h1:tLMulIdttU9McNUspp0xgXVQah82FyeX6MwdIuYE2rE=
-github.com/sirupsen/logrus v1.5.0/go.mod h1:+F7Ogzej0PZc/94MaYx/nvG9jOFMD2osvC3s+Squfpo=
 github.com/sirupsen/logrus v1.6.0/go.mod h1:7uNnSEd1DgxDLC74fIahvMZmmYsHGZGEOFrfsX/uA88=
 github.com/sirupsen/logrus v1.7.0/go.mod h1:yWOB1SBYBC5VeMP7gHvWumXLIWorT60ONWic61uBYv0=
 github.com/sirupsen/logrus v1.8.1 h1:dJKuHgqk1NNQlqoA6BTlM1Wf9DOH3NBjQyu0h9+AZZE=
 github.com/sirupsen/logrus v1.8.1/go.mod h1:yWOB1SBYBC5VeMP7gHvWumXLIWorT60ONWic61uBYv0=
 github.com/smartystreets/assertions v0.0.0-20180927180507-b2de0cb4f26d/go.mod h1:OnSkiWE9lh6wB0YB77sQom3nweQdgAjqCqsofrRNTgc=
-github.com/smartystreets/assertions v1.0.1/go.mod h1:kHHU4qYBaI3q23Pp3VPrmWhuIUrLW/7eUrw0BU5VaoM=
 github.com/smartystreets/goconvey v0.0.0-20190330032615-68dc04aab96a/go.mod h1:syvi0/a8iFYH4r/RixwvyeAJjdLS9QV7WQ/tjFTllLA=
 github.com/smartystreets/goconvey v1.6.4/go.mod h1:syvi0/a8iFYH4r/RixwvyeAJjdLS9QV7WQ/tjFTllLA=
-github.com/snowflakedb/gosnowflake v1.3.4/go.mod h1:NsRq2QeiMUuoNUJhp5Q6xGC4uBrsS9g6LwZVEkTWgsE=
+github.com/snowflakedb/gosnowflake v1.3.13/go.mod h1:6nfka9aTXkUNha1p1cjeeyjDvcyh7jfjp0l8kGpDBok=
 github.com/soheilhy/cmux v0.1.5 h1:jjzc5WVemNEDTLwv9tlmemhC73tI08BNOIGwBOo10Js=
 github.com/soheilhy/cmux v0.1.5/go.mod h1:T7TcVDs9LWfQgPlPsdngu6I6QIoyIFZDDC6sNE1GqG0=
 github.com/sony/gobreaker v0.4.1 h1:oMnRNZXX5j85zso6xCPRNPtmAycat+WcoKbklScLDgQ=
@@ -1967,7 +1704,6 @@ github.com/spaolacci/murmur3 v1.1.0/go.mod h1:JwIasOWyU6f++ZhiEuf87xNszmSA2myDM2
 github.com/spf13/afero v1.1.2/go.mod h1:j4pytiNVoe2o6bmDsKpLACNPDBIoEAkihy7loJ1B0CQ=
 github.com/spf13/afero v1.2.2/go.mod h1:9ZxEEn6pIJ8Rxe320qSDBk6AsU0r9pR7Q4OcevTdifk=
 github.com/spf13/afero v1.3.3/go.mod h1:5KUK8ByomD5Ti5Artl0RtHeI5pTF7MIDuXL3yY520V4=
-github.com/spf13/afero v1.3.4/go.mod h1:Ai8FlHk4v/PARR026UzYexafAt9roJ7LcLMAmO6Z93I=
 github.com/spf13/afero v1.6.0 h1:xoax2sJ2DT8S8xA2paPFjDCScCNeWsg75VG0DLRreiY=
 github.com/spf13/afero v1.6.0/go.mod h1:Ai8FlHk4v/PARR026UzYexafAt9roJ7LcLMAmO6Z93I=
 github.com/spf13/cast v1.3.0/go.mod h1:Qx5cxh0v+4UWYiBimWS+eyWzqEqokIECu5etghLkUJE=
@@ -1978,8 +1714,6 @@ github.com/spf13/cobra v0.0.2-0.20171109065643-2da4a54c5cee/go.mod h1:1l0Ry5zgKv
 github.com/spf13/cobra v0.0.3/go.mod h1:1l0Ry5zgKvJasoi3XT1TypsSe7PqH0Sj9dhYf7v3XqQ=
 github.com/spf13/cobra v0.0.5/go.mod h1:3K3wKZymM7VvHMDS9+Akkh4K60UwM26emMESw8tLCHU=
 github.com/spf13/cobra v1.0.0/go.mod h1:/6GTrnGXV9HjY+aR4k0oJ5tcvakLuG6EuKReYlHNrgE=
-github.com/spf13/cobra v1.1.1/go.mod h1:WnodtKOvamDL/PwE2M4iKs8aMDBZ5Q5klgD3qfVJQMI=
-github.com/spf13/cobra v1.1.3/go.mod h1:pGADOWyqRD/YMrPZigI/zbliZ2wVD/23d+is3pSWzOo=
 github.com/spf13/cobra v1.2.1 h1:+KmjbUw1hriSNMF55oPrkZcb27aECyrj8V2ytv7kWDw=
 github.com/spf13/cobra v1.2.1/go.mod h1:ExllRjgxM/piMAM+3tAZvg8fsklGAf3tPfi+i8t68Nk=
 github.com/spf13/jwalterweatherman v1.0.0/go.mod h1:cQK4TGJAtQXfYWX+Ddv3mKDzgVb68N+wFjFa4jdeBTo=
@@ -1993,7 +1727,6 @@ github.com/spf13/pflag v1.0.5 h1:iy+VFUOCP1a+8yFto/drg2CJ5u0yRoB7fZw3DKv/JXA=
 github.com/spf13/pflag v1.0.5/go.mod h1:McXfInJRrz4CZXVZOBLb0bTZqETkiAhM9Iw0y3An2Bg=
 github.com/spf13/viper v1.3.2/go.mod h1:ZiWeW+zYFKm7srdB9IoDzzZXaJaI5eL9QjNiN/DMA2s=
 github.com/spf13/viper v1.4.0/go.mod h1:PTJ7Z/lr49W6bUbkmS1V3by4uWynFiR9p7+dSq/yZzE=
-github.com/spf13/viper v1.7.0/go.mod h1:8WkrPz2fc9jxqZNCJI/76HCieCp4Q8HaLFoCha5qpdg=
 github.com/spf13/viper v1.8.1/go.mod h1:o0Pch8wJ9BVSWGQMbra6iw0oQ5oktSIBaujf1rJH9Ns=
 github.com/spf13/viper v1.9.0 h1:yR6EXjTp0y0cLN8OZg1CRZmOBdI88UcGkhgyJhu6nZk=
 github.com/spf13/viper v1.9.0/go.mod h1:+i6ajR7OX2XaiBkrcZJFK21htRk7eDeLg7+O6bhUPP4=
@@ -2009,7 +1742,6 @@ github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+
 github.com/stretchr/objx v0.1.1/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME=
 github.com/stretchr/objx v0.2.0 h1:Hbg2NidpLE8veEBkEZTL3CvlkUIVzuU9jDplZO54c48=
 github.com/stretchr/objx v0.2.0/go.mod h1:qt09Ya8vawLte6SNmTgCsAVtYtaKzEcn8ATUoHMkEqE=
-github.com/stretchr/testify v0.0.0-20151208002404-e3a8ff8ce365/go.mod h1:a8OnRcib4nhh0OaRAV+Yts87kKdq0PP7pXfy6kDkUVs=
 github.com/stretchr/testify v0.0.0-20161117074351-18a02ba4a312/go.mod h1:a8OnRcib4nhh0OaRAV+Yts87kKdq0PP7pXfy6kDkUVs=
 github.com/stretchr/testify v0.0.0-20180303142811-b89eecf5ca5d/go.mod h1:a8OnRcib4nhh0OaRAV+Yts87kKdq0PP7pXfy6kDkUVs=
 github.com/stretchr/testify v1.2.0/go.mod h1:a8OnRcib4nhh0OaRAV+Yts87kKdq0PP7pXfy6kDkUVs=
@@ -2030,19 +1762,8 @@ github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/common v1.0.194/go.mod
 github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/kms v1.0.194/go.mod h1:yrBKWhChnDqNz1xuXdSbWXG56XawEq0G5j1lg4VwBD4=
 github.com/tencentyun/cos-go-sdk-v5 v0.7.31 h1:NujkkOKMJ3IFs1+trCwXOKRCIPQ8qI5Lxul9JkhTg6M=
 github.com/tencentyun/cos-go-sdk-v5 v0.7.31/go.mod h1:4E4+bQ2gBVJcgEC9Cufwylio4mXOct2iu05WjgEBx1o=
-github.com/thanos-io/thanos v0.8.1-0.20200109203923-552ffa4c1a0d/go.mod h1:usT/TxtJQ7DzinTt+G9kinDQmRS5sxwu0unVKZ9vdcw=
-github.com/thanos-io/thanos v0.13.1-0.20200731083140-69b87607decf/go.mod h1:G8caR6G7pSDreRDvFm9wFuyjEBztmr8Ag3kBYpa/fEc=
-github.com/thanos-io/thanos v0.13.1-0.20200807203500-9b578afb4763/go.mod h1:KyW0a93tsh7v4hXAwo2CVAIRYuZT1Kkf4e04gisQjAg=
-github.com/thanos-io/thanos v0.13.1-0.20201019130456-f41940581d9a/go.mod h1:A3qUEEbsVkplJnxyDLwuIuvTDaJPByTH+hMdTl9ujAA=
-github.com/thanos-io/thanos v0.13.1-0.20201030101306-47f9a225cc52/go.mod h1:OqqX4x21cg5N5MMHd/yGQAc/V3wg8a7Do4Jk8HfaFZQ=
-github.com/thanos-io/thanos v0.13.1-0.20210108102609-f85e4003ba51/go.mod h1:kPvI4H0AynFiHDN95ZB28/k70ZPGCx+pBrRh6RZPimw=
-github.com/thanos-io/thanos v0.13.1-0.20210204123931-82545cdd16fe/go.mod h1:ZLDGYRNkgM+FCwYNOD+6tOV+DE2fpjzfV6iqXyOgFIw=
-github.com/thanos-io/thanos v0.13.1-0.20210224074000-659446cab117/go.mod h1:kdqFpzdkveIKpNNECVJd75RPvgsAifQgJymwCdfev1w=
-github.com/thanos-io/thanos v0.13.1-0.20210226164558-03dace0a1aa1/go.mod h1:gMCy4oCteKTT7VuXVvXLTPGzzjovX1VPE5p+HgL1hyU=
-github.com/thanos-io/thanos v0.13.1-0.20210401085038-d7dff0c84d17/go.mod h1:zU8KqE+6A+HksK4wiep8e/3UvCZLm+Wrw9AqZGaAm9k=
-github.com/thanos-io/thanos v0.19.1-0.20210729154440-aa148f8fdb28/go.mod h1:Xskx78e0CYL6w0yDNOZHGdvwQMlsuzPsePmPtbp9Xuk=
-github.com/thanos-io/thanos v0.19.1-0.20210923155558-c15594a03c45 h1:G7KvVtPy04sXgJyF2JfWc+2jf+18OQZNk5ZqJ95cnfc=
-github.com/thanos-io/thanos v0.19.1-0.20210923155558-c15594a03c45/go.mod h1:lQD+AiWRbxzoCviPmxdbQIUvmTEJQPxv9n6erKMsRrQ=
+github.com/thanos-io/thanos v0.19.1-0.20211208205607-d1acaea2a11a h1:mW3os+I6lAHRXTDC3PNNIhdBEtInPpCDhqvbkZ3q694=
+github.com/thanos-io/thanos v0.19.1-0.20211208205607-d1acaea2a11a/go.mod h1:LKBxvV7/LiKtF6tbsin4vQxCosambQi6+CET2/5cFiY=
 github.com/themihai/gomemcache v0.0.0-20180902122335-24332e2d58ab h1:7ZR3hmisBWw77ZpO1/o86g+JV3VKlk3d48jopJxzTjU=
 github.com/themihai/gomemcache v0.0.0-20180902122335-24332e2d58ab/go.mod h1:eheTFp954zcWZXCU8d0AT76ftsQOTo4DTqkN/h3k1MY=
 github.com/tidwall/pretty v0.0.0-20180105212114-65a9db5fad51/go.mod h1:XNkn88O1ChpSDQmQeStsy+sBenx6DDtFZJxhVysOjyk=
@@ -2054,26 +1775,16 @@ github.com/tklauser/go-sysconf v0.3.9/go.mod h1:11DU/5sG7UexIrp/O6g35hrWzu0JxlwQ
 github.com/tklauser/numcpus v0.3.0/go.mod h1:yFGUr7TUHQRAhyqBcEg0Ge34zDBAsIvJJcyE6boqnA8=
 github.com/tmc/grpc-websocket-proxy v0.0.0-20170815181823-89b8d40f7ca8/go.mod h1:ncp9v5uamzpCO7NfCPTXjqaC+bZgJeR0sMTm6dMHP7U=
 github.com/tmc/grpc-websocket-proxy v0.0.0-20190109142713-0ad062ec5ee5/go.mod h1:ncp9v5uamzpCO7NfCPTXjqaC+bZgJeR0sMTm6dMHP7U=
-github.com/tmc/grpc-websocket-proxy v0.0.0-20200427203606-3cfed13b9966/go.mod h1:ncp9v5uamzpCO7NfCPTXjqaC+bZgJeR0sMTm6dMHP7U=
-github.com/tmc/grpc-websocket-proxy v0.0.0-20201229170055-e5319fda7802/go.mod h1:ncp9v5uamzpCO7NfCPTXjqaC+bZgJeR0sMTm6dMHP7U=
 github.com/tv42/httpunix v0.0.0-20150427012821-b75d8614f926/go.mod h1:9ESjWnEqriFuLhtthL60Sar/7RFoluCcXsuvEwTV5KM=
 github.com/uber-go/atomic v1.4.0 h1:yOuPqEq4ovnhEjpHmfFwsqBXDYbQeT6Nb0bwD6XnD5o=
 github.com/uber-go/atomic v1.4.0/go.mod h1:/Ct5t2lcmbJ4OSe/waGBoaVvVqtO0bmtfVNex1PFV8g=
 github.com/uber-go/tally v3.3.15+incompatible/go.mod h1:YDTIBxdXyOU/sCWilKB4bgyufu1cEi0jdVnRdxvjnmU=
 github.com/uber/athenadriver v1.1.4/go.mod h1:tQjho4NzXw55LGfSZEcETuYydpY1vtmixUabHkC1K/E=
-github.com/uber/jaeger-client-go v2.15.0+incompatible/go.mod h1:WVhlPFC8FDjOFMMWRy2pZqQJSXxYSwNYOkTr/Z6d3Kk=
-github.com/uber/jaeger-client-go v2.20.1+incompatible/go.mod h1:WVhlPFC8FDjOFMMWRy2pZqQJSXxYSwNYOkTr/Z6d3Kk=
-github.com/uber/jaeger-client-go v2.22.1+incompatible/go.mod h1:WVhlPFC8FDjOFMMWRy2pZqQJSXxYSwNYOkTr/Z6d3Kk=
 github.com/uber/jaeger-client-go v2.23.0+incompatible/go.mod h1:WVhlPFC8FDjOFMMWRy2pZqQJSXxYSwNYOkTr/Z6d3Kk=
-github.com/uber/jaeger-client-go v2.23.1+incompatible/go.mod h1:WVhlPFC8FDjOFMMWRy2pZqQJSXxYSwNYOkTr/Z6d3Kk=
-github.com/uber/jaeger-client-go v2.24.0+incompatible/go.mod h1:WVhlPFC8FDjOFMMWRy2pZqQJSXxYSwNYOkTr/Z6d3Kk=
-github.com/uber/jaeger-client-go v2.25.0+incompatible/go.mod h1:WVhlPFC8FDjOFMMWRy2pZqQJSXxYSwNYOkTr/Z6d3Kk=
 github.com/uber/jaeger-client-go v2.28.0+incompatible/go.mod h1:WVhlPFC8FDjOFMMWRy2pZqQJSXxYSwNYOkTr/Z6d3Kk=
 github.com/uber/jaeger-client-go v2.29.1+incompatible h1:R9ec3zO3sGpzs0abd43Y+fBZRJ9uiH6lXyR/+u6brW4=
 github.com/uber/jaeger-client-go v2.29.1+incompatible/go.mod h1:WVhlPFC8FDjOFMMWRy2pZqQJSXxYSwNYOkTr/Z6d3Kk=
-github.com/uber/jaeger-lib v1.5.1-0.20181102163054-1fc5c315e03c/go.mod h1:ComeNDZlWwrWnDv8aPp0Ba6+uUTzImX/AauajbLI56U=
 github.com/uber/jaeger-lib v2.2.0+incompatible/go.mod h1:ComeNDZlWwrWnDv8aPp0Ba6+uUTzImX/AauajbLI56U=
-github.com/uber/jaeger-lib v2.4.0+incompatible/go.mod h1:ComeNDZlWwrWnDv8aPp0Ba6+uUTzImX/AauajbLI56U=
 github.com/uber/jaeger-lib v2.4.1+incompatible h1:td4jdvLcExb4cBISKIpHuGoVXh+dVKhn2Um6rjCsSsg=
 github.com/uber/jaeger-lib v2.4.1+incompatible/go.mod h1:ComeNDZlWwrWnDv8aPp0Ba6+uUTzImX/AauajbLI56U=
 github.com/ugorji/go v1.1.4/go.mod h1:uQMGLiO92mf5W77hV/PUCpI3pbzQx3CRekS0kk+RGrc=
@@ -2095,13 +1806,6 @@ github.com/vishvananda/netlink v1.1.1-0.20201029203352-d40f9887b852/go.mod h1:tw
 github.com/vishvananda/netns v0.0.0-20180720170159-13995c7128cc/go.mod h1:ZjcWmFBXmLKZu9Nxj3WKYEafiSqer2rnvPr0en9UNpI=
 github.com/vishvananda/netns v0.0.0-20191106174202-0a2b9b5464df/go.mod h1:JP3t17pCcGlemwknint6hfoeCVQrEMVwxRLRjXpq+BU=
 github.com/vishvananda/netns v0.0.0-20200728191858-db3c7e526aae/go.mod h1:DD4vA1DwXk04H54A1oHXtwZmA0grkVMdPxx/VGLCah0=
-github.com/weaveworks/common v0.0.0-20200206153930-760e36ae819a/go.mod h1:6enWAqfQBFrE8X/XdJwZr8IKgh1chStuFR0mjU/UOUw=
-github.com/weaveworks/common v0.0.0-20200625145055-4b1847531bc9/go.mod h1:c98fKi5B9u8OsKGiWHLRKus6ToQ1Tubeow44ECO1uxY=
-github.com/weaveworks/common v0.0.0-20200914083218-61ffdd448099/go.mod h1:hz10LOsAdzC3K/iXaKoFxOKTDRgxJl+BTGX1GY+TzO4=
-github.com/weaveworks/common v0.0.0-20201119133501-0619918236ec/go.mod h1:ykzWac1LtVfOxdCK+jD754at1Ws9dKCwFeUzkFBffPs=
-github.com/weaveworks/common v0.0.0-20210112142934-23c8d7fa6120/go.mod h1:ykzWac1LtVfOxdCK+jD754at1Ws9dKCwFeUzkFBffPs=
-github.com/weaveworks/common v0.0.0-20210419092856-009d1eebd624/go.mod h1:ykzWac1LtVfOxdCK+jD754at1Ws9dKCwFeUzkFBffPs=
-github.com/weaveworks/common v0.0.0-20210722103813-e649eff5ab4a/go.mod h1:YU9FvnS7kUnRt6HY10G+2qHkwzP3n3Vb1XsXDsJTSp8=
 github.com/weaveworks/common v0.0.0-20210913144402-035033b78a78 h1:UqH2ncSWwCIhZ6bf2Wz1ifmxorIWFUm0GAfk7xv5c8s=
 github.com/weaveworks/common v0.0.0-20210913144402-035033b78a78/go.mod h1:YU9FvnS7kUnRt6HY10G+2qHkwzP3n3Vb1XsXDsJTSp8=
 github.com/weaveworks/promrus v1.2.0 h1:jOLf6pe6/vss4qGHjXmGz4oDJQA+AOCqEL3FvvZGz7M=
@@ -2128,7 +1832,6 @@ github.com/xeipuuv/gojsonreference v0.0.0-20180127040603-bd5ef7bd5415/go.mod h1:
 github.com/xeipuuv/gojsonschema v0.0.0-20180618132009-1d523034197f/go.mod h1:5yf86TLmAcydyeJq5YvxkGPE2fm/u4myDekKRoLuqhs=
 github.com/xiang90/probing v0.0.0-20190116061207-43a291ad63a2/go.mod h1:UETIi67q53MR2AWcXfiuqkDkRtnGDLqkBTpCHuJHxtU=
 github.com/xlab/treeprint v0.0.0-20180616005107-d6fb6747feb6/go.mod h1:ce1O1j6UtZfjr22oyGxGLbauSBp2YVXpARAosm7dHBg=
-github.com/xlab/treeprint v1.0.0/go.mod h1:IoImgRak9i3zJyuxOKUP1v4UZd1tMoKkq/Cimt1uhCg=
 github.com/xlab/treeprint v1.1.0/go.mod h1:gj5Gd3gPdKtR1ikdDK6fnFLdmIS0X30kTTuNd/WEJu0=
 github.com/xordataexchange/crypt v0.0.3-0.20170626215501-b2862e3d0a77/go.mod h1:aYKd//L2LvnjZzWKhF00oedf4jCCReLcmhLdhm1A27Q=
 github.com/youmark/pkcs8 v0.0.0-20181117223130-1be2e3e5546d/go.mod h1:rHwXgn7JulP+udvsHwJoVG1YGAP6VLg4y9I5dyZdqmA=
@@ -2137,51 +1840,34 @@ github.com/yuin/goldmark v1.1.27/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9de
 github.com/yuin/goldmark v1.1.32/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74=
 github.com/yuin/goldmark v1.2.1/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74=
 github.com/yuin/goldmark v1.3.5/go.mod h1:mwnBkeHKe2W/ZEtQ+71ViKU8L12m81fl3OWwC1Zlc8k=
+github.com/yuin/goldmark v1.4.0/go.mod h1:mwnBkeHKe2W/ZEtQ+71ViKU8L12m81fl3OWwC1Zlc8k=
 github.com/yuin/gopher-lua v0.0.0-20200816102855-ee81675732da h1:NimzV1aGyq29m5ukMK0AMWEhFaL/lrEOaephfuoiARg=
 github.com/yuin/gopher-lua v0.0.0-20200816102855-ee81675732da/go.mod h1:E1AXubJBdNmFERAOucpDIxNzeGfLzg0mYh+UfMWdChA=
 github.com/yvasiyarov/go-metrics v0.0.0-20140926110328-57bccd1ccd43/go.mod h1:aX5oPXxHm3bOH+xeAttToC8pqch2ScQN/JoXYupl6xs=
 github.com/yvasiyarov/gorelic v0.0.0-20141212073537-a9bba5b9ab50/go.mod h1:NUSPSUX/bi6SeDMUh6brw0nXpxHnc96TguQh0+r/ssA=
 github.com/yvasiyarov/newrelic_platform_go v0.0.0-20140908184405-b21fdbd4370f/go.mod h1:GlGEuHIJweS1mbCqG+7vt2nvWLzLLnRHbXz5JKd/Qbg=
 gitlab.com/nyarla/go-crypt v0.0.0-20160106005555-d9a5dc2b789b/go.mod h1:T3BPAOm2cqquPa0MKWeNkmOM5RQsRhkrwMWonFMN7fE=
-go.elastic.co/apm v1.5.0/go.mod h1:OdB9sPtM6Vt7oz3VXt7+KR96i9li74qrxBGHTQygFvk=
 go.elastic.co/apm v1.11.0/go.mod h1:qoOSi09pnzJDh5fKnfY7bPmQgl8yl2tULdOu03xhui0=
-go.elastic.co/apm/module/apmhttp v1.5.0/go.mod h1:1FbmNuyD3ddauwzgVwFB0fqY6KbZt3JkV187tGCYYhY=
 go.elastic.co/apm/module/apmhttp v1.11.0/go.mod h1:5JFMIxdeS4vJy+D1PPPjINuX6hZ3AHalZXoOgyqZAkk=
-go.elastic.co/apm/module/apmot v1.5.0/go.mod h1:d2KYwhJParTpyw2WnTNy8geNlHKKFX+4oK3YLlsesWE=
 go.elastic.co/apm/module/apmot v1.11.0/go.mod h1:Qnbt3w1DvUd/5QugAF1AJ3mR4AG86EcJFBnAGW77EmU=
-go.elastic.co/fastjson v1.0.0/go.mod h1:PmeUOMMtLHQr9ZS9J9owrAVg0FkaZDRZJEFTTGHtchs=
 go.elastic.co/fastjson v1.1.0/go.mod h1:boNGISWMjQsUPy/t6yqt2/1Wx4YNPSe+mZjlyw9vKKI=
 go.etcd.io/bbolt v1.3.2/go.mod h1:IbVyRI1SCnLcuJnV2u8VeU0CEYM7e686BmAb1XKL+uU=
 go.etcd.io/bbolt v1.3.3/go.mod h1:IbVyRI1SCnLcuJnV2u8VeU0CEYM7e686BmAb1XKL+uU=
-go.etcd.io/bbolt v1.3.5-0.20200615073812-232d8fc87f50/go.mod h1:G5EMThwa9y8QZGBClrRx5EY+Yw9kAhnjy3bSjsnlVTQ=
 go.etcd.io/bbolt v1.3.5/go.mod h1:G5EMThwa9y8QZGBClrRx5EY+Yw9kAhnjy3bSjsnlVTQ=
 go.etcd.io/bbolt v1.3.6 h1:/ecaJf0sk1l4l6V4awd65v2C3ILy7MSj+s/x1ADCIMU=
 go.etcd.io/bbolt v1.3.6/go.mod h1:qXsaaIqmgQH0T+OPdb99Bf+PKfBBQVAdyD6TY9G8XM4=
-go.etcd.io/etcd v0.0.0-20190709142735-eb7dd97135a5/go.mod h1:N0RPWo9FXJYZQI4BTkDtQylrstIigYHeR18ONnyTufk=
 go.etcd.io/etcd v0.0.0-20191023171146-3cf2f69b5738/go.mod h1:dnLIgRNXwCJa5e+c6mIZCrds/GIG4ncV9HhK5PX7jPg=
-go.etcd.io/etcd v0.5.0-alpha.5.0.20200520232829-54ba9589114f/go.mod h1:skWido08r9w6Lq/w70DO5XYIKMu4QFu1+4VsqLQuJy8=
 go.etcd.io/etcd v0.5.0-alpha.5.0.20200910180754-dd1b699fc489/go.mod h1:yVHk9ub3CSBatqGNg7GRmsnfLWtoW60w4eDYfh7vHDg=
 go.etcd.io/etcd v3.3.25+incompatible h1:V1RzkZJj9LqsJRy+TUBgpWSbZXITLB819lstuTFoZOY=
 go.etcd.io/etcd v3.3.25+incompatible/go.mod h1:yaeTdrJi5lOmYerz05bd8+V7KubZs8YSFZfzsF9A6aI=
-go.etcd.io/etcd/api/v3 v3.5.0-alpha.0/go.mod h1:mPcW6aZJukV6Aa81LSKpBjQXTWlXB5r74ymPoSWa3Sw=
 go.etcd.io/etcd/api/v3 v3.5.0 h1:GsV3S+OfZEOCNXdtNkBSR7kgLobAa/SO6tCxRa0GAYw=
 go.etcd.io/etcd/api/v3 v3.5.0/go.mod h1:cbVKeC6lCfl7j/8jBhAK6aIYO9XOjdptoxU/nLQcPvs=
 go.etcd.io/etcd/client/pkg/v3 v3.5.0 h1:2aQv6F436YnN7I4VbI8PPYrBhu+SmrTaADcf8Mi/6PU=
 go.etcd.io/etcd/client/pkg/v3 v3.5.0/go.mod h1:IJHfcCEKxYu1Os13ZdwCwIUTUVGYTSAM3YSwc9/Ac1g=
-go.etcd.io/etcd/client/v2 v2.305.0-alpha.0/go.mod h1:kdV+xzCJ3luEBSIeQyB/OEKkWKd8Zkux4sbDeANrosU=
 go.etcd.io/etcd/client/v2 v2.305.0/go.mod h1:h9puh54ZTgAKtEbut2oe9P4L/oqKCVB6xsXlzd7alYQ=
-go.etcd.io/etcd/client/v3 v3.5.0-alpha.0/go.mod h1:wKt7jgDgf/OfKiYmCq5WFGxOFAkVMLxiiXgLDFhECr8=
-go.etcd.io/etcd/client/v3 v3.5.0-alpha.0.0.20210225194612-fa82d11a958a/go.mod h1:wKt7jgDgf/OfKiYmCq5WFGxOFAkVMLxiiXgLDFhECr8=
 go.etcd.io/etcd/client/v3 v3.5.0 h1:62Eh0XOro+rDwkrypAGDfgmNh5Joq+z+W9HZdlXMzek=
 go.etcd.io/etcd/client/v3 v3.5.0/go.mod h1:AIKXXVX/DQXtfTEqBryiLTUXwON+GuvO6Z7lLS/oTh0=
-go.etcd.io/etcd/pkg/v3 v3.5.0-alpha.0/go.mod h1:tV31atvwzcybuqejDoY3oaNRTtlD2l/Ot78Pc9w7DMY=
-go.etcd.io/etcd/pkg/v3 v3.5.0/go.mod h1:UzJGatBQ1lXChBkQF0AuAtkRQMYnHubxAEYIrC3MSsE=
-go.etcd.io/etcd/raft/v3 v3.5.0-alpha.0/go.mod h1:FAwse6Zlm5v4tEWZaTjmNhe17Int4Oxbu7+2r0DiD3w=
-go.etcd.io/etcd/raft/v3 v3.5.0/go.mod h1:UFOHSIvO/nKwd4lhkwabrTD3cqW5yVyYYf/KlD00Szc=
-go.etcd.io/etcd/server/v3 v3.5.0-alpha.0.0.20210225194612-fa82d11a958a/go.mod h1:tsKetYpt980ZTpzl/gb+UOJj9RkIyCb1u4wjzMg90BQ=
-go.etcd.io/etcd/server/v3 v3.5.0/go.mod h1:3Ah5ruV+M+7RZr0+Y/5mNLwC+eQlni+mQmOVdCRJoS4=
 go.mongodb.org/mongo-driver v1.0.3/go.mod h1:u7ryQJ+DOzQmeO7zB6MHyr8jkEQvC8vH7qLUO4lqsUM=
-go.mongodb.org/mongo-driver v1.0.4/go.mod h1:u7ryQJ+DOzQmeO7zB6MHyr8jkEQvC8vH7qLUO4lqsUM=
 go.mongodb.org/mongo-driver v1.1.0/go.mod h1:u7ryQJ+DOzQmeO7zB6MHyr8jkEQvC8vH7qLUO4lqsUM=
 go.mongodb.org/mongo-driver v1.1.1/go.mod h1:u7ryQJ+DOzQmeO7zB6MHyr8jkEQvC8vH7qLUO4lqsUM=
 go.mongodb.org/mongo-driver v1.1.2/go.mod h1:u7ryQJ+DOzQmeO7zB6MHyr8jkEQvC8vH7qLUO4lqsUM=
@@ -2192,8 +1878,9 @@ go.mongodb.org/mongo-driver v1.4.3/go.mod h1:WcMNYLx/IlOxLe6JRJiv2uXuCz6zBLndR4S
 go.mongodb.org/mongo-driver v1.4.4/go.mod h1:WcMNYLx/IlOxLe6JRJiv2uXuCz6zBLndR4SoGjYphSc=
 go.mongodb.org/mongo-driver v1.4.6/go.mod h1:WcMNYLx/IlOxLe6JRJiv2uXuCz6zBLndR4SoGjYphSc=
 go.mongodb.org/mongo-driver v1.5.1/go.mod h1:gRXCHX4Jo7J0IJ1oDQyUxF7jfy19UfxniMS4xxMmUqw=
-go.mongodb.org/mongo-driver v1.7.3 h1:G4l/eYY9VrQAK/AUgkV0koQKzQnyddnWxrd/Etf0jIs=
 go.mongodb.org/mongo-driver v1.7.3/go.mod h1:NqaYOwnXWr5Pm7AOpO5QFxKJ503nbMse/R79oO62zWg=
+go.mongodb.org/mongo-driver v1.7.5 h1:ny3p0reEpgsR2cfA5cjgwFZg3Cv/ofFh/8jbhGtz9VI=
+go.mongodb.org/mongo-driver v1.7.5/go.mod h1:VXEWRZ6URJIkUq2SCAyapmhH0ZLRBP+FT4xhp5Zvxng=
 go.mozilla.org/pkcs7 v0.0.0-20200128120323-432b2356ecb1/go.mod h1:SNgMg+EgDFwmvSmLRTNKC5fegJjB7v23qTQ0XLGUNHk=
 go.opencensus.io v0.20.1/go.mod h1:6WKK9ahsWS3RSO+PY9ZHZUfv2irvY6gN279GOPZjmmk=
 go.opencensus.io v0.20.2/go.mod h1:6WKK9ahsWS3RSO+PY9ZHZUfv2irvY6gN279GOPZjmmk=
@@ -2209,15 +1896,11 @@ go.opencensus.io v0.23.0/go.mod h1:XItmlyltB5F7CS4xOC1DcqMoFqwtC6OG2xF7mCv7P7E=
 go.opentelemetry.io/collector/model v0.38.0/go.mod h1:gS8A27wi+8gM3hrXL+dEjTbrbLxktjHjAwwqI31ELgQ=
 go.opentelemetry.io/collector/model v0.40.0 h1:UgdWfBnJBQL4atFv6LhlYq67Ts/vFDbwGknvsIsm/g8=
 go.opentelemetry.io/collector/model v0.40.0/go.mod h1:dXqjAeml+cB+YzJ3kUnd3v5/JvGAKl3MqHXfgSWRIo8=
-go.opentelemetry.io/contrib v0.20.0 h1:ubFQUn0VCZ0gPwIoJfBJVpeBlyRMxu8Mm/huKWYd9p0=
-go.opentelemetry.io/contrib v0.20.0/go.mod h1:G/EtFaa6qaN7+LxqfIAT3GiZa7Wv5DTBUzl5H4LY0Kc=
-go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc v0.20.0/go.mod h1:oVGt1LRbBOBq1A5BQLlUg9UaU/54aiHw8cgjV3aWZ/E=
 go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc v0.27.0 h1:TON1iU3Y5oIytGQHIejDYLam5uoSMsmA0UV9Yupb5gQ=
 go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc v0.27.0/go.mod h1:T/zQwBldOpoAEpE3HMbLnI8ydESZVz4ggw6Is4FF9LI=
 go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.27.0 h1:0BgiNWjN7rUWO9HdjF4L12r8OW86QkVQcYmCjnayJLo=
 go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.27.0/go.mod h1:bdvm3YpMxWAgEfQhtTBaVR8ceXPRuRBSQrvOBnIlHxc=
 go.opentelemetry.io/contrib/zpages v0.27.0/go.mod h1:D8d5QMQJnidUFSazrcjfwq6Qw17G39JY+d4XvhQFMyI=
-go.opentelemetry.io/otel v0.20.0/go.mod h1:Y3ugLH2oa81t5QO+Lty+zXf8zC9L26ax4Nzoxm/dooo=
 go.opentelemetry.io/otel v1.0.0-RC2/go.mod h1:w1thVQ7qbAy8MHb0IFj8a5Q2QU0l2ksf8u/CN8m3NOM=
 go.opentelemetry.io/otel v1.2.0 h1:YOQDvxO1FayUcT9MIhJhgMyNO1WqoduiyvQHzGN0kUQ=
 go.opentelemetry.io/otel v1.2.0/go.mod h1:aT17Fk0Z1Nor9e0uisf98LrntPGMnk4frBO9+dkf69I=
@@ -2225,24 +1908,17 @@ go.opentelemetry.io/otel/bridge/opencensus v0.25.0 h1:18Ww8TpCEGes12HZJzB2nEbUgl
 go.opentelemetry.io/otel/bridge/opencensus v0.25.0/go.mod h1:dkZDdaNwLlIutxK2Kc2m3jwW2M1ISaNf8/rOYVwuVHs=
 go.opentelemetry.io/otel/exporters/jaeger v1.2.0 h1:C/5Egj3MJBXRJi22cSl07suqPqtZLnLFmH//OxETUEc=
 go.opentelemetry.io/otel/exporters/jaeger v1.2.0/go.mod h1:KJLFbEMKTNPIfOxcg/WikIozEoKcPgJRz3Ce1vLlM8E=
-go.opentelemetry.io/otel/exporters/otlp v0.20.0/go.mod h1:YIieizyaN77rtLJra0buKiNBOm9XQfkPEKBeuhoMwAM=
 go.opentelemetry.io/otel/exporters/prometheus v0.25.0/go.mod h1:TmEyKmTplB/cdILsJBqD9/JDK9ssGXWjsrpmMHodFLw=
 go.opentelemetry.io/otel/internal/metric v0.25.0 h1:w/7RXe16WdPylaIXDgcYM6t/q0K5lXgSdZOEbIEyliE=
 go.opentelemetry.io/otel/internal/metric v0.25.0/go.mod h1:Nhuw26QSX7d6n4duoqAFi5KOQR4AuzyMcl5eXOgwxtc=
-go.opentelemetry.io/otel/metric v0.20.0/go.mod h1:598I5tYlH1vzBjn+BTuhzTCSb/9debfNp6R3s7Pr1eU=
 go.opentelemetry.io/otel/metric v0.25.0 h1:7cXOnCADUsR3+EOqxPaSKwhEuNu0gz/56dRN1hpIdKw=
 go.opentelemetry.io/otel/metric v0.25.0/go.mod h1:E884FSpQfnJOMMUaq+05IWlJ4rjZpk2s/F1Ju+TEEm8=
-go.opentelemetry.io/otel/oteltest v0.20.0/go.mod h1:L7bgKf9ZB7qCwT9Up7i9/pn0PWIa9FqQ2IQ8LoxiGnw=
-go.opentelemetry.io/otel/sdk v0.20.0/go.mod h1:g/IcepuwNsoiX5Byy2nNV0ySUF1em498m7hBWC279Yc=
 go.opentelemetry.io/otel/sdk v1.2.0 h1:wKN260u4DesJYhyjxDa7LRFkuhH7ncEVKU37LWcyNIo=
 go.opentelemetry.io/otel/sdk v1.2.0/go.mod h1:jNN8QtpvbsKhgaC6V5lHiejMoKD+V8uadoSafgHPx1U=
-go.opentelemetry.io/otel/sdk/export/metric v0.20.0/go.mod h1:h7RBNMsDJ5pmI1zExLi+bJK+Dr8NQCh0qGhm1KDnNlE=
 go.opentelemetry.io/otel/sdk/export/metric v0.25.0 h1:6UjAFmVB5Fza3K5qUJpYWGrk8QMPIqlSnya5FI46VBY=
 go.opentelemetry.io/otel/sdk/export/metric v0.25.0/go.mod h1:Ej7NOa+WpN49EIcr1HMUYRvxXXCCnQCg2+ovdt2z8Pk=
-go.opentelemetry.io/otel/sdk/metric v0.20.0/go.mod h1:knxiS8Xd4E/N+ZqKmUPf3gTTZ4/0TjTXukfxjzSTpHE=
 go.opentelemetry.io/otel/sdk/metric v0.25.0 h1:J+Ta+4IAA5W9AdWhGQLfciEpavBqqSkBzTDeYvJLFNU=
 go.opentelemetry.io/otel/sdk/metric v0.25.0/go.mod h1:G4xzj4LvC6xDDSsVXpvRVclQCbofGGg4ZU2VKKtDRfg=
-go.opentelemetry.io/otel/trace v0.20.0/go.mod h1:6GjCW8zgDjwGHGa6GkyeB8+/5vjT16gUEi0Nf1iBdgw=
 go.opentelemetry.io/otel/trace v1.0.0-RC2/go.mod h1:JPQ+z6nNw9mqEGT8o3eoPTdnNI+Aj5JcxEsVGREIAy4=
 go.opentelemetry.io/otel/trace v1.2.0 h1:Ys3iqbqZhcf28hHzrm5WAquMkDHNZTUkw7KHbuNjej0=
 go.opentelemetry.io/otel/trace v1.2.0/go.mod h1:N5FLswTubnxKxOJHM7XZC074qpeEdLy3CgAVsdMucK0=
@@ -2253,15 +1929,13 @@ go.uber.org/atomic v1.5.0/go.mod h1:sABNBOSYdrvTF6hTgEIbc7YasKWGhgEQZyfxyTvoXHQ=
 go.uber.org/atomic v1.5.1/go.mod h1:sABNBOSYdrvTF6hTgEIbc7YasKWGhgEQZyfxyTvoXHQ=
 go.uber.org/atomic v1.6.0/go.mod h1:sABNBOSYdrvTF6hTgEIbc7YasKWGhgEQZyfxyTvoXHQ=
 go.uber.org/atomic v1.7.0/go.mod h1:fEN4uk6kAWBTFdckzkM89CLk9XfWZrxpCo0nPH17wJc=
-go.uber.org/atomic v1.8.0/go.mod h1:fEN4uk6kAWBTFdckzkM89CLk9XfWZrxpCo0nPH17wJc=
 go.uber.org/atomic v1.9.0 h1:ECmE8Bn/WFTYwEW/bpKD3M8VtR/zQVbavAoalC1PYyE=
 go.uber.org/atomic v1.9.0/go.mod h1:fEN4uk6kAWBTFdckzkM89CLk9XfWZrxpCo0nPH17wJc=
-go.uber.org/automaxprocs v1.2.0/go.mod h1:YfO3fm683kQpzETxlTGZhGIVmXAhaw3gxeBADbpZtnU=
 go.uber.org/automaxprocs v1.4.0/go.mod h1:/mTEdr7LvHhs0v7mjdxDreTz1OG5zdZGqgOnhWiR/+Q=
-go.uber.org/goleak v1.0.0/go.mod h1:8a7PlsEVH3e/a/GLqe5IIrQx6GzcnRmZEufDUTk4A7A=
 go.uber.org/goleak v1.1.10/go.mod h1:8a7PlsEVH3e/a/GLqe5IIrQx6GzcnRmZEufDUTk4A7A=
-go.uber.org/goleak v1.1.11-0.20210813005559-691160354723 h1:sHOAIxRGBp443oHZIPB+HsUGaksVCXVQENPxwTfQdH4=
 go.uber.org/goleak v1.1.11-0.20210813005559-691160354723/go.mod h1:cwTWslyiVhfpKIDGSZEM2HlOvcqm+tG4zioyIeLoqMQ=
+go.uber.org/goleak v1.1.12 h1:gZAh5/EyT/HQwlpkCy6wTpqfH9H8Lz8zbm3dZh+OyzA=
+go.uber.org/goleak v1.1.12/go.mod h1:cwTWslyiVhfpKIDGSZEM2HlOvcqm+tG4zioyIeLoqMQ=
 go.uber.org/multierr v1.1.0/go.mod h1:wR5kodmAFQ0UK8QlbwjlSNy0Z68gJhDJUG5sjR94q/0=
 go.uber.org/multierr v1.3.0/go.mod h1:VgVr7evmIr6uPjLBxg28wmKNXyqE9akIJ5XnfpiKl+4=
 go.uber.org/multierr v1.4.0/go.mod h1:VgVr7evmIr6uPjLBxg28wmKNXyqE9akIJ5XnfpiKl+4=
@@ -2275,25 +1949,21 @@ go.uber.org/zap v1.10.0/go.mod h1:vwi/ZaCAaUcBkycHslxD9B2zi4UTXhF60s6SWpuDF0Q=
 go.uber.org/zap v1.13.0/go.mod h1:zwrFLgMcdUuIBviXEYEH1YKNaOBnKXsx2IPda5bBwHM=
 go.uber.org/zap v1.14.0/go.mod h1:zwrFLgMcdUuIBviXEYEH1YKNaOBnKXsx2IPda5bBwHM=
 go.uber.org/zap v1.14.1/go.mod h1:Mb2vm2krFEG5DV0W9qcHBYFtp/Wku1cvYaqPsS/WYfc=
-go.uber.org/zap v1.16.0/go.mod h1:MA8QOfq0BHJwdXa996Y4dYkAqRKB8/1K1QMMZVaNZjQ=
 go.uber.org/zap v1.17.0/go.mod h1:MXVU+bhUf/A7Xi2HNOnopQOrmycQ5Ih87HtOu4q5SSo=
 go.uber.org/zap v1.19.1 h1:ue41HOKd1vGURxrmeKIgELGb3jPW9DMUDGtsinblHwI=
 go.uber.org/zap v1.19.1/go.mod h1:j3DNczoxDZroyBnOT1L/Q79cfUMGZxlv/9dzN7SM1rI=
 golang.org/x/crypto v0.0.0-20171113213409-9f005a07e0d3/go.mod h1:6SG95UA2DQfeDnfUPMdvaQW0Q7yPrPDi9nlGo2tz2b4=
 golang.org/x/crypto v0.0.0-20180505025534-4ec37c66abab/go.mod h1:6SG95UA2DQfeDnfUPMdvaQW0Q7yPrPDi9nlGo2tz2b4=
-golang.org/x/crypto v0.0.0-20180608092829-8ac0e0d97ce4/go.mod h1:6SG95UA2DQfeDnfUPMdvaQW0Q7yPrPDi9nlGo2tz2b4=
 golang.org/x/crypto v0.0.0-20180904163835-0709b304e793/go.mod h1:6SG95UA2DQfeDnfUPMdvaQW0Q7yPrPDi9nlGo2tz2b4=
 golang.org/x/crypto v0.0.0-20181009213950-7c1a557ab941/go.mod h1:6SG95UA2DQfeDnfUPMdvaQW0Q7yPrPDi9nlGo2tz2b4=
 golang.org/x/crypto v0.0.0-20181029021203-45a5f77698d3/go.mod h1:6SG95UA2DQfeDnfUPMdvaQW0Q7yPrPDi9nlGo2tz2b4=
 golang.org/x/crypto v0.0.0-20181203042331-505ab145d0a9/go.mod h1:6SG95UA2DQfeDnfUPMdvaQW0Q7yPrPDi9nlGo2tz2b4=
-golang.org/x/crypto v0.0.0-20190211182817-74369b46fc67/go.mod h1:6SG95UA2DQfeDnfUPMdvaQW0Q7yPrPDi9nlGo2tz2b4=
 golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w=
 golang.org/x/crypto v0.0.0-20190320223903-b7391e95e576/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w=
 golang.org/x/crypto v0.0.0-20190325154230-a5d413f7728c/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w=
 golang.org/x/crypto v0.0.0-20190422162423-af44ce270edf/go.mod h1:WFFai1msRO1wXaEeE5yQxYXgSfI8pQAWXbQop6sCtWE=
 golang.org/x/crypto v0.0.0-20190426145343-a29dc8fdc734/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI=
 golang.org/x/crypto v0.0.0-20190510104115-cbcb75029529/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI=
-golang.org/x/crypto v0.0.0-20190513172903-22d7a77e9e5f/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI=
 golang.org/x/crypto v0.0.0-20190530122614-20be4c3c3ed5/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI=
 golang.org/x/crypto v0.0.0-20190605123033-f99c8df09eb5/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI=
 golang.org/x/crypto v0.0.0-20190611184440-5c40567a22f8/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI=
@@ -2302,19 +1972,19 @@ golang.org/x/crypto v0.0.0-20190701094942-4def268fd1a4/go.mod h1:yigFU9vqHzYiE8U
 golang.org/x/crypto v0.0.0-20190820162420-60c769a6c586/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI=
 golang.org/x/crypto v0.0.0-20190923035154-9ee001bba392/go.mod h1:/lpIB1dKB+9EgE3H3cr1v9wB50oz8l4C4h62xy7jSTY=
 golang.org/x/crypto v0.0.0-20191011191535-87dc89f01550/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI=
-golang.org/x/crypto v0.0.0-20191112222119-e1110fd1c708/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto=
 golang.org/x/crypto v0.0.0-20191202143827-86a70503ff7e/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto=
 golang.org/x/crypto v0.0.0-20191206172530-e9b2fee46413/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto=
 golang.org/x/crypto v0.0.0-20200302210943-78000ba7a073/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto=
 golang.org/x/crypto v0.0.0-20200323165209-0ec3e9974c59/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto=
 golang.org/x/crypto v0.0.0-20200422194213-44a606286825/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto=
+golang.org/x/crypto v0.0.0-20200510223506-06a226fb4e37/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto=
 golang.org/x/crypto v0.0.0-20200622213623-75b288015ac9/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto=
 golang.org/x/crypto v0.0.0-20200709230013-948cd5f35899/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto=
 golang.org/x/crypto v0.0.0-20200728195943-123391ffb6de/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto=
 golang.org/x/crypto v0.0.0-20200820211705-5c72a883971a/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto=
 golang.org/x/crypto v0.0.0-20201002170205-7f63de1d35b0/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto=
 golang.org/x/crypto v0.0.0-20201112155050-0c6587e931a9/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto=
-golang.org/x/crypto v0.0.0-20201208171446-5f87f3452ae9/go.mod h1:jdWPYTVW3xRLrWPugEBEK3UY2ZEsg3UU495nc5E+M+I=
+golang.org/x/crypto v0.0.0-20201216223049-8b5274cf687f/go.mod h1:jdWPYTVW3xRLrWPugEBEK3UY2ZEsg3UU495nc5E+M+I=
 golang.org/x/crypto v0.0.0-20201221181555-eec23a3978ad/go.mod h1:jdWPYTVW3xRLrWPugEBEK3UY2ZEsg3UU495nc5E+M+I=
 golang.org/x/crypto v0.0.0-20210314154223-e6e6c4f2bb5b/go.mod h1:T9bdIzuCu7OtxOm1hfPfRQxPLYneinmdGuTeoZ9dtd4=
 golang.org/x/crypto v0.0.0-20210322153248-0c34fe9e7dc2/go.mod h1:T9bdIzuCu7OtxOm1hfPfRQxPLYneinmdGuTeoZ9dtd4=
@@ -2322,8 +1992,9 @@ golang.org/x/crypto v0.0.0-20210513164829-c07d793c2f9a/go.mod h1:P+XmwS30IXTQdn5
 golang.org/x/crypto v0.0.0-20210616213533-5ff15b29337e/go.mod h1:GvvjBRRGRdwPK5ydBHafDWAxML/pGHZbMvKqRZ5+Abc=
 golang.org/x/crypto v0.0.0-20210817164053-32db794688a5/go.mod h1:GvvjBRRGRdwPK5ydBHafDWAxML/pGHZbMvKqRZ5+Abc=
 golang.org/x/crypto v0.0.0-20210915214749-c084706c2272/go.mod h1:GvvjBRRGRdwPK5ydBHafDWAxML/pGHZbMvKqRZ5+Abc=
-golang.org/x/crypto v0.0.0-20210920023735-84f357641f63 h1:kETrAMYZq6WVGPa8IIixL0CaEcIUNi+1WX7grUoi3y8=
 golang.org/x/crypto v0.0.0-20210920023735-84f357641f63/go.mod h1:GvvjBRRGRdwPK5ydBHafDWAxML/pGHZbMvKqRZ5+Abc=
+golang.org/x/crypto v0.0.0-20210921155107-089bfa567519 h1:7I4JAnoQBe7ZtJcBaYHi5UtiO8tQHbUSXxL+pnGRANg=
+golang.org/x/crypto v0.0.0-20210921155107-089bfa567519/go.mod h1:GvvjBRRGRdwPK5ydBHafDWAxML/pGHZbMvKqRZ5+Abc=
 golang.org/x/exp v0.0.0-20180321215751-8460e604b9de/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA=
 golang.org/x/exp v0.0.0-20180807140117-3d87b88a115f/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA=
 golang.org/x/exp v0.0.0-20190121172915-509febef88a4/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA=
@@ -2331,14 +2002,12 @@ golang.org/x/exp v0.0.0-20190125153040-c74c464bbbf2/go.mod h1:CJ0aWSM057203Lf6IL
 golang.org/x/exp v0.0.0-20190306152737-a1d7652674e8/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA=
 golang.org/x/exp v0.0.0-20190510132918-efd6b22b2522/go.mod h1:ZjyILWgesfNpC6sMxTJOJm9Kp84zZh5NQWvqDGG3Qr8=
 golang.org/x/exp v0.0.0-20190829153037-c13cbed26979/go.mod h1:86+5VVa7VpoJ4kLfm080zCjGlMRFzhUhsZKEZO7MGek=
-golang.org/x/exp v0.0.0-20191029154019-8994fa331a53/go.mod h1:JXzH8nQsPlswgeRAPE3MuO9GYsAcnJvJ4vnMwN/5qkY=
 golang.org/x/exp v0.0.0-20191030013958-a1ab85dbe136/go.mod h1:JXzH8nQsPlswgeRAPE3MuO9GYsAcnJvJ4vnMwN/5qkY=
 golang.org/x/exp v0.0.0-20191129062945-2f5052295587/go.mod h1:2RIsYlXP63K8oxa1u096TMicItID8zy7Y6sNkU49FU4=
 golang.org/x/exp v0.0.0-20191227195350-da58074b4299/go.mod h1:2RIsYlXP63K8oxa1u096TMicItID8zy7Y6sNkU49FU4=
 golang.org/x/exp v0.0.0-20200119233911-0405dc783f0a/go.mod h1:2RIsYlXP63K8oxa1u096TMicItID8zy7Y6sNkU49FU4=
 golang.org/x/exp v0.0.0-20200207192155-f17229e696bd/go.mod h1:J/WKrq2StrnmMY6+EHIKF9dgMWnmCNThgcyBT1FY9mM=
 golang.org/x/exp v0.0.0-20200224162631-6cc2880d07d6/go.mod h1:3jZMyOhIsHpP37uCMkUooju7aAi5cS1Q23tOzKc+0MU=
-golang.org/x/exp v0.0.0-20200331195152-e8c3332aa8e5/go.mod h1:4M0jN8W1tt0AVLNr8HDosyJCDCDuyL9N9+3m7wDWgKw=
 golang.org/x/image v0.0.0-20180708004352-c73c2afc3b81/go.mod h1:ux5Hcp/YLpHSI86hEcLt0YII63i6oz57MZXIpbrjZUs=
 golang.org/x/image v0.0.0-20190227222117-0694c2d4d067/go.mod h1:kZ7UVZpmo3dzQBMxlp+ypCbDeSB+sBbTgSJuh5dn5js=
 golang.org/x/image v0.0.0-20190802002840-cff245a6509b/go.mod h1:FeLwcggjj3mMvU+oOTbSwawSJRM1uh48EjtB4UJZlP0=
@@ -2365,6 +2034,7 @@ golang.org/x/mod v0.3.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA=
 golang.org/x/mod v0.4.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA=
 golang.org/x/mod v0.4.1/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA=
 golang.org/x/mod v0.4.2/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA=
+golang.org/x/mod v0.5.0/go.mod h1:5OXOZSfqPIIbmVBIIKWRFfZjPR0E5r58TLhUjH0a2Ro=
 golang.org/x/net v0.0.0-20170114055629-f2499483f923/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4=
 golang.org/x/net v0.0.0-20180530234432-1e491301e022/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4=
 golang.org/x/net v0.0.0-20180724234803-3673e40ba225/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4=
@@ -2427,23 +2097,23 @@ golang.org/x/net v0.0.0-20201202161906-c7110b5ffcbb/go.mod h1:sp8m0HH+o8qH0wwXwY
 golang.org/x/net v0.0.0-20201209123823-ac852fbbde11/go.mod h1:m0MpNAwzfU5UDzcl9v0D8zg8gWTRqZa9RBIspLL5mdg=
 golang.org/x/net v0.0.0-20201224014010-6772e930b67b/go.mod h1:m0MpNAwzfU5UDzcl9v0D8zg8gWTRqZa9RBIspLL5mdg=
 golang.org/x/net v0.0.0-20210119194325-5f4716e94777/go.mod h1:m0MpNAwzfU5UDzcl9v0D8zg8gWTRqZa9RBIspLL5mdg=
-golang.org/x/net v0.0.0-20210224082022-3d97a244fca7/go.mod h1:m0MpNAwzfU5UDzcl9v0D8zg8gWTRqZa9RBIspLL5mdg=
 golang.org/x/net v0.0.0-20210226172049-e18ecbb05110/go.mod h1:m0MpNAwzfU5UDzcl9v0D8zg8gWTRqZa9RBIspLL5mdg=
 golang.org/x/net v0.0.0-20210316092652-d523dce5a7f4/go.mod h1:RBQZq4jEuRlivfhVLdyRGr576XBO4/greRjx4P4O3yc=
-golang.org/x/net v0.0.0-20210324051636-2c4c8ecb7826/go.mod h1:RBQZq4jEuRlivfhVLdyRGr576XBO4/greRjx4P4O3yc=
 golang.org/x/net v0.0.0-20210405180319-a5a99cb37ef4/go.mod h1:p54w0d4576C0XHj96bSt6lcn1PtDYWL6XObtHCRCNQM=
 golang.org/x/net v0.0.0-20210421230115-4e50805a0758/go.mod h1:72T/g9IO56b78aLF+1Kcs5dz7/ng1VjMUvfKvpfy+jM=
 golang.org/x/net v0.0.0-20210428140749-89ef3d95e781/go.mod h1:OJAsFXCWl8Ukc7SiCT/9KSuxbyM7479/AVlXFRxuMCk=
 golang.org/x/net v0.0.0-20210503060351-7fd8e65b6420/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y=
-golang.org/x/net v0.0.0-20210505214959-0714010a04ed/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y=
 golang.org/x/net v0.0.0-20210520170846-37e1c6afe023/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y=
 golang.org/x/net v0.0.0-20210525063256-abc453219eb5/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y=
 golang.org/x/net v0.0.0-20210610132358-84b48f89b13b/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y=
 golang.org/x/net v0.0.0-20210614182718-04defd469f4e/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y=
 golang.org/x/net v0.0.0-20210726213435-c6fcb2dbf985/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y=
-golang.org/x/net v0.0.0-20210903162142-ad29c8ab022f/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y=
-golang.org/x/net v0.0.0-20210917221730-978cfadd31cf h1:R150MpwJIv1MpS0N/pc+NhTM8ajzvlmxlY5OYsrevXQ=
+golang.org/x/net v0.0.0-20210805182204-aaa1db679c0d/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y=
+golang.org/x/net v0.0.0-20210813160813-60bc85c4be6d/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y=
 golang.org/x/net v0.0.0-20210917221730-978cfadd31cf/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y=
+golang.org/x/net v0.0.0-20211020060615-d418f374d309/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y=
+golang.org/x/net v0.0.0-20211123203042-d83791d6bcd9 h1:0qxwC5n+ttVOINCBeRHO0nq9X7uy8SDsPoi5OaCdIEI=
+golang.org/x/net v0.0.0-20211123203042-d83791d6bcd9/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y=
 golang.org/x/oauth2 v0.0.0-20180821212333-d2e6202438be/go.mod h1:N/0e6XlmueqKjAGxoOufVs8QHGRruUQn6yWY3a++T0U=
 golang.org/x/oauth2 v0.0.0-20181106182150-f42d05182288/go.mod h1:N/0e6XlmueqKjAGxoOufVs8QHGRruUQn6yWY3a++T0U=
 golang.org/x/oauth2 v0.0.0-20190226205417-e64efc72b421/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw=
@@ -2454,19 +2124,17 @@ golang.org/x/oauth2 v0.0.0-20200107190931-bf48bf16ab8d/go.mod h1:gOpvHmFTYa4Iltr
 golang.org/x/oauth2 v0.0.0-20200902213428-5d25da1a8d43/go.mod h1:KelEdhl1UZF7XfJ4dDtk6s++YSgaE7mD/BuKKDLBl4A=
 golang.org/x/oauth2 v0.0.0-20201109201403-9fd604954f58/go.mod h1:KelEdhl1UZF7XfJ4dDtk6s++YSgaE7mD/BuKKDLBl4A=
 golang.org/x/oauth2 v0.0.0-20201208152858-08078c50e5b5/go.mod h1:KelEdhl1UZF7XfJ4dDtk6s++YSgaE7mD/BuKKDLBl4A=
-golang.org/x/oauth2 v0.0.0-20210210192628-66670185b0cd/go.mod h1:KelEdhl1UZF7XfJ4dDtk6s++YSgaE7mD/BuKKDLBl4A=
 golang.org/x/oauth2 v0.0.0-20210218202405-ba52d332ba99/go.mod h1:KelEdhl1UZF7XfJ4dDtk6s++YSgaE7mD/BuKKDLBl4A=
 golang.org/x/oauth2 v0.0.0-20210220000619-9bb904979d93/go.mod h1:KelEdhl1UZF7XfJ4dDtk6s++YSgaE7mD/BuKKDLBl4A=
 golang.org/x/oauth2 v0.0.0-20210313182246-cd4f82c27b84/go.mod h1:KelEdhl1UZF7XfJ4dDtk6s++YSgaE7mD/BuKKDLBl4A=
-golang.org/x/oauth2 v0.0.0-20210323180902-22b0adad7558/go.mod h1:KelEdhl1UZF7XfJ4dDtk6s++YSgaE7mD/BuKKDLBl4A=
 golang.org/x/oauth2 v0.0.0-20210402161424-2e8d93401602/go.mod h1:KelEdhl1UZF7XfJ4dDtk6s++YSgaE7mD/BuKKDLBl4A=
-golang.org/x/oauth2 v0.0.0-20210427180440-81ed05c6b58c/go.mod h1:KelEdhl1UZF7XfJ4dDtk6s++YSgaE7mD/BuKKDLBl4A=
 golang.org/x/oauth2 v0.0.0-20210514164344-f6687ab2804c/go.mod h1:KelEdhl1UZF7XfJ4dDtk6s++YSgaE7mD/BuKKDLBl4A=
 golang.org/x/oauth2 v0.0.0-20210628180205-a41e5a781914/go.mod h1:KelEdhl1UZF7XfJ4dDtk6s++YSgaE7mD/BuKKDLBl4A=
 golang.org/x/oauth2 v0.0.0-20210805134026-6f1e6394065a/go.mod h1:KelEdhl1UZF7XfJ4dDtk6s++YSgaE7mD/BuKKDLBl4A=
 golang.org/x/oauth2 v0.0.0-20210819190943-2bc19b11175f/go.mod h1:KelEdhl1UZF7XfJ4dDtk6s++YSgaE7mD/BuKKDLBl4A=
-golang.org/x/oauth2 v0.0.0-20211005180243-6b3c2da341f1 h1:B333XXssMuKQeBwiNODx4TupZy7bf4sxFZnN2ZOcvUE=
 golang.org/x/oauth2 v0.0.0-20211005180243-6b3c2da341f1/go.mod h1:KelEdhl1UZF7XfJ4dDtk6s++YSgaE7mD/BuKKDLBl4A=
+golang.org/x/oauth2 v0.0.0-20211104180415-d3ed0bb246c8 h1:RerP+noqYHUQ8CMRcPlC2nvTa4dcBIjegkuWdcUDuqg=
+golang.org/x/oauth2 v0.0.0-20211104180415-d3ed0bb246c8/go.mod h1:KelEdhl1UZF7XfJ4dDtk6s++YSgaE7mD/BuKKDLBl4A=
 golang.org/x/sync v0.0.0-20180314180146-1d60e4601c6f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
 golang.org/x/sync v0.0.0-20181108010431-42b317875d0f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
 golang.org/x/sync v0.0.0-20181221193216-37e7f081c4d4/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
@@ -2476,7 +2144,6 @@ golang.org/x/sync v0.0.0-20190423024810-112230192c58/go.mod h1:RxMgew5VJxzue5/jJ
 golang.org/x/sync v0.0.0-20190911185100-cd5d95a43a6e/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
 golang.org/x/sync v0.0.0-20200317015054-43a5402ce75a/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
 golang.org/x/sync v0.0.0-20200625203802-6e8e738ad208/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
-golang.org/x/sync v0.0.0-20200930132711-30421366ff76/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
 golang.org/x/sync v0.0.0-20201020160332-67f06af15bc9/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
 golang.org/x/sync v0.0.0-20201207232520-09787c993a3a/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
 golang.org/x/sync v0.0.0-20210220032951-036812b2e83c h1:5KslGYwFpkhGh+Q16bwMP3cOontH8FOep7tGV86Y7SQ=
@@ -2495,7 +2162,6 @@ golang.org/x/sys v0.0.0-20190102155601-82a175fd1598/go.mod h1:STP8DvDyc/dI5b8T5h
 golang.org/x/sys v0.0.0-20190129075346-302c3dd5f1cc/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
 golang.org/x/sys v0.0.0-20190130150945-aca44879d564/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
 golang.org/x/sys v0.0.0-20190204203706-41f3e6584952/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
-golang.org/x/sys v0.0.0-20190209173611-3b5209105503/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
 golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
 golang.org/x/sys v0.0.0-20190222072716-a9d3bda3a223/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
 golang.org/x/sys v0.0.0-20190312061237-fead79001313/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
@@ -2505,7 +2171,6 @@ golang.org/x/sys v0.0.0-20190411185658-b44545bcd369/go.mod h1:h1NjWce9XRLGQEsW7w
 golang.org/x/sys v0.0.0-20190412213103-97732733099d/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
 golang.org/x/sys v0.0.0-20190419153524-e8e3143a4f4a/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
 golang.org/x/sys v0.0.0-20190422165155-953cdadca894/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
-golang.org/x/sys v0.0.0-20190425145619-16072639606e/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
 golang.org/x/sys v0.0.0-20190426135247-a129542de9ae/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
 golang.org/x/sys v0.0.0-20190502145724-3ef323f4f1fd/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
 golang.org/x/sys v0.0.0-20190507160741-ecd444e8653b/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
@@ -2518,7 +2183,6 @@ golang.org/x/sys v0.0.0-20190606203320-7fc4e5ec1444/go.mod h1:h1NjWce9XRLGQEsW7w
 golang.org/x/sys v0.0.0-20190616124812-15dcb6c0061f/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
 golang.org/x/sys v0.0.0-20190624142023-c5567b49c5d0/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
 golang.org/x/sys v0.0.0-20190626150813-e07cf5db2756/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
-golang.org/x/sys v0.0.0-20190712062909-fae7ac547cb7/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
 golang.org/x/sys v0.0.0-20190726091711-fc99dfbffb4e/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
 golang.org/x/sys v0.0.0-20190801041406-cbf593c0f2f3/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
 golang.org/x/sys v0.0.0-20190812073006-9eafafc0a87e/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
@@ -2537,7 +2201,6 @@ golang.org/x/sys v0.0.0-20191022100944-742c48ecaeb7/go.mod h1:h1NjWce9XRLGQEsW7w
 golang.org/x/sys v0.0.0-20191025021431-6c3a3bfe00ae/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
 golang.org/x/sys v0.0.0-20191026070338-33540a1f6037/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
 golang.org/x/sys v0.0.0-20191112214154-59a1497f0cea/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
-golang.org/x/sys v0.0.0-20191113165036-4c7a9d0fe056/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
 golang.org/x/sys v0.0.0-20191115151921-52ab43148777/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
 golang.org/x/sys v0.0.0-20191120155948-bd437916bb0e/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
 golang.org/x/sys v0.0.0-20191128015809-6d18c012aee9/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
@@ -2568,39 +2231,29 @@ golang.org/x/sys v0.0.0-20200523222454-059865788121/go.mod h1:h1NjWce9XRLGQEsW7w
 golang.org/x/sys v0.0.0-20200615200032-f1bc736245b1/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
 golang.org/x/sys v0.0.0-20200622214017-ed371f2e16b4/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
 golang.org/x/sys v0.0.0-20200625212154-ddb9806d33ae/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
-golang.org/x/sys v0.0.0-20200724161237-0e2f3a69832c/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
 golang.org/x/sys v0.0.0-20200728102440-3e129f6d46b1/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
 golang.org/x/sys v0.0.0-20200803210538-64077c9b5642/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
 golang.org/x/sys v0.0.0-20200817155316-9781c653f443/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
 golang.org/x/sys v0.0.0-20200826173525-f9321e4c35a6/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
 golang.org/x/sys v0.0.0-20200828194041-157a740278f4/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
-golang.org/x/sys v0.0.0-20200831180312-196b9ba8737a/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
 golang.org/x/sys v0.0.0-20200905004654-be1d3432aa8f/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
 golang.org/x/sys v0.0.0-20200909081042-eff7692f9009/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
 golang.org/x/sys v0.0.0-20200916030750-2334cc1a136f/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
-golang.org/x/sys v0.0.0-20200918174421-af09f7315aff/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
 golang.org/x/sys v0.0.0-20200922070232-aee5d888a860/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
 golang.org/x/sys v0.0.0-20200923182605-d9f96fdee20d/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
 golang.org/x/sys v0.0.0-20200930185726-fdedc70b468f/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
-golang.org/x/sys v0.0.0-20201008064518-c1f3e3309c71/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
-golang.org/x/sys v0.0.0-20201009025420-dfb3f7c4e634/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
-golang.org/x/sys v0.0.0-20201015000850-e3ed0017c211/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
 golang.org/x/sys v0.0.0-20201112073958-5cba982894dd/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
 golang.org/x/sys v0.0.0-20201117170446-d9b008d0a637/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
 golang.org/x/sys v0.0.0-20201119102817-f84b799fce68/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
 golang.org/x/sys v0.0.0-20201201145000-ef89a241ccb3/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
 golang.org/x/sys v0.0.0-20201202213521-69691e467435/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
-golang.org/x/sys v0.0.0-20201214210602-f9fddec55a1e/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
 golang.org/x/sys v0.0.0-20210104204734-6f8348627aad/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
 golang.org/x/sys v0.0.0-20210112080510-489259a85091/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
 golang.org/x/sys v0.0.0-20210119212857-b64e53b001e4/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
 golang.org/x/sys v0.0.0-20210124154548-22da62e12c0c/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
 golang.org/x/sys v0.0.0-20210220050731-9a76102bfb43/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
-golang.org/x/sys v0.0.0-20210225134936-a50acf3fe073/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
 golang.org/x/sys v0.0.0-20210303074136-134d130e1a04/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
 golang.org/x/sys v0.0.0-20210305230114-8fe3ee5dd75b/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
-golang.org/x/sys v0.0.0-20210309074719-68d13333faf2/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
-golang.org/x/sys v0.0.0-20210314195730-07df6a141424/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
 golang.org/x/sys v0.0.0-20210315160823-c6e025ad8005/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
 golang.org/x/sys v0.0.0-20210320140829-1e4c9ba3b0c4/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
 golang.org/x/sys v0.0.0-20210324051608-47abb6519492/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
@@ -2609,8 +2262,7 @@ golang.org/x/sys v0.0.0-20210403161142-5e06dd20ab57/go.mod h1:h1NjWce9XRLGQEsW7w
 golang.org/x/sys v0.0.0-20210420072515-93ed5bcd2bfe/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
 golang.org/x/sys v0.0.0-20210423082822-04245dca01da/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
 golang.org/x/sys v0.0.0-20210423185535-09eb48e85fd7/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
-golang.org/x/sys v0.0.0-20210503080704-8803ae5d1324/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
-golang.org/x/sys v0.0.0-20210503173754-0981d6026fa6/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
+golang.org/x/sys v0.0.0-20210426230700-d19ff857e887/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
 golang.org/x/sys v0.0.0-20210510120138-977fb7262007/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
 golang.org/x/sys v0.0.0-20210514084401-e8d321eab015/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
 golang.org/x/sys v0.0.0-20210603081109-ebe580a85c40/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
@@ -2620,20 +2272,23 @@ golang.org/x/sys v0.0.0-20210615035016-665e8c7367d1/go.mod h1:oPkhp1MJrh7nUepCBc
 golang.org/x/sys v0.0.0-20210616094352-59db8d763f22/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
 golang.org/x/sys v0.0.0-20210630005230-0f9fa26af87c/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
 golang.org/x/sys v0.0.0-20210806184541-e5e7981a1069/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
+golang.org/x/sys v0.0.0-20210809222454-d867a43fc93e/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
 golang.org/x/sys v0.0.0-20210816074244-15123e1e1f71/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
+golang.org/x/sys v0.0.0-20210816183151-1e6c022a8912/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
 golang.org/x/sys v0.0.0-20210823070655-63515b42dcdf/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
-golang.org/x/sys v0.0.0-20210906170528-6f6e22806c34/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
 golang.org/x/sys v0.0.0-20210908233432-aa78b53d3365/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
 golang.org/x/sys v0.0.0-20210917161153-d61c044b1678/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
-golang.org/x/sys v0.0.0-20211013075003-97ac67df715c h1:taxlMj0D/1sOAuv/CbSD+MMDof2vbyPTqz5FNYKpXt8=
+golang.org/x/sys v0.0.0-20211007075335-d3039528d8ac/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
 golang.org/x/sys v0.0.0-20211013075003-97ac67df715c/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
+golang.org/x/sys v0.0.0-20211025201205-69cdffdb9359/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
+golang.org/x/sys v0.0.0-20211124211545-fe61309f8881 h1:TyHqChC80pFkXWraUUf6RuB5IqFdQieMLwwCJokV2pc=
+golang.org/x/sys v0.0.0-20211124211545-fe61309f8881/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
 golang.org/x/term v0.0.0-20201117132131-f5c789dd3221/go.mod h1:Nr5EML6q2oocZ2LXRh80K7BxOlk5/8JxuGnuhpl+muw=
 golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1 h1:v+OssWQX+hTHEmOBgwxdZxK4zHq3yOs8F9J7mk0PY8E=
 golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo=
 golang.org/x/text v0.0.0-20160726164857-2910a502d2bf/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
 golang.org/x/text v0.0.0-20170915032832-14c0d48ead0c/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
 golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
-golang.org/x/text v0.3.1-0.20180805044716-cb6730876b98/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
 golang.org/x/text v0.3.1-0.20180807135948-17ff2d5776d2/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
 golang.org/x/text v0.3.1-0.20181227161524-e6919f6577db/go.mod h1:bEr9sfX3Q8Zfm5fL9x+3itogRgK3+ptLWKqgva+5dAk=
 golang.org/x/text v0.3.2/go.mod h1:bEr9sfX3Q8Zfm5fL9x+3itogRgK3+ptLWKqgva+5dAk=
@@ -2652,14 +2307,14 @@ golang.org/x/time v0.0.0-20200630173020-3af7569d3a1e/go.mod h1:tRJNPiyCQ0inRvYxb
 golang.org/x/time v0.0.0-20201208040808-7e3f01d25324/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ=
 golang.org/x/time v0.0.0-20210220033141-f8bda1e9f3ba/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ=
 golang.org/x/time v0.0.0-20210611083556-38a9dc6acbc6/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ=
-golang.org/x/time v0.0.0-20210723032227-1f47c861a9ac h1:7zkz7BUtwNFFqcowJ+RIgu2MaV/MapERkDIy+mwPyjs=
 golang.org/x/time v0.0.0-20210723032227-1f47c861a9ac/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ=
+golang.org/x/time v0.0.0-20211116232009-f0f3c7e86c11 h1:GZokNIeuVkl3aZHJchRrr13WCsols02MLUcz1U9is6M=
+golang.org/x/time v0.0.0-20211116232009-f0f3c7e86c11/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ=
 golang.org/x/tools v0.0.0-20180221164845-07fd8470d635/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ=
 golang.org/x/tools v0.0.0-20180525024113-a5b4c53f6e8b/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ=
 golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ=
 golang.org/x/tools v0.0.0-20181011042414-1f849cf54d09/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ=
 golang.org/x/tools v0.0.0-20181030221726-6c7e314b6563/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ=
-golang.org/x/tools v0.0.0-20190118193359-16909d206f00/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ=
 golang.org/x/tools v0.0.0-20190125232054-d66bd3c5d5a6/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ=
 golang.org/x/tools v0.0.0-20190206041539-40960b6deb8e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ=
 golang.org/x/tools v0.0.0-20190226205152-f727befe758c/go.mod h1:9Yl7xja0Znq3iFh3HoIrodX9oNMXvdceNzlUR8zjMvY=
@@ -2685,12 +2340,10 @@ golang.org/x/tools v0.0.0-20190813034749-528a2984e271/go.mod h1:b+2E5dAYhXwXZwtn
 golang.org/x/tools v0.0.0-20190816200558-6889da9d5479/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo=
 golang.org/x/tools v0.0.0-20190907020128-2ca718005c18/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo=
 golang.org/x/tools v0.0.0-20190911174233-4f2ddba30aff/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo=
-golang.org/x/tools v0.0.0-20190918214516-5a1a30219888/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo=
 golang.org/x/tools v0.0.0-20191012152004-8de300cfc20a/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo=
 golang.org/x/tools v0.0.0-20191029041327-9cc4af7d6b2c/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo=
 golang.org/x/tools v0.0.0-20191029190741-b9c20aec41a5/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo=
 golang.org/x/tools v0.0.0-20191108193012-7d206e10da11/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo=
-golang.org/x/tools v0.0.0-20191111182352-50fa39b762bc/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo=
 golang.org/x/tools v0.0.0-20191112195655-aa38f8e97acc/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo=
 golang.org/x/tools v0.0.0-20191113191852-77e3bb0ad9e7/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo=
 golang.org/x/tools v0.0.0-20191115202509-3a792d9c32b2/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo=
@@ -2720,24 +2373,15 @@ golang.org/x/tools v0.0.0-20200422205258-72e4a01eba43/go.mod h1:EkVYQZoAsY45+roY
 golang.org/x/tools v0.0.0-20200501065659-ab2804fb9c9d/go.mod h1:EkVYQZoAsY45+roYkvgYkIh4xh/qjgUK9TdY2XT94GE=
 golang.org/x/tools v0.0.0-20200509030707-2212a7e161a5/go.mod h1:EkVYQZoAsY45+roYkvgYkIh4xh/qjgUK9TdY2XT94GE=
 golang.org/x/tools v0.0.0-20200512131952-2bc93b1c0c88/go.mod h1:EkVYQZoAsY45+roYkvgYkIh4xh/qjgUK9TdY2XT94GE=
-golang.org/x/tools v0.0.0-20200513201620-d5fe73897c97/go.mod h1:EkVYQZoAsY45+roYkvgYkIh4xh/qjgUK9TdY2XT94GE=
 golang.org/x/tools v0.0.0-20200515010526-7d3b6ebf133d/go.mod h1:EkVYQZoAsY45+roYkvgYkIh4xh/qjgUK9TdY2XT94GE=
-golang.org/x/tools v0.0.0-20200522201501-cb1345f3a375/go.mod h1:EkVYQZoAsY45+roYkvgYkIh4xh/qjgUK9TdY2XT94GE=
-golang.org/x/tools v0.0.0-20200603131246-cc40288be839/go.mod h1:EkVYQZoAsY45+roYkvgYkIh4xh/qjgUK9TdY2XT94GE=
 golang.org/x/tools v0.0.0-20200618134242-20370b0cb4b2/go.mod h1:EkVYQZoAsY45+roYkvgYkIh4xh/qjgUK9TdY2XT94GE=
 golang.org/x/tools v0.0.0-20200619180055-7c47624df98f/go.mod h1:EkVYQZoAsY45+roYkvgYkIh4xh/qjgUK9TdY2XT94GE=
-golang.org/x/tools v0.0.0-20200710042808-f1c4188a97a1/go.mod h1:njjCfa9FT2d7l9Bc6FUM5FLjQPp3cFF28FI3qnDFljA=
 golang.org/x/tools v0.0.0-20200721032237-77f530d86f9a/go.mod h1:njjCfa9FT2d7l9Bc6FUM5FLjQPp3cFF28FI3qnDFljA=
-golang.org/x/tools v0.0.0-20200725200936-102e7d357031/go.mod h1:njjCfa9FT2d7l9Bc6FUM5FLjQPp3cFF28FI3qnDFljA=
 golang.org/x/tools v0.0.0-20200729194436-6467de6f59a7/go.mod h1:njjCfa9FT2d7l9Bc6FUM5FLjQPp3cFF28FI3qnDFljA=
 golang.org/x/tools v0.0.0-20200804011535-6c149bb5ef0d/go.mod h1:njjCfa9FT2d7l9Bc6FUM5FLjQPp3cFF28FI3qnDFljA=
-golang.org/x/tools v0.0.0-20200822203824-307de81be3f4/go.mod h1:njjCfa9FT2d7l9Bc6FUM5FLjQPp3cFF28FI3qnDFljA=
 golang.org/x/tools v0.0.0-20200825202427-b303f430e36d/go.mod h1:njjCfa9FT2d7l9Bc6FUM5FLjQPp3cFF28FI3qnDFljA=
 golang.org/x/tools v0.0.0-20200904185747-39188db58858/go.mod h1:Cj7w3i3Rnn0Xh82ur9kSqwfTHTeVxaDqrfMjpcNT6bE=
-golang.org/x/tools v0.0.0-20201014170642-d1624618ad65/go.mod h1:z6u4i615ZeAfBE4XtMziQW1fSVJXACjjbWkB/mvPzlU=
-golang.org/x/tools v0.0.0-20201020161133-226fd2f889ca/go.mod h1:z6u4i615ZeAfBE4XtMziQW1fSVJXACjjbWkB/mvPzlU=
 golang.org/x/tools v0.0.0-20201110124207-079ba7bd75cd/go.mod h1:emZCQorbCU4vsT4fOWvOPXz4eW1wZW4PmDk9uLelYpA=
-golang.org/x/tools v0.0.0-20201119054027-25dc3e1ccc3c/go.mod h1:emZCQorbCU4vsT4fOWvOPXz4eW1wZW4PmDk9uLelYpA=
 golang.org/x/tools v0.0.0-20201201161351-ac6f37ff4c2a/go.mod h1:emZCQorbCU4vsT4fOWvOPXz4eW1wZW4PmDk9uLelYpA=
 golang.org/x/tools v0.0.0-20201208233053-a543418bbed2/go.mod h1:emZCQorbCU4vsT4fOWvOPXz4eW1wZW4PmDk9uLelYpA=
 golang.org/x/tools v0.0.0-20201224043029-2b0845dc783e/go.mod h1:emZCQorbCU4vsT4fOWvOPXz4eW1wZW4PmDk9uLelYpA=
@@ -2748,8 +2392,9 @@ golang.org/x/tools v0.1.1/go.mod h1:o0xws9oXOQQZyjljx8fwUC0k7L1pTE6eaCbjGeHmOkk=
 golang.org/x/tools v0.1.2/go.mod h1:o0xws9oXOQQZyjljx8fwUC0k7L1pTE6eaCbjGeHmOkk=
 golang.org/x/tools v0.1.3/go.mod h1:o0xws9oXOQQZyjljx8fwUC0k7L1pTE6eaCbjGeHmOkk=
 golang.org/x/tools v0.1.4/go.mod h1:o0xws9oXOQQZyjljx8fwUC0k7L1pTE6eaCbjGeHmOkk=
-golang.org/x/tools v0.1.5 h1:ouewzE6p+/VEB31YYnTbEJdi8pFqKp4P4n85vwo3DHA=
 golang.org/x/tools v0.1.5/go.mod h1:o0xws9oXOQQZyjljx8fwUC0k7L1pTE6eaCbjGeHmOkk=
+golang.org/x/tools v0.1.7 h1:6j8CgantCy3yc8JGBqkDLMKWqZ0RDU2g1HVgacojGWQ=
+golang.org/x/tools v0.1.7/go.mod h1:LGqMHiF4EqQNHR1JncWGqT5BVaXmza+X+BDGol+dOxo=
 golang.org/x/xerrors v0.0.0-20190717185122-a985d3407aa7/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
 golang.org/x/xerrors v0.0.0-20191011141410-1b5146add898/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
 golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
@@ -2778,20 +2423,15 @@ google.golang.org/api v0.19.0/go.mod h1:BwFmGc8tA3vsd7r/7kR8DY7iEEGSU04BFxCo5jP/
 google.golang.org/api v0.20.0/go.mod h1:BwFmGc8tA3vsd7r/7kR8DY7iEEGSU04BFxCo5jP/sfE=
 google.golang.org/api v0.22.0/go.mod h1:BwFmGc8tA3vsd7r/7kR8DY7iEEGSU04BFxCo5jP/sfE=
 google.golang.org/api v0.24.0/go.mod h1:lIXQywCXRcnZPGlsd8NbLnOjtAoL6em04bJ9+z0MncE=
-google.golang.org/api v0.26.0/go.mod h1:lIXQywCXRcnZPGlsd8NbLnOjtAoL6em04bJ9+z0MncE=
 google.golang.org/api v0.28.0/go.mod h1:lIXQywCXRcnZPGlsd8NbLnOjtAoL6em04bJ9+z0MncE=
 google.golang.org/api v0.29.0/go.mod h1:Lcubydp8VUV7KeIHD9z2Bys/sm/vGKnG1UHuDBSrHWM=
 google.golang.org/api v0.30.0/go.mod h1:QGmEvQ87FHZNiUVJkT14jQNYJ4ZJjdRF23ZXz5138Fc=
-google.golang.org/api v0.32.0/go.mod h1:/XrVsuzM0rZmrsbjJutiuftIzeuTQcEeaYcSk/mQ1dg=
 google.golang.org/api v0.35.0/go.mod h1:/XrVsuzM0rZmrsbjJutiuftIzeuTQcEeaYcSk/mQ1dg=
 google.golang.org/api v0.36.0/go.mod h1:+z5ficQTmoYpPn8LCUNVpK5I7hwkpjbcgqA7I34qYtE=
-google.golang.org/api v0.39.0/go.mod h1:fYKFpnQN0DsDSKRVRcQSDQNtqWPfM9i+zNPxepjRCQ8=
 google.golang.org/api v0.40.0/go.mod h1:fYKFpnQN0DsDSKRVRcQSDQNtqWPfM9i+zNPxepjRCQ8=
 google.golang.org/api v0.41.0/go.mod h1:RkxM5lITDfTzmyKFPt+wGrCJbVfniCr2ool8kTBzRTU=
-google.golang.org/api v0.42.0/go.mod h1:+Oj4s6ch2SEGtPjGqfUfZonBH0GjQH89gTeKKAEGZKI=
 google.golang.org/api v0.43.0/go.mod h1:nQsDGjRXMo4lvh5hP0TKqF244gqhGcr/YSIykhUk/94=
 google.golang.org/api v0.44.0/go.mod h1:EBOGZqzyhtvMDoxwS97ctnh0zUmYY6CxqXsc1AvkYD8=
-google.golang.org/api v0.46.0/go.mod h1:ceL4oozhkAiTID8XMmJBsIxID/9wMXJVVFXPg4ylg3I=
 google.golang.org/api v0.47.0/go.mod h1:Wbvgpq1HddcWVtzsVLyfLp8lDg6AA241LmgIL59tHXo=
 google.golang.org/api v0.48.0/go.mod h1:71Pr1vy+TAZRPkPs/xlCf5SsU8WjuAWv1Pfjbtukyy4=
 google.golang.org/api v0.50.0/go.mod h1:4bNT5pAuq5ji4SRZm+5QIkjny9JAyVD/3gaSihNefaw=
@@ -2800,8 +2440,9 @@ google.golang.org/api v0.54.0/go.mod h1:7C4bFFOvVDGXjfDTAsgGwDgAxRDeQ4X8NvUedIt6
 google.golang.org/api v0.55.0/go.mod h1:38yMfeP1kfjsl8isn0tliTjIb1rJXcQi4UXlbqivdVE=
 google.golang.org/api v0.56.0/go.mod h1:38yMfeP1kfjsl8isn0tliTjIb1rJXcQi4UXlbqivdVE=
 google.golang.org/api v0.57.0/go.mod h1:dVPlbZyBo2/OjBpmvNdpn2GRm6rPy75jyU7bmhdrMgI=
-google.golang.org/api v0.58.0 h1:MDkAbYIB1JpSgCTOCYYoIec/coMlKK4oVbpnBLLcyT0=
 google.golang.org/api v0.58.0/go.mod h1:cAbP2FsxoGVNwtgNAmmn3y5G1TWAiVYRmg4yku3lv+E=
+google.golang.org/api v0.60.0 h1:eq/zs5WPH4J9undYM9IP1O7dSr7Yh8Y0GtSCpzGzIUk=
+google.golang.org/api v0.60.0/go.mod h1:d7rl65NZAkEQ90JFzqBjcRq1TVeG5ZoGV3sSpEnnVb4=
 google.golang.org/appengine v1.2.0/go.mod h1:xpcJRLb0r/rnEns0DIKYYv+WjYCduHsrkT7/EB5XEv4=
 google.golang.org/appengine v1.3.0/go.mod h1:xpcJRLb0r/rnEns0DIKYYv+WjYCduHsrkT7/EB5XEv4=
 google.golang.org/appengine v1.4.0/go.mod h1:xpcJRLb0r/rnEns0DIKYYv+WjYCduHsrkT7/EB5XEv4=
@@ -2814,7 +2455,6 @@ google.golang.org/appengine v1.6.7/go.mod h1:8WjMMxjGQR8xUklV/ARdw2HLXBOI7O7uCID
 google.golang.org/cloud v0.0.0-20151119220103-975617b05ea8/go.mod h1:0H1ncTHf11KCFhTc/+EFRbzSCOZx+VUbRMk55Yv5MYk=
 google.golang.org/genproto v0.0.0-20170818010345-ee236bd376b0/go.mod h1:JiN7NxoALGmiZfu7CAH4rXhgtRTLTxftemlI0sWmxmc=
 google.golang.org/genproto v0.0.0-20180518175338-11a468237815/go.mod h1:JiN7NxoALGmiZfu7CAH4rXhgtRTLTxftemlI0sWmxmc=
-google.golang.org/genproto v0.0.0-20180608181217-32ee49c4dd80/go.mod h1:JiN7NxoALGmiZfu7CAH4rXhgtRTLTxftemlI0sWmxmc=
 google.golang.org/genproto v0.0.0-20180817151627-c66870c02cf8/go.mod h1:JiN7NxoALGmiZfu7CAH4rXhgtRTLTxftemlI0sWmxmc=
 google.golang.org/genproto v0.0.0-20190307195333-5fe7a883aa19/go.mod h1:VzzqZJRnGkLBvHegQrXjBqPurQTc5/KpmUdxsrq26oE=
 google.golang.org/genproto v0.0.0-20190404172233-64821d5d2107/go.mod h1:VzzqZJRnGkLBvHegQrXjBqPurQTc5/KpmUdxsrq26oE=
@@ -2828,7 +2468,6 @@ google.golang.org/genproto v0.0.0-20190801165951-fa694d86fc64/go.mod h1:DMBHOl98
 google.golang.org/genproto v0.0.0-20190819201941-24fa4b261c55/go.mod h1:DMBHOl98Agz4BDEuKkezgsaosCRResVns1a3J2ZsMNc=
 google.golang.org/genproto v0.0.0-20190911173649-1774047e7e51/go.mod h1:IbNlFCBrqXvoKpeg0TB2l7cyZUmoaFKYIwrEpbDKLA8=
 google.golang.org/genproto v0.0.0-20190927181202-20e1ac93f88c/go.mod h1:IbNlFCBrqXvoKpeg0TB2l7cyZUmoaFKYIwrEpbDKLA8=
-google.golang.org/genproto v0.0.0-20191028173616-919d9bdd9fe6/go.mod h1:n3cpQtvxv34hfy77yVDNjmbRyujviMdxYliBSkLhpCc=
 google.golang.org/genproto v0.0.0-20191108220845-16a3f7862a1a/go.mod h1:n3cpQtvxv34hfy77yVDNjmbRyujviMdxYliBSkLhpCc=
 google.golang.org/genproto v0.0.0-20191115194625-c23dd37a84c9/go.mod h1:n3cpQtvxv34hfy77yVDNjmbRyujviMdxYliBSkLhpCc=
 google.golang.org/genproto v0.0.0-20191216164720-4f79533eabd1/go.mod h1:n3cpQtvxv34hfy77yVDNjmbRyujviMdxYliBSkLhpCc=
@@ -2851,13 +2490,10 @@ google.golang.org/genproto v0.0.0-20200511104702-f5ebc3bea380/go.mod h1:55QSHmfG
 google.golang.org/genproto v0.0.0-20200513103714-09dca8ec2884/go.mod h1:55QSHmfGQM9UVYDPBsyGGes0y52j32PQ3BqQfXhyH3c=
 google.golang.org/genproto v0.0.0-20200515170657-fc4c6c6a6587/go.mod h1:YsZOwe1myG/8QRHRsmBRE1LrgQY60beZKjly0O1fX9U=
 google.golang.org/genproto v0.0.0-20200526211855-cb27e3aa2013/go.mod h1:NbSheEEYHJ7i3ixzK3sjbqSGDJWnxyFXZblF3eUsNvo=
-google.golang.org/genproto v0.0.0-20200603110839-e855014d5736/go.mod h1:jDfRM7FcilCzHH/e9qn6dsT145K34l5v+OpcnNgKAAA=
 google.golang.org/genproto v0.0.0-20200618031413-b414f8b61790/go.mod h1:jDfRM7FcilCzHH/e9qn6dsT145K34l5v+OpcnNgKAAA=
-google.golang.org/genproto v0.0.0-20200710124503-20a17af7bd0e/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no=
-google.golang.org/genproto v0.0.0-20200724131911-43cab4749ae7/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no=
 google.golang.org/genproto v0.0.0-20200729003335-053ba62fc06f/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no=
 google.golang.org/genproto v0.0.0-20200804131852-c06518451d9c/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no=
-google.golang.org/genproto v0.0.0-20200815001618-f69a88009b70/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no=
+google.golang.org/genproto v0.0.0-20200806141610-86f49bd18e98/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no=
 google.golang.org/genproto v0.0.0-20200825200019-8632dd797987/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no=
 google.golang.org/genproto v0.0.0-20200904004341-0bd0a958aa1d/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no=
 google.golang.org/genproto v0.0.0-20201019141844-1ed22bb0c154/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no=
@@ -2869,10 +2505,8 @@ google.golang.org/genproto v0.0.0-20201214200347-8c77b98c765d/go.mod h1:FWY/as6D
 google.golang.org/genproto v0.0.0-20210222152913-aa3ee6e6a81c/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no=
 google.golang.org/genproto v0.0.0-20210303154014-9728d6b83eeb/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no=
 google.golang.org/genproto v0.0.0-20210310155132-4ce2db91004e/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no=
-google.golang.org/genproto v0.0.0-20210312152112-fc591d9ea70f/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no=
 google.golang.org/genproto v0.0.0-20210319143718-93e7006c17a6/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no=
 google.golang.org/genproto v0.0.0-20210402141018-6c239bbf2bb1/go.mod h1:9lPAdzaEmUacj36I+k7YKbEc5CXzPIeORRgDAUOu28A=
-google.golang.org/genproto v0.0.0-20210429181445-86c259c2b4ab/go.mod h1:P3QM42oQyzQSnHPnZ/vqoCdDmzH28fzWByN9asMeM8A=
 google.golang.org/genproto v0.0.0-20210513213006-bf773b8c8384/go.mod h1:P3QM42oQyzQSnHPnZ/vqoCdDmzH28fzWByN9asMeM8A=
 google.golang.org/genproto v0.0.0-20210602131652-f16073e35f0c/go.mod h1:UODoCrxHCcBojKKwX1terBiRUaqAsFqJiF615XL43r0=
 google.golang.org/genproto v0.0.0-20210604141403-392c879c8b08/go.mod h1:UODoCrxHCcBojKKwX1terBiRUaqAsFqJiF615XL43r0=
@@ -2890,11 +2524,14 @@ google.golang.org/genproto v0.0.0-20210903162649-d08c68adba83/go.mod h1:eFjDcFEc
 google.golang.org/genproto v0.0.0-20210909211513-a8c4777a87af/go.mod h1:eFjDcFEctNawg4eG61bRv87N7iHBWyVhJu7u1kqDUXY=
 google.golang.org/genproto v0.0.0-20210917145530-b395a37504d4/go.mod h1:eFjDcFEctNawg4eG61bRv87N7iHBWyVhJu7u1kqDUXY=
 google.golang.org/genproto v0.0.0-20210924002016-3dee208752a0/go.mod h1:5CzLGKJ67TSI2B9POpiiyGha0AjJvZIUgRMt1dSmuhc=
-google.golang.org/genproto v0.0.0-20211016002631-37fc39342514 h1:Rp1vYDPD4TdkMH5S/bZbopsGCsWhPcrLBUwOVhAQCxM=
 google.golang.org/genproto v0.0.0-20211016002631-37fc39342514/go.mod h1:5CzLGKJ67TSI2B9POpiiyGha0AjJvZIUgRMt1dSmuhc=
-google.golang.org/grpc v1.33.3 h1:VaMn+f1s2DUcJW/nvLfhZqlRl4dWwbZ5GwmAGs823ac=
-google.golang.org/grpc v1.33.3/go.mod h1:JMHMWHQWaTccqQQlmk3MJZS+GWXOdAesneDmEnv2fbc=
+google.golang.org/genproto v0.0.0-20211021150943-2b146023228c/go.mod h1:5CzLGKJ67TSI2B9POpiiyGha0AjJvZIUgRMt1dSmuhc=
+google.golang.org/genproto v0.0.0-20211129164237-f09f9a12af12 h1:DN5b3HU13J4sMd/QjDx34U6afpaexKTDdop+26pdjdk=
+google.golang.org/genproto v0.0.0-20211129164237-f09f9a12af12/go.mod h1:5CzLGKJ67TSI2B9POpiiyGha0AjJvZIUgRMt1dSmuhc=
+google.golang.org/grpc v1.38.0 h1:/9BgsAsa5nWe26HqOlvlgJnqBuktYOLCgjCPqsa56W0=
+google.golang.org/grpc v1.38.0/go.mod h1:NREThFqKR1f3iQ6oBuvc5LadQuXVGo9rkm5ZGrQdJfM=
 google.golang.org/grpc/cmd/protoc-gen-go-grpc v1.1.0/go.mod h1:6Kw0yEErY5E/yWrBtf03jp27GLLJujG4z/JK95pnjjw=
+google.golang.org/grpc/examples v0.0.0-20211119005141-f45e61797429/go.mod h1:gID3PKrg7pWKntu9Ss6zTLJ0ttC0X9IHgREOCZwbCVU=
 google.golang.org/protobuf v0.0.0-20200109180630-ec00e32a8dfd/go.mod h1:DFci5gLYBciE7Vtevhsrf46CRTquxDuWsQurQQe4oz8=
 google.golang.org/protobuf v0.0.0-20200221191635-4d8936d0db64/go.mod h1:kwYJMbMJ01Woi6D6+Kah6886xMZcty6N08ah7+eCXa0=
 google.golang.org/protobuf v0.0.0-20200228230310-ab0ca4ff8a60/go.mod h1:cfTl7dwQJ+fmap5saPgwCLgHXTUD7jkjRqWcaiX5VyM=
@@ -2924,17 +2561,13 @@ gopkg.in/cheggaaa/pb.v1 v1.0.25/go.mod h1:V/YB90LKu/1FcN3WVnfiiE5oMCibMjukxqG/qS
 gopkg.in/errgo.v2 v2.1.0/go.mod h1:hNsd1EY+bozCKY1Ytp96fpM3vjJbqLJn88ws8XvfDNI=
 gopkg.in/fsnotify.v1 v1.4.7 h1:xOHLXZwVvI9hhs+cLKq5+I5onOuwQLhQwiu63xxlHs4=
 gopkg.in/fsnotify.v1 v1.4.7/go.mod h1:Tz8NjZHkW78fSQdbUxIjBTcgA1z1m8ZHf0WmKUhAMys=
-gopkg.in/fsnotify/fsnotify.v1 v1.4.7 h1:XNNYLJHt73EyYiCZi6+xjupS9CpvmiDgjPTAjrBlQbo=
 gopkg.in/fsnotify/fsnotify.v1 v1.4.7/go.mod h1:Fyux9zXlo4rWoMSIzpn9fDAYjalPqJ/K1qJ27s+7ltE=
 gopkg.in/gcfg.v1 v1.2.3/go.mod h1:yesOnuUOFQAhST5vPY4nbZsb/huCgGGXlipJsBn0b3o=
 gopkg.in/gemnasium/logrus-airbrake-hook.v2 v2.1.2/go.mod h1:Xk6kEKp8OKb+X14hQBKWaSkCsqBpgog8nAV2xsGOxlo=
 gopkg.in/go-playground/assert.v1 v1.2.1/go.mod h1:9RXL0bg/zibRAgZUYszZSwO/z8Y/a8bDuhia5mkpMnE=
 gopkg.in/go-playground/validator.v9 v9.29.1/go.mod h1:+c9/zcJMFNgbLvly1L1V+PpxWdVbfP1avr/N00E2vyQ=
-gopkg.in/inf.v0 v0.9.0/go.mod h1:cWUDdTG/fYaXco+Dcufb5Vnc6Gp2YChqWtbxRZE0mXw=
 gopkg.in/inf.v0 v0.9.1 h1:73M5CoZyi3ZLMOyDlQh031Cx6N9NDJ2Vvfl76EDAgDc=
 gopkg.in/inf.v0 v0.9.1/go.mod h1:cWUDdTG/fYaXco+Dcufb5Vnc6Gp2YChqWtbxRZE0mXw=
-gopkg.in/ini.v1 v1.42.0/go.mod h1:pNLf8WUiyNEtQjuu5G5vTm06TEv9tsIgeAvK8hOrP4k=
-gopkg.in/ini.v1 v1.51.0/go.mod h1:pNLf8WUiyNEtQjuu5G5vTm06TEv9tsIgeAvK8hOrP4k=
 gopkg.in/ini.v1 v1.57.0/go.mod h1:pNLf8WUiyNEtQjuu5G5vTm06TEv9tsIgeAvK8hOrP4k=
 gopkg.in/ini.v1 v1.62.0/go.mod h1:pNLf8WUiyNEtQjuu5G5vTm06TEv9tsIgeAvK8hOrP4k=
 gopkg.in/ini.v1 v1.63.2 h1:tGK/CyBg7SMzb60vP1M03vNZ3VDu3wGQJwn7Sxi9r3c=
@@ -2958,9 +2591,7 @@ gopkg.in/yaml.v2 v2.2.8/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI=
 gopkg.in/yaml.v2 v2.3.0/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI=
 gopkg.in/yaml.v2 v2.4.0 h1:D8xgwECY7CYvx+Y2n4sBz93Jn9JRvxdiyyo8CTfuKaY=
 gopkg.in/yaml.v2 v2.4.0/go.mod h1:RDklbk79AGWmwhnvt/jBztapEOGDOx6ZbXqjP6csGnQ=
-gopkg.in/yaml.v3 v3.0.0-20191120175047-4206685974f2/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=
 gopkg.in/yaml.v3 v3.0.0-20200313102051-9f266ea9e77c/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=
-gopkg.in/yaml.v3 v3.0.0-20200603094226-e3079894b1e8/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=
 gopkg.in/yaml.v3 v3.0.0-20200605160147-a5ece683394c/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=
 gopkg.in/yaml.v3 v3.0.0-20200615113413-eeeca48fe776/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=
 gopkg.in/yaml.v3 v3.0.0-20210107192922-496545a6307b h1:h8qDotaEPuJATrMmW04NCwg7v22aHH28wwpauUhK9Oo=
@@ -2978,24 +2609,12 @@ honnef.co/go/tools v0.0.1-2020.1.4/go.mod h1:X/FiERA/W4tHapMX5mGpAtMSVEeEUOyHaw9
 howett.net/plist v0.0.0-20181124034731-591f970eefbb/go.mod h1:vMygbs4qMhSZSc4lCUl2OEE+rDiIIJAIdR4m7MiMcm0=
 k8s.io/api v0.20.4 h1:xZjKidCirayzX6tHONRQyTNDVIR55TYVqgATqo6ZULY=
 k8s.io/api v0.20.4/go.mod h1:++lNL1AJMkDymriNniQsWRkMDzRaX2Y/POTUi8yvqYQ=
-k8s.io/apimachinery v0.0.0-20190809020650-423f5d784010/go.mod h1:Waf/xTS2FGRrgXCkO5FP3XxTOWh0qLf2QhL1qFZZ/R8=
-k8s.io/apimachinery v0.0.0-20191115015347-3c7067801da2/go.mod h1:dXFS2zaQR8fyzuvRdJDHw2Aerij/yVGJSre0bZQSVJA=
 k8s.io/apimachinery v0.17.5/go.mod h1:ioIo1G/a+uONV7Tv+ZmCbMG1/a3kVw5YcDdncd8ugQ0=
-k8s.io/apimachinery v0.18.3/go.mod h1:OaXp26zu/5J7p0f92ASynJa1pZo06YlV9fG7BoWbCko=
-k8s.io/apimachinery v0.18.5/go.mod h1:OaXp26zu/5J7p0f92ASynJa1pZo06YlV9fG7BoWbCko=
-k8s.io/apimachinery v0.18.6/go.mod h1:OaXp26zu/5J7p0f92ASynJa1pZo06YlV9fG7BoWbCko=
-k8s.io/apimachinery v0.18.8/go.mod h1:6sQd+iHEqmOtALqOFjSWp2KZ9F0wlU/nWm0ZgsYWMig=
-k8s.io/apimachinery v0.19.2/go.mod h1:DnPGDnARWFvYa3pMHgSxtbZb7gpzzAZ1pTfaUNDVlmA=
-k8s.io/apimachinery v0.19.4/go.mod h1:DnPGDnARWFvYa3pMHgSxtbZb7gpzzAZ1pTfaUNDVlmA=
 k8s.io/apimachinery v0.20.1/go.mod h1:WlLqWAHZGg07AeltaI0MV5uk1Omp8xaN0JGLY6gkRpU=
-k8s.io/apimachinery v0.20.2/go.mod h1:WlLqWAHZGg07AeltaI0MV5uk1Omp8xaN0JGLY6gkRpU=
 k8s.io/apimachinery v0.20.4/go.mod h1:WlLqWAHZGg07AeltaI0MV5uk1Omp8xaN0JGLY6gkRpU=
-k8s.io/apimachinery v0.20.5/go.mod h1:WlLqWAHZGg07AeltaI0MV5uk1Omp8xaN0JGLY6gkRpU=
 k8s.io/apimachinery v0.20.6/go.mod h1:ejZXtW1Ra6V1O5H8xPBGz+T3+4gfkTCeExAHKU57MAc=
-k8s.io/apimachinery v0.21.0/go.mod h1:jbreFvJo3ov9rj7eWT7+sYiRx+qZuCYXwWT1bcDswPY=
-k8s.io/apimachinery v0.21.1/go.mod h1:jbreFvJo3ov9rj7eWT7+sYiRx+qZuCYXwWT1bcDswPY=
-k8s.io/apimachinery v0.22.1 h1:DTARnyzmdHMz7bFWFDDm22AM4pLWTQECMpRTFu2d2OM=
-k8s.io/apimachinery v0.22.1/go.mod h1:O3oNtNadZdeOMxHFVxOreoznohCpy0z6mocxbZr7oJ0=
+k8s.io/apimachinery v0.22.4 h1:9uwcvPpukBw/Ri0EUmWz+49cnFtaoiyEhQTK+xOe7Ck=
+k8s.io/apimachinery v0.22.4/go.mod h1:yU6oA6Gnax9RrxGzVvPFFJ+mpnW6PBSqp0sx0I0HHW0=
 k8s.io/apiserver v0.20.1/go.mod h1:ro5QHeQkgMS7ZGpvf4tSMx6bBOgPfE+f52KwvXfScaU=
 k8s.io/apiserver v0.20.4/go.mod h1:Mc80thBKOyy7tbvFtB4kJv1kbdD0eIH8k8vianJcbFM=
 k8s.io/apiserver v0.20.6/go.mod h1:QIJXNt6i6JB+0YQRNcS0hdRHJlMhflFmsBDeSgT1r8Q=
@@ -3011,32 +2630,17 @@ k8s.io/cri-api v0.20.6/go.mod h1:ew44AjNXwyn1s0U4xCKGodU7J1HzBeZ1MpGrpa5r8Yc=
 k8s.io/gengo v0.0.0-20190128074634-0689ccc1d7d6/go.mod h1:ezvh/TsK7cY6rbqRK0oQQ8IAqLxYwwyPxAX1Pzy0ii0=
 k8s.io/gengo v0.0.0-20200413195148-3a45101e95ac/go.mod h1:ezvh/TsK7cY6rbqRK0oQQ8IAqLxYwwyPxAX1Pzy0ii0=
 k8s.io/klog v0.0.0-20181102134211-b9b56d5dfc92/go.mod h1:Gq+BEi5rUBO/HRz0bTSXDUcqjScdoY3a9IHpCEIOOfk=
-k8s.io/klog v0.3.0/go.mod h1:Gq+BEi5rUBO/HRz0bTSXDUcqjScdoY3a9IHpCEIOOfk=
-k8s.io/klog v0.3.1/go.mod h1:Gq+BEi5rUBO/HRz0bTSXDUcqjScdoY3a9IHpCEIOOfk=
-k8s.io/klog v0.4.0/go.mod h1:4Bi6QPql/J/LkTDqv7R/cd3hPo4k2DG6Ptcz060Ez5I=
 k8s.io/klog v1.0.0 h1:Pt+yjF5aB1xDSVbau4VsWe+dQNzA0qv1LlXdC2dF6Q8=
 k8s.io/klog v1.0.0/go.mod h1:4Bi6QPql/J/LkTDqv7R/cd3hPo4k2DG6Ptcz060Ez5I=
 k8s.io/klog/v2 v2.0.0/go.mod h1:PBfzABfn139FHAV07az/IF9Wp1bkk3vpT2XSJ76fSDE=
-k8s.io/klog/v2 v2.2.0/go.mod h1:Od+F08eJP+W3HUb4pSrPpgp9DGU4GzlpG/TmITuYh/Y=
-k8s.io/klog/v2 v2.3.0/go.mod h1:Od+F08eJP+W3HUb4pSrPpgp9DGU4GzlpG/TmITuYh/Y=
 k8s.io/klog/v2 v2.4.0/go.mod h1:Od+F08eJP+W3HUb4pSrPpgp9DGU4GzlpG/TmITuYh/Y=
-k8s.io/klog/v2 v2.5.0/go.mod h1:hy9LJ/NvuK+iVyP4Ehqva4HxZG/oXyIS3n3Jmire4Ec=
-k8s.io/klog/v2 v2.8.0/go.mod h1:hy9LJ/NvuK+iVyP4Ehqva4HxZG/oXyIS3n3Jmire4Ec=
 k8s.io/klog/v2 v2.9.0/go.mod h1:hy9LJ/NvuK+iVyP4Ehqva4HxZG/oXyIS3n3Jmire4Ec=
-k8s.io/klog/v2 v2.10.0 h1:R2HDMDJsHVTHA2n4RjwbeYXdOcBymXdX/JRb1v0VGhE=
-k8s.io/klog/v2 v2.10.0/go.mod h1:hy9LJ/NvuK+iVyP4Ehqva4HxZG/oXyIS3n3Jmire4Ec=
-k8s.io/kube-openapi v0.0.0-20190709113604-33be087ad058/go.mod h1:nfDlWeOsu3pUf4yWGL+ERqohP4YsZcBJXWMK+gkzOA4=
-k8s.io/kube-openapi v0.0.0-20190722073852-5e22f3d471e6/go.mod h1:RZvgC8MSN6DjiMV6oIfEE9pDL9CYXokkfaCKZeHm3nc=
-k8s.io/kube-openapi v0.0.0-20191107075043-30be4d16710a/go.mod h1:1TqjTSzOxsLGIKfj0lK8EeCP7K1iUG65v09OM0/WG5E=
+k8s.io/klog/v2 v2.20.0 h1:tlyxlSvd63k7axjhuchckaRJm+a92z5GSOrTOQY5sHw=
+k8s.io/klog/v2 v2.20.0/go.mod h1:Gm8eSIfQN6457haJuPaMxZw4wyP5k+ykPFlrhQDvhvw=
 k8s.io/kube-openapi v0.0.0-20200316234421-82d701f24f9d/go.mod h1:F+5wygcW0wmRTnM3cOgIqGivxkwSWIWT5YdsDbeAOaU=
-k8s.io/kube-openapi v0.0.0-20200410145947-61e04a5be9a6/go.mod h1:GRQhZsXIAJ1xR0C9bd8UpWHZ5plfAS9fzPjJuQ6JL3E=
-k8s.io/kube-openapi v0.0.0-20200805222855-6aeccd4b50c6/go.mod h1:UuqjUnNftUyPE5H64/qeyjQoUZhGpeFDVdxjTeEVN2o=
 k8s.io/kube-openapi v0.0.0-20201113171705-d219536bb9fd/go.mod h1:WOJ3KddDSol4tAGcJo0Tvi+dK12EcqSLqcWsryKMpfM=
-k8s.io/kube-openapi v0.0.0-20210305001622-591a79e4bda7/go.mod h1:wXW5VT87nVfh/iLV8FpR2uDvrFyomxbtb1KivDbvPTE=
-k8s.io/kube-openapi v0.0.0-20210421082810-95288971da7e/go.mod h1:vHXdDvt9+2spS2Rx9ql3I8tycm3H9FDfdUoIuKCefvw=
+k8s.io/kube-openapi v0.0.0-20211109043538-20434351676c/go.mod h1:vHXdDvt9+2spS2Rx9ql3I8tycm3H9FDfdUoIuKCefvw=
 k8s.io/kubernetes v1.13.0/go.mod h1:ocZa8+6APFNC2tX1DZASIbocyYT5jHzqFVsY5aoB7Jk=
-k8s.io/utils v0.0.0-20190809000727-6c36bc71fc4a/go.mod h1:sZAwmy6armz5eXlNoLmJcl4F1QuKu7sr+mFQ0byX7Ew=
-k8s.io/utils v0.0.0-20191114200735-6ca3b61696b6/go.mod h1:sZAwmy6armz5eXlNoLmJcl4F1QuKu7sr+mFQ0byX7Ew=
 k8s.io/utils v0.0.0-20200414100711-2df71ebbae66/go.mod h1:jPW/WVKK9YHAvNhRxK0md/EJ228hCsBRufyofKtW8HA=
 k8s.io/utils v0.0.0-20201110183641-67b214c5f920 h1:CbnUZsM497iRC5QMVkHwyl8s2tB3g7yaSHkYPkpgelw=
 k8s.io/utils v0.0.0-20201110183641-67b214c5f920/go.mod h1:jPW/WVKK9YHAvNhRxK0md/EJ228hCsBRufyofKtW8HA=
@@ -3047,15 +2651,9 @@ rsc.io/quote/v3 v3.1.0/go.mod h1:yEA65RcK8LyAZtP9Kv3t0HmxON59tX3rD+tICJqUlj0=
 rsc.io/sampler v1.3.0/go.mod h1:T1hPZKmBbMNahiBKFy5HrXp6adAjACjK9JXDnKaTXpA=
 sigs.k8s.io/apiserver-network-proxy/konnectivity-client v0.0.14/go.mod h1:LEScyzhFmoF5pso/YSeBstl57mOzx9xlU9n85RGrDQg=
 sigs.k8s.io/apiserver-network-proxy/konnectivity-client v0.0.15/go.mod h1:LEScyzhFmoF5pso/YSeBstl57mOzx9xlU9n85RGrDQg=
-sigs.k8s.io/structured-merge-diff v0.0.0-20190525122527-15d366b2352e h1:4Z09Hglb792X0kfOBBJUPFEyvVfQWrYT/l8h5EKA6JQ=
-sigs.k8s.io/structured-merge-diff v0.0.0-20190525122527-15d366b2352e/go.mod h1:wWxsB5ozmmv/SG7nM11ayaAW51xMvak/t1r0CSlcokI=
 sigs.k8s.io/structured-merge-diff/v2 v2.0.1/go.mod h1:Wb7vfKAodbKgf6tn1Kl0VvGj7mRH6DGaRcixXEJXTsE=
-sigs.k8s.io/structured-merge-diff/v3 v3.0.0-20200116222232-67a7b8c61874/go.mod h1:PlARxl6Hbt/+BC80dRLi1qAmnMqwqDg62YvvVkZjemw=
-sigs.k8s.io/structured-merge-diff/v3 v3.0.0/go.mod h1:PlARxl6Hbt/+BC80dRLi1qAmnMqwqDg62YvvVkZjemw=
-sigs.k8s.io/structured-merge-diff/v4 v4.0.1/go.mod h1:bJZC9H9iH24zzfZ/41RGcq60oK1F7G282QMXDPYydCw=
 sigs.k8s.io/structured-merge-diff/v4 v4.0.2/go.mod h1:bJZC9H9iH24zzfZ/41RGcq60oK1F7G282QMXDPYydCw=
 sigs.k8s.io/structured-merge-diff/v4 v4.0.3/go.mod h1:bJZC9H9iH24zzfZ/41RGcq60oK1F7G282QMXDPYydCw=
-sigs.k8s.io/structured-merge-diff/v4 v4.1.0/go.mod h1:bJZC9H9iH24zzfZ/41RGcq60oK1F7G282QMXDPYydCw=
 sigs.k8s.io/structured-merge-diff/v4 v4.1.2 h1:Hr/htKFmJEbtMgS/UD0N+gtgctAqz81t3nu+sPzynno=
 sigs.k8s.io/structured-merge-diff/v4 v4.1.2/go.mod h1:j/nl6xW8vLS49O8YvXW1ocPhZawJtm+Yrr7PPRQ0Vg4=
 sigs.k8s.io/yaml v1.1.0/go.mod h1:UJmg0vDUVViEyp3mgSv9WPwZCDxu4rQW1olrI1uml+o=
diff --git a/integration/e2e/e2e_test.go b/integration/e2e/e2e_test.go
index 1c604bfb8cb..b83f4b393a1 100644
--- a/integration/e2e/e2e_test.go
+++ b/integration/e2e/e2e_test.go
@@ -13,7 +13,7 @@ import (
 	cortex_e2e_db "github.com/cortexproject/cortex/integration/e2e/db"
 	jaeger_grpc "github.com/jaegertracing/jaeger/cmd/agent/app/reporter/grpc"
 	thrift "github.com/jaegertracing/jaeger/thrift-gen/jaeger"
-	"github.com/prometheus/prometheus/pkg/labels"
+	"github.com/prometheus/prometheus/model/labels"
 	"github.com/stretchr/testify/require"
 	"go.uber.org/zap"
 	"google.golang.org/grpc"
diff --git a/integration/e2e/limits_test.go b/integration/e2e/limits_test.go
index 430b98651ab..d466dd1bdb1 100644
--- a/integration/e2e/limits_test.go
+++ b/integration/e2e/limits_test.go
@@ -5,7 +5,7 @@ import (
 	"testing"
 
 	util "github.com/grafana/tempo/integration"
-	"github.com/prometheus/prometheus/pkg/labels"
+	"github.com/prometheus/prometheus/model/labels"
 
 	cortex_e2e "github.com/cortexproject/cortex/integration/e2e"
 	"github.com/stretchr/testify/require"
diff --git a/integration/e2e/serverless_test.go b/integration/e2e/serverless_test.go
index 5eefdae3b4a..437d0656433 100644
--- a/integration/e2e/serverless_test.go
+++ b/integration/e2e/serverless_test.go
@@ -8,7 +8,7 @@ import (
 	cortex_e2e_db "github.com/cortexproject/cortex/integration/e2e/db"
 	util "github.com/grafana/tempo/integration"
 	tempoUtil "github.com/grafana/tempo/pkg/util"
-	"github.com/prometheus/prometheus/pkg/labels"
+	"github.com/prometheus/prometheus/model/labels"
 	"github.com/stretchr/testify/require"
 )
 
diff --git a/modules/distributor/distributor.go b/modules/distributor/distributor.go
index 8846054b8b2..e1effc44135 100644
--- a/modules/distributor/distributor.go
+++ b/modules/distributor/distributor.go
@@ -27,6 +27,7 @@ import (
 	"github.com/grafana/tempo/modules/distributor/receiver"
 	ingester_client "github.com/grafana/tempo/modules/ingester/client"
 	"github.com/grafana/tempo/modules/overrides"
+	_ "github.com/grafana/tempo/pkg/gogocodec" // force gogo codec registration
 	"github.com/grafana/tempo/pkg/tempopb"
 	v1 "github.com/grafana/tempo/pkg/tempopb/trace/v1"
 	"github.com/grafana/tempo/pkg/util"
diff --git a/modules/ingester/ingester.go b/modules/ingester/ingester.go
index 67d7e5f88c7..3c60db6b22d 100644
--- a/modules/ingester/ingester.go
+++ b/modules/ingester/ingester.go
@@ -24,6 +24,7 @@ import (
 	"github.com/grafana/tempo/modules/overrides"
 	"github.com/grafana/tempo/modules/storage"
 	"github.com/grafana/tempo/pkg/flushqueues"
+	_ "github.com/grafana/tempo/pkg/gogocodec" // force gogo codec registration
 	"github.com/grafana/tempo/pkg/tempopb"
 	"github.com/grafana/tempo/pkg/validation"
 	"github.com/grafana/tempo/tempodb/backend"
diff --git a/pkg/gogocodec/gogocodec.go b/pkg/gogocodec/gogocodec.go
new file mode 100644
index 00000000000..6506aed81b0
--- /dev/null
+++ b/pkg/gogocodec/gogocodec.go
@@ -0,0 +1,75 @@
+// This is copied over from Jaeger and modified to work for Tempo
+
+// Upgrading to grpc 1.38.0 broke compatibility with gogoproto.customtype. (https://github.com/grpc/grpc-go/issues/4192)
+// We use a customtype in the ingesters to pre-allocate byte slices that are reused for requests.
+// Similarly Jaeger and Cortex use gogo's custom types for efficiency.
+// gogoproto codec is needed only if a custom type (for ex: PreallocBytes) is used directly in a request-response object.
+// The codec defined in this package allows us to choose gogo marshalling/unmarshalling for specific structs (Tempo/Jaeger/Cortex) only.
+
+package gogocodec
+
+import (
+	"reflect"
+	"strings"
+
+	gogoproto "github.com/gogo/protobuf/proto"
+	"google.golang.org/grpc/encoding"
+	"google.golang.org/protobuf/proto"
+)
+
+const (
+	tempoProtoGenPkgPath  = "github.com/grafana/tempo/pkg/tempopb"
+	cortexPath            = "github.com/cortexproject/cortex"
+	jaegerProtoGenPkgPath = "github.com/jaegertracing/jaeger/proto-gen"
+	jaegerModelPkgPath    = "github.com/jaegertracing/jaeger/model"
+)
+
+func init() {
+	encoding.RegisterCodec(newCodec())
+}
+
+// gogoCodec forces the use of gogo proto marshalling/unmarshalling for Tempo/Cortex/Jaeger structs
+type gogoCodec struct {
+}
+
+var _ encoding.Codec = (*gogoCodec)(nil)
+
+func newCodec() *gogoCodec {
+	return &gogoCodec{}
+}
+
+// Name implements encoding.Codec
+func (c *gogoCodec) Name() string {
+	return "proto"
+}
+
+// Marshal implements encoding.Codec
+func (c *gogoCodec) Marshal(v interface{}) ([]byte, error) {
+	t := reflect.TypeOf(v)
+	elem := t.Elem()
+	// use gogo proto only for Tempo/Cortex/Jaeger types
+	if useGogo(elem) {
+		return gogoproto.Marshal(v.(gogoproto.Message))
+	}
+	return proto.Marshal(v.(proto.Message))
+}
+
+// Unmarshal implements encoding.Codec
+func (c *gogoCodec) Unmarshal(data []byte, v interface{}) error {
+	t := reflect.TypeOf(v)
+	elem := t.Elem()
+	// use gogo proto only for Tempo/Cortex/Jaeger types
+	if useGogo(elem) {
+		return gogoproto.Unmarshal(data, v.(gogoproto.Message))
+	}
+	return proto.Unmarshal(data, v.(proto.Message))
+}
+
+// useGogo checks if the element belongs to Tempo/Cortex/Jaeger packages
+func useGogo(t reflect.Type) bool {
+	if t == nil {
+		return false
+	}
+	pkgPath := t.PkgPath()
+	return (strings.HasPrefix(pkgPath, tempoProtoGenPkgPath) || strings.HasPrefix(pkgPath, cortexPath) || strings.HasPrefix(pkgPath, jaegerProtoGenPkgPath) || strings.HasPrefix(pkgPath, jaegerModelPkgPath))
+}
diff --git a/pkg/gogocodec/gogocodec_test.go b/pkg/gogocodec/gogocodec_test.go
new file mode 100644
index 00000000000..d952da07263
--- /dev/null
+++ b/pkg/gogocodec/gogocodec_test.go
@@ -0,0 +1,68 @@
+// This is copied over from Jaeger and modified to work for Tempo
+
+package gogocodec
+
+import (
+	"testing"
+
+	"github.com/golang/protobuf/proto" //lint:ignore SA1019 deprecated package
+	"github.com/stretchr/testify/assert"
+	"github.com/stretchr/testify/require"
+	"google.golang.org/protobuf/types/known/emptypb"
+
+	"github.com/grafana/tempo/pkg/tempopb"
+)
+
+func TestCodecMarshallAndUnmarshall_tempo_type(t *testing.T) {
+	// marshal a tempo object using the custom codec
+	c := newCodec()
+	req1 := &tempopb.TraceByIDRequest{
+		TraceID: []byte{0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01},
+	}
+	data, err := c.Marshal(req1)
+	require.NoError(t, err)
+
+	// unmarshal and check if its the same
+	req2 := &tempopb.TraceByIDRequest{}
+	err = c.Unmarshal(data, req2)
+	require.NoError(t, err)
+	assert.Equal(t, req1, req2)
+}
+
+func TestCodecMarshallAndUnmarshall_foreign_type(t *testing.T) {
+	// marshal a foreign object (anything other than Tempo/Cortex/Jaeger) using the custom codec
+	c := newCodec()
+	goprotoMessage1 := &emptypb.Empty{}
+	data, err := c.Marshal(goprotoMessage1)
+	require.NoError(t, err)
+
+	// unmarshal and check if its the same
+	goprotoMessage2 := &emptypb.Empty{}
+	err = c.Unmarshal(data, goprotoMessage2)
+	require.NoError(t, err)
+	assert.Equal(t, goprotoMessage1, goprotoMessage2)
+}
+
+func TestWireCompatibility(t *testing.T) {
+	// marshal a tempo object using the custom codec
+	c := newCodec()
+	req1 := &tempopb.TraceByIDRequest{
+		TraceID: []byte{0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01},
+	}
+	data, err := c.Marshal(req1)
+	require.NoError(t, err)
+
+	// unmarshal this into the generic empty type using golang proto
+	var goprotoMessage emptypb.Empty
+	err = proto.Unmarshal(data, &goprotoMessage)
+	require.NoError(t, err)
+
+	// marshal emptypb using golang proto
+	data2, err := proto.Marshal(&goprotoMessage)
+	require.NoError(t, err)
+
+	req2 := &tempopb.TraceByIDRequest{}
+	err = c.Unmarshal(data2, req2)
+	require.NoError(t, err)
+	assert.Equal(t, req1, req2)
+}
diff --git a/pkg/tempopb/prealloc.go b/pkg/tempopb/prealloc.go
index ef16fc12d02..dfdc200eab8 100644
--- a/pkg/tempopb/prealloc.go
+++ b/pkg/tempopb/prealloc.go
@@ -1,7 +1,7 @@
 package tempopb
 
 import (
-	"github.com/prometheus/prometheus/pkg/pool"
+	"github.com/prometheus/prometheus/util/pool"
 )
 
 var (
diff --git a/tempodb/backend/s3/s3.go b/tempodb/backend/s3/s3.go
index a4d1a4f78e6..933a9787ba3 100644
--- a/tempodb/backend/s3/s3.go
+++ b/tempodb/backend/s3/s3.go
@@ -191,6 +191,7 @@ func (rw *readerWriter) CloseAppend(ctx context.Context, tracker backend.AppendT
 		a.objectName,
 		a.uploadID,
 		completeParts,
+		minio.PutObjectOptions{},
 	)
 	if err != nil {
 		return errors.Wrapf(err, "error completing multipart upload, object: %s, obj etag: %s", a.objectName, etag)
diff --git a/tempodb/encoding/v2/pool.go b/tempodb/encoding/v2/pool.go
index 12be78f3701..07275c8d3f7 100644
--- a/tempodb/encoding/v2/pool.go
+++ b/tempodb/encoding/v2/pool.go
@@ -11,7 +11,7 @@ import (
 	"github.com/klauspost/compress/s2"
 	"github.com/klauspost/compress/zstd"
 	"github.com/pierrec/lz4/v4"
-	"github.com/prometheus/prometheus/pkg/pool"
+	"github.com/prometheus/prometheus/util/pool"
 )
 
 const maxEncoding = backend.EncS2
diff --git a/vendor/github.com/Azure/go-autorest/autorest/adal/sender.go b/vendor/github.com/Azure/go-autorest/autorest/adal/sender.go
index 1826a68dc82..eb649bce9f7 100644
--- a/vendor/github.com/Azure/go-autorest/autorest/adal/sender.go
+++ b/vendor/github.com/Azure/go-autorest/autorest/adal/sender.go
@@ -16,9 +16,11 @@ package adal
 
 import (
 	"crypto/tls"
+	"net"
 	"net/http"
 	"net/http/cookiejar"
 	"sync"
+	"time"
 
 	"github.com/Azure/go-autorest/tracing"
 )
@@ -72,15 +74,18 @@ func sender() Sender {
 	// note that we can't init defaultSender in init() since it will
 	// execute before calling code has had a chance to enable tracing
 	defaultSenderInit.Do(func() {
-		// Use behaviour compatible with DefaultTransport, but require TLS minimum version.
-		defaultTransport := http.DefaultTransport.(*http.Transport)
+		// copied from http.DefaultTransport with a TLS minimum version.
 		transport := &http.Transport{
-			Proxy:                 defaultTransport.Proxy,
-			DialContext:           defaultTransport.DialContext,
-			MaxIdleConns:          defaultTransport.MaxIdleConns,
-			IdleConnTimeout:       defaultTransport.IdleConnTimeout,
-			TLSHandshakeTimeout:   defaultTransport.TLSHandshakeTimeout,
-			ExpectContinueTimeout: defaultTransport.ExpectContinueTimeout,
+			Proxy: http.ProxyFromEnvironment,
+			DialContext: (&net.Dialer{
+				Timeout:   30 * time.Second,
+				KeepAlive: 30 * time.Second,
+			}).DialContext,
+			ForceAttemptHTTP2:     true,
+			MaxIdleConns:          100,
+			IdleConnTimeout:       90 * time.Second,
+			TLSHandshakeTimeout:   10 * time.Second,
+			ExpectContinueTimeout: 1 * time.Second,
 			TLSClientConfig: &tls.Config{
 				MinVersion: tls.VersionTLS12,
 			},
diff --git a/vendor/github.com/Azure/go-autorest/autorest/azure/environments.go b/vendor/github.com/Azure/go-autorest/autorest/azure/environments.go
index 3b61a2b6e9a..8192e110541 100644
--- a/vendor/github.com/Azure/go-autorest/autorest/azure/environments.go
+++ b/vendor/github.com/Azure/go-autorest/autorest/azure/environments.go
@@ -49,6 +49,7 @@ type ResourceIdentifier struct {
 	Storage             string `json:"storage"`
 	Synapse             string `json:"synapse"`
 	ServiceBus          string `json:"serviceBus"`
+	SQLDatabase         string `json:"sqlDatabase"`
 }
 
 // Environment represents a set of endpoints for each of Azure's Clouds.
@@ -121,6 +122,7 @@ var (
 			Storage:             "https://storage.azure.com/",
 			Synapse:             "https://dev.azuresynapse.net",
 			ServiceBus:          "https://servicebus.azure.net/",
+			SQLDatabase:         "https://database.windows.net/",
 		},
 	}
 
@@ -162,6 +164,7 @@ var (
 			Storage:             "https://storage.azure.com/",
 			Synapse:             NotAvailable,
 			ServiceBus:          "https://servicebus.azure.net/",
+			SQLDatabase:         "https://database.usgovcloudapi.net/",
 		},
 	}
 
@@ -203,6 +206,7 @@ var (
 			Storage:             "https://storage.azure.com/",
 			Synapse:             "https://dev.azuresynapse.net",
 			ServiceBus:          "https://servicebus.azure.net/",
+			SQLDatabase:         "https://database.chinacloudapi.cn/",
 		},
 	}
 
@@ -244,6 +248,7 @@ var (
 			Storage:             "https://storage.azure.com/",
 			Synapse:             NotAvailable,
 			ServiceBus:          "https://servicebus.azure.net/",
+			SQLDatabase:         "https://database.cloudapi.de/",
 		},
 	}
 )
diff --git a/vendor/github.com/Azure/go-autorest/autorest/sender.go b/vendor/github.com/Azure/go-autorest/autorest/sender.go
index 7a495f732ab..118de814118 100644
--- a/vendor/github.com/Azure/go-autorest/autorest/sender.go
+++ b/vendor/github.com/Azure/go-autorest/autorest/sender.go
@@ -20,6 +20,7 @@ import (
 	"fmt"
 	"log"
 	"math"
+	"net"
 	"net/http"
 	"net/http/cookiejar"
 	"strconv"
@@ -129,15 +130,18 @@ func sender(renengotiation tls.RenegotiationSupport) Sender {
 	// note that we can't init defaultSenders in init() since it will
 	// execute before calling code has had a chance to enable tracing
 	defaultSenders[renengotiation].init.Do(func() {
-		// Use behaviour compatible with DefaultTransport, but require TLS minimum version.
-		defaultTransport := http.DefaultTransport.(*http.Transport)
+		// copied from http.DefaultTransport with a TLS minimum version.
 		transport := &http.Transport{
-			Proxy:                 defaultTransport.Proxy,
-			DialContext:           defaultTransport.DialContext,
-			MaxIdleConns:          defaultTransport.MaxIdleConns,
-			IdleConnTimeout:       defaultTransport.IdleConnTimeout,
-			TLSHandshakeTimeout:   defaultTransport.TLSHandshakeTimeout,
-			ExpectContinueTimeout: defaultTransport.ExpectContinueTimeout,
+			Proxy: http.ProxyFromEnvironment,
+			DialContext: (&net.Dialer{
+				Timeout:   30 * time.Second,
+				KeepAlive: 30 * time.Second,
+			}).DialContext,
+			ForceAttemptHTTP2:     true,
+			MaxIdleConns:          100,
+			IdleConnTimeout:       90 * time.Second,
+			TLSHandshakeTimeout:   10 * time.Second,
+			ExpectContinueTimeout: 1 * time.Second,
 			TLSClientConfig: &tls.Config{
 				MinVersion:    tls.VersionTLS12,
 				Renegotiation: renengotiation,
diff --git a/vendor/github.com/alecthomas/units/README.md b/vendor/github.com/alecthomas/units/README.md
index bee884e3c1c..57b458aef31 100644
--- a/vendor/github.com/alecthomas/units/README.md
+++ b/vendor/github.com/alecthomas/units/README.md
@@ -1,3 +1,5 @@
+[![Go Reference](https://pkg.go.dev/badge/github.com/alecthomas/units.svg)](https://pkg.go.dev/github.com/alecthomas/units)
+
 # Units - Helpful unit multipliers and functions for Go
 
 The goal of this package is to have functionality similar to the [time](http://golang.org/pkg/time/) package.
diff --git a/vendor/github.com/alecthomas/units/bytes.go b/vendor/github.com/alecthomas/units/bytes.go
index f740537f03f..2683620d7be 100644
--- a/vendor/github.com/alecthomas/units/bytes.go
+++ b/vendor/github.com/alecthomas/units/bytes.go
@@ -52,9 +52,27 @@ func (b *Base2Bytes) UnmarshalText(text []byte) error {
 	return err
 }
 
-var (
-	metricBytesUnitMap = MakeUnitMap("B", "B", 1000)
-)
+// Floor returns Base2Bytes with all but the largest unit zeroed out. So that e.g. 1GiB1MiB1KiB → 1GiB.
+func (b Base2Bytes) Floor() Base2Bytes {
+	switch {
+	case b > Exbibyte:
+		return (b / Exbibyte) * Exbibyte
+	case b > Pebibyte:
+		return (b / Pebibyte) * Pebibyte
+	case b > Tebibyte:
+		return (b / Tebibyte) * Tebibyte
+	case b > Gibibyte:
+		return (b / Gibibyte) * Gibibyte
+	case b > Mebibyte:
+		return (b / Mebibyte) * Mebibyte
+	case b > Kibibyte:
+		return (b / Kibibyte) * Kibibyte
+	default:
+		return b
+	}
+}
+
+var metricBytesUnitMap = MakeUnitMap("B", "B", 1000)
 
 // MetricBytes are SI byte units (1000 bytes in a kilobyte).
 type MetricBytes SI
@@ -86,6 +104,26 @@ func (m MetricBytes) String() string {
 	return ToString(int64(m), 1000, "B", "B")
 }
 
+// Floor returns MetricBytes with all but the largest unit zeroed out. So that e.g. 1GB1MB1KB → 1GB.
+func (b MetricBytes) Floor() MetricBytes {
+	switch {
+	case b > Exabyte:
+		return (b / Exabyte) * Exabyte
+	case b > Petabyte:
+		return (b / Petabyte) * Petabyte
+	case b > Terabyte:
+		return (b / Terabyte) * Terabyte
+	case b > Gigabyte:
+		return (b / Gigabyte) * Gigabyte
+	case b > Megabyte:
+		return (b / Megabyte) * Megabyte
+	case b > Kilobyte:
+		return (b / Kilobyte) * Kilobyte
+	default:
+		return b
+	}
+}
+
 // ParseStrictBytes supports both iB and B suffixes for base 2 and metric,
 // respectively. That is, KiB represents 1024 and kB, KB represent 1000.
 func ParseStrictBytes(s string) (int64, error) {
diff --git a/vendor/github.com/aws/aws-sdk-go/aws/crr/cache.go b/vendor/github.com/aws/aws-sdk-go/aws/crr/cache.go
index a00ab6c67eb..c07f6731ea7 100644
--- a/vendor/github.com/aws/aws-sdk-go/aws/crr/cache.go
+++ b/vendor/github.com/aws/aws-sdk-go/aws/crr/cache.go
@@ -34,7 +34,10 @@ func (c *EndpointCache) get(endpointKey string) (Endpoint, bool) {
 		return Endpoint{}, false
 	}
 
-	c.endpoints.Store(endpointKey, endpoint)
+	ev := endpoint.(Endpoint)
+	ev.Prune()
+
+	c.endpoints.Store(endpointKey, ev)
 	return endpoint.(Endpoint), true
 }
 
diff --git a/vendor/github.com/aws/aws-sdk-go/aws/crr/endpoint.go b/vendor/github.com/aws/aws-sdk-go/aws/crr/endpoint.go
index d5599188e06..2b088bdbc74 100644
--- a/vendor/github.com/aws/aws-sdk-go/aws/crr/endpoint.go
+++ b/vendor/github.com/aws/aws-sdk-go/aws/crr/endpoint.go
@@ -60,12 +60,32 @@ func (e *Endpoint) GetValidAddress() (WeightedAddress, bool) {
 			continue
 		}
 
+		we.URL = cloneURL(we.URL)
+
 		return we, true
 	}
 
 	return WeightedAddress{}, false
 }
 
+// Prune will prune the expired addresses from the endpoint by allocating a new []WeightAddress.
+// This is not concurrent safe, and should be called from a single owning thread.
+func (e *Endpoint) Prune() bool {
+	validLen := e.Len()
+	if validLen == len(e.Addresses) {
+		return false
+	}
+	wa := make([]WeightedAddress, 0, validLen)
+	for i := range e.Addresses {
+		if e.Addresses[i].HasExpired() {
+			continue
+		}
+		wa = append(wa, e.Addresses[i])
+	}
+	e.Addresses = wa
+	return true
+}
+
 // Discoverer is an interface used to discovery which endpoint hit. This
 // allows for specifics about what parameters need to be used to be contained
 // in the Discoverer implementor.
@@ -97,3 +117,16 @@ func BuildEndpointKey(params map[string]*string) string {
 
 	return strings.Join(values, ".")
 }
+
+func cloneURL(u *url.URL) (clone *url.URL) {
+	clone = &url.URL{}
+
+	*clone = *u
+
+	if u.User != nil {
+		user := *u.User
+		clone.User = &user
+	}
+
+	return clone
+}
diff --git a/vendor/github.com/aws/aws-sdk-go/aws/endpoints/defaults.go b/vendor/github.com/aws/aws-sdk-go/aws/endpoints/defaults.go
index d1a31f510c6..d8be7b641bd 100644
--- a/vendor/github.com/aws/aws-sdk-go/aws/endpoints/defaults.go
+++ b/vendor/github.com/aws/aws-sdk-go/aws/endpoints/defaults.go
@@ -1430,6 +1430,50 @@ var awsPartition = partition{
 				},
 			},
 		},
+		"api.iotwireless": service{
+			Endpoints: serviceEndpoints{
+				endpointKey{
+					Region: "ap-northeast-1",
+				}: endpoint{
+					Hostname: "api.iotwireless.ap-northeast-1.amazonaws.com",
+					CredentialScope: credentialScope{
+						Region: "ap-northeast-1",
+					},
+				},
+				endpointKey{
+					Region: "ap-southeast-2",
+				}: endpoint{
+					Hostname: "api.iotwireless.ap-southeast-2.amazonaws.com",
+					CredentialScope: credentialScope{
+						Region: "ap-southeast-2",
+					},
+				},
+				endpointKey{
+					Region: "eu-west-1",
+				}: endpoint{
+					Hostname: "api.iotwireless.eu-west-1.amazonaws.com",
+					CredentialScope: credentialScope{
+						Region: "eu-west-1",
+					},
+				},
+				endpointKey{
+					Region: "us-east-1",
+				}: endpoint{
+					Hostname: "api.iotwireless.us-east-1.amazonaws.com",
+					CredentialScope: credentialScope{
+						Region: "us-east-1",
+					},
+				},
+				endpointKey{
+					Region: "us-west-2",
+				}: endpoint{
+					Hostname: "api.iotwireless.us-west-2.amazonaws.com",
+					CredentialScope: credentialScope{
+						Region: "us-west-2",
+					},
+				},
+			},
+		},
 		"api.mediatailor": service{
 			Endpoints: serviceEndpoints{
 				endpointKey{
@@ -1907,6 +1951,9 @@ var awsPartition = partition{
 				endpointKey{
 					Region: "ap-northeast-2",
 				}: endpoint{},
+				endpointKey{
+					Region: "ap-northeast-3",
+				}: endpoint{},
 				endpointKey{
 					Region: "ap-south-1",
 				}: endpoint{},
@@ -3179,36 +3226,12 @@ var awsPartition = partition{
 		},
 		"cloudhsm": service{
 			Endpoints: serviceEndpoints{
-				endpointKey{
-					Region: "ap-northeast-1",
-				}: endpoint{},
-				endpointKey{
-					Region: "ap-southeast-1",
-				}: endpoint{},
-				endpointKey{
-					Region: "ap-southeast-2",
-				}: endpoint{},
-				endpointKey{
-					Region: "ca-central-1",
-				}: endpoint{},
-				endpointKey{
-					Region: "eu-central-1",
-				}: endpoint{},
 				endpointKey{
 					Region: "eu-west-1",
 				}: endpoint{},
 				endpointKey{
 					Region: "us-east-1",
 				}: endpoint{},
-				endpointKey{
-					Region: "us-east-2",
-				}: endpoint{},
-				endpointKey{
-					Region: "us-west-1",
-				}: endpoint{},
-				endpointKey{
-					Region: "us-west-2",
-				}: endpoint{},
 			},
 		},
 		"cloudhsmv2": service{
@@ -8088,6 +8111,55 @@ var awsPartition = partition{
 				},
 			},
 		},
+		"evidently": service{
+			Endpoints: serviceEndpoints{
+				endpointKey{
+					Region: "ap-northeast-1",
+				}: endpoint{
+					Hostname: "evidently.ap-northeast-1.amazonaws.com",
+				},
+				endpointKey{
+					Region: "ap-southeast-1",
+				}: endpoint{
+					Hostname: "evidently.ap-southeast-1.amazonaws.com",
+				},
+				endpointKey{
+					Region: "ap-southeast-2",
+				}: endpoint{
+					Hostname: "evidently.ap-southeast-2.amazonaws.com",
+				},
+				endpointKey{
+					Region: "eu-central-1",
+				}: endpoint{
+					Hostname: "evidently.eu-central-1.amazonaws.com",
+				},
+				endpointKey{
+					Region: "eu-north-1",
+				}: endpoint{
+					Hostname: "evidently.eu-north-1.amazonaws.com",
+				},
+				endpointKey{
+					Region: "eu-west-1",
+				}: endpoint{
+					Hostname: "evidently.eu-west-1.amazonaws.com",
+				},
+				endpointKey{
+					Region: "us-east-1",
+				}: endpoint{
+					Hostname: "evidently.us-east-1.amazonaws.com",
+				},
+				endpointKey{
+					Region: "us-east-2",
+				}: endpoint{
+					Hostname: "evidently.us-east-2.amazonaws.com",
+				},
+				endpointKey{
+					Region: "us-west-2",
+				}: endpoint{
+					Hostname: "evidently.us-west-2.amazonaws.com",
+				},
+			},
+		},
 		"finspace": service{
 			Endpoints: serviceEndpoints{
 				endpointKey{
@@ -10043,6 +10115,67 @@ var awsPartition = partition{
 				},
 			},
 		},
+		"inspector2": service{
+			Endpoints: serviceEndpoints{
+				endpointKey{
+					Region: "ap-east-1",
+				}: endpoint{},
+				endpointKey{
+					Region: "ap-northeast-1",
+				}: endpoint{},
+				endpointKey{
+					Region: "ap-northeast-2",
+				}: endpoint{},
+				endpointKey{
+					Region: "ap-south-1",
+				}: endpoint{},
+				endpointKey{
+					Region: "ap-southeast-1",
+				}: endpoint{},
+				endpointKey{
+					Region: "ap-southeast-2",
+				}: endpoint{},
+				endpointKey{
+					Region: "ca-central-1",
+				}: endpoint{},
+				endpointKey{
+					Region: "eu-central-1",
+				}: endpoint{},
+				endpointKey{
+					Region: "eu-north-1",
+				}: endpoint{},
+				endpointKey{
+					Region: "eu-south-1",
+				}: endpoint{},
+				endpointKey{
+					Region: "eu-west-1",
+				}: endpoint{},
+				endpointKey{
+					Region: "eu-west-2",
+				}: endpoint{},
+				endpointKey{
+					Region: "eu-west-3",
+				}: endpoint{},
+				endpointKey{
+					Region: "me-south-1",
+				}: endpoint{},
+				endpointKey{
+					Region: "sa-east-1",
+				}: endpoint{},
+				endpointKey{
+					Region: "us-east-1",
+				}: endpoint{},
+				endpointKey{
+					Region: "us-east-2",
+				}: endpoint{},
+				endpointKey{
+					Region: "us-west-1",
+				}: endpoint{},
+				endpointKey{
+					Region: "us-west-2",
+				}: endpoint{},
+			},
+		},
 		"iot": service{
 			Defaults: endpointDefaults{
 				defaultKey{}: endpoint{
@@ -14601,6 +14734,73 @@ var awsPartition = partition{
 				},
 			},
 		},
+		"rbin": service{
+			Endpoints: serviceEndpoints{
+				endpointKey{
+					Region: "af-south-1",
+				}: endpoint{},
+				endpointKey{
+					Region: "ap-east-1",
+				}: endpoint{},
+				endpointKey{
+					Region: "ap-northeast-1",
+				}: endpoint{},
+				endpointKey{
+					Region: "ap-northeast-2",
+				}: endpoint{},
+				endpointKey{
+					Region: "ap-northeast-3",
+				}: endpoint{},
+				endpointKey{
+					Region: "ap-south-1",
+				}: endpoint{},
+				endpointKey{
+					Region: "ap-southeast-1",
+				}: endpoint{},
+				endpointKey{
+					Region: "ap-southeast-2",
+				}: endpoint{},
+				endpointKey{
+					Region: "ca-central-1",
+				}: endpoint{},
+				endpointKey{
+					Region: "eu-central-1",
+				}: endpoint{},
+				endpointKey{
+					Region: "eu-north-1",
+				}: endpoint{},
+				endpointKey{
+					Region: "eu-south-1",
+				}: endpoint{},
+				endpointKey{
+					Region: "eu-west-1",
+				}: endpoint{},
+				endpointKey{
+					Region: "eu-west-2",
+				}: endpoint{},
+				endpointKey{
+					Region: "eu-west-3",
+				}: endpoint{},
+				endpointKey{
+					Region: "me-south-1",
+				}: endpoint{},
+				endpointKey{
+					Region: "sa-east-1",
+				}: endpoint{},
+				endpointKey{
+					Region: "us-east-1",
+				}: endpoint{},
+				endpointKey{
+					Region: "us-east-2",
+				}: endpoint{},
+				endpointKey{
+					Region: "us-west-1",
+				}: endpoint{},
+				endpointKey{
+					Region: "us-west-2",
+				}: endpoint{},
+			},
+		},
 		"rds": service{
 			Endpoints: serviceEndpoints{
 				endpointKey{
@@ -15551,6 +15751,40 @@ var awsPartition = partition{
 				}: endpoint{},
 			},
 		},
+		"rum": service{
+			Endpoints: serviceEndpoints{
+				endpointKey{
+					Region: "ap-northeast-1",
+				}: endpoint{},
+				endpointKey{
+					Region: "ap-southeast-1",
+				}: endpoint{},
+				endpointKey{
+					Region: "ap-southeast-2",
+				}: endpoint{},
+				endpointKey{
+					Region: "eu-central-1",
+				}: endpoint{},
+				endpointKey{
+					Region: "eu-north-1",
+				}: endpoint{},
+				endpointKey{
+					Region: "eu-west-1",
+				}: endpoint{},
+				endpointKey{
+					Region: "eu-west-2",
+				}: endpoint{},
+				endpointKey{
+					Region: "us-east-1",
+				}: endpoint{},
+				endpointKey{
+					Region: "us-east-2",
+				}: endpoint{},
+				endpointKey{
+					Region: "us-west-2",
+				}: endpoint{},
+			},
+		},
 		"runtime-v2-lex": service{
 			Endpoints: serviceEndpoints{
 				endpointKey{
diff --git a/vendor/github.com/aws/aws-sdk-go/aws/version.go b/vendor/github.com/aws/aws-sdk-go/aws/version.go
index 47d513a3ad4..bac037f1b7c 100644
--- a/vendor/github.com/aws/aws-sdk-go/aws/version.go
+++ b/vendor/github.com/aws/aws-sdk-go/aws/version.go
@@ -5,4 +5,4 @@ package aws
 const SDKName = "aws-sdk-go"
 
 // SDKVersion is the version of this SDK
-const SDKVersion = "1.42.9"
+const SDKVersion = "1.42.16"
diff --git a/vendor/github.com/aws/aws-sdk-go/service/dynamodb/api.go b/vendor/github.com/aws/aws-sdk-go/service/dynamodb/api.go
index 55ad551db5b..73de1f4e0f2 100644
--- a/vendor/github.com/aws/aws-sdk-go/service/dynamodb/api.go
+++ b/vendor/github.com/aws/aws-sdk-go/service/dynamodb/api.go
@@ -8299,6 +8299,21 @@ func (s *BackupSummary) SetTableName(v string) *BackupSummary {
 type BatchExecuteStatementInput struct {
 	_ struct{} `type:"structure"`
 
+	// Determines the level of detail about either provisioned or on-demand throughput
+	// consumption that is returned in the response:
+	//
+	//    * INDEXES - The response includes the aggregate ConsumedCapacity for the
+	//    operation, together with ConsumedCapacity for each table and secondary
+	//    index that was accessed. Note that some operations, such as GetItem and
+	//    BatchGetItem, do not access any indexes at all. In these cases, specifying
+	//    INDEXES will only return ConsumedCapacity information for table(s).
+	//
+	//    * TOTAL - The response includes only the aggregate ConsumedCapacity for
+	//    the operation.
+	//
+	//    * NONE - No ConsumedCapacity details are included in the response.
+	ReturnConsumedCapacity *string `type:"string" enum:"ReturnConsumedCapacity"`
+
 	// The list of PartiQL statements representing the batch to run.
 	//
 	// Statements is a required field
@@ -8349,6 +8364,12 @@ func (s *BatchExecuteStatementInput) Validate() error {
 	return nil
 }
 
+// SetReturnConsumedCapacity sets the ReturnConsumedCapacity field's value.
+func (s *BatchExecuteStatementInput) SetReturnConsumedCapacity(v string) *BatchExecuteStatementInput {
+	s.ReturnConsumedCapacity = &v
+	return s
+}
+
 // SetStatements sets the Statements field's value.
 func (s *BatchExecuteStatementInput) SetStatements(v []*BatchStatementRequest) *BatchExecuteStatementInput {
 	s.Statements = v
@@ -8358,6 +8379,10 @@ func (s *BatchExecuteStatementInput) SetStatements(v []*BatchStatementRequest) *
 type BatchExecuteStatementOutput struct {
 	_ struct{} `type:"structure"`
 
+	// The capacity units consumed by the entire operation. The values of the list
+	// are ordered according to the ordering of the statements.
+	ConsumedCapacity []*ConsumedCapacity `type:"list"`
+
 	// The response to each PartiQL statement in the batch.
 	Responses []*BatchStatementResponse `type:"list"`
 }
@@ -8380,6 +8405,12 @@ func (s BatchExecuteStatementOutput) GoString() string {
 	return s.String()
 }
 
+// SetConsumedCapacity sets the ConsumedCapacity field's value.
+func (s *BatchExecuteStatementOutput) SetConsumedCapacity(v []*ConsumedCapacity) *BatchExecuteStatementOutput {
+	s.ConsumedCapacity = v
+	return s
+}
+
 // SetResponses sets the Responses field's value.
 func (s *BatchExecuteStatementOutput) SetResponses(v []*BatchStatementResponse) *BatchExecuteStatementOutput {
 	s.Responses = v
@@ -8441,8 +8472,8 @@ type BatchGetItemInput struct {
 	// RequestItems is a required field
 	RequestItems map[string]*KeysAndAttributes `min:"1" type:"map" required:"true"`
 
-	// Determines the level of detail about provisioned throughput consumption that
-	// is returned in the response:
+	// Determines the level of detail about either provisioned or on-demand throughput
+	// consumption that is returned in the response:
 	//
 	//    * INDEXES - The response includes the aggregate ConsumedCapacity for the
 	//    operation, together with ConsumedCapacity for each table and secondary
@@ -8782,8 +8813,8 @@ type BatchWriteItemInput struct {
 	// RequestItems is a required field
 	RequestItems map[string][]*WriteRequest `min:"1" type:"map" required:"true"`
 
-	// Determines the level of detail about provisioned throughput consumption that
-	// is returned in the response:
+	// Determines the level of detail about either provisioned or on-demand throughput
+	// consumption that is returned in the response:
 	//
 	//    * INDEXES - The response includes the aggregate ConsumedCapacity for the
 	//    operation, together with ConsumedCapacity for each table and secondary
@@ -10844,8 +10875,8 @@ type DeleteItemInput struct {
 	// Key is a required field
 	Key map[string]*AttributeValue `type:"map" required:"true"`
 
-	// Determines the level of detail about provisioned throughput consumption that
-	// is returned in the response:
+	// Determines the level of detail about either provisioned or on-demand throughput
+	// consumption that is returned in the response:
 	//
 	//    * INDEXES - The response includes the aggregate ConsumedCapacity for the
 	//    operation, together with ConsumedCapacity for each table and secondary
@@ -12657,6 +12688,21 @@ type ExecuteStatementInput struct {
 	// The parameters for the PartiQL statement, if any.
 	Parameters []*AttributeValue `min:"1" type:"list"`
 
+	// Determines the level of detail about either provisioned or on-demand throughput
+	// consumption that is returned in the response:
+	//
+	//    * INDEXES - The response includes the aggregate ConsumedCapacity for the
+	//    operation, together with ConsumedCapacity for each table and secondary
+	//    index that was accessed. Note that some operations, such as GetItem and
+	//    BatchGetItem, do not access any indexes at all. In these cases, specifying
+	//    INDEXES will only return ConsumedCapacity information for table(s).
+	//
+	//    * TOTAL - The response includes only the aggregate ConsumedCapacity for
+	//    the operation.
+	//
+	//    * NONE - No ConsumedCapacity details are included in the response.
+	ReturnConsumedCapacity *string `type:"string" enum:"ReturnConsumedCapacity"`
+
 	// The PartiQL statement representing the operation to run.
 	//
 	// Statement is a required field
@@ -12721,6 +12767,12 @@ func (s *ExecuteStatementInput) SetParameters(v []*AttributeValue) *ExecuteState
 	return s
 }
 
+// SetReturnConsumedCapacity sets the ReturnConsumedCapacity field's value.
+func (s *ExecuteStatementInput) SetReturnConsumedCapacity(v string) *ExecuteStatementInput {
+	s.ReturnConsumedCapacity = &v
+	return s
+}
+
 // SetStatement sets the Statement field's value.
 func (s *ExecuteStatementInput) SetStatement(v string) *ExecuteStatementInput {
 	s.Statement = &v
@@ -12730,6 +12782,14 @@ func (s *ExecuteStatementInput) SetStatement(v string) *ExecuteStatementInput {
 type ExecuteStatementOutput struct {
 	_ struct{} `type:"structure"`
 
+	// The capacity units consumed by an operation. The data returned includes the
+	// total provisioned throughput consumed, along with statistics for the table
+	// and any indexes involved in the operation. ConsumedCapacity is only returned
+	// if the request asked for it. For more information, see Provisioned Throughput
+	// (https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/ProvisionedThroughputIntro.html)
+	// in the Amazon DynamoDB Developer Guide.
+	ConsumedCapacity *ConsumedCapacity `type:"structure"`
+
 	// If a read operation was used, this property will contain the result of the
 	// read operation; a map of attribute names and their values. For the write
 	// operations this value will be empty.
@@ -12759,6 +12819,12 @@ func (s ExecuteStatementOutput) GoString() string {
 	return s.String()
 }
 
+// SetConsumedCapacity sets the ConsumedCapacity field's value.
+func (s *ExecuteStatementOutput) SetConsumedCapacity(v *ConsumedCapacity) *ExecuteStatementOutput {
+	s.ConsumedCapacity = v
+	return s
+}
+
 // SetItems sets the Items field's value.
 func (s *ExecuteStatementOutput) SetItems(v []map[string]*AttributeValue) *ExecuteStatementOutput {
 	s.Items = v
@@ -12778,6 +12844,12 @@ type ExecuteTransactionInput struct {
 	// statement response.
 	ClientRequestToken *string `min:"1" type:"string" idempotencyToken:"true"`
 
+	// Determines the level of detail about either provisioned or on-demand throughput
+	// consumption that is returned in the response. For more information, see TransactGetItems
+	// (https://docs.aws.amazon.com/amazondynamodb/latest/APIReference/API_TransactGetItems.html)
+	// and TransactWriteItems (https://docs.aws.amazon.com/amazondynamodb/latest/APIReference/API_TransactWriteItems.html).
+	ReturnConsumedCapacity *string `type:"string" enum:"ReturnConsumedCapacity"`
+
 	// The list of PartiQL statements representing the transaction to run.
 	//
 	// TransactStatements is a required field
@@ -12837,6 +12909,12 @@ func (s *ExecuteTransactionInput) SetClientRequestToken(v string) *ExecuteTransa
 	return s
 }
 
+// SetReturnConsumedCapacity sets the ReturnConsumedCapacity field's value.
+func (s *ExecuteTransactionInput) SetReturnConsumedCapacity(v string) *ExecuteTransactionInput {
+	s.ReturnConsumedCapacity = &v
+	return s
+}
+
 // SetTransactStatements sets the TransactStatements field's value.
 func (s *ExecuteTransactionInput) SetTransactStatements(v []*ParameterizedStatement) *ExecuteTransactionInput {
 	s.TransactStatements = v
@@ -12846,6 +12924,10 @@ func (s *ExecuteTransactionInput) SetTransactStatements(v []*ParameterizedStatem
 type ExecuteTransactionOutput struct {
 	_ struct{} `type:"structure"`
 
+	// The capacity units consumed by the entire operation. The values of the list
+	// are ordered according to the ordering of the statements.
+	ConsumedCapacity []*ConsumedCapacity `type:"list"`
+
 	// The response to a PartiQL transaction.
 	Responses []*ItemResponse `min:"1" type:"list"`
 }
@@ -12868,6 +12950,12 @@ func (s ExecuteTransactionOutput) GoString() string {
 	return s.String()
 }
 
+// SetConsumedCapacity sets the ConsumedCapacity field's value.
+func (s *ExecuteTransactionOutput) SetConsumedCapacity(v []*ConsumedCapacity) *ExecuteTransactionOutput {
+	s.ConsumedCapacity = v
+	return s
+}
+
 // SetResponses sets the Responses field's value.
 func (s *ExecuteTransactionOutput) SetResponses(v []*ItemResponse) *ExecuteTransactionOutput {
 	s.Responses = v
@@ -13860,8 +13948,8 @@ type GetItemInput struct {
 	// in the Amazon DynamoDB Developer Guide.
 	ProjectionExpression *string `type:"string"`
 
-	// Determines the level of detail about provisioned throughput consumption that
-	// is returned in the response:
+	// Determines the level of detail about either provisioned or on-demand throughput
+	// consumption that is returned in the response:
 	//
 	//    * INDEXES - The response includes the aggregate ConsumedCapacity for the
 	//    operation, together with ConsumedCapacity for each table and secondary
@@ -17437,8 +17525,8 @@ type PutItemInput struct {
 	// Item is a required field
 	Item map[string]*AttributeValue `type:"map" required:"true"`
 
-	// Determines the level of detail about provisioned throughput consumption that
-	// is returned in the response:
+	// Determines the level of detail about either provisioned or on-demand throughput
+	// consumption that is returned in the response:
 	//
 	//    * INDEXES - The response includes the aggregate ConsumedCapacity for the
 	//    operation, together with ConsumedCapacity for each table and secondary
@@ -17901,8 +17989,8 @@ type QueryInput struct {
 	// in the Amazon DynamoDB Developer Guide.
 	QueryFilter map[string]*Condition `type:"map"`
 
-	// Determines the level of detail about provisioned throughput consumption that
-	// is returned in the response:
+	// Determines the level of detail about either provisioned or on-demand throughput
+	// consumption that is returned in the response:
 	//
 	//    * INDEXES - The response includes the aggregate ConsumedCapacity for the
 	//    operation, together with ConsumedCapacity for each table and secondary
@@ -20351,8 +20439,8 @@ type ScanInput struct {
 	// in the Amazon DynamoDB Developer Guide.
 	ProjectionExpression *string `type:"string"`
 
-	// Determines the level of detail about provisioned throughput consumption that
-	// is returned in the response:
+	// Determines the level of detail about either provisioned or on-demand throughput
+	// consumption that is returned in the response:
 	//
 	//    * INDEXES - The response includes the aggregate ConsumedCapacity for the
 	//    operation, together with ConsumedCapacity for each table and secondary
@@ -22143,8 +22231,8 @@ type TransactWriteItemsInput struct {
 	// exception.
 	ClientRequestToken *string `min:"1" type:"string" idempotencyToken:"true"`
 
-	// Determines the level of detail about provisioned throughput consumption that
-	// is returned in the response:
+	// Determines the level of detail about either provisioned or on-demand throughput
+	// consumption that is returned in the response:
 	//
 	//    * INDEXES - The response includes the aggregate ConsumedCapacity for the
 	//    operation, together with ConsumedCapacity for each table and secondary
@@ -23458,8 +23546,8 @@ type UpdateItemInput struct {
 	// Key is a required field
 	Key map[string]*AttributeValue `type:"map" required:"true"`
 
-	// Determines the level of detail about provisioned throughput consumption that
-	// is returned in the response:
+	// Determines the level of detail about either provisioned or on-demand throughput
+	// consumption that is returned in the response:
 	//
 	//    * INDEXES - The response includes the aggregate ConsumedCapacity for the
 	//    operation, together with ConsumedCapacity for each table and secondary
@@ -24845,8 +24933,8 @@ func ReplicaStatus_Values() []string {
 	}
 }
 
-// Determines the level of detail about provisioned throughput consumption that
-// is returned in the response:
+// Determines the level of detail about either provisioned or on-demand throughput
+// consumption that is returned in the response:
 //
 //    * INDEXES - The response includes the aggregate ConsumedCapacity for the
 //    operation, together with ConsumedCapacity for each table and secondary
diff --git a/vendor/github.com/aws/aws-sdk-go/service/s3/api.go b/vendor/github.com/aws/aws-sdk-go/service/s3/api.go
index 633d3c09ff6..45ce9ac22c6 100644
--- a/vendor/github.com/aws/aws-sdk-go/service/s3/api.go
+++ b/vendor/github.com/aws/aws-sdk-go/service/s3/api.go
@@ -196,6 +196,10 @@ func (c *S3) CompleteMultipartUploadRequest(input *CompleteMultipartUploadInput)
 // to retry the failed requests. For more information, see Amazon S3 Error Best
 // Practices (https://docs.aws.amazon.com/AmazonS3/latest/dev/ErrorBestPractices.html).
 //
+// You cannot use Content-Type: application/x-www-form-urlencoded with Complete
+// Multipart Upload requests. Also, if you do not provide a Content-Type header,
+// CompleteMultipartUpload returns a 200 OK response.
+//
 // For more information about multipart uploads, see Uploading Objects Using
 // Multipart Upload (https://docs.aws.amazon.com/AmazonS3/latest/dev/uploadobjusingmpu.html).
 //
@@ -416,6 +420,21 @@ func (c *S3) CopyObjectRequest(input *CopyObjectInput) (req *request.Request, ou
 // see Access Control List (ACL) Overview (https://docs.aws.amazon.com/AmazonS3/latest/dev/acl-overview.html)
 // and Managing ACLs Using the REST API (https://docs.aws.amazon.com/AmazonS3/latest/dev/acl-using-rest-api.html).
 //
+// If the bucket that you're copying objects to uses the bucket owner enforced
+// setting for S3 Object Ownership, ACLs are disabled and no longer affect permissions.
+// Buckets that use this setting only accept PUT requests that don't specify
+// an ACL or PUT requests that specify bucket owner full control ACLs, such
+// as the bucket-owner-full-control canned ACL or an equivalent form of this
+// ACL expressed in the XML format.
+//
+// For more information, see Controlling ownership of objects and disabling
+// ACLs (https://docs.aws.amazon.com/AmazonS3/latest/userguide/about-object-ownership.html)
+// in the Amazon S3 User Guide.
+//
+// If your bucket uses the bucket owner enforced setting for Object Ownership,
+// all objects written to the bucket by any account will be owned by the bucket
+// owner.
+//
 // Storage Class Options
 //
 // You can use the CopyObject action to change the storage class of an object
@@ -554,8 +573,19 @@ func (c *S3) CreateBucketRequest(input *CreateBucketInput) (req *request.Request
 // your application must be able to handle 307 redirect. For more information,
 // see Virtual hosting of buckets (https://docs.aws.amazon.com/AmazonS3/latest/dev/VirtualHosting.html).
 //
-// When creating a bucket using this operation, you can optionally specify the
-// accounts or groups that should be granted specific permissions on the bucket.
+// Access control lists (ACLs)
+//
+// When creating a bucket using this operation, you can optionally configure
+// the bucket ACL to specify the accounts or groups that should be granted specific
+// permissions on the bucket.
+//
+// If your CreateBucket request includes the BucketOwnerEnforced value for the
+// x-amz-object-ownership header, your request can either not specify an ACL
+// or specify bucket owner full control ACLs, such as the bucket-owner-full-control
+// canned ACL or an equivalent ACL expressed in the XML format. For more information,
+// see Controlling object ownership (https://docs.aws.amazon.com/AmazonS3/latest/userguide/about-object-ownership.html)
+// in the Amazon S3 User Guide.
+//
 // There are two ways to grant the appropriate permissions using the request
 // headers.
 //
@@ -568,11 +598,11 @@ func (c *S3) CreateBucketRequest(input *CreateBucketInput) (req *request.Request
 //    x-amz-grant-read-acp, x-amz-grant-write-acp, and x-amz-grant-full-control
 //    headers. These headers map to the set of permissions Amazon S3 supports
 //    in an ACL. For more information, see Access control list (ACL) overview
-//    (https://docs.aws.amazon.com/AmazonS3/latest/dev/acl-overview.html). You
-//    specify each grantee as a type=value pair, where the type is one of the
-//    following: id – if the value specified is the canonical user ID of an
-//    Amazon Web Services account uri – if you are granting permissions to
-//    a predefined group emailAddress – if the value specified is the email
+//    (https://docs.aws.amazon.com/AmazonS3/latest/userguide/acl-overview.html).
+//    You specify each grantee as a type=value pair, where the type is one of
+//    the following: id – if the value specified is the canonical user ID
+//    of an Amazon Web Services account uri – if you are granting permissions
+//    to a predefined group emailAddress – if the value specified is the email
 //    address of an Amazon Web Services account Using email addresses to specify
 //    a grantee is only supported in the following Amazon Web Services Regions:
 //    US East (N. Virginia) US West (N. California) US West (Oregon) Asia Pacific
@@ -589,15 +619,23 @@ func (c *S3) CreateBucketRequest(input *CreateBucketInput) (req *request.Request
 //
 // Permissions
 //
-// If your CreateBucket request specifies ACL permissions and the ACL is public-read,
-// public-read-write, authenticated-read, or if you specify access permissions
-// explicitly through any other ACL, both s3:CreateBucket and s3:PutBucketAcl
-// permissions are needed. If the ACL the CreateBucket request is private, only
-// s3:CreateBucket permission is needed.
+// In addition to s3:CreateBucket, the following permissions are required when
+// your CreateBucket includes specific headers:
+//
+//    * ACLs - If your CreateBucket request specifies ACL permissions and the
+//    ACL is public-read, public-read-write, authenticated-read, or if you specify
+//    access permissions explicitly through any other ACL, both s3:CreateBucket
+//    and s3:PutBucketAcl permissions are needed. If the ACL the CreateBucket
+//    request is private or doesn't specify any ACLs, only s3:CreateBucket permission
+//    is needed.
 //
-// If ObjectLockEnabledForBucket is set to true in your CreateBucket request,
-// s3:PutBucketObjectLockConfiguration and s3:PutBucketVersioning permissions
-// are required.
+//    * Object Lock - If ObjectLockEnabledForBucket is set to true in your CreateBucket
+//    request, s3:PutBucketObjectLockConfiguration and s3:PutBucketVersioning
+//    permissions are required.
+//
+//    * S3 Object Ownership - If your CreateBucket request includes the the
+//    x-amz-object-ownership header, s3:PutBucketOwnershipControls permission
+//    is required.
 //
 // The following operations are related to CreateBucket:
 //
@@ -1277,17 +1315,16 @@ func (c *S3) DeleteBucketIntelligentTieringConfigurationRequest(input *DeleteBuc
 // The S3 Intelligent-Tiering storage class is designed to optimize storage
 // costs by automatically moving data to the most cost-effective storage access
 // tier, without performance impact or operational overhead. S3 Intelligent-Tiering
-// delivers automatic cost savings in two low latency and high throughput access
-// tiers. For data that can be accessed asynchronously, you can choose to activate
-// automatic archiving capabilities within the S3 Intelligent-Tiering storage
-// class.
+// delivers automatic cost savings in three low latency and high throughput
+// access tiers. To get the lowest storage cost on data that can be accessed
+// in minutes to hours, you can choose to activate additional archiving capabilities.
 //
 // The S3 Intelligent-Tiering storage class is the ideal storage class for data
 // with unknown, changing, or unpredictable access patterns, independent of
 // object size or retention period. If the size of an object is less than 128
-// KB, it is not eligible for auto-tiering. Smaller objects can be stored, but
-// they are always charged at the Frequent Access tier rates in the S3 Intelligent-Tiering
-// storage class.
+// KB, it is not monitored and not eligible for auto-tiering. Smaller objects
+// can be stored, but they are always charged at the Frequent Access tier rates
+// in the S3 Intelligent-Tiering storage class.
 //
 // For more information, see Storage class for automatically optimizing frequently
 // and infrequently accessed objects (https://docs.aws.amazon.com/AmazonS3/latest/dev/storage-class-intro.html#sc-dynamic-data-access).
@@ -2614,6 +2651,12 @@ func (c *S3) GetBucketAclRequest(input *GetBucketAclInput) (req *request.Request
 // is granted to the anonymous user, you can return the ACL of the bucket without
 // using an authorization header.
 //
+// If your bucket uses the bucket owner enforced setting for S3 Object Ownership,
+// requests to read ACLs are still supported and return the bucket-owner-full-control
+// ACL with the owner being the account that created the bucket. For more information,
+// see Controlling object ownership and disabling ACLs (https://docs.aws.amazon.com/AmazonS3/latest/userguide/about-object-ownership.html)
+// in the Amazon S3 User Guide.
+//
 // Related Resources
 //
 //    * ListObjects (https://docs.aws.amazon.com/AmazonS3/latest/API/API_ListObjects.html)
@@ -2967,17 +3010,16 @@ func (c *S3) GetBucketIntelligentTieringConfigurationRequest(input *GetBucketInt
 // The S3 Intelligent-Tiering storage class is designed to optimize storage
 // costs by automatically moving data to the most cost-effective storage access
 // tier, without performance impact or operational overhead. S3 Intelligent-Tiering
-// delivers automatic cost savings in two low latency and high throughput access
-// tiers. For data that can be accessed asynchronously, you can choose to activate
-// automatic archiving capabilities within the S3 Intelligent-Tiering storage
-// class.
+// delivers automatic cost savings in three low latency and high throughput
+// access tiers. To get the lowest storage cost on data that can be accessed
+// in minutes to hours, you can choose to activate additional archiving capabilities.
 //
 // The S3 Intelligent-Tiering storage class is the ideal storage class for data
 // with unknown, changing, or unpredictable access patterns, independent of
 // object size or retention period. If the size of an object is less than 128
-// KB, it is not eligible for auto-tiering. Smaller objects can be stored, but
-// they are always charged at the Frequent Access tier rates in the S3 Intelligent-Tiering
-// storage class.
+// KB, it is not monitored and not eligible for auto-tiering. Smaller objects
+// can be stored, but they are always charged at the Frequent Access tier rates
+// in the S3 Intelligent-Tiering storage class.
 //
 // For more information, see Storage class for automatically optimizing frequently
 // and infrequently accessed objects (https://docs.aws.amazon.com/AmazonS3/latest/dev/storage-class-intro.html#sc-dynamic-data-access).
@@ -3805,10 +3847,10 @@ func (c *S3) GetBucketOwnershipControlsRequest(input *GetBucketOwnershipControls
 //
 // Retrieves OwnershipControls for an Amazon S3 bucket. To use this operation,
 // you must have the s3:GetBucketOwnershipControls permission. For more information
-// about Amazon S3 permissions, see Specifying Permissions in a Policy (https://docs.aws.amazon.com/AmazonS3/latest/dev/using-with-s3-actions.html).
+// about Amazon S3 permissions, see Specifying permissions in a policy (https://docs.aws.amazon.com/AmazonS3/latest/userguide/using-with-s3-actions.html).
 //
 // For information about Amazon S3 Object Ownership, see Using Object Ownership
-// (https://docs.aws.amazon.com/AmazonS3/latest/dev/about-object-ownership.html).
+// (https://docs.aws.amazon.com/AmazonS3/latest/userguide/about-object-ownership.html).
 //
 // The following operations are related to GetBucketOwnershipControls:
 //
@@ -4586,8 +4628,9 @@ func (c *S3) GetObjectRequest(input *GetObjectInput) (req *request.Request, outp
 // By default, the GET action returns the current version of an object. To return
 // a different version, use the versionId subresource.
 //
-//    * You need the s3:GetObjectVersion permission to access a specific version
-//    of an object.
+//    * If you supply a versionId, you need the s3:GetObjectVersion permission
+//    to access a specific version of an object. If you request a specific version,
+//    you do not need to have the s3:GetObject permission.
 //
 //    * If the current version of the object is a delete marker, Amazon S3 behaves
 //    as if the object was deleted and includes x-amz-delete-marker: true in
@@ -4734,6 +4777,12 @@ func (c *S3) GetObjectAclRequest(input *GetObjectAclInput) (req *request.Request
 // By default, GET returns ACL information about the current version of an object.
 // To return ACL information about a different version, use the versionId subresource.
 //
+// If your bucket uses the bucket owner enforced setting for S3 Object Ownership,
+// requests to read ACLs are still supported and return the bucket-owner-full-control
+// ACL with the owner being the account that created the bucket. For more information,
+// see Controlling object ownership and disabling ACLs (https://docs.aws.amazon.com/AmazonS3/latest/userguide/about-object-ownership.html)
+// in the Amazon S3 User Guide.
+//
 // The following operations are related to GetObjectAcl:
 //
 //    * GetObject (https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetObject.html)
@@ -5675,17 +5724,16 @@ func (c *S3) ListBucketIntelligentTieringConfigurationsRequest(input *ListBucket
 // The S3 Intelligent-Tiering storage class is designed to optimize storage
 // costs by automatically moving data to the most cost-effective storage access
 // tier, without performance impact or operational overhead. S3 Intelligent-Tiering
-// delivers automatic cost savings in two low latency and high throughput access
-// tiers. For data that can be accessed asynchronously, you can choose to activate
-// automatic archiving capabilities within the S3 Intelligent-Tiering storage
-// class.
+// delivers automatic cost savings in three low latency and high throughput
+// access tiers. To get the lowest storage cost on data that can be accessed
+// in minutes to hours, you can choose to activate additional archiving capabilities.
 //
 // The S3 Intelligent-Tiering storage class is the ideal storage class for data
 // with unknown, changing, or unpredictable access patterns, independent of
 // object size or retention period. If the size of an object is less than 128
-// KB, it is not eligible for auto-tiering. Smaller objects can be stored, but
-// they are always charged at the Frequent Access tier rates in the S3 Intelligent-Tiering
-// storage class.
+// KB, it is not monitored and not eligible for auto-tiering. Smaller objects
+// can be stored, but they are always charged at the Frequent Access tier rates
+// in the S3 Intelligent-Tiering storage class.
 //
 // For more information, see Storage class for automatically optimizing frequently
 // and infrequently accessed objects (https://docs.aws.amazon.com/AmazonS3/latest/dev/storage-class-intro.html#sc-dynamic-data-access).
@@ -6980,6 +7028,14 @@ func (c *S3) PutBucketAclRequest(input *PutBucketAclInput) (req *request.Request
 // existing application that updates a bucket ACL using the request body, then
 // you can continue to use that approach.
 //
+// If your bucket uses the bucket owner enforced setting for S3 Object Ownership,
+// ACLs are disabled and no longer affect permissions. You must use policies
+// to grant access to your bucket and the objects in it. Requests to set ACLs
+// or update ACLs fail and return the AccessControlListNotSupported error code.
+// Requests to read ACLs are still supported. For more information, see Controlling
+// object ownership (https://docs.aws.amazon.com/AmazonS3/latest/userguide/about-object-ownership.html)
+// in the Amazon S3 User Guide.
+//
 // Access Permissions
 //
 // You can set access permissions using one of the following methods:
@@ -7474,17 +7530,16 @@ func (c *S3) PutBucketIntelligentTieringConfigurationRequest(input *PutBucketInt
 // The S3 Intelligent-Tiering storage class is designed to optimize storage
 // costs by automatically moving data to the most cost-effective storage access
 // tier, without performance impact or operational overhead. S3 Intelligent-Tiering
-// delivers automatic cost savings in two low latency and high throughput access
-// tiers. For data that can be accessed asynchronously, you can choose to activate
-// automatic archiving capabilities within the S3 Intelligent-Tiering storage
-// class.
+// delivers automatic cost savings in three low latency and high throughput
+// access tiers. To get the lowest storage cost on data that can be accessed
+// in minutes to hours, you can choose to activate additional archiving capabilities.
 //
 // The S3 Intelligent-Tiering storage class is the ideal storage class for data
 // with unknown, changing, or unpredictable access patterns, independent of
 // object size or retention period. If the size of an object is less than 128
-// KB, it is not eligible for auto-tiering. Smaller objects can be stored, but
-// they are always charged at the Frequent Access tier rates in the S3 Intelligent-Tiering
-// storage class.
+// KB, it is not monitored and not eligible for auto-tiering. Smaller objects
+// can be stored, but they are always charged at the Frequent Access tier rates
+// in the S3 Intelligent-Tiering storage class.
 //
 // For more information, see Storage class for automatically optimizing frequently
 // and infrequently accessed objects (https://docs.aws.amazon.com/AmazonS3/latest/dev/storage-class-intro.html#sc-dynamic-data-access).
@@ -7998,6 +8053,12 @@ func (c *S3) PutBucketLoggingRequest(input *PutBucketLoggingInput) (req *request
 // the Grantee request element to grant access to other people. The Permissions
 // request element specifies the kind of access the grantee has to the logs.
 //
+// If the target bucket for log delivery uses the bucket owner enforced setting
+// for S3 Object Ownership, you can't use the Grantee request element to grant
+// access to others. Permissions can only be granted using policies. For more
+// information, see Permissions for server access log delivery (https://docs.aws.amazon.com/AmazonS3/latest/userguide/enable-server-access-logging.html#grant-log-delivery-permissions-general)
+// in the Amazon S3 User Guide.
+//
 // Grantee Values
 //
 // You can specify the person (grantee) to whom you're assigning access rights
@@ -8021,7 +8082,8 @@ func (c *S3) PutBucketLoggingRequest(input *PutBucketLoggingInput) (req *request
 // <BucketLoggingStatus xmlns="http://doc.s3.amazonaws.com/2006-03-01" />
 //
 // For more information about server access logging, see Server Access Logging
-// (https://docs.aws.amazon.com/AmazonS3/latest/dev/ServerLogs.html).
+// (https://docs.aws.amazon.com/AmazonS3/latest/userguide/ServerLogs.html) in
+// the Amazon S3 User Guide.
 //
 // For more information about creating a bucket, see CreateBucket (https://docs.aws.amazon.com/AmazonS3/latest/API/API_CreateBucket.html).
 // For more information about returning the logging status of a bucket, see
@@ -8430,11 +8492,11 @@ func (c *S3) PutBucketOwnershipControlsRequest(input *PutBucketOwnershipControls
 //
 // Creates or modifies OwnershipControls for an Amazon S3 bucket. To use this
 // operation, you must have the s3:PutBucketOwnershipControls permission. For
-// more information about Amazon S3 permissions, see Specifying Permissions
-// in a Policy (https://docs.aws.amazon.com/AmazonS3/latest/dev/using-with-s3-actions.html).
+// more information about Amazon S3 permissions, see Specifying permissions
+// in a policy (https://docs.aws.amazon.com/AmazonS3/latest/user-guide/using-with-s3-actions.html).
 //
-// For information about Amazon S3 Object Ownership, see Using Object Ownership
-// (https://docs.aws.amazon.com/AmazonS3/latest/dev/about-object-ownership.html).
+// For information about Amazon S3 Object Ownership, see Using object ownership
+// (https://docs.aws.amazon.com/AmazonS3/latest/user-guide/about-object-ownership.html).
 //
 // The following operations are related to PutBucketOwnershipControls:
 //
@@ -9272,6 +9334,23 @@ func (c *S3) PutObjectRequest(input *PutObjectInput) (req *request.Request, outp
 // Overview (https://docs.aws.amazon.com/AmazonS3/latest/dev/acl-overview.html)
 // and Managing ACLs Using the REST API (https://docs.aws.amazon.com/AmazonS3/latest/dev/acl-using-rest-api.html).
 //
+// If the bucket that you're uploading objects to uses the bucket owner enforced
+// setting for S3 Object Ownership, ACLs are disabled and no longer affect permissions.
+// Buckets that use this setting only accept PUT requests that don't specify
+// an ACL or PUT requests that specify bucket owner full control ACLs, such
+// as the bucket-owner-full-control canned ACL or an equivalent form of this
+// ACL expressed in the XML format. PUT requests that contain other ACLs (for
+// example, custom grants to certain Amazon Web Services accounts) fail and
+// return a 400 error with the error code AccessControlListNotSupported.
+//
+// For more information, see Controlling ownership of objects and disabling
+// ACLs (https://docs.aws.amazon.com/AmazonS3/latest/userguide/about-object-ownership.html)
+// in the Amazon S3 User Guide.
+//
+// If your bucket uses the bucket owner enforced setting for Object Ownership,
+// all objects written to the bucket by any account will be owned by the bucket
+// owner.
+//
 // Storage Class Options
 //
 // By default, Amazon S3 uses the STANDARD Storage Class to store newly created
@@ -9391,6 +9470,14 @@ func (c *S3) PutObjectAclRequest(input *PutObjectAclInput) (req *request.Request
 // Control List (ACL) Overview (https://docs.aws.amazon.com/AmazonS3/latest/dev/acl-overview.html)
 // in the Amazon S3 User Guide.
 //
+// If your bucket uses the bucket owner enforced setting for S3 Object Ownership,
+// ACLs are disabled and no longer affect permissions. You must use policies
+// to grant access to your bucket and the objects in it. Requests to set ACLs
+// or update ACLs fail and return the AccessControlListNotSupported error code.
+// Requests to read ACLs are still supported. For more information, see Controlling
+// object ownership (https://docs.aws.amazon.com/AmazonS3/latest/userguide/about-object-ownership.html)
+// in the Amazon S3 User Guide.
+//
 // Access Permissions
 //
 // You can set access permissions using one of the following methods:
@@ -12687,6 +12774,9 @@ type CompletedMultipartUpload struct {
 	_ struct{} `type:"structure"`
 
 	// Array of CompletedPart data types.
+	//
+	// If you do not supply a valid Part with your request, the service sends back
+	// an HTTP 400 response.
 	Parts []*CompletedPart `locationName:"Part" type:"list" flattened:"true"`
 }
 
@@ -13726,6 +13816,22 @@ type CreateBucketInput struct {
 
 	// Specifies whether you want S3 Object Lock to be enabled for the new bucket.
 	ObjectLockEnabledForBucket *bool `location:"header" locationName:"x-amz-bucket-object-lock-enabled" type:"boolean"`
+
+	// The container element for object ownership for a bucket's ownership controls.
+	//
+	// BucketOwnerPreferred - Objects uploaded to the bucket change ownership to
+	// the bucket owner if the objects are uploaded with the bucket-owner-full-control
+	// canned ACL.
+	//
+	// ObjectWriter - The uploading account will own the object if the object is
+	// uploaded with the bucket-owner-full-control canned ACL.
+	//
+	// BucketOwnerEnforced - Access control lists (ACLs) are disabled and no longer
+	// affect permissions. The bucket owner automatically owns and has full control
+	// over every object in the bucket. The bucket only accepts PUT requests that
+	// don't specify an ACL or bucket owner full control ACLs, such as the bucket-owner-full-control
+	// canned ACL or an equivalent form of this ACL expressed in the XML format.
+	ObjectOwnership *string `location:"header" locationName:"x-amz-object-ownership" type:"string" enum:"ObjectOwnership"`
 }
 
 // String returns the string representation.
@@ -13823,6 +13929,12 @@ func (s *CreateBucketInput) SetObjectLockEnabledForBucket(v bool) *CreateBucketI
 	return s
 }
 
+// SetObjectOwnership sets the ObjectOwnership field's value.
+func (s *CreateBucketInput) SetObjectOwnership(v string) *CreateBucketInput {
+	s.ObjectOwnership = &v
+	return s
+}
+
 type CreateBucketOutput struct {
 	_ struct{} `type:"structure"`
 
@@ -17813,6 +17925,29 @@ func (s *ErrorDocument) SetKey(v string) *ErrorDocument {
 	return s
 }
 
+// A container for specifying the configuration for Amazon EventBridge.
+type EventBridgeConfiguration struct {
+	_ struct{} `type:"structure"`
+}
+
+// String returns the string representation.
+//
+// API parameter values that are decorated as "sensitive" in the API will not
+// be included in the string output. The member name will be present, but the
+// value will be replaced with "sensitive".
+func (s EventBridgeConfiguration) String() string {
+	return awsutil.Prettify(s)
+}
+
+// GoString returns the string representation.
+//
+// API parameter values that are decorated as "sensitive" in the API will not
+// be included in the string output. The member name will be present, but the
+// value will be replaced with "sensitive".
+func (s EventBridgeConfiguration) GoString() string {
+	return s.String()
+}
+
 // Optional configuration to replicate existing source bucket objects. For more
 // information, see Replicating Existing Objects (https://docs.aws.amazon.com/AmazonS3/latest/dev/replication-what-is-isnot-replicated.html#existing-object-replication)
 // in the Amazon S3 User Guide.
@@ -19659,8 +19794,8 @@ func (s GetBucketOwnershipControlsInput) updateArnableField(v string) (interface
 type GetBucketOwnershipControlsOutput struct {
 	_ struct{} `type:"structure" payload:"OwnershipControls"`
 
-	// The OwnershipControls (BucketOwnerPreferred or ObjectWriter) currently in
-	// effect for this Amazon S3 bucket.
+	// The OwnershipControls (BucketOwnerEnforced, BucketOwnerPreferred, or ObjectWriter)
+	// currently in effect for this Amazon S3 bucket.
 	OwnershipControls *OwnershipControls `type:"structure"`
 }
 
@@ -24692,6 +24827,12 @@ func (s *LifecycleRule) SetTransitions(v []*Transition) *LifecycleRule {
 type LifecycleRuleAndOperator struct {
 	_ struct{} `type:"structure"`
 
+	// Minimum object size to which the rule applies.
+	ObjectSizeGreaterThan *int64 `type:"long"`
+
+	// Maximum object size to which the rule applies.
+	ObjectSizeLessThan *int64 `type:"long"`
+
 	// Prefix identifying one or more objects to which the rule applies.
 	Prefix *string `type:"string"`
 
@@ -24738,6 +24879,18 @@ func (s *LifecycleRuleAndOperator) Validate() error {
 	return nil
 }
 
+// SetObjectSizeGreaterThan sets the ObjectSizeGreaterThan field's value.
+func (s *LifecycleRuleAndOperator) SetObjectSizeGreaterThan(v int64) *LifecycleRuleAndOperator {
+	s.ObjectSizeGreaterThan = &v
+	return s
+}
+
+// SetObjectSizeLessThan sets the ObjectSizeLessThan field's value.
+func (s *LifecycleRuleAndOperator) SetObjectSizeLessThan(v int64) *LifecycleRuleAndOperator {
+	s.ObjectSizeLessThan = &v
+	return s
+}
+
 // SetPrefix sets the Prefix field's value.
 func (s *LifecycleRuleAndOperator) SetPrefix(v string) *LifecycleRuleAndOperator {
 	s.Prefix = &v
@@ -24760,6 +24913,12 @@ type LifecycleRuleFilter struct {
 	// of the predicates configured inside the And operator.
 	And *LifecycleRuleAndOperator `type:"structure"`
 
+	// Minimum object size to which the rule applies.
+	ObjectSizeGreaterThan *int64 `type:"long"`
+
+	// Maximum object size to which the rule applies.
+	ObjectSizeLessThan *int64 `type:"long"`
+
 	// Prefix identifying one or more objects to which the rule applies.
 	//
 	// Replacement must be made for object keys containing special characters (such
@@ -24815,6 +24974,18 @@ func (s *LifecycleRuleFilter) SetAnd(v *LifecycleRuleAndOperator) *LifecycleRule
 	return s
 }
 
+// SetObjectSizeGreaterThan sets the ObjectSizeGreaterThan field's value.
+func (s *LifecycleRuleFilter) SetObjectSizeGreaterThan(v int64) *LifecycleRuleFilter {
+	s.ObjectSizeGreaterThan = &v
+	return s
+}
+
+// SetObjectSizeLessThan sets the ObjectSizeLessThan field's value.
+func (s *LifecycleRuleFilter) SetObjectSizeLessThan(v int64) *LifecycleRuleFilter {
+	s.ObjectSizeLessThan = &v
+	return s
+}
+
 // SetPrefix sets the Prefix field's value.
 func (s *LifecycleRuleFilter) SetPrefix(v string) *LifecycleRuleFilter {
 	s.Prefix = &v
@@ -27410,6 +27581,11 @@ type LoggingEnabled struct {
 	TargetBucket *string `type:"string" required:"true"`
 
 	// Container for granting information.
+	//
+	// Buckets that use the bucket owner enforced setting for Object Ownership don't
+	// support target grants. For more information, see Permissions for server access
+	// log delivery (https://docs.aws.amazon.com/AmazonS3/latest/userguide/enable-server-access-logging.html#grant-log-delivery-permissions-general)
+	// in the Amazon S3 User Guide.
 	TargetGrants []*TargetGrant `locationNameList:"Grant" type:"list"`
 
 	// A prefix for all log object keys. If you store log files from multiple Amazon
@@ -27890,6 +28066,13 @@ func (s *MultipartUpload) SetUploadId(v string) *MultipartUpload {
 type NoncurrentVersionExpiration struct {
 	_ struct{} `type:"structure"`
 
+	// Specifies how many noncurrent versions Amazon S3 will retain. If there are
+	// this many more recent noncurrent versions, Amazon S3 will take the associated
+	// action. For more information about noncurrent versions, see Lifecycle configuration
+	// elements (https://docs.aws.amazon.com/AmazonS3/latest/userguide/intro-lifecycle-rules.html)
+	// in the Amazon S3 User Guide.
+	NewerNoncurrentVersions *int64 `type:"integer"`
+
 	// Specifies the number of days an object is noncurrent before Amazon S3 can
 	// perform the associated action. For information about the noncurrent days
 	// calculations, see How Amazon S3 Calculates When an Object Became Noncurrent
@@ -27916,6 +28099,12 @@ func (s NoncurrentVersionExpiration) GoString() string {
 	return s.String()
 }
 
+// SetNewerNoncurrentVersions sets the NewerNoncurrentVersions field's value.
+func (s *NoncurrentVersionExpiration) SetNewerNoncurrentVersions(v int64) *NoncurrentVersionExpiration {
+	s.NewerNoncurrentVersions = &v
+	return s
+}
+
 // SetNoncurrentDays sets the NoncurrentDays field's value.
 func (s *NoncurrentVersionExpiration) SetNoncurrentDays(v int64) *NoncurrentVersionExpiration {
 	s.NoncurrentDays = &v
@@ -27923,15 +28112,22 @@ func (s *NoncurrentVersionExpiration) SetNoncurrentDays(v int64) *NoncurrentVers
 }
 
 // Container for the transition rule that describes when noncurrent objects
-// transition to the STANDARD_IA, ONEZONE_IA, INTELLIGENT_TIERING, GLACIER,
-// or DEEP_ARCHIVE storage class. If your bucket is versioning-enabled (or versioning
-// is suspended), you can set this action to request that Amazon S3 transition
-// noncurrent object versions to the STANDARD_IA, ONEZONE_IA, INTELLIGENT_TIERING,
-// GLACIER, or DEEP_ARCHIVE storage class at a specific period in the object's
-// lifetime.
+// transition to the STANDARD_IA, ONEZONE_IA, INTELLIGENT_TIERING, GLACIER_IR,
+// GLACIER, or DEEP_ARCHIVE storage class. If your bucket is versioning-enabled
+// (or versioning is suspended), you can set this action to request that Amazon
+// S3 transition noncurrent object versions to the STANDARD_IA, ONEZONE_IA,
+// INTELLIGENT_TIERING, GLACIER_IR, GLACIER, or DEEP_ARCHIVE storage class at
+// a specific period in the object's lifetime.
 type NoncurrentVersionTransition struct {
 	_ struct{} `type:"structure"`
 
+	// Specifies how many noncurrent versions Amazon S3 will retain. If there are
+	// this many more recent noncurrent versions, Amazon S3 will take the associated
+	// action. For more information about noncurrent versions, see Lifecycle configuration
+	// elements (https://docs.aws.amazon.com/AmazonS3/latest/userguide/intro-lifecycle-rules.html)
+	// in the Amazon S3 User Guide.
+	NewerNoncurrentVersions *int64 `type:"integer"`
+
 	// Specifies the number of days an object is noncurrent before Amazon S3 can
 	// perform the associated action. For information about the noncurrent days
 	// calculations, see How Amazon S3 Calculates How Long an Object Has Been Noncurrent
@@ -27961,6 +28157,12 @@ func (s NoncurrentVersionTransition) GoString() string {
 	return s.String()
 }
 
+// SetNewerNoncurrentVersions sets the NewerNoncurrentVersions field's value.
+func (s *NoncurrentVersionTransition) SetNewerNoncurrentVersions(v int64) *NoncurrentVersionTransition {
+	s.NewerNoncurrentVersions = &v
+	return s
+}
+
 // SetNoncurrentDays sets the NoncurrentDays field's value.
 func (s *NoncurrentVersionTransition) SetNoncurrentDays(v int64) *NoncurrentVersionTransition {
 	s.NoncurrentDays = &v
@@ -27978,6 +28180,9 @@ func (s *NoncurrentVersionTransition) SetStorageClass(v string) *NoncurrentVersi
 type NotificationConfiguration struct {
 	_ struct{} `type:"structure"`
 
+	// Enables delivery of events to Amazon EventBridge.
+	EventBridgeConfiguration *EventBridgeConfiguration `type:"structure"`
+
 	// Describes the Lambda functions to invoke and the events for which to invoke
 	// them.
 	LambdaFunctionConfigurations []*LambdaFunctionConfiguration `locationName:"CloudFunctionConfiguration" type:"list" flattened:"true"`
@@ -28049,6 +28254,12 @@ func (s *NotificationConfiguration) Validate() error {
 	return nil
 }
 
+// SetEventBridgeConfiguration sets the EventBridgeConfiguration field's value.
+func (s *NotificationConfiguration) SetEventBridgeConfiguration(v *EventBridgeConfiguration) *NotificationConfiguration {
+	s.EventBridgeConfiguration = v
+	return s
+}
+
 // SetLambdaFunctionConfigurations sets the LambdaFunctionConfigurations field's value.
 func (s *NotificationConfiguration) SetLambdaFunctionConfigurations(v []*LambdaFunctionConfiguration) *NotificationConfiguration {
 	s.LambdaFunctionConfigurations = v
@@ -28760,6 +28971,12 @@ type OwnershipControlsRule struct {
 	// ObjectWriter - The uploading account will own the object if the object is
 	// uploaded with the bucket-owner-full-control canned ACL.
 	//
+	// BucketOwnerEnforced - Access control lists (ACLs) are disabled and no longer
+	// affect permissions. The bucket owner automatically owns and has full control
+	// over every object in the bucket. The bucket only accepts PUT requests that
+	// don't specify an ACL or bucket owner full control ACLs, such as the bucket-owner-full-control
+	// canned ACL or an equivalent form of this ACL expressed in the XML format.
+	//
 	// ObjectOwnership is a required field
 	ObjectOwnership *string `type:"string" required:"true" enum:"ObjectOwnership"`
 }
@@ -30710,6 +30927,10 @@ type PutBucketNotificationConfigurationInput struct {
 	//
 	// NotificationConfiguration is a required field
 	NotificationConfiguration *NotificationConfiguration `locationName:"NotificationConfiguration" type:"structure" required:"true" xmlURI:"http://s3.amazonaws.com/doc/2006-03-01/"`
+
+	// Skips validation of Amazon SQS, Amazon SNS, and Lambda destinations. True
+	// or false value.
+	SkipDestinationValidation *bool `location:"header" locationName:"x-amz-skip-destination-validation" type:"boolean"`
 }
 
 // String returns the string representation.
@@ -30779,6 +31000,12 @@ func (s *PutBucketNotificationConfigurationInput) SetNotificationConfiguration(v
 	return s
 }
 
+// SetSkipDestinationValidation sets the SkipDestinationValidation field's value.
+func (s *PutBucketNotificationConfigurationInput) SetSkipDestinationValidation(v bool) *PutBucketNotificationConfigurationInput {
+	s.SkipDestinationValidation = &v
+	return s
+}
+
 func (s *PutBucketNotificationConfigurationInput) getEndpointARN() (arn.Resource, error) {
 	if s.Bucket == nil {
 		return nil, fmt.Errorf("member Bucket is nil")
@@ -30971,8 +31198,8 @@ type PutBucketOwnershipControlsInput struct {
 	// error.
 	ExpectedBucketOwner *string `location:"header" locationName:"x-amz-expected-bucket-owner" type:"string"`
 
-	// The OwnershipControls (BucketOwnerPreferred or ObjectWriter) that you want
-	// to apply to this Amazon S3 bucket.
+	// The OwnershipControls (BucketOwnerEnforced, BucketOwnerPreferred, or ObjectWriter)
+	// that you want to apply to this Amazon S3 bucket.
 	//
 	// OwnershipControls is a required field
 	OwnershipControls *OwnershipControls `locationName:"OwnershipControls" type:"structure" required:"true" xmlURI:"http://s3.amazonaws.com/doc/2006-03-01/"`
@@ -35092,12 +35319,12 @@ type Rule struct {
 	NoncurrentVersionExpiration *NoncurrentVersionExpiration `type:"structure"`
 
 	// Container for the transition rule that describes when noncurrent objects
-	// transition to the STANDARD_IA, ONEZONE_IA, INTELLIGENT_TIERING, GLACIER,
-	// or DEEP_ARCHIVE storage class. If your bucket is versioning-enabled (or versioning
-	// is suspended), you can set this action to request that Amazon S3 transition
-	// noncurrent object versions to the STANDARD_IA, ONEZONE_IA, INTELLIGENT_TIERING,
-	// GLACIER, or DEEP_ARCHIVE storage class at a specific period in the object's
-	// lifetime.
+	// transition to the STANDARD_IA, ONEZONE_IA, INTELLIGENT_TIERING, GLACIER_IR,
+	// GLACIER, or DEEP_ARCHIVE storage class. If your bucket is versioning-enabled
+	// (or versioning is suspended), you can set this action to request that Amazon
+	// S3 transition noncurrent object versions to the STANDARD_IA, ONEZONE_IA,
+	// INTELLIGENT_TIERING, GLACIER_IR, GLACIER, or DEEP_ARCHIVE storage class at
+	// a specific period in the object's lifetime.
 	NoncurrentVersionTransition *NoncurrentVersionTransition `type:"structure"`
 
 	// Object key prefix that identifies one or more objects to which this rule
@@ -36553,6 +36780,11 @@ func (s *Tagging) SetTagSet(v []*Tag) *Tagging {
 }
 
 // Container for granting information.
+//
+// Buckets that use the bucket owner enforced setting for Object Ownership don't
+// support target grants. For more information, see Permissions server access
+// log delivery (https://docs.aws.amazon.com/AmazonS3/latest/userguide/enable-server-access-logging.html#grant-log-delivery-permissions-general)
+// in the Amazon S3 User Guide.
 type TargetGrant struct {
 	_ struct{} `type:"structure"`
 
@@ -38621,6 +38853,36 @@ const (
 
 	// EventS3ReplicationOperationReplicatedAfterThreshold is a Event enum value
 	EventS3ReplicationOperationReplicatedAfterThreshold = "s3:Replication:OperationReplicatedAfterThreshold"
+
+	// EventS3ObjectRestoreDelete is a Event enum value
+	EventS3ObjectRestoreDelete = "s3:ObjectRestore:Delete"
+
+	// EventS3LifecycleTransition is a Event enum value
+	EventS3LifecycleTransition = "s3:LifecycleTransition"
+
+	// EventS3IntelligentTiering is a Event enum value
+	EventS3IntelligentTiering = "s3:IntelligentTiering"
+
+	// EventS3ObjectAclPut is a Event enum value
+	EventS3ObjectAclPut = "s3:ObjectAcl:Put"
+
+	// EventS3LifecycleExpiration is a Event enum value
+	EventS3LifecycleExpiration = "s3:LifecycleExpiration:*"
+
+	// EventS3LifecycleExpirationDelete is a Event enum value
+	EventS3LifecycleExpirationDelete = "s3:LifecycleExpiration:Delete"
+
+	// EventS3LifecycleExpirationDeleteMarkerCreated is a Event enum value
+	EventS3LifecycleExpirationDeleteMarkerCreated = "s3:LifecycleExpiration:DeleteMarkerCreated"
+
+	// EventS3ObjectTagging is a Event enum value
+	EventS3ObjectTagging = "s3:ObjectTagging:*"
+
+	// EventS3ObjectTaggingPut is a Event enum value
+	EventS3ObjectTaggingPut = "s3:ObjectTagging:Put"
+
+	// EventS3ObjectTaggingDelete is a Event enum value
+	EventS3ObjectTaggingDelete = "s3:ObjectTagging:Delete"
 )
 
 // Event_Values returns all elements of the Event enum
@@ -38643,6 +38905,16 @@ func Event_Values() []string {
 		EventS3ReplicationOperationNotTracked,
 		EventS3ReplicationOperationMissedThreshold,
 		EventS3ReplicationOperationReplicatedAfterThreshold,
+		EventS3ObjectRestoreDelete,
+		EventS3LifecycleTransition,
+		EventS3IntelligentTiering,
+		EventS3ObjectAclPut,
+		EventS3LifecycleExpiration,
+		EventS3LifecycleExpirationDelete,
+		EventS3LifecycleExpirationDeleteMarkerCreated,
+		EventS3ObjectTagging,
+		EventS3ObjectTaggingPut,
+		EventS3ObjectTaggingDelete,
 	}
 }
 
@@ -39050,12 +39322,21 @@ func ObjectLockRetentionMode_Values() []string {
 //
 // ObjectWriter - The uploading account will own the object if the object is
 // uploaded with the bucket-owner-full-control canned ACL.
+//
+// BucketOwnerEnforced - Access control lists (ACLs) are disabled and no longer
+// affect permissions. The bucket owner automatically owns and has full control
+// over every object in the bucket. The bucket only accepts PUT requests that
+// don't specify an ACL or bucket owner full control ACLs, such as the bucket-owner-full-control
+// canned ACL or an equivalent form of this ACL expressed in the XML format.
 const (
 	// ObjectOwnershipBucketOwnerPreferred is a ObjectOwnership enum value
 	ObjectOwnershipBucketOwnerPreferred = "BucketOwnerPreferred"
 
 	// ObjectOwnershipObjectWriter is a ObjectOwnership enum value
 	ObjectOwnershipObjectWriter = "ObjectWriter"
+
+	// ObjectOwnershipBucketOwnerEnforced is a ObjectOwnership enum value
+	ObjectOwnershipBucketOwnerEnforced = "BucketOwnerEnforced"
 )
 
 // ObjectOwnership_Values returns all elements of the ObjectOwnership enum
@@ -39063,6 +39344,7 @@ func ObjectOwnership_Values() []string {
 	return []string{
 		ObjectOwnershipBucketOwnerPreferred,
 		ObjectOwnershipObjectWriter,
+		ObjectOwnershipBucketOwnerEnforced,
 	}
 }
 
@@ -39090,6 +39372,9 @@ const (
 
 	// ObjectStorageClassOutposts is a ObjectStorageClass enum value
 	ObjectStorageClassOutposts = "OUTPOSTS"
+
+	// ObjectStorageClassGlacierIr is a ObjectStorageClass enum value
+	ObjectStorageClassGlacierIr = "GLACIER_IR"
 )
 
 // ObjectStorageClass_Values returns all elements of the ObjectStorageClass enum
@@ -39103,6 +39388,7 @@ func ObjectStorageClass_Values() []string {
 		ObjectStorageClassIntelligentTiering,
 		ObjectStorageClassDeepArchive,
 		ObjectStorageClassOutposts,
+		ObjectStorageClassGlacierIr,
 	}
 }
 
@@ -39377,6 +39663,9 @@ const (
 
 	// StorageClassOutposts is a StorageClass enum value
 	StorageClassOutposts = "OUTPOSTS"
+
+	// StorageClassGlacierIr is a StorageClass enum value
+	StorageClassGlacierIr = "GLACIER_IR"
 )
 
 // StorageClass_Values returns all elements of the StorageClass enum
@@ -39390,6 +39679,7 @@ func StorageClass_Values() []string {
 		StorageClassGlacier,
 		StorageClassDeepArchive,
 		StorageClassOutposts,
+		StorageClassGlacierIr,
 	}
 }
 
@@ -39456,6 +39746,9 @@ const (
 
 	// TransitionStorageClassDeepArchive is a TransitionStorageClass enum value
 	TransitionStorageClassDeepArchive = "DEEP_ARCHIVE"
+
+	// TransitionStorageClassGlacierIr is a TransitionStorageClass enum value
+	TransitionStorageClassGlacierIr = "GLACIER_IR"
 )
 
 // TransitionStorageClass_Values returns all elements of the TransitionStorageClass enum
@@ -39466,6 +39759,7 @@ func TransitionStorageClass_Values() []string {
 		TransitionStorageClassOnezoneIa,
 		TransitionStorageClassIntelligentTiering,
 		TransitionStorageClassDeepArchive,
+		TransitionStorageClassGlacierIr,
 	}
 }
 
diff --git a/vendor/github.com/aws/aws-sdk-go/service/sts/api.go b/vendor/github.com/aws/aws-sdk-go/service/sts/api.go
index a1a8a0952e6..1e7fa65577e 100644
--- a/vendor/github.com/aws/aws-sdk-go/service/sts/api.go
+++ b/vendor/github.com/aws/aws-sdk-go/service/sts/api.go
@@ -63,14 +63,15 @@ func (c *STS) AssumeRoleRequest(input *AssumeRoleInput) (req *request.Request, o
 // or for cross-account access. For a comparison of AssumeRole with other API
 // operations that produce temporary credentials, see Requesting Temporary Security
 // Credentials (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_request.html)
-// and Comparing the STS API operations (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_request.html#stsapi_comparison)
+// and Comparing the Amazon Web Services STS API operations (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_request.html#stsapi_comparison)
 // in the IAM User Guide.
 //
 // Permissions
 //
 // The temporary security credentials created by AssumeRole can be used to make
 // API calls to any Amazon Web Services service with the following exception:
-// You cannot call the STS GetFederationToken or GetSessionToken API operations.
+// You cannot call the Amazon Web Services STS GetFederationToken or GetSessionToken
+// API operations.
 //
 // (Optional) You can pass inline or managed session policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies.html#policies_session)
 // to this operation. You can pass a single JSON policy document to use as an
@@ -86,26 +87,33 @@ func (c *STS) AssumeRoleRequest(input *AssumeRoleInput) (req *request.Request, o
 // For more information, see Session Policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies.html#policies_session)
 // in the IAM User Guide.
 //
-// To assume a role from a different account, your account must be trusted by
-// the role. The trust relationship is defined in the role's trust policy when
-// the role is created. That trust policy states which accounts are allowed
-// to delegate that access to users in the account.
+// When you create a role, you create two policies: A role trust policy that
+// specifies who can assume the role and a permissions policy that specifies
+// what can be done with the role. You specify the trusted principal who is
+// allowed to assume the role in the role trust policy.
+//
+// To assume a role from a different account, your Amazon Web Services account
+// must be trusted by the role. The trust relationship is defined in the role's
+// trust policy when the role is created. That trust policy states which accounts
+// are allowed to delegate that access to users in the account.
 //
 // A user who wants to access a role in a different account must also have permissions
 // that are delegated from the user account administrator. The administrator
 // must attach a policy that allows the user to call AssumeRole for the ARN
-// of the role in the other account. If the user is in the same account as the
-// role, then you can do either of the following:
+// of the role in the other account.
 //
-//    * Attach a policy to the user (identical to the previous user in a different
-//    account).
+// To allow a user to assume a role in the same account, you can do either of
+// the following:
+//
+//    * Attach a policy to the user that allows the user to call AssumeRole
+//    (as long as the role's trust policy trusts the account).
 //
 //    * Add the user as a principal directly in the role's trust policy.
 //
-// In this case, the trust policy acts as an IAM resource-based policy. Users
-// in the same account as the role do not need explicit permission to assume
-// the role. For more information about trust policies and resource-based policies,
-// see IAM Policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies.html)
+// You can do either because the role’s trust policy acts as an IAM resource-based
+// policy. When a resource-based policy grants access to a principal in the
+// same account, no additional identity-based policy is required. For more information
+// about trust policies and resource-based policies, see IAM Policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies.html)
 // in the IAM User Guide.
 //
 // Tags
@@ -170,7 +178,7 @@ func (c *STS) AssumeRoleRequest(input *AssumeRoleInput) (req *request.Request, o
 //
 //   You could receive this error even though you meet other defined session policy
 //   and session tag limits. For more information, see IAM and STS Entity Character
-//   Limits (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_enable-regions.html)
+//   Limits (https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_iam-quotas.html#reference_iam-limits-entity-length)
 //   in the IAM User Guide.
 //
 //   * ErrCodeRegionDisabledException "RegionDisabledException"
@@ -258,7 +266,7 @@ func (c *STS) AssumeRoleWithSAMLRequest(input *AssumeRoleWithSAMLInput) (req *re
 // Services access without user-specific credentials or configuration. For a
 // comparison of AssumeRoleWithSAML with the other API operations that produce
 // temporary credentials, see Requesting Temporary Security Credentials (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_request.html)
-// and Comparing the STS API operations (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_request.html#stsapi_comparison)
+// and Comparing the Amazon Web Services STS API operations (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_request.html#stsapi_comparison)
 // in the IAM User Guide.
 //
 // The temporary security credentials returned by this operation consist of
@@ -403,7 +411,7 @@ func (c *STS) AssumeRoleWithSAMLRequest(input *AssumeRoleWithSAMLInput) (req *re
 //
 //   You could receive this error even though you meet other defined session policy
 //   and session tag limits. For more information, see IAM and STS Entity Character
-//   Limits (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_enable-regions.html)
+//   Limits (https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_iam-quotas.html#reference_iam-limits-entity-length)
 //   in the IAM User Guide.
 //
 //   * ErrCodeIDPRejectedClaimException "IDPRejectedClaim"
@@ -523,7 +531,7 @@ func (c *STS) AssumeRoleWithWebIdentityRequest(input *AssumeRoleWithWebIdentityI
 // by using a token from the web identity provider. For a comparison of AssumeRoleWithWebIdentity
 // with the other API operations that produce temporary credentials, see Requesting
 // Temporary Security Credentials (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_request.html)
-// and Comparing the STS API operations (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_request.html#stsapi_comparison)
+// and Comparing the Amazon Web Services STS API operations (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_request.html#stsapi_comparison)
 // in the IAM User Guide.
 //
 // The temporary security credentials returned by this API consist of an access
@@ -661,7 +669,7 @@ func (c *STS) AssumeRoleWithWebIdentityRequest(input *AssumeRoleWithWebIdentityI
 //
 //   You could receive this error even though you meet other defined session policy
 //   and session tag limits. For more information, see IAM and STS Entity Character
-//   Limits (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_enable-regions.html)
+//   Limits (https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_iam-quotas.html#reference_iam-limits-entity-length)
 //   in the IAM User Guide.
 //
 //   * ErrCodeIDPRejectedClaimException "IDPRejectedClaim"
@@ -776,10 +784,11 @@ func (c *STS) DecodeAuthorizationMessageRequest(input *DecodeAuthorizationMessag
 // code.
 //
 // The message is encoded because the details of the authorization status can
-// constitute privileged information that the user who requested the operation
+// contain privileged information that the user who requested the operation
 // should not see. To decode an authorization status message, a user must be
-// granted permissions via an IAM policy to request the DecodeAuthorizationMessage
-// (sts:DecodeAuthorizationMessage) action.
+// granted permissions through an IAM policy (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies.html)
+// to request the DecodeAuthorizationMessage (sts:DecodeAuthorizationMessage)
+// action.
 //
 // The decoded message includes the following type of information:
 //
@@ -1065,7 +1074,7 @@ func (c *STS) GetFederationTokenRequest(input *GetFederationTokenInput) (req *re
 // For a comparison of GetFederationToken with the other API operations that
 // produce temporary credentials, see Requesting Temporary Security Credentials
 // (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_request.html)
-// and Comparing the STS API operations (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_request.html#stsapi_comparison)
+// and Comparing the Amazon Web Services STS API operations (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_request.html#stsapi_comparison)
 // in the IAM User Guide.
 //
 // You can create a mobile-based or browser-based app that can authenticate
@@ -1088,9 +1097,9 @@ func (c *STS) GetFederationTokenRequest(input *GetFederationTokenInput) (req *re
 //
 // The temporary credentials are valid for the specified duration, from 900
 // seconds (15 minutes) up to a maximum of 129,600 seconds (36 hours). The default
-// session duration is 43,200 seconds (12 hours). Temporary credentials that
-// are obtained by using Amazon Web Services account root user credentials have
-// a maximum duration of 3,600 seconds (1 hour).
+// session duration is 43,200 seconds (12 hours). Temporary credentials obtained
+// by using the Amazon Web Services account root user credentials have a maximum
+// duration of 3,600 seconds (1 hour).
 //
 // Permissions
 //
@@ -1141,63 +1150,6 @@ func (c *STS) GetFederationTokenRequest(input *GetFederationTokenInput) (req *re
 // (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_request.html#api_assumerolewithwebidentity)
 // in the IAM User Guide.
 //
-// You can also call GetFederationToken using the security credentials of an
-// Amazon Web Services account root user, but we do not recommend it. Instead,
-// we recommend that you create an IAM user for the purpose of the proxy application.
-// Then attach a policy to the IAM user that limits federated users to only
-// the actions and resources that they need to access. For more information,
-// see IAM Best Practices (https://docs.aws.amazon.com/IAM/latest/UserGuide/best-practices.html)
-// in the IAM User Guide.
-//
-// Session duration
-//
-// The temporary credentials are valid for the specified duration, from 900
-// seconds (15 minutes) up to a maximum of 129,600 seconds (36 hours). The default
-// session duration is 43,200 seconds (12 hours). Temporary credentials that
-// are obtained by using Amazon Web Services account root user credentials have
-// a maximum duration of 3,600 seconds (1 hour).
-//
-// Permissions
-//
-// You can use the temporary credentials created by GetFederationToken in any
-// Amazon Web Services service except the following:
-//
-//    * You cannot call any IAM operations using the CLI or the Amazon Web Services
-//    API.
-//
-//    * You cannot call any STS operations except GetCallerIdentity.
-//
-// You must pass an inline or managed session policy (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies.html#policies_session)
-// to this operation. You can pass a single JSON policy document to use as an
-// inline session policy. You can also specify up to 10 managed policies to
-// use as managed session policies. The plain text that you use for both inline
-// and managed session policies can't exceed 2,048 characters.
-//
-// Though the session policy parameters are optional, if you do not pass a policy,
-// then the resulting federated user session has no permissions. When you pass
-// session policies, the session permissions are the intersection of the IAM
-// user policies and the session policies that you pass. This gives you a way
-// to further restrict the permissions for a federated user. You cannot use
-// session policies to grant more permissions than those that are defined in
-// the permissions policy of the IAM user. For more information, see Session
-// Policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies.html#policies_session)
-// in the IAM User Guide. For information about using GetFederationToken to
-// create temporary security credentials, see GetFederationToken—Federation
-// Through a Custom Identity Broker (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_request.html#api_getfederationtoken).
-//
-// You can use the credentials to access a resource that has a resource-based
-// policy. If that policy specifically references the federated user session
-// in the Principal element of the policy, the session has the permissions allowed
-// by the policy. These permissions are granted in addition to the permissions
-// granted by the session policies.
-//
-// Tags
-//
-// (Optional) You can pass tag key-value pairs to your session. These are called
-// session tags. For more information about session tags, see Passing Session
-// Tags in STS (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_session-tags.html)
-// in the IAM User Guide.
-//
 // An administrator must grant you the permissions necessary to pass session
 // tags. The administrator can also create granular permissions to allow you
 // to pass only specific session tags. For more information, see Tutorial: Using
@@ -1234,7 +1186,7 @@ func (c *STS) GetFederationTokenRequest(input *GetFederationTokenInput) (req *re
 //
 //   You could receive this error even though you meet other defined session policy
 //   and session tag limits. For more information, see IAM and STS Entity Character
-//   Limits (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_enable-regions.html)
+//   Limits (https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_iam-quotas.html#reference_iam-limits-entity-length)
 //   in the IAM User Guide.
 //
 //   * ErrCodeRegionDisabledException "RegionDisabledException"
@@ -1323,7 +1275,7 @@ func (c *STS) GetSessionTokenRequest(input *GetSessionTokenInput) (req *request.
 // then the API returns an access denied error. For a comparison of GetSessionToken
 // with the other API operations that produce temporary credentials, see Requesting
 // Temporary Security Credentials (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_request.html)
-// and Comparing the STS API operations (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_request.html#stsapi_comparison)
+// and Comparing the Amazon Web Services STS API operations (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_request.html#stsapi_comparison)
 // in the IAM User Guide.
 //
 // Session Duration
@@ -1404,15 +1356,23 @@ func (c *STS) GetSessionTokenWithContext(ctx aws.Context, input *GetSessionToken
 type AssumeRoleInput struct {
 	_ struct{} `type:"structure"`
 
-	// The duration, in seconds, of the role session. The value specified can can
-	// range from 900 seconds (15 minutes) up to the maximum session duration that
-	// is set for the role. The maximum session duration setting can have a value
-	// from 1 hour to 12 hours. If you specify a value higher than this setting
-	// or the administrator setting (whichever is lower), the operation fails. For
-	// example, if you specify a session duration of 12 hours, but your administrator
-	// set the maximum session duration to 6 hours, your operation fails. To learn
-	// how to view the maximum value for your role, see View the Maximum Session
-	// Duration Setting for a Role (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_use.html#id_roles_use_view-role-max-session)
+	// The duration, in seconds, of the role session. The value specified can range
+	// from 900 seconds (15 minutes) up to the maximum session duration set for
+	// the role. The maximum session duration setting can have a value from 1 hour
+	// to 12 hours. If you specify a value higher than this setting or the administrator
+	// setting (whichever is lower), the operation fails. For example, if you specify
+	// a session duration of 12 hours, but your administrator set the maximum session
+	// duration to 6 hours, your operation fails.
+	//
+	// Role chaining limits your Amazon Web Services CLI or Amazon Web Services
+	// API role session to a maximum of one hour. When you use the AssumeRole API
+	// operation to assume a role, you can specify the duration of your role session
+	// with the DurationSeconds parameter. You can specify a parameter value of
+	// up to 43200 seconds (12 hours), depending on the maximum session duration
+	// setting for your role. However, if you assume a role using role chaining
+	// and provide a DurationSeconds parameter value greater than one hour, the
+	// operation fails. To learn how to view the maximum value for your role, see
+	// View the Maximum Session Duration Setting for a Role (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_use.html#id_roles_use_view-role-max-session)
 	// in the IAM User Guide.
 	//
 	// By default, the value is set to 3600 seconds.
@@ -1422,7 +1382,7 @@ type AssumeRoleInput struct {
 	// to the federation endpoint for a console sign-in token takes a SessionDuration
 	// parameter that specifies the maximum length of the console session. For more
 	// information, see Creating a URL that Enables Federated Users to Access the
-	// Management Console (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_providers_enable-console-custom-url.html)
+	// Amazon Web Services Management Console (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_providers_enable-console-custom-url.html)
 	// in the IAM User Guide.
 	DurationSeconds *int64 `min:"900" type:"integer"`
 
@@ -1548,7 +1508,7 @@ type AssumeRoleInput struct {
 
 	// A list of session tags that you want to pass. Each session tag consists of
 	// a key name and an associated value. For more information about session tags,
-	// see Tagging STS Sessions (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_session-tags.html)
+	// see Tagging Amazon Web Services STS Sessions (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_session-tags.html)
 	// in the IAM User Guide.
 	//
 	// This parameter is optional. You can pass up to 50 session tags. The plaintext
@@ -1858,7 +1818,7 @@ type AssumeRoleWithSAMLInput struct {
 	// to the federation endpoint for a console sign-in token takes a SessionDuration
 	// parameter that specifies the maximum length of the console session. For more
 	// information, see Creating a URL that Enables Federated Users to Access the
-	// Management Console (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_providers_enable-console-custom-url.html)
+	// Amazon Web Services Management Console (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_providers_enable-console-custom-url.html)
 	// in the IAM User Guide.
 	DurationSeconds *int64 `min:"900" type:"integer"`
 
@@ -2205,7 +2165,7 @@ type AssumeRoleWithWebIdentityInput struct {
 	// to the federation endpoint for a console sign-in token takes a SessionDuration
 	// parameter that specifies the maximum length of the console session. For more
 	// information, see Creating a URL that Enables Federated Users to Access the
-	// Management Console (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_providers_enable-console-custom-url.html)
+	// Amazon Web Services Management Console (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_providers_enable-console-custom-url.html)
 	// in the IAM User Guide.
 	DurationSeconds *int64 `min:"900" type:"integer"`
 
@@ -2705,7 +2665,7 @@ func (s *DecodeAuthorizationMessageInput) SetEncodedMessage(v string) *DecodeAut
 type DecodeAuthorizationMessageOutput struct {
 	_ struct{} `type:"structure"`
 
-	// An XML document that contains the decoded message.
+	// The API returns a response with the decoded message.
 	DecodedMessage *string `type:"string"`
 }
 
@@ -3237,8 +3197,8 @@ type GetSessionTokenInput struct {
 	// user has a policy that requires MFA authentication. The value is either the
 	// serial number for a hardware device (such as GAHT12345678) or an Amazon Resource
 	// Name (ARN) for a virtual device (such as arn:aws:iam::123456789012:mfa/user).
-	// You can find the device for an IAM user by going to the Management Console
-	// and viewing the user's security credentials.
+	// You can find the device for an IAM user by going to the Amazon Web Services
+	// Management Console and viewing the user's security credentials.
 	//
 	// The regex used to validate this parameter is a string of characters consisting
 	// of upper- and lower-case alphanumeric characters with no spaces. You can
@@ -3400,9 +3360,9 @@ func (s *PolicyDescriptorType) SetArn(v string) *PolicyDescriptorType {
 
 // You can pass custom key-value pair attributes when you assume a role or federate
 // a user. These are called session tags. You can then use the session tags
-// to control access to resources. For more information, see Tagging STS Sessions
-// (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_session-tags.html) in
-// the IAM User Guide.
+// to control access to resources. For more information, see Tagging Amazon
+// Web Services STS Sessions (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_session-tags.html)
+// in the IAM User Guide.
 type Tag struct {
 	_ struct{} `type:"structure"`
 
diff --git a/vendor/github.com/aws/aws-sdk-go/service/sts/errors.go b/vendor/github.com/aws/aws-sdk-go/service/sts/errors.go
index 7897d70c87a..b680bbd5d70 100644
--- a/vendor/github.com/aws/aws-sdk-go/service/sts/errors.go
+++ b/vendor/github.com/aws/aws-sdk-go/service/sts/errors.go
@@ -67,7 +67,7 @@ const (
 	//
 	// You could receive this error even though you meet other defined session policy
 	// and session tag limits. For more information, see IAM and STS Entity Character
-	// Limits (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_enable-regions.html)
+	// Limits (https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_iam-quotas.html#reference_iam-limits-entity-length)
 	// in the IAM User Guide.
 	ErrCodePackedPolicyTooLargeException = "PackedPolicyTooLarge"
 
diff --git a/vendor/github.com/cncf/udpa/go/LICENSE b/vendor/github.com/cncf/udpa/go/LICENSE
new file mode 100644
index 00000000000..261eeb9e9f8
--- /dev/null
+++ b/vendor/github.com/cncf/udpa/go/LICENSE
@@ -0,0 +1,201 @@
+                                 Apache License
+                           Version 2.0, January 2004
+                        http://www.apache.org/licenses/
+
+   TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION
+
+   1. Definitions.
+
+      "License" shall mean the terms and conditions for use, reproduction,
+      and distribution as defined by Sections 1 through 9 of this document.
+
+      "Licensor" shall mean the copyright owner or entity authorized by
+      the copyright owner that is granting the License.
+
+      "Legal Entity" shall mean the union of the acting entity and all
+      other entities that control, are controlled by, or are under common
+      control with that entity. For the purposes of this definition,
+      "control" means (i) the power, direct or indirect, to cause the
+      direction or management of such entity, whether by contract or
+      otherwise, or (ii) ownership of fifty percent (50%) or more of the
+      outstanding shares, or (iii) beneficial ownership of such entity.
+
+      "You" (or "Your") shall mean an individual or Legal Entity
+      exercising permissions granted by this License.
+
+      "Source" form shall mean the preferred form for making modifications,
+      including but not limited to software source code, documentation
+      source, and configuration files.
+
+      "Object" form shall mean any form resulting from mechanical
+      transformation or translation of a Source form, including but
+      not limited to compiled object code, generated documentation,
+      and conversions to other media types.
+
+      "Work" shall mean the work of authorship, whether in Source or
+      Object form, made available under the License, as indicated by a
+      copyright notice that is included in or attached to the work
+      (an example is provided in the Appendix below).
+
+      "Derivative Works" shall mean any work, whether in Source or Object
+      form, that is based on (or derived from) the Work and for which the
+      editorial revisions, annotations, elaborations, or other modifications
+      represent, as a whole, an original work of authorship. For the purposes
+      of this License, Derivative Works shall not include works that remain
+      separable from, or merely link (or bind by name) to the interfaces of,
+      the Work and Derivative Works thereof.
+
+      "Contribution" shall mean any work of authorship, including
+      the original version of the Work and any modifications or additions
+      to that Work or Derivative Works thereof, that is intentionally
+      submitted to Licensor for inclusion in the Work by the copyright owner
+      or by an individual or Legal Entity authorized to submit on behalf of
+      the copyright owner. For the purposes of this definition, "submitted"
+      means any form of electronic, verbal, or written communication sent
+      to the Licensor or its representatives, including but not limited to
+      communication on electronic mailing lists, source code control systems,
+      and issue tracking systems that are managed by, or on behalf of, the
+      Licensor for the purpose of discussing and improving the Work, but
+      excluding communication that is conspicuously marked or otherwise
+      designated in writing by the copyright owner as "Not a Contribution."
+
+      "Contributor" shall mean Licensor and any individual or Legal Entity
+      on behalf of whom a Contribution has been received by Licensor and
+      subsequently incorporated within the Work.
+
+   2. Grant of Copyright License. Subject to the terms and conditions of
+      this License, each Contributor hereby grants to You a perpetual,
+      worldwide, non-exclusive, no-charge, royalty-free, irrevocable
+      copyright license to reproduce, prepare Derivative Works of,
+      publicly display, publicly perform, sublicense, and distribute the
+      Work and such Derivative Works in Source or Object form.
+
+   3. Grant of Patent License. Subject to the terms and conditions of
+      this License, each Contributor hereby grants to You a perpetual,
+      worldwide, non-exclusive, no-charge, royalty-free, irrevocable
+      (except as stated in this section) patent license to make, have made,
+      use, offer to sell, sell, import, and otherwise transfer the Work,
+      where such license applies only to those patent claims licensable
+      by such Contributor that are necessarily infringed by their
+      Contribution(s) alone or by combination of their Contribution(s)
+      with the Work to which such Contribution(s) was submitted. If You
+      institute patent litigation against any entity (including a
+      cross-claim or counterclaim in a lawsuit) alleging that the Work
+      or a Contribution incorporated within the Work constitutes direct
+      or contributory patent infringement, then any patent licenses
+      granted to You under this License for that Work shall terminate
+      as of the date such litigation is filed.
+
+   4. Redistribution. You may reproduce and distribute copies of the
+      Work or Derivative Works thereof in any medium, with or without
+      modifications, and in Source or Object form, provided that You
+      meet the following conditions:
+
+      (a) You must give any other recipients of the Work or
+          Derivative Works a copy of this License; and
+
+      (b) You must cause any modified files to carry prominent notices
+          stating that You changed the files; and
+
+      (c) You must retain, in the Source form of any Derivative Works
+          that You distribute, all copyright, patent, trademark, and
+          attribution notices from the Source form of the Work,
+          excluding those notices that do not pertain to any part of
+          the Derivative Works; and
+
+      (d) If the Work includes a "NOTICE" text file as part of its
+          distribution, then any Derivative Works that You distribute must
+          include a readable copy of the attribution notices contained
+          within such NOTICE file, excluding those notices that do not
+          pertain to any part of the Derivative Works, in at least one
+          of the following places: within a NOTICE text file distributed
+          as part of the Derivative Works; within the Source form or
+          documentation, if provided along with the Derivative Works; or,
+          within a display generated by the Derivative Works, if and
+          wherever such third-party notices normally appear. The contents
+          of the NOTICE file are for informational purposes only and
+          do not modify the License. You may add Your own attribution
+          notices within Derivative Works that You distribute, alongside
+          or as an addendum to the NOTICE text from the Work, provided
+          that such additional attribution notices cannot be construed
+          as modifying the License.
+
+      You may add Your own copyright statement to Your modifications and
+      may provide additional or different license terms and conditions
+      for use, reproduction, or distribution of Your modifications, or
+      for any such Derivative Works as a whole, provided Your use,
+      reproduction, and distribution of the Work otherwise complies with
+      the conditions stated in this License.
+
+   5. Submission of Contributions. Unless You explicitly state otherwise,
+      any Contribution intentionally submitted for inclusion in the Work
+      by You to the Licensor shall be under the terms and conditions of
+      this License, without any additional terms or conditions.
+      Notwithstanding the above, nothing herein shall supersede or modify
+      the terms of any separate license agreement you may have executed
+      with Licensor regarding such Contributions.
+
+   6. Trademarks. This License does not grant permission to use the trade
+      names, trademarks, service marks, or product names of the Licensor,
+      except as required for reasonable and customary use in describing the
+      origin of the Work and reproducing the content of the NOTICE file.
+
+   7. Disclaimer of Warranty. Unless required by applicable law or
+      agreed to in writing, Licensor provides the Work (and each
+      Contributor provides its Contributions) on an "AS IS" BASIS,
+      WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
+      implied, including, without limitation, any warranties or conditions
+      of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A
+      PARTICULAR PURPOSE. You are solely responsible for determining the
+      appropriateness of using or redistributing the Work and assume any
+      risks associated with Your exercise of permissions under this License.
+
+   8. Limitation of Liability. In no event and under no legal theory,
+      whether in tort (including negligence), contract, or otherwise,
+      unless required by applicable law (such as deliberate and grossly
+      negligent acts) or agreed to in writing, shall any Contributor be
+      liable to You for damages, including any direct, indirect, special,
+      incidental, or consequential damages of any character arising as a
+      result of this License or out of the use or inability to use the
+      Work (including but not limited to damages for loss of goodwill,
+      work stoppage, computer failure or malfunction, or any and all
+      other commercial damages or losses), even if such Contributor
+      has been advised of the possibility of such damages.
+
+   9. Accepting Warranty or Additional Liability. While redistributing
+      the Work or Derivative Works thereof, You may choose to offer,
+      and charge a fee for, acceptance of support, warranty, indemnity,
+      or other liability obligations and/or rights consistent with this
+      License. However, in accepting such obligations, You may act only
+      on Your own behalf and on Your sole responsibility, not on behalf
+      of any other Contributor, and only if You agree to indemnify,
+      defend, and hold each Contributor harmless for any liability
+      incurred by, or claims asserted against, such Contributor by reason
+      of your accepting any such warranty or additional liability.
+
+   END OF TERMS AND CONDITIONS
+
+   APPENDIX: How to apply the Apache License to your work.
+
+      To apply the Apache License to your work, attach the following
+      boilerplate notice, with the fields enclosed by brackets "[]"
+      replaced with your own identifying information. (Don't include
+      the brackets!)  The text should be enclosed in the appropriate
+      comment syntax for the file format. We also recommend that a
+      file or class name and description of purpose be included on the
+      same "printed page" as the copyright notice for easier
+      identification within third-party archives.
+
+   Copyright [yyyy] [name of copyright owner]
+
+   Licensed under the Apache License, Version 2.0 (the "License");
+   you may not use this file except in compliance with the License.
+   You may obtain a copy of the License at
+
+       http://www.apache.org/licenses/LICENSE-2.0
+
+   Unless required by applicable law or agreed to in writing, software
+   distributed under the License is distributed on an "AS IS" BASIS,
+   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+   See the License for the specific language governing permissions and
+   limitations under the License.
diff --git a/vendor/github.com/cncf/udpa/go/udpa/data/orca/v1/orca_load_report.pb.go b/vendor/github.com/cncf/udpa/go/udpa/data/orca/v1/orca_load_report.pb.go
new file mode 100644
index 00000000000..9a202e7a0b7
--- /dev/null
+++ b/vendor/github.com/cncf/udpa/go/udpa/data/orca/v1/orca_load_report.pb.go
@@ -0,0 +1,129 @@
+// Code generated by protoc-gen-go. DO NOT EDIT.
+// source: udpa/data/orca/v1/orca_load_report.proto
+
+package udpa_data_orca_v1
+
+import (
+	fmt "fmt"
+	_ "github.com/envoyproxy/protoc-gen-validate/validate"
+	proto "github.com/golang/protobuf/proto"
+	math "math"
+)
+
+// Reference imports to suppress errors if they are not otherwise used.
+var _ = proto.Marshal
+var _ = fmt.Errorf
+var _ = math.Inf
+
+// This is a compile-time assertion to ensure that this generated file
+// is compatible with the proto package it is being compiled against.
+// A compilation error at this line likely means your copy of the
+// proto package needs to be updated.
+const _ = proto.ProtoPackageIsVersion3 // please upgrade the proto package
+
+type OrcaLoadReport struct {
+	CpuUtilization       float64            `protobuf:"fixed64,1,opt,name=cpu_utilization,json=cpuUtilization,proto3" json:"cpu_utilization,omitempty"`
+	MemUtilization       float64            `protobuf:"fixed64,2,opt,name=mem_utilization,json=memUtilization,proto3" json:"mem_utilization,omitempty"`
+	Rps                  uint64             `protobuf:"varint,3,opt,name=rps,proto3" json:"rps,omitempty"`
+	RequestCost          map[string]float64 `protobuf:"bytes,4,rep,name=request_cost,json=requestCost,proto3" json:"request_cost,omitempty" protobuf_key:"bytes,1,opt,name=key,proto3" protobuf_val:"fixed64,2,opt,name=value,proto3"`
+	Utilization          map[string]float64 `protobuf:"bytes,5,rep,name=utilization,proto3" json:"utilization,omitempty" protobuf_key:"bytes,1,opt,name=key,proto3" protobuf_val:"fixed64,2,opt,name=value,proto3"`
+	XXX_NoUnkeyedLiteral struct{}           `json:"-"`
+	XXX_unrecognized     []byte             `json:"-"`
+	XXX_sizecache        int32              `json:"-"`
+}
+
+func (m *OrcaLoadReport) Reset()         { *m = OrcaLoadReport{} }
+func (m *OrcaLoadReport) String() string { return proto.CompactTextString(m) }
+func (*OrcaLoadReport) ProtoMessage()    {}
+func (*OrcaLoadReport) Descriptor() ([]byte, []int) {
+	return fileDescriptor_27edb21f16098bf0, []int{0}
+}
+
+func (m *OrcaLoadReport) XXX_Unmarshal(b []byte) error {
+	return xxx_messageInfo_OrcaLoadReport.Unmarshal(m, b)
+}
+func (m *OrcaLoadReport) XXX_Marshal(b []byte, deterministic bool) ([]byte, error) {
+	return xxx_messageInfo_OrcaLoadReport.Marshal(b, m, deterministic)
+}
+func (m *OrcaLoadReport) XXX_Merge(src proto.Message) {
+	xxx_messageInfo_OrcaLoadReport.Merge(m, src)
+}
+func (m *OrcaLoadReport) XXX_Size() int {
+	return xxx_messageInfo_OrcaLoadReport.Size(m)
+}
+func (m *OrcaLoadReport) XXX_DiscardUnknown() {
+	xxx_messageInfo_OrcaLoadReport.DiscardUnknown(m)
+}
+
+var xxx_messageInfo_OrcaLoadReport proto.InternalMessageInfo
+
+func (m *OrcaLoadReport) GetCpuUtilization() float64 {
+	if m != nil {
+		return m.CpuUtilization
+	}
+	return 0
+}
+
+func (m *OrcaLoadReport) GetMemUtilization() float64 {
+	if m != nil {
+		return m.MemUtilization
+	}
+	return 0
+}
+
+func (m *OrcaLoadReport) GetRps() uint64 {
+	if m != nil {
+		return m.Rps
+	}
+	return 0
+}
+
+func (m *OrcaLoadReport) GetRequestCost() map[string]float64 {
+	if m != nil {
+		return m.RequestCost
+	}
+	return nil
+}
+
+func (m *OrcaLoadReport) GetUtilization() map[string]float64 {
+	if m != nil {
+		return m.Utilization
+	}
+	return nil
+}
+
+func init() {
+	proto.RegisterType((*OrcaLoadReport)(nil), "udpa.data.orca.v1.OrcaLoadReport")
+	proto.RegisterMapType((map[string]float64)(nil), "udpa.data.orca.v1.OrcaLoadReport.RequestCostEntry")
+	proto.RegisterMapType((map[string]float64)(nil), "udpa.data.orca.v1.OrcaLoadReport.UtilizationEntry")
+}
+
+func init() {
+	proto.RegisterFile("udpa/data/orca/v1/orca_load_report.proto", fileDescriptor_27edb21f16098bf0)
+}
+
+var fileDescriptor_27edb21f16098bf0 = []byte{
+	// 341 bytes of a gzipped FileDescriptorProto
+	0x1f, 0x8b, 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0xff, 0x94, 0x92, 0x4f, 0x4b, 0xfb, 0x30,
+	0x1c, 0xc6, 0x7f, 0xd9, 0x9f, 0x1f, 0x2c, 0xd5, 0x39, 0xab, 0xe0, 0x1c, 0x1e, 0xa6, 0x07, 0xa9,
+	0x1e, 0x52, 0x36, 0x2f, 0xb2, 0x83, 0x42, 0x65, 0x37, 0xc1, 0x11, 0xd8, 0xb9, 0x64, 0x6d, 0xd0,
+	0x62, 0xbb, 0xc4, 0x34, 0x29, 0x4c, 0xbc, 0xfa, 0x26, 0x7c, 0x95, 0x9e, 0x77, 0x92, 0x24, 0x8e,
+	0xb5, 0xdb, 0x65, 0xf6, 0xd2, 0x6f, 0xc2, 0xf3, 0x3c, 0x79, 0x3e, 0x21, 0xd0, 0x53, 0x31, 0x27,
+	0x7e, 0x4c, 0x24, 0xf1, 0x99, 0x88, 0x88, 0x5f, 0x0c, 0xcc, 0x3f, 0x4c, 0x19, 0x89, 0x43, 0x41,
+	0x39, 0x13, 0x12, 0x71, 0xc1, 0x24, 0x73, 0x0f, 0xb5, 0x12, 0x69, 0x25, 0xd2, 0x0a, 0x54, 0x0c,
+	0x7a, 0x27, 0x05, 0x49, 0x93, 0x98, 0x48, 0xea, 0xaf, 0x06, 0xab, 0xbd, 0xf8, 0x6c, 0xc0, 0xf6,
+	0x93, 0x88, 0xc8, 0x23, 0x23, 0x31, 0x36, 0x21, 0xee, 0x18, 0x1e, 0x44, 0x5c, 0x85, 0x4a, 0x26,
+	0x69, 0xf2, 0x4e, 0x64, 0xc2, 0xe6, 0x5d, 0xd0, 0x07, 0x1e, 0x08, 0xce, 0x96, 0x81, 0xe3, 0xb6,
+	0xae, 0xfe, 0xfd, 0x7e, 0x66, 0x75, 0x6a, 0xe7, 0xef, 0x7b, 0xdc, 0x8e, 0xb8, 0x9a, 0xae, 0x3d,
+	0x3a, 0x26, 0xa3, 0x59, 0x25, 0xa6, 0xb6, 0x4b, 0x4c, 0x46, 0xb3, 0x72, 0x4c, 0x07, 0xd6, 0x05,
+	0xcf, 0xbb, 0xf5, 0x3e, 0xf0, 0x1a, 0x58, 0x8f, 0xee, 0x14, 0xee, 0x09, 0xfa, 0xa6, 0x68, 0x2e,
+	0xc3, 0x88, 0xe5, 0xb2, 0xdb, 0xe8, 0xd7, 0x3d, 0x67, 0x38, 0x44, 0x5b, 0xd4, 0xa8, 0x0a, 0x86,
+	0xb0, 0x75, 0x3d, 0xb0, 0x5c, 0x8e, 0xe7, 0x52, 0x2c, 0xb0, 0x23, 0xd6, 0x3b, 0xee, 0x07, 0x74,
+	0xca, 0x5d, 0x9b, 0xbb, 0xa6, 0x96, 0xca, 0x9a, 0xd4, 0xe0, 0x72, 0x19, 0x74, 0xbe, 0xc0, 0xfe,
+	0x75, 0x15, 0x72, 0xb5, 0xb5, 0x26, 0x2d, 0x1f, 0xd7, 0xbb, 0x83, 0x9d, 0xcd, 0x7a, 0x1a, 0xfd,
+	0x95, 0x2e, 0xcc, 0xe5, 0xb7, 0xb0, 0x1e, 0xdd, 0x63, 0xd8, 0x2c, 0x48, 0xaa, 0xa8, 0xbd, 0x49,
+	0x6c, 0x17, 0xa3, 0xda, 0x2d, 0xd0, 0xfe, 0xcd, 0x22, 0x7f, 0xf1, 0x07, 0x23, 0x78, 0x1e, 0xb1,
+	0x0c, 0x3d, 0x27, 0xf2, 0x45, 0xcd, 0x2c, 0xf4, 0x16, 0x79, 0x70, 0x54, 0x45, 0x9f, 0xe8, 0x17,
+	0x34, 0x01, 0xb3, 0xff, 0xe6, 0x29, 0xdd, 0xfc, 0x04, 0x00, 0x00, 0xff, 0xff, 0x71, 0x13, 0xd1,
+	0xd4, 0xa2, 0x02, 0x00, 0x00,
+}
diff --git a/vendor/github.com/cncf/udpa/go/udpa/data/orca/v1/orca_load_report.pb.validate.go b/vendor/github.com/cncf/udpa/go/udpa/data/orca/v1/orca_load_report.pb.validate.go
new file mode 100644
index 00000000000..7d83fd91e10
--- /dev/null
+++ b/vendor/github.com/cncf/udpa/go/udpa/data/orca/v1/orca_load_report.pb.validate.go
@@ -0,0 +1,134 @@
+// Code generated by protoc-gen-validate. DO NOT EDIT.
+// source: udpa/data/orca/v1/orca_load_report.proto
+
+package udpa_data_orca_v1
+
+import (
+	"bytes"
+	"errors"
+	"fmt"
+	"net"
+	"net/mail"
+	"net/url"
+	"regexp"
+	"strings"
+	"time"
+	"unicode/utf8"
+
+	"github.com/golang/protobuf/ptypes"
+)
+
+// ensure the imports are used
+var (
+	_ = bytes.MinRead
+	_ = errors.New("")
+	_ = fmt.Print
+	_ = utf8.UTFMax
+	_ = (*regexp.Regexp)(nil)
+	_ = (*strings.Reader)(nil)
+	_ = net.IPv4len
+	_ = time.Duration(0)
+	_ = (*url.URL)(nil)
+	_ = (*mail.Address)(nil)
+	_ = ptypes.DynamicAny{}
+)
+
+// define the regex for a UUID once up-front
+var _orca_load_report_uuidPattern = regexp.MustCompile("^[0-9a-fA-F]{8}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{12}$")
+
+// Validate checks the field values on OrcaLoadReport with the rules defined in
+// the proto definition for this message. If any rules are violated, an error
+// is returned.
+func (m *OrcaLoadReport) Validate() error {
+	if m == nil {
+		return nil
+	}
+
+	if m.GetCpuUtilization() > 1 {
+		return OrcaLoadReportValidationError{
+			field:  "CpuUtilization",
+			reason: "value must be less than or equal to 1",
+		}
+	}
+
+	if m.GetMemUtilization() > 1 {
+		return OrcaLoadReportValidationError{
+			field:  "MemUtilization",
+			reason: "value must be less than or equal to 1",
+		}
+	}
+
+	// no validation rules for Rps
+
+	// no validation rules for RequestCost
+
+	for key, val := range m.GetUtilization() {
+		_ = val
+
+		// no validation rules for Utilization[key]
+
+		if val > 1 {
+			return OrcaLoadReportValidationError{
+				field:  fmt.Sprintf("Utilization[%v]", key),
+				reason: "value must be less than or equal to 1",
+			}
+		}
+
+	}
+
+	return nil
+}
+
+// OrcaLoadReportValidationError is the validation error returned by
+// OrcaLoadReport.Validate if the designated constraints aren't met.
+type OrcaLoadReportValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e OrcaLoadReportValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e OrcaLoadReportValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e OrcaLoadReportValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e OrcaLoadReportValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e OrcaLoadReportValidationError) ErrorName() string { return "OrcaLoadReportValidationError" }
+
+// Error satisfies the builtin error interface
+func (e OrcaLoadReportValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sOrcaLoadReport.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = OrcaLoadReportValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = OrcaLoadReportValidationError{}
diff --git a/vendor/github.com/cncf/udpa/go/udpa/type/v1/typed_struct.pb.go b/vendor/github.com/cncf/udpa/go/udpa/type/v1/typed_struct.pb.go
new file mode 100644
index 00000000000..cb55b16e0c5
--- /dev/null
+++ b/vendor/github.com/cncf/udpa/go/udpa/type/v1/typed_struct.pb.go
@@ -0,0 +1,92 @@
+// Code generated by protoc-gen-go. DO NOT EDIT.
+// source: udpa/type/v1/typed_struct.proto
+
+package udpa_type_v1
+
+import (
+	fmt "fmt"
+	_ "github.com/envoyproxy/protoc-gen-validate/validate"
+	proto "github.com/golang/protobuf/proto"
+	_struct "github.com/golang/protobuf/ptypes/struct"
+	math "math"
+)
+
+// Reference imports to suppress errors if they are not otherwise used.
+var _ = proto.Marshal
+var _ = fmt.Errorf
+var _ = math.Inf
+
+// This is a compile-time assertion to ensure that this generated file
+// is compatible with the proto package it is being compiled against.
+// A compilation error at this line likely means your copy of the
+// proto package needs to be updated.
+const _ = proto.ProtoPackageIsVersion3 // please upgrade the proto package
+
+type TypedStruct struct {
+	TypeUrl              string          `protobuf:"bytes,1,opt,name=type_url,json=typeUrl,proto3" json:"type_url,omitempty"`
+	Value                *_struct.Struct `protobuf:"bytes,2,opt,name=value,proto3" json:"value,omitempty"`
+	XXX_NoUnkeyedLiteral struct{}        `json:"-"`
+	XXX_unrecognized     []byte          `json:"-"`
+	XXX_sizecache        int32           `json:"-"`
+}
+
+func (m *TypedStruct) Reset()         { *m = TypedStruct{} }
+func (m *TypedStruct) String() string { return proto.CompactTextString(m) }
+func (*TypedStruct) ProtoMessage()    {}
+func (*TypedStruct) Descriptor() ([]byte, []int) {
+	return fileDescriptor_098110268becad8a, []int{0}
+}
+
+func (m *TypedStruct) XXX_Unmarshal(b []byte) error {
+	return xxx_messageInfo_TypedStruct.Unmarshal(m, b)
+}
+func (m *TypedStruct) XXX_Marshal(b []byte, deterministic bool) ([]byte, error) {
+	return xxx_messageInfo_TypedStruct.Marshal(b, m, deterministic)
+}
+func (m *TypedStruct) XXX_Merge(src proto.Message) {
+	xxx_messageInfo_TypedStruct.Merge(m, src)
+}
+func (m *TypedStruct) XXX_Size() int {
+	return xxx_messageInfo_TypedStruct.Size(m)
+}
+func (m *TypedStruct) XXX_DiscardUnknown() {
+	xxx_messageInfo_TypedStruct.DiscardUnknown(m)
+}
+
+var xxx_messageInfo_TypedStruct proto.InternalMessageInfo
+
+func (m *TypedStruct) GetTypeUrl() string {
+	if m != nil {
+		return m.TypeUrl
+	}
+	return ""
+}
+
+func (m *TypedStruct) GetValue() *_struct.Struct {
+	if m != nil {
+		return m.Value
+	}
+	return nil
+}
+
+func init() {
+	proto.RegisterType((*TypedStruct)(nil), "udpa.type.v1.TypedStruct")
+}
+
+func init() { proto.RegisterFile("udpa/type/v1/typed_struct.proto", fileDescriptor_098110268becad8a) }
+
+var fileDescriptor_098110268becad8a = []byte{
+	// 192 bytes of a gzipped FileDescriptorProto
+	0x1f, 0x8b, 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0xff, 0xe2, 0x92, 0x2f, 0x4d, 0x29, 0x48,
+	0xd4, 0x2f, 0xa9, 0x2c, 0x48, 0xd5, 0x2f, 0x33, 0x04, 0xd3, 0x29, 0xf1, 0xc5, 0x25, 0x45, 0xa5,
+	0xc9, 0x25, 0x7a, 0x05, 0x45, 0xf9, 0x25, 0xf9, 0x42, 0x3c, 0x20, 0x05, 0x7a, 0x20, 0x09, 0xbd,
+	0x32, 0x43, 0x29, 0xf1, 0xb2, 0xc4, 0x9c, 0xcc, 0x94, 0xc4, 0x92, 0x54, 0x7d, 0x18, 0x03, 0xa2,
+	0x4c, 0x4a, 0x26, 0x3d, 0x3f, 0x3f, 0x3d, 0x27, 0x55, 0x1f, 0xcc, 0x4b, 0x2a, 0x4d, 0xd3, 0x47,
+	0x36, 0x44, 0x29, 0x9c, 0x8b, 0x3b, 0x04, 0x64, 0x74, 0x30, 0x58, 0x50, 0x48, 0x92, 0x8b, 0x03,
+	0x64, 0x60, 0x7c, 0x69, 0x51, 0x8e, 0x04, 0xa3, 0x02, 0xa3, 0x06, 0x67, 0x10, 0x3b, 0x88, 0x1f,
+	0x5a, 0x94, 0x23, 0xa4, 0xcb, 0xc5, 0x5a, 0x96, 0x98, 0x53, 0x9a, 0x2a, 0xc1, 0xa4, 0xc0, 0xa8,
+	0xc1, 0x6d, 0x24, 0xae, 0x07, 0x31, 0x57, 0x0f, 0x66, 0xae, 0x1e, 0xc4, 0x88, 0x20, 0x88, 0x2a,
+	0x27, 0x23, 0x2e, 0x99, 0xe4, 0xfc, 0x5c, 0xbd, 0xf4, 0xcc, 0x92, 0x8c, 0xd2, 0x24, 0x3d, 0xb0,
+	0x53, 0x91, 0xdd, 0xeb, 0x24, 0x80, 0x64, 0x6d, 0x00, 0xc8, 0x88, 0x00, 0xc6, 0x24, 0x36, 0xb0,
+	0x59, 0xc6, 0x80, 0x00, 0x00, 0x00, 0xff, 0xff, 0x68, 0x7c, 0xa9, 0xb5, 0xfb, 0x00, 0x00, 0x00,
+}
diff --git a/vendor/github.com/cncf/udpa/go/udpa/type/v1/typed_struct.pb.validate.go b/vendor/github.com/cncf/udpa/go/udpa/type/v1/typed_struct.pb.validate.go
new file mode 100644
index 00000000000..212c1492e9f
--- /dev/null
+++ b/vendor/github.com/cncf/udpa/go/udpa/type/v1/typed_struct.pb.validate.go
@@ -0,0 +1,114 @@
+// Code generated by protoc-gen-validate. DO NOT EDIT.
+// source: udpa/type/v1/typed_struct.proto
+
+package udpa_type_v1
+
+import (
+	"bytes"
+	"errors"
+	"fmt"
+	"net"
+	"net/mail"
+	"net/url"
+	"regexp"
+	"strings"
+	"time"
+	"unicode/utf8"
+
+	"github.com/golang/protobuf/ptypes"
+)
+
+// ensure the imports are used
+var (
+	_ = bytes.MinRead
+	_ = errors.New("")
+	_ = fmt.Print
+	_ = utf8.UTFMax
+	_ = (*regexp.Regexp)(nil)
+	_ = (*strings.Reader)(nil)
+	_ = net.IPv4len
+	_ = time.Duration(0)
+	_ = (*url.URL)(nil)
+	_ = (*mail.Address)(nil)
+	_ = ptypes.DynamicAny{}
+)
+
+// define the regex for a UUID once up-front
+var _typed_struct_uuidPattern = regexp.MustCompile("^[0-9a-fA-F]{8}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{12}$")
+
+// Validate checks the field values on TypedStruct with the rules defined in
+// the proto definition for this message. If any rules are violated, an error
+// is returned.
+func (m *TypedStruct) Validate() error {
+	if m == nil {
+		return nil
+	}
+
+	// no validation rules for TypeUrl
+
+	if v, ok := interface{}(m.GetValue()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return TypedStructValidationError{
+				field:  "Value",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	return nil
+}
+
+// TypedStructValidationError is the validation error returned by
+// TypedStruct.Validate if the designated constraints aren't met.
+type TypedStructValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e TypedStructValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e TypedStructValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e TypedStructValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e TypedStructValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e TypedStructValidationError) ErrorName() string { return "TypedStructValidationError" }
+
+// Error satisfies the builtin error interface
+func (e TypedStructValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sTypedStruct.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = TypedStructValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = TypedStructValidationError{}
diff --git a/vendor/github.com/cncf/xds/go/LICENSE b/vendor/github.com/cncf/xds/go/LICENSE
new file mode 100644
index 00000000000..261eeb9e9f8
--- /dev/null
+++ b/vendor/github.com/cncf/xds/go/LICENSE
@@ -0,0 +1,201 @@
+                                 Apache License
+                           Version 2.0, January 2004
+                        http://www.apache.org/licenses/
+
+   TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION
+
+   1. Definitions.
+
+      "License" shall mean the terms and conditions for use, reproduction,
+      and distribution as defined by Sections 1 through 9 of this document.
+
+      "Licensor" shall mean the copyright owner or entity authorized by
+      the copyright owner that is granting the License.
+
+      "Legal Entity" shall mean the union of the acting entity and all
+      other entities that control, are controlled by, or are under common
+      control with that entity. For the purposes of this definition,
+      "control" means (i) the power, direct or indirect, to cause the
+      direction or management of such entity, whether by contract or
+      otherwise, or (ii) ownership of fifty percent (50%) or more of the
+      outstanding shares, or (iii) beneficial ownership of such entity.
+
+      "You" (or "Your") shall mean an individual or Legal Entity
+      exercising permissions granted by this License.
+
+      "Source" form shall mean the preferred form for making modifications,
+      including but not limited to software source code, documentation
+      source, and configuration files.
+
+      "Object" form shall mean any form resulting from mechanical
+      transformation or translation of a Source form, including but
+      not limited to compiled object code, generated documentation,
+      and conversions to other media types.
+
+      "Work" shall mean the work of authorship, whether in Source or
+      Object form, made available under the License, as indicated by a
+      copyright notice that is included in or attached to the work
+      (an example is provided in the Appendix below).
+
+      "Derivative Works" shall mean any work, whether in Source or Object
+      form, that is based on (or derived from) the Work and for which the
+      editorial revisions, annotations, elaborations, or other modifications
+      represent, as a whole, an original work of authorship. For the purposes
+      of this License, Derivative Works shall not include works that remain
+      separable from, or merely link (or bind by name) to the interfaces of,
+      the Work and Derivative Works thereof.
+
+      "Contribution" shall mean any work of authorship, including
+      the original version of the Work and any modifications or additions
+      to that Work or Derivative Works thereof, that is intentionally
+      submitted to Licensor for inclusion in the Work by the copyright owner
+      or by an individual or Legal Entity authorized to submit on behalf of
+      the copyright owner. For the purposes of this definition, "submitted"
+      means any form of electronic, verbal, or written communication sent
+      to the Licensor or its representatives, including but not limited to
+      communication on electronic mailing lists, source code control systems,
+      and issue tracking systems that are managed by, or on behalf of, the
+      Licensor for the purpose of discussing and improving the Work, but
+      excluding communication that is conspicuously marked or otherwise
+      designated in writing by the copyright owner as "Not a Contribution."
+
+      "Contributor" shall mean Licensor and any individual or Legal Entity
+      on behalf of whom a Contribution has been received by Licensor and
+      subsequently incorporated within the Work.
+
+   2. Grant of Copyright License. Subject to the terms and conditions of
+      this License, each Contributor hereby grants to You a perpetual,
+      worldwide, non-exclusive, no-charge, royalty-free, irrevocable
+      copyright license to reproduce, prepare Derivative Works of,
+      publicly display, publicly perform, sublicense, and distribute the
+      Work and such Derivative Works in Source or Object form.
+
+   3. Grant of Patent License. Subject to the terms and conditions of
+      this License, each Contributor hereby grants to You a perpetual,
+      worldwide, non-exclusive, no-charge, royalty-free, irrevocable
+      (except as stated in this section) patent license to make, have made,
+      use, offer to sell, sell, import, and otherwise transfer the Work,
+      where such license applies only to those patent claims licensable
+      by such Contributor that are necessarily infringed by their
+      Contribution(s) alone or by combination of their Contribution(s)
+      with the Work to which such Contribution(s) was submitted. If You
+      institute patent litigation against any entity (including a
+      cross-claim or counterclaim in a lawsuit) alleging that the Work
+      or a Contribution incorporated within the Work constitutes direct
+      or contributory patent infringement, then any patent licenses
+      granted to You under this License for that Work shall terminate
+      as of the date such litigation is filed.
+
+   4. Redistribution. You may reproduce and distribute copies of the
+      Work or Derivative Works thereof in any medium, with or without
+      modifications, and in Source or Object form, provided that You
+      meet the following conditions:
+
+      (a) You must give any other recipients of the Work or
+          Derivative Works a copy of this License; and
+
+      (b) You must cause any modified files to carry prominent notices
+          stating that You changed the files; and
+
+      (c) You must retain, in the Source form of any Derivative Works
+          that You distribute, all copyright, patent, trademark, and
+          attribution notices from the Source form of the Work,
+          excluding those notices that do not pertain to any part of
+          the Derivative Works; and
+
+      (d) If the Work includes a "NOTICE" text file as part of its
+          distribution, then any Derivative Works that You distribute must
+          include a readable copy of the attribution notices contained
+          within such NOTICE file, excluding those notices that do not
+          pertain to any part of the Derivative Works, in at least one
+          of the following places: within a NOTICE text file distributed
+          as part of the Derivative Works; within the Source form or
+          documentation, if provided along with the Derivative Works; or,
+          within a display generated by the Derivative Works, if and
+          wherever such third-party notices normally appear. The contents
+          of the NOTICE file are for informational purposes only and
+          do not modify the License. You may add Your own attribution
+          notices within Derivative Works that You distribute, alongside
+          or as an addendum to the NOTICE text from the Work, provided
+          that such additional attribution notices cannot be construed
+          as modifying the License.
+
+      You may add Your own copyright statement to Your modifications and
+      may provide additional or different license terms and conditions
+      for use, reproduction, or distribution of Your modifications, or
+      for any such Derivative Works as a whole, provided Your use,
+      reproduction, and distribution of the Work otherwise complies with
+      the conditions stated in this License.
+
+   5. Submission of Contributions. Unless You explicitly state otherwise,
+      any Contribution intentionally submitted for inclusion in the Work
+      by You to the Licensor shall be under the terms and conditions of
+      this License, without any additional terms or conditions.
+      Notwithstanding the above, nothing herein shall supersede or modify
+      the terms of any separate license agreement you may have executed
+      with Licensor regarding such Contributions.
+
+   6. Trademarks. This License does not grant permission to use the trade
+      names, trademarks, service marks, or product names of the Licensor,
+      except as required for reasonable and customary use in describing the
+      origin of the Work and reproducing the content of the NOTICE file.
+
+   7. Disclaimer of Warranty. Unless required by applicable law or
+      agreed to in writing, Licensor provides the Work (and each
+      Contributor provides its Contributions) on an "AS IS" BASIS,
+      WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
+      implied, including, without limitation, any warranties or conditions
+      of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A
+      PARTICULAR PURPOSE. You are solely responsible for determining the
+      appropriateness of using or redistributing the Work and assume any
+      risks associated with Your exercise of permissions under this License.
+
+   8. Limitation of Liability. In no event and under no legal theory,
+      whether in tort (including negligence), contract, or otherwise,
+      unless required by applicable law (such as deliberate and grossly
+      negligent acts) or agreed to in writing, shall any Contributor be
+      liable to You for damages, including any direct, indirect, special,
+      incidental, or consequential damages of any character arising as a
+      result of this License or out of the use or inability to use the
+      Work (including but not limited to damages for loss of goodwill,
+      work stoppage, computer failure or malfunction, or any and all
+      other commercial damages or losses), even if such Contributor
+      has been advised of the possibility of such damages.
+
+   9. Accepting Warranty or Additional Liability. While redistributing
+      the Work or Derivative Works thereof, You may choose to offer,
+      and charge a fee for, acceptance of support, warranty, indemnity,
+      or other liability obligations and/or rights consistent with this
+      License. However, in accepting such obligations, You may act only
+      on Your own behalf and on Your sole responsibility, not on behalf
+      of any other Contributor, and only if You agree to indemnify,
+      defend, and hold each Contributor harmless for any liability
+      incurred by, or claims asserted against, such Contributor by reason
+      of your accepting any such warranty or additional liability.
+
+   END OF TERMS AND CONDITIONS
+
+   APPENDIX: How to apply the Apache License to your work.
+
+      To apply the Apache License to your work, attach the following
+      boilerplate notice, with the fields enclosed by brackets "[]"
+      replaced with your own identifying information. (Don't include
+      the brackets!)  The text should be enclosed in the appropriate
+      comment syntax for the file format. We also recommend that a
+      file or class name and description of purpose be included on the
+      same "printed page" as the copyright notice for easier
+      identification within third-party archives.
+
+   Copyright [yyyy] [name of copyright owner]
+
+   Licensed under the Apache License, Version 2.0 (the "License");
+   you may not use this file except in compliance with the License.
+   You may obtain a copy of the License at
+
+       http://www.apache.org/licenses/LICENSE-2.0
+
+   Unless required by applicable law or agreed to in writing, software
+   distributed under the License is distributed on an "AS IS" BASIS,
+   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+   See the License for the specific language governing permissions and
+   limitations under the License.
diff --git a/vendor/github.com/cncf/xds/go/udpa/annotations/migrate.pb.go b/vendor/github.com/cncf/xds/go/udpa/annotations/migrate.pb.go
new file mode 100644
index 00000000000..46fb820cfbd
--- /dev/null
+++ b/vendor/github.com/cncf/xds/go/udpa/annotations/migrate.pb.go
@@ -0,0 +1,415 @@
+// Code generated by protoc-gen-go. DO NOT EDIT.
+// versions:
+// 	protoc-gen-go v1.25.0
+// 	protoc        v3.18.0
+// source: udpa/annotations/migrate.proto
+
+package annotations
+
+import (
+	proto "github.com/golang/protobuf/proto"
+	protoreflect "google.golang.org/protobuf/reflect/protoreflect"
+	protoimpl "google.golang.org/protobuf/runtime/protoimpl"
+	descriptorpb "google.golang.org/protobuf/types/descriptorpb"
+	reflect "reflect"
+	sync "sync"
+)
+
+const (
+	// Verify that this generated code is sufficiently up-to-date.
+	_ = protoimpl.EnforceVersion(20 - protoimpl.MinVersion)
+	// Verify that runtime/protoimpl is sufficiently up-to-date.
+	_ = protoimpl.EnforceVersion(protoimpl.MaxVersion - 20)
+)
+
+// This is a compile-time assertion that a sufficiently up-to-date version
+// of the legacy proto package is being used.
+const _ = proto.ProtoPackageIsVersion4
+
+type MigrateAnnotation struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	Rename string `protobuf:"bytes,1,opt,name=rename,proto3" json:"rename,omitempty"`
+}
+
+func (x *MigrateAnnotation) Reset() {
+	*x = MigrateAnnotation{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_udpa_annotations_migrate_proto_msgTypes[0]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *MigrateAnnotation) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*MigrateAnnotation) ProtoMessage() {}
+
+func (x *MigrateAnnotation) ProtoReflect() protoreflect.Message {
+	mi := &file_udpa_annotations_migrate_proto_msgTypes[0]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use MigrateAnnotation.ProtoReflect.Descriptor instead.
+func (*MigrateAnnotation) Descriptor() ([]byte, []int) {
+	return file_udpa_annotations_migrate_proto_rawDescGZIP(), []int{0}
+}
+
+func (x *MigrateAnnotation) GetRename() string {
+	if x != nil {
+		return x.Rename
+	}
+	return ""
+}
+
+type FieldMigrateAnnotation struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	Rename         string `protobuf:"bytes,1,opt,name=rename,proto3" json:"rename,omitempty"`
+	OneofPromotion string `protobuf:"bytes,2,opt,name=oneof_promotion,json=oneofPromotion,proto3" json:"oneof_promotion,omitempty"`
+}
+
+func (x *FieldMigrateAnnotation) Reset() {
+	*x = FieldMigrateAnnotation{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_udpa_annotations_migrate_proto_msgTypes[1]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *FieldMigrateAnnotation) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*FieldMigrateAnnotation) ProtoMessage() {}
+
+func (x *FieldMigrateAnnotation) ProtoReflect() protoreflect.Message {
+	mi := &file_udpa_annotations_migrate_proto_msgTypes[1]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use FieldMigrateAnnotation.ProtoReflect.Descriptor instead.
+func (*FieldMigrateAnnotation) Descriptor() ([]byte, []int) {
+	return file_udpa_annotations_migrate_proto_rawDescGZIP(), []int{1}
+}
+
+func (x *FieldMigrateAnnotation) GetRename() string {
+	if x != nil {
+		return x.Rename
+	}
+	return ""
+}
+
+func (x *FieldMigrateAnnotation) GetOneofPromotion() string {
+	if x != nil {
+		return x.OneofPromotion
+	}
+	return ""
+}
+
+type FileMigrateAnnotation struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	MoveToPackage string `protobuf:"bytes,2,opt,name=move_to_package,json=moveToPackage,proto3" json:"move_to_package,omitempty"`
+}
+
+func (x *FileMigrateAnnotation) Reset() {
+	*x = FileMigrateAnnotation{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_udpa_annotations_migrate_proto_msgTypes[2]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *FileMigrateAnnotation) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*FileMigrateAnnotation) ProtoMessage() {}
+
+func (x *FileMigrateAnnotation) ProtoReflect() protoreflect.Message {
+	mi := &file_udpa_annotations_migrate_proto_msgTypes[2]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use FileMigrateAnnotation.ProtoReflect.Descriptor instead.
+func (*FileMigrateAnnotation) Descriptor() ([]byte, []int) {
+	return file_udpa_annotations_migrate_proto_rawDescGZIP(), []int{2}
+}
+
+func (x *FileMigrateAnnotation) GetMoveToPackage() string {
+	if x != nil {
+		return x.MoveToPackage
+	}
+	return ""
+}
+
+var file_udpa_annotations_migrate_proto_extTypes = []protoimpl.ExtensionInfo{
+	{
+		ExtendedType:  (*descriptorpb.MessageOptions)(nil),
+		ExtensionType: (*MigrateAnnotation)(nil),
+		Field:         171962766,
+		Name:          "udpa.annotations.message_migrate",
+		Tag:           "bytes,171962766,opt,name=message_migrate",
+		Filename:      "udpa/annotations/migrate.proto",
+	},
+	{
+		ExtendedType:  (*descriptorpb.FieldOptions)(nil),
+		ExtensionType: (*FieldMigrateAnnotation)(nil),
+		Field:         171962766,
+		Name:          "udpa.annotations.field_migrate",
+		Tag:           "bytes,171962766,opt,name=field_migrate",
+		Filename:      "udpa/annotations/migrate.proto",
+	},
+	{
+		ExtendedType:  (*descriptorpb.EnumOptions)(nil),
+		ExtensionType: (*MigrateAnnotation)(nil),
+		Field:         171962766,
+		Name:          "udpa.annotations.enum_migrate",
+		Tag:           "bytes,171962766,opt,name=enum_migrate",
+		Filename:      "udpa/annotations/migrate.proto",
+	},
+	{
+		ExtendedType:  (*descriptorpb.EnumValueOptions)(nil),
+		ExtensionType: (*MigrateAnnotation)(nil),
+		Field:         171962766,
+		Name:          "udpa.annotations.enum_value_migrate",
+		Tag:           "bytes,171962766,opt,name=enum_value_migrate",
+		Filename:      "udpa/annotations/migrate.proto",
+	},
+	{
+		ExtendedType:  (*descriptorpb.FileOptions)(nil),
+		ExtensionType: (*FileMigrateAnnotation)(nil),
+		Field:         171962766,
+		Name:          "udpa.annotations.file_migrate",
+		Tag:           "bytes,171962766,opt,name=file_migrate",
+		Filename:      "udpa/annotations/migrate.proto",
+	},
+}
+
+// Extension fields to descriptorpb.MessageOptions.
+var (
+	// optional udpa.annotations.MigrateAnnotation message_migrate = 171962766;
+	E_MessageMigrate = &file_udpa_annotations_migrate_proto_extTypes[0]
+)
+
+// Extension fields to descriptorpb.FieldOptions.
+var (
+	// optional udpa.annotations.FieldMigrateAnnotation field_migrate = 171962766;
+	E_FieldMigrate = &file_udpa_annotations_migrate_proto_extTypes[1]
+)
+
+// Extension fields to descriptorpb.EnumOptions.
+var (
+	// optional udpa.annotations.MigrateAnnotation enum_migrate = 171962766;
+	E_EnumMigrate = &file_udpa_annotations_migrate_proto_extTypes[2]
+)
+
+// Extension fields to descriptorpb.EnumValueOptions.
+var (
+	// optional udpa.annotations.MigrateAnnotation enum_value_migrate = 171962766;
+	E_EnumValueMigrate = &file_udpa_annotations_migrate_proto_extTypes[3]
+)
+
+// Extension fields to descriptorpb.FileOptions.
+var (
+	// optional udpa.annotations.FileMigrateAnnotation file_migrate = 171962766;
+	E_FileMigrate = &file_udpa_annotations_migrate_proto_extTypes[4]
+)
+
+var File_udpa_annotations_migrate_proto protoreflect.FileDescriptor
+
+var file_udpa_annotations_migrate_proto_rawDesc = []byte{
+	0x0a, 0x1e, 0x75, 0x64, 0x70, 0x61, 0x2f, 0x61, 0x6e, 0x6e, 0x6f, 0x74, 0x61, 0x74, 0x69, 0x6f,
+	0x6e, 0x73, 0x2f, 0x6d, 0x69, 0x67, 0x72, 0x61, 0x74, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f,
+	0x12, 0x10, 0x75, 0x64, 0x70, 0x61, 0x2e, 0x61, 0x6e, 0x6e, 0x6f, 0x74, 0x61, 0x74, 0x69, 0x6f,
+	0x6e, 0x73, 0x1a, 0x20, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2f, 0x70, 0x72, 0x6f, 0x74, 0x6f,
+	0x62, 0x75, 0x66, 0x2f, 0x64, 0x65, 0x73, 0x63, 0x72, 0x69, 0x70, 0x74, 0x6f, 0x72, 0x2e, 0x70,
+	0x72, 0x6f, 0x74, 0x6f, 0x22, 0x2b, 0x0a, 0x11, 0x4d, 0x69, 0x67, 0x72, 0x61, 0x74, 0x65, 0x41,
+	0x6e, 0x6e, 0x6f, 0x74, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x12, 0x16, 0x0a, 0x06, 0x72, 0x65, 0x6e,
+	0x61, 0x6d, 0x65, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x06, 0x72, 0x65, 0x6e, 0x61, 0x6d,
+	0x65, 0x22, 0x59, 0x0a, 0x16, 0x46, 0x69, 0x65, 0x6c, 0x64, 0x4d, 0x69, 0x67, 0x72, 0x61, 0x74,
+	0x65, 0x41, 0x6e, 0x6e, 0x6f, 0x74, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x12, 0x16, 0x0a, 0x06, 0x72,
+	0x65, 0x6e, 0x61, 0x6d, 0x65, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x06, 0x72, 0x65, 0x6e,
+	0x61, 0x6d, 0x65, 0x12, 0x27, 0x0a, 0x0f, 0x6f, 0x6e, 0x65, 0x6f, 0x66, 0x5f, 0x70, 0x72, 0x6f,
+	0x6d, 0x6f, 0x74, 0x69, 0x6f, 0x6e, 0x18, 0x02, 0x20, 0x01, 0x28, 0x09, 0x52, 0x0e, 0x6f, 0x6e,
+	0x65, 0x6f, 0x66, 0x50, 0x72, 0x6f, 0x6d, 0x6f, 0x74, 0x69, 0x6f, 0x6e, 0x22, 0x3f, 0x0a, 0x15,
+	0x46, 0x69, 0x6c, 0x65, 0x4d, 0x69, 0x67, 0x72, 0x61, 0x74, 0x65, 0x41, 0x6e, 0x6e, 0x6f, 0x74,
+	0x61, 0x74, 0x69, 0x6f, 0x6e, 0x12, 0x26, 0x0a, 0x0f, 0x6d, 0x6f, 0x76, 0x65, 0x5f, 0x74, 0x6f,
+	0x5f, 0x70, 0x61, 0x63, 0x6b, 0x61, 0x67, 0x65, 0x18, 0x02, 0x20, 0x01, 0x28, 0x09, 0x52, 0x0d,
+	0x6d, 0x6f, 0x76, 0x65, 0x54, 0x6f, 0x50, 0x61, 0x63, 0x6b, 0x61, 0x67, 0x65, 0x3a, 0x70, 0x0a,
+	0x0f, 0x6d, 0x65, 0x73, 0x73, 0x61, 0x67, 0x65, 0x5f, 0x6d, 0x69, 0x67, 0x72, 0x61, 0x74, 0x65,
+	0x12, 0x1f, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62,
+	0x75, 0x66, 0x2e, 0x4d, 0x65, 0x73, 0x73, 0x61, 0x67, 0x65, 0x4f, 0x70, 0x74, 0x69, 0x6f, 0x6e,
+	0x73, 0x18, 0x8e, 0xe3, 0xff, 0x51, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x23, 0x2e, 0x75, 0x64, 0x70,
+	0x61, 0x2e, 0x61, 0x6e, 0x6e, 0x6f, 0x74, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x2e, 0x4d, 0x69,
+	0x67, 0x72, 0x61, 0x74, 0x65, 0x41, 0x6e, 0x6e, 0x6f, 0x74, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x52,
+	0x0e, 0x6d, 0x65, 0x73, 0x73, 0x61, 0x67, 0x65, 0x4d, 0x69, 0x67, 0x72, 0x61, 0x74, 0x65, 0x3a,
+	0x6f, 0x0a, 0x0d, 0x66, 0x69, 0x65, 0x6c, 0x64, 0x5f, 0x6d, 0x69, 0x67, 0x72, 0x61, 0x74, 0x65,
+	0x12, 0x1d, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62,
+	0x75, 0x66, 0x2e, 0x46, 0x69, 0x65, 0x6c, 0x64, 0x4f, 0x70, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x18,
+	0x8e, 0xe3, 0xff, 0x51, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x28, 0x2e, 0x75, 0x64, 0x70, 0x61, 0x2e,
+	0x61, 0x6e, 0x6e, 0x6f, 0x74, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x2e, 0x46, 0x69, 0x65, 0x6c,
+	0x64, 0x4d, 0x69, 0x67, 0x72, 0x61, 0x74, 0x65, 0x41, 0x6e, 0x6e, 0x6f, 0x74, 0x61, 0x74, 0x69,
+	0x6f, 0x6e, 0x52, 0x0c, 0x66, 0x69, 0x65, 0x6c, 0x64, 0x4d, 0x69, 0x67, 0x72, 0x61, 0x74, 0x65,
+	0x3a, 0x67, 0x0a, 0x0c, 0x65, 0x6e, 0x75, 0x6d, 0x5f, 0x6d, 0x69, 0x67, 0x72, 0x61, 0x74, 0x65,
+	0x12, 0x1c, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62,
+	0x75, 0x66, 0x2e, 0x45, 0x6e, 0x75, 0x6d, 0x4f, 0x70, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x18, 0x8e,
+	0xe3, 0xff, 0x51, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x23, 0x2e, 0x75, 0x64, 0x70, 0x61, 0x2e, 0x61,
+	0x6e, 0x6e, 0x6f, 0x74, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x2e, 0x4d, 0x69, 0x67, 0x72, 0x61,
+	0x74, 0x65, 0x41, 0x6e, 0x6e, 0x6f, 0x74, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x52, 0x0b, 0x65, 0x6e,
+	0x75, 0x6d, 0x4d, 0x69, 0x67, 0x72, 0x61, 0x74, 0x65, 0x3a, 0x77, 0x0a, 0x12, 0x65, 0x6e, 0x75,
+	0x6d, 0x5f, 0x76, 0x61, 0x6c, 0x75, 0x65, 0x5f, 0x6d, 0x69, 0x67, 0x72, 0x61, 0x74, 0x65, 0x12,
+	0x21, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75,
+	0x66, 0x2e, 0x45, 0x6e, 0x75, 0x6d, 0x56, 0x61, 0x6c, 0x75, 0x65, 0x4f, 0x70, 0x74, 0x69, 0x6f,
+	0x6e, 0x73, 0x18, 0x8e, 0xe3, 0xff, 0x51, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x23, 0x2e, 0x75, 0x64,
+	0x70, 0x61, 0x2e, 0x61, 0x6e, 0x6e, 0x6f, 0x74, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x2e, 0x4d,
+	0x69, 0x67, 0x72, 0x61, 0x74, 0x65, 0x41, 0x6e, 0x6e, 0x6f, 0x74, 0x61, 0x74, 0x69, 0x6f, 0x6e,
+	0x52, 0x10, 0x65, 0x6e, 0x75, 0x6d, 0x56, 0x61, 0x6c, 0x75, 0x65, 0x4d, 0x69, 0x67, 0x72, 0x61,
+	0x74, 0x65, 0x3a, 0x6b, 0x0a, 0x0c, 0x66, 0x69, 0x6c, 0x65, 0x5f, 0x6d, 0x69, 0x67, 0x72, 0x61,
+	0x74, 0x65, 0x12, 0x1c, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74,
+	0x6f, 0x62, 0x75, 0x66, 0x2e, 0x46, 0x69, 0x6c, 0x65, 0x4f, 0x70, 0x74, 0x69, 0x6f, 0x6e, 0x73,
+	0x18, 0x8e, 0xe3, 0xff, 0x51, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x27, 0x2e, 0x75, 0x64, 0x70, 0x61,
+	0x2e, 0x61, 0x6e, 0x6e, 0x6f, 0x74, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x2e, 0x46, 0x69, 0x6c,
+	0x65, 0x4d, 0x69, 0x67, 0x72, 0x61, 0x74, 0x65, 0x41, 0x6e, 0x6e, 0x6f, 0x74, 0x61, 0x74, 0x69,
+	0x6f, 0x6e, 0x52, 0x0b, 0x66, 0x69, 0x6c, 0x65, 0x4d, 0x69, 0x67, 0x72, 0x61, 0x74, 0x65, 0x42,
+	0x24, 0x5a, 0x22, 0x67, 0x69, 0x74, 0x68, 0x75, 0x62, 0x2e, 0x63, 0x6f, 0x6d, 0x2f, 0x63, 0x6e,
+	0x63, 0x66, 0x2f, 0x78, 0x64, 0x73, 0x2f, 0x67, 0x6f, 0x2f, 0x61, 0x6e, 0x6e, 0x6f, 0x74, 0x61,
+	0x74, 0x69, 0x6f, 0x6e, 0x73, 0x62, 0x06, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x33,
+}
+
+var (
+	file_udpa_annotations_migrate_proto_rawDescOnce sync.Once
+	file_udpa_annotations_migrate_proto_rawDescData = file_udpa_annotations_migrate_proto_rawDesc
+)
+
+func file_udpa_annotations_migrate_proto_rawDescGZIP() []byte {
+	file_udpa_annotations_migrate_proto_rawDescOnce.Do(func() {
+		file_udpa_annotations_migrate_proto_rawDescData = protoimpl.X.CompressGZIP(file_udpa_annotations_migrate_proto_rawDescData)
+	})
+	return file_udpa_annotations_migrate_proto_rawDescData
+}
+
+var file_udpa_annotations_migrate_proto_msgTypes = make([]protoimpl.MessageInfo, 3)
+var file_udpa_annotations_migrate_proto_goTypes = []interface{}{
+	(*MigrateAnnotation)(nil),             // 0: udpa.annotations.MigrateAnnotation
+	(*FieldMigrateAnnotation)(nil),        // 1: udpa.annotations.FieldMigrateAnnotation
+	(*FileMigrateAnnotation)(nil),         // 2: udpa.annotations.FileMigrateAnnotation
+	(*descriptorpb.MessageOptions)(nil),   // 3: google.protobuf.MessageOptions
+	(*descriptorpb.FieldOptions)(nil),     // 4: google.protobuf.FieldOptions
+	(*descriptorpb.EnumOptions)(nil),      // 5: google.protobuf.EnumOptions
+	(*descriptorpb.EnumValueOptions)(nil), // 6: google.protobuf.EnumValueOptions
+	(*descriptorpb.FileOptions)(nil),      // 7: google.protobuf.FileOptions
+}
+var file_udpa_annotations_migrate_proto_depIdxs = []int32{
+	3,  // 0: udpa.annotations.message_migrate:extendee -> google.protobuf.MessageOptions
+	4,  // 1: udpa.annotations.field_migrate:extendee -> google.protobuf.FieldOptions
+	5,  // 2: udpa.annotations.enum_migrate:extendee -> google.protobuf.EnumOptions
+	6,  // 3: udpa.annotations.enum_value_migrate:extendee -> google.protobuf.EnumValueOptions
+	7,  // 4: udpa.annotations.file_migrate:extendee -> google.protobuf.FileOptions
+	0,  // 5: udpa.annotations.message_migrate:type_name -> udpa.annotations.MigrateAnnotation
+	1,  // 6: udpa.annotations.field_migrate:type_name -> udpa.annotations.FieldMigrateAnnotation
+	0,  // 7: udpa.annotations.enum_migrate:type_name -> udpa.annotations.MigrateAnnotation
+	0,  // 8: udpa.annotations.enum_value_migrate:type_name -> udpa.annotations.MigrateAnnotation
+	2,  // 9: udpa.annotations.file_migrate:type_name -> udpa.annotations.FileMigrateAnnotation
+	10, // [10:10] is the sub-list for method output_type
+	10, // [10:10] is the sub-list for method input_type
+	5,  // [5:10] is the sub-list for extension type_name
+	0,  // [0:5] is the sub-list for extension extendee
+	0,  // [0:0] is the sub-list for field type_name
+}
+
+func init() { file_udpa_annotations_migrate_proto_init() }
+func file_udpa_annotations_migrate_proto_init() {
+	if File_udpa_annotations_migrate_proto != nil {
+		return
+	}
+	if !protoimpl.UnsafeEnabled {
+		file_udpa_annotations_migrate_proto_msgTypes[0].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*MigrateAnnotation); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_udpa_annotations_migrate_proto_msgTypes[1].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*FieldMigrateAnnotation); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_udpa_annotations_migrate_proto_msgTypes[2].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*FileMigrateAnnotation); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+	}
+	type x struct{}
+	out := protoimpl.TypeBuilder{
+		File: protoimpl.DescBuilder{
+			GoPackagePath: reflect.TypeOf(x{}).PkgPath(),
+			RawDescriptor: file_udpa_annotations_migrate_proto_rawDesc,
+			NumEnums:      0,
+			NumMessages:   3,
+			NumExtensions: 5,
+			NumServices:   0,
+		},
+		GoTypes:           file_udpa_annotations_migrate_proto_goTypes,
+		DependencyIndexes: file_udpa_annotations_migrate_proto_depIdxs,
+		MessageInfos:      file_udpa_annotations_migrate_proto_msgTypes,
+		ExtensionInfos:    file_udpa_annotations_migrate_proto_extTypes,
+	}.Build()
+	File_udpa_annotations_migrate_proto = out.File
+	file_udpa_annotations_migrate_proto_rawDesc = nil
+	file_udpa_annotations_migrate_proto_goTypes = nil
+	file_udpa_annotations_migrate_proto_depIdxs = nil
+}
diff --git a/vendor/github.com/cncf/xds/go/udpa/annotations/migrate.pb.validate.go b/vendor/github.com/cncf/xds/go/udpa/annotations/migrate.pb.validate.go
new file mode 100644
index 00000000000..1b72b067f6c
--- /dev/null
+++ b/vendor/github.com/cncf/xds/go/udpa/annotations/migrate.pb.validate.go
@@ -0,0 +1,243 @@
+// Code generated by protoc-gen-validate. DO NOT EDIT.
+// source: udpa/annotations/migrate.proto
+
+package annotations
+
+import (
+	"bytes"
+	"errors"
+	"fmt"
+	"net"
+	"net/mail"
+	"net/url"
+	"regexp"
+	"strings"
+	"time"
+	"unicode/utf8"
+
+	"google.golang.org/protobuf/types/known/anypb"
+)
+
+// ensure the imports are used
+var (
+	_ = bytes.MinRead
+	_ = errors.New("")
+	_ = fmt.Print
+	_ = utf8.UTFMax
+	_ = (*regexp.Regexp)(nil)
+	_ = (*strings.Reader)(nil)
+	_ = net.IPv4len
+	_ = time.Duration(0)
+	_ = (*url.URL)(nil)
+	_ = (*mail.Address)(nil)
+	_ = anypb.Any{}
+)
+
+// Validate checks the field values on MigrateAnnotation with the rules defined
+// in the proto definition for this message. If any rules are violated, an
+// error is returned.
+func (m *MigrateAnnotation) Validate() error {
+	if m == nil {
+		return nil
+	}
+
+	// no validation rules for Rename
+
+	return nil
+}
+
+// MigrateAnnotationValidationError is the validation error returned by
+// MigrateAnnotation.Validate if the designated constraints aren't met.
+type MigrateAnnotationValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e MigrateAnnotationValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e MigrateAnnotationValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e MigrateAnnotationValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e MigrateAnnotationValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e MigrateAnnotationValidationError) ErrorName() string {
+	return "MigrateAnnotationValidationError"
+}
+
+// Error satisfies the builtin error interface
+func (e MigrateAnnotationValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sMigrateAnnotation.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = MigrateAnnotationValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = MigrateAnnotationValidationError{}
+
+// Validate checks the field values on FieldMigrateAnnotation with the rules
+// defined in the proto definition for this message. If any rules are
+// violated, an error is returned.
+func (m *FieldMigrateAnnotation) Validate() error {
+	if m == nil {
+		return nil
+	}
+
+	// no validation rules for Rename
+
+	// no validation rules for OneofPromotion
+
+	return nil
+}
+
+// FieldMigrateAnnotationValidationError is the validation error returned by
+// FieldMigrateAnnotation.Validate if the designated constraints aren't met.
+type FieldMigrateAnnotationValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e FieldMigrateAnnotationValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e FieldMigrateAnnotationValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e FieldMigrateAnnotationValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e FieldMigrateAnnotationValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e FieldMigrateAnnotationValidationError) ErrorName() string {
+	return "FieldMigrateAnnotationValidationError"
+}
+
+// Error satisfies the builtin error interface
+func (e FieldMigrateAnnotationValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sFieldMigrateAnnotation.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = FieldMigrateAnnotationValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = FieldMigrateAnnotationValidationError{}
+
+// Validate checks the field values on FileMigrateAnnotation with the rules
+// defined in the proto definition for this message. If any rules are
+// violated, an error is returned.
+func (m *FileMigrateAnnotation) Validate() error {
+	if m == nil {
+		return nil
+	}
+
+	// no validation rules for MoveToPackage
+
+	return nil
+}
+
+// FileMigrateAnnotationValidationError is the validation error returned by
+// FileMigrateAnnotation.Validate if the designated constraints aren't met.
+type FileMigrateAnnotationValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e FileMigrateAnnotationValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e FileMigrateAnnotationValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e FileMigrateAnnotationValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e FileMigrateAnnotationValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e FileMigrateAnnotationValidationError) ErrorName() string {
+	return "FileMigrateAnnotationValidationError"
+}
+
+// Error satisfies the builtin error interface
+func (e FileMigrateAnnotationValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sFileMigrateAnnotation.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = FileMigrateAnnotationValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = FileMigrateAnnotationValidationError{}
diff --git a/vendor/github.com/cncf/xds/go/udpa/annotations/security.pb.go b/vendor/github.com/cncf/xds/go/udpa/annotations/security.pb.go
new file mode 100644
index 00000000000..e061f58433a
--- /dev/null
+++ b/vendor/github.com/cncf/xds/go/udpa/annotations/security.pb.go
@@ -0,0 +1,201 @@
+// Code generated by protoc-gen-go. DO NOT EDIT.
+// versions:
+// 	protoc-gen-go v1.25.0
+// 	protoc        v3.18.0
+// source: udpa/annotations/security.proto
+
+package annotations
+
+import (
+	proto "github.com/golang/protobuf/proto"
+	protoreflect "google.golang.org/protobuf/reflect/protoreflect"
+	protoimpl "google.golang.org/protobuf/runtime/protoimpl"
+	descriptorpb "google.golang.org/protobuf/types/descriptorpb"
+	reflect "reflect"
+	sync "sync"
+)
+
+const (
+	// Verify that this generated code is sufficiently up-to-date.
+	_ = protoimpl.EnforceVersion(20 - protoimpl.MinVersion)
+	// Verify that runtime/protoimpl is sufficiently up-to-date.
+	_ = protoimpl.EnforceVersion(protoimpl.MaxVersion - 20)
+)
+
+// This is a compile-time assertion that a sufficiently up-to-date version
+// of the legacy proto package is being used.
+const _ = proto.ProtoPackageIsVersion4
+
+type FieldSecurityAnnotation struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	ConfigureForUntrustedDownstream bool `protobuf:"varint,1,opt,name=configure_for_untrusted_downstream,json=configureForUntrustedDownstream,proto3" json:"configure_for_untrusted_downstream,omitempty"`
+	ConfigureForUntrustedUpstream   bool `protobuf:"varint,2,opt,name=configure_for_untrusted_upstream,json=configureForUntrustedUpstream,proto3" json:"configure_for_untrusted_upstream,omitempty"`
+}
+
+func (x *FieldSecurityAnnotation) Reset() {
+	*x = FieldSecurityAnnotation{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_udpa_annotations_security_proto_msgTypes[0]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *FieldSecurityAnnotation) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*FieldSecurityAnnotation) ProtoMessage() {}
+
+func (x *FieldSecurityAnnotation) ProtoReflect() protoreflect.Message {
+	mi := &file_udpa_annotations_security_proto_msgTypes[0]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use FieldSecurityAnnotation.ProtoReflect.Descriptor instead.
+func (*FieldSecurityAnnotation) Descriptor() ([]byte, []int) {
+	return file_udpa_annotations_security_proto_rawDescGZIP(), []int{0}
+}
+
+func (x *FieldSecurityAnnotation) GetConfigureForUntrustedDownstream() bool {
+	if x != nil {
+		return x.ConfigureForUntrustedDownstream
+	}
+	return false
+}
+
+func (x *FieldSecurityAnnotation) GetConfigureForUntrustedUpstream() bool {
+	if x != nil {
+		return x.ConfigureForUntrustedUpstream
+	}
+	return false
+}
+
+var file_udpa_annotations_security_proto_extTypes = []protoimpl.ExtensionInfo{
+	{
+		ExtendedType:  (*descriptorpb.FieldOptions)(nil),
+		ExtensionType: (*FieldSecurityAnnotation)(nil),
+		Field:         11122993,
+		Name:          "udpa.annotations.security",
+		Tag:           "bytes,11122993,opt,name=security",
+		Filename:      "udpa/annotations/security.proto",
+	},
+}
+
+// Extension fields to descriptorpb.FieldOptions.
+var (
+	// optional udpa.annotations.FieldSecurityAnnotation security = 11122993;
+	E_Security = &file_udpa_annotations_security_proto_extTypes[0]
+)
+
+var File_udpa_annotations_security_proto protoreflect.FileDescriptor
+
+var file_udpa_annotations_security_proto_rawDesc = []byte{
+	0x0a, 0x1f, 0x75, 0x64, 0x70, 0x61, 0x2f, 0x61, 0x6e, 0x6e, 0x6f, 0x74, 0x61, 0x74, 0x69, 0x6f,
+	0x6e, 0x73, 0x2f, 0x73, 0x65, 0x63, 0x75, 0x72, 0x69, 0x74, 0x79, 0x2e, 0x70, 0x72, 0x6f, 0x74,
+	0x6f, 0x12, 0x10, 0x75, 0x64, 0x70, 0x61, 0x2e, 0x61, 0x6e, 0x6e, 0x6f, 0x74, 0x61, 0x74, 0x69,
+	0x6f, 0x6e, 0x73, 0x1a, 0x1d, 0x75, 0x64, 0x70, 0x61, 0x2f, 0x61, 0x6e, 0x6e, 0x6f, 0x74, 0x61,
+	0x74, 0x69, 0x6f, 0x6e, 0x73, 0x2f, 0x73, 0x74, 0x61, 0x74, 0x75, 0x73, 0x2e, 0x70, 0x72, 0x6f,
+	0x74, 0x6f, 0x1a, 0x20, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2f, 0x70, 0x72, 0x6f, 0x74, 0x6f,
+	0x62, 0x75, 0x66, 0x2f, 0x64, 0x65, 0x73, 0x63, 0x72, 0x69, 0x70, 0x74, 0x6f, 0x72, 0x2e, 0x70,
+	0x72, 0x6f, 0x74, 0x6f, 0x22, 0xaf, 0x01, 0x0a, 0x17, 0x46, 0x69, 0x65, 0x6c, 0x64, 0x53, 0x65,
+	0x63, 0x75, 0x72, 0x69, 0x74, 0x79, 0x41, 0x6e, 0x6e, 0x6f, 0x74, 0x61, 0x74, 0x69, 0x6f, 0x6e,
+	0x12, 0x4b, 0x0a, 0x22, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x75, 0x72, 0x65, 0x5f, 0x66, 0x6f,
+	0x72, 0x5f, 0x75, 0x6e, 0x74, 0x72, 0x75, 0x73, 0x74, 0x65, 0x64, 0x5f, 0x64, 0x6f, 0x77, 0x6e,
+	0x73, 0x74, 0x72, 0x65, 0x61, 0x6d, 0x18, 0x01, 0x20, 0x01, 0x28, 0x08, 0x52, 0x1f, 0x63, 0x6f,
+	0x6e, 0x66, 0x69, 0x67, 0x75, 0x72, 0x65, 0x46, 0x6f, 0x72, 0x55, 0x6e, 0x74, 0x72, 0x75, 0x73,
+	0x74, 0x65, 0x64, 0x44, 0x6f, 0x77, 0x6e, 0x73, 0x74, 0x72, 0x65, 0x61, 0x6d, 0x12, 0x47, 0x0a,
+	0x20, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x75, 0x72, 0x65, 0x5f, 0x66, 0x6f, 0x72, 0x5f, 0x75,
+	0x6e, 0x74, 0x72, 0x75, 0x73, 0x74, 0x65, 0x64, 0x5f, 0x75, 0x70, 0x73, 0x74, 0x72, 0x65, 0x61,
+	0x6d, 0x18, 0x02, 0x20, 0x01, 0x28, 0x08, 0x52, 0x1d, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x75,
+	0x72, 0x65, 0x46, 0x6f, 0x72, 0x55, 0x6e, 0x74, 0x72, 0x75, 0x73, 0x74, 0x65, 0x64, 0x55, 0x70,
+	0x73, 0x74, 0x72, 0x65, 0x61, 0x6d, 0x3a, 0x67, 0x0a, 0x08, 0x73, 0x65, 0x63, 0x75, 0x72, 0x69,
+	0x74, 0x79, 0x12, 0x1d, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74,
+	0x6f, 0x62, 0x75, 0x66, 0x2e, 0x46, 0x69, 0x65, 0x6c, 0x64, 0x4f, 0x70, 0x74, 0x69, 0x6f, 0x6e,
+	0x73, 0x18, 0xb1, 0xf2, 0xa6, 0x05, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x29, 0x2e, 0x75, 0x64, 0x70,
+	0x61, 0x2e, 0x61, 0x6e, 0x6e, 0x6f, 0x74, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x2e, 0x46, 0x69,
+	0x65, 0x6c, 0x64, 0x53, 0x65, 0x63, 0x75, 0x72, 0x69, 0x74, 0x79, 0x41, 0x6e, 0x6e, 0x6f, 0x74,
+	0x61, 0x74, 0x69, 0x6f, 0x6e, 0x52, 0x08, 0x73, 0x65, 0x63, 0x75, 0x72, 0x69, 0x74, 0x79, 0x42,
+	0x2c, 0x5a, 0x22, 0x67, 0x69, 0x74, 0x68, 0x75, 0x62, 0x2e, 0x63, 0x6f, 0x6d, 0x2f, 0x63, 0x6e,
+	0x63, 0x66, 0x2f, 0x78, 0x64, 0x73, 0x2f, 0x67, 0x6f, 0x2f, 0x61, 0x6e, 0x6e, 0x6f, 0x74, 0x61,
+	0x74, 0x69, 0x6f, 0x6e, 0x73, 0xba, 0x80, 0xc8, 0xd1, 0x06, 0x02, 0x08, 0x01, 0x62, 0x06, 0x70,
+	0x72, 0x6f, 0x74, 0x6f, 0x33,
+}
+
+var (
+	file_udpa_annotations_security_proto_rawDescOnce sync.Once
+	file_udpa_annotations_security_proto_rawDescData = file_udpa_annotations_security_proto_rawDesc
+)
+
+func file_udpa_annotations_security_proto_rawDescGZIP() []byte {
+	file_udpa_annotations_security_proto_rawDescOnce.Do(func() {
+		file_udpa_annotations_security_proto_rawDescData = protoimpl.X.CompressGZIP(file_udpa_annotations_security_proto_rawDescData)
+	})
+	return file_udpa_annotations_security_proto_rawDescData
+}
+
+var file_udpa_annotations_security_proto_msgTypes = make([]protoimpl.MessageInfo, 1)
+var file_udpa_annotations_security_proto_goTypes = []interface{}{
+	(*FieldSecurityAnnotation)(nil),   // 0: udpa.annotations.FieldSecurityAnnotation
+	(*descriptorpb.FieldOptions)(nil), // 1: google.protobuf.FieldOptions
+}
+var file_udpa_annotations_security_proto_depIdxs = []int32{
+	1, // 0: udpa.annotations.security:extendee -> google.protobuf.FieldOptions
+	0, // 1: udpa.annotations.security:type_name -> udpa.annotations.FieldSecurityAnnotation
+	2, // [2:2] is the sub-list for method output_type
+	2, // [2:2] is the sub-list for method input_type
+	1, // [1:2] is the sub-list for extension type_name
+	0, // [0:1] is the sub-list for extension extendee
+	0, // [0:0] is the sub-list for field type_name
+}
+
+func init() { file_udpa_annotations_security_proto_init() }
+func file_udpa_annotations_security_proto_init() {
+	if File_udpa_annotations_security_proto != nil {
+		return
+	}
+	file_udpa_annotations_status_proto_init()
+	if !protoimpl.UnsafeEnabled {
+		file_udpa_annotations_security_proto_msgTypes[0].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*FieldSecurityAnnotation); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+	}
+	type x struct{}
+	out := protoimpl.TypeBuilder{
+		File: protoimpl.DescBuilder{
+			GoPackagePath: reflect.TypeOf(x{}).PkgPath(),
+			RawDescriptor: file_udpa_annotations_security_proto_rawDesc,
+			NumEnums:      0,
+			NumMessages:   1,
+			NumExtensions: 1,
+			NumServices:   0,
+		},
+		GoTypes:           file_udpa_annotations_security_proto_goTypes,
+		DependencyIndexes: file_udpa_annotations_security_proto_depIdxs,
+		MessageInfos:      file_udpa_annotations_security_proto_msgTypes,
+		ExtensionInfos:    file_udpa_annotations_security_proto_extTypes,
+	}.Build()
+	File_udpa_annotations_security_proto = out.File
+	file_udpa_annotations_security_proto_rawDesc = nil
+	file_udpa_annotations_security_proto_goTypes = nil
+	file_udpa_annotations_security_proto_depIdxs = nil
+}
diff --git a/vendor/github.com/cncf/xds/go/udpa/annotations/security.pb.validate.go b/vendor/github.com/cncf/xds/go/udpa/annotations/security.pb.validate.go
new file mode 100644
index 00000000000..64058ccdd1a
--- /dev/null
+++ b/vendor/github.com/cncf/xds/go/udpa/annotations/security.pb.validate.go
@@ -0,0 +1,105 @@
+// Code generated by protoc-gen-validate. DO NOT EDIT.
+// source: udpa/annotations/security.proto
+
+package annotations
+
+import (
+	"bytes"
+	"errors"
+	"fmt"
+	"net"
+	"net/mail"
+	"net/url"
+	"regexp"
+	"strings"
+	"time"
+	"unicode/utf8"
+
+	"google.golang.org/protobuf/types/known/anypb"
+)
+
+// ensure the imports are used
+var (
+	_ = bytes.MinRead
+	_ = errors.New("")
+	_ = fmt.Print
+	_ = utf8.UTFMax
+	_ = (*regexp.Regexp)(nil)
+	_ = (*strings.Reader)(nil)
+	_ = net.IPv4len
+	_ = time.Duration(0)
+	_ = (*url.URL)(nil)
+	_ = (*mail.Address)(nil)
+	_ = anypb.Any{}
+)
+
+// Validate checks the field values on FieldSecurityAnnotation with the rules
+// defined in the proto definition for this message. If any rules are
+// violated, an error is returned.
+func (m *FieldSecurityAnnotation) Validate() error {
+	if m == nil {
+		return nil
+	}
+
+	// no validation rules for ConfigureForUntrustedDownstream
+
+	// no validation rules for ConfigureForUntrustedUpstream
+
+	return nil
+}
+
+// FieldSecurityAnnotationValidationError is the validation error returned by
+// FieldSecurityAnnotation.Validate if the designated constraints aren't met.
+type FieldSecurityAnnotationValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e FieldSecurityAnnotationValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e FieldSecurityAnnotationValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e FieldSecurityAnnotationValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e FieldSecurityAnnotationValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e FieldSecurityAnnotationValidationError) ErrorName() string {
+	return "FieldSecurityAnnotationValidationError"
+}
+
+// Error satisfies the builtin error interface
+func (e FieldSecurityAnnotationValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sFieldSecurityAnnotation.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = FieldSecurityAnnotationValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = FieldSecurityAnnotationValidationError{}
diff --git a/vendor/github.com/cncf/xds/go/udpa/annotations/sensitive.pb.go b/vendor/github.com/cncf/xds/go/udpa/annotations/sensitive.pb.go
new file mode 100644
index 00000000000..0334e8f45fe
--- /dev/null
+++ b/vendor/github.com/cncf/xds/go/udpa/annotations/sensitive.pb.go
@@ -0,0 +1,98 @@
+// Code generated by protoc-gen-go. DO NOT EDIT.
+// versions:
+// 	protoc-gen-go v1.25.0
+// 	protoc        v3.18.0
+// source: udpa/annotations/sensitive.proto
+
+package annotations
+
+import (
+	proto "github.com/golang/protobuf/proto"
+	protoreflect "google.golang.org/protobuf/reflect/protoreflect"
+	protoimpl "google.golang.org/protobuf/runtime/protoimpl"
+	descriptorpb "google.golang.org/protobuf/types/descriptorpb"
+	reflect "reflect"
+)
+
+const (
+	// Verify that this generated code is sufficiently up-to-date.
+	_ = protoimpl.EnforceVersion(20 - protoimpl.MinVersion)
+	// Verify that runtime/protoimpl is sufficiently up-to-date.
+	_ = protoimpl.EnforceVersion(protoimpl.MaxVersion - 20)
+)
+
+// This is a compile-time assertion that a sufficiently up-to-date version
+// of the legacy proto package is being used.
+const _ = proto.ProtoPackageIsVersion4
+
+var file_udpa_annotations_sensitive_proto_extTypes = []protoimpl.ExtensionInfo{
+	{
+		ExtendedType:  (*descriptorpb.FieldOptions)(nil),
+		ExtensionType: (*bool)(nil),
+		Field:         76569463,
+		Name:          "udpa.annotations.sensitive",
+		Tag:           "varint,76569463,opt,name=sensitive",
+		Filename:      "udpa/annotations/sensitive.proto",
+	},
+}
+
+// Extension fields to descriptorpb.FieldOptions.
+var (
+	// optional bool sensitive = 76569463;
+	E_Sensitive = &file_udpa_annotations_sensitive_proto_extTypes[0]
+)
+
+var File_udpa_annotations_sensitive_proto protoreflect.FileDescriptor
+
+var file_udpa_annotations_sensitive_proto_rawDesc = []byte{
+	0x0a, 0x20, 0x75, 0x64, 0x70, 0x61, 0x2f, 0x61, 0x6e, 0x6e, 0x6f, 0x74, 0x61, 0x74, 0x69, 0x6f,
+	0x6e, 0x73, 0x2f, 0x73, 0x65, 0x6e, 0x73, 0x69, 0x74, 0x69, 0x76, 0x65, 0x2e, 0x70, 0x72, 0x6f,
+	0x74, 0x6f, 0x12, 0x10, 0x75, 0x64, 0x70, 0x61, 0x2e, 0x61, 0x6e, 0x6e, 0x6f, 0x74, 0x61, 0x74,
+	0x69, 0x6f, 0x6e, 0x73, 0x1a, 0x20, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2f, 0x70, 0x72, 0x6f,
+	0x74, 0x6f, 0x62, 0x75, 0x66, 0x2f, 0x64, 0x65, 0x73, 0x63, 0x72, 0x69, 0x70, 0x74, 0x6f, 0x72,
+	0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x3a, 0x3e, 0x0a, 0x09, 0x73, 0x65, 0x6e, 0x73, 0x69, 0x74,
+	0x69, 0x76, 0x65, 0x12, 0x1d, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f,
+	0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x46, 0x69, 0x65, 0x6c, 0x64, 0x4f, 0x70, 0x74, 0x69, 0x6f,
+	0x6e, 0x73, 0x18, 0xf7, 0xb6, 0xc1, 0x24, 0x20, 0x01, 0x28, 0x08, 0x52, 0x09, 0x73, 0x65, 0x6e,
+	0x73, 0x69, 0x74, 0x69, 0x76, 0x65, 0x42, 0x24, 0x5a, 0x22, 0x67, 0x69, 0x74, 0x68, 0x75, 0x62,
+	0x2e, 0x63, 0x6f, 0x6d, 0x2f, 0x63, 0x6e, 0x63, 0x66, 0x2f, 0x78, 0x64, 0x73, 0x2f, 0x67, 0x6f,
+	0x2f, 0x61, 0x6e, 0x6e, 0x6f, 0x74, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x62, 0x06, 0x70, 0x72,
+	0x6f, 0x74, 0x6f, 0x33,
+}
+
+var file_udpa_annotations_sensitive_proto_goTypes = []interface{}{
+	(*descriptorpb.FieldOptions)(nil), // 0: google.protobuf.FieldOptions
+}
+var file_udpa_annotations_sensitive_proto_depIdxs = []int32{
+	0, // 0: udpa.annotations.sensitive:extendee -> google.protobuf.FieldOptions
+	1, // [1:1] is the sub-list for method output_type
+	1, // [1:1] is the sub-list for method input_type
+	1, // [1:1] is the sub-list for extension type_name
+	0, // [0:1] is the sub-list for extension extendee
+	0, // [0:0] is the sub-list for field type_name
+}
+
+func init() { file_udpa_annotations_sensitive_proto_init() }
+func file_udpa_annotations_sensitive_proto_init() {
+	if File_udpa_annotations_sensitive_proto != nil {
+		return
+	}
+	type x struct{}
+	out := protoimpl.TypeBuilder{
+		File: protoimpl.DescBuilder{
+			GoPackagePath: reflect.TypeOf(x{}).PkgPath(),
+			RawDescriptor: file_udpa_annotations_sensitive_proto_rawDesc,
+			NumEnums:      0,
+			NumMessages:   0,
+			NumExtensions: 1,
+			NumServices:   0,
+		},
+		GoTypes:           file_udpa_annotations_sensitive_proto_goTypes,
+		DependencyIndexes: file_udpa_annotations_sensitive_proto_depIdxs,
+		ExtensionInfos:    file_udpa_annotations_sensitive_proto_extTypes,
+	}.Build()
+	File_udpa_annotations_sensitive_proto = out.File
+	file_udpa_annotations_sensitive_proto_rawDesc = nil
+	file_udpa_annotations_sensitive_proto_goTypes = nil
+	file_udpa_annotations_sensitive_proto_depIdxs = nil
+}
diff --git a/vendor/github.com/cncf/xds/go/udpa/annotations/sensitive.pb.validate.go b/vendor/github.com/cncf/xds/go/udpa/annotations/sensitive.pb.validate.go
new file mode 100644
index 00000000000..dd4fea9b260
--- /dev/null
+++ b/vendor/github.com/cncf/xds/go/udpa/annotations/sensitive.pb.validate.go
@@ -0,0 +1,34 @@
+// Code generated by protoc-gen-validate. DO NOT EDIT.
+// source: udpa/annotations/sensitive.proto
+
+package annotations
+
+import (
+	"bytes"
+	"errors"
+	"fmt"
+	"net"
+	"net/mail"
+	"net/url"
+	"regexp"
+	"strings"
+	"time"
+	"unicode/utf8"
+
+	"google.golang.org/protobuf/types/known/anypb"
+)
+
+// ensure the imports are used
+var (
+	_ = bytes.MinRead
+	_ = errors.New("")
+	_ = fmt.Print
+	_ = utf8.UTFMax
+	_ = (*regexp.Regexp)(nil)
+	_ = (*strings.Reader)(nil)
+	_ = net.IPv4len
+	_ = time.Duration(0)
+	_ = (*url.URL)(nil)
+	_ = (*mail.Address)(nil)
+	_ = anypb.Any{}
+)
diff --git a/vendor/github.com/cncf/xds/go/udpa/annotations/status.pb.go b/vendor/github.com/cncf/xds/go/udpa/annotations/status.pb.go
new file mode 100644
index 00000000000..3f239dd06f9
--- /dev/null
+++ b/vendor/github.com/cncf/xds/go/udpa/annotations/status.pb.go
@@ -0,0 +1,258 @@
+// Code generated by protoc-gen-go. DO NOT EDIT.
+// versions:
+// 	protoc-gen-go v1.25.0
+// 	protoc        v3.18.0
+// source: udpa/annotations/status.proto
+
+package annotations
+
+import (
+	proto "github.com/golang/protobuf/proto"
+	protoreflect "google.golang.org/protobuf/reflect/protoreflect"
+	protoimpl "google.golang.org/protobuf/runtime/protoimpl"
+	descriptorpb "google.golang.org/protobuf/types/descriptorpb"
+	reflect "reflect"
+	sync "sync"
+)
+
+const (
+	// Verify that this generated code is sufficiently up-to-date.
+	_ = protoimpl.EnforceVersion(20 - protoimpl.MinVersion)
+	// Verify that runtime/protoimpl is sufficiently up-to-date.
+	_ = protoimpl.EnforceVersion(protoimpl.MaxVersion - 20)
+)
+
+// This is a compile-time assertion that a sufficiently up-to-date version
+// of the legacy proto package is being used.
+const _ = proto.ProtoPackageIsVersion4
+
+type PackageVersionStatus int32
+
+const (
+	PackageVersionStatus_UNKNOWN                      PackageVersionStatus = 0
+	PackageVersionStatus_FROZEN                       PackageVersionStatus = 1
+	PackageVersionStatus_ACTIVE                       PackageVersionStatus = 2
+	PackageVersionStatus_NEXT_MAJOR_VERSION_CANDIDATE PackageVersionStatus = 3
+)
+
+// Enum value maps for PackageVersionStatus.
+var (
+	PackageVersionStatus_name = map[int32]string{
+		0: "UNKNOWN",
+		1: "FROZEN",
+		2: "ACTIVE",
+		3: "NEXT_MAJOR_VERSION_CANDIDATE",
+	}
+	PackageVersionStatus_value = map[string]int32{
+		"UNKNOWN":                      0,
+		"FROZEN":                       1,
+		"ACTIVE":                       2,
+		"NEXT_MAJOR_VERSION_CANDIDATE": 3,
+	}
+)
+
+func (x PackageVersionStatus) Enum() *PackageVersionStatus {
+	p := new(PackageVersionStatus)
+	*p = x
+	return p
+}
+
+func (x PackageVersionStatus) String() string {
+	return protoimpl.X.EnumStringOf(x.Descriptor(), protoreflect.EnumNumber(x))
+}
+
+func (PackageVersionStatus) Descriptor() protoreflect.EnumDescriptor {
+	return file_udpa_annotations_status_proto_enumTypes[0].Descriptor()
+}
+
+func (PackageVersionStatus) Type() protoreflect.EnumType {
+	return &file_udpa_annotations_status_proto_enumTypes[0]
+}
+
+func (x PackageVersionStatus) Number() protoreflect.EnumNumber {
+	return protoreflect.EnumNumber(x)
+}
+
+// Deprecated: Use PackageVersionStatus.Descriptor instead.
+func (PackageVersionStatus) EnumDescriptor() ([]byte, []int) {
+	return file_udpa_annotations_status_proto_rawDescGZIP(), []int{0}
+}
+
+type StatusAnnotation struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	WorkInProgress       bool                 `protobuf:"varint,1,opt,name=work_in_progress,json=workInProgress,proto3" json:"work_in_progress,omitempty"`
+	PackageVersionStatus PackageVersionStatus `protobuf:"varint,2,opt,name=package_version_status,json=packageVersionStatus,proto3,enum=udpa.annotations.PackageVersionStatus" json:"package_version_status,omitempty"`
+}
+
+func (x *StatusAnnotation) Reset() {
+	*x = StatusAnnotation{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_udpa_annotations_status_proto_msgTypes[0]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *StatusAnnotation) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*StatusAnnotation) ProtoMessage() {}
+
+func (x *StatusAnnotation) ProtoReflect() protoreflect.Message {
+	mi := &file_udpa_annotations_status_proto_msgTypes[0]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use StatusAnnotation.ProtoReflect.Descriptor instead.
+func (*StatusAnnotation) Descriptor() ([]byte, []int) {
+	return file_udpa_annotations_status_proto_rawDescGZIP(), []int{0}
+}
+
+func (x *StatusAnnotation) GetWorkInProgress() bool {
+	if x != nil {
+		return x.WorkInProgress
+	}
+	return false
+}
+
+func (x *StatusAnnotation) GetPackageVersionStatus() PackageVersionStatus {
+	if x != nil {
+		return x.PackageVersionStatus
+	}
+	return PackageVersionStatus_UNKNOWN
+}
+
+var file_udpa_annotations_status_proto_extTypes = []protoimpl.ExtensionInfo{
+	{
+		ExtendedType:  (*descriptorpb.FileOptions)(nil),
+		ExtensionType: (*StatusAnnotation)(nil),
+		Field:         222707719,
+		Name:          "udpa.annotations.file_status",
+		Tag:           "bytes,222707719,opt,name=file_status",
+		Filename:      "udpa/annotations/status.proto",
+	},
+}
+
+// Extension fields to descriptorpb.FileOptions.
+var (
+	// optional udpa.annotations.StatusAnnotation file_status = 222707719;
+	E_FileStatus = &file_udpa_annotations_status_proto_extTypes[0]
+)
+
+var File_udpa_annotations_status_proto protoreflect.FileDescriptor
+
+var file_udpa_annotations_status_proto_rawDesc = []byte{
+	0x0a, 0x1d, 0x75, 0x64, 0x70, 0x61, 0x2f, 0x61, 0x6e, 0x6e, 0x6f, 0x74, 0x61, 0x74, 0x69, 0x6f,
+	0x6e, 0x73, 0x2f, 0x73, 0x74, 0x61, 0x74, 0x75, 0x73, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x12,
+	0x10, 0x75, 0x64, 0x70, 0x61, 0x2e, 0x61, 0x6e, 0x6e, 0x6f, 0x74, 0x61, 0x74, 0x69, 0x6f, 0x6e,
+	0x73, 0x1a, 0x20, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2f, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62,
+	0x75, 0x66, 0x2f, 0x64, 0x65, 0x73, 0x63, 0x72, 0x69, 0x70, 0x74, 0x6f, 0x72, 0x2e, 0x70, 0x72,
+	0x6f, 0x74, 0x6f, 0x22, 0x9a, 0x01, 0x0a, 0x10, 0x53, 0x74, 0x61, 0x74, 0x75, 0x73, 0x41, 0x6e,
+	0x6e, 0x6f, 0x74, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x12, 0x28, 0x0a, 0x10, 0x77, 0x6f, 0x72, 0x6b,
+	0x5f, 0x69, 0x6e, 0x5f, 0x70, 0x72, 0x6f, 0x67, 0x72, 0x65, 0x73, 0x73, 0x18, 0x01, 0x20, 0x01,
+	0x28, 0x08, 0x52, 0x0e, 0x77, 0x6f, 0x72, 0x6b, 0x49, 0x6e, 0x50, 0x72, 0x6f, 0x67, 0x72, 0x65,
+	0x73, 0x73, 0x12, 0x5c, 0x0a, 0x16, 0x70, 0x61, 0x63, 0x6b, 0x61, 0x67, 0x65, 0x5f, 0x76, 0x65,
+	0x72, 0x73, 0x69, 0x6f, 0x6e, 0x5f, 0x73, 0x74, 0x61, 0x74, 0x75, 0x73, 0x18, 0x02, 0x20, 0x01,
+	0x28, 0x0e, 0x32, 0x26, 0x2e, 0x75, 0x64, 0x70, 0x61, 0x2e, 0x61, 0x6e, 0x6e, 0x6f, 0x74, 0x61,
+	0x74, 0x69, 0x6f, 0x6e, 0x73, 0x2e, 0x50, 0x61, 0x63, 0x6b, 0x61, 0x67, 0x65, 0x56, 0x65, 0x72,
+	0x73, 0x69, 0x6f, 0x6e, 0x53, 0x74, 0x61, 0x74, 0x75, 0x73, 0x52, 0x14, 0x70, 0x61, 0x63, 0x6b,
+	0x61, 0x67, 0x65, 0x56, 0x65, 0x72, 0x73, 0x69, 0x6f, 0x6e, 0x53, 0x74, 0x61, 0x74, 0x75, 0x73,
+	0x2a, 0x5d, 0x0a, 0x14, 0x50, 0x61, 0x63, 0x6b, 0x61, 0x67, 0x65, 0x56, 0x65, 0x72, 0x73, 0x69,
+	0x6f, 0x6e, 0x53, 0x74, 0x61, 0x74, 0x75, 0x73, 0x12, 0x0b, 0x0a, 0x07, 0x55, 0x4e, 0x4b, 0x4e,
+	0x4f, 0x57, 0x4e, 0x10, 0x00, 0x12, 0x0a, 0x0a, 0x06, 0x46, 0x52, 0x4f, 0x5a, 0x45, 0x4e, 0x10,
+	0x01, 0x12, 0x0a, 0x0a, 0x06, 0x41, 0x43, 0x54, 0x49, 0x56, 0x45, 0x10, 0x02, 0x12, 0x20, 0x0a,
+	0x1c, 0x4e, 0x45, 0x58, 0x54, 0x5f, 0x4d, 0x41, 0x4a, 0x4f, 0x52, 0x5f, 0x56, 0x45, 0x52, 0x53,
+	0x49, 0x4f, 0x4e, 0x5f, 0x43, 0x41, 0x4e, 0x44, 0x49, 0x44, 0x41, 0x54, 0x45, 0x10, 0x03, 0x3a,
+	0x64, 0x0a, 0x0b, 0x66, 0x69, 0x6c, 0x65, 0x5f, 0x73, 0x74, 0x61, 0x74, 0x75, 0x73, 0x12, 0x1c,
+	0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66,
+	0x2e, 0x46, 0x69, 0x6c, 0x65, 0x4f, 0x70, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x18, 0x87, 0x80, 0x99,
+	0x6a, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x22, 0x2e, 0x75, 0x64, 0x70, 0x61, 0x2e, 0x61, 0x6e, 0x6e,
+	0x6f, 0x74, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x2e, 0x53, 0x74, 0x61, 0x74, 0x75, 0x73, 0x41,
+	0x6e, 0x6e, 0x6f, 0x74, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x52, 0x0a, 0x66, 0x69, 0x6c, 0x65, 0x53,
+	0x74, 0x61, 0x74, 0x75, 0x73, 0x42, 0x24, 0x5a, 0x22, 0x67, 0x69, 0x74, 0x68, 0x75, 0x62, 0x2e,
+	0x63, 0x6f, 0x6d, 0x2f, 0x63, 0x6e, 0x63, 0x66, 0x2f, 0x78, 0x64, 0x73, 0x2f, 0x67, 0x6f, 0x2f,
+	0x61, 0x6e, 0x6e, 0x6f, 0x74, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x62, 0x06, 0x70, 0x72, 0x6f,
+	0x74, 0x6f, 0x33,
+}
+
+var (
+	file_udpa_annotations_status_proto_rawDescOnce sync.Once
+	file_udpa_annotations_status_proto_rawDescData = file_udpa_annotations_status_proto_rawDesc
+)
+
+func file_udpa_annotations_status_proto_rawDescGZIP() []byte {
+	file_udpa_annotations_status_proto_rawDescOnce.Do(func() {
+		file_udpa_annotations_status_proto_rawDescData = protoimpl.X.CompressGZIP(file_udpa_annotations_status_proto_rawDescData)
+	})
+	return file_udpa_annotations_status_proto_rawDescData
+}
+
+var file_udpa_annotations_status_proto_enumTypes = make([]protoimpl.EnumInfo, 1)
+var file_udpa_annotations_status_proto_msgTypes = make([]protoimpl.MessageInfo, 1)
+var file_udpa_annotations_status_proto_goTypes = []interface{}{
+	(PackageVersionStatus)(0),        // 0: udpa.annotations.PackageVersionStatus
+	(*StatusAnnotation)(nil),         // 1: udpa.annotations.StatusAnnotation
+	(*descriptorpb.FileOptions)(nil), // 2: google.protobuf.FileOptions
+}
+var file_udpa_annotations_status_proto_depIdxs = []int32{
+	0, // 0: udpa.annotations.StatusAnnotation.package_version_status:type_name -> udpa.annotations.PackageVersionStatus
+	2, // 1: udpa.annotations.file_status:extendee -> google.protobuf.FileOptions
+	1, // 2: udpa.annotations.file_status:type_name -> udpa.annotations.StatusAnnotation
+	3, // [3:3] is the sub-list for method output_type
+	3, // [3:3] is the sub-list for method input_type
+	2, // [2:3] is the sub-list for extension type_name
+	1, // [1:2] is the sub-list for extension extendee
+	0, // [0:1] is the sub-list for field type_name
+}
+
+func init() { file_udpa_annotations_status_proto_init() }
+func file_udpa_annotations_status_proto_init() {
+	if File_udpa_annotations_status_proto != nil {
+		return
+	}
+	if !protoimpl.UnsafeEnabled {
+		file_udpa_annotations_status_proto_msgTypes[0].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*StatusAnnotation); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+	}
+	type x struct{}
+	out := protoimpl.TypeBuilder{
+		File: protoimpl.DescBuilder{
+			GoPackagePath: reflect.TypeOf(x{}).PkgPath(),
+			RawDescriptor: file_udpa_annotations_status_proto_rawDesc,
+			NumEnums:      1,
+			NumMessages:   1,
+			NumExtensions: 1,
+			NumServices:   0,
+		},
+		GoTypes:           file_udpa_annotations_status_proto_goTypes,
+		DependencyIndexes: file_udpa_annotations_status_proto_depIdxs,
+		EnumInfos:         file_udpa_annotations_status_proto_enumTypes,
+		MessageInfos:      file_udpa_annotations_status_proto_msgTypes,
+		ExtensionInfos:    file_udpa_annotations_status_proto_extTypes,
+	}.Build()
+	File_udpa_annotations_status_proto = out.File
+	file_udpa_annotations_status_proto_rawDesc = nil
+	file_udpa_annotations_status_proto_goTypes = nil
+	file_udpa_annotations_status_proto_depIdxs = nil
+}
diff --git a/vendor/github.com/cncf/xds/go/udpa/annotations/status.pb.validate.go b/vendor/github.com/cncf/xds/go/udpa/annotations/status.pb.validate.go
new file mode 100644
index 00000000000..9af17c92f7f
--- /dev/null
+++ b/vendor/github.com/cncf/xds/go/udpa/annotations/status.pb.validate.go
@@ -0,0 +1,103 @@
+// Code generated by protoc-gen-validate. DO NOT EDIT.
+// source: udpa/annotations/status.proto
+
+package annotations
+
+import (
+	"bytes"
+	"errors"
+	"fmt"
+	"net"
+	"net/mail"
+	"net/url"
+	"regexp"
+	"strings"
+	"time"
+	"unicode/utf8"
+
+	"google.golang.org/protobuf/types/known/anypb"
+)
+
+// ensure the imports are used
+var (
+	_ = bytes.MinRead
+	_ = errors.New("")
+	_ = fmt.Print
+	_ = utf8.UTFMax
+	_ = (*regexp.Regexp)(nil)
+	_ = (*strings.Reader)(nil)
+	_ = net.IPv4len
+	_ = time.Duration(0)
+	_ = (*url.URL)(nil)
+	_ = (*mail.Address)(nil)
+	_ = anypb.Any{}
+)
+
+// Validate checks the field values on StatusAnnotation with the rules defined
+// in the proto definition for this message. If any rules are violated, an
+// error is returned.
+func (m *StatusAnnotation) Validate() error {
+	if m == nil {
+		return nil
+	}
+
+	// no validation rules for WorkInProgress
+
+	// no validation rules for PackageVersionStatus
+
+	return nil
+}
+
+// StatusAnnotationValidationError is the validation error returned by
+// StatusAnnotation.Validate if the designated constraints aren't met.
+type StatusAnnotationValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e StatusAnnotationValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e StatusAnnotationValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e StatusAnnotationValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e StatusAnnotationValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e StatusAnnotationValidationError) ErrorName() string { return "StatusAnnotationValidationError" }
+
+// Error satisfies the builtin error interface
+func (e StatusAnnotationValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sStatusAnnotation.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = StatusAnnotationValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = StatusAnnotationValidationError{}
diff --git a/vendor/github.com/cncf/xds/go/udpa/annotations/versioning.pb.go b/vendor/github.com/cncf/xds/go/udpa/annotations/versioning.pb.go
new file mode 100644
index 00000000000..49ced5fb7dd
--- /dev/null
+++ b/vendor/github.com/cncf/xds/go/udpa/annotations/versioning.pb.go
@@ -0,0 +1,183 @@
+// Code generated by protoc-gen-go. DO NOT EDIT.
+// versions:
+// 	protoc-gen-go v1.25.0
+// 	protoc        v3.18.0
+// source: udpa/annotations/versioning.proto
+
+package annotations
+
+import (
+	proto "github.com/golang/protobuf/proto"
+	protoreflect "google.golang.org/protobuf/reflect/protoreflect"
+	protoimpl "google.golang.org/protobuf/runtime/protoimpl"
+	descriptorpb "google.golang.org/protobuf/types/descriptorpb"
+	reflect "reflect"
+	sync "sync"
+)
+
+const (
+	// Verify that this generated code is sufficiently up-to-date.
+	_ = protoimpl.EnforceVersion(20 - protoimpl.MinVersion)
+	// Verify that runtime/protoimpl is sufficiently up-to-date.
+	_ = protoimpl.EnforceVersion(protoimpl.MaxVersion - 20)
+)
+
+// This is a compile-time assertion that a sufficiently up-to-date version
+// of the legacy proto package is being used.
+const _ = proto.ProtoPackageIsVersion4
+
+type VersioningAnnotation struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	PreviousMessageType string `protobuf:"bytes,1,opt,name=previous_message_type,json=previousMessageType,proto3" json:"previous_message_type,omitempty"`
+}
+
+func (x *VersioningAnnotation) Reset() {
+	*x = VersioningAnnotation{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_udpa_annotations_versioning_proto_msgTypes[0]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *VersioningAnnotation) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*VersioningAnnotation) ProtoMessage() {}
+
+func (x *VersioningAnnotation) ProtoReflect() protoreflect.Message {
+	mi := &file_udpa_annotations_versioning_proto_msgTypes[0]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use VersioningAnnotation.ProtoReflect.Descriptor instead.
+func (*VersioningAnnotation) Descriptor() ([]byte, []int) {
+	return file_udpa_annotations_versioning_proto_rawDescGZIP(), []int{0}
+}
+
+func (x *VersioningAnnotation) GetPreviousMessageType() string {
+	if x != nil {
+		return x.PreviousMessageType
+	}
+	return ""
+}
+
+var file_udpa_annotations_versioning_proto_extTypes = []protoimpl.ExtensionInfo{
+	{
+		ExtendedType:  (*descriptorpb.MessageOptions)(nil),
+		ExtensionType: (*VersioningAnnotation)(nil),
+		Field:         7881811,
+		Name:          "udpa.annotations.versioning",
+		Tag:           "bytes,7881811,opt,name=versioning",
+		Filename:      "udpa/annotations/versioning.proto",
+	},
+}
+
+// Extension fields to descriptorpb.MessageOptions.
+var (
+	// optional udpa.annotations.VersioningAnnotation versioning = 7881811;
+	E_Versioning = &file_udpa_annotations_versioning_proto_extTypes[0]
+)
+
+var File_udpa_annotations_versioning_proto protoreflect.FileDescriptor
+
+var file_udpa_annotations_versioning_proto_rawDesc = []byte{
+	0x0a, 0x21, 0x75, 0x64, 0x70, 0x61, 0x2f, 0x61, 0x6e, 0x6e, 0x6f, 0x74, 0x61, 0x74, 0x69, 0x6f,
+	0x6e, 0x73, 0x2f, 0x76, 0x65, 0x72, 0x73, 0x69, 0x6f, 0x6e, 0x69, 0x6e, 0x67, 0x2e, 0x70, 0x72,
+	0x6f, 0x74, 0x6f, 0x12, 0x10, 0x75, 0x64, 0x70, 0x61, 0x2e, 0x61, 0x6e, 0x6e, 0x6f, 0x74, 0x61,
+	0x74, 0x69, 0x6f, 0x6e, 0x73, 0x1a, 0x20, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2f, 0x70, 0x72,
+	0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2f, 0x64, 0x65, 0x73, 0x63, 0x72, 0x69, 0x70, 0x74, 0x6f,
+	0x72, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x22, 0x4a, 0x0a, 0x14, 0x56, 0x65, 0x72, 0x73, 0x69,
+	0x6f, 0x6e, 0x69, 0x6e, 0x67, 0x41, 0x6e, 0x6e, 0x6f, 0x74, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x12,
+	0x32, 0x0a, 0x15, 0x70, 0x72, 0x65, 0x76, 0x69, 0x6f, 0x75, 0x73, 0x5f, 0x6d, 0x65, 0x73, 0x73,
+	0x61, 0x67, 0x65, 0x5f, 0x74, 0x79, 0x70, 0x65, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x13,
+	0x70, 0x72, 0x65, 0x76, 0x69, 0x6f, 0x75, 0x73, 0x4d, 0x65, 0x73, 0x73, 0x61, 0x67, 0x65, 0x54,
+	0x79, 0x70, 0x65, 0x3a, 0x6a, 0x0a, 0x0a, 0x76, 0x65, 0x72, 0x73, 0x69, 0x6f, 0x6e, 0x69, 0x6e,
+	0x67, 0x12, 0x1f, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f,
+	0x62, 0x75, 0x66, 0x2e, 0x4d, 0x65, 0x73, 0x73, 0x61, 0x67, 0x65, 0x4f, 0x70, 0x74, 0x69, 0x6f,
+	0x6e, 0x73, 0x18, 0xd3, 0x88, 0xe1, 0x03, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x26, 0x2e, 0x75, 0x64,
+	0x70, 0x61, 0x2e, 0x61, 0x6e, 0x6e, 0x6f, 0x74, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x2e, 0x56,
+	0x65, 0x72, 0x73, 0x69, 0x6f, 0x6e, 0x69, 0x6e, 0x67, 0x41, 0x6e, 0x6e, 0x6f, 0x74, 0x61, 0x74,
+	0x69, 0x6f, 0x6e, 0x52, 0x0a, 0x76, 0x65, 0x72, 0x73, 0x69, 0x6f, 0x6e, 0x69, 0x6e, 0x67, 0x42,
+	0x24, 0x5a, 0x22, 0x67, 0x69, 0x74, 0x68, 0x75, 0x62, 0x2e, 0x63, 0x6f, 0x6d, 0x2f, 0x63, 0x6e,
+	0x63, 0x66, 0x2f, 0x78, 0x64, 0x73, 0x2f, 0x67, 0x6f, 0x2f, 0x61, 0x6e, 0x6e, 0x6f, 0x74, 0x61,
+	0x74, 0x69, 0x6f, 0x6e, 0x73, 0x62, 0x06, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x33,
+}
+
+var (
+	file_udpa_annotations_versioning_proto_rawDescOnce sync.Once
+	file_udpa_annotations_versioning_proto_rawDescData = file_udpa_annotations_versioning_proto_rawDesc
+)
+
+func file_udpa_annotations_versioning_proto_rawDescGZIP() []byte {
+	file_udpa_annotations_versioning_proto_rawDescOnce.Do(func() {
+		file_udpa_annotations_versioning_proto_rawDescData = protoimpl.X.CompressGZIP(file_udpa_annotations_versioning_proto_rawDescData)
+	})
+	return file_udpa_annotations_versioning_proto_rawDescData
+}
+
+var file_udpa_annotations_versioning_proto_msgTypes = make([]protoimpl.MessageInfo, 1)
+var file_udpa_annotations_versioning_proto_goTypes = []interface{}{
+	(*VersioningAnnotation)(nil),        // 0: udpa.annotations.VersioningAnnotation
+	(*descriptorpb.MessageOptions)(nil), // 1: google.protobuf.MessageOptions
+}
+var file_udpa_annotations_versioning_proto_depIdxs = []int32{
+	1, // 0: udpa.annotations.versioning:extendee -> google.protobuf.MessageOptions
+	0, // 1: udpa.annotations.versioning:type_name -> udpa.annotations.VersioningAnnotation
+	2, // [2:2] is the sub-list for method output_type
+	2, // [2:2] is the sub-list for method input_type
+	1, // [1:2] is the sub-list for extension type_name
+	0, // [0:1] is the sub-list for extension extendee
+	0, // [0:0] is the sub-list for field type_name
+}
+
+func init() { file_udpa_annotations_versioning_proto_init() }
+func file_udpa_annotations_versioning_proto_init() {
+	if File_udpa_annotations_versioning_proto != nil {
+		return
+	}
+	if !protoimpl.UnsafeEnabled {
+		file_udpa_annotations_versioning_proto_msgTypes[0].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*VersioningAnnotation); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+	}
+	type x struct{}
+	out := protoimpl.TypeBuilder{
+		File: protoimpl.DescBuilder{
+			GoPackagePath: reflect.TypeOf(x{}).PkgPath(),
+			RawDescriptor: file_udpa_annotations_versioning_proto_rawDesc,
+			NumEnums:      0,
+			NumMessages:   1,
+			NumExtensions: 1,
+			NumServices:   0,
+		},
+		GoTypes:           file_udpa_annotations_versioning_proto_goTypes,
+		DependencyIndexes: file_udpa_annotations_versioning_proto_depIdxs,
+		MessageInfos:      file_udpa_annotations_versioning_proto_msgTypes,
+		ExtensionInfos:    file_udpa_annotations_versioning_proto_extTypes,
+	}.Build()
+	File_udpa_annotations_versioning_proto = out.File
+	file_udpa_annotations_versioning_proto_rawDesc = nil
+	file_udpa_annotations_versioning_proto_goTypes = nil
+	file_udpa_annotations_versioning_proto_depIdxs = nil
+}
diff --git a/vendor/github.com/cncf/xds/go/udpa/annotations/versioning.pb.validate.go b/vendor/github.com/cncf/xds/go/udpa/annotations/versioning.pb.validate.go
new file mode 100644
index 00000000000..e88144cc1e5
--- /dev/null
+++ b/vendor/github.com/cncf/xds/go/udpa/annotations/versioning.pb.validate.go
@@ -0,0 +1,103 @@
+// Code generated by protoc-gen-validate. DO NOT EDIT.
+// source: udpa/annotations/versioning.proto
+
+package annotations
+
+import (
+	"bytes"
+	"errors"
+	"fmt"
+	"net"
+	"net/mail"
+	"net/url"
+	"regexp"
+	"strings"
+	"time"
+	"unicode/utf8"
+
+	"google.golang.org/protobuf/types/known/anypb"
+)
+
+// ensure the imports are used
+var (
+	_ = bytes.MinRead
+	_ = errors.New("")
+	_ = fmt.Print
+	_ = utf8.UTFMax
+	_ = (*regexp.Regexp)(nil)
+	_ = (*strings.Reader)(nil)
+	_ = net.IPv4len
+	_ = time.Duration(0)
+	_ = (*url.URL)(nil)
+	_ = (*mail.Address)(nil)
+	_ = anypb.Any{}
+)
+
+// Validate checks the field values on VersioningAnnotation with the rules
+// defined in the proto definition for this message. If any rules are
+// violated, an error is returned.
+func (m *VersioningAnnotation) Validate() error {
+	if m == nil {
+		return nil
+	}
+
+	// no validation rules for PreviousMessageType
+
+	return nil
+}
+
+// VersioningAnnotationValidationError is the validation error returned by
+// VersioningAnnotation.Validate if the designated constraints aren't met.
+type VersioningAnnotationValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e VersioningAnnotationValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e VersioningAnnotationValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e VersioningAnnotationValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e VersioningAnnotationValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e VersioningAnnotationValidationError) ErrorName() string {
+	return "VersioningAnnotationValidationError"
+}
+
+// Error satisfies the builtin error interface
+func (e VersioningAnnotationValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sVersioningAnnotation.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = VersioningAnnotationValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = VersioningAnnotationValidationError{}
diff --git a/vendor/github.com/cncf/xds/go/xds/annotations/v3/status.pb.go b/vendor/github.com/cncf/xds/go/xds/annotations/v3/status.pb.go
new file mode 100644
index 00000000000..af991721e0f
--- /dev/null
+++ b/vendor/github.com/cncf/xds/go/xds/annotations/v3/status.pb.go
@@ -0,0 +1,357 @@
+// Code generated by protoc-gen-go. DO NOT EDIT.
+// versions:
+// 	protoc-gen-go v1.25.0
+// 	protoc        v3.18.0
+// source: xds/annotations/v3/status.proto
+
+package xds_annotations_v3
+
+import (
+	proto "github.com/golang/protobuf/proto"
+	protoreflect "google.golang.org/protobuf/reflect/protoreflect"
+	protoimpl "google.golang.org/protobuf/runtime/protoimpl"
+	descriptorpb "google.golang.org/protobuf/types/descriptorpb"
+	reflect "reflect"
+	sync "sync"
+)
+
+const (
+	// Verify that this generated code is sufficiently up-to-date.
+	_ = protoimpl.EnforceVersion(20 - protoimpl.MinVersion)
+	// Verify that runtime/protoimpl is sufficiently up-to-date.
+	_ = protoimpl.EnforceVersion(protoimpl.MaxVersion - 20)
+)
+
+// This is a compile-time assertion that a sufficiently up-to-date version
+// of the legacy proto package is being used.
+const _ = proto.ProtoPackageIsVersion4
+
+type FileStatusAnnotation struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	WorkInProgress bool `protobuf:"varint,1,opt,name=work_in_progress,json=workInProgress,proto3" json:"work_in_progress,omitempty"`
+}
+
+func (x *FileStatusAnnotation) Reset() {
+	*x = FileStatusAnnotation{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_xds_annotations_v3_status_proto_msgTypes[0]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *FileStatusAnnotation) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*FileStatusAnnotation) ProtoMessage() {}
+
+func (x *FileStatusAnnotation) ProtoReflect() protoreflect.Message {
+	mi := &file_xds_annotations_v3_status_proto_msgTypes[0]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use FileStatusAnnotation.ProtoReflect.Descriptor instead.
+func (*FileStatusAnnotation) Descriptor() ([]byte, []int) {
+	return file_xds_annotations_v3_status_proto_rawDescGZIP(), []int{0}
+}
+
+func (x *FileStatusAnnotation) GetWorkInProgress() bool {
+	if x != nil {
+		return x.WorkInProgress
+	}
+	return false
+}
+
+type MessageStatusAnnotation struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	WorkInProgress bool `protobuf:"varint,1,opt,name=work_in_progress,json=workInProgress,proto3" json:"work_in_progress,omitempty"`
+}
+
+func (x *MessageStatusAnnotation) Reset() {
+	*x = MessageStatusAnnotation{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_xds_annotations_v3_status_proto_msgTypes[1]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *MessageStatusAnnotation) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*MessageStatusAnnotation) ProtoMessage() {}
+
+func (x *MessageStatusAnnotation) ProtoReflect() protoreflect.Message {
+	mi := &file_xds_annotations_v3_status_proto_msgTypes[1]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use MessageStatusAnnotation.ProtoReflect.Descriptor instead.
+func (*MessageStatusAnnotation) Descriptor() ([]byte, []int) {
+	return file_xds_annotations_v3_status_proto_rawDescGZIP(), []int{1}
+}
+
+func (x *MessageStatusAnnotation) GetWorkInProgress() bool {
+	if x != nil {
+		return x.WorkInProgress
+	}
+	return false
+}
+
+type FieldStatusAnnotation struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	WorkInProgress bool `protobuf:"varint,1,opt,name=work_in_progress,json=workInProgress,proto3" json:"work_in_progress,omitempty"`
+}
+
+func (x *FieldStatusAnnotation) Reset() {
+	*x = FieldStatusAnnotation{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_xds_annotations_v3_status_proto_msgTypes[2]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *FieldStatusAnnotation) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*FieldStatusAnnotation) ProtoMessage() {}
+
+func (x *FieldStatusAnnotation) ProtoReflect() protoreflect.Message {
+	mi := &file_xds_annotations_v3_status_proto_msgTypes[2]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use FieldStatusAnnotation.ProtoReflect.Descriptor instead.
+func (*FieldStatusAnnotation) Descriptor() ([]byte, []int) {
+	return file_xds_annotations_v3_status_proto_rawDescGZIP(), []int{2}
+}
+
+func (x *FieldStatusAnnotation) GetWorkInProgress() bool {
+	if x != nil {
+		return x.WorkInProgress
+	}
+	return false
+}
+
+var file_xds_annotations_v3_status_proto_extTypes = []protoimpl.ExtensionInfo{
+	{
+		ExtendedType:  (*descriptorpb.FileOptions)(nil),
+		ExtensionType: (*FileStatusAnnotation)(nil),
+		Field:         226829418,
+		Name:          "xds.annotations.v3.file_status",
+		Tag:           "bytes,226829418,opt,name=file_status",
+		Filename:      "xds/annotations/v3/status.proto",
+	},
+	{
+		ExtendedType:  (*descriptorpb.MessageOptions)(nil),
+		ExtensionType: (*MessageStatusAnnotation)(nil),
+		Field:         226829418,
+		Name:          "xds.annotations.v3.message_status",
+		Tag:           "bytes,226829418,opt,name=message_status",
+		Filename:      "xds/annotations/v3/status.proto",
+	},
+	{
+		ExtendedType:  (*descriptorpb.FieldOptions)(nil),
+		ExtensionType: (*FieldStatusAnnotation)(nil),
+		Field:         226829418,
+		Name:          "xds.annotations.v3.field_status",
+		Tag:           "bytes,226829418,opt,name=field_status",
+		Filename:      "xds/annotations/v3/status.proto",
+	},
+}
+
+// Extension fields to descriptorpb.FileOptions.
+var (
+	// optional xds.annotations.v3.FileStatusAnnotation file_status = 226829418;
+	E_FileStatus = &file_xds_annotations_v3_status_proto_extTypes[0]
+)
+
+// Extension fields to descriptorpb.MessageOptions.
+var (
+	// optional xds.annotations.v3.MessageStatusAnnotation message_status = 226829418;
+	E_MessageStatus = &file_xds_annotations_v3_status_proto_extTypes[1]
+)
+
+// Extension fields to descriptorpb.FieldOptions.
+var (
+	// optional xds.annotations.v3.FieldStatusAnnotation field_status = 226829418;
+	E_FieldStatus = &file_xds_annotations_v3_status_proto_extTypes[2]
+)
+
+var File_xds_annotations_v3_status_proto protoreflect.FileDescriptor
+
+var file_xds_annotations_v3_status_proto_rawDesc = []byte{
+	0x0a, 0x1f, 0x78, 0x64, 0x73, 0x2f, 0x61, 0x6e, 0x6e, 0x6f, 0x74, 0x61, 0x74, 0x69, 0x6f, 0x6e,
+	0x73, 0x2f, 0x76, 0x33, 0x2f, 0x73, 0x74, 0x61, 0x74, 0x75, 0x73, 0x2e, 0x70, 0x72, 0x6f, 0x74,
+	0x6f, 0x12, 0x12, 0x78, 0x64, 0x73, 0x2e, 0x61, 0x6e, 0x6e, 0x6f, 0x74, 0x61, 0x74, 0x69, 0x6f,
+	0x6e, 0x73, 0x2e, 0x76, 0x33, 0x1a, 0x20, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2f, 0x70, 0x72,
+	0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2f, 0x64, 0x65, 0x73, 0x63, 0x72, 0x69, 0x70, 0x74, 0x6f,
+	0x72, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x22, 0x40, 0x0a, 0x14, 0x46, 0x69, 0x6c, 0x65, 0x53,
+	0x74, 0x61, 0x74, 0x75, 0x73, 0x41, 0x6e, 0x6e, 0x6f, 0x74, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x12,
+	0x28, 0x0a, 0x10, 0x77, 0x6f, 0x72, 0x6b, 0x5f, 0x69, 0x6e, 0x5f, 0x70, 0x72, 0x6f, 0x67, 0x72,
+	0x65, 0x73, 0x73, 0x18, 0x01, 0x20, 0x01, 0x28, 0x08, 0x52, 0x0e, 0x77, 0x6f, 0x72, 0x6b, 0x49,
+	0x6e, 0x50, 0x72, 0x6f, 0x67, 0x72, 0x65, 0x73, 0x73, 0x22, 0x43, 0x0a, 0x17, 0x4d, 0x65, 0x73,
+	0x73, 0x61, 0x67, 0x65, 0x53, 0x74, 0x61, 0x74, 0x75, 0x73, 0x41, 0x6e, 0x6e, 0x6f, 0x74, 0x61,
+	0x74, 0x69, 0x6f, 0x6e, 0x12, 0x28, 0x0a, 0x10, 0x77, 0x6f, 0x72, 0x6b, 0x5f, 0x69, 0x6e, 0x5f,
+	0x70, 0x72, 0x6f, 0x67, 0x72, 0x65, 0x73, 0x73, 0x18, 0x01, 0x20, 0x01, 0x28, 0x08, 0x52, 0x0e,
+	0x77, 0x6f, 0x72, 0x6b, 0x49, 0x6e, 0x50, 0x72, 0x6f, 0x67, 0x72, 0x65, 0x73, 0x73, 0x22, 0x41,
+	0x0a, 0x15, 0x46, 0x69, 0x65, 0x6c, 0x64, 0x53, 0x74, 0x61, 0x74, 0x75, 0x73, 0x41, 0x6e, 0x6e,
+	0x6f, 0x74, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x12, 0x28, 0x0a, 0x10, 0x77, 0x6f, 0x72, 0x6b, 0x5f,
+	0x69, 0x6e, 0x5f, 0x70, 0x72, 0x6f, 0x67, 0x72, 0x65, 0x73, 0x73, 0x18, 0x01, 0x20, 0x01, 0x28,
+	0x08, 0x52, 0x0e, 0x77, 0x6f, 0x72, 0x6b, 0x49, 0x6e, 0x50, 0x72, 0x6f, 0x67, 0x72, 0x65, 0x73,
+	0x73, 0x3a, 0x6a, 0x0a, 0x0b, 0x66, 0x69, 0x6c, 0x65, 0x5f, 0x73, 0x74, 0x61, 0x74, 0x75, 0x73,
+	0x12, 0x1c, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62,
+	0x75, 0x66, 0x2e, 0x46, 0x69, 0x6c, 0x65, 0x4f, 0x70, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x18, 0xea,
+	0xc8, 0x94, 0x6c, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x28, 0x2e, 0x78, 0x64, 0x73, 0x2e, 0x61, 0x6e,
+	0x6e, 0x6f, 0x74, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x2e, 0x76, 0x33, 0x2e, 0x46, 0x69, 0x6c,
+	0x65, 0x53, 0x74, 0x61, 0x74, 0x75, 0x73, 0x41, 0x6e, 0x6e, 0x6f, 0x74, 0x61, 0x74, 0x69, 0x6f,
+	0x6e, 0x52, 0x0a, 0x66, 0x69, 0x6c, 0x65, 0x53, 0x74, 0x61, 0x74, 0x75, 0x73, 0x3a, 0x76, 0x0a,
+	0x0e, 0x6d, 0x65, 0x73, 0x73, 0x61, 0x67, 0x65, 0x5f, 0x73, 0x74, 0x61, 0x74, 0x75, 0x73, 0x12,
+	0x1f, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75,
+	0x66, 0x2e, 0x4d, 0x65, 0x73, 0x73, 0x61, 0x67, 0x65, 0x4f, 0x70, 0x74, 0x69, 0x6f, 0x6e, 0x73,
+	0x18, 0xea, 0xc8, 0x94, 0x6c, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x2b, 0x2e, 0x78, 0x64, 0x73, 0x2e,
+	0x61, 0x6e, 0x6e, 0x6f, 0x74, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x2e, 0x76, 0x33, 0x2e, 0x4d,
+	0x65, 0x73, 0x73, 0x61, 0x67, 0x65, 0x53, 0x74, 0x61, 0x74, 0x75, 0x73, 0x41, 0x6e, 0x6e, 0x6f,
+	0x74, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x52, 0x0d, 0x6d, 0x65, 0x73, 0x73, 0x61, 0x67, 0x65, 0x53,
+	0x74, 0x61, 0x74, 0x75, 0x73, 0x3a, 0x6e, 0x0a, 0x0c, 0x66, 0x69, 0x65, 0x6c, 0x64, 0x5f, 0x73,
+	0x74, 0x61, 0x74, 0x75, 0x73, 0x12, 0x1d, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70,
+	0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x46, 0x69, 0x65, 0x6c, 0x64, 0x4f, 0x70, 0x74,
+	0x69, 0x6f, 0x6e, 0x73, 0x18, 0xea, 0xc8, 0x94, 0x6c, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x29, 0x2e,
+	0x78, 0x64, 0x73, 0x2e, 0x61, 0x6e, 0x6e, 0x6f, 0x74, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x2e,
+	0x76, 0x33, 0x2e, 0x46, 0x69, 0x65, 0x6c, 0x64, 0x53, 0x74, 0x61, 0x74, 0x75, 0x73, 0x41, 0x6e,
+	0x6e, 0x6f, 0x74, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x52, 0x0b, 0x66, 0x69, 0x65, 0x6c, 0x64, 0x53,
+	0x74, 0x61, 0x74, 0x75, 0x73, 0x62, 0x06, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x33,
+}
+
+var (
+	file_xds_annotations_v3_status_proto_rawDescOnce sync.Once
+	file_xds_annotations_v3_status_proto_rawDescData = file_xds_annotations_v3_status_proto_rawDesc
+)
+
+func file_xds_annotations_v3_status_proto_rawDescGZIP() []byte {
+	file_xds_annotations_v3_status_proto_rawDescOnce.Do(func() {
+		file_xds_annotations_v3_status_proto_rawDescData = protoimpl.X.CompressGZIP(file_xds_annotations_v3_status_proto_rawDescData)
+	})
+	return file_xds_annotations_v3_status_proto_rawDescData
+}
+
+var file_xds_annotations_v3_status_proto_msgTypes = make([]protoimpl.MessageInfo, 3)
+var file_xds_annotations_v3_status_proto_goTypes = []interface{}{
+	(*FileStatusAnnotation)(nil),        // 0: xds.annotations.v3.FileStatusAnnotation
+	(*MessageStatusAnnotation)(nil),     // 1: xds.annotations.v3.MessageStatusAnnotation
+	(*FieldStatusAnnotation)(nil),       // 2: xds.annotations.v3.FieldStatusAnnotation
+	(*descriptorpb.FileOptions)(nil),    // 3: google.protobuf.FileOptions
+	(*descriptorpb.MessageOptions)(nil), // 4: google.protobuf.MessageOptions
+	(*descriptorpb.FieldOptions)(nil),   // 5: google.protobuf.FieldOptions
+}
+var file_xds_annotations_v3_status_proto_depIdxs = []int32{
+	3, // 0: xds.annotations.v3.file_status:extendee -> google.protobuf.FileOptions
+	4, // 1: xds.annotations.v3.message_status:extendee -> google.protobuf.MessageOptions
+	5, // 2: xds.annotations.v3.field_status:extendee -> google.protobuf.FieldOptions
+	0, // 3: xds.annotations.v3.file_status:type_name -> xds.annotations.v3.FileStatusAnnotation
+	1, // 4: xds.annotations.v3.message_status:type_name -> xds.annotations.v3.MessageStatusAnnotation
+	2, // 5: xds.annotations.v3.field_status:type_name -> xds.annotations.v3.FieldStatusAnnotation
+	6, // [6:6] is the sub-list for method output_type
+	6, // [6:6] is the sub-list for method input_type
+	3, // [3:6] is the sub-list for extension type_name
+	0, // [0:3] is the sub-list for extension extendee
+	0, // [0:0] is the sub-list for field type_name
+}
+
+func init() { file_xds_annotations_v3_status_proto_init() }
+func file_xds_annotations_v3_status_proto_init() {
+	if File_xds_annotations_v3_status_proto != nil {
+		return
+	}
+	if !protoimpl.UnsafeEnabled {
+		file_xds_annotations_v3_status_proto_msgTypes[0].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*FileStatusAnnotation); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_xds_annotations_v3_status_proto_msgTypes[1].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*MessageStatusAnnotation); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_xds_annotations_v3_status_proto_msgTypes[2].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*FieldStatusAnnotation); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+	}
+	type x struct{}
+	out := protoimpl.TypeBuilder{
+		File: protoimpl.DescBuilder{
+			GoPackagePath: reflect.TypeOf(x{}).PkgPath(),
+			RawDescriptor: file_xds_annotations_v3_status_proto_rawDesc,
+			NumEnums:      0,
+			NumMessages:   3,
+			NumExtensions: 3,
+			NumServices:   0,
+		},
+		GoTypes:           file_xds_annotations_v3_status_proto_goTypes,
+		DependencyIndexes: file_xds_annotations_v3_status_proto_depIdxs,
+		MessageInfos:      file_xds_annotations_v3_status_proto_msgTypes,
+		ExtensionInfos:    file_xds_annotations_v3_status_proto_extTypes,
+	}.Build()
+	File_xds_annotations_v3_status_proto = out.File
+	file_xds_annotations_v3_status_proto_rawDesc = nil
+	file_xds_annotations_v3_status_proto_goTypes = nil
+	file_xds_annotations_v3_status_proto_depIdxs = nil
+}
diff --git a/vendor/github.com/cncf/xds/go/xds/annotations/v3/status.pb.validate.go b/vendor/github.com/cncf/xds/go/xds/annotations/v3/status.pb.validate.go
new file mode 100644
index 00000000000..46087f8c878
--- /dev/null
+++ b/vendor/github.com/cncf/xds/go/xds/annotations/v3/status.pb.validate.go
@@ -0,0 +1,241 @@
+// Code generated by protoc-gen-validate. DO NOT EDIT.
+// source: xds/annotations/v3/status.proto
+
+package xds_annotations_v3
+
+import (
+	"bytes"
+	"errors"
+	"fmt"
+	"net"
+	"net/mail"
+	"net/url"
+	"regexp"
+	"strings"
+	"time"
+	"unicode/utf8"
+
+	"google.golang.org/protobuf/types/known/anypb"
+)
+
+// ensure the imports are used
+var (
+	_ = bytes.MinRead
+	_ = errors.New("")
+	_ = fmt.Print
+	_ = utf8.UTFMax
+	_ = (*regexp.Regexp)(nil)
+	_ = (*strings.Reader)(nil)
+	_ = net.IPv4len
+	_ = time.Duration(0)
+	_ = (*url.URL)(nil)
+	_ = (*mail.Address)(nil)
+	_ = anypb.Any{}
+)
+
+// Validate checks the field values on FileStatusAnnotation with the rules
+// defined in the proto definition for this message. If any rules are
+// violated, an error is returned.
+func (m *FileStatusAnnotation) Validate() error {
+	if m == nil {
+		return nil
+	}
+
+	// no validation rules for WorkInProgress
+
+	return nil
+}
+
+// FileStatusAnnotationValidationError is the validation error returned by
+// FileStatusAnnotation.Validate if the designated constraints aren't met.
+type FileStatusAnnotationValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e FileStatusAnnotationValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e FileStatusAnnotationValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e FileStatusAnnotationValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e FileStatusAnnotationValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e FileStatusAnnotationValidationError) ErrorName() string {
+	return "FileStatusAnnotationValidationError"
+}
+
+// Error satisfies the builtin error interface
+func (e FileStatusAnnotationValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sFileStatusAnnotation.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = FileStatusAnnotationValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = FileStatusAnnotationValidationError{}
+
+// Validate checks the field values on MessageStatusAnnotation with the rules
+// defined in the proto definition for this message. If any rules are
+// violated, an error is returned.
+func (m *MessageStatusAnnotation) Validate() error {
+	if m == nil {
+		return nil
+	}
+
+	// no validation rules for WorkInProgress
+
+	return nil
+}
+
+// MessageStatusAnnotationValidationError is the validation error returned by
+// MessageStatusAnnotation.Validate if the designated constraints aren't met.
+type MessageStatusAnnotationValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e MessageStatusAnnotationValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e MessageStatusAnnotationValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e MessageStatusAnnotationValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e MessageStatusAnnotationValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e MessageStatusAnnotationValidationError) ErrorName() string {
+	return "MessageStatusAnnotationValidationError"
+}
+
+// Error satisfies the builtin error interface
+func (e MessageStatusAnnotationValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sMessageStatusAnnotation.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = MessageStatusAnnotationValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = MessageStatusAnnotationValidationError{}
+
+// Validate checks the field values on FieldStatusAnnotation with the rules
+// defined in the proto definition for this message. If any rules are
+// violated, an error is returned.
+func (m *FieldStatusAnnotation) Validate() error {
+	if m == nil {
+		return nil
+	}
+
+	// no validation rules for WorkInProgress
+
+	return nil
+}
+
+// FieldStatusAnnotationValidationError is the validation error returned by
+// FieldStatusAnnotation.Validate if the designated constraints aren't met.
+type FieldStatusAnnotationValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e FieldStatusAnnotationValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e FieldStatusAnnotationValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e FieldStatusAnnotationValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e FieldStatusAnnotationValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e FieldStatusAnnotationValidationError) ErrorName() string {
+	return "FieldStatusAnnotationValidationError"
+}
+
+// Error satisfies the builtin error interface
+func (e FieldStatusAnnotationValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sFieldStatusAnnotation.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = FieldStatusAnnotationValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = FieldStatusAnnotationValidationError{}
diff --git a/vendor/github.com/cncf/xds/go/xds/core/v3/authority.pb.go b/vendor/github.com/cncf/xds/go/xds/core/v3/authority.pb.go
new file mode 100644
index 00000000000..7e2a44782a3
--- /dev/null
+++ b/vendor/github.com/cncf/xds/go/xds/core/v3/authority.pb.go
@@ -0,0 +1,156 @@
+// Code generated by protoc-gen-go. DO NOT EDIT.
+// versions:
+// 	protoc-gen-go v1.25.0
+// 	protoc        v3.18.0
+// source: xds/core/v3/authority.proto
+
+package xds_core_v3
+
+import (
+	_ "github.com/cncf/xds/go/udpa/annotations"
+	_ "github.com/envoyproxy/protoc-gen-validate/validate"
+	proto "github.com/golang/protobuf/proto"
+	protoreflect "google.golang.org/protobuf/reflect/protoreflect"
+	protoimpl "google.golang.org/protobuf/runtime/protoimpl"
+	reflect "reflect"
+	sync "sync"
+)
+
+const (
+	// Verify that this generated code is sufficiently up-to-date.
+	_ = protoimpl.EnforceVersion(20 - protoimpl.MinVersion)
+	// Verify that runtime/protoimpl is sufficiently up-to-date.
+	_ = protoimpl.EnforceVersion(protoimpl.MaxVersion - 20)
+)
+
+// This is a compile-time assertion that a sufficiently up-to-date version
+// of the legacy proto package is being used.
+const _ = proto.ProtoPackageIsVersion4
+
+type Authority struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	Name string `protobuf:"bytes,1,opt,name=name,proto3" json:"name,omitempty"`
+}
+
+func (x *Authority) Reset() {
+	*x = Authority{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_xds_core_v3_authority_proto_msgTypes[0]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *Authority) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*Authority) ProtoMessage() {}
+
+func (x *Authority) ProtoReflect() protoreflect.Message {
+	mi := &file_xds_core_v3_authority_proto_msgTypes[0]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use Authority.ProtoReflect.Descriptor instead.
+func (*Authority) Descriptor() ([]byte, []int) {
+	return file_xds_core_v3_authority_proto_rawDescGZIP(), []int{0}
+}
+
+func (x *Authority) GetName() string {
+	if x != nil {
+		return x.Name
+	}
+	return ""
+}
+
+var File_xds_core_v3_authority_proto protoreflect.FileDescriptor
+
+var file_xds_core_v3_authority_proto_rawDesc = []byte{
+	0x0a, 0x1b, 0x78, 0x64, 0x73, 0x2f, 0x63, 0x6f, 0x72, 0x65, 0x2f, 0x76, 0x33, 0x2f, 0x61, 0x75,
+	0x74, 0x68, 0x6f, 0x72, 0x69, 0x74, 0x79, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x12, 0x0b, 0x78,
+	0x64, 0x73, 0x2e, 0x63, 0x6f, 0x72, 0x65, 0x2e, 0x76, 0x33, 0x1a, 0x1d, 0x75, 0x64, 0x70, 0x61,
+	0x2f, 0x61, 0x6e, 0x6e, 0x6f, 0x74, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x2f, 0x73, 0x74, 0x61,
+	0x74, 0x75, 0x73, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x17, 0x76, 0x61, 0x6c, 0x69, 0x64,
+	0x61, 0x74, 0x65, 0x2f, 0x76, 0x61, 0x6c, 0x69, 0x64, 0x61, 0x74, 0x65, 0x2e, 0x70, 0x72, 0x6f,
+	0x74, 0x6f, 0x22, 0x28, 0x0a, 0x09, 0x41, 0x75, 0x74, 0x68, 0x6f, 0x72, 0x69, 0x74, 0x79, 0x12,
+	0x1b, 0x0a, 0x04, 0x6e, 0x61, 0x6d, 0x65, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x42, 0x07, 0xfa,
+	0x42, 0x04, 0x72, 0x02, 0x10, 0x01, 0x52, 0x04, 0x6e, 0x61, 0x6d, 0x65, 0x42, 0x32, 0x0a, 0x16,
+	0x63, 0x6f, 0x6d, 0x2e, 0x67, 0x69, 0x74, 0x68, 0x75, 0x62, 0x2e, 0x78, 0x64, 0x73, 0x2e, 0x63,
+	0x6f, 0x72, 0x65, 0x2e, 0x76, 0x33, 0x42, 0x0e, 0x41, 0x75, 0x74, 0x68, 0x6f, 0x72, 0x69, 0x74,
+	0x79, 0x50, 0x72, 0x6f, 0x74, 0x6f, 0x50, 0x01, 0xba, 0x80, 0xc8, 0xd1, 0x06, 0x02, 0x08, 0x01,
+	0x62, 0x06, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x33,
+}
+
+var (
+	file_xds_core_v3_authority_proto_rawDescOnce sync.Once
+	file_xds_core_v3_authority_proto_rawDescData = file_xds_core_v3_authority_proto_rawDesc
+)
+
+func file_xds_core_v3_authority_proto_rawDescGZIP() []byte {
+	file_xds_core_v3_authority_proto_rawDescOnce.Do(func() {
+		file_xds_core_v3_authority_proto_rawDescData = protoimpl.X.CompressGZIP(file_xds_core_v3_authority_proto_rawDescData)
+	})
+	return file_xds_core_v3_authority_proto_rawDescData
+}
+
+var file_xds_core_v3_authority_proto_msgTypes = make([]protoimpl.MessageInfo, 1)
+var file_xds_core_v3_authority_proto_goTypes = []interface{}{
+	(*Authority)(nil), // 0: xds.core.v3.Authority
+}
+var file_xds_core_v3_authority_proto_depIdxs = []int32{
+	0, // [0:0] is the sub-list for method output_type
+	0, // [0:0] is the sub-list for method input_type
+	0, // [0:0] is the sub-list for extension type_name
+	0, // [0:0] is the sub-list for extension extendee
+	0, // [0:0] is the sub-list for field type_name
+}
+
+func init() { file_xds_core_v3_authority_proto_init() }
+func file_xds_core_v3_authority_proto_init() {
+	if File_xds_core_v3_authority_proto != nil {
+		return
+	}
+	if !protoimpl.UnsafeEnabled {
+		file_xds_core_v3_authority_proto_msgTypes[0].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*Authority); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+	}
+	type x struct{}
+	out := protoimpl.TypeBuilder{
+		File: protoimpl.DescBuilder{
+			GoPackagePath: reflect.TypeOf(x{}).PkgPath(),
+			RawDescriptor: file_xds_core_v3_authority_proto_rawDesc,
+			NumEnums:      0,
+			NumMessages:   1,
+			NumExtensions: 0,
+			NumServices:   0,
+		},
+		GoTypes:           file_xds_core_v3_authority_proto_goTypes,
+		DependencyIndexes: file_xds_core_v3_authority_proto_depIdxs,
+		MessageInfos:      file_xds_core_v3_authority_proto_msgTypes,
+	}.Build()
+	File_xds_core_v3_authority_proto = out.File
+	file_xds_core_v3_authority_proto_rawDesc = nil
+	file_xds_core_v3_authority_proto_goTypes = nil
+	file_xds_core_v3_authority_proto_depIdxs = nil
+}
diff --git a/vendor/github.com/cncf/xds/go/xds/core/v3/authority.pb.validate.go b/vendor/github.com/cncf/xds/go/xds/core/v3/authority.pb.validate.go
new file mode 100644
index 00000000000..8f49756aff2
--- /dev/null
+++ b/vendor/github.com/cncf/xds/go/xds/core/v3/authority.pb.validate.go
@@ -0,0 +1,105 @@
+// Code generated by protoc-gen-validate. DO NOT EDIT.
+// source: xds/core/v3/authority.proto
+
+package xds_core_v3
+
+import (
+	"bytes"
+	"errors"
+	"fmt"
+	"net"
+	"net/mail"
+	"net/url"
+	"regexp"
+	"strings"
+	"time"
+	"unicode/utf8"
+
+	"google.golang.org/protobuf/types/known/anypb"
+)
+
+// ensure the imports are used
+var (
+	_ = bytes.MinRead
+	_ = errors.New("")
+	_ = fmt.Print
+	_ = utf8.UTFMax
+	_ = (*regexp.Regexp)(nil)
+	_ = (*strings.Reader)(nil)
+	_ = net.IPv4len
+	_ = time.Duration(0)
+	_ = (*url.URL)(nil)
+	_ = (*mail.Address)(nil)
+	_ = anypb.Any{}
+)
+
+// Validate checks the field values on Authority with the rules defined in the
+// proto definition for this message. If any rules are violated, an error is returned.
+func (m *Authority) Validate() error {
+	if m == nil {
+		return nil
+	}
+
+	if utf8.RuneCountInString(m.GetName()) < 1 {
+		return AuthorityValidationError{
+			field:  "Name",
+			reason: "value length must be at least 1 runes",
+		}
+	}
+
+	return nil
+}
+
+// AuthorityValidationError is the validation error returned by
+// Authority.Validate if the designated constraints aren't met.
+type AuthorityValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e AuthorityValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e AuthorityValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e AuthorityValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e AuthorityValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e AuthorityValidationError) ErrorName() string { return "AuthorityValidationError" }
+
+// Error satisfies the builtin error interface
+func (e AuthorityValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sAuthority.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = AuthorityValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = AuthorityValidationError{}
diff --git a/vendor/github.com/cncf/xds/go/xds/core/v3/collection_entry.pb.go b/vendor/github.com/cncf/xds/go/xds/core/v3/collection_entry.pb.go
new file mode 100644
index 00000000000..4cf58d72394
--- /dev/null
+++ b/vendor/github.com/cncf/xds/go/xds/core/v3/collection_entry.pb.go
@@ -0,0 +1,298 @@
+// Code generated by protoc-gen-go. DO NOT EDIT.
+// versions:
+// 	protoc-gen-go v1.25.0
+// 	protoc        v3.18.0
+// source: xds/core/v3/collection_entry.proto
+
+package xds_core_v3
+
+import (
+	_ "github.com/cncf/xds/go/udpa/annotations"
+	_ "github.com/envoyproxy/protoc-gen-validate/validate"
+	proto "github.com/golang/protobuf/proto"
+	any "github.com/golang/protobuf/ptypes/any"
+	protoreflect "google.golang.org/protobuf/reflect/protoreflect"
+	protoimpl "google.golang.org/protobuf/runtime/protoimpl"
+	reflect "reflect"
+	sync "sync"
+)
+
+const (
+	// Verify that this generated code is sufficiently up-to-date.
+	_ = protoimpl.EnforceVersion(20 - protoimpl.MinVersion)
+	// Verify that runtime/protoimpl is sufficiently up-to-date.
+	_ = protoimpl.EnforceVersion(protoimpl.MaxVersion - 20)
+)
+
+// This is a compile-time assertion that a sufficiently up-to-date version
+// of the legacy proto package is being used.
+const _ = proto.ProtoPackageIsVersion4
+
+type CollectionEntry struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// Types that are assignable to ResourceSpecifier:
+	//	*CollectionEntry_Locator
+	//	*CollectionEntry_InlineEntry_
+	ResourceSpecifier isCollectionEntry_ResourceSpecifier `protobuf_oneof:"resource_specifier"`
+}
+
+func (x *CollectionEntry) Reset() {
+	*x = CollectionEntry{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_xds_core_v3_collection_entry_proto_msgTypes[0]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *CollectionEntry) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*CollectionEntry) ProtoMessage() {}
+
+func (x *CollectionEntry) ProtoReflect() protoreflect.Message {
+	mi := &file_xds_core_v3_collection_entry_proto_msgTypes[0]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use CollectionEntry.ProtoReflect.Descriptor instead.
+func (*CollectionEntry) Descriptor() ([]byte, []int) {
+	return file_xds_core_v3_collection_entry_proto_rawDescGZIP(), []int{0}
+}
+
+func (m *CollectionEntry) GetResourceSpecifier() isCollectionEntry_ResourceSpecifier {
+	if m != nil {
+		return m.ResourceSpecifier
+	}
+	return nil
+}
+
+func (x *CollectionEntry) GetLocator() *ResourceLocator {
+	if x, ok := x.GetResourceSpecifier().(*CollectionEntry_Locator); ok {
+		return x.Locator
+	}
+	return nil
+}
+
+func (x *CollectionEntry) GetInlineEntry() *CollectionEntry_InlineEntry {
+	if x, ok := x.GetResourceSpecifier().(*CollectionEntry_InlineEntry_); ok {
+		return x.InlineEntry
+	}
+	return nil
+}
+
+type isCollectionEntry_ResourceSpecifier interface {
+	isCollectionEntry_ResourceSpecifier()
+}
+
+type CollectionEntry_Locator struct {
+	Locator *ResourceLocator `protobuf:"bytes,1,opt,name=locator,proto3,oneof"`
+}
+
+type CollectionEntry_InlineEntry_ struct {
+	InlineEntry *CollectionEntry_InlineEntry `protobuf:"bytes,2,opt,name=inline_entry,json=inlineEntry,proto3,oneof"`
+}
+
+func (*CollectionEntry_Locator) isCollectionEntry_ResourceSpecifier() {}
+
+func (*CollectionEntry_InlineEntry_) isCollectionEntry_ResourceSpecifier() {}
+
+type CollectionEntry_InlineEntry struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	Name     string   `protobuf:"bytes,1,opt,name=name,proto3" json:"name,omitempty"`
+	Version  string   `protobuf:"bytes,2,opt,name=version,proto3" json:"version,omitempty"`
+	Resource *any.Any `protobuf:"bytes,3,opt,name=resource,proto3" json:"resource,omitempty"`
+}
+
+func (x *CollectionEntry_InlineEntry) Reset() {
+	*x = CollectionEntry_InlineEntry{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_xds_core_v3_collection_entry_proto_msgTypes[1]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *CollectionEntry_InlineEntry) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*CollectionEntry_InlineEntry) ProtoMessage() {}
+
+func (x *CollectionEntry_InlineEntry) ProtoReflect() protoreflect.Message {
+	mi := &file_xds_core_v3_collection_entry_proto_msgTypes[1]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use CollectionEntry_InlineEntry.ProtoReflect.Descriptor instead.
+func (*CollectionEntry_InlineEntry) Descriptor() ([]byte, []int) {
+	return file_xds_core_v3_collection_entry_proto_rawDescGZIP(), []int{0, 0}
+}
+
+func (x *CollectionEntry_InlineEntry) GetName() string {
+	if x != nil {
+		return x.Name
+	}
+	return ""
+}
+
+func (x *CollectionEntry_InlineEntry) GetVersion() string {
+	if x != nil {
+		return x.Version
+	}
+	return ""
+}
+
+func (x *CollectionEntry_InlineEntry) GetResource() *any.Any {
+	if x != nil {
+		return x.Resource
+	}
+	return nil
+}
+
+var File_xds_core_v3_collection_entry_proto protoreflect.FileDescriptor
+
+var file_xds_core_v3_collection_entry_proto_rawDesc = []byte{
+	0x0a, 0x22, 0x78, 0x64, 0x73, 0x2f, 0x63, 0x6f, 0x72, 0x65, 0x2f, 0x76, 0x33, 0x2f, 0x63, 0x6f,
+	0x6c, 0x6c, 0x65, 0x63, 0x74, 0x69, 0x6f, 0x6e, 0x5f, 0x65, 0x6e, 0x74, 0x72, 0x79, 0x2e, 0x70,
+	0x72, 0x6f, 0x74, 0x6f, 0x12, 0x0b, 0x78, 0x64, 0x73, 0x2e, 0x63, 0x6f, 0x72, 0x65, 0x2e, 0x76,
+	0x33, 0x1a, 0x19, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2f, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62,
+	0x75, 0x66, 0x2f, 0x61, 0x6e, 0x79, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x1d, 0x75, 0x64,
+	0x70, 0x61, 0x2f, 0x61, 0x6e, 0x6e, 0x6f, 0x74, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x2f, 0x73,
+	0x74, 0x61, 0x74, 0x75, 0x73, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x22, 0x78, 0x64, 0x73,
+	0x2f, 0x63, 0x6f, 0x72, 0x65, 0x2f, 0x76, 0x33, 0x2f, 0x72, 0x65, 0x73, 0x6f, 0x75, 0x72, 0x63,
+	0x65, 0x5f, 0x6c, 0x6f, 0x63, 0x61, 0x74, 0x6f, 0x72, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a,
+	0x17, 0x76, 0x61, 0x6c, 0x69, 0x64, 0x61, 0x74, 0x65, 0x2f, 0x76, 0x61, 0x6c, 0x69, 0x64, 0x61,
+	0x74, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x22, 0xc3, 0x02, 0x0a, 0x0f, 0x43, 0x6f, 0x6c,
+	0x6c, 0x65, 0x63, 0x74, 0x69, 0x6f, 0x6e, 0x45, 0x6e, 0x74, 0x72, 0x79, 0x12, 0x38, 0x0a, 0x07,
+	0x6c, 0x6f, 0x63, 0x61, 0x74, 0x6f, 0x72, 0x18, 0x01, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1c, 0x2e,
+	0x78, 0x64, 0x73, 0x2e, 0x63, 0x6f, 0x72, 0x65, 0x2e, 0x76, 0x33, 0x2e, 0x52, 0x65, 0x73, 0x6f,
+	0x75, 0x72, 0x63, 0x65, 0x4c, 0x6f, 0x63, 0x61, 0x74, 0x6f, 0x72, 0x48, 0x00, 0x52, 0x07, 0x6c,
+	0x6f, 0x63, 0x61, 0x74, 0x6f, 0x72, 0x12, 0x4d, 0x0a, 0x0c, 0x69, 0x6e, 0x6c, 0x69, 0x6e, 0x65,
+	0x5f, 0x65, 0x6e, 0x74, 0x72, 0x79, 0x18, 0x02, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x28, 0x2e, 0x78,
+	0x64, 0x73, 0x2e, 0x63, 0x6f, 0x72, 0x65, 0x2e, 0x76, 0x33, 0x2e, 0x43, 0x6f, 0x6c, 0x6c, 0x65,
+	0x63, 0x74, 0x69, 0x6f, 0x6e, 0x45, 0x6e, 0x74, 0x72, 0x79, 0x2e, 0x49, 0x6e, 0x6c, 0x69, 0x6e,
+	0x65, 0x45, 0x6e, 0x74, 0x72, 0x79, 0x48, 0x00, 0x52, 0x0b, 0x69, 0x6e, 0x6c, 0x69, 0x6e, 0x65,
+	0x45, 0x6e, 0x74, 0x72, 0x79, 0x1a, 0x8b, 0x01, 0x0a, 0x0b, 0x49, 0x6e, 0x6c, 0x69, 0x6e, 0x65,
+	0x45, 0x6e, 0x74, 0x72, 0x79, 0x12, 0x30, 0x0a, 0x04, 0x6e, 0x61, 0x6d, 0x65, 0x18, 0x01, 0x20,
+	0x01, 0x28, 0x09, 0x42, 0x1c, 0xfa, 0x42, 0x19, 0x72, 0x17, 0x32, 0x15, 0x5e, 0x5b, 0x30, 0x2d,
+	0x39, 0x61, 0x2d, 0x7a, 0x41, 0x2d, 0x5a, 0x5f, 0x5c, 0x2d, 0x5c, 0x2e, 0x7e, 0x3a, 0x5d, 0x2b,
+	0x24, 0x52, 0x04, 0x6e, 0x61, 0x6d, 0x65, 0x12, 0x18, 0x0a, 0x07, 0x76, 0x65, 0x72, 0x73, 0x69,
+	0x6f, 0x6e, 0x18, 0x02, 0x20, 0x01, 0x28, 0x09, 0x52, 0x07, 0x76, 0x65, 0x72, 0x73, 0x69, 0x6f,
+	0x6e, 0x12, 0x30, 0x0a, 0x08, 0x72, 0x65, 0x73, 0x6f, 0x75, 0x72, 0x63, 0x65, 0x18, 0x03, 0x20,
+	0x01, 0x28, 0x0b, 0x32, 0x14, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f,
+	0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x41, 0x6e, 0x79, 0x52, 0x08, 0x72, 0x65, 0x73, 0x6f, 0x75,
+	0x72, 0x63, 0x65, 0x42, 0x19, 0x0a, 0x12, 0x72, 0x65, 0x73, 0x6f, 0x75, 0x72, 0x63, 0x65, 0x5f,
+	0x73, 0x70, 0x65, 0x63, 0x69, 0x66, 0x69, 0x65, 0x72, 0x12, 0x03, 0xf8, 0x42, 0x01, 0x42, 0x38,
+	0x0a, 0x16, 0x63, 0x6f, 0x6d, 0x2e, 0x67, 0x69, 0x74, 0x68, 0x75, 0x62, 0x2e, 0x78, 0x64, 0x73,
+	0x2e, 0x63, 0x6f, 0x72, 0x65, 0x2e, 0x76, 0x33, 0x42, 0x14, 0x43, 0x6f, 0x6c, 0x6c, 0x65, 0x63,
+	0x74, 0x69, 0x6f, 0x6e, 0x45, 0x6e, 0x74, 0x72, 0x79, 0x50, 0x72, 0x6f, 0x74, 0x6f, 0x50, 0x01,
+	0xba, 0x80, 0xc8, 0xd1, 0x06, 0x02, 0x08, 0x01, 0x62, 0x06, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x33,
+}
+
+var (
+	file_xds_core_v3_collection_entry_proto_rawDescOnce sync.Once
+	file_xds_core_v3_collection_entry_proto_rawDescData = file_xds_core_v3_collection_entry_proto_rawDesc
+)
+
+func file_xds_core_v3_collection_entry_proto_rawDescGZIP() []byte {
+	file_xds_core_v3_collection_entry_proto_rawDescOnce.Do(func() {
+		file_xds_core_v3_collection_entry_proto_rawDescData = protoimpl.X.CompressGZIP(file_xds_core_v3_collection_entry_proto_rawDescData)
+	})
+	return file_xds_core_v3_collection_entry_proto_rawDescData
+}
+
+var file_xds_core_v3_collection_entry_proto_msgTypes = make([]protoimpl.MessageInfo, 2)
+var file_xds_core_v3_collection_entry_proto_goTypes = []interface{}{
+	(*CollectionEntry)(nil),             // 0: xds.core.v3.CollectionEntry
+	(*CollectionEntry_InlineEntry)(nil), // 1: xds.core.v3.CollectionEntry.InlineEntry
+	(*ResourceLocator)(nil),             // 2: xds.core.v3.ResourceLocator
+	(*any.Any)(nil),                     // 3: google.protobuf.Any
+}
+var file_xds_core_v3_collection_entry_proto_depIdxs = []int32{
+	2, // 0: xds.core.v3.CollectionEntry.locator:type_name -> xds.core.v3.ResourceLocator
+	1, // 1: xds.core.v3.CollectionEntry.inline_entry:type_name -> xds.core.v3.CollectionEntry.InlineEntry
+	3, // 2: xds.core.v3.CollectionEntry.InlineEntry.resource:type_name -> google.protobuf.Any
+	3, // [3:3] is the sub-list for method output_type
+	3, // [3:3] is the sub-list for method input_type
+	3, // [3:3] is the sub-list for extension type_name
+	3, // [3:3] is the sub-list for extension extendee
+	0, // [0:3] is the sub-list for field type_name
+}
+
+func init() { file_xds_core_v3_collection_entry_proto_init() }
+func file_xds_core_v3_collection_entry_proto_init() {
+	if File_xds_core_v3_collection_entry_proto != nil {
+		return
+	}
+	file_xds_core_v3_resource_locator_proto_init()
+	if !protoimpl.UnsafeEnabled {
+		file_xds_core_v3_collection_entry_proto_msgTypes[0].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*CollectionEntry); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_xds_core_v3_collection_entry_proto_msgTypes[1].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*CollectionEntry_InlineEntry); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+	}
+	file_xds_core_v3_collection_entry_proto_msgTypes[0].OneofWrappers = []interface{}{
+		(*CollectionEntry_Locator)(nil),
+		(*CollectionEntry_InlineEntry_)(nil),
+	}
+	type x struct{}
+	out := protoimpl.TypeBuilder{
+		File: protoimpl.DescBuilder{
+			GoPackagePath: reflect.TypeOf(x{}).PkgPath(),
+			RawDescriptor: file_xds_core_v3_collection_entry_proto_rawDesc,
+			NumEnums:      0,
+			NumMessages:   2,
+			NumExtensions: 0,
+			NumServices:   0,
+		},
+		GoTypes:           file_xds_core_v3_collection_entry_proto_goTypes,
+		DependencyIndexes: file_xds_core_v3_collection_entry_proto_depIdxs,
+		MessageInfos:      file_xds_core_v3_collection_entry_proto_msgTypes,
+	}.Build()
+	File_xds_core_v3_collection_entry_proto = out.File
+	file_xds_core_v3_collection_entry_proto_rawDesc = nil
+	file_xds_core_v3_collection_entry_proto_goTypes = nil
+	file_xds_core_v3_collection_entry_proto_depIdxs = nil
+}
diff --git a/vendor/github.com/cncf/xds/go/xds/core/v3/collection_entry.pb.validate.go b/vendor/github.com/cncf/xds/go/xds/core/v3/collection_entry.pb.validate.go
new file mode 100644
index 00000000000..2e5f717b9bf
--- /dev/null
+++ b/vendor/github.com/cncf/xds/go/xds/core/v3/collection_entry.pb.validate.go
@@ -0,0 +1,222 @@
+// Code generated by protoc-gen-validate. DO NOT EDIT.
+// source: xds/core/v3/collection_entry.proto
+
+package xds_core_v3
+
+import (
+	"bytes"
+	"errors"
+	"fmt"
+	"net"
+	"net/mail"
+	"net/url"
+	"regexp"
+	"strings"
+	"time"
+	"unicode/utf8"
+
+	"google.golang.org/protobuf/types/known/anypb"
+)
+
+// ensure the imports are used
+var (
+	_ = bytes.MinRead
+	_ = errors.New("")
+	_ = fmt.Print
+	_ = utf8.UTFMax
+	_ = (*regexp.Regexp)(nil)
+	_ = (*strings.Reader)(nil)
+	_ = net.IPv4len
+	_ = time.Duration(0)
+	_ = (*url.URL)(nil)
+	_ = (*mail.Address)(nil)
+	_ = anypb.Any{}
+)
+
+// Validate checks the field values on CollectionEntry with the rules defined
+// in the proto definition for this message. If any rules are violated, an
+// error is returned.
+func (m *CollectionEntry) Validate() error {
+	if m == nil {
+		return nil
+	}
+
+	switch m.ResourceSpecifier.(type) {
+
+	case *CollectionEntry_Locator:
+
+		if v, ok := interface{}(m.GetLocator()).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return CollectionEntryValidationError{
+					field:  "Locator",
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	case *CollectionEntry_InlineEntry_:
+
+		if v, ok := interface{}(m.GetInlineEntry()).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return CollectionEntryValidationError{
+					field:  "InlineEntry",
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	default:
+		return CollectionEntryValidationError{
+			field:  "ResourceSpecifier",
+			reason: "value is required",
+		}
+
+	}
+
+	return nil
+}
+
+// CollectionEntryValidationError is the validation error returned by
+// CollectionEntry.Validate if the designated constraints aren't met.
+type CollectionEntryValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e CollectionEntryValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e CollectionEntryValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e CollectionEntryValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e CollectionEntryValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e CollectionEntryValidationError) ErrorName() string { return "CollectionEntryValidationError" }
+
+// Error satisfies the builtin error interface
+func (e CollectionEntryValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sCollectionEntry.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = CollectionEntryValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = CollectionEntryValidationError{}
+
+// Validate checks the field values on CollectionEntry_InlineEntry with the
+// rules defined in the proto definition for this message. If any rules are
+// violated, an error is returned.
+func (m *CollectionEntry_InlineEntry) Validate() error {
+	if m == nil {
+		return nil
+	}
+
+	if !_CollectionEntry_InlineEntry_Name_Pattern.MatchString(m.GetName()) {
+		return CollectionEntry_InlineEntryValidationError{
+			field:  "Name",
+			reason: "value does not match regex pattern \"^[0-9a-zA-Z_\\\\-\\\\.~:]+$\"",
+		}
+	}
+
+	// no validation rules for Version
+
+	if v, ok := interface{}(m.GetResource()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return CollectionEntry_InlineEntryValidationError{
+				field:  "Resource",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	return nil
+}
+
+// CollectionEntry_InlineEntryValidationError is the validation error returned
+// by CollectionEntry_InlineEntry.Validate if the designated constraints
+// aren't met.
+type CollectionEntry_InlineEntryValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e CollectionEntry_InlineEntryValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e CollectionEntry_InlineEntryValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e CollectionEntry_InlineEntryValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e CollectionEntry_InlineEntryValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e CollectionEntry_InlineEntryValidationError) ErrorName() string {
+	return "CollectionEntry_InlineEntryValidationError"
+}
+
+// Error satisfies the builtin error interface
+func (e CollectionEntry_InlineEntryValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sCollectionEntry_InlineEntry.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = CollectionEntry_InlineEntryValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = CollectionEntry_InlineEntryValidationError{}
+
+var _CollectionEntry_InlineEntry_Name_Pattern = regexp.MustCompile("^[0-9a-zA-Z_\\-\\.~:]+$")
diff --git a/vendor/github.com/cncf/xds/go/xds/core/v3/context_params.pb.go b/vendor/github.com/cncf/xds/go/xds/core/v3/context_params.pb.go
new file mode 100644
index 00000000000..bb58c8a7cc4
--- /dev/null
+++ b/vendor/github.com/cncf/xds/go/xds/core/v3/context_params.pb.go
@@ -0,0 +1,162 @@
+// Code generated by protoc-gen-go. DO NOT EDIT.
+// versions:
+// 	protoc-gen-go v1.25.0
+// 	protoc        v3.18.0
+// source: xds/core/v3/context_params.proto
+
+package xds_core_v3
+
+import (
+	_ "github.com/cncf/xds/go/udpa/annotations"
+	proto "github.com/golang/protobuf/proto"
+	protoreflect "google.golang.org/protobuf/reflect/protoreflect"
+	protoimpl "google.golang.org/protobuf/runtime/protoimpl"
+	reflect "reflect"
+	sync "sync"
+)
+
+const (
+	// Verify that this generated code is sufficiently up-to-date.
+	_ = protoimpl.EnforceVersion(20 - protoimpl.MinVersion)
+	// Verify that runtime/protoimpl is sufficiently up-to-date.
+	_ = protoimpl.EnforceVersion(protoimpl.MaxVersion - 20)
+)
+
+// This is a compile-time assertion that a sufficiently up-to-date version
+// of the legacy proto package is being used.
+const _ = proto.ProtoPackageIsVersion4
+
+type ContextParams struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	Params map[string]string `protobuf:"bytes,1,rep,name=params,proto3" json:"params,omitempty" protobuf_key:"bytes,1,opt,name=key,proto3" protobuf_val:"bytes,2,opt,name=value,proto3"`
+}
+
+func (x *ContextParams) Reset() {
+	*x = ContextParams{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_xds_core_v3_context_params_proto_msgTypes[0]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *ContextParams) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*ContextParams) ProtoMessage() {}
+
+func (x *ContextParams) ProtoReflect() protoreflect.Message {
+	mi := &file_xds_core_v3_context_params_proto_msgTypes[0]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use ContextParams.ProtoReflect.Descriptor instead.
+func (*ContextParams) Descriptor() ([]byte, []int) {
+	return file_xds_core_v3_context_params_proto_rawDescGZIP(), []int{0}
+}
+
+func (x *ContextParams) GetParams() map[string]string {
+	if x != nil {
+		return x.Params
+	}
+	return nil
+}
+
+var File_xds_core_v3_context_params_proto protoreflect.FileDescriptor
+
+var file_xds_core_v3_context_params_proto_rawDesc = []byte{
+	0x0a, 0x20, 0x78, 0x64, 0x73, 0x2f, 0x63, 0x6f, 0x72, 0x65, 0x2f, 0x76, 0x33, 0x2f, 0x63, 0x6f,
+	0x6e, 0x74, 0x65, 0x78, 0x74, 0x5f, 0x70, 0x61, 0x72, 0x61, 0x6d, 0x73, 0x2e, 0x70, 0x72, 0x6f,
+	0x74, 0x6f, 0x12, 0x0b, 0x78, 0x64, 0x73, 0x2e, 0x63, 0x6f, 0x72, 0x65, 0x2e, 0x76, 0x33, 0x1a,
+	0x1d, 0x75, 0x64, 0x70, 0x61, 0x2f, 0x61, 0x6e, 0x6e, 0x6f, 0x74, 0x61, 0x74, 0x69, 0x6f, 0x6e,
+	0x73, 0x2f, 0x73, 0x74, 0x61, 0x74, 0x75, 0x73, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x22, 0x8a,
+	0x01, 0x0a, 0x0d, 0x43, 0x6f, 0x6e, 0x74, 0x65, 0x78, 0x74, 0x50, 0x61, 0x72, 0x61, 0x6d, 0x73,
+	0x12, 0x3e, 0x0a, 0x06, 0x70, 0x61, 0x72, 0x61, 0x6d, 0x73, 0x18, 0x01, 0x20, 0x03, 0x28, 0x0b,
+	0x32, 0x26, 0x2e, 0x78, 0x64, 0x73, 0x2e, 0x63, 0x6f, 0x72, 0x65, 0x2e, 0x76, 0x33, 0x2e, 0x43,
+	0x6f, 0x6e, 0x74, 0x65, 0x78, 0x74, 0x50, 0x61, 0x72, 0x61, 0x6d, 0x73, 0x2e, 0x50, 0x61, 0x72,
+	0x61, 0x6d, 0x73, 0x45, 0x6e, 0x74, 0x72, 0x79, 0x52, 0x06, 0x70, 0x61, 0x72, 0x61, 0x6d, 0x73,
+	0x1a, 0x39, 0x0a, 0x0b, 0x50, 0x61, 0x72, 0x61, 0x6d, 0x73, 0x45, 0x6e, 0x74, 0x72, 0x79, 0x12,
+	0x10, 0x0a, 0x03, 0x6b, 0x65, 0x79, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x03, 0x6b, 0x65,
+	0x79, 0x12, 0x14, 0x0a, 0x05, 0x76, 0x61, 0x6c, 0x75, 0x65, 0x18, 0x02, 0x20, 0x01, 0x28, 0x09,
+	0x52, 0x05, 0x76, 0x61, 0x6c, 0x75, 0x65, 0x3a, 0x02, 0x38, 0x01, 0x42, 0x36, 0x0a, 0x16, 0x63,
+	0x6f, 0x6d, 0x2e, 0x67, 0x69, 0x74, 0x68, 0x75, 0x62, 0x2e, 0x78, 0x64, 0x73, 0x2e, 0x63, 0x6f,
+	0x72, 0x65, 0x2e, 0x76, 0x33, 0x42, 0x12, 0x43, 0x6f, 0x6e, 0x74, 0x65, 0x78, 0x74, 0x50, 0x61,
+	0x72, 0x61, 0x6d, 0x73, 0x50, 0x72, 0x6f, 0x74, 0x6f, 0x50, 0x01, 0xba, 0x80, 0xc8, 0xd1, 0x06,
+	0x02, 0x08, 0x01, 0x62, 0x06, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x33,
+}
+
+var (
+	file_xds_core_v3_context_params_proto_rawDescOnce sync.Once
+	file_xds_core_v3_context_params_proto_rawDescData = file_xds_core_v3_context_params_proto_rawDesc
+)
+
+func file_xds_core_v3_context_params_proto_rawDescGZIP() []byte {
+	file_xds_core_v3_context_params_proto_rawDescOnce.Do(func() {
+		file_xds_core_v3_context_params_proto_rawDescData = protoimpl.X.CompressGZIP(file_xds_core_v3_context_params_proto_rawDescData)
+	})
+	return file_xds_core_v3_context_params_proto_rawDescData
+}
+
+var file_xds_core_v3_context_params_proto_msgTypes = make([]protoimpl.MessageInfo, 2)
+var file_xds_core_v3_context_params_proto_goTypes = []interface{}{
+	(*ContextParams)(nil), // 0: xds.core.v3.ContextParams
+	nil,                   // 1: xds.core.v3.ContextParams.ParamsEntry
+}
+var file_xds_core_v3_context_params_proto_depIdxs = []int32{
+	1, // 0: xds.core.v3.ContextParams.params:type_name -> xds.core.v3.ContextParams.ParamsEntry
+	1, // [1:1] is the sub-list for method output_type
+	1, // [1:1] is the sub-list for method input_type
+	1, // [1:1] is the sub-list for extension type_name
+	1, // [1:1] is the sub-list for extension extendee
+	0, // [0:1] is the sub-list for field type_name
+}
+
+func init() { file_xds_core_v3_context_params_proto_init() }
+func file_xds_core_v3_context_params_proto_init() {
+	if File_xds_core_v3_context_params_proto != nil {
+		return
+	}
+	if !protoimpl.UnsafeEnabled {
+		file_xds_core_v3_context_params_proto_msgTypes[0].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*ContextParams); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+	}
+	type x struct{}
+	out := protoimpl.TypeBuilder{
+		File: protoimpl.DescBuilder{
+			GoPackagePath: reflect.TypeOf(x{}).PkgPath(),
+			RawDescriptor: file_xds_core_v3_context_params_proto_rawDesc,
+			NumEnums:      0,
+			NumMessages:   2,
+			NumExtensions: 0,
+			NumServices:   0,
+		},
+		GoTypes:           file_xds_core_v3_context_params_proto_goTypes,
+		DependencyIndexes: file_xds_core_v3_context_params_proto_depIdxs,
+		MessageInfos:      file_xds_core_v3_context_params_proto_msgTypes,
+	}.Build()
+	File_xds_core_v3_context_params_proto = out.File
+	file_xds_core_v3_context_params_proto_rawDesc = nil
+	file_xds_core_v3_context_params_proto_goTypes = nil
+	file_xds_core_v3_context_params_proto_depIdxs = nil
+}
diff --git a/vendor/github.com/cncf/xds/go/xds/core/v3/context_params.pb.validate.go b/vendor/github.com/cncf/xds/go/xds/core/v3/context_params.pb.validate.go
new file mode 100644
index 00000000000..ec9a20750ef
--- /dev/null
+++ b/vendor/github.com/cncf/xds/go/xds/core/v3/context_params.pb.validate.go
@@ -0,0 +1,101 @@
+// Code generated by protoc-gen-validate. DO NOT EDIT.
+// source: xds/core/v3/context_params.proto
+
+package xds_core_v3
+
+import (
+	"bytes"
+	"errors"
+	"fmt"
+	"net"
+	"net/mail"
+	"net/url"
+	"regexp"
+	"strings"
+	"time"
+	"unicode/utf8"
+
+	"google.golang.org/protobuf/types/known/anypb"
+)
+
+// ensure the imports are used
+var (
+	_ = bytes.MinRead
+	_ = errors.New("")
+	_ = fmt.Print
+	_ = utf8.UTFMax
+	_ = (*regexp.Regexp)(nil)
+	_ = (*strings.Reader)(nil)
+	_ = net.IPv4len
+	_ = time.Duration(0)
+	_ = (*url.URL)(nil)
+	_ = (*mail.Address)(nil)
+	_ = anypb.Any{}
+)
+
+// Validate checks the field values on ContextParams with the rules defined in
+// the proto definition for this message. If any rules are violated, an error
+// is returned.
+func (m *ContextParams) Validate() error {
+	if m == nil {
+		return nil
+	}
+
+	// no validation rules for Params
+
+	return nil
+}
+
+// ContextParamsValidationError is the validation error returned by
+// ContextParams.Validate if the designated constraints aren't met.
+type ContextParamsValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e ContextParamsValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e ContextParamsValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e ContextParamsValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e ContextParamsValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e ContextParamsValidationError) ErrorName() string { return "ContextParamsValidationError" }
+
+// Error satisfies the builtin error interface
+func (e ContextParamsValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sContextParams.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = ContextParamsValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = ContextParamsValidationError{}
diff --git a/vendor/github.com/cncf/xds/go/xds/core/v3/extension.pb.go b/vendor/github.com/cncf/xds/go/xds/core/v3/extension.pb.go
new file mode 100644
index 00000000000..5cc3431ab61
--- /dev/null
+++ b/vendor/github.com/cncf/xds/go/xds/core/v3/extension.pb.go
@@ -0,0 +1,170 @@
+// Code generated by protoc-gen-go. DO NOT EDIT.
+// versions:
+// 	protoc-gen-go v1.25.0
+// 	protoc        v3.18.0
+// source: xds/core/v3/extension.proto
+
+package xds_core_v3
+
+import (
+	_ "github.com/envoyproxy/protoc-gen-validate/validate"
+	proto "github.com/golang/protobuf/proto"
+	any "github.com/golang/protobuf/ptypes/any"
+	protoreflect "google.golang.org/protobuf/reflect/protoreflect"
+	protoimpl "google.golang.org/protobuf/runtime/protoimpl"
+	reflect "reflect"
+	sync "sync"
+)
+
+const (
+	// Verify that this generated code is sufficiently up-to-date.
+	_ = protoimpl.EnforceVersion(20 - protoimpl.MinVersion)
+	// Verify that runtime/protoimpl is sufficiently up-to-date.
+	_ = protoimpl.EnforceVersion(protoimpl.MaxVersion - 20)
+)
+
+// This is a compile-time assertion that a sufficiently up-to-date version
+// of the legacy proto package is being used.
+const _ = proto.ProtoPackageIsVersion4
+
+type TypedExtensionConfig struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	Name        string   `protobuf:"bytes,1,opt,name=name,proto3" json:"name,omitempty"`
+	TypedConfig *any.Any `protobuf:"bytes,2,opt,name=typed_config,json=typedConfig,proto3" json:"typed_config,omitempty"`
+}
+
+func (x *TypedExtensionConfig) Reset() {
+	*x = TypedExtensionConfig{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_xds_core_v3_extension_proto_msgTypes[0]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *TypedExtensionConfig) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*TypedExtensionConfig) ProtoMessage() {}
+
+func (x *TypedExtensionConfig) ProtoReflect() protoreflect.Message {
+	mi := &file_xds_core_v3_extension_proto_msgTypes[0]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use TypedExtensionConfig.ProtoReflect.Descriptor instead.
+func (*TypedExtensionConfig) Descriptor() ([]byte, []int) {
+	return file_xds_core_v3_extension_proto_rawDescGZIP(), []int{0}
+}
+
+func (x *TypedExtensionConfig) GetName() string {
+	if x != nil {
+		return x.Name
+	}
+	return ""
+}
+
+func (x *TypedExtensionConfig) GetTypedConfig() *any.Any {
+	if x != nil {
+		return x.TypedConfig
+	}
+	return nil
+}
+
+var File_xds_core_v3_extension_proto protoreflect.FileDescriptor
+
+var file_xds_core_v3_extension_proto_rawDesc = []byte{
+	0x0a, 0x1b, 0x78, 0x64, 0x73, 0x2f, 0x63, 0x6f, 0x72, 0x65, 0x2f, 0x76, 0x33, 0x2f, 0x65, 0x78,
+	0x74, 0x65, 0x6e, 0x73, 0x69, 0x6f, 0x6e, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x12, 0x0b, 0x78,
+	0x64, 0x73, 0x2e, 0x63, 0x6f, 0x72, 0x65, 0x2e, 0x76, 0x33, 0x1a, 0x17, 0x76, 0x61, 0x6c, 0x69,
+	0x64, 0x61, 0x74, 0x65, 0x2f, 0x76, 0x61, 0x6c, 0x69, 0x64, 0x61, 0x74, 0x65, 0x2e, 0x70, 0x72,
+	0x6f, 0x74, 0x6f, 0x1a, 0x19, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2f, 0x70, 0x72, 0x6f, 0x74,
+	0x6f, 0x62, 0x75, 0x66, 0x2f, 0x61, 0x6e, 0x79, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x22, 0x76,
+	0x0a, 0x14, 0x54, 0x79, 0x70, 0x65, 0x64, 0x45, 0x78, 0x74, 0x65, 0x6e, 0x73, 0x69, 0x6f, 0x6e,
+	0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x12, 0x1b, 0x0a, 0x04, 0x6e, 0x61, 0x6d, 0x65, 0x18, 0x01,
+	0x20, 0x01, 0x28, 0x09, 0x42, 0x07, 0xfa, 0x42, 0x04, 0x72, 0x02, 0x10, 0x01, 0x52, 0x04, 0x6e,
+	0x61, 0x6d, 0x65, 0x12, 0x41, 0x0a, 0x0c, 0x74, 0x79, 0x70, 0x65, 0x64, 0x5f, 0x63, 0x6f, 0x6e,
+	0x66, 0x69, 0x67, 0x18, 0x02, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x14, 0x2e, 0x67, 0x6f, 0x6f, 0x67,
+	0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x41, 0x6e, 0x79, 0x42,
+	0x08, 0xfa, 0x42, 0x05, 0xa2, 0x01, 0x02, 0x08, 0x01, 0x52, 0x0b, 0x74, 0x79, 0x70, 0x65, 0x64,
+	0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x42, 0x2a, 0x0a, 0x16, 0x63, 0x6f, 0x6d, 0x2e, 0x67, 0x69,
+	0x74, 0x68, 0x75, 0x62, 0x2e, 0x78, 0x64, 0x73, 0x2e, 0x63, 0x6f, 0x72, 0x65, 0x2e, 0x76, 0x33,
+	0x42, 0x0e, 0x45, 0x78, 0x74, 0x65, 0x6e, 0x73, 0x69, 0x6f, 0x6e, 0x50, 0x72, 0x6f, 0x74, 0x6f,
+	0x50, 0x01, 0x62, 0x06, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x33,
+}
+
+var (
+	file_xds_core_v3_extension_proto_rawDescOnce sync.Once
+	file_xds_core_v3_extension_proto_rawDescData = file_xds_core_v3_extension_proto_rawDesc
+)
+
+func file_xds_core_v3_extension_proto_rawDescGZIP() []byte {
+	file_xds_core_v3_extension_proto_rawDescOnce.Do(func() {
+		file_xds_core_v3_extension_proto_rawDescData = protoimpl.X.CompressGZIP(file_xds_core_v3_extension_proto_rawDescData)
+	})
+	return file_xds_core_v3_extension_proto_rawDescData
+}
+
+var file_xds_core_v3_extension_proto_msgTypes = make([]protoimpl.MessageInfo, 1)
+var file_xds_core_v3_extension_proto_goTypes = []interface{}{
+	(*TypedExtensionConfig)(nil), // 0: xds.core.v3.TypedExtensionConfig
+	(*any.Any)(nil),              // 1: google.protobuf.Any
+}
+var file_xds_core_v3_extension_proto_depIdxs = []int32{
+	1, // 0: xds.core.v3.TypedExtensionConfig.typed_config:type_name -> google.protobuf.Any
+	1, // [1:1] is the sub-list for method output_type
+	1, // [1:1] is the sub-list for method input_type
+	1, // [1:1] is the sub-list for extension type_name
+	1, // [1:1] is the sub-list for extension extendee
+	0, // [0:1] is the sub-list for field type_name
+}
+
+func init() { file_xds_core_v3_extension_proto_init() }
+func file_xds_core_v3_extension_proto_init() {
+	if File_xds_core_v3_extension_proto != nil {
+		return
+	}
+	if !protoimpl.UnsafeEnabled {
+		file_xds_core_v3_extension_proto_msgTypes[0].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*TypedExtensionConfig); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+	}
+	type x struct{}
+	out := protoimpl.TypeBuilder{
+		File: protoimpl.DescBuilder{
+			GoPackagePath: reflect.TypeOf(x{}).PkgPath(),
+			RawDescriptor: file_xds_core_v3_extension_proto_rawDesc,
+			NumEnums:      0,
+			NumMessages:   1,
+			NumExtensions: 0,
+			NumServices:   0,
+		},
+		GoTypes:           file_xds_core_v3_extension_proto_goTypes,
+		DependencyIndexes: file_xds_core_v3_extension_proto_depIdxs,
+		MessageInfos:      file_xds_core_v3_extension_proto_msgTypes,
+	}.Build()
+	File_xds_core_v3_extension_proto = out.File
+	file_xds_core_v3_extension_proto_rawDesc = nil
+	file_xds_core_v3_extension_proto_goTypes = nil
+	file_xds_core_v3_extension_proto_depIdxs = nil
+}
diff --git a/vendor/github.com/cncf/xds/go/xds/core/v3/extension.pb.validate.go b/vendor/github.com/cncf/xds/go/xds/core/v3/extension.pb.validate.go
new file mode 100644
index 00000000000..689856d6e17
--- /dev/null
+++ b/vendor/github.com/cncf/xds/go/xds/core/v3/extension.pb.validate.go
@@ -0,0 +1,119 @@
+// Code generated by protoc-gen-validate. DO NOT EDIT.
+// source: xds/core/v3/extension.proto
+
+package xds_core_v3
+
+import (
+	"bytes"
+	"errors"
+	"fmt"
+	"net"
+	"net/mail"
+	"net/url"
+	"regexp"
+	"strings"
+	"time"
+	"unicode/utf8"
+
+	"google.golang.org/protobuf/types/known/anypb"
+)
+
+// ensure the imports are used
+var (
+	_ = bytes.MinRead
+	_ = errors.New("")
+	_ = fmt.Print
+	_ = utf8.UTFMax
+	_ = (*regexp.Regexp)(nil)
+	_ = (*strings.Reader)(nil)
+	_ = net.IPv4len
+	_ = time.Duration(0)
+	_ = (*url.URL)(nil)
+	_ = (*mail.Address)(nil)
+	_ = anypb.Any{}
+)
+
+// Validate checks the field values on TypedExtensionConfig with the rules
+// defined in the proto definition for this message. If any rules are
+// violated, an error is returned.
+func (m *TypedExtensionConfig) Validate() error {
+	if m == nil {
+		return nil
+	}
+
+	if utf8.RuneCountInString(m.GetName()) < 1 {
+		return TypedExtensionConfigValidationError{
+			field:  "Name",
+			reason: "value length must be at least 1 runes",
+		}
+	}
+
+	if m.GetTypedConfig() == nil {
+		return TypedExtensionConfigValidationError{
+			field:  "TypedConfig",
+			reason: "value is required",
+		}
+	}
+
+	if a := m.GetTypedConfig(); a != nil {
+
+	}
+
+	return nil
+}
+
+// TypedExtensionConfigValidationError is the validation error returned by
+// TypedExtensionConfig.Validate if the designated constraints aren't met.
+type TypedExtensionConfigValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e TypedExtensionConfigValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e TypedExtensionConfigValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e TypedExtensionConfigValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e TypedExtensionConfigValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e TypedExtensionConfigValidationError) ErrorName() string {
+	return "TypedExtensionConfigValidationError"
+}
+
+// Error satisfies the builtin error interface
+func (e TypedExtensionConfigValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sTypedExtensionConfig.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = TypedExtensionConfigValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = TypedExtensionConfigValidationError{}
diff --git a/vendor/github.com/cncf/xds/go/xds/core/v3/resource.pb.go b/vendor/github.com/cncf/xds/go/xds/core/v3/resource.pb.go
new file mode 100644
index 00000000000..ebb00ceb7b6
--- /dev/null
+++ b/vendor/github.com/cncf/xds/go/xds/core/v3/resource.pb.go
@@ -0,0 +1,185 @@
+// Code generated by protoc-gen-go. DO NOT EDIT.
+// versions:
+// 	protoc-gen-go v1.25.0
+// 	protoc        v3.18.0
+// source: xds/core/v3/resource.proto
+
+package xds_core_v3
+
+import (
+	_ "github.com/cncf/xds/go/udpa/annotations"
+	proto "github.com/golang/protobuf/proto"
+	any "github.com/golang/protobuf/ptypes/any"
+	protoreflect "google.golang.org/protobuf/reflect/protoreflect"
+	protoimpl "google.golang.org/protobuf/runtime/protoimpl"
+	reflect "reflect"
+	sync "sync"
+)
+
+const (
+	// Verify that this generated code is sufficiently up-to-date.
+	_ = protoimpl.EnforceVersion(20 - protoimpl.MinVersion)
+	// Verify that runtime/protoimpl is sufficiently up-to-date.
+	_ = protoimpl.EnforceVersion(protoimpl.MaxVersion - 20)
+)
+
+// This is a compile-time assertion that a sufficiently up-to-date version
+// of the legacy proto package is being used.
+const _ = proto.ProtoPackageIsVersion4
+
+type Resource struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	Name     *ResourceName `protobuf:"bytes,1,opt,name=name,proto3" json:"name,omitempty"`
+	Version  string        `protobuf:"bytes,2,opt,name=version,proto3" json:"version,omitempty"`
+	Resource *any.Any      `protobuf:"bytes,3,opt,name=resource,proto3" json:"resource,omitempty"`
+}
+
+func (x *Resource) Reset() {
+	*x = Resource{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_xds_core_v3_resource_proto_msgTypes[0]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *Resource) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*Resource) ProtoMessage() {}
+
+func (x *Resource) ProtoReflect() protoreflect.Message {
+	mi := &file_xds_core_v3_resource_proto_msgTypes[0]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use Resource.ProtoReflect.Descriptor instead.
+func (*Resource) Descriptor() ([]byte, []int) {
+	return file_xds_core_v3_resource_proto_rawDescGZIP(), []int{0}
+}
+
+func (x *Resource) GetName() *ResourceName {
+	if x != nil {
+		return x.Name
+	}
+	return nil
+}
+
+func (x *Resource) GetVersion() string {
+	if x != nil {
+		return x.Version
+	}
+	return ""
+}
+
+func (x *Resource) GetResource() *any.Any {
+	if x != nil {
+		return x.Resource
+	}
+	return nil
+}
+
+var File_xds_core_v3_resource_proto protoreflect.FileDescriptor
+
+var file_xds_core_v3_resource_proto_rawDesc = []byte{
+	0x0a, 0x1a, 0x78, 0x64, 0x73, 0x2f, 0x63, 0x6f, 0x72, 0x65, 0x2f, 0x76, 0x33, 0x2f, 0x72, 0x65,
+	0x73, 0x6f, 0x75, 0x72, 0x63, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x12, 0x0b, 0x78, 0x64,
+	0x73, 0x2e, 0x63, 0x6f, 0x72, 0x65, 0x2e, 0x76, 0x33, 0x1a, 0x19, 0x67, 0x6f, 0x6f, 0x67, 0x6c,
+	0x65, 0x2f, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2f, 0x61, 0x6e, 0x79, 0x2e, 0x70,
+	0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x1d, 0x75, 0x64, 0x70, 0x61, 0x2f, 0x61, 0x6e, 0x6e, 0x6f, 0x74,
+	0x61, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x2f, 0x73, 0x74, 0x61, 0x74, 0x75, 0x73, 0x2e, 0x70, 0x72,
+	0x6f, 0x74, 0x6f, 0x1a, 0x1f, 0x78, 0x64, 0x73, 0x2f, 0x63, 0x6f, 0x72, 0x65, 0x2f, 0x76, 0x33,
+	0x2f, 0x72, 0x65, 0x73, 0x6f, 0x75, 0x72, 0x63, 0x65, 0x5f, 0x6e, 0x61, 0x6d, 0x65, 0x2e, 0x70,
+	0x72, 0x6f, 0x74, 0x6f, 0x22, 0x85, 0x01, 0x0a, 0x08, 0x52, 0x65, 0x73, 0x6f, 0x75, 0x72, 0x63,
+	0x65, 0x12, 0x2d, 0x0a, 0x04, 0x6e, 0x61, 0x6d, 0x65, 0x18, 0x01, 0x20, 0x01, 0x28, 0x0b, 0x32,
+	0x19, 0x2e, 0x78, 0x64, 0x73, 0x2e, 0x63, 0x6f, 0x72, 0x65, 0x2e, 0x76, 0x33, 0x2e, 0x52, 0x65,
+	0x73, 0x6f, 0x75, 0x72, 0x63, 0x65, 0x4e, 0x61, 0x6d, 0x65, 0x52, 0x04, 0x6e, 0x61, 0x6d, 0x65,
+	0x12, 0x18, 0x0a, 0x07, 0x76, 0x65, 0x72, 0x73, 0x69, 0x6f, 0x6e, 0x18, 0x02, 0x20, 0x01, 0x28,
+	0x09, 0x52, 0x07, 0x76, 0x65, 0x72, 0x73, 0x69, 0x6f, 0x6e, 0x12, 0x30, 0x0a, 0x08, 0x72, 0x65,
+	0x73, 0x6f, 0x75, 0x72, 0x63, 0x65, 0x18, 0x03, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x14, 0x2e, 0x67,
+	0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x41,
+	0x6e, 0x79, 0x52, 0x08, 0x72, 0x65, 0x73, 0x6f, 0x75, 0x72, 0x63, 0x65, 0x42, 0x31, 0x0a, 0x16,
+	0x63, 0x6f, 0x6d, 0x2e, 0x67, 0x69, 0x74, 0x68, 0x75, 0x62, 0x2e, 0x78, 0x64, 0x73, 0x2e, 0x63,
+	0x6f, 0x72, 0x65, 0x2e, 0x76, 0x33, 0x42, 0x0d, 0x52, 0x65, 0x73, 0x6f, 0x75, 0x72, 0x63, 0x65,
+	0x50, 0x72, 0x6f, 0x74, 0x6f, 0x50, 0x01, 0xba, 0x80, 0xc8, 0xd1, 0x06, 0x02, 0x08, 0x01, 0x62,
+	0x06, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x33,
+}
+
+var (
+	file_xds_core_v3_resource_proto_rawDescOnce sync.Once
+	file_xds_core_v3_resource_proto_rawDescData = file_xds_core_v3_resource_proto_rawDesc
+)
+
+func file_xds_core_v3_resource_proto_rawDescGZIP() []byte {
+	file_xds_core_v3_resource_proto_rawDescOnce.Do(func() {
+		file_xds_core_v3_resource_proto_rawDescData = protoimpl.X.CompressGZIP(file_xds_core_v3_resource_proto_rawDescData)
+	})
+	return file_xds_core_v3_resource_proto_rawDescData
+}
+
+var file_xds_core_v3_resource_proto_msgTypes = make([]protoimpl.MessageInfo, 1)
+var file_xds_core_v3_resource_proto_goTypes = []interface{}{
+	(*Resource)(nil),     // 0: xds.core.v3.Resource
+	(*ResourceName)(nil), // 1: xds.core.v3.ResourceName
+	(*any.Any)(nil),      // 2: google.protobuf.Any
+}
+var file_xds_core_v3_resource_proto_depIdxs = []int32{
+	1, // 0: xds.core.v3.Resource.name:type_name -> xds.core.v3.ResourceName
+	2, // 1: xds.core.v3.Resource.resource:type_name -> google.protobuf.Any
+	2, // [2:2] is the sub-list for method output_type
+	2, // [2:2] is the sub-list for method input_type
+	2, // [2:2] is the sub-list for extension type_name
+	2, // [2:2] is the sub-list for extension extendee
+	0, // [0:2] is the sub-list for field type_name
+}
+
+func init() { file_xds_core_v3_resource_proto_init() }
+func file_xds_core_v3_resource_proto_init() {
+	if File_xds_core_v3_resource_proto != nil {
+		return
+	}
+	file_xds_core_v3_resource_name_proto_init()
+	if !protoimpl.UnsafeEnabled {
+		file_xds_core_v3_resource_proto_msgTypes[0].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*Resource); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+	}
+	type x struct{}
+	out := protoimpl.TypeBuilder{
+		File: protoimpl.DescBuilder{
+			GoPackagePath: reflect.TypeOf(x{}).PkgPath(),
+			RawDescriptor: file_xds_core_v3_resource_proto_rawDesc,
+			NumEnums:      0,
+			NumMessages:   1,
+			NumExtensions: 0,
+			NumServices:   0,
+		},
+		GoTypes:           file_xds_core_v3_resource_proto_goTypes,
+		DependencyIndexes: file_xds_core_v3_resource_proto_depIdxs,
+		MessageInfos:      file_xds_core_v3_resource_proto_msgTypes,
+	}.Build()
+	File_xds_core_v3_resource_proto = out.File
+	file_xds_core_v3_resource_proto_rawDesc = nil
+	file_xds_core_v3_resource_proto_goTypes = nil
+	file_xds_core_v3_resource_proto_depIdxs = nil
+}
diff --git a/vendor/github.com/cncf/xds/go/xds/core/v3/resource.pb.validate.go b/vendor/github.com/cncf/xds/go/xds/core/v3/resource.pb.validate.go
new file mode 100644
index 00000000000..01be4cf10ac
--- /dev/null
+++ b/vendor/github.com/cncf/xds/go/xds/core/v3/resource.pb.validate.go
@@ -0,0 +1,120 @@
+// Code generated by protoc-gen-validate. DO NOT EDIT.
+// source: xds/core/v3/resource.proto
+
+package xds_core_v3
+
+import (
+	"bytes"
+	"errors"
+	"fmt"
+	"net"
+	"net/mail"
+	"net/url"
+	"regexp"
+	"strings"
+	"time"
+	"unicode/utf8"
+
+	"google.golang.org/protobuf/types/known/anypb"
+)
+
+// ensure the imports are used
+var (
+	_ = bytes.MinRead
+	_ = errors.New("")
+	_ = fmt.Print
+	_ = utf8.UTFMax
+	_ = (*regexp.Regexp)(nil)
+	_ = (*strings.Reader)(nil)
+	_ = net.IPv4len
+	_ = time.Duration(0)
+	_ = (*url.URL)(nil)
+	_ = (*mail.Address)(nil)
+	_ = anypb.Any{}
+)
+
+// Validate checks the field values on Resource with the rules defined in the
+// proto definition for this message. If any rules are violated, an error is returned.
+func (m *Resource) Validate() error {
+	if m == nil {
+		return nil
+	}
+
+	if v, ok := interface{}(m.GetName()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return ResourceValidationError{
+				field:  "Name",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	// no validation rules for Version
+
+	if v, ok := interface{}(m.GetResource()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return ResourceValidationError{
+				field:  "Resource",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	return nil
+}
+
+// ResourceValidationError is the validation error returned by
+// Resource.Validate if the designated constraints aren't met.
+type ResourceValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e ResourceValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e ResourceValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e ResourceValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e ResourceValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e ResourceValidationError) ErrorName() string { return "ResourceValidationError" }
+
+// Error satisfies the builtin error interface
+func (e ResourceValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sResource.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = ResourceValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = ResourceValidationError{}
diff --git a/vendor/github.com/cncf/xds/go/xds/core/v3/resource_locator.pb.go b/vendor/github.com/cncf/xds/go/xds/core/v3/resource_locator.pb.go
new file mode 100644
index 00000000000..2c19ca01289
--- /dev/null
+++ b/vendor/github.com/cncf/xds/go/xds/core/v3/resource_locator.pb.go
@@ -0,0 +1,406 @@
+// Code generated by protoc-gen-go. DO NOT EDIT.
+// versions:
+// 	protoc-gen-go v1.25.0
+// 	protoc        v3.18.0
+// source: xds/core/v3/resource_locator.proto
+
+package xds_core_v3
+
+import (
+	_ "github.com/cncf/xds/go/udpa/annotations"
+	_ "github.com/envoyproxy/protoc-gen-validate/validate"
+	proto "github.com/golang/protobuf/proto"
+	protoreflect "google.golang.org/protobuf/reflect/protoreflect"
+	protoimpl "google.golang.org/protobuf/runtime/protoimpl"
+	reflect "reflect"
+	sync "sync"
+)
+
+const (
+	// Verify that this generated code is sufficiently up-to-date.
+	_ = protoimpl.EnforceVersion(20 - protoimpl.MinVersion)
+	// Verify that runtime/protoimpl is sufficiently up-to-date.
+	_ = protoimpl.EnforceVersion(protoimpl.MaxVersion - 20)
+)
+
+// This is a compile-time assertion that a sufficiently up-to-date version
+// of the legacy proto package is being used.
+const _ = proto.ProtoPackageIsVersion4
+
+type ResourceLocator_Scheme int32
+
+const (
+	ResourceLocator_XDSTP ResourceLocator_Scheme = 0
+	ResourceLocator_HTTP  ResourceLocator_Scheme = 1
+	ResourceLocator_FILE  ResourceLocator_Scheme = 2
+)
+
+// Enum value maps for ResourceLocator_Scheme.
+var (
+	ResourceLocator_Scheme_name = map[int32]string{
+		0: "XDSTP",
+		1: "HTTP",
+		2: "FILE",
+	}
+	ResourceLocator_Scheme_value = map[string]int32{
+		"XDSTP": 0,
+		"HTTP":  1,
+		"FILE":  2,
+	}
+)
+
+func (x ResourceLocator_Scheme) Enum() *ResourceLocator_Scheme {
+	p := new(ResourceLocator_Scheme)
+	*p = x
+	return p
+}
+
+func (x ResourceLocator_Scheme) String() string {
+	return protoimpl.X.EnumStringOf(x.Descriptor(), protoreflect.EnumNumber(x))
+}
+
+func (ResourceLocator_Scheme) Descriptor() protoreflect.EnumDescriptor {
+	return file_xds_core_v3_resource_locator_proto_enumTypes[0].Descriptor()
+}
+
+func (ResourceLocator_Scheme) Type() protoreflect.EnumType {
+	return &file_xds_core_v3_resource_locator_proto_enumTypes[0]
+}
+
+func (x ResourceLocator_Scheme) Number() protoreflect.EnumNumber {
+	return protoreflect.EnumNumber(x)
+}
+
+// Deprecated: Use ResourceLocator_Scheme.Descriptor instead.
+func (ResourceLocator_Scheme) EnumDescriptor() ([]byte, []int) {
+	return file_xds_core_v3_resource_locator_proto_rawDescGZIP(), []int{0, 0}
+}
+
+type ResourceLocator struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	Scheme       ResourceLocator_Scheme `protobuf:"varint,1,opt,name=scheme,proto3,enum=xds.core.v3.ResourceLocator_Scheme" json:"scheme,omitempty"`
+	Id           string                 `protobuf:"bytes,2,opt,name=id,proto3" json:"id,omitempty"`
+	Authority    string                 `protobuf:"bytes,3,opt,name=authority,proto3" json:"authority,omitempty"`
+	ResourceType string                 `protobuf:"bytes,4,opt,name=resource_type,json=resourceType,proto3" json:"resource_type,omitempty"`
+	// Types that are assignable to ContextParamSpecifier:
+	//	*ResourceLocator_ExactContext
+	ContextParamSpecifier isResourceLocator_ContextParamSpecifier `protobuf_oneof:"context_param_specifier"`
+	Directives            []*ResourceLocator_Directive            `protobuf:"bytes,6,rep,name=directives,proto3" json:"directives,omitempty"`
+}
+
+func (x *ResourceLocator) Reset() {
+	*x = ResourceLocator{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_xds_core_v3_resource_locator_proto_msgTypes[0]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *ResourceLocator) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*ResourceLocator) ProtoMessage() {}
+
+func (x *ResourceLocator) ProtoReflect() protoreflect.Message {
+	mi := &file_xds_core_v3_resource_locator_proto_msgTypes[0]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use ResourceLocator.ProtoReflect.Descriptor instead.
+func (*ResourceLocator) Descriptor() ([]byte, []int) {
+	return file_xds_core_v3_resource_locator_proto_rawDescGZIP(), []int{0}
+}
+
+func (x *ResourceLocator) GetScheme() ResourceLocator_Scheme {
+	if x != nil {
+		return x.Scheme
+	}
+	return ResourceLocator_XDSTP
+}
+
+func (x *ResourceLocator) GetId() string {
+	if x != nil {
+		return x.Id
+	}
+	return ""
+}
+
+func (x *ResourceLocator) GetAuthority() string {
+	if x != nil {
+		return x.Authority
+	}
+	return ""
+}
+
+func (x *ResourceLocator) GetResourceType() string {
+	if x != nil {
+		return x.ResourceType
+	}
+	return ""
+}
+
+func (m *ResourceLocator) GetContextParamSpecifier() isResourceLocator_ContextParamSpecifier {
+	if m != nil {
+		return m.ContextParamSpecifier
+	}
+	return nil
+}
+
+func (x *ResourceLocator) GetExactContext() *ContextParams {
+	if x, ok := x.GetContextParamSpecifier().(*ResourceLocator_ExactContext); ok {
+		return x.ExactContext
+	}
+	return nil
+}
+
+func (x *ResourceLocator) GetDirectives() []*ResourceLocator_Directive {
+	if x != nil {
+		return x.Directives
+	}
+	return nil
+}
+
+type isResourceLocator_ContextParamSpecifier interface {
+	isResourceLocator_ContextParamSpecifier()
+}
+
+type ResourceLocator_ExactContext struct {
+	ExactContext *ContextParams `protobuf:"bytes,5,opt,name=exact_context,json=exactContext,proto3,oneof"`
+}
+
+func (*ResourceLocator_ExactContext) isResourceLocator_ContextParamSpecifier() {}
+
+type ResourceLocator_Directive struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// Types that are assignable to Directive:
+	//	*ResourceLocator_Directive_Alt
+	//	*ResourceLocator_Directive_Entry
+	Directive isResourceLocator_Directive_Directive `protobuf_oneof:"directive"`
+}
+
+func (x *ResourceLocator_Directive) Reset() {
+	*x = ResourceLocator_Directive{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_xds_core_v3_resource_locator_proto_msgTypes[1]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *ResourceLocator_Directive) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*ResourceLocator_Directive) ProtoMessage() {}
+
+func (x *ResourceLocator_Directive) ProtoReflect() protoreflect.Message {
+	mi := &file_xds_core_v3_resource_locator_proto_msgTypes[1]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use ResourceLocator_Directive.ProtoReflect.Descriptor instead.
+func (*ResourceLocator_Directive) Descriptor() ([]byte, []int) {
+	return file_xds_core_v3_resource_locator_proto_rawDescGZIP(), []int{0, 0}
+}
+
+func (m *ResourceLocator_Directive) GetDirective() isResourceLocator_Directive_Directive {
+	if m != nil {
+		return m.Directive
+	}
+	return nil
+}
+
+func (x *ResourceLocator_Directive) GetAlt() *ResourceLocator {
+	if x, ok := x.GetDirective().(*ResourceLocator_Directive_Alt); ok {
+		return x.Alt
+	}
+	return nil
+}
+
+func (x *ResourceLocator_Directive) GetEntry() string {
+	if x, ok := x.GetDirective().(*ResourceLocator_Directive_Entry); ok {
+		return x.Entry
+	}
+	return ""
+}
+
+type isResourceLocator_Directive_Directive interface {
+	isResourceLocator_Directive_Directive()
+}
+
+type ResourceLocator_Directive_Alt struct {
+	Alt *ResourceLocator `protobuf:"bytes,1,opt,name=alt,proto3,oneof"`
+}
+
+type ResourceLocator_Directive_Entry struct {
+	Entry string `protobuf:"bytes,2,opt,name=entry,proto3,oneof"`
+}
+
+func (*ResourceLocator_Directive_Alt) isResourceLocator_Directive_Directive() {}
+
+func (*ResourceLocator_Directive_Entry) isResourceLocator_Directive_Directive() {}
+
+var File_xds_core_v3_resource_locator_proto protoreflect.FileDescriptor
+
+var file_xds_core_v3_resource_locator_proto_rawDesc = []byte{
+	0x0a, 0x22, 0x78, 0x64, 0x73, 0x2f, 0x63, 0x6f, 0x72, 0x65, 0x2f, 0x76, 0x33, 0x2f, 0x72, 0x65,
+	0x73, 0x6f, 0x75, 0x72, 0x63, 0x65, 0x5f, 0x6c, 0x6f, 0x63, 0x61, 0x74, 0x6f, 0x72, 0x2e, 0x70,
+	0x72, 0x6f, 0x74, 0x6f, 0x12, 0x0b, 0x78, 0x64, 0x73, 0x2e, 0x63, 0x6f, 0x72, 0x65, 0x2e, 0x76,
+	0x33, 0x1a, 0x1d, 0x75, 0x64, 0x70, 0x61, 0x2f, 0x61, 0x6e, 0x6e, 0x6f, 0x74, 0x61, 0x74, 0x69,
+	0x6f, 0x6e, 0x73, 0x2f, 0x73, 0x74, 0x61, 0x74, 0x75, 0x73, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f,
+	0x1a, 0x20, 0x78, 0x64, 0x73, 0x2f, 0x63, 0x6f, 0x72, 0x65, 0x2f, 0x76, 0x33, 0x2f, 0x63, 0x6f,
+	0x6e, 0x74, 0x65, 0x78, 0x74, 0x5f, 0x70, 0x61, 0x72, 0x61, 0x6d, 0x73, 0x2e, 0x70, 0x72, 0x6f,
+	0x74, 0x6f, 0x1a, 0x17, 0x76, 0x61, 0x6c, 0x69, 0x64, 0x61, 0x74, 0x65, 0x2f, 0x76, 0x61, 0x6c,
+	0x69, 0x64, 0x61, 0x74, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x22, 0x8e, 0x04, 0x0a, 0x0f,
+	0x52, 0x65, 0x73, 0x6f, 0x75, 0x72, 0x63, 0x65, 0x4c, 0x6f, 0x63, 0x61, 0x74, 0x6f, 0x72, 0x12,
+	0x45, 0x0a, 0x06, 0x73, 0x63, 0x68, 0x65, 0x6d, 0x65, 0x18, 0x01, 0x20, 0x01, 0x28, 0x0e, 0x32,
+	0x23, 0x2e, 0x78, 0x64, 0x73, 0x2e, 0x63, 0x6f, 0x72, 0x65, 0x2e, 0x76, 0x33, 0x2e, 0x52, 0x65,
+	0x73, 0x6f, 0x75, 0x72, 0x63, 0x65, 0x4c, 0x6f, 0x63, 0x61, 0x74, 0x6f, 0x72, 0x2e, 0x53, 0x63,
+	0x68, 0x65, 0x6d, 0x65, 0x42, 0x08, 0xfa, 0x42, 0x05, 0x82, 0x01, 0x02, 0x10, 0x01, 0x52, 0x06,
+	0x73, 0x63, 0x68, 0x65, 0x6d, 0x65, 0x12, 0x0e, 0x0a, 0x02, 0x69, 0x64, 0x18, 0x02, 0x20, 0x01,
+	0x28, 0x09, 0x52, 0x02, 0x69, 0x64, 0x12, 0x1c, 0x0a, 0x09, 0x61, 0x75, 0x74, 0x68, 0x6f, 0x72,
+	0x69, 0x74, 0x79, 0x18, 0x03, 0x20, 0x01, 0x28, 0x09, 0x52, 0x09, 0x61, 0x75, 0x74, 0x68, 0x6f,
+	0x72, 0x69, 0x74, 0x79, 0x12, 0x2c, 0x0a, 0x0d, 0x72, 0x65, 0x73, 0x6f, 0x75, 0x72, 0x63, 0x65,
+	0x5f, 0x74, 0x79, 0x70, 0x65, 0x18, 0x04, 0x20, 0x01, 0x28, 0x09, 0x42, 0x07, 0xfa, 0x42, 0x04,
+	0x72, 0x02, 0x10, 0x01, 0x52, 0x0c, 0x72, 0x65, 0x73, 0x6f, 0x75, 0x72, 0x63, 0x65, 0x54, 0x79,
+	0x70, 0x65, 0x12, 0x41, 0x0a, 0x0d, 0x65, 0x78, 0x61, 0x63, 0x74, 0x5f, 0x63, 0x6f, 0x6e, 0x74,
+	0x65, 0x78, 0x74, 0x18, 0x05, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1a, 0x2e, 0x78, 0x64, 0x73, 0x2e,
+	0x63, 0x6f, 0x72, 0x65, 0x2e, 0x76, 0x33, 0x2e, 0x43, 0x6f, 0x6e, 0x74, 0x65, 0x78, 0x74, 0x50,
+	0x61, 0x72, 0x61, 0x6d, 0x73, 0x48, 0x00, 0x52, 0x0c, 0x65, 0x78, 0x61, 0x63, 0x74, 0x43, 0x6f,
+	0x6e, 0x74, 0x65, 0x78, 0x74, 0x12, 0x46, 0x0a, 0x0a, 0x64, 0x69, 0x72, 0x65, 0x63, 0x74, 0x69,
+	0x76, 0x65, 0x73, 0x18, 0x06, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x26, 0x2e, 0x78, 0x64, 0x73, 0x2e,
+	0x63, 0x6f, 0x72, 0x65, 0x2e, 0x76, 0x33, 0x2e, 0x52, 0x65, 0x73, 0x6f, 0x75, 0x72, 0x63, 0x65,
+	0x4c, 0x6f, 0x63, 0x61, 0x74, 0x6f, 0x72, 0x2e, 0x44, 0x69, 0x72, 0x65, 0x63, 0x74, 0x69, 0x76,
+	0x65, 0x52, 0x0a, 0x64, 0x69, 0x72, 0x65, 0x63, 0x74, 0x69, 0x76, 0x65, 0x73, 0x1a, 0x88, 0x01,
+	0x0a, 0x09, 0x44, 0x69, 0x72, 0x65, 0x63, 0x74, 0x69, 0x76, 0x65, 0x12, 0x30, 0x0a, 0x03, 0x61,
+	0x6c, 0x74, 0x18, 0x01, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1c, 0x2e, 0x78, 0x64, 0x73, 0x2e, 0x63,
+	0x6f, 0x72, 0x65, 0x2e, 0x76, 0x33, 0x2e, 0x52, 0x65, 0x73, 0x6f, 0x75, 0x72, 0x63, 0x65, 0x4c,
+	0x6f, 0x63, 0x61, 0x74, 0x6f, 0x72, 0x48, 0x00, 0x52, 0x03, 0x61, 0x6c, 0x74, 0x12, 0x37, 0x0a,
+	0x05, 0x65, 0x6e, 0x74, 0x72, 0x79, 0x18, 0x02, 0x20, 0x01, 0x28, 0x09, 0x42, 0x1f, 0xfa, 0x42,
+	0x1c, 0x72, 0x1a, 0x10, 0x01, 0x32, 0x16, 0x5e, 0x5b, 0x30, 0x2d, 0x39, 0x61, 0x2d, 0x7a, 0x41,
+	0x2d, 0x5a, 0x5f, 0x5c, 0x2d, 0x5c, 0x2e, 0x2f, 0x7e, 0x3a, 0x5d, 0x2b, 0x24, 0x48, 0x00, 0x52,
+	0x05, 0x65, 0x6e, 0x74, 0x72, 0x79, 0x42, 0x10, 0x0a, 0x09, 0x64, 0x69, 0x72, 0x65, 0x63, 0x74,
+	0x69, 0x76, 0x65, 0x12, 0x03, 0xf8, 0x42, 0x01, 0x22, 0x27, 0x0a, 0x06, 0x53, 0x63, 0x68, 0x65,
+	0x6d, 0x65, 0x12, 0x09, 0x0a, 0x05, 0x58, 0x44, 0x53, 0x54, 0x50, 0x10, 0x00, 0x12, 0x08, 0x0a,
+	0x04, 0x48, 0x54, 0x54, 0x50, 0x10, 0x01, 0x12, 0x08, 0x0a, 0x04, 0x46, 0x49, 0x4c, 0x45, 0x10,
+	0x02, 0x42, 0x19, 0x0a, 0x17, 0x63, 0x6f, 0x6e, 0x74, 0x65, 0x78, 0x74, 0x5f, 0x70, 0x61, 0x72,
+	0x61, 0x6d, 0x5f, 0x73, 0x70, 0x65, 0x63, 0x69, 0x66, 0x69, 0x65, 0x72, 0x42, 0x38, 0x0a, 0x16,
+	0x63, 0x6f, 0x6d, 0x2e, 0x67, 0x69, 0x74, 0x68, 0x75, 0x62, 0x2e, 0x78, 0x64, 0x73, 0x2e, 0x63,
+	0x6f, 0x72, 0x65, 0x2e, 0x76, 0x33, 0x42, 0x14, 0x52, 0x65, 0x73, 0x6f, 0x75, 0x72, 0x63, 0x65,
+	0x4c, 0x6f, 0x63, 0x61, 0x74, 0x6f, 0x72, 0x50, 0x72, 0x6f, 0x74, 0x6f, 0x50, 0x01, 0xba, 0x80,
+	0xc8, 0xd1, 0x06, 0x02, 0x08, 0x01, 0x62, 0x06, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x33,
+}
+
+var (
+	file_xds_core_v3_resource_locator_proto_rawDescOnce sync.Once
+	file_xds_core_v3_resource_locator_proto_rawDescData = file_xds_core_v3_resource_locator_proto_rawDesc
+)
+
+func file_xds_core_v3_resource_locator_proto_rawDescGZIP() []byte {
+	file_xds_core_v3_resource_locator_proto_rawDescOnce.Do(func() {
+		file_xds_core_v3_resource_locator_proto_rawDescData = protoimpl.X.CompressGZIP(file_xds_core_v3_resource_locator_proto_rawDescData)
+	})
+	return file_xds_core_v3_resource_locator_proto_rawDescData
+}
+
+var file_xds_core_v3_resource_locator_proto_enumTypes = make([]protoimpl.EnumInfo, 1)
+var file_xds_core_v3_resource_locator_proto_msgTypes = make([]protoimpl.MessageInfo, 2)
+var file_xds_core_v3_resource_locator_proto_goTypes = []interface{}{
+	(ResourceLocator_Scheme)(0),       // 0: xds.core.v3.ResourceLocator.Scheme
+	(*ResourceLocator)(nil),           // 1: xds.core.v3.ResourceLocator
+	(*ResourceLocator_Directive)(nil), // 2: xds.core.v3.ResourceLocator.Directive
+	(*ContextParams)(nil),             // 3: xds.core.v3.ContextParams
+}
+var file_xds_core_v3_resource_locator_proto_depIdxs = []int32{
+	0, // 0: xds.core.v3.ResourceLocator.scheme:type_name -> xds.core.v3.ResourceLocator.Scheme
+	3, // 1: xds.core.v3.ResourceLocator.exact_context:type_name -> xds.core.v3.ContextParams
+	2, // 2: xds.core.v3.ResourceLocator.directives:type_name -> xds.core.v3.ResourceLocator.Directive
+	1, // 3: xds.core.v3.ResourceLocator.Directive.alt:type_name -> xds.core.v3.ResourceLocator
+	4, // [4:4] is the sub-list for method output_type
+	4, // [4:4] is the sub-list for method input_type
+	4, // [4:4] is the sub-list for extension type_name
+	4, // [4:4] is the sub-list for extension extendee
+	0, // [0:4] is the sub-list for field type_name
+}
+
+func init() { file_xds_core_v3_resource_locator_proto_init() }
+func file_xds_core_v3_resource_locator_proto_init() {
+	if File_xds_core_v3_resource_locator_proto != nil {
+		return
+	}
+	file_xds_core_v3_context_params_proto_init()
+	if !protoimpl.UnsafeEnabled {
+		file_xds_core_v3_resource_locator_proto_msgTypes[0].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*ResourceLocator); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_xds_core_v3_resource_locator_proto_msgTypes[1].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*ResourceLocator_Directive); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+	}
+	file_xds_core_v3_resource_locator_proto_msgTypes[0].OneofWrappers = []interface{}{
+		(*ResourceLocator_ExactContext)(nil),
+	}
+	file_xds_core_v3_resource_locator_proto_msgTypes[1].OneofWrappers = []interface{}{
+		(*ResourceLocator_Directive_Alt)(nil),
+		(*ResourceLocator_Directive_Entry)(nil),
+	}
+	type x struct{}
+	out := protoimpl.TypeBuilder{
+		File: protoimpl.DescBuilder{
+			GoPackagePath: reflect.TypeOf(x{}).PkgPath(),
+			RawDescriptor: file_xds_core_v3_resource_locator_proto_rawDesc,
+			NumEnums:      1,
+			NumMessages:   2,
+			NumExtensions: 0,
+			NumServices:   0,
+		},
+		GoTypes:           file_xds_core_v3_resource_locator_proto_goTypes,
+		DependencyIndexes: file_xds_core_v3_resource_locator_proto_depIdxs,
+		EnumInfos:         file_xds_core_v3_resource_locator_proto_enumTypes,
+		MessageInfos:      file_xds_core_v3_resource_locator_proto_msgTypes,
+	}.Build()
+	File_xds_core_v3_resource_locator_proto = out.File
+	file_xds_core_v3_resource_locator_proto_rawDesc = nil
+	file_xds_core_v3_resource_locator_proto_goTypes = nil
+	file_xds_core_v3_resource_locator_proto_depIdxs = nil
+}
diff --git a/vendor/github.com/cncf/xds/go/xds/core/v3/resource_locator.pb.validate.go b/vendor/github.com/cncf/xds/go/xds/core/v3/resource_locator.pb.validate.go
new file mode 100644
index 00000000000..f8ceac873a7
--- /dev/null
+++ b/vendor/github.com/cncf/xds/go/xds/core/v3/resource_locator.pb.validate.go
@@ -0,0 +1,255 @@
+// Code generated by protoc-gen-validate. DO NOT EDIT.
+// source: xds/core/v3/resource_locator.proto
+
+package xds_core_v3
+
+import (
+	"bytes"
+	"errors"
+	"fmt"
+	"net"
+	"net/mail"
+	"net/url"
+	"regexp"
+	"strings"
+	"time"
+	"unicode/utf8"
+
+	"google.golang.org/protobuf/types/known/anypb"
+)
+
+// ensure the imports are used
+var (
+	_ = bytes.MinRead
+	_ = errors.New("")
+	_ = fmt.Print
+	_ = utf8.UTFMax
+	_ = (*regexp.Regexp)(nil)
+	_ = (*strings.Reader)(nil)
+	_ = net.IPv4len
+	_ = time.Duration(0)
+	_ = (*url.URL)(nil)
+	_ = (*mail.Address)(nil)
+	_ = anypb.Any{}
+)
+
+// Validate checks the field values on ResourceLocator with the rules defined
+// in the proto definition for this message. If any rules are violated, an
+// error is returned.
+func (m *ResourceLocator) Validate() error {
+	if m == nil {
+		return nil
+	}
+
+	if _, ok := ResourceLocator_Scheme_name[int32(m.GetScheme())]; !ok {
+		return ResourceLocatorValidationError{
+			field:  "Scheme",
+			reason: "value must be one of the defined enum values",
+		}
+	}
+
+	// no validation rules for Id
+
+	// no validation rules for Authority
+
+	if utf8.RuneCountInString(m.GetResourceType()) < 1 {
+		return ResourceLocatorValidationError{
+			field:  "ResourceType",
+			reason: "value length must be at least 1 runes",
+		}
+	}
+
+	for idx, item := range m.GetDirectives() {
+		_, _ = idx, item
+
+		if v, ok := interface{}(item).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return ResourceLocatorValidationError{
+					field:  fmt.Sprintf("Directives[%v]", idx),
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	}
+
+	switch m.ContextParamSpecifier.(type) {
+
+	case *ResourceLocator_ExactContext:
+
+		if v, ok := interface{}(m.GetExactContext()).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return ResourceLocatorValidationError{
+					field:  "ExactContext",
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	}
+
+	return nil
+}
+
+// ResourceLocatorValidationError is the validation error returned by
+// ResourceLocator.Validate if the designated constraints aren't met.
+type ResourceLocatorValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e ResourceLocatorValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e ResourceLocatorValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e ResourceLocatorValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e ResourceLocatorValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e ResourceLocatorValidationError) ErrorName() string { return "ResourceLocatorValidationError" }
+
+// Error satisfies the builtin error interface
+func (e ResourceLocatorValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sResourceLocator.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = ResourceLocatorValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = ResourceLocatorValidationError{}
+
+// Validate checks the field values on ResourceLocator_Directive with the rules
+// defined in the proto definition for this message. If any rules are
+// violated, an error is returned.
+func (m *ResourceLocator_Directive) Validate() error {
+	if m == nil {
+		return nil
+	}
+
+	switch m.Directive.(type) {
+
+	case *ResourceLocator_Directive_Alt:
+
+		if v, ok := interface{}(m.GetAlt()).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return ResourceLocator_DirectiveValidationError{
+					field:  "Alt",
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	case *ResourceLocator_Directive_Entry:
+
+		if utf8.RuneCountInString(m.GetEntry()) < 1 {
+			return ResourceLocator_DirectiveValidationError{
+				field:  "Entry",
+				reason: "value length must be at least 1 runes",
+			}
+		}
+
+		if !_ResourceLocator_Directive_Entry_Pattern.MatchString(m.GetEntry()) {
+			return ResourceLocator_DirectiveValidationError{
+				field:  "Entry",
+				reason: "value does not match regex pattern \"^[0-9a-zA-Z_\\\\-\\\\./~:]+$\"",
+			}
+		}
+
+	default:
+		return ResourceLocator_DirectiveValidationError{
+			field:  "Directive",
+			reason: "value is required",
+		}
+
+	}
+
+	return nil
+}
+
+// ResourceLocator_DirectiveValidationError is the validation error returned by
+// ResourceLocator_Directive.Validate if the designated constraints aren't met.
+type ResourceLocator_DirectiveValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e ResourceLocator_DirectiveValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e ResourceLocator_DirectiveValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e ResourceLocator_DirectiveValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e ResourceLocator_DirectiveValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e ResourceLocator_DirectiveValidationError) ErrorName() string {
+	return "ResourceLocator_DirectiveValidationError"
+}
+
+// Error satisfies the builtin error interface
+func (e ResourceLocator_DirectiveValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sResourceLocator_Directive.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = ResourceLocator_DirectiveValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = ResourceLocator_DirectiveValidationError{}
+
+var _ResourceLocator_Directive_Entry_Pattern = regexp.MustCompile("^[0-9a-zA-Z_\\-\\./~:]+$")
diff --git a/vendor/github.com/cncf/xds/go/xds/core/v3/resource_name.pb.go b/vendor/github.com/cncf/xds/go/xds/core/v3/resource_name.pb.go
new file mode 100644
index 00000000000..7dd720351d9
--- /dev/null
+++ b/vendor/github.com/cncf/xds/go/xds/core/v3/resource_name.pb.go
@@ -0,0 +1,193 @@
+// Code generated by protoc-gen-go. DO NOT EDIT.
+// versions:
+// 	protoc-gen-go v1.25.0
+// 	protoc        v3.18.0
+// source: xds/core/v3/resource_name.proto
+
+package xds_core_v3
+
+import (
+	_ "github.com/cncf/xds/go/udpa/annotations"
+	_ "github.com/envoyproxy/protoc-gen-validate/validate"
+	proto "github.com/golang/protobuf/proto"
+	protoreflect "google.golang.org/protobuf/reflect/protoreflect"
+	protoimpl "google.golang.org/protobuf/runtime/protoimpl"
+	reflect "reflect"
+	sync "sync"
+)
+
+const (
+	// Verify that this generated code is sufficiently up-to-date.
+	_ = protoimpl.EnforceVersion(20 - protoimpl.MinVersion)
+	// Verify that runtime/protoimpl is sufficiently up-to-date.
+	_ = protoimpl.EnforceVersion(protoimpl.MaxVersion - 20)
+)
+
+// This is a compile-time assertion that a sufficiently up-to-date version
+// of the legacy proto package is being used.
+const _ = proto.ProtoPackageIsVersion4
+
+type ResourceName struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	Id           string         `protobuf:"bytes,1,opt,name=id,proto3" json:"id,omitempty"`
+	Authority    string         `protobuf:"bytes,2,opt,name=authority,proto3" json:"authority,omitempty"`
+	ResourceType string         `protobuf:"bytes,3,opt,name=resource_type,json=resourceType,proto3" json:"resource_type,omitempty"`
+	Context      *ContextParams `protobuf:"bytes,4,opt,name=context,proto3" json:"context,omitempty"`
+}
+
+func (x *ResourceName) Reset() {
+	*x = ResourceName{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_xds_core_v3_resource_name_proto_msgTypes[0]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *ResourceName) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*ResourceName) ProtoMessage() {}
+
+func (x *ResourceName) ProtoReflect() protoreflect.Message {
+	mi := &file_xds_core_v3_resource_name_proto_msgTypes[0]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use ResourceName.ProtoReflect.Descriptor instead.
+func (*ResourceName) Descriptor() ([]byte, []int) {
+	return file_xds_core_v3_resource_name_proto_rawDescGZIP(), []int{0}
+}
+
+func (x *ResourceName) GetId() string {
+	if x != nil {
+		return x.Id
+	}
+	return ""
+}
+
+func (x *ResourceName) GetAuthority() string {
+	if x != nil {
+		return x.Authority
+	}
+	return ""
+}
+
+func (x *ResourceName) GetResourceType() string {
+	if x != nil {
+		return x.ResourceType
+	}
+	return ""
+}
+
+func (x *ResourceName) GetContext() *ContextParams {
+	if x != nil {
+		return x.Context
+	}
+	return nil
+}
+
+var File_xds_core_v3_resource_name_proto protoreflect.FileDescriptor
+
+var file_xds_core_v3_resource_name_proto_rawDesc = []byte{
+	0x0a, 0x1f, 0x78, 0x64, 0x73, 0x2f, 0x63, 0x6f, 0x72, 0x65, 0x2f, 0x76, 0x33, 0x2f, 0x72, 0x65,
+	0x73, 0x6f, 0x75, 0x72, 0x63, 0x65, 0x5f, 0x6e, 0x61, 0x6d, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74,
+	0x6f, 0x12, 0x0b, 0x78, 0x64, 0x73, 0x2e, 0x63, 0x6f, 0x72, 0x65, 0x2e, 0x76, 0x33, 0x1a, 0x1d,
+	0x75, 0x64, 0x70, 0x61, 0x2f, 0x61, 0x6e, 0x6e, 0x6f, 0x74, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x73,
+	0x2f, 0x73, 0x74, 0x61, 0x74, 0x75, 0x73, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x20, 0x78,
+	0x64, 0x73, 0x2f, 0x63, 0x6f, 0x72, 0x65, 0x2f, 0x76, 0x33, 0x2f, 0x63, 0x6f, 0x6e, 0x74, 0x65,
+	0x78, 0x74, 0x5f, 0x70, 0x61, 0x72, 0x61, 0x6d, 0x73, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a,
+	0x17, 0x76, 0x61, 0x6c, 0x69, 0x64, 0x61, 0x74, 0x65, 0x2f, 0x76, 0x61, 0x6c, 0x69, 0x64, 0x61,
+	0x74, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x22, 0xa0, 0x01, 0x0a, 0x0c, 0x52, 0x65, 0x73,
+	0x6f, 0x75, 0x72, 0x63, 0x65, 0x4e, 0x61, 0x6d, 0x65, 0x12, 0x0e, 0x0a, 0x02, 0x69, 0x64, 0x18,
+	0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x02, 0x69, 0x64, 0x12, 0x1c, 0x0a, 0x09, 0x61, 0x75, 0x74,
+	0x68, 0x6f, 0x72, 0x69, 0x74, 0x79, 0x18, 0x02, 0x20, 0x01, 0x28, 0x09, 0x52, 0x09, 0x61, 0x75,
+	0x74, 0x68, 0x6f, 0x72, 0x69, 0x74, 0x79, 0x12, 0x2c, 0x0a, 0x0d, 0x72, 0x65, 0x73, 0x6f, 0x75,
+	0x72, 0x63, 0x65, 0x5f, 0x74, 0x79, 0x70, 0x65, 0x18, 0x03, 0x20, 0x01, 0x28, 0x09, 0x42, 0x07,
+	0xfa, 0x42, 0x04, 0x72, 0x02, 0x10, 0x01, 0x52, 0x0c, 0x72, 0x65, 0x73, 0x6f, 0x75, 0x72, 0x63,
+	0x65, 0x54, 0x79, 0x70, 0x65, 0x12, 0x34, 0x0a, 0x07, 0x63, 0x6f, 0x6e, 0x74, 0x65, 0x78, 0x74,
+	0x18, 0x04, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1a, 0x2e, 0x78, 0x64, 0x73, 0x2e, 0x63, 0x6f, 0x72,
+	0x65, 0x2e, 0x76, 0x33, 0x2e, 0x43, 0x6f, 0x6e, 0x74, 0x65, 0x78, 0x74, 0x50, 0x61, 0x72, 0x61,
+	0x6d, 0x73, 0x52, 0x07, 0x63, 0x6f, 0x6e, 0x74, 0x65, 0x78, 0x74, 0x42, 0x35, 0x0a, 0x16, 0x63,
+	0x6f, 0x6d, 0x2e, 0x67, 0x69, 0x74, 0x68, 0x75, 0x62, 0x2e, 0x78, 0x64, 0x73, 0x2e, 0x63, 0x6f,
+	0x72, 0x65, 0x2e, 0x76, 0x33, 0x42, 0x11, 0x52, 0x65, 0x73, 0x6f, 0x75, 0x72, 0x63, 0x65, 0x4e,
+	0x61, 0x6d, 0x65, 0x50, 0x72, 0x6f, 0x74, 0x6f, 0x50, 0x01, 0xba, 0x80, 0xc8, 0xd1, 0x06, 0x02,
+	0x08, 0x01, 0x62, 0x06, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x33,
+}
+
+var (
+	file_xds_core_v3_resource_name_proto_rawDescOnce sync.Once
+	file_xds_core_v3_resource_name_proto_rawDescData = file_xds_core_v3_resource_name_proto_rawDesc
+)
+
+func file_xds_core_v3_resource_name_proto_rawDescGZIP() []byte {
+	file_xds_core_v3_resource_name_proto_rawDescOnce.Do(func() {
+		file_xds_core_v3_resource_name_proto_rawDescData = protoimpl.X.CompressGZIP(file_xds_core_v3_resource_name_proto_rawDescData)
+	})
+	return file_xds_core_v3_resource_name_proto_rawDescData
+}
+
+var file_xds_core_v3_resource_name_proto_msgTypes = make([]protoimpl.MessageInfo, 1)
+var file_xds_core_v3_resource_name_proto_goTypes = []interface{}{
+	(*ResourceName)(nil),  // 0: xds.core.v3.ResourceName
+	(*ContextParams)(nil), // 1: xds.core.v3.ContextParams
+}
+var file_xds_core_v3_resource_name_proto_depIdxs = []int32{
+	1, // 0: xds.core.v3.ResourceName.context:type_name -> xds.core.v3.ContextParams
+	1, // [1:1] is the sub-list for method output_type
+	1, // [1:1] is the sub-list for method input_type
+	1, // [1:1] is the sub-list for extension type_name
+	1, // [1:1] is the sub-list for extension extendee
+	0, // [0:1] is the sub-list for field type_name
+}
+
+func init() { file_xds_core_v3_resource_name_proto_init() }
+func file_xds_core_v3_resource_name_proto_init() {
+	if File_xds_core_v3_resource_name_proto != nil {
+		return
+	}
+	file_xds_core_v3_context_params_proto_init()
+	if !protoimpl.UnsafeEnabled {
+		file_xds_core_v3_resource_name_proto_msgTypes[0].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*ResourceName); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+	}
+	type x struct{}
+	out := protoimpl.TypeBuilder{
+		File: protoimpl.DescBuilder{
+			GoPackagePath: reflect.TypeOf(x{}).PkgPath(),
+			RawDescriptor: file_xds_core_v3_resource_name_proto_rawDesc,
+			NumEnums:      0,
+			NumMessages:   1,
+			NumExtensions: 0,
+			NumServices:   0,
+		},
+		GoTypes:           file_xds_core_v3_resource_name_proto_goTypes,
+		DependencyIndexes: file_xds_core_v3_resource_name_proto_depIdxs,
+		MessageInfos:      file_xds_core_v3_resource_name_proto_msgTypes,
+	}.Build()
+	File_xds_core_v3_resource_name_proto = out.File
+	file_xds_core_v3_resource_name_proto_rawDesc = nil
+	file_xds_core_v3_resource_name_proto_goTypes = nil
+	file_xds_core_v3_resource_name_proto_depIdxs = nil
+}
diff --git a/vendor/github.com/cncf/xds/go/xds/core/v3/resource_name.pb.validate.go b/vendor/github.com/cncf/xds/go/xds/core/v3/resource_name.pb.validate.go
new file mode 100644
index 00000000000..ea19f27f955
--- /dev/null
+++ b/vendor/github.com/cncf/xds/go/xds/core/v3/resource_name.pb.validate.go
@@ -0,0 +1,120 @@
+// Code generated by protoc-gen-validate. DO NOT EDIT.
+// source: xds/core/v3/resource_name.proto
+
+package xds_core_v3
+
+import (
+	"bytes"
+	"errors"
+	"fmt"
+	"net"
+	"net/mail"
+	"net/url"
+	"regexp"
+	"strings"
+	"time"
+	"unicode/utf8"
+
+	"google.golang.org/protobuf/types/known/anypb"
+)
+
+// ensure the imports are used
+var (
+	_ = bytes.MinRead
+	_ = errors.New("")
+	_ = fmt.Print
+	_ = utf8.UTFMax
+	_ = (*regexp.Regexp)(nil)
+	_ = (*strings.Reader)(nil)
+	_ = net.IPv4len
+	_ = time.Duration(0)
+	_ = (*url.URL)(nil)
+	_ = (*mail.Address)(nil)
+	_ = anypb.Any{}
+)
+
+// Validate checks the field values on ResourceName with the rules defined in
+// the proto definition for this message. If any rules are violated, an error
+// is returned.
+func (m *ResourceName) Validate() error {
+	if m == nil {
+		return nil
+	}
+
+	// no validation rules for Id
+
+	// no validation rules for Authority
+
+	if utf8.RuneCountInString(m.GetResourceType()) < 1 {
+		return ResourceNameValidationError{
+			field:  "ResourceType",
+			reason: "value length must be at least 1 runes",
+		}
+	}
+
+	if v, ok := interface{}(m.GetContext()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return ResourceNameValidationError{
+				field:  "Context",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	return nil
+}
+
+// ResourceNameValidationError is the validation error returned by
+// ResourceName.Validate if the designated constraints aren't met.
+type ResourceNameValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e ResourceNameValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e ResourceNameValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e ResourceNameValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e ResourceNameValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e ResourceNameValidationError) ErrorName() string { return "ResourceNameValidationError" }
+
+// Error satisfies the builtin error interface
+func (e ResourceNameValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sResourceName.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = ResourceNameValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = ResourceNameValidationError{}
diff --git a/vendor/github.com/cncf/xds/go/xds/type/matcher/v3/matcher.pb.go b/vendor/github.com/cncf/xds/go/xds/type/matcher/v3/matcher.pb.go
new file mode 100644
index 00000000000..b5c5347a4ad
--- /dev/null
+++ b/vendor/github.com/cncf/xds/go/xds/type/matcher/v3/matcher.pb.go
@@ -0,0 +1,1058 @@
+// Code generated by protoc-gen-go. DO NOT EDIT.
+// versions:
+// 	protoc-gen-go v1.25.0
+// 	protoc        v3.18.0
+// source: xds/type/matcher/v3/matcher.proto
+
+package xds_type_matcher_v3
+
+import (
+	_ "github.com/cncf/xds/go/xds/annotations/v3"
+	v3 "github.com/cncf/xds/go/xds/core/v3"
+	_ "github.com/envoyproxy/protoc-gen-validate/validate"
+	proto "github.com/golang/protobuf/proto"
+	protoreflect "google.golang.org/protobuf/reflect/protoreflect"
+	protoimpl "google.golang.org/protobuf/runtime/protoimpl"
+	reflect "reflect"
+	sync "sync"
+)
+
+const (
+	// Verify that this generated code is sufficiently up-to-date.
+	_ = protoimpl.EnforceVersion(20 - protoimpl.MinVersion)
+	// Verify that runtime/protoimpl is sufficiently up-to-date.
+	_ = protoimpl.EnforceVersion(protoimpl.MaxVersion - 20)
+)
+
+// This is a compile-time assertion that a sufficiently up-to-date version
+// of the legacy proto package is being used.
+const _ = proto.ProtoPackageIsVersion4
+
+type Matcher struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// Types that are assignable to MatcherType:
+	//	*Matcher_MatcherList_
+	//	*Matcher_MatcherTree_
+	MatcherType isMatcher_MatcherType `protobuf_oneof:"matcher_type"`
+	OnNoMatch   *Matcher_OnMatch      `protobuf:"bytes,3,opt,name=on_no_match,json=onNoMatch,proto3" json:"on_no_match,omitempty"`
+}
+
+func (x *Matcher) Reset() {
+	*x = Matcher{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_xds_type_matcher_v3_matcher_proto_msgTypes[0]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *Matcher) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*Matcher) ProtoMessage() {}
+
+func (x *Matcher) ProtoReflect() protoreflect.Message {
+	mi := &file_xds_type_matcher_v3_matcher_proto_msgTypes[0]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use Matcher.ProtoReflect.Descriptor instead.
+func (*Matcher) Descriptor() ([]byte, []int) {
+	return file_xds_type_matcher_v3_matcher_proto_rawDescGZIP(), []int{0}
+}
+
+func (m *Matcher) GetMatcherType() isMatcher_MatcherType {
+	if m != nil {
+		return m.MatcherType
+	}
+	return nil
+}
+
+func (x *Matcher) GetMatcherList() *Matcher_MatcherList {
+	if x, ok := x.GetMatcherType().(*Matcher_MatcherList_); ok {
+		return x.MatcherList
+	}
+	return nil
+}
+
+func (x *Matcher) GetMatcherTree() *Matcher_MatcherTree {
+	if x, ok := x.GetMatcherType().(*Matcher_MatcherTree_); ok {
+		return x.MatcherTree
+	}
+	return nil
+}
+
+func (x *Matcher) GetOnNoMatch() *Matcher_OnMatch {
+	if x != nil {
+		return x.OnNoMatch
+	}
+	return nil
+}
+
+type isMatcher_MatcherType interface {
+	isMatcher_MatcherType()
+}
+
+type Matcher_MatcherList_ struct {
+	MatcherList *Matcher_MatcherList `protobuf:"bytes,1,opt,name=matcher_list,json=matcherList,proto3,oneof"`
+}
+
+type Matcher_MatcherTree_ struct {
+	MatcherTree *Matcher_MatcherTree `protobuf:"bytes,2,opt,name=matcher_tree,json=matcherTree,proto3,oneof"`
+}
+
+func (*Matcher_MatcherList_) isMatcher_MatcherType() {}
+
+func (*Matcher_MatcherTree_) isMatcher_MatcherType() {}
+
+type Matcher_OnMatch struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// Types that are assignable to OnMatch:
+	//	*Matcher_OnMatch_Matcher
+	//	*Matcher_OnMatch_Action
+	OnMatch isMatcher_OnMatch_OnMatch `protobuf_oneof:"on_match"`
+}
+
+func (x *Matcher_OnMatch) Reset() {
+	*x = Matcher_OnMatch{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_xds_type_matcher_v3_matcher_proto_msgTypes[1]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *Matcher_OnMatch) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*Matcher_OnMatch) ProtoMessage() {}
+
+func (x *Matcher_OnMatch) ProtoReflect() protoreflect.Message {
+	mi := &file_xds_type_matcher_v3_matcher_proto_msgTypes[1]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use Matcher_OnMatch.ProtoReflect.Descriptor instead.
+func (*Matcher_OnMatch) Descriptor() ([]byte, []int) {
+	return file_xds_type_matcher_v3_matcher_proto_rawDescGZIP(), []int{0, 0}
+}
+
+func (m *Matcher_OnMatch) GetOnMatch() isMatcher_OnMatch_OnMatch {
+	if m != nil {
+		return m.OnMatch
+	}
+	return nil
+}
+
+func (x *Matcher_OnMatch) GetMatcher() *Matcher {
+	if x, ok := x.GetOnMatch().(*Matcher_OnMatch_Matcher); ok {
+		return x.Matcher
+	}
+	return nil
+}
+
+func (x *Matcher_OnMatch) GetAction() *v3.TypedExtensionConfig {
+	if x, ok := x.GetOnMatch().(*Matcher_OnMatch_Action); ok {
+		return x.Action
+	}
+	return nil
+}
+
+type isMatcher_OnMatch_OnMatch interface {
+	isMatcher_OnMatch_OnMatch()
+}
+
+type Matcher_OnMatch_Matcher struct {
+	Matcher *Matcher `protobuf:"bytes,1,opt,name=matcher,proto3,oneof"`
+}
+
+type Matcher_OnMatch_Action struct {
+	Action *v3.TypedExtensionConfig `protobuf:"bytes,2,opt,name=action,proto3,oneof"`
+}
+
+func (*Matcher_OnMatch_Matcher) isMatcher_OnMatch_OnMatch() {}
+
+func (*Matcher_OnMatch_Action) isMatcher_OnMatch_OnMatch() {}
+
+type Matcher_MatcherList struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	Matchers []*Matcher_MatcherList_FieldMatcher `protobuf:"bytes,1,rep,name=matchers,proto3" json:"matchers,omitempty"`
+}
+
+func (x *Matcher_MatcherList) Reset() {
+	*x = Matcher_MatcherList{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_xds_type_matcher_v3_matcher_proto_msgTypes[2]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *Matcher_MatcherList) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*Matcher_MatcherList) ProtoMessage() {}
+
+func (x *Matcher_MatcherList) ProtoReflect() protoreflect.Message {
+	mi := &file_xds_type_matcher_v3_matcher_proto_msgTypes[2]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use Matcher_MatcherList.ProtoReflect.Descriptor instead.
+func (*Matcher_MatcherList) Descriptor() ([]byte, []int) {
+	return file_xds_type_matcher_v3_matcher_proto_rawDescGZIP(), []int{0, 1}
+}
+
+func (x *Matcher_MatcherList) GetMatchers() []*Matcher_MatcherList_FieldMatcher {
+	if x != nil {
+		return x.Matchers
+	}
+	return nil
+}
+
+type Matcher_MatcherTree struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	Input *v3.TypedExtensionConfig `protobuf:"bytes,1,opt,name=input,proto3" json:"input,omitempty"`
+	// Types that are assignable to TreeType:
+	//	*Matcher_MatcherTree_ExactMatchMap
+	//	*Matcher_MatcherTree_PrefixMatchMap
+	//	*Matcher_MatcherTree_CustomMatch
+	TreeType isMatcher_MatcherTree_TreeType `protobuf_oneof:"tree_type"`
+}
+
+func (x *Matcher_MatcherTree) Reset() {
+	*x = Matcher_MatcherTree{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_xds_type_matcher_v3_matcher_proto_msgTypes[3]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *Matcher_MatcherTree) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*Matcher_MatcherTree) ProtoMessage() {}
+
+func (x *Matcher_MatcherTree) ProtoReflect() protoreflect.Message {
+	mi := &file_xds_type_matcher_v3_matcher_proto_msgTypes[3]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use Matcher_MatcherTree.ProtoReflect.Descriptor instead.
+func (*Matcher_MatcherTree) Descriptor() ([]byte, []int) {
+	return file_xds_type_matcher_v3_matcher_proto_rawDescGZIP(), []int{0, 2}
+}
+
+func (x *Matcher_MatcherTree) GetInput() *v3.TypedExtensionConfig {
+	if x != nil {
+		return x.Input
+	}
+	return nil
+}
+
+func (m *Matcher_MatcherTree) GetTreeType() isMatcher_MatcherTree_TreeType {
+	if m != nil {
+		return m.TreeType
+	}
+	return nil
+}
+
+func (x *Matcher_MatcherTree) GetExactMatchMap() *Matcher_MatcherTree_MatchMap {
+	if x, ok := x.GetTreeType().(*Matcher_MatcherTree_ExactMatchMap); ok {
+		return x.ExactMatchMap
+	}
+	return nil
+}
+
+func (x *Matcher_MatcherTree) GetPrefixMatchMap() *Matcher_MatcherTree_MatchMap {
+	if x, ok := x.GetTreeType().(*Matcher_MatcherTree_PrefixMatchMap); ok {
+		return x.PrefixMatchMap
+	}
+	return nil
+}
+
+func (x *Matcher_MatcherTree) GetCustomMatch() *v3.TypedExtensionConfig {
+	if x, ok := x.GetTreeType().(*Matcher_MatcherTree_CustomMatch); ok {
+		return x.CustomMatch
+	}
+	return nil
+}
+
+type isMatcher_MatcherTree_TreeType interface {
+	isMatcher_MatcherTree_TreeType()
+}
+
+type Matcher_MatcherTree_ExactMatchMap struct {
+	ExactMatchMap *Matcher_MatcherTree_MatchMap `protobuf:"bytes,2,opt,name=exact_match_map,json=exactMatchMap,proto3,oneof"`
+}
+
+type Matcher_MatcherTree_PrefixMatchMap struct {
+	PrefixMatchMap *Matcher_MatcherTree_MatchMap `protobuf:"bytes,3,opt,name=prefix_match_map,json=prefixMatchMap,proto3,oneof"`
+}
+
+type Matcher_MatcherTree_CustomMatch struct {
+	CustomMatch *v3.TypedExtensionConfig `protobuf:"bytes,4,opt,name=custom_match,json=customMatch,proto3,oneof"`
+}
+
+func (*Matcher_MatcherTree_ExactMatchMap) isMatcher_MatcherTree_TreeType() {}
+
+func (*Matcher_MatcherTree_PrefixMatchMap) isMatcher_MatcherTree_TreeType() {}
+
+func (*Matcher_MatcherTree_CustomMatch) isMatcher_MatcherTree_TreeType() {}
+
+type Matcher_MatcherList_Predicate struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// Types that are assignable to MatchType:
+	//	*Matcher_MatcherList_Predicate_SinglePredicate_
+	//	*Matcher_MatcherList_Predicate_OrMatcher
+	//	*Matcher_MatcherList_Predicate_AndMatcher
+	//	*Matcher_MatcherList_Predicate_NotMatcher
+	MatchType isMatcher_MatcherList_Predicate_MatchType `protobuf_oneof:"match_type"`
+}
+
+func (x *Matcher_MatcherList_Predicate) Reset() {
+	*x = Matcher_MatcherList_Predicate{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_xds_type_matcher_v3_matcher_proto_msgTypes[4]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *Matcher_MatcherList_Predicate) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*Matcher_MatcherList_Predicate) ProtoMessage() {}
+
+func (x *Matcher_MatcherList_Predicate) ProtoReflect() protoreflect.Message {
+	mi := &file_xds_type_matcher_v3_matcher_proto_msgTypes[4]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use Matcher_MatcherList_Predicate.ProtoReflect.Descriptor instead.
+func (*Matcher_MatcherList_Predicate) Descriptor() ([]byte, []int) {
+	return file_xds_type_matcher_v3_matcher_proto_rawDescGZIP(), []int{0, 1, 0}
+}
+
+func (m *Matcher_MatcherList_Predicate) GetMatchType() isMatcher_MatcherList_Predicate_MatchType {
+	if m != nil {
+		return m.MatchType
+	}
+	return nil
+}
+
+func (x *Matcher_MatcherList_Predicate) GetSinglePredicate() *Matcher_MatcherList_Predicate_SinglePredicate {
+	if x, ok := x.GetMatchType().(*Matcher_MatcherList_Predicate_SinglePredicate_); ok {
+		return x.SinglePredicate
+	}
+	return nil
+}
+
+func (x *Matcher_MatcherList_Predicate) GetOrMatcher() *Matcher_MatcherList_Predicate_PredicateList {
+	if x, ok := x.GetMatchType().(*Matcher_MatcherList_Predicate_OrMatcher); ok {
+		return x.OrMatcher
+	}
+	return nil
+}
+
+func (x *Matcher_MatcherList_Predicate) GetAndMatcher() *Matcher_MatcherList_Predicate_PredicateList {
+	if x, ok := x.GetMatchType().(*Matcher_MatcherList_Predicate_AndMatcher); ok {
+		return x.AndMatcher
+	}
+	return nil
+}
+
+func (x *Matcher_MatcherList_Predicate) GetNotMatcher() *Matcher_MatcherList_Predicate {
+	if x, ok := x.GetMatchType().(*Matcher_MatcherList_Predicate_NotMatcher); ok {
+		return x.NotMatcher
+	}
+	return nil
+}
+
+type isMatcher_MatcherList_Predicate_MatchType interface {
+	isMatcher_MatcherList_Predicate_MatchType()
+}
+
+type Matcher_MatcherList_Predicate_SinglePredicate_ struct {
+	SinglePredicate *Matcher_MatcherList_Predicate_SinglePredicate `protobuf:"bytes,1,opt,name=single_predicate,json=singlePredicate,proto3,oneof"`
+}
+
+type Matcher_MatcherList_Predicate_OrMatcher struct {
+	OrMatcher *Matcher_MatcherList_Predicate_PredicateList `protobuf:"bytes,2,opt,name=or_matcher,json=orMatcher,proto3,oneof"`
+}
+
+type Matcher_MatcherList_Predicate_AndMatcher struct {
+	AndMatcher *Matcher_MatcherList_Predicate_PredicateList `protobuf:"bytes,3,opt,name=and_matcher,json=andMatcher,proto3,oneof"`
+}
+
+type Matcher_MatcherList_Predicate_NotMatcher struct {
+	NotMatcher *Matcher_MatcherList_Predicate `protobuf:"bytes,4,opt,name=not_matcher,json=notMatcher,proto3,oneof"`
+}
+
+func (*Matcher_MatcherList_Predicate_SinglePredicate_) isMatcher_MatcherList_Predicate_MatchType() {}
+
+func (*Matcher_MatcherList_Predicate_OrMatcher) isMatcher_MatcherList_Predicate_MatchType() {}
+
+func (*Matcher_MatcherList_Predicate_AndMatcher) isMatcher_MatcherList_Predicate_MatchType() {}
+
+func (*Matcher_MatcherList_Predicate_NotMatcher) isMatcher_MatcherList_Predicate_MatchType() {}
+
+type Matcher_MatcherList_FieldMatcher struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	Predicate *Matcher_MatcherList_Predicate `protobuf:"bytes,1,opt,name=predicate,proto3" json:"predicate,omitempty"`
+	OnMatch   *Matcher_OnMatch               `protobuf:"bytes,2,opt,name=on_match,json=onMatch,proto3" json:"on_match,omitempty"`
+}
+
+func (x *Matcher_MatcherList_FieldMatcher) Reset() {
+	*x = Matcher_MatcherList_FieldMatcher{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_xds_type_matcher_v3_matcher_proto_msgTypes[5]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *Matcher_MatcherList_FieldMatcher) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*Matcher_MatcherList_FieldMatcher) ProtoMessage() {}
+
+func (x *Matcher_MatcherList_FieldMatcher) ProtoReflect() protoreflect.Message {
+	mi := &file_xds_type_matcher_v3_matcher_proto_msgTypes[5]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use Matcher_MatcherList_FieldMatcher.ProtoReflect.Descriptor instead.
+func (*Matcher_MatcherList_FieldMatcher) Descriptor() ([]byte, []int) {
+	return file_xds_type_matcher_v3_matcher_proto_rawDescGZIP(), []int{0, 1, 1}
+}
+
+func (x *Matcher_MatcherList_FieldMatcher) GetPredicate() *Matcher_MatcherList_Predicate {
+	if x != nil {
+		return x.Predicate
+	}
+	return nil
+}
+
+func (x *Matcher_MatcherList_FieldMatcher) GetOnMatch() *Matcher_OnMatch {
+	if x != nil {
+		return x.OnMatch
+	}
+	return nil
+}
+
+type Matcher_MatcherList_Predicate_SinglePredicate struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	Input *v3.TypedExtensionConfig `protobuf:"bytes,1,opt,name=input,proto3" json:"input,omitempty"`
+	// Types that are assignable to Matcher:
+	//	*Matcher_MatcherList_Predicate_SinglePredicate_ValueMatch
+	//	*Matcher_MatcherList_Predicate_SinglePredicate_CustomMatch
+	Matcher isMatcher_MatcherList_Predicate_SinglePredicate_Matcher `protobuf_oneof:"matcher"`
+}
+
+func (x *Matcher_MatcherList_Predicate_SinglePredicate) Reset() {
+	*x = Matcher_MatcherList_Predicate_SinglePredicate{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_xds_type_matcher_v3_matcher_proto_msgTypes[6]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *Matcher_MatcherList_Predicate_SinglePredicate) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*Matcher_MatcherList_Predicate_SinglePredicate) ProtoMessage() {}
+
+func (x *Matcher_MatcherList_Predicate_SinglePredicate) ProtoReflect() protoreflect.Message {
+	mi := &file_xds_type_matcher_v3_matcher_proto_msgTypes[6]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use Matcher_MatcherList_Predicate_SinglePredicate.ProtoReflect.Descriptor instead.
+func (*Matcher_MatcherList_Predicate_SinglePredicate) Descriptor() ([]byte, []int) {
+	return file_xds_type_matcher_v3_matcher_proto_rawDescGZIP(), []int{0, 1, 0, 0}
+}
+
+func (x *Matcher_MatcherList_Predicate_SinglePredicate) GetInput() *v3.TypedExtensionConfig {
+	if x != nil {
+		return x.Input
+	}
+	return nil
+}
+
+func (m *Matcher_MatcherList_Predicate_SinglePredicate) GetMatcher() isMatcher_MatcherList_Predicate_SinglePredicate_Matcher {
+	if m != nil {
+		return m.Matcher
+	}
+	return nil
+}
+
+func (x *Matcher_MatcherList_Predicate_SinglePredicate) GetValueMatch() *StringMatcher {
+	if x, ok := x.GetMatcher().(*Matcher_MatcherList_Predicate_SinglePredicate_ValueMatch); ok {
+		return x.ValueMatch
+	}
+	return nil
+}
+
+func (x *Matcher_MatcherList_Predicate_SinglePredicate) GetCustomMatch() *v3.TypedExtensionConfig {
+	if x, ok := x.GetMatcher().(*Matcher_MatcherList_Predicate_SinglePredicate_CustomMatch); ok {
+		return x.CustomMatch
+	}
+	return nil
+}
+
+type isMatcher_MatcherList_Predicate_SinglePredicate_Matcher interface {
+	isMatcher_MatcherList_Predicate_SinglePredicate_Matcher()
+}
+
+type Matcher_MatcherList_Predicate_SinglePredicate_ValueMatch struct {
+	ValueMatch *StringMatcher `protobuf:"bytes,2,opt,name=value_match,json=valueMatch,proto3,oneof"`
+}
+
+type Matcher_MatcherList_Predicate_SinglePredicate_CustomMatch struct {
+	CustomMatch *v3.TypedExtensionConfig `protobuf:"bytes,3,opt,name=custom_match,json=customMatch,proto3,oneof"`
+}
+
+func (*Matcher_MatcherList_Predicate_SinglePredicate_ValueMatch) isMatcher_MatcherList_Predicate_SinglePredicate_Matcher() {
+}
+
+func (*Matcher_MatcherList_Predicate_SinglePredicate_CustomMatch) isMatcher_MatcherList_Predicate_SinglePredicate_Matcher() {
+}
+
+type Matcher_MatcherList_Predicate_PredicateList struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	Predicate []*Matcher_MatcherList_Predicate `protobuf:"bytes,1,rep,name=predicate,proto3" json:"predicate,omitempty"`
+}
+
+func (x *Matcher_MatcherList_Predicate_PredicateList) Reset() {
+	*x = Matcher_MatcherList_Predicate_PredicateList{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_xds_type_matcher_v3_matcher_proto_msgTypes[7]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *Matcher_MatcherList_Predicate_PredicateList) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*Matcher_MatcherList_Predicate_PredicateList) ProtoMessage() {}
+
+func (x *Matcher_MatcherList_Predicate_PredicateList) ProtoReflect() protoreflect.Message {
+	mi := &file_xds_type_matcher_v3_matcher_proto_msgTypes[7]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use Matcher_MatcherList_Predicate_PredicateList.ProtoReflect.Descriptor instead.
+func (*Matcher_MatcherList_Predicate_PredicateList) Descriptor() ([]byte, []int) {
+	return file_xds_type_matcher_v3_matcher_proto_rawDescGZIP(), []int{0, 1, 0, 1}
+}
+
+func (x *Matcher_MatcherList_Predicate_PredicateList) GetPredicate() []*Matcher_MatcherList_Predicate {
+	if x != nil {
+		return x.Predicate
+	}
+	return nil
+}
+
+type Matcher_MatcherTree_MatchMap struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	Map map[string]*Matcher_OnMatch `protobuf:"bytes,1,rep,name=map,proto3" json:"map,omitempty" protobuf_key:"bytes,1,opt,name=key,proto3" protobuf_val:"bytes,2,opt,name=value,proto3"`
+}
+
+func (x *Matcher_MatcherTree_MatchMap) Reset() {
+	*x = Matcher_MatcherTree_MatchMap{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_xds_type_matcher_v3_matcher_proto_msgTypes[8]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *Matcher_MatcherTree_MatchMap) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*Matcher_MatcherTree_MatchMap) ProtoMessage() {}
+
+func (x *Matcher_MatcherTree_MatchMap) ProtoReflect() protoreflect.Message {
+	mi := &file_xds_type_matcher_v3_matcher_proto_msgTypes[8]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use Matcher_MatcherTree_MatchMap.ProtoReflect.Descriptor instead.
+func (*Matcher_MatcherTree_MatchMap) Descriptor() ([]byte, []int) {
+	return file_xds_type_matcher_v3_matcher_proto_rawDescGZIP(), []int{0, 2, 0}
+}
+
+func (x *Matcher_MatcherTree_MatchMap) GetMap() map[string]*Matcher_OnMatch {
+	if x != nil {
+		return x.Map
+	}
+	return nil
+}
+
+var File_xds_type_matcher_v3_matcher_proto protoreflect.FileDescriptor
+
+var file_xds_type_matcher_v3_matcher_proto_rawDesc = []byte{
+	0x0a, 0x21, 0x78, 0x64, 0x73, 0x2f, 0x74, 0x79, 0x70, 0x65, 0x2f, 0x6d, 0x61, 0x74, 0x63, 0x68,
+	0x65, 0x72, 0x2f, 0x76, 0x33, 0x2f, 0x6d, 0x61, 0x74, 0x63, 0x68, 0x65, 0x72, 0x2e, 0x70, 0x72,
+	0x6f, 0x74, 0x6f, 0x12, 0x13, 0x78, 0x64, 0x73, 0x2e, 0x74, 0x79, 0x70, 0x65, 0x2e, 0x6d, 0x61,
+	0x74, 0x63, 0x68, 0x65, 0x72, 0x2e, 0x76, 0x33, 0x1a, 0x1f, 0x78, 0x64, 0x73, 0x2f, 0x61, 0x6e,
+	0x6e, 0x6f, 0x74, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x2f, 0x76, 0x33, 0x2f, 0x73, 0x74, 0x61,
+	0x74, 0x75, 0x73, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x1b, 0x78, 0x64, 0x73, 0x2f, 0x63,
+	0x6f, 0x72, 0x65, 0x2f, 0x76, 0x33, 0x2f, 0x65, 0x78, 0x74, 0x65, 0x6e, 0x73, 0x69, 0x6f, 0x6e,
+	0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x20, 0x78, 0x64, 0x73, 0x2f, 0x74, 0x79, 0x70, 0x65,
+	0x2f, 0x6d, 0x61, 0x74, 0x63, 0x68, 0x65, 0x72, 0x2f, 0x76, 0x33, 0x2f, 0x73, 0x74, 0x72, 0x69,
+	0x6e, 0x67, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x17, 0x76, 0x61, 0x6c, 0x69, 0x64, 0x61,
+	0x74, 0x65, 0x2f, 0x76, 0x61, 0x6c, 0x69, 0x64, 0x61, 0x74, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74,
+	0x6f, 0x22, 0x85, 0x10, 0x0a, 0x07, 0x4d, 0x61, 0x74, 0x63, 0x68, 0x65, 0x72, 0x12, 0x4d, 0x0a,
+	0x0c, 0x6d, 0x61, 0x74, 0x63, 0x68, 0x65, 0x72, 0x5f, 0x6c, 0x69, 0x73, 0x74, 0x18, 0x01, 0x20,
+	0x01, 0x28, 0x0b, 0x32, 0x28, 0x2e, 0x78, 0x64, 0x73, 0x2e, 0x74, 0x79, 0x70, 0x65, 0x2e, 0x6d,
+	0x61, 0x74, 0x63, 0x68, 0x65, 0x72, 0x2e, 0x76, 0x33, 0x2e, 0x4d, 0x61, 0x74, 0x63, 0x68, 0x65,
+	0x72, 0x2e, 0x4d, 0x61, 0x74, 0x63, 0x68, 0x65, 0x72, 0x4c, 0x69, 0x73, 0x74, 0x48, 0x00, 0x52,
+	0x0b, 0x6d, 0x61, 0x74, 0x63, 0x68, 0x65, 0x72, 0x4c, 0x69, 0x73, 0x74, 0x12, 0x4d, 0x0a, 0x0c,
+	0x6d, 0x61, 0x74, 0x63, 0x68, 0x65, 0x72, 0x5f, 0x74, 0x72, 0x65, 0x65, 0x18, 0x02, 0x20, 0x01,
+	0x28, 0x0b, 0x32, 0x28, 0x2e, 0x78, 0x64, 0x73, 0x2e, 0x74, 0x79, 0x70, 0x65, 0x2e, 0x6d, 0x61,
+	0x74, 0x63, 0x68, 0x65, 0x72, 0x2e, 0x76, 0x33, 0x2e, 0x4d, 0x61, 0x74, 0x63, 0x68, 0x65, 0x72,
+	0x2e, 0x4d, 0x61, 0x74, 0x63, 0x68, 0x65, 0x72, 0x54, 0x72, 0x65, 0x65, 0x48, 0x00, 0x52, 0x0b,
+	0x6d, 0x61, 0x74, 0x63, 0x68, 0x65, 0x72, 0x54, 0x72, 0x65, 0x65, 0x12, 0x44, 0x0a, 0x0b, 0x6f,
+	0x6e, 0x5f, 0x6e, 0x6f, 0x5f, 0x6d, 0x61, 0x74, 0x63, 0x68, 0x18, 0x03, 0x20, 0x01, 0x28, 0x0b,
+	0x32, 0x24, 0x2e, 0x78, 0x64, 0x73, 0x2e, 0x74, 0x79, 0x70, 0x65, 0x2e, 0x6d, 0x61, 0x74, 0x63,
+	0x68, 0x65, 0x72, 0x2e, 0x76, 0x33, 0x2e, 0x4d, 0x61, 0x74, 0x63, 0x68, 0x65, 0x72, 0x2e, 0x4f,
+	0x6e, 0x4d, 0x61, 0x74, 0x63, 0x68, 0x52, 0x09, 0x6f, 0x6e, 0x4e, 0x6f, 0x4d, 0x61, 0x74, 0x63,
+	0x68, 0x1a, 0x91, 0x01, 0x0a, 0x07, 0x4f, 0x6e, 0x4d, 0x61, 0x74, 0x63, 0x68, 0x12, 0x38, 0x0a,
+	0x07, 0x6d, 0x61, 0x74, 0x63, 0x68, 0x65, 0x72, 0x18, 0x01, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1c,
+	0x2e, 0x78, 0x64, 0x73, 0x2e, 0x74, 0x79, 0x70, 0x65, 0x2e, 0x6d, 0x61, 0x74, 0x63, 0x68, 0x65,
+	0x72, 0x2e, 0x76, 0x33, 0x2e, 0x4d, 0x61, 0x74, 0x63, 0x68, 0x65, 0x72, 0x48, 0x00, 0x52, 0x07,
+	0x6d, 0x61, 0x74, 0x63, 0x68, 0x65, 0x72, 0x12, 0x3b, 0x0a, 0x06, 0x61, 0x63, 0x74, 0x69, 0x6f,
+	0x6e, 0x18, 0x02, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x21, 0x2e, 0x78, 0x64, 0x73, 0x2e, 0x63, 0x6f,
+	0x72, 0x65, 0x2e, 0x76, 0x33, 0x2e, 0x54, 0x79, 0x70, 0x65, 0x64, 0x45, 0x78, 0x74, 0x65, 0x6e,
+	0x73, 0x69, 0x6f, 0x6e, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x48, 0x00, 0x52, 0x06, 0x61, 0x63,
+	0x74, 0x69, 0x6f, 0x6e, 0x42, 0x0f, 0x0a, 0x08, 0x6f, 0x6e, 0x5f, 0x6d, 0x61, 0x74, 0x63, 0x68,
+	0x12, 0x03, 0xf8, 0x42, 0x01, 0x1a, 0xb6, 0x08, 0x0a, 0x0b, 0x4d, 0x61, 0x74, 0x63, 0x68, 0x65,
+	0x72, 0x4c, 0x69, 0x73, 0x74, 0x12, 0x5b, 0x0a, 0x08, 0x6d, 0x61, 0x74, 0x63, 0x68, 0x65, 0x72,
+	0x73, 0x18, 0x01, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x35, 0x2e, 0x78, 0x64, 0x73, 0x2e, 0x74, 0x79,
+	0x70, 0x65, 0x2e, 0x6d, 0x61, 0x74, 0x63, 0x68, 0x65, 0x72, 0x2e, 0x76, 0x33, 0x2e, 0x4d, 0x61,
+	0x74, 0x63, 0x68, 0x65, 0x72, 0x2e, 0x4d, 0x61, 0x74, 0x63, 0x68, 0x65, 0x72, 0x4c, 0x69, 0x73,
+	0x74, 0x2e, 0x46, 0x69, 0x65, 0x6c, 0x64, 0x4d, 0x61, 0x74, 0x63, 0x68, 0x65, 0x72, 0x42, 0x08,
+	0xfa, 0x42, 0x05, 0x92, 0x01, 0x02, 0x08, 0x01, 0x52, 0x08, 0x6d, 0x61, 0x74, 0x63, 0x68, 0x65,
+	0x72, 0x73, 0x1a, 0x91, 0x06, 0x0a, 0x09, 0x50, 0x72, 0x65, 0x64, 0x69, 0x63, 0x61, 0x74, 0x65,
+	0x12, 0x6f, 0x0a, 0x10, 0x73, 0x69, 0x6e, 0x67, 0x6c, 0x65, 0x5f, 0x70, 0x72, 0x65, 0x64, 0x69,
+	0x63, 0x61, 0x74, 0x65, 0x18, 0x01, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x42, 0x2e, 0x78, 0x64, 0x73,
+	0x2e, 0x74, 0x79, 0x70, 0x65, 0x2e, 0x6d, 0x61, 0x74, 0x63, 0x68, 0x65, 0x72, 0x2e, 0x76, 0x33,
+	0x2e, 0x4d, 0x61, 0x74, 0x63, 0x68, 0x65, 0x72, 0x2e, 0x4d, 0x61, 0x74, 0x63, 0x68, 0x65, 0x72,
+	0x4c, 0x69, 0x73, 0x74, 0x2e, 0x50, 0x72, 0x65, 0x64, 0x69, 0x63, 0x61, 0x74, 0x65, 0x2e, 0x53,
+	0x69, 0x6e, 0x67, 0x6c, 0x65, 0x50, 0x72, 0x65, 0x64, 0x69, 0x63, 0x61, 0x74, 0x65, 0x48, 0x00,
+	0x52, 0x0f, 0x73, 0x69, 0x6e, 0x67, 0x6c, 0x65, 0x50, 0x72, 0x65, 0x64, 0x69, 0x63, 0x61, 0x74,
+	0x65, 0x12, 0x61, 0x0a, 0x0a, 0x6f, 0x72, 0x5f, 0x6d, 0x61, 0x74, 0x63, 0x68, 0x65, 0x72, 0x18,
+	0x02, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x40, 0x2e, 0x78, 0x64, 0x73, 0x2e, 0x74, 0x79, 0x70, 0x65,
+	0x2e, 0x6d, 0x61, 0x74, 0x63, 0x68, 0x65, 0x72, 0x2e, 0x76, 0x33, 0x2e, 0x4d, 0x61, 0x74, 0x63,
+	0x68, 0x65, 0x72, 0x2e, 0x4d, 0x61, 0x74, 0x63, 0x68, 0x65, 0x72, 0x4c, 0x69, 0x73, 0x74, 0x2e,
+	0x50, 0x72, 0x65, 0x64, 0x69, 0x63, 0x61, 0x74, 0x65, 0x2e, 0x50, 0x72, 0x65, 0x64, 0x69, 0x63,
+	0x61, 0x74, 0x65, 0x4c, 0x69, 0x73, 0x74, 0x48, 0x00, 0x52, 0x09, 0x6f, 0x72, 0x4d, 0x61, 0x74,
+	0x63, 0x68, 0x65, 0x72, 0x12, 0x63, 0x0a, 0x0b, 0x61, 0x6e, 0x64, 0x5f, 0x6d, 0x61, 0x74, 0x63,
+	0x68, 0x65, 0x72, 0x18, 0x03, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x40, 0x2e, 0x78, 0x64, 0x73, 0x2e,
+	0x74, 0x79, 0x70, 0x65, 0x2e, 0x6d, 0x61, 0x74, 0x63, 0x68, 0x65, 0x72, 0x2e, 0x76, 0x33, 0x2e,
+	0x4d, 0x61, 0x74, 0x63, 0x68, 0x65, 0x72, 0x2e, 0x4d, 0x61, 0x74, 0x63, 0x68, 0x65, 0x72, 0x4c,
+	0x69, 0x73, 0x74, 0x2e, 0x50, 0x72, 0x65, 0x64, 0x69, 0x63, 0x61, 0x74, 0x65, 0x2e, 0x50, 0x72,
+	0x65, 0x64, 0x69, 0x63, 0x61, 0x74, 0x65, 0x4c, 0x69, 0x73, 0x74, 0x48, 0x00, 0x52, 0x0a, 0x61,
+	0x6e, 0x64, 0x4d, 0x61, 0x74, 0x63, 0x68, 0x65, 0x72, 0x12, 0x55, 0x0a, 0x0b, 0x6e, 0x6f, 0x74,
+	0x5f, 0x6d, 0x61, 0x74, 0x63, 0x68, 0x65, 0x72, 0x18, 0x04, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x32,
+	0x2e, 0x78, 0x64, 0x73, 0x2e, 0x74, 0x79, 0x70, 0x65, 0x2e, 0x6d, 0x61, 0x74, 0x63, 0x68, 0x65,
+	0x72, 0x2e, 0x76, 0x33, 0x2e, 0x4d, 0x61, 0x74, 0x63, 0x68, 0x65, 0x72, 0x2e, 0x4d, 0x61, 0x74,
+	0x63, 0x68, 0x65, 0x72, 0x4c, 0x69, 0x73, 0x74, 0x2e, 0x50, 0x72, 0x65, 0x64, 0x69, 0x63, 0x61,
+	0x74, 0x65, 0x48, 0x00, 0x52, 0x0a, 0x6e, 0x6f, 0x74, 0x4d, 0x61, 0x74, 0x63, 0x68, 0x65, 0x72,
+	0x1a, 0xf3, 0x01, 0x0a, 0x0f, 0x53, 0x69, 0x6e, 0x67, 0x6c, 0x65, 0x50, 0x72, 0x65, 0x64, 0x69,
+	0x63, 0x61, 0x74, 0x65, 0x12, 0x41, 0x0a, 0x05, 0x69, 0x6e, 0x70, 0x75, 0x74, 0x18, 0x01, 0x20,
+	0x01, 0x28, 0x0b, 0x32, 0x21, 0x2e, 0x78, 0x64, 0x73, 0x2e, 0x63, 0x6f, 0x72, 0x65, 0x2e, 0x76,
+	0x33, 0x2e, 0x54, 0x79, 0x70, 0x65, 0x64, 0x45, 0x78, 0x74, 0x65, 0x6e, 0x73, 0x69, 0x6f, 0x6e,
+	0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x42, 0x08, 0xfa, 0x42, 0x05, 0x8a, 0x01, 0x02, 0x10, 0x01,
+	0x52, 0x05, 0x69, 0x6e, 0x70, 0x75, 0x74, 0x12, 0x45, 0x0a, 0x0b, 0x76, 0x61, 0x6c, 0x75, 0x65,
+	0x5f, 0x6d, 0x61, 0x74, 0x63, 0x68, 0x18, 0x02, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x22, 0x2e, 0x78,
+	0x64, 0x73, 0x2e, 0x74, 0x79, 0x70, 0x65, 0x2e, 0x6d, 0x61, 0x74, 0x63, 0x68, 0x65, 0x72, 0x2e,
+	0x76, 0x33, 0x2e, 0x53, 0x74, 0x72, 0x69, 0x6e, 0x67, 0x4d, 0x61, 0x74, 0x63, 0x68, 0x65, 0x72,
+	0x48, 0x00, 0x52, 0x0a, 0x76, 0x61, 0x6c, 0x75, 0x65, 0x4d, 0x61, 0x74, 0x63, 0x68, 0x12, 0x46,
+	0x0a, 0x0c, 0x63, 0x75, 0x73, 0x74, 0x6f, 0x6d, 0x5f, 0x6d, 0x61, 0x74, 0x63, 0x68, 0x18, 0x03,
+	0x20, 0x01, 0x28, 0x0b, 0x32, 0x21, 0x2e, 0x78, 0x64, 0x73, 0x2e, 0x63, 0x6f, 0x72, 0x65, 0x2e,
+	0x76, 0x33, 0x2e, 0x54, 0x79, 0x70, 0x65, 0x64, 0x45, 0x78, 0x74, 0x65, 0x6e, 0x73, 0x69, 0x6f,
+	0x6e, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x48, 0x00, 0x52, 0x0b, 0x63, 0x75, 0x73, 0x74, 0x6f,
+	0x6d, 0x4d, 0x61, 0x74, 0x63, 0x68, 0x42, 0x0e, 0x0a, 0x07, 0x6d, 0x61, 0x74, 0x63, 0x68, 0x65,
+	0x72, 0x12, 0x03, 0xf8, 0x42, 0x01, 0x1a, 0x6b, 0x0a, 0x0d, 0x50, 0x72, 0x65, 0x64, 0x69, 0x63,
+	0x61, 0x74, 0x65, 0x4c, 0x69, 0x73, 0x74, 0x12, 0x5a, 0x0a, 0x09, 0x70, 0x72, 0x65, 0x64, 0x69,
+	0x63, 0x61, 0x74, 0x65, 0x18, 0x01, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x32, 0x2e, 0x78, 0x64, 0x73,
+	0x2e, 0x74, 0x79, 0x70, 0x65, 0x2e, 0x6d, 0x61, 0x74, 0x63, 0x68, 0x65, 0x72, 0x2e, 0x76, 0x33,
+	0x2e, 0x4d, 0x61, 0x74, 0x63, 0x68, 0x65, 0x72, 0x2e, 0x4d, 0x61, 0x74, 0x63, 0x68, 0x65, 0x72,
+	0x4c, 0x69, 0x73, 0x74, 0x2e, 0x50, 0x72, 0x65, 0x64, 0x69, 0x63, 0x61, 0x74, 0x65, 0x42, 0x08,
+	0xfa, 0x42, 0x05, 0x92, 0x01, 0x02, 0x08, 0x02, 0x52, 0x09, 0x70, 0x72, 0x65, 0x64, 0x69, 0x63,
+	0x61, 0x74, 0x65, 0x42, 0x11, 0x0a, 0x0a, 0x6d, 0x61, 0x74, 0x63, 0x68, 0x5f, 0x74, 0x79, 0x70,
+	0x65, 0x12, 0x03, 0xf8, 0x42, 0x01, 0x1a, 0xb5, 0x01, 0x0a, 0x0c, 0x46, 0x69, 0x65, 0x6c, 0x64,
+	0x4d, 0x61, 0x74, 0x63, 0x68, 0x65, 0x72, 0x12, 0x5a, 0x0a, 0x09, 0x70, 0x72, 0x65, 0x64, 0x69,
+	0x63, 0x61, 0x74, 0x65, 0x18, 0x01, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x32, 0x2e, 0x78, 0x64, 0x73,
+	0x2e, 0x74, 0x79, 0x70, 0x65, 0x2e, 0x6d, 0x61, 0x74, 0x63, 0x68, 0x65, 0x72, 0x2e, 0x76, 0x33,
+	0x2e, 0x4d, 0x61, 0x74, 0x63, 0x68, 0x65, 0x72, 0x2e, 0x4d, 0x61, 0x74, 0x63, 0x68, 0x65, 0x72,
+	0x4c, 0x69, 0x73, 0x74, 0x2e, 0x50, 0x72, 0x65, 0x64, 0x69, 0x63, 0x61, 0x74, 0x65, 0x42, 0x08,
+	0xfa, 0x42, 0x05, 0x8a, 0x01, 0x02, 0x10, 0x01, 0x52, 0x09, 0x70, 0x72, 0x65, 0x64, 0x69, 0x63,
+	0x61, 0x74, 0x65, 0x12, 0x49, 0x0a, 0x08, 0x6f, 0x6e, 0x5f, 0x6d, 0x61, 0x74, 0x63, 0x68, 0x18,
+	0x02, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x24, 0x2e, 0x78, 0x64, 0x73, 0x2e, 0x74, 0x79, 0x70, 0x65,
+	0x2e, 0x6d, 0x61, 0x74, 0x63, 0x68, 0x65, 0x72, 0x2e, 0x76, 0x33, 0x2e, 0x4d, 0x61, 0x74, 0x63,
+	0x68, 0x65, 0x72, 0x2e, 0x4f, 0x6e, 0x4d, 0x61, 0x74, 0x63, 0x68, 0x42, 0x08, 0xfa, 0x42, 0x05,
+	0x8a, 0x01, 0x02, 0x10, 0x01, 0x52, 0x07, 0x6f, 0x6e, 0x4d, 0x61, 0x74, 0x63, 0x68, 0x1a, 0xa9,
+	0x04, 0x0a, 0x0b, 0x4d, 0x61, 0x74, 0x63, 0x68, 0x65, 0x72, 0x54, 0x72, 0x65, 0x65, 0x12, 0x41,
+	0x0a, 0x05, 0x69, 0x6e, 0x70, 0x75, 0x74, 0x18, 0x01, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x21, 0x2e,
+	0x78, 0x64, 0x73, 0x2e, 0x63, 0x6f, 0x72, 0x65, 0x2e, 0x76, 0x33, 0x2e, 0x54, 0x79, 0x70, 0x65,
+	0x64, 0x45, 0x78, 0x74, 0x65, 0x6e, 0x73, 0x69, 0x6f, 0x6e, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67,
+	0x42, 0x08, 0xfa, 0x42, 0x05, 0x8a, 0x01, 0x02, 0x10, 0x01, 0x52, 0x05, 0x69, 0x6e, 0x70, 0x75,
+	0x74, 0x12, 0x5b, 0x0a, 0x0f, 0x65, 0x78, 0x61, 0x63, 0x74, 0x5f, 0x6d, 0x61, 0x74, 0x63, 0x68,
+	0x5f, 0x6d, 0x61, 0x70, 0x18, 0x02, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x31, 0x2e, 0x78, 0x64, 0x73,
+	0x2e, 0x74, 0x79, 0x70, 0x65, 0x2e, 0x6d, 0x61, 0x74, 0x63, 0x68, 0x65, 0x72, 0x2e, 0x76, 0x33,
+	0x2e, 0x4d, 0x61, 0x74, 0x63, 0x68, 0x65, 0x72, 0x2e, 0x4d, 0x61, 0x74, 0x63, 0x68, 0x65, 0x72,
+	0x54, 0x72, 0x65, 0x65, 0x2e, 0x4d, 0x61, 0x74, 0x63, 0x68, 0x4d, 0x61, 0x70, 0x48, 0x00, 0x52,
+	0x0d, 0x65, 0x78, 0x61, 0x63, 0x74, 0x4d, 0x61, 0x74, 0x63, 0x68, 0x4d, 0x61, 0x70, 0x12, 0x5d,
+	0x0a, 0x10, 0x70, 0x72, 0x65, 0x66, 0x69, 0x78, 0x5f, 0x6d, 0x61, 0x74, 0x63, 0x68, 0x5f, 0x6d,
+	0x61, 0x70, 0x18, 0x03, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x31, 0x2e, 0x78, 0x64, 0x73, 0x2e, 0x74,
+	0x79, 0x70, 0x65, 0x2e, 0x6d, 0x61, 0x74, 0x63, 0x68, 0x65, 0x72, 0x2e, 0x76, 0x33, 0x2e, 0x4d,
+	0x61, 0x74, 0x63, 0x68, 0x65, 0x72, 0x2e, 0x4d, 0x61, 0x74, 0x63, 0x68, 0x65, 0x72, 0x54, 0x72,
+	0x65, 0x65, 0x2e, 0x4d, 0x61, 0x74, 0x63, 0x68, 0x4d, 0x61, 0x70, 0x48, 0x00, 0x52, 0x0e, 0x70,
+	0x72, 0x65, 0x66, 0x69, 0x78, 0x4d, 0x61, 0x74, 0x63, 0x68, 0x4d, 0x61, 0x70, 0x12, 0x46, 0x0a,
+	0x0c, 0x63, 0x75, 0x73, 0x74, 0x6f, 0x6d, 0x5f, 0x6d, 0x61, 0x74, 0x63, 0x68, 0x18, 0x04, 0x20,
+	0x01, 0x28, 0x0b, 0x32, 0x21, 0x2e, 0x78, 0x64, 0x73, 0x2e, 0x63, 0x6f, 0x72, 0x65, 0x2e, 0x76,
+	0x33, 0x2e, 0x54, 0x79, 0x70, 0x65, 0x64, 0x45, 0x78, 0x74, 0x65, 0x6e, 0x73, 0x69, 0x6f, 0x6e,
+	0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x48, 0x00, 0x52, 0x0b, 0x63, 0x75, 0x73, 0x74, 0x6f, 0x6d,
+	0x4d, 0x61, 0x74, 0x63, 0x68, 0x1a, 0xc0, 0x01, 0x0a, 0x08, 0x4d, 0x61, 0x74, 0x63, 0x68, 0x4d,
+	0x61, 0x70, 0x12, 0x56, 0x0a, 0x03, 0x6d, 0x61, 0x70, 0x18, 0x01, 0x20, 0x03, 0x28, 0x0b, 0x32,
+	0x3a, 0x2e, 0x78, 0x64, 0x73, 0x2e, 0x74, 0x79, 0x70, 0x65, 0x2e, 0x6d, 0x61, 0x74, 0x63, 0x68,
+	0x65, 0x72, 0x2e, 0x76, 0x33, 0x2e, 0x4d, 0x61, 0x74, 0x63, 0x68, 0x65, 0x72, 0x2e, 0x4d, 0x61,
+	0x74, 0x63, 0x68, 0x65, 0x72, 0x54, 0x72, 0x65, 0x65, 0x2e, 0x4d, 0x61, 0x74, 0x63, 0x68, 0x4d,
+	0x61, 0x70, 0x2e, 0x4d, 0x61, 0x70, 0x45, 0x6e, 0x74, 0x72, 0x79, 0x42, 0x08, 0xfa, 0x42, 0x05,
+	0x9a, 0x01, 0x02, 0x08, 0x01, 0x52, 0x03, 0x6d, 0x61, 0x70, 0x1a, 0x5c, 0x0a, 0x08, 0x4d, 0x61,
+	0x70, 0x45, 0x6e, 0x74, 0x72, 0x79, 0x12, 0x10, 0x0a, 0x03, 0x6b, 0x65, 0x79, 0x18, 0x01, 0x20,
+	0x01, 0x28, 0x09, 0x52, 0x03, 0x6b, 0x65, 0x79, 0x12, 0x3a, 0x0a, 0x05, 0x76, 0x61, 0x6c, 0x75,
+	0x65, 0x18, 0x02, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x24, 0x2e, 0x78, 0x64, 0x73, 0x2e, 0x74, 0x79,
+	0x70, 0x65, 0x2e, 0x6d, 0x61, 0x74, 0x63, 0x68, 0x65, 0x72, 0x2e, 0x76, 0x33, 0x2e, 0x4d, 0x61,
+	0x74, 0x63, 0x68, 0x65, 0x72, 0x2e, 0x4f, 0x6e, 0x4d, 0x61, 0x74, 0x63, 0x68, 0x52, 0x05, 0x76,
+	0x61, 0x6c, 0x75, 0x65, 0x3a, 0x02, 0x38, 0x01, 0x42, 0x10, 0x0a, 0x09, 0x74, 0x72, 0x65, 0x65,
+	0x5f, 0x74, 0x79, 0x70, 0x65, 0x12, 0x03, 0xf8, 0x42, 0x01, 0x3a, 0x08, 0xd2, 0xc6, 0xa4, 0xe1,
+	0x06, 0x02, 0x08, 0x01, 0x42, 0x13, 0x0a, 0x0c, 0x6d, 0x61, 0x74, 0x63, 0x68, 0x65, 0x72, 0x5f,
+	0x74, 0x79, 0x70, 0x65, 0x12, 0x03, 0xf8, 0x42, 0x01, 0x42, 0x30, 0x0a, 0x1e, 0x63, 0x6f, 0x6d,
+	0x2e, 0x67, 0x69, 0x74, 0x68, 0x75, 0x62, 0x2e, 0x78, 0x64, 0x73, 0x2e, 0x74, 0x79, 0x70, 0x65,
+	0x2e, 0x6d, 0x61, 0x74, 0x63, 0x68, 0x65, 0x72, 0x2e, 0x76, 0x33, 0x42, 0x0c, 0x4d, 0x61, 0x74,
+	0x63, 0x68, 0x65, 0x72, 0x50, 0x72, 0x6f, 0x74, 0x6f, 0x50, 0x01, 0x62, 0x06, 0x70, 0x72, 0x6f,
+	0x74, 0x6f, 0x33,
+}
+
+var (
+	file_xds_type_matcher_v3_matcher_proto_rawDescOnce sync.Once
+	file_xds_type_matcher_v3_matcher_proto_rawDescData = file_xds_type_matcher_v3_matcher_proto_rawDesc
+)
+
+func file_xds_type_matcher_v3_matcher_proto_rawDescGZIP() []byte {
+	file_xds_type_matcher_v3_matcher_proto_rawDescOnce.Do(func() {
+		file_xds_type_matcher_v3_matcher_proto_rawDescData = protoimpl.X.CompressGZIP(file_xds_type_matcher_v3_matcher_proto_rawDescData)
+	})
+	return file_xds_type_matcher_v3_matcher_proto_rawDescData
+}
+
+var file_xds_type_matcher_v3_matcher_proto_msgTypes = make([]protoimpl.MessageInfo, 10)
+var file_xds_type_matcher_v3_matcher_proto_goTypes = []interface{}{
+	(*Matcher)(nil),                                       // 0: xds.type.matcher.v3.Matcher
+	(*Matcher_OnMatch)(nil),                               // 1: xds.type.matcher.v3.Matcher.OnMatch
+	(*Matcher_MatcherList)(nil),                           // 2: xds.type.matcher.v3.Matcher.MatcherList
+	(*Matcher_MatcherTree)(nil),                           // 3: xds.type.matcher.v3.Matcher.MatcherTree
+	(*Matcher_MatcherList_Predicate)(nil),                 // 4: xds.type.matcher.v3.Matcher.MatcherList.Predicate
+	(*Matcher_MatcherList_FieldMatcher)(nil),              // 5: xds.type.matcher.v3.Matcher.MatcherList.FieldMatcher
+	(*Matcher_MatcherList_Predicate_SinglePredicate)(nil), // 6: xds.type.matcher.v3.Matcher.MatcherList.Predicate.SinglePredicate
+	(*Matcher_MatcherList_Predicate_PredicateList)(nil),   // 7: xds.type.matcher.v3.Matcher.MatcherList.Predicate.PredicateList
+	(*Matcher_MatcherTree_MatchMap)(nil),                  // 8: xds.type.matcher.v3.Matcher.MatcherTree.MatchMap
+	nil,                                                   // 9: xds.type.matcher.v3.Matcher.MatcherTree.MatchMap.MapEntry
+	(*v3.TypedExtensionConfig)(nil),                       // 10: xds.core.v3.TypedExtensionConfig
+	(*StringMatcher)(nil),                                 // 11: xds.type.matcher.v3.StringMatcher
+}
+var file_xds_type_matcher_v3_matcher_proto_depIdxs = []int32{
+	2,  // 0: xds.type.matcher.v3.Matcher.matcher_list:type_name -> xds.type.matcher.v3.Matcher.MatcherList
+	3,  // 1: xds.type.matcher.v3.Matcher.matcher_tree:type_name -> xds.type.matcher.v3.Matcher.MatcherTree
+	1,  // 2: xds.type.matcher.v3.Matcher.on_no_match:type_name -> xds.type.matcher.v3.Matcher.OnMatch
+	0,  // 3: xds.type.matcher.v3.Matcher.OnMatch.matcher:type_name -> xds.type.matcher.v3.Matcher
+	10, // 4: xds.type.matcher.v3.Matcher.OnMatch.action:type_name -> xds.core.v3.TypedExtensionConfig
+	5,  // 5: xds.type.matcher.v3.Matcher.MatcherList.matchers:type_name -> xds.type.matcher.v3.Matcher.MatcherList.FieldMatcher
+	10, // 6: xds.type.matcher.v3.Matcher.MatcherTree.input:type_name -> xds.core.v3.TypedExtensionConfig
+	8,  // 7: xds.type.matcher.v3.Matcher.MatcherTree.exact_match_map:type_name -> xds.type.matcher.v3.Matcher.MatcherTree.MatchMap
+	8,  // 8: xds.type.matcher.v3.Matcher.MatcherTree.prefix_match_map:type_name -> xds.type.matcher.v3.Matcher.MatcherTree.MatchMap
+	10, // 9: xds.type.matcher.v3.Matcher.MatcherTree.custom_match:type_name -> xds.core.v3.TypedExtensionConfig
+	6,  // 10: xds.type.matcher.v3.Matcher.MatcherList.Predicate.single_predicate:type_name -> xds.type.matcher.v3.Matcher.MatcherList.Predicate.SinglePredicate
+	7,  // 11: xds.type.matcher.v3.Matcher.MatcherList.Predicate.or_matcher:type_name -> xds.type.matcher.v3.Matcher.MatcherList.Predicate.PredicateList
+	7,  // 12: xds.type.matcher.v3.Matcher.MatcherList.Predicate.and_matcher:type_name -> xds.type.matcher.v3.Matcher.MatcherList.Predicate.PredicateList
+	4,  // 13: xds.type.matcher.v3.Matcher.MatcherList.Predicate.not_matcher:type_name -> xds.type.matcher.v3.Matcher.MatcherList.Predicate
+	4,  // 14: xds.type.matcher.v3.Matcher.MatcherList.FieldMatcher.predicate:type_name -> xds.type.matcher.v3.Matcher.MatcherList.Predicate
+	1,  // 15: xds.type.matcher.v3.Matcher.MatcherList.FieldMatcher.on_match:type_name -> xds.type.matcher.v3.Matcher.OnMatch
+	10, // 16: xds.type.matcher.v3.Matcher.MatcherList.Predicate.SinglePredicate.input:type_name -> xds.core.v3.TypedExtensionConfig
+	11, // 17: xds.type.matcher.v3.Matcher.MatcherList.Predicate.SinglePredicate.value_match:type_name -> xds.type.matcher.v3.StringMatcher
+	10, // 18: xds.type.matcher.v3.Matcher.MatcherList.Predicate.SinglePredicate.custom_match:type_name -> xds.core.v3.TypedExtensionConfig
+	4,  // 19: xds.type.matcher.v3.Matcher.MatcherList.Predicate.PredicateList.predicate:type_name -> xds.type.matcher.v3.Matcher.MatcherList.Predicate
+	9,  // 20: xds.type.matcher.v3.Matcher.MatcherTree.MatchMap.map:type_name -> xds.type.matcher.v3.Matcher.MatcherTree.MatchMap.MapEntry
+	1,  // 21: xds.type.matcher.v3.Matcher.MatcherTree.MatchMap.MapEntry.value:type_name -> xds.type.matcher.v3.Matcher.OnMatch
+	22, // [22:22] is the sub-list for method output_type
+	22, // [22:22] is the sub-list for method input_type
+	22, // [22:22] is the sub-list for extension type_name
+	22, // [22:22] is the sub-list for extension extendee
+	0,  // [0:22] is the sub-list for field type_name
+}
+
+func init() { file_xds_type_matcher_v3_matcher_proto_init() }
+func file_xds_type_matcher_v3_matcher_proto_init() {
+	if File_xds_type_matcher_v3_matcher_proto != nil {
+		return
+	}
+	file_xds_type_matcher_v3_string_proto_init()
+	if !protoimpl.UnsafeEnabled {
+		file_xds_type_matcher_v3_matcher_proto_msgTypes[0].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*Matcher); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_xds_type_matcher_v3_matcher_proto_msgTypes[1].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*Matcher_OnMatch); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_xds_type_matcher_v3_matcher_proto_msgTypes[2].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*Matcher_MatcherList); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_xds_type_matcher_v3_matcher_proto_msgTypes[3].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*Matcher_MatcherTree); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_xds_type_matcher_v3_matcher_proto_msgTypes[4].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*Matcher_MatcherList_Predicate); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_xds_type_matcher_v3_matcher_proto_msgTypes[5].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*Matcher_MatcherList_FieldMatcher); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_xds_type_matcher_v3_matcher_proto_msgTypes[6].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*Matcher_MatcherList_Predicate_SinglePredicate); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_xds_type_matcher_v3_matcher_proto_msgTypes[7].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*Matcher_MatcherList_Predicate_PredicateList); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_xds_type_matcher_v3_matcher_proto_msgTypes[8].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*Matcher_MatcherTree_MatchMap); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+	}
+	file_xds_type_matcher_v3_matcher_proto_msgTypes[0].OneofWrappers = []interface{}{
+		(*Matcher_MatcherList_)(nil),
+		(*Matcher_MatcherTree_)(nil),
+	}
+	file_xds_type_matcher_v3_matcher_proto_msgTypes[1].OneofWrappers = []interface{}{
+		(*Matcher_OnMatch_Matcher)(nil),
+		(*Matcher_OnMatch_Action)(nil),
+	}
+	file_xds_type_matcher_v3_matcher_proto_msgTypes[3].OneofWrappers = []interface{}{
+		(*Matcher_MatcherTree_ExactMatchMap)(nil),
+		(*Matcher_MatcherTree_PrefixMatchMap)(nil),
+		(*Matcher_MatcherTree_CustomMatch)(nil),
+	}
+	file_xds_type_matcher_v3_matcher_proto_msgTypes[4].OneofWrappers = []interface{}{
+		(*Matcher_MatcherList_Predicate_SinglePredicate_)(nil),
+		(*Matcher_MatcherList_Predicate_OrMatcher)(nil),
+		(*Matcher_MatcherList_Predicate_AndMatcher)(nil),
+		(*Matcher_MatcherList_Predicate_NotMatcher)(nil),
+	}
+	file_xds_type_matcher_v3_matcher_proto_msgTypes[6].OneofWrappers = []interface{}{
+		(*Matcher_MatcherList_Predicate_SinglePredicate_ValueMatch)(nil),
+		(*Matcher_MatcherList_Predicate_SinglePredicate_CustomMatch)(nil),
+	}
+	type x struct{}
+	out := protoimpl.TypeBuilder{
+		File: protoimpl.DescBuilder{
+			GoPackagePath: reflect.TypeOf(x{}).PkgPath(),
+			RawDescriptor: file_xds_type_matcher_v3_matcher_proto_rawDesc,
+			NumEnums:      0,
+			NumMessages:   10,
+			NumExtensions: 0,
+			NumServices:   0,
+		},
+		GoTypes:           file_xds_type_matcher_v3_matcher_proto_goTypes,
+		DependencyIndexes: file_xds_type_matcher_v3_matcher_proto_depIdxs,
+		MessageInfos:      file_xds_type_matcher_v3_matcher_proto_msgTypes,
+	}.Build()
+	File_xds_type_matcher_v3_matcher_proto = out.File
+	file_xds_type_matcher_v3_matcher_proto_rawDesc = nil
+	file_xds_type_matcher_v3_matcher_proto_goTypes = nil
+	file_xds_type_matcher_v3_matcher_proto_depIdxs = nil
+}
diff --git a/vendor/github.com/cncf/xds/go/xds/type/matcher/v3/matcher.pb.validate.go b/vendor/github.com/cncf/xds/go/xds/type/matcher/v3/matcher.pb.validate.go
new file mode 100644
index 00000000000..d926da28439
--- /dev/null
+++ b/vendor/github.com/cncf/xds/go/xds/type/matcher/v3/matcher.pb.validate.go
@@ -0,0 +1,992 @@
+// Code generated by protoc-gen-validate. DO NOT EDIT.
+// source: xds/type/matcher/v3/matcher.proto
+
+package xds_type_matcher_v3
+
+import (
+	"bytes"
+	"errors"
+	"fmt"
+	"net"
+	"net/mail"
+	"net/url"
+	"regexp"
+	"strings"
+	"time"
+	"unicode/utf8"
+
+	"google.golang.org/protobuf/types/known/anypb"
+)
+
+// ensure the imports are used
+var (
+	_ = bytes.MinRead
+	_ = errors.New("")
+	_ = fmt.Print
+	_ = utf8.UTFMax
+	_ = (*regexp.Regexp)(nil)
+	_ = (*strings.Reader)(nil)
+	_ = net.IPv4len
+	_ = time.Duration(0)
+	_ = (*url.URL)(nil)
+	_ = (*mail.Address)(nil)
+	_ = anypb.Any{}
+)
+
+// Validate checks the field values on Matcher with the rules defined in the
+// proto definition for this message. If any rules are violated, an error is returned.
+func (m *Matcher) Validate() error {
+	if m == nil {
+		return nil
+	}
+
+	if v, ok := interface{}(m.GetOnNoMatch()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return MatcherValidationError{
+				field:  "OnNoMatch",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	switch m.MatcherType.(type) {
+
+	case *Matcher_MatcherList_:
+
+		if v, ok := interface{}(m.GetMatcherList()).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return MatcherValidationError{
+					field:  "MatcherList",
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	case *Matcher_MatcherTree_:
+
+		if v, ok := interface{}(m.GetMatcherTree()).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return MatcherValidationError{
+					field:  "MatcherTree",
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	default:
+		return MatcherValidationError{
+			field:  "MatcherType",
+			reason: "value is required",
+		}
+
+	}
+
+	return nil
+}
+
+// MatcherValidationError is the validation error returned by Matcher.Validate
+// if the designated constraints aren't met.
+type MatcherValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e MatcherValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e MatcherValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e MatcherValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e MatcherValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e MatcherValidationError) ErrorName() string { return "MatcherValidationError" }
+
+// Error satisfies the builtin error interface
+func (e MatcherValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sMatcher.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = MatcherValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = MatcherValidationError{}
+
+// Validate checks the field values on Matcher_OnMatch with the rules defined
+// in the proto definition for this message. If any rules are violated, an
+// error is returned.
+func (m *Matcher_OnMatch) Validate() error {
+	if m == nil {
+		return nil
+	}
+
+	switch m.OnMatch.(type) {
+
+	case *Matcher_OnMatch_Matcher:
+
+		if v, ok := interface{}(m.GetMatcher()).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return Matcher_OnMatchValidationError{
+					field:  "Matcher",
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	case *Matcher_OnMatch_Action:
+
+		if v, ok := interface{}(m.GetAction()).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return Matcher_OnMatchValidationError{
+					field:  "Action",
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	default:
+		return Matcher_OnMatchValidationError{
+			field:  "OnMatch",
+			reason: "value is required",
+		}
+
+	}
+
+	return nil
+}
+
+// Matcher_OnMatchValidationError is the validation error returned by
+// Matcher_OnMatch.Validate if the designated constraints aren't met.
+type Matcher_OnMatchValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e Matcher_OnMatchValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e Matcher_OnMatchValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e Matcher_OnMatchValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e Matcher_OnMatchValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e Matcher_OnMatchValidationError) ErrorName() string { return "Matcher_OnMatchValidationError" }
+
+// Error satisfies the builtin error interface
+func (e Matcher_OnMatchValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sMatcher_OnMatch.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = Matcher_OnMatchValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = Matcher_OnMatchValidationError{}
+
+// Validate checks the field values on Matcher_MatcherList with the rules
+// defined in the proto definition for this message. If any rules are
+// violated, an error is returned.
+func (m *Matcher_MatcherList) Validate() error {
+	if m == nil {
+		return nil
+	}
+
+	if len(m.GetMatchers()) < 1 {
+		return Matcher_MatcherListValidationError{
+			field:  "Matchers",
+			reason: "value must contain at least 1 item(s)",
+		}
+	}
+
+	for idx, item := range m.GetMatchers() {
+		_, _ = idx, item
+
+		if v, ok := interface{}(item).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return Matcher_MatcherListValidationError{
+					field:  fmt.Sprintf("Matchers[%v]", idx),
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	}
+
+	return nil
+}
+
+// Matcher_MatcherListValidationError is the validation error returned by
+// Matcher_MatcherList.Validate if the designated constraints aren't met.
+type Matcher_MatcherListValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e Matcher_MatcherListValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e Matcher_MatcherListValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e Matcher_MatcherListValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e Matcher_MatcherListValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e Matcher_MatcherListValidationError) ErrorName() string {
+	return "Matcher_MatcherListValidationError"
+}
+
+// Error satisfies the builtin error interface
+func (e Matcher_MatcherListValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sMatcher_MatcherList.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = Matcher_MatcherListValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = Matcher_MatcherListValidationError{}
+
+// Validate checks the field values on Matcher_MatcherTree with the rules
+// defined in the proto definition for this message. If any rules are
+// violated, an error is returned.
+func (m *Matcher_MatcherTree) Validate() error {
+	if m == nil {
+		return nil
+	}
+
+	if m.GetInput() == nil {
+		return Matcher_MatcherTreeValidationError{
+			field:  "Input",
+			reason: "value is required",
+		}
+	}
+
+	if v, ok := interface{}(m.GetInput()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return Matcher_MatcherTreeValidationError{
+				field:  "Input",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	switch m.TreeType.(type) {
+
+	case *Matcher_MatcherTree_ExactMatchMap:
+
+		if v, ok := interface{}(m.GetExactMatchMap()).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return Matcher_MatcherTreeValidationError{
+					field:  "ExactMatchMap",
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	case *Matcher_MatcherTree_PrefixMatchMap:
+
+		if v, ok := interface{}(m.GetPrefixMatchMap()).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return Matcher_MatcherTreeValidationError{
+					field:  "PrefixMatchMap",
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	case *Matcher_MatcherTree_CustomMatch:
+
+		if v, ok := interface{}(m.GetCustomMatch()).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return Matcher_MatcherTreeValidationError{
+					field:  "CustomMatch",
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	default:
+		return Matcher_MatcherTreeValidationError{
+			field:  "TreeType",
+			reason: "value is required",
+		}
+
+	}
+
+	return nil
+}
+
+// Matcher_MatcherTreeValidationError is the validation error returned by
+// Matcher_MatcherTree.Validate if the designated constraints aren't met.
+type Matcher_MatcherTreeValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e Matcher_MatcherTreeValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e Matcher_MatcherTreeValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e Matcher_MatcherTreeValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e Matcher_MatcherTreeValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e Matcher_MatcherTreeValidationError) ErrorName() string {
+	return "Matcher_MatcherTreeValidationError"
+}
+
+// Error satisfies the builtin error interface
+func (e Matcher_MatcherTreeValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sMatcher_MatcherTree.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = Matcher_MatcherTreeValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = Matcher_MatcherTreeValidationError{}
+
+// Validate checks the field values on Matcher_MatcherList_Predicate with the
+// rules defined in the proto definition for this message. If any rules are
+// violated, an error is returned.
+func (m *Matcher_MatcherList_Predicate) Validate() error {
+	if m == nil {
+		return nil
+	}
+
+	switch m.MatchType.(type) {
+
+	case *Matcher_MatcherList_Predicate_SinglePredicate_:
+
+		if v, ok := interface{}(m.GetSinglePredicate()).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return Matcher_MatcherList_PredicateValidationError{
+					field:  "SinglePredicate",
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	case *Matcher_MatcherList_Predicate_OrMatcher:
+
+		if v, ok := interface{}(m.GetOrMatcher()).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return Matcher_MatcherList_PredicateValidationError{
+					field:  "OrMatcher",
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	case *Matcher_MatcherList_Predicate_AndMatcher:
+
+		if v, ok := interface{}(m.GetAndMatcher()).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return Matcher_MatcherList_PredicateValidationError{
+					field:  "AndMatcher",
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	case *Matcher_MatcherList_Predicate_NotMatcher:
+
+		if v, ok := interface{}(m.GetNotMatcher()).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return Matcher_MatcherList_PredicateValidationError{
+					field:  "NotMatcher",
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	default:
+		return Matcher_MatcherList_PredicateValidationError{
+			field:  "MatchType",
+			reason: "value is required",
+		}
+
+	}
+
+	return nil
+}
+
+// Matcher_MatcherList_PredicateValidationError is the validation error
+// returned by Matcher_MatcherList_Predicate.Validate if the designated
+// constraints aren't met.
+type Matcher_MatcherList_PredicateValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e Matcher_MatcherList_PredicateValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e Matcher_MatcherList_PredicateValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e Matcher_MatcherList_PredicateValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e Matcher_MatcherList_PredicateValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e Matcher_MatcherList_PredicateValidationError) ErrorName() string {
+	return "Matcher_MatcherList_PredicateValidationError"
+}
+
+// Error satisfies the builtin error interface
+func (e Matcher_MatcherList_PredicateValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sMatcher_MatcherList_Predicate.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = Matcher_MatcherList_PredicateValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = Matcher_MatcherList_PredicateValidationError{}
+
+// Validate checks the field values on Matcher_MatcherList_FieldMatcher with
+// the rules defined in the proto definition for this message. If any rules
+// are violated, an error is returned.
+func (m *Matcher_MatcherList_FieldMatcher) Validate() error {
+	if m == nil {
+		return nil
+	}
+
+	if m.GetPredicate() == nil {
+		return Matcher_MatcherList_FieldMatcherValidationError{
+			field:  "Predicate",
+			reason: "value is required",
+		}
+	}
+
+	if v, ok := interface{}(m.GetPredicate()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return Matcher_MatcherList_FieldMatcherValidationError{
+				field:  "Predicate",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if m.GetOnMatch() == nil {
+		return Matcher_MatcherList_FieldMatcherValidationError{
+			field:  "OnMatch",
+			reason: "value is required",
+		}
+	}
+
+	if v, ok := interface{}(m.GetOnMatch()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return Matcher_MatcherList_FieldMatcherValidationError{
+				field:  "OnMatch",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	return nil
+}
+
+// Matcher_MatcherList_FieldMatcherValidationError is the validation error
+// returned by Matcher_MatcherList_FieldMatcher.Validate if the designated
+// constraints aren't met.
+type Matcher_MatcherList_FieldMatcherValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e Matcher_MatcherList_FieldMatcherValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e Matcher_MatcherList_FieldMatcherValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e Matcher_MatcherList_FieldMatcherValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e Matcher_MatcherList_FieldMatcherValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e Matcher_MatcherList_FieldMatcherValidationError) ErrorName() string {
+	return "Matcher_MatcherList_FieldMatcherValidationError"
+}
+
+// Error satisfies the builtin error interface
+func (e Matcher_MatcherList_FieldMatcherValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sMatcher_MatcherList_FieldMatcher.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = Matcher_MatcherList_FieldMatcherValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = Matcher_MatcherList_FieldMatcherValidationError{}
+
+// Validate checks the field values on
+// Matcher_MatcherList_Predicate_SinglePredicate with the rules defined in the
+// proto definition for this message. If any rules are violated, an error is returned.
+func (m *Matcher_MatcherList_Predicate_SinglePredicate) Validate() error {
+	if m == nil {
+		return nil
+	}
+
+	if m.GetInput() == nil {
+		return Matcher_MatcherList_Predicate_SinglePredicateValidationError{
+			field:  "Input",
+			reason: "value is required",
+		}
+	}
+
+	if v, ok := interface{}(m.GetInput()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return Matcher_MatcherList_Predicate_SinglePredicateValidationError{
+				field:  "Input",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	switch m.Matcher.(type) {
+
+	case *Matcher_MatcherList_Predicate_SinglePredicate_ValueMatch:
+
+		if v, ok := interface{}(m.GetValueMatch()).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return Matcher_MatcherList_Predicate_SinglePredicateValidationError{
+					field:  "ValueMatch",
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	case *Matcher_MatcherList_Predicate_SinglePredicate_CustomMatch:
+
+		if v, ok := interface{}(m.GetCustomMatch()).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return Matcher_MatcherList_Predicate_SinglePredicateValidationError{
+					field:  "CustomMatch",
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	default:
+		return Matcher_MatcherList_Predicate_SinglePredicateValidationError{
+			field:  "Matcher",
+			reason: "value is required",
+		}
+
+	}
+
+	return nil
+}
+
+// Matcher_MatcherList_Predicate_SinglePredicateValidationError is the
+// validation error returned by
+// Matcher_MatcherList_Predicate_SinglePredicate.Validate if the designated
+// constraints aren't met.
+type Matcher_MatcherList_Predicate_SinglePredicateValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e Matcher_MatcherList_Predicate_SinglePredicateValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e Matcher_MatcherList_Predicate_SinglePredicateValidationError) Reason() string {
+	return e.reason
+}
+
+// Cause function returns cause value.
+func (e Matcher_MatcherList_Predicate_SinglePredicateValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e Matcher_MatcherList_Predicate_SinglePredicateValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e Matcher_MatcherList_Predicate_SinglePredicateValidationError) ErrorName() string {
+	return "Matcher_MatcherList_Predicate_SinglePredicateValidationError"
+}
+
+// Error satisfies the builtin error interface
+func (e Matcher_MatcherList_Predicate_SinglePredicateValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sMatcher_MatcherList_Predicate_SinglePredicate.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = Matcher_MatcherList_Predicate_SinglePredicateValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = Matcher_MatcherList_Predicate_SinglePredicateValidationError{}
+
+// Validate checks the field values on
+// Matcher_MatcherList_Predicate_PredicateList with the rules defined in the
+// proto definition for this message. If any rules are violated, an error is returned.
+func (m *Matcher_MatcherList_Predicate_PredicateList) Validate() error {
+	if m == nil {
+		return nil
+	}
+
+	if len(m.GetPredicate()) < 2 {
+		return Matcher_MatcherList_Predicate_PredicateListValidationError{
+			field:  "Predicate",
+			reason: "value must contain at least 2 item(s)",
+		}
+	}
+
+	for idx, item := range m.GetPredicate() {
+		_, _ = idx, item
+
+		if v, ok := interface{}(item).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return Matcher_MatcherList_Predicate_PredicateListValidationError{
+					field:  fmt.Sprintf("Predicate[%v]", idx),
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	}
+
+	return nil
+}
+
+// Matcher_MatcherList_Predicate_PredicateListValidationError is the validation
+// error returned by Matcher_MatcherList_Predicate_PredicateList.Validate if
+// the designated constraints aren't met.
+type Matcher_MatcherList_Predicate_PredicateListValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e Matcher_MatcherList_Predicate_PredicateListValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e Matcher_MatcherList_Predicate_PredicateListValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e Matcher_MatcherList_Predicate_PredicateListValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e Matcher_MatcherList_Predicate_PredicateListValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e Matcher_MatcherList_Predicate_PredicateListValidationError) ErrorName() string {
+	return "Matcher_MatcherList_Predicate_PredicateListValidationError"
+}
+
+// Error satisfies the builtin error interface
+func (e Matcher_MatcherList_Predicate_PredicateListValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sMatcher_MatcherList_Predicate_PredicateList.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = Matcher_MatcherList_Predicate_PredicateListValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = Matcher_MatcherList_Predicate_PredicateListValidationError{}
+
+// Validate checks the field values on Matcher_MatcherTree_MatchMap with the
+// rules defined in the proto definition for this message. If any rules are
+// violated, an error is returned.
+func (m *Matcher_MatcherTree_MatchMap) Validate() error {
+	if m == nil {
+		return nil
+	}
+
+	if len(m.GetMap()) < 1 {
+		return Matcher_MatcherTree_MatchMapValidationError{
+			field:  "Map",
+			reason: "value must contain at least 1 pair(s)",
+		}
+	}
+
+	for key, val := range m.GetMap() {
+		_ = val
+
+		// no validation rules for Map[key]
+
+		if v, ok := interface{}(val).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return Matcher_MatcherTree_MatchMapValidationError{
+					field:  fmt.Sprintf("Map[%v]", key),
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	}
+
+	return nil
+}
+
+// Matcher_MatcherTree_MatchMapValidationError is the validation error returned
+// by Matcher_MatcherTree_MatchMap.Validate if the designated constraints
+// aren't met.
+type Matcher_MatcherTree_MatchMapValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e Matcher_MatcherTree_MatchMapValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e Matcher_MatcherTree_MatchMapValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e Matcher_MatcherTree_MatchMapValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e Matcher_MatcherTree_MatchMapValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e Matcher_MatcherTree_MatchMapValidationError) ErrorName() string {
+	return "Matcher_MatcherTree_MatchMapValidationError"
+}
+
+// Error satisfies the builtin error interface
+func (e Matcher_MatcherTree_MatchMapValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sMatcher_MatcherTree_MatchMap.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = Matcher_MatcherTree_MatchMapValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = Matcher_MatcherTree_MatchMapValidationError{}
diff --git a/vendor/github.com/cncf/xds/go/xds/type/matcher/v3/regex.pb.go b/vendor/github.com/cncf/xds/go/xds/type/matcher/v3/regex.pb.go
new file mode 100644
index 00000000000..b1c05f763e9
--- /dev/null
+++ b/vendor/github.com/cncf/xds/go/xds/type/matcher/v3/regex.pb.go
@@ -0,0 +1,246 @@
+// Code generated by protoc-gen-go. DO NOT EDIT.
+// versions:
+// 	protoc-gen-go v1.25.0
+// 	protoc        v3.18.0
+// source: xds/type/matcher/v3/regex.proto
+
+package xds_type_matcher_v3
+
+import (
+	_ "github.com/envoyproxy/protoc-gen-validate/validate"
+	proto "github.com/golang/protobuf/proto"
+	_ "github.com/golang/protobuf/ptypes/wrappers"
+	protoreflect "google.golang.org/protobuf/reflect/protoreflect"
+	protoimpl "google.golang.org/protobuf/runtime/protoimpl"
+	reflect "reflect"
+	sync "sync"
+)
+
+const (
+	// Verify that this generated code is sufficiently up-to-date.
+	_ = protoimpl.EnforceVersion(20 - protoimpl.MinVersion)
+	// Verify that runtime/protoimpl is sufficiently up-to-date.
+	_ = protoimpl.EnforceVersion(protoimpl.MaxVersion - 20)
+)
+
+// This is a compile-time assertion that a sufficiently up-to-date version
+// of the legacy proto package is being used.
+const _ = proto.ProtoPackageIsVersion4
+
+type RegexMatcher struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// Types that are assignable to EngineType:
+	//	*RegexMatcher_GoogleRe2
+	EngineType isRegexMatcher_EngineType `protobuf_oneof:"engine_type"`
+	Regex      string                    `protobuf:"bytes,2,opt,name=regex,proto3" json:"regex,omitempty"`
+}
+
+func (x *RegexMatcher) Reset() {
+	*x = RegexMatcher{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_xds_type_matcher_v3_regex_proto_msgTypes[0]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *RegexMatcher) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*RegexMatcher) ProtoMessage() {}
+
+func (x *RegexMatcher) ProtoReflect() protoreflect.Message {
+	mi := &file_xds_type_matcher_v3_regex_proto_msgTypes[0]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use RegexMatcher.ProtoReflect.Descriptor instead.
+func (*RegexMatcher) Descriptor() ([]byte, []int) {
+	return file_xds_type_matcher_v3_regex_proto_rawDescGZIP(), []int{0}
+}
+
+func (m *RegexMatcher) GetEngineType() isRegexMatcher_EngineType {
+	if m != nil {
+		return m.EngineType
+	}
+	return nil
+}
+
+func (x *RegexMatcher) GetGoogleRe2() *RegexMatcher_GoogleRE2 {
+	if x, ok := x.GetEngineType().(*RegexMatcher_GoogleRe2); ok {
+		return x.GoogleRe2
+	}
+	return nil
+}
+
+func (x *RegexMatcher) GetRegex() string {
+	if x != nil {
+		return x.Regex
+	}
+	return ""
+}
+
+type isRegexMatcher_EngineType interface {
+	isRegexMatcher_EngineType()
+}
+
+type RegexMatcher_GoogleRe2 struct {
+	GoogleRe2 *RegexMatcher_GoogleRE2 `protobuf:"bytes,1,opt,name=google_re2,json=googleRe2,proto3,oneof"`
+}
+
+func (*RegexMatcher_GoogleRe2) isRegexMatcher_EngineType() {}
+
+type RegexMatcher_GoogleRE2 struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+}
+
+func (x *RegexMatcher_GoogleRE2) Reset() {
+	*x = RegexMatcher_GoogleRE2{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_xds_type_matcher_v3_regex_proto_msgTypes[1]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *RegexMatcher_GoogleRE2) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*RegexMatcher_GoogleRE2) ProtoMessage() {}
+
+func (x *RegexMatcher_GoogleRE2) ProtoReflect() protoreflect.Message {
+	mi := &file_xds_type_matcher_v3_regex_proto_msgTypes[1]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use RegexMatcher_GoogleRE2.ProtoReflect.Descriptor instead.
+func (*RegexMatcher_GoogleRE2) Descriptor() ([]byte, []int) {
+	return file_xds_type_matcher_v3_regex_proto_rawDescGZIP(), []int{0, 0}
+}
+
+var File_xds_type_matcher_v3_regex_proto protoreflect.FileDescriptor
+
+var file_xds_type_matcher_v3_regex_proto_rawDesc = []byte{
+	0x0a, 0x1f, 0x78, 0x64, 0x73, 0x2f, 0x74, 0x79, 0x70, 0x65, 0x2f, 0x6d, 0x61, 0x74, 0x63, 0x68,
+	0x65, 0x72, 0x2f, 0x76, 0x33, 0x2f, 0x72, 0x65, 0x67, 0x65, 0x78, 0x2e, 0x70, 0x72, 0x6f, 0x74,
+	0x6f, 0x12, 0x13, 0x78, 0x64, 0x73, 0x2e, 0x74, 0x79, 0x70, 0x65, 0x2e, 0x6d, 0x61, 0x74, 0x63,
+	0x68, 0x65, 0x72, 0x2e, 0x76, 0x33, 0x1a, 0x1e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2f, 0x70,
+	0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2f, 0x77, 0x72, 0x61, 0x70, 0x70, 0x65, 0x72, 0x73,
+	0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x17, 0x76, 0x61, 0x6c, 0x69, 0x64, 0x61, 0x74, 0x65,
+	0x2f, 0x76, 0x61, 0x6c, 0x69, 0x64, 0x61, 0x74, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x22,
+	0xa6, 0x01, 0x0a, 0x0c, 0x52, 0x65, 0x67, 0x65, 0x78, 0x4d, 0x61, 0x74, 0x63, 0x68, 0x65, 0x72,
+	0x12, 0x56, 0x0a, 0x0a, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x5f, 0x72, 0x65, 0x32, 0x18, 0x01,
+	0x20, 0x01, 0x28, 0x0b, 0x32, 0x2b, 0x2e, 0x78, 0x64, 0x73, 0x2e, 0x74, 0x79, 0x70, 0x65, 0x2e,
+	0x6d, 0x61, 0x74, 0x63, 0x68, 0x65, 0x72, 0x2e, 0x76, 0x33, 0x2e, 0x52, 0x65, 0x67, 0x65, 0x78,
+	0x4d, 0x61, 0x74, 0x63, 0x68, 0x65, 0x72, 0x2e, 0x47, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x52, 0x45,
+	0x32, 0x42, 0x08, 0xfa, 0x42, 0x05, 0x8a, 0x01, 0x02, 0x10, 0x01, 0x48, 0x00, 0x52, 0x09, 0x67,
+	0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x52, 0x65, 0x32, 0x12, 0x1d, 0x0a, 0x05, 0x72, 0x65, 0x67, 0x65,
+	0x78, 0x18, 0x02, 0x20, 0x01, 0x28, 0x09, 0x42, 0x07, 0xfa, 0x42, 0x04, 0x72, 0x02, 0x10, 0x01,
+	0x52, 0x05, 0x72, 0x65, 0x67, 0x65, 0x78, 0x1a, 0x0b, 0x0a, 0x09, 0x47, 0x6f, 0x6f, 0x67, 0x6c,
+	0x65, 0x52, 0x45, 0x32, 0x42, 0x12, 0x0a, 0x0b, 0x65, 0x6e, 0x67, 0x69, 0x6e, 0x65, 0x5f, 0x74,
+	0x79, 0x70, 0x65, 0x12, 0x03, 0xf8, 0x42, 0x01, 0x42, 0x2e, 0x0a, 0x1e, 0x63, 0x6f, 0x6d, 0x2e,
+	0x67, 0x69, 0x74, 0x68, 0x75, 0x62, 0x2e, 0x78, 0x64, 0x73, 0x2e, 0x74, 0x79, 0x70, 0x65, 0x2e,
+	0x6d, 0x61, 0x74, 0x63, 0x68, 0x65, 0x72, 0x2e, 0x76, 0x33, 0x42, 0x0a, 0x52, 0x65, 0x67, 0x65,
+	0x78, 0x50, 0x72, 0x6f, 0x74, 0x6f, 0x50, 0x01, 0x62, 0x06, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x33,
+}
+
+var (
+	file_xds_type_matcher_v3_regex_proto_rawDescOnce sync.Once
+	file_xds_type_matcher_v3_regex_proto_rawDescData = file_xds_type_matcher_v3_regex_proto_rawDesc
+)
+
+func file_xds_type_matcher_v3_regex_proto_rawDescGZIP() []byte {
+	file_xds_type_matcher_v3_regex_proto_rawDescOnce.Do(func() {
+		file_xds_type_matcher_v3_regex_proto_rawDescData = protoimpl.X.CompressGZIP(file_xds_type_matcher_v3_regex_proto_rawDescData)
+	})
+	return file_xds_type_matcher_v3_regex_proto_rawDescData
+}
+
+var file_xds_type_matcher_v3_regex_proto_msgTypes = make([]protoimpl.MessageInfo, 2)
+var file_xds_type_matcher_v3_regex_proto_goTypes = []interface{}{
+	(*RegexMatcher)(nil),           // 0: xds.type.matcher.v3.RegexMatcher
+	(*RegexMatcher_GoogleRE2)(nil), // 1: xds.type.matcher.v3.RegexMatcher.GoogleRE2
+}
+var file_xds_type_matcher_v3_regex_proto_depIdxs = []int32{
+	1, // 0: xds.type.matcher.v3.RegexMatcher.google_re2:type_name -> xds.type.matcher.v3.RegexMatcher.GoogleRE2
+	1, // [1:1] is the sub-list for method output_type
+	1, // [1:1] is the sub-list for method input_type
+	1, // [1:1] is the sub-list for extension type_name
+	1, // [1:1] is the sub-list for extension extendee
+	0, // [0:1] is the sub-list for field type_name
+}
+
+func init() { file_xds_type_matcher_v3_regex_proto_init() }
+func file_xds_type_matcher_v3_regex_proto_init() {
+	if File_xds_type_matcher_v3_regex_proto != nil {
+		return
+	}
+	if !protoimpl.UnsafeEnabled {
+		file_xds_type_matcher_v3_regex_proto_msgTypes[0].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*RegexMatcher); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_xds_type_matcher_v3_regex_proto_msgTypes[1].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*RegexMatcher_GoogleRE2); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+	}
+	file_xds_type_matcher_v3_regex_proto_msgTypes[0].OneofWrappers = []interface{}{
+		(*RegexMatcher_GoogleRe2)(nil),
+	}
+	type x struct{}
+	out := protoimpl.TypeBuilder{
+		File: protoimpl.DescBuilder{
+			GoPackagePath: reflect.TypeOf(x{}).PkgPath(),
+			RawDescriptor: file_xds_type_matcher_v3_regex_proto_rawDesc,
+			NumEnums:      0,
+			NumMessages:   2,
+			NumExtensions: 0,
+			NumServices:   0,
+		},
+		GoTypes:           file_xds_type_matcher_v3_regex_proto_goTypes,
+		DependencyIndexes: file_xds_type_matcher_v3_regex_proto_depIdxs,
+		MessageInfos:      file_xds_type_matcher_v3_regex_proto_msgTypes,
+	}.Build()
+	File_xds_type_matcher_v3_regex_proto = out.File
+	file_xds_type_matcher_v3_regex_proto_rawDesc = nil
+	file_xds_type_matcher_v3_regex_proto_goTypes = nil
+	file_xds_type_matcher_v3_regex_proto_depIdxs = nil
+}
diff --git a/vendor/github.com/cncf/xds/go/xds/type/matcher/v3/regex.pb.validate.go b/vendor/github.com/cncf/xds/go/xds/type/matcher/v3/regex.pb.validate.go
new file mode 100644
index 00000000000..1f87fc73d2c
--- /dev/null
+++ b/vendor/github.com/cncf/xds/go/xds/type/matcher/v3/regex.pb.validate.go
@@ -0,0 +1,202 @@
+// Code generated by protoc-gen-validate. DO NOT EDIT.
+// source: xds/type/matcher/v3/regex.proto
+
+package xds_type_matcher_v3
+
+import (
+	"bytes"
+	"errors"
+	"fmt"
+	"net"
+	"net/mail"
+	"net/url"
+	"regexp"
+	"strings"
+	"time"
+	"unicode/utf8"
+
+	"google.golang.org/protobuf/types/known/anypb"
+)
+
+// ensure the imports are used
+var (
+	_ = bytes.MinRead
+	_ = errors.New("")
+	_ = fmt.Print
+	_ = utf8.UTFMax
+	_ = (*regexp.Regexp)(nil)
+	_ = (*strings.Reader)(nil)
+	_ = net.IPv4len
+	_ = time.Duration(0)
+	_ = (*url.URL)(nil)
+	_ = (*mail.Address)(nil)
+	_ = anypb.Any{}
+)
+
+// Validate checks the field values on RegexMatcher with the rules defined in
+// the proto definition for this message. If any rules are violated, an error
+// is returned.
+func (m *RegexMatcher) Validate() error {
+	if m == nil {
+		return nil
+	}
+
+	if utf8.RuneCountInString(m.GetRegex()) < 1 {
+		return RegexMatcherValidationError{
+			field:  "Regex",
+			reason: "value length must be at least 1 runes",
+		}
+	}
+
+	switch m.EngineType.(type) {
+
+	case *RegexMatcher_GoogleRe2:
+
+		if m.GetGoogleRe2() == nil {
+			return RegexMatcherValidationError{
+				field:  "GoogleRe2",
+				reason: "value is required",
+			}
+		}
+
+		if v, ok := interface{}(m.GetGoogleRe2()).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return RegexMatcherValidationError{
+					field:  "GoogleRe2",
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	default:
+		return RegexMatcherValidationError{
+			field:  "EngineType",
+			reason: "value is required",
+		}
+
+	}
+
+	return nil
+}
+
+// RegexMatcherValidationError is the validation error returned by
+// RegexMatcher.Validate if the designated constraints aren't met.
+type RegexMatcherValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e RegexMatcherValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e RegexMatcherValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e RegexMatcherValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e RegexMatcherValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e RegexMatcherValidationError) ErrorName() string { return "RegexMatcherValidationError" }
+
+// Error satisfies the builtin error interface
+func (e RegexMatcherValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sRegexMatcher.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = RegexMatcherValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = RegexMatcherValidationError{}
+
+// Validate checks the field values on RegexMatcher_GoogleRE2 with the rules
+// defined in the proto definition for this message. If any rules are
+// violated, an error is returned.
+func (m *RegexMatcher_GoogleRE2) Validate() error {
+	if m == nil {
+		return nil
+	}
+
+	return nil
+}
+
+// RegexMatcher_GoogleRE2ValidationError is the validation error returned by
+// RegexMatcher_GoogleRE2.Validate if the designated constraints aren't met.
+type RegexMatcher_GoogleRE2ValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e RegexMatcher_GoogleRE2ValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e RegexMatcher_GoogleRE2ValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e RegexMatcher_GoogleRE2ValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e RegexMatcher_GoogleRE2ValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e RegexMatcher_GoogleRE2ValidationError) ErrorName() string {
+	return "RegexMatcher_GoogleRE2ValidationError"
+}
+
+// Error satisfies the builtin error interface
+func (e RegexMatcher_GoogleRE2ValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sRegexMatcher_GoogleRE2.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = RegexMatcher_GoogleRE2ValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = RegexMatcher_GoogleRE2ValidationError{}
diff --git a/vendor/github.com/cncf/xds/go/xds/type/matcher/v3/string.pb.go b/vendor/github.com/cncf/xds/go/xds/type/matcher/v3/string.pb.go
new file mode 100644
index 00000000000..9398b859ddb
--- /dev/null
+++ b/vendor/github.com/cncf/xds/go/xds/type/matcher/v3/string.pb.go
@@ -0,0 +1,331 @@
+// Code generated by protoc-gen-go. DO NOT EDIT.
+// versions:
+// 	protoc-gen-go v1.25.0
+// 	protoc        v3.18.0
+// source: xds/type/matcher/v3/string.proto
+
+package xds_type_matcher_v3
+
+import (
+	_ "github.com/envoyproxy/protoc-gen-validate/validate"
+	proto "github.com/golang/protobuf/proto"
+	protoreflect "google.golang.org/protobuf/reflect/protoreflect"
+	protoimpl "google.golang.org/protobuf/runtime/protoimpl"
+	reflect "reflect"
+	sync "sync"
+)
+
+const (
+	// Verify that this generated code is sufficiently up-to-date.
+	_ = protoimpl.EnforceVersion(20 - protoimpl.MinVersion)
+	// Verify that runtime/protoimpl is sufficiently up-to-date.
+	_ = protoimpl.EnforceVersion(protoimpl.MaxVersion - 20)
+)
+
+// This is a compile-time assertion that a sufficiently up-to-date version
+// of the legacy proto package is being used.
+const _ = proto.ProtoPackageIsVersion4
+
+type StringMatcher struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// Types that are assignable to MatchPattern:
+	//	*StringMatcher_Exact
+	//	*StringMatcher_Prefix
+	//	*StringMatcher_Suffix
+	//	*StringMatcher_SafeRegex
+	//	*StringMatcher_Contains
+	MatchPattern isStringMatcher_MatchPattern `protobuf_oneof:"match_pattern"`
+	IgnoreCase   bool                         `protobuf:"varint,6,opt,name=ignore_case,json=ignoreCase,proto3" json:"ignore_case,omitempty"`
+}
+
+func (x *StringMatcher) Reset() {
+	*x = StringMatcher{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_xds_type_matcher_v3_string_proto_msgTypes[0]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *StringMatcher) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*StringMatcher) ProtoMessage() {}
+
+func (x *StringMatcher) ProtoReflect() protoreflect.Message {
+	mi := &file_xds_type_matcher_v3_string_proto_msgTypes[0]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use StringMatcher.ProtoReflect.Descriptor instead.
+func (*StringMatcher) Descriptor() ([]byte, []int) {
+	return file_xds_type_matcher_v3_string_proto_rawDescGZIP(), []int{0}
+}
+
+func (m *StringMatcher) GetMatchPattern() isStringMatcher_MatchPattern {
+	if m != nil {
+		return m.MatchPattern
+	}
+	return nil
+}
+
+func (x *StringMatcher) GetExact() string {
+	if x, ok := x.GetMatchPattern().(*StringMatcher_Exact); ok {
+		return x.Exact
+	}
+	return ""
+}
+
+func (x *StringMatcher) GetPrefix() string {
+	if x, ok := x.GetMatchPattern().(*StringMatcher_Prefix); ok {
+		return x.Prefix
+	}
+	return ""
+}
+
+func (x *StringMatcher) GetSuffix() string {
+	if x, ok := x.GetMatchPattern().(*StringMatcher_Suffix); ok {
+		return x.Suffix
+	}
+	return ""
+}
+
+func (x *StringMatcher) GetSafeRegex() *RegexMatcher {
+	if x, ok := x.GetMatchPattern().(*StringMatcher_SafeRegex); ok {
+		return x.SafeRegex
+	}
+	return nil
+}
+
+func (x *StringMatcher) GetContains() string {
+	if x, ok := x.GetMatchPattern().(*StringMatcher_Contains); ok {
+		return x.Contains
+	}
+	return ""
+}
+
+func (x *StringMatcher) GetIgnoreCase() bool {
+	if x != nil {
+		return x.IgnoreCase
+	}
+	return false
+}
+
+type isStringMatcher_MatchPattern interface {
+	isStringMatcher_MatchPattern()
+}
+
+type StringMatcher_Exact struct {
+	Exact string `protobuf:"bytes,1,opt,name=exact,proto3,oneof"`
+}
+
+type StringMatcher_Prefix struct {
+	Prefix string `protobuf:"bytes,2,opt,name=prefix,proto3,oneof"`
+}
+
+type StringMatcher_Suffix struct {
+	Suffix string `protobuf:"bytes,3,opt,name=suffix,proto3,oneof"`
+}
+
+type StringMatcher_SafeRegex struct {
+	SafeRegex *RegexMatcher `protobuf:"bytes,5,opt,name=safe_regex,json=safeRegex,proto3,oneof"`
+}
+
+type StringMatcher_Contains struct {
+	Contains string `protobuf:"bytes,7,opt,name=contains,proto3,oneof"`
+}
+
+func (*StringMatcher_Exact) isStringMatcher_MatchPattern() {}
+
+func (*StringMatcher_Prefix) isStringMatcher_MatchPattern() {}
+
+func (*StringMatcher_Suffix) isStringMatcher_MatchPattern() {}
+
+func (*StringMatcher_SafeRegex) isStringMatcher_MatchPattern() {}
+
+func (*StringMatcher_Contains) isStringMatcher_MatchPattern() {}
+
+type ListStringMatcher struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	Patterns []*StringMatcher `protobuf:"bytes,1,rep,name=patterns,proto3" json:"patterns,omitempty"`
+}
+
+func (x *ListStringMatcher) Reset() {
+	*x = ListStringMatcher{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_xds_type_matcher_v3_string_proto_msgTypes[1]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *ListStringMatcher) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*ListStringMatcher) ProtoMessage() {}
+
+func (x *ListStringMatcher) ProtoReflect() protoreflect.Message {
+	mi := &file_xds_type_matcher_v3_string_proto_msgTypes[1]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use ListStringMatcher.ProtoReflect.Descriptor instead.
+func (*ListStringMatcher) Descriptor() ([]byte, []int) {
+	return file_xds_type_matcher_v3_string_proto_rawDescGZIP(), []int{1}
+}
+
+func (x *ListStringMatcher) GetPatterns() []*StringMatcher {
+	if x != nil {
+		return x.Patterns
+	}
+	return nil
+}
+
+var File_xds_type_matcher_v3_string_proto protoreflect.FileDescriptor
+
+var file_xds_type_matcher_v3_string_proto_rawDesc = []byte{
+	0x0a, 0x20, 0x78, 0x64, 0x73, 0x2f, 0x74, 0x79, 0x70, 0x65, 0x2f, 0x6d, 0x61, 0x74, 0x63, 0x68,
+	0x65, 0x72, 0x2f, 0x76, 0x33, 0x2f, 0x73, 0x74, 0x72, 0x69, 0x6e, 0x67, 0x2e, 0x70, 0x72, 0x6f,
+	0x74, 0x6f, 0x12, 0x13, 0x78, 0x64, 0x73, 0x2e, 0x74, 0x79, 0x70, 0x65, 0x2e, 0x6d, 0x61, 0x74,
+	0x63, 0x68, 0x65, 0x72, 0x2e, 0x76, 0x33, 0x1a, 0x1f, 0x78, 0x64, 0x73, 0x2f, 0x74, 0x79, 0x70,
+	0x65, 0x2f, 0x6d, 0x61, 0x74, 0x63, 0x68, 0x65, 0x72, 0x2f, 0x76, 0x33, 0x2f, 0x72, 0x65, 0x67,
+	0x65, 0x78, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x17, 0x76, 0x61, 0x6c, 0x69, 0x64, 0x61,
+	0x74, 0x65, 0x2f, 0x76, 0x61, 0x6c, 0x69, 0x64, 0x61, 0x74, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74,
+	0x6f, 0x22, 0x99, 0x02, 0x0a, 0x0d, 0x53, 0x74, 0x72, 0x69, 0x6e, 0x67, 0x4d, 0x61, 0x74, 0x63,
+	0x68, 0x65, 0x72, 0x12, 0x16, 0x0a, 0x05, 0x65, 0x78, 0x61, 0x63, 0x74, 0x18, 0x01, 0x20, 0x01,
+	0x28, 0x09, 0x48, 0x00, 0x52, 0x05, 0x65, 0x78, 0x61, 0x63, 0x74, 0x12, 0x21, 0x0a, 0x06, 0x70,
+	0x72, 0x65, 0x66, 0x69, 0x78, 0x18, 0x02, 0x20, 0x01, 0x28, 0x09, 0x42, 0x07, 0xfa, 0x42, 0x04,
+	0x72, 0x02, 0x10, 0x01, 0x48, 0x00, 0x52, 0x06, 0x70, 0x72, 0x65, 0x66, 0x69, 0x78, 0x12, 0x21,
+	0x0a, 0x06, 0x73, 0x75, 0x66, 0x66, 0x69, 0x78, 0x18, 0x03, 0x20, 0x01, 0x28, 0x09, 0x42, 0x07,
+	0xfa, 0x42, 0x04, 0x72, 0x02, 0x10, 0x01, 0x48, 0x00, 0x52, 0x06, 0x73, 0x75, 0x66, 0x66, 0x69,
+	0x78, 0x12, 0x4c, 0x0a, 0x0a, 0x73, 0x61, 0x66, 0x65, 0x5f, 0x72, 0x65, 0x67, 0x65, 0x78, 0x18,
+	0x05, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x21, 0x2e, 0x78, 0x64, 0x73, 0x2e, 0x74, 0x79, 0x70, 0x65,
+	0x2e, 0x6d, 0x61, 0x74, 0x63, 0x68, 0x65, 0x72, 0x2e, 0x76, 0x33, 0x2e, 0x52, 0x65, 0x67, 0x65,
+	0x78, 0x4d, 0x61, 0x74, 0x63, 0x68, 0x65, 0x72, 0x42, 0x08, 0xfa, 0x42, 0x05, 0x8a, 0x01, 0x02,
+	0x10, 0x01, 0x48, 0x00, 0x52, 0x09, 0x73, 0x61, 0x66, 0x65, 0x52, 0x65, 0x67, 0x65, 0x78, 0x12,
+	0x25, 0x0a, 0x08, 0x63, 0x6f, 0x6e, 0x74, 0x61, 0x69, 0x6e, 0x73, 0x18, 0x07, 0x20, 0x01, 0x28,
+	0x09, 0x42, 0x07, 0xfa, 0x42, 0x04, 0x72, 0x02, 0x10, 0x01, 0x48, 0x00, 0x52, 0x08, 0x63, 0x6f,
+	0x6e, 0x74, 0x61, 0x69, 0x6e, 0x73, 0x12, 0x1f, 0x0a, 0x0b, 0x69, 0x67, 0x6e, 0x6f, 0x72, 0x65,
+	0x5f, 0x63, 0x61, 0x73, 0x65, 0x18, 0x06, 0x20, 0x01, 0x28, 0x08, 0x52, 0x0a, 0x69, 0x67, 0x6e,
+	0x6f, 0x72, 0x65, 0x43, 0x61, 0x73, 0x65, 0x42, 0x14, 0x0a, 0x0d, 0x6d, 0x61, 0x74, 0x63, 0x68,
+	0x5f, 0x70, 0x61, 0x74, 0x74, 0x65, 0x72, 0x6e, 0x12, 0x03, 0xf8, 0x42, 0x01, 0x22, 0x5d, 0x0a,
+	0x11, 0x4c, 0x69, 0x73, 0x74, 0x53, 0x74, 0x72, 0x69, 0x6e, 0x67, 0x4d, 0x61, 0x74, 0x63, 0x68,
+	0x65, 0x72, 0x12, 0x48, 0x0a, 0x08, 0x70, 0x61, 0x74, 0x74, 0x65, 0x72, 0x6e, 0x73, 0x18, 0x01,
+	0x20, 0x03, 0x28, 0x0b, 0x32, 0x22, 0x2e, 0x78, 0x64, 0x73, 0x2e, 0x74, 0x79, 0x70, 0x65, 0x2e,
+	0x6d, 0x61, 0x74, 0x63, 0x68, 0x65, 0x72, 0x2e, 0x76, 0x33, 0x2e, 0x53, 0x74, 0x72, 0x69, 0x6e,
+	0x67, 0x4d, 0x61, 0x74, 0x63, 0x68, 0x65, 0x72, 0x42, 0x08, 0xfa, 0x42, 0x05, 0x92, 0x01, 0x02,
+	0x08, 0x01, 0x52, 0x08, 0x70, 0x61, 0x74, 0x74, 0x65, 0x72, 0x6e, 0x73, 0x42, 0x2f, 0x0a, 0x1e,
+	0x63, 0x6f, 0x6d, 0x2e, 0x67, 0x69, 0x74, 0x68, 0x75, 0x62, 0x2e, 0x78, 0x64, 0x73, 0x2e, 0x74,
+	0x79, 0x70, 0x65, 0x2e, 0x6d, 0x61, 0x74, 0x63, 0x68, 0x65, 0x72, 0x2e, 0x76, 0x33, 0x42, 0x0b,
+	0x53, 0x74, 0x72, 0x69, 0x6e, 0x67, 0x50, 0x72, 0x6f, 0x74, 0x6f, 0x50, 0x01, 0x62, 0x06, 0x70,
+	0x72, 0x6f, 0x74, 0x6f, 0x33,
+}
+
+var (
+	file_xds_type_matcher_v3_string_proto_rawDescOnce sync.Once
+	file_xds_type_matcher_v3_string_proto_rawDescData = file_xds_type_matcher_v3_string_proto_rawDesc
+)
+
+func file_xds_type_matcher_v3_string_proto_rawDescGZIP() []byte {
+	file_xds_type_matcher_v3_string_proto_rawDescOnce.Do(func() {
+		file_xds_type_matcher_v3_string_proto_rawDescData = protoimpl.X.CompressGZIP(file_xds_type_matcher_v3_string_proto_rawDescData)
+	})
+	return file_xds_type_matcher_v3_string_proto_rawDescData
+}
+
+var file_xds_type_matcher_v3_string_proto_msgTypes = make([]protoimpl.MessageInfo, 2)
+var file_xds_type_matcher_v3_string_proto_goTypes = []interface{}{
+	(*StringMatcher)(nil),     // 0: xds.type.matcher.v3.StringMatcher
+	(*ListStringMatcher)(nil), // 1: xds.type.matcher.v3.ListStringMatcher
+	(*RegexMatcher)(nil),      // 2: xds.type.matcher.v3.RegexMatcher
+}
+var file_xds_type_matcher_v3_string_proto_depIdxs = []int32{
+	2, // 0: xds.type.matcher.v3.StringMatcher.safe_regex:type_name -> xds.type.matcher.v3.RegexMatcher
+	0, // 1: xds.type.matcher.v3.ListStringMatcher.patterns:type_name -> xds.type.matcher.v3.StringMatcher
+	2, // [2:2] is the sub-list for method output_type
+	2, // [2:2] is the sub-list for method input_type
+	2, // [2:2] is the sub-list for extension type_name
+	2, // [2:2] is the sub-list for extension extendee
+	0, // [0:2] is the sub-list for field type_name
+}
+
+func init() { file_xds_type_matcher_v3_string_proto_init() }
+func file_xds_type_matcher_v3_string_proto_init() {
+	if File_xds_type_matcher_v3_string_proto != nil {
+		return
+	}
+	file_xds_type_matcher_v3_regex_proto_init()
+	if !protoimpl.UnsafeEnabled {
+		file_xds_type_matcher_v3_string_proto_msgTypes[0].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*StringMatcher); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_xds_type_matcher_v3_string_proto_msgTypes[1].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*ListStringMatcher); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+	}
+	file_xds_type_matcher_v3_string_proto_msgTypes[0].OneofWrappers = []interface{}{
+		(*StringMatcher_Exact)(nil),
+		(*StringMatcher_Prefix)(nil),
+		(*StringMatcher_Suffix)(nil),
+		(*StringMatcher_SafeRegex)(nil),
+		(*StringMatcher_Contains)(nil),
+	}
+	type x struct{}
+	out := protoimpl.TypeBuilder{
+		File: protoimpl.DescBuilder{
+			GoPackagePath: reflect.TypeOf(x{}).PkgPath(),
+			RawDescriptor: file_xds_type_matcher_v3_string_proto_rawDesc,
+			NumEnums:      0,
+			NumMessages:   2,
+			NumExtensions: 0,
+			NumServices:   0,
+		},
+		GoTypes:           file_xds_type_matcher_v3_string_proto_goTypes,
+		DependencyIndexes: file_xds_type_matcher_v3_string_proto_depIdxs,
+		MessageInfos:      file_xds_type_matcher_v3_string_proto_msgTypes,
+	}.Build()
+	File_xds_type_matcher_v3_string_proto = out.File
+	file_xds_type_matcher_v3_string_proto_rawDesc = nil
+	file_xds_type_matcher_v3_string_proto_goTypes = nil
+	file_xds_type_matcher_v3_string_proto_depIdxs = nil
+}
diff --git a/vendor/github.com/cncf/xds/go/xds/type/matcher/v3/string.pb.validate.go b/vendor/github.com/cncf/xds/go/xds/type/matcher/v3/string.pb.validate.go
new file mode 100644
index 00000000000..371ba22f54e
--- /dev/null
+++ b/vendor/github.com/cncf/xds/go/xds/type/matcher/v3/string.pb.validate.go
@@ -0,0 +1,249 @@
+// Code generated by protoc-gen-validate. DO NOT EDIT.
+// source: xds/type/matcher/v3/string.proto
+
+package xds_type_matcher_v3
+
+import (
+	"bytes"
+	"errors"
+	"fmt"
+	"net"
+	"net/mail"
+	"net/url"
+	"regexp"
+	"strings"
+	"time"
+	"unicode/utf8"
+
+	"google.golang.org/protobuf/types/known/anypb"
+)
+
+// ensure the imports are used
+var (
+	_ = bytes.MinRead
+	_ = errors.New("")
+	_ = fmt.Print
+	_ = utf8.UTFMax
+	_ = (*regexp.Regexp)(nil)
+	_ = (*strings.Reader)(nil)
+	_ = net.IPv4len
+	_ = time.Duration(0)
+	_ = (*url.URL)(nil)
+	_ = (*mail.Address)(nil)
+	_ = anypb.Any{}
+)
+
+// Validate checks the field values on StringMatcher with the rules defined in
+// the proto definition for this message. If any rules are violated, an error
+// is returned.
+func (m *StringMatcher) Validate() error {
+	if m == nil {
+		return nil
+	}
+
+	// no validation rules for IgnoreCase
+
+	switch m.MatchPattern.(type) {
+
+	case *StringMatcher_Exact:
+		// no validation rules for Exact
+
+	case *StringMatcher_Prefix:
+
+		if utf8.RuneCountInString(m.GetPrefix()) < 1 {
+			return StringMatcherValidationError{
+				field:  "Prefix",
+				reason: "value length must be at least 1 runes",
+			}
+		}
+
+	case *StringMatcher_Suffix:
+
+		if utf8.RuneCountInString(m.GetSuffix()) < 1 {
+			return StringMatcherValidationError{
+				field:  "Suffix",
+				reason: "value length must be at least 1 runes",
+			}
+		}
+
+	case *StringMatcher_SafeRegex:
+
+		if m.GetSafeRegex() == nil {
+			return StringMatcherValidationError{
+				field:  "SafeRegex",
+				reason: "value is required",
+			}
+		}
+
+		if v, ok := interface{}(m.GetSafeRegex()).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return StringMatcherValidationError{
+					field:  "SafeRegex",
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	case *StringMatcher_Contains:
+
+		if utf8.RuneCountInString(m.GetContains()) < 1 {
+			return StringMatcherValidationError{
+				field:  "Contains",
+				reason: "value length must be at least 1 runes",
+			}
+		}
+
+	default:
+		return StringMatcherValidationError{
+			field:  "MatchPattern",
+			reason: "value is required",
+		}
+
+	}
+
+	return nil
+}
+
+// StringMatcherValidationError is the validation error returned by
+// StringMatcher.Validate if the designated constraints aren't met.
+type StringMatcherValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e StringMatcherValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e StringMatcherValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e StringMatcherValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e StringMatcherValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e StringMatcherValidationError) ErrorName() string { return "StringMatcherValidationError" }
+
+// Error satisfies the builtin error interface
+func (e StringMatcherValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sStringMatcher.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = StringMatcherValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = StringMatcherValidationError{}
+
+// Validate checks the field values on ListStringMatcher with the rules defined
+// in the proto definition for this message. If any rules are violated, an
+// error is returned.
+func (m *ListStringMatcher) Validate() error {
+	if m == nil {
+		return nil
+	}
+
+	if len(m.GetPatterns()) < 1 {
+		return ListStringMatcherValidationError{
+			field:  "Patterns",
+			reason: "value must contain at least 1 item(s)",
+		}
+	}
+
+	for idx, item := range m.GetPatterns() {
+		_, _ = idx, item
+
+		if v, ok := interface{}(item).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return ListStringMatcherValidationError{
+					field:  fmt.Sprintf("Patterns[%v]", idx),
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	}
+
+	return nil
+}
+
+// ListStringMatcherValidationError is the validation error returned by
+// ListStringMatcher.Validate if the designated constraints aren't met.
+type ListStringMatcherValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e ListStringMatcherValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e ListStringMatcherValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e ListStringMatcherValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e ListStringMatcherValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e ListStringMatcherValidationError) ErrorName() string {
+	return "ListStringMatcherValidationError"
+}
+
+// Error satisfies the builtin error interface
+func (e ListStringMatcherValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sListStringMatcher.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = ListStringMatcherValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = ListStringMatcherValidationError{}
diff --git a/vendor/github.com/cortexproject/cortex/integration/e2e/db/db.go b/vendor/github.com/cortexproject/cortex/integration/e2e/db/db.go
index ed397bbda82..dfdae76f7a0 100644
--- a/vendor/github.com/cortexproject/cortex/integration/e2e/db/db.go
+++ b/vendor/github.com/cortexproject/cortex/integration/e2e/db/db.go
@@ -2,6 +2,7 @@ package e2edb
 
 import (
 	"fmt"
+	"path/filepath"
 	"strings"
 
 	"github.com/cortexproject/cortex/integration/e2e"
@@ -15,11 +16,23 @@ const (
 
 // NewMinio returns minio server, used as a local replacement for S3.
 func NewMinio(port int, bktNames ...string) *e2e.HTTPService {
-	minioKESGithubContent := "https://raw.githubusercontent.com/minio/kes/master"
-	commands := []string{
-		fmt.Sprintf("curl -sSL --tlsv1.2 -O '%s/root.key' -O '%s/root.cert'", minioKESGithubContent, minioKESGithubContent),
+	return newMinio(port, map[string]string{}, bktNames...)
+}
+
+// NewMinioWithKES returns minio server, configured to talk to a KES service.
+func NewMinioWithKES(port int, kesEndpoint, rootKeyFile, rootCertFile, caCertFile string, bktNames ...string) *e2e.HTTPService {
+	kesEnvVars := map[string]string{
+		"MINIO_KMS_KES_ENDPOINT":  kesEndpoint,
+		"MINIO_KMS_KES_KEY_FILE":  filepath.Join(e2e.ContainerSharedDir, rootKeyFile),
+		"MINIO_KMS_KES_CERT_FILE": filepath.Join(e2e.ContainerSharedDir, rootCertFile),
+		"MINIO_KMS_KES_CAPATH":    filepath.Join(e2e.ContainerSharedDir, caCertFile),
+		"MINIO_KMS_KES_KEY_NAME":  "my-minio-key",
 	}
+	return newMinio(port, kesEnvVars, bktNames...)
+}
 
+func newMinio(port int, envVars map[string]string, bktNames ...string) *e2e.HTTPService {
+	commands := []string{}
 	for _, bkt := range bktNames {
 		commands = append(commands, fmt.Sprintf("mkdir -p /data/%s", bkt))
 	}
@@ -33,17 +46,27 @@ func NewMinio(port int, bktNames ...string) *e2e.HTTPService {
 		e2e.NewHTTPReadinessProbe(port, "/minio/health/ready", 200, 200),
 		port,
 	)
-	m.SetEnvVars(map[string]string{
-		"MINIO_ACCESS_KEY": MinioAccessKey,
-		"MINIO_SECRET_KEY": MinioSecretKey,
-		"MINIO_BROWSER":    "off",
-		"ENABLE_HTTPS":     "0",
-		// https://docs.min.io/docs/minio-kms-quickstart-guide.html
-		"MINIO_KMS_KES_ENDPOINT":  "https://play.min.io:7373",
-		"MINIO_KMS_KES_KEY_FILE":  "root.key",
-		"MINIO_KMS_KES_CERT_FILE": "root.cert",
-		"MINIO_KMS_KES_KEY_NAME":  "my-minio-key",
-	})
+	envVars["MINIO_ACCESS_KEY"] = MinioAccessKey
+	envVars["MINIO_SECRET_KEY"] = MinioSecretKey
+	envVars["MINIO_BROWSER"] = "off"
+	envVars["ENABLE_HTTPS"] = "0"
+	m.SetEnvVars(envVars)
+	return m
+}
+
+// NewKES returns KES server, used as a local key management store
+func NewKES(port int, serverKeyFile, serverCertFile, rootCertFile string) *e2e.HTTPService {
+	// Run this as a shell command, so sub-shell can evaluate 'identity' of root user.
+	command := fmt.Sprintf("/kes server --addr 0.0.0.0:%d --key=%s --cert=%s --root=$(/kes tool identity of %s) --auth=off --quiet",
+		port, filepath.Join(e2e.ContainerSharedDir, serverKeyFile), filepath.Join(e2e.ContainerSharedDir, serverCertFile), filepath.Join(e2e.ContainerSharedDir, rootCertFile))
+
+	m := e2e.NewHTTPService(
+		"kes",
+		images.KES,
+		e2e.NewCommandWithoutEntrypoint("sh", "-c", command),
+		nil, // KES only supports https calls - TODO make Scenario able to call https or poll plain TCP socket.
+		port,
+	)
 	return m
 }
 
diff --git a/vendor/github.com/cortexproject/cortex/integration/e2e/images/images.go b/vendor/github.com/cortexproject/cortex/integration/e2e/images/images.go
index 88ed766e21e..63deb2fc733 100644
--- a/vendor/github.com/cortexproject/cortex/integration/e2e/images/images.go
+++ b/vendor/github.com/cortexproject/cortex/integration/e2e/images/images.go
@@ -7,7 +7,8 @@ package images
 
 var (
 	Memcached        = "memcached:1.6.1"
-	Minio            = "minio/minio:RELEASE.2019-12-30T05-45-39Z"
+	Minio            = "minio/minio:RELEASE.2021-10-13T00-23-17Z"
+	KES              = "minio/kes:v0.17.1"
 	Consul           = "consul:1.8.4"
 	ETCD             = "gcr.io/etcd-development/etcd:v3.4.7"
 	DynamoDB         = "amazon/dynamodb-local:1.11.477"
diff --git a/vendor/github.com/cortexproject/cortex/integration/e2e/metrics_options.go b/vendor/github.com/cortexproject/cortex/integration/e2e/metrics_options.go
index b609af8ae2e..f52a1634667 100644
--- a/vendor/github.com/cortexproject/cortex/integration/e2e/metrics_options.go
+++ b/vendor/github.com/cortexproject/cortex/integration/e2e/metrics_options.go
@@ -2,7 +2,7 @@ package e2e
 
 import (
 	io_prometheus_client "github.com/prometheus/client_model/go"
-	"github.com/prometheus/prometheus/pkg/labels"
+	"github.com/prometheus/prometheus/model/labels"
 )
 
 var (
diff --git a/vendor/github.com/cortexproject/cortex/integration/e2e/util.go b/vendor/github.com/cortexproject/cortex/integration/e2e/util.go
index a25b7f264e0..4c80c1ab203 100644
--- a/vendor/github.com/cortexproject/cortex/integration/e2e/util.go
+++ b/vendor/github.com/cortexproject/cortex/integration/e2e/util.go
@@ -13,7 +13,7 @@ import (
 	"time"
 
 	"github.com/prometheus/common/model"
-	"github.com/prometheus/prometheus/pkg/labels"
+	"github.com/prometheus/prometheus/model/labels"
 	"github.com/prometheus/prometheus/prompb"
 )
 
diff --git a/vendor/github.com/cortexproject/cortex/pkg/api/handlers.go b/vendor/github.com/cortexproject/cortex/pkg/api/handlers.go
index c4ab2dcabaf..71b38bf38b4 100644
--- a/vendor/github.com/cortexproject/cortex/pkg/api/handlers.go
+++ b/vendor/github.com/cortexproject/cortex/pkg/api/handlers.go
@@ -209,6 +209,7 @@ func NewQuerierHandler(
 		logger,
 		func(context.Context) v1.RulesRetriever { return &querier.DummyRulesRetriever{} },
 		0, 0, 0, // Remote read samples and concurrency limit.
+		false,
 		regexp.MustCompile(".*"),
 		func() (v1.RuntimeInfo, error) { return v1.RuntimeInfo{}, errors.New("not implemented") },
 		&v1.PrometheusVersion{},
diff --git a/vendor/github.com/cortexproject/cortex/pkg/chunk/cache/redis_client.go b/vendor/github.com/cortexproject/cortex/pkg/chunk/cache/redis_client.go
index f887e4ec492..62162cc1214 100644
--- a/vendor/github.com/cortexproject/cortex/pkg/chunk/cache/redis_client.go
+++ b/vendor/github.com/cortexproject/cortex/pkg/chunk/cache/redis_client.go
@@ -94,6 +94,10 @@ func (c *RedisClient) MSet(ctx context.Context, keys []string, values [][]byte)
 		defer cancel()
 	}
 
+	if len(keys) != len(values) {
+		return fmt.Errorf("MSet the length of keys and values not equal, len(keys)=%d, len(values)=%d", len(keys), len(values))
+	}
+
 	pipe := c.rdb.TxPipeline()
 	for i := range keys {
 		pipe.Set(ctx, keys[i], values[i], c.expiration)
diff --git a/vendor/github.com/cortexproject/cortex/pkg/chunk/chunk.go b/vendor/github.com/cortexproject/cortex/pkg/chunk/chunk.go
index b9fde2bd7f2..ebb937c8b4a 100644
--- a/vendor/github.com/cortexproject/cortex/pkg/chunk/chunk.go
+++ b/vendor/github.com/cortexproject/cortex/pkg/chunk/chunk.go
@@ -13,7 +13,7 @@ import (
 	jsoniter "github.com/json-iterator/go"
 	"github.com/pkg/errors"
 	"github.com/prometheus/common/model"
-	"github.com/prometheus/prometheus/pkg/labels"
+	"github.com/prometheus/prometheus/model/labels"
 	errs "github.com/weaveworks/common/errors"
 
 	prom_chunk "github.com/cortexproject/cortex/pkg/chunk/encoding"
diff --git a/vendor/github.com/cortexproject/cortex/pkg/chunk/chunk_store.go b/vendor/github.com/cortexproject/cortex/pkg/chunk/chunk_store.go
index 8850619c1d4..41d8b042b78 100644
--- a/vendor/github.com/cortexproject/cortex/pkg/chunk/chunk_store.go
+++ b/vendor/github.com/cortexproject/cortex/pkg/chunk/chunk_store.go
@@ -14,7 +14,7 @@ import (
 	"github.com/prometheus/client_golang/prometheus"
 	"github.com/prometheus/client_golang/prometheus/promauto"
 	"github.com/prometheus/common/model"
-	"github.com/prometheus/prometheus/pkg/labels"
+	"github.com/prometheus/prometheus/model/labels"
 
 	"github.com/cortexproject/cortex/pkg/chunk/cache"
 	"github.com/cortexproject/cortex/pkg/chunk/encoding"
diff --git a/vendor/github.com/cortexproject/cortex/pkg/chunk/chunk_store_utils.go b/vendor/github.com/cortexproject/cortex/pkg/chunk/chunk_store_utils.go
index 2a4cfcc306a..1b099ff9f6a 100644
--- a/vendor/github.com/cortexproject/cortex/pkg/chunk/chunk_store_utils.go
+++ b/vendor/github.com/cortexproject/cortex/pkg/chunk/chunk_store_utils.go
@@ -6,7 +6,7 @@ import (
 
 	"github.com/go-kit/log/level"
 	"github.com/prometheus/common/model"
-	"github.com/prometheus/prometheus/pkg/labels"
+	"github.com/prometheus/prometheus/model/labels"
 	"github.com/prometheus/prometheus/promql"
 
 	"github.com/cortexproject/cortex/pkg/chunk/cache"
diff --git a/vendor/github.com/cortexproject/cortex/pkg/chunk/composite_store.go b/vendor/github.com/cortexproject/cortex/pkg/chunk/composite_store.go
index 21b1ec02435..074748e9d22 100644
--- a/vendor/github.com/cortexproject/cortex/pkg/chunk/composite_store.go
+++ b/vendor/github.com/cortexproject/cortex/pkg/chunk/composite_store.go
@@ -7,7 +7,7 @@ import (
 	"time"
 
 	"github.com/prometheus/common/model"
-	"github.com/prometheus/prometheus/pkg/labels"
+	"github.com/prometheus/prometheus/model/labels"
 
 	"github.com/cortexproject/cortex/pkg/chunk/cache"
 )
diff --git a/vendor/github.com/cortexproject/cortex/pkg/chunk/fixtures.go b/vendor/github.com/cortexproject/cortex/pkg/chunk/fixtures.go
index d15b0213b0d..2a4c875557a 100644
--- a/vendor/github.com/cortexproject/cortex/pkg/chunk/fixtures.go
+++ b/vendor/github.com/cortexproject/cortex/pkg/chunk/fixtures.go
@@ -7,7 +7,7 @@ import (
 	"time"
 
 	"github.com/prometheus/common/model"
-	"github.com/prometheus/prometheus/pkg/labels"
+	"github.com/prometheus/prometheus/model/labels"
 
 	"github.com/cortexproject/cortex/pkg/util"
 )
diff --git a/vendor/github.com/cortexproject/cortex/pkg/chunk/json_helpers.go b/vendor/github.com/cortexproject/cortex/pkg/chunk/json_helpers.go
index 10ecb5c6f08..831fc5fa389 100644
--- a/vendor/github.com/cortexproject/cortex/pkg/chunk/json_helpers.go
+++ b/vendor/github.com/cortexproject/cortex/pkg/chunk/json_helpers.go
@@ -6,7 +6,7 @@ import (
 
 	jsoniter "github.com/json-iterator/go"
 	"github.com/prometheus/common/model"
-	"github.com/prometheus/prometheus/pkg/labels"
+	"github.com/prometheus/prometheus/model/labels"
 )
 
 func init() {
diff --git a/vendor/github.com/cortexproject/cortex/pkg/chunk/purger/delete_requests_store.go b/vendor/github.com/cortexproject/cortex/pkg/chunk/purger/delete_requests_store.go
index 396c51c053d..f3ec1edbc1f 100644
--- a/vendor/github.com/cortexproject/cortex/pkg/chunk/purger/delete_requests_store.go
+++ b/vendor/github.com/cortexproject/cortex/pkg/chunk/purger/delete_requests_store.go
@@ -15,7 +15,7 @@ import (
 	"github.com/cortexproject/cortex/pkg/chunk"
 
 	"github.com/prometheus/common/model"
-	"github.com/prometheus/prometheus/pkg/labels"
+	"github.com/prometheus/prometheus/model/labels"
 )
 
 type (
diff --git a/vendor/github.com/cortexproject/cortex/pkg/chunk/purger/tombstones.go b/vendor/github.com/cortexproject/cortex/pkg/chunk/purger/tombstones.go
index fe6bcd03c39..00eeeee1d69 100644
--- a/vendor/github.com/cortexproject/cortex/pkg/chunk/purger/tombstones.go
+++ b/vendor/github.com/cortexproject/cortex/pkg/chunk/purger/tombstones.go
@@ -12,7 +12,7 @@ import (
 	"github.com/prometheus/client_golang/prometheus"
 	"github.com/prometheus/client_golang/prometheus/promauto"
 	"github.com/prometheus/common/model"
-	"github.com/prometheus/prometheus/pkg/labels"
+	"github.com/prometheus/prometheus/model/labels"
 	"github.com/prometheus/prometheus/promql/parser"
 
 	util_log "github.com/cortexproject/cortex/pkg/util/log"
diff --git a/vendor/github.com/cortexproject/cortex/pkg/chunk/schema.go b/vendor/github.com/cortexproject/cortex/pkg/chunk/schema.go
index 34972de9a93..bdb46e265b1 100644
--- a/vendor/github.com/cortexproject/cortex/pkg/chunk/schema.go
+++ b/vendor/github.com/cortexproject/cortex/pkg/chunk/schema.go
@@ -11,7 +11,7 @@ import (
 	"github.com/go-kit/log/level"
 	jsoniter "github.com/json-iterator/go"
 	"github.com/prometheus/common/model"
-	"github.com/prometheus/prometheus/pkg/labels"
+	"github.com/prometheus/prometheus/model/labels"
 
 	"github.com/cortexproject/cortex/pkg/querier/astmapper"
 	util_log "github.com/cortexproject/cortex/pkg/util/log"
diff --git a/vendor/github.com/cortexproject/cortex/pkg/chunk/schema_util.go b/vendor/github.com/cortexproject/cortex/pkg/chunk/schema_util.go
index 2bb8eecb054..9d20e411095 100644
--- a/vendor/github.com/cortexproject/cortex/pkg/chunk/schema_util.go
+++ b/vendor/github.com/cortexproject/cortex/pkg/chunk/schema_util.go
@@ -14,7 +14,7 @@ import (
 
 	"github.com/pkg/errors"
 	"github.com/prometheus/common/model"
-	"github.com/prometheus/prometheus/pkg/labels"
+	"github.com/prometheus/prometheus/model/labels"
 )
 
 // Backwards-compatible with model.Metric.String()
diff --git a/vendor/github.com/cortexproject/cortex/pkg/chunk/series_store.go b/vendor/github.com/cortexproject/cortex/pkg/chunk/series_store.go
index c7af41b4bf6..8add914e1d0 100644
--- a/vendor/github.com/cortexproject/cortex/pkg/chunk/series_store.go
+++ b/vendor/github.com/cortexproject/cortex/pkg/chunk/series_store.go
@@ -11,7 +11,7 @@ import (
 	"github.com/prometheus/client_golang/prometheus"
 	"github.com/prometheus/client_golang/prometheus/promauto"
 	"github.com/prometheus/common/model"
-	"github.com/prometheus/prometheus/pkg/labels"
+	"github.com/prometheus/prometheus/model/labels"
 
 	"github.com/cortexproject/cortex/pkg/chunk/cache"
 	"github.com/cortexproject/cortex/pkg/querier/astmapper"
diff --git a/vendor/github.com/cortexproject/cortex/pkg/chunk/testutils/testutils.go b/vendor/github.com/cortexproject/cortex/pkg/chunk/testutils/testutils.go
index d7e43c49fa9..b1e0b043fad 100644
--- a/vendor/github.com/cortexproject/cortex/pkg/chunk/testutils/testutils.go
+++ b/vendor/github.com/cortexproject/cortex/pkg/chunk/testutils/testutils.go
@@ -8,7 +8,7 @@ import (
 
 	"github.com/grafana/dskit/flagext"
 	"github.com/prometheus/common/model"
-	"github.com/prometheus/prometheus/pkg/labels"
+	"github.com/prometheus/prometheus/model/labels"
 
 	"github.com/cortexproject/cortex/pkg/chunk"
 	"github.com/cortexproject/cortex/pkg/chunk/cache"
diff --git a/vendor/github.com/cortexproject/cortex/pkg/configs/legacy_promql/ast.go b/vendor/github.com/cortexproject/cortex/pkg/configs/legacy_promql/ast.go
index 5e1f2989f72..ca116575379 100644
--- a/vendor/github.com/cortexproject/cortex/pkg/configs/legacy_promql/ast.go
+++ b/vendor/github.com/cortexproject/cortex/pkg/configs/legacy_promql/ast.go
@@ -17,7 +17,7 @@ import (
 	"fmt"
 	"time"
 
-	"github.com/prometheus/prometheus/pkg/labels"
+	"github.com/prometheus/prometheus/model/labels"
 	"github.com/prometheus/prometheus/storage"
 )
 
diff --git a/vendor/github.com/cortexproject/cortex/pkg/configs/legacy_promql/engine.go b/vendor/github.com/cortexproject/cortex/pkg/configs/legacy_promql/engine.go
index d1c1c1e3679..6b846c608a0 100644
--- a/vendor/github.com/cortexproject/cortex/pkg/configs/legacy_promql/engine.go
+++ b/vendor/github.com/cortexproject/cortex/pkg/configs/legacy_promql/engine.go
@@ -29,9 +29,9 @@ import (
 	"github.com/go-kit/log/level"
 	opentracing "github.com/opentracing/opentracing-go"
 	"github.com/prometheus/client_golang/prometheus"
-	"github.com/prometheus/prometheus/pkg/labels"
-	"github.com/prometheus/prometheus/pkg/timestamp"
-	"github.com/prometheus/prometheus/pkg/value"
+	"github.com/prometheus/prometheus/model/labels"
+	"github.com/prometheus/prometheus/model/timestamp"
+	"github.com/prometheus/prometheus/model/value"
 	"github.com/prometheus/prometheus/storage"
 
 	"github.com/prometheus/prometheus/util/stats"
diff --git a/vendor/github.com/cortexproject/cortex/pkg/configs/legacy_promql/functions.go b/vendor/github.com/cortexproject/cortex/pkg/configs/legacy_promql/functions.go
index c40c5eae486..d5c53b9f5e6 100644
--- a/vendor/github.com/cortexproject/cortex/pkg/configs/legacy_promql/functions.go
+++ b/vendor/github.com/cortexproject/cortex/pkg/configs/legacy_promql/functions.go
@@ -23,7 +23,7 @@ import (
 	"time"
 
 	"github.com/prometheus/common/model"
-	"github.com/prometheus/prometheus/pkg/labels"
+	"github.com/prometheus/prometheus/model/labels"
 )
 
 // Function represents a function of the expression language and is
diff --git a/vendor/github.com/cortexproject/cortex/pkg/configs/legacy_promql/fuzz.go b/vendor/github.com/cortexproject/cortex/pkg/configs/legacy_promql/fuzz.go
index e54d3e8f796..ecddaf799b2 100644
--- a/vendor/github.com/cortexproject/cortex/pkg/configs/legacy_promql/fuzz.go
+++ b/vendor/github.com/cortexproject/cortex/pkg/configs/legacy_promql/fuzz.go
@@ -17,7 +17,7 @@
 
 package promql
 
-import "github.com/prometheus/prometheus/pkg/textparse"
+import "github.com/prometheus/prometheus/model/textparse"
 
 // PromQL parser fuzzing instrumentation for use with
 // https://github.com/dvyukov/go-fuzz.
diff --git a/vendor/github.com/cortexproject/cortex/pkg/configs/legacy_promql/parse.go b/vendor/github.com/cortexproject/cortex/pkg/configs/legacy_promql/parse.go
index 416af3c23ba..86a01d41ecf 100644
--- a/vendor/github.com/cortexproject/cortex/pkg/configs/legacy_promql/parse.go
+++ b/vendor/github.com/cortexproject/cortex/pkg/configs/legacy_promql/parse.go
@@ -24,8 +24,8 @@ import (
 	"time"
 
 	"github.com/prometheus/common/model"
-	"github.com/prometheus/prometheus/pkg/labels"
-	"github.com/prometheus/prometheus/pkg/value"
+	"github.com/prometheus/prometheus/model/labels"
+	"github.com/prometheus/prometheus/model/value"
 
 	"github.com/prometheus/prometheus/util/strutil"
 )
diff --git a/vendor/github.com/cortexproject/cortex/pkg/configs/legacy_promql/printer.go b/vendor/github.com/cortexproject/cortex/pkg/configs/legacy_promql/printer.go
index 563adbe7578..417f3458fee 100644
--- a/vendor/github.com/cortexproject/cortex/pkg/configs/legacy_promql/printer.go
+++ b/vendor/github.com/cortexproject/cortex/pkg/configs/legacy_promql/printer.go
@@ -20,7 +20,7 @@ import (
 	"time"
 
 	"github.com/prometheus/common/model"
-	"github.com/prometheus/prometheus/pkg/labels"
+	"github.com/prometheus/prometheus/model/labels"
 )
 
 // Tree returns a string of the tree structure of the given node.
diff --git a/vendor/github.com/cortexproject/cortex/pkg/configs/legacy_promql/quantile.go b/vendor/github.com/cortexproject/cortex/pkg/configs/legacy_promql/quantile.go
index 28d78f4c47e..420afd3eb0e 100644
--- a/vendor/github.com/cortexproject/cortex/pkg/configs/legacy_promql/quantile.go
+++ b/vendor/github.com/cortexproject/cortex/pkg/configs/legacy_promql/quantile.go
@@ -17,7 +17,7 @@ import (
 	"math"
 	"sort"
 
-	"github.com/prometheus/prometheus/pkg/labels"
+	"github.com/prometheus/prometheus/model/labels"
 )
 
 // Helpers to calculate quantiles.
diff --git a/vendor/github.com/cortexproject/cortex/pkg/configs/legacy_promql/test.go b/vendor/github.com/cortexproject/cortex/pkg/configs/legacy_promql/test.go
index 5e31b520016..1c823d78b89 100644
--- a/vendor/github.com/cortexproject/cortex/pkg/configs/legacy_promql/test.go
+++ b/vendor/github.com/cortexproject/cortex/pkg/configs/legacy_promql/test.go
@@ -26,7 +26,7 @@ import (
 
 	"github.com/prometheus/common/model"
 
-	"github.com/prometheus/prometheus/pkg/labels"
+	"github.com/prometheus/prometheus/model/labels"
 	"github.com/prometheus/prometheus/storage"
 	"github.com/prometheus/prometheus/tsdb"
 	"github.com/prometheus/prometheus/util/testutil"
diff --git a/vendor/github.com/cortexproject/cortex/pkg/configs/legacy_promql/value.go b/vendor/github.com/cortexproject/cortex/pkg/configs/legacy_promql/value.go
index fe902cd23a3..d7fc473ee2a 100644
--- a/vendor/github.com/cortexproject/cortex/pkg/configs/legacy_promql/value.go
+++ b/vendor/github.com/cortexproject/cortex/pkg/configs/legacy_promql/value.go
@@ -19,7 +19,7 @@ import (
 	"strconv"
 	"strings"
 
-	"github.com/prometheus/prometheus/pkg/labels"
+	"github.com/prometheus/prometheus/model/labels"
 )
 
 // Value is a generic interface for values resulting from a query evaluation.
diff --git a/vendor/github.com/cortexproject/cortex/pkg/configs/userconfig/config.go b/vendor/github.com/cortexproject/cortex/pkg/configs/userconfig/config.go
index eb8bff4fb3e..a0ae537314f 100644
--- a/vendor/github.com/cortexproject/cortex/pkg/configs/userconfig/config.go
+++ b/vendor/github.com/cortexproject/cortex/pkg/configs/userconfig/config.go
@@ -5,16 +5,14 @@ import (
 	"fmt"
 	"time"
 
-	"github.com/pkg/errors"
-
-	"gopkg.in/yaml.v3"
-
 	"github.com/go-kit/log"
+	"github.com/pkg/errors"
 	"github.com/prometheus/common/model"
-	"github.com/prometheus/prometheus/pkg/labels"
-	"github.com/prometheus/prometheus/pkg/rulefmt"
+	"github.com/prometheus/prometheus/model/labels"
+	"github.com/prometheus/prometheus/model/rulefmt"
 	"github.com/prometheus/prometheus/promql/parser"
 	"github.com/prometheus/prometheus/rules"
+	"gopkg.in/yaml.v3"
 
 	legacy_promql "github.com/cortexproject/cortex/pkg/configs/legacy_promql"
 	util_log "github.com/cortexproject/cortex/pkg/util/log"
diff --git a/vendor/github.com/cortexproject/cortex/pkg/cortexpb/compat.go b/vendor/github.com/cortexproject/cortex/pkg/cortexpb/compat.go
index 9f2c655e2dc..2a34fd0a7bc 100644
--- a/vendor/github.com/cortexproject/cortex/pkg/cortexpb/compat.go
+++ b/vendor/github.com/cortexproject/cortex/pkg/cortexpb/compat.go
@@ -12,9 +12,9 @@ import (
 
 	jsoniter "github.com/json-iterator/go"
 	"github.com/prometheus/common/model"
-	"github.com/prometheus/prometheus/pkg/exemplar"
-	"github.com/prometheus/prometheus/pkg/labels"
-	"github.com/prometheus/prometheus/pkg/textparse"
+	"github.com/prometheus/prometheus/model/exemplar"
+	"github.com/prometheus/prometheus/model/labels"
+	"github.com/prometheus/prometheus/model/textparse"
 
 	"github.com/cortexproject/cortex/pkg/util"
 )
diff --git a/vendor/github.com/cortexproject/cortex/pkg/cortexpb/timeseries.go b/vendor/github.com/cortexproject/cortex/pkg/cortexpb/timeseries.go
index 3d019975186..5f2a9788bf8 100644
--- a/vendor/github.com/cortexproject/cortex/pkg/cortexpb/timeseries.go
+++ b/vendor/github.com/cortexproject/cortex/pkg/cortexpb/timeseries.go
@@ -8,7 +8,7 @@ import (
 	"sync"
 	"unsafe"
 
-	"github.com/prometheus/prometheus/pkg/labels"
+	"github.com/prometheus/prometheus/model/labels"
 )
 
 var (
diff --git a/vendor/github.com/cortexproject/cortex/pkg/distributor/distributor.go b/vendor/github.com/cortexproject/cortex/pkg/distributor/distributor.go
index 8bd5cdc9927..edc959ed99e 100644
--- a/vendor/github.com/cortexproject/cortex/pkg/distributor/distributor.go
+++ b/vendor/github.com/cortexproject/cortex/pkg/distributor/distributor.go
@@ -20,8 +20,8 @@ import (
 	"github.com/prometheus/client_golang/prometheus"
 	"github.com/prometheus/client_golang/prometheus/promauto"
 	"github.com/prometheus/common/model"
-	"github.com/prometheus/prometheus/pkg/labels"
-	"github.com/prometheus/prometheus/pkg/relabel"
+	"github.com/prometheus/prometheus/model/labels"
+	"github.com/prometheus/prometheus/model/relabel"
 	"github.com/prometheus/prometheus/scrape"
 	"github.com/weaveworks/common/httpgrpc"
 	"github.com/weaveworks/common/instrument"
diff --git a/vendor/github.com/cortexproject/cortex/pkg/distributor/ha_tracker.go b/vendor/github.com/cortexproject/cortex/pkg/distributor/ha_tracker.go
index 8475fac285f..5e7d6d421c1 100644
--- a/vendor/github.com/cortexproject/cortex/pkg/distributor/ha_tracker.go
+++ b/vendor/github.com/cortexproject/cortex/pkg/distributor/ha_tracker.go
@@ -18,7 +18,7 @@ import (
 	"github.com/grafana/dskit/services"
 	"github.com/prometheus/client_golang/prometheus"
 	"github.com/prometheus/client_golang/prometheus/promauto"
-	"github.com/prometheus/prometheus/pkg/timestamp"
+	"github.com/prometheus/prometheus/model/timestamp"
 
 	"github.com/cortexproject/cortex/pkg/cortexpb"
 	"github.com/cortexproject/cortex/pkg/util"
diff --git a/vendor/github.com/cortexproject/cortex/pkg/distributor/ha_tracker_http.go b/vendor/github.com/cortexproject/cortex/pkg/distributor/ha_tracker_http.go
index 9216cf04d55..8eb430f0155 100644
--- a/vendor/github.com/cortexproject/cortex/pkg/distributor/ha_tracker_http.go
+++ b/vendor/github.com/cortexproject/cortex/pkg/distributor/ha_tracker_http.go
@@ -7,7 +7,7 @@ import (
 	"strings"
 	"time"
 
-	"github.com/prometheus/prometheus/pkg/timestamp"
+	"github.com/prometheus/prometheus/model/timestamp"
 
 	"github.com/cortexproject/cortex/pkg/util"
 )
diff --git a/vendor/github.com/cortexproject/cortex/pkg/distributor/query.go b/vendor/github.com/cortexproject/cortex/pkg/distributor/query.go
index 72f2e039553..da22f35187b 100644
--- a/vendor/github.com/cortexproject/cortex/pkg/distributor/query.go
+++ b/vendor/github.com/cortexproject/cortex/pkg/distributor/query.go
@@ -10,7 +10,7 @@ import (
 	"github.com/grafana/dskit/ring"
 	"github.com/opentracing/opentracing-go"
 	"github.com/prometheus/common/model"
-	"github.com/prometheus/prometheus/pkg/labels"
+	"github.com/prometheus/prometheus/model/labels"
 	"github.com/weaveworks/common/instrument"
 
 	"github.com/cortexproject/cortex/pkg/cortexpb"
@@ -251,7 +251,10 @@ func (d *Distributor) queryIngestersExemplars(ctx context.Context, replicationSe
 		return nil, err
 	}
 
-	// Merge results from replication set.
+	return mergeExemplarQueryResponses(results), nil
+}
+
+func mergeExemplarQueryResponses(results []interface{}) *ingester_client.ExemplarQueryResponse {
 	var keys []string
 	exemplarResults := make(map[string]cortexpb.TimeSeries)
 	for _, result := range results {
@@ -262,9 +265,11 @@ func (d *Distributor) queryIngestersExemplars(ctx context.Context, replicationSe
 			if !ok {
 				exemplarResults[lbls] = ts
 				keys = append(keys, lbls)
+			} else {
+				// Merge in any missing values from another ingesters exemplars for this series.
+				e.Exemplars = mergeExemplarSets(e.Exemplars, ts.Exemplars)
+				exemplarResults[lbls] = e
 			}
-			// Merge in any missing values from another ingesters exemplars for this series.
-			e.Exemplars = mergeExemplarSets(e.Exemplars, ts.Exemplars)
 		}
 	}
 
@@ -276,7 +281,7 @@ func (d *Distributor) queryIngestersExemplars(ctx context.Context, replicationSe
 		result[i] = exemplarResults[k]
 	}
 
-	return &ingester_client.ExemplarQueryResponse{Timeseries: result}, nil
+	return &ingester_client.ExemplarQueryResponse{Timeseries: result}
 }
 
 // queryIngesterStream queries the ingesters using the new streaming API.
diff --git a/vendor/github.com/cortexproject/cortex/pkg/ingester/active_series.go b/vendor/github.com/cortexproject/cortex/pkg/ingester/active_series.go
index 4721825eb78..6b7655364ab 100644
--- a/vendor/github.com/cortexproject/cortex/pkg/ingester/active_series.go
+++ b/vendor/github.com/cortexproject/cortex/pkg/ingester/active_series.go
@@ -8,7 +8,7 @@ import (
 
 	"github.com/cespare/xxhash"
 	"github.com/prometheus/common/model"
-	"github.com/prometheus/prometheus/pkg/labels"
+	"github.com/prometheus/prometheus/model/labels"
 	"go.uber.org/atomic"
 
 	"github.com/cortexproject/cortex/pkg/util"
diff --git a/vendor/github.com/cortexproject/cortex/pkg/ingester/client/compat.go b/vendor/github.com/cortexproject/cortex/pkg/ingester/client/compat.go
index 7350adcd3b2..12571cf7743 100644
--- a/vendor/github.com/cortexproject/cortex/pkg/ingester/client/compat.go
+++ b/vendor/github.com/cortexproject/cortex/pkg/ingester/client/compat.go
@@ -4,7 +4,7 @@ import (
 	"fmt"
 
 	"github.com/prometheus/common/model"
-	"github.com/prometheus/prometheus/pkg/labels"
+	"github.com/prometheus/prometheus/model/labels"
 
 	"github.com/cortexproject/cortex/pkg/cortexpb"
 )
diff --git a/vendor/github.com/cortexproject/cortex/pkg/ingester/errors.go b/vendor/github.com/cortexproject/cortex/pkg/ingester/errors.go
index c08cefeb433..febdc1b4f03 100644
--- a/vendor/github.com/cortexproject/cortex/pkg/ingester/errors.go
+++ b/vendor/github.com/cortexproject/cortex/pkg/ingester/errors.go
@@ -4,7 +4,7 @@ import (
 	"fmt"
 	"net/http"
 
-	"github.com/prometheus/prometheus/pkg/labels"
+	"github.com/prometheus/prometheus/model/labels"
 	"github.com/weaveworks/common/httpgrpc"
 )
 
diff --git a/vendor/github.com/cortexproject/cortex/pkg/ingester/flush.go b/vendor/github.com/cortexproject/cortex/pkg/ingester/flush.go
index d4010eddca9..b79e008091a 100644
--- a/vendor/github.com/cortexproject/cortex/pkg/ingester/flush.go
+++ b/vendor/github.com/cortexproject/cortex/pkg/ingester/flush.go
@@ -9,7 +9,7 @@ import (
 	"github.com/go-kit/log/level"
 	ot "github.com/opentracing/opentracing-go"
 	"github.com/prometheus/common/model"
-	"github.com/prometheus/prometheus/pkg/labels"
+	"github.com/prometheus/prometheus/model/labels"
 	"golang.org/x/time/rate"
 
 	"github.com/cortexproject/cortex/pkg/chunk"
diff --git a/vendor/github.com/cortexproject/cortex/pkg/ingester/index/index.go b/vendor/github.com/cortexproject/cortex/pkg/ingester/index/index.go
index 00fd1bc4d8f..09d9d84eeab 100644
--- a/vendor/github.com/cortexproject/cortex/pkg/ingester/index/index.go
+++ b/vendor/github.com/cortexproject/cortex/pkg/ingester/index/index.go
@@ -6,7 +6,7 @@ import (
 	"unsafe"
 
 	"github.com/prometheus/common/model"
-	"github.com/prometheus/prometheus/pkg/labels"
+	"github.com/prometheus/prometheus/model/labels"
 
 	"github.com/cortexproject/cortex/pkg/chunk"
 	"github.com/cortexproject/cortex/pkg/cortexpb"
diff --git a/vendor/github.com/cortexproject/cortex/pkg/ingester/ingester.go b/vendor/github.com/cortexproject/cortex/pkg/ingester/ingester.go
index 3b34a2e1a5c..3295e0e8a1d 100644
--- a/vendor/github.com/cortexproject/cortex/pkg/ingester/ingester.go
+++ b/vendor/github.com/cortexproject/cortex/pkg/ingester/ingester.go
@@ -18,7 +18,8 @@ import (
 	"github.com/pkg/errors"
 	"github.com/prometheus/client_golang/prometheus"
 	"github.com/prometheus/common/model"
-	"github.com/prometheus/prometheus/pkg/labels"
+	"github.com/prometheus/prometheus/model/labels"
+	"github.com/prometheus/prometheus/tsdb/chunks"
 	tsdb_record "github.com/prometheus/prometheus/tsdb/record"
 	"github.com/weaveworks/common/httpgrpc"
 	"go.uber.org/atomic"
@@ -642,7 +643,7 @@ func (i *Ingester) append(ctx context.Context, userID string, labels labelPairs,
 
 	if record != nil {
 		record.Samples = append(record.Samples, tsdb_record.RefSample{
-			Ref: uint64(fp),
+			Ref: chunks.HeadSeriesRef(fp),
 			T:   int64(timestamp),
 			V:   float64(value),
 		})
diff --git a/vendor/github.com/cortexproject/cortex/pkg/ingester/ingester_v2.go b/vendor/github.com/cortexproject/cortex/pkg/ingester/ingester_v2.go
index 416750d8179..fa906578f00 100644
--- a/vendor/github.com/cortexproject/cortex/pkg/ingester/ingester_v2.go
+++ b/vendor/github.com/cortexproject/cortex/pkg/ingester/ingester_v2.go
@@ -21,8 +21,8 @@ import (
 	"github.com/prometheus/client_golang/prometheus"
 	"github.com/prometheus/client_golang/prometheus/promauto"
 	"github.com/prometheus/common/model"
-	"github.com/prometheus/prometheus/pkg/exemplar"
-	"github.com/prometheus/prometheus/pkg/labels"
+	"github.com/prometheus/prometheus/model/exemplar"
+	"github.com/prometheus/prometheus/model/labels"
 	"github.com/prometheus/prometheus/storage"
 	"github.com/prometheus/prometheus/tsdb"
 	"github.com/prometheus/prometheus/tsdb/chunkenc"
diff --git a/vendor/github.com/cortexproject/cortex/pkg/ingester/label_pairs.go b/vendor/github.com/cortexproject/cortex/pkg/ingester/label_pairs.go
index 27ffcaa0878..bd0e8af632b 100644
--- a/vendor/github.com/cortexproject/cortex/pkg/ingester/label_pairs.go
+++ b/vendor/github.com/cortexproject/cortex/pkg/ingester/label_pairs.go
@@ -5,7 +5,7 @@ import (
 	"strings"
 
 	"github.com/prometheus/common/model"
-	"github.com/prometheus/prometheus/pkg/labels"
+	"github.com/prometheus/prometheus/model/labels"
 
 	"github.com/cortexproject/cortex/pkg/cortexpb"
 	"github.com/cortexproject/cortex/pkg/util/extract"
diff --git a/vendor/github.com/cortexproject/cortex/pkg/ingester/series.go b/vendor/github.com/cortexproject/cortex/pkg/ingester/series.go
index 35707284ca2..a5dfcacde47 100644
--- a/vendor/github.com/cortexproject/cortex/pkg/ingester/series.go
+++ b/vendor/github.com/cortexproject/cortex/pkg/ingester/series.go
@@ -6,8 +6,8 @@ import (
 
 	"github.com/prometheus/client_golang/prometheus"
 	"github.com/prometheus/common/model"
-	"github.com/prometheus/prometheus/pkg/labels"
-	"github.com/prometheus/prometheus/pkg/value"
+	"github.com/prometheus/prometheus/model/labels"
+	"github.com/prometheus/prometheus/model/value"
 
 	"github.com/cortexproject/cortex/pkg/chunk/encoding"
 	"github.com/cortexproject/cortex/pkg/prom1/storage/metric"
diff --git a/vendor/github.com/cortexproject/cortex/pkg/ingester/user_metrics_metadata.go b/vendor/github.com/cortexproject/cortex/pkg/ingester/user_metrics_metadata.go
index 11fe0d9828c..8c4156f3b62 100644
--- a/vendor/github.com/cortexproject/cortex/pkg/ingester/user_metrics_metadata.go
+++ b/vendor/github.com/cortexproject/cortex/pkg/ingester/user_metrics_metadata.go
@@ -4,7 +4,7 @@ import (
 	"sync"
 	"time"
 
-	"github.com/prometheus/prometheus/pkg/labels"
+	"github.com/prometheus/prometheus/model/labels"
 
 	"github.com/cortexproject/cortex/pkg/cortexpb"
 	"github.com/cortexproject/cortex/pkg/util/validation"
diff --git a/vendor/github.com/cortexproject/cortex/pkg/ingester/user_state.go b/vendor/github.com/cortexproject/cortex/pkg/ingester/user_state.go
index b1ac25f4a30..685dd54f38a 100644
--- a/vendor/github.com/cortexproject/cortex/pkg/ingester/user_state.go
+++ b/vendor/github.com/cortexproject/cortex/pkg/ingester/user_state.go
@@ -10,7 +10,8 @@ import (
 	"github.com/go-kit/log/level"
 	"github.com/prometheus/client_golang/prometheus"
 	"github.com/prometheus/common/model"
-	"github.com/prometheus/prometheus/pkg/labels"
+	"github.com/prometheus/prometheus/model/labels"
+	"github.com/prometheus/prometheus/tsdb/chunks"
 	tsdb_record "github.com/prometheus/prometheus/tsdb/record"
 	"github.com/segmentio/fasthash/fnv1a"
 	"github.com/weaveworks/common/httpgrpc"
@@ -258,7 +259,7 @@ func (u *userState) createSeriesWithFingerprint(fp model.Fingerprint, metric lab
 			lbls = append(lbls, labels.Label(m))
 		}
 		record.Series = append(record.Series, tsdb_record.RefSeries{
-			Ref:    uint64(fp),
+			Ref:    chunks.HeadSeriesRef(fp),
 			Labels: lbls,
 		})
 	}
diff --git a/vendor/github.com/cortexproject/cortex/pkg/ingester/wal.go b/vendor/github.com/cortexproject/cortex/pkg/ingester/wal.go
index 25d0cf18ee0..d714294be7e 100644
--- a/vendor/github.com/cortexproject/cortex/pkg/ingester/wal.go
+++ b/vendor/github.com/cortexproject/cortex/pkg/ingester/wal.go
@@ -916,7 +916,7 @@ Loop:
 			}
 
 			for _, sam := range walRecordSamples[:m] {
-				mod := sam.Ref % uint64(params.numWorkers)
+				mod := uint64(sam.Ref) % uint64(params.numWorkers)
 				shards[mod].samples = append(shards[mod].samples, sam)
 			}
 
@@ -968,7 +968,7 @@ func processWALSamples(userStates *userStates, stateCache map[string]*userState,
 		}
 		sc := seriesCache[samples.userID]
 		for i := range samples.samples {
-			series, ok := sc[samples.samples[i].Ref]
+			series, ok := sc[uint64(samples.samples[i].Ref)]
 			if !ok {
 				series, ok = state.fpToSeries.get(model.Fingerprint(samples.samples[i].Ref))
 				if !ok {
diff --git a/vendor/github.com/cortexproject/cortex/pkg/querier/astmapper/embedded.go b/vendor/github.com/cortexproject/cortex/pkg/querier/astmapper/embedded.go
index ebca313262a..6e782ead1fe 100644
--- a/vendor/github.com/cortexproject/cortex/pkg/querier/astmapper/embedded.go
+++ b/vendor/github.com/cortexproject/cortex/pkg/querier/astmapper/embedded.go
@@ -3,7 +3,7 @@ package astmapper
 import (
 	"encoding/json"
 
-	"github.com/prometheus/prometheus/pkg/labels"
+	"github.com/prometheus/prometheus/model/labels"
 	"github.com/prometheus/prometheus/promql/parser"
 )
 
diff --git a/vendor/github.com/cortexproject/cortex/pkg/querier/astmapper/shard_summer.go b/vendor/github.com/cortexproject/cortex/pkg/querier/astmapper/shard_summer.go
index 726ed3bc4f4..50a276a9029 100644
--- a/vendor/github.com/cortexproject/cortex/pkg/querier/astmapper/shard_summer.go
+++ b/vendor/github.com/cortexproject/cortex/pkg/querier/astmapper/shard_summer.go
@@ -8,7 +8,7 @@ import (
 
 	"github.com/pkg/errors"
 	"github.com/prometheus/client_golang/prometheus"
-	"github.com/prometheus/prometheus/pkg/labels"
+	"github.com/prometheus/prometheus/model/labels"
 	"github.com/prometheus/prometheus/promql/parser"
 )
 
diff --git a/vendor/github.com/cortexproject/cortex/pkg/querier/block.go b/vendor/github.com/cortexproject/cortex/pkg/querier/block.go
index 489d1ef2b1a..ec7c4c14183 100644
--- a/vendor/github.com/cortexproject/cortex/pkg/querier/block.go
+++ b/vendor/github.com/cortexproject/cortex/pkg/querier/block.go
@@ -5,7 +5,7 @@ import (
 	"sort"
 
 	"github.com/pkg/errors"
-	"github.com/prometheus/prometheus/pkg/labels"
+	"github.com/prometheus/prometheus/model/labels"
 	"github.com/prometheus/prometheus/storage"
 	"github.com/prometheus/prometheus/tsdb/chunkenc"
 	"github.com/thanos-io/thanos/pkg/store/labelpb"
diff --git a/vendor/github.com/cortexproject/cortex/pkg/querier/blocks_store_queryable.go b/vendor/github.com/cortexproject/cortex/pkg/querier/blocks_store_queryable.go
index 0447762ee03..01905687e50 100644
--- a/vendor/github.com/cortexproject/cortex/pkg/querier/blocks_store_queryable.go
+++ b/vendor/github.com/cortexproject/cortex/pkg/querier/blocks_store_queryable.go
@@ -19,7 +19,7 @@ import (
 	"github.com/pkg/errors"
 	"github.com/prometheus/client_golang/prometheus"
 	"github.com/prometheus/client_golang/prometheus/promauto"
-	"github.com/prometheus/prometheus/pkg/labels"
+	"github.com/prometheus/prometheus/model/labels"
 	"github.com/prometheus/prometheus/storage"
 	"github.com/thanos-io/thanos/pkg/block"
 	"github.com/thanos-io/thanos/pkg/extprom"
diff --git a/vendor/github.com/cortexproject/cortex/pkg/querier/chunk_store_queryable.go b/vendor/github.com/cortexproject/cortex/pkg/querier/chunk_store_queryable.go
index 9e0f79da3d5..8c97f9eee75 100644
--- a/vendor/github.com/cortexproject/cortex/pkg/querier/chunk_store_queryable.go
+++ b/vendor/github.com/cortexproject/cortex/pkg/querier/chunk_store_queryable.go
@@ -4,7 +4,7 @@ import (
 	"context"
 
 	"github.com/prometheus/common/model"
-	"github.com/prometheus/prometheus/pkg/labels"
+	"github.com/prometheus/prometheus/model/labels"
 	"github.com/prometheus/prometheus/storage"
 	"github.com/prometheus/prometheus/tsdb/chunkenc"
 
diff --git a/vendor/github.com/cortexproject/cortex/pkg/querier/chunkstore/chunkstore.go b/vendor/github.com/cortexproject/cortex/pkg/querier/chunkstore/chunkstore.go
index 754ae0a9544..647ef6a28e4 100644
--- a/vendor/github.com/cortexproject/cortex/pkg/querier/chunkstore/chunkstore.go
+++ b/vendor/github.com/cortexproject/cortex/pkg/querier/chunkstore/chunkstore.go
@@ -4,7 +4,7 @@ import (
 	"context"
 
 	"github.com/prometheus/common/model"
-	"github.com/prometheus/prometheus/pkg/labels"
+	"github.com/prometheus/prometheus/model/labels"
 
 	"github.com/cortexproject/cortex/pkg/chunk"
 )
diff --git a/vendor/github.com/cortexproject/cortex/pkg/querier/distributor_queryable.go b/vendor/github.com/cortexproject/cortex/pkg/querier/distributor_queryable.go
index c268268ba7f..93f4de52421 100644
--- a/vendor/github.com/cortexproject/cortex/pkg/querier/distributor_queryable.go
+++ b/vendor/github.com/cortexproject/cortex/pkg/querier/distributor_queryable.go
@@ -7,8 +7,8 @@ import (
 
 	"github.com/go-kit/log/level"
 	"github.com/prometheus/common/model"
-	"github.com/prometheus/prometheus/pkg/exemplar"
-	"github.com/prometheus/prometheus/pkg/labels"
+	"github.com/prometheus/prometheus/model/exemplar"
+	"github.com/prometheus/prometheus/model/labels"
 	"github.com/prometheus/prometheus/scrape"
 	"github.com/prometheus/prometheus/storage"
 
diff --git a/vendor/github.com/cortexproject/cortex/pkg/querier/error_translate_queryable.go b/vendor/github.com/cortexproject/cortex/pkg/querier/error_translate_queryable.go
index 1225690c12b..95f006b7ad2 100644
--- a/vendor/github.com/cortexproject/cortex/pkg/querier/error_translate_queryable.go
+++ b/vendor/github.com/cortexproject/cortex/pkg/querier/error_translate_queryable.go
@@ -5,7 +5,7 @@ import (
 
 	"github.com/gogo/status"
 	"github.com/pkg/errors"
-	"github.com/prometheus/prometheus/pkg/labels"
+	"github.com/prometheus/prometheus/model/labels"
 	"github.com/prometheus/prometheus/promql"
 	"github.com/prometheus/prometheus/storage"
 
diff --git a/vendor/github.com/cortexproject/cortex/pkg/querier/lazyquery/lazyquery.go b/vendor/github.com/cortexproject/cortex/pkg/querier/lazyquery/lazyquery.go
index 1ca6f4c2b5e..6bdaf4d899d 100644
--- a/vendor/github.com/cortexproject/cortex/pkg/querier/lazyquery/lazyquery.go
+++ b/vendor/github.com/cortexproject/cortex/pkg/querier/lazyquery/lazyquery.go
@@ -5,7 +5,7 @@ import (
 	"fmt"
 
 	"github.com/prometheus/common/model"
-	"github.com/prometheus/prometheus/pkg/labels"
+	"github.com/prometheus/prometheus/model/labels"
 	"github.com/prometheus/prometheus/storage"
 
 	"github.com/cortexproject/cortex/pkg/chunk"
diff --git a/vendor/github.com/cortexproject/cortex/pkg/querier/querier.go b/vendor/github.com/cortexproject/cortex/pkg/querier/querier.go
index e4ab7783b30..73e449b4ee4 100644
--- a/vendor/github.com/cortexproject/cortex/pkg/querier/querier.go
+++ b/vendor/github.com/cortexproject/cortex/pkg/querier/querier.go
@@ -14,7 +14,7 @@ import (
 	"github.com/grafana/dskit/flagext"
 	"github.com/prometheus/client_golang/prometheus"
 	"github.com/prometheus/common/model"
-	"github.com/prometheus/prometheus/pkg/labels"
+	"github.com/prometheus/prometheus/model/labels"
 	"github.com/prometheus/prometheus/promql"
 	"github.com/prometheus/prometheus/storage"
 	"github.com/thanos-io/thanos/pkg/strutil"
diff --git a/vendor/github.com/cortexproject/cortex/pkg/querier/queryrange/limits.go b/vendor/github.com/cortexproject/cortex/pkg/querier/queryrange/limits.go
index 252d885464f..ee55cde768f 100644
--- a/vendor/github.com/cortexproject/cortex/pkg/querier/queryrange/limits.go
+++ b/vendor/github.com/cortexproject/cortex/pkg/querier/queryrange/limits.go
@@ -6,7 +6,7 @@ import (
 	"time"
 
 	"github.com/go-kit/log/level"
-	"github.com/prometheus/prometheus/pkg/timestamp"
+	"github.com/prometheus/prometheus/model/timestamp"
 	"github.com/weaveworks/common/httpgrpc"
 
 	"github.com/cortexproject/cortex/pkg/tenant"
diff --git a/vendor/github.com/cortexproject/cortex/pkg/querier/queryrange/query_range.go b/vendor/github.com/cortexproject/cortex/pkg/querier/queryrange/query_range.go
index 32962db9080..c0999231c5b 100644
--- a/vendor/github.com/cortexproject/cortex/pkg/querier/queryrange/query_range.go
+++ b/vendor/github.com/cortexproject/cortex/pkg/querier/queryrange/query_range.go
@@ -19,7 +19,7 @@ import (
 	"github.com/opentracing/opentracing-go"
 	otlog "github.com/opentracing/opentracing-go/log"
 	"github.com/prometheus/common/model"
-	"github.com/prometheus/prometheus/pkg/timestamp"
+	"github.com/prometheus/prometheus/model/timestamp"
 	"github.com/weaveworks/common/httpgrpc"
 
 	"github.com/cortexproject/cortex/pkg/cortexpb"
@@ -52,7 +52,7 @@ var (
 type Codec interface {
 	Merger
 	// DecodeRequest decodes a Request from an http request.
-	DecodeRequest(context.Context, *http.Request) (Request, error)
+	DecodeRequest(_ context.Context, request *http.Request, forwardHeaders []string) (Request, error)
 	// DecodeResponse decodes a Response from an http response.
 	// The original request is also passed as a parameter this is useful for implementation that needs the request
 	// to merge result or build the result correctly.
@@ -187,7 +187,7 @@ func (prometheusCodec) MergeResponse(responses ...Response) (Response, error) {
 	return &response, nil
 }
 
-func (prometheusCodec) DecodeRequest(_ context.Context, r *http.Request) (Request, error) {
+func (prometheusCodec) DecodeRequest(_ context.Context, r *http.Request, forwardHeaders []string) (Request, error) {
 	var result PrometheusRequest
 	var err error
 	result.Start, err = util.ParseTime(r.FormValue("start"))
@@ -222,6 +222,16 @@ func (prometheusCodec) DecodeRequest(_ context.Context, r *http.Request) (Reques
 	result.Query = r.FormValue("query")
 	result.Path = r.URL.Path
 
+	// Include the specified headers from http request in prometheusRequest.
+	for _, header := range forwardHeaders {
+		for h, hv := range r.Header {
+			if strings.EqualFold(h, header) {
+				result.Headers = append(result.Headers, &PrometheusRequestHeader{Name: h, Values: hv})
+				break
+			}
+		}
+	}
+
 	for _, value := range r.Header.Values(cacheControlHeader) {
 		if strings.Contains(value, noStoreValue) {
 			result.CachingOptions.Disabled = true
@@ -247,12 +257,20 @@ func (prometheusCodec) EncodeRequest(ctx context.Context, r Request) (*http.Requ
 		Path:     promReq.Path,
 		RawQuery: params.Encode(),
 	}
+	var h = http.Header{}
+
+	for _, hv := range promReq.Headers {
+		for _, v := range hv.Values {
+			h.Add(hv.Name, v)
+		}
+	}
+
 	req := &http.Request{
 		Method:     "GET",
 		RequestURI: u.String(), // This is what the httpgrpc code looks at.
 		URL:        u,
 		Body:       http.NoBody,
-		Header:     http.Header{},
+		Header:     h,
 	}
 
 	return req.WithContext(ctx), nil
diff --git a/vendor/github.com/cortexproject/cortex/pkg/querier/queryrange/queryable.go b/vendor/github.com/cortexproject/cortex/pkg/querier/queryrange/queryable.go
index 7da6cb63fd9..0925f8ffa70 100644
--- a/vendor/github.com/cortexproject/cortex/pkg/querier/queryrange/queryable.go
+++ b/vendor/github.com/cortexproject/cortex/pkg/querier/queryrange/queryable.go
@@ -5,7 +5,7 @@ import (
 	"sync"
 
 	"github.com/pkg/errors"
-	"github.com/prometheus/prometheus/pkg/labels"
+	"github.com/prometheus/prometheus/model/labels"
 	"github.com/prometheus/prometheus/storage"
 
 	"github.com/cortexproject/cortex/pkg/querier/astmapper"
diff --git a/vendor/github.com/cortexproject/cortex/pkg/querier/queryrange/queryrange.pb.go b/vendor/github.com/cortexproject/cortex/pkg/querier/queryrange/queryrange.pb.go
index 22533001ced..ea8157140a4 100644
--- a/vendor/github.com/cortexproject/cortex/pkg/querier/queryrange/queryrange.pb.go
+++ b/vendor/github.com/cortexproject/cortex/pkg/querier/queryrange/queryrange.pb.go
@@ -32,20 +32,72 @@ var _ = time.Kitchen
 // proto package needs to be updated.
 const _ = proto.GoGoProtoPackageIsVersion3 // please upgrade the proto package
 
+type PrometheusRequestHeader struct {
+	Name   string   `protobuf:"bytes,1,opt,name=Name,proto3" json:"-"`
+	Values []string `protobuf:"bytes,2,rep,name=Values,proto3" json:"-"`
+}
+
+func (m *PrometheusRequestHeader) Reset()      { *m = PrometheusRequestHeader{} }
+func (*PrometheusRequestHeader) ProtoMessage() {}
+func (*PrometheusRequestHeader) Descriptor() ([]byte, []int) {
+	return fileDescriptor_79b02382e213d0b2, []int{0}
+}
+func (m *PrometheusRequestHeader) XXX_Unmarshal(b []byte) error {
+	return m.Unmarshal(b)
+}
+func (m *PrometheusRequestHeader) XXX_Marshal(b []byte, deterministic bool) ([]byte, error) {
+	if deterministic {
+		return xxx_messageInfo_PrometheusRequestHeader.Marshal(b, m, deterministic)
+	} else {
+		b = b[:cap(b)]
+		n, err := m.MarshalToSizedBuffer(b)
+		if err != nil {
+			return nil, err
+		}
+		return b[:n], nil
+	}
+}
+func (m *PrometheusRequestHeader) XXX_Merge(src proto.Message) {
+	xxx_messageInfo_PrometheusRequestHeader.Merge(m, src)
+}
+func (m *PrometheusRequestHeader) XXX_Size() int {
+	return m.Size()
+}
+func (m *PrometheusRequestHeader) XXX_DiscardUnknown() {
+	xxx_messageInfo_PrometheusRequestHeader.DiscardUnknown(m)
+}
+
+var xxx_messageInfo_PrometheusRequestHeader proto.InternalMessageInfo
+
+func (m *PrometheusRequestHeader) GetName() string {
+	if m != nil {
+		return m.Name
+	}
+	return ""
+}
+
+func (m *PrometheusRequestHeader) GetValues() []string {
+	if m != nil {
+		return m.Values
+	}
+	return nil
+}
+
 type PrometheusRequest struct {
-	Path           string         `protobuf:"bytes,1,opt,name=path,proto3" json:"path,omitempty"`
-	Start          int64          `protobuf:"varint,2,opt,name=start,proto3" json:"start,omitempty"`
-	End            int64          `protobuf:"varint,3,opt,name=end,proto3" json:"end,omitempty"`
-	Step           int64          `protobuf:"varint,4,opt,name=step,proto3" json:"step,omitempty"`
-	Timeout        time.Duration  `protobuf:"bytes,5,opt,name=timeout,proto3,stdduration" json:"timeout"`
-	Query          string         `protobuf:"bytes,6,opt,name=query,proto3" json:"query,omitempty"`
-	CachingOptions CachingOptions `protobuf:"bytes,7,opt,name=cachingOptions,proto3" json:"cachingOptions"`
+	Path           string                     `protobuf:"bytes,1,opt,name=path,proto3" json:"path,omitempty"`
+	Start          int64                      `protobuf:"varint,2,opt,name=start,proto3" json:"start,omitempty"`
+	End            int64                      `protobuf:"varint,3,opt,name=end,proto3" json:"end,omitempty"`
+	Step           int64                      `protobuf:"varint,4,opt,name=step,proto3" json:"step,omitempty"`
+	Timeout        time.Duration              `protobuf:"bytes,5,opt,name=timeout,proto3,stdduration" json:"timeout"`
+	Query          string                     `protobuf:"bytes,6,opt,name=query,proto3" json:"query,omitempty"`
+	CachingOptions CachingOptions             `protobuf:"bytes,7,opt,name=cachingOptions,proto3" json:"cachingOptions"`
+	Headers        []*PrometheusRequestHeader `protobuf:"bytes,8,rep,name=Headers,proto3" json:"-"`
 }
 
 func (m *PrometheusRequest) Reset()      { *m = PrometheusRequest{} }
 func (*PrometheusRequest) ProtoMessage() {}
 func (*PrometheusRequest) Descriptor() ([]byte, []int) {
-	return fileDescriptor_79b02382e213d0b2, []int{0}
+	return fileDescriptor_79b02382e213d0b2, []int{1}
 }
 func (m *PrometheusRequest) XXX_Unmarshal(b []byte) error {
 	return m.Unmarshal(b)
@@ -123,6 +175,13 @@ func (m *PrometheusRequest) GetCachingOptions() CachingOptions {
 	return CachingOptions{}
 }
 
+func (m *PrometheusRequest) GetHeaders() []*PrometheusRequestHeader {
+	if m != nil {
+		return m.Headers
+	}
+	return nil
+}
+
 type PrometheusResponseHeader struct {
 	Name   string   `protobuf:"bytes,1,opt,name=Name,proto3" json:"-"`
 	Values []string `protobuf:"bytes,2,rep,name=Values,proto3" json:"-"`
@@ -131,7 +190,7 @@ type PrometheusResponseHeader struct {
 func (m *PrometheusResponseHeader) Reset()      { *m = PrometheusResponseHeader{} }
 func (*PrometheusResponseHeader) ProtoMessage() {}
 func (*PrometheusResponseHeader) Descriptor() ([]byte, []int) {
-	return fileDescriptor_79b02382e213d0b2, []int{1}
+	return fileDescriptor_79b02382e213d0b2, []int{2}
 }
 func (m *PrometheusResponseHeader) XXX_Unmarshal(b []byte) error {
 	return m.Unmarshal(b)
@@ -185,7 +244,7 @@ type PrometheusResponse struct {
 func (m *PrometheusResponse) Reset()      { *m = PrometheusResponse{} }
 func (*PrometheusResponse) ProtoMessage() {}
 func (*PrometheusResponse) Descriptor() ([]byte, []int) {
-	return fileDescriptor_79b02382e213d0b2, []int{2}
+	return fileDescriptor_79b02382e213d0b2, []int{3}
 }
 func (m *PrometheusResponse) XXX_Unmarshal(b []byte) error {
 	return m.Unmarshal(b)
@@ -257,7 +316,7 @@ type PrometheusData struct {
 func (m *PrometheusData) Reset()      { *m = PrometheusData{} }
 func (*PrometheusData) ProtoMessage() {}
 func (*PrometheusData) Descriptor() ([]byte, []int) {
-	return fileDescriptor_79b02382e213d0b2, []int{3}
+	return fileDescriptor_79b02382e213d0b2, []int{4}
 }
 func (m *PrometheusData) XXX_Unmarshal(b []byte) error {
 	return m.Unmarshal(b)
@@ -308,7 +367,7 @@ type SampleStream struct {
 func (m *SampleStream) Reset()      { *m = SampleStream{} }
 func (*SampleStream) ProtoMessage() {}
 func (*SampleStream) Descriptor() ([]byte, []int) {
-	return fileDescriptor_79b02382e213d0b2, []int{4}
+	return fileDescriptor_79b02382e213d0b2, []int{5}
 }
 func (m *SampleStream) XXX_Unmarshal(b []byte) error {
 	return m.Unmarshal(b)
@@ -353,7 +412,7 @@ type CachedResponse struct {
 func (m *CachedResponse) Reset()      { *m = CachedResponse{} }
 func (*CachedResponse) ProtoMessage() {}
 func (*CachedResponse) Descriptor() ([]byte, []int) {
-	return fileDescriptor_79b02382e213d0b2, []int{5}
+	return fileDescriptor_79b02382e213d0b2, []int{6}
 }
 func (m *CachedResponse) XXX_Unmarshal(b []byte) error {
 	return m.Unmarshal(b)
@@ -406,7 +465,7 @@ type Extent struct {
 func (m *Extent) Reset()      { *m = Extent{} }
 func (*Extent) ProtoMessage() {}
 func (*Extent) Descriptor() ([]byte, []int) {
-	return fileDescriptor_79b02382e213d0b2, []int{6}
+	return fileDescriptor_79b02382e213d0b2, []int{7}
 }
 func (m *Extent) XXX_Unmarshal(b []byte) error {
 	return m.Unmarshal(b)
@@ -470,7 +529,7 @@ type CachingOptions struct {
 func (m *CachingOptions) Reset()      { *m = CachingOptions{} }
 func (*CachingOptions) ProtoMessage() {}
 func (*CachingOptions) Descriptor() ([]byte, []int) {
-	return fileDescriptor_79b02382e213d0b2, []int{7}
+	return fileDescriptor_79b02382e213d0b2, []int{8}
 }
 func (m *CachingOptions) XXX_Unmarshal(b []byte) error {
 	return m.Unmarshal(b)
@@ -507,6 +566,7 @@ func (m *CachingOptions) GetDisabled() bool {
 }
 
 func init() {
+	proto.RegisterType((*PrometheusRequestHeader)(nil), "queryrange.PrometheusRequestHeader")
 	proto.RegisterType((*PrometheusRequest)(nil), "queryrange.PrometheusRequest")
 	proto.RegisterType((*PrometheusResponseHeader)(nil), "queryrange.PrometheusResponseHeader")
 	proto.RegisterType((*PrometheusResponse)(nil), "queryrange.PrometheusResponse")
@@ -520,61 +580,95 @@ func init() {
 func init() { proto.RegisterFile("queryrange.proto", fileDescriptor_79b02382e213d0b2) }
 
 var fileDescriptor_79b02382e213d0b2 = []byte{
-	// 827 bytes of a gzipped FileDescriptorProto
-	0x1f, 0x8b, 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0xff, 0x94, 0x55, 0xcd, 0x8e, 0x1b, 0x45,
-	0x10, 0x76, 0xaf, 0xed, 0xb1, 0xdd, 0x1b, 0x39, 0x4b, 0x6f, 0x04, 0xe3, 0x95, 0x98, 0xb1, 0x46,
-	0x1c, 0x16, 0x29, 0x99, 0x95, 0x16, 0x71, 0x00, 0x09, 0x94, 0x0c, 0x59, 0x14, 0x7e, 0x04, 0x51,
-	0x6f, 0xc4, 0x81, 0x0b, 0x6a, 0x7b, 0x0a, 0x7b, 0x12, 0xcf, 0x4f, 0x7a, 0x7a, 0xd0, 0xfa, 0x86,
-	0xf2, 0x04, 0x1c, 0x79, 0x04, 0x90, 0x78, 0x0c, 0x0e, 0x39, 0xee, 0x31, 0xe2, 0x30, 0xb0, 0xde,
-	0x0b, 0x9a, 0x53, 0x1e, 0x01, 0xf5, 0xcf, 0x78, 0x66, 0x77, 0xb9, 0xe4, 0x62, 0x55, 0x55, 0xd7,
-	0x57, 0xf5, 0xd5, 0xd7, 0x3d, 0x65, 0xbc, 0xf7, 0xbc, 0x00, 0xbe, 0xe6, 0x2c, 0x59, 0x80, 0x9f,
-	0xf1, 0x54, 0xa4, 0x04, 0x37, 0x91, 0x83, 0x7b, 0x8b, 0x48, 0x2c, 0x8b, 0x99, 0x3f, 0x4f, 0xe3,
-	0xa3, 0x45, 0xba, 0x48, 0x8f, 0x54, 0xca, 0xac, 0xf8, 0x51, 0x79, 0xca, 0x51, 0x96, 0x86, 0x1e,
-	0x38, 0x8b, 0x34, 0x5d, 0xac, 0xa0, 0xc9, 0x0a, 0x0b, 0xce, 0x44, 0x94, 0x26, 0xe6, 0xfc, 0xa3,
-	0x56, 0xb9, 0x79, 0xca, 0x05, 0x9c, 0x65, 0x3c, 0x7d, 0x0a, 0x73, 0x61, 0xbc, 0xa3, 0xec, 0xd9,
-	0xa2, 0x3e, 0x98, 0x19, 0xc3, 0x40, 0x27, 0xd7, 0x4b, 0xb3, 0x64, 0xad, 0x8f, 0xbc, 0x17, 0x3b,
-	0xf8, 0xad, 0xc7, 0x3c, 0x8d, 0x41, 0x2c, 0xa1, 0xc8, 0x29, 0x3c, 0x2f, 0x20, 0x17, 0x84, 0xe0,
-	0x5e, 0xc6, 0xc4, 0xd2, 0x46, 0x53, 0x74, 0x38, 0xa2, 0xca, 0x26, 0x77, 0x70, 0x3f, 0x17, 0x8c,
-	0x0b, 0x7b, 0x67, 0x8a, 0x0e, 0xbb, 0x54, 0x3b, 0x64, 0x0f, 0x77, 0x21, 0x09, 0xed, 0xae, 0x8a,
-	0x49, 0x53, 0x62, 0x73, 0x01, 0x99, 0xdd, 0x53, 0x21, 0x65, 0x93, 0x4f, 0xf0, 0x40, 0x44, 0x31,
-	0xa4, 0x85, 0xb0, 0xfb, 0x53, 0x74, 0xb8, 0x7b, 0x3c, 0xf1, 0x35, 0x25, 0xbf, 0xa6, 0xe4, 0x3f,
-	0x34, 0xd3, 0x06, 0xc3, 0x97, 0xa5, 0xdb, 0xf9, 0xf5, 0x6f, 0x17, 0xd1, 0x1a, 0x23, 0x5b, 0x2b,
-	0x5d, 0x6d, 0x4b, 0xf1, 0xd1, 0x0e, 0x79, 0x84, 0xc7, 0x73, 0x36, 0x5f, 0x46, 0xc9, 0xe2, 0xdb,
-	0x4c, 0x22, 0x73, 0x7b, 0xa0, 0x6a, 0x1f, 0xf8, 0xad, 0x6b, 0xf9, 0xec, 0x4a, 0x46, 0xd0, 0x93,
-	0xc5, 0xe9, 0x35, 0x9c, 0xf7, 0x04, 0xdb, 0x6d, 0x0d, 0xf2, 0x2c, 0x4d, 0x72, 0x78, 0x04, 0x2c,
-	0x04, 0x4e, 0x26, 0xb8, 0xf7, 0x0d, 0x8b, 0x41, 0x4b, 0x11, 0xf4, 0xab, 0xd2, 0x45, 0xf7, 0xa8,
-	0x0a, 0x91, 0x77, 0xb1, 0xf5, 0x1d, 0x5b, 0x15, 0x90, 0xdb, 0x3b, 0xd3, 0x6e, 0x73, 0x68, 0x82,
-	0xde, 0xef, 0x3b, 0x98, 0xdc, 0x2c, 0x4b, 0x3c, 0x6c, 0x9d, 0x0a, 0x26, 0x8a, 0xdc, 0x94, 0xc4,
-	0x55, 0xe9, 0x5a, 0xb9, 0x8a, 0x50, 0x73, 0x42, 0x3e, 0xc7, 0xbd, 0x87, 0x4c, 0x30, 0x25, 0xf5,
-	0xb5, 0x81, 0x9a, 0x8a, 0x32, 0x23, 0x78, 0x5b, 0x0e, 0x54, 0x95, 0xee, 0x38, 0x64, 0x82, 0xdd,
-	0x4d, 0xe3, 0x48, 0x40, 0x9c, 0x89, 0x35, 0x55, 0x78, 0xf2, 0x21, 0x1e, 0x9d, 0x70, 0x9e, 0xf2,
-	0x27, 0xeb, 0x0c, 0xd4, 0x1d, 0x8d, 0x82, 0x77, 0xaa, 0xd2, 0xdd, 0x87, 0x3a, 0xd8, 0x42, 0x34,
-	0x99, 0xe4, 0x7d, 0xdc, 0x57, 0x8e, 0xba, 0xc3, 0x51, 0xb0, 0x5f, 0x95, 0xee, 0x6d, 0x05, 0x69,
-	0xa5, 0xeb, 0x0c, 0x72, 0x82, 0x07, 0x5a, 0xa8, 0xdc, 0xee, 0x4f, 0xbb, 0x87, 0xbb, 0xc7, 0xef,
-	0xfd, 0x3f, 0xd9, 0xab, 0xaa, 0xd6, 0x52, 0xd5, 0x58, 0xef, 0x05, 0xc2, 0xe3, 0xab, 0x93, 0x11,
-	0x1f, 0x63, 0x0a, 0x79, 0xb1, 0x12, 0x8a, 0xbc, 0xd6, 0x6a, 0x5c, 0x95, 0x2e, 0xe6, 0xdb, 0x28,
-	0x6d, 0x65, 0x90, 0xfb, 0xd8, 0xd2, 0x9e, 0xba, 0x8d, 0xdd, 0x63, 0xbb, 0x4d, 0xe4, 0x94, 0xc5,
-	0xd9, 0x0a, 0x4e, 0x05, 0x07, 0x16, 0x07, 0x63, 0xa3, 0x99, 0xa5, 0x2b, 0x51, 0x83, 0xf3, 0xfe,
-	0x44, 0xf8, 0x56, 0x3b, 0x91, 0x9c, 0x61, 0x6b, 0xc5, 0x66, 0xb0, 0x92, 0x57, 0x25, 0x4b, 0xee,
-	0xfb, 0xf5, 0xf7, 0xe5, 0x7f, 0x2d, 0xe3, 0x8f, 0x59, 0xc4, 0x83, 0xaf, 0x64, 0xb5, 0xbf, 0x4a,
-	0xf7, 0x8d, 0xbe, 0x4f, 0x8d, 0x7f, 0x10, 0xb2, 0x4c, 0x00, 0x97, 0x54, 0x62, 0x10, 0x3c, 0x9a,
-	0x53, 0xd3, 0x8f, 0x7c, 0x8c, 0x07, 0xb9, 0x62, 0x92, 0x9b, 0x69, 0xf6, 0x9a, 0xd6, 0x9a, 0x62,
-	0x33, 0xc5, 0x4f, 0xea, 0xb9, 0xd1, 0x1a, 0xe0, 0x3d, 0xc5, 0x63, 0xf9, 0xea, 0x21, 0xdc, 0x3e,
-	0xb9, 0x09, 0xee, 0x3e, 0x83, 0xb5, 0xd1, 0x70, 0x50, 0x95, 0xae, 0x74, 0xa9, 0xfc, 0x91, 0x5f,
-	0x26, 0x9c, 0x09, 0x48, 0x44, 0xdd, 0x88, 0xb4, 0x65, 0x3b, 0x51, 0x47, 0xc1, 0x6d, 0xd3, 0xaa,
-	0x4e, 0xa5, 0xb5, 0xe1, 0xfd, 0x81, 0xb0, 0xa5, 0x93, 0x88, 0x5b, 0xef, 0x07, 0xd9, 0xa6, 0x1b,
-	0x8c, 0xaa, 0xd2, 0xd5, 0x81, 0x7a, 0x55, 0x4c, 0xf4, 0xaa, 0x50, 0xeb, 0x43, 0xb3, 0x80, 0x24,
-	0xd4, 0x3b, 0x63, 0x8a, 0x87, 0x82, 0xb3, 0x39, 0xfc, 0x10, 0x85, 0xe6, 0xcd, 0xd5, 0x0f, 0x44,
-	0x85, 0xbf, 0x08, 0xc9, 0xa7, 0x78, 0xc8, 0xcd, 0x38, 0x66, 0x85, 0xdc, 0xb9, 0xb1, 0x42, 0x1e,
-	0x24, 0xeb, 0xe0, 0x56, 0x55, 0xba, 0xdb, 0x4c, 0xba, 0xb5, 0xbe, 0xec, 0x0d, 0xbb, 0x7b, 0x3d,
-	0xef, 0xae, 0x96, 0xa6, 0xf9, 0xf4, 0xc9, 0x01, 0x1e, 0x86, 0x51, 0xce, 0x66, 0x2b, 0x08, 0x15,
-	0xf1, 0x21, 0xdd, 0xfa, 0xc1, 0xfd, 0xf3, 0x0b, 0xa7, 0xf3, 0xea, 0xc2, 0xe9, 0xbc, 0xbe, 0x70,
-	0xd0, 0xcf, 0x1b, 0x07, 0xfd, 0xb6, 0x71, 0xd0, 0xcb, 0x8d, 0x83, 0xce, 0x37, 0x0e, 0xfa, 0x67,
-	0xe3, 0xa0, 0x7f, 0x37, 0x4e, 0xe7, 0xf5, 0xc6, 0x41, 0xbf, 0x5c, 0x3a, 0x9d, 0xf3, 0x4b, 0xa7,
-	0xf3, 0xea, 0xd2, 0xe9, 0x7c, 0xdf, 0xfa, 0x0b, 0x98, 0x59, 0x8a, 0xdb, 0x07, 0xff, 0x05, 0x00,
-	0x00, 0xff, 0xff, 0x08, 0x83, 0xd3, 0x7d, 0x29, 0x06, 0x00, 0x00,
-}
+	// 849 bytes of a gzipped FileDescriptorProto
+	0x1f, 0x8b, 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0xff, 0xa4, 0x55, 0xcd, 0x6e, 0x1b, 0x55,
+	0x14, 0xf6, 0xc4, 0xf6, 0xd8, 0x3e, 0xa9, 0xdc, 0x70, 0x53, 0xd1, 0x71, 0x24, 0x66, 0x2c, 0xc3,
+	0x22, 0x48, 0xed, 0x44, 0x0a, 0x62, 0x01, 0x12, 0xa8, 0x1d, 0x12, 0x54, 0x7e, 0x04, 0xd5, 0x4d,
+	0xc5, 0x82, 0x0d, 0xba, 0xf6, 0x1c, 0x9c, 0x69, 0x3d, 0x3f, 0xbd, 0x73, 0x07, 0xc5, 0x3b, 0xc4,
+	0x13, 0xb0, 0xe4, 0x11, 0x40, 0xe2, 0x31, 0x58, 0x64, 0x99, 0x65, 0xc5, 0x62, 0x20, 0xce, 0x06,
+	0xcd, 0xaa, 0x8f, 0x80, 0xee, 0xcf, 0xd8, 0xd3, 0x44, 0x5d, 0x20, 0x36, 0xd6, 0x39, 0xe7, 0x7e,
+	0xdf, 0x77, 0xcf, 0xcf, 0x9d, 0x63, 0xd8, 0x79, 0x5e, 0x20, 0x5f, 0x72, 0x96, 0xcc, 0xd1, 0xcf,
+	0x78, 0x2a, 0x52, 0x02, 0x9b, 0xc8, 0xde, 0xfd, 0x79, 0x24, 0x4e, 0x8b, 0xa9, 0x3f, 0x4b, 0xe3,
+	0x83, 0x79, 0x3a, 0x4f, 0x0f, 0x14, 0x64, 0x5a, 0x7c, 0xaf, 0x3c, 0xe5, 0x28, 0x4b, 0x53, 0xf7,
+	0xdc, 0x79, 0x9a, 0xce, 0x17, 0xb8, 0x41, 0x85, 0x05, 0x67, 0x22, 0x4a, 0x13, 0x73, 0xfe, 0x41,
+	0x43, 0x6e, 0x96, 0x72, 0x81, 0x67, 0x19, 0x4f, 0x9f, 0xe2, 0x4c, 0x18, 0xef, 0x20, 0x7b, 0x36,
+	0xaf, 0x0f, 0xa6, 0xc6, 0x30, 0xd4, 0xd1, 0x75, 0x69, 0x96, 0x2c, 0xf5, 0xd1, 0xe4, 0x04, 0xee,
+	0x3e, 0xe6, 0x69, 0x8c, 0xe2, 0x14, 0x8b, 0x9c, 0xe2, 0xf3, 0x02, 0x73, 0xf1, 0x08, 0x59, 0x88,
+	0x9c, 0x8c, 0xa0, 0xf3, 0x15, 0x8b, 0xd1, 0xb1, 0xc6, 0xd6, 0xfe, 0x20, 0xe8, 0x56, 0xa5, 0x67,
+	0xdd, 0xa7, 0x2a, 0x44, 0xde, 0x02, 0xfb, 0x1b, 0xb6, 0x28, 0x30, 0x77, 0xb6, 0xc6, 0xed, 0xcd,
+	0xa1, 0x09, 0x4e, 0xce, 0xb7, 0xe0, 0x8d, 0x1b, 0xaa, 0x84, 0x40, 0x27, 0x63, 0xe2, 0x54, 0xeb,
+	0x51, 0x65, 0x93, 0x3b, 0xd0, 0xcd, 0x05, 0xe3, 0xc2, 0xd9, 0x1a, 0x5b, 0xfb, 0x6d, 0xaa, 0x1d,
+	0xb2, 0x03, 0x6d, 0x4c, 0x42, 0xa7, 0xad, 0x62, 0xd2, 0x94, 0xdc, 0x5c, 0x60, 0xe6, 0x74, 0x54,
+	0x48, 0xd9, 0xe4, 0x23, 0xe8, 0x89, 0x28, 0xc6, 0xb4, 0x10, 0x4e, 0x77, 0x6c, 0xed, 0x6f, 0x1f,
+	0x8e, 0x7c, 0x5d, 0xa7, 0x5f, 0xd7, 0xe9, 0x1f, 0x99, 0x16, 0x06, 0xfd, 0xf3, 0xd2, 0x6b, 0xfd,
+	0xf2, 0x97, 0x67, 0xd1, 0x9a, 0x23, 0xaf, 0x56, 0xc3, 0x72, 0x6c, 0x95, 0x8f, 0x76, 0xc8, 0x23,
+	0x18, 0xce, 0xd8, 0xec, 0x34, 0x4a, 0xe6, 0x5f, 0x67, 0x92, 0x99, 0x3b, 0x3d, 0xa5, 0xbd, 0xe7,
+	0x37, 0x66, 0xfd, 0xc9, 0x2b, 0x88, 0xa0, 0x23, 0xc5, 0xe9, 0x35, 0x1e, 0x39, 0x82, 0x9e, 0x6e,
+	0x64, 0xee, 0xf4, 0xc7, 0xed, 0xfd, 0xed, 0xc3, 0xb7, 0x9b, 0x12, 0xaf, 0x69, 0x7a, 0xdd, 0xc9,
+	0x9a, 0x3a, 0x79, 0x02, 0x4e, 0x13, 0x9a, 0x67, 0x69, 0x92, 0xe3, 0xff, 0x1e, 0xd0, 0x6f, 0x5b,
+	0x40, 0x6e, 0xca, 0x92, 0x09, 0xd8, 0x27, 0x82, 0x89, 0x22, 0x37, 0x92, 0x50, 0x95, 0x9e, 0x9d,
+	0xab, 0x08, 0x35, 0x27, 0xe4, 0x53, 0xe8, 0x1c, 0x31, 0xc1, 0xd4, 0xc0, 0xae, 0xb5, 0x65, 0xa3,
+	0x28, 0x11, 0xc1, 0x9b, 0xb2, 0x2d, 0x55, 0xe9, 0x0d, 0x43, 0x26, 0xd8, 0xbd, 0x34, 0x8e, 0x04,
+	0xc6, 0x99, 0x58, 0x52, 0xc5, 0x27, 0xef, 0xc3, 0xe0, 0x98, 0xf3, 0x94, 0x3f, 0x59, 0x66, 0xa8,
+	0x26, 0x3d, 0x08, 0xee, 0x56, 0xa5, 0xb7, 0x8b, 0x75, 0xb0, 0xc1, 0xd8, 0x20, 0xc9, 0xbb, 0xd0,
+	0x55, 0x8e, 0x7a, 0x09, 0x83, 0x60, 0xb7, 0x2a, 0xbd, 0xdb, 0x8a, 0xd2, 0x80, 0x6b, 0x04, 0x39,
+	0xde, 0x0c, 0xa0, 0xab, 0x06, 0xf0, 0xce, 0xeb, 0x06, 0xd0, 0xec, 0xea, 0x8d, 0x09, 0xfc, 0x64,
+	0xc1, 0xf0, 0xd5, 0xca, 0x88, 0x0f, 0x40, 0x31, 0x2f, 0x16, 0x42, 0x25, 0xaf, 0x7b, 0x35, 0xac,
+	0x4a, 0x0f, 0xf8, 0x3a, 0x4a, 0x1b, 0x08, 0xf2, 0x00, 0x6c, 0xed, 0xa9, 0x69, 0x6c, 0x1f, 0x3a,
+	0xcd, 0x44, 0x4e, 0x58, 0x9c, 0x2d, 0xf0, 0x44, 0x70, 0x64, 0x71, 0x30, 0x34, 0x3d, 0xb3, 0xb5,
+	0x12, 0x35, 0xbc, 0xc9, 0x1f, 0x16, 0xdc, 0x6a, 0x02, 0xc9, 0x19, 0xd8, 0x0b, 0x36, 0xc5, 0x85,
+	0x1c, 0x95, 0x94, 0xdc, 0xf5, 0xeb, 0x4f, 0xdf, 0xff, 0x52, 0xc6, 0x1f, 0xb3, 0x88, 0x07, 0x5f,
+	0x48, 0xb5, 0x3f, 0x4b, 0xef, 0x3f, 0xad, 0x0e, 0xcd, 0x7f, 0x18, 0xb2, 0x4c, 0x20, 0x97, 0xa9,
+	0xc4, 0x28, 0x78, 0x34, 0xa3, 0xe6, 0x3e, 0xf2, 0x21, 0xf4, 0x72, 0x95, 0x49, 0x6e, 0xaa, 0xd9,
+	0xd9, 0x5c, 0xad, 0x53, 0xdc, 0x54, 0xf1, 0x83, 0x7a, 0x6e, 0xb4, 0x26, 0x4c, 0x9e, 0xc2, 0x50,
+	0x7e, 0x3b, 0x18, 0xae, 0x9f, 0xdc, 0x08, 0xda, 0xcf, 0x70, 0x69, 0x7a, 0xd8, 0xab, 0x4a, 0x4f,
+	0xba, 0x54, 0xfe, 0xc8, 0xef, 0x1b, 0xcf, 0x04, 0x26, 0xa2, 0xbe, 0x88, 0x34, 0xdb, 0x76, 0xac,
+	0x8e, 0x82, 0xdb, 0xe6, 0xaa, 0x1a, 0x4a, 0x6b, 0x63, 0xf2, 0xbb, 0x05, 0xb6, 0x06, 0x11, 0xaf,
+	0xde, 0x32, 0xf2, 0x9a, 0x76, 0x30, 0xa8, 0x4a, 0x4f, 0x07, 0xea, 0x85, 0x33, 0xd2, 0x0b, 0x47,
+	0x2d, 0x21, 0x9d, 0x05, 0x26, 0xa1, 0xde, 0x3c, 0x63, 0xe8, 0x0b, 0xce, 0x66, 0xf8, 0x5d, 0x14,
+	0x9a, 0x37, 0x57, 0x3f, 0x10, 0x15, 0xfe, 0x2c, 0x24, 0x1f, 0x43, 0x9f, 0x9b, 0x72, 0xcc, 0x22,
+	0xba, 0x73, 0x63, 0x11, 0x3d, 0x4c, 0x96, 0xc1, 0xad, 0xaa, 0xf4, 0xd6, 0x48, 0xba, 0xb6, 0x3e,
+	0xef, 0xf4, 0xdb, 0x3b, 0x9d, 0xc9, 0x3d, 0xdd, 0x9a, 0xc6, 0x02, 0xd9, 0x83, 0x7e, 0x18, 0xe5,
+	0x6c, 0xba, 0xc0, 0x50, 0x25, 0xde, 0xa7, 0x6b, 0x3f, 0x78, 0x70, 0x71, 0xe9, 0xb6, 0x5e, 0x5c,
+	0xba, 0xad, 0x97, 0x97, 0xae, 0xf5, 0xe3, 0xca, 0xb5, 0x7e, 0x5d, 0xb9, 0xd6, 0xf9, 0xca, 0xb5,
+	0x2e, 0x56, 0xae, 0xf5, 0xf7, 0xca, 0xb5, 0xfe, 0x59, 0xb9, 0xad, 0x97, 0x2b, 0xd7, 0xfa, 0xf9,
+	0xca, 0x6d, 0x5d, 0x5c, 0xb9, 0xad, 0x17, 0x57, 0x6e, 0xeb, 0xdb, 0xc6, 0xbf, 0xd3, 0xd4, 0x56,
+	0xb9, 0xbd, 0xf7, 0x6f, 0x00, 0x00, 0x00, 0xff, 0xff, 0xa5, 0x4d, 0x41, 0xea, 0xc4, 0x06, 0x00,
+	0x00,
+}
+
+func (this *PrometheusRequestHeader) Equal(that interface{}) bool {
+	if that == nil {
+		return this == nil
+	}
 
+	that1, ok := that.(*PrometheusRequestHeader)
+	if !ok {
+		that2, ok := that.(PrometheusRequestHeader)
+		if ok {
+			that1 = &that2
+		} else {
+			return false
+		}
+	}
+	if that1 == nil {
+		return this == nil
+	} else if this == nil {
+		return false
+	}
+	if this.Name != that1.Name {
+		return false
+	}
+	if len(this.Values) != len(that1.Values) {
+		return false
+	}
+	for i := range this.Values {
+		if this.Values[i] != that1.Values[i] {
+			return false
+		}
+	}
+	return true
+}
 func (this *PrometheusRequest) Equal(that interface{}) bool {
 	if that == nil {
 		return this == nil
@@ -615,6 +709,14 @@ func (this *PrometheusRequest) Equal(that interface{}) bool {
 	if !this.CachingOptions.Equal(&that1.CachingOptions) {
 		return false
 	}
+	if len(this.Headers) != len(that1.Headers) {
+		return false
+	}
+	for i := range this.Headers {
+		if !this.Headers[i].Equal(that1.Headers[i]) {
+			return false
+		}
+	}
 	return true
 }
 func (this *PrometheusResponseHeader) Equal(that interface{}) bool {
@@ -848,11 +950,22 @@ func (this *CachingOptions) Equal(that interface{}) bool {
 	}
 	return true
 }
+func (this *PrometheusRequestHeader) GoString() string {
+	if this == nil {
+		return "nil"
+	}
+	s := make([]string, 0, 6)
+	s = append(s, "&queryrange.PrometheusRequestHeader{")
+	s = append(s, "Name: "+fmt.Sprintf("%#v", this.Name)+",\n")
+	s = append(s, "Values: "+fmt.Sprintf("%#v", this.Values)+",\n")
+	s = append(s, "}")
+	return strings.Join(s, "")
+}
 func (this *PrometheusRequest) GoString() string {
 	if this == nil {
 		return "nil"
 	}
-	s := make([]string, 0, 11)
+	s := make([]string, 0, 12)
 	s = append(s, "&queryrange.PrometheusRequest{")
 	s = append(s, "Path: "+fmt.Sprintf("%#v", this.Path)+",\n")
 	s = append(s, "Start: "+fmt.Sprintf("%#v", this.Start)+",\n")
@@ -861,6 +974,9 @@ func (this *PrometheusRequest) GoString() string {
 	s = append(s, "Timeout: "+fmt.Sprintf("%#v", this.Timeout)+",\n")
 	s = append(s, "Query: "+fmt.Sprintf("%#v", this.Query)+",\n")
 	s = append(s, "CachingOptions: "+strings.Replace(this.CachingOptions.GoString(), `&`, ``, 1)+",\n")
+	if this.Headers != nil {
+		s = append(s, "Headers: "+fmt.Sprintf("%#v", this.Headers)+",\n")
+	}
 	s = append(s, "}")
 	return strings.Join(s, "")
 }
@@ -975,6 +1091,45 @@ func valueToGoStringQueryrange(v interface{}, typ string) string {
 	pv := reflect.Indirect(rv).Interface()
 	return fmt.Sprintf("func(v %v) *%v { return &v } ( %#v )", typ, typ, pv)
 }
+func (m *PrometheusRequestHeader) Marshal() (dAtA []byte, err error) {
+	size := m.Size()
+	dAtA = make([]byte, size)
+	n, err := m.MarshalToSizedBuffer(dAtA[:size])
+	if err != nil {
+		return nil, err
+	}
+	return dAtA[:n], nil
+}
+
+func (m *PrometheusRequestHeader) MarshalTo(dAtA []byte) (int, error) {
+	size := m.Size()
+	return m.MarshalToSizedBuffer(dAtA[:size])
+}
+
+func (m *PrometheusRequestHeader) MarshalToSizedBuffer(dAtA []byte) (int, error) {
+	i := len(dAtA)
+	_ = i
+	var l int
+	_ = l
+	if len(m.Values) > 0 {
+		for iNdEx := len(m.Values) - 1; iNdEx >= 0; iNdEx-- {
+			i -= len(m.Values[iNdEx])
+			copy(dAtA[i:], m.Values[iNdEx])
+			i = encodeVarintQueryrange(dAtA, i, uint64(len(m.Values[iNdEx])))
+			i--
+			dAtA[i] = 0x12
+		}
+	}
+	if len(m.Name) > 0 {
+		i -= len(m.Name)
+		copy(dAtA[i:], m.Name)
+		i = encodeVarintQueryrange(dAtA, i, uint64(len(m.Name)))
+		i--
+		dAtA[i] = 0xa
+	}
+	return len(dAtA) - i, nil
+}
+
 func (m *PrometheusRequest) Marshal() (dAtA []byte, err error) {
 	size := m.Size()
 	dAtA = make([]byte, size)
@@ -995,6 +1150,20 @@ func (m *PrometheusRequest) MarshalToSizedBuffer(dAtA []byte) (int, error) {
 	_ = i
 	var l int
 	_ = l
+	if len(m.Headers) > 0 {
+		for iNdEx := len(m.Headers) - 1; iNdEx >= 0; iNdEx-- {
+			{
+				size, err := m.Headers[iNdEx].MarshalToSizedBuffer(dAtA[:i])
+				if err != nil {
+					return 0, err
+				}
+				i -= size
+				i = encodeVarintQueryrange(dAtA, i, uint64(size))
+			}
+			i--
+			dAtA[i] = 0x42
+		}
+	}
 	{
 		size, err := m.CachingOptions.MarshalToSizedBuffer(dAtA[:i])
 		if err != nil {
@@ -1387,6 +1556,25 @@ func encodeVarintQueryrange(dAtA []byte, offset int, v uint64) int {
 	dAtA[offset] = uint8(v)
 	return base
 }
+func (m *PrometheusRequestHeader) Size() (n int) {
+	if m == nil {
+		return 0
+	}
+	var l int
+	_ = l
+	l = len(m.Name)
+	if l > 0 {
+		n += 1 + l + sovQueryrange(uint64(l))
+	}
+	if len(m.Values) > 0 {
+		for _, s := range m.Values {
+			l = len(s)
+			n += 1 + l + sovQueryrange(uint64(l))
+		}
+	}
+	return n
+}
+
 func (m *PrometheusRequest) Size() (n int) {
 	if m == nil {
 		return 0
@@ -1414,6 +1602,12 @@ func (m *PrometheusRequest) Size() (n int) {
 	}
 	l = m.CachingOptions.Size()
 	n += 1 + l + sovQueryrange(uint64(l))
+	if len(m.Headers) > 0 {
+		for _, e := range m.Headers {
+			l = e.Size()
+			n += 1 + l + sovQueryrange(uint64(l))
+		}
+	}
 	return n
 }
 
@@ -1565,10 +1759,26 @@ func sovQueryrange(x uint64) (n int) {
 func sozQueryrange(x uint64) (n int) {
 	return sovQueryrange(uint64((x << 1) ^ uint64((int64(x) >> 63))))
 }
+func (this *PrometheusRequestHeader) String() string {
+	if this == nil {
+		return "nil"
+	}
+	s := strings.Join([]string{`&PrometheusRequestHeader{`,
+		`Name:` + fmt.Sprintf("%v", this.Name) + `,`,
+		`Values:` + fmt.Sprintf("%v", this.Values) + `,`,
+		`}`,
+	}, "")
+	return s
+}
 func (this *PrometheusRequest) String() string {
 	if this == nil {
 		return "nil"
 	}
+	repeatedStringForHeaders := "[]*PrometheusRequestHeader{"
+	for _, f := range this.Headers {
+		repeatedStringForHeaders += strings.Replace(f.String(), "PrometheusRequestHeader", "PrometheusRequestHeader", 1) + ","
+	}
+	repeatedStringForHeaders += "}"
 	s := strings.Join([]string{`&PrometheusRequest{`,
 		`Path:` + fmt.Sprintf("%v", this.Path) + `,`,
 		`Start:` + fmt.Sprintf("%v", this.Start) + `,`,
@@ -1577,6 +1787,7 @@ func (this *PrometheusRequest) String() string {
 		`Timeout:` + strings.Replace(strings.Replace(fmt.Sprintf("%v", this.Timeout), "Duration", "duration.Duration", 1), `&`, ``, 1) + `,`,
 		`Query:` + fmt.Sprintf("%v", this.Query) + `,`,
 		`CachingOptions:` + strings.Replace(strings.Replace(this.CachingOptions.String(), "CachingOptions", "CachingOptions", 1), `&`, ``, 1) + `,`,
+		`Headers:` + repeatedStringForHeaders + `,`,
 		`}`,
 	}, "")
 	return s
@@ -1690,6 +1901,123 @@ func valueToStringQueryrange(v interface{}) string {
 	pv := reflect.Indirect(rv).Interface()
 	return fmt.Sprintf("*%v", pv)
 }
+func (m *PrometheusRequestHeader) Unmarshal(dAtA []byte) error {
+	l := len(dAtA)
+	iNdEx := 0
+	for iNdEx < l {
+		preIndex := iNdEx
+		var wire uint64
+		for shift := uint(0); ; shift += 7 {
+			if shift >= 64 {
+				return ErrIntOverflowQueryrange
+			}
+			if iNdEx >= l {
+				return io.ErrUnexpectedEOF
+			}
+			b := dAtA[iNdEx]
+			iNdEx++
+			wire |= uint64(b&0x7F) << shift
+			if b < 0x80 {
+				break
+			}
+		}
+		fieldNum := int32(wire >> 3)
+		wireType := int(wire & 0x7)
+		if wireType == 4 {
+			return fmt.Errorf("proto: PrometheusRequestHeader: wiretype end group for non-group")
+		}
+		if fieldNum <= 0 {
+			return fmt.Errorf("proto: PrometheusRequestHeader: illegal tag %d (wire type %d)", fieldNum, wire)
+		}
+		switch fieldNum {
+		case 1:
+			if wireType != 2 {
+				return fmt.Errorf("proto: wrong wireType = %d for field Name", wireType)
+			}
+			var stringLen uint64
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowQueryrange
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				stringLen |= uint64(b&0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			intStringLen := int(stringLen)
+			if intStringLen < 0 {
+				return ErrInvalidLengthQueryrange
+			}
+			postIndex := iNdEx + intStringLen
+			if postIndex < 0 {
+				return ErrInvalidLengthQueryrange
+			}
+			if postIndex > l {
+				return io.ErrUnexpectedEOF
+			}
+			m.Name = string(dAtA[iNdEx:postIndex])
+			iNdEx = postIndex
+		case 2:
+			if wireType != 2 {
+				return fmt.Errorf("proto: wrong wireType = %d for field Values", wireType)
+			}
+			var stringLen uint64
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowQueryrange
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				stringLen |= uint64(b&0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			intStringLen := int(stringLen)
+			if intStringLen < 0 {
+				return ErrInvalidLengthQueryrange
+			}
+			postIndex := iNdEx + intStringLen
+			if postIndex < 0 {
+				return ErrInvalidLengthQueryrange
+			}
+			if postIndex > l {
+				return io.ErrUnexpectedEOF
+			}
+			m.Values = append(m.Values, string(dAtA[iNdEx:postIndex]))
+			iNdEx = postIndex
+		default:
+			iNdEx = preIndex
+			skippy, err := skipQueryrange(dAtA[iNdEx:])
+			if err != nil {
+				return err
+			}
+			if skippy < 0 {
+				return ErrInvalidLengthQueryrange
+			}
+			if (iNdEx + skippy) < 0 {
+				return ErrInvalidLengthQueryrange
+			}
+			if (iNdEx + skippy) > l {
+				return io.ErrUnexpectedEOF
+			}
+			iNdEx += skippy
+		}
+	}
+
+	if iNdEx > l {
+		return io.ErrUnexpectedEOF
+	}
+	return nil
+}
 func (m *PrometheusRequest) Unmarshal(dAtA []byte) error {
 	l := len(dAtA)
 	iNdEx := 0
@@ -1906,6 +2234,40 @@ func (m *PrometheusRequest) Unmarshal(dAtA []byte) error {
 				return err
 			}
 			iNdEx = postIndex
+		case 8:
+			if wireType != 2 {
+				return fmt.Errorf("proto: wrong wireType = %d for field Headers", wireType)
+			}
+			var msglen int
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowQueryrange
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				msglen |= int(b&0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			if msglen < 0 {
+				return ErrInvalidLengthQueryrange
+			}
+			postIndex := iNdEx + msglen
+			if postIndex < 0 {
+				return ErrInvalidLengthQueryrange
+			}
+			if postIndex > l {
+				return io.ErrUnexpectedEOF
+			}
+			m.Headers = append(m.Headers, &PrometheusRequestHeader{})
+			if err := m.Headers[len(m.Headers)-1].Unmarshal(dAtA[iNdEx:postIndex]); err != nil {
+				return err
+			}
+			iNdEx = postIndex
 		default:
 			iNdEx = preIndex
 			skippy, err := skipQueryrange(dAtA[iNdEx:])
diff --git a/vendor/github.com/cortexproject/cortex/pkg/querier/queryrange/queryrange.proto b/vendor/github.com/cortexproject/cortex/pkg/querier/queryrange/queryrange.proto
index 188c6da328f..1725bdc4ef3 100644
--- a/vendor/github.com/cortexproject/cortex/pkg/querier/queryrange/queryrange.proto
+++ b/vendor/github.com/cortexproject/cortex/pkg/querier/queryrange/queryrange.proto
@@ -12,6 +12,10 @@ import "google/protobuf/any.proto";
 option (gogoproto.marshaler_all) = true;
 option (gogoproto.unmarshaler_all) = true;
 
+message PrometheusRequestHeader {
+  string Name = 1 [(gogoproto.jsontag) = "-"];
+  repeated string Values = 2 [(gogoproto.jsontag) = "-"];
+}
 message PrometheusRequest {
   string path = 1;
   int64 start = 2;
@@ -20,6 +24,7 @@ message PrometheusRequest {
   google.protobuf.Duration timeout = 5 [(gogoproto.stdduration) = true, (gogoproto.nullable) = false];
   string query = 6;
   CachingOptions cachingOptions = 7 [(gogoproto.nullable) = false];
+  repeated PrometheusRequestHeader Headers = 8 [(gogoproto.jsontag) = "-"];
 }
 
 message PrometheusResponseHeader {
diff --git a/vendor/github.com/cortexproject/cortex/pkg/querier/queryrange/results_cache.go b/vendor/github.com/cortexproject/cortex/pkg/querier/queryrange/results_cache.go
index 2cc346e8aff..68a89af5b54 100644
--- a/vendor/github.com/cortexproject/cortex/pkg/querier/queryrange/results_cache.go
+++ b/vendor/github.com/cortexproject/cortex/pkg/querier/queryrange/results_cache.go
@@ -19,7 +19,7 @@ import (
 	"github.com/pkg/errors"
 	"github.com/prometheus/client_golang/prometheus"
 	"github.com/prometheus/common/model"
-	"github.com/prometheus/prometheus/pkg/timestamp"
+	"github.com/prometheus/prometheus/model/timestamp"
 	"github.com/prometheus/prometheus/promql"
 	"github.com/prometheus/prometheus/promql/parser"
 	"github.com/uber/jaeger-client-go"
diff --git a/vendor/github.com/cortexproject/cortex/pkg/querier/queryrange/retry.go b/vendor/github.com/cortexproject/cortex/pkg/querier/queryrange/retry.go
index 0945b8cdf3e..72c97b3d1f1 100644
--- a/vendor/github.com/cortexproject/cortex/pkg/querier/queryrange/retry.go
+++ b/vendor/github.com/cortexproject/cortex/pkg/querier/queryrange/retry.go
@@ -2,6 +2,7 @@ package queryrange
 
 import (
 	"context"
+	"errors"
 
 	"github.com/go-kit/log"
 	"github.com/go-kit/log/level"
@@ -66,6 +67,10 @@ func (r retry) Do(ctx context.Context, req Request) (Response, error) {
 			return resp, nil
 		}
 
+		if errors.Is(err, context.Canceled) {
+			return nil, err
+		}
+
 		// Retry if we get a HTTP 500 or a non-HTTP error.
 		httpResp, ok := httpgrpc.HTTPResponseFromError(err)
 		if !ok || httpResp.Code/100 == 5 {
diff --git a/vendor/github.com/cortexproject/cortex/pkg/querier/queryrange/roundtrip.go b/vendor/github.com/cortexproject/cortex/pkg/querier/queryrange/roundtrip.go
index 2741afef6ed..4620ff4e458 100644
--- a/vendor/github.com/cortexproject/cortex/pkg/querier/queryrange/roundtrip.go
+++ b/vendor/github.com/cortexproject/cortex/pkg/querier/queryrange/roundtrip.go
@@ -26,6 +26,7 @@ import (
 
 	"github.com/go-kit/log"
 	"github.com/go-kit/log/level"
+	"github.com/grafana/dskit/flagext"
 	"github.com/opentracing/opentracing-go"
 	"github.com/pkg/errors"
 	"github.com/prometheus/client_golang/prometheus"
@@ -59,6 +60,8 @@ type Config struct {
 	CacheResults           bool `yaml:"cache_results"`
 	MaxRetries             int  `yaml:"max_retries"`
 	ShardedQueries         bool `yaml:"parallelise_shardable_queries"`
+	// List of headers which query_range middleware chain would forward to downstream querier.
+	ForwardHeaders flagext.StringSlice `yaml:"forward_headers_list"`
 }
 
 // RegisterFlags adds the flags required to config this to the given FlagSet.
@@ -68,6 +71,7 @@ func (cfg *Config) RegisterFlags(f *flag.FlagSet) {
 	f.BoolVar(&cfg.AlignQueriesWithStep, "querier.align-querier-with-step", false, "Mutate incoming queries to align their start and end with their step.")
 	f.BoolVar(&cfg.CacheResults, "querier.cache-results", false, "Cache query results.")
 	f.BoolVar(&cfg.ShardedQueries, "querier.parallelise-shardable-queries", false, "Perform query parallelisations based on storage sharding configuration and query ASTs. This feature is supported only by the chunks storage engine.")
+	f.Var(&cfg.ForwardHeaders, "frontend.forward-headers-list", "List of headers forwarded by the query Frontend to downstream querier.")
 	cfg.ResultsCacheConfig.RegisterFlags(f)
 }
 
@@ -213,7 +217,7 @@ func NewTripperware(
 	return func(next http.RoundTripper) http.RoundTripper {
 		// Finally, if the user selected any query range middleware, stitch it in.
 		if len(queryRangeMiddleware) > 0 {
-			queryrange := NewRoundTripper(next, codec, queryRangeMiddleware...)
+			queryrange := NewRoundTripper(next, codec, cfg.ForwardHeaders, queryRangeMiddleware...)
 			return RoundTripFunc(func(r *http.Request) (*http.Response, error) {
 				isQueryRange := strings.HasSuffix(r.URL.Path, "/query_range")
 				op := "query"
@@ -244,14 +248,16 @@ type roundTripper struct {
 	next    http.RoundTripper
 	handler Handler
 	codec   Codec
+	headers []string
 }
 
 // NewRoundTripper merges a set of middlewares into an handler, then inject it into the `next` roundtripper
 // using the codec to translate requests and responses.
-func NewRoundTripper(next http.RoundTripper, codec Codec, middlewares ...Middleware) http.RoundTripper {
+func NewRoundTripper(next http.RoundTripper, codec Codec, headers []string, middlewares ...Middleware) http.RoundTripper {
 	transport := roundTripper{
-		next:  next,
-		codec: codec,
+		next:    next,
+		codec:   codec,
+		headers: headers,
 	}
 	transport.handler = MergeMiddlewares(middlewares...).Wrap(&transport)
 	return transport
@@ -259,7 +265,8 @@ func NewRoundTripper(next http.RoundTripper, codec Codec, middlewares ...Middlew
 
 func (q roundTripper) RoundTrip(r *http.Request) (*http.Response, error) {
 
-	request, err := q.codec.DecodeRequest(r.Context(), r)
+	// include the headers specified in the roundTripper during decoding the request.
+	request, err := q.codec.DecodeRequest(r.Context(), r, q.headers)
 	if err != nil {
 		return nil, err
 	}
diff --git a/vendor/github.com/cortexproject/cortex/pkg/querier/queryrange/test_utils.go b/vendor/github.com/cortexproject/cortex/pkg/querier/queryrange/test_utils.go
index 8f87b3f8376..4b19b39dad4 100644
--- a/vendor/github.com/cortexproject/cortex/pkg/querier/queryrange/test_utils.go
+++ b/vendor/github.com/cortexproject/cortex/pkg/querier/queryrange/test_utils.go
@@ -7,7 +7,7 @@ import (
 
 	"github.com/pkg/errors"
 	"github.com/prometheus/common/model"
-	"github.com/prometheus/prometheus/pkg/labels"
+	"github.com/prometheus/prometheus/model/labels"
 	"github.com/prometheus/prometheus/storage"
 
 	"github.com/cortexproject/cortex/pkg/querier/astmapper"
diff --git a/vendor/github.com/cortexproject/cortex/pkg/querier/queryrange/value.go b/vendor/github.com/cortexproject/cortex/pkg/querier/queryrange/value.go
index eebad0fe430..435e8693203 100644
--- a/vendor/github.com/cortexproject/cortex/pkg/querier/queryrange/value.go
+++ b/vendor/github.com/cortexproject/cortex/pkg/querier/queryrange/value.go
@@ -3,7 +3,7 @@ package queryrange
 import (
 	"github.com/pkg/errors"
 	"github.com/prometheus/common/model"
-	"github.com/prometheus/prometheus/pkg/labels"
+	"github.com/prometheus/prometheus/model/labels"
 	"github.com/prometheus/prometheus/promql"
 	"github.com/prometheus/prometheus/promql/parser"
 	"github.com/prometheus/prometheus/storage"
diff --git a/vendor/github.com/cortexproject/cortex/pkg/querier/series/series_set.go b/vendor/github.com/cortexproject/cortex/pkg/querier/series/series_set.go
index 0fdfb109bbc..76896c6e8a6 100644
--- a/vendor/github.com/cortexproject/cortex/pkg/querier/series/series_set.go
+++ b/vendor/github.com/cortexproject/cortex/pkg/querier/series/series_set.go
@@ -20,7 +20,7 @@ import (
 	"sort"
 
 	"github.com/prometheus/common/model"
-	"github.com/prometheus/prometheus/pkg/labels"
+	"github.com/prometheus/prometheus/model/labels"
 	"github.com/prometheus/prometheus/storage"
 	"github.com/prometheus/prometheus/tsdb/chunkenc"
 
diff --git a/vendor/github.com/cortexproject/cortex/pkg/querier/tenantfederation/merge_queryable.go b/vendor/github.com/cortexproject/cortex/pkg/querier/tenantfederation/merge_queryable.go
index 2c4696d9237..697ced26d25 100644
--- a/vendor/github.com/cortexproject/cortex/pkg/querier/tenantfederation/merge_queryable.go
+++ b/vendor/github.com/cortexproject/cortex/pkg/querier/tenantfederation/merge_queryable.go
@@ -8,7 +8,7 @@ import (
 
 	"github.com/grafana/dskit/concurrency"
 	"github.com/pkg/errors"
-	"github.com/prometheus/prometheus/pkg/labels"
+	"github.com/prometheus/prometheus/model/labels"
 	"github.com/prometheus/prometheus/storage"
 	"github.com/prometheus/prometheus/tsdb/chunkenc"
 	tsdb_errors "github.com/prometheus/prometheus/tsdb/errors"
diff --git a/vendor/github.com/cortexproject/cortex/pkg/querier/testutils.go b/vendor/github.com/cortexproject/cortex/pkg/querier/testutils.go
index ca0f79fe7db..7b6932a9092 100644
--- a/vendor/github.com/cortexproject/cortex/pkg/querier/testutils.go
+++ b/vendor/github.com/cortexproject/cortex/pkg/querier/testutils.go
@@ -5,7 +5,7 @@ import (
 
 	"github.com/grafana/dskit/flagext"
 	"github.com/prometheus/common/model"
-	"github.com/prometheus/prometheus/pkg/labels"
+	"github.com/prometheus/prometheus/model/labels"
 	"github.com/prometheus/prometheus/scrape"
 	"github.com/stretchr/testify/mock"
 
diff --git a/vendor/github.com/cortexproject/cortex/pkg/querier/timeseries_series_set.go b/vendor/github.com/cortexproject/cortex/pkg/querier/timeseries_series_set.go
index 151565af9c1..ac1480e0361 100644
--- a/vendor/github.com/cortexproject/cortex/pkg/querier/timeseries_series_set.go
+++ b/vendor/github.com/cortexproject/cortex/pkg/querier/timeseries_series_set.go
@@ -3,7 +3,7 @@ package querier
 import (
 	"sort"
 
-	"github.com/prometheus/prometheus/pkg/labels"
+	"github.com/prometheus/prometheus/model/labels"
 	"github.com/prometheus/prometheus/storage"
 	"github.com/prometheus/prometheus/tsdb/chunkenc"
 
diff --git a/vendor/github.com/cortexproject/cortex/pkg/ruler/api.go b/vendor/github.com/cortexproject/cortex/pkg/ruler/api.go
index 00f3148c54f..e8dde218ff9 100644
--- a/vendor/github.com/cortexproject/cortex/pkg/ruler/api.go
+++ b/vendor/github.com/cortexproject/cortex/pkg/ruler/api.go
@@ -15,8 +15,8 @@ import (
 	"github.com/gorilla/mux"
 	"github.com/pkg/errors"
 	v1 "github.com/prometheus/client_golang/api/prometheus/v1"
-	"github.com/prometheus/prometheus/pkg/labels"
-	"github.com/prometheus/prometheus/pkg/rulefmt"
+	"github.com/prometheus/prometheus/model/labels"
+	"github.com/prometheus/prometheus/model/rulefmt"
 	"github.com/weaveworks/common/user"
 	"gopkg.in/yaml.v3"
 
diff --git a/vendor/github.com/cortexproject/cortex/pkg/ruler/compat.go b/vendor/github.com/cortexproject/cortex/pkg/ruler/compat.go
index 34758920184..e8daa993155 100644
--- a/vendor/github.com/cortexproject/cortex/pkg/ruler/compat.go
+++ b/vendor/github.com/cortexproject/cortex/pkg/ruler/compat.go
@@ -9,10 +9,10 @@ import (
 	"github.com/go-kit/log/level"
 	"github.com/prometheus/client_golang/prometheus"
 	"github.com/prometheus/client_golang/prometheus/promauto"
+	"github.com/prometheus/prometheus/model/exemplar"
+	"github.com/prometheus/prometheus/model/labels"
+	"github.com/prometheus/prometheus/model/value"
 	"github.com/prometheus/prometheus/notifier"
-	"github.com/prometheus/prometheus/pkg/exemplar"
-	"github.com/prometheus/prometheus/pkg/labels"
-	"github.com/prometheus/prometheus/pkg/value"
 	"github.com/prometheus/prometheus/promql"
 	"github.com/prometheus/prometheus/rules"
 	"github.com/prometheus/prometheus/storage"
@@ -41,7 +41,7 @@ type PusherAppender struct {
 	evaluationDelay time.Duration
 }
 
-func (a *PusherAppender) Append(_ uint64, l labels.Labels, t int64, v float64) (uint64, error) {
+func (a *PusherAppender) Append(_ storage.SeriesRef, l labels.Labels, t int64, v float64) (storage.SeriesRef, error) {
 	a.labels = append(a.labels, l)
 
 	// Adapt staleness markers for ruler evaluation delay. As the upstream code
@@ -63,7 +63,7 @@ func (a *PusherAppender) Append(_ uint64, l labels.Labels, t int64, v float64) (
 	return 0, nil
 }
 
-func (a *PusherAppender) AppendExemplar(_ uint64, _ labels.Labels, _ exemplar.Exemplar) (uint64, error) {
+func (a *PusherAppender) AppendExemplar(_ storage.SeriesRef, _ labels.Labels, _ exemplar.Exemplar) (storage.SeriesRef, error) {
 	return 0, errors.New("exemplars are unsupported")
 }
 
diff --git a/vendor/github.com/cortexproject/cortex/pkg/ruler/manager.go b/vendor/github.com/cortexproject/cortex/pkg/ruler/manager.go
index 7af5f079c54..2817498a9d4 100644
--- a/vendor/github.com/cortexproject/cortex/pkg/ruler/manager.go
+++ b/vendor/github.com/cortexproject/cortex/pkg/ruler/manager.go
@@ -13,8 +13,8 @@ import (
 	"github.com/prometheus/client_golang/prometheus"
 	"github.com/prometheus/client_golang/prometheus/promauto"
 	"github.com/prometheus/prometheus/config"
+	"github.com/prometheus/prometheus/model/rulefmt"
 	"github.com/prometheus/prometheus/notifier"
-	"github.com/prometheus/prometheus/pkg/rulefmt"
 	promRules "github.com/prometheus/prometheus/rules"
 	"github.com/weaveworks/common/user"
 	"golang.org/x/net/context/ctxhttp"
@@ -53,7 +53,7 @@ func NewDefaultMultiTenantManager(cfg Config, managerFactory ManagerFactory, reg
 		return nil, err
 	}
 
-	userManagerMetrics := NewManagerMetrics()
+	userManagerMetrics := NewManagerMetrics(cfg.DisableRuleGroupLabel)
 	if reg != nil {
 		reg.MustRegister(userManagerMetrics)
 	}
diff --git a/vendor/github.com/cortexproject/cortex/pkg/ruler/manager_metrics.go b/vendor/github.com/cortexproject/cortex/pkg/ruler/manager_metrics.go
index debaee881fe..79cd26f7632 100644
--- a/vendor/github.com/cortexproject/cortex/pkg/ruler/manager_metrics.go
+++ b/vendor/github.com/cortexproject/cortex/pkg/ruler/manager_metrics.go
@@ -9,7 +9,8 @@ import (
 // ManagerMetrics aggregates metrics exported by the Prometheus
 // rules package and returns them as Cortex metrics
 type ManagerMetrics struct {
-	regs *util.UserRegistries
+	regs                  *util.UserRegistries
+	disableRuleGroupLabel bool
 
 	EvalDuration         *prometheus.Desc
 	IterationDuration    *prometheus.Desc
@@ -25,9 +26,14 @@ type ManagerMetrics struct {
 }
 
 // NewManagerMetrics returns a ManagerMetrics struct
-func NewManagerMetrics() *ManagerMetrics {
+func NewManagerMetrics(disableRuleGroupLabel bool) *ManagerMetrics {
+	commonLabels := []string{"user"}
+	if !disableRuleGroupLabel {
+		commonLabels = append(commonLabels, "rule_group")
+	}
 	return &ManagerMetrics{
-		regs: util.NewUserRegistries(),
+		regs:                  util.NewUserRegistries(),
+		disableRuleGroupLabel: disableRuleGroupLabel,
 
 		EvalDuration: prometheus.NewDesc(
 			"cortex_prometheus_rule_evaluation_duration_seconds",
@@ -44,55 +50,55 @@ func NewManagerMetrics() *ManagerMetrics {
 		IterationsMissed: prometheus.NewDesc(
 			"cortex_prometheus_rule_group_iterations_missed_total",
 			"The total number of rule group evaluations missed due to slow rule group evaluation.",
-			[]string{"user", "rule_group"},
+			commonLabels,
 			nil,
 		),
 		IterationsScheduled: prometheus.NewDesc(
 			"cortex_prometheus_rule_group_iterations_total",
 			"The total number of scheduled rule group evaluations, whether executed or missed.",
-			[]string{"user", "rule_group"},
+			commonLabels,
 			nil,
 		),
 		EvalTotal: prometheus.NewDesc(
 			"cortex_prometheus_rule_evaluations_total",
 			"The total number of rule evaluations.",
-			[]string{"user", "rule_group"},
+			commonLabels,
 			nil,
 		),
 		EvalFailures: prometheus.NewDesc(
 			"cortex_prometheus_rule_evaluation_failures_total",
 			"The total number of rule evaluation failures.",
-			[]string{"user", "rule_group"},
+			commonLabels,
 			nil,
 		),
 		GroupInterval: prometheus.NewDesc(
 			"cortex_prometheus_rule_group_interval_seconds",
 			"The interval of a rule group.",
-			[]string{"user", "rule_group"},
+			commonLabels,
 			nil,
 		),
 		GroupLastEvalTime: prometheus.NewDesc(
 			"cortex_prometheus_rule_group_last_evaluation_timestamp_seconds",
 			"The timestamp of the last rule group evaluation in seconds.",
-			[]string{"user", "rule_group"},
+			commonLabels,
 			nil,
 		),
 		GroupLastDuration: prometheus.NewDesc(
 			"cortex_prometheus_rule_group_last_duration_seconds",
 			"The duration of the last rule group evaluation.",
-			[]string{"user", "rule_group"},
+			commonLabels,
 			nil,
 		),
 		GroupRules: prometheus.NewDesc(
 			"cortex_prometheus_rule_group_rules",
 			"The number of rules.",
-			[]string{"user", "rule_group"},
+			commonLabels,
 			nil,
 		),
 		GroupLastEvalSamples: prometheus.NewDesc(
 			"cortex_prometheus_last_evaluation_samples",
 			"The number of samples returned during the last rule group evaluation.",
-			[]string{"user", "rule_group"},
+			commonLabels,
 			nil,
 		),
 	}
@@ -126,7 +132,10 @@ func (m *ManagerMetrics) Describe(out chan<- *prometheus.Desc) {
 // Collect implements the Collector interface
 func (m *ManagerMetrics) Collect(out chan<- prometheus.Metric) {
 	data := m.regs.BuildMetricFamiliesPerUser()
-
+	labels := []string{}
+	if !m.disableRuleGroupLabel {
+		labels = append(labels, "rule_group")
+	}
 	// WARNING: It is important that all metrics generated in this method are "Per User".
 	// Thanks to that we can actually *remove* metrics for given user (see RemoveUserRegistry).
 	// If same user is later re-added, all metrics will start from 0, which is fine.
@@ -134,13 +143,13 @@ func (m *ManagerMetrics) Collect(out chan<- prometheus.Metric) {
 	data.SendSumOfSummariesPerUser(out, m.EvalDuration, "prometheus_rule_evaluation_duration_seconds")
 	data.SendSumOfSummariesPerUser(out, m.IterationDuration, "prometheus_rule_group_duration_seconds")
 
-	data.SendSumOfCountersPerUserWithLabels(out, m.IterationsMissed, "prometheus_rule_group_iterations_missed_total", "rule_group")
-	data.SendSumOfCountersPerUserWithLabels(out, m.IterationsScheduled, "prometheus_rule_group_iterations_total", "rule_group")
-	data.SendSumOfCountersPerUserWithLabels(out, m.EvalTotal, "prometheus_rule_evaluations_total", "rule_group")
-	data.SendSumOfCountersPerUserWithLabels(out, m.EvalFailures, "prometheus_rule_evaluation_failures_total", "rule_group")
-	data.SendSumOfGaugesPerUserWithLabels(out, m.GroupInterval, "prometheus_rule_group_interval_seconds", "rule_group")
-	data.SendSumOfGaugesPerUserWithLabels(out, m.GroupLastEvalTime, "prometheus_rule_group_last_evaluation_timestamp_seconds", "rule_group")
-	data.SendSumOfGaugesPerUserWithLabels(out, m.GroupLastDuration, "prometheus_rule_group_last_duration_seconds", "rule_group")
-	data.SendSumOfGaugesPerUserWithLabels(out, m.GroupRules, "prometheus_rule_group_rules", "rule_group")
-	data.SendSumOfGaugesPerUserWithLabels(out, m.GroupLastEvalSamples, "prometheus_rule_group_last_evaluation_samples", "rule_group")
+	data.SendSumOfCountersPerUserWithLabels(out, m.IterationsMissed, "prometheus_rule_group_iterations_missed_total", labels...)
+	data.SendSumOfCountersPerUserWithLabels(out, m.IterationsScheduled, "prometheus_rule_group_iterations_total", labels...)
+	data.SendSumOfCountersPerUserWithLabels(out, m.EvalTotal, "prometheus_rule_evaluations_total", labels...)
+	data.SendSumOfCountersPerUserWithLabels(out, m.EvalFailures, "prometheus_rule_evaluation_failures_total", labels...)
+	data.SendSumOfGaugesPerUserWithLabels(out, m.GroupInterval, "prometheus_rule_group_interval_seconds", labels...)
+	data.SendSumOfGaugesPerUserWithLabels(out, m.GroupLastEvalTime, "prometheus_rule_group_last_evaluation_timestamp_seconds", labels...)
+	data.SendSumOfGaugesPerUserWithLabels(out, m.GroupLastDuration, "prometheus_rule_group_last_duration_seconds", labels...)
+	data.SendSumOfGaugesPerUserWithLabels(out, m.GroupRules, "prometheus_rule_group_rules", labels...)
+	data.SendSumOfGaugesPerUserWithLabels(out, m.GroupLastEvalSamples, "prometheus_rule_group_last_evaluation_samples", labels...)
 }
diff --git a/vendor/github.com/cortexproject/cortex/pkg/ruler/mapper.go b/vendor/github.com/cortexproject/cortex/pkg/ruler/mapper.go
index 4b5ab60e26f..c3b715b7e10 100644
--- a/vendor/github.com/cortexproject/cortex/pkg/ruler/mapper.go
+++ b/vendor/github.com/cortexproject/cortex/pkg/ruler/mapper.go
@@ -8,7 +8,7 @@ import (
 
 	"github.com/go-kit/log"
 	"github.com/go-kit/log/level"
-	"github.com/prometheus/prometheus/pkg/rulefmt"
+	"github.com/prometheus/prometheus/model/rulefmt"
 	"github.com/spf13/afero"
 	"gopkg.in/yaml.v3"
 )
diff --git a/vendor/github.com/cortexproject/cortex/pkg/ruler/ruler.go b/vendor/github.com/cortexproject/cortex/pkg/ruler/ruler.go
index 6cb506dc68c..edf4342e441 100644
--- a/vendor/github.com/cortexproject/cortex/pkg/ruler/ruler.go
+++ b/vendor/github.com/cortexproject/cortex/pkg/ruler/ruler.go
@@ -23,8 +23,8 @@ import (
 	"github.com/pkg/errors"
 	"github.com/prometheus/client_golang/prometheus"
 	"github.com/prometheus/client_golang/prometheus/promauto"
+	"github.com/prometheus/prometheus/model/rulefmt"
 	"github.com/prometheus/prometheus/notifier"
-	"github.com/prometheus/prometheus/pkg/rulefmt"
 	promRules "github.com/prometheus/prometheus/rules"
 	"github.com/prometheus/prometheus/util/strutil"
 	"github.com/weaveworks/common/user"
@@ -115,7 +115,8 @@ type Config struct {
 
 	RingCheckPeriod time.Duration `yaml:"-"`
 
-	EnableQueryStats bool `yaml:"query_stats_enabled"`
+	EnableQueryStats      bool `yaml:"query_stats_enabled"`
+	DisableRuleGroupLabel bool `yaml:"disable_rule_group_label"`
 }
 
 // Validate config and returns error on failure
@@ -179,6 +180,7 @@ func (cfg *Config) RegisterFlags(f *flag.FlagSet) {
 	f.Var(&cfg.DisabledTenants, "ruler.disabled-tenants", "Comma separated list of tenants whose rules this ruler cannot evaluate. If specified, a ruler that would normally pick the specified tenant(s) for processing will ignore them instead. Subject to sharding.")
 
 	f.BoolVar(&cfg.EnableQueryStats, "ruler.query-stats-enabled", false, "Report the wall time for ruler queries to complete as a per user metric and as an info level log message.")
+	f.BoolVar(&cfg.DisableRuleGroupLabel, "ruler.disable-rule-group-label", false, "Disable the rule_group label on exported metrics")
 
 	cfg.RingCheckPeriod = 5 * time.Second
 }
diff --git a/vendor/github.com/cortexproject/cortex/pkg/ruler/rulespb/compat.go b/vendor/github.com/cortexproject/cortex/pkg/ruler/rulespb/compat.go
index f181c01843b..9c2524c04e4 100644
--- a/vendor/github.com/cortexproject/cortex/pkg/ruler/rulespb/compat.go
+++ b/vendor/github.com/cortexproject/cortex/pkg/ruler/rulespb/compat.go
@@ -4,8 +4,8 @@ import (
 	"time"
 
 	"github.com/prometheus/common/model"
-	"github.com/prometheus/prometheus/pkg/labels"
-	"github.com/prometheus/prometheus/pkg/rulefmt"
+	"github.com/prometheus/prometheus/model/labels"
+	"github.com/prometheus/prometheus/model/rulefmt"
 	"gopkg.in/yaml.v3"
 
 	"github.com/cortexproject/cortex/pkg/cortexpb" //lint:ignore faillint allowed to import other protobuf
diff --git a/vendor/github.com/cortexproject/cortex/pkg/ruler/rulespb/custom.go b/vendor/github.com/cortexproject/cortex/pkg/ruler/rulespb/custom.go
index b0043092829..d896afa1499 100644
--- a/vendor/github.com/cortexproject/cortex/pkg/ruler/rulespb/custom.go
+++ b/vendor/github.com/cortexproject/cortex/pkg/ruler/rulespb/custom.go
@@ -1,6 +1,6 @@
 package rulespb
 
-import "github.com/prometheus/prometheus/pkg/rulefmt"
+import "github.com/prometheus/prometheus/model/rulefmt"
 
 // RuleGroupList contains a set of rule groups
 type RuleGroupList []*RuleGroupDesc
diff --git a/vendor/github.com/cortexproject/cortex/pkg/storage/bucket/azure/bucket_client.go b/vendor/github.com/cortexproject/cortex/pkg/storage/bucket/azure/bucket_client.go
index 522330b4f9d..3e9b9bed993 100644
--- a/vendor/github.com/cortexproject/cortex/pkg/storage/bucket/azure/bucket_client.go
+++ b/vendor/github.com/cortexproject/cortex/pkg/storage/bucket/azure/bucket_client.go
@@ -2,6 +2,7 @@ package azure
 
 import (
 	"github.com/go-kit/log"
+	"github.com/prometheus/common/model"
 	"github.com/thanos-io/thanos/pkg/objstore"
 	"github.com/thanos-io/thanos/pkg/objstore/azure"
 	yaml "gopkg.in/yaml.v2"
@@ -14,6 +15,16 @@ func NewBucketClient(cfg Config, name string, logger log.Logger) (objstore.Bucke
 		ContainerName:      cfg.ContainerName,
 		Endpoint:           cfg.Endpoint,
 		MaxRetries:         cfg.MaxRetries,
+		HTTPConfig: azure.HTTPConfig{
+			IdleConnTimeout:       model.Duration(cfg.IdleConnTimeout),
+			ResponseHeaderTimeout: model.Duration(cfg.ResponseHeaderTimeout),
+			InsecureSkipVerify:    cfg.InsecureSkipVerify,
+			TLSHandshakeTimeout:   model.Duration(cfg.TLSHandshakeTimeout),
+			ExpectContinueTimeout: model.Duration(cfg.ExpectContinueTimeout),
+			MaxIdleConns:          cfg.MaxIdleConns,
+			MaxIdleConnsPerHost:   cfg.MaxIdleConnsPerHost,
+			MaxConnsPerHost:       cfg.MaxConnsPerHost,
+		},
 	}
 
 	// Thanos currently doesn't support passing the config as is, but expects a YAML,
diff --git a/vendor/github.com/cortexproject/cortex/pkg/storage/bucket/azure/config.go b/vendor/github.com/cortexproject/cortex/pkg/storage/bucket/azure/config.go
index df17f76bff9..eb41b5f4f08 100644
--- a/vendor/github.com/cortexproject/cortex/pkg/storage/bucket/azure/config.go
+++ b/vendor/github.com/cortexproject/cortex/pkg/storage/bucket/azure/config.go
@@ -4,6 +4,8 @@ import (
 	"flag"
 
 	"github.com/grafana/dskit/flagext"
+
+	"github.com/cortexproject/cortex/pkg/storage/bucket/http"
 )
 
 // Config holds the config options for an Azure backend
@@ -13,6 +15,8 @@ type Config struct {
 	ContainerName      string         `yaml:"container_name"`
 	Endpoint           string         `yaml:"endpoint_suffix"`
 	MaxRetries         int            `yaml:"max_retries"`
+
+	http.Config `yaml:"http"`
 }
 
 // RegisterFlags registers the flags for Azure storage
@@ -27,4 +31,5 @@ func (cfg *Config) RegisterFlagsWithPrefix(prefix string, f *flag.FlagSet) {
 	f.StringVar(&cfg.ContainerName, prefix+"azure.container-name", "", "Azure storage container name")
 	f.StringVar(&cfg.Endpoint, prefix+"azure.endpoint-suffix", "", "Azure storage endpoint suffix without schema. The account name will be prefixed to this value to create the FQDN")
 	f.IntVar(&cfg.MaxRetries, prefix+"azure.max-retries", 20, "Number of retries for recoverable errors")
+	cfg.Config.RegisterFlagsWithPrefix(prefix+"azure.", f)
 }
diff --git a/vendor/github.com/cortexproject/cortex/pkg/storage/bucket/client.go b/vendor/github.com/cortexproject/cortex/pkg/storage/bucket/client.go
index d6515ca93b0..245c3edef43 100644
--- a/vendor/github.com/cortexproject/cortex/pkg/storage/bucket/client.go
+++ b/vendor/github.com/cortexproject/cortex/pkg/storage/bucket/client.go
@@ -78,7 +78,7 @@ func (cfg *Config) RegisterFlagsWithPrefix(prefix string, f *flag.FlagSet) {
 	cfg.Swift.RegisterFlagsWithPrefix(prefix, f)
 	cfg.Filesystem.RegisterFlagsWithPrefix(prefix, f)
 
-	f.StringVar(&cfg.Backend, prefix+"backend", "s3", fmt.Sprintf("Backend storage to use. Supported backends are: %s.", strings.Join(cfg.supportedBackends(), ", ")))
+	f.StringVar(&cfg.Backend, prefix+"backend", S3, fmt.Sprintf("Backend storage to use. Supported backends are: %s.", strings.Join(cfg.supportedBackends(), ", ")))
 }
 
 func (cfg *Config) Validate() error {
diff --git a/vendor/github.com/cortexproject/cortex/pkg/storage/bucket/http/config.go b/vendor/github.com/cortexproject/cortex/pkg/storage/bucket/http/config.go
new file mode 100644
index 00000000000..1c83e1f311b
--- /dev/null
+++ b/vendor/github.com/cortexproject/cortex/pkg/storage/bucket/http/config.go
@@ -0,0 +1,35 @@
+package http
+
+import (
+	"flag"
+	"time"
+)
+
+// Config stores the http.Client configuration for the storage clients.
+type Config struct {
+	IdleConnTimeout       time.Duration `yaml:"idle_conn_timeout"`
+	ResponseHeaderTimeout time.Duration `yaml:"response_header_timeout"`
+	InsecureSkipVerify    bool          `yaml:"insecure_skip_verify"`
+	TLSHandshakeTimeout   time.Duration `yaml:"tls_handshake_timeout"`
+	ExpectContinueTimeout time.Duration `yaml:"expect_continue_timeout"`
+	MaxIdleConns          int           `yaml:"max_idle_connections"`
+	MaxIdleConnsPerHost   int           `yaml:"max_idle_connections_per_host"`
+	MaxConnsPerHost       int           `yaml:"max_connections_per_host"`
+}
+
+// RegisterFlags registers the flags for the storage HTTP client.
+func (cfg *Config) RegisterFlags(f *flag.FlagSet) {
+	cfg.RegisterFlagsWithPrefix("", f)
+}
+
+// RegisterFlagsWithPrefix registers the flags for the storage HTTP client with the provided prefix.
+func (cfg *Config) RegisterFlagsWithPrefix(prefix string, f *flag.FlagSet) {
+	f.DurationVar(&cfg.IdleConnTimeout, prefix+"http.idle-conn-timeout", 90*time.Second, "The time an idle connection will remain idle before closing.")
+	f.DurationVar(&cfg.ResponseHeaderTimeout, prefix+"http.response-header-timeout", 2*time.Minute, "The amount of time the client will wait for a servers response headers.")
+	f.BoolVar(&cfg.InsecureSkipVerify, prefix+"http.insecure-skip-verify", false, "If the client connects via HTTPS and this option is enabled, the client will accept any certificate and hostname.")
+	f.DurationVar(&cfg.TLSHandshakeTimeout, prefix+"tls-handshake-timeout", 10*time.Second, "Maximum time to wait for a TLS handshake. 0 means no limit.")
+	f.DurationVar(&cfg.ExpectContinueTimeout, prefix+"expect-continue-timeout", 1*time.Second, "The time to wait for a server's first response headers after fully writing the request headers if the request has an Expect header. 0 to send the request body immediately.")
+	f.IntVar(&cfg.MaxIdleConns, prefix+"max-idle-connections", 100, "Maximum number of idle (keep-alive) connections across all hosts. 0 means no limit.")
+	f.IntVar(&cfg.MaxIdleConnsPerHost, prefix+"max-idle-connections-per-host", 100, "Maximum number of idle (keep-alive) connections to keep per-host. If 0, a built-in default value is used.")
+	f.IntVar(&cfg.MaxConnsPerHost, prefix+"max-connections-per-host", 0, "Maximum number of connections per host. 0 means no limit.")
+}
diff --git a/vendor/github.com/cortexproject/cortex/pkg/storage/bucket/s3/config.go b/vendor/github.com/cortexproject/cortex/pkg/storage/bucket/s3/config.go
index 156edba2ef2..4bbd7051f9f 100644
--- a/vendor/github.com/cortexproject/cortex/pkg/storage/bucket/s3/config.go
+++ b/vendor/github.com/cortexproject/cortex/pkg/storage/bucket/s3/config.go
@@ -6,13 +6,13 @@ import (
 	"fmt"
 	"net/http"
 	"strings"
-	"time"
 
 	"github.com/grafana/dskit/flagext"
 	"github.com/minio/minio-go/v7/pkg/encrypt"
 	"github.com/pkg/errors"
 	"github.com/thanos-io/thanos/pkg/objstore/s3"
 
+	bucket_http "github.com/cortexproject/cortex/pkg/storage/bucket/http"
 	"github.com/cortexproject/cortex/pkg/util"
 )
 
@@ -39,14 +39,7 @@ var (
 
 // HTTPConfig stores the http.Transport configuration for the s3 minio client.
 type HTTPConfig struct {
-	IdleConnTimeout       time.Duration `yaml:"idle_conn_timeout"`
-	ResponseHeaderTimeout time.Duration `yaml:"response_header_timeout"`
-	InsecureSkipVerify    bool          `yaml:"insecure_skip_verify"`
-	TLSHandshakeTimeout   time.Duration `yaml:"tls_handshake_timeout"`
-	ExpectContinueTimeout time.Duration `yaml:"expect_continue_timeout"`
-	MaxIdleConns          int           `yaml:"max_idle_connections"`
-	MaxIdleConnsPerHost   int           `yaml:"max_idle_connections_per_host"`
-	MaxConnsPerHost       int           `yaml:"max_connections_per_host"`
+	bucket_http.Config `yaml:",inline"`
 
 	// Allow upstream callers to inject a round tripper
 	Transport http.RoundTripper `yaml:"-"`
@@ -54,14 +47,7 @@ type HTTPConfig struct {
 
 // RegisterFlagsWithPrefix registers the flags for s3 storage with the provided prefix
 func (cfg *HTTPConfig) RegisterFlagsWithPrefix(prefix string, f *flag.FlagSet) {
-	f.DurationVar(&cfg.IdleConnTimeout, prefix+"s3.http.idle-conn-timeout", 90*time.Second, "The time an idle connection will remain idle before closing.")
-	f.DurationVar(&cfg.ResponseHeaderTimeout, prefix+"s3.http.response-header-timeout", 2*time.Minute, "The amount of time the client will wait for a servers response headers.")
-	f.BoolVar(&cfg.InsecureSkipVerify, prefix+"s3.http.insecure-skip-verify", false, "If the client connects to S3 via HTTPS and this option is enabled, the client will accept any certificate and hostname.")
-	f.DurationVar(&cfg.TLSHandshakeTimeout, prefix+"s3.tls-handshake-timeout", 10*time.Second, "Maximum time to wait for a TLS handshake. 0 means no limit.")
-	f.DurationVar(&cfg.ExpectContinueTimeout, prefix+"s3.expect-continue-timeout", 1*time.Second, "The time to wait for a server's first response headers after fully writing the request headers if the request has an Expect header. 0 to send the request body immediately.")
-	f.IntVar(&cfg.MaxIdleConns, prefix+"s3.max-idle-connections", 100, "Maximum number of idle (keep-alive) connections across all hosts. 0 means no limit.")
-	f.IntVar(&cfg.MaxIdleConnsPerHost, prefix+"s3.max-idle-connections-per-host", 100, "Maximum number of idle (keep-alive) connections to keep per-host. If 0, a built-in default value is used.")
-	f.IntVar(&cfg.MaxConnsPerHost, prefix+"s3.max-connections-per-host", 0, "Maximum number of connections per host. 0 means no limit.")
+	cfg.Config.RegisterFlagsWithPrefix(prefix+"s3.", f)
 }
 
 // Config holds the config options for an S3 backend
diff --git a/vendor/github.com/cortexproject/cortex/pkg/util/chunkcompat/compat.go b/vendor/github.com/cortexproject/cortex/pkg/util/chunkcompat/compat.go
index afe6370dc6c..8021497e488 100644
--- a/vendor/github.com/cortexproject/cortex/pkg/util/chunkcompat/compat.go
+++ b/vendor/github.com/cortexproject/cortex/pkg/util/chunkcompat/compat.go
@@ -4,7 +4,7 @@ import (
 	"bytes"
 
 	"github.com/prometheus/common/model"
-	"github.com/prometheus/prometheus/pkg/labels"
+	"github.com/prometheus/prometheus/model/labels"
 
 	"github.com/cortexproject/cortex/pkg/chunk"
 	prom_chunk "github.com/cortexproject/cortex/pkg/chunk/encoding"
diff --git a/vendor/github.com/cortexproject/cortex/pkg/util/extract/extract.go b/vendor/github.com/cortexproject/cortex/pkg/util/extract/extract.go
index ca6684db99c..4e9eb8ec297 100644
--- a/vendor/github.com/cortexproject/cortex/pkg/util/extract/extract.go
+++ b/vendor/github.com/cortexproject/cortex/pkg/util/extract/extract.go
@@ -4,7 +4,7 @@ import (
 	"fmt"
 
 	"github.com/prometheus/common/model"
-	"github.com/prometheus/prometheus/pkg/labels"
+	"github.com/prometheus/prometheus/model/labels"
 
 	"github.com/cortexproject/cortex/pkg/cortexpb"
 )
diff --git a/vendor/github.com/cortexproject/cortex/pkg/util/labels.go b/vendor/github.com/cortexproject/cortex/pkg/util/labels.go
index e77b9a6dbeb..c1bc12653f7 100644
--- a/vendor/github.com/cortexproject/cortex/pkg/util/labels.go
+++ b/vendor/github.com/cortexproject/cortex/pkg/util/labels.go
@@ -4,7 +4,7 @@ import (
 	"strings"
 
 	"github.com/prometheus/common/model"
-	"github.com/prometheus/prometheus/pkg/labels"
+	"github.com/prometheus/prometheus/model/labels"
 )
 
 // LabelsToMetric converts a Labels to Metric
diff --git a/vendor/github.com/cortexproject/cortex/pkg/util/matchers.go b/vendor/github.com/cortexproject/cortex/pkg/util/matchers.go
index 08af2d49770..d0ee099b54f 100644
--- a/vendor/github.com/cortexproject/cortex/pkg/util/matchers.go
+++ b/vendor/github.com/cortexproject/cortex/pkg/util/matchers.go
@@ -1,7 +1,7 @@
 package util
 
 import (
-	"github.com/prometheus/prometheus/pkg/labels"
+	"github.com/prometheus/prometheus/model/labels"
 )
 
 // SplitFiltersAndMatchers splits empty matchers off, which are treated as filters, see #220
diff --git a/vendor/github.com/cortexproject/cortex/pkg/util/metrics_helper.go b/vendor/github.com/cortexproject/cortex/pkg/util/metrics_helper.go
index 51a1ab2c053..efa8731a8b0 100644
--- a/vendor/github.com/cortexproject/cortex/pkg/util/metrics_helper.go
+++ b/vendor/github.com/cortexproject/cortex/pkg/util/metrics_helper.go
@@ -10,7 +10,7 @@ import (
 	"github.com/go-kit/log/level"
 	"github.com/prometheus/client_golang/prometheus"
 	dto "github.com/prometheus/client_model/go"
-	"github.com/prometheus/prometheus/pkg/labels"
+	"github.com/prometheus/prometheus/model/labels"
 	tsdb_errors "github.com/prometheus/prometheus/tsdb/errors"
 
 	util_log "github.com/cortexproject/cortex/pkg/util/log"
diff --git a/vendor/github.com/cortexproject/cortex/pkg/util/validation/limits.go b/vendor/github.com/cortexproject/cortex/pkg/util/validation/limits.go
index 9834eec7b63..f7fbc00a28a 100644
--- a/vendor/github.com/cortexproject/cortex/pkg/util/validation/limits.go
+++ b/vendor/github.com/cortexproject/cortex/pkg/util/validation/limits.go
@@ -11,7 +11,7 @@ import (
 
 	"github.com/grafana/dskit/flagext"
 	"github.com/prometheus/common/model"
-	"github.com/prometheus/prometheus/pkg/relabel"
+	"github.com/prometheus/prometheus/model/relabel"
 	"golang.org/x/time/rate"
 )
 
diff --git a/vendor/github.com/envoyproxy/go-control-plane/LICENSE b/vendor/github.com/envoyproxy/go-control-plane/LICENSE
new file mode 100644
index 00000000000..8dada3edaf5
--- /dev/null
+++ b/vendor/github.com/envoyproxy/go-control-plane/LICENSE
@@ -0,0 +1,201 @@
+                                 Apache License
+                           Version 2.0, January 2004
+                        http://www.apache.org/licenses/
+
+   TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION
+
+   1. Definitions.
+
+      "License" shall mean the terms and conditions for use, reproduction,
+      and distribution as defined by Sections 1 through 9 of this document.
+
+      "Licensor" shall mean the copyright owner or entity authorized by
+      the copyright owner that is granting the License.
+
+      "Legal Entity" shall mean the union of the acting entity and all
+      other entities that control, are controlled by, or are under common
+      control with that entity. For the purposes of this definition,
+      "control" means (i) the power, direct or indirect, to cause the
+      direction or management of such entity, whether by contract or
+      otherwise, or (ii) ownership of fifty percent (50%) or more of the
+      outstanding shares, or (iii) beneficial ownership of such entity.
+
+      "You" (or "Your") shall mean an individual or Legal Entity
+      exercising permissions granted by this License.
+
+      "Source" form shall mean the preferred form for making modifications,
+      including but not limited to software source code, documentation
+      source, and configuration files.
+
+      "Object" form shall mean any form resulting from mechanical
+      transformation or translation of a Source form, including but
+      not limited to compiled object code, generated documentation,
+      and conversions to other media types.
+
+      "Work" shall mean the work of authorship, whether in Source or
+      Object form, made available under the License, as indicated by a
+      copyright notice that is included in or attached to the work
+      (an example is provided in the Appendix below).
+
+      "Derivative Works" shall mean any work, whether in Source or Object
+      form, that is based on (or derived from) the Work and for which the
+      editorial revisions, annotations, elaborations, or other modifications
+      represent, as a whole, an original work of authorship. For the purposes
+      of this License, Derivative Works shall not include works that remain
+      separable from, or merely link (or bind by name) to the interfaces of,
+      the Work and Derivative Works thereof.
+
+      "Contribution" shall mean any work of authorship, including
+      the original version of the Work and any modifications or additions
+      to that Work or Derivative Works thereof, that is intentionally
+      submitted to Licensor for inclusion in the Work by the copyright owner
+      or by an individual or Legal Entity authorized to submit on behalf of
+      the copyright owner. For the purposes of this definition, "submitted"
+      means any form of electronic, verbal, or written communication sent
+      to the Licensor or its representatives, including but not limited to
+      communication on electronic mailing lists, source code control systems,
+      and issue tracking systems that are managed by, or on behalf of, the
+      Licensor for the purpose of discussing and improving the Work, but
+      excluding communication that is conspicuously marked or otherwise
+      designated in writing by the copyright owner as "Not a Contribution."
+
+      "Contributor" shall mean Licensor and any individual or Legal Entity
+      on behalf of whom a Contribution has been received by Licensor and
+      subsequently incorporated within the Work.
+
+   2. Grant of Copyright License. Subject to the terms and conditions of
+      this License, each Contributor hereby grants to You a perpetual,
+      worldwide, non-exclusive, no-charge, royalty-free, irrevocable
+      copyright license to reproduce, prepare Derivative Works of,
+      publicly display, publicly perform, sublicense, and distribute the
+      Work and such Derivative Works in Source or Object form.
+
+   3. Grant of Patent License. Subject to the terms and conditions of
+      this License, each Contributor hereby grants to You a perpetual,
+      worldwide, non-exclusive, no-charge, royalty-free, irrevocable
+      (except as stated in this section) patent license to make, have made,
+      use, offer to sell, sell, import, and otherwise transfer the Work,
+      where such license applies only to those patent claims licensable
+      by such Contributor that are necessarily infringed by their
+      Contribution(s) alone or by combination of their Contribution(s)
+      with the Work to which such Contribution(s) was submitted. If You
+      institute patent litigation against any entity (including a
+      cross-claim or counterclaim in a lawsuit) alleging that the Work
+      or a Contribution incorporated within the Work constitutes direct
+      or contributory patent infringement, then any patent licenses
+      granted to You under this License for that Work shall terminate
+      as of the date such litigation is filed.
+
+   4. Redistribution. You may reproduce and distribute copies of the
+      Work or Derivative Works thereof in any medium, with or without
+      modifications, and in Source or Object form, provided that You
+      meet the following conditions:
+
+      (a) You must give any other recipients of the Work or
+          Derivative Works a copy of this License; and
+
+      (b) You must cause any modified files to carry prominent notices
+          stating that You changed the files; and
+
+      (c) You must retain, in the Source form of any Derivative Works
+          that You distribute, all copyright, patent, trademark, and
+          attribution notices from the Source form of the Work,
+          excluding those notices that do not pertain to any part of
+          the Derivative Works; and
+
+      (d) If the Work includes a "NOTICE" text file as part of its
+          distribution, then any Derivative Works that You distribute must
+          include a readable copy of the attribution notices contained
+          within such NOTICE file, excluding those notices that do not
+          pertain to any part of the Derivative Works, in at least one
+          of the following places: within a NOTICE text file distributed
+          as part of the Derivative Works; within the Source form or
+          documentation, if provided along with the Derivative Works; or,
+          within a display generated by the Derivative Works, if and
+          wherever such third-party notices normally appear. The contents
+          of the NOTICE file are for informational purposes only and
+          do not modify the License. You may add Your own attribution
+          notices within Derivative Works that You distribute, alongside
+          or as an addendum to the NOTICE text from the Work, provided
+          that such additional attribution notices cannot be construed
+          as modifying the License.
+
+      You may add Your own copyright statement to Your modifications and
+      may provide additional or different license terms and conditions
+      for use, reproduction, or distribution of Your modifications, or
+      for any such Derivative Works as a whole, provided Your use,
+      reproduction, and distribution of the Work otherwise complies with
+      the conditions stated in this License.
+
+   5. Submission of Contributions. Unless You explicitly state otherwise,
+      any Contribution intentionally submitted for inclusion in the Work
+      by You to the Licensor shall be under the terms and conditions of
+      this License, without any additional terms or conditions.
+      Notwithstanding the above, nothing herein shall supersede or modify
+      the terms of any separate license agreement you may have executed
+      with Licensor regarding such Contributions.
+
+   6. Trademarks. This License does not grant permission to use the trade
+      names, trademarks, service marks, or product names of the Licensor,
+      except as required for reasonable and customary use in describing the
+      origin of the Work and reproducing the content of the NOTICE file.
+
+   7. Disclaimer of Warranty. Unless required by applicable law or
+      agreed to in writing, Licensor provides the Work (and each
+      Contributor provides its Contributions) on an "AS IS" BASIS,
+      WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
+      implied, including, without limitation, any warranties or conditions
+      of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A
+      PARTICULAR PURPOSE. You are solely responsible for determining the
+      appropriateness of using or redistributing the Work and assume any
+      risks associated with Your exercise of permissions under this License.
+
+   8. Limitation of Liability. In no event and under no legal theory,
+      whether in tort (including negligence), contract, or otherwise,
+      unless required by applicable law (such as deliberate and grossly
+      negligent acts) or agreed to in writing, shall any Contributor be
+      liable to You for damages, including any direct, indirect, special,
+      incidental, or consequential damages of any character arising as a
+      result of this License or out of the use or inability to use the
+      Work (including but not limited to damages for loss of goodwill,
+      work stoppage, computer failure or malfunction, or any and all
+      other commercial damages or losses), even if such Contributor
+      has been advised of the possibility of such damages.
+
+   9. Accepting Warranty or Additional Liability. While redistributing
+      the Work or Derivative Works thereof, You may choose to offer,
+      and charge a fee for, acceptance of support, warranty, indemnity,
+      or other liability obligations and/or rights consistent with this
+      License. However, in accepting such obligations, You may act only
+      on Your own behalf and on Your sole responsibility, not on behalf
+      of any other Contributor, and only if You agree to indemnify,
+      defend, and hold each Contributor harmless for any liability
+      incurred by, or claims asserted against, such Contributor by reason
+      of your accepting any such warranty or additional liability.
+
+   END OF TERMS AND CONDITIONS
+
+   APPENDIX: How to apply the Apache License to your work.
+
+      To apply the Apache License to your work, attach the following
+      boilerplate notice, with the fields enclosed by brackets "{}"
+      replaced with your own identifying information. (Don't include
+      the brackets!)  The text should be enclosed in the appropriate
+      comment syntax for the file format. We also recommend that a
+      file or class name and description of purpose be included on the
+      same "printed page" as the copyright notice for easier
+      identification within third-party archives.
+
+   Copyright {yyyy} {name of copyright owner}
+
+   Licensed under the Apache License, Version 2.0 (the "License");
+   you may not use this file except in compliance with the License.
+   You may obtain a copy of the License at
+
+       http://www.apache.org/licenses/LICENSE-2.0
+
+   Unless required by applicable law or agreed to in writing, software
+   distributed under the License is distributed on an "AS IS" BASIS,
+   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+   See the License for the specific language governing permissions and
+   limitations under the License.
diff --git a/vendor/github.com/envoyproxy/go-control-plane/envoy/admin/v3/certs.pb.go b/vendor/github.com/envoyproxy/go-control-plane/envoy/admin/v3/certs.pb.go
new file mode 100644
index 00000000000..a8e9c37618e
--- /dev/null
+++ b/vendor/github.com/envoyproxy/go-control-plane/envoy/admin/v3/certs.pb.go
@@ -0,0 +1,607 @@
+// Code generated by protoc-gen-go. DO NOT EDIT.
+// versions:
+// 	protoc-gen-go v1.25.0
+// 	protoc        v3.19.1
+// source: envoy/admin/v3/certs.proto
+
+package envoy_admin_v3
+
+import (
+	_ "github.com/cncf/xds/go/udpa/annotations"
+	proto "github.com/golang/protobuf/proto"
+	timestamp "github.com/golang/protobuf/ptypes/timestamp"
+	protoreflect "google.golang.org/protobuf/reflect/protoreflect"
+	protoimpl "google.golang.org/protobuf/runtime/protoimpl"
+	reflect "reflect"
+	sync "sync"
+)
+
+const (
+	// Verify that this generated code is sufficiently up-to-date.
+	_ = protoimpl.EnforceVersion(20 - protoimpl.MinVersion)
+	// Verify that runtime/protoimpl is sufficiently up-to-date.
+	_ = protoimpl.EnforceVersion(protoimpl.MaxVersion - 20)
+)
+
+// This is a compile-time assertion that a sufficiently up-to-date version
+// of the legacy proto package is being used.
+const _ = proto.ProtoPackageIsVersion4
+
+// Proto representation of certificate details. Admin endpoint uses this wrapper for `/certs` to
+// display certificate information. See :ref:`/certs <operations_admin_interface_certs>` for more
+// information.
+type Certificates struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// List of certificates known to an Envoy.
+	Certificates []*Certificate `protobuf:"bytes,1,rep,name=certificates,proto3" json:"certificates,omitempty"`
+}
+
+func (x *Certificates) Reset() {
+	*x = Certificates{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_admin_v3_certs_proto_msgTypes[0]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *Certificates) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*Certificates) ProtoMessage() {}
+
+func (x *Certificates) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_admin_v3_certs_proto_msgTypes[0]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use Certificates.ProtoReflect.Descriptor instead.
+func (*Certificates) Descriptor() ([]byte, []int) {
+	return file_envoy_admin_v3_certs_proto_rawDescGZIP(), []int{0}
+}
+
+func (x *Certificates) GetCertificates() []*Certificate {
+	if x != nil {
+		return x.Certificates
+	}
+	return nil
+}
+
+type Certificate struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// Details of CA certificate.
+	CaCert []*CertificateDetails `protobuf:"bytes,1,rep,name=ca_cert,json=caCert,proto3" json:"ca_cert,omitempty"`
+	// Details of Certificate Chain
+	CertChain []*CertificateDetails `protobuf:"bytes,2,rep,name=cert_chain,json=certChain,proto3" json:"cert_chain,omitempty"`
+}
+
+func (x *Certificate) Reset() {
+	*x = Certificate{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_admin_v3_certs_proto_msgTypes[1]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *Certificate) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*Certificate) ProtoMessage() {}
+
+func (x *Certificate) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_admin_v3_certs_proto_msgTypes[1]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use Certificate.ProtoReflect.Descriptor instead.
+func (*Certificate) Descriptor() ([]byte, []int) {
+	return file_envoy_admin_v3_certs_proto_rawDescGZIP(), []int{1}
+}
+
+func (x *Certificate) GetCaCert() []*CertificateDetails {
+	if x != nil {
+		return x.CaCert
+	}
+	return nil
+}
+
+func (x *Certificate) GetCertChain() []*CertificateDetails {
+	if x != nil {
+		return x.CertChain
+	}
+	return nil
+}
+
+// [#next-free-field: 8]
+type CertificateDetails struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// Path of the certificate.
+	Path string `protobuf:"bytes,1,opt,name=path,proto3" json:"path,omitempty"`
+	// Certificate Serial Number.
+	SerialNumber string `protobuf:"bytes,2,opt,name=serial_number,json=serialNumber,proto3" json:"serial_number,omitempty"`
+	// List of Subject Alternate names.
+	SubjectAltNames []*SubjectAlternateName `protobuf:"bytes,3,rep,name=subject_alt_names,json=subjectAltNames,proto3" json:"subject_alt_names,omitempty"`
+	// Minimum of days until expiration of certificate and it's chain.
+	DaysUntilExpiration uint64 `protobuf:"varint,4,opt,name=days_until_expiration,json=daysUntilExpiration,proto3" json:"days_until_expiration,omitempty"`
+	// Indicates the time from which the certificate is valid.
+	ValidFrom *timestamp.Timestamp `protobuf:"bytes,5,opt,name=valid_from,json=validFrom,proto3" json:"valid_from,omitempty"`
+	// Indicates the time at which the certificate expires.
+	ExpirationTime *timestamp.Timestamp `protobuf:"bytes,6,opt,name=expiration_time,json=expirationTime,proto3" json:"expiration_time,omitempty"`
+	// Details related to the OCSP response associated with this certificate, if any.
+	OcspDetails *CertificateDetails_OcspDetails `protobuf:"bytes,7,opt,name=ocsp_details,json=ocspDetails,proto3" json:"ocsp_details,omitempty"`
+}
+
+func (x *CertificateDetails) Reset() {
+	*x = CertificateDetails{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_admin_v3_certs_proto_msgTypes[2]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *CertificateDetails) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*CertificateDetails) ProtoMessage() {}
+
+func (x *CertificateDetails) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_admin_v3_certs_proto_msgTypes[2]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use CertificateDetails.ProtoReflect.Descriptor instead.
+func (*CertificateDetails) Descriptor() ([]byte, []int) {
+	return file_envoy_admin_v3_certs_proto_rawDescGZIP(), []int{2}
+}
+
+func (x *CertificateDetails) GetPath() string {
+	if x != nil {
+		return x.Path
+	}
+	return ""
+}
+
+func (x *CertificateDetails) GetSerialNumber() string {
+	if x != nil {
+		return x.SerialNumber
+	}
+	return ""
+}
+
+func (x *CertificateDetails) GetSubjectAltNames() []*SubjectAlternateName {
+	if x != nil {
+		return x.SubjectAltNames
+	}
+	return nil
+}
+
+func (x *CertificateDetails) GetDaysUntilExpiration() uint64 {
+	if x != nil {
+		return x.DaysUntilExpiration
+	}
+	return 0
+}
+
+func (x *CertificateDetails) GetValidFrom() *timestamp.Timestamp {
+	if x != nil {
+		return x.ValidFrom
+	}
+	return nil
+}
+
+func (x *CertificateDetails) GetExpirationTime() *timestamp.Timestamp {
+	if x != nil {
+		return x.ExpirationTime
+	}
+	return nil
+}
+
+func (x *CertificateDetails) GetOcspDetails() *CertificateDetails_OcspDetails {
+	if x != nil {
+		return x.OcspDetails
+	}
+	return nil
+}
+
+type SubjectAlternateName struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// Subject Alternate Name.
+	//
+	// Types that are assignable to Name:
+	//	*SubjectAlternateName_Dns
+	//	*SubjectAlternateName_Uri
+	//	*SubjectAlternateName_IpAddress
+	Name isSubjectAlternateName_Name `protobuf_oneof:"name"`
+}
+
+func (x *SubjectAlternateName) Reset() {
+	*x = SubjectAlternateName{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_admin_v3_certs_proto_msgTypes[3]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *SubjectAlternateName) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*SubjectAlternateName) ProtoMessage() {}
+
+func (x *SubjectAlternateName) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_admin_v3_certs_proto_msgTypes[3]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use SubjectAlternateName.ProtoReflect.Descriptor instead.
+func (*SubjectAlternateName) Descriptor() ([]byte, []int) {
+	return file_envoy_admin_v3_certs_proto_rawDescGZIP(), []int{3}
+}
+
+func (m *SubjectAlternateName) GetName() isSubjectAlternateName_Name {
+	if m != nil {
+		return m.Name
+	}
+	return nil
+}
+
+func (x *SubjectAlternateName) GetDns() string {
+	if x, ok := x.GetName().(*SubjectAlternateName_Dns); ok {
+		return x.Dns
+	}
+	return ""
+}
+
+func (x *SubjectAlternateName) GetUri() string {
+	if x, ok := x.GetName().(*SubjectAlternateName_Uri); ok {
+		return x.Uri
+	}
+	return ""
+}
+
+func (x *SubjectAlternateName) GetIpAddress() string {
+	if x, ok := x.GetName().(*SubjectAlternateName_IpAddress); ok {
+		return x.IpAddress
+	}
+	return ""
+}
+
+type isSubjectAlternateName_Name interface {
+	isSubjectAlternateName_Name()
+}
+
+type SubjectAlternateName_Dns struct {
+	Dns string `protobuf:"bytes,1,opt,name=dns,proto3,oneof"`
+}
+
+type SubjectAlternateName_Uri struct {
+	Uri string `protobuf:"bytes,2,opt,name=uri,proto3,oneof"`
+}
+
+type SubjectAlternateName_IpAddress struct {
+	IpAddress string `protobuf:"bytes,3,opt,name=ip_address,json=ipAddress,proto3,oneof"`
+}
+
+func (*SubjectAlternateName_Dns) isSubjectAlternateName_Name() {}
+
+func (*SubjectAlternateName_Uri) isSubjectAlternateName_Name() {}
+
+func (*SubjectAlternateName_IpAddress) isSubjectAlternateName_Name() {}
+
+type CertificateDetails_OcspDetails struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// Indicates the time from which the OCSP response is valid.
+	ValidFrom *timestamp.Timestamp `protobuf:"bytes,1,opt,name=valid_from,json=validFrom,proto3" json:"valid_from,omitempty"`
+	// Indicates the time at which the OCSP response expires.
+	Expiration *timestamp.Timestamp `protobuf:"bytes,2,opt,name=expiration,proto3" json:"expiration,omitempty"`
+}
+
+func (x *CertificateDetails_OcspDetails) Reset() {
+	*x = CertificateDetails_OcspDetails{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_admin_v3_certs_proto_msgTypes[4]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *CertificateDetails_OcspDetails) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*CertificateDetails_OcspDetails) ProtoMessage() {}
+
+func (x *CertificateDetails_OcspDetails) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_admin_v3_certs_proto_msgTypes[4]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use CertificateDetails_OcspDetails.ProtoReflect.Descriptor instead.
+func (*CertificateDetails_OcspDetails) Descriptor() ([]byte, []int) {
+	return file_envoy_admin_v3_certs_proto_rawDescGZIP(), []int{2, 0}
+}
+
+func (x *CertificateDetails_OcspDetails) GetValidFrom() *timestamp.Timestamp {
+	if x != nil {
+		return x.ValidFrom
+	}
+	return nil
+}
+
+func (x *CertificateDetails_OcspDetails) GetExpiration() *timestamp.Timestamp {
+	if x != nil {
+		return x.Expiration
+	}
+	return nil
+}
+
+var File_envoy_admin_v3_certs_proto protoreflect.FileDescriptor
+
+var file_envoy_admin_v3_certs_proto_rawDesc = []byte{
+	0x0a, 0x1a, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2f, 0x61, 0x64, 0x6d, 0x69, 0x6e, 0x2f, 0x76, 0x33,
+	0x2f, 0x63, 0x65, 0x72, 0x74, 0x73, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x12, 0x0e, 0x65, 0x6e,
+	0x76, 0x6f, 0x79, 0x2e, 0x61, 0x64, 0x6d, 0x69, 0x6e, 0x2e, 0x76, 0x33, 0x1a, 0x1f, 0x67, 0x6f,
+	0x6f, 0x67, 0x6c, 0x65, 0x2f, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2f, 0x74, 0x69,
+	0x6d, 0x65, 0x73, 0x74, 0x61, 0x6d, 0x70, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x1d, 0x75,
+	0x64, 0x70, 0x61, 0x2f, 0x61, 0x6e, 0x6e, 0x6f, 0x74, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x2f,
+	0x73, 0x74, 0x61, 0x74, 0x75, 0x73, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x21, 0x75, 0x64,
+	0x70, 0x61, 0x2f, 0x61, 0x6e, 0x6e, 0x6f, 0x74, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x2f, 0x76,
+	0x65, 0x72, 0x73, 0x69, 0x6f, 0x6e, 0x69, 0x6e, 0x67, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x22,
+	0x78, 0x0a, 0x0c, 0x43, 0x65, 0x72, 0x74, 0x69, 0x66, 0x69, 0x63, 0x61, 0x74, 0x65, 0x73, 0x12,
+	0x3f, 0x0a, 0x0c, 0x63, 0x65, 0x72, 0x74, 0x69, 0x66, 0x69, 0x63, 0x61, 0x74, 0x65, 0x73, 0x18,
+	0x01, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x1b, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61, 0x64,
+	0x6d, 0x69, 0x6e, 0x2e, 0x76, 0x33, 0x2e, 0x43, 0x65, 0x72, 0x74, 0x69, 0x66, 0x69, 0x63, 0x61,
+	0x74, 0x65, 0x52, 0x0c, 0x63, 0x65, 0x72, 0x74, 0x69, 0x66, 0x69, 0x63, 0x61, 0x74, 0x65, 0x73,
+	0x3a, 0x27, 0x9a, 0xc5, 0x88, 0x1e, 0x22, 0x0a, 0x20, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61,
+	0x64, 0x6d, 0x69, 0x6e, 0x2e, 0x76, 0x32, 0x61, 0x6c, 0x70, 0x68, 0x61, 0x2e, 0x43, 0x65, 0x72,
+	0x74, 0x69, 0x66, 0x69, 0x63, 0x61, 0x74, 0x65, 0x73, 0x22, 0xb5, 0x01, 0x0a, 0x0b, 0x43, 0x65,
+	0x72, 0x74, 0x69, 0x66, 0x69, 0x63, 0x61, 0x74, 0x65, 0x12, 0x3b, 0x0a, 0x07, 0x63, 0x61, 0x5f,
+	0x63, 0x65, 0x72, 0x74, 0x18, 0x01, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x22, 0x2e, 0x65, 0x6e, 0x76,
+	0x6f, 0x79, 0x2e, 0x61, 0x64, 0x6d, 0x69, 0x6e, 0x2e, 0x76, 0x33, 0x2e, 0x43, 0x65, 0x72, 0x74,
+	0x69, 0x66, 0x69, 0x63, 0x61, 0x74, 0x65, 0x44, 0x65, 0x74, 0x61, 0x69, 0x6c, 0x73, 0x52, 0x06,
+	0x63, 0x61, 0x43, 0x65, 0x72, 0x74, 0x12, 0x41, 0x0a, 0x0a, 0x63, 0x65, 0x72, 0x74, 0x5f, 0x63,
+	0x68, 0x61, 0x69, 0x6e, 0x18, 0x02, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x22, 0x2e, 0x65, 0x6e, 0x76,
+	0x6f, 0x79, 0x2e, 0x61, 0x64, 0x6d, 0x69, 0x6e, 0x2e, 0x76, 0x33, 0x2e, 0x43, 0x65, 0x72, 0x74,
+	0x69, 0x66, 0x69, 0x63, 0x61, 0x74, 0x65, 0x44, 0x65, 0x74, 0x61, 0x69, 0x6c, 0x73, 0x52, 0x09,
+	0x63, 0x65, 0x72, 0x74, 0x43, 0x68, 0x61, 0x69, 0x6e, 0x3a, 0x26, 0x9a, 0xc5, 0x88, 0x1e, 0x21,
+	0x0a, 0x1f, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61, 0x64, 0x6d, 0x69, 0x6e, 0x2e, 0x76, 0x32,
+	0x61, 0x6c, 0x70, 0x68, 0x61, 0x2e, 0x43, 0x65, 0x72, 0x74, 0x69, 0x66, 0x69, 0x63, 0x61, 0x74,
+	0x65, 0x22, 0xdc, 0x04, 0x0a, 0x12, 0x43, 0x65, 0x72, 0x74, 0x69, 0x66, 0x69, 0x63, 0x61, 0x74,
+	0x65, 0x44, 0x65, 0x74, 0x61, 0x69, 0x6c, 0x73, 0x12, 0x12, 0x0a, 0x04, 0x70, 0x61, 0x74, 0x68,
+	0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x04, 0x70, 0x61, 0x74, 0x68, 0x12, 0x23, 0x0a, 0x0d,
+	0x73, 0x65, 0x72, 0x69, 0x61, 0x6c, 0x5f, 0x6e, 0x75, 0x6d, 0x62, 0x65, 0x72, 0x18, 0x02, 0x20,
+	0x01, 0x28, 0x09, 0x52, 0x0c, 0x73, 0x65, 0x72, 0x69, 0x61, 0x6c, 0x4e, 0x75, 0x6d, 0x62, 0x65,
+	0x72, 0x12, 0x50, 0x0a, 0x11, 0x73, 0x75, 0x62, 0x6a, 0x65, 0x63, 0x74, 0x5f, 0x61, 0x6c, 0x74,
+	0x5f, 0x6e, 0x61, 0x6d, 0x65, 0x73, 0x18, 0x03, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x24, 0x2e, 0x65,
+	0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61, 0x64, 0x6d, 0x69, 0x6e, 0x2e, 0x76, 0x33, 0x2e, 0x53, 0x75,
+	0x62, 0x6a, 0x65, 0x63, 0x74, 0x41, 0x6c, 0x74, 0x65, 0x72, 0x6e, 0x61, 0x74, 0x65, 0x4e, 0x61,
+	0x6d, 0x65, 0x52, 0x0f, 0x73, 0x75, 0x62, 0x6a, 0x65, 0x63, 0x74, 0x41, 0x6c, 0x74, 0x4e, 0x61,
+	0x6d, 0x65, 0x73, 0x12, 0x32, 0x0a, 0x15, 0x64, 0x61, 0x79, 0x73, 0x5f, 0x75, 0x6e, 0x74, 0x69,
+	0x6c, 0x5f, 0x65, 0x78, 0x70, 0x69, 0x72, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x18, 0x04, 0x20, 0x01,
+	0x28, 0x04, 0x52, 0x13, 0x64, 0x61, 0x79, 0x73, 0x55, 0x6e, 0x74, 0x69, 0x6c, 0x45, 0x78, 0x70,
+	0x69, 0x72, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x12, 0x39, 0x0a, 0x0a, 0x76, 0x61, 0x6c, 0x69, 0x64,
+	0x5f, 0x66, 0x72, 0x6f, 0x6d, 0x18, 0x05, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1a, 0x2e, 0x67, 0x6f,
+	0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x54, 0x69,
+	0x6d, 0x65, 0x73, 0x74, 0x61, 0x6d, 0x70, 0x52, 0x09, 0x76, 0x61, 0x6c, 0x69, 0x64, 0x46, 0x72,
+	0x6f, 0x6d, 0x12, 0x43, 0x0a, 0x0f, 0x65, 0x78, 0x70, 0x69, 0x72, 0x61, 0x74, 0x69, 0x6f, 0x6e,
+	0x5f, 0x74, 0x69, 0x6d, 0x65, 0x18, 0x06, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1a, 0x2e, 0x67, 0x6f,
+	0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x54, 0x69,
+	0x6d, 0x65, 0x73, 0x74, 0x61, 0x6d, 0x70, 0x52, 0x0e, 0x65, 0x78, 0x70, 0x69, 0x72, 0x61, 0x74,
+	0x69, 0x6f, 0x6e, 0x54, 0x69, 0x6d, 0x65, 0x12, 0x51, 0x0a, 0x0c, 0x6f, 0x63, 0x73, 0x70, 0x5f,
+	0x64, 0x65, 0x74, 0x61, 0x69, 0x6c, 0x73, 0x18, 0x07, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x2e, 0x2e,
+	0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61, 0x64, 0x6d, 0x69, 0x6e, 0x2e, 0x76, 0x33, 0x2e, 0x43,
+	0x65, 0x72, 0x74, 0x69, 0x66, 0x69, 0x63, 0x61, 0x74, 0x65, 0x44, 0x65, 0x74, 0x61, 0x69, 0x6c,
+	0x73, 0x2e, 0x4f, 0x63, 0x73, 0x70, 0x44, 0x65, 0x74, 0x61, 0x69, 0x6c, 0x73, 0x52, 0x0b, 0x6f,
+	0x63, 0x73, 0x70, 0x44, 0x65, 0x74, 0x61, 0x69, 0x6c, 0x73, 0x1a, 0x84, 0x01, 0x0a, 0x0b, 0x4f,
+	0x63, 0x73, 0x70, 0x44, 0x65, 0x74, 0x61, 0x69, 0x6c, 0x73, 0x12, 0x39, 0x0a, 0x0a, 0x76, 0x61,
+	0x6c, 0x69, 0x64, 0x5f, 0x66, 0x72, 0x6f, 0x6d, 0x18, 0x01, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1a,
+	0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66,
+	0x2e, 0x54, 0x69, 0x6d, 0x65, 0x73, 0x74, 0x61, 0x6d, 0x70, 0x52, 0x09, 0x76, 0x61, 0x6c, 0x69,
+	0x64, 0x46, 0x72, 0x6f, 0x6d, 0x12, 0x3a, 0x0a, 0x0a, 0x65, 0x78, 0x70, 0x69, 0x72, 0x61, 0x74,
+	0x69, 0x6f, 0x6e, 0x18, 0x02, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1a, 0x2e, 0x67, 0x6f, 0x6f, 0x67,
+	0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x54, 0x69, 0x6d, 0x65,
+	0x73, 0x74, 0x61, 0x6d, 0x70, 0x52, 0x0a, 0x65, 0x78, 0x70, 0x69, 0x72, 0x61, 0x74, 0x69, 0x6f,
+	0x6e, 0x3a, 0x2d, 0x9a, 0xc5, 0x88, 0x1e, 0x28, 0x0a, 0x26, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e,
+	0x61, 0x64, 0x6d, 0x69, 0x6e, 0x2e, 0x76, 0x32, 0x61, 0x6c, 0x70, 0x68, 0x61, 0x2e, 0x43, 0x65,
+	0x72, 0x74, 0x69, 0x66, 0x69, 0x63, 0x61, 0x74, 0x65, 0x44, 0x65, 0x74, 0x61, 0x69, 0x6c, 0x73,
+	0x22, 0x98, 0x01, 0x0a, 0x14, 0x53, 0x75, 0x62, 0x6a, 0x65, 0x63, 0x74, 0x41, 0x6c, 0x74, 0x65,
+	0x72, 0x6e, 0x61, 0x74, 0x65, 0x4e, 0x61, 0x6d, 0x65, 0x12, 0x12, 0x0a, 0x03, 0x64, 0x6e, 0x73,
+	0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x48, 0x00, 0x52, 0x03, 0x64, 0x6e, 0x73, 0x12, 0x12, 0x0a,
+	0x03, 0x75, 0x72, 0x69, 0x18, 0x02, 0x20, 0x01, 0x28, 0x09, 0x48, 0x00, 0x52, 0x03, 0x75, 0x72,
+	0x69, 0x12, 0x1f, 0x0a, 0x0a, 0x69, 0x70, 0x5f, 0x61, 0x64, 0x64, 0x72, 0x65, 0x73, 0x73, 0x18,
+	0x03, 0x20, 0x01, 0x28, 0x09, 0x48, 0x00, 0x52, 0x09, 0x69, 0x70, 0x41, 0x64, 0x64, 0x72, 0x65,
+	0x73, 0x73, 0x3a, 0x2f, 0x9a, 0xc5, 0x88, 0x1e, 0x2a, 0x0a, 0x28, 0x65, 0x6e, 0x76, 0x6f, 0x79,
+	0x2e, 0x61, 0x64, 0x6d, 0x69, 0x6e, 0x2e, 0x76, 0x32, 0x61, 0x6c, 0x70, 0x68, 0x61, 0x2e, 0x53,
+	0x75, 0x62, 0x6a, 0x65, 0x63, 0x74, 0x41, 0x6c, 0x74, 0x65, 0x72, 0x6e, 0x61, 0x74, 0x65, 0x4e,
+	0x61, 0x6d, 0x65, 0x42, 0x06, 0x0a, 0x04, 0x6e, 0x61, 0x6d, 0x65, 0x42, 0x34, 0x0a, 0x1c, 0x69,
+	0x6f, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x70, 0x72, 0x6f, 0x78, 0x79, 0x2e, 0x65, 0x6e, 0x76,
+	0x6f, 0x79, 0x2e, 0x61, 0x64, 0x6d, 0x69, 0x6e, 0x2e, 0x76, 0x33, 0x42, 0x0a, 0x43, 0x65, 0x72,
+	0x74, 0x73, 0x50, 0x72, 0x6f, 0x74, 0x6f, 0x50, 0x01, 0xba, 0x80, 0xc8, 0xd1, 0x06, 0x02, 0x10,
+	0x02, 0x62, 0x06, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x33,
+}
+
+var (
+	file_envoy_admin_v3_certs_proto_rawDescOnce sync.Once
+	file_envoy_admin_v3_certs_proto_rawDescData = file_envoy_admin_v3_certs_proto_rawDesc
+)
+
+func file_envoy_admin_v3_certs_proto_rawDescGZIP() []byte {
+	file_envoy_admin_v3_certs_proto_rawDescOnce.Do(func() {
+		file_envoy_admin_v3_certs_proto_rawDescData = protoimpl.X.CompressGZIP(file_envoy_admin_v3_certs_proto_rawDescData)
+	})
+	return file_envoy_admin_v3_certs_proto_rawDescData
+}
+
+var file_envoy_admin_v3_certs_proto_msgTypes = make([]protoimpl.MessageInfo, 5)
+var file_envoy_admin_v3_certs_proto_goTypes = []interface{}{
+	(*Certificates)(nil),                   // 0: envoy.admin.v3.Certificates
+	(*Certificate)(nil),                    // 1: envoy.admin.v3.Certificate
+	(*CertificateDetails)(nil),             // 2: envoy.admin.v3.CertificateDetails
+	(*SubjectAlternateName)(nil),           // 3: envoy.admin.v3.SubjectAlternateName
+	(*CertificateDetails_OcspDetails)(nil), // 4: envoy.admin.v3.CertificateDetails.OcspDetails
+	(*timestamp.Timestamp)(nil),            // 5: google.protobuf.Timestamp
+}
+var file_envoy_admin_v3_certs_proto_depIdxs = []int32{
+	1, // 0: envoy.admin.v3.Certificates.certificates:type_name -> envoy.admin.v3.Certificate
+	2, // 1: envoy.admin.v3.Certificate.ca_cert:type_name -> envoy.admin.v3.CertificateDetails
+	2, // 2: envoy.admin.v3.Certificate.cert_chain:type_name -> envoy.admin.v3.CertificateDetails
+	3, // 3: envoy.admin.v3.CertificateDetails.subject_alt_names:type_name -> envoy.admin.v3.SubjectAlternateName
+	5, // 4: envoy.admin.v3.CertificateDetails.valid_from:type_name -> google.protobuf.Timestamp
+	5, // 5: envoy.admin.v3.CertificateDetails.expiration_time:type_name -> google.protobuf.Timestamp
+	4, // 6: envoy.admin.v3.CertificateDetails.ocsp_details:type_name -> envoy.admin.v3.CertificateDetails.OcspDetails
+	5, // 7: envoy.admin.v3.CertificateDetails.OcspDetails.valid_from:type_name -> google.protobuf.Timestamp
+	5, // 8: envoy.admin.v3.CertificateDetails.OcspDetails.expiration:type_name -> google.protobuf.Timestamp
+	9, // [9:9] is the sub-list for method output_type
+	9, // [9:9] is the sub-list for method input_type
+	9, // [9:9] is the sub-list for extension type_name
+	9, // [9:9] is the sub-list for extension extendee
+	0, // [0:9] is the sub-list for field type_name
+}
+
+func init() { file_envoy_admin_v3_certs_proto_init() }
+func file_envoy_admin_v3_certs_proto_init() {
+	if File_envoy_admin_v3_certs_proto != nil {
+		return
+	}
+	if !protoimpl.UnsafeEnabled {
+		file_envoy_admin_v3_certs_proto_msgTypes[0].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*Certificates); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_admin_v3_certs_proto_msgTypes[1].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*Certificate); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_admin_v3_certs_proto_msgTypes[2].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*CertificateDetails); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_admin_v3_certs_proto_msgTypes[3].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*SubjectAlternateName); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_admin_v3_certs_proto_msgTypes[4].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*CertificateDetails_OcspDetails); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+	}
+	file_envoy_admin_v3_certs_proto_msgTypes[3].OneofWrappers = []interface{}{
+		(*SubjectAlternateName_Dns)(nil),
+		(*SubjectAlternateName_Uri)(nil),
+		(*SubjectAlternateName_IpAddress)(nil),
+	}
+	type x struct{}
+	out := protoimpl.TypeBuilder{
+		File: protoimpl.DescBuilder{
+			GoPackagePath: reflect.TypeOf(x{}).PkgPath(),
+			RawDescriptor: file_envoy_admin_v3_certs_proto_rawDesc,
+			NumEnums:      0,
+			NumMessages:   5,
+			NumExtensions: 0,
+			NumServices:   0,
+		},
+		GoTypes:           file_envoy_admin_v3_certs_proto_goTypes,
+		DependencyIndexes: file_envoy_admin_v3_certs_proto_depIdxs,
+		MessageInfos:      file_envoy_admin_v3_certs_proto_msgTypes,
+	}.Build()
+	File_envoy_admin_v3_certs_proto = out.File
+	file_envoy_admin_v3_certs_proto_rawDesc = nil
+	file_envoy_admin_v3_certs_proto_goTypes = nil
+	file_envoy_admin_v3_certs_proto_depIdxs = nil
+}
diff --git a/vendor/github.com/envoyproxy/go-control-plane/envoy/admin/v3/certs.pb.validate.go b/vendor/github.com/envoyproxy/go-control-plane/envoy/admin/v3/certs.pb.validate.go
new file mode 100644
index 00000000000..e5f3f81693b
--- /dev/null
+++ b/vendor/github.com/envoyproxy/go-control-plane/envoy/admin/v3/certs.pb.validate.go
@@ -0,0 +1,836 @@
+// Code generated by protoc-gen-validate. DO NOT EDIT.
+// source: envoy/admin/v3/certs.proto
+
+package envoy_admin_v3
+
+import (
+	"bytes"
+	"errors"
+	"fmt"
+	"net"
+	"net/mail"
+	"net/url"
+	"regexp"
+	"sort"
+	"strings"
+	"time"
+	"unicode/utf8"
+
+	"google.golang.org/protobuf/types/known/anypb"
+)
+
+// ensure the imports are used
+var (
+	_ = bytes.MinRead
+	_ = errors.New("")
+	_ = fmt.Print
+	_ = utf8.UTFMax
+	_ = (*regexp.Regexp)(nil)
+	_ = (*strings.Reader)(nil)
+	_ = net.IPv4len
+	_ = time.Duration(0)
+	_ = (*url.URL)(nil)
+	_ = (*mail.Address)(nil)
+	_ = anypb.Any{}
+	_ = sort.Sort
+)
+
+// Validate checks the field values on Certificates with the rules defined in
+// the proto definition for this message. If any rules are violated, the first
+// error encountered is returned, or nil if there are no violations.
+func (m *Certificates) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on Certificates with the rules defined
+// in the proto definition for this message. If any rules are violated, the
+// result is a list of violation errors wrapped in CertificatesMultiError, or
+// nil if none found.
+func (m *Certificates) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *Certificates) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	for idx, item := range m.GetCertificates() {
+		_, _ = idx, item
+
+		if all {
+			switch v := interface{}(item).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, CertificatesValidationError{
+						field:  fmt.Sprintf("Certificates[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, CertificatesValidationError{
+						field:  fmt.Sprintf("Certificates[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(item).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return CertificatesValidationError{
+					field:  fmt.Sprintf("Certificates[%v]", idx),
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	}
+
+	if len(errors) > 0 {
+		return CertificatesMultiError(errors)
+	}
+	return nil
+}
+
+// CertificatesMultiError is an error wrapping multiple validation errors
+// returned by Certificates.ValidateAll() if the designated constraints aren't met.
+type CertificatesMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m CertificatesMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m CertificatesMultiError) AllErrors() []error { return m }
+
+// CertificatesValidationError is the validation error returned by
+// Certificates.Validate if the designated constraints aren't met.
+type CertificatesValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e CertificatesValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e CertificatesValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e CertificatesValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e CertificatesValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e CertificatesValidationError) ErrorName() string { return "CertificatesValidationError" }
+
+// Error satisfies the builtin error interface
+func (e CertificatesValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sCertificates.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = CertificatesValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = CertificatesValidationError{}
+
+// Validate checks the field values on Certificate with the rules defined in
+// the proto definition for this message. If any rules are violated, the first
+// error encountered is returned, or nil if there are no violations.
+func (m *Certificate) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on Certificate with the rules defined in
+// the proto definition for this message. If any rules are violated, the
+// result is a list of violation errors wrapped in CertificateMultiError, or
+// nil if none found.
+func (m *Certificate) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *Certificate) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	for idx, item := range m.GetCaCert() {
+		_, _ = idx, item
+
+		if all {
+			switch v := interface{}(item).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, CertificateValidationError{
+						field:  fmt.Sprintf("CaCert[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, CertificateValidationError{
+						field:  fmt.Sprintf("CaCert[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(item).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return CertificateValidationError{
+					field:  fmt.Sprintf("CaCert[%v]", idx),
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	}
+
+	for idx, item := range m.GetCertChain() {
+		_, _ = idx, item
+
+		if all {
+			switch v := interface{}(item).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, CertificateValidationError{
+						field:  fmt.Sprintf("CertChain[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, CertificateValidationError{
+						field:  fmt.Sprintf("CertChain[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(item).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return CertificateValidationError{
+					field:  fmt.Sprintf("CertChain[%v]", idx),
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	}
+
+	if len(errors) > 0 {
+		return CertificateMultiError(errors)
+	}
+	return nil
+}
+
+// CertificateMultiError is an error wrapping multiple validation errors
+// returned by Certificate.ValidateAll() if the designated constraints aren't met.
+type CertificateMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m CertificateMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m CertificateMultiError) AllErrors() []error { return m }
+
+// CertificateValidationError is the validation error returned by
+// Certificate.Validate if the designated constraints aren't met.
+type CertificateValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e CertificateValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e CertificateValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e CertificateValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e CertificateValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e CertificateValidationError) ErrorName() string { return "CertificateValidationError" }
+
+// Error satisfies the builtin error interface
+func (e CertificateValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sCertificate.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = CertificateValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = CertificateValidationError{}
+
+// Validate checks the field values on CertificateDetails with the rules
+// defined in the proto definition for this message. If any rules are
+// violated, the first error encountered is returned, or nil if there are no violations.
+func (m *CertificateDetails) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on CertificateDetails with the rules
+// defined in the proto definition for this message. If any rules are
+// violated, the result is a list of violation errors wrapped in
+// CertificateDetailsMultiError, or nil if none found.
+func (m *CertificateDetails) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *CertificateDetails) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	// no validation rules for Path
+
+	// no validation rules for SerialNumber
+
+	for idx, item := range m.GetSubjectAltNames() {
+		_, _ = idx, item
+
+		if all {
+			switch v := interface{}(item).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, CertificateDetailsValidationError{
+						field:  fmt.Sprintf("SubjectAltNames[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, CertificateDetailsValidationError{
+						field:  fmt.Sprintf("SubjectAltNames[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(item).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return CertificateDetailsValidationError{
+					field:  fmt.Sprintf("SubjectAltNames[%v]", idx),
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	}
+
+	// no validation rules for DaysUntilExpiration
+
+	if all {
+		switch v := interface{}(m.GetValidFrom()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, CertificateDetailsValidationError{
+					field:  "ValidFrom",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, CertificateDetailsValidationError{
+					field:  "ValidFrom",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetValidFrom()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return CertificateDetailsValidationError{
+				field:  "ValidFrom",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if all {
+		switch v := interface{}(m.GetExpirationTime()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, CertificateDetailsValidationError{
+					field:  "ExpirationTime",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, CertificateDetailsValidationError{
+					field:  "ExpirationTime",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetExpirationTime()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return CertificateDetailsValidationError{
+				field:  "ExpirationTime",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if all {
+		switch v := interface{}(m.GetOcspDetails()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, CertificateDetailsValidationError{
+					field:  "OcspDetails",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, CertificateDetailsValidationError{
+					field:  "OcspDetails",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetOcspDetails()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return CertificateDetailsValidationError{
+				field:  "OcspDetails",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if len(errors) > 0 {
+		return CertificateDetailsMultiError(errors)
+	}
+	return nil
+}
+
+// CertificateDetailsMultiError is an error wrapping multiple validation errors
+// returned by CertificateDetails.ValidateAll() if the designated constraints
+// aren't met.
+type CertificateDetailsMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m CertificateDetailsMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m CertificateDetailsMultiError) AllErrors() []error { return m }
+
+// CertificateDetailsValidationError is the validation error returned by
+// CertificateDetails.Validate if the designated constraints aren't met.
+type CertificateDetailsValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e CertificateDetailsValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e CertificateDetailsValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e CertificateDetailsValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e CertificateDetailsValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e CertificateDetailsValidationError) ErrorName() string {
+	return "CertificateDetailsValidationError"
+}
+
+// Error satisfies the builtin error interface
+func (e CertificateDetailsValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sCertificateDetails.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = CertificateDetailsValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = CertificateDetailsValidationError{}
+
+// Validate checks the field values on SubjectAlternateName with the rules
+// defined in the proto definition for this message. If any rules are
+// violated, the first error encountered is returned, or nil if there are no violations.
+func (m *SubjectAlternateName) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on SubjectAlternateName with the rules
+// defined in the proto definition for this message. If any rules are
+// violated, the result is a list of violation errors wrapped in
+// SubjectAlternateNameMultiError, or nil if none found.
+func (m *SubjectAlternateName) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *SubjectAlternateName) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	switch m.Name.(type) {
+
+	case *SubjectAlternateName_Dns:
+		// no validation rules for Dns
+
+	case *SubjectAlternateName_Uri:
+		// no validation rules for Uri
+
+	case *SubjectAlternateName_IpAddress:
+		// no validation rules for IpAddress
+
+	}
+
+	if len(errors) > 0 {
+		return SubjectAlternateNameMultiError(errors)
+	}
+	return nil
+}
+
+// SubjectAlternateNameMultiError is an error wrapping multiple validation
+// errors returned by SubjectAlternateName.ValidateAll() if the designated
+// constraints aren't met.
+type SubjectAlternateNameMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m SubjectAlternateNameMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m SubjectAlternateNameMultiError) AllErrors() []error { return m }
+
+// SubjectAlternateNameValidationError is the validation error returned by
+// SubjectAlternateName.Validate if the designated constraints aren't met.
+type SubjectAlternateNameValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e SubjectAlternateNameValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e SubjectAlternateNameValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e SubjectAlternateNameValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e SubjectAlternateNameValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e SubjectAlternateNameValidationError) ErrorName() string {
+	return "SubjectAlternateNameValidationError"
+}
+
+// Error satisfies the builtin error interface
+func (e SubjectAlternateNameValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sSubjectAlternateName.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = SubjectAlternateNameValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = SubjectAlternateNameValidationError{}
+
+// Validate checks the field values on CertificateDetails_OcspDetails with the
+// rules defined in the proto definition for this message. If any rules are
+// violated, the first error encountered is returned, or nil if there are no violations.
+func (m *CertificateDetails_OcspDetails) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on CertificateDetails_OcspDetails with
+// the rules defined in the proto definition for this message. If any rules
+// are violated, the result is a list of violation errors wrapped in
+// CertificateDetails_OcspDetailsMultiError, or nil if none found.
+func (m *CertificateDetails_OcspDetails) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *CertificateDetails_OcspDetails) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	if all {
+		switch v := interface{}(m.GetValidFrom()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, CertificateDetails_OcspDetailsValidationError{
+					field:  "ValidFrom",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, CertificateDetails_OcspDetailsValidationError{
+					field:  "ValidFrom",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetValidFrom()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return CertificateDetails_OcspDetailsValidationError{
+				field:  "ValidFrom",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if all {
+		switch v := interface{}(m.GetExpiration()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, CertificateDetails_OcspDetailsValidationError{
+					field:  "Expiration",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, CertificateDetails_OcspDetailsValidationError{
+					field:  "Expiration",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetExpiration()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return CertificateDetails_OcspDetailsValidationError{
+				field:  "Expiration",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if len(errors) > 0 {
+		return CertificateDetails_OcspDetailsMultiError(errors)
+	}
+	return nil
+}
+
+// CertificateDetails_OcspDetailsMultiError is an error wrapping multiple
+// validation errors returned by CertificateDetails_OcspDetails.ValidateAll()
+// if the designated constraints aren't met.
+type CertificateDetails_OcspDetailsMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m CertificateDetails_OcspDetailsMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m CertificateDetails_OcspDetailsMultiError) AllErrors() []error { return m }
+
+// CertificateDetails_OcspDetailsValidationError is the validation error
+// returned by CertificateDetails_OcspDetails.Validate if the designated
+// constraints aren't met.
+type CertificateDetails_OcspDetailsValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e CertificateDetails_OcspDetailsValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e CertificateDetails_OcspDetailsValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e CertificateDetails_OcspDetailsValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e CertificateDetails_OcspDetailsValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e CertificateDetails_OcspDetailsValidationError) ErrorName() string {
+	return "CertificateDetails_OcspDetailsValidationError"
+}
+
+// Error satisfies the builtin error interface
+func (e CertificateDetails_OcspDetailsValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sCertificateDetails_OcspDetails.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = CertificateDetails_OcspDetailsValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = CertificateDetails_OcspDetailsValidationError{}
diff --git a/vendor/github.com/envoyproxy/go-control-plane/envoy/admin/v3/clusters.pb.go b/vendor/github.com/envoyproxy/go-control-plane/envoy/admin/v3/clusters.pb.go
new file mode 100644
index 00000000000..10edcf5a9fe
--- /dev/null
+++ b/vendor/github.com/envoyproxy/go-control-plane/envoy/admin/v3/clusters.pb.go
@@ -0,0 +1,733 @@
+// Code generated by protoc-gen-go. DO NOT EDIT.
+// versions:
+// 	protoc-gen-go v1.25.0
+// 	protoc        v3.19.1
+// source: envoy/admin/v3/clusters.proto
+
+package envoy_admin_v3
+
+import (
+	_ "github.com/cncf/xds/go/udpa/annotations"
+	v31 "github.com/envoyproxy/go-control-plane/envoy/config/cluster/v3"
+	v32 "github.com/envoyproxy/go-control-plane/envoy/config/core/v3"
+	v3 "github.com/envoyproxy/go-control-plane/envoy/type/v3"
+	proto "github.com/golang/protobuf/proto"
+	protoreflect "google.golang.org/protobuf/reflect/protoreflect"
+	protoimpl "google.golang.org/protobuf/runtime/protoimpl"
+	reflect "reflect"
+	sync "sync"
+)
+
+const (
+	// Verify that this generated code is sufficiently up-to-date.
+	_ = protoimpl.EnforceVersion(20 - protoimpl.MinVersion)
+	// Verify that runtime/protoimpl is sufficiently up-to-date.
+	_ = protoimpl.EnforceVersion(protoimpl.MaxVersion - 20)
+)
+
+// This is a compile-time assertion that a sufficiently up-to-date version
+// of the legacy proto package is being used.
+const _ = proto.ProtoPackageIsVersion4
+
+// Admin endpoint uses this wrapper for `/clusters` to display cluster status information.
+// See :ref:`/clusters <operations_admin_interface_clusters>` for more information.
+type Clusters struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// Mapping from cluster name to each cluster's status.
+	ClusterStatuses []*ClusterStatus `protobuf:"bytes,1,rep,name=cluster_statuses,json=clusterStatuses,proto3" json:"cluster_statuses,omitempty"`
+}
+
+func (x *Clusters) Reset() {
+	*x = Clusters{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_admin_v3_clusters_proto_msgTypes[0]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *Clusters) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*Clusters) ProtoMessage() {}
+
+func (x *Clusters) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_admin_v3_clusters_proto_msgTypes[0]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use Clusters.ProtoReflect.Descriptor instead.
+func (*Clusters) Descriptor() ([]byte, []int) {
+	return file_envoy_admin_v3_clusters_proto_rawDescGZIP(), []int{0}
+}
+
+func (x *Clusters) GetClusterStatuses() []*ClusterStatus {
+	if x != nil {
+		return x.ClusterStatuses
+	}
+	return nil
+}
+
+// Details an individual cluster's current status.
+// [#next-free-field: 8]
+type ClusterStatus struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// Name of the cluster.
+	Name string `protobuf:"bytes,1,opt,name=name,proto3" json:"name,omitempty"`
+	// Denotes whether this cluster was added via API or configured statically.
+	AddedViaApi bool `protobuf:"varint,2,opt,name=added_via_api,json=addedViaApi,proto3" json:"added_via_api,omitempty"`
+	// The success rate threshold used in the last interval.
+	// If
+	// :ref:`outlier_detection.split_external_local_origin_errors<envoy_v3_api_field_config.cluster.v3.OutlierDetection.split_external_local_origin_errors>`
+	// is *false*, all errors: externally and locally generated were used to calculate the threshold.
+	// If
+	// :ref:`outlier_detection.split_external_local_origin_errors<envoy_v3_api_field_config.cluster.v3.OutlierDetection.split_external_local_origin_errors>`
+	// is *true*, only externally generated errors were used to calculate the threshold.
+	// The threshold is used to eject hosts based on their success rate. See
+	// :ref:`Cluster outlier detection <arch_overview_outlier_detection>` documentation for details.
+	//
+	// Note: this field may be omitted in any of the three following cases:
+	//
+	// 1. There were not enough hosts with enough request volume to proceed with success rate based
+	//    outlier ejection.
+	// 2. The threshold is computed to be < 0 because a negative value implies that there was no
+	//    threshold for that interval.
+	// 3. Outlier detection is not enabled for this cluster.
+	SuccessRateEjectionThreshold *v3.Percent `protobuf:"bytes,3,opt,name=success_rate_ejection_threshold,json=successRateEjectionThreshold,proto3" json:"success_rate_ejection_threshold,omitempty"`
+	// Mapping from host address to the host's current status.
+	HostStatuses []*HostStatus `protobuf:"bytes,4,rep,name=host_statuses,json=hostStatuses,proto3" json:"host_statuses,omitempty"`
+	// The success rate threshold used in the last interval when only locally originated failures were
+	// taken into account and externally originated errors were treated as success.
+	// This field should be interpreted only when
+	// :ref:`outlier_detection.split_external_local_origin_errors<envoy_v3_api_field_config.cluster.v3.OutlierDetection.split_external_local_origin_errors>`
+	// is *true*. The threshold is used to eject hosts based on their success rate.
+	// See :ref:`Cluster outlier detection <arch_overview_outlier_detection>` documentation for
+	// details.
+	//
+	// Note: this field may be omitted in any of the three following cases:
+	//
+	// 1. There were not enough hosts with enough request volume to proceed with success rate based
+	//    outlier ejection.
+	// 2. The threshold is computed to be < 0 because a negative value implies that there was no
+	//    threshold for that interval.
+	// 3. Outlier detection is not enabled for this cluster.
+	LocalOriginSuccessRateEjectionThreshold *v3.Percent `protobuf:"bytes,5,opt,name=local_origin_success_rate_ejection_threshold,json=localOriginSuccessRateEjectionThreshold,proto3" json:"local_origin_success_rate_ejection_threshold,omitempty"`
+	// :ref:`Circuit breaking <arch_overview_circuit_break>` settings of the cluster.
+	CircuitBreakers *v31.CircuitBreakers `protobuf:"bytes,6,opt,name=circuit_breakers,json=circuitBreakers,proto3" json:"circuit_breakers,omitempty"`
+	// Observability name of the cluster.
+	ObservabilityName string `protobuf:"bytes,7,opt,name=observability_name,json=observabilityName,proto3" json:"observability_name,omitempty"`
+}
+
+func (x *ClusterStatus) Reset() {
+	*x = ClusterStatus{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_admin_v3_clusters_proto_msgTypes[1]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *ClusterStatus) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*ClusterStatus) ProtoMessage() {}
+
+func (x *ClusterStatus) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_admin_v3_clusters_proto_msgTypes[1]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use ClusterStatus.ProtoReflect.Descriptor instead.
+func (*ClusterStatus) Descriptor() ([]byte, []int) {
+	return file_envoy_admin_v3_clusters_proto_rawDescGZIP(), []int{1}
+}
+
+func (x *ClusterStatus) GetName() string {
+	if x != nil {
+		return x.Name
+	}
+	return ""
+}
+
+func (x *ClusterStatus) GetAddedViaApi() bool {
+	if x != nil {
+		return x.AddedViaApi
+	}
+	return false
+}
+
+func (x *ClusterStatus) GetSuccessRateEjectionThreshold() *v3.Percent {
+	if x != nil {
+		return x.SuccessRateEjectionThreshold
+	}
+	return nil
+}
+
+func (x *ClusterStatus) GetHostStatuses() []*HostStatus {
+	if x != nil {
+		return x.HostStatuses
+	}
+	return nil
+}
+
+func (x *ClusterStatus) GetLocalOriginSuccessRateEjectionThreshold() *v3.Percent {
+	if x != nil {
+		return x.LocalOriginSuccessRateEjectionThreshold
+	}
+	return nil
+}
+
+func (x *ClusterStatus) GetCircuitBreakers() *v31.CircuitBreakers {
+	if x != nil {
+		return x.CircuitBreakers
+	}
+	return nil
+}
+
+func (x *ClusterStatus) GetObservabilityName() string {
+	if x != nil {
+		return x.ObservabilityName
+	}
+	return ""
+}
+
+// Current state of a particular host.
+// [#next-free-field: 10]
+type HostStatus struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// Address of this host.
+	Address *v32.Address `protobuf:"bytes,1,opt,name=address,proto3" json:"address,omitempty"`
+	// List of stats specific to this host.
+	Stats []*SimpleMetric `protobuf:"bytes,2,rep,name=stats,proto3" json:"stats,omitempty"`
+	// The host's current health status.
+	HealthStatus *HostHealthStatus `protobuf:"bytes,3,opt,name=health_status,json=healthStatus,proto3" json:"health_status,omitempty"`
+	// Request success rate for this host over the last calculated interval.
+	// If
+	// :ref:`outlier_detection.split_external_local_origin_errors<envoy_v3_api_field_config.cluster.v3.OutlierDetection.split_external_local_origin_errors>`
+	// is *false*, all errors: externally and locally generated were used in success rate
+	// calculation. If
+	// :ref:`outlier_detection.split_external_local_origin_errors<envoy_v3_api_field_config.cluster.v3.OutlierDetection.split_external_local_origin_errors>`
+	// is *true*, only externally generated errors were used in success rate calculation.
+	// See :ref:`Cluster outlier detection <arch_overview_outlier_detection>` documentation for
+	// details.
+	//
+	// Note: the message will not be present if host did not have enough request volume to calculate
+	// success rate or the cluster did not have enough hosts to run through success rate outlier
+	// ejection.
+	SuccessRate *v3.Percent `protobuf:"bytes,4,opt,name=success_rate,json=successRate,proto3" json:"success_rate,omitempty"`
+	// The host's weight. If not configured, the value defaults to 1.
+	Weight uint32 `protobuf:"varint,5,opt,name=weight,proto3" json:"weight,omitempty"`
+	// The hostname of the host, if applicable.
+	Hostname string `protobuf:"bytes,6,opt,name=hostname,proto3" json:"hostname,omitempty"`
+	// The host's priority. If not configured, the value defaults to 0 (highest priority).
+	Priority uint32 `protobuf:"varint,7,opt,name=priority,proto3" json:"priority,omitempty"`
+	// Request success rate for this host over the last calculated
+	// interval when only locally originated errors are taken into account and externally originated
+	// errors were treated as success.
+	// This field should be interpreted only when
+	// :ref:`outlier_detection.split_external_local_origin_errors<envoy_v3_api_field_config.cluster.v3.OutlierDetection.split_external_local_origin_errors>`
+	// is *true*.
+	// See :ref:`Cluster outlier detection <arch_overview_outlier_detection>` documentation for
+	// details.
+	//
+	// Note: the message will not be present if host did not have enough request volume to calculate
+	// success rate or the cluster did not have enough hosts to run through success rate outlier
+	// ejection.
+	LocalOriginSuccessRate *v3.Percent `protobuf:"bytes,8,opt,name=local_origin_success_rate,json=localOriginSuccessRate,proto3" json:"local_origin_success_rate,omitempty"`
+	// locality of the host.
+	Locality *v32.Locality `protobuf:"bytes,9,opt,name=locality,proto3" json:"locality,omitempty"`
+}
+
+func (x *HostStatus) Reset() {
+	*x = HostStatus{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_admin_v3_clusters_proto_msgTypes[2]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *HostStatus) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*HostStatus) ProtoMessage() {}
+
+func (x *HostStatus) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_admin_v3_clusters_proto_msgTypes[2]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use HostStatus.ProtoReflect.Descriptor instead.
+func (*HostStatus) Descriptor() ([]byte, []int) {
+	return file_envoy_admin_v3_clusters_proto_rawDescGZIP(), []int{2}
+}
+
+func (x *HostStatus) GetAddress() *v32.Address {
+	if x != nil {
+		return x.Address
+	}
+	return nil
+}
+
+func (x *HostStatus) GetStats() []*SimpleMetric {
+	if x != nil {
+		return x.Stats
+	}
+	return nil
+}
+
+func (x *HostStatus) GetHealthStatus() *HostHealthStatus {
+	if x != nil {
+		return x.HealthStatus
+	}
+	return nil
+}
+
+func (x *HostStatus) GetSuccessRate() *v3.Percent {
+	if x != nil {
+		return x.SuccessRate
+	}
+	return nil
+}
+
+func (x *HostStatus) GetWeight() uint32 {
+	if x != nil {
+		return x.Weight
+	}
+	return 0
+}
+
+func (x *HostStatus) GetHostname() string {
+	if x != nil {
+		return x.Hostname
+	}
+	return ""
+}
+
+func (x *HostStatus) GetPriority() uint32 {
+	if x != nil {
+		return x.Priority
+	}
+	return 0
+}
+
+func (x *HostStatus) GetLocalOriginSuccessRate() *v3.Percent {
+	if x != nil {
+		return x.LocalOriginSuccessRate
+	}
+	return nil
+}
+
+func (x *HostStatus) GetLocality() *v32.Locality {
+	if x != nil {
+		return x.Locality
+	}
+	return nil
+}
+
+// Health status for a host.
+// [#next-free-field: 9]
+type HostHealthStatus struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// The host is currently failing active health checks.
+	FailedActiveHealthCheck bool `protobuf:"varint,1,opt,name=failed_active_health_check,json=failedActiveHealthCheck,proto3" json:"failed_active_health_check,omitempty"`
+	// The host is currently considered an outlier and has been ejected.
+	FailedOutlierCheck bool `protobuf:"varint,2,opt,name=failed_outlier_check,json=failedOutlierCheck,proto3" json:"failed_outlier_check,omitempty"`
+	// The host is currently being marked as degraded through active health checking.
+	FailedActiveDegradedCheck bool `protobuf:"varint,4,opt,name=failed_active_degraded_check,json=failedActiveDegradedCheck,proto3" json:"failed_active_degraded_check,omitempty"`
+	// The host has been removed from service discovery, but is being stabilized due to active
+	// health checking.
+	PendingDynamicRemoval bool `protobuf:"varint,5,opt,name=pending_dynamic_removal,json=pendingDynamicRemoval,proto3" json:"pending_dynamic_removal,omitempty"`
+	// The host has not yet been health checked.
+	PendingActiveHc bool `protobuf:"varint,6,opt,name=pending_active_hc,json=pendingActiveHc,proto3" json:"pending_active_hc,omitempty"`
+	// The host should be excluded from panic, spillover, etc. calculations because it was explicitly
+	// taken out of rotation via protocol signal and is not meant to be routed to.
+	ExcludedViaImmediateHcFail bool `protobuf:"varint,7,opt,name=excluded_via_immediate_hc_fail,json=excludedViaImmediateHcFail,proto3" json:"excluded_via_immediate_hc_fail,omitempty"`
+	// The host failed active HC due to timeout.
+	ActiveHcTimeout bool `protobuf:"varint,8,opt,name=active_hc_timeout,json=activeHcTimeout,proto3" json:"active_hc_timeout,omitempty"`
+	// Health status as reported by EDS. Note: only HEALTHY and UNHEALTHY are currently supported
+	// here.
+	// [#comment:TODO(mrice32): pipe through remaining EDS health status possibilities.]
+	EdsHealthStatus v32.HealthStatus `protobuf:"varint,3,opt,name=eds_health_status,json=edsHealthStatus,proto3,enum=envoy.config.core.v3.HealthStatus" json:"eds_health_status,omitempty"`
+}
+
+func (x *HostHealthStatus) Reset() {
+	*x = HostHealthStatus{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_admin_v3_clusters_proto_msgTypes[3]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *HostHealthStatus) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*HostHealthStatus) ProtoMessage() {}
+
+func (x *HostHealthStatus) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_admin_v3_clusters_proto_msgTypes[3]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use HostHealthStatus.ProtoReflect.Descriptor instead.
+func (*HostHealthStatus) Descriptor() ([]byte, []int) {
+	return file_envoy_admin_v3_clusters_proto_rawDescGZIP(), []int{3}
+}
+
+func (x *HostHealthStatus) GetFailedActiveHealthCheck() bool {
+	if x != nil {
+		return x.FailedActiveHealthCheck
+	}
+	return false
+}
+
+func (x *HostHealthStatus) GetFailedOutlierCheck() bool {
+	if x != nil {
+		return x.FailedOutlierCheck
+	}
+	return false
+}
+
+func (x *HostHealthStatus) GetFailedActiveDegradedCheck() bool {
+	if x != nil {
+		return x.FailedActiveDegradedCheck
+	}
+	return false
+}
+
+func (x *HostHealthStatus) GetPendingDynamicRemoval() bool {
+	if x != nil {
+		return x.PendingDynamicRemoval
+	}
+	return false
+}
+
+func (x *HostHealthStatus) GetPendingActiveHc() bool {
+	if x != nil {
+		return x.PendingActiveHc
+	}
+	return false
+}
+
+func (x *HostHealthStatus) GetExcludedViaImmediateHcFail() bool {
+	if x != nil {
+		return x.ExcludedViaImmediateHcFail
+	}
+	return false
+}
+
+func (x *HostHealthStatus) GetActiveHcTimeout() bool {
+	if x != nil {
+		return x.ActiveHcTimeout
+	}
+	return false
+}
+
+func (x *HostHealthStatus) GetEdsHealthStatus() v32.HealthStatus {
+	if x != nil {
+		return x.EdsHealthStatus
+	}
+	return v32.HealthStatus_UNKNOWN
+}
+
+var File_envoy_admin_v3_clusters_proto protoreflect.FileDescriptor
+
+var file_envoy_admin_v3_clusters_proto_rawDesc = []byte{
+	0x0a, 0x1d, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2f, 0x61, 0x64, 0x6d, 0x69, 0x6e, 0x2f, 0x76, 0x33,
+	0x2f, 0x63, 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0x73, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x12,
+	0x0e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61, 0x64, 0x6d, 0x69, 0x6e, 0x2e, 0x76, 0x33, 0x1a,
+	0x1c, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2f, 0x61, 0x64, 0x6d, 0x69, 0x6e, 0x2f, 0x76, 0x33, 0x2f,
+	0x6d, 0x65, 0x74, 0x72, 0x69, 0x63, 0x73, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x2d, 0x65,
+	0x6e, 0x76, 0x6f, 0x79, 0x2f, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2f, 0x63, 0x6c, 0x75, 0x73,
+	0x74, 0x65, 0x72, 0x2f, 0x76, 0x33, 0x2f, 0x63, 0x69, 0x72, 0x63, 0x75, 0x69, 0x74, 0x5f, 0x62,
+	0x72, 0x65, 0x61, 0x6b, 0x65, 0x72, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x22, 0x65, 0x6e,
+	0x76, 0x6f, 0x79, 0x2f, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2f, 0x63, 0x6f, 0x72, 0x65, 0x2f,
+	0x76, 0x33, 0x2f, 0x61, 0x64, 0x64, 0x72, 0x65, 0x73, 0x73, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f,
+	0x1a, 0x1f, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2f, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2f, 0x63,
+	0x6f, 0x72, 0x65, 0x2f, 0x76, 0x33, 0x2f, 0x62, 0x61, 0x73, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74,
+	0x6f, 0x1a, 0x27, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2f, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2f,
+	0x63, 0x6f, 0x72, 0x65, 0x2f, 0x76, 0x33, 0x2f, 0x68, 0x65, 0x61, 0x6c, 0x74, 0x68, 0x5f, 0x63,
+	0x68, 0x65, 0x63, 0x6b, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x1b, 0x65, 0x6e, 0x76, 0x6f,
+	0x79, 0x2f, 0x74, 0x79, 0x70, 0x65, 0x2f, 0x76, 0x33, 0x2f, 0x70, 0x65, 0x72, 0x63, 0x65, 0x6e,
+	0x74, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x1d, 0x75, 0x64, 0x70, 0x61, 0x2f, 0x61, 0x6e,
+	0x6e, 0x6f, 0x74, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x2f, 0x73, 0x74, 0x61, 0x74, 0x75, 0x73,
+	0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x21, 0x75, 0x64, 0x70, 0x61, 0x2f, 0x61, 0x6e, 0x6e,
+	0x6f, 0x74, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x2f, 0x76, 0x65, 0x72, 0x73, 0x69, 0x6f, 0x6e,
+	0x69, 0x6e, 0x67, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x22, 0x79, 0x0a, 0x08, 0x43, 0x6c, 0x75,
+	0x73, 0x74, 0x65, 0x72, 0x73, 0x12, 0x48, 0x0a, 0x10, 0x63, 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72,
+	0x5f, 0x73, 0x74, 0x61, 0x74, 0x75, 0x73, 0x65, 0x73, 0x18, 0x01, 0x20, 0x03, 0x28, 0x0b, 0x32,
+	0x1d, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61, 0x64, 0x6d, 0x69, 0x6e, 0x2e, 0x76, 0x33,
+	0x2e, 0x43, 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0x53, 0x74, 0x61, 0x74, 0x75, 0x73, 0x52, 0x0f,
+	0x63, 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0x53, 0x74, 0x61, 0x74, 0x75, 0x73, 0x65, 0x73, 0x3a,
+	0x23, 0x9a, 0xc5, 0x88, 0x1e, 0x1e, 0x0a, 0x1c, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61, 0x64,
+	0x6d, 0x69, 0x6e, 0x2e, 0x76, 0x32, 0x61, 0x6c, 0x70, 0x68, 0x61, 0x2e, 0x43, 0x6c, 0x75, 0x73,
+	0x74, 0x65, 0x72, 0x73, 0x22, 0x8c, 0x04, 0x0a, 0x0d, 0x43, 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72,
+	0x53, 0x74, 0x61, 0x74, 0x75, 0x73, 0x12, 0x12, 0x0a, 0x04, 0x6e, 0x61, 0x6d, 0x65, 0x18, 0x01,
+	0x20, 0x01, 0x28, 0x09, 0x52, 0x04, 0x6e, 0x61, 0x6d, 0x65, 0x12, 0x22, 0x0a, 0x0d, 0x61, 0x64,
+	0x64, 0x65, 0x64, 0x5f, 0x76, 0x69, 0x61, 0x5f, 0x61, 0x70, 0x69, 0x18, 0x02, 0x20, 0x01, 0x28,
+	0x08, 0x52, 0x0b, 0x61, 0x64, 0x64, 0x65, 0x64, 0x56, 0x69, 0x61, 0x41, 0x70, 0x69, 0x12, 0x5d,
+	0x0a, 0x1f, 0x73, 0x75, 0x63, 0x63, 0x65, 0x73, 0x73, 0x5f, 0x72, 0x61, 0x74, 0x65, 0x5f, 0x65,
+	0x6a, 0x65, 0x63, 0x74, 0x69, 0x6f, 0x6e, 0x5f, 0x74, 0x68, 0x72, 0x65, 0x73, 0x68, 0x6f, 0x6c,
+	0x64, 0x18, 0x03, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x16, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e,
+	0x74, 0x79, 0x70, 0x65, 0x2e, 0x76, 0x33, 0x2e, 0x50, 0x65, 0x72, 0x63, 0x65, 0x6e, 0x74, 0x52,
+	0x1c, 0x73, 0x75, 0x63, 0x63, 0x65, 0x73, 0x73, 0x52, 0x61, 0x74, 0x65, 0x45, 0x6a, 0x65, 0x63,
+	0x74, 0x69, 0x6f, 0x6e, 0x54, 0x68, 0x72, 0x65, 0x73, 0x68, 0x6f, 0x6c, 0x64, 0x12, 0x3f, 0x0a,
+	0x0d, 0x68, 0x6f, 0x73, 0x74, 0x5f, 0x73, 0x74, 0x61, 0x74, 0x75, 0x73, 0x65, 0x73, 0x18, 0x04,
+	0x20, 0x03, 0x28, 0x0b, 0x32, 0x1a, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61, 0x64, 0x6d,
+	0x69, 0x6e, 0x2e, 0x76, 0x33, 0x2e, 0x48, 0x6f, 0x73, 0x74, 0x53, 0x74, 0x61, 0x74, 0x75, 0x73,
+	0x52, 0x0c, 0x68, 0x6f, 0x73, 0x74, 0x53, 0x74, 0x61, 0x74, 0x75, 0x73, 0x65, 0x73, 0x12, 0x75,
+	0x0a, 0x2c, 0x6c, 0x6f, 0x63, 0x61, 0x6c, 0x5f, 0x6f, 0x72, 0x69, 0x67, 0x69, 0x6e, 0x5f, 0x73,
+	0x75, 0x63, 0x63, 0x65, 0x73, 0x73, 0x5f, 0x72, 0x61, 0x74, 0x65, 0x5f, 0x65, 0x6a, 0x65, 0x63,
+	0x74, 0x69, 0x6f, 0x6e, 0x5f, 0x74, 0x68, 0x72, 0x65, 0x73, 0x68, 0x6f, 0x6c, 0x64, 0x18, 0x05,
+	0x20, 0x01, 0x28, 0x0b, 0x32, 0x16, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x74, 0x79, 0x70,
+	0x65, 0x2e, 0x76, 0x33, 0x2e, 0x50, 0x65, 0x72, 0x63, 0x65, 0x6e, 0x74, 0x52, 0x27, 0x6c, 0x6f,
+	0x63, 0x61, 0x6c, 0x4f, 0x72, 0x69, 0x67, 0x69, 0x6e, 0x53, 0x75, 0x63, 0x63, 0x65, 0x73, 0x73,
+	0x52, 0x61, 0x74, 0x65, 0x45, 0x6a, 0x65, 0x63, 0x74, 0x69, 0x6f, 0x6e, 0x54, 0x68, 0x72, 0x65,
+	0x73, 0x68, 0x6f, 0x6c, 0x64, 0x12, 0x53, 0x0a, 0x10, 0x63, 0x69, 0x72, 0x63, 0x75, 0x69, 0x74,
+	0x5f, 0x62, 0x72, 0x65, 0x61, 0x6b, 0x65, 0x72, 0x73, 0x18, 0x06, 0x20, 0x01, 0x28, 0x0b, 0x32,
+	0x28, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x63,
+	0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0x2e, 0x76, 0x33, 0x2e, 0x43, 0x69, 0x72, 0x63, 0x75, 0x69,
+	0x74, 0x42, 0x72, 0x65, 0x61, 0x6b, 0x65, 0x72, 0x73, 0x52, 0x0f, 0x63, 0x69, 0x72, 0x63, 0x75,
+	0x69, 0x74, 0x42, 0x72, 0x65, 0x61, 0x6b, 0x65, 0x72, 0x73, 0x12, 0x2d, 0x0a, 0x12, 0x6f, 0x62,
+	0x73, 0x65, 0x72, 0x76, 0x61, 0x62, 0x69, 0x6c, 0x69, 0x74, 0x79, 0x5f, 0x6e, 0x61, 0x6d, 0x65,
+	0x18, 0x07, 0x20, 0x01, 0x28, 0x09, 0x52, 0x11, 0x6f, 0x62, 0x73, 0x65, 0x72, 0x76, 0x61, 0x62,
+	0x69, 0x6c, 0x69, 0x74, 0x79, 0x4e, 0x61, 0x6d, 0x65, 0x3a, 0x28, 0x9a, 0xc5, 0x88, 0x1e, 0x23,
+	0x0a, 0x21, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61, 0x64, 0x6d, 0x69, 0x6e, 0x2e, 0x76, 0x32,
+	0x61, 0x6c, 0x70, 0x68, 0x61, 0x2e, 0x43, 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0x53, 0x74, 0x61,
+	0x74, 0x75, 0x73, 0x22, 0x81, 0x04, 0x0a, 0x0a, 0x48, 0x6f, 0x73, 0x74, 0x53, 0x74, 0x61, 0x74,
+	0x75, 0x73, 0x12, 0x37, 0x0a, 0x07, 0x61, 0x64, 0x64, 0x72, 0x65, 0x73, 0x73, 0x18, 0x01, 0x20,
+	0x01, 0x28, 0x0b, 0x32, 0x1d, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66,
+	0x69, 0x67, 0x2e, 0x63, 0x6f, 0x72, 0x65, 0x2e, 0x76, 0x33, 0x2e, 0x41, 0x64, 0x64, 0x72, 0x65,
+	0x73, 0x73, 0x52, 0x07, 0x61, 0x64, 0x64, 0x72, 0x65, 0x73, 0x73, 0x12, 0x32, 0x0a, 0x05, 0x73,
+	0x74, 0x61, 0x74, 0x73, 0x18, 0x02, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x1c, 0x2e, 0x65, 0x6e, 0x76,
+	0x6f, 0x79, 0x2e, 0x61, 0x64, 0x6d, 0x69, 0x6e, 0x2e, 0x76, 0x33, 0x2e, 0x53, 0x69, 0x6d, 0x70,
+	0x6c, 0x65, 0x4d, 0x65, 0x74, 0x72, 0x69, 0x63, 0x52, 0x05, 0x73, 0x74, 0x61, 0x74, 0x73, 0x12,
+	0x45, 0x0a, 0x0d, 0x68, 0x65, 0x61, 0x6c, 0x74, 0x68, 0x5f, 0x73, 0x74, 0x61, 0x74, 0x75, 0x73,
+	0x18, 0x03, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x20, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61,
+	0x64, 0x6d, 0x69, 0x6e, 0x2e, 0x76, 0x33, 0x2e, 0x48, 0x6f, 0x73, 0x74, 0x48, 0x65, 0x61, 0x6c,
+	0x74, 0x68, 0x53, 0x74, 0x61, 0x74, 0x75, 0x73, 0x52, 0x0c, 0x68, 0x65, 0x61, 0x6c, 0x74, 0x68,
+	0x53, 0x74, 0x61, 0x74, 0x75, 0x73, 0x12, 0x39, 0x0a, 0x0c, 0x73, 0x75, 0x63, 0x63, 0x65, 0x73,
+	0x73, 0x5f, 0x72, 0x61, 0x74, 0x65, 0x18, 0x04, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x16, 0x2e, 0x65,
+	0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x74, 0x79, 0x70, 0x65, 0x2e, 0x76, 0x33, 0x2e, 0x50, 0x65, 0x72,
+	0x63, 0x65, 0x6e, 0x74, 0x52, 0x0b, 0x73, 0x75, 0x63, 0x63, 0x65, 0x73, 0x73, 0x52, 0x61, 0x74,
+	0x65, 0x12, 0x16, 0x0a, 0x06, 0x77, 0x65, 0x69, 0x67, 0x68, 0x74, 0x18, 0x05, 0x20, 0x01, 0x28,
+	0x0d, 0x52, 0x06, 0x77, 0x65, 0x69, 0x67, 0x68, 0x74, 0x12, 0x1a, 0x0a, 0x08, 0x68, 0x6f, 0x73,
+	0x74, 0x6e, 0x61, 0x6d, 0x65, 0x18, 0x06, 0x20, 0x01, 0x28, 0x09, 0x52, 0x08, 0x68, 0x6f, 0x73,
+	0x74, 0x6e, 0x61, 0x6d, 0x65, 0x12, 0x1a, 0x0a, 0x08, 0x70, 0x72, 0x69, 0x6f, 0x72, 0x69, 0x74,
+	0x79, 0x18, 0x07, 0x20, 0x01, 0x28, 0x0d, 0x52, 0x08, 0x70, 0x72, 0x69, 0x6f, 0x72, 0x69, 0x74,
+	0x79, 0x12, 0x51, 0x0a, 0x19, 0x6c, 0x6f, 0x63, 0x61, 0x6c, 0x5f, 0x6f, 0x72, 0x69, 0x67, 0x69,
+	0x6e, 0x5f, 0x73, 0x75, 0x63, 0x63, 0x65, 0x73, 0x73, 0x5f, 0x72, 0x61, 0x74, 0x65, 0x18, 0x08,
+	0x20, 0x01, 0x28, 0x0b, 0x32, 0x16, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x74, 0x79, 0x70,
+	0x65, 0x2e, 0x76, 0x33, 0x2e, 0x50, 0x65, 0x72, 0x63, 0x65, 0x6e, 0x74, 0x52, 0x16, 0x6c, 0x6f,
+	0x63, 0x61, 0x6c, 0x4f, 0x72, 0x69, 0x67, 0x69, 0x6e, 0x53, 0x75, 0x63, 0x63, 0x65, 0x73, 0x73,
+	0x52, 0x61, 0x74, 0x65, 0x12, 0x3a, 0x0a, 0x08, 0x6c, 0x6f, 0x63, 0x61, 0x6c, 0x69, 0x74, 0x79,
+	0x18, 0x09, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1e, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63,
+	0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x63, 0x6f, 0x72, 0x65, 0x2e, 0x76, 0x33, 0x2e, 0x4c, 0x6f,
+	0x63, 0x61, 0x6c, 0x69, 0x74, 0x79, 0x52, 0x08, 0x6c, 0x6f, 0x63, 0x61, 0x6c, 0x69, 0x74, 0x79,
+	0x3a, 0x25, 0x9a, 0xc5, 0x88, 0x1e, 0x20, 0x0a, 0x1e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61,
+	0x64, 0x6d, 0x69, 0x6e, 0x2e, 0x76, 0x32, 0x61, 0x6c, 0x70, 0x68, 0x61, 0x2e, 0x48, 0x6f, 0x73,
+	0x74, 0x53, 0x74, 0x61, 0x74, 0x75, 0x73, 0x22, 0x93, 0x04, 0x0a, 0x10, 0x48, 0x6f, 0x73, 0x74,
+	0x48, 0x65, 0x61, 0x6c, 0x74, 0x68, 0x53, 0x74, 0x61, 0x74, 0x75, 0x73, 0x12, 0x3b, 0x0a, 0x1a,
+	0x66, 0x61, 0x69, 0x6c, 0x65, 0x64, 0x5f, 0x61, 0x63, 0x74, 0x69, 0x76, 0x65, 0x5f, 0x68, 0x65,
+	0x61, 0x6c, 0x74, 0x68, 0x5f, 0x63, 0x68, 0x65, 0x63, 0x6b, 0x18, 0x01, 0x20, 0x01, 0x28, 0x08,
+	0x52, 0x17, 0x66, 0x61, 0x69, 0x6c, 0x65, 0x64, 0x41, 0x63, 0x74, 0x69, 0x76, 0x65, 0x48, 0x65,
+	0x61, 0x6c, 0x74, 0x68, 0x43, 0x68, 0x65, 0x63, 0x6b, 0x12, 0x30, 0x0a, 0x14, 0x66, 0x61, 0x69,
+	0x6c, 0x65, 0x64, 0x5f, 0x6f, 0x75, 0x74, 0x6c, 0x69, 0x65, 0x72, 0x5f, 0x63, 0x68, 0x65, 0x63,
+	0x6b, 0x18, 0x02, 0x20, 0x01, 0x28, 0x08, 0x52, 0x12, 0x66, 0x61, 0x69, 0x6c, 0x65, 0x64, 0x4f,
+	0x75, 0x74, 0x6c, 0x69, 0x65, 0x72, 0x43, 0x68, 0x65, 0x63, 0x6b, 0x12, 0x3f, 0x0a, 0x1c, 0x66,
+	0x61, 0x69, 0x6c, 0x65, 0x64, 0x5f, 0x61, 0x63, 0x74, 0x69, 0x76, 0x65, 0x5f, 0x64, 0x65, 0x67,
+	0x72, 0x61, 0x64, 0x65, 0x64, 0x5f, 0x63, 0x68, 0x65, 0x63, 0x6b, 0x18, 0x04, 0x20, 0x01, 0x28,
+	0x08, 0x52, 0x19, 0x66, 0x61, 0x69, 0x6c, 0x65, 0x64, 0x41, 0x63, 0x74, 0x69, 0x76, 0x65, 0x44,
+	0x65, 0x67, 0x72, 0x61, 0x64, 0x65, 0x64, 0x43, 0x68, 0x65, 0x63, 0x6b, 0x12, 0x36, 0x0a, 0x17,
+	0x70, 0x65, 0x6e, 0x64, 0x69, 0x6e, 0x67, 0x5f, 0x64, 0x79, 0x6e, 0x61, 0x6d, 0x69, 0x63, 0x5f,
+	0x72, 0x65, 0x6d, 0x6f, 0x76, 0x61, 0x6c, 0x18, 0x05, 0x20, 0x01, 0x28, 0x08, 0x52, 0x15, 0x70,
+	0x65, 0x6e, 0x64, 0x69, 0x6e, 0x67, 0x44, 0x79, 0x6e, 0x61, 0x6d, 0x69, 0x63, 0x52, 0x65, 0x6d,
+	0x6f, 0x76, 0x61, 0x6c, 0x12, 0x2a, 0x0a, 0x11, 0x70, 0x65, 0x6e, 0x64, 0x69, 0x6e, 0x67, 0x5f,
+	0x61, 0x63, 0x74, 0x69, 0x76, 0x65, 0x5f, 0x68, 0x63, 0x18, 0x06, 0x20, 0x01, 0x28, 0x08, 0x52,
+	0x0f, 0x70, 0x65, 0x6e, 0x64, 0x69, 0x6e, 0x67, 0x41, 0x63, 0x74, 0x69, 0x76, 0x65, 0x48, 0x63,
+	0x12, 0x42, 0x0a, 0x1e, 0x65, 0x78, 0x63, 0x6c, 0x75, 0x64, 0x65, 0x64, 0x5f, 0x76, 0x69, 0x61,
+	0x5f, 0x69, 0x6d, 0x6d, 0x65, 0x64, 0x69, 0x61, 0x74, 0x65, 0x5f, 0x68, 0x63, 0x5f, 0x66, 0x61,
+	0x69, 0x6c, 0x18, 0x07, 0x20, 0x01, 0x28, 0x08, 0x52, 0x1a, 0x65, 0x78, 0x63, 0x6c, 0x75, 0x64,
+	0x65, 0x64, 0x56, 0x69, 0x61, 0x49, 0x6d, 0x6d, 0x65, 0x64, 0x69, 0x61, 0x74, 0x65, 0x48, 0x63,
+	0x46, 0x61, 0x69, 0x6c, 0x12, 0x2a, 0x0a, 0x11, 0x61, 0x63, 0x74, 0x69, 0x76, 0x65, 0x5f, 0x68,
+	0x63, 0x5f, 0x74, 0x69, 0x6d, 0x65, 0x6f, 0x75, 0x74, 0x18, 0x08, 0x20, 0x01, 0x28, 0x08, 0x52,
+	0x0f, 0x61, 0x63, 0x74, 0x69, 0x76, 0x65, 0x48, 0x63, 0x54, 0x69, 0x6d, 0x65, 0x6f, 0x75, 0x74,
+	0x12, 0x4e, 0x0a, 0x11, 0x65, 0x64, 0x73, 0x5f, 0x68, 0x65, 0x61, 0x6c, 0x74, 0x68, 0x5f, 0x73,
+	0x74, 0x61, 0x74, 0x75, 0x73, 0x18, 0x03, 0x20, 0x01, 0x28, 0x0e, 0x32, 0x22, 0x2e, 0x65, 0x6e,
+	0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x63, 0x6f, 0x72, 0x65, 0x2e,
+	0x76, 0x33, 0x2e, 0x48, 0x65, 0x61, 0x6c, 0x74, 0x68, 0x53, 0x74, 0x61, 0x74, 0x75, 0x73, 0x52,
+	0x0f, 0x65, 0x64, 0x73, 0x48, 0x65, 0x61, 0x6c, 0x74, 0x68, 0x53, 0x74, 0x61, 0x74, 0x75, 0x73,
+	0x3a, 0x2b, 0x9a, 0xc5, 0x88, 0x1e, 0x26, 0x0a, 0x24, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61,
+	0x64, 0x6d, 0x69, 0x6e, 0x2e, 0x76, 0x32, 0x61, 0x6c, 0x70, 0x68, 0x61, 0x2e, 0x48, 0x6f, 0x73,
+	0x74, 0x48, 0x65, 0x61, 0x6c, 0x74, 0x68, 0x53, 0x74, 0x61, 0x74, 0x75, 0x73, 0x42, 0x37, 0x0a,
+	0x1c, 0x69, 0x6f, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x70, 0x72, 0x6f, 0x78, 0x79, 0x2e, 0x65,
+	0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61, 0x64, 0x6d, 0x69, 0x6e, 0x2e, 0x76, 0x33, 0x42, 0x0d, 0x43,
+	0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0x73, 0x50, 0x72, 0x6f, 0x74, 0x6f, 0x50, 0x01, 0xba, 0x80,
+	0xc8, 0xd1, 0x06, 0x02, 0x10, 0x02, 0x62, 0x06, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x33,
+}
+
+var (
+	file_envoy_admin_v3_clusters_proto_rawDescOnce sync.Once
+	file_envoy_admin_v3_clusters_proto_rawDescData = file_envoy_admin_v3_clusters_proto_rawDesc
+)
+
+func file_envoy_admin_v3_clusters_proto_rawDescGZIP() []byte {
+	file_envoy_admin_v3_clusters_proto_rawDescOnce.Do(func() {
+		file_envoy_admin_v3_clusters_proto_rawDescData = protoimpl.X.CompressGZIP(file_envoy_admin_v3_clusters_proto_rawDescData)
+	})
+	return file_envoy_admin_v3_clusters_proto_rawDescData
+}
+
+var file_envoy_admin_v3_clusters_proto_msgTypes = make([]protoimpl.MessageInfo, 4)
+var file_envoy_admin_v3_clusters_proto_goTypes = []interface{}{
+	(*Clusters)(nil),            // 0: envoy.admin.v3.Clusters
+	(*ClusterStatus)(nil),       // 1: envoy.admin.v3.ClusterStatus
+	(*HostStatus)(nil),          // 2: envoy.admin.v3.HostStatus
+	(*HostHealthStatus)(nil),    // 3: envoy.admin.v3.HostHealthStatus
+	(*v3.Percent)(nil),          // 4: envoy.type.v3.Percent
+	(*v31.CircuitBreakers)(nil), // 5: envoy.config.cluster.v3.CircuitBreakers
+	(*v32.Address)(nil),         // 6: envoy.config.core.v3.Address
+	(*SimpleMetric)(nil),        // 7: envoy.admin.v3.SimpleMetric
+	(*v32.Locality)(nil),        // 8: envoy.config.core.v3.Locality
+	(v32.HealthStatus)(0),       // 9: envoy.config.core.v3.HealthStatus
+}
+var file_envoy_admin_v3_clusters_proto_depIdxs = []int32{
+	1,  // 0: envoy.admin.v3.Clusters.cluster_statuses:type_name -> envoy.admin.v3.ClusterStatus
+	4,  // 1: envoy.admin.v3.ClusterStatus.success_rate_ejection_threshold:type_name -> envoy.type.v3.Percent
+	2,  // 2: envoy.admin.v3.ClusterStatus.host_statuses:type_name -> envoy.admin.v3.HostStatus
+	4,  // 3: envoy.admin.v3.ClusterStatus.local_origin_success_rate_ejection_threshold:type_name -> envoy.type.v3.Percent
+	5,  // 4: envoy.admin.v3.ClusterStatus.circuit_breakers:type_name -> envoy.config.cluster.v3.CircuitBreakers
+	6,  // 5: envoy.admin.v3.HostStatus.address:type_name -> envoy.config.core.v3.Address
+	7,  // 6: envoy.admin.v3.HostStatus.stats:type_name -> envoy.admin.v3.SimpleMetric
+	3,  // 7: envoy.admin.v3.HostStatus.health_status:type_name -> envoy.admin.v3.HostHealthStatus
+	4,  // 8: envoy.admin.v3.HostStatus.success_rate:type_name -> envoy.type.v3.Percent
+	4,  // 9: envoy.admin.v3.HostStatus.local_origin_success_rate:type_name -> envoy.type.v3.Percent
+	8,  // 10: envoy.admin.v3.HostStatus.locality:type_name -> envoy.config.core.v3.Locality
+	9,  // 11: envoy.admin.v3.HostHealthStatus.eds_health_status:type_name -> envoy.config.core.v3.HealthStatus
+	12, // [12:12] is the sub-list for method output_type
+	12, // [12:12] is the sub-list for method input_type
+	12, // [12:12] is the sub-list for extension type_name
+	12, // [12:12] is the sub-list for extension extendee
+	0,  // [0:12] is the sub-list for field type_name
+}
+
+func init() { file_envoy_admin_v3_clusters_proto_init() }
+func file_envoy_admin_v3_clusters_proto_init() {
+	if File_envoy_admin_v3_clusters_proto != nil {
+		return
+	}
+	file_envoy_admin_v3_metrics_proto_init()
+	if !protoimpl.UnsafeEnabled {
+		file_envoy_admin_v3_clusters_proto_msgTypes[0].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*Clusters); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_admin_v3_clusters_proto_msgTypes[1].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*ClusterStatus); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_admin_v3_clusters_proto_msgTypes[2].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*HostStatus); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_admin_v3_clusters_proto_msgTypes[3].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*HostHealthStatus); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+	}
+	type x struct{}
+	out := protoimpl.TypeBuilder{
+		File: protoimpl.DescBuilder{
+			GoPackagePath: reflect.TypeOf(x{}).PkgPath(),
+			RawDescriptor: file_envoy_admin_v3_clusters_proto_rawDesc,
+			NumEnums:      0,
+			NumMessages:   4,
+			NumExtensions: 0,
+			NumServices:   0,
+		},
+		GoTypes:           file_envoy_admin_v3_clusters_proto_goTypes,
+		DependencyIndexes: file_envoy_admin_v3_clusters_proto_depIdxs,
+		MessageInfos:      file_envoy_admin_v3_clusters_proto_msgTypes,
+	}.Build()
+	File_envoy_admin_v3_clusters_proto = out.File
+	file_envoy_admin_v3_clusters_proto_rawDesc = nil
+	file_envoy_admin_v3_clusters_proto_goTypes = nil
+	file_envoy_admin_v3_clusters_proto_depIdxs = nil
+}
diff --git a/vendor/github.com/envoyproxy/go-control-plane/envoy/admin/v3/clusters.pb.validate.go b/vendor/github.com/envoyproxy/go-control-plane/envoy/admin/v3/clusters.pb.validate.go
new file mode 100644
index 00000000000..b4b983248dc
--- /dev/null
+++ b/vendor/github.com/envoyproxy/go-control-plane/envoy/admin/v3/clusters.pb.validate.go
@@ -0,0 +1,796 @@
+// Code generated by protoc-gen-validate. DO NOT EDIT.
+// source: envoy/admin/v3/clusters.proto
+
+package envoy_admin_v3
+
+import (
+	"bytes"
+	"errors"
+	"fmt"
+	"net"
+	"net/mail"
+	"net/url"
+	"regexp"
+	"sort"
+	"strings"
+	"time"
+	"unicode/utf8"
+
+	"google.golang.org/protobuf/types/known/anypb"
+
+	v3 "github.com/envoyproxy/go-control-plane/envoy/config/core/v3"
+)
+
+// ensure the imports are used
+var (
+	_ = bytes.MinRead
+	_ = errors.New("")
+	_ = fmt.Print
+	_ = utf8.UTFMax
+	_ = (*regexp.Regexp)(nil)
+	_ = (*strings.Reader)(nil)
+	_ = net.IPv4len
+	_ = time.Duration(0)
+	_ = (*url.URL)(nil)
+	_ = (*mail.Address)(nil)
+	_ = anypb.Any{}
+	_ = sort.Sort
+
+	_ = v3.HealthStatus(0)
+)
+
+// Validate checks the field values on Clusters with the rules defined in the
+// proto definition for this message. If any rules are violated, the first
+// error encountered is returned, or nil if there are no violations.
+func (m *Clusters) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on Clusters with the rules defined in
+// the proto definition for this message. If any rules are violated, the
+// result is a list of violation errors wrapped in ClustersMultiError, or nil
+// if none found.
+func (m *Clusters) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *Clusters) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	for idx, item := range m.GetClusterStatuses() {
+		_, _ = idx, item
+
+		if all {
+			switch v := interface{}(item).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, ClustersValidationError{
+						field:  fmt.Sprintf("ClusterStatuses[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, ClustersValidationError{
+						field:  fmt.Sprintf("ClusterStatuses[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(item).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return ClustersValidationError{
+					field:  fmt.Sprintf("ClusterStatuses[%v]", idx),
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	}
+
+	if len(errors) > 0 {
+		return ClustersMultiError(errors)
+	}
+	return nil
+}
+
+// ClustersMultiError is an error wrapping multiple validation errors returned
+// by Clusters.ValidateAll() if the designated constraints aren't met.
+type ClustersMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m ClustersMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m ClustersMultiError) AllErrors() []error { return m }
+
+// ClustersValidationError is the validation error returned by
+// Clusters.Validate if the designated constraints aren't met.
+type ClustersValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e ClustersValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e ClustersValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e ClustersValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e ClustersValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e ClustersValidationError) ErrorName() string { return "ClustersValidationError" }
+
+// Error satisfies the builtin error interface
+func (e ClustersValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sClusters.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = ClustersValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = ClustersValidationError{}
+
+// Validate checks the field values on ClusterStatus with the rules defined in
+// the proto definition for this message. If any rules are violated, the first
+// error encountered is returned, or nil if there are no violations.
+func (m *ClusterStatus) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on ClusterStatus with the rules defined
+// in the proto definition for this message. If any rules are violated, the
+// result is a list of violation errors wrapped in ClusterStatusMultiError, or
+// nil if none found.
+func (m *ClusterStatus) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *ClusterStatus) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	// no validation rules for Name
+
+	// no validation rules for AddedViaApi
+
+	if all {
+		switch v := interface{}(m.GetSuccessRateEjectionThreshold()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, ClusterStatusValidationError{
+					field:  "SuccessRateEjectionThreshold",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, ClusterStatusValidationError{
+					field:  "SuccessRateEjectionThreshold",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetSuccessRateEjectionThreshold()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return ClusterStatusValidationError{
+				field:  "SuccessRateEjectionThreshold",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	for idx, item := range m.GetHostStatuses() {
+		_, _ = idx, item
+
+		if all {
+			switch v := interface{}(item).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, ClusterStatusValidationError{
+						field:  fmt.Sprintf("HostStatuses[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, ClusterStatusValidationError{
+						field:  fmt.Sprintf("HostStatuses[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(item).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return ClusterStatusValidationError{
+					field:  fmt.Sprintf("HostStatuses[%v]", idx),
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	}
+
+	if all {
+		switch v := interface{}(m.GetLocalOriginSuccessRateEjectionThreshold()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, ClusterStatusValidationError{
+					field:  "LocalOriginSuccessRateEjectionThreshold",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, ClusterStatusValidationError{
+					field:  "LocalOriginSuccessRateEjectionThreshold",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetLocalOriginSuccessRateEjectionThreshold()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return ClusterStatusValidationError{
+				field:  "LocalOriginSuccessRateEjectionThreshold",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if all {
+		switch v := interface{}(m.GetCircuitBreakers()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, ClusterStatusValidationError{
+					field:  "CircuitBreakers",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, ClusterStatusValidationError{
+					field:  "CircuitBreakers",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetCircuitBreakers()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return ClusterStatusValidationError{
+				field:  "CircuitBreakers",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	// no validation rules for ObservabilityName
+
+	if len(errors) > 0 {
+		return ClusterStatusMultiError(errors)
+	}
+	return nil
+}
+
+// ClusterStatusMultiError is an error wrapping multiple validation errors
+// returned by ClusterStatus.ValidateAll() if the designated constraints
+// aren't met.
+type ClusterStatusMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m ClusterStatusMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m ClusterStatusMultiError) AllErrors() []error { return m }
+
+// ClusterStatusValidationError is the validation error returned by
+// ClusterStatus.Validate if the designated constraints aren't met.
+type ClusterStatusValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e ClusterStatusValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e ClusterStatusValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e ClusterStatusValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e ClusterStatusValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e ClusterStatusValidationError) ErrorName() string { return "ClusterStatusValidationError" }
+
+// Error satisfies the builtin error interface
+func (e ClusterStatusValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sClusterStatus.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = ClusterStatusValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = ClusterStatusValidationError{}
+
+// Validate checks the field values on HostStatus with the rules defined in the
+// proto definition for this message. If any rules are violated, the first
+// error encountered is returned, or nil if there are no violations.
+func (m *HostStatus) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on HostStatus with the rules defined in
+// the proto definition for this message. If any rules are violated, the
+// result is a list of violation errors wrapped in HostStatusMultiError, or
+// nil if none found.
+func (m *HostStatus) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *HostStatus) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	if all {
+		switch v := interface{}(m.GetAddress()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, HostStatusValidationError{
+					field:  "Address",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, HostStatusValidationError{
+					field:  "Address",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetAddress()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return HostStatusValidationError{
+				field:  "Address",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	for idx, item := range m.GetStats() {
+		_, _ = idx, item
+
+		if all {
+			switch v := interface{}(item).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, HostStatusValidationError{
+						field:  fmt.Sprintf("Stats[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, HostStatusValidationError{
+						field:  fmt.Sprintf("Stats[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(item).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return HostStatusValidationError{
+					field:  fmt.Sprintf("Stats[%v]", idx),
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	}
+
+	if all {
+		switch v := interface{}(m.GetHealthStatus()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, HostStatusValidationError{
+					field:  "HealthStatus",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, HostStatusValidationError{
+					field:  "HealthStatus",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetHealthStatus()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return HostStatusValidationError{
+				field:  "HealthStatus",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if all {
+		switch v := interface{}(m.GetSuccessRate()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, HostStatusValidationError{
+					field:  "SuccessRate",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, HostStatusValidationError{
+					field:  "SuccessRate",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetSuccessRate()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return HostStatusValidationError{
+				field:  "SuccessRate",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	// no validation rules for Weight
+
+	// no validation rules for Hostname
+
+	// no validation rules for Priority
+
+	if all {
+		switch v := interface{}(m.GetLocalOriginSuccessRate()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, HostStatusValidationError{
+					field:  "LocalOriginSuccessRate",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, HostStatusValidationError{
+					field:  "LocalOriginSuccessRate",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetLocalOriginSuccessRate()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return HostStatusValidationError{
+				field:  "LocalOriginSuccessRate",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if all {
+		switch v := interface{}(m.GetLocality()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, HostStatusValidationError{
+					field:  "Locality",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, HostStatusValidationError{
+					field:  "Locality",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetLocality()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return HostStatusValidationError{
+				field:  "Locality",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if len(errors) > 0 {
+		return HostStatusMultiError(errors)
+	}
+	return nil
+}
+
+// HostStatusMultiError is an error wrapping multiple validation errors
+// returned by HostStatus.ValidateAll() if the designated constraints aren't met.
+type HostStatusMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m HostStatusMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m HostStatusMultiError) AllErrors() []error { return m }
+
+// HostStatusValidationError is the validation error returned by
+// HostStatus.Validate if the designated constraints aren't met.
+type HostStatusValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e HostStatusValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e HostStatusValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e HostStatusValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e HostStatusValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e HostStatusValidationError) ErrorName() string { return "HostStatusValidationError" }
+
+// Error satisfies the builtin error interface
+func (e HostStatusValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sHostStatus.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = HostStatusValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = HostStatusValidationError{}
+
+// Validate checks the field values on HostHealthStatus with the rules defined
+// in the proto definition for this message. If any rules are violated, the
+// first error encountered is returned, or nil if there are no violations.
+func (m *HostHealthStatus) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on HostHealthStatus with the rules
+// defined in the proto definition for this message. If any rules are
+// violated, the result is a list of violation errors wrapped in
+// HostHealthStatusMultiError, or nil if none found.
+func (m *HostHealthStatus) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *HostHealthStatus) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	// no validation rules for FailedActiveHealthCheck
+
+	// no validation rules for FailedOutlierCheck
+
+	// no validation rules for FailedActiveDegradedCheck
+
+	// no validation rules for PendingDynamicRemoval
+
+	// no validation rules for PendingActiveHc
+
+	// no validation rules for ExcludedViaImmediateHcFail
+
+	// no validation rules for ActiveHcTimeout
+
+	// no validation rules for EdsHealthStatus
+
+	if len(errors) > 0 {
+		return HostHealthStatusMultiError(errors)
+	}
+	return nil
+}
+
+// HostHealthStatusMultiError is an error wrapping multiple validation errors
+// returned by HostHealthStatus.ValidateAll() if the designated constraints
+// aren't met.
+type HostHealthStatusMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m HostHealthStatusMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m HostHealthStatusMultiError) AllErrors() []error { return m }
+
+// HostHealthStatusValidationError is the validation error returned by
+// HostHealthStatus.Validate if the designated constraints aren't met.
+type HostHealthStatusValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e HostHealthStatusValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e HostHealthStatusValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e HostHealthStatusValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e HostHealthStatusValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e HostHealthStatusValidationError) ErrorName() string { return "HostHealthStatusValidationError" }
+
+// Error satisfies the builtin error interface
+func (e HostHealthStatusValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sHostHealthStatus.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = HostHealthStatusValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = HostHealthStatusValidationError{}
diff --git a/vendor/github.com/envoyproxy/go-control-plane/envoy/admin/v3/config_dump.pb.go b/vendor/github.com/envoyproxy/go-control-plane/envoy/admin/v3/config_dump.pb.go
new file mode 100644
index 00000000000..3877967d87c
--- /dev/null
+++ b/vendor/github.com/envoyproxy/go-control-plane/envoy/admin/v3/config_dump.pb.go
@@ -0,0 +1,2564 @@
+// Code generated by protoc-gen-go. DO NOT EDIT.
+// versions:
+// 	protoc-gen-go v1.25.0
+// 	protoc        v3.19.1
+// source: envoy/admin/v3/config_dump.proto
+
+package envoy_admin_v3
+
+import (
+	_ "github.com/cncf/xds/go/udpa/annotations"
+	v3 "github.com/envoyproxy/go-control-plane/envoy/config/bootstrap/v3"
+	proto "github.com/golang/protobuf/proto"
+	any "github.com/golang/protobuf/ptypes/any"
+	timestamp "github.com/golang/protobuf/ptypes/timestamp"
+	protoreflect "google.golang.org/protobuf/reflect/protoreflect"
+	protoimpl "google.golang.org/protobuf/runtime/protoimpl"
+	reflect "reflect"
+	sync "sync"
+)
+
+const (
+	// Verify that this generated code is sufficiently up-to-date.
+	_ = protoimpl.EnforceVersion(20 - protoimpl.MinVersion)
+	// Verify that runtime/protoimpl is sufficiently up-to-date.
+	_ = protoimpl.EnforceVersion(protoimpl.MaxVersion - 20)
+)
+
+// This is a compile-time assertion that a sufficiently up-to-date version
+// of the legacy proto package is being used.
+const _ = proto.ProtoPackageIsVersion4
+
+// Resource status from the view of a xDS client, which tells the synchronization
+// status between the xDS client and the xDS server.
+type ClientResourceStatus int32
+
+const (
+	// Resource status is not available/unknown.
+	ClientResourceStatus_UNKNOWN ClientResourceStatus = 0
+	// Client requested this resource but hasn't received any update from management
+	// server. The client will not fail requests, but will queue them until update
+	// arrives or the client times out waiting for the resource.
+	ClientResourceStatus_REQUESTED ClientResourceStatus = 1
+	// This resource has been requested by the client but has either not been
+	// delivered by the server or was previously delivered by the server and then
+	// subsequently removed from resources provided by the server. For more
+	// information, please refer to the :ref:`"Knowing When a Requested Resource
+	// Does Not Exist" <xds_protocol_resource_not_existed>` section.
+	ClientResourceStatus_DOES_NOT_EXIST ClientResourceStatus = 2
+	// Client received this resource and replied with ACK.
+	ClientResourceStatus_ACKED ClientResourceStatus = 3
+	// Client received this resource and replied with NACK.
+	ClientResourceStatus_NACKED ClientResourceStatus = 4
+)
+
+// Enum value maps for ClientResourceStatus.
+var (
+	ClientResourceStatus_name = map[int32]string{
+		0: "UNKNOWN",
+		1: "REQUESTED",
+		2: "DOES_NOT_EXIST",
+		3: "ACKED",
+		4: "NACKED",
+	}
+	ClientResourceStatus_value = map[string]int32{
+		"UNKNOWN":        0,
+		"REQUESTED":      1,
+		"DOES_NOT_EXIST": 2,
+		"ACKED":          3,
+		"NACKED":         4,
+	}
+)
+
+func (x ClientResourceStatus) Enum() *ClientResourceStatus {
+	p := new(ClientResourceStatus)
+	*p = x
+	return p
+}
+
+func (x ClientResourceStatus) String() string {
+	return protoimpl.X.EnumStringOf(x.Descriptor(), protoreflect.EnumNumber(x))
+}
+
+func (ClientResourceStatus) Descriptor() protoreflect.EnumDescriptor {
+	return file_envoy_admin_v3_config_dump_proto_enumTypes[0].Descriptor()
+}
+
+func (ClientResourceStatus) Type() protoreflect.EnumType {
+	return &file_envoy_admin_v3_config_dump_proto_enumTypes[0]
+}
+
+func (x ClientResourceStatus) Number() protoreflect.EnumNumber {
+	return protoreflect.EnumNumber(x)
+}
+
+// Deprecated: Use ClientResourceStatus.Descriptor instead.
+func (ClientResourceStatus) EnumDescriptor() ([]byte, []int) {
+	return file_envoy_admin_v3_config_dump_proto_rawDescGZIP(), []int{0}
+}
+
+// The :ref:`/config_dump <operations_admin_interface_config_dump>` admin endpoint uses this wrapper
+// message to maintain and serve arbitrary configuration information from any component in Envoy.
+type ConfigDump struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// This list is serialized and dumped in its entirety at the
+	// :ref:`/config_dump <operations_admin_interface_config_dump>` endpoint.
+	//
+	// The following configurations are currently supported and will be dumped in the order given
+	// below:
+	//
+	// * *bootstrap*: :ref:`BootstrapConfigDump <envoy_v3_api_msg_admin.v3.BootstrapConfigDump>`
+	// * *clusters*: :ref:`ClustersConfigDump <envoy_v3_api_msg_admin.v3.ClustersConfigDump>`
+	// * *endpoints*:  :ref:`EndpointsConfigDump <envoy_v3_api_msg_admin.v3.EndpointsConfigDump>`
+	// * *listeners*: :ref:`ListenersConfigDump <envoy_v3_api_msg_admin.v3.ListenersConfigDump>`
+	// * *scoped_routes*: :ref:`ScopedRoutesConfigDump <envoy_v3_api_msg_admin.v3.ScopedRoutesConfigDump>`
+	// * *routes*:  :ref:`RoutesConfigDump <envoy_v3_api_msg_admin.v3.RoutesConfigDump>`
+	// * *secrets*:  :ref:`SecretsConfigDump <envoy_v3_api_msg_admin.v3.SecretsConfigDump>`
+	//
+	// EDS Configuration will only be dumped by using parameter `?include_eds`
+	//
+	// You can filter output with the resource and mask query parameters.
+	// See :ref:`/config_dump?resource={} <operations_admin_interface_config_dump_by_resource>`,
+	// :ref:`/config_dump?mask={} <operations_admin_interface_config_dump_by_mask>`,
+	// or :ref:`/config_dump?resource={},mask={}
+	// <operations_admin_interface_config_dump_by_resource_and_mask>` for more information.
+	Configs []*any.Any `protobuf:"bytes,1,rep,name=configs,proto3" json:"configs,omitempty"`
+}
+
+func (x *ConfigDump) Reset() {
+	*x = ConfigDump{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_admin_v3_config_dump_proto_msgTypes[0]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *ConfigDump) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*ConfigDump) ProtoMessage() {}
+
+func (x *ConfigDump) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_admin_v3_config_dump_proto_msgTypes[0]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use ConfigDump.ProtoReflect.Descriptor instead.
+func (*ConfigDump) Descriptor() ([]byte, []int) {
+	return file_envoy_admin_v3_config_dump_proto_rawDescGZIP(), []int{0}
+}
+
+func (x *ConfigDump) GetConfigs() []*any.Any {
+	if x != nil {
+		return x.Configs
+	}
+	return nil
+}
+
+type UpdateFailureState struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// What the component configuration would have been if the update had succeeded.
+	// This field may not be populated by xDS clients due to storage overhead.
+	FailedConfiguration *any.Any `protobuf:"bytes,1,opt,name=failed_configuration,json=failedConfiguration,proto3" json:"failed_configuration,omitempty"`
+	// Time of the latest failed update attempt.
+	LastUpdateAttempt *timestamp.Timestamp `protobuf:"bytes,2,opt,name=last_update_attempt,json=lastUpdateAttempt,proto3" json:"last_update_attempt,omitempty"`
+	// Details about the last failed update attempt.
+	Details string `protobuf:"bytes,3,opt,name=details,proto3" json:"details,omitempty"`
+	// This is the version of the rejected resource.
+	// [#not-implemented-hide:]
+	VersionInfo string `protobuf:"bytes,4,opt,name=version_info,json=versionInfo,proto3" json:"version_info,omitempty"`
+}
+
+func (x *UpdateFailureState) Reset() {
+	*x = UpdateFailureState{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_admin_v3_config_dump_proto_msgTypes[1]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *UpdateFailureState) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*UpdateFailureState) ProtoMessage() {}
+
+func (x *UpdateFailureState) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_admin_v3_config_dump_proto_msgTypes[1]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use UpdateFailureState.ProtoReflect.Descriptor instead.
+func (*UpdateFailureState) Descriptor() ([]byte, []int) {
+	return file_envoy_admin_v3_config_dump_proto_rawDescGZIP(), []int{1}
+}
+
+func (x *UpdateFailureState) GetFailedConfiguration() *any.Any {
+	if x != nil {
+		return x.FailedConfiguration
+	}
+	return nil
+}
+
+func (x *UpdateFailureState) GetLastUpdateAttempt() *timestamp.Timestamp {
+	if x != nil {
+		return x.LastUpdateAttempt
+	}
+	return nil
+}
+
+func (x *UpdateFailureState) GetDetails() string {
+	if x != nil {
+		return x.Details
+	}
+	return ""
+}
+
+func (x *UpdateFailureState) GetVersionInfo() string {
+	if x != nil {
+		return x.VersionInfo
+	}
+	return ""
+}
+
+// This message describes the bootstrap configuration that Envoy was started with. This includes
+// any CLI overrides that were merged. Bootstrap configuration information can be used to recreate
+// the static portions of an Envoy configuration by reusing the output as the bootstrap
+// configuration for another Envoy.
+type BootstrapConfigDump struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	Bootstrap *v3.Bootstrap `protobuf:"bytes,1,opt,name=bootstrap,proto3" json:"bootstrap,omitempty"`
+	// The timestamp when the BootstrapConfig was last updated.
+	LastUpdated *timestamp.Timestamp `protobuf:"bytes,2,opt,name=last_updated,json=lastUpdated,proto3" json:"last_updated,omitempty"`
+}
+
+func (x *BootstrapConfigDump) Reset() {
+	*x = BootstrapConfigDump{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_admin_v3_config_dump_proto_msgTypes[2]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *BootstrapConfigDump) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*BootstrapConfigDump) ProtoMessage() {}
+
+func (x *BootstrapConfigDump) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_admin_v3_config_dump_proto_msgTypes[2]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use BootstrapConfigDump.ProtoReflect.Descriptor instead.
+func (*BootstrapConfigDump) Descriptor() ([]byte, []int) {
+	return file_envoy_admin_v3_config_dump_proto_rawDescGZIP(), []int{2}
+}
+
+func (x *BootstrapConfigDump) GetBootstrap() *v3.Bootstrap {
+	if x != nil {
+		return x.Bootstrap
+	}
+	return nil
+}
+
+func (x *BootstrapConfigDump) GetLastUpdated() *timestamp.Timestamp {
+	if x != nil {
+		return x.LastUpdated
+	}
+	return nil
+}
+
+// Envoy's listener manager fills this message with all currently known listeners. Listener
+// configuration information can be used to recreate an Envoy configuration by populating all
+// listeners as static listeners or by returning them in a LDS response.
+type ListenersConfigDump struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// This is the :ref:`version_info <envoy_v3_api_field_service.discovery.v3.DiscoveryResponse.version_info>` in the
+	// last processed LDS discovery response. If there are only static bootstrap listeners, this field
+	// will be "".
+	VersionInfo string `protobuf:"bytes,1,opt,name=version_info,json=versionInfo,proto3" json:"version_info,omitempty"`
+	// The statically loaded listener configs.
+	StaticListeners []*ListenersConfigDump_StaticListener `protobuf:"bytes,2,rep,name=static_listeners,json=staticListeners,proto3" json:"static_listeners,omitempty"`
+	// State for any warming, active, or draining listeners.
+	DynamicListeners []*ListenersConfigDump_DynamicListener `protobuf:"bytes,3,rep,name=dynamic_listeners,json=dynamicListeners,proto3" json:"dynamic_listeners,omitempty"`
+}
+
+func (x *ListenersConfigDump) Reset() {
+	*x = ListenersConfigDump{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_admin_v3_config_dump_proto_msgTypes[3]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *ListenersConfigDump) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*ListenersConfigDump) ProtoMessage() {}
+
+func (x *ListenersConfigDump) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_admin_v3_config_dump_proto_msgTypes[3]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use ListenersConfigDump.ProtoReflect.Descriptor instead.
+func (*ListenersConfigDump) Descriptor() ([]byte, []int) {
+	return file_envoy_admin_v3_config_dump_proto_rawDescGZIP(), []int{3}
+}
+
+func (x *ListenersConfigDump) GetVersionInfo() string {
+	if x != nil {
+		return x.VersionInfo
+	}
+	return ""
+}
+
+func (x *ListenersConfigDump) GetStaticListeners() []*ListenersConfigDump_StaticListener {
+	if x != nil {
+		return x.StaticListeners
+	}
+	return nil
+}
+
+func (x *ListenersConfigDump) GetDynamicListeners() []*ListenersConfigDump_DynamicListener {
+	if x != nil {
+		return x.DynamicListeners
+	}
+	return nil
+}
+
+// Envoy's cluster manager fills this message with all currently known clusters. Cluster
+// configuration information can be used to recreate an Envoy configuration by populating all
+// clusters as static clusters or by returning them in a CDS response.
+type ClustersConfigDump struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// This is the :ref:`version_info <envoy_v3_api_field_service.discovery.v3.DiscoveryResponse.version_info>` in the
+	// last processed CDS discovery response. If there are only static bootstrap clusters, this field
+	// will be "".
+	VersionInfo string `protobuf:"bytes,1,opt,name=version_info,json=versionInfo,proto3" json:"version_info,omitempty"`
+	// The statically loaded cluster configs.
+	StaticClusters []*ClustersConfigDump_StaticCluster `protobuf:"bytes,2,rep,name=static_clusters,json=staticClusters,proto3" json:"static_clusters,omitempty"`
+	// The dynamically loaded active clusters. These are clusters that are available to service
+	// data plane traffic.
+	DynamicActiveClusters []*ClustersConfigDump_DynamicCluster `protobuf:"bytes,3,rep,name=dynamic_active_clusters,json=dynamicActiveClusters,proto3" json:"dynamic_active_clusters,omitempty"`
+	// The dynamically loaded warming clusters. These are clusters that are currently undergoing
+	// warming in preparation to service data plane traffic. Note that if attempting to recreate an
+	// Envoy configuration from a configuration dump, the warming clusters should generally be
+	// discarded.
+	DynamicWarmingClusters []*ClustersConfigDump_DynamicCluster `protobuf:"bytes,4,rep,name=dynamic_warming_clusters,json=dynamicWarmingClusters,proto3" json:"dynamic_warming_clusters,omitempty"`
+}
+
+func (x *ClustersConfigDump) Reset() {
+	*x = ClustersConfigDump{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_admin_v3_config_dump_proto_msgTypes[4]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *ClustersConfigDump) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*ClustersConfigDump) ProtoMessage() {}
+
+func (x *ClustersConfigDump) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_admin_v3_config_dump_proto_msgTypes[4]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use ClustersConfigDump.ProtoReflect.Descriptor instead.
+func (*ClustersConfigDump) Descriptor() ([]byte, []int) {
+	return file_envoy_admin_v3_config_dump_proto_rawDescGZIP(), []int{4}
+}
+
+func (x *ClustersConfigDump) GetVersionInfo() string {
+	if x != nil {
+		return x.VersionInfo
+	}
+	return ""
+}
+
+func (x *ClustersConfigDump) GetStaticClusters() []*ClustersConfigDump_StaticCluster {
+	if x != nil {
+		return x.StaticClusters
+	}
+	return nil
+}
+
+func (x *ClustersConfigDump) GetDynamicActiveClusters() []*ClustersConfigDump_DynamicCluster {
+	if x != nil {
+		return x.DynamicActiveClusters
+	}
+	return nil
+}
+
+func (x *ClustersConfigDump) GetDynamicWarmingClusters() []*ClustersConfigDump_DynamicCluster {
+	if x != nil {
+		return x.DynamicWarmingClusters
+	}
+	return nil
+}
+
+// Envoy's RDS implementation fills this message with all currently loaded routes, as described by
+// their RouteConfiguration objects. Static routes that are either defined in the bootstrap configuration
+// or defined inline while configuring listeners are separated from those configured dynamically via RDS.
+// Route configuration information can be used to recreate an Envoy configuration by populating all routes
+// as static routes or by returning them in RDS responses.
+type RoutesConfigDump struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// The statically loaded route configs.
+	StaticRouteConfigs []*RoutesConfigDump_StaticRouteConfig `protobuf:"bytes,2,rep,name=static_route_configs,json=staticRouteConfigs,proto3" json:"static_route_configs,omitempty"`
+	// The dynamically loaded route configs.
+	DynamicRouteConfigs []*RoutesConfigDump_DynamicRouteConfig `protobuf:"bytes,3,rep,name=dynamic_route_configs,json=dynamicRouteConfigs,proto3" json:"dynamic_route_configs,omitempty"`
+}
+
+func (x *RoutesConfigDump) Reset() {
+	*x = RoutesConfigDump{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_admin_v3_config_dump_proto_msgTypes[5]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *RoutesConfigDump) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*RoutesConfigDump) ProtoMessage() {}
+
+func (x *RoutesConfigDump) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_admin_v3_config_dump_proto_msgTypes[5]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use RoutesConfigDump.ProtoReflect.Descriptor instead.
+func (*RoutesConfigDump) Descriptor() ([]byte, []int) {
+	return file_envoy_admin_v3_config_dump_proto_rawDescGZIP(), []int{5}
+}
+
+func (x *RoutesConfigDump) GetStaticRouteConfigs() []*RoutesConfigDump_StaticRouteConfig {
+	if x != nil {
+		return x.StaticRouteConfigs
+	}
+	return nil
+}
+
+func (x *RoutesConfigDump) GetDynamicRouteConfigs() []*RoutesConfigDump_DynamicRouteConfig {
+	if x != nil {
+		return x.DynamicRouteConfigs
+	}
+	return nil
+}
+
+// Envoy's scoped RDS implementation fills this message with all currently loaded route
+// configuration scopes (defined via ScopedRouteConfigurationsSet protos). This message lists both
+// the scopes defined inline with the higher order object (i.e., the HttpConnectionManager) and the
+// dynamically obtained scopes via the SRDS API.
+type ScopedRoutesConfigDump struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// The statically loaded scoped route configs.
+	InlineScopedRouteConfigs []*ScopedRoutesConfigDump_InlineScopedRouteConfigs `protobuf:"bytes,1,rep,name=inline_scoped_route_configs,json=inlineScopedRouteConfigs,proto3" json:"inline_scoped_route_configs,omitempty"`
+	// The dynamically loaded scoped route configs.
+	DynamicScopedRouteConfigs []*ScopedRoutesConfigDump_DynamicScopedRouteConfigs `protobuf:"bytes,2,rep,name=dynamic_scoped_route_configs,json=dynamicScopedRouteConfigs,proto3" json:"dynamic_scoped_route_configs,omitempty"`
+}
+
+func (x *ScopedRoutesConfigDump) Reset() {
+	*x = ScopedRoutesConfigDump{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_admin_v3_config_dump_proto_msgTypes[6]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *ScopedRoutesConfigDump) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*ScopedRoutesConfigDump) ProtoMessage() {}
+
+func (x *ScopedRoutesConfigDump) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_admin_v3_config_dump_proto_msgTypes[6]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use ScopedRoutesConfigDump.ProtoReflect.Descriptor instead.
+func (*ScopedRoutesConfigDump) Descriptor() ([]byte, []int) {
+	return file_envoy_admin_v3_config_dump_proto_rawDescGZIP(), []int{6}
+}
+
+func (x *ScopedRoutesConfigDump) GetInlineScopedRouteConfigs() []*ScopedRoutesConfigDump_InlineScopedRouteConfigs {
+	if x != nil {
+		return x.InlineScopedRouteConfigs
+	}
+	return nil
+}
+
+func (x *ScopedRoutesConfigDump) GetDynamicScopedRouteConfigs() []*ScopedRoutesConfigDump_DynamicScopedRouteConfigs {
+	if x != nil {
+		return x.DynamicScopedRouteConfigs
+	}
+	return nil
+}
+
+// Envoys SDS implementation fills this message with all secrets fetched dynamically via SDS.
+type SecretsConfigDump struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// The statically loaded secrets.
+	StaticSecrets []*SecretsConfigDump_StaticSecret `protobuf:"bytes,1,rep,name=static_secrets,json=staticSecrets,proto3" json:"static_secrets,omitempty"`
+	// The dynamically loaded active secrets. These are secrets that are available to service
+	// clusters or listeners.
+	DynamicActiveSecrets []*SecretsConfigDump_DynamicSecret `protobuf:"bytes,2,rep,name=dynamic_active_secrets,json=dynamicActiveSecrets,proto3" json:"dynamic_active_secrets,omitempty"`
+	// The dynamically loaded warming secrets. These are secrets that are currently undergoing
+	// warming in preparation to service clusters or listeners.
+	DynamicWarmingSecrets []*SecretsConfigDump_DynamicSecret `protobuf:"bytes,3,rep,name=dynamic_warming_secrets,json=dynamicWarmingSecrets,proto3" json:"dynamic_warming_secrets,omitempty"`
+}
+
+func (x *SecretsConfigDump) Reset() {
+	*x = SecretsConfigDump{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_admin_v3_config_dump_proto_msgTypes[7]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *SecretsConfigDump) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*SecretsConfigDump) ProtoMessage() {}
+
+func (x *SecretsConfigDump) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_admin_v3_config_dump_proto_msgTypes[7]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use SecretsConfigDump.ProtoReflect.Descriptor instead.
+func (*SecretsConfigDump) Descriptor() ([]byte, []int) {
+	return file_envoy_admin_v3_config_dump_proto_rawDescGZIP(), []int{7}
+}
+
+func (x *SecretsConfigDump) GetStaticSecrets() []*SecretsConfigDump_StaticSecret {
+	if x != nil {
+		return x.StaticSecrets
+	}
+	return nil
+}
+
+func (x *SecretsConfigDump) GetDynamicActiveSecrets() []*SecretsConfigDump_DynamicSecret {
+	if x != nil {
+		return x.DynamicActiveSecrets
+	}
+	return nil
+}
+
+func (x *SecretsConfigDump) GetDynamicWarmingSecrets() []*SecretsConfigDump_DynamicSecret {
+	if x != nil {
+		return x.DynamicWarmingSecrets
+	}
+	return nil
+}
+
+// Envoy's admin fill this message with all currently known endpoints. Endpoint
+// configuration information can be used to recreate an Envoy configuration by populating all
+// endpoints as static endpoints or by returning them in an EDS response.
+type EndpointsConfigDump struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// The statically loaded endpoint configs.
+	StaticEndpointConfigs []*EndpointsConfigDump_StaticEndpointConfig `protobuf:"bytes,2,rep,name=static_endpoint_configs,json=staticEndpointConfigs,proto3" json:"static_endpoint_configs,omitempty"`
+	// The dynamically loaded endpoint configs.
+	DynamicEndpointConfigs []*EndpointsConfigDump_DynamicEndpointConfig `protobuf:"bytes,3,rep,name=dynamic_endpoint_configs,json=dynamicEndpointConfigs,proto3" json:"dynamic_endpoint_configs,omitempty"`
+}
+
+func (x *EndpointsConfigDump) Reset() {
+	*x = EndpointsConfigDump{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_admin_v3_config_dump_proto_msgTypes[8]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *EndpointsConfigDump) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*EndpointsConfigDump) ProtoMessage() {}
+
+func (x *EndpointsConfigDump) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_admin_v3_config_dump_proto_msgTypes[8]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use EndpointsConfigDump.ProtoReflect.Descriptor instead.
+func (*EndpointsConfigDump) Descriptor() ([]byte, []int) {
+	return file_envoy_admin_v3_config_dump_proto_rawDescGZIP(), []int{8}
+}
+
+func (x *EndpointsConfigDump) GetStaticEndpointConfigs() []*EndpointsConfigDump_StaticEndpointConfig {
+	if x != nil {
+		return x.StaticEndpointConfigs
+	}
+	return nil
+}
+
+func (x *EndpointsConfigDump) GetDynamicEndpointConfigs() []*EndpointsConfigDump_DynamicEndpointConfig {
+	if x != nil {
+		return x.DynamicEndpointConfigs
+	}
+	return nil
+}
+
+// Describes a statically loaded listener.
+type ListenersConfigDump_StaticListener struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// The listener config.
+	Listener *any.Any `protobuf:"bytes,1,opt,name=listener,proto3" json:"listener,omitempty"`
+	// The timestamp when the Listener was last successfully updated.
+	LastUpdated *timestamp.Timestamp `protobuf:"bytes,2,opt,name=last_updated,json=lastUpdated,proto3" json:"last_updated,omitempty"`
+}
+
+func (x *ListenersConfigDump_StaticListener) Reset() {
+	*x = ListenersConfigDump_StaticListener{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_admin_v3_config_dump_proto_msgTypes[9]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *ListenersConfigDump_StaticListener) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*ListenersConfigDump_StaticListener) ProtoMessage() {}
+
+func (x *ListenersConfigDump_StaticListener) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_admin_v3_config_dump_proto_msgTypes[9]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use ListenersConfigDump_StaticListener.ProtoReflect.Descriptor instead.
+func (*ListenersConfigDump_StaticListener) Descriptor() ([]byte, []int) {
+	return file_envoy_admin_v3_config_dump_proto_rawDescGZIP(), []int{3, 0}
+}
+
+func (x *ListenersConfigDump_StaticListener) GetListener() *any.Any {
+	if x != nil {
+		return x.Listener
+	}
+	return nil
+}
+
+func (x *ListenersConfigDump_StaticListener) GetLastUpdated() *timestamp.Timestamp {
+	if x != nil {
+		return x.LastUpdated
+	}
+	return nil
+}
+
+type ListenersConfigDump_DynamicListenerState struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// This is the per-resource version information. This version is currently taken from the
+	// :ref:`version_info <envoy_v3_api_field_service.discovery.v3.DiscoveryResponse.version_info>` field at the time
+	// that the listener was loaded. In the future, discrete per-listener versions may be supported
+	// by the API.
+	VersionInfo string `protobuf:"bytes,1,opt,name=version_info,json=versionInfo,proto3" json:"version_info,omitempty"`
+	// The listener config.
+	Listener *any.Any `protobuf:"bytes,2,opt,name=listener,proto3" json:"listener,omitempty"`
+	// The timestamp when the Listener was last successfully updated.
+	LastUpdated *timestamp.Timestamp `protobuf:"bytes,3,opt,name=last_updated,json=lastUpdated,proto3" json:"last_updated,omitempty"`
+}
+
+func (x *ListenersConfigDump_DynamicListenerState) Reset() {
+	*x = ListenersConfigDump_DynamicListenerState{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_admin_v3_config_dump_proto_msgTypes[10]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *ListenersConfigDump_DynamicListenerState) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*ListenersConfigDump_DynamicListenerState) ProtoMessage() {}
+
+func (x *ListenersConfigDump_DynamicListenerState) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_admin_v3_config_dump_proto_msgTypes[10]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use ListenersConfigDump_DynamicListenerState.ProtoReflect.Descriptor instead.
+func (*ListenersConfigDump_DynamicListenerState) Descriptor() ([]byte, []int) {
+	return file_envoy_admin_v3_config_dump_proto_rawDescGZIP(), []int{3, 1}
+}
+
+func (x *ListenersConfigDump_DynamicListenerState) GetVersionInfo() string {
+	if x != nil {
+		return x.VersionInfo
+	}
+	return ""
+}
+
+func (x *ListenersConfigDump_DynamicListenerState) GetListener() *any.Any {
+	if x != nil {
+		return x.Listener
+	}
+	return nil
+}
+
+func (x *ListenersConfigDump_DynamicListenerState) GetLastUpdated() *timestamp.Timestamp {
+	if x != nil {
+		return x.LastUpdated
+	}
+	return nil
+}
+
+// Describes a dynamically loaded listener via the LDS API.
+// [#next-free-field: 7]
+type ListenersConfigDump_DynamicListener struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// The name or unique id of this listener, pulled from the DynamicListenerState config.
+	Name string `protobuf:"bytes,1,opt,name=name,proto3" json:"name,omitempty"`
+	// The listener state for any active listener by this name.
+	// These are listeners that are available to service data plane traffic.
+	ActiveState *ListenersConfigDump_DynamicListenerState `protobuf:"bytes,2,opt,name=active_state,json=activeState,proto3" json:"active_state,omitempty"`
+	// The listener state for any warming listener by this name.
+	// These are listeners that are currently undergoing warming in preparation to service data
+	// plane traffic. Note that if attempting to recreate an Envoy configuration from a
+	// configuration dump, the warming listeners should generally be discarded.
+	WarmingState *ListenersConfigDump_DynamicListenerState `protobuf:"bytes,3,opt,name=warming_state,json=warmingState,proto3" json:"warming_state,omitempty"`
+	// The listener state for any draining listener by this name.
+	// These are listeners that are currently undergoing draining in preparation to stop servicing
+	// data plane traffic. Note that if attempting to recreate an Envoy configuration from a
+	// configuration dump, the draining listeners should generally be discarded.
+	DrainingState *ListenersConfigDump_DynamicListenerState `protobuf:"bytes,4,opt,name=draining_state,json=drainingState,proto3" json:"draining_state,omitempty"`
+	// Set if the last update failed, cleared after the next successful update.
+	// The *error_state* field contains the rejected version of this particular
+	// resource along with the reason and timestamp. For successfully updated or
+	// acknowledged resource, this field should be empty.
+	ErrorState *UpdateFailureState `protobuf:"bytes,5,opt,name=error_state,json=errorState,proto3" json:"error_state,omitempty"`
+	// The client status of this resource.
+	// [#not-implemented-hide:]
+	ClientStatus ClientResourceStatus `protobuf:"varint,6,opt,name=client_status,json=clientStatus,proto3,enum=envoy.admin.v3.ClientResourceStatus" json:"client_status,omitempty"`
+}
+
+func (x *ListenersConfigDump_DynamicListener) Reset() {
+	*x = ListenersConfigDump_DynamicListener{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_admin_v3_config_dump_proto_msgTypes[11]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *ListenersConfigDump_DynamicListener) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*ListenersConfigDump_DynamicListener) ProtoMessage() {}
+
+func (x *ListenersConfigDump_DynamicListener) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_admin_v3_config_dump_proto_msgTypes[11]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use ListenersConfigDump_DynamicListener.ProtoReflect.Descriptor instead.
+func (*ListenersConfigDump_DynamicListener) Descriptor() ([]byte, []int) {
+	return file_envoy_admin_v3_config_dump_proto_rawDescGZIP(), []int{3, 2}
+}
+
+func (x *ListenersConfigDump_DynamicListener) GetName() string {
+	if x != nil {
+		return x.Name
+	}
+	return ""
+}
+
+func (x *ListenersConfigDump_DynamicListener) GetActiveState() *ListenersConfigDump_DynamicListenerState {
+	if x != nil {
+		return x.ActiveState
+	}
+	return nil
+}
+
+func (x *ListenersConfigDump_DynamicListener) GetWarmingState() *ListenersConfigDump_DynamicListenerState {
+	if x != nil {
+		return x.WarmingState
+	}
+	return nil
+}
+
+func (x *ListenersConfigDump_DynamicListener) GetDrainingState() *ListenersConfigDump_DynamicListenerState {
+	if x != nil {
+		return x.DrainingState
+	}
+	return nil
+}
+
+func (x *ListenersConfigDump_DynamicListener) GetErrorState() *UpdateFailureState {
+	if x != nil {
+		return x.ErrorState
+	}
+	return nil
+}
+
+func (x *ListenersConfigDump_DynamicListener) GetClientStatus() ClientResourceStatus {
+	if x != nil {
+		return x.ClientStatus
+	}
+	return ClientResourceStatus_UNKNOWN
+}
+
+// Describes a statically loaded cluster.
+type ClustersConfigDump_StaticCluster struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// The cluster config.
+	Cluster *any.Any `protobuf:"bytes,1,opt,name=cluster,proto3" json:"cluster,omitempty"`
+	// The timestamp when the Cluster was last updated.
+	LastUpdated *timestamp.Timestamp `protobuf:"bytes,2,opt,name=last_updated,json=lastUpdated,proto3" json:"last_updated,omitempty"`
+}
+
+func (x *ClustersConfigDump_StaticCluster) Reset() {
+	*x = ClustersConfigDump_StaticCluster{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_admin_v3_config_dump_proto_msgTypes[12]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *ClustersConfigDump_StaticCluster) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*ClustersConfigDump_StaticCluster) ProtoMessage() {}
+
+func (x *ClustersConfigDump_StaticCluster) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_admin_v3_config_dump_proto_msgTypes[12]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use ClustersConfigDump_StaticCluster.ProtoReflect.Descriptor instead.
+func (*ClustersConfigDump_StaticCluster) Descriptor() ([]byte, []int) {
+	return file_envoy_admin_v3_config_dump_proto_rawDescGZIP(), []int{4, 0}
+}
+
+func (x *ClustersConfigDump_StaticCluster) GetCluster() *any.Any {
+	if x != nil {
+		return x.Cluster
+	}
+	return nil
+}
+
+func (x *ClustersConfigDump_StaticCluster) GetLastUpdated() *timestamp.Timestamp {
+	if x != nil {
+		return x.LastUpdated
+	}
+	return nil
+}
+
+// Describes a dynamically loaded cluster via the CDS API.
+// [#next-free-field: 6]
+type ClustersConfigDump_DynamicCluster struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// This is the per-resource version information. This version is currently taken from the
+	// :ref:`version_info <envoy_v3_api_field_service.discovery.v3.DiscoveryResponse.version_info>` field at the time
+	// that the cluster was loaded. In the future, discrete per-cluster versions may be supported by
+	// the API.
+	VersionInfo string `protobuf:"bytes,1,opt,name=version_info,json=versionInfo,proto3" json:"version_info,omitempty"`
+	// The cluster config.
+	Cluster *any.Any `protobuf:"bytes,2,opt,name=cluster,proto3" json:"cluster,omitempty"`
+	// The timestamp when the Cluster was last updated.
+	LastUpdated *timestamp.Timestamp `protobuf:"bytes,3,opt,name=last_updated,json=lastUpdated,proto3" json:"last_updated,omitempty"`
+	// Set if the last update failed, cleared after the next successful update.
+	// The *error_state* field contains the rejected version of this particular
+	// resource along with the reason and timestamp. For successfully updated or
+	// acknowledged resource, this field should be empty.
+	// [#not-implemented-hide:]
+	ErrorState *UpdateFailureState `protobuf:"bytes,4,opt,name=error_state,json=errorState,proto3" json:"error_state,omitempty"`
+	// The client status of this resource.
+	// [#not-implemented-hide:]
+	ClientStatus ClientResourceStatus `protobuf:"varint,5,opt,name=client_status,json=clientStatus,proto3,enum=envoy.admin.v3.ClientResourceStatus" json:"client_status,omitempty"`
+}
+
+func (x *ClustersConfigDump_DynamicCluster) Reset() {
+	*x = ClustersConfigDump_DynamicCluster{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_admin_v3_config_dump_proto_msgTypes[13]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *ClustersConfigDump_DynamicCluster) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*ClustersConfigDump_DynamicCluster) ProtoMessage() {}
+
+func (x *ClustersConfigDump_DynamicCluster) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_admin_v3_config_dump_proto_msgTypes[13]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use ClustersConfigDump_DynamicCluster.ProtoReflect.Descriptor instead.
+func (*ClustersConfigDump_DynamicCluster) Descriptor() ([]byte, []int) {
+	return file_envoy_admin_v3_config_dump_proto_rawDescGZIP(), []int{4, 1}
+}
+
+func (x *ClustersConfigDump_DynamicCluster) GetVersionInfo() string {
+	if x != nil {
+		return x.VersionInfo
+	}
+	return ""
+}
+
+func (x *ClustersConfigDump_DynamicCluster) GetCluster() *any.Any {
+	if x != nil {
+		return x.Cluster
+	}
+	return nil
+}
+
+func (x *ClustersConfigDump_DynamicCluster) GetLastUpdated() *timestamp.Timestamp {
+	if x != nil {
+		return x.LastUpdated
+	}
+	return nil
+}
+
+func (x *ClustersConfigDump_DynamicCluster) GetErrorState() *UpdateFailureState {
+	if x != nil {
+		return x.ErrorState
+	}
+	return nil
+}
+
+func (x *ClustersConfigDump_DynamicCluster) GetClientStatus() ClientResourceStatus {
+	if x != nil {
+		return x.ClientStatus
+	}
+	return ClientResourceStatus_UNKNOWN
+}
+
+type RoutesConfigDump_StaticRouteConfig struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// The route config.
+	RouteConfig *any.Any `protobuf:"bytes,1,opt,name=route_config,json=routeConfig,proto3" json:"route_config,omitempty"`
+	// The timestamp when the Route was last updated.
+	LastUpdated *timestamp.Timestamp `protobuf:"bytes,2,opt,name=last_updated,json=lastUpdated,proto3" json:"last_updated,omitempty"`
+}
+
+func (x *RoutesConfigDump_StaticRouteConfig) Reset() {
+	*x = RoutesConfigDump_StaticRouteConfig{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_admin_v3_config_dump_proto_msgTypes[14]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *RoutesConfigDump_StaticRouteConfig) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*RoutesConfigDump_StaticRouteConfig) ProtoMessage() {}
+
+func (x *RoutesConfigDump_StaticRouteConfig) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_admin_v3_config_dump_proto_msgTypes[14]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use RoutesConfigDump_StaticRouteConfig.ProtoReflect.Descriptor instead.
+func (*RoutesConfigDump_StaticRouteConfig) Descriptor() ([]byte, []int) {
+	return file_envoy_admin_v3_config_dump_proto_rawDescGZIP(), []int{5, 0}
+}
+
+func (x *RoutesConfigDump_StaticRouteConfig) GetRouteConfig() *any.Any {
+	if x != nil {
+		return x.RouteConfig
+	}
+	return nil
+}
+
+func (x *RoutesConfigDump_StaticRouteConfig) GetLastUpdated() *timestamp.Timestamp {
+	if x != nil {
+		return x.LastUpdated
+	}
+	return nil
+}
+
+// [#next-free-field: 6]
+type RoutesConfigDump_DynamicRouteConfig struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// This is the per-resource version information. This version is currently taken from the
+	// :ref:`version_info <envoy_v3_api_field_service.discovery.v3.DiscoveryResponse.version_info>` field at the time that
+	// the route configuration was loaded.
+	VersionInfo string `protobuf:"bytes,1,opt,name=version_info,json=versionInfo,proto3" json:"version_info,omitempty"`
+	// The route config.
+	RouteConfig *any.Any `protobuf:"bytes,2,opt,name=route_config,json=routeConfig,proto3" json:"route_config,omitempty"`
+	// The timestamp when the Route was last updated.
+	LastUpdated *timestamp.Timestamp `protobuf:"bytes,3,opt,name=last_updated,json=lastUpdated,proto3" json:"last_updated,omitempty"`
+	// Set if the last update failed, cleared after the next successful update.
+	// The *error_state* field contains the rejected version of this particular
+	// resource along with the reason and timestamp. For successfully updated or
+	// acknowledged resource, this field should be empty.
+	// [#not-implemented-hide:]
+	ErrorState *UpdateFailureState `protobuf:"bytes,4,opt,name=error_state,json=errorState,proto3" json:"error_state,omitempty"`
+	// The client status of this resource.
+	// [#not-implemented-hide:]
+	ClientStatus ClientResourceStatus `protobuf:"varint,5,opt,name=client_status,json=clientStatus,proto3,enum=envoy.admin.v3.ClientResourceStatus" json:"client_status,omitempty"`
+}
+
+func (x *RoutesConfigDump_DynamicRouteConfig) Reset() {
+	*x = RoutesConfigDump_DynamicRouteConfig{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_admin_v3_config_dump_proto_msgTypes[15]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *RoutesConfigDump_DynamicRouteConfig) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*RoutesConfigDump_DynamicRouteConfig) ProtoMessage() {}
+
+func (x *RoutesConfigDump_DynamicRouteConfig) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_admin_v3_config_dump_proto_msgTypes[15]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use RoutesConfigDump_DynamicRouteConfig.ProtoReflect.Descriptor instead.
+func (*RoutesConfigDump_DynamicRouteConfig) Descriptor() ([]byte, []int) {
+	return file_envoy_admin_v3_config_dump_proto_rawDescGZIP(), []int{5, 1}
+}
+
+func (x *RoutesConfigDump_DynamicRouteConfig) GetVersionInfo() string {
+	if x != nil {
+		return x.VersionInfo
+	}
+	return ""
+}
+
+func (x *RoutesConfigDump_DynamicRouteConfig) GetRouteConfig() *any.Any {
+	if x != nil {
+		return x.RouteConfig
+	}
+	return nil
+}
+
+func (x *RoutesConfigDump_DynamicRouteConfig) GetLastUpdated() *timestamp.Timestamp {
+	if x != nil {
+		return x.LastUpdated
+	}
+	return nil
+}
+
+func (x *RoutesConfigDump_DynamicRouteConfig) GetErrorState() *UpdateFailureState {
+	if x != nil {
+		return x.ErrorState
+	}
+	return nil
+}
+
+func (x *RoutesConfigDump_DynamicRouteConfig) GetClientStatus() ClientResourceStatus {
+	if x != nil {
+		return x.ClientStatus
+	}
+	return ClientResourceStatus_UNKNOWN
+}
+
+type ScopedRoutesConfigDump_InlineScopedRouteConfigs struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// The name assigned to the scoped route configurations.
+	Name string `protobuf:"bytes,1,opt,name=name,proto3" json:"name,omitempty"`
+	// The scoped route configurations.
+	ScopedRouteConfigs []*any.Any `protobuf:"bytes,2,rep,name=scoped_route_configs,json=scopedRouteConfigs,proto3" json:"scoped_route_configs,omitempty"`
+	// The timestamp when the scoped route config set was last updated.
+	LastUpdated *timestamp.Timestamp `protobuf:"bytes,3,opt,name=last_updated,json=lastUpdated,proto3" json:"last_updated,omitempty"`
+}
+
+func (x *ScopedRoutesConfigDump_InlineScopedRouteConfigs) Reset() {
+	*x = ScopedRoutesConfigDump_InlineScopedRouteConfigs{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_admin_v3_config_dump_proto_msgTypes[16]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *ScopedRoutesConfigDump_InlineScopedRouteConfigs) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*ScopedRoutesConfigDump_InlineScopedRouteConfigs) ProtoMessage() {}
+
+func (x *ScopedRoutesConfigDump_InlineScopedRouteConfigs) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_admin_v3_config_dump_proto_msgTypes[16]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use ScopedRoutesConfigDump_InlineScopedRouteConfigs.ProtoReflect.Descriptor instead.
+func (*ScopedRoutesConfigDump_InlineScopedRouteConfigs) Descriptor() ([]byte, []int) {
+	return file_envoy_admin_v3_config_dump_proto_rawDescGZIP(), []int{6, 0}
+}
+
+func (x *ScopedRoutesConfigDump_InlineScopedRouteConfigs) GetName() string {
+	if x != nil {
+		return x.Name
+	}
+	return ""
+}
+
+func (x *ScopedRoutesConfigDump_InlineScopedRouteConfigs) GetScopedRouteConfigs() []*any.Any {
+	if x != nil {
+		return x.ScopedRouteConfigs
+	}
+	return nil
+}
+
+func (x *ScopedRoutesConfigDump_InlineScopedRouteConfigs) GetLastUpdated() *timestamp.Timestamp {
+	if x != nil {
+		return x.LastUpdated
+	}
+	return nil
+}
+
+// [#next-free-field: 7]
+type ScopedRoutesConfigDump_DynamicScopedRouteConfigs struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// The name assigned to the scoped route configurations.
+	Name string `protobuf:"bytes,1,opt,name=name,proto3" json:"name,omitempty"`
+	// This is the per-resource version information. This version is currently taken from the
+	// :ref:`version_info <envoy_v3_api_field_service.discovery.v3.DiscoveryResponse.version_info>` field at the time that
+	// the scoped routes configuration was loaded.
+	VersionInfo string `protobuf:"bytes,2,opt,name=version_info,json=versionInfo,proto3" json:"version_info,omitempty"`
+	// The scoped route configurations.
+	ScopedRouteConfigs []*any.Any `protobuf:"bytes,3,rep,name=scoped_route_configs,json=scopedRouteConfigs,proto3" json:"scoped_route_configs,omitempty"`
+	// The timestamp when the scoped route config set was last updated.
+	LastUpdated *timestamp.Timestamp `protobuf:"bytes,4,opt,name=last_updated,json=lastUpdated,proto3" json:"last_updated,omitempty"`
+	// Set if the last update failed, cleared after the next successful update.
+	// The *error_state* field contains the rejected version of this particular
+	// resource along with the reason and timestamp. For successfully updated or
+	// acknowledged resource, this field should be empty.
+	// [#not-implemented-hide:]
+	ErrorState *UpdateFailureState `protobuf:"bytes,5,opt,name=error_state,json=errorState,proto3" json:"error_state,omitempty"`
+	// The client status of this resource.
+	// [#not-implemented-hide:]
+	ClientStatus ClientResourceStatus `protobuf:"varint,6,opt,name=client_status,json=clientStatus,proto3,enum=envoy.admin.v3.ClientResourceStatus" json:"client_status,omitempty"`
+}
+
+func (x *ScopedRoutesConfigDump_DynamicScopedRouteConfigs) Reset() {
+	*x = ScopedRoutesConfigDump_DynamicScopedRouteConfigs{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_admin_v3_config_dump_proto_msgTypes[17]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *ScopedRoutesConfigDump_DynamicScopedRouteConfigs) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*ScopedRoutesConfigDump_DynamicScopedRouteConfigs) ProtoMessage() {}
+
+func (x *ScopedRoutesConfigDump_DynamicScopedRouteConfigs) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_admin_v3_config_dump_proto_msgTypes[17]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use ScopedRoutesConfigDump_DynamicScopedRouteConfigs.ProtoReflect.Descriptor instead.
+func (*ScopedRoutesConfigDump_DynamicScopedRouteConfigs) Descriptor() ([]byte, []int) {
+	return file_envoy_admin_v3_config_dump_proto_rawDescGZIP(), []int{6, 1}
+}
+
+func (x *ScopedRoutesConfigDump_DynamicScopedRouteConfigs) GetName() string {
+	if x != nil {
+		return x.Name
+	}
+	return ""
+}
+
+func (x *ScopedRoutesConfigDump_DynamicScopedRouteConfigs) GetVersionInfo() string {
+	if x != nil {
+		return x.VersionInfo
+	}
+	return ""
+}
+
+func (x *ScopedRoutesConfigDump_DynamicScopedRouteConfigs) GetScopedRouteConfigs() []*any.Any {
+	if x != nil {
+		return x.ScopedRouteConfigs
+	}
+	return nil
+}
+
+func (x *ScopedRoutesConfigDump_DynamicScopedRouteConfigs) GetLastUpdated() *timestamp.Timestamp {
+	if x != nil {
+		return x.LastUpdated
+	}
+	return nil
+}
+
+func (x *ScopedRoutesConfigDump_DynamicScopedRouteConfigs) GetErrorState() *UpdateFailureState {
+	if x != nil {
+		return x.ErrorState
+	}
+	return nil
+}
+
+func (x *ScopedRoutesConfigDump_DynamicScopedRouteConfigs) GetClientStatus() ClientResourceStatus {
+	if x != nil {
+		return x.ClientStatus
+	}
+	return ClientResourceStatus_UNKNOWN
+}
+
+// DynamicSecret contains secret information fetched via SDS.
+// [#next-free-field: 7]
+type SecretsConfigDump_DynamicSecret struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// The name assigned to the secret.
+	Name string `protobuf:"bytes,1,opt,name=name,proto3" json:"name,omitempty"`
+	// This is the per-resource version information.
+	VersionInfo string `protobuf:"bytes,2,opt,name=version_info,json=versionInfo,proto3" json:"version_info,omitempty"`
+	// The timestamp when the secret was last updated.
+	LastUpdated *timestamp.Timestamp `protobuf:"bytes,3,opt,name=last_updated,json=lastUpdated,proto3" json:"last_updated,omitempty"`
+	// The actual secret information.
+	// Security sensitive information is redacted (replaced with "[redacted]") for
+	// private keys and passwords in TLS certificates.
+	Secret *any.Any `protobuf:"bytes,4,opt,name=secret,proto3" json:"secret,omitempty"`
+	// Set if the last update failed, cleared after the next successful update.
+	// The *error_state* field contains the rejected version of this particular
+	// resource along with the reason and timestamp. For successfully updated or
+	// acknowledged resource, this field should be empty.
+	// [#not-implemented-hide:]
+	ErrorState *UpdateFailureState `protobuf:"bytes,5,opt,name=error_state,json=errorState,proto3" json:"error_state,omitempty"`
+	// The client status of this resource.
+	// [#not-implemented-hide:]
+	ClientStatus ClientResourceStatus `protobuf:"varint,6,opt,name=client_status,json=clientStatus,proto3,enum=envoy.admin.v3.ClientResourceStatus" json:"client_status,omitempty"`
+}
+
+func (x *SecretsConfigDump_DynamicSecret) Reset() {
+	*x = SecretsConfigDump_DynamicSecret{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_admin_v3_config_dump_proto_msgTypes[18]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *SecretsConfigDump_DynamicSecret) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*SecretsConfigDump_DynamicSecret) ProtoMessage() {}
+
+func (x *SecretsConfigDump_DynamicSecret) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_admin_v3_config_dump_proto_msgTypes[18]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use SecretsConfigDump_DynamicSecret.ProtoReflect.Descriptor instead.
+func (*SecretsConfigDump_DynamicSecret) Descriptor() ([]byte, []int) {
+	return file_envoy_admin_v3_config_dump_proto_rawDescGZIP(), []int{7, 0}
+}
+
+func (x *SecretsConfigDump_DynamicSecret) GetName() string {
+	if x != nil {
+		return x.Name
+	}
+	return ""
+}
+
+func (x *SecretsConfigDump_DynamicSecret) GetVersionInfo() string {
+	if x != nil {
+		return x.VersionInfo
+	}
+	return ""
+}
+
+func (x *SecretsConfigDump_DynamicSecret) GetLastUpdated() *timestamp.Timestamp {
+	if x != nil {
+		return x.LastUpdated
+	}
+	return nil
+}
+
+func (x *SecretsConfigDump_DynamicSecret) GetSecret() *any.Any {
+	if x != nil {
+		return x.Secret
+	}
+	return nil
+}
+
+func (x *SecretsConfigDump_DynamicSecret) GetErrorState() *UpdateFailureState {
+	if x != nil {
+		return x.ErrorState
+	}
+	return nil
+}
+
+func (x *SecretsConfigDump_DynamicSecret) GetClientStatus() ClientResourceStatus {
+	if x != nil {
+		return x.ClientStatus
+	}
+	return ClientResourceStatus_UNKNOWN
+}
+
+// StaticSecret specifies statically loaded secret in bootstrap.
+type SecretsConfigDump_StaticSecret struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// The name assigned to the secret.
+	Name string `protobuf:"bytes,1,opt,name=name,proto3" json:"name,omitempty"`
+	// The timestamp when the secret was last updated.
+	LastUpdated *timestamp.Timestamp `protobuf:"bytes,2,opt,name=last_updated,json=lastUpdated,proto3" json:"last_updated,omitempty"`
+	// The actual secret information.
+	// Security sensitive information is redacted (replaced with "[redacted]") for
+	// private keys and passwords in TLS certificates.
+	Secret *any.Any `protobuf:"bytes,3,opt,name=secret,proto3" json:"secret,omitempty"`
+}
+
+func (x *SecretsConfigDump_StaticSecret) Reset() {
+	*x = SecretsConfigDump_StaticSecret{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_admin_v3_config_dump_proto_msgTypes[19]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *SecretsConfigDump_StaticSecret) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*SecretsConfigDump_StaticSecret) ProtoMessage() {}
+
+func (x *SecretsConfigDump_StaticSecret) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_admin_v3_config_dump_proto_msgTypes[19]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use SecretsConfigDump_StaticSecret.ProtoReflect.Descriptor instead.
+func (*SecretsConfigDump_StaticSecret) Descriptor() ([]byte, []int) {
+	return file_envoy_admin_v3_config_dump_proto_rawDescGZIP(), []int{7, 1}
+}
+
+func (x *SecretsConfigDump_StaticSecret) GetName() string {
+	if x != nil {
+		return x.Name
+	}
+	return ""
+}
+
+func (x *SecretsConfigDump_StaticSecret) GetLastUpdated() *timestamp.Timestamp {
+	if x != nil {
+		return x.LastUpdated
+	}
+	return nil
+}
+
+func (x *SecretsConfigDump_StaticSecret) GetSecret() *any.Any {
+	if x != nil {
+		return x.Secret
+	}
+	return nil
+}
+
+type EndpointsConfigDump_StaticEndpointConfig struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// The endpoint config.
+	EndpointConfig *any.Any `protobuf:"bytes,1,opt,name=endpoint_config,json=endpointConfig,proto3" json:"endpoint_config,omitempty"`
+	// [#not-implemented-hide:] The timestamp when the Endpoint was last updated.
+	LastUpdated *timestamp.Timestamp `protobuf:"bytes,2,opt,name=last_updated,json=lastUpdated,proto3" json:"last_updated,omitempty"`
+}
+
+func (x *EndpointsConfigDump_StaticEndpointConfig) Reset() {
+	*x = EndpointsConfigDump_StaticEndpointConfig{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_admin_v3_config_dump_proto_msgTypes[20]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *EndpointsConfigDump_StaticEndpointConfig) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*EndpointsConfigDump_StaticEndpointConfig) ProtoMessage() {}
+
+func (x *EndpointsConfigDump_StaticEndpointConfig) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_admin_v3_config_dump_proto_msgTypes[20]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use EndpointsConfigDump_StaticEndpointConfig.ProtoReflect.Descriptor instead.
+func (*EndpointsConfigDump_StaticEndpointConfig) Descriptor() ([]byte, []int) {
+	return file_envoy_admin_v3_config_dump_proto_rawDescGZIP(), []int{8, 0}
+}
+
+func (x *EndpointsConfigDump_StaticEndpointConfig) GetEndpointConfig() *any.Any {
+	if x != nil {
+		return x.EndpointConfig
+	}
+	return nil
+}
+
+func (x *EndpointsConfigDump_StaticEndpointConfig) GetLastUpdated() *timestamp.Timestamp {
+	if x != nil {
+		return x.LastUpdated
+	}
+	return nil
+}
+
+// [#next-free-field: 6]
+type EndpointsConfigDump_DynamicEndpointConfig struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// [#not-implemented-hide:] This is the per-resource version information. This version is currently taken from the
+	// :ref:`version_info <envoy_v3_api_field_service.discovery.v3.DiscoveryResponse.version_info>` field at the time that
+	// the endpoint configuration was loaded.
+	VersionInfo string `protobuf:"bytes,1,opt,name=version_info,json=versionInfo,proto3" json:"version_info,omitempty"`
+	// The endpoint config.
+	EndpointConfig *any.Any `protobuf:"bytes,2,opt,name=endpoint_config,json=endpointConfig,proto3" json:"endpoint_config,omitempty"`
+	// [#not-implemented-hide:] The timestamp when the Endpoint was last updated.
+	LastUpdated *timestamp.Timestamp `protobuf:"bytes,3,opt,name=last_updated,json=lastUpdated,proto3" json:"last_updated,omitempty"`
+	// Set if the last update failed, cleared after the next successful update.
+	// The *error_state* field contains the rejected version of this particular
+	// resource along with the reason and timestamp. For successfully updated or
+	// acknowledged resource, this field should be empty.
+	// [#not-implemented-hide:]
+	ErrorState *UpdateFailureState `protobuf:"bytes,4,opt,name=error_state,json=errorState,proto3" json:"error_state,omitempty"`
+	// The client status of this resource.
+	// [#not-implemented-hide:]
+	ClientStatus ClientResourceStatus `protobuf:"varint,5,opt,name=client_status,json=clientStatus,proto3,enum=envoy.admin.v3.ClientResourceStatus" json:"client_status,omitempty"`
+}
+
+func (x *EndpointsConfigDump_DynamicEndpointConfig) Reset() {
+	*x = EndpointsConfigDump_DynamicEndpointConfig{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_admin_v3_config_dump_proto_msgTypes[21]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *EndpointsConfigDump_DynamicEndpointConfig) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*EndpointsConfigDump_DynamicEndpointConfig) ProtoMessage() {}
+
+func (x *EndpointsConfigDump_DynamicEndpointConfig) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_admin_v3_config_dump_proto_msgTypes[21]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use EndpointsConfigDump_DynamicEndpointConfig.ProtoReflect.Descriptor instead.
+func (*EndpointsConfigDump_DynamicEndpointConfig) Descriptor() ([]byte, []int) {
+	return file_envoy_admin_v3_config_dump_proto_rawDescGZIP(), []int{8, 1}
+}
+
+func (x *EndpointsConfigDump_DynamicEndpointConfig) GetVersionInfo() string {
+	if x != nil {
+		return x.VersionInfo
+	}
+	return ""
+}
+
+func (x *EndpointsConfigDump_DynamicEndpointConfig) GetEndpointConfig() *any.Any {
+	if x != nil {
+		return x.EndpointConfig
+	}
+	return nil
+}
+
+func (x *EndpointsConfigDump_DynamicEndpointConfig) GetLastUpdated() *timestamp.Timestamp {
+	if x != nil {
+		return x.LastUpdated
+	}
+	return nil
+}
+
+func (x *EndpointsConfigDump_DynamicEndpointConfig) GetErrorState() *UpdateFailureState {
+	if x != nil {
+		return x.ErrorState
+	}
+	return nil
+}
+
+func (x *EndpointsConfigDump_DynamicEndpointConfig) GetClientStatus() ClientResourceStatus {
+	if x != nil {
+		return x.ClientStatus
+	}
+	return ClientResourceStatus_UNKNOWN
+}
+
+var File_envoy_admin_v3_config_dump_proto protoreflect.FileDescriptor
+
+var file_envoy_admin_v3_config_dump_proto_rawDesc = []byte{
+	0x0a, 0x20, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2f, 0x61, 0x64, 0x6d, 0x69, 0x6e, 0x2f, 0x76, 0x33,
+	0x2f, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x5f, 0x64, 0x75, 0x6d, 0x70, 0x2e, 0x70, 0x72, 0x6f,
+	0x74, 0x6f, 0x12, 0x0e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61, 0x64, 0x6d, 0x69, 0x6e, 0x2e,
+	0x76, 0x33, 0x1a, 0x29, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2f, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67,
+	0x2f, 0x62, 0x6f, 0x6f, 0x74, 0x73, 0x74, 0x72, 0x61, 0x70, 0x2f, 0x76, 0x33, 0x2f, 0x62, 0x6f,
+	0x6f, 0x74, 0x73, 0x74, 0x72, 0x61, 0x70, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x19, 0x67,
+	0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2f, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2f, 0x61,
+	0x6e, 0x79, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x1f, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65,
+	0x2f, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2f, 0x74, 0x69, 0x6d, 0x65, 0x73, 0x74,
+	0x61, 0x6d, 0x70, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x1d, 0x75, 0x64, 0x70, 0x61, 0x2f,
+	0x61, 0x6e, 0x6e, 0x6f, 0x74, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x2f, 0x73, 0x74, 0x61, 0x74,
+	0x75, 0x73, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x21, 0x75, 0x64, 0x70, 0x61, 0x2f, 0x61,
+	0x6e, 0x6e, 0x6f, 0x74, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x2f, 0x76, 0x65, 0x72, 0x73, 0x69,
+	0x6f, 0x6e, 0x69, 0x6e, 0x67, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x22, 0x63, 0x0a, 0x0a, 0x43,
+	0x6f, 0x6e, 0x66, 0x69, 0x67, 0x44, 0x75, 0x6d, 0x70, 0x12, 0x2e, 0x0a, 0x07, 0x63, 0x6f, 0x6e,
+	0x66, 0x69, 0x67, 0x73, 0x18, 0x01, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x14, 0x2e, 0x67, 0x6f, 0x6f,
+	0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x41, 0x6e, 0x79,
+	0x52, 0x07, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x73, 0x3a, 0x25, 0x9a, 0xc5, 0x88, 0x1e, 0x20,
+	0x0a, 0x1e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61, 0x64, 0x6d, 0x69, 0x6e, 0x2e, 0x76, 0x32,
+	0x61, 0x6c, 0x70, 0x68, 0x61, 0x2e, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x44, 0x75, 0x6d, 0x70,
+	0x22, 0x95, 0x02, 0x0a, 0x12, 0x55, 0x70, 0x64, 0x61, 0x74, 0x65, 0x46, 0x61, 0x69, 0x6c, 0x75,
+	0x72, 0x65, 0x53, 0x74, 0x61, 0x74, 0x65, 0x12, 0x47, 0x0a, 0x14, 0x66, 0x61, 0x69, 0x6c, 0x65,
+	0x64, 0x5f, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x75, 0x72, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x18,
+	0x01, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x14, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70,
+	0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x41, 0x6e, 0x79, 0x52, 0x13, 0x66, 0x61, 0x69,
+	0x6c, 0x65, 0x64, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x75, 0x72, 0x61, 0x74, 0x69, 0x6f, 0x6e,
+	0x12, 0x4a, 0x0a, 0x13, 0x6c, 0x61, 0x73, 0x74, 0x5f, 0x75, 0x70, 0x64, 0x61, 0x74, 0x65, 0x5f,
+	0x61, 0x74, 0x74, 0x65, 0x6d, 0x70, 0x74, 0x18, 0x02, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1a, 0x2e,
+	0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e,
+	0x54, 0x69, 0x6d, 0x65, 0x73, 0x74, 0x61, 0x6d, 0x70, 0x52, 0x11, 0x6c, 0x61, 0x73, 0x74, 0x55,
+	0x70, 0x64, 0x61, 0x74, 0x65, 0x41, 0x74, 0x74, 0x65, 0x6d, 0x70, 0x74, 0x12, 0x18, 0x0a, 0x07,
+	0x64, 0x65, 0x74, 0x61, 0x69, 0x6c, 0x73, 0x18, 0x03, 0x20, 0x01, 0x28, 0x09, 0x52, 0x07, 0x64,
+	0x65, 0x74, 0x61, 0x69, 0x6c, 0x73, 0x12, 0x21, 0x0a, 0x0c, 0x76, 0x65, 0x72, 0x73, 0x69, 0x6f,
+	0x6e, 0x5f, 0x69, 0x6e, 0x66, 0x6f, 0x18, 0x04, 0x20, 0x01, 0x28, 0x09, 0x52, 0x0b, 0x76, 0x65,
+	0x72, 0x73, 0x69, 0x6f, 0x6e, 0x49, 0x6e, 0x66, 0x6f, 0x3a, 0x2d, 0x9a, 0xc5, 0x88, 0x1e, 0x28,
+	0x0a, 0x26, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61, 0x64, 0x6d, 0x69, 0x6e, 0x2e, 0x76, 0x32,
+	0x61, 0x6c, 0x70, 0x68, 0x61, 0x2e, 0x55, 0x70, 0x64, 0x61, 0x74, 0x65, 0x46, 0x61, 0x69, 0x6c,
+	0x75, 0x72, 0x65, 0x53, 0x74, 0x61, 0x74, 0x65, 0x22, 0xc8, 0x01, 0x0a, 0x13, 0x42, 0x6f, 0x6f,
+	0x74, 0x73, 0x74, 0x72, 0x61, 0x70, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x44, 0x75, 0x6d, 0x70,
+	0x12, 0x42, 0x0a, 0x09, 0x62, 0x6f, 0x6f, 0x74, 0x73, 0x74, 0x72, 0x61, 0x70, 0x18, 0x01, 0x20,
+	0x01, 0x28, 0x0b, 0x32, 0x24, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66,
+	0x69, 0x67, 0x2e, 0x62, 0x6f, 0x6f, 0x74, 0x73, 0x74, 0x72, 0x61, 0x70, 0x2e, 0x76, 0x33, 0x2e,
+	0x42, 0x6f, 0x6f, 0x74, 0x73, 0x74, 0x72, 0x61, 0x70, 0x52, 0x09, 0x62, 0x6f, 0x6f, 0x74, 0x73,
+	0x74, 0x72, 0x61, 0x70, 0x12, 0x3d, 0x0a, 0x0c, 0x6c, 0x61, 0x73, 0x74, 0x5f, 0x75, 0x70, 0x64,
+	0x61, 0x74, 0x65, 0x64, 0x18, 0x02, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1a, 0x2e, 0x67, 0x6f, 0x6f,
+	0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x54, 0x69, 0x6d,
+	0x65, 0x73, 0x74, 0x61, 0x6d, 0x70, 0x52, 0x0b, 0x6c, 0x61, 0x73, 0x74, 0x55, 0x70, 0x64, 0x61,
+	0x74, 0x65, 0x64, 0x3a, 0x2e, 0x9a, 0xc5, 0x88, 0x1e, 0x29, 0x0a, 0x27, 0x65, 0x6e, 0x76, 0x6f,
+	0x79, 0x2e, 0x61, 0x64, 0x6d, 0x69, 0x6e, 0x2e, 0x76, 0x32, 0x61, 0x6c, 0x70, 0x68, 0x61, 0x2e,
+	0x42, 0x6f, 0x6f, 0x74, 0x73, 0x74, 0x72, 0x61, 0x70, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x44,
+	0x75, 0x6d, 0x70, 0x22, 0xf3, 0x09, 0x0a, 0x13, 0x4c, 0x69, 0x73, 0x74, 0x65, 0x6e, 0x65, 0x72,
+	0x73, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x44, 0x75, 0x6d, 0x70, 0x12, 0x21, 0x0a, 0x0c, 0x76,
+	0x65, 0x72, 0x73, 0x69, 0x6f, 0x6e, 0x5f, 0x69, 0x6e, 0x66, 0x6f, 0x18, 0x01, 0x20, 0x01, 0x28,
+	0x09, 0x52, 0x0b, 0x76, 0x65, 0x72, 0x73, 0x69, 0x6f, 0x6e, 0x49, 0x6e, 0x66, 0x6f, 0x12, 0x5d,
+	0x0a, 0x10, 0x73, 0x74, 0x61, 0x74, 0x69, 0x63, 0x5f, 0x6c, 0x69, 0x73, 0x74, 0x65, 0x6e, 0x65,
+	0x72, 0x73, 0x18, 0x02, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x32, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79,
+	0x2e, 0x61, 0x64, 0x6d, 0x69, 0x6e, 0x2e, 0x76, 0x33, 0x2e, 0x4c, 0x69, 0x73, 0x74, 0x65, 0x6e,
+	0x65, 0x72, 0x73, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x44, 0x75, 0x6d, 0x70, 0x2e, 0x53, 0x74,
+	0x61, 0x74, 0x69, 0x63, 0x4c, 0x69, 0x73, 0x74, 0x65, 0x6e, 0x65, 0x72, 0x52, 0x0f, 0x73, 0x74,
+	0x61, 0x74, 0x69, 0x63, 0x4c, 0x69, 0x73, 0x74, 0x65, 0x6e, 0x65, 0x72, 0x73, 0x12, 0x60, 0x0a,
+	0x11, 0x64, 0x79, 0x6e, 0x61, 0x6d, 0x69, 0x63, 0x5f, 0x6c, 0x69, 0x73, 0x74, 0x65, 0x6e, 0x65,
+	0x72, 0x73, 0x18, 0x03, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x33, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79,
+	0x2e, 0x61, 0x64, 0x6d, 0x69, 0x6e, 0x2e, 0x76, 0x33, 0x2e, 0x4c, 0x69, 0x73, 0x74, 0x65, 0x6e,
+	0x65, 0x72, 0x73, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x44, 0x75, 0x6d, 0x70, 0x2e, 0x44, 0x79,
+	0x6e, 0x61, 0x6d, 0x69, 0x63, 0x4c, 0x69, 0x73, 0x74, 0x65, 0x6e, 0x65, 0x72, 0x52, 0x10, 0x64,
+	0x79, 0x6e, 0x61, 0x6d, 0x69, 0x63, 0x4c, 0x69, 0x73, 0x74, 0x65, 0x6e, 0x65, 0x72, 0x73, 0x1a,
+	0xc0, 0x01, 0x0a, 0x0e, 0x53, 0x74, 0x61, 0x74, 0x69, 0x63, 0x4c, 0x69, 0x73, 0x74, 0x65, 0x6e,
+	0x65, 0x72, 0x12, 0x30, 0x0a, 0x08, 0x6c, 0x69, 0x73, 0x74, 0x65, 0x6e, 0x65, 0x72, 0x18, 0x01,
+	0x20, 0x01, 0x28, 0x0b, 0x32, 0x14, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72,
+	0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x41, 0x6e, 0x79, 0x52, 0x08, 0x6c, 0x69, 0x73, 0x74,
+	0x65, 0x6e, 0x65, 0x72, 0x12, 0x3d, 0x0a, 0x0c, 0x6c, 0x61, 0x73, 0x74, 0x5f, 0x75, 0x70, 0x64,
+	0x61, 0x74, 0x65, 0x64, 0x18, 0x02, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1a, 0x2e, 0x67, 0x6f, 0x6f,
+	0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x54, 0x69, 0x6d,
+	0x65, 0x73, 0x74, 0x61, 0x6d, 0x70, 0x52, 0x0b, 0x6c, 0x61, 0x73, 0x74, 0x55, 0x70, 0x64, 0x61,
+	0x74, 0x65, 0x64, 0x3a, 0x3d, 0x9a, 0xc5, 0x88, 0x1e, 0x38, 0x0a, 0x36, 0x65, 0x6e, 0x76, 0x6f,
+	0x79, 0x2e, 0x61, 0x64, 0x6d, 0x69, 0x6e, 0x2e, 0x76, 0x32, 0x61, 0x6c, 0x70, 0x68, 0x61, 0x2e,
+	0x4c, 0x69, 0x73, 0x74, 0x65, 0x6e, 0x65, 0x72, 0x73, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x44,
+	0x75, 0x6d, 0x70, 0x2e, 0x53, 0x74, 0x61, 0x74, 0x69, 0x63, 0x4c, 0x69, 0x73, 0x74, 0x65, 0x6e,
+	0x65, 0x72, 0x1a, 0xef, 0x01, 0x0a, 0x14, 0x44, 0x79, 0x6e, 0x61, 0x6d, 0x69, 0x63, 0x4c, 0x69,
+	0x73, 0x74, 0x65, 0x6e, 0x65, 0x72, 0x53, 0x74, 0x61, 0x74, 0x65, 0x12, 0x21, 0x0a, 0x0c, 0x76,
+	0x65, 0x72, 0x73, 0x69, 0x6f, 0x6e, 0x5f, 0x69, 0x6e, 0x66, 0x6f, 0x18, 0x01, 0x20, 0x01, 0x28,
+	0x09, 0x52, 0x0b, 0x76, 0x65, 0x72, 0x73, 0x69, 0x6f, 0x6e, 0x49, 0x6e, 0x66, 0x6f, 0x12, 0x30,
+	0x0a, 0x08, 0x6c, 0x69, 0x73, 0x74, 0x65, 0x6e, 0x65, 0x72, 0x18, 0x02, 0x20, 0x01, 0x28, 0x0b,
+	0x32, 0x14, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62,
+	0x75, 0x66, 0x2e, 0x41, 0x6e, 0x79, 0x52, 0x08, 0x6c, 0x69, 0x73, 0x74, 0x65, 0x6e, 0x65, 0x72,
+	0x12, 0x3d, 0x0a, 0x0c, 0x6c, 0x61, 0x73, 0x74, 0x5f, 0x75, 0x70, 0x64, 0x61, 0x74, 0x65, 0x64,
+	0x18, 0x03, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1a, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e,
+	0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x54, 0x69, 0x6d, 0x65, 0x73, 0x74, 0x61,
+	0x6d, 0x70, 0x52, 0x0b, 0x6c, 0x61, 0x73, 0x74, 0x55, 0x70, 0x64, 0x61, 0x74, 0x65, 0x64, 0x3a,
+	0x43, 0x9a, 0xc5, 0x88, 0x1e, 0x3e, 0x0a, 0x3c, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61, 0x64,
+	0x6d, 0x69, 0x6e, 0x2e, 0x76, 0x32, 0x61, 0x6c, 0x70, 0x68, 0x61, 0x2e, 0x4c, 0x69, 0x73, 0x74,
+	0x65, 0x6e, 0x65, 0x72, 0x73, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x44, 0x75, 0x6d, 0x70, 0x2e,
+	0x44, 0x79, 0x6e, 0x61, 0x6d, 0x69, 0x63, 0x4c, 0x69, 0x73, 0x74, 0x65, 0x6e, 0x65, 0x72, 0x53,
+	0x74, 0x61, 0x74, 0x65, 0x1a, 0x92, 0x04, 0x0a, 0x0f, 0x44, 0x79, 0x6e, 0x61, 0x6d, 0x69, 0x63,
+	0x4c, 0x69, 0x73, 0x74, 0x65, 0x6e, 0x65, 0x72, 0x12, 0x12, 0x0a, 0x04, 0x6e, 0x61, 0x6d, 0x65,
+	0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x04, 0x6e, 0x61, 0x6d, 0x65, 0x12, 0x5b, 0x0a, 0x0c,
+	0x61, 0x63, 0x74, 0x69, 0x76, 0x65, 0x5f, 0x73, 0x74, 0x61, 0x74, 0x65, 0x18, 0x02, 0x20, 0x01,
+	0x28, 0x0b, 0x32, 0x38, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61, 0x64, 0x6d, 0x69, 0x6e,
+	0x2e, 0x76, 0x33, 0x2e, 0x4c, 0x69, 0x73, 0x74, 0x65, 0x6e, 0x65, 0x72, 0x73, 0x43, 0x6f, 0x6e,
+	0x66, 0x69, 0x67, 0x44, 0x75, 0x6d, 0x70, 0x2e, 0x44, 0x79, 0x6e, 0x61, 0x6d, 0x69, 0x63, 0x4c,
+	0x69, 0x73, 0x74, 0x65, 0x6e, 0x65, 0x72, 0x53, 0x74, 0x61, 0x74, 0x65, 0x52, 0x0b, 0x61, 0x63,
+	0x74, 0x69, 0x76, 0x65, 0x53, 0x74, 0x61, 0x74, 0x65, 0x12, 0x5d, 0x0a, 0x0d, 0x77, 0x61, 0x72,
+	0x6d, 0x69, 0x6e, 0x67, 0x5f, 0x73, 0x74, 0x61, 0x74, 0x65, 0x18, 0x03, 0x20, 0x01, 0x28, 0x0b,
+	0x32, 0x38, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61, 0x64, 0x6d, 0x69, 0x6e, 0x2e, 0x76,
+	0x33, 0x2e, 0x4c, 0x69, 0x73, 0x74, 0x65, 0x6e, 0x65, 0x72, 0x73, 0x43, 0x6f, 0x6e, 0x66, 0x69,
+	0x67, 0x44, 0x75, 0x6d, 0x70, 0x2e, 0x44, 0x79, 0x6e, 0x61, 0x6d, 0x69, 0x63, 0x4c, 0x69, 0x73,
+	0x74, 0x65, 0x6e, 0x65, 0x72, 0x53, 0x74, 0x61, 0x74, 0x65, 0x52, 0x0c, 0x77, 0x61, 0x72, 0x6d,
+	0x69, 0x6e, 0x67, 0x53, 0x74, 0x61, 0x74, 0x65, 0x12, 0x5f, 0x0a, 0x0e, 0x64, 0x72, 0x61, 0x69,
+	0x6e, 0x69, 0x6e, 0x67, 0x5f, 0x73, 0x74, 0x61, 0x74, 0x65, 0x18, 0x04, 0x20, 0x01, 0x28, 0x0b,
+	0x32, 0x38, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61, 0x64, 0x6d, 0x69, 0x6e, 0x2e, 0x76,
+	0x33, 0x2e, 0x4c, 0x69, 0x73, 0x74, 0x65, 0x6e, 0x65, 0x72, 0x73, 0x43, 0x6f, 0x6e, 0x66, 0x69,
+	0x67, 0x44, 0x75, 0x6d, 0x70, 0x2e, 0x44, 0x79, 0x6e, 0x61, 0x6d, 0x69, 0x63, 0x4c, 0x69, 0x73,
+	0x74, 0x65, 0x6e, 0x65, 0x72, 0x53, 0x74, 0x61, 0x74, 0x65, 0x52, 0x0d, 0x64, 0x72, 0x61, 0x69,
+	0x6e, 0x69, 0x6e, 0x67, 0x53, 0x74, 0x61, 0x74, 0x65, 0x12, 0x43, 0x0a, 0x0b, 0x65, 0x72, 0x72,
+	0x6f, 0x72, 0x5f, 0x73, 0x74, 0x61, 0x74, 0x65, 0x18, 0x05, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x22,
+	0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61, 0x64, 0x6d, 0x69, 0x6e, 0x2e, 0x76, 0x33, 0x2e,
+	0x55, 0x70, 0x64, 0x61, 0x74, 0x65, 0x46, 0x61, 0x69, 0x6c, 0x75, 0x72, 0x65, 0x53, 0x74, 0x61,
+	0x74, 0x65, 0x52, 0x0a, 0x65, 0x72, 0x72, 0x6f, 0x72, 0x53, 0x74, 0x61, 0x74, 0x65, 0x12, 0x49,
+	0x0a, 0x0d, 0x63, 0x6c, 0x69, 0x65, 0x6e, 0x74, 0x5f, 0x73, 0x74, 0x61, 0x74, 0x75, 0x73, 0x18,
+	0x06, 0x20, 0x01, 0x28, 0x0e, 0x32, 0x24, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61, 0x64,
+	0x6d, 0x69, 0x6e, 0x2e, 0x76, 0x33, 0x2e, 0x43, 0x6c, 0x69, 0x65, 0x6e, 0x74, 0x52, 0x65, 0x73,
+	0x6f, 0x75, 0x72, 0x63, 0x65, 0x53, 0x74, 0x61, 0x74, 0x75, 0x73, 0x52, 0x0c, 0x63, 0x6c, 0x69,
+	0x65, 0x6e, 0x74, 0x53, 0x74, 0x61, 0x74, 0x75, 0x73, 0x3a, 0x3e, 0x9a, 0xc5, 0x88, 0x1e, 0x39,
+	0x0a, 0x37, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61, 0x64, 0x6d, 0x69, 0x6e, 0x2e, 0x76, 0x32,
+	0x61, 0x6c, 0x70, 0x68, 0x61, 0x2e, 0x4c, 0x69, 0x73, 0x74, 0x65, 0x6e, 0x65, 0x72, 0x73, 0x43,
+	0x6f, 0x6e, 0x66, 0x69, 0x67, 0x44, 0x75, 0x6d, 0x70, 0x2e, 0x44, 0x79, 0x6e, 0x61, 0x6d, 0x69,
+	0x63, 0x4c, 0x69, 0x73, 0x74, 0x65, 0x6e, 0x65, 0x72, 0x3a, 0x2e, 0x9a, 0xc5, 0x88, 0x1e, 0x29,
+	0x0a, 0x27, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61, 0x64, 0x6d, 0x69, 0x6e, 0x2e, 0x76, 0x32,
+	0x61, 0x6c, 0x70, 0x68, 0x61, 0x2e, 0x4c, 0x69, 0x73, 0x74, 0x65, 0x6e, 0x65, 0x72, 0x73, 0x43,
+	0x6f, 0x6e, 0x66, 0x69, 0x67, 0x44, 0x75, 0x6d, 0x70, 0x22, 0xca, 0x07, 0x0a, 0x12, 0x43, 0x6c,
+	0x75, 0x73, 0x74, 0x65, 0x72, 0x73, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x44, 0x75, 0x6d, 0x70,
+	0x12, 0x21, 0x0a, 0x0c, 0x76, 0x65, 0x72, 0x73, 0x69, 0x6f, 0x6e, 0x5f, 0x69, 0x6e, 0x66, 0x6f,
+	0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x0b, 0x76, 0x65, 0x72, 0x73, 0x69, 0x6f, 0x6e, 0x49,
+	0x6e, 0x66, 0x6f, 0x12, 0x59, 0x0a, 0x0f, 0x73, 0x74, 0x61, 0x74, 0x69, 0x63, 0x5f, 0x63, 0x6c,
+	0x75, 0x73, 0x74, 0x65, 0x72, 0x73, 0x18, 0x02, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x30, 0x2e, 0x65,
+	0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61, 0x64, 0x6d, 0x69, 0x6e, 0x2e, 0x76, 0x33, 0x2e, 0x43, 0x6c,
+	0x75, 0x73, 0x74, 0x65, 0x72, 0x73, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x44, 0x75, 0x6d, 0x70,
+	0x2e, 0x53, 0x74, 0x61, 0x74, 0x69, 0x63, 0x43, 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0x52, 0x0e,
+	0x73, 0x74, 0x61, 0x74, 0x69, 0x63, 0x43, 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0x73, 0x12, 0x69,
+	0x0a, 0x17, 0x64, 0x79, 0x6e, 0x61, 0x6d, 0x69, 0x63, 0x5f, 0x61, 0x63, 0x74, 0x69, 0x76, 0x65,
+	0x5f, 0x63, 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0x73, 0x18, 0x03, 0x20, 0x03, 0x28, 0x0b, 0x32,
+	0x31, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61, 0x64, 0x6d, 0x69, 0x6e, 0x2e, 0x76, 0x33,
+	0x2e, 0x43, 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0x73, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x44,
+	0x75, 0x6d, 0x70, 0x2e, 0x44, 0x79, 0x6e, 0x61, 0x6d, 0x69, 0x63, 0x43, 0x6c, 0x75, 0x73, 0x74,
+	0x65, 0x72, 0x52, 0x15, 0x64, 0x79, 0x6e, 0x61, 0x6d, 0x69, 0x63, 0x41, 0x63, 0x74, 0x69, 0x76,
+	0x65, 0x43, 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0x73, 0x12, 0x6b, 0x0a, 0x18, 0x64, 0x79, 0x6e,
+	0x61, 0x6d, 0x69, 0x63, 0x5f, 0x77, 0x61, 0x72, 0x6d, 0x69, 0x6e, 0x67, 0x5f, 0x63, 0x6c, 0x75,
+	0x73, 0x74, 0x65, 0x72, 0x73, 0x18, 0x04, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x31, 0x2e, 0x65, 0x6e,
+	0x76, 0x6f, 0x79, 0x2e, 0x61, 0x64, 0x6d, 0x69, 0x6e, 0x2e, 0x76, 0x33, 0x2e, 0x43, 0x6c, 0x75,
+	0x73, 0x74, 0x65, 0x72, 0x73, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x44, 0x75, 0x6d, 0x70, 0x2e,
+	0x44, 0x79, 0x6e, 0x61, 0x6d, 0x69, 0x63, 0x43, 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0x52, 0x16,
+	0x64, 0x79, 0x6e, 0x61, 0x6d, 0x69, 0x63, 0x57, 0x61, 0x72, 0x6d, 0x69, 0x6e, 0x67, 0x43, 0x6c,
+	0x75, 0x73, 0x74, 0x65, 0x72, 0x73, 0x1a, 0xbb, 0x01, 0x0a, 0x0d, 0x53, 0x74, 0x61, 0x74, 0x69,
+	0x63, 0x43, 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0x12, 0x2e, 0x0a, 0x07, 0x63, 0x6c, 0x75, 0x73,
+	0x74, 0x65, 0x72, 0x18, 0x01, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x14, 0x2e, 0x67, 0x6f, 0x6f, 0x67,
+	0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x41, 0x6e, 0x79, 0x52,
+	0x07, 0x63, 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0x12, 0x3d, 0x0a, 0x0c, 0x6c, 0x61, 0x73, 0x74,
+	0x5f, 0x75, 0x70, 0x64, 0x61, 0x74, 0x65, 0x64, 0x18, 0x02, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1a,
+	0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66,
+	0x2e, 0x54, 0x69, 0x6d, 0x65, 0x73, 0x74, 0x61, 0x6d, 0x70, 0x52, 0x0b, 0x6c, 0x61, 0x73, 0x74,
+	0x55, 0x70, 0x64, 0x61, 0x74, 0x65, 0x64, 0x3a, 0x3b, 0x9a, 0xc5, 0x88, 0x1e, 0x36, 0x0a, 0x34,
+	0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61, 0x64, 0x6d, 0x69, 0x6e, 0x2e, 0x76, 0x32, 0x61, 0x6c,
+	0x70, 0x68, 0x61, 0x2e, 0x43, 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0x73, 0x43, 0x6f, 0x6e, 0x66,
+	0x69, 0x67, 0x44, 0x75, 0x6d, 0x70, 0x2e, 0x53, 0x74, 0x61, 0x74, 0x69, 0x63, 0x43, 0x6c, 0x75,
+	0x73, 0x74, 0x65, 0x72, 0x1a, 0xf0, 0x02, 0x0a, 0x0e, 0x44, 0x79, 0x6e, 0x61, 0x6d, 0x69, 0x63,
+	0x43, 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0x12, 0x21, 0x0a, 0x0c, 0x76, 0x65, 0x72, 0x73, 0x69,
+	0x6f, 0x6e, 0x5f, 0x69, 0x6e, 0x66, 0x6f, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x0b, 0x76,
+	0x65, 0x72, 0x73, 0x69, 0x6f, 0x6e, 0x49, 0x6e, 0x66, 0x6f, 0x12, 0x2e, 0x0a, 0x07, 0x63, 0x6c,
+	0x75, 0x73, 0x74, 0x65, 0x72, 0x18, 0x02, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x14, 0x2e, 0x67, 0x6f,
+	0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x41, 0x6e,
+	0x79, 0x52, 0x07, 0x63, 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0x12, 0x3d, 0x0a, 0x0c, 0x6c, 0x61,
+	0x73, 0x74, 0x5f, 0x75, 0x70, 0x64, 0x61, 0x74, 0x65, 0x64, 0x18, 0x03, 0x20, 0x01, 0x28, 0x0b,
+	0x32, 0x1a, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62,
+	0x75, 0x66, 0x2e, 0x54, 0x69, 0x6d, 0x65, 0x73, 0x74, 0x61, 0x6d, 0x70, 0x52, 0x0b, 0x6c, 0x61,
+	0x73, 0x74, 0x55, 0x70, 0x64, 0x61, 0x74, 0x65, 0x64, 0x12, 0x43, 0x0a, 0x0b, 0x65, 0x72, 0x72,
+	0x6f, 0x72, 0x5f, 0x73, 0x74, 0x61, 0x74, 0x65, 0x18, 0x04, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x22,
+	0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61, 0x64, 0x6d, 0x69, 0x6e, 0x2e, 0x76, 0x33, 0x2e,
+	0x55, 0x70, 0x64, 0x61, 0x74, 0x65, 0x46, 0x61, 0x69, 0x6c, 0x75, 0x72, 0x65, 0x53, 0x74, 0x61,
+	0x74, 0x65, 0x52, 0x0a, 0x65, 0x72, 0x72, 0x6f, 0x72, 0x53, 0x74, 0x61, 0x74, 0x65, 0x12, 0x49,
+	0x0a, 0x0d, 0x63, 0x6c, 0x69, 0x65, 0x6e, 0x74, 0x5f, 0x73, 0x74, 0x61, 0x74, 0x75, 0x73, 0x18,
+	0x05, 0x20, 0x01, 0x28, 0x0e, 0x32, 0x24, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61, 0x64,
+	0x6d, 0x69, 0x6e, 0x2e, 0x76, 0x33, 0x2e, 0x43, 0x6c, 0x69, 0x65, 0x6e, 0x74, 0x52, 0x65, 0x73,
+	0x6f, 0x75, 0x72, 0x63, 0x65, 0x53, 0x74, 0x61, 0x74, 0x75, 0x73, 0x52, 0x0c, 0x63, 0x6c, 0x69,
+	0x65, 0x6e, 0x74, 0x53, 0x74, 0x61, 0x74, 0x75, 0x73, 0x3a, 0x3c, 0x9a, 0xc5, 0x88, 0x1e, 0x37,
+	0x0a, 0x35, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61, 0x64, 0x6d, 0x69, 0x6e, 0x2e, 0x76, 0x32,
+	0x61, 0x6c, 0x70, 0x68, 0x61, 0x2e, 0x43, 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0x73, 0x43, 0x6f,
+	0x6e, 0x66, 0x69, 0x67, 0x44, 0x75, 0x6d, 0x70, 0x2e, 0x44, 0x79, 0x6e, 0x61, 0x6d, 0x69, 0x63,
+	0x43, 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0x3a, 0x2d, 0x9a, 0xc5, 0x88, 0x1e, 0x28, 0x0a, 0x26,
+	0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61, 0x64, 0x6d, 0x69, 0x6e, 0x2e, 0x76, 0x32, 0x61, 0x6c,
+	0x70, 0x68, 0x61, 0x2e, 0x43, 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0x73, 0x43, 0x6f, 0x6e, 0x66,
+	0x69, 0x67, 0x44, 0x75, 0x6d, 0x70, 0x22, 0xdd, 0x06, 0x0a, 0x10, 0x52, 0x6f, 0x75, 0x74, 0x65,
+	0x73, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x44, 0x75, 0x6d, 0x70, 0x12, 0x64, 0x0a, 0x14, 0x73,
+	0x74, 0x61, 0x74, 0x69, 0x63, 0x5f, 0x72, 0x6f, 0x75, 0x74, 0x65, 0x5f, 0x63, 0x6f, 0x6e, 0x66,
+	0x69, 0x67, 0x73, 0x18, 0x02, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x32, 0x2e, 0x65, 0x6e, 0x76, 0x6f,
+	0x79, 0x2e, 0x61, 0x64, 0x6d, 0x69, 0x6e, 0x2e, 0x76, 0x33, 0x2e, 0x52, 0x6f, 0x75, 0x74, 0x65,
+	0x73, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x44, 0x75, 0x6d, 0x70, 0x2e, 0x53, 0x74, 0x61, 0x74,
+	0x69, 0x63, 0x52, 0x6f, 0x75, 0x74, 0x65, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x52, 0x12, 0x73,
+	0x74, 0x61, 0x74, 0x69, 0x63, 0x52, 0x6f, 0x75, 0x74, 0x65, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67,
+	0x73, 0x12, 0x67, 0x0a, 0x15, 0x64, 0x79, 0x6e, 0x61, 0x6d, 0x69, 0x63, 0x5f, 0x72, 0x6f, 0x75,
+	0x74, 0x65, 0x5f, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x73, 0x18, 0x03, 0x20, 0x03, 0x28, 0x0b,
+	0x32, 0x33, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61, 0x64, 0x6d, 0x69, 0x6e, 0x2e, 0x76,
+	0x33, 0x2e, 0x52, 0x6f, 0x75, 0x74, 0x65, 0x73, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x44, 0x75,
+	0x6d, 0x70, 0x2e, 0x44, 0x79, 0x6e, 0x61, 0x6d, 0x69, 0x63, 0x52, 0x6f, 0x75, 0x74, 0x65, 0x43,
+	0x6f, 0x6e, 0x66, 0x69, 0x67, 0x52, 0x13, 0x64, 0x79, 0x6e, 0x61, 0x6d, 0x69, 0x63, 0x52, 0x6f,
+	0x75, 0x74, 0x65, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x73, 0x1a, 0xca, 0x01, 0x0a, 0x11, 0x53,
+	0x74, 0x61, 0x74, 0x69, 0x63, 0x52, 0x6f, 0x75, 0x74, 0x65, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67,
+	0x12, 0x37, 0x0a, 0x0c, 0x72, 0x6f, 0x75, 0x74, 0x65, 0x5f, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67,
+	0x18, 0x01, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x14, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e,
+	0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x41, 0x6e, 0x79, 0x52, 0x0b, 0x72, 0x6f,
+	0x75, 0x74, 0x65, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x12, 0x3d, 0x0a, 0x0c, 0x6c, 0x61, 0x73,
+	0x74, 0x5f, 0x75, 0x70, 0x64, 0x61, 0x74, 0x65, 0x64, 0x18, 0x02, 0x20, 0x01, 0x28, 0x0b, 0x32,
+	0x1a, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75,
+	0x66, 0x2e, 0x54, 0x69, 0x6d, 0x65, 0x73, 0x74, 0x61, 0x6d, 0x70, 0x52, 0x0b, 0x6c, 0x61, 0x73,
+	0x74, 0x55, 0x70, 0x64, 0x61, 0x74, 0x65, 0x64, 0x3a, 0x3d, 0x9a, 0xc5, 0x88, 0x1e, 0x38, 0x0a,
+	0x36, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61, 0x64, 0x6d, 0x69, 0x6e, 0x2e, 0x76, 0x32, 0x61,
+	0x6c, 0x70, 0x68, 0x61, 0x2e, 0x52, 0x6f, 0x75, 0x74, 0x65, 0x73, 0x43, 0x6f, 0x6e, 0x66, 0x69,
+	0x67, 0x44, 0x75, 0x6d, 0x70, 0x2e, 0x53, 0x74, 0x61, 0x74, 0x69, 0x63, 0x52, 0x6f, 0x75, 0x74,
+	0x65, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x1a, 0xff, 0x02, 0x0a, 0x12, 0x44, 0x79, 0x6e, 0x61,
+	0x6d, 0x69, 0x63, 0x52, 0x6f, 0x75, 0x74, 0x65, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x12, 0x21,
+	0x0a, 0x0c, 0x76, 0x65, 0x72, 0x73, 0x69, 0x6f, 0x6e, 0x5f, 0x69, 0x6e, 0x66, 0x6f, 0x18, 0x01,
+	0x20, 0x01, 0x28, 0x09, 0x52, 0x0b, 0x76, 0x65, 0x72, 0x73, 0x69, 0x6f, 0x6e, 0x49, 0x6e, 0x66,
+	0x6f, 0x12, 0x37, 0x0a, 0x0c, 0x72, 0x6f, 0x75, 0x74, 0x65, 0x5f, 0x63, 0x6f, 0x6e, 0x66, 0x69,
+	0x67, 0x18, 0x02, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x14, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65,
+	0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x41, 0x6e, 0x79, 0x52, 0x0b, 0x72,
+	0x6f, 0x75, 0x74, 0x65, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x12, 0x3d, 0x0a, 0x0c, 0x6c, 0x61,
+	0x73, 0x74, 0x5f, 0x75, 0x70, 0x64, 0x61, 0x74, 0x65, 0x64, 0x18, 0x03, 0x20, 0x01, 0x28, 0x0b,
+	0x32, 0x1a, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62,
+	0x75, 0x66, 0x2e, 0x54, 0x69, 0x6d, 0x65, 0x73, 0x74, 0x61, 0x6d, 0x70, 0x52, 0x0b, 0x6c, 0x61,
+	0x73, 0x74, 0x55, 0x70, 0x64, 0x61, 0x74, 0x65, 0x64, 0x12, 0x43, 0x0a, 0x0b, 0x65, 0x72, 0x72,
+	0x6f, 0x72, 0x5f, 0x73, 0x74, 0x61, 0x74, 0x65, 0x18, 0x04, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x22,
+	0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61, 0x64, 0x6d, 0x69, 0x6e, 0x2e, 0x76, 0x33, 0x2e,
+	0x55, 0x70, 0x64, 0x61, 0x74, 0x65, 0x46, 0x61, 0x69, 0x6c, 0x75, 0x72, 0x65, 0x53, 0x74, 0x61,
+	0x74, 0x65, 0x52, 0x0a, 0x65, 0x72, 0x72, 0x6f, 0x72, 0x53, 0x74, 0x61, 0x74, 0x65, 0x12, 0x49,
+	0x0a, 0x0d, 0x63, 0x6c, 0x69, 0x65, 0x6e, 0x74, 0x5f, 0x73, 0x74, 0x61, 0x74, 0x75, 0x73, 0x18,
+	0x05, 0x20, 0x01, 0x28, 0x0e, 0x32, 0x24, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61, 0x64,
+	0x6d, 0x69, 0x6e, 0x2e, 0x76, 0x33, 0x2e, 0x43, 0x6c, 0x69, 0x65, 0x6e, 0x74, 0x52, 0x65, 0x73,
+	0x6f, 0x75, 0x72, 0x63, 0x65, 0x53, 0x74, 0x61, 0x74, 0x75, 0x73, 0x52, 0x0c, 0x63, 0x6c, 0x69,
+	0x65, 0x6e, 0x74, 0x53, 0x74, 0x61, 0x74, 0x75, 0x73, 0x3a, 0x3e, 0x9a, 0xc5, 0x88, 0x1e, 0x39,
+	0x0a, 0x37, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61, 0x64, 0x6d, 0x69, 0x6e, 0x2e, 0x76, 0x32,
+	0x61, 0x6c, 0x70, 0x68, 0x61, 0x2e, 0x52, 0x6f, 0x75, 0x74, 0x65, 0x73, 0x43, 0x6f, 0x6e, 0x66,
+	0x69, 0x67, 0x44, 0x75, 0x6d, 0x70, 0x2e, 0x44, 0x79, 0x6e, 0x61, 0x6d, 0x69, 0x63, 0x52, 0x6f,
+	0x75, 0x74, 0x65, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x3a, 0x2b, 0x9a, 0xc5, 0x88, 0x1e, 0x26,
+	0x0a, 0x24, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61, 0x64, 0x6d, 0x69, 0x6e, 0x2e, 0x76, 0x32,
+	0x61, 0x6c, 0x70, 0x68, 0x61, 0x2e, 0x52, 0x6f, 0x75, 0x74, 0x65, 0x73, 0x43, 0x6f, 0x6e, 0x66,
+	0x69, 0x67, 0x44, 0x75, 0x6d, 0x70, 0x22, 0x8c, 0x08, 0x0a, 0x16, 0x53, 0x63, 0x6f, 0x70, 0x65,
+	0x64, 0x52, 0x6f, 0x75, 0x74, 0x65, 0x73, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x44, 0x75, 0x6d,
+	0x70, 0x12, 0x7e, 0x0a, 0x1b, 0x69, 0x6e, 0x6c, 0x69, 0x6e, 0x65, 0x5f, 0x73, 0x63, 0x6f, 0x70,
+	0x65, 0x64, 0x5f, 0x72, 0x6f, 0x75, 0x74, 0x65, 0x5f, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x73,
+	0x18, 0x01, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x3f, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61,
+	0x64, 0x6d, 0x69, 0x6e, 0x2e, 0x76, 0x33, 0x2e, 0x53, 0x63, 0x6f, 0x70, 0x65, 0x64, 0x52, 0x6f,
+	0x75, 0x74, 0x65, 0x73, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x44, 0x75, 0x6d, 0x70, 0x2e, 0x49,
+	0x6e, 0x6c, 0x69, 0x6e, 0x65, 0x53, 0x63, 0x6f, 0x70, 0x65, 0x64, 0x52, 0x6f, 0x75, 0x74, 0x65,
+	0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x73, 0x52, 0x18, 0x69, 0x6e, 0x6c, 0x69, 0x6e, 0x65, 0x53,
+	0x63, 0x6f, 0x70, 0x65, 0x64, 0x52, 0x6f, 0x75, 0x74, 0x65, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67,
+	0x73, 0x12, 0x81, 0x01, 0x0a, 0x1c, 0x64, 0x79, 0x6e, 0x61, 0x6d, 0x69, 0x63, 0x5f, 0x73, 0x63,
+	0x6f, 0x70, 0x65, 0x64, 0x5f, 0x72, 0x6f, 0x75, 0x74, 0x65, 0x5f, 0x63, 0x6f, 0x6e, 0x66, 0x69,
+	0x67, 0x73, 0x18, 0x02, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x40, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79,
+	0x2e, 0x61, 0x64, 0x6d, 0x69, 0x6e, 0x2e, 0x76, 0x33, 0x2e, 0x53, 0x63, 0x6f, 0x70, 0x65, 0x64,
+	0x52, 0x6f, 0x75, 0x74, 0x65, 0x73, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x44, 0x75, 0x6d, 0x70,
+	0x2e, 0x44, 0x79, 0x6e, 0x61, 0x6d, 0x69, 0x63, 0x53, 0x63, 0x6f, 0x70, 0x65, 0x64, 0x52, 0x6f,
+	0x75, 0x74, 0x65, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x73, 0x52, 0x19, 0x64, 0x79, 0x6e, 0x61,
+	0x6d, 0x69, 0x63, 0x53, 0x63, 0x6f, 0x70, 0x65, 0x64, 0x52, 0x6f, 0x75, 0x74, 0x65, 0x43, 0x6f,
+	0x6e, 0x66, 0x69, 0x67, 0x73, 0x1a, 0x81, 0x02, 0x0a, 0x18, 0x49, 0x6e, 0x6c, 0x69, 0x6e, 0x65,
+	0x53, 0x63, 0x6f, 0x70, 0x65, 0x64, 0x52, 0x6f, 0x75, 0x74, 0x65, 0x43, 0x6f, 0x6e, 0x66, 0x69,
+	0x67, 0x73, 0x12, 0x12, 0x0a, 0x04, 0x6e, 0x61, 0x6d, 0x65, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09,
+	0x52, 0x04, 0x6e, 0x61, 0x6d, 0x65, 0x12, 0x46, 0x0a, 0x14, 0x73, 0x63, 0x6f, 0x70, 0x65, 0x64,
+	0x5f, 0x72, 0x6f, 0x75, 0x74, 0x65, 0x5f, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x73, 0x18, 0x02,
+	0x20, 0x03, 0x28, 0x0b, 0x32, 0x14, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72,
+	0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x41, 0x6e, 0x79, 0x52, 0x12, 0x73, 0x63, 0x6f, 0x70,
+	0x65, 0x64, 0x52, 0x6f, 0x75, 0x74, 0x65, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x73, 0x12, 0x3d,
+	0x0a, 0x0c, 0x6c, 0x61, 0x73, 0x74, 0x5f, 0x75, 0x70, 0x64, 0x61, 0x74, 0x65, 0x64, 0x18, 0x03,
+	0x20, 0x01, 0x28, 0x0b, 0x32, 0x1a, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72,
+	0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x54, 0x69, 0x6d, 0x65, 0x73, 0x74, 0x61, 0x6d, 0x70,
+	0x52, 0x0b, 0x6c, 0x61, 0x73, 0x74, 0x55, 0x70, 0x64, 0x61, 0x74, 0x65, 0x64, 0x3a, 0x4a, 0x9a,
+	0xc5, 0x88, 0x1e, 0x45, 0x0a, 0x43, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61, 0x64, 0x6d, 0x69,
+	0x6e, 0x2e, 0x76, 0x32, 0x61, 0x6c, 0x70, 0x68, 0x61, 0x2e, 0x53, 0x63, 0x6f, 0x70, 0x65, 0x64,
+	0x52, 0x6f, 0x75, 0x74, 0x65, 0x73, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x44, 0x75, 0x6d, 0x70,
+	0x2e, 0x49, 0x6e, 0x6c, 0x69, 0x6e, 0x65, 0x53, 0x63, 0x6f, 0x70, 0x65, 0x64, 0x52, 0x6f, 0x75,
+	0x74, 0x65, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x73, 0x1a, 0xb6, 0x03, 0x0a, 0x19, 0x44, 0x79,
+	0x6e, 0x61, 0x6d, 0x69, 0x63, 0x53, 0x63, 0x6f, 0x70, 0x65, 0x64, 0x52, 0x6f, 0x75, 0x74, 0x65,
+	0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x73, 0x12, 0x12, 0x0a, 0x04, 0x6e, 0x61, 0x6d, 0x65, 0x18,
+	0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x04, 0x6e, 0x61, 0x6d, 0x65, 0x12, 0x21, 0x0a, 0x0c, 0x76,
+	0x65, 0x72, 0x73, 0x69, 0x6f, 0x6e, 0x5f, 0x69, 0x6e, 0x66, 0x6f, 0x18, 0x02, 0x20, 0x01, 0x28,
+	0x09, 0x52, 0x0b, 0x76, 0x65, 0x72, 0x73, 0x69, 0x6f, 0x6e, 0x49, 0x6e, 0x66, 0x6f, 0x12, 0x46,
+	0x0a, 0x14, 0x73, 0x63, 0x6f, 0x70, 0x65, 0x64, 0x5f, 0x72, 0x6f, 0x75, 0x74, 0x65, 0x5f, 0x63,
+	0x6f, 0x6e, 0x66, 0x69, 0x67, 0x73, 0x18, 0x03, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x14, 0x2e, 0x67,
+	0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x41,
+	0x6e, 0x79, 0x52, 0x12, 0x73, 0x63, 0x6f, 0x70, 0x65, 0x64, 0x52, 0x6f, 0x75, 0x74, 0x65, 0x43,
+	0x6f, 0x6e, 0x66, 0x69, 0x67, 0x73, 0x12, 0x3d, 0x0a, 0x0c, 0x6c, 0x61, 0x73, 0x74, 0x5f, 0x75,
+	0x70, 0x64, 0x61, 0x74, 0x65, 0x64, 0x18, 0x04, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1a, 0x2e, 0x67,
+	0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x54,
+	0x69, 0x6d, 0x65, 0x73, 0x74, 0x61, 0x6d, 0x70, 0x52, 0x0b, 0x6c, 0x61, 0x73, 0x74, 0x55, 0x70,
+	0x64, 0x61, 0x74, 0x65, 0x64, 0x12, 0x43, 0x0a, 0x0b, 0x65, 0x72, 0x72, 0x6f, 0x72, 0x5f, 0x73,
+	0x74, 0x61, 0x74, 0x65, 0x18, 0x05, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x22, 0x2e, 0x65, 0x6e, 0x76,
+	0x6f, 0x79, 0x2e, 0x61, 0x64, 0x6d, 0x69, 0x6e, 0x2e, 0x76, 0x33, 0x2e, 0x55, 0x70, 0x64, 0x61,
+	0x74, 0x65, 0x46, 0x61, 0x69, 0x6c, 0x75, 0x72, 0x65, 0x53, 0x74, 0x61, 0x74, 0x65, 0x52, 0x0a,
+	0x65, 0x72, 0x72, 0x6f, 0x72, 0x53, 0x74, 0x61, 0x74, 0x65, 0x12, 0x49, 0x0a, 0x0d, 0x63, 0x6c,
+	0x69, 0x65, 0x6e, 0x74, 0x5f, 0x73, 0x74, 0x61, 0x74, 0x75, 0x73, 0x18, 0x06, 0x20, 0x01, 0x28,
+	0x0e, 0x32, 0x24, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61, 0x64, 0x6d, 0x69, 0x6e, 0x2e,
+	0x76, 0x33, 0x2e, 0x43, 0x6c, 0x69, 0x65, 0x6e, 0x74, 0x52, 0x65, 0x73, 0x6f, 0x75, 0x72, 0x63,
+	0x65, 0x53, 0x74, 0x61, 0x74, 0x75, 0x73, 0x52, 0x0c, 0x63, 0x6c, 0x69, 0x65, 0x6e, 0x74, 0x53,
+	0x74, 0x61, 0x74, 0x75, 0x73, 0x3a, 0x4b, 0x9a, 0xc5, 0x88, 0x1e, 0x46, 0x0a, 0x44, 0x65, 0x6e,
+	0x76, 0x6f, 0x79, 0x2e, 0x61, 0x64, 0x6d, 0x69, 0x6e, 0x2e, 0x76, 0x32, 0x61, 0x6c, 0x70, 0x68,
+	0x61, 0x2e, 0x53, 0x63, 0x6f, 0x70, 0x65, 0x64, 0x52, 0x6f, 0x75, 0x74, 0x65, 0x73, 0x43, 0x6f,
+	0x6e, 0x66, 0x69, 0x67, 0x44, 0x75, 0x6d, 0x70, 0x2e, 0x44, 0x79, 0x6e, 0x61, 0x6d, 0x69, 0x63,
+	0x53, 0x63, 0x6f, 0x70, 0x65, 0x64, 0x52, 0x6f, 0x75, 0x74, 0x65, 0x43, 0x6f, 0x6e, 0x66, 0x69,
+	0x67, 0x73, 0x3a, 0x31, 0x9a, 0xc5, 0x88, 0x1e, 0x2c, 0x0a, 0x2a, 0x65, 0x6e, 0x76, 0x6f, 0x79,
+	0x2e, 0x61, 0x64, 0x6d, 0x69, 0x6e, 0x2e, 0x76, 0x32, 0x61, 0x6c, 0x70, 0x68, 0x61, 0x2e, 0x53,
+	0x63, 0x6f, 0x70, 0x65, 0x64, 0x52, 0x6f, 0x75, 0x74, 0x65, 0x73, 0x43, 0x6f, 0x6e, 0x66, 0x69,
+	0x67, 0x44, 0x75, 0x6d, 0x70, 0x22, 0xb7, 0x07, 0x0a, 0x11, 0x53, 0x65, 0x63, 0x72, 0x65, 0x74,
+	0x73, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x44, 0x75, 0x6d, 0x70, 0x12, 0x55, 0x0a, 0x0e, 0x73,
+	0x74, 0x61, 0x74, 0x69, 0x63, 0x5f, 0x73, 0x65, 0x63, 0x72, 0x65, 0x74, 0x73, 0x18, 0x01, 0x20,
+	0x03, 0x28, 0x0b, 0x32, 0x2e, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61, 0x64, 0x6d, 0x69,
+	0x6e, 0x2e, 0x76, 0x33, 0x2e, 0x53, 0x65, 0x63, 0x72, 0x65, 0x74, 0x73, 0x43, 0x6f, 0x6e, 0x66,
+	0x69, 0x67, 0x44, 0x75, 0x6d, 0x70, 0x2e, 0x53, 0x74, 0x61, 0x74, 0x69, 0x63, 0x53, 0x65, 0x63,
+	0x72, 0x65, 0x74, 0x52, 0x0d, 0x73, 0x74, 0x61, 0x74, 0x69, 0x63, 0x53, 0x65, 0x63, 0x72, 0x65,
+	0x74, 0x73, 0x12, 0x65, 0x0a, 0x16, 0x64, 0x79, 0x6e, 0x61, 0x6d, 0x69, 0x63, 0x5f, 0x61, 0x63,
+	0x74, 0x69, 0x76, 0x65, 0x5f, 0x73, 0x65, 0x63, 0x72, 0x65, 0x74, 0x73, 0x18, 0x02, 0x20, 0x03,
+	0x28, 0x0b, 0x32, 0x2f, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61, 0x64, 0x6d, 0x69, 0x6e,
+	0x2e, 0x76, 0x33, 0x2e, 0x53, 0x65, 0x63, 0x72, 0x65, 0x74, 0x73, 0x43, 0x6f, 0x6e, 0x66, 0x69,
+	0x67, 0x44, 0x75, 0x6d, 0x70, 0x2e, 0x44, 0x79, 0x6e, 0x61, 0x6d, 0x69, 0x63, 0x53, 0x65, 0x63,
+	0x72, 0x65, 0x74, 0x52, 0x14, 0x64, 0x79, 0x6e, 0x61, 0x6d, 0x69, 0x63, 0x41, 0x63, 0x74, 0x69,
+	0x76, 0x65, 0x53, 0x65, 0x63, 0x72, 0x65, 0x74, 0x73, 0x12, 0x67, 0x0a, 0x17, 0x64, 0x79, 0x6e,
+	0x61, 0x6d, 0x69, 0x63, 0x5f, 0x77, 0x61, 0x72, 0x6d, 0x69, 0x6e, 0x67, 0x5f, 0x73, 0x65, 0x63,
+	0x72, 0x65, 0x74, 0x73, 0x18, 0x03, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x2f, 0x2e, 0x65, 0x6e, 0x76,
+	0x6f, 0x79, 0x2e, 0x61, 0x64, 0x6d, 0x69, 0x6e, 0x2e, 0x76, 0x33, 0x2e, 0x53, 0x65, 0x63, 0x72,
+	0x65, 0x74, 0x73, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x44, 0x75, 0x6d, 0x70, 0x2e, 0x44, 0x79,
+	0x6e, 0x61, 0x6d, 0x69, 0x63, 0x53, 0x65, 0x63, 0x72, 0x65, 0x74, 0x52, 0x15, 0x64, 0x79, 0x6e,
+	0x61, 0x6d, 0x69, 0x63, 0x57, 0x61, 0x72, 0x6d, 0x69, 0x6e, 0x67, 0x53, 0x65, 0x63, 0x72, 0x65,
+	0x74, 0x73, 0x1a, 0xff, 0x02, 0x0a, 0x0d, 0x44, 0x79, 0x6e, 0x61, 0x6d, 0x69, 0x63, 0x53, 0x65,
+	0x63, 0x72, 0x65, 0x74, 0x12, 0x12, 0x0a, 0x04, 0x6e, 0x61, 0x6d, 0x65, 0x18, 0x01, 0x20, 0x01,
+	0x28, 0x09, 0x52, 0x04, 0x6e, 0x61, 0x6d, 0x65, 0x12, 0x21, 0x0a, 0x0c, 0x76, 0x65, 0x72, 0x73,
+	0x69, 0x6f, 0x6e, 0x5f, 0x69, 0x6e, 0x66, 0x6f, 0x18, 0x02, 0x20, 0x01, 0x28, 0x09, 0x52, 0x0b,
+	0x76, 0x65, 0x72, 0x73, 0x69, 0x6f, 0x6e, 0x49, 0x6e, 0x66, 0x6f, 0x12, 0x3d, 0x0a, 0x0c, 0x6c,
+	0x61, 0x73, 0x74, 0x5f, 0x75, 0x70, 0x64, 0x61, 0x74, 0x65, 0x64, 0x18, 0x03, 0x20, 0x01, 0x28,
+	0x0b, 0x32, 0x1a, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f,
+	0x62, 0x75, 0x66, 0x2e, 0x54, 0x69, 0x6d, 0x65, 0x73, 0x74, 0x61, 0x6d, 0x70, 0x52, 0x0b, 0x6c,
+	0x61, 0x73, 0x74, 0x55, 0x70, 0x64, 0x61, 0x74, 0x65, 0x64, 0x12, 0x2c, 0x0a, 0x06, 0x73, 0x65,
+	0x63, 0x72, 0x65, 0x74, 0x18, 0x04, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x14, 0x2e, 0x67, 0x6f, 0x6f,
+	0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x41, 0x6e, 0x79,
+	0x52, 0x06, 0x73, 0x65, 0x63, 0x72, 0x65, 0x74, 0x12, 0x43, 0x0a, 0x0b, 0x65, 0x72, 0x72, 0x6f,
+	0x72, 0x5f, 0x73, 0x74, 0x61, 0x74, 0x65, 0x18, 0x05, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x22, 0x2e,
+	0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61, 0x64, 0x6d, 0x69, 0x6e, 0x2e, 0x76, 0x33, 0x2e, 0x55,
+	0x70, 0x64, 0x61, 0x74, 0x65, 0x46, 0x61, 0x69, 0x6c, 0x75, 0x72, 0x65, 0x53, 0x74, 0x61, 0x74,
+	0x65, 0x52, 0x0a, 0x65, 0x72, 0x72, 0x6f, 0x72, 0x53, 0x74, 0x61, 0x74, 0x65, 0x12, 0x49, 0x0a,
+	0x0d, 0x63, 0x6c, 0x69, 0x65, 0x6e, 0x74, 0x5f, 0x73, 0x74, 0x61, 0x74, 0x75, 0x73, 0x18, 0x06,
+	0x20, 0x01, 0x28, 0x0e, 0x32, 0x24, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61, 0x64, 0x6d,
+	0x69, 0x6e, 0x2e, 0x76, 0x33, 0x2e, 0x43, 0x6c, 0x69, 0x65, 0x6e, 0x74, 0x52, 0x65, 0x73, 0x6f,
+	0x75, 0x72, 0x63, 0x65, 0x53, 0x74, 0x61, 0x74, 0x75, 0x73, 0x52, 0x0c, 0x63, 0x6c, 0x69, 0x65,
+	0x6e, 0x74, 0x53, 0x74, 0x61, 0x74, 0x75, 0x73, 0x3a, 0x3a, 0x9a, 0xc5, 0x88, 0x1e, 0x35, 0x0a,
+	0x33, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61, 0x64, 0x6d, 0x69, 0x6e, 0x2e, 0x76, 0x32, 0x61,
+	0x6c, 0x70, 0x68, 0x61, 0x2e, 0x53, 0x65, 0x63, 0x72, 0x65, 0x74, 0x73, 0x43, 0x6f, 0x6e, 0x66,
+	0x69, 0x67, 0x44, 0x75, 0x6d, 0x70, 0x2e, 0x44, 0x79, 0x6e, 0x61, 0x6d, 0x69, 0x63, 0x53, 0x65,
+	0x63, 0x72, 0x65, 0x74, 0x1a, 0xca, 0x01, 0x0a, 0x0c, 0x53, 0x74, 0x61, 0x74, 0x69, 0x63, 0x53,
+	0x65, 0x63, 0x72, 0x65, 0x74, 0x12, 0x12, 0x0a, 0x04, 0x6e, 0x61, 0x6d, 0x65, 0x18, 0x01, 0x20,
+	0x01, 0x28, 0x09, 0x52, 0x04, 0x6e, 0x61, 0x6d, 0x65, 0x12, 0x3d, 0x0a, 0x0c, 0x6c, 0x61, 0x73,
+	0x74, 0x5f, 0x75, 0x70, 0x64, 0x61, 0x74, 0x65, 0x64, 0x18, 0x02, 0x20, 0x01, 0x28, 0x0b, 0x32,
+	0x1a, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75,
+	0x66, 0x2e, 0x54, 0x69, 0x6d, 0x65, 0x73, 0x74, 0x61, 0x6d, 0x70, 0x52, 0x0b, 0x6c, 0x61, 0x73,
+	0x74, 0x55, 0x70, 0x64, 0x61, 0x74, 0x65, 0x64, 0x12, 0x2c, 0x0a, 0x06, 0x73, 0x65, 0x63, 0x72,
+	0x65, 0x74, 0x18, 0x03, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x14, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c,
+	0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x41, 0x6e, 0x79, 0x52, 0x06,
+	0x73, 0x65, 0x63, 0x72, 0x65, 0x74, 0x3a, 0x39, 0x9a, 0xc5, 0x88, 0x1e, 0x34, 0x0a, 0x32, 0x65,
+	0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61, 0x64, 0x6d, 0x69, 0x6e, 0x2e, 0x76, 0x32, 0x61, 0x6c, 0x70,
+	0x68, 0x61, 0x2e, 0x53, 0x65, 0x63, 0x72, 0x65, 0x74, 0x73, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67,
+	0x44, 0x75, 0x6d, 0x70, 0x2e, 0x53, 0x74, 0x61, 0x74, 0x69, 0x63, 0x53, 0x65, 0x63, 0x72, 0x65,
+	0x74, 0x3a, 0x2c, 0x9a, 0xc5, 0x88, 0x1e, 0x27, 0x0a, 0x25, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e,
+	0x61, 0x64, 0x6d, 0x69, 0x6e, 0x2e, 0x76, 0x32, 0x61, 0x6c, 0x70, 0x68, 0x61, 0x2e, 0x53, 0x65,
+	0x63, 0x72, 0x65, 0x74, 0x73, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x44, 0x75, 0x6d, 0x70, 0x22,
+	0xde, 0x05, 0x0a, 0x13, 0x45, 0x6e, 0x64, 0x70, 0x6f, 0x69, 0x6e, 0x74, 0x73, 0x43, 0x6f, 0x6e,
+	0x66, 0x69, 0x67, 0x44, 0x75, 0x6d, 0x70, 0x12, 0x70, 0x0a, 0x17, 0x73, 0x74, 0x61, 0x74, 0x69,
+	0x63, 0x5f, 0x65, 0x6e, 0x64, 0x70, 0x6f, 0x69, 0x6e, 0x74, 0x5f, 0x63, 0x6f, 0x6e, 0x66, 0x69,
+	0x67, 0x73, 0x18, 0x02, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x38, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79,
+	0x2e, 0x61, 0x64, 0x6d, 0x69, 0x6e, 0x2e, 0x76, 0x33, 0x2e, 0x45, 0x6e, 0x64, 0x70, 0x6f, 0x69,
+	0x6e, 0x74, 0x73, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x44, 0x75, 0x6d, 0x70, 0x2e, 0x53, 0x74,
+	0x61, 0x74, 0x69, 0x63, 0x45, 0x6e, 0x64, 0x70, 0x6f, 0x69, 0x6e, 0x74, 0x43, 0x6f, 0x6e, 0x66,
+	0x69, 0x67, 0x52, 0x15, 0x73, 0x74, 0x61, 0x74, 0x69, 0x63, 0x45, 0x6e, 0x64, 0x70, 0x6f, 0x69,
+	0x6e, 0x74, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x73, 0x12, 0x73, 0x0a, 0x18, 0x64, 0x79, 0x6e,
+	0x61, 0x6d, 0x69, 0x63, 0x5f, 0x65, 0x6e, 0x64, 0x70, 0x6f, 0x69, 0x6e, 0x74, 0x5f, 0x63, 0x6f,
+	0x6e, 0x66, 0x69, 0x67, 0x73, 0x18, 0x03, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x39, 0x2e, 0x65, 0x6e,
+	0x76, 0x6f, 0x79, 0x2e, 0x61, 0x64, 0x6d, 0x69, 0x6e, 0x2e, 0x76, 0x33, 0x2e, 0x45, 0x6e, 0x64,
+	0x70, 0x6f, 0x69, 0x6e, 0x74, 0x73, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x44, 0x75, 0x6d, 0x70,
+	0x2e, 0x44, 0x79, 0x6e, 0x61, 0x6d, 0x69, 0x63, 0x45, 0x6e, 0x64, 0x70, 0x6f, 0x69, 0x6e, 0x74,
+	0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x52, 0x16, 0x64, 0x79, 0x6e, 0x61, 0x6d, 0x69, 0x63, 0x45,
+	0x6e, 0x64, 0x70, 0x6f, 0x69, 0x6e, 0x74, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x73, 0x1a, 0x94,
+	0x01, 0x0a, 0x14, 0x53, 0x74, 0x61, 0x74, 0x69, 0x63, 0x45, 0x6e, 0x64, 0x70, 0x6f, 0x69, 0x6e,
+	0x74, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x12, 0x3d, 0x0a, 0x0f, 0x65, 0x6e, 0x64, 0x70, 0x6f,
+	0x69, 0x6e, 0x74, 0x5f, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x18, 0x01, 0x20, 0x01, 0x28, 0x0b,
+	0x32, 0x14, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62,
+	0x75, 0x66, 0x2e, 0x41, 0x6e, 0x79, 0x52, 0x0e, 0x65, 0x6e, 0x64, 0x70, 0x6f, 0x69, 0x6e, 0x74,
+	0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x12, 0x3d, 0x0a, 0x0c, 0x6c, 0x61, 0x73, 0x74, 0x5f, 0x75,
+	0x70, 0x64, 0x61, 0x74, 0x65, 0x64, 0x18, 0x02, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1a, 0x2e, 0x67,
+	0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x54,
+	0x69, 0x6d, 0x65, 0x73, 0x74, 0x61, 0x6d, 0x70, 0x52, 0x0b, 0x6c, 0x61, 0x73, 0x74, 0x55, 0x70,
+	0x64, 0x61, 0x74, 0x65, 0x64, 0x1a, 0xc8, 0x02, 0x0a, 0x15, 0x44, 0x79, 0x6e, 0x61, 0x6d, 0x69,
+	0x63, 0x45, 0x6e, 0x64, 0x70, 0x6f, 0x69, 0x6e, 0x74, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x12,
+	0x21, 0x0a, 0x0c, 0x76, 0x65, 0x72, 0x73, 0x69, 0x6f, 0x6e, 0x5f, 0x69, 0x6e, 0x66, 0x6f, 0x18,
+	0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x0b, 0x76, 0x65, 0x72, 0x73, 0x69, 0x6f, 0x6e, 0x49, 0x6e,
+	0x66, 0x6f, 0x12, 0x3d, 0x0a, 0x0f, 0x65, 0x6e, 0x64, 0x70, 0x6f, 0x69, 0x6e, 0x74, 0x5f, 0x63,
+	0x6f, 0x6e, 0x66, 0x69, 0x67, 0x18, 0x02, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x14, 0x2e, 0x67, 0x6f,
+	0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x41, 0x6e,
+	0x79, 0x52, 0x0e, 0x65, 0x6e, 0x64, 0x70, 0x6f, 0x69, 0x6e, 0x74, 0x43, 0x6f, 0x6e, 0x66, 0x69,
+	0x67, 0x12, 0x3d, 0x0a, 0x0c, 0x6c, 0x61, 0x73, 0x74, 0x5f, 0x75, 0x70, 0x64, 0x61, 0x74, 0x65,
+	0x64, 0x18, 0x03, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1a, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65,
+	0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x54, 0x69, 0x6d, 0x65, 0x73, 0x74,
+	0x61, 0x6d, 0x70, 0x52, 0x0b, 0x6c, 0x61, 0x73, 0x74, 0x55, 0x70, 0x64, 0x61, 0x74, 0x65, 0x64,
+	0x12, 0x43, 0x0a, 0x0b, 0x65, 0x72, 0x72, 0x6f, 0x72, 0x5f, 0x73, 0x74, 0x61, 0x74, 0x65, 0x18,
+	0x04, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x22, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61, 0x64,
+	0x6d, 0x69, 0x6e, 0x2e, 0x76, 0x33, 0x2e, 0x55, 0x70, 0x64, 0x61, 0x74, 0x65, 0x46, 0x61, 0x69,
+	0x6c, 0x75, 0x72, 0x65, 0x53, 0x74, 0x61, 0x74, 0x65, 0x52, 0x0a, 0x65, 0x72, 0x72, 0x6f, 0x72,
+	0x53, 0x74, 0x61, 0x74, 0x65, 0x12, 0x49, 0x0a, 0x0d, 0x63, 0x6c, 0x69, 0x65, 0x6e, 0x74, 0x5f,
+	0x73, 0x74, 0x61, 0x74, 0x75, 0x73, 0x18, 0x05, 0x20, 0x01, 0x28, 0x0e, 0x32, 0x24, 0x2e, 0x65,
+	0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61, 0x64, 0x6d, 0x69, 0x6e, 0x2e, 0x76, 0x33, 0x2e, 0x43, 0x6c,
+	0x69, 0x65, 0x6e, 0x74, 0x52, 0x65, 0x73, 0x6f, 0x75, 0x72, 0x63, 0x65, 0x53, 0x74, 0x61, 0x74,
+	0x75, 0x73, 0x52, 0x0c, 0x63, 0x6c, 0x69, 0x65, 0x6e, 0x74, 0x53, 0x74, 0x61, 0x74, 0x75, 0x73,
+	0x2a, 0x5d, 0x0a, 0x14, 0x43, 0x6c, 0x69, 0x65, 0x6e, 0x74, 0x52, 0x65, 0x73, 0x6f, 0x75, 0x72,
+	0x63, 0x65, 0x53, 0x74, 0x61, 0x74, 0x75, 0x73, 0x12, 0x0b, 0x0a, 0x07, 0x55, 0x4e, 0x4b, 0x4e,
+	0x4f, 0x57, 0x4e, 0x10, 0x00, 0x12, 0x0d, 0x0a, 0x09, 0x52, 0x45, 0x51, 0x55, 0x45, 0x53, 0x54,
+	0x45, 0x44, 0x10, 0x01, 0x12, 0x12, 0x0a, 0x0e, 0x44, 0x4f, 0x45, 0x53, 0x5f, 0x4e, 0x4f, 0x54,
+	0x5f, 0x45, 0x58, 0x49, 0x53, 0x54, 0x10, 0x02, 0x12, 0x09, 0x0a, 0x05, 0x41, 0x43, 0x4b, 0x45,
+	0x44, 0x10, 0x03, 0x12, 0x0a, 0x0a, 0x06, 0x4e, 0x41, 0x43, 0x4b, 0x45, 0x44, 0x10, 0x04, 0x42,
+	0x39, 0x0a, 0x1c, 0x69, 0x6f, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x70, 0x72, 0x6f, 0x78, 0x79,
+	0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61, 0x64, 0x6d, 0x69, 0x6e, 0x2e, 0x76, 0x33, 0x42,
+	0x0f, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x44, 0x75, 0x6d, 0x70, 0x50, 0x72, 0x6f, 0x74, 0x6f,
+	0x50, 0x01, 0xba, 0x80, 0xc8, 0xd1, 0x06, 0x02, 0x10, 0x02, 0x62, 0x06, 0x70, 0x72, 0x6f, 0x74,
+	0x6f, 0x33,
+}
+
+var (
+	file_envoy_admin_v3_config_dump_proto_rawDescOnce sync.Once
+	file_envoy_admin_v3_config_dump_proto_rawDescData = file_envoy_admin_v3_config_dump_proto_rawDesc
+)
+
+func file_envoy_admin_v3_config_dump_proto_rawDescGZIP() []byte {
+	file_envoy_admin_v3_config_dump_proto_rawDescOnce.Do(func() {
+		file_envoy_admin_v3_config_dump_proto_rawDescData = protoimpl.X.CompressGZIP(file_envoy_admin_v3_config_dump_proto_rawDescData)
+	})
+	return file_envoy_admin_v3_config_dump_proto_rawDescData
+}
+
+var file_envoy_admin_v3_config_dump_proto_enumTypes = make([]protoimpl.EnumInfo, 1)
+var file_envoy_admin_v3_config_dump_proto_msgTypes = make([]protoimpl.MessageInfo, 22)
+var file_envoy_admin_v3_config_dump_proto_goTypes = []interface{}{
+	(ClientResourceStatus)(0),                                // 0: envoy.admin.v3.ClientResourceStatus
+	(*ConfigDump)(nil),                                       // 1: envoy.admin.v3.ConfigDump
+	(*UpdateFailureState)(nil),                               // 2: envoy.admin.v3.UpdateFailureState
+	(*BootstrapConfigDump)(nil),                              // 3: envoy.admin.v3.BootstrapConfigDump
+	(*ListenersConfigDump)(nil),                              // 4: envoy.admin.v3.ListenersConfigDump
+	(*ClustersConfigDump)(nil),                               // 5: envoy.admin.v3.ClustersConfigDump
+	(*RoutesConfigDump)(nil),                                 // 6: envoy.admin.v3.RoutesConfigDump
+	(*ScopedRoutesConfigDump)(nil),                           // 7: envoy.admin.v3.ScopedRoutesConfigDump
+	(*SecretsConfigDump)(nil),                                // 8: envoy.admin.v3.SecretsConfigDump
+	(*EndpointsConfigDump)(nil),                              // 9: envoy.admin.v3.EndpointsConfigDump
+	(*ListenersConfigDump_StaticListener)(nil),               // 10: envoy.admin.v3.ListenersConfigDump.StaticListener
+	(*ListenersConfigDump_DynamicListenerState)(nil),         // 11: envoy.admin.v3.ListenersConfigDump.DynamicListenerState
+	(*ListenersConfigDump_DynamicListener)(nil),              // 12: envoy.admin.v3.ListenersConfigDump.DynamicListener
+	(*ClustersConfigDump_StaticCluster)(nil),                 // 13: envoy.admin.v3.ClustersConfigDump.StaticCluster
+	(*ClustersConfigDump_DynamicCluster)(nil),                // 14: envoy.admin.v3.ClustersConfigDump.DynamicCluster
+	(*RoutesConfigDump_StaticRouteConfig)(nil),               // 15: envoy.admin.v3.RoutesConfigDump.StaticRouteConfig
+	(*RoutesConfigDump_DynamicRouteConfig)(nil),              // 16: envoy.admin.v3.RoutesConfigDump.DynamicRouteConfig
+	(*ScopedRoutesConfigDump_InlineScopedRouteConfigs)(nil),  // 17: envoy.admin.v3.ScopedRoutesConfigDump.InlineScopedRouteConfigs
+	(*ScopedRoutesConfigDump_DynamicScopedRouteConfigs)(nil), // 18: envoy.admin.v3.ScopedRoutesConfigDump.DynamicScopedRouteConfigs
+	(*SecretsConfigDump_DynamicSecret)(nil),                  // 19: envoy.admin.v3.SecretsConfigDump.DynamicSecret
+	(*SecretsConfigDump_StaticSecret)(nil),                   // 20: envoy.admin.v3.SecretsConfigDump.StaticSecret
+	(*EndpointsConfigDump_StaticEndpointConfig)(nil),         // 21: envoy.admin.v3.EndpointsConfigDump.StaticEndpointConfig
+	(*EndpointsConfigDump_DynamicEndpointConfig)(nil),        // 22: envoy.admin.v3.EndpointsConfigDump.DynamicEndpointConfig
+	(*any.Any)(nil),                                          // 23: google.protobuf.Any
+	(*timestamp.Timestamp)(nil),                              // 24: google.protobuf.Timestamp
+	(*v3.Bootstrap)(nil),                                     // 25: envoy.config.bootstrap.v3.Bootstrap
+}
+var file_envoy_admin_v3_config_dump_proto_depIdxs = []int32{
+	23, // 0: envoy.admin.v3.ConfigDump.configs:type_name -> google.protobuf.Any
+	23, // 1: envoy.admin.v3.UpdateFailureState.failed_configuration:type_name -> google.protobuf.Any
+	24, // 2: envoy.admin.v3.UpdateFailureState.last_update_attempt:type_name -> google.protobuf.Timestamp
+	25, // 3: envoy.admin.v3.BootstrapConfigDump.bootstrap:type_name -> envoy.config.bootstrap.v3.Bootstrap
+	24, // 4: envoy.admin.v3.BootstrapConfigDump.last_updated:type_name -> google.protobuf.Timestamp
+	10, // 5: envoy.admin.v3.ListenersConfigDump.static_listeners:type_name -> envoy.admin.v3.ListenersConfigDump.StaticListener
+	12, // 6: envoy.admin.v3.ListenersConfigDump.dynamic_listeners:type_name -> envoy.admin.v3.ListenersConfigDump.DynamicListener
+	13, // 7: envoy.admin.v3.ClustersConfigDump.static_clusters:type_name -> envoy.admin.v3.ClustersConfigDump.StaticCluster
+	14, // 8: envoy.admin.v3.ClustersConfigDump.dynamic_active_clusters:type_name -> envoy.admin.v3.ClustersConfigDump.DynamicCluster
+	14, // 9: envoy.admin.v3.ClustersConfigDump.dynamic_warming_clusters:type_name -> envoy.admin.v3.ClustersConfigDump.DynamicCluster
+	15, // 10: envoy.admin.v3.RoutesConfigDump.static_route_configs:type_name -> envoy.admin.v3.RoutesConfigDump.StaticRouteConfig
+	16, // 11: envoy.admin.v3.RoutesConfigDump.dynamic_route_configs:type_name -> envoy.admin.v3.RoutesConfigDump.DynamicRouteConfig
+	17, // 12: envoy.admin.v3.ScopedRoutesConfigDump.inline_scoped_route_configs:type_name -> envoy.admin.v3.ScopedRoutesConfigDump.InlineScopedRouteConfigs
+	18, // 13: envoy.admin.v3.ScopedRoutesConfigDump.dynamic_scoped_route_configs:type_name -> envoy.admin.v3.ScopedRoutesConfigDump.DynamicScopedRouteConfigs
+	20, // 14: envoy.admin.v3.SecretsConfigDump.static_secrets:type_name -> envoy.admin.v3.SecretsConfigDump.StaticSecret
+	19, // 15: envoy.admin.v3.SecretsConfigDump.dynamic_active_secrets:type_name -> envoy.admin.v3.SecretsConfigDump.DynamicSecret
+	19, // 16: envoy.admin.v3.SecretsConfigDump.dynamic_warming_secrets:type_name -> envoy.admin.v3.SecretsConfigDump.DynamicSecret
+	21, // 17: envoy.admin.v3.EndpointsConfigDump.static_endpoint_configs:type_name -> envoy.admin.v3.EndpointsConfigDump.StaticEndpointConfig
+	22, // 18: envoy.admin.v3.EndpointsConfigDump.dynamic_endpoint_configs:type_name -> envoy.admin.v3.EndpointsConfigDump.DynamicEndpointConfig
+	23, // 19: envoy.admin.v3.ListenersConfigDump.StaticListener.listener:type_name -> google.protobuf.Any
+	24, // 20: envoy.admin.v3.ListenersConfigDump.StaticListener.last_updated:type_name -> google.protobuf.Timestamp
+	23, // 21: envoy.admin.v3.ListenersConfigDump.DynamicListenerState.listener:type_name -> google.protobuf.Any
+	24, // 22: envoy.admin.v3.ListenersConfigDump.DynamicListenerState.last_updated:type_name -> google.protobuf.Timestamp
+	11, // 23: envoy.admin.v3.ListenersConfigDump.DynamicListener.active_state:type_name -> envoy.admin.v3.ListenersConfigDump.DynamicListenerState
+	11, // 24: envoy.admin.v3.ListenersConfigDump.DynamicListener.warming_state:type_name -> envoy.admin.v3.ListenersConfigDump.DynamicListenerState
+	11, // 25: envoy.admin.v3.ListenersConfigDump.DynamicListener.draining_state:type_name -> envoy.admin.v3.ListenersConfigDump.DynamicListenerState
+	2,  // 26: envoy.admin.v3.ListenersConfigDump.DynamicListener.error_state:type_name -> envoy.admin.v3.UpdateFailureState
+	0,  // 27: envoy.admin.v3.ListenersConfigDump.DynamicListener.client_status:type_name -> envoy.admin.v3.ClientResourceStatus
+	23, // 28: envoy.admin.v3.ClustersConfigDump.StaticCluster.cluster:type_name -> google.protobuf.Any
+	24, // 29: envoy.admin.v3.ClustersConfigDump.StaticCluster.last_updated:type_name -> google.protobuf.Timestamp
+	23, // 30: envoy.admin.v3.ClustersConfigDump.DynamicCluster.cluster:type_name -> google.protobuf.Any
+	24, // 31: envoy.admin.v3.ClustersConfigDump.DynamicCluster.last_updated:type_name -> google.protobuf.Timestamp
+	2,  // 32: envoy.admin.v3.ClustersConfigDump.DynamicCluster.error_state:type_name -> envoy.admin.v3.UpdateFailureState
+	0,  // 33: envoy.admin.v3.ClustersConfigDump.DynamicCluster.client_status:type_name -> envoy.admin.v3.ClientResourceStatus
+	23, // 34: envoy.admin.v3.RoutesConfigDump.StaticRouteConfig.route_config:type_name -> google.protobuf.Any
+	24, // 35: envoy.admin.v3.RoutesConfigDump.StaticRouteConfig.last_updated:type_name -> google.protobuf.Timestamp
+	23, // 36: envoy.admin.v3.RoutesConfigDump.DynamicRouteConfig.route_config:type_name -> google.protobuf.Any
+	24, // 37: envoy.admin.v3.RoutesConfigDump.DynamicRouteConfig.last_updated:type_name -> google.protobuf.Timestamp
+	2,  // 38: envoy.admin.v3.RoutesConfigDump.DynamicRouteConfig.error_state:type_name -> envoy.admin.v3.UpdateFailureState
+	0,  // 39: envoy.admin.v3.RoutesConfigDump.DynamicRouteConfig.client_status:type_name -> envoy.admin.v3.ClientResourceStatus
+	23, // 40: envoy.admin.v3.ScopedRoutesConfigDump.InlineScopedRouteConfigs.scoped_route_configs:type_name -> google.protobuf.Any
+	24, // 41: envoy.admin.v3.ScopedRoutesConfigDump.InlineScopedRouteConfigs.last_updated:type_name -> google.protobuf.Timestamp
+	23, // 42: envoy.admin.v3.ScopedRoutesConfigDump.DynamicScopedRouteConfigs.scoped_route_configs:type_name -> google.protobuf.Any
+	24, // 43: envoy.admin.v3.ScopedRoutesConfigDump.DynamicScopedRouteConfigs.last_updated:type_name -> google.protobuf.Timestamp
+	2,  // 44: envoy.admin.v3.ScopedRoutesConfigDump.DynamicScopedRouteConfigs.error_state:type_name -> envoy.admin.v3.UpdateFailureState
+	0,  // 45: envoy.admin.v3.ScopedRoutesConfigDump.DynamicScopedRouteConfigs.client_status:type_name -> envoy.admin.v3.ClientResourceStatus
+	24, // 46: envoy.admin.v3.SecretsConfigDump.DynamicSecret.last_updated:type_name -> google.protobuf.Timestamp
+	23, // 47: envoy.admin.v3.SecretsConfigDump.DynamicSecret.secret:type_name -> google.protobuf.Any
+	2,  // 48: envoy.admin.v3.SecretsConfigDump.DynamicSecret.error_state:type_name -> envoy.admin.v3.UpdateFailureState
+	0,  // 49: envoy.admin.v3.SecretsConfigDump.DynamicSecret.client_status:type_name -> envoy.admin.v3.ClientResourceStatus
+	24, // 50: envoy.admin.v3.SecretsConfigDump.StaticSecret.last_updated:type_name -> google.protobuf.Timestamp
+	23, // 51: envoy.admin.v3.SecretsConfigDump.StaticSecret.secret:type_name -> google.protobuf.Any
+	23, // 52: envoy.admin.v3.EndpointsConfigDump.StaticEndpointConfig.endpoint_config:type_name -> google.protobuf.Any
+	24, // 53: envoy.admin.v3.EndpointsConfigDump.StaticEndpointConfig.last_updated:type_name -> google.protobuf.Timestamp
+	23, // 54: envoy.admin.v3.EndpointsConfigDump.DynamicEndpointConfig.endpoint_config:type_name -> google.protobuf.Any
+	24, // 55: envoy.admin.v3.EndpointsConfigDump.DynamicEndpointConfig.last_updated:type_name -> google.protobuf.Timestamp
+	2,  // 56: envoy.admin.v3.EndpointsConfigDump.DynamicEndpointConfig.error_state:type_name -> envoy.admin.v3.UpdateFailureState
+	0,  // 57: envoy.admin.v3.EndpointsConfigDump.DynamicEndpointConfig.client_status:type_name -> envoy.admin.v3.ClientResourceStatus
+	58, // [58:58] is the sub-list for method output_type
+	58, // [58:58] is the sub-list for method input_type
+	58, // [58:58] is the sub-list for extension type_name
+	58, // [58:58] is the sub-list for extension extendee
+	0,  // [0:58] is the sub-list for field type_name
+}
+
+func init() { file_envoy_admin_v3_config_dump_proto_init() }
+func file_envoy_admin_v3_config_dump_proto_init() {
+	if File_envoy_admin_v3_config_dump_proto != nil {
+		return
+	}
+	if !protoimpl.UnsafeEnabled {
+		file_envoy_admin_v3_config_dump_proto_msgTypes[0].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*ConfigDump); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_admin_v3_config_dump_proto_msgTypes[1].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*UpdateFailureState); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_admin_v3_config_dump_proto_msgTypes[2].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*BootstrapConfigDump); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_admin_v3_config_dump_proto_msgTypes[3].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*ListenersConfigDump); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_admin_v3_config_dump_proto_msgTypes[4].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*ClustersConfigDump); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_admin_v3_config_dump_proto_msgTypes[5].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*RoutesConfigDump); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_admin_v3_config_dump_proto_msgTypes[6].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*ScopedRoutesConfigDump); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_admin_v3_config_dump_proto_msgTypes[7].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*SecretsConfigDump); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_admin_v3_config_dump_proto_msgTypes[8].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*EndpointsConfigDump); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_admin_v3_config_dump_proto_msgTypes[9].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*ListenersConfigDump_StaticListener); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_admin_v3_config_dump_proto_msgTypes[10].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*ListenersConfigDump_DynamicListenerState); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_admin_v3_config_dump_proto_msgTypes[11].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*ListenersConfigDump_DynamicListener); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_admin_v3_config_dump_proto_msgTypes[12].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*ClustersConfigDump_StaticCluster); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_admin_v3_config_dump_proto_msgTypes[13].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*ClustersConfigDump_DynamicCluster); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_admin_v3_config_dump_proto_msgTypes[14].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*RoutesConfigDump_StaticRouteConfig); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_admin_v3_config_dump_proto_msgTypes[15].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*RoutesConfigDump_DynamicRouteConfig); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_admin_v3_config_dump_proto_msgTypes[16].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*ScopedRoutesConfigDump_InlineScopedRouteConfigs); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_admin_v3_config_dump_proto_msgTypes[17].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*ScopedRoutesConfigDump_DynamicScopedRouteConfigs); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_admin_v3_config_dump_proto_msgTypes[18].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*SecretsConfigDump_DynamicSecret); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_admin_v3_config_dump_proto_msgTypes[19].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*SecretsConfigDump_StaticSecret); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_admin_v3_config_dump_proto_msgTypes[20].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*EndpointsConfigDump_StaticEndpointConfig); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_admin_v3_config_dump_proto_msgTypes[21].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*EndpointsConfigDump_DynamicEndpointConfig); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+	}
+	type x struct{}
+	out := protoimpl.TypeBuilder{
+		File: protoimpl.DescBuilder{
+			GoPackagePath: reflect.TypeOf(x{}).PkgPath(),
+			RawDescriptor: file_envoy_admin_v3_config_dump_proto_rawDesc,
+			NumEnums:      1,
+			NumMessages:   22,
+			NumExtensions: 0,
+			NumServices:   0,
+		},
+		GoTypes:           file_envoy_admin_v3_config_dump_proto_goTypes,
+		DependencyIndexes: file_envoy_admin_v3_config_dump_proto_depIdxs,
+		EnumInfos:         file_envoy_admin_v3_config_dump_proto_enumTypes,
+		MessageInfos:      file_envoy_admin_v3_config_dump_proto_msgTypes,
+	}.Build()
+	File_envoy_admin_v3_config_dump_proto = out.File
+	file_envoy_admin_v3_config_dump_proto_rawDesc = nil
+	file_envoy_admin_v3_config_dump_proto_goTypes = nil
+	file_envoy_admin_v3_config_dump_proto_depIdxs = nil
+}
diff --git a/vendor/github.com/envoyproxy/go-control-plane/envoy/admin/v3/config_dump.pb.validate.go b/vendor/github.com/envoyproxy/go-control-plane/envoy/admin/v3/config_dump.pb.validate.go
new file mode 100644
index 00000000000..4df81ec97a6
--- /dev/null
+++ b/vendor/github.com/envoyproxy/go-control-plane/envoy/admin/v3/config_dump.pb.validate.go
@@ -0,0 +1,3940 @@
+// Code generated by protoc-gen-validate. DO NOT EDIT.
+// source: envoy/admin/v3/config_dump.proto
+
+package envoy_admin_v3
+
+import (
+	"bytes"
+	"errors"
+	"fmt"
+	"net"
+	"net/mail"
+	"net/url"
+	"regexp"
+	"sort"
+	"strings"
+	"time"
+	"unicode/utf8"
+
+	"google.golang.org/protobuf/types/known/anypb"
+)
+
+// ensure the imports are used
+var (
+	_ = bytes.MinRead
+	_ = errors.New("")
+	_ = fmt.Print
+	_ = utf8.UTFMax
+	_ = (*regexp.Regexp)(nil)
+	_ = (*strings.Reader)(nil)
+	_ = net.IPv4len
+	_ = time.Duration(0)
+	_ = (*url.URL)(nil)
+	_ = (*mail.Address)(nil)
+	_ = anypb.Any{}
+	_ = sort.Sort
+)
+
+// Validate checks the field values on ConfigDump with the rules defined in the
+// proto definition for this message. If any rules are violated, the first
+// error encountered is returned, or nil if there are no violations.
+func (m *ConfigDump) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on ConfigDump with the rules defined in
+// the proto definition for this message. If any rules are violated, the
+// result is a list of violation errors wrapped in ConfigDumpMultiError, or
+// nil if none found.
+func (m *ConfigDump) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *ConfigDump) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	for idx, item := range m.GetConfigs() {
+		_, _ = idx, item
+
+		if all {
+			switch v := interface{}(item).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, ConfigDumpValidationError{
+						field:  fmt.Sprintf("Configs[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, ConfigDumpValidationError{
+						field:  fmt.Sprintf("Configs[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(item).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return ConfigDumpValidationError{
+					field:  fmt.Sprintf("Configs[%v]", idx),
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	}
+
+	if len(errors) > 0 {
+		return ConfigDumpMultiError(errors)
+	}
+	return nil
+}
+
+// ConfigDumpMultiError is an error wrapping multiple validation errors
+// returned by ConfigDump.ValidateAll() if the designated constraints aren't met.
+type ConfigDumpMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m ConfigDumpMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m ConfigDumpMultiError) AllErrors() []error { return m }
+
+// ConfigDumpValidationError is the validation error returned by
+// ConfigDump.Validate if the designated constraints aren't met.
+type ConfigDumpValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e ConfigDumpValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e ConfigDumpValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e ConfigDumpValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e ConfigDumpValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e ConfigDumpValidationError) ErrorName() string { return "ConfigDumpValidationError" }
+
+// Error satisfies the builtin error interface
+func (e ConfigDumpValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sConfigDump.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = ConfigDumpValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = ConfigDumpValidationError{}
+
+// Validate checks the field values on UpdateFailureState with the rules
+// defined in the proto definition for this message. If any rules are
+// violated, the first error encountered is returned, or nil if there are no violations.
+func (m *UpdateFailureState) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on UpdateFailureState with the rules
+// defined in the proto definition for this message. If any rules are
+// violated, the result is a list of violation errors wrapped in
+// UpdateFailureStateMultiError, or nil if none found.
+func (m *UpdateFailureState) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *UpdateFailureState) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	if all {
+		switch v := interface{}(m.GetFailedConfiguration()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, UpdateFailureStateValidationError{
+					field:  "FailedConfiguration",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, UpdateFailureStateValidationError{
+					field:  "FailedConfiguration",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetFailedConfiguration()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return UpdateFailureStateValidationError{
+				field:  "FailedConfiguration",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if all {
+		switch v := interface{}(m.GetLastUpdateAttempt()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, UpdateFailureStateValidationError{
+					field:  "LastUpdateAttempt",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, UpdateFailureStateValidationError{
+					field:  "LastUpdateAttempt",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetLastUpdateAttempt()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return UpdateFailureStateValidationError{
+				field:  "LastUpdateAttempt",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	// no validation rules for Details
+
+	// no validation rules for VersionInfo
+
+	if len(errors) > 0 {
+		return UpdateFailureStateMultiError(errors)
+	}
+	return nil
+}
+
+// UpdateFailureStateMultiError is an error wrapping multiple validation errors
+// returned by UpdateFailureState.ValidateAll() if the designated constraints
+// aren't met.
+type UpdateFailureStateMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m UpdateFailureStateMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m UpdateFailureStateMultiError) AllErrors() []error { return m }
+
+// UpdateFailureStateValidationError is the validation error returned by
+// UpdateFailureState.Validate if the designated constraints aren't met.
+type UpdateFailureStateValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e UpdateFailureStateValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e UpdateFailureStateValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e UpdateFailureStateValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e UpdateFailureStateValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e UpdateFailureStateValidationError) ErrorName() string {
+	return "UpdateFailureStateValidationError"
+}
+
+// Error satisfies the builtin error interface
+func (e UpdateFailureStateValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sUpdateFailureState.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = UpdateFailureStateValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = UpdateFailureStateValidationError{}
+
+// Validate checks the field values on BootstrapConfigDump with the rules
+// defined in the proto definition for this message. If any rules are
+// violated, the first error encountered is returned, or nil if there are no violations.
+func (m *BootstrapConfigDump) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on BootstrapConfigDump with the rules
+// defined in the proto definition for this message. If any rules are
+// violated, the result is a list of violation errors wrapped in
+// BootstrapConfigDumpMultiError, or nil if none found.
+func (m *BootstrapConfigDump) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *BootstrapConfigDump) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	if all {
+		switch v := interface{}(m.GetBootstrap()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, BootstrapConfigDumpValidationError{
+					field:  "Bootstrap",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, BootstrapConfigDumpValidationError{
+					field:  "Bootstrap",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetBootstrap()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return BootstrapConfigDumpValidationError{
+				field:  "Bootstrap",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if all {
+		switch v := interface{}(m.GetLastUpdated()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, BootstrapConfigDumpValidationError{
+					field:  "LastUpdated",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, BootstrapConfigDumpValidationError{
+					field:  "LastUpdated",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetLastUpdated()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return BootstrapConfigDumpValidationError{
+				field:  "LastUpdated",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if len(errors) > 0 {
+		return BootstrapConfigDumpMultiError(errors)
+	}
+	return nil
+}
+
+// BootstrapConfigDumpMultiError is an error wrapping multiple validation
+// errors returned by BootstrapConfigDump.ValidateAll() if the designated
+// constraints aren't met.
+type BootstrapConfigDumpMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m BootstrapConfigDumpMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m BootstrapConfigDumpMultiError) AllErrors() []error { return m }
+
+// BootstrapConfigDumpValidationError is the validation error returned by
+// BootstrapConfigDump.Validate if the designated constraints aren't met.
+type BootstrapConfigDumpValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e BootstrapConfigDumpValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e BootstrapConfigDumpValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e BootstrapConfigDumpValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e BootstrapConfigDumpValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e BootstrapConfigDumpValidationError) ErrorName() string {
+	return "BootstrapConfigDumpValidationError"
+}
+
+// Error satisfies the builtin error interface
+func (e BootstrapConfigDumpValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sBootstrapConfigDump.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = BootstrapConfigDumpValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = BootstrapConfigDumpValidationError{}
+
+// Validate checks the field values on ListenersConfigDump with the rules
+// defined in the proto definition for this message. If any rules are
+// violated, the first error encountered is returned, or nil if there are no violations.
+func (m *ListenersConfigDump) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on ListenersConfigDump with the rules
+// defined in the proto definition for this message. If any rules are
+// violated, the result is a list of violation errors wrapped in
+// ListenersConfigDumpMultiError, or nil if none found.
+func (m *ListenersConfigDump) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *ListenersConfigDump) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	// no validation rules for VersionInfo
+
+	for idx, item := range m.GetStaticListeners() {
+		_, _ = idx, item
+
+		if all {
+			switch v := interface{}(item).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, ListenersConfigDumpValidationError{
+						field:  fmt.Sprintf("StaticListeners[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, ListenersConfigDumpValidationError{
+						field:  fmt.Sprintf("StaticListeners[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(item).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return ListenersConfigDumpValidationError{
+					field:  fmt.Sprintf("StaticListeners[%v]", idx),
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	}
+
+	for idx, item := range m.GetDynamicListeners() {
+		_, _ = idx, item
+
+		if all {
+			switch v := interface{}(item).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, ListenersConfigDumpValidationError{
+						field:  fmt.Sprintf("DynamicListeners[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, ListenersConfigDumpValidationError{
+						field:  fmt.Sprintf("DynamicListeners[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(item).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return ListenersConfigDumpValidationError{
+					field:  fmt.Sprintf("DynamicListeners[%v]", idx),
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	}
+
+	if len(errors) > 0 {
+		return ListenersConfigDumpMultiError(errors)
+	}
+	return nil
+}
+
+// ListenersConfigDumpMultiError is an error wrapping multiple validation
+// errors returned by ListenersConfigDump.ValidateAll() if the designated
+// constraints aren't met.
+type ListenersConfigDumpMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m ListenersConfigDumpMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m ListenersConfigDumpMultiError) AllErrors() []error { return m }
+
+// ListenersConfigDumpValidationError is the validation error returned by
+// ListenersConfigDump.Validate if the designated constraints aren't met.
+type ListenersConfigDumpValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e ListenersConfigDumpValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e ListenersConfigDumpValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e ListenersConfigDumpValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e ListenersConfigDumpValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e ListenersConfigDumpValidationError) ErrorName() string {
+	return "ListenersConfigDumpValidationError"
+}
+
+// Error satisfies the builtin error interface
+func (e ListenersConfigDumpValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sListenersConfigDump.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = ListenersConfigDumpValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = ListenersConfigDumpValidationError{}
+
+// Validate checks the field values on ClustersConfigDump with the rules
+// defined in the proto definition for this message. If any rules are
+// violated, the first error encountered is returned, or nil if there are no violations.
+func (m *ClustersConfigDump) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on ClustersConfigDump with the rules
+// defined in the proto definition for this message. If any rules are
+// violated, the result is a list of violation errors wrapped in
+// ClustersConfigDumpMultiError, or nil if none found.
+func (m *ClustersConfigDump) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *ClustersConfigDump) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	// no validation rules for VersionInfo
+
+	for idx, item := range m.GetStaticClusters() {
+		_, _ = idx, item
+
+		if all {
+			switch v := interface{}(item).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, ClustersConfigDumpValidationError{
+						field:  fmt.Sprintf("StaticClusters[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, ClustersConfigDumpValidationError{
+						field:  fmt.Sprintf("StaticClusters[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(item).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return ClustersConfigDumpValidationError{
+					field:  fmt.Sprintf("StaticClusters[%v]", idx),
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	}
+
+	for idx, item := range m.GetDynamicActiveClusters() {
+		_, _ = idx, item
+
+		if all {
+			switch v := interface{}(item).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, ClustersConfigDumpValidationError{
+						field:  fmt.Sprintf("DynamicActiveClusters[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, ClustersConfigDumpValidationError{
+						field:  fmt.Sprintf("DynamicActiveClusters[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(item).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return ClustersConfigDumpValidationError{
+					field:  fmt.Sprintf("DynamicActiveClusters[%v]", idx),
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	}
+
+	for idx, item := range m.GetDynamicWarmingClusters() {
+		_, _ = idx, item
+
+		if all {
+			switch v := interface{}(item).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, ClustersConfigDumpValidationError{
+						field:  fmt.Sprintf("DynamicWarmingClusters[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, ClustersConfigDumpValidationError{
+						field:  fmt.Sprintf("DynamicWarmingClusters[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(item).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return ClustersConfigDumpValidationError{
+					field:  fmt.Sprintf("DynamicWarmingClusters[%v]", idx),
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	}
+
+	if len(errors) > 0 {
+		return ClustersConfigDumpMultiError(errors)
+	}
+	return nil
+}
+
+// ClustersConfigDumpMultiError is an error wrapping multiple validation errors
+// returned by ClustersConfigDump.ValidateAll() if the designated constraints
+// aren't met.
+type ClustersConfigDumpMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m ClustersConfigDumpMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m ClustersConfigDumpMultiError) AllErrors() []error { return m }
+
+// ClustersConfigDumpValidationError is the validation error returned by
+// ClustersConfigDump.Validate if the designated constraints aren't met.
+type ClustersConfigDumpValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e ClustersConfigDumpValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e ClustersConfigDumpValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e ClustersConfigDumpValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e ClustersConfigDumpValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e ClustersConfigDumpValidationError) ErrorName() string {
+	return "ClustersConfigDumpValidationError"
+}
+
+// Error satisfies the builtin error interface
+func (e ClustersConfigDumpValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sClustersConfigDump.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = ClustersConfigDumpValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = ClustersConfigDumpValidationError{}
+
+// Validate checks the field values on RoutesConfigDump with the rules defined
+// in the proto definition for this message. If any rules are violated, the
+// first error encountered is returned, or nil if there are no violations.
+func (m *RoutesConfigDump) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on RoutesConfigDump with the rules
+// defined in the proto definition for this message. If any rules are
+// violated, the result is a list of violation errors wrapped in
+// RoutesConfigDumpMultiError, or nil if none found.
+func (m *RoutesConfigDump) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *RoutesConfigDump) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	for idx, item := range m.GetStaticRouteConfigs() {
+		_, _ = idx, item
+
+		if all {
+			switch v := interface{}(item).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, RoutesConfigDumpValidationError{
+						field:  fmt.Sprintf("StaticRouteConfigs[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, RoutesConfigDumpValidationError{
+						field:  fmt.Sprintf("StaticRouteConfigs[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(item).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return RoutesConfigDumpValidationError{
+					field:  fmt.Sprintf("StaticRouteConfigs[%v]", idx),
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	}
+
+	for idx, item := range m.GetDynamicRouteConfigs() {
+		_, _ = idx, item
+
+		if all {
+			switch v := interface{}(item).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, RoutesConfigDumpValidationError{
+						field:  fmt.Sprintf("DynamicRouteConfigs[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, RoutesConfigDumpValidationError{
+						field:  fmt.Sprintf("DynamicRouteConfigs[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(item).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return RoutesConfigDumpValidationError{
+					field:  fmt.Sprintf("DynamicRouteConfigs[%v]", idx),
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	}
+
+	if len(errors) > 0 {
+		return RoutesConfigDumpMultiError(errors)
+	}
+	return nil
+}
+
+// RoutesConfigDumpMultiError is an error wrapping multiple validation errors
+// returned by RoutesConfigDump.ValidateAll() if the designated constraints
+// aren't met.
+type RoutesConfigDumpMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m RoutesConfigDumpMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m RoutesConfigDumpMultiError) AllErrors() []error { return m }
+
+// RoutesConfigDumpValidationError is the validation error returned by
+// RoutesConfigDump.Validate if the designated constraints aren't met.
+type RoutesConfigDumpValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e RoutesConfigDumpValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e RoutesConfigDumpValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e RoutesConfigDumpValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e RoutesConfigDumpValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e RoutesConfigDumpValidationError) ErrorName() string { return "RoutesConfigDumpValidationError" }
+
+// Error satisfies the builtin error interface
+func (e RoutesConfigDumpValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sRoutesConfigDump.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = RoutesConfigDumpValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = RoutesConfigDumpValidationError{}
+
+// Validate checks the field values on ScopedRoutesConfigDump with the rules
+// defined in the proto definition for this message. If any rules are
+// violated, the first error encountered is returned, or nil if there are no violations.
+func (m *ScopedRoutesConfigDump) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on ScopedRoutesConfigDump with the rules
+// defined in the proto definition for this message. If any rules are
+// violated, the result is a list of violation errors wrapped in
+// ScopedRoutesConfigDumpMultiError, or nil if none found.
+func (m *ScopedRoutesConfigDump) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *ScopedRoutesConfigDump) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	for idx, item := range m.GetInlineScopedRouteConfigs() {
+		_, _ = idx, item
+
+		if all {
+			switch v := interface{}(item).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, ScopedRoutesConfigDumpValidationError{
+						field:  fmt.Sprintf("InlineScopedRouteConfigs[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, ScopedRoutesConfigDumpValidationError{
+						field:  fmt.Sprintf("InlineScopedRouteConfigs[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(item).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return ScopedRoutesConfigDumpValidationError{
+					field:  fmt.Sprintf("InlineScopedRouteConfigs[%v]", idx),
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	}
+
+	for idx, item := range m.GetDynamicScopedRouteConfigs() {
+		_, _ = idx, item
+
+		if all {
+			switch v := interface{}(item).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, ScopedRoutesConfigDumpValidationError{
+						field:  fmt.Sprintf("DynamicScopedRouteConfigs[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, ScopedRoutesConfigDumpValidationError{
+						field:  fmt.Sprintf("DynamicScopedRouteConfigs[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(item).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return ScopedRoutesConfigDumpValidationError{
+					field:  fmt.Sprintf("DynamicScopedRouteConfigs[%v]", idx),
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	}
+
+	if len(errors) > 0 {
+		return ScopedRoutesConfigDumpMultiError(errors)
+	}
+	return nil
+}
+
+// ScopedRoutesConfigDumpMultiError is an error wrapping multiple validation
+// errors returned by ScopedRoutesConfigDump.ValidateAll() if the designated
+// constraints aren't met.
+type ScopedRoutesConfigDumpMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m ScopedRoutesConfigDumpMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m ScopedRoutesConfigDumpMultiError) AllErrors() []error { return m }
+
+// ScopedRoutesConfigDumpValidationError is the validation error returned by
+// ScopedRoutesConfigDump.Validate if the designated constraints aren't met.
+type ScopedRoutesConfigDumpValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e ScopedRoutesConfigDumpValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e ScopedRoutesConfigDumpValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e ScopedRoutesConfigDumpValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e ScopedRoutesConfigDumpValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e ScopedRoutesConfigDumpValidationError) ErrorName() string {
+	return "ScopedRoutesConfigDumpValidationError"
+}
+
+// Error satisfies the builtin error interface
+func (e ScopedRoutesConfigDumpValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sScopedRoutesConfigDump.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = ScopedRoutesConfigDumpValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = ScopedRoutesConfigDumpValidationError{}
+
+// Validate checks the field values on SecretsConfigDump with the rules defined
+// in the proto definition for this message. If any rules are violated, the
+// first error encountered is returned, or nil if there are no violations.
+func (m *SecretsConfigDump) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on SecretsConfigDump with the rules
+// defined in the proto definition for this message. If any rules are
+// violated, the result is a list of violation errors wrapped in
+// SecretsConfigDumpMultiError, or nil if none found.
+func (m *SecretsConfigDump) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *SecretsConfigDump) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	for idx, item := range m.GetStaticSecrets() {
+		_, _ = idx, item
+
+		if all {
+			switch v := interface{}(item).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, SecretsConfigDumpValidationError{
+						field:  fmt.Sprintf("StaticSecrets[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, SecretsConfigDumpValidationError{
+						field:  fmt.Sprintf("StaticSecrets[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(item).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return SecretsConfigDumpValidationError{
+					field:  fmt.Sprintf("StaticSecrets[%v]", idx),
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	}
+
+	for idx, item := range m.GetDynamicActiveSecrets() {
+		_, _ = idx, item
+
+		if all {
+			switch v := interface{}(item).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, SecretsConfigDumpValidationError{
+						field:  fmt.Sprintf("DynamicActiveSecrets[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, SecretsConfigDumpValidationError{
+						field:  fmt.Sprintf("DynamicActiveSecrets[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(item).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return SecretsConfigDumpValidationError{
+					field:  fmt.Sprintf("DynamicActiveSecrets[%v]", idx),
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	}
+
+	for idx, item := range m.GetDynamicWarmingSecrets() {
+		_, _ = idx, item
+
+		if all {
+			switch v := interface{}(item).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, SecretsConfigDumpValidationError{
+						field:  fmt.Sprintf("DynamicWarmingSecrets[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, SecretsConfigDumpValidationError{
+						field:  fmt.Sprintf("DynamicWarmingSecrets[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(item).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return SecretsConfigDumpValidationError{
+					field:  fmt.Sprintf("DynamicWarmingSecrets[%v]", idx),
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	}
+
+	if len(errors) > 0 {
+		return SecretsConfigDumpMultiError(errors)
+	}
+	return nil
+}
+
+// SecretsConfigDumpMultiError is an error wrapping multiple validation errors
+// returned by SecretsConfigDump.ValidateAll() if the designated constraints
+// aren't met.
+type SecretsConfigDumpMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m SecretsConfigDumpMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m SecretsConfigDumpMultiError) AllErrors() []error { return m }
+
+// SecretsConfigDumpValidationError is the validation error returned by
+// SecretsConfigDump.Validate if the designated constraints aren't met.
+type SecretsConfigDumpValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e SecretsConfigDumpValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e SecretsConfigDumpValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e SecretsConfigDumpValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e SecretsConfigDumpValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e SecretsConfigDumpValidationError) ErrorName() string {
+	return "SecretsConfigDumpValidationError"
+}
+
+// Error satisfies the builtin error interface
+func (e SecretsConfigDumpValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sSecretsConfigDump.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = SecretsConfigDumpValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = SecretsConfigDumpValidationError{}
+
+// Validate checks the field values on EndpointsConfigDump with the rules
+// defined in the proto definition for this message. If any rules are
+// violated, the first error encountered is returned, or nil if there are no violations.
+func (m *EndpointsConfigDump) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on EndpointsConfigDump with the rules
+// defined in the proto definition for this message. If any rules are
+// violated, the result is a list of violation errors wrapped in
+// EndpointsConfigDumpMultiError, or nil if none found.
+func (m *EndpointsConfigDump) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *EndpointsConfigDump) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	for idx, item := range m.GetStaticEndpointConfigs() {
+		_, _ = idx, item
+
+		if all {
+			switch v := interface{}(item).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, EndpointsConfigDumpValidationError{
+						field:  fmt.Sprintf("StaticEndpointConfigs[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, EndpointsConfigDumpValidationError{
+						field:  fmt.Sprintf("StaticEndpointConfigs[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(item).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return EndpointsConfigDumpValidationError{
+					field:  fmt.Sprintf("StaticEndpointConfigs[%v]", idx),
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	}
+
+	for idx, item := range m.GetDynamicEndpointConfigs() {
+		_, _ = idx, item
+
+		if all {
+			switch v := interface{}(item).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, EndpointsConfigDumpValidationError{
+						field:  fmt.Sprintf("DynamicEndpointConfigs[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, EndpointsConfigDumpValidationError{
+						field:  fmt.Sprintf("DynamicEndpointConfigs[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(item).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return EndpointsConfigDumpValidationError{
+					field:  fmt.Sprintf("DynamicEndpointConfigs[%v]", idx),
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	}
+
+	if len(errors) > 0 {
+		return EndpointsConfigDumpMultiError(errors)
+	}
+	return nil
+}
+
+// EndpointsConfigDumpMultiError is an error wrapping multiple validation
+// errors returned by EndpointsConfigDump.ValidateAll() if the designated
+// constraints aren't met.
+type EndpointsConfigDumpMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m EndpointsConfigDumpMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m EndpointsConfigDumpMultiError) AllErrors() []error { return m }
+
+// EndpointsConfigDumpValidationError is the validation error returned by
+// EndpointsConfigDump.Validate if the designated constraints aren't met.
+type EndpointsConfigDumpValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e EndpointsConfigDumpValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e EndpointsConfigDumpValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e EndpointsConfigDumpValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e EndpointsConfigDumpValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e EndpointsConfigDumpValidationError) ErrorName() string {
+	return "EndpointsConfigDumpValidationError"
+}
+
+// Error satisfies the builtin error interface
+func (e EndpointsConfigDumpValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sEndpointsConfigDump.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = EndpointsConfigDumpValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = EndpointsConfigDumpValidationError{}
+
+// Validate checks the field values on ListenersConfigDump_StaticListener with
+// the rules defined in the proto definition for this message. If any rules
+// are violated, the first error encountered is returned, or nil if there are
+// no violations.
+func (m *ListenersConfigDump_StaticListener) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on ListenersConfigDump_StaticListener
+// with the rules defined in the proto definition for this message. If any
+// rules are violated, the result is a list of violation errors wrapped in
+// ListenersConfigDump_StaticListenerMultiError, or nil if none found.
+func (m *ListenersConfigDump_StaticListener) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *ListenersConfigDump_StaticListener) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	if all {
+		switch v := interface{}(m.GetListener()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, ListenersConfigDump_StaticListenerValidationError{
+					field:  "Listener",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, ListenersConfigDump_StaticListenerValidationError{
+					field:  "Listener",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetListener()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return ListenersConfigDump_StaticListenerValidationError{
+				field:  "Listener",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if all {
+		switch v := interface{}(m.GetLastUpdated()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, ListenersConfigDump_StaticListenerValidationError{
+					field:  "LastUpdated",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, ListenersConfigDump_StaticListenerValidationError{
+					field:  "LastUpdated",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetLastUpdated()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return ListenersConfigDump_StaticListenerValidationError{
+				field:  "LastUpdated",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if len(errors) > 0 {
+		return ListenersConfigDump_StaticListenerMultiError(errors)
+	}
+	return nil
+}
+
+// ListenersConfigDump_StaticListenerMultiError is an error wrapping multiple
+// validation errors returned by
+// ListenersConfigDump_StaticListener.ValidateAll() if the designated
+// constraints aren't met.
+type ListenersConfigDump_StaticListenerMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m ListenersConfigDump_StaticListenerMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m ListenersConfigDump_StaticListenerMultiError) AllErrors() []error { return m }
+
+// ListenersConfigDump_StaticListenerValidationError is the validation error
+// returned by ListenersConfigDump_StaticListener.Validate if the designated
+// constraints aren't met.
+type ListenersConfigDump_StaticListenerValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e ListenersConfigDump_StaticListenerValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e ListenersConfigDump_StaticListenerValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e ListenersConfigDump_StaticListenerValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e ListenersConfigDump_StaticListenerValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e ListenersConfigDump_StaticListenerValidationError) ErrorName() string {
+	return "ListenersConfigDump_StaticListenerValidationError"
+}
+
+// Error satisfies the builtin error interface
+func (e ListenersConfigDump_StaticListenerValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sListenersConfigDump_StaticListener.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = ListenersConfigDump_StaticListenerValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = ListenersConfigDump_StaticListenerValidationError{}
+
+// Validate checks the field values on ListenersConfigDump_DynamicListenerState
+// with the rules defined in the proto definition for this message. If any
+// rules are violated, the first error encountered is returned, or nil if
+// there are no violations.
+func (m *ListenersConfigDump_DynamicListenerState) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on
+// ListenersConfigDump_DynamicListenerState with the rules defined in the
+// proto definition for this message. If any rules are violated, the result is
+// a list of violation errors wrapped in
+// ListenersConfigDump_DynamicListenerStateMultiError, or nil if none found.
+func (m *ListenersConfigDump_DynamicListenerState) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *ListenersConfigDump_DynamicListenerState) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	// no validation rules for VersionInfo
+
+	if all {
+		switch v := interface{}(m.GetListener()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, ListenersConfigDump_DynamicListenerStateValidationError{
+					field:  "Listener",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, ListenersConfigDump_DynamicListenerStateValidationError{
+					field:  "Listener",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetListener()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return ListenersConfigDump_DynamicListenerStateValidationError{
+				field:  "Listener",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if all {
+		switch v := interface{}(m.GetLastUpdated()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, ListenersConfigDump_DynamicListenerStateValidationError{
+					field:  "LastUpdated",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, ListenersConfigDump_DynamicListenerStateValidationError{
+					field:  "LastUpdated",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetLastUpdated()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return ListenersConfigDump_DynamicListenerStateValidationError{
+				field:  "LastUpdated",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if len(errors) > 0 {
+		return ListenersConfigDump_DynamicListenerStateMultiError(errors)
+	}
+	return nil
+}
+
+// ListenersConfigDump_DynamicListenerStateMultiError is an error wrapping
+// multiple validation errors returned by
+// ListenersConfigDump_DynamicListenerState.ValidateAll() if the designated
+// constraints aren't met.
+type ListenersConfigDump_DynamicListenerStateMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m ListenersConfigDump_DynamicListenerStateMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m ListenersConfigDump_DynamicListenerStateMultiError) AllErrors() []error { return m }
+
+// ListenersConfigDump_DynamicListenerStateValidationError is the validation
+// error returned by ListenersConfigDump_DynamicListenerState.Validate if the
+// designated constraints aren't met.
+type ListenersConfigDump_DynamicListenerStateValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e ListenersConfigDump_DynamicListenerStateValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e ListenersConfigDump_DynamicListenerStateValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e ListenersConfigDump_DynamicListenerStateValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e ListenersConfigDump_DynamicListenerStateValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e ListenersConfigDump_DynamicListenerStateValidationError) ErrorName() string {
+	return "ListenersConfigDump_DynamicListenerStateValidationError"
+}
+
+// Error satisfies the builtin error interface
+func (e ListenersConfigDump_DynamicListenerStateValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sListenersConfigDump_DynamicListenerState.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = ListenersConfigDump_DynamicListenerStateValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = ListenersConfigDump_DynamicListenerStateValidationError{}
+
+// Validate checks the field values on ListenersConfigDump_DynamicListener with
+// the rules defined in the proto definition for this message. If any rules
+// are violated, the first error encountered is returned, or nil if there are
+// no violations.
+func (m *ListenersConfigDump_DynamicListener) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on ListenersConfigDump_DynamicListener
+// with the rules defined in the proto definition for this message. If any
+// rules are violated, the result is a list of violation errors wrapped in
+// ListenersConfigDump_DynamicListenerMultiError, or nil if none found.
+func (m *ListenersConfigDump_DynamicListener) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *ListenersConfigDump_DynamicListener) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	// no validation rules for Name
+
+	if all {
+		switch v := interface{}(m.GetActiveState()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, ListenersConfigDump_DynamicListenerValidationError{
+					field:  "ActiveState",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, ListenersConfigDump_DynamicListenerValidationError{
+					field:  "ActiveState",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetActiveState()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return ListenersConfigDump_DynamicListenerValidationError{
+				field:  "ActiveState",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if all {
+		switch v := interface{}(m.GetWarmingState()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, ListenersConfigDump_DynamicListenerValidationError{
+					field:  "WarmingState",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, ListenersConfigDump_DynamicListenerValidationError{
+					field:  "WarmingState",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetWarmingState()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return ListenersConfigDump_DynamicListenerValidationError{
+				field:  "WarmingState",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if all {
+		switch v := interface{}(m.GetDrainingState()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, ListenersConfigDump_DynamicListenerValidationError{
+					field:  "DrainingState",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, ListenersConfigDump_DynamicListenerValidationError{
+					field:  "DrainingState",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetDrainingState()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return ListenersConfigDump_DynamicListenerValidationError{
+				field:  "DrainingState",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if all {
+		switch v := interface{}(m.GetErrorState()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, ListenersConfigDump_DynamicListenerValidationError{
+					field:  "ErrorState",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, ListenersConfigDump_DynamicListenerValidationError{
+					field:  "ErrorState",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetErrorState()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return ListenersConfigDump_DynamicListenerValidationError{
+				field:  "ErrorState",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	// no validation rules for ClientStatus
+
+	if len(errors) > 0 {
+		return ListenersConfigDump_DynamicListenerMultiError(errors)
+	}
+	return nil
+}
+
+// ListenersConfigDump_DynamicListenerMultiError is an error wrapping multiple
+// validation errors returned by
+// ListenersConfigDump_DynamicListener.ValidateAll() if the designated
+// constraints aren't met.
+type ListenersConfigDump_DynamicListenerMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m ListenersConfigDump_DynamicListenerMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m ListenersConfigDump_DynamicListenerMultiError) AllErrors() []error { return m }
+
+// ListenersConfigDump_DynamicListenerValidationError is the validation error
+// returned by ListenersConfigDump_DynamicListener.Validate if the designated
+// constraints aren't met.
+type ListenersConfigDump_DynamicListenerValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e ListenersConfigDump_DynamicListenerValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e ListenersConfigDump_DynamicListenerValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e ListenersConfigDump_DynamicListenerValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e ListenersConfigDump_DynamicListenerValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e ListenersConfigDump_DynamicListenerValidationError) ErrorName() string {
+	return "ListenersConfigDump_DynamicListenerValidationError"
+}
+
+// Error satisfies the builtin error interface
+func (e ListenersConfigDump_DynamicListenerValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sListenersConfigDump_DynamicListener.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = ListenersConfigDump_DynamicListenerValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = ListenersConfigDump_DynamicListenerValidationError{}
+
+// Validate checks the field values on ClustersConfigDump_StaticCluster with
+// the rules defined in the proto definition for this message. If any rules
+// are violated, the first error encountered is returned, or nil if there are
+// no violations.
+func (m *ClustersConfigDump_StaticCluster) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on ClustersConfigDump_StaticCluster with
+// the rules defined in the proto definition for this message. If any rules
+// are violated, the result is a list of violation errors wrapped in
+// ClustersConfigDump_StaticClusterMultiError, or nil if none found.
+func (m *ClustersConfigDump_StaticCluster) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *ClustersConfigDump_StaticCluster) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	if all {
+		switch v := interface{}(m.GetCluster()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, ClustersConfigDump_StaticClusterValidationError{
+					field:  "Cluster",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, ClustersConfigDump_StaticClusterValidationError{
+					field:  "Cluster",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetCluster()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return ClustersConfigDump_StaticClusterValidationError{
+				field:  "Cluster",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if all {
+		switch v := interface{}(m.GetLastUpdated()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, ClustersConfigDump_StaticClusterValidationError{
+					field:  "LastUpdated",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, ClustersConfigDump_StaticClusterValidationError{
+					field:  "LastUpdated",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetLastUpdated()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return ClustersConfigDump_StaticClusterValidationError{
+				field:  "LastUpdated",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if len(errors) > 0 {
+		return ClustersConfigDump_StaticClusterMultiError(errors)
+	}
+	return nil
+}
+
+// ClustersConfigDump_StaticClusterMultiError is an error wrapping multiple
+// validation errors returned by
+// ClustersConfigDump_StaticCluster.ValidateAll() if the designated
+// constraints aren't met.
+type ClustersConfigDump_StaticClusterMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m ClustersConfigDump_StaticClusterMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m ClustersConfigDump_StaticClusterMultiError) AllErrors() []error { return m }
+
+// ClustersConfigDump_StaticClusterValidationError is the validation error
+// returned by ClustersConfigDump_StaticCluster.Validate if the designated
+// constraints aren't met.
+type ClustersConfigDump_StaticClusterValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e ClustersConfigDump_StaticClusterValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e ClustersConfigDump_StaticClusterValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e ClustersConfigDump_StaticClusterValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e ClustersConfigDump_StaticClusterValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e ClustersConfigDump_StaticClusterValidationError) ErrorName() string {
+	return "ClustersConfigDump_StaticClusterValidationError"
+}
+
+// Error satisfies the builtin error interface
+func (e ClustersConfigDump_StaticClusterValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sClustersConfigDump_StaticCluster.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = ClustersConfigDump_StaticClusterValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = ClustersConfigDump_StaticClusterValidationError{}
+
+// Validate checks the field values on ClustersConfigDump_DynamicCluster with
+// the rules defined in the proto definition for this message. If any rules
+// are violated, the first error encountered is returned, or nil if there are
+// no violations.
+func (m *ClustersConfigDump_DynamicCluster) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on ClustersConfigDump_DynamicCluster
+// with the rules defined in the proto definition for this message. If any
+// rules are violated, the result is a list of violation errors wrapped in
+// ClustersConfigDump_DynamicClusterMultiError, or nil if none found.
+func (m *ClustersConfigDump_DynamicCluster) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *ClustersConfigDump_DynamicCluster) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	// no validation rules for VersionInfo
+
+	if all {
+		switch v := interface{}(m.GetCluster()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, ClustersConfigDump_DynamicClusterValidationError{
+					field:  "Cluster",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, ClustersConfigDump_DynamicClusterValidationError{
+					field:  "Cluster",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetCluster()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return ClustersConfigDump_DynamicClusterValidationError{
+				field:  "Cluster",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if all {
+		switch v := interface{}(m.GetLastUpdated()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, ClustersConfigDump_DynamicClusterValidationError{
+					field:  "LastUpdated",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, ClustersConfigDump_DynamicClusterValidationError{
+					field:  "LastUpdated",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetLastUpdated()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return ClustersConfigDump_DynamicClusterValidationError{
+				field:  "LastUpdated",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if all {
+		switch v := interface{}(m.GetErrorState()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, ClustersConfigDump_DynamicClusterValidationError{
+					field:  "ErrorState",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, ClustersConfigDump_DynamicClusterValidationError{
+					field:  "ErrorState",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetErrorState()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return ClustersConfigDump_DynamicClusterValidationError{
+				field:  "ErrorState",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	// no validation rules for ClientStatus
+
+	if len(errors) > 0 {
+		return ClustersConfigDump_DynamicClusterMultiError(errors)
+	}
+	return nil
+}
+
+// ClustersConfigDump_DynamicClusterMultiError is an error wrapping multiple
+// validation errors returned by
+// ClustersConfigDump_DynamicCluster.ValidateAll() if the designated
+// constraints aren't met.
+type ClustersConfigDump_DynamicClusterMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m ClustersConfigDump_DynamicClusterMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m ClustersConfigDump_DynamicClusterMultiError) AllErrors() []error { return m }
+
+// ClustersConfigDump_DynamicClusterValidationError is the validation error
+// returned by ClustersConfigDump_DynamicCluster.Validate if the designated
+// constraints aren't met.
+type ClustersConfigDump_DynamicClusterValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e ClustersConfigDump_DynamicClusterValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e ClustersConfigDump_DynamicClusterValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e ClustersConfigDump_DynamicClusterValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e ClustersConfigDump_DynamicClusterValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e ClustersConfigDump_DynamicClusterValidationError) ErrorName() string {
+	return "ClustersConfigDump_DynamicClusterValidationError"
+}
+
+// Error satisfies the builtin error interface
+func (e ClustersConfigDump_DynamicClusterValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sClustersConfigDump_DynamicCluster.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = ClustersConfigDump_DynamicClusterValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = ClustersConfigDump_DynamicClusterValidationError{}
+
+// Validate checks the field values on RoutesConfigDump_StaticRouteConfig with
+// the rules defined in the proto definition for this message. If any rules
+// are violated, the first error encountered is returned, or nil if there are
+// no violations.
+func (m *RoutesConfigDump_StaticRouteConfig) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on RoutesConfigDump_StaticRouteConfig
+// with the rules defined in the proto definition for this message. If any
+// rules are violated, the result is a list of violation errors wrapped in
+// RoutesConfigDump_StaticRouteConfigMultiError, or nil if none found.
+func (m *RoutesConfigDump_StaticRouteConfig) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *RoutesConfigDump_StaticRouteConfig) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	if all {
+		switch v := interface{}(m.GetRouteConfig()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, RoutesConfigDump_StaticRouteConfigValidationError{
+					field:  "RouteConfig",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, RoutesConfigDump_StaticRouteConfigValidationError{
+					field:  "RouteConfig",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetRouteConfig()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return RoutesConfigDump_StaticRouteConfigValidationError{
+				field:  "RouteConfig",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if all {
+		switch v := interface{}(m.GetLastUpdated()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, RoutesConfigDump_StaticRouteConfigValidationError{
+					field:  "LastUpdated",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, RoutesConfigDump_StaticRouteConfigValidationError{
+					field:  "LastUpdated",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetLastUpdated()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return RoutesConfigDump_StaticRouteConfigValidationError{
+				field:  "LastUpdated",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if len(errors) > 0 {
+		return RoutesConfigDump_StaticRouteConfigMultiError(errors)
+	}
+	return nil
+}
+
+// RoutesConfigDump_StaticRouteConfigMultiError is an error wrapping multiple
+// validation errors returned by
+// RoutesConfigDump_StaticRouteConfig.ValidateAll() if the designated
+// constraints aren't met.
+type RoutesConfigDump_StaticRouteConfigMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m RoutesConfigDump_StaticRouteConfigMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m RoutesConfigDump_StaticRouteConfigMultiError) AllErrors() []error { return m }
+
+// RoutesConfigDump_StaticRouteConfigValidationError is the validation error
+// returned by RoutesConfigDump_StaticRouteConfig.Validate if the designated
+// constraints aren't met.
+type RoutesConfigDump_StaticRouteConfigValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e RoutesConfigDump_StaticRouteConfigValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e RoutesConfigDump_StaticRouteConfigValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e RoutesConfigDump_StaticRouteConfigValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e RoutesConfigDump_StaticRouteConfigValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e RoutesConfigDump_StaticRouteConfigValidationError) ErrorName() string {
+	return "RoutesConfigDump_StaticRouteConfigValidationError"
+}
+
+// Error satisfies the builtin error interface
+func (e RoutesConfigDump_StaticRouteConfigValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sRoutesConfigDump_StaticRouteConfig.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = RoutesConfigDump_StaticRouteConfigValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = RoutesConfigDump_StaticRouteConfigValidationError{}
+
+// Validate checks the field values on RoutesConfigDump_DynamicRouteConfig with
+// the rules defined in the proto definition for this message. If any rules
+// are violated, the first error encountered is returned, or nil if there are
+// no violations.
+func (m *RoutesConfigDump_DynamicRouteConfig) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on RoutesConfigDump_DynamicRouteConfig
+// with the rules defined in the proto definition for this message. If any
+// rules are violated, the result is a list of violation errors wrapped in
+// RoutesConfigDump_DynamicRouteConfigMultiError, or nil if none found.
+func (m *RoutesConfigDump_DynamicRouteConfig) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *RoutesConfigDump_DynamicRouteConfig) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	// no validation rules for VersionInfo
+
+	if all {
+		switch v := interface{}(m.GetRouteConfig()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, RoutesConfigDump_DynamicRouteConfigValidationError{
+					field:  "RouteConfig",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, RoutesConfigDump_DynamicRouteConfigValidationError{
+					field:  "RouteConfig",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetRouteConfig()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return RoutesConfigDump_DynamicRouteConfigValidationError{
+				field:  "RouteConfig",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if all {
+		switch v := interface{}(m.GetLastUpdated()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, RoutesConfigDump_DynamicRouteConfigValidationError{
+					field:  "LastUpdated",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, RoutesConfigDump_DynamicRouteConfigValidationError{
+					field:  "LastUpdated",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetLastUpdated()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return RoutesConfigDump_DynamicRouteConfigValidationError{
+				field:  "LastUpdated",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if all {
+		switch v := interface{}(m.GetErrorState()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, RoutesConfigDump_DynamicRouteConfigValidationError{
+					field:  "ErrorState",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, RoutesConfigDump_DynamicRouteConfigValidationError{
+					field:  "ErrorState",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetErrorState()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return RoutesConfigDump_DynamicRouteConfigValidationError{
+				field:  "ErrorState",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	// no validation rules for ClientStatus
+
+	if len(errors) > 0 {
+		return RoutesConfigDump_DynamicRouteConfigMultiError(errors)
+	}
+	return nil
+}
+
+// RoutesConfigDump_DynamicRouteConfigMultiError is an error wrapping multiple
+// validation errors returned by
+// RoutesConfigDump_DynamicRouteConfig.ValidateAll() if the designated
+// constraints aren't met.
+type RoutesConfigDump_DynamicRouteConfigMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m RoutesConfigDump_DynamicRouteConfigMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m RoutesConfigDump_DynamicRouteConfigMultiError) AllErrors() []error { return m }
+
+// RoutesConfigDump_DynamicRouteConfigValidationError is the validation error
+// returned by RoutesConfigDump_DynamicRouteConfig.Validate if the designated
+// constraints aren't met.
+type RoutesConfigDump_DynamicRouteConfigValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e RoutesConfigDump_DynamicRouteConfigValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e RoutesConfigDump_DynamicRouteConfigValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e RoutesConfigDump_DynamicRouteConfigValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e RoutesConfigDump_DynamicRouteConfigValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e RoutesConfigDump_DynamicRouteConfigValidationError) ErrorName() string {
+	return "RoutesConfigDump_DynamicRouteConfigValidationError"
+}
+
+// Error satisfies the builtin error interface
+func (e RoutesConfigDump_DynamicRouteConfigValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sRoutesConfigDump_DynamicRouteConfig.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = RoutesConfigDump_DynamicRouteConfigValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = RoutesConfigDump_DynamicRouteConfigValidationError{}
+
+// Validate checks the field values on
+// ScopedRoutesConfigDump_InlineScopedRouteConfigs with the rules defined in
+// the proto definition for this message. If any rules are violated, the first
+// error encountered is returned, or nil if there are no violations.
+func (m *ScopedRoutesConfigDump_InlineScopedRouteConfigs) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on
+// ScopedRoutesConfigDump_InlineScopedRouteConfigs with the rules defined in
+// the proto definition for this message. If any rules are violated, the
+// result is a list of violation errors wrapped in
+// ScopedRoutesConfigDump_InlineScopedRouteConfigsMultiError, or nil if none found.
+func (m *ScopedRoutesConfigDump_InlineScopedRouteConfigs) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *ScopedRoutesConfigDump_InlineScopedRouteConfigs) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	// no validation rules for Name
+
+	for idx, item := range m.GetScopedRouteConfigs() {
+		_, _ = idx, item
+
+		if all {
+			switch v := interface{}(item).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, ScopedRoutesConfigDump_InlineScopedRouteConfigsValidationError{
+						field:  fmt.Sprintf("ScopedRouteConfigs[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, ScopedRoutesConfigDump_InlineScopedRouteConfigsValidationError{
+						field:  fmt.Sprintf("ScopedRouteConfigs[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(item).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return ScopedRoutesConfigDump_InlineScopedRouteConfigsValidationError{
+					field:  fmt.Sprintf("ScopedRouteConfigs[%v]", idx),
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	}
+
+	if all {
+		switch v := interface{}(m.GetLastUpdated()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, ScopedRoutesConfigDump_InlineScopedRouteConfigsValidationError{
+					field:  "LastUpdated",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, ScopedRoutesConfigDump_InlineScopedRouteConfigsValidationError{
+					field:  "LastUpdated",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetLastUpdated()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return ScopedRoutesConfigDump_InlineScopedRouteConfigsValidationError{
+				field:  "LastUpdated",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if len(errors) > 0 {
+		return ScopedRoutesConfigDump_InlineScopedRouteConfigsMultiError(errors)
+	}
+	return nil
+}
+
+// ScopedRoutesConfigDump_InlineScopedRouteConfigsMultiError is an error
+// wrapping multiple validation errors returned by
+// ScopedRoutesConfigDump_InlineScopedRouteConfigs.ValidateAll() if the
+// designated constraints aren't met.
+type ScopedRoutesConfigDump_InlineScopedRouteConfigsMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m ScopedRoutesConfigDump_InlineScopedRouteConfigsMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m ScopedRoutesConfigDump_InlineScopedRouteConfigsMultiError) AllErrors() []error { return m }
+
+// ScopedRoutesConfigDump_InlineScopedRouteConfigsValidationError is the
+// validation error returned by
+// ScopedRoutesConfigDump_InlineScopedRouteConfigs.Validate if the designated
+// constraints aren't met.
+type ScopedRoutesConfigDump_InlineScopedRouteConfigsValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e ScopedRoutesConfigDump_InlineScopedRouteConfigsValidationError) Field() string {
+	return e.field
+}
+
+// Reason function returns reason value.
+func (e ScopedRoutesConfigDump_InlineScopedRouteConfigsValidationError) Reason() string {
+	return e.reason
+}
+
+// Cause function returns cause value.
+func (e ScopedRoutesConfigDump_InlineScopedRouteConfigsValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e ScopedRoutesConfigDump_InlineScopedRouteConfigsValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e ScopedRoutesConfigDump_InlineScopedRouteConfigsValidationError) ErrorName() string {
+	return "ScopedRoutesConfigDump_InlineScopedRouteConfigsValidationError"
+}
+
+// Error satisfies the builtin error interface
+func (e ScopedRoutesConfigDump_InlineScopedRouteConfigsValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sScopedRoutesConfigDump_InlineScopedRouteConfigs.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = ScopedRoutesConfigDump_InlineScopedRouteConfigsValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = ScopedRoutesConfigDump_InlineScopedRouteConfigsValidationError{}
+
+// Validate checks the field values on
+// ScopedRoutesConfigDump_DynamicScopedRouteConfigs with the rules defined in
+// the proto definition for this message. If any rules are violated, the first
+// error encountered is returned, or nil if there are no violations.
+func (m *ScopedRoutesConfigDump_DynamicScopedRouteConfigs) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on
+// ScopedRoutesConfigDump_DynamicScopedRouteConfigs with the rules defined in
+// the proto definition for this message. If any rules are violated, the
+// result is a list of violation errors wrapped in
+// ScopedRoutesConfigDump_DynamicScopedRouteConfigsMultiError, or nil if none found.
+func (m *ScopedRoutesConfigDump_DynamicScopedRouteConfigs) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *ScopedRoutesConfigDump_DynamicScopedRouteConfigs) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	// no validation rules for Name
+
+	// no validation rules for VersionInfo
+
+	for idx, item := range m.GetScopedRouteConfigs() {
+		_, _ = idx, item
+
+		if all {
+			switch v := interface{}(item).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, ScopedRoutesConfigDump_DynamicScopedRouteConfigsValidationError{
+						field:  fmt.Sprintf("ScopedRouteConfigs[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, ScopedRoutesConfigDump_DynamicScopedRouteConfigsValidationError{
+						field:  fmt.Sprintf("ScopedRouteConfigs[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(item).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return ScopedRoutesConfigDump_DynamicScopedRouteConfigsValidationError{
+					field:  fmt.Sprintf("ScopedRouteConfigs[%v]", idx),
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	}
+
+	if all {
+		switch v := interface{}(m.GetLastUpdated()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, ScopedRoutesConfigDump_DynamicScopedRouteConfigsValidationError{
+					field:  "LastUpdated",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, ScopedRoutesConfigDump_DynamicScopedRouteConfigsValidationError{
+					field:  "LastUpdated",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetLastUpdated()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return ScopedRoutesConfigDump_DynamicScopedRouteConfigsValidationError{
+				field:  "LastUpdated",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if all {
+		switch v := interface{}(m.GetErrorState()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, ScopedRoutesConfigDump_DynamicScopedRouteConfigsValidationError{
+					field:  "ErrorState",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, ScopedRoutesConfigDump_DynamicScopedRouteConfigsValidationError{
+					field:  "ErrorState",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetErrorState()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return ScopedRoutesConfigDump_DynamicScopedRouteConfigsValidationError{
+				field:  "ErrorState",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	// no validation rules for ClientStatus
+
+	if len(errors) > 0 {
+		return ScopedRoutesConfigDump_DynamicScopedRouteConfigsMultiError(errors)
+	}
+	return nil
+}
+
+// ScopedRoutesConfigDump_DynamicScopedRouteConfigsMultiError is an error
+// wrapping multiple validation errors returned by
+// ScopedRoutesConfigDump_DynamicScopedRouteConfigs.ValidateAll() if the
+// designated constraints aren't met.
+type ScopedRoutesConfigDump_DynamicScopedRouteConfigsMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m ScopedRoutesConfigDump_DynamicScopedRouteConfigsMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m ScopedRoutesConfigDump_DynamicScopedRouteConfigsMultiError) AllErrors() []error { return m }
+
+// ScopedRoutesConfigDump_DynamicScopedRouteConfigsValidationError is the
+// validation error returned by
+// ScopedRoutesConfigDump_DynamicScopedRouteConfigs.Validate if the designated
+// constraints aren't met.
+type ScopedRoutesConfigDump_DynamicScopedRouteConfigsValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e ScopedRoutesConfigDump_DynamicScopedRouteConfigsValidationError) Field() string {
+	return e.field
+}
+
+// Reason function returns reason value.
+func (e ScopedRoutesConfigDump_DynamicScopedRouteConfigsValidationError) Reason() string {
+	return e.reason
+}
+
+// Cause function returns cause value.
+func (e ScopedRoutesConfigDump_DynamicScopedRouteConfigsValidationError) Cause() error {
+	return e.cause
+}
+
+// Key function returns key value.
+func (e ScopedRoutesConfigDump_DynamicScopedRouteConfigsValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e ScopedRoutesConfigDump_DynamicScopedRouteConfigsValidationError) ErrorName() string {
+	return "ScopedRoutesConfigDump_DynamicScopedRouteConfigsValidationError"
+}
+
+// Error satisfies the builtin error interface
+func (e ScopedRoutesConfigDump_DynamicScopedRouteConfigsValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sScopedRoutesConfigDump_DynamicScopedRouteConfigs.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = ScopedRoutesConfigDump_DynamicScopedRouteConfigsValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = ScopedRoutesConfigDump_DynamicScopedRouteConfigsValidationError{}
+
+// Validate checks the field values on SecretsConfigDump_DynamicSecret with the
+// rules defined in the proto definition for this message. If any rules are
+// violated, the first error encountered is returned, or nil if there are no violations.
+func (m *SecretsConfigDump_DynamicSecret) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on SecretsConfigDump_DynamicSecret with
+// the rules defined in the proto definition for this message. If any rules
+// are violated, the result is a list of violation errors wrapped in
+// SecretsConfigDump_DynamicSecretMultiError, or nil if none found.
+func (m *SecretsConfigDump_DynamicSecret) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *SecretsConfigDump_DynamicSecret) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	// no validation rules for Name
+
+	// no validation rules for VersionInfo
+
+	if all {
+		switch v := interface{}(m.GetLastUpdated()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, SecretsConfigDump_DynamicSecretValidationError{
+					field:  "LastUpdated",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, SecretsConfigDump_DynamicSecretValidationError{
+					field:  "LastUpdated",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetLastUpdated()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return SecretsConfigDump_DynamicSecretValidationError{
+				field:  "LastUpdated",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if all {
+		switch v := interface{}(m.GetSecret()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, SecretsConfigDump_DynamicSecretValidationError{
+					field:  "Secret",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, SecretsConfigDump_DynamicSecretValidationError{
+					field:  "Secret",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetSecret()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return SecretsConfigDump_DynamicSecretValidationError{
+				field:  "Secret",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if all {
+		switch v := interface{}(m.GetErrorState()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, SecretsConfigDump_DynamicSecretValidationError{
+					field:  "ErrorState",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, SecretsConfigDump_DynamicSecretValidationError{
+					field:  "ErrorState",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetErrorState()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return SecretsConfigDump_DynamicSecretValidationError{
+				field:  "ErrorState",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	// no validation rules for ClientStatus
+
+	if len(errors) > 0 {
+		return SecretsConfigDump_DynamicSecretMultiError(errors)
+	}
+	return nil
+}
+
+// SecretsConfigDump_DynamicSecretMultiError is an error wrapping multiple
+// validation errors returned by SecretsConfigDump_DynamicSecret.ValidateAll()
+// if the designated constraints aren't met.
+type SecretsConfigDump_DynamicSecretMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m SecretsConfigDump_DynamicSecretMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m SecretsConfigDump_DynamicSecretMultiError) AllErrors() []error { return m }
+
+// SecretsConfigDump_DynamicSecretValidationError is the validation error
+// returned by SecretsConfigDump_DynamicSecret.Validate if the designated
+// constraints aren't met.
+type SecretsConfigDump_DynamicSecretValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e SecretsConfigDump_DynamicSecretValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e SecretsConfigDump_DynamicSecretValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e SecretsConfigDump_DynamicSecretValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e SecretsConfigDump_DynamicSecretValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e SecretsConfigDump_DynamicSecretValidationError) ErrorName() string {
+	return "SecretsConfigDump_DynamicSecretValidationError"
+}
+
+// Error satisfies the builtin error interface
+func (e SecretsConfigDump_DynamicSecretValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sSecretsConfigDump_DynamicSecret.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = SecretsConfigDump_DynamicSecretValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = SecretsConfigDump_DynamicSecretValidationError{}
+
+// Validate checks the field values on SecretsConfigDump_StaticSecret with the
+// rules defined in the proto definition for this message. If any rules are
+// violated, the first error encountered is returned, or nil if there are no violations.
+func (m *SecretsConfigDump_StaticSecret) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on SecretsConfigDump_StaticSecret with
+// the rules defined in the proto definition for this message. If any rules
+// are violated, the result is a list of violation errors wrapped in
+// SecretsConfigDump_StaticSecretMultiError, or nil if none found.
+func (m *SecretsConfigDump_StaticSecret) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *SecretsConfigDump_StaticSecret) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	// no validation rules for Name
+
+	if all {
+		switch v := interface{}(m.GetLastUpdated()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, SecretsConfigDump_StaticSecretValidationError{
+					field:  "LastUpdated",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, SecretsConfigDump_StaticSecretValidationError{
+					field:  "LastUpdated",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetLastUpdated()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return SecretsConfigDump_StaticSecretValidationError{
+				field:  "LastUpdated",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if all {
+		switch v := interface{}(m.GetSecret()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, SecretsConfigDump_StaticSecretValidationError{
+					field:  "Secret",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, SecretsConfigDump_StaticSecretValidationError{
+					field:  "Secret",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetSecret()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return SecretsConfigDump_StaticSecretValidationError{
+				field:  "Secret",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if len(errors) > 0 {
+		return SecretsConfigDump_StaticSecretMultiError(errors)
+	}
+	return nil
+}
+
+// SecretsConfigDump_StaticSecretMultiError is an error wrapping multiple
+// validation errors returned by SecretsConfigDump_StaticSecret.ValidateAll()
+// if the designated constraints aren't met.
+type SecretsConfigDump_StaticSecretMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m SecretsConfigDump_StaticSecretMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m SecretsConfigDump_StaticSecretMultiError) AllErrors() []error { return m }
+
+// SecretsConfigDump_StaticSecretValidationError is the validation error
+// returned by SecretsConfigDump_StaticSecret.Validate if the designated
+// constraints aren't met.
+type SecretsConfigDump_StaticSecretValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e SecretsConfigDump_StaticSecretValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e SecretsConfigDump_StaticSecretValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e SecretsConfigDump_StaticSecretValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e SecretsConfigDump_StaticSecretValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e SecretsConfigDump_StaticSecretValidationError) ErrorName() string {
+	return "SecretsConfigDump_StaticSecretValidationError"
+}
+
+// Error satisfies the builtin error interface
+func (e SecretsConfigDump_StaticSecretValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sSecretsConfigDump_StaticSecret.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = SecretsConfigDump_StaticSecretValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = SecretsConfigDump_StaticSecretValidationError{}
+
+// Validate checks the field values on EndpointsConfigDump_StaticEndpointConfig
+// with the rules defined in the proto definition for this message. If any
+// rules are violated, the first error encountered is returned, or nil if
+// there are no violations.
+func (m *EndpointsConfigDump_StaticEndpointConfig) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on
+// EndpointsConfigDump_StaticEndpointConfig with the rules defined in the
+// proto definition for this message. If any rules are violated, the result is
+// a list of violation errors wrapped in
+// EndpointsConfigDump_StaticEndpointConfigMultiError, or nil if none found.
+func (m *EndpointsConfigDump_StaticEndpointConfig) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *EndpointsConfigDump_StaticEndpointConfig) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	if all {
+		switch v := interface{}(m.GetEndpointConfig()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, EndpointsConfigDump_StaticEndpointConfigValidationError{
+					field:  "EndpointConfig",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, EndpointsConfigDump_StaticEndpointConfigValidationError{
+					field:  "EndpointConfig",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetEndpointConfig()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return EndpointsConfigDump_StaticEndpointConfigValidationError{
+				field:  "EndpointConfig",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if all {
+		switch v := interface{}(m.GetLastUpdated()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, EndpointsConfigDump_StaticEndpointConfigValidationError{
+					field:  "LastUpdated",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, EndpointsConfigDump_StaticEndpointConfigValidationError{
+					field:  "LastUpdated",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetLastUpdated()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return EndpointsConfigDump_StaticEndpointConfigValidationError{
+				field:  "LastUpdated",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if len(errors) > 0 {
+		return EndpointsConfigDump_StaticEndpointConfigMultiError(errors)
+	}
+	return nil
+}
+
+// EndpointsConfigDump_StaticEndpointConfigMultiError is an error wrapping
+// multiple validation errors returned by
+// EndpointsConfigDump_StaticEndpointConfig.ValidateAll() if the designated
+// constraints aren't met.
+type EndpointsConfigDump_StaticEndpointConfigMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m EndpointsConfigDump_StaticEndpointConfigMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m EndpointsConfigDump_StaticEndpointConfigMultiError) AllErrors() []error { return m }
+
+// EndpointsConfigDump_StaticEndpointConfigValidationError is the validation
+// error returned by EndpointsConfigDump_StaticEndpointConfig.Validate if the
+// designated constraints aren't met.
+type EndpointsConfigDump_StaticEndpointConfigValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e EndpointsConfigDump_StaticEndpointConfigValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e EndpointsConfigDump_StaticEndpointConfigValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e EndpointsConfigDump_StaticEndpointConfigValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e EndpointsConfigDump_StaticEndpointConfigValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e EndpointsConfigDump_StaticEndpointConfigValidationError) ErrorName() string {
+	return "EndpointsConfigDump_StaticEndpointConfigValidationError"
+}
+
+// Error satisfies the builtin error interface
+func (e EndpointsConfigDump_StaticEndpointConfigValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sEndpointsConfigDump_StaticEndpointConfig.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = EndpointsConfigDump_StaticEndpointConfigValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = EndpointsConfigDump_StaticEndpointConfigValidationError{}
+
+// Validate checks the field values on
+// EndpointsConfigDump_DynamicEndpointConfig with the rules defined in the
+// proto definition for this message. If any rules are violated, the first
+// error encountered is returned, or nil if there are no violations.
+func (m *EndpointsConfigDump_DynamicEndpointConfig) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on
+// EndpointsConfigDump_DynamicEndpointConfig with the rules defined in the
+// proto definition for this message. If any rules are violated, the result is
+// a list of violation errors wrapped in
+// EndpointsConfigDump_DynamicEndpointConfigMultiError, or nil if none found.
+func (m *EndpointsConfigDump_DynamicEndpointConfig) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *EndpointsConfigDump_DynamicEndpointConfig) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	// no validation rules for VersionInfo
+
+	if all {
+		switch v := interface{}(m.GetEndpointConfig()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, EndpointsConfigDump_DynamicEndpointConfigValidationError{
+					field:  "EndpointConfig",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, EndpointsConfigDump_DynamicEndpointConfigValidationError{
+					field:  "EndpointConfig",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetEndpointConfig()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return EndpointsConfigDump_DynamicEndpointConfigValidationError{
+				field:  "EndpointConfig",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if all {
+		switch v := interface{}(m.GetLastUpdated()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, EndpointsConfigDump_DynamicEndpointConfigValidationError{
+					field:  "LastUpdated",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, EndpointsConfigDump_DynamicEndpointConfigValidationError{
+					field:  "LastUpdated",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetLastUpdated()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return EndpointsConfigDump_DynamicEndpointConfigValidationError{
+				field:  "LastUpdated",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if all {
+		switch v := interface{}(m.GetErrorState()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, EndpointsConfigDump_DynamicEndpointConfigValidationError{
+					field:  "ErrorState",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, EndpointsConfigDump_DynamicEndpointConfigValidationError{
+					field:  "ErrorState",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetErrorState()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return EndpointsConfigDump_DynamicEndpointConfigValidationError{
+				field:  "ErrorState",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	// no validation rules for ClientStatus
+
+	if len(errors) > 0 {
+		return EndpointsConfigDump_DynamicEndpointConfigMultiError(errors)
+	}
+	return nil
+}
+
+// EndpointsConfigDump_DynamicEndpointConfigMultiError is an error wrapping
+// multiple validation errors returned by
+// EndpointsConfigDump_DynamicEndpointConfig.ValidateAll() if the designated
+// constraints aren't met.
+type EndpointsConfigDump_DynamicEndpointConfigMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m EndpointsConfigDump_DynamicEndpointConfigMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m EndpointsConfigDump_DynamicEndpointConfigMultiError) AllErrors() []error { return m }
+
+// EndpointsConfigDump_DynamicEndpointConfigValidationError is the validation
+// error returned by EndpointsConfigDump_DynamicEndpointConfig.Validate if the
+// designated constraints aren't met.
+type EndpointsConfigDump_DynamicEndpointConfigValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e EndpointsConfigDump_DynamicEndpointConfigValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e EndpointsConfigDump_DynamicEndpointConfigValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e EndpointsConfigDump_DynamicEndpointConfigValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e EndpointsConfigDump_DynamicEndpointConfigValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e EndpointsConfigDump_DynamicEndpointConfigValidationError) ErrorName() string {
+	return "EndpointsConfigDump_DynamicEndpointConfigValidationError"
+}
+
+// Error satisfies the builtin error interface
+func (e EndpointsConfigDump_DynamicEndpointConfigValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sEndpointsConfigDump_DynamicEndpointConfig.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = EndpointsConfigDump_DynamicEndpointConfigValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = EndpointsConfigDump_DynamicEndpointConfigValidationError{}
diff --git a/vendor/github.com/envoyproxy/go-control-plane/envoy/admin/v3/init_dump.pb.go b/vendor/github.com/envoyproxy/go-control-plane/envoy/admin/v3/init_dump.pb.go
new file mode 100644
index 00000000000..602e255d518
--- /dev/null
+++ b/vendor/github.com/envoyproxy/go-control-plane/envoy/admin/v3/init_dump.pb.go
@@ -0,0 +1,243 @@
+// Code generated by protoc-gen-go. DO NOT EDIT.
+// versions:
+// 	protoc-gen-go v1.25.0
+// 	protoc        v3.19.1
+// source: envoy/admin/v3/init_dump.proto
+
+package envoy_admin_v3
+
+import (
+	_ "github.com/cncf/xds/go/udpa/annotations"
+	proto "github.com/golang/protobuf/proto"
+	protoreflect "google.golang.org/protobuf/reflect/protoreflect"
+	protoimpl "google.golang.org/protobuf/runtime/protoimpl"
+	reflect "reflect"
+	sync "sync"
+)
+
+const (
+	// Verify that this generated code is sufficiently up-to-date.
+	_ = protoimpl.EnforceVersion(20 - protoimpl.MinVersion)
+	// Verify that runtime/protoimpl is sufficiently up-to-date.
+	_ = protoimpl.EnforceVersion(protoimpl.MaxVersion - 20)
+)
+
+// This is a compile-time assertion that a sufficiently up-to-date version
+// of the legacy proto package is being used.
+const _ = proto.ProtoPackageIsVersion4
+
+// Dumps of unready targets of envoy init managers. Envoy's admin fills this message with init managers,
+// which provides the information of their unready targets.
+// The :ref:`/init_dump <operations_admin_interface_init_dump>` will dump all unready targets information.
+type UnreadyTargetsDumps struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// You can choose specific component to dump unready targets with mask query parameter.
+	// See :ref:`/init_dump?mask={} <operations_admin_interface_init_dump_by_mask>` for more information.
+	// The dumps of unready targets of all init managers.
+	UnreadyTargetsDumps []*UnreadyTargetsDumps_UnreadyTargetsDump `protobuf:"bytes,1,rep,name=unready_targets_dumps,json=unreadyTargetsDumps,proto3" json:"unready_targets_dumps,omitempty"`
+}
+
+func (x *UnreadyTargetsDumps) Reset() {
+	*x = UnreadyTargetsDumps{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_admin_v3_init_dump_proto_msgTypes[0]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *UnreadyTargetsDumps) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*UnreadyTargetsDumps) ProtoMessage() {}
+
+func (x *UnreadyTargetsDumps) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_admin_v3_init_dump_proto_msgTypes[0]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use UnreadyTargetsDumps.ProtoReflect.Descriptor instead.
+func (*UnreadyTargetsDumps) Descriptor() ([]byte, []int) {
+	return file_envoy_admin_v3_init_dump_proto_rawDescGZIP(), []int{0}
+}
+
+func (x *UnreadyTargetsDumps) GetUnreadyTargetsDumps() []*UnreadyTargetsDumps_UnreadyTargetsDump {
+	if x != nil {
+		return x.UnreadyTargetsDumps
+	}
+	return nil
+}
+
+// Message of unready targets information of an init manager.
+type UnreadyTargetsDumps_UnreadyTargetsDump struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// Name of the init manager. Example: "init_manager_xxx".
+	Name string `protobuf:"bytes,1,opt,name=name,proto3" json:"name,omitempty"`
+	// Names of unready targets of the init manager. Example: "target_xxx".
+	TargetNames []string `protobuf:"bytes,2,rep,name=target_names,json=targetNames,proto3" json:"target_names,omitempty"`
+}
+
+func (x *UnreadyTargetsDumps_UnreadyTargetsDump) Reset() {
+	*x = UnreadyTargetsDumps_UnreadyTargetsDump{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_admin_v3_init_dump_proto_msgTypes[1]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *UnreadyTargetsDumps_UnreadyTargetsDump) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*UnreadyTargetsDumps_UnreadyTargetsDump) ProtoMessage() {}
+
+func (x *UnreadyTargetsDumps_UnreadyTargetsDump) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_admin_v3_init_dump_proto_msgTypes[1]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use UnreadyTargetsDumps_UnreadyTargetsDump.ProtoReflect.Descriptor instead.
+func (*UnreadyTargetsDumps_UnreadyTargetsDump) Descriptor() ([]byte, []int) {
+	return file_envoy_admin_v3_init_dump_proto_rawDescGZIP(), []int{0, 0}
+}
+
+func (x *UnreadyTargetsDumps_UnreadyTargetsDump) GetName() string {
+	if x != nil {
+		return x.Name
+	}
+	return ""
+}
+
+func (x *UnreadyTargetsDumps_UnreadyTargetsDump) GetTargetNames() []string {
+	if x != nil {
+		return x.TargetNames
+	}
+	return nil
+}
+
+var File_envoy_admin_v3_init_dump_proto protoreflect.FileDescriptor
+
+var file_envoy_admin_v3_init_dump_proto_rawDesc = []byte{
+	0x0a, 0x1e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2f, 0x61, 0x64, 0x6d, 0x69, 0x6e, 0x2f, 0x76, 0x33,
+	0x2f, 0x69, 0x6e, 0x69, 0x74, 0x5f, 0x64, 0x75, 0x6d, 0x70, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f,
+	0x12, 0x0e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61, 0x64, 0x6d, 0x69, 0x6e, 0x2e, 0x76, 0x33,
+	0x1a, 0x1d, 0x75, 0x64, 0x70, 0x61, 0x2f, 0x61, 0x6e, 0x6e, 0x6f, 0x74, 0x61, 0x74, 0x69, 0x6f,
+	0x6e, 0x73, 0x2f, 0x73, 0x74, 0x61, 0x74, 0x75, 0x73, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x22,
+	0xce, 0x01, 0x0a, 0x13, 0x55, 0x6e, 0x72, 0x65, 0x61, 0x64, 0x79, 0x54, 0x61, 0x72, 0x67, 0x65,
+	0x74, 0x73, 0x44, 0x75, 0x6d, 0x70, 0x73, 0x12, 0x6a, 0x0a, 0x15, 0x75, 0x6e, 0x72, 0x65, 0x61,
+	0x64, 0x79, 0x5f, 0x74, 0x61, 0x72, 0x67, 0x65, 0x74, 0x73, 0x5f, 0x64, 0x75, 0x6d, 0x70, 0x73,
+	0x18, 0x01, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x36, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61,
+	0x64, 0x6d, 0x69, 0x6e, 0x2e, 0x76, 0x33, 0x2e, 0x55, 0x6e, 0x72, 0x65, 0x61, 0x64, 0x79, 0x54,
+	0x61, 0x72, 0x67, 0x65, 0x74, 0x73, 0x44, 0x75, 0x6d, 0x70, 0x73, 0x2e, 0x55, 0x6e, 0x72, 0x65,
+	0x61, 0x64, 0x79, 0x54, 0x61, 0x72, 0x67, 0x65, 0x74, 0x73, 0x44, 0x75, 0x6d, 0x70, 0x52, 0x13,
+	0x75, 0x6e, 0x72, 0x65, 0x61, 0x64, 0x79, 0x54, 0x61, 0x72, 0x67, 0x65, 0x74, 0x73, 0x44, 0x75,
+	0x6d, 0x70, 0x73, 0x1a, 0x4b, 0x0a, 0x12, 0x55, 0x6e, 0x72, 0x65, 0x61, 0x64, 0x79, 0x54, 0x61,
+	0x72, 0x67, 0x65, 0x74, 0x73, 0x44, 0x75, 0x6d, 0x70, 0x12, 0x12, 0x0a, 0x04, 0x6e, 0x61, 0x6d,
+	0x65, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x04, 0x6e, 0x61, 0x6d, 0x65, 0x12, 0x21, 0x0a,
+	0x0c, 0x74, 0x61, 0x72, 0x67, 0x65, 0x74, 0x5f, 0x6e, 0x61, 0x6d, 0x65, 0x73, 0x18, 0x02, 0x20,
+	0x03, 0x28, 0x09, 0x52, 0x0b, 0x74, 0x61, 0x72, 0x67, 0x65, 0x74, 0x4e, 0x61, 0x6d, 0x65, 0x73,
+	0x42, 0x37, 0x0a, 0x1c, 0x69, 0x6f, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x70, 0x72, 0x6f, 0x78,
+	0x79, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61, 0x64, 0x6d, 0x69, 0x6e, 0x2e, 0x76, 0x33,
+	0x42, 0x0d, 0x49, 0x6e, 0x69, 0x74, 0x44, 0x75, 0x6d, 0x70, 0x50, 0x72, 0x6f, 0x74, 0x6f, 0x50,
+	0x01, 0xba, 0x80, 0xc8, 0xd1, 0x06, 0x02, 0x10, 0x02, 0x62, 0x06, 0x70, 0x72, 0x6f, 0x74, 0x6f,
+	0x33,
+}
+
+var (
+	file_envoy_admin_v3_init_dump_proto_rawDescOnce sync.Once
+	file_envoy_admin_v3_init_dump_proto_rawDescData = file_envoy_admin_v3_init_dump_proto_rawDesc
+)
+
+func file_envoy_admin_v3_init_dump_proto_rawDescGZIP() []byte {
+	file_envoy_admin_v3_init_dump_proto_rawDescOnce.Do(func() {
+		file_envoy_admin_v3_init_dump_proto_rawDescData = protoimpl.X.CompressGZIP(file_envoy_admin_v3_init_dump_proto_rawDescData)
+	})
+	return file_envoy_admin_v3_init_dump_proto_rawDescData
+}
+
+var file_envoy_admin_v3_init_dump_proto_msgTypes = make([]protoimpl.MessageInfo, 2)
+var file_envoy_admin_v3_init_dump_proto_goTypes = []interface{}{
+	(*UnreadyTargetsDumps)(nil),                    // 0: envoy.admin.v3.UnreadyTargetsDumps
+	(*UnreadyTargetsDumps_UnreadyTargetsDump)(nil), // 1: envoy.admin.v3.UnreadyTargetsDumps.UnreadyTargetsDump
+}
+var file_envoy_admin_v3_init_dump_proto_depIdxs = []int32{
+	1, // 0: envoy.admin.v3.UnreadyTargetsDumps.unready_targets_dumps:type_name -> envoy.admin.v3.UnreadyTargetsDumps.UnreadyTargetsDump
+	1, // [1:1] is the sub-list for method output_type
+	1, // [1:1] is the sub-list for method input_type
+	1, // [1:1] is the sub-list for extension type_name
+	1, // [1:1] is the sub-list for extension extendee
+	0, // [0:1] is the sub-list for field type_name
+}
+
+func init() { file_envoy_admin_v3_init_dump_proto_init() }
+func file_envoy_admin_v3_init_dump_proto_init() {
+	if File_envoy_admin_v3_init_dump_proto != nil {
+		return
+	}
+	if !protoimpl.UnsafeEnabled {
+		file_envoy_admin_v3_init_dump_proto_msgTypes[0].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*UnreadyTargetsDumps); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_admin_v3_init_dump_proto_msgTypes[1].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*UnreadyTargetsDumps_UnreadyTargetsDump); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+	}
+	type x struct{}
+	out := protoimpl.TypeBuilder{
+		File: protoimpl.DescBuilder{
+			GoPackagePath: reflect.TypeOf(x{}).PkgPath(),
+			RawDescriptor: file_envoy_admin_v3_init_dump_proto_rawDesc,
+			NumEnums:      0,
+			NumMessages:   2,
+			NumExtensions: 0,
+			NumServices:   0,
+		},
+		GoTypes:           file_envoy_admin_v3_init_dump_proto_goTypes,
+		DependencyIndexes: file_envoy_admin_v3_init_dump_proto_depIdxs,
+		MessageInfos:      file_envoy_admin_v3_init_dump_proto_msgTypes,
+	}.Build()
+	File_envoy_admin_v3_init_dump_proto = out.File
+	file_envoy_admin_v3_init_dump_proto_rawDesc = nil
+	file_envoy_admin_v3_init_dump_proto_goTypes = nil
+	file_envoy_admin_v3_init_dump_proto_depIdxs = nil
+}
diff --git a/vendor/github.com/envoyproxy/go-control-plane/envoy/admin/v3/init_dump.pb.validate.go b/vendor/github.com/envoyproxy/go-control-plane/envoy/admin/v3/init_dump.pb.validate.go
new file mode 100644
index 00000000000..4b352307823
--- /dev/null
+++ b/vendor/github.com/envoyproxy/go-control-plane/envoy/admin/v3/init_dump.pb.validate.go
@@ -0,0 +1,278 @@
+// Code generated by protoc-gen-validate. DO NOT EDIT.
+// source: envoy/admin/v3/init_dump.proto
+
+package envoy_admin_v3
+
+import (
+	"bytes"
+	"errors"
+	"fmt"
+	"net"
+	"net/mail"
+	"net/url"
+	"regexp"
+	"sort"
+	"strings"
+	"time"
+	"unicode/utf8"
+
+	"google.golang.org/protobuf/types/known/anypb"
+)
+
+// ensure the imports are used
+var (
+	_ = bytes.MinRead
+	_ = errors.New("")
+	_ = fmt.Print
+	_ = utf8.UTFMax
+	_ = (*regexp.Regexp)(nil)
+	_ = (*strings.Reader)(nil)
+	_ = net.IPv4len
+	_ = time.Duration(0)
+	_ = (*url.URL)(nil)
+	_ = (*mail.Address)(nil)
+	_ = anypb.Any{}
+	_ = sort.Sort
+)
+
+// Validate checks the field values on UnreadyTargetsDumps with the rules
+// defined in the proto definition for this message. If any rules are
+// violated, the first error encountered is returned, or nil if there are no violations.
+func (m *UnreadyTargetsDumps) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on UnreadyTargetsDumps with the rules
+// defined in the proto definition for this message. If any rules are
+// violated, the result is a list of violation errors wrapped in
+// UnreadyTargetsDumpsMultiError, or nil if none found.
+func (m *UnreadyTargetsDumps) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *UnreadyTargetsDumps) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	for idx, item := range m.GetUnreadyTargetsDumps() {
+		_, _ = idx, item
+
+		if all {
+			switch v := interface{}(item).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, UnreadyTargetsDumpsValidationError{
+						field:  fmt.Sprintf("UnreadyTargetsDumps[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, UnreadyTargetsDumpsValidationError{
+						field:  fmt.Sprintf("UnreadyTargetsDumps[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(item).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return UnreadyTargetsDumpsValidationError{
+					field:  fmt.Sprintf("UnreadyTargetsDumps[%v]", idx),
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	}
+
+	if len(errors) > 0 {
+		return UnreadyTargetsDumpsMultiError(errors)
+	}
+	return nil
+}
+
+// UnreadyTargetsDumpsMultiError is an error wrapping multiple validation
+// errors returned by UnreadyTargetsDumps.ValidateAll() if the designated
+// constraints aren't met.
+type UnreadyTargetsDumpsMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m UnreadyTargetsDumpsMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m UnreadyTargetsDumpsMultiError) AllErrors() []error { return m }
+
+// UnreadyTargetsDumpsValidationError is the validation error returned by
+// UnreadyTargetsDumps.Validate if the designated constraints aren't met.
+type UnreadyTargetsDumpsValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e UnreadyTargetsDumpsValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e UnreadyTargetsDumpsValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e UnreadyTargetsDumpsValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e UnreadyTargetsDumpsValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e UnreadyTargetsDumpsValidationError) ErrorName() string {
+	return "UnreadyTargetsDumpsValidationError"
+}
+
+// Error satisfies the builtin error interface
+func (e UnreadyTargetsDumpsValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sUnreadyTargetsDumps.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = UnreadyTargetsDumpsValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = UnreadyTargetsDumpsValidationError{}
+
+// Validate checks the field values on UnreadyTargetsDumps_UnreadyTargetsDump
+// with the rules defined in the proto definition for this message. If any
+// rules are violated, the first error encountered is returned, or nil if
+// there are no violations.
+func (m *UnreadyTargetsDumps_UnreadyTargetsDump) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on
+// UnreadyTargetsDumps_UnreadyTargetsDump with the rules defined in the proto
+// definition for this message. If any rules are violated, the result is a
+// list of violation errors wrapped in
+// UnreadyTargetsDumps_UnreadyTargetsDumpMultiError, or nil if none found.
+func (m *UnreadyTargetsDumps_UnreadyTargetsDump) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *UnreadyTargetsDumps_UnreadyTargetsDump) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	// no validation rules for Name
+
+	if len(errors) > 0 {
+		return UnreadyTargetsDumps_UnreadyTargetsDumpMultiError(errors)
+	}
+	return nil
+}
+
+// UnreadyTargetsDumps_UnreadyTargetsDumpMultiError is an error wrapping
+// multiple validation errors returned by
+// UnreadyTargetsDumps_UnreadyTargetsDump.ValidateAll() if the designated
+// constraints aren't met.
+type UnreadyTargetsDumps_UnreadyTargetsDumpMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m UnreadyTargetsDumps_UnreadyTargetsDumpMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m UnreadyTargetsDumps_UnreadyTargetsDumpMultiError) AllErrors() []error { return m }
+
+// UnreadyTargetsDumps_UnreadyTargetsDumpValidationError is the validation
+// error returned by UnreadyTargetsDumps_UnreadyTargetsDump.Validate if the
+// designated constraints aren't met.
+type UnreadyTargetsDumps_UnreadyTargetsDumpValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e UnreadyTargetsDumps_UnreadyTargetsDumpValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e UnreadyTargetsDumps_UnreadyTargetsDumpValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e UnreadyTargetsDumps_UnreadyTargetsDumpValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e UnreadyTargetsDumps_UnreadyTargetsDumpValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e UnreadyTargetsDumps_UnreadyTargetsDumpValidationError) ErrorName() string {
+	return "UnreadyTargetsDumps_UnreadyTargetsDumpValidationError"
+}
+
+// Error satisfies the builtin error interface
+func (e UnreadyTargetsDumps_UnreadyTargetsDumpValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sUnreadyTargetsDumps_UnreadyTargetsDump.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = UnreadyTargetsDumps_UnreadyTargetsDumpValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = UnreadyTargetsDumps_UnreadyTargetsDumpValidationError{}
diff --git a/vendor/github.com/envoyproxy/go-control-plane/envoy/admin/v3/listeners.pb.go b/vendor/github.com/envoyproxy/go-control-plane/envoy/admin/v3/listeners.pb.go
new file mode 100644
index 00000000000..f28ef6d968c
--- /dev/null
+++ b/vendor/github.com/envoyproxy/go-control-plane/envoy/admin/v3/listeners.pb.go
@@ -0,0 +1,252 @@
+// Code generated by protoc-gen-go. DO NOT EDIT.
+// versions:
+// 	protoc-gen-go v1.25.0
+// 	protoc        v3.19.1
+// source: envoy/admin/v3/listeners.proto
+
+package envoy_admin_v3
+
+import (
+	_ "github.com/cncf/xds/go/udpa/annotations"
+	v3 "github.com/envoyproxy/go-control-plane/envoy/config/core/v3"
+	proto "github.com/golang/protobuf/proto"
+	protoreflect "google.golang.org/protobuf/reflect/protoreflect"
+	protoimpl "google.golang.org/protobuf/runtime/protoimpl"
+	reflect "reflect"
+	sync "sync"
+)
+
+const (
+	// Verify that this generated code is sufficiently up-to-date.
+	_ = protoimpl.EnforceVersion(20 - protoimpl.MinVersion)
+	// Verify that runtime/protoimpl is sufficiently up-to-date.
+	_ = protoimpl.EnforceVersion(protoimpl.MaxVersion - 20)
+)
+
+// This is a compile-time assertion that a sufficiently up-to-date version
+// of the legacy proto package is being used.
+const _ = proto.ProtoPackageIsVersion4
+
+// Admin endpoint uses this wrapper for `/listeners` to display listener status information.
+// See :ref:`/listeners <operations_admin_interface_listeners>` for more information.
+type Listeners struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// List of listener statuses.
+	ListenerStatuses []*ListenerStatus `protobuf:"bytes,1,rep,name=listener_statuses,json=listenerStatuses,proto3" json:"listener_statuses,omitempty"`
+}
+
+func (x *Listeners) Reset() {
+	*x = Listeners{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_admin_v3_listeners_proto_msgTypes[0]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *Listeners) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*Listeners) ProtoMessage() {}
+
+func (x *Listeners) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_admin_v3_listeners_proto_msgTypes[0]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use Listeners.ProtoReflect.Descriptor instead.
+func (*Listeners) Descriptor() ([]byte, []int) {
+	return file_envoy_admin_v3_listeners_proto_rawDescGZIP(), []int{0}
+}
+
+func (x *Listeners) GetListenerStatuses() []*ListenerStatus {
+	if x != nil {
+		return x.ListenerStatuses
+	}
+	return nil
+}
+
+// Details an individual listener's current status.
+type ListenerStatus struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// Name of the listener
+	Name string `protobuf:"bytes,1,opt,name=name,proto3" json:"name,omitempty"`
+	// The actual local address that the listener is listening on. If a listener was configured
+	// to listen on port 0, then this address has the port that was allocated by the OS.
+	LocalAddress *v3.Address `protobuf:"bytes,2,opt,name=local_address,json=localAddress,proto3" json:"local_address,omitempty"`
+}
+
+func (x *ListenerStatus) Reset() {
+	*x = ListenerStatus{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_admin_v3_listeners_proto_msgTypes[1]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *ListenerStatus) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*ListenerStatus) ProtoMessage() {}
+
+func (x *ListenerStatus) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_admin_v3_listeners_proto_msgTypes[1]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use ListenerStatus.ProtoReflect.Descriptor instead.
+func (*ListenerStatus) Descriptor() ([]byte, []int) {
+	return file_envoy_admin_v3_listeners_proto_rawDescGZIP(), []int{1}
+}
+
+func (x *ListenerStatus) GetName() string {
+	if x != nil {
+		return x.Name
+	}
+	return ""
+}
+
+func (x *ListenerStatus) GetLocalAddress() *v3.Address {
+	if x != nil {
+		return x.LocalAddress
+	}
+	return nil
+}
+
+var File_envoy_admin_v3_listeners_proto protoreflect.FileDescriptor
+
+var file_envoy_admin_v3_listeners_proto_rawDesc = []byte{
+	0x0a, 0x1e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2f, 0x61, 0x64, 0x6d, 0x69, 0x6e, 0x2f, 0x76, 0x33,
+	0x2f, 0x6c, 0x69, 0x73, 0x74, 0x65, 0x6e, 0x65, 0x72, 0x73, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f,
+	0x12, 0x0e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61, 0x64, 0x6d, 0x69, 0x6e, 0x2e, 0x76, 0x33,
+	0x1a, 0x22, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2f, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2f, 0x63,
+	0x6f, 0x72, 0x65, 0x2f, 0x76, 0x33, 0x2f, 0x61, 0x64, 0x64, 0x72, 0x65, 0x73, 0x73, 0x2e, 0x70,
+	0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x1d, 0x75, 0x64, 0x70, 0x61, 0x2f, 0x61, 0x6e, 0x6e, 0x6f, 0x74,
+	0x61, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x2f, 0x73, 0x74, 0x61, 0x74, 0x75, 0x73, 0x2e, 0x70, 0x72,
+	0x6f, 0x74, 0x6f, 0x1a, 0x21, 0x75, 0x64, 0x70, 0x61, 0x2f, 0x61, 0x6e, 0x6e, 0x6f, 0x74, 0x61,
+	0x74, 0x69, 0x6f, 0x6e, 0x73, 0x2f, 0x76, 0x65, 0x72, 0x73, 0x69, 0x6f, 0x6e, 0x69, 0x6e, 0x67,
+	0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x22, 0x7e, 0x0a, 0x09, 0x4c, 0x69, 0x73, 0x74, 0x65, 0x6e,
+	0x65, 0x72, 0x73, 0x12, 0x4b, 0x0a, 0x11, 0x6c, 0x69, 0x73, 0x74, 0x65, 0x6e, 0x65, 0x72, 0x5f,
+	0x73, 0x74, 0x61, 0x74, 0x75, 0x73, 0x65, 0x73, 0x18, 0x01, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x1e,
+	0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61, 0x64, 0x6d, 0x69, 0x6e, 0x2e, 0x76, 0x33, 0x2e,
+	0x4c, 0x69, 0x73, 0x74, 0x65, 0x6e, 0x65, 0x72, 0x53, 0x74, 0x61, 0x74, 0x75, 0x73, 0x52, 0x10,
+	0x6c, 0x69, 0x73, 0x74, 0x65, 0x6e, 0x65, 0x72, 0x53, 0x74, 0x61, 0x74, 0x75, 0x73, 0x65, 0x73,
+	0x3a, 0x24, 0x9a, 0xc5, 0x88, 0x1e, 0x1f, 0x0a, 0x1d, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61,
+	0x64, 0x6d, 0x69, 0x6e, 0x2e, 0x76, 0x32, 0x61, 0x6c, 0x70, 0x68, 0x61, 0x2e, 0x4c, 0x69, 0x73,
+	0x74, 0x65, 0x6e, 0x65, 0x72, 0x73, 0x22, 0x93, 0x01, 0x0a, 0x0e, 0x4c, 0x69, 0x73, 0x74, 0x65,
+	0x6e, 0x65, 0x72, 0x53, 0x74, 0x61, 0x74, 0x75, 0x73, 0x12, 0x12, 0x0a, 0x04, 0x6e, 0x61, 0x6d,
+	0x65, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x04, 0x6e, 0x61, 0x6d, 0x65, 0x12, 0x42, 0x0a,
+	0x0d, 0x6c, 0x6f, 0x63, 0x61, 0x6c, 0x5f, 0x61, 0x64, 0x64, 0x72, 0x65, 0x73, 0x73, 0x18, 0x02,
+	0x20, 0x01, 0x28, 0x0b, 0x32, 0x1d, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e,
+	0x66, 0x69, 0x67, 0x2e, 0x63, 0x6f, 0x72, 0x65, 0x2e, 0x76, 0x33, 0x2e, 0x41, 0x64, 0x64, 0x72,
+	0x65, 0x73, 0x73, 0x52, 0x0c, 0x6c, 0x6f, 0x63, 0x61, 0x6c, 0x41, 0x64, 0x64, 0x72, 0x65, 0x73,
+	0x73, 0x3a, 0x29, 0x9a, 0xc5, 0x88, 0x1e, 0x24, 0x0a, 0x22, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e,
+	0x61, 0x64, 0x6d, 0x69, 0x6e, 0x2e, 0x76, 0x32, 0x61, 0x6c, 0x70, 0x68, 0x61, 0x2e, 0x4c, 0x69,
+	0x73, 0x74, 0x65, 0x6e, 0x65, 0x72, 0x53, 0x74, 0x61, 0x74, 0x75, 0x73, 0x42, 0x38, 0x0a, 0x1c,
+	0x69, 0x6f, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x70, 0x72, 0x6f, 0x78, 0x79, 0x2e, 0x65, 0x6e,
+	0x76, 0x6f, 0x79, 0x2e, 0x61, 0x64, 0x6d, 0x69, 0x6e, 0x2e, 0x76, 0x33, 0x42, 0x0e, 0x4c, 0x69,
+	0x73, 0x74, 0x65, 0x6e, 0x65, 0x72, 0x73, 0x50, 0x72, 0x6f, 0x74, 0x6f, 0x50, 0x01, 0xba, 0x80,
+	0xc8, 0xd1, 0x06, 0x02, 0x10, 0x02, 0x62, 0x06, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x33,
+}
+
+var (
+	file_envoy_admin_v3_listeners_proto_rawDescOnce sync.Once
+	file_envoy_admin_v3_listeners_proto_rawDescData = file_envoy_admin_v3_listeners_proto_rawDesc
+)
+
+func file_envoy_admin_v3_listeners_proto_rawDescGZIP() []byte {
+	file_envoy_admin_v3_listeners_proto_rawDescOnce.Do(func() {
+		file_envoy_admin_v3_listeners_proto_rawDescData = protoimpl.X.CompressGZIP(file_envoy_admin_v3_listeners_proto_rawDescData)
+	})
+	return file_envoy_admin_v3_listeners_proto_rawDescData
+}
+
+var file_envoy_admin_v3_listeners_proto_msgTypes = make([]protoimpl.MessageInfo, 2)
+var file_envoy_admin_v3_listeners_proto_goTypes = []interface{}{
+	(*Listeners)(nil),      // 0: envoy.admin.v3.Listeners
+	(*ListenerStatus)(nil), // 1: envoy.admin.v3.ListenerStatus
+	(*v3.Address)(nil),     // 2: envoy.config.core.v3.Address
+}
+var file_envoy_admin_v3_listeners_proto_depIdxs = []int32{
+	1, // 0: envoy.admin.v3.Listeners.listener_statuses:type_name -> envoy.admin.v3.ListenerStatus
+	2, // 1: envoy.admin.v3.ListenerStatus.local_address:type_name -> envoy.config.core.v3.Address
+	2, // [2:2] is the sub-list for method output_type
+	2, // [2:2] is the sub-list for method input_type
+	2, // [2:2] is the sub-list for extension type_name
+	2, // [2:2] is the sub-list for extension extendee
+	0, // [0:2] is the sub-list for field type_name
+}
+
+func init() { file_envoy_admin_v3_listeners_proto_init() }
+func file_envoy_admin_v3_listeners_proto_init() {
+	if File_envoy_admin_v3_listeners_proto != nil {
+		return
+	}
+	if !protoimpl.UnsafeEnabled {
+		file_envoy_admin_v3_listeners_proto_msgTypes[0].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*Listeners); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_admin_v3_listeners_proto_msgTypes[1].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*ListenerStatus); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+	}
+	type x struct{}
+	out := protoimpl.TypeBuilder{
+		File: protoimpl.DescBuilder{
+			GoPackagePath: reflect.TypeOf(x{}).PkgPath(),
+			RawDescriptor: file_envoy_admin_v3_listeners_proto_rawDesc,
+			NumEnums:      0,
+			NumMessages:   2,
+			NumExtensions: 0,
+			NumServices:   0,
+		},
+		GoTypes:           file_envoy_admin_v3_listeners_proto_goTypes,
+		DependencyIndexes: file_envoy_admin_v3_listeners_proto_depIdxs,
+		MessageInfos:      file_envoy_admin_v3_listeners_proto_msgTypes,
+	}.Build()
+	File_envoy_admin_v3_listeners_proto = out.File
+	file_envoy_admin_v3_listeners_proto_rawDesc = nil
+	file_envoy_admin_v3_listeners_proto_goTypes = nil
+	file_envoy_admin_v3_listeners_proto_depIdxs = nil
+}
diff --git a/vendor/github.com/envoyproxy/go-control-plane/envoy/admin/v3/listeners.pb.validate.go b/vendor/github.com/envoyproxy/go-control-plane/envoy/admin/v3/listeners.pb.validate.go
new file mode 100644
index 00000000000..696f9339d6b
--- /dev/null
+++ b/vendor/github.com/envoyproxy/go-control-plane/envoy/admin/v3/listeners.pb.validate.go
@@ -0,0 +1,298 @@
+// Code generated by protoc-gen-validate. DO NOT EDIT.
+// source: envoy/admin/v3/listeners.proto
+
+package envoy_admin_v3
+
+import (
+	"bytes"
+	"errors"
+	"fmt"
+	"net"
+	"net/mail"
+	"net/url"
+	"regexp"
+	"sort"
+	"strings"
+	"time"
+	"unicode/utf8"
+
+	"google.golang.org/protobuf/types/known/anypb"
+)
+
+// ensure the imports are used
+var (
+	_ = bytes.MinRead
+	_ = errors.New("")
+	_ = fmt.Print
+	_ = utf8.UTFMax
+	_ = (*regexp.Regexp)(nil)
+	_ = (*strings.Reader)(nil)
+	_ = net.IPv4len
+	_ = time.Duration(0)
+	_ = (*url.URL)(nil)
+	_ = (*mail.Address)(nil)
+	_ = anypb.Any{}
+	_ = sort.Sort
+)
+
+// Validate checks the field values on Listeners with the rules defined in the
+// proto definition for this message. If any rules are violated, the first
+// error encountered is returned, or nil if there are no violations.
+func (m *Listeners) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on Listeners with the rules defined in
+// the proto definition for this message. If any rules are violated, the
+// result is a list of violation errors wrapped in ListenersMultiError, or nil
+// if none found.
+func (m *Listeners) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *Listeners) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	for idx, item := range m.GetListenerStatuses() {
+		_, _ = idx, item
+
+		if all {
+			switch v := interface{}(item).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, ListenersValidationError{
+						field:  fmt.Sprintf("ListenerStatuses[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, ListenersValidationError{
+						field:  fmt.Sprintf("ListenerStatuses[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(item).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return ListenersValidationError{
+					field:  fmt.Sprintf("ListenerStatuses[%v]", idx),
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	}
+
+	if len(errors) > 0 {
+		return ListenersMultiError(errors)
+	}
+	return nil
+}
+
+// ListenersMultiError is an error wrapping multiple validation errors returned
+// by Listeners.ValidateAll() if the designated constraints aren't met.
+type ListenersMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m ListenersMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m ListenersMultiError) AllErrors() []error { return m }
+
+// ListenersValidationError is the validation error returned by
+// Listeners.Validate if the designated constraints aren't met.
+type ListenersValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e ListenersValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e ListenersValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e ListenersValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e ListenersValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e ListenersValidationError) ErrorName() string { return "ListenersValidationError" }
+
+// Error satisfies the builtin error interface
+func (e ListenersValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sListeners.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = ListenersValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = ListenersValidationError{}
+
+// Validate checks the field values on ListenerStatus with the rules defined in
+// the proto definition for this message. If any rules are violated, the first
+// error encountered is returned, or nil if there are no violations.
+func (m *ListenerStatus) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on ListenerStatus with the rules defined
+// in the proto definition for this message. If any rules are violated, the
+// result is a list of violation errors wrapped in ListenerStatusMultiError,
+// or nil if none found.
+func (m *ListenerStatus) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *ListenerStatus) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	// no validation rules for Name
+
+	if all {
+		switch v := interface{}(m.GetLocalAddress()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, ListenerStatusValidationError{
+					field:  "LocalAddress",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, ListenerStatusValidationError{
+					field:  "LocalAddress",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetLocalAddress()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return ListenerStatusValidationError{
+				field:  "LocalAddress",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if len(errors) > 0 {
+		return ListenerStatusMultiError(errors)
+	}
+	return nil
+}
+
+// ListenerStatusMultiError is an error wrapping multiple validation errors
+// returned by ListenerStatus.ValidateAll() if the designated constraints
+// aren't met.
+type ListenerStatusMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m ListenerStatusMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m ListenerStatusMultiError) AllErrors() []error { return m }
+
+// ListenerStatusValidationError is the validation error returned by
+// ListenerStatus.Validate if the designated constraints aren't met.
+type ListenerStatusValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e ListenerStatusValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e ListenerStatusValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e ListenerStatusValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e ListenerStatusValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e ListenerStatusValidationError) ErrorName() string { return "ListenerStatusValidationError" }
+
+// Error satisfies the builtin error interface
+func (e ListenerStatusValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sListenerStatus.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = ListenerStatusValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = ListenerStatusValidationError{}
diff --git a/vendor/github.com/envoyproxy/go-control-plane/envoy/admin/v3/memory.pb.go b/vendor/github.com/envoyproxy/go-control-plane/envoy/admin/v3/memory.pb.go
new file mode 100644
index 00000000000..86c3ac34747
--- /dev/null
+++ b/vendor/github.com/envoyproxy/go-control-plane/envoy/admin/v3/memory.pb.go
@@ -0,0 +1,229 @@
+// Code generated by protoc-gen-go. DO NOT EDIT.
+// versions:
+// 	protoc-gen-go v1.25.0
+// 	protoc        v3.19.1
+// source: envoy/admin/v3/memory.proto
+
+package envoy_admin_v3
+
+import (
+	_ "github.com/cncf/xds/go/udpa/annotations"
+	proto "github.com/golang/protobuf/proto"
+	protoreflect "google.golang.org/protobuf/reflect/protoreflect"
+	protoimpl "google.golang.org/protobuf/runtime/protoimpl"
+	reflect "reflect"
+	sync "sync"
+)
+
+const (
+	// Verify that this generated code is sufficiently up-to-date.
+	_ = protoimpl.EnforceVersion(20 - protoimpl.MinVersion)
+	// Verify that runtime/protoimpl is sufficiently up-to-date.
+	_ = protoimpl.EnforceVersion(protoimpl.MaxVersion - 20)
+)
+
+// This is a compile-time assertion that a sufficiently up-to-date version
+// of the legacy proto package is being used.
+const _ = proto.ProtoPackageIsVersion4
+
+// Proto representation of the internal memory consumption of an Envoy instance. These represent
+// values extracted from an internal TCMalloc instance. For more information, see the section of the
+// docs entitled ["Generic Tcmalloc Status"](https://gperftools.github.io/gperftools/tcmalloc.html).
+// [#next-free-field: 7]
+type Memory struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// The number of bytes allocated by the heap for Envoy. This is an alias for
+	// `generic.current_allocated_bytes`.
+	Allocated uint64 `protobuf:"varint,1,opt,name=allocated,proto3" json:"allocated,omitempty"`
+	// The number of bytes reserved by the heap but not necessarily allocated. This is an alias for
+	// `generic.heap_size`.
+	HeapSize uint64 `protobuf:"varint,2,opt,name=heap_size,json=heapSize,proto3" json:"heap_size,omitempty"`
+	// The number of bytes in free, unmapped pages in the page heap. These bytes always count towards
+	// virtual memory usage, and depending on the OS, typically do not count towards physical memory
+	// usage. This is an alias for `tcmalloc.pageheap_unmapped_bytes`.
+	PageheapUnmapped uint64 `protobuf:"varint,3,opt,name=pageheap_unmapped,json=pageheapUnmapped,proto3" json:"pageheap_unmapped,omitempty"`
+	// The number of bytes in free, mapped pages in the page heap. These bytes always count towards
+	// virtual memory usage, and unless the underlying memory is swapped out by the OS, they also
+	// count towards physical memory usage. This is an alias for `tcmalloc.pageheap_free_bytes`.
+	PageheapFree uint64 `protobuf:"varint,4,opt,name=pageheap_free,json=pageheapFree,proto3" json:"pageheap_free,omitempty"`
+	// The amount of memory used by the TCMalloc thread caches (for small objects). This is an alias
+	// for `tcmalloc.current_total_thread_cache_bytes`.
+	TotalThreadCache uint64 `protobuf:"varint,5,opt,name=total_thread_cache,json=totalThreadCache,proto3" json:"total_thread_cache,omitempty"`
+	// The number of bytes of the physical memory usage by the allocator. This is an alias for
+	// `generic.total_physical_bytes`.
+	TotalPhysicalBytes uint64 `protobuf:"varint,6,opt,name=total_physical_bytes,json=totalPhysicalBytes,proto3" json:"total_physical_bytes,omitempty"`
+}
+
+func (x *Memory) Reset() {
+	*x = Memory{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_admin_v3_memory_proto_msgTypes[0]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *Memory) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*Memory) ProtoMessage() {}
+
+func (x *Memory) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_admin_v3_memory_proto_msgTypes[0]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use Memory.ProtoReflect.Descriptor instead.
+func (*Memory) Descriptor() ([]byte, []int) {
+	return file_envoy_admin_v3_memory_proto_rawDescGZIP(), []int{0}
+}
+
+func (x *Memory) GetAllocated() uint64 {
+	if x != nil {
+		return x.Allocated
+	}
+	return 0
+}
+
+func (x *Memory) GetHeapSize() uint64 {
+	if x != nil {
+		return x.HeapSize
+	}
+	return 0
+}
+
+func (x *Memory) GetPageheapUnmapped() uint64 {
+	if x != nil {
+		return x.PageheapUnmapped
+	}
+	return 0
+}
+
+func (x *Memory) GetPageheapFree() uint64 {
+	if x != nil {
+		return x.PageheapFree
+	}
+	return 0
+}
+
+func (x *Memory) GetTotalThreadCache() uint64 {
+	if x != nil {
+		return x.TotalThreadCache
+	}
+	return 0
+}
+
+func (x *Memory) GetTotalPhysicalBytes() uint64 {
+	if x != nil {
+		return x.TotalPhysicalBytes
+	}
+	return 0
+}
+
+var File_envoy_admin_v3_memory_proto protoreflect.FileDescriptor
+
+var file_envoy_admin_v3_memory_proto_rawDesc = []byte{
+	0x0a, 0x1b, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2f, 0x61, 0x64, 0x6d, 0x69, 0x6e, 0x2f, 0x76, 0x33,
+	0x2f, 0x6d, 0x65, 0x6d, 0x6f, 0x72, 0x79, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x12, 0x0e, 0x65,
+	0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61, 0x64, 0x6d, 0x69, 0x6e, 0x2e, 0x76, 0x33, 0x1a, 0x1d, 0x75,
+	0x64, 0x70, 0x61, 0x2f, 0x61, 0x6e, 0x6e, 0x6f, 0x74, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x2f,
+	0x73, 0x74, 0x61, 0x74, 0x75, 0x73, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x21, 0x75, 0x64,
+	0x70, 0x61, 0x2f, 0x61, 0x6e, 0x6e, 0x6f, 0x74, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x2f, 0x76,
+	0x65, 0x72, 0x73, 0x69, 0x6f, 0x6e, 0x69, 0x6e, 0x67, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x22,
+	0x98, 0x02, 0x0a, 0x06, 0x4d, 0x65, 0x6d, 0x6f, 0x72, 0x79, 0x12, 0x1c, 0x0a, 0x09, 0x61, 0x6c,
+	0x6c, 0x6f, 0x63, 0x61, 0x74, 0x65, 0x64, 0x18, 0x01, 0x20, 0x01, 0x28, 0x04, 0x52, 0x09, 0x61,
+	0x6c, 0x6c, 0x6f, 0x63, 0x61, 0x74, 0x65, 0x64, 0x12, 0x1b, 0x0a, 0x09, 0x68, 0x65, 0x61, 0x70,
+	0x5f, 0x73, 0x69, 0x7a, 0x65, 0x18, 0x02, 0x20, 0x01, 0x28, 0x04, 0x52, 0x08, 0x68, 0x65, 0x61,
+	0x70, 0x53, 0x69, 0x7a, 0x65, 0x12, 0x2b, 0x0a, 0x11, 0x70, 0x61, 0x67, 0x65, 0x68, 0x65, 0x61,
+	0x70, 0x5f, 0x75, 0x6e, 0x6d, 0x61, 0x70, 0x70, 0x65, 0x64, 0x18, 0x03, 0x20, 0x01, 0x28, 0x04,
+	0x52, 0x10, 0x70, 0x61, 0x67, 0x65, 0x68, 0x65, 0x61, 0x70, 0x55, 0x6e, 0x6d, 0x61, 0x70, 0x70,
+	0x65, 0x64, 0x12, 0x23, 0x0a, 0x0d, 0x70, 0x61, 0x67, 0x65, 0x68, 0x65, 0x61, 0x70, 0x5f, 0x66,
+	0x72, 0x65, 0x65, 0x18, 0x04, 0x20, 0x01, 0x28, 0x04, 0x52, 0x0c, 0x70, 0x61, 0x67, 0x65, 0x68,
+	0x65, 0x61, 0x70, 0x46, 0x72, 0x65, 0x65, 0x12, 0x2c, 0x0a, 0x12, 0x74, 0x6f, 0x74, 0x61, 0x6c,
+	0x5f, 0x74, 0x68, 0x72, 0x65, 0x61, 0x64, 0x5f, 0x63, 0x61, 0x63, 0x68, 0x65, 0x18, 0x05, 0x20,
+	0x01, 0x28, 0x04, 0x52, 0x10, 0x74, 0x6f, 0x74, 0x61, 0x6c, 0x54, 0x68, 0x72, 0x65, 0x61, 0x64,
+	0x43, 0x61, 0x63, 0x68, 0x65, 0x12, 0x30, 0x0a, 0x14, 0x74, 0x6f, 0x74, 0x61, 0x6c, 0x5f, 0x70,
+	0x68, 0x79, 0x73, 0x69, 0x63, 0x61, 0x6c, 0x5f, 0x62, 0x79, 0x74, 0x65, 0x73, 0x18, 0x06, 0x20,
+	0x01, 0x28, 0x04, 0x52, 0x12, 0x74, 0x6f, 0x74, 0x61, 0x6c, 0x50, 0x68, 0x79, 0x73, 0x69, 0x63,
+	0x61, 0x6c, 0x42, 0x79, 0x74, 0x65, 0x73, 0x3a, 0x21, 0x9a, 0xc5, 0x88, 0x1e, 0x1c, 0x0a, 0x1a,
+	0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61, 0x64, 0x6d, 0x69, 0x6e, 0x2e, 0x76, 0x32, 0x61, 0x6c,
+	0x70, 0x68, 0x61, 0x2e, 0x4d, 0x65, 0x6d, 0x6f, 0x72, 0x79, 0x42, 0x35, 0x0a, 0x1c, 0x69, 0x6f,
+	0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x70, 0x72, 0x6f, 0x78, 0x79, 0x2e, 0x65, 0x6e, 0x76, 0x6f,
+	0x79, 0x2e, 0x61, 0x64, 0x6d, 0x69, 0x6e, 0x2e, 0x76, 0x33, 0x42, 0x0b, 0x4d, 0x65, 0x6d, 0x6f,
+	0x72, 0x79, 0x50, 0x72, 0x6f, 0x74, 0x6f, 0x50, 0x01, 0xba, 0x80, 0xc8, 0xd1, 0x06, 0x02, 0x10,
+	0x02, 0x62, 0x06, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x33,
+}
+
+var (
+	file_envoy_admin_v3_memory_proto_rawDescOnce sync.Once
+	file_envoy_admin_v3_memory_proto_rawDescData = file_envoy_admin_v3_memory_proto_rawDesc
+)
+
+func file_envoy_admin_v3_memory_proto_rawDescGZIP() []byte {
+	file_envoy_admin_v3_memory_proto_rawDescOnce.Do(func() {
+		file_envoy_admin_v3_memory_proto_rawDescData = protoimpl.X.CompressGZIP(file_envoy_admin_v3_memory_proto_rawDescData)
+	})
+	return file_envoy_admin_v3_memory_proto_rawDescData
+}
+
+var file_envoy_admin_v3_memory_proto_msgTypes = make([]protoimpl.MessageInfo, 1)
+var file_envoy_admin_v3_memory_proto_goTypes = []interface{}{
+	(*Memory)(nil), // 0: envoy.admin.v3.Memory
+}
+var file_envoy_admin_v3_memory_proto_depIdxs = []int32{
+	0, // [0:0] is the sub-list for method output_type
+	0, // [0:0] is the sub-list for method input_type
+	0, // [0:0] is the sub-list for extension type_name
+	0, // [0:0] is the sub-list for extension extendee
+	0, // [0:0] is the sub-list for field type_name
+}
+
+func init() { file_envoy_admin_v3_memory_proto_init() }
+func file_envoy_admin_v3_memory_proto_init() {
+	if File_envoy_admin_v3_memory_proto != nil {
+		return
+	}
+	if !protoimpl.UnsafeEnabled {
+		file_envoy_admin_v3_memory_proto_msgTypes[0].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*Memory); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+	}
+	type x struct{}
+	out := protoimpl.TypeBuilder{
+		File: protoimpl.DescBuilder{
+			GoPackagePath: reflect.TypeOf(x{}).PkgPath(),
+			RawDescriptor: file_envoy_admin_v3_memory_proto_rawDesc,
+			NumEnums:      0,
+			NumMessages:   1,
+			NumExtensions: 0,
+			NumServices:   0,
+		},
+		GoTypes:           file_envoy_admin_v3_memory_proto_goTypes,
+		DependencyIndexes: file_envoy_admin_v3_memory_proto_depIdxs,
+		MessageInfos:      file_envoy_admin_v3_memory_proto_msgTypes,
+	}.Build()
+	File_envoy_admin_v3_memory_proto = out.File
+	file_envoy_admin_v3_memory_proto_rawDesc = nil
+	file_envoy_admin_v3_memory_proto_goTypes = nil
+	file_envoy_admin_v3_memory_proto_depIdxs = nil
+}
diff --git a/vendor/github.com/envoyproxy/go-control-plane/envoy/admin/v3/memory.pb.validate.go b/vendor/github.com/envoyproxy/go-control-plane/envoy/admin/v3/memory.pb.validate.go
new file mode 100644
index 00000000000..36691c26d6b
--- /dev/null
+++ b/vendor/github.com/envoyproxy/go-control-plane/envoy/admin/v3/memory.pb.validate.go
@@ -0,0 +1,145 @@
+// Code generated by protoc-gen-validate. DO NOT EDIT.
+// source: envoy/admin/v3/memory.proto
+
+package envoy_admin_v3
+
+import (
+	"bytes"
+	"errors"
+	"fmt"
+	"net"
+	"net/mail"
+	"net/url"
+	"regexp"
+	"sort"
+	"strings"
+	"time"
+	"unicode/utf8"
+
+	"google.golang.org/protobuf/types/known/anypb"
+)
+
+// ensure the imports are used
+var (
+	_ = bytes.MinRead
+	_ = errors.New("")
+	_ = fmt.Print
+	_ = utf8.UTFMax
+	_ = (*regexp.Regexp)(nil)
+	_ = (*strings.Reader)(nil)
+	_ = net.IPv4len
+	_ = time.Duration(0)
+	_ = (*url.URL)(nil)
+	_ = (*mail.Address)(nil)
+	_ = anypb.Any{}
+	_ = sort.Sort
+)
+
+// Validate checks the field values on Memory with the rules defined in the
+// proto definition for this message. If any rules are violated, the first
+// error encountered is returned, or nil if there are no violations.
+func (m *Memory) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on Memory with the rules defined in the
+// proto definition for this message. If any rules are violated, the result is
+// a list of violation errors wrapped in MemoryMultiError, or nil if none found.
+func (m *Memory) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *Memory) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	// no validation rules for Allocated
+
+	// no validation rules for HeapSize
+
+	// no validation rules for PageheapUnmapped
+
+	// no validation rules for PageheapFree
+
+	// no validation rules for TotalThreadCache
+
+	// no validation rules for TotalPhysicalBytes
+
+	if len(errors) > 0 {
+		return MemoryMultiError(errors)
+	}
+	return nil
+}
+
+// MemoryMultiError is an error wrapping multiple validation errors returned by
+// Memory.ValidateAll() if the designated constraints aren't met.
+type MemoryMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m MemoryMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m MemoryMultiError) AllErrors() []error { return m }
+
+// MemoryValidationError is the validation error returned by Memory.Validate if
+// the designated constraints aren't met.
+type MemoryValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e MemoryValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e MemoryValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e MemoryValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e MemoryValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e MemoryValidationError) ErrorName() string { return "MemoryValidationError" }
+
+// Error satisfies the builtin error interface
+func (e MemoryValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sMemory.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = MemoryValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = MemoryValidationError{}
diff --git a/vendor/github.com/envoyproxy/go-control-plane/envoy/admin/v3/metrics.pb.go b/vendor/github.com/envoyproxy/go-control-plane/envoy/admin/v3/metrics.pb.go
new file mode 100644
index 00000000000..e327c8b737a
--- /dev/null
+++ b/vendor/github.com/envoyproxy/go-control-plane/envoy/admin/v3/metrics.pb.go
@@ -0,0 +1,235 @@
+// Code generated by protoc-gen-go. DO NOT EDIT.
+// versions:
+// 	protoc-gen-go v1.25.0
+// 	protoc        v3.19.1
+// source: envoy/admin/v3/metrics.proto
+
+package envoy_admin_v3
+
+import (
+	_ "github.com/cncf/xds/go/udpa/annotations"
+	proto "github.com/golang/protobuf/proto"
+	protoreflect "google.golang.org/protobuf/reflect/protoreflect"
+	protoimpl "google.golang.org/protobuf/runtime/protoimpl"
+	reflect "reflect"
+	sync "sync"
+)
+
+const (
+	// Verify that this generated code is sufficiently up-to-date.
+	_ = protoimpl.EnforceVersion(20 - protoimpl.MinVersion)
+	// Verify that runtime/protoimpl is sufficiently up-to-date.
+	_ = protoimpl.EnforceVersion(protoimpl.MaxVersion - 20)
+)
+
+// This is a compile-time assertion that a sufficiently up-to-date version
+// of the legacy proto package is being used.
+const _ = proto.ProtoPackageIsVersion4
+
+type SimpleMetric_Type int32
+
+const (
+	SimpleMetric_COUNTER SimpleMetric_Type = 0
+	SimpleMetric_GAUGE   SimpleMetric_Type = 1
+)
+
+// Enum value maps for SimpleMetric_Type.
+var (
+	SimpleMetric_Type_name = map[int32]string{
+		0: "COUNTER",
+		1: "GAUGE",
+	}
+	SimpleMetric_Type_value = map[string]int32{
+		"COUNTER": 0,
+		"GAUGE":   1,
+	}
+)
+
+func (x SimpleMetric_Type) Enum() *SimpleMetric_Type {
+	p := new(SimpleMetric_Type)
+	*p = x
+	return p
+}
+
+func (x SimpleMetric_Type) String() string {
+	return protoimpl.X.EnumStringOf(x.Descriptor(), protoreflect.EnumNumber(x))
+}
+
+func (SimpleMetric_Type) Descriptor() protoreflect.EnumDescriptor {
+	return file_envoy_admin_v3_metrics_proto_enumTypes[0].Descriptor()
+}
+
+func (SimpleMetric_Type) Type() protoreflect.EnumType {
+	return &file_envoy_admin_v3_metrics_proto_enumTypes[0]
+}
+
+func (x SimpleMetric_Type) Number() protoreflect.EnumNumber {
+	return protoreflect.EnumNumber(x)
+}
+
+// Deprecated: Use SimpleMetric_Type.Descriptor instead.
+func (SimpleMetric_Type) EnumDescriptor() ([]byte, []int) {
+	return file_envoy_admin_v3_metrics_proto_rawDescGZIP(), []int{0, 0}
+}
+
+// Proto representation of an Envoy Counter or Gauge value.
+type SimpleMetric struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// Type of the metric represented.
+	Type SimpleMetric_Type `protobuf:"varint,1,opt,name=type,proto3,enum=envoy.admin.v3.SimpleMetric_Type" json:"type,omitempty"`
+	// Current metric value.
+	Value uint64 `protobuf:"varint,2,opt,name=value,proto3" json:"value,omitempty"`
+	// Name of the metric.
+	Name string `protobuf:"bytes,3,opt,name=name,proto3" json:"name,omitempty"`
+}
+
+func (x *SimpleMetric) Reset() {
+	*x = SimpleMetric{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_admin_v3_metrics_proto_msgTypes[0]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *SimpleMetric) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*SimpleMetric) ProtoMessage() {}
+
+func (x *SimpleMetric) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_admin_v3_metrics_proto_msgTypes[0]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use SimpleMetric.ProtoReflect.Descriptor instead.
+func (*SimpleMetric) Descriptor() ([]byte, []int) {
+	return file_envoy_admin_v3_metrics_proto_rawDescGZIP(), []int{0}
+}
+
+func (x *SimpleMetric) GetType() SimpleMetric_Type {
+	if x != nil {
+		return x.Type
+	}
+	return SimpleMetric_COUNTER
+}
+
+func (x *SimpleMetric) GetValue() uint64 {
+	if x != nil {
+		return x.Value
+	}
+	return 0
+}
+
+func (x *SimpleMetric) GetName() string {
+	if x != nil {
+		return x.Name
+	}
+	return ""
+}
+
+var File_envoy_admin_v3_metrics_proto protoreflect.FileDescriptor
+
+var file_envoy_admin_v3_metrics_proto_rawDesc = []byte{
+	0x0a, 0x1c, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2f, 0x61, 0x64, 0x6d, 0x69, 0x6e, 0x2f, 0x76, 0x33,
+	0x2f, 0x6d, 0x65, 0x74, 0x72, 0x69, 0x63, 0x73, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x12, 0x0e,
+	0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61, 0x64, 0x6d, 0x69, 0x6e, 0x2e, 0x76, 0x33, 0x1a, 0x1d,
+	0x75, 0x64, 0x70, 0x61, 0x2f, 0x61, 0x6e, 0x6e, 0x6f, 0x74, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x73,
+	0x2f, 0x73, 0x74, 0x61, 0x74, 0x75, 0x73, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x21, 0x75,
+	0x64, 0x70, 0x61, 0x2f, 0x61, 0x6e, 0x6e, 0x6f, 0x74, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x2f,
+	0x76, 0x65, 0x72, 0x73, 0x69, 0x6f, 0x6e, 0x69, 0x6e, 0x67, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f,
+	0x22, 0xb8, 0x01, 0x0a, 0x0c, 0x53, 0x69, 0x6d, 0x70, 0x6c, 0x65, 0x4d, 0x65, 0x74, 0x72, 0x69,
+	0x63, 0x12, 0x35, 0x0a, 0x04, 0x74, 0x79, 0x70, 0x65, 0x18, 0x01, 0x20, 0x01, 0x28, 0x0e, 0x32,
+	0x21, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61, 0x64, 0x6d, 0x69, 0x6e, 0x2e, 0x76, 0x33,
+	0x2e, 0x53, 0x69, 0x6d, 0x70, 0x6c, 0x65, 0x4d, 0x65, 0x74, 0x72, 0x69, 0x63, 0x2e, 0x54, 0x79,
+	0x70, 0x65, 0x52, 0x04, 0x74, 0x79, 0x70, 0x65, 0x12, 0x14, 0x0a, 0x05, 0x76, 0x61, 0x6c, 0x75,
+	0x65, 0x18, 0x02, 0x20, 0x01, 0x28, 0x04, 0x52, 0x05, 0x76, 0x61, 0x6c, 0x75, 0x65, 0x12, 0x12,
+	0x0a, 0x04, 0x6e, 0x61, 0x6d, 0x65, 0x18, 0x03, 0x20, 0x01, 0x28, 0x09, 0x52, 0x04, 0x6e, 0x61,
+	0x6d, 0x65, 0x22, 0x1e, 0x0a, 0x04, 0x54, 0x79, 0x70, 0x65, 0x12, 0x0b, 0x0a, 0x07, 0x43, 0x4f,
+	0x55, 0x4e, 0x54, 0x45, 0x52, 0x10, 0x00, 0x12, 0x09, 0x0a, 0x05, 0x47, 0x41, 0x55, 0x47, 0x45,
+	0x10, 0x01, 0x3a, 0x27, 0x9a, 0xc5, 0x88, 0x1e, 0x22, 0x0a, 0x20, 0x65, 0x6e, 0x76, 0x6f, 0x79,
+	0x2e, 0x61, 0x64, 0x6d, 0x69, 0x6e, 0x2e, 0x76, 0x32, 0x61, 0x6c, 0x70, 0x68, 0x61, 0x2e, 0x53,
+	0x69, 0x6d, 0x70, 0x6c, 0x65, 0x4d, 0x65, 0x74, 0x72, 0x69, 0x63, 0x42, 0x36, 0x0a, 0x1c, 0x69,
+	0x6f, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x70, 0x72, 0x6f, 0x78, 0x79, 0x2e, 0x65, 0x6e, 0x76,
+	0x6f, 0x79, 0x2e, 0x61, 0x64, 0x6d, 0x69, 0x6e, 0x2e, 0x76, 0x33, 0x42, 0x0c, 0x4d, 0x65, 0x74,
+	0x72, 0x69, 0x63, 0x73, 0x50, 0x72, 0x6f, 0x74, 0x6f, 0x50, 0x01, 0xba, 0x80, 0xc8, 0xd1, 0x06,
+	0x02, 0x10, 0x02, 0x62, 0x06, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x33,
+}
+
+var (
+	file_envoy_admin_v3_metrics_proto_rawDescOnce sync.Once
+	file_envoy_admin_v3_metrics_proto_rawDescData = file_envoy_admin_v3_metrics_proto_rawDesc
+)
+
+func file_envoy_admin_v3_metrics_proto_rawDescGZIP() []byte {
+	file_envoy_admin_v3_metrics_proto_rawDescOnce.Do(func() {
+		file_envoy_admin_v3_metrics_proto_rawDescData = protoimpl.X.CompressGZIP(file_envoy_admin_v3_metrics_proto_rawDescData)
+	})
+	return file_envoy_admin_v3_metrics_proto_rawDescData
+}
+
+var file_envoy_admin_v3_metrics_proto_enumTypes = make([]protoimpl.EnumInfo, 1)
+var file_envoy_admin_v3_metrics_proto_msgTypes = make([]protoimpl.MessageInfo, 1)
+var file_envoy_admin_v3_metrics_proto_goTypes = []interface{}{
+	(SimpleMetric_Type)(0), // 0: envoy.admin.v3.SimpleMetric.Type
+	(*SimpleMetric)(nil),   // 1: envoy.admin.v3.SimpleMetric
+}
+var file_envoy_admin_v3_metrics_proto_depIdxs = []int32{
+	0, // 0: envoy.admin.v3.SimpleMetric.type:type_name -> envoy.admin.v3.SimpleMetric.Type
+	1, // [1:1] is the sub-list for method output_type
+	1, // [1:1] is the sub-list for method input_type
+	1, // [1:1] is the sub-list for extension type_name
+	1, // [1:1] is the sub-list for extension extendee
+	0, // [0:1] is the sub-list for field type_name
+}
+
+func init() { file_envoy_admin_v3_metrics_proto_init() }
+func file_envoy_admin_v3_metrics_proto_init() {
+	if File_envoy_admin_v3_metrics_proto != nil {
+		return
+	}
+	if !protoimpl.UnsafeEnabled {
+		file_envoy_admin_v3_metrics_proto_msgTypes[0].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*SimpleMetric); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+	}
+	type x struct{}
+	out := protoimpl.TypeBuilder{
+		File: protoimpl.DescBuilder{
+			GoPackagePath: reflect.TypeOf(x{}).PkgPath(),
+			RawDescriptor: file_envoy_admin_v3_metrics_proto_rawDesc,
+			NumEnums:      1,
+			NumMessages:   1,
+			NumExtensions: 0,
+			NumServices:   0,
+		},
+		GoTypes:           file_envoy_admin_v3_metrics_proto_goTypes,
+		DependencyIndexes: file_envoy_admin_v3_metrics_proto_depIdxs,
+		EnumInfos:         file_envoy_admin_v3_metrics_proto_enumTypes,
+		MessageInfos:      file_envoy_admin_v3_metrics_proto_msgTypes,
+	}.Build()
+	File_envoy_admin_v3_metrics_proto = out.File
+	file_envoy_admin_v3_metrics_proto_rawDesc = nil
+	file_envoy_admin_v3_metrics_proto_goTypes = nil
+	file_envoy_admin_v3_metrics_proto_depIdxs = nil
+}
diff --git a/vendor/github.com/envoyproxy/go-control-plane/envoy/admin/v3/metrics.pb.validate.go b/vendor/github.com/envoyproxy/go-control-plane/envoy/admin/v3/metrics.pb.validate.go
new file mode 100644
index 00000000000..c712b18b161
--- /dev/null
+++ b/vendor/github.com/envoyproxy/go-control-plane/envoy/admin/v3/metrics.pb.validate.go
@@ -0,0 +1,140 @@
+// Code generated by protoc-gen-validate. DO NOT EDIT.
+// source: envoy/admin/v3/metrics.proto
+
+package envoy_admin_v3
+
+import (
+	"bytes"
+	"errors"
+	"fmt"
+	"net"
+	"net/mail"
+	"net/url"
+	"regexp"
+	"sort"
+	"strings"
+	"time"
+	"unicode/utf8"
+
+	"google.golang.org/protobuf/types/known/anypb"
+)
+
+// ensure the imports are used
+var (
+	_ = bytes.MinRead
+	_ = errors.New("")
+	_ = fmt.Print
+	_ = utf8.UTFMax
+	_ = (*regexp.Regexp)(nil)
+	_ = (*strings.Reader)(nil)
+	_ = net.IPv4len
+	_ = time.Duration(0)
+	_ = (*url.URL)(nil)
+	_ = (*mail.Address)(nil)
+	_ = anypb.Any{}
+	_ = sort.Sort
+)
+
+// Validate checks the field values on SimpleMetric with the rules defined in
+// the proto definition for this message. If any rules are violated, the first
+// error encountered is returned, or nil if there are no violations.
+func (m *SimpleMetric) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on SimpleMetric with the rules defined
+// in the proto definition for this message. If any rules are violated, the
+// result is a list of violation errors wrapped in SimpleMetricMultiError, or
+// nil if none found.
+func (m *SimpleMetric) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *SimpleMetric) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	// no validation rules for Type
+
+	// no validation rules for Value
+
+	// no validation rules for Name
+
+	if len(errors) > 0 {
+		return SimpleMetricMultiError(errors)
+	}
+	return nil
+}
+
+// SimpleMetricMultiError is an error wrapping multiple validation errors
+// returned by SimpleMetric.ValidateAll() if the designated constraints aren't met.
+type SimpleMetricMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m SimpleMetricMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m SimpleMetricMultiError) AllErrors() []error { return m }
+
+// SimpleMetricValidationError is the validation error returned by
+// SimpleMetric.Validate if the designated constraints aren't met.
+type SimpleMetricValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e SimpleMetricValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e SimpleMetricValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e SimpleMetricValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e SimpleMetricValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e SimpleMetricValidationError) ErrorName() string { return "SimpleMetricValidationError" }
+
+// Error satisfies the builtin error interface
+func (e SimpleMetricValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sSimpleMetric.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = SimpleMetricValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = SimpleMetricValidationError{}
diff --git a/vendor/github.com/envoyproxy/go-control-plane/envoy/admin/v3/mutex_stats.pb.go b/vendor/github.com/envoyproxy/go-control-plane/envoy/admin/v3/mutex_stats.pb.go
new file mode 100644
index 00000000000..d9af8a8479c
--- /dev/null
+++ b/vendor/github.com/envoyproxy/go-control-plane/envoy/admin/v3/mutex_stats.pb.go
@@ -0,0 +1,192 @@
+// Code generated by protoc-gen-go. DO NOT EDIT.
+// versions:
+// 	protoc-gen-go v1.25.0
+// 	protoc        v3.19.1
+// source: envoy/admin/v3/mutex_stats.proto
+
+package envoy_admin_v3
+
+import (
+	_ "github.com/cncf/xds/go/udpa/annotations"
+	proto "github.com/golang/protobuf/proto"
+	protoreflect "google.golang.org/protobuf/reflect/protoreflect"
+	protoimpl "google.golang.org/protobuf/runtime/protoimpl"
+	reflect "reflect"
+	sync "sync"
+)
+
+const (
+	// Verify that this generated code is sufficiently up-to-date.
+	_ = protoimpl.EnforceVersion(20 - protoimpl.MinVersion)
+	// Verify that runtime/protoimpl is sufficiently up-to-date.
+	_ = protoimpl.EnforceVersion(protoimpl.MaxVersion - 20)
+)
+
+// This is a compile-time assertion that a sufficiently up-to-date version
+// of the legacy proto package is being used.
+const _ = proto.ProtoPackageIsVersion4
+
+// Proto representation of the statistics collected upon absl::Mutex contention, if Envoy is run
+// under :option:`--enable-mutex-tracing`. For more information, see the `absl::Mutex`
+// [docs](https://abseil.io/about/design/mutex#extra-features).
+//
+// *NB*: The wait cycles below are measured by `absl::base_internal::CycleClock`, and may not
+// correspond to core clock frequency. For more information, see the `CycleClock`
+// [docs](https://github.com/abseil/abseil-cpp/blob/master/absl/base/internal/cycleclock.h).
+type MutexStats struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// The number of individual mutex contentions which have occurred since startup.
+	NumContentions uint64 `protobuf:"varint,1,opt,name=num_contentions,json=numContentions,proto3" json:"num_contentions,omitempty"`
+	// The length of the current contention wait cycle.
+	CurrentWaitCycles uint64 `protobuf:"varint,2,opt,name=current_wait_cycles,json=currentWaitCycles,proto3" json:"current_wait_cycles,omitempty"`
+	// The lifetime total of all contention wait cycles.
+	LifetimeWaitCycles uint64 `protobuf:"varint,3,opt,name=lifetime_wait_cycles,json=lifetimeWaitCycles,proto3" json:"lifetime_wait_cycles,omitempty"`
+}
+
+func (x *MutexStats) Reset() {
+	*x = MutexStats{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_admin_v3_mutex_stats_proto_msgTypes[0]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *MutexStats) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*MutexStats) ProtoMessage() {}
+
+func (x *MutexStats) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_admin_v3_mutex_stats_proto_msgTypes[0]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use MutexStats.ProtoReflect.Descriptor instead.
+func (*MutexStats) Descriptor() ([]byte, []int) {
+	return file_envoy_admin_v3_mutex_stats_proto_rawDescGZIP(), []int{0}
+}
+
+func (x *MutexStats) GetNumContentions() uint64 {
+	if x != nil {
+		return x.NumContentions
+	}
+	return 0
+}
+
+func (x *MutexStats) GetCurrentWaitCycles() uint64 {
+	if x != nil {
+		return x.CurrentWaitCycles
+	}
+	return 0
+}
+
+func (x *MutexStats) GetLifetimeWaitCycles() uint64 {
+	if x != nil {
+		return x.LifetimeWaitCycles
+	}
+	return 0
+}
+
+var File_envoy_admin_v3_mutex_stats_proto protoreflect.FileDescriptor
+
+var file_envoy_admin_v3_mutex_stats_proto_rawDesc = []byte{
+	0x0a, 0x20, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2f, 0x61, 0x64, 0x6d, 0x69, 0x6e, 0x2f, 0x76, 0x33,
+	0x2f, 0x6d, 0x75, 0x74, 0x65, 0x78, 0x5f, 0x73, 0x74, 0x61, 0x74, 0x73, 0x2e, 0x70, 0x72, 0x6f,
+	0x74, 0x6f, 0x12, 0x0e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61, 0x64, 0x6d, 0x69, 0x6e, 0x2e,
+	0x76, 0x33, 0x1a, 0x1d, 0x75, 0x64, 0x70, 0x61, 0x2f, 0x61, 0x6e, 0x6e, 0x6f, 0x74, 0x61, 0x74,
+	0x69, 0x6f, 0x6e, 0x73, 0x2f, 0x73, 0x74, 0x61, 0x74, 0x75, 0x73, 0x2e, 0x70, 0x72, 0x6f, 0x74,
+	0x6f, 0x1a, 0x21, 0x75, 0x64, 0x70, 0x61, 0x2f, 0x61, 0x6e, 0x6e, 0x6f, 0x74, 0x61, 0x74, 0x69,
+	0x6f, 0x6e, 0x73, 0x2f, 0x76, 0x65, 0x72, 0x73, 0x69, 0x6f, 0x6e, 0x69, 0x6e, 0x67, 0x2e, 0x70,
+	0x72, 0x6f, 0x74, 0x6f, 0x22, 0xbe, 0x01, 0x0a, 0x0a, 0x4d, 0x75, 0x74, 0x65, 0x78, 0x53, 0x74,
+	0x61, 0x74, 0x73, 0x12, 0x27, 0x0a, 0x0f, 0x6e, 0x75, 0x6d, 0x5f, 0x63, 0x6f, 0x6e, 0x74, 0x65,
+	0x6e, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x18, 0x01, 0x20, 0x01, 0x28, 0x04, 0x52, 0x0e, 0x6e, 0x75,
+	0x6d, 0x43, 0x6f, 0x6e, 0x74, 0x65, 0x6e, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x12, 0x2e, 0x0a, 0x13,
+	0x63, 0x75, 0x72, 0x72, 0x65, 0x6e, 0x74, 0x5f, 0x77, 0x61, 0x69, 0x74, 0x5f, 0x63, 0x79, 0x63,
+	0x6c, 0x65, 0x73, 0x18, 0x02, 0x20, 0x01, 0x28, 0x04, 0x52, 0x11, 0x63, 0x75, 0x72, 0x72, 0x65,
+	0x6e, 0x74, 0x57, 0x61, 0x69, 0x74, 0x43, 0x79, 0x63, 0x6c, 0x65, 0x73, 0x12, 0x30, 0x0a, 0x14,
+	0x6c, 0x69, 0x66, 0x65, 0x74, 0x69, 0x6d, 0x65, 0x5f, 0x77, 0x61, 0x69, 0x74, 0x5f, 0x63, 0x79,
+	0x63, 0x6c, 0x65, 0x73, 0x18, 0x03, 0x20, 0x01, 0x28, 0x04, 0x52, 0x12, 0x6c, 0x69, 0x66, 0x65,
+	0x74, 0x69, 0x6d, 0x65, 0x57, 0x61, 0x69, 0x74, 0x43, 0x79, 0x63, 0x6c, 0x65, 0x73, 0x3a, 0x25,
+	0x9a, 0xc5, 0x88, 0x1e, 0x20, 0x0a, 0x1e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61, 0x64, 0x6d,
+	0x69, 0x6e, 0x2e, 0x76, 0x32, 0x61, 0x6c, 0x70, 0x68, 0x61, 0x2e, 0x4d, 0x75, 0x74, 0x65, 0x78,
+	0x53, 0x74, 0x61, 0x74, 0x73, 0x42, 0x39, 0x0a, 0x1c, 0x69, 0x6f, 0x2e, 0x65, 0x6e, 0x76, 0x6f,
+	0x79, 0x70, 0x72, 0x6f, 0x78, 0x79, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61, 0x64, 0x6d,
+	0x69, 0x6e, 0x2e, 0x76, 0x33, 0x42, 0x0f, 0x4d, 0x75, 0x74, 0x65, 0x78, 0x53, 0x74, 0x61, 0x74,
+	0x73, 0x50, 0x72, 0x6f, 0x74, 0x6f, 0x50, 0x01, 0xba, 0x80, 0xc8, 0xd1, 0x06, 0x02, 0x10, 0x02,
+	0x62, 0x06, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x33,
+}
+
+var (
+	file_envoy_admin_v3_mutex_stats_proto_rawDescOnce sync.Once
+	file_envoy_admin_v3_mutex_stats_proto_rawDescData = file_envoy_admin_v3_mutex_stats_proto_rawDesc
+)
+
+func file_envoy_admin_v3_mutex_stats_proto_rawDescGZIP() []byte {
+	file_envoy_admin_v3_mutex_stats_proto_rawDescOnce.Do(func() {
+		file_envoy_admin_v3_mutex_stats_proto_rawDescData = protoimpl.X.CompressGZIP(file_envoy_admin_v3_mutex_stats_proto_rawDescData)
+	})
+	return file_envoy_admin_v3_mutex_stats_proto_rawDescData
+}
+
+var file_envoy_admin_v3_mutex_stats_proto_msgTypes = make([]protoimpl.MessageInfo, 1)
+var file_envoy_admin_v3_mutex_stats_proto_goTypes = []interface{}{
+	(*MutexStats)(nil), // 0: envoy.admin.v3.MutexStats
+}
+var file_envoy_admin_v3_mutex_stats_proto_depIdxs = []int32{
+	0, // [0:0] is the sub-list for method output_type
+	0, // [0:0] is the sub-list for method input_type
+	0, // [0:0] is the sub-list for extension type_name
+	0, // [0:0] is the sub-list for extension extendee
+	0, // [0:0] is the sub-list for field type_name
+}
+
+func init() { file_envoy_admin_v3_mutex_stats_proto_init() }
+func file_envoy_admin_v3_mutex_stats_proto_init() {
+	if File_envoy_admin_v3_mutex_stats_proto != nil {
+		return
+	}
+	if !protoimpl.UnsafeEnabled {
+		file_envoy_admin_v3_mutex_stats_proto_msgTypes[0].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*MutexStats); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+	}
+	type x struct{}
+	out := protoimpl.TypeBuilder{
+		File: protoimpl.DescBuilder{
+			GoPackagePath: reflect.TypeOf(x{}).PkgPath(),
+			RawDescriptor: file_envoy_admin_v3_mutex_stats_proto_rawDesc,
+			NumEnums:      0,
+			NumMessages:   1,
+			NumExtensions: 0,
+			NumServices:   0,
+		},
+		GoTypes:           file_envoy_admin_v3_mutex_stats_proto_goTypes,
+		DependencyIndexes: file_envoy_admin_v3_mutex_stats_proto_depIdxs,
+		MessageInfos:      file_envoy_admin_v3_mutex_stats_proto_msgTypes,
+	}.Build()
+	File_envoy_admin_v3_mutex_stats_proto = out.File
+	file_envoy_admin_v3_mutex_stats_proto_rawDesc = nil
+	file_envoy_admin_v3_mutex_stats_proto_goTypes = nil
+	file_envoy_admin_v3_mutex_stats_proto_depIdxs = nil
+}
diff --git a/vendor/github.com/envoyproxy/go-control-plane/envoy/admin/v3/mutex_stats.pb.validate.go b/vendor/github.com/envoyproxy/go-control-plane/envoy/admin/v3/mutex_stats.pb.validate.go
new file mode 100644
index 00000000000..c99278a968a
--- /dev/null
+++ b/vendor/github.com/envoyproxy/go-control-plane/envoy/admin/v3/mutex_stats.pb.validate.go
@@ -0,0 +1,140 @@
+// Code generated by protoc-gen-validate. DO NOT EDIT.
+// source: envoy/admin/v3/mutex_stats.proto
+
+package envoy_admin_v3
+
+import (
+	"bytes"
+	"errors"
+	"fmt"
+	"net"
+	"net/mail"
+	"net/url"
+	"regexp"
+	"sort"
+	"strings"
+	"time"
+	"unicode/utf8"
+
+	"google.golang.org/protobuf/types/known/anypb"
+)
+
+// ensure the imports are used
+var (
+	_ = bytes.MinRead
+	_ = errors.New("")
+	_ = fmt.Print
+	_ = utf8.UTFMax
+	_ = (*regexp.Regexp)(nil)
+	_ = (*strings.Reader)(nil)
+	_ = net.IPv4len
+	_ = time.Duration(0)
+	_ = (*url.URL)(nil)
+	_ = (*mail.Address)(nil)
+	_ = anypb.Any{}
+	_ = sort.Sort
+)
+
+// Validate checks the field values on MutexStats with the rules defined in the
+// proto definition for this message. If any rules are violated, the first
+// error encountered is returned, or nil if there are no violations.
+func (m *MutexStats) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on MutexStats with the rules defined in
+// the proto definition for this message. If any rules are violated, the
+// result is a list of violation errors wrapped in MutexStatsMultiError, or
+// nil if none found.
+func (m *MutexStats) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *MutexStats) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	// no validation rules for NumContentions
+
+	// no validation rules for CurrentWaitCycles
+
+	// no validation rules for LifetimeWaitCycles
+
+	if len(errors) > 0 {
+		return MutexStatsMultiError(errors)
+	}
+	return nil
+}
+
+// MutexStatsMultiError is an error wrapping multiple validation errors
+// returned by MutexStats.ValidateAll() if the designated constraints aren't met.
+type MutexStatsMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m MutexStatsMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m MutexStatsMultiError) AllErrors() []error { return m }
+
+// MutexStatsValidationError is the validation error returned by
+// MutexStats.Validate if the designated constraints aren't met.
+type MutexStatsValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e MutexStatsValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e MutexStatsValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e MutexStatsValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e MutexStatsValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e MutexStatsValidationError) ErrorName() string { return "MutexStatsValidationError" }
+
+// Error satisfies the builtin error interface
+func (e MutexStatsValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sMutexStats.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = MutexStatsValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = MutexStatsValidationError{}
diff --git a/vendor/github.com/envoyproxy/go-control-plane/envoy/admin/v3/server_info.pb.go b/vendor/github.com/envoyproxy/go-control-plane/envoy/admin/v3/server_info.pb.go
new file mode 100644
index 00000000000..ea1043a3bfd
--- /dev/null
+++ b/vendor/github.com/envoyproxy/go-control-plane/envoy/admin/v3/server_info.pb.go
@@ -0,0 +1,950 @@
+// Code generated by protoc-gen-go. DO NOT EDIT.
+// versions:
+// 	protoc-gen-go v1.25.0
+// 	protoc        v3.19.1
+// source: envoy/admin/v3/server_info.proto
+
+package envoy_admin_v3
+
+import (
+	_ "github.com/cncf/xds/go/udpa/annotations"
+	v3 "github.com/envoyproxy/go-control-plane/envoy/config/core/v3"
+	proto "github.com/golang/protobuf/proto"
+	duration "github.com/golang/protobuf/ptypes/duration"
+	protoreflect "google.golang.org/protobuf/reflect/protoreflect"
+	protoimpl "google.golang.org/protobuf/runtime/protoimpl"
+	reflect "reflect"
+	sync "sync"
+)
+
+const (
+	// Verify that this generated code is sufficiently up-to-date.
+	_ = protoimpl.EnforceVersion(20 - protoimpl.MinVersion)
+	// Verify that runtime/protoimpl is sufficiently up-to-date.
+	_ = protoimpl.EnforceVersion(protoimpl.MaxVersion - 20)
+)
+
+// This is a compile-time assertion that a sufficiently up-to-date version
+// of the legacy proto package is being used.
+const _ = proto.ProtoPackageIsVersion4
+
+type ServerInfo_State int32
+
+const (
+	// Server is live and serving traffic.
+	ServerInfo_LIVE ServerInfo_State = 0
+	// Server is draining listeners in response to external health checks failing.
+	ServerInfo_DRAINING ServerInfo_State = 1
+	// Server has not yet completed cluster manager initialization.
+	ServerInfo_PRE_INITIALIZING ServerInfo_State = 2
+	// Server is running the cluster manager initialization callbacks (e.g., RDS).
+	ServerInfo_INITIALIZING ServerInfo_State = 3
+)
+
+// Enum value maps for ServerInfo_State.
+var (
+	ServerInfo_State_name = map[int32]string{
+		0: "LIVE",
+		1: "DRAINING",
+		2: "PRE_INITIALIZING",
+		3: "INITIALIZING",
+	}
+	ServerInfo_State_value = map[string]int32{
+		"LIVE":             0,
+		"DRAINING":         1,
+		"PRE_INITIALIZING": 2,
+		"INITIALIZING":     3,
+	}
+)
+
+func (x ServerInfo_State) Enum() *ServerInfo_State {
+	p := new(ServerInfo_State)
+	*p = x
+	return p
+}
+
+func (x ServerInfo_State) String() string {
+	return protoimpl.X.EnumStringOf(x.Descriptor(), protoreflect.EnumNumber(x))
+}
+
+func (ServerInfo_State) Descriptor() protoreflect.EnumDescriptor {
+	return file_envoy_admin_v3_server_info_proto_enumTypes[0].Descriptor()
+}
+
+func (ServerInfo_State) Type() protoreflect.EnumType {
+	return &file_envoy_admin_v3_server_info_proto_enumTypes[0]
+}
+
+func (x ServerInfo_State) Number() protoreflect.EnumNumber {
+	return protoreflect.EnumNumber(x)
+}
+
+// Deprecated: Use ServerInfo_State.Descriptor instead.
+func (ServerInfo_State) EnumDescriptor() ([]byte, []int) {
+	return file_envoy_admin_v3_server_info_proto_rawDescGZIP(), []int{0, 0}
+}
+
+type CommandLineOptions_IpVersion int32
+
+const (
+	CommandLineOptions_v4 CommandLineOptions_IpVersion = 0
+	CommandLineOptions_v6 CommandLineOptions_IpVersion = 1
+)
+
+// Enum value maps for CommandLineOptions_IpVersion.
+var (
+	CommandLineOptions_IpVersion_name = map[int32]string{
+		0: "v4",
+		1: "v6",
+	}
+	CommandLineOptions_IpVersion_value = map[string]int32{
+		"v4": 0,
+		"v6": 1,
+	}
+)
+
+func (x CommandLineOptions_IpVersion) Enum() *CommandLineOptions_IpVersion {
+	p := new(CommandLineOptions_IpVersion)
+	*p = x
+	return p
+}
+
+func (x CommandLineOptions_IpVersion) String() string {
+	return protoimpl.X.EnumStringOf(x.Descriptor(), protoreflect.EnumNumber(x))
+}
+
+func (CommandLineOptions_IpVersion) Descriptor() protoreflect.EnumDescriptor {
+	return file_envoy_admin_v3_server_info_proto_enumTypes[1].Descriptor()
+}
+
+func (CommandLineOptions_IpVersion) Type() protoreflect.EnumType {
+	return &file_envoy_admin_v3_server_info_proto_enumTypes[1]
+}
+
+func (x CommandLineOptions_IpVersion) Number() protoreflect.EnumNumber {
+	return protoreflect.EnumNumber(x)
+}
+
+// Deprecated: Use CommandLineOptions_IpVersion.Descriptor instead.
+func (CommandLineOptions_IpVersion) EnumDescriptor() ([]byte, []int) {
+	return file_envoy_admin_v3_server_info_proto_rawDescGZIP(), []int{1, 0}
+}
+
+type CommandLineOptions_Mode int32
+
+const (
+	// Validate configs and then serve traffic normally.
+	CommandLineOptions_Serve CommandLineOptions_Mode = 0
+	// Validate configs and exit.
+	CommandLineOptions_Validate CommandLineOptions_Mode = 1
+	// Completely load and initialize the config, and then exit without running the listener loop.
+	CommandLineOptions_InitOnly CommandLineOptions_Mode = 2
+)
+
+// Enum value maps for CommandLineOptions_Mode.
+var (
+	CommandLineOptions_Mode_name = map[int32]string{
+		0: "Serve",
+		1: "Validate",
+		2: "InitOnly",
+	}
+	CommandLineOptions_Mode_value = map[string]int32{
+		"Serve":    0,
+		"Validate": 1,
+		"InitOnly": 2,
+	}
+)
+
+func (x CommandLineOptions_Mode) Enum() *CommandLineOptions_Mode {
+	p := new(CommandLineOptions_Mode)
+	*p = x
+	return p
+}
+
+func (x CommandLineOptions_Mode) String() string {
+	return protoimpl.X.EnumStringOf(x.Descriptor(), protoreflect.EnumNumber(x))
+}
+
+func (CommandLineOptions_Mode) Descriptor() protoreflect.EnumDescriptor {
+	return file_envoy_admin_v3_server_info_proto_enumTypes[2].Descriptor()
+}
+
+func (CommandLineOptions_Mode) Type() protoreflect.EnumType {
+	return &file_envoy_admin_v3_server_info_proto_enumTypes[2]
+}
+
+func (x CommandLineOptions_Mode) Number() protoreflect.EnumNumber {
+	return protoreflect.EnumNumber(x)
+}
+
+// Deprecated: Use CommandLineOptions_Mode.Descriptor instead.
+func (CommandLineOptions_Mode) EnumDescriptor() ([]byte, []int) {
+	return file_envoy_admin_v3_server_info_proto_rawDescGZIP(), []int{1, 1}
+}
+
+type CommandLineOptions_DrainStrategy int32
+
+const (
+	// Gradually discourage connections over the course of the drain period.
+	CommandLineOptions_Gradual CommandLineOptions_DrainStrategy = 0
+	// Discourage all connections for the duration of the drain sequence.
+	CommandLineOptions_Immediate CommandLineOptions_DrainStrategy = 1
+)
+
+// Enum value maps for CommandLineOptions_DrainStrategy.
+var (
+	CommandLineOptions_DrainStrategy_name = map[int32]string{
+		0: "Gradual",
+		1: "Immediate",
+	}
+	CommandLineOptions_DrainStrategy_value = map[string]int32{
+		"Gradual":   0,
+		"Immediate": 1,
+	}
+)
+
+func (x CommandLineOptions_DrainStrategy) Enum() *CommandLineOptions_DrainStrategy {
+	p := new(CommandLineOptions_DrainStrategy)
+	*p = x
+	return p
+}
+
+func (x CommandLineOptions_DrainStrategy) String() string {
+	return protoimpl.X.EnumStringOf(x.Descriptor(), protoreflect.EnumNumber(x))
+}
+
+func (CommandLineOptions_DrainStrategy) Descriptor() protoreflect.EnumDescriptor {
+	return file_envoy_admin_v3_server_info_proto_enumTypes[3].Descriptor()
+}
+
+func (CommandLineOptions_DrainStrategy) Type() protoreflect.EnumType {
+	return &file_envoy_admin_v3_server_info_proto_enumTypes[3]
+}
+
+func (x CommandLineOptions_DrainStrategy) Number() protoreflect.EnumNumber {
+	return protoreflect.EnumNumber(x)
+}
+
+// Deprecated: Use CommandLineOptions_DrainStrategy.Descriptor instead.
+func (CommandLineOptions_DrainStrategy) EnumDescriptor() ([]byte, []int) {
+	return file_envoy_admin_v3_server_info_proto_rawDescGZIP(), []int{1, 2}
+}
+
+// Proto representation of the value returned by /server_info, containing
+// server version/server status information.
+// [#next-free-field: 8]
+type ServerInfo struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// Server version.
+	Version string `protobuf:"bytes,1,opt,name=version,proto3" json:"version,omitempty"`
+	// State of the server.
+	State ServerInfo_State `protobuf:"varint,2,opt,name=state,proto3,enum=envoy.admin.v3.ServerInfo_State" json:"state,omitempty"`
+	// Uptime since current epoch was started.
+	UptimeCurrentEpoch *duration.Duration `protobuf:"bytes,3,opt,name=uptime_current_epoch,json=uptimeCurrentEpoch,proto3" json:"uptime_current_epoch,omitempty"`
+	// Uptime since the start of the first epoch.
+	UptimeAllEpochs *duration.Duration `protobuf:"bytes,4,opt,name=uptime_all_epochs,json=uptimeAllEpochs,proto3" json:"uptime_all_epochs,omitempty"`
+	// Hot restart version.
+	HotRestartVersion string `protobuf:"bytes,5,opt,name=hot_restart_version,json=hotRestartVersion,proto3" json:"hot_restart_version,omitempty"`
+	// Command line options the server is currently running with.
+	CommandLineOptions *CommandLineOptions `protobuf:"bytes,6,opt,name=command_line_options,json=commandLineOptions,proto3" json:"command_line_options,omitempty"`
+	// Populated node identity of this server.
+	Node *v3.Node `protobuf:"bytes,7,opt,name=node,proto3" json:"node,omitempty"`
+}
+
+func (x *ServerInfo) Reset() {
+	*x = ServerInfo{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_admin_v3_server_info_proto_msgTypes[0]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *ServerInfo) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*ServerInfo) ProtoMessage() {}
+
+func (x *ServerInfo) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_admin_v3_server_info_proto_msgTypes[0]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use ServerInfo.ProtoReflect.Descriptor instead.
+func (*ServerInfo) Descriptor() ([]byte, []int) {
+	return file_envoy_admin_v3_server_info_proto_rawDescGZIP(), []int{0}
+}
+
+func (x *ServerInfo) GetVersion() string {
+	if x != nil {
+		return x.Version
+	}
+	return ""
+}
+
+func (x *ServerInfo) GetState() ServerInfo_State {
+	if x != nil {
+		return x.State
+	}
+	return ServerInfo_LIVE
+}
+
+func (x *ServerInfo) GetUptimeCurrentEpoch() *duration.Duration {
+	if x != nil {
+		return x.UptimeCurrentEpoch
+	}
+	return nil
+}
+
+func (x *ServerInfo) GetUptimeAllEpochs() *duration.Duration {
+	if x != nil {
+		return x.UptimeAllEpochs
+	}
+	return nil
+}
+
+func (x *ServerInfo) GetHotRestartVersion() string {
+	if x != nil {
+		return x.HotRestartVersion
+	}
+	return ""
+}
+
+func (x *ServerInfo) GetCommandLineOptions() *CommandLineOptions {
+	if x != nil {
+		return x.CommandLineOptions
+	}
+	return nil
+}
+
+func (x *ServerInfo) GetNode() *v3.Node {
+	if x != nil {
+		return x.Node
+	}
+	return nil
+}
+
+// [#next-free-field: 39]
+type CommandLineOptions struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// See :option:`--base-id` for details.
+	BaseId uint64 `protobuf:"varint,1,opt,name=base_id,json=baseId,proto3" json:"base_id,omitempty"`
+	// See :option:`--use-dynamic-base-id` for details.
+	UseDynamicBaseId bool `protobuf:"varint,31,opt,name=use_dynamic_base_id,json=useDynamicBaseId,proto3" json:"use_dynamic_base_id,omitempty"`
+	// See :option:`--base-id-path` for details.
+	BaseIdPath string `protobuf:"bytes,32,opt,name=base_id_path,json=baseIdPath,proto3" json:"base_id_path,omitempty"`
+	// See :option:`--concurrency` for details.
+	Concurrency uint32 `protobuf:"varint,2,opt,name=concurrency,proto3" json:"concurrency,omitempty"`
+	// See :option:`--config-path` for details.
+	ConfigPath string `protobuf:"bytes,3,opt,name=config_path,json=configPath,proto3" json:"config_path,omitempty"`
+	// See :option:`--config-yaml` for details.
+	ConfigYaml string `protobuf:"bytes,4,opt,name=config_yaml,json=configYaml,proto3" json:"config_yaml,omitempty"`
+	// See :option:`--allow-unknown-static-fields` for details.
+	AllowUnknownStaticFields bool `protobuf:"varint,5,opt,name=allow_unknown_static_fields,json=allowUnknownStaticFields,proto3" json:"allow_unknown_static_fields,omitempty"`
+	// See :option:`--reject-unknown-dynamic-fields` for details.
+	RejectUnknownDynamicFields bool `protobuf:"varint,26,opt,name=reject_unknown_dynamic_fields,json=rejectUnknownDynamicFields,proto3" json:"reject_unknown_dynamic_fields,omitempty"`
+	// See :option:`--ignore-unknown-dynamic-fields` for details.
+	IgnoreUnknownDynamicFields bool `protobuf:"varint,30,opt,name=ignore_unknown_dynamic_fields,json=ignoreUnknownDynamicFields,proto3" json:"ignore_unknown_dynamic_fields,omitempty"`
+	// See :option:`--admin-address-path` for details.
+	AdminAddressPath string `protobuf:"bytes,6,opt,name=admin_address_path,json=adminAddressPath,proto3" json:"admin_address_path,omitempty"`
+	// See :option:`--local-address-ip-version` for details.
+	LocalAddressIpVersion CommandLineOptions_IpVersion `protobuf:"varint,7,opt,name=local_address_ip_version,json=localAddressIpVersion,proto3,enum=envoy.admin.v3.CommandLineOptions_IpVersion" json:"local_address_ip_version,omitempty"`
+	// See :option:`--log-level` for details.
+	LogLevel string `protobuf:"bytes,8,opt,name=log_level,json=logLevel,proto3" json:"log_level,omitempty"`
+	// See :option:`--component-log-level` for details.
+	ComponentLogLevel string `protobuf:"bytes,9,opt,name=component_log_level,json=componentLogLevel,proto3" json:"component_log_level,omitempty"`
+	// See :option:`--log-format` for details.
+	LogFormat string `protobuf:"bytes,10,opt,name=log_format,json=logFormat,proto3" json:"log_format,omitempty"`
+	// See :option:`--log-format-escaped` for details.
+	LogFormatEscaped bool `protobuf:"varint,27,opt,name=log_format_escaped,json=logFormatEscaped,proto3" json:"log_format_escaped,omitempty"`
+	// See :option:`--log-path` for details.
+	LogPath string `protobuf:"bytes,11,opt,name=log_path,json=logPath,proto3" json:"log_path,omitempty"`
+	// See :option:`--service-cluster` for details.
+	ServiceCluster string `protobuf:"bytes,13,opt,name=service_cluster,json=serviceCluster,proto3" json:"service_cluster,omitempty"`
+	// See :option:`--service-node` for details.
+	ServiceNode string `protobuf:"bytes,14,opt,name=service_node,json=serviceNode,proto3" json:"service_node,omitempty"`
+	// See :option:`--service-zone` for details.
+	ServiceZone string `protobuf:"bytes,15,opt,name=service_zone,json=serviceZone,proto3" json:"service_zone,omitempty"`
+	// See :option:`--file-flush-interval-msec` for details.
+	FileFlushInterval *duration.Duration `protobuf:"bytes,16,opt,name=file_flush_interval,json=fileFlushInterval,proto3" json:"file_flush_interval,omitempty"`
+	// See :option:`--drain-time-s` for details.
+	DrainTime *duration.Duration `protobuf:"bytes,17,opt,name=drain_time,json=drainTime,proto3" json:"drain_time,omitempty"`
+	// See :option:`--drain-strategy` for details.
+	DrainStrategy CommandLineOptions_DrainStrategy `protobuf:"varint,33,opt,name=drain_strategy,json=drainStrategy,proto3,enum=envoy.admin.v3.CommandLineOptions_DrainStrategy" json:"drain_strategy,omitempty"`
+	// See :option:`--parent-shutdown-time-s` for details.
+	ParentShutdownTime *duration.Duration `protobuf:"bytes,18,opt,name=parent_shutdown_time,json=parentShutdownTime,proto3" json:"parent_shutdown_time,omitempty"`
+	// See :option:`--mode` for details.
+	Mode CommandLineOptions_Mode `protobuf:"varint,19,opt,name=mode,proto3,enum=envoy.admin.v3.CommandLineOptions_Mode" json:"mode,omitempty"`
+	// See :option:`--disable-hot-restart` for details.
+	DisableHotRestart bool `protobuf:"varint,22,opt,name=disable_hot_restart,json=disableHotRestart,proto3" json:"disable_hot_restart,omitempty"`
+	// See :option:`--enable-mutex-tracing` for details.
+	EnableMutexTracing bool `protobuf:"varint,23,opt,name=enable_mutex_tracing,json=enableMutexTracing,proto3" json:"enable_mutex_tracing,omitempty"`
+	// See :option:`--restart-epoch` for details.
+	RestartEpoch uint32 `protobuf:"varint,24,opt,name=restart_epoch,json=restartEpoch,proto3" json:"restart_epoch,omitempty"`
+	// See :option:`--cpuset-threads` for details.
+	CpusetThreads bool `protobuf:"varint,25,opt,name=cpuset_threads,json=cpusetThreads,proto3" json:"cpuset_threads,omitempty"`
+	// See :option:`--disable-extensions` for details.
+	DisabledExtensions []string `protobuf:"bytes,28,rep,name=disabled_extensions,json=disabledExtensions,proto3" json:"disabled_extensions,omitempty"`
+	// See :option:`--enable-fine-grain-logging` for details.
+	EnableFineGrainLogging bool `protobuf:"varint,34,opt,name=enable_fine_grain_logging,json=enableFineGrainLogging,proto3" json:"enable_fine_grain_logging,omitempty"`
+	// See :option:`--socket-path` for details.
+	SocketPath string `protobuf:"bytes,35,opt,name=socket_path,json=socketPath,proto3" json:"socket_path,omitempty"`
+	// See :option:`--socket-mode` for details.
+	SocketMode uint32 `protobuf:"varint,36,opt,name=socket_mode,json=socketMode,proto3" json:"socket_mode,omitempty"`
+	// See :option:`--enable-core-dump` for details.
+	EnableCoreDump bool `protobuf:"varint,37,opt,name=enable_core_dump,json=enableCoreDump,proto3" json:"enable_core_dump,omitempty"`
+	// See :option:`--stats-tag` for details.
+	StatsTag []string `protobuf:"bytes,38,rep,name=stats_tag,json=statsTag,proto3" json:"stats_tag,omitempty"`
+}
+
+func (x *CommandLineOptions) Reset() {
+	*x = CommandLineOptions{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_admin_v3_server_info_proto_msgTypes[1]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *CommandLineOptions) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*CommandLineOptions) ProtoMessage() {}
+
+func (x *CommandLineOptions) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_admin_v3_server_info_proto_msgTypes[1]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use CommandLineOptions.ProtoReflect.Descriptor instead.
+func (*CommandLineOptions) Descriptor() ([]byte, []int) {
+	return file_envoy_admin_v3_server_info_proto_rawDescGZIP(), []int{1}
+}
+
+func (x *CommandLineOptions) GetBaseId() uint64 {
+	if x != nil {
+		return x.BaseId
+	}
+	return 0
+}
+
+func (x *CommandLineOptions) GetUseDynamicBaseId() bool {
+	if x != nil {
+		return x.UseDynamicBaseId
+	}
+	return false
+}
+
+func (x *CommandLineOptions) GetBaseIdPath() string {
+	if x != nil {
+		return x.BaseIdPath
+	}
+	return ""
+}
+
+func (x *CommandLineOptions) GetConcurrency() uint32 {
+	if x != nil {
+		return x.Concurrency
+	}
+	return 0
+}
+
+func (x *CommandLineOptions) GetConfigPath() string {
+	if x != nil {
+		return x.ConfigPath
+	}
+	return ""
+}
+
+func (x *CommandLineOptions) GetConfigYaml() string {
+	if x != nil {
+		return x.ConfigYaml
+	}
+	return ""
+}
+
+func (x *CommandLineOptions) GetAllowUnknownStaticFields() bool {
+	if x != nil {
+		return x.AllowUnknownStaticFields
+	}
+	return false
+}
+
+func (x *CommandLineOptions) GetRejectUnknownDynamicFields() bool {
+	if x != nil {
+		return x.RejectUnknownDynamicFields
+	}
+	return false
+}
+
+func (x *CommandLineOptions) GetIgnoreUnknownDynamicFields() bool {
+	if x != nil {
+		return x.IgnoreUnknownDynamicFields
+	}
+	return false
+}
+
+func (x *CommandLineOptions) GetAdminAddressPath() string {
+	if x != nil {
+		return x.AdminAddressPath
+	}
+	return ""
+}
+
+func (x *CommandLineOptions) GetLocalAddressIpVersion() CommandLineOptions_IpVersion {
+	if x != nil {
+		return x.LocalAddressIpVersion
+	}
+	return CommandLineOptions_v4
+}
+
+func (x *CommandLineOptions) GetLogLevel() string {
+	if x != nil {
+		return x.LogLevel
+	}
+	return ""
+}
+
+func (x *CommandLineOptions) GetComponentLogLevel() string {
+	if x != nil {
+		return x.ComponentLogLevel
+	}
+	return ""
+}
+
+func (x *CommandLineOptions) GetLogFormat() string {
+	if x != nil {
+		return x.LogFormat
+	}
+	return ""
+}
+
+func (x *CommandLineOptions) GetLogFormatEscaped() bool {
+	if x != nil {
+		return x.LogFormatEscaped
+	}
+	return false
+}
+
+func (x *CommandLineOptions) GetLogPath() string {
+	if x != nil {
+		return x.LogPath
+	}
+	return ""
+}
+
+func (x *CommandLineOptions) GetServiceCluster() string {
+	if x != nil {
+		return x.ServiceCluster
+	}
+	return ""
+}
+
+func (x *CommandLineOptions) GetServiceNode() string {
+	if x != nil {
+		return x.ServiceNode
+	}
+	return ""
+}
+
+func (x *CommandLineOptions) GetServiceZone() string {
+	if x != nil {
+		return x.ServiceZone
+	}
+	return ""
+}
+
+func (x *CommandLineOptions) GetFileFlushInterval() *duration.Duration {
+	if x != nil {
+		return x.FileFlushInterval
+	}
+	return nil
+}
+
+func (x *CommandLineOptions) GetDrainTime() *duration.Duration {
+	if x != nil {
+		return x.DrainTime
+	}
+	return nil
+}
+
+func (x *CommandLineOptions) GetDrainStrategy() CommandLineOptions_DrainStrategy {
+	if x != nil {
+		return x.DrainStrategy
+	}
+	return CommandLineOptions_Gradual
+}
+
+func (x *CommandLineOptions) GetParentShutdownTime() *duration.Duration {
+	if x != nil {
+		return x.ParentShutdownTime
+	}
+	return nil
+}
+
+func (x *CommandLineOptions) GetMode() CommandLineOptions_Mode {
+	if x != nil {
+		return x.Mode
+	}
+	return CommandLineOptions_Serve
+}
+
+func (x *CommandLineOptions) GetDisableHotRestart() bool {
+	if x != nil {
+		return x.DisableHotRestart
+	}
+	return false
+}
+
+func (x *CommandLineOptions) GetEnableMutexTracing() bool {
+	if x != nil {
+		return x.EnableMutexTracing
+	}
+	return false
+}
+
+func (x *CommandLineOptions) GetRestartEpoch() uint32 {
+	if x != nil {
+		return x.RestartEpoch
+	}
+	return 0
+}
+
+func (x *CommandLineOptions) GetCpusetThreads() bool {
+	if x != nil {
+		return x.CpusetThreads
+	}
+	return false
+}
+
+func (x *CommandLineOptions) GetDisabledExtensions() []string {
+	if x != nil {
+		return x.DisabledExtensions
+	}
+	return nil
+}
+
+func (x *CommandLineOptions) GetEnableFineGrainLogging() bool {
+	if x != nil {
+		return x.EnableFineGrainLogging
+	}
+	return false
+}
+
+func (x *CommandLineOptions) GetSocketPath() string {
+	if x != nil {
+		return x.SocketPath
+	}
+	return ""
+}
+
+func (x *CommandLineOptions) GetSocketMode() uint32 {
+	if x != nil {
+		return x.SocketMode
+	}
+	return 0
+}
+
+func (x *CommandLineOptions) GetEnableCoreDump() bool {
+	if x != nil {
+		return x.EnableCoreDump
+	}
+	return false
+}
+
+func (x *CommandLineOptions) GetStatsTag() []string {
+	if x != nil {
+		return x.StatsTag
+	}
+	return nil
+}
+
+var File_envoy_admin_v3_server_info_proto protoreflect.FileDescriptor
+
+var file_envoy_admin_v3_server_info_proto_rawDesc = []byte{
+	0x0a, 0x20, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2f, 0x61, 0x64, 0x6d, 0x69, 0x6e, 0x2f, 0x76, 0x33,
+	0x2f, 0x73, 0x65, 0x72, 0x76, 0x65, 0x72, 0x5f, 0x69, 0x6e, 0x66, 0x6f, 0x2e, 0x70, 0x72, 0x6f,
+	0x74, 0x6f, 0x12, 0x0e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61, 0x64, 0x6d, 0x69, 0x6e, 0x2e,
+	0x76, 0x33, 0x1a, 0x1f, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2f, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67,
+	0x2f, 0x63, 0x6f, 0x72, 0x65, 0x2f, 0x76, 0x33, 0x2f, 0x62, 0x61, 0x73, 0x65, 0x2e, 0x70, 0x72,
+	0x6f, 0x74, 0x6f, 0x1a, 0x1e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2f, 0x70, 0x72, 0x6f, 0x74,
+	0x6f, 0x62, 0x75, 0x66, 0x2f, 0x64, 0x75, 0x72, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x2e, 0x70, 0x72,
+	0x6f, 0x74, 0x6f, 0x1a, 0x1d, 0x75, 0x64, 0x70, 0x61, 0x2f, 0x61, 0x6e, 0x6e, 0x6f, 0x74, 0x61,
+	0x74, 0x69, 0x6f, 0x6e, 0x73, 0x2f, 0x73, 0x74, 0x61, 0x74, 0x75, 0x73, 0x2e, 0x70, 0x72, 0x6f,
+	0x74, 0x6f, 0x1a, 0x21, 0x75, 0x64, 0x70, 0x61, 0x2f, 0x61, 0x6e, 0x6e, 0x6f, 0x74, 0x61, 0x74,
+	0x69, 0x6f, 0x6e, 0x73, 0x2f, 0x76, 0x65, 0x72, 0x73, 0x69, 0x6f, 0x6e, 0x69, 0x6e, 0x67, 0x2e,
+	0x70, 0x72, 0x6f, 0x74, 0x6f, 0x22, 0x98, 0x04, 0x0a, 0x0a, 0x53, 0x65, 0x72, 0x76, 0x65, 0x72,
+	0x49, 0x6e, 0x66, 0x6f, 0x12, 0x18, 0x0a, 0x07, 0x76, 0x65, 0x72, 0x73, 0x69, 0x6f, 0x6e, 0x18,
+	0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x07, 0x76, 0x65, 0x72, 0x73, 0x69, 0x6f, 0x6e, 0x12, 0x36,
+	0x0a, 0x05, 0x73, 0x74, 0x61, 0x74, 0x65, 0x18, 0x02, 0x20, 0x01, 0x28, 0x0e, 0x32, 0x20, 0x2e,
+	0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61, 0x64, 0x6d, 0x69, 0x6e, 0x2e, 0x76, 0x33, 0x2e, 0x53,
+	0x65, 0x72, 0x76, 0x65, 0x72, 0x49, 0x6e, 0x66, 0x6f, 0x2e, 0x53, 0x74, 0x61, 0x74, 0x65, 0x52,
+	0x05, 0x73, 0x74, 0x61, 0x74, 0x65, 0x12, 0x4b, 0x0a, 0x14, 0x75, 0x70, 0x74, 0x69, 0x6d, 0x65,
+	0x5f, 0x63, 0x75, 0x72, 0x72, 0x65, 0x6e, 0x74, 0x5f, 0x65, 0x70, 0x6f, 0x63, 0x68, 0x18, 0x03,
+	0x20, 0x01, 0x28, 0x0b, 0x32, 0x19, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72,
+	0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x44, 0x75, 0x72, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x52,
+	0x12, 0x75, 0x70, 0x74, 0x69, 0x6d, 0x65, 0x43, 0x75, 0x72, 0x72, 0x65, 0x6e, 0x74, 0x45, 0x70,
+	0x6f, 0x63, 0x68, 0x12, 0x45, 0x0a, 0x11, 0x75, 0x70, 0x74, 0x69, 0x6d, 0x65, 0x5f, 0x61, 0x6c,
+	0x6c, 0x5f, 0x65, 0x70, 0x6f, 0x63, 0x68, 0x73, 0x18, 0x04, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x19,
+	0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66,
+	0x2e, 0x44, 0x75, 0x72, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x52, 0x0f, 0x75, 0x70, 0x74, 0x69, 0x6d,
+	0x65, 0x41, 0x6c, 0x6c, 0x45, 0x70, 0x6f, 0x63, 0x68, 0x73, 0x12, 0x2e, 0x0a, 0x13, 0x68, 0x6f,
+	0x74, 0x5f, 0x72, 0x65, 0x73, 0x74, 0x61, 0x72, 0x74, 0x5f, 0x76, 0x65, 0x72, 0x73, 0x69, 0x6f,
+	0x6e, 0x18, 0x05, 0x20, 0x01, 0x28, 0x09, 0x52, 0x11, 0x68, 0x6f, 0x74, 0x52, 0x65, 0x73, 0x74,
+	0x61, 0x72, 0x74, 0x56, 0x65, 0x72, 0x73, 0x69, 0x6f, 0x6e, 0x12, 0x54, 0x0a, 0x14, 0x63, 0x6f,
+	0x6d, 0x6d, 0x61, 0x6e, 0x64, 0x5f, 0x6c, 0x69, 0x6e, 0x65, 0x5f, 0x6f, 0x70, 0x74, 0x69, 0x6f,
+	0x6e, 0x73, 0x18, 0x06, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x22, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79,
+	0x2e, 0x61, 0x64, 0x6d, 0x69, 0x6e, 0x2e, 0x76, 0x33, 0x2e, 0x43, 0x6f, 0x6d, 0x6d, 0x61, 0x6e,
+	0x64, 0x4c, 0x69, 0x6e, 0x65, 0x4f, 0x70, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x52, 0x12, 0x63, 0x6f,
+	0x6d, 0x6d, 0x61, 0x6e, 0x64, 0x4c, 0x69, 0x6e, 0x65, 0x4f, 0x70, 0x74, 0x69, 0x6f, 0x6e, 0x73,
+	0x12, 0x2e, 0x0a, 0x04, 0x6e, 0x6f, 0x64, 0x65, 0x18, 0x07, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1a,
+	0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x63, 0x6f,
+	0x72, 0x65, 0x2e, 0x76, 0x33, 0x2e, 0x4e, 0x6f, 0x64, 0x65, 0x52, 0x04, 0x6e, 0x6f, 0x64, 0x65,
+	0x22, 0x47, 0x0a, 0x05, 0x53, 0x74, 0x61, 0x74, 0x65, 0x12, 0x08, 0x0a, 0x04, 0x4c, 0x49, 0x56,
+	0x45, 0x10, 0x00, 0x12, 0x0c, 0x0a, 0x08, 0x44, 0x52, 0x41, 0x49, 0x4e, 0x49, 0x4e, 0x47, 0x10,
+	0x01, 0x12, 0x14, 0x0a, 0x10, 0x50, 0x52, 0x45, 0x5f, 0x49, 0x4e, 0x49, 0x54, 0x49, 0x41, 0x4c,
+	0x49, 0x5a, 0x49, 0x4e, 0x47, 0x10, 0x02, 0x12, 0x10, 0x0a, 0x0c, 0x49, 0x4e, 0x49, 0x54, 0x49,
+	0x41, 0x4c, 0x49, 0x5a, 0x49, 0x4e, 0x47, 0x10, 0x03, 0x3a, 0x25, 0x9a, 0xc5, 0x88, 0x1e, 0x20,
+	0x0a, 0x1e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61, 0x64, 0x6d, 0x69, 0x6e, 0x2e, 0x76, 0x32,
+	0x61, 0x6c, 0x70, 0x68, 0x61, 0x2e, 0x53, 0x65, 0x72, 0x76, 0x65, 0x72, 0x49, 0x6e, 0x66, 0x6f,
+	0x22, 0xdb, 0x0e, 0x0a, 0x12, 0x43, 0x6f, 0x6d, 0x6d, 0x61, 0x6e, 0x64, 0x4c, 0x69, 0x6e, 0x65,
+	0x4f, 0x70, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x12, 0x17, 0x0a, 0x07, 0x62, 0x61, 0x73, 0x65, 0x5f,
+	0x69, 0x64, 0x18, 0x01, 0x20, 0x01, 0x28, 0x04, 0x52, 0x06, 0x62, 0x61, 0x73, 0x65, 0x49, 0x64,
+	0x12, 0x2d, 0x0a, 0x13, 0x75, 0x73, 0x65, 0x5f, 0x64, 0x79, 0x6e, 0x61, 0x6d, 0x69, 0x63, 0x5f,
+	0x62, 0x61, 0x73, 0x65, 0x5f, 0x69, 0x64, 0x18, 0x1f, 0x20, 0x01, 0x28, 0x08, 0x52, 0x10, 0x75,
+	0x73, 0x65, 0x44, 0x79, 0x6e, 0x61, 0x6d, 0x69, 0x63, 0x42, 0x61, 0x73, 0x65, 0x49, 0x64, 0x12,
+	0x20, 0x0a, 0x0c, 0x62, 0x61, 0x73, 0x65, 0x5f, 0x69, 0x64, 0x5f, 0x70, 0x61, 0x74, 0x68, 0x18,
+	0x20, 0x20, 0x01, 0x28, 0x09, 0x52, 0x0a, 0x62, 0x61, 0x73, 0x65, 0x49, 0x64, 0x50, 0x61, 0x74,
+	0x68, 0x12, 0x20, 0x0a, 0x0b, 0x63, 0x6f, 0x6e, 0x63, 0x75, 0x72, 0x72, 0x65, 0x6e, 0x63, 0x79,
+	0x18, 0x02, 0x20, 0x01, 0x28, 0x0d, 0x52, 0x0b, 0x63, 0x6f, 0x6e, 0x63, 0x75, 0x72, 0x72, 0x65,
+	0x6e, 0x63, 0x79, 0x12, 0x1f, 0x0a, 0x0b, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x5f, 0x70, 0x61,
+	0x74, 0x68, 0x18, 0x03, 0x20, 0x01, 0x28, 0x09, 0x52, 0x0a, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67,
+	0x50, 0x61, 0x74, 0x68, 0x12, 0x1f, 0x0a, 0x0b, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x5f, 0x79,
+	0x61, 0x6d, 0x6c, 0x18, 0x04, 0x20, 0x01, 0x28, 0x09, 0x52, 0x0a, 0x63, 0x6f, 0x6e, 0x66, 0x69,
+	0x67, 0x59, 0x61, 0x6d, 0x6c, 0x12, 0x3d, 0x0a, 0x1b, 0x61, 0x6c, 0x6c, 0x6f, 0x77, 0x5f, 0x75,
+	0x6e, 0x6b, 0x6e, 0x6f, 0x77, 0x6e, 0x5f, 0x73, 0x74, 0x61, 0x74, 0x69, 0x63, 0x5f, 0x66, 0x69,
+	0x65, 0x6c, 0x64, 0x73, 0x18, 0x05, 0x20, 0x01, 0x28, 0x08, 0x52, 0x18, 0x61, 0x6c, 0x6c, 0x6f,
+	0x77, 0x55, 0x6e, 0x6b, 0x6e, 0x6f, 0x77, 0x6e, 0x53, 0x74, 0x61, 0x74, 0x69, 0x63, 0x46, 0x69,
+	0x65, 0x6c, 0x64, 0x73, 0x12, 0x41, 0x0a, 0x1d, 0x72, 0x65, 0x6a, 0x65, 0x63, 0x74, 0x5f, 0x75,
+	0x6e, 0x6b, 0x6e, 0x6f, 0x77, 0x6e, 0x5f, 0x64, 0x79, 0x6e, 0x61, 0x6d, 0x69, 0x63, 0x5f, 0x66,
+	0x69, 0x65, 0x6c, 0x64, 0x73, 0x18, 0x1a, 0x20, 0x01, 0x28, 0x08, 0x52, 0x1a, 0x72, 0x65, 0x6a,
+	0x65, 0x63, 0x74, 0x55, 0x6e, 0x6b, 0x6e, 0x6f, 0x77, 0x6e, 0x44, 0x79, 0x6e, 0x61, 0x6d, 0x69,
+	0x63, 0x46, 0x69, 0x65, 0x6c, 0x64, 0x73, 0x12, 0x41, 0x0a, 0x1d, 0x69, 0x67, 0x6e, 0x6f, 0x72,
+	0x65, 0x5f, 0x75, 0x6e, 0x6b, 0x6e, 0x6f, 0x77, 0x6e, 0x5f, 0x64, 0x79, 0x6e, 0x61, 0x6d, 0x69,
+	0x63, 0x5f, 0x66, 0x69, 0x65, 0x6c, 0x64, 0x73, 0x18, 0x1e, 0x20, 0x01, 0x28, 0x08, 0x52, 0x1a,
+	0x69, 0x67, 0x6e, 0x6f, 0x72, 0x65, 0x55, 0x6e, 0x6b, 0x6e, 0x6f, 0x77, 0x6e, 0x44, 0x79, 0x6e,
+	0x61, 0x6d, 0x69, 0x63, 0x46, 0x69, 0x65, 0x6c, 0x64, 0x73, 0x12, 0x2c, 0x0a, 0x12, 0x61, 0x64,
+	0x6d, 0x69, 0x6e, 0x5f, 0x61, 0x64, 0x64, 0x72, 0x65, 0x73, 0x73, 0x5f, 0x70, 0x61, 0x74, 0x68,
+	0x18, 0x06, 0x20, 0x01, 0x28, 0x09, 0x52, 0x10, 0x61, 0x64, 0x6d, 0x69, 0x6e, 0x41, 0x64, 0x64,
+	0x72, 0x65, 0x73, 0x73, 0x50, 0x61, 0x74, 0x68, 0x12, 0x65, 0x0a, 0x18, 0x6c, 0x6f, 0x63, 0x61,
+	0x6c, 0x5f, 0x61, 0x64, 0x64, 0x72, 0x65, 0x73, 0x73, 0x5f, 0x69, 0x70, 0x5f, 0x76, 0x65, 0x72,
+	0x73, 0x69, 0x6f, 0x6e, 0x18, 0x07, 0x20, 0x01, 0x28, 0x0e, 0x32, 0x2c, 0x2e, 0x65, 0x6e, 0x76,
+	0x6f, 0x79, 0x2e, 0x61, 0x64, 0x6d, 0x69, 0x6e, 0x2e, 0x76, 0x33, 0x2e, 0x43, 0x6f, 0x6d, 0x6d,
+	0x61, 0x6e, 0x64, 0x4c, 0x69, 0x6e, 0x65, 0x4f, 0x70, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x2e, 0x49,
+	0x70, 0x56, 0x65, 0x72, 0x73, 0x69, 0x6f, 0x6e, 0x52, 0x15, 0x6c, 0x6f, 0x63, 0x61, 0x6c, 0x41,
+	0x64, 0x64, 0x72, 0x65, 0x73, 0x73, 0x49, 0x70, 0x56, 0x65, 0x72, 0x73, 0x69, 0x6f, 0x6e, 0x12,
+	0x1b, 0x0a, 0x09, 0x6c, 0x6f, 0x67, 0x5f, 0x6c, 0x65, 0x76, 0x65, 0x6c, 0x18, 0x08, 0x20, 0x01,
+	0x28, 0x09, 0x52, 0x08, 0x6c, 0x6f, 0x67, 0x4c, 0x65, 0x76, 0x65, 0x6c, 0x12, 0x2e, 0x0a, 0x13,
+	0x63, 0x6f, 0x6d, 0x70, 0x6f, 0x6e, 0x65, 0x6e, 0x74, 0x5f, 0x6c, 0x6f, 0x67, 0x5f, 0x6c, 0x65,
+	0x76, 0x65, 0x6c, 0x18, 0x09, 0x20, 0x01, 0x28, 0x09, 0x52, 0x11, 0x63, 0x6f, 0x6d, 0x70, 0x6f,
+	0x6e, 0x65, 0x6e, 0x74, 0x4c, 0x6f, 0x67, 0x4c, 0x65, 0x76, 0x65, 0x6c, 0x12, 0x1d, 0x0a, 0x0a,
+	0x6c, 0x6f, 0x67, 0x5f, 0x66, 0x6f, 0x72, 0x6d, 0x61, 0x74, 0x18, 0x0a, 0x20, 0x01, 0x28, 0x09,
+	0x52, 0x09, 0x6c, 0x6f, 0x67, 0x46, 0x6f, 0x72, 0x6d, 0x61, 0x74, 0x12, 0x2c, 0x0a, 0x12, 0x6c,
+	0x6f, 0x67, 0x5f, 0x66, 0x6f, 0x72, 0x6d, 0x61, 0x74, 0x5f, 0x65, 0x73, 0x63, 0x61, 0x70, 0x65,
+	0x64, 0x18, 0x1b, 0x20, 0x01, 0x28, 0x08, 0x52, 0x10, 0x6c, 0x6f, 0x67, 0x46, 0x6f, 0x72, 0x6d,
+	0x61, 0x74, 0x45, 0x73, 0x63, 0x61, 0x70, 0x65, 0x64, 0x12, 0x19, 0x0a, 0x08, 0x6c, 0x6f, 0x67,
+	0x5f, 0x70, 0x61, 0x74, 0x68, 0x18, 0x0b, 0x20, 0x01, 0x28, 0x09, 0x52, 0x07, 0x6c, 0x6f, 0x67,
+	0x50, 0x61, 0x74, 0x68, 0x12, 0x27, 0x0a, 0x0f, 0x73, 0x65, 0x72, 0x76, 0x69, 0x63, 0x65, 0x5f,
+	0x63, 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0x18, 0x0d, 0x20, 0x01, 0x28, 0x09, 0x52, 0x0e, 0x73,
+	0x65, 0x72, 0x76, 0x69, 0x63, 0x65, 0x43, 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0x12, 0x21, 0x0a,
+	0x0c, 0x73, 0x65, 0x72, 0x76, 0x69, 0x63, 0x65, 0x5f, 0x6e, 0x6f, 0x64, 0x65, 0x18, 0x0e, 0x20,
+	0x01, 0x28, 0x09, 0x52, 0x0b, 0x73, 0x65, 0x72, 0x76, 0x69, 0x63, 0x65, 0x4e, 0x6f, 0x64, 0x65,
+	0x12, 0x21, 0x0a, 0x0c, 0x73, 0x65, 0x72, 0x76, 0x69, 0x63, 0x65, 0x5f, 0x7a, 0x6f, 0x6e, 0x65,
+	0x18, 0x0f, 0x20, 0x01, 0x28, 0x09, 0x52, 0x0b, 0x73, 0x65, 0x72, 0x76, 0x69, 0x63, 0x65, 0x5a,
+	0x6f, 0x6e, 0x65, 0x12, 0x49, 0x0a, 0x13, 0x66, 0x69, 0x6c, 0x65, 0x5f, 0x66, 0x6c, 0x75, 0x73,
+	0x68, 0x5f, 0x69, 0x6e, 0x74, 0x65, 0x72, 0x76, 0x61, 0x6c, 0x18, 0x10, 0x20, 0x01, 0x28, 0x0b,
+	0x32, 0x19, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62,
+	0x75, 0x66, 0x2e, 0x44, 0x75, 0x72, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x52, 0x11, 0x66, 0x69, 0x6c,
+	0x65, 0x46, 0x6c, 0x75, 0x73, 0x68, 0x49, 0x6e, 0x74, 0x65, 0x72, 0x76, 0x61, 0x6c, 0x12, 0x38,
+	0x0a, 0x0a, 0x64, 0x72, 0x61, 0x69, 0x6e, 0x5f, 0x74, 0x69, 0x6d, 0x65, 0x18, 0x11, 0x20, 0x01,
+	0x28, 0x0b, 0x32, 0x19, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74,
+	0x6f, 0x62, 0x75, 0x66, 0x2e, 0x44, 0x75, 0x72, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x52, 0x09, 0x64,
+	0x72, 0x61, 0x69, 0x6e, 0x54, 0x69, 0x6d, 0x65, 0x12, 0x57, 0x0a, 0x0e, 0x64, 0x72, 0x61, 0x69,
+	0x6e, 0x5f, 0x73, 0x74, 0x72, 0x61, 0x74, 0x65, 0x67, 0x79, 0x18, 0x21, 0x20, 0x01, 0x28, 0x0e,
+	0x32, 0x30, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61, 0x64, 0x6d, 0x69, 0x6e, 0x2e, 0x76,
+	0x33, 0x2e, 0x43, 0x6f, 0x6d, 0x6d, 0x61, 0x6e, 0x64, 0x4c, 0x69, 0x6e, 0x65, 0x4f, 0x70, 0x74,
+	0x69, 0x6f, 0x6e, 0x73, 0x2e, 0x44, 0x72, 0x61, 0x69, 0x6e, 0x53, 0x74, 0x72, 0x61, 0x74, 0x65,
+	0x67, 0x79, 0x52, 0x0d, 0x64, 0x72, 0x61, 0x69, 0x6e, 0x53, 0x74, 0x72, 0x61, 0x74, 0x65, 0x67,
+	0x79, 0x12, 0x4b, 0x0a, 0x14, 0x70, 0x61, 0x72, 0x65, 0x6e, 0x74, 0x5f, 0x73, 0x68, 0x75, 0x74,
+	0x64, 0x6f, 0x77, 0x6e, 0x5f, 0x74, 0x69, 0x6d, 0x65, 0x18, 0x12, 0x20, 0x01, 0x28, 0x0b, 0x32,
+	0x19, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75,
+	0x66, 0x2e, 0x44, 0x75, 0x72, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x52, 0x12, 0x70, 0x61, 0x72, 0x65,
+	0x6e, 0x74, 0x53, 0x68, 0x75, 0x74, 0x64, 0x6f, 0x77, 0x6e, 0x54, 0x69, 0x6d, 0x65, 0x12, 0x3b,
+	0x0a, 0x04, 0x6d, 0x6f, 0x64, 0x65, 0x18, 0x13, 0x20, 0x01, 0x28, 0x0e, 0x32, 0x27, 0x2e, 0x65,
+	0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61, 0x64, 0x6d, 0x69, 0x6e, 0x2e, 0x76, 0x33, 0x2e, 0x43, 0x6f,
+	0x6d, 0x6d, 0x61, 0x6e, 0x64, 0x4c, 0x69, 0x6e, 0x65, 0x4f, 0x70, 0x74, 0x69, 0x6f, 0x6e, 0x73,
+	0x2e, 0x4d, 0x6f, 0x64, 0x65, 0x52, 0x04, 0x6d, 0x6f, 0x64, 0x65, 0x12, 0x2e, 0x0a, 0x13, 0x64,
+	0x69, 0x73, 0x61, 0x62, 0x6c, 0x65, 0x5f, 0x68, 0x6f, 0x74, 0x5f, 0x72, 0x65, 0x73, 0x74, 0x61,
+	0x72, 0x74, 0x18, 0x16, 0x20, 0x01, 0x28, 0x08, 0x52, 0x11, 0x64, 0x69, 0x73, 0x61, 0x62, 0x6c,
+	0x65, 0x48, 0x6f, 0x74, 0x52, 0x65, 0x73, 0x74, 0x61, 0x72, 0x74, 0x12, 0x30, 0x0a, 0x14, 0x65,
+	0x6e, 0x61, 0x62, 0x6c, 0x65, 0x5f, 0x6d, 0x75, 0x74, 0x65, 0x78, 0x5f, 0x74, 0x72, 0x61, 0x63,
+	0x69, 0x6e, 0x67, 0x18, 0x17, 0x20, 0x01, 0x28, 0x08, 0x52, 0x12, 0x65, 0x6e, 0x61, 0x62, 0x6c,
+	0x65, 0x4d, 0x75, 0x74, 0x65, 0x78, 0x54, 0x72, 0x61, 0x63, 0x69, 0x6e, 0x67, 0x12, 0x23, 0x0a,
+	0x0d, 0x72, 0x65, 0x73, 0x74, 0x61, 0x72, 0x74, 0x5f, 0x65, 0x70, 0x6f, 0x63, 0x68, 0x18, 0x18,
+	0x20, 0x01, 0x28, 0x0d, 0x52, 0x0c, 0x72, 0x65, 0x73, 0x74, 0x61, 0x72, 0x74, 0x45, 0x70, 0x6f,
+	0x63, 0x68, 0x12, 0x25, 0x0a, 0x0e, 0x63, 0x70, 0x75, 0x73, 0x65, 0x74, 0x5f, 0x74, 0x68, 0x72,
+	0x65, 0x61, 0x64, 0x73, 0x18, 0x19, 0x20, 0x01, 0x28, 0x08, 0x52, 0x0d, 0x63, 0x70, 0x75, 0x73,
+	0x65, 0x74, 0x54, 0x68, 0x72, 0x65, 0x61, 0x64, 0x73, 0x12, 0x2f, 0x0a, 0x13, 0x64, 0x69, 0x73,
+	0x61, 0x62, 0x6c, 0x65, 0x64, 0x5f, 0x65, 0x78, 0x74, 0x65, 0x6e, 0x73, 0x69, 0x6f, 0x6e, 0x73,
+	0x18, 0x1c, 0x20, 0x03, 0x28, 0x09, 0x52, 0x12, 0x64, 0x69, 0x73, 0x61, 0x62, 0x6c, 0x65, 0x64,
+	0x45, 0x78, 0x74, 0x65, 0x6e, 0x73, 0x69, 0x6f, 0x6e, 0x73, 0x12, 0x39, 0x0a, 0x19, 0x65, 0x6e,
+	0x61, 0x62, 0x6c, 0x65, 0x5f, 0x66, 0x69, 0x6e, 0x65, 0x5f, 0x67, 0x72, 0x61, 0x69, 0x6e, 0x5f,
+	0x6c, 0x6f, 0x67, 0x67, 0x69, 0x6e, 0x67, 0x18, 0x22, 0x20, 0x01, 0x28, 0x08, 0x52, 0x16, 0x65,
+	0x6e, 0x61, 0x62, 0x6c, 0x65, 0x46, 0x69, 0x6e, 0x65, 0x47, 0x72, 0x61, 0x69, 0x6e, 0x4c, 0x6f,
+	0x67, 0x67, 0x69, 0x6e, 0x67, 0x12, 0x1f, 0x0a, 0x0b, 0x73, 0x6f, 0x63, 0x6b, 0x65, 0x74, 0x5f,
+	0x70, 0x61, 0x74, 0x68, 0x18, 0x23, 0x20, 0x01, 0x28, 0x09, 0x52, 0x0a, 0x73, 0x6f, 0x63, 0x6b,
+	0x65, 0x74, 0x50, 0x61, 0x74, 0x68, 0x12, 0x1f, 0x0a, 0x0b, 0x73, 0x6f, 0x63, 0x6b, 0x65, 0x74,
+	0x5f, 0x6d, 0x6f, 0x64, 0x65, 0x18, 0x24, 0x20, 0x01, 0x28, 0x0d, 0x52, 0x0a, 0x73, 0x6f, 0x63,
+	0x6b, 0x65, 0x74, 0x4d, 0x6f, 0x64, 0x65, 0x12, 0x28, 0x0a, 0x10, 0x65, 0x6e, 0x61, 0x62, 0x6c,
+	0x65, 0x5f, 0x63, 0x6f, 0x72, 0x65, 0x5f, 0x64, 0x75, 0x6d, 0x70, 0x18, 0x25, 0x20, 0x01, 0x28,
+	0x08, 0x52, 0x0e, 0x65, 0x6e, 0x61, 0x62, 0x6c, 0x65, 0x43, 0x6f, 0x72, 0x65, 0x44, 0x75, 0x6d,
+	0x70, 0x12, 0x1b, 0x0a, 0x09, 0x73, 0x74, 0x61, 0x74, 0x73, 0x5f, 0x74, 0x61, 0x67, 0x18, 0x26,
+	0x20, 0x03, 0x28, 0x09, 0x52, 0x08, 0x73, 0x74, 0x61, 0x74, 0x73, 0x54, 0x61, 0x67, 0x22, 0x1b,
+	0x0a, 0x09, 0x49, 0x70, 0x56, 0x65, 0x72, 0x73, 0x69, 0x6f, 0x6e, 0x12, 0x06, 0x0a, 0x02, 0x76,
+	0x34, 0x10, 0x00, 0x12, 0x06, 0x0a, 0x02, 0x76, 0x36, 0x10, 0x01, 0x22, 0x2d, 0x0a, 0x04, 0x4d,
+	0x6f, 0x64, 0x65, 0x12, 0x09, 0x0a, 0x05, 0x53, 0x65, 0x72, 0x76, 0x65, 0x10, 0x00, 0x12, 0x0c,
+	0x0a, 0x08, 0x56, 0x61, 0x6c, 0x69, 0x64, 0x61, 0x74, 0x65, 0x10, 0x01, 0x12, 0x0c, 0x0a, 0x08,
+	0x49, 0x6e, 0x69, 0x74, 0x4f, 0x6e, 0x6c, 0x79, 0x10, 0x02, 0x22, 0x2b, 0x0a, 0x0d, 0x44, 0x72,
+	0x61, 0x69, 0x6e, 0x53, 0x74, 0x72, 0x61, 0x74, 0x65, 0x67, 0x79, 0x12, 0x0b, 0x0a, 0x07, 0x47,
+	0x72, 0x61, 0x64, 0x75, 0x61, 0x6c, 0x10, 0x00, 0x12, 0x0d, 0x0a, 0x09, 0x49, 0x6d, 0x6d, 0x65,
+	0x64, 0x69, 0x61, 0x74, 0x65, 0x10, 0x01, 0x3a, 0x2d, 0x9a, 0xc5, 0x88, 0x1e, 0x28, 0x0a, 0x26,
+	0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61, 0x64, 0x6d, 0x69, 0x6e, 0x2e, 0x76, 0x32, 0x61, 0x6c,
+	0x70, 0x68, 0x61, 0x2e, 0x43, 0x6f, 0x6d, 0x6d, 0x61, 0x6e, 0x64, 0x4c, 0x69, 0x6e, 0x65, 0x4f,
+	0x70, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x4a, 0x04, 0x08, 0x0c, 0x10, 0x0d, 0x4a, 0x04, 0x08, 0x14,
+	0x10, 0x15, 0x4a, 0x04, 0x08, 0x15, 0x10, 0x16, 0x4a, 0x04, 0x08, 0x1d, 0x10, 0x1e, 0x52, 0x09,
+	0x6d, 0x61, 0x78, 0x5f, 0x73, 0x74, 0x61, 0x74, 0x73, 0x52, 0x10, 0x6d, 0x61, 0x78, 0x5f, 0x6f,
+	0x62, 0x6a, 0x5f, 0x6e, 0x61, 0x6d, 0x65, 0x5f, 0x6c, 0x65, 0x6e, 0x52, 0x11, 0x62, 0x6f, 0x6f,
+	0x74, 0x73, 0x74, 0x72, 0x61, 0x70, 0x5f, 0x76, 0x65, 0x72, 0x73, 0x69, 0x6f, 0x6e, 0x42, 0x39,
+	0x0a, 0x1c, 0x69, 0x6f, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x70, 0x72, 0x6f, 0x78, 0x79, 0x2e,
+	0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61, 0x64, 0x6d, 0x69, 0x6e, 0x2e, 0x76, 0x33, 0x42, 0x0f,
+	0x53, 0x65, 0x72, 0x76, 0x65, 0x72, 0x49, 0x6e, 0x66, 0x6f, 0x50, 0x72, 0x6f, 0x74, 0x6f, 0x50,
+	0x01, 0xba, 0x80, 0xc8, 0xd1, 0x06, 0x02, 0x10, 0x02, 0x62, 0x06, 0x70, 0x72, 0x6f, 0x74, 0x6f,
+	0x33,
+}
+
+var (
+	file_envoy_admin_v3_server_info_proto_rawDescOnce sync.Once
+	file_envoy_admin_v3_server_info_proto_rawDescData = file_envoy_admin_v3_server_info_proto_rawDesc
+)
+
+func file_envoy_admin_v3_server_info_proto_rawDescGZIP() []byte {
+	file_envoy_admin_v3_server_info_proto_rawDescOnce.Do(func() {
+		file_envoy_admin_v3_server_info_proto_rawDescData = protoimpl.X.CompressGZIP(file_envoy_admin_v3_server_info_proto_rawDescData)
+	})
+	return file_envoy_admin_v3_server_info_proto_rawDescData
+}
+
+var file_envoy_admin_v3_server_info_proto_enumTypes = make([]protoimpl.EnumInfo, 4)
+var file_envoy_admin_v3_server_info_proto_msgTypes = make([]protoimpl.MessageInfo, 2)
+var file_envoy_admin_v3_server_info_proto_goTypes = []interface{}{
+	(ServerInfo_State)(0),                 // 0: envoy.admin.v3.ServerInfo.State
+	(CommandLineOptions_IpVersion)(0),     // 1: envoy.admin.v3.CommandLineOptions.IpVersion
+	(CommandLineOptions_Mode)(0),          // 2: envoy.admin.v3.CommandLineOptions.Mode
+	(CommandLineOptions_DrainStrategy)(0), // 3: envoy.admin.v3.CommandLineOptions.DrainStrategy
+	(*ServerInfo)(nil),                    // 4: envoy.admin.v3.ServerInfo
+	(*CommandLineOptions)(nil),            // 5: envoy.admin.v3.CommandLineOptions
+	(*duration.Duration)(nil),             // 6: google.protobuf.Duration
+	(*v3.Node)(nil),                       // 7: envoy.config.core.v3.Node
+}
+var file_envoy_admin_v3_server_info_proto_depIdxs = []int32{
+	0,  // 0: envoy.admin.v3.ServerInfo.state:type_name -> envoy.admin.v3.ServerInfo.State
+	6,  // 1: envoy.admin.v3.ServerInfo.uptime_current_epoch:type_name -> google.protobuf.Duration
+	6,  // 2: envoy.admin.v3.ServerInfo.uptime_all_epochs:type_name -> google.protobuf.Duration
+	5,  // 3: envoy.admin.v3.ServerInfo.command_line_options:type_name -> envoy.admin.v3.CommandLineOptions
+	7,  // 4: envoy.admin.v3.ServerInfo.node:type_name -> envoy.config.core.v3.Node
+	1,  // 5: envoy.admin.v3.CommandLineOptions.local_address_ip_version:type_name -> envoy.admin.v3.CommandLineOptions.IpVersion
+	6,  // 6: envoy.admin.v3.CommandLineOptions.file_flush_interval:type_name -> google.protobuf.Duration
+	6,  // 7: envoy.admin.v3.CommandLineOptions.drain_time:type_name -> google.protobuf.Duration
+	3,  // 8: envoy.admin.v3.CommandLineOptions.drain_strategy:type_name -> envoy.admin.v3.CommandLineOptions.DrainStrategy
+	6,  // 9: envoy.admin.v3.CommandLineOptions.parent_shutdown_time:type_name -> google.protobuf.Duration
+	2,  // 10: envoy.admin.v3.CommandLineOptions.mode:type_name -> envoy.admin.v3.CommandLineOptions.Mode
+	11, // [11:11] is the sub-list for method output_type
+	11, // [11:11] is the sub-list for method input_type
+	11, // [11:11] is the sub-list for extension type_name
+	11, // [11:11] is the sub-list for extension extendee
+	0,  // [0:11] is the sub-list for field type_name
+}
+
+func init() { file_envoy_admin_v3_server_info_proto_init() }
+func file_envoy_admin_v3_server_info_proto_init() {
+	if File_envoy_admin_v3_server_info_proto != nil {
+		return
+	}
+	if !protoimpl.UnsafeEnabled {
+		file_envoy_admin_v3_server_info_proto_msgTypes[0].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*ServerInfo); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_admin_v3_server_info_proto_msgTypes[1].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*CommandLineOptions); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+	}
+	type x struct{}
+	out := protoimpl.TypeBuilder{
+		File: protoimpl.DescBuilder{
+			GoPackagePath: reflect.TypeOf(x{}).PkgPath(),
+			RawDescriptor: file_envoy_admin_v3_server_info_proto_rawDesc,
+			NumEnums:      4,
+			NumMessages:   2,
+			NumExtensions: 0,
+			NumServices:   0,
+		},
+		GoTypes:           file_envoy_admin_v3_server_info_proto_goTypes,
+		DependencyIndexes: file_envoy_admin_v3_server_info_proto_depIdxs,
+		EnumInfos:         file_envoy_admin_v3_server_info_proto_enumTypes,
+		MessageInfos:      file_envoy_admin_v3_server_info_proto_msgTypes,
+	}.Build()
+	File_envoy_admin_v3_server_info_proto = out.File
+	file_envoy_admin_v3_server_info_proto_rawDesc = nil
+	file_envoy_admin_v3_server_info_proto_goTypes = nil
+	file_envoy_admin_v3_server_info_proto_depIdxs = nil
+}
diff --git a/vendor/github.com/envoyproxy/go-control-plane/envoy/admin/v3/server_info.pb.validate.go b/vendor/github.com/envoyproxy/go-control-plane/envoy/admin/v3/server_info.pb.validate.go
new file mode 100644
index 00000000000..413ebe94439
--- /dev/null
+++ b/vendor/github.com/envoyproxy/go-control-plane/envoy/admin/v3/server_info.pb.validate.go
@@ -0,0 +1,502 @@
+// Code generated by protoc-gen-validate. DO NOT EDIT.
+// source: envoy/admin/v3/server_info.proto
+
+package envoy_admin_v3
+
+import (
+	"bytes"
+	"errors"
+	"fmt"
+	"net"
+	"net/mail"
+	"net/url"
+	"regexp"
+	"sort"
+	"strings"
+	"time"
+	"unicode/utf8"
+
+	"google.golang.org/protobuf/types/known/anypb"
+)
+
+// ensure the imports are used
+var (
+	_ = bytes.MinRead
+	_ = errors.New("")
+	_ = fmt.Print
+	_ = utf8.UTFMax
+	_ = (*regexp.Regexp)(nil)
+	_ = (*strings.Reader)(nil)
+	_ = net.IPv4len
+	_ = time.Duration(0)
+	_ = (*url.URL)(nil)
+	_ = (*mail.Address)(nil)
+	_ = anypb.Any{}
+	_ = sort.Sort
+)
+
+// Validate checks the field values on ServerInfo with the rules defined in the
+// proto definition for this message. If any rules are violated, the first
+// error encountered is returned, or nil if there are no violations.
+func (m *ServerInfo) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on ServerInfo with the rules defined in
+// the proto definition for this message. If any rules are violated, the
+// result is a list of violation errors wrapped in ServerInfoMultiError, or
+// nil if none found.
+func (m *ServerInfo) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *ServerInfo) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	// no validation rules for Version
+
+	// no validation rules for State
+
+	if all {
+		switch v := interface{}(m.GetUptimeCurrentEpoch()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, ServerInfoValidationError{
+					field:  "UptimeCurrentEpoch",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, ServerInfoValidationError{
+					field:  "UptimeCurrentEpoch",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetUptimeCurrentEpoch()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return ServerInfoValidationError{
+				field:  "UptimeCurrentEpoch",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if all {
+		switch v := interface{}(m.GetUptimeAllEpochs()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, ServerInfoValidationError{
+					field:  "UptimeAllEpochs",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, ServerInfoValidationError{
+					field:  "UptimeAllEpochs",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetUptimeAllEpochs()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return ServerInfoValidationError{
+				field:  "UptimeAllEpochs",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	// no validation rules for HotRestartVersion
+
+	if all {
+		switch v := interface{}(m.GetCommandLineOptions()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, ServerInfoValidationError{
+					field:  "CommandLineOptions",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, ServerInfoValidationError{
+					field:  "CommandLineOptions",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetCommandLineOptions()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return ServerInfoValidationError{
+				field:  "CommandLineOptions",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if all {
+		switch v := interface{}(m.GetNode()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, ServerInfoValidationError{
+					field:  "Node",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, ServerInfoValidationError{
+					field:  "Node",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetNode()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return ServerInfoValidationError{
+				field:  "Node",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if len(errors) > 0 {
+		return ServerInfoMultiError(errors)
+	}
+	return nil
+}
+
+// ServerInfoMultiError is an error wrapping multiple validation errors
+// returned by ServerInfo.ValidateAll() if the designated constraints aren't met.
+type ServerInfoMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m ServerInfoMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m ServerInfoMultiError) AllErrors() []error { return m }
+
+// ServerInfoValidationError is the validation error returned by
+// ServerInfo.Validate if the designated constraints aren't met.
+type ServerInfoValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e ServerInfoValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e ServerInfoValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e ServerInfoValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e ServerInfoValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e ServerInfoValidationError) ErrorName() string { return "ServerInfoValidationError" }
+
+// Error satisfies the builtin error interface
+func (e ServerInfoValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sServerInfo.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = ServerInfoValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = ServerInfoValidationError{}
+
+// Validate checks the field values on CommandLineOptions with the rules
+// defined in the proto definition for this message. If any rules are
+// violated, the first error encountered is returned, or nil if there are no violations.
+func (m *CommandLineOptions) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on CommandLineOptions with the rules
+// defined in the proto definition for this message. If any rules are
+// violated, the result is a list of violation errors wrapped in
+// CommandLineOptionsMultiError, or nil if none found.
+func (m *CommandLineOptions) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *CommandLineOptions) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	// no validation rules for BaseId
+
+	// no validation rules for UseDynamicBaseId
+
+	// no validation rules for BaseIdPath
+
+	// no validation rules for Concurrency
+
+	// no validation rules for ConfigPath
+
+	// no validation rules for ConfigYaml
+
+	// no validation rules for AllowUnknownStaticFields
+
+	// no validation rules for RejectUnknownDynamicFields
+
+	// no validation rules for IgnoreUnknownDynamicFields
+
+	// no validation rules for AdminAddressPath
+
+	// no validation rules for LocalAddressIpVersion
+
+	// no validation rules for LogLevel
+
+	// no validation rules for ComponentLogLevel
+
+	// no validation rules for LogFormat
+
+	// no validation rules for LogFormatEscaped
+
+	// no validation rules for LogPath
+
+	// no validation rules for ServiceCluster
+
+	// no validation rules for ServiceNode
+
+	// no validation rules for ServiceZone
+
+	if all {
+		switch v := interface{}(m.GetFileFlushInterval()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, CommandLineOptionsValidationError{
+					field:  "FileFlushInterval",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, CommandLineOptionsValidationError{
+					field:  "FileFlushInterval",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetFileFlushInterval()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return CommandLineOptionsValidationError{
+				field:  "FileFlushInterval",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if all {
+		switch v := interface{}(m.GetDrainTime()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, CommandLineOptionsValidationError{
+					field:  "DrainTime",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, CommandLineOptionsValidationError{
+					field:  "DrainTime",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetDrainTime()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return CommandLineOptionsValidationError{
+				field:  "DrainTime",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	// no validation rules for DrainStrategy
+
+	if all {
+		switch v := interface{}(m.GetParentShutdownTime()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, CommandLineOptionsValidationError{
+					field:  "ParentShutdownTime",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, CommandLineOptionsValidationError{
+					field:  "ParentShutdownTime",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetParentShutdownTime()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return CommandLineOptionsValidationError{
+				field:  "ParentShutdownTime",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	// no validation rules for Mode
+
+	// no validation rules for DisableHotRestart
+
+	// no validation rules for EnableMutexTracing
+
+	// no validation rules for RestartEpoch
+
+	// no validation rules for CpusetThreads
+
+	// no validation rules for EnableFineGrainLogging
+
+	// no validation rules for SocketPath
+
+	// no validation rules for SocketMode
+
+	// no validation rules for EnableCoreDump
+
+	if len(errors) > 0 {
+		return CommandLineOptionsMultiError(errors)
+	}
+	return nil
+}
+
+// CommandLineOptionsMultiError is an error wrapping multiple validation errors
+// returned by CommandLineOptions.ValidateAll() if the designated constraints
+// aren't met.
+type CommandLineOptionsMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m CommandLineOptionsMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m CommandLineOptionsMultiError) AllErrors() []error { return m }
+
+// CommandLineOptionsValidationError is the validation error returned by
+// CommandLineOptions.Validate if the designated constraints aren't met.
+type CommandLineOptionsValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e CommandLineOptionsValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e CommandLineOptionsValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e CommandLineOptionsValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e CommandLineOptionsValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e CommandLineOptionsValidationError) ErrorName() string {
+	return "CommandLineOptionsValidationError"
+}
+
+// Error satisfies the builtin error interface
+func (e CommandLineOptionsValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sCommandLineOptions.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = CommandLineOptionsValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = CommandLineOptionsValidationError{}
diff --git a/vendor/github.com/envoyproxy/go-control-plane/envoy/admin/v3/tap.pb.go b/vendor/github.com/envoyproxy/go-control-plane/envoy/admin/v3/tap.pb.go
new file mode 100644
index 00000000000..fd0d36ebb2a
--- /dev/null
+++ b/vendor/github.com/envoyproxy/go-control-plane/envoy/admin/v3/tap.pb.go
@@ -0,0 +1,183 @@
+// Code generated by protoc-gen-go. DO NOT EDIT.
+// versions:
+// 	protoc-gen-go v1.25.0
+// 	protoc        v3.19.1
+// source: envoy/admin/v3/tap.proto
+
+package envoy_admin_v3
+
+import (
+	_ "github.com/cncf/xds/go/udpa/annotations"
+	v3 "github.com/envoyproxy/go-control-plane/envoy/config/tap/v3"
+	_ "github.com/envoyproxy/protoc-gen-validate/validate"
+	proto "github.com/golang/protobuf/proto"
+	protoreflect "google.golang.org/protobuf/reflect/protoreflect"
+	protoimpl "google.golang.org/protobuf/runtime/protoimpl"
+	reflect "reflect"
+	sync "sync"
+)
+
+const (
+	// Verify that this generated code is sufficiently up-to-date.
+	_ = protoimpl.EnforceVersion(20 - protoimpl.MinVersion)
+	// Verify that runtime/protoimpl is sufficiently up-to-date.
+	_ = protoimpl.EnforceVersion(protoimpl.MaxVersion - 20)
+)
+
+// This is a compile-time assertion that a sufficiently up-to-date version
+// of the legacy proto package is being used.
+const _ = proto.ProtoPackageIsVersion4
+
+// The /tap admin request body that is used to configure an active tap session.
+type TapRequest struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// The opaque configuration ID used to match the configuration to a loaded extension.
+	// A tap extension configures a similar opaque ID that is used to match.
+	ConfigId string `protobuf:"bytes,1,opt,name=config_id,json=configId,proto3" json:"config_id,omitempty"`
+	// The tap configuration to load.
+	TapConfig *v3.TapConfig `protobuf:"bytes,2,opt,name=tap_config,json=tapConfig,proto3" json:"tap_config,omitempty"`
+}
+
+func (x *TapRequest) Reset() {
+	*x = TapRequest{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_admin_v3_tap_proto_msgTypes[0]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *TapRequest) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*TapRequest) ProtoMessage() {}
+
+func (x *TapRequest) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_admin_v3_tap_proto_msgTypes[0]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use TapRequest.ProtoReflect.Descriptor instead.
+func (*TapRequest) Descriptor() ([]byte, []int) {
+	return file_envoy_admin_v3_tap_proto_rawDescGZIP(), []int{0}
+}
+
+func (x *TapRequest) GetConfigId() string {
+	if x != nil {
+		return x.ConfigId
+	}
+	return ""
+}
+
+func (x *TapRequest) GetTapConfig() *v3.TapConfig {
+	if x != nil {
+		return x.TapConfig
+	}
+	return nil
+}
+
+var File_envoy_admin_v3_tap_proto protoreflect.FileDescriptor
+
+var file_envoy_admin_v3_tap_proto_rawDesc = []byte{
+	0x0a, 0x18, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2f, 0x61, 0x64, 0x6d, 0x69, 0x6e, 0x2f, 0x76, 0x33,
+	0x2f, 0x74, 0x61, 0x70, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x12, 0x0e, 0x65, 0x6e, 0x76, 0x6f,
+	0x79, 0x2e, 0x61, 0x64, 0x6d, 0x69, 0x6e, 0x2e, 0x76, 0x33, 0x1a, 0x20, 0x65, 0x6e, 0x76, 0x6f,
+	0x79, 0x2f, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2f, 0x74, 0x61, 0x70, 0x2f, 0x76, 0x33, 0x2f,
+	0x63, 0x6f, 0x6d, 0x6d, 0x6f, 0x6e, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x1d, 0x75, 0x64,
+	0x70, 0x61, 0x2f, 0x61, 0x6e, 0x6e, 0x6f, 0x74, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x2f, 0x73,
+	0x74, 0x61, 0x74, 0x75, 0x73, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x21, 0x75, 0x64, 0x70,
+	0x61, 0x2f, 0x61, 0x6e, 0x6e, 0x6f, 0x74, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x2f, 0x76, 0x65,
+	0x72, 0x73, 0x69, 0x6f, 0x6e, 0x69, 0x6e, 0x67, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x17,
+	0x76, 0x61, 0x6c, 0x69, 0x64, 0x61, 0x74, 0x65, 0x2f, 0x76, 0x61, 0x6c, 0x69, 0x64, 0x61, 0x74,
+	0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x22, 0xa2, 0x01, 0x0a, 0x0a, 0x54, 0x61, 0x70, 0x52,
+	0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x12, 0x24, 0x0a, 0x09, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67,
+	0x5f, 0x69, 0x64, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x42, 0x07, 0xfa, 0x42, 0x04, 0x72, 0x02,
+	0x10, 0x01, 0x52, 0x08, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x49, 0x64, 0x12, 0x47, 0x0a, 0x0a,
+	0x74, 0x61, 0x70, 0x5f, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x18, 0x02, 0x20, 0x01, 0x28, 0x0b,
+	0x32, 0x1e, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e,
+	0x74, 0x61, 0x70, 0x2e, 0x76, 0x33, 0x2e, 0x54, 0x61, 0x70, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67,
+	0x42, 0x08, 0xfa, 0x42, 0x05, 0x8a, 0x01, 0x02, 0x10, 0x01, 0x52, 0x09, 0x74, 0x61, 0x70, 0x43,
+	0x6f, 0x6e, 0x66, 0x69, 0x67, 0x3a, 0x25, 0x9a, 0xc5, 0x88, 0x1e, 0x20, 0x0a, 0x1e, 0x65, 0x6e,
+	0x76, 0x6f, 0x79, 0x2e, 0x61, 0x64, 0x6d, 0x69, 0x6e, 0x2e, 0x76, 0x32, 0x61, 0x6c, 0x70, 0x68,
+	0x61, 0x2e, 0x54, 0x61, 0x70, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x42, 0x32, 0x0a, 0x1c,
+	0x69, 0x6f, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x70, 0x72, 0x6f, 0x78, 0x79, 0x2e, 0x65, 0x6e,
+	0x76, 0x6f, 0x79, 0x2e, 0x61, 0x64, 0x6d, 0x69, 0x6e, 0x2e, 0x76, 0x33, 0x42, 0x08, 0x54, 0x61,
+	0x70, 0x50, 0x72, 0x6f, 0x74, 0x6f, 0x50, 0x01, 0xba, 0x80, 0xc8, 0xd1, 0x06, 0x02, 0x10, 0x02,
+	0x62, 0x06, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x33,
+}
+
+var (
+	file_envoy_admin_v3_tap_proto_rawDescOnce sync.Once
+	file_envoy_admin_v3_tap_proto_rawDescData = file_envoy_admin_v3_tap_proto_rawDesc
+)
+
+func file_envoy_admin_v3_tap_proto_rawDescGZIP() []byte {
+	file_envoy_admin_v3_tap_proto_rawDescOnce.Do(func() {
+		file_envoy_admin_v3_tap_proto_rawDescData = protoimpl.X.CompressGZIP(file_envoy_admin_v3_tap_proto_rawDescData)
+	})
+	return file_envoy_admin_v3_tap_proto_rawDescData
+}
+
+var file_envoy_admin_v3_tap_proto_msgTypes = make([]protoimpl.MessageInfo, 1)
+var file_envoy_admin_v3_tap_proto_goTypes = []interface{}{
+	(*TapRequest)(nil),   // 0: envoy.admin.v3.TapRequest
+	(*v3.TapConfig)(nil), // 1: envoy.config.tap.v3.TapConfig
+}
+var file_envoy_admin_v3_tap_proto_depIdxs = []int32{
+	1, // 0: envoy.admin.v3.TapRequest.tap_config:type_name -> envoy.config.tap.v3.TapConfig
+	1, // [1:1] is the sub-list for method output_type
+	1, // [1:1] is the sub-list for method input_type
+	1, // [1:1] is the sub-list for extension type_name
+	1, // [1:1] is the sub-list for extension extendee
+	0, // [0:1] is the sub-list for field type_name
+}
+
+func init() { file_envoy_admin_v3_tap_proto_init() }
+func file_envoy_admin_v3_tap_proto_init() {
+	if File_envoy_admin_v3_tap_proto != nil {
+		return
+	}
+	if !protoimpl.UnsafeEnabled {
+		file_envoy_admin_v3_tap_proto_msgTypes[0].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*TapRequest); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+	}
+	type x struct{}
+	out := protoimpl.TypeBuilder{
+		File: protoimpl.DescBuilder{
+			GoPackagePath: reflect.TypeOf(x{}).PkgPath(),
+			RawDescriptor: file_envoy_admin_v3_tap_proto_rawDesc,
+			NumEnums:      0,
+			NumMessages:   1,
+			NumExtensions: 0,
+			NumServices:   0,
+		},
+		GoTypes:           file_envoy_admin_v3_tap_proto_goTypes,
+		DependencyIndexes: file_envoy_admin_v3_tap_proto_depIdxs,
+		MessageInfos:      file_envoy_admin_v3_tap_proto_msgTypes,
+	}.Build()
+	File_envoy_admin_v3_tap_proto = out.File
+	file_envoy_admin_v3_tap_proto_rawDesc = nil
+	file_envoy_admin_v3_tap_proto_goTypes = nil
+	file_envoy_admin_v3_tap_proto_depIdxs = nil
+}
diff --git a/vendor/github.com/envoyproxy/go-control-plane/envoy/admin/v3/tap.pb.validate.go b/vendor/github.com/envoyproxy/go-control-plane/envoy/admin/v3/tap.pb.validate.go
new file mode 100644
index 00000000000..7af4ed9da3b
--- /dev/null
+++ b/vendor/github.com/envoyproxy/go-control-plane/envoy/admin/v3/tap.pb.validate.go
@@ -0,0 +1,185 @@
+// Code generated by protoc-gen-validate. DO NOT EDIT.
+// source: envoy/admin/v3/tap.proto
+
+package envoy_admin_v3
+
+import (
+	"bytes"
+	"errors"
+	"fmt"
+	"net"
+	"net/mail"
+	"net/url"
+	"regexp"
+	"sort"
+	"strings"
+	"time"
+	"unicode/utf8"
+
+	"google.golang.org/protobuf/types/known/anypb"
+)
+
+// ensure the imports are used
+var (
+	_ = bytes.MinRead
+	_ = errors.New("")
+	_ = fmt.Print
+	_ = utf8.UTFMax
+	_ = (*regexp.Regexp)(nil)
+	_ = (*strings.Reader)(nil)
+	_ = net.IPv4len
+	_ = time.Duration(0)
+	_ = (*url.URL)(nil)
+	_ = (*mail.Address)(nil)
+	_ = anypb.Any{}
+	_ = sort.Sort
+)
+
+// Validate checks the field values on TapRequest with the rules defined in the
+// proto definition for this message. If any rules are violated, the first
+// error encountered is returned, or nil if there are no violations.
+func (m *TapRequest) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on TapRequest with the rules defined in
+// the proto definition for this message. If any rules are violated, the
+// result is a list of violation errors wrapped in TapRequestMultiError, or
+// nil if none found.
+func (m *TapRequest) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *TapRequest) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	if utf8.RuneCountInString(m.GetConfigId()) < 1 {
+		err := TapRequestValidationError{
+			field:  "ConfigId",
+			reason: "value length must be at least 1 runes",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+	}
+
+	if m.GetTapConfig() == nil {
+		err := TapRequestValidationError{
+			field:  "TapConfig",
+			reason: "value is required",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+	}
+
+	if all {
+		switch v := interface{}(m.GetTapConfig()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, TapRequestValidationError{
+					field:  "TapConfig",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, TapRequestValidationError{
+					field:  "TapConfig",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetTapConfig()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return TapRequestValidationError{
+				field:  "TapConfig",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if len(errors) > 0 {
+		return TapRequestMultiError(errors)
+	}
+	return nil
+}
+
+// TapRequestMultiError is an error wrapping multiple validation errors
+// returned by TapRequest.ValidateAll() if the designated constraints aren't met.
+type TapRequestMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m TapRequestMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m TapRequestMultiError) AllErrors() []error { return m }
+
+// TapRequestValidationError is the validation error returned by
+// TapRequest.Validate if the designated constraints aren't met.
+type TapRequestValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e TapRequestValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e TapRequestValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e TapRequestValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e TapRequestValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e TapRequestValidationError) ErrorName() string { return "TapRequestValidationError" }
+
+// Error satisfies the builtin error interface
+func (e TapRequestValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sTapRequest.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = TapRequestValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = TapRequestValidationError{}
diff --git a/vendor/github.com/envoyproxy/go-control-plane/envoy/annotations/deprecation.pb.go b/vendor/github.com/envoyproxy/go-control-plane/envoy/annotations/deprecation.pb.go
new file mode 100644
index 00000000000..fa830249a8c
--- /dev/null
+++ b/vendor/github.com/envoyproxy/go-control-plane/envoy/annotations/deprecation.pb.go
@@ -0,0 +1,160 @@
+// Code generated by protoc-gen-go. DO NOT EDIT.
+// versions:
+// 	protoc-gen-go v1.25.0
+// 	protoc        v3.19.1
+// source: envoy/annotations/deprecation.proto
+
+package envoy_annotations
+
+import (
+	proto "github.com/golang/protobuf/proto"
+	protoreflect "google.golang.org/protobuf/reflect/protoreflect"
+	protoimpl "google.golang.org/protobuf/runtime/protoimpl"
+	descriptorpb "google.golang.org/protobuf/types/descriptorpb"
+	reflect "reflect"
+)
+
+const (
+	// Verify that this generated code is sufficiently up-to-date.
+	_ = protoimpl.EnforceVersion(20 - protoimpl.MinVersion)
+	// Verify that runtime/protoimpl is sufficiently up-to-date.
+	_ = protoimpl.EnforceVersion(protoimpl.MaxVersion - 20)
+)
+
+// This is a compile-time assertion that a sufficiently up-to-date version
+// of the legacy proto package is being used.
+const _ = proto.ProtoPackageIsVersion4
+
+var file_envoy_annotations_deprecation_proto_extTypes = []protoimpl.ExtensionInfo{
+	{
+		ExtendedType:  (*descriptorpb.FieldOptions)(nil),
+		ExtensionType: (*bool)(nil),
+		Field:         189503207,
+		Name:          "envoy.annotations.disallowed_by_default",
+		Tag:           "varint,189503207,opt,name=disallowed_by_default",
+		Filename:      "envoy/annotations/deprecation.proto",
+	},
+	{
+		ExtendedType:  (*descriptorpb.FieldOptions)(nil),
+		ExtensionType: (*string)(nil),
+		Field:         157299826,
+		Name:          "envoy.annotations.deprecated_at_minor_version",
+		Tag:           "bytes,157299826,opt,name=deprecated_at_minor_version",
+		Filename:      "envoy/annotations/deprecation.proto",
+	},
+	{
+		ExtendedType:  (*descriptorpb.EnumValueOptions)(nil),
+		ExtensionType: (*bool)(nil),
+		Field:         70100853,
+		Name:          "envoy.annotations.disallowed_by_default_enum",
+		Tag:           "varint,70100853,opt,name=disallowed_by_default_enum",
+		Filename:      "envoy/annotations/deprecation.proto",
+	},
+	{
+		ExtendedType:  (*descriptorpb.EnumValueOptions)(nil),
+		ExtensionType: (*string)(nil),
+		Field:         181198657,
+		Name:          "envoy.annotations.deprecated_at_minor_version_enum",
+		Tag:           "bytes,181198657,opt,name=deprecated_at_minor_version_enum",
+		Filename:      "envoy/annotations/deprecation.proto",
+	},
+}
+
+// Extension fields to descriptorpb.FieldOptions.
+var (
+	// optional bool disallowed_by_default = 189503207;
+	E_DisallowedByDefault = &file_envoy_annotations_deprecation_proto_extTypes[0]
+	// The API major and minor version on which the field was deprecated
+	// (e.g., "3.5" for major version 3 and minor version 5).
+	//
+	// optional string deprecated_at_minor_version = 157299826;
+	E_DeprecatedAtMinorVersion = &file_envoy_annotations_deprecation_proto_extTypes[1]
+)
+
+// Extension fields to descriptorpb.EnumValueOptions.
+var (
+	// optional bool disallowed_by_default_enum = 70100853;
+	E_DisallowedByDefaultEnum = &file_envoy_annotations_deprecation_proto_extTypes[2]
+	// The API major and minor version on which the enum value was deprecated
+	// (e.g., "3.5" for major version 3 and minor version 5).
+	//
+	// optional string deprecated_at_minor_version_enum = 181198657;
+	E_DeprecatedAtMinorVersionEnum = &file_envoy_annotations_deprecation_proto_extTypes[3]
+)
+
+var File_envoy_annotations_deprecation_proto protoreflect.FileDescriptor
+
+var file_envoy_annotations_deprecation_proto_rawDesc = []byte{
+	0x0a, 0x23, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2f, 0x61, 0x6e, 0x6e, 0x6f, 0x74, 0x61, 0x74, 0x69,
+	0x6f, 0x6e, 0x73, 0x2f, 0x64, 0x65, 0x70, 0x72, 0x65, 0x63, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x2e,
+	0x70, 0x72, 0x6f, 0x74, 0x6f, 0x12, 0x11, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61, 0x6e, 0x6e,
+	0x6f, 0x74, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x1a, 0x20, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65,
+	0x2f, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2f, 0x64, 0x65, 0x73, 0x63, 0x72, 0x69,
+	0x70, 0x74, 0x6f, 0x72, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x3a, 0x54, 0x0a, 0x15, 0x64, 0x69,
+	0x73, 0x61, 0x6c, 0x6c, 0x6f, 0x77, 0x65, 0x64, 0x5f, 0x62, 0x79, 0x5f, 0x64, 0x65, 0x66, 0x61,
+	0x75, 0x6c, 0x74, 0x12, 0x1d, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f,
+	0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x46, 0x69, 0x65, 0x6c, 0x64, 0x4f, 0x70, 0x74, 0x69, 0x6f,
+	0x6e, 0x73, 0x18, 0xe7, 0xad, 0xae, 0x5a, 0x20, 0x01, 0x28, 0x08, 0x52, 0x13, 0x64, 0x69, 0x73,
+	0x61, 0x6c, 0x6c, 0x6f, 0x77, 0x65, 0x64, 0x42, 0x79, 0x44, 0x65, 0x66, 0x61, 0x75, 0x6c, 0x74,
+	0x3a, 0x5f, 0x0a, 0x1b, 0x64, 0x65, 0x70, 0x72, 0x65, 0x63, 0x61, 0x74, 0x65, 0x64, 0x5f, 0x61,
+	0x74, 0x5f, 0x6d, 0x69, 0x6e, 0x6f, 0x72, 0x5f, 0x76, 0x65, 0x72, 0x73, 0x69, 0x6f, 0x6e, 0x12,
+	0x1d, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75,
+	0x66, 0x2e, 0x46, 0x69, 0x65, 0x6c, 0x64, 0x4f, 0x70, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x18, 0xf2,
+	0xe8, 0x80, 0x4b, 0x20, 0x01, 0x28, 0x09, 0x52, 0x18, 0x64, 0x65, 0x70, 0x72, 0x65, 0x63, 0x61,
+	0x74, 0x65, 0x64, 0x41, 0x74, 0x4d, 0x69, 0x6e, 0x6f, 0x72, 0x56, 0x65, 0x72, 0x73, 0x69, 0x6f,
+	0x6e, 0x3a, 0x61, 0x0a, 0x1a, 0x64, 0x69, 0x73, 0x61, 0x6c, 0x6c, 0x6f, 0x77, 0x65, 0x64, 0x5f,
+	0x62, 0x79, 0x5f, 0x64, 0x65, 0x66, 0x61, 0x75, 0x6c, 0x74, 0x5f, 0x65, 0x6e, 0x75, 0x6d, 0x12,
+	0x21, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75,
+	0x66, 0x2e, 0x45, 0x6e, 0x75, 0x6d, 0x56, 0x61, 0x6c, 0x75, 0x65, 0x4f, 0x70, 0x74, 0x69, 0x6f,
+	0x6e, 0x73, 0x18, 0xf5, 0xce, 0xb6, 0x21, 0x20, 0x01, 0x28, 0x08, 0x52, 0x17, 0x64, 0x69, 0x73,
+	0x61, 0x6c, 0x6c, 0x6f, 0x77, 0x65, 0x64, 0x42, 0x79, 0x44, 0x65, 0x66, 0x61, 0x75, 0x6c, 0x74,
+	0x45, 0x6e, 0x75, 0x6d, 0x3a, 0x6c, 0x0a, 0x20, 0x64, 0x65, 0x70, 0x72, 0x65, 0x63, 0x61, 0x74,
+	0x65, 0x64, 0x5f, 0x61, 0x74, 0x5f, 0x6d, 0x69, 0x6e, 0x6f, 0x72, 0x5f, 0x76, 0x65, 0x72, 0x73,
+	0x69, 0x6f, 0x6e, 0x5f, 0x65, 0x6e, 0x75, 0x6d, 0x12, 0x21, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c,
+	0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x45, 0x6e, 0x75, 0x6d, 0x56,
+	0x61, 0x6c, 0x75, 0x65, 0x4f, 0x70, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x18, 0xc1, 0xbe, 0xb3, 0x56,
+	0x20, 0x01, 0x28, 0x09, 0x52, 0x1c, 0x64, 0x65, 0x70, 0x72, 0x65, 0x63, 0x61, 0x74, 0x65, 0x64,
+	0x41, 0x74, 0x4d, 0x69, 0x6e, 0x6f, 0x72, 0x56, 0x65, 0x72, 0x73, 0x69, 0x6f, 0x6e, 0x45, 0x6e,
+	0x75, 0x6d, 0x62, 0x06, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x33,
+}
+
+var file_envoy_annotations_deprecation_proto_goTypes = []interface{}{
+	(*descriptorpb.FieldOptions)(nil),     // 0: google.protobuf.FieldOptions
+	(*descriptorpb.EnumValueOptions)(nil), // 1: google.protobuf.EnumValueOptions
+}
+var file_envoy_annotations_deprecation_proto_depIdxs = []int32{
+	0, // 0: envoy.annotations.disallowed_by_default:extendee -> google.protobuf.FieldOptions
+	0, // 1: envoy.annotations.deprecated_at_minor_version:extendee -> google.protobuf.FieldOptions
+	1, // 2: envoy.annotations.disallowed_by_default_enum:extendee -> google.protobuf.EnumValueOptions
+	1, // 3: envoy.annotations.deprecated_at_minor_version_enum:extendee -> google.protobuf.EnumValueOptions
+	4, // [4:4] is the sub-list for method output_type
+	4, // [4:4] is the sub-list for method input_type
+	4, // [4:4] is the sub-list for extension type_name
+	0, // [0:4] is the sub-list for extension extendee
+	0, // [0:0] is the sub-list for field type_name
+}
+
+func init() { file_envoy_annotations_deprecation_proto_init() }
+func file_envoy_annotations_deprecation_proto_init() {
+	if File_envoy_annotations_deprecation_proto != nil {
+		return
+	}
+	type x struct{}
+	out := protoimpl.TypeBuilder{
+		File: protoimpl.DescBuilder{
+			GoPackagePath: reflect.TypeOf(x{}).PkgPath(),
+			RawDescriptor: file_envoy_annotations_deprecation_proto_rawDesc,
+			NumEnums:      0,
+			NumMessages:   0,
+			NumExtensions: 4,
+			NumServices:   0,
+		},
+		GoTypes:           file_envoy_annotations_deprecation_proto_goTypes,
+		DependencyIndexes: file_envoy_annotations_deprecation_proto_depIdxs,
+		ExtensionInfos:    file_envoy_annotations_deprecation_proto_extTypes,
+	}.Build()
+	File_envoy_annotations_deprecation_proto = out.File
+	file_envoy_annotations_deprecation_proto_rawDesc = nil
+	file_envoy_annotations_deprecation_proto_goTypes = nil
+	file_envoy_annotations_deprecation_proto_depIdxs = nil
+}
diff --git a/vendor/github.com/envoyproxy/go-control-plane/envoy/annotations/deprecation.pb.validate.go b/vendor/github.com/envoyproxy/go-control-plane/envoy/annotations/deprecation.pb.validate.go
new file mode 100644
index 00000000000..88e33e8d69e
--- /dev/null
+++ b/vendor/github.com/envoyproxy/go-control-plane/envoy/annotations/deprecation.pb.validate.go
@@ -0,0 +1,36 @@
+// Code generated by protoc-gen-validate. DO NOT EDIT.
+// source: envoy/annotations/deprecation.proto
+
+package envoy_annotations
+
+import (
+	"bytes"
+	"errors"
+	"fmt"
+	"net"
+	"net/mail"
+	"net/url"
+	"regexp"
+	"sort"
+	"strings"
+	"time"
+	"unicode/utf8"
+
+	"google.golang.org/protobuf/types/known/anypb"
+)
+
+// ensure the imports are used
+var (
+	_ = bytes.MinRead
+	_ = errors.New("")
+	_ = fmt.Print
+	_ = utf8.UTFMax
+	_ = (*regexp.Regexp)(nil)
+	_ = (*strings.Reader)(nil)
+	_ = net.IPv4len
+	_ = time.Duration(0)
+	_ = (*url.URL)(nil)
+	_ = (*mail.Address)(nil)
+	_ = anypb.Any{}
+	_ = sort.Sort
+)
diff --git a/vendor/github.com/envoyproxy/go-control-plane/envoy/annotations/resource.pb.go b/vendor/github.com/envoyproxy/go-control-plane/envoy/annotations/resource.pb.go
new file mode 100644
index 00000000000..df0551c2af2
--- /dev/null
+++ b/vendor/github.com/envoyproxy/go-control-plane/envoy/annotations/resource.pb.go
@@ -0,0 +1,180 @@
+// Code generated by protoc-gen-go. DO NOT EDIT.
+// versions:
+// 	protoc-gen-go v1.25.0
+// 	protoc        v3.19.1
+// source: envoy/annotations/resource.proto
+
+package envoy_annotations
+
+import (
+	proto "github.com/golang/protobuf/proto"
+	protoreflect "google.golang.org/protobuf/reflect/protoreflect"
+	protoimpl "google.golang.org/protobuf/runtime/protoimpl"
+	descriptorpb "google.golang.org/protobuf/types/descriptorpb"
+	reflect "reflect"
+	sync "sync"
+)
+
+const (
+	// Verify that this generated code is sufficiently up-to-date.
+	_ = protoimpl.EnforceVersion(20 - protoimpl.MinVersion)
+	// Verify that runtime/protoimpl is sufficiently up-to-date.
+	_ = protoimpl.EnforceVersion(protoimpl.MaxVersion - 20)
+)
+
+// This is a compile-time assertion that a sufficiently up-to-date version
+// of the legacy proto package is being used.
+const _ = proto.ProtoPackageIsVersion4
+
+type ResourceAnnotation struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// Annotation for xDS services that indicates the fully-qualified Protobuf type for the resource
+	// type.
+	Type string `protobuf:"bytes,1,opt,name=type,proto3" json:"type,omitempty"`
+}
+
+func (x *ResourceAnnotation) Reset() {
+	*x = ResourceAnnotation{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_annotations_resource_proto_msgTypes[0]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *ResourceAnnotation) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*ResourceAnnotation) ProtoMessage() {}
+
+func (x *ResourceAnnotation) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_annotations_resource_proto_msgTypes[0]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use ResourceAnnotation.ProtoReflect.Descriptor instead.
+func (*ResourceAnnotation) Descriptor() ([]byte, []int) {
+	return file_envoy_annotations_resource_proto_rawDescGZIP(), []int{0}
+}
+
+func (x *ResourceAnnotation) GetType() string {
+	if x != nil {
+		return x.Type
+	}
+	return ""
+}
+
+var file_envoy_annotations_resource_proto_extTypes = []protoimpl.ExtensionInfo{
+	{
+		ExtendedType:  (*descriptorpb.ServiceOptions)(nil),
+		ExtensionType: (*ResourceAnnotation)(nil),
+		Field:         265073217,
+		Name:          "envoy.annotations.resource",
+		Tag:           "bytes,265073217,opt,name=resource",
+		Filename:      "envoy/annotations/resource.proto",
+	},
+}
+
+// Extension fields to descriptorpb.ServiceOptions.
+var (
+	// optional envoy.annotations.ResourceAnnotation resource = 265073217;
+	E_Resource = &file_envoy_annotations_resource_proto_extTypes[0]
+)
+
+var File_envoy_annotations_resource_proto protoreflect.FileDescriptor
+
+var file_envoy_annotations_resource_proto_rawDesc = []byte{
+	0x0a, 0x20, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2f, 0x61, 0x6e, 0x6e, 0x6f, 0x74, 0x61, 0x74, 0x69,
+	0x6f, 0x6e, 0x73, 0x2f, 0x72, 0x65, 0x73, 0x6f, 0x75, 0x72, 0x63, 0x65, 0x2e, 0x70, 0x72, 0x6f,
+	0x74, 0x6f, 0x12, 0x11, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61, 0x6e, 0x6e, 0x6f, 0x74, 0x61,
+	0x74, 0x69, 0x6f, 0x6e, 0x73, 0x1a, 0x20, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2f, 0x70, 0x72,
+	0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2f, 0x64, 0x65, 0x73, 0x63, 0x72, 0x69, 0x70, 0x74, 0x6f,
+	0x72, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x22, 0x28, 0x0a, 0x12, 0x52, 0x65, 0x73, 0x6f, 0x75,
+	0x72, 0x63, 0x65, 0x41, 0x6e, 0x6e, 0x6f, 0x74, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x12, 0x12, 0x0a,
+	0x04, 0x74, 0x79, 0x70, 0x65, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x04, 0x74, 0x79, 0x70,
+	0x65, 0x3a, 0x65, 0x0a, 0x08, 0x72, 0x65, 0x73, 0x6f, 0x75, 0x72, 0x63, 0x65, 0x12, 0x1f, 0x2e,
+	0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e,
+	0x53, 0x65, 0x72, 0x76, 0x69, 0x63, 0x65, 0x4f, 0x70, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x18, 0xc1,
+	0xe4, 0xb2, 0x7e, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x25, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e,
+	0x61, 0x6e, 0x6e, 0x6f, 0x74, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x2e, 0x52, 0x65, 0x73, 0x6f,
+	0x75, 0x72, 0x63, 0x65, 0x41, 0x6e, 0x6e, 0x6f, 0x74, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x52, 0x08,
+	0x72, 0x65, 0x73, 0x6f, 0x75, 0x72, 0x63, 0x65, 0x62, 0x06, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x33,
+}
+
+var (
+	file_envoy_annotations_resource_proto_rawDescOnce sync.Once
+	file_envoy_annotations_resource_proto_rawDescData = file_envoy_annotations_resource_proto_rawDesc
+)
+
+func file_envoy_annotations_resource_proto_rawDescGZIP() []byte {
+	file_envoy_annotations_resource_proto_rawDescOnce.Do(func() {
+		file_envoy_annotations_resource_proto_rawDescData = protoimpl.X.CompressGZIP(file_envoy_annotations_resource_proto_rawDescData)
+	})
+	return file_envoy_annotations_resource_proto_rawDescData
+}
+
+var file_envoy_annotations_resource_proto_msgTypes = make([]protoimpl.MessageInfo, 1)
+var file_envoy_annotations_resource_proto_goTypes = []interface{}{
+	(*ResourceAnnotation)(nil),          // 0: envoy.annotations.ResourceAnnotation
+	(*descriptorpb.ServiceOptions)(nil), // 1: google.protobuf.ServiceOptions
+}
+var file_envoy_annotations_resource_proto_depIdxs = []int32{
+	1, // 0: envoy.annotations.resource:extendee -> google.protobuf.ServiceOptions
+	0, // 1: envoy.annotations.resource:type_name -> envoy.annotations.ResourceAnnotation
+	2, // [2:2] is the sub-list for method output_type
+	2, // [2:2] is the sub-list for method input_type
+	1, // [1:2] is the sub-list for extension type_name
+	0, // [0:1] is the sub-list for extension extendee
+	0, // [0:0] is the sub-list for field type_name
+}
+
+func init() { file_envoy_annotations_resource_proto_init() }
+func file_envoy_annotations_resource_proto_init() {
+	if File_envoy_annotations_resource_proto != nil {
+		return
+	}
+	if !protoimpl.UnsafeEnabled {
+		file_envoy_annotations_resource_proto_msgTypes[0].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*ResourceAnnotation); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+	}
+	type x struct{}
+	out := protoimpl.TypeBuilder{
+		File: protoimpl.DescBuilder{
+			GoPackagePath: reflect.TypeOf(x{}).PkgPath(),
+			RawDescriptor: file_envoy_annotations_resource_proto_rawDesc,
+			NumEnums:      0,
+			NumMessages:   1,
+			NumExtensions: 1,
+			NumServices:   0,
+		},
+		GoTypes:           file_envoy_annotations_resource_proto_goTypes,
+		DependencyIndexes: file_envoy_annotations_resource_proto_depIdxs,
+		MessageInfos:      file_envoy_annotations_resource_proto_msgTypes,
+		ExtensionInfos:    file_envoy_annotations_resource_proto_extTypes,
+	}.Build()
+	File_envoy_annotations_resource_proto = out.File
+	file_envoy_annotations_resource_proto_rawDesc = nil
+	file_envoy_annotations_resource_proto_goTypes = nil
+	file_envoy_annotations_resource_proto_depIdxs = nil
+}
diff --git a/vendor/github.com/envoyproxy/go-control-plane/envoy/annotations/resource.pb.validate.go b/vendor/github.com/envoyproxy/go-control-plane/envoy/annotations/resource.pb.validate.go
new file mode 100644
index 00000000000..4710f0ace54
--- /dev/null
+++ b/vendor/github.com/envoyproxy/go-control-plane/envoy/annotations/resource.pb.validate.go
@@ -0,0 +1,139 @@
+// Code generated by protoc-gen-validate. DO NOT EDIT.
+// source: envoy/annotations/resource.proto
+
+package envoy_annotations
+
+import (
+	"bytes"
+	"errors"
+	"fmt"
+	"net"
+	"net/mail"
+	"net/url"
+	"regexp"
+	"sort"
+	"strings"
+	"time"
+	"unicode/utf8"
+
+	"google.golang.org/protobuf/types/known/anypb"
+)
+
+// ensure the imports are used
+var (
+	_ = bytes.MinRead
+	_ = errors.New("")
+	_ = fmt.Print
+	_ = utf8.UTFMax
+	_ = (*regexp.Regexp)(nil)
+	_ = (*strings.Reader)(nil)
+	_ = net.IPv4len
+	_ = time.Duration(0)
+	_ = (*url.URL)(nil)
+	_ = (*mail.Address)(nil)
+	_ = anypb.Any{}
+	_ = sort.Sort
+)
+
+// Validate checks the field values on ResourceAnnotation with the rules
+// defined in the proto definition for this message. If any rules are
+// violated, the first error encountered is returned, or nil if there are no violations.
+func (m *ResourceAnnotation) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on ResourceAnnotation with the rules
+// defined in the proto definition for this message. If any rules are
+// violated, the result is a list of violation errors wrapped in
+// ResourceAnnotationMultiError, or nil if none found.
+func (m *ResourceAnnotation) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *ResourceAnnotation) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	// no validation rules for Type
+
+	if len(errors) > 0 {
+		return ResourceAnnotationMultiError(errors)
+	}
+	return nil
+}
+
+// ResourceAnnotationMultiError is an error wrapping multiple validation errors
+// returned by ResourceAnnotation.ValidateAll() if the designated constraints
+// aren't met.
+type ResourceAnnotationMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m ResourceAnnotationMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m ResourceAnnotationMultiError) AllErrors() []error { return m }
+
+// ResourceAnnotationValidationError is the validation error returned by
+// ResourceAnnotation.Validate if the designated constraints aren't met.
+type ResourceAnnotationValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e ResourceAnnotationValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e ResourceAnnotationValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e ResourceAnnotationValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e ResourceAnnotationValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e ResourceAnnotationValidationError) ErrorName() string {
+	return "ResourceAnnotationValidationError"
+}
+
+// Error satisfies the builtin error interface
+func (e ResourceAnnotationValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sResourceAnnotation.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = ResourceAnnotationValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = ResourceAnnotationValidationError{}
diff --git a/vendor/github.com/envoyproxy/go-control-plane/envoy/api/v2/auth/cert.pb.go b/vendor/github.com/envoyproxy/go-control-plane/envoy/api/v2/auth/cert.pb.go
new file mode 100644
index 00000000000..ac7cebc7d6a
--- /dev/null
+++ b/vendor/github.com/envoyproxy/go-control-plane/envoy/api/v2/auth/cert.pb.go
@@ -0,0 +1,85 @@
+// Code generated by protoc-gen-go. DO NOT EDIT.
+// versions:
+// 	protoc-gen-go v1.25.0
+// 	protoc        v3.19.1
+// source: envoy/api/v2/auth/cert.proto
+
+package envoy_api_v2_auth
+
+import (
+	_ "github.com/cncf/xds/go/udpa/annotations"
+	proto "github.com/golang/protobuf/proto"
+	protoreflect "google.golang.org/protobuf/reflect/protoreflect"
+	protoimpl "google.golang.org/protobuf/runtime/protoimpl"
+	reflect "reflect"
+)
+
+const (
+	// Verify that this generated code is sufficiently up-to-date.
+	_ = protoimpl.EnforceVersion(20 - protoimpl.MinVersion)
+	// Verify that runtime/protoimpl is sufficiently up-to-date.
+	_ = protoimpl.EnforceVersion(protoimpl.MaxVersion - 20)
+)
+
+// This is a compile-time assertion that a sufficiently up-to-date version
+// of the legacy proto package is being used.
+const _ = proto.ProtoPackageIsVersion4
+
+var File_envoy_api_v2_auth_cert_proto protoreflect.FileDescriptor
+
+var file_envoy_api_v2_auth_cert_proto_rawDesc = []byte{
+	0x0a, 0x1c, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2f, 0x61, 0x70, 0x69, 0x2f, 0x76, 0x32, 0x2f, 0x61,
+	0x75, 0x74, 0x68, 0x2f, 0x63, 0x65, 0x72, 0x74, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x12, 0x11,
+	0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x76, 0x32, 0x2e, 0x61, 0x75, 0x74,
+	0x68, 0x1a, 0x1e, 0x75, 0x64, 0x70, 0x61, 0x2f, 0x61, 0x6e, 0x6e, 0x6f, 0x74, 0x61, 0x74, 0x69,
+	0x6f, 0x6e, 0x73, 0x2f, 0x6d, 0x69, 0x67, 0x72, 0x61, 0x74, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74,
+	0x6f, 0x1a, 0x1e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2f, 0x61, 0x70, 0x69, 0x2f, 0x76, 0x32, 0x2f,
+	0x61, 0x75, 0x74, 0x68, 0x2f, 0x63, 0x6f, 0x6d, 0x6d, 0x6f, 0x6e, 0x2e, 0x70, 0x72, 0x6f, 0x74,
+	0x6f, 0x1a, 0x1e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2f, 0x61, 0x70, 0x69, 0x2f, 0x76, 0x32, 0x2f,
+	0x61, 0x75, 0x74, 0x68, 0x2f, 0x73, 0x65, 0x63, 0x72, 0x65, 0x74, 0x2e, 0x70, 0x72, 0x6f, 0x74,
+	0x6f, 0x1a, 0x1b, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2f, 0x61, 0x70, 0x69, 0x2f, 0x76, 0x32, 0x2f,
+	0x61, 0x75, 0x74, 0x68, 0x2f, 0x74, 0x6c, 0x73, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x42, 0x5f,
+	0x0a, 0x1f, 0x69, 0x6f, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x70, 0x72, 0x6f, 0x78, 0x79, 0x2e,
+	0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x76, 0x32, 0x2e, 0x61, 0x75, 0x74,
+	0x68, 0x42, 0x09, 0x43, 0x65, 0x72, 0x74, 0x50, 0x72, 0x6f, 0x74, 0x6f, 0x50, 0x01, 0xf2, 0x98,
+	0xfe, 0x8f, 0x05, 0x2b, 0x12, 0x29, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x65, 0x78, 0x74, 0x65,
+	0x6e, 0x73, 0x69, 0x6f, 0x6e, 0x73, 0x2e, 0x74, 0x72, 0x61, 0x6e, 0x73, 0x70, 0x6f, 0x72, 0x74,
+	0x5f, 0x73, 0x6f, 0x63, 0x6b, 0x65, 0x74, 0x73, 0x2e, 0x74, 0x6c, 0x73, 0x2e, 0x76, 0x33, 0x50,
+	0x01, 0x50, 0x02, 0x50, 0x03, 0x62, 0x06, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x33,
+}
+
+var file_envoy_api_v2_auth_cert_proto_goTypes = []interface{}{}
+var file_envoy_api_v2_auth_cert_proto_depIdxs = []int32{
+	0, // [0:0] is the sub-list for method output_type
+	0, // [0:0] is the sub-list for method input_type
+	0, // [0:0] is the sub-list for extension type_name
+	0, // [0:0] is the sub-list for extension extendee
+	0, // [0:0] is the sub-list for field type_name
+}
+
+func init() { file_envoy_api_v2_auth_cert_proto_init() }
+func file_envoy_api_v2_auth_cert_proto_init() {
+	if File_envoy_api_v2_auth_cert_proto != nil {
+		return
+	}
+	file_envoy_api_v2_auth_common_proto_init()
+	file_envoy_api_v2_auth_secret_proto_init()
+	file_envoy_api_v2_auth_tls_proto_init()
+	type x struct{}
+	out := protoimpl.TypeBuilder{
+		File: protoimpl.DescBuilder{
+			GoPackagePath: reflect.TypeOf(x{}).PkgPath(),
+			RawDescriptor: file_envoy_api_v2_auth_cert_proto_rawDesc,
+			NumEnums:      0,
+			NumMessages:   0,
+			NumExtensions: 0,
+			NumServices:   0,
+		},
+		GoTypes:           file_envoy_api_v2_auth_cert_proto_goTypes,
+		DependencyIndexes: file_envoy_api_v2_auth_cert_proto_depIdxs,
+	}.Build()
+	File_envoy_api_v2_auth_cert_proto = out.File
+	file_envoy_api_v2_auth_cert_proto_rawDesc = nil
+	file_envoy_api_v2_auth_cert_proto_goTypes = nil
+	file_envoy_api_v2_auth_cert_proto_depIdxs = nil
+}
diff --git a/vendor/github.com/envoyproxy/go-control-plane/envoy/api/v2/auth/cert.pb.validate.go b/vendor/github.com/envoyproxy/go-control-plane/envoy/api/v2/auth/cert.pb.validate.go
new file mode 100644
index 00000000000..f5c850c100d
--- /dev/null
+++ b/vendor/github.com/envoyproxy/go-control-plane/envoy/api/v2/auth/cert.pb.validate.go
@@ -0,0 +1,36 @@
+// Code generated by protoc-gen-validate. DO NOT EDIT.
+// source: envoy/api/v2/auth/cert.proto
+
+package envoy_api_v2_auth
+
+import (
+	"bytes"
+	"errors"
+	"fmt"
+	"net"
+	"net/mail"
+	"net/url"
+	"regexp"
+	"sort"
+	"strings"
+	"time"
+	"unicode/utf8"
+
+	"google.golang.org/protobuf/types/known/anypb"
+)
+
+// ensure the imports are used
+var (
+	_ = bytes.MinRead
+	_ = errors.New("")
+	_ = fmt.Print
+	_ = utf8.UTFMax
+	_ = (*regexp.Regexp)(nil)
+	_ = (*strings.Reader)(nil)
+	_ = net.IPv4len
+	_ = time.Duration(0)
+	_ = (*url.URL)(nil)
+	_ = (*mail.Address)(nil)
+	_ = anypb.Any{}
+	_ = sort.Sort
+)
diff --git a/vendor/github.com/envoyproxy/go-control-plane/envoy/api/v2/auth/common.pb.go b/vendor/github.com/envoyproxy/go-control-plane/envoy/api/v2/auth/common.pb.go
new file mode 100644
index 00000000000..90128a7966c
--- /dev/null
+++ b/vendor/github.com/envoyproxy/go-control-plane/envoy/api/v2/auth/common.pb.go
@@ -0,0 +1,1082 @@
+// Code generated by protoc-gen-go. DO NOT EDIT.
+// versions:
+// 	protoc-gen-go v1.25.0
+// 	protoc        v3.19.1
+// source: envoy/api/v2/auth/common.proto
+
+package envoy_api_v2_auth
+
+import (
+	_ "github.com/cncf/xds/go/udpa/annotations"
+	core "github.com/envoyproxy/go-control-plane/envoy/api/v2/core"
+	matcher "github.com/envoyproxy/go-control-plane/envoy/type/matcher"
+	_ "github.com/envoyproxy/protoc-gen-validate/validate"
+	proto "github.com/golang/protobuf/proto"
+	any "github.com/golang/protobuf/ptypes/any"
+	_struct "github.com/golang/protobuf/ptypes/struct"
+	wrappers "github.com/golang/protobuf/ptypes/wrappers"
+	protoreflect "google.golang.org/protobuf/reflect/protoreflect"
+	protoimpl "google.golang.org/protobuf/runtime/protoimpl"
+	reflect "reflect"
+	sync "sync"
+)
+
+const (
+	// Verify that this generated code is sufficiently up-to-date.
+	_ = protoimpl.EnforceVersion(20 - protoimpl.MinVersion)
+	// Verify that runtime/protoimpl is sufficiently up-to-date.
+	_ = protoimpl.EnforceVersion(protoimpl.MaxVersion - 20)
+)
+
+// This is a compile-time assertion that a sufficiently up-to-date version
+// of the legacy proto package is being used.
+const _ = proto.ProtoPackageIsVersion4
+
+type TlsParameters_TlsProtocol int32
+
+const (
+	// Envoy will choose the optimal TLS version.
+	TlsParameters_TLS_AUTO TlsParameters_TlsProtocol = 0
+	// TLS 1.0
+	TlsParameters_TLSv1_0 TlsParameters_TlsProtocol = 1
+	// TLS 1.1
+	TlsParameters_TLSv1_1 TlsParameters_TlsProtocol = 2
+	// TLS 1.2
+	TlsParameters_TLSv1_2 TlsParameters_TlsProtocol = 3
+	// TLS 1.3
+	TlsParameters_TLSv1_3 TlsParameters_TlsProtocol = 4
+)
+
+// Enum value maps for TlsParameters_TlsProtocol.
+var (
+	TlsParameters_TlsProtocol_name = map[int32]string{
+		0: "TLS_AUTO",
+		1: "TLSv1_0",
+		2: "TLSv1_1",
+		3: "TLSv1_2",
+		4: "TLSv1_3",
+	}
+	TlsParameters_TlsProtocol_value = map[string]int32{
+		"TLS_AUTO": 0,
+		"TLSv1_0":  1,
+		"TLSv1_1":  2,
+		"TLSv1_2":  3,
+		"TLSv1_3":  4,
+	}
+)
+
+func (x TlsParameters_TlsProtocol) Enum() *TlsParameters_TlsProtocol {
+	p := new(TlsParameters_TlsProtocol)
+	*p = x
+	return p
+}
+
+func (x TlsParameters_TlsProtocol) String() string {
+	return protoimpl.X.EnumStringOf(x.Descriptor(), protoreflect.EnumNumber(x))
+}
+
+func (TlsParameters_TlsProtocol) Descriptor() protoreflect.EnumDescriptor {
+	return file_envoy_api_v2_auth_common_proto_enumTypes[0].Descriptor()
+}
+
+func (TlsParameters_TlsProtocol) Type() protoreflect.EnumType {
+	return &file_envoy_api_v2_auth_common_proto_enumTypes[0]
+}
+
+func (x TlsParameters_TlsProtocol) Number() protoreflect.EnumNumber {
+	return protoreflect.EnumNumber(x)
+}
+
+// Deprecated: Use TlsParameters_TlsProtocol.Descriptor instead.
+func (TlsParameters_TlsProtocol) EnumDescriptor() ([]byte, []int) {
+	return file_envoy_api_v2_auth_common_proto_rawDescGZIP(), []int{0, 0}
+}
+
+// Peer certificate verification mode.
+type CertificateValidationContext_TrustChainVerification int32
+
+const (
+	// Perform default certificate verification (e.g., against CA / verification lists)
+	CertificateValidationContext_VERIFY_TRUST_CHAIN CertificateValidationContext_TrustChainVerification = 0
+	// Connections where the certificate fails verification will be permitted.
+	// For HTTP connections, the result of certificate verification can be used in route matching. (
+	// see :ref:`validated <envoy_api_field_route.RouteMatch.TlsContextMatchOptions.validated>` ).
+	CertificateValidationContext_ACCEPT_UNTRUSTED CertificateValidationContext_TrustChainVerification = 1
+)
+
+// Enum value maps for CertificateValidationContext_TrustChainVerification.
+var (
+	CertificateValidationContext_TrustChainVerification_name = map[int32]string{
+		0: "VERIFY_TRUST_CHAIN",
+		1: "ACCEPT_UNTRUSTED",
+	}
+	CertificateValidationContext_TrustChainVerification_value = map[string]int32{
+		"VERIFY_TRUST_CHAIN": 0,
+		"ACCEPT_UNTRUSTED":   1,
+	}
+)
+
+func (x CertificateValidationContext_TrustChainVerification) Enum() *CertificateValidationContext_TrustChainVerification {
+	p := new(CertificateValidationContext_TrustChainVerification)
+	*p = x
+	return p
+}
+
+func (x CertificateValidationContext_TrustChainVerification) String() string {
+	return protoimpl.X.EnumStringOf(x.Descriptor(), protoreflect.EnumNumber(x))
+}
+
+func (CertificateValidationContext_TrustChainVerification) Descriptor() protoreflect.EnumDescriptor {
+	return file_envoy_api_v2_auth_common_proto_enumTypes[1].Descriptor()
+}
+
+func (CertificateValidationContext_TrustChainVerification) Type() protoreflect.EnumType {
+	return &file_envoy_api_v2_auth_common_proto_enumTypes[1]
+}
+
+func (x CertificateValidationContext_TrustChainVerification) Number() protoreflect.EnumNumber {
+	return protoreflect.EnumNumber(x)
+}
+
+// Deprecated: Use CertificateValidationContext_TrustChainVerification.Descriptor instead.
+func (CertificateValidationContext_TrustChainVerification) EnumDescriptor() ([]byte, []int) {
+	return file_envoy_api_v2_auth_common_proto_rawDescGZIP(), []int{4, 0}
+}
+
+type TlsParameters struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// Minimum TLS protocol version. By default, it's ``TLSv1_2`` for clients and ``TLSv1_0`` for
+	// servers.
+	TlsMinimumProtocolVersion TlsParameters_TlsProtocol `protobuf:"varint,1,opt,name=tls_minimum_protocol_version,json=tlsMinimumProtocolVersion,proto3,enum=envoy.api.v2.auth.TlsParameters_TlsProtocol" json:"tls_minimum_protocol_version,omitempty"`
+	// Maximum TLS protocol version. By default, it's ``TLSv1_2`` for clients and ``TLSv1_3`` for
+	// servers.
+	TlsMaximumProtocolVersion TlsParameters_TlsProtocol `protobuf:"varint,2,opt,name=tls_maximum_protocol_version,json=tlsMaximumProtocolVersion,proto3,enum=envoy.api.v2.auth.TlsParameters_TlsProtocol" json:"tls_maximum_protocol_version,omitempty"`
+	// If specified, the TLS listener will only support the specified `cipher list
+	// <https://commondatastorage.googleapis.com/chromium-boringssl-docs/ssl.h.html#Cipher-suite-configuration>`_
+	// when negotiating TLS 1.0-1.2 (this setting has no effect when negotiating TLS 1.3). If not
+	// specified, the default list will be used.
+	//
+	// In non-FIPS builds, the default cipher list is:
+	//
+	// .. code-block:: none
+	//
+	//   [ECDHE-ECDSA-AES128-GCM-SHA256|ECDHE-ECDSA-CHACHA20-POLY1305]
+	//   [ECDHE-RSA-AES128-GCM-SHA256|ECDHE-RSA-CHACHA20-POLY1305]
+	//   ECDHE-ECDSA-AES128-SHA
+	//   ECDHE-RSA-AES128-SHA
+	//   AES128-GCM-SHA256
+	//   AES128-SHA
+	//   ECDHE-ECDSA-AES256-GCM-SHA384
+	//   ECDHE-RSA-AES256-GCM-SHA384
+	//   ECDHE-ECDSA-AES256-SHA
+	//   ECDHE-RSA-AES256-SHA
+	//   AES256-GCM-SHA384
+	//   AES256-SHA
+	//
+	// In builds using :ref:`BoringSSL FIPS <arch_overview_ssl_fips>`, the default cipher list is:
+	//
+	// .. code-block:: none
+	//
+	//   ECDHE-ECDSA-AES128-GCM-SHA256
+	//   ECDHE-RSA-AES128-GCM-SHA256
+	//   ECDHE-ECDSA-AES128-SHA
+	//   ECDHE-RSA-AES128-SHA
+	//   AES128-GCM-SHA256
+	//   AES128-SHA
+	//   ECDHE-ECDSA-AES256-GCM-SHA384
+	//   ECDHE-RSA-AES256-GCM-SHA384
+	//   ECDHE-ECDSA-AES256-SHA
+	//   ECDHE-RSA-AES256-SHA
+	//   AES256-GCM-SHA384
+	//   AES256-SHA
+	CipherSuites []string `protobuf:"bytes,3,rep,name=cipher_suites,json=cipherSuites,proto3" json:"cipher_suites,omitempty"`
+	// If specified, the TLS connection will only support the specified ECDH
+	// curves. If not specified, the default curves will be used.
+	//
+	// In non-FIPS builds, the default curves are:
+	//
+	// .. code-block:: none
+	//
+	//   X25519
+	//   P-256
+	//
+	// In builds using :ref:`BoringSSL FIPS <arch_overview_ssl_fips>`, the default curve is:
+	//
+	// .. code-block:: none
+	//
+	//   P-256
+	EcdhCurves []string `protobuf:"bytes,4,rep,name=ecdh_curves,json=ecdhCurves,proto3" json:"ecdh_curves,omitempty"`
+}
+
+func (x *TlsParameters) Reset() {
+	*x = TlsParameters{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_api_v2_auth_common_proto_msgTypes[0]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *TlsParameters) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*TlsParameters) ProtoMessage() {}
+
+func (x *TlsParameters) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_api_v2_auth_common_proto_msgTypes[0]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use TlsParameters.ProtoReflect.Descriptor instead.
+func (*TlsParameters) Descriptor() ([]byte, []int) {
+	return file_envoy_api_v2_auth_common_proto_rawDescGZIP(), []int{0}
+}
+
+func (x *TlsParameters) GetTlsMinimumProtocolVersion() TlsParameters_TlsProtocol {
+	if x != nil {
+		return x.TlsMinimumProtocolVersion
+	}
+	return TlsParameters_TLS_AUTO
+}
+
+func (x *TlsParameters) GetTlsMaximumProtocolVersion() TlsParameters_TlsProtocol {
+	if x != nil {
+		return x.TlsMaximumProtocolVersion
+	}
+	return TlsParameters_TLS_AUTO
+}
+
+func (x *TlsParameters) GetCipherSuites() []string {
+	if x != nil {
+		return x.CipherSuites
+	}
+	return nil
+}
+
+func (x *TlsParameters) GetEcdhCurves() []string {
+	if x != nil {
+		return x.EcdhCurves
+	}
+	return nil
+}
+
+// BoringSSL private key method configuration. The private key methods are used for external
+// (potentially asynchronous) signing and decryption operations. Some use cases for private key
+// methods would be TPM support and TLS acceleration.
+type PrivateKeyProvider struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// Private key method provider name. The name must match a
+	// supported private key method provider type.
+	ProviderName string `protobuf:"bytes,1,opt,name=provider_name,json=providerName,proto3" json:"provider_name,omitempty"`
+	// Private key method provider specific configuration.
+	//
+	// Types that are assignable to ConfigType:
+	//	*PrivateKeyProvider_Config
+	//	*PrivateKeyProvider_TypedConfig
+	ConfigType isPrivateKeyProvider_ConfigType `protobuf_oneof:"config_type"`
+}
+
+func (x *PrivateKeyProvider) Reset() {
+	*x = PrivateKeyProvider{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_api_v2_auth_common_proto_msgTypes[1]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *PrivateKeyProvider) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*PrivateKeyProvider) ProtoMessage() {}
+
+func (x *PrivateKeyProvider) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_api_v2_auth_common_proto_msgTypes[1]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use PrivateKeyProvider.ProtoReflect.Descriptor instead.
+func (*PrivateKeyProvider) Descriptor() ([]byte, []int) {
+	return file_envoy_api_v2_auth_common_proto_rawDescGZIP(), []int{1}
+}
+
+func (x *PrivateKeyProvider) GetProviderName() string {
+	if x != nil {
+		return x.ProviderName
+	}
+	return ""
+}
+
+func (m *PrivateKeyProvider) GetConfigType() isPrivateKeyProvider_ConfigType {
+	if m != nil {
+		return m.ConfigType
+	}
+	return nil
+}
+
+// Deprecated: Do not use.
+func (x *PrivateKeyProvider) GetConfig() *_struct.Struct {
+	if x, ok := x.GetConfigType().(*PrivateKeyProvider_Config); ok {
+		return x.Config
+	}
+	return nil
+}
+
+func (x *PrivateKeyProvider) GetTypedConfig() *any.Any {
+	if x, ok := x.GetConfigType().(*PrivateKeyProvider_TypedConfig); ok {
+		return x.TypedConfig
+	}
+	return nil
+}
+
+type isPrivateKeyProvider_ConfigType interface {
+	isPrivateKeyProvider_ConfigType()
+}
+
+type PrivateKeyProvider_Config struct {
+	// Deprecated: Do not use.
+	Config *_struct.Struct `protobuf:"bytes,2,opt,name=config,proto3,oneof"`
+}
+
+type PrivateKeyProvider_TypedConfig struct {
+	TypedConfig *any.Any `protobuf:"bytes,3,opt,name=typed_config,json=typedConfig,proto3,oneof"`
+}
+
+func (*PrivateKeyProvider_Config) isPrivateKeyProvider_ConfigType() {}
+
+func (*PrivateKeyProvider_TypedConfig) isPrivateKeyProvider_ConfigType() {}
+
+// [#next-free-field: 7]
+type TlsCertificate struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// The TLS certificate chain.
+	CertificateChain *core.DataSource `protobuf:"bytes,1,opt,name=certificate_chain,json=certificateChain,proto3" json:"certificate_chain,omitempty"`
+	// The TLS private key.
+	PrivateKey *core.DataSource `protobuf:"bytes,2,opt,name=private_key,json=privateKey,proto3" json:"private_key,omitempty"`
+	// BoringSSL private key method provider. This is an alternative to :ref:`private_key
+	// <envoy_api_field_auth.TlsCertificate.private_key>` field. This can't be
+	// marked as ``oneof`` due to API compatibility reasons. Setting both :ref:`private_key
+	// <envoy_api_field_auth.TlsCertificate.private_key>` and
+	// :ref:`private_key_provider
+	// <envoy_api_field_auth.TlsCertificate.private_key_provider>` fields will result in an
+	// error.
+	PrivateKeyProvider *PrivateKeyProvider `protobuf:"bytes,6,opt,name=private_key_provider,json=privateKeyProvider,proto3" json:"private_key_provider,omitempty"`
+	// The password to decrypt the TLS private key. If this field is not set, it is assumed that the
+	// TLS private key is not password encrypted.
+	Password *core.DataSource `protobuf:"bytes,3,opt,name=password,proto3" json:"password,omitempty"`
+	// [#not-implemented-hide:]
+	OcspStaple *core.DataSource `protobuf:"bytes,4,opt,name=ocsp_staple,json=ocspStaple,proto3" json:"ocsp_staple,omitempty"`
+	// [#not-implemented-hide:]
+	SignedCertificateTimestamp []*core.DataSource `protobuf:"bytes,5,rep,name=signed_certificate_timestamp,json=signedCertificateTimestamp,proto3" json:"signed_certificate_timestamp,omitempty"`
+}
+
+func (x *TlsCertificate) Reset() {
+	*x = TlsCertificate{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_api_v2_auth_common_proto_msgTypes[2]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *TlsCertificate) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*TlsCertificate) ProtoMessage() {}
+
+func (x *TlsCertificate) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_api_v2_auth_common_proto_msgTypes[2]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use TlsCertificate.ProtoReflect.Descriptor instead.
+func (*TlsCertificate) Descriptor() ([]byte, []int) {
+	return file_envoy_api_v2_auth_common_proto_rawDescGZIP(), []int{2}
+}
+
+func (x *TlsCertificate) GetCertificateChain() *core.DataSource {
+	if x != nil {
+		return x.CertificateChain
+	}
+	return nil
+}
+
+func (x *TlsCertificate) GetPrivateKey() *core.DataSource {
+	if x != nil {
+		return x.PrivateKey
+	}
+	return nil
+}
+
+func (x *TlsCertificate) GetPrivateKeyProvider() *PrivateKeyProvider {
+	if x != nil {
+		return x.PrivateKeyProvider
+	}
+	return nil
+}
+
+func (x *TlsCertificate) GetPassword() *core.DataSource {
+	if x != nil {
+		return x.Password
+	}
+	return nil
+}
+
+func (x *TlsCertificate) GetOcspStaple() *core.DataSource {
+	if x != nil {
+		return x.OcspStaple
+	}
+	return nil
+}
+
+func (x *TlsCertificate) GetSignedCertificateTimestamp() []*core.DataSource {
+	if x != nil {
+		return x.SignedCertificateTimestamp
+	}
+	return nil
+}
+
+type TlsSessionTicketKeys struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// Keys for encrypting and decrypting TLS session tickets. The
+	// first key in the array contains the key to encrypt all new sessions created by this context.
+	// All keys are candidates for decrypting received tickets. This allows for easy rotation of keys
+	// by, for example, putting the new key first, and the previous key second.
+	//
+	// If :ref:`session_ticket_keys <envoy_api_field_auth.DownstreamTlsContext.session_ticket_keys>`
+	// is not specified, the TLS library will still support resuming sessions via tickets, but it will
+	// use an internally-generated and managed key, so sessions cannot be resumed across hot restarts
+	// or on different hosts.
+	//
+	// Each key must contain exactly 80 bytes of cryptographically-secure random data. For
+	// example, the output of ``openssl rand 80``.
+	//
+	// .. attention::
+	//
+	//   Using this feature has serious security considerations and risks. Improper handling of keys
+	//   may result in loss of secrecy in connections, even if ciphers supporting perfect forward
+	//   secrecy are used. See https://www.imperialviolet.org/2013/06/27/botchingpfs.html for some
+	//   discussion. To minimize the risk, you must:
+	//
+	//   * Keep the session ticket keys at least as secure as your TLS certificate private keys
+	//   * Rotate session ticket keys at least daily, and preferably hourly
+	//   * Always generate keys using a cryptographically-secure random data source
+	Keys []*core.DataSource `protobuf:"bytes,1,rep,name=keys,proto3" json:"keys,omitempty"`
+}
+
+func (x *TlsSessionTicketKeys) Reset() {
+	*x = TlsSessionTicketKeys{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_api_v2_auth_common_proto_msgTypes[3]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *TlsSessionTicketKeys) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*TlsSessionTicketKeys) ProtoMessage() {}
+
+func (x *TlsSessionTicketKeys) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_api_v2_auth_common_proto_msgTypes[3]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use TlsSessionTicketKeys.ProtoReflect.Descriptor instead.
+func (*TlsSessionTicketKeys) Descriptor() ([]byte, []int) {
+	return file_envoy_api_v2_auth_common_proto_rawDescGZIP(), []int{3}
+}
+
+func (x *TlsSessionTicketKeys) GetKeys() []*core.DataSource {
+	if x != nil {
+		return x.Keys
+	}
+	return nil
+}
+
+// [#next-free-field: 11]
+type CertificateValidationContext struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// TLS certificate data containing certificate authority certificates to use in verifying
+	// a presented peer certificate (e.g. server certificate for clusters or client certificate
+	// for listeners). If not specified and a peer certificate is presented it will not be
+	// verified. By default, a client certificate is optional, unless one of the additional
+	// options (:ref:`require_client_certificate
+	// <envoy_api_field_auth.DownstreamTlsContext.require_client_certificate>`,
+	// :ref:`verify_certificate_spki
+	// <envoy_api_field_auth.CertificateValidationContext.verify_certificate_spki>`,
+	// :ref:`verify_certificate_hash
+	// <envoy_api_field_auth.CertificateValidationContext.verify_certificate_hash>`, or
+	// :ref:`match_subject_alt_names
+	// <envoy_api_field_auth.CertificateValidationContext.match_subject_alt_names>`) is also
+	// specified.
+	//
+	// It can optionally contain certificate revocation lists, in which case Envoy will verify
+	// that the presented peer certificate has not been revoked by one of the included CRLs.
+	//
+	// See :ref:`the TLS overview <arch_overview_ssl_enabling_verification>` for a list of common
+	// system CA locations.
+	TrustedCa *core.DataSource `protobuf:"bytes,1,opt,name=trusted_ca,json=trustedCa,proto3" json:"trusted_ca,omitempty"`
+	// An optional list of base64-encoded SHA-256 hashes. If specified, Envoy will verify that the
+	// SHA-256 of the DER-encoded Subject Public Key Information (SPKI) of the presented certificate
+	// matches one of the specified values.
+	//
+	// A base64-encoded SHA-256 of the Subject Public Key Information (SPKI) of the certificate
+	// can be generated with the following command:
+	//
+	// .. code-block:: bash
+	//
+	//   $ openssl x509 -in path/to/client.crt -noout -pubkey
+	//     | openssl pkey -pubin -outform DER
+	//     | openssl dgst -sha256 -binary
+	//     | openssl enc -base64
+	//   NvqYIYSbgK2vCJpQhObf77vv+bQWtc5ek5RIOwPiC9A=
+	//
+	// This is the format used in HTTP Public Key Pinning.
+	//
+	// When both:
+	// :ref:`verify_certificate_hash
+	// <envoy_api_field_auth.CertificateValidationContext.verify_certificate_hash>` and
+	// :ref:`verify_certificate_spki
+	// <envoy_api_field_auth.CertificateValidationContext.verify_certificate_spki>` are specified,
+	// a hash matching value from either of the lists will result in the certificate being accepted.
+	//
+	// .. attention::
+	//
+	//   This option is preferred over :ref:`verify_certificate_hash
+	//   <envoy_api_field_auth.CertificateValidationContext.verify_certificate_hash>`,
+	//   because SPKI is tied to a private key, so it doesn't change when the certificate
+	//   is renewed using the same private key.
+	VerifyCertificateSpki []string `protobuf:"bytes,3,rep,name=verify_certificate_spki,json=verifyCertificateSpki,proto3" json:"verify_certificate_spki,omitempty"`
+	// An optional list of hex-encoded SHA-256 hashes. If specified, Envoy will verify that
+	// the SHA-256 of the DER-encoded presented certificate matches one of the specified values.
+	//
+	// A hex-encoded SHA-256 of the certificate can be generated with the following command:
+	//
+	// .. code-block:: bash
+	//
+	//   $ openssl x509 -in path/to/client.crt -outform DER | openssl dgst -sha256 | cut -d" " -f2
+	//   df6ff72fe9116521268f6f2dd4966f51df479883fe7037b39f75916ac3049d1a
+	//
+	// A long hex-encoded and colon-separated SHA-256 (a.k.a. "fingerprint") of the certificate
+	// can be generated with the following command:
+	//
+	// .. code-block:: bash
+	//
+	//   $ openssl x509 -in path/to/client.crt -noout -fingerprint -sha256 | cut -d"=" -f2
+	//   DF:6F:F7:2F:E9:11:65:21:26:8F:6F:2D:D4:96:6F:51:DF:47:98:83:FE:70:37:B3:9F:75:91:6A:C3:04:9D:1A
+	//
+	// Both of those formats are acceptable.
+	//
+	// When both:
+	// :ref:`verify_certificate_hash
+	// <envoy_api_field_auth.CertificateValidationContext.verify_certificate_hash>` and
+	// :ref:`verify_certificate_spki
+	// <envoy_api_field_auth.CertificateValidationContext.verify_certificate_spki>` are specified,
+	// a hash matching value from either of the lists will result in the certificate being accepted.
+	VerifyCertificateHash []string `protobuf:"bytes,2,rep,name=verify_certificate_hash,json=verifyCertificateHash,proto3" json:"verify_certificate_hash,omitempty"`
+	// An optional list of Subject Alternative Names. If specified, Envoy will verify that the
+	// Subject Alternative Name of the presented certificate matches one of the specified values.
+	//
+	// .. attention::
+	//
+	//   Subject Alternative Names are easily spoofable and verifying only them is insecure,
+	//   therefore this option must be used together with :ref:`trusted_ca
+	//   <envoy_api_field_auth.CertificateValidationContext.trusted_ca>`.
+	//
+	// Deprecated: Do not use.
+	VerifySubjectAltName []string `protobuf:"bytes,4,rep,name=verify_subject_alt_name,json=verifySubjectAltName,proto3" json:"verify_subject_alt_name,omitempty"`
+	// An optional list of Subject Alternative name matchers. Envoy will verify that the
+	// Subject Alternative Name of the presented certificate matches one of the specified matches.
+	//
+	// When a certificate has wildcard DNS SAN entries, to match a specific client, it should be
+	// configured with exact match type in the :ref:`string matcher <envoy_api_msg_type.matcher.StringMatcher>`.
+	// For example if the certificate has "\*.example.com" as DNS SAN entry, to allow only "api.example.com",
+	// it should be configured as shown below.
+	//
+	// .. code-block:: yaml
+	//
+	//  match_subject_alt_names:
+	//    exact: "api.example.com"
+	//
+	// .. attention::
+	//
+	//   Subject Alternative Names are easily spoofable and verifying only them is insecure,
+	//   therefore this option must be used together with :ref:`trusted_ca
+	//   <envoy_api_field_auth.CertificateValidationContext.trusted_ca>`.
+	MatchSubjectAltNames []*matcher.StringMatcher `protobuf:"bytes,9,rep,name=match_subject_alt_names,json=matchSubjectAltNames,proto3" json:"match_subject_alt_names,omitempty"`
+	// [#not-implemented-hide:] Must present a signed time-stamped OCSP response.
+	RequireOcspStaple *wrappers.BoolValue `protobuf:"bytes,5,opt,name=require_ocsp_staple,json=requireOcspStaple,proto3" json:"require_ocsp_staple,omitempty"`
+	// [#not-implemented-hide:] Must present signed certificate time-stamp.
+	RequireSignedCertificateTimestamp *wrappers.BoolValue `protobuf:"bytes,6,opt,name=require_signed_certificate_timestamp,json=requireSignedCertificateTimestamp,proto3" json:"require_signed_certificate_timestamp,omitempty"`
+	// An optional `certificate revocation list
+	// <https://en.wikipedia.org/wiki/Certificate_revocation_list>`_
+	// (in PEM format). If specified, Envoy will verify that the presented peer
+	// certificate has not been revoked by this CRL. If this DataSource contains
+	// multiple CRLs, all of them will be used.
+	Crl *core.DataSource `protobuf:"bytes,7,opt,name=crl,proto3" json:"crl,omitempty"`
+	// If specified, Envoy will not reject expired certificates.
+	AllowExpiredCertificate bool `protobuf:"varint,8,opt,name=allow_expired_certificate,json=allowExpiredCertificate,proto3" json:"allow_expired_certificate,omitempty"`
+	// Certificate trust chain verification mode.
+	TrustChainVerification CertificateValidationContext_TrustChainVerification `protobuf:"varint,10,opt,name=trust_chain_verification,json=trustChainVerification,proto3,enum=envoy.api.v2.auth.CertificateValidationContext_TrustChainVerification" json:"trust_chain_verification,omitempty"`
+}
+
+func (x *CertificateValidationContext) Reset() {
+	*x = CertificateValidationContext{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_api_v2_auth_common_proto_msgTypes[4]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *CertificateValidationContext) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*CertificateValidationContext) ProtoMessage() {}
+
+func (x *CertificateValidationContext) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_api_v2_auth_common_proto_msgTypes[4]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use CertificateValidationContext.ProtoReflect.Descriptor instead.
+func (*CertificateValidationContext) Descriptor() ([]byte, []int) {
+	return file_envoy_api_v2_auth_common_proto_rawDescGZIP(), []int{4}
+}
+
+func (x *CertificateValidationContext) GetTrustedCa() *core.DataSource {
+	if x != nil {
+		return x.TrustedCa
+	}
+	return nil
+}
+
+func (x *CertificateValidationContext) GetVerifyCertificateSpki() []string {
+	if x != nil {
+		return x.VerifyCertificateSpki
+	}
+	return nil
+}
+
+func (x *CertificateValidationContext) GetVerifyCertificateHash() []string {
+	if x != nil {
+		return x.VerifyCertificateHash
+	}
+	return nil
+}
+
+// Deprecated: Do not use.
+func (x *CertificateValidationContext) GetVerifySubjectAltName() []string {
+	if x != nil {
+		return x.VerifySubjectAltName
+	}
+	return nil
+}
+
+func (x *CertificateValidationContext) GetMatchSubjectAltNames() []*matcher.StringMatcher {
+	if x != nil {
+		return x.MatchSubjectAltNames
+	}
+	return nil
+}
+
+func (x *CertificateValidationContext) GetRequireOcspStaple() *wrappers.BoolValue {
+	if x != nil {
+		return x.RequireOcspStaple
+	}
+	return nil
+}
+
+func (x *CertificateValidationContext) GetRequireSignedCertificateTimestamp() *wrappers.BoolValue {
+	if x != nil {
+		return x.RequireSignedCertificateTimestamp
+	}
+	return nil
+}
+
+func (x *CertificateValidationContext) GetCrl() *core.DataSource {
+	if x != nil {
+		return x.Crl
+	}
+	return nil
+}
+
+func (x *CertificateValidationContext) GetAllowExpiredCertificate() bool {
+	if x != nil {
+		return x.AllowExpiredCertificate
+	}
+	return false
+}
+
+func (x *CertificateValidationContext) GetTrustChainVerification() CertificateValidationContext_TrustChainVerification {
+	if x != nil {
+		return x.TrustChainVerification
+	}
+	return CertificateValidationContext_VERIFY_TRUST_CHAIN
+}
+
+var File_envoy_api_v2_auth_common_proto protoreflect.FileDescriptor
+
+var file_envoy_api_v2_auth_common_proto_rawDesc = []byte{
+	0x0a, 0x1e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2f, 0x61, 0x70, 0x69, 0x2f, 0x76, 0x32, 0x2f, 0x61,
+	0x75, 0x74, 0x68, 0x2f, 0x63, 0x6f, 0x6d, 0x6d, 0x6f, 0x6e, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f,
+	0x12, 0x11, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x76, 0x32, 0x2e, 0x61,
+	0x75, 0x74, 0x68, 0x1a, 0x1c, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2f, 0x61, 0x70, 0x69, 0x2f, 0x76,
+	0x32, 0x2f, 0x63, 0x6f, 0x72, 0x65, 0x2f, 0x62, 0x61, 0x73, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74,
+	0x6f, 0x1a, 0x1f, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2f, 0x74, 0x79, 0x70, 0x65, 0x2f, 0x6d, 0x61,
+	0x74, 0x63, 0x68, 0x65, 0x72, 0x2f, 0x73, 0x74, 0x72, 0x69, 0x6e, 0x67, 0x2e, 0x70, 0x72, 0x6f,
+	0x74, 0x6f, 0x1a, 0x19, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2f, 0x70, 0x72, 0x6f, 0x74, 0x6f,
+	0x62, 0x75, 0x66, 0x2f, 0x61, 0x6e, 0x79, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x1c, 0x67,
+	0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2f, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2f, 0x73,
+	0x74, 0x72, 0x75, 0x63, 0x74, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x1e, 0x67, 0x6f, 0x6f,
+	0x67, 0x6c, 0x65, 0x2f, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2f, 0x77, 0x72, 0x61,
+	0x70, 0x70, 0x65, 0x72, 0x73, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x1e, 0x75, 0x64, 0x70,
+	0x61, 0x2f, 0x61, 0x6e, 0x6e, 0x6f, 0x74, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x2f, 0x6d, 0x69,
+	0x67, 0x72, 0x61, 0x74, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x20, 0x75, 0x64, 0x70,
+	0x61, 0x2f, 0x61, 0x6e, 0x6e, 0x6f, 0x74, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x2f, 0x73, 0x65,
+	0x6e, 0x73, 0x69, 0x74, 0x69, 0x76, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x1d, 0x75,
+	0x64, 0x70, 0x61, 0x2f, 0x61, 0x6e, 0x6e, 0x6f, 0x74, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x2f,
+	0x73, 0x74, 0x61, 0x74, 0x75, 0x73, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x17, 0x76, 0x61,
+	0x6c, 0x69, 0x64, 0x61, 0x74, 0x65, 0x2f, 0x76, 0x61, 0x6c, 0x69, 0x64, 0x61, 0x74, 0x65, 0x2e,
+	0x70, 0x72, 0x6f, 0x74, 0x6f, 0x22, 0x98, 0x03, 0x0a, 0x0d, 0x54, 0x6c, 0x73, 0x50, 0x61, 0x72,
+	0x61, 0x6d, 0x65, 0x74, 0x65, 0x72, 0x73, 0x12, 0x77, 0x0a, 0x1c, 0x74, 0x6c, 0x73, 0x5f, 0x6d,
+	0x69, 0x6e, 0x69, 0x6d, 0x75, 0x6d, 0x5f, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x63, 0x6f, 0x6c, 0x5f,
+	0x76, 0x65, 0x72, 0x73, 0x69, 0x6f, 0x6e, 0x18, 0x01, 0x20, 0x01, 0x28, 0x0e, 0x32, 0x2c, 0x2e,
+	0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x76, 0x32, 0x2e, 0x61, 0x75, 0x74,
+	0x68, 0x2e, 0x54, 0x6c, 0x73, 0x50, 0x61, 0x72, 0x61, 0x6d, 0x65, 0x74, 0x65, 0x72, 0x73, 0x2e,
+	0x54, 0x6c, 0x73, 0x50, 0x72, 0x6f, 0x74, 0x6f, 0x63, 0x6f, 0x6c, 0x42, 0x08, 0xfa, 0x42, 0x05,
+	0x82, 0x01, 0x02, 0x10, 0x01, 0x52, 0x19, 0x74, 0x6c, 0x73, 0x4d, 0x69, 0x6e, 0x69, 0x6d, 0x75,
+	0x6d, 0x50, 0x72, 0x6f, 0x74, 0x6f, 0x63, 0x6f, 0x6c, 0x56, 0x65, 0x72, 0x73, 0x69, 0x6f, 0x6e,
+	0x12, 0x77, 0x0a, 0x1c, 0x74, 0x6c, 0x73, 0x5f, 0x6d, 0x61, 0x78, 0x69, 0x6d, 0x75, 0x6d, 0x5f,
+	0x70, 0x72, 0x6f, 0x74, 0x6f, 0x63, 0x6f, 0x6c, 0x5f, 0x76, 0x65, 0x72, 0x73, 0x69, 0x6f, 0x6e,
+	0x18, 0x02, 0x20, 0x01, 0x28, 0x0e, 0x32, 0x2c, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61,
+	0x70, 0x69, 0x2e, 0x76, 0x32, 0x2e, 0x61, 0x75, 0x74, 0x68, 0x2e, 0x54, 0x6c, 0x73, 0x50, 0x61,
+	0x72, 0x61, 0x6d, 0x65, 0x74, 0x65, 0x72, 0x73, 0x2e, 0x54, 0x6c, 0x73, 0x50, 0x72, 0x6f, 0x74,
+	0x6f, 0x63, 0x6f, 0x6c, 0x42, 0x08, 0xfa, 0x42, 0x05, 0x82, 0x01, 0x02, 0x10, 0x01, 0x52, 0x19,
+	0x74, 0x6c, 0x73, 0x4d, 0x61, 0x78, 0x69, 0x6d, 0x75, 0x6d, 0x50, 0x72, 0x6f, 0x74, 0x6f, 0x63,
+	0x6f, 0x6c, 0x56, 0x65, 0x72, 0x73, 0x69, 0x6f, 0x6e, 0x12, 0x23, 0x0a, 0x0d, 0x63, 0x69, 0x70,
+	0x68, 0x65, 0x72, 0x5f, 0x73, 0x75, 0x69, 0x74, 0x65, 0x73, 0x18, 0x03, 0x20, 0x03, 0x28, 0x09,
+	0x52, 0x0c, 0x63, 0x69, 0x70, 0x68, 0x65, 0x72, 0x53, 0x75, 0x69, 0x74, 0x65, 0x73, 0x12, 0x1f,
+	0x0a, 0x0b, 0x65, 0x63, 0x64, 0x68, 0x5f, 0x63, 0x75, 0x72, 0x76, 0x65, 0x73, 0x18, 0x04, 0x20,
+	0x03, 0x28, 0x09, 0x52, 0x0a, 0x65, 0x63, 0x64, 0x68, 0x43, 0x75, 0x72, 0x76, 0x65, 0x73, 0x22,
+	0x4f, 0x0a, 0x0b, 0x54, 0x6c, 0x73, 0x50, 0x72, 0x6f, 0x74, 0x6f, 0x63, 0x6f, 0x6c, 0x12, 0x0c,
+	0x0a, 0x08, 0x54, 0x4c, 0x53, 0x5f, 0x41, 0x55, 0x54, 0x4f, 0x10, 0x00, 0x12, 0x0b, 0x0a, 0x07,
+	0x54, 0x4c, 0x53, 0x76, 0x31, 0x5f, 0x30, 0x10, 0x01, 0x12, 0x0b, 0x0a, 0x07, 0x54, 0x4c, 0x53,
+	0x76, 0x31, 0x5f, 0x31, 0x10, 0x02, 0x12, 0x0b, 0x0a, 0x07, 0x54, 0x4c, 0x53, 0x76, 0x31, 0x5f,
+	0x32, 0x10, 0x03, 0x12, 0x0b, 0x0a, 0x07, 0x54, 0x4c, 0x53, 0x76, 0x31, 0x5f, 0x33, 0x10, 0x04,
+	0x22, 0xd1, 0x01, 0x0a, 0x12, 0x50, 0x72, 0x69, 0x76, 0x61, 0x74, 0x65, 0x4b, 0x65, 0x79, 0x50,
+	0x72, 0x6f, 0x76, 0x69, 0x64, 0x65, 0x72, 0x12, 0x2c, 0x0a, 0x0d, 0x70, 0x72, 0x6f, 0x76, 0x69,
+	0x64, 0x65, 0x72, 0x5f, 0x6e, 0x61, 0x6d, 0x65, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x42, 0x07,
+	0xfa, 0x42, 0x04, 0x72, 0x02, 0x20, 0x01, 0x52, 0x0c, 0x70, 0x72, 0x6f, 0x76, 0x69, 0x64, 0x65,
+	0x72, 0x4e, 0x61, 0x6d, 0x65, 0x12, 0x3b, 0x0a, 0x06, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x18,
+	0x02, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x17, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70,
+	0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x53, 0x74, 0x72, 0x75, 0x63, 0x74, 0x42, 0x08,
+	0x18, 0x01, 0xb8, 0xb7, 0x8b, 0xa4, 0x02, 0x01, 0x48, 0x00, 0x52, 0x06, 0x63, 0x6f, 0x6e, 0x66,
+	0x69, 0x67, 0x12, 0x41, 0x0a, 0x0c, 0x74, 0x79, 0x70, 0x65, 0x64, 0x5f, 0x63, 0x6f, 0x6e, 0x66,
+	0x69, 0x67, 0x18, 0x03, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x14, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c,
+	0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x41, 0x6e, 0x79, 0x42, 0x06,
+	0xb8, 0xb7, 0x8b, 0xa4, 0x02, 0x01, 0x48, 0x00, 0x52, 0x0b, 0x74, 0x79, 0x70, 0x65, 0x64, 0x43,
+	0x6f, 0x6e, 0x66, 0x69, 0x67, 0x42, 0x0d, 0x0a, 0x0b, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x5f,
+	0x74, 0x79, 0x70, 0x65, 0x22, 0xe1, 0x03, 0x0a, 0x0e, 0x54, 0x6c, 0x73, 0x43, 0x65, 0x72, 0x74,
+	0x69, 0x66, 0x69, 0x63, 0x61, 0x74, 0x65, 0x12, 0x4a, 0x0a, 0x11, 0x63, 0x65, 0x72, 0x74, 0x69,
+	0x66, 0x69, 0x63, 0x61, 0x74, 0x65, 0x5f, 0x63, 0x68, 0x61, 0x69, 0x6e, 0x18, 0x01, 0x20, 0x01,
+	0x28, 0x0b, 0x32, 0x1d, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x76,
+	0x32, 0x2e, 0x63, 0x6f, 0x72, 0x65, 0x2e, 0x44, 0x61, 0x74, 0x61, 0x53, 0x6f, 0x75, 0x72, 0x63,
+	0x65, 0x52, 0x10, 0x63, 0x65, 0x72, 0x74, 0x69, 0x66, 0x69, 0x63, 0x61, 0x74, 0x65, 0x43, 0x68,
+	0x61, 0x69, 0x6e, 0x12, 0x46, 0x0a, 0x0b, 0x70, 0x72, 0x69, 0x76, 0x61, 0x74, 0x65, 0x5f, 0x6b,
+	0x65, 0x79, 0x18, 0x02, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1d, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79,
+	0x2e, 0x61, 0x70, 0x69, 0x2e, 0x76, 0x32, 0x2e, 0x63, 0x6f, 0x72, 0x65, 0x2e, 0x44, 0x61, 0x74,
+	0x61, 0x53, 0x6f, 0x75, 0x72, 0x63, 0x65, 0x42, 0x06, 0xb8, 0xb7, 0x8b, 0xa4, 0x02, 0x01, 0x52,
+	0x0a, 0x70, 0x72, 0x69, 0x76, 0x61, 0x74, 0x65, 0x4b, 0x65, 0x79, 0x12, 0x57, 0x0a, 0x14, 0x70,
+	0x72, 0x69, 0x76, 0x61, 0x74, 0x65, 0x5f, 0x6b, 0x65, 0x79, 0x5f, 0x70, 0x72, 0x6f, 0x76, 0x69,
+	0x64, 0x65, 0x72, 0x18, 0x06, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x25, 0x2e, 0x65, 0x6e, 0x76, 0x6f,
+	0x79, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x76, 0x32, 0x2e, 0x61, 0x75, 0x74, 0x68, 0x2e, 0x50, 0x72,
+	0x69, 0x76, 0x61, 0x74, 0x65, 0x4b, 0x65, 0x79, 0x50, 0x72, 0x6f, 0x76, 0x69, 0x64, 0x65, 0x72,
+	0x52, 0x12, 0x70, 0x72, 0x69, 0x76, 0x61, 0x74, 0x65, 0x4b, 0x65, 0x79, 0x50, 0x72, 0x6f, 0x76,
+	0x69, 0x64, 0x65, 0x72, 0x12, 0x41, 0x0a, 0x08, 0x70, 0x61, 0x73, 0x73, 0x77, 0x6f, 0x72, 0x64,
+	0x18, 0x03, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1d, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61,
+	0x70, 0x69, 0x2e, 0x76, 0x32, 0x2e, 0x63, 0x6f, 0x72, 0x65, 0x2e, 0x44, 0x61, 0x74, 0x61, 0x53,
+	0x6f, 0x75, 0x72, 0x63, 0x65, 0x42, 0x06, 0xb8, 0xb7, 0x8b, 0xa4, 0x02, 0x01, 0x52, 0x08, 0x70,
+	0x61, 0x73, 0x73, 0x77, 0x6f, 0x72, 0x64, 0x12, 0x3e, 0x0a, 0x0b, 0x6f, 0x63, 0x73, 0x70, 0x5f,
+	0x73, 0x74, 0x61, 0x70, 0x6c, 0x65, 0x18, 0x04, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1d, 0x2e, 0x65,
+	0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x76, 0x32, 0x2e, 0x63, 0x6f, 0x72, 0x65,
+	0x2e, 0x44, 0x61, 0x74, 0x61, 0x53, 0x6f, 0x75, 0x72, 0x63, 0x65, 0x52, 0x0a, 0x6f, 0x63, 0x73,
+	0x70, 0x53, 0x74, 0x61, 0x70, 0x6c, 0x65, 0x12, 0x5f, 0x0a, 0x1c, 0x73, 0x69, 0x67, 0x6e, 0x65,
+	0x64, 0x5f, 0x63, 0x65, 0x72, 0x74, 0x69, 0x66, 0x69, 0x63, 0x61, 0x74, 0x65, 0x5f, 0x74, 0x69,
+	0x6d, 0x65, 0x73, 0x74, 0x61, 0x6d, 0x70, 0x18, 0x05, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x1d, 0x2e,
+	0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x76, 0x32, 0x2e, 0x63, 0x6f, 0x72,
+	0x65, 0x2e, 0x44, 0x61, 0x74, 0x61, 0x53, 0x6f, 0x75, 0x72, 0x63, 0x65, 0x52, 0x1a, 0x73, 0x69,
+	0x67, 0x6e, 0x65, 0x64, 0x43, 0x65, 0x72, 0x74, 0x69, 0x66, 0x69, 0x63, 0x61, 0x74, 0x65, 0x54,
+	0x69, 0x6d, 0x65, 0x73, 0x74, 0x61, 0x6d, 0x70, 0x22, 0x59, 0x0a, 0x14, 0x54, 0x6c, 0x73, 0x53,
+	0x65, 0x73, 0x73, 0x69, 0x6f, 0x6e, 0x54, 0x69, 0x63, 0x6b, 0x65, 0x74, 0x4b, 0x65, 0x79, 0x73,
+	0x12, 0x41, 0x0a, 0x04, 0x6b, 0x65, 0x79, 0x73, 0x18, 0x01, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x1d,
+	0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x76, 0x32, 0x2e, 0x63, 0x6f,
+	0x72, 0x65, 0x2e, 0x44, 0x61, 0x74, 0x61, 0x53, 0x6f, 0x75, 0x72, 0x63, 0x65, 0x42, 0x0e, 0xfa,
+	0x42, 0x05, 0x92, 0x01, 0x02, 0x08, 0x01, 0xb8, 0xb7, 0x8b, 0xa4, 0x02, 0x01, 0x52, 0x04, 0x6b,
+	0x65, 0x79, 0x73, 0x22, 0xfc, 0x06, 0x0a, 0x1c, 0x43, 0x65, 0x72, 0x74, 0x69, 0x66, 0x69, 0x63,
+	0x61, 0x74, 0x65, 0x56, 0x61, 0x6c, 0x69, 0x64, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x43, 0x6f, 0x6e,
+	0x74, 0x65, 0x78, 0x74, 0x12, 0x3c, 0x0a, 0x0a, 0x74, 0x72, 0x75, 0x73, 0x74, 0x65, 0x64, 0x5f,
+	0x63, 0x61, 0x18, 0x01, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1d, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79,
+	0x2e, 0x61, 0x70, 0x69, 0x2e, 0x76, 0x32, 0x2e, 0x63, 0x6f, 0x72, 0x65, 0x2e, 0x44, 0x61, 0x74,
+	0x61, 0x53, 0x6f, 0x75, 0x72, 0x63, 0x65, 0x52, 0x09, 0x74, 0x72, 0x75, 0x73, 0x74, 0x65, 0x64,
+	0x43, 0x61, 0x12, 0x46, 0x0a, 0x17, 0x76, 0x65, 0x72, 0x69, 0x66, 0x79, 0x5f, 0x63, 0x65, 0x72,
+	0x74, 0x69, 0x66, 0x69, 0x63, 0x61, 0x74, 0x65, 0x5f, 0x73, 0x70, 0x6b, 0x69, 0x18, 0x03, 0x20,
+	0x03, 0x28, 0x09, 0x42, 0x0e, 0xfa, 0x42, 0x0b, 0x92, 0x01, 0x08, 0x22, 0x06, 0x72, 0x04, 0x20,
+	0x2c, 0x28, 0x2c, 0x52, 0x15, 0x76, 0x65, 0x72, 0x69, 0x66, 0x79, 0x43, 0x65, 0x72, 0x74, 0x69,
+	0x66, 0x69, 0x63, 0x61, 0x74, 0x65, 0x53, 0x70, 0x6b, 0x69, 0x12, 0x46, 0x0a, 0x17, 0x76, 0x65,
+	0x72, 0x69, 0x66, 0x79, 0x5f, 0x63, 0x65, 0x72, 0x74, 0x69, 0x66, 0x69, 0x63, 0x61, 0x74, 0x65,
+	0x5f, 0x68, 0x61, 0x73, 0x68, 0x18, 0x02, 0x20, 0x03, 0x28, 0x09, 0x42, 0x0e, 0xfa, 0x42, 0x0b,
+	0x92, 0x01, 0x08, 0x22, 0x06, 0x72, 0x04, 0x20, 0x40, 0x28, 0x5f, 0x52, 0x15, 0x76, 0x65, 0x72,
+	0x69, 0x66, 0x79, 0x43, 0x65, 0x72, 0x74, 0x69, 0x66, 0x69, 0x63, 0x61, 0x74, 0x65, 0x48, 0x61,
+	0x73, 0x68, 0x12, 0x39, 0x0a, 0x17, 0x76, 0x65, 0x72, 0x69, 0x66, 0x79, 0x5f, 0x73, 0x75, 0x62,
+	0x6a, 0x65, 0x63, 0x74, 0x5f, 0x61, 0x6c, 0x74, 0x5f, 0x6e, 0x61, 0x6d, 0x65, 0x18, 0x04, 0x20,
+	0x03, 0x28, 0x09, 0x42, 0x02, 0x18, 0x01, 0x52, 0x14, 0x76, 0x65, 0x72, 0x69, 0x66, 0x79, 0x53,
+	0x75, 0x62, 0x6a, 0x65, 0x63, 0x74, 0x41, 0x6c, 0x74, 0x4e, 0x61, 0x6d, 0x65, 0x12, 0x58, 0x0a,
+	0x17, 0x6d, 0x61, 0x74, 0x63, 0x68, 0x5f, 0x73, 0x75, 0x62, 0x6a, 0x65, 0x63, 0x74, 0x5f, 0x61,
+	0x6c, 0x74, 0x5f, 0x6e, 0x61, 0x6d, 0x65, 0x73, 0x18, 0x09, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x21,
+	0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x74, 0x79, 0x70, 0x65, 0x2e, 0x6d, 0x61, 0x74, 0x63,
+	0x68, 0x65, 0x72, 0x2e, 0x53, 0x74, 0x72, 0x69, 0x6e, 0x67, 0x4d, 0x61, 0x74, 0x63, 0x68, 0x65,
+	0x72, 0x52, 0x14, 0x6d, 0x61, 0x74, 0x63, 0x68, 0x53, 0x75, 0x62, 0x6a, 0x65, 0x63, 0x74, 0x41,
+	0x6c, 0x74, 0x4e, 0x61, 0x6d, 0x65, 0x73, 0x12, 0x4a, 0x0a, 0x13, 0x72, 0x65, 0x71, 0x75, 0x69,
+	0x72, 0x65, 0x5f, 0x6f, 0x63, 0x73, 0x70, 0x5f, 0x73, 0x74, 0x61, 0x70, 0x6c, 0x65, 0x18, 0x05,
+	0x20, 0x01, 0x28, 0x0b, 0x32, 0x1a, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72,
+	0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x42, 0x6f, 0x6f, 0x6c, 0x56, 0x61, 0x6c, 0x75, 0x65,
+	0x52, 0x11, 0x72, 0x65, 0x71, 0x75, 0x69, 0x72, 0x65, 0x4f, 0x63, 0x73, 0x70, 0x53, 0x74, 0x61,
+	0x70, 0x6c, 0x65, 0x12, 0x6b, 0x0a, 0x24, 0x72, 0x65, 0x71, 0x75, 0x69, 0x72, 0x65, 0x5f, 0x73,
+	0x69, 0x67, 0x6e, 0x65, 0x64, 0x5f, 0x63, 0x65, 0x72, 0x74, 0x69, 0x66, 0x69, 0x63, 0x61, 0x74,
+	0x65, 0x5f, 0x74, 0x69, 0x6d, 0x65, 0x73, 0x74, 0x61, 0x6d, 0x70, 0x18, 0x06, 0x20, 0x01, 0x28,
+	0x0b, 0x32, 0x1a, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f,
+	0x62, 0x75, 0x66, 0x2e, 0x42, 0x6f, 0x6f, 0x6c, 0x56, 0x61, 0x6c, 0x75, 0x65, 0x52, 0x21, 0x72,
+	0x65, 0x71, 0x75, 0x69, 0x72, 0x65, 0x53, 0x69, 0x67, 0x6e, 0x65, 0x64, 0x43, 0x65, 0x72, 0x74,
+	0x69, 0x66, 0x69, 0x63, 0x61, 0x74, 0x65, 0x54, 0x69, 0x6d, 0x65, 0x73, 0x74, 0x61, 0x6d, 0x70,
+	0x12, 0x2f, 0x0a, 0x03, 0x63, 0x72, 0x6c, 0x18, 0x07, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1d, 0x2e,
+	0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x76, 0x32, 0x2e, 0x63, 0x6f, 0x72,
+	0x65, 0x2e, 0x44, 0x61, 0x74, 0x61, 0x53, 0x6f, 0x75, 0x72, 0x63, 0x65, 0x52, 0x03, 0x63, 0x72,
+	0x6c, 0x12, 0x3a, 0x0a, 0x19, 0x61, 0x6c, 0x6c, 0x6f, 0x77, 0x5f, 0x65, 0x78, 0x70, 0x69, 0x72,
+	0x65, 0x64, 0x5f, 0x63, 0x65, 0x72, 0x74, 0x69, 0x66, 0x69, 0x63, 0x61, 0x74, 0x65, 0x18, 0x08,
+	0x20, 0x01, 0x28, 0x08, 0x52, 0x17, 0x61, 0x6c, 0x6c, 0x6f, 0x77, 0x45, 0x78, 0x70, 0x69, 0x72,
+	0x65, 0x64, 0x43, 0x65, 0x72, 0x74, 0x69, 0x66, 0x69, 0x63, 0x61, 0x74, 0x65, 0x12, 0x8a, 0x01,
+	0x0a, 0x18, 0x74, 0x72, 0x75, 0x73, 0x74, 0x5f, 0x63, 0x68, 0x61, 0x69, 0x6e, 0x5f, 0x76, 0x65,
+	0x72, 0x69, 0x66, 0x69, 0x63, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x18, 0x0a, 0x20, 0x01, 0x28, 0x0e,
+	0x32, 0x46, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x76, 0x32, 0x2e,
+	0x61, 0x75, 0x74, 0x68, 0x2e, 0x43, 0x65, 0x72, 0x74, 0x69, 0x66, 0x69, 0x63, 0x61, 0x74, 0x65,
+	0x56, 0x61, 0x6c, 0x69, 0x64, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x43, 0x6f, 0x6e, 0x74, 0x65, 0x78,
+	0x74, 0x2e, 0x54, 0x72, 0x75, 0x73, 0x74, 0x43, 0x68, 0x61, 0x69, 0x6e, 0x56, 0x65, 0x72, 0x69,
+	0x66, 0x69, 0x63, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x42, 0x08, 0xfa, 0x42, 0x05, 0x82, 0x01, 0x02,
+	0x10, 0x01, 0x52, 0x16, 0x74, 0x72, 0x75, 0x73, 0x74, 0x43, 0x68, 0x61, 0x69, 0x6e, 0x56, 0x65,
+	0x72, 0x69, 0x66, 0x69, 0x63, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x22, 0x46, 0x0a, 0x16, 0x54, 0x72,
+	0x75, 0x73, 0x74, 0x43, 0x68, 0x61, 0x69, 0x6e, 0x56, 0x65, 0x72, 0x69, 0x66, 0x69, 0x63, 0x61,
+	0x74, 0x69, 0x6f, 0x6e, 0x12, 0x16, 0x0a, 0x12, 0x56, 0x45, 0x52, 0x49, 0x46, 0x59, 0x5f, 0x54,
+	0x52, 0x55, 0x53, 0x54, 0x5f, 0x43, 0x48, 0x41, 0x49, 0x4e, 0x10, 0x00, 0x12, 0x14, 0x0a, 0x10,
+	0x41, 0x43, 0x43, 0x45, 0x50, 0x54, 0x5f, 0x55, 0x4e, 0x54, 0x52, 0x55, 0x53, 0x54, 0x45, 0x44,
+	0x10, 0x01, 0x42, 0x69, 0x0a, 0x1f, 0x69, 0x6f, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x70, 0x72,
+	0x6f, 0x78, 0x79, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x76, 0x32,
+	0x2e, 0x61, 0x75, 0x74, 0x68, 0x42, 0x0b, 0x43, 0x6f, 0x6d, 0x6d, 0x6f, 0x6e, 0x50, 0x72, 0x6f,
+	0x74, 0x6f, 0x50, 0x01, 0xf2, 0x98, 0xfe, 0x8f, 0x05, 0x2b, 0x12, 0x29, 0x65, 0x6e, 0x76, 0x6f,
+	0x79, 0x2e, 0x65, 0x78, 0x74, 0x65, 0x6e, 0x73, 0x69, 0x6f, 0x6e, 0x73, 0x2e, 0x74, 0x72, 0x61,
+	0x6e, 0x73, 0x70, 0x6f, 0x72, 0x74, 0x5f, 0x73, 0x6f, 0x63, 0x6b, 0x65, 0x74, 0x73, 0x2e, 0x74,
+	0x6c, 0x73, 0x2e, 0x76, 0x33, 0xba, 0x80, 0xc8, 0xd1, 0x06, 0x02, 0x10, 0x01, 0x62, 0x06, 0x70,
+	0x72, 0x6f, 0x74, 0x6f, 0x33,
+}
+
+var (
+	file_envoy_api_v2_auth_common_proto_rawDescOnce sync.Once
+	file_envoy_api_v2_auth_common_proto_rawDescData = file_envoy_api_v2_auth_common_proto_rawDesc
+)
+
+func file_envoy_api_v2_auth_common_proto_rawDescGZIP() []byte {
+	file_envoy_api_v2_auth_common_proto_rawDescOnce.Do(func() {
+		file_envoy_api_v2_auth_common_proto_rawDescData = protoimpl.X.CompressGZIP(file_envoy_api_v2_auth_common_proto_rawDescData)
+	})
+	return file_envoy_api_v2_auth_common_proto_rawDescData
+}
+
+var file_envoy_api_v2_auth_common_proto_enumTypes = make([]protoimpl.EnumInfo, 2)
+var file_envoy_api_v2_auth_common_proto_msgTypes = make([]protoimpl.MessageInfo, 5)
+var file_envoy_api_v2_auth_common_proto_goTypes = []interface{}{
+	(TlsParameters_TlsProtocol)(0),                           // 0: envoy.api.v2.auth.TlsParameters.TlsProtocol
+	(CertificateValidationContext_TrustChainVerification)(0), // 1: envoy.api.v2.auth.CertificateValidationContext.TrustChainVerification
+	(*TlsParameters)(nil),                                    // 2: envoy.api.v2.auth.TlsParameters
+	(*PrivateKeyProvider)(nil),                               // 3: envoy.api.v2.auth.PrivateKeyProvider
+	(*TlsCertificate)(nil),                                   // 4: envoy.api.v2.auth.TlsCertificate
+	(*TlsSessionTicketKeys)(nil),                             // 5: envoy.api.v2.auth.TlsSessionTicketKeys
+	(*CertificateValidationContext)(nil),                     // 6: envoy.api.v2.auth.CertificateValidationContext
+	(*_struct.Struct)(nil),                                   // 7: google.protobuf.Struct
+	(*any.Any)(nil),                                          // 8: google.protobuf.Any
+	(*core.DataSource)(nil),                                  // 9: envoy.api.v2.core.DataSource
+	(*matcher.StringMatcher)(nil),                            // 10: envoy.type.matcher.StringMatcher
+	(*wrappers.BoolValue)(nil),                               // 11: google.protobuf.BoolValue
+}
+var file_envoy_api_v2_auth_common_proto_depIdxs = []int32{
+	0,  // 0: envoy.api.v2.auth.TlsParameters.tls_minimum_protocol_version:type_name -> envoy.api.v2.auth.TlsParameters.TlsProtocol
+	0,  // 1: envoy.api.v2.auth.TlsParameters.tls_maximum_protocol_version:type_name -> envoy.api.v2.auth.TlsParameters.TlsProtocol
+	7,  // 2: envoy.api.v2.auth.PrivateKeyProvider.config:type_name -> google.protobuf.Struct
+	8,  // 3: envoy.api.v2.auth.PrivateKeyProvider.typed_config:type_name -> google.protobuf.Any
+	9,  // 4: envoy.api.v2.auth.TlsCertificate.certificate_chain:type_name -> envoy.api.v2.core.DataSource
+	9,  // 5: envoy.api.v2.auth.TlsCertificate.private_key:type_name -> envoy.api.v2.core.DataSource
+	3,  // 6: envoy.api.v2.auth.TlsCertificate.private_key_provider:type_name -> envoy.api.v2.auth.PrivateKeyProvider
+	9,  // 7: envoy.api.v2.auth.TlsCertificate.password:type_name -> envoy.api.v2.core.DataSource
+	9,  // 8: envoy.api.v2.auth.TlsCertificate.ocsp_staple:type_name -> envoy.api.v2.core.DataSource
+	9,  // 9: envoy.api.v2.auth.TlsCertificate.signed_certificate_timestamp:type_name -> envoy.api.v2.core.DataSource
+	9,  // 10: envoy.api.v2.auth.TlsSessionTicketKeys.keys:type_name -> envoy.api.v2.core.DataSource
+	9,  // 11: envoy.api.v2.auth.CertificateValidationContext.trusted_ca:type_name -> envoy.api.v2.core.DataSource
+	10, // 12: envoy.api.v2.auth.CertificateValidationContext.match_subject_alt_names:type_name -> envoy.type.matcher.StringMatcher
+	11, // 13: envoy.api.v2.auth.CertificateValidationContext.require_ocsp_staple:type_name -> google.protobuf.BoolValue
+	11, // 14: envoy.api.v2.auth.CertificateValidationContext.require_signed_certificate_timestamp:type_name -> google.protobuf.BoolValue
+	9,  // 15: envoy.api.v2.auth.CertificateValidationContext.crl:type_name -> envoy.api.v2.core.DataSource
+	1,  // 16: envoy.api.v2.auth.CertificateValidationContext.trust_chain_verification:type_name -> envoy.api.v2.auth.CertificateValidationContext.TrustChainVerification
+	17, // [17:17] is the sub-list for method output_type
+	17, // [17:17] is the sub-list for method input_type
+	17, // [17:17] is the sub-list for extension type_name
+	17, // [17:17] is the sub-list for extension extendee
+	0,  // [0:17] is the sub-list for field type_name
+}
+
+func init() { file_envoy_api_v2_auth_common_proto_init() }
+func file_envoy_api_v2_auth_common_proto_init() {
+	if File_envoy_api_v2_auth_common_proto != nil {
+		return
+	}
+	if !protoimpl.UnsafeEnabled {
+		file_envoy_api_v2_auth_common_proto_msgTypes[0].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*TlsParameters); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_api_v2_auth_common_proto_msgTypes[1].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*PrivateKeyProvider); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_api_v2_auth_common_proto_msgTypes[2].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*TlsCertificate); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_api_v2_auth_common_proto_msgTypes[3].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*TlsSessionTicketKeys); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_api_v2_auth_common_proto_msgTypes[4].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*CertificateValidationContext); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+	}
+	file_envoy_api_v2_auth_common_proto_msgTypes[1].OneofWrappers = []interface{}{
+		(*PrivateKeyProvider_Config)(nil),
+		(*PrivateKeyProvider_TypedConfig)(nil),
+	}
+	type x struct{}
+	out := protoimpl.TypeBuilder{
+		File: protoimpl.DescBuilder{
+			GoPackagePath: reflect.TypeOf(x{}).PkgPath(),
+			RawDescriptor: file_envoy_api_v2_auth_common_proto_rawDesc,
+			NumEnums:      2,
+			NumMessages:   5,
+			NumExtensions: 0,
+			NumServices:   0,
+		},
+		GoTypes:           file_envoy_api_v2_auth_common_proto_goTypes,
+		DependencyIndexes: file_envoy_api_v2_auth_common_proto_depIdxs,
+		EnumInfos:         file_envoy_api_v2_auth_common_proto_enumTypes,
+		MessageInfos:      file_envoy_api_v2_auth_common_proto_msgTypes,
+	}.Build()
+	File_envoy_api_v2_auth_common_proto = out.File
+	file_envoy_api_v2_auth_common_proto_rawDesc = nil
+	file_envoy_api_v2_auth_common_proto_goTypes = nil
+	file_envoy_api_v2_auth_common_proto_depIdxs = nil
+}
diff --git a/vendor/github.com/envoyproxy/go-control-plane/envoy/api/v2/auth/common.pb.validate.go b/vendor/github.com/envoyproxy/go-control-plane/envoy/api/v2/auth/common.pb.validate.go
new file mode 100644
index 00000000000..5b7ad9c0e10
--- /dev/null
+++ b/vendor/github.com/envoyproxy/go-control-plane/envoy/api/v2/auth/common.pb.validate.go
@@ -0,0 +1,1056 @@
+// Code generated by protoc-gen-validate. DO NOT EDIT.
+// source: envoy/api/v2/auth/common.proto
+
+package envoy_api_v2_auth
+
+import (
+	"bytes"
+	"errors"
+	"fmt"
+	"net"
+	"net/mail"
+	"net/url"
+	"regexp"
+	"sort"
+	"strings"
+	"time"
+	"unicode/utf8"
+
+	"google.golang.org/protobuf/types/known/anypb"
+)
+
+// ensure the imports are used
+var (
+	_ = bytes.MinRead
+	_ = errors.New("")
+	_ = fmt.Print
+	_ = utf8.UTFMax
+	_ = (*regexp.Regexp)(nil)
+	_ = (*strings.Reader)(nil)
+	_ = net.IPv4len
+	_ = time.Duration(0)
+	_ = (*url.URL)(nil)
+	_ = (*mail.Address)(nil)
+	_ = anypb.Any{}
+	_ = sort.Sort
+)
+
+// Validate checks the field values on TlsParameters with the rules defined in
+// the proto definition for this message. If any rules are violated, the first
+// error encountered is returned, or nil if there are no violations.
+func (m *TlsParameters) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on TlsParameters with the rules defined
+// in the proto definition for this message. If any rules are violated, the
+// result is a list of violation errors wrapped in TlsParametersMultiError, or
+// nil if none found.
+func (m *TlsParameters) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *TlsParameters) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	if _, ok := TlsParameters_TlsProtocol_name[int32(m.GetTlsMinimumProtocolVersion())]; !ok {
+		err := TlsParametersValidationError{
+			field:  "TlsMinimumProtocolVersion",
+			reason: "value must be one of the defined enum values",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+	}
+
+	if _, ok := TlsParameters_TlsProtocol_name[int32(m.GetTlsMaximumProtocolVersion())]; !ok {
+		err := TlsParametersValidationError{
+			field:  "TlsMaximumProtocolVersion",
+			reason: "value must be one of the defined enum values",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+	}
+
+	if len(errors) > 0 {
+		return TlsParametersMultiError(errors)
+	}
+	return nil
+}
+
+// TlsParametersMultiError is an error wrapping multiple validation errors
+// returned by TlsParameters.ValidateAll() if the designated constraints
+// aren't met.
+type TlsParametersMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m TlsParametersMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m TlsParametersMultiError) AllErrors() []error { return m }
+
+// TlsParametersValidationError is the validation error returned by
+// TlsParameters.Validate if the designated constraints aren't met.
+type TlsParametersValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e TlsParametersValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e TlsParametersValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e TlsParametersValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e TlsParametersValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e TlsParametersValidationError) ErrorName() string { return "TlsParametersValidationError" }
+
+// Error satisfies the builtin error interface
+func (e TlsParametersValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sTlsParameters.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = TlsParametersValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = TlsParametersValidationError{}
+
+// Validate checks the field values on PrivateKeyProvider with the rules
+// defined in the proto definition for this message. If any rules are
+// violated, the first error encountered is returned, or nil if there are no violations.
+func (m *PrivateKeyProvider) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on PrivateKeyProvider with the rules
+// defined in the proto definition for this message. If any rules are
+// violated, the result is a list of violation errors wrapped in
+// PrivateKeyProviderMultiError, or nil if none found.
+func (m *PrivateKeyProvider) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *PrivateKeyProvider) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	if len(m.GetProviderName()) < 1 {
+		err := PrivateKeyProviderValidationError{
+			field:  "ProviderName",
+			reason: "value length must be at least 1 bytes",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+	}
+
+	switch m.ConfigType.(type) {
+
+	case *PrivateKeyProvider_Config:
+
+		if all {
+			switch v := interface{}(m.GetConfig()).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, PrivateKeyProviderValidationError{
+						field:  "Config",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, PrivateKeyProviderValidationError{
+						field:  "Config",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(m.GetConfig()).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return PrivateKeyProviderValidationError{
+					field:  "Config",
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	case *PrivateKeyProvider_TypedConfig:
+
+		if all {
+			switch v := interface{}(m.GetTypedConfig()).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, PrivateKeyProviderValidationError{
+						field:  "TypedConfig",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, PrivateKeyProviderValidationError{
+						field:  "TypedConfig",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(m.GetTypedConfig()).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return PrivateKeyProviderValidationError{
+					field:  "TypedConfig",
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	}
+
+	if len(errors) > 0 {
+		return PrivateKeyProviderMultiError(errors)
+	}
+	return nil
+}
+
+// PrivateKeyProviderMultiError is an error wrapping multiple validation errors
+// returned by PrivateKeyProvider.ValidateAll() if the designated constraints
+// aren't met.
+type PrivateKeyProviderMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m PrivateKeyProviderMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m PrivateKeyProviderMultiError) AllErrors() []error { return m }
+
+// PrivateKeyProviderValidationError is the validation error returned by
+// PrivateKeyProvider.Validate if the designated constraints aren't met.
+type PrivateKeyProviderValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e PrivateKeyProviderValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e PrivateKeyProviderValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e PrivateKeyProviderValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e PrivateKeyProviderValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e PrivateKeyProviderValidationError) ErrorName() string {
+	return "PrivateKeyProviderValidationError"
+}
+
+// Error satisfies the builtin error interface
+func (e PrivateKeyProviderValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sPrivateKeyProvider.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = PrivateKeyProviderValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = PrivateKeyProviderValidationError{}
+
+// Validate checks the field values on TlsCertificate with the rules defined in
+// the proto definition for this message. If any rules are violated, the first
+// error encountered is returned, or nil if there are no violations.
+func (m *TlsCertificate) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on TlsCertificate with the rules defined
+// in the proto definition for this message. If any rules are violated, the
+// result is a list of violation errors wrapped in TlsCertificateMultiError,
+// or nil if none found.
+func (m *TlsCertificate) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *TlsCertificate) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	if all {
+		switch v := interface{}(m.GetCertificateChain()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, TlsCertificateValidationError{
+					field:  "CertificateChain",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, TlsCertificateValidationError{
+					field:  "CertificateChain",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetCertificateChain()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return TlsCertificateValidationError{
+				field:  "CertificateChain",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if all {
+		switch v := interface{}(m.GetPrivateKey()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, TlsCertificateValidationError{
+					field:  "PrivateKey",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, TlsCertificateValidationError{
+					field:  "PrivateKey",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetPrivateKey()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return TlsCertificateValidationError{
+				field:  "PrivateKey",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if all {
+		switch v := interface{}(m.GetPrivateKeyProvider()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, TlsCertificateValidationError{
+					field:  "PrivateKeyProvider",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, TlsCertificateValidationError{
+					field:  "PrivateKeyProvider",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetPrivateKeyProvider()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return TlsCertificateValidationError{
+				field:  "PrivateKeyProvider",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if all {
+		switch v := interface{}(m.GetPassword()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, TlsCertificateValidationError{
+					field:  "Password",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, TlsCertificateValidationError{
+					field:  "Password",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetPassword()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return TlsCertificateValidationError{
+				field:  "Password",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if all {
+		switch v := interface{}(m.GetOcspStaple()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, TlsCertificateValidationError{
+					field:  "OcspStaple",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, TlsCertificateValidationError{
+					field:  "OcspStaple",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetOcspStaple()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return TlsCertificateValidationError{
+				field:  "OcspStaple",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	for idx, item := range m.GetSignedCertificateTimestamp() {
+		_, _ = idx, item
+
+		if all {
+			switch v := interface{}(item).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, TlsCertificateValidationError{
+						field:  fmt.Sprintf("SignedCertificateTimestamp[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, TlsCertificateValidationError{
+						field:  fmt.Sprintf("SignedCertificateTimestamp[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(item).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return TlsCertificateValidationError{
+					field:  fmt.Sprintf("SignedCertificateTimestamp[%v]", idx),
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	}
+
+	if len(errors) > 0 {
+		return TlsCertificateMultiError(errors)
+	}
+	return nil
+}
+
+// TlsCertificateMultiError is an error wrapping multiple validation errors
+// returned by TlsCertificate.ValidateAll() if the designated constraints
+// aren't met.
+type TlsCertificateMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m TlsCertificateMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m TlsCertificateMultiError) AllErrors() []error { return m }
+
+// TlsCertificateValidationError is the validation error returned by
+// TlsCertificate.Validate if the designated constraints aren't met.
+type TlsCertificateValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e TlsCertificateValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e TlsCertificateValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e TlsCertificateValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e TlsCertificateValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e TlsCertificateValidationError) ErrorName() string { return "TlsCertificateValidationError" }
+
+// Error satisfies the builtin error interface
+func (e TlsCertificateValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sTlsCertificate.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = TlsCertificateValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = TlsCertificateValidationError{}
+
+// Validate checks the field values on TlsSessionTicketKeys with the rules
+// defined in the proto definition for this message. If any rules are
+// violated, the first error encountered is returned, or nil if there are no violations.
+func (m *TlsSessionTicketKeys) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on TlsSessionTicketKeys with the rules
+// defined in the proto definition for this message. If any rules are
+// violated, the result is a list of violation errors wrapped in
+// TlsSessionTicketKeysMultiError, or nil if none found.
+func (m *TlsSessionTicketKeys) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *TlsSessionTicketKeys) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	if len(m.GetKeys()) < 1 {
+		err := TlsSessionTicketKeysValidationError{
+			field:  "Keys",
+			reason: "value must contain at least 1 item(s)",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+	}
+
+	for idx, item := range m.GetKeys() {
+		_, _ = idx, item
+
+		if all {
+			switch v := interface{}(item).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, TlsSessionTicketKeysValidationError{
+						field:  fmt.Sprintf("Keys[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, TlsSessionTicketKeysValidationError{
+						field:  fmt.Sprintf("Keys[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(item).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return TlsSessionTicketKeysValidationError{
+					field:  fmt.Sprintf("Keys[%v]", idx),
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	}
+
+	if len(errors) > 0 {
+		return TlsSessionTicketKeysMultiError(errors)
+	}
+	return nil
+}
+
+// TlsSessionTicketKeysMultiError is an error wrapping multiple validation
+// errors returned by TlsSessionTicketKeys.ValidateAll() if the designated
+// constraints aren't met.
+type TlsSessionTicketKeysMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m TlsSessionTicketKeysMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m TlsSessionTicketKeysMultiError) AllErrors() []error { return m }
+
+// TlsSessionTicketKeysValidationError is the validation error returned by
+// TlsSessionTicketKeys.Validate if the designated constraints aren't met.
+type TlsSessionTicketKeysValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e TlsSessionTicketKeysValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e TlsSessionTicketKeysValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e TlsSessionTicketKeysValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e TlsSessionTicketKeysValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e TlsSessionTicketKeysValidationError) ErrorName() string {
+	return "TlsSessionTicketKeysValidationError"
+}
+
+// Error satisfies the builtin error interface
+func (e TlsSessionTicketKeysValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sTlsSessionTicketKeys.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = TlsSessionTicketKeysValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = TlsSessionTicketKeysValidationError{}
+
+// Validate checks the field values on CertificateValidationContext with the
+// rules defined in the proto definition for this message. If any rules are
+// violated, the first error encountered is returned, or nil if there are no violations.
+func (m *CertificateValidationContext) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on CertificateValidationContext with the
+// rules defined in the proto definition for this message. If any rules are
+// violated, the result is a list of violation errors wrapped in
+// CertificateValidationContextMultiError, or nil if none found.
+func (m *CertificateValidationContext) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *CertificateValidationContext) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	if all {
+		switch v := interface{}(m.GetTrustedCa()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, CertificateValidationContextValidationError{
+					field:  "TrustedCa",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, CertificateValidationContextValidationError{
+					field:  "TrustedCa",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetTrustedCa()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return CertificateValidationContextValidationError{
+				field:  "TrustedCa",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	for idx, item := range m.GetVerifyCertificateSpki() {
+		_, _ = idx, item
+
+		if len(item) != 44 {
+			err := CertificateValidationContextValidationError{
+				field:  fmt.Sprintf("VerifyCertificateSpki[%v]", idx),
+				reason: "value length must be 44 bytes",
+			}
+			if !all {
+				return err
+			}
+			errors = append(errors, err)
+		}
+
+	}
+
+	for idx, item := range m.GetVerifyCertificateHash() {
+		_, _ = idx, item
+
+		if l := len(item); l < 64 || l > 95 {
+			err := CertificateValidationContextValidationError{
+				field:  fmt.Sprintf("VerifyCertificateHash[%v]", idx),
+				reason: "value length must be between 64 and 95 bytes, inclusive",
+			}
+			if !all {
+				return err
+			}
+			errors = append(errors, err)
+		}
+
+	}
+
+	for idx, item := range m.GetMatchSubjectAltNames() {
+		_, _ = idx, item
+
+		if all {
+			switch v := interface{}(item).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, CertificateValidationContextValidationError{
+						field:  fmt.Sprintf("MatchSubjectAltNames[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, CertificateValidationContextValidationError{
+						field:  fmt.Sprintf("MatchSubjectAltNames[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(item).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return CertificateValidationContextValidationError{
+					field:  fmt.Sprintf("MatchSubjectAltNames[%v]", idx),
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	}
+
+	if all {
+		switch v := interface{}(m.GetRequireOcspStaple()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, CertificateValidationContextValidationError{
+					field:  "RequireOcspStaple",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, CertificateValidationContextValidationError{
+					field:  "RequireOcspStaple",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetRequireOcspStaple()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return CertificateValidationContextValidationError{
+				field:  "RequireOcspStaple",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if all {
+		switch v := interface{}(m.GetRequireSignedCertificateTimestamp()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, CertificateValidationContextValidationError{
+					field:  "RequireSignedCertificateTimestamp",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, CertificateValidationContextValidationError{
+					field:  "RequireSignedCertificateTimestamp",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetRequireSignedCertificateTimestamp()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return CertificateValidationContextValidationError{
+				field:  "RequireSignedCertificateTimestamp",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if all {
+		switch v := interface{}(m.GetCrl()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, CertificateValidationContextValidationError{
+					field:  "Crl",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, CertificateValidationContextValidationError{
+					field:  "Crl",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetCrl()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return CertificateValidationContextValidationError{
+				field:  "Crl",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	// no validation rules for AllowExpiredCertificate
+
+	if _, ok := CertificateValidationContext_TrustChainVerification_name[int32(m.GetTrustChainVerification())]; !ok {
+		err := CertificateValidationContextValidationError{
+			field:  "TrustChainVerification",
+			reason: "value must be one of the defined enum values",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+	}
+
+	if len(errors) > 0 {
+		return CertificateValidationContextMultiError(errors)
+	}
+	return nil
+}
+
+// CertificateValidationContextMultiError is an error wrapping multiple
+// validation errors returned by CertificateValidationContext.ValidateAll() if
+// the designated constraints aren't met.
+type CertificateValidationContextMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m CertificateValidationContextMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m CertificateValidationContextMultiError) AllErrors() []error { return m }
+
+// CertificateValidationContextValidationError is the validation error returned
+// by CertificateValidationContext.Validate if the designated constraints
+// aren't met.
+type CertificateValidationContextValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e CertificateValidationContextValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e CertificateValidationContextValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e CertificateValidationContextValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e CertificateValidationContextValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e CertificateValidationContextValidationError) ErrorName() string {
+	return "CertificateValidationContextValidationError"
+}
+
+// Error satisfies the builtin error interface
+func (e CertificateValidationContextValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sCertificateValidationContext.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = CertificateValidationContextValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = CertificateValidationContextValidationError{}
diff --git a/vendor/github.com/envoyproxy/go-control-plane/envoy/api/v2/auth/secret.pb.go b/vendor/github.com/envoyproxy/go-control-plane/envoy/api/v2/auth/secret.pb.go
new file mode 100644
index 00000000000..45c45674efd
--- /dev/null
+++ b/vendor/github.com/envoyproxy/go-control-plane/envoy/api/v2/auth/secret.pb.go
@@ -0,0 +1,422 @@
+// Code generated by protoc-gen-go. DO NOT EDIT.
+// versions:
+// 	protoc-gen-go v1.25.0
+// 	protoc        v3.19.1
+// source: envoy/api/v2/auth/secret.proto
+
+package envoy_api_v2_auth
+
+import (
+	_ "github.com/cncf/xds/go/udpa/annotations"
+	core "github.com/envoyproxy/go-control-plane/envoy/api/v2/core"
+	proto "github.com/golang/protobuf/proto"
+	protoreflect "google.golang.org/protobuf/reflect/protoreflect"
+	protoimpl "google.golang.org/protobuf/runtime/protoimpl"
+	reflect "reflect"
+	sync "sync"
+)
+
+const (
+	// Verify that this generated code is sufficiently up-to-date.
+	_ = protoimpl.EnforceVersion(20 - protoimpl.MinVersion)
+	// Verify that runtime/protoimpl is sufficiently up-to-date.
+	_ = protoimpl.EnforceVersion(protoimpl.MaxVersion - 20)
+)
+
+// This is a compile-time assertion that a sufficiently up-to-date version
+// of the legacy proto package is being used.
+const _ = proto.ProtoPackageIsVersion4
+
+type GenericSecret struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// Secret of generic type and is available to filters.
+	Secret *core.DataSource `protobuf:"bytes,1,opt,name=secret,proto3" json:"secret,omitempty"`
+}
+
+func (x *GenericSecret) Reset() {
+	*x = GenericSecret{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_api_v2_auth_secret_proto_msgTypes[0]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *GenericSecret) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*GenericSecret) ProtoMessage() {}
+
+func (x *GenericSecret) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_api_v2_auth_secret_proto_msgTypes[0]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use GenericSecret.ProtoReflect.Descriptor instead.
+func (*GenericSecret) Descriptor() ([]byte, []int) {
+	return file_envoy_api_v2_auth_secret_proto_rawDescGZIP(), []int{0}
+}
+
+func (x *GenericSecret) GetSecret() *core.DataSource {
+	if x != nil {
+		return x.Secret
+	}
+	return nil
+}
+
+type SdsSecretConfig struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// Name (FQDN, UUID, SPKI, SHA256, etc.) by which the secret can be uniquely referred to.
+	// When both name and config are specified, then secret can be fetched and/or reloaded via
+	// SDS. When only name is specified, then secret will be loaded from static resources.
+	Name      string             `protobuf:"bytes,1,opt,name=name,proto3" json:"name,omitempty"`
+	SdsConfig *core.ConfigSource `protobuf:"bytes,2,opt,name=sds_config,json=sdsConfig,proto3" json:"sds_config,omitempty"`
+}
+
+func (x *SdsSecretConfig) Reset() {
+	*x = SdsSecretConfig{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_api_v2_auth_secret_proto_msgTypes[1]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *SdsSecretConfig) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*SdsSecretConfig) ProtoMessage() {}
+
+func (x *SdsSecretConfig) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_api_v2_auth_secret_proto_msgTypes[1]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use SdsSecretConfig.ProtoReflect.Descriptor instead.
+func (*SdsSecretConfig) Descriptor() ([]byte, []int) {
+	return file_envoy_api_v2_auth_secret_proto_rawDescGZIP(), []int{1}
+}
+
+func (x *SdsSecretConfig) GetName() string {
+	if x != nil {
+		return x.Name
+	}
+	return ""
+}
+
+func (x *SdsSecretConfig) GetSdsConfig() *core.ConfigSource {
+	if x != nil {
+		return x.SdsConfig
+	}
+	return nil
+}
+
+// [#next-free-field: 6]
+type Secret struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// Name (FQDN, UUID, SPKI, SHA256, etc.) by which the secret can be uniquely referred to.
+	Name string `protobuf:"bytes,1,opt,name=name,proto3" json:"name,omitempty"`
+	// Types that are assignable to Type:
+	//	*Secret_TlsCertificate
+	//	*Secret_SessionTicketKeys
+	//	*Secret_ValidationContext
+	//	*Secret_GenericSecret
+	Type isSecret_Type `protobuf_oneof:"type"`
+}
+
+func (x *Secret) Reset() {
+	*x = Secret{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_api_v2_auth_secret_proto_msgTypes[2]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *Secret) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*Secret) ProtoMessage() {}
+
+func (x *Secret) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_api_v2_auth_secret_proto_msgTypes[2]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use Secret.ProtoReflect.Descriptor instead.
+func (*Secret) Descriptor() ([]byte, []int) {
+	return file_envoy_api_v2_auth_secret_proto_rawDescGZIP(), []int{2}
+}
+
+func (x *Secret) GetName() string {
+	if x != nil {
+		return x.Name
+	}
+	return ""
+}
+
+func (m *Secret) GetType() isSecret_Type {
+	if m != nil {
+		return m.Type
+	}
+	return nil
+}
+
+func (x *Secret) GetTlsCertificate() *TlsCertificate {
+	if x, ok := x.GetType().(*Secret_TlsCertificate); ok {
+		return x.TlsCertificate
+	}
+	return nil
+}
+
+func (x *Secret) GetSessionTicketKeys() *TlsSessionTicketKeys {
+	if x, ok := x.GetType().(*Secret_SessionTicketKeys); ok {
+		return x.SessionTicketKeys
+	}
+	return nil
+}
+
+func (x *Secret) GetValidationContext() *CertificateValidationContext {
+	if x, ok := x.GetType().(*Secret_ValidationContext); ok {
+		return x.ValidationContext
+	}
+	return nil
+}
+
+func (x *Secret) GetGenericSecret() *GenericSecret {
+	if x, ok := x.GetType().(*Secret_GenericSecret); ok {
+		return x.GenericSecret
+	}
+	return nil
+}
+
+type isSecret_Type interface {
+	isSecret_Type()
+}
+
+type Secret_TlsCertificate struct {
+	TlsCertificate *TlsCertificate `protobuf:"bytes,2,opt,name=tls_certificate,json=tlsCertificate,proto3,oneof"`
+}
+
+type Secret_SessionTicketKeys struct {
+	SessionTicketKeys *TlsSessionTicketKeys `protobuf:"bytes,3,opt,name=session_ticket_keys,json=sessionTicketKeys,proto3,oneof"`
+}
+
+type Secret_ValidationContext struct {
+	ValidationContext *CertificateValidationContext `protobuf:"bytes,4,opt,name=validation_context,json=validationContext,proto3,oneof"`
+}
+
+type Secret_GenericSecret struct {
+	GenericSecret *GenericSecret `protobuf:"bytes,5,opt,name=generic_secret,json=genericSecret,proto3,oneof"`
+}
+
+func (*Secret_TlsCertificate) isSecret_Type() {}
+
+func (*Secret_SessionTicketKeys) isSecret_Type() {}
+
+func (*Secret_ValidationContext) isSecret_Type() {}
+
+func (*Secret_GenericSecret) isSecret_Type() {}
+
+var File_envoy_api_v2_auth_secret_proto protoreflect.FileDescriptor
+
+var file_envoy_api_v2_auth_secret_proto_rawDesc = []byte{
+	0x0a, 0x1e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2f, 0x61, 0x70, 0x69, 0x2f, 0x76, 0x32, 0x2f, 0x61,
+	0x75, 0x74, 0x68, 0x2f, 0x73, 0x65, 0x63, 0x72, 0x65, 0x74, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f,
+	0x12, 0x11, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x76, 0x32, 0x2e, 0x61,
+	0x75, 0x74, 0x68, 0x1a, 0x1e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2f, 0x61, 0x70, 0x69, 0x2f, 0x76,
+	0x32, 0x2f, 0x61, 0x75, 0x74, 0x68, 0x2f, 0x63, 0x6f, 0x6d, 0x6d, 0x6f, 0x6e, 0x2e, 0x70, 0x72,
+	0x6f, 0x74, 0x6f, 0x1a, 0x1c, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2f, 0x61, 0x70, 0x69, 0x2f, 0x76,
+	0x32, 0x2f, 0x63, 0x6f, 0x72, 0x65, 0x2f, 0x62, 0x61, 0x73, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74,
+	0x6f, 0x1a, 0x25, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2f, 0x61, 0x70, 0x69, 0x2f, 0x76, 0x32, 0x2f,
+	0x63, 0x6f, 0x72, 0x65, 0x2f, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x5f, 0x73, 0x6f, 0x75, 0x72,
+	0x63, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x1e, 0x75, 0x64, 0x70, 0x61, 0x2f, 0x61,
+	0x6e, 0x6e, 0x6f, 0x74, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x2f, 0x6d, 0x69, 0x67, 0x72, 0x61,
+	0x74, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x20, 0x75, 0x64, 0x70, 0x61, 0x2f, 0x61,
+	0x6e, 0x6e, 0x6f, 0x74, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x2f, 0x73, 0x65, 0x6e, 0x73, 0x69,
+	0x74, 0x69, 0x76, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x1d, 0x75, 0x64, 0x70, 0x61,
+	0x2f, 0x61, 0x6e, 0x6e, 0x6f, 0x74, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x2f, 0x73, 0x74, 0x61,
+	0x74, 0x75, 0x73, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x22, 0x4e, 0x0a, 0x0d, 0x47, 0x65, 0x6e,
+	0x65, 0x72, 0x69, 0x63, 0x53, 0x65, 0x63, 0x72, 0x65, 0x74, 0x12, 0x3d, 0x0a, 0x06, 0x73, 0x65,
+	0x63, 0x72, 0x65, 0x74, 0x18, 0x01, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1d, 0x2e, 0x65, 0x6e, 0x76,
+	0x6f, 0x79, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x76, 0x32, 0x2e, 0x63, 0x6f, 0x72, 0x65, 0x2e, 0x44,
+	0x61, 0x74, 0x61, 0x53, 0x6f, 0x75, 0x72, 0x63, 0x65, 0x42, 0x06, 0xb8, 0xb7, 0x8b, 0xa4, 0x02,
+	0x01, 0x52, 0x06, 0x73, 0x65, 0x63, 0x72, 0x65, 0x74, 0x22, 0x65, 0x0a, 0x0f, 0x53, 0x64, 0x73,
+	0x53, 0x65, 0x63, 0x72, 0x65, 0x74, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x12, 0x12, 0x0a, 0x04,
+	0x6e, 0x61, 0x6d, 0x65, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x04, 0x6e, 0x61, 0x6d, 0x65,
+	0x12, 0x3e, 0x0a, 0x0a, 0x73, 0x64, 0x73, 0x5f, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x18, 0x02,
+	0x20, 0x01, 0x28, 0x0b, 0x32, 0x1f, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61, 0x70, 0x69,
+	0x2e, 0x76, 0x32, 0x2e, 0x63, 0x6f, 0x72, 0x65, 0x2e, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x53,
+	0x6f, 0x75, 0x72, 0x63, 0x65, 0x52, 0x09, 0x73, 0x64, 0x73, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67,
+	0x22, 0xfa, 0x02, 0x0a, 0x06, 0x53, 0x65, 0x63, 0x72, 0x65, 0x74, 0x12, 0x12, 0x0a, 0x04, 0x6e,
+	0x61, 0x6d, 0x65, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x04, 0x6e, 0x61, 0x6d, 0x65, 0x12,
+	0x4c, 0x0a, 0x0f, 0x74, 0x6c, 0x73, 0x5f, 0x63, 0x65, 0x72, 0x74, 0x69, 0x66, 0x69, 0x63, 0x61,
+	0x74, 0x65, 0x18, 0x02, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x21, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79,
+	0x2e, 0x61, 0x70, 0x69, 0x2e, 0x76, 0x32, 0x2e, 0x61, 0x75, 0x74, 0x68, 0x2e, 0x54, 0x6c, 0x73,
+	0x43, 0x65, 0x72, 0x74, 0x69, 0x66, 0x69, 0x63, 0x61, 0x74, 0x65, 0x48, 0x00, 0x52, 0x0e, 0x74,
+	0x6c, 0x73, 0x43, 0x65, 0x72, 0x74, 0x69, 0x66, 0x69, 0x63, 0x61, 0x74, 0x65, 0x12, 0x59, 0x0a,
+	0x13, 0x73, 0x65, 0x73, 0x73, 0x69, 0x6f, 0x6e, 0x5f, 0x74, 0x69, 0x63, 0x6b, 0x65, 0x74, 0x5f,
+	0x6b, 0x65, 0x79, 0x73, 0x18, 0x03, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x27, 0x2e, 0x65, 0x6e, 0x76,
+	0x6f, 0x79, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x76, 0x32, 0x2e, 0x61, 0x75, 0x74, 0x68, 0x2e, 0x54,
+	0x6c, 0x73, 0x53, 0x65, 0x73, 0x73, 0x69, 0x6f, 0x6e, 0x54, 0x69, 0x63, 0x6b, 0x65, 0x74, 0x4b,
+	0x65, 0x79, 0x73, 0x48, 0x00, 0x52, 0x11, 0x73, 0x65, 0x73, 0x73, 0x69, 0x6f, 0x6e, 0x54, 0x69,
+	0x63, 0x6b, 0x65, 0x74, 0x4b, 0x65, 0x79, 0x73, 0x12, 0x60, 0x0a, 0x12, 0x76, 0x61, 0x6c, 0x69,
+	0x64, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x5f, 0x63, 0x6f, 0x6e, 0x74, 0x65, 0x78, 0x74, 0x18, 0x04,
+	0x20, 0x01, 0x28, 0x0b, 0x32, 0x2f, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61, 0x70, 0x69,
+	0x2e, 0x76, 0x32, 0x2e, 0x61, 0x75, 0x74, 0x68, 0x2e, 0x43, 0x65, 0x72, 0x74, 0x69, 0x66, 0x69,
+	0x63, 0x61, 0x74, 0x65, 0x56, 0x61, 0x6c, 0x69, 0x64, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x43, 0x6f,
+	0x6e, 0x74, 0x65, 0x78, 0x74, 0x48, 0x00, 0x52, 0x11, 0x76, 0x61, 0x6c, 0x69, 0x64, 0x61, 0x74,
+	0x69, 0x6f, 0x6e, 0x43, 0x6f, 0x6e, 0x74, 0x65, 0x78, 0x74, 0x12, 0x49, 0x0a, 0x0e, 0x67, 0x65,
+	0x6e, 0x65, 0x72, 0x69, 0x63, 0x5f, 0x73, 0x65, 0x63, 0x72, 0x65, 0x74, 0x18, 0x05, 0x20, 0x01,
+	0x28, 0x0b, 0x32, 0x20, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x76,
+	0x32, 0x2e, 0x61, 0x75, 0x74, 0x68, 0x2e, 0x47, 0x65, 0x6e, 0x65, 0x72, 0x69, 0x63, 0x53, 0x65,
+	0x63, 0x72, 0x65, 0x74, 0x48, 0x00, 0x52, 0x0d, 0x67, 0x65, 0x6e, 0x65, 0x72, 0x69, 0x63, 0x53,
+	0x65, 0x63, 0x72, 0x65, 0x74, 0x42, 0x06, 0x0a, 0x04, 0x74, 0x79, 0x70, 0x65, 0x42, 0x69, 0x0a,
+	0x1f, 0x69, 0x6f, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x70, 0x72, 0x6f, 0x78, 0x79, 0x2e, 0x65,
+	0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x76, 0x32, 0x2e, 0x61, 0x75, 0x74, 0x68,
+	0x42, 0x0b, 0x53, 0x65, 0x63, 0x72, 0x65, 0x74, 0x50, 0x72, 0x6f, 0x74, 0x6f, 0x50, 0x01, 0xf2,
+	0x98, 0xfe, 0x8f, 0x05, 0x2b, 0x12, 0x29, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x65, 0x78, 0x74,
+	0x65, 0x6e, 0x73, 0x69, 0x6f, 0x6e, 0x73, 0x2e, 0x74, 0x72, 0x61, 0x6e, 0x73, 0x70, 0x6f, 0x72,
+	0x74, 0x5f, 0x73, 0x6f, 0x63, 0x6b, 0x65, 0x74, 0x73, 0x2e, 0x74, 0x6c, 0x73, 0x2e, 0x76, 0x33,
+	0xba, 0x80, 0xc8, 0xd1, 0x06, 0x02, 0x10, 0x01, 0x62, 0x06, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x33,
+}
+
+var (
+	file_envoy_api_v2_auth_secret_proto_rawDescOnce sync.Once
+	file_envoy_api_v2_auth_secret_proto_rawDescData = file_envoy_api_v2_auth_secret_proto_rawDesc
+)
+
+func file_envoy_api_v2_auth_secret_proto_rawDescGZIP() []byte {
+	file_envoy_api_v2_auth_secret_proto_rawDescOnce.Do(func() {
+		file_envoy_api_v2_auth_secret_proto_rawDescData = protoimpl.X.CompressGZIP(file_envoy_api_v2_auth_secret_proto_rawDescData)
+	})
+	return file_envoy_api_v2_auth_secret_proto_rawDescData
+}
+
+var file_envoy_api_v2_auth_secret_proto_msgTypes = make([]protoimpl.MessageInfo, 3)
+var file_envoy_api_v2_auth_secret_proto_goTypes = []interface{}{
+	(*GenericSecret)(nil),                // 0: envoy.api.v2.auth.GenericSecret
+	(*SdsSecretConfig)(nil),              // 1: envoy.api.v2.auth.SdsSecretConfig
+	(*Secret)(nil),                       // 2: envoy.api.v2.auth.Secret
+	(*core.DataSource)(nil),              // 3: envoy.api.v2.core.DataSource
+	(*core.ConfigSource)(nil),            // 4: envoy.api.v2.core.ConfigSource
+	(*TlsCertificate)(nil),               // 5: envoy.api.v2.auth.TlsCertificate
+	(*TlsSessionTicketKeys)(nil),         // 6: envoy.api.v2.auth.TlsSessionTicketKeys
+	(*CertificateValidationContext)(nil), // 7: envoy.api.v2.auth.CertificateValidationContext
+}
+var file_envoy_api_v2_auth_secret_proto_depIdxs = []int32{
+	3, // 0: envoy.api.v2.auth.GenericSecret.secret:type_name -> envoy.api.v2.core.DataSource
+	4, // 1: envoy.api.v2.auth.SdsSecretConfig.sds_config:type_name -> envoy.api.v2.core.ConfigSource
+	5, // 2: envoy.api.v2.auth.Secret.tls_certificate:type_name -> envoy.api.v2.auth.TlsCertificate
+	6, // 3: envoy.api.v2.auth.Secret.session_ticket_keys:type_name -> envoy.api.v2.auth.TlsSessionTicketKeys
+	7, // 4: envoy.api.v2.auth.Secret.validation_context:type_name -> envoy.api.v2.auth.CertificateValidationContext
+	0, // 5: envoy.api.v2.auth.Secret.generic_secret:type_name -> envoy.api.v2.auth.GenericSecret
+	6, // [6:6] is the sub-list for method output_type
+	6, // [6:6] is the sub-list for method input_type
+	6, // [6:6] is the sub-list for extension type_name
+	6, // [6:6] is the sub-list for extension extendee
+	0, // [0:6] is the sub-list for field type_name
+}
+
+func init() { file_envoy_api_v2_auth_secret_proto_init() }
+func file_envoy_api_v2_auth_secret_proto_init() {
+	if File_envoy_api_v2_auth_secret_proto != nil {
+		return
+	}
+	file_envoy_api_v2_auth_common_proto_init()
+	if !protoimpl.UnsafeEnabled {
+		file_envoy_api_v2_auth_secret_proto_msgTypes[0].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*GenericSecret); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_api_v2_auth_secret_proto_msgTypes[1].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*SdsSecretConfig); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_api_v2_auth_secret_proto_msgTypes[2].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*Secret); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+	}
+	file_envoy_api_v2_auth_secret_proto_msgTypes[2].OneofWrappers = []interface{}{
+		(*Secret_TlsCertificate)(nil),
+		(*Secret_SessionTicketKeys)(nil),
+		(*Secret_ValidationContext)(nil),
+		(*Secret_GenericSecret)(nil),
+	}
+	type x struct{}
+	out := protoimpl.TypeBuilder{
+		File: protoimpl.DescBuilder{
+			GoPackagePath: reflect.TypeOf(x{}).PkgPath(),
+			RawDescriptor: file_envoy_api_v2_auth_secret_proto_rawDesc,
+			NumEnums:      0,
+			NumMessages:   3,
+			NumExtensions: 0,
+			NumServices:   0,
+		},
+		GoTypes:           file_envoy_api_v2_auth_secret_proto_goTypes,
+		DependencyIndexes: file_envoy_api_v2_auth_secret_proto_depIdxs,
+		MessageInfos:      file_envoy_api_v2_auth_secret_proto_msgTypes,
+	}.Build()
+	File_envoy_api_v2_auth_secret_proto = out.File
+	file_envoy_api_v2_auth_secret_proto_rawDesc = nil
+	file_envoy_api_v2_auth_secret_proto_goTypes = nil
+	file_envoy_api_v2_auth_secret_proto_depIdxs = nil
+}
diff --git a/vendor/github.com/envoyproxy/go-control-plane/envoy/api/v2/auth/secret.pb.validate.go b/vendor/github.com/envoyproxy/go-control-plane/envoy/api/v2/auth/secret.pb.validate.go
new file mode 100644
index 00000000000..e0770f704b0
--- /dev/null
+++ b/vendor/github.com/envoyproxy/go-control-plane/envoy/api/v2/auth/secret.pb.validate.go
@@ -0,0 +1,521 @@
+// Code generated by protoc-gen-validate. DO NOT EDIT.
+// source: envoy/api/v2/auth/secret.proto
+
+package envoy_api_v2_auth
+
+import (
+	"bytes"
+	"errors"
+	"fmt"
+	"net"
+	"net/mail"
+	"net/url"
+	"regexp"
+	"sort"
+	"strings"
+	"time"
+	"unicode/utf8"
+
+	"google.golang.org/protobuf/types/known/anypb"
+)
+
+// ensure the imports are used
+var (
+	_ = bytes.MinRead
+	_ = errors.New("")
+	_ = fmt.Print
+	_ = utf8.UTFMax
+	_ = (*regexp.Regexp)(nil)
+	_ = (*strings.Reader)(nil)
+	_ = net.IPv4len
+	_ = time.Duration(0)
+	_ = (*url.URL)(nil)
+	_ = (*mail.Address)(nil)
+	_ = anypb.Any{}
+	_ = sort.Sort
+)
+
+// Validate checks the field values on GenericSecret with the rules defined in
+// the proto definition for this message. If any rules are violated, the first
+// error encountered is returned, or nil if there are no violations.
+func (m *GenericSecret) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on GenericSecret with the rules defined
+// in the proto definition for this message. If any rules are violated, the
+// result is a list of violation errors wrapped in GenericSecretMultiError, or
+// nil if none found.
+func (m *GenericSecret) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *GenericSecret) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	if all {
+		switch v := interface{}(m.GetSecret()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, GenericSecretValidationError{
+					field:  "Secret",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, GenericSecretValidationError{
+					field:  "Secret",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetSecret()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return GenericSecretValidationError{
+				field:  "Secret",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if len(errors) > 0 {
+		return GenericSecretMultiError(errors)
+	}
+	return nil
+}
+
+// GenericSecretMultiError is an error wrapping multiple validation errors
+// returned by GenericSecret.ValidateAll() if the designated constraints
+// aren't met.
+type GenericSecretMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m GenericSecretMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m GenericSecretMultiError) AllErrors() []error { return m }
+
+// GenericSecretValidationError is the validation error returned by
+// GenericSecret.Validate if the designated constraints aren't met.
+type GenericSecretValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e GenericSecretValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e GenericSecretValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e GenericSecretValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e GenericSecretValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e GenericSecretValidationError) ErrorName() string { return "GenericSecretValidationError" }
+
+// Error satisfies the builtin error interface
+func (e GenericSecretValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sGenericSecret.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = GenericSecretValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = GenericSecretValidationError{}
+
+// Validate checks the field values on SdsSecretConfig with the rules defined
+// in the proto definition for this message. If any rules are violated, the
+// first error encountered is returned, or nil if there are no violations.
+func (m *SdsSecretConfig) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on SdsSecretConfig with the rules
+// defined in the proto definition for this message. If any rules are
+// violated, the result is a list of violation errors wrapped in
+// SdsSecretConfigMultiError, or nil if none found.
+func (m *SdsSecretConfig) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *SdsSecretConfig) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	// no validation rules for Name
+
+	if all {
+		switch v := interface{}(m.GetSdsConfig()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, SdsSecretConfigValidationError{
+					field:  "SdsConfig",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, SdsSecretConfigValidationError{
+					field:  "SdsConfig",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetSdsConfig()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return SdsSecretConfigValidationError{
+				field:  "SdsConfig",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if len(errors) > 0 {
+		return SdsSecretConfigMultiError(errors)
+	}
+	return nil
+}
+
+// SdsSecretConfigMultiError is an error wrapping multiple validation errors
+// returned by SdsSecretConfig.ValidateAll() if the designated constraints
+// aren't met.
+type SdsSecretConfigMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m SdsSecretConfigMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m SdsSecretConfigMultiError) AllErrors() []error { return m }
+
+// SdsSecretConfigValidationError is the validation error returned by
+// SdsSecretConfig.Validate if the designated constraints aren't met.
+type SdsSecretConfigValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e SdsSecretConfigValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e SdsSecretConfigValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e SdsSecretConfigValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e SdsSecretConfigValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e SdsSecretConfigValidationError) ErrorName() string { return "SdsSecretConfigValidationError" }
+
+// Error satisfies the builtin error interface
+func (e SdsSecretConfigValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sSdsSecretConfig.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = SdsSecretConfigValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = SdsSecretConfigValidationError{}
+
+// Validate checks the field values on Secret with the rules defined in the
+// proto definition for this message. If any rules are violated, the first
+// error encountered is returned, or nil if there are no violations.
+func (m *Secret) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on Secret with the rules defined in the
+// proto definition for this message. If any rules are violated, the result is
+// a list of violation errors wrapped in SecretMultiError, or nil if none found.
+func (m *Secret) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *Secret) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	// no validation rules for Name
+
+	switch m.Type.(type) {
+
+	case *Secret_TlsCertificate:
+
+		if all {
+			switch v := interface{}(m.GetTlsCertificate()).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, SecretValidationError{
+						field:  "TlsCertificate",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, SecretValidationError{
+						field:  "TlsCertificate",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(m.GetTlsCertificate()).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return SecretValidationError{
+					field:  "TlsCertificate",
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	case *Secret_SessionTicketKeys:
+
+		if all {
+			switch v := interface{}(m.GetSessionTicketKeys()).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, SecretValidationError{
+						field:  "SessionTicketKeys",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, SecretValidationError{
+						field:  "SessionTicketKeys",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(m.GetSessionTicketKeys()).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return SecretValidationError{
+					field:  "SessionTicketKeys",
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	case *Secret_ValidationContext:
+
+		if all {
+			switch v := interface{}(m.GetValidationContext()).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, SecretValidationError{
+						field:  "ValidationContext",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, SecretValidationError{
+						field:  "ValidationContext",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(m.GetValidationContext()).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return SecretValidationError{
+					field:  "ValidationContext",
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	case *Secret_GenericSecret:
+
+		if all {
+			switch v := interface{}(m.GetGenericSecret()).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, SecretValidationError{
+						field:  "GenericSecret",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, SecretValidationError{
+						field:  "GenericSecret",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(m.GetGenericSecret()).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return SecretValidationError{
+					field:  "GenericSecret",
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	}
+
+	if len(errors) > 0 {
+		return SecretMultiError(errors)
+	}
+	return nil
+}
+
+// SecretMultiError is an error wrapping multiple validation errors returned by
+// Secret.ValidateAll() if the designated constraints aren't met.
+type SecretMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m SecretMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m SecretMultiError) AllErrors() []error { return m }
+
+// SecretValidationError is the validation error returned by Secret.Validate if
+// the designated constraints aren't met.
+type SecretValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e SecretValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e SecretValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e SecretValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e SecretValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e SecretValidationError) ErrorName() string { return "SecretValidationError" }
+
+// Error satisfies the builtin error interface
+func (e SecretValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sSecret.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = SecretValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = SecretValidationError{}
diff --git a/vendor/github.com/envoyproxy/go-control-plane/envoy/api/v2/auth/tls.pb.go b/vendor/github.com/envoyproxy/go-control-plane/envoy/api/v2/auth/tls.pb.go
new file mode 100644
index 00000000000..5db8a295a3a
--- /dev/null
+++ b/vendor/github.com/envoyproxy/go-control-plane/envoy/api/v2/auth/tls.pb.go
@@ -0,0 +1,765 @@
+// Code generated by protoc-gen-go. DO NOT EDIT.
+// versions:
+// 	protoc-gen-go v1.25.0
+// 	protoc        v3.19.1
+// source: envoy/api/v2/auth/tls.proto
+
+package envoy_api_v2_auth
+
+import (
+	_ "github.com/cncf/xds/go/udpa/annotations"
+	_ "github.com/envoyproxy/protoc-gen-validate/validate"
+	proto "github.com/golang/protobuf/proto"
+	duration "github.com/golang/protobuf/ptypes/duration"
+	wrappers "github.com/golang/protobuf/ptypes/wrappers"
+	protoreflect "google.golang.org/protobuf/reflect/protoreflect"
+	protoimpl "google.golang.org/protobuf/runtime/protoimpl"
+	reflect "reflect"
+	sync "sync"
+)
+
+const (
+	// Verify that this generated code is sufficiently up-to-date.
+	_ = protoimpl.EnforceVersion(20 - protoimpl.MinVersion)
+	// Verify that runtime/protoimpl is sufficiently up-to-date.
+	_ = protoimpl.EnforceVersion(protoimpl.MaxVersion - 20)
+)
+
+// This is a compile-time assertion that a sufficiently up-to-date version
+// of the legacy proto package is being used.
+const _ = proto.ProtoPackageIsVersion4
+
+type UpstreamTlsContext struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// Common TLS context settings.
+	//
+	// .. attention::
+	//
+	//   Server certificate verification is not enabled by default. Configure
+	//   :ref:`trusted_ca<envoy_api_field_auth.CertificateValidationContext.trusted_ca>` to enable
+	//   verification.
+	CommonTlsContext *CommonTlsContext `protobuf:"bytes,1,opt,name=common_tls_context,json=commonTlsContext,proto3" json:"common_tls_context,omitempty"`
+	// SNI string to use when creating TLS backend connections.
+	Sni string `protobuf:"bytes,2,opt,name=sni,proto3" json:"sni,omitempty"`
+	// If true, server-initiated TLS renegotiation will be allowed.
+	//
+	// .. attention::
+	//
+	//   TLS renegotiation is considered insecure and shouldn't be used unless absolutely necessary.
+	AllowRenegotiation bool `protobuf:"varint,3,opt,name=allow_renegotiation,json=allowRenegotiation,proto3" json:"allow_renegotiation,omitempty"`
+	// Maximum number of session keys (Pre-Shared Keys for TLSv1.3+, Session IDs and Session Tickets
+	// for TLSv1.2 and older) to store for the purpose of session resumption.
+	//
+	// Defaults to 1, setting this to 0 disables session resumption.
+	MaxSessionKeys *wrappers.UInt32Value `protobuf:"bytes,4,opt,name=max_session_keys,json=maxSessionKeys,proto3" json:"max_session_keys,omitempty"`
+}
+
+func (x *UpstreamTlsContext) Reset() {
+	*x = UpstreamTlsContext{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_api_v2_auth_tls_proto_msgTypes[0]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *UpstreamTlsContext) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*UpstreamTlsContext) ProtoMessage() {}
+
+func (x *UpstreamTlsContext) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_api_v2_auth_tls_proto_msgTypes[0]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use UpstreamTlsContext.ProtoReflect.Descriptor instead.
+func (*UpstreamTlsContext) Descriptor() ([]byte, []int) {
+	return file_envoy_api_v2_auth_tls_proto_rawDescGZIP(), []int{0}
+}
+
+func (x *UpstreamTlsContext) GetCommonTlsContext() *CommonTlsContext {
+	if x != nil {
+		return x.CommonTlsContext
+	}
+	return nil
+}
+
+func (x *UpstreamTlsContext) GetSni() string {
+	if x != nil {
+		return x.Sni
+	}
+	return ""
+}
+
+func (x *UpstreamTlsContext) GetAllowRenegotiation() bool {
+	if x != nil {
+		return x.AllowRenegotiation
+	}
+	return false
+}
+
+func (x *UpstreamTlsContext) GetMaxSessionKeys() *wrappers.UInt32Value {
+	if x != nil {
+		return x.MaxSessionKeys
+	}
+	return nil
+}
+
+// [#next-free-field: 8]
+type DownstreamTlsContext struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// Common TLS context settings.
+	CommonTlsContext *CommonTlsContext `protobuf:"bytes,1,opt,name=common_tls_context,json=commonTlsContext,proto3" json:"common_tls_context,omitempty"`
+	// If specified, Envoy will reject connections without a valid client
+	// certificate.
+	RequireClientCertificate *wrappers.BoolValue `protobuf:"bytes,2,opt,name=require_client_certificate,json=requireClientCertificate,proto3" json:"require_client_certificate,omitempty"`
+	// If specified, Envoy will reject connections without a valid and matching SNI.
+	// [#not-implemented-hide:]
+	RequireSni *wrappers.BoolValue `protobuf:"bytes,3,opt,name=require_sni,json=requireSni,proto3" json:"require_sni,omitempty"`
+	// Types that are assignable to SessionTicketKeysType:
+	//	*DownstreamTlsContext_SessionTicketKeys
+	//	*DownstreamTlsContext_SessionTicketKeysSdsSecretConfig
+	//	*DownstreamTlsContext_DisableStatelessSessionResumption
+	SessionTicketKeysType isDownstreamTlsContext_SessionTicketKeysType `protobuf_oneof:"session_ticket_keys_type"`
+	// If specified, ``session_timeout`` will change the maximum lifetime (in seconds) of the TLS session.
+	// Currently this value is used as a hint for the `TLS session ticket lifetime (for TLSv1.2) <https://tools.ietf.org/html/rfc5077#section-5.6>`_.
+	// Only seconds can be specified (fractional seconds are ignored).
+	SessionTimeout *duration.Duration `protobuf:"bytes,6,opt,name=session_timeout,json=sessionTimeout,proto3" json:"session_timeout,omitempty"`
+}
+
+func (x *DownstreamTlsContext) Reset() {
+	*x = DownstreamTlsContext{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_api_v2_auth_tls_proto_msgTypes[1]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *DownstreamTlsContext) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*DownstreamTlsContext) ProtoMessage() {}
+
+func (x *DownstreamTlsContext) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_api_v2_auth_tls_proto_msgTypes[1]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use DownstreamTlsContext.ProtoReflect.Descriptor instead.
+func (*DownstreamTlsContext) Descriptor() ([]byte, []int) {
+	return file_envoy_api_v2_auth_tls_proto_rawDescGZIP(), []int{1}
+}
+
+func (x *DownstreamTlsContext) GetCommonTlsContext() *CommonTlsContext {
+	if x != nil {
+		return x.CommonTlsContext
+	}
+	return nil
+}
+
+func (x *DownstreamTlsContext) GetRequireClientCertificate() *wrappers.BoolValue {
+	if x != nil {
+		return x.RequireClientCertificate
+	}
+	return nil
+}
+
+func (x *DownstreamTlsContext) GetRequireSni() *wrappers.BoolValue {
+	if x != nil {
+		return x.RequireSni
+	}
+	return nil
+}
+
+func (m *DownstreamTlsContext) GetSessionTicketKeysType() isDownstreamTlsContext_SessionTicketKeysType {
+	if m != nil {
+		return m.SessionTicketKeysType
+	}
+	return nil
+}
+
+func (x *DownstreamTlsContext) GetSessionTicketKeys() *TlsSessionTicketKeys {
+	if x, ok := x.GetSessionTicketKeysType().(*DownstreamTlsContext_SessionTicketKeys); ok {
+		return x.SessionTicketKeys
+	}
+	return nil
+}
+
+func (x *DownstreamTlsContext) GetSessionTicketKeysSdsSecretConfig() *SdsSecretConfig {
+	if x, ok := x.GetSessionTicketKeysType().(*DownstreamTlsContext_SessionTicketKeysSdsSecretConfig); ok {
+		return x.SessionTicketKeysSdsSecretConfig
+	}
+	return nil
+}
+
+func (x *DownstreamTlsContext) GetDisableStatelessSessionResumption() bool {
+	if x, ok := x.GetSessionTicketKeysType().(*DownstreamTlsContext_DisableStatelessSessionResumption); ok {
+		return x.DisableStatelessSessionResumption
+	}
+	return false
+}
+
+func (x *DownstreamTlsContext) GetSessionTimeout() *duration.Duration {
+	if x != nil {
+		return x.SessionTimeout
+	}
+	return nil
+}
+
+type isDownstreamTlsContext_SessionTicketKeysType interface {
+	isDownstreamTlsContext_SessionTicketKeysType()
+}
+
+type DownstreamTlsContext_SessionTicketKeys struct {
+	// TLS session ticket key settings.
+	SessionTicketKeys *TlsSessionTicketKeys `protobuf:"bytes,4,opt,name=session_ticket_keys,json=sessionTicketKeys,proto3,oneof"`
+}
+
+type DownstreamTlsContext_SessionTicketKeysSdsSecretConfig struct {
+	// Config for fetching TLS session ticket keys via SDS API.
+	SessionTicketKeysSdsSecretConfig *SdsSecretConfig `protobuf:"bytes,5,opt,name=session_ticket_keys_sds_secret_config,json=sessionTicketKeysSdsSecretConfig,proto3,oneof"`
+}
+
+type DownstreamTlsContext_DisableStatelessSessionResumption struct {
+	// Config for controlling stateless TLS session resumption: setting this to true will cause the TLS
+	// server to not issue TLS session tickets for the purposes of stateless TLS session resumption.
+	// If set to false, the TLS server will issue TLS session tickets and encrypt/decrypt them using
+	// the keys specified through either :ref:`session_ticket_keys <envoy_api_field_auth.DownstreamTlsContext.session_ticket_keys>`
+	// or :ref:`session_ticket_keys_sds_secret_config <envoy_api_field_auth.DownstreamTlsContext.session_ticket_keys_sds_secret_config>`.
+	// If this config is set to false and no keys are explicitly configured, the TLS server will issue
+	// TLS session tickets and encrypt/decrypt them using an internally-generated and managed key, with the
+	// implication that sessions cannot be resumed across hot restarts or on different hosts.
+	DisableStatelessSessionResumption bool `protobuf:"varint,7,opt,name=disable_stateless_session_resumption,json=disableStatelessSessionResumption,proto3,oneof"`
+}
+
+func (*DownstreamTlsContext_SessionTicketKeys) isDownstreamTlsContext_SessionTicketKeysType() {}
+
+func (*DownstreamTlsContext_SessionTicketKeysSdsSecretConfig) isDownstreamTlsContext_SessionTicketKeysType() {
+}
+
+func (*DownstreamTlsContext_DisableStatelessSessionResumption) isDownstreamTlsContext_SessionTicketKeysType() {
+}
+
+// TLS context shared by both client and server TLS contexts.
+// [#next-free-field: 9]
+type CommonTlsContext struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// TLS protocol versions, cipher suites etc.
+	TlsParams *TlsParameters `protobuf:"bytes,1,opt,name=tls_params,json=tlsParams,proto3" json:"tls_params,omitempty"`
+	// :ref:`Multiple TLS certificates <arch_overview_ssl_cert_select>` can be associated with the
+	// same context to allow both RSA and ECDSA certificates.
+	//
+	// Only a single TLS certificate is supported in client contexts. In server contexts, the first
+	// RSA certificate is used for clients that only support RSA and the first ECDSA certificate is
+	// used for clients that support ECDSA.
+	TlsCertificates []*TlsCertificate `protobuf:"bytes,2,rep,name=tls_certificates,json=tlsCertificates,proto3" json:"tls_certificates,omitempty"`
+	// Configs for fetching TLS certificates via SDS API.
+	TlsCertificateSdsSecretConfigs []*SdsSecretConfig `protobuf:"bytes,6,rep,name=tls_certificate_sds_secret_configs,json=tlsCertificateSdsSecretConfigs,proto3" json:"tls_certificate_sds_secret_configs,omitempty"`
+	// Types that are assignable to ValidationContextType:
+	//	*CommonTlsContext_ValidationContext
+	//	*CommonTlsContext_ValidationContextSdsSecretConfig
+	//	*CommonTlsContext_CombinedValidationContext
+	ValidationContextType isCommonTlsContext_ValidationContextType `protobuf_oneof:"validation_context_type"`
+	// Supplies the list of ALPN protocols that the listener should expose. In
+	// practice this is likely to be set to one of two values (see the
+	// :ref:`codec_type
+	// <envoy_api_field_config.filter.network.http_connection_manager.v2.HttpConnectionManager.codec_type>`
+	// parameter in the HTTP connection manager for more information):
+	//
+	// * "h2,http/1.1" If the listener is going to support both HTTP/2 and HTTP/1.1.
+	// * "http/1.1" If the listener is only going to support HTTP/1.1.
+	//
+	// There is no default for this parameter. If empty, Envoy will not expose ALPN.
+	AlpnProtocols []string `protobuf:"bytes,4,rep,name=alpn_protocols,json=alpnProtocols,proto3" json:"alpn_protocols,omitempty"`
+}
+
+func (x *CommonTlsContext) Reset() {
+	*x = CommonTlsContext{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_api_v2_auth_tls_proto_msgTypes[2]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *CommonTlsContext) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*CommonTlsContext) ProtoMessage() {}
+
+func (x *CommonTlsContext) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_api_v2_auth_tls_proto_msgTypes[2]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use CommonTlsContext.ProtoReflect.Descriptor instead.
+func (*CommonTlsContext) Descriptor() ([]byte, []int) {
+	return file_envoy_api_v2_auth_tls_proto_rawDescGZIP(), []int{2}
+}
+
+func (x *CommonTlsContext) GetTlsParams() *TlsParameters {
+	if x != nil {
+		return x.TlsParams
+	}
+	return nil
+}
+
+func (x *CommonTlsContext) GetTlsCertificates() []*TlsCertificate {
+	if x != nil {
+		return x.TlsCertificates
+	}
+	return nil
+}
+
+func (x *CommonTlsContext) GetTlsCertificateSdsSecretConfigs() []*SdsSecretConfig {
+	if x != nil {
+		return x.TlsCertificateSdsSecretConfigs
+	}
+	return nil
+}
+
+func (m *CommonTlsContext) GetValidationContextType() isCommonTlsContext_ValidationContextType {
+	if m != nil {
+		return m.ValidationContextType
+	}
+	return nil
+}
+
+func (x *CommonTlsContext) GetValidationContext() *CertificateValidationContext {
+	if x, ok := x.GetValidationContextType().(*CommonTlsContext_ValidationContext); ok {
+		return x.ValidationContext
+	}
+	return nil
+}
+
+func (x *CommonTlsContext) GetValidationContextSdsSecretConfig() *SdsSecretConfig {
+	if x, ok := x.GetValidationContextType().(*CommonTlsContext_ValidationContextSdsSecretConfig); ok {
+		return x.ValidationContextSdsSecretConfig
+	}
+	return nil
+}
+
+func (x *CommonTlsContext) GetCombinedValidationContext() *CommonTlsContext_CombinedCertificateValidationContext {
+	if x, ok := x.GetValidationContextType().(*CommonTlsContext_CombinedValidationContext); ok {
+		return x.CombinedValidationContext
+	}
+	return nil
+}
+
+func (x *CommonTlsContext) GetAlpnProtocols() []string {
+	if x != nil {
+		return x.AlpnProtocols
+	}
+	return nil
+}
+
+type isCommonTlsContext_ValidationContextType interface {
+	isCommonTlsContext_ValidationContextType()
+}
+
+type CommonTlsContext_ValidationContext struct {
+	// How to validate peer certificates.
+	ValidationContext *CertificateValidationContext `protobuf:"bytes,3,opt,name=validation_context,json=validationContext,proto3,oneof"`
+}
+
+type CommonTlsContext_ValidationContextSdsSecretConfig struct {
+	// Config for fetching validation context via SDS API.
+	ValidationContextSdsSecretConfig *SdsSecretConfig `protobuf:"bytes,7,opt,name=validation_context_sds_secret_config,json=validationContextSdsSecretConfig,proto3,oneof"`
+}
+
+type CommonTlsContext_CombinedValidationContext struct {
+	// Combined certificate validation context holds a default CertificateValidationContext
+	// and SDS config. When SDS server returns dynamic CertificateValidationContext, both dynamic
+	// and default CertificateValidationContext are merged into a new CertificateValidationContext
+	// for validation. This merge is done by Message::MergeFrom(), so dynamic
+	// CertificateValidationContext overwrites singular fields in default
+	// CertificateValidationContext, and concatenates repeated fields to default
+	// CertificateValidationContext, and logical OR is applied to boolean fields.
+	CombinedValidationContext *CommonTlsContext_CombinedCertificateValidationContext `protobuf:"bytes,8,opt,name=combined_validation_context,json=combinedValidationContext,proto3,oneof"`
+}
+
+func (*CommonTlsContext_ValidationContext) isCommonTlsContext_ValidationContextType() {}
+
+func (*CommonTlsContext_ValidationContextSdsSecretConfig) isCommonTlsContext_ValidationContextType() {
+}
+
+func (*CommonTlsContext_CombinedValidationContext) isCommonTlsContext_ValidationContextType() {}
+
+type CommonTlsContext_CombinedCertificateValidationContext struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// How to validate peer certificates.
+	DefaultValidationContext *CertificateValidationContext `protobuf:"bytes,1,opt,name=default_validation_context,json=defaultValidationContext,proto3" json:"default_validation_context,omitempty"`
+	// Config for fetching validation context via SDS API.
+	ValidationContextSdsSecretConfig *SdsSecretConfig `protobuf:"bytes,2,opt,name=validation_context_sds_secret_config,json=validationContextSdsSecretConfig,proto3" json:"validation_context_sds_secret_config,omitempty"`
+}
+
+func (x *CommonTlsContext_CombinedCertificateValidationContext) Reset() {
+	*x = CommonTlsContext_CombinedCertificateValidationContext{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_api_v2_auth_tls_proto_msgTypes[3]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *CommonTlsContext_CombinedCertificateValidationContext) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*CommonTlsContext_CombinedCertificateValidationContext) ProtoMessage() {}
+
+func (x *CommonTlsContext_CombinedCertificateValidationContext) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_api_v2_auth_tls_proto_msgTypes[3]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use CommonTlsContext_CombinedCertificateValidationContext.ProtoReflect.Descriptor instead.
+func (*CommonTlsContext_CombinedCertificateValidationContext) Descriptor() ([]byte, []int) {
+	return file_envoy_api_v2_auth_tls_proto_rawDescGZIP(), []int{2, 0}
+}
+
+func (x *CommonTlsContext_CombinedCertificateValidationContext) GetDefaultValidationContext() *CertificateValidationContext {
+	if x != nil {
+		return x.DefaultValidationContext
+	}
+	return nil
+}
+
+func (x *CommonTlsContext_CombinedCertificateValidationContext) GetValidationContextSdsSecretConfig() *SdsSecretConfig {
+	if x != nil {
+		return x.ValidationContextSdsSecretConfig
+	}
+	return nil
+}
+
+var File_envoy_api_v2_auth_tls_proto protoreflect.FileDescriptor
+
+var file_envoy_api_v2_auth_tls_proto_rawDesc = []byte{
+	0x0a, 0x1b, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2f, 0x61, 0x70, 0x69, 0x2f, 0x76, 0x32, 0x2f, 0x61,
+	0x75, 0x74, 0x68, 0x2f, 0x74, 0x6c, 0x73, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x12, 0x11, 0x65,
+	0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x76, 0x32, 0x2e, 0x61, 0x75, 0x74, 0x68,
+	0x1a, 0x1e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2f, 0x61, 0x70, 0x69, 0x2f, 0x76, 0x32, 0x2f, 0x61,
+	0x75, 0x74, 0x68, 0x2f, 0x63, 0x6f, 0x6d, 0x6d, 0x6f, 0x6e, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f,
+	0x1a, 0x1e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2f, 0x61, 0x70, 0x69, 0x2f, 0x76, 0x32, 0x2f, 0x61,
+	0x75, 0x74, 0x68, 0x2f, 0x73, 0x65, 0x63, 0x72, 0x65, 0x74, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f,
+	0x1a, 0x1e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2f, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75,
+	0x66, 0x2f, 0x64, 0x75, 0x72, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f,
+	0x1a, 0x1e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2f, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75,
+	0x66, 0x2f, 0x77, 0x72, 0x61, 0x70, 0x70, 0x65, 0x72, 0x73, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f,
+	0x1a, 0x1e, 0x75, 0x64, 0x70, 0x61, 0x2f, 0x61, 0x6e, 0x6e, 0x6f, 0x74, 0x61, 0x74, 0x69, 0x6f,
+	0x6e, 0x73, 0x2f, 0x6d, 0x69, 0x67, 0x72, 0x61, 0x74, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f,
+	0x1a, 0x1d, 0x75, 0x64, 0x70, 0x61, 0x2f, 0x61, 0x6e, 0x6e, 0x6f, 0x74, 0x61, 0x74, 0x69, 0x6f,
+	0x6e, 0x73, 0x2f, 0x73, 0x74, 0x61, 0x74, 0x75, 0x73, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a,
+	0x17, 0x76, 0x61, 0x6c, 0x69, 0x64, 0x61, 0x74, 0x65, 0x2f, 0x76, 0x61, 0x6c, 0x69, 0x64, 0x61,
+	0x74, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x22, 0xfc, 0x01, 0x0a, 0x12, 0x55, 0x70, 0x73,
+	0x74, 0x72, 0x65, 0x61, 0x6d, 0x54, 0x6c, 0x73, 0x43, 0x6f, 0x6e, 0x74, 0x65, 0x78, 0x74, 0x12,
+	0x51, 0x0a, 0x12, 0x63, 0x6f, 0x6d, 0x6d, 0x6f, 0x6e, 0x5f, 0x74, 0x6c, 0x73, 0x5f, 0x63, 0x6f,
+	0x6e, 0x74, 0x65, 0x78, 0x74, 0x18, 0x01, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x23, 0x2e, 0x65, 0x6e,
+	0x76, 0x6f, 0x79, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x76, 0x32, 0x2e, 0x61, 0x75, 0x74, 0x68, 0x2e,
+	0x43, 0x6f, 0x6d, 0x6d, 0x6f, 0x6e, 0x54, 0x6c, 0x73, 0x43, 0x6f, 0x6e, 0x74, 0x65, 0x78, 0x74,
+	0x52, 0x10, 0x63, 0x6f, 0x6d, 0x6d, 0x6f, 0x6e, 0x54, 0x6c, 0x73, 0x43, 0x6f, 0x6e, 0x74, 0x65,
+	0x78, 0x74, 0x12, 0x1a, 0x0a, 0x03, 0x73, 0x6e, 0x69, 0x18, 0x02, 0x20, 0x01, 0x28, 0x09, 0x42,
+	0x08, 0xfa, 0x42, 0x05, 0x72, 0x03, 0x28, 0xff, 0x01, 0x52, 0x03, 0x73, 0x6e, 0x69, 0x12, 0x2f,
+	0x0a, 0x13, 0x61, 0x6c, 0x6c, 0x6f, 0x77, 0x5f, 0x72, 0x65, 0x6e, 0x65, 0x67, 0x6f, 0x74, 0x69,
+	0x61, 0x74, 0x69, 0x6f, 0x6e, 0x18, 0x03, 0x20, 0x01, 0x28, 0x08, 0x52, 0x12, 0x61, 0x6c, 0x6c,
+	0x6f, 0x77, 0x52, 0x65, 0x6e, 0x65, 0x67, 0x6f, 0x74, 0x69, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x12,
+	0x46, 0x0a, 0x10, 0x6d, 0x61, 0x78, 0x5f, 0x73, 0x65, 0x73, 0x73, 0x69, 0x6f, 0x6e, 0x5f, 0x6b,
+	0x65, 0x79, 0x73, 0x18, 0x04, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1c, 0x2e, 0x67, 0x6f, 0x6f, 0x67,
+	0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x55, 0x49, 0x6e, 0x74,
+	0x33, 0x32, 0x56, 0x61, 0x6c, 0x75, 0x65, 0x52, 0x0e, 0x6d, 0x61, 0x78, 0x53, 0x65, 0x73, 0x73,
+	0x69, 0x6f, 0x6e, 0x4b, 0x65, 0x79, 0x73, 0x22, 0x97, 0x05, 0x0a, 0x14, 0x44, 0x6f, 0x77, 0x6e,
+	0x73, 0x74, 0x72, 0x65, 0x61, 0x6d, 0x54, 0x6c, 0x73, 0x43, 0x6f, 0x6e, 0x74, 0x65, 0x78, 0x74,
+	0x12, 0x51, 0x0a, 0x12, 0x63, 0x6f, 0x6d, 0x6d, 0x6f, 0x6e, 0x5f, 0x74, 0x6c, 0x73, 0x5f, 0x63,
+	0x6f, 0x6e, 0x74, 0x65, 0x78, 0x74, 0x18, 0x01, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x23, 0x2e, 0x65,
+	0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x76, 0x32, 0x2e, 0x61, 0x75, 0x74, 0x68,
+	0x2e, 0x43, 0x6f, 0x6d, 0x6d, 0x6f, 0x6e, 0x54, 0x6c, 0x73, 0x43, 0x6f, 0x6e, 0x74, 0x65, 0x78,
+	0x74, 0x52, 0x10, 0x63, 0x6f, 0x6d, 0x6d, 0x6f, 0x6e, 0x54, 0x6c, 0x73, 0x43, 0x6f, 0x6e, 0x74,
+	0x65, 0x78, 0x74, 0x12, 0x58, 0x0a, 0x1a, 0x72, 0x65, 0x71, 0x75, 0x69, 0x72, 0x65, 0x5f, 0x63,
+	0x6c, 0x69, 0x65, 0x6e, 0x74, 0x5f, 0x63, 0x65, 0x72, 0x74, 0x69, 0x66, 0x69, 0x63, 0x61, 0x74,
+	0x65, 0x18, 0x02, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1a, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65,
+	0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x42, 0x6f, 0x6f, 0x6c, 0x56, 0x61,
+	0x6c, 0x75, 0x65, 0x52, 0x18, 0x72, 0x65, 0x71, 0x75, 0x69, 0x72, 0x65, 0x43, 0x6c, 0x69, 0x65,
+	0x6e, 0x74, 0x43, 0x65, 0x72, 0x74, 0x69, 0x66, 0x69, 0x63, 0x61, 0x74, 0x65, 0x12, 0x3b, 0x0a,
+	0x0b, 0x72, 0x65, 0x71, 0x75, 0x69, 0x72, 0x65, 0x5f, 0x73, 0x6e, 0x69, 0x18, 0x03, 0x20, 0x01,
+	0x28, 0x0b, 0x32, 0x1a, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74,
+	0x6f, 0x62, 0x75, 0x66, 0x2e, 0x42, 0x6f, 0x6f, 0x6c, 0x56, 0x61, 0x6c, 0x75, 0x65, 0x52, 0x0a,
+	0x72, 0x65, 0x71, 0x75, 0x69, 0x72, 0x65, 0x53, 0x6e, 0x69, 0x12, 0x59, 0x0a, 0x13, 0x73, 0x65,
+	0x73, 0x73, 0x69, 0x6f, 0x6e, 0x5f, 0x74, 0x69, 0x63, 0x6b, 0x65, 0x74, 0x5f, 0x6b, 0x65, 0x79,
+	0x73, 0x18, 0x04, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x27, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e,
+	0x61, 0x70, 0x69, 0x2e, 0x76, 0x32, 0x2e, 0x61, 0x75, 0x74, 0x68, 0x2e, 0x54, 0x6c, 0x73, 0x53,
+	0x65, 0x73, 0x73, 0x69, 0x6f, 0x6e, 0x54, 0x69, 0x63, 0x6b, 0x65, 0x74, 0x4b, 0x65, 0x79, 0x73,
+	0x48, 0x00, 0x52, 0x11, 0x73, 0x65, 0x73, 0x73, 0x69, 0x6f, 0x6e, 0x54, 0x69, 0x63, 0x6b, 0x65,
+	0x74, 0x4b, 0x65, 0x79, 0x73, 0x12, 0x75, 0x0a, 0x25, 0x73, 0x65, 0x73, 0x73, 0x69, 0x6f, 0x6e,
+	0x5f, 0x74, 0x69, 0x63, 0x6b, 0x65, 0x74, 0x5f, 0x6b, 0x65, 0x79, 0x73, 0x5f, 0x73, 0x64, 0x73,
+	0x5f, 0x73, 0x65, 0x63, 0x72, 0x65, 0x74, 0x5f, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x18, 0x05,
+	0x20, 0x01, 0x28, 0x0b, 0x32, 0x22, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61, 0x70, 0x69,
+	0x2e, 0x76, 0x32, 0x2e, 0x61, 0x75, 0x74, 0x68, 0x2e, 0x53, 0x64, 0x73, 0x53, 0x65, 0x63, 0x72,
+	0x65, 0x74, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x48, 0x00, 0x52, 0x20, 0x73, 0x65, 0x73, 0x73,
+	0x69, 0x6f, 0x6e, 0x54, 0x69, 0x63, 0x6b, 0x65, 0x74, 0x4b, 0x65, 0x79, 0x73, 0x53, 0x64, 0x73,
+	0x53, 0x65, 0x63, 0x72, 0x65, 0x74, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x12, 0x51, 0x0a, 0x24,
+	0x64, 0x69, 0x73, 0x61, 0x62, 0x6c, 0x65, 0x5f, 0x73, 0x74, 0x61, 0x74, 0x65, 0x6c, 0x65, 0x73,
+	0x73, 0x5f, 0x73, 0x65, 0x73, 0x73, 0x69, 0x6f, 0x6e, 0x5f, 0x72, 0x65, 0x73, 0x75, 0x6d, 0x70,
+	0x74, 0x69, 0x6f, 0x6e, 0x18, 0x07, 0x20, 0x01, 0x28, 0x08, 0x48, 0x00, 0x52, 0x21, 0x64, 0x69,
+	0x73, 0x61, 0x62, 0x6c, 0x65, 0x53, 0x74, 0x61, 0x74, 0x65, 0x6c, 0x65, 0x73, 0x73, 0x53, 0x65,
+	0x73, 0x73, 0x69, 0x6f, 0x6e, 0x52, 0x65, 0x73, 0x75, 0x6d, 0x70, 0x74, 0x69, 0x6f, 0x6e, 0x12,
+	0x54, 0x0a, 0x0f, 0x73, 0x65, 0x73, 0x73, 0x69, 0x6f, 0x6e, 0x5f, 0x74, 0x69, 0x6d, 0x65, 0x6f,
+	0x75, 0x74, 0x18, 0x06, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x19, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c,
+	0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x44, 0x75, 0x72, 0x61, 0x74,
+	0x69, 0x6f, 0x6e, 0x42, 0x10, 0xfa, 0x42, 0x0d, 0xaa, 0x01, 0x0a, 0x1a, 0x06, 0x08, 0x80, 0x80,
+	0x80, 0x80, 0x10, 0x32, 0x00, 0x52, 0x0e, 0x73, 0x65, 0x73, 0x73, 0x69, 0x6f, 0x6e, 0x54, 0x69,
+	0x6d, 0x65, 0x6f, 0x75, 0x74, 0x42, 0x1a, 0x0a, 0x18, 0x73, 0x65, 0x73, 0x73, 0x69, 0x6f, 0x6e,
+	0x5f, 0x74, 0x69, 0x63, 0x6b, 0x65, 0x74, 0x5f, 0x6b, 0x65, 0x79, 0x73, 0x5f, 0x74, 0x79, 0x70,
+	0x65, 0x22, 0xe8, 0x07, 0x0a, 0x10, 0x43, 0x6f, 0x6d, 0x6d, 0x6f, 0x6e, 0x54, 0x6c, 0x73, 0x43,
+	0x6f, 0x6e, 0x74, 0x65, 0x78, 0x74, 0x12, 0x3f, 0x0a, 0x0a, 0x74, 0x6c, 0x73, 0x5f, 0x70, 0x61,
+	0x72, 0x61, 0x6d, 0x73, 0x18, 0x01, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x20, 0x2e, 0x65, 0x6e, 0x76,
+	0x6f, 0x79, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x76, 0x32, 0x2e, 0x61, 0x75, 0x74, 0x68, 0x2e, 0x54,
+	0x6c, 0x73, 0x50, 0x61, 0x72, 0x61, 0x6d, 0x65, 0x74, 0x65, 0x72, 0x73, 0x52, 0x09, 0x74, 0x6c,
+	0x73, 0x50, 0x61, 0x72, 0x61, 0x6d, 0x73, 0x12, 0x4c, 0x0a, 0x10, 0x74, 0x6c, 0x73, 0x5f, 0x63,
+	0x65, 0x72, 0x74, 0x69, 0x66, 0x69, 0x63, 0x61, 0x74, 0x65, 0x73, 0x18, 0x02, 0x20, 0x03, 0x28,
+	0x0b, 0x32, 0x21, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x76, 0x32,
+	0x2e, 0x61, 0x75, 0x74, 0x68, 0x2e, 0x54, 0x6c, 0x73, 0x43, 0x65, 0x72, 0x74, 0x69, 0x66, 0x69,
+	0x63, 0x61, 0x74, 0x65, 0x52, 0x0f, 0x74, 0x6c, 0x73, 0x43, 0x65, 0x72, 0x74, 0x69, 0x66, 0x69,
+	0x63, 0x61, 0x74, 0x65, 0x73, 0x12, 0x78, 0x0a, 0x22, 0x74, 0x6c, 0x73, 0x5f, 0x63, 0x65, 0x72,
+	0x74, 0x69, 0x66, 0x69, 0x63, 0x61, 0x74, 0x65, 0x5f, 0x73, 0x64, 0x73, 0x5f, 0x73, 0x65, 0x63,
+	0x72, 0x65, 0x74, 0x5f, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x73, 0x18, 0x06, 0x20, 0x03, 0x28,
+	0x0b, 0x32, 0x22, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x76, 0x32,
+	0x2e, 0x61, 0x75, 0x74, 0x68, 0x2e, 0x53, 0x64, 0x73, 0x53, 0x65, 0x63, 0x72, 0x65, 0x74, 0x43,
+	0x6f, 0x6e, 0x66, 0x69, 0x67, 0x42, 0x08, 0xfa, 0x42, 0x05, 0x92, 0x01, 0x02, 0x10, 0x01, 0x52,
+	0x1e, 0x74, 0x6c, 0x73, 0x43, 0x65, 0x72, 0x74, 0x69, 0x66, 0x69, 0x63, 0x61, 0x74, 0x65, 0x53,
+	0x64, 0x73, 0x53, 0x65, 0x63, 0x72, 0x65, 0x74, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x73, 0x12,
+	0x60, 0x0a, 0x12, 0x76, 0x61, 0x6c, 0x69, 0x64, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x5f, 0x63, 0x6f,
+	0x6e, 0x74, 0x65, 0x78, 0x74, 0x18, 0x03, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x2f, 0x2e, 0x65, 0x6e,
+	0x76, 0x6f, 0x79, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x76, 0x32, 0x2e, 0x61, 0x75, 0x74, 0x68, 0x2e,
+	0x43, 0x65, 0x72, 0x74, 0x69, 0x66, 0x69, 0x63, 0x61, 0x74, 0x65, 0x56, 0x61, 0x6c, 0x69, 0x64,
+	0x61, 0x74, 0x69, 0x6f, 0x6e, 0x43, 0x6f, 0x6e, 0x74, 0x65, 0x78, 0x74, 0x48, 0x00, 0x52, 0x11,
+	0x76, 0x61, 0x6c, 0x69, 0x64, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x43, 0x6f, 0x6e, 0x74, 0x65, 0x78,
+	0x74, 0x12, 0x74, 0x0a, 0x24, 0x76, 0x61, 0x6c, 0x69, 0x64, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x5f,
+	0x63, 0x6f, 0x6e, 0x74, 0x65, 0x78, 0x74, 0x5f, 0x73, 0x64, 0x73, 0x5f, 0x73, 0x65, 0x63, 0x72,
+	0x65, 0x74, 0x5f, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x18, 0x07, 0x20, 0x01, 0x28, 0x0b, 0x32,
+	0x22, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x76, 0x32, 0x2e, 0x61,
+	0x75, 0x74, 0x68, 0x2e, 0x53, 0x64, 0x73, 0x53, 0x65, 0x63, 0x72, 0x65, 0x74, 0x43, 0x6f, 0x6e,
+	0x66, 0x69, 0x67, 0x48, 0x00, 0x52, 0x20, 0x76, 0x61, 0x6c, 0x69, 0x64, 0x61, 0x74, 0x69, 0x6f,
+	0x6e, 0x43, 0x6f, 0x6e, 0x74, 0x65, 0x78, 0x74, 0x53, 0x64, 0x73, 0x53, 0x65, 0x63, 0x72, 0x65,
+	0x74, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x12, 0x8a, 0x01, 0x0a, 0x1b, 0x63, 0x6f, 0x6d, 0x62,
+	0x69, 0x6e, 0x65, 0x64, 0x5f, 0x76, 0x61, 0x6c, 0x69, 0x64, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x5f,
+	0x63, 0x6f, 0x6e, 0x74, 0x65, 0x78, 0x74, 0x18, 0x08, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x48, 0x2e,
+	0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x76, 0x32, 0x2e, 0x61, 0x75, 0x74,
+	0x68, 0x2e, 0x43, 0x6f, 0x6d, 0x6d, 0x6f, 0x6e, 0x54, 0x6c, 0x73, 0x43, 0x6f, 0x6e, 0x74, 0x65,
+	0x78, 0x74, 0x2e, 0x43, 0x6f, 0x6d, 0x62, 0x69, 0x6e, 0x65, 0x64, 0x43, 0x65, 0x72, 0x74, 0x69,
+	0x66, 0x69, 0x63, 0x61, 0x74, 0x65, 0x56, 0x61, 0x6c, 0x69, 0x64, 0x61, 0x74, 0x69, 0x6f, 0x6e,
+	0x43, 0x6f, 0x6e, 0x74, 0x65, 0x78, 0x74, 0x48, 0x00, 0x52, 0x19, 0x63, 0x6f, 0x6d, 0x62, 0x69,
+	0x6e, 0x65, 0x64, 0x56, 0x61, 0x6c, 0x69, 0x64, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x43, 0x6f, 0x6e,
+	0x74, 0x65, 0x78, 0x74, 0x12, 0x25, 0x0a, 0x0e, 0x61, 0x6c, 0x70, 0x6e, 0x5f, 0x70, 0x72, 0x6f,
+	0x74, 0x6f, 0x63, 0x6f, 0x6c, 0x73, 0x18, 0x04, 0x20, 0x03, 0x28, 0x09, 0x52, 0x0d, 0x61, 0x6c,
+	0x70, 0x6e, 0x50, 0x72, 0x6f, 0x74, 0x6f, 0x63, 0x6f, 0x6c, 0x73, 0x1a, 0x9d, 0x02, 0x0a, 0x24,
+	0x43, 0x6f, 0x6d, 0x62, 0x69, 0x6e, 0x65, 0x64, 0x43, 0x65, 0x72, 0x74, 0x69, 0x66, 0x69, 0x63,
+	0x61, 0x74, 0x65, 0x56, 0x61, 0x6c, 0x69, 0x64, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x43, 0x6f, 0x6e,
+	0x74, 0x65, 0x78, 0x74, 0x12, 0x77, 0x0a, 0x1a, 0x64, 0x65, 0x66, 0x61, 0x75, 0x6c, 0x74, 0x5f,
+	0x76, 0x61, 0x6c, 0x69, 0x64, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x5f, 0x63, 0x6f, 0x6e, 0x74, 0x65,
+	0x78, 0x74, 0x18, 0x01, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x2f, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79,
+	0x2e, 0x61, 0x70, 0x69, 0x2e, 0x76, 0x32, 0x2e, 0x61, 0x75, 0x74, 0x68, 0x2e, 0x43, 0x65, 0x72,
+	0x74, 0x69, 0x66, 0x69, 0x63, 0x61, 0x74, 0x65, 0x56, 0x61, 0x6c, 0x69, 0x64, 0x61, 0x74, 0x69,
+	0x6f, 0x6e, 0x43, 0x6f, 0x6e, 0x74, 0x65, 0x78, 0x74, 0x42, 0x08, 0xfa, 0x42, 0x05, 0x8a, 0x01,
+	0x02, 0x10, 0x01, 0x52, 0x18, 0x64, 0x65, 0x66, 0x61, 0x75, 0x6c, 0x74, 0x56, 0x61, 0x6c, 0x69,
+	0x64, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x43, 0x6f, 0x6e, 0x74, 0x65, 0x78, 0x74, 0x12, 0x7c, 0x0a,
+	0x24, 0x76, 0x61, 0x6c, 0x69, 0x64, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x5f, 0x63, 0x6f, 0x6e, 0x74,
+	0x65, 0x78, 0x74, 0x5f, 0x73, 0x64, 0x73, 0x5f, 0x73, 0x65, 0x63, 0x72, 0x65, 0x74, 0x5f, 0x63,
+	0x6f, 0x6e, 0x66, 0x69, 0x67, 0x18, 0x02, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x22, 0x2e, 0x65, 0x6e,
+	0x76, 0x6f, 0x79, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x76, 0x32, 0x2e, 0x61, 0x75, 0x74, 0x68, 0x2e,
+	0x53, 0x64, 0x73, 0x53, 0x65, 0x63, 0x72, 0x65, 0x74, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x42,
+	0x08, 0xfa, 0x42, 0x05, 0x8a, 0x01, 0x02, 0x10, 0x01, 0x52, 0x20, 0x76, 0x61, 0x6c, 0x69, 0x64,
+	0x61, 0x74, 0x69, 0x6f, 0x6e, 0x43, 0x6f, 0x6e, 0x74, 0x65, 0x78, 0x74, 0x53, 0x64, 0x73, 0x53,
+	0x65, 0x63, 0x72, 0x65, 0x74, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x42, 0x19, 0x0a, 0x17, 0x76,
+	0x61, 0x6c, 0x69, 0x64, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x5f, 0x63, 0x6f, 0x6e, 0x74, 0x65, 0x78,
+	0x74, 0x5f, 0x74, 0x79, 0x70, 0x65, 0x4a, 0x04, 0x08, 0x05, 0x10, 0x06, 0x42, 0x66, 0x0a, 0x1f,
+	0x69, 0x6f, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x70, 0x72, 0x6f, 0x78, 0x79, 0x2e, 0x65, 0x6e,
+	0x76, 0x6f, 0x79, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x76, 0x32, 0x2e, 0x61, 0x75, 0x74, 0x68, 0x42,
+	0x08, 0x54, 0x6c, 0x73, 0x50, 0x72, 0x6f, 0x74, 0x6f, 0x50, 0x01, 0xf2, 0x98, 0xfe, 0x8f, 0x05,
+	0x2b, 0x12, 0x29, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x65, 0x78, 0x74, 0x65, 0x6e, 0x73, 0x69,
+	0x6f, 0x6e, 0x73, 0x2e, 0x74, 0x72, 0x61, 0x6e, 0x73, 0x70, 0x6f, 0x72, 0x74, 0x5f, 0x73, 0x6f,
+	0x63, 0x6b, 0x65, 0x74, 0x73, 0x2e, 0x74, 0x6c, 0x73, 0x2e, 0x76, 0x33, 0xba, 0x80, 0xc8, 0xd1,
+	0x06, 0x02, 0x10, 0x01, 0x62, 0x06, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x33,
+}
+
+var (
+	file_envoy_api_v2_auth_tls_proto_rawDescOnce sync.Once
+	file_envoy_api_v2_auth_tls_proto_rawDescData = file_envoy_api_v2_auth_tls_proto_rawDesc
+)
+
+func file_envoy_api_v2_auth_tls_proto_rawDescGZIP() []byte {
+	file_envoy_api_v2_auth_tls_proto_rawDescOnce.Do(func() {
+		file_envoy_api_v2_auth_tls_proto_rawDescData = protoimpl.X.CompressGZIP(file_envoy_api_v2_auth_tls_proto_rawDescData)
+	})
+	return file_envoy_api_v2_auth_tls_proto_rawDescData
+}
+
+var file_envoy_api_v2_auth_tls_proto_msgTypes = make([]protoimpl.MessageInfo, 4)
+var file_envoy_api_v2_auth_tls_proto_goTypes = []interface{}{
+	(*UpstreamTlsContext)(nil),                                    // 0: envoy.api.v2.auth.UpstreamTlsContext
+	(*DownstreamTlsContext)(nil),                                  // 1: envoy.api.v2.auth.DownstreamTlsContext
+	(*CommonTlsContext)(nil),                                      // 2: envoy.api.v2.auth.CommonTlsContext
+	(*CommonTlsContext_CombinedCertificateValidationContext)(nil), // 3: envoy.api.v2.auth.CommonTlsContext.CombinedCertificateValidationContext
+	(*wrappers.UInt32Value)(nil),                                  // 4: google.protobuf.UInt32Value
+	(*wrappers.BoolValue)(nil),                                    // 5: google.protobuf.BoolValue
+	(*TlsSessionTicketKeys)(nil),                                  // 6: envoy.api.v2.auth.TlsSessionTicketKeys
+	(*SdsSecretConfig)(nil),                                       // 7: envoy.api.v2.auth.SdsSecretConfig
+	(*duration.Duration)(nil),                                     // 8: google.protobuf.Duration
+	(*TlsParameters)(nil),                                         // 9: envoy.api.v2.auth.TlsParameters
+	(*TlsCertificate)(nil),                                        // 10: envoy.api.v2.auth.TlsCertificate
+	(*CertificateValidationContext)(nil),                          // 11: envoy.api.v2.auth.CertificateValidationContext
+}
+var file_envoy_api_v2_auth_tls_proto_depIdxs = []int32{
+	2,  // 0: envoy.api.v2.auth.UpstreamTlsContext.common_tls_context:type_name -> envoy.api.v2.auth.CommonTlsContext
+	4,  // 1: envoy.api.v2.auth.UpstreamTlsContext.max_session_keys:type_name -> google.protobuf.UInt32Value
+	2,  // 2: envoy.api.v2.auth.DownstreamTlsContext.common_tls_context:type_name -> envoy.api.v2.auth.CommonTlsContext
+	5,  // 3: envoy.api.v2.auth.DownstreamTlsContext.require_client_certificate:type_name -> google.protobuf.BoolValue
+	5,  // 4: envoy.api.v2.auth.DownstreamTlsContext.require_sni:type_name -> google.protobuf.BoolValue
+	6,  // 5: envoy.api.v2.auth.DownstreamTlsContext.session_ticket_keys:type_name -> envoy.api.v2.auth.TlsSessionTicketKeys
+	7,  // 6: envoy.api.v2.auth.DownstreamTlsContext.session_ticket_keys_sds_secret_config:type_name -> envoy.api.v2.auth.SdsSecretConfig
+	8,  // 7: envoy.api.v2.auth.DownstreamTlsContext.session_timeout:type_name -> google.protobuf.Duration
+	9,  // 8: envoy.api.v2.auth.CommonTlsContext.tls_params:type_name -> envoy.api.v2.auth.TlsParameters
+	10, // 9: envoy.api.v2.auth.CommonTlsContext.tls_certificates:type_name -> envoy.api.v2.auth.TlsCertificate
+	7,  // 10: envoy.api.v2.auth.CommonTlsContext.tls_certificate_sds_secret_configs:type_name -> envoy.api.v2.auth.SdsSecretConfig
+	11, // 11: envoy.api.v2.auth.CommonTlsContext.validation_context:type_name -> envoy.api.v2.auth.CertificateValidationContext
+	7,  // 12: envoy.api.v2.auth.CommonTlsContext.validation_context_sds_secret_config:type_name -> envoy.api.v2.auth.SdsSecretConfig
+	3,  // 13: envoy.api.v2.auth.CommonTlsContext.combined_validation_context:type_name -> envoy.api.v2.auth.CommonTlsContext.CombinedCertificateValidationContext
+	11, // 14: envoy.api.v2.auth.CommonTlsContext.CombinedCertificateValidationContext.default_validation_context:type_name -> envoy.api.v2.auth.CertificateValidationContext
+	7,  // 15: envoy.api.v2.auth.CommonTlsContext.CombinedCertificateValidationContext.validation_context_sds_secret_config:type_name -> envoy.api.v2.auth.SdsSecretConfig
+	16, // [16:16] is the sub-list for method output_type
+	16, // [16:16] is the sub-list for method input_type
+	16, // [16:16] is the sub-list for extension type_name
+	16, // [16:16] is the sub-list for extension extendee
+	0,  // [0:16] is the sub-list for field type_name
+}
+
+func init() { file_envoy_api_v2_auth_tls_proto_init() }
+func file_envoy_api_v2_auth_tls_proto_init() {
+	if File_envoy_api_v2_auth_tls_proto != nil {
+		return
+	}
+	file_envoy_api_v2_auth_common_proto_init()
+	file_envoy_api_v2_auth_secret_proto_init()
+	if !protoimpl.UnsafeEnabled {
+		file_envoy_api_v2_auth_tls_proto_msgTypes[0].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*UpstreamTlsContext); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_api_v2_auth_tls_proto_msgTypes[1].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*DownstreamTlsContext); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_api_v2_auth_tls_proto_msgTypes[2].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*CommonTlsContext); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_api_v2_auth_tls_proto_msgTypes[3].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*CommonTlsContext_CombinedCertificateValidationContext); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+	}
+	file_envoy_api_v2_auth_tls_proto_msgTypes[1].OneofWrappers = []interface{}{
+		(*DownstreamTlsContext_SessionTicketKeys)(nil),
+		(*DownstreamTlsContext_SessionTicketKeysSdsSecretConfig)(nil),
+		(*DownstreamTlsContext_DisableStatelessSessionResumption)(nil),
+	}
+	file_envoy_api_v2_auth_tls_proto_msgTypes[2].OneofWrappers = []interface{}{
+		(*CommonTlsContext_ValidationContext)(nil),
+		(*CommonTlsContext_ValidationContextSdsSecretConfig)(nil),
+		(*CommonTlsContext_CombinedValidationContext)(nil),
+	}
+	type x struct{}
+	out := protoimpl.TypeBuilder{
+		File: protoimpl.DescBuilder{
+			GoPackagePath: reflect.TypeOf(x{}).PkgPath(),
+			RawDescriptor: file_envoy_api_v2_auth_tls_proto_rawDesc,
+			NumEnums:      0,
+			NumMessages:   4,
+			NumExtensions: 0,
+			NumServices:   0,
+		},
+		GoTypes:           file_envoy_api_v2_auth_tls_proto_goTypes,
+		DependencyIndexes: file_envoy_api_v2_auth_tls_proto_depIdxs,
+		MessageInfos:      file_envoy_api_v2_auth_tls_proto_msgTypes,
+	}.Build()
+	File_envoy_api_v2_auth_tls_proto = out.File
+	file_envoy_api_v2_auth_tls_proto_rawDesc = nil
+	file_envoy_api_v2_auth_tls_proto_goTypes = nil
+	file_envoy_api_v2_auth_tls_proto_depIdxs = nil
+}
diff --git a/vendor/github.com/envoyproxy/go-control-plane/envoy/api/v2/auth/tls.pb.validate.go b/vendor/github.com/envoyproxy/go-control-plane/envoy/api/v2/auth/tls.pb.validate.go
new file mode 100644
index 00000000000..d2aa6cc94bd
--- /dev/null
+++ b/vendor/github.com/envoyproxy/go-control-plane/envoy/api/v2/auth/tls.pb.validate.go
@@ -0,0 +1,997 @@
+// Code generated by protoc-gen-validate. DO NOT EDIT.
+// source: envoy/api/v2/auth/tls.proto
+
+package envoy_api_v2_auth
+
+import (
+	"bytes"
+	"errors"
+	"fmt"
+	"net"
+	"net/mail"
+	"net/url"
+	"regexp"
+	"sort"
+	"strings"
+	"time"
+	"unicode/utf8"
+
+	"google.golang.org/protobuf/types/known/anypb"
+)
+
+// ensure the imports are used
+var (
+	_ = bytes.MinRead
+	_ = errors.New("")
+	_ = fmt.Print
+	_ = utf8.UTFMax
+	_ = (*regexp.Regexp)(nil)
+	_ = (*strings.Reader)(nil)
+	_ = net.IPv4len
+	_ = time.Duration(0)
+	_ = (*url.URL)(nil)
+	_ = (*mail.Address)(nil)
+	_ = anypb.Any{}
+	_ = sort.Sort
+)
+
+// Validate checks the field values on UpstreamTlsContext with the rules
+// defined in the proto definition for this message. If any rules are
+// violated, the first error encountered is returned, or nil if there are no violations.
+func (m *UpstreamTlsContext) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on UpstreamTlsContext with the rules
+// defined in the proto definition for this message. If any rules are
+// violated, the result is a list of violation errors wrapped in
+// UpstreamTlsContextMultiError, or nil if none found.
+func (m *UpstreamTlsContext) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *UpstreamTlsContext) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	if all {
+		switch v := interface{}(m.GetCommonTlsContext()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, UpstreamTlsContextValidationError{
+					field:  "CommonTlsContext",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, UpstreamTlsContextValidationError{
+					field:  "CommonTlsContext",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetCommonTlsContext()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return UpstreamTlsContextValidationError{
+				field:  "CommonTlsContext",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if len(m.GetSni()) > 255 {
+		err := UpstreamTlsContextValidationError{
+			field:  "Sni",
+			reason: "value length must be at most 255 bytes",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+	}
+
+	// no validation rules for AllowRenegotiation
+
+	if all {
+		switch v := interface{}(m.GetMaxSessionKeys()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, UpstreamTlsContextValidationError{
+					field:  "MaxSessionKeys",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, UpstreamTlsContextValidationError{
+					field:  "MaxSessionKeys",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetMaxSessionKeys()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return UpstreamTlsContextValidationError{
+				field:  "MaxSessionKeys",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if len(errors) > 0 {
+		return UpstreamTlsContextMultiError(errors)
+	}
+	return nil
+}
+
+// UpstreamTlsContextMultiError is an error wrapping multiple validation errors
+// returned by UpstreamTlsContext.ValidateAll() if the designated constraints
+// aren't met.
+type UpstreamTlsContextMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m UpstreamTlsContextMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m UpstreamTlsContextMultiError) AllErrors() []error { return m }
+
+// UpstreamTlsContextValidationError is the validation error returned by
+// UpstreamTlsContext.Validate if the designated constraints aren't met.
+type UpstreamTlsContextValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e UpstreamTlsContextValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e UpstreamTlsContextValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e UpstreamTlsContextValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e UpstreamTlsContextValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e UpstreamTlsContextValidationError) ErrorName() string {
+	return "UpstreamTlsContextValidationError"
+}
+
+// Error satisfies the builtin error interface
+func (e UpstreamTlsContextValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sUpstreamTlsContext.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = UpstreamTlsContextValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = UpstreamTlsContextValidationError{}
+
+// Validate checks the field values on DownstreamTlsContext with the rules
+// defined in the proto definition for this message. If any rules are
+// violated, the first error encountered is returned, or nil if there are no violations.
+func (m *DownstreamTlsContext) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on DownstreamTlsContext with the rules
+// defined in the proto definition for this message. If any rules are
+// violated, the result is a list of violation errors wrapped in
+// DownstreamTlsContextMultiError, or nil if none found.
+func (m *DownstreamTlsContext) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *DownstreamTlsContext) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	if all {
+		switch v := interface{}(m.GetCommonTlsContext()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, DownstreamTlsContextValidationError{
+					field:  "CommonTlsContext",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, DownstreamTlsContextValidationError{
+					field:  "CommonTlsContext",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetCommonTlsContext()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return DownstreamTlsContextValidationError{
+				field:  "CommonTlsContext",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if all {
+		switch v := interface{}(m.GetRequireClientCertificate()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, DownstreamTlsContextValidationError{
+					field:  "RequireClientCertificate",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, DownstreamTlsContextValidationError{
+					field:  "RequireClientCertificate",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetRequireClientCertificate()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return DownstreamTlsContextValidationError{
+				field:  "RequireClientCertificate",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if all {
+		switch v := interface{}(m.GetRequireSni()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, DownstreamTlsContextValidationError{
+					field:  "RequireSni",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, DownstreamTlsContextValidationError{
+					field:  "RequireSni",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetRequireSni()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return DownstreamTlsContextValidationError{
+				field:  "RequireSni",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if d := m.GetSessionTimeout(); d != nil {
+		dur, err := d.AsDuration(), d.CheckValid()
+		if err != nil {
+			err = DownstreamTlsContextValidationError{
+				field:  "SessionTimeout",
+				reason: "value is not a valid duration",
+				cause:  err,
+			}
+			if !all {
+				return err
+			}
+			errors = append(errors, err)
+		} else {
+
+			lt := time.Duration(4294967296*time.Second + 0*time.Nanosecond)
+			gte := time.Duration(0*time.Second + 0*time.Nanosecond)
+
+			if dur < gte || dur >= lt {
+				err := DownstreamTlsContextValidationError{
+					field:  "SessionTimeout",
+					reason: "value must be inside range [0s, 1193046h28m16s)",
+				}
+				if !all {
+					return err
+				}
+				errors = append(errors, err)
+			}
+
+		}
+	}
+
+	switch m.SessionTicketKeysType.(type) {
+
+	case *DownstreamTlsContext_SessionTicketKeys:
+
+		if all {
+			switch v := interface{}(m.GetSessionTicketKeys()).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, DownstreamTlsContextValidationError{
+						field:  "SessionTicketKeys",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, DownstreamTlsContextValidationError{
+						field:  "SessionTicketKeys",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(m.GetSessionTicketKeys()).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return DownstreamTlsContextValidationError{
+					field:  "SessionTicketKeys",
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	case *DownstreamTlsContext_SessionTicketKeysSdsSecretConfig:
+
+		if all {
+			switch v := interface{}(m.GetSessionTicketKeysSdsSecretConfig()).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, DownstreamTlsContextValidationError{
+						field:  "SessionTicketKeysSdsSecretConfig",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, DownstreamTlsContextValidationError{
+						field:  "SessionTicketKeysSdsSecretConfig",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(m.GetSessionTicketKeysSdsSecretConfig()).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return DownstreamTlsContextValidationError{
+					field:  "SessionTicketKeysSdsSecretConfig",
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	case *DownstreamTlsContext_DisableStatelessSessionResumption:
+		// no validation rules for DisableStatelessSessionResumption
+
+	}
+
+	if len(errors) > 0 {
+		return DownstreamTlsContextMultiError(errors)
+	}
+	return nil
+}
+
+// DownstreamTlsContextMultiError is an error wrapping multiple validation
+// errors returned by DownstreamTlsContext.ValidateAll() if the designated
+// constraints aren't met.
+type DownstreamTlsContextMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m DownstreamTlsContextMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m DownstreamTlsContextMultiError) AllErrors() []error { return m }
+
+// DownstreamTlsContextValidationError is the validation error returned by
+// DownstreamTlsContext.Validate if the designated constraints aren't met.
+type DownstreamTlsContextValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e DownstreamTlsContextValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e DownstreamTlsContextValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e DownstreamTlsContextValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e DownstreamTlsContextValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e DownstreamTlsContextValidationError) ErrorName() string {
+	return "DownstreamTlsContextValidationError"
+}
+
+// Error satisfies the builtin error interface
+func (e DownstreamTlsContextValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sDownstreamTlsContext.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = DownstreamTlsContextValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = DownstreamTlsContextValidationError{}
+
+// Validate checks the field values on CommonTlsContext with the rules defined
+// in the proto definition for this message. If any rules are violated, the
+// first error encountered is returned, or nil if there are no violations.
+func (m *CommonTlsContext) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on CommonTlsContext with the rules
+// defined in the proto definition for this message. If any rules are
+// violated, the result is a list of violation errors wrapped in
+// CommonTlsContextMultiError, or nil if none found.
+func (m *CommonTlsContext) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *CommonTlsContext) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	if all {
+		switch v := interface{}(m.GetTlsParams()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, CommonTlsContextValidationError{
+					field:  "TlsParams",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, CommonTlsContextValidationError{
+					field:  "TlsParams",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetTlsParams()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return CommonTlsContextValidationError{
+				field:  "TlsParams",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	for idx, item := range m.GetTlsCertificates() {
+		_, _ = idx, item
+
+		if all {
+			switch v := interface{}(item).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, CommonTlsContextValidationError{
+						field:  fmt.Sprintf("TlsCertificates[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, CommonTlsContextValidationError{
+						field:  fmt.Sprintf("TlsCertificates[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(item).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return CommonTlsContextValidationError{
+					field:  fmt.Sprintf("TlsCertificates[%v]", idx),
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	}
+
+	if len(m.GetTlsCertificateSdsSecretConfigs()) > 1 {
+		err := CommonTlsContextValidationError{
+			field:  "TlsCertificateSdsSecretConfigs",
+			reason: "value must contain no more than 1 item(s)",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+	}
+
+	for idx, item := range m.GetTlsCertificateSdsSecretConfigs() {
+		_, _ = idx, item
+
+		if all {
+			switch v := interface{}(item).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, CommonTlsContextValidationError{
+						field:  fmt.Sprintf("TlsCertificateSdsSecretConfigs[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, CommonTlsContextValidationError{
+						field:  fmt.Sprintf("TlsCertificateSdsSecretConfigs[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(item).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return CommonTlsContextValidationError{
+					field:  fmt.Sprintf("TlsCertificateSdsSecretConfigs[%v]", idx),
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	}
+
+	switch m.ValidationContextType.(type) {
+
+	case *CommonTlsContext_ValidationContext:
+
+		if all {
+			switch v := interface{}(m.GetValidationContext()).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, CommonTlsContextValidationError{
+						field:  "ValidationContext",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, CommonTlsContextValidationError{
+						field:  "ValidationContext",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(m.GetValidationContext()).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return CommonTlsContextValidationError{
+					field:  "ValidationContext",
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	case *CommonTlsContext_ValidationContextSdsSecretConfig:
+
+		if all {
+			switch v := interface{}(m.GetValidationContextSdsSecretConfig()).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, CommonTlsContextValidationError{
+						field:  "ValidationContextSdsSecretConfig",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, CommonTlsContextValidationError{
+						field:  "ValidationContextSdsSecretConfig",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(m.GetValidationContextSdsSecretConfig()).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return CommonTlsContextValidationError{
+					field:  "ValidationContextSdsSecretConfig",
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	case *CommonTlsContext_CombinedValidationContext:
+
+		if all {
+			switch v := interface{}(m.GetCombinedValidationContext()).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, CommonTlsContextValidationError{
+						field:  "CombinedValidationContext",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, CommonTlsContextValidationError{
+						field:  "CombinedValidationContext",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(m.GetCombinedValidationContext()).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return CommonTlsContextValidationError{
+					field:  "CombinedValidationContext",
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	}
+
+	if len(errors) > 0 {
+		return CommonTlsContextMultiError(errors)
+	}
+	return nil
+}
+
+// CommonTlsContextMultiError is an error wrapping multiple validation errors
+// returned by CommonTlsContext.ValidateAll() if the designated constraints
+// aren't met.
+type CommonTlsContextMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m CommonTlsContextMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m CommonTlsContextMultiError) AllErrors() []error { return m }
+
+// CommonTlsContextValidationError is the validation error returned by
+// CommonTlsContext.Validate if the designated constraints aren't met.
+type CommonTlsContextValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e CommonTlsContextValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e CommonTlsContextValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e CommonTlsContextValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e CommonTlsContextValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e CommonTlsContextValidationError) ErrorName() string { return "CommonTlsContextValidationError" }
+
+// Error satisfies the builtin error interface
+func (e CommonTlsContextValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sCommonTlsContext.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = CommonTlsContextValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = CommonTlsContextValidationError{}
+
+// Validate checks the field values on
+// CommonTlsContext_CombinedCertificateValidationContext with the rules
+// defined in the proto definition for this message. If any rules are
+// violated, the first error encountered is returned, or nil if there are no violations.
+func (m *CommonTlsContext_CombinedCertificateValidationContext) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on
+// CommonTlsContext_CombinedCertificateValidationContext with the rules
+// defined in the proto definition for this message. If any rules are
+// violated, the result is a list of violation errors wrapped in
+// CommonTlsContext_CombinedCertificateValidationContextMultiError, or nil if
+// none found.
+func (m *CommonTlsContext_CombinedCertificateValidationContext) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *CommonTlsContext_CombinedCertificateValidationContext) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	if m.GetDefaultValidationContext() == nil {
+		err := CommonTlsContext_CombinedCertificateValidationContextValidationError{
+			field:  "DefaultValidationContext",
+			reason: "value is required",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+	}
+
+	if all {
+		switch v := interface{}(m.GetDefaultValidationContext()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, CommonTlsContext_CombinedCertificateValidationContextValidationError{
+					field:  "DefaultValidationContext",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, CommonTlsContext_CombinedCertificateValidationContextValidationError{
+					field:  "DefaultValidationContext",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetDefaultValidationContext()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return CommonTlsContext_CombinedCertificateValidationContextValidationError{
+				field:  "DefaultValidationContext",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if m.GetValidationContextSdsSecretConfig() == nil {
+		err := CommonTlsContext_CombinedCertificateValidationContextValidationError{
+			field:  "ValidationContextSdsSecretConfig",
+			reason: "value is required",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+	}
+
+	if all {
+		switch v := interface{}(m.GetValidationContextSdsSecretConfig()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, CommonTlsContext_CombinedCertificateValidationContextValidationError{
+					field:  "ValidationContextSdsSecretConfig",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, CommonTlsContext_CombinedCertificateValidationContextValidationError{
+					field:  "ValidationContextSdsSecretConfig",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetValidationContextSdsSecretConfig()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return CommonTlsContext_CombinedCertificateValidationContextValidationError{
+				field:  "ValidationContextSdsSecretConfig",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if len(errors) > 0 {
+		return CommonTlsContext_CombinedCertificateValidationContextMultiError(errors)
+	}
+	return nil
+}
+
+// CommonTlsContext_CombinedCertificateValidationContextMultiError is an error
+// wrapping multiple validation errors returned by
+// CommonTlsContext_CombinedCertificateValidationContext.ValidateAll() if the
+// designated constraints aren't met.
+type CommonTlsContext_CombinedCertificateValidationContextMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m CommonTlsContext_CombinedCertificateValidationContextMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m CommonTlsContext_CombinedCertificateValidationContextMultiError) AllErrors() []error {
+	return m
+}
+
+// CommonTlsContext_CombinedCertificateValidationContextValidationError is the
+// validation error returned by
+// CommonTlsContext_CombinedCertificateValidationContext.Validate if the
+// designated constraints aren't met.
+type CommonTlsContext_CombinedCertificateValidationContextValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e CommonTlsContext_CombinedCertificateValidationContextValidationError) Field() string {
+	return e.field
+}
+
+// Reason function returns reason value.
+func (e CommonTlsContext_CombinedCertificateValidationContextValidationError) Reason() string {
+	return e.reason
+}
+
+// Cause function returns cause value.
+func (e CommonTlsContext_CombinedCertificateValidationContextValidationError) Cause() error {
+	return e.cause
+}
+
+// Key function returns key value.
+func (e CommonTlsContext_CombinedCertificateValidationContextValidationError) Key() bool {
+	return e.key
+}
+
+// ErrorName returns error name.
+func (e CommonTlsContext_CombinedCertificateValidationContextValidationError) ErrorName() string {
+	return "CommonTlsContext_CombinedCertificateValidationContextValidationError"
+}
+
+// Error satisfies the builtin error interface
+func (e CommonTlsContext_CombinedCertificateValidationContextValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sCommonTlsContext_CombinedCertificateValidationContext.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = CommonTlsContext_CombinedCertificateValidationContextValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = CommonTlsContext_CombinedCertificateValidationContextValidationError{}
diff --git a/vendor/github.com/envoyproxy/go-control-plane/envoy/api/v2/cds.pb.go b/vendor/github.com/envoyproxy/go-control-plane/envoy/api/v2/cds.pb.go
new file mode 100644
index 00000000000..cbc4917757e
--- /dev/null
+++ b/vendor/github.com/envoyproxy/go-control-plane/envoy/api/v2/cds.pb.go
@@ -0,0 +1,414 @@
+// Code generated by protoc-gen-go. DO NOT EDIT.
+// versions:
+// 	protoc-gen-go v1.25.0
+// 	protoc        v3.19.1
+// source: envoy/api/v2/cds.proto
+
+package envoy_api_v2
+
+import (
+	context "context"
+	_ "github.com/cncf/xds/go/udpa/annotations"
+	_ "github.com/envoyproxy/go-control-plane/envoy/annotations"
+	proto "github.com/golang/protobuf/proto"
+	_ "google.golang.org/genproto/googleapis/api/annotations"
+	grpc "google.golang.org/grpc"
+	codes "google.golang.org/grpc/codes"
+	status "google.golang.org/grpc/status"
+	protoreflect "google.golang.org/protobuf/reflect/protoreflect"
+	protoimpl "google.golang.org/protobuf/runtime/protoimpl"
+	reflect "reflect"
+	sync "sync"
+)
+
+const (
+	// Verify that this generated code is sufficiently up-to-date.
+	_ = protoimpl.EnforceVersion(20 - protoimpl.MinVersion)
+	// Verify that runtime/protoimpl is sufficiently up-to-date.
+	_ = protoimpl.EnforceVersion(protoimpl.MaxVersion - 20)
+)
+
+// This is a compile-time assertion that a sufficiently up-to-date version
+// of the legacy proto package is being used.
+const _ = proto.ProtoPackageIsVersion4
+
+// [#not-implemented-hide:] Not configuration. Workaround c++ protobuf issue with importing
+// services: https://github.com/google/protobuf/issues/4221 and protoxform to upgrade the file.
+type CdsDummy struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+}
+
+func (x *CdsDummy) Reset() {
+	*x = CdsDummy{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_api_v2_cds_proto_msgTypes[0]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *CdsDummy) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*CdsDummy) ProtoMessage() {}
+
+func (x *CdsDummy) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_api_v2_cds_proto_msgTypes[0]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use CdsDummy.ProtoReflect.Descriptor instead.
+func (*CdsDummy) Descriptor() ([]byte, []int) {
+	return file_envoy_api_v2_cds_proto_rawDescGZIP(), []int{0}
+}
+
+var File_envoy_api_v2_cds_proto protoreflect.FileDescriptor
+
+var file_envoy_api_v2_cds_proto_rawDesc = []byte{
+	0x0a, 0x16, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2f, 0x61, 0x70, 0x69, 0x2f, 0x76, 0x32, 0x2f, 0x63,
+	0x64, 0x73, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x12, 0x0c, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e,
+	0x61, 0x70, 0x69, 0x2e, 0x76, 0x32, 0x1a, 0x1c, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2f, 0x61, 0x70,
+	0x69, 0x2f, 0x76, 0x32, 0x2f, 0x64, 0x69, 0x73, 0x63, 0x6f, 0x76, 0x65, 0x72, 0x79, 0x2e, 0x70,
+	0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x1c, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2f, 0x61, 0x70, 0x69,
+	0x2f, 0x61, 0x6e, 0x6e, 0x6f, 0x74, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x2e, 0x70, 0x72, 0x6f,
+	0x74, 0x6f, 0x1a, 0x20, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2f, 0x61, 0x6e, 0x6e, 0x6f, 0x74, 0x61,
+	0x74, 0x69, 0x6f, 0x6e, 0x73, 0x2f, 0x72, 0x65, 0x73, 0x6f, 0x75, 0x72, 0x63, 0x65, 0x2e, 0x70,
+	0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x1e, 0x75, 0x64, 0x70, 0x61, 0x2f, 0x61, 0x6e, 0x6e, 0x6f, 0x74,
+	0x61, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x2f, 0x6d, 0x69, 0x67, 0x72, 0x61, 0x74, 0x65, 0x2e, 0x70,
+	0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x1d, 0x75, 0x64, 0x70, 0x61, 0x2f, 0x61, 0x6e, 0x6e, 0x6f, 0x74,
+	0x61, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x2f, 0x73, 0x74, 0x61, 0x74, 0x75, 0x73, 0x2e, 0x70, 0x72,
+	0x6f, 0x74, 0x6f, 0x1a, 0x1a, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2f, 0x61, 0x70, 0x69, 0x2f, 0x76,
+	0x32, 0x2f, 0x63, 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x22,
+	0x0a, 0x0a, 0x08, 0x43, 0x64, 0x73, 0x44, 0x75, 0x6d, 0x6d, 0x79, 0x32, 0xed, 0x02, 0x0a, 0x17,
+	0x43, 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0x44, 0x69, 0x73, 0x63, 0x6f, 0x76, 0x65, 0x72, 0x79,
+	0x53, 0x65, 0x72, 0x76, 0x69, 0x63, 0x65, 0x12, 0x57, 0x0a, 0x0e, 0x53, 0x74, 0x72, 0x65, 0x61,
+	0x6d, 0x43, 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0x73, 0x12, 0x1e, 0x2e, 0x65, 0x6e, 0x76, 0x6f,
+	0x79, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x76, 0x32, 0x2e, 0x44, 0x69, 0x73, 0x63, 0x6f, 0x76, 0x65,
+	0x72, 0x79, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, 0x1f, 0x2e, 0x65, 0x6e, 0x76, 0x6f,
+	0x79, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x76, 0x32, 0x2e, 0x44, 0x69, 0x73, 0x63, 0x6f, 0x76, 0x65,
+	0x72, 0x79, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x22, 0x00, 0x28, 0x01, 0x30, 0x01,
+	0x12, 0x60, 0x0a, 0x0d, 0x44, 0x65, 0x6c, 0x74, 0x61, 0x43, 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72,
+	0x73, 0x12, 0x23, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x76, 0x32,
+	0x2e, 0x44, 0x65, 0x6c, 0x74, 0x61, 0x44, 0x69, 0x73, 0x63, 0x6f, 0x76, 0x65, 0x72, 0x79, 0x52,
+	0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, 0x24, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61,
+	0x70, 0x69, 0x2e, 0x76, 0x32, 0x2e, 0x44, 0x65, 0x6c, 0x74, 0x61, 0x44, 0x69, 0x73, 0x63, 0x6f,
+	0x76, 0x65, 0x72, 0x79, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x22, 0x00, 0x28, 0x01,
+	0x30, 0x01, 0x12, 0x79, 0x0a, 0x0d, 0x46, 0x65, 0x74, 0x63, 0x68, 0x43, 0x6c, 0x75, 0x73, 0x74,
+	0x65, 0x72, 0x73, 0x12, 0x1e, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61, 0x70, 0x69, 0x2e,
+	0x76, 0x32, 0x2e, 0x44, 0x69, 0x73, 0x63, 0x6f, 0x76, 0x65, 0x72, 0x79, 0x52, 0x65, 0x71, 0x75,
+	0x65, 0x73, 0x74, 0x1a, 0x1f, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61, 0x70, 0x69, 0x2e,
+	0x76, 0x32, 0x2e, 0x44, 0x69, 0x73, 0x63, 0x6f, 0x76, 0x65, 0x72, 0x79, 0x52, 0x65, 0x73, 0x70,
+	0x6f, 0x6e, 0x73, 0x65, 0x22, 0x27, 0x82, 0xd3, 0xe4, 0x93, 0x02, 0x18, 0x22, 0x16, 0x2f, 0x76,
+	0x32, 0x2f, 0x64, 0x69, 0x73, 0x63, 0x6f, 0x76, 0x65, 0x72, 0x79, 0x3a, 0x63, 0x6c, 0x75, 0x73,
+	0x74, 0x65, 0x72, 0x73, 0x82, 0xd3, 0xe4, 0x93, 0x02, 0x03, 0x3a, 0x01, 0x2a, 0x1a, 0x1c, 0x8a,
+	0xa4, 0x96, 0xf3, 0x07, 0x16, 0x0a, 0x14, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61, 0x70, 0x69,
+	0x2e, 0x76, 0x32, 0x2e, 0x43, 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0x42, 0x53, 0x0a, 0x1a, 0x69,
+	0x6f, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x70, 0x72, 0x6f, 0x78, 0x79, 0x2e, 0x65, 0x6e, 0x76,
+	0x6f, 0x79, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x76, 0x32, 0x42, 0x08, 0x43, 0x64, 0x73, 0x50, 0x72,
+	0x6f, 0x74, 0x6f, 0x50, 0x01, 0x88, 0x01, 0x01, 0xf2, 0x98, 0xfe, 0x8f, 0x05, 0x1a, 0x12, 0x18,
+	0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x73, 0x65, 0x72, 0x76, 0x69, 0x63, 0x65, 0x2e, 0x63, 0x6c,
+	0x75, 0x73, 0x74, 0x65, 0x72, 0x2e, 0x76, 0x33, 0xba, 0x80, 0xc8, 0xd1, 0x06, 0x02, 0x10, 0x01,
+	0x50, 0x05, 0x62, 0x06, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x33,
+}
+
+var (
+	file_envoy_api_v2_cds_proto_rawDescOnce sync.Once
+	file_envoy_api_v2_cds_proto_rawDescData = file_envoy_api_v2_cds_proto_rawDesc
+)
+
+func file_envoy_api_v2_cds_proto_rawDescGZIP() []byte {
+	file_envoy_api_v2_cds_proto_rawDescOnce.Do(func() {
+		file_envoy_api_v2_cds_proto_rawDescData = protoimpl.X.CompressGZIP(file_envoy_api_v2_cds_proto_rawDescData)
+	})
+	return file_envoy_api_v2_cds_proto_rawDescData
+}
+
+var file_envoy_api_v2_cds_proto_msgTypes = make([]protoimpl.MessageInfo, 1)
+var file_envoy_api_v2_cds_proto_goTypes = []interface{}{
+	(*CdsDummy)(nil),               // 0: envoy.api.v2.CdsDummy
+	(*DiscoveryRequest)(nil),       // 1: envoy.api.v2.DiscoveryRequest
+	(*DeltaDiscoveryRequest)(nil),  // 2: envoy.api.v2.DeltaDiscoveryRequest
+	(*DiscoveryResponse)(nil),      // 3: envoy.api.v2.DiscoveryResponse
+	(*DeltaDiscoveryResponse)(nil), // 4: envoy.api.v2.DeltaDiscoveryResponse
+}
+var file_envoy_api_v2_cds_proto_depIdxs = []int32{
+	1, // 0: envoy.api.v2.ClusterDiscoveryService.StreamClusters:input_type -> envoy.api.v2.DiscoveryRequest
+	2, // 1: envoy.api.v2.ClusterDiscoveryService.DeltaClusters:input_type -> envoy.api.v2.DeltaDiscoveryRequest
+	1, // 2: envoy.api.v2.ClusterDiscoveryService.FetchClusters:input_type -> envoy.api.v2.DiscoveryRequest
+	3, // 3: envoy.api.v2.ClusterDiscoveryService.StreamClusters:output_type -> envoy.api.v2.DiscoveryResponse
+	4, // 4: envoy.api.v2.ClusterDiscoveryService.DeltaClusters:output_type -> envoy.api.v2.DeltaDiscoveryResponse
+	3, // 5: envoy.api.v2.ClusterDiscoveryService.FetchClusters:output_type -> envoy.api.v2.DiscoveryResponse
+	3, // [3:6] is the sub-list for method output_type
+	0, // [0:3] is the sub-list for method input_type
+	0, // [0:0] is the sub-list for extension type_name
+	0, // [0:0] is the sub-list for extension extendee
+	0, // [0:0] is the sub-list for field type_name
+}
+
+func init() { file_envoy_api_v2_cds_proto_init() }
+func file_envoy_api_v2_cds_proto_init() {
+	if File_envoy_api_v2_cds_proto != nil {
+		return
+	}
+	file_envoy_api_v2_discovery_proto_init()
+	file_envoy_api_v2_cluster_proto_init()
+	if !protoimpl.UnsafeEnabled {
+		file_envoy_api_v2_cds_proto_msgTypes[0].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*CdsDummy); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+	}
+	type x struct{}
+	out := protoimpl.TypeBuilder{
+		File: protoimpl.DescBuilder{
+			GoPackagePath: reflect.TypeOf(x{}).PkgPath(),
+			RawDescriptor: file_envoy_api_v2_cds_proto_rawDesc,
+			NumEnums:      0,
+			NumMessages:   1,
+			NumExtensions: 0,
+			NumServices:   1,
+		},
+		GoTypes:           file_envoy_api_v2_cds_proto_goTypes,
+		DependencyIndexes: file_envoy_api_v2_cds_proto_depIdxs,
+		MessageInfos:      file_envoy_api_v2_cds_proto_msgTypes,
+	}.Build()
+	File_envoy_api_v2_cds_proto = out.File
+	file_envoy_api_v2_cds_proto_rawDesc = nil
+	file_envoy_api_v2_cds_proto_goTypes = nil
+	file_envoy_api_v2_cds_proto_depIdxs = nil
+}
+
+// Reference imports to suppress errors if they are not otherwise used.
+var _ context.Context
+var _ grpc.ClientConnInterface
+
+// This is a compile-time assertion to ensure that this generated file
+// is compatible with the grpc package it is being compiled against.
+const _ = grpc.SupportPackageIsVersion6
+
+// ClusterDiscoveryServiceClient is the client API for ClusterDiscoveryService service.
+//
+// For semantics around ctx use and closing/ending streaming RPCs, please refer to https://godoc.org/google.golang.org/grpc#ClientConn.NewStream.
+type ClusterDiscoveryServiceClient interface {
+	StreamClusters(ctx context.Context, opts ...grpc.CallOption) (ClusterDiscoveryService_StreamClustersClient, error)
+	DeltaClusters(ctx context.Context, opts ...grpc.CallOption) (ClusterDiscoveryService_DeltaClustersClient, error)
+	FetchClusters(ctx context.Context, in *DiscoveryRequest, opts ...grpc.CallOption) (*DiscoveryResponse, error)
+}
+
+type clusterDiscoveryServiceClient struct {
+	cc grpc.ClientConnInterface
+}
+
+func NewClusterDiscoveryServiceClient(cc grpc.ClientConnInterface) ClusterDiscoveryServiceClient {
+	return &clusterDiscoveryServiceClient{cc}
+}
+
+func (c *clusterDiscoveryServiceClient) StreamClusters(ctx context.Context, opts ...grpc.CallOption) (ClusterDiscoveryService_StreamClustersClient, error) {
+	stream, err := c.cc.NewStream(ctx, &_ClusterDiscoveryService_serviceDesc.Streams[0], "/envoy.api.v2.ClusterDiscoveryService/StreamClusters", opts...)
+	if err != nil {
+		return nil, err
+	}
+	x := &clusterDiscoveryServiceStreamClustersClient{stream}
+	return x, nil
+}
+
+type ClusterDiscoveryService_StreamClustersClient interface {
+	Send(*DiscoveryRequest) error
+	Recv() (*DiscoveryResponse, error)
+	grpc.ClientStream
+}
+
+type clusterDiscoveryServiceStreamClustersClient struct {
+	grpc.ClientStream
+}
+
+func (x *clusterDiscoveryServiceStreamClustersClient) Send(m *DiscoveryRequest) error {
+	return x.ClientStream.SendMsg(m)
+}
+
+func (x *clusterDiscoveryServiceStreamClustersClient) Recv() (*DiscoveryResponse, error) {
+	m := new(DiscoveryResponse)
+	if err := x.ClientStream.RecvMsg(m); err != nil {
+		return nil, err
+	}
+	return m, nil
+}
+
+func (c *clusterDiscoveryServiceClient) DeltaClusters(ctx context.Context, opts ...grpc.CallOption) (ClusterDiscoveryService_DeltaClustersClient, error) {
+	stream, err := c.cc.NewStream(ctx, &_ClusterDiscoveryService_serviceDesc.Streams[1], "/envoy.api.v2.ClusterDiscoveryService/DeltaClusters", opts...)
+	if err != nil {
+		return nil, err
+	}
+	x := &clusterDiscoveryServiceDeltaClustersClient{stream}
+	return x, nil
+}
+
+type ClusterDiscoveryService_DeltaClustersClient interface {
+	Send(*DeltaDiscoveryRequest) error
+	Recv() (*DeltaDiscoveryResponse, error)
+	grpc.ClientStream
+}
+
+type clusterDiscoveryServiceDeltaClustersClient struct {
+	grpc.ClientStream
+}
+
+func (x *clusterDiscoveryServiceDeltaClustersClient) Send(m *DeltaDiscoveryRequest) error {
+	return x.ClientStream.SendMsg(m)
+}
+
+func (x *clusterDiscoveryServiceDeltaClustersClient) Recv() (*DeltaDiscoveryResponse, error) {
+	m := new(DeltaDiscoveryResponse)
+	if err := x.ClientStream.RecvMsg(m); err != nil {
+		return nil, err
+	}
+	return m, nil
+}
+
+func (c *clusterDiscoveryServiceClient) FetchClusters(ctx context.Context, in *DiscoveryRequest, opts ...grpc.CallOption) (*DiscoveryResponse, error) {
+	out := new(DiscoveryResponse)
+	err := c.cc.Invoke(ctx, "/envoy.api.v2.ClusterDiscoveryService/FetchClusters", in, out, opts...)
+	if err != nil {
+		return nil, err
+	}
+	return out, nil
+}
+
+// ClusterDiscoveryServiceServer is the server API for ClusterDiscoveryService service.
+type ClusterDiscoveryServiceServer interface {
+	StreamClusters(ClusterDiscoveryService_StreamClustersServer) error
+	DeltaClusters(ClusterDiscoveryService_DeltaClustersServer) error
+	FetchClusters(context.Context, *DiscoveryRequest) (*DiscoveryResponse, error)
+}
+
+// UnimplementedClusterDiscoveryServiceServer can be embedded to have forward compatible implementations.
+type UnimplementedClusterDiscoveryServiceServer struct {
+}
+
+func (*UnimplementedClusterDiscoveryServiceServer) StreamClusters(ClusterDiscoveryService_StreamClustersServer) error {
+	return status.Errorf(codes.Unimplemented, "method StreamClusters not implemented")
+}
+func (*UnimplementedClusterDiscoveryServiceServer) DeltaClusters(ClusterDiscoveryService_DeltaClustersServer) error {
+	return status.Errorf(codes.Unimplemented, "method DeltaClusters not implemented")
+}
+func (*UnimplementedClusterDiscoveryServiceServer) FetchClusters(context.Context, *DiscoveryRequest) (*DiscoveryResponse, error) {
+	return nil, status.Errorf(codes.Unimplemented, "method FetchClusters not implemented")
+}
+
+func RegisterClusterDiscoveryServiceServer(s *grpc.Server, srv ClusterDiscoveryServiceServer) {
+	s.RegisterService(&_ClusterDiscoveryService_serviceDesc, srv)
+}
+
+func _ClusterDiscoveryService_StreamClusters_Handler(srv interface{}, stream grpc.ServerStream) error {
+	return srv.(ClusterDiscoveryServiceServer).StreamClusters(&clusterDiscoveryServiceStreamClustersServer{stream})
+}
+
+type ClusterDiscoveryService_StreamClustersServer interface {
+	Send(*DiscoveryResponse) error
+	Recv() (*DiscoveryRequest, error)
+	grpc.ServerStream
+}
+
+type clusterDiscoveryServiceStreamClustersServer struct {
+	grpc.ServerStream
+}
+
+func (x *clusterDiscoveryServiceStreamClustersServer) Send(m *DiscoveryResponse) error {
+	return x.ServerStream.SendMsg(m)
+}
+
+func (x *clusterDiscoveryServiceStreamClustersServer) Recv() (*DiscoveryRequest, error) {
+	m := new(DiscoveryRequest)
+	if err := x.ServerStream.RecvMsg(m); err != nil {
+		return nil, err
+	}
+	return m, nil
+}
+
+func _ClusterDiscoveryService_DeltaClusters_Handler(srv interface{}, stream grpc.ServerStream) error {
+	return srv.(ClusterDiscoveryServiceServer).DeltaClusters(&clusterDiscoveryServiceDeltaClustersServer{stream})
+}
+
+type ClusterDiscoveryService_DeltaClustersServer interface {
+	Send(*DeltaDiscoveryResponse) error
+	Recv() (*DeltaDiscoveryRequest, error)
+	grpc.ServerStream
+}
+
+type clusterDiscoveryServiceDeltaClustersServer struct {
+	grpc.ServerStream
+}
+
+func (x *clusterDiscoveryServiceDeltaClustersServer) Send(m *DeltaDiscoveryResponse) error {
+	return x.ServerStream.SendMsg(m)
+}
+
+func (x *clusterDiscoveryServiceDeltaClustersServer) Recv() (*DeltaDiscoveryRequest, error) {
+	m := new(DeltaDiscoveryRequest)
+	if err := x.ServerStream.RecvMsg(m); err != nil {
+		return nil, err
+	}
+	return m, nil
+}
+
+func _ClusterDiscoveryService_FetchClusters_Handler(srv interface{}, ctx context.Context, dec func(interface{}) error, interceptor grpc.UnaryServerInterceptor) (interface{}, error) {
+	in := new(DiscoveryRequest)
+	if err := dec(in); err != nil {
+		return nil, err
+	}
+	if interceptor == nil {
+		return srv.(ClusterDiscoveryServiceServer).FetchClusters(ctx, in)
+	}
+	info := &grpc.UnaryServerInfo{
+		Server:     srv,
+		FullMethod: "/envoy.api.v2.ClusterDiscoveryService/FetchClusters",
+	}
+	handler := func(ctx context.Context, req interface{}) (interface{}, error) {
+		return srv.(ClusterDiscoveryServiceServer).FetchClusters(ctx, req.(*DiscoveryRequest))
+	}
+	return interceptor(ctx, in, info, handler)
+}
+
+var _ClusterDiscoveryService_serviceDesc = grpc.ServiceDesc{
+	ServiceName: "envoy.api.v2.ClusterDiscoveryService",
+	HandlerType: (*ClusterDiscoveryServiceServer)(nil),
+	Methods: []grpc.MethodDesc{
+		{
+			MethodName: "FetchClusters",
+			Handler:    _ClusterDiscoveryService_FetchClusters_Handler,
+		},
+	},
+	Streams: []grpc.StreamDesc{
+		{
+			StreamName:    "StreamClusters",
+			Handler:       _ClusterDiscoveryService_StreamClusters_Handler,
+			ServerStreams: true,
+			ClientStreams: true,
+		},
+		{
+			StreamName:    "DeltaClusters",
+			Handler:       _ClusterDiscoveryService_DeltaClusters_Handler,
+			ServerStreams: true,
+			ClientStreams: true,
+		},
+	},
+	Metadata: "envoy/api/v2/cds.proto",
+}
diff --git a/vendor/github.com/envoyproxy/go-control-plane/envoy/api/v2/cds.pb.validate.go b/vendor/github.com/envoyproxy/go-control-plane/envoy/api/v2/cds.pb.validate.go
new file mode 100644
index 00000000000..61584ef1c56
--- /dev/null
+++ b/vendor/github.com/envoyproxy/go-control-plane/envoy/api/v2/cds.pb.validate.go
@@ -0,0 +1,134 @@
+// Code generated by protoc-gen-validate. DO NOT EDIT.
+// source: envoy/api/v2/cds.proto
+
+package envoy_api_v2
+
+import (
+	"bytes"
+	"errors"
+	"fmt"
+	"net"
+	"net/mail"
+	"net/url"
+	"regexp"
+	"sort"
+	"strings"
+	"time"
+	"unicode/utf8"
+
+	"google.golang.org/protobuf/types/known/anypb"
+)
+
+// ensure the imports are used
+var (
+	_ = bytes.MinRead
+	_ = errors.New("")
+	_ = fmt.Print
+	_ = utf8.UTFMax
+	_ = (*regexp.Regexp)(nil)
+	_ = (*strings.Reader)(nil)
+	_ = net.IPv4len
+	_ = time.Duration(0)
+	_ = (*url.URL)(nil)
+	_ = (*mail.Address)(nil)
+	_ = anypb.Any{}
+	_ = sort.Sort
+)
+
+// Validate checks the field values on CdsDummy with the rules defined in the
+// proto definition for this message. If any rules are violated, the first
+// error encountered is returned, or nil if there are no violations.
+func (m *CdsDummy) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on CdsDummy with the rules defined in
+// the proto definition for this message. If any rules are violated, the
+// result is a list of violation errors wrapped in CdsDummyMultiError, or nil
+// if none found.
+func (m *CdsDummy) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *CdsDummy) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	if len(errors) > 0 {
+		return CdsDummyMultiError(errors)
+	}
+	return nil
+}
+
+// CdsDummyMultiError is an error wrapping multiple validation errors returned
+// by CdsDummy.ValidateAll() if the designated constraints aren't met.
+type CdsDummyMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m CdsDummyMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m CdsDummyMultiError) AllErrors() []error { return m }
+
+// CdsDummyValidationError is the validation error returned by
+// CdsDummy.Validate if the designated constraints aren't met.
+type CdsDummyValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e CdsDummyValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e CdsDummyValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e CdsDummyValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e CdsDummyValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e CdsDummyValidationError) ErrorName() string { return "CdsDummyValidationError" }
+
+// Error satisfies the builtin error interface
+func (e CdsDummyValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sCdsDummy.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = CdsDummyValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = CdsDummyValidationError{}
diff --git a/vendor/github.com/envoyproxy/go-control-plane/envoy/api/v2/cluster.pb.go b/vendor/github.com/envoyproxy/go-control-plane/envoy/api/v2/cluster.pb.go
new file mode 100644
index 00000000000..e09529db9b8
--- /dev/null
+++ b/vendor/github.com/envoyproxy/go-control-plane/envoy/api/v2/cluster.pb.go
@@ -0,0 +1,3365 @@
+// Code generated by protoc-gen-go. DO NOT EDIT.
+// versions:
+// 	protoc-gen-go v1.25.0
+// 	protoc        v3.19.1
+// source: envoy/api/v2/cluster.proto
+
+package envoy_api_v2
+
+import (
+	_ "github.com/cncf/xds/go/udpa/annotations"
+	_ "github.com/envoyproxy/go-control-plane/envoy/annotations"
+	auth "github.com/envoyproxy/go-control-plane/envoy/api/v2/auth"
+	cluster "github.com/envoyproxy/go-control-plane/envoy/api/v2/cluster"
+	core "github.com/envoyproxy/go-control-plane/envoy/api/v2/core"
+	_type "github.com/envoyproxy/go-control-plane/envoy/type"
+	_ "github.com/envoyproxy/protoc-gen-validate/validate"
+	proto "github.com/golang/protobuf/proto"
+	any "github.com/golang/protobuf/ptypes/any"
+	duration "github.com/golang/protobuf/ptypes/duration"
+	_struct "github.com/golang/protobuf/ptypes/struct"
+	wrappers "github.com/golang/protobuf/ptypes/wrappers"
+	protoreflect "google.golang.org/protobuf/reflect/protoreflect"
+	protoimpl "google.golang.org/protobuf/runtime/protoimpl"
+	reflect "reflect"
+	sync "sync"
+)
+
+const (
+	// Verify that this generated code is sufficiently up-to-date.
+	_ = protoimpl.EnforceVersion(20 - protoimpl.MinVersion)
+	// Verify that runtime/protoimpl is sufficiently up-to-date.
+	_ = protoimpl.EnforceVersion(protoimpl.MaxVersion - 20)
+)
+
+// This is a compile-time assertion that a sufficiently up-to-date version
+// of the legacy proto package is being used.
+const _ = proto.ProtoPackageIsVersion4
+
+// Refer to :ref:`service discovery type <arch_overview_service_discovery_types>`
+// for an explanation on each type.
+type Cluster_DiscoveryType int32
+
+const (
+	// Refer to the :ref:`static discovery type<arch_overview_service_discovery_types_static>`
+	// for an explanation.
+	Cluster_STATIC Cluster_DiscoveryType = 0
+	// Refer to the :ref:`strict DNS discovery
+	// type<arch_overview_service_discovery_types_strict_dns>`
+	// for an explanation.
+	Cluster_STRICT_DNS Cluster_DiscoveryType = 1
+	// Refer to the :ref:`logical DNS discovery
+	// type<arch_overview_service_discovery_types_logical_dns>`
+	// for an explanation.
+	Cluster_LOGICAL_DNS Cluster_DiscoveryType = 2
+	// Refer to the :ref:`service discovery type<arch_overview_service_discovery_types_eds>`
+	// for an explanation.
+	Cluster_EDS Cluster_DiscoveryType = 3
+	// Refer to the :ref:`original destination discovery
+	// type<arch_overview_service_discovery_types_original_destination>`
+	// for an explanation.
+	Cluster_ORIGINAL_DST Cluster_DiscoveryType = 4
+)
+
+// Enum value maps for Cluster_DiscoveryType.
+var (
+	Cluster_DiscoveryType_name = map[int32]string{
+		0: "STATIC",
+		1: "STRICT_DNS",
+		2: "LOGICAL_DNS",
+		3: "EDS",
+		4: "ORIGINAL_DST",
+	}
+	Cluster_DiscoveryType_value = map[string]int32{
+		"STATIC":       0,
+		"STRICT_DNS":   1,
+		"LOGICAL_DNS":  2,
+		"EDS":          3,
+		"ORIGINAL_DST": 4,
+	}
+)
+
+func (x Cluster_DiscoveryType) Enum() *Cluster_DiscoveryType {
+	p := new(Cluster_DiscoveryType)
+	*p = x
+	return p
+}
+
+func (x Cluster_DiscoveryType) String() string {
+	return protoimpl.X.EnumStringOf(x.Descriptor(), protoreflect.EnumNumber(x))
+}
+
+func (Cluster_DiscoveryType) Descriptor() protoreflect.EnumDescriptor {
+	return file_envoy_api_v2_cluster_proto_enumTypes[0].Descriptor()
+}
+
+func (Cluster_DiscoveryType) Type() protoreflect.EnumType {
+	return &file_envoy_api_v2_cluster_proto_enumTypes[0]
+}
+
+func (x Cluster_DiscoveryType) Number() protoreflect.EnumNumber {
+	return protoreflect.EnumNumber(x)
+}
+
+// Deprecated: Use Cluster_DiscoveryType.Descriptor instead.
+func (Cluster_DiscoveryType) EnumDescriptor() ([]byte, []int) {
+	return file_envoy_api_v2_cluster_proto_rawDescGZIP(), []int{0, 0}
+}
+
+// Refer to :ref:`load balancer type <arch_overview_load_balancing_types>` architecture
+// overview section for information on each type.
+type Cluster_LbPolicy int32
+
+const (
+	// Refer to the :ref:`round robin load balancing
+	// policy<arch_overview_load_balancing_types_round_robin>`
+	// for an explanation.
+	Cluster_ROUND_ROBIN Cluster_LbPolicy = 0
+	// Refer to the :ref:`least request load balancing
+	// policy<arch_overview_load_balancing_types_least_request>`
+	// for an explanation.
+	Cluster_LEAST_REQUEST Cluster_LbPolicy = 1
+	// Refer to the :ref:`ring hash load balancing
+	// policy<arch_overview_load_balancing_types_ring_hash>`
+	// for an explanation.
+	Cluster_RING_HASH Cluster_LbPolicy = 2
+	// Refer to the :ref:`random load balancing
+	// policy<arch_overview_load_balancing_types_random>`
+	// for an explanation.
+	Cluster_RANDOM Cluster_LbPolicy = 3
+	// Refer to the :ref:`original destination load balancing
+	// policy<arch_overview_load_balancing_types_original_destination>`
+	// for an explanation.
+	//
+	// .. attention::
+	//
+	//   **This load balancing policy is deprecated**. Use CLUSTER_PROVIDED instead.
+	//
+	//
+	// Deprecated: Do not use.
+	Cluster_ORIGINAL_DST_LB Cluster_LbPolicy = 4
+	// Refer to the :ref:`Maglev load balancing policy<arch_overview_load_balancing_types_maglev>`
+	// for an explanation.
+	Cluster_MAGLEV Cluster_LbPolicy = 5
+	// This load balancer type must be specified if the configured cluster provides a cluster
+	// specific load balancer. Consult the configured cluster's documentation for whether to set
+	// this option or not.
+	Cluster_CLUSTER_PROVIDED Cluster_LbPolicy = 6
+	// [#not-implemented-hide:] Use the new :ref:`load_balancing_policy
+	// <envoy_api_field_Cluster.load_balancing_policy>` field to determine the LB policy.
+	// [#next-major-version: In the v3 API, we should consider deprecating the lb_policy field
+	// and instead using the new load_balancing_policy field as the one and only mechanism for
+	// configuring this.]
+	Cluster_LOAD_BALANCING_POLICY_CONFIG Cluster_LbPolicy = 7
+)
+
+// Enum value maps for Cluster_LbPolicy.
+var (
+	Cluster_LbPolicy_name = map[int32]string{
+		0: "ROUND_ROBIN",
+		1: "LEAST_REQUEST",
+		2: "RING_HASH",
+		3: "RANDOM",
+		4: "ORIGINAL_DST_LB",
+		5: "MAGLEV",
+		6: "CLUSTER_PROVIDED",
+		7: "LOAD_BALANCING_POLICY_CONFIG",
+	}
+	Cluster_LbPolicy_value = map[string]int32{
+		"ROUND_ROBIN":                  0,
+		"LEAST_REQUEST":                1,
+		"RING_HASH":                    2,
+		"RANDOM":                       3,
+		"ORIGINAL_DST_LB":              4,
+		"MAGLEV":                       5,
+		"CLUSTER_PROVIDED":             6,
+		"LOAD_BALANCING_POLICY_CONFIG": 7,
+	}
+)
+
+func (x Cluster_LbPolicy) Enum() *Cluster_LbPolicy {
+	p := new(Cluster_LbPolicy)
+	*p = x
+	return p
+}
+
+func (x Cluster_LbPolicy) String() string {
+	return protoimpl.X.EnumStringOf(x.Descriptor(), protoreflect.EnumNumber(x))
+}
+
+func (Cluster_LbPolicy) Descriptor() protoreflect.EnumDescriptor {
+	return file_envoy_api_v2_cluster_proto_enumTypes[1].Descriptor()
+}
+
+func (Cluster_LbPolicy) Type() protoreflect.EnumType {
+	return &file_envoy_api_v2_cluster_proto_enumTypes[1]
+}
+
+func (x Cluster_LbPolicy) Number() protoreflect.EnumNumber {
+	return protoreflect.EnumNumber(x)
+}
+
+// Deprecated: Use Cluster_LbPolicy.Descriptor instead.
+func (Cluster_LbPolicy) EnumDescriptor() ([]byte, []int) {
+	return file_envoy_api_v2_cluster_proto_rawDescGZIP(), []int{0, 1}
+}
+
+// When V4_ONLY is selected, the DNS resolver will only perform a lookup for
+// addresses in the IPv4 family. If V6_ONLY is selected, the DNS resolver will
+// only perform a lookup for addresses in the IPv6 family. If AUTO is
+// specified, the DNS resolver will first perform a lookup for addresses in
+// the IPv6 family and fallback to a lookup for addresses in the IPv4 family.
+// For cluster types other than
+// :ref:`STRICT_DNS<envoy_api_enum_value_Cluster.DiscoveryType.STRICT_DNS>` and
+// :ref:`LOGICAL_DNS<envoy_api_enum_value_Cluster.DiscoveryType.LOGICAL_DNS>`,
+// this setting is
+// ignored.
+type Cluster_DnsLookupFamily int32
+
+const (
+	Cluster_AUTO    Cluster_DnsLookupFamily = 0
+	Cluster_V4_ONLY Cluster_DnsLookupFamily = 1
+	Cluster_V6_ONLY Cluster_DnsLookupFamily = 2
+)
+
+// Enum value maps for Cluster_DnsLookupFamily.
+var (
+	Cluster_DnsLookupFamily_name = map[int32]string{
+		0: "AUTO",
+		1: "V4_ONLY",
+		2: "V6_ONLY",
+	}
+	Cluster_DnsLookupFamily_value = map[string]int32{
+		"AUTO":    0,
+		"V4_ONLY": 1,
+		"V6_ONLY": 2,
+	}
+)
+
+func (x Cluster_DnsLookupFamily) Enum() *Cluster_DnsLookupFamily {
+	p := new(Cluster_DnsLookupFamily)
+	*p = x
+	return p
+}
+
+func (x Cluster_DnsLookupFamily) String() string {
+	return protoimpl.X.EnumStringOf(x.Descriptor(), protoreflect.EnumNumber(x))
+}
+
+func (Cluster_DnsLookupFamily) Descriptor() protoreflect.EnumDescriptor {
+	return file_envoy_api_v2_cluster_proto_enumTypes[2].Descriptor()
+}
+
+func (Cluster_DnsLookupFamily) Type() protoreflect.EnumType {
+	return &file_envoy_api_v2_cluster_proto_enumTypes[2]
+}
+
+func (x Cluster_DnsLookupFamily) Number() protoreflect.EnumNumber {
+	return protoreflect.EnumNumber(x)
+}
+
+// Deprecated: Use Cluster_DnsLookupFamily.Descriptor instead.
+func (Cluster_DnsLookupFamily) EnumDescriptor() ([]byte, []int) {
+	return file_envoy_api_v2_cluster_proto_rawDescGZIP(), []int{0, 2}
+}
+
+type Cluster_ClusterProtocolSelection int32
+
+const (
+	// Cluster can only operate on one of the possible upstream protocols (HTTP1.1, HTTP2).
+	// If :ref:`http2_protocol_options <envoy_api_field_Cluster.http2_protocol_options>` are
+	// present, HTTP2 will be used, otherwise HTTP1.1 will be used.
+	Cluster_USE_CONFIGURED_PROTOCOL Cluster_ClusterProtocolSelection = 0
+	// Use HTTP1.1 or HTTP2, depending on which one is used on the downstream connection.
+	Cluster_USE_DOWNSTREAM_PROTOCOL Cluster_ClusterProtocolSelection = 1
+)
+
+// Enum value maps for Cluster_ClusterProtocolSelection.
+var (
+	Cluster_ClusterProtocolSelection_name = map[int32]string{
+		0: "USE_CONFIGURED_PROTOCOL",
+		1: "USE_DOWNSTREAM_PROTOCOL",
+	}
+	Cluster_ClusterProtocolSelection_value = map[string]int32{
+		"USE_CONFIGURED_PROTOCOL": 0,
+		"USE_DOWNSTREAM_PROTOCOL": 1,
+	}
+)
+
+func (x Cluster_ClusterProtocolSelection) Enum() *Cluster_ClusterProtocolSelection {
+	p := new(Cluster_ClusterProtocolSelection)
+	*p = x
+	return p
+}
+
+func (x Cluster_ClusterProtocolSelection) String() string {
+	return protoimpl.X.EnumStringOf(x.Descriptor(), protoreflect.EnumNumber(x))
+}
+
+func (Cluster_ClusterProtocolSelection) Descriptor() protoreflect.EnumDescriptor {
+	return file_envoy_api_v2_cluster_proto_enumTypes[3].Descriptor()
+}
+
+func (Cluster_ClusterProtocolSelection) Type() protoreflect.EnumType {
+	return &file_envoy_api_v2_cluster_proto_enumTypes[3]
+}
+
+func (x Cluster_ClusterProtocolSelection) Number() protoreflect.EnumNumber {
+	return protoreflect.EnumNumber(x)
+}
+
+// Deprecated: Use Cluster_ClusterProtocolSelection.Descriptor instead.
+func (Cluster_ClusterProtocolSelection) EnumDescriptor() ([]byte, []int) {
+	return file_envoy_api_v2_cluster_proto_rawDescGZIP(), []int{0, 3}
+}
+
+// If NO_FALLBACK is selected, a result
+// equivalent to no healthy hosts is reported. If ANY_ENDPOINT is selected,
+// any cluster endpoint may be returned (subject to policy, health checks,
+// etc). If DEFAULT_SUBSET is selected, load balancing is performed over the
+// endpoints matching the values from the default_subset field.
+type Cluster_LbSubsetConfig_LbSubsetFallbackPolicy int32
+
+const (
+	Cluster_LbSubsetConfig_NO_FALLBACK    Cluster_LbSubsetConfig_LbSubsetFallbackPolicy = 0
+	Cluster_LbSubsetConfig_ANY_ENDPOINT   Cluster_LbSubsetConfig_LbSubsetFallbackPolicy = 1
+	Cluster_LbSubsetConfig_DEFAULT_SUBSET Cluster_LbSubsetConfig_LbSubsetFallbackPolicy = 2
+)
+
+// Enum value maps for Cluster_LbSubsetConfig_LbSubsetFallbackPolicy.
+var (
+	Cluster_LbSubsetConfig_LbSubsetFallbackPolicy_name = map[int32]string{
+		0: "NO_FALLBACK",
+		1: "ANY_ENDPOINT",
+		2: "DEFAULT_SUBSET",
+	}
+	Cluster_LbSubsetConfig_LbSubsetFallbackPolicy_value = map[string]int32{
+		"NO_FALLBACK":    0,
+		"ANY_ENDPOINT":   1,
+		"DEFAULT_SUBSET": 2,
+	}
+)
+
+func (x Cluster_LbSubsetConfig_LbSubsetFallbackPolicy) Enum() *Cluster_LbSubsetConfig_LbSubsetFallbackPolicy {
+	p := new(Cluster_LbSubsetConfig_LbSubsetFallbackPolicy)
+	*p = x
+	return p
+}
+
+func (x Cluster_LbSubsetConfig_LbSubsetFallbackPolicy) String() string {
+	return protoimpl.X.EnumStringOf(x.Descriptor(), protoreflect.EnumNumber(x))
+}
+
+func (Cluster_LbSubsetConfig_LbSubsetFallbackPolicy) Descriptor() protoreflect.EnumDescriptor {
+	return file_envoy_api_v2_cluster_proto_enumTypes[4].Descriptor()
+}
+
+func (Cluster_LbSubsetConfig_LbSubsetFallbackPolicy) Type() protoreflect.EnumType {
+	return &file_envoy_api_v2_cluster_proto_enumTypes[4]
+}
+
+func (x Cluster_LbSubsetConfig_LbSubsetFallbackPolicy) Number() protoreflect.EnumNumber {
+	return protoreflect.EnumNumber(x)
+}
+
+// Deprecated: Use Cluster_LbSubsetConfig_LbSubsetFallbackPolicy.Descriptor instead.
+func (Cluster_LbSubsetConfig_LbSubsetFallbackPolicy) EnumDescriptor() ([]byte, []int) {
+	return file_envoy_api_v2_cluster_proto_rawDescGZIP(), []int{0, 3, 0}
+}
+
+// Allows to override top level fallback policy per selector.
+type Cluster_LbSubsetConfig_LbSubsetSelector_LbSubsetSelectorFallbackPolicy int32
+
+const (
+	// If NOT_DEFINED top level config fallback policy is used instead.
+	Cluster_LbSubsetConfig_LbSubsetSelector_NOT_DEFINED Cluster_LbSubsetConfig_LbSubsetSelector_LbSubsetSelectorFallbackPolicy = 0
+	// If NO_FALLBACK is selected, a result equivalent to no healthy hosts is reported.
+	Cluster_LbSubsetConfig_LbSubsetSelector_NO_FALLBACK Cluster_LbSubsetConfig_LbSubsetSelector_LbSubsetSelectorFallbackPolicy = 1
+	// If ANY_ENDPOINT is selected, any cluster endpoint may be returned
+	// (subject to policy, health checks, etc).
+	Cluster_LbSubsetConfig_LbSubsetSelector_ANY_ENDPOINT Cluster_LbSubsetConfig_LbSubsetSelector_LbSubsetSelectorFallbackPolicy = 2
+	// If DEFAULT_SUBSET is selected, load balancing is performed over the
+	// endpoints matching the values from the default_subset field.
+	Cluster_LbSubsetConfig_LbSubsetSelector_DEFAULT_SUBSET Cluster_LbSubsetConfig_LbSubsetSelector_LbSubsetSelectorFallbackPolicy = 3
+	// If KEYS_SUBSET is selected, subset selector matching is performed again with metadata
+	// keys reduced to
+	// :ref:`fallback_keys_subset<envoy_api_field_Cluster.LbSubsetConfig.LbSubsetSelector.fallback_keys_subset>`.
+	// It allows for a fallback to a different, less specific selector if some of the keys of
+	// the selector are considered optional.
+	Cluster_LbSubsetConfig_LbSubsetSelector_KEYS_SUBSET Cluster_LbSubsetConfig_LbSubsetSelector_LbSubsetSelectorFallbackPolicy = 4
+)
+
+// Enum value maps for Cluster_LbSubsetConfig_LbSubsetSelector_LbSubsetSelectorFallbackPolicy.
+var (
+	Cluster_LbSubsetConfig_LbSubsetSelector_LbSubsetSelectorFallbackPolicy_name = map[int32]string{
+		0: "NOT_DEFINED",
+		1: "NO_FALLBACK",
+		2: "ANY_ENDPOINT",
+		3: "DEFAULT_SUBSET",
+		4: "KEYS_SUBSET",
+	}
+	Cluster_LbSubsetConfig_LbSubsetSelector_LbSubsetSelectorFallbackPolicy_value = map[string]int32{
+		"NOT_DEFINED":    0,
+		"NO_FALLBACK":    1,
+		"ANY_ENDPOINT":   2,
+		"DEFAULT_SUBSET": 3,
+		"KEYS_SUBSET":    4,
+	}
+)
+
+func (x Cluster_LbSubsetConfig_LbSubsetSelector_LbSubsetSelectorFallbackPolicy) Enum() *Cluster_LbSubsetConfig_LbSubsetSelector_LbSubsetSelectorFallbackPolicy {
+	p := new(Cluster_LbSubsetConfig_LbSubsetSelector_LbSubsetSelectorFallbackPolicy)
+	*p = x
+	return p
+}
+
+func (x Cluster_LbSubsetConfig_LbSubsetSelector_LbSubsetSelectorFallbackPolicy) String() string {
+	return protoimpl.X.EnumStringOf(x.Descriptor(), protoreflect.EnumNumber(x))
+}
+
+func (Cluster_LbSubsetConfig_LbSubsetSelector_LbSubsetSelectorFallbackPolicy) Descriptor() protoreflect.EnumDescriptor {
+	return file_envoy_api_v2_cluster_proto_enumTypes[5].Descriptor()
+}
+
+func (Cluster_LbSubsetConfig_LbSubsetSelector_LbSubsetSelectorFallbackPolicy) Type() protoreflect.EnumType {
+	return &file_envoy_api_v2_cluster_proto_enumTypes[5]
+}
+
+func (x Cluster_LbSubsetConfig_LbSubsetSelector_LbSubsetSelectorFallbackPolicy) Number() protoreflect.EnumNumber {
+	return protoreflect.EnumNumber(x)
+}
+
+// Deprecated: Use Cluster_LbSubsetConfig_LbSubsetSelector_LbSubsetSelectorFallbackPolicy.Descriptor instead.
+func (Cluster_LbSubsetConfig_LbSubsetSelector_LbSubsetSelectorFallbackPolicy) EnumDescriptor() ([]byte, []int) {
+	return file_envoy_api_v2_cluster_proto_rawDescGZIP(), []int{0, 3, 0, 0}
+}
+
+// The hash function used to hash hosts onto the ketama ring.
+type Cluster_RingHashLbConfig_HashFunction int32
+
+const (
+	// Use `xxHash <https://github.com/Cyan4973/xxHash>`_, this is the default hash function.
+	Cluster_RingHashLbConfig_XX_HASH Cluster_RingHashLbConfig_HashFunction = 0
+	// Use `MurmurHash2 <https://sites.google.com/site/murmurhash/>`_, this is compatible with
+	// std:hash<string> in GNU libstdc++ 3.4.20 or above. This is typically the case when compiled
+	// on Linux and not macOS.
+	Cluster_RingHashLbConfig_MURMUR_HASH_2 Cluster_RingHashLbConfig_HashFunction = 1
+)
+
+// Enum value maps for Cluster_RingHashLbConfig_HashFunction.
+var (
+	Cluster_RingHashLbConfig_HashFunction_name = map[int32]string{
+		0: "XX_HASH",
+		1: "MURMUR_HASH_2",
+	}
+	Cluster_RingHashLbConfig_HashFunction_value = map[string]int32{
+		"XX_HASH":       0,
+		"MURMUR_HASH_2": 1,
+	}
+)
+
+func (x Cluster_RingHashLbConfig_HashFunction) Enum() *Cluster_RingHashLbConfig_HashFunction {
+	p := new(Cluster_RingHashLbConfig_HashFunction)
+	*p = x
+	return p
+}
+
+func (x Cluster_RingHashLbConfig_HashFunction) String() string {
+	return protoimpl.X.EnumStringOf(x.Descriptor(), protoreflect.EnumNumber(x))
+}
+
+func (Cluster_RingHashLbConfig_HashFunction) Descriptor() protoreflect.EnumDescriptor {
+	return file_envoy_api_v2_cluster_proto_enumTypes[6].Descriptor()
+}
+
+func (Cluster_RingHashLbConfig_HashFunction) Type() protoreflect.EnumType {
+	return &file_envoy_api_v2_cluster_proto_enumTypes[6]
+}
+
+func (x Cluster_RingHashLbConfig_HashFunction) Number() protoreflect.EnumNumber {
+	return protoreflect.EnumNumber(x)
+}
+
+// Deprecated: Use Cluster_RingHashLbConfig_HashFunction.Descriptor instead.
+func (Cluster_RingHashLbConfig_HashFunction) EnumDescriptor() ([]byte, []int) {
+	return file_envoy_api_v2_cluster_proto_rawDescGZIP(), []int{0, 5, 0}
+}
+
+// Configuration for a single upstream cluster.
+// [#next-free-field: 48]
+type Cluster struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// Configuration to use different transport sockets for different endpoints.
+	// The entry of *envoy.transport_socket_match* in the
+	// :ref:`LbEndpoint.Metadata <envoy_api_field_endpoint.LbEndpoint.metadata>`
+	// is used to match against the transport sockets as they appear in the list. The first
+	// :ref:`match <envoy_api_msg_Cluster.TransportSocketMatch>` is used.
+	// For example, with the following match
+	//
+	// .. code-block:: yaml
+	//
+	//  transport_socket_matches:
+	//  - name: "enableMTLS"
+	//    match:
+	//      acceptMTLS: true
+	//    transport_socket:
+	//      name: envoy.transport_sockets.tls
+	//      config: { ... } # tls socket configuration
+	//  - name: "defaultToPlaintext"
+	//    match: {}
+	//    transport_socket:
+	//      name: envoy.transport_sockets.raw_buffer
+	//
+	// Connections to the endpoints whose metadata value under *envoy.transport_socket_match*
+	// having "acceptMTLS"/"true" key/value pair use the "enableMTLS" socket configuration.
+	//
+	// If a :ref:`socket match <envoy_api_msg_Cluster.TransportSocketMatch>` with empty match
+	// criteria is provided, that always match any endpoint. For example, the "defaultToPlaintext"
+	// socket match in case above.
+	//
+	// If an endpoint metadata's value under *envoy.transport_socket_match* does not match any
+	// *TransportSocketMatch*, socket configuration fallbacks to use the *tls_context* or
+	// *transport_socket* specified in this cluster.
+	//
+	// This field allows gradual and flexible transport socket configuration changes.
+	//
+	// The metadata of endpoints in EDS can indicate transport socket capabilities. For example,
+	// an endpoint's metadata can have two key value pairs as "acceptMTLS": "true",
+	// "acceptPlaintext": "true". While some other endpoints, only accepting plaintext traffic
+	// has "acceptPlaintext": "true" metadata information.
+	//
+	// Then the xDS server can configure the CDS to a client, Envoy A, to send mutual TLS
+	// traffic for endpoints with "acceptMTLS": "true", by adding a corresponding
+	// *TransportSocketMatch* in this field. Other client Envoys receive CDS without
+	// *transport_socket_match* set, and still send plain text traffic to the same cluster.
+	//
+	// [#comment:TODO(incfly): add a detailed architecture doc on intended usage.]
+	TransportSocketMatches []*Cluster_TransportSocketMatch `protobuf:"bytes,43,rep,name=transport_socket_matches,json=transportSocketMatches,proto3" json:"transport_socket_matches,omitempty"`
+	// Supplies the name of the cluster which must be unique across all clusters.
+	// The cluster name is used when emitting
+	// :ref:`statistics <config_cluster_manager_cluster_stats>` if :ref:`alt_stat_name
+	// <envoy_api_field_Cluster.alt_stat_name>` is not provided.
+	// Any ``:`` in the cluster name will be converted to ``_`` when emitting statistics.
+	Name string `protobuf:"bytes,1,opt,name=name,proto3" json:"name,omitempty"`
+	// An optional alternative to the cluster name to be used while emitting stats.
+	// Any ``:`` in the name will be converted to ``_`` when emitting statistics. This should not be
+	// confused with :ref:`Router Filter Header
+	// <config_http_filters_router_x-envoy-upstream-alt-stat-name>`.
+	AltStatName string `protobuf:"bytes,28,opt,name=alt_stat_name,json=altStatName,proto3" json:"alt_stat_name,omitempty"`
+	// Types that are assignable to ClusterDiscoveryType:
+	//	*Cluster_Type
+	//	*Cluster_ClusterType
+	ClusterDiscoveryType isCluster_ClusterDiscoveryType `protobuf_oneof:"cluster_discovery_type"`
+	// Configuration to use for EDS updates for the Cluster.
+	EdsClusterConfig *Cluster_EdsClusterConfig `protobuf:"bytes,3,opt,name=eds_cluster_config,json=edsClusterConfig,proto3" json:"eds_cluster_config,omitempty"`
+	// The timeout for new network connections to hosts in the cluster.
+	ConnectTimeout *duration.Duration `protobuf:"bytes,4,opt,name=connect_timeout,json=connectTimeout,proto3" json:"connect_timeout,omitempty"`
+	// Soft limit on size of the cluster’s connections read and write buffers. If
+	// unspecified, an implementation defined default is applied (1MiB).
+	PerConnectionBufferLimitBytes *wrappers.UInt32Value `protobuf:"bytes,5,opt,name=per_connection_buffer_limit_bytes,json=perConnectionBufferLimitBytes,proto3" json:"per_connection_buffer_limit_bytes,omitempty"`
+	// The :ref:`load balancer type <arch_overview_load_balancing_types>` to use
+	// when picking a host in the cluster.
+	LbPolicy Cluster_LbPolicy `protobuf:"varint,6,opt,name=lb_policy,json=lbPolicy,proto3,enum=envoy.api.v2.Cluster_LbPolicy" json:"lb_policy,omitempty"`
+	// If the service discovery type is
+	// :ref:`STATIC<envoy_api_enum_value_Cluster.DiscoveryType.STATIC>`,
+	// :ref:`STRICT_DNS<envoy_api_enum_value_Cluster.DiscoveryType.STRICT_DNS>`
+	// or :ref:`LOGICAL_DNS<envoy_api_enum_value_Cluster.DiscoveryType.LOGICAL_DNS>`,
+	// then hosts is required.
+	//
+	// .. attention::
+	//
+	//   **This field is deprecated**. Set the
+	//   :ref:`load_assignment<envoy_api_field_Cluster.load_assignment>` field instead.
+	//
+	//
+	// Deprecated: Do not use.
+	Hosts []*core.Address `protobuf:"bytes,7,rep,name=hosts,proto3" json:"hosts,omitempty"`
+	// Setting this is required for specifying members of
+	// :ref:`STATIC<envoy_api_enum_value_Cluster.DiscoveryType.STATIC>`,
+	// :ref:`STRICT_DNS<envoy_api_enum_value_Cluster.DiscoveryType.STRICT_DNS>`
+	// or :ref:`LOGICAL_DNS<envoy_api_enum_value_Cluster.DiscoveryType.LOGICAL_DNS>` clusters.
+	// This field supersedes the *hosts* field in the v2 API.
+	//
+	// .. attention::
+	//
+	//   Setting this allows non-EDS cluster types to contain embedded EDS equivalent
+	//   :ref:`endpoint assignments<envoy_api_msg_ClusterLoadAssignment>`.
+	//
+	LoadAssignment *ClusterLoadAssignment `protobuf:"bytes,33,opt,name=load_assignment,json=loadAssignment,proto3" json:"load_assignment,omitempty"`
+	// Optional :ref:`active health checking <arch_overview_health_checking>`
+	// configuration for the cluster. If no
+	// configuration is specified no health checking will be done and all cluster
+	// members will be considered healthy at all times.
+	HealthChecks []*core.HealthCheck `protobuf:"bytes,8,rep,name=health_checks,json=healthChecks,proto3" json:"health_checks,omitempty"`
+	// Optional maximum requests for a single upstream connection. This parameter
+	// is respected by both the HTTP/1.1 and HTTP/2 connection pool
+	// implementations. If not specified, there is no limit. Setting this
+	// parameter to 1 will effectively disable keep alive.
+	MaxRequestsPerConnection *wrappers.UInt32Value `protobuf:"bytes,9,opt,name=max_requests_per_connection,json=maxRequestsPerConnection,proto3" json:"max_requests_per_connection,omitempty"`
+	// Optional :ref:`circuit breaking <arch_overview_circuit_break>` for the cluster.
+	CircuitBreakers *cluster.CircuitBreakers `protobuf:"bytes,10,opt,name=circuit_breakers,json=circuitBreakers,proto3" json:"circuit_breakers,omitempty"`
+	// The TLS configuration for connections to the upstream cluster.
+	//
+	// .. attention::
+	//
+	//   **This field is deprecated**. Use `transport_socket` with name `tls` instead. If both are
+	//   set, `transport_socket` takes priority.
+	//
+	// Deprecated: Do not use.
+	TlsContext *auth.UpstreamTlsContext `protobuf:"bytes,11,opt,name=tls_context,json=tlsContext,proto3" json:"tls_context,omitempty"`
+	// HTTP protocol options that are applied only to upstream HTTP connections.
+	// These options apply to all HTTP versions.
+	UpstreamHttpProtocolOptions *core.UpstreamHttpProtocolOptions `protobuf:"bytes,46,opt,name=upstream_http_protocol_options,json=upstreamHttpProtocolOptions,proto3" json:"upstream_http_protocol_options,omitempty"`
+	// Additional options when handling HTTP requests upstream. These options will be applicable to
+	// both HTTP1 and HTTP2 requests.
+	CommonHttpProtocolOptions *core.HttpProtocolOptions `protobuf:"bytes,29,opt,name=common_http_protocol_options,json=commonHttpProtocolOptions,proto3" json:"common_http_protocol_options,omitempty"`
+	// Additional options when handling HTTP1 requests.
+	HttpProtocolOptions *core.Http1ProtocolOptions `protobuf:"bytes,13,opt,name=http_protocol_options,json=httpProtocolOptions,proto3" json:"http_protocol_options,omitempty"`
+	// Even if default HTTP2 protocol options are desired, this field must be
+	// set so that Envoy will assume that the upstream supports HTTP/2 when
+	// making new HTTP connection pool connections. Currently, Envoy only
+	// supports prior knowledge for upstream connections. Even if TLS is used
+	// with ALPN, `http2_protocol_options` must be specified. As an aside this allows HTTP/2
+	// connections to happen over plain text.
+	Http2ProtocolOptions *core.Http2ProtocolOptions `protobuf:"bytes,14,opt,name=http2_protocol_options,json=http2ProtocolOptions,proto3" json:"http2_protocol_options,omitempty"`
+	// The extension_protocol_options field is used to provide extension-specific protocol options
+	// for upstream connections. The key should match the extension filter name, such as
+	// "envoy.filters.network.thrift_proxy". See the extension's documentation for details on
+	// specific options.
+	//
+	// Deprecated: Do not use.
+	ExtensionProtocolOptions map[string]*_struct.Struct `protobuf:"bytes,35,rep,name=extension_protocol_options,json=extensionProtocolOptions,proto3" json:"extension_protocol_options,omitempty" protobuf_key:"bytes,1,opt,name=key,proto3" protobuf_val:"bytes,2,opt,name=value,proto3"`
+	// The extension_protocol_options field is used to provide extension-specific protocol options
+	// for upstream connections. The key should match the extension filter name, such as
+	// "envoy.filters.network.thrift_proxy". See the extension's documentation for details on
+	// specific options.
+	TypedExtensionProtocolOptions map[string]*any.Any `protobuf:"bytes,36,rep,name=typed_extension_protocol_options,json=typedExtensionProtocolOptions,proto3" json:"typed_extension_protocol_options,omitempty" protobuf_key:"bytes,1,opt,name=key,proto3" protobuf_val:"bytes,2,opt,name=value,proto3"`
+	// If the DNS refresh rate is specified and the cluster type is either
+	// :ref:`STRICT_DNS<envoy_api_enum_value_Cluster.DiscoveryType.STRICT_DNS>`,
+	// or :ref:`LOGICAL_DNS<envoy_api_enum_value_Cluster.DiscoveryType.LOGICAL_DNS>`,
+	// this value is used as the cluster’s DNS refresh
+	// rate. The value configured must be at least 1ms. If this setting is not specified, the
+	// value defaults to 5000ms. For cluster types other than
+	// :ref:`STRICT_DNS<envoy_api_enum_value_Cluster.DiscoveryType.STRICT_DNS>`
+	// and :ref:`LOGICAL_DNS<envoy_api_enum_value_Cluster.DiscoveryType.LOGICAL_DNS>`
+	// this setting is ignored.
+	DnsRefreshRate *duration.Duration `protobuf:"bytes,16,opt,name=dns_refresh_rate,json=dnsRefreshRate,proto3" json:"dns_refresh_rate,omitempty"`
+	// If the DNS failure refresh rate is specified and the cluster type is either
+	// :ref:`STRICT_DNS<envoy_api_enum_value_Cluster.DiscoveryType.STRICT_DNS>`,
+	// or :ref:`LOGICAL_DNS<envoy_api_enum_value_Cluster.DiscoveryType.LOGICAL_DNS>`,
+	// this is used as the cluster’s DNS refresh rate when requests are failing. If this setting is
+	// not specified, the failure refresh rate defaults to the DNS refresh rate. For cluster types
+	// other than :ref:`STRICT_DNS<envoy_api_enum_value_Cluster.DiscoveryType.STRICT_DNS>` and
+	// :ref:`LOGICAL_DNS<envoy_api_enum_value_Cluster.DiscoveryType.LOGICAL_DNS>` this setting is
+	// ignored.
+	DnsFailureRefreshRate *Cluster_RefreshRate `protobuf:"bytes,44,opt,name=dns_failure_refresh_rate,json=dnsFailureRefreshRate,proto3" json:"dns_failure_refresh_rate,omitempty"`
+	// Optional configuration for setting cluster's DNS refresh rate. If the value is set to true,
+	// cluster's DNS refresh rate will be set to resource record's TTL which comes from DNS
+	// resolution.
+	RespectDnsTtl bool `protobuf:"varint,39,opt,name=respect_dns_ttl,json=respectDnsTtl,proto3" json:"respect_dns_ttl,omitempty"`
+	// The DNS IP address resolution policy. If this setting is not specified, the
+	// value defaults to
+	// :ref:`AUTO<envoy_api_enum_value_Cluster.DnsLookupFamily.AUTO>`.
+	DnsLookupFamily Cluster_DnsLookupFamily `protobuf:"varint,17,opt,name=dns_lookup_family,json=dnsLookupFamily,proto3,enum=envoy.api.v2.Cluster_DnsLookupFamily" json:"dns_lookup_family,omitempty"`
+	// If DNS resolvers are specified and the cluster type is either
+	// :ref:`STRICT_DNS<envoy_api_enum_value_Cluster.DiscoveryType.STRICT_DNS>`,
+	// or :ref:`LOGICAL_DNS<envoy_api_enum_value_Cluster.DiscoveryType.LOGICAL_DNS>`,
+	// this value is used to specify the cluster’s dns resolvers.
+	// If this setting is not specified, the value defaults to the default
+	// resolver, which uses /etc/resolv.conf for configuration. For cluster types
+	// other than
+	// :ref:`STRICT_DNS<envoy_api_enum_value_Cluster.DiscoveryType.STRICT_DNS>`
+	// and :ref:`LOGICAL_DNS<envoy_api_enum_value_Cluster.DiscoveryType.LOGICAL_DNS>`
+	// this setting is ignored.
+	// Setting this value causes failure if the
+	// ``envoy.restart_features.use_apple_api_for_dns_lookups`` runtime value is true during
+	// server startup. Apple's API only allows overriding DNS resolvers via system settings.
+	DnsResolvers []*core.Address `protobuf:"bytes,18,rep,name=dns_resolvers,json=dnsResolvers,proto3" json:"dns_resolvers,omitempty"`
+	// [#next-major-version: Reconcile DNS options in a single message.]
+	// Always use TCP queries instead of UDP queries for DNS lookups.
+	// Setting this value causes failure if the
+	// ``envoy.restart_features.use_apple_api_for_dns_lookups`` runtime value is true during
+	// server startup. Apple' API only uses UDP for DNS resolution.
+	UseTcpForDnsLookups bool `protobuf:"varint,45,opt,name=use_tcp_for_dns_lookups,json=useTcpForDnsLookups,proto3" json:"use_tcp_for_dns_lookups,omitempty"`
+	// If specified, outlier detection will be enabled for this upstream cluster.
+	// Each of the configuration values can be overridden via
+	// :ref:`runtime values <config_cluster_manager_cluster_runtime_outlier_detection>`.
+	OutlierDetection *cluster.OutlierDetection `protobuf:"bytes,19,opt,name=outlier_detection,json=outlierDetection,proto3" json:"outlier_detection,omitempty"`
+	// The interval for removing stale hosts from a cluster type
+	// :ref:`ORIGINAL_DST<envoy_api_enum_value_Cluster.DiscoveryType.ORIGINAL_DST>`.
+	// Hosts are considered stale if they have not been used
+	// as upstream destinations during this interval. New hosts are added
+	// to original destination clusters on demand as new connections are
+	// redirected to Envoy, causing the number of hosts in the cluster to
+	// grow over time. Hosts that are not stale (they are actively used as
+	// destinations) are kept in the cluster, which allows connections to
+	// them remain open, saving the latency that would otherwise be spent
+	// on opening new connections. If this setting is not specified, the
+	// value defaults to 5000ms. For cluster types other than
+	// :ref:`ORIGINAL_DST<envoy_api_enum_value_Cluster.DiscoveryType.ORIGINAL_DST>`
+	// this setting is ignored.
+	CleanupInterval *duration.Duration `protobuf:"bytes,20,opt,name=cleanup_interval,json=cleanupInterval,proto3" json:"cleanup_interval,omitempty"`
+	// Optional configuration used to bind newly established upstream connections.
+	// This overrides any bind_config specified in the bootstrap proto.
+	// If the address and port are empty, no bind will be performed.
+	UpstreamBindConfig *core.BindConfig `protobuf:"bytes,21,opt,name=upstream_bind_config,json=upstreamBindConfig,proto3" json:"upstream_bind_config,omitempty"`
+	// Configuration for load balancing subsetting.
+	LbSubsetConfig *Cluster_LbSubsetConfig `protobuf:"bytes,22,opt,name=lb_subset_config,json=lbSubsetConfig,proto3" json:"lb_subset_config,omitempty"`
+	// Optional configuration for the load balancing algorithm selected by
+	// LbPolicy. Currently only
+	// :ref:`RING_HASH<envoy_api_enum_value_Cluster.LbPolicy.RING_HASH>` and
+	// :ref:`LEAST_REQUEST<envoy_api_enum_value_Cluster.LbPolicy.LEAST_REQUEST>`
+	// has additional configuration options.
+	// Specifying ring_hash_lb_config or least_request_lb_config without setting the corresponding
+	// LbPolicy will generate an error at runtime.
+	//
+	// Types that are assignable to LbConfig:
+	//	*Cluster_RingHashLbConfig_
+	//	*Cluster_OriginalDstLbConfig_
+	//	*Cluster_LeastRequestLbConfig_
+	LbConfig isCluster_LbConfig `protobuf_oneof:"lb_config"`
+	// Common configuration for all load balancer implementations.
+	CommonLbConfig *Cluster_CommonLbConfig `protobuf:"bytes,27,opt,name=common_lb_config,json=commonLbConfig,proto3" json:"common_lb_config,omitempty"`
+	// Optional custom transport socket implementation to use for upstream connections.
+	// To setup TLS, set a transport socket with name `tls` and
+	// :ref:`UpstreamTlsContexts <envoy_api_msg_auth.UpstreamTlsContext>` in the `typed_config`.
+	// If no transport socket configuration is specified, new connections
+	// will be set up with plaintext.
+	TransportSocket *core.TransportSocket `protobuf:"bytes,24,opt,name=transport_socket,json=transportSocket,proto3" json:"transport_socket,omitempty"`
+	// The Metadata field can be used to provide additional information about the
+	// cluster. It can be used for stats, logging, and varying filter behavior.
+	// Fields should use reverse DNS notation to denote which entity within Envoy
+	// will need the information. For instance, if the metadata is intended for
+	// the Router filter, the filter name should be specified as *envoy.filters.http.router*.
+	Metadata *core.Metadata `protobuf:"bytes,25,opt,name=metadata,proto3" json:"metadata,omitempty"`
+	// Determines how Envoy selects the protocol used to speak to upstream hosts.
+	ProtocolSelection Cluster_ClusterProtocolSelection `protobuf:"varint,26,opt,name=protocol_selection,json=protocolSelection,proto3,enum=envoy.api.v2.Cluster_ClusterProtocolSelection" json:"protocol_selection,omitempty"`
+	// Optional options for upstream connections.
+	UpstreamConnectionOptions *UpstreamConnectionOptions `protobuf:"bytes,30,opt,name=upstream_connection_options,json=upstreamConnectionOptions,proto3" json:"upstream_connection_options,omitempty"`
+	// If an upstream host becomes unhealthy (as determined by the configured health checks
+	// or outlier detection), immediately close all connections to the failed host.
+	//
+	// .. note::
+	//
+	//   This is currently only supported for connections created by tcp_proxy.
+	//
+	// .. note::
+	//
+	//   The current implementation of this feature closes all connections immediately when
+	//   the unhealthy status is detected. If there are a large number of connections open
+	//   to an upstream host that becomes unhealthy, Envoy may spend a substantial amount of
+	//   time exclusively closing these connections, and not processing any other traffic.
+	CloseConnectionsOnHostHealthFailure bool `protobuf:"varint,31,opt,name=close_connections_on_host_health_failure,json=closeConnectionsOnHostHealthFailure,proto3" json:"close_connections_on_host_health_failure,omitempty"`
+	// If set to true, Envoy will ignore the health value of a host when processing its removal
+	// from service discovery. This means that if active health checking is used, Envoy will *not*
+	// wait for the endpoint to go unhealthy before removing it.
+	DrainConnectionsOnHostRemoval bool `protobuf:"varint,32,opt,name=drain_connections_on_host_removal,json=drainConnectionsOnHostRemoval,proto3" json:"drain_connections_on_host_removal,omitempty"`
+	// An (optional) network filter chain, listed in the order the filters should be applied.
+	// The chain will be applied to all outgoing connections that Envoy makes to the upstream
+	// servers of this cluster.
+	Filters []*cluster.Filter `protobuf:"bytes,40,rep,name=filters,proto3" json:"filters,omitempty"`
+	// [#not-implemented-hide:] New mechanism for LB policy configuration. Used only if the
+	// :ref:`lb_policy<envoy_api_field_Cluster.lb_policy>` field has the value
+	// :ref:`LOAD_BALANCING_POLICY_CONFIG<envoy_api_enum_value_Cluster.LbPolicy.LOAD_BALANCING_POLICY_CONFIG>`.
+	LoadBalancingPolicy *LoadBalancingPolicy `protobuf:"bytes,41,opt,name=load_balancing_policy,json=loadBalancingPolicy,proto3" json:"load_balancing_policy,omitempty"`
+	// [#not-implemented-hide:]
+	// If present, tells the client where to send load reports via LRS. If not present, the
+	// client will fall back to a client-side default, which may be either (a) don't send any
+	// load reports or (b) send load reports for all clusters to a single default server
+	// (which may be configured in the bootstrap file).
+	//
+	// Note that if multiple clusters point to the same LRS server, the client may choose to
+	// create a separate stream for each cluster or it may choose to coalesce the data for
+	// multiple clusters onto a single stream. Either way, the client must make sure to send
+	// the data for any given cluster on no more than one stream.
+	//
+	// [#next-major-version: In the v3 API, we should consider restructuring this somehow,
+	// maybe by allowing LRS to go on the ADS stream, or maybe by moving some of the negotiation
+	// from the LRS stream here.]
+	LrsServer *core.ConfigSource `protobuf:"bytes,42,opt,name=lrs_server,json=lrsServer,proto3" json:"lrs_server,omitempty"`
+	// If track_timeout_budgets is true, the :ref:`timeout budget histograms
+	// <config_cluster_manager_cluster_stats_timeout_budgets>` will be published for each
+	// request. These show what percentage of a request's per try and global timeout was used. A value
+	// of 0 would indicate that none of the timeout was used or that the timeout was infinite. A value
+	// of 100 would indicate that the request took the entirety of the timeout given to it.
+	TrackTimeoutBudgets bool `protobuf:"varint,47,opt,name=track_timeout_budgets,json=trackTimeoutBudgets,proto3" json:"track_timeout_budgets,omitempty"`
+}
+
+func (x *Cluster) Reset() {
+	*x = Cluster{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_api_v2_cluster_proto_msgTypes[0]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *Cluster) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*Cluster) ProtoMessage() {}
+
+func (x *Cluster) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_api_v2_cluster_proto_msgTypes[0]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use Cluster.ProtoReflect.Descriptor instead.
+func (*Cluster) Descriptor() ([]byte, []int) {
+	return file_envoy_api_v2_cluster_proto_rawDescGZIP(), []int{0}
+}
+
+func (x *Cluster) GetTransportSocketMatches() []*Cluster_TransportSocketMatch {
+	if x != nil {
+		return x.TransportSocketMatches
+	}
+	return nil
+}
+
+func (x *Cluster) GetName() string {
+	if x != nil {
+		return x.Name
+	}
+	return ""
+}
+
+func (x *Cluster) GetAltStatName() string {
+	if x != nil {
+		return x.AltStatName
+	}
+	return ""
+}
+
+func (m *Cluster) GetClusterDiscoveryType() isCluster_ClusterDiscoveryType {
+	if m != nil {
+		return m.ClusterDiscoveryType
+	}
+	return nil
+}
+
+func (x *Cluster) GetType() Cluster_DiscoveryType {
+	if x, ok := x.GetClusterDiscoveryType().(*Cluster_Type); ok {
+		return x.Type
+	}
+	return Cluster_STATIC
+}
+
+func (x *Cluster) GetClusterType() *Cluster_CustomClusterType {
+	if x, ok := x.GetClusterDiscoveryType().(*Cluster_ClusterType); ok {
+		return x.ClusterType
+	}
+	return nil
+}
+
+func (x *Cluster) GetEdsClusterConfig() *Cluster_EdsClusterConfig {
+	if x != nil {
+		return x.EdsClusterConfig
+	}
+	return nil
+}
+
+func (x *Cluster) GetConnectTimeout() *duration.Duration {
+	if x != nil {
+		return x.ConnectTimeout
+	}
+	return nil
+}
+
+func (x *Cluster) GetPerConnectionBufferLimitBytes() *wrappers.UInt32Value {
+	if x != nil {
+		return x.PerConnectionBufferLimitBytes
+	}
+	return nil
+}
+
+func (x *Cluster) GetLbPolicy() Cluster_LbPolicy {
+	if x != nil {
+		return x.LbPolicy
+	}
+	return Cluster_ROUND_ROBIN
+}
+
+// Deprecated: Do not use.
+func (x *Cluster) GetHosts() []*core.Address {
+	if x != nil {
+		return x.Hosts
+	}
+	return nil
+}
+
+func (x *Cluster) GetLoadAssignment() *ClusterLoadAssignment {
+	if x != nil {
+		return x.LoadAssignment
+	}
+	return nil
+}
+
+func (x *Cluster) GetHealthChecks() []*core.HealthCheck {
+	if x != nil {
+		return x.HealthChecks
+	}
+	return nil
+}
+
+func (x *Cluster) GetMaxRequestsPerConnection() *wrappers.UInt32Value {
+	if x != nil {
+		return x.MaxRequestsPerConnection
+	}
+	return nil
+}
+
+func (x *Cluster) GetCircuitBreakers() *cluster.CircuitBreakers {
+	if x != nil {
+		return x.CircuitBreakers
+	}
+	return nil
+}
+
+// Deprecated: Do not use.
+func (x *Cluster) GetTlsContext() *auth.UpstreamTlsContext {
+	if x != nil {
+		return x.TlsContext
+	}
+	return nil
+}
+
+func (x *Cluster) GetUpstreamHttpProtocolOptions() *core.UpstreamHttpProtocolOptions {
+	if x != nil {
+		return x.UpstreamHttpProtocolOptions
+	}
+	return nil
+}
+
+func (x *Cluster) GetCommonHttpProtocolOptions() *core.HttpProtocolOptions {
+	if x != nil {
+		return x.CommonHttpProtocolOptions
+	}
+	return nil
+}
+
+func (x *Cluster) GetHttpProtocolOptions() *core.Http1ProtocolOptions {
+	if x != nil {
+		return x.HttpProtocolOptions
+	}
+	return nil
+}
+
+func (x *Cluster) GetHttp2ProtocolOptions() *core.Http2ProtocolOptions {
+	if x != nil {
+		return x.Http2ProtocolOptions
+	}
+	return nil
+}
+
+// Deprecated: Do not use.
+func (x *Cluster) GetExtensionProtocolOptions() map[string]*_struct.Struct {
+	if x != nil {
+		return x.ExtensionProtocolOptions
+	}
+	return nil
+}
+
+func (x *Cluster) GetTypedExtensionProtocolOptions() map[string]*any.Any {
+	if x != nil {
+		return x.TypedExtensionProtocolOptions
+	}
+	return nil
+}
+
+func (x *Cluster) GetDnsRefreshRate() *duration.Duration {
+	if x != nil {
+		return x.DnsRefreshRate
+	}
+	return nil
+}
+
+func (x *Cluster) GetDnsFailureRefreshRate() *Cluster_RefreshRate {
+	if x != nil {
+		return x.DnsFailureRefreshRate
+	}
+	return nil
+}
+
+func (x *Cluster) GetRespectDnsTtl() bool {
+	if x != nil {
+		return x.RespectDnsTtl
+	}
+	return false
+}
+
+func (x *Cluster) GetDnsLookupFamily() Cluster_DnsLookupFamily {
+	if x != nil {
+		return x.DnsLookupFamily
+	}
+	return Cluster_AUTO
+}
+
+func (x *Cluster) GetDnsResolvers() []*core.Address {
+	if x != nil {
+		return x.DnsResolvers
+	}
+	return nil
+}
+
+func (x *Cluster) GetUseTcpForDnsLookups() bool {
+	if x != nil {
+		return x.UseTcpForDnsLookups
+	}
+	return false
+}
+
+func (x *Cluster) GetOutlierDetection() *cluster.OutlierDetection {
+	if x != nil {
+		return x.OutlierDetection
+	}
+	return nil
+}
+
+func (x *Cluster) GetCleanupInterval() *duration.Duration {
+	if x != nil {
+		return x.CleanupInterval
+	}
+	return nil
+}
+
+func (x *Cluster) GetUpstreamBindConfig() *core.BindConfig {
+	if x != nil {
+		return x.UpstreamBindConfig
+	}
+	return nil
+}
+
+func (x *Cluster) GetLbSubsetConfig() *Cluster_LbSubsetConfig {
+	if x != nil {
+		return x.LbSubsetConfig
+	}
+	return nil
+}
+
+func (m *Cluster) GetLbConfig() isCluster_LbConfig {
+	if m != nil {
+		return m.LbConfig
+	}
+	return nil
+}
+
+func (x *Cluster) GetRingHashLbConfig() *Cluster_RingHashLbConfig {
+	if x, ok := x.GetLbConfig().(*Cluster_RingHashLbConfig_); ok {
+		return x.RingHashLbConfig
+	}
+	return nil
+}
+
+func (x *Cluster) GetOriginalDstLbConfig() *Cluster_OriginalDstLbConfig {
+	if x, ok := x.GetLbConfig().(*Cluster_OriginalDstLbConfig_); ok {
+		return x.OriginalDstLbConfig
+	}
+	return nil
+}
+
+func (x *Cluster) GetLeastRequestLbConfig() *Cluster_LeastRequestLbConfig {
+	if x, ok := x.GetLbConfig().(*Cluster_LeastRequestLbConfig_); ok {
+		return x.LeastRequestLbConfig
+	}
+	return nil
+}
+
+func (x *Cluster) GetCommonLbConfig() *Cluster_CommonLbConfig {
+	if x != nil {
+		return x.CommonLbConfig
+	}
+	return nil
+}
+
+func (x *Cluster) GetTransportSocket() *core.TransportSocket {
+	if x != nil {
+		return x.TransportSocket
+	}
+	return nil
+}
+
+func (x *Cluster) GetMetadata() *core.Metadata {
+	if x != nil {
+		return x.Metadata
+	}
+	return nil
+}
+
+func (x *Cluster) GetProtocolSelection() Cluster_ClusterProtocolSelection {
+	if x != nil {
+		return x.ProtocolSelection
+	}
+	return Cluster_USE_CONFIGURED_PROTOCOL
+}
+
+func (x *Cluster) GetUpstreamConnectionOptions() *UpstreamConnectionOptions {
+	if x != nil {
+		return x.UpstreamConnectionOptions
+	}
+	return nil
+}
+
+func (x *Cluster) GetCloseConnectionsOnHostHealthFailure() bool {
+	if x != nil {
+		return x.CloseConnectionsOnHostHealthFailure
+	}
+	return false
+}
+
+func (x *Cluster) GetDrainConnectionsOnHostRemoval() bool {
+	if x != nil {
+		return x.DrainConnectionsOnHostRemoval
+	}
+	return false
+}
+
+func (x *Cluster) GetFilters() []*cluster.Filter {
+	if x != nil {
+		return x.Filters
+	}
+	return nil
+}
+
+func (x *Cluster) GetLoadBalancingPolicy() *LoadBalancingPolicy {
+	if x != nil {
+		return x.LoadBalancingPolicy
+	}
+	return nil
+}
+
+func (x *Cluster) GetLrsServer() *core.ConfigSource {
+	if x != nil {
+		return x.LrsServer
+	}
+	return nil
+}
+
+func (x *Cluster) GetTrackTimeoutBudgets() bool {
+	if x != nil {
+		return x.TrackTimeoutBudgets
+	}
+	return false
+}
+
+type isCluster_ClusterDiscoveryType interface {
+	isCluster_ClusterDiscoveryType()
+}
+
+type Cluster_Type struct {
+	// The :ref:`service discovery type <arch_overview_service_discovery_types>`
+	// to use for resolving the cluster.
+	Type Cluster_DiscoveryType `protobuf:"varint,2,opt,name=type,proto3,enum=envoy.api.v2.Cluster_DiscoveryType,oneof"`
+}
+
+type Cluster_ClusterType struct {
+	// The custom cluster type.
+	ClusterType *Cluster_CustomClusterType `protobuf:"bytes,38,opt,name=cluster_type,json=clusterType,proto3,oneof"`
+}
+
+func (*Cluster_Type) isCluster_ClusterDiscoveryType() {}
+
+func (*Cluster_ClusterType) isCluster_ClusterDiscoveryType() {}
+
+type isCluster_LbConfig interface {
+	isCluster_LbConfig()
+}
+
+type Cluster_RingHashLbConfig_ struct {
+	// Optional configuration for the Ring Hash load balancing policy.
+	RingHashLbConfig *Cluster_RingHashLbConfig `protobuf:"bytes,23,opt,name=ring_hash_lb_config,json=ringHashLbConfig,proto3,oneof"`
+}
+
+type Cluster_OriginalDstLbConfig_ struct {
+	// Optional configuration for the Original Destination load balancing policy.
+	OriginalDstLbConfig *Cluster_OriginalDstLbConfig `protobuf:"bytes,34,opt,name=original_dst_lb_config,json=originalDstLbConfig,proto3,oneof"`
+}
+
+type Cluster_LeastRequestLbConfig_ struct {
+	// Optional configuration for the LeastRequest load balancing policy.
+	LeastRequestLbConfig *Cluster_LeastRequestLbConfig `protobuf:"bytes,37,opt,name=least_request_lb_config,json=leastRequestLbConfig,proto3,oneof"`
+}
+
+func (*Cluster_RingHashLbConfig_) isCluster_LbConfig() {}
+
+func (*Cluster_OriginalDstLbConfig_) isCluster_LbConfig() {}
+
+func (*Cluster_LeastRequestLbConfig_) isCluster_LbConfig() {}
+
+// [#not-implemented-hide:] Extensible load balancing policy configuration.
+//
+// Every LB policy defined via this mechanism will be identified via a unique name using reverse
+// DNS notation. If the policy needs configuration parameters, it must define a message for its
+// own configuration, which will be stored in the config field. The name of the policy will tell
+// clients which type of message they should expect to see in the config field.
+//
+// Note that there are cases where it is useful to be able to independently select LB policies
+// for choosing a locality and for choosing an endpoint within that locality. For example, a
+// given deployment may always use the same policy to choose the locality, but for choosing the
+// endpoint within the locality, some clusters may use weighted-round-robin, while others may
+// use some sort of session-based balancing.
+//
+// This can be accomplished via hierarchical LB policies, where the parent LB policy creates a
+// child LB policy for each locality. For each request, the parent chooses the locality and then
+// delegates to the child policy for that locality to choose the endpoint within the locality.
+//
+// To facilitate this, the config message for the top-level LB policy may include a field of
+// type LoadBalancingPolicy that specifies the child policy.
+type LoadBalancingPolicy struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// Each client will iterate over the list in order and stop at the first policy that it
+	// supports. This provides a mechanism for starting to use new LB policies that are not yet
+	// supported by all clients.
+	Policies []*LoadBalancingPolicy_Policy `protobuf:"bytes,1,rep,name=policies,proto3" json:"policies,omitempty"`
+}
+
+func (x *LoadBalancingPolicy) Reset() {
+	*x = LoadBalancingPolicy{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_api_v2_cluster_proto_msgTypes[1]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *LoadBalancingPolicy) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*LoadBalancingPolicy) ProtoMessage() {}
+
+func (x *LoadBalancingPolicy) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_api_v2_cluster_proto_msgTypes[1]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use LoadBalancingPolicy.ProtoReflect.Descriptor instead.
+func (*LoadBalancingPolicy) Descriptor() ([]byte, []int) {
+	return file_envoy_api_v2_cluster_proto_rawDescGZIP(), []int{1}
+}
+
+func (x *LoadBalancingPolicy) GetPolicies() []*LoadBalancingPolicy_Policy {
+	if x != nil {
+		return x.Policies
+	}
+	return nil
+}
+
+// An extensible structure containing the address Envoy should bind to when
+// establishing upstream connections.
+type UpstreamBindConfig struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// The address Envoy should bind to when establishing upstream connections.
+	SourceAddress *core.Address `protobuf:"bytes,1,opt,name=source_address,json=sourceAddress,proto3" json:"source_address,omitempty"`
+}
+
+func (x *UpstreamBindConfig) Reset() {
+	*x = UpstreamBindConfig{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_api_v2_cluster_proto_msgTypes[2]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *UpstreamBindConfig) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*UpstreamBindConfig) ProtoMessage() {}
+
+func (x *UpstreamBindConfig) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_api_v2_cluster_proto_msgTypes[2]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use UpstreamBindConfig.ProtoReflect.Descriptor instead.
+func (*UpstreamBindConfig) Descriptor() ([]byte, []int) {
+	return file_envoy_api_v2_cluster_proto_rawDescGZIP(), []int{2}
+}
+
+func (x *UpstreamBindConfig) GetSourceAddress() *core.Address {
+	if x != nil {
+		return x.SourceAddress
+	}
+	return nil
+}
+
+type UpstreamConnectionOptions struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// If set then set SO_KEEPALIVE on the socket to enable TCP Keepalives.
+	TcpKeepalive *core.TcpKeepalive `protobuf:"bytes,1,opt,name=tcp_keepalive,json=tcpKeepalive,proto3" json:"tcp_keepalive,omitempty"`
+}
+
+func (x *UpstreamConnectionOptions) Reset() {
+	*x = UpstreamConnectionOptions{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_api_v2_cluster_proto_msgTypes[3]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *UpstreamConnectionOptions) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*UpstreamConnectionOptions) ProtoMessage() {}
+
+func (x *UpstreamConnectionOptions) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_api_v2_cluster_proto_msgTypes[3]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use UpstreamConnectionOptions.ProtoReflect.Descriptor instead.
+func (*UpstreamConnectionOptions) Descriptor() ([]byte, []int) {
+	return file_envoy_api_v2_cluster_proto_rawDescGZIP(), []int{3}
+}
+
+func (x *UpstreamConnectionOptions) GetTcpKeepalive() *core.TcpKeepalive {
+	if x != nil {
+		return x.TcpKeepalive
+	}
+	return nil
+}
+
+// TransportSocketMatch specifies what transport socket config will be used
+// when the match conditions are satisfied.
+type Cluster_TransportSocketMatch struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// The name of the match, used in stats generation.
+	Name string `protobuf:"bytes,1,opt,name=name,proto3" json:"name,omitempty"`
+	// Optional endpoint metadata match criteria.
+	// The connection to the endpoint with metadata matching what is set in this field
+	// will use the transport socket configuration specified here.
+	// The endpoint's metadata entry in *envoy.transport_socket_match* is used to match
+	// against the values specified in this field.
+	Match *_struct.Struct `protobuf:"bytes,2,opt,name=match,proto3" json:"match,omitempty"`
+	// The configuration of the transport socket.
+	TransportSocket *core.TransportSocket `protobuf:"bytes,3,opt,name=transport_socket,json=transportSocket,proto3" json:"transport_socket,omitempty"`
+}
+
+func (x *Cluster_TransportSocketMatch) Reset() {
+	*x = Cluster_TransportSocketMatch{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_api_v2_cluster_proto_msgTypes[4]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *Cluster_TransportSocketMatch) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*Cluster_TransportSocketMatch) ProtoMessage() {}
+
+func (x *Cluster_TransportSocketMatch) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_api_v2_cluster_proto_msgTypes[4]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use Cluster_TransportSocketMatch.ProtoReflect.Descriptor instead.
+func (*Cluster_TransportSocketMatch) Descriptor() ([]byte, []int) {
+	return file_envoy_api_v2_cluster_proto_rawDescGZIP(), []int{0, 0}
+}
+
+func (x *Cluster_TransportSocketMatch) GetName() string {
+	if x != nil {
+		return x.Name
+	}
+	return ""
+}
+
+func (x *Cluster_TransportSocketMatch) GetMatch() *_struct.Struct {
+	if x != nil {
+		return x.Match
+	}
+	return nil
+}
+
+func (x *Cluster_TransportSocketMatch) GetTransportSocket() *core.TransportSocket {
+	if x != nil {
+		return x.TransportSocket
+	}
+	return nil
+}
+
+// Extended cluster type.
+type Cluster_CustomClusterType struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// The type of the cluster to instantiate. The name must match a supported cluster type.
+	Name string `protobuf:"bytes,1,opt,name=name,proto3" json:"name,omitempty"`
+	// Cluster specific configuration which depends on the cluster being instantiated.
+	// See the supported cluster for further documentation.
+	TypedConfig *any.Any `protobuf:"bytes,2,opt,name=typed_config,json=typedConfig,proto3" json:"typed_config,omitempty"`
+}
+
+func (x *Cluster_CustomClusterType) Reset() {
+	*x = Cluster_CustomClusterType{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_api_v2_cluster_proto_msgTypes[5]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *Cluster_CustomClusterType) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*Cluster_CustomClusterType) ProtoMessage() {}
+
+func (x *Cluster_CustomClusterType) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_api_v2_cluster_proto_msgTypes[5]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use Cluster_CustomClusterType.ProtoReflect.Descriptor instead.
+func (*Cluster_CustomClusterType) Descriptor() ([]byte, []int) {
+	return file_envoy_api_v2_cluster_proto_rawDescGZIP(), []int{0, 1}
+}
+
+func (x *Cluster_CustomClusterType) GetName() string {
+	if x != nil {
+		return x.Name
+	}
+	return ""
+}
+
+func (x *Cluster_CustomClusterType) GetTypedConfig() *any.Any {
+	if x != nil {
+		return x.TypedConfig
+	}
+	return nil
+}
+
+// Only valid when discovery type is EDS.
+type Cluster_EdsClusterConfig struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// Configuration for the source of EDS updates for this Cluster.
+	EdsConfig *core.ConfigSource `protobuf:"bytes,1,opt,name=eds_config,json=edsConfig,proto3" json:"eds_config,omitempty"`
+	// Optional alternative to cluster name to present to EDS. This does not
+	// have the same restrictions as cluster name, i.e. it may be arbitrary
+	// length.
+	ServiceName string `protobuf:"bytes,2,opt,name=service_name,json=serviceName,proto3" json:"service_name,omitempty"`
+}
+
+func (x *Cluster_EdsClusterConfig) Reset() {
+	*x = Cluster_EdsClusterConfig{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_api_v2_cluster_proto_msgTypes[6]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *Cluster_EdsClusterConfig) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*Cluster_EdsClusterConfig) ProtoMessage() {}
+
+func (x *Cluster_EdsClusterConfig) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_api_v2_cluster_proto_msgTypes[6]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use Cluster_EdsClusterConfig.ProtoReflect.Descriptor instead.
+func (*Cluster_EdsClusterConfig) Descriptor() ([]byte, []int) {
+	return file_envoy_api_v2_cluster_proto_rawDescGZIP(), []int{0, 2}
+}
+
+func (x *Cluster_EdsClusterConfig) GetEdsConfig() *core.ConfigSource {
+	if x != nil {
+		return x.EdsConfig
+	}
+	return nil
+}
+
+func (x *Cluster_EdsClusterConfig) GetServiceName() string {
+	if x != nil {
+		return x.ServiceName
+	}
+	return ""
+}
+
+// Optionally divide the endpoints in this cluster into subsets defined by
+// endpoint metadata and selected by route and weighted cluster metadata.
+// [#next-free-field: 8]
+type Cluster_LbSubsetConfig struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// The behavior used when no endpoint subset matches the selected route's
+	// metadata. The value defaults to
+	// :ref:`NO_FALLBACK<envoy_api_enum_value_Cluster.LbSubsetConfig.LbSubsetFallbackPolicy.NO_FALLBACK>`.
+	FallbackPolicy Cluster_LbSubsetConfig_LbSubsetFallbackPolicy `protobuf:"varint,1,opt,name=fallback_policy,json=fallbackPolicy,proto3,enum=envoy.api.v2.Cluster_LbSubsetConfig_LbSubsetFallbackPolicy" json:"fallback_policy,omitempty"`
+	// Specifies the default subset of endpoints used during fallback if
+	// fallback_policy is
+	// :ref:`DEFAULT_SUBSET<envoy_api_enum_value_Cluster.LbSubsetConfig.LbSubsetFallbackPolicy.DEFAULT_SUBSET>`.
+	// Each field in default_subset is
+	// compared to the matching LbEndpoint.Metadata under the *envoy.lb*
+	// namespace. It is valid for no hosts to match, in which case the behavior
+	// is the same as a fallback_policy of
+	// :ref:`NO_FALLBACK<envoy_api_enum_value_Cluster.LbSubsetConfig.LbSubsetFallbackPolicy.NO_FALLBACK>`.
+	DefaultSubset *_struct.Struct `protobuf:"bytes,2,opt,name=default_subset,json=defaultSubset,proto3" json:"default_subset,omitempty"`
+	// For each entry, LbEndpoint.Metadata's
+	// *envoy.lb* namespace is traversed and a subset is created for each unique
+	// combination of key and value. For example:
+	//
+	// .. code-block:: json
+	//
+	//   { "subset_selectors": [
+	//       { "keys": [ "version" ] },
+	//       { "keys": [ "stage", "hardware_type" ] }
+	//   ]}
+	//
+	// A subset is matched when the metadata from the selected route and
+	// weighted cluster contains the same keys and values as the subset's
+	// metadata. The same host may appear in multiple subsets.
+	SubsetSelectors []*Cluster_LbSubsetConfig_LbSubsetSelector `protobuf:"bytes,3,rep,name=subset_selectors,json=subsetSelectors,proto3" json:"subset_selectors,omitempty"`
+	// If true, routing to subsets will take into account the localities and locality weights of the
+	// endpoints when making the routing decision.
+	//
+	// There are some potential pitfalls associated with enabling this feature, as the resulting
+	// traffic split after applying both a subset match and locality weights might be undesirable.
+	//
+	// Consider for example a situation in which you have 50/50 split across two localities X/Y
+	// which have 100 hosts each without subsetting. If the subset LB results in X having only 1
+	// host selected but Y having 100, then a lot more load is being dumped on the single host in X
+	// than originally anticipated in the load balancing assignment delivered via EDS.
+	LocalityWeightAware bool `protobuf:"varint,4,opt,name=locality_weight_aware,json=localityWeightAware,proto3" json:"locality_weight_aware,omitempty"`
+	// When used with locality_weight_aware, scales the weight of each locality by the ratio
+	// of hosts in the subset vs hosts in the original subset. This aims to even out the load
+	// going to an individual locality if said locality is disproportionately affected by the
+	// subset predicate.
+	ScaleLocalityWeight bool `protobuf:"varint,5,opt,name=scale_locality_weight,json=scaleLocalityWeight,proto3" json:"scale_locality_weight,omitempty"`
+	// If true, when a fallback policy is configured and its corresponding subset fails to find
+	// a host this will cause any host to be selected instead.
+	//
+	// This is useful when using the default subset as the fallback policy, given the default
+	// subset might become empty. With this option enabled, if that happens the LB will attempt
+	// to select a host from the entire cluster.
+	PanicModeAny bool `protobuf:"varint,6,opt,name=panic_mode_any,json=panicModeAny,proto3" json:"panic_mode_any,omitempty"`
+	// If true, metadata specified for a metadata key will be matched against the corresponding
+	// endpoint metadata if the endpoint metadata matches the value exactly OR it is a list value
+	// and any of the elements in the list matches the criteria.
+	ListAsAny bool `protobuf:"varint,7,opt,name=list_as_any,json=listAsAny,proto3" json:"list_as_any,omitempty"`
+}
+
+func (x *Cluster_LbSubsetConfig) Reset() {
+	*x = Cluster_LbSubsetConfig{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_api_v2_cluster_proto_msgTypes[7]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *Cluster_LbSubsetConfig) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*Cluster_LbSubsetConfig) ProtoMessage() {}
+
+func (x *Cluster_LbSubsetConfig) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_api_v2_cluster_proto_msgTypes[7]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use Cluster_LbSubsetConfig.ProtoReflect.Descriptor instead.
+func (*Cluster_LbSubsetConfig) Descriptor() ([]byte, []int) {
+	return file_envoy_api_v2_cluster_proto_rawDescGZIP(), []int{0, 3}
+}
+
+func (x *Cluster_LbSubsetConfig) GetFallbackPolicy() Cluster_LbSubsetConfig_LbSubsetFallbackPolicy {
+	if x != nil {
+		return x.FallbackPolicy
+	}
+	return Cluster_LbSubsetConfig_NO_FALLBACK
+}
+
+func (x *Cluster_LbSubsetConfig) GetDefaultSubset() *_struct.Struct {
+	if x != nil {
+		return x.DefaultSubset
+	}
+	return nil
+}
+
+func (x *Cluster_LbSubsetConfig) GetSubsetSelectors() []*Cluster_LbSubsetConfig_LbSubsetSelector {
+	if x != nil {
+		return x.SubsetSelectors
+	}
+	return nil
+}
+
+func (x *Cluster_LbSubsetConfig) GetLocalityWeightAware() bool {
+	if x != nil {
+		return x.LocalityWeightAware
+	}
+	return false
+}
+
+func (x *Cluster_LbSubsetConfig) GetScaleLocalityWeight() bool {
+	if x != nil {
+		return x.ScaleLocalityWeight
+	}
+	return false
+}
+
+func (x *Cluster_LbSubsetConfig) GetPanicModeAny() bool {
+	if x != nil {
+		return x.PanicModeAny
+	}
+	return false
+}
+
+func (x *Cluster_LbSubsetConfig) GetListAsAny() bool {
+	if x != nil {
+		return x.ListAsAny
+	}
+	return false
+}
+
+// Specific configuration for the LeastRequest load balancing policy.
+type Cluster_LeastRequestLbConfig struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// The number of random healthy hosts from which the host with the fewest active requests will
+	// be chosen. Defaults to 2 so that we perform two-choice selection if the field is not set.
+	ChoiceCount *wrappers.UInt32Value `protobuf:"bytes,1,opt,name=choice_count,json=choiceCount,proto3" json:"choice_count,omitempty"`
+}
+
+func (x *Cluster_LeastRequestLbConfig) Reset() {
+	*x = Cluster_LeastRequestLbConfig{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_api_v2_cluster_proto_msgTypes[8]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *Cluster_LeastRequestLbConfig) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*Cluster_LeastRequestLbConfig) ProtoMessage() {}
+
+func (x *Cluster_LeastRequestLbConfig) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_api_v2_cluster_proto_msgTypes[8]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use Cluster_LeastRequestLbConfig.ProtoReflect.Descriptor instead.
+func (*Cluster_LeastRequestLbConfig) Descriptor() ([]byte, []int) {
+	return file_envoy_api_v2_cluster_proto_rawDescGZIP(), []int{0, 4}
+}
+
+func (x *Cluster_LeastRequestLbConfig) GetChoiceCount() *wrappers.UInt32Value {
+	if x != nil {
+		return x.ChoiceCount
+	}
+	return nil
+}
+
+// Specific configuration for the :ref:`RingHash<arch_overview_load_balancing_types_ring_hash>`
+// load balancing policy.
+type Cluster_RingHashLbConfig struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// Minimum hash ring size. The larger the ring is (that is, the more hashes there are for each
+	// provided host) the better the request distribution will reflect the desired weights. Defaults
+	// to 1024 entries, and limited to 8M entries. See also
+	// :ref:`maximum_ring_size<envoy_api_field_Cluster.RingHashLbConfig.maximum_ring_size>`.
+	MinimumRingSize *wrappers.UInt64Value `protobuf:"bytes,1,opt,name=minimum_ring_size,json=minimumRingSize,proto3" json:"minimum_ring_size,omitempty"`
+	// The hash function used to hash hosts onto the ketama ring. The value defaults to
+	// :ref:`XX_HASH<envoy_api_enum_value_Cluster.RingHashLbConfig.HashFunction.XX_HASH>`.
+	HashFunction Cluster_RingHashLbConfig_HashFunction `protobuf:"varint,3,opt,name=hash_function,json=hashFunction,proto3,enum=envoy.api.v2.Cluster_RingHashLbConfig_HashFunction" json:"hash_function,omitempty"`
+	// Maximum hash ring size. Defaults to 8M entries, and limited to 8M entries, but can be lowered
+	// to further constrain resource use. See also
+	// :ref:`minimum_ring_size<envoy_api_field_Cluster.RingHashLbConfig.minimum_ring_size>`.
+	MaximumRingSize *wrappers.UInt64Value `protobuf:"bytes,4,opt,name=maximum_ring_size,json=maximumRingSize,proto3" json:"maximum_ring_size,omitempty"`
+}
+
+func (x *Cluster_RingHashLbConfig) Reset() {
+	*x = Cluster_RingHashLbConfig{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_api_v2_cluster_proto_msgTypes[9]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *Cluster_RingHashLbConfig) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*Cluster_RingHashLbConfig) ProtoMessage() {}
+
+func (x *Cluster_RingHashLbConfig) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_api_v2_cluster_proto_msgTypes[9]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use Cluster_RingHashLbConfig.ProtoReflect.Descriptor instead.
+func (*Cluster_RingHashLbConfig) Descriptor() ([]byte, []int) {
+	return file_envoy_api_v2_cluster_proto_rawDescGZIP(), []int{0, 5}
+}
+
+func (x *Cluster_RingHashLbConfig) GetMinimumRingSize() *wrappers.UInt64Value {
+	if x != nil {
+		return x.MinimumRingSize
+	}
+	return nil
+}
+
+func (x *Cluster_RingHashLbConfig) GetHashFunction() Cluster_RingHashLbConfig_HashFunction {
+	if x != nil {
+		return x.HashFunction
+	}
+	return Cluster_RingHashLbConfig_XX_HASH
+}
+
+func (x *Cluster_RingHashLbConfig) GetMaximumRingSize() *wrappers.UInt64Value {
+	if x != nil {
+		return x.MaximumRingSize
+	}
+	return nil
+}
+
+// Specific configuration for the
+// :ref:`Original Destination <arch_overview_load_balancing_types_original_destination>`
+// load balancing policy.
+type Cluster_OriginalDstLbConfig struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// When true, :ref:`x-envoy-original-dst-host
+	// <config_http_conn_man_headers_x-envoy-original-dst-host>` can be used to override destination
+	// address.
+	//
+	// .. attention::
+	//
+	//   This header isn't sanitized by default, so enabling this feature allows HTTP clients to
+	//   route traffic to arbitrary hosts and/or ports, which may have serious security
+	//   consequences.
+	//
+	// .. note::
+	//
+	//   If the header appears multiple times only the first value is used.
+	UseHttpHeader bool `protobuf:"varint,1,opt,name=use_http_header,json=useHttpHeader,proto3" json:"use_http_header,omitempty"`
+}
+
+func (x *Cluster_OriginalDstLbConfig) Reset() {
+	*x = Cluster_OriginalDstLbConfig{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_api_v2_cluster_proto_msgTypes[10]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *Cluster_OriginalDstLbConfig) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*Cluster_OriginalDstLbConfig) ProtoMessage() {}
+
+func (x *Cluster_OriginalDstLbConfig) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_api_v2_cluster_proto_msgTypes[10]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use Cluster_OriginalDstLbConfig.ProtoReflect.Descriptor instead.
+func (*Cluster_OriginalDstLbConfig) Descriptor() ([]byte, []int) {
+	return file_envoy_api_v2_cluster_proto_rawDescGZIP(), []int{0, 6}
+}
+
+func (x *Cluster_OriginalDstLbConfig) GetUseHttpHeader() bool {
+	if x != nil {
+		return x.UseHttpHeader
+	}
+	return false
+}
+
+// Common configuration for all load balancer implementations.
+// [#next-free-field: 8]
+type Cluster_CommonLbConfig struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// Configures the :ref:`healthy panic threshold <arch_overview_load_balancing_panic_threshold>`.
+	// If not specified, the default is 50%.
+	// To disable panic mode, set to 0%.
+	//
+	// .. note::
+	//   The specified percent will be truncated to the nearest 1%.
+	HealthyPanicThreshold *_type.Percent `protobuf:"bytes,1,opt,name=healthy_panic_threshold,json=healthyPanicThreshold,proto3" json:"healthy_panic_threshold,omitempty"`
+	// Types that are assignable to LocalityConfigSpecifier:
+	//	*Cluster_CommonLbConfig_ZoneAwareLbConfig_
+	//	*Cluster_CommonLbConfig_LocalityWeightedLbConfig_
+	LocalityConfigSpecifier isCluster_CommonLbConfig_LocalityConfigSpecifier `protobuf_oneof:"locality_config_specifier"`
+	// If set, all health check/weight/metadata updates that happen within this duration will be
+	// merged and delivered in one shot when the duration expires. The start of the duration is when
+	// the first update happens. This is useful for big clusters, with potentially noisy deploys
+	// that might trigger excessive CPU usage due to a constant stream of healthcheck state changes
+	// or metadata updates. The first set of updates to be seen apply immediately (e.g.: a new
+	// cluster). Please always keep in mind that the use of sandbox technologies may change this
+	// behavior.
+	//
+	// If this is not set, we default to a merge window of 1000ms. To disable it, set the merge
+	// window to 0.
+	//
+	// Note: merging does not apply to cluster membership changes (e.g.: adds/removes); this is
+	// because merging those updates isn't currently safe. See
+	// https://github.com/envoyproxy/envoy/pull/3941.
+	UpdateMergeWindow *duration.Duration `protobuf:"bytes,4,opt,name=update_merge_window,json=updateMergeWindow,proto3" json:"update_merge_window,omitempty"`
+	// If set to true, Envoy will not consider new hosts when computing load balancing weights until
+	// they have been health checked for the first time. This will have no effect unless
+	// active health checking is also configured.
+	//
+	// Ignoring a host means that for any load balancing calculations that adjust weights based
+	// on the ratio of eligible hosts and total hosts (priority spillover, locality weighting and
+	// panic mode) Envoy will exclude these hosts in the denominator.
+	//
+	// For example, with hosts in two priorities P0 and P1, where P0 looks like
+	// {healthy, unhealthy (new), unhealthy (new)}
+	// and where P1 looks like
+	// {healthy, healthy}
+	// all traffic will still hit P0, as 1 / (3 - 2) = 1.
+	//
+	// Enabling this will allow scaling up the number of hosts for a given cluster without entering
+	// panic mode or triggering priority spillover, assuming the hosts pass the first health check.
+	//
+	// If panic mode is triggered, new hosts are still eligible for traffic; they simply do not
+	// contribute to the calculation when deciding whether panic mode is enabled or not.
+	IgnoreNewHostsUntilFirstHc bool `protobuf:"varint,5,opt,name=ignore_new_hosts_until_first_hc,json=ignoreNewHostsUntilFirstHc,proto3" json:"ignore_new_hosts_until_first_hc,omitempty"`
+	// If set to `true`, the cluster manager will drain all existing
+	// connections to upstream hosts whenever hosts are added or removed from the cluster.
+	CloseConnectionsOnHostSetChange bool `protobuf:"varint,6,opt,name=close_connections_on_host_set_change,json=closeConnectionsOnHostSetChange,proto3" json:"close_connections_on_host_set_change,omitempty"`
+	// Common Configuration for all consistent hashing load balancers (MaglevLb, RingHashLb, etc.)
+	ConsistentHashingLbConfig *Cluster_CommonLbConfig_ConsistentHashingLbConfig `protobuf:"bytes,7,opt,name=consistent_hashing_lb_config,json=consistentHashingLbConfig,proto3" json:"consistent_hashing_lb_config,omitempty"`
+}
+
+func (x *Cluster_CommonLbConfig) Reset() {
+	*x = Cluster_CommonLbConfig{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_api_v2_cluster_proto_msgTypes[11]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *Cluster_CommonLbConfig) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*Cluster_CommonLbConfig) ProtoMessage() {}
+
+func (x *Cluster_CommonLbConfig) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_api_v2_cluster_proto_msgTypes[11]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use Cluster_CommonLbConfig.ProtoReflect.Descriptor instead.
+func (*Cluster_CommonLbConfig) Descriptor() ([]byte, []int) {
+	return file_envoy_api_v2_cluster_proto_rawDescGZIP(), []int{0, 7}
+}
+
+func (x *Cluster_CommonLbConfig) GetHealthyPanicThreshold() *_type.Percent {
+	if x != nil {
+		return x.HealthyPanicThreshold
+	}
+	return nil
+}
+
+func (m *Cluster_CommonLbConfig) GetLocalityConfigSpecifier() isCluster_CommonLbConfig_LocalityConfigSpecifier {
+	if m != nil {
+		return m.LocalityConfigSpecifier
+	}
+	return nil
+}
+
+func (x *Cluster_CommonLbConfig) GetZoneAwareLbConfig() *Cluster_CommonLbConfig_ZoneAwareLbConfig {
+	if x, ok := x.GetLocalityConfigSpecifier().(*Cluster_CommonLbConfig_ZoneAwareLbConfig_); ok {
+		return x.ZoneAwareLbConfig
+	}
+	return nil
+}
+
+func (x *Cluster_CommonLbConfig) GetLocalityWeightedLbConfig() *Cluster_CommonLbConfig_LocalityWeightedLbConfig {
+	if x, ok := x.GetLocalityConfigSpecifier().(*Cluster_CommonLbConfig_LocalityWeightedLbConfig_); ok {
+		return x.LocalityWeightedLbConfig
+	}
+	return nil
+}
+
+func (x *Cluster_CommonLbConfig) GetUpdateMergeWindow() *duration.Duration {
+	if x != nil {
+		return x.UpdateMergeWindow
+	}
+	return nil
+}
+
+func (x *Cluster_CommonLbConfig) GetIgnoreNewHostsUntilFirstHc() bool {
+	if x != nil {
+		return x.IgnoreNewHostsUntilFirstHc
+	}
+	return false
+}
+
+func (x *Cluster_CommonLbConfig) GetCloseConnectionsOnHostSetChange() bool {
+	if x != nil {
+		return x.CloseConnectionsOnHostSetChange
+	}
+	return false
+}
+
+func (x *Cluster_CommonLbConfig) GetConsistentHashingLbConfig() *Cluster_CommonLbConfig_ConsistentHashingLbConfig {
+	if x != nil {
+		return x.ConsistentHashingLbConfig
+	}
+	return nil
+}
+
+type isCluster_CommonLbConfig_LocalityConfigSpecifier interface {
+	isCluster_CommonLbConfig_LocalityConfigSpecifier()
+}
+
+type Cluster_CommonLbConfig_ZoneAwareLbConfig_ struct {
+	ZoneAwareLbConfig *Cluster_CommonLbConfig_ZoneAwareLbConfig `protobuf:"bytes,2,opt,name=zone_aware_lb_config,json=zoneAwareLbConfig,proto3,oneof"`
+}
+
+type Cluster_CommonLbConfig_LocalityWeightedLbConfig_ struct {
+	LocalityWeightedLbConfig *Cluster_CommonLbConfig_LocalityWeightedLbConfig `protobuf:"bytes,3,opt,name=locality_weighted_lb_config,json=localityWeightedLbConfig,proto3,oneof"`
+}
+
+func (*Cluster_CommonLbConfig_ZoneAwareLbConfig_) isCluster_CommonLbConfig_LocalityConfigSpecifier() {
+}
+
+func (*Cluster_CommonLbConfig_LocalityWeightedLbConfig_) isCluster_CommonLbConfig_LocalityConfigSpecifier() {
+}
+
+type Cluster_RefreshRate struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// Specifies the base interval between refreshes. This parameter is required and must be greater
+	// than zero and less than
+	// :ref:`max_interval <envoy_api_field_Cluster.RefreshRate.max_interval>`.
+	BaseInterval *duration.Duration `protobuf:"bytes,1,opt,name=base_interval,json=baseInterval,proto3" json:"base_interval,omitempty"`
+	// Specifies the maximum interval between refreshes. This parameter is optional, but must be
+	// greater than or equal to the
+	// :ref:`base_interval <envoy_api_field_Cluster.RefreshRate.base_interval>`  if set. The default
+	// is 10 times the :ref:`base_interval <envoy_api_field_Cluster.RefreshRate.base_interval>`.
+	MaxInterval *duration.Duration `protobuf:"bytes,2,opt,name=max_interval,json=maxInterval,proto3" json:"max_interval,omitempty"`
+}
+
+func (x *Cluster_RefreshRate) Reset() {
+	*x = Cluster_RefreshRate{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_api_v2_cluster_proto_msgTypes[12]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *Cluster_RefreshRate) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*Cluster_RefreshRate) ProtoMessage() {}
+
+func (x *Cluster_RefreshRate) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_api_v2_cluster_proto_msgTypes[12]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use Cluster_RefreshRate.ProtoReflect.Descriptor instead.
+func (*Cluster_RefreshRate) Descriptor() ([]byte, []int) {
+	return file_envoy_api_v2_cluster_proto_rawDescGZIP(), []int{0, 8}
+}
+
+func (x *Cluster_RefreshRate) GetBaseInterval() *duration.Duration {
+	if x != nil {
+		return x.BaseInterval
+	}
+	return nil
+}
+
+func (x *Cluster_RefreshRate) GetMaxInterval() *duration.Duration {
+	if x != nil {
+		return x.MaxInterval
+	}
+	return nil
+}
+
+// Specifications for subsets.
+type Cluster_LbSubsetConfig_LbSubsetSelector struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// List of keys to match with the weighted cluster metadata.
+	Keys []string `protobuf:"bytes,1,rep,name=keys,proto3" json:"keys,omitempty"`
+	// The behavior used when no endpoint subset matches the selected route's
+	// metadata.
+	FallbackPolicy Cluster_LbSubsetConfig_LbSubsetSelector_LbSubsetSelectorFallbackPolicy `protobuf:"varint,2,opt,name=fallback_policy,json=fallbackPolicy,proto3,enum=envoy.api.v2.Cluster_LbSubsetConfig_LbSubsetSelector_LbSubsetSelectorFallbackPolicy" json:"fallback_policy,omitempty"`
+	// Subset of
+	// :ref:`keys<envoy_api_field_Cluster.LbSubsetConfig.LbSubsetSelector.keys>` used by
+	// :ref:`KEYS_SUBSET<envoy_api_enum_value_Cluster.LbSubsetConfig.LbSubsetSelector.LbSubsetSelectorFallbackPolicy.KEYS_SUBSET>`
+	// fallback policy.
+	// It has to be a non empty list if KEYS_SUBSET fallback policy is selected.
+	// For any other fallback policy the parameter is not used and should not be set.
+	// Only values also present in
+	// :ref:`keys<envoy_api_field_Cluster.LbSubsetConfig.LbSubsetSelector.keys>` are allowed, but
+	// `fallback_keys_subset` cannot be equal to `keys`.
+	FallbackKeysSubset []string `protobuf:"bytes,3,rep,name=fallback_keys_subset,json=fallbackKeysSubset,proto3" json:"fallback_keys_subset,omitempty"`
+}
+
+func (x *Cluster_LbSubsetConfig_LbSubsetSelector) Reset() {
+	*x = Cluster_LbSubsetConfig_LbSubsetSelector{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_api_v2_cluster_proto_msgTypes[15]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *Cluster_LbSubsetConfig_LbSubsetSelector) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*Cluster_LbSubsetConfig_LbSubsetSelector) ProtoMessage() {}
+
+func (x *Cluster_LbSubsetConfig_LbSubsetSelector) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_api_v2_cluster_proto_msgTypes[15]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use Cluster_LbSubsetConfig_LbSubsetSelector.ProtoReflect.Descriptor instead.
+func (*Cluster_LbSubsetConfig_LbSubsetSelector) Descriptor() ([]byte, []int) {
+	return file_envoy_api_v2_cluster_proto_rawDescGZIP(), []int{0, 3, 0}
+}
+
+func (x *Cluster_LbSubsetConfig_LbSubsetSelector) GetKeys() []string {
+	if x != nil {
+		return x.Keys
+	}
+	return nil
+}
+
+func (x *Cluster_LbSubsetConfig_LbSubsetSelector) GetFallbackPolicy() Cluster_LbSubsetConfig_LbSubsetSelector_LbSubsetSelectorFallbackPolicy {
+	if x != nil {
+		return x.FallbackPolicy
+	}
+	return Cluster_LbSubsetConfig_LbSubsetSelector_NOT_DEFINED
+}
+
+func (x *Cluster_LbSubsetConfig_LbSubsetSelector) GetFallbackKeysSubset() []string {
+	if x != nil {
+		return x.FallbackKeysSubset
+	}
+	return nil
+}
+
+// Configuration for :ref:`zone aware routing
+// <arch_overview_load_balancing_zone_aware_routing>`.
+type Cluster_CommonLbConfig_ZoneAwareLbConfig struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// Configures percentage of requests that will be considered for zone aware routing
+	// if zone aware routing is configured. If not specified, the default is 100%.
+	// * :ref:`runtime values <config_cluster_manager_cluster_runtime_zone_routing>`.
+	// * :ref:`Zone aware routing support <arch_overview_load_balancing_zone_aware_routing>`.
+	RoutingEnabled *_type.Percent `protobuf:"bytes,1,opt,name=routing_enabled,json=routingEnabled,proto3" json:"routing_enabled,omitempty"`
+	// Configures minimum upstream cluster size required for zone aware routing
+	// If upstream cluster size is less than specified, zone aware routing is not performed
+	// even if zone aware routing is configured. If not specified, the default is 6.
+	// * :ref:`runtime values <config_cluster_manager_cluster_runtime_zone_routing>`.
+	// * :ref:`Zone aware routing support <arch_overview_load_balancing_zone_aware_routing>`.
+	MinClusterSize *wrappers.UInt64Value `protobuf:"bytes,2,opt,name=min_cluster_size,json=minClusterSize,proto3" json:"min_cluster_size,omitempty"`
+	// If set to true, Envoy will not consider any hosts when the cluster is in :ref:`panic
+	// mode<arch_overview_load_balancing_panic_threshold>`. Instead, the cluster will fail all
+	// requests as if all hosts are unhealthy. This can help avoid potentially overwhelming a
+	// failing service.
+	FailTrafficOnPanic bool `protobuf:"varint,3,opt,name=fail_traffic_on_panic,json=failTrafficOnPanic,proto3" json:"fail_traffic_on_panic,omitempty"`
+}
+
+func (x *Cluster_CommonLbConfig_ZoneAwareLbConfig) Reset() {
+	*x = Cluster_CommonLbConfig_ZoneAwareLbConfig{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_api_v2_cluster_proto_msgTypes[16]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *Cluster_CommonLbConfig_ZoneAwareLbConfig) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*Cluster_CommonLbConfig_ZoneAwareLbConfig) ProtoMessage() {}
+
+func (x *Cluster_CommonLbConfig_ZoneAwareLbConfig) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_api_v2_cluster_proto_msgTypes[16]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use Cluster_CommonLbConfig_ZoneAwareLbConfig.ProtoReflect.Descriptor instead.
+func (*Cluster_CommonLbConfig_ZoneAwareLbConfig) Descriptor() ([]byte, []int) {
+	return file_envoy_api_v2_cluster_proto_rawDescGZIP(), []int{0, 7, 0}
+}
+
+func (x *Cluster_CommonLbConfig_ZoneAwareLbConfig) GetRoutingEnabled() *_type.Percent {
+	if x != nil {
+		return x.RoutingEnabled
+	}
+	return nil
+}
+
+func (x *Cluster_CommonLbConfig_ZoneAwareLbConfig) GetMinClusterSize() *wrappers.UInt64Value {
+	if x != nil {
+		return x.MinClusterSize
+	}
+	return nil
+}
+
+func (x *Cluster_CommonLbConfig_ZoneAwareLbConfig) GetFailTrafficOnPanic() bool {
+	if x != nil {
+		return x.FailTrafficOnPanic
+	}
+	return false
+}
+
+// Configuration for :ref:`locality weighted load balancing
+// <arch_overview_load_balancing_locality_weighted_lb>`
+type Cluster_CommonLbConfig_LocalityWeightedLbConfig struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+}
+
+func (x *Cluster_CommonLbConfig_LocalityWeightedLbConfig) Reset() {
+	*x = Cluster_CommonLbConfig_LocalityWeightedLbConfig{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_api_v2_cluster_proto_msgTypes[17]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *Cluster_CommonLbConfig_LocalityWeightedLbConfig) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*Cluster_CommonLbConfig_LocalityWeightedLbConfig) ProtoMessage() {}
+
+func (x *Cluster_CommonLbConfig_LocalityWeightedLbConfig) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_api_v2_cluster_proto_msgTypes[17]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use Cluster_CommonLbConfig_LocalityWeightedLbConfig.ProtoReflect.Descriptor instead.
+func (*Cluster_CommonLbConfig_LocalityWeightedLbConfig) Descriptor() ([]byte, []int) {
+	return file_envoy_api_v2_cluster_proto_rawDescGZIP(), []int{0, 7, 1}
+}
+
+// Common Configuration for all consistent hashing load balancers (MaglevLb, RingHashLb, etc.)
+type Cluster_CommonLbConfig_ConsistentHashingLbConfig struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// If set to `true`, the cluster will use hostname instead of the resolved
+	// address as the key to consistently hash to an upstream host. Only valid for StrictDNS clusters with hostnames which resolve to a single IP address.
+	UseHostnameForHashing bool `protobuf:"varint,1,opt,name=use_hostname_for_hashing,json=useHostnameForHashing,proto3" json:"use_hostname_for_hashing,omitempty"`
+}
+
+func (x *Cluster_CommonLbConfig_ConsistentHashingLbConfig) Reset() {
+	*x = Cluster_CommonLbConfig_ConsistentHashingLbConfig{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_api_v2_cluster_proto_msgTypes[18]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *Cluster_CommonLbConfig_ConsistentHashingLbConfig) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*Cluster_CommonLbConfig_ConsistentHashingLbConfig) ProtoMessage() {}
+
+func (x *Cluster_CommonLbConfig_ConsistentHashingLbConfig) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_api_v2_cluster_proto_msgTypes[18]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use Cluster_CommonLbConfig_ConsistentHashingLbConfig.ProtoReflect.Descriptor instead.
+func (*Cluster_CommonLbConfig_ConsistentHashingLbConfig) Descriptor() ([]byte, []int) {
+	return file_envoy_api_v2_cluster_proto_rawDescGZIP(), []int{0, 7, 2}
+}
+
+func (x *Cluster_CommonLbConfig_ConsistentHashingLbConfig) GetUseHostnameForHashing() bool {
+	if x != nil {
+		return x.UseHostnameForHashing
+	}
+	return false
+}
+
+type LoadBalancingPolicy_Policy struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// Required. The name of the LB policy.
+	Name string `protobuf:"bytes,1,opt,name=name,proto3" json:"name,omitempty"`
+	// Optional config for the LB policy.
+	// No more than one of these two fields may be populated.
+	//
+	// Deprecated: Do not use.
+	Config      *_struct.Struct `protobuf:"bytes,2,opt,name=config,proto3" json:"config,omitempty"`
+	TypedConfig *any.Any        `protobuf:"bytes,3,opt,name=typed_config,json=typedConfig,proto3" json:"typed_config,omitempty"`
+}
+
+func (x *LoadBalancingPolicy_Policy) Reset() {
+	*x = LoadBalancingPolicy_Policy{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_api_v2_cluster_proto_msgTypes[19]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *LoadBalancingPolicy_Policy) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*LoadBalancingPolicy_Policy) ProtoMessage() {}
+
+func (x *LoadBalancingPolicy_Policy) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_api_v2_cluster_proto_msgTypes[19]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use LoadBalancingPolicy_Policy.ProtoReflect.Descriptor instead.
+func (*LoadBalancingPolicy_Policy) Descriptor() ([]byte, []int) {
+	return file_envoy_api_v2_cluster_proto_rawDescGZIP(), []int{1, 0}
+}
+
+func (x *LoadBalancingPolicy_Policy) GetName() string {
+	if x != nil {
+		return x.Name
+	}
+	return ""
+}
+
+// Deprecated: Do not use.
+func (x *LoadBalancingPolicy_Policy) GetConfig() *_struct.Struct {
+	if x != nil {
+		return x.Config
+	}
+	return nil
+}
+
+func (x *LoadBalancingPolicy_Policy) GetTypedConfig() *any.Any {
+	if x != nil {
+		return x.TypedConfig
+	}
+	return nil
+}
+
+var File_envoy_api_v2_cluster_proto protoreflect.FileDescriptor
+
+var file_envoy_api_v2_cluster_proto_rawDesc = []byte{
+	0x0a, 0x1a, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2f, 0x61, 0x70, 0x69, 0x2f, 0x76, 0x32, 0x2f, 0x63,
+	0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x12, 0x0c, 0x65, 0x6e,
+	0x76, 0x6f, 0x79, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x76, 0x32, 0x1a, 0x1b, 0x65, 0x6e, 0x76, 0x6f,
+	0x79, 0x2f, 0x61, 0x70, 0x69, 0x2f, 0x76, 0x32, 0x2f, 0x61, 0x75, 0x74, 0x68, 0x2f, 0x74, 0x6c,
+	0x73, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x2a, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2f, 0x61,
+	0x70, 0x69, 0x2f, 0x76, 0x32, 0x2f, 0x63, 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0x2f, 0x63, 0x69,
+	0x72, 0x63, 0x75, 0x69, 0x74, 0x5f, 0x62, 0x72, 0x65, 0x61, 0x6b, 0x65, 0x72, 0x2e, 0x70, 0x72,
+	0x6f, 0x74, 0x6f, 0x1a, 0x21, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2f, 0x61, 0x70, 0x69, 0x2f, 0x76,
+	0x32, 0x2f, 0x63, 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0x2f, 0x66, 0x69, 0x6c, 0x74, 0x65, 0x72,
+	0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x2c, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2f, 0x61, 0x70,
+	0x69, 0x2f, 0x76, 0x32, 0x2f, 0x63, 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0x2f, 0x6f, 0x75, 0x74,
+	0x6c, 0x69, 0x65, 0x72, 0x5f, 0x64, 0x65, 0x74, 0x65, 0x63, 0x74, 0x69, 0x6f, 0x6e, 0x2e, 0x70,
+	0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x1f, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2f, 0x61, 0x70, 0x69, 0x2f,
+	0x76, 0x32, 0x2f, 0x63, 0x6f, 0x72, 0x65, 0x2f, 0x61, 0x64, 0x64, 0x72, 0x65, 0x73, 0x73, 0x2e,
+	0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x1c, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2f, 0x61, 0x70, 0x69,
+	0x2f, 0x76, 0x32, 0x2f, 0x63, 0x6f, 0x72, 0x65, 0x2f, 0x62, 0x61, 0x73, 0x65, 0x2e, 0x70, 0x72,
+	0x6f, 0x74, 0x6f, 0x1a, 0x25, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2f, 0x61, 0x70, 0x69, 0x2f, 0x76,
+	0x32, 0x2f, 0x63, 0x6f, 0x72, 0x65, 0x2f, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x5f, 0x73, 0x6f,
+	0x75, 0x72, 0x63, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x24, 0x65, 0x6e, 0x76, 0x6f,
+	0x79, 0x2f, 0x61, 0x70, 0x69, 0x2f, 0x76, 0x32, 0x2f, 0x63, 0x6f, 0x72, 0x65, 0x2f, 0x68, 0x65,
+	0x61, 0x6c, 0x74, 0x68, 0x5f, 0x63, 0x68, 0x65, 0x63, 0x6b, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f,
+	0x1a, 0x20, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2f, 0x61, 0x70, 0x69, 0x2f, 0x76, 0x32, 0x2f, 0x63,
+	0x6f, 0x72, 0x65, 0x2f, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x63, 0x6f, 0x6c, 0x2e, 0x70, 0x72, 0x6f,
+	0x74, 0x6f, 0x1a, 0x1b, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2f, 0x61, 0x70, 0x69, 0x2f, 0x76, 0x32,
+	0x2f, 0x65, 0x6e, 0x64, 0x70, 0x6f, 0x69, 0x6e, 0x74, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a,
+	0x18, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2f, 0x74, 0x79, 0x70, 0x65, 0x2f, 0x70, 0x65, 0x72, 0x63,
+	0x65, 0x6e, 0x74, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x19, 0x67, 0x6f, 0x6f, 0x67, 0x6c,
+	0x65, 0x2f, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2f, 0x61, 0x6e, 0x79, 0x2e, 0x70,
+	0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x1e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2f, 0x70, 0x72, 0x6f,
+	0x74, 0x6f, 0x62, 0x75, 0x66, 0x2f, 0x64, 0x75, 0x72, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x2e, 0x70,
+	0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x1c, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2f, 0x70, 0x72, 0x6f,
+	0x74, 0x6f, 0x62, 0x75, 0x66, 0x2f, 0x73, 0x74, 0x72, 0x75, 0x63, 0x74, 0x2e, 0x70, 0x72, 0x6f,
+	0x74, 0x6f, 0x1a, 0x1e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2f, 0x70, 0x72, 0x6f, 0x74, 0x6f,
+	0x62, 0x75, 0x66, 0x2f, 0x77, 0x72, 0x61, 0x70, 0x70, 0x65, 0x72, 0x73, 0x2e, 0x70, 0x72, 0x6f,
+	0x74, 0x6f, 0x1a, 0x23, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2f, 0x61, 0x6e, 0x6e, 0x6f, 0x74, 0x61,
+	0x74, 0x69, 0x6f, 0x6e, 0x73, 0x2f, 0x64, 0x65, 0x70, 0x72, 0x65, 0x63, 0x61, 0x74, 0x69, 0x6f,
+	0x6e, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x1e, 0x75, 0x64, 0x70, 0x61, 0x2f, 0x61, 0x6e,
+	0x6e, 0x6f, 0x74, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x2f, 0x6d, 0x69, 0x67, 0x72, 0x61, 0x74,
+	0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x1d, 0x75, 0x64, 0x70, 0x61, 0x2f, 0x61, 0x6e,
+	0x6e, 0x6f, 0x74, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x2f, 0x73, 0x74, 0x61, 0x74, 0x75, 0x73,
+	0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x17, 0x76, 0x61, 0x6c, 0x69, 0x64, 0x61, 0x74, 0x65,
+	0x2f, 0x76, 0x61, 0x6c, 0x69, 0x64, 0x61, 0x74, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x22,
+	0xd8, 0x39, 0x0a, 0x07, 0x43, 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0x12, 0x64, 0x0a, 0x18, 0x74,
+	0x72, 0x61, 0x6e, 0x73, 0x70, 0x6f, 0x72, 0x74, 0x5f, 0x73, 0x6f, 0x63, 0x6b, 0x65, 0x74, 0x5f,
+	0x6d, 0x61, 0x74, 0x63, 0x68, 0x65, 0x73, 0x18, 0x2b, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x2a, 0x2e,
+	0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x76, 0x32, 0x2e, 0x43, 0x6c, 0x75,
+	0x73, 0x74, 0x65, 0x72, 0x2e, 0x54, 0x72, 0x61, 0x6e, 0x73, 0x70, 0x6f, 0x72, 0x74, 0x53, 0x6f,
+	0x63, 0x6b, 0x65, 0x74, 0x4d, 0x61, 0x74, 0x63, 0x68, 0x52, 0x16, 0x74, 0x72, 0x61, 0x6e, 0x73,
+	0x70, 0x6f, 0x72, 0x74, 0x53, 0x6f, 0x63, 0x6b, 0x65, 0x74, 0x4d, 0x61, 0x74, 0x63, 0x68, 0x65,
+	0x73, 0x12, 0x1b, 0x0a, 0x04, 0x6e, 0x61, 0x6d, 0x65, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x42,
+	0x07, 0xfa, 0x42, 0x04, 0x72, 0x02, 0x20, 0x01, 0x52, 0x04, 0x6e, 0x61, 0x6d, 0x65, 0x12, 0x22,
+	0x0a, 0x0d, 0x61, 0x6c, 0x74, 0x5f, 0x73, 0x74, 0x61, 0x74, 0x5f, 0x6e, 0x61, 0x6d, 0x65, 0x18,
+	0x1c, 0x20, 0x01, 0x28, 0x09, 0x52, 0x0b, 0x61, 0x6c, 0x74, 0x53, 0x74, 0x61, 0x74, 0x4e, 0x61,
+	0x6d, 0x65, 0x12, 0x43, 0x0a, 0x04, 0x74, 0x79, 0x70, 0x65, 0x18, 0x02, 0x20, 0x01, 0x28, 0x0e,
+	0x32, 0x23, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x76, 0x32, 0x2e,
+	0x43, 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0x2e, 0x44, 0x69, 0x73, 0x63, 0x6f, 0x76, 0x65, 0x72,
+	0x79, 0x54, 0x79, 0x70, 0x65, 0x42, 0x08, 0xfa, 0x42, 0x05, 0x82, 0x01, 0x02, 0x10, 0x01, 0x48,
+	0x00, 0x52, 0x04, 0x74, 0x79, 0x70, 0x65, 0x12, 0x4c, 0x0a, 0x0c, 0x63, 0x6c, 0x75, 0x73, 0x74,
+	0x65, 0x72, 0x5f, 0x74, 0x79, 0x70, 0x65, 0x18, 0x26, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x27, 0x2e,
+	0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x76, 0x32, 0x2e, 0x43, 0x6c, 0x75,
+	0x73, 0x74, 0x65, 0x72, 0x2e, 0x43, 0x75, 0x73, 0x74, 0x6f, 0x6d, 0x43, 0x6c, 0x75, 0x73, 0x74,
+	0x65, 0x72, 0x54, 0x79, 0x70, 0x65, 0x48, 0x00, 0x52, 0x0b, 0x63, 0x6c, 0x75, 0x73, 0x74, 0x65,
+	0x72, 0x54, 0x79, 0x70, 0x65, 0x12, 0x54, 0x0a, 0x12, 0x65, 0x64, 0x73, 0x5f, 0x63, 0x6c, 0x75,
+	0x73, 0x74, 0x65, 0x72, 0x5f, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x18, 0x03, 0x20, 0x01, 0x28,
+	0x0b, 0x32, 0x26, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x76, 0x32,
+	0x2e, 0x43, 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0x2e, 0x45, 0x64, 0x73, 0x43, 0x6c, 0x75, 0x73,
+	0x74, 0x65, 0x72, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x52, 0x10, 0x65, 0x64, 0x73, 0x43, 0x6c,
+	0x75, 0x73, 0x74, 0x65, 0x72, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x12, 0x4c, 0x0a, 0x0f, 0x63,
+	0x6f, 0x6e, 0x6e, 0x65, 0x63, 0x74, 0x5f, 0x74, 0x69, 0x6d, 0x65, 0x6f, 0x75, 0x74, 0x18, 0x04,
+	0x20, 0x01, 0x28, 0x0b, 0x32, 0x19, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72,
+	0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x44, 0x75, 0x72, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x42,
+	0x08, 0xfa, 0x42, 0x05, 0xaa, 0x01, 0x02, 0x2a, 0x00, 0x52, 0x0e, 0x63, 0x6f, 0x6e, 0x6e, 0x65,
+	0x63, 0x74, 0x54, 0x69, 0x6d, 0x65, 0x6f, 0x75, 0x74, 0x12, 0x66, 0x0a, 0x21, 0x70, 0x65, 0x72,
+	0x5f, 0x63, 0x6f, 0x6e, 0x6e, 0x65, 0x63, 0x74, 0x69, 0x6f, 0x6e, 0x5f, 0x62, 0x75, 0x66, 0x66,
+	0x65, 0x72, 0x5f, 0x6c, 0x69, 0x6d, 0x69, 0x74, 0x5f, 0x62, 0x79, 0x74, 0x65, 0x73, 0x18, 0x05,
+	0x20, 0x01, 0x28, 0x0b, 0x32, 0x1c, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72,
+	0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x55, 0x49, 0x6e, 0x74, 0x33, 0x32, 0x56, 0x61, 0x6c,
+	0x75, 0x65, 0x52, 0x1d, 0x70, 0x65, 0x72, 0x43, 0x6f, 0x6e, 0x6e, 0x65, 0x63, 0x74, 0x69, 0x6f,
+	0x6e, 0x42, 0x75, 0x66, 0x66, 0x65, 0x72, 0x4c, 0x69, 0x6d, 0x69, 0x74, 0x42, 0x79, 0x74, 0x65,
+	0x73, 0x12, 0x45, 0x0a, 0x09, 0x6c, 0x62, 0x5f, 0x70, 0x6f, 0x6c, 0x69, 0x63, 0x79, 0x18, 0x06,
+	0x20, 0x01, 0x28, 0x0e, 0x32, 0x1e, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61, 0x70, 0x69,
+	0x2e, 0x76, 0x32, 0x2e, 0x43, 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0x2e, 0x4c, 0x62, 0x50, 0x6f,
+	0x6c, 0x69, 0x63, 0x79, 0x42, 0x08, 0xfa, 0x42, 0x05, 0x82, 0x01, 0x02, 0x10, 0x01, 0x52, 0x08,
+	0x6c, 0x62, 0x50, 0x6f, 0x6c, 0x69, 0x63, 0x79, 0x12, 0x34, 0x0a, 0x05, 0x68, 0x6f, 0x73, 0x74,
+	0x73, 0x18, 0x07, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x1a, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e,
+	0x61, 0x70, 0x69, 0x2e, 0x76, 0x32, 0x2e, 0x63, 0x6f, 0x72, 0x65, 0x2e, 0x41, 0x64, 0x64, 0x72,
+	0x65, 0x73, 0x73, 0x42, 0x02, 0x18, 0x01, 0x52, 0x05, 0x68, 0x6f, 0x73, 0x74, 0x73, 0x12, 0x4c,
+	0x0a, 0x0f, 0x6c, 0x6f, 0x61, 0x64, 0x5f, 0x61, 0x73, 0x73, 0x69, 0x67, 0x6e, 0x6d, 0x65, 0x6e,
+	0x74, 0x18, 0x21, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x23, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e,
+	0x61, 0x70, 0x69, 0x2e, 0x76, 0x32, 0x2e, 0x43, 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0x4c, 0x6f,
+	0x61, 0x64, 0x41, 0x73, 0x73, 0x69, 0x67, 0x6e, 0x6d, 0x65, 0x6e, 0x74, 0x52, 0x0e, 0x6c, 0x6f,
+	0x61, 0x64, 0x41, 0x73, 0x73, 0x69, 0x67, 0x6e, 0x6d, 0x65, 0x6e, 0x74, 0x12, 0x43, 0x0a, 0x0d,
+	0x68, 0x65, 0x61, 0x6c, 0x74, 0x68, 0x5f, 0x63, 0x68, 0x65, 0x63, 0x6b, 0x73, 0x18, 0x08, 0x20,
+	0x03, 0x28, 0x0b, 0x32, 0x1e, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61, 0x70, 0x69, 0x2e,
+	0x76, 0x32, 0x2e, 0x63, 0x6f, 0x72, 0x65, 0x2e, 0x48, 0x65, 0x61, 0x6c, 0x74, 0x68, 0x43, 0x68,
+	0x65, 0x63, 0x6b, 0x52, 0x0c, 0x68, 0x65, 0x61, 0x6c, 0x74, 0x68, 0x43, 0x68, 0x65, 0x63, 0x6b,
+	0x73, 0x12, 0x5b, 0x0a, 0x1b, 0x6d, 0x61, 0x78, 0x5f, 0x72, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74,
+	0x73, 0x5f, 0x70, 0x65, 0x72, 0x5f, 0x63, 0x6f, 0x6e, 0x6e, 0x65, 0x63, 0x74, 0x69, 0x6f, 0x6e,
+	0x18, 0x09, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1c, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e,
+	0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x55, 0x49, 0x6e, 0x74, 0x33, 0x32, 0x56,
+	0x61, 0x6c, 0x75, 0x65, 0x52, 0x18, 0x6d, 0x61, 0x78, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74,
+	0x73, 0x50, 0x65, 0x72, 0x43, 0x6f, 0x6e, 0x6e, 0x65, 0x63, 0x74, 0x69, 0x6f, 0x6e, 0x12, 0x50,
+	0x0a, 0x10, 0x63, 0x69, 0x72, 0x63, 0x75, 0x69, 0x74, 0x5f, 0x62, 0x72, 0x65, 0x61, 0x6b, 0x65,
+	0x72, 0x73, 0x18, 0x0a, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x25, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79,
+	0x2e, 0x61, 0x70, 0x69, 0x2e, 0x76, 0x32, 0x2e, 0x63, 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0x2e,
+	0x43, 0x69, 0x72, 0x63, 0x75, 0x69, 0x74, 0x42, 0x72, 0x65, 0x61, 0x6b, 0x65, 0x72, 0x73, 0x52,
+	0x0f, 0x63, 0x69, 0x72, 0x63, 0x75, 0x69, 0x74, 0x42, 0x72, 0x65, 0x61, 0x6b, 0x65, 0x72, 0x73,
+	0x12, 0x50, 0x0a, 0x0b, 0x74, 0x6c, 0x73, 0x5f, 0x63, 0x6f, 0x6e, 0x74, 0x65, 0x78, 0x74, 0x18,
+	0x0b, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x25, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61, 0x70,
+	0x69, 0x2e, 0x76, 0x32, 0x2e, 0x61, 0x75, 0x74, 0x68, 0x2e, 0x55, 0x70, 0x73, 0x74, 0x72, 0x65,
+	0x61, 0x6d, 0x54, 0x6c, 0x73, 0x43, 0x6f, 0x6e, 0x74, 0x65, 0x78, 0x74, 0x42, 0x08, 0x18, 0x01,
+	0xb8, 0xee, 0xf2, 0xd2, 0x05, 0x01, 0x52, 0x0a, 0x74, 0x6c, 0x73, 0x43, 0x6f, 0x6e, 0x74, 0x65,
+	0x78, 0x74, 0x12, 0x73, 0x0a, 0x1e, 0x75, 0x70, 0x73, 0x74, 0x72, 0x65, 0x61, 0x6d, 0x5f, 0x68,
+	0x74, 0x74, 0x70, 0x5f, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x63, 0x6f, 0x6c, 0x5f, 0x6f, 0x70, 0x74,
+	0x69, 0x6f, 0x6e, 0x73, 0x18, 0x2e, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x2e, 0x2e, 0x65, 0x6e, 0x76,
+	0x6f, 0x79, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x76, 0x32, 0x2e, 0x63, 0x6f, 0x72, 0x65, 0x2e, 0x55,
+	0x70, 0x73, 0x74, 0x72, 0x65, 0x61, 0x6d, 0x48, 0x74, 0x74, 0x70, 0x50, 0x72, 0x6f, 0x74, 0x6f,
+	0x63, 0x6f, 0x6c, 0x4f, 0x70, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x52, 0x1b, 0x75, 0x70, 0x73, 0x74,
+	0x72, 0x65, 0x61, 0x6d, 0x48, 0x74, 0x74, 0x70, 0x50, 0x72, 0x6f, 0x74, 0x6f, 0x63, 0x6f, 0x6c,
+	0x4f, 0x70, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x12, 0x67, 0x0a, 0x1c, 0x63, 0x6f, 0x6d, 0x6d, 0x6f,
+	0x6e, 0x5f, 0x68, 0x74, 0x74, 0x70, 0x5f, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x63, 0x6f, 0x6c, 0x5f,
+	0x6f, 0x70, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x18, 0x1d, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x26, 0x2e,
+	0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x76, 0x32, 0x2e, 0x63, 0x6f, 0x72,
+	0x65, 0x2e, 0x48, 0x74, 0x74, 0x70, 0x50, 0x72, 0x6f, 0x74, 0x6f, 0x63, 0x6f, 0x6c, 0x4f, 0x70,
+	0x74, 0x69, 0x6f, 0x6e, 0x73, 0x52, 0x19, 0x63, 0x6f, 0x6d, 0x6d, 0x6f, 0x6e, 0x48, 0x74, 0x74,
+	0x70, 0x50, 0x72, 0x6f, 0x74, 0x6f, 0x63, 0x6f, 0x6c, 0x4f, 0x70, 0x74, 0x69, 0x6f, 0x6e, 0x73,
+	0x12, 0x5b, 0x0a, 0x15, 0x68, 0x74, 0x74, 0x70, 0x5f, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x63, 0x6f,
+	0x6c, 0x5f, 0x6f, 0x70, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x18, 0x0d, 0x20, 0x01, 0x28, 0x0b, 0x32,
+	0x27, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x76, 0x32, 0x2e, 0x63,
+	0x6f, 0x72, 0x65, 0x2e, 0x48, 0x74, 0x74, 0x70, 0x31, 0x50, 0x72, 0x6f, 0x74, 0x6f, 0x63, 0x6f,
+	0x6c, 0x4f, 0x70, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x52, 0x13, 0x68, 0x74, 0x74, 0x70, 0x50, 0x72,
+	0x6f, 0x74, 0x6f, 0x63, 0x6f, 0x6c, 0x4f, 0x70, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x12, 0x5d, 0x0a,
+	0x16, 0x68, 0x74, 0x74, 0x70, 0x32, 0x5f, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x63, 0x6f, 0x6c, 0x5f,
+	0x6f, 0x70, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x18, 0x0e, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x27, 0x2e,
+	0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x76, 0x32, 0x2e, 0x63, 0x6f, 0x72,
+	0x65, 0x2e, 0x48, 0x74, 0x74, 0x70, 0x32, 0x50, 0x72, 0x6f, 0x74, 0x6f, 0x63, 0x6f, 0x6c, 0x4f,
+	0x70, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x52, 0x14, 0x68, 0x74, 0x74, 0x70, 0x32, 0x50, 0x72, 0x6f,
+	0x74, 0x6f, 0x63, 0x6f, 0x6c, 0x4f, 0x70, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x12, 0x7b, 0x0a, 0x1a,
+	0x65, 0x78, 0x74, 0x65, 0x6e, 0x73, 0x69, 0x6f, 0x6e, 0x5f, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x63,
+	0x6f, 0x6c, 0x5f, 0x6f, 0x70, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x18, 0x23, 0x20, 0x03, 0x28, 0x0b,
+	0x32, 0x33, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x76, 0x32, 0x2e,
+	0x43, 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0x2e, 0x45, 0x78, 0x74, 0x65, 0x6e, 0x73, 0x69, 0x6f,
+	0x6e, 0x50, 0x72, 0x6f, 0x74, 0x6f, 0x63, 0x6f, 0x6c, 0x4f, 0x70, 0x74, 0x69, 0x6f, 0x6e, 0x73,
+	0x45, 0x6e, 0x74, 0x72, 0x79, 0x42, 0x08, 0x18, 0x01, 0xb8, 0xee, 0xf2, 0xd2, 0x05, 0x01, 0x52,
+	0x18, 0x65, 0x78, 0x74, 0x65, 0x6e, 0x73, 0x69, 0x6f, 0x6e, 0x50, 0x72, 0x6f, 0x74, 0x6f, 0x63,
+	0x6f, 0x6c, 0x4f, 0x70, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x12, 0x81, 0x01, 0x0a, 0x20, 0x74, 0x79,
+	0x70, 0x65, 0x64, 0x5f, 0x65, 0x78, 0x74, 0x65, 0x6e, 0x73, 0x69, 0x6f, 0x6e, 0x5f, 0x70, 0x72,
+	0x6f, 0x74, 0x6f, 0x63, 0x6f, 0x6c, 0x5f, 0x6f, 0x70, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x18, 0x24,
+	0x20, 0x03, 0x28, 0x0b, 0x32, 0x38, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61, 0x70, 0x69,
+	0x2e, 0x76, 0x32, 0x2e, 0x43, 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0x2e, 0x54, 0x79, 0x70, 0x65,
+	0x64, 0x45, 0x78, 0x74, 0x65, 0x6e, 0x73, 0x69, 0x6f, 0x6e, 0x50, 0x72, 0x6f, 0x74, 0x6f, 0x63,
+	0x6f, 0x6c, 0x4f, 0x70, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x45, 0x6e, 0x74, 0x72, 0x79, 0x52, 0x1d,
+	0x74, 0x79, 0x70, 0x65, 0x64, 0x45, 0x78, 0x74, 0x65, 0x6e, 0x73, 0x69, 0x6f, 0x6e, 0x50, 0x72,
+	0x6f, 0x74, 0x6f, 0x63, 0x6f, 0x6c, 0x4f, 0x70, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x12, 0x51, 0x0a,
+	0x10, 0x64, 0x6e, 0x73, 0x5f, 0x72, 0x65, 0x66, 0x72, 0x65, 0x73, 0x68, 0x5f, 0x72, 0x61, 0x74,
+	0x65, 0x18, 0x10, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x19, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65,
+	0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x44, 0x75, 0x72, 0x61, 0x74, 0x69,
+	0x6f, 0x6e, 0x42, 0x0c, 0xfa, 0x42, 0x09, 0xaa, 0x01, 0x06, 0x2a, 0x04, 0x10, 0xc0, 0x84, 0x3d,
+	0x52, 0x0e, 0x64, 0x6e, 0x73, 0x52, 0x65, 0x66, 0x72, 0x65, 0x73, 0x68, 0x52, 0x61, 0x74, 0x65,
+	0x12, 0x5a, 0x0a, 0x18, 0x64, 0x6e, 0x73, 0x5f, 0x66, 0x61, 0x69, 0x6c, 0x75, 0x72, 0x65, 0x5f,
+	0x72, 0x65, 0x66, 0x72, 0x65, 0x73, 0x68, 0x5f, 0x72, 0x61, 0x74, 0x65, 0x18, 0x2c, 0x20, 0x01,
+	0x28, 0x0b, 0x32, 0x21, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x76,
+	0x32, 0x2e, 0x43, 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0x2e, 0x52, 0x65, 0x66, 0x72, 0x65, 0x73,
+	0x68, 0x52, 0x61, 0x74, 0x65, 0x52, 0x15, 0x64, 0x6e, 0x73, 0x46, 0x61, 0x69, 0x6c, 0x75, 0x72,
+	0x65, 0x52, 0x65, 0x66, 0x72, 0x65, 0x73, 0x68, 0x52, 0x61, 0x74, 0x65, 0x12, 0x26, 0x0a, 0x0f,
+	0x72, 0x65, 0x73, 0x70, 0x65, 0x63, 0x74, 0x5f, 0x64, 0x6e, 0x73, 0x5f, 0x74, 0x74, 0x6c, 0x18,
+	0x27, 0x20, 0x01, 0x28, 0x08, 0x52, 0x0d, 0x72, 0x65, 0x73, 0x70, 0x65, 0x63, 0x74, 0x44, 0x6e,
+	0x73, 0x54, 0x74, 0x6c, 0x12, 0x5b, 0x0a, 0x11, 0x64, 0x6e, 0x73, 0x5f, 0x6c, 0x6f, 0x6f, 0x6b,
+	0x75, 0x70, 0x5f, 0x66, 0x61, 0x6d, 0x69, 0x6c, 0x79, 0x18, 0x11, 0x20, 0x01, 0x28, 0x0e, 0x32,
+	0x25, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x76, 0x32, 0x2e, 0x43,
+	0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0x2e, 0x44, 0x6e, 0x73, 0x4c, 0x6f, 0x6f, 0x6b, 0x75, 0x70,
+	0x46, 0x61, 0x6d, 0x69, 0x6c, 0x79, 0x42, 0x08, 0xfa, 0x42, 0x05, 0x82, 0x01, 0x02, 0x10, 0x01,
+	0x52, 0x0f, 0x64, 0x6e, 0x73, 0x4c, 0x6f, 0x6f, 0x6b, 0x75, 0x70, 0x46, 0x61, 0x6d, 0x69, 0x6c,
+	0x79, 0x12, 0x3f, 0x0a, 0x0d, 0x64, 0x6e, 0x73, 0x5f, 0x72, 0x65, 0x73, 0x6f, 0x6c, 0x76, 0x65,
+	0x72, 0x73, 0x18, 0x12, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x1a, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79,
+	0x2e, 0x61, 0x70, 0x69, 0x2e, 0x76, 0x32, 0x2e, 0x63, 0x6f, 0x72, 0x65, 0x2e, 0x41, 0x64, 0x64,
+	0x72, 0x65, 0x73, 0x73, 0x52, 0x0c, 0x64, 0x6e, 0x73, 0x52, 0x65, 0x73, 0x6f, 0x6c, 0x76, 0x65,
+	0x72, 0x73, 0x12, 0x34, 0x0a, 0x17, 0x75, 0x73, 0x65, 0x5f, 0x74, 0x63, 0x70, 0x5f, 0x66, 0x6f,
+	0x72, 0x5f, 0x64, 0x6e, 0x73, 0x5f, 0x6c, 0x6f, 0x6f, 0x6b, 0x75, 0x70, 0x73, 0x18, 0x2d, 0x20,
+	0x01, 0x28, 0x08, 0x52, 0x13, 0x75, 0x73, 0x65, 0x54, 0x63, 0x70, 0x46, 0x6f, 0x72, 0x44, 0x6e,
+	0x73, 0x4c, 0x6f, 0x6f, 0x6b, 0x75, 0x70, 0x73, 0x12, 0x53, 0x0a, 0x11, 0x6f, 0x75, 0x74, 0x6c,
+	0x69, 0x65, 0x72, 0x5f, 0x64, 0x65, 0x74, 0x65, 0x63, 0x74, 0x69, 0x6f, 0x6e, 0x18, 0x13, 0x20,
+	0x01, 0x28, 0x0b, 0x32, 0x26, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61, 0x70, 0x69, 0x2e,
+	0x76, 0x32, 0x2e, 0x63, 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0x2e, 0x4f, 0x75, 0x74, 0x6c, 0x69,
+	0x65, 0x72, 0x44, 0x65, 0x74, 0x65, 0x63, 0x74, 0x69, 0x6f, 0x6e, 0x52, 0x10, 0x6f, 0x75, 0x74,
+	0x6c, 0x69, 0x65, 0x72, 0x44, 0x65, 0x74, 0x65, 0x63, 0x74, 0x69, 0x6f, 0x6e, 0x12, 0x4e, 0x0a,
+	0x10, 0x63, 0x6c, 0x65, 0x61, 0x6e, 0x75, 0x70, 0x5f, 0x69, 0x6e, 0x74, 0x65, 0x72, 0x76, 0x61,
+	0x6c, 0x18, 0x14, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x19, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65,
+	0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x44, 0x75, 0x72, 0x61, 0x74, 0x69,
+	0x6f, 0x6e, 0x42, 0x08, 0xfa, 0x42, 0x05, 0xaa, 0x01, 0x02, 0x2a, 0x00, 0x52, 0x0f, 0x63, 0x6c,
+	0x65, 0x61, 0x6e, 0x75, 0x70, 0x49, 0x6e, 0x74, 0x65, 0x72, 0x76, 0x61, 0x6c, 0x12, 0x4f, 0x0a,
+	0x14, 0x75, 0x70, 0x73, 0x74, 0x72, 0x65, 0x61, 0x6d, 0x5f, 0x62, 0x69, 0x6e, 0x64, 0x5f, 0x63,
+	0x6f, 0x6e, 0x66, 0x69, 0x67, 0x18, 0x15, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1d, 0x2e, 0x65, 0x6e,
+	0x76, 0x6f, 0x79, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x76, 0x32, 0x2e, 0x63, 0x6f, 0x72, 0x65, 0x2e,
+	0x42, 0x69, 0x6e, 0x64, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x52, 0x12, 0x75, 0x70, 0x73, 0x74,
+	0x72, 0x65, 0x61, 0x6d, 0x42, 0x69, 0x6e, 0x64, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x12, 0x4e,
+	0x0a, 0x10, 0x6c, 0x62, 0x5f, 0x73, 0x75, 0x62, 0x73, 0x65, 0x74, 0x5f, 0x63, 0x6f, 0x6e, 0x66,
+	0x69, 0x67, 0x18, 0x16, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x24, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79,
+	0x2e, 0x61, 0x70, 0x69, 0x2e, 0x76, 0x32, 0x2e, 0x43, 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0x2e,
+	0x4c, 0x62, 0x53, 0x75, 0x62, 0x73, 0x65, 0x74, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x52, 0x0e,
+	0x6c, 0x62, 0x53, 0x75, 0x62, 0x73, 0x65, 0x74, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x12, 0x57,
+	0x0a, 0x13, 0x72, 0x69, 0x6e, 0x67, 0x5f, 0x68, 0x61, 0x73, 0x68, 0x5f, 0x6c, 0x62, 0x5f, 0x63,
+	0x6f, 0x6e, 0x66, 0x69, 0x67, 0x18, 0x17, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x26, 0x2e, 0x65, 0x6e,
+	0x76, 0x6f, 0x79, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x76, 0x32, 0x2e, 0x43, 0x6c, 0x75, 0x73, 0x74,
+	0x65, 0x72, 0x2e, 0x52, 0x69, 0x6e, 0x67, 0x48, 0x61, 0x73, 0x68, 0x4c, 0x62, 0x43, 0x6f, 0x6e,
+	0x66, 0x69, 0x67, 0x48, 0x01, 0x52, 0x10, 0x72, 0x69, 0x6e, 0x67, 0x48, 0x61, 0x73, 0x68, 0x4c,
+	0x62, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x12, 0x60, 0x0a, 0x16, 0x6f, 0x72, 0x69, 0x67, 0x69,
+	0x6e, 0x61, 0x6c, 0x5f, 0x64, 0x73, 0x74, 0x5f, 0x6c, 0x62, 0x5f, 0x63, 0x6f, 0x6e, 0x66, 0x69,
+	0x67, 0x18, 0x22, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x29, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e,
+	0x61, 0x70, 0x69, 0x2e, 0x76, 0x32, 0x2e, 0x43, 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0x2e, 0x4f,
+	0x72, 0x69, 0x67, 0x69, 0x6e, 0x61, 0x6c, 0x44, 0x73, 0x74, 0x4c, 0x62, 0x43, 0x6f, 0x6e, 0x66,
+	0x69, 0x67, 0x48, 0x01, 0x52, 0x13, 0x6f, 0x72, 0x69, 0x67, 0x69, 0x6e, 0x61, 0x6c, 0x44, 0x73,
+	0x74, 0x4c, 0x62, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x12, 0x63, 0x0a, 0x17, 0x6c, 0x65, 0x61,
+	0x73, 0x74, 0x5f, 0x72, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x5f, 0x6c, 0x62, 0x5f, 0x63, 0x6f,
+	0x6e, 0x66, 0x69, 0x67, 0x18, 0x25, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x2a, 0x2e, 0x65, 0x6e, 0x76,
+	0x6f, 0x79, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x76, 0x32, 0x2e, 0x43, 0x6c, 0x75, 0x73, 0x74, 0x65,
+	0x72, 0x2e, 0x4c, 0x65, 0x61, 0x73, 0x74, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x4c, 0x62,
+	0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x48, 0x01, 0x52, 0x14, 0x6c, 0x65, 0x61, 0x73, 0x74, 0x52,
+	0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x4c, 0x62, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x12, 0x4e,
+	0x0a, 0x10, 0x63, 0x6f, 0x6d, 0x6d, 0x6f, 0x6e, 0x5f, 0x6c, 0x62, 0x5f, 0x63, 0x6f, 0x6e, 0x66,
+	0x69, 0x67, 0x18, 0x1b, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x24, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79,
+	0x2e, 0x61, 0x70, 0x69, 0x2e, 0x76, 0x32, 0x2e, 0x43, 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0x2e,
+	0x43, 0x6f, 0x6d, 0x6d, 0x6f, 0x6e, 0x4c, 0x62, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x52, 0x0e,
+	0x63, 0x6f, 0x6d, 0x6d, 0x6f, 0x6e, 0x4c, 0x62, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x12, 0x4d,
+	0x0a, 0x10, 0x74, 0x72, 0x61, 0x6e, 0x73, 0x70, 0x6f, 0x72, 0x74, 0x5f, 0x73, 0x6f, 0x63, 0x6b,
+	0x65, 0x74, 0x18, 0x18, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x22, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79,
+	0x2e, 0x61, 0x70, 0x69, 0x2e, 0x76, 0x32, 0x2e, 0x63, 0x6f, 0x72, 0x65, 0x2e, 0x54, 0x72, 0x61,
+	0x6e, 0x73, 0x70, 0x6f, 0x72, 0x74, 0x53, 0x6f, 0x63, 0x6b, 0x65, 0x74, 0x52, 0x0f, 0x74, 0x72,
+	0x61, 0x6e, 0x73, 0x70, 0x6f, 0x72, 0x74, 0x53, 0x6f, 0x63, 0x6b, 0x65, 0x74, 0x12, 0x37, 0x0a,
+	0x08, 0x6d, 0x65, 0x74, 0x61, 0x64, 0x61, 0x74, 0x61, 0x18, 0x19, 0x20, 0x01, 0x28, 0x0b, 0x32,
+	0x1b, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x76, 0x32, 0x2e, 0x63,
+	0x6f, 0x72, 0x65, 0x2e, 0x4d, 0x65, 0x74, 0x61, 0x64, 0x61, 0x74, 0x61, 0x52, 0x08, 0x6d, 0x65,
+	0x74, 0x61, 0x64, 0x61, 0x74, 0x61, 0x12, 0x5d, 0x0a, 0x12, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x63,
+	0x6f, 0x6c, 0x5f, 0x73, 0x65, 0x6c, 0x65, 0x63, 0x74, 0x69, 0x6f, 0x6e, 0x18, 0x1a, 0x20, 0x01,
+	0x28, 0x0e, 0x32, 0x2e, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x76,
+	0x32, 0x2e, 0x43, 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0x2e, 0x43, 0x6c, 0x75, 0x73, 0x74, 0x65,
+	0x72, 0x50, 0x72, 0x6f, 0x74, 0x6f, 0x63, 0x6f, 0x6c, 0x53, 0x65, 0x6c, 0x65, 0x63, 0x74, 0x69,
+	0x6f, 0x6e, 0x52, 0x11, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x63, 0x6f, 0x6c, 0x53, 0x65, 0x6c, 0x65,
+	0x63, 0x74, 0x69, 0x6f, 0x6e, 0x12, 0x67, 0x0a, 0x1b, 0x75, 0x70, 0x73, 0x74, 0x72, 0x65, 0x61,
+	0x6d, 0x5f, 0x63, 0x6f, 0x6e, 0x6e, 0x65, 0x63, 0x74, 0x69, 0x6f, 0x6e, 0x5f, 0x6f, 0x70, 0x74,
+	0x69, 0x6f, 0x6e, 0x73, 0x18, 0x1e, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x27, 0x2e, 0x65, 0x6e, 0x76,
+	0x6f, 0x79, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x76, 0x32, 0x2e, 0x55, 0x70, 0x73, 0x74, 0x72, 0x65,
+	0x61, 0x6d, 0x43, 0x6f, 0x6e, 0x6e, 0x65, 0x63, 0x74, 0x69, 0x6f, 0x6e, 0x4f, 0x70, 0x74, 0x69,
+	0x6f, 0x6e, 0x73, 0x52, 0x19, 0x75, 0x70, 0x73, 0x74, 0x72, 0x65, 0x61, 0x6d, 0x43, 0x6f, 0x6e,
+	0x6e, 0x65, 0x63, 0x74, 0x69, 0x6f, 0x6e, 0x4f, 0x70, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x12, 0x55,
+	0x0a, 0x28, 0x63, 0x6c, 0x6f, 0x73, 0x65, 0x5f, 0x63, 0x6f, 0x6e, 0x6e, 0x65, 0x63, 0x74, 0x69,
+	0x6f, 0x6e, 0x73, 0x5f, 0x6f, 0x6e, 0x5f, 0x68, 0x6f, 0x73, 0x74, 0x5f, 0x68, 0x65, 0x61, 0x6c,
+	0x74, 0x68, 0x5f, 0x66, 0x61, 0x69, 0x6c, 0x75, 0x72, 0x65, 0x18, 0x1f, 0x20, 0x01, 0x28, 0x08,
+	0x52, 0x23, 0x63, 0x6c, 0x6f, 0x73, 0x65, 0x43, 0x6f, 0x6e, 0x6e, 0x65, 0x63, 0x74, 0x69, 0x6f,
+	0x6e, 0x73, 0x4f, 0x6e, 0x48, 0x6f, 0x73, 0x74, 0x48, 0x65, 0x61, 0x6c, 0x74, 0x68, 0x46, 0x61,
+	0x69, 0x6c, 0x75, 0x72, 0x65, 0x12, 0x6f, 0x0a, 0x21, 0x64, 0x72, 0x61, 0x69, 0x6e, 0x5f, 0x63,
+	0x6f, 0x6e, 0x6e, 0x65, 0x63, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x5f, 0x6f, 0x6e, 0x5f, 0x68, 0x6f,
+	0x73, 0x74, 0x5f, 0x72, 0x65, 0x6d, 0x6f, 0x76, 0x61, 0x6c, 0x18, 0x20, 0x20, 0x01, 0x28, 0x08,
+	0x42, 0x25, 0xf2, 0x98, 0xfe, 0x8f, 0x05, 0x1f, 0x0a, 0x1d, 0x69, 0x67, 0x6e, 0x6f, 0x72, 0x65,
+	0x5f, 0x68, 0x65, 0x61, 0x6c, 0x74, 0x68, 0x5f, 0x6f, 0x6e, 0x5f, 0x68, 0x6f, 0x73, 0x74, 0x5f,
+	0x72, 0x65, 0x6d, 0x6f, 0x76, 0x61, 0x6c, 0x52, 0x1d, 0x64, 0x72, 0x61, 0x69, 0x6e, 0x43, 0x6f,
+	0x6e, 0x6e, 0x65, 0x63, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x4f, 0x6e, 0x48, 0x6f, 0x73, 0x74, 0x52,
+	0x65, 0x6d, 0x6f, 0x76, 0x61, 0x6c, 0x12, 0x36, 0x0a, 0x07, 0x66, 0x69, 0x6c, 0x74, 0x65, 0x72,
+	0x73, 0x18, 0x28, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x1c, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e,
+	0x61, 0x70, 0x69, 0x2e, 0x76, 0x32, 0x2e, 0x63, 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0x2e, 0x46,
+	0x69, 0x6c, 0x74, 0x65, 0x72, 0x52, 0x07, 0x66, 0x69, 0x6c, 0x74, 0x65, 0x72, 0x73, 0x12, 0x55,
+	0x0a, 0x15, 0x6c, 0x6f, 0x61, 0x64, 0x5f, 0x62, 0x61, 0x6c, 0x61, 0x6e, 0x63, 0x69, 0x6e, 0x67,
+	0x5f, 0x70, 0x6f, 0x6c, 0x69, 0x63, 0x79, 0x18, 0x29, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x21, 0x2e,
+	0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x76, 0x32, 0x2e, 0x4c, 0x6f, 0x61,
+	0x64, 0x42, 0x61, 0x6c, 0x61, 0x6e, 0x63, 0x69, 0x6e, 0x67, 0x50, 0x6f, 0x6c, 0x69, 0x63, 0x79,
+	0x52, 0x13, 0x6c, 0x6f, 0x61, 0x64, 0x42, 0x61, 0x6c, 0x61, 0x6e, 0x63, 0x69, 0x6e, 0x67, 0x50,
+	0x6f, 0x6c, 0x69, 0x63, 0x79, 0x12, 0x3e, 0x0a, 0x0a, 0x6c, 0x72, 0x73, 0x5f, 0x73, 0x65, 0x72,
+	0x76, 0x65, 0x72, 0x18, 0x2a, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1f, 0x2e, 0x65, 0x6e, 0x76, 0x6f,
+	0x79, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x76, 0x32, 0x2e, 0x63, 0x6f, 0x72, 0x65, 0x2e, 0x43, 0x6f,
+	0x6e, 0x66, 0x69, 0x67, 0x53, 0x6f, 0x75, 0x72, 0x63, 0x65, 0x52, 0x09, 0x6c, 0x72, 0x73, 0x53,
+	0x65, 0x72, 0x76, 0x65, 0x72, 0x12, 0x32, 0x0a, 0x15, 0x74, 0x72, 0x61, 0x63, 0x6b, 0x5f, 0x74,
+	0x69, 0x6d, 0x65, 0x6f, 0x75, 0x74, 0x5f, 0x62, 0x75, 0x64, 0x67, 0x65, 0x74, 0x73, 0x18, 0x2f,
+	0x20, 0x01, 0x28, 0x08, 0x52, 0x13, 0x74, 0x72, 0x61, 0x63, 0x6b, 0x54, 0x69, 0x6d, 0x65, 0x6f,
+	0x75, 0x74, 0x42, 0x75, 0x64, 0x67, 0x65, 0x74, 0x73, 0x1a, 0xb1, 0x01, 0x0a, 0x14, 0x54, 0x72,
+	0x61, 0x6e, 0x73, 0x70, 0x6f, 0x72, 0x74, 0x53, 0x6f, 0x63, 0x6b, 0x65, 0x74, 0x4d, 0x61, 0x74,
+	0x63, 0x68, 0x12, 0x1b, 0x0a, 0x04, 0x6e, 0x61, 0x6d, 0x65, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09,
+	0x42, 0x07, 0xfa, 0x42, 0x04, 0x72, 0x02, 0x10, 0x01, 0x52, 0x04, 0x6e, 0x61, 0x6d, 0x65, 0x12,
+	0x2d, 0x0a, 0x05, 0x6d, 0x61, 0x74, 0x63, 0x68, 0x18, 0x02, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x17,
+	0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66,
+	0x2e, 0x53, 0x74, 0x72, 0x75, 0x63, 0x74, 0x52, 0x05, 0x6d, 0x61, 0x74, 0x63, 0x68, 0x12, 0x4d,
+	0x0a, 0x10, 0x74, 0x72, 0x61, 0x6e, 0x73, 0x70, 0x6f, 0x72, 0x74, 0x5f, 0x73, 0x6f, 0x63, 0x6b,
+	0x65, 0x74, 0x18, 0x03, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x22, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79,
+	0x2e, 0x61, 0x70, 0x69, 0x2e, 0x76, 0x32, 0x2e, 0x63, 0x6f, 0x72, 0x65, 0x2e, 0x54, 0x72, 0x61,
+	0x6e, 0x73, 0x70, 0x6f, 0x72, 0x74, 0x53, 0x6f, 0x63, 0x6b, 0x65, 0x74, 0x52, 0x0f, 0x74, 0x72,
+	0x61, 0x6e, 0x73, 0x70, 0x6f, 0x72, 0x74, 0x53, 0x6f, 0x63, 0x6b, 0x65, 0x74, 0x1a, 0x69, 0x0a,
+	0x11, 0x43, 0x75, 0x73, 0x74, 0x6f, 0x6d, 0x43, 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0x54, 0x79,
+	0x70, 0x65, 0x12, 0x1b, 0x0a, 0x04, 0x6e, 0x61, 0x6d, 0x65, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09,
+	0x42, 0x07, 0xfa, 0x42, 0x04, 0x72, 0x02, 0x20, 0x01, 0x52, 0x04, 0x6e, 0x61, 0x6d, 0x65, 0x12,
+	0x37, 0x0a, 0x0c, 0x74, 0x79, 0x70, 0x65, 0x64, 0x5f, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x18,
+	0x02, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x14, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70,
+	0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x41, 0x6e, 0x79, 0x52, 0x0b, 0x74, 0x79, 0x70,
+	0x65, 0x64, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x1a, 0x75, 0x0a, 0x10, 0x45, 0x64, 0x73, 0x43,
+	0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x12, 0x3e, 0x0a, 0x0a,
+	0x65, 0x64, 0x73, 0x5f, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x18, 0x01, 0x20, 0x01, 0x28, 0x0b,
+	0x32, 0x1f, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x76, 0x32, 0x2e,
+	0x63, 0x6f, 0x72, 0x65, 0x2e, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x53, 0x6f, 0x75, 0x72, 0x63,
+	0x65, 0x52, 0x09, 0x65, 0x64, 0x73, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x12, 0x21, 0x0a, 0x0c,
+	0x73, 0x65, 0x72, 0x76, 0x69, 0x63, 0x65, 0x5f, 0x6e, 0x61, 0x6d, 0x65, 0x18, 0x02, 0x20, 0x01,
+	0x28, 0x09, 0x52, 0x0b, 0x73, 0x65, 0x72, 0x76, 0x69, 0x63, 0x65, 0x4e, 0x61, 0x6d, 0x65, 0x1a,
+	0x81, 0x07, 0x0a, 0x0e, 0x4c, 0x62, 0x53, 0x75, 0x62, 0x73, 0x65, 0x74, 0x43, 0x6f, 0x6e, 0x66,
+	0x69, 0x67, 0x12, 0x6e, 0x0a, 0x0f, 0x66, 0x61, 0x6c, 0x6c, 0x62, 0x61, 0x63, 0x6b, 0x5f, 0x70,
+	0x6f, 0x6c, 0x69, 0x63, 0x79, 0x18, 0x01, 0x20, 0x01, 0x28, 0x0e, 0x32, 0x3b, 0x2e, 0x65, 0x6e,
+	0x76, 0x6f, 0x79, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x76, 0x32, 0x2e, 0x43, 0x6c, 0x75, 0x73, 0x74,
+	0x65, 0x72, 0x2e, 0x4c, 0x62, 0x53, 0x75, 0x62, 0x73, 0x65, 0x74, 0x43, 0x6f, 0x6e, 0x66, 0x69,
+	0x67, 0x2e, 0x4c, 0x62, 0x53, 0x75, 0x62, 0x73, 0x65, 0x74, 0x46, 0x61, 0x6c, 0x6c, 0x62, 0x61,
+	0x63, 0x6b, 0x50, 0x6f, 0x6c, 0x69, 0x63, 0x79, 0x42, 0x08, 0xfa, 0x42, 0x05, 0x82, 0x01, 0x02,
+	0x10, 0x01, 0x52, 0x0e, 0x66, 0x61, 0x6c, 0x6c, 0x62, 0x61, 0x63, 0x6b, 0x50, 0x6f, 0x6c, 0x69,
+	0x63, 0x79, 0x12, 0x3e, 0x0a, 0x0e, 0x64, 0x65, 0x66, 0x61, 0x75, 0x6c, 0x74, 0x5f, 0x73, 0x75,
+	0x62, 0x73, 0x65, 0x74, 0x18, 0x02, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x17, 0x2e, 0x67, 0x6f, 0x6f,
+	0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x53, 0x74, 0x72,
+	0x75, 0x63, 0x74, 0x52, 0x0d, 0x64, 0x65, 0x66, 0x61, 0x75, 0x6c, 0x74, 0x53, 0x75, 0x62, 0x73,
+	0x65, 0x74, 0x12, 0x60, 0x0a, 0x10, 0x73, 0x75, 0x62, 0x73, 0x65, 0x74, 0x5f, 0x73, 0x65, 0x6c,
+	0x65, 0x63, 0x74, 0x6f, 0x72, 0x73, 0x18, 0x03, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x35, 0x2e, 0x65,
+	0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x76, 0x32, 0x2e, 0x43, 0x6c, 0x75, 0x73,
+	0x74, 0x65, 0x72, 0x2e, 0x4c, 0x62, 0x53, 0x75, 0x62, 0x73, 0x65, 0x74, 0x43, 0x6f, 0x6e, 0x66,
+	0x69, 0x67, 0x2e, 0x4c, 0x62, 0x53, 0x75, 0x62, 0x73, 0x65, 0x74, 0x53, 0x65, 0x6c, 0x65, 0x63,
+	0x74, 0x6f, 0x72, 0x52, 0x0f, 0x73, 0x75, 0x62, 0x73, 0x65, 0x74, 0x53, 0x65, 0x6c, 0x65, 0x63,
+	0x74, 0x6f, 0x72, 0x73, 0x12, 0x32, 0x0a, 0x15, 0x6c, 0x6f, 0x63, 0x61, 0x6c, 0x69, 0x74, 0x79,
+	0x5f, 0x77, 0x65, 0x69, 0x67, 0x68, 0x74, 0x5f, 0x61, 0x77, 0x61, 0x72, 0x65, 0x18, 0x04, 0x20,
+	0x01, 0x28, 0x08, 0x52, 0x13, 0x6c, 0x6f, 0x63, 0x61, 0x6c, 0x69, 0x74, 0x79, 0x57, 0x65, 0x69,
+	0x67, 0x68, 0x74, 0x41, 0x77, 0x61, 0x72, 0x65, 0x12, 0x32, 0x0a, 0x15, 0x73, 0x63, 0x61, 0x6c,
+	0x65, 0x5f, 0x6c, 0x6f, 0x63, 0x61, 0x6c, 0x69, 0x74, 0x79, 0x5f, 0x77, 0x65, 0x69, 0x67, 0x68,
+	0x74, 0x18, 0x05, 0x20, 0x01, 0x28, 0x08, 0x52, 0x13, 0x73, 0x63, 0x61, 0x6c, 0x65, 0x4c, 0x6f,
+	0x63, 0x61, 0x6c, 0x69, 0x74, 0x79, 0x57, 0x65, 0x69, 0x67, 0x68, 0x74, 0x12, 0x24, 0x0a, 0x0e,
+	0x70, 0x61, 0x6e, 0x69, 0x63, 0x5f, 0x6d, 0x6f, 0x64, 0x65, 0x5f, 0x61, 0x6e, 0x79, 0x18, 0x06,
+	0x20, 0x01, 0x28, 0x08, 0x52, 0x0c, 0x70, 0x61, 0x6e, 0x69, 0x63, 0x4d, 0x6f, 0x64, 0x65, 0x41,
+	0x6e, 0x79, 0x12, 0x1e, 0x0a, 0x0b, 0x6c, 0x69, 0x73, 0x74, 0x5f, 0x61, 0x73, 0x5f, 0x61, 0x6e,
+	0x79, 0x18, 0x07, 0x20, 0x01, 0x28, 0x08, 0x52, 0x09, 0x6c, 0x69, 0x73, 0x74, 0x41, 0x73, 0x41,
+	0x6e, 0x79, 0x1a, 0xdd, 0x02, 0x0a, 0x10, 0x4c, 0x62, 0x53, 0x75, 0x62, 0x73, 0x65, 0x74, 0x53,
+	0x65, 0x6c, 0x65, 0x63, 0x74, 0x6f, 0x72, 0x12, 0x12, 0x0a, 0x04, 0x6b, 0x65, 0x79, 0x73, 0x18,
+	0x01, 0x20, 0x03, 0x28, 0x09, 0x52, 0x04, 0x6b, 0x65, 0x79, 0x73, 0x12, 0x87, 0x01, 0x0a, 0x0f,
+	0x66, 0x61, 0x6c, 0x6c, 0x62, 0x61, 0x63, 0x6b, 0x5f, 0x70, 0x6f, 0x6c, 0x69, 0x63, 0x79, 0x18,
+	0x02, 0x20, 0x01, 0x28, 0x0e, 0x32, 0x54, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61, 0x70,
+	0x69, 0x2e, 0x76, 0x32, 0x2e, 0x43, 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0x2e, 0x4c, 0x62, 0x53,
+	0x75, 0x62, 0x73, 0x65, 0x74, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x4c, 0x62, 0x53, 0x75,
+	0x62, 0x73, 0x65, 0x74, 0x53, 0x65, 0x6c, 0x65, 0x63, 0x74, 0x6f, 0x72, 0x2e, 0x4c, 0x62, 0x53,
+	0x75, 0x62, 0x73, 0x65, 0x74, 0x53, 0x65, 0x6c, 0x65, 0x63, 0x74, 0x6f, 0x72, 0x46, 0x61, 0x6c,
+	0x6c, 0x62, 0x61, 0x63, 0x6b, 0x50, 0x6f, 0x6c, 0x69, 0x63, 0x79, 0x42, 0x08, 0xfa, 0x42, 0x05,
+	0x82, 0x01, 0x02, 0x10, 0x01, 0x52, 0x0e, 0x66, 0x61, 0x6c, 0x6c, 0x62, 0x61, 0x63, 0x6b, 0x50,
+	0x6f, 0x6c, 0x69, 0x63, 0x79, 0x12, 0x30, 0x0a, 0x14, 0x66, 0x61, 0x6c, 0x6c, 0x62, 0x61, 0x63,
+	0x6b, 0x5f, 0x6b, 0x65, 0x79, 0x73, 0x5f, 0x73, 0x75, 0x62, 0x73, 0x65, 0x74, 0x18, 0x03, 0x20,
+	0x03, 0x28, 0x09, 0x52, 0x12, 0x66, 0x61, 0x6c, 0x6c, 0x62, 0x61, 0x63, 0x6b, 0x4b, 0x65, 0x79,
+	0x73, 0x53, 0x75, 0x62, 0x73, 0x65, 0x74, 0x22, 0x79, 0x0a, 0x1e, 0x4c, 0x62, 0x53, 0x75, 0x62,
+	0x73, 0x65, 0x74, 0x53, 0x65, 0x6c, 0x65, 0x63, 0x74, 0x6f, 0x72, 0x46, 0x61, 0x6c, 0x6c, 0x62,
+	0x61, 0x63, 0x6b, 0x50, 0x6f, 0x6c, 0x69, 0x63, 0x79, 0x12, 0x0f, 0x0a, 0x0b, 0x4e, 0x4f, 0x54,
+	0x5f, 0x44, 0x45, 0x46, 0x49, 0x4e, 0x45, 0x44, 0x10, 0x00, 0x12, 0x0f, 0x0a, 0x0b, 0x4e, 0x4f,
+	0x5f, 0x46, 0x41, 0x4c, 0x4c, 0x42, 0x41, 0x43, 0x4b, 0x10, 0x01, 0x12, 0x10, 0x0a, 0x0c, 0x41,
+	0x4e, 0x59, 0x5f, 0x45, 0x4e, 0x44, 0x50, 0x4f, 0x49, 0x4e, 0x54, 0x10, 0x02, 0x12, 0x12, 0x0a,
+	0x0e, 0x44, 0x45, 0x46, 0x41, 0x55, 0x4c, 0x54, 0x5f, 0x53, 0x55, 0x42, 0x53, 0x45, 0x54, 0x10,
+	0x03, 0x12, 0x0f, 0x0a, 0x0b, 0x4b, 0x45, 0x59, 0x53, 0x5f, 0x53, 0x55, 0x42, 0x53, 0x45, 0x54,
+	0x10, 0x04, 0x22, 0x4f, 0x0a, 0x16, 0x4c, 0x62, 0x53, 0x75, 0x62, 0x73, 0x65, 0x74, 0x46, 0x61,
+	0x6c, 0x6c, 0x62, 0x61, 0x63, 0x6b, 0x50, 0x6f, 0x6c, 0x69, 0x63, 0x79, 0x12, 0x0f, 0x0a, 0x0b,
+	0x4e, 0x4f, 0x5f, 0x46, 0x41, 0x4c, 0x4c, 0x42, 0x41, 0x43, 0x4b, 0x10, 0x00, 0x12, 0x10, 0x0a,
+	0x0c, 0x41, 0x4e, 0x59, 0x5f, 0x45, 0x4e, 0x44, 0x50, 0x4f, 0x49, 0x4e, 0x54, 0x10, 0x01, 0x12,
+	0x12, 0x0a, 0x0e, 0x44, 0x45, 0x46, 0x41, 0x55, 0x4c, 0x54, 0x5f, 0x53, 0x55, 0x42, 0x53, 0x45,
+	0x54, 0x10, 0x02, 0x1a, 0x60, 0x0a, 0x14, 0x4c, 0x65, 0x61, 0x73, 0x74, 0x52, 0x65, 0x71, 0x75,
+	0x65, 0x73, 0x74, 0x4c, 0x62, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x12, 0x48, 0x0a, 0x0c, 0x63,
+	0x68, 0x6f, 0x69, 0x63, 0x65, 0x5f, 0x63, 0x6f, 0x75, 0x6e, 0x74, 0x18, 0x01, 0x20, 0x01, 0x28,
+	0x0b, 0x32, 0x1c, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f,
+	0x62, 0x75, 0x66, 0x2e, 0x55, 0x49, 0x6e, 0x74, 0x33, 0x32, 0x56, 0x61, 0x6c, 0x75, 0x65, 0x42,
+	0x07, 0xfa, 0x42, 0x04, 0x2a, 0x02, 0x28, 0x02, 0x52, 0x0b, 0x63, 0x68, 0x6f, 0x69, 0x63, 0x65,
+	0x43, 0x6f, 0x75, 0x6e, 0x74, 0x1a, 0xd8, 0x02, 0x0a, 0x10, 0x52, 0x69, 0x6e, 0x67, 0x48, 0x61,
+	0x73, 0x68, 0x4c, 0x62, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x12, 0x54, 0x0a, 0x11, 0x6d, 0x69,
+	0x6e, 0x69, 0x6d, 0x75, 0x6d, 0x5f, 0x72, 0x69, 0x6e, 0x67, 0x5f, 0x73, 0x69, 0x7a, 0x65, 0x18,
+	0x01, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1c, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70,
+	0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x55, 0x49, 0x6e, 0x74, 0x36, 0x34, 0x56, 0x61,
+	0x6c, 0x75, 0x65, 0x42, 0x0a, 0xfa, 0x42, 0x07, 0x32, 0x05, 0x18, 0x80, 0x80, 0x80, 0x04, 0x52,
+	0x0f, 0x6d, 0x69, 0x6e, 0x69, 0x6d, 0x75, 0x6d, 0x52, 0x69, 0x6e, 0x67, 0x53, 0x69, 0x7a, 0x65,
+	0x12, 0x62, 0x0a, 0x0d, 0x68, 0x61, 0x73, 0x68, 0x5f, 0x66, 0x75, 0x6e, 0x63, 0x74, 0x69, 0x6f,
+	0x6e, 0x18, 0x03, 0x20, 0x01, 0x28, 0x0e, 0x32, 0x33, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e,
+	0x61, 0x70, 0x69, 0x2e, 0x76, 0x32, 0x2e, 0x43, 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0x2e, 0x52,
+	0x69, 0x6e, 0x67, 0x48, 0x61, 0x73, 0x68, 0x4c, 0x62, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e,
+	0x48, 0x61, 0x73, 0x68, 0x46, 0x75, 0x6e, 0x63, 0x74, 0x69, 0x6f, 0x6e, 0x42, 0x08, 0xfa, 0x42,
+	0x05, 0x82, 0x01, 0x02, 0x10, 0x01, 0x52, 0x0c, 0x68, 0x61, 0x73, 0x68, 0x46, 0x75, 0x6e, 0x63,
+	0x74, 0x69, 0x6f, 0x6e, 0x12, 0x54, 0x0a, 0x11, 0x6d, 0x61, 0x78, 0x69, 0x6d, 0x75, 0x6d, 0x5f,
+	0x72, 0x69, 0x6e, 0x67, 0x5f, 0x73, 0x69, 0x7a, 0x65, 0x18, 0x04, 0x20, 0x01, 0x28, 0x0b, 0x32,
+	0x1c, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75,
+	0x66, 0x2e, 0x55, 0x49, 0x6e, 0x74, 0x36, 0x34, 0x56, 0x61, 0x6c, 0x75, 0x65, 0x42, 0x0a, 0xfa,
+	0x42, 0x07, 0x32, 0x05, 0x18, 0x80, 0x80, 0x80, 0x04, 0x52, 0x0f, 0x6d, 0x61, 0x78, 0x69, 0x6d,
+	0x75, 0x6d, 0x52, 0x69, 0x6e, 0x67, 0x53, 0x69, 0x7a, 0x65, 0x22, 0x2e, 0x0a, 0x0c, 0x48, 0x61,
+	0x73, 0x68, 0x46, 0x75, 0x6e, 0x63, 0x74, 0x69, 0x6f, 0x6e, 0x12, 0x0b, 0x0a, 0x07, 0x58, 0x58,
+	0x5f, 0x48, 0x41, 0x53, 0x48, 0x10, 0x00, 0x12, 0x11, 0x0a, 0x0d, 0x4d, 0x55, 0x52, 0x4d, 0x55,
+	0x52, 0x5f, 0x48, 0x41, 0x53, 0x48, 0x5f, 0x32, 0x10, 0x01, 0x4a, 0x04, 0x08, 0x02, 0x10, 0x03,
+	0x1a, 0x3d, 0x0a, 0x13, 0x4f, 0x72, 0x69, 0x67, 0x69, 0x6e, 0x61, 0x6c, 0x44, 0x73, 0x74, 0x4c,
+	0x62, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x12, 0x26, 0x0a, 0x0f, 0x75, 0x73, 0x65, 0x5f, 0x68,
+	0x74, 0x74, 0x70, 0x5f, 0x68, 0x65, 0x61, 0x64, 0x65, 0x72, 0x18, 0x01, 0x20, 0x01, 0x28, 0x08,
+	0x52, 0x0d, 0x75, 0x73, 0x65, 0x48, 0x74, 0x74, 0x70, 0x48, 0x65, 0x61, 0x64, 0x65, 0x72, 0x1a,
+	0x86, 0x08, 0x0a, 0x0e, 0x43, 0x6f, 0x6d, 0x6d, 0x6f, 0x6e, 0x4c, 0x62, 0x43, 0x6f, 0x6e, 0x66,
+	0x69, 0x67, 0x12, 0x4b, 0x0a, 0x17, 0x68, 0x65, 0x61, 0x6c, 0x74, 0x68, 0x79, 0x5f, 0x70, 0x61,
+	0x6e, 0x69, 0x63, 0x5f, 0x74, 0x68, 0x72, 0x65, 0x73, 0x68, 0x6f, 0x6c, 0x64, 0x18, 0x01, 0x20,
+	0x01, 0x28, 0x0b, 0x32, 0x13, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x74, 0x79, 0x70, 0x65,
+	0x2e, 0x50, 0x65, 0x72, 0x63, 0x65, 0x6e, 0x74, 0x52, 0x15, 0x68, 0x65, 0x61, 0x6c, 0x74, 0x68,
+	0x79, 0x50, 0x61, 0x6e, 0x69, 0x63, 0x54, 0x68, 0x72, 0x65, 0x73, 0x68, 0x6f, 0x6c, 0x64, 0x12,
+	0x69, 0x0a, 0x14, 0x7a, 0x6f, 0x6e, 0x65, 0x5f, 0x61, 0x77, 0x61, 0x72, 0x65, 0x5f, 0x6c, 0x62,
+	0x5f, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x18, 0x02, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x36, 0x2e,
+	0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x76, 0x32, 0x2e, 0x43, 0x6c, 0x75,
+	0x73, 0x74, 0x65, 0x72, 0x2e, 0x43, 0x6f, 0x6d, 0x6d, 0x6f, 0x6e, 0x4c, 0x62, 0x43, 0x6f, 0x6e,
+	0x66, 0x69, 0x67, 0x2e, 0x5a, 0x6f, 0x6e, 0x65, 0x41, 0x77, 0x61, 0x72, 0x65, 0x4c, 0x62, 0x43,
+	0x6f, 0x6e, 0x66, 0x69, 0x67, 0x48, 0x00, 0x52, 0x11, 0x7a, 0x6f, 0x6e, 0x65, 0x41, 0x77, 0x61,
+	0x72, 0x65, 0x4c, 0x62, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x12, 0x7e, 0x0a, 0x1b, 0x6c, 0x6f,
+	0x63, 0x61, 0x6c, 0x69, 0x74, 0x79, 0x5f, 0x77, 0x65, 0x69, 0x67, 0x68, 0x74, 0x65, 0x64, 0x5f,
+	0x6c, 0x62, 0x5f, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x18, 0x03, 0x20, 0x01, 0x28, 0x0b, 0x32,
+	0x3d, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x76, 0x32, 0x2e, 0x43,
+	0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0x2e, 0x43, 0x6f, 0x6d, 0x6d, 0x6f, 0x6e, 0x4c, 0x62, 0x43,
+	0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x4c, 0x6f, 0x63, 0x61, 0x6c, 0x69, 0x74, 0x79, 0x57, 0x65,
+	0x69, 0x67, 0x68, 0x74, 0x65, 0x64, 0x4c, 0x62, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x48, 0x00,
+	0x52, 0x18, 0x6c, 0x6f, 0x63, 0x61, 0x6c, 0x69, 0x74, 0x79, 0x57, 0x65, 0x69, 0x67, 0x68, 0x74,
+	0x65, 0x64, 0x4c, 0x62, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x12, 0x49, 0x0a, 0x13, 0x75, 0x70,
+	0x64, 0x61, 0x74, 0x65, 0x5f, 0x6d, 0x65, 0x72, 0x67, 0x65, 0x5f, 0x77, 0x69, 0x6e, 0x64, 0x6f,
+	0x77, 0x18, 0x04, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x19, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65,
+	0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x44, 0x75, 0x72, 0x61, 0x74, 0x69,
+	0x6f, 0x6e, 0x52, 0x11, 0x75, 0x70, 0x64, 0x61, 0x74, 0x65, 0x4d, 0x65, 0x72, 0x67, 0x65, 0x57,
+	0x69, 0x6e, 0x64, 0x6f, 0x77, 0x12, 0x43, 0x0a, 0x1f, 0x69, 0x67, 0x6e, 0x6f, 0x72, 0x65, 0x5f,
+	0x6e, 0x65, 0x77, 0x5f, 0x68, 0x6f, 0x73, 0x74, 0x73, 0x5f, 0x75, 0x6e, 0x74, 0x69, 0x6c, 0x5f,
+	0x66, 0x69, 0x72, 0x73, 0x74, 0x5f, 0x68, 0x63, 0x18, 0x05, 0x20, 0x01, 0x28, 0x08, 0x52, 0x1a,
+	0x69, 0x67, 0x6e, 0x6f, 0x72, 0x65, 0x4e, 0x65, 0x77, 0x48, 0x6f, 0x73, 0x74, 0x73, 0x55, 0x6e,
+	0x74, 0x69, 0x6c, 0x46, 0x69, 0x72, 0x73, 0x74, 0x48, 0x63, 0x12, 0x4d, 0x0a, 0x24, 0x63, 0x6c,
+	0x6f, 0x73, 0x65, 0x5f, 0x63, 0x6f, 0x6e, 0x6e, 0x65, 0x63, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x5f,
+	0x6f, 0x6e, 0x5f, 0x68, 0x6f, 0x73, 0x74, 0x5f, 0x73, 0x65, 0x74, 0x5f, 0x63, 0x68, 0x61, 0x6e,
+	0x67, 0x65, 0x18, 0x06, 0x20, 0x01, 0x28, 0x08, 0x52, 0x1f, 0x63, 0x6c, 0x6f, 0x73, 0x65, 0x43,
+	0x6f, 0x6e, 0x6e, 0x65, 0x63, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x4f, 0x6e, 0x48, 0x6f, 0x73, 0x74,
+	0x53, 0x65, 0x74, 0x43, 0x68, 0x61, 0x6e, 0x67, 0x65, 0x12, 0x7f, 0x0a, 0x1c, 0x63, 0x6f, 0x6e,
+	0x73, 0x69, 0x73, 0x74, 0x65, 0x6e, 0x74, 0x5f, 0x68, 0x61, 0x73, 0x68, 0x69, 0x6e, 0x67, 0x5f,
+	0x6c, 0x62, 0x5f, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x18, 0x07, 0x20, 0x01, 0x28, 0x0b, 0x32,
+	0x3e, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x76, 0x32, 0x2e, 0x43,
+	0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0x2e, 0x43, 0x6f, 0x6d, 0x6d, 0x6f, 0x6e, 0x4c, 0x62, 0x43,
+	0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x43, 0x6f, 0x6e, 0x73, 0x69, 0x73, 0x74, 0x65, 0x6e, 0x74,
+	0x48, 0x61, 0x73, 0x68, 0x69, 0x6e, 0x67, 0x4c, 0x62, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x52,
+	0x19, 0x63, 0x6f, 0x6e, 0x73, 0x69, 0x73, 0x74, 0x65, 0x6e, 0x74, 0x48, 0x61, 0x73, 0x68, 0x69,
+	0x6e, 0x67, 0x4c, 0x62, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x1a, 0xcc, 0x01, 0x0a, 0x11, 0x5a,
+	0x6f, 0x6e, 0x65, 0x41, 0x77, 0x61, 0x72, 0x65, 0x4c, 0x62, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67,
+	0x12, 0x3c, 0x0a, 0x0f, 0x72, 0x6f, 0x75, 0x74, 0x69, 0x6e, 0x67, 0x5f, 0x65, 0x6e, 0x61, 0x62,
+	0x6c, 0x65, 0x64, 0x18, 0x01, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x13, 0x2e, 0x65, 0x6e, 0x76, 0x6f,
+	0x79, 0x2e, 0x74, 0x79, 0x70, 0x65, 0x2e, 0x50, 0x65, 0x72, 0x63, 0x65, 0x6e, 0x74, 0x52, 0x0e,
+	0x72, 0x6f, 0x75, 0x74, 0x69, 0x6e, 0x67, 0x45, 0x6e, 0x61, 0x62, 0x6c, 0x65, 0x64, 0x12, 0x46,
+	0x0a, 0x10, 0x6d, 0x69, 0x6e, 0x5f, 0x63, 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0x5f, 0x73, 0x69,
+	0x7a, 0x65, 0x18, 0x02, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1c, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c,
+	0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x55, 0x49, 0x6e, 0x74, 0x36,
+	0x34, 0x56, 0x61, 0x6c, 0x75, 0x65, 0x52, 0x0e, 0x6d, 0x69, 0x6e, 0x43, 0x6c, 0x75, 0x73, 0x74,
+	0x65, 0x72, 0x53, 0x69, 0x7a, 0x65, 0x12, 0x31, 0x0a, 0x15, 0x66, 0x61, 0x69, 0x6c, 0x5f, 0x74,
+	0x72, 0x61, 0x66, 0x66, 0x69, 0x63, 0x5f, 0x6f, 0x6e, 0x5f, 0x70, 0x61, 0x6e, 0x69, 0x63, 0x18,
+	0x03, 0x20, 0x01, 0x28, 0x08, 0x52, 0x12, 0x66, 0x61, 0x69, 0x6c, 0x54, 0x72, 0x61, 0x66, 0x66,
+	0x69, 0x63, 0x4f, 0x6e, 0x50, 0x61, 0x6e, 0x69, 0x63, 0x1a, 0x1a, 0x0a, 0x18, 0x4c, 0x6f, 0x63,
+	0x61, 0x6c, 0x69, 0x74, 0x79, 0x57, 0x65, 0x69, 0x67, 0x68, 0x74, 0x65, 0x64, 0x4c, 0x62, 0x43,
+	0x6f, 0x6e, 0x66, 0x69, 0x67, 0x1a, 0x54, 0x0a, 0x19, 0x43, 0x6f, 0x6e, 0x73, 0x69, 0x73, 0x74,
+	0x65, 0x6e, 0x74, 0x48, 0x61, 0x73, 0x68, 0x69, 0x6e, 0x67, 0x4c, 0x62, 0x43, 0x6f, 0x6e, 0x66,
+	0x69, 0x67, 0x12, 0x37, 0x0a, 0x18, 0x75, 0x73, 0x65, 0x5f, 0x68, 0x6f, 0x73, 0x74, 0x6e, 0x61,
+	0x6d, 0x65, 0x5f, 0x66, 0x6f, 0x72, 0x5f, 0x68, 0x61, 0x73, 0x68, 0x69, 0x6e, 0x67, 0x18, 0x01,
+	0x20, 0x01, 0x28, 0x08, 0x52, 0x15, 0x75, 0x73, 0x65, 0x48, 0x6f, 0x73, 0x74, 0x6e, 0x61, 0x6d,
+	0x65, 0x46, 0x6f, 0x72, 0x48, 0x61, 0x73, 0x68, 0x69, 0x6e, 0x67, 0x42, 0x1b, 0x0a, 0x19, 0x6c,
+	0x6f, 0x63, 0x61, 0x6c, 0x69, 0x74, 0x79, 0x5f, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x5f, 0x73,
+	0x70, 0x65, 0x63, 0x69, 0x66, 0x69, 0x65, 0x72, 0x1a, 0xa9, 0x01, 0x0a, 0x0b, 0x52, 0x65, 0x66,
+	0x72, 0x65, 0x73, 0x68, 0x52, 0x61, 0x74, 0x65, 0x12, 0x4e, 0x0a, 0x0d, 0x62, 0x61, 0x73, 0x65,
+	0x5f, 0x69, 0x6e, 0x74, 0x65, 0x72, 0x76, 0x61, 0x6c, 0x18, 0x01, 0x20, 0x01, 0x28, 0x0b, 0x32,
+	0x19, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75,
+	0x66, 0x2e, 0x44, 0x75, 0x72, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x42, 0x0e, 0xfa, 0x42, 0x0b, 0xaa,
+	0x01, 0x08, 0x08, 0x01, 0x2a, 0x04, 0x10, 0xc0, 0x84, 0x3d, 0x52, 0x0c, 0x62, 0x61, 0x73, 0x65,
+	0x49, 0x6e, 0x74, 0x65, 0x72, 0x76, 0x61, 0x6c, 0x12, 0x4a, 0x0a, 0x0c, 0x6d, 0x61, 0x78, 0x5f,
+	0x69, 0x6e, 0x74, 0x65, 0x72, 0x76, 0x61, 0x6c, 0x18, 0x02, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x19,
+	0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66,
+	0x2e, 0x44, 0x75, 0x72, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x42, 0x0c, 0xfa, 0x42, 0x09, 0xaa, 0x01,
+	0x06, 0x2a, 0x04, 0x10, 0xc0, 0x84, 0x3d, 0x52, 0x0b, 0x6d, 0x61, 0x78, 0x49, 0x6e, 0x74, 0x65,
+	0x72, 0x76, 0x61, 0x6c, 0x1a, 0x64, 0x0a, 0x1d, 0x45, 0x78, 0x74, 0x65, 0x6e, 0x73, 0x69, 0x6f,
+	0x6e, 0x50, 0x72, 0x6f, 0x74, 0x6f, 0x63, 0x6f, 0x6c, 0x4f, 0x70, 0x74, 0x69, 0x6f, 0x6e, 0x73,
+	0x45, 0x6e, 0x74, 0x72, 0x79, 0x12, 0x10, 0x0a, 0x03, 0x6b, 0x65, 0x79, 0x18, 0x01, 0x20, 0x01,
+	0x28, 0x09, 0x52, 0x03, 0x6b, 0x65, 0x79, 0x12, 0x2d, 0x0a, 0x05, 0x76, 0x61, 0x6c, 0x75, 0x65,
+	0x18, 0x02, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x17, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e,
+	0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x53, 0x74, 0x72, 0x75, 0x63, 0x74, 0x52,
+	0x05, 0x76, 0x61, 0x6c, 0x75, 0x65, 0x3a, 0x02, 0x38, 0x01, 0x1a, 0x66, 0x0a, 0x22, 0x54, 0x79,
+	0x70, 0x65, 0x64, 0x45, 0x78, 0x74, 0x65, 0x6e, 0x73, 0x69, 0x6f, 0x6e, 0x50, 0x72, 0x6f, 0x74,
+	0x6f, 0x63, 0x6f, 0x6c, 0x4f, 0x70, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x45, 0x6e, 0x74, 0x72, 0x79,
+	0x12, 0x10, 0x0a, 0x03, 0x6b, 0x65, 0x79, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x03, 0x6b,
+	0x65, 0x79, 0x12, 0x2a, 0x0a, 0x05, 0x76, 0x61, 0x6c, 0x75, 0x65, 0x18, 0x02, 0x20, 0x01, 0x28,
+	0x0b, 0x32, 0x14, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f,
+	0x62, 0x75, 0x66, 0x2e, 0x41, 0x6e, 0x79, 0x52, 0x05, 0x76, 0x61, 0x6c, 0x75, 0x65, 0x3a, 0x02,
+	0x38, 0x01, 0x22, 0x57, 0x0a, 0x0d, 0x44, 0x69, 0x73, 0x63, 0x6f, 0x76, 0x65, 0x72, 0x79, 0x54,
+	0x79, 0x70, 0x65, 0x12, 0x0a, 0x0a, 0x06, 0x53, 0x54, 0x41, 0x54, 0x49, 0x43, 0x10, 0x00, 0x12,
+	0x0e, 0x0a, 0x0a, 0x53, 0x54, 0x52, 0x49, 0x43, 0x54, 0x5f, 0x44, 0x4e, 0x53, 0x10, 0x01, 0x12,
+	0x0f, 0x0a, 0x0b, 0x4c, 0x4f, 0x47, 0x49, 0x43, 0x41, 0x4c, 0x5f, 0x44, 0x4e, 0x53, 0x10, 0x02,
+	0x12, 0x07, 0x0a, 0x03, 0x45, 0x44, 0x53, 0x10, 0x03, 0x12, 0x10, 0x0a, 0x0c, 0x4f, 0x52, 0x49,
+	0x47, 0x49, 0x4e, 0x41, 0x4c, 0x5f, 0x44, 0x53, 0x54, 0x10, 0x04, 0x22, 0xac, 0x01, 0x0a, 0x08,
+	0x4c, 0x62, 0x50, 0x6f, 0x6c, 0x69, 0x63, 0x79, 0x12, 0x0f, 0x0a, 0x0b, 0x52, 0x4f, 0x55, 0x4e,
+	0x44, 0x5f, 0x52, 0x4f, 0x42, 0x49, 0x4e, 0x10, 0x00, 0x12, 0x11, 0x0a, 0x0d, 0x4c, 0x45, 0x41,
+	0x53, 0x54, 0x5f, 0x52, 0x45, 0x51, 0x55, 0x45, 0x53, 0x54, 0x10, 0x01, 0x12, 0x0d, 0x0a, 0x09,
+	0x52, 0x49, 0x4e, 0x47, 0x5f, 0x48, 0x41, 0x53, 0x48, 0x10, 0x02, 0x12, 0x0a, 0x0a, 0x06, 0x52,
+	0x41, 0x4e, 0x44, 0x4f, 0x4d, 0x10, 0x03, 0x12, 0x1d, 0x0a, 0x0f, 0x4f, 0x52, 0x49, 0x47, 0x49,
+	0x4e, 0x41, 0x4c, 0x5f, 0x44, 0x53, 0x54, 0x5f, 0x4c, 0x42, 0x10, 0x04, 0x1a, 0x08, 0x08, 0x01,
+	0xa8, 0xf7, 0xb4, 0x8b, 0x02, 0x01, 0x12, 0x0a, 0x0a, 0x06, 0x4d, 0x41, 0x47, 0x4c, 0x45, 0x56,
+	0x10, 0x05, 0x12, 0x14, 0x0a, 0x10, 0x43, 0x4c, 0x55, 0x53, 0x54, 0x45, 0x52, 0x5f, 0x50, 0x52,
+	0x4f, 0x56, 0x49, 0x44, 0x45, 0x44, 0x10, 0x06, 0x12, 0x20, 0x0a, 0x1c, 0x4c, 0x4f, 0x41, 0x44,
+	0x5f, 0x42, 0x41, 0x4c, 0x41, 0x4e, 0x43, 0x49, 0x4e, 0x47, 0x5f, 0x50, 0x4f, 0x4c, 0x49, 0x43,
+	0x59, 0x5f, 0x43, 0x4f, 0x4e, 0x46, 0x49, 0x47, 0x10, 0x07, 0x22, 0x35, 0x0a, 0x0f, 0x44, 0x6e,
+	0x73, 0x4c, 0x6f, 0x6f, 0x6b, 0x75, 0x70, 0x46, 0x61, 0x6d, 0x69, 0x6c, 0x79, 0x12, 0x08, 0x0a,
+	0x04, 0x41, 0x55, 0x54, 0x4f, 0x10, 0x00, 0x12, 0x0b, 0x0a, 0x07, 0x56, 0x34, 0x5f, 0x4f, 0x4e,
+	0x4c, 0x59, 0x10, 0x01, 0x12, 0x0b, 0x0a, 0x07, 0x56, 0x36, 0x5f, 0x4f, 0x4e, 0x4c, 0x59, 0x10,
+	0x02, 0x22, 0x54, 0x0a, 0x18, 0x43, 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0x50, 0x72, 0x6f, 0x74,
+	0x6f, 0x63, 0x6f, 0x6c, 0x53, 0x65, 0x6c, 0x65, 0x63, 0x74, 0x69, 0x6f, 0x6e, 0x12, 0x1b, 0x0a,
+	0x17, 0x55, 0x53, 0x45, 0x5f, 0x43, 0x4f, 0x4e, 0x46, 0x49, 0x47, 0x55, 0x52, 0x45, 0x44, 0x5f,
+	0x50, 0x52, 0x4f, 0x54, 0x4f, 0x43, 0x4f, 0x4c, 0x10, 0x00, 0x12, 0x1b, 0x0a, 0x17, 0x55, 0x53,
+	0x45, 0x5f, 0x44, 0x4f, 0x57, 0x4e, 0x53, 0x54, 0x52, 0x45, 0x41, 0x4d, 0x5f, 0x50, 0x52, 0x4f,
+	0x54, 0x4f, 0x43, 0x4f, 0x4c, 0x10, 0x01, 0x42, 0x18, 0x0a, 0x16, 0x63, 0x6c, 0x75, 0x73, 0x74,
+	0x65, 0x72, 0x5f, 0x64, 0x69, 0x73, 0x63, 0x6f, 0x76, 0x65, 0x72, 0x79, 0x5f, 0x74, 0x79, 0x70,
+	0x65, 0x42, 0x0b, 0x0a, 0x09, 0x6c, 0x62, 0x5f, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x4a, 0x04,
+	0x08, 0x0c, 0x10, 0x0d, 0x4a, 0x04, 0x08, 0x0f, 0x10, 0x10, 0x22, 0xe8, 0x01, 0x0a, 0x13, 0x4c,
+	0x6f, 0x61, 0x64, 0x42, 0x61, 0x6c, 0x61, 0x6e, 0x63, 0x69, 0x6e, 0x67, 0x50, 0x6f, 0x6c, 0x69,
+	0x63, 0x79, 0x12, 0x44, 0x0a, 0x08, 0x70, 0x6f, 0x6c, 0x69, 0x63, 0x69, 0x65, 0x73, 0x18, 0x01,
+	0x20, 0x03, 0x28, 0x0b, 0x32, 0x28, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61, 0x70, 0x69,
+	0x2e, 0x76, 0x32, 0x2e, 0x4c, 0x6f, 0x61, 0x64, 0x42, 0x61, 0x6c, 0x61, 0x6e, 0x63, 0x69, 0x6e,
+	0x67, 0x50, 0x6f, 0x6c, 0x69, 0x63, 0x79, 0x2e, 0x50, 0x6f, 0x6c, 0x69, 0x63, 0x79, 0x52, 0x08,
+	0x70, 0x6f, 0x6c, 0x69, 0x63, 0x69, 0x65, 0x73, 0x1a, 0x8a, 0x01, 0x0a, 0x06, 0x50, 0x6f, 0x6c,
+	0x69, 0x63, 0x79, 0x12, 0x12, 0x0a, 0x04, 0x6e, 0x61, 0x6d, 0x65, 0x18, 0x01, 0x20, 0x01, 0x28,
+	0x09, 0x52, 0x04, 0x6e, 0x61, 0x6d, 0x65, 0x12, 0x33, 0x0a, 0x06, 0x63, 0x6f, 0x6e, 0x66, 0x69,
+	0x67, 0x18, 0x02, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x17, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65,
+	0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x53, 0x74, 0x72, 0x75, 0x63, 0x74,
+	0x42, 0x02, 0x18, 0x01, 0x52, 0x06, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x12, 0x37, 0x0a, 0x0c,
+	0x74, 0x79, 0x70, 0x65, 0x64, 0x5f, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x18, 0x03, 0x20, 0x01,
+	0x28, 0x0b, 0x32, 0x14, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74,
+	0x6f, 0x62, 0x75, 0x66, 0x2e, 0x41, 0x6e, 0x79, 0x52, 0x0b, 0x74, 0x79, 0x70, 0x65, 0x64, 0x43,
+	0x6f, 0x6e, 0x66, 0x69, 0x67, 0x22, 0x57, 0x0a, 0x12, 0x55, 0x70, 0x73, 0x74, 0x72, 0x65, 0x61,
+	0x6d, 0x42, 0x69, 0x6e, 0x64, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x12, 0x41, 0x0a, 0x0e, 0x73,
+	0x6f, 0x75, 0x72, 0x63, 0x65, 0x5f, 0x61, 0x64, 0x64, 0x72, 0x65, 0x73, 0x73, 0x18, 0x01, 0x20,
+	0x01, 0x28, 0x0b, 0x32, 0x1a, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61, 0x70, 0x69, 0x2e,
+	0x76, 0x32, 0x2e, 0x63, 0x6f, 0x72, 0x65, 0x2e, 0x41, 0x64, 0x64, 0x72, 0x65, 0x73, 0x73, 0x52,
+	0x0d, 0x73, 0x6f, 0x75, 0x72, 0x63, 0x65, 0x41, 0x64, 0x64, 0x72, 0x65, 0x73, 0x73, 0x22, 0x61,
+	0x0a, 0x19, 0x55, 0x70, 0x73, 0x74, 0x72, 0x65, 0x61, 0x6d, 0x43, 0x6f, 0x6e, 0x6e, 0x65, 0x63,
+	0x74, 0x69, 0x6f, 0x6e, 0x4f, 0x70, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x12, 0x44, 0x0a, 0x0d, 0x74,
+	0x63, 0x70, 0x5f, 0x6b, 0x65, 0x65, 0x70, 0x61, 0x6c, 0x69, 0x76, 0x65, 0x18, 0x01, 0x20, 0x01,
+	0x28, 0x0b, 0x32, 0x1f, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x76,
+	0x32, 0x2e, 0x63, 0x6f, 0x72, 0x65, 0x2e, 0x54, 0x63, 0x70, 0x4b, 0x65, 0x65, 0x70, 0x61, 0x6c,
+	0x69, 0x76, 0x65, 0x52, 0x0c, 0x74, 0x63, 0x70, 0x4b, 0x65, 0x65, 0x70, 0x61, 0x6c, 0x69, 0x76,
+	0x65, 0x42, 0x53, 0x0a, 0x1a, 0x69, 0x6f, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x70, 0x72, 0x6f,
+	0x78, 0x79, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x76, 0x32, 0x42,
+	0x0c, 0x43, 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0x50, 0x72, 0x6f, 0x74, 0x6f, 0x50, 0x01, 0xf2,
+	0x98, 0xfe, 0x8f, 0x05, 0x19, 0x12, 0x17, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e,
+	0x66, 0x69, 0x67, 0x2e, 0x63, 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0x2e, 0x76, 0x33, 0xba, 0x80,
+	0xc8, 0xd1, 0x06, 0x02, 0x10, 0x01, 0x62, 0x06, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x33,
+}
+
+var (
+	file_envoy_api_v2_cluster_proto_rawDescOnce sync.Once
+	file_envoy_api_v2_cluster_proto_rawDescData = file_envoy_api_v2_cluster_proto_rawDesc
+)
+
+func file_envoy_api_v2_cluster_proto_rawDescGZIP() []byte {
+	file_envoy_api_v2_cluster_proto_rawDescOnce.Do(func() {
+		file_envoy_api_v2_cluster_proto_rawDescData = protoimpl.X.CompressGZIP(file_envoy_api_v2_cluster_proto_rawDescData)
+	})
+	return file_envoy_api_v2_cluster_proto_rawDescData
+}
+
+var file_envoy_api_v2_cluster_proto_enumTypes = make([]protoimpl.EnumInfo, 7)
+var file_envoy_api_v2_cluster_proto_msgTypes = make([]protoimpl.MessageInfo, 20)
+var file_envoy_api_v2_cluster_proto_goTypes = []interface{}{
+	(Cluster_DiscoveryType)(0),                                                  // 0: envoy.api.v2.Cluster.DiscoveryType
+	(Cluster_LbPolicy)(0),                                                       // 1: envoy.api.v2.Cluster.LbPolicy
+	(Cluster_DnsLookupFamily)(0),                                                // 2: envoy.api.v2.Cluster.DnsLookupFamily
+	(Cluster_ClusterProtocolSelection)(0),                                       // 3: envoy.api.v2.Cluster.ClusterProtocolSelection
+	(Cluster_LbSubsetConfig_LbSubsetFallbackPolicy)(0),                          // 4: envoy.api.v2.Cluster.LbSubsetConfig.LbSubsetFallbackPolicy
+	(Cluster_LbSubsetConfig_LbSubsetSelector_LbSubsetSelectorFallbackPolicy)(0), // 5: envoy.api.v2.Cluster.LbSubsetConfig.LbSubsetSelector.LbSubsetSelectorFallbackPolicy
+	(Cluster_RingHashLbConfig_HashFunction)(0),                                  // 6: envoy.api.v2.Cluster.RingHashLbConfig.HashFunction
+	(*Cluster)(nil),                                                             // 7: envoy.api.v2.Cluster
+	(*LoadBalancingPolicy)(nil),                                                 // 8: envoy.api.v2.LoadBalancingPolicy
+	(*UpstreamBindConfig)(nil),                                                  // 9: envoy.api.v2.UpstreamBindConfig
+	(*UpstreamConnectionOptions)(nil),                                           // 10: envoy.api.v2.UpstreamConnectionOptions
+	(*Cluster_TransportSocketMatch)(nil),                                        // 11: envoy.api.v2.Cluster.TransportSocketMatch
+	(*Cluster_CustomClusterType)(nil),                                           // 12: envoy.api.v2.Cluster.CustomClusterType
+	(*Cluster_EdsClusterConfig)(nil),                                            // 13: envoy.api.v2.Cluster.EdsClusterConfig
+	(*Cluster_LbSubsetConfig)(nil),                                              // 14: envoy.api.v2.Cluster.LbSubsetConfig
+	(*Cluster_LeastRequestLbConfig)(nil),                                        // 15: envoy.api.v2.Cluster.LeastRequestLbConfig
+	(*Cluster_RingHashLbConfig)(nil),                                            // 16: envoy.api.v2.Cluster.RingHashLbConfig
+	(*Cluster_OriginalDstLbConfig)(nil),                                         // 17: envoy.api.v2.Cluster.OriginalDstLbConfig
+	(*Cluster_CommonLbConfig)(nil),                                              // 18: envoy.api.v2.Cluster.CommonLbConfig
+	(*Cluster_RefreshRate)(nil),                                                 // 19: envoy.api.v2.Cluster.RefreshRate
+	nil,                                                                         // 20: envoy.api.v2.Cluster.ExtensionProtocolOptionsEntry
+	nil,                                                                         // 21: envoy.api.v2.Cluster.TypedExtensionProtocolOptionsEntry
+	(*Cluster_LbSubsetConfig_LbSubsetSelector)(nil),                             // 22: envoy.api.v2.Cluster.LbSubsetConfig.LbSubsetSelector
+	(*Cluster_CommonLbConfig_ZoneAwareLbConfig)(nil),                            // 23: envoy.api.v2.Cluster.CommonLbConfig.ZoneAwareLbConfig
+	(*Cluster_CommonLbConfig_LocalityWeightedLbConfig)(nil),                     // 24: envoy.api.v2.Cluster.CommonLbConfig.LocalityWeightedLbConfig
+	(*Cluster_CommonLbConfig_ConsistentHashingLbConfig)(nil),                    // 25: envoy.api.v2.Cluster.CommonLbConfig.ConsistentHashingLbConfig
+	(*LoadBalancingPolicy_Policy)(nil),                                          // 26: envoy.api.v2.LoadBalancingPolicy.Policy
+	(*duration.Duration)(nil),                                                   // 27: google.protobuf.Duration
+	(*wrappers.UInt32Value)(nil),                                                // 28: google.protobuf.UInt32Value
+	(*core.Address)(nil),                                                        // 29: envoy.api.v2.core.Address
+	(*ClusterLoadAssignment)(nil),                                               // 30: envoy.api.v2.ClusterLoadAssignment
+	(*core.HealthCheck)(nil),                                                    // 31: envoy.api.v2.core.HealthCheck
+	(*cluster.CircuitBreakers)(nil),                                             // 32: envoy.api.v2.cluster.CircuitBreakers
+	(*auth.UpstreamTlsContext)(nil),                                             // 33: envoy.api.v2.auth.UpstreamTlsContext
+	(*core.UpstreamHttpProtocolOptions)(nil),                                    // 34: envoy.api.v2.core.UpstreamHttpProtocolOptions
+	(*core.HttpProtocolOptions)(nil),                                            // 35: envoy.api.v2.core.HttpProtocolOptions
+	(*core.Http1ProtocolOptions)(nil),                                           // 36: envoy.api.v2.core.Http1ProtocolOptions
+	(*core.Http2ProtocolOptions)(nil),                                           // 37: envoy.api.v2.core.Http2ProtocolOptions
+	(*cluster.OutlierDetection)(nil),                                            // 38: envoy.api.v2.cluster.OutlierDetection
+	(*core.BindConfig)(nil),                                                     // 39: envoy.api.v2.core.BindConfig
+	(*core.TransportSocket)(nil),                                                // 40: envoy.api.v2.core.TransportSocket
+	(*core.Metadata)(nil),                                                       // 41: envoy.api.v2.core.Metadata
+	(*cluster.Filter)(nil),                                                      // 42: envoy.api.v2.cluster.Filter
+	(*core.ConfigSource)(nil),                                                   // 43: envoy.api.v2.core.ConfigSource
+	(*core.TcpKeepalive)(nil),                                                   // 44: envoy.api.v2.core.TcpKeepalive
+	(*_struct.Struct)(nil),                                                      // 45: google.protobuf.Struct
+	(*any.Any)(nil),                                                             // 46: google.protobuf.Any
+	(*wrappers.UInt64Value)(nil),                                                // 47: google.protobuf.UInt64Value
+	(*_type.Percent)(nil),                                                       // 48: envoy.type.Percent
+}
+var file_envoy_api_v2_cluster_proto_depIdxs = []int32{
+	11, // 0: envoy.api.v2.Cluster.transport_socket_matches:type_name -> envoy.api.v2.Cluster.TransportSocketMatch
+	0,  // 1: envoy.api.v2.Cluster.type:type_name -> envoy.api.v2.Cluster.DiscoveryType
+	12, // 2: envoy.api.v2.Cluster.cluster_type:type_name -> envoy.api.v2.Cluster.CustomClusterType
+	13, // 3: envoy.api.v2.Cluster.eds_cluster_config:type_name -> envoy.api.v2.Cluster.EdsClusterConfig
+	27, // 4: envoy.api.v2.Cluster.connect_timeout:type_name -> google.protobuf.Duration
+	28, // 5: envoy.api.v2.Cluster.per_connection_buffer_limit_bytes:type_name -> google.protobuf.UInt32Value
+	1,  // 6: envoy.api.v2.Cluster.lb_policy:type_name -> envoy.api.v2.Cluster.LbPolicy
+	29, // 7: envoy.api.v2.Cluster.hosts:type_name -> envoy.api.v2.core.Address
+	30, // 8: envoy.api.v2.Cluster.load_assignment:type_name -> envoy.api.v2.ClusterLoadAssignment
+	31, // 9: envoy.api.v2.Cluster.health_checks:type_name -> envoy.api.v2.core.HealthCheck
+	28, // 10: envoy.api.v2.Cluster.max_requests_per_connection:type_name -> google.protobuf.UInt32Value
+	32, // 11: envoy.api.v2.Cluster.circuit_breakers:type_name -> envoy.api.v2.cluster.CircuitBreakers
+	33, // 12: envoy.api.v2.Cluster.tls_context:type_name -> envoy.api.v2.auth.UpstreamTlsContext
+	34, // 13: envoy.api.v2.Cluster.upstream_http_protocol_options:type_name -> envoy.api.v2.core.UpstreamHttpProtocolOptions
+	35, // 14: envoy.api.v2.Cluster.common_http_protocol_options:type_name -> envoy.api.v2.core.HttpProtocolOptions
+	36, // 15: envoy.api.v2.Cluster.http_protocol_options:type_name -> envoy.api.v2.core.Http1ProtocolOptions
+	37, // 16: envoy.api.v2.Cluster.http2_protocol_options:type_name -> envoy.api.v2.core.Http2ProtocolOptions
+	20, // 17: envoy.api.v2.Cluster.extension_protocol_options:type_name -> envoy.api.v2.Cluster.ExtensionProtocolOptionsEntry
+	21, // 18: envoy.api.v2.Cluster.typed_extension_protocol_options:type_name -> envoy.api.v2.Cluster.TypedExtensionProtocolOptionsEntry
+	27, // 19: envoy.api.v2.Cluster.dns_refresh_rate:type_name -> google.protobuf.Duration
+	19, // 20: envoy.api.v2.Cluster.dns_failure_refresh_rate:type_name -> envoy.api.v2.Cluster.RefreshRate
+	2,  // 21: envoy.api.v2.Cluster.dns_lookup_family:type_name -> envoy.api.v2.Cluster.DnsLookupFamily
+	29, // 22: envoy.api.v2.Cluster.dns_resolvers:type_name -> envoy.api.v2.core.Address
+	38, // 23: envoy.api.v2.Cluster.outlier_detection:type_name -> envoy.api.v2.cluster.OutlierDetection
+	27, // 24: envoy.api.v2.Cluster.cleanup_interval:type_name -> google.protobuf.Duration
+	39, // 25: envoy.api.v2.Cluster.upstream_bind_config:type_name -> envoy.api.v2.core.BindConfig
+	14, // 26: envoy.api.v2.Cluster.lb_subset_config:type_name -> envoy.api.v2.Cluster.LbSubsetConfig
+	16, // 27: envoy.api.v2.Cluster.ring_hash_lb_config:type_name -> envoy.api.v2.Cluster.RingHashLbConfig
+	17, // 28: envoy.api.v2.Cluster.original_dst_lb_config:type_name -> envoy.api.v2.Cluster.OriginalDstLbConfig
+	15, // 29: envoy.api.v2.Cluster.least_request_lb_config:type_name -> envoy.api.v2.Cluster.LeastRequestLbConfig
+	18, // 30: envoy.api.v2.Cluster.common_lb_config:type_name -> envoy.api.v2.Cluster.CommonLbConfig
+	40, // 31: envoy.api.v2.Cluster.transport_socket:type_name -> envoy.api.v2.core.TransportSocket
+	41, // 32: envoy.api.v2.Cluster.metadata:type_name -> envoy.api.v2.core.Metadata
+	3,  // 33: envoy.api.v2.Cluster.protocol_selection:type_name -> envoy.api.v2.Cluster.ClusterProtocolSelection
+	10, // 34: envoy.api.v2.Cluster.upstream_connection_options:type_name -> envoy.api.v2.UpstreamConnectionOptions
+	42, // 35: envoy.api.v2.Cluster.filters:type_name -> envoy.api.v2.cluster.Filter
+	8,  // 36: envoy.api.v2.Cluster.load_balancing_policy:type_name -> envoy.api.v2.LoadBalancingPolicy
+	43, // 37: envoy.api.v2.Cluster.lrs_server:type_name -> envoy.api.v2.core.ConfigSource
+	26, // 38: envoy.api.v2.LoadBalancingPolicy.policies:type_name -> envoy.api.v2.LoadBalancingPolicy.Policy
+	29, // 39: envoy.api.v2.UpstreamBindConfig.source_address:type_name -> envoy.api.v2.core.Address
+	44, // 40: envoy.api.v2.UpstreamConnectionOptions.tcp_keepalive:type_name -> envoy.api.v2.core.TcpKeepalive
+	45, // 41: envoy.api.v2.Cluster.TransportSocketMatch.match:type_name -> google.protobuf.Struct
+	40, // 42: envoy.api.v2.Cluster.TransportSocketMatch.transport_socket:type_name -> envoy.api.v2.core.TransportSocket
+	46, // 43: envoy.api.v2.Cluster.CustomClusterType.typed_config:type_name -> google.protobuf.Any
+	43, // 44: envoy.api.v2.Cluster.EdsClusterConfig.eds_config:type_name -> envoy.api.v2.core.ConfigSource
+	4,  // 45: envoy.api.v2.Cluster.LbSubsetConfig.fallback_policy:type_name -> envoy.api.v2.Cluster.LbSubsetConfig.LbSubsetFallbackPolicy
+	45, // 46: envoy.api.v2.Cluster.LbSubsetConfig.default_subset:type_name -> google.protobuf.Struct
+	22, // 47: envoy.api.v2.Cluster.LbSubsetConfig.subset_selectors:type_name -> envoy.api.v2.Cluster.LbSubsetConfig.LbSubsetSelector
+	28, // 48: envoy.api.v2.Cluster.LeastRequestLbConfig.choice_count:type_name -> google.protobuf.UInt32Value
+	47, // 49: envoy.api.v2.Cluster.RingHashLbConfig.minimum_ring_size:type_name -> google.protobuf.UInt64Value
+	6,  // 50: envoy.api.v2.Cluster.RingHashLbConfig.hash_function:type_name -> envoy.api.v2.Cluster.RingHashLbConfig.HashFunction
+	47, // 51: envoy.api.v2.Cluster.RingHashLbConfig.maximum_ring_size:type_name -> google.protobuf.UInt64Value
+	48, // 52: envoy.api.v2.Cluster.CommonLbConfig.healthy_panic_threshold:type_name -> envoy.type.Percent
+	23, // 53: envoy.api.v2.Cluster.CommonLbConfig.zone_aware_lb_config:type_name -> envoy.api.v2.Cluster.CommonLbConfig.ZoneAwareLbConfig
+	24, // 54: envoy.api.v2.Cluster.CommonLbConfig.locality_weighted_lb_config:type_name -> envoy.api.v2.Cluster.CommonLbConfig.LocalityWeightedLbConfig
+	27, // 55: envoy.api.v2.Cluster.CommonLbConfig.update_merge_window:type_name -> google.protobuf.Duration
+	25, // 56: envoy.api.v2.Cluster.CommonLbConfig.consistent_hashing_lb_config:type_name -> envoy.api.v2.Cluster.CommonLbConfig.ConsistentHashingLbConfig
+	27, // 57: envoy.api.v2.Cluster.RefreshRate.base_interval:type_name -> google.protobuf.Duration
+	27, // 58: envoy.api.v2.Cluster.RefreshRate.max_interval:type_name -> google.protobuf.Duration
+	45, // 59: envoy.api.v2.Cluster.ExtensionProtocolOptionsEntry.value:type_name -> google.protobuf.Struct
+	46, // 60: envoy.api.v2.Cluster.TypedExtensionProtocolOptionsEntry.value:type_name -> google.protobuf.Any
+	5,  // 61: envoy.api.v2.Cluster.LbSubsetConfig.LbSubsetSelector.fallback_policy:type_name -> envoy.api.v2.Cluster.LbSubsetConfig.LbSubsetSelector.LbSubsetSelectorFallbackPolicy
+	48, // 62: envoy.api.v2.Cluster.CommonLbConfig.ZoneAwareLbConfig.routing_enabled:type_name -> envoy.type.Percent
+	47, // 63: envoy.api.v2.Cluster.CommonLbConfig.ZoneAwareLbConfig.min_cluster_size:type_name -> google.protobuf.UInt64Value
+	45, // 64: envoy.api.v2.LoadBalancingPolicy.Policy.config:type_name -> google.protobuf.Struct
+	46, // 65: envoy.api.v2.LoadBalancingPolicy.Policy.typed_config:type_name -> google.protobuf.Any
+	66, // [66:66] is the sub-list for method output_type
+	66, // [66:66] is the sub-list for method input_type
+	66, // [66:66] is the sub-list for extension type_name
+	66, // [66:66] is the sub-list for extension extendee
+	0,  // [0:66] is the sub-list for field type_name
+}
+
+func init() { file_envoy_api_v2_cluster_proto_init() }
+func file_envoy_api_v2_cluster_proto_init() {
+	if File_envoy_api_v2_cluster_proto != nil {
+		return
+	}
+	file_envoy_api_v2_endpoint_proto_init()
+	if !protoimpl.UnsafeEnabled {
+		file_envoy_api_v2_cluster_proto_msgTypes[0].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*Cluster); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_api_v2_cluster_proto_msgTypes[1].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*LoadBalancingPolicy); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_api_v2_cluster_proto_msgTypes[2].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*UpstreamBindConfig); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_api_v2_cluster_proto_msgTypes[3].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*UpstreamConnectionOptions); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_api_v2_cluster_proto_msgTypes[4].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*Cluster_TransportSocketMatch); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_api_v2_cluster_proto_msgTypes[5].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*Cluster_CustomClusterType); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_api_v2_cluster_proto_msgTypes[6].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*Cluster_EdsClusterConfig); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_api_v2_cluster_proto_msgTypes[7].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*Cluster_LbSubsetConfig); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_api_v2_cluster_proto_msgTypes[8].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*Cluster_LeastRequestLbConfig); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_api_v2_cluster_proto_msgTypes[9].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*Cluster_RingHashLbConfig); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_api_v2_cluster_proto_msgTypes[10].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*Cluster_OriginalDstLbConfig); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_api_v2_cluster_proto_msgTypes[11].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*Cluster_CommonLbConfig); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_api_v2_cluster_proto_msgTypes[12].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*Cluster_RefreshRate); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_api_v2_cluster_proto_msgTypes[15].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*Cluster_LbSubsetConfig_LbSubsetSelector); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_api_v2_cluster_proto_msgTypes[16].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*Cluster_CommonLbConfig_ZoneAwareLbConfig); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_api_v2_cluster_proto_msgTypes[17].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*Cluster_CommonLbConfig_LocalityWeightedLbConfig); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_api_v2_cluster_proto_msgTypes[18].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*Cluster_CommonLbConfig_ConsistentHashingLbConfig); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_api_v2_cluster_proto_msgTypes[19].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*LoadBalancingPolicy_Policy); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+	}
+	file_envoy_api_v2_cluster_proto_msgTypes[0].OneofWrappers = []interface{}{
+		(*Cluster_Type)(nil),
+		(*Cluster_ClusterType)(nil),
+		(*Cluster_RingHashLbConfig_)(nil),
+		(*Cluster_OriginalDstLbConfig_)(nil),
+		(*Cluster_LeastRequestLbConfig_)(nil),
+	}
+	file_envoy_api_v2_cluster_proto_msgTypes[11].OneofWrappers = []interface{}{
+		(*Cluster_CommonLbConfig_ZoneAwareLbConfig_)(nil),
+		(*Cluster_CommonLbConfig_LocalityWeightedLbConfig_)(nil),
+	}
+	type x struct{}
+	out := protoimpl.TypeBuilder{
+		File: protoimpl.DescBuilder{
+			GoPackagePath: reflect.TypeOf(x{}).PkgPath(),
+			RawDescriptor: file_envoy_api_v2_cluster_proto_rawDesc,
+			NumEnums:      7,
+			NumMessages:   20,
+			NumExtensions: 0,
+			NumServices:   0,
+		},
+		GoTypes:           file_envoy_api_v2_cluster_proto_goTypes,
+		DependencyIndexes: file_envoy_api_v2_cluster_proto_depIdxs,
+		EnumInfos:         file_envoy_api_v2_cluster_proto_enumTypes,
+		MessageInfos:      file_envoy_api_v2_cluster_proto_msgTypes,
+	}.Build()
+	File_envoy_api_v2_cluster_proto = out.File
+	file_envoy_api_v2_cluster_proto_rawDesc = nil
+	file_envoy_api_v2_cluster_proto_goTypes = nil
+	file_envoy_api_v2_cluster_proto_depIdxs = nil
+}
diff --git a/vendor/github.com/envoyproxy/go-control-plane/envoy/api/v2/cluster.pb.validate.go b/vendor/github.com/envoyproxy/go-control-plane/envoy/api/v2/cluster.pb.validate.go
new file mode 100644
index 00000000000..e952c46b7a3
--- /dev/null
+++ b/vendor/github.com/envoyproxy/go-control-plane/envoy/api/v2/cluster.pb.validate.go
@@ -0,0 +1,3738 @@
+// Code generated by protoc-gen-validate. DO NOT EDIT.
+// source: envoy/api/v2/cluster.proto
+
+package envoy_api_v2
+
+import (
+	"bytes"
+	"errors"
+	"fmt"
+	"net"
+	"net/mail"
+	"net/url"
+	"regexp"
+	"sort"
+	"strings"
+	"time"
+	"unicode/utf8"
+
+	"google.golang.org/protobuf/types/known/anypb"
+)
+
+// ensure the imports are used
+var (
+	_ = bytes.MinRead
+	_ = errors.New("")
+	_ = fmt.Print
+	_ = utf8.UTFMax
+	_ = (*regexp.Regexp)(nil)
+	_ = (*strings.Reader)(nil)
+	_ = net.IPv4len
+	_ = time.Duration(0)
+	_ = (*url.URL)(nil)
+	_ = (*mail.Address)(nil)
+	_ = anypb.Any{}
+	_ = sort.Sort
+)
+
+// Validate checks the field values on Cluster with the rules defined in the
+// proto definition for this message. If any rules are violated, the first
+// error encountered is returned, or nil if there are no violations.
+func (m *Cluster) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on Cluster with the rules defined in the
+// proto definition for this message. If any rules are violated, the result is
+// a list of violation errors wrapped in ClusterMultiError, or nil if none found.
+func (m *Cluster) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *Cluster) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	for idx, item := range m.GetTransportSocketMatches() {
+		_, _ = idx, item
+
+		if all {
+			switch v := interface{}(item).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, ClusterValidationError{
+						field:  fmt.Sprintf("TransportSocketMatches[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, ClusterValidationError{
+						field:  fmt.Sprintf("TransportSocketMatches[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(item).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return ClusterValidationError{
+					field:  fmt.Sprintf("TransportSocketMatches[%v]", idx),
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	}
+
+	if len(m.GetName()) < 1 {
+		err := ClusterValidationError{
+			field:  "Name",
+			reason: "value length must be at least 1 bytes",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+	}
+
+	// no validation rules for AltStatName
+
+	if all {
+		switch v := interface{}(m.GetEdsClusterConfig()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, ClusterValidationError{
+					field:  "EdsClusterConfig",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, ClusterValidationError{
+					field:  "EdsClusterConfig",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetEdsClusterConfig()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return ClusterValidationError{
+				field:  "EdsClusterConfig",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if d := m.GetConnectTimeout(); d != nil {
+		dur, err := d.AsDuration(), d.CheckValid()
+		if err != nil {
+			err = ClusterValidationError{
+				field:  "ConnectTimeout",
+				reason: "value is not a valid duration",
+				cause:  err,
+			}
+			if !all {
+				return err
+			}
+			errors = append(errors, err)
+		} else {
+
+			gt := time.Duration(0*time.Second + 0*time.Nanosecond)
+
+			if dur <= gt {
+				err := ClusterValidationError{
+					field:  "ConnectTimeout",
+					reason: "value must be greater than 0s",
+				}
+				if !all {
+					return err
+				}
+				errors = append(errors, err)
+			}
+
+		}
+	}
+
+	if all {
+		switch v := interface{}(m.GetPerConnectionBufferLimitBytes()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, ClusterValidationError{
+					field:  "PerConnectionBufferLimitBytes",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, ClusterValidationError{
+					field:  "PerConnectionBufferLimitBytes",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetPerConnectionBufferLimitBytes()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return ClusterValidationError{
+				field:  "PerConnectionBufferLimitBytes",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if _, ok := Cluster_LbPolicy_name[int32(m.GetLbPolicy())]; !ok {
+		err := ClusterValidationError{
+			field:  "LbPolicy",
+			reason: "value must be one of the defined enum values",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+	}
+
+	for idx, item := range m.GetHosts() {
+		_, _ = idx, item
+
+		if all {
+			switch v := interface{}(item).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, ClusterValidationError{
+						field:  fmt.Sprintf("Hosts[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, ClusterValidationError{
+						field:  fmt.Sprintf("Hosts[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(item).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return ClusterValidationError{
+					field:  fmt.Sprintf("Hosts[%v]", idx),
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	}
+
+	if all {
+		switch v := interface{}(m.GetLoadAssignment()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, ClusterValidationError{
+					field:  "LoadAssignment",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, ClusterValidationError{
+					field:  "LoadAssignment",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetLoadAssignment()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return ClusterValidationError{
+				field:  "LoadAssignment",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	for idx, item := range m.GetHealthChecks() {
+		_, _ = idx, item
+
+		if all {
+			switch v := interface{}(item).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, ClusterValidationError{
+						field:  fmt.Sprintf("HealthChecks[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, ClusterValidationError{
+						field:  fmt.Sprintf("HealthChecks[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(item).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return ClusterValidationError{
+					field:  fmt.Sprintf("HealthChecks[%v]", idx),
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	}
+
+	if all {
+		switch v := interface{}(m.GetMaxRequestsPerConnection()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, ClusterValidationError{
+					field:  "MaxRequestsPerConnection",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, ClusterValidationError{
+					field:  "MaxRequestsPerConnection",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetMaxRequestsPerConnection()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return ClusterValidationError{
+				field:  "MaxRequestsPerConnection",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if all {
+		switch v := interface{}(m.GetCircuitBreakers()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, ClusterValidationError{
+					field:  "CircuitBreakers",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, ClusterValidationError{
+					field:  "CircuitBreakers",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetCircuitBreakers()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return ClusterValidationError{
+				field:  "CircuitBreakers",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if all {
+		switch v := interface{}(m.GetTlsContext()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, ClusterValidationError{
+					field:  "TlsContext",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, ClusterValidationError{
+					field:  "TlsContext",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetTlsContext()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return ClusterValidationError{
+				field:  "TlsContext",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if all {
+		switch v := interface{}(m.GetUpstreamHttpProtocolOptions()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, ClusterValidationError{
+					field:  "UpstreamHttpProtocolOptions",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, ClusterValidationError{
+					field:  "UpstreamHttpProtocolOptions",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetUpstreamHttpProtocolOptions()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return ClusterValidationError{
+				field:  "UpstreamHttpProtocolOptions",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if all {
+		switch v := interface{}(m.GetCommonHttpProtocolOptions()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, ClusterValidationError{
+					field:  "CommonHttpProtocolOptions",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, ClusterValidationError{
+					field:  "CommonHttpProtocolOptions",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetCommonHttpProtocolOptions()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return ClusterValidationError{
+				field:  "CommonHttpProtocolOptions",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if all {
+		switch v := interface{}(m.GetHttpProtocolOptions()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, ClusterValidationError{
+					field:  "HttpProtocolOptions",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, ClusterValidationError{
+					field:  "HttpProtocolOptions",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetHttpProtocolOptions()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return ClusterValidationError{
+				field:  "HttpProtocolOptions",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if all {
+		switch v := interface{}(m.GetHttp2ProtocolOptions()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, ClusterValidationError{
+					field:  "Http2ProtocolOptions",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, ClusterValidationError{
+					field:  "Http2ProtocolOptions",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetHttp2ProtocolOptions()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return ClusterValidationError{
+				field:  "Http2ProtocolOptions",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	{
+		sorted_keys := make([]string, len(m.GetExtensionProtocolOptions()))
+		i := 0
+		for key := range m.GetExtensionProtocolOptions() {
+			sorted_keys[i] = key
+			i++
+		}
+		sort.Slice(sorted_keys, func(i, j int) bool { return sorted_keys[i] < sorted_keys[j] })
+		for _, key := range sorted_keys {
+			val := m.GetExtensionProtocolOptions()[key]
+			_ = val
+
+			// no validation rules for ExtensionProtocolOptions[key]
+
+			if all {
+				switch v := interface{}(val).(type) {
+				case interface{ ValidateAll() error }:
+					if err := v.ValidateAll(); err != nil {
+						errors = append(errors, ClusterValidationError{
+							field:  fmt.Sprintf("ExtensionProtocolOptions[%v]", key),
+							reason: "embedded message failed validation",
+							cause:  err,
+						})
+					}
+				case interface{ Validate() error }:
+					if err := v.Validate(); err != nil {
+						errors = append(errors, ClusterValidationError{
+							field:  fmt.Sprintf("ExtensionProtocolOptions[%v]", key),
+							reason: "embedded message failed validation",
+							cause:  err,
+						})
+					}
+				}
+			} else if v, ok := interface{}(val).(interface{ Validate() error }); ok {
+				if err := v.Validate(); err != nil {
+					return ClusterValidationError{
+						field:  fmt.Sprintf("ExtensionProtocolOptions[%v]", key),
+						reason: "embedded message failed validation",
+						cause:  err,
+					}
+				}
+			}
+
+		}
+	}
+
+	{
+		sorted_keys := make([]string, len(m.GetTypedExtensionProtocolOptions()))
+		i := 0
+		for key := range m.GetTypedExtensionProtocolOptions() {
+			sorted_keys[i] = key
+			i++
+		}
+		sort.Slice(sorted_keys, func(i, j int) bool { return sorted_keys[i] < sorted_keys[j] })
+		for _, key := range sorted_keys {
+			val := m.GetTypedExtensionProtocolOptions()[key]
+			_ = val
+
+			// no validation rules for TypedExtensionProtocolOptions[key]
+
+			if all {
+				switch v := interface{}(val).(type) {
+				case interface{ ValidateAll() error }:
+					if err := v.ValidateAll(); err != nil {
+						errors = append(errors, ClusterValidationError{
+							field:  fmt.Sprintf("TypedExtensionProtocolOptions[%v]", key),
+							reason: "embedded message failed validation",
+							cause:  err,
+						})
+					}
+				case interface{ Validate() error }:
+					if err := v.Validate(); err != nil {
+						errors = append(errors, ClusterValidationError{
+							field:  fmt.Sprintf("TypedExtensionProtocolOptions[%v]", key),
+							reason: "embedded message failed validation",
+							cause:  err,
+						})
+					}
+				}
+			} else if v, ok := interface{}(val).(interface{ Validate() error }); ok {
+				if err := v.Validate(); err != nil {
+					return ClusterValidationError{
+						field:  fmt.Sprintf("TypedExtensionProtocolOptions[%v]", key),
+						reason: "embedded message failed validation",
+						cause:  err,
+					}
+				}
+			}
+
+		}
+	}
+
+	if d := m.GetDnsRefreshRate(); d != nil {
+		dur, err := d.AsDuration(), d.CheckValid()
+		if err != nil {
+			err = ClusterValidationError{
+				field:  "DnsRefreshRate",
+				reason: "value is not a valid duration",
+				cause:  err,
+			}
+			if !all {
+				return err
+			}
+			errors = append(errors, err)
+		} else {
+
+			gt := time.Duration(0*time.Second + 1000000*time.Nanosecond)
+
+			if dur <= gt {
+				err := ClusterValidationError{
+					field:  "DnsRefreshRate",
+					reason: "value must be greater than 1ms",
+				}
+				if !all {
+					return err
+				}
+				errors = append(errors, err)
+			}
+
+		}
+	}
+
+	if all {
+		switch v := interface{}(m.GetDnsFailureRefreshRate()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, ClusterValidationError{
+					field:  "DnsFailureRefreshRate",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, ClusterValidationError{
+					field:  "DnsFailureRefreshRate",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetDnsFailureRefreshRate()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return ClusterValidationError{
+				field:  "DnsFailureRefreshRate",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	// no validation rules for RespectDnsTtl
+
+	if _, ok := Cluster_DnsLookupFamily_name[int32(m.GetDnsLookupFamily())]; !ok {
+		err := ClusterValidationError{
+			field:  "DnsLookupFamily",
+			reason: "value must be one of the defined enum values",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+	}
+
+	for idx, item := range m.GetDnsResolvers() {
+		_, _ = idx, item
+
+		if all {
+			switch v := interface{}(item).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, ClusterValidationError{
+						field:  fmt.Sprintf("DnsResolvers[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, ClusterValidationError{
+						field:  fmt.Sprintf("DnsResolvers[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(item).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return ClusterValidationError{
+					field:  fmt.Sprintf("DnsResolvers[%v]", idx),
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	}
+
+	// no validation rules for UseTcpForDnsLookups
+
+	if all {
+		switch v := interface{}(m.GetOutlierDetection()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, ClusterValidationError{
+					field:  "OutlierDetection",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, ClusterValidationError{
+					field:  "OutlierDetection",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetOutlierDetection()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return ClusterValidationError{
+				field:  "OutlierDetection",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if d := m.GetCleanupInterval(); d != nil {
+		dur, err := d.AsDuration(), d.CheckValid()
+		if err != nil {
+			err = ClusterValidationError{
+				field:  "CleanupInterval",
+				reason: "value is not a valid duration",
+				cause:  err,
+			}
+			if !all {
+				return err
+			}
+			errors = append(errors, err)
+		} else {
+
+			gt := time.Duration(0*time.Second + 0*time.Nanosecond)
+
+			if dur <= gt {
+				err := ClusterValidationError{
+					field:  "CleanupInterval",
+					reason: "value must be greater than 0s",
+				}
+				if !all {
+					return err
+				}
+				errors = append(errors, err)
+			}
+
+		}
+	}
+
+	if all {
+		switch v := interface{}(m.GetUpstreamBindConfig()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, ClusterValidationError{
+					field:  "UpstreamBindConfig",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, ClusterValidationError{
+					field:  "UpstreamBindConfig",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetUpstreamBindConfig()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return ClusterValidationError{
+				field:  "UpstreamBindConfig",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if all {
+		switch v := interface{}(m.GetLbSubsetConfig()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, ClusterValidationError{
+					field:  "LbSubsetConfig",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, ClusterValidationError{
+					field:  "LbSubsetConfig",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetLbSubsetConfig()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return ClusterValidationError{
+				field:  "LbSubsetConfig",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if all {
+		switch v := interface{}(m.GetCommonLbConfig()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, ClusterValidationError{
+					field:  "CommonLbConfig",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, ClusterValidationError{
+					field:  "CommonLbConfig",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetCommonLbConfig()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return ClusterValidationError{
+				field:  "CommonLbConfig",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if all {
+		switch v := interface{}(m.GetTransportSocket()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, ClusterValidationError{
+					field:  "TransportSocket",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, ClusterValidationError{
+					field:  "TransportSocket",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetTransportSocket()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return ClusterValidationError{
+				field:  "TransportSocket",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if all {
+		switch v := interface{}(m.GetMetadata()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, ClusterValidationError{
+					field:  "Metadata",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, ClusterValidationError{
+					field:  "Metadata",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetMetadata()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return ClusterValidationError{
+				field:  "Metadata",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	// no validation rules for ProtocolSelection
+
+	if all {
+		switch v := interface{}(m.GetUpstreamConnectionOptions()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, ClusterValidationError{
+					field:  "UpstreamConnectionOptions",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, ClusterValidationError{
+					field:  "UpstreamConnectionOptions",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetUpstreamConnectionOptions()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return ClusterValidationError{
+				field:  "UpstreamConnectionOptions",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	// no validation rules for CloseConnectionsOnHostHealthFailure
+
+	// no validation rules for DrainConnectionsOnHostRemoval
+
+	for idx, item := range m.GetFilters() {
+		_, _ = idx, item
+
+		if all {
+			switch v := interface{}(item).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, ClusterValidationError{
+						field:  fmt.Sprintf("Filters[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, ClusterValidationError{
+						field:  fmt.Sprintf("Filters[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(item).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return ClusterValidationError{
+					field:  fmt.Sprintf("Filters[%v]", idx),
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	}
+
+	if all {
+		switch v := interface{}(m.GetLoadBalancingPolicy()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, ClusterValidationError{
+					field:  "LoadBalancingPolicy",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, ClusterValidationError{
+					field:  "LoadBalancingPolicy",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetLoadBalancingPolicy()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return ClusterValidationError{
+				field:  "LoadBalancingPolicy",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if all {
+		switch v := interface{}(m.GetLrsServer()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, ClusterValidationError{
+					field:  "LrsServer",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, ClusterValidationError{
+					field:  "LrsServer",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetLrsServer()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return ClusterValidationError{
+				field:  "LrsServer",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	// no validation rules for TrackTimeoutBudgets
+
+	switch m.ClusterDiscoveryType.(type) {
+
+	case *Cluster_Type:
+
+		if _, ok := Cluster_DiscoveryType_name[int32(m.GetType())]; !ok {
+			err := ClusterValidationError{
+				field:  "Type",
+				reason: "value must be one of the defined enum values",
+			}
+			if !all {
+				return err
+			}
+			errors = append(errors, err)
+		}
+
+	case *Cluster_ClusterType:
+
+		if all {
+			switch v := interface{}(m.GetClusterType()).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, ClusterValidationError{
+						field:  "ClusterType",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, ClusterValidationError{
+						field:  "ClusterType",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(m.GetClusterType()).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return ClusterValidationError{
+					field:  "ClusterType",
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	}
+
+	switch m.LbConfig.(type) {
+
+	case *Cluster_RingHashLbConfig_:
+
+		if all {
+			switch v := interface{}(m.GetRingHashLbConfig()).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, ClusterValidationError{
+						field:  "RingHashLbConfig",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, ClusterValidationError{
+						field:  "RingHashLbConfig",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(m.GetRingHashLbConfig()).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return ClusterValidationError{
+					field:  "RingHashLbConfig",
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	case *Cluster_OriginalDstLbConfig_:
+
+		if all {
+			switch v := interface{}(m.GetOriginalDstLbConfig()).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, ClusterValidationError{
+						field:  "OriginalDstLbConfig",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, ClusterValidationError{
+						field:  "OriginalDstLbConfig",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(m.GetOriginalDstLbConfig()).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return ClusterValidationError{
+					field:  "OriginalDstLbConfig",
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	case *Cluster_LeastRequestLbConfig_:
+
+		if all {
+			switch v := interface{}(m.GetLeastRequestLbConfig()).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, ClusterValidationError{
+						field:  "LeastRequestLbConfig",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, ClusterValidationError{
+						field:  "LeastRequestLbConfig",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(m.GetLeastRequestLbConfig()).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return ClusterValidationError{
+					field:  "LeastRequestLbConfig",
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	}
+
+	if len(errors) > 0 {
+		return ClusterMultiError(errors)
+	}
+	return nil
+}
+
+// ClusterMultiError is an error wrapping multiple validation errors returned
+// by Cluster.ValidateAll() if the designated constraints aren't met.
+type ClusterMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m ClusterMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m ClusterMultiError) AllErrors() []error { return m }
+
+// ClusterValidationError is the validation error returned by Cluster.Validate
+// if the designated constraints aren't met.
+type ClusterValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e ClusterValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e ClusterValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e ClusterValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e ClusterValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e ClusterValidationError) ErrorName() string { return "ClusterValidationError" }
+
+// Error satisfies the builtin error interface
+func (e ClusterValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sCluster.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = ClusterValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = ClusterValidationError{}
+
+// Validate checks the field values on LoadBalancingPolicy with the rules
+// defined in the proto definition for this message. If any rules are
+// violated, the first error encountered is returned, or nil if there are no violations.
+func (m *LoadBalancingPolicy) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on LoadBalancingPolicy with the rules
+// defined in the proto definition for this message. If any rules are
+// violated, the result is a list of violation errors wrapped in
+// LoadBalancingPolicyMultiError, or nil if none found.
+func (m *LoadBalancingPolicy) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *LoadBalancingPolicy) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	for idx, item := range m.GetPolicies() {
+		_, _ = idx, item
+
+		if all {
+			switch v := interface{}(item).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, LoadBalancingPolicyValidationError{
+						field:  fmt.Sprintf("Policies[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, LoadBalancingPolicyValidationError{
+						field:  fmt.Sprintf("Policies[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(item).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return LoadBalancingPolicyValidationError{
+					field:  fmt.Sprintf("Policies[%v]", idx),
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	}
+
+	if len(errors) > 0 {
+		return LoadBalancingPolicyMultiError(errors)
+	}
+	return nil
+}
+
+// LoadBalancingPolicyMultiError is an error wrapping multiple validation
+// errors returned by LoadBalancingPolicy.ValidateAll() if the designated
+// constraints aren't met.
+type LoadBalancingPolicyMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m LoadBalancingPolicyMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m LoadBalancingPolicyMultiError) AllErrors() []error { return m }
+
+// LoadBalancingPolicyValidationError is the validation error returned by
+// LoadBalancingPolicy.Validate if the designated constraints aren't met.
+type LoadBalancingPolicyValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e LoadBalancingPolicyValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e LoadBalancingPolicyValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e LoadBalancingPolicyValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e LoadBalancingPolicyValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e LoadBalancingPolicyValidationError) ErrorName() string {
+	return "LoadBalancingPolicyValidationError"
+}
+
+// Error satisfies the builtin error interface
+func (e LoadBalancingPolicyValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sLoadBalancingPolicy.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = LoadBalancingPolicyValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = LoadBalancingPolicyValidationError{}
+
+// Validate checks the field values on UpstreamBindConfig with the rules
+// defined in the proto definition for this message. If any rules are
+// violated, the first error encountered is returned, or nil if there are no violations.
+func (m *UpstreamBindConfig) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on UpstreamBindConfig with the rules
+// defined in the proto definition for this message. If any rules are
+// violated, the result is a list of violation errors wrapped in
+// UpstreamBindConfigMultiError, or nil if none found.
+func (m *UpstreamBindConfig) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *UpstreamBindConfig) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	if all {
+		switch v := interface{}(m.GetSourceAddress()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, UpstreamBindConfigValidationError{
+					field:  "SourceAddress",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, UpstreamBindConfigValidationError{
+					field:  "SourceAddress",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetSourceAddress()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return UpstreamBindConfigValidationError{
+				field:  "SourceAddress",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if len(errors) > 0 {
+		return UpstreamBindConfigMultiError(errors)
+	}
+	return nil
+}
+
+// UpstreamBindConfigMultiError is an error wrapping multiple validation errors
+// returned by UpstreamBindConfig.ValidateAll() if the designated constraints
+// aren't met.
+type UpstreamBindConfigMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m UpstreamBindConfigMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m UpstreamBindConfigMultiError) AllErrors() []error { return m }
+
+// UpstreamBindConfigValidationError is the validation error returned by
+// UpstreamBindConfig.Validate if the designated constraints aren't met.
+type UpstreamBindConfigValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e UpstreamBindConfigValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e UpstreamBindConfigValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e UpstreamBindConfigValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e UpstreamBindConfigValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e UpstreamBindConfigValidationError) ErrorName() string {
+	return "UpstreamBindConfigValidationError"
+}
+
+// Error satisfies the builtin error interface
+func (e UpstreamBindConfigValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sUpstreamBindConfig.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = UpstreamBindConfigValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = UpstreamBindConfigValidationError{}
+
+// Validate checks the field values on UpstreamConnectionOptions with the rules
+// defined in the proto definition for this message. If any rules are
+// violated, the first error encountered is returned, or nil if there are no violations.
+func (m *UpstreamConnectionOptions) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on UpstreamConnectionOptions with the
+// rules defined in the proto definition for this message. If any rules are
+// violated, the result is a list of violation errors wrapped in
+// UpstreamConnectionOptionsMultiError, or nil if none found.
+func (m *UpstreamConnectionOptions) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *UpstreamConnectionOptions) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	if all {
+		switch v := interface{}(m.GetTcpKeepalive()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, UpstreamConnectionOptionsValidationError{
+					field:  "TcpKeepalive",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, UpstreamConnectionOptionsValidationError{
+					field:  "TcpKeepalive",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetTcpKeepalive()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return UpstreamConnectionOptionsValidationError{
+				field:  "TcpKeepalive",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if len(errors) > 0 {
+		return UpstreamConnectionOptionsMultiError(errors)
+	}
+	return nil
+}
+
+// UpstreamConnectionOptionsMultiError is an error wrapping multiple validation
+// errors returned by UpstreamConnectionOptions.ValidateAll() if the
+// designated constraints aren't met.
+type UpstreamConnectionOptionsMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m UpstreamConnectionOptionsMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m UpstreamConnectionOptionsMultiError) AllErrors() []error { return m }
+
+// UpstreamConnectionOptionsValidationError is the validation error returned by
+// UpstreamConnectionOptions.Validate if the designated constraints aren't met.
+type UpstreamConnectionOptionsValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e UpstreamConnectionOptionsValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e UpstreamConnectionOptionsValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e UpstreamConnectionOptionsValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e UpstreamConnectionOptionsValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e UpstreamConnectionOptionsValidationError) ErrorName() string {
+	return "UpstreamConnectionOptionsValidationError"
+}
+
+// Error satisfies the builtin error interface
+func (e UpstreamConnectionOptionsValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sUpstreamConnectionOptions.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = UpstreamConnectionOptionsValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = UpstreamConnectionOptionsValidationError{}
+
+// Validate checks the field values on Cluster_TransportSocketMatch with the
+// rules defined in the proto definition for this message. If any rules are
+// violated, the first error encountered is returned, or nil if there are no violations.
+func (m *Cluster_TransportSocketMatch) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on Cluster_TransportSocketMatch with the
+// rules defined in the proto definition for this message. If any rules are
+// violated, the result is a list of violation errors wrapped in
+// Cluster_TransportSocketMatchMultiError, or nil if none found.
+func (m *Cluster_TransportSocketMatch) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *Cluster_TransportSocketMatch) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	if utf8.RuneCountInString(m.GetName()) < 1 {
+		err := Cluster_TransportSocketMatchValidationError{
+			field:  "Name",
+			reason: "value length must be at least 1 runes",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+	}
+
+	if all {
+		switch v := interface{}(m.GetMatch()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, Cluster_TransportSocketMatchValidationError{
+					field:  "Match",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, Cluster_TransportSocketMatchValidationError{
+					field:  "Match",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetMatch()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return Cluster_TransportSocketMatchValidationError{
+				field:  "Match",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if all {
+		switch v := interface{}(m.GetTransportSocket()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, Cluster_TransportSocketMatchValidationError{
+					field:  "TransportSocket",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, Cluster_TransportSocketMatchValidationError{
+					field:  "TransportSocket",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetTransportSocket()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return Cluster_TransportSocketMatchValidationError{
+				field:  "TransportSocket",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if len(errors) > 0 {
+		return Cluster_TransportSocketMatchMultiError(errors)
+	}
+	return nil
+}
+
+// Cluster_TransportSocketMatchMultiError is an error wrapping multiple
+// validation errors returned by Cluster_TransportSocketMatch.ValidateAll() if
+// the designated constraints aren't met.
+type Cluster_TransportSocketMatchMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m Cluster_TransportSocketMatchMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m Cluster_TransportSocketMatchMultiError) AllErrors() []error { return m }
+
+// Cluster_TransportSocketMatchValidationError is the validation error returned
+// by Cluster_TransportSocketMatch.Validate if the designated constraints
+// aren't met.
+type Cluster_TransportSocketMatchValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e Cluster_TransportSocketMatchValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e Cluster_TransportSocketMatchValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e Cluster_TransportSocketMatchValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e Cluster_TransportSocketMatchValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e Cluster_TransportSocketMatchValidationError) ErrorName() string {
+	return "Cluster_TransportSocketMatchValidationError"
+}
+
+// Error satisfies the builtin error interface
+func (e Cluster_TransportSocketMatchValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sCluster_TransportSocketMatch.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = Cluster_TransportSocketMatchValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = Cluster_TransportSocketMatchValidationError{}
+
+// Validate checks the field values on Cluster_CustomClusterType with the rules
+// defined in the proto definition for this message. If any rules are
+// violated, the first error encountered is returned, or nil if there are no violations.
+func (m *Cluster_CustomClusterType) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on Cluster_CustomClusterType with the
+// rules defined in the proto definition for this message. If any rules are
+// violated, the result is a list of violation errors wrapped in
+// Cluster_CustomClusterTypeMultiError, or nil if none found.
+func (m *Cluster_CustomClusterType) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *Cluster_CustomClusterType) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	if len(m.GetName()) < 1 {
+		err := Cluster_CustomClusterTypeValidationError{
+			field:  "Name",
+			reason: "value length must be at least 1 bytes",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+	}
+
+	if all {
+		switch v := interface{}(m.GetTypedConfig()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, Cluster_CustomClusterTypeValidationError{
+					field:  "TypedConfig",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, Cluster_CustomClusterTypeValidationError{
+					field:  "TypedConfig",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetTypedConfig()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return Cluster_CustomClusterTypeValidationError{
+				field:  "TypedConfig",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if len(errors) > 0 {
+		return Cluster_CustomClusterTypeMultiError(errors)
+	}
+	return nil
+}
+
+// Cluster_CustomClusterTypeMultiError is an error wrapping multiple validation
+// errors returned by Cluster_CustomClusterType.ValidateAll() if the
+// designated constraints aren't met.
+type Cluster_CustomClusterTypeMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m Cluster_CustomClusterTypeMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m Cluster_CustomClusterTypeMultiError) AllErrors() []error { return m }
+
+// Cluster_CustomClusterTypeValidationError is the validation error returned by
+// Cluster_CustomClusterType.Validate if the designated constraints aren't met.
+type Cluster_CustomClusterTypeValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e Cluster_CustomClusterTypeValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e Cluster_CustomClusterTypeValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e Cluster_CustomClusterTypeValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e Cluster_CustomClusterTypeValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e Cluster_CustomClusterTypeValidationError) ErrorName() string {
+	return "Cluster_CustomClusterTypeValidationError"
+}
+
+// Error satisfies the builtin error interface
+func (e Cluster_CustomClusterTypeValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sCluster_CustomClusterType.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = Cluster_CustomClusterTypeValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = Cluster_CustomClusterTypeValidationError{}
+
+// Validate checks the field values on Cluster_EdsClusterConfig with the rules
+// defined in the proto definition for this message. If any rules are
+// violated, the first error encountered is returned, or nil if there are no violations.
+func (m *Cluster_EdsClusterConfig) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on Cluster_EdsClusterConfig with the
+// rules defined in the proto definition for this message. If any rules are
+// violated, the result is a list of violation errors wrapped in
+// Cluster_EdsClusterConfigMultiError, or nil if none found.
+func (m *Cluster_EdsClusterConfig) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *Cluster_EdsClusterConfig) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	if all {
+		switch v := interface{}(m.GetEdsConfig()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, Cluster_EdsClusterConfigValidationError{
+					field:  "EdsConfig",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, Cluster_EdsClusterConfigValidationError{
+					field:  "EdsConfig",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetEdsConfig()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return Cluster_EdsClusterConfigValidationError{
+				field:  "EdsConfig",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	// no validation rules for ServiceName
+
+	if len(errors) > 0 {
+		return Cluster_EdsClusterConfigMultiError(errors)
+	}
+	return nil
+}
+
+// Cluster_EdsClusterConfigMultiError is an error wrapping multiple validation
+// errors returned by Cluster_EdsClusterConfig.ValidateAll() if the designated
+// constraints aren't met.
+type Cluster_EdsClusterConfigMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m Cluster_EdsClusterConfigMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m Cluster_EdsClusterConfigMultiError) AllErrors() []error { return m }
+
+// Cluster_EdsClusterConfigValidationError is the validation error returned by
+// Cluster_EdsClusterConfig.Validate if the designated constraints aren't met.
+type Cluster_EdsClusterConfigValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e Cluster_EdsClusterConfigValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e Cluster_EdsClusterConfigValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e Cluster_EdsClusterConfigValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e Cluster_EdsClusterConfigValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e Cluster_EdsClusterConfigValidationError) ErrorName() string {
+	return "Cluster_EdsClusterConfigValidationError"
+}
+
+// Error satisfies the builtin error interface
+func (e Cluster_EdsClusterConfigValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sCluster_EdsClusterConfig.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = Cluster_EdsClusterConfigValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = Cluster_EdsClusterConfigValidationError{}
+
+// Validate checks the field values on Cluster_LbSubsetConfig with the rules
+// defined in the proto definition for this message. If any rules are
+// violated, the first error encountered is returned, or nil if there are no violations.
+func (m *Cluster_LbSubsetConfig) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on Cluster_LbSubsetConfig with the rules
+// defined in the proto definition for this message. If any rules are
+// violated, the result is a list of violation errors wrapped in
+// Cluster_LbSubsetConfigMultiError, or nil if none found.
+func (m *Cluster_LbSubsetConfig) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *Cluster_LbSubsetConfig) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	if _, ok := Cluster_LbSubsetConfig_LbSubsetFallbackPolicy_name[int32(m.GetFallbackPolicy())]; !ok {
+		err := Cluster_LbSubsetConfigValidationError{
+			field:  "FallbackPolicy",
+			reason: "value must be one of the defined enum values",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+	}
+
+	if all {
+		switch v := interface{}(m.GetDefaultSubset()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, Cluster_LbSubsetConfigValidationError{
+					field:  "DefaultSubset",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, Cluster_LbSubsetConfigValidationError{
+					field:  "DefaultSubset",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetDefaultSubset()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return Cluster_LbSubsetConfigValidationError{
+				field:  "DefaultSubset",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	for idx, item := range m.GetSubsetSelectors() {
+		_, _ = idx, item
+
+		if all {
+			switch v := interface{}(item).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, Cluster_LbSubsetConfigValidationError{
+						field:  fmt.Sprintf("SubsetSelectors[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, Cluster_LbSubsetConfigValidationError{
+						field:  fmt.Sprintf("SubsetSelectors[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(item).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return Cluster_LbSubsetConfigValidationError{
+					field:  fmt.Sprintf("SubsetSelectors[%v]", idx),
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	}
+
+	// no validation rules for LocalityWeightAware
+
+	// no validation rules for ScaleLocalityWeight
+
+	// no validation rules for PanicModeAny
+
+	// no validation rules for ListAsAny
+
+	if len(errors) > 0 {
+		return Cluster_LbSubsetConfigMultiError(errors)
+	}
+	return nil
+}
+
+// Cluster_LbSubsetConfigMultiError is an error wrapping multiple validation
+// errors returned by Cluster_LbSubsetConfig.ValidateAll() if the designated
+// constraints aren't met.
+type Cluster_LbSubsetConfigMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m Cluster_LbSubsetConfigMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m Cluster_LbSubsetConfigMultiError) AllErrors() []error { return m }
+
+// Cluster_LbSubsetConfigValidationError is the validation error returned by
+// Cluster_LbSubsetConfig.Validate if the designated constraints aren't met.
+type Cluster_LbSubsetConfigValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e Cluster_LbSubsetConfigValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e Cluster_LbSubsetConfigValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e Cluster_LbSubsetConfigValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e Cluster_LbSubsetConfigValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e Cluster_LbSubsetConfigValidationError) ErrorName() string {
+	return "Cluster_LbSubsetConfigValidationError"
+}
+
+// Error satisfies the builtin error interface
+func (e Cluster_LbSubsetConfigValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sCluster_LbSubsetConfig.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = Cluster_LbSubsetConfigValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = Cluster_LbSubsetConfigValidationError{}
+
+// Validate checks the field values on Cluster_LeastRequestLbConfig with the
+// rules defined in the proto definition for this message. If any rules are
+// violated, the first error encountered is returned, or nil if there are no violations.
+func (m *Cluster_LeastRequestLbConfig) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on Cluster_LeastRequestLbConfig with the
+// rules defined in the proto definition for this message. If any rules are
+// violated, the result is a list of violation errors wrapped in
+// Cluster_LeastRequestLbConfigMultiError, or nil if none found.
+func (m *Cluster_LeastRequestLbConfig) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *Cluster_LeastRequestLbConfig) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	if wrapper := m.GetChoiceCount(); wrapper != nil {
+
+		if wrapper.GetValue() < 2 {
+			err := Cluster_LeastRequestLbConfigValidationError{
+				field:  "ChoiceCount",
+				reason: "value must be greater than or equal to 2",
+			}
+			if !all {
+				return err
+			}
+			errors = append(errors, err)
+		}
+
+	}
+
+	if len(errors) > 0 {
+		return Cluster_LeastRequestLbConfigMultiError(errors)
+	}
+	return nil
+}
+
+// Cluster_LeastRequestLbConfigMultiError is an error wrapping multiple
+// validation errors returned by Cluster_LeastRequestLbConfig.ValidateAll() if
+// the designated constraints aren't met.
+type Cluster_LeastRequestLbConfigMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m Cluster_LeastRequestLbConfigMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m Cluster_LeastRequestLbConfigMultiError) AllErrors() []error { return m }
+
+// Cluster_LeastRequestLbConfigValidationError is the validation error returned
+// by Cluster_LeastRequestLbConfig.Validate if the designated constraints
+// aren't met.
+type Cluster_LeastRequestLbConfigValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e Cluster_LeastRequestLbConfigValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e Cluster_LeastRequestLbConfigValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e Cluster_LeastRequestLbConfigValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e Cluster_LeastRequestLbConfigValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e Cluster_LeastRequestLbConfigValidationError) ErrorName() string {
+	return "Cluster_LeastRequestLbConfigValidationError"
+}
+
+// Error satisfies the builtin error interface
+func (e Cluster_LeastRequestLbConfigValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sCluster_LeastRequestLbConfig.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = Cluster_LeastRequestLbConfigValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = Cluster_LeastRequestLbConfigValidationError{}
+
+// Validate checks the field values on Cluster_RingHashLbConfig with the rules
+// defined in the proto definition for this message. If any rules are
+// violated, the first error encountered is returned, or nil if there are no violations.
+func (m *Cluster_RingHashLbConfig) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on Cluster_RingHashLbConfig with the
+// rules defined in the proto definition for this message. If any rules are
+// violated, the result is a list of violation errors wrapped in
+// Cluster_RingHashLbConfigMultiError, or nil if none found.
+func (m *Cluster_RingHashLbConfig) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *Cluster_RingHashLbConfig) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	if wrapper := m.GetMinimumRingSize(); wrapper != nil {
+
+		if wrapper.GetValue() > 8388608 {
+			err := Cluster_RingHashLbConfigValidationError{
+				field:  "MinimumRingSize",
+				reason: "value must be less than or equal to 8388608",
+			}
+			if !all {
+				return err
+			}
+			errors = append(errors, err)
+		}
+
+	}
+
+	if _, ok := Cluster_RingHashLbConfig_HashFunction_name[int32(m.GetHashFunction())]; !ok {
+		err := Cluster_RingHashLbConfigValidationError{
+			field:  "HashFunction",
+			reason: "value must be one of the defined enum values",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+	}
+
+	if wrapper := m.GetMaximumRingSize(); wrapper != nil {
+
+		if wrapper.GetValue() > 8388608 {
+			err := Cluster_RingHashLbConfigValidationError{
+				field:  "MaximumRingSize",
+				reason: "value must be less than or equal to 8388608",
+			}
+			if !all {
+				return err
+			}
+			errors = append(errors, err)
+		}
+
+	}
+
+	if len(errors) > 0 {
+		return Cluster_RingHashLbConfigMultiError(errors)
+	}
+	return nil
+}
+
+// Cluster_RingHashLbConfigMultiError is an error wrapping multiple validation
+// errors returned by Cluster_RingHashLbConfig.ValidateAll() if the designated
+// constraints aren't met.
+type Cluster_RingHashLbConfigMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m Cluster_RingHashLbConfigMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m Cluster_RingHashLbConfigMultiError) AllErrors() []error { return m }
+
+// Cluster_RingHashLbConfigValidationError is the validation error returned by
+// Cluster_RingHashLbConfig.Validate if the designated constraints aren't met.
+type Cluster_RingHashLbConfigValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e Cluster_RingHashLbConfigValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e Cluster_RingHashLbConfigValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e Cluster_RingHashLbConfigValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e Cluster_RingHashLbConfigValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e Cluster_RingHashLbConfigValidationError) ErrorName() string {
+	return "Cluster_RingHashLbConfigValidationError"
+}
+
+// Error satisfies the builtin error interface
+func (e Cluster_RingHashLbConfigValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sCluster_RingHashLbConfig.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = Cluster_RingHashLbConfigValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = Cluster_RingHashLbConfigValidationError{}
+
+// Validate checks the field values on Cluster_OriginalDstLbConfig with the
+// rules defined in the proto definition for this message. If any rules are
+// violated, the first error encountered is returned, or nil if there are no violations.
+func (m *Cluster_OriginalDstLbConfig) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on Cluster_OriginalDstLbConfig with the
+// rules defined in the proto definition for this message. If any rules are
+// violated, the result is a list of violation errors wrapped in
+// Cluster_OriginalDstLbConfigMultiError, or nil if none found.
+func (m *Cluster_OriginalDstLbConfig) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *Cluster_OriginalDstLbConfig) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	// no validation rules for UseHttpHeader
+
+	if len(errors) > 0 {
+		return Cluster_OriginalDstLbConfigMultiError(errors)
+	}
+	return nil
+}
+
+// Cluster_OriginalDstLbConfigMultiError is an error wrapping multiple
+// validation errors returned by Cluster_OriginalDstLbConfig.ValidateAll() if
+// the designated constraints aren't met.
+type Cluster_OriginalDstLbConfigMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m Cluster_OriginalDstLbConfigMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m Cluster_OriginalDstLbConfigMultiError) AllErrors() []error { return m }
+
+// Cluster_OriginalDstLbConfigValidationError is the validation error returned
+// by Cluster_OriginalDstLbConfig.Validate if the designated constraints
+// aren't met.
+type Cluster_OriginalDstLbConfigValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e Cluster_OriginalDstLbConfigValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e Cluster_OriginalDstLbConfigValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e Cluster_OriginalDstLbConfigValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e Cluster_OriginalDstLbConfigValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e Cluster_OriginalDstLbConfigValidationError) ErrorName() string {
+	return "Cluster_OriginalDstLbConfigValidationError"
+}
+
+// Error satisfies the builtin error interface
+func (e Cluster_OriginalDstLbConfigValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sCluster_OriginalDstLbConfig.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = Cluster_OriginalDstLbConfigValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = Cluster_OriginalDstLbConfigValidationError{}
+
+// Validate checks the field values on Cluster_CommonLbConfig with the rules
+// defined in the proto definition for this message. If any rules are
+// violated, the first error encountered is returned, or nil if there are no violations.
+func (m *Cluster_CommonLbConfig) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on Cluster_CommonLbConfig with the rules
+// defined in the proto definition for this message. If any rules are
+// violated, the result is a list of violation errors wrapped in
+// Cluster_CommonLbConfigMultiError, or nil if none found.
+func (m *Cluster_CommonLbConfig) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *Cluster_CommonLbConfig) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	if all {
+		switch v := interface{}(m.GetHealthyPanicThreshold()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, Cluster_CommonLbConfigValidationError{
+					field:  "HealthyPanicThreshold",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, Cluster_CommonLbConfigValidationError{
+					field:  "HealthyPanicThreshold",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetHealthyPanicThreshold()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return Cluster_CommonLbConfigValidationError{
+				field:  "HealthyPanicThreshold",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if all {
+		switch v := interface{}(m.GetUpdateMergeWindow()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, Cluster_CommonLbConfigValidationError{
+					field:  "UpdateMergeWindow",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, Cluster_CommonLbConfigValidationError{
+					field:  "UpdateMergeWindow",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetUpdateMergeWindow()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return Cluster_CommonLbConfigValidationError{
+				field:  "UpdateMergeWindow",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	// no validation rules for IgnoreNewHostsUntilFirstHc
+
+	// no validation rules for CloseConnectionsOnHostSetChange
+
+	if all {
+		switch v := interface{}(m.GetConsistentHashingLbConfig()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, Cluster_CommonLbConfigValidationError{
+					field:  "ConsistentHashingLbConfig",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, Cluster_CommonLbConfigValidationError{
+					field:  "ConsistentHashingLbConfig",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetConsistentHashingLbConfig()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return Cluster_CommonLbConfigValidationError{
+				field:  "ConsistentHashingLbConfig",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	switch m.LocalityConfigSpecifier.(type) {
+
+	case *Cluster_CommonLbConfig_ZoneAwareLbConfig_:
+
+		if all {
+			switch v := interface{}(m.GetZoneAwareLbConfig()).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, Cluster_CommonLbConfigValidationError{
+						field:  "ZoneAwareLbConfig",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, Cluster_CommonLbConfigValidationError{
+						field:  "ZoneAwareLbConfig",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(m.GetZoneAwareLbConfig()).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return Cluster_CommonLbConfigValidationError{
+					field:  "ZoneAwareLbConfig",
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	case *Cluster_CommonLbConfig_LocalityWeightedLbConfig_:
+
+		if all {
+			switch v := interface{}(m.GetLocalityWeightedLbConfig()).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, Cluster_CommonLbConfigValidationError{
+						field:  "LocalityWeightedLbConfig",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, Cluster_CommonLbConfigValidationError{
+						field:  "LocalityWeightedLbConfig",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(m.GetLocalityWeightedLbConfig()).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return Cluster_CommonLbConfigValidationError{
+					field:  "LocalityWeightedLbConfig",
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	}
+
+	if len(errors) > 0 {
+		return Cluster_CommonLbConfigMultiError(errors)
+	}
+	return nil
+}
+
+// Cluster_CommonLbConfigMultiError is an error wrapping multiple validation
+// errors returned by Cluster_CommonLbConfig.ValidateAll() if the designated
+// constraints aren't met.
+type Cluster_CommonLbConfigMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m Cluster_CommonLbConfigMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m Cluster_CommonLbConfigMultiError) AllErrors() []error { return m }
+
+// Cluster_CommonLbConfigValidationError is the validation error returned by
+// Cluster_CommonLbConfig.Validate if the designated constraints aren't met.
+type Cluster_CommonLbConfigValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e Cluster_CommonLbConfigValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e Cluster_CommonLbConfigValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e Cluster_CommonLbConfigValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e Cluster_CommonLbConfigValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e Cluster_CommonLbConfigValidationError) ErrorName() string {
+	return "Cluster_CommonLbConfigValidationError"
+}
+
+// Error satisfies the builtin error interface
+func (e Cluster_CommonLbConfigValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sCluster_CommonLbConfig.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = Cluster_CommonLbConfigValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = Cluster_CommonLbConfigValidationError{}
+
+// Validate checks the field values on Cluster_RefreshRate with the rules
+// defined in the proto definition for this message. If any rules are
+// violated, the first error encountered is returned, or nil if there are no violations.
+func (m *Cluster_RefreshRate) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on Cluster_RefreshRate with the rules
+// defined in the proto definition for this message. If any rules are
+// violated, the result is a list of violation errors wrapped in
+// Cluster_RefreshRateMultiError, or nil if none found.
+func (m *Cluster_RefreshRate) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *Cluster_RefreshRate) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	if m.GetBaseInterval() == nil {
+		err := Cluster_RefreshRateValidationError{
+			field:  "BaseInterval",
+			reason: "value is required",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+	}
+
+	if d := m.GetBaseInterval(); d != nil {
+		dur, err := d.AsDuration(), d.CheckValid()
+		if err != nil {
+			err = Cluster_RefreshRateValidationError{
+				field:  "BaseInterval",
+				reason: "value is not a valid duration",
+				cause:  err,
+			}
+			if !all {
+				return err
+			}
+			errors = append(errors, err)
+		} else {
+
+			gt := time.Duration(0*time.Second + 1000000*time.Nanosecond)
+
+			if dur <= gt {
+				err := Cluster_RefreshRateValidationError{
+					field:  "BaseInterval",
+					reason: "value must be greater than 1ms",
+				}
+				if !all {
+					return err
+				}
+				errors = append(errors, err)
+			}
+
+		}
+	}
+
+	if d := m.GetMaxInterval(); d != nil {
+		dur, err := d.AsDuration(), d.CheckValid()
+		if err != nil {
+			err = Cluster_RefreshRateValidationError{
+				field:  "MaxInterval",
+				reason: "value is not a valid duration",
+				cause:  err,
+			}
+			if !all {
+				return err
+			}
+			errors = append(errors, err)
+		} else {
+
+			gt := time.Duration(0*time.Second + 1000000*time.Nanosecond)
+
+			if dur <= gt {
+				err := Cluster_RefreshRateValidationError{
+					field:  "MaxInterval",
+					reason: "value must be greater than 1ms",
+				}
+				if !all {
+					return err
+				}
+				errors = append(errors, err)
+			}
+
+		}
+	}
+
+	if len(errors) > 0 {
+		return Cluster_RefreshRateMultiError(errors)
+	}
+	return nil
+}
+
+// Cluster_RefreshRateMultiError is an error wrapping multiple validation
+// errors returned by Cluster_RefreshRate.ValidateAll() if the designated
+// constraints aren't met.
+type Cluster_RefreshRateMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m Cluster_RefreshRateMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m Cluster_RefreshRateMultiError) AllErrors() []error { return m }
+
+// Cluster_RefreshRateValidationError is the validation error returned by
+// Cluster_RefreshRate.Validate if the designated constraints aren't met.
+type Cluster_RefreshRateValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e Cluster_RefreshRateValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e Cluster_RefreshRateValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e Cluster_RefreshRateValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e Cluster_RefreshRateValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e Cluster_RefreshRateValidationError) ErrorName() string {
+	return "Cluster_RefreshRateValidationError"
+}
+
+// Error satisfies the builtin error interface
+func (e Cluster_RefreshRateValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sCluster_RefreshRate.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = Cluster_RefreshRateValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = Cluster_RefreshRateValidationError{}
+
+// Validate checks the field values on Cluster_LbSubsetConfig_LbSubsetSelector
+// with the rules defined in the proto definition for this message. If any
+// rules are violated, the first error encountered is returned, or nil if
+// there are no violations.
+func (m *Cluster_LbSubsetConfig_LbSubsetSelector) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on
+// Cluster_LbSubsetConfig_LbSubsetSelector with the rules defined in the proto
+// definition for this message. If any rules are violated, the result is a
+// list of violation errors wrapped in
+// Cluster_LbSubsetConfig_LbSubsetSelectorMultiError, or nil if none found.
+func (m *Cluster_LbSubsetConfig_LbSubsetSelector) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *Cluster_LbSubsetConfig_LbSubsetSelector) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	if _, ok := Cluster_LbSubsetConfig_LbSubsetSelector_LbSubsetSelectorFallbackPolicy_name[int32(m.GetFallbackPolicy())]; !ok {
+		err := Cluster_LbSubsetConfig_LbSubsetSelectorValidationError{
+			field:  "FallbackPolicy",
+			reason: "value must be one of the defined enum values",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+	}
+
+	if len(errors) > 0 {
+		return Cluster_LbSubsetConfig_LbSubsetSelectorMultiError(errors)
+	}
+	return nil
+}
+
+// Cluster_LbSubsetConfig_LbSubsetSelectorMultiError is an error wrapping
+// multiple validation errors returned by
+// Cluster_LbSubsetConfig_LbSubsetSelector.ValidateAll() if the designated
+// constraints aren't met.
+type Cluster_LbSubsetConfig_LbSubsetSelectorMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m Cluster_LbSubsetConfig_LbSubsetSelectorMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m Cluster_LbSubsetConfig_LbSubsetSelectorMultiError) AllErrors() []error { return m }
+
+// Cluster_LbSubsetConfig_LbSubsetSelectorValidationError is the validation
+// error returned by Cluster_LbSubsetConfig_LbSubsetSelector.Validate if the
+// designated constraints aren't met.
+type Cluster_LbSubsetConfig_LbSubsetSelectorValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e Cluster_LbSubsetConfig_LbSubsetSelectorValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e Cluster_LbSubsetConfig_LbSubsetSelectorValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e Cluster_LbSubsetConfig_LbSubsetSelectorValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e Cluster_LbSubsetConfig_LbSubsetSelectorValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e Cluster_LbSubsetConfig_LbSubsetSelectorValidationError) ErrorName() string {
+	return "Cluster_LbSubsetConfig_LbSubsetSelectorValidationError"
+}
+
+// Error satisfies the builtin error interface
+func (e Cluster_LbSubsetConfig_LbSubsetSelectorValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sCluster_LbSubsetConfig_LbSubsetSelector.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = Cluster_LbSubsetConfig_LbSubsetSelectorValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = Cluster_LbSubsetConfig_LbSubsetSelectorValidationError{}
+
+// Validate checks the field values on Cluster_CommonLbConfig_ZoneAwareLbConfig
+// with the rules defined in the proto definition for this message. If any
+// rules are violated, the first error encountered is returned, or nil if
+// there are no violations.
+func (m *Cluster_CommonLbConfig_ZoneAwareLbConfig) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on
+// Cluster_CommonLbConfig_ZoneAwareLbConfig with the rules defined in the
+// proto definition for this message. If any rules are violated, the result is
+// a list of violation errors wrapped in
+// Cluster_CommonLbConfig_ZoneAwareLbConfigMultiError, or nil if none found.
+func (m *Cluster_CommonLbConfig_ZoneAwareLbConfig) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *Cluster_CommonLbConfig_ZoneAwareLbConfig) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	if all {
+		switch v := interface{}(m.GetRoutingEnabled()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, Cluster_CommonLbConfig_ZoneAwareLbConfigValidationError{
+					field:  "RoutingEnabled",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, Cluster_CommonLbConfig_ZoneAwareLbConfigValidationError{
+					field:  "RoutingEnabled",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetRoutingEnabled()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return Cluster_CommonLbConfig_ZoneAwareLbConfigValidationError{
+				field:  "RoutingEnabled",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if all {
+		switch v := interface{}(m.GetMinClusterSize()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, Cluster_CommonLbConfig_ZoneAwareLbConfigValidationError{
+					field:  "MinClusterSize",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, Cluster_CommonLbConfig_ZoneAwareLbConfigValidationError{
+					field:  "MinClusterSize",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetMinClusterSize()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return Cluster_CommonLbConfig_ZoneAwareLbConfigValidationError{
+				field:  "MinClusterSize",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	// no validation rules for FailTrafficOnPanic
+
+	if len(errors) > 0 {
+		return Cluster_CommonLbConfig_ZoneAwareLbConfigMultiError(errors)
+	}
+	return nil
+}
+
+// Cluster_CommonLbConfig_ZoneAwareLbConfigMultiError is an error wrapping
+// multiple validation errors returned by
+// Cluster_CommonLbConfig_ZoneAwareLbConfig.ValidateAll() if the designated
+// constraints aren't met.
+type Cluster_CommonLbConfig_ZoneAwareLbConfigMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m Cluster_CommonLbConfig_ZoneAwareLbConfigMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m Cluster_CommonLbConfig_ZoneAwareLbConfigMultiError) AllErrors() []error { return m }
+
+// Cluster_CommonLbConfig_ZoneAwareLbConfigValidationError is the validation
+// error returned by Cluster_CommonLbConfig_ZoneAwareLbConfig.Validate if the
+// designated constraints aren't met.
+type Cluster_CommonLbConfig_ZoneAwareLbConfigValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e Cluster_CommonLbConfig_ZoneAwareLbConfigValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e Cluster_CommonLbConfig_ZoneAwareLbConfigValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e Cluster_CommonLbConfig_ZoneAwareLbConfigValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e Cluster_CommonLbConfig_ZoneAwareLbConfigValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e Cluster_CommonLbConfig_ZoneAwareLbConfigValidationError) ErrorName() string {
+	return "Cluster_CommonLbConfig_ZoneAwareLbConfigValidationError"
+}
+
+// Error satisfies the builtin error interface
+func (e Cluster_CommonLbConfig_ZoneAwareLbConfigValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sCluster_CommonLbConfig_ZoneAwareLbConfig.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = Cluster_CommonLbConfig_ZoneAwareLbConfigValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = Cluster_CommonLbConfig_ZoneAwareLbConfigValidationError{}
+
+// Validate checks the field values on
+// Cluster_CommonLbConfig_LocalityWeightedLbConfig with the rules defined in
+// the proto definition for this message. If any rules are violated, the first
+// error encountered is returned, or nil if there are no violations.
+func (m *Cluster_CommonLbConfig_LocalityWeightedLbConfig) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on
+// Cluster_CommonLbConfig_LocalityWeightedLbConfig with the rules defined in
+// the proto definition for this message. If any rules are violated, the
+// result is a list of violation errors wrapped in
+// Cluster_CommonLbConfig_LocalityWeightedLbConfigMultiError, or nil if none found.
+func (m *Cluster_CommonLbConfig_LocalityWeightedLbConfig) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *Cluster_CommonLbConfig_LocalityWeightedLbConfig) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	if len(errors) > 0 {
+		return Cluster_CommonLbConfig_LocalityWeightedLbConfigMultiError(errors)
+	}
+	return nil
+}
+
+// Cluster_CommonLbConfig_LocalityWeightedLbConfigMultiError is an error
+// wrapping multiple validation errors returned by
+// Cluster_CommonLbConfig_LocalityWeightedLbConfig.ValidateAll() if the
+// designated constraints aren't met.
+type Cluster_CommonLbConfig_LocalityWeightedLbConfigMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m Cluster_CommonLbConfig_LocalityWeightedLbConfigMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m Cluster_CommonLbConfig_LocalityWeightedLbConfigMultiError) AllErrors() []error { return m }
+
+// Cluster_CommonLbConfig_LocalityWeightedLbConfigValidationError is the
+// validation error returned by
+// Cluster_CommonLbConfig_LocalityWeightedLbConfig.Validate if the designated
+// constraints aren't met.
+type Cluster_CommonLbConfig_LocalityWeightedLbConfigValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e Cluster_CommonLbConfig_LocalityWeightedLbConfigValidationError) Field() string {
+	return e.field
+}
+
+// Reason function returns reason value.
+func (e Cluster_CommonLbConfig_LocalityWeightedLbConfigValidationError) Reason() string {
+	return e.reason
+}
+
+// Cause function returns cause value.
+func (e Cluster_CommonLbConfig_LocalityWeightedLbConfigValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e Cluster_CommonLbConfig_LocalityWeightedLbConfigValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e Cluster_CommonLbConfig_LocalityWeightedLbConfigValidationError) ErrorName() string {
+	return "Cluster_CommonLbConfig_LocalityWeightedLbConfigValidationError"
+}
+
+// Error satisfies the builtin error interface
+func (e Cluster_CommonLbConfig_LocalityWeightedLbConfigValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sCluster_CommonLbConfig_LocalityWeightedLbConfig.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = Cluster_CommonLbConfig_LocalityWeightedLbConfigValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = Cluster_CommonLbConfig_LocalityWeightedLbConfigValidationError{}
+
+// Validate checks the field values on
+// Cluster_CommonLbConfig_ConsistentHashingLbConfig with the rules defined in
+// the proto definition for this message. If any rules are violated, the first
+// error encountered is returned, or nil if there are no violations.
+func (m *Cluster_CommonLbConfig_ConsistentHashingLbConfig) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on
+// Cluster_CommonLbConfig_ConsistentHashingLbConfig with the rules defined in
+// the proto definition for this message. If any rules are violated, the
+// result is a list of violation errors wrapped in
+// Cluster_CommonLbConfig_ConsistentHashingLbConfigMultiError, or nil if none found.
+func (m *Cluster_CommonLbConfig_ConsistentHashingLbConfig) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *Cluster_CommonLbConfig_ConsistentHashingLbConfig) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	// no validation rules for UseHostnameForHashing
+
+	if len(errors) > 0 {
+		return Cluster_CommonLbConfig_ConsistentHashingLbConfigMultiError(errors)
+	}
+	return nil
+}
+
+// Cluster_CommonLbConfig_ConsistentHashingLbConfigMultiError is an error
+// wrapping multiple validation errors returned by
+// Cluster_CommonLbConfig_ConsistentHashingLbConfig.ValidateAll() if the
+// designated constraints aren't met.
+type Cluster_CommonLbConfig_ConsistentHashingLbConfigMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m Cluster_CommonLbConfig_ConsistentHashingLbConfigMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m Cluster_CommonLbConfig_ConsistentHashingLbConfigMultiError) AllErrors() []error { return m }
+
+// Cluster_CommonLbConfig_ConsistentHashingLbConfigValidationError is the
+// validation error returned by
+// Cluster_CommonLbConfig_ConsistentHashingLbConfig.Validate if the designated
+// constraints aren't met.
+type Cluster_CommonLbConfig_ConsistentHashingLbConfigValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e Cluster_CommonLbConfig_ConsistentHashingLbConfigValidationError) Field() string {
+	return e.field
+}
+
+// Reason function returns reason value.
+func (e Cluster_CommonLbConfig_ConsistentHashingLbConfigValidationError) Reason() string {
+	return e.reason
+}
+
+// Cause function returns cause value.
+func (e Cluster_CommonLbConfig_ConsistentHashingLbConfigValidationError) Cause() error {
+	return e.cause
+}
+
+// Key function returns key value.
+func (e Cluster_CommonLbConfig_ConsistentHashingLbConfigValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e Cluster_CommonLbConfig_ConsistentHashingLbConfigValidationError) ErrorName() string {
+	return "Cluster_CommonLbConfig_ConsistentHashingLbConfigValidationError"
+}
+
+// Error satisfies the builtin error interface
+func (e Cluster_CommonLbConfig_ConsistentHashingLbConfigValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sCluster_CommonLbConfig_ConsistentHashingLbConfig.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = Cluster_CommonLbConfig_ConsistentHashingLbConfigValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = Cluster_CommonLbConfig_ConsistentHashingLbConfigValidationError{}
+
+// Validate checks the field values on LoadBalancingPolicy_Policy with the
+// rules defined in the proto definition for this message. If any rules are
+// violated, the first error encountered is returned, or nil if there are no violations.
+func (m *LoadBalancingPolicy_Policy) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on LoadBalancingPolicy_Policy with the
+// rules defined in the proto definition for this message. If any rules are
+// violated, the result is a list of violation errors wrapped in
+// LoadBalancingPolicy_PolicyMultiError, or nil if none found.
+func (m *LoadBalancingPolicy_Policy) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *LoadBalancingPolicy_Policy) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	// no validation rules for Name
+
+	if all {
+		switch v := interface{}(m.GetConfig()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, LoadBalancingPolicy_PolicyValidationError{
+					field:  "Config",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, LoadBalancingPolicy_PolicyValidationError{
+					field:  "Config",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetConfig()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return LoadBalancingPolicy_PolicyValidationError{
+				field:  "Config",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if all {
+		switch v := interface{}(m.GetTypedConfig()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, LoadBalancingPolicy_PolicyValidationError{
+					field:  "TypedConfig",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, LoadBalancingPolicy_PolicyValidationError{
+					field:  "TypedConfig",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetTypedConfig()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return LoadBalancingPolicy_PolicyValidationError{
+				field:  "TypedConfig",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if len(errors) > 0 {
+		return LoadBalancingPolicy_PolicyMultiError(errors)
+	}
+	return nil
+}
+
+// LoadBalancingPolicy_PolicyMultiError is an error wrapping multiple
+// validation errors returned by LoadBalancingPolicy_Policy.ValidateAll() if
+// the designated constraints aren't met.
+type LoadBalancingPolicy_PolicyMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m LoadBalancingPolicy_PolicyMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m LoadBalancingPolicy_PolicyMultiError) AllErrors() []error { return m }
+
+// LoadBalancingPolicy_PolicyValidationError is the validation error returned
+// by LoadBalancingPolicy_Policy.Validate if the designated constraints aren't met.
+type LoadBalancingPolicy_PolicyValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e LoadBalancingPolicy_PolicyValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e LoadBalancingPolicy_PolicyValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e LoadBalancingPolicy_PolicyValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e LoadBalancingPolicy_PolicyValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e LoadBalancingPolicy_PolicyValidationError) ErrorName() string {
+	return "LoadBalancingPolicy_PolicyValidationError"
+}
+
+// Error satisfies the builtin error interface
+func (e LoadBalancingPolicy_PolicyValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sLoadBalancingPolicy_Policy.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = LoadBalancingPolicy_PolicyValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = LoadBalancingPolicy_PolicyValidationError{}
diff --git a/vendor/github.com/envoyproxy/go-control-plane/envoy/api/v2/cluster/circuit_breaker.pb.go b/vendor/github.com/envoyproxy/go-control-plane/envoy/api/v2/cluster/circuit_breaker.pb.go
new file mode 100644
index 00000000000..bd117f9e053
--- /dev/null
+++ b/vendor/github.com/envoyproxy/go-control-plane/envoy/api/v2/cluster/circuit_breaker.pb.go
@@ -0,0 +1,470 @@
+// Code generated by protoc-gen-go. DO NOT EDIT.
+// versions:
+// 	protoc-gen-go v1.25.0
+// 	protoc        v3.19.1
+// source: envoy/api/v2/cluster/circuit_breaker.proto
+
+package envoy_api_v2_cluster
+
+import (
+	_ "github.com/cncf/xds/go/udpa/annotations"
+	core "github.com/envoyproxy/go-control-plane/envoy/api/v2/core"
+	_type "github.com/envoyproxy/go-control-plane/envoy/type"
+	_ "github.com/envoyproxy/protoc-gen-validate/validate"
+	proto "github.com/golang/protobuf/proto"
+	wrappers "github.com/golang/protobuf/ptypes/wrappers"
+	protoreflect "google.golang.org/protobuf/reflect/protoreflect"
+	protoimpl "google.golang.org/protobuf/runtime/protoimpl"
+	reflect "reflect"
+	sync "sync"
+)
+
+const (
+	// Verify that this generated code is sufficiently up-to-date.
+	_ = protoimpl.EnforceVersion(20 - protoimpl.MinVersion)
+	// Verify that runtime/protoimpl is sufficiently up-to-date.
+	_ = protoimpl.EnforceVersion(protoimpl.MaxVersion - 20)
+)
+
+// This is a compile-time assertion that a sufficiently up-to-date version
+// of the legacy proto package is being used.
+const _ = proto.ProtoPackageIsVersion4
+
+// :ref:`Circuit breaking<arch_overview_circuit_break>` settings can be
+// specified individually for each defined priority.
+type CircuitBreakers struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// If multiple :ref:`Thresholds<envoy_api_msg_cluster.CircuitBreakers.Thresholds>`
+	// are defined with the same :ref:`RoutingPriority<envoy_api_enum_core.RoutingPriority>`,
+	// the first one in the list is used. If no Thresholds is defined for a given
+	// :ref:`RoutingPriority<envoy_api_enum_core.RoutingPriority>`, the default values
+	// are used.
+	Thresholds []*CircuitBreakers_Thresholds `protobuf:"bytes,1,rep,name=thresholds,proto3" json:"thresholds,omitempty"`
+}
+
+func (x *CircuitBreakers) Reset() {
+	*x = CircuitBreakers{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_api_v2_cluster_circuit_breaker_proto_msgTypes[0]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *CircuitBreakers) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*CircuitBreakers) ProtoMessage() {}
+
+func (x *CircuitBreakers) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_api_v2_cluster_circuit_breaker_proto_msgTypes[0]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use CircuitBreakers.ProtoReflect.Descriptor instead.
+func (*CircuitBreakers) Descriptor() ([]byte, []int) {
+	return file_envoy_api_v2_cluster_circuit_breaker_proto_rawDescGZIP(), []int{0}
+}
+
+func (x *CircuitBreakers) GetThresholds() []*CircuitBreakers_Thresholds {
+	if x != nil {
+		return x.Thresholds
+	}
+	return nil
+}
+
+// A Thresholds defines CircuitBreaker settings for a
+// :ref:`RoutingPriority<envoy_api_enum_core.RoutingPriority>`.
+// [#next-free-field: 9]
+type CircuitBreakers_Thresholds struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// The :ref:`RoutingPriority<envoy_api_enum_core.RoutingPriority>`
+	// the specified CircuitBreaker settings apply to.
+	Priority core.RoutingPriority `protobuf:"varint,1,opt,name=priority,proto3,enum=envoy.api.v2.core.RoutingPriority" json:"priority,omitempty"`
+	// The maximum number of connections that Envoy will make to the upstream
+	// cluster. If not specified, the default is 1024.
+	MaxConnections *wrappers.UInt32Value `protobuf:"bytes,2,opt,name=max_connections,json=maxConnections,proto3" json:"max_connections,omitempty"`
+	// The maximum number of pending requests that Envoy will allow to the
+	// upstream cluster. If not specified, the default is 1024.
+	MaxPendingRequests *wrappers.UInt32Value `protobuf:"bytes,3,opt,name=max_pending_requests,json=maxPendingRequests,proto3" json:"max_pending_requests,omitempty"`
+	// The maximum number of parallel requests that Envoy will make to the
+	// upstream cluster. If not specified, the default is 1024.
+	MaxRequests *wrappers.UInt32Value `protobuf:"bytes,4,opt,name=max_requests,json=maxRequests,proto3" json:"max_requests,omitempty"`
+	// The maximum number of parallel retries that Envoy will allow to the
+	// upstream cluster. If not specified, the default is 3.
+	MaxRetries *wrappers.UInt32Value `protobuf:"bytes,5,opt,name=max_retries,json=maxRetries,proto3" json:"max_retries,omitempty"`
+	// Specifies a limit on concurrent retries in relation to the number of active requests. This
+	// parameter is optional.
+	//
+	// .. note::
+	//
+	//    If this field is set, the retry budget will override any configured retry circuit
+	//    breaker.
+	RetryBudget *CircuitBreakers_Thresholds_RetryBudget `protobuf:"bytes,8,opt,name=retry_budget,json=retryBudget,proto3" json:"retry_budget,omitempty"`
+	// If track_remaining is true, then stats will be published that expose
+	// the number of resources remaining until the circuit breakers open. If
+	// not specified, the default is false.
+	//
+	// .. note::
+	//
+	//    If a retry budget is used in lieu of the max_retries circuit breaker,
+	//    the remaining retry resources remaining will not be tracked.
+	TrackRemaining bool `protobuf:"varint,6,opt,name=track_remaining,json=trackRemaining,proto3" json:"track_remaining,omitempty"`
+	// The maximum number of connection pools per cluster that Envoy will concurrently support at
+	// once. If not specified, the default is unlimited. Set this for clusters which create a
+	// large number of connection pools. See
+	// :ref:`Circuit Breaking <arch_overview_circuit_break_cluster_maximum_connection_pools>` for
+	// more details.
+	MaxConnectionPools *wrappers.UInt32Value `protobuf:"bytes,7,opt,name=max_connection_pools,json=maxConnectionPools,proto3" json:"max_connection_pools,omitempty"`
+}
+
+func (x *CircuitBreakers_Thresholds) Reset() {
+	*x = CircuitBreakers_Thresholds{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_api_v2_cluster_circuit_breaker_proto_msgTypes[1]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *CircuitBreakers_Thresholds) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*CircuitBreakers_Thresholds) ProtoMessage() {}
+
+func (x *CircuitBreakers_Thresholds) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_api_v2_cluster_circuit_breaker_proto_msgTypes[1]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use CircuitBreakers_Thresholds.ProtoReflect.Descriptor instead.
+func (*CircuitBreakers_Thresholds) Descriptor() ([]byte, []int) {
+	return file_envoy_api_v2_cluster_circuit_breaker_proto_rawDescGZIP(), []int{0, 0}
+}
+
+func (x *CircuitBreakers_Thresholds) GetPriority() core.RoutingPriority {
+	if x != nil {
+		return x.Priority
+	}
+	return core.RoutingPriority_DEFAULT
+}
+
+func (x *CircuitBreakers_Thresholds) GetMaxConnections() *wrappers.UInt32Value {
+	if x != nil {
+		return x.MaxConnections
+	}
+	return nil
+}
+
+func (x *CircuitBreakers_Thresholds) GetMaxPendingRequests() *wrappers.UInt32Value {
+	if x != nil {
+		return x.MaxPendingRequests
+	}
+	return nil
+}
+
+func (x *CircuitBreakers_Thresholds) GetMaxRequests() *wrappers.UInt32Value {
+	if x != nil {
+		return x.MaxRequests
+	}
+	return nil
+}
+
+func (x *CircuitBreakers_Thresholds) GetMaxRetries() *wrappers.UInt32Value {
+	if x != nil {
+		return x.MaxRetries
+	}
+	return nil
+}
+
+func (x *CircuitBreakers_Thresholds) GetRetryBudget() *CircuitBreakers_Thresholds_RetryBudget {
+	if x != nil {
+		return x.RetryBudget
+	}
+	return nil
+}
+
+func (x *CircuitBreakers_Thresholds) GetTrackRemaining() bool {
+	if x != nil {
+		return x.TrackRemaining
+	}
+	return false
+}
+
+func (x *CircuitBreakers_Thresholds) GetMaxConnectionPools() *wrappers.UInt32Value {
+	if x != nil {
+		return x.MaxConnectionPools
+	}
+	return nil
+}
+
+type CircuitBreakers_Thresholds_RetryBudget struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// Specifies the limit on concurrent retries as a percentage of the sum of active requests and
+	// active pending requests. For example, if there are 100 active requests and the
+	// budget_percent is set to 25, there may be 25 active retries.
+	//
+	// This parameter is optional. Defaults to 20%.
+	BudgetPercent *_type.Percent `protobuf:"bytes,1,opt,name=budget_percent,json=budgetPercent,proto3" json:"budget_percent,omitempty"`
+	// Specifies the minimum retry concurrency allowed for the retry budget. The limit on the
+	// number of active retries may never go below this number.
+	//
+	// This parameter is optional. Defaults to 3.
+	MinRetryConcurrency *wrappers.UInt32Value `protobuf:"bytes,2,opt,name=min_retry_concurrency,json=minRetryConcurrency,proto3" json:"min_retry_concurrency,omitempty"`
+}
+
+func (x *CircuitBreakers_Thresholds_RetryBudget) Reset() {
+	*x = CircuitBreakers_Thresholds_RetryBudget{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_api_v2_cluster_circuit_breaker_proto_msgTypes[2]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *CircuitBreakers_Thresholds_RetryBudget) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*CircuitBreakers_Thresholds_RetryBudget) ProtoMessage() {}
+
+func (x *CircuitBreakers_Thresholds_RetryBudget) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_api_v2_cluster_circuit_breaker_proto_msgTypes[2]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use CircuitBreakers_Thresholds_RetryBudget.ProtoReflect.Descriptor instead.
+func (*CircuitBreakers_Thresholds_RetryBudget) Descriptor() ([]byte, []int) {
+	return file_envoy_api_v2_cluster_circuit_breaker_proto_rawDescGZIP(), []int{0, 0, 0}
+}
+
+func (x *CircuitBreakers_Thresholds_RetryBudget) GetBudgetPercent() *_type.Percent {
+	if x != nil {
+		return x.BudgetPercent
+	}
+	return nil
+}
+
+func (x *CircuitBreakers_Thresholds_RetryBudget) GetMinRetryConcurrency() *wrappers.UInt32Value {
+	if x != nil {
+		return x.MinRetryConcurrency
+	}
+	return nil
+}
+
+var File_envoy_api_v2_cluster_circuit_breaker_proto protoreflect.FileDescriptor
+
+var file_envoy_api_v2_cluster_circuit_breaker_proto_rawDesc = []byte{
+	0x0a, 0x2a, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2f, 0x61, 0x70, 0x69, 0x2f, 0x76, 0x32, 0x2f, 0x63,
+	0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0x2f, 0x63, 0x69, 0x72, 0x63, 0x75, 0x69, 0x74, 0x5f, 0x62,
+	0x72, 0x65, 0x61, 0x6b, 0x65, 0x72, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x12, 0x14, 0x65, 0x6e,
+	0x76, 0x6f, 0x79, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x76, 0x32, 0x2e, 0x63, 0x6c, 0x75, 0x73, 0x74,
+	0x65, 0x72, 0x1a, 0x1c, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2f, 0x61, 0x70, 0x69, 0x2f, 0x76, 0x32,
+	0x2f, 0x63, 0x6f, 0x72, 0x65, 0x2f, 0x62, 0x61, 0x73, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f,
+	0x1a, 0x18, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2f, 0x74, 0x79, 0x70, 0x65, 0x2f, 0x70, 0x65, 0x72,
+	0x63, 0x65, 0x6e, 0x74, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x1e, 0x67, 0x6f, 0x6f, 0x67,
+	0x6c, 0x65, 0x2f, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2f, 0x77, 0x72, 0x61, 0x70,
+	0x70, 0x65, 0x72, 0x73, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x1e, 0x75, 0x64, 0x70, 0x61,
+	0x2f, 0x61, 0x6e, 0x6e, 0x6f, 0x74, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x2f, 0x6d, 0x69, 0x67,
+	0x72, 0x61, 0x74, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x1d, 0x75, 0x64, 0x70, 0x61,
+	0x2f, 0x61, 0x6e, 0x6e, 0x6f, 0x74, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x2f, 0x73, 0x74, 0x61,
+	0x74, 0x75, 0x73, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x17, 0x76, 0x61, 0x6c, 0x69, 0x64,
+	0x61, 0x74, 0x65, 0x2f, 0x76, 0x61, 0x6c, 0x69, 0x64, 0x61, 0x74, 0x65, 0x2e, 0x70, 0x72, 0x6f,
+	0x74, 0x6f, 0x22, 0xcb, 0x06, 0x0a, 0x0f, 0x43, 0x69, 0x72, 0x63, 0x75, 0x69, 0x74, 0x42, 0x72,
+	0x65, 0x61, 0x6b, 0x65, 0x72, 0x73, 0x12, 0x50, 0x0a, 0x0a, 0x74, 0x68, 0x72, 0x65, 0x73, 0x68,
+	0x6f, 0x6c, 0x64, 0x73, 0x18, 0x01, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x30, 0x2e, 0x65, 0x6e, 0x76,
+	0x6f, 0x79, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x76, 0x32, 0x2e, 0x63, 0x6c, 0x75, 0x73, 0x74, 0x65,
+	0x72, 0x2e, 0x43, 0x69, 0x72, 0x63, 0x75, 0x69, 0x74, 0x42, 0x72, 0x65, 0x61, 0x6b, 0x65, 0x72,
+	0x73, 0x2e, 0x54, 0x68, 0x72, 0x65, 0x73, 0x68, 0x6f, 0x6c, 0x64, 0x73, 0x52, 0x0a, 0x74, 0x68,
+	0x72, 0x65, 0x73, 0x68, 0x6f, 0x6c, 0x64, 0x73, 0x1a, 0xe5, 0x05, 0x0a, 0x0a, 0x54, 0x68, 0x72,
+	0x65, 0x73, 0x68, 0x6f, 0x6c, 0x64, 0x73, 0x12, 0x48, 0x0a, 0x08, 0x70, 0x72, 0x69, 0x6f, 0x72,
+	0x69, 0x74, 0x79, 0x18, 0x01, 0x20, 0x01, 0x28, 0x0e, 0x32, 0x22, 0x2e, 0x65, 0x6e, 0x76, 0x6f,
+	0x79, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x76, 0x32, 0x2e, 0x63, 0x6f, 0x72, 0x65, 0x2e, 0x52, 0x6f,
+	0x75, 0x74, 0x69, 0x6e, 0x67, 0x50, 0x72, 0x69, 0x6f, 0x72, 0x69, 0x74, 0x79, 0x42, 0x08, 0xfa,
+	0x42, 0x05, 0x82, 0x01, 0x02, 0x10, 0x01, 0x52, 0x08, 0x70, 0x72, 0x69, 0x6f, 0x72, 0x69, 0x74,
+	0x79, 0x12, 0x45, 0x0a, 0x0f, 0x6d, 0x61, 0x78, 0x5f, 0x63, 0x6f, 0x6e, 0x6e, 0x65, 0x63, 0x74,
+	0x69, 0x6f, 0x6e, 0x73, 0x18, 0x02, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1c, 0x2e, 0x67, 0x6f, 0x6f,
+	0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x55, 0x49, 0x6e,
+	0x74, 0x33, 0x32, 0x56, 0x61, 0x6c, 0x75, 0x65, 0x52, 0x0e, 0x6d, 0x61, 0x78, 0x43, 0x6f, 0x6e,
+	0x6e, 0x65, 0x63, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x12, 0x4e, 0x0a, 0x14, 0x6d, 0x61, 0x78, 0x5f,
+	0x70, 0x65, 0x6e, 0x64, 0x69, 0x6e, 0x67, 0x5f, 0x72, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x73,
+	0x18, 0x03, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1c, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e,
+	0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x55, 0x49, 0x6e, 0x74, 0x33, 0x32, 0x56,
+	0x61, 0x6c, 0x75, 0x65, 0x52, 0x12, 0x6d, 0x61, 0x78, 0x50, 0x65, 0x6e, 0x64, 0x69, 0x6e, 0x67,
+	0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x73, 0x12, 0x3f, 0x0a, 0x0c, 0x6d, 0x61, 0x78, 0x5f,
+	0x72, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x73, 0x18, 0x04, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1c,
+	0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66,
+	0x2e, 0x55, 0x49, 0x6e, 0x74, 0x33, 0x32, 0x56, 0x61, 0x6c, 0x75, 0x65, 0x52, 0x0b, 0x6d, 0x61,
+	0x78, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x73, 0x12, 0x3d, 0x0a, 0x0b, 0x6d, 0x61, 0x78,
+	0x5f, 0x72, 0x65, 0x74, 0x72, 0x69, 0x65, 0x73, 0x18, 0x05, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1c,
+	0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66,
+	0x2e, 0x55, 0x49, 0x6e, 0x74, 0x33, 0x32, 0x56, 0x61, 0x6c, 0x75, 0x65, 0x52, 0x0a, 0x6d, 0x61,
+	0x78, 0x52, 0x65, 0x74, 0x72, 0x69, 0x65, 0x73, 0x12, 0x5f, 0x0a, 0x0c, 0x72, 0x65, 0x74, 0x72,
+	0x79, 0x5f, 0x62, 0x75, 0x64, 0x67, 0x65, 0x74, 0x18, 0x08, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x3c,
+	0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x76, 0x32, 0x2e, 0x63, 0x6c,
+	0x75, 0x73, 0x74, 0x65, 0x72, 0x2e, 0x43, 0x69, 0x72, 0x63, 0x75, 0x69, 0x74, 0x42, 0x72, 0x65,
+	0x61, 0x6b, 0x65, 0x72, 0x73, 0x2e, 0x54, 0x68, 0x72, 0x65, 0x73, 0x68, 0x6f, 0x6c, 0x64, 0x73,
+	0x2e, 0x52, 0x65, 0x74, 0x72, 0x79, 0x42, 0x75, 0x64, 0x67, 0x65, 0x74, 0x52, 0x0b, 0x72, 0x65,
+	0x74, 0x72, 0x79, 0x42, 0x75, 0x64, 0x67, 0x65, 0x74, 0x12, 0x27, 0x0a, 0x0f, 0x74, 0x72, 0x61,
+	0x63, 0x6b, 0x5f, 0x72, 0x65, 0x6d, 0x61, 0x69, 0x6e, 0x69, 0x6e, 0x67, 0x18, 0x06, 0x20, 0x01,
+	0x28, 0x08, 0x52, 0x0e, 0x74, 0x72, 0x61, 0x63, 0x6b, 0x52, 0x65, 0x6d, 0x61, 0x69, 0x6e, 0x69,
+	0x6e, 0x67, 0x12, 0x4e, 0x0a, 0x14, 0x6d, 0x61, 0x78, 0x5f, 0x63, 0x6f, 0x6e, 0x6e, 0x65, 0x63,
+	0x74, 0x69, 0x6f, 0x6e, 0x5f, 0x70, 0x6f, 0x6f, 0x6c, 0x73, 0x18, 0x07, 0x20, 0x01, 0x28, 0x0b,
+	0x32, 0x1c, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62,
+	0x75, 0x66, 0x2e, 0x55, 0x49, 0x6e, 0x74, 0x33, 0x32, 0x56, 0x61, 0x6c, 0x75, 0x65, 0x52, 0x12,
+	0x6d, 0x61, 0x78, 0x43, 0x6f, 0x6e, 0x6e, 0x65, 0x63, 0x74, 0x69, 0x6f, 0x6e, 0x50, 0x6f, 0x6f,
+	0x6c, 0x73, 0x1a, 0x9b, 0x01, 0x0a, 0x0b, 0x52, 0x65, 0x74, 0x72, 0x79, 0x42, 0x75, 0x64, 0x67,
+	0x65, 0x74, 0x12, 0x3a, 0x0a, 0x0e, 0x62, 0x75, 0x64, 0x67, 0x65, 0x74, 0x5f, 0x70, 0x65, 0x72,
+	0x63, 0x65, 0x6e, 0x74, 0x18, 0x01, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x13, 0x2e, 0x65, 0x6e, 0x76,
+	0x6f, 0x79, 0x2e, 0x74, 0x79, 0x70, 0x65, 0x2e, 0x50, 0x65, 0x72, 0x63, 0x65, 0x6e, 0x74, 0x52,
+	0x0d, 0x62, 0x75, 0x64, 0x67, 0x65, 0x74, 0x50, 0x65, 0x72, 0x63, 0x65, 0x6e, 0x74, 0x12, 0x50,
+	0x0a, 0x15, 0x6d, 0x69, 0x6e, 0x5f, 0x72, 0x65, 0x74, 0x72, 0x79, 0x5f, 0x63, 0x6f, 0x6e, 0x63,
+	0x75, 0x72, 0x72, 0x65, 0x6e, 0x63, 0x79, 0x18, 0x02, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1c, 0x2e,
+	0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e,
+	0x55, 0x49, 0x6e, 0x74, 0x33, 0x32, 0x56, 0x61, 0x6c, 0x75, 0x65, 0x52, 0x13, 0x6d, 0x69, 0x6e,
+	0x52, 0x65, 0x74, 0x72, 0x79, 0x43, 0x6f, 0x6e, 0x63, 0x75, 0x72, 0x72, 0x65, 0x6e, 0x63, 0x79,
+	0x42, 0x94, 0x01, 0x0a, 0x22, 0x69, 0x6f, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x70, 0x72, 0x6f,
+	0x78, 0x79, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x76, 0x32, 0x2e,
+	0x63, 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0x42, 0x13, 0x43, 0x69, 0x72, 0x63, 0x75, 0x69, 0x74,
+	0x42, 0x72, 0x65, 0x61, 0x6b, 0x65, 0x72, 0x50, 0x72, 0x6f, 0x74, 0x6f, 0x50, 0x01, 0xaa, 0x02,
+	0x16, 0x45, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x41, 0x70, 0x69, 0x2e, 0x56, 0x32, 0x2e, 0x43, 0x6c,
+	0x75, 0x73, 0x74, 0x65, 0x72, 0x4e, 0x53, 0xea, 0x02, 0x16, 0x45, 0x6e, 0x76, 0x6f, 0x79, 0x2e,
+	0x41, 0x70, 0x69, 0x2e, 0x56, 0x32, 0x2e, 0x43, 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0x4e, 0x53,
+	0xf2, 0x98, 0xfe, 0x8f, 0x05, 0x19, 0x12, 0x17, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f,
+	0x6e, 0x66, 0x69, 0x67, 0x2e, 0x63, 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0x2e, 0x76, 0x33, 0xba,
+	0x80, 0xc8, 0xd1, 0x06, 0x02, 0x10, 0x01, 0x62, 0x06, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x33,
+}
+
+var (
+	file_envoy_api_v2_cluster_circuit_breaker_proto_rawDescOnce sync.Once
+	file_envoy_api_v2_cluster_circuit_breaker_proto_rawDescData = file_envoy_api_v2_cluster_circuit_breaker_proto_rawDesc
+)
+
+func file_envoy_api_v2_cluster_circuit_breaker_proto_rawDescGZIP() []byte {
+	file_envoy_api_v2_cluster_circuit_breaker_proto_rawDescOnce.Do(func() {
+		file_envoy_api_v2_cluster_circuit_breaker_proto_rawDescData = protoimpl.X.CompressGZIP(file_envoy_api_v2_cluster_circuit_breaker_proto_rawDescData)
+	})
+	return file_envoy_api_v2_cluster_circuit_breaker_proto_rawDescData
+}
+
+var file_envoy_api_v2_cluster_circuit_breaker_proto_msgTypes = make([]protoimpl.MessageInfo, 3)
+var file_envoy_api_v2_cluster_circuit_breaker_proto_goTypes = []interface{}{
+	(*CircuitBreakers)(nil),                        // 0: envoy.api.v2.cluster.CircuitBreakers
+	(*CircuitBreakers_Thresholds)(nil),             // 1: envoy.api.v2.cluster.CircuitBreakers.Thresholds
+	(*CircuitBreakers_Thresholds_RetryBudget)(nil), // 2: envoy.api.v2.cluster.CircuitBreakers.Thresholds.RetryBudget
+	(core.RoutingPriority)(0),                      // 3: envoy.api.v2.core.RoutingPriority
+	(*wrappers.UInt32Value)(nil),                   // 4: google.protobuf.UInt32Value
+	(*_type.Percent)(nil),                          // 5: envoy.type.Percent
+}
+var file_envoy_api_v2_cluster_circuit_breaker_proto_depIdxs = []int32{
+	1,  // 0: envoy.api.v2.cluster.CircuitBreakers.thresholds:type_name -> envoy.api.v2.cluster.CircuitBreakers.Thresholds
+	3,  // 1: envoy.api.v2.cluster.CircuitBreakers.Thresholds.priority:type_name -> envoy.api.v2.core.RoutingPriority
+	4,  // 2: envoy.api.v2.cluster.CircuitBreakers.Thresholds.max_connections:type_name -> google.protobuf.UInt32Value
+	4,  // 3: envoy.api.v2.cluster.CircuitBreakers.Thresholds.max_pending_requests:type_name -> google.protobuf.UInt32Value
+	4,  // 4: envoy.api.v2.cluster.CircuitBreakers.Thresholds.max_requests:type_name -> google.protobuf.UInt32Value
+	4,  // 5: envoy.api.v2.cluster.CircuitBreakers.Thresholds.max_retries:type_name -> google.protobuf.UInt32Value
+	2,  // 6: envoy.api.v2.cluster.CircuitBreakers.Thresholds.retry_budget:type_name -> envoy.api.v2.cluster.CircuitBreakers.Thresholds.RetryBudget
+	4,  // 7: envoy.api.v2.cluster.CircuitBreakers.Thresholds.max_connection_pools:type_name -> google.protobuf.UInt32Value
+	5,  // 8: envoy.api.v2.cluster.CircuitBreakers.Thresholds.RetryBudget.budget_percent:type_name -> envoy.type.Percent
+	4,  // 9: envoy.api.v2.cluster.CircuitBreakers.Thresholds.RetryBudget.min_retry_concurrency:type_name -> google.protobuf.UInt32Value
+	10, // [10:10] is the sub-list for method output_type
+	10, // [10:10] is the sub-list for method input_type
+	10, // [10:10] is the sub-list for extension type_name
+	10, // [10:10] is the sub-list for extension extendee
+	0,  // [0:10] is the sub-list for field type_name
+}
+
+func init() { file_envoy_api_v2_cluster_circuit_breaker_proto_init() }
+func file_envoy_api_v2_cluster_circuit_breaker_proto_init() {
+	if File_envoy_api_v2_cluster_circuit_breaker_proto != nil {
+		return
+	}
+	if !protoimpl.UnsafeEnabled {
+		file_envoy_api_v2_cluster_circuit_breaker_proto_msgTypes[0].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*CircuitBreakers); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_api_v2_cluster_circuit_breaker_proto_msgTypes[1].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*CircuitBreakers_Thresholds); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_api_v2_cluster_circuit_breaker_proto_msgTypes[2].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*CircuitBreakers_Thresholds_RetryBudget); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+	}
+	type x struct{}
+	out := protoimpl.TypeBuilder{
+		File: protoimpl.DescBuilder{
+			GoPackagePath: reflect.TypeOf(x{}).PkgPath(),
+			RawDescriptor: file_envoy_api_v2_cluster_circuit_breaker_proto_rawDesc,
+			NumEnums:      0,
+			NumMessages:   3,
+			NumExtensions: 0,
+			NumServices:   0,
+		},
+		GoTypes:           file_envoy_api_v2_cluster_circuit_breaker_proto_goTypes,
+		DependencyIndexes: file_envoy_api_v2_cluster_circuit_breaker_proto_depIdxs,
+		MessageInfos:      file_envoy_api_v2_cluster_circuit_breaker_proto_msgTypes,
+	}.Build()
+	File_envoy_api_v2_cluster_circuit_breaker_proto = out.File
+	file_envoy_api_v2_cluster_circuit_breaker_proto_rawDesc = nil
+	file_envoy_api_v2_cluster_circuit_breaker_proto_goTypes = nil
+	file_envoy_api_v2_cluster_circuit_breaker_proto_depIdxs = nil
+}
diff --git a/vendor/github.com/envoyproxy/go-control-plane/envoy/api/v2/cluster/circuit_breaker.pb.validate.go b/vendor/github.com/envoyproxy/go-control-plane/envoy/api/v2/cluster/circuit_breaker.pb.validate.go
new file mode 100644
index 00000000000..ebcbbfba664
--- /dev/null
+++ b/vendor/github.com/envoyproxy/go-control-plane/envoy/api/v2/cluster/circuit_breaker.pb.validate.go
@@ -0,0 +1,624 @@
+// Code generated by protoc-gen-validate. DO NOT EDIT.
+// source: envoy/api/v2/cluster/circuit_breaker.proto
+
+package envoy_api_v2_cluster
+
+import (
+	"bytes"
+	"errors"
+	"fmt"
+	"net"
+	"net/mail"
+	"net/url"
+	"regexp"
+	"sort"
+	"strings"
+	"time"
+	"unicode/utf8"
+
+	"google.golang.org/protobuf/types/known/anypb"
+
+	core "github.com/envoyproxy/go-control-plane/envoy/api/v2/core"
+)
+
+// ensure the imports are used
+var (
+	_ = bytes.MinRead
+	_ = errors.New("")
+	_ = fmt.Print
+	_ = utf8.UTFMax
+	_ = (*regexp.Regexp)(nil)
+	_ = (*strings.Reader)(nil)
+	_ = net.IPv4len
+	_ = time.Duration(0)
+	_ = (*url.URL)(nil)
+	_ = (*mail.Address)(nil)
+	_ = anypb.Any{}
+	_ = sort.Sort
+
+	_ = core.RoutingPriority(0)
+)
+
+// Validate checks the field values on CircuitBreakers with the rules defined
+// in the proto definition for this message. If any rules are violated, the
+// first error encountered is returned, or nil if there are no violations.
+func (m *CircuitBreakers) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on CircuitBreakers with the rules
+// defined in the proto definition for this message. If any rules are
+// violated, the result is a list of violation errors wrapped in
+// CircuitBreakersMultiError, or nil if none found.
+func (m *CircuitBreakers) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *CircuitBreakers) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	for idx, item := range m.GetThresholds() {
+		_, _ = idx, item
+
+		if all {
+			switch v := interface{}(item).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, CircuitBreakersValidationError{
+						field:  fmt.Sprintf("Thresholds[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, CircuitBreakersValidationError{
+						field:  fmt.Sprintf("Thresholds[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(item).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return CircuitBreakersValidationError{
+					field:  fmt.Sprintf("Thresholds[%v]", idx),
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	}
+
+	if len(errors) > 0 {
+		return CircuitBreakersMultiError(errors)
+	}
+	return nil
+}
+
+// CircuitBreakersMultiError is an error wrapping multiple validation errors
+// returned by CircuitBreakers.ValidateAll() if the designated constraints
+// aren't met.
+type CircuitBreakersMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m CircuitBreakersMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m CircuitBreakersMultiError) AllErrors() []error { return m }
+
+// CircuitBreakersValidationError is the validation error returned by
+// CircuitBreakers.Validate if the designated constraints aren't met.
+type CircuitBreakersValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e CircuitBreakersValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e CircuitBreakersValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e CircuitBreakersValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e CircuitBreakersValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e CircuitBreakersValidationError) ErrorName() string { return "CircuitBreakersValidationError" }
+
+// Error satisfies the builtin error interface
+func (e CircuitBreakersValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sCircuitBreakers.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = CircuitBreakersValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = CircuitBreakersValidationError{}
+
+// Validate checks the field values on CircuitBreakers_Thresholds with the
+// rules defined in the proto definition for this message. If any rules are
+// violated, the first error encountered is returned, or nil if there are no violations.
+func (m *CircuitBreakers_Thresholds) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on CircuitBreakers_Thresholds with the
+// rules defined in the proto definition for this message. If any rules are
+// violated, the result is a list of violation errors wrapped in
+// CircuitBreakers_ThresholdsMultiError, or nil if none found.
+func (m *CircuitBreakers_Thresholds) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *CircuitBreakers_Thresholds) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	if _, ok := core.RoutingPriority_name[int32(m.GetPriority())]; !ok {
+		err := CircuitBreakers_ThresholdsValidationError{
+			field:  "Priority",
+			reason: "value must be one of the defined enum values",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+	}
+
+	if all {
+		switch v := interface{}(m.GetMaxConnections()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, CircuitBreakers_ThresholdsValidationError{
+					field:  "MaxConnections",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, CircuitBreakers_ThresholdsValidationError{
+					field:  "MaxConnections",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetMaxConnections()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return CircuitBreakers_ThresholdsValidationError{
+				field:  "MaxConnections",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if all {
+		switch v := interface{}(m.GetMaxPendingRequests()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, CircuitBreakers_ThresholdsValidationError{
+					field:  "MaxPendingRequests",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, CircuitBreakers_ThresholdsValidationError{
+					field:  "MaxPendingRequests",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetMaxPendingRequests()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return CircuitBreakers_ThresholdsValidationError{
+				field:  "MaxPendingRequests",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if all {
+		switch v := interface{}(m.GetMaxRequests()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, CircuitBreakers_ThresholdsValidationError{
+					field:  "MaxRequests",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, CircuitBreakers_ThresholdsValidationError{
+					field:  "MaxRequests",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetMaxRequests()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return CircuitBreakers_ThresholdsValidationError{
+				field:  "MaxRequests",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if all {
+		switch v := interface{}(m.GetMaxRetries()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, CircuitBreakers_ThresholdsValidationError{
+					field:  "MaxRetries",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, CircuitBreakers_ThresholdsValidationError{
+					field:  "MaxRetries",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetMaxRetries()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return CircuitBreakers_ThresholdsValidationError{
+				field:  "MaxRetries",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if all {
+		switch v := interface{}(m.GetRetryBudget()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, CircuitBreakers_ThresholdsValidationError{
+					field:  "RetryBudget",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, CircuitBreakers_ThresholdsValidationError{
+					field:  "RetryBudget",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetRetryBudget()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return CircuitBreakers_ThresholdsValidationError{
+				field:  "RetryBudget",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	// no validation rules for TrackRemaining
+
+	if all {
+		switch v := interface{}(m.GetMaxConnectionPools()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, CircuitBreakers_ThresholdsValidationError{
+					field:  "MaxConnectionPools",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, CircuitBreakers_ThresholdsValidationError{
+					field:  "MaxConnectionPools",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetMaxConnectionPools()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return CircuitBreakers_ThresholdsValidationError{
+				field:  "MaxConnectionPools",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if len(errors) > 0 {
+		return CircuitBreakers_ThresholdsMultiError(errors)
+	}
+	return nil
+}
+
+// CircuitBreakers_ThresholdsMultiError is an error wrapping multiple
+// validation errors returned by CircuitBreakers_Thresholds.ValidateAll() if
+// the designated constraints aren't met.
+type CircuitBreakers_ThresholdsMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m CircuitBreakers_ThresholdsMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m CircuitBreakers_ThresholdsMultiError) AllErrors() []error { return m }
+
+// CircuitBreakers_ThresholdsValidationError is the validation error returned
+// by CircuitBreakers_Thresholds.Validate if the designated constraints aren't met.
+type CircuitBreakers_ThresholdsValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e CircuitBreakers_ThresholdsValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e CircuitBreakers_ThresholdsValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e CircuitBreakers_ThresholdsValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e CircuitBreakers_ThresholdsValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e CircuitBreakers_ThresholdsValidationError) ErrorName() string {
+	return "CircuitBreakers_ThresholdsValidationError"
+}
+
+// Error satisfies the builtin error interface
+func (e CircuitBreakers_ThresholdsValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sCircuitBreakers_Thresholds.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = CircuitBreakers_ThresholdsValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = CircuitBreakers_ThresholdsValidationError{}
+
+// Validate checks the field values on CircuitBreakers_Thresholds_RetryBudget
+// with the rules defined in the proto definition for this message. If any
+// rules are violated, the first error encountered is returned, or nil if
+// there are no violations.
+func (m *CircuitBreakers_Thresholds_RetryBudget) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on
+// CircuitBreakers_Thresholds_RetryBudget with the rules defined in the proto
+// definition for this message. If any rules are violated, the result is a
+// list of violation errors wrapped in
+// CircuitBreakers_Thresholds_RetryBudgetMultiError, or nil if none found.
+func (m *CircuitBreakers_Thresholds_RetryBudget) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *CircuitBreakers_Thresholds_RetryBudget) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	if all {
+		switch v := interface{}(m.GetBudgetPercent()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, CircuitBreakers_Thresholds_RetryBudgetValidationError{
+					field:  "BudgetPercent",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, CircuitBreakers_Thresholds_RetryBudgetValidationError{
+					field:  "BudgetPercent",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetBudgetPercent()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return CircuitBreakers_Thresholds_RetryBudgetValidationError{
+				field:  "BudgetPercent",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if all {
+		switch v := interface{}(m.GetMinRetryConcurrency()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, CircuitBreakers_Thresholds_RetryBudgetValidationError{
+					field:  "MinRetryConcurrency",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, CircuitBreakers_Thresholds_RetryBudgetValidationError{
+					field:  "MinRetryConcurrency",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetMinRetryConcurrency()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return CircuitBreakers_Thresholds_RetryBudgetValidationError{
+				field:  "MinRetryConcurrency",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if len(errors) > 0 {
+		return CircuitBreakers_Thresholds_RetryBudgetMultiError(errors)
+	}
+	return nil
+}
+
+// CircuitBreakers_Thresholds_RetryBudgetMultiError is an error wrapping
+// multiple validation errors returned by
+// CircuitBreakers_Thresholds_RetryBudget.ValidateAll() if the designated
+// constraints aren't met.
+type CircuitBreakers_Thresholds_RetryBudgetMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m CircuitBreakers_Thresholds_RetryBudgetMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m CircuitBreakers_Thresholds_RetryBudgetMultiError) AllErrors() []error { return m }
+
+// CircuitBreakers_Thresholds_RetryBudgetValidationError is the validation
+// error returned by CircuitBreakers_Thresholds_RetryBudget.Validate if the
+// designated constraints aren't met.
+type CircuitBreakers_Thresholds_RetryBudgetValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e CircuitBreakers_Thresholds_RetryBudgetValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e CircuitBreakers_Thresholds_RetryBudgetValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e CircuitBreakers_Thresholds_RetryBudgetValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e CircuitBreakers_Thresholds_RetryBudgetValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e CircuitBreakers_Thresholds_RetryBudgetValidationError) ErrorName() string {
+	return "CircuitBreakers_Thresholds_RetryBudgetValidationError"
+}
+
+// Error satisfies the builtin error interface
+func (e CircuitBreakers_Thresholds_RetryBudgetValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sCircuitBreakers_Thresholds_RetryBudget.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = CircuitBreakers_Thresholds_RetryBudgetValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = CircuitBreakers_Thresholds_RetryBudgetValidationError{}
diff --git a/vendor/github.com/envoyproxy/go-control-plane/envoy/api/v2/cluster/filter.pb.go b/vendor/github.com/envoyproxy/go-control-plane/envoy/api/v2/cluster/filter.pb.go
new file mode 100644
index 00000000000..7fefa7094ae
--- /dev/null
+++ b/vendor/github.com/envoyproxy/go-control-plane/envoy/api/v2/cluster/filter.pb.go
@@ -0,0 +1,185 @@
+// Code generated by protoc-gen-go. DO NOT EDIT.
+// versions:
+// 	protoc-gen-go v1.25.0
+// 	protoc        v3.19.1
+// source: envoy/api/v2/cluster/filter.proto
+
+package envoy_api_v2_cluster
+
+import (
+	_ "github.com/cncf/xds/go/udpa/annotations"
+	_ "github.com/envoyproxy/protoc-gen-validate/validate"
+	proto "github.com/golang/protobuf/proto"
+	any "github.com/golang/protobuf/ptypes/any"
+	protoreflect "google.golang.org/protobuf/reflect/protoreflect"
+	protoimpl "google.golang.org/protobuf/runtime/protoimpl"
+	reflect "reflect"
+	sync "sync"
+)
+
+const (
+	// Verify that this generated code is sufficiently up-to-date.
+	_ = protoimpl.EnforceVersion(20 - protoimpl.MinVersion)
+	// Verify that runtime/protoimpl is sufficiently up-to-date.
+	_ = protoimpl.EnforceVersion(protoimpl.MaxVersion - 20)
+)
+
+// This is a compile-time assertion that a sufficiently up-to-date version
+// of the legacy proto package is being used.
+const _ = proto.ProtoPackageIsVersion4
+
+type Filter struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// The name of the filter to instantiate. The name must match a
+	// :ref:`supported filter <config_network_filters>`.
+	Name string `protobuf:"bytes,1,opt,name=name,proto3" json:"name,omitempty"`
+	// Filter specific configuration which depends on the filter being
+	// instantiated. See the supported filters for further documentation.
+	TypedConfig *any.Any `protobuf:"bytes,2,opt,name=typed_config,json=typedConfig,proto3" json:"typed_config,omitempty"`
+}
+
+func (x *Filter) Reset() {
+	*x = Filter{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_api_v2_cluster_filter_proto_msgTypes[0]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *Filter) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*Filter) ProtoMessage() {}
+
+func (x *Filter) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_api_v2_cluster_filter_proto_msgTypes[0]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use Filter.ProtoReflect.Descriptor instead.
+func (*Filter) Descriptor() ([]byte, []int) {
+	return file_envoy_api_v2_cluster_filter_proto_rawDescGZIP(), []int{0}
+}
+
+func (x *Filter) GetName() string {
+	if x != nil {
+		return x.Name
+	}
+	return ""
+}
+
+func (x *Filter) GetTypedConfig() *any.Any {
+	if x != nil {
+		return x.TypedConfig
+	}
+	return nil
+}
+
+var File_envoy_api_v2_cluster_filter_proto protoreflect.FileDescriptor
+
+var file_envoy_api_v2_cluster_filter_proto_rawDesc = []byte{
+	0x0a, 0x21, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2f, 0x61, 0x70, 0x69, 0x2f, 0x76, 0x32, 0x2f, 0x63,
+	0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0x2f, 0x66, 0x69, 0x6c, 0x74, 0x65, 0x72, 0x2e, 0x70, 0x72,
+	0x6f, 0x74, 0x6f, 0x12, 0x14, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x76,
+	0x32, 0x2e, 0x63, 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0x1a, 0x19, 0x67, 0x6f, 0x6f, 0x67, 0x6c,
+	0x65, 0x2f, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2f, 0x61, 0x6e, 0x79, 0x2e, 0x70,
+	0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x1e, 0x75, 0x64, 0x70, 0x61, 0x2f, 0x61, 0x6e, 0x6e, 0x6f, 0x74,
+	0x61, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x2f, 0x6d, 0x69, 0x67, 0x72, 0x61, 0x74, 0x65, 0x2e, 0x70,
+	0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x1d, 0x75, 0x64, 0x70, 0x61, 0x2f, 0x61, 0x6e, 0x6e, 0x6f, 0x74,
+	0x61, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x2f, 0x73, 0x74, 0x61, 0x74, 0x75, 0x73, 0x2e, 0x70, 0x72,
+	0x6f, 0x74, 0x6f, 0x1a, 0x17, 0x76, 0x61, 0x6c, 0x69, 0x64, 0x61, 0x74, 0x65, 0x2f, 0x76, 0x61,
+	0x6c, 0x69, 0x64, 0x61, 0x74, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x22, 0x5e, 0x0a, 0x06,
+	0x46, 0x69, 0x6c, 0x74, 0x65, 0x72, 0x12, 0x1b, 0x0a, 0x04, 0x6e, 0x61, 0x6d, 0x65, 0x18, 0x01,
+	0x20, 0x01, 0x28, 0x09, 0x42, 0x07, 0xfa, 0x42, 0x04, 0x72, 0x02, 0x20, 0x01, 0x52, 0x04, 0x6e,
+	0x61, 0x6d, 0x65, 0x12, 0x37, 0x0a, 0x0c, 0x74, 0x79, 0x70, 0x65, 0x64, 0x5f, 0x63, 0x6f, 0x6e,
+	0x66, 0x69, 0x67, 0x18, 0x02, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x14, 0x2e, 0x67, 0x6f, 0x6f, 0x67,
+	0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x41, 0x6e, 0x79, 0x52,
+	0x0b, 0x74, 0x79, 0x70, 0x65, 0x64, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x42, 0x8c, 0x01, 0x0a,
+	0x22, 0x69, 0x6f, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x70, 0x72, 0x6f, 0x78, 0x79, 0x2e, 0x65,
+	0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x76, 0x32, 0x2e, 0x63, 0x6c, 0x75, 0x73,
+	0x74, 0x65, 0x72, 0x42, 0x0b, 0x46, 0x69, 0x6c, 0x74, 0x65, 0x72, 0x50, 0x72, 0x6f, 0x74, 0x6f,
+	0x50, 0x01, 0xaa, 0x02, 0x16, 0x45, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x41, 0x70, 0x69, 0x2e, 0x56,
+	0x32, 0x2e, 0x43, 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0x4e, 0x53, 0xea, 0x02, 0x16, 0x45, 0x6e,
+	0x76, 0x6f, 0x79, 0x2e, 0x41, 0x70, 0x69, 0x2e, 0x56, 0x32, 0x2e, 0x43, 0x6c, 0x75, 0x73, 0x74,
+	0x65, 0x72, 0x4e, 0x53, 0xf2, 0x98, 0xfe, 0x8f, 0x05, 0x19, 0x12, 0x17, 0x65, 0x6e, 0x76, 0x6f,
+	0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x63, 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72,
+	0x2e, 0x76, 0x33, 0xba, 0x80, 0xc8, 0xd1, 0x06, 0x02, 0x10, 0x01, 0x62, 0x06, 0x70, 0x72, 0x6f,
+	0x74, 0x6f, 0x33,
+}
+
+var (
+	file_envoy_api_v2_cluster_filter_proto_rawDescOnce sync.Once
+	file_envoy_api_v2_cluster_filter_proto_rawDescData = file_envoy_api_v2_cluster_filter_proto_rawDesc
+)
+
+func file_envoy_api_v2_cluster_filter_proto_rawDescGZIP() []byte {
+	file_envoy_api_v2_cluster_filter_proto_rawDescOnce.Do(func() {
+		file_envoy_api_v2_cluster_filter_proto_rawDescData = protoimpl.X.CompressGZIP(file_envoy_api_v2_cluster_filter_proto_rawDescData)
+	})
+	return file_envoy_api_v2_cluster_filter_proto_rawDescData
+}
+
+var file_envoy_api_v2_cluster_filter_proto_msgTypes = make([]protoimpl.MessageInfo, 1)
+var file_envoy_api_v2_cluster_filter_proto_goTypes = []interface{}{
+	(*Filter)(nil),  // 0: envoy.api.v2.cluster.Filter
+	(*any.Any)(nil), // 1: google.protobuf.Any
+}
+var file_envoy_api_v2_cluster_filter_proto_depIdxs = []int32{
+	1, // 0: envoy.api.v2.cluster.Filter.typed_config:type_name -> google.protobuf.Any
+	1, // [1:1] is the sub-list for method output_type
+	1, // [1:1] is the sub-list for method input_type
+	1, // [1:1] is the sub-list for extension type_name
+	1, // [1:1] is the sub-list for extension extendee
+	0, // [0:1] is the sub-list for field type_name
+}
+
+func init() { file_envoy_api_v2_cluster_filter_proto_init() }
+func file_envoy_api_v2_cluster_filter_proto_init() {
+	if File_envoy_api_v2_cluster_filter_proto != nil {
+		return
+	}
+	if !protoimpl.UnsafeEnabled {
+		file_envoy_api_v2_cluster_filter_proto_msgTypes[0].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*Filter); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+	}
+	type x struct{}
+	out := protoimpl.TypeBuilder{
+		File: protoimpl.DescBuilder{
+			GoPackagePath: reflect.TypeOf(x{}).PkgPath(),
+			RawDescriptor: file_envoy_api_v2_cluster_filter_proto_rawDesc,
+			NumEnums:      0,
+			NumMessages:   1,
+			NumExtensions: 0,
+			NumServices:   0,
+		},
+		GoTypes:           file_envoy_api_v2_cluster_filter_proto_goTypes,
+		DependencyIndexes: file_envoy_api_v2_cluster_filter_proto_depIdxs,
+		MessageInfos:      file_envoy_api_v2_cluster_filter_proto_msgTypes,
+	}.Build()
+	File_envoy_api_v2_cluster_filter_proto = out.File
+	file_envoy_api_v2_cluster_filter_proto_rawDesc = nil
+	file_envoy_api_v2_cluster_filter_proto_goTypes = nil
+	file_envoy_api_v2_cluster_filter_proto_depIdxs = nil
+}
diff --git a/vendor/github.com/envoyproxy/go-control-plane/envoy/api/v2/cluster/filter.pb.validate.go b/vendor/github.com/envoyproxy/go-control-plane/envoy/api/v2/cluster/filter.pb.validate.go
new file mode 100644
index 00000000000..682eb595fc4
--- /dev/null
+++ b/vendor/github.com/envoyproxy/go-control-plane/envoy/api/v2/cluster/filter.pb.validate.go
@@ -0,0 +1,173 @@
+// Code generated by protoc-gen-validate. DO NOT EDIT.
+// source: envoy/api/v2/cluster/filter.proto
+
+package envoy_api_v2_cluster
+
+import (
+	"bytes"
+	"errors"
+	"fmt"
+	"net"
+	"net/mail"
+	"net/url"
+	"regexp"
+	"sort"
+	"strings"
+	"time"
+	"unicode/utf8"
+
+	"google.golang.org/protobuf/types/known/anypb"
+)
+
+// ensure the imports are used
+var (
+	_ = bytes.MinRead
+	_ = errors.New("")
+	_ = fmt.Print
+	_ = utf8.UTFMax
+	_ = (*regexp.Regexp)(nil)
+	_ = (*strings.Reader)(nil)
+	_ = net.IPv4len
+	_ = time.Duration(0)
+	_ = (*url.URL)(nil)
+	_ = (*mail.Address)(nil)
+	_ = anypb.Any{}
+	_ = sort.Sort
+)
+
+// Validate checks the field values on Filter with the rules defined in the
+// proto definition for this message. If any rules are violated, the first
+// error encountered is returned, or nil if there are no violations.
+func (m *Filter) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on Filter with the rules defined in the
+// proto definition for this message. If any rules are violated, the result is
+// a list of violation errors wrapped in FilterMultiError, or nil if none found.
+func (m *Filter) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *Filter) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	if len(m.GetName()) < 1 {
+		err := FilterValidationError{
+			field:  "Name",
+			reason: "value length must be at least 1 bytes",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+	}
+
+	if all {
+		switch v := interface{}(m.GetTypedConfig()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, FilterValidationError{
+					field:  "TypedConfig",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, FilterValidationError{
+					field:  "TypedConfig",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetTypedConfig()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return FilterValidationError{
+				field:  "TypedConfig",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if len(errors) > 0 {
+		return FilterMultiError(errors)
+	}
+	return nil
+}
+
+// FilterMultiError is an error wrapping multiple validation errors returned by
+// Filter.ValidateAll() if the designated constraints aren't met.
+type FilterMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m FilterMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m FilterMultiError) AllErrors() []error { return m }
+
+// FilterValidationError is the validation error returned by Filter.Validate if
+// the designated constraints aren't met.
+type FilterValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e FilterValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e FilterValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e FilterValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e FilterValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e FilterValidationError) ErrorName() string { return "FilterValidationError" }
+
+// Error satisfies the builtin error interface
+func (e FilterValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sFilter.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = FilterValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = FilterValidationError{}
diff --git a/vendor/github.com/envoyproxy/go-control-plane/envoy/api/v2/cluster/outlier_detection.pb.go b/vendor/github.com/envoyproxy/go-control-plane/envoy/api/v2/cluster/outlier_detection.pb.go
new file mode 100644
index 00000000000..6d2ac1120c0
--- /dev/null
+++ b/vendor/github.com/envoyproxy/go-control-plane/envoy/api/v2/cluster/outlier_detection.pb.go
@@ -0,0 +1,549 @@
+// Code generated by protoc-gen-go. DO NOT EDIT.
+// versions:
+// 	protoc-gen-go v1.25.0
+// 	protoc        v3.19.1
+// source: envoy/api/v2/cluster/outlier_detection.proto
+
+package envoy_api_v2_cluster
+
+import (
+	_ "github.com/cncf/xds/go/udpa/annotations"
+	_ "github.com/envoyproxy/protoc-gen-validate/validate"
+	proto "github.com/golang/protobuf/proto"
+	duration "github.com/golang/protobuf/ptypes/duration"
+	wrappers "github.com/golang/protobuf/ptypes/wrappers"
+	protoreflect "google.golang.org/protobuf/reflect/protoreflect"
+	protoimpl "google.golang.org/protobuf/runtime/protoimpl"
+	reflect "reflect"
+	sync "sync"
+)
+
+const (
+	// Verify that this generated code is sufficiently up-to-date.
+	_ = protoimpl.EnforceVersion(20 - protoimpl.MinVersion)
+	// Verify that runtime/protoimpl is sufficiently up-to-date.
+	_ = protoimpl.EnforceVersion(protoimpl.MaxVersion - 20)
+)
+
+// This is a compile-time assertion that a sufficiently up-to-date version
+// of the legacy proto package is being used.
+const _ = proto.ProtoPackageIsVersion4
+
+// See the :ref:`architecture overview <arch_overview_outlier_detection>` for
+// more information on outlier detection.
+// [#next-free-field: 21]
+type OutlierDetection struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// The number of consecutive 5xx responses or local origin errors that are mapped
+	// to 5xx error codes before a consecutive 5xx ejection
+	// occurs. Defaults to 5.
+	Consecutive_5Xx *wrappers.UInt32Value `protobuf:"bytes,1,opt,name=consecutive_5xx,json=consecutive5xx,proto3" json:"consecutive_5xx,omitempty"`
+	// The time interval between ejection analysis sweeps. This can result in
+	// both new ejections as well as hosts being returned to service. Defaults
+	// to 10000ms or 10s.
+	Interval *duration.Duration `protobuf:"bytes,2,opt,name=interval,proto3" json:"interval,omitempty"`
+	// The base time that a host is ejected for. The real time is equal to the
+	// base time multiplied by the number of times the host has been ejected.
+	// Defaults to 30000ms or 30s.
+	BaseEjectionTime *duration.Duration `protobuf:"bytes,3,opt,name=base_ejection_time,json=baseEjectionTime,proto3" json:"base_ejection_time,omitempty"`
+	// The maximum % of an upstream cluster that can be ejected due to outlier
+	// detection. Defaults to 10% but will eject at least one host regardless of the value.
+	MaxEjectionPercent *wrappers.UInt32Value `protobuf:"bytes,4,opt,name=max_ejection_percent,json=maxEjectionPercent,proto3" json:"max_ejection_percent,omitempty"`
+	// The % chance that a host will be actually ejected when an outlier status
+	// is detected through consecutive 5xx. This setting can be used to disable
+	// ejection or to ramp it up slowly. Defaults to 100.
+	EnforcingConsecutive_5Xx *wrappers.UInt32Value `protobuf:"bytes,5,opt,name=enforcing_consecutive_5xx,json=enforcingConsecutive5xx,proto3" json:"enforcing_consecutive_5xx,omitempty"`
+	// The % chance that a host will be actually ejected when an outlier status
+	// is detected through success rate statistics. This setting can be used to
+	// disable ejection or to ramp it up slowly. Defaults to 100.
+	EnforcingSuccessRate *wrappers.UInt32Value `protobuf:"bytes,6,opt,name=enforcing_success_rate,json=enforcingSuccessRate,proto3" json:"enforcing_success_rate,omitempty"`
+	// The number of hosts in a cluster that must have enough request volume to
+	// detect success rate outliers. If the number of hosts is less than this
+	// setting, outlier detection via success rate statistics is not performed
+	// for any host in the cluster. Defaults to 5.
+	SuccessRateMinimumHosts *wrappers.UInt32Value `protobuf:"bytes,7,opt,name=success_rate_minimum_hosts,json=successRateMinimumHosts,proto3" json:"success_rate_minimum_hosts,omitempty"`
+	// The minimum number of total requests that must be collected in one
+	// interval (as defined by the interval duration above) to include this host
+	// in success rate based outlier detection. If the volume is lower than this
+	// setting, outlier detection via success rate statistics is not performed
+	// for that host. Defaults to 100.
+	SuccessRateRequestVolume *wrappers.UInt32Value `protobuf:"bytes,8,opt,name=success_rate_request_volume,json=successRateRequestVolume,proto3" json:"success_rate_request_volume,omitempty"`
+	// This factor is used to determine the ejection threshold for success rate
+	// outlier ejection. The ejection threshold is the difference between the
+	// mean success rate, and the product of this factor and the standard
+	// deviation of the mean success rate: mean - (stdev *
+	// success_rate_stdev_factor). This factor is divided by a thousand to get a
+	// double. That is, if the desired factor is 1.9, the runtime value should
+	// be 1900. Defaults to 1900.
+	SuccessRateStdevFactor *wrappers.UInt32Value `protobuf:"bytes,9,opt,name=success_rate_stdev_factor,json=successRateStdevFactor,proto3" json:"success_rate_stdev_factor,omitempty"`
+	// The number of consecutive gateway failures (502, 503, 504 status codes)
+	// before a consecutive gateway failure ejection occurs. Defaults to 5.
+	ConsecutiveGatewayFailure *wrappers.UInt32Value `protobuf:"bytes,10,opt,name=consecutive_gateway_failure,json=consecutiveGatewayFailure,proto3" json:"consecutive_gateway_failure,omitempty"`
+	// The % chance that a host will be actually ejected when an outlier status
+	// is detected through consecutive gateway failures. This setting can be
+	// used to disable ejection or to ramp it up slowly. Defaults to 0.
+	EnforcingConsecutiveGatewayFailure *wrappers.UInt32Value `protobuf:"bytes,11,opt,name=enforcing_consecutive_gateway_failure,json=enforcingConsecutiveGatewayFailure,proto3" json:"enforcing_consecutive_gateway_failure,omitempty"`
+	// Determines whether to distinguish local origin failures from external errors. If set to true
+	// the following configuration parameters are taken into account:
+	// :ref:`consecutive_local_origin_failure<envoy_api_field_cluster.OutlierDetection.consecutive_local_origin_failure>`,
+	// :ref:`enforcing_consecutive_local_origin_failure<envoy_api_field_cluster.OutlierDetection.enforcing_consecutive_local_origin_failure>`
+	// and
+	// :ref:`enforcing_local_origin_success_rate<envoy_api_field_cluster.OutlierDetection.enforcing_local_origin_success_rate>`.
+	// Defaults to false.
+	SplitExternalLocalOriginErrors bool `protobuf:"varint,12,opt,name=split_external_local_origin_errors,json=splitExternalLocalOriginErrors,proto3" json:"split_external_local_origin_errors,omitempty"`
+	// The number of consecutive locally originated failures before ejection
+	// occurs. Defaults to 5. Parameter takes effect only when
+	// :ref:`split_external_local_origin_errors<envoy_api_field_cluster.OutlierDetection.split_external_local_origin_errors>`
+	// is set to true.
+	ConsecutiveLocalOriginFailure *wrappers.UInt32Value `protobuf:"bytes,13,opt,name=consecutive_local_origin_failure,json=consecutiveLocalOriginFailure,proto3" json:"consecutive_local_origin_failure,omitempty"`
+	// The % chance that a host will be actually ejected when an outlier status
+	// is detected through consecutive locally originated failures. This setting can be
+	// used to disable ejection or to ramp it up slowly. Defaults to 100.
+	// Parameter takes effect only when
+	// :ref:`split_external_local_origin_errors<envoy_api_field_cluster.OutlierDetection.split_external_local_origin_errors>`
+	// is set to true.
+	EnforcingConsecutiveLocalOriginFailure *wrappers.UInt32Value `protobuf:"bytes,14,opt,name=enforcing_consecutive_local_origin_failure,json=enforcingConsecutiveLocalOriginFailure,proto3" json:"enforcing_consecutive_local_origin_failure,omitempty"`
+	// The % chance that a host will be actually ejected when an outlier status
+	// is detected through success rate statistics for locally originated errors.
+	// This setting can be used to disable ejection or to ramp it up slowly. Defaults to 100.
+	// Parameter takes effect only when
+	// :ref:`split_external_local_origin_errors<envoy_api_field_cluster.OutlierDetection.split_external_local_origin_errors>`
+	// is set to true.
+	EnforcingLocalOriginSuccessRate *wrappers.UInt32Value `protobuf:"bytes,15,opt,name=enforcing_local_origin_success_rate,json=enforcingLocalOriginSuccessRate,proto3" json:"enforcing_local_origin_success_rate,omitempty"`
+	// The failure percentage to use when determining failure percentage-based outlier detection. If
+	// the failure percentage of a given host is greater than or equal to this value, it will be
+	// ejected. Defaults to 85.
+	FailurePercentageThreshold *wrappers.UInt32Value `protobuf:"bytes,16,opt,name=failure_percentage_threshold,json=failurePercentageThreshold,proto3" json:"failure_percentage_threshold,omitempty"`
+	// The % chance that a host will be actually ejected when an outlier status is detected through
+	// failure percentage statistics. This setting can be used to disable ejection or to ramp it up
+	// slowly. Defaults to 0.
+	//
+	// [#next-major-version: setting this without setting failure_percentage_threshold should be
+	// invalid in v4.]
+	EnforcingFailurePercentage *wrappers.UInt32Value `protobuf:"bytes,17,opt,name=enforcing_failure_percentage,json=enforcingFailurePercentage,proto3" json:"enforcing_failure_percentage,omitempty"`
+	// The % chance that a host will be actually ejected when an outlier status is detected through
+	// local-origin failure percentage statistics. This setting can be used to disable ejection or to
+	// ramp it up slowly. Defaults to 0.
+	EnforcingFailurePercentageLocalOrigin *wrappers.UInt32Value `protobuf:"bytes,18,opt,name=enforcing_failure_percentage_local_origin,json=enforcingFailurePercentageLocalOrigin,proto3" json:"enforcing_failure_percentage_local_origin,omitempty"`
+	// The minimum number of hosts in a cluster in order to perform failure percentage-based ejection.
+	// If the total number of hosts in the cluster is less than this value, failure percentage-based
+	// ejection will not be performed. Defaults to 5.
+	FailurePercentageMinimumHosts *wrappers.UInt32Value `protobuf:"bytes,19,opt,name=failure_percentage_minimum_hosts,json=failurePercentageMinimumHosts,proto3" json:"failure_percentage_minimum_hosts,omitempty"`
+	// The minimum number of total requests that must be collected in one interval (as defined by the
+	// interval duration above) to perform failure percentage-based ejection for this host. If the
+	// volume is lower than this setting, failure percentage-based ejection will not be performed for
+	// this host. Defaults to 50.
+	FailurePercentageRequestVolume *wrappers.UInt32Value `protobuf:"bytes,20,opt,name=failure_percentage_request_volume,json=failurePercentageRequestVolume,proto3" json:"failure_percentage_request_volume,omitempty"`
+}
+
+func (x *OutlierDetection) Reset() {
+	*x = OutlierDetection{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_api_v2_cluster_outlier_detection_proto_msgTypes[0]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *OutlierDetection) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*OutlierDetection) ProtoMessage() {}
+
+func (x *OutlierDetection) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_api_v2_cluster_outlier_detection_proto_msgTypes[0]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use OutlierDetection.ProtoReflect.Descriptor instead.
+func (*OutlierDetection) Descriptor() ([]byte, []int) {
+	return file_envoy_api_v2_cluster_outlier_detection_proto_rawDescGZIP(), []int{0}
+}
+
+func (x *OutlierDetection) GetConsecutive_5Xx() *wrappers.UInt32Value {
+	if x != nil {
+		return x.Consecutive_5Xx
+	}
+	return nil
+}
+
+func (x *OutlierDetection) GetInterval() *duration.Duration {
+	if x != nil {
+		return x.Interval
+	}
+	return nil
+}
+
+func (x *OutlierDetection) GetBaseEjectionTime() *duration.Duration {
+	if x != nil {
+		return x.BaseEjectionTime
+	}
+	return nil
+}
+
+func (x *OutlierDetection) GetMaxEjectionPercent() *wrappers.UInt32Value {
+	if x != nil {
+		return x.MaxEjectionPercent
+	}
+	return nil
+}
+
+func (x *OutlierDetection) GetEnforcingConsecutive_5Xx() *wrappers.UInt32Value {
+	if x != nil {
+		return x.EnforcingConsecutive_5Xx
+	}
+	return nil
+}
+
+func (x *OutlierDetection) GetEnforcingSuccessRate() *wrappers.UInt32Value {
+	if x != nil {
+		return x.EnforcingSuccessRate
+	}
+	return nil
+}
+
+func (x *OutlierDetection) GetSuccessRateMinimumHosts() *wrappers.UInt32Value {
+	if x != nil {
+		return x.SuccessRateMinimumHosts
+	}
+	return nil
+}
+
+func (x *OutlierDetection) GetSuccessRateRequestVolume() *wrappers.UInt32Value {
+	if x != nil {
+		return x.SuccessRateRequestVolume
+	}
+	return nil
+}
+
+func (x *OutlierDetection) GetSuccessRateStdevFactor() *wrappers.UInt32Value {
+	if x != nil {
+		return x.SuccessRateStdevFactor
+	}
+	return nil
+}
+
+func (x *OutlierDetection) GetConsecutiveGatewayFailure() *wrappers.UInt32Value {
+	if x != nil {
+		return x.ConsecutiveGatewayFailure
+	}
+	return nil
+}
+
+func (x *OutlierDetection) GetEnforcingConsecutiveGatewayFailure() *wrappers.UInt32Value {
+	if x != nil {
+		return x.EnforcingConsecutiveGatewayFailure
+	}
+	return nil
+}
+
+func (x *OutlierDetection) GetSplitExternalLocalOriginErrors() bool {
+	if x != nil {
+		return x.SplitExternalLocalOriginErrors
+	}
+	return false
+}
+
+func (x *OutlierDetection) GetConsecutiveLocalOriginFailure() *wrappers.UInt32Value {
+	if x != nil {
+		return x.ConsecutiveLocalOriginFailure
+	}
+	return nil
+}
+
+func (x *OutlierDetection) GetEnforcingConsecutiveLocalOriginFailure() *wrappers.UInt32Value {
+	if x != nil {
+		return x.EnforcingConsecutiveLocalOriginFailure
+	}
+	return nil
+}
+
+func (x *OutlierDetection) GetEnforcingLocalOriginSuccessRate() *wrappers.UInt32Value {
+	if x != nil {
+		return x.EnforcingLocalOriginSuccessRate
+	}
+	return nil
+}
+
+func (x *OutlierDetection) GetFailurePercentageThreshold() *wrappers.UInt32Value {
+	if x != nil {
+		return x.FailurePercentageThreshold
+	}
+	return nil
+}
+
+func (x *OutlierDetection) GetEnforcingFailurePercentage() *wrappers.UInt32Value {
+	if x != nil {
+		return x.EnforcingFailurePercentage
+	}
+	return nil
+}
+
+func (x *OutlierDetection) GetEnforcingFailurePercentageLocalOrigin() *wrappers.UInt32Value {
+	if x != nil {
+		return x.EnforcingFailurePercentageLocalOrigin
+	}
+	return nil
+}
+
+func (x *OutlierDetection) GetFailurePercentageMinimumHosts() *wrappers.UInt32Value {
+	if x != nil {
+		return x.FailurePercentageMinimumHosts
+	}
+	return nil
+}
+
+func (x *OutlierDetection) GetFailurePercentageRequestVolume() *wrappers.UInt32Value {
+	if x != nil {
+		return x.FailurePercentageRequestVolume
+	}
+	return nil
+}
+
+var File_envoy_api_v2_cluster_outlier_detection_proto protoreflect.FileDescriptor
+
+var file_envoy_api_v2_cluster_outlier_detection_proto_rawDesc = []byte{
+	0x0a, 0x2c, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2f, 0x61, 0x70, 0x69, 0x2f, 0x76, 0x32, 0x2f, 0x63,
+	0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0x2f, 0x6f, 0x75, 0x74, 0x6c, 0x69, 0x65, 0x72, 0x5f, 0x64,
+	0x65, 0x74, 0x65, 0x63, 0x74, 0x69, 0x6f, 0x6e, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x12, 0x14,
+	0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x76, 0x32, 0x2e, 0x63, 0x6c, 0x75,
+	0x73, 0x74, 0x65, 0x72, 0x1a, 0x1e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2f, 0x70, 0x72, 0x6f,
+	0x74, 0x6f, 0x62, 0x75, 0x66, 0x2f, 0x64, 0x75, 0x72, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x2e, 0x70,
+	0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x1e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2f, 0x70, 0x72, 0x6f,
+	0x74, 0x6f, 0x62, 0x75, 0x66, 0x2f, 0x77, 0x72, 0x61, 0x70, 0x70, 0x65, 0x72, 0x73, 0x2e, 0x70,
+	0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x1e, 0x75, 0x64, 0x70, 0x61, 0x2f, 0x61, 0x6e, 0x6e, 0x6f, 0x74,
+	0x61, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x2f, 0x6d, 0x69, 0x67, 0x72, 0x61, 0x74, 0x65, 0x2e, 0x70,
+	0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x1d, 0x75, 0x64, 0x70, 0x61, 0x2f, 0x61, 0x6e, 0x6e, 0x6f, 0x74,
+	0x61, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x2f, 0x73, 0x74, 0x61, 0x74, 0x75, 0x73, 0x2e, 0x70, 0x72,
+	0x6f, 0x74, 0x6f, 0x1a, 0x17, 0x76, 0x61, 0x6c, 0x69, 0x64, 0x61, 0x74, 0x65, 0x2f, 0x76, 0x61,
+	0x6c, 0x69, 0x64, 0x61, 0x74, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x22, 0xbe, 0x0f, 0x0a,
+	0x10, 0x4f, 0x75, 0x74, 0x6c, 0x69, 0x65, 0x72, 0x44, 0x65, 0x74, 0x65, 0x63, 0x74, 0x69, 0x6f,
+	0x6e, 0x12, 0x45, 0x0a, 0x0f, 0x63, 0x6f, 0x6e, 0x73, 0x65, 0x63, 0x75, 0x74, 0x69, 0x76, 0x65,
+	0x5f, 0x35, 0x78, 0x78, 0x18, 0x01, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1c, 0x2e, 0x67, 0x6f, 0x6f,
+	0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x55, 0x49, 0x6e,
+	0x74, 0x33, 0x32, 0x56, 0x61, 0x6c, 0x75, 0x65, 0x52, 0x0e, 0x63, 0x6f, 0x6e, 0x73, 0x65, 0x63,
+	0x75, 0x74, 0x69, 0x76, 0x65, 0x35, 0x78, 0x78, 0x12, 0x3f, 0x0a, 0x08, 0x69, 0x6e, 0x74, 0x65,
+	0x72, 0x76, 0x61, 0x6c, 0x18, 0x02, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x19, 0x2e, 0x67, 0x6f, 0x6f,
+	0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x44, 0x75, 0x72,
+	0x61, 0x74, 0x69, 0x6f, 0x6e, 0x42, 0x08, 0xfa, 0x42, 0x05, 0xaa, 0x01, 0x02, 0x2a, 0x00, 0x52,
+	0x08, 0x69, 0x6e, 0x74, 0x65, 0x72, 0x76, 0x61, 0x6c, 0x12, 0x51, 0x0a, 0x12, 0x62, 0x61, 0x73,
+	0x65, 0x5f, 0x65, 0x6a, 0x65, 0x63, 0x74, 0x69, 0x6f, 0x6e, 0x5f, 0x74, 0x69, 0x6d, 0x65, 0x18,
+	0x03, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x19, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70,
+	0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x44, 0x75, 0x72, 0x61, 0x74, 0x69, 0x6f, 0x6e,
+	0x42, 0x08, 0xfa, 0x42, 0x05, 0xaa, 0x01, 0x02, 0x2a, 0x00, 0x52, 0x10, 0x62, 0x61, 0x73, 0x65,
+	0x45, 0x6a, 0x65, 0x63, 0x74, 0x69, 0x6f, 0x6e, 0x54, 0x69, 0x6d, 0x65, 0x12, 0x57, 0x0a, 0x14,
+	0x6d, 0x61, 0x78, 0x5f, 0x65, 0x6a, 0x65, 0x63, 0x74, 0x69, 0x6f, 0x6e, 0x5f, 0x70, 0x65, 0x72,
+	0x63, 0x65, 0x6e, 0x74, 0x18, 0x04, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1c, 0x2e, 0x67, 0x6f, 0x6f,
+	0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x55, 0x49, 0x6e,
+	0x74, 0x33, 0x32, 0x56, 0x61, 0x6c, 0x75, 0x65, 0x42, 0x07, 0xfa, 0x42, 0x04, 0x2a, 0x02, 0x18,
+	0x64, 0x52, 0x12, 0x6d, 0x61, 0x78, 0x45, 0x6a, 0x65, 0x63, 0x74, 0x69, 0x6f, 0x6e, 0x50, 0x65,
+	0x72, 0x63, 0x65, 0x6e, 0x74, 0x12, 0x61, 0x0a, 0x19, 0x65, 0x6e, 0x66, 0x6f, 0x72, 0x63, 0x69,
+	0x6e, 0x67, 0x5f, 0x63, 0x6f, 0x6e, 0x73, 0x65, 0x63, 0x75, 0x74, 0x69, 0x76, 0x65, 0x5f, 0x35,
+	0x78, 0x78, 0x18, 0x05, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1c, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c,
+	0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x55, 0x49, 0x6e, 0x74, 0x33,
+	0x32, 0x56, 0x61, 0x6c, 0x75, 0x65, 0x42, 0x07, 0xfa, 0x42, 0x04, 0x2a, 0x02, 0x18, 0x64, 0x52,
+	0x17, 0x65, 0x6e, 0x66, 0x6f, 0x72, 0x63, 0x69, 0x6e, 0x67, 0x43, 0x6f, 0x6e, 0x73, 0x65, 0x63,
+	0x75, 0x74, 0x69, 0x76, 0x65, 0x35, 0x78, 0x78, 0x12, 0x5b, 0x0a, 0x16, 0x65, 0x6e, 0x66, 0x6f,
+	0x72, 0x63, 0x69, 0x6e, 0x67, 0x5f, 0x73, 0x75, 0x63, 0x63, 0x65, 0x73, 0x73, 0x5f, 0x72, 0x61,
+	0x74, 0x65, 0x18, 0x06, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1c, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c,
+	0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x55, 0x49, 0x6e, 0x74, 0x33,
+	0x32, 0x56, 0x61, 0x6c, 0x75, 0x65, 0x42, 0x07, 0xfa, 0x42, 0x04, 0x2a, 0x02, 0x18, 0x64, 0x52,
+	0x14, 0x65, 0x6e, 0x66, 0x6f, 0x72, 0x63, 0x69, 0x6e, 0x67, 0x53, 0x75, 0x63, 0x63, 0x65, 0x73,
+	0x73, 0x52, 0x61, 0x74, 0x65, 0x12, 0x59, 0x0a, 0x1a, 0x73, 0x75, 0x63, 0x63, 0x65, 0x73, 0x73,
+	0x5f, 0x72, 0x61, 0x74, 0x65, 0x5f, 0x6d, 0x69, 0x6e, 0x69, 0x6d, 0x75, 0x6d, 0x5f, 0x68, 0x6f,
+	0x73, 0x74, 0x73, 0x18, 0x07, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1c, 0x2e, 0x67, 0x6f, 0x6f, 0x67,
+	0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x55, 0x49, 0x6e, 0x74,
+	0x33, 0x32, 0x56, 0x61, 0x6c, 0x75, 0x65, 0x52, 0x17, 0x73, 0x75, 0x63, 0x63, 0x65, 0x73, 0x73,
+	0x52, 0x61, 0x74, 0x65, 0x4d, 0x69, 0x6e, 0x69, 0x6d, 0x75, 0x6d, 0x48, 0x6f, 0x73, 0x74, 0x73,
+	0x12, 0x5b, 0x0a, 0x1b, 0x73, 0x75, 0x63, 0x63, 0x65, 0x73, 0x73, 0x5f, 0x72, 0x61, 0x74, 0x65,
+	0x5f, 0x72, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x5f, 0x76, 0x6f, 0x6c, 0x75, 0x6d, 0x65, 0x18,
+	0x08, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1c, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70,
+	0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x55, 0x49, 0x6e, 0x74, 0x33, 0x32, 0x56, 0x61,
+	0x6c, 0x75, 0x65, 0x52, 0x18, 0x73, 0x75, 0x63, 0x63, 0x65, 0x73, 0x73, 0x52, 0x61, 0x74, 0x65,
+	0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x56, 0x6f, 0x6c, 0x75, 0x6d, 0x65, 0x12, 0x57, 0x0a,
+	0x19, 0x73, 0x75, 0x63, 0x63, 0x65, 0x73, 0x73, 0x5f, 0x72, 0x61, 0x74, 0x65, 0x5f, 0x73, 0x74,
+	0x64, 0x65, 0x76, 0x5f, 0x66, 0x61, 0x63, 0x74, 0x6f, 0x72, 0x18, 0x09, 0x20, 0x01, 0x28, 0x0b,
+	0x32, 0x1c, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62,
+	0x75, 0x66, 0x2e, 0x55, 0x49, 0x6e, 0x74, 0x33, 0x32, 0x56, 0x61, 0x6c, 0x75, 0x65, 0x52, 0x16,
+	0x73, 0x75, 0x63, 0x63, 0x65, 0x73, 0x73, 0x52, 0x61, 0x74, 0x65, 0x53, 0x74, 0x64, 0x65, 0x76,
+	0x46, 0x61, 0x63, 0x74, 0x6f, 0x72, 0x12, 0x5c, 0x0a, 0x1b, 0x63, 0x6f, 0x6e, 0x73, 0x65, 0x63,
+	0x75, 0x74, 0x69, 0x76, 0x65, 0x5f, 0x67, 0x61, 0x74, 0x65, 0x77, 0x61, 0x79, 0x5f, 0x66, 0x61,
+	0x69, 0x6c, 0x75, 0x72, 0x65, 0x18, 0x0a, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1c, 0x2e, 0x67, 0x6f,
+	0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x55, 0x49,
+	0x6e, 0x74, 0x33, 0x32, 0x56, 0x61, 0x6c, 0x75, 0x65, 0x52, 0x19, 0x63, 0x6f, 0x6e, 0x73, 0x65,
+	0x63, 0x75, 0x74, 0x69, 0x76, 0x65, 0x47, 0x61, 0x74, 0x65, 0x77, 0x61, 0x79, 0x46, 0x61, 0x69,
+	0x6c, 0x75, 0x72, 0x65, 0x12, 0x78, 0x0a, 0x25, 0x65, 0x6e, 0x66, 0x6f, 0x72, 0x63, 0x69, 0x6e,
+	0x67, 0x5f, 0x63, 0x6f, 0x6e, 0x73, 0x65, 0x63, 0x75, 0x74, 0x69, 0x76, 0x65, 0x5f, 0x67, 0x61,
+	0x74, 0x65, 0x77, 0x61, 0x79, 0x5f, 0x66, 0x61, 0x69, 0x6c, 0x75, 0x72, 0x65, 0x18, 0x0b, 0x20,
+	0x01, 0x28, 0x0b, 0x32, 0x1c, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f,
+	0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x55, 0x49, 0x6e, 0x74, 0x33, 0x32, 0x56, 0x61, 0x6c, 0x75,
+	0x65, 0x42, 0x07, 0xfa, 0x42, 0x04, 0x2a, 0x02, 0x18, 0x64, 0x52, 0x22, 0x65, 0x6e, 0x66, 0x6f,
+	0x72, 0x63, 0x69, 0x6e, 0x67, 0x43, 0x6f, 0x6e, 0x73, 0x65, 0x63, 0x75, 0x74, 0x69, 0x76, 0x65,
+	0x47, 0x61, 0x74, 0x65, 0x77, 0x61, 0x79, 0x46, 0x61, 0x69, 0x6c, 0x75, 0x72, 0x65, 0x12, 0x4a,
+	0x0a, 0x22, 0x73, 0x70, 0x6c, 0x69, 0x74, 0x5f, 0x65, 0x78, 0x74, 0x65, 0x72, 0x6e, 0x61, 0x6c,
+	0x5f, 0x6c, 0x6f, 0x63, 0x61, 0x6c, 0x5f, 0x6f, 0x72, 0x69, 0x67, 0x69, 0x6e, 0x5f, 0x65, 0x72,
+	0x72, 0x6f, 0x72, 0x73, 0x18, 0x0c, 0x20, 0x01, 0x28, 0x08, 0x52, 0x1e, 0x73, 0x70, 0x6c, 0x69,
+	0x74, 0x45, 0x78, 0x74, 0x65, 0x72, 0x6e, 0x61, 0x6c, 0x4c, 0x6f, 0x63, 0x61, 0x6c, 0x4f, 0x72,
+	0x69, 0x67, 0x69, 0x6e, 0x45, 0x72, 0x72, 0x6f, 0x72, 0x73, 0x12, 0x65, 0x0a, 0x20, 0x63, 0x6f,
+	0x6e, 0x73, 0x65, 0x63, 0x75, 0x74, 0x69, 0x76, 0x65, 0x5f, 0x6c, 0x6f, 0x63, 0x61, 0x6c, 0x5f,
+	0x6f, 0x72, 0x69, 0x67, 0x69, 0x6e, 0x5f, 0x66, 0x61, 0x69, 0x6c, 0x75, 0x72, 0x65, 0x18, 0x0d,
+	0x20, 0x01, 0x28, 0x0b, 0x32, 0x1c, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72,
+	0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x55, 0x49, 0x6e, 0x74, 0x33, 0x32, 0x56, 0x61, 0x6c,
+	0x75, 0x65, 0x52, 0x1d, 0x63, 0x6f, 0x6e, 0x73, 0x65, 0x63, 0x75, 0x74, 0x69, 0x76, 0x65, 0x4c,
+	0x6f, 0x63, 0x61, 0x6c, 0x4f, 0x72, 0x69, 0x67, 0x69, 0x6e, 0x46, 0x61, 0x69, 0x6c, 0x75, 0x72,
+	0x65, 0x12, 0x81, 0x01, 0x0a, 0x2a, 0x65, 0x6e, 0x66, 0x6f, 0x72, 0x63, 0x69, 0x6e, 0x67, 0x5f,
+	0x63, 0x6f, 0x6e, 0x73, 0x65, 0x63, 0x75, 0x74, 0x69, 0x76, 0x65, 0x5f, 0x6c, 0x6f, 0x63, 0x61,
+	0x6c, 0x5f, 0x6f, 0x72, 0x69, 0x67, 0x69, 0x6e, 0x5f, 0x66, 0x61, 0x69, 0x6c, 0x75, 0x72, 0x65,
+	0x18, 0x0e, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1c, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e,
+	0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x55, 0x49, 0x6e, 0x74, 0x33, 0x32, 0x56,
+	0x61, 0x6c, 0x75, 0x65, 0x42, 0x07, 0xfa, 0x42, 0x04, 0x2a, 0x02, 0x18, 0x64, 0x52, 0x26, 0x65,
+	0x6e, 0x66, 0x6f, 0x72, 0x63, 0x69, 0x6e, 0x67, 0x43, 0x6f, 0x6e, 0x73, 0x65, 0x63, 0x75, 0x74,
+	0x69, 0x76, 0x65, 0x4c, 0x6f, 0x63, 0x61, 0x6c, 0x4f, 0x72, 0x69, 0x67, 0x69, 0x6e, 0x46, 0x61,
+	0x69, 0x6c, 0x75, 0x72, 0x65, 0x12, 0x73, 0x0a, 0x23, 0x65, 0x6e, 0x66, 0x6f, 0x72, 0x63, 0x69,
+	0x6e, 0x67, 0x5f, 0x6c, 0x6f, 0x63, 0x61, 0x6c, 0x5f, 0x6f, 0x72, 0x69, 0x67, 0x69, 0x6e, 0x5f,
+	0x73, 0x75, 0x63, 0x63, 0x65, 0x73, 0x73, 0x5f, 0x72, 0x61, 0x74, 0x65, 0x18, 0x0f, 0x20, 0x01,
+	0x28, 0x0b, 0x32, 0x1c, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74,
+	0x6f, 0x62, 0x75, 0x66, 0x2e, 0x55, 0x49, 0x6e, 0x74, 0x33, 0x32, 0x56, 0x61, 0x6c, 0x75, 0x65,
+	0x42, 0x07, 0xfa, 0x42, 0x04, 0x2a, 0x02, 0x18, 0x64, 0x52, 0x1f, 0x65, 0x6e, 0x66, 0x6f, 0x72,
+	0x63, 0x69, 0x6e, 0x67, 0x4c, 0x6f, 0x63, 0x61, 0x6c, 0x4f, 0x72, 0x69, 0x67, 0x69, 0x6e, 0x53,
+	0x75, 0x63, 0x63, 0x65, 0x73, 0x73, 0x52, 0x61, 0x74, 0x65, 0x12, 0x67, 0x0a, 0x1c, 0x66, 0x61,
+	0x69, 0x6c, 0x75, 0x72, 0x65, 0x5f, 0x70, 0x65, 0x72, 0x63, 0x65, 0x6e, 0x74, 0x61, 0x67, 0x65,
+	0x5f, 0x74, 0x68, 0x72, 0x65, 0x73, 0x68, 0x6f, 0x6c, 0x64, 0x18, 0x10, 0x20, 0x01, 0x28, 0x0b,
+	0x32, 0x1c, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62,
+	0x75, 0x66, 0x2e, 0x55, 0x49, 0x6e, 0x74, 0x33, 0x32, 0x56, 0x61, 0x6c, 0x75, 0x65, 0x42, 0x07,
+	0xfa, 0x42, 0x04, 0x2a, 0x02, 0x18, 0x64, 0x52, 0x1a, 0x66, 0x61, 0x69, 0x6c, 0x75, 0x72, 0x65,
+	0x50, 0x65, 0x72, 0x63, 0x65, 0x6e, 0x74, 0x61, 0x67, 0x65, 0x54, 0x68, 0x72, 0x65, 0x73, 0x68,
+	0x6f, 0x6c, 0x64, 0x12, 0x67, 0x0a, 0x1c, 0x65, 0x6e, 0x66, 0x6f, 0x72, 0x63, 0x69, 0x6e, 0x67,
+	0x5f, 0x66, 0x61, 0x69, 0x6c, 0x75, 0x72, 0x65, 0x5f, 0x70, 0x65, 0x72, 0x63, 0x65, 0x6e, 0x74,
+	0x61, 0x67, 0x65, 0x18, 0x11, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1c, 0x2e, 0x67, 0x6f, 0x6f, 0x67,
+	0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x55, 0x49, 0x6e, 0x74,
+	0x33, 0x32, 0x56, 0x61, 0x6c, 0x75, 0x65, 0x42, 0x07, 0xfa, 0x42, 0x04, 0x2a, 0x02, 0x18, 0x64,
+	0x52, 0x1a, 0x65, 0x6e, 0x66, 0x6f, 0x72, 0x63, 0x69, 0x6e, 0x67, 0x46, 0x61, 0x69, 0x6c, 0x75,
+	0x72, 0x65, 0x50, 0x65, 0x72, 0x63, 0x65, 0x6e, 0x74, 0x61, 0x67, 0x65, 0x12, 0x7f, 0x0a, 0x29,
+	0x65, 0x6e, 0x66, 0x6f, 0x72, 0x63, 0x69, 0x6e, 0x67, 0x5f, 0x66, 0x61, 0x69, 0x6c, 0x75, 0x72,
+	0x65, 0x5f, 0x70, 0x65, 0x72, 0x63, 0x65, 0x6e, 0x74, 0x61, 0x67, 0x65, 0x5f, 0x6c, 0x6f, 0x63,
+	0x61, 0x6c, 0x5f, 0x6f, 0x72, 0x69, 0x67, 0x69, 0x6e, 0x18, 0x12, 0x20, 0x01, 0x28, 0x0b, 0x32,
+	0x1c, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75,
+	0x66, 0x2e, 0x55, 0x49, 0x6e, 0x74, 0x33, 0x32, 0x56, 0x61, 0x6c, 0x75, 0x65, 0x42, 0x07, 0xfa,
+	0x42, 0x04, 0x2a, 0x02, 0x18, 0x64, 0x52, 0x25, 0x65, 0x6e, 0x66, 0x6f, 0x72, 0x63, 0x69, 0x6e,
+	0x67, 0x46, 0x61, 0x69, 0x6c, 0x75, 0x72, 0x65, 0x50, 0x65, 0x72, 0x63, 0x65, 0x6e, 0x74, 0x61,
+	0x67, 0x65, 0x4c, 0x6f, 0x63, 0x61, 0x6c, 0x4f, 0x72, 0x69, 0x67, 0x69, 0x6e, 0x12, 0x65, 0x0a,
+	0x20, 0x66, 0x61, 0x69, 0x6c, 0x75, 0x72, 0x65, 0x5f, 0x70, 0x65, 0x72, 0x63, 0x65, 0x6e, 0x74,
+	0x61, 0x67, 0x65, 0x5f, 0x6d, 0x69, 0x6e, 0x69, 0x6d, 0x75, 0x6d, 0x5f, 0x68, 0x6f, 0x73, 0x74,
+	0x73, 0x18, 0x13, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1c, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65,
+	0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x55, 0x49, 0x6e, 0x74, 0x33, 0x32,
+	0x56, 0x61, 0x6c, 0x75, 0x65, 0x52, 0x1d, 0x66, 0x61, 0x69, 0x6c, 0x75, 0x72, 0x65, 0x50, 0x65,
+	0x72, 0x63, 0x65, 0x6e, 0x74, 0x61, 0x67, 0x65, 0x4d, 0x69, 0x6e, 0x69, 0x6d, 0x75, 0x6d, 0x48,
+	0x6f, 0x73, 0x74, 0x73, 0x12, 0x67, 0x0a, 0x21, 0x66, 0x61, 0x69, 0x6c, 0x75, 0x72, 0x65, 0x5f,
+	0x70, 0x65, 0x72, 0x63, 0x65, 0x6e, 0x74, 0x61, 0x67, 0x65, 0x5f, 0x72, 0x65, 0x71, 0x75, 0x65,
+	0x73, 0x74, 0x5f, 0x76, 0x6f, 0x6c, 0x75, 0x6d, 0x65, 0x18, 0x14, 0x20, 0x01, 0x28, 0x0b, 0x32,
+	0x1c, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75,
+	0x66, 0x2e, 0x55, 0x49, 0x6e, 0x74, 0x33, 0x32, 0x56, 0x61, 0x6c, 0x75, 0x65, 0x52, 0x1e, 0x66,
+	0x61, 0x69, 0x6c, 0x75, 0x72, 0x65, 0x50, 0x65, 0x72, 0x63, 0x65, 0x6e, 0x74, 0x61, 0x67, 0x65,
+	0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x56, 0x6f, 0x6c, 0x75, 0x6d, 0x65, 0x42, 0x96, 0x01,
+	0x0a, 0x22, 0x69, 0x6f, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x70, 0x72, 0x6f, 0x78, 0x79, 0x2e,
+	0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x76, 0x32, 0x2e, 0x63, 0x6c, 0x75,
+	0x73, 0x74, 0x65, 0x72, 0x42, 0x15, 0x4f, 0x75, 0x74, 0x6c, 0x69, 0x65, 0x72, 0x44, 0x65, 0x74,
+	0x65, 0x63, 0x74, 0x69, 0x6f, 0x6e, 0x50, 0x72, 0x6f, 0x74, 0x6f, 0x50, 0x01, 0xaa, 0x02, 0x16,
+	0x45, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x41, 0x70, 0x69, 0x2e, 0x56, 0x32, 0x2e, 0x43, 0x6c, 0x75,
+	0x73, 0x74, 0x65, 0x72, 0x4e, 0x53, 0xea, 0x02, 0x16, 0x45, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x41,
+	0x70, 0x69, 0x2e, 0x56, 0x32, 0x2e, 0x43, 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0x4e, 0x53, 0xf2,
+	0x98, 0xfe, 0x8f, 0x05, 0x19, 0x12, 0x17, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e,
+	0x66, 0x69, 0x67, 0x2e, 0x63, 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0x2e, 0x76, 0x33, 0xba, 0x80,
+	0xc8, 0xd1, 0x06, 0x02, 0x10, 0x01, 0x62, 0x06, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x33,
+}
+
+var (
+	file_envoy_api_v2_cluster_outlier_detection_proto_rawDescOnce sync.Once
+	file_envoy_api_v2_cluster_outlier_detection_proto_rawDescData = file_envoy_api_v2_cluster_outlier_detection_proto_rawDesc
+)
+
+func file_envoy_api_v2_cluster_outlier_detection_proto_rawDescGZIP() []byte {
+	file_envoy_api_v2_cluster_outlier_detection_proto_rawDescOnce.Do(func() {
+		file_envoy_api_v2_cluster_outlier_detection_proto_rawDescData = protoimpl.X.CompressGZIP(file_envoy_api_v2_cluster_outlier_detection_proto_rawDescData)
+	})
+	return file_envoy_api_v2_cluster_outlier_detection_proto_rawDescData
+}
+
+var file_envoy_api_v2_cluster_outlier_detection_proto_msgTypes = make([]protoimpl.MessageInfo, 1)
+var file_envoy_api_v2_cluster_outlier_detection_proto_goTypes = []interface{}{
+	(*OutlierDetection)(nil),     // 0: envoy.api.v2.cluster.OutlierDetection
+	(*wrappers.UInt32Value)(nil), // 1: google.protobuf.UInt32Value
+	(*duration.Duration)(nil),    // 2: google.protobuf.Duration
+}
+var file_envoy_api_v2_cluster_outlier_detection_proto_depIdxs = []int32{
+	1,  // 0: envoy.api.v2.cluster.OutlierDetection.consecutive_5xx:type_name -> google.protobuf.UInt32Value
+	2,  // 1: envoy.api.v2.cluster.OutlierDetection.interval:type_name -> google.protobuf.Duration
+	2,  // 2: envoy.api.v2.cluster.OutlierDetection.base_ejection_time:type_name -> google.protobuf.Duration
+	1,  // 3: envoy.api.v2.cluster.OutlierDetection.max_ejection_percent:type_name -> google.protobuf.UInt32Value
+	1,  // 4: envoy.api.v2.cluster.OutlierDetection.enforcing_consecutive_5xx:type_name -> google.protobuf.UInt32Value
+	1,  // 5: envoy.api.v2.cluster.OutlierDetection.enforcing_success_rate:type_name -> google.protobuf.UInt32Value
+	1,  // 6: envoy.api.v2.cluster.OutlierDetection.success_rate_minimum_hosts:type_name -> google.protobuf.UInt32Value
+	1,  // 7: envoy.api.v2.cluster.OutlierDetection.success_rate_request_volume:type_name -> google.protobuf.UInt32Value
+	1,  // 8: envoy.api.v2.cluster.OutlierDetection.success_rate_stdev_factor:type_name -> google.protobuf.UInt32Value
+	1,  // 9: envoy.api.v2.cluster.OutlierDetection.consecutive_gateway_failure:type_name -> google.protobuf.UInt32Value
+	1,  // 10: envoy.api.v2.cluster.OutlierDetection.enforcing_consecutive_gateway_failure:type_name -> google.protobuf.UInt32Value
+	1,  // 11: envoy.api.v2.cluster.OutlierDetection.consecutive_local_origin_failure:type_name -> google.protobuf.UInt32Value
+	1,  // 12: envoy.api.v2.cluster.OutlierDetection.enforcing_consecutive_local_origin_failure:type_name -> google.protobuf.UInt32Value
+	1,  // 13: envoy.api.v2.cluster.OutlierDetection.enforcing_local_origin_success_rate:type_name -> google.protobuf.UInt32Value
+	1,  // 14: envoy.api.v2.cluster.OutlierDetection.failure_percentage_threshold:type_name -> google.protobuf.UInt32Value
+	1,  // 15: envoy.api.v2.cluster.OutlierDetection.enforcing_failure_percentage:type_name -> google.protobuf.UInt32Value
+	1,  // 16: envoy.api.v2.cluster.OutlierDetection.enforcing_failure_percentage_local_origin:type_name -> google.protobuf.UInt32Value
+	1,  // 17: envoy.api.v2.cluster.OutlierDetection.failure_percentage_minimum_hosts:type_name -> google.protobuf.UInt32Value
+	1,  // 18: envoy.api.v2.cluster.OutlierDetection.failure_percentage_request_volume:type_name -> google.protobuf.UInt32Value
+	19, // [19:19] is the sub-list for method output_type
+	19, // [19:19] is the sub-list for method input_type
+	19, // [19:19] is the sub-list for extension type_name
+	19, // [19:19] is the sub-list for extension extendee
+	0,  // [0:19] is the sub-list for field type_name
+}
+
+func init() { file_envoy_api_v2_cluster_outlier_detection_proto_init() }
+func file_envoy_api_v2_cluster_outlier_detection_proto_init() {
+	if File_envoy_api_v2_cluster_outlier_detection_proto != nil {
+		return
+	}
+	if !protoimpl.UnsafeEnabled {
+		file_envoy_api_v2_cluster_outlier_detection_proto_msgTypes[0].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*OutlierDetection); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+	}
+	type x struct{}
+	out := protoimpl.TypeBuilder{
+		File: protoimpl.DescBuilder{
+			GoPackagePath: reflect.TypeOf(x{}).PkgPath(),
+			RawDescriptor: file_envoy_api_v2_cluster_outlier_detection_proto_rawDesc,
+			NumEnums:      0,
+			NumMessages:   1,
+			NumExtensions: 0,
+			NumServices:   0,
+		},
+		GoTypes:           file_envoy_api_v2_cluster_outlier_detection_proto_goTypes,
+		DependencyIndexes: file_envoy_api_v2_cluster_outlier_detection_proto_depIdxs,
+		MessageInfos:      file_envoy_api_v2_cluster_outlier_detection_proto_msgTypes,
+	}.Build()
+	File_envoy_api_v2_cluster_outlier_detection_proto = out.File
+	file_envoy_api_v2_cluster_outlier_detection_proto_rawDesc = nil
+	file_envoy_api_v2_cluster_outlier_detection_proto_goTypes = nil
+	file_envoy_api_v2_cluster_outlier_detection_proto_depIdxs = nil
+}
diff --git a/vendor/github.com/envoyproxy/go-control-plane/envoy/api/v2/cluster/outlier_detection.pb.validate.go b/vendor/github.com/envoyproxy/go-control-plane/envoy/api/v2/cluster/outlier_detection.pb.validate.go
new file mode 100644
index 00000000000..dfc6d9413ba
--- /dev/null
+++ b/vendor/github.com/envoyproxy/go-control-plane/envoy/api/v2/cluster/outlier_detection.pb.validate.go
@@ -0,0 +1,564 @@
+// Code generated by protoc-gen-validate. DO NOT EDIT.
+// source: envoy/api/v2/cluster/outlier_detection.proto
+
+package envoy_api_v2_cluster
+
+import (
+	"bytes"
+	"errors"
+	"fmt"
+	"net"
+	"net/mail"
+	"net/url"
+	"regexp"
+	"sort"
+	"strings"
+	"time"
+	"unicode/utf8"
+
+	"google.golang.org/protobuf/types/known/anypb"
+)
+
+// ensure the imports are used
+var (
+	_ = bytes.MinRead
+	_ = errors.New("")
+	_ = fmt.Print
+	_ = utf8.UTFMax
+	_ = (*regexp.Regexp)(nil)
+	_ = (*strings.Reader)(nil)
+	_ = net.IPv4len
+	_ = time.Duration(0)
+	_ = (*url.URL)(nil)
+	_ = (*mail.Address)(nil)
+	_ = anypb.Any{}
+	_ = sort.Sort
+)
+
+// Validate checks the field values on OutlierDetection with the rules defined
+// in the proto definition for this message. If any rules are violated, the
+// first error encountered is returned, or nil if there are no violations.
+func (m *OutlierDetection) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on OutlierDetection with the rules
+// defined in the proto definition for this message. If any rules are
+// violated, the result is a list of violation errors wrapped in
+// OutlierDetectionMultiError, or nil if none found.
+func (m *OutlierDetection) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *OutlierDetection) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	if all {
+		switch v := interface{}(m.GetConsecutive_5Xx()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, OutlierDetectionValidationError{
+					field:  "Consecutive_5Xx",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, OutlierDetectionValidationError{
+					field:  "Consecutive_5Xx",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetConsecutive_5Xx()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return OutlierDetectionValidationError{
+				field:  "Consecutive_5Xx",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if d := m.GetInterval(); d != nil {
+		dur, err := d.AsDuration(), d.CheckValid()
+		if err != nil {
+			err = OutlierDetectionValidationError{
+				field:  "Interval",
+				reason: "value is not a valid duration",
+				cause:  err,
+			}
+			if !all {
+				return err
+			}
+			errors = append(errors, err)
+		} else {
+
+			gt := time.Duration(0*time.Second + 0*time.Nanosecond)
+
+			if dur <= gt {
+				err := OutlierDetectionValidationError{
+					field:  "Interval",
+					reason: "value must be greater than 0s",
+				}
+				if !all {
+					return err
+				}
+				errors = append(errors, err)
+			}
+
+		}
+	}
+
+	if d := m.GetBaseEjectionTime(); d != nil {
+		dur, err := d.AsDuration(), d.CheckValid()
+		if err != nil {
+			err = OutlierDetectionValidationError{
+				field:  "BaseEjectionTime",
+				reason: "value is not a valid duration",
+				cause:  err,
+			}
+			if !all {
+				return err
+			}
+			errors = append(errors, err)
+		} else {
+
+			gt := time.Duration(0*time.Second + 0*time.Nanosecond)
+
+			if dur <= gt {
+				err := OutlierDetectionValidationError{
+					field:  "BaseEjectionTime",
+					reason: "value must be greater than 0s",
+				}
+				if !all {
+					return err
+				}
+				errors = append(errors, err)
+			}
+
+		}
+	}
+
+	if wrapper := m.GetMaxEjectionPercent(); wrapper != nil {
+
+		if wrapper.GetValue() > 100 {
+			err := OutlierDetectionValidationError{
+				field:  "MaxEjectionPercent",
+				reason: "value must be less than or equal to 100",
+			}
+			if !all {
+				return err
+			}
+			errors = append(errors, err)
+		}
+
+	}
+
+	if wrapper := m.GetEnforcingConsecutive_5Xx(); wrapper != nil {
+
+		if wrapper.GetValue() > 100 {
+			err := OutlierDetectionValidationError{
+				field:  "EnforcingConsecutive_5Xx",
+				reason: "value must be less than or equal to 100",
+			}
+			if !all {
+				return err
+			}
+			errors = append(errors, err)
+		}
+
+	}
+
+	if wrapper := m.GetEnforcingSuccessRate(); wrapper != nil {
+
+		if wrapper.GetValue() > 100 {
+			err := OutlierDetectionValidationError{
+				field:  "EnforcingSuccessRate",
+				reason: "value must be less than or equal to 100",
+			}
+			if !all {
+				return err
+			}
+			errors = append(errors, err)
+		}
+
+	}
+
+	if all {
+		switch v := interface{}(m.GetSuccessRateMinimumHosts()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, OutlierDetectionValidationError{
+					field:  "SuccessRateMinimumHosts",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, OutlierDetectionValidationError{
+					field:  "SuccessRateMinimumHosts",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetSuccessRateMinimumHosts()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return OutlierDetectionValidationError{
+				field:  "SuccessRateMinimumHosts",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if all {
+		switch v := interface{}(m.GetSuccessRateRequestVolume()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, OutlierDetectionValidationError{
+					field:  "SuccessRateRequestVolume",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, OutlierDetectionValidationError{
+					field:  "SuccessRateRequestVolume",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetSuccessRateRequestVolume()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return OutlierDetectionValidationError{
+				field:  "SuccessRateRequestVolume",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if all {
+		switch v := interface{}(m.GetSuccessRateStdevFactor()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, OutlierDetectionValidationError{
+					field:  "SuccessRateStdevFactor",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, OutlierDetectionValidationError{
+					field:  "SuccessRateStdevFactor",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetSuccessRateStdevFactor()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return OutlierDetectionValidationError{
+				field:  "SuccessRateStdevFactor",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if all {
+		switch v := interface{}(m.GetConsecutiveGatewayFailure()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, OutlierDetectionValidationError{
+					field:  "ConsecutiveGatewayFailure",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, OutlierDetectionValidationError{
+					field:  "ConsecutiveGatewayFailure",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetConsecutiveGatewayFailure()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return OutlierDetectionValidationError{
+				field:  "ConsecutiveGatewayFailure",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if wrapper := m.GetEnforcingConsecutiveGatewayFailure(); wrapper != nil {
+
+		if wrapper.GetValue() > 100 {
+			err := OutlierDetectionValidationError{
+				field:  "EnforcingConsecutiveGatewayFailure",
+				reason: "value must be less than or equal to 100",
+			}
+			if !all {
+				return err
+			}
+			errors = append(errors, err)
+		}
+
+	}
+
+	// no validation rules for SplitExternalLocalOriginErrors
+
+	if all {
+		switch v := interface{}(m.GetConsecutiveLocalOriginFailure()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, OutlierDetectionValidationError{
+					field:  "ConsecutiveLocalOriginFailure",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, OutlierDetectionValidationError{
+					field:  "ConsecutiveLocalOriginFailure",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetConsecutiveLocalOriginFailure()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return OutlierDetectionValidationError{
+				field:  "ConsecutiveLocalOriginFailure",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if wrapper := m.GetEnforcingConsecutiveLocalOriginFailure(); wrapper != nil {
+
+		if wrapper.GetValue() > 100 {
+			err := OutlierDetectionValidationError{
+				field:  "EnforcingConsecutiveLocalOriginFailure",
+				reason: "value must be less than or equal to 100",
+			}
+			if !all {
+				return err
+			}
+			errors = append(errors, err)
+		}
+
+	}
+
+	if wrapper := m.GetEnforcingLocalOriginSuccessRate(); wrapper != nil {
+
+		if wrapper.GetValue() > 100 {
+			err := OutlierDetectionValidationError{
+				field:  "EnforcingLocalOriginSuccessRate",
+				reason: "value must be less than or equal to 100",
+			}
+			if !all {
+				return err
+			}
+			errors = append(errors, err)
+		}
+
+	}
+
+	if wrapper := m.GetFailurePercentageThreshold(); wrapper != nil {
+
+		if wrapper.GetValue() > 100 {
+			err := OutlierDetectionValidationError{
+				field:  "FailurePercentageThreshold",
+				reason: "value must be less than or equal to 100",
+			}
+			if !all {
+				return err
+			}
+			errors = append(errors, err)
+		}
+
+	}
+
+	if wrapper := m.GetEnforcingFailurePercentage(); wrapper != nil {
+
+		if wrapper.GetValue() > 100 {
+			err := OutlierDetectionValidationError{
+				field:  "EnforcingFailurePercentage",
+				reason: "value must be less than or equal to 100",
+			}
+			if !all {
+				return err
+			}
+			errors = append(errors, err)
+		}
+
+	}
+
+	if wrapper := m.GetEnforcingFailurePercentageLocalOrigin(); wrapper != nil {
+
+		if wrapper.GetValue() > 100 {
+			err := OutlierDetectionValidationError{
+				field:  "EnforcingFailurePercentageLocalOrigin",
+				reason: "value must be less than or equal to 100",
+			}
+			if !all {
+				return err
+			}
+			errors = append(errors, err)
+		}
+
+	}
+
+	if all {
+		switch v := interface{}(m.GetFailurePercentageMinimumHosts()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, OutlierDetectionValidationError{
+					field:  "FailurePercentageMinimumHosts",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, OutlierDetectionValidationError{
+					field:  "FailurePercentageMinimumHosts",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetFailurePercentageMinimumHosts()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return OutlierDetectionValidationError{
+				field:  "FailurePercentageMinimumHosts",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if all {
+		switch v := interface{}(m.GetFailurePercentageRequestVolume()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, OutlierDetectionValidationError{
+					field:  "FailurePercentageRequestVolume",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, OutlierDetectionValidationError{
+					field:  "FailurePercentageRequestVolume",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetFailurePercentageRequestVolume()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return OutlierDetectionValidationError{
+				field:  "FailurePercentageRequestVolume",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if len(errors) > 0 {
+		return OutlierDetectionMultiError(errors)
+	}
+	return nil
+}
+
+// OutlierDetectionMultiError is an error wrapping multiple validation errors
+// returned by OutlierDetection.ValidateAll() if the designated constraints
+// aren't met.
+type OutlierDetectionMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m OutlierDetectionMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m OutlierDetectionMultiError) AllErrors() []error { return m }
+
+// OutlierDetectionValidationError is the validation error returned by
+// OutlierDetection.Validate if the designated constraints aren't met.
+type OutlierDetectionValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e OutlierDetectionValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e OutlierDetectionValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e OutlierDetectionValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e OutlierDetectionValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e OutlierDetectionValidationError) ErrorName() string { return "OutlierDetectionValidationError" }
+
+// Error satisfies the builtin error interface
+func (e OutlierDetectionValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sOutlierDetection.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = OutlierDetectionValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = OutlierDetectionValidationError{}
diff --git a/vendor/github.com/envoyproxy/go-control-plane/envoy/api/v2/core/address.pb.go b/vendor/github.com/envoyproxy/go-control-plane/envoy/api/v2/core/address.pb.go
new file mode 100644
index 00000000000..22db7ceb1b2
--- /dev/null
+++ b/vendor/github.com/envoyproxy/go-control-plane/envoy/api/v2/core/address.pb.go
@@ -0,0 +1,806 @@
+// Code generated by protoc-gen-go. DO NOT EDIT.
+// versions:
+// 	protoc-gen-go v1.25.0
+// 	protoc        v3.19.1
+// source: envoy/api/v2/core/address.proto
+
+package envoy_api_v2_core
+
+import (
+	_ "github.com/cncf/xds/go/udpa/annotations"
+	_ "github.com/envoyproxy/protoc-gen-validate/validate"
+	proto "github.com/golang/protobuf/proto"
+	wrappers "github.com/golang/protobuf/ptypes/wrappers"
+	protoreflect "google.golang.org/protobuf/reflect/protoreflect"
+	protoimpl "google.golang.org/protobuf/runtime/protoimpl"
+	reflect "reflect"
+	sync "sync"
+)
+
+const (
+	// Verify that this generated code is sufficiently up-to-date.
+	_ = protoimpl.EnforceVersion(20 - protoimpl.MinVersion)
+	// Verify that runtime/protoimpl is sufficiently up-to-date.
+	_ = protoimpl.EnforceVersion(protoimpl.MaxVersion - 20)
+)
+
+// This is a compile-time assertion that a sufficiently up-to-date version
+// of the legacy proto package is being used.
+const _ = proto.ProtoPackageIsVersion4
+
+type SocketAddress_Protocol int32
+
+const (
+	SocketAddress_TCP SocketAddress_Protocol = 0
+	SocketAddress_UDP SocketAddress_Protocol = 1
+)
+
+// Enum value maps for SocketAddress_Protocol.
+var (
+	SocketAddress_Protocol_name = map[int32]string{
+		0: "TCP",
+		1: "UDP",
+	}
+	SocketAddress_Protocol_value = map[string]int32{
+		"TCP": 0,
+		"UDP": 1,
+	}
+)
+
+func (x SocketAddress_Protocol) Enum() *SocketAddress_Protocol {
+	p := new(SocketAddress_Protocol)
+	*p = x
+	return p
+}
+
+func (x SocketAddress_Protocol) String() string {
+	return protoimpl.X.EnumStringOf(x.Descriptor(), protoreflect.EnumNumber(x))
+}
+
+func (SocketAddress_Protocol) Descriptor() protoreflect.EnumDescriptor {
+	return file_envoy_api_v2_core_address_proto_enumTypes[0].Descriptor()
+}
+
+func (SocketAddress_Protocol) Type() protoreflect.EnumType {
+	return &file_envoy_api_v2_core_address_proto_enumTypes[0]
+}
+
+func (x SocketAddress_Protocol) Number() protoreflect.EnumNumber {
+	return protoreflect.EnumNumber(x)
+}
+
+// Deprecated: Use SocketAddress_Protocol.Descriptor instead.
+func (SocketAddress_Protocol) EnumDescriptor() ([]byte, []int) {
+	return file_envoy_api_v2_core_address_proto_rawDescGZIP(), []int{1, 0}
+}
+
+type Pipe struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// Unix Domain Socket path. On Linux, paths starting with '@' will use the
+	// abstract namespace. The starting '@' is replaced by a null byte by Envoy.
+	// Paths starting with '@' will result in an error in environments other than
+	// Linux.
+	Path string `protobuf:"bytes,1,opt,name=path,proto3" json:"path,omitempty"`
+	// The mode for the Pipe. Not applicable for abstract sockets.
+	Mode uint32 `protobuf:"varint,2,opt,name=mode,proto3" json:"mode,omitempty"`
+}
+
+func (x *Pipe) Reset() {
+	*x = Pipe{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_api_v2_core_address_proto_msgTypes[0]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *Pipe) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*Pipe) ProtoMessage() {}
+
+func (x *Pipe) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_api_v2_core_address_proto_msgTypes[0]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use Pipe.ProtoReflect.Descriptor instead.
+func (*Pipe) Descriptor() ([]byte, []int) {
+	return file_envoy_api_v2_core_address_proto_rawDescGZIP(), []int{0}
+}
+
+func (x *Pipe) GetPath() string {
+	if x != nil {
+		return x.Path
+	}
+	return ""
+}
+
+func (x *Pipe) GetMode() uint32 {
+	if x != nil {
+		return x.Mode
+	}
+	return 0
+}
+
+// [#next-free-field: 7]
+type SocketAddress struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	Protocol SocketAddress_Protocol `protobuf:"varint,1,opt,name=protocol,proto3,enum=envoy.api.v2.core.SocketAddress_Protocol" json:"protocol,omitempty"`
+	// The address for this socket. :ref:`Listeners <config_listeners>` will bind
+	// to the address. An empty address is not allowed. Specify ``0.0.0.0`` or ``::``
+	// to bind to any address. [#comment:TODO(zuercher) reinstate when implemented:
+	// It is possible to distinguish a Listener address via the prefix/suffix matching
+	// in :ref:`FilterChainMatch <envoy_api_msg_listener.FilterChainMatch>`.] When used
+	// within an upstream :ref:`BindConfig <envoy_api_msg_core.BindConfig>`, the address
+	// controls the source address of outbound connections. For :ref:`clusters
+	// <envoy_api_msg_Cluster>`, the cluster type determines whether the
+	// address must be an IP (*STATIC* or *EDS* clusters) or a hostname resolved by DNS
+	// (*STRICT_DNS* or *LOGICAL_DNS* clusters). Address resolution can be customized
+	// via :ref:`resolver_name <envoy_api_field_core.SocketAddress.resolver_name>`.
+	Address string `protobuf:"bytes,2,opt,name=address,proto3" json:"address,omitempty"`
+	// Types that are assignable to PortSpecifier:
+	//	*SocketAddress_PortValue
+	//	*SocketAddress_NamedPort
+	PortSpecifier isSocketAddress_PortSpecifier `protobuf_oneof:"port_specifier"`
+	// The name of the custom resolver. This must have been registered with Envoy. If
+	// this is empty, a context dependent default applies. If the address is a concrete
+	// IP address, no resolution will occur. If address is a hostname this
+	// should be set for resolution other than DNS. Specifying a custom resolver with
+	// *STRICT_DNS* or *LOGICAL_DNS* will generate an error at runtime.
+	ResolverName string `protobuf:"bytes,5,opt,name=resolver_name,json=resolverName,proto3" json:"resolver_name,omitempty"`
+	// When binding to an IPv6 address above, this enables `IPv4 compatibility
+	// <https://tools.ietf.org/html/rfc3493#page-11>`_. Binding to ``::`` will
+	// allow both IPv4 and IPv6 connections, with peer IPv4 addresses mapped into
+	// IPv6 space as ``::FFFF:<IPv4-address>``.
+	Ipv4Compat bool `protobuf:"varint,6,opt,name=ipv4_compat,json=ipv4Compat,proto3" json:"ipv4_compat,omitempty"`
+}
+
+func (x *SocketAddress) Reset() {
+	*x = SocketAddress{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_api_v2_core_address_proto_msgTypes[1]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *SocketAddress) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*SocketAddress) ProtoMessage() {}
+
+func (x *SocketAddress) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_api_v2_core_address_proto_msgTypes[1]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use SocketAddress.ProtoReflect.Descriptor instead.
+func (*SocketAddress) Descriptor() ([]byte, []int) {
+	return file_envoy_api_v2_core_address_proto_rawDescGZIP(), []int{1}
+}
+
+func (x *SocketAddress) GetProtocol() SocketAddress_Protocol {
+	if x != nil {
+		return x.Protocol
+	}
+	return SocketAddress_TCP
+}
+
+func (x *SocketAddress) GetAddress() string {
+	if x != nil {
+		return x.Address
+	}
+	return ""
+}
+
+func (m *SocketAddress) GetPortSpecifier() isSocketAddress_PortSpecifier {
+	if m != nil {
+		return m.PortSpecifier
+	}
+	return nil
+}
+
+func (x *SocketAddress) GetPortValue() uint32 {
+	if x, ok := x.GetPortSpecifier().(*SocketAddress_PortValue); ok {
+		return x.PortValue
+	}
+	return 0
+}
+
+func (x *SocketAddress) GetNamedPort() string {
+	if x, ok := x.GetPortSpecifier().(*SocketAddress_NamedPort); ok {
+		return x.NamedPort
+	}
+	return ""
+}
+
+func (x *SocketAddress) GetResolverName() string {
+	if x != nil {
+		return x.ResolverName
+	}
+	return ""
+}
+
+func (x *SocketAddress) GetIpv4Compat() bool {
+	if x != nil {
+		return x.Ipv4Compat
+	}
+	return false
+}
+
+type isSocketAddress_PortSpecifier interface {
+	isSocketAddress_PortSpecifier()
+}
+
+type SocketAddress_PortValue struct {
+	PortValue uint32 `protobuf:"varint,3,opt,name=port_value,json=portValue,proto3,oneof"`
+}
+
+type SocketAddress_NamedPort struct {
+	// This is only valid if :ref:`resolver_name
+	// <envoy_api_field_core.SocketAddress.resolver_name>` is specified below and the
+	// named resolver is capable of named port resolution.
+	NamedPort string `protobuf:"bytes,4,opt,name=named_port,json=namedPort,proto3,oneof"`
+}
+
+func (*SocketAddress_PortValue) isSocketAddress_PortSpecifier() {}
+
+func (*SocketAddress_NamedPort) isSocketAddress_PortSpecifier() {}
+
+type TcpKeepalive struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// Maximum number of keepalive probes to send without response before deciding
+	// the connection is dead. Default is to use the OS level configuration (unless
+	// overridden, Linux defaults to 9.)
+	KeepaliveProbes *wrappers.UInt32Value `protobuf:"bytes,1,opt,name=keepalive_probes,json=keepaliveProbes,proto3" json:"keepalive_probes,omitempty"`
+	// The number of seconds a connection needs to be idle before keep-alive probes
+	// start being sent. Default is to use the OS level configuration (unless
+	// overridden, Linux defaults to 7200s (i.e., 2 hours.)
+	KeepaliveTime *wrappers.UInt32Value `protobuf:"bytes,2,opt,name=keepalive_time,json=keepaliveTime,proto3" json:"keepalive_time,omitempty"`
+	// The number of seconds between keep-alive probes. Default is to use the OS
+	// level configuration (unless overridden, Linux defaults to 75s.)
+	KeepaliveInterval *wrappers.UInt32Value `protobuf:"bytes,3,opt,name=keepalive_interval,json=keepaliveInterval,proto3" json:"keepalive_interval,omitempty"`
+}
+
+func (x *TcpKeepalive) Reset() {
+	*x = TcpKeepalive{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_api_v2_core_address_proto_msgTypes[2]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *TcpKeepalive) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*TcpKeepalive) ProtoMessage() {}
+
+func (x *TcpKeepalive) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_api_v2_core_address_proto_msgTypes[2]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use TcpKeepalive.ProtoReflect.Descriptor instead.
+func (*TcpKeepalive) Descriptor() ([]byte, []int) {
+	return file_envoy_api_v2_core_address_proto_rawDescGZIP(), []int{2}
+}
+
+func (x *TcpKeepalive) GetKeepaliveProbes() *wrappers.UInt32Value {
+	if x != nil {
+		return x.KeepaliveProbes
+	}
+	return nil
+}
+
+func (x *TcpKeepalive) GetKeepaliveTime() *wrappers.UInt32Value {
+	if x != nil {
+		return x.KeepaliveTime
+	}
+	return nil
+}
+
+func (x *TcpKeepalive) GetKeepaliveInterval() *wrappers.UInt32Value {
+	if x != nil {
+		return x.KeepaliveInterval
+	}
+	return nil
+}
+
+type BindConfig struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// The address to bind to when creating a socket.
+	SourceAddress *SocketAddress `protobuf:"bytes,1,opt,name=source_address,json=sourceAddress,proto3" json:"source_address,omitempty"`
+	// Whether to set the *IP_FREEBIND* option when creating the socket. When this
+	// flag is set to true, allows the :ref:`source_address
+	// <envoy_api_field_UpstreamBindConfig.source_address>` to be an IP address
+	// that is not configured on the system running Envoy. When this flag is set
+	// to false, the option *IP_FREEBIND* is disabled on the socket. When this
+	// flag is not set (default), the socket is not modified, i.e. the option is
+	// neither enabled nor disabled.
+	Freebind *wrappers.BoolValue `protobuf:"bytes,2,opt,name=freebind,proto3" json:"freebind,omitempty"`
+	// Additional socket options that may not be present in Envoy source code or
+	// precompiled binaries.
+	SocketOptions []*SocketOption `protobuf:"bytes,3,rep,name=socket_options,json=socketOptions,proto3" json:"socket_options,omitempty"`
+}
+
+func (x *BindConfig) Reset() {
+	*x = BindConfig{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_api_v2_core_address_proto_msgTypes[3]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *BindConfig) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*BindConfig) ProtoMessage() {}
+
+func (x *BindConfig) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_api_v2_core_address_proto_msgTypes[3]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use BindConfig.ProtoReflect.Descriptor instead.
+func (*BindConfig) Descriptor() ([]byte, []int) {
+	return file_envoy_api_v2_core_address_proto_rawDescGZIP(), []int{3}
+}
+
+func (x *BindConfig) GetSourceAddress() *SocketAddress {
+	if x != nil {
+		return x.SourceAddress
+	}
+	return nil
+}
+
+func (x *BindConfig) GetFreebind() *wrappers.BoolValue {
+	if x != nil {
+		return x.Freebind
+	}
+	return nil
+}
+
+func (x *BindConfig) GetSocketOptions() []*SocketOption {
+	if x != nil {
+		return x.SocketOptions
+	}
+	return nil
+}
+
+// Addresses specify either a logical or physical address and port, which are
+// used to tell Envoy where to bind/listen, connect to upstream and find
+// management servers.
+type Address struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// Types that are assignable to Address:
+	//	*Address_SocketAddress
+	//	*Address_Pipe
+	Address isAddress_Address `protobuf_oneof:"address"`
+}
+
+func (x *Address) Reset() {
+	*x = Address{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_api_v2_core_address_proto_msgTypes[4]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *Address) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*Address) ProtoMessage() {}
+
+func (x *Address) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_api_v2_core_address_proto_msgTypes[4]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use Address.ProtoReflect.Descriptor instead.
+func (*Address) Descriptor() ([]byte, []int) {
+	return file_envoy_api_v2_core_address_proto_rawDescGZIP(), []int{4}
+}
+
+func (m *Address) GetAddress() isAddress_Address {
+	if m != nil {
+		return m.Address
+	}
+	return nil
+}
+
+func (x *Address) GetSocketAddress() *SocketAddress {
+	if x, ok := x.GetAddress().(*Address_SocketAddress); ok {
+		return x.SocketAddress
+	}
+	return nil
+}
+
+func (x *Address) GetPipe() *Pipe {
+	if x, ok := x.GetAddress().(*Address_Pipe); ok {
+		return x.Pipe
+	}
+	return nil
+}
+
+type isAddress_Address interface {
+	isAddress_Address()
+}
+
+type Address_SocketAddress struct {
+	SocketAddress *SocketAddress `protobuf:"bytes,1,opt,name=socket_address,json=socketAddress,proto3,oneof"`
+}
+
+type Address_Pipe struct {
+	Pipe *Pipe `protobuf:"bytes,2,opt,name=pipe,proto3,oneof"`
+}
+
+func (*Address_SocketAddress) isAddress_Address() {}
+
+func (*Address_Pipe) isAddress_Address() {}
+
+// CidrRange specifies an IP Address and a prefix length to construct
+// the subnet mask for a `CIDR <https://tools.ietf.org/html/rfc4632>`_ range.
+type CidrRange struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// IPv4 or IPv6 address, e.g. ``192.0.0.0`` or ``2001:db8::``.
+	AddressPrefix string `protobuf:"bytes,1,opt,name=address_prefix,json=addressPrefix,proto3" json:"address_prefix,omitempty"`
+	// Length of prefix, e.g. 0, 32. Defaults to 0 when unset.
+	PrefixLen *wrappers.UInt32Value `protobuf:"bytes,2,opt,name=prefix_len,json=prefixLen,proto3" json:"prefix_len,omitempty"`
+}
+
+func (x *CidrRange) Reset() {
+	*x = CidrRange{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_api_v2_core_address_proto_msgTypes[5]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *CidrRange) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*CidrRange) ProtoMessage() {}
+
+func (x *CidrRange) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_api_v2_core_address_proto_msgTypes[5]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use CidrRange.ProtoReflect.Descriptor instead.
+func (*CidrRange) Descriptor() ([]byte, []int) {
+	return file_envoy_api_v2_core_address_proto_rawDescGZIP(), []int{5}
+}
+
+func (x *CidrRange) GetAddressPrefix() string {
+	if x != nil {
+		return x.AddressPrefix
+	}
+	return ""
+}
+
+func (x *CidrRange) GetPrefixLen() *wrappers.UInt32Value {
+	if x != nil {
+		return x.PrefixLen
+	}
+	return nil
+}
+
+var File_envoy_api_v2_core_address_proto protoreflect.FileDescriptor
+
+var file_envoy_api_v2_core_address_proto_rawDesc = []byte{
+	0x0a, 0x1f, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2f, 0x61, 0x70, 0x69, 0x2f, 0x76, 0x32, 0x2f, 0x63,
+	0x6f, 0x72, 0x65, 0x2f, 0x61, 0x64, 0x64, 0x72, 0x65, 0x73, 0x73, 0x2e, 0x70, 0x72, 0x6f, 0x74,
+	0x6f, 0x12, 0x11, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x76, 0x32, 0x2e,
+	0x63, 0x6f, 0x72, 0x65, 0x1a, 0x25, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2f, 0x61, 0x70, 0x69, 0x2f,
+	0x76, 0x32, 0x2f, 0x63, 0x6f, 0x72, 0x65, 0x2f, 0x73, 0x6f, 0x63, 0x6b, 0x65, 0x74, 0x5f, 0x6f,
+	0x70, 0x74, 0x69, 0x6f, 0x6e, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x1e, 0x67, 0x6f, 0x6f,
+	0x67, 0x6c, 0x65, 0x2f, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2f, 0x77, 0x72, 0x61,
+	0x70, 0x70, 0x65, 0x72, 0x73, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x1e, 0x75, 0x64, 0x70,
+	0x61, 0x2f, 0x61, 0x6e, 0x6e, 0x6f, 0x74, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x2f, 0x6d, 0x69,
+	0x67, 0x72, 0x61, 0x74, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x1d, 0x75, 0x64, 0x70,
+	0x61, 0x2f, 0x61, 0x6e, 0x6e, 0x6f, 0x74, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x2f, 0x73, 0x74,
+	0x61, 0x74, 0x75, 0x73, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x17, 0x76, 0x61, 0x6c, 0x69,
+	0x64, 0x61, 0x74, 0x65, 0x2f, 0x76, 0x61, 0x6c, 0x69, 0x64, 0x61, 0x74, 0x65, 0x2e, 0x70, 0x72,
+	0x6f, 0x74, 0x6f, 0x22, 0x41, 0x0a, 0x04, 0x50, 0x69, 0x70, 0x65, 0x12, 0x1b, 0x0a, 0x04, 0x70,
+	0x61, 0x74, 0x68, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x42, 0x07, 0xfa, 0x42, 0x04, 0x72, 0x02,
+	0x20, 0x01, 0x52, 0x04, 0x70, 0x61, 0x74, 0x68, 0x12, 0x1c, 0x0a, 0x04, 0x6d, 0x6f, 0x64, 0x65,
+	0x18, 0x02, 0x20, 0x01, 0x28, 0x0d, 0x42, 0x08, 0xfa, 0x42, 0x05, 0x2a, 0x03, 0x18, 0xff, 0x03,
+	0x52, 0x04, 0x6d, 0x6f, 0x64, 0x65, 0x22, 0xcb, 0x02, 0x0a, 0x0d, 0x53, 0x6f, 0x63, 0x6b, 0x65,
+	0x74, 0x41, 0x64, 0x64, 0x72, 0x65, 0x73, 0x73, 0x12, 0x4f, 0x0a, 0x08, 0x70, 0x72, 0x6f, 0x74,
+	0x6f, 0x63, 0x6f, 0x6c, 0x18, 0x01, 0x20, 0x01, 0x28, 0x0e, 0x32, 0x29, 0x2e, 0x65, 0x6e, 0x76,
+	0x6f, 0x79, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x76, 0x32, 0x2e, 0x63, 0x6f, 0x72, 0x65, 0x2e, 0x53,
+	0x6f, 0x63, 0x6b, 0x65, 0x74, 0x41, 0x64, 0x64, 0x72, 0x65, 0x73, 0x73, 0x2e, 0x50, 0x72, 0x6f,
+	0x74, 0x6f, 0x63, 0x6f, 0x6c, 0x42, 0x08, 0xfa, 0x42, 0x05, 0x82, 0x01, 0x02, 0x10, 0x01, 0x52,
+	0x08, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x63, 0x6f, 0x6c, 0x12, 0x21, 0x0a, 0x07, 0x61, 0x64, 0x64,
+	0x72, 0x65, 0x73, 0x73, 0x18, 0x02, 0x20, 0x01, 0x28, 0x09, 0x42, 0x07, 0xfa, 0x42, 0x04, 0x72,
+	0x02, 0x20, 0x01, 0x52, 0x07, 0x61, 0x64, 0x64, 0x72, 0x65, 0x73, 0x73, 0x12, 0x2a, 0x0a, 0x0a,
+	0x70, 0x6f, 0x72, 0x74, 0x5f, 0x76, 0x61, 0x6c, 0x75, 0x65, 0x18, 0x03, 0x20, 0x01, 0x28, 0x0d,
+	0x42, 0x09, 0xfa, 0x42, 0x06, 0x2a, 0x04, 0x18, 0xff, 0xff, 0x03, 0x48, 0x00, 0x52, 0x09, 0x70,
+	0x6f, 0x72, 0x74, 0x56, 0x61, 0x6c, 0x75, 0x65, 0x12, 0x1f, 0x0a, 0x0a, 0x6e, 0x61, 0x6d, 0x65,
+	0x64, 0x5f, 0x70, 0x6f, 0x72, 0x74, 0x18, 0x04, 0x20, 0x01, 0x28, 0x09, 0x48, 0x00, 0x52, 0x09,
+	0x6e, 0x61, 0x6d, 0x65, 0x64, 0x50, 0x6f, 0x72, 0x74, 0x12, 0x23, 0x0a, 0x0d, 0x72, 0x65, 0x73,
+	0x6f, 0x6c, 0x76, 0x65, 0x72, 0x5f, 0x6e, 0x61, 0x6d, 0x65, 0x18, 0x05, 0x20, 0x01, 0x28, 0x09,
+	0x52, 0x0c, 0x72, 0x65, 0x73, 0x6f, 0x6c, 0x76, 0x65, 0x72, 0x4e, 0x61, 0x6d, 0x65, 0x12, 0x1f,
+	0x0a, 0x0b, 0x69, 0x70, 0x76, 0x34, 0x5f, 0x63, 0x6f, 0x6d, 0x70, 0x61, 0x74, 0x18, 0x06, 0x20,
+	0x01, 0x28, 0x08, 0x52, 0x0a, 0x69, 0x70, 0x76, 0x34, 0x43, 0x6f, 0x6d, 0x70, 0x61, 0x74, 0x22,
+	0x1c, 0x0a, 0x08, 0x50, 0x72, 0x6f, 0x74, 0x6f, 0x63, 0x6f, 0x6c, 0x12, 0x07, 0x0a, 0x03, 0x54,
+	0x43, 0x50, 0x10, 0x00, 0x12, 0x07, 0x0a, 0x03, 0x55, 0x44, 0x50, 0x10, 0x01, 0x42, 0x15, 0x0a,
+	0x0e, 0x70, 0x6f, 0x72, 0x74, 0x5f, 0x73, 0x70, 0x65, 0x63, 0x69, 0x66, 0x69, 0x65, 0x72, 0x12,
+	0x03, 0xf8, 0x42, 0x01, 0x22, 0xe9, 0x01, 0x0a, 0x0c, 0x54, 0x63, 0x70, 0x4b, 0x65, 0x65, 0x70,
+	0x61, 0x6c, 0x69, 0x76, 0x65, 0x12, 0x47, 0x0a, 0x10, 0x6b, 0x65, 0x65, 0x70, 0x61, 0x6c, 0x69,
+	0x76, 0x65, 0x5f, 0x70, 0x72, 0x6f, 0x62, 0x65, 0x73, 0x18, 0x01, 0x20, 0x01, 0x28, 0x0b, 0x32,
+	0x1c, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75,
+	0x66, 0x2e, 0x55, 0x49, 0x6e, 0x74, 0x33, 0x32, 0x56, 0x61, 0x6c, 0x75, 0x65, 0x52, 0x0f, 0x6b,
+	0x65, 0x65, 0x70, 0x61, 0x6c, 0x69, 0x76, 0x65, 0x50, 0x72, 0x6f, 0x62, 0x65, 0x73, 0x12, 0x43,
+	0x0a, 0x0e, 0x6b, 0x65, 0x65, 0x70, 0x61, 0x6c, 0x69, 0x76, 0x65, 0x5f, 0x74, 0x69, 0x6d, 0x65,
+	0x18, 0x02, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1c, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e,
+	0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x55, 0x49, 0x6e, 0x74, 0x33, 0x32, 0x56,
+	0x61, 0x6c, 0x75, 0x65, 0x52, 0x0d, 0x6b, 0x65, 0x65, 0x70, 0x61, 0x6c, 0x69, 0x76, 0x65, 0x54,
+	0x69, 0x6d, 0x65, 0x12, 0x4b, 0x0a, 0x12, 0x6b, 0x65, 0x65, 0x70, 0x61, 0x6c, 0x69, 0x76, 0x65,
+	0x5f, 0x69, 0x6e, 0x74, 0x65, 0x72, 0x76, 0x61, 0x6c, 0x18, 0x03, 0x20, 0x01, 0x28, 0x0b, 0x32,
+	0x1c, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75,
+	0x66, 0x2e, 0x55, 0x49, 0x6e, 0x74, 0x33, 0x32, 0x56, 0x61, 0x6c, 0x75, 0x65, 0x52, 0x11, 0x6b,
+	0x65, 0x65, 0x70, 0x61, 0x6c, 0x69, 0x76, 0x65, 0x49, 0x6e, 0x74, 0x65, 0x72, 0x76, 0x61, 0x6c,
+	0x22, 0xdf, 0x01, 0x0a, 0x0a, 0x42, 0x69, 0x6e, 0x64, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x12,
+	0x51, 0x0a, 0x0e, 0x73, 0x6f, 0x75, 0x72, 0x63, 0x65, 0x5f, 0x61, 0x64, 0x64, 0x72, 0x65, 0x73,
+	0x73, 0x18, 0x01, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x20, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e,
+	0x61, 0x70, 0x69, 0x2e, 0x76, 0x32, 0x2e, 0x63, 0x6f, 0x72, 0x65, 0x2e, 0x53, 0x6f, 0x63, 0x6b,
+	0x65, 0x74, 0x41, 0x64, 0x64, 0x72, 0x65, 0x73, 0x73, 0x42, 0x08, 0xfa, 0x42, 0x05, 0x8a, 0x01,
+	0x02, 0x10, 0x01, 0x52, 0x0d, 0x73, 0x6f, 0x75, 0x72, 0x63, 0x65, 0x41, 0x64, 0x64, 0x72, 0x65,
+	0x73, 0x73, 0x12, 0x36, 0x0a, 0x08, 0x66, 0x72, 0x65, 0x65, 0x62, 0x69, 0x6e, 0x64, 0x18, 0x02,
+	0x20, 0x01, 0x28, 0x0b, 0x32, 0x1a, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72,
+	0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x42, 0x6f, 0x6f, 0x6c, 0x56, 0x61, 0x6c, 0x75, 0x65,
+	0x52, 0x08, 0x66, 0x72, 0x65, 0x65, 0x62, 0x69, 0x6e, 0x64, 0x12, 0x46, 0x0a, 0x0e, 0x73, 0x6f,
+	0x63, 0x6b, 0x65, 0x74, 0x5f, 0x6f, 0x70, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x18, 0x03, 0x20, 0x03,
+	0x28, 0x0b, 0x32, 0x1f, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x76,
+	0x32, 0x2e, 0x63, 0x6f, 0x72, 0x65, 0x2e, 0x53, 0x6f, 0x63, 0x6b, 0x65, 0x74, 0x4f, 0x70, 0x74,
+	0x69, 0x6f, 0x6e, 0x52, 0x0d, 0x73, 0x6f, 0x63, 0x6b, 0x65, 0x74, 0x4f, 0x70, 0x74, 0x69, 0x6f,
+	0x6e, 0x73, 0x22, 0x93, 0x01, 0x0a, 0x07, 0x41, 0x64, 0x64, 0x72, 0x65, 0x73, 0x73, 0x12, 0x49,
+	0x0a, 0x0e, 0x73, 0x6f, 0x63, 0x6b, 0x65, 0x74, 0x5f, 0x61, 0x64, 0x64, 0x72, 0x65, 0x73, 0x73,
+	0x18, 0x01, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x20, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61,
+	0x70, 0x69, 0x2e, 0x76, 0x32, 0x2e, 0x63, 0x6f, 0x72, 0x65, 0x2e, 0x53, 0x6f, 0x63, 0x6b, 0x65,
+	0x74, 0x41, 0x64, 0x64, 0x72, 0x65, 0x73, 0x73, 0x48, 0x00, 0x52, 0x0d, 0x73, 0x6f, 0x63, 0x6b,
+	0x65, 0x74, 0x41, 0x64, 0x64, 0x72, 0x65, 0x73, 0x73, 0x12, 0x2d, 0x0a, 0x04, 0x70, 0x69, 0x70,
+	0x65, 0x18, 0x02, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x17, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e,
+	0x61, 0x70, 0x69, 0x2e, 0x76, 0x32, 0x2e, 0x63, 0x6f, 0x72, 0x65, 0x2e, 0x50, 0x69, 0x70, 0x65,
+	0x48, 0x00, 0x52, 0x04, 0x70, 0x69, 0x70, 0x65, 0x42, 0x0e, 0x0a, 0x07, 0x61, 0x64, 0x64, 0x72,
+	0x65, 0x73, 0x73, 0x12, 0x03, 0xf8, 0x42, 0x01, 0x22, 0x82, 0x01, 0x0a, 0x09, 0x43, 0x69, 0x64,
+	0x72, 0x52, 0x61, 0x6e, 0x67, 0x65, 0x12, 0x2e, 0x0a, 0x0e, 0x61, 0x64, 0x64, 0x72, 0x65, 0x73,
+	0x73, 0x5f, 0x70, 0x72, 0x65, 0x66, 0x69, 0x78, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x42, 0x07,
+	0xfa, 0x42, 0x04, 0x72, 0x02, 0x20, 0x01, 0x52, 0x0d, 0x61, 0x64, 0x64, 0x72, 0x65, 0x73, 0x73,
+	0x50, 0x72, 0x65, 0x66, 0x69, 0x78, 0x12, 0x45, 0x0a, 0x0a, 0x70, 0x72, 0x65, 0x66, 0x69, 0x78,
+	0x5f, 0x6c, 0x65, 0x6e, 0x18, 0x02, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1c, 0x2e, 0x67, 0x6f, 0x6f,
+	0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x55, 0x49, 0x6e,
+	0x74, 0x33, 0x32, 0x56, 0x61, 0x6c, 0x75, 0x65, 0x42, 0x08, 0xfa, 0x42, 0x05, 0x2a, 0x03, 0x18,
+	0x80, 0x01, 0x52, 0x09, 0x70, 0x72, 0x65, 0x66, 0x69, 0x78, 0x4c, 0x65, 0x6e, 0x42, 0x55, 0x0a,
+	0x1f, 0x69, 0x6f, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x70, 0x72, 0x6f, 0x78, 0x79, 0x2e, 0x65,
+	0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x76, 0x32, 0x2e, 0x63, 0x6f, 0x72, 0x65,
+	0x42, 0x0c, 0x41, 0x64, 0x64, 0x72, 0x65, 0x73, 0x73, 0x50, 0x72, 0x6f, 0x74, 0x6f, 0x50, 0x01,
+	0xf2, 0x98, 0xfe, 0x8f, 0x05, 0x16, 0x12, 0x14, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f,
+	0x6e, 0x66, 0x69, 0x67, 0x2e, 0x63, 0x6f, 0x72, 0x65, 0x2e, 0x76, 0x33, 0xba, 0x80, 0xc8, 0xd1,
+	0x06, 0x02, 0x10, 0x01, 0x62, 0x06, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x33,
+}
+
+var (
+	file_envoy_api_v2_core_address_proto_rawDescOnce sync.Once
+	file_envoy_api_v2_core_address_proto_rawDescData = file_envoy_api_v2_core_address_proto_rawDesc
+)
+
+func file_envoy_api_v2_core_address_proto_rawDescGZIP() []byte {
+	file_envoy_api_v2_core_address_proto_rawDescOnce.Do(func() {
+		file_envoy_api_v2_core_address_proto_rawDescData = protoimpl.X.CompressGZIP(file_envoy_api_v2_core_address_proto_rawDescData)
+	})
+	return file_envoy_api_v2_core_address_proto_rawDescData
+}
+
+var file_envoy_api_v2_core_address_proto_enumTypes = make([]protoimpl.EnumInfo, 1)
+var file_envoy_api_v2_core_address_proto_msgTypes = make([]protoimpl.MessageInfo, 6)
+var file_envoy_api_v2_core_address_proto_goTypes = []interface{}{
+	(SocketAddress_Protocol)(0),  // 0: envoy.api.v2.core.SocketAddress.Protocol
+	(*Pipe)(nil),                 // 1: envoy.api.v2.core.Pipe
+	(*SocketAddress)(nil),        // 2: envoy.api.v2.core.SocketAddress
+	(*TcpKeepalive)(nil),         // 3: envoy.api.v2.core.TcpKeepalive
+	(*BindConfig)(nil),           // 4: envoy.api.v2.core.BindConfig
+	(*Address)(nil),              // 5: envoy.api.v2.core.Address
+	(*CidrRange)(nil),            // 6: envoy.api.v2.core.CidrRange
+	(*wrappers.UInt32Value)(nil), // 7: google.protobuf.UInt32Value
+	(*wrappers.BoolValue)(nil),   // 8: google.protobuf.BoolValue
+	(*SocketOption)(nil),         // 9: envoy.api.v2.core.SocketOption
+}
+var file_envoy_api_v2_core_address_proto_depIdxs = []int32{
+	0,  // 0: envoy.api.v2.core.SocketAddress.protocol:type_name -> envoy.api.v2.core.SocketAddress.Protocol
+	7,  // 1: envoy.api.v2.core.TcpKeepalive.keepalive_probes:type_name -> google.protobuf.UInt32Value
+	7,  // 2: envoy.api.v2.core.TcpKeepalive.keepalive_time:type_name -> google.protobuf.UInt32Value
+	7,  // 3: envoy.api.v2.core.TcpKeepalive.keepalive_interval:type_name -> google.protobuf.UInt32Value
+	2,  // 4: envoy.api.v2.core.BindConfig.source_address:type_name -> envoy.api.v2.core.SocketAddress
+	8,  // 5: envoy.api.v2.core.BindConfig.freebind:type_name -> google.protobuf.BoolValue
+	9,  // 6: envoy.api.v2.core.BindConfig.socket_options:type_name -> envoy.api.v2.core.SocketOption
+	2,  // 7: envoy.api.v2.core.Address.socket_address:type_name -> envoy.api.v2.core.SocketAddress
+	1,  // 8: envoy.api.v2.core.Address.pipe:type_name -> envoy.api.v2.core.Pipe
+	7,  // 9: envoy.api.v2.core.CidrRange.prefix_len:type_name -> google.protobuf.UInt32Value
+	10, // [10:10] is the sub-list for method output_type
+	10, // [10:10] is the sub-list for method input_type
+	10, // [10:10] is the sub-list for extension type_name
+	10, // [10:10] is the sub-list for extension extendee
+	0,  // [0:10] is the sub-list for field type_name
+}
+
+func init() { file_envoy_api_v2_core_address_proto_init() }
+func file_envoy_api_v2_core_address_proto_init() {
+	if File_envoy_api_v2_core_address_proto != nil {
+		return
+	}
+	file_envoy_api_v2_core_socket_option_proto_init()
+	if !protoimpl.UnsafeEnabled {
+		file_envoy_api_v2_core_address_proto_msgTypes[0].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*Pipe); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_api_v2_core_address_proto_msgTypes[1].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*SocketAddress); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_api_v2_core_address_proto_msgTypes[2].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*TcpKeepalive); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_api_v2_core_address_proto_msgTypes[3].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*BindConfig); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_api_v2_core_address_proto_msgTypes[4].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*Address); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_api_v2_core_address_proto_msgTypes[5].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*CidrRange); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+	}
+	file_envoy_api_v2_core_address_proto_msgTypes[1].OneofWrappers = []interface{}{
+		(*SocketAddress_PortValue)(nil),
+		(*SocketAddress_NamedPort)(nil),
+	}
+	file_envoy_api_v2_core_address_proto_msgTypes[4].OneofWrappers = []interface{}{
+		(*Address_SocketAddress)(nil),
+		(*Address_Pipe)(nil),
+	}
+	type x struct{}
+	out := protoimpl.TypeBuilder{
+		File: protoimpl.DescBuilder{
+			GoPackagePath: reflect.TypeOf(x{}).PkgPath(),
+			RawDescriptor: file_envoy_api_v2_core_address_proto_rawDesc,
+			NumEnums:      1,
+			NumMessages:   6,
+			NumExtensions: 0,
+			NumServices:   0,
+		},
+		GoTypes:           file_envoy_api_v2_core_address_proto_goTypes,
+		DependencyIndexes: file_envoy_api_v2_core_address_proto_depIdxs,
+		EnumInfos:         file_envoy_api_v2_core_address_proto_enumTypes,
+		MessageInfos:      file_envoy_api_v2_core_address_proto_msgTypes,
+	}.Build()
+	File_envoy_api_v2_core_address_proto = out.File
+	file_envoy_api_v2_core_address_proto_rawDesc = nil
+	file_envoy_api_v2_core_address_proto_goTypes = nil
+	file_envoy_api_v2_core_address_proto_depIdxs = nil
+}
diff --git a/vendor/github.com/envoyproxy/go-control-plane/envoy/api/v2/core/address.pb.validate.go b/vendor/github.com/envoyproxy/go-control-plane/envoy/api/v2/core/address.pb.validate.go
new file mode 100644
index 00000000000..7fc7624081f
--- /dev/null
+++ b/vendor/github.com/envoyproxy/go-control-plane/envoy/api/v2/core/address.pb.validate.go
@@ -0,0 +1,993 @@
+// Code generated by protoc-gen-validate. DO NOT EDIT.
+// source: envoy/api/v2/core/address.proto
+
+package envoy_api_v2_core
+
+import (
+	"bytes"
+	"errors"
+	"fmt"
+	"net"
+	"net/mail"
+	"net/url"
+	"regexp"
+	"sort"
+	"strings"
+	"time"
+	"unicode/utf8"
+
+	"google.golang.org/protobuf/types/known/anypb"
+)
+
+// ensure the imports are used
+var (
+	_ = bytes.MinRead
+	_ = errors.New("")
+	_ = fmt.Print
+	_ = utf8.UTFMax
+	_ = (*regexp.Regexp)(nil)
+	_ = (*strings.Reader)(nil)
+	_ = net.IPv4len
+	_ = time.Duration(0)
+	_ = (*url.URL)(nil)
+	_ = (*mail.Address)(nil)
+	_ = anypb.Any{}
+	_ = sort.Sort
+)
+
+// Validate checks the field values on Pipe with the rules defined in the proto
+// definition for this message. If any rules are violated, the first error
+// encountered is returned, or nil if there are no violations.
+func (m *Pipe) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on Pipe with the rules defined in the
+// proto definition for this message. If any rules are violated, the result is
+// a list of violation errors wrapped in PipeMultiError, or nil if none found.
+func (m *Pipe) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *Pipe) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	if len(m.GetPath()) < 1 {
+		err := PipeValidationError{
+			field:  "Path",
+			reason: "value length must be at least 1 bytes",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+	}
+
+	if m.GetMode() > 511 {
+		err := PipeValidationError{
+			field:  "Mode",
+			reason: "value must be less than or equal to 511",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+	}
+
+	if len(errors) > 0 {
+		return PipeMultiError(errors)
+	}
+	return nil
+}
+
+// PipeMultiError is an error wrapping multiple validation errors returned by
+// Pipe.ValidateAll() if the designated constraints aren't met.
+type PipeMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m PipeMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m PipeMultiError) AllErrors() []error { return m }
+
+// PipeValidationError is the validation error returned by Pipe.Validate if the
+// designated constraints aren't met.
+type PipeValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e PipeValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e PipeValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e PipeValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e PipeValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e PipeValidationError) ErrorName() string { return "PipeValidationError" }
+
+// Error satisfies the builtin error interface
+func (e PipeValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sPipe.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = PipeValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = PipeValidationError{}
+
+// Validate checks the field values on SocketAddress with the rules defined in
+// the proto definition for this message. If any rules are violated, the first
+// error encountered is returned, or nil if there are no violations.
+func (m *SocketAddress) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on SocketAddress with the rules defined
+// in the proto definition for this message. If any rules are violated, the
+// result is a list of violation errors wrapped in SocketAddressMultiError, or
+// nil if none found.
+func (m *SocketAddress) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *SocketAddress) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	if _, ok := SocketAddress_Protocol_name[int32(m.GetProtocol())]; !ok {
+		err := SocketAddressValidationError{
+			field:  "Protocol",
+			reason: "value must be one of the defined enum values",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+	}
+
+	if len(m.GetAddress()) < 1 {
+		err := SocketAddressValidationError{
+			field:  "Address",
+			reason: "value length must be at least 1 bytes",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+	}
+
+	// no validation rules for ResolverName
+
+	// no validation rules for Ipv4Compat
+
+	switch m.PortSpecifier.(type) {
+
+	case *SocketAddress_PortValue:
+
+		if m.GetPortValue() > 65535 {
+			err := SocketAddressValidationError{
+				field:  "PortValue",
+				reason: "value must be less than or equal to 65535",
+			}
+			if !all {
+				return err
+			}
+			errors = append(errors, err)
+		}
+
+	case *SocketAddress_NamedPort:
+		// no validation rules for NamedPort
+
+	default:
+		err := SocketAddressValidationError{
+			field:  "PortSpecifier",
+			reason: "value is required",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+
+	}
+
+	if len(errors) > 0 {
+		return SocketAddressMultiError(errors)
+	}
+	return nil
+}
+
+// SocketAddressMultiError is an error wrapping multiple validation errors
+// returned by SocketAddress.ValidateAll() if the designated constraints
+// aren't met.
+type SocketAddressMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m SocketAddressMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m SocketAddressMultiError) AllErrors() []error { return m }
+
+// SocketAddressValidationError is the validation error returned by
+// SocketAddress.Validate if the designated constraints aren't met.
+type SocketAddressValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e SocketAddressValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e SocketAddressValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e SocketAddressValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e SocketAddressValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e SocketAddressValidationError) ErrorName() string { return "SocketAddressValidationError" }
+
+// Error satisfies the builtin error interface
+func (e SocketAddressValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sSocketAddress.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = SocketAddressValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = SocketAddressValidationError{}
+
+// Validate checks the field values on TcpKeepalive with the rules defined in
+// the proto definition for this message. If any rules are violated, the first
+// error encountered is returned, or nil if there are no violations.
+func (m *TcpKeepalive) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on TcpKeepalive with the rules defined
+// in the proto definition for this message. If any rules are violated, the
+// result is a list of violation errors wrapped in TcpKeepaliveMultiError, or
+// nil if none found.
+func (m *TcpKeepalive) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *TcpKeepalive) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	if all {
+		switch v := interface{}(m.GetKeepaliveProbes()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, TcpKeepaliveValidationError{
+					field:  "KeepaliveProbes",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, TcpKeepaliveValidationError{
+					field:  "KeepaliveProbes",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetKeepaliveProbes()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return TcpKeepaliveValidationError{
+				field:  "KeepaliveProbes",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if all {
+		switch v := interface{}(m.GetKeepaliveTime()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, TcpKeepaliveValidationError{
+					field:  "KeepaliveTime",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, TcpKeepaliveValidationError{
+					field:  "KeepaliveTime",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetKeepaliveTime()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return TcpKeepaliveValidationError{
+				field:  "KeepaliveTime",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if all {
+		switch v := interface{}(m.GetKeepaliveInterval()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, TcpKeepaliveValidationError{
+					field:  "KeepaliveInterval",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, TcpKeepaliveValidationError{
+					field:  "KeepaliveInterval",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetKeepaliveInterval()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return TcpKeepaliveValidationError{
+				field:  "KeepaliveInterval",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if len(errors) > 0 {
+		return TcpKeepaliveMultiError(errors)
+	}
+	return nil
+}
+
+// TcpKeepaliveMultiError is an error wrapping multiple validation errors
+// returned by TcpKeepalive.ValidateAll() if the designated constraints aren't met.
+type TcpKeepaliveMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m TcpKeepaliveMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m TcpKeepaliveMultiError) AllErrors() []error { return m }
+
+// TcpKeepaliveValidationError is the validation error returned by
+// TcpKeepalive.Validate if the designated constraints aren't met.
+type TcpKeepaliveValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e TcpKeepaliveValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e TcpKeepaliveValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e TcpKeepaliveValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e TcpKeepaliveValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e TcpKeepaliveValidationError) ErrorName() string { return "TcpKeepaliveValidationError" }
+
+// Error satisfies the builtin error interface
+func (e TcpKeepaliveValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sTcpKeepalive.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = TcpKeepaliveValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = TcpKeepaliveValidationError{}
+
+// Validate checks the field values on BindConfig with the rules defined in the
+// proto definition for this message. If any rules are violated, the first
+// error encountered is returned, or nil if there are no violations.
+func (m *BindConfig) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on BindConfig with the rules defined in
+// the proto definition for this message. If any rules are violated, the
+// result is a list of violation errors wrapped in BindConfigMultiError, or
+// nil if none found.
+func (m *BindConfig) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *BindConfig) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	if m.GetSourceAddress() == nil {
+		err := BindConfigValidationError{
+			field:  "SourceAddress",
+			reason: "value is required",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+	}
+
+	if all {
+		switch v := interface{}(m.GetSourceAddress()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, BindConfigValidationError{
+					field:  "SourceAddress",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, BindConfigValidationError{
+					field:  "SourceAddress",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetSourceAddress()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return BindConfigValidationError{
+				field:  "SourceAddress",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if all {
+		switch v := interface{}(m.GetFreebind()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, BindConfigValidationError{
+					field:  "Freebind",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, BindConfigValidationError{
+					field:  "Freebind",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetFreebind()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return BindConfigValidationError{
+				field:  "Freebind",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	for idx, item := range m.GetSocketOptions() {
+		_, _ = idx, item
+
+		if all {
+			switch v := interface{}(item).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, BindConfigValidationError{
+						field:  fmt.Sprintf("SocketOptions[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, BindConfigValidationError{
+						field:  fmt.Sprintf("SocketOptions[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(item).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return BindConfigValidationError{
+					field:  fmt.Sprintf("SocketOptions[%v]", idx),
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	}
+
+	if len(errors) > 0 {
+		return BindConfigMultiError(errors)
+	}
+	return nil
+}
+
+// BindConfigMultiError is an error wrapping multiple validation errors
+// returned by BindConfig.ValidateAll() if the designated constraints aren't met.
+type BindConfigMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m BindConfigMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m BindConfigMultiError) AllErrors() []error { return m }
+
+// BindConfigValidationError is the validation error returned by
+// BindConfig.Validate if the designated constraints aren't met.
+type BindConfigValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e BindConfigValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e BindConfigValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e BindConfigValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e BindConfigValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e BindConfigValidationError) ErrorName() string { return "BindConfigValidationError" }
+
+// Error satisfies the builtin error interface
+func (e BindConfigValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sBindConfig.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = BindConfigValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = BindConfigValidationError{}
+
+// Validate checks the field values on Address with the rules defined in the
+// proto definition for this message. If any rules are violated, the first
+// error encountered is returned, or nil if there are no violations.
+func (m *Address) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on Address with the rules defined in the
+// proto definition for this message. If any rules are violated, the result is
+// a list of violation errors wrapped in AddressMultiError, or nil if none found.
+func (m *Address) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *Address) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	switch m.Address.(type) {
+
+	case *Address_SocketAddress:
+
+		if all {
+			switch v := interface{}(m.GetSocketAddress()).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, AddressValidationError{
+						field:  "SocketAddress",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, AddressValidationError{
+						field:  "SocketAddress",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(m.GetSocketAddress()).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return AddressValidationError{
+					field:  "SocketAddress",
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	case *Address_Pipe:
+
+		if all {
+			switch v := interface{}(m.GetPipe()).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, AddressValidationError{
+						field:  "Pipe",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, AddressValidationError{
+						field:  "Pipe",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(m.GetPipe()).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return AddressValidationError{
+					field:  "Pipe",
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	default:
+		err := AddressValidationError{
+			field:  "Address",
+			reason: "value is required",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+
+	}
+
+	if len(errors) > 0 {
+		return AddressMultiError(errors)
+	}
+	return nil
+}
+
+// AddressMultiError is an error wrapping multiple validation errors returned
+// by Address.ValidateAll() if the designated constraints aren't met.
+type AddressMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m AddressMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m AddressMultiError) AllErrors() []error { return m }
+
+// AddressValidationError is the validation error returned by Address.Validate
+// if the designated constraints aren't met.
+type AddressValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e AddressValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e AddressValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e AddressValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e AddressValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e AddressValidationError) ErrorName() string { return "AddressValidationError" }
+
+// Error satisfies the builtin error interface
+func (e AddressValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sAddress.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = AddressValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = AddressValidationError{}
+
+// Validate checks the field values on CidrRange with the rules defined in the
+// proto definition for this message. If any rules are violated, the first
+// error encountered is returned, or nil if there are no violations.
+func (m *CidrRange) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on CidrRange with the rules defined in
+// the proto definition for this message. If any rules are violated, the
+// result is a list of violation errors wrapped in CidrRangeMultiError, or nil
+// if none found.
+func (m *CidrRange) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *CidrRange) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	if len(m.GetAddressPrefix()) < 1 {
+		err := CidrRangeValidationError{
+			field:  "AddressPrefix",
+			reason: "value length must be at least 1 bytes",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+	}
+
+	if wrapper := m.GetPrefixLen(); wrapper != nil {
+
+		if wrapper.GetValue() > 128 {
+			err := CidrRangeValidationError{
+				field:  "PrefixLen",
+				reason: "value must be less than or equal to 128",
+			}
+			if !all {
+				return err
+			}
+			errors = append(errors, err)
+		}
+
+	}
+
+	if len(errors) > 0 {
+		return CidrRangeMultiError(errors)
+	}
+	return nil
+}
+
+// CidrRangeMultiError is an error wrapping multiple validation errors returned
+// by CidrRange.ValidateAll() if the designated constraints aren't met.
+type CidrRangeMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m CidrRangeMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m CidrRangeMultiError) AllErrors() []error { return m }
+
+// CidrRangeValidationError is the validation error returned by
+// CidrRange.Validate if the designated constraints aren't met.
+type CidrRangeValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e CidrRangeValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e CidrRangeValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e CidrRangeValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e CidrRangeValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e CidrRangeValidationError) ErrorName() string { return "CidrRangeValidationError" }
+
+// Error satisfies the builtin error interface
+func (e CidrRangeValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sCidrRange.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = CidrRangeValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = CidrRangeValidationError{}
diff --git a/vendor/github.com/envoyproxy/go-control-plane/envoy/api/v2/core/backoff.pb.go b/vendor/github.com/envoyproxy/go-control-plane/envoy/api/v2/core/backoff.pb.go
new file mode 100644
index 00000000000..45b6ff99f8f
--- /dev/null
+++ b/vendor/github.com/envoyproxy/go-control-plane/envoy/api/v2/core/backoff.pb.go
@@ -0,0 +1,192 @@
+// Code generated by protoc-gen-go. DO NOT EDIT.
+// versions:
+// 	protoc-gen-go v1.25.0
+// 	protoc        v3.19.1
+// source: envoy/api/v2/core/backoff.proto
+
+package envoy_api_v2_core
+
+import (
+	_ "github.com/cncf/xds/go/udpa/annotations"
+	_ "github.com/envoyproxy/protoc-gen-validate/validate"
+	proto "github.com/golang/protobuf/proto"
+	duration "github.com/golang/protobuf/ptypes/duration"
+	protoreflect "google.golang.org/protobuf/reflect/protoreflect"
+	protoimpl "google.golang.org/protobuf/runtime/protoimpl"
+	reflect "reflect"
+	sync "sync"
+)
+
+const (
+	// Verify that this generated code is sufficiently up-to-date.
+	_ = protoimpl.EnforceVersion(20 - protoimpl.MinVersion)
+	// Verify that runtime/protoimpl is sufficiently up-to-date.
+	_ = protoimpl.EnforceVersion(protoimpl.MaxVersion - 20)
+)
+
+// This is a compile-time assertion that a sufficiently up-to-date version
+// of the legacy proto package is being used.
+const _ = proto.ProtoPackageIsVersion4
+
+// Configuration defining a jittered exponential back off strategy.
+type BackoffStrategy struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// The base interval to be used for the next back off computation. It should
+	// be greater than zero and less than or equal to :ref:`max_interval
+	// <envoy_api_field_core.BackoffStrategy.max_interval>`.
+	BaseInterval *duration.Duration `protobuf:"bytes,1,opt,name=base_interval,json=baseInterval,proto3" json:"base_interval,omitempty"`
+	// Specifies the maximum interval between retries. This parameter is optional,
+	// but must be greater than or equal to the :ref:`base_interval
+	// <envoy_api_field_core.BackoffStrategy.base_interval>` if set. The default
+	// is 10 times the :ref:`base_interval
+	// <envoy_api_field_core.BackoffStrategy.base_interval>`.
+	MaxInterval *duration.Duration `protobuf:"bytes,2,opt,name=max_interval,json=maxInterval,proto3" json:"max_interval,omitempty"`
+}
+
+func (x *BackoffStrategy) Reset() {
+	*x = BackoffStrategy{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_api_v2_core_backoff_proto_msgTypes[0]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *BackoffStrategy) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*BackoffStrategy) ProtoMessage() {}
+
+func (x *BackoffStrategy) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_api_v2_core_backoff_proto_msgTypes[0]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use BackoffStrategy.ProtoReflect.Descriptor instead.
+func (*BackoffStrategy) Descriptor() ([]byte, []int) {
+	return file_envoy_api_v2_core_backoff_proto_rawDescGZIP(), []int{0}
+}
+
+func (x *BackoffStrategy) GetBaseInterval() *duration.Duration {
+	if x != nil {
+		return x.BaseInterval
+	}
+	return nil
+}
+
+func (x *BackoffStrategy) GetMaxInterval() *duration.Duration {
+	if x != nil {
+		return x.MaxInterval
+	}
+	return nil
+}
+
+var File_envoy_api_v2_core_backoff_proto protoreflect.FileDescriptor
+
+var file_envoy_api_v2_core_backoff_proto_rawDesc = []byte{
+	0x0a, 0x1f, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2f, 0x61, 0x70, 0x69, 0x2f, 0x76, 0x32, 0x2f, 0x63,
+	0x6f, 0x72, 0x65, 0x2f, 0x62, 0x61, 0x63, 0x6b, 0x6f, 0x66, 0x66, 0x2e, 0x70, 0x72, 0x6f, 0x74,
+	0x6f, 0x12, 0x11, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x76, 0x32, 0x2e,
+	0x63, 0x6f, 0x72, 0x65, 0x1a, 0x1e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2f, 0x70, 0x72, 0x6f,
+	0x74, 0x6f, 0x62, 0x75, 0x66, 0x2f, 0x64, 0x75, 0x72, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x2e, 0x70,
+	0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x1e, 0x75, 0x64, 0x70, 0x61, 0x2f, 0x61, 0x6e, 0x6e, 0x6f, 0x74,
+	0x61, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x2f, 0x6d, 0x69, 0x67, 0x72, 0x61, 0x74, 0x65, 0x2e, 0x70,
+	0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x1d, 0x75, 0x64, 0x70, 0x61, 0x2f, 0x61, 0x6e, 0x6e, 0x6f, 0x74,
+	0x61, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x2f, 0x73, 0x74, 0x61, 0x74, 0x75, 0x73, 0x2e, 0x70, 0x72,
+	0x6f, 0x74, 0x6f, 0x1a, 0x17, 0x76, 0x61, 0x6c, 0x69, 0x64, 0x61, 0x74, 0x65, 0x2f, 0x76, 0x61,
+	0x6c, 0x69, 0x64, 0x61, 0x74, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x22, 0xa9, 0x01, 0x0a,
+	0x0f, 0x42, 0x61, 0x63, 0x6b, 0x6f, 0x66, 0x66, 0x53, 0x74, 0x72, 0x61, 0x74, 0x65, 0x67, 0x79,
+	0x12, 0x4e, 0x0a, 0x0d, 0x62, 0x61, 0x73, 0x65, 0x5f, 0x69, 0x6e, 0x74, 0x65, 0x72, 0x76, 0x61,
+	0x6c, 0x18, 0x01, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x19, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65,
+	0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x44, 0x75, 0x72, 0x61, 0x74, 0x69,
+	0x6f, 0x6e, 0x42, 0x0e, 0xfa, 0x42, 0x0b, 0xaa, 0x01, 0x08, 0x08, 0x01, 0x32, 0x04, 0x10, 0xc0,
+	0x84, 0x3d, 0x52, 0x0c, 0x62, 0x61, 0x73, 0x65, 0x49, 0x6e, 0x74, 0x65, 0x72, 0x76, 0x61, 0x6c,
+	0x12, 0x46, 0x0a, 0x0c, 0x6d, 0x61, 0x78, 0x5f, 0x69, 0x6e, 0x74, 0x65, 0x72, 0x76, 0x61, 0x6c,
+	0x18, 0x02, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x19, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e,
+	0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x44, 0x75, 0x72, 0x61, 0x74, 0x69, 0x6f,
+	0x6e, 0x42, 0x08, 0xfa, 0x42, 0x05, 0xaa, 0x01, 0x02, 0x2a, 0x00, 0x52, 0x0b, 0x6d, 0x61, 0x78,
+	0x49, 0x6e, 0x74, 0x65, 0x72, 0x76, 0x61, 0x6c, 0x42, 0x55, 0x0a, 0x1f, 0x69, 0x6f, 0x2e, 0x65,
+	0x6e, 0x76, 0x6f, 0x79, 0x70, 0x72, 0x6f, 0x78, 0x79, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e,
+	0x61, 0x70, 0x69, 0x2e, 0x76, 0x32, 0x2e, 0x63, 0x6f, 0x72, 0x65, 0x42, 0x0c, 0x42, 0x61, 0x63,
+	0x6b, 0x6f, 0x66, 0x66, 0x50, 0x72, 0x6f, 0x74, 0x6f, 0x50, 0x01, 0xf2, 0x98, 0xfe, 0x8f, 0x05,
+	0x16, 0x12, 0x14, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e,
+	0x63, 0x6f, 0x72, 0x65, 0x2e, 0x76, 0x33, 0xba, 0x80, 0xc8, 0xd1, 0x06, 0x02, 0x10, 0x01, 0x62,
+	0x06, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x33,
+}
+
+var (
+	file_envoy_api_v2_core_backoff_proto_rawDescOnce sync.Once
+	file_envoy_api_v2_core_backoff_proto_rawDescData = file_envoy_api_v2_core_backoff_proto_rawDesc
+)
+
+func file_envoy_api_v2_core_backoff_proto_rawDescGZIP() []byte {
+	file_envoy_api_v2_core_backoff_proto_rawDescOnce.Do(func() {
+		file_envoy_api_v2_core_backoff_proto_rawDescData = protoimpl.X.CompressGZIP(file_envoy_api_v2_core_backoff_proto_rawDescData)
+	})
+	return file_envoy_api_v2_core_backoff_proto_rawDescData
+}
+
+var file_envoy_api_v2_core_backoff_proto_msgTypes = make([]protoimpl.MessageInfo, 1)
+var file_envoy_api_v2_core_backoff_proto_goTypes = []interface{}{
+	(*BackoffStrategy)(nil),   // 0: envoy.api.v2.core.BackoffStrategy
+	(*duration.Duration)(nil), // 1: google.protobuf.Duration
+}
+var file_envoy_api_v2_core_backoff_proto_depIdxs = []int32{
+	1, // 0: envoy.api.v2.core.BackoffStrategy.base_interval:type_name -> google.protobuf.Duration
+	1, // 1: envoy.api.v2.core.BackoffStrategy.max_interval:type_name -> google.protobuf.Duration
+	2, // [2:2] is the sub-list for method output_type
+	2, // [2:2] is the sub-list for method input_type
+	2, // [2:2] is the sub-list for extension type_name
+	2, // [2:2] is the sub-list for extension extendee
+	0, // [0:2] is the sub-list for field type_name
+}
+
+func init() { file_envoy_api_v2_core_backoff_proto_init() }
+func file_envoy_api_v2_core_backoff_proto_init() {
+	if File_envoy_api_v2_core_backoff_proto != nil {
+		return
+	}
+	if !protoimpl.UnsafeEnabled {
+		file_envoy_api_v2_core_backoff_proto_msgTypes[0].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*BackoffStrategy); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+	}
+	type x struct{}
+	out := protoimpl.TypeBuilder{
+		File: protoimpl.DescBuilder{
+			GoPackagePath: reflect.TypeOf(x{}).PkgPath(),
+			RawDescriptor: file_envoy_api_v2_core_backoff_proto_rawDesc,
+			NumEnums:      0,
+			NumMessages:   1,
+			NumExtensions: 0,
+			NumServices:   0,
+		},
+		GoTypes:           file_envoy_api_v2_core_backoff_proto_goTypes,
+		DependencyIndexes: file_envoy_api_v2_core_backoff_proto_depIdxs,
+		MessageInfos:      file_envoy_api_v2_core_backoff_proto_msgTypes,
+	}.Build()
+	File_envoy_api_v2_core_backoff_proto = out.File
+	file_envoy_api_v2_core_backoff_proto_rawDesc = nil
+	file_envoy_api_v2_core_backoff_proto_goTypes = nil
+	file_envoy_api_v2_core_backoff_proto_depIdxs = nil
+}
diff --git a/vendor/github.com/envoyproxy/go-control-plane/envoy/api/v2/core/backoff.pb.validate.go b/vendor/github.com/envoyproxy/go-control-plane/envoy/api/v2/core/backoff.pb.validate.go
new file mode 100644
index 00000000000..de54826418e
--- /dev/null
+++ b/vendor/github.com/envoyproxy/go-control-plane/envoy/api/v2/core/backoff.pb.validate.go
@@ -0,0 +1,206 @@
+// Code generated by protoc-gen-validate. DO NOT EDIT.
+// source: envoy/api/v2/core/backoff.proto
+
+package envoy_api_v2_core
+
+import (
+	"bytes"
+	"errors"
+	"fmt"
+	"net"
+	"net/mail"
+	"net/url"
+	"regexp"
+	"sort"
+	"strings"
+	"time"
+	"unicode/utf8"
+
+	"google.golang.org/protobuf/types/known/anypb"
+)
+
+// ensure the imports are used
+var (
+	_ = bytes.MinRead
+	_ = errors.New("")
+	_ = fmt.Print
+	_ = utf8.UTFMax
+	_ = (*regexp.Regexp)(nil)
+	_ = (*strings.Reader)(nil)
+	_ = net.IPv4len
+	_ = time.Duration(0)
+	_ = (*url.URL)(nil)
+	_ = (*mail.Address)(nil)
+	_ = anypb.Any{}
+	_ = sort.Sort
+)
+
+// Validate checks the field values on BackoffStrategy with the rules defined
+// in the proto definition for this message. If any rules are violated, the
+// first error encountered is returned, or nil if there are no violations.
+func (m *BackoffStrategy) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on BackoffStrategy with the rules
+// defined in the proto definition for this message. If any rules are
+// violated, the result is a list of violation errors wrapped in
+// BackoffStrategyMultiError, or nil if none found.
+func (m *BackoffStrategy) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *BackoffStrategy) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	if m.GetBaseInterval() == nil {
+		err := BackoffStrategyValidationError{
+			field:  "BaseInterval",
+			reason: "value is required",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+	}
+
+	if d := m.GetBaseInterval(); d != nil {
+		dur, err := d.AsDuration(), d.CheckValid()
+		if err != nil {
+			err = BackoffStrategyValidationError{
+				field:  "BaseInterval",
+				reason: "value is not a valid duration",
+				cause:  err,
+			}
+			if !all {
+				return err
+			}
+			errors = append(errors, err)
+		} else {
+
+			gte := time.Duration(0*time.Second + 1000000*time.Nanosecond)
+
+			if dur < gte {
+				err := BackoffStrategyValidationError{
+					field:  "BaseInterval",
+					reason: "value must be greater than or equal to 1ms",
+				}
+				if !all {
+					return err
+				}
+				errors = append(errors, err)
+			}
+
+		}
+	}
+
+	if d := m.GetMaxInterval(); d != nil {
+		dur, err := d.AsDuration(), d.CheckValid()
+		if err != nil {
+			err = BackoffStrategyValidationError{
+				field:  "MaxInterval",
+				reason: "value is not a valid duration",
+				cause:  err,
+			}
+			if !all {
+				return err
+			}
+			errors = append(errors, err)
+		} else {
+
+			gt := time.Duration(0*time.Second + 0*time.Nanosecond)
+
+			if dur <= gt {
+				err := BackoffStrategyValidationError{
+					field:  "MaxInterval",
+					reason: "value must be greater than 0s",
+				}
+				if !all {
+					return err
+				}
+				errors = append(errors, err)
+			}
+
+		}
+	}
+
+	if len(errors) > 0 {
+		return BackoffStrategyMultiError(errors)
+	}
+	return nil
+}
+
+// BackoffStrategyMultiError is an error wrapping multiple validation errors
+// returned by BackoffStrategy.ValidateAll() if the designated constraints
+// aren't met.
+type BackoffStrategyMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m BackoffStrategyMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m BackoffStrategyMultiError) AllErrors() []error { return m }
+
+// BackoffStrategyValidationError is the validation error returned by
+// BackoffStrategy.Validate if the designated constraints aren't met.
+type BackoffStrategyValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e BackoffStrategyValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e BackoffStrategyValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e BackoffStrategyValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e BackoffStrategyValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e BackoffStrategyValidationError) ErrorName() string { return "BackoffStrategyValidationError" }
+
+// Error satisfies the builtin error interface
+func (e BackoffStrategyValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sBackoffStrategy.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = BackoffStrategyValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = BackoffStrategyValidationError{}
diff --git a/vendor/github.com/envoyproxy/go-control-plane/envoy/api/v2/core/base.pb.go b/vendor/github.com/envoyproxy/go-control-plane/envoy/api/v2/core/base.pb.go
new file mode 100644
index 00000000000..aea94be515b
--- /dev/null
+++ b/vendor/github.com/envoyproxy/go-control-plane/envoy/api/v2/core/base.pb.go
@@ -0,0 +1,2155 @@
+// Code generated by protoc-gen-go. DO NOT EDIT.
+// versions:
+// 	protoc-gen-go v1.25.0
+// 	protoc        v3.19.1
+// source: envoy/api/v2/core/base.proto
+
+package envoy_api_v2_core
+
+import (
+	_ "github.com/cncf/xds/go/udpa/annotations"
+	_type "github.com/envoyproxy/go-control-plane/envoy/type"
+	_ "github.com/envoyproxy/protoc-gen-validate/validate"
+	proto "github.com/golang/protobuf/proto"
+	any "github.com/golang/protobuf/ptypes/any"
+	_struct "github.com/golang/protobuf/ptypes/struct"
+	wrappers "github.com/golang/protobuf/ptypes/wrappers"
+	protoreflect "google.golang.org/protobuf/reflect/protoreflect"
+	protoimpl "google.golang.org/protobuf/runtime/protoimpl"
+	reflect "reflect"
+	sync "sync"
+)
+
+const (
+	// Verify that this generated code is sufficiently up-to-date.
+	_ = protoimpl.EnforceVersion(20 - protoimpl.MinVersion)
+	// Verify that runtime/protoimpl is sufficiently up-to-date.
+	_ = protoimpl.EnforceVersion(protoimpl.MaxVersion - 20)
+)
+
+// This is a compile-time assertion that a sufficiently up-to-date version
+// of the legacy proto package is being used.
+const _ = proto.ProtoPackageIsVersion4
+
+// Envoy supports :ref:`upstream priority routing
+// <arch_overview_http_routing_priority>` both at the route and the virtual
+// cluster level. The current priority implementation uses different connection
+// pool and circuit breaking settings for each priority level. This means that
+// even for HTTP/2 requests, two physical connections will be used to an
+// upstream host. In the future Envoy will likely support true HTTP/2 priority
+// over a single upstream connection.
+type RoutingPriority int32
+
+const (
+	RoutingPriority_DEFAULT RoutingPriority = 0
+	RoutingPriority_HIGH    RoutingPriority = 1
+)
+
+// Enum value maps for RoutingPriority.
+var (
+	RoutingPriority_name = map[int32]string{
+		0: "DEFAULT",
+		1: "HIGH",
+	}
+	RoutingPriority_value = map[string]int32{
+		"DEFAULT": 0,
+		"HIGH":    1,
+	}
+)
+
+func (x RoutingPriority) Enum() *RoutingPriority {
+	p := new(RoutingPriority)
+	*p = x
+	return p
+}
+
+func (x RoutingPriority) String() string {
+	return protoimpl.X.EnumStringOf(x.Descriptor(), protoreflect.EnumNumber(x))
+}
+
+func (RoutingPriority) Descriptor() protoreflect.EnumDescriptor {
+	return file_envoy_api_v2_core_base_proto_enumTypes[0].Descriptor()
+}
+
+func (RoutingPriority) Type() protoreflect.EnumType {
+	return &file_envoy_api_v2_core_base_proto_enumTypes[0]
+}
+
+func (x RoutingPriority) Number() protoreflect.EnumNumber {
+	return protoreflect.EnumNumber(x)
+}
+
+// Deprecated: Use RoutingPriority.Descriptor instead.
+func (RoutingPriority) EnumDescriptor() ([]byte, []int) {
+	return file_envoy_api_v2_core_base_proto_rawDescGZIP(), []int{0}
+}
+
+// HTTP request method.
+type RequestMethod int32
+
+const (
+	RequestMethod_METHOD_UNSPECIFIED RequestMethod = 0
+	RequestMethod_GET                RequestMethod = 1
+	RequestMethod_HEAD               RequestMethod = 2
+	RequestMethod_POST               RequestMethod = 3
+	RequestMethod_PUT                RequestMethod = 4
+	RequestMethod_DELETE             RequestMethod = 5
+	RequestMethod_CONNECT            RequestMethod = 6
+	RequestMethod_OPTIONS            RequestMethod = 7
+	RequestMethod_TRACE              RequestMethod = 8
+	RequestMethod_PATCH              RequestMethod = 9
+)
+
+// Enum value maps for RequestMethod.
+var (
+	RequestMethod_name = map[int32]string{
+		0: "METHOD_UNSPECIFIED",
+		1: "GET",
+		2: "HEAD",
+		3: "POST",
+		4: "PUT",
+		5: "DELETE",
+		6: "CONNECT",
+		7: "OPTIONS",
+		8: "TRACE",
+		9: "PATCH",
+	}
+	RequestMethod_value = map[string]int32{
+		"METHOD_UNSPECIFIED": 0,
+		"GET":                1,
+		"HEAD":               2,
+		"POST":               3,
+		"PUT":                4,
+		"DELETE":             5,
+		"CONNECT":            6,
+		"OPTIONS":            7,
+		"TRACE":              8,
+		"PATCH":              9,
+	}
+)
+
+func (x RequestMethod) Enum() *RequestMethod {
+	p := new(RequestMethod)
+	*p = x
+	return p
+}
+
+func (x RequestMethod) String() string {
+	return protoimpl.X.EnumStringOf(x.Descriptor(), protoreflect.EnumNumber(x))
+}
+
+func (RequestMethod) Descriptor() protoreflect.EnumDescriptor {
+	return file_envoy_api_v2_core_base_proto_enumTypes[1].Descriptor()
+}
+
+func (RequestMethod) Type() protoreflect.EnumType {
+	return &file_envoy_api_v2_core_base_proto_enumTypes[1]
+}
+
+func (x RequestMethod) Number() protoreflect.EnumNumber {
+	return protoreflect.EnumNumber(x)
+}
+
+// Deprecated: Use RequestMethod.Descriptor instead.
+func (RequestMethod) EnumDescriptor() ([]byte, []int) {
+	return file_envoy_api_v2_core_base_proto_rawDescGZIP(), []int{1}
+}
+
+// Identifies the direction of the traffic relative to the local Envoy.
+type TrafficDirection int32
+
+const (
+	// Default option is unspecified.
+	TrafficDirection_UNSPECIFIED TrafficDirection = 0
+	// The transport is used for incoming traffic.
+	TrafficDirection_INBOUND TrafficDirection = 1
+	// The transport is used for outgoing traffic.
+	TrafficDirection_OUTBOUND TrafficDirection = 2
+)
+
+// Enum value maps for TrafficDirection.
+var (
+	TrafficDirection_name = map[int32]string{
+		0: "UNSPECIFIED",
+		1: "INBOUND",
+		2: "OUTBOUND",
+	}
+	TrafficDirection_value = map[string]int32{
+		"UNSPECIFIED": 0,
+		"INBOUND":     1,
+		"OUTBOUND":    2,
+	}
+)
+
+func (x TrafficDirection) Enum() *TrafficDirection {
+	p := new(TrafficDirection)
+	*p = x
+	return p
+}
+
+func (x TrafficDirection) String() string {
+	return protoimpl.X.EnumStringOf(x.Descriptor(), protoreflect.EnumNumber(x))
+}
+
+func (TrafficDirection) Descriptor() protoreflect.EnumDescriptor {
+	return file_envoy_api_v2_core_base_proto_enumTypes[2].Descriptor()
+}
+
+func (TrafficDirection) Type() protoreflect.EnumType {
+	return &file_envoy_api_v2_core_base_proto_enumTypes[2]
+}
+
+func (x TrafficDirection) Number() protoreflect.EnumNumber {
+	return protoreflect.EnumNumber(x)
+}
+
+// Deprecated: Use TrafficDirection.Descriptor instead.
+func (TrafficDirection) EnumDescriptor() ([]byte, []int) {
+	return file_envoy_api_v2_core_base_proto_rawDescGZIP(), []int{2}
+}
+
+// Identifies location of where either Envoy runs or where upstream hosts run.
+type Locality struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// Region this :ref:`zone <envoy_api_field_core.Locality.zone>` belongs to.
+	Region string `protobuf:"bytes,1,opt,name=region,proto3" json:"region,omitempty"`
+	// Defines the local service zone where Envoy is running. Though optional, it
+	// should be set if discovery service routing is used and the discovery
+	// service exposes :ref:`zone data <envoy_api_field_endpoint.LocalityLbEndpoints.locality>`,
+	// either in this message or via :option:`--service-zone`. The meaning of zone
+	// is context dependent, e.g. `Availability Zone (AZ)
+	// <https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/using-regions-availability-zones.html>`_
+	// on AWS, `Zone <https://cloud.google.com/compute/docs/regions-zones/>`_ on
+	// GCP, etc.
+	Zone string `protobuf:"bytes,2,opt,name=zone,proto3" json:"zone,omitempty"`
+	// When used for locality of upstream hosts, this field further splits zone
+	// into smaller chunks of sub-zones so they can be load balanced
+	// independently.
+	SubZone string `protobuf:"bytes,3,opt,name=sub_zone,json=subZone,proto3" json:"sub_zone,omitempty"`
+}
+
+func (x *Locality) Reset() {
+	*x = Locality{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_api_v2_core_base_proto_msgTypes[0]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *Locality) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*Locality) ProtoMessage() {}
+
+func (x *Locality) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_api_v2_core_base_proto_msgTypes[0]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use Locality.ProtoReflect.Descriptor instead.
+func (*Locality) Descriptor() ([]byte, []int) {
+	return file_envoy_api_v2_core_base_proto_rawDescGZIP(), []int{0}
+}
+
+func (x *Locality) GetRegion() string {
+	if x != nil {
+		return x.Region
+	}
+	return ""
+}
+
+func (x *Locality) GetZone() string {
+	if x != nil {
+		return x.Zone
+	}
+	return ""
+}
+
+func (x *Locality) GetSubZone() string {
+	if x != nil {
+		return x.SubZone
+	}
+	return ""
+}
+
+// BuildVersion combines SemVer version of extension with free-form build information
+// (i.e. 'alpha', 'private-build') as a set of strings.
+type BuildVersion struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// SemVer version of extension.
+	Version *_type.SemanticVersion `protobuf:"bytes,1,opt,name=version,proto3" json:"version,omitempty"`
+	// Free-form build information.
+	// Envoy defines several well known keys in the source/common/version/version.h file
+	Metadata *_struct.Struct `protobuf:"bytes,2,opt,name=metadata,proto3" json:"metadata,omitempty"`
+}
+
+func (x *BuildVersion) Reset() {
+	*x = BuildVersion{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_api_v2_core_base_proto_msgTypes[1]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *BuildVersion) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*BuildVersion) ProtoMessage() {}
+
+func (x *BuildVersion) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_api_v2_core_base_proto_msgTypes[1]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use BuildVersion.ProtoReflect.Descriptor instead.
+func (*BuildVersion) Descriptor() ([]byte, []int) {
+	return file_envoy_api_v2_core_base_proto_rawDescGZIP(), []int{1}
+}
+
+func (x *BuildVersion) GetVersion() *_type.SemanticVersion {
+	if x != nil {
+		return x.Version
+	}
+	return nil
+}
+
+func (x *BuildVersion) GetMetadata() *_struct.Struct {
+	if x != nil {
+		return x.Metadata
+	}
+	return nil
+}
+
+// Version and identification for an Envoy extension.
+// [#next-free-field: 6]
+type Extension struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// This is the name of the Envoy filter as specified in the Envoy
+	// configuration, e.g. envoy.filters.http.router, com.acme.widget.
+	Name string `protobuf:"bytes,1,opt,name=name,proto3" json:"name,omitempty"`
+	// Category of the extension.
+	// Extension category names use reverse DNS notation. For instance "envoy.filters.listener"
+	// for Envoy's built-in listener filters or "com.acme.filters.http" for HTTP filters from
+	// acme.com vendor.
+	// [#comment:TODO(yanavlasov): Link to the doc with existing envoy category names.]
+	Category string `protobuf:"bytes,2,opt,name=category,proto3" json:"category,omitempty"`
+	// [#not-implemented-hide:] Type descriptor of extension configuration proto.
+	// [#comment:TODO(yanavlasov): Link to the doc with existing configuration protos.]
+	// [#comment:TODO(yanavlasov): Add tests when PR #9391 lands.]
+	TypeDescriptor string `protobuf:"bytes,3,opt,name=type_descriptor,json=typeDescriptor,proto3" json:"type_descriptor,omitempty"`
+	// The version is a property of the extension and maintained independently
+	// of other extensions and the Envoy API.
+	// This field is not set when extension did not provide version information.
+	Version *BuildVersion `protobuf:"bytes,4,opt,name=version,proto3" json:"version,omitempty"`
+	// Indicates that the extension is present but was disabled via dynamic configuration.
+	Disabled bool `protobuf:"varint,5,opt,name=disabled,proto3" json:"disabled,omitempty"`
+}
+
+func (x *Extension) Reset() {
+	*x = Extension{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_api_v2_core_base_proto_msgTypes[2]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *Extension) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*Extension) ProtoMessage() {}
+
+func (x *Extension) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_api_v2_core_base_proto_msgTypes[2]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use Extension.ProtoReflect.Descriptor instead.
+func (*Extension) Descriptor() ([]byte, []int) {
+	return file_envoy_api_v2_core_base_proto_rawDescGZIP(), []int{2}
+}
+
+func (x *Extension) GetName() string {
+	if x != nil {
+		return x.Name
+	}
+	return ""
+}
+
+func (x *Extension) GetCategory() string {
+	if x != nil {
+		return x.Category
+	}
+	return ""
+}
+
+func (x *Extension) GetTypeDescriptor() string {
+	if x != nil {
+		return x.TypeDescriptor
+	}
+	return ""
+}
+
+func (x *Extension) GetVersion() *BuildVersion {
+	if x != nil {
+		return x.Version
+	}
+	return nil
+}
+
+func (x *Extension) GetDisabled() bool {
+	if x != nil {
+		return x.Disabled
+	}
+	return false
+}
+
+// Identifies a specific Envoy instance. The node identifier is presented to the
+// management server, which may use this identifier to distinguish per Envoy
+// configuration for serving.
+// [#next-free-field: 12]
+type Node struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// An opaque node identifier for the Envoy node. This also provides the local
+	// service node name. It should be set if any of the following features are
+	// used: :ref:`statsd <arch_overview_statistics>`, :ref:`CDS
+	// <config_cluster_manager_cds>`, and :ref:`HTTP tracing
+	// <arch_overview_tracing>`, either in this message or via
+	// :option:`--service-node`.
+	Id string `protobuf:"bytes,1,opt,name=id,proto3" json:"id,omitempty"`
+	// Defines the local service cluster name where Envoy is running. Though
+	// optional, it should be set if any of the following features are used:
+	// :ref:`statsd <arch_overview_statistics>`, :ref:`health check cluster
+	// verification
+	// <envoy_api_field_core.HealthCheck.HttpHealthCheck.service_name_matcher>`,
+	// :ref:`runtime override directory <envoy_api_msg_config.bootstrap.v2.Runtime>`,
+	// :ref:`user agent addition
+	// <envoy_api_field_config.filter.network.http_connection_manager.v2.HttpConnectionManager.add_user_agent>`,
+	// :ref:`HTTP global rate limiting <config_http_filters_rate_limit>`,
+	// :ref:`CDS <config_cluster_manager_cds>`, and :ref:`HTTP tracing
+	// <arch_overview_tracing>`, either in this message or via
+	// :option:`--service-cluster`.
+	Cluster string `protobuf:"bytes,2,opt,name=cluster,proto3" json:"cluster,omitempty"`
+	// Opaque metadata extending the node identifier. Envoy will pass this
+	// directly to the management server.
+	Metadata *_struct.Struct `protobuf:"bytes,3,opt,name=metadata,proto3" json:"metadata,omitempty"`
+	// Locality specifying where the Envoy instance is running.
+	Locality *Locality `protobuf:"bytes,4,opt,name=locality,proto3" json:"locality,omitempty"`
+	// This is motivated by informing a management server during canary which
+	// version of Envoy is being tested in a heterogeneous fleet. This will be set
+	// by Envoy in management server RPCs.
+	// This field is deprecated in favor of the user_agent_name and user_agent_version values.
+	//
+	// Deprecated: Do not use.
+	BuildVersion string `protobuf:"bytes,5,opt,name=build_version,json=buildVersion,proto3" json:"build_version,omitempty"`
+	// Free-form string that identifies the entity requesting config.
+	// E.g. "envoy" or "grpc"
+	UserAgentName string `protobuf:"bytes,6,opt,name=user_agent_name,json=userAgentName,proto3" json:"user_agent_name,omitempty"`
+	// Types that are assignable to UserAgentVersionType:
+	//	*Node_UserAgentVersion
+	//	*Node_UserAgentBuildVersion
+	UserAgentVersionType isNode_UserAgentVersionType `protobuf_oneof:"user_agent_version_type"`
+	// List of extensions and their versions supported by the node.
+	Extensions []*Extension `protobuf:"bytes,9,rep,name=extensions,proto3" json:"extensions,omitempty"`
+	// Client feature support list. These are well known features described
+	// in the Envoy API repository for a given major version of an API. Client features
+	// use reverse DNS naming scheme, for example `com.acme.feature`.
+	// See :ref:`the list of features <client_features>` that xDS client may
+	// support.
+	ClientFeatures []string `protobuf:"bytes,10,rep,name=client_features,json=clientFeatures,proto3" json:"client_features,omitempty"`
+	// Known listening ports on the node as a generic hint to the management server
+	// for filtering :ref:`listeners <config_listeners>` to be returned. For example,
+	// if there is a listener bound to port 80, the list can optionally contain the
+	// SocketAddress `(0.0.0.0,80)`. The field is optional and just a hint.
+	ListeningAddresses []*Address `protobuf:"bytes,11,rep,name=listening_addresses,json=listeningAddresses,proto3" json:"listening_addresses,omitempty"`
+}
+
+func (x *Node) Reset() {
+	*x = Node{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_api_v2_core_base_proto_msgTypes[3]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *Node) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*Node) ProtoMessage() {}
+
+func (x *Node) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_api_v2_core_base_proto_msgTypes[3]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use Node.ProtoReflect.Descriptor instead.
+func (*Node) Descriptor() ([]byte, []int) {
+	return file_envoy_api_v2_core_base_proto_rawDescGZIP(), []int{3}
+}
+
+func (x *Node) GetId() string {
+	if x != nil {
+		return x.Id
+	}
+	return ""
+}
+
+func (x *Node) GetCluster() string {
+	if x != nil {
+		return x.Cluster
+	}
+	return ""
+}
+
+func (x *Node) GetMetadata() *_struct.Struct {
+	if x != nil {
+		return x.Metadata
+	}
+	return nil
+}
+
+func (x *Node) GetLocality() *Locality {
+	if x != nil {
+		return x.Locality
+	}
+	return nil
+}
+
+// Deprecated: Do not use.
+func (x *Node) GetBuildVersion() string {
+	if x != nil {
+		return x.BuildVersion
+	}
+	return ""
+}
+
+func (x *Node) GetUserAgentName() string {
+	if x != nil {
+		return x.UserAgentName
+	}
+	return ""
+}
+
+func (m *Node) GetUserAgentVersionType() isNode_UserAgentVersionType {
+	if m != nil {
+		return m.UserAgentVersionType
+	}
+	return nil
+}
+
+func (x *Node) GetUserAgentVersion() string {
+	if x, ok := x.GetUserAgentVersionType().(*Node_UserAgentVersion); ok {
+		return x.UserAgentVersion
+	}
+	return ""
+}
+
+func (x *Node) GetUserAgentBuildVersion() *BuildVersion {
+	if x, ok := x.GetUserAgentVersionType().(*Node_UserAgentBuildVersion); ok {
+		return x.UserAgentBuildVersion
+	}
+	return nil
+}
+
+func (x *Node) GetExtensions() []*Extension {
+	if x != nil {
+		return x.Extensions
+	}
+	return nil
+}
+
+func (x *Node) GetClientFeatures() []string {
+	if x != nil {
+		return x.ClientFeatures
+	}
+	return nil
+}
+
+func (x *Node) GetListeningAddresses() []*Address {
+	if x != nil {
+		return x.ListeningAddresses
+	}
+	return nil
+}
+
+type isNode_UserAgentVersionType interface {
+	isNode_UserAgentVersionType()
+}
+
+type Node_UserAgentVersion struct {
+	// Free-form string that identifies the version of the entity requesting config.
+	// E.g. "1.12.2" or "abcd1234", or "SpecialEnvoyBuild"
+	UserAgentVersion string `protobuf:"bytes,7,opt,name=user_agent_version,json=userAgentVersion,proto3,oneof"`
+}
+
+type Node_UserAgentBuildVersion struct {
+	// Structured version of the entity requesting config.
+	UserAgentBuildVersion *BuildVersion `protobuf:"bytes,8,opt,name=user_agent_build_version,json=userAgentBuildVersion,proto3,oneof"`
+}
+
+func (*Node_UserAgentVersion) isNode_UserAgentVersionType() {}
+
+func (*Node_UserAgentBuildVersion) isNode_UserAgentVersionType() {}
+
+// Metadata provides additional inputs to filters based on matched listeners,
+// filter chains, routes and endpoints. It is structured as a map, usually from
+// filter name (in reverse DNS format) to metadata specific to the filter. Metadata
+// key-values for a filter are merged as connection and request handling occurs,
+// with later values for the same key overriding earlier values.
+//
+// An example use of metadata is providing additional values to
+// http_connection_manager in the envoy.http_connection_manager.access_log
+// namespace.
+//
+// Another example use of metadata is to per service config info in cluster metadata, which may get
+// consumed by multiple filters.
+//
+// For load balancing, Metadata provides a means to subset cluster endpoints.
+// Endpoints have a Metadata object associated and routes contain a Metadata
+// object to match against. There are some well defined metadata used today for
+// this purpose:
+//
+// * ``{"envoy.lb": {"canary": <bool> }}`` This indicates the canary status of an
+//   endpoint and is also used during header processing
+//   (x-envoy-upstream-canary) and for stats purposes.
+// [#next-major-version: move to type/metadata/v2]
+type Metadata struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// Key is the reverse DNS filter name, e.g. com.acme.widget. The envoy.*
+	// namespace is reserved for Envoy's built-in filters.
+	FilterMetadata map[string]*_struct.Struct `protobuf:"bytes,1,rep,name=filter_metadata,json=filterMetadata,proto3" json:"filter_metadata,omitempty" protobuf_key:"bytes,1,opt,name=key,proto3" protobuf_val:"bytes,2,opt,name=value,proto3"`
+}
+
+func (x *Metadata) Reset() {
+	*x = Metadata{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_api_v2_core_base_proto_msgTypes[4]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *Metadata) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*Metadata) ProtoMessage() {}
+
+func (x *Metadata) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_api_v2_core_base_proto_msgTypes[4]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use Metadata.ProtoReflect.Descriptor instead.
+func (*Metadata) Descriptor() ([]byte, []int) {
+	return file_envoy_api_v2_core_base_proto_rawDescGZIP(), []int{4}
+}
+
+func (x *Metadata) GetFilterMetadata() map[string]*_struct.Struct {
+	if x != nil {
+		return x.FilterMetadata
+	}
+	return nil
+}
+
+// Runtime derived uint32 with a default when not specified.
+type RuntimeUInt32 struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// Default value if runtime value is not available.
+	DefaultValue uint32 `protobuf:"varint,2,opt,name=default_value,json=defaultValue,proto3" json:"default_value,omitempty"`
+	// Runtime key to get value for comparison. This value is used if defined.
+	RuntimeKey string `protobuf:"bytes,3,opt,name=runtime_key,json=runtimeKey,proto3" json:"runtime_key,omitempty"`
+}
+
+func (x *RuntimeUInt32) Reset() {
+	*x = RuntimeUInt32{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_api_v2_core_base_proto_msgTypes[5]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *RuntimeUInt32) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*RuntimeUInt32) ProtoMessage() {}
+
+func (x *RuntimeUInt32) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_api_v2_core_base_proto_msgTypes[5]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use RuntimeUInt32.ProtoReflect.Descriptor instead.
+func (*RuntimeUInt32) Descriptor() ([]byte, []int) {
+	return file_envoy_api_v2_core_base_proto_rawDescGZIP(), []int{5}
+}
+
+func (x *RuntimeUInt32) GetDefaultValue() uint32 {
+	if x != nil {
+		return x.DefaultValue
+	}
+	return 0
+}
+
+func (x *RuntimeUInt32) GetRuntimeKey() string {
+	if x != nil {
+		return x.RuntimeKey
+	}
+	return ""
+}
+
+// Runtime derived double with a default when not specified.
+type RuntimeDouble struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// Default value if runtime value is not available.
+	DefaultValue float64 `protobuf:"fixed64,1,opt,name=default_value,json=defaultValue,proto3" json:"default_value,omitempty"`
+	// Runtime key to get value for comparison. This value is used if defined.
+	RuntimeKey string `protobuf:"bytes,2,opt,name=runtime_key,json=runtimeKey,proto3" json:"runtime_key,omitempty"`
+}
+
+func (x *RuntimeDouble) Reset() {
+	*x = RuntimeDouble{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_api_v2_core_base_proto_msgTypes[6]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *RuntimeDouble) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*RuntimeDouble) ProtoMessage() {}
+
+func (x *RuntimeDouble) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_api_v2_core_base_proto_msgTypes[6]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use RuntimeDouble.ProtoReflect.Descriptor instead.
+func (*RuntimeDouble) Descriptor() ([]byte, []int) {
+	return file_envoy_api_v2_core_base_proto_rawDescGZIP(), []int{6}
+}
+
+func (x *RuntimeDouble) GetDefaultValue() float64 {
+	if x != nil {
+		return x.DefaultValue
+	}
+	return 0
+}
+
+func (x *RuntimeDouble) GetRuntimeKey() string {
+	if x != nil {
+		return x.RuntimeKey
+	}
+	return ""
+}
+
+// Runtime derived bool with a default when not specified.
+type RuntimeFeatureFlag struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// Default value if runtime value is not available.
+	DefaultValue *wrappers.BoolValue `protobuf:"bytes,1,opt,name=default_value,json=defaultValue,proto3" json:"default_value,omitempty"`
+	// Runtime key to get value for comparison. This value is used if defined. The boolean value must
+	// be represented via its
+	// `canonical JSON encoding <https://developers.google.com/protocol-buffers/docs/proto3#json>`_.
+	RuntimeKey string `protobuf:"bytes,2,opt,name=runtime_key,json=runtimeKey,proto3" json:"runtime_key,omitempty"`
+}
+
+func (x *RuntimeFeatureFlag) Reset() {
+	*x = RuntimeFeatureFlag{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_api_v2_core_base_proto_msgTypes[7]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *RuntimeFeatureFlag) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*RuntimeFeatureFlag) ProtoMessage() {}
+
+func (x *RuntimeFeatureFlag) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_api_v2_core_base_proto_msgTypes[7]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use RuntimeFeatureFlag.ProtoReflect.Descriptor instead.
+func (*RuntimeFeatureFlag) Descriptor() ([]byte, []int) {
+	return file_envoy_api_v2_core_base_proto_rawDescGZIP(), []int{7}
+}
+
+func (x *RuntimeFeatureFlag) GetDefaultValue() *wrappers.BoolValue {
+	if x != nil {
+		return x.DefaultValue
+	}
+	return nil
+}
+
+func (x *RuntimeFeatureFlag) GetRuntimeKey() string {
+	if x != nil {
+		return x.RuntimeKey
+	}
+	return ""
+}
+
+// Header name/value pair.
+type HeaderValue struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// Header name.
+	Key string `protobuf:"bytes,1,opt,name=key,proto3" json:"key,omitempty"`
+	// Header value.
+	//
+	// The same :ref:`format specifier <config_access_log_format>` as used for
+	// :ref:`HTTP access logging <config_access_log>` applies here, however
+	// unknown header values are replaced with the empty string instead of `-`.
+	Value string `protobuf:"bytes,2,opt,name=value,proto3" json:"value,omitempty"`
+}
+
+func (x *HeaderValue) Reset() {
+	*x = HeaderValue{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_api_v2_core_base_proto_msgTypes[8]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *HeaderValue) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*HeaderValue) ProtoMessage() {}
+
+func (x *HeaderValue) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_api_v2_core_base_proto_msgTypes[8]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use HeaderValue.ProtoReflect.Descriptor instead.
+func (*HeaderValue) Descriptor() ([]byte, []int) {
+	return file_envoy_api_v2_core_base_proto_rawDescGZIP(), []int{8}
+}
+
+func (x *HeaderValue) GetKey() string {
+	if x != nil {
+		return x.Key
+	}
+	return ""
+}
+
+func (x *HeaderValue) GetValue() string {
+	if x != nil {
+		return x.Value
+	}
+	return ""
+}
+
+// Header name/value pair plus option to control append behavior.
+type HeaderValueOption struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// Header name/value pair that this option applies to.
+	Header *HeaderValue `protobuf:"bytes,1,opt,name=header,proto3" json:"header,omitempty"`
+	// Should the value be appended? If true (default), the value is appended to
+	// existing values.
+	Append *wrappers.BoolValue `protobuf:"bytes,2,opt,name=append,proto3" json:"append,omitempty"`
+}
+
+func (x *HeaderValueOption) Reset() {
+	*x = HeaderValueOption{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_api_v2_core_base_proto_msgTypes[9]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *HeaderValueOption) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*HeaderValueOption) ProtoMessage() {}
+
+func (x *HeaderValueOption) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_api_v2_core_base_proto_msgTypes[9]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use HeaderValueOption.ProtoReflect.Descriptor instead.
+func (*HeaderValueOption) Descriptor() ([]byte, []int) {
+	return file_envoy_api_v2_core_base_proto_rawDescGZIP(), []int{9}
+}
+
+func (x *HeaderValueOption) GetHeader() *HeaderValue {
+	if x != nil {
+		return x.Header
+	}
+	return nil
+}
+
+func (x *HeaderValueOption) GetAppend() *wrappers.BoolValue {
+	if x != nil {
+		return x.Append
+	}
+	return nil
+}
+
+// Wrapper for a set of headers.
+type HeaderMap struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	Headers []*HeaderValue `protobuf:"bytes,1,rep,name=headers,proto3" json:"headers,omitempty"`
+}
+
+func (x *HeaderMap) Reset() {
+	*x = HeaderMap{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_api_v2_core_base_proto_msgTypes[10]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *HeaderMap) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*HeaderMap) ProtoMessage() {}
+
+func (x *HeaderMap) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_api_v2_core_base_proto_msgTypes[10]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use HeaderMap.ProtoReflect.Descriptor instead.
+func (*HeaderMap) Descriptor() ([]byte, []int) {
+	return file_envoy_api_v2_core_base_proto_rawDescGZIP(), []int{10}
+}
+
+func (x *HeaderMap) GetHeaders() []*HeaderValue {
+	if x != nil {
+		return x.Headers
+	}
+	return nil
+}
+
+// Data source consisting of either a file or an inline value.
+type DataSource struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// Types that are assignable to Specifier:
+	//	*DataSource_Filename
+	//	*DataSource_InlineBytes
+	//	*DataSource_InlineString
+	Specifier isDataSource_Specifier `protobuf_oneof:"specifier"`
+}
+
+func (x *DataSource) Reset() {
+	*x = DataSource{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_api_v2_core_base_proto_msgTypes[11]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *DataSource) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*DataSource) ProtoMessage() {}
+
+func (x *DataSource) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_api_v2_core_base_proto_msgTypes[11]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use DataSource.ProtoReflect.Descriptor instead.
+func (*DataSource) Descriptor() ([]byte, []int) {
+	return file_envoy_api_v2_core_base_proto_rawDescGZIP(), []int{11}
+}
+
+func (m *DataSource) GetSpecifier() isDataSource_Specifier {
+	if m != nil {
+		return m.Specifier
+	}
+	return nil
+}
+
+func (x *DataSource) GetFilename() string {
+	if x, ok := x.GetSpecifier().(*DataSource_Filename); ok {
+		return x.Filename
+	}
+	return ""
+}
+
+func (x *DataSource) GetInlineBytes() []byte {
+	if x, ok := x.GetSpecifier().(*DataSource_InlineBytes); ok {
+		return x.InlineBytes
+	}
+	return nil
+}
+
+func (x *DataSource) GetInlineString() string {
+	if x, ok := x.GetSpecifier().(*DataSource_InlineString); ok {
+		return x.InlineString
+	}
+	return ""
+}
+
+type isDataSource_Specifier interface {
+	isDataSource_Specifier()
+}
+
+type DataSource_Filename struct {
+	// Local filesystem data source.
+	Filename string `protobuf:"bytes,1,opt,name=filename,proto3,oneof"`
+}
+
+type DataSource_InlineBytes struct {
+	// Bytes inlined in the configuration.
+	InlineBytes []byte `protobuf:"bytes,2,opt,name=inline_bytes,json=inlineBytes,proto3,oneof"`
+}
+
+type DataSource_InlineString struct {
+	// String inlined in the configuration.
+	InlineString string `protobuf:"bytes,3,opt,name=inline_string,json=inlineString,proto3,oneof"`
+}
+
+func (*DataSource_Filename) isDataSource_Specifier() {}
+
+func (*DataSource_InlineBytes) isDataSource_Specifier() {}
+
+func (*DataSource_InlineString) isDataSource_Specifier() {}
+
+// The message specifies the retry policy of remote data source when fetching fails.
+type RetryPolicy struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// Specifies parameters that control :ref:`retry backoff strategy <envoy_api_msg_core.BackoffStrategy>`.
+	// This parameter is optional, in which case the default base interval is 1000 milliseconds. The
+	// default maximum interval is 10 times the base interval.
+	RetryBackOff *BackoffStrategy `protobuf:"bytes,1,opt,name=retry_back_off,json=retryBackOff,proto3" json:"retry_back_off,omitempty"`
+	// Specifies the allowed number of retries. This parameter is optional and
+	// defaults to 1.
+	NumRetries *wrappers.UInt32Value `protobuf:"bytes,2,opt,name=num_retries,json=numRetries,proto3" json:"num_retries,omitempty"`
+}
+
+func (x *RetryPolicy) Reset() {
+	*x = RetryPolicy{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_api_v2_core_base_proto_msgTypes[12]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *RetryPolicy) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*RetryPolicy) ProtoMessage() {}
+
+func (x *RetryPolicy) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_api_v2_core_base_proto_msgTypes[12]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use RetryPolicy.ProtoReflect.Descriptor instead.
+func (*RetryPolicy) Descriptor() ([]byte, []int) {
+	return file_envoy_api_v2_core_base_proto_rawDescGZIP(), []int{12}
+}
+
+func (x *RetryPolicy) GetRetryBackOff() *BackoffStrategy {
+	if x != nil {
+		return x.RetryBackOff
+	}
+	return nil
+}
+
+func (x *RetryPolicy) GetNumRetries() *wrappers.UInt32Value {
+	if x != nil {
+		return x.NumRetries
+	}
+	return nil
+}
+
+// The message specifies how to fetch data from remote and how to verify it.
+type RemoteDataSource struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// The HTTP URI to fetch the remote data.
+	HttpUri *HttpUri `protobuf:"bytes,1,opt,name=http_uri,json=httpUri,proto3" json:"http_uri,omitempty"`
+	// SHA256 string for verifying data.
+	Sha256 string `protobuf:"bytes,2,opt,name=sha256,proto3" json:"sha256,omitempty"`
+	// Retry policy for fetching remote data.
+	RetryPolicy *RetryPolicy `protobuf:"bytes,3,opt,name=retry_policy,json=retryPolicy,proto3" json:"retry_policy,omitempty"`
+}
+
+func (x *RemoteDataSource) Reset() {
+	*x = RemoteDataSource{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_api_v2_core_base_proto_msgTypes[13]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *RemoteDataSource) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*RemoteDataSource) ProtoMessage() {}
+
+func (x *RemoteDataSource) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_api_v2_core_base_proto_msgTypes[13]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use RemoteDataSource.ProtoReflect.Descriptor instead.
+func (*RemoteDataSource) Descriptor() ([]byte, []int) {
+	return file_envoy_api_v2_core_base_proto_rawDescGZIP(), []int{13}
+}
+
+func (x *RemoteDataSource) GetHttpUri() *HttpUri {
+	if x != nil {
+		return x.HttpUri
+	}
+	return nil
+}
+
+func (x *RemoteDataSource) GetSha256() string {
+	if x != nil {
+		return x.Sha256
+	}
+	return ""
+}
+
+func (x *RemoteDataSource) GetRetryPolicy() *RetryPolicy {
+	if x != nil {
+		return x.RetryPolicy
+	}
+	return nil
+}
+
+// Async data source which support async data fetch.
+type AsyncDataSource struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// Types that are assignable to Specifier:
+	//	*AsyncDataSource_Local
+	//	*AsyncDataSource_Remote
+	Specifier isAsyncDataSource_Specifier `protobuf_oneof:"specifier"`
+}
+
+func (x *AsyncDataSource) Reset() {
+	*x = AsyncDataSource{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_api_v2_core_base_proto_msgTypes[14]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *AsyncDataSource) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*AsyncDataSource) ProtoMessage() {}
+
+func (x *AsyncDataSource) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_api_v2_core_base_proto_msgTypes[14]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use AsyncDataSource.ProtoReflect.Descriptor instead.
+func (*AsyncDataSource) Descriptor() ([]byte, []int) {
+	return file_envoy_api_v2_core_base_proto_rawDescGZIP(), []int{14}
+}
+
+func (m *AsyncDataSource) GetSpecifier() isAsyncDataSource_Specifier {
+	if m != nil {
+		return m.Specifier
+	}
+	return nil
+}
+
+func (x *AsyncDataSource) GetLocal() *DataSource {
+	if x, ok := x.GetSpecifier().(*AsyncDataSource_Local); ok {
+		return x.Local
+	}
+	return nil
+}
+
+func (x *AsyncDataSource) GetRemote() *RemoteDataSource {
+	if x, ok := x.GetSpecifier().(*AsyncDataSource_Remote); ok {
+		return x.Remote
+	}
+	return nil
+}
+
+type isAsyncDataSource_Specifier interface {
+	isAsyncDataSource_Specifier()
+}
+
+type AsyncDataSource_Local struct {
+	// Local async data source.
+	Local *DataSource `protobuf:"bytes,1,opt,name=local,proto3,oneof"`
+}
+
+type AsyncDataSource_Remote struct {
+	// Remote async data source.
+	Remote *RemoteDataSource `protobuf:"bytes,2,opt,name=remote,proto3,oneof"`
+}
+
+func (*AsyncDataSource_Local) isAsyncDataSource_Specifier() {}
+
+func (*AsyncDataSource_Remote) isAsyncDataSource_Specifier() {}
+
+// Configuration for transport socket in :ref:`listeners <config_listeners>` and
+// :ref:`clusters <envoy_api_msg_Cluster>`. If the configuration is
+// empty, a default transport socket implementation and configuration will be
+// chosen based on the platform and existence of tls_context.
+type TransportSocket struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// The name of the transport socket to instantiate. The name must match a supported transport
+	// socket implementation.
+	Name string `protobuf:"bytes,1,opt,name=name,proto3" json:"name,omitempty"`
+	// Implementation specific configuration which depends on the implementation being instantiated.
+	// See the supported transport socket implementations for further documentation.
+	//
+	// Types that are assignable to ConfigType:
+	//	*TransportSocket_Config
+	//	*TransportSocket_TypedConfig
+	ConfigType isTransportSocket_ConfigType `protobuf_oneof:"config_type"`
+}
+
+func (x *TransportSocket) Reset() {
+	*x = TransportSocket{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_api_v2_core_base_proto_msgTypes[15]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *TransportSocket) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*TransportSocket) ProtoMessage() {}
+
+func (x *TransportSocket) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_api_v2_core_base_proto_msgTypes[15]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use TransportSocket.ProtoReflect.Descriptor instead.
+func (*TransportSocket) Descriptor() ([]byte, []int) {
+	return file_envoy_api_v2_core_base_proto_rawDescGZIP(), []int{15}
+}
+
+func (x *TransportSocket) GetName() string {
+	if x != nil {
+		return x.Name
+	}
+	return ""
+}
+
+func (m *TransportSocket) GetConfigType() isTransportSocket_ConfigType {
+	if m != nil {
+		return m.ConfigType
+	}
+	return nil
+}
+
+// Deprecated: Do not use.
+func (x *TransportSocket) GetConfig() *_struct.Struct {
+	if x, ok := x.GetConfigType().(*TransportSocket_Config); ok {
+		return x.Config
+	}
+	return nil
+}
+
+func (x *TransportSocket) GetTypedConfig() *any.Any {
+	if x, ok := x.GetConfigType().(*TransportSocket_TypedConfig); ok {
+		return x.TypedConfig
+	}
+	return nil
+}
+
+type isTransportSocket_ConfigType interface {
+	isTransportSocket_ConfigType()
+}
+
+type TransportSocket_Config struct {
+	// Deprecated: Do not use.
+	Config *_struct.Struct `protobuf:"bytes,2,opt,name=config,proto3,oneof"`
+}
+
+type TransportSocket_TypedConfig struct {
+	TypedConfig *any.Any `protobuf:"bytes,3,opt,name=typed_config,json=typedConfig,proto3,oneof"`
+}
+
+func (*TransportSocket_Config) isTransportSocket_ConfigType() {}
+
+func (*TransportSocket_TypedConfig) isTransportSocket_ConfigType() {}
+
+// Runtime derived FractionalPercent with defaults for when the numerator or denominator is not
+// specified via a runtime key.
+//
+// .. note::
+//
+//   Parsing of the runtime key's data is implemented such that it may be represented as a
+//   :ref:`FractionalPercent <envoy_api_msg_type.FractionalPercent>` proto represented as JSON/YAML
+//   and may also be represented as an integer with the assumption that the value is an integral
+//   percentage out of 100. For instance, a runtime key lookup returning the value "42" would parse
+//   as a `FractionalPercent` whose numerator is 42 and denominator is HUNDRED.
+type RuntimeFractionalPercent struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// Default value if the runtime value's for the numerator/denominator keys are not available.
+	DefaultValue *_type.FractionalPercent `protobuf:"bytes,1,opt,name=default_value,json=defaultValue,proto3" json:"default_value,omitempty"`
+	// Runtime key for a YAML representation of a FractionalPercent.
+	RuntimeKey string `protobuf:"bytes,2,opt,name=runtime_key,json=runtimeKey,proto3" json:"runtime_key,omitempty"`
+}
+
+func (x *RuntimeFractionalPercent) Reset() {
+	*x = RuntimeFractionalPercent{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_api_v2_core_base_proto_msgTypes[16]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *RuntimeFractionalPercent) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*RuntimeFractionalPercent) ProtoMessage() {}
+
+func (x *RuntimeFractionalPercent) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_api_v2_core_base_proto_msgTypes[16]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use RuntimeFractionalPercent.ProtoReflect.Descriptor instead.
+func (*RuntimeFractionalPercent) Descriptor() ([]byte, []int) {
+	return file_envoy_api_v2_core_base_proto_rawDescGZIP(), []int{16}
+}
+
+func (x *RuntimeFractionalPercent) GetDefaultValue() *_type.FractionalPercent {
+	if x != nil {
+		return x.DefaultValue
+	}
+	return nil
+}
+
+func (x *RuntimeFractionalPercent) GetRuntimeKey() string {
+	if x != nil {
+		return x.RuntimeKey
+	}
+	return ""
+}
+
+// Identifies a specific ControlPlane instance that Envoy is connected to.
+type ControlPlane struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// An opaque control plane identifier that uniquely identifies an instance
+	// of control plane. This can be used to identify which control plane instance,
+	// the Envoy is connected to.
+	Identifier string `protobuf:"bytes,1,opt,name=identifier,proto3" json:"identifier,omitempty"`
+}
+
+func (x *ControlPlane) Reset() {
+	*x = ControlPlane{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_api_v2_core_base_proto_msgTypes[17]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *ControlPlane) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*ControlPlane) ProtoMessage() {}
+
+func (x *ControlPlane) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_api_v2_core_base_proto_msgTypes[17]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use ControlPlane.ProtoReflect.Descriptor instead.
+func (*ControlPlane) Descriptor() ([]byte, []int) {
+	return file_envoy_api_v2_core_base_proto_rawDescGZIP(), []int{17}
+}
+
+func (x *ControlPlane) GetIdentifier() string {
+	if x != nil {
+		return x.Identifier
+	}
+	return ""
+}
+
+var File_envoy_api_v2_core_base_proto protoreflect.FileDescriptor
+
+var file_envoy_api_v2_core_base_proto_rawDesc = []byte{
+	0x0a, 0x1c, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2f, 0x61, 0x70, 0x69, 0x2f, 0x76, 0x32, 0x2f, 0x63,
+	0x6f, 0x72, 0x65, 0x2f, 0x62, 0x61, 0x73, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x12, 0x11,
+	0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x76, 0x32, 0x2e, 0x63, 0x6f, 0x72,
+	0x65, 0x1a, 0x1f, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2f, 0x61, 0x70, 0x69, 0x2f, 0x76, 0x32, 0x2f,
+	0x63, 0x6f, 0x72, 0x65, 0x2f, 0x61, 0x64, 0x64, 0x72, 0x65, 0x73, 0x73, 0x2e, 0x70, 0x72, 0x6f,
+	0x74, 0x6f, 0x1a, 0x1f, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2f, 0x61, 0x70, 0x69, 0x2f, 0x76, 0x32,
+	0x2f, 0x63, 0x6f, 0x72, 0x65, 0x2f, 0x62, 0x61, 0x63, 0x6b, 0x6f, 0x66, 0x66, 0x2e, 0x70, 0x72,
+	0x6f, 0x74, 0x6f, 0x1a, 0x20, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2f, 0x61, 0x70, 0x69, 0x2f, 0x76,
+	0x32, 0x2f, 0x63, 0x6f, 0x72, 0x65, 0x2f, 0x68, 0x74, 0x74, 0x70, 0x5f, 0x75, 0x72, 0x69, 0x2e,
+	0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x18, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2f, 0x74, 0x79, 0x70,
+	0x65, 0x2f, 0x70, 0x65, 0x72, 0x63, 0x65, 0x6e, 0x74, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a,
+	0x21, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2f, 0x74, 0x79, 0x70, 0x65, 0x2f, 0x73, 0x65, 0x6d, 0x61,
+	0x6e, 0x74, 0x69, 0x63, 0x5f, 0x76, 0x65, 0x72, 0x73, 0x69, 0x6f, 0x6e, 0x2e, 0x70, 0x72, 0x6f,
+	0x74, 0x6f, 0x1a, 0x19, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2f, 0x70, 0x72, 0x6f, 0x74, 0x6f,
+	0x62, 0x75, 0x66, 0x2f, 0x61, 0x6e, 0x79, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x1c, 0x67,
+	0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2f, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2f, 0x73,
+	0x74, 0x72, 0x75, 0x63, 0x74, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x1e, 0x67, 0x6f, 0x6f,
+	0x67, 0x6c, 0x65, 0x2f, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2f, 0x77, 0x72, 0x61,
+	0x70, 0x70, 0x65, 0x72, 0x73, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x1e, 0x75, 0x64, 0x70,
+	0x61, 0x2f, 0x61, 0x6e, 0x6e, 0x6f, 0x74, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x2f, 0x6d, 0x69,
+	0x67, 0x72, 0x61, 0x74, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x1d, 0x75, 0x64, 0x70,
+	0x61, 0x2f, 0x61, 0x6e, 0x6e, 0x6f, 0x74, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x2f, 0x73, 0x74,
+	0x61, 0x74, 0x75, 0x73, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x17, 0x76, 0x61, 0x6c, 0x69,
+	0x64, 0x61, 0x74, 0x65, 0x2f, 0x76, 0x61, 0x6c, 0x69, 0x64, 0x61, 0x74, 0x65, 0x2e, 0x70, 0x72,
+	0x6f, 0x74, 0x6f, 0x1a, 0x25, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2f, 0x61, 0x70, 0x69, 0x2f, 0x76,
+	0x32, 0x2f, 0x63, 0x6f, 0x72, 0x65, 0x2f, 0x73, 0x6f, 0x63, 0x6b, 0x65, 0x74, 0x5f, 0x6f, 0x70,
+	0x74, 0x69, 0x6f, 0x6e, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x22, 0x51, 0x0a, 0x08, 0x4c, 0x6f,
+	0x63, 0x61, 0x6c, 0x69, 0x74, 0x79, 0x12, 0x16, 0x0a, 0x06, 0x72, 0x65, 0x67, 0x69, 0x6f, 0x6e,
+	0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x06, 0x72, 0x65, 0x67, 0x69, 0x6f, 0x6e, 0x12, 0x12,
+	0x0a, 0x04, 0x7a, 0x6f, 0x6e, 0x65, 0x18, 0x02, 0x20, 0x01, 0x28, 0x09, 0x52, 0x04, 0x7a, 0x6f,
+	0x6e, 0x65, 0x12, 0x19, 0x0a, 0x08, 0x73, 0x75, 0x62, 0x5f, 0x7a, 0x6f, 0x6e, 0x65, 0x18, 0x03,
+	0x20, 0x01, 0x28, 0x09, 0x52, 0x07, 0x73, 0x75, 0x62, 0x5a, 0x6f, 0x6e, 0x65, 0x22, 0x7a, 0x0a,
+	0x0c, 0x42, 0x75, 0x69, 0x6c, 0x64, 0x56, 0x65, 0x72, 0x73, 0x69, 0x6f, 0x6e, 0x12, 0x35, 0x0a,
+	0x07, 0x76, 0x65, 0x72, 0x73, 0x69, 0x6f, 0x6e, 0x18, 0x01, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1b,
+	0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x74, 0x79, 0x70, 0x65, 0x2e, 0x53, 0x65, 0x6d, 0x61,
+	0x6e, 0x74, 0x69, 0x63, 0x56, 0x65, 0x72, 0x73, 0x69, 0x6f, 0x6e, 0x52, 0x07, 0x76, 0x65, 0x72,
+	0x73, 0x69, 0x6f, 0x6e, 0x12, 0x33, 0x0a, 0x08, 0x6d, 0x65, 0x74, 0x61, 0x64, 0x61, 0x74, 0x61,
+	0x18, 0x02, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x17, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e,
+	0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x53, 0x74, 0x72, 0x75, 0x63, 0x74, 0x52,
+	0x08, 0x6d, 0x65, 0x74, 0x61, 0x64, 0x61, 0x74, 0x61, 0x22, 0xbb, 0x01, 0x0a, 0x09, 0x45, 0x78,
+	0x74, 0x65, 0x6e, 0x73, 0x69, 0x6f, 0x6e, 0x12, 0x12, 0x0a, 0x04, 0x6e, 0x61, 0x6d, 0x65, 0x18,
+	0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x04, 0x6e, 0x61, 0x6d, 0x65, 0x12, 0x1a, 0x0a, 0x08, 0x63,
+	0x61, 0x74, 0x65, 0x67, 0x6f, 0x72, 0x79, 0x18, 0x02, 0x20, 0x01, 0x28, 0x09, 0x52, 0x08, 0x63,
+	0x61, 0x74, 0x65, 0x67, 0x6f, 0x72, 0x79, 0x12, 0x27, 0x0a, 0x0f, 0x74, 0x79, 0x70, 0x65, 0x5f,
+	0x64, 0x65, 0x73, 0x63, 0x72, 0x69, 0x70, 0x74, 0x6f, 0x72, 0x18, 0x03, 0x20, 0x01, 0x28, 0x09,
+	0x52, 0x0e, 0x74, 0x79, 0x70, 0x65, 0x44, 0x65, 0x73, 0x63, 0x72, 0x69, 0x70, 0x74, 0x6f, 0x72,
+	0x12, 0x39, 0x0a, 0x07, 0x76, 0x65, 0x72, 0x73, 0x69, 0x6f, 0x6e, 0x18, 0x04, 0x20, 0x01, 0x28,
+	0x0b, 0x32, 0x1f, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x76, 0x32,
+	0x2e, 0x63, 0x6f, 0x72, 0x65, 0x2e, 0x42, 0x75, 0x69, 0x6c, 0x64, 0x56, 0x65, 0x72, 0x73, 0x69,
+	0x6f, 0x6e, 0x52, 0x07, 0x76, 0x65, 0x72, 0x73, 0x69, 0x6f, 0x6e, 0x12, 0x1a, 0x0a, 0x08, 0x64,
+	0x69, 0x73, 0x61, 0x62, 0x6c, 0x65, 0x64, 0x18, 0x05, 0x20, 0x01, 0x28, 0x08, 0x52, 0x08, 0x64,
+	0x69, 0x73, 0x61, 0x62, 0x6c, 0x65, 0x64, 0x22, 0xca, 0x04, 0x0a, 0x04, 0x4e, 0x6f, 0x64, 0x65,
+	0x12, 0x0e, 0x0a, 0x02, 0x69, 0x64, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x02, 0x69, 0x64,
+	0x12, 0x18, 0x0a, 0x07, 0x63, 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0x18, 0x02, 0x20, 0x01, 0x28,
+	0x09, 0x52, 0x07, 0x63, 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0x12, 0x33, 0x0a, 0x08, 0x6d, 0x65,
+	0x74, 0x61, 0x64, 0x61, 0x74, 0x61, 0x18, 0x03, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x17, 0x2e, 0x67,
+	0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x53,
+	0x74, 0x72, 0x75, 0x63, 0x74, 0x52, 0x08, 0x6d, 0x65, 0x74, 0x61, 0x64, 0x61, 0x74, 0x61, 0x12,
+	0x37, 0x0a, 0x08, 0x6c, 0x6f, 0x63, 0x61, 0x6c, 0x69, 0x74, 0x79, 0x18, 0x04, 0x20, 0x01, 0x28,
+	0x0b, 0x32, 0x1b, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x76, 0x32,
+	0x2e, 0x63, 0x6f, 0x72, 0x65, 0x2e, 0x4c, 0x6f, 0x63, 0x61, 0x6c, 0x69, 0x74, 0x79, 0x52, 0x08,
+	0x6c, 0x6f, 0x63, 0x61, 0x6c, 0x69, 0x74, 0x79, 0x12, 0x27, 0x0a, 0x0d, 0x62, 0x75, 0x69, 0x6c,
+	0x64, 0x5f, 0x76, 0x65, 0x72, 0x73, 0x69, 0x6f, 0x6e, 0x18, 0x05, 0x20, 0x01, 0x28, 0x09, 0x42,
+	0x02, 0x18, 0x01, 0x52, 0x0c, 0x62, 0x75, 0x69, 0x6c, 0x64, 0x56, 0x65, 0x72, 0x73, 0x69, 0x6f,
+	0x6e, 0x12, 0x26, 0x0a, 0x0f, 0x75, 0x73, 0x65, 0x72, 0x5f, 0x61, 0x67, 0x65, 0x6e, 0x74, 0x5f,
+	0x6e, 0x61, 0x6d, 0x65, 0x18, 0x06, 0x20, 0x01, 0x28, 0x09, 0x52, 0x0d, 0x75, 0x73, 0x65, 0x72,
+	0x41, 0x67, 0x65, 0x6e, 0x74, 0x4e, 0x61, 0x6d, 0x65, 0x12, 0x2e, 0x0a, 0x12, 0x75, 0x73, 0x65,
+	0x72, 0x5f, 0x61, 0x67, 0x65, 0x6e, 0x74, 0x5f, 0x76, 0x65, 0x72, 0x73, 0x69, 0x6f, 0x6e, 0x18,
+	0x07, 0x20, 0x01, 0x28, 0x09, 0x48, 0x00, 0x52, 0x10, 0x75, 0x73, 0x65, 0x72, 0x41, 0x67, 0x65,
+	0x6e, 0x74, 0x56, 0x65, 0x72, 0x73, 0x69, 0x6f, 0x6e, 0x12, 0x5a, 0x0a, 0x18, 0x75, 0x73, 0x65,
+	0x72, 0x5f, 0x61, 0x67, 0x65, 0x6e, 0x74, 0x5f, 0x62, 0x75, 0x69, 0x6c, 0x64, 0x5f, 0x76, 0x65,
+	0x72, 0x73, 0x69, 0x6f, 0x6e, 0x18, 0x08, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1f, 0x2e, 0x65, 0x6e,
+	0x76, 0x6f, 0x79, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x76, 0x32, 0x2e, 0x63, 0x6f, 0x72, 0x65, 0x2e,
+	0x42, 0x75, 0x69, 0x6c, 0x64, 0x56, 0x65, 0x72, 0x73, 0x69, 0x6f, 0x6e, 0x48, 0x00, 0x52, 0x15,
+	0x75, 0x73, 0x65, 0x72, 0x41, 0x67, 0x65, 0x6e, 0x74, 0x42, 0x75, 0x69, 0x6c, 0x64, 0x56, 0x65,
+	0x72, 0x73, 0x69, 0x6f, 0x6e, 0x12, 0x3c, 0x0a, 0x0a, 0x65, 0x78, 0x74, 0x65, 0x6e, 0x73, 0x69,
+	0x6f, 0x6e, 0x73, 0x18, 0x09, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x1c, 0x2e, 0x65, 0x6e, 0x76, 0x6f,
+	0x79, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x76, 0x32, 0x2e, 0x63, 0x6f, 0x72, 0x65, 0x2e, 0x45, 0x78,
+	0x74, 0x65, 0x6e, 0x73, 0x69, 0x6f, 0x6e, 0x52, 0x0a, 0x65, 0x78, 0x74, 0x65, 0x6e, 0x73, 0x69,
+	0x6f, 0x6e, 0x73, 0x12, 0x27, 0x0a, 0x0f, 0x63, 0x6c, 0x69, 0x65, 0x6e, 0x74, 0x5f, 0x66, 0x65,
+	0x61, 0x74, 0x75, 0x72, 0x65, 0x73, 0x18, 0x0a, 0x20, 0x03, 0x28, 0x09, 0x52, 0x0e, 0x63, 0x6c,
+	0x69, 0x65, 0x6e, 0x74, 0x46, 0x65, 0x61, 0x74, 0x75, 0x72, 0x65, 0x73, 0x12, 0x4b, 0x0a, 0x13,
+	0x6c, 0x69, 0x73, 0x74, 0x65, 0x6e, 0x69, 0x6e, 0x67, 0x5f, 0x61, 0x64, 0x64, 0x72, 0x65, 0x73,
+	0x73, 0x65, 0x73, 0x18, 0x0b, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x1a, 0x2e, 0x65, 0x6e, 0x76, 0x6f,
+	0x79, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x76, 0x32, 0x2e, 0x63, 0x6f, 0x72, 0x65, 0x2e, 0x41, 0x64,
+	0x64, 0x72, 0x65, 0x73, 0x73, 0x52, 0x12, 0x6c, 0x69, 0x73, 0x74, 0x65, 0x6e, 0x69, 0x6e, 0x67,
+	0x41, 0x64, 0x64, 0x72, 0x65, 0x73, 0x73, 0x65, 0x73, 0x42, 0x19, 0x0a, 0x17, 0x75, 0x73, 0x65,
+	0x72, 0x5f, 0x61, 0x67, 0x65, 0x6e, 0x74, 0x5f, 0x76, 0x65, 0x72, 0x73, 0x69, 0x6f, 0x6e, 0x5f,
+	0x74, 0x79, 0x70, 0x65, 0x22, 0xc0, 0x01, 0x0a, 0x08, 0x4d, 0x65, 0x74, 0x61, 0x64, 0x61, 0x74,
+	0x61, 0x12, 0x58, 0x0a, 0x0f, 0x66, 0x69, 0x6c, 0x74, 0x65, 0x72, 0x5f, 0x6d, 0x65, 0x74, 0x61,
+	0x64, 0x61, 0x74, 0x61, 0x18, 0x01, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x2f, 0x2e, 0x65, 0x6e, 0x76,
+	0x6f, 0x79, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x76, 0x32, 0x2e, 0x63, 0x6f, 0x72, 0x65, 0x2e, 0x4d,
+	0x65, 0x74, 0x61, 0x64, 0x61, 0x74, 0x61, 0x2e, 0x46, 0x69, 0x6c, 0x74, 0x65, 0x72, 0x4d, 0x65,
+	0x74, 0x61, 0x64, 0x61, 0x74, 0x61, 0x45, 0x6e, 0x74, 0x72, 0x79, 0x52, 0x0e, 0x66, 0x69, 0x6c,
+	0x74, 0x65, 0x72, 0x4d, 0x65, 0x74, 0x61, 0x64, 0x61, 0x74, 0x61, 0x1a, 0x5a, 0x0a, 0x13, 0x46,
+	0x69, 0x6c, 0x74, 0x65, 0x72, 0x4d, 0x65, 0x74, 0x61, 0x64, 0x61, 0x74, 0x61, 0x45, 0x6e, 0x74,
+	0x72, 0x79, 0x12, 0x10, 0x0a, 0x03, 0x6b, 0x65, 0x79, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52,
+	0x03, 0x6b, 0x65, 0x79, 0x12, 0x2d, 0x0a, 0x05, 0x76, 0x61, 0x6c, 0x75, 0x65, 0x18, 0x02, 0x20,
+	0x01, 0x28, 0x0b, 0x32, 0x17, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f,
+	0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x53, 0x74, 0x72, 0x75, 0x63, 0x74, 0x52, 0x05, 0x76, 0x61,
+	0x6c, 0x75, 0x65, 0x3a, 0x02, 0x38, 0x01, 0x22, 0x5e, 0x0a, 0x0d, 0x52, 0x75, 0x6e, 0x74, 0x69,
+	0x6d, 0x65, 0x55, 0x49, 0x6e, 0x74, 0x33, 0x32, 0x12, 0x23, 0x0a, 0x0d, 0x64, 0x65, 0x66, 0x61,
+	0x75, 0x6c, 0x74, 0x5f, 0x76, 0x61, 0x6c, 0x75, 0x65, 0x18, 0x02, 0x20, 0x01, 0x28, 0x0d, 0x52,
+	0x0c, 0x64, 0x65, 0x66, 0x61, 0x75, 0x6c, 0x74, 0x56, 0x61, 0x6c, 0x75, 0x65, 0x12, 0x28, 0x0a,
+	0x0b, 0x72, 0x75, 0x6e, 0x74, 0x69, 0x6d, 0x65, 0x5f, 0x6b, 0x65, 0x79, 0x18, 0x03, 0x20, 0x01,
+	0x28, 0x09, 0x42, 0x07, 0xfa, 0x42, 0x04, 0x72, 0x02, 0x20, 0x01, 0x52, 0x0a, 0x72, 0x75, 0x6e,
+	0x74, 0x69, 0x6d, 0x65, 0x4b, 0x65, 0x79, 0x22, 0x5e, 0x0a, 0x0d, 0x52, 0x75, 0x6e, 0x74, 0x69,
+	0x6d, 0x65, 0x44, 0x6f, 0x75, 0x62, 0x6c, 0x65, 0x12, 0x23, 0x0a, 0x0d, 0x64, 0x65, 0x66, 0x61,
+	0x75, 0x6c, 0x74, 0x5f, 0x76, 0x61, 0x6c, 0x75, 0x65, 0x18, 0x01, 0x20, 0x01, 0x28, 0x01, 0x52,
+	0x0c, 0x64, 0x65, 0x66, 0x61, 0x75, 0x6c, 0x74, 0x56, 0x61, 0x6c, 0x75, 0x65, 0x12, 0x28, 0x0a,
+	0x0b, 0x72, 0x75, 0x6e, 0x74, 0x69, 0x6d, 0x65, 0x5f, 0x6b, 0x65, 0x79, 0x18, 0x02, 0x20, 0x01,
+	0x28, 0x09, 0x42, 0x07, 0xfa, 0x42, 0x04, 0x72, 0x02, 0x20, 0x01, 0x52, 0x0a, 0x72, 0x75, 0x6e,
+	0x74, 0x69, 0x6d, 0x65, 0x4b, 0x65, 0x79, 0x22, 0x89, 0x01, 0x0a, 0x12, 0x52, 0x75, 0x6e, 0x74,
+	0x69, 0x6d, 0x65, 0x46, 0x65, 0x61, 0x74, 0x75, 0x72, 0x65, 0x46, 0x6c, 0x61, 0x67, 0x12, 0x49,
+	0x0a, 0x0d, 0x64, 0x65, 0x66, 0x61, 0x75, 0x6c, 0x74, 0x5f, 0x76, 0x61, 0x6c, 0x75, 0x65, 0x18,
+	0x01, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1a, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70,
+	0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x42, 0x6f, 0x6f, 0x6c, 0x56, 0x61, 0x6c, 0x75,
+	0x65, 0x42, 0x08, 0xfa, 0x42, 0x05, 0x8a, 0x01, 0x02, 0x10, 0x01, 0x52, 0x0c, 0x64, 0x65, 0x66,
+	0x61, 0x75, 0x6c, 0x74, 0x56, 0x61, 0x6c, 0x75, 0x65, 0x12, 0x28, 0x0a, 0x0b, 0x72, 0x75, 0x6e,
+	0x74, 0x69, 0x6d, 0x65, 0x5f, 0x6b, 0x65, 0x79, 0x18, 0x02, 0x20, 0x01, 0x28, 0x09, 0x42, 0x07,
+	0xfa, 0x42, 0x04, 0x72, 0x02, 0x20, 0x01, 0x52, 0x0a, 0x72, 0x75, 0x6e, 0x74, 0x69, 0x6d, 0x65,
+	0x4b, 0x65, 0x79, 0x22, 0x59, 0x0a, 0x0b, 0x48, 0x65, 0x61, 0x64, 0x65, 0x72, 0x56, 0x61, 0x6c,
+	0x75, 0x65, 0x12, 0x23, 0x0a, 0x03, 0x6b, 0x65, 0x79, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x42,
+	0x11, 0xfa, 0x42, 0x0e, 0x72, 0x0c, 0x20, 0x01, 0x28, 0x80, 0x80, 0x01, 0xc0, 0x01, 0x01, 0xc8,
+	0x01, 0x00, 0x52, 0x03, 0x6b, 0x65, 0x79, 0x12, 0x25, 0x0a, 0x05, 0x76, 0x61, 0x6c, 0x75, 0x65,
+	0x18, 0x02, 0x20, 0x01, 0x28, 0x09, 0x42, 0x0f, 0xfa, 0x42, 0x0c, 0x72, 0x0a, 0x28, 0x80, 0x80,
+	0x01, 0xc0, 0x01, 0x02, 0xc8, 0x01, 0x00, 0x52, 0x05, 0x76, 0x61, 0x6c, 0x75, 0x65, 0x22, 0x89,
+	0x01, 0x0a, 0x11, 0x48, 0x65, 0x61, 0x64, 0x65, 0x72, 0x56, 0x61, 0x6c, 0x75, 0x65, 0x4f, 0x70,
+	0x74, 0x69, 0x6f, 0x6e, 0x12, 0x40, 0x0a, 0x06, 0x68, 0x65, 0x61, 0x64, 0x65, 0x72, 0x18, 0x01,
+	0x20, 0x01, 0x28, 0x0b, 0x32, 0x1e, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61, 0x70, 0x69,
+	0x2e, 0x76, 0x32, 0x2e, 0x63, 0x6f, 0x72, 0x65, 0x2e, 0x48, 0x65, 0x61, 0x64, 0x65, 0x72, 0x56,
+	0x61, 0x6c, 0x75, 0x65, 0x42, 0x08, 0xfa, 0x42, 0x05, 0x8a, 0x01, 0x02, 0x10, 0x01, 0x52, 0x06,
+	0x68, 0x65, 0x61, 0x64, 0x65, 0x72, 0x12, 0x32, 0x0a, 0x06, 0x61, 0x70, 0x70, 0x65, 0x6e, 0x64,
+	0x18, 0x02, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1a, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e,
+	0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x42, 0x6f, 0x6f, 0x6c, 0x56, 0x61, 0x6c,
+	0x75, 0x65, 0x52, 0x06, 0x61, 0x70, 0x70, 0x65, 0x6e, 0x64, 0x22, 0x45, 0x0a, 0x09, 0x48, 0x65,
+	0x61, 0x64, 0x65, 0x72, 0x4d, 0x61, 0x70, 0x12, 0x38, 0x0a, 0x07, 0x68, 0x65, 0x61, 0x64, 0x65,
+	0x72, 0x73, 0x18, 0x01, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x1e, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79,
+	0x2e, 0x61, 0x70, 0x69, 0x2e, 0x76, 0x32, 0x2e, 0x63, 0x6f, 0x72, 0x65, 0x2e, 0x48, 0x65, 0x61,
+	0x64, 0x65, 0x72, 0x56, 0x61, 0x6c, 0x75, 0x65, 0x52, 0x07, 0x68, 0x65, 0x61, 0x64, 0x65, 0x72,
+	0x73, 0x22, 0xa3, 0x01, 0x0a, 0x0a, 0x44, 0x61, 0x74, 0x61, 0x53, 0x6f, 0x75, 0x72, 0x63, 0x65,
+	0x12, 0x25, 0x0a, 0x08, 0x66, 0x69, 0x6c, 0x65, 0x6e, 0x61, 0x6d, 0x65, 0x18, 0x01, 0x20, 0x01,
+	0x28, 0x09, 0x42, 0x07, 0xfa, 0x42, 0x04, 0x72, 0x02, 0x20, 0x01, 0x48, 0x00, 0x52, 0x08, 0x66,
+	0x69, 0x6c, 0x65, 0x6e, 0x61, 0x6d, 0x65, 0x12, 0x2c, 0x0a, 0x0c, 0x69, 0x6e, 0x6c, 0x69, 0x6e,
+	0x65, 0x5f, 0x62, 0x79, 0x74, 0x65, 0x73, 0x18, 0x02, 0x20, 0x01, 0x28, 0x0c, 0x42, 0x07, 0xfa,
+	0x42, 0x04, 0x7a, 0x02, 0x10, 0x01, 0x48, 0x00, 0x52, 0x0b, 0x69, 0x6e, 0x6c, 0x69, 0x6e, 0x65,
+	0x42, 0x79, 0x74, 0x65, 0x73, 0x12, 0x2e, 0x0a, 0x0d, 0x69, 0x6e, 0x6c, 0x69, 0x6e, 0x65, 0x5f,
+	0x73, 0x74, 0x72, 0x69, 0x6e, 0x67, 0x18, 0x03, 0x20, 0x01, 0x28, 0x09, 0x42, 0x07, 0xfa, 0x42,
+	0x04, 0x72, 0x02, 0x20, 0x01, 0x48, 0x00, 0x52, 0x0c, 0x69, 0x6e, 0x6c, 0x69, 0x6e, 0x65, 0x53,
+	0x74, 0x72, 0x69, 0x6e, 0x67, 0x42, 0x10, 0x0a, 0x09, 0x73, 0x70, 0x65, 0x63, 0x69, 0x66, 0x69,
+	0x65, 0x72, 0x12, 0x03, 0xf8, 0x42, 0x01, 0x22, 0x96, 0x01, 0x0a, 0x0b, 0x52, 0x65, 0x74, 0x72,
+	0x79, 0x50, 0x6f, 0x6c, 0x69, 0x63, 0x79, 0x12, 0x48, 0x0a, 0x0e, 0x72, 0x65, 0x74, 0x72, 0x79,
+	0x5f, 0x62, 0x61, 0x63, 0x6b, 0x5f, 0x6f, 0x66, 0x66, 0x18, 0x01, 0x20, 0x01, 0x28, 0x0b, 0x32,
+	0x22, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x76, 0x32, 0x2e, 0x63,
+	0x6f, 0x72, 0x65, 0x2e, 0x42, 0x61, 0x63, 0x6b, 0x6f, 0x66, 0x66, 0x53, 0x74, 0x72, 0x61, 0x74,
+	0x65, 0x67, 0x79, 0x52, 0x0c, 0x72, 0x65, 0x74, 0x72, 0x79, 0x42, 0x61, 0x63, 0x6b, 0x4f, 0x66,
+	0x66, 0x12, 0x3d, 0x0a, 0x0b, 0x6e, 0x75, 0x6d, 0x5f, 0x72, 0x65, 0x74, 0x72, 0x69, 0x65, 0x73,
+	0x18, 0x02, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1c, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e,
+	0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x55, 0x49, 0x6e, 0x74, 0x33, 0x32, 0x56,
+	0x61, 0x6c, 0x75, 0x65, 0x52, 0x0a, 0x6e, 0x75, 0x6d, 0x52, 0x65, 0x74, 0x72, 0x69, 0x65, 0x73,
+	0x22, 0xb7, 0x01, 0x0a, 0x10, 0x52, 0x65, 0x6d, 0x6f, 0x74, 0x65, 0x44, 0x61, 0x74, 0x61, 0x53,
+	0x6f, 0x75, 0x72, 0x63, 0x65, 0x12, 0x3f, 0x0a, 0x08, 0x68, 0x74, 0x74, 0x70, 0x5f, 0x75, 0x72,
+	0x69, 0x18, 0x01, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1a, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e,
+	0x61, 0x70, 0x69, 0x2e, 0x76, 0x32, 0x2e, 0x63, 0x6f, 0x72, 0x65, 0x2e, 0x48, 0x74, 0x74, 0x70,
+	0x55, 0x72, 0x69, 0x42, 0x08, 0xfa, 0x42, 0x05, 0x8a, 0x01, 0x02, 0x10, 0x01, 0x52, 0x07, 0x68,
+	0x74, 0x74, 0x70, 0x55, 0x72, 0x69, 0x12, 0x1f, 0x0a, 0x06, 0x73, 0x68, 0x61, 0x32, 0x35, 0x36,
+	0x18, 0x02, 0x20, 0x01, 0x28, 0x09, 0x42, 0x07, 0xfa, 0x42, 0x04, 0x72, 0x02, 0x20, 0x01, 0x52,
+	0x06, 0x73, 0x68, 0x61, 0x32, 0x35, 0x36, 0x12, 0x41, 0x0a, 0x0c, 0x72, 0x65, 0x74, 0x72, 0x79,
+	0x5f, 0x70, 0x6f, 0x6c, 0x69, 0x63, 0x79, 0x18, 0x03, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1e, 0x2e,
+	0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x76, 0x32, 0x2e, 0x63, 0x6f, 0x72,
+	0x65, 0x2e, 0x52, 0x65, 0x74, 0x72, 0x79, 0x50, 0x6f, 0x6c, 0x69, 0x63, 0x79, 0x52, 0x0b, 0x72,
+	0x65, 0x74, 0x72, 0x79, 0x50, 0x6f, 0x6c, 0x69, 0x63, 0x79, 0x22, 0x99, 0x01, 0x0a, 0x0f, 0x41,
+	0x73, 0x79, 0x6e, 0x63, 0x44, 0x61, 0x74, 0x61, 0x53, 0x6f, 0x75, 0x72, 0x63, 0x65, 0x12, 0x35,
+	0x0a, 0x05, 0x6c, 0x6f, 0x63, 0x61, 0x6c, 0x18, 0x01, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1d, 0x2e,
+	0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x76, 0x32, 0x2e, 0x63, 0x6f, 0x72,
+	0x65, 0x2e, 0x44, 0x61, 0x74, 0x61, 0x53, 0x6f, 0x75, 0x72, 0x63, 0x65, 0x48, 0x00, 0x52, 0x05,
+	0x6c, 0x6f, 0x63, 0x61, 0x6c, 0x12, 0x3d, 0x0a, 0x06, 0x72, 0x65, 0x6d, 0x6f, 0x74, 0x65, 0x18,
+	0x02, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x23, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61, 0x70,
+	0x69, 0x2e, 0x76, 0x32, 0x2e, 0x63, 0x6f, 0x72, 0x65, 0x2e, 0x52, 0x65, 0x6d, 0x6f, 0x74, 0x65,
+	0x44, 0x61, 0x74, 0x61, 0x53, 0x6f, 0x75, 0x72, 0x63, 0x65, 0x48, 0x00, 0x52, 0x06, 0x72, 0x65,
+	0x6d, 0x6f, 0x74, 0x65, 0x42, 0x10, 0x0a, 0x09, 0x73, 0x70, 0x65, 0x63, 0x69, 0x66, 0x69, 0x65,
+	0x72, 0x12, 0x03, 0xf8, 0x42, 0x01, 0x22, 0xaf, 0x01, 0x0a, 0x0f, 0x54, 0x72, 0x61, 0x6e, 0x73,
+	0x70, 0x6f, 0x72, 0x74, 0x53, 0x6f, 0x63, 0x6b, 0x65, 0x74, 0x12, 0x1b, 0x0a, 0x04, 0x6e, 0x61,
+	0x6d, 0x65, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x42, 0x07, 0xfa, 0x42, 0x04, 0x72, 0x02, 0x20,
+	0x01, 0x52, 0x04, 0x6e, 0x61, 0x6d, 0x65, 0x12, 0x35, 0x0a, 0x06, 0x63, 0x6f, 0x6e, 0x66, 0x69,
+	0x67, 0x18, 0x02, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x17, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65,
+	0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x53, 0x74, 0x72, 0x75, 0x63, 0x74,
+	0x42, 0x02, 0x18, 0x01, 0x48, 0x00, 0x52, 0x06, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x12, 0x39,
+	0x0a, 0x0c, 0x74, 0x79, 0x70, 0x65, 0x64, 0x5f, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x18, 0x03,
+	0x20, 0x01, 0x28, 0x0b, 0x32, 0x14, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72,
+	0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x41, 0x6e, 0x79, 0x48, 0x00, 0x52, 0x0b, 0x74, 0x79,
+	0x70, 0x65, 0x64, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x42, 0x0d, 0x0a, 0x0b, 0x63, 0x6f, 0x6e,
+	0x66, 0x69, 0x67, 0x5f, 0x74, 0x79, 0x70, 0x65, 0x22, 0x89, 0x01, 0x0a, 0x18, 0x52, 0x75, 0x6e,
+	0x74, 0x69, 0x6d, 0x65, 0x46, 0x72, 0x61, 0x63, 0x74, 0x69, 0x6f, 0x6e, 0x61, 0x6c, 0x50, 0x65,
+	0x72, 0x63, 0x65, 0x6e, 0x74, 0x12, 0x4c, 0x0a, 0x0d, 0x64, 0x65, 0x66, 0x61, 0x75, 0x6c, 0x74,
+	0x5f, 0x76, 0x61, 0x6c, 0x75, 0x65, 0x18, 0x01, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1d, 0x2e, 0x65,
+	0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x74, 0x79, 0x70, 0x65, 0x2e, 0x46, 0x72, 0x61, 0x63, 0x74, 0x69,
+	0x6f, 0x6e, 0x61, 0x6c, 0x50, 0x65, 0x72, 0x63, 0x65, 0x6e, 0x74, 0x42, 0x08, 0xfa, 0x42, 0x05,
+	0x8a, 0x01, 0x02, 0x10, 0x01, 0x52, 0x0c, 0x64, 0x65, 0x66, 0x61, 0x75, 0x6c, 0x74, 0x56, 0x61,
+	0x6c, 0x75, 0x65, 0x12, 0x1f, 0x0a, 0x0b, 0x72, 0x75, 0x6e, 0x74, 0x69, 0x6d, 0x65, 0x5f, 0x6b,
+	0x65, 0x79, 0x18, 0x02, 0x20, 0x01, 0x28, 0x09, 0x52, 0x0a, 0x72, 0x75, 0x6e, 0x74, 0x69, 0x6d,
+	0x65, 0x4b, 0x65, 0x79, 0x22, 0x2e, 0x0a, 0x0c, 0x43, 0x6f, 0x6e, 0x74, 0x72, 0x6f, 0x6c, 0x50,
+	0x6c, 0x61, 0x6e, 0x65, 0x12, 0x1e, 0x0a, 0x0a, 0x69, 0x64, 0x65, 0x6e, 0x74, 0x69, 0x66, 0x69,
+	0x65, 0x72, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x0a, 0x69, 0x64, 0x65, 0x6e, 0x74, 0x69,
+	0x66, 0x69, 0x65, 0x72, 0x2a, 0x28, 0x0a, 0x0f, 0x52, 0x6f, 0x75, 0x74, 0x69, 0x6e, 0x67, 0x50,
+	0x72, 0x69, 0x6f, 0x72, 0x69, 0x74, 0x79, 0x12, 0x0b, 0x0a, 0x07, 0x44, 0x45, 0x46, 0x41, 0x55,
+	0x4c, 0x54, 0x10, 0x00, 0x12, 0x08, 0x0a, 0x04, 0x48, 0x49, 0x47, 0x48, 0x10, 0x01, 0x2a, 0x89,
+	0x01, 0x0a, 0x0d, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x4d, 0x65, 0x74, 0x68, 0x6f, 0x64,
+	0x12, 0x16, 0x0a, 0x12, 0x4d, 0x45, 0x54, 0x48, 0x4f, 0x44, 0x5f, 0x55, 0x4e, 0x53, 0x50, 0x45,
+	0x43, 0x49, 0x46, 0x49, 0x45, 0x44, 0x10, 0x00, 0x12, 0x07, 0x0a, 0x03, 0x47, 0x45, 0x54, 0x10,
+	0x01, 0x12, 0x08, 0x0a, 0x04, 0x48, 0x45, 0x41, 0x44, 0x10, 0x02, 0x12, 0x08, 0x0a, 0x04, 0x50,
+	0x4f, 0x53, 0x54, 0x10, 0x03, 0x12, 0x07, 0x0a, 0x03, 0x50, 0x55, 0x54, 0x10, 0x04, 0x12, 0x0a,
+	0x0a, 0x06, 0x44, 0x45, 0x4c, 0x45, 0x54, 0x45, 0x10, 0x05, 0x12, 0x0b, 0x0a, 0x07, 0x43, 0x4f,
+	0x4e, 0x4e, 0x45, 0x43, 0x54, 0x10, 0x06, 0x12, 0x0b, 0x0a, 0x07, 0x4f, 0x50, 0x54, 0x49, 0x4f,
+	0x4e, 0x53, 0x10, 0x07, 0x12, 0x09, 0x0a, 0x05, 0x54, 0x52, 0x41, 0x43, 0x45, 0x10, 0x08, 0x12,
+	0x09, 0x0a, 0x05, 0x50, 0x41, 0x54, 0x43, 0x48, 0x10, 0x09, 0x2a, 0x3e, 0x0a, 0x10, 0x54, 0x72,
+	0x61, 0x66, 0x66, 0x69, 0x63, 0x44, 0x69, 0x72, 0x65, 0x63, 0x74, 0x69, 0x6f, 0x6e, 0x12, 0x0f,
+	0x0a, 0x0b, 0x55, 0x4e, 0x53, 0x50, 0x45, 0x43, 0x49, 0x46, 0x49, 0x45, 0x44, 0x10, 0x00, 0x12,
+	0x0b, 0x0a, 0x07, 0x49, 0x4e, 0x42, 0x4f, 0x55, 0x4e, 0x44, 0x10, 0x01, 0x12, 0x0c, 0x0a, 0x08,
+	0x4f, 0x55, 0x54, 0x42, 0x4f, 0x55, 0x4e, 0x44, 0x10, 0x02, 0x42, 0x52, 0x0a, 0x1f, 0x69, 0x6f,
+	0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x70, 0x72, 0x6f, 0x78, 0x79, 0x2e, 0x65, 0x6e, 0x76, 0x6f,
+	0x79, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x76, 0x32, 0x2e, 0x63, 0x6f, 0x72, 0x65, 0x42, 0x09, 0x42,
+	0x61, 0x73, 0x65, 0x50, 0x72, 0x6f, 0x74, 0x6f, 0x50, 0x01, 0xf2, 0x98, 0xfe, 0x8f, 0x05, 0x16,
+	0x12, 0x14, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x63,
+	0x6f, 0x72, 0x65, 0x2e, 0x76, 0x33, 0xba, 0x80, 0xc8, 0xd1, 0x06, 0x02, 0x10, 0x01, 0x50, 0x0b,
+	0x62, 0x06, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x33,
+}
+
+var (
+	file_envoy_api_v2_core_base_proto_rawDescOnce sync.Once
+	file_envoy_api_v2_core_base_proto_rawDescData = file_envoy_api_v2_core_base_proto_rawDesc
+)
+
+func file_envoy_api_v2_core_base_proto_rawDescGZIP() []byte {
+	file_envoy_api_v2_core_base_proto_rawDescOnce.Do(func() {
+		file_envoy_api_v2_core_base_proto_rawDescData = protoimpl.X.CompressGZIP(file_envoy_api_v2_core_base_proto_rawDescData)
+	})
+	return file_envoy_api_v2_core_base_proto_rawDescData
+}
+
+var file_envoy_api_v2_core_base_proto_enumTypes = make([]protoimpl.EnumInfo, 3)
+var file_envoy_api_v2_core_base_proto_msgTypes = make([]protoimpl.MessageInfo, 19)
+var file_envoy_api_v2_core_base_proto_goTypes = []interface{}{
+	(RoutingPriority)(0),             // 0: envoy.api.v2.core.RoutingPriority
+	(RequestMethod)(0),               // 1: envoy.api.v2.core.RequestMethod
+	(TrafficDirection)(0),            // 2: envoy.api.v2.core.TrafficDirection
+	(*Locality)(nil),                 // 3: envoy.api.v2.core.Locality
+	(*BuildVersion)(nil),             // 4: envoy.api.v2.core.BuildVersion
+	(*Extension)(nil),                // 5: envoy.api.v2.core.Extension
+	(*Node)(nil),                     // 6: envoy.api.v2.core.Node
+	(*Metadata)(nil),                 // 7: envoy.api.v2.core.Metadata
+	(*RuntimeUInt32)(nil),            // 8: envoy.api.v2.core.RuntimeUInt32
+	(*RuntimeDouble)(nil),            // 9: envoy.api.v2.core.RuntimeDouble
+	(*RuntimeFeatureFlag)(nil),       // 10: envoy.api.v2.core.RuntimeFeatureFlag
+	(*HeaderValue)(nil),              // 11: envoy.api.v2.core.HeaderValue
+	(*HeaderValueOption)(nil),        // 12: envoy.api.v2.core.HeaderValueOption
+	(*HeaderMap)(nil),                // 13: envoy.api.v2.core.HeaderMap
+	(*DataSource)(nil),               // 14: envoy.api.v2.core.DataSource
+	(*RetryPolicy)(nil),              // 15: envoy.api.v2.core.RetryPolicy
+	(*RemoteDataSource)(nil),         // 16: envoy.api.v2.core.RemoteDataSource
+	(*AsyncDataSource)(nil),          // 17: envoy.api.v2.core.AsyncDataSource
+	(*TransportSocket)(nil),          // 18: envoy.api.v2.core.TransportSocket
+	(*RuntimeFractionalPercent)(nil), // 19: envoy.api.v2.core.RuntimeFractionalPercent
+	(*ControlPlane)(nil),             // 20: envoy.api.v2.core.ControlPlane
+	nil,                              // 21: envoy.api.v2.core.Metadata.FilterMetadataEntry
+	(*_type.SemanticVersion)(nil),    // 22: envoy.type.SemanticVersion
+	(*_struct.Struct)(nil),           // 23: google.protobuf.Struct
+	(*Address)(nil),                  // 24: envoy.api.v2.core.Address
+	(*wrappers.BoolValue)(nil),       // 25: google.protobuf.BoolValue
+	(*BackoffStrategy)(nil),          // 26: envoy.api.v2.core.BackoffStrategy
+	(*wrappers.UInt32Value)(nil),     // 27: google.protobuf.UInt32Value
+	(*HttpUri)(nil),                  // 28: envoy.api.v2.core.HttpUri
+	(*any.Any)(nil),                  // 29: google.protobuf.Any
+	(*_type.FractionalPercent)(nil),  // 30: envoy.type.FractionalPercent
+}
+var file_envoy_api_v2_core_base_proto_depIdxs = []int32{
+	22, // 0: envoy.api.v2.core.BuildVersion.version:type_name -> envoy.type.SemanticVersion
+	23, // 1: envoy.api.v2.core.BuildVersion.metadata:type_name -> google.protobuf.Struct
+	4,  // 2: envoy.api.v2.core.Extension.version:type_name -> envoy.api.v2.core.BuildVersion
+	23, // 3: envoy.api.v2.core.Node.metadata:type_name -> google.protobuf.Struct
+	3,  // 4: envoy.api.v2.core.Node.locality:type_name -> envoy.api.v2.core.Locality
+	4,  // 5: envoy.api.v2.core.Node.user_agent_build_version:type_name -> envoy.api.v2.core.BuildVersion
+	5,  // 6: envoy.api.v2.core.Node.extensions:type_name -> envoy.api.v2.core.Extension
+	24, // 7: envoy.api.v2.core.Node.listening_addresses:type_name -> envoy.api.v2.core.Address
+	21, // 8: envoy.api.v2.core.Metadata.filter_metadata:type_name -> envoy.api.v2.core.Metadata.FilterMetadataEntry
+	25, // 9: envoy.api.v2.core.RuntimeFeatureFlag.default_value:type_name -> google.protobuf.BoolValue
+	11, // 10: envoy.api.v2.core.HeaderValueOption.header:type_name -> envoy.api.v2.core.HeaderValue
+	25, // 11: envoy.api.v2.core.HeaderValueOption.append:type_name -> google.protobuf.BoolValue
+	11, // 12: envoy.api.v2.core.HeaderMap.headers:type_name -> envoy.api.v2.core.HeaderValue
+	26, // 13: envoy.api.v2.core.RetryPolicy.retry_back_off:type_name -> envoy.api.v2.core.BackoffStrategy
+	27, // 14: envoy.api.v2.core.RetryPolicy.num_retries:type_name -> google.protobuf.UInt32Value
+	28, // 15: envoy.api.v2.core.RemoteDataSource.http_uri:type_name -> envoy.api.v2.core.HttpUri
+	15, // 16: envoy.api.v2.core.RemoteDataSource.retry_policy:type_name -> envoy.api.v2.core.RetryPolicy
+	14, // 17: envoy.api.v2.core.AsyncDataSource.local:type_name -> envoy.api.v2.core.DataSource
+	16, // 18: envoy.api.v2.core.AsyncDataSource.remote:type_name -> envoy.api.v2.core.RemoteDataSource
+	23, // 19: envoy.api.v2.core.TransportSocket.config:type_name -> google.protobuf.Struct
+	29, // 20: envoy.api.v2.core.TransportSocket.typed_config:type_name -> google.protobuf.Any
+	30, // 21: envoy.api.v2.core.RuntimeFractionalPercent.default_value:type_name -> envoy.type.FractionalPercent
+	23, // 22: envoy.api.v2.core.Metadata.FilterMetadataEntry.value:type_name -> google.protobuf.Struct
+	23, // [23:23] is the sub-list for method output_type
+	23, // [23:23] is the sub-list for method input_type
+	23, // [23:23] is the sub-list for extension type_name
+	23, // [23:23] is the sub-list for extension extendee
+	0,  // [0:23] is the sub-list for field type_name
+}
+
+func init() { file_envoy_api_v2_core_base_proto_init() }
+func file_envoy_api_v2_core_base_proto_init() {
+	if File_envoy_api_v2_core_base_proto != nil {
+		return
+	}
+	file_envoy_api_v2_core_address_proto_init()
+	file_envoy_api_v2_core_backoff_proto_init()
+	file_envoy_api_v2_core_http_uri_proto_init()
+	file_envoy_api_v2_core_socket_option_proto_init()
+	if !protoimpl.UnsafeEnabled {
+		file_envoy_api_v2_core_base_proto_msgTypes[0].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*Locality); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_api_v2_core_base_proto_msgTypes[1].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*BuildVersion); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_api_v2_core_base_proto_msgTypes[2].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*Extension); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_api_v2_core_base_proto_msgTypes[3].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*Node); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_api_v2_core_base_proto_msgTypes[4].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*Metadata); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_api_v2_core_base_proto_msgTypes[5].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*RuntimeUInt32); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_api_v2_core_base_proto_msgTypes[6].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*RuntimeDouble); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_api_v2_core_base_proto_msgTypes[7].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*RuntimeFeatureFlag); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_api_v2_core_base_proto_msgTypes[8].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*HeaderValue); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_api_v2_core_base_proto_msgTypes[9].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*HeaderValueOption); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_api_v2_core_base_proto_msgTypes[10].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*HeaderMap); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_api_v2_core_base_proto_msgTypes[11].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*DataSource); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_api_v2_core_base_proto_msgTypes[12].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*RetryPolicy); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_api_v2_core_base_proto_msgTypes[13].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*RemoteDataSource); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_api_v2_core_base_proto_msgTypes[14].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*AsyncDataSource); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_api_v2_core_base_proto_msgTypes[15].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*TransportSocket); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_api_v2_core_base_proto_msgTypes[16].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*RuntimeFractionalPercent); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_api_v2_core_base_proto_msgTypes[17].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*ControlPlane); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+	}
+	file_envoy_api_v2_core_base_proto_msgTypes[3].OneofWrappers = []interface{}{
+		(*Node_UserAgentVersion)(nil),
+		(*Node_UserAgentBuildVersion)(nil),
+	}
+	file_envoy_api_v2_core_base_proto_msgTypes[11].OneofWrappers = []interface{}{
+		(*DataSource_Filename)(nil),
+		(*DataSource_InlineBytes)(nil),
+		(*DataSource_InlineString)(nil),
+	}
+	file_envoy_api_v2_core_base_proto_msgTypes[14].OneofWrappers = []interface{}{
+		(*AsyncDataSource_Local)(nil),
+		(*AsyncDataSource_Remote)(nil),
+	}
+	file_envoy_api_v2_core_base_proto_msgTypes[15].OneofWrappers = []interface{}{
+		(*TransportSocket_Config)(nil),
+		(*TransportSocket_TypedConfig)(nil),
+	}
+	type x struct{}
+	out := protoimpl.TypeBuilder{
+		File: protoimpl.DescBuilder{
+			GoPackagePath: reflect.TypeOf(x{}).PkgPath(),
+			RawDescriptor: file_envoy_api_v2_core_base_proto_rawDesc,
+			NumEnums:      3,
+			NumMessages:   19,
+			NumExtensions: 0,
+			NumServices:   0,
+		},
+		GoTypes:           file_envoy_api_v2_core_base_proto_goTypes,
+		DependencyIndexes: file_envoy_api_v2_core_base_proto_depIdxs,
+		EnumInfos:         file_envoy_api_v2_core_base_proto_enumTypes,
+		MessageInfos:      file_envoy_api_v2_core_base_proto_msgTypes,
+	}.Build()
+	File_envoy_api_v2_core_base_proto = out.File
+	file_envoy_api_v2_core_base_proto_rawDesc = nil
+	file_envoy_api_v2_core_base_proto_goTypes = nil
+	file_envoy_api_v2_core_base_proto_depIdxs = nil
+}
diff --git a/vendor/github.com/envoyproxy/go-control-plane/envoy/api/v2/core/base.pb.validate.go b/vendor/github.com/envoyproxy/go-control-plane/envoy/api/v2/core/base.pb.validate.go
new file mode 100644
index 00000000000..60b92e1a3c2
--- /dev/null
+++ b/vendor/github.com/envoyproxy/go-control-plane/envoy/api/v2/core/base.pb.validate.go
@@ -0,0 +1,2748 @@
+// Code generated by protoc-gen-validate. DO NOT EDIT.
+// source: envoy/api/v2/core/base.proto
+
+package envoy_api_v2_core
+
+import (
+	"bytes"
+	"errors"
+	"fmt"
+	"net"
+	"net/mail"
+	"net/url"
+	"regexp"
+	"sort"
+	"strings"
+	"time"
+	"unicode/utf8"
+
+	"google.golang.org/protobuf/types/known/anypb"
+)
+
+// ensure the imports are used
+var (
+	_ = bytes.MinRead
+	_ = errors.New("")
+	_ = fmt.Print
+	_ = utf8.UTFMax
+	_ = (*regexp.Regexp)(nil)
+	_ = (*strings.Reader)(nil)
+	_ = net.IPv4len
+	_ = time.Duration(0)
+	_ = (*url.URL)(nil)
+	_ = (*mail.Address)(nil)
+	_ = anypb.Any{}
+	_ = sort.Sort
+)
+
+// Validate checks the field values on Locality with the rules defined in the
+// proto definition for this message. If any rules are violated, the first
+// error encountered is returned, or nil if there are no violations.
+func (m *Locality) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on Locality with the rules defined in
+// the proto definition for this message. If any rules are violated, the
+// result is a list of violation errors wrapped in LocalityMultiError, or nil
+// if none found.
+func (m *Locality) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *Locality) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	// no validation rules for Region
+
+	// no validation rules for Zone
+
+	// no validation rules for SubZone
+
+	if len(errors) > 0 {
+		return LocalityMultiError(errors)
+	}
+	return nil
+}
+
+// LocalityMultiError is an error wrapping multiple validation errors returned
+// by Locality.ValidateAll() if the designated constraints aren't met.
+type LocalityMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m LocalityMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m LocalityMultiError) AllErrors() []error { return m }
+
+// LocalityValidationError is the validation error returned by
+// Locality.Validate if the designated constraints aren't met.
+type LocalityValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e LocalityValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e LocalityValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e LocalityValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e LocalityValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e LocalityValidationError) ErrorName() string { return "LocalityValidationError" }
+
+// Error satisfies the builtin error interface
+func (e LocalityValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sLocality.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = LocalityValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = LocalityValidationError{}
+
+// Validate checks the field values on BuildVersion with the rules defined in
+// the proto definition for this message. If any rules are violated, the first
+// error encountered is returned, or nil if there are no violations.
+func (m *BuildVersion) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on BuildVersion with the rules defined
+// in the proto definition for this message. If any rules are violated, the
+// result is a list of violation errors wrapped in BuildVersionMultiError, or
+// nil if none found.
+func (m *BuildVersion) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *BuildVersion) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	if all {
+		switch v := interface{}(m.GetVersion()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, BuildVersionValidationError{
+					field:  "Version",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, BuildVersionValidationError{
+					field:  "Version",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetVersion()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return BuildVersionValidationError{
+				field:  "Version",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if all {
+		switch v := interface{}(m.GetMetadata()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, BuildVersionValidationError{
+					field:  "Metadata",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, BuildVersionValidationError{
+					field:  "Metadata",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetMetadata()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return BuildVersionValidationError{
+				field:  "Metadata",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if len(errors) > 0 {
+		return BuildVersionMultiError(errors)
+	}
+	return nil
+}
+
+// BuildVersionMultiError is an error wrapping multiple validation errors
+// returned by BuildVersion.ValidateAll() if the designated constraints aren't met.
+type BuildVersionMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m BuildVersionMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m BuildVersionMultiError) AllErrors() []error { return m }
+
+// BuildVersionValidationError is the validation error returned by
+// BuildVersion.Validate if the designated constraints aren't met.
+type BuildVersionValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e BuildVersionValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e BuildVersionValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e BuildVersionValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e BuildVersionValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e BuildVersionValidationError) ErrorName() string { return "BuildVersionValidationError" }
+
+// Error satisfies the builtin error interface
+func (e BuildVersionValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sBuildVersion.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = BuildVersionValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = BuildVersionValidationError{}
+
+// Validate checks the field values on Extension with the rules defined in the
+// proto definition for this message. If any rules are violated, the first
+// error encountered is returned, or nil if there are no violations.
+func (m *Extension) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on Extension with the rules defined in
+// the proto definition for this message. If any rules are violated, the
+// result is a list of violation errors wrapped in ExtensionMultiError, or nil
+// if none found.
+func (m *Extension) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *Extension) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	// no validation rules for Name
+
+	// no validation rules for Category
+
+	// no validation rules for TypeDescriptor
+
+	if all {
+		switch v := interface{}(m.GetVersion()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, ExtensionValidationError{
+					field:  "Version",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, ExtensionValidationError{
+					field:  "Version",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetVersion()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return ExtensionValidationError{
+				field:  "Version",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	// no validation rules for Disabled
+
+	if len(errors) > 0 {
+		return ExtensionMultiError(errors)
+	}
+	return nil
+}
+
+// ExtensionMultiError is an error wrapping multiple validation errors returned
+// by Extension.ValidateAll() if the designated constraints aren't met.
+type ExtensionMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m ExtensionMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m ExtensionMultiError) AllErrors() []error { return m }
+
+// ExtensionValidationError is the validation error returned by
+// Extension.Validate if the designated constraints aren't met.
+type ExtensionValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e ExtensionValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e ExtensionValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e ExtensionValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e ExtensionValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e ExtensionValidationError) ErrorName() string { return "ExtensionValidationError" }
+
+// Error satisfies the builtin error interface
+func (e ExtensionValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sExtension.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = ExtensionValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = ExtensionValidationError{}
+
+// Validate checks the field values on Node with the rules defined in the proto
+// definition for this message. If any rules are violated, the first error
+// encountered is returned, or nil if there are no violations.
+func (m *Node) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on Node with the rules defined in the
+// proto definition for this message. If any rules are violated, the result is
+// a list of violation errors wrapped in NodeMultiError, or nil if none found.
+func (m *Node) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *Node) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	// no validation rules for Id
+
+	// no validation rules for Cluster
+
+	if all {
+		switch v := interface{}(m.GetMetadata()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, NodeValidationError{
+					field:  "Metadata",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, NodeValidationError{
+					field:  "Metadata",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetMetadata()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return NodeValidationError{
+				field:  "Metadata",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if all {
+		switch v := interface{}(m.GetLocality()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, NodeValidationError{
+					field:  "Locality",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, NodeValidationError{
+					field:  "Locality",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetLocality()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return NodeValidationError{
+				field:  "Locality",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	// no validation rules for BuildVersion
+
+	// no validation rules for UserAgentName
+
+	for idx, item := range m.GetExtensions() {
+		_, _ = idx, item
+
+		if all {
+			switch v := interface{}(item).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, NodeValidationError{
+						field:  fmt.Sprintf("Extensions[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, NodeValidationError{
+						field:  fmt.Sprintf("Extensions[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(item).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return NodeValidationError{
+					field:  fmt.Sprintf("Extensions[%v]", idx),
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	}
+
+	for idx, item := range m.GetListeningAddresses() {
+		_, _ = idx, item
+
+		if all {
+			switch v := interface{}(item).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, NodeValidationError{
+						field:  fmt.Sprintf("ListeningAddresses[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, NodeValidationError{
+						field:  fmt.Sprintf("ListeningAddresses[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(item).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return NodeValidationError{
+					field:  fmt.Sprintf("ListeningAddresses[%v]", idx),
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	}
+
+	switch m.UserAgentVersionType.(type) {
+
+	case *Node_UserAgentVersion:
+		// no validation rules for UserAgentVersion
+
+	case *Node_UserAgentBuildVersion:
+
+		if all {
+			switch v := interface{}(m.GetUserAgentBuildVersion()).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, NodeValidationError{
+						field:  "UserAgentBuildVersion",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, NodeValidationError{
+						field:  "UserAgentBuildVersion",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(m.GetUserAgentBuildVersion()).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return NodeValidationError{
+					field:  "UserAgentBuildVersion",
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	}
+
+	if len(errors) > 0 {
+		return NodeMultiError(errors)
+	}
+	return nil
+}
+
+// NodeMultiError is an error wrapping multiple validation errors returned by
+// Node.ValidateAll() if the designated constraints aren't met.
+type NodeMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m NodeMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m NodeMultiError) AllErrors() []error { return m }
+
+// NodeValidationError is the validation error returned by Node.Validate if the
+// designated constraints aren't met.
+type NodeValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e NodeValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e NodeValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e NodeValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e NodeValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e NodeValidationError) ErrorName() string { return "NodeValidationError" }
+
+// Error satisfies the builtin error interface
+func (e NodeValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sNode.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = NodeValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = NodeValidationError{}
+
+// Validate checks the field values on Metadata with the rules defined in the
+// proto definition for this message. If any rules are violated, the first
+// error encountered is returned, or nil if there are no violations.
+func (m *Metadata) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on Metadata with the rules defined in
+// the proto definition for this message. If any rules are violated, the
+// result is a list of violation errors wrapped in MetadataMultiError, or nil
+// if none found.
+func (m *Metadata) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *Metadata) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	{
+		sorted_keys := make([]string, len(m.GetFilterMetadata()))
+		i := 0
+		for key := range m.GetFilterMetadata() {
+			sorted_keys[i] = key
+			i++
+		}
+		sort.Slice(sorted_keys, func(i, j int) bool { return sorted_keys[i] < sorted_keys[j] })
+		for _, key := range sorted_keys {
+			val := m.GetFilterMetadata()[key]
+			_ = val
+
+			// no validation rules for FilterMetadata[key]
+
+			if all {
+				switch v := interface{}(val).(type) {
+				case interface{ ValidateAll() error }:
+					if err := v.ValidateAll(); err != nil {
+						errors = append(errors, MetadataValidationError{
+							field:  fmt.Sprintf("FilterMetadata[%v]", key),
+							reason: "embedded message failed validation",
+							cause:  err,
+						})
+					}
+				case interface{ Validate() error }:
+					if err := v.Validate(); err != nil {
+						errors = append(errors, MetadataValidationError{
+							field:  fmt.Sprintf("FilterMetadata[%v]", key),
+							reason: "embedded message failed validation",
+							cause:  err,
+						})
+					}
+				}
+			} else if v, ok := interface{}(val).(interface{ Validate() error }); ok {
+				if err := v.Validate(); err != nil {
+					return MetadataValidationError{
+						field:  fmt.Sprintf("FilterMetadata[%v]", key),
+						reason: "embedded message failed validation",
+						cause:  err,
+					}
+				}
+			}
+
+		}
+	}
+
+	if len(errors) > 0 {
+		return MetadataMultiError(errors)
+	}
+	return nil
+}
+
+// MetadataMultiError is an error wrapping multiple validation errors returned
+// by Metadata.ValidateAll() if the designated constraints aren't met.
+type MetadataMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m MetadataMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m MetadataMultiError) AllErrors() []error { return m }
+
+// MetadataValidationError is the validation error returned by
+// Metadata.Validate if the designated constraints aren't met.
+type MetadataValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e MetadataValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e MetadataValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e MetadataValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e MetadataValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e MetadataValidationError) ErrorName() string { return "MetadataValidationError" }
+
+// Error satisfies the builtin error interface
+func (e MetadataValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sMetadata.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = MetadataValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = MetadataValidationError{}
+
+// Validate checks the field values on RuntimeUInt32 with the rules defined in
+// the proto definition for this message. If any rules are violated, the first
+// error encountered is returned, or nil if there are no violations.
+func (m *RuntimeUInt32) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on RuntimeUInt32 with the rules defined
+// in the proto definition for this message. If any rules are violated, the
+// result is a list of violation errors wrapped in RuntimeUInt32MultiError, or
+// nil if none found.
+func (m *RuntimeUInt32) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *RuntimeUInt32) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	// no validation rules for DefaultValue
+
+	if len(m.GetRuntimeKey()) < 1 {
+		err := RuntimeUInt32ValidationError{
+			field:  "RuntimeKey",
+			reason: "value length must be at least 1 bytes",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+	}
+
+	if len(errors) > 0 {
+		return RuntimeUInt32MultiError(errors)
+	}
+	return nil
+}
+
+// RuntimeUInt32MultiError is an error wrapping multiple validation errors
+// returned by RuntimeUInt32.ValidateAll() if the designated constraints
+// aren't met.
+type RuntimeUInt32MultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m RuntimeUInt32MultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m RuntimeUInt32MultiError) AllErrors() []error { return m }
+
+// RuntimeUInt32ValidationError is the validation error returned by
+// RuntimeUInt32.Validate if the designated constraints aren't met.
+type RuntimeUInt32ValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e RuntimeUInt32ValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e RuntimeUInt32ValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e RuntimeUInt32ValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e RuntimeUInt32ValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e RuntimeUInt32ValidationError) ErrorName() string { return "RuntimeUInt32ValidationError" }
+
+// Error satisfies the builtin error interface
+func (e RuntimeUInt32ValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sRuntimeUInt32.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = RuntimeUInt32ValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = RuntimeUInt32ValidationError{}
+
+// Validate checks the field values on RuntimeDouble with the rules defined in
+// the proto definition for this message. If any rules are violated, the first
+// error encountered is returned, or nil if there are no violations.
+func (m *RuntimeDouble) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on RuntimeDouble with the rules defined
+// in the proto definition for this message. If any rules are violated, the
+// result is a list of violation errors wrapped in RuntimeDoubleMultiError, or
+// nil if none found.
+func (m *RuntimeDouble) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *RuntimeDouble) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	// no validation rules for DefaultValue
+
+	if len(m.GetRuntimeKey()) < 1 {
+		err := RuntimeDoubleValidationError{
+			field:  "RuntimeKey",
+			reason: "value length must be at least 1 bytes",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+	}
+
+	if len(errors) > 0 {
+		return RuntimeDoubleMultiError(errors)
+	}
+	return nil
+}
+
+// RuntimeDoubleMultiError is an error wrapping multiple validation errors
+// returned by RuntimeDouble.ValidateAll() if the designated constraints
+// aren't met.
+type RuntimeDoubleMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m RuntimeDoubleMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m RuntimeDoubleMultiError) AllErrors() []error { return m }
+
+// RuntimeDoubleValidationError is the validation error returned by
+// RuntimeDouble.Validate if the designated constraints aren't met.
+type RuntimeDoubleValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e RuntimeDoubleValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e RuntimeDoubleValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e RuntimeDoubleValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e RuntimeDoubleValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e RuntimeDoubleValidationError) ErrorName() string { return "RuntimeDoubleValidationError" }
+
+// Error satisfies the builtin error interface
+func (e RuntimeDoubleValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sRuntimeDouble.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = RuntimeDoubleValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = RuntimeDoubleValidationError{}
+
+// Validate checks the field values on RuntimeFeatureFlag with the rules
+// defined in the proto definition for this message. If any rules are
+// violated, the first error encountered is returned, or nil if there are no violations.
+func (m *RuntimeFeatureFlag) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on RuntimeFeatureFlag with the rules
+// defined in the proto definition for this message. If any rules are
+// violated, the result is a list of violation errors wrapped in
+// RuntimeFeatureFlagMultiError, or nil if none found.
+func (m *RuntimeFeatureFlag) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *RuntimeFeatureFlag) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	if m.GetDefaultValue() == nil {
+		err := RuntimeFeatureFlagValidationError{
+			field:  "DefaultValue",
+			reason: "value is required",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+	}
+
+	if all {
+		switch v := interface{}(m.GetDefaultValue()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, RuntimeFeatureFlagValidationError{
+					field:  "DefaultValue",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, RuntimeFeatureFlagValidationError{
+					field:  "DefaultValue",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetDefaultValue()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return RuntimeFeatureFlagValidationError{
+				field:  "DefaultValue",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if len(m.GetRuntimeKey()) < 1 {
+		err := RuntimeFeatureFlagValidationError{
+			field:  "RuntimeKey",
+			reason: "value length must be at least 1 bytes",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+	}
+
+	if len(errors) > 0 {
+		return RuntimeFeatureFlagMultiError(errors)
+	}
+	return nil
+}
+
+// RuntimeFeatureFlagMultiError is an error wrapping multiple validation errors
+// returned by RuntimeFeatureFlag.ValidateAll() if the designated constraints
+// aren't met.
+type RuntimeFeatureFlagMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m RuntimeFeatureFlagMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m RuntimeFeatureFlagMultiError) AllErrors() []error { return m }
+
+// RuntimeFeatureFlagValidationError is the validation error returned by
+// RuntimeFeatureFlag.Validate if the designated constraints aren't met.
+type RuntimeFeatureFlagValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e RuntimeFeatureFlagValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e RuntimeFeatureFlagValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e RuntimeFeatureFlagValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e RuntimeFeatureFlagValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e RuntimeFeatureFlagValidationError) ErrorName() string {
+	return "RuntimeFeatureFlagValidationError"
+}
+
+// Error satisfies the builtin error interface
+func (e RuntimeFeatureFlagValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sRuntimeFeatureFlag.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = RuntimeFeatureFlagValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = RuntimeFeatureFlagValidationError{}
+
+// Validate checks the field values on HeaderValue with the rules defined in
+// the proto definition for this message. If any rules are violated, the first
+// error encountered is returned, or nil if there are no violations.
+func (m *HeaderValue) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on HeaderValue with the rules defined in
+// the proto definition for this message. If any rules are violated, the
+// result is a list of violation errors wrapped in HeaderValueMultiError, or
+// nil if none found.
+func (m *HeaderValue) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *HeaderValue) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	if l := len(m.GetKey()); l < 1 || l > 16384 {
+		err := HeaderValueValidationError{
+			field:  "Key",
+			reason: "value length must be between 1 and 16384 bytes, inclusive",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+	}
+
+	if !_HeaderValue_Key_Pattern.MatchString(m.GetKey()) {
+		err := HeaderValueValidationError{
+			field:  "Key",
+			reason: "value does not match regex pattern \"^[^\\x00\\n\\r]*$\"",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+	}
+
+	if len(m.GetValue()) > 16384 {
+		err := HeaderValueValidationError{
+			field:  "Value",
+			reason: "value length must be at most 16384 bytes",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+	}
+
+	if !_HeaderValue_Value_Pattern.MatchString(m.GetValue()) {
+		err := HeaderValueValidationError{
+			field:  "Value",
+			reason: "value does not match regex pattern \"^[^\\x00\\n\\r]*$\"",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+	}
+
+	if len(errors) > 0 {
+		return HeaderValueMultiError(errors)
+	}
+	return nil
+}
+
+// HeaderValueMultiError is an error wrapping multiple validation errors
+// returned by HeaderValue.ValidateAll() if the designated constraints aren't met.
+type HeaderValueMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m HeaderValueMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m HeaderValueMultiError) AllErrors() []error { return m }
+
+// HeaderValueValidationError is the validation error returned by
+// HeaderValue.Validate if the designated constraints aren't met.
+type HeaderValueValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e HeaderValueValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e HeaderValueValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e HeaderValueValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e HeaderValueValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e HeaderValueValidationError) ErrorName() string { return "HeaderValueValidationError" }
+
+// Error satisfies the builtin error interface
+func (e HeaderValueValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sHeaderValue.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = HeaderValueValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = HeaderValueValidationError{}
+
+var _HeaderValue_Key_Pattern = regexp.MustCompile("^[^\x00\n\r]*$")
+
+var _HeaderValue_Value_Pattern = regexp.MustCompile("^[^\x00\n\r]*$")
+
+// Validate checks the field values on HeaderValueOption with the rules defined
+// in the proto definition for this message. If any rules are violated, the
+// first error encountered is returned, or nil if there are no violations.
+func (m *HeaderValueOption) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on HeaderValueOption with the rules
+// defined in the proto definition for this message. If any rules are
+// violated, the result is a list of violation errors wrapped in
+// HeaderValueOptionMultiError, or nil if none found.
+func (m *HeaderValueOption) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *HeaderValueOption) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	if m.GetHeader() == nil {
+		err := HeaderValueOptionValidationError{
+			field:  "Header",
+			reason: "value is required",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+	}
+
+	if all {
+		switch v := interface{}(m.GetHeader()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, HeaderValueOptionValidationError{
+					field:  "Header",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, HeaderValueOptionValidationError{
+					field:  "Header",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetHeader()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return HeaderValueOptionValidationError{
+				field:  "Header",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if all {
+		switch v := interface{}(m.GetAppend()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, HeaderValueOptionValidationError{
+					field:  "Append",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, HeaderValueOptionValidationError{
+					field:  "Append",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetAppend()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return HeaderValueOptionValidationError{
+				field:  "Append",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if len(errors) > 0 {
+		return HeaderValueOptionMultiError(errors)
+	}
+	return nil
+}
+
+// HeaderValueOptionMultiError is an error wrapping multiple validation errors
+// returned by HeaderValueOption.ValidateAll() if the designated constraints
+// aren't met.
+type HeaderValueOptionMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m HeaderValueOptionMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m HeaderValueOptionMultiError) AllErrors() []error { return m }
+
+// HeaderValueOptionValidationError is the validation error returned by
+// HeaderValueOption.Validate if the designated constraints aren't met.
+type HeaderValueOptionValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e HeaderValueOptionValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e HeaderValueOptionValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e HeaderValueOptionValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e HeaderValueOptionValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e HeaderValueOptionValidationError) ErrorName() string {
+	return "HeaderValueOptionValidationError"
+}
+
+// Error satisfies the builtin error interface
+func (e HeaderValueOptionValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sHeaderValueOption.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = HeaderValueOptionValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = HeaderValueOptionValidationError{}
+
+// Validate checks the field values on HeaderMap with the rules defined in the
+// proto definition for this message. If any rules are violated, the first
+// error encountered is returned, or nil if there are no violations.
+func (m *HeaderMap) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on HeaderMap with the rules defined in
+// the proto definition for this message. If any rules are violated, the
+// result is a list of violation errors wrapped in HeaderMapMultiError, or nil
+// if none found.
+func (m *HeaderMap) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *HeaderMap) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	for idx, item := range m.GetHeaders() {
+		_, _ = idx, item
+
+		if all {
+			switch v := interface{}(item).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, HeaderMapValidationError{
+						field:  fmt.Sprintf("Headers[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, HeaderMapValidationError{
+						field:  fmt.Sprintf("Headers[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(item).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return HeaderMapValidationError{
+					field:  fmt.Sprintf("Headers[%v]", idx),
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	}
+
+	if len(errors) > 0 {
+		return HeaderMapMultiError(errors)
+	}
+	return nil
+}
+
+// HeaderMapMultiError is an error wrapping multiple validation errors returned
+// by HeaderMap.ValidateAll() if the designated constraints aren't met.
+type HeaderMapMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m HeaderMapMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m HeaderMapMultiError) AllErrors() []error { return m }
+
+// HeaderMapValidationError is the validation error returned by
+// HeaderMap.Validate if the designated constraints aren't met.
+type HeaderMapValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e HeaderMapValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e HeaderMapValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e HeaderMapValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e HeaderMapValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e HeaderMapValidationError) ErrorName() string { return "HeaderMapValidationError" }
+
+// Error satisfies the builtin error interface
+func (e HeaderMapValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sHeaderMap.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = HeaderMapValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = HeaderMapValidationError{}
+
+// Validate checks the field values on DataSource with the rules defined in the
+// proto definition for this message. If any rules are violated, the first
+// error encountered is returned, or nil if there are no violations.
+func (m *DataSource) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on DataSource with the rules defined in
+// the proto definition for this message. If any rules are violated, the
+// result is a list of violation errors wrapped in DataSourceMultiError, or
+// nil if none found.
+func (m *DataSource) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *DataSource) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	switch m.Specifier.(type) {
+
+	case *DataSource_Filename:
+
+		if len(m.GetFilename()) < 1 {
+			err := DataSourceValidationError{
+				field:  "Filename",
+				reason: "value length must be at least 1 bytes",
+			}
+			if !all {
+				return err
+			}
+			errors = append(errors, err)
+		}
+
+	case *DataSource_InlineBytes:
+
+		if len(m.GetInlineBytes()) < 1 {
+			err := DataSourceValidationError{
+				field:  "InlineBytes",
+				reason: "value length must be at least 1 bytes",
+			}
+			if !all {
+				return err
+			}
+			errors = append(errors, err)
+		}
+
+	case *DataSource_InlineString:
+
+		if len(m.GetInlineString()) < 1 {
+			err := DataSourceValidationError{
+				field:  "InlineString",
+				reason: "value length must be at least 1 bytes",
+			}
+			if !all {
+				return err
+			}
+			errors = append(errors, err)
+		}
+
+	default:
+		err := DataSourceValidationError{
+			field:  "Specifier",
+			reason: "value is required",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+
+	}
+
+	if len(errors) > 0 {
+		return DataSourceMultiError(errors)
+	}
+	return nil
+}
+
+// DataSourceMultiError is an error wrapping multiple validation errors
+// returned by DataSource.ValidateAll() if the designated constraints aren't met.
+type DataSourceMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m DataSourceMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m DataSourceMultiError) AllErrors() []error { return m }
+
+// DataSourceValidationError is the validation error returned by
+// DataSource.Validate if the designated constraints aren't met.
+type DataSourceValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e DataSourceValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e DataSourceValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e DataSourceValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e DataSourceValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e DataSourceValidationError) ErrorName() string { return "DataSourceValidationError" }
+
+// Error satisfies the builtin error interface
+func (e DataSourceValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sDataSource.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = DataSourceValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = DataSourceValidationError{}
+
+// Validate checks the field values on RetryPolicy with the rules defined in
+// the proto definition for this message. If any rules are violated, the first
+// error encountered is returned, or nil if there are no violations.
+func (m *RetryPolicy) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on RetryPolicy with the rules defined in
+// the proto definition for this message. If any rules are violated, the
+// result is a list of violation errors wrapped in RetryPolicyMultiError, or
+// nil if none found.
+func (m *RetryPolicy) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *RetryPolicy) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	if all {
+		switch v := interface{}(m.GetRetryBackOff()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, RetryPolicyValidationError{
+					field:  "RetryBackOff",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, RetryPolicyValidationError{
+					field:  "RetryBackOff",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetRetryBackOff()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return RetryPolicyValidationError{
+				field:  "RetryBackOff",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if all {
+		switch v := interface{}(m.GetNumRetries()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, RetryPolicyValidationError{
+					field:  "NumRetries",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, RetryPolicyValidationError{
+					field:  "NumRetries",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetNumRetries()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return RetryPolicyValidationError{
+				field:  "NumRetries",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if len(errors) > 0 {
+		return RetryPolicyMultiError(errors)
+	}
+	return nil
+}
+
+// RetryPolicyMultiError is an error wrapping multiple validation errors
+// returned by RetryPolicy.ValidateAll() if the designated constraints aren't met.
+type RetryPolicyMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m RetryPolicyMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m RetryPolicyMultiError) AllErrors() []error { return m }
+
+// RetryPolicyValidationError is the validation error returned by
+// RetryPolicy.Validate if the designated constraints aren't met.
+type RetryPolicyValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e RetryPolicyValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e RetryPolicyValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e RetryPolicyValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e RetryPolicyValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e RetryPolicyValidationError) ErrorName() string { return "RetryPolicyValidationError" }
+
+// Error satisfies the builtin error interface
+func (e RetryPolicyValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sRetryPolicy.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = RetryPolicyValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = RetryPolicyValidationError{}
+
+// Validate checks the field values on RemoteDataSource with the rules defined
+// in the proto definition for this message. If any rules are violated, the
+// first error encountered is returned, or nil if there are no violations.
+func (m *RemoteDataSource) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on RemoteDataSource with the rules
+// defined in the proto definition for this message. If any rules are
+// violated, the result is a list of violation errors wrapped in
+// RemoteDataSourceMultiError, or nil if none found.
+func (m *RemoteDataSource) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *RemoteDataSource) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	if m.GetHttpUri() == nil {
+		err := RemoteDataSourceValidationError{
+			field:  "HttpUri",
+			reason: "value is required",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+	}
+
+	if all {
+		switch v := interface{}(m.GetHttpUri()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, RemoteDataSourceValidationError{
+					field:  "HttpUri",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, RemoteDataSourceValidationError{
+					field:  "HttpUri",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetHttpUri()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return RemoteDataSourceValidationError{
+				field:  "HttpUri",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if len(m.GetSha256()) < 1 {
+		err := RemoteDataSourceValidationError{
+			field:  "Sha256",
+			reason: "value length must be at least 1 bytes",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+	}
+
+	if all {
+		switch v := interface{}(m.GetRetryPolicy()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, RemoteDataSourceValidationError{
+					field:  "RetryPolicy",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, RemoteDataSourceValidationError{
+					field:  "RetryPolicy",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetRetryPolicy()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return RemoteDataSourceValidationError{
+				field:  "RetryPolicy",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if len(errors) > 0 {
+		return RemoteDataSourceMultiError(errors)
+	}
+	return nil
+}
+
+// RemoteDataSourceMultiError is an error wrapping multiple validation errors
+// returned by RemoteDataSource.ValidateAll() if the designated constraints
+// aren't met.
+type RemoteDataSourceMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m RemoteDataSourceMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m RemoteDataSourceMultiError) AllErrors() []error { return m }
+
+// RemoteDataSourceValidationError is the validation error returned by
+// RemoteDataSource.Validate if the designated constraints aren't met.
+type RemoteDataSourceValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e RemoteDataSourceValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e RemoteDataSourceValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e RemoteDataSourceValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e RemoteDataSourceValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e RemoteDataSourceValidationError) ErrorName() string { return "RemoteDataSourceValidationError" }
+
+// Error satisfies the builtin error interface
+func (e RemoteDataSourceValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sRemoteDataSource.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = RemoteDataSourceValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = RemoteDataSourceValidationError{}
+
+// Validate checks the field values on AsyncDataSource with the rules defined
+// in the proto definition for this message. If any rules are violated, the
+// first error encountered is returned, or nil if there are no violations.
+func (m *AsyncDataSource) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on AsyncDataSource with the rules
+// defined in the proto definition for this message. If any rules are
+// violated, the result is a list of violation errors wrapped in
+// AsyncDataSourceMultiError, or nil if none found.
+func (m *AsyncDataSource) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *AsyncDataSource) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	switch m.Specifier.(type) {
+
+	case *AsyncDataSource_Local:
+
+		if all {
+			switch v := interface{}(m.GetLocal()).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, AsyncDataSourceValidationError{
+						field:  "Local",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, AsyncDataSourceValidationError{
+						field:  "Local",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(m.GetLocal()).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return AsyncDataSourceValidationError{
+					field:  "Local",
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	case *AsyncDataSource_Remote:
+
+		if all {
+			switch v := interface{}(m.GetRemote()).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, AsyncDataSourceValidationError{
+						field:  "Remote",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, AsyncDataSourceValidationError{
+						field:  "Remote",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(m.GetRemote()).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return AsyncDataSourceValidationError{
+					field:  "Remote",
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	default:
+		err := AsyncDataSourceValidationError{
+			field:  "Specifier",
+			reason: "value is required",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+
+	}
+
+	if len(errors) > 0 {
+		return AsyncDataSourceMultiError(errors)
+	}
+	return nil
+}
+
+// AsyncDataSourceMultiError is an error wrapping multiple validation errors
+// returned by AsyncDataSource.ValidateAll() if the designated constraints
+// aren't met.
+type AsyncDataSourceMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m AsyncDataSourceMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m AsyncDataSourceMultiError) AllErrors() []error { return m }
+
+// AsyncDataSourceValidationError is the validation error returned by
+// AsyncDataSource.Validate if the designated constraints aren't met.
+type AsyncDataSourceValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e AsyncDataSourceValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e AsyncDataSourceValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e AsyncDataSourceValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e AsyncDataSourceValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e AsyncDataSourceValidationError) ErrorName() string { return "AsyncDataSourceValidationError" }
+
+// Error satisfies the builtin error interface
+func (e AsyncDataSourceValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sAsyncDataSource.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = AsyncDataSourceValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = AsyncDataSourceValidationError{}
+
+// Validate checks the field values on TransportSocket with the rules defined
+// in the proto definition for this message. If any rules are violated, the
+// first error encountered is returned, or nil if there are no violations.
+func (m *TransportSocket) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on TransportSocket with the rules
+// defined in the proto definition for this message. If any rules are
+// violated, the result is a list of violation errors wrapped in
+// TransportSocketMultiError, or nil if none found.
+func (m *TransportSocket) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *TransportSocket) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	if len(m.GetName()) < 1 {
+		err := TransportSocketValidationError{
+			field:  "Name",
+			reason: "value length must be at least 1 bytes",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+	}
+
+	switch m.ConfigType.(type) {
+
+	case *TransportSocket_Config:
+
+		if all {
+			switch v := interface{}(m.GetConfig()).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, TransportSocketValidationError{
+						field:  "Config",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, TransportSocketValidationError{
+						field:  "Config",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(m.GetConfig()).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return TransportSocketValidationError{
+					field:  "Config",
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	case *TransportSocket_TypedConfig:
+
+		if all {
+			switch v := interface{}(m.GetTypedConfig()).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, TransportSocketValidationError{
+						field:  "TypedConfig",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, TransportSocketValidationError{
+						field:  "TypedConfig",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(m.GetTypedConfig()).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return TransportSocketValidationError{
+					field:  "TypedConfig",
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	}
+
+	if len(errors) > 0 {
+		return TransportSocketMultiError(errors)
+	}
+	return nil
+}
+
+// TransportSocketMultiError is an error wrapping multiple validation errors
+// returned by TransportSocket.ValidateAll() if the designated constraints
+// aren't met.
+type TransportSocketMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m TransportSocketMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m TransportSocketMultiError) AllErrors() []error { return m }
+
+// TransportSocketValidationError is the validation error returned by
+// TransportSocket.Validate if the designated constraints aren't met.
+type TransportSocketValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e TransportSocketValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e TransportSocketValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e TransportSocketValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e TransportSocketValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e TransportSocketValidationError) ErrorName() string { return "TransportSocketValidationError" }
+
+// Error satisfies the builtin error interface
+func (e TransportSocketValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sTransportSocket.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = TransportSocketValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = TransportSocketValidationError{}
+
+// Validate checks the field values on RuntimeFractionalPercent with the rules
+// defined in the proto definition for this message. If any rules are
+// violated, the first error encountered is returned, or nil if there are no violations.
+func (m *RuntimeFractionalPercent) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on RuntimeFractionalPercent with the
+// rules defined in the proto definition for this message. If any rules are
+// violated, the result is a list of violation errors wrapped in
+// RuntimeFractionalPercentMultiError, or nil if none found.
+func (m *RuntimeFractionalPercent) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *RuntimeFractionalPercent) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	if m.GetDefaultValue() == nil {
+		err := RuntimeFractionalPercentValidationError{
+			field:  "DefaultValue",
+			reason: "value is required",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+	}
+
+	if all {
+		switch v := interface{}(m.GetDefaultValue()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, RuntimeFractionalPercentValidationError{
+					field:  "DefaultValue",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, RuntimeFractionalPercentValidationError{
+					field:  "DefaultValue",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetDefaultValue()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return RuntimeFractionalPercentValidationError{
+				field:  "DefaultValue",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	// no validation rules for RuntimeKey
+
+	if len(errors) > 0 {
+		return RuntimeFractionalPercentMultiError(errors)
+	}
+	return nil
+}
+
+// RuntimeFractionalPercentMultiError is an error wrapping multiple validation
+// errors returned by RuntimeFractionalPercent.ValidateAll() if the designated
+// constraints aren't met.
+type RuntimeFractionalPercentMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m RuntimeFractionalPercentMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m RuntimeFractionalPercentMultiError) AllErrors() []error { return m }
+
+// RuntimeFractionalPercentValidationError is the validation error returned by
+// RuntimeFractionalPercent.Validate if the designated constraints aren't met.
+type RuntimeFractionalPercentValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e RuntimeFractionalPercentValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e RuntimeFractionalPercentValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e RuntimeFractionalPercentValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e RuntimeFractionalPercentValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e RuntimeFractionalPercentValidationError) ErrorName() string {
+	return "RuntimeFractionalPercentValidationError"
+}
+
+// Error satisfies the builtin error interface
+func (e RuntimeFractionalPercentValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sRuntimeFractionalPercent.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = RuntimeFractionalPercentValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = RuntimeFractionalPercentValidationError{}
+
+// Validate checks the field values on ControlPlane with the rules defined in
+// the proto definition for this message. If any rules are violated, the first
+// error encountered is returned, or nil if there are no violations.
+func (m *ControlPlane) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on ControlPlane with the rules defined
+// in the proto definition for this message. If any rules are violated, the
+// result is a list of violation errors wrapped in ControlPlaneMultiError, or
+// nil if none found.
+func (m *ControlPlane) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *ControlPlane) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	// no validation rules for Identifier
+
+	if len(errors) > 0 {
+		return ControlPlaneMultiError(errors)
+	}
+	return nil
+}
+
+// ControlPlaneMultiError is an error wrapping multiple validation errors
+// returned by ControlPlane.ValidateAll() if the designated constraints aren't met.
+type ControlPlaneMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m ControlPlaneMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m ControlPlaneMultiError) AllErrors() []error { return m }
+
+// ControlPlaneValidationError is the validation error returned by
+// ControlPlane.Validate if the designated constraints aren't met.
+type ControlPlaneValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e ControlPlaneValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e ControlPlaneValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e ControlPlaneValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e ControlPlaneValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e ControlPlaneValidationError) ErrorName() string { return "ControlPlaneValidationError" }
+
+// Error satisfies the builtin error interface
+func (e ControlPlaneValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sControlPlane.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = ControlPlaneValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = ControlPlaneValidationError{}
diff --git a/vendor/github.com/envoyproxy/go-control-plane/envoy/api/v2/core/config_source.pb.go b/vendor/github.com/envoyproxy/go-control-plane/envoy/api/v2/core/config_source.pb.go
new file mode 100644
index 00000000000..347f30d8c13
--- /dev/null
+++ b/vendor/github.com/envoyproxy/go-control-plane/envoy/api/v2/core/config_source.pb.go
@@ -0,0 +1,866 @@
+// Code generated by protoc-gen-go. DO NOT EDIT.
+// versions:
+// 	protoc-gen-go v1.25.0
+// 	protoc        v3.19.1
+// source: envoy/api/v2/core/config_source.proto
+
+package envoy_api_v2_core
+
+import (
+	_ "github.com/cncf/xds/go/udpa/annotations"
+	_ "github.com/envoyproxy/go-control-plane/envoy/annotations"
+	_ "github.com/envoyproxy/protoc-gen-validate/validate"
+	proto "github.com/golang/protobuf/proto"
+	duration "github.com/golang/protobuf/ptypes/duration"
+	wrappers "github.com/golang/protobuf/ptypes/wrappers"
+	protoreflect "google.golang.org/protobuf/reflect/protoreflect"
+	protoimpl "google.golang.org/protobuf/runtime/protoimpl"
+	reflect "reflect"
+	sync "sync"
+)
+
+const (
+	// Verify that this generated code is sufficiently up-to-date.
+	_ = protoimpl.EnforceVersion(20 - protoimpl.MinVersion)
+	// Verify that runtime/protoimpl is sufficiently up-to-date.
+	_ = protoimpl.EnforceVersion(protoimpl.MaxVersion - 20)
+)
+
+// This is a compile-time assertion that a sufficiently up-to-date version
+// of the legacy proto package is being used.
+const _ = proto.ProtoPackageIsVersion4
+
+// xDS API version. This is used to describe both resource and transport
+// protocol versions (in distinct configuration fields).
+type ApiVersion int32
+
+const (
+	// When not specified, we assume v2, to ease migration to Envoy's stable API
+	// versioning. If a client does not support v2 (e.g. due to deprecation), this
+	// is an invalid value.
+	//
+	// Deprecated: Do not use.
+	ApiVersion_AUTO ApiVersion = 0
+	// Use xDS v2 API.
+	//
+	// Deprecated: Do not use.
+	ApiVersion_V2 ApiVersion = 1
+	// Use xDS v3 API.
+	ApiVersion_V3 ApiVersion = 2
+)
+
+// Enum value maps for ApiVersion.
+var (
+	ApiVersion_name = map[int32]string{
+		0: "AUTO",
+		1: "V2",
+		2: "V3",
+	}
+	ApiVersion_value = map[string]int32{
+		"AUTO": 0,
+		"V2":   1,
+		"V3":   2,
+	}
+)
+
+func (x ApiVersion) Enum() *ApiVersion {
+	p := new(ApiVersion)
+	*p = x
+	return p
+}
+
+func (x ApiVersion) String() string {
+	return protoimpl.X.EnumStringOf(x.Descriptor(), protoreflect.EnumNumber(x))
+}
+
+func (ApiVersion) Descriptor() protoreflect.EnumDescriptor {
+	return file_envoy_api_v2_core_config_source_proto_enumTypes[0].Descriptor()
+}
+
+func (ApiVersion) Type() protoreflect.EnumType {
+	return &file_envoy_api_v2_core_config_source_proto_enumTypes[0]
+}
+
+func (x ApiVersion) Number() protoreflect.EnumNumber {
+	return protoreflect.EnumNumber(x)
+}
+
+// Deprecated: Use ApiVersion.Descriptor instead.
+func (ApiVersion) EnumDescriptor() ([]byte, []int) {
+	return file_envoy_api_v2_core_config_source_proto_rawDescGZIP(), []int{0}
+}
+
+// APIs may be fetched via either REST or gRPC.
+type ApiConfigSource_ApiType int32
+
+const (
+	// Ideally this would be 'reserved 0' but one can't reserve the default
+	// value. Instead we throw an exception if this is ever used.
+	//
+	// Deprecated: Do not use.
+	ApiConfigSource_UNSUPPORTED_REST_LEGACY ApiConfigSource_ApiType = 0
+	// REST-JSON v2 API. The `canonical JSON encoding
+	// <https://developers.google.com/protocol-buffers/docs/proto3#json>`_ for
+	// the v2 protos is used.
+	ApiConfigSource_REST ApiConfigSource_ApiType = 1
+	// gRPC v2 API.
+	ApiConfigSource_GRPC ApiConfigSource_ApiType = 2
+	// Using the delta xDS gRPC service, i.e. DeltaDiscovery{Request,Response}
+	// rather than Discovery{Request,Response}. Rather than sending Envoy the entire state
+	// with every update, the xDS server only sends what has changed since the last update.
+	ApiConfigSource_DELTA_GRPC ApiConfigSource_ApiType = 3
+)
+
+// Enum value maps for ApiConfigSource_ApiType.
+var (
+	ApiConfigSource_ApiType_name = map[int32]string{
+		0: "UNSUPPORTED_REST_LEGACY",
+		1: "REST",
+		2: "GRPC",
+		3: "DELTA_GRPC",
+	}
+	ApiConfigSource_ApiType_value = map[string]int32{
+		"UNSUPPORTED_REST_LEGACY": 0,
+		"REST":                    1,
+		"GRPC":                    2,
+		"DELTA_GRPC":              3,
+	}
+)
+
+func (x ApiConfigSource_ApiType) Enum() *ApiConfigSource_ApiType {
+	p := new(ApiConfigSource_ApiType)
+	*p = x
+	return p
+}
+
+func (x ApiConfigSource_ApiType) String() string {
+	return protoimpl.X.EnumStringOf(x.Descriptor(), protoreflect.EnumNumber(x))
+}
+
+func (ApiConfigSource_ApiType) Descriptor() protoreflect.EnumDescriptor {
+	return file_envoy_api_v2_core_config_source_proto_enumTypes[1].Descriptor()
+}
+
+func (ApiConfigSource_ApiType) Type() protoreflect.EnumType {
+	return &file_envoy_api_v2_core_config_source_proto_enumTypes[1]
+}
+
+func (x ApiConfigSource_ApiType) Number() protoreflect.EnumNumber {
+	return protoreflect.EnumNumber(x)
+}
+
+// Deprecated: Use ApiConfigSource_ApiType.Descriptor instead.
+func (ApiConfigSource_ApiType) EnumDescriptor() ([]byte, []int) {
+	return file_envoy_api_v2_core_config_source_proto_rawDescGZIP(), []int{0, 0}
+}
+
+// API configuration source. This identifies the API type and cluster that Envoy
+// will use to fetch an xDS API.
+// [#next-free-field: 9]
+type ApiConfigSource struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// API type (gRPC, REST, delta gRPC)
+	ApiType ApiConfigSource_ApiType `protobuf:"varint,1,opt,name=api_type,json=apiType,proto3,enum=envoy.api.v2.core.ApiConfigSource_ApiType" json:"api_type,omitempty"`
+	// API version for xDS transport protocol. This describes the xDS gRPC/REST
+	// endpoint and version of [Delta]DiscoveryRequest/Response used on the wire.
+	TransportApiVersion ApiVersion `protobuf:"varint,8,opt,name=transport_api_version,json=transportApiVersion,proto3,enum=envoy.api.v2.core.ApiVersion" json:"transport_api_version,omitempty"`
+	// Cluster names should be used only with REST. If > 1
+	// cluster is defined, clusters will be cycled through if any kind of failure
+	// occurs.
+	//
+	// .. note::
+	//
+	//  The cluster with name ``cluster_name`` must be statically defined and its
+	//  type must not be ``EDS``.
+	ClusterNames []string `protobuf:"bytes,2,rep,name=cluster_names,json=clusterNames,proto3" json:"cluster_names,omitempty"`
+	// Multiple gRPC services be provided for GRPC. If > 1 cluster is defined,
+	// services will be cycled through if any kind of failure occurs.
+	GrpcServices []*GrpcService `protobuf:"bytes,4,rep,name=grpc_services,json=grpcServices,proto3" json:"grpc_services,omitempty"`
+	// For REST APIs, the delay between successive polls.
+	RefreshDelay *duration.Duration `protobuf:"bytes,3,opt,name=refresh_delay,json=refreshDelay,proto3" json:"refresh_delay,omitempty"`
+	// For REST APIs, the request timeout. If not set, a default value of 1s will be used.
+	RequestTimeout *duration.Duration `protobuf:"bytes,5,opt,name=request_timeout,json=requestTimeout,proto3" json:"request_timeout,omitempty"`
+	// For GRPC APIs, the rate limit settings. If present, discovery requests made by Envoy will be
+	// rate limited.
+	RateLimitSettings *RateLimitSettings `protobuf:"bytes,6,opt,name=rate_limit_settings,json=rateLimitSettings,proto3" json:"rate_limit_settings,omitempty"`
+	// Skip the node identifier in subsequent discovery requests for streaming gRPC config types.
+	SetNodeOnFirstMessageOnly bool `protobuf:"varint,7,opt,name=set_node_on_first_message_only,json=setNodeOnFirstMessageOnly,proto3" json:"set_node_on_first_message_only,omitempty"`
+}
+
+func (x *ApiConfigSource) Reset() {
+	*x = ApiConfigSource{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_api_v2_core_config_source_proto_msgTypes[0]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *ApiConfigSource) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*ApiConfigSource) ProtoMessage() {}
+
+func (x *ApiConfigSource) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_api_v2_core_config_source_proto_msgTypes[0]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use ApiConfigSource.ProtoReflect.Descriptor instead.
+func (*ApiConfigSource) Descriptor() ([]byte, []int) {
+	return file_envoy_api_v2_core_config_source_proto_rawDescGZIP(), []int{0}
+}
+
+func (x *ApiConfigSource) GetApiType() ApiConfigSource_ApiType {
+	if x != nil {
+		return x.ApiType
+	}
+	return ApiConfigSource_UNSUPPORTED_REST_LEGACY
+}
+
+func (x *ApiConfigSource) GetTransportApiVersion() ApiVersion {
+	if x != nil {
+		return x.TransportApiVersion
+	}
+	return ApiVersion_AUTO
+}
+
+func (x *ApiConfigSource) GetClusterNames() []string {
+	if x != nil {
+		return x.ClusterNames
+	}
+	return nil
+}
+
+func (x *ApiConfigSource) GetGrpcServices() []*GrpcService {
+	if x != nil {
+		return x.GrpcServices
+	}
+	return nil
+}
+
+func (x *ApiConfigSource) GetRefreshDelay() *duration.Duration {
+	if x != nil {
+		return x.RefreshDelay
+	}
+	return nil
+}
+
+func (x *ApiConfigSource) GetRequestTimeout() *duration.Duration {
+	if x != nil {
+		return x.RequestTimeout
+	}
+	return nil
+}
+
+func (x *ApiConfigSource) GetRateLimitSettings() *RateLimitSettings {
+	if x != nil {
+		return x.RateLimitSettings
+	}
+	return nil
+}
+
+func (x *ApiConfigSource) GetSetNodeOnFirstMessageOnly() bool {
+	if x != nil {
+		return x.SetNodeOnFirstMessageOnly
+	}
+	return false
+}
+
+// Aggregated Discovery Service (ADS) options. This is currently empty, but when
+// set in :ref:`ConfigSource <envoy_api_msg_core.ConfigSource>` can be used to
+// specify that ADS is to be used.
+type AggregatedConfigSource struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+}
+
+func (x *AggregatedConfigSource) Reset() {
+	*x = AggregatedConfigSource{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_api_v2_core_config_source_proto_msgTypes[1]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *AggregatedConfigSource) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*AggregatedConfigSource) ProtoMessage() {}
+
+func (x *AggregatedConfigSource) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_api_v2_core_config_source_proto_msgTypes[1]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use AggregatedConfigSource.ProtoReflect.Descriptor instead.
+func (*AggregatedConfigSource) Descriptor() ([]byte, []int) {
+	return file_envoy_api_v2_core_config_source_proto_rawDescGZIP(), []int{1}
+}
+
+// [#not-implemented-hide:]
+// Self-referencing config source options. This is currently empty, but when
+// set in :ref:`ConfigSource <envoy_api_msg_core.ConfigSource>` can be used to
+// specify that other data can be obtained from the same server.
+type SelfConfigSource struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// API version for xDS transport protocol. This describes the xDS gRPC/REST
+	// endpoint and version of [Delta]DiscoveryRequest/Response used on the wire.
+	TransportApiVersion ApiVersion `protobuf:"varint,1,opt,name=transport_api_version,json=transportApiVersion,proto3,enum=envoy.api.v2.core.ApiVersion" json:"transport_api_version,omitempty"`
+}
+
+func (x *SelfConfigSource) Reset() {
+	*x = SelfConfigSource{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_api_v2_core_config_source_proto_msgTypes[2]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *SelfConfigSource) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*SelfConfigSource) ProtoMessage() {}
+
+func (x *SelfConfigSource) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_api_v2_core_config_source_proto_msgTypes[2]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use SelfConfigSource.ProtoReflect.Descriptor instead.
+func (*SelfConfigSource) Descriptor() ([]byte, []int) {
+	return file_envoy_api_v2_core_config_source_proto_rawDescGZIP(), []int{2}
+}
+
+func (x *SelfConfigSource) GetTransportApiVersion() ApiVersion {
+	if x != nil {
+		return x.TransportApiVersion
+	}
+	return ApiVersion_AUTO
+}
+
+// Rate Limit settings to be applied for discovery requests made by Envoy.
+type RateLimitSettings struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// Maximum number of tokens to be used for rate limiting discovery request calls. If not set, a
+	// default value of 100 will be used.
+	MaxTokens *wrappers.UInt32Value `protobuf:"bytes,1,opt,name=max_tokens,json=maxTokens,proto3" json:"max_tokens,omitempty"`
+	// Rate at which tokens will be filled per second. If not set, a default fill rate of 10 tokens
+	// per second will be used.
+	FillRate *wrappers.DoubleValue `protobuf:"bytes,2,opt,name=fill_rate,json=fillRate,proto3" json:"fill_rate,omitempty"`
+}
+
+func (x *RateLimitSettings) Reset() {
+	*x = RateLimitSettings{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_api_v2_core_config_source_proto_msgTypes[3]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *RateLimitSettings) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*RateLimitSettings) ProtoMessage() {}
+
+func (x *RateLimitSettings) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_api_v2_core_config_source_proto_msgTypes[3]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use RateLimitSettings.ProtoReflect.Descriptor instead.
+func (*RateLimitSettings) Descriptor() ([]byte, []int) {
+	return file_envoy_api_v2_core_config_source_proto_rawDescGZIP(), []int{3}
+}
+
+func (x *RateLimitSettings) GetMaxTokens() *wrappers.UInt32Value {
+	if x != nil {
+		return x.MaxTokens
+	}
+	return nil
+}
+
+func (x *RateLimitSettings) GetFillRate() *wrappers.DoubleValue {
+	if x != nil {
+		return x.FillRate
+	}
+	return nil
+}
+
+// Configuration for :ref:`listeners <config_listeners>`, :ref:`clusters
+// <config_cluster_manager>`, :ref:`routes
+// <envoy_api_msg_RouteConfiguration>`, :ref:`endpoints
+// <arch_overview_service_discovery>` etc. may either be sourced from the
+// filesystem or from an xDS API source. Filesystem configs are watched with
+// inotify for updates.
+// [#next-free-field: 7]
+type ConfigSource struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// Types that are assignable to ConfigSourceSpecifier:
+	//	*ConfigSource_Path
+	//	*ConfigSource_ApiConfigSource
+	//	*ConfigSource_Ads
+	//	*ConfigSource_Self
+	ConfigSourceSpecifier isConfigSource_ConfigSourceSpecifier `protobuf_oneof:"config_source_specifier"`
+	// When this timeout is specified, Envoy will wait no longer than the specified time for first
+	// config response on this xDS subscription during the :ref:`initialization process
+	// <arch_overview_initialization>`. After reaching the timeout, Envoy will move to the next
+	// initialization phase, even if the first config is not delivered yet. The timer is activated
+	// when the xDS API subscription starts, and is disarmed on first config update or on error. 0
+	// means no timeout - Envoy will wait indefinitely for the first xDS config (unless another
+	// timeout applies). The default is 15s.
+	InitialFetchTimeout *duration.Duration `protobuf:"bytes,4,opt,name=initial_fetch_timeout,json=initialFetchTimeout,proto3" json:"initial_fetch_timeout,omitempty"`
+	// API version for xDS resources. This implies the type URLs that the client
+	// will request for resources and the resource type that the client will in
+	// turn expect to be delivered.
+	ResourceApiVersion ApiVersion `protobuf:"varint,6,opt,name=resource_api_version,json=resourceApiVersion,proto3,enum=envoy.api.v2.core.ApiVersion" json:"resource_api_version,omitempty"`
+}
+
+func (x *ConfigSource) Reset() {
+	*x = ConfigSource{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_api_v2_core_config_source_proto_msgTypes[4]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *ConfigSource) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*ConfigSource) ProtoMessage() {}
+
+func (x *ConfigSource) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_api_v2_core_config_source_proto_msgTypes[4]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use ConfigSource.ProtoReflect.Descriptor instead.
+func (*ConfigSource) Descriptor() ([]byte, []int) {
+	return file_envoy_api_v2_core_config_source_proto_rawDescGZIP(), []int{4}
+}
+
+func (m *ConfigSource) GetConfigSourceSpecifier() isConfigSource_ConfigSourceSpecifier {
+	if m != nil {
+		return m.ConfigSourceSpecifier
+	}
+	return nil
+}
+
+func (x *ConfigSource) GetPath() string {
+	if x, ok := x.GetConfigSourceSpecifier().(*ConfigSource_Path); ok {
+		return x.Path
+	}
+	return ""
+}
+
+func (x *ConfigSource) GetApiConfigSource() *ApiConfigSource {
+	if x, ok := x.GetConfigSourceSpecifier().(*ConfigSource_ApiConfigSource); ok {
+		return x.ApiConfigSource
+	}
+	return nil
+}
+
+func (x *ConfigSource) GetAds() *AggregatedConfigSource {
+	if x, ok := x.GetConfigSourceSpecifier().(*ConfigSource_Ads); ok {
+		return x.Ads
+	}
+	return nil
+}
+
+func (x *ConfigSource) GetSelf() *SelfConfigSource {
+	if x, ok := x.GetConfigSourceSpecifier().(*ConfigSource_Self); ok {
+		return x.Self
+	}
+	return nil
+}
+
+func (x *ConfigSource) GetInitialFetchTimeout() *duration.Duration {
+	if x != nil {
+		return x.InitialFetchTimeout
+	}
+	return nil
+}
+
+func (x *ConfigSource) GetResourceApiVersion() ApiVersion {
+	if x != nil {
+		return x.ResourceApiVersion
+	}
+	return ApiVersion_AUTO
+}
+
+type isConfigSource_ConfigSourceSpecifier interface {
+	isConfigSource_ConfigSourceSpecifier()
+}
+
+type ConfigSource_Path struct {
+	// Path on the filesystem to source and watch for configuration updates.
+	// When sourcing configuration for :ref:`secret <envoy_api_msg_auth.Secret>`,
+	// the certificate and key files are also watched for updates.
+	//
+	// .. note::
+	//
+	//  The path to the source must exist at config load time.
+	//
+	// .. note::
+	//
+	//   Envoy will only watch the file path for *moves.* This is because in general only moves
+	//   are atomic. The same method of swapping files as is demonstrated in the
+	//   :ref:`runtime documentation <config_runtime_symbolic_link_swap>` can be used here also.
+	Path string `protobuf:"bytes,1,opt,name=path,proto3,oneof"`
+}
+
+type ConfigSource_ApiConfigSource struct {
+	// API configuration source.
+	ApiConfigSource *ApiConfigSource `protobuf:"bytes,2,opt,name=api_config_source,json=apiConfigSource,proto3,oneof"`
+}
+
+type ConfigSource_Ads struct {
+	// When set, ADS will be used to fetch resources. The ADS API configuration
+	// source in the bootstrap configuration is used.
+	Ads *AggregatedConfigSource `protobuf:"bytes,3,opt,name=ads,proto3,oneof"`
+}
+
+type ConfigSource_Self struct {
+	// [#not-implemented-hide:]
+	// When set, the client will access the resources from the same server it got the
+	// ConfigSource from, although not necessarily from the same stream. This is similar to the
+	// :ref:`ads<envoy_api_field.ConfigSource.ads>` field, except that the client may use a
+	// different stream to the same server. As a result, this field can be used for things
+	// like LRS that cannot be sent on an ADS stream. It can also be used to link from (e.g.)
+	// LDS to RDS on the same server without requiring the management server to know its name
+	// or required credentials.
+	// [#next-major-version: In xDS v3, consider replacing the ads field with this one, since
+	// this field can implicitly mean to use the same stream in the case where the ConfigSource
+	// is provided via ADS and the specified data can also be obtained via ADS.]
+	Self *SelfConfigSource `protobuf:"bytes,5,opt,name=self,proto3,oneof"`
+}
+
+func (*ConfigSource_Path) isConfigSource_ConfigSourceSpecifier() {}
+
+func (*ConfigSource_ApiConfigSource) isConfigSource_ConfigSourceSpecifier() {}
+
+func (*ConfigSource_Ads) isConfigSource_ConfigSourceSpecifier() {}
+
+func (*ConfigSource_Self) isConfigSource_ConfigSourceSpecifier() {}
+
+var File_envoy_api_v2_core_config_source_proto protoreflect.FileDescriptor
+
+var file_envoy_api_v2_core_config_source_proto_rawDesc = []byte{
+	0x0a, 0x25, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2f, 0x61, 0x70, 0x69, 0x2f, 0x76, 0x32, 0x2f, 0x63,
+	0x6f, 0x72, 0x65, 0x2f, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x5f, 0x73, 0x6f, 0x75, 0x72, 0x63,
+	0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x12, 0x11, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61,
+	0x70, 0x69, 0x2e, 0x76, 0x32, 0x2e, 0x63, 0x6f, 0x72, 0x65, 0x1a, 0x24, 0x65, 0x6e, 0x76, 0x6f,
+	0x79, 0x2f, 0x61, 0x70, 0x69, 0x2f, 0x76, 0x32, 0x2f, 0x63, 0x6f, 0x72, 0x65, 0x2f, 0x67, 0x72,
+	0x70, 0x63, 0x5f, 0x73, 0x65, 0x72, 0x76, 0x69, 0x63, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f,
+	0x1a, 0x1e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2f, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75,
+	0x66, 0x2f, 0x64, 0x75, 0x72, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f,
+	0x1a, 0x1e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2f, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75,
+	0x66, 0x2f, 0x77, 0x72, 0x61, 0x70, 0x70, 0x65, 0x72, 0x73, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f,
+	0x1a, 0x23, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2f, 0x61, 0x6e, 0x6e, 0x6f, 0x74, 0x61, 0x74, 0x69,
+	0x6f, 0x6e, 0x73, 0x2f, 0x64, 0x65, 0x70, 0x72, 0x65, 0x63, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x2e,
+	0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x1e, 0x75, 0x64, 0x70, 0x61, 0x2f, 0x61, 0x6e, 0x6e, 0x6f,
+	0x74, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x2f, 0x6d, 0x69, 0x67, 0x72, 0x61, 0x74, 0x65, 0x2e,
+	0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x1d, 0x75, 0x64, 0x70, 0x61, 0x2f, 0x61, 0x6e, 0x6e, 0x6f,
+	0x74, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x2f, 0x73, 0x74, 0x61, 0x74, 0x75, 0x73, 0x2e, 0x70,
+	0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x17, 0x76, 0x61, 0x6c, 0x69, 0x64, 0x61, 0x74, 0x65, 0x2f, 0x76,
+	0x61, 0x6c, 0x69, 0x64, 0x61, 0x74, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x22, 0xa6, 0x05,
+	0x0a, 0x0f, 0x41, 0x70, 0x69, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x53, 0x6f, 0x75, 0x72, 0x63,
+	0x65, 0x12, 0x4f, 0x0a, 0x08, 0x61, 0x70, 0x69, 0x5f, 0x74, 0x79, 0x70, 0x65, 0x18, 0x01, 0x20,
+	0x01, 0x28, 0x0e, 0x32, 0x2a, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61, 0x70, 0x69, 0x2e,
+	0x76, 0x32, 0x2e, 0x63, 0x6f, 0x72, 0x65, 0x2e, 0x41, 0x70, 0x69, 0x43, 0x6f, 0x6e, 0x66, 0x69,
+	0x67, 0x53, 0x6f, 0x75, 0x72, 0x63, 0x65, 0x2e, 0x41, 0x70, 0x69, 0x54, 0x79, 0x70, 0x65, 0x42,
+	0x08, 0xfa, 0x42, 0x05, 0x82, 0x01, 0x02, 0x10, 0x01, 0x52, 0x07, 0x61, 0x70, 0x69, 0x54, 0x79,
+	0x70, 0x65, 0x12, 0x5b, 0x0a, 0x15, 0x74, 0x72, 0x61, 0x6e, 0x73, 0x70, 0x6f, 0x72, 0x74, 0x5f,
+	0x61, 0x70, 0x69, 0x5f, 0x76, 0x65, 0x72, 0x73, 0x69, 0x6f, 0x6e, 0x18, 0x08, 0x20, 0x01, 0x28,
+	0x0e, 0x32, 0x1d, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x76, 0x32,
+	0x2e, 0x63, 0x6f, 0x72, 0x65, 0x2e, 0x41, 0x70, 0x69, 0x56, 0x65, 0x72, 0x73, 0x69, 0x6f, 0x6e,
+	0x42, 0x08, 0xfa, 0x42, 0x05, 0x82, 0x01, 0x02, 0x10, 0x01, 0x52, 0x13, 0x74, 0x72, 0x61, 0x6e,
+	0x73, 0x70, 0x6f, 0x72, 0x74, 0x41, 0x70, 0x69, 0x56, 0x65, 0x72, 0x73, 0x69, 0x6f, 0x6e, 0x12,
+	0x23, 0x0a, 0x0d, 0x63, 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0x5f, 0x6e, 0x61, 0x6d, 0x65, 0x73,
+	0x18, 0x02, 0x20, 0x03, 0x28, 0x09, 0x52, 0x0c, 0x63, 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0x4e,
+	0x61, 0x6d, 0x65, 0x73, 0x12, 0x43, 0x0a, 0x0d, 0x67, 0x72, 0x70, 0x63, 0x5f, 0x73, 0x65, 0x72,
+	0x76, 0x69, 0x63, 0x65, 0x73, 0x18, 0x04, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x1e, 0x2e, 0x65, 0x6e,
+	0x76, 0x6f, 0x79, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x76, 0x32, 0x2e, 0x63, 0x6f, 0x72, 0x65, 0x2e,
+	0x47, 0x72, 0x70, 0x63, 0x53, 0x65, 0x72, 0x76, 0x69, 0x63, 0x65, 0x52, 0x0c, 0x67, 0x72, 0x70,
+	0x63, 0x53, 0x65, 0x72, 0x76, 0x69, 0x63, 0x65, 0x73, 0x12, 0x3e, 0x0a, 0x0d, 0x72, 0x65, 0x66,
+	0x72, 0x65, 0x73, 0x68, 0x5f, 0x64, 0x65, 0x6c, 0x61, 0x79, 0x18, 0x03, 0x20, 0x01, 0x28, 0x0b,
+	0x32, 0x19, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62,
+	0x75, 0x66, 0x2e, 0x44, 0x75, 0x72, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x52, 0x0c, 0x72, 0x65, 0x66,
+	0x72, 0x65, 0x73, 0x68, 0x44, 0x65, 0x6c, 0x61, 0x79, 0x12, 0x4c, 0x0a, 0x0f, 0x72, 0x65, 0x71,
+	0x75, 0x65, 0x73, 0x74, 0x5f, 0x74, 0x69, 0x6d, 0x65, 0x6f, 0x75, 0x74, 0x18, 0x05, 0x20, 0x01,
+	0x28, 0x0b, 0x32, 0x19, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74,
+	0x6f, 0x62, 0x75, 0x66, 0x2e, 0x44, 0x75, 0x72, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x42, 0x08, 0xfa,
+	0x42, 0x05, 0xaa, 0x01, 0x02, 0x2a, 0x00, 0x52, 0x0e, 0x72, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74,
+	0x54, 0x69, 0x6d, 0x65, 0x6f, 0x75, 0x74, 0x12, 0x54, 0x0a, 0x13, 0x72, 0x61, 0x74, 0x65, 0x5f,
+	0x6c, 0x69, 0x6d, 0x69, 0x74, 0x5f, 0x73, 0x65, 0x74, 0x74, 0x69, 0x6e, 0x67, 0x73, 0x18, 0x06,
+	0x20, 0x01, 0x28, 0x0b, 0x32, 0x24, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61, 0x70, 0x69,
+	0x2e, 0x76, 0x32, 0x2e, 0x63, 0x6f, 0x72, 0x65, 0x2e, 0x52, 0x61, 0x74, 0x65, 0x4c, 0x69, 0x6d,
+	0x69, 0x74, 0x53, 0x65, 0x74, 0x74, 0x69, 0x6e, 0x67, 0x73, 0x52, 0x11, 0x72, 0x61, 0x74, 0x65,
+	0x4c, 0x69, 0x6d, 0x69, 0x74, 0x53, 0x65, 0x74, 0x74, 0x69, 0x6e, 0x67, 0x73, 0x12, 0x41, 0x0a,
+	0x1e, 0x73, 0x65, 0x74, 0x5f, 0x6e, 0x6f, 0x64, 0x65, 0x5f, 0x6f, 0x6e, 0x5f, 0x66, 0x69, 0x72,
+	0x73, 0x74, 0x5f, 0x6d, 0x65, 0x73, 0x73, 0x61, 0x67, 0x65, 0x5f, 0x6f, 0x6e, 0x6c, 0x79, 0x18,
+	0x07, 0x20, 0x01, 0x28, 0x08, 0x52, 0x19, 0x73, 0x65, 0x74, 0x4e, 0x6f, 0x64, 0x65, 0x4f, 0x6e,
+	0x46, 0x69, 0x72, 0x73, 0x74, 0x4d, 0x65, 0x73, 0x73, 0x61, 0x67, 0x65, 0x4f, 0x6e, 0x6c, 0x79,
+	0x22, 0x54, 0x0a, 0x07, 0x41, 0x70, 0x69, 0x54, 0x79, 0x70, 0x65, 0x12, 0x25, 0x0a, 0x17, 0x55,
+	0x4e, 0x53, 0x55, 0x50, 0x50, 0x4f, 0x52, 0x54, 0x45, 0x44, 0x5f, 0x52, 0x45, 0x53, 0x54, 0x5f,
+	0x4c, 0x45, 0x47, 0x41, 0x43, 0x59, 0x10, 0x00, 0x1a, 0x08, 0x08, 0x01, 0xa8, 0xf7, 0xb4, 0x8b,
+	0x02, 0x01, 0x12, 0x08, 0x0a, 0x04, 0x52, 0x45, 0x53, 0x54, 0x10, 0x01, 0x12, 0x08, 0x0a, 0x04,
+	0x47, 0x52, 0x50, 0x43, 0x10, 0x02, 0x12, 0x0e, 0x0a, 0x0a, 0x44, 0x45, 0x4c, 0x54, 0x41, 0x5f,
+	0x47, 0x52, 0x50, 0x43, 0x10, 0x03, 0x22, 0x18, 0x0a, 0x16, 0x41, 0x67, 0x67, 0x72, 0x65, 0x67,
+	0x61, 0x74, 0x65, 0x64, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x53, 0x6f, 0x75, 0x72, 0x63, 0x65,
+	0x22, 0x6f, 0x0a, 0x10, 0x53, 0x65, 0x6c, 0x66, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x53, 0x6f,
+	0x75, 0x72, 0x63, 0x65, 0x12, 0x5b, 0x0a, 0x15, 0x74, 0x72, 0x61, 0x6e, 0x73, 0x70, 0x6f, 0x72,
+	0x74, 0x5f, 0x61, 0x70, 0x69, 0x5f, 0x76, 0x65, 0x72, 0x73, 0x69, 0x6f, 0x6e, 0x18, 0x01, 0x20,
+	0x01, 0x28, 0x0e, 0x32, 0x1d, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61, 0x70, 0x69, 0x2e,
+	0x76, 0x32, 0x2e, 0x63, 0x6f, 0x72, 0x65, 0x2e, 0x41, 0x70, 0x69, 0x56, 0x65, 0x72, 0x73, 0x69,
+	0x6f, 0x6e, 0x42, 0x08, 0xfa, 0x42, 0x05, 0x82, 0x01, 0x02, 0x10, 0x01, 0x52, 0x13, 0x74, 0x72,
+	0x61, 0x6e, 0x73, 0x70, 0x6f, 0x72, 0x74, 0x41, 0x70, 0x69, 0x56, 0x65, 0x72, 0x73, 0x69, 0x6f,
+	0x6e, 0x22, 0x9b, 0x01, 0x0a, 0x11, 0x52, 0x61, 0x74, 0x65, 0x4c, 0x69, 0x6d, 0x69, 0x74, 0x53,
+	0x65, 0x74, 0x74, 0x69, 0x6e, 0x67, 0x73, 0x12, 0x3b, 0x0a, 0x0a, 0x6d, 0x61, 0x78, 0x5f, 0x74,
+	0x6f, 0x6b, 0x65, 0x6e, 0x73, 0x18, 0x01, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1c, 0x2e, 0x67, 0x6f,
+	0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x55, 0x49,
+	0x6e, 0x74, 0x33, 0x32, 0x56, 0x61, 0x6c, 0x75, 0x65, 0x52, 0x09, 0x6d, 0x61, 0x78, 0x54, 0x6f,
+	0x6b, 0x65, 0x6e, 0x73, 0x12, 0x49, 0x0a, 0x09, 0x66, 0x69, 0x6c, 0x6c, 0x5f, 0x72, 0x61, 0x74,
+	0x65, 0x18, 0x02, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1c, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65,
+	0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x44, 0x6f, 0x75, 0x62, 0x6c, 0x65,
+	0x56, 0x61, 0x6c, 0x75, 0x65, 0x42, 0x0e, 0xfa, 0x42, 0x0b, 0x12, 0x09, 0x21, 0x00, 0x00, 0x00,
+	0x00, 0x00, 0x00, 0x00, 0x00, 0x52, 0x08, 0x66, 0x69, 0x6c, 0x6c, 0x52, 0x61, 0x74, 0x65, 0x22,
+	0xba, 0x03, 0x0a, 0x0c, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x53, 0x6f, 0x75, 0x72, 0x63, 0x65,
+	0x12, 0x14, 0x0a, 0x04, 0x70, 0x61, 0x74, 0x68, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x48, 0x00,
+	0x52, 0x04, 0x70, 0x61, 0x74, 0x68, 0x12, 0x50, 0x0a, 0x11, 0x61, 0x70, 0x69, 0x5f, 0x63, 0x6f,
+	0x6e, 0x66, 0x69, 0x67, 0x5f, 0x73, 0x6f, 0x75, 0x72, 0x63, 0x65, 0x18, 0x02, 0x20, 0x01, 0x28,
+	0x0b, 0x32, 0x22, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x76, 0x32,
+	0x2e, 0x63, 0x6f, 0x72, 0x65, 0x2e, 0x41, 0x70, 0x69, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x53,
+	0x6f, 0x75, 0x72, 0x63, 0x65, 0x48, 0x00, 0x52, 0x0f, 0x61, 0x70, 0x69, 0x43, 0x6f, 0x6e, 0x66,
+	0x69, 0x67, 0x53, 0x6f, 0x75, 0x72, 0x63, 0x65, 0x12, 0x3d, 0x0a, 0x03, 0x61, 0x64, 0x73, 0x18,
+	0x03, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x29, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61, 0x70,
+	0x69, 0x2e, 0x76, 0x32, 0x2e, 0x63, 0x6f, 0x72, 0x65, 0x2e, 0x41, 0x67, 0x67, 0x72, 0x65, 0x67,
+	0x61, 0x74, 0x65, 0x64, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x53, 0x6f, 0x75, 0x72, 0x63, 0x65,
+	0x48, 0x00, 0x52, 0x03, 0x61, 0x64, 0x73, 0x12, 0x39, 0x0a, 0x04, 0x73, 0x65, 0x6c, 0x66, 0x18,
+	0x05, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x23, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61, 0x70,
+	0x69, 0x2e, 0x76, 0x32, 0x2e, 0x63, 0x6f, 0x72, 0x65, 0x2e, 0x53, 0x65, 0x6c, 0x66, 0x43, 0x6f,
+	0x6e, 0x66, 0x69, 0x67, 0x53, 0x6f, 0x75, 0x72, 0x63, 0x65, 0x48, 0x00, 0x52, 0x04, 0x73, 0x65,
+	0x6c, 0x66, 0x12, 0x4d, 0x0a, 0x15, 0x69, 0x6e, 0x69, 0x74, 0x69, 0x61, 0x6c, 0x5f, 0x66, 0x65,
+	0x74, 0x63, 0x68, 0x5f, 0x74, 0x69, 0x6d, 0x65, 0x6f, 0x75, 0x74, 0x18, 0x04, 0x20, 0x01, 0x28,
+	0x0b, 0x32, 0x19, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f,
+	0x62, 0x75, 0x66, 0x2e, 0x44, 0x75, 0x72, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x52, 0x13, 0x69, 0x6e,
+	0x69, 0x74, 0x69, 0x61, 0x6c, 0x46, 0x65, 0x74, 0x63, 0x68, 0x54, 0x69, 0x6d, 0x65, 0x6f, 0x75,
+	0x74, 0x12, 0x59, 0x0a, 0x14, 0x72, 0x65, 0x73, 0x6f, 0x75, 0x72, 0x63, 0x65, 0x5f, 0x61, 0x70,
+	0x69, 0x5f, 0x76, 0x65, 0x72, 0x73, 0x69, 0x6f, 0x6e, 0x18, 0x06, 0x20, 0x01, 0x28, 0x0e, 0x32,
+	0x1d, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x76, 0x32, 0x2e, 0x63,
+	0x6f, 0x72, 0x65, 0x2e, 0x41, 0x70, 0x69, 0x56, 0x65, 0x72, 0x73, 0x69, 0x6f, 0x6e, 0x42, 0x08,
+	0xfa, 0x42, 0x05, 0x82, 0x01, 0x02, 0x10, 0x01, 0x52, 0x12, 0x72, 0x65, 0x73, 0x6f, 0x75, 0x72,
+	0x63, 0x65, 0x41, 0x70, 0x69, 0x56, 0x65, 0x72, 0x73, 0x69, 0x6f, 0x6e, 0x42, 0x1e, 0x0a, 0x17,
+	0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x5f, 0x73, 0x6f, 0x75, 0x72, 0x63, 0x65, 0x5f, 0x73, 0x70,
+	0x65, 0x63, 0x69, 0x66, 0x69, 0x65, 0x72, 0x12, 0x03, 0xf8, 0x42, 0x01, 0x2a, 0x2e, 0x0a, 0x0a,
+	0x41, 0x70, 0x69, 0x56, 0x65, 0x72, 0x73, 0x69, 0x6f, 0x6e, 0x12, 0x0c, 0x0a, 0x04, 0x41, 0x55,
+	0x54, 0x4f, 0x10, 0x00, 0x1a, 0x02, 0x08, 0x01, 0x12, 0x0a, 0x0a, 0x02, 0x56, 0x32, 0x10, 0x01,
+	0x1a, 0x02, 0x08, 0x01, 0x12, 0x06, 0x0a, 0x02, 0x56, 0x33, 0x10, 0x02, 0x42, 0x5a, 0x0a, 0x1f,
+	0x69, 0x6f, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x70, 0x72, 0x6f, 0x78, 0x79, 0x2e, 0x65, 0x6e,
+	0x76, 0x6f, 0x79, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x76, 0x32, 0x2e, 0x63, 0x6f, 0x72, 0x65, 0x42,
+	0x11, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x53, 0x6f, 0x75, 0x72, 0x63, 0x65, 0x50, 0x72, 0x6f,
+	0x74, 0x6f, 0x50, 0x01, 0xf2, 0x98, 0xfe, 0x8f, 0x05, 0x16, 0x12, 0x14, 0x65, 0x6e, 0x76, 0x6f,
+	0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x63, 0x6f, 0x72, 0x65, 0x2e, 0x76, 0x33,
+	0xba, 0x80, 0xc8, 0xd1, 0x06, 0x02, 0x10, 0x01, 0x62, 0x06, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x33,
+}
+
+var (
+	file_envoy_api_v2_core_config_source_proto_rawDescOnce sync.Once
+	file_envoy_api_v2_core_config_source_proto_rawDescData = file_envoy_api_v2_core_config_source_proto_rawDesc
+)
+
+func file_envoy_api_v2_core_config_source_proto_rawDescGZIP() []byte {
+	file_envoy_api_v2_core_config_source_proto_rawDescOnce.Do(func() {
+		file_envoy_api_v2_core_config_source_proto_rawDescData = protoimpl.X.CompressGZIP(file_envoy_api_v2_core_config_source_proto_rawDescData)
+	})
+	return file_envoy_api_v2_core_config_source_proto_rawDescData
+}
+
+var file_envoy_api_v2_core_config_source_proto_enumTypes = make([]protoimpl.EnumInfo, 2)
+var file_envoy_api_v2_core_config_source_proto_msgTypes = make([]protoimpl.MessageInfo, 5)
+var file_envoy_api_v2_core_config_source_proto_goTypes = []interface{}{
+	(ApiVersion)(0),                // 0: envoy.api.v2.core.ApiVersion
+	(ApiConfigSource_ApiType)(0),   // 1: envoy.api.v2.core.ApiConfigSource.ApiType
+	(*ApiConfigSource)(nil),        // 2: envoy.api.v2.core.ApiConfigSource
+	(*AggregatedConfigSource)(nil), // 3: envoy.api.v2.core.AggregatedConfigSource
+	(*SelfConfigSource)(nil),       // 4: envoy.api.v2.core.SelfConfigSource
+	(*RateLimitSettings)(nil),      // 5: envoy.api.v2.core.RateLimitSettings
+	(*ConfigSource)(nil),           // 6: envoy.api.v2.core.ConfigSource
+	(*GrpcService)(nil),            // 7: envoy.api.v2.core.GrpcService
+	(*duration.Duration)(nil),      // 8: google.protobuf.Duration
+	(*wrappers.UInt32Value)(nil),   // 9: google.protobuf.UInt32Value
+	(*wrappers.DoubleValue)(nil),   // 10: google.protobuf.DoubleValue
+}
+var file_envoy_api_v2_core_config_source_proto_depIdxs = []int32{
+	1,  // 0: envoy.api.v2.core.ApiConfigSource.api_type:type_name -> envoy.api.v2.core.ApiConfigSource.ApiType
+	0,  // 1: envoy.api.v2.core.ApiConfigSource.transport_api_version:type_name -> envoy.api.v2.core.ApiVersion
+	7,  // 2: envoy.api.v2.core.ApiConfigSource.grpc_services:type_name -> envoy.api.v2.core.GrpcService
+	8,  // 3: envoy.api.v2.core.ApiConfigSource.refresh_delay:type_name -> google.protobuf.Duration
+	8,  // 4: envoy.api.v2.core.ApiConfigSource.request_timeout:type_name -> google.protobuf.Duration
+	5,  // 5: envoy.api.v2.core.ApiConfigSource.rate_limit_settings:type_name -> envoy.api.v2.core.RateLimitSettings
+	0,  // 6: envoy.api.v2.core.SelfConfigSource.transport_api_version:type_name -> envoy.api.v2.core.ApiVersion
+	9,  // 7: envoy.api.v2.core.RateLimitSettings.max_tokens:type_name -> google.protobuf.UInt32Value
+	10, // 8: envoy.api.v2.core.RateLimitSettings.fill_rate:type_name -> google.protobuf.DoubleValue
+	2,  // 9: envoy.api.v2.core.ConfigSource.api_config_source:type_name -> envoy.api.v2.core.ApiConfigSource
+	3,  // 10: envoy.api.v2.core.ConfigSource.ads:type_name -> envoy.api.v2.core.AggregatedConfigSource
+	4,  // 11: envoy.api.v2.core.ConfigSource.self:type_name -> envoy.api.v2.core.SelfConfigSource
+	8,  // 12: envoy.api.v2.core.ConfigSource.initial_fetch_timeout:type_name -> google.protobuf.Duration
+	0,  // 13: envoy.api.v2.core.ConfigSource.resource_api_version:type_name -> envoy.api.v2.core.ApiVersion
+	14, // [14:14] is the sub-list for method output_type
+	14, // [14:14] is the sub-list for method input_type
+	14, // [14:14] is the sub-list for extension type_name
+	14, // [14:14] is the sub-list for extension extendee
+	0,  // [0:14] is the sub-list for field type_name
+}
+
+func init() { file_envoy_api_v2_core_config_source_proto_init() }
+func file_envoy_api_v2_core_config_source_proto_init() {
+	if File_envoy_api_v2_core_config_source_proto != nil {
+		return
+	}
+	file_envoy_api_v2_core_grpc_service_proto_init()
+	if !protoimpl.UnsafeEnabled {
+		file_envoy_api_v2_core_config_source_proto_msgTypes[0].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*ApiConfigSource); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_api_v2_core_config_source_proto_msgTypes[1].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*AggregatedConfigSource); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_api_v2_core_config_source_proto_msgTypes[2].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*SelfConfigSource); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_api_v2_core_config_source_proto_msgTypes[3].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*RateLimitSettings); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_api_v2_core_config_source_proto_msgTypes[4].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*ConfigSource); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+	}
+	file_envoy_api_v2_core_config_source_proto_msgTypes[4].OneofWrappers = []interface{}{
+		(*ConfigSource_Path)(nil),
+		(*ConfigSource_ApiConfigSource)(nil),
+		(*ConfigSource_Ads)(nil),
+		(*ConfigSource_Self)(nil),
+	}
+	type x struct{}
+	out := protoimpl.TypeBuilder{
+		File: protoimpl.DescBuilder{
+			GoPackagePath: reflect.TypeOf(x{}).PkgPath(),
+			RawDescriptor: file_envoy_api_v2_core_config_source_proto_rawDesc,
+			NumEnums:      2,
+			NumMessages:   5,
+			NumExtensions: 0,
+			NumServices:   0,
+		},
+		GoTypes:           file_envoy_api_v2_core_config_source_proto_goTypes,
+		DependencyIndexes: file_envoy_api_v2_core_config_source_proto_depIdxs,
+		EnumInfos:         file_envoy_api_v2_core_config_source_proto_enumTypes,
+		MessageInfos:      file_envoy_api_v2_core_config_source_proto_msgTypes,
+	}.Build()
+	File_envoy_api_v2_core_config_source_proto = out.File
+	file_envoy_api_v2_core_config_source_proto_rawDesc = nil
+	file_envoy_api_v2_core_config_source_proto_goTypes = nil
+	file_envoy_api_v2_core_config_source_proto_depIdxs = nil
+}
diff --git a/vendor/github.com/envoyproxy/go-control-plane/envoy/api/v2/core/config_source.pb.validate.go b/vendor/github.com/envoyproxy/go-control-plane/envoy/api/v2/core/config_source.pb.validate.go
new file mode 100644
index 00000000000..8e2a70b77ff
--- /dev/null
+++ b/vendor/github.com/envoyproxy/go-control-plane/envoy/api/v2/core/config_source.pb.validate.go
@@ -0,0 +1,885 @@
+// Code generated by protoc-gen-validate. DO NOT EDIT.
+// source: envoy/api/v2/core/config_source.proto
+
+package envoy_api_v2_core
+
+import (
+	"bytes"
+	"errors"
+	"fmt"
+	"net"
+	"net/mail"
+	"net/url"
+	"regexp"
+	"sort"
+	"strings"
+	"time"
+	"unicode/utf8"
+
+	"google.golang.org/protobuf/types/known/anypb"
+)
+
+// ensure the imports are used
+var (
+	_ = bytes.MinRead
+	_ = errors.New("")
+	_ = fmt.Print
+	_ = utf8.UTFMax
+	_ = (*regexp.Regexp)(nil)
+	_ = (*strings.Reader)(nil)
+	_ = net.IPv4len
+	_ = time.Duration(0)
+	_ = (*url.URL)(nil)
+	_ = (*mail.Address)(nil)
+	_ = anypb.Any{}
+	_ = sort.Sort
+)
+
+// Validate checks the field values on ApiConfigSource with the rules defined
+// in the proto definition for this message. If any rules are violated, the
+// first error encountered is returned, or nil if there are no violations.
+func (m *ApiConfigSource) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on ApiConfigSource with the rules
+// defined in the proto definition for this message. If any rules are
+// violated, the result is a list of violation errors wrapped in
+// ApiConfigSourceMultiError, or nil if none found.
+func (m *ApiConfigSource) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *ApiConfigSource) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	if _, ok := ApiConfigSource_ApiType_name[int32(m.GetApiType())]; !ok {
+		err := ApiConfigSourceValidationError{
+			field:  "ApiType",
+			reason: "value must be one of the defined enum values",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+	}
+
+	if _, ok := ApiVersion_name[int32(m.GetTransportApiVersion())]; !ok {
+		err := ApiConfigSourceValidationError{
+			field:  "TransportApiVersion",
+			reason: "value must be one of the defined enum values",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+	}
+
+	for idx, item := range m.GetGrpcServices() {
+		_, _ = idx, item
+
+		if all {
+			switch v := interface{}(item).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, ApiConfigSourceValidationError{
+						field:  fmt.Sprintf("GrpcServices[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, ApiConfigSourceValidationError{
+						field:  fmt.Sprintf("GrpcServices[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(item).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return ApiConfigSourceValidationError{
+					field:  fmt.Sprintf("GrpcServices[%v]", idx),
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	}
+
+	if all {
+		switch v := interface{}(m.GetRefreshDelay()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, ApiConfigSourceValidationError{
+					field:  "RefreshDelay",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, ApiConfigSourceValidationError{
+					field:  "RefreshDelay",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetRefreshDelay()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return ApiConfigSourceValidationError{
+				field:  "RefreshDelay",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if d := m.GetRequestTimeout(); d != nil {
+		dur, err := d.AsDuration(), d.CheckValid()
+		if err != nil {
+			err = ApiConfigSourceValidationError{
+				field:  "RequestTimeout",
+				reason: "value is not a valid duration",
+				cause:  err,
+			}
+			if !all {
+				return err
+			}
+			errors = append(errors, err)
+		} else {
+
+			gt := time.Duration(0*time.Second + 0*time.Nanosecond)
+
+			if dur <= gt {
+				err := ApiConfigSourceValidationError{
+					field:  "RequestTimeout",
+					reason: "value must be greater than 0s",
+				}
+				if !all {
+					return err
+				}
+				errors = append(errors, err)
+			}
+
+		}
+	}
+
+	if all {
+		switch v := interface{}(m.GetRateLimitSettings()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, ApiConfigSourceValidationError{
+					field:  "RateLimitSettings",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, ApiConfigSourceValidationError{
+					field:  "RateLimitSettings",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetRateLimitSettings()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return ApiConfigSourceValidationError{
+				field:  "RateLimitSettings",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	// no validation rules for SetNodeOnFirstMessageOnly
+
+	if len(errors) > 0 {
+		return ApiConfigSourceMultiError(errors)
+	}
+	return nil
+}
+
+// ApiConfigSourceMultiError is an error wrapping multiple validation errors
+// returned by ApiConfigSource.ValidateAll() if the designated constraints
+// aren't met.
+type ApiConfigSourceMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m ApiConfigSourceMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m ApiConfigSourceMultiError) AllErrors() []error { return m }
+
+// ApiConfigSourceValidationError is the validation error returned by
+// ApiConfigSource.Validate if the designated constraints aren't met.
+type ApiConfigSourceValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e ApiConfigSourceValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e ApiConfigSourceValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e ApiConfigSourceValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e ApiConfigSourceValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e ApiConfigSourceValidationError) ErrorName() string { return "ApiConfigSourceValidationError" }
+
+// Error satisfies the builtin error interface
+func (e ApiConfigSourceValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sApiConfigSource.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = ApiConfigSourceValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = ApiConfigSourceValidationError{}
+
+// Validate checks the field values on AggregatedConfigSource with the rules
+// defined in the proto definition for this message. If any rules are
+// violated, the first error encountered is returned, or nil if there are no violations.
+func (m *AggregatedConfigSource) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on AggregatedConfigSource with the rules
+// defined in the proto definition for this message. If any rules are
+// violated, the result is a list of violation errors wrapped in
+// AggregatedConfigSourceMultiError, or nil if none found.
+func (m *AggregatedConfigSource) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *AggregatedConfigSource) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	if len(errors) > 0 {
+		return AggregatedConfigSourceMultiError(errors)
+	}
+	return nil
+}
+
+// AggregatedConfigSourceMultiError is an error wrapping multiple validation
+// errors returned by AggregatedConfigSource.ValidateAll() if the designated
+// constraints aren't met.
+type AggregatedConfigSourceMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m AggregatedConfigSourceMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m AggregatedConfigSourceMultiError) AllErrors() []error { return m }
+
+// AggregatedConfigSourceValidationError is the validation error returned by
+// AggregatedConfigSource.Validate if the designated constraints aren't met.
+type AggregatedConfigSourceValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e AggregatedConfigSourceValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e AggregatedConfigSourceValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e AggregatedConfigSourceValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e AggregatedConfigSourceValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e AggregatedConfigSourceValidationError) ErrorName() string {
+	return "AggregatedConfigSourceValidationError"
+}
+
+// Error satisfies the builtin error interface
+func (e AggregatedConfigSourceValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sAggregatedConfigSource.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = AggregatedConfigSourceValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = AggregatedConfigSourceValidationError{}
+
+// Validate checks the field values on SelfConfigSource with the rules defined
+// in the proto definition for this message. If any rules are violated, the
+// first error encountered is returned, or nil if there are no violations.
+func (m *SelfConfigSource) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on SelfConfigSource with the rules
+// defined in the proto definition for this message. If any rules are
+// violated, the result is a list of violation errors wrapped in
+// SelfConfigSourceMultiError, or nil if none found.
+func (m *SelfConfigSource) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *SelfConfigSource) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	if _, ok := ApiVersion_name[int32(m.GetTransportApiVersion())]; !ok {
+		err := SelfConfigSourceValidationError{
+			field:  "TransportApiVersion",
+			reason: "value must be one of the defined enum values",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+	}
+
+	if len(errors) > 0 {
+		return SelfConfigSourceMultiError(errors)
+	}
+	return nil
+}
+
+// SelfConfigSourceMultiError is an error wrapping multiple validation errors
+// returned by SelfConfigSource.ValidateAll() if the designated constraints
+// aren't met.
+type SelfConfigSourceMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m SelfConfigSourceMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m SelfConfigSourceMultiError) AllErrors() []error { return m }
+
+// SelfConfigSourceValidationError is the validation error returned by
+// SelfConfigSource.Validate if the designated constraints aren't met.
+type SelfConfigSourceValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e SelfConfigSourceValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e SelfConfigSourceValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e SelfConfigSourceValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e SelfConfigSourceValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e SelfConfigSourceValidationError) ErrorName() string { return "SelfConfigSourceValidationError" }
+
+// Error satisfies the builtin error interface
+func (e SelfConfigSourceValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sSelfConfigSource.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = SelfConfigSourceValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = SelfConfigSourceValidationError{}
+
+// Validate checks the field values on RateLimitSettings with the rules defined
+// in the proto definition for this message. If any rules are violated, the
+// first error encountered is returned, or nil if there are no violations.
+func (m *RateLimitSettings) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on RateLimitSettings with the rules
+// defined in the proto definition for this message. If any rules are
+// violated, the result is a list of violation errors wrapped in
+// RateLimitSettingsMultiError, or nil if none found.
+func (m *RateLimitSettings) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *RateLimitSettings) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	if all {
+		switch v := interface{}(m.GetMaxTokens()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, RateLimitSettingsValidationError{
+					field:  "MaxTokens",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, RateLimitSettingsValidationError{
+					field:  "MaxTokens",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetMaxTokens()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return RateLimitSettingsValidationError{
+				field:  "MaxTokens",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if wrapper := m.GetFillRate(); wrapper != nil {
+
+		if wrapper.GetValue() <= 0 {
+			err := RateLimitSettingsValidationError{
+				field:  "FillRate",
+				reason: "value must be greater than 0",
+			}
+			if !all {
+				return err
+			}
+			errors = append(errors, err)
+		}
+
+	}
+
+	if len(errors) > 0 {
+		return RateLimitSettingsMultiError(errors)
+	}
+	return nil
+}
+
+// RateLimitSettingsMultiError is an error wrapping multiple validation errors
+// returned by RateLimitSettings.ValidateAll() if the designated constraints
+// aren't met.
+type RateLimitSettingsMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m RateLimitSettingsMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m RateLimitSettingsMultiError) AllErrors() []error { return m }
+
+// RateLimitSettingsValidationError is the validation error returned by
+// RateLimitSettings.Validate if the designated constraints aren't met.
+type RateLimitSettingsValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e RateLimitSettingsValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e RateLimitSettingsValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e RateLimitSettingsValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e RateLimitSettingsValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e RateLimitSettingsValidationError) ErrorName() string {
+	return "RateLimitSettingsValidationError"
+}
+
+// Error satisfies the builtin error interface
+func (e RateLimitSettingsValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sRateLimitSettings.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = RateLimitSettingsValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = RateLimitSettingsValidationError{}
+
+// Validate checks the field values on ConfigSource with the rules defined in
+// the proto definition for this message. If any rules are violated, the first
+// error encountered is returned, or nil if there are no violations.
+func (m *ConfigSource) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on ConfigSource with the rules defined
+// in the proto definition for this message. If any rules are violated, the
+// result is a list of violation errors wrapped in ConfigSourceMultiError, or
+// nil if none found.
+func (m *ConfigSource) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *ConfigSource) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	if all {
+		switch v := interface{}(m.GetInitialFetchTimeout()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, ConfigSourceValidationError{
+					field:  "InitialFetchTimeout",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, ConfigSourceValidationError{
+					field:  "InitialFetchTimeout",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetInitialFetchTimeout()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return ConfigSourceValidationError{
+				field:  "InitialFetchTimeout",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if _, ok := ApiVersion_name[int32(m.GetResourceApiVersion())]; !ok {
+		err := ConfigSourceValidationError{
+			field:  "ResourceApiVersion",
+			reason: "value must be one of the defined enum values",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+	}
+
+	switch m.ConfigSourceSpecifier.(type) {
+
+	case *ConfigSource_Path:
+		// no validation rules for Path
+
+	case *ConfigSource_ApiConfigSource:
+
+		if all {
+			switch v := interface{}(m.GetApiConfigSource()).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, ConfigSourceValidationError{
+						field:  "ApiConfigSource",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, ConfigSourceValidationError{
+						field:  "ApiConfigSource",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(m.GetApiConfigSource()).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return ConfigSourceValidationError{
+					field:  "ApiConfigSource",
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	case *ConfigSource_Ads:
+
+		if all {
+			switch v := interface{}(m.GetAds()).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, ConfigSourceValidationError{
+						field:  "Ads",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, ConfigSourceValidationError{
+						field:  "Ads",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(m.GetAds()).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return ConfigSourceValidationError{
+					field:  "Ads",
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	case *ConfigSource_Self:
+
+		if all {
+			switch v := interface{}(m.GetSelf()).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, ConfigSourceValidationError{
+						field:  "Self",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, ConfigSourceValidationError{
+						field:  "Self",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(m.GetSelf()).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return ConfigSourceValidationError{
+					field:  "Self",
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	default:
+		err := ConfigSourceValidationError{
+			field:  "ConfigSourceSpecifier",
+			reason: "value is required",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+
+	}
+
+	if len(errors) > 0 {
+		return ConfigSourceMultiError(errors)
+	}
+	return nil
+}
+
+// ConfigSourceMultiError is an error wrapping multiple validation errors
+// returned by ConfigSource.ValidateAll() if the designated constraints aren't met.
+type ConfigSourceMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m ConfigSourceMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m ConfigSourceMultiError) AllErrors() []error { return m }
+
+// ConfigSourceValidationError is the validation error returned by
+// ConfigSource.Validate if the designated constraints aren't met.
+type ConfigSourceValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e ConfigSourceValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e ConfigSourceValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e ConfigSourceValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e ConfigSourceValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e ConfigSourceValidationError) ErrorName() string { return "ConfigSourceValidationError" }
+
+// Error satisfies the builtin error interface
+func (e ConfigSourceValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sConfigSource.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = ConfigSourceValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = ConfigSourceValidationError{}
diff --git a/vendor/github.com/envoyproxy/go-control-plane/envoy/api/v2/core/event_service_config.pb.go b/vendor/github.com/envoyproxy/go-control-plane/envoy/api/v2/core/event_service_config.pb.go
new file mode 100644
index 00000000000..aea6965aecd
--- /dev/null
+++ b/vendor/github.com/envoyproxy/go-control-plane/envoy/api/v2/core/event_service_config.pb.go
@@ -0,0 +1,198 @@
+// Code generated by protoc-gen-go. DO NOT EDIT.
+// versions:
+// 	protoc-gen-go v1.25.0
+// 	protoc        v3.19.1
+// source: envoy/api/v2/core/event_service_config.proto
+
+package envoy_api_v2_core
+
+import (
+	_ "github.com/cncf/xds/go/udpa/annotations"
+	_ "github.com/envoyproxy/protoc-gen-validate/validate"
+	proto "github.com/golang/protobuf/proto"
+	protoreflect "google.golang.org/protobuf/reflect/protoreflect"
+	protoimpl "google.golang.org/protobuf/runtime/protoimpl"
+	reflect "reflect"
+	sync "sync"
+)
+
+const (
+	// Verify that this generated code is sufficiently up-to-date.
+	_ = protoimpl.EnforceVersion(20 - protoimpl.MinVersion)
+	// Verify that runtime/protoimpl is sufficiently up-to-date.
+	_ = protoimpl.EnforceVersion(protoimpl.MaxVersion - 20)
+)
+
+// This is a compile-time assertion that a sufficiently up-to-date version
+// of the legacy proto package is being used.
+const _ = proto.ProtoPackageIsVersion4
+
+// [#not-implemented-hide:]
+// Configuration of the event reporting service endpoint.
+type EventServiceConfig struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// Types that are assignable to ConfigSourceSpecifier:
+	//	*EventServiceConfig_GrpcService
+	ConfigSourceSpecifier isEventServiceConfig_ConfigSourceSpecifier `protobuf_oneof:"config_source_specifier"`
+}
+
+func (x *EventServiceConfig) Reset() {
+	*x = EventServiceConfig{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_api_v2_core_event_service_config_proto_msgTypes[0]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *EventServiceConfig) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*EventServiceConfig) ProtoMessage() {}
+
+func (x *EventServiceConfig) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_api_v2_core_event_service_config_proto_msgTypes[0]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use EventServiceConfig.ProtoReflect.Descriptor instead.
+func (*EventServiceConfig) Descriptor() ([]byte, []int) {
+	return file_envoy_api_v2_core_event_service_config_proto_rawDescGZIP(), []int{0}
+}
+
+func (m *EventServiceConfig) GetConfigSourceSpecifier() isEventServiceConfig_ConfigSourceSpecifier {
+	if m != nil {
+		return m.ConfigSourceSpecifier
+	}
+	return nil
+}
+
+func (x *EventServiceConfig) GetGrpcService() *GrpcService {
+	if x, ok := x.GetConfigSourceSpecifier().(*EventServiceConfig_GrpcService); ok {
+		return x.GrpcService
+	}
+	return nil
+}
+
+type isEventServiceConfig_ConfigSourceSpecifier interface {
+	isEventServiceConfig_ConfigSourceSpecifier()
+}
+
+type EventServiceConfig_GrpcService struct {
+	// Specifies the gRPC service that hosts the event reporting service.
+	GrpcService *GrpcService `protobuf:"bytes,1,opt,name=grpc_service,json=grpcService,proto3,oneof"`
+}
+
+func (*EventServiceConfig_GrpcService) isEventServiceConfig_ConfigSourceSpecifier() {}
+
+var File_envoy_api_v2_core_event_service_config_proto protoreflect.FileDescriptor
+
+var file_envoy_api_v2_core_event_service_config_proto_rawDesc = []byte{
+	0x0a, 0x2c, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2f, 0x61, 0x70, 0x69, 0x2f, 0x76, 0x32, 0x2f, 0x63,
+	0x6f, 0x72, 0x65, 0x2f, 0x65, 0x76, 0x65, 0x6e, 0x74, 0x5f, 0x73, 0x65, 0x72, 0x76, 0x69, 0x63,
+	0x65, 0x5f, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x12, 0x11,
+	0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x76, 0x32, 0x2e, 0x63, 0x6f, 0x72,
+	0x65, 0x1a, 0x24, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2f, 0x61, 0x70, 0x69, 0x2f, 0x76, 0x32, 0x2f,
+	0x63, 0x6f, 0x72, 0x65, 0x2f, 0x67, 0x72, 0x70, 0x63, 0x5f, 0x73, 0x65, 0x72, 0x76, 0x69, 0x63,
+	0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x1e, 0x75, 0x64, 0x70, 0x61, 0x2f, 0x61, 0x6e,
+	0x6e, 0x6f, 0x74, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x2f, 0x6d, 0x69, 0x67, 0x72, 0x61, 0x74,
+	0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x1d, 0x75, 0x64, 0x70, 0x61, 0x2f, 0x61, 0x6e,
+	0x6e, 0x6f, 0x74, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x2f, 0x73, 0x74, 0x61, 0x74, 0x75, 0x73,
+	0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x17, 0x76, 0x61, 0x6c, 0x69, 0x64, 0x61, 0x74, 0x65,
+	0x2f, 0x76, 0x61, 0x6c, 0x69, 0x64, 0x61, 0x74, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x22,
+	0x79, 0x0a, 0x12, 0x45, 0x76, 0x65, 0x6e, 0x74, 0x53, 0x65, 0x72, 0x76, 0x69, 0x63, 0x65, 0x43,
+	0x6f, 0x6e, 0x66, 0x69, 0x67, 0x12, 0x43, 0x0a, 0x0c, 0x67, 0x72, 0x70, 0x63, 0x5f, 0x73, 0x65,
+	0x72, 0x76, 0x69, 0x63, 0x65, 0x18, 0x01, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1e, 0x2e, 0x65, 0x6e,
+	0x76, 0x6f, 0x79, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x76, 0x32, 0x2e, 0x63, 0x6f, 0x72, 0x65, 0x2e,
+	0x47, 0x72, 0x70, 0x63, 0x53, 0x65, 0x72, 0x76, 0x69, 0x63, 0x65, 0x48, 0x00, 0x52, 0x0b, 0x67,
+	0x72, 0x70, 0x63, 0x53, 0x65, 0x72, 0x76, 0x69, 0x63, 0x65, 0x42, 0x1e, 0x0a, 0x17, 0x63, 0x6f,
+	0x6e, 0x66, 0x69, 0x67, 0x5f, 0x73, 0x6f, 0x75, 0x72, 0x63, 0x65, 0x5f, 0x73, 0x70, 0x65, 0x63,
+	0x69, 0x66, 0x69, 0x65, 0x72, 0x12, 0x03, 0xf8, 0x42, 0x01, 0x42, 0x60, 0x0a, 0x1f, 0x69, 0x6f,
+	0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x70, 0x72, 0x6f, 0x78, 0x79, 0x2e, 0x65, 0x6e, 0x76, 0x6f,
+	0x79, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x76, 0x32, 0x2e, 0x63, 0x6f, 0x72, 0x65, 0x42, 0x17, 0x45,
+	0x76, 0x65, 0x6e, 0x74, 0x53, 0x65, 0x72, 0x76, 0x69, 0x63, 0x65, 0x43, 0x6f, 0x6e, 0x66, 0x69,
+	0x67, 0x50, 0x72, 0x6f, 0x74, 0x6f, 0x50, 0x01, 0xf2, 0x98, 0xfe, 0x8f, 0x05, 0x16, 0x12, 0x14,
+	0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x63, 0x6f, 0x72,
+	0x65, 0x2e, 0x76, 0x33, 0xba, 0x80, 0xc8, 0xd1, 0x06, 0x02, 0x10, 0x01, 0x62, 0x06, 0x70, 0x72,
+	0x6f, 0x74, 0x6f, 0x33,
+}
+
+var (
+	file_envoy_api_v2_core_event_service_config_proto_rawDescOnce sync.Once
+	file_envoy_api_v2_core_event_service_config_proto_rawDescData = file_envoy_api_v2_core_event_service_config_proto_rawDesc
+)
+
+func file_envoy_api_v2_core_event_service_config_proto_rawDescGZIP() []byte {
+	file_envoy_api_v2_core_event_service_config_proto_rawDescOnce.Do(func() {
+		file_envoy_api_v2_core_event_service_config_proto_rawDescData = protoimpl.X.CompressGZIP(file_envoy_api_v2_core_event_service_config_proto_rawDescData)
+	})
+	return file_envoy_api_v2_core_event_service_config_proto_rawDescData
+}
+
+var file_envoy_api_v2_core_event_service_config_proto_msgTypes = make([]protoimpl.MessageInfo, 1)
+var file_envoy_api_v2_core_event_service_config_proto_goTypes = []interface{}{
+	(*EventServiceConfig)(nil), // 0: envoy.api.v2.core.EventServiceConfig
+	(*GrpcService)(nil),        // 1: envoy.api.v2.core.GrpcService
+}
+var file_envoy_api_v2_core_event_service_config_proto_depIdxs = []int32{
+	1, // 0: envoy.api.v2.core.EventServiceConfig.grpc_service:type_name -> envoy.api.v2.core.GrpcService
+	1, // [1:1] is the sub-list for method output_type
+	1, // [1:1] is the sub-list for method input_type
+	1, // [1:1] is the sub-list for extension type_name
+	1, // [1:1] is the sub-list for extension extendee
+	0, // [0:1] is the sub-list for field type_name
+}
+
+func init() { file_envoy_api_v2_core_event_service_config_proto_init() }
+func file_envoy_api_v2_core_event_service_config_proto_init() {
+	if File_envoy_api_v2_core_event_service_config_proto != nil {
+		return
+	}
+	file_envoy_api_v2_core_grpc_service_proto_init()
+	if !protoimpl.UnsafeEnabled {
+		file_envoy_api_v2_core_event_service_config_proto_msgTypes[0].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*EventServiceConfig); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+	}
+	file_envoy_api_v2_core_event_service_config_proto_msgTypes[0].OneofWrappers = []interface{}{
+		(*EventServiceConfig_GrpcService)(nil),
+	}
+	type x struct{}
+	out := protoimpl.TypeBuilder{
+		File: protoimpl.DescBuilder{
+			GoPackagePath: reflect.TypeOf(x{}).PkgPath(),
+			RawDescriptor: file_envoy_api_v2_core_event_service_config_proto_rawDesc,
+			NumEnums:      0,
+			NumMessages:   1,
+			NumExtensions: 0,
+			NumServices:   0,
+		},
+		GoTypes:           file_envoy_api_v2_core_event_service_config_proto_goTypes,
+		DependencyIndexes: file_envoy_api_v2_core_event_service_config_proto_depIdxs,
+		MessageInfos:      file_envoy_api_v2_core_event_service_config_proto_msgTypes,
+	}.Build()
+	File_envoy_api_v2_core_event_service_config_proto = out.File
+	file_envoy_api_v2_core_event_service_config_proto_rawDesc = nil
+	file_envoy_api_v2_core_event_service_config_proto_goTypes = nil
+	file_envoy_api_v2_core_event_service_config_proto_depIdxs = nil
+}
diff --git a/vendor/github.com/envoyproxy/go-control-plane/envoy/api/v2/core/event_service_config.pb.validate.go b/vendor/github.com/envoyproxy/go-control-plane/envoy/api/v2/core/event_service_config.pb.validate.go
new file mode 100644
index 00000000000..128c7a22d2a
--- /dev/null
+++ b/vendor/github.com/envoyproxy/go-control-plane/envoy/api/v2/core/event_service_config.pb.validate.go
@@ -0,0 +1,182 @@
+// Code generated by protoc-gen-validate. DO NOT EDIT.
+// source: envoy/api/v2/core/event_service_config.proto
+
+package envoy_api_v2_core
+
+import (
+	"bytes"
+	"errors"
+	"fmt"
+	"net"
+	"net/mail"
+	"net/url"
+	"regexp"
+	"sort"
+	"strings"
+	"time"
+	"unicode/utf8"
+
+	"google.golang.org/protobuf/types/known/anypb"
+)
+
+// ensure the imports are used
+var (
+	_ = bytes.MinRead
+	_ = errors.New("")
+	_ = fmt.Print
+	_ = utf8.UTFMax
+	_ = (*regexp.Regexp)(nil)
+	_ = (*strings.Reader)(nil)
+	_ = net.IPv4len
+	_ = time.Duration(0)
+	_ = (*url.URL)(nil)
+	_ = (*mail.Address)(nil)
+	_ = anypb.Any{}
+	_ = sort.Sort
+)
+
+// Validate checks the field values on EventServiceConfig with the rules
+// defined in the proto definition for this message. If any rules are
+// violated, the first error encountered is returned, or nil if there are no violations.
+func (m *EventServiceConfig) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on EventServiceConfig with the rules
+// defined in the proto definition for this message. If any rules are
+// violated, the result is a list of violation errors wrapped in
+// EventServiceConfigMultiError, or nil if none found.
+func (m *EventServiceConfig) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *EventServiceConfig) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	switch m.ConfigSourceSpecifier.(type) {
+
+	case *EventServiceConfig_GrpcService:
+
+		if all {
+			switch v := interface{}(m.GetGrpcService()).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, EventServiceConfigValidationError{
+						field:  "GrpcService",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, EventServiceConfigValidationError{
+						field:  "GrpcService",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(m.GetGrpcService()).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return EventServiceConfigValidationError{
+					field:  "GrpcService",
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	default:
+		err := EventServiceConfigValidationError{
+			field:  "ConfigSourceSpecifier",
+			reason: "value is required",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+
+	}
+
+	if len(errors) > 0 {
+		return EventServiceConfigMultiError(errors)
+	}
+	return nil
+}
+
+// EventServiceConfigMultiError is an error wrapping multiple validation errors
+// returned by EventServiceConfig.ValidateAll() if the designated constraints
+// aren't met.
+type EventServiceConfigMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m EventServiceConfigMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m EventServiceConfigMultiError) AllErrors() []error { return m }
+
+// EventServiceConfigValidationError is the validation error returned by
+// EventServiceConfig.Validate if the designated constraints aren't met.
+type EventServiceConfigValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e EventServiceConfigValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e EventServiceConfigValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e EventServiceConfigValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e EventServiceConfigValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e EventServiceConfigValidationError) ErrorName() string {
+	return "EventServiceConfigValidationError"
+}
+
+// Error satisfies the builtin error interface
+func (e EventServiceConfigValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sEventServiceConfig.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = EventServiceConfigValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = EventServiceConfigValidationError{}
diff --git a/vendor/github.com/envoyproxy/go-control-plane/envoy/api/v2/core/grpc_method_list.pb.go b/vendor/github.com/envoyproxy/go-control-plane/envoy/api/v2/core/grpc_method_list.pb.go
new file mode 100644
index 00000000000..07d6d3c382b
--- /dev/null
+++ b/vendor/github.com/envoyproxy/go-control-plane/envoy/api/v2/core/grpc_method_list.pb.go
@@ -0,0 +1,242 @@
+// Code generated by protoc-gen-go. DO NOT EDIT.
+// versions:
+// 	protoc-gen-go v1.25.0
+// 	protoc        v3.19.1
+// source: envoy/api/v2/core/grpc_method_list.proto
+
+package envoy_api_v2_core
+
+import (
+	_ "github.com/cncf/xds/go/udpa/annotations"
+	_ "github.com/envoyproxy/protoc-gen-validate/validate"
+	proto "github.com/golang/protobuf/proto"
+	protoreflect "google.golang.org/protobuf/reflect/protoreflect"
+	protoimpl "google.golang.org/protobuf/runtime/protoimpl"
+	reflect "reflect"
+	sync "sync"
+)
+
+const (
+	// Verify that this generated code is sufficiently up-to-date.
+	_ = protoimpl.EnforceVersion(20 - protoimpl.MinVersion)
+	// Verify that runtime/protoimpl is sufficiently up-to-date.
+	_ = protoimpl.EnforceVersion(protoimpl.MaxVersion - 20)
+)
+
+// This is a compile-time assertion that a sufficiently up-to-date version
+// of the legacy proto package is being used.
+const _ = proto.ProtoPackageIsVersion4
+
+// A list of gRPC methods which can be used as an allowlist, for example.
+type GrpcMethodList struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	Services []*GrpcMethodList_Service `protobuf:"bytes,1,rep,name=services,proto3" json:"services,omitempty"`
+}
+
+func (x *GrpcMethodList) Reset() {
+	*x = GrpcMethodList{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_api_v2_core_grpc_method_list_proto_msgTypes[0]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *GrpcMethodList) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*GrpcMethodList) ProtoMessage() {}
+
+func (x *GrpcMethodList) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_api_v2_core_grpc_method_list_proto_msgTypes[0]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use GrpcMethodList.ProtoReflect.Descriptor instead.
+func (*GrpcMethodList) Descriptor() ([]byte, []int) {
+	return file_envoy_api_v2_core_grpc_method_list_proto_rawDescGZIP(), []int{0}
+}
+
+func (x *GrpcMethodList) GetServices() []*GrpcMethodList_Service {
+	if x != nil {
+		return x.Services
+	}
+	return nil
+}
+
+type GrpcMethodList_Service struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// The name of the gRPC service.
+	Name string `protobuf:"bytes,1,opt,name=name,proto3" json:"name,omitempty"`
+	// The names of the gRPC methods in this service.
+	MethodNames []string `protobuf:"bytes,2,rep,name=method_names,json=methodNames,proto3" json:"method_names,omitempty"`
+}
+
+func (x *GrpcMethodList_Service) Reset() {
+	*x = GrpcMethodList_Service{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_api_v2_core_grpc_method_list_proto_msgTypes[1]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *GrpcMethodList_Service) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*GrpcMethodList_Service) ProtoMessage() {}
+
+func (x *GrpcMethodList_Service) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_api_v2_core_grpc_method_list_proto_msgTypes[1]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use GrpcMethodList_Service.ProtoReflect.Descriptor instead.
+func (*GrpcMethodList_Service) Descriptor() ([]byte, []int) {
+	return file_envoy_api_v2_core_grpc_method_list_proto_rawDescGZIP(), []int{0, 0}
+}
+
+func (x *GrpcMethodList_Service) GetName() string {
+	if x != nil {
+		return x.Name
+	}
+	return ""
+}
+
+func (x *GrpcMethodList_Service) GetMethodNames() []string {
+	if x != nil {
+		return x.MethodNames
+	}
+	return nil
+}
+
+var File_envoy_api_v2_core_grpc_method_list_proto protoreflect.FileDescriptor
+
+var file_envoy_api_v2_core_grpc_method_list_proto_rawDesc = []byte{
+	0x0a, 0x28, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2f, 0x61, 0x70, 0x69, 0x2f, 0x76, 0x32, 0x2f, 0x63,
+	0x6f, 0x72, 0x65, 0x2f, 0x67, 0x72, 0x70, 0x63, 0x5f, 0x6d, 0x65, 0x74, 0x68, 0x6f, 0x64, 0x5f,
+	0x6c, 0x69, 0x73, 0x74, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x12, 0x11, 0x65, 0x6e, 0x76, 0x6f,
+	0x79, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x76, 0x32, 0x2e, 0x63, 0x6f, 0x72, 0x65, 0x1a, 0x1e, 0x75,
+	0x64, 0x70, 0x61, 0x2f, 0x61, 0x6e, 0x6e, 0x6f, 0x74, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x2f,
+	0x6d, 0x69, 0x67, 0x72, 0x61, 0x74, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x1d, 0x75,
+	0x64, 0x70, 0x61, 0x2f, 0x61, 0x6e, 0x6e, 0x6f, 0x74, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x2f,
+	0x73, 0x74, 0x61, 0x74, 0x75, 0x73, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x17, 0x76, 0x61,
+	0x6c, 0x69, 0x64, 0x61, 0x74, 0x65, 0x2f, 0x76, 0x61, 0x6c, 0x69, 0x64, 0x61, 0x74, 0x65, 0x2e,
+	0x70, 0x72, 0x6f, 0x74, 0x6f, 0x22, 0xac, 0x01, 0x0a, 0x0e, 0x47, 0x72, 0x70, 0x63, 0x4d, 0x65,
+	0x74, 0x68, 0x6f, 0x64, 0x4c, 0x69, 0x73, 0x74, 0x12, 0x45, 0x0a, 0x08, 0x73, 0x65, 0x72, 0x76,
+	0x69, 0x63, 0x65, 0x73, 0x18, 0x01, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x29, 0x2e, 0x65, 0x6e, 0x76,
+	0x6f, 0x79, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x76, 0x32, 0x2e, 0x63, 0x6f, 0x72, 0x65, 0x2e, 0x47,
+	0x72, 0x70, 0x63, 0x4d, 0x65, 0x74, 0x68, 0x6f, 0x64, 0x4c, 0x69, 0x73, 0x74, 0x2e, 0x53, 0x65,
+	0x72, 0x76, 0x69, 0x63, 0x65, 0x52, 0x08, 0x73, 0x65, 0x72, 0x76, 0x69, 0x63, 0x65, 0x73, 0x1a,
+	0x53, 0x0a, 0x07, 0x53, 0x65, 0x72, 0x76, 0x69, 0x63, 0x65, 0x12, 0x1b, 0x0a, 0x04, 0x6e, 0x61,
+	0x6d, 0x65, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x42, 0x07, 0xfa, 0x42, 0x04, 0x72, 0x02, 0x20,
+	0x01, 0x52, 0x04, 0x6e, 0x61, 0x6d, 0x65, 0x12, 0x2b, 0x0a, 0x0c, 0x6d, 0x65, 0x74, 0x68, 0x6f,
+	0x64, 0x5f, 0x6e, 0x61, 0x6d, 0x65, 0x73, 0x18, 0x02, 0x20, 0x03, 0x28, 0x09, 0x42, 0x08, 0xfa,
+	0x42, 0x05, 0x92, 0x01, 0x02, 0x08, 0x01, 0x52, 0x0b, 0x6d, 0x65, 0x74, 0x68, 0x6f, 0x64, 0x4e,
+	0x61, 0x6d, 0x65, 0x73, 0x42, 0x5c, 0x0a, 0x1f, 0x69, 0x6f, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79,
+	0x70, 0x72, 0x6f, 0x78, 0x79, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61, 0x70, 0x69, 0x2e,
+	0x76, 0x32, 0x2e, 0x63, 0x6f, 0x72, 0x65, 0x42, 0x13, 0x47, 0x72, 0x70, 0x63, 0x4d, 0x65, 0x74,
+	0x68, 0x6f, 0x64, 0x4c, 0x69, 0x73, 0x74, 0x50, 0x72, 0x6f, 0x74, 0x6f, 0x50, 0x01, 0xf2, 0x98,
+	0xfe, 0x8f, 0x05, 0x16, 0x12, 0x14, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66,
+	0x69, 0x67, 0x2e, 0x63, 0x6f, 0x72, 0x65, 0x2e, 0x76, 0x33, 0xba, 0x80, 0xc8, 0xd1, 0x06, 0x02,
+	0x10, 0x01, 0x62, 0x06, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x33,
+}
+
+var (
+	file_envoy_api_v2_core_grpc_method_list_proto_rawDescOnce sync.Once
+	file_envoy_api_v2_core_grpc_method_list_proto_rawDescData = file_envoy_api_v2_core_grpc_method_list_proto_rawDesc
+)
+
+func file_envoy_api_v2_core_grpc_method_list_proto_rawDescGZIP() []byte {
+	file_envoy_api_v2_core_grpc_method_list_proto_rawDescOnce.Do(func() {
+		file_envoy_api_v2_core_grpc_method_list_proto_rawDescData = protoimpl.X.CompressGZIP(file_envoy_api_v2_core_grpc_method_list_proto_rawDescData)
+	})
+	return file_envoy_api_v2_core_grpc_method_list_proto_rawDescData
+}
+
+var file_envoy_api_v2_core_grpc_method_list_proto_msgTypes = make([]protoimpl.MessageInfo, 2)
+var file_envoy_api_v2_core_grpc_method_list_proto_goTypes = []interface{}{
+	(*GrpcMethodList)(nil),         // 0: envoy.api.v2.core.GrpcMethodList
+	(*GrpcMethodList_Service)(nil), // 1: envoy.api.v2.core.GrpcMethodList.Service
+}
+var file_envoy_api_v2_core_grpc_method_list_proto_depIdxs = []int32{
+	1, // 0: envoy.api.v2.core.GrpcMethodList.services:type_name -> envoy.api.v2.core.GrpcMethodList.Service
+	1, // [1:1] is the sub-list for method output_type
+	1, // [1:1] is the sub-list for method input_type
+	1, // [1:1] is the sub-list for extension type_name
+	1, // [1:1] is the sub-list for extension extendee
+	0, // [0:1] is the sub-list for field type_name
+}
+
+func init() { file_envoy_api_v2_core_grpc_method_list_proto_init() }
+func file_envoy_api_v2_core_grpc_method_list_proto_init() {
+	if File_envoy_api_v2_core_grpc_method_list_proto != nil {
+		return
+	}
+	if !protoimpl.UnsafeEnabled {
+		file_envoy_api_v2_core_grpc_method_list_proto_msgTypes[0].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*GrpcMethodList); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_api_v2_core_grpc_method_list_proto_msgTypes[1].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*GrpcMethodList_Service); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+	}
+	type x struct{}
+	out := protoimpl.TypeBuilder{
+		File: protoimpl.DescBuilder{
+			GoPackagePath: reflect.TypeOf(x{}).PkgPath(),
+			RawDescriptor: file_envoy_api_v2_core_grpc_method_list_proto_rawDesc,
+			NumEnums:      0,
+			NumMessages:   2,
+			NumExtensions: 0,
+			NumServices:   0,
+		},
+		GoTypes:           file_envoy_api_v2_core_grpc_method_list_proto_goTypes,
+		DependencyIndexes: file_envoy_api_v2_core_grpc_method_list_proto_depIdxs,
+		MessageInfos:      file_envoy_api_v2_core_grpc_method_list_proto_msgTypes,
+	}.Build()
+	File_envoy_api_v2_core_grpc_method_list_proto = out.File
+	file_envoy_api_v2_core_grpc_method_list_proto_rawDesc = nil
+	file_envoy_api_v2_core_grpc_method_list_proto_goTypes = nil
+	file_envoy_api_v2_core_grpc_method_list_proto_depIdxs = nil
+}
diff --git a/vendor/github.com/envoyproxy/go-control-plane/envoy/api/v2/core/grpc_method_list.pb.validate.go b/vendor/github.com/envoyproxy/go-control-plane/envoy/api/v2/core/grpc_method_list.pb.validate.go
new file mode 100644
index 00000000000..9a9cd287a32
--- /dev/null
+++ b/vendor/github.com/envoyproxy/go-control-plane/envoy/api/v2/core/grpc_method_list.pb.validate.go
@@ -0,0 +1,292 @@
+// Code generated by protoc-gen-validate. DO NOT EDIT.
+// source: envoy/api/v2/core/grpc_method_list.proto
+
+package envoy_api_v2_core
+
+import (
+	"bytes"
+	"errors"
+	"fmt"
+	"net"
+	"net/mail"
+	"net/url"
+	"regexp"
+	"sort"
+	"strings"
+	"time"
+	"unicode/utf8"
+
+	"google.golang.org/protobuf/types/known/anypb"
+)
+
+// ensure the imports are used
+var (
+	_ = bytes.MinRead
+	_ = errors.New("")
+	_ = fmt.Print
+	_ = utf8.UTFMax
+	_ = (*regexp.Regexp)(nil)
+	_ = (*strings.Reader)(nil)
+	_ = net.IPv4len
+	_ = time.Duration(0)
+	_ = (*url.URL)(nil)
+	_ = (*mail.Address)(nil)
+	_ = anypb.Any{}
+	_ = sort.Sort
+)
+
+// Validate checks the field values on GrpcMethodList with the rules defined in
+// the proto definition for this message. If any rules are violated, the first
+// error encountered is returned, or nil if there are no violations.
+func (m *GrpcMethodList) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on GrpcMethodList with the rules defined
+// in the proto definition for this message. If any rules are violated, the
+// result is a list of violation errors wrapped in GrpcMethodListMultiError,
+// or nil if none found.
+func (m *GrpcMethodList) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *GrpcMethodList) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	for idx, item := range m.GetServices() {
+		_, _ = idx, item
+
+		if all {
+			switch v := interface{}(item).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, GrpcMethodListValidationError{
+						field:  fmt.Sprintf("Services[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, GrpcMethodListValidationError{
+						field:  fmt.Sprintf("Services[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(item).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return GrpcMethodListValidationError{
+					field:  fmt.Sprintf("Services[%v]", idx),
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	}
+
+	if len(errors) > 0 {
+		return GrpcMethodListMultiError(errors)
+	}
+	return nil
+}
+
+// GrpcMethodListMultiError is an error wrapping multiple validation errors
+// returned by GrpcMethodList.ValidateAll() if the designated constraints
+// aren't met.
+type GrpcMethodListMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m GrpcMethodListMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m GrpcMethodListMultiError) AllErrors() []error { return m }
+
+// GrpcMethodListValidationError is the validation error returned by
+// GrpcMethodList.Validate if the designated constraints aren't met.
+type GrpcMethodListValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e GrpcMethodListValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e GrpcMethodListValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e GrpcMethodListValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e GrpcMethodListValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e GrpcMethodListValidationError) ErrorName() string { return "GrpcMethodListValidationError" }
+
+// Error satisfies the builtin error interface
+func (e GrpcMethodListValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sGrpcMethodList.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = GrpcMethodListValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = GrpcMethodListValidationError{}
+
+// Validate checks the field values on GrpcMethodList_Service with the rules
+// defined in the proto definition for this message. If any rules are
+// violated, the first error encountered is returned, or nil if there are no violations.
+func (m *GrpcMethodList_Service) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on GrpcMethodList_Service with the rules
+// defined in the proto definition for this message. If any rules are
+// violated, the result is a list of violation errors wrapped in
+// GrpcMethodList_ServiceMultiError, or nil if none found.
+func (m *GrpcMethodList_Service) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *GrpcMethodList_Service) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	if len(m.GetName()) < 1 {
+		err := GrpcMethodList_ServiceValidationError{
+			field:  "Name",
+			reason: "value length must be at least 1 bytes",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+	}
+
+	if len(m.GetMethodNames()) < 1 {
+		err := GrpcMethodList_ServiceValidationError{
+			field:  "MethodNames",
+			reason: "value must contain at least 1 item(s)",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+	}
+
+	if len(errors) > 0 {
+		return GrpcMethodList_ServiceMultiError(errors)
+	}
+	return nil
+}
+
+// GrpcMethodList_ServiceMultiError is an error wrapping multiple validation
+// errors returned by GrpcMethodList_Service.ValidateAll() if the designated
+// constraints aren't met.
+type GrpcMethodList_ServiceMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m GrpcMethodList_ServiceMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m GrpcMethodList_ServiceMultiError) AllErrors() []error { return m }
+
+// GrpcMethodList_ServiceValidationError is the validation error returned by
+// GrpcMethodList_Service.Validate if the designated constraints aren't met.
+type GrpcMethodList_ServiceValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e GrpcMethodList_ServiceValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e GrpcMethodList_ServiceValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e GrpcMethodList_ServiceValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e GrpcMethodList_ServiceValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e GrpcMethodList_ServiceValidationError) ErrorName() string {
+	return "GrpcMethodList_ServiceValidationError"
+}
+
+// Error satisfies the builtin error interface
+func (e GrpcMethodList_ServiceValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sGrpcMethodList_Service.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = GrpcMethodList_ServiceValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = GrpcMethodList_ServiceValidationError{}
diff --git a/vendor/github.com/envoyproxy/go-control-plane/envoy/api/v2/core/grpc_service.pb.go b/vendor/github.com/envoyproxy/go-control-plane/envoy/api/v2/core/grpc_service.pb.go
new file mode 100644
index 00000000000..d0a5eb554c0
--- /dev/null
+++ b/vendor/github.com/envoyproxy/go-control-plane/envoy/api/v2/core/grpc_service.pb.go
@@ -0,0 +1,1471 @@
+// Code generated by protoc-gen-go. DO NOT EDIT.
+// versions:
+// 	protoc-gen-go v1.25.0
+// 	protoc        v3.19.1
+// source: envoy/api/v2/core/grpc_service.proto
+
+package envoy_api_v2_core
+
+import (
+	_ "github.com/cncf/xds/go/udpa/annotations"
+	_ "github.com/envoyproxy/protoc-gen-validate/validate"
+	proto "github.com/golang/protobuf/proto"
+	any "github.com/golang/protobuf/ptypes/any"
+	duration "github.com/golang/protobuf/ptypes/duration"
+	_struct "github.com/golang/protobuf/ptypes/struct"
+	protoreflect "google.golang.org/protobuf/reflect/protoreflect"
+	protoimpl "google.golang.org/protobuf/runtime/protoimpl"
+	emptypb "google.golang.org/protobuf/types/known/emptypb"
+	reflect "reflect"
+	sync "sync"
+)
+
+const (
+	// Verify that this generated code is sufficiently up-to-date.
+	_ = protoimpl.EnforceVersion(20 - protoimpl.MinVersion)
+	// Verify that runtime/protoimpl is sufficiently up-to-date.
+	_ = protoimpl.EnforceVersion(protoimpl.MaxVersion - 20)
+)
+
+// This is a compile-time assertion that a sufficiently up-to-date version
+// of the legacy proto package is being used.
+const _ = proto.ProtoPackageIsVersion4
+
+// gRPC service configuration. This is used by :ref:`ApiConfigSource
+// <envoy_api_msg_core.ApiConfigSource>` and filter configurations.
+// [#next-free-field: 6]
+type GrpcService struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// Types that are assignable to TargetSpecifier:
+	//	*GrpcService_EnvoyGrpc_
+	//	*GrpcService_GoogleGrpc_
+	TargetSpecifier isGrpcService_TargetSpecifier `protobuf_oneof:"target_specifier"`
+	// The timeout for the gRPC request. This is the timeout for a specific
+	// request.
+	Timeout *duration.Duration `protobuf:"bytes,3,opt,name=timeout,proto3" json:"timeout,omitempty"`
+	// Additional metadata to include in streams initiated to the GrpcService.
+	// This can be used for scenarios in which additional ad hoc authorization
+	// headers (e.g. ``x-foo-bar: baz-key``) are to be injected.
+	InitialMetadata []*HeaderValue `protobuf:"bytes,5,rep,name=initial_metadata,json=initialMetadata,proto3" json:"initial_metadata,omitempty"`
+}
+
+func (x *GrpcService) Reset() {
+	*x = GrpcService{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_api_v2_core_grpc_service_proto_msgTypes[0]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *GrpcService) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*GrpcService) ProtoMessage() {}
+
+func (x *GrpcService) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_api_v2_core_grpc_service_proto_msgTypes[0]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use GrpcService.ProtoReflect.Descriptor instead.
+func (*GrpcService) Descriptor() ([]byte, []int) {
+	return file_envoy_api_v2_core_grpc_service_proto_rawDescGZIP(), []int{0}
+}
+
+func (m *GrpcService) GetTargetSpecifier() isGrpcService_TargetSpecifier {
+	if m != nil {
+		return m.TargetSpecifier
+	}
+	return nil
+}
+
+func (x *GrpcService) GetEnvoyGrpc() *GrpcService_EnvoyGrpc {
+	if x, ok := x.GetTargetSpecifier().(*GrpcService_EnvoyGrpc_); ok {
+		return x.EnvoyGrpc
+	}
+	return nil
+}
+
+func (x *GrpcService) GetGoogleGrpc() *GrpcService_GoogleGrpc {
+	if x, ok := x.GetTargetSpecifier().(*GrpcService_GoogleGrpc_); ok {
+		return x.GoogleGrpc
+	}
+	return nil
+}
+
+func (x *GrpcService) GetTimeout() *duration.Duration {
+	if x != nil {
+		return x.Timeout
+	}
+	return nil
+}
+
+func (x *GrpcService) GetInitialMetadata() []*HeaderValue {
+	if x != nil {
+		return x.InitialMetadata
+	}
+	return nil
+}
+
+type isGrpcService_TargetSpecifier interface {
+	isGrpcService_TargetSpecifier()
+}
+
+type GrpcService_EnvoyGrpc_ struct {
+	// Envoy's in-built gRPC client.
+	// See the :ref:`gRPC services overview <arch_overview_grpc_services>`
+	// documentation for discussion on gRPC client selection.
+	EnvoyGrpc *GrpcService_EnvoyGrpc `protobuf:"bytes,1,opt,name=envoy_grpc,json=envoyGrpc,proto3,oneof"`
+}
+
+type GrpcService_GoogleGrpc_ struct {
+	// `Google C++ gRPC client <https://github.com/grpc/grpc>`_
+	// See the :ref:`gRPC services overview <arch_overview_grpc_services>`
+	// documentation for discussion on gRPC client selection.
+	GoogleGrpc *GrpcService_GoogleGrpc `protobuf:"bytes,2,opt,name=google_grpc,json=googleGrpc,proto3,oneof"`
+}
+
+func (*GrpcService_EnvoyGrpc_) isGrpcService_TargetSpecifier() {}
+
+func (*GrpcService_GoogleGrpc_) isGrpcService_TargetSpecifier() {}
+
+type GrpcService_EnvoyGrpc struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// The name of the upstream gRPC cluster. SSL credentials will be supplied
+	// in the :ref:`Cluster <envoy_api_msg_Cluster>` :ref:`transport_socket
+	// <envoy_api_field_Cluster.transport_socket>`.
+	ClusterName string `protobuf:"bytes,1,opt,name=cluster_name,json=clusterName,proto3" json:"cluster_name,omitempty"`
+}
+
+func (x *GrpcService_EnvoyGrpc) Reset() {
+	*x = GrpcService_EnvoyGrpc{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_api_v2_core_grpc_service_proto_msgTypes[1]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *GrpcService_EnvoyGrpc) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*GrpcService_EnvoyGrpc) ProtoMessage() {}
+
+func (x *GrpcService_EnvoyGrpc) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_api_v2_core_grpc_service_proto_msgTypes[1]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use GrpcService_EnvoyGrpc.ProtoReflect.Descriptor instead.
+func (*GrpcService_EnvoyGrpc) Descriptor() ([]byte, []int) {
+	return file_envoy_api_v2_core_grpc_service_proto_rawDescGZIP(), []int{0, 0}
+}
+
+func (x *GrpcService_EnvoyGrpc) GetClusterName() string {
+	if x != nil {
+		return x.ClusterName
+	}
+	return ""
+}
+
+// [#next-free-field: 7]
+type GrpcService_GoogleGrpc struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// The target URI when using the `Google C++ gRPC client
+	// <https://github.com/grpc/grpc>`_. SSL credentials will be supplied in
+	// :ref:`channel_credentials <envoy_api_field_core.GrpcService.GoogleGrpc.channel_credentials>`.
+	TargetUri          string                                     `protobuf:"bytes,1,opt,name=target_uri,json=targetUri,proto3" json:"target_uri,omitempty"`
+	ChannelCredentials *GrpcService_GoogleGrpc_ChannelCredentials `protobuf:"bytes,2,opt,name=channel_credentials,json=channelCredentials,proto3" json:"channel_credentials,omitempty"`
+	// A set of call credentials that can be composed with `channel credentials
+	// <https://grpc.io/docs/guides/auth.html#credential-types>`_.
+	CallCredentials []*GrpcService_GoogleGrpc_CallCredentials `protobuf:"bytes,3,rep,name=call_credentials,json=callCredentials,proto3" json:"call_credentials,omitempty"`
+	// The human readable prefix to use when emitting statistics for the gRPC
+	// service.
+	//
+	// .. csv-table::
+	//    :header: Name, Type, Description
+	//    :widths: 1, 1, 2
+	//
+	//    streams_total, Counter, Total number of streams opened
+	//    streams_closed_<gRPC status code>, Counter, Total streams closed with <gRPC status code>
+	StatPrefix string `protobuf:"bytes,4,opt,name=stat_prefix,json=statPrefix,proto3" json:"stat_prefix,omitempty"`
+	// The name of the Google gRPC credentials factory to use. This must have been registered with
+	// Envoy. If this is empty, a default credentials factory will be used that sets up channel
+	// credentials based on other configuration parameters.
+	CredentialsFactoryName string `protobuf:"bytes,5,opt,name=credentials_factory_name,json=credentialsFactoryName,proto3" json:"credentials_factory_name,omitempty"`
+	// Additional configuration for site-specific customizations of the Google
+	// gRPC library.
+	Config *_struct.Struct `protobuf:"bytes,6,opt,name=config,proto3" json:"config,omitempty"`
+}
+
+func (x *GrpcService_GoogleGrpc) Reset() {
+	*x = GrpcService_GoogleGrpc{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_api_v2_core_grpc_service_proto_msgTypes[2]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *GrpcService_GoogleGrpc) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*GrpcService_GoogleGrpc) ProtoMessage() {}
+
+func (x *GrpcService_GoogleGrpc) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_api_v2_core_grpc_service_proto_msgTypes[2]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use GrpcService_GoogleGrpc.ProtoReflect.Descriptor instead.
+func (*GrpcService_GoogleGrpc) Descriptor() ([]byte, []int) {
+	return file_envoy_api_v2_core_grpc_service_proto_rawDescGZIP(), []int{0, 1}
+}
+
+func (x *GrpcService_GoogleGrpc) GetTargetUri() string {
+	if x != nil {
+		return x.TargetUri
+	}
+	return ""
+}
+
+func (x *GrpcService_GoogleGrpc) GetChannelCredentials() *GrpcService_GoogleGrpc_ChannelCredentials {
+	if x != nil {
+		return x.ChannelCredentials
+	}
+	return nil
+}
+
+func (x *GrpcService_GoogleGrpc) GetCallCredentials() []*GrpcService_GoogleGrpc_CallCredentials {
+	if x != nil {
+		return x.CallCredentials
+	}
+	return nil
+}
+
+func (x *GrpcService_GoogleGrpc) GetStatPrefix() string {
+	if x != nil {
+		return x.StatPrefix
+	}
+	return ""
+}
+
+func (x *GrpcService_GoogleGrpc) GetCredentialsFactoryName() string {
+	if x != nil {
+		return x.CredentialsFactoryName
+	}
+	return ""
+}
+
+func (x *GrpcService_GoogleGrpc) GetConfig() *_struct.Struct {
+	if x != nil {
+		return x.Config
+	}
+	return nil
+}
+
+// See https://grpc.io/grpc/cpp/structgrpc_1_1_ssl_credentials_options.html.
+type GrpcService_GoogleGrpc_SslCredentials struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// PEM encoded server root certificates.
+	RootCerts *DataSource `protobuf:"bytes,1,opt,name=root_certs,json=rootCerts,proto3" json:"root_certs,omitempty"`
+	// PEM encoded client private key.
+	PrivateKey *DataSource `protobuf:"bytes,2,opt,name=private_key,json=privateKey,proto3" json:"private_key,omitempty"`
+	// PEM encoded client certificate chain.
+	CertChain *DataSource `protobuf:"bytes,3,opt,name=cert_chain,json=certChain,proto3" json:"cert_chain,omitempty"`
+}
+
+func (x *GrpcService_GoogleGrpc_SslCredentials) Reset() {
+	*x = GrpcService_GoogleGrpc_SslCredentials{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_api_v2_core_grpc_service_proto_msgTypes[3]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *GrpcService_GoogleGrpc_SslCredentials) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*GrpcService_GoogleGrpc_SslCredentials) ProtoMessage() {}
+
+func (x *GrpcService_GoogleGrpc_SslCredentials) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_api_v2_core_grpc_service_proto_msgTypes[3]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use GrpcService_GoogleGrpc_SslCredentials.ProtoReflect.Descriptor instead.
+func (*GrpcService_GoogleGrpc_SslCredentials) Descriptor() ([]byte, []int) {
+	return file_envoy_api_v2_core_grpc_service_proto_rawDescGZIP(), []int{0, 1, 0}
+}
+
+func (x *GrpcService_GoogleGrpc_SslCredentials) GetRootCerts() *DataSource {
+	if x != nil {
+		return x.RootCerts
+	}
+	return nil
+}
+
+func (x *GrpcService_GoogleGrpc_SslCredentials) GetPrivateKey() *DataSource {
+	if x != nil {
+		return x.PrivateKey
+	}
+	return nil
+}
+
+func (x *GrpcService_GoogleGrpc_SslCredentials) GetCertChain() *DataSource {
+	if x != nil {
+		return x.CertChain
+	}
+	return nil
+}
+
+// Local channel credentials. Only UDS is supported for now.
+// See https://github.com/grpc/grpc/pull/15909.
+type GrpcService_GoogleGrpc_GoogleLocalCredentials struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+}
+
+func (x *GrpcService_GoogleGrpc_GoogleLocalCredentials) Reset() {
+	*x = GrpcService_GoogleGrpc_GoogleLocalCredentials{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_api_v2_core_grpc_service_proto_msgTypes[4]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *GrpcService_GoogleGrpc_GoogleLocalCredentials) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*GrpcService_GoogleGrpc_GoogleLocalCredentials) ProtoMessage() {}
+
+func (x *GrpcService_GoogleGrpc_GoogleLocalCredentials) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_api_v2_core_grpc_service_proto_msgTypes[4]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use GrpcService_GoogleGrpc_GoogleLocalCredentials.ProtoReflect.Descriptor instead.
+func (*GrpcService_GoogleGrpc_GoogleLocalCredentials) Descriptor() ([]byte, []int) {
+	return file_envoy_api_v2_core_grpc_service_proto_rawDescGZIP(), []int{0, 1, 1}
+}
+
+// See https://grpc.io/docs/guides/auth.html#credential-types to understand Channel and Call
+// credential types.
+type GrpcService_GoogleGrpc_ChannelCredentials struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// Types that are assignable to CredentialSpecifier:
+	//	*GrpcService_GoogleGrpc_ChannelCredentials_SslCredentials
+	//	*GrpcService_GoogleGrpc_ChannelCredentials_GoogleDefault
+	//	*GrpcService_GoogleGrpc_ChannelCredentials_LocalCredentials
+	CredentialSpecifier isGrpcService_GoogleGrpc_ChannelCredentials_CredentialSpecifier `protobuf_oneof:"credential_specifier"`
+}
+
+func (x *GrpcService_GoogleGrpc_ChannelCredentials) Reset() {
+	*x = GrpcService_GoogleGrpc_ChannelCredentials{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_api_v2_core_grpc_service_proto_msgTypes[5]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *GrpcService_GoogleGrpc_ChannelCredentials) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*GrpcService_GoogleGrpc_ChannelCredentials) ProtoMessage() {}
+
+func (x *GrpcService_GoogleGrpc_ChannelCredentials) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_api_v2_core_grpc_service_proto_msgTypes[5]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use GrpcService_GoogleGrpc_ChannelCredentials.ProtoReflect.Descriptor instead.
+func (*GrpcService_GoogleGrpc_ChannelCredentials) Descriptor() ([]byte, []int) {
+	return file_envoy_api_v2_core_grpc_service_proto_rawDescGZIP(), []int{0, 1, 2}
+}
+
+func (m *GrpcService_GoogleGrpc_ChannelCredentials) GetCredentialSpecifier() isGrpcService_GoogleGrpc_ChannelCredentials_CredentialSpecifier {
+	if m != nil {
+		return m.CredentialSpecifier
+	}
+	return nil
+}
+
+func (x *GrpcService_GoogleGrpc_ChannelCredentials) GetSslCredentials() *GrpcService_GoogleGrpc_SslCredentials {
+	if x, ok := x.GetCredentialSpecifier().(*GrpcService_GoogleGrpc_ChannelCredentials_SslCredentials); ok {
+		return x.SslCredentials
+	}
+	return nil
+}
+
+func (x *GrpcService_GoogleGrpc_ChannelCredentials) GetGoogleDefault() *emptypb.Empty {
+	if x, ok := x.GetCredentialSpecifier().(*GrpcService_GoogleGrpc_ChannelCredentials_GoogleDefault); ok {
+		return x.GoogleDefault
+	}
+	return nil
+}
+
+func (x *GrpcService_GoogleGrpc_ChannelCredentials) GetLocalCredentials() *GrpcService_GoogleGrpc_GoogleLocalCredentials {
+	if x, ok := x.GetCredentialSpecifier().(*GrpcService_GoogleGrpc_ChannelCredentials_LocalCredentials); ok {
+		return x.LocalCredentials
+	}
+	return nil
+}
+
+type isGrpcService_GoogleGrpc_ChannelCredentials_CredentialSpecifier interface {
+	isGrpcService_GoogleGrpc_ChannelCredentials_CredentialSpecifier()
+}
+
+type GrpcService_GoogleGrpc_ChannelCredentials_SslCredentials struct {
+	SslCredentials *GrpcService_GoogleGrpc_SslCredentials `protobuf:"bytes,1,opt,name=ssl_credentials,json=sslCredentials,proto3,oneof"`
+}
+
+type GrpcService_GoogleGrpc_ChannelCredentials_GoogleDefault struct {
+	// https://grpc.io/grpc/cpp/namespacegrpc.html#a6beb3ac70ff94bd2ebbd89b8f21d1f61
+	GoogleDefault *emptypb.Empty `protobuf:"bytes,2,opt,name=google_default,json=googleDefault,proto3,oneof"`
+}
+
+type GrpcService_GoogleGrpc_ChannelCredentials_LocalCredentials struct {
+	LocalCredentials *GrpcService_GoogleGrpc_GoogleLocalCredentials `protobuf:"bytes,3,opt,name=local_credentials,json=localCredentials,proto3,oneof"`
+}
+
+func (*GrpcService_GoogleGrpc_ChannelCredentials_SslCredentials) isGrpcService_GoogleGrpc_ChannelCredentials_CredentialSpecifier() {
+}
+
+func (*GrpcService_GoogleGrpc_ChannelCredentials_GoogleDefault) isGrpcService_GoogleGrpc_ChannelCredentials_CredentialSpecifier() {
+}
+
+func (*GrpcService_GoogleGrpc_ChannelCredentials_LocalCredentials) isGrpcService_GoogleGrpc_ChannelCredentials_CredentialSpecifier() {
+}
+
+// [#next-free-field: 8]
+type GrpcService_GoogleGrpc_CallCredentials struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// Types that are assignable to CredentialSpecifier:
+	//	*GrpcService_GoogleGrpc_CallCredentials_AccessToken
+	//	*GrpcService_GoogleGrpc_CallCredentials_GoogleComputeEngine
+	//	*GrpcService_GoogleGrpc_CallCredentials_GoogleRefreshToken
+	//	*GrpcService_GoogleGrpc_CallCredentials_ServiceAccountJwtAccess
+	//	*GrpcService_GoogleGrpc_CallCredentials_GoogleIam
+	//	*GrpcService_GoogleGrpc_CallCredentials_FromPlugin
+	//	*GrpcService_GoogleGrpc_CallCredentials_StsService_
+	CredentialSpecifier isGrpcService_GoogleGrpc_CallCredentials_CredentialSpecifier `protobuf_oneof:"credential_specifier"`
+}
+
+func (x *GrpcService_GoogleGrpc_CallCredentials) Reset() {
+	*x = GrpcService_GoogleGrpc_CallCredentials{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_api_v2_core_grpc_service_proto_msgTypes[6]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *GrpcService_GoogleGrpc_CallCredentials) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*GrpcService_GoogleGrpc_CallCredentials) ProtoMessage() {}
+
+func (x *GrpcService_GoogleGrpc_CallCredentials) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_api_v2_core_grpc_service_proto_msgTypes[6]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use GrpcService_GoogleGrpc_CallCredentials.ProtoReflect.Descriptor instead.
+func (*GrpcService_GoogleGrpc_CallCredentials) Descriptor() ([]byte, []int) {
+	return file_envoy_api_v2_core_grpc_service_proto_rawDescGZIP(), []int{0, 1, 3}
+}
+
+func (m *GrpcService_GoogleGrpc_CallCredentials) GetCredentialSpecifier() isGrpcService_GoogleGrpc_CallCredentials_CredentialSpecifier {
+	if m != nil {
+		return m.CredentialSpecifier
+	}
+	return nil
+}
+
+func (x *GrpcService_GoogleGrpc_CallCredentials) GetAccessToken() string {
+	if x, ok := x.GetCredentialSpecifier().(*GrpcService_GoogleGrpc_CallCredentials_AccessToken); ok {
+		return x.AccessToken
+	}
+	return ""
+}
+
+func (x *GrpcService_GoogleGrpc_CallCredentials) GetGoogleComputeEngine() *emptypb.Empty {
+	if x, ok := x.GetCredentialSpecifier().(*GrpcService_GoogleGrpc_CallCredentials_GoogleComputeEngine); ok {
+		return x.GoogleComputeEngine
+	}
+	return nil
+}
+
+func (x *GrpcService_GoogleGrpc_CallCredentials) GetGoogleRefreshToken() string {
+	if x, ok := x.GetCredentialSpecifier().(*GrpcService_GoogleGrpc_CallCredentials_GoogleRefreshToken); ok {
+		return x.GoogleRefreshToken
+	}
+	return ""
+}
+
+func (x *GrpcService_GoogleGrpc_CallCredentials) GetServiceAccountJwtAccess() *GrpcService_GoogleGrpc_CallCredentials_ServiceAccountJWTAccessCredentials {
+	if x, ok := x.GetCredentialSpecifier().(*GrpcService_GoogleGrpc_CallCredentials_ServiceAccountJwtAccess); ok {
+		return x.ServiceAccountJwtAccess
+	}
+	return nil
+}
+
+func (x *GrpcService_GoogleGrpc_CallCredentials) GetGoogleIam() *GrpcService_GoogleGrpc_CallCredentials_GoogleIAMCredentials {
+	if x, ok := x.GetCredentialSpecifier().(*GrpcService_GoogleGrpc_CallCredentials_GoogleIam); ok {
+		return x.GoogleIam
+	}
+	return nil
+}
+
+func (x *GrpcService_GoogleGrpc_CallCredentials) GetFromPlugin() *GrpcService_GoogleGrpc_CallCredentials_MetadataCredentialsFromPlugin {
+	if x, ok := x.GetCredentialSpecifier().(*GrpcService_GoogleGrpc_CallCredentials_FromPlugin); ok {
+		return x.FromPlugin
+	}
+	return nil
+}
+
+func (x *GrpcService_GoogleGrpc_CallCredentials) GetStsService() *GrpcService_GoogleGrpc_CallCredentials_StsService {
+	if x, ok := x.GetCredentialSpecifier().(*GrpcService_GoogleGrpc_CallCredentials_StsService_); ok {
+		return x.StsService
+	}
+	return nil
+}
+
+type isGrpcService_GoogleGrpc_CallCredentials_CredentialSpecifier interface {
+	isGrpcService_GoogleGrpc_CallCredentials_CredentialSpecifier()
+}
+
+type GrpcService_GoogleGrpc_CallCredentials_AccessToken struct {
+	// Access token credentials.
+	// https://grpc.io/grpc/cpp/namespacegrpc.html#ad3a80da696ffdaea943f0f858d7a360d.
+	AccessToken string `protobuf:"bytes,1,opt,name=access_token,json=accessToken,proto3,oneof"`
+}
+
+type GrpcService_GoogleGrpc_CallCredentials_GoogleComputeEngine struct {
+	// Google Compute Engine credentials.
+	// https://grpc.io/grpc/cpp/namespacegrpc.html#a6beb3ac70ff94bd2ebbd89b8f21d1f61
+	GoogleComputeEngine *emptypb.Empty `protobuf:"bytes,2,opt,name=google_compute_engine,json=googleComputeEngine,proto3,oneof"`
+}
+
+type GrpcService_GoogleGrpc_CallCredentials_GoogleRefreshToken struct {
+	// Google refresh token credentials.
+	// https://grpc.io/grpc/cpp/namespacegrpc.html#a96901c997b91bc6513b08491e0dca37c.
+	GoogleRefreshToken string `protobuf:"bytes,3,opt,name=google_refresh_token,json=googleRefreshToken,proto3,oneof"`
+}
+
+type GrpcService_GoogleGrpc_CallCredentials_ServiceAccountJwtAccess struct {
+	// Service Account JWT Access credentials.
+	// https://grpc.io/grpc/cpp/namespacegrpc.html#a92a9f959d6102461f66ee973d8e9d3aa.
+	ServiceAccountJwtAccess *GrpcService_GoogleGrpc_CallCredentials_ServiceAccountJWTAccessCredentials `protobuf:"bytes,4,opt,name=service_account_jwt_access,json=serviceAccountJwtAccess,proto3,oneof"`
+}
+
+type GrpcService_GoogleGrpc_CallCredentials_GoogleIam struct {
+	// Google IAM credentials.
+	// https://grpc.io/grpc/cpp/namespacegrpc.html#a9fc1fc101b41e680d47028166e76f9d0.
+	GoogleIam *GrpcService_GoogleGrpc_CallCredentials_GoogleIAMCredentials `protobuf:"bytes,5,opt,name=google_iam,json=googleIam,proto3,oneof"`
+}
+
+type GrpcService_GoogleGrpc_CallCredentials_FromPlugin struct {
+	// Custom authenticator credentials.
+	// https://grpc.io/grpc/cpp/namespacegrpc.html#a823c6a4b19ffc71fb33e90154ee2ad07.
+	// https://grpc.io/docs/guides/auth.html#extending-grpc-to-support-other-authentication-mechanisms.
+	FromPlugin *GrpcService_GoogleGrpc_CallCredentials_MetadataCredentialsFromPlugin `protobuf:"bytes,6,opt,name=from_plugin,json=fromPlugin,proto3,oneof"`
+}
+
+type GrpcService_GoogleGrpc_CallCredentials_StsService_ struct {
+	// Custom security token service which implements OAuth 2.0 token exchange.
+	// https://tools.ietf.org/html/draft-ietf-oauth-token-exchange-16
+	// See https://github.com/grpc/grpc/pull/19587.
+	StsService *GrpcService_GoogleGrpc_CallCredentials_StsService `protobuf:"bytes,7,opt,name=sts_service,json=stsService,proto3,oneof"`
+}
+
+func (*GrpcService_GoogleGrpc_CallCredentials_AccessToken) isGrpcService_GoogleGrpc_CallCredentials_CredentialSpecifier() {
+}
+
+func (*GrpcService_GoogleGrpc_CallCredentials_GoogleComputeEngine) isGrpcService_GoogleGrpc_CallCredentials_CredentialSpecifier() {
+}
+
+func (*GrpcService_GoogleGrpc_CallCredentials_GoogleRefreshToken) isGrpcService_GoogleGrpc_CallCredentials_CredentialSpecifier() {
+}
+
+func (*GrpcService_GoogleGrpc_CallCredentials_ServiceAccountJwtAccess) isGrpcService_GoogleGrpc_CallCredentials_CredentialSpecifier() {
+}
+
+func (*GrpcService_GoogleGrpc_CallCredentials_GoogleIam) isGrpcService_GoogleGrpc_CallCredentials_CredentialSpecifier() {
+}
+
+func (*GrpcService_GoogleGrpc_CallCredentials_FromPlugin) isGrpcService_GoogleGrpc_CallCredentials_CredentialSpecifier() {
+}
+
+func (*GrpcService_GoogleGrpc_CallCredentials_StsService_) isGrpcService_GoogleGrpc_CallCredentials_CredentialSpecifier() {
+}
+
+type GrpcService_GoogleGrpc_CallCredentials_ServiceAccountJWTAccessCredentials struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	JsonKey              string `protobuf:"bytes,1,opt,name=json_key,json=jsonKey,proto3" json:"json_key,omitempty"`
+	TokenLifetimeSeconds uint64 `protobuf:"varint,2,opt,name=token_lifetime_seconds,json=tokenLifetimeSeconds,proto3" json:"token_lifetime_seconds,omitempty"`
+}
+
+func (x *GrpcService_GoogleGrpc_CallCredentials_ServiceAccountJWTAccessCredentials) Reset() {
+	*x = GrpcService_GoogleGrpc_CallCredentials_ServiceAccountJWTAccessCredentials{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_api_v2_core_grpc_service_proto_msgTypes[7]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *GrpcService_GoogleGrpc_CallCredentials_ServiceAccountJWTAccessCredentials) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*GrpcService_GoogleGrpc_CallCredentials_ServiceAccountJWTAccessCredentials) ProtoMessage() {}
+
+func (x *GrpcService_GoogleGrpc_CallCredentials_ServiceAccountJWTAccessCredentials) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_api_v2_core_grpc_service_proto_msgTypes[7]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use GrpcService_GoogleGrpc_CallCredentials_ServiceAccountJWTAccessCredentials.ProtoReflect.Descriptor instead.
+func (*GrpcService_GoogleGrpc_CallCredentials_ServiceAccountJWTAccessCredentials) Descriptor() ([]byte, []int) {
+	return file_envoy_api_v2_core_grpc_service_proto_rawDescGZIP(), []int{0, 1, 3, 0}
+}
+
+func (x *GrpcService_GoogleGrpc_CallCredentials_ServiceAccountJWTAccessCredentials) GetJsonKey() string {
+	if x != nil {
+		return x.JsonKey
+	}
+	return ""
+}
+
+func (x *GrpcService_GoogleGrpc_CallCredentials_ServiceAccountJWTAccessCredentials) GetTokenLifetimeSeconds() uint64 {
+	if x != nil {
+		return x.TokenLifetimeSeconds
+	}
+	return 0
+}
+
+type GrpcService_GoogleGrpc_CallCredentials_GoogleIAMCredentials struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	AuthorizationToken string `protobuf:"bytes,1,opt,name=authorization_token,json=authorizationToken,proto3" json:"authorization_token,omitempty"`
+	AuthoritySelector  string `protobuf:"bytes,2,opt,name=authority_selector,json=authoritySelector,proto3" json:"authority_selector,omitempty"`
+}
+
+func (x *GrpcService_GoogleGrpc_CallCredentials_GoogleIAMCredentials) Reset() {
+	*x = GrpcService_GoogleGrpc_CallCredentials_GoogleIAMCredentials{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_api_v2_core_grpc_service_proto_msgTypes[8]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *GrpcService_GoogleGrpc_CallCredentials_GoogleIAMCredentials) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*GrpcService_GoogleGrpc_CallCredentials_GoogleIAMCredentials) ProtoMessage() {}
+
+func (x *GrpcService_GoogleGrpc_CallCredentials_GoogleIAMCredentials) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_api_v2_core_grpc_service_proto_msgTypes[8]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use GrpcService_GoogleGrpc_CallCredentials_GoogleIAMCredentials.ProtoReflect.Descriptor instead.
+func (*GrpcService_GoogleGrpc_CallCredentials_GoogleIAMCredentials) Descriptor() ([]byte, []int) {
+	return file_envoy_api_v2_core_grpc_service_proto_rawDescGZIP(), []int{0, 1, 3, 1}
+}
+
+func (x *GrpcService_GoogleGrpc_CallCredentials_GoogleIAMCredentials) GetAuthorizationToken() string {
+	if x != nil {
+		return x.AuthorizationToken
+	}
+	return ""
+}
+
+func (x *GrpcService_GoogleGrpc_CallCredentials_GoogleIAMCredentials) GetAuthoritySelector() string {
+	if x != nil {
+		return x.AuthoritySelector
+	}
+	return ""
+}
+
+type GrpcService_GoogleGrpc_CallCredentials_MetadataCredentialsFromPlugin struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	Name string `protobuf:"bytes,1,opt,name=name,proto3" json:"name,omitempty"`
+	// Types that are assignable to ConfigType:
+	//	*GrpcService_GoogleGrpc_CallCredentials_MetadataCredentialsFromPlugin_Config
+	//	*GrpcService_GoogleGrpc_CallCredentials_MetadataCredentialsFromPlugin_TypedConfig
+	ConfigType isGrpcService_GoogleGrpc_CallCredentials_MetadataCredentialsFromPlugin_ConfigType `protobuf_oneof:"config_type"`
+}
+
+func (x *GrpcService_GoogleGrpc_CallCredentials_MetadataCredentialsFromPlugin) Reset() {
+	*x = GrpcService_GoogleGrpc_CallCredentials_MetadataCredentialsFromPlugin{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_api_v2_core_grpc_service_proto_msgTypes[9]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *GrpcService_GoogleGrpc_CallCredentials_MetadataCredentialsFromPlugin) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*GrpcService_GoogleGrpc_CallCredentials_MetadataCredentialsFromPlugin) ProtoMessage() {}
+
+func (x *GrpcService_GoogleGrpc_CallCredentials_MetadataCredentialsFromPlugin) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_api_v2_core_grpc_service_proto_msgTypes[9]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use GrpcService_GoogleGrpc_CallCredentials_MetadataCredentialsFromPlugin.ProtoReflect.Descriptor instead.
+func (*GrpcService_GoogleGrpc_CallCredentials_MetadataCredentialsFromPlugin) Descriptor() ([]byte, []int) {
+	return file_envoy_api_v2_core_grpc_service_proto_rawDescGZIP(), []int{0, 1, 3, 2}
+}
+
+func (x *GrpcService_GoogleGrpc_CallCredentials_MetadataCredentialsFromPlugin) GetName() string {
+	if x != nil {
+		return x.Name
+	}
+	return ""
+}
+
+func (m *GrpcService_GoogleGrpc_CallCredentials_MetadataCredentialsFromPlugin) GetConfigType() isGrpcService_GoogleGrpc_CallCredentials_MetadataCredentialsFromPlugin_ConfigType {
+	if m != nil {
+		return m.ConfigType
+	}
+	return nil
+}
+
+// Deprecated: Do not use.
+func (x *GrpcService_GoogleGrpc_CallCredentials_MetadataCredentialsFromPlugin) GetConfig() *_struct.Struct {
+	if x, ok := x.GetConfigType().(*GrpcService_GoogleGrpc_CallCredentials_MetadataCredentialsFromPlugin_Config); ok {
+		return x.Config
+	}
+	return nil
+}
+
+func (x *GrpcService_GoogleGrpc_CallCredentials_MetadataCredentialsFromPlugin) GetTypedConfig() *any.Any {
+	if x, ok := x.GetConfigType().(*GrpcService_GoogleGrpc_CallCredentials_MetadataCredentialsFromPlugin_TypedConfig); ok {
+		return x.TypedConfig
+	}
+	return nil
+}
+
+type isGrpcService_GoogleGrpc_CallCredentials_MetadataCredentialsFromPlugin_ConfigType interface {
+	isGrpcService_GoogleGrpc_CallCredentials_MetadataCredentialsFromPlugin_ConfigType()
+}
+
+type GrpcService_GoogleGrpc_CallCredentials_MetadataCredentialsFromPlugin_Config struct {
+	// Deprecated: Do not use.
+	Config *_struct.Struct `protobuf:"bytes,2,opt,name=config,proto3,oneof"`
+}
+
+type GrpcService_GoogleGrpc_CallCredentials_MetadataCredentialsFromPlugin_TypedConfig struct {
+	TypedConfig *any.Any `protobuf:"bytes,3,opt,name=typed_config,json=typedConfig,proto3,oneof"`
+}
+
+func (*GrpcService_GoogleGrpc_CallCredentials_MetadataCredentialsFromPlugin_Config) isGrpcService_GoogleGrpc_CallCredentials_MetadataCredentialsFromPlugin_ConfigType() {
+}
+
+func (*GrpcService_GoogleGrpc_CallCredentials_MetadataCredentialsFromPlugin_TypedConfig) isGrpcService_GoogleGrpc_CallCredentials_MetadataCredentialsFromPlugin_ConfigType() {
+}
+
+// Security token service configuration that allows Google gRPC to
+// fetch security token from an OAuth 2.0 authorization server.
+// See https://tools.ietf.org/html/draft-ietf-oauth-token-exchange-16 and
+// https://github.com/grpc/grpc/pull/19587.
+// [#next-free-field: 10]
+type GrpcService_GoogleGrpc_CallCredentials_StsService struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// URI of the token exchange service that handles token exchange requests.
+	// [#comment:TODO(asraa): Add URI validation when implemented. Tracked by
+	// https://github.com/envoyproxy/protoc-gen-validate/issues/303]
+	TokenExchangeServiceUri string `protobuf:"bytes,1,opt,name=token_exchange_service_uri,json=tokenExchangeServiceUri,proto3" json:"token_exchange_service_uri,omitempty"`
+	// Location of the target service or resource where the client
+	// intends to use the requested security token.
+	Resource string `protobuf:"bytes,2,opt,name=resource,proto3" json:"resource,omitempty"`
+	// Logical name of the target service where the client intends to
+	// use the requested security token.
+	Audience string `protobuf:"bytes,3,opt,name=audience,proto3" json:"audience,omitempty"`
+	// The desired scope of the requested security token in the
+	// context of the service or resource where the token will be used.
+	Scope string `protobuf:"bytes,4,opt,name=scope,proto3" json:"scope,omitempty"`
+	// Type of the requested security token.
+	RequestedTokenType string `protobuf:"bytes,5,opt,name=requested_token_type,json=requestedTokenType,proto3" json:"requested_token_type,omitempty"`
+	// The path of subject token, a security token that represents the
+	// identity of the party on behalf of whom the request is being made.
+	SubjectTokenPath string `protobuf:"bytes,6,opt,name=subject_token_path,json=subjectTokenPath,proto3" json:"subject_token_path,omitempty"`
+	// Type of the subject token.
+	SubjectTokenType string `protobuf:"bytes,7,opt,name=subject_token_type,json=subjectTokenType,proto3" json:"subject_token_type,omitempty"`
+	// The path of actor token, a security token that represents the identity
+	// of the acting party. The acting party is authorized to use the
+	// requested security token and act on behalf of the subject.
+	ActorTokenPath string `protobuf:"bytes,8,opt,name=actor_token_path,json=actorTokenPath,proto3" json:"actor_token_path,omitempty"`
+	// Type of the actor token.
+	ActorTokenType string `protobuf:"bytes,9,opt,name=actor_token_type,json=actorTokenType,proto3" json:"actor_token_type,omitempty"`
+}
+
+func (x *GrpcService_GoogleGrpc_CallCredentials_StsService) Reset() {
+	*x = GrpcService_GoogleGrpc_CallCredentials_StsService{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_api_v2_core_grpc_service_proto_msgTypes[10]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *GrpcService_GoogleGrpc_CallCredentials_StsService) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*GrpcService_GoogleGrpc_CallCredentials_StsService) ProtoMessage() {}
+
+func (x *GrpcService_GoogleGrpc_CallCredentials_StsService) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_api_v2_core_grpc_service_proto_msgTypes[10]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use GrpcService_GoogleGrpc_CallCredentials_StsService.ProtoReflect.Descriptor instead.
+func (*GrpcService_GoogleGrpc_CallCredentials_StsService) Descriptor() ([]byte, []int) {
+	return file_envoy_api_v2_core_grpc_service_proto_rawDescGZIP(), []int{0, 1, 3, 3}
+}
+
+func (x *GrpcService_GoogleGrpc_CallCredentials_StsService) GetTokenExchangeServiceUri() string {
+	if x != nil {
+		return x.TokenExchangeServiceUri
+	}
+	return ""
+}
+
+func (x *GrpcService_GoogleGrpc_CallCredentials_StsService) GetResource() string {
+	if x != nil {
+		return x.Resource
+	}
+	return ""
+}
+
+func (x *GrpcService_GoogleGrpc_CallCredentials_StsService) GetAudience() string {
+	if x != nil {
+		return x.Audience
+	}
+	return ""
+}
+
+func (x *GrpcService_GoogleGrpc_CallCredentials_StsService) GetScope() string {
+	if x != nil {
+		return x.Scope
+	}
+	return ""
+}
+
+func (x *GrpcService_GoogleGrpc_CallCredentials_StsService) GetRequestedTokenType() string {
+	if x != nil {
+		return x.RequestedTokenType
+	}
+	return ""
+}
+
+func (x *GrpcService_GoogleGrpc_CallCredentials_StsService) GetSubjectTokenPath() string {
+	if x != nil {
+		return x.SubjectTokenPath
+	}
+	return ""
+}
+
+func (x *GrpcService_GoogleGrpc_CallCredentials_StsService) GetSubjectTokenType() string {
+	if x != nil {
+		return x.SubjectTokenType
+	}
+	return ""
+}
+
+func (x *GrpcService_GoogleGrpc_CallCredentials_StsService) GetActorTokenPath() string {
+	if x != nil {
+		return x.ActorTokenPath
+	}
+	return ""
+}
+
+func (x *GrpcService_GoogleGrpc_CallCredentials_StsService) GetActorTokenType() string {
+	if x != nil {
+		return x.ActorTokenType
+	}
+	return ""
+}
+
+var File_envoy_api_v2_core_grpc_service_proto protoreflect.FileDescriptor
+
+var file_envoy_api_v2_core_grpc_service_proto_rawDesc = []byte{
+	0x0a, 0x24, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2f, 0x61, 0x70, 0x69, 0x2f, 0x76, 0x32, 0x2f, 0x63,
+	0x6f, 0x72, 0x65, 0x2f, 0x67, 0x72, 0x70, 0x63, 0x5f, 0x73, 0x65, 0x72, 0x76, 0x69, 0x63, 0x65,
+	0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x12, 0x11, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61, 0x70,
+	0x69, 0x2e, 0x76, 0x32, 0x2e, 0x63, 0x6f, 0x72, 0x65, 0x1a, 0x1c, 0x65, 0x6e, 0x76, 0x6f, 0x79,
+	0x2f, 0x61, 0x70, 0x69, 0x2f, 0x76, 0x32, 0x2f, 0x63, 0x6f, 0x72, 0x65, 0x2f, 0x62, 0x61, 0x73,
+	0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x19, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2f,
+	0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2f, 0x61, 0x6e, 0x79, 0x2e, 0x70, 0x72, 0x6f,
+	0x74, 0x6f, 0x1a, 0x1e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2f, 0x70, 0x72, 0x6f, 0x74, 0x6f,
+	0x62, 0x75, 0x66, 0x2f, 0x64, 0x75, 0x72, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x2e, 0x70, 0x72, 0x6f,
+	0x74, 0x6f, 0x1a, 0x1b, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2f, 0x70, 0x72, 0x6f, 0x74, 0x6f,
+	0x62, 0x75, 0x66, 0x2f, 0x65, 0x6d, 0x70, 0x74, 0x79, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a,
+	0x1c, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2f, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66,
+	0x2f, 0x73, 0x74, 0x72, 0x75, 0x63, 0x74, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x1e, 0x75,
+	0x64, 0x70, 0x61, 0x2f, 0x61, 0x6e, 0x6e, 0x6f, 0x74, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x2f,
+	0x6d, 0x69, 0x67, 0x72, 0x61, 0x74, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x20, 0x75,
+	0x64, 0x70, 0x61, 0x2f, 0x61, 0x6e, 0x6e, 0x6f, 0x74, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x2f,
+	0x73, 0x65, 0x6e, 0x73, 0x69, 0x74, 0x69, 0x76, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a,
+	0x1d, 0x75, 0x64, 0x70, 0x61, 0x2f, 0x61, 0x6e, 0x6e, 0x6f, 0x74, 0x61, 0x74, 0x69, 0x6f, 0x6e,
+	0x73, 0x2f, 0x73, 0x74, 0x61, 0x74, 0x75, 0x73, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x17,
+	0x76, 0x61, 0x6c, 0x69, 0x64, 0x61, 0x74, 0x65, 0x2f, 0x76, 0x61, 0x6c, 0x69, 0x64, 0x61, 0x74,
+	0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x22, 0xdb, 0x16, 0x0a, 0x0b, 0x47, 0x72, 0x70, 0x63,
+	0x53, 0x65, 0x72, 0x76, 0x69, 0x63, 0x65, 0x12, 0x49, 0x0a, 0x0a, 0x65, 0x6e, 0x76, 0x6f, 0x79,
+	0x5f, 0x67, 0x72, 0x70, 0x63, 0x18, 0x01, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x28, 0x2e, 0x65, 0x6e,
+	0x76, 0x6f, 0x79, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x76, 0x32, 0x2e, 0x63, 0x6f, 0x72, 0x65, 0x2e,
+	0x47, 0x72, 0x70, 0x63, 0x53, 0x65, 0x72, 0x76, 0x69, 0x63, 0x65, 0x2e, 0x45, 0x6e, 0x76, 0x6f,
+	0x79, 0x47, 0x72, 0x70, 0x63, 0x48, 0x00, 0x52, 0x09, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x47, 0x72,
+	0x70, 0x63, 0x12, 0x4c, 0x0a, 0x0b, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x5f, 0x67, 0x72, 0x70,
+	0x63, 0x18, 0x02, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x29, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e,
+	0x61, 0x70, 0x69, 0x2e, 0x76, 0x32, 0x2e, 0x63, 0x6f, 0x72, 0x65, 0x2e, 0x47, 0x72, 0x70, 0x63,
+	0x53, 0x65, 0x72, 0x76, 0x69, 0x63, 0x65, 0x2e, 0x47, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x47, 0x72,
+	0x70, 0x63, 0x48, 0x00, 0x52, 0x0a, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x47, 0x72, 0x70, 0x63,
+	0x12, 0x33, 0x0a, 0x07, 0x74, 0x69, 0x6d, 0x65, 0x6f, 0x75, 0x74, 0x18, 0x03, 0x20, 0x01, 0x28,
+	0x0b, 0x32, 0x19, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f,
+	0x62, 0x75, 0x66, 0x2e, 0x44, 0x75, 0x72, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x52, 0x07, 0x74, 0x69,
+	0x6d, 0x65, 0x6f, 0x75, 0x74, 0x12, 0x49, 0x0a, 0x10, 0x69, 0x6e, 0x69, 0x74, 0x69, 0x61, 0x6c,
+	0x5f, 0x6d, 0x65, 0x74, 0x61, 0x64, 0x61, 0x74, 0x61, 0x18, 0x05, 0x20, 0x03, 0x28, 0x0b, 0x32,
+	0x1e, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x76, 0x32, 0x2e, 0x63,
+	0x6f, 0x72, 0x65, 0x2e, 0x48, 0x65, 0x61, 0x64, 0x65, 0x72, 0x56, 0x61, 0x6c, 0x75, 0x65, 0x52,
+	0x0f, 0x69, 0x6e, 0x69, 0x74, 0x69, 0x61, 0x6c, 0x4d, 0x65, 0x74, 0x61, 0x64, 0x61, 0x74, 0x61,
+	0x1a, 0x37, 0x0a, 0x09, 0x45, 0x6e, 0x76, 0x6f, 0x79, 0x47, 0x72, 0x70, 0x63, 0x12, 0x2a, 0x0a,
+	0x0c, 0x63, 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0x5f, 0x6e, 0x61, 0x6d, 0x65, 0x18, 0x01, 0x20,
+	0x01, 0x28, 0x09, 0x42, 0x07, 0xfa, 0x42, 0x04, 0x72, 0x02, 0x20, 0x01, 0x52, 0x0b, 0x63, 0x6c,
+	0x75, 0x73, 0x74, 0x65, 0x72, 0x4e, 0x61, 0x6d, 0x65, 0x1a, 0xda, 0x13, 0x0a, 0x0a, 0x47, 0x6f,
+	0x6f, 0x67, 0x6c, 0x65, 0x47, 0x72, 0x70, 0x63, 0x12, 0x26, 0x0a, 0x0a, 0x74, 0x61, 0x72, 0x67,
+	0x65, 0x74, 0x5f, 0x75, 0x72, 0x69, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x42, 0x07, 0xfa, 0x42,
+	0x04, 0x72, 0x02, 0x20, 0x01, 0x52, 0x09, 0x74, 0x61, 0x72, 0x67, 0x65, 0x74, 0x55, 0x72, 0x69,
+	0x12, 0x6d, 0x0a, 0x13, 0x63, 0x68, 0x61, 0x6e, 0x6e, 0x65, 0x6c, 0x5f, 0x63, 0x72, 0x65, 0x64,
+	0x65, 0x6e, 0x74, 0x69, 0x61, 0x6c, 0x73, 0x18, 0x02, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x3c, 0x2e,
+	0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x76, 0x32, 0x2e, 0x63, 0x6f, 0x72,
+	0x65, 0x2e, 0x47, 0x72, 0x70, 0x63, 0x53, 0x65, 0x72, 0x76, 0x69, 0x63, 0x65, 0x2e, 0x47, 0x6f,
+	0x6f, 0x67, 0x6c, 0x65, 0x47, 0x72, 0x70, 0x63, 0x2e, 0x43, 0x68, 0x61, 0x6e, 0x6e, 0x65, 0x6c,
+	0x43, 0x72, 0x65, 0x64, 0x65, 0x6e, 0x74, 0x69, 0x61, 0x6c, 0x73, 0x52, 0x12, 0x63, 0x68, 0x61,
+	0x6e, 0x6e, 0x65, 0x6c, 0x43, 0x72, 0x65, 0x64, 0x65, 0x6e, 0x74, 0x69, 0x61, 0x6c, 0x73, 0x12,
+	0x64, 0x0a, 0x10, 0x63, 0x61, 0x6c, 0x6c, 0x5f, 0x63, 0x72, 0x65, 0x64, 0x65, 0x6e, 0x74, 0x69,
+	0x61, 0x6c, 0x73, 0x18, 0x03, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x39, 0x2e, 0x65, 0x6e, 0x76, 0x6f,
+	0x79, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x76, 0x32, 0x2e, 0x63, 0x6f, 0x72, 0x65, 0x2e, 0x47, 0x72,
+	0x70, 0x63, 0x53, 0x65, 0x72, 0x76, 0x69, 0x63, 0x65, 0x2e, 0x47, 0x6f, 0x6f, 0x67, 0x6c, 0x65,
+	0x47, 0x72, 0x70, 0x63, 0x2e, 0x43, 0x61, 0x6c, 0x6c, 0x43, 0x72, 0x65, 0x64, 0x65, 0x6e, 0x74,
+	0x69, 0x61, 0x6c, 0x73, 0x52, 0x0f, 0x63, 0x61, 0x6c, 0x6c, 0x43, 0x72, 0x65, 0x64, 0x65, 0x6e,
+	0x74, 0x69, 0x61, 0x6c, 0x73, 0x12, 0x28, 0x0a, 0x0b, 0x73, 0x74, 0x61, 0x74, 0x5f, 0x70, 0x72,
+	0x65, 0x66, 0x69, 0x78, 0x18, 0x04, 0x20, 0x01, 0x28, 0x09, 0x42, 0x07, 0xfa, 0x42, 0x04, 0x72,
+	0x02, 0x20, 0x01, 0x52, 0x0a, 0x73, 0x74, 0x61, 0x74, 0x50, 0x72, 0x65, 0x66, 0x69, 0x78, 0x12,
+	0x38, 0x0a, 0x18, 0x63, 0x72, 0x65, 0x64, 0x65, 0x6e, 0x74, 0x69, 0x61, 0x6c, 0x73, 0x5f, 0x66,
+	0x61, 0x63, 0x74, 0x6f, 0x72, 0x79, 0x5f, 0x6e, 0x61, 0x6d, 0x65, 0x18, 0x05, 0x20, 0x01, 0x28,
+	0x09, 0x52, 0x16, 0x63, 0x72, 0x65, 0x64, 0x65, 0x6e, 0x74, 0x69, 0x61, 0x6c, 0x73, 0x46, 0x61,
+	0x63, 0x74, 0x6f, 0x72, 0x79, 0x4e, 0x61, 0x6d, 0x65, 0x12, 0x2f, 0x0a, 0x06, 0x63, 0x6f, 0x6e,
+	0x66, 0x69, 0x67, 0x18, 0x06, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x17, 0x2e, 0x67, 0x6f, 0x6f, 0x67,
+	0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x53, 0x74, 0x72, 0x75,
+	0x63, 0x74, 0x52, 0x06, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x1a, 0xd4, 0x01, 0x0a, 0x0e, 0x53,
+	0x73, 0x6c, 0x43, 0x72, 0x65, 0x64, 0x65, 0x6e, 0x74, 0x69, 0x61, 0x6c, 0x73, 0x12, 0x3c, 0x0a,
+	0x0a, 0x72, 0x6f, 0x6f, 0x74, 0x5f, 0x63, 0x65, 0x72, 0x74, 0x73, 0x18, 0x01, 0x20, 0x01, 0x28,
+	0x0b, 0x32, 0x1d, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x76, 0x32,
+	0x2e, 0x63, 0x6f, 0x72, 0x65, 0x2e, 0x44, 0x61, 0x74, 0x61, 0x53, 0x6f, 0x75, 0x72, 0x63, 0x65,
+	0x52, 0x09, 0x72, 0x6f, 0x6f, 0x74, 0x43, 0x65, 0x72, 0x74, 0x73, 0x12, 0x46, 0x0a, 0x0b, 0x70,
+	0x72, 0x69, 0x76, 0x61, 0x74, 0x65, 0x5f, 0x6b, 0x65, 0x79, 0x18, 0x02, 0x20, 0x01, 0x28, 0x0b,
+	0x32, 0x1d, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x76, 0x32, 0x2e,
+	0x63, 0x6f, 0x72, 0x65, 0x2e, 0x44, 0x61, 0x74, 0x61, 0x53, 0x6f, 0x75, 0x72, 0x63, 0x65, 0x42,
+	0x06, 0xb8, 0xb7, 0x8b, 0xa4, 0x02, 0x01, 0x52, 0x0a, 0x70, 0x72, 0x69, 0x76, 0x61, 0x74, 0x65,
+	0x4b, 0x65, 0x79, 0x12, 0x3c, 0x0a, 0x0a, 0x63, 0x65, 0x72, 0x74, 0x5f, 0x63, 0x68, 0x61, 0x69,
+	0x6e, 0x18, 0x03, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1d, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e,
+	0x61, 0x70, 0x69, 0x2e, 0x76, 0x32, 0x2e, 0x63, 0x6f, 0x72, 0x65, 0x2e, 0x44, 0x61, 0x74, 0x61,
+	0x53, 0x6f, 0x75, 0x72, 0x63, 0x65, 0x52, 0x09, 0x63, 0x65, 0x72, 0x74, 0x43, 0x68, 0x61, 0x69,
+	0x6e, 0x1a, 0x18, 0x0a, 0x16, 0x47, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x4c, 0x6f, 0x63, 0x61, 0x6c,
+	0x43, 0x72, 0x65, 0x64, 0x65, 0x6e, 0x74, 0x69, 0x61, 0x6c, 0x73, 0x1a, 0xc8, 0x02, 0x0a, 0x12,
+	0x43, 0x68, 0x61, 0x6e, 0x6e, 0x65, 0x6c, 0x43, 0x72, 0x65, 0x64, 0x65, 0x6e, 0x74, 0x69, 0x61,
+	0x6c, 0x73, 0x12, 0x63, 0x0a, 0x0f, 0x73, 0x73, 0x6c, 0x5f, 0x63, 0x72, 0x65, 0x64, 0x65, 0x6e,
+	0x74, 0x69, 0x61, 0x6c, 0x73, 0x18, 0x01, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x38, 0x2e, 0x65, 0x6e,
+	0x76, 0x6f, 0x79, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x76, 0x32, 0x2e, 0x63, 0x6f, 0x72, 0x65, 0x2e,
+	0x47, 0x72, 0x70, 0x63, 0x53, 0x65, 0x72, 0x76, 0x69, 0x63, 0x65, 0x2e, 0x47, 0x6f, 0x6f, 0x67,
+	0x6c, 0x65, 0x47, 0x72, 0x70, 0x63, 0x2e, 0x53, 0x73, 0x6c, 0x43, 0x72, 0x65, 0x64, 0x65, 0x6e,
+	0x74, 0x69, 0x61, 0x6c, 0x73, 0x48, 0x00, 0x52, 0x0e, 0x73, 0x73, 0x6c, 0x43, 0x72, 0x65, 0x64,
+	0x65, 0x6e, 0x74, 0x69, 0x61, 0x6c, 0x73, 0x12, 0x3f, 0x0a, 0x0e, 0x67, 0x6f, 0x6f, 0x67, 0x6c,
+	0x65, 0x5f, 0x64, 0x65, 0x66, 0x61, 0x75, 0x6c, 0x74, 0x18, 0x02, 0x20, 0x01, 0x28, 0x0b, 0x32,
+	0x16, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75,
+	0x66, 0x2e, 0x45, 0x6d, 0x70, 0x74, 0x79, 0x48, 0x00, 0x52, 0x0d, 0x67, 0x6f, 0x6f, 0x67, 0x6c,
+	0x65, 0x44, 0x65, 0x66, 0x61, 0x75, 0x6c, 0x74, 0x12, 0x6f, 0x0a, 0x11, 0x6c, 0x6f, 0x63, 0x61,
+	0x6c, 0x5f, 0x63, 0x72, 0x65, 0x64, 0x65, 0x6e, 0x74, 0x69, 0x61, 0x6c, 0x73, 0x18, 0x03, 0x20,
+	0x01, 0x28, 0x0b, 0x32, 0x40, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61, 0x70, 0x69, 0x2e,
+	0x76, 0x32, 0x2e, 0x63, 0x6f, 0x72, 0x65, 0x2e, 0x47, 0x72, 0x70, 0x63, 0x53, 0x65, 0x72, 0x76,
+	0x69, 0x63, 0x65, 0x2e, 0x47, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x47, 0x72, 0x70, 0x63, 0x2e, 0x47,
+	0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x4c, 0x6f, 0x63, 0x61, 0x6c, 0x43, 0x72, 0x65, 0x64, 0x65, 0x6e,
+	0x74, 0x69, 0x61, 0x6c, 0x73, 0x48, 0x00, 0x52, 0x10, 0x6c, 0x6f, 0x63, 0x61, 0x6c, 0x43, 0x72,
+	0x65, 0x64, 0x65, 0x6e, 0x74, 0x69, 0x61, 0x6c, 0x73, 0x42, 0x1b, 0x0a, 0x14, 0x63, 0x72, 0x65,
+	0x64, 0x65, 0x6e, 0x74, 0x69, 0x61, 0x6c, 0x5f, 0x73, 0x70, 0x65, 0x63, 0x69, 0x66, 0x69, 0x65,
+	0x72, 0x12, 0x03, 0xf8, 0x42, 0x01, 0x1a, 0xfd, 0x0b, 0x0a, 0x0f, 0x43, 0x61, 0x6c, 0x6c, 0x43,
+	0x72, 0x65, 0x64, 0x65, 0x6e, 0x74, 0x69, 0x61, 0x6c, 0x73, 0x12, 0x23, 0x0a, 0x0c, 0x61, 0x63,
+	0x63, 0x65, 0x73, 0x73, 0x5f, 0x74, 0x6f, 0x6b, 0x65, 0x6e, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09,
+	0x48, 0x00, 0x52, 0x0b, 0x61, 0x63, 0x63, 0x65, 0x73, 0x73, 0x54, 0x6f, 0x6b, 0x65, 0x6e, 0x12,
+	0x4c, 0x0a, 0x15, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x5f, 0x63, 0x6f, 0x6d, 0x70, 0x75, 0x74,
+	0x65, 0x5f, 0x65, 0x6e, 0x67, 0x69, 0x6e, 0x65, 0x18, 0x02, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x16,
+	0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66,
+	0x2e, 0x45, 0x6d, 0x70, 0x74, 0x79, 0x48, 0x00, 0x52, 0x13, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65,
+	0x43, 0x6f, 0x6d, 0x70, 0x75, 0x74, 0x65, 0x45, 0x6e, 0x67, 0x69, 0x6e, 0x65, 0x12, 0x32, 0x0a,
+	0x14, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x5f, 0x72, 0x65, 0x66, 0x72, 0x65, 0x73, 0x68, 0x5f,
+	0x74, 0x6f, 0x6b, 0x65, 0x6e, 0x18, 0x03, 0x20, 0x01, 0x28, 0x09, 0x48, 0x00, 0x52, 0x12, 0x67,
+	0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x52, 0x65, 0x66, 0x72, 0x65, 0x73, 0x68, 0x54, 0x6f, 0x6b, 0x65,
+	0x6e, 0x12, 0x9b, 0x01, 0x0a, 0x1a, 0x73, 0x65, 0x72, 0x76, 0x69, 0x63, 0x65, 0x5f, 0x61, 0x63,
+	0x63, 0x6f, 0x75, 0x6e, 0x74, 0x5f, 0x6a, 0x77, 0x74, 0x5f, 0x61, 0x63, 0x63, 0x65, 0x73, 0x73,
+	0x18, 0x04, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x5c, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61,
+	0x70, 0x69, 0x2e, 0x76, 0x32, 0x2e, 0x63, 0x6f, 0x72, 0x65, 0x2e, 0x47, 0x72, 0x70, 0x63, 0x53,
+	0x65, 0x72, 0x76, 0x69, 0x63, 0x65, 0x2e, 0x47, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x47, 0x72, 0x70,
+	0x63, 0x2e, 0x43, 0x61, 0x6c, 0x6c, 0x43, 0x72, 0x65, 0x64, 0x65, 0x6e, 0x74, 0x69, 0x61, 0x6c,
+	0x73, 0x2e, 0x53, 0x65, 0x72, 0x76, 0x69, 0x63, 0x65, 0x41, 0x63, 0x63, 0x6f, 0x75, 0x6e, 0x74,
+	0x4a, 0x57, 0x54, 0x41, 0x63, 0x63, 0x65, 0x73, 0x73, 0x43, 0x72, 0x65, 0x64, 0x65, 0x6e, 0x74,
+	0x69, 0x61, 0x6c, 0x73, 0x48, 0x00, 0x52, 0x17, 0x73, 0x65, 0x72, 0x76, 0x69, 0x63, 0x65, 0x41,
+	0x63, 0x63, 0x6f, 0x75, 0x6e, 0x74, 0x4a, 0x77, 0x74, 0x41, 0x63, 0x63, 0x65, 0x73, 0x73, 0x12,
+	0x6f, 0x0a, 0x0a, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x5f, 0x69, 0x61, 0x6d, 0x18, 0x05, 0x20,
+	0x01, 0x28, 0x0b, 0x32, 0x4e, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61, 0x70, 0x69, 0x2e,
+	0x76, 0x32, 0x2e, 0x63, 0x6f, 0x72, 0x65, 0x2e, 0x47, 0x72, 0x70, 0x63, 0x53, 0x65, 0x72, 0x76,
+	0x69, 0x63, 0x65, 0x2e, 0x47, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x47, 0x72, 0x70, 0x63, 0x2e, 0x43,
+	0x61, 0x6c, 0x6c, 0x43, 0x72, 0x65, 0x64, 0x65, 0x6e, 0x74, 0x69, 0x61, 0x6c, 0x73, 0x2e, 0x47,
+	0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x49, 0x41, 0x4d, 0x43, 0x72, 0x65, 0x64, 0x65, 0x6e, 0x74, 0x69,
+	0x61, 0x6c, 0x73, 0x48, 0x00, 0x52, 0x09, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x49, 0x61, 0x6d,
+	0x12, 0x7a, 0x0a, 0x0b, 0x66, 0x72, 0x6f, 0x6d, 0x5f, 0x70, 0x6c, 0x75, 0x67, 0x69, 0x6e, 0x18,
+	0x06, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x57, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61, 0x70,
+	0x69, 0x2e, 0x76, 0x32, 0x2e, 0x63, 0x6f, 0x72, 0x65, 0x2e, 0x47, 0x72, 0x70, 0x63, 0x53, 0x65,
+	0x72, 0x76, 0x69, 0x63, 0x65, 0x2e, 0x47, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x47, 0x72, 0x70, 0x63,
+	0x2e, 0x43, 0x61, 0x6c, 0x6c, 0x43, 0x72, 0x65, 0x64, 0x65, 0x6e, 0x74, 0x69, 0x61, 0x6c, 0x73,
+	0x2e, 0x4d, 0x65, 0x74, 0x61, 0x64, 0x61, 0x74, 0x61, 0x43, 0x72, 0x65, 0x64, 0x65, 0x6e, 0x74,
+	0x69, 0x61, 0x6c, 0x73, 0x46, 0x72, 0x6f, 0x6d, 0x50, 0x6c, 0x75, 0x67, 0x69, 0x6e, 0x48, 0x00,
+	0x52, 0x0a, 0x66, 0x72, 0x6f, 0x6d, 0x50, 0x6c, 0x75, 0x67, 0x69, 0x6e, 0x12, 0x67, 0x0a, 0x0b,
+	0x73, 0x74, 0x73, 0x5f, 0x73, 0x65, 0x72, 0x76, 0x69, 0x63, 0x65, 0x18, 0x07, 0x20, 0x01, 0x28,
+	0x0b, 0x32, 0x44, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x76, 0x32,
+	0x2e, 0x63, 0x6f, 0x72, 0x65, 0x2e, 0x47, 0x72, 0x70, 0x63, 0x53, 0x65, 0x72, 0x76, 0x69, 0x63,
+	0x65, 0x2e, 0x47, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x47, 0x72, 0x70, 0x63, 0x2e, 0x43, 0x61, 0x6c,
+	0x6c, 0x43, 0x72, 0x65, 0x64, 0x65, 0x6e, 0x74, 0x69, 0x61, 0x6c, 0x73, 0x2e, 0x53, 0x74, 0x73,
+	0x53, 0x65, 0x72, 0x76, 0x69, 0x63, 0x65, 0x48, 0x00, 0x52, 0x0a, 0x73, 0x74, 0x73, 0x53, 0x65,
+	0x72, 0x76, 0x69, 0x63, 0x65, 0x1a, 0x75, 0x0a, 0x22, 0x53, 0x65, 0x72, 0x76, 0x69, 0x63, 0x65,
+	0x41, 0x63, 0x63, 0x6f, 0x75, 0x6e, 0x74, 0x4a, 0x57, 0x54, 0x41, 0x63, 0x63, 0x65, 0x73, 0x73,
+	0x43, 0x72, 0x65, 0x64, 0x65, 0x6e, 0x74, 0x69, 0x61, 0x6c, 0x73, 0x12, 0x19, 0x0a, 0x08, 0x6a,
+	0x73, 0x6f, 0x6e, 0x5f, 0x6b, 0x65, 0x79, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x07, 0x6a,
+	0x73, 0x6f, 0x6e, 0x4b, 0x65, 0x79, 0x12, 0x34, 0x0a, 0x16, 0x74, 0x6f, 0x6b, 0x65, 0x6e, 0x5f,
+	0x6c, 0x69, 0x66, 0x65, 0x74, 0x69, 0x6d, 0x65, 0x5f, 0x73, 0x65, 0x63, 0x6f, 0x6e, 0x64, 0x73,
+	0x18, 0x02, 0x20, 0x01, 0x28, 0x04, 0x52, 0x14, 0x74, 0x6f, 0x6b, 0x65, 0x6e, 0x4c, 0x69, 0x66,
+	0x65, 0x74, 0x69, 0x6d, 0x65, 0x53, 0x65, 0x63, 0x6f, 0x6e, 0x64, 0x73, 0x1a, 0x76, 0x0a, 0x14,
+	0x47, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x49, 0x41, 0x4d, 0x43, 0x72, 0x65, 0x64, 0x65, 0x6e, 0x74,
+	0x69, 0x61, 0x6c, 0x73, 0x12, 0x2f, 0x0a, 0x13, 0x61, 0x75, 0x74, 0x68, 0x6f, 0x72, 0x69, 0x7a,
+	0x61, 0x74, 0x69, 0x6f, 0x6e, 0x5f, 0x74, 0x6f, 0x6b, 0x65, 0x6e, 0x18, 0x01, 0x20, 0x01, 0x28,
+	0x09, 0x52, 0x12, 0x61, 0x75, 0x74, 0x68, 0x6f, 0x72, 0x69, 0x7a, 0x61, 0x74, 0x69, 0x6f, 0x6e,
+	0x54, 0x6f, 0x6b, 0x65, 0x6e, 0x12, 0x2d, 0x0a, 0x12, 0x61, 0x75, 0x74, 0x68, 0x6f, 0x72, 0x69,
+	0x74, 0x79, 0x5f, 0x73, 0x65, 0x6c, 0x65, 0x63, 0x74, 0x6f, 0x72, 0x18, 0x02, 0x20, 0x01, 0x28,
+	0x09, 0x52, 0x11, 0x61, 0x75, 0x74, 0x68, 0x6f, 0x72, 0x69, 0x74, 0x79, 0x53, 0x65, 0x6c, 0x65,
+	0x63, 0x74, 0x6f, 0x72, 0x1a, 0xb4, 0x01, 0x0a, 0x1d, 0x4d, 0x65, 0x74, 0x61, 0x64, 0x61, 0x74,
+	0x61, 0x43, 0x72, 0x65, 0x64, 0x65, 0x6e, 0x74, 0x69, 0x61, 0x6c, 0x73, 0x46, 0x72, 0x6f, 0x6d,
+	0x50, 0x6c, 0x75, 0x67, 0x69, 0x6e, 0x12, 0x12, 0x0a, 0x04, 0x6e, 0x61, 0x6d, 0x65, 0x18, 0x01,
+	0x20, 0x01, 0x28, 0x09, 0x52, 0x04, 0x6e, 0x61, 0x6d, 0x65, 0x12, 0x35, 0x0a, 0x06, 0x63, 0x6f,
+	0x6e, 0x66, 0x69, 0x67, 0x18, 0x02, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x17, 0x2e, 0x67, 0x6f, 0x6f,
+	0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x53, 0x74, 0x72,
+	0x75, 0x63, 0x74, 0x42, 0x02, 0x18, 0x01, 0x48, 0x00, 0x52, 0x06, 0x63, 0x6f, 0x6e, 0x66, 0x69,
+	0x67, 0x12, 0x39, 0x0a, 0x0c, 0x74, 0x79, 0x70, 0x65, 0x64, 0x5f, 0x63, 0x6f, 0x6e, 0x66, 0x69,
+	0x67, 0x18, 0x03, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x14, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65,
+	0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x41, 0x6e, 0x79, 0x48, 0x00, 0x52,
+	0x0b, 0x74, 0x79, 0x70, 0x65, 0x64, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x42, 0x0d, 0x0a, 0x0b,
+	0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x5f, 0x74, 0x79, 0x70, 0x65, 0x1a, 0x8b, 0x03, 0x0a, 0x0a,
+	0x53, 0x74, 0x73, 0x53, 0x65, 0x72, 0x76, 0x69, 0x63, 0x65, 0x12, 0x3b, 0x0a, 0x1a, 0x74, 0x6f,
+	0x6b, 0x65, 0x6e, 0x5f, 0x65, 0x78, 0x63, 0x68, 0x61, 0x6e, 0x67, 0x65, 0x5f, 0x73, 0x65, 0x72,
+	0x76, 0x69, 0x63, 0x65, 0x5f, 0x75, 0x72, 0x69, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x17,
+	0x74, 0x6f, 0x6b, 0x65, 0x6e, 0x45, 0x78, 0x63, 0x68, 0x61, 0x6e, 0x67, 0x65, 0x53, 0x65, 0x72,
+	0x76, 0x69, 0x63, 0x65, 0x55, 0x72, 0x69, 0x12, 0x1a, 0x0a, 0x08, 0x72, 0x65, 0x73, 0x6f, 0x75,
+	0x72, 0x63, 0x65, 0x18, 0x02, 0x20, 0x01, 0x28, 0x09, 0x52, 0x08, 0x72, 0x65, 0x73, 0x6f, 0x75,
+	0x72, 0x63, 0x65, 0x12, 0x1a, 0x0a, 0x08, 0x61, 0x75, 0x64, 0x69, 0x65, 0x6e, 0x63, 0x65, 0x18,
+	0x03, 0x20, 0x01, 0x28, 0x09, 0x52, 0x08, 0x61, 0x75, 0x64, 0x69, 0x65, 0x6e, 0x63, 0x65, 0x12,
+	0x14, 0x0a, 0x05, 0x73, 0x63, 0x6f, 0x70, 0x65, 0x18, 0x04, 0x20, 0x01, 0x28, 0x09, 0x52, 0x05,
+	0x73, 0x63, 0x6f, 0x70, 0x65, 0x12, 0x30, 0x0a, 0x14, 0x72, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74,
+	0x65, 0x64, 0x5f, 0x74, 0x6f, 0x6b, 0x65, 0x6e, 0x5f, 0x74, 0x79, 0x70, 0x65, 0x18, 0x05, 0x20,
+	0x01, 0x28, 0x09, 0x52, 0x12, 0x72, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x65, 0x64, 0x54, 0x6f,
+	0x6b, 0x65, 0x6e, 0x54, 0x79, 0x70, 0x65, 0x12, 0x35, 0x0a, 0x12, 0x73, 0x75, 0x62, 0x6a, 0x65,
+	0x63, 0x74, 0x5f, 0x74, 0x6f, 0x6b, 0x65, 0x6e, 0x5f, 0x70, 0x61, 0x74, 0x68, 0x18, 0x06, 0x20,
+	0x01, 0x28, 0x09, 0x42, 0x07, 0xfa, 0x42, 0x04, 0x72, 0x02, 0x20, 0x01, 0x52, 0x10, 0x73, 0x75,
+	0x62, 0x6a, 0x65, 0x63, 0x74, 0x54, 0x6f, 0x6b, 0x65, 0x6e, 0x50, 0x61, 0x74, 0x68, 0x12, 0x35,
+	0x0a, 0x12, 0x73, 0x75, 0x62, 0x6a, 0x65, 0x63, 0x74, 0x5f, 0x74, 0x6f, 0x6b, 0x65, 0x6e, 0x5f,
+	0x74, 0x79, 0x70, 0x65, 0x18, 0x07, 0x20, 0x01, 0x28, 0x09, 0x42, 0x07, 0xfa, 0x42, 0x04, 0x72,
+	0x02, 0x20, 0x01, 0x52, 0x10, 0x73, 0x75, 0x62, 0x6a, 0x65, 0x63, 0x74, 0x54, 0x6f, 0x6b, 0x65,
+	0x6e, 0x54, 0x79, 0x70, 0x65, 0x12, 0x28, 0x0a, 0x10, 0x61, 0x63, 0x74, 0x6f, 0x72, 0x5f, 0x74,
+	0x6f, 0x6b, 0x65, 0x6e, 0x5f, 0x70, 0x61, 0x74, 0x68, 0x18, 0x08, 0x20, 0x01, 0x28, 0x09, 0x52,
+	0x0e, 0x61, 0x63, 0x74, 0x6f, 0x72, 0x54, 0x6f, 0x6b, 0x65, 0x6e, 0x50, 0x61, 0x74, 0x68, 0x12,
+	0x28, 0x0a, 0x10, 0x61, 0x63, 0x74, 0x6f, 0x72, 0x5f, 0x74, 0x6f, 0x6b, 0x65, 0x6e, 0x5f, 0x74,
+	0x79, 0x70, 0x65, 0x18, 0x09, 0x20, 0x01, 0x28, 0x09, 0x52, 0x0e, 0x61, 0x63, 0x74, 0x6f, 0x72,
+	0x54, 0x6f, 0x6b, 0x65, 0x6e, 0x54, 0x79, 0x70, 0x65, 0x42, 0x1b, 0x0a, 0x14, 0x63, 0x72, 0x65,
+	0x64, 0x65, 0x6e, 0x74, 0x69, 0x61, 0x6c, 0x5f, 0x73, 0x70, 0x65, 0x63, 0x69, 0x66, 0x69, 0x65,
+	0x72, 0x12, 0x03, 0xf8, 0x42, 0x01, 0x42, 0x17, 0x0a, 0x10, 0x74, 0x61, 0x72, 0x67, 0x65, 0x74,
+	0x5f, 0x73, 0x70, 0x65, 0x63, 0x69, 0x66, 0x69, 0x65, 0x72, 0x12, 0x03, 0xf8, 0x42, 0x01, 0x4a,
+	0x04, 0x08, 0x04, 0x10, 0x05, 0x42, 0x59, 0x0a, 0x1f, 0x69, 0x6f, 0x2e, 0x65, 0x6e, 0x76, 0x6f,
+	0x79, 0x70, 0x72, 0x6f, 0x78, 0x79, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61, 0x70, 0x69,
+	0x2e, 0x76, 0x32, 0x2e, 0x63, 0x6f, 0x72, 0x65, 0x42, 0x10, 0x47, 0x72, 0x70, 0x63, 0x53, 0x65,
+	0x72, 0x76, 0x69, 0x63, 0x65, 0x50, 0x72, 0x6f, 0x74, 0x6f, 0x50, 0x01, 0xf2, 0x98, 0xfe, 0x8f,
+	0x05, 0x16, 0x12, 0x14, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67,
+	0x2e, 0x63, 0x6f, 0x72, 0x65, 0x2e, 0x76, 0x33, 0xba, 0x80, 0xc8, 0xd1, 0x06, 0x02, 0x10, 0x01,
+	0x62, 0x06, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x33,
+}
+
+var (
+	file_envoy_api_v2_core_grpc_service_proto_rawDescOnce sync.Once
+	file_envoy_api_v2_core_grpc_service_proto_rawDescData = file_envoy_api_v2_core_grpc_service_proto_rawDesc
+)
+
+func file_envoy_api_v2_core_grpc_service_proto_rawDescGZIP() []byte {
+	file_envoy_api_v2_core_grpc_service_proto_rawDescOnce.Do(func() {
+		file_envoy_api_v2_core_grpc_service_proto_rawDescData = protoimpl.X.CompressGZIP(file_envoy_api_v2_core_grpc_service_proto_rawDescData)
+	})
+	return file_envoy_api_v2_core_grpc_service_proto_rawDescData
+}
+
+var file_envoy_api_v2_core_grpc_service_proto_msgTypes = make([]protoimpl.MessageInfo, 11)
+var file_envoy_api_v2_core_grpc_service_proto_goTypes = []interface{}{
+	(*GrpcService)(nil),                                                               // 0: envoy.api.v2.core.GrpcService
+	(*GrpcService_EnvoyGrpc)(nil),                                                     // 1: envoy.api.v2.core.GrpcService.EnvoyGrpc
+	(*GrpcService_GoogleGrpc)(nil),                                                    // 2: envoy.api.v2.core.GrpcService.GoogleGrpc
+	(*GrpcService_GoogleGrpc_SslCredentials)(nil),                                     // 3: envoy.api.v2.core.GrpcService.GoogleGrpc.SslCredentials
+	(*GrpcService_GoogleGrpc_GoogleLocalCredentials)(nil),                             // 4: envoy.api.v2.core.GrpcService.GoogleGrpc.GoogleLocalCredentials
+	(*GrpcService_GoogleGrpc_ChannelCredentials)(nil),                                 // 5: envoy.api.v2.core.GrpcService.GoogleGrpc.ChannelCredentials
+	(*GrpcService_GoogleGrpc_CallCredentials)(nil),                                    // 6: envoy.api.v2.core.GrpcService.GoogleGrpc.CallCredentials
+	(*GrpcService_GoogleGrpc_CallCredentials_ServiceAccountJWTAccessCredentials)(nil), // 7: envoy.api.v2.core.GrpcService.GoogleGrpc.CallCredentials.ServiceAccountJWTAccessCredentials
+	(*GrpcService_GoogleGrpc_CallCredentials_GoogleIAMCredentials)(nil),               // 8: envoy.api.v2.core.GrpcService.GoogleGrpc.CallCredentials.GoogleIAMCredentials
+	(*GrpcService_GoogleGrpc_CallCredentials_MetadataCredentialsFromPlugin)(nil),      // 9: envoy.api.v2.core.GrpcService.GoogleGrpc.CallCredentials.MetadataCredentialsFromPlugin
+	(*GrpcService_GoogleGrpc_CallCredentials_StsService)(nil),                         // 10: envoy.api.v2.core.GrpcService.GoogleGrpc.CallCredentials.StsService
+	(*duration.Duration)(nil),                                                         // 11: google.protobuf.Duration
+	(*HeaderValue)(nil),                                                               // 12: envoy.api.v2.core.HeaderValue
+	(*_struct.Struct)(nil),                                                            // 13: google.protobuf.Struct
+	(*DataSource)(nil),                                                                // 14: envoy.api.v2.core.DataSource
+	(*emptypb.Empty)(nil),                                                             // 15: google.protobuf.Empty
+	(*any.Any)(nil),                                                                   // 16: google.protobuf.Any
+}
+var file_envoy_api_v2_core_grpc_service_proto_depIdxs = []int32{
+	1,  // 0: envoy.api.v2.core.GrpcService.envoy_grpc:type_name -> envoy.api.v2.core.GrpcService.EnvoyGrpc
+	2,  // 1: envoy.api.v2.core.GrpcService.google_grpc:type_name -> envoy.api.v2.core.GrpcService.GoogleGrpc
+	11, // 2: envoy.api.v2.core.GrpcService.timeout:type_name -> google.protobuf.Duration
+	12, // 3: envoy.api.v2.core.GrpcService.initial_metadata:type_name -> envoy.api.v2.core.HeaderValue
+	5,  // 4: envoy.api.v2.core.GrpcService.GoogleGrpc.channel_credentials:type_name -> envoy.api.v2.core.GrpcService.GoogleGrpc.ChannelCredentials
+	6,  // 5: envoy.api.v2.core.GrpcService.GoogleGrpc.call_credentials:type_name -> envoy.api.v2.core.GrpcService.GoogleGrpc.CallCredentials
+	13, // 6: envoy.api.v2.core.GrpcService.GoogleGrpc.config:type_name -> google.protobuf.Struct
+	14, // 7: envoy.api.v2.core.GrpcService.GoogleGrpc.SslCredentials.root_certs:type_name -> envoy.api.v2.core.DataSource
+	14, // 8: envoy.api.v2.core.GrpcService.GoogleGrpc.SslCredentials.private_key:type_name -> envoy.api.v2.core.DataSource
+	14, // 9: envoy.api.v2.core.GrpcService.GoogleGrpc.SslCredentials.cert_chain:type_name -> envoy.api.v2.core.DataSource
+	3,  // 10: envoy.api.v2.core.GrpcService.GoogleGrpc.ChannelCredentials.ssl_credentials:type_name -> envoy.api.v2.core.GrpcService.GoogleGrpc.SslCredentials
+	15, // 11: envoy.api.v2.core.GrpcService.GoogleGrpc.ChannelCredentials.google_default:type_name -> google.protobuf.Empty
+	4,  // 12: envoy.api.v2.core.GrpcService.GoogleGrpc.ChannelCredentials.local_credentials:type_name -> envoy.api.v2.core.GrpcService.GoogleGrpc.GoogleLocalCredentials
+	15, // 13: envoy.api.v2.core.GrpcService.GoogleGrpc.CallCredentials.google_compute_engine:type_name -> google.protobuf.Empty
+	7,  // 14: envoy.api.v2.core.GrpcService.GoogleGrpc.CallCredentials.service_account_jwt_access:type_name -> envoy.api.v2.core.GrpcService.GoogleGrpc.CallCredentials.ServiceAccountJWTAccessCredentials
+	8,  // 15: envoy.api.v2.core.GrpcService.GoogleGrpc.CallCredentials.google_iam:type_name -> envoy.api.v2.core.GrpcService.GoogleGrpc.CallCredentials.GoogleIAMCredentials
+	9,  // 16: envoy.api.v2.core.GrpcService.GoogleGrpc.CallCredentials.from_plugin:type_name -> envoy.api.v2.core.GrpcService.GoogleGrpc.CallCredentials.MetadataCredentialsFromPlugin
+	10, // 17: envoy.api.v2.core.GrpcService.GoogleGrpc.CallCredentials.sts_service:type_name -> envoy.api.v2.core.GrpcService.GoogleGrpc.CallCredentials.StsService
+	13, // 18: envoy.api.v2.core.GrpcService.GoogleGrpc.CallCredentials.MetadataCredentialsFromPlugin.config:type_name -> google.protobuf.Struct
+	16, // 19: envoy.api.v2.core.GrpcService.GoogleGrpc.CallCredentials.MetadataCredentialsFromPlugin.typed_config:type_name -> google.protobuf.Any
+	20, // [20:20] is the sub-list for method output_type
+	20, // [20:20] is the sub-list for method input_type
+	20, // [20:20] is the sub-list for extension type_name
+	20, // [20:20] is the sub-list for extension extendee
+	0,  // [0:20] is the sub-list for field type_name
+}
+
+func init() { file_envoy_api_v2_core_grpc_service_proto_init() }
+func file_envoy_api_v2_core_grpc_service_proto_init() {
+	if File_envoy_api_v2_core_grpc_service_proto != nil {
+		return
+	}
+	file_envoy_api_v2_core_base_proto_init()
+	if !protoimpl.UnsafeEnabled {
+		file_envoy_api_v2_core_grpc_service_proto_msgTypes[0].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*GrpcService); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_api_v2_core_grpc_service_proto_msgTypes[1].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*GrpcService_EnvoyGrpc); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_api_v2_core_grpc_service_proto_msgTypes[2].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*GrpcService_GoogleGrpc); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_api_v2_core_grpc_service_proto_msgTypes[3].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*GrpcService_GoogleGrpc_SslCredentials); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_api_v2_core_grpc_service_proto_msgTypes[4].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*GrpcService_GoogleGrpc_GoogleLocalCredentials); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_api_v2_core_grpc_service_proto_msgTypes[5].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*GrpcService_GoogleGrpc_ChannelCredentials); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_api_v2_core_grpc_service_proto_msgTypes[6].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*GrpcService_GoogleGrpc_CallCredentials); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_api_v2_core_grpc_service_proto_msgTypes[7].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*GrpcService_GoogleGrpc_CallCredentials_ServiceAccountJWTAccessCredentials); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_api_v2_core_grpc_service_proto_msgTypes[8].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*GrpcService_GoogleGrpc_CallCredentials_GoogleIAMCredentials); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_api_v2_core_grpc_service_proto_msgTypes[9].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*GrpcService_GoogleGrpc_CallCredentials_MetadataCredentialsFromPlugin); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_api_v2_core_grpc_service_proto_msgTypes[10].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*GrpcService_GoogleGrpc_CallCredentials_StsService); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+	}
+	file_envoy_api_v2_core_grpc_service_proto_msgTypes[0].OneofWrappers = []interface{}{
+		(*GrpcService_EnvoyGrpc_)(nil),
+		(*GrpcService_GoogleGrpc_)(nil),
+	}
+	file_envoy_api_v2_core_grpc_service_proto_msgTypes[5].OneofWrappers = []interface{}{
+		(*GrpcService_GoogleGrpc_ChannelCredentials_SslCredentials)(nil),
+		(*GrpcService_GoogleGrpc_ChannelCredentials_GoogleDefault)(nil),
+		(*GrpcService_GoogleGrpc_ChannelCredentials_LocalCredentials)(nil),
+	}
+	file_envoy_api_v2_core_grpc_service_proto_msgTypes[6].OneofWrappers = []interface{}{
+		(*GrpcService_GoogleGrpc_CallCredentials_AccessToken)(nil),
+		(*GrpcService_GoogleGrpc_CallCredentials_GoogleComputeEngine)(nil),
+		(*GrpcService_GoogleGrpc_CallCredentials_GoogleRefreshToken)(nil),
+		(*GrpcService_GoogleGrpc_CallCredentials_ServiceAccountJwtAccess)(nil),
+		(*GrpcService_GoogleGrpc_CallCredentials_GoogleIam)(nil),
+		(*GrpcService_GoogleGrpc_CallCredentials_FromPlugin)(nil),
+		(*GrpcService_GoogleGrpc_CallCredentials_StsService_)(nil),
+	}
+	file_envoy_api_v2_core_grpc_service_proto_msgTypes[9].OneofWrappers = []interface{}{
+		(*GrpcService_GoogleGrpc_CallCredentials_MetadataCredentialsFromPlugin_Config)(nil),
+		(*GrpcService_GoogleGrpc_CallCredentials_MetadataCredentialsFromPlugin_TypedConfig)(nil),
+	}
+	type x struct{}
+	out := protoimpl.TypeBuilder{
+		File: protoimpl.DescBuilder{
+			GoPackagePath: reflect.TypeOf(x{}).PkgPath(),
+			RawDescriptor: file_envoy_api_v2_core_grpc_service_proto_rawDesc,
+			NumEnums:      0,
+			NumMessages:   11,
+			NumExtensions: 0,
+			NumServices:   0,
+		},
+		GoTypes:           file_envoy_api_v2_core_grpc_service_proto_goTypes,
+		DependencyIndexes: file_envoy_api_v2_core_grpc_service_proto_depIdxs,
+		MessageInfos:      file_envoy_api_v2_core_grpc_service_proto_msgTypes,
+	}.Build()
+	File_envoy_api_v2_core_grpc_service_proto = out.File
+	file_envoy_api_v2_core_grpc_service_proto_rawDesc = nil
+	file_envoy_api_v2_core_grpc_service_proto_goTypes = nil
+	file_envoy_api_v2_core_grpc_service_proto_depIdxs = nil
+}
diff --git a/vendor/github.com/envoyproxy/go-control-plane/envoy/api/v2/core/grpc_service.pb.validate.go b/vendor/github.com/envoyproxy/go-control-plane/envoy/api/v2/core/grpc_service.pb.validate.go
new file mode 100644
index 00000000000..09c8b1b1db6
--- /dev/null
+++ b/vendor/github.com/envoyproxy/go-control-plane/envoy/api/v2/core/grpc_service.pb.validate.go
@@ -0,0 +1,1970 @@
+// Code generated by protoc-gen-validate. DO NOT EDIT.
+// source: envoy/api/v2/core/grpc_service.proto
+
+package envoy_api_v2_core
+
+import (
+	"bytes"
+	"errors"
+	"fmt"
+	"net"
+	"net/mail"
+	"net/url"
+	"regexp"
+	"sort"
+	"strings"
+	"time"
+	"unicode/utf8"
+
+	"google.golang.org/protobuf/types/known/anypb"
+)
+
+// ensure the imports are used
+var (
+	_ = bytes.MinRead
+	_ = errors.New("")
+	_ = fmt.Print
+	_ = utf8.UTFMax
+	_ = (*regexp.Regexp)(nil)
+	_ = (*strings.Reader)(nil)
+	_ = net.IPv4len
+	_ = time.Duration(0)
+	_ = (*url.URL)(nil)
+	_ = (*mail.Address)(nil)
+	_ = anypb.Any{}
+	_ = sort.Sort
+)
+
+// Validate checks the field values on GrpcService with the rules defined in
+// the proto definition for this message. If any rules are violated, the first
+// error encountered is returned, or nil if there are no violations.
+func (m *GrpcService) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on GrpcService with the rules defined in
+// the proto definition for this message. If any rules are violated, the
+// result is a list of violation errors wrapped in GrpcServiceMultiError, or
+// nil if none found.
+func (m *GrpcService) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *GrpcService) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	if all {
+		switch v := interface{}(m.GetTimeout()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, GrpcServiceValidationError{
+					field:  "Timeout",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, GrpcServiceValidationError{
+					field:  "Timeout",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetTimeout()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return GrpcServiceValidationError{
+				field:  "Timeout",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	for idx, item := range m.GetInitialMetadata() {
+		_, _ = idx, item
+
+		if all {
+			switch v := interface{}(item).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, GrpcServiceValidationError{
+						field:  fmt.Sprintf("InitialMetadata[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, GrpcServiceValidationError{
+						field:  fmt.Sprintf("InitialMetadata[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(item).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return GrpcServiceValidationError{
+					field:  fmt.Sprintf("InitialMetadata[%v]", idx),
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	}
+
+	switch m.TargetSpecifier.(type) {
+
+	case *GrpcService_EnvoyGrpc_:
+
+		if all {
+			switch v := interface{}(m.GetEnvoyGrpc()).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, GrpcServiceValidationError{
+						field:  "EnvoyGrpc",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, GrpcServiceValidationError{
+						field:  "EnvoyGrpc",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(m.GetEnvoyGrpc()).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return GrpcServiceValidationError{
+					field:  "EnvoyGrpc",
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	case *GrpcService_GoogleGrpc_:
+
+		if all {
+			switch v := interface{}(m.GetGoogleGrpc()).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, GrpcServiceValidationError{
+						field:  "GoogleGrpc",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, GrpcServiceValidationError{
+						field:  "GoogleGrpc",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(m.GetGoogleGrpc()).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return GrpcServiceValidationError{
+					field:  "GoogleGrpc",
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	default:
+		err := GrpcServiceValidationError{
+			field:  "TargetSpecifier",
+			reason: "value is required",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+
+	}
+
+	if len(errors) > 0 {
+		return GrpcServiceMultiError(errors)
+	}
+	return nil
+}
+
+// GrpcServiceMultiError is an error wrapping multiple validation errors
+// returned by GrpcService.ValidateAll() if the designated constraints aren't met.
+type GrpcServiceMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m GrpcServiceMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m GrpcServiceMultiError) AllErrors() []error { return m }
+
+// GrpcServiceValidationError is the validation error returned by
+// GrpcService.Validate if the designated constraints aren't met.
+type GrpcServiceValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e GrpcServiceValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e GrpcServiceValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e GrpcServiceValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e GrpcServiceValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e GrpcServiceValidationError) ErrorName() string { return "GrpcServiceValidationError" }
+
+// Error satisfies the builtin error interface
+func (e GrpcServiceValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sGrpcService.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = GrpcServiceValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = GrpcServiceValidationError{}
+
+// Validate checks the field values on GrpcService_EnvoyGrpc with the rules
+// defined in the proto definition for this message. If any rules are
+// violated, the first error encountered is returned, or nil if there are no violations.
+func (m *GrpcService_EnvoyGrpc) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on GrpcService_EnvoyGrpc with the rules
+// defined in the proto definition for this message. If any rules are
+// violated, the result is a list of violation errors wrapped in
+// GrpcService_EnvoyGrpcMultiError, or nil if none found.
+func (m *GrpcService_EnvoyGrpc) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *GrpcService_EnvoyGrpc) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	if len(m.GetClusterName()) < 1 {
+		err := GrpcService_EnvoyGrpcValidationError{
+			field:  "ClusterName",
+			reason: "value length must be at least 1 bytes",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+	}
+
+	if len(errors) > 0 {
+		return GrpcService_EnvoyGrpcMultiError(errors)
+	}
+	return nil
+}
+
+// GrpcService_EnvoyGrpcMultiError is an error wrapping multiple validation
+// errors returned by GrpcService_EnvoyGrpc.ValidateAll() if the designated
+// constraints aren't met.
+type GrpcService_EnvoyGrpcMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m GrpcService_EnvoyGrpcMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m GrpcService_EnvoyGrpcMultiError) AllErrors() []error { return m }
+
+// GrpcService_EnvoyGrpcValidationError is the validation error returned by
+// GrpcService_EnvoyGrpc.Validate if the designated constraints aren't met.
+type GrpcService_EnvoyGrpcValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e GrpcService_EnvoyGrpcValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e GrpcService_EnvoyGrpcValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e GrpcService_EnvoyGrpcValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e GrpcService_EnvoyGrpcValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e GrpcService_EnvoyGrpcValidationError) ErrorName() string {
+	return "GrpcService_EnvoyGrpcValidationError"
+}
+
+// Error satisfies the builtin error interface
+func (e GrpcService_EnvoyGrpcValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sGrpcService_EnvoyGrpc.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = GrpcService_EnvoyGrpcValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = GrpcService_EnvoyGrpcValidationError{}
+
+// Validate checks the field values on GrpcService_GoogleGrpc with the rules
+// defined in the proto definition for this message. If any rules are
+// violated, the first error encountered is returned, or nil if there are no violations.
+func (m *GrpcService_GoogleGrpc) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on GrpcService_GoogleGrpc with the rules
+// defined in the proto definition for this message. If any rules are
+// violated, the result is a list of violation errors wrapped in
+// GrpcService_GoogleGrpcMultiError, or nil if none found.
+func (m *GrpcService_GoogleGrpc) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *GrpcService_GoogleGrpc) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	if len(m.GetTargetUri()) < 1 {
+		err := GrpcService_GoogleGrpcValidationError{
+			field:  "TargetUri",
+			reason: "value length must be at least 1 bytes",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+	}
+
+	if all {
+		switch v := interface{}(m.GetChannelCredentials()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, GrpcService_GoogleGrpcValidationError{
+					field:  "ChannelCredentials",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, GrpcService_GoogleGrpcValidationError{
+					field:  "ChannelCredentials",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetChannelCredentials()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return GrpcService_GoogleGrpcValidationError{
+				field:  "ChannelCredentials",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	for idx, item := range m.GetCallCredentials() {
+		_, _ = idx, item
+
+		if all {
+			switch v := interface{}(item).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, GrpcService_GoogleGrpcValidationError{
+						field:  fmt.Sprintf("CallCredentials[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, GrpcService_GoogleGrpcValidationError{
+						field:  fmt.Sprintf("CallCredentials[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(item).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return GrpcService_GoogleGrpcValidationError{
+					field:  fmt.Sprintf("CallCredentials[%v]", idx),
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	}
+
+	if len(m.GetStatPrefix()) < 1 {
+		err := GrpcService_GoogleGrpcValidationError{
+			field:  "StatPrefix",
+			reason: "value length must be at least 1 bytes",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+	}
+
+	// no validation rules for CredentialsFactoryName
+
+	if all {
+		switch v := interface{}(m.GetConfig()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, GrpcService_GoogleGrpcValidationError{
+					field:  "Config",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, GrpcService_GoogleGrpcValidationError{
+					field:  "Config",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetConfig()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return GrpcService_GoogleGrpcValidationError{
+				field:  "Config",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if len(errors) > 0 {
+		return GrpcService_GoogleGrpcMultiError(errors)
+	}
+	return nil
+}
+
+// GrpcService_GoogleGrpcMultiError is an error wrapping multiple validation
+// errors returned by GrpcService_GoogleGrpc.ValidateAll() if the designated
+// constraints aren't met.
+type GrpcService_GoogleGrpcMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m GrpcService_GoogleGrpcMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m GrpcService_GoogleGrpcMultiError) AllErrors() []error { return m }
+
+// GrpcService_GoogleGrpcValidationError is the validation error returned by
+// GrpcService_GoogleGrpc.Validate if the designated constraints aren't met.
+type GrpcService_GoogleGrpcValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e GrpcService_GoogleGrpcValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e GrpcService_GoogleGrpcValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e GrpcService_GoogleGrpcValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e GrpcService_GoogleGrpcValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e GrpcService_GoogleGrpcValidationError) ErrorName() string {
+	return "GrpcService_GoogleGrpcValidationError"
+}
+
+// Error satisfies the builtin error interface
+func (e GrpcService_GoogleGrpcValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sGrpcService_GoogleGrpc.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = GrpcService_GoogleGrpcValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = GrpcService_GoogleGrpcValidationError{}
+
+// Validate checks the field values on GrpcService_GoogleGrpc_SslCredentials
+// with the rules defined in the proto definition for this message. If any
+// rules are violated, the first error encountered is returned, or nil if
+// there are no violations.
+func (m *GrpcService_GoogleGrpc_SslCredentials) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on GrpcService_GoogleGrpc_SslCredentials
+// with the rules defined in the proto definition for this message. If any
+// rules are violated, the result is a list of violation errors wrapped in
+// GrpcService_GoogleGrpc_SslCredentialsMultiError, or nil if none found.
+func (m *GrpcService_GoogleGrpc_SslCredentials) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *GrpcService_GoogleGrpc_SslCredentials) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	if all {
+		switch v := interface{}(m.GetRootCerts()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, GrpcService_GoogleGrpc_SslCredentialsValidationError{
+					field:  "RootCerts",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, GrpcService_GoogleGrpc_SslCredentialsValidationError{
+					field:  "RootCerts",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetRootCerts()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return GrpcService_GoogleGrpc_SslCredentialsValidationError{
+				field:  "RootCerts",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if all {
+		switch v := interface{}(m.GetPrivateKey()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, GrpcService_GoogleGrpc_SslCredentialsValidationError{
+					field:  "PrivateKey",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, GrpcService_GoogleGrpc_SslCredentialsValidationError{
+					field:  "PrivateKey",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetPrivateKey()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return GrpcService_GoogleGrpc_SslCredentialsValidationError{
+				field:  "PrivateKey",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if all {
+		switch v := interface{}(m.GetCertChain()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, GrpcService_GoogleGrpc_SslCredentialsValidationError{
+					field:  "CertChain",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, GrpcService_GoogleGrpc_SslCredentialsValidationError{
+					field:  "CertChain",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetCertChain()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return GrpcService_GoogleGrpc_SslCredentialsValidationError{
+				field:  "CertChain",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if len(errors) > 0 {
+		return GrpcService_GoogleGrpc_SslCredentialsMultiError(errors)
+	}
+	return nil
+}
+
+// GrpcService_GoogleGrpc_SslCredentialsMultiError is an error wrapping
+// multiple validation errors returned by
+// GrpcService_GoogleGrpc_SslCredentials.ValidateAll() if the designated
+// constraints aren't met.
+type GrpcService_GoogleGrpc_SslCredentialsMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m GrpcService_GoogleGrpc_SslCredentialsMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m GrpcService_GoogleGrpc_SslCredentialsMultiError) AllErrors() []error { return m }
+
+// GrpcService_GoogleGrpc_SslCredentialsValidationError is the validation error
+// returned by GrpcService_GoogleGrpc_SslCredentials.Validate if the
+// designated constraints aren't met.
+type GrpcService_GoogleGrpc_SslCredentialsValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e GrpcService_GoogleGrpc_SslCredentialsValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e GrpcService_GoogleGrpc_SslCredentialsValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e GrpcService_GoogleGrpc_SslCredentialsValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e GrpcService_GoogleGrpc_SslCredentialsValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e GrpcService_GoogleGrpc_SslCredentialsValidationError) ErrorName() string {
+	return "GrpcService_GoogleGrpc_SslCredentialsValidationError"
+}
+
+// Error satisfies the builtin error interface
+func (e GrpcService_GoogleGrpc_SslCredentialsValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sGrpcService_GoogleGrpc_SslCredentials.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = GrpcService_GoogleGrpc_SslCredentialsValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = GrpcService_GoogleGrpc_SslCredentialsValidationError{}
+
+// Validate checks the field values on
+// GrpcService_GoogleGrpc_GoogleLocalCredentials with the rules defined in the
+// proto definition for this message. If any rules are violated, the first
+// error encountered is returned, or nil if there are no violations.
+func (m *GrpcService_GoogleGrpc_GoogleLocalCredentials) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on
+// GrpcService_GoogleGrpc_GoogleLocalCredentials with the rules defined in the
+// proto definition for this message. If any rules are violated, the result is
+// a list of violation errors wrapped in
+// GrpcService_GoogleGrpc_GoogleLocalCredentialsMultiError, or nil if none found.
+func (m *GrpcService_GoogleGrpc_GoogleLocalCredentials) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *GrpcService_GoogleGrpc_GoogleLocalCredentials) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	if len(errors) > 0 {
+		return GrpcService_GoogleGrpc_GoogleLocalCredentialsMultiError(errors)
+	}
+	return nil
+}
+
+// GrpcService_GoogleGrpc_GoogleLocalCredentialsMultiError is an error wrapping
+// multiple validation errors returned by
+// GrpcService_GoogleGrpc_GoogleLocalCredentials.ValidateAll() if the
+// designated constraints aren't met.
+type GrpcService_GoogleGrpc_GoogleLocalCredentialsMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m GrpcService_GoogleGrpc_GoogleLocalCredentialsMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m GrpcService_GoogleGrpc_GoogleLocalCredentialsMultiError) AllErrors() []error { return m }
+
+// GrpcService_GoogleGrpc_GoogleLocalCredentialsValidationError is the
+// validation error returned by
+// GrpcService_GoogleGrpc_GoogleLocalCredentials.Validate if the designated
+// constraints aren't met.
+type GrpcService_GoogleGrpc_GoogleLocalCredentialsValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e GrpcService_GoogleGrpc_GoogleLocalCredentialsValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e GrpcService_GoogleGrpc_GoogleLocalCredentialsValidationError) Reason() string {
+	return e.reason
+}
+
+// Cause function returns cause value.
+func (e GrpcService_GoogleGrpc_GoogleLocalCredentialsValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e GrpcService_GoogleGrpc_GoogleLocalCredentialsValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e GrpcService_GoogleGrpc_GoogleLocalCredentialsValidationError) ErrorName() string {
+	return "GrpcService_GoogleGrpc_GoogleLocalCredentialsValidationError"
+}
+
+// Error satisfies the builtin error interface
+func (e GrpcService_GoogleGrpc_GoogleLocalCredentialsValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sGrpcService_GoogleGrpc_GoogleLocalCredentials.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = GrpcService_GoogleGrpc_GoogleLocalCredentialsValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = GrpcService_GoogleGrpc_GoogleLocalCredentialsValidationError{}
+
+// Validate checks the field values on
+// GrpcService_GoogleGrpc_ChannelCredentials with the rules defined in the
+// proto definition for this message. If any rules are violated, the first
+// error encountered is returned, or nil if there are no violations.
+func (m *GrpcService_GoogleGrpc_ChannelCredentials) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on
+// GrpcService_GoogleGrpc_ChannelCredentials with the rules defined in the
+// proto definition for this message. If any rules are violated, the result is
+// a list of violation errors wrapped in
+// GrpcService_GoogleGrpc_ChannelCredentialsMultiError, or nil if none found.
+func (m *GrpcService_GoogleGrpc_ChannelCredentials) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *GrpcService_GoogleGrpc_ChannelCredentials) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	switch m.CredentialSpecifier.(type) {
+
+	case *GrpcService_GoogleGrpc_ChannelCredentials_SslCredentials:
+
+		if all {
+			switch v := interface{}(m.GetSslCredentials()).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, GrpcService_GoogleGrpc_ChannelCredentialsValidationError{
+						field:  "SslCredentials",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, GrpcService_GoogleGrpc_ChannelCredentialsValidationError{
+						field:  "SslCredentials",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(m.GetSslCredentials()).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return GrpcService_GoogleGrpc_ChannelCredentialsValidationError{
+					field:  "SslCredentials",
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	case *GrpcService_GoogleGrpc_ChannelCredentials_GoogleDefault:
+
+		if all {
+			switch v := interface{}(m.GetGoogleDefault()).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, GrpcService_GoogleGrpc_ChannelCredentialsValidationError{
+						field:  "GoogleDefault",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, GrpcService_GoogleGrpc_ChannelCredentialsValidationError{
+						field:  "GoogleDefault",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(m.GetGoogleDefault()).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return GrpcService_GoogleGrpc_ChannelCredentialsValidationError{
+					field:  "GoogleDefault",
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	case *GrpcService_GoogleGrpc_ChannelCredentials_LocalCredentials:
+
+		if all {
+			switch v := interface{}(m.GetLocalCredentials()).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, GrpcService_GoogleGrpc_ChannelCredentialsValidationError{
+						field:  "LocalCredentials",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, GrpcService_GoogleGrpc_ChannelCredentialsValidationError{
+						field:  "LocalCredentials",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(m.GetLocalCredentials()).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return GrpcService_GoogleGrpc_ChannelCredentialsValidationError{
+					field:  "LocalCredentials",
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	default:
+		err := GrpcService_GoogleGrpc_ChannelCredentialsValidationError{
+			field:  "CredentialSpecifier",
+			reason: "value is required",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+
+	}
+
+	if len(errors) > 0 {
+		return GrpcService_GoogleGrpc_ChannelCredentialsMultiError(errors)
+	}
+	return nil
+}
+
+// GrpcService_GoogleGrpc_ChannelCredentialsMultiError is an error wrapping
+// multiple validation errors returned by
+// GrpcService_GoogleGrpc_ChannelCredentials.ValidateAll() if the designated
+// constraints aren't met.
+type GrpcService_GoogleGrpc_ChannelCredentialsMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m GrpcService_GoogleGrpc_ChannelCredentialsMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m GrpcService_GoogleGrpc_ChannelCredentialsMultiError) AllErrors() []error { return m }
+
+// GrpcService_GoogleGrpc_ChannelCredentialsValidationError is the validation
+// error returned by GrpcService_GoogleGrpc_ChannelCredentials.Validate if the
+// designated constraints aren't met.
+type GrpcService_GoogleGrpc_ChannelCredentialsValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e GrpcService_GoogleGrpc_ChannelCredentialsValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e GrpcService_GoogleGrpc_ChannelCredentialsValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e GrpcService_GoogleGrpc_ChannelCredentialsValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e GrpcService_GoogleGrpc_ChannelCredentialsValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e GrpcService_GoogleGrpc_ChannelCredentialsValidationError) ErrorName() string {
+	return "GrpcService_GoogleGrpc_ChannelCredentialsValidationError"
+}
+
+// Error satisfies the builtin error interface
+func (e GrpcService_GoogleGrpc_ChannelCredentialsValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sGrpcService_GoogleGrpc_ChannelCredentials.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = GrpcService_GoogleGrpc_ChannelCredentialsValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = GrpcService_GoogleGrpc_ChannelCredentialsValidationError{}
+
+// Validate checks the field values on GrpcService_GoogleGrpc_CallCredentials
+// with the rules defined in the proto definition for this message. If any
+// rules are violated, the first error encountered is returned, or nil if
+// there are no violations.
+func (m *GrpcService_GoogleGrpc_CallCredentials) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on
+// GrpcService_GoogleGrpc_CallCredentials with the rules defined in the proto
+// definition for this message. If any rules are violated, the result is a
+// list of violation errors wrapped in
+// GrpcService_GoogleGrpc_CallCredentialsMultiError, or nil if none found.
+func (m *GrpcService_GoogleGrpc_CallCredentials) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *GrpcService_GoogleGrpc_CallCredentials) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	switch m.CredentialSpecifier.(type) {
+
+	case *GrpcService_GoogleGrpc_CallCredentials_AccessToken:
+		// no validation rules for AccessToken
+
+	case *GrpcService_GoogleGrpc_CallCredentials_GoogleComputeEngine:
+
+		if all {
+			switch v := interface{}(m.GetGoogleComputeEngine()).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, GrpcService_GoogleGrpc_CallCredentialsValidationError{
+						field:  "GoogleComputeEngine",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, GrpcService_GoogleGrpc_CallCredentialsValidationError{
+						field:  "GoogleComputeEngine",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(m.GetGoogleComputeEngine()).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return GrpcService_GoogleGrpc_CallCredentialsValidationError{
+					field:  "GoogleComputeEngine",
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	case *GrpcService_GoogleGrpc_CallCredentials_GoogleRefreshToken:
+		// no validation rules for GoogleRefreshToken
+
+	case *GrpcService_GoogleGrpc_CallCredentials_ServiceAccountJwtAccess:
+
+		if all {
+			switch v := interface{}(m.GetServiceAccountJwtAccess()).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, GrpcService_GoogleGrpc_CallCredentialsValidationError{
+						field:  "ServiceAccountJwtAccess",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, GrpcService_GoogleGrpc_CallCredentialsValidationError{
+						field:  "ServiceAccountJwtAccess",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(m.GetServiceAccountJwtAccess()).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return GrpcService_GoogleGrpc_CallCredentialsValidationError{
+					field:  "ServiceAccountJwtAccess",
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	case *GrpcService_GoogleGrpc_CallCredentials_GoogleIam:
+
+		if all {
+			switch v := interface{}(m.GetGoogleIam()).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, GrpcService_GoogleGrpc_CallCredentialsValidationError{
+						field:  "GoogleIam",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, GrpcService_GoogleGrpc_CallCredentialsValidationError{
+						field:  "GoogleIam",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(m.GetGoogleIam()).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return GrpcService_GoogleGrpc_CallCredentialsValidationError{
+					field:  "GoogleIam",
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	case *GrpcService_GoogleGrpc_CallCredentials_FromPlugin:
+
+		if all {
+			switch v := interface{}(m.GetFromPlugin()).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, GrpcService_GoogleGrpc_CallCredentialsValidationError{
+						field:  "FromPlugin",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, GrpcService_GoogleGrpc_CallCredentialsValidationError{
+						field:  "FromPlugin",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(m.GetFromPlugin()).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return GrpcService_GoogleGrpc_CallCredentialsValidationError{
+					field:  "FromPlugin",
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	case *GrpcService_GoogleGrpc_CallCredentials_StsService_:
+
+		if all {
+			switch v := interface{}(m.GetStsService()).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, GrpcService_GoogleGrpc_CallCredentialsValidationError{
+						field:  "StsService",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, GrpcService_GoogleGrpc_CallCredentialsValidationError{
+						field:  "StsService",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(m.GetStsService()).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return GrpcService_GoogleGrpc_CallCredentialsValidationError{
+					field:  "StsService",
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	default:
+		err := GrpcService_GoogleGrpc_CallCredentialsValidationError{
+			field:  "CredentialSpecifier",
+			reason: "value is required",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+
+	}
+
+	if len(errors) > 0 {
+		return GrpcService_GoogleGrpc_CallCredentialsMultiError(errors)
+	}
+	return nil
+}
+
+// GrpcService_GoogleGrpc_CallCredentialsMultiError is an error wrapping
+// multiple validation errors returned by
+// GrpcService_GoogleGrpc_CallCredentials.ValidateAll() if the designated
+// constraints aren't met.
+type GrpcService_GoogleGrpc_CallCredentialsMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m GrpcService_GoogleGrpc_CallCredentialsMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m GrpcService_GoogleGrpc_CallCredentialsMultiError) AllErrors() []error { return m }
+
+// GrpcService_GoogleGrpc_CallCredentialsValidationError is the validation
+// error returned by GrpcService_GoogleGrpc_CallCredentials.Validate if the
+// designated constraints aren't met.
+type GrpcService_GoogleGrpc_CallCredentialsValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e GrpcService_GoogleGrpc_CallCredentialsValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e GrpcService_GoogleGrpc_CallCredentialsValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e GrpcService_GoogleGrpc_CallCredentialsValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e GrpcService_GoogleGrpc_CallCredentialsValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e GrpcService_GoogleGrpc_CallCredentialsValidationError) ErrorName() string {
+	return "GrpcService_GoogleGrpc_CallCredentialsValidationError"
+}
+
+// Error satisfies the builtin error interface
+func (e GrpcService_GoogleGrpc_CallCredentialsValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sGrpcService_GoogleGrpc_CallCredentials.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = GrpcService_GoogleGrpc_CallCredentialsValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = GrpcService_GoogleGrpc_CallCredentialsValidationError{}
+
+// Validate checks the field values on
+// GrpcService_GoogleGrpc_CallCredentials_ServiceAccountJWTAccessCredentials
+// with the rules defined in the proto definition for this message. If any
+// rules are violated, the first error encountered is returned, or nil if
+// there are no violations.
+func (m *GrpcService_GoogleGrpc_CallCredentials_ServiceAccountJWTAccessCredentials) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on
+// GrpcService_GoogleGrpc_CallCredentials_ServiceAccountJWTAccessCredentials
+// with the rules defined in the proto definition for this message. If any
+// rules are violated, the result is a list of violation errors wrapped in
+// GrpcService_GoogleGrpc_CallCredentials_ServiceAccountJWTAccessCredentialsMultiError,
+// or nil if none found.
+func (m *GrpcService_GoogleGrpc_CallCredentials_ServiceAccountJWTAccessCredentials) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *GrpcService_GoogleGrpc_CallCredentials_ServiceAccountJWTAccessCredentials) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	// no validation rules for JsonKey
+
+	// no validation rules for TokenLifetimeSeconds
+
+	if len(errors) > 0 {
+		return GrpcService_GoogleGrpc_CallCredentials_ServiceAccountJWTAccessCredentialsMultiError(errors)
+	}
+	return nil
+}
+
+// GrpcService_GoogleGrpc_CallCredentials_ServiceAccountJWTAccessCredentialsMultiError
+// is an error wrapping multiple validation errors returned by
+// GrpcService_GoogleGrpc_CallCredentials_ServiceAccountJWTAccessCredentials.ValidateAll()
+// if the designated constraints aren't met.
+type GrpcService_GoogleGrpc_CallCredentials_ServiceAccountJWTAccessCredentialsMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m GrpcService_GoogleGrpc_CallCredentials_ServiceAccountJWTAccessCredentialsMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m GrpcService_GoogleGrpc_CallCredentials_ServiceAccountJWTAccessCredentialsMultiError) AllErrors() []error {
+	return m
+}
+
+// GrpcService_GoogleGrpc_CallCredentials_ServiceAccountJWTAccessCredentialsValidationError
+// is the validation error returned by
+// GrpcService_GoogleGrpc_CallCredentials_ServiceAccountJWTAccessCredentials.Validate
+// if the designated constraints aren't met.
+type GrpcService_GoogleGrpc_CallCredentials_ServiceAccountJWTAccessCredentialsValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e GrpcService_GoogleGrpc_CallCredentials_ServiceAccountJWTAccessCredentialsValidationError) Field() string {
+	return e.field
+}
+
+// Reason function returns reason value.
+func (e GrpcService_GoogleGrpc_CallCredentials_ServiceAccountJWTAccessCredentialsValidationError) Reason() string {
+	return e.reason
+}
+
+// Cause function returns cause value.
+func (e GrpcService_GoogleGrpc_CallCredentials_ServiceAccountJWTAccessCredentialsValidationError) Cause() error {
+	return e.cause
+}
+
+// Key function returns key value.
+func (e GrpcService_GoogleGrpc_CallCredentials_ServiceAccountJWTAccessCredentialsValidationError) Key() bool {
+	return e.key
+}
+
+// ErrorName returns error name.
+func (e GrpcService_GoogleGrpc_CallCredentials_ServiceAccountJWTAccessCredentialsValidationError) ErrorName() string {
+	return "GrpcService_GoogleGrpc_CallCredentials_ServiceAccountJWTAccessCredentialsValidationError"
+}
+
+// Error satisfies the builtin error interface
+func (e GrpcService_GoogleGrpc_CallCredentials_ServiceAccountJWTAccessCredentialsValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sGrpcService_GoogleGrpc_CallCredentials_ServiceAccountJWTAccessCredentials.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = GrpcService_GoogleGrpc_CallCredentials_ServiceAccountJWTAccessCredentialsValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = GrpcService_GoogleGrpc_CallCredentials_ServiceAccountJWTAccessCredentialsValidationError{}
+
+// Validate checks the field values on
+// GrpcService_GoogleGrpc_CallCredentials_GoogleIAMCredentials with the rules
+// defined in the proto definition for this message. If any rules are
+// violated, the first error encountered is returned, or nil if there are no violations.
+func (m *GrpcService_GoogleGrpc_CallCredentials_GoogleIAMCredentials) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on
+// GrpcService_GoogleGrpc_CallCredentials_GoogleIAMCredentials with the rules
+// defined in the proto definition for this message. If any rules are
+// violated, the result is a list of violation errors wrapped in
+// GrpcService_GoogleGrpc_CallCredentials_GoogleIAMCredentialsMultiError, or
+// nil if none found.
+func (m *GrpcService_GoogleGrpc_CallCredentials_GoogleIAMCredentials) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *GrpcService_GoogleGrpc_CallCredentials_GoogleIAMCredentials) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	// no validation rules for AuthorizationToken
+
+	// no validation rules for AuthoritySelector
+
+	if len(errors) > 0 {
+		return GrpcService_GoogleGrpc_CallCredentials_GoogleIAMCredentialsMultiError(errors)
+	}
+	return nil
+}
+
+// GrpcService_GoogleGrpc_CallCredentials_GoogleIAMCredentialsMultiError is an
+// error wrapping multiple validation errors returned by
+// GrpcService_GoogleGrpc_CallCredentials_GoogleIAMCredentials.ValidateAll()
+// if the designated constraints aren't met.
+type GrpcService_GoogleGrpc_CallCredentials_GoogleIAMCredentialsMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m GrpcService_GoogleGrpc_CallCredentials_GoogleIAMCredentialsMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m GrpcService_GoogleGrpc_CallCredentials_GoogleIAMCredentialsMultiError) AllErrors() []error {
+	return m
+}
+
+// GrpcService_GoogleGrpc_CallCredentials_GoogleIAMCredentialsValidationError
+// is the validation error returned by
+// GrpcService_GoogleGrpc_CallCredentials_GoogleIAMCredentials.Validate if the
+// designated constraints aren't met.
+type GrpcService_GoogleGrpc_CallCredentials_GoogleIAMCredentialsValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e GrpcService_GoogleGrpc_CallCredentials_GoogleIAMCredentialsValidationError) Field() string {
+	return e.field
+}
+
+// Reason function returns reason value.
+func (e GrpcService_GoogleGrpc_CallCredentials_GoogleIAMCredentialsValidationError) Reason() string {
+	return e.reason
+}
+
+// Cause function returns cause value.
+func (e GrpcService_GoogleGrpc_CallCredentials_GoogleIAMCredentialsValidationError) Cause() error {
+	return e.cause
+}
+
+// Key function returns key value.
+func (e GrpcService_GoogleGrpc_CallCredentials_GoogleIAMCredentialsValidationError) Key() bool {
+	return e.key
+}
+
+// ErrorName returns error name.
+func (e GrpcService_GoogleGrpc_CallCredentials_GoogleIAMCredentialsValidationError) ErrorName() string {
+	return "GrpcService_GoogleGrpc_CallCredentials_GoogleIAMCredentialsValidationError"
+}
+
+// Error satisfies the builtin error interface
+func (e GrpcService_GoogleGrpc_CallCredentials_GoogleIAMCredentialsValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sGrpcService_GoogleGrpc_CallCredentials_GoogleIAMCredentials.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = GrpcService_GoogleGrpc_CallCredentials_GoogleIAMCredentialsValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = GrpcService_GoogleGrpc_CallCredentials_GoogleIAMCredentialsValidationError{}
+
+// Validate checks the field values on
+// GrpcService_GoogleGrpc_CallCredentials_MetadataCredentialsFromPlugin with
+// the rules defined in the proto definition for this message. If any rules
+// are violated, the first error encountered is returned, or nil if there are
+// no violations.
+func (m *GrpcService_GoogleGrpc_CallCredentials_MetadataCredentialsFromPlugin) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on
+// GrpcService_GoogleGrpc_CallCredentials_MetadataCredentialsFromPlugin with
+// the rules defined in the proto definition for this message. If any rules
+// are violated, the result is a list of violation errors wrapped in
+// GrpcService_GoogleGrpc_CallCredentials_MetadataCredentialsFromPluginMultiError,
+// or nil if none found.
+func (m *GrpcService_GoogleGrpc_CallCredentials_MetadataCredentialsFromPlugin) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *GrpcService_GoogleGrpc_CallCredentials_MetadataCredentialsFromPlugin) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	// no validation rules for Name
+
+	switch m.ConfigType.(type) {
+
+	case *GrpcService_GoogleGrpc_CallCredentials_MetadataCredentialsFromPlugin_Config:
+
+		if all {
+			switch v := interface{}(m.GetConfig()).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, GrpcService_GoogleGrpc_CallCredentials_MetadataCredentialsFromPluginValidationError{
+						field:  "Config",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, GrpcService_GoogleGrpc_CallCredentials_MetadataCredentialsFromPluginValidationError{
+						field:  "Config",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(m.GetConfig()).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return GrpcService_GoogleGrpc_CallCredentials_MetadataCredentialsFromPluginValidationError{
+					field:  "Config",
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	case *GrpcService_GoogleGrpc_CallCredentials_MetadataCredentialsFromPlugin_TypedConfig:
+
+		if all {
+			switch v := interface{}(m.GetTypedConfig()).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, GrpcService_GoogleGrpc_CallCredentials_MetadataCredentialsFromPluginValidationError{
+						field:  "TypedConfig",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, GrpcService_GoogleGrpc_CallCredentials_MetadataCredentialsFromPluginValidationError{
+						field:  "TypedConfig",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(m.GetTypedConfig()).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return GrpcService_GoogleGrpc_CallCredentials_MetadataCredentialsFromPluginValidationError{
+					field:  "TypedConfig",
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	}
+
+	if len(errors) > 0 {
+		return GrpcService_GoogleGrpc_CallCredentials_MetadataCredentialsFromPluginMultiError(errors)
+	}
+	return nil
+}
+
+// GrpcService_GoogleGrpc_CallCredentials_MetadataCredentialsFromPluginMultiError
+// is an error wrapping multiple validation errors returned by
+// GrpcService_GoogleGrpc_CallCredentials_MetadataCredentialsFromPlugin.ValidateAll()
+// if the designated constraints aren't met.
+type GrpcService_GoogleGrpc_CallCredentials_MetadataCredentialsFromPluginMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m GrpcService_GoogleGrpc_CallCredentials_MetadataCredentialsFromPluginMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m GrpcService_GoogleGrpc_CallCredentials_MetadataCredentialsFromPluginMultiError) AllErrors() []error {
+	return m
+}
+
+// GrpcService_GoogleGrpc_CallCredentials_MetadataCredentialsFromPluginValidationError
+// is the validation error returned by
+// GrpcService_GoogleGrpc_CallCredentials_MetadataCredentialsFromPlugin.Validate
+// if the designated constraints aren't met.
+type GrpcService_GoogleGrpc_CallCredentials_MetadataCredentialsFromPluginValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e GrpcService_GoogleGrpc_CallCredentials_MetadataCredentialsFromPluginValidationError) Field() string {
+	return e.field
+}
+
+// Reason function returns reason value.
+func (e GrpcService_GoogleGrpc_CallCredentials_MetadataCredentialsFromPluginValidationError) Reason() string {
+	return e.reason
+}
+
+// Cause function returns cause value.
+func (e GrpcService_GoogleGrpc_CallCredentials_MetadataCredentialsFromPluginValidationError) Cause() error {
+	return e.cause
+}
+
+// Key function returns key value.
+func (e GrpcService_GoogleGrpc_CallCredentials_MetadataCredentialsFromPluginValidationError) Key() bool {
+	return e.key
+}
+
+// ErrorName returns error name.
+func (e GrpcService_GoogleGrpc_CallCredentials_MetadataCredentialsFromPluginValidationError) ErrorName() string {
+	return "GrpcService_GoogleGrpc_CallCredentials_MetadataCredentialsFromPluginValidationError"
+}
+
+// Error satisfies the builtin error interface
+func (e GrpcService_GoogleGrpc_CallCredentials_MetadataCredentialsFromPluginValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sGrpcService_GoogleGrpc_CallCredentials_MetadataCredentialsFromPlugin.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = GrpcService_GoogleGrpc_CallCredentials_MetadataCredentialsFromPluginValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = GrpcService_GoogleGrpc_CallCredentials_MetadataCredentialsFromPluginValidationError{}
+
+// Validate checks the field values on
+// GrpcService_GoogleGrpc_CallCredentials_StsService with the rules defined in
+// the proto definition for this message. If any rules are violated, the first
+// error encountered is returned, or nil if there are no violations.
+func (m *GrpcService_GoogleGrpc_CallCredentials_StsService) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on
+// GrpcService_GoogleGrpc_CallCredentials_StsService with the rules defined in
+// the proto definition for this message. If any rules are violated, the
+// result is a list of violation errors wrapped in
+// GrpcService_GoogleGrpc_CallCredentials_StsServiceMultiError, or nil if none found.
+func (m *GrpcService_GoogleGrpc_CallCredentials_StsService) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *GrpcService_GoogleGrpc_CallCredentials_StsService) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	// no validation rules for TokenExchangeServiceUri
+
+	// no validation rules for Resource
+
+	// no validation rules for Audience
+
+	// no validation rules for Scope
+
+	// no validation rules for RequestedTokenType
+
+	if len(m.GetSubjectTokenPath()) < 1 {
+		err := GrpcService_GoogleGrpc_CallCredentials_StsServiceValidationError{
+			field:  "SubjectTokenPath",
+			reason: "value length must be at least 1 bytes",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+	}
+
+	if len(m.GetSubjectTokenType()) < 1 {
+		err := GrpcService_GoogleGrpc_CallCredentials_StsServiceValidationError{
+			field:  "SubjectTokenType",
+			reason: "value length must be at least 1 bytes",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+	}
+
+	// no validation rules for ActorTokenPath
+
+	// no validation rules for ActorTokenType
+
+	if len(errors) > 0 {
+		return GrpcService_GoogleGrpc_CallCredentials_StsServiceMultiError(errors)
+	}
+	return nil
+}
+
+// GrpcService_GoogleGrpc_CallCredentials_StsServiceMultiError is an error
+// wrapping multiple validation errors returned by
+// GrpcService_GoogleGrpc_CallCredentials_StsService.ValidateAll() if the
+// designated constraints aren't met.
+type GrpcService_GoogleGrpc_CallCredentials_StsServiceMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m GrpcService_GoogleGrpc_CallCredentials_StsServiceMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m GrpcService_GoogleGrpc_CallCredentials_StsServiceMultiError) AllErrors() []error { return m }
+
+// GrpcService_GoogleGrpc_CallCredentials_StsServiceValidationError is the
+// validation error returned by
+// GrpcService_GoogleGrpc_CallCredentials_StsService.Validate if the
+// designated constraints aren't met.
+type GrpcService_GoogleGrpc_CallCredentials_StsServiceValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e GrpcService_GoogleGrpc_CallCredentials_StsServiceValidationError) Field() string {
+	return e.field
+}
+
+// Reason function returns reason value.
+func (e GrpcService_GoogleGrpc_CallCredentials_StsServiceValidationError) Reason() string {
+	return e.reason
+}
+
+// Cause function returns cause value.
+func (e GrpcService_GoogleGrpc_CallCredentials_StsServiceValidationError) Cause() error {
+	return e.cause
+}
+
+// Key function returns key value.
+func (e GrpcService_GoogleGrpc_CallCredentials_StsServiceValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e GrpcService_GoogleGrpc_CallCredentials_StsServiceValidationError) ErrorName() string {
+	return "GrpcService_GoogleGrpc_CallCredentials_StsServiceValidationError"
+}
+
+// Error satisfies the builtin error interface
+func (e GrpcService_GoogleGrpc_CallCredentials_StsServiceValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sGrpcService_GoogleGrpc_CallCredentials_StsService.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = GrpcService_GoogleGrpc_CallCredentials_StsServiceValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = GrpcService_GoogleGrpc_CallCredentials_StsServiceValidationError{}
diff --git a/vendor/github.com/envoyproxy/go-control-plane/envoy/api/v2/core/health_check.pb.go b/vendor/github.com/envoyproxy/go-control-plane/envoy/api/v2/core/health_check.pb.go
new file mode 100644
index 00000000000..68fec2a0f2f
--- /dev/null
+++ b/vendor/github.com/envoyproxy/go-control-plane/envoy/api/v2/core/health_check.pb.go
@@ -0,0 +1,1428 @@
+// Code generated by protoc-gen-go. DO NOT EDIT.
+// versions:
+// 	protoc-gen-go v1.25.0
+// 	protoc        v3.19.1
+// source: envoy/api/v2/core/health_check.proto
+
+package envoy_api_v2_core
+
+import (
+	_ "github.com/cncf/xds/go/udpa/annotations"
+	_ "github.com/envoyproxy/go-control-plane/envoy/annotations"
+	_type "github.com/envoyproxy/go-control-plane/envoy/type"
+	matcher "github.com/envoyproxy/go-control-plane/envoy/type/matcher"
+	_ "github.com/envoyproxy/protoc-gen-validate/validate"
+	proto "github.com/golang/protobuf/proto"
+	any "github.com/golang/protobuf/ptypes/any"
+	duration "github.com/golang/protobuf/ptypes/duration"
+	_struct "github.com/golang/protobuf/ptypes/struct"
+	wrappers "github.com/golang/protobuf/ptypes/wrappers"
+	protoreflect "google.golang.org/protobuf/reflect/protoreflect"
+	protoimpl "google.golang.org/protobuf/runtime/protoimpl"
+	reflect "reflect"
+	sync "sync"
+)
+
+const (
+	// Verify that this generated code is sufficiently up-to-date.
+	_ = protoimpl.EnforceVersion(20 - protoimpl.MinVersion)
+	// Verify that runtime/protoimpl is sufficiently up-to-date.
+	_ = protoimpl.EnforceVersion(protoimpl.MaxVersion - 20)
+)
+
+// This is a compile-time assertion that a sufficiently up-to-date version
+// of the legacy proto package is being used.
+const _ = proto.ProtoPackageIsVersion4
+
+// Endpoint health status.
+type HealthStatus int32
+
+const (
+	// The health status is not known. This is interpreted by Envoy as *HEALTHY*.
+	HealthStatus_UNKNOWN HealthStatus = 0
+	// Healthy.
+	HealthStatus_HEALTHY HealthStatus = 1
+	// Unhealthy.
+	HealthStatus_UNHEALTHY HealthStatus = 2
+	// Connection draining in progress. E.g.,
+	// `<https://aws.amazon.com/blogs/aws/elb-connection-draining-remove-instances-from-service-with-care/>`_
+	// or
+	// `<https://cloud.google.com/compute/docs/load-balancing/enabling-connection-draining>`_.
+	// This is interpreted by Envoy as *UNHEALTHY*.
+	HealthStatus_DRAINING HealthStatus = 3
+	// Health check timed out. This is part of HDS and is interpreted by Envoy as
+	// *UNHEALTHY*.
+	HealthStatus_TIMEOUT HealthStatus = 4
+	// Degraded.
+	HealthStatus_DEGRADED HealthStatus = 5
+)
+
+// Enum value maps for HealthStatus.
+var (
+	HealthStatus_name = map[int32]string{
+		0: "UNKNOWN",
+		1: "HEALTHY",
+		2: "UNHEALTHY",
+		3: "DRAINING",
+		4: "TIMEOUT",
+		5: "DEGRADED",
+	}
+	HealthStatus_value = map[string]int32{
+		"UNKNOWN":   0,
+		"HEALTHY":   1,
+		"UNHEALTHY": 2,
+		"DRAINING":  3,
+		"TIMEOUT":   4,
+		"DEGRADED":  5,
+	}
+)
+
+func (x HealthStatus) Enum() *HealthStatus {
+	p := new(HealthStatus)
+	*p = x
+	return p
+}
+
+func (x HealthStatus) String() string {
+	return protoimpl.X.EnumStringOf(x.Descriptor(), protoreflect.EnumNumber(x))
+}
+
+func (HealthStatus) Descriptor() protoreflect.EnumDescriptor {
+	return file_envoy_api_v2_core_health_check_proto_enumTypes[0].Descriptor()
+}
+
+func (HealthStatus) Type() protoreflect.EnumType {
+	return &file_envoy_api_v2_core_health_check_proto_enumTypes[0]
+}
+
+func (x HealthStatus) Number() protoreflect.EnumNumber {
+	return protoreflect.EnumNumber(x)
+}
+
+// Deprecated: Use HealthStatus.Descriptor instead.
+func (HealthStatus) EnumDescriptor() ([]byte, []int) {
+	return file_envoy_api_v2_core_health_check_proto_rawDescGZIP(), []int{0}
+}
+
+// [#next-free-field: 23]
+type HealthCheck struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// The time to wait for a health check response. If the timeout is reached the
+	// health check attempt will be considered a failure.
+	Timeout *duration.Duration `protobuf:"bytes,1,opt,name=timeout,proto3" json:"timeout,omitempty"`
+	// The interval between health checks.
+	Interval *duration.Duration `protobuf:"bytes,2,opt,name=interval,proto3" json:"interval,omitempty"`
+	// An optional jitter amount in milliseconds. If specified, Envoy will start health
+	// checking after for a random time in ms between 0 and initial_jitter. This only
+	// applies to the first health check.
+	InitialJitter *duration.Duration `protobuf:"bytes,20,opt,name=initial_jitter,json=initialJitter,proto3" json:"initial_jitter,omitempty"`
+	// An optional jitter amount in milliseconds. If specified, during every
+	// interval Envoy will add interval_jitter to the wait time.
+	IntervalJitter *duration.Duration `protobuf:"bytes,3,opt,name=interval_jitter,json=intervalJitter,proto3" json:"interval_jitter,omitempty"`
+	// An optional jitter amount as a percentage of interval_ms. If specified,
+	// during every interval Envoy will add interval_ms *
+	// interval_jitter_percent / 100 to the wait time.
+	//
+	// If interval_jitter_ms and interval_jitter_percent are both set, both of
+	// them will be used to increase the wait time.
+	IntervalJitterPercent uint32 `protobuf:"varint,18,opt,name=interval_jitter_percent,json=intervalJitterPercent,proto3" json:"interval_jitter_percent,omitempty"`
+	// The number of unhealthy health checks required before a host is marked
+	// unhealthy. Note that for *http* health checking if a host responds with 503
+	// this threshold is ignored and the host is considered unhealthy immediately.
+	UnhealthyThreshold *wrappers.UInt32Value `protobuf:"bytes,4,opt,name=unhealthy_threshold,json=unhealthyThreshold,proto3" json:"unhealthy_threshold,omitempty"`
+	// The number of healthy health checks required before a host is marked
+	// healthy. Note that during startup, only a single successful health check is
+	// required to mark a host healthy.
+	HealthyThreshold *wrappers.UInt32Value `protobuf:"bytes,5,opt,name=healthy_threshold,json=healthyThreshold,proto3" json:"healthy_threshold,omitempty"`
+	// [#not-implemented-hide:] Non-serving port for health checking.
+	AltPort *wrappers.UInt32Value `protobuf:"bytes,6,opt,name=alt_port,json=altPort,proto3" json:"alt_port,omitempty"`
+	// Reuse health check connection between health checks. Default is true.
+	ReuseConnection *wrappers.BoolValue `protobuf:"bytes,7,opt,name=reuse_connection,json=reuseConnection,proto3" json:"reuse_connection,omitempty"`
+	// Types that are assignable to HealthChecker:
+	//	*HealthCheck_HttpHealthCheck_
+	//	*HealthCheck_TcpHealthCheck_
+	//	*HealthCheck_GrpcHealthCheck_
+	//	*HealthCheck_CustomHealthCheck_
+	HealthChecker isHealthCheck_HealthChecker `protobuf_oneof:"health_checker"`
+	// The "no traffic interval" is a special health check interval that is used when a cluster has
+	// never had traffic routed to it. This lower interval allows cluster information to be kept up to
+	// date, without sending a potentially large amount of active health checking traffic for no
+	// reason. Once a cluster has been used for traffic routing, Envoy will shift back to using the
+	// standard health check interval that is defined. Note that this interval takes precedence over
+	// any other.
+	//
+	// The default value for "no traffic interval" is 60 seconds.
+	NoTrafficInterval *duration.Duration `protobuf:"bytes,12,opt,name=no_traffic_interval,json=noTrafficInterval,proto3" json:"no_traffic_interval,omitempty"`
+	// The "unhealthy interval" is a health check interval that is used for hosts that are marked as
+	// unhealthy. As soon as the host is marked as healthy, Envoy will shift back to using the
+	// standard health check interval that is defined.
+	//
+	// The default value for "unhealthy interval" is the same as "interval".
+	UnhealthyInterval *duration.Duration `protobuf:"bytes,14,opt,name=unhealthy_interval,json=unhealthyInterval,proto3" json:"unhealthy_interval,omitempty"`
+	// The "unhealthy edge interval" is a special health check interval that is used for the first
+	// health check right after a host is marked as unhealthy. For subsequent health checks
+	// Envoy will shift back to using either "unhealthy interval" if present or the standard health
+	// check interval that is defined.
+	//
+	// The default value for "unhealthy edge interval" is the same as "unhealthy interval".
+	UnhealthyEdgeInterval *duration.Duration `protobuf:"bytes,15,opt,name=unhealthy_edge_interval,json=unhealthyEdgeInterval,proto3" json:"unhealthy_edge_interval,omitempty"`
+	// The "healthy edge interval" is a special health check interval that is used for the first
+	// health check right after a host is marked as healthy. For subsequent health checks
+	// Envoy will shift back to using the standard health check interval that is defined.
+	//
+	// The default value for "healthy edge interval" is the same as the default interval.
+	HealthyEdgeInterval *duration.Duration `protobuf:"bytes,16,opt,name=healthy_edge_interval,json=healthyEdgeInterval,proto3" json:"healthy_edge_interval,omitempty"`
+	// Specifies the path to the :ref:`health check event log <arch_overview_health_check_logging>`.
+	// If empty, no event log will be written.
+	EventLogPath string `protobuf:"bytes,17,opt,name=event_log_path,json=eventLogPath,proto3" json:"event_log_path,omitempty"`
+	// [#not-implemented-hide:]
+	// The gRPC service for the health check event service.
+	// If empty, health check events won't be sent to a remote endpoint.
+	EventService *EventServiceConfig `protobuf:"bytes,22,opt,name=event_service,json=eventService,proto3" json:"event_service,omitempty"`
+	// If set to true, health check failure events will always be logged. If set to false, only the
+	// initial health check failure event will be logged.
+	// The default value is false.
+	AlwaysLogHealthCheckFailures bool `protobuf:"varint,19,opt,name=always_log_health_check_failures,json=alwaysLogHealthCheckFailures,proto3" json:"always_log_health_check_failures,omitempty"`
+	// This allows overriding the cluster TLS settings, just for health check connections.
+	TlsOptions *HealthCheck_TlsOptions `protobuf:"bytes,21,opt,name=tls_options,json=tlsOptions,proto3" json:"tls_options,omitempty"`
+}
+
+func (x *HealthCheck) Reset() {
+	*x = HealthCheck{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_api_v2_core_health_check_proto_msgTypes[0]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *HealthCheck) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*HealthCheck) ProtoMessage() {}
+
+func (x *HealthCheck) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_api_v2_core_health_check_proto_msgTypes[0]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use HealthCheck.ProtoReflect.Descriptor instead.
+func (*HealthCheck) Descriptor() ([]byte, []int) {
+	return file_envoy_api_v2_core_health_check_proto_rawDescGZIP(), []int{0}
+}
+
+func (x *HealthCheck) GetTimeout() *duration.Duration {
+	if x != nil {
+		return x.Timeout
+	}
+	return nil
+}
+
+func (x *HealthCheck) GetInterval() *duration.Duration {
+	if x != nil {
+		return x.Interval
+	}
+	return nil
+}
+
+func (x *HealthCheck) GetInitialJitter() *duration.Duration {
+	if x != nil {
+		return x.InitialJitter
+	}
+	return nil
+}
+
+func (x *HealthCheck) GetIntervalJitter() *duration.Duration {
+	if x != nil {
+		return x.IntervalJitter
+	}
+	return nil
+}
+
+func (x *HealthCheck) GetIntervalJitterPercent() uint32 {
+	if x != nil {
+		return x.IntervalJitterPercent
+	}
+	return 0
+}
+
+func (x *HealthCheck) GetUnhealthyThreshold() *wrappers.UInt32Value {
+	if x != nil {
+		return x.UnhealthyThreshold
+	}
+	return nil
+}
+
+func (x *HealthCheck) GetHealthyThreshold() *wrappers.UInt32Value {
+	if x != nil {
+		return x.HealthyThreshold
+	}
+	return nil
+}
+
+func (x *HealthCheck) GetAltPort() *wrappers.UInt32Value {
+	if x != nil {
+		return x.AltPort
+	}
+	return nil
+}
+
+func (x *HealthCheck) GetReuseConnection() *wrappers.BoolValue {
+	if x != nil {
+		return x.ReuseConnection
+	}
+	return nil
+}
+
+func (m *HealthCheck) GetHealthChecker() isHealthCheck_HealthChecker {
+	if m != nil {
+		return m.HealthChecker
+	}
+	return nil
+}
+
+func (x *HealthCheck) GetHttpHealthCheck() *HealthCheck_HttpHealthCheck {
+	if x, ok := x.GetHealthChecker().(*HealthCheck_HttpHealthCheck_); ok {
+		return x.HttpHealthCheck
+	}
+	return nil
+}
+
+func (x *HealthCheck) GetTcpHealthCheck() *HealthCheck_TcpHealthCheck {
+	if x, ok := x.GetHealthChecker().(*HealthCheck_TcpHealthCheck_); ok {
+		return x.TcpHealthCheck
+	}
+	return nil
+}
+
+func (x *HealthCheck) GetGrpcHealthCheck() *HealthCheck_GrpcHealthCheck {
+	if x, ok := x.GetHealthChecker().(*HealthCheck_GrpcHealthCheck_); ok {
+		return x.GrpcHealthCheck
+	}
+	return nil
+}
+
+func (x *HealthCheck) GetCustomHealthCheck() *HealthCheck_CustomHealthCheck {
+	if x, ok := x.GetHealthChecker().(*HealthCheck_CustomHealthCheck_); ok {
+		return x.CustomHealthCheck
+	}
+	return nil
+}
+
+func (x *HealthCheck) GetNoTrafficInterval() *duration.Duration {
+	if x != nil {
+		return x.NoTrafficInterval
+	}
+	return nil
+}
+
+func (x *HealthCheck) GetUnhealthyInterval() *duration.Duration {
+	if x != nil {
+		return x.UnhealthyInterval
+	}
+	return nil
+}
+
+func (x *HealthCheck) GetUnhealthyEdgeInterval() *duration.Duration {
+	if x != nil {
+		return x.UnhealthyEdgeInterval
+	}
+	return nil
+}
+
+func (x *HealthCheck) GetHealthyEdgeInterval() *duration.Duration {
+	if x != nil {
+		return x.HealthyEdgeInterval
+	}
+	return nil
+}
+
+func (x *HealthCheck) GetEventLogPath() string {
+	if x != nil {
+		return x.EventLogPath
+	}
+	return ""
+}
+
+func (x *HealthCheck) GetEventService() *EventServiceConfig {
+	if x != nil {
+		return x.EventService
+	}
+	return nil
+}
+
+func (x *HealthCheck) GetAlwaysLogHealthCheckFailures() bool {
+	if x != nil {
+		return x.AlwaysLogHealthCheckFailures
+	}
+	return false
+}
+
+func (x *HealthCheck) GetTlsOptions() *HealthCheck_TlsOptions {
+	if x != nil {
+		return x.TlsOptions
+	}
+	return nil
+}
+
+type isHealthCheck_HealthChecker interface {
+	isHealthCheck_HealthChecker()
+}
+
+type HealthCheck_HttpHealthCheck_ struct {
+	// HTTP health check.
+	HttpHealthCheck *HealthCheck_HttpHealthCheck `protobuf:"bytes,8,opt,name=http_health_check,json=httpHealthCheck,proto3,oneof"`
+}
+
+type HealthCheck_TcpHealthCheck_ struct {
+	// TCP health check.
+	TcpHealthCheck *HealthCheck_TcpHealthCheck `protobuf:"bytes,9,opt,name=tcp_health_check,json=tcpHealthCheck,proto3,oneof"`
+}
+
+type HealthCheck_GrpcHealthCheck_ struct {
+	// gRPC health check.
+	GrpcHealthCheck *HealthCheck_GrpcHealthCheck `protobuf:"bytes,11,opt,name=grpc_health_check,json=grpcHealthCheck,proto3,oneof"`
+}
+
+type HealthCheck_CustomHealthCheck_ struct {
+	// Custom health check.
+	CustomHealthCheck *HealthCheck_CustomHealthCheck `protobuf:"bytes,13,opt,name=custom_health_check,json=customHealthCheck,proto3,oneof"`
+}
+
+func (*HealthCheck_HttpHealthCheck_) isHealthCheck_HealthChecker() {}
+
+func (*HealthCheck_TcpHealthCheck_) isHealthCheck_HealthChecker() {}
+
+func (*HealthCheck_GrpcHealthCheck_) isHealthCheck_HealthChecker() {}
+
+func (*HealthCheck_CustomHealthCheck_) isHealthCheck_HealthChecker() {}
+
+// Describes the encoding of the payload bytes in the payload.
+type HealthCheck_Payload struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// Types that are assignable to Payload:
+	//	*HealthCheck_Payload_Text
+	//	*HealthCheck_Payload_Binary
+	Payload isHealthCheck_Payload_Payload `protobuf_oneof:"payload"`
+}
+
+func (x *HealthCheck_Payload) Reset() {
+	*x = HealthCheck_Payload{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_api_v2_core_health_check_proto_msgTypes[1]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *HealthCheck_Payload) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*HealthCheck_Payload) ProtoMessage() {}
+
+func (x *HealthCheck_Payload) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_api_v2_core_health_check_proto_msgTypes[1]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use HealthCheck_Payload.ProtoReflect.Descriptor instead.
+func (*HealthCheck_Payload) Descriptor() ([]byte, []int) {
+	return file_envoy_api_v2_core_health_check_proto_rawDescGZIP(), []int{0, 0}
+}
+
+func (m *HealthCheck_Payload) GetPayload() isHealthCheck_Payload_Payload {
+	if m != nil {
+		return m.Payload
+	}
+	return nil
+}
+
+func (x *HealthCheck_Payload) GetText() string {
+	if x, ok := x.GetPayload().(*HealthCheck_Payload_Text); ok {
+		return x.Text
+	}
+	return ""
+}
+
+func (x *HealthCheck_Payload) GetBinary() []byte {
+	if x, ok := x.GetPayload().(*HealthCheck_Payload_Binary); ok {
+		return x.Binary
+	}
+	return nil
+}
+
+type isHealthCheck_Payload_Payload interface {
+	isHealthCheck_Payload_Payload()
+}
+
+type HealthCheck_Payload_Text struct {
+	// Hex encoded payload. E.g., "000000FF".
+	Text string `protobuf:"bytes,1,opt,name=text,proto3,oneof"`
+}
+
+type HealthCheck_Payload_Binary struct {
+	// [#not-implemented-hide:] Binary payload.
+	Binary []byte `protobuf:"bytes,2,opt,name=binary,proto3,oneof"`
+}
+
+func (*HealthCheck_Payload_Text) isHealthCheck_Payload_Payload() {}
+
+func (*HealthCheck_Payload_Binary) isHealthCheck_Payload_Payload() {}
+
+// [#next-free-field: 12]
+type HealthCheck_HttpHealthCheck struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// The value of the host header in the HTTP health check request. If
+	// left empty (default value), the name of the cluster this health check is associated
+	// with will be used. The host header can be customized for a specific endpoint by setting the
+	// :ref:`hostname <envoy_api_field_endpoint.Endpoint.HealthCheckConfig.hostname>` field.
+	Host string `protobuf:"bytes,1,opt,name=host,proto3" json:"host,omitempty"`
+	// Specifies the HTTP path that will be requested during health checking. For example
+	// */healthcheck*.
+	Path string `protobuf:"bytes,2,opt,name=path,proto3" json:"path,omitempty"`
+	// [#not-implemented-hide:] HTTP specific payload.
+	Send *HealthCheck_Payload `protobuf:"bytes,3,opt,name=send,proto3" json:"send,omitempty"`
+	// [#not-implemented-hide:] HTTP specific response.
+	Receive *HealthCheck_Payload `protobuf:"bytes,4,opt,name=receive,proto3" json:"receive,omitempty"`
+	// An optional service name parameter which is used to validate the identity of
+	// the health checked cluster. See the :ref:`architecture overview
+	// <arch_overview_health_checking_identity>` for more information.
+	//
+	// .. attention::
+	//
+	//   This field has been deprecated in favor of `service_name_matcher` for better flexibility
+	//   over matching with service-cluster name.
+	//
+	// Deprecated: Do not use.
+	ServiceName string `protobuf:"bytes,5,opt,name=service_name,json=serviceName,proto3" json:"service_name,omitempty"`
+	// Specifies a list of HTTP headers that should be added to each request that is sent to the
+	// health checked cluster. For more information, including details on header value syntax, see
+	// the documentation on :ref:`custom request headers
+	// <config_http_conn_man_headers_custom_request_headers>`.
+	RequestHeadersToAdd []*HeaderValueOption `protobuf:"bytes,6,rep,name=request_headers_to_add,json=requestHeadersToAdd,proto3" json:"request_headers_to_add,omitempty"`
+	// Specifies a list of HTTP headers that should be removed from each request that is sent to the
+	// health checked cluster.
+	RequestHeadersToRemove []string `protobuf:"bytes,8,rep,name=request_headers_to_remove,json=requestHeadersToRemove,proto3" json:"request_headers_to_remove,omitempty"`
+	// If set, health checks will be made using http/2.
+	// Deprecated, use :ref:`codec_client_type
+	// <envoy_api_field_core.HealthCheck.HttpHealthCheck.codec_client_type>` instead.
+	//
+	// Deprecated: Do not use.
+	UseHttp2 bool `protobuf:"varint,7,opt,name=use_http2,json=useHttp2,proto3" json:"use_http2,omitempty"`
+	// Specifies a list of HTTP response statuses considered healthy. If provided, replaces default
+	// 200-only policy - 200 must be included explicitly as needed. Ranges follow half-open
+	// semantics of :ref:`Int64Range <envoy_api_msg_type.Int64Range>`. The start and end of each
+	// range are required. Only statuses in the range [100, 600) are allowed.
+	ExpectedStatuses []*_type.Int64Range `protobuf:"bytes,9,rep,name=expected_statuses,json=expectedStatuses,proto3" json:"expected_statuses,omitempty"`
+	// Use specified application protocol for health checks.
+	CodecClientType _type.CodecClientType `protobuf:"varint,10,opt,name=codec_client_type,json=codecClientType,proto3,enum=envoy.type.CodecClientType" json:"codec_client_type,omitempty"`
+	// An optional service name parameter which is used to validate the identity of
+	// the health checked cluster using a :ref:`StringMatcher
+	// <envoy_api_msg_type.matcher.StringMatcher>`. See the :ref:`architecture overview
+	// <arch_overview_health_checking_identity>` for more information.
+	ServiceNameMatcher *matcher.StringMatcher `protobuf:"bytes,11,opt,name=service_name_matcher,json=serviceNameMatcher,proto3" json:"service_name_matcher,omitempty"`
+}
+
+func (x *HealthCheck_HttpHealthCheck) Reset() {
+	*x = HealthCheck_HttpHealthCheck{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_api_v2_core_health_check_proto_msgTypes[2]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *HealthCheck_HttpHealthCheck) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*HealthCheck_HttpHealthCheck) ProtoMessage() {}
+
+func (x *HealthCheck_HttpHealthCheck) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_api_v2_core_health_check_proto_msgTypes[2]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use HealthCheck_HttpHealthCheck.ProtoReflect.Descriptor instead.
+func (*HealthCheck_HttpHealthCheck) Descriptor() ([]byte, []int) {
+	return file_envoy_api_v2_core_health_check_proto_rawDescGZIP(), []int{0, 1}
+}
+
+func (x *HealthCheck_HttpHealthCheck) GetHost() string {
+	if x != nil {
+		return x.Host
+	}
+	return ""
+}
+
+func (x *HealthCheck_HttpHealthCheck) GetPath() string {
+	if x != nil {
+		return x.Path
+	}
+	return ""
+}
+
+func (x *HealthCheck_HttpHealthCheck) GetSend() *HealthCheck_Payload {
+	if x != nil {
+		return x.Send
+	}
+	return nil
+}
+
+func (x *HealthCheck_HttpHealthCheck) GetReceive() *HealthCheck_Payload {
+	if x != nil {
+		return x.Receive
+	}
+	return nil
+}
+
+// Deprecated: Do not use.
+func (x *HealthCheck_HttpHealthCheck) GetServiceName() string {
+	if x != nil {
+		return x.ServiceName
+	}
+	return ""
+}
+
+func (x *HealthCheck_HttpHealthCheck) GetRequestHeadersToAdd() []*HeaderValueOption {
+	if x != nil {
+		return x.RequestHeadersToAdd
+	}
+	return nil
+}
+
+func (x *HealthCheck_HttpHealthCheck) GetRequestHeadersToRemove() []string {
+	if x != nil {
+		return x.RequestHeadersToRemove
+	}
+	return nil
+}
+
+// Deprecated: Do not use.
+func (x *HealthCheck_HttpHealthCheck) GetUseHttp2() bool {
+	if x != nil {
+		return x.UseHttp2
+	}
+	return false
+}
+
+func (x *HealthCheck_HttpHealthCheck) GetExpectedStatuses() []*_type.Int64Range {
+	if x != nil {
+		return x.ExpectedStatuses
+	}
+	return nil
+}
+
+func (x *HealthCheck_HttpHealthCheck) GetCodecClientType() _type.CodecClientType {
+	if x != nil {
+		return x.CodecClientType
+	}
+	return _type.CodecClientType_HTTP1
+}
+
+func (x *HealthCheck_HttpHealthCheck) GetServiceNameMatcher() *matcher.StringMatcher {
+	if x != nil {
+		return x.ServiceNameMatcher
+	}
+	return nil
+}
+
+type HealthCheck_TcpHealthCheck struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// Empty payloads imply a connect-only health check.
+	Send *HealthCheck_Payload `protobuf:"bytes,1,opt,name=send,proto3" json:"send,omitempty"`
+	// When checking the response, “fuzzy” matching is performed such that each
+	// binary block must be found, and in the order specified, but not
+	// necessarily contiguous.
+	Receive []*HealthCheck_Payload `protobuf:"bytes,2,rep,name=receive,proto3" json:"receive,omitempty"`
+}
+
+func (x *HealthCheck_TcpHealthCheck) Reset() {
+	*x = HealthCheck_TcpHealthCheck{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_api_v2_core_health_check_proto_msgTypes[3]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *HealthCheck_TcpHealthCheck) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*HealthCheck_TcpHealthCheck) ProtoMessage() {}
+
+func (x *HealthCheck_TcpHealthCheck) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_api_v2_core_health_check_proto_msgTypes[3]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use HealthCheck_TcpHealthCheck.ProtoReflect.Descriptor instead.
+func (*HealthCheck_TcpHealthCheck) Descriptor() ([]byte, []int) {
+	return file_envoy_api_v2_core_health_check_proto_rawDescGZIP(), []int{0, 2}
+}
+
+func (x *HealthCheck_TcpHealthCheck) GetSend() *HealthCheck_Payload {
+	if x != nil {
+		return x.Send
+	}
+	return nil
+}
+
+func (x *HealthCheck_TcpHealthCheck) GetReceive() []*HealthCheck_Payload {
+	if x != nil {
+		return x.Receive
+	}
+	return nil
+}
+
+type HealthCheck_RedisHealthCheck struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// If set, optionally perform ``EXISTS <key>`` instead of ``PING``. A return value
+	// from Redis of 0 (does not exist) is considered a passing healthcheck. A return value other
+	// than 0 is considered a failure. This allows the user to mark a Redis instance for maintenance
+	// by setting the specified key to any value and waiting for traffic to drain.
+	Key string `protobuf:"bytes,1,opt,name=key,proto3" json:"key,omitempty"`
+}
+
+func (x *HealthCheck_RedisHealthCheck) Reset() {
+	*x = HealthCheck_RedisHealthCheck{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_api_v2_core_health_check_proto_msgTypes[4]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *HealthCheck_RedisHealthCheck) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*HealthCheck_RedisHealthCheck) ProtoMessage() {}
+
+func (x *HealthCheck_RedisHealthCheck) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_api_v2_core_health_check_proto_msgTypes[4]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use HealthCheck_RedisHealthCheck.ProtoReflect.Descriptor instead.
+func (*HealthCheck_RedisHealthCheck) Descriptor() ([]byte, []int) {
+	return file_envoy_api_v2_core_health_check_proto_rawDescGZIP(), []int{0, 3}
+}
+
+func (x *HealthCheck_RedisHealthCheck) GetKey() string {
+	if x != nil {
+		return x.Key
+	}
+	return ""
+}
+
+// `grpc.health.v1.Health
+// <https://github.com/grpc/grpc/blob/master/src/proto/grpc/health/v1/health.proto>`_-based
+// healthcheck. See `gRPC doc <https://github.com/grpc/grpc/blob/master/doc/health-checking.md>`_
+// for details.
+type HealthCheck_GrpcHealthCheck struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// An optional service name parameter which will be sent to gRPC service in
+	// `grpc.health.v1.HealthCheckRequest
+	// <https://github.com/grpc/grpc/blob/master/src/proto/grpc/health/v1/health.proto#L20>`_.
+	// message. See `gRPC health-checking overview
+	// <https://github.com/grpc/grpc/blob/master/doc/health-checking.md>`_ for more information.
+	ServiceName string `protobuf:"bytes,1,opt,name=service_name,json=serviceName,proto3" json:"service_name,omitempty"`
+	// The value of the :authority header in the gRPC health check request. If
+	// left empty (default value), the name of the cluster this health check is associated
+	// with will be used. The authority header can be customized for a specific endpoint by setting
+	// the :ref:`hostname <envoy_api_field_endpoint.Endpoint.HealthCheckConfig.hostname>` field.
+	Authority string `protobuf:"bytes,2,opt,name=authority,proto3" json:"authority,omitempty"`
+}
+
+func (x *HealthCheck_GrpcHealthCheck) Reset() {
+	*x = HealthCheck_GrpcHealthCheck{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_api_v2_core_health_check_proto_msgTypes[5]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *HealthCheck_GrpcHealthCheck) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*HealthCheck_GrpcHealthCheck) ProtoMessage() {}
+
+func (x *HealthCheck_GrpcHealthCheck) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_api_v2_core_health_check_proto_msgTypes[5]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use HealthCheck_GrpcHealthCheck.ProtoReflect.Descriptor instead.
+func (*HealthCheck_GrpcHealthCheck) Descriptor() ([]byte, []int) {
+	return file_envoy_api_v2_core_health_check_proto_rawDescGZIP(), []int{0, 4}
+}
+
+func (x *HealthCheck_GrpcHealthCheck) GetServiceName() string {
+	if x != nil {
+		return x.ServiceName
+	}
+	return ""
+}
+
+func (x *HealthCheck_GrpcHealthCheck) GetAuthority() string {
+	if x != nil {
+		return x.Authority
+	}
+	return ""
+}
+
+// Custom health check.
+type HealthCheck_CustomHealthCheck struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// The registered name of the custom health checker.
+	Name string `protobuf:"bytes,1,opt,name=name,proto3" json:"name,omitempty"`
+	// A custom health checker specific configuration which depends on the custom health checker
+	// being instantiated. See :api:`envoy/config/health_checker` for reference.
+	//
+	// Types that are assignable to ConfigType:
+	//	*HealthCheck_CustomHealthCheck_Config
+	//	*HealthCheck_CustomHealthCheck_TypedConfig
+	ConfigType isHealthCheck_CustomHealthCheck_ConfigType `protobuf_oneof:"config_type"`
+}
+
+func (x *HealthCheck_CustomHealthCheck) Reset() {
+	*x = HealthCheck_CustomHealthCheck{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_api_v2_core_health_check_proto_msgTypes[6]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *HealthCheck_CustomHealthCheck) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*HealthCheck_CustomHealthCheck) ProtoMessage() {}
+
+func (x *HealthCheck_CustomHealthCheck) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_api_v2_core_health_check_proto_msgTypes[6]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use HealthCheck_CustomHealthCheck.ProtoReflect.Descriptor instead.
+func (*HealthCheck_CustomHealthCheck) Descriptor() ([]byte, []int) {
+	return file_envoy_api_v2_core_health_check_proto_rawDescGZIP(), []int{0, 5}
+}
+
+func (x *HealthCheck_CustomHealthCheck) GetName() string {
+	if x != nil {
+		return x.Name
+	}
+	return ""
+}
+
+func (m *HealthCheck_CustomHealthCheck) GetConfigType() isHealthCheck_CustomHealthCheck_ConfigType {
+	if m != nil {
+		return m.ConfigType
+	}
+	return nil
+}
+
+// Deprecated: Do not use.
+func (x *HealthCheck_CustomHealthCheck) GetConfig() *_struct.Struct {
+	if x, ok := x.GetConfigType().(*HealthCheck_CustomHealthCheck_Config); ok {
+		return x.Config
+	}
+	return nil
+}
+
+func (x *HealthCheck_CustomHealthCheck) GetTypedConfig() *any.Any {
+	if x, ok := x.GetConfigType().(*HealthCheck_CustomHealthCheck_TypedConfig); ok {
+		return x.TypedConfig
+	}
+	return nil
+}
+
+type isHealthCheck_CustomHealthCheck_ConfigType interface {
+	isHealthCheck_CustomHealthCheck_ConfigType()
+}
+
+type HealthCheck_CustomHealthCheck_Config struct {
+	// Deprecated: Do not use.
+	Config *_struct.Struct `protobuf:"bytes,2,opt,name=config,proto3,oneof"`
+}
+
+type HealthCheck_CustomHealthCheck_TypedConfig struct {
+	TypedConfig *any.Any `protobuf:"bytes,3,opt,name=typed_config,json=typedConfig,proto3,oneof"`
+}
+
+func (*HealthCheck_CustomHealthCheck_Config) isHealthCheck_CustomHealthCheck_ConfigType() {}
+
+func (*HealthCheck_CustomHealthCheck_TypedConfig) isHealthCheck_CustomHealthCheck_ConfigType() {}
+
+// Health checks occur over the transport socket specified for the cluster. This implies that if a
+// cluster is using a TLS-enabled transport socket, the health check will also occur over TLS.
+//
+// This allows overriding the cluster TLS settings, just for health check connections.
+type HealthCheck_TlsOptions struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// Specifies the ALPN protocols for health check connections. This is useful if the
+	// corresponding upstream is using ALPN-based :ref:`FilterChainMatch
+	// <envoy_api_msg_listener.FilterChainMatch>` along with different protocols for health checks
+	// versus data connections. If empty, no ALPN protocols will be set on health check connections.
+	AlpnProtocols []string `protobuf:"bytes,1,rep,name=alpn_protocols,json=alpnProtocols,proto3" json:"alpn_protocols,omitempty"`
+}
+
+func (x *HealthCheck_TlsOptions) Reset() {
+	*x = HealthCheck_TlsOptions{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_api_v2_core_health_check_proto_msgTypes[7]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *HealthCheck_TlsOptions) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*HealthCheck_TlsOptions) ProtoMessage() {}
+
+func (x *HealthCheck_TlsOptions) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_api_v2_core_health_check_proto_msgTypes[7]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use HealthCheck_TlsOptions.ProtoReflect.Descriptor instead.
+func (*HealthCheck_TlsOptions) Descriptor() ([]byte, []int) {
+	return file_envoy_api_v2_core_health_check_proto_rawDescGZIP(), []int{0, 6}
+}
+
+func (x *HealthCheck_TlsOptions) GetAlpnProtocols() []string {
+	if x != nil {
+		return x.AlpnProtocols
+	}
+	return nil
+}
+
+var File_envoy_api_v2_core_health_check_proto protoreflect.FileDescriptor
+
+var file_envoy_api_v2_core_health_check_proto_rawDesc = []byte{
+	0x0a, 0x24, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2f, 0x61, 0x70, 0x69, 0x2f, 0x76, 0x32, 0x2f, 0x63,
+	0x6f, 0x72, 0x65, 0x2f, 0x68, 0x65, 0x61, 0x6c, 0x74, 0x68, 0x5f, 0x63, 0x68, 0x65, 0x63, 0x6b,
+	0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x12, 0x11, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61, 0x70,
+	0x69, 0x2e, 0x76, 0x32, 0x2e, 0x63, 0x6f, 0x72, 0x65, 0x1a, 0x1c, 0x65, 0x6e, 0x76, 0x6f, 0x79,
+	0x2f, 0x61, 0x70, 0x69, 0x2f, 0x76, 0x32, 0x2f, 0x63, 0x6f, 0x72, 0x65, 0x2f, 0x62, 0x61, 0x73,
+	0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x2c, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2f, 0x61,
+	0x70, 0x69, 0x2f, 0x76, 0x32, 0x2f, 0x63, 0x6f, 0x72, 0x65, 0x2f, 0x65, 0x76, 0x65, 0x6e, 0x74,
+	0x5f, 0x73, 0x65, 0x72, 0x76, 0x69, 0x63, 0x65, 0x5f, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e,
+	0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x15, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2f, 0x74, 0x79, 0x70,
+	0x65, 0x2f, 0x68, 0x74, 0x74, 0x70, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x1f, 0x65, 0x6e,
+	0x76, 0x6f, 0x79, 0x2f, 0x74, 0x79, 0x70, 0x65, 0x2f, 0x6d, 0x61, 0x74, 0x63, 0x68, 0x65, 0x72,
+	0x2f, 0x73, 0x74, 0x72, 0x69, 0x6e, 0x67, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x16, 0x65,
+	0x6e, 0x76, 0x6f, 0x79, 0x2f, 0x74, 0x79, 0x70, 0x65, 0x2f, 0x72, 0x61, 0x6e, 0x67, 0x65, 0x2e,
+	0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x19, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2f, 0x70, 0x72,
+	0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2f, 0x61, 0x6e, 0x79, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f,
+	0x1a, 0x1e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2f, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75,
+	0x66, 0x2f, 0x64, 0x75, 0x72, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f,
+	0x1a, 0x1c, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2f, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75,
+	0x66, 0x2f, 0x73, 0x74, 0x72, 0x75, 0x63, 0x74, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x1e,
+	0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2f, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2f,
+	0x77, 0x72, 0x61, 0x70, 0x70, 0x65, 0x72, 0x73, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x23,
+	0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2f, 0x61, 0x6e, 0x6e, 0x6f, 0x74, 0x61, 0x74, 0x69, 0x6f, 0x6e,
+	0x73, 0x2f, 0x64, 0x65, 0x70, 0x72, 0x65, 0x63, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x2e, 0x70, 0x72,
+	0x6f, 0x74, 0x6f, 0x1a, 0x1e, 0x75, 0x64, 0x70, 0x61, 0x2f, 0x61, 0x6e, 0x6e, 0x6f, 0x74, 0x61,
+	0x74, 0x69, 0x6f, 0x6e, 0x73, 0x2f, 0x6d, 0x69, 0x67, 0x72, 0x61, 0x74, 0x65, 0x2e, 0x70, 0x72,
+	0x6f, 0x74, 0x6f, 0x1a, 0x1d, 0x75, 0x64, 0x70, 0x61, 0x2f, 0x61, 0x6e, 0x6e, 0x6f, 0x74, 0x61,
+	0x74, 0x69, 0x6f, 0x6e, 0x73, 0x2f, 0x73, 0x74, 0x61, 0x74, 0x75, 0x73, 0x2e, 0x70, 0x72, 0x6f,
+	0x74, 0x6f, 0x1a, 0x17, 0x76, 0x61, 0x6c, 0x69, 0x64, 0x61, 0x74, 0x65, 0x2f, 0x76, 0x61, 0x6c,
+	0x69, 0x64, 0x61, 0x74, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x22, 0xe1, 0x16, 0x0a, 0x0b,
+	0x48, 0x65, 0x61, 0x6c, 0x74, 0x68, 0x43, 0x68, 0x65, 0x63, 0x6b, 0x12, 0x3f, 0x0a, 0x07, 0x74,
+	0x69, 0x6d, 0x65, 0x6f, 0x75, 0x74, 0x18, 0x01, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x19, 0x2e, 0x67,
+	0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x44,
+	0x75, 0x72, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x42, 0x0a, 0xfa, 0x42, 0x07, 0xaa, 0x01, 0x04, 0x08,
+	0x01, 0x2a, 0x00, 0x52, 0x07, 0x74, 0x69, 0x6d, 0x65, 0x6f, 0x75, 0x74, 0x12, 0x41, 0x0a, 0x08,
+	0x69, 0x6e, 0x74, 0x65, 0x72, 0x76, 0x61, 0x6c, 0x18, 0x02, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x19,
+	0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66,
+	0x2e, 0x44, 0x75, 0x72, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x42, 0x0a, 0xfa, 0x42, 0x07, 0xaa, 0x01,
+	0x04, 0x08, 0x01, 0x2a, 0x00, 0x52, 0x08, 0x69, 0x6e, 0x74, 0x65, 0x72, 0x76, 0x61, 0x6c, 0x12,
+	0x40, 0x0a, 0x0e, 0x69, 0x6e, 0x69, 0x74, 0x69, 0x61, 0x6c, 0x5f, 0x6a, 0x69, 0x74, 0x74, 0x65,
+	0x72, 0x18, 0x14, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x19, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65,
+	0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x44, 0x75, 0x72, 0x61, 0x74, 0x69,
+	0x6f, 0x6e, 0x52, 0x0d, 0x69, 0x6e, 0x69, 0x74, 0x69, 0x61, 0x6c, 0x4a, 0x69, 0x74, 0x74, 0x65,
+	0x72, 0x12, 0x42, 0x0a, 0x0f, 0x69, 0x6e, 0x74, 0x65, 0x72, 0x76, 0x61, 0x6c, 0x5f, 0x6a, 0x69,
+	0x74, 0x74, 0x65, 0x72, 0x18, 0x03, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x19, 0x2e, 0x67, 0x6f, 0x6f,
+	0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x44, 0x75, 0x72,
+	0x61, 0x74, 0x69, 0x6f, 0x6e, 0x52, 0x0e, 0x69, 0x6e, 0x74, 0x65, 0x72, 0x76, 0x61, 0x6c, 0x4a,
+	0x69, 0x74, 0x74, 0x65, 0x72, 0x12, 0x36, 0x0a, 0x17, 0x69, 0x6e, 0x74, 0x65, 0x72, 0x76, 0x61,
+	0x6c, 0x5f, 0x6a, 0x69, 0x74, 0x74, 0x65, 0x72, 0x5f, 0x70, 0x65, 0x72, 0x63, 0x65, 0x6e, 0x74,
+	0x18, 0x12, 0x20, 0x01, 0x28, 0x0d, 0x52, 0x15, 0x69, 0x6e, 0x74, 0x65, 0x72, 0x76, 0x61, 0x6c,
+	0x4a, 0x69, 0x74, 0x74, 0x65, 0x72, 0x50, 0x65, 0x72, 0x63, 0x65, 0x6e, 0x74, 0x12, 0x57, 0x0a,
+	0x13, 0x75, 0x6e, 0x68, 0x65, 0x61, 0x6c, 0x74, 0x68, 0x79, 0x5f, 0x74, 0x68, 0x72, 0x65, 0x73,
+	0x68, 0x6f, 0x6c, 0x64, 0x18, 0x04, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1c, 0x2e, 0x67, 0x6f, 0x6f,
+	0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x55, 0x49, 0x6e,
+	0x74, 0x33, 0x32, 0x56, 0x61, 0x6c, 0x75, 0x65, 0x42, 0x08, 0xfa, 0x42, 0x05, 0x8a, 0x01, 0x02,
+	0x10, 0x01, 0x52, 0x12, 0x75, 0x6e, 0x68, 0x65, 0x61, 0x6c, 0x74, 0x68, 0x79, 0x54, 0x68, 0x72,
+	0x65, 0x73, 0x68, 0x6f, 0x6c, 0x64, 0x12, 0x53, 0x0a, 0x11, 0x68, 0x65, 0x61, 0x6c, 0x74, 0x68,
+	0x79, 0x5f, 0x74, 0x68, 0x72, 0x65, 0x73, 0x68, 0x6f, 0x6c, 0x64, 0x18, 0x05, 0x20, 0x01, 0x28,
+	0x0b, 0x32, 0x1c, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f,
+	0x62, 0x75, 0x66, 0x2e, 0x55, 0x49, 0x6e, 0x74, 0x33, 0x32, 0x56, 0x61, 0x6c, 0x75, 0x65, 0x42,
+	0x08, 0xfa, 0x42, 0x05, 0x8a, 0x01, 0x02, 0x10, 0x01, 0x52, 0x10, 0x68, 0x65, 0x61, 0x6c, 0x74,
+	0x68, 0x79, 0x54, 0x68, 0x72, 0x65, 0x73, 0x68, 0x6f, 0x6c, 0x64, 0x12, 0x37, 0x0a, 0x08, 0x61,
+	0x6c, 0x74, 0x5f, 0x70, 0x6f, 0x72, 0x74, 0x18, 0x06, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1c, 0x2e,
+	0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e,
+	0x55, 0x49, 0x6e, 0x74, 0x33, 0x32, 0x56, 0x61, 0x6c, 0x75, 0x65, 0x52, 0x07, 0x61, 0x6c, 0x74,
+	0x50, 0x6f, 0x72, 0x74, 0x12, 0x45, 0x0a, 0x10, 0x72, 0x65, 0x75, 0x73, 0x65, 0x5f, 0x63, 0x6f,
+	0x6e, 0x6e, 0x65, 0x63, 0x74, 0x69, 0x6f, 0x6e, 0x18, 0x07, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1a,
+	0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66,
+	0x2e, 0x42, 0x6f, 0x6f, 0x6c, 0x56, 0x61, 0x6c, 0x75, 0x65, 0x52, 0x0f, 0x72, 0x65, 0x75, 0x73,
+	0x65, 0x43, 0x6f, 0x6e, 0x6e, 0x65, 0x63, 0x74, 0x69, 0x6f, 0x6e, 0x12, 0x5c, 0x0a, 0x11, 0x68,
+	0x74, 0x74, 0x70, 0x5f, 0x68, 0x65, 0x61, 0x6c, 0x74, 0x68, 0x5f, 0x63, 0x68, 0x65, 0x63, 0x6b,
+	0x18, 0x08, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x2e, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61,
+	0x70, 0x69, 0x2e, 0x76, 0x32, 0x2e, 0x63, 0x6f, 0x72, 0x65, 0x2e, 0x48, 0x65, 0x61, 0x6c, 0x74,
+	0x68, 0x43, 0x68, 0x65, 0x63, 0x6b, 0x2e, 0x48, 0x74, 0x74, 0x70, 0x48, 0x65, 0x61, 0x6c, 0x74,
+	0x68, 0x43, 0x68, 0x65, 0x63, 0x6b, 0x48, 0x00, 0x52, 0x0f, 0x68, 0x74, 0x74, 0x70, 0x48, 0x65,
+	0x61, 0x6c, 0x74, 0x68, 0x43, 0x68, 0x65, 0x63, 0x6b, 0x12, 0x59, 0x0a, 0x10, 0x74, 0x63, 0x70,
+	0x5f, 0x68, 0x65, 0x61, 0x6c, 0x74, 0x68, 0x5f, 0x63, 0x68, 0x65, 0x63, 0x6b, 0x18, 0x09, 0x20,
+	0x01, 0x28, 0x0b, 0x32, 0x2d, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61, 0x70, 0x69, 0x2e,
+	0x76, 0x32, 0x2e, 0x63, 0x6f, 0x72, 0x65, 0x2e, 0x48, 0x65, 0x61, 0x6c, 0x74, 0x68, 0x43, 0x68,
+	0x65, 0x63, 0x6b, 0x2e, 0x54, 0x63, 0x70, 0x48, 0x65, 0x61, 0x6c, 0x74, 0x68, 0x43, 0x68, 0x65,
+	0x63, 0x6b, 0x48, 0x00, 0x52, 0x0e, 0x74, 0x63, 0x70, 0x48, 0x65, 0x61, 0x6c, 0x74, 0x68, 0x43,
+	0x68, 0x65, 0x63, 0x6b, 0x12, 0x5c, 0x0a, 0x11, 0x67, 0x72, 0x70, 0x63, 0x5f, 0x68, 0x65, 0x61,
+	0x6c, 0x74, 0x68, 0x5f, 0x63, 0x68, 0x65, 0x63, 0x6b, 0x18, 0x0b, 0x20, 0x01, 0x28, 0x0b, 0x32,
+	0x2e, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x76, 0x32, 0x2e, 0x63,
+	0x6f, 0x72, 0x65, 0x2e, 0x48, 0x65, 0x61, 0x6c, 0x74, 0x68, 0x43, 0x68, 0x65, 0x63, 0x6b, 0x2e,
+	0x47, 0x72, 0x70, 0x63, 0x48, 0x65, 0x61, 0x6c, 0x74, 0x68, 0x43, 0x68, 0x65, 0x63, 0x6b, 0x48,
+	0x00, 0x52, 0x0f, 0x67, 0x72, 0x70, 0x63, 0x48, 0x65, 0x61, 0x6c, 0x74, 0x68, 0x43, 0x68, 0x65,
+	0x63, 0x6b, 0x12, 0x62, 0x0a, 0x13, 0x63, 0x75, 0x73, 0x74, 0x6f, 0x6d, 0x5f, 0x68, 0x65, 0x61,
+	0x6c, 0x74, 0x68, 0x5f, 0x63, 0x68, 0x65, 0x63, 0x6b, 0x18, 0x0d, 0x20, 0x01, 0x28, 0x0b, 0x32,
+	0x30, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x76, 0x32, 0x2e, 0x63,
+	0x6f, 0x72, 0x65, 0x2e, 0x48, 0x65, 0x61, 0x6c, 0x74, 0x68, 0x43, 0x68, 0x65, 0x63, 0x6b, 0x2e,
+	0x43, 0x75, 0x73, 0x74, 0x6f, 0x6d, 0x48, 0x65, 0x61, 0x6c, 0x74, 0x68, 0x43, 0x68, 0x65, 0x63,
+	0x6b, 0x48, 0x00, 0x52, 0x11, 0x63, 0x75, 0x73, 0x74, 0x6f, 0x6d, 0x48, 0x65, 0x61, 0x6c, 0x74,
+	0x68, 0x43, 0x68, 0x65, 0x63, 0x6b, 0x12, 0x53, 0x0a, 0x13, 0x6e, 0x6f, 0x5f, 0x74, 0x72, 0x61,
+	0x66, 0x66, 0x69, 0x63, 0x5f, 0x69, 0x6e, 0x74, 0x65, 0x72, 0x76, 0x61, 0x6c, 0x18, 0x0c, 0x20,
+	0x01, 0x28, 0x0b, 0x32, 0x19, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f,
+	0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x44, 0x75, 0x72, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x42, 0x08,
+	0xfa, 0x42, 0x05, 0xaa, 0x01, 0x02, 0x2a, 0x00, 0x52, 0x11, 0x6e, 0x6f, 0x54, 0x72, 0x61, 0x66,
+	0x66, 0x69, 0x63, 0x49, 0x6e, 0x74, 0x65, 0x72, 0x76, 0x61, 0x6c, 0x12, 0x52, 0x0a, 0x12, 0x75,
+	0x6e, 0x68, 0x65, 0x61, 0x6c, 0x74, 0x68, 0x79, 0x5f, 0x69, 0x6e, 0x74, 0x65, 0x72, 0x76, 0x61,
+	0x6c, 0x18, 0x0e, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x19, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65,
+	0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x44, 0x75, 0x72, 0x61, 0x74, 0x69,
+	0x6f, 0x6e, 0x42, 0x08, 0xfa, 0x42, 0x05, 0xaa, 0x01, 0x02, 0x2a, 0x00, 0x52, 0x11, 0x75, 0x6e,
+	0x68, 0x65, 0x61, 0x6c, 0x74, 0x68, 0x79, 0x49, 0x6e, 0x74, 0x65, 0x72, 0x76, 0x61, 0x6c, 0x12,
+	0x5b, 0x0a, 0x17, 0x75, 0x6e, 0x68, 0x65, 0x61, 0x6c, 0x74, 0x68, 0x79, 0x5f, 0x65, 0x64, 0x67,
+	0x65, 0x5f, 0x69, 0x6e, 0x74, 0x65, 0x72, 0x76, 0x61, 0x6c, 0x18, 0x0f, 0x20, 0x01, 0x28, 0x0b,
+	0x32, 0x19, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62,
+	0x75, 0x66, 0x2e, 0x44, 0x75, 0x72, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x42, 0x08, 0xfa, 0x42, 0x05,
+	0xaa, 0x01, 0x02, 0x2a, 0x00, 0x52, 0x15, 0x75, 0x6e, 0x68, 0x65, 0x61, 0x6c, 0x74, 0x68, 0x79,
+	0x45, 0x64, 0x67, 0x65, 0x49, 0x6e, 0x74, 0x65, 0x72, 0x76, 0x61, 0x6c, 0x12, 0x57, 0x0a, 0x15,
+	0x68, 0x65, 0x61, 0x6c, 0x74, 0x68, 0x79, 0x5f, 0x65, 0x64, 0x67, 0x65, 0x5f, 0x69, 0x6e, 0x74,
+	0x65, 0x72, 0x76, 0x61, 0x6c, 0x18, 0x10, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x19, 0x2e, 0x67, 0x6f,
+	0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x44, 0x75,
+	0x72, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x42, 0x08, 0xfa, 0x42, 0x05, 0xaa, 0x01, 0x02, 0x2a, 0x00,
+	0x52, 0x13, 0x68, 0x65, 0x61, 0x6c, 0x74, 0x68, 0x79, 0x45, 0x64, 0x67, 0x65, 0x49, 0x6e, 0x74,
+	0x65, 0x72, 0x76, 0x61, 0x6c, 0x12, 0x24, 0x0a, 0x0e, 0x65, 0x76, 0x65, 0x6e, 0x74, 0x5f, 0x6c,
+	0x6f, 0x67, 0x5f, 0x70, 0x61, 0x74, 0x68, 0x18, 0x11, 0x20, 0x01, 0x28, 0x09, 0x52, 0x0c, 0x65,
+	0x76, 0x65, 0x6e, 0x74, 0x4c, 0x6f, 0x67, 0x50, 0x61, 0x74, 0x68, 0x12, 0x4a, 0x0a, 0x0d, 0x65,
+	0x76, 0x65, 0x6e, 0x74, 0x5f, 0x73, 0x65, 0x72, 0x76, 0x69, 0x63, 0x65, 0x18, 0x16, 0x20, 0x01,
+	0x28, 0x0b, 0x32, 0x25, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x76,
+	0x32, 0x2e, 0x63, 0x6f, 0x72, 0x65, 0x2e, 0x45, 0x76, 0x65, 0x6e, 0x74, 0x53, 0x65, 0x72, 0x76,
+	0x69, 0x63, 0x65, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x52, 0x0c, 0x65, 0x76, 0x65, 0x6e, 0x74,
+	0x53, 0x65, 0x72, 0x76, 0x69, 0x63, 0x65, 0x12, 0x46, 0x0a, 0x20, 0x61, 0x6c, 0x77, 0x61, 0x79,
+	0x73, 0x5f, 0x6c, 0x6f, 0x67, 0x5f, 0x68, 0x65, 0x61, 0x6c, 0x74, 0x68, 0x5f, 0x63, 0x68, 0x65,
+	0x63, 0x6b, 0x5f, 0x66, 0x61, 0x69, 0x6c, 0x75, 0x72, 0x65, 0x73, 0x18, 0x13, 0x20, 0x01, 0x28,
+	0x08, 0x52, 0x1c, 0x61, 0x6c, 0x77, 0x61, 0x79, 0x73, 0x4c, 0x6f, 0x67, 0x48, 0x65, 0x61, 0x6c,
+	0x74, 0x68, 0x43, 0x68, 0x65, 0x63, 0x6b, 0x46, 0x61, 0x69, 0x6c, 0x75, 0x72, 0x65, 0x73, 0x12,
+	0x4a, 0x0a, 0x0b, 0x74, 0x6c, 0x73, 0x5f, 0x6f, 0x70, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x18, 0x15,
+	0x20, 0x01, 0x28, 0x0b, 0x32, 0x29, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61, 0x70, 0x69,
+	0x2e, 0x76, 0x32, 0x2e, 0x63, 0x6f, 0x72, 0x65, 0x2e, 0x48, 0x65, 0x61, 0x6c, 0x74, 0x68, 0x43,
+	0x68, 0x65, 0x63, 0x6b, 0x2e, 0x54, 0x6c, 0x73, 0x4f, 0x70, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x52,
+	0x0a, 0x74, 0x6c, 0x73, 0x4f, 0x70, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x1a, 0x52, 0x0a, 0x07, 0x50,
+	0x61, 0x79, 0x6c, 0x6f, 0x61, 0x64, 0x12, 0x1d, 0x0a, 0x04, 0x74, 0x65, 0x78, 0x74, 0x18, 0x01,
+	0x20, 0x01, 0x28, 0x09, 0x42, 0x07, 0xfa, 0x42, 0x04, 0x72, 0x02, 0x20, 0x01, 0x48, 0x00, 0x52,
+	0x04, 0x74, 0x65, 0x78, 0x74, 0x12, 0x18, 0x0a, 0x06, 0x62, 0x69, 0x6e, 0x61, 0x72, 0x79, 0x18,
+	0x02, 0x20, 0x01, 0x28, 0x0c, 0x48, 0x00, 0x52, 0x06, 0x62, 0x69, 0x6e, 0x61, 0x72, 0x79, 0x42,
+	0x0e, 0x0a, 0x07, 0x70, 0x61, 0x79, 0x6c, 0x6f, 0x61, 0x64, 0x12, 0x03, 0xf8, 0x42, 0x01, 0x1a,
+	0x9c, 0x05, 0x0a, 0x0f, 0x48, 0x74, 0x74, 0x70, 0x48, 0x65, 0x61, 0x6c, 0x74, 0x68, 0x43, 0x68,
+	0x65, 0x63, 0x6b, 0x12, 0x12, 0x0a, 0x04, 0x68, 0x6f, 0x73, 0x74, 0x18, 0x01, 0x20, 0x01, 0x28,
+	0x09, 0x52, 0x04, 0x68, 0x6f, 0x73, 0x74, 0x12, 0x1b, 0x0a, 0x04, 0x70, 0x61, 0x74, 0x68, 0x18,
+	0x02, 0x20, 0x01, 0x28, 0x09, 0x42, 0x07, 0xfa, 0x42, 0x04, 0x72, 0x02, 0x20, 0x01, 0x52, 0x04,
+	0x70, 0x61, 0x74, 0x68, 0x12, 0x3a, 0x0a, 0x04, 0x73, 0x65, 0x6e, 0x64, 0x18, 0x03, 0x20, 0x01,
+	0x28, 0x0b, 0x32, 0x26, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x76,
+	0x32, 0x2e, 0x63, 0x6f, 0x72, 0x65, 0x2e, 0x48, 0x65, 0x61, 0x6c, 0x74, 0x68, 0x43, 0x68, 0x65,
+	0x63, 0x6b, 0x2e, 0x50, 0x61, 0x79, 0x6c, 0x6f, 0x61, 0x64, 0x52, 0x04, 0x73, 0x65, 0x6e, 0x64,
+	0x12, 0x40, 0x0a, 0x07, 0x72, 0x65, 0x63, 0x65, 0x69, 0x76, 0x65, 0x18, 0x04, 0x20, 0x01, 0x28,
+	0x0b, 0x32, 0x26, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x76, 0x32,
+	0x2e, 0x63, 0x6f, 0x72, 0x65, 0x2e, 0x48, 0x65, 0x61, 0x6c, 0x74, 0x68, 0x43, 0x68, 0x65, 0x63,
+	0x6b, 0x2e, 0x50, 0x61, 0x79, 0x6c, 0x6f, 0x61, 0x64, 0x52, 0x07, 0x72, 0x65, 0x63, 0x65, 0x69,
+	0x76, 0x65, 0x12, 0x25, 0x0a, 0x0c, 0x73, 0x65, 0x72, 0x76, 0x69, 0x63, 0x65, 0x5f, 0x6e, 0x61,
+	0x6d, 0x65, 0x18, 0x05, 0x20, 0x01, 0x28, 0x09, 0x42, 0x02, 0x18, 0x01, 0x52, 0x0b, 0x73, 0x65,
+	0x72, 0x76, 0x69, 0x63, 0x65, 0x4e, 0x61, 0x6d, 0x65, 0x12, 0x64, 0x0a, 0x16, 0x72, 0x65, 0x71,
+	0x75, 0x65, 0x73, 0x74, 0x5f, 0x68, 0x65, 0x61, 0x64, 0x65, 0x72, 0x73, 0x5f, 0x74, 0x6f, 0x5f,
+	0x61, 0x64, 0x64, 0x18, 0x06, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x24, 0x2e, 0x65, 0x6e, 0x76, 0x6f,
+	0x79, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x76, 0x32, 0x2e, 0x63, 0x6f, 0x72, 0x65, 0x2e, 0x48, 0x65,
+	0x61, 0x64, 0x65, 0x72, 0x56, 0x61, 0x6c, 0x75, 0x65, 0x4f, 0x70, 0x74, 0x69, 0x6f, 0x6e, 0x42,
+	0x09, 0xfa, 0x42, 0x06, 0x92, 0x01, 0x03, 0x10, 0xe8, 0x07, 0x52, 0x13, 0x72, 0x65, 0x71, 0x75,
+	0x65, 0x73, 0x74, 0x48, 0x65, 0x61, 0x64, 0x65, 0x72, 0x73, 0x54, 0x6f, 0x41, 0x64, 0x64, 0x12,
+	0x39, 0x0a, 0x19, 0x72, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x5f, 0x68, 0x65, 0x61, 0x64, 0x65,
+	0x72, 0x73, 0x5f, 0x74, 0x6f, 0x5f, 0x72, 0x65, 0x6d, 0x6f, 0x76, 0x65, 0x18, 0x08, 0x20, 0x03,
+	0x28, 0x09, 0x52, 0x16, 0x72, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x48, 0x65, 0x61, 0x64, 0x65,
+	0x72, 0x73, 0x54, 0x6f, 0x52, 0x65, 0x6d, 0x6f, 0x76, 0x65, 0x12, 0x25, 0x0a, 0x09, 0x75, 0x73,
+	0x65, 0x5f, 0x68, 0x74, 0x74, 0x70, 0x32, 0x18, 0x07, 0x20, 0x01, 0x28, 0x08, 0x42, 0x08, 0x18,
+	0x01, 0xb8, 0xee, 0xf2, 0xd2, 0x05, 0x01, 0x52, 0x08, 0x75, 0x73, 0x65, 0x48, 0x74, 0x74, 0x70,
+	0x32, 0x12, 0x43, 0x0a, 0x11, 0x65, 0x78, 0x70, 0x65, 0x63, 0x74, 0x65, 0x64, 0x5f, 0x73, 0x74,
+	0x61, 0x74, 0x75, 0x73, 0x65, 0x73, 0x18, 0x09, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x16, 0x2e, 0x65,
+	0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x74, 0x79, 0x70, 0x65, 0x2e, 0x49, 0x6e, 0x74, 0x36, 0x34, 0x52,
+	0x61, 0x6e, 0x67, 0x65, 0x52, 0x10, 0x65, 0x78, 0x70, 0x65, 0x63, 0x74, 0x65, 0x64, 0x53, 0x74,
+	0x61, 0x74, 0x75, 0x73, 0x65, 0x73, 0x12, 0x51, 0x0a, 0x11, 0x63, 0x6f, 0x64, 0x65, 0x63, 0x5f,
+	0x63, 0x6c, 0x69, 0x65, 0x6e, 0x74, 0x5f, 0x74, 0x79, 0x70, 0x65, 0x18, 0x0a, 0x20, 0x01, 0x28,
+	0x0e, 0x32, 0x1b, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x74, 0x79, 0x70, 0x65, 0x2e, 0x43,
+	0x6f, 0x64, 0x65, 0x63, 0x43, 0x6c, 0x69, 0x65, 0x6e, 0x74, 0x54, 0x79, 0x70, 0x65, 0x42, 0x08,
+	0xfa, 0x42, 0x05, 0x82, 0x01, 0x02, 0x10, 0x01, 0x52, 0x0f, 0x63, 0x6f, 0x64, 0x65, 0x63, 0x43,
+	0x6c, 0x69, 0x65, 0x6e, 0x74, 0x54, 0x79, 0x70, 0x65, 0x12, 0x53, 0x0a, 0x14, 0x73, 0x65, 0x72,
+	0x76, 0x69, 0x63, 0x65, 0x5f, 0x6e, 0x61, 0x6d, 0x65, 0x5f, 0x6d, 0x61, 0x74, 0x63, 0x68, 0x65,
+	0x72, 0x18, 0x0b, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x21, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e,
+	0x74, 0x79, 0x70, 0x65, 0x2e, 0x6d, 0x61, 0x74, 0x63, 0x68, 0x65, 0x72, 0x2e, 0x53, 0x74, 0x72,
+	0x69, 0x6e, 0x67, 0x4d, 0x61, 0x74, 0x63, 0x68, 0x65, 0x72, 0x52, 0x12, 0x73, 0x65, 0x72, 0x76,
+	0x69, 0x63, 0x65, 0x4e, 0x61, 0x6d, 0x65, 0x4d, 0x61, 0x74, 0x63, 0x68, 0x65, 0x72, 0x1a, 0x8e,
+	0x01, 0x0a, 0x0e, 0x54, 0x63, 0x70, 0x48, 0x65, 0x61, 0x6c, 0x74, 0x68, 0x43, 0x68, 0x65, 0x63,
+	0x6b, 0x12, 0x3a, 0x0a, 0x04, 0x73, 0x65, 0x6e, 0x64, 0x18, 0x01, 0x20, 0x01, 0x28, 0x0b, 0x32,
+	0x26, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x76, 0x32, 0x2e, 0x63,
+	0x6f, 0x72, 0x65, 0x2e, 0x48, 0x65, 0x61, 0x6c, 0x74, 0x68, 0x43, 0x68, 0x65, 0x63, 0x6b, 0x2e,
+	0x50, 0x61, 0x79, 0x6c, 0x6f, 0x61, 0x64, 0x52, 0x04, 0x73, 0x65, 0x6e, 0x64, 0x12, 0x40, 0x0a,
+	0x07, 0x72, 0x65, 0x63, 0x65, 0x69, 0x76, 0x65, 0x18, 0x02, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x26,
+	0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x76, 0x32, 0x2e, 0x63, 0x6f,
+	0x72, 0x65, 0x2e, 0x48, 0x65, 0x61, 0x6c, 0x74, 0x68, 0x43, 0x68, 0x65, 0x63, 0x6b, 0x2e, 0x50,
+	0x61, 0x79, 0x6c, 0x6f, 0x61, 0x64, 0x52, 0x07, 0x72, 0x65, 0x63, 0x65, 0x69, 0x76, 0x65, 0x1a,
+	0x24, 0x0a, 0x10, 0x52, 0x65, 0x64, 0x69, 0x73, 0x48, 0x65, 0x61, 0x6c, 0x74, 0x68, 0x43, 0x68,
+	0x65, 0x63, 0x6b, 0x12, 0x10, 0x0a, 0x03, 0x6b, 0x65, 0x79, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09,
+	0x52, 0x03, 0x6b, 0x65, 0x79, 0x1a, 0x52, 0x0a, 0x0f, 0x47, 0x72, 0x70, 0x63, 0x48, 0x65, 0x61,
+	0x6c, 0x74, 0x68, 0x43, 0x68, 0x65, 0x63, 0x6b, 0x12, 0x21, 0x0a, 0x0c, 0x73, 0x65, 0x72, 0x76,
+	0x69, 0x63, 0x65, 0x5f, 0x6e, 0x61, 0x6d, 0x65, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x0b,
+	0x73, 0x65, 0x72, 0x76, 0x69, 0x63, 0x65, 0x4e, 0x61, 0x6d, 0x65, 0x12, 0x1c, 0x0a, 0x09, 0x61,
+	0x75, 0x74, 0x68, 0x6f, 0x72, 0x69, 0x74, 0x79, 0x18, 0x02, 0x20, 0x01, 0x28, 0x09, 0x52, 0x09,
+	0x61, 0x75, 0x74, 0x68, 0x6f, 0x72, 0x69, 0x74, 0x79, 0x1a, 0xb1, 0x01, 0x0a, 0x11, 0x43, 0x75,
+	0x73, 0x74, 0x6f, 0x6d, 0x48, 0x65, 0x61, 0x6c, 0x74, 0x68, 0x43, 0x68, 0x65, 0x63, 0x6b, 0x12,
+	0x1b, 0x0a, 0x04, 0x6e, 0x61, 0x6d, 0x65, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x42, 0x07, 0xfa,
+	0x42, 0x04, 0x72, 0x02, 0x20, 0x01, 0x52, 0x04, 0x6e, 0x61, 0x6d, 0x65, 0x12, 0x35, 0x0a, 0x06,
+	0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x18, 0x02, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x17, 0x2e, 0x67,
+	0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x53,
+	0x74, 0x72, 0x75, 0x63, 0x74, 0x42, 0x02, 0x18, 0x01, 0x48, 0x00, 0x52, 0x06, 0x63, 0x6f, 0x6e,
+	0x66, 0x69, 0x67, 0x12, 0x39, 0x0a, 0x0c, 0x74, 0x79, 0x70, 0x65, 0x64, 0x5f, 0x63, 0x6f, 0x6e,
+	0x66, 0x69, 0x67, 0x18, 0x03, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x14, 0x2e, 0x67, 0x6f, 0x6f, 0x67,
+	0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x41, 0x6e, 0x79, 0x48,
+	0x00, 0x52, 0x0b, 0x74, 0x79, 0x70, 0x65, 0x64, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x42, 0x0d,
+	0x0a, 0x0b, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x5f, 0x74, 0x79, 0x70, 0x65, 0x1a, 0x33, 0x0a,
+	0x0a, 0x54, 0x6c, 0x73, 0x4f, 0x70, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x12, 0x25, 0x0a, 0x0e, 0x61,
+	0x6c, 0x70, 0x6e, 0x5f, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x63, 0x6f, 0x6c, 0x73, 0x18, 0x01, 0x20,
+	0x03, 0x28, 0x09, 0x52, 0x0d, 0x61, 0x6c, 0x70, 0x6e, 0x50, 0x72, 0x6f, 0x74, 0x6f, 0x63, 0x6f,
+	0x6c, 0x73, 0x42, 0x15, 0x0a, 0x0e, 0x68, 0x65, 0x61, 0x6c, 0x74, 0x68, 0x5f, 0x63, 0x68, 0x65,
+	0x63, 0x6b, 0x65, 0x72, 0x12, 0x03, 0xf8, 0x42, 0x01, 0x4a, 0x04, 0x08, 0x0a, 0x10, 0x0b, 0x2a,
+	0x60, 0x0a, 0x0c, 0x48, 0x65, 0x61, 0x6c, 0x74, 0x68, 0x53, 0x74, 0x61, 0x74, 0x75, 0x73, 0x12,
+	0x0b, 0x0a, 0x07, 0x55, 0x4e, 0x4b, 0x4e, 0x4f, 0x57, 0x4e, 0x10, 0x00, 0x12, 0x0b, 0x0a, 0x07,
+	0x48, 0x45, 0x41, 0x4c, 0x54, 0x48, 0x59, 0x10, 0x01, 0x12, 0x0d, 0x0a, 0x09, 0x55, 0x4e, 0x48,
+	0x45, 0x41, 0x4c, 0x54, 0x48, 0x59, 0x10, 0x02, 0x12, 0x0c, 0x0a, 0x08, 0x44, 0x52, 0x41, 0x49,
+	0x4e, 0x49, 0x4e, 0x47, 0x10, 0x03, 0x12, 0x0b, 0x0a, 0x07, 0x54, 0x49, 0x4d, 0x45, 0x4f, 0x55,
+	0x54, 0x10, 0x04, 0x12, 0x0c, 0x0a, 0x08, 0x44, 0x45, 0x47, 0x52, 0x41, 0x44, 0x45, 0x44, 0x10,
+	0x05, 0x42, 0x59, 0x0a, 0x1f, 0x69, 0x6f, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x70, 0x72, 0x6f,
+	0x78, 0x79, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x76, 0x32, 0x2e,
+	0x63, 0x6f, 0x72, 0x65, 0x42, 0x10, 0x48, 0x65, 0x61, 0x6c, 0x74, 0x68, 0x43, 0x68, 0x65, 0x63,
+	0x6b, 0x50, 0x72, 0x6f, 0x74, 0x6f, 0x50, 0x01, 0xf2, 0x98, 0xfe, 0x8f, 0x05, 0x16, 0x12, 0x14,
+	0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x63, 0x6f, 0x72,
+	0x65, 0x2e, 0x76, 0x33, 0xba, 0x80, 0xc8, 0xd1, 0x06, 0x02, 0x10, 0x01, 0x62, 0x06, 0x70, 0x72,
+	0x6f, 0x74, 0x6f, 0x33,
+}
+
+var (
+	file_envoy_api_v2_core_health_check_proto_rawDescOnce sync.Once
+	file_envoy_api_v2_core_health_check_proto_rawDescData = file_envoy_api_v2_core_health_check_proto_rawDesc
+)
+
+func file_envoy_api_v2_core_health_check_proto_rawDescGZIP() []byte {
+	file_envoy_api_v2_core_health_check_proto_rawDescOnce.Do(func() {
+		file_envoy_api_v2_core_health_check_proto_rawDescData = protoimpl.X.CompressGZIP(file_envoy_api_v2_core_health_check_proto_rawDescData)
+	})
+	return file_envoy_api_v2_core_health_check_proto_rawDescData
+}
+
+var file_envoy_api_v2_core_health_check_proto_enumTypes = make([]protoimpl.EnumInfo, 1)
+var file_envoy_api_v2_core_health_check_proto_msgTypes = make([]protoimpl.MessageInfo, 8)
+var file_envoy_api_v2_core_health_check_proto_goTypes = []interface{}{
+	(HealthStatus)(0),                     // 0: envoy.api.v2.core.HealthStatus
+	(*HealthCheck)(nil),                   // 1: envoy.api.v2.core.HealthCheck
+	(*HealthCheck_Payload)(nil),           // 2: envoy.api.v2.core.HealthCheck.Payload
+	(*HealthCheck_HttpHealthCheck)(nil),   // 3: envoy.api.v2.core.HealthCheck.HttpHealthCheck
+	(*HealthCheck_TcpHealthCheck)(nil),    // 4: envoy.api.v2.core.HealthCheck.TcpHealthCheck
+	(*HealthCheck_RedisHealthCheck)(nil),  // 5: envoy.api.v2.core.HealthCheck.RedisHealthCheck
+	(*HealthCheck_GrpcHealthCheck)(nil),   // 6: envoy.api.v2.core.HealthCheck.GrpcHealthCheck
+	(*HealthCheck_CustomHealthCheck)(nil), // 7: envoy.api.v2.core.HealthCheck.CustomHealthCheck
+	(*HealthCheck_TlsOptions)(nil),        // 8: envoy.api.v2.core.HealthCheck.TlsOptions
+	(*duration.Duration)(nil),             // 9: google.protobuf.Duration
+	(*wrappers.UInt32Value)(nil),          // 10: google.protobuf.UInt32Value
+	(*wrappers.BoolValue)(nil),            // 11: google.protobuf.BoolValue
+	(*EventServiceConfig)(nil),            // 12: envoy.api.v2.core.EventServiceConfig
+	(*HeaderValueOption)(nil),             // 13: envoy.api.v2.core.HeaderValueOption
+	(*_type.Int64Range)(nil),              // 14: envoy.type.Int64Range
+	(_type.CodecClientType)(0),            // 15: envoy.type.CodecClientType
+	(*matcher.StringMatcher)(nil),         // 16: envoy.type.matcher.StringMatcher
+	(*_struct.Struct)(nil),                // 17: google.protobuf.Struct
+	(*any.Any)(nil),                       // 18: google.protobuf.Any
+}
+var file_envoy_api_v2_core_health_check_proto_depIdxs = []int32{
+	9,  // 0: envoy.api.v2.core.HealthCheck.timeout:type_name -> google.protobuf.Duration
+	9,  // 1: envoy.api.v2.core.HealthCheck.interval:type_name -> google.protobuf.Duration
+	9,  // 2: envoy.api.v2.core.HealthCheck.initial_jitter:type_name -> google.protobuf.Duration
+	9,  // 3: envoy.api.v2.core.HealthCheck.interval_jitter:type_name -> google.protobuf.Duration
+	10, // 4: envoy.api.v2.core.HealthCheck.unhealthy_threshold:type_name -> google.protobuf.UInt32Value
+	10, // 5: envoy.api.v2.core.HealthCheck.healthy_threshold:type_name -> google.protobuf.UInt32Value
+	10, // 6: envoy.api.v2.core.HealthCheck.alt_port:type_name -> google.protobuf.UInt32Value
+	11, // 7: envoy.api.v2.core.HealthCheck.reuse_connection:type_name -> google.protobuf.BoolValue
+	3,  // 8: envoy.api.v2.core.HealthCheck.http_health_check:type_name -> envoy.api.v2.core.HealthCheck.HttpHealthCheck
+	4,  // 9: envoy.api.v2.core.HealthCheck.tcp_health_check:type_name -> envoy.api.v2.core.HealthCheck.TcpHealthCheck
+	6,  // 10: envoy.api.v2.core.HealthCheck.grpc_health_check:type_name -> envoy.api.v2.core.HealthCheck.GrpcHealthCheck
+	7,  // 11: envoy.api.v2.core.HealthCheck.custom_health_check:type_name -> envoy.api.v2.core.HealthCheck.CustomHealthCheck
+	9,  // 12: envoy.api.v2.core.HealthCheck.no_traffic_interval:type_name -> google.protobuf.Duration
+	9,  // 13: envoy.api.v2.core.HealthCheck.unhealthy_interval:type_name -> google.protobuf.Duration
+	9,  // 14: envoy.api.v2.core.HealthCheck.unhealthy_edge_interval:type_name -> google.protobuf.Duration
+	9,  // 15: envoy.api.v2.core.HealthCheck.healthy_edge_interval:type_name -> google.protobuf.Duration
+	12, // 16: envoy.api.v2.core.HealthCheck.event_service:type_name -> envoy.api.v2.core.EventServiceConfig
+	8,  // 17: envoy.api.v2.core.HealthCheck.tls_options:type_name -> envoy.api.v2.core.HealthCheck.TlsOptions
+	2,  // 18: envoy.api.v2.core.HealthCheck.HttpHealthCheck.send:type_name -> envoy.api.v2.core.HealthCheck.Payload
+	2,  // 19: envoy.api.v2.core.HealthCheck.HttpHealthCheck.receive:type_name -> envoy.api.v2.core.HealthCheck.Payload
+	13, // 20: envoy.api.v2.core.HealthCheck.HttpHealthCheck.request_headers_to_add:type_name -> envoy.api.v2.core.HeaderValueOption
+	14, // 21: envoy.api.v2.core.HealthCheck.HttpHealthCheck.expected_statuses:type_name -> envoy.type.Int64Range
+	15, // 22: envoy.api.v2.core.HealthCheck.HttpHealthCheck.codec_client_type:type_name -> envoy.type.CodecClientType
+	16, // 23: envoy.api.v2.core.HealthCheck.HttpHealthCheck.service_name_matcher:type_name -> envoy.type.matcher.StringMatcher
+	2,  // 24: envoy.api.v2.core.HealthCheck.TcpHealthCheck.send:type_name -> envoy.api.v2.core.HealthCheck.Payload
+	2,  // 25: envoy.api.v2.core.HealthCheck.TcpHealthCheck.receive:type_name -> envoy.api.v2.core.HealthCheck.Payload
+	17, // 26: envoy.api.v2.core.HealthCheck.CustomHealthCheck.config:type_name -> google.protobuf.Struct
+	18, // 27: envoy.api.v2.core.HealthCheck.CustomHealthCheck.typed_config:type_name -> google.protobuf.Any
+	28, // [28:28] is the sub-list for method output_type
+	28, // [28:28] is the sub-list for method input_type
+	28, // [28:28] is the sub-list for extension type_name
+	28, // [28:28] is the sub-list for extension extendee
+	0,  // [0:28] is the sub-list for field type_name
+}
+
+func init() { file_envoy_api_v2_core_health_check_proto_init() }
+func file_envoy_api_v2_core_health_check_proto_init() {
+	if File_envoy_api_v2_core_health_check_proto != nil {
+		return
+	}
+	file_envoy_api_v2_core_base_proto_init()
+	file_envoy_api_v2_core_event_service_config_proto_init()
+	if !protoimpl.UnsafeEnabled {
+		file_envoy_api_v2_core_health_check_proto_msgTypes[0].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*HealthCheck); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_api_v2_core_health_check_proto_msgTypes[1].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*HealthCheck_Payload); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_api_v2_core_health_check_proto_msgTypes[2].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*HealthCheck_HttpHealthCheck); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_api_v2_core_health_check_proto_msgTypes[3].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*HealthCheck_TcpHealthCheck); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_api_v2_core_health_check_proto_msgTypes[4].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*HealthCheck_RedisHealthCheck); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_api_v2_core_health_check_proto_msgTypes[5].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*HealthCheck_GrpcHealthCheck); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_api_v2_core_health_check_proto_msgTypes[6].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*HealthCheck_CustomHealthCheck); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_api_v2_core_health_check_proto_msgTypes[7].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*HealthCheck_TlsOptions); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+	}
+	file_envoy_api_v2_core_health_check_proto_msgTypes[0].OneofWrappers = []interface{}{
+		(*HealthCheck_HttpHealthCheck_)(nil),
+		(*HealthCheck_TcpHealthCheck_)(nil),
+		(*HealthCheck_GrpcHealthCheck_)(nil),
+		(*HealthCheck_CustomHealthCheck_)(nil),
+	}
+	file_envoy_api_v2_core_health_check_proto_msgTypes[1].OneofWrappers = []interface{}{
+		(*HealthCheck_Payload_Text)(nil),
+		(*HealthCheck_Payload_Binary)(nil),
+	}
+	file_envoy_api_v2_core_health_check_proto_msgTypes[6].OneofWrappers = []interface{}{
+		(*HealthCheck_CustomHealthCheck_Config)(nil),
+		(*HealthCheck_CustomHealthCheck_TypedConfig)(nil),
+	}
+	type x struct{}
+	out := protoimpl.TypeBuilder{
+		File: protoimpl.DescBuilder{
+			GoPackagePath: reflect.TypeOf(x{}).PkgPath(),
+			RawDescriptor: file_envoy_api_v2_core_health_check_proto_rawDesc,
+			NumEnums:      1,
+			NumMessages:   8,
+			NumExtensions: 0,
+			NumServices:   0,
+		},
+		GoTypes:           file_envoy_api_v2_core_health_check_proto_goTypes,
+		DependencyIndexes: file_envoy_api_v2_core_health_check_proto_depIdxs,
+		EnumInfos:         file_envoy_api_v2_core_health_check_proto_enumTypes,
+		MessageInfos:      file_envoy_api_v2_core_health_check_proto_msgTypes,
+	}.Build()
+	File_envoy_api_v2_core_health_check_proto = out.File
+	file_envoy_api_v2_core_health_check_proto_rawDesc = nil
+	file_envoy_api_v2_core_health_check_proto_goTypes = nil
+	file_envoy_api_v2_core_health_check_proto_depIdxs = nil
+}
diff --git a/vendor/github.com/envoyproxy/go-control-plane/envoy/api/v2/core/health_check.pb.validate.go b/vendor/github.com/envoyproxy/go-control-plane/envoy/api/v2/core/health_check.pb.validate.go
new file mode 100644
index 00000000000..5ac0bd3b49a
--- /dev/null
+++ b/vendor/github.com/envoyproxy/go-control-plane/envoy/api/v2/core/health_check.pb.validate.go
@@ -0,0 +1,1819 @@
+// Code generated by protoc-gen-validate. DO NOT EDIT.
+// source: envoy/api/v2/core/health_check.proto
+
+package envoy_api_v2_core
+
+import (
+	"bytes"
+	"errors"
+	"fmt"
+	"net"
+	"net/mail"
+	"net/url"
+	"regexp"
+	"sort"
+	"strings"
+	"time"
+	"unicode/utf8"
+
+	"google.golang.org/protobuf/types/known/anypb"
+
+	_type "github.com/envoyproxy/go-control-plane/envoy/type"
+)
+
+// ensure the imports are used
+var (
+	_ = bytes.MinRead
+	_ = errors.New("")
+	_ = fmt.Print
+	_ = utf8.UTFMax
+	_ = (*regexp.Regexp)(nil)
+	_ = (*strings.Reader)(nil)
+	_ = net.IPv4len
+	_ = time.Duration(0)
+	_ = (*url.URL)(nil)
+	_ = (*mail.Address)(nil)
+	_ = anypb.Any{}
+	_ = sort.Sort
+
+	_ = _type.CodecClientType(0)
+)
+
+// Validate checks the field values on HealthCheck with the rules defined in
+// the proto definition for this message. If any rules are violated, the first
+// error encountered is returned, or nil if there are no violations.
+func (m *HealthCheck) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on HealthCheck with the rules defined in
+// the proto definition for this message. If any rules are violated, the
+// result is a list of violation errors wrapped in HealthCheckMultiError, or
+// nil if none found.
+func (m *HealthCheck) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *HealthCheck) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	if m.GetTimeout() == nil {
+		err := HealthCheckValidationError{
+			field:  "Timeout",
+			reason: "value is required",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+	}
+
+	if d := m.GetTimeout(); d != nil {
+		dur, err := d.AsDuration(), d.CheckValid()
+		if err != nil {
+			err = HealthCheckValidationError{
+				field:  "Timeout",
+				reason: "value is not a valid duration",
+				cause:  err,
+			}
+			if !all {
+				return err
+			}
+			errors = append(errors, err)
+		} else {
+
+			gt := time.Duration(0*time.Second + 0*time.Nanosecond)
+
+			if dur <= gt {
+				err := HealthCheckValidationError{
+					field:  "Timeout",
+					reason: "value must be greater than 0s",
+				}
+				if !all {
+					return err
+				}
+				errors = append(errors, err)
+			}
+
+		}
+	}
+
+	if m.GetInterval() == nil {
+		err := HealthCheckValidationError{
+			field:  "Interval",
+			reason: "value is required",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+	}
+
+	if d := m.GetInterval(); d != nil {
+		dur, err := d.AsDuration(), d.CheckValid()
+		if err != nil {
+			err = HealthCheckValidationError{
+				field:  "Interval",
+				reason: "value is not a valid duration",
+				cause:  err,
+			}
+			if !all {
+				return err
+			}
+			errors = append(errors, err)
+		} else {
+
+			gt := time.Duration(0*time.Second + 0*time.Nanosecond)
+
+			if dur <= gt {
+				err := HealthCheckValidationError{
+					field:  "Interval",
+					reason: "value must be greater than 0s",
+				}
+				if !all {
+					return err
+				}
+				errors = append(errors, err)
+			}
+
+		}
+	}
+
+	if all {
+		switch v := interface{}(m.GetInitialJitter()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, HealthCheckValidationError{
+					field:  "InitialJitter",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, HealthCheckValidationError{
+					field:  "InitialJitter",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetInitialJitter()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return HealthCheckValidationError{
+				field:  "InitialJitter",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if all {
+		switch v := interface{}(m.GetIntervalJitter()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, HealthCheckValidationError{
+					field:  "IntervalJitter",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, HealthCheckValidationError{
+					field:  "IntervalJitter",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetIntervalJitter()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return HealthCheckValidationError{
+				field:  "IntervalJitter",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	// no validation rules for IntervalJitterPercent
+
+	if m.GetUnhealthyThreshold() == nil {
+		err := HealthCheckValidationError{
+			field:  "UnhealthyThreshold",
+			reason: "value is required",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+	}
+
+	if all {
+		switch v := interface{}(m.GetUnhealthyThreshold()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, HealthCheckValidationError{
+					field:  "UnhealthyThreshold",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, HealthCheckValidationError{
+					field:  "UnhealthyThreshold",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetUnhealthyThreshold()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return HealthCheckValidationError{
+				field:  "UnhealthyThreshold",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if m.GetHealthyThreshold() == nil {
+		err := HealthCheckValidationError{
+			field:  "HealthyThreshold",
+			reason: "value is required",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+	}
+
+	if all {
+		switch v := interface{}(m.GetHealthyThreshold()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, HealthCheckValidationError{
+					field:  "HealthyThreshold",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, HealthCheckValidationError{
+					field:  "HealthyThreshold",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetHealthyThreshold()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return HealthCheckValidationError{
+				field:  "HealthyThreshold",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if all {
+		switch v := interface{}(m.GetAltPort()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, HealthCheckValidationError{
+					field:  "AltPort",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, HealthCheckValidationError{
+					field:  "AltPort",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetAltPort()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return HealthCheckValidationError{
+				field:  "AltPort",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if all {
+		switch v := interface{}(m.GetReuseConnection()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, HealthCheckValidationError{
+					field:  "ReuseConnection",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, HealthCheckValidationError{
+					field:  "ReuseConnection",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetReuseConnection()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return HealthCheckValidationError{
+				field:  "ReuseConnection",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if d := m.GetNoTrafficInterval(); d != nil {
+		dur, err := d.AsDuration(), d.CheckValid()
+		if err != nil {
+			err = HealthCheckValidationError{
+				field:  "NoTrafficInterval",
+				reason: "value is not a valid duration",
+				cause:  err,
+			}
+			if !all {
+				return err
+			}
+			errors = append(errors, err)
+		} else {
+
+			gt := time.Duration(0*time.Second + 0*time.Nanosecond)
+
+			if dur <= gt {
+				err := HealthCheckValidationError{
+					field:  "NoTrafficInterval",
+					reason: "value must be greater than 0s",
+				}
+				if !all {
+					return err
+				}
+				errors = append(errors, err)
+			}
+
+		}
+	}
+
+	if d := m.GetUnhealthyInterval(); d != nil {
+		dur, err := d.AsDuration(), d.CheckValid()
+		if err != nil {
+			err = HealthCheckValidationError{
+				field:  "UnhealthyInterval",
+				reason: "value is not a valid duration",
+				cause:  err,
+			}
+			if !all {
+				return err
+			}
+			errors = append(errors, err)
+		} else {
+
+			gt := time.Duration(0*time.Second + 0*time.Nanosecond)
+
+			if dur <= gt {
+				err := HealthCheckValidationError{
+					field:  "UnhealthyInterval",
+					reason: "value must be greater than 0s",
+				}
+				if !all {
+					return err
+				}
+				errors = append(errors, err)
+			}
+
+		}
+	}
+
+	if d := m.GetUnhealthyEdgeInterval(); d != nil {
+		dur, err := d.AsDuration(), d.CheckValid()
+		if err != nil {
+			err = HealthCheckValidationError{
+				field:  "UnhealthyEdgeInterval",
+				reason: "value is not a valid duration",
+				cause:  err,
+			}
+			if !all {
+				return err
+			}
+			errors = append(errors, err)
+		} else {
+
+			gt := time.Duration(0*time.Second + 0*time.Nanosecond)
+
+			if dur <= gt {
+				err := HealthCheckValidationError{
+					field:  "UnhealthyEdgeInterval",
+					reason: "value must be greater than 0s",
+				}
+				if !all {
+					return err
+				}
+				errors = append(errors, err)
+			}
+
+		}
+	}
+
+	if d := m.GetHealthyEdgeInterval(); d != nil {
+		dur, err := d.AsDuration(), d.CheckValid()
+		if err != nil {
+			err = HealthCheckValidationError{
+				field:  "HealthyEdgeInterval",
+				reason: "value is not a valid duration",
+				cause:  err,
+			}
+			if !all {
+				return err
+			}
+			errors = append(errors, err)
+		} else {
+
+			gt := time.Duration(0*time.Second + 0*time.Nanosecond)
+
+			if dur <= gt {
+				err := HealthCheckValidationError{
+					field:  "HealthyEdgeInterval",
+					reason: "value must be greater than 0s",
+				}
+				if !all {
+					return err
+				}
+				errors = append(errors, err)
+			}
+
+		}
+	}
+
+	// no validation rules for EventLogPath
+
+	if all {
+		switch v := interface{}(m.GetEventService()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, HealthCheckValidationError{
+					field:  "EventService",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, HealthCheckValidationError{
+					field:  "EventService",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetEventService()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return HealthCheckValidationError{
+				field:  "EventService",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	// no validation rules for AlwaysLogHealthCheckFailures
+
+	if all {
+		switch v := interface{}(m.GetTlsOptions()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, HealthCheckValidationError{
+					field:  "TlsOptions",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, HealthCheckValidationError{
+					field:  "TlsOptions",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetTlsOptions()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return HealthCheckValidationError{
+				field:  "TlsOptions",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	switch m.HealthChecker.(type) {
+
+	case *HealthCheck_HttpHealthCheck_:
+
+		if all {
+			switch v := interface{}(m.GetHttpHealthCheck()).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, HealthCheckValidationError{
+						field:  "HttpHealthCheck",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, HealthCheckValidationError{
+						field:  "HttpHealthCheck",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(m.GetHttpHealthCheck()).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return HealthCheckValidationError{
+					field:  "HttpHealthCheck",
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	case *HealthCheck_TcpHealthCheck_:
+
+		if all {
+			switch v := interface{}(m.GetTcpHealthCheck()).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, HealthCheckValidationError{
+						field:  "TcpHealthCheck",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, HealthCheckValidationError{
+						field:  "TcpHealthCheck",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(m.GetTcpHealthCheck()).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return HealthCheckValidationError{
+					field:  "TcpHealthCheck",
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	case *HealthCheck_GrpcHealthCheck_:
+
+		if all {
+			switch v := interface{}(m.GetGrpcHealthCheck()).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, HealthCheckValidationError{
+						field:  "GrpcHealthCheck",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, HealthCheckValidationError{
+						field:  "GrpcHealthCheck",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(m.GetGrpcHealthCheck()).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return HealthCheckValidationError{
+					field:  "GrpcHealthCheck",
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	case *HealthCheck_CustomHealthCheck_:
+
+		if all {
+			switch v := interface{}(m.GetCustomHealthCheck()).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, HealthCheckValidationError{
+						field:  "CustomHealthCheck",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, HealthCheckValidationError{
+						field:  "CustomHealthCheck",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(m.GetCustomHealthCheck()).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return HealthCheckValidationError{
+					field:  "CustomHealthCheck",
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	default:
+		err := HealthCheckValidationError{
+			field:  "HealthChecker",
+			reason: "value is required",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+
+	}
+
+	if len(errors) > 0 {
+		return HealthCheckMultiError(errors)
+	}
+	return nil
+}
+
+// HealthCheckMultiError is an error wrapping multiple validation errors
+// returned by HealthCheck.ValidateAll() if the designated constraints aren't met.
+type HealthCheckMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m HealthCheckMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m HealthCheckMultiError) AllErrors() []error { return m }
+
+// HealthCheckValidationError is the validation error returned by
+// HealthCheck.Validate if the designated constraints aren't met.
+type HealthCheckValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e HealthCheckValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e HealthCheckValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e HealthCheckValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e HealthCheckValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e HealthCheckValidationError) ErrorName() string { return "HealthCheckValidationError" }
+
+// Error satisfies the builtin error interface
+func (e HealthCheckValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sHealthCheck.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = HealthCheckValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = HealthCheckValidationError{}
+
+// Validate checks the field values on HealthCheck_Payload with the rules
+// defined in the proto definition for this message. If any rules are
+// violated, the first error encountered is returned, or nil if there are no violations.
+func (m *HealthCheck_Payload) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on HealthCheck_Payload with the rules
+// defined in the proto definition for this message. If any rules are
+// violated, the result is a list of violation errors wrapped in
+// HealthCheck_PayloadMultiError, or nil if none found.
+func (m *HealthCheck_Payload) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *HealthCheck_Payload) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	switch m.Payload.(type) {
+
+	case *HealthCheck_Payload_Text:
+
+		if len(m.GetText()) < 1 {
+			err := HealthCheck_PayloadValidationError{
+				field:  "Text",
+				reason: "value length must be at least 1 bytes",
+			}
+			if !all {
+				return err
+			}
+			errors = append(errors, err)
+		}
+
+	case *HealthCheck_Payload_Binary:
+		// no validation rules for Binary
+
+	default:
+		err := HealthCheck_PayloadValidationError{
+			field:  "Payload",
+			reason: "value is required",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+
+	}
+
+	if len(errors) > 0 {
+		return HealthCheck_PayloadMultiError(errors)
+	}
+	return nil
+}
+
+// HealthCheck_PayloadMultiError is an error wrapping multiple validation
+// errors returned by HealthCheck_Payload.ValidateAll() if the designated
+// constraints aren't met.
+type HealthCheck_PayloadMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m HealthCheck_PayloadMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m HealthCheck_PayloadMultiError) AllErrors() []error { return m }
+
+// HealthCheck_PayloadValidationError is the validation error returned by
+// HealthCheck_Payload.Validate if the designated constraints aren't met.
+type HealthCheck_PayloadValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e HealthCheck_PayloadValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e HealthCheck_PayloadValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e HealthCheck_PayloadValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e HealthCheck_PayloadValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e HealthCheck_PayloadValidationError) ErrorName() string {
+	return "HealthCheck_PayloadValidationError"
+}
+
+// Error satisfies the builtin error interface
+func (e HealthCheck_PayloadValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sHealthCheck_Payload.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = HealthCheck_PayloadValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = HealthCheck_PayloadValidationError{}
+
+// Validate checks the field values on HealthCheck_HttpHealthCheck with the
+// rules defined in the proto definition for this message. If any rules are
+// violated, the first error encountered is returned, or nil if there are no violations.
+func (m *HealthCheck_HttpHealthCheck) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on HealthCheck_HttpHealthCheck with the
+// rules defined in the proto definition for this message. If any rules are
+// violated, the result is a list of violation errors wrapped in
+// HealthCheck_HttpHealthCheckMultiError, or nil if none found.
+func (m *HealthCheck_HttpHealthCheck) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *HealthCheck_HttpHealthCheck) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	// no validation rules for Host
+
+	if len(m.GetPath()) < 1 {
+		err := HealthCheck_HttpHealthCheckValidationError{
+			field:  "Path",
+			reason: "value length must be at least 1 bytes",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+	}
+
+	if all {
+		switch v := interface{}(m.GetSend()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, HealthCheck_HttpHealthCheckValidationError{
+					field:  "Send",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, HealthCheck_HttpHealthCheckValidationError{
+					field:  "Send",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetSend()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return HealthCheck_HttpHealthCheckValidationError{
+				field:  "Send",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if all {
+		switch v := interface{}(m.GetReceive()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, HealthCheck_HttpHealthCheckValidationError{
+					field:  "Receive",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, HealthCheck_HttpHealthCheckValidationError{
+					field:  "Receive",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetReceive()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return HealthCheck_HttpHealthCheckValidationError{
+				field:  "Receive",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	// no validation rules for ServiceName
+
+	if len(m.GetRequestHeadersToAdd()) > 1000 {
+		err := HealthCheck_HttpHealthCheckValidationError{
+			field:  "RequestHeadersToAdd",
+			reason: "value must contain no more than 1000 item(s)",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+	}
+
+	for idx, item := range m.GetRequestHeadersToAdd() {
+		_, _ = idx, item
+
+		if all {
+			switch v := interface{}(item).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, HealthCheck_HttpHealthCheckValidationError{
+						field:  fmt.Sprintf("RequestHeadersToAdd[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, HealthCheck_HttpHealthCheckValidationError{
+						field:  fmt.Sprintf("RequestHeadersToAdd[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(item).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return HealthCheck_HttpHealthCheckValidationError{
+					field:  fmt.Sprintf("RequestHeadersToAdd[%v]", idx),
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	}
+
+	// no validation rules for UseHttp2
+
+	for idx, item := range m.GetExpectedStatuses() {
+		_, _ = idx, item
+
+		if all {
+			switch v := interface{}(item).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, HealthCheck_HttpHealthCheckValidationError{
+						field:  fmt.Sprintf("ExpectedStatuses[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, HealthCheck_HttpHealthCheckValidationError{
+						field:  fmt.Sprintf("ExpectedStatuses[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(item).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return HealthCheck_HttpHealthCheckValidationError{
+					field:  fmt.Sprintf("ExpectedStatuses[%v]", idx),
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	}
+
+	if _, ok := _type.CodecClientType_name[int32(m.GetCodecClientType())]; !ok {
+		err := HealthCheck_HttpHealthCheckValidationError{
+			field:  "CodecClientType",
+			reason: "value must be one of the defined enum values",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+	}
+
+	if all {
+		switch v := interface{}(m.GetServiceNameMatcher()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, HealthCheck_HttpHealthCheckValidationError{
+					field:  "ServiceNameMatcher",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, HealthCheck_HttpHealthCheckValidationError{
+					field:  "ServiceNameMatcher",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetServiceNameMatcher()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return HealthCheck_HttpHealthCheckValidationError{
+				field:  "ServiceNameMatcher",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if len(errors) > 0 {
+		return HealthCheck_HttpHealthCheckMultiError(errors)
+	}
+	return nil
+}
+
+// HealthCheck_HttpHealthCheckMultiError is an error wrapping multiple
+// validation errors returned by HealthCheck_HttpHealthCheck.ValidateAll() if
+// the designated constraints aren't met.
+type HealthCheck_HttpHealthCheckMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m HealthCheck_HttpHealthCheckMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m HealthCheck_HttpHealthCheckMultiError) AllErrors() []error { return m }
+
+// HealthCheck_HttpHealthCheckValidationError is the validation error returned
+// by HealthCheck_HttpHealthCheck.Validate if the designated constraints
+// aren't met.
+type HealthCheck_HttpHealthCheckValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e HealthCheck_HttpHealthCheckValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e HealthCheck_HttpHealthCheckValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e HealthCheck_HttpHealthCheckValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e HealthCheck_HttpHealthCheckValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e HealthCheck_HttpHealthCheckValidationError) ErrorName() string {
+	return "HealthCheck_HttpHealthCheckValidationError"
+}
+
+// Error satisfies the builtin error interface
+func (e HealthCheck_HttpHealthCheckValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sHealthCheck_HttpHealthCheck.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = HealthCheck_HttpHealthCheckValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = HealthCheck_HttpHealthCheckValidationError{}
+
+// Validate checks the field values on HealthCheck_TcpHealthCheck with the
+// rules defined in the proto definition for this message. If any rules are
+// violated, the first error encountered is returned, or nil if there are no violations.
+func (m *HealthCheck_TcpHealthCheck) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on HealthCheck_TcpHealthCheck with the
+// rules defined in the proto definition for this message. If any rules are
+// violated, the result is a list of violation errors wrapped in
+// HealthCheck_TcpHealthCheckMultiError, or nil if none found.
+func (m *HealthCheck_TcpHealthCheck) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *HealthCheck_TcpHealthCheck) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	if all {
+		switch v := interface{}(m.GetSend()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, HealthCheck_TcpHealthCheckValidationError{
+					field:  "Send",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, HealthCheck_TcpHealthCheckValidationError{
+					field:  "Send",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetSend()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return HealthCheck_TcpHealthCheckValidationError{
+				field:  "Send",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	for idx, item := range m.GetReceive() {
+		_, _ = idx, item
+
+		if all {
+			switch v := interface{}(item).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, HealthCheck_TcpHealthCheckValidationError{
+						field:  fmt.Sprintf("Receive[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, HealthCheck_TcpHealthCheckValidationError{
+						field:  fmt.Sprintf("Receive[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(item).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return HealthCheck_TcpHealthCheckValidationError{
+					field:  fmt.Sprintf("Receive[%v]", idx),
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	}
+
+	if len(errors) > 0 {
+		return HealthCheck_TcpHealthCheckMultiError(errors)
+	}
+	return nil
+}
+
+// HealthCheck_TcpHealthCheckMultiError is an error wrapping multiple
+// validation errors returned by HealthCheck_TcpHealthCheck.ValidateAll() if
+// the designated constraints aren't met.
+type HealthCheck_TcpHealthCheckMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m HealthCheck_TcpHealthCheckMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m HealthCheck_TcpHealthCheckMultiError) AllErrors() []error { return m }
+
+// HealthCheck_TcpHealthCheckValidationError is the validation error returned
+// by HealthCheck_TcpHealthCheck.Validate if the designated constraints aren't met.
+type HealthCheck_TcpHealthCheckValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e HealthCheck_TcpHealthCheckValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e HealthCheck_TcpHealthCheckValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e HealthCheck_TcpHealthCheckValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e HealthCheck_TcpHealthCheckValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e HealthCheck_TcpHealthCheckValidationError) ErrorName() string {
+	return "HealthCheck_TcpHealthCheckValidationError"
+}
+
+// Error satisfies the builtin error interface
+func (e HealthCheck_TcpHealthCheckValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sHealthCheck_TcpHealthCheck.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = HealthCheck_TcpHealthCheckValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = HealthCheck_TcpHealthCheckValidationError{}
+
+// Validate checks the field values on HealthCheck_RedisHealthCheck with the
+// rules defined in the proto definition for this message. If any rules are
+// violated, the first error encountered is returned, or nil if there are no violations.
+func (m *HealthCheck_RedisHealthCheck) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on HealthCheck_RedisHealthCheck with the
+// rules defined in the proto definition for this message. If any rules are
+// violated, the result is a list of violation errors wrapped in
+// HealthCheck_RedisHealthCheckMultiError, or nil if none found.
+func (m *HealthCheck_RedisHealthCheck) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *HealthCheck_RedisHealthCheck) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	// no validation rules for Key
+
+	if len(errors) > 0 {
+		return HealthCheck_RedisHealthCheckMultiError(errors)
+	}
+	return nil
+}
+
+// HealthCheck_RedisHealthCheckMultiError is an error wrapping multiple
+// validation errors returned by HealthCheck_RedisHealthCheck.ValidateAll() if
+// the designated constraints aren't met.
+type HealthCheck_RedisHealthCheckMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m HealthCheck_RedisHealthCheckMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m HealthCheck_RedisHealthCheckMultiError) AllErrors() []error { return m }
+
+// HealthCheck_RedisHealthCheckValidationError is the validation error returned
+// by HealthCheck_RedisHealthCheck.Validate if the designated constraints
+// aren't met.
+type HealthCheck_RedisHealthCheckValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e HealthCheck_RedisHealthCheckValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e HealthCheck_RedisHealthCheckValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e HealthCheck_RedisHealthCheckValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e HealthCheck_RedisHealthCheckValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e HealthCheck_RedisHealthCheckValidationError) ErrorName() string {
+	return "HealthCheck_RedisHealthCheckValidationError"
+}
+
+// Error satisfies the builtin error interface
+func (e HealthCheck_RedisHealthCheckValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sHealthCheck_RedisHealthCheck.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = HealthCheck_RedisHealthCheckValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = HealthCheck_RedisHealthCheckValidationError{}
+
+// Validate checks the field values on HealthCheck_GrpcHealthCheck with the
+// rules defined in the proto definition for this message. If any rules are
+// violated, the first error encountered is returned, or nil if there are no violations.
+func (m *HealthCheck_GrpcHealthCheck) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on HealthCheck_GrpcHealthCheck with the
+// rules defined in the proto definition for this message. If any rules are
+// violated, the result is a list of violation errors wrapped in
+// HealthCheck_GrpcHealthCheckMultiError, or nil if none found.
+func (m *HealthCheck_GrpcHealthCheck) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *HealthCheck_GrpcHealthCheck) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	// no validation rules for ServiceName
+
+	// no validation rules for Authority
+
+	if len(errors) > 0 {
+		return HealthCheck_GrpcHealthCheckMultiError(errors)
+	}
+	return nil
+}
+
+// HealthCheck_GrpcHealthCheckMultiError is an error wrapping multiple
+// validation errors returned by HealthCheck_GrpcHealthCheck.ValidateAll() if
+// the designated constraints aren't met.
+type HealthCheck_GrpcHealthCheckMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m HealthCheck_GrpcHealthCheckMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m HealthCheck_GrpcHealthCheckMultiError) AllErrors() []error { return m }
+
+// HealthCheck_GrpcHealthCheckValidationError is the validation error returned
+// by HealthCheck_GrpcHealthCheck.Validate if the designated constraints
+// aren't met.
+type HealthCheck_GrpcHealthCheckValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e HealthCheck_GrpcHealthCheckValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e HealthCheck_GrpcHealthCheckValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e HealthCheck_GrpcHealthCheckValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e HealthCheck_GrpcHealthCheckValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e HealthCheck_GrpcHealthCheckValidationError) ErrorName() string {
+	return "HealthCheck_GrpcHealthCheckValidationError"
+}
+
+// Error satisfies the builtin error interface
+func (e HealthCheck_GrpcHealthCheckValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sHealthCheck_GrpcHealthCheck.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = HealthCheck_GrpcHealthCheckValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = HealthCheck_GrpcHealthCheckValidationError{}
+
+// Validate checks the field values on HealthCheck_CustomHealthCheck with the
+// rules defined in the proto definition for this message. If any rules are
+// violated, the first error encountered is returned, or nil if there are no violations.
+func (m *HealthCheck_CustomHealthCheck) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on HealthCheck_CustomHealthCheck with
+// the rules defined in the proto definition for this message. If any rules
+// are violated, the result is a list of violation errors wrapped in
+// HealthCheck_CustomHealthCheckMultiError, or nil if none found.
+func (m *HealthCheck_CustomHealthCheck) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *HealthCheck_CustomHealthCheck) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	if len(m.GetName()) < 1 {
+		err := HealthCheck_CustomHealthCheckValidationError{
+			field:  "Name",
+			reason: "value length must be at least 1 bytes",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+	}
+
+	switch m.ConfigType.(type) {
+
+	case *HealthCheck_CustomHealthCheck_Config:
+
+		if all {
+			switch v := interface{}(m.GetConfig()).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, HealthCheck_CustomHealthCheckValidationError{
+						field:  "Config",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, HealthCheck_CustomHealthCheckValidationError{
+						field:  "Config",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(m.GetConfig()).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return HealthCheck_CustomHealthCheckValidationError{
+					field:  "Config",
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	case *HealthCheck_CustomHealthCheck_TypedConfig:
+
+		if all {
+			switch v := interface{}(m.GetTypedConfig()).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, HealthCheck_CustomHealthCheckValidationError{
+						field:  "TypedConfig",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, HealthCheck_CustomHealthCheckValidationError{
+						field:  "TypedConfig",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(m.GetTypedConfig()).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return HealthCheck_CustomHealthCheckValidationError{
+					field:  "TypedConfig",
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	}
+
+	if len(errors) > 0 {
+		return HealthCheck_CustomHealthCheckMultiError(errors)
+	}
+	return nil
+}
+
+// HealthCheck_CustomHealthCheckMultiError is an error wrapping multiple
+// validation errors returned by HealthCheck_CustomHealthCheck.ValidateAll()
+// if the designated constraints aren't met.
+type HealthCheck_CustomHealthCheckMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m HealthCheck_CustomHealthCheckMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m HealthCheck_CustomHealthCheckMultiError) AllErrors() []error { return m }
+
+// HealthCheck_CustomHealthCheckValidationError is the validation error
+// returned by HealthCheck_CustomHealthCheck.Validate if the designated
+// constraints aren't met.
+type HealthCheck_CustomHealthCheckValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e HealthCheck_CustomHealthCheckValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e HealthCheck_CustomHealthCheckValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e HealthCheck_CustomHealthCheckValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e HealthCheck_CustomHealthCheckValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e HealthCheck_CustomHealthCheckValidationError) ErrorName() string {
+	return "HealthCheck_CustomHealthCheckValidationError"
+}
+
+// Error satisfies the builtin error interface
+func (e HealthCheck_CustomHealthCheckValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sHealthCheck_CustomHealthCheck.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = HealthCheck_CustomHealthCheckValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = HealthCheck_CustomHealthCheckValidationError{}
+
+// Validate checks the field values on HealthCheck_TlsOptions with the rules
+// defined in the proto definition for this message. If any rules are
+// violated, the first error encountered is returned, or nil if there are no violations.
+func (m *HealthCheck_TlsOptions) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on HealthCheck_TlsOptions with the rules
+// defined in the proto definition for this message. If any rules are
+// violated, the result is a list of violation errors wrapped in
+// HealthCheck_TlsOptionsMultiError, or nil if none found.
+func (m *HealthCheck_TlsOptions) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *HealthCheck_TlsOptions) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	if len(errors) > 0 {
+		return HealthCheck_TlsOptionsMultiError(errors)
+	}
+	return nil
+}
+
+// HealthCheck_TlsOptionsMultiError is an error wrapping multiple validation
+// errors returned by HealthCheck_TlsOptions.ValidateAll() if the designated
+// constraints aren't met.
+type HealthCheck_TlsOptionsMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m HealthCheck_TlsOptionsMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m HealthCheck_TlsOptionsMultiError) AllErrors() []error { return m }
+
+// HealthCheck_TlsOptionsValidationError is the validation error returned by
+// HealthCheck_TlsOptions.Validate if the designated constraints aren't met.
+type HealthCheck_TlsOptionsValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e HealthCheck_TlsOptionsValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e HealthCheck_TlsOptionsValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e HealthCheck_TlsOptionsValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e HealthCheck_TlsOptionsValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e HealthCheck_TlsOptionsValidationError) ErrorName() string {
+	return "HealthCheck_TlsOptionsValidationError"
+}
+
+// Error satisfies the builtin error interface
+func (e HealthCheck_TlsOptionsValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sHealthCheck_TlsOptions.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = HealthCheck_TlsOptionsValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = HealthCheck_TlsOptionsValidationError{}
diff --git a/vendor/github.com/envoyproxy/go-control-plane/envoy/api/v2/core/http_uri.pb.go b/vendor/github.com/envoyproxy/go-control-plane/envoy/api/v2/core/http_uri.pb.go
new file mode 100644
index 00000000000..4a714d514b1
--- /dev/null
+++ b/vendor/github.com/envoyproxy/go-control-plane/envoy/api/v2/core/http_uri.pb.go
@@ -0,0 +1,236 @@
+// Code generated by protoc-gen-go. DO NOT EDIT.
+// versions:
+// 	protoc-gen-go v1.25.0
+// 	protoc        v3.19.1
+// source: envoy/api/v2/core/http_uri.proto
+
+package envoy_api_v2_core
+
+import (
+	_ "github.com/cncf/xds/go/udpa/annotations"
+	_ "github.com/envoyproxy/protoc-gen-validate/validate"
+	proto "github.com/golang/protobuf/proto"
+	duration "github.com/golang/protobuf/ptypes/duration"
+	protoreflect "google.golang.org/protobuf/reflect/protoreflect"
+	protoimpl "google.golang.org/protobuf/runtime/protoimpl"
+	reflect "reflect"
+	sync "sync"
+)
+
+const (
+	// Verify that this generated code is sufficiently up-to-date.
+	_ = protoimpl.EnforceVersion(20 - protoimpl.MinVersion)
+	// Verify that runtime/protoimpl is sufficiently up-to-date.
+	_ = protoimpl.EnforceVersion(protoimpl.MaxVersion - 20)
+)
+
+// This is a compile-time assertion that a sufficiently up-to-date version
+// of the legacy proto package is being used.
+const _ = proto.ProtoPackageIsVersion4
+
+// Envoy external URI descriptor
+type HttpUri struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// The HTTP server URI. It should be a full FQDN with protocol, host and path.
+	//
+	// Example:
+	//
+	// .. code-block:: yaml
+	//
+	//    uri: https://www.googleapis.com/oauth2/v1/certs
+	//
+	Uri string `protobuf:"bytes,1,opt,name=uri,proto3" json:"uri,omitempty"`
+	// Specify how `uri` is to be fetched. Today, this requires an explicit
+	// cluster, but in the future we may support dynamic cluster creation or
+	// inline DNS resolution. See `issue
+	// <https://github.com/envoyproxy/envoy/issues/1606>`_.
+	//
+	// Types that are assignable to HttpUpstreamType:
+	//	*HttpUri_Cluster
+	HttpUpstreamType isHttpUri_HttpUpstreamType `protobuf_oneof:"http_upstream_type"`
+	// Sets the maximum duration in milliseconds that a response can take to arrive upon request.
+	Timeout *duration.Duration `protobuf:"bytes,3,opt,name=timeout,proto3" json:"timeout,omitempty"`
+}
+
+func (x *HttpUri) Reset() {
+	*x = HttpUri{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_api_v2_core_http_uri_proto_msgTypes[0]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *HttpUri) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*HttpUri) ProtoMessage() {}
+
+func (x *HttpUri) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_api_v2_core_http_uri_proto_msgTypes[0]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use HttpUri.ProtoReflect.Descriptor instead.
+func (*HttpUri) Descriptor() ([]byte, []int) {
+	return file_envoy_api_v2_core_http_uri_proto_rawDescGZIP(), []int{0}
+}
+
+func (x *HttpUri) GetUri() string {
+	if x != nil {
+		return x.Uri
+	}
+	return ""
+}
+
+func (m *HttpUri) GetHttpUpstreamType() isHttpUri_HttpUpstreamType {
+	if m != nil {
+		return m.HttpUpstreamType
+	}
+	return nil
+}
+
+func (x *HttpUri) GetCluster() string {
+	if x, ok := x.GetHttpUpstreamType().(*HttpUri_Cluster); ok {
+		return x.Cluster
+	}
+	return ""
+}
+
+func (x *HttpUri) GetTimeout() *duration.Duration {
+	if x != nil {
+		return x.Timeout
+	}
+	return nil
+}
+
+type isHttpUri_HttpUpstreamType interface {
+	isHttpUri_HttpUpstreamType()
+}
+
+type HttpUri_Cluster struct {
+	// A cluster is created in the Envoy "cluster_manager" config
+	// section. This field specifies the cluster name.
+	//
+	// Example:
+	//
+	// .. code-block:: yaml
+	//
+	//    cluster: jwks_cluster
+	//
+	Cluster string `protobuf:"bytes,2,opt,name=cluster,proto3,oneof"`
+}
+
+func (*HttpUri_Cluster) isHttpUri_HttpUpstreamType() {}
+
+var File_envoy_api_v2_core_http_uri_proto protoreflect.FileDescriptor
+
+var file_envoy_api_v2_core_http_uri_proto_rawDesc = []byte{
+	0x0a, 0x20, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2f, 0x61, 0x70, 0x69, 0x2f, 0x76, 0x32, 0x2f, 0x63,
+	0x6f, 0x72, 0x65, 0x2f, 0x68, 0x74, 0x74, 0x70, 0x5f, 0x75, 0x72, 0x69, 0x2e, 0x70, 0x72, 0x6f,
+	0x74, 0x6f, 0x12, 0x11, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x76, 0x32,
+	0x2e, 0x63, 0x6f, 0x72, 0x65, 0x1a, 0x1e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2f, 0x70, 0x72,
+	0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2f, 0x64, 0x75, 0x72, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x2e,
+	0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x1e, 0x75, 0x64, 0x70, 0x61, 0x2f, 0x61, 0x6e, 0x6e, 0x6f,
+	0x74, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x2f, 0x6d, 0x69, 0x67, 0x72, 0x61, 0x74, 0x65, 0x2e,
+	0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x1d, 0x75, 0x64, 0x70, 0x61, 0x2f, 0x61, 0x6e, 0x6e, 0x6f,
+	0x74, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x2f, 0x73, 0x74, 0x61, 0x74, 0x75, 0x73, 0x2e, 0x70,
+	0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x17, 0x76, 0x61, 0x6c, 0x69, 0x64, 0x61, 0x74, 0x65, 0x2f, 0x76,
+	0x61, 0x6c, 0x69, 0x64, 0x61, 0x74, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x22, 0xa5, 0x01,
+	0x0a, 0x07, 0x48, 0x74, 0x74, 0x70, 0x55, 0x72, 0x69, 0x12, 0x19, 0x0a, 0x03, 0x75, 0x72, 0x69,
+	0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x42, 0x07, 0xfa, 0x42, 0x04, 0x72, 0x02, 0x20, 0x01, 0x52,
+	0x03, 0x75, 0x72, 0x69, 0x12, 0x23, 0x0a, 0x07, 0x63, 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0x18,
+	0x02, 0x20, 0x01, 0x28, 0x09, 0x42, 0x07, 0xfa, 0x42, 0x04, 0x72, 0x02, 0x20, 0x01, 0x48, 0x00,
+	0x52, 0x07, 0x63, 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0x12, 0x3f, 0x0a, 0x07, 0x74, 0x69, 0x6d,
+	0x65, 0x6f, 0x75, 0x74, 0x18, 0x03, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x19, 0x2e, 0x67, 0x6f, 0x6f,
+	0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x44, 0x75, 0x72,
+	0x61, 0x74, 0x69, 0x6f, 0x6e, 0x42, 0x0a, 0xfa, 0x42, 0x07, 0xaa, 0x01, 0x04, 0x08, 0x01, 0x32,
+	0x00, 0x52, 0x07, 0x74, 0x69, 0x6d, 0x65, 0x6f, 0x75, 0x74, 0x42, 0x19, 0x0a, 0x12, 0x68, 0x74,
+	0x74, 0x70, 0x5f, 0x75, 0x70, 0x73, 0x74, 0x72, 0x65, 0x61, 0x6d, 0x5f, 0x74, 0x79, 0x70, 0x65,
+	0x12, 0x03, 0xf8, 0x42, 0x01, 0x42, 0x55, 0x0a, 0x1f, 0x69, 0x6f, 0x2e, 0x65, 0x6e, 0x76, 0x6f,
+	0x79, 0x70, 0x72, 0x6f, 0x78, 0x79, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61, 0x70, 0x69,
+	0x2e, 0x76, 0x32, 0x2e, 0x63, 0x6f, 0x72, 0x65, 0x42, 0x0c, 0x48, 0x74, 0x74, 0x70, 0x55, 0x72,
+	0x69, 0x50, 0x72, 0x6f, 0x74, 0x6f, 0x50, 0x01, 0xf2, 0x98, 0xfe, 0x8f, 0x05, 0x16, 0x12, 0x14,
+	0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x63, 0x6f, 0x72,
+	0x65, 0x2e, 0x76, 0x33, 0xba, 0x80, 0xc8, 0xd1, 0x06, 0x02, 0x10, 0x01, 0x62, 0x06, 0x70, 0x72,
+	0x6f, 0x74, 0x6f, 0x33,
+}
+
+var (
+	file_envoy_api_v2_core_http_uri_proto_rawDescOnce sync.Once
+	file_envoy_api_v2_core_http_uri_proto_rawDescData = file_envoy_api_v2_core_http_uri_proto_rawDesc
+)
+
+func file_envoy_api_v2_core_http_uri_proto_rawDescGZIP() []byte {
+	file_envoy_api_v2_core_http_uri_proto_rawDescOnce.Do(func() {
+		file_envoy_api_v2_core_http_uri_proto_rawDescData = protoimpl.X.CompressGZIP(file_envoy_api_v2_core_http_uri_proto_rawDescData)
+	})
+	return file_envoy_api_v2_core_http_uri_proto_rawDescData
+}
+
+var file_envoy_api_v2_core_http_uri_proto_msgTypes = make([]protoimpl.MessageInfo, 1)
+var file_envoy_api_v2_core_http_uri_proto_goTypes = []interface{}{
+	(*HttpUri)(nil),           // 0: envoy.api.v2.core.HttpUri
+	(*duration.Duration)(nil), // 1: google.protobuf.Duration
+}
+var file_envoy_api_v2_core_http_uri_proto_depIdxs = []int32{
+	1, // 0: envoy.api.v2.core.HttpUri.timeout:type_name -> google.protobuf.Duration
+	1, // [1:1] is the sub-list for method output_type
+	1, // [1:1] is the sub-list for method input_type
+	1, // [1:1] is the sub-list for extension type_name
+	1, // [1:1] is the sub-list for extension extendee
+	0, // [0:1] is the sub-list for field type_name
+}
+
+func init() { file_envoy_api_v2_core_http_uri_proto_init() }
+func file_envoy_api_v2_core_http_uri_proto_init() {
+	if File_envoy_api_v2_core_http_uri_proto != nil {
+		return
+	}
+	if !protoimpl.UnsafeEnabled {
+		file_envoy_api_v2_core_http_uri_proto_msgTypes[0].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*HttpUri); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+	}
+	file_envoy_api_v2_core_http_uri_proto_msgTypes[0].OneofWrappers = []interface{}{
+		(*HttpUri_Cluster)(nil),
+	}
+	type x struct{}
+	out := protoimpl.TypeBuilder{
+		File: protoimpl.DescBuilder{
+			GoPackagePath: reflect.TypeOf(x{}).PkgPath(),
+			RawDescriptor: file_envoy_api_v2_core_http_uri_proto_rawDesc,
+			NumEnums:      0,
+			NumMessages:   1,
+			NumExtensions: 0,
+			NumServices:   0,
+		},
+		GoTypes:           file_envoy_api_v2_core_http_uri_proto_goTypes,
+		DependencyIndexes: file_envoy_api_v2_core_http_uri_proto_depIdxs,
+		MessageInfos:      file_envoy_api_v2_core_http_uri_proto_msgTypes,
+	}.Build()
+	File_envoy_api_v2_core_http_uri_proto = out.File
+	file_envoy_api_v2_core_http_uri_proto_rawDesc = nil
+	file_envoy_api_v2_core_http_uri_proto_goTypes = nil
+	file_envoy_api_v2_core_http_uri_proto_depIdxs = nil
+}
diff --git a/vendor/github.com/envoyproxy/go-control-plane/envoy/api/v2/core/http_uri.pb.validate.go b/vendor/github.com/envoyproxy/go-control-plane/envoy/api/v2/core/http_uri.pb.validate.go
new file mode 100644
index 00000000000..e7462760afe
--- /dev/null
+++ b/vendor/github.com/envoyproxy/go-control-plane/envoy/api/v2/core/http_uri.pb.validate.go
@@ -0,0 +1,212 @@
+// Code generated by protoc-gen-validate. DO NOT EDIT.
+// source: envoy/api/v2/core/http_uri.proto
+
+package envoy_api_v2_core
+
+import (
+	"bytes"
+	"errors"
+	"fmt"
+	"net"
+	"net/mail"
+	"net/url"
+	"regexp"
+	"sort"
+	"strings"
+	"time"
+	"unicode/utf8"
+
+	"google.golang.org/protobuf/types/known/anypb"
+)
+
+// ensure the imports are used
+var (
+	_ = bytes.MinRead
+	_ = errors.New("")
+	_ = fmt.Print
+	_ = utf8.UTFMax
+	_ = (*regexp.Regexp)(nil)
+	_ = (*strings.Reader)(nil)
+	_ = net.IPv4len
+	_ = time.Duration(0)
+	_ = (*url.URL)(nil)
+	_ = (*mail.Address)(nil)
+	_ = anypb.Any{}
+	_ = sort.Sort
+)
+
+// Validate checks the field values on HttpUri with the rules defined in the
+// proto definition for this message. If any rules are violated, the first
+// error encountered is returned, or nil if there are no violations.
+func (m *HttpUri) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on HttpUri with the rules defined in the
+// proto definition for this message. If any rules are violated, the result is
+// a list of violation errors wrapped in HttpUriMultiError, or nil if none found.
+func (m *HttpUri) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *HttpUri) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	if len(m.GetUri()) < 1 {
+		err := HttpUriValidationError{
+			field:  "Uri",
+			reason: "value length must be at least 1 bytes",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+	}
+
+	if m.GetTimeout() == nil {
+		err := HttpUriValidationError{
+			field:  "Timeout",
+			reason: "value is required",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+	}
+
+	if d := m.GetTimeout(); d != nil {
+		dur, err := d.AsDuration(), d.CheckValid()
+		if err != nil {
+			err = HttpUriValidationError{
+				field:  "Timeout",
+				reason: "value is not a valid duration",
+				cause:  err,
+			}
+			if !all {
+				return err
+			}
+			errors = append(errors, err)
+		} else {
+
+			gte := time.Duration(0*time.Second + 0*time.Nanosecond)
+
+			if dur < gte {
+				err := HttpUriValidationError{
+					field:  "Timeout",
+					reason: "value must be greater than or equal to 0s",
+				}
+				if !all {
+					return err
+				}
+				errors = append(errors, err)
+			}
+
+		}
+	}
+
+	switch m.HttpUpstreamType.(type) {
+
+	case *HttpUri_Cluster:
+
+		if len(m.GetCluster()) < 1 {
+			err := HttpUriValidationError{
+				field:  "Cluster",
+				reason: "value length must be at least 1 bytes",
+			}
+			if !all {
+				return err
+			}
+			errors = append(errors, err)
+		}
+
+	default:
+		err := HttpUriValidationError{
+			field:  "HttpUpstreamType",
+			reason: "value is required",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+
+	}
+
+	if len(errors) > 0 {
+		return HttpUriMultiError(errors)
+	}
+	return nil
+}
+
+// HttpUriMultiError is an error wrapping multiple validation errors returned
+// by HttpUri.ValidateAll() if the designated constraints aren't met.
+type HttpUriMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m HttpUriMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m HttpUriMultiError) AllErrors() []error { return m }
+
+// HttpUriValidationError is the validation error returned by HttpUri.Validate
+// if the designated constraints aren't met.
+type HttpUriValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e HttpUriValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e HttpUriValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e HttpUriValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e HttpUriValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e HttpUriValidationError) ErrorName() string { return "HttpUriValidationError" }
+
+// Error satisfies the builtin error interface
+func (e HttpUriValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sHttpUri.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = HttpUriValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = HttpUriValidationError{}
diff --git a/vendor/github.com/envoyproxy/go-control-plane/envoy/api/v2/core/protocol.pb.go b/vendor/github.com/envoyproxy/go-control-plane/envoy/api/v2/core/protocol.pb.go
new file mode 100644
index 00000000000..02e3391bf9c
--- /dev/null
+++ b/vendor/github.com/envoyproxy/go-control-plane/envoy/api/v2/core/protocol.pb.go
@@ -0,0 +1,1256 @@
+// Code generated by protoc-gen-go. DO NOT EDIT.
+// versions:
+// 	protoc-gen-go v1.25.0
+// 	protoc        v3.19.1
+// source: envoy/api/v2/core/protocol.proto
+
+package envoy_api_v2_core
+
+import (
+	_ "github.com/cncf/xds/go/udpa/annotations"
+	_ "github.com/envoyproxy/protoc-gen-validate/validate"
+	proto "github.com/golang/protobuf/proto"
+	duration "github.com/golang/protobuf/ptypes/duration"
+	wrappers "github.com/golang/protobuf/ptypes/wrappers"
+	protoreflect "google.golang.org/protobuf/reflect/protoreflect"
+	protoimpl "google.golang.org/protobuf/runtime/protoimpl"
+	reflect "reflect"
+	sync "sync"
+)
+
+const (
+	// Verify that this generated code is sufficiently up-to-date.
+	_ = protoimpl.EnforceVersion(20 - protoimpl.MinVersion)
+	// Verify that runtime/protoimpl is sufficiently up-to-date.
+	_ = protoimpl.EnforceVersion(protoimpl.MaxVersion - 20)
+)
+
+// This is a compile-time assertion that a sufficiently up-to-date version
+// of the legacy proto package is being used.
+const _ = proto.ProtoPackageIsVersion4
+
+// Action to take when Envoy receives client request with header names containing underscore
+// characters.
+// Underscore character is allowed in header names by the RFC-7230 and this behavior is implemented
+// as a security measure due to systems that treat '_' and '-' as interchangeable. Envoy by default allows client request headers with underscore
+// characters.
+type HttpProtocolOptions_HeadersWithUnderscoresAction int32
+
+const (
+	// Allow headers with underscores. This is the default behavior.
+	HttpProtocolOptions_ALLOW HttpProtocolOptions_HeadersWithUnderscoresAction = 0
+	// Reject client request. HTTP/1 requests are rejected with the 400 status. HTTP/2 requests
+	// end with the stream reset. The "httpN.requests_rejected_with_underscores_in_headers" counter
+	// is incremented for each rejected request.
+	HttpProtocolOptions_REJECT_REQUEST HttpProtocolOptions_HeadersWithUnderscoresAction = 1
+	// Drop the header with name containing underscores. The header is dropped before the filter chain is
+	// invoked and as such filters will not see dropped headers. The
+	// "httpN.dropped_headers_with_underscores" is incremented for each dropped header.
+	HttpProtocolOptions_DROP_HEADER HttpProtocolOptions_HeadersWithUnderscoresAction = 2
+)
+
+// Enum value maps for HttpProtocolOptions_HeadersWithUnderscoresAction.
+var (
+	HttpProtocolOptions_HeadersWithUnderscoresAction_name = map[int32]string{
+		0: "ALLOW",
+		1: "REJECT_REQUEST",
+		2: "DROP_HEADER",
+	}
+	HttpProtocolOptions_HeadersWithUnderscoresAction_value = map[string]int32{
+		"ALLOW":          0,
+		"REJECT_REQUEST": 1,
+		"DROP_HEADER":    2,
+	}
+)
+
+func (x HttpProtocolOptions_HeadersWithUnderscoresAction) Enum() *HttpProtocolOptions_HeadersWithUnderscoresAction {
+	p := new(HttpProtocolOptions_HeadersWithUnderscoresAction)
+	*p = x
+	return p
+}
+
+func (x HttpProtocolOptions_HeadersWithUnderscoresAction) String() string {
+	return protoimpl.X.EnumStringOf(x.Descriptor(), protoreflect.EnumNumber(x))
+}
+
+func (HttpProtocolOptions_HeadersWithUnderscoresAction) Descriptor() protoreflect.EnumDescriptor {
+	return file_envoy_api_v2_core_protocol_proto_enumTypes[0].Descriptor()
+}
+
+func (HttpProtocolOptions_HeadersWithUnderscoresAction) Type() protoreflect.EnumType {
+	return &file_envoy_api_v2_core_protocol_proto_enumTypes[0]
+}
+
+func (x HttpProtocolOptions_HeadersWithUnderscoresAction) Number() protoreflect.EnumNumber {
+	return protoreflect.EnumNumber(x)
+}
+
+// Deprecated: Use HttpProtocolOptions_HeadersWithUnderscoresAction.Descriptor instead.
+func (HttpProtocolOptions_HeadersWithUnderscoresAction) EnumDescriptor() ([]byte, []int) {
+	return file_envoy_api_v2_core_protocol_proto_rawDescGZIP(), []int{2, 0}
+}
+
+// [#not-implemented-hide:]
+type TcpProtocolOptions struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+}
+
+func (x *TcpProtocolOptions) Reset() {
+	*x = TcpProtocolOptions{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_api_v2_core_protocol_proto_msgTypes[0]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *TcpProtocolOptions) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*TcpProtocolOptions) ProtoMessage() {}
+
+func (x *TcpProtocolOptions) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_api_v2_core_protocol_proto_msgTypes[0]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use TcpProtocolOptions.ProtoReflect.Descriptor instead.
+func (*TcpProtocolOptions) Descriptor() ([]byte, []int) {
+	return file_envoy_api_v2_core_protocol_proto_rawDescGZIP(), []int{0}
+}
+
+type UpstreamHttpProtocolOptions struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// Set transport socket `SNI <https://en.wikipedia.org/wiki/Server_Name_Indication>`_ for new
+	// upstream connections based on the downstream HTTP host/authority header, as seen by the
+	// :ref:`router filter <config_http_filters_router>`.
+	AutoSni bool `protobuf:"varint,1,opt,name=auto_sni,json=autoSni,proto3" json:"auto_sni,omitempty"`
+	// Automatic validate upstream presented certificate for new upstream connections based on the
+	// downstream HTTP host/authority header, as seen by the
+	// :ref:`router filter <config_http_filters_router>`.
+	// This field is intended to set with `auto_sni` field.
+	AutoSanValidation bool `protobuf:"varint,2,opt,name=auto_san_validation,json=autoSanValidation,proto3" json:"auto_san_validation,omitempty"`
+}
+
+func (x *UpstreamHttpProtocolOptions) Reset() {
+	*x = UpstreamHttpProtocolOptions{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_api_v2_core_protocol_proto_msgTypes[1]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *UpstreamHttpProtocolOptions) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*UpstreamHttpProtocolOptions) ProtoMessage() {}
+
+func (x *UpstreamHttpProtocolOptions) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_api_v2_core_protocol_proto_msgTypes[1]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use UpstreamHttpProtocolOptions.ProtoReflect.Descriptor instead.
+func (*UpstreamHttpProtocolOptions) Descriptor() ([]byte, []int) {
+	return file_envoy_api_v2_core_protocol_proto_rawDescGZIP(), []int{1}
+}
+
+func (x *UpstreamHttpProtocolOptions) GetAutoSni() bool {
+	if x != nil {
+		return x.AutoSni
+	}
+	return false
+}
+
+func (x *UpstreamHttpProtocolOptions) GetAutoSanValidation() bool {
+	if x != nil {
+		return x.AutoSanValidation
+	}
+	return false
+}
+
+// [#next-free-field: 6]
+type HttpProtocolOptions struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// The idle timeout for connections. The idle timeout is defined as the
+	// period in which there are no active requests. When the
+	// idle timeout is reached the connection will be closed. If the connection is an HTTP/2
+	// downstream connection a drain sequence will occur prior to closing the connection, see
+	// :ref:`drain_timeout
+	// <envoy_api_field_config.filter.network.http_connection_manager.v2.HttpConnectionManager.drain_timeout>`.
+	// Note that request based timeouts mean that HTTP/2 PINGs will not keep the connection alive.
+	// If not specified, this defaults to 1 hour. To disable idle timeouts explicitly set this to 0.
+	//
+	// .. warning::
+	//   Disabling this timeout has a highly likelihood of yielding connection leaks due to lost TCP
+	//   FIN packets, etc.
+	IdleTimeout *duration.Duration `protobuf:"bytes,1,opt,name=idle_timeout,json=idleTimeout,proto3" json:"idle_timeout,omitempty"`
+	// The maximum duration of a connection. The duration is defined as a period since a connection
+	// was established. If not set, there is no max duration. When max_connection_duration is reached
+	// the connection will be closed. Drain sequence will occur prior to closing the connection if
+	// if's applicable. See :ref:`drain_timeout
+	// <envoy_api_field_config.filter.network.http_connection_manager.v2.HttpConnectionManager.drain_timeout>`.
+	// Note: not implemented for upstream connections.
+	MaxConnectionDuration *duration.Duration `protobuf:"bytes,3,opt,name=max_connection_duration,json=maxConnectionDuration,proto3" json:"max_connection_duration,omitempty"`
+	// The maximum number of headers. If unconfigured, the default
+	// maximum number of request headers allowed is 100. Requests that exceed this limit will receive
+	// a 431 response for HTTP/1.x and cause a stream reset for HTTP/2.
+	MaxHeadersCount *wrappers.UInt32Value `protobuf:"bytes,2,opt,name=max_headers_count,json=maxHeadersCount,proto3" json:"max_headers_count,omitempty"`
+	// Total duration to keep alive an HTTP request/response stream. If the time limit is reached the stream will be
+	// reset independent of any other timeouts. If not specified, this value is not set.
+	MaxStreamDuration *duration.Duration `protobuf:"bytes,4,opt,name=max_stream_duration,json=maxStreamDuration,proto3" json:"max_stream_duration,omitempty"`
+	// Action to take when a client request with a header name containing underscore characters is received.
+	// If this setting is not specified, the value defaults to ALLOW.
+	// Note: upstream responses are not affected by this setting.
+	HeadersWithUnderscoresAction HttpProtocolOptions_HeadersWithUnderscoresAction `protobuf:"varint,5,opt,name=headers_with_underscores_action,json=headersWithUnderscoresAction,proto3,enum=envoy.api.v2.core.HttpProtocolOptions_HeadersWithUnderscoresAction" json:"headers_with_underscores_action,omitempty"`
+}
+
+func (x *HttpProtocolOptions) Reset() {
+	*x = HttpProtocolOptions{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_api_v2_core_protocol_proto_msgTypes[2]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *HttpProtocolOptions) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*HttpProtocolOptions) ProtoMessage() {}
+
+func (x *HttpProtocolOptions) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_api_v2_core_protocol_proto_msgTypes[2]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use HttpProtocolOptions.ProtoReflect.Descriptor instead.
+func (*HttpProtocolOptions) Descriptor() ([]byte, []int) {
+	return file_envoy_api_v2_core_protocol_proto_rawDescGZIP(), []int{2}
+}
+
+func (x *HttpProtocolOptions) GetIdleTimeout() *duration.Duration {
+	if x != nil {
+		return x.IdleTimeout
+	}
+	return nil
+}
+
+func (x *HttpProtocolOptions) GetMaxConnectionDuration() *duration.Duration {
+	if x != nil {
+		return x.MaxConnectionDuration
+	}
+	return nil
+}
+
+func (x *HttpProtocolOptions) GetMaxHeadersCount() *wrappers.UInt32Value {
+	if x != nil {
+		return x.MaxHeadersCount
+	}
+	return nil
+}
+
+func (x *HttpProtocolOptions) GetMaxStreamDuration() *duration.Duration {
+	if x != nil {
+		return x.MaxStreamDuration
+	}
+	return nil
+}
+
+func (x *HttpProtocolOptions) GetHeadersWithUnderscoresAction() HttpProtocolOptions_HeadersWithUnderscoresAction {
+	if x != nil {
+		return x.HeadersWithUnderscoresAction
+	}
+	return HttpProtocolOptions_ALLOW
+}
+
+// [#next-free-field: 6]
+type Http1ProtocolOptions struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// Handle HTTP requests with absolute URLs in the requests. These requests
+	// are generally sent by clients to forward/explicit proxies. This allows clients to configure
+	// envoy as their HTTP proxy. In Unix, for example, this is typically done by setting the
+	// *http_proxy* environment variable.
+	AllowAbsoluteUrl *wrappers.BoolValue `protobuf:"bytes,1,opt,name=allow_absolute_url,json=allowAbsoluteUrl,proto3" json:"allow_absolute_url,omitempty"`
+	// Handle incoming HTTP/1.0 and HTTP 0.9 requests.
+	// This is off by default, and not fully standards compliant. There is support for pre-HTTP/1.1
+	// style connect logic, dechunking, and handling lack of client host iff
+	// *default_host_for_http_10* is configured.
+	AcceptHttp_10 bool `protobuf:"varint,2,opt,name=accept_http_10,json=acceptHttp10,proto3" json:"accept_http_10,omitempty"`
+	// A default host for HTTP/1.0 requests. This is highly suggested if *accept_http_10* is true as
+	// Envoy does not otherwise support HTTP/1.0 without a Host header.
+	// This is a no-op if *accept_http_10* is not true.
+	DefaultHostForHttp_10 string `protobuf:"bytes,3,opt,name=default_host_for_http_10,json=defaultHostForHttp10,proto3" json:"default_host_for_http_10,omitempty"`
+	// Describes how the keys for response headers should be formatted. By default, all header keys
+	// are lower cased.
+	HeaderKeyFormat *Http1ProtocolOptions_HeaderKeyFormat `protobuf:"bytes,4,opt,name=header_key_format,json=headerKeyFormat,proto3" json:"header_key_format,omitempty"`
+	// Enables trailers for HTTP/1. By default the HTTP/1 codec drops proxied trailers.
+	//
+	// .. attention::
+	//
+	//   Note that this only happens when Envoy is chunk encoding which occurs when:
+	//   - The request is HTTP/1.1.
+	//   - Is neither a HEAD only request nor a HTTP Upgrade.
+	//   - Not a response to a HEAD request.
+	//   - The content length header is not present.
+	EnableTrailers bool `protobuf:"varint,5,opt,name=enable_trailers,json=enableTrailers,proto3" json:"enable_trailers,omitempty"`
+}
+
+func (x *Http1ProtocolOptions) Reset() {
+	*x = Http1ProtocolOptions{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_api_v2_core_protocol_proto_msgTypes[3]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *Http1ProtocolOptions) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*Http1ProtocolOptions) ProtoMessage() {}
+
+func (x *Http1ProtocolOptions) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_api_v2_core_protocol_proto_msgTypes[3]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use Http1ProtocolOptions.ProtoReflect.Descriptor instead.
+func (*Http1ProtocolOptions) Descriptor() ([]byte, []int) {
+	return file_envoy_api_v2_core_protocol_proto_rawDescGZIP(), []int{3}
+}
+
+func (x *Http1ProtocolOptions) GetAllowAbsoluteUrl() *wrappers.BoolValue {
+	if x != nil {
+		return x.AllowAbsoluteUrl
+	}
+	return nil
+}
+
+func (x *Http1ProtocolOptions) GetAcceptHttp_10() bool {
+	if x != nil {
+		return x.AcceptHttp_10
+	}
+	return false
+}
+
+func (x *Http1ProtocolOptions) GetDefaultHostForHttp_10() string {
+	if x != nil {
+		return x.DefaultHostForHttp_10
+	}
+	return ""
+}
+
+func (x *Http1ProtocolOptions) GetHeaderKeyFormat() *Http1ProtocolOptions_HeaderKeyFormat {
+	if x != nil {
+		return x.HeaderKeyFormat
+	}
+	return nil
+}
+
+func (x *Http1ProtocolOptions) GetEnableTrailers() bool {
+	if x != nil {
+		return x.EnableTrailers
+	}
+	return false
+}
+
+// [#next-free-field: 14]
+type Http2ProtocolOptions struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// `Maximum table size <https://httpwg.org/specs/rfc7541.html#rfc.section.4.2>`_
+	// (in octets) that the encoder is permitted to use for the dynamic HPACK table. Valid values
+	// range from 0 to 4294967295 (2^32 - 1) and defaults to 4096. 0 effectively disables header
+	// compression.
+	HpackTableSize *wrappers.UInt32Value `protobuf:"bytes,1,opt,name=hpack_table_size,json=hpackTableSize,proto3" json:"hpack_table_size,omitempty"`
+	// `Maximum concurrent streams <https://httpwg.org/specs/rfc7540.html#rfc.section.5.1.2>`_
+	// allowed for peer on one HTTP/2 connection. Valid values range from 1 to 2147483647 (2^31 - 1)
+	// and defaults to 2147483647.
+	//
+	// For upstream connections, this also limits how many streams Envoy will initiate concurrently
+	// on a single connection. If the limit is reached, Envoy may queue requests or establish
+	// additional connections (as allowed per circuit breaker limits).
+	MaxConcurrentStreams *wrappers.UInt32Value `protobuf:"bytes,2,opt,name=max_concurrent_streams,json=maxConcurrentStreams,proto3" json:"max_concurrent_streams,omitempty"`
+	// `Initial stream-level flow-control window
+	// <https://httpwg.org/specs/rfc7540.html#rfc.section.6.9.2>`_ size. Valid values range from 65535
+	// (2^16 - 1, HTTP/2 default) to 2147483647 (2^31 - 1, HTTP/2 maximum) and defaults to 268435456
+	// (256 * 1024 * 1024).
+	//
+	// NOTE: 65535 is the initial window size from HTTP/2 spec. We only support increasing the default
+	// window size now, so it's also the minimum.
+	//
+	// This field also acts as a soft limit on the number of bytes Envoy will buffer per-stream in the
+	// HTTP/2 codec buffers. Once the buffer reaches this pointer, watermark callbacks will fire to
+	// stop the flow of data to the codec buffers.
+	InitialStreamWindowSize *wrappers.UInt32Value `protobuf:"bytes,3,opt,name=initial_stream_window_size,json=initialStreamWindowSize,proto3" json:"initial_stream_window_size,omitempty"`
+	// Similar to *initial_stream_window_size*, but for connection-level flow-control
+	// window. Currently, this has the same minimum/maximum/default as *initial_stream_window_size*.
+	InitialConnectionWindowSize *wrappers.UInt32Value `protobuf:"bytes,4,opt,name=initial_connection_window_size,json=initialConnectionWindowSize,proto3" json:"initial_connection_window_size,omitempty"`
+	// Allows proxying Websocket and other upgrades over H2 connect.
+	AllowConnect bool `protobuf:"varint,5,opt,name=allow_connect,json=allowConnect,proto3" json:"allow_connect,omitempty"`
+	// [#not-implemented-hide:] Hiding until envoy has full metadata support.
+	// Still under implementation. DO NOT USE.
+	//
+	// Allows metadata. See [metadata
+	// docs](https://github.com/envoyproxy/envoy/blob/main/source/docs/h2_metadata.md) for more
+	// information.
+	AllowMetadata bool `protobuf:"varint,6,opt,name=allow_metadata,json=allowMetadata,proto3" json:"allow_metadata,omitempty"`
+	// Limit the number of pending outbound downstream frames of all types (frames that are waiting to
+	// be written into the socket). Exceeding this limit triggers flood mitigation and connection is
+	// terminated. The ``http2.outbound_flood`` stat tracks the number of terminated connections due
+	// to flood mitigation. The default limit is 10000.
+	// [#comment:TODO: implement same limits for upstream outbound frames as well.]
+	MaxOutboundFrames *wrappers.UInt32Value `protobuf:"bytes,7,opt,name=max_outbound_frames,json=maxOutboundFrames,proto3" json:"max_outbound_frames,omitempty"`
+	// Limit the number of pending outbound downstream frames of types PING, SETTINGS and RST_STREAM,
+	// preventing high memory utilization when receiving continuous stream of these frames. Exceeding
+	// this limit triggers flood mitigation and connection is terminated. The
+	// ``http2.outbound_control_flood`` stat tracks the number of terminated connections due to flood
+	// mitigation. The default limit is 1000.
+	// [#comment:TODO: implement same limits for upstream outbound frames as well.]
+	MaxOutboundControlFrames *wrappers.UInt32Value `protobuf:"bytes,8,opt,name=max_outbound_control_frames,json=maxOutboundControlFrames,proto3" json:"max_outbound_control_frames,omitempty"`
+	// Limit the number of consecutive inbound frames of types HEADERS, CONTINUATION and DATA with an
+	// empty payload and no end stream flag. Those frames have no legitimate use and are abusive, but
+	// might be a result of a broken HTTP/2 implementation. The `http2.inbound_empty_frames_flood``
+	// stat tracks the number of connections terminated due to flood mitigation.
+	// Setting this to 0 will terminate connection upon receiving first frame with an empty payload
+	// and no end stream flag. The default limit is 1.
+	// [#comment:TODO: implement same limits for upstream inbound frames as well.]
+	MaxConsecutiveInboundFramesWithEmptyPayload *wrappers.UInt32Value `protobuf:"bytes,9,opt,name=max_consecutive_inbound_frames_with_empty_payload,json=maxConsecutiveInboundFramesWithEmptyPayload,proto3" json:"max_consecutive_inbound_frames_with_empty_payload,omitempty"`
+	// Limit the number of inbound PRIORITY frames allowed per each opened stream. If the number
+	// of PRIORITY frames received over the lifetime of connection exceeds the value calculated
+	// using this formula::
+	//
+	//     max_inbound_priority_frames_per_stream * (1 + inbound_streams)
+	//
+	// the connection is terminated. The ``http2.inbound_priority_frames_flood`` stat tracks
+	// the number of connections terminated due to flood mitigation. The default limit is 100.
+	// [#comment:TODO: implement same limits for upstream inbound frames as well.]
+	MaxInboundPriorityFramesPerStream *wrappers.UInt32Value `protobuf:"bytes,10,opt,name=max_inbound_priority_frames_per_stream,json=maxInboundPriorityFramesPerStream,proto3" json:"max_inbound_priority_frames_per_stream,omitempty"`
+	// Limit the number of inbound WINDOW_UPDATE frames allowed per DATA frame sent. If the number
+	// of WINDOW_UPDATE frames received over the lifetime of connection exceeds the value calculated
+	// using this formula::
+	//
+	//     1 + 2 * (inbound_streams +
+	//              max_inbound_window_update_frames_per_data_frame_sent * outbound_data_frames)
+	//
+	// the connection is terminated. The ``http2.inbound_priority_frames_flood`` stat tracks
+	// the number of connections terminated due to flood mitigation. The default limit is 10.
+	// Setting this to 1 should be enough to support HTTP/2 implementations with basic flow control,
+	// but more complex implementations that try to estimate available bandwidth require at least 2.
+	// [#comment:TODO: implement same limits for upstream inbound frames as well.]
+	MaxInboundWindowUpdateFramesPerDataFrameSent *wrappers.UInt32Value `protobuf:"bytes,11,opt,name=max_inbound_window_update_frames_per_data_frame_sent,json=maxInboundWindowUpdateFramesPerDataFrameSent,proto3" json:"max_inbound_window_update_frames_per_data_frame_sent,omitempty"`
+	// Allows invalid HTTP messaging and headers. When this option is disabled (default), then
+	// the whole HTTP/2 connection is terminated upon receiving invalid HEADERS frame. However,
+	// when this option is enabled, only the offending stream is terminated.
+	//
+	// See `RFC7540, sec. 8.1 <https://tools.ietf.org/html/rfc7540#section-8.1>`_ for details.
+	StreamErrorOnInvalidHttpMessaging bool `protobuf:"varint,12,opt,name=stream_error_on_invalid_http_messaging,json=streamErrorOnInvalidHttpMessaging,proto3" json:"stream_error_on_invalid_http_messaging,omitempty"`
+	// [#not-implemented-hide:]
+	// Specifies SETTINGS frame parameters to be sent to the peer, with two exceptions:
+	//
+	// 1. SETTINGS_ENABLE_PUSH (0x2) is not configurable as HTTP/2 server push is not supported by
+	// Envoy.
+	//
+	// 2. SETTINGS_ENABLE_CONNECT_PROTOCOL (0x8) is only configurable through the named field
+	// 'allow_connect'.
+	//
+	// Note that custom parameters specified through this field can not also be set in the
+	// corresponding named parameters:
+	//
+	// .. code-block:: text
+	//
+	//   ID    Field Name
+	//   ----------------
+	//   0x1   hpack_table_size
+	//   0x3   max_concurrent_streams
+	//   0x4   initial_stream_window_size
+	//
+	// Collisions will trigger config validation failure on load/update. Likewise, inconsistencies
+	// between custom parameters with the same identifier will trigger a failure.
+	//
+	// See `IANA HTTP/2 Settings
+	// <https://www.iana.org/assignments/http2-parameters/http2-parameters.xhtml#settings>`_ for
+	// standardized identifiers.
+	CustomSettingsParameters []*Http2ProtocolOptions_SettingsParameter `protobuf:"bytes,13,rep,name=custom_settings_parameters,json=customSettingsParameters,proto3" json:"custom_settings_parameters,omitempty"`
+}
+
+func (x *Http2ProtocolOptions) Reset() {
+	*x = Http2ProtocolOptions{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_api_v2_core_protocol_proto_msgTypes[4]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *Http2ProtocolOptions) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*Http2ProtocolOptions) ProtoMessage() {}
+
+func (x *Http2ProtocolOptions) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_api_v2_core_protocol_proto_msgTypes[4]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use Http2ProtocolOptions.ProtoReflect.Descriptor instead.
+func (*Http2ProtocolOptions) Descriptor() ([]byte, []int) {
+	return file_envoy_api_v2_core_protocol_proto_rawDescGZIP(), []int{4}
+}
+
+func (x *Http2ProtocolOptions) GetHpackTableSize() *wrappers.UInt32Value {
+	if x != nil {
+		return x.HpackTableSize
+	}
+	return nil
+}
+
+func (x *Http2ProtocolOptions) GetMaxConcurrentStreams() *wrappers.UInt32Value {
+	if x != nil {
+		return x.MaxConcurrentStreams
+	}
+	return nil
+}
+
+func (x *Http2ProtocolOptions) GetInitialStreamWindowSize() *wrappers.UInt32Value {
+	if x != nil {
+		return x.InitialStreamWindowSize
+	}
+	return nil
+}
+
+func (x *Http2ProtocolOptions) GetInitialConnectionWindowSize() *wrappers.UInt32Value {
+	if x != nil {
+		return x.InitialConnectionWindowSize
+	}
+	return nil
+}
+
+func (x *Http2ProtocolOptions) GetAllowConnect() bool {
+	if x != nil {
+		return x.AllowConnect
+	}
+	return false
+}
+
+func (x *Http2ProtocolOptions) GetAllowMetadata() bool {
+	if x != nil {
+		return x.AllowMetadata
+	}
+	return false
+}
+
+func (x *Http2ProtocolOptions) GetMaxOutboundFrames() *wrappers.UInt32Value {
+	if x != nil {
+		return x.MaxOutboundFrames
+	}
+	return nil
+}
+
+func (x *Http2ProtocolOptions) GetMaxOutboundControlFrames() *wrappers.UInt32Value {
+	if x != nil {
+		return x.MaxOutboundControlFrames
+	}
+	return nil
+}
+
+func (x *Http2ProtocolOptions) GetMaxConsecutiveInboundFramesWithEmptyPayload() *wrappers.UInt32Value {
+	if x != nil {
+		return x.MaxConsecutiveInboundFramesWithEmptyPayload
+	}
+	return nil
+}
+
+func (x *Http2ProtocolOptions) GetMaxInboundPriorityFramesPerStream() *wrappers.UInt32Value {
+	if x != nil {
+		return x.MaxInboundPriorityFramesPerStream
+	}
+	return nil
+}
+
+func (x *Http2ProtocolOptions) GetMaxInboundWindowUpdateFramesPerDataFrameSent() *wrappers.UInt32Value {
+	if x != nil {
+		return x.MaxInboundWindowUpdateFramesPerDataFrameSent
+	}
+	return nil
+}
+
+func (x *Http2ProtocolOptions) GetStreamErrorOnInvalidHttpMessaging() bool {
+	if x != nil {
+		return x.StreamErrorOnInvalidHttpMessaging
+	}
+	return false
+}
+
+func (x *Http2ProtocolOptions) GetCustomSettingsParameters() []*Http2ProtocolOptions_SettingsParameter {
+	if x != nil {
+		return x.CustomSettingsParameters
+	}
+	return nil
+}
+
+// [#not-implemented-hide:]
+type GrpcProtocolOptions struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	Http2ProtocolOptions *Http2ProtocolOptions `protobuf:"bytes,1,opt,name=http2_protocol_options,json=http2ProtocolOptions,proto3" json:"http2_protocol_options,omitempty"`
+}
+
+func (x *GrpcProtocolOptions) Reset() {
+	*x = GrpcProtocolOptions{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_api_v2_core_protocol_proto_msgTypes[5]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *GrpcProtocolOptions) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*GrpcProtocolOptions) ProtoMessage() {}
+
+func (x *GrpcProtocolOptions) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_api_v2_core_protocol_proto_msgTypes[5]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use GrpcProtocolOptions.ProtoReflect.Descriptor instead.
+func (*GrpcProtocolOptions) Descriptor() ([]byte, []int) {
+	return file_envoy_api_v2_core_protocol_proto_rawDescGZIP(), []int{5}
+}
+
+func (x *GrpcProtocolOptions) GetHttp2ProtocolOptions() *Http2ProtocolOptions {
+	if x != nil {
+		return x.Http2ProtocolOptions
+	}
+	return nil
+}
+
+type Http1ProtocolOptions_HeaderKeyFormat struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// Types that are assignable to HeaderFormat:
+	//	*Http1ProtocolOptions_HeaderKeyFormat_ProperCaseWords_
+	HeaderFormat isHttp1ProtocolOptions_HeaderKeyFormat_HeaderFormat `protobuf_oneof:"header_format"`
+}
+
+func (x *Http1ProtocolOptions_HeaderKeyFormat) Reset() {
+	*x = Http1ProtocolOptions_HeaderKeyFormat{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_api_v2_core_protocol_proto_msgTypes[6]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *Http1ProtocolOptions_HeaderKeyFormat) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*Http1ProtocolOptions_HeaderKeyFormat) ProtoMessage() {}
+
+func (x *Http1ProtocolOptions_HeaderKeyFormat) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_api_v2_core_protocol_proto_msgTypes[6]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use Http1ProtocolOptions_HeaderKeyFormat.ProtoReflect.Descriptor instead.
+func (*Http1ProtocolOptions_HeaderKeyFormat) Descriptor() ([]byte, []int) {
+	return file_envoy_api_v2_core_protocol_proto_rawDescGZIP(), []int{3, 0}
+}
+
+func (m *Http1ProtocolOptions_HeaderKeyFormat) GetHeaderFormat() isHttp1ProtocolOptions_HeaderKeyFormat_HeaderFormat {
+	if m != nil {
+		return m.HeaderFormat
+	}
+	return nil
+}
+
+func (x *Http1ProtocolOptions_HeaderKeyFormat) GetProperCaseWords() *Http1ProtocolOptions_HeaderKeyFormat_ProperCaseWords {
+	if x, ok := x.GetHeaderFormat().(*Http1ProtocolOptions_HeaderKeyFormat_ProperCaseWords_); ok {
+		return x.ProperCaseWords
+	}
+	return nil
+}
+
+type isHttp1ProtocolOptions_HeaderKeyFormat_HeaderFormat interface {
+	isHttp1ProtocolOptions_HeaderKeyFormat_HeaderFormat()
+}
+
+type Http1ProtocolOptions_HeaderKeyFormat_ProperCaseWords_ struct {
+	// Formats the header by proper casing words: the first character and any character following
+	// a special character will be capitalized if it's an alpha character. For example,
+	// "content-type" becomes "Content-Type", and "foo$b#$are" becomes "Foo$B#$Are".
+	// Note that while this results in most headers following conventional casing, certain headers
+	// are not covered. For example, the "TE" header will be formatted as "Te".
+	ProperCaseWords *Http1ProtocolOptions_HeaderKeyFormat_ProperCaseWords `protobuf:"bytes,1,opt,name=proper_case_words,json=properCaseWords,proto3,oneof"`
+}
+
+func (*Http1ProtocolOptions_HeaderKeyFormat_ProperCaseWords_) isHttp1ProtocolOptions_HeaderKeyFormat_HeaderFormat() {
+}
+
+type Http1ProtocolOptions_HeaderKeyFormat_ProperCaseWords struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+}
+
+func (x *Http1ProtocolOptions_HeaderKeyFormat_ProperCaseWords) Reset() {
+	*x = Http1ProtocolOptions_HeaderKeyFormat_ProperCaseWords{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_api_v2_core_protocol_proto_msgTypes[7]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *Http1ProtocolOptions_HeaderKeyFormat_ProperCaseWords) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*Http1ProtocolOptions_HeaderKeyFormat_ProperCaseWords) ProtoMessage() {}
+
+func (x *Http1ProtocolOptions_HeaderKeyFormat_ProperCaseWords) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_api_v2_core_protocol_proto_msgTypes[7]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use Http1ProtocolOptions_HeaderKeyFormat_ProperCaseWords.ProtoReflect.Descriptor instead.
+func (*Http1ProtocolOptions_HeaderKeyFormat_ProperCaseWords) Descriptor() ([]byte, []int) {
+	return file_envoy_api_v2_core_protocol_proto_rawDescGZIP(), []int{3, 0, 0}
+}
+
+// Defines a parameter to be sent in the SETTINGS frame.
+// See `RFC7540, sec. 6.5.1 <https://tools.ietf.org/html/rfc7540#section-6.5.1>`_ for details.
+type Http2ProtocolOptions_SettingsParameter struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// The 16 bit parameter identifier.
+	Identifier *wrappers.UInt32Value `protobuf:"bytes,1,opt,name=identifier,proto3" json:"identifier,omitempty"`
+	// The 32 bit parameter value.
+	Value *wrappers.UInt32Value `protobuf:"bytes,2,opt,name=value,proto3" json:"value,omitempty"`
+}
+
+func (x *Http2ProtocolOptions_SettingsParameter) Reset() {
+	*x = Http2ProtocolOptions_SettingsParameter{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_api_v2_core_protocol_proto_msgTypes[8]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *Http2ProtocolOptions_SettingsParameter) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*Http2ProtocolOptions_SettingsParameter) ProtoMessage() {}
+
+func (x *Http2ProtocolOptions_SettingsParameter) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_api_v2_core_protocol_proto_msgTypes[8]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use Http2ProtocolOptions_SettingsParameter.ProtoReflect.Descriptor instead.
+func (*Http2ProtocolOptions_SettingsParameter) Descriptor() ([]byte, []int) {
+	return file_envoy_api_v2_core_protocol_proto_rawDescGZIP(), []int{4, 0}
+}
+
+func (x *Http2ProtocolOptions_SettingsParameter) GetIdentifier() *wrappers.UInt32Value {
+	if x != nil {
+		return x.Identifier
+	}
+	return nil
+}
+
+func (x *Http2ProtocolOptions_SettingsParameter) GetValue() *wrappers.UInt32Value {
+	if x != nil {
+		return x.Value
+	}
+	return nil
+}
+
+var File_envoy_api_v2_core_protocol_proto protoreflect.FileDescriptor
+
+var file_envoy_api_v2_core_protocol_proto_rawDesc = []byte{
+	0x0a, 0x20, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2f, 0x61, 0x70, 0x69, 0x2f, 0x76, 0x32, 0x2f, 0x63,
+	0x6f, 0x72, 0x65, 0x2f, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x63, 0x6f, 0x6c, 0x2e, 0x70, 0x72, 0x6f,
+	0x74, 0x6f, 0x12, 0x11, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x76, 0x32,
+	0x2e, 0x63, 0x6f, 0x72, 0x65, 0x1a, 0x1e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2f, 0x70, 0x72,
+	0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2f, 0x64, 0x75, 0x72, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x2e,
+	0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x1e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2f, 0x70, 0x72,
+	0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2f, 0x77, 0x72, 0x61, 0x70, 0x70, 0x65, 0x72, 0x73, 0x2e,
+	0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x1e, 0x75, 0x64, 0x70, 0x61, 0x2f, 0x61, 0x6e, 0x6e, 0x6f,
+	0x74, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x2f, 0x6d, 0x69, 0x67, 0x72, 0x61, 0x74, 0x65, 0x2e,
+	0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x1d, 0x75, 0x64, 0x70, 0x61, 0x2f, 0x61, 0x6e, 0x6e, 0x6f,
+	0x74, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x2f, 0x73, 0x74, 0x61, 0x74, 0x75, 0x73, 0x2e, 0x70,
+	0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x17, 0x76, 0x61, 0x6c, 0x69, 0x64, 0x61, 0x74, 0x65, 0x2f, 0x76,
+	0x61, 0x6c, 0x69, 0x64, 0x61, 0x74, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x22, 0x14, 0x0a,
+	0x12, 0x54, 0x63, 0x70, 0x50, 0x72, 0x6f, 0x74, 0x6f, 0x63, 0x6f, 0x6c, 0x4f, 0x70, 0x74, 0x69,
+	0x6f, 0x6e, 0x73, 0x22, 0x68, 0x0a, 0x1b, 0x55, 0x70, 0x73, 0x74, 0x72, 0x65, 0x61, 0x6d, 0x48,
+	0x74, 0x74, 0x70, 0x50, 0x72, 0x6f, 0x74, 0x6f, 0x63, 0x6f, 0x6c, 0x4f, 0x70, 0x74, 0x69, 0x6f,
+	0x6e, 0x73, 0x12, 0x19, 0x0a, 0x08, 0x61, 0x75, 0x74, 0x6f, 0x5f, 0x73, 0x6e, 0x69, 0x18, 0x01,
+	0x20, 0x01, 0x28, 0x08, 0x52, 0x07, 0x61, 0x75, 0x74, 0x6f, 0x53, 0x6e, 0x69, 0x12, 0x2e, 0x0a,
+	0x13, 0x61, 0x75, 0x74, 0x6f, 0x5f, 0x73, 0x61, 0x6e, 0x5f, 0x76, 0x61, 0x6c, 0x69, 0x64, 0x61,
+	0x74, 0x69, 0x6f, 0x6e, 0x18, 0x02, 0x20, 0x01, 0x28, 0x08, 0x52, 0x11, 0x61, 0x75, 0x74, 0x6f,
+	0x53, 0x61, 0x6e, 0x56, 0x61, 0x6c, 0x69, 0x64, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x22, 0xa1, 0x04,
+	0x0a, 0x13, 0x48, 0x74, 0x74, 0x70, 0x50, 0x72, 0x6f, 0x74, 0x6f, 0x63, 0x6f, 0x6c, 0x4f, 0x70,
+	0x74, 0x69, 0x6f, 0x6e, 0x73, 0x12, 0x3c, 0x0a, 0x0c, 0x69, 0x64, 0x6c, 0x65, 0x5f, 0x74, 0x69,
+	0x6d, 0x65, 0x6f, 0x75, 0x74, 0x18, 0x01, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x19, 0x2e, 0x67, 0x6f,
+	0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x44, 0x75,
+	0x72, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x52, 0x0b, 0x69, 0x64, 0x6c, 0x65, 0x54, 0x69, 0x6d, 0x65,
+	0x6f, 0x75, 0x74, 0x12, 0x51, 0x0a, 0x17, 0x6d, 0x61, 0x78, 0x5f, 0x63, 0x6f, 0x6e, 0x6e, 0x65,
+	0x63, 0x74, 0x69, 0x6f, 0x6e, 0x5f, 0x64, 0x75, 0x72, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x18, 0x03,
+	0x20, 0x01, 0x28, 0x0b, 0x32, 0x19, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72,
+	0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x44, 0x75, 0x72, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x52,
+	0x15, 0x6d, 0x61, 0x78, 0x43, 0x6f, 0x6e, 0x6e, 0x65, 0x63, 0x74, 0x69, 0x6f, 0x6e, 0x44, 0x75,
+	0x72, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x12, 0x51, 0x0a, 0x11, 0x6d, 0x61, 0x78, 0x5f, 0x68, 0x65,
+	0x61, 0x64, 0x65, 0x72, 0x73, 0x5f, 0x63, 0x6f, 0x75, 0x6e, 0x74, 0x18, 0x02, 0x20, 0x01, 0x28,
+	0x0b, 0x32, 0x1c, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f,
+	0x62, 0x75, 0x66, 0x2e, 0x55, 0x49, 0x6e, 0x74, 0x33, 0x32, 0x56, 0x61, 0x6c, 0x75, 0x65, 0x42,
+	0x07, 0xfa, 0x42, 0x04, 0x2a, 0x02, 0x28, 0x01, 0x52, 0x0f, 0x6d, 0x61, 0x78, 0x48, 0x65, 0x61,
+	0x64, 0x65, 0x72, 0x73, 0x43, 0x6f, 0x75, 0x6e, 0x74, 0x12, 0x49, 0x0a, 0x13, 0x6d, 0x61, 0x78,
+	0x5f, 0x73, 0x74, 0x72, 0x65, 0x61, 0x6d, 0x5f, 0x64, 0x75, 0x72, 0x61, 0x74, 0x69, 0x6f, 0x6e,
+	0x18, 0x04, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x19, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e,
+	0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x44, 0x75, 0x72, 0x61, 0x74, 0x69, 0x6f,
+	0x6e, 0x52, 0x11, 0x6d, 0x61, 0x78, 0x53, 0x74, 0x72, 0x65, 0x61, 0x6d, 0x44, 0x75, 0x72, 0x61,
+	0x74, 0x69, 0x6f, 0x6e, 0x12, 0x8a, 0x01, 0x0a, 0x1f, 0x68, 0x65, 0x61, 0x64, 0x65, 0x72, 0x73,
+	0x5f, 0x77, 0x69, 0x74, 0x68, 0x5f, 0x75, 0x6e, 0x64, 0x65, 0x72, 0x73, 0x63, 0x6f, 0x72, 0x65,
+	0x73, 0x5f, 0x61, 0x63, 0x74, 0x69, 0x6f, 0x6e, 0x18, 0x05, 0x20, 0x01, 0x28, 0x0e, 0x32, 0x43,
+	0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x76, 0x32, 0x2e, 0x63, 0x6f,
+	0x72, 0x65, 0x2e, 0x48, 0x74, 0x74, 0x70, 0x50, 0x72, 0x6f, 0x74, 0x6f, 0x63, 0x6f, 0x6c, 0x4f,
+	0x70, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x2e, 0x48, 0x65, 0x61, 0x64, 0x65, 0x72, 0x73, 0x57, 0x69,
+	0x74, 0x68, 0x55, 0x6e, 0x64, 0x65, 0x72, 0x73, 0x63, 0x6f, 0x72, 0x65, 0x73, 0x41, 0x63, 0x74,
+	0x69, 0x6f, 0x6e, 0x52, 0x1c, 0x68, 0x65, 0x61, 0x64, 0x65, 0x72, 0x73, 0x57, 0x69, 0x74, 0x68,
+	0x55, 0x6e, 0x64, 0x65, 0x72, 0x73, 0x63, 0x6f, 0x72, 0x65, 0x73, 0x41, 0x63, 0x74, 0x69, 0x6f,
+	0x6e, 0x22, 0x4e, 0x0a, 0x1c, 0x48, 0x65, 0x61, 0x64, 0x65, 0x72, 0x73, 0x57, 0x69, 0x74, 0x68,
+	0x55, 0x6e, 0x64, 0x65, 0x72, 0x73, 0x63, 0x6f, 0x72, 0x65, 0x73, 0x41, 0x63, 0x74, 0x69, 0x6f,
+	0x6e, 0x12, 0x09, 0x0a, 0x05, 0x41, 0x4c, 0x4c, 0x4f, 0x57, 0x10, 0x00, 0x12, 0x12, 0x0a, 0x0e,
+	0x52, 0x45, 0x4a, 0x45, 0x43, 0x54, 0x5f, 0x52, 0x45, 0x51, 0x55, 0x45, 0x53, 0x54, 0x10, 0x01,
+	0x12, 0x0f, 0x0a, 0x0b, 0x44, 0x52, 0x4f, 0x50, 0x5f, 0x48, 0x45, 0x41, 0x44, 0x45, 0x52, 0x10,
+	0x02, 0x22, 0x80, 0x04, 0x0a, 0x14, 0x48, 0x74, 0x74, 0x70, 0x31, 0x50, 0x72, 0x6f, 0x74, 0x6f,
+	0x63, 0x6f, 0x6c, 0x4f, 0x70, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x12, 0x48, 0x0a, 0x12, 0x61, 0x6c,
+	0x6c, 0x6f, 0x77, 0x5f, 0x61, 0x62, 0x73, 0x6f, 0x6c, 0x75, 0x74, 0x65, 0x5f, 0x75, 0x72, 0x6c,
+	0x18, 0x01, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1a, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e,
+	0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x42, 0x6f, 0x6f, 0x6c, 0x56, 0x61, 0x6c,
+	0x75, 0x65, 0x52, 0x10, 0x61, 0x6c, 0x6c, 0x6f, 0x77, 0x41, 0x62, 0x73, 0x6f, 0x6c, 0x75, 0x74,
+	0x65, 0x55, 0x72, 0x6c, 0x12, 0x24, 0x0a, 0x0e, 0x61, 0x63, 0x63, 0x65, 0x70, 0x74, 0x5f, 0x68,
+	0x74, 0x74, 0x70, 0x5f, 0x31, 0x30, 0x18, 0x02, 0x20, 0x01, 0x28, 0x08, 0x52, 0x0c, 0x61, 0x63,
+	0x63, 0x65, 0x70, 0x74, 0x48, 0x74, 0x74, 0x70, 0x31, 0x30, 0x12, 0x36, 0x0a, 0x18, 0x64, 0x65,
+	0x66, 0x61, 0x75, 0x6c, 0x74, 0x5f, 0x68, 0x6f, 0x73, 0x74, 0x5f, 0x66, 0x6f, 0x72, 0x5f, 0x68,
+	0x74, 0x74, 0x70, 0x5f, 0x31, 0x30, 0x18, 0x03, 0x20, 0x01, 0x28, 0x09, 0x52, 0x14, 0x64, 0x65,
+	0x66, 0x61, 0x75, 0x6c, 0x74, 0x48, 0x6f, 0x73, 0x74, 0x46, 0x6f, 0x72, 0x48, 0x74, 0x74, 0x70,
+	0x31, 0x30, 0x12, 0x63, 0x0a, 0x11, 0x68, 0x65, 0x61, 0x64, 0x65, 0x72, 0x5f, 0x6b, 0x65, 0x79,
+	0x5f, 0x66, 0x6f, 0x72, 0x6d, 0x61, 0x74, 0x18, 0x04, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x37, 0x2e,
+	0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x76, 0x32, 0x2e, 0x63, 0x6f, 0x72,
+	0x65, 0x2e, 0x48, 0x74, 0x74, 0x70, 0x31, 0x50, 0x72, 0x6f, 0x74, 0x6f, 0x63, 0x6f, 0x6c, 0x4f,
+	0x70, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x2e, 0x48, 0x65, 0x61, 0x64, 0x65, 0x72, 0x4b, 0x65, 0x79,
+	0x46, 0x6f, 0x72, 0x6d, 0x61, 0x74, 0x52, 0x0f, 0x68, 0x65, 0x61, 0x64, 0x65, 0x72, 0x4b, 0x65,
+	0x79, 0x46, 0x6f, 0x72, 0x6d, 0x61, 0x74, 0x12, 0x27, 0x0a, 0x0f, 0x65, 0x6e, 0x61, 0x62, 0x6c,
+	0x65, 0x5f, 0x74, 0x72, 0x61, 0x69, 0x6c, 0x65, 0x72, 0x73, 0x18, 0x05, 0x20, 0x01, 0x28, 0x08,
+	0x52, 0x0e, 0x65, 0x6e, 0x61, 0x62, 0x6c, 0x65, 0x54, 0x72, 0x61, 0x69, 0x6c, 0x65, 0x72, 0x73,
+	0x1a, 0xb1, 0x01, 0x0a, 0x0f, 0x48, 0x65, 0x61, 0x64, 0x65, 0x72, 0x4b, 0x65, 0x79, 0x46, 0x6f,
+	0x72, 0x6d, 0x61, 0x74, 0x12, 0x75, 0x0a, 0x11, 0x70, 0x72, 0x6f, 0x70, 0x65, 0x72, 0x5f, 0x63,
+	0x61, 0x73, 0x65, 0x5f, 0x77, 0x6f, 0x72, 0x64, 0x73, 0x18, 0x01, 0x20, 0x01, 0x28, 0x0b, 0x32,
+	0x47, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x76, 0x32, 0x2e, 0x63,
+	0x6f, 0x72, 0x65, 0x2e, 0x48, 0x74, 0x74, 0x70, 0x31, 0x50, 0x72, 0x6f, 0x74, 0x6f, 0x63, 0x6f,
+	0x6c, 0x4f, 0x70, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x2e, 0x48, 0x65, 0x61, 0x64, 0x65, 0x72, 0x4b,
+	0x65, 0x79, 0x46, 0x6f, 0x72, 0x6d, 0x61, 0x74, 0x2e, 0x50, 0x72, 0x6f, 0x70, 0x65, 0x72, 0x43,
+	0x61, 0x73, 0x65, 0x57, 0x6f, 0x72, 0x64, 0x73, 0x48, 0x00, 0x52, 0x0f, 0x70, 0x72, 0x6f, 0x70,
+	0x65, 0x72, 0x43, 0x61, 0x73, 0x65, 0x57, 0x6f, 0x72, 0x64, 0x73, 0x1a, 0x11, 0x0a, 0x0f, 0x50,
+	0x72, 0x6f, 0x70, 0x65, 0x72, 0x43, 0x61, 0x73, 0x65, 0x57, 0x6f, 0x72, 0x64, 0x73, 0x42, 0x14,
+	0x0a, 0x0d, 0x68, 0x65, 0x61, 0x64, 0x65, 0x72, 0x5f, 0x66, 0x6f, 0x72, 0x6d, 0x61, 0x74, 0x12,
+	0x03, 0xf8, 0x42, 0x01, 0x22, 0xa9, 0x0b, 0x0a, 0x14, 0x48, 0x74, 0x74, 0x70, 0x32, 0x50, 0x72,
+	0x6f, 0x74, 0x6f, 0x63, 0x6f, 0x6c, 0x4f, 0x70, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x12, 0x46, 0x0a,
+	0x10, 0x68, 0x70, 0x61, 0x63, 0x6b, 0x5f, 0x74, 0x61, 0x62, 0x6c, 0x65, 0x5f, 0x73, 0x69, 0x7a,
+	0x65, 0x18, 0x01, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1c, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65,
+	0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x55, 0x49, 0x6e, 0x74, 0x33, 0x32,
+	0x56, 0x61, 0x6c, 0x75, 0x65, 0x52, 0x0e, 0x68, 0x70, 0x61, 0x63, 0x6b, 0x54, 0x61, 0x62, 0x6c,
+	0x65, 0x53, 0x69, 0x7a, 0x65, 0x12, 0x61, 0x0a, 0x16, 0x6d, 0x61, 0x78, 0x5f, 0x63, 0x6f, 0x6e,
+	0x63, 0x75, 0x72, 0x72, 0x65, 0x6e, 0x74, 0x5f, 0x73, 0x74, 0x72, 0x65, 0x61, 0x6d, 0x73, 0x18,
+	0x02, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1c, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70,
+	0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x55, 0x49, 0x6e, 0x74, 0x33, 0x32, 0x56, 0x61,
+	0x6c, 0x75, 0x65, 0x42, 0x0d, 0xfa, 0x42, 0x0a, 0x2a, 0x08, 0x18, 0xff, 0xff, 0xff, 0xff, 0x07,
+	0x28, 0x01, 0x52, 0x14, 0x6d, 0x61, 0x78, 0x43, 0x6f, 0x6e, 0x63, 0x75, 0x72, 0x72, 0x65, 0x6e,
+	0x74, 0x53, 0x74, 0x72, 0x65, 0x61, 0x6d, 0x73, 0x12, 0x6a, 0x0a, 0x1a, 0x69, 0x6e, 0x69, 0x74,
+	0x69, 0x61, 0x6c, 0x5f, 0x73, 0x74, 0x72, 0x65, 0x61, 0x6d, 0x5f, 0x77, 0x69, 0x6e, 0x64, 0x6f,
+	0x77, 0x5f, 0x73, 0x69, 0x7a, 0x65, 0x18, 0x03, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1c, 0x2e, 0x67,
+	0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x55,
+	0x49, 0x6e, 0x74, 0x33, 0x32, 0x56, 0x61, 0x6c, 0x75, 0x65, 0x42, 0x0f, 0xfa, 0x42, 0x0c, 0x2a,
+	0x0a, 0x18, 0xff, 0xff, 0xff, 0xff, 0x07, 0x28, 0xff, 0xff, 0x03, 0x52, 0x17, 0x69, 0x6e, 0x69,
+	0x74, 0x69, 0x61, 0x6c, 0x53, 0x74, 0x72, 0x65, 0x61, 0x6d, 0x57, 0x69, 0x6e, 0x64, 0x6f, 0x77,
+	0x53, 0x69, 0x7a, 0x65, 0x12, 0x72, 0x0a, 0x1e, 0x69, 0x6e, 0x69, 0x74, 0x69, 0x61, 0x6c, 0x5f,
+	0x63, 0x6f, 0x6e, 0x6e, 0x65, 0x63, 0x74, 0x69, 0x6f, 0x6e, 0x5f, 0x77, 0x69, 0x6e, 0x64, 0x6f,
+	0x77, 0x5f, 0x73, 0x69, 0x7a, 0x65, 0x18, 0x04, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1c, 0x2e, 0x67,
+	0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x55,
+	0x49, 0x6e, 0x74, 0x33, 0x32, 0x56, 0x61, 0x6c, 0x75, 0x65, 0x42, 0x0f, 0xfa, 0x42, 0x0c, 0x2a,
+	0x0a, 0x18, 0xff, 0xff, 0xff, 0xff, 0x07, 0x28, 0xff, 0xff, 0x03, 0x52, 0x1b, 0x69, 0x6e, 0x69,
+	0x74, 0x69, 0x61, 0x6c, 0x43, 0x6f, 0x6e, 0x6e, 0x65, 0x63, 0x74, 0x69, 0x6f, 0x6e, 0x57, 0x69,
+	0x6e, 0x64, 0x6f, 0x77, 0x53, 0x69, 0x7a, 0x65, 0x12, 0x23, 0x0a, 0x0d, 0x61, 0x6c, 0x6c, 0x6f,
+	0x77, 0x5f, 0x63, 0x6f, 0x6e, 0x6e, 0x65, 0x63, 0x74, 0x18, 0x05, 0x20, 0x01, 0x28, 0x08, 0x52,
+	0x0c, 0x61, 0x6c, 0x6c, 0x6f, 0x77, 0x43, 0x6f, 0x6e, 0x6e, 0x65, 0x63, 0x74, 0x12, 0x25, 0x0a,
+	0x0e, 0x61, 0x6c, 0x6c, 0x6f, 0x77, 0x5f, 0x6d, 0x65, 0x74, 0x61, 0x64, 0x61, 0x74, 0x61, 0x18,
+	0x06, 0x20, 0x01, 0x28, 0x08, 0x52, 0x0d, 0x61, 0x6c, 0x6c, 0x6f, 0x77, 0x4d, 0x65, 0x74, 0x61,
+	0x64, 0x61, 0x74, 0x61, 0x12, 0x55, 0x0a, 0x13, 0x6d, 0x61, 0x78, 0x5f, 0x6f, 0x75, 0x74, 0x62,
+	0x6f, 0x75, 0x6e, 0x64, 0x5f, 0x66, 0x72, 0x61, 0x6d, 0x65, 0x73, 0x18, 0x07, 0x20, 0x01, 0x28,
+	0x0b, 0x32, 0x1c, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f,
+	0x62, 0x75, 0x66, 0x2e, 0x55, 0x49, 0x6e, 0x74, 0x33, 0x32, 0x56, 0x61, 0x6c, 0x75, 0x65, 0x42,
+	0x07, 0xfa, 0x42, 0x04, 0x2a, 0x02, 0x28, 0x01, 0x52, 0x11, 0x6d, 0x61, 0x78, 0x4f, 0x75, 0x74,
+	0x62, 0x6f, 0x75, 0x6e, 0x64, 0x46, 0x72, 0x61, 0x6d, 0x65, 0x73, 0x12, 0x64, 0x0a, 0x1b, 0x6d,
+	0x61, 0x78, 0x5f, 0x6f, 0x75, 0x74, 0x62, 0x6f, 0x75, 0x6e, 0x64, 0x5f, 0x63, 0x6f, 0x6e, 0x74,
+	0x72, 0x6f, 0x6c, 0x5f, 0x66, 0x72, 0x61, 0x6d, 0x65, 0x73, 0x18, 0x08, 0x20, 0x01, 0x28, 0x0b,
+	0x32, 0x1c, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62,
+	0x75, 0x66, 0x2e, 0x55, 0x49, 0x6e, 0x74, 0x33, 0x32, 0x56, 0x61, 0x6c, 0x75, 0x65, 0x42, 0x07,
+	0xfa, 0x42, 0x04, 0x2a, 0x02, 0x28, 0x01, 0x52, 0x18, 0x6d, 0x61, 0x78, 0x4f, 0x75, 0x74, 0x62,
+	0x6f, 0x75, 0x6e, 0x64, 0x43, 0x6f, 0x6e, 0x74, 0x72, 0x6f, 0x6c, 0x46, 0x72, 0x61, 0x6d, 0x65,
+	0x73, 0x12, 0x84, 0x01, 0x0a, 0x31, 0x6d, 0x61, 0x78, 0x5f, 0x63, 0x6f, 0x6e, 0x73, 0x65, 0x63,
+	0x75, 0x74, 0x69, 0x76, 0x65, 0x5f, 0x69, 0x6e, 0x62, 0x6f, 0x75, 0x6e, 0x64, 0x5f, 0x66, 0x72,
+	0x61, 0x6d, 0x65, 0x73, 0x5f, 0x77, 0x69, 0x74, 0x68, 0x5f, 0x65, 0x6d, 0x70, 0x74, 0x79, 0x5f,
+	0x70, 0x61, 0x79, 0x6c, 0x6f, 0x61, 0x64, 0x18, 0x09, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1c, 0x2e,
+	0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e,
+	0x55, 0x49, 0x6e, 0x74, 0x33, 0x32, 0x56, 0x61, 0x6c, 0x75, 0x65, 0x52, 0x2b, 0x6d, 0x61, 0x78,
+	0x43, 0x6f, 0x6e, 0x73, 0x65, 0x63, 0x75, 0x74, 0x69, 0x76, 0x65, 0x49, 0x6e, 0x62, 0x6f, 0x75,
+	0x6e, 0x64, 0x46, 0x72, 0x61, 0x6d, 0x65, 0x73, 0x57, 0x69, 0x74, 0x68, 0x45, 0x6d, 0x70, 0x74,
+	0x79, 0x50, 0x61, 0x79, 0x6c, 0x6f, 0x61, 0x64, 0x12, 0x6f, 0x0a, 0x26, 0x6d, 0x61, 0x78, 0x5f,
+	0x69, 0x6e, 0x62, 0x6f, 0x75, 0x6e, 0x64, 0x5f, 0x70, 0x72, 0x69, 0x6f, 0x72, 0x69, 0x74, 0x79,
+	0x5f, 0x66, 0x72, 0x61, 0x6d, 0x65, 0x73, 0x5f, 0x70, 0x65, 0x72, 0x5f, 0x73, 0x74, 0x72, 0x65,
+	0x61, 0x6d, 0x18, 0x0a, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1c, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c,
+	0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x55, 0x49, 0x6e, 0x74, 0x33,
+	0x32, 0x56, 0x61, 0x6c, 0x75, 0x65, 0x52, 0x21, 0x6d, 0x61, 0x78, 0x49, 0x6e, 0x62, 0x6f, 0x75,
+	0x6e, 0x64, 0x50, 0x72, 0x69, 0x6f, 0x72, 0x69, 0x74, 0x79, 0x46, 0x72, 0x61, 0x6d, 0x65, 0x73,
+	0x50, 0x65, 0x72, 0x53, 0x74, 0x72, 0x65, 0x61, 0x6d, 0x12, 0x91, 0x01, 0x0a, 0x34, 0x6d, 0x61,
+	0x78, 0x5f, 0x69, 0x6e, 0x62, 0x6f, 0x75, 0x6e, 0x64, 0x5f, 0x77, 0x69, 0x6e, 0x64, 0x6f, 0x77,
+	0x5f, 0x75, 0x70, 0x64, 0x61, 0x74, 0x65, 0x5f, 0x66, 0x72, 0x61, 0x6d, 0x65, 0x73, 0x5f, 0x70,
+	0x65, 0x72, 0x5f, 0x64, 0x61, 0x74, 0x61, 0x5f, 0x66, 0x72, 0x61, 0x6d, 0x65, 0x5f, 0x73, 0x65,
+	0x6e, 0x74, 0x18, 0x0b, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1c, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c,
+	0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x55, 0x49, 0x6e, 0x74, 0x33,
+	0x32, 0x56, 0x61, 0x6c, 0x75, 0x65, 0x42, 0x07, 0xfa, 0x42, 0x04, 0x2a, 0x02, 0x28, 0x01, 0x52,
+	0x2c, 0x6d, 0x61, 0x78, 0x49, 0x6e, 0x62, 0x6f, 0x75, 0x6e, 0x64, 0x57, 0x69, 0x6e, 0x64, 0x6f,
+	0x77, 0x55, 0x70, 0x64, 0x61, 0x74, 0x65, 0x46, 0x72, 0x61, 0x6d, 0x65, 0x73, 0x50, 0x65, 0x72,
+	0x44, 0x61, 0x74, 0x61, 0x46, 0x72, 0x61, 0x6d, 0x65, 0x53, 0x65, 0x6e, 0x74, 0x12, 0x51, 0x0a,
+	0x26, 0x73, 0x74, 0x72, 0x65, 0x61, 0x6d, 0x5f, 0x65, 0x72, 0x72, 0x6f, 0x72, 0x5f, 0x6f, 0x6e,
+	0x5f, 0x69, 0x6e, 0x76, 0x61, 0x6c, 0x69, 0x64, 0x5f, 0x68, 0x74, 0x74, 0x70, 0x5f, 0x6d, 0x65,
+	0x73, 0x73, 0x61, 0x67, 0x69, 0x6e, 0x67, 0x18, 0x0c, 0x20, 0x01, 0x28, 0x08, 0x52, 0x21, 0x73,
+	0x74, 0x72, 0x65, 0x61, 0x6d, 0x45, 0x72, 0x72, 0x6f, 0x72, 0x4f, 0x6e, 0x49, 0x6e, 0x76, 0x61,
+	0x6c, 0x69, 0x64, 0x48, 0x74, 0x74, 0x70, 0x4d, 0x65, 0x73, 0x73, 0x61, 0x67, 0x69, 0x6e, 0x67,
+	0x12, 0x77, 0x0a, 0x1a, 0x63, 0x75, 0x73, 0x74, 0x6f, 0x6d, 0x5f, 0x73, 0x65, 0x74, 0x74, 0x69,
+	0x6e, 0x67, 0x73, 0x5f, 0x70, 0x61, 0x72, 0x61, 0x6d, 0x65, 0x74, 0x65, 0x72, 0x73, 0x18, 0x0d,
+	0x20, 0x03, 0x28, 0x0b, 0x32, 0x39, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61, 0x70, 0x69,
+	0x2e, 0x76, 0x32, 0x2e, 0x63, 0x6f, 0x72, 0x65, 0x2e, 0x48, 0x74, 0x74, 0x70, 0x32, 0x50, 0x72,
+	0x6f, 0x74, 0x6f, 0x63, 0x6f, 0x6c, 0x4f, 0x70, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x2e, 0x53, 0x65,
+	0x74, 0x74, 0x69, 0x6e, 0x67, 0x73, 0x50, 0x61, 0x72, 0x61, 0x6d, 0x65, 0x74, 0x65, 0x72, 0x52,
+	0x18, 0x63, 0x75, 0x73, 0x74, 0x6f, 0x6d, 0x53, 0x65, 0x74, 0x74, 0x69, 0x6e, 0x67, 0x73, 0x50,
+	0x61, 0x72, 0x61, 0x6d, 0x65, 0x74, 0x65, 0x72, 0x73, 0x1a, 0xa4, 0x01, 0x0a, 0x11, 0x53, 0x65,
+	0x74, 0x74, 0x69, 0x6e, 0x67, 0x73, 0x50, 0x61, 0x72, 0x61, 0x6d, 0x65, 0x74, 0x65, 0x72, 0x12,
+	0x51, 0x0a, 0x0a, 0x69, 0x64, 0x65, 0x6e, 0x74, 0x69, 0x66, 0x69, 0x65, 0x72, 0x18, 0x01, 0x20,
+	0x01, 0x28, 0x0b, 0x32, 0x1c, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f,
+	0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x55, 0x49, 0x6e, 0x74, 0x33, 0x32, 0x56, 0x61, 0x6c, 0x75,
+	0x65, 0x42, 0x13, 0xfa, 0x42, 0x08, 0x2a, 0x06, 0x18, 0x80, 0x80, 0x04, 0x28, 0x01, 0xfa, 0x42,
+	0x05, 0x8a, 0x01, 0x02, 0x10, 0x01, 0x52, 0x0a, 0x69, 0x64, 0x65, 0x6e, 0x74, 0x69, 0x66, 0x69,
+	0x65, 0x72, 0x12, 0x3c, 0x0a, 0x05, 0x76, 0x61, 0x6c, 0x75, 0x65, 0x18, 0x02, 0x20, 0x01, 0x28,
+	0x0b, 0x32, 0x1c, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f,
+	0x62, 0x75, 0x66, 0x2e, 0x55, 0x49, 0x6e, 0x74, 0x33, 0x32, 0x56, 0x61, 0x6c, 0x75, 0x65, 0x42,
+	0x08, 0xfa, 0x42, 0x05, 0x8a, 0x01, 0x02, 0x10, 0x01, 0x52, 0x05, 0x76, 0x61, 0x6c, 0x75, 0x65,
+	0x22, 0x74, 0x0a, 0x13, 0x47, 0x72, 0x70, 0x63, 0x50, 0x72, 0x6f, 0x74, 0x6f, 0x63, 0x6f, 0x6c,
+	0x4f, 0x70, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x12, 0x5d, 0x0a, 0x16, 0x68, 0x74, 0x74, 0x70, 0x32,
+	0x5f, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x63, 0x6f, 0x6c, 0x5f, 0x6f, 0x70, 0x74, 0x69, 0x6f, 0x6e,
+	0x73, 0x18, 0x01, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x27, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e,
+	0x61, 0x70, 0x69, 0x2e, 0x76, 0x32, 0x2e, 0x63, 0x6f, 0x72, 0x65, 0x2e, 0x48, 0x74, 0x74, 0x70,
+	0x32, 0x50, 0x72, 0x6f, 0x74, 0x6f, 0x63, 0x6f, 0x6c, 0x4f, 0x70, 0x74, 0x69, 0x6f, 0x6e, 0x73,
+	0x52, 0x14, 0x68, 0x74, 0x74, 0x70, 0x32, 0x50, 0x72, 0x6f, 0x74, 0x6f, 0x63, 0x6f, 0x6c, 0x4f,
+	0x70, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x42, 0x56, 0x0a, 0x1f, 0x69, 0x6f, 0x2e, 0x65, 0x6e, 0x76,
+	0x6f, 0x79, 0x70, 0x72, 0x6f, 0x78, 0x79, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61, 0x70,
+	0x69, 0x2e, 0x76, 0x32, 0x2e, 0x63, 0x6f, 0x72, 0x65, 0x42, 0x0d, 0x50, 0x72, 0x6f, 0x74, 0x6f,
+	0x63, 0x6f, 0x6c, 0x50, 0x72, 0x6f, 0x74, 0x6f, 0x50, 0x01, 0xf2, 0x98, 0xfe, 0x8f, 0x05, 0x16,
+	0x12, 0x14, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x63,
+	0x6f, 0x72, 0x65, 0x2e, 0x76, 0x33, 0xba, 0x80, 0xc8, 0xd1, 0x06, 0x02, 0x10, 0x01, 0x62, 0x06,
+	0x70, 0x72, 0x6f, 0x74, 0x6f, 0x33,
+}
+
+var (
+	file_envoy_api_v2_core_protocol_proto_rawDescOnce sync.Once
+	file_envoy_api_v2_core_protocol_proto_rawDescData = file_envoy_api_v2_core_protocol_proto_rawDesc
+)
+
+func file_envoy_api_v2_core_protocol_proto_rawDescGZIP() []byte {
+	file_envoy_api_v2_core_protocol_proto_rawDescOnce.Do(func() {
+		file_envoy_api_v2_core_protocol_proto_rawDescData = protoimpl.X.CompressGZIP(file_envoy_api_v2_core_protocol_proto_rawDescData)
+	})
+	return file_envoy_api_v2_core_protocol_proto_rawDescData
+}
+
+var file_envoy_api_v2_core_protocol_proto_enumTypes = make([]protoimpl.EnumInfo, 1)
+var file_envoy_api_v2_core_protocol_proto_msgTypes = make([]protoimpl.MessageInfo, 9)
+var file_envoy_api_v2_core_protocol_proto_goTypes = []interface{}{
+	(HttpProtocolOptions_HeadersWithUnderscoresAction)(0),        // 0: envoy.api.v2.core.HttpProtocolOptions.HeadersWithUnderscoresAction
+	(*TcpProtocolOptions)(nil),                                   // 1: envoy.api.v2.core.TcpProtocolOptions
+	(*UpstreamHttpProtocolOptions)(nil),                          // 2: envoy.api.v2.core.UpstreamHttpProtocolOptions
+	(*HttpProtocolOptions)(nil),                                  // 3: envoy.api.v2.core.HttpProtocolOptions
+	(*Http1ProtocolOptions)(nil),                                 // 4: envoy.api.v2.core.Http1ProtocolOptions
+	(*Http2ProtocolOptions)(nil),                                 // 5: envoy.api.v2.core.Http2ProtocolOptions
+	(*GrpcProtocolOptions)(nil),                                  // 6: envoy.api.v2.core.GrpcProtocolOptions
+	(*Http1ProtocolOptions_HeaderKeyFormat)(nil),                 // 7: envoy.api.v2.core.Http1ProtocolOptions.HeaderKeyFormat
+	(*Http1ProtocolOptions_HeaderKeyFormat_ProperCaseWords)(nil), // 8: envoy.api.v2.core.Http1ProtocolOptions.HeaderKeyFormat.ProperCaseWords
+	(*Http2ProtocolOptions_SettingsParameter)(nil),               // 9: envoy.api.v2.core.Http2ProtocolOptions.SettingsParameter
+	(*duration.Duration)(nil),                                    // 10: google.protobuf.Duration
+	(*wrappers.UInt32Value)(nil),                                 // 11: google.protobuf.UInt32Value
+	(*wrappers.BoolValue)(nil),                                   // 12: google.protobuf.BoolValue
+}
+var file_envoy_api_v2_core_protocol_proto_depIdxs = []int32{
+	10, // 0: envoy.api.v2.core.HttpProtocolOptions.idle_timeout:type_name -> google.protobuf.Duration
+	10, // 1: envoy.api.v2.core.HttpProtocolOptions.max_connection_duration:type_name -> google.protobuf.Duration
+	11, // 2: envoy.api.v2.core.HttpProtocolOptions.max_headers_count:type_name -> google.protobuf.UInt32Value
+	10, // 3: envoy.api.v2.core.HttpProtocolOptions.max_stream_duration:type_name -> google.protobuf.Duration
+	0,  // 4: envoy.api.v2.core.HttpProtocolOptions.headers_with_underscores_action:type_name -> envoy.api.v2.core.HttpProtocolOptions.HeadersWithUnderscoresAction
+	12, // 5: envoy.api.v2.core.Http1ProtocolOptions.allow_absolute_url:type_name -> google.protobuf.BoolValue
+	7,  // 6: envoy.api.v2.core.Http1ProtocolOptions.header_key_format:type_name -> envoy.api.v2.core.Http1ProtocolOptions.HeaderKeyFormat
+	11, // 7: envoy.api.v2.core.Http2ProtocolOptions.hpack_table_size:type_name -> google.protobuf.UInt32Value
+	11, // 8: envoy.api.v2.core.Http2ProtocolOptions.max_concurrent_streams:type_name -> google.protobuf.UInt32Value
+	11, // 9: envoy.api.v2.core.Http2ProtocolOptions.initial_stream_window_size:type_name -> google.protobuf.UInt32Value
+	11, // 10: envoy.api.v2.core.Http2ProtocolOptions.initial_connection_window_size:type_name -> google.protobuf.UInt32Value
+	11, // 11: envoy.api.v2.core.Http2ProtocolOptions.max_outbound_frames:type_name -> google.protobuf.UInt32Value
+	11, // 12: envoy.api.v2.core.Http2ProtocolOptions.max_outbound_control_frames:type_name -> google.protobuf.UInt32Value
+	11, // 13: envoy.api.v2.core.Http2ProtocolOptions.max_consecutive_inbound_frames_with_empty_payload:type_name -> google.protobuf.UInt32Value
+	11, // 14: envoy.api.v2.core.Http2ProtocolOptions.max_inbound_priority_frames_per_stream:type_name -> google.protobuf.UInt32Value
+	11, // 15: envoy.api.v2.core.Http2ProtocolOptions.max_inbound_window_update_frames_per_data_frame_sent:type_name -> google.protobuf.UInt32Value
+	9,  // 16: envoy.api.v2.core.Http2ProtocolOptions.custom_settings_parameters:type_name -> envoy.api.v2.core.Http2ProtocolOptions.SettingsParameter
+	5,  // 17: envoy.api.v2.core.GrpcProtocolOptions.http2_protocol_options:type_name -> envoy.api.v2.core.Http2ProtocolOptions
+	8,  // 18: envoy.api.v2.core.Http1ProtocolOptions.HeaderKeyFormat.proper_case_words:type_name -> envoy.api.v2.core.Http1ProtocolOptions.HeaderKeyFormat.ProperCaseWords
+	11, // 19: envoy.api.v2.core.Http2ProtocolOptions.SettingsParameter.identifier:type_name -> google.protobuf.UInt32Value
+	11, // 20: envoy.api.v2.core.Http2ProtocolOptions.SettingsParameter.value:type_name -> google.protobuf.UInt32Value
+	21, // [21:21] is the sub-list for method output_type
+	21, // [21:21] is the sub-list for method input_type
+	21, // [21:21] is the sub-list for extension type_name
+	21, // [21:21] is the sub-list for extension extendee
+	0,  // [0:21] is the sub-list for field type_name
+}
+
+func init() { file_envoy_api_v2_core_protocol_proto_init() }
+func file_envoy_api_v2_core_protocol_proto_init() {
+	if File_envoy_api_v2_core_protocol_proto != nil {
+		return
+	}
+	if !protoimpl.UnsafeEnabled {
+		file_envoy_api_v2_core_protocol_proto_msgTypes[0].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*TcpProtocolOptions); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_api_v2_core_protocol_proto_msgTypes[1].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*UpstreamHttpProtocolOptions); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_api_v2_core_protocol_proto_msgTypes[2].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*HttpProtocolOptions); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_api_v2_core_protocol_proto_msgTypes[3].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*Http1ProtocolOptions); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_api_v2_core_protocol_proto_msgTypes[4].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*Http2ProtocolOptions); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_api_v2_core_protocol_proto_msgTypes[5].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*GrpcProtocolOptions); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_api_v2_core_protocol_proto_msgTypes[6].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*Http1ProtocolOptions_HeaderKeyFormat); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_api_v2_core_protocol_proto_msgTypes[7].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*Http1ProtocolOptions_HeaderKeyFormat_ProperCaseWords); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_api_v2_core_protocol_proto_msgTypes[8].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*Http2ProtocolOptions_SettingsParameter); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+	}
+	file_envoy_api_v2_core_protocol_proto_msgTypes[6].OneofWrappers = []interface{}{
+		(*Http1ProtocolOptions_HeaderKeyFormat_ProperCaseWords_)(nil),
+	}
+	type x struct{}
+	out := protoimpl.TypeBuilder{
+		File: protoimpl.DescBuilder{
+			GoPackagePath: reflect.TypeOf(x{}).PkgPath(),
+			RawDescriptor: file_envoy_api_v2_core_protocol_proto_rawDesc,
+			NumEnums:      1,
+			NumMessages:   9,
+			NumExtensions: 0,
+			NumServices:   0,
+		},
+		GoTypes:           file_envoy_api_v2_core_protocol_proto_goTypes,
+		DependencyIndexes: file_envoy_api_v2_core_protocol_proto_depIdxs,
+		EnumInfos:         file_envoy_api_v2_core_protocol_proto_enumTypes,
+		MessageInfos:      file_envoy_api_v2_core_protocol_proto_msgTypes,
+	}.Build()
+	File_envoy_api_v2_core_protocol_proto = out.File
+	file_envoy_api_v2_core_protocol_proto_rawDesc = nil
+	file_envoy_api_v2_core_protocol_proto_goTypes = nil
+	file_envoy_api_v2_core_protocol_proto_depIdxs = nil
+}
diff --git a/vendor/github.com/envoyproxy/go-control-plane/envoy/api/v2/core/protocol.pb.validate.go b/vendor/github.com/envoyproxy/go-control-plane/envoy/api/v2/core/protocol.pb.validate.go
new file mode 100644
index 00000000000..bf8f41e0434
--- /dev/null
+++ b/vendor/github.com/envoyproxy/go-control-plane/envoy/api/v2/core/protocol.pb.validate.go
@@ -0,0 +1,1492 @@
+// Code generated by protoc-gen-validate. DO NOT EDIT.
+// source: envoy/api/v2/core/protocol.proto
+
+package envoy_api_v2_core
+
+import (
+	"bytes"
+	"errors"
+	"fmt"
+	"net"
+	"net/mail"
+	"net/url"
+	"regexp"
+	"sort"
+	"strings"
+	"time"
+	"unicode/utf8"
+
+	"google.golang.org/protobuf/types/known/anypb"
+)
+
+// ensure the imports are used
+var (
+	_ = bytes.MinRead
+	_ = errors.New("")
+	_ = fmt.Print
+	_ = utf8.UTFMax
+	_ = (*regexp.Regexp)(nil)
+	_ = (*strings.Reader)(nil)
+	_ = net.IPv4len
+	_ = time.Duration(0)
+	_ = (*url.URL)(nil)
+	_ = (*mail.Address)(nil)
+	_ = anypb.Any{}
+	_ = sort.Sort
+)
+
+// Validate checks the field values on TcpProtocolOptions with the rules
+// defined in the proto definition for this message. If any rules are
+// violated, the first error encountered is returned, or nil if there are no violations.
+func (m *TcpProtocolOptions) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on TcpProtocolOptions with the rules
+// defined in the proto definition for this message. If any rules are
+// violated, the result is a list of violation errors wrapped in
+// TcpProtocolOptionsMultiError, or nil if none found.
+func (m *TcpProtocolOptions) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *TcpProtocolOptions) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	if len(errors) > 0 {
+		return TcpProtocolOptionsMultiError(errors)
+	}
+	return nil
+}
+
+// TcpProtocolOptionsMultiError is an error wrapping multiple validation errors
+// returned by TcpProtocolOptions.ValidateAll() if the designated constraints
+// aren't met.
+type TcpProtocolOptionsMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m TcpProtocolOptionsMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m TcpProtocolOptionsMultiError) AllErrors() []error { return m }
+
+// TcpProtocolOptionsValidationError is the validation error returned by
+// TcpProtocolOptions.Validate if the designated constraints aren't met.
+type TcpProtocolOptionsValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e TcpProtocolOptionsValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e TcpProtocolOptionsValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e TcpProtocolOptionsValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e TcpProtocolOptionsValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e TcpProtocolOptionsValidationError) ErrorName() string {
+	return "TcpProtocolOptionsValidationError"
+}
+
+// Error satisfies the builtin error interface
+func (e TcpProtocolOptionsValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sTcpProtocolOptions.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = TcpProtocolOptionsValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = TcpProtocolOptionsValidationError{}
+
+// Validate checks the field values on UpstreamHttpProtocolOptions with the
+// rules defined in the proto definition for this message. If any rules are
+// violated, the first error encountered is returned, or nil if there are no violations.
+func (m *UpstreamHttpProtocolOptions) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on UpstreamHttpProtocolOptions with the
+// rules defined in the proto definition for this message. If any rules are
+// violated, the result is a list of violation errors wrapped in
+// UpstreamHttpProtocolOptionsMultiError, or nil if none found.
+func (m *UpstreamHttpProtocolOptions) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *UpstreamHttpProtocolOptions) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	// no validation rules for AutoSni
+
+	// no validation rules for AutoSanValidation
+
+	if len(errors) > 0 {
+		return UpstreamHttpProtocolOptionsMultiError(errors)
+	}
+	return nil
+}
+
+// UpstreamHttpProtocolOptionsMultiError is an error wrapping multiple
+// validation errors returned by UpstreamHttpProtocolOptions.ValidateAll() if
+// the designated constraints aren't met.
+type UpstreamHttpProtocolOptionsMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m UpstreamHttpProtocolOptionsMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m UpstreamHttpProtocolOptionsMultiError) AllErrors() []error { return m }
+
+// UpstreamHttpProtocolOptionsValidationError is the validation error returned
+// by UpstreamHttpProtocolOptions.Validate if the designated constraints
+// aren't met.
+type UpstreamHttpProtocolOptionsValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e UpstreamHttpProtocolOptionsValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e UpstreamHttpProtocolOptionsValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e UpstreamHttpProtocolOptionsValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e UpstreamHttpProtocolOptionsValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e UpstreamHttpProtocolOptionsValidationError) ErrorName() string {
+	return "UpstreamHttpProtocolOptionsValidationError"
+}
+
+// Error satisfies the builtin error interface
+func (e UpstreamHttpProtocolOptionsValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sUpstreamHttpProtocolOptions.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = UpstreamHttpProtocolOptionsValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = UpstreamHttpProtocolOptionsValidationError{}
+
+// Validate checks the field values on HttpProtocolOptions with the rules
+// defined in the proto definition for this message. If any rules are
+// violated, the first error encountered is returned, or nil if there are no violations.
+func (m *HttpProtocolOptions) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on HttpProtocolOptions with the rules
+// defined in the proto definition for this message. If any rules are
+// violated, the result is a list of violation errors wrapped in
+// HttpProtocolOptionsMultiError, or nil if none found.
+func (m *HttpProtocolOptions) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *HttpProtocolOptions) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	if all {
+		switch v := interface{}(m.GetIdleTimeout()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, HttpProtocolOptionsValidationError{
+					field:  "IdleTimeout",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, HttpProtocolOptionsValidationError{
+					field:  "IdleTimeout",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetIdleTimeout()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return HttpProtocolOptionsValidationError{
+				field:  "IdleTimeout",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if all {
+		switch v := interface{}(m.GetMaxConnectionDuration()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, HttpProtocolOptionsValidationError{
+					field:  "MaxConnectionDuration",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, HttpProtocolOptionsValidationError{
+					field:  "MaxConnectionDuration",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetMaxConnectionDuration()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return HttpProtocolOptionsValidationError{
+				field:  "MaxConnectionDuration",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if wrapper := m.GetMaxHeadersCount(); wrapper != nil {
+
+		if wrapper.GetValue() < 1 {
+			err := HttpProtocolOptionsValidationError{
+				field:  "MaxHeadersCount",
+				reason: "value must be greater than or equal to 1",
+			}
+			if !all {
+				return err
+			}
+			errors = append(errors, err)
+		}
+
+	}
+
+	if all {
+		switch v := interface{}(m.GetMaxStreamDuration()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, HttpProtocolOptionsValidationError{
+					field:  "MaxStreamDuration",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, HttpProtocolOptionsValidationError{
+					field:  "MaxStreamDuration",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetMaxStreamDuration()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return HttpProtocolOptionsValidationError{
+				field:  "MaxStreamDuration",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	// no validation rules for HeadersWithUnderscoresAction
+
+	if len(errors) > 0 {
+		return HttpProtocolOptionsMultiError(errors)
+	}
+	return nil
+}
+
+// HttpProtocolOptionsMultiError is an error wrapping multiple validation
+// errors returned by HttpProtocolOptions.ValidateAll() if the designated
+// constraints aren't met.
+type HttpProtocolOptionsMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m HttpProtocolOptionsMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m HttpProtocolOptionsMultiError) AllErrors() []error { return m }
+
+// HttpProtocolOptionsValidationError is the validation error returned by
+// HttpProtocolOptions.Validate if the designated constraints aren't met.
+type HttpProtocolOptionsValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e HttpProtocolOptionsValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e HttpProtocolOptionsValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e HttpProtocolOptionsValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e HttpProtocolOptionsValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e HttpProtocolOptionsValidationError) ErrorName() string {
+	return "HttpProtocolOptionsValidationError"
+}
+
+// Error satisfies the builtin error interface
+func (e HttpProtocolOptionsValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sHttpProtocolOptions.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = HttpProtocolOptionsValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = HttpProtocolOptionsValidationError{}
+
+// Validate checks the field values on Http1ProtocolOptions with the rules
+// defined in the proto definition for this message. If any rules are
+// violated, the first error encountered is returned, or nil if there are no violations.
+func (m *Http1ProtocolOptions) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on Http1ProtocolOptions with the rules
+// defined in the proto definition for this message. If any rules are
+// violated, the result is a list of violation errors wrapped in
+// Http1ProtocolOptionsMultiError, or nil if none found.
+func (m *Http1ProtocolOptions) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *Http1ProtocolOptions) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	if all {
+		switch v := interface{}(m.GetAllowAbsoluteUrl()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, Http1ProtocolOptionsValidationError{
+					field:  "AllowAbsoluteUrl",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, Http1ProtocolOptionsValidationError{
+					field:  "AllowAbsoluteUrl",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetAllowAbsoluteUrl()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return Http1ProtocolOptionsValidationError{
+				field:  "AllowAbsoluteUrl",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	// no validation rules for AcceptHttp_10
+
+	// no validation rules for DefaultHostForHttp_10
+
+	if all {
+		switch v := interface{}(m.GetHeaderKeyFormat()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, Http1ProtocolOptionsValidationError{
+					field:  "HeaderKeyFormat",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, Http1ProtocolOptionsValidationError{
+					field:  "HeaderKeyFormat",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetHeaderKeyFormat()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return Http1ProtocolOptionsValidationError{
+				field:  "HeaderKeyFormat",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	// no validation rules for EnableTrailers
+
+	if len(errors) > 0 {
+		return Http1ProtocolOptionsMultiError(errors)
+	}
+	return nil
+}
+
+// Http1ProtocolOptionsMultiError is an error wrapping multiple validation
+// errors returned by Http1ProtocolOptions.ValidateAll() if the designated
+// constraints aren't met.
+type Http1ProtocolOptionsMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m Http1ProtocolOptionsMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m Http1ProtocolOptionsMultiError) AllErrors() []error { return m }
+
+// Http1ProtocolOptionsValidationError is the validation error returned by
+// Http1ProtocolOptions.Validate if the designated constraints aren't met.
+type Http1ProtocolOptionsValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e Http1ProtocolOptionsValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e Http1ProtocolOptionsValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e Http1ProtocolOptionsValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e Http1ProtocolOptionsValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e Http1ProtocolOptionsValidationError) ErrorName() string {
+	return "Http1ProtocolOptionsValidationError"
+}
+
+// Error satisfies the builtin error interface
+func (e Http1ProtocolOptionsValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sHttp1ProtocolOptions.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = Http1ProtocolOptionsValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = Http1ProtocolOptionsValidationError{}
+
+// Validate checks the field values on Http2ProtocolOptions with the rules
+// defined in the proto definition for this message. If any rules are
+// violated, the first error encountered is returned, or nil if there are no violations.
+func (m *Http2ProtocolOptions) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on Http2ProtocolOptions with the rules
+// defined in the proto definition for this message. If any rules are
+// violated, the result is a list of violation errors wrapped in
+// Http2ProtocolOptionsMultiError, or nil if none found.
+func (m *Http2ProtocolOptions) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *Http2ProtocolOptions) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	if all {
+		switch v := interface{}(m.GetHpackTableSize()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, Http2ProtocolOptionsValidationError{
+					field:  "HpackTableSize",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, Http2ProtocolOptionsValidationError{
+					field:  "HpackTableSize",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetHpackTableSize()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return Http2ProtocolOptionsValidationError{
+				field:  "HpackTableSize",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if wrapper := m.GetMaxConcurrentStreams(); wrapper != nil {
+
+		if val := wrapper.GetValue(); val < 1 || val > 2147483647 {
+			err := Http2ProtocolOptionsValidationError{
+				field:  "MaxConcurrentStreams",
+				reason: "value must be inside range [1, 2147483647]",
+			}
+			if !all {
+				return err
+			}
+			errors = append(errors, err)
+		}
+
+	}
+
+	if wrapper := m.GetInitialStreamWindowSize(); wrapper != nil {
+
+		if val := wrapper.GetValue(); val < 65535 || val > 2147483647 {
+			err := Http2ProtocolOptionsValidationError{
+				field:  "InitialStreamWindowSize",
+				reason: "value must be inside range [65535, 2147483647]",
+			}
+			if !all {
+				return err
+			}
+			errors = append(errors, err)
+		}
+
+	}
+
+	if wrapper := m.GetInitialConnectionWindowSize(); wrapper != nil {
+
+		if val := wrapper.GetValue(); val < 65535 || val > 2147483647 {
+			err := Http2ProtocolOptionsValidationError{
+				field:  "InitialConnectionWindowSize",
+				reason: "value must be inside range [65535, 2147483647]",
+			}
+			if !all {
+				return err
+			}
+			errors = append(errors, err)
+		}
+
+	}
+
+	// no validation rules for AllowConnect
+
+	// no validation rules for AllowMetadata
+
+	if wrapper := m.GetMaxOutboundFrames(); wrapper != nil {
+
+		if wrapper.GetValue() < 1 {
+			err := Http2ProtocolOptionsValidationError{
+				field:  "MaxOutboundFrames",
+				reason: "value must be greater than or equal to 1",
+			}
+			if !all {
+				return err
+			}
+			errors = append(errors, err)
+		}
+
+	}
+
+	if wrapper := m.GetMaxOutboundControlFrames(); wrapper != nil {
+
+		if wrapper.GetValue() < 1 {
+			err := Http2ProtocolOptionsValidationError{
+				field:  "MaxOutboundControlFrames",
+				reason: "value must be greater than or equal to 1",
+			}
+			if !all {
+				return err
+			}
+			errors = append(errors, err)
+		}
+
+	}
+
+	if all {
+		switch v := interface{}(m.GetMaxConsecutiveInboundFramesWithEmptyPayload()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, Http2ProtocolOptionsValidationError{
+					field:  "MaxConsecutiveInboundFramesWithEmptyPayload",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, Http2ProtocolOptionsValidationError{
+					field:  "MaxConsecutiveInboundFramesWithEmptyPayload",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetMaxConsecutiveInboundFramesWithEmptyPayload()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return Http2ProtocolOptionsValidationError{
+				field:  "MaxConsecutiveInboundFramesWithEmptyPayload",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if all {
+		switch v := interface{}(m.GetMaxInboundPriorityFramesPerStream()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, Http2ProtocolOptionsValidationError{
+					field:  "MaxInboundPriorityFramesPerStream",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, Http2ProtocolOptionsValidationError{
+					field:  "MaxInboundPriorityFramesPerStream",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetMaxInboundPriorityFramesPerStream()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return Http2ProtocolOptionsValidationError{
+				field:  "MaxInboundPriorityFramesPerStream",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if wrapper := m.GetMaxInboundWindowUpdateFramesPerDataFrameSent(); wrapper != nil {
+
+		if wrapper.GetValue() < 1 {
+			err := Http2ProtocolOptionsValidationError{
+				field:  "MaxInboundWindowUpdateFramesPerDataFrameSent",
+				reason: "value must be greater than or equal to 1",
+			}
+			if !all {
+				return err
+			}
+			errors = append(errors, err)
+		}
+
+	}
+
+	// no validation rules for StreamErrorOnInvalidHttpMessaging
+
+	for idx, item := range m.GetCustomSettingsParameters() {
+		_, _ = idx, item
+
+		if all {
+			switch v := interface{}(item).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, Http2ProtocolOptionsValidationError{
+						field:  fmt.Sprintf("CustomSettingsParameters[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, Http2ProtocolOptionsValidationError{
+						field:  fmt.Sprintf("CustomSettingsParameters[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(item).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return Http2ProtocolOptionsValidationError{
+					field:  fmt.Sprintf("CustomSettingsParameters[%v]", idx),
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	}
+
+	if len(errors) > 0 {
+		return Http2ProtocolOptionsMultiError(errors)
+	}
+	return nil
+}
+
+// Http2ProtocolOptionsMultiError is an error wrapping multiple validation
+// errors returned by Http2ProtocolOptions.ValidateAll() if the designated
+// constraints aren't met.
+type Http2ProtocolOptionsMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m Http2ProtocolOptionsMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m Http2ProtocolOptionsMultiError) AllErrors() []error { return m }
+
+// Http2ProtocolOptionsValidationError is the validation error returned by
+// Http2ProtocolOptions.Validate if the designated constraints aren't met.
+type Http2ProtocolOptionsValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e Http2ProtocolOptionsValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e Http2ProtocolOptionsValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e Http2ProtocolOptionsValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e Http2ProtocolOptionsValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e Http2ProtocolOptionsValidationError) ErrorName() string {
+	return "Http2ProtocolOptionsValidationError"
+}
+
+// Error satisfies the builtin error interface
+func (e Http2ProtocolOptionsValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sHttp2ProtocolOptions.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = Http2ProtocolOptionsValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = Http2ProtocolOptionsValidationError{}
+
+// Validate checks the field values on GrpcProtocolOptions with the rules
+// defined in the proto definition for this message. If any rules are
+// violated, the first error encountered is returned, or nil if there are no violations.
+func (m *GrpcProtocolOptions) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on GrpcProtocolOptions with the rules
+// defined in the proto definition for this message. If any rules are
+// violated, the result is a list of violation errors wrapped in
+// GrpcProtocolOptionsMultiError, or nil if none found.
+func (m *GrpcProtocolOptions) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *GrpcProtocolOptions) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	if all {
+		switch v := interface{}(m.GetHttp2ProtocolOptions()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, GrpcProtocolOptionsValidationError{
+					field:  "Http2ProtocolOptions",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, GrpcProtocolOptionsValidationError{
+					field:  "Http2ProtocolOptions",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetHttp2ProtocolOptions()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return GrpcProtocolOptionsValidationError{
+				field:  "Http2ProtocolOptions",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if len(errors) > 0 {
+		return GrpcProtocolOptionsMultiError(errors)
+	}
+	return nil
+}
+
+// GrpcProtocolOptionsMultiError is an error wrapping multiple validation
+// errors returned by GrpcProtocolOptions.ValidateAll() if the designated
+// constraints aren't met.
+type GrpcProtocolOptionsMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m GrpcProtocolOptionsMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m GrpcProtocolOptionsMultiError) AllErrors() []error { return m }
+
+// GrpcProtocolOptionsValidationError is the validation error returned by
+// GrpcProtocolOptions.Validate if the designated constraints aren't met.
+type GrpcProtocolOptionsValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e GrpcProtocolOptionsValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e GrpcProtocolOptionsValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e GrpcProtocolOptionsValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e GrpcProtocolOptionsValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e GrpcProtocolOptionsValidationError) ErrorName() string {
+	return "GrpcProtocolOptionsValidationError"
+}
+
+// Error satisfies the builtin error interface
+func (e GrpcProtocolOptionsValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sGrpcProtocolOptions.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = GrpcProtocolOptionsValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = GrpcProtocolOptionsValidationError{}
+
+// Validate checks the field values on Http1ProtocolOptions_HeaderKeyFormat
+// with the rules defined in the proto definition for this message. If any
+// rules are violated, the first error encountered is returned, or nil if
+// there are no violations.
+func (m *Http1ProtocolOptions_HeaderKeyFormat) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on Http1ProtocolOptions_HeaderKeyFormat
+// with the rules defined in the proto definition for this message. If any
+// rules are violated, the result is a list of violation errors wrapped in
+// Http1ProtocolOptions_HeaderKeyFormatMultiError, or nil if none found.
+func (m *Http1ProtocolOptions_HeaderKeyFormat) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *Http1ProtocolOptions_HeaderKeyFormat) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	switch m.HeaderFormat.(type) {
+
+	case *Http1ProtocolOptions_HeaderKeyFormat_ProperCaseWords_:
+
+		if all {
+			switch v := interface{}(m.GetProperCaseWords()).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, Http1ProtocolOptions_HeaderKeyFormatValidationError{
+						field:  "ProperCaseWords",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, Http1ProtocolOptions_HeaderKeyFormatValidationError{
+						field:  "ProperCaseWords",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(m.GetProperCaseWords()).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return Http1ProtocolOptions_HeaderKeyFormatValidationError{
+					field:  "ProperCaseWords",
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	default:
+		err := Http1ProtocolOptions_HeaderKeyFormatValidationError{
+			field:  "HeaderFormat",
+			reason: "value is required",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+
+	}
+
+	if len(errors) > 0 {
+		return Http1ProtocolOptions_HeaderKeyFormatMultiError(errors)
+	}
+	return nil
+}
+
+// Http1ProtocolOptions_HeaderKeyFormatMultiError is an error wrapping multiple
+// validation errors returned by
+// Http1ProtocolOptions_HeaderKeyFormat.ValidateAll() if the designated
+// constraints aren't met.
+type Http1ProtocolOptions_HeaderKeyFormatMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m Http1ProtocolOptions_HeaderKeyFormatMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m Http1ProtocolOptions_HeaderKeyFormatMultiError) AllErrors() []error { return m }
+
+// Http1ProtocolOptions_HeaderKeyFormatValidationError is the validation error
+// returned by Http1ProtocolOptions_HeaderKeyFormat.Validate if the designated
+// constraints aren't met.
+type Http1ProtocolOptions_HeaderKeyFormatValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e Http1ProtocolOptions_HeaderKeyFormatValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e Http1ProtocolOptions_HeaderKeyFormatValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e Http1ProtocolOptions_HeaderKeyFormatValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e Http1ProtocolOptions_HeaderKeyFormatValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e Http1ProtocolOptions_HeaderKeyFormatValidationError) ErrorName() string {
+	return "Http1ProtocolOptions_HeaderKeyFormatValidationError"
+}
+
+// Error satisfies the builtin error interface
+func (e Http1ProtocolOptions_HeaderKeyFormatValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sHttp1ProtocolOptions_HeaderKeyFormat.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = Http1ProtocolOptions_HeaderKeyFormatValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = Http1ProtocolOptions_HeaderKeyFormatValidationError{}
+
+// Validate checks the field values on
+// Http1ProtocolOptions_HeaderKeyFormat_ProperCaseWords with the rules defined
+// in the proto definition for this message. If any rules are violated, the
+// first error encountered is returned, or nil if there are no violations.
+func (m *Http1ProtocolOptions_HeaderKeyFormat_ProperCaseWords) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on
+// Http1ProtocolOptions_HeaderKeyFormat_ProperCaseWords with the rules defined
+// in the proto definition for this message. If any rules are violated, the
+// result is a list of violation errors wrapped in
+// Http1ProtocolOptions_HeaderKeyFormat_ProperCaseWordsMultiError, or nil if
+// none found.
+func (m *Http1ProtocolOptions_HeaderKeyFormat_ProperCaseWords) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *Http1ProtocolOptions_HeaderKeyFormat_ProperCaseWords) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	if len(errors) > 0 {
+		return Http1ProtocolOptions_HeaderKeyFormat_ProperCaseWordsMultiError(errors)
+	}
+	return nil
+}
+
+// Http1ProtocolOptions_HeaderKeyFormat_ProperCaseWordsMultiError is an error
+// wrapping multiple validation errors returned by
+// Http1ProtocolOptions_HeaderKeyFormat_ProperCaseWords.ValidateAll() if the
+// designated constraints aren't met.
+type Http1ProtocolOptions_HeaderKeyFormat_ProperCaseWordsMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m Http1ProtocolOptions_HeaderKeyFormat_ProperCaseWordsMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m Http1ProtocolOptions_HeaderKeyFormat_ProperCaseWordsMultiError) AllErrors() []error { return m }
+
+// Http1ProtocolOptions_HeaderKeyFormat_ProperCaseWordsValidationError is the
+// validation error returned by
+// Http1ProtocolOptions_HeaderKeyFormat_ProperCaseWords.Validate if the
+// designated constraints aren't met.
+type Http1ProtocolOptions_HeaderKeyFormat_ProperCaseWordsValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e Http1ProtocolOptions_HeaderKeyFormat_ProperCaseWordsValidationError) Field() string {
+	return e.field
+}
+
+// Reason function returns reason value.
+func (e Http1ProtocolOptions_HeaderKeyFormat_ProperCaseWordsValidationError) Reason() string {
+	return e.reason
+}
+
+// Cause function returns cause value.
+func (e Http1ProtocolOptions_HeaderKeyFormat_ProperCaseWordsValidationError) Cause() error {
+	return e.cause
+}
+
+// Key function returns key value.
+func (e Http1ProtocolOptions_HeaderKeyFormat_ProperCaseWordsValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e Http1ProtocolOptions_HeaderKeyFormat_ProperCaseWordsValidationError) ErrorName() string {
+	return "Http1ProtocolOptions_HeaderKeyFormat_ProperCaseWordsValidationError"
+}
+
+// Error satisfies the builtin error interface
+func (e Http1ProtocolOptions_HeaderKeyFormat_ProperCaseWordsValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sHttp1ProtocolOptions_HeaderKeyFormat_ProperCaseWords.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = Http1ProtocolOptions_HeaderKeyFormat_ProperCaseWordsValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = Http1ProtocolOptions_HeaderKeyFormat_ProperCaseWordsValidationError{}
+
+// Validate checks the field values on Http2ProtocolOptions_SettingsParameter
+// with the rules defined in the proto definition for this message. If any
+// rules are violated, the first error encountered is returned, or nil if
+// there are no violations.
+func (m *Http2ProtocolOptions_SettingsParameter) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on
+// Http2ProtocolOptions_SettingsParameter with the rules defined in the proto
+// definition for this message. If any rules are violated, the result is a
+// list of violation errors wrapped in
+// Http2ProtocolOptions_SettingsParameterMultiError, or nil if none found.
+func (m *Http2ProtocolOptions_SettingsParameter) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *Http2ProtocolOptions_SettingsParameter) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	if wrapper := m.GetIdentifier(); wrapper != nil {
+
+		if val := wrapper.GetValue(); val < 1 || val > 65536 {
+			err := Http2ProtocolOptions_SettingsParameterValidationError{
+				field:  "Identifier",
+				reason: "value must be inside range [1, 65536]",
+			}
+			if !all {
+				return err
+			}
+			errors = append(errors, err)
+		}
+
+	} else {
+		err := Http2ProtocolOptions_SettingsParameterValidationError{
+			field:  "Identifier",
+			reason: "value is required and must not be nil.",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+	}
+
+	if m.GetValue() == nil {
+		err := Http2ProtocolOptions_SettingsParameterValidationError{
+			field:  "Value",
+			reason: "value is required",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+	}
+
+	if all {
+		switch v := interface{}(m.GetValue()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, Http2ProtocolOptions_SettingsParameterValidationError{
+					field:  "Value",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, Http2ProtocolOptions_SettingsParameterValidationError{
+					field:  "Value",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetValue()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return Http2ProtocolOptions_SettingsParameterValidationError{
+				field:  "Value",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if len(errors) > 0 {
+		return Http2ProtocolOptions_SettingsParameterMultiError(errors)
+	}
+	return nil
+}
+
+// Http2ProtocolOptions_SettingsParameterMultiError is an error wrapping
+// multiple validation errors returned by
+// Http2ProtocolOptions_SettingsParameter.ValidateAll() if the designated
+// constraints aren't met.
+type Http2ProtocolOptions_SettingsParameterMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m Http2ProtocolOptions_SettingsParameterMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m Http2ProtocolOptions_SettingsParameterMultiError) AllErrors() []error { return m }
+
+// Http2ProtocolOptions_SettingsParameterValidationError is the validation
+// error returned by Http2ProtocolOptions_SettingsParameter.Validate if the
+// designated constraints aren't met.
+type Http2ProtocolOptions_SettingsParameterValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e Http2ProtocolOptions_SettingsParameterValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e Http2ProtocolOptions_SettingsParameterValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e Http2ProtocolOptions_SettingsParameterValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e Http2ProtocolOptions_SettingsParameterValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e Http2ProtocolOptions_SettingsParameterValidationError) ErrorName() string {
+	return "Http2ProtocolOptions_SettingsParameterValidationError"
+}
+
+// Error satisfies the builtin error interface
+func (e Http2ProtocolOptions_SettingsParameterValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sHttp2ProtocolOptions_SettingsParameter.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = Http2ProtocolOptions_SettingsParameterValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = Http2ProtocolOptions_SettingsParameterValidationError{}
diff --git a/vendor/github.com/envoyproxy/go-control-plane/envoy/api/v2/core/socket_option.pb.go b/vendor/github.com/envoyproxy/go-control-plane/envoy/api/v2/core/socket_option.pb.go
new file mode 100644
index 00000000000..9d04efe49e7
--- /dev/null
+++ b/vendor/github.com/envoyproxy/go-control-plane/envoy/api/v2/core/socket_option.pb.go
@@ -0,0 +1,315 @@
+// Code generated by protoc-gen-go. DO NOT EDIT.
+// versions:
+// 	protoc-gen-go v1.25.0
+// 	protoc        v3.19.1
+// source: envoy/api/v2/core/socket_option.proto
+
+package envoy_api_v2_core
+
+import (
+	_ "github.com/cncf/xds/go/udpa/annotations"
+	_ "github.com/envoyproxy/protoc-gen-validate/validate"
+	proto "github.com/golang/protobuf/proto"
+	protoreflect "google.golang.org/protobuf/reflect/protoreflect"
+	protoimpl "google.golang.org/protobuf/runtime/protoimpl"
+	reflect "reflect"
+	sync "sync"
+)
+
+const (
+	// Verify that this generated code is sufficiently up-to-date.
+	_ = protoimpl.EnforceVersion(20 - protoimpl.MinVersion)
+	// Verify that runtime/protoimpl is sufficiently up-to-date.
+	_ = protoimpl.EnforceVersion(protoimpl.MaxVersion - 20)
+)
+
+// This is a compile-time assertion that a sufficiently up-to-date version
+// of the legacy proto package is being used.
+const _ = proto.ProtoPackageIsVersion4
+
+type SocketOption_SocketState int32
+
+const (
+	// Socket options are applied after socket creation but before binding the socket to a port
+	SocketOption_STATE_PREBIND SocketOption_SocketState = 0
+	// Socket options are applied after binding the socket to a port but before calling listen()
+	SocketOption_STATE_BOUND SocketOption_SocketState = 1
+	// Socket options are applied after calling listen()
+	SocketOption_STATE_LISTENING SocketOption_SocketState = 2
+)
+
+// Enum value maps for SocketOption_SocketState.
+var (
+	SocketOption_SocketState_name = map[int32]string{
+		0: "STATE_PREBIND",
+		1: "STATE_BOUND",
+		2: "STATE_LISTENING",
+	}
+	SocketOption_SocketState_value = map[string]int32{
+		"STATE_PREBIND":   0,
+		"STATE_BOUND":     1,
+		"STATE_LISTENING": 2,
+	}
+)
+
+func (x SocketOption_SocketState) Enum() *SocketOption_SocketState {
+	p := new(SocketOption_SocketState)
+	*p = x
+	return p
+}
+
+func (x SocketOption_SocketState) String() string {
+	return protoimpl.X.EnumStringOf(x.Descriptor(), protoreflect.EnumNumber(x))
+}
+
+func (SocketOption_SocketState) Descriptor() protoreflect.EnumDescriptor {
+	return file_envoy_api_v2_core_socket_option_proto_enumTypes[0].Descriptor()
+}
+
+func (SocketOption_SocketState) Type() protoreflect.EnumType {
+	return &file_envoy_api_v2_core_socket_option_proto_enumTypes[0]
+}
+
+func (x SocketOption_SocketState) Number() protoreflect.EnumNumber {
+	return protoreflect.EnumNumber(x)
+}
+
+// Deprecated: Use SocketOption_SocketState.Descriptor instead.
+func (SocketOption_SocketState) EnumDescriptor() ([]byte, []int) {
+	return file_envoy_api_v2_core_socket_option_proto_rawDescGZIP(), []int{0, 0}
+}
+
+// Generic socket option message. This would be used to set socket options that
+// might not exist in upstream kernels or precompiled Envoy binaries.
+// [#next-free-field: 7]
+type SocketOption struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// An optional name to give this socket option for debugging, etc.
+	// Uniqueness is not required and no special meaning is assumed.
+	Description string `protobuf:"bytes,1,opt,name=description,proto3" json:"description,omitempty"`
+	// Corresponding to the level value passed to setsockopt, such as IPPROTO_TCP
+	Level int64 `protobuf:"varint,2,opt,name=level,proto3" json:"level,omitempty"`
+	// The numeric name as passed to setsockopt
+	Name int64 `protobuf:"varint,3,opt,name=name,proto3" json:"name,omitempty"`
+	// Types that are assignable to Value:
+	//	*SocketOption_IntValue
+	//	*SocketOption_BufValue
+	Value isSocketOption_Value `protobuf_oneof:"value"`
+	// The state in which the option will be applied. When used in BindConfig
+	// STATE_PREBIND is currently the only valid value.
+	State SocketOption_SocketState `protobuf:"varint,6,opt,name=state,proto3,enum=envoy.api.v2.core.SocketOption_SocketState" json:"state,omitempty"`
+}
+
+func (x *SocketOption) Reset() {
+	*x = SocketOption{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_api_v2_core_socket_option_proto_msgTypes[0]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *SocketOption) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*SocketOption) ProtoMessage() {}
+
+func (x *SocketOption) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_api_v2_core_socket_option_proto_msgTypes[0]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use SocketOption.ProtoReflect.Descriptor instead.
+func (*SocketOption) Descriptor() ([]byte, []int) {
+	return file_envoy_api_v2_core_socket_option_proto_rawDescGZIP(), []int{0}
+}
+
+func (x *SocketOption) GetDescription() string {
+	if x != nil {
+		return x.Description
+	}
+	return ""
+}
+
+func (x *SocketOption) GetLevel() int64 {
+	if x != nil {
+		return x.Level
+	}
+	return 0
+}
+
+func (x *SocketOption) GetName() int64 {
+	if x != nil {
+		return x.Name
+	}
+	return 0
+}
+
+func (m *SocketOption) GetValue() isSocketOption_Value {
+	if m != nil {
+		return m.Value
+	}
+	return nil
+}
+
+func (x *SocketOption) GetIntValue() int64 {
+	if x, ok := x.GetValue().(*SocketOption_IntValue); ok {
+		return x.IntValue
+	}
+	return 0
+}
+
+func (x *SocketOption) GetBufValue() []byte {
+	if x, ok := x.GetValue().(*SocketOption_BufValue); ok {
+		return x.BufValue
+	}
+	return nil
+}
+
+func (x *SocketOption) GetState() SocketOption_SocketState {
+	if x != nil {
+		return x.State
+	}
+	return SocketOption_STATE_PREBIND
+}
+
+type isSocketOption_Value interface {
+	isSocketOption_Value()
+}
+
+type SocketOption_IntValue struct {
+	// Because many sockopts take an int value.
+	IntValue int64 `protobuf:"varint,4,opt,name=int_value,json=intValue,proto3,oneof"`
+}
+
+type SocketOption_BufValue struct {
+	// Otherwise it's a byte buffer.
+	BufValue []byte `protobuf:"bytes,5,opt,name=buf_value,json=bufValue,proto3,oneof"`
+}
+
+func (*SocketOption_IntValue) isSocketOption_Value() {}
+
+func (*SocketOption_BufValue) isSocketOption_Value() {}
+
+var File_envoy_api_v2_core_socket_option_proto protoreflect.FileDescriptor
+
+var file_envoy_api_v2_core_socket_option_proto_rawDesc = []byte{
+	0x0a, 0x25, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2f, 0x61, 0x70, 0x69, 0x2f, 0x76, 0x32, 0x2f, 0x63,
+	0x6f, 0x72, 0x65, 0x2f, 0x73, 0x6f, 0x63, 0x6b, 0x65, 0x74, 0x5f, 0x6f, 0x70, 0x74, 0x69, 0x6f,
+	0x6e, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x12, 0x11, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61,
+	0x70, 0x69, 0x2e, 0x76, 0x32, 0x2e, 0x63, 0x6f, 0x72, 0x65, 0x1a, 0x1e, 0x75, 0x64, 0x70, 0x61,
+	0x2f, 0x61, 0x6e, 0x6e, 0x6f, 0x74, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x2f, 0x6d, 0x69, 0x67,
+	0x72, 0x61, 0x74, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x1d, 0x75, 0x64, 0x70, 0x61,
+	0x2f, 0x61, 0x6e, 0x6e, 0x6f, 0x74, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x2f, 0x73, 0x74, 0x61,
+	0x74, 0x75, 0x73, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x17, 0x76, 0x61, 0x6c, 0x69, 0x64,
+	0x61, 0x74, 0x65, 0x2f, 0x76, 0x61, 0x6c, 0x69, 0x64, 0x61, 0x74, 0x65, 0x2e, 0x70, 0x72, 0x6f,
+	0x74, 0x6f, 0x22, 0xbb, 0x02, 0x0a, 0x0c, 0x53, 0x6f, 0x63, 0x6b, 0x65, 0x74, 0x4f, 0x70, 0x74,
+	0x69, 0x6f, 0x6e, 0x12, 0x20, 0x0a, 0x0b, 0x64, 0x65, 0x73, 0x63, 0x72, 0x69, 0x70, 0x74, 0x69,
+	0x6f, 0x6e, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x0b, 0x64, 0x65, 0x73, 0x63, 0x72, 0x69,
+	0x70, 0x74, 0x69, 0x6f, 0x6e, 0x12, 0x14, 0x0a, 0x05, 0x6c, 0x65, 0x76, 0x65, 0x6c, 0x18, 0x02,
+	0x20, 0x01, 0x28, 0x03, 0x52, 0x05, 0x6c, 0x65, 0x76, 0x65, 0x6c, 0x12, 0x12, 0x0a, 0x04, 0x6e,
+	0x61, 0x6d, 0x65, 0x18, 0x03, 0x20, 0x01, 0x28, 0x03, 0x52, 0x04, 0x6e, 0x61, 0x6d, 0x65, 0x12,
+	0x1d, 0x0a, 0x09, 0x69, 0x6e, 0x74, 0x5f, 0x76, 0x61, 0x6c, 0x75, 0x65, 0x18, 0x04, 0x20, 0x01,
+	0x28, 0x03, 0x48, 0x00, 0x52, 0x08, 0x69, 0x6e, 0x74, 0x56, 0x61, 0x6c, 0x75, 0x65, 0x12, 0x1d,
+	0x0a, 0x09, 0x62, 0x75, 0x66, 0x5f, 0x76, 0x61, 0x6c, 0x75, 0x65, 0x18, 0x05, 0x20, 0x01, 0x28,
+	0x0c, 0x48, 0x00, 0x52, 0x08, 0x62, 0x75, 0x66, 0x56, 0x61, 0x6c, 0x75, 0x65, 0x12, 0x4b, 0x0a,
+	0x05, 0x73, 0x74, 0x61, 0x74, 0x65, 0x18, 0x06, 0x20, 0x01, 0x28, 0x0e, 0x32, 0x2b, 0x2e, 0x65,
+	0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x76, 0x32, 0x2e, 0x63, 0x6f, 0x72, 0x65,
+	0x2e, 0x53, 0x6f, 0x63, 0x6b, 0x65, 0x74, 0x4f, 0x70, 0x74, 0x69, 0x6f, 0x6e, 0x2e, 0x53, 0x6f,
+	0x63, 0x6b, 0x65, 0x74, 0x53, 0x74, 0x61, 0x74, 0x65, 0x42, 0x08, 0xfa, 0x42, 0x05, 0x82, 0x01,
+	0x02, 0x10, 0x01, 0x52, 0x05, 0x73, 0x74, 0x61, 0x74, 0x65, 0x22, 0x46, 0x0a, 0x0b, 0x53, 0x6f,
+	0x63, 0x6b, 0x65, 0x74, 0x53, 0x74, 0x61, 0x74, 0x65, 0x12, 0x11, 0x0a, 0x0d, 0x53, 0x54, 0x41,
+	0x54, 0x45, 0x5f, 0x50, 0x52, 0x45, 0x42, 0x49, 0x4e, 0x44, 0x10, 0x00, 0x12, 0x0f, 0x0a, 0x0b,
+	0x53, 0x54, 0x41, 0x54, 0x45, 0x5f, 0x42, 0x4f, 0x55, 0x4e, 0x44, 0x10, 0x01, 0x12, 0x13, 0x0a,
+	0x0f, 0x53, 0x54, 0x41, 0x54, 0x45, 0x5f, 0x4c, 0x49, 0x53, 0x54, 0x45, 0x4e, 0x49, 0x4e, 0x47,
+	0x10, 0x02, 0x42, 0x0c, 0x0a, 0x05, 0x76, 0x61, 0x6c, 0x75, 0x65, 0x12, 0x03, 0xf8, 0x42, 0x01,
+	0x42, 0x5a, 0x0a, 0x1f, 0x69, 0x6f, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x70, 0x72, 0x6f, 0x78,
+	0x79, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x76, 0x32, 0x2e, 0x63,
+	0x6f, 0x72, 0x65, 0x42, 0x11, 0x53, 0x6f, 0x63, 0x6b, 0x65, 0x74, 0x4f, 0x70, 0x74, 0x69, 0x6f,
+	0x6e, 0x50, 0x72, 0x6f, 0x74, 0x6f, 0x50, 0x01, 0xf2, 0x98, 0xfe, 0x8f, 0x05, 0x16, 0x12, 0x14,
+	0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x63, 0x6f, 0x72,
+	0x65, 0x2e, 0x76, 0x33, 0xba, 0x80, 0xc8, 0xd1, 0x06, 0x02, 0x10, 0x01, 0x62, 0x06, 0x70, 0x72,
+	0x6f, 0x74, 0x6f, 0x33,
+}
+
+var (
+	file_envoy_api_v2_core_socket_option_proto_rawDescOnce sync.Once
+	file_envoy_api_v2_core_socket_option_proto_rawDescData = file_envoy_api_v2_core_socket_option_proto_rawDesc
+)
+
+func file_envoy_api_v2_core_socket_option_proto_rawDescGZIP() []byte {
+	file_envoy_api_v2_core_socket_option_proto_rawDescOnce.Do(func() {
+		file_envoy_api_v2_core_socket_option_proto_rawDescData = protoimpl.X.CompressGZIP(file_envoy_api_v2_core_socket_option_proto_rawDescData)
+	})
+	return file_envoy_api_v2_core_socket_option_proto_rawDescData
+}
+
+var file_envoy_api_v2_core_socket_option_proto_enumTypes = make([]protoimpl.EnumInfo, 1)
+var file_envoy_api_v2_core_socket_option_proto_msgTypes = make([]protoimpl.MessageInfo, 1)
+var file_envoy_api_v2_core_socket_option_proto_goTypes = []interface{}{
+	(SocketOption_SocketState)(0), // 0: envoy.api.v2.core.SocketOption.SocketState
+	(*SocketOption)(nil),          // 1: envoy.api.v2.core.SocketOption
+}
+var file_envoy_api_v2_core_socket_option_proto_depIdxs = []int32{
+	0, // 0: envoy.api.v2.core.SocketOption.state:type_name -> envoy.api.v2.core.SocketOption.SocketState
+	1, // [1:1] is the sub-list for method output_type
+	1, // [1:1] is the sub-list for method input_type
+	1, // [1:1] is the sub-list for extension type_name
+	1, // [1:1] is the sub-list for extension extendee
+	0, // [0:1] is the sub-list for field type_name
+}
+
+func init() { file_envoy_api_v2_core_socket_option_proto_init() }
+func file_envoy_api_v2_core_socket_option_proto_init() {
+	if File_envoy_api_v2_core_socket_option_proto != nil {
+		return
+	}
+	if !protoimpl.UnsafeEnabled {
+		file_envoy_api_v2_core_socket_option_proto_msgTypes[0].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*SocketOption); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+	}
+	file_envoy_api_v2_core_socket_option_proto_msgTypes[0].OneofWrappers = []interface{}{
+		(*SocketOption_IntValue)(nil),
+		(*SocketOption_BufValue)(nil),
+	}
+	type x struct{}
+	out := protoimpl.TypeBuilder{
+		File: protoimpl.DescBuilder{
+			GoPackagePath: reflect.TypeOf(x{}).PkgPath(),
+			RawDescriptor: file_envoy_api_v2_core_socket_option_proto_rawDesc,
+			NumEnums:      1,
+			NumMessages:   1,
+			NumExtensions: 0,
+			NumServices:   0,
+		},
+		GoTypes:           file_envoy_api_v2_core_socket_option_proto_goTypes,
+		DependencyIndexes: file_envoy_api_v2_core_socket_option_proto_depIdxs,
+		EnumInfos:         file_envoy_api_v2_core_socket_option_proto_enumTypes,
+		MessageInfos:      file_envoy_api_v2_core_socket_option_proto_msgTypes,
+	}.Build()
+	File_envoy_api_v2_core_socket_option_proto = out.File
+	file_envoy_api_v2_core_socket_option_proto_rawDesc = nil
+	file_envoy_api_v2_core_socket_option_proto_goTypes = nil
+	file_envoy_api_v2_core_socket_option_proto_depIdxs = nil
+}
diff --git a/vendor/github.com/envoyproxy/go-control-plane/envoy/api/v2/core/socket_option.pb.validate.go b/vendor/github.com/envoyproxy/go-control-plane/envoy/api/v2/core/socket_option.pb.validate.go
new file mode 100644
index 00000000000..b5cce1d2872
--- /dev/null
+++ b/vendor/github.com/envoyproxy/go-control-plane/envoy/api/v2/core/socket_option.pb.validate.go
@@ -0,0 +1,171 @@
+// Code generated by protoc-gen-validate. DO NOT EDIT.
+// source: envoy/api/v2/core/socket_option.proto
+
+package envoy_api_v2_core
+
+import (
+	"bytes"
+	"errors"
+	"fmt"
+	"net"
+	"net/mail"
+	"net/url"
+	"regexp"
+	"sort"
+	"strings"
+	"time"
+	"unicode/utf8"
+
+	"google.golang.org/protobuf/types/known/anypb"
+)
+
+// ensure the imports are used
+var (
+	_ = bytes.MinRead
+	_ = errors.New("")
+	_ = fmt.Print
+	_ = utf8.UTFMax
+	_ = (*regexp.Regexp)(nil)
+	_ = (*strings.Reader)(nil)
+	_ = net.IPv4len
+	_ = time.Duration(0)
+	_ = (*url.URL)(nil)
+	_ = (*mail.Address)(nil)
+	_ = anypb.Any{}
+	_ = sort.Sort
+)
+
+// Validate checks the field values on SocketOption with the rules defined in
+// the proto definition for this message. If any rules are violated, the first
+// error encountered is returned, or nil if there are no violations.
+func (m *SocketOption) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on SocketOption with the rules defined
+// in the proto definition for this message. If any rules are violated, the
+// result is a list of violation errors wrapped in SocketOptionMultiError, or
+// nil if none found.
+func (m *SocketOption) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *SocketOption) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	// no validation rules for Description
+
+	// no validation rules for Level
+
+	// no validation rules for Name
+
+	if _, ok := SocketOption_SocketState_name[int32(m.GetState())]; !ok {
+		err := SocketOptionValidationError{
+			field:  "State",
+			reason: "value must be one of the defined enum values",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+	}
+
+	switch m.Value.(type) {
+
+	case *SocketOption_IntValue:
+		// no validation rules for IntValue
+
+	case *SocketOption_BufValue:
+		// no validation rules for BufValue
+
+	default:
+		err := SocketOptionValidationError{
+			field:  "Value",
+			reason: "value is required",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+
+	}
+
+	if len(errors) > 0 {
+		return SocketOptionMultiError(errors)
+	}
+	return nil
+}
+
+// SocketOptionMultiError is an error wrapping multiple validation errors
+// returned by SocketOption.ValidateAll() if the designated constraints aren't met.
+type SocketOptionMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m SocketOptionMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m SocketOptionMultiError) AllErrors() []error { return m }
+
+// SocketOptionValidationError is the validation error returned by
+// SocketOption.Validate if the designated constraints aren't met.
+type SocketOptionValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e SocketOptionValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e SocketOptionValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e SocketOptionValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e SocketOptionValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e SocketOptionValidationError) ErrorName() string { return "SocketOptionValidationError" }
+
+// Error satisfies the builtin error interface
+func (e SocketOptionValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sSocketOption.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = SocketOptionValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = SocketOptionValidationError{}
diff --git a/vendor/github.com/envoyproxy/go-control-plane/envoy/api/v2/discovery.pb.go b/vendor/github.com/envoyproxy/go-control-plane/envoy/api/v2/discovery.pb.go
new file mode 100644
index 00000000000..a08726f89f8
--- /dev/null
+++ b/vendor/github.com/envoyproxy/go-control-plane/envoy/api/v2/discovery.pb.go
@@ -0,0 +1,835 @@
+// Code generated by protoc-gen-go. DO NOT EDIT.
+// versions:
+// 	protoc-gen-go v1.25.0
+// 	protoc        v3.19.1
+// source: envoy/api/v2/discovery.proto
+
+package envoy_api_v2
+
+import (
+	_ "github.com/cncf/xds/go/udpa/annotations"
+	core "github.com/envoyproxy/go-control-plane/envoy/api/v2/core"
+	proto "github.com/golang/protobuf/proto"
+	any "github.com/golang/protobuf/ptypes/any"
+	status "google.golang.org/genproto/googleapis/rpc/status"
+	protoreflect "google.golang.org/protobuf/reflect/protoreflect"
+	protoimpl "google.golang.org/protobuf/runtime/protoimpl"
+	reflect "reflect"
+	sync "sync"
+)
+
+const (
+	// Verify that this generated code is sufficiently up-to-date.
+	_ = protoimpl.EnforceVersion(20 - protoimpl.MinVersion)
+	// Verify that runtime/protoimpl is sufficiently up-to-date.
+	_ = protoimpl.EnforceVersion(protoimpl.MaxVersion - 20)
+)
+
+// This is a compile-time assertion that a sufficiently up-to-date version
+// of the legacy proto package is being used.
+const _ = proto.ProtoPackageIsVersion4
+
+// A DiscoveryRequest requests a set of versioned resources of the same type for
+// a given Envoy node on some API.
+// [#next-free-field: 7]
+type DiscoveryRequest struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// The version_info provided in the request messages will be the version_info
+	// received with the most recent successfully processed response or empty on
+	// the first request. It is expected that no new request is sent after a
+	// response is received until the Envoy instance is ready to ACK/NACK the new
+	// configuration. ACK/NACK takes place by returning the new API config version
+	// as applied or the previous API config version respectively. Each type_url
+	// (see below) has an independent version associated with it.
+	VersionInfo string `protobuf:"bytes,1,opt,name=version_info,json=versionInfo,proto3" json:"version_info,omitempty"`
+	// The node making the request.
+	Node *core.Node `protobuf:"bytes,2,opt,name=node,proto3" json:"node,omitempty"`
+	// List of resources to subscribe to, e.g. list of cluster names or a route
+	// configuration name. If this is empty, all resources for the API are
+	// returned. LDS/CDS may have empty resource_names, which will cause all
+	// resources for the Envoy instance to be returned. The LDS and CDS responses
+	// will then imply a number of resources that need to be fetched via EDS/RDS,
+	// which will be explicitly enumerated in resource_names.
+	ResourceNames []string `protobuf:"bytes,3,rep,name=resource_names,json=resourceNames,proto3" json:"resource_names,omitempty"`
+	// Type of the resource that is being requested, e.g.
+	// "type.googleapis.com/envoy.api.v2.ClusterLoadAssignment". This is implicit
+	// in requests made via singleton xDS APIs such as CDS, LDS, etc. but is
+	// required for ADS.
+	TypeUrl string `protobuf:"bytes,4,opt,name=type_url,json=typeUrl,proto3" json:"type_url,omitempty"`
+	// nonce corresponding to DiscoveryResponse being ACK/NACKed. See above
+	// discussion on version_info and the DiscoveryResponse nonce comment. This
+	// may be empty only if 1) this is a non-persistent-stream xDS such as HTTP,
+	// or 2) the client has not yet accepted an update in this xDS stream (unlike
+	// delta, where it is populated only for new explicit ACKs).
+	ResponseNonce string `protobuf:"bytes,5,opt,name=response_nonce,json=responseNonce,proto3" json:"response_nonce,omitempty"`
+	// This is populated when the previous :ref:`DiscoveryResponse <envoy_api_msg_DiscoveryResponse>`
+	// failed to update configuration. The *message* field in *error_details* provides the Envoy
+	// internal exception related to the failure. It is only intended for consumption during manual
+	// debugging, the string provided is not guaranteed to be stable across Envoy versions.
+	ErrorDetail *status.Status `protobuf:"bytes,6,opt,name=error_detail,json=errorDetail,proto3" json:"error_detail,omitempty"`
+}
+
+func (x *DiscoveryRequest) Reset() {
+	*x = DiscoveryRequest{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_api_v2_discovery_proto_msgTypes[0]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *DiscoveryRequest) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*DiscoveryRequest) ProtoMessage() {}
+
+func (x *DiscoveryRequest) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_api_v2_discovery_proto_msgTypes[0]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use DiscoveryRequest.ProtoReflect.Descriptor instead.
+func (*DiscoveryRequest) Descriptor() ([]byte, []int) {
+	return file_envoy_api_v2_discovery_proto_rawDescGZIP(), []int{0}
+}
+
+func (x *DiscoveryRequest) GetVersionInfo() string {
+	if x != nil {
+		return x.VersionInfo
+	}
+	return ""
+}
+
+func (x *DiscoveryRequest) GetNode() *core.Node {
+	if x != nil {
+		return x.Node
+	}
+	return nil
+}
+
+func (x *DiscoveryRequest) GetResourceNames() []string {
+	if x != nil {
+		return x.ResourceNames
+	}
+	return nil
+}
+
+func (x *DiscoveryRequest) GetTypeUrl() string {
+	if x != nil {
+		return x.TypeUrl
+	}
+	return ""
+}
+
+func (x *DiscoveryRequest) GetResponseNonce() string {
+	if x != nil {
+		return x.ResponseNonce
+	}
+	return ""
+}
+
+func (x *DiscoveryRequest) GetErrorDetail() *status.Status {
+	if x != nil {
+		return x.ErrorDetail
+	}
+	return nil
+}
+
+// [#next-free-field: 7]
+type DiscoveryResponse struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// The version of the response data.
+	VersionInfo string `protobuf:"bytes,1,opt,name=version_info,json=versionInfo,proto3" json:"version_info,omitempty"`
+	// The response resources. These resources are typed and depend on the API being called.
+	Resources []*any.Any `protobuf:"bytes,2,rep,name=resources,proto3" json:"resources,omitempty"`
+	// [#not-implemented-hide:]
+	// Canary is used to support two Envoy command line flags:
+	//
+	// * --terminate-on-canary-transition-failure. When set, Envoy is able to
+	//   terminate if it detects that configuration is stuck at canary. Consider
+	//   this example sequence of updates:
+	//   - Management server applies a canary config successfully.
+	//   - Management server rolls back to a production config.
+	//   - Envoy rejects the new production config.
+	//   Since there is no sensible way to continue receiving configuration
+	//   updates, Envoy will then terminate and apply production config from a
+	//   clean slate.
+	// * --dry-run-canary. When set, a canary response will never be applied, only
+	//   validated via a dry run.
+	Canary bool `protobuf:"varint,3,opt,name=canary,proto3" json:"canary,omitempty"`
+	// Type URL for resources. Identifies the xDS API when muxing over ADS.
+	// Must be consistent with the type_url in the 'resources' repeated Any (if non-empty).
+	TypeUrl string `protobuf:"bytes,4,opt,name=type_url,json=typeUrl,proto3" json:"type_url,omitempty"`
+	// For gRPC based subscriptions, the nonce provides a way to explicitly ack a
+	// specific DiscoveryResponse in a following DiscoveryRequest. Additional
+	// messages may have been sent by Envoy to the management server for the
+	// previous version on the stream prior to this DiscoveryResponse, that were
+	// unprocessed at response send time. The nonce allows the management server
+	// to ignore any further DiscoveryRequests for the previous version until a
+	// DiscoveryRequest bearing the nonce. The nonce is optional and is not
+	// required for non-stream based xDS implementations.
+	Nonce string `protobuf:"bytes,5,opt,name=nonce,proto3" json:"nonce,omitempty"`
+	// [#not-implemented-hide:]
+	// The control plane instance that sent the response.
+	ControlPlane *core.ControlPlane `protobuf:"bytes,6,opt,name=control_plane,json=controlPlane,proto3" json:"control_plane,omitempty"`
+}
+
+func (x *DiscoveryResponse) Reset() {
+	*x = DiscoveryResponse{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_api_v2_discovery_proto_msgTypes[1]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *DiscoveryResponse) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*DiscoveryResponse) ProtoMessage() {}
+
+func (x *DiscoveryResponse) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_api_v2_discovery_proto_msgTypes[1]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use DiscoveryResponse.ProtoReflect.Descriptor instead.
+func (*DiscoveryResponse) Descriptor() ([]byte, []int) {
+	return file_envoy_api_v2_discovery_proto_rawDescGZIP(), []int{1}
+}
+
+func (x *DiscoveryResponse) GetVersionInfo() string {
+	if x != nil {
+		return x.VersionInfo
+	}
+	return ""
+}
+
+func (x *DiscoveryResponse) GetResources() []*any.Any {
+	if x != nil {
+		return x.Resources
+	}
+	return nil
+}
+
+func (x *DiscoveryResponse) GetCanary() bool {
+	if x != nil {
+		return x.Canary
+	}
+	return false
+}
+
+func (x *DiscoveryResponse) GetTypeUrl() string {
+	if x != nil {
+		return x.TypeUrl
+	}
+	return ""
+}
+
+func (x *DiscoveryResponse) GetNonce() string {
+	if x != nil {
+		return x.Nonce
+	}
+	return ""
+}
+
+func (x *DiscoveryResponse) GetControlPlane() *core.ControlPlane {
+	if x != nil {
+		return x.ControlPlane
+	}
+	return nil
+}
+
+// DeltaDiscoveryRequest and DeltaDiscoveryResponse are used in a new gRPC
+// endpoint for Delta xDS.
+//
+// With Delta xDS, the DeltaDiscoveryResponses do not need to include a full
+// snapshot of the tracked resources. Instead, DeltaDiscoveryResponses are a
+// diff to the state of a xDS client.
+// In Delta XDS there are per-resource versions, which allow tracking state at
+// the resource granularity.
+// An xDS Delta session is always in the context of a gRPC bidirectional
+// stream. This allows the xDS server to keep track of the state of xDS clients
+// connected to it.
+//
+// In Delta xDS the nonce field is required and used to pair
+// DeltaDiscoveryResponse to a DeltaDiscoveryRequest ACK or NACK.
+// Optionally, a response message level system_version_info is present for
+// debugging purposes only.
+//
+// DeltaDiscoveryRequest plays two independent roles. Any DeltaDiscoveryRequest
+// can be either or both of: [1] informing the server of what resources the
+// client has gained/lost interest in (using resource_names_subscribe and
+// resource_names_unsubscribe), or [2] (N)ACKing an earlier resource update from
+// the server (using response_nonce, with presence of error_detail making it a NACK).
+// Additionally, the first message (for a given type_url) of a reconnected gRPC stream
+// has a third role: informing the server of the resources (and their versions)
+// that the client already possesses, using the initial_resource_versions field.
+//
+// As with state-of-the-world, when multiple resource types are multiplexed (ADS),
+// all requests/acknowledgments/updates are logically walled off by type_url:
+// a Cluster ACK exists in a completely separate world from a prior Route NACK.
+// In particular, initial_resource_versions being sent at the "start" of every
+// gRPC stream actually entails a message for each type_url, each with its own
+// initial_resource_versions.
+// [#next-free-field: 8]
+type DeltaDiscoveryRequest struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// The node making the request.
+	Node *core.Node `protobuf:"bytes,1,opt,name=node,proto3" json:"node,omitempty"`
+	// Type of the resource that is being requested, e.g.
+	// "type.googleapis.com/envoy.api.v2.ClusterLoadAssignment".
+	TypeUrl string `protobuf:"bytes,2,opt,name=type_url,json=typeUrl,proto3" json:"type_url,omitempty"`
+	// DeltaDiscoveryRequests allow the client to add or remove individual
+	// resources to the set of tracked resources in the context of a stream.
+	// All resource names in the resource_names_subscribe list are added to the
+	// set of tracked resources and all resource names in the resource_names_unsubscribe
+	// list are removed from the set of tracked resources.
+	//
+	// *Unlike* state-of-the-world xDS, an empty resource_names_subscribe or
+	// resource_names_unsubscribe list simply means that no resources are to be
+	// added or removed to the resource list.
+	// *Like* state-of-the-world xDS, the server must send updates for all tracked
+	// resources, but can also send updates for resources the client has not subscribed to.
+	//
+	// NOTE: the server must respond with all resources listed in resource_names_subscribe,
+	// even if it believes the client has the most recent version of them. The reason:
+	// the client may have dropped them, but then regained interest before it had a chance
+	// to send the unsubscribe message. See DeltaSubscriptionStateTest.RemoveThenAdd.
+	//
+	// These two fields can be set in any DeltaDiscoveryRequest, including ACKs
+	// and initial_resource_versions.
+	//
+	// A list of Resource names to add to the list of tracked resources.
+	ResourceNamesSubscribe []string `protobuf:"bytes,3,rep,name=resource_names_subscribe,json=resourceNamesSubscribe,proto3" json:"resource_names_subscribe,omitempty"`
+	// A list of Resource names to remove from the list of tracked resources.
+	ResourceNamesUnsubscribe []string `protobuf:"bytes,4,rep,name=resource_names_unsubscribe,json=resourceNamesUnsubscribe,proto3" json:"resource_names_unsubscribe,omitempty"`
+	// Informs the server of the versions of the resources the xDS client knows of, to enable the
+	// client to continue the same logical xDS session even in the face of gRPC stream reconnection.
+	// It will not be populated: [1] in the very first stream of a session, since the client will
+	// not yet have any resources,  [2] in any message after the first in a stream (for a given
+	// type_url), since the server will already be correctly tracking the client's state.
+	// (In ADS, the first message *of each type_url* of a reconnected stream populates this map.)
+	// The map's keys are names of xDS resources known to the xDS client.
+	// The map's values are opaque resource versions.
+	InitialResourceVersions map[string]string `protobuf:"bytes,5,rep,name=initial_resource_versions,json=initialResourceVersions,proto3" json:"initial_resource_versions,omitempty" protobuf_key:"bytes,1,opt,name=key,proto3" protobuf_val:"bytes,2,opt,name=value,proto3"`
+	// When the DeltaDiscoveryRequest is a ACK or NACK message in response
+	// to a previous DeltaDiscoveryResponse, the response_nonce must be the
+	// nonce in the DeltaDiscoveryResponse.
+	// Otherwise (unlike in DiscoveryRequest) response_nonce must be omitted.
+	ResponseNonce string `protobuf:"bytes,6,opt,name=response_nonce,json=responseNonce,proto3" json:"response_nonce,omitempty"`
+	// This is populated when the previous :ref:`DiscoveryResponse <envoy_api_msg_DiscoveryResponse>`
+	// failed to update configuration. The *message* field in *error_details*
+	// provides the Envoy internal exception related to the failure.
+	ErrorDetail *status.Status `protobuf:"bytes,7,opt,name=error_detail,json=errorDetail,proto3" json:"error_detail,omitempty"`
+}
+
+func (x *DeltaDiscoveryRequest) Reset() {
+	*x = DeltaDiscoveryRequest{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_api_v2_discovery_proto_msgTypes[2]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *DeltaDiscoveryRequest) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*DeltaDiscoveryRequest) ProtoMessage() {}
+
+func (x *DeltaDiscoveryRequest) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_api_v2_discovery_proto_msgTypes[2]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use DeltaDiscoveryRequest.ProtoReflect.Descriptor instead.
+func (*DeltaDiscoveryRequest) Descriptor() ([]byte, []int) {
+	return file_envoy_api_v2_discovery_proto_rawDescGZIP(), []int{2}
+}
+
+func (x *DeltaDiscoveryRequest) GetNode() *core.Node {
+	if x != nil {
+		return x.Node
+	}
+	return nil
+}
+
+func (x *DeltaDiscoveryRequest) GetTypeUrl() string {
+	if x != nil {
+		return x.TypeUrl
+	}
+	return ""
+}
+
+func (x *DeltaDiscoveryRequest) GetResourceNamesSubscribe() []string {
+	if x != nil {
+		return x.ResourceNamesSubscribe
+	}
+	return nil
+}
+
+func (x *DeltaDiscoveryRequest) GetResourceNamesUnsubscribe() []string {
+	if x != nil {
+		return x.ResourceNamesUnsubscribe
+	}
+	return nil
+}
+
+func (x *DeltaDiscoveryRequest) GetInitialResourceVersions() map[string]string {
+	if x != nil {
+		return x.InitialResourceVersions
+	}
+	return nil
+}
+
+func (x *DeltaDiscoveryRequest) GetResponseNonce() string {
+	if x != nil {
+		return x.ResponseNonce
+	}
+	return ""
+}
+
+func (x *DeltaDiscoveryRequest) GetErrorDetail() *status.Status {
+	if x != nil {
+		return x.ErrorDetail
+	}
+	return nil
+}
+
+// [#next-free-field: 7]
+type DeltaDiscoveryResponse struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// The version of the response data (used for debugging).
+	SystemVersionInfo string `protobuf:"bytes,1,opt,name=system_version_info,json=systemVersionInfo,proto3" json:"system_version_info,omitempty"`
+	// The response resources. These are typed resources, whose types must match
+	// the type_url field.
+	Resources []*Resource `protobuf:"bytes,2,rep,name=resources,proto3" json:"resources,omitempty"`
+	// Type URL for resources. Identifies the xDS API when muxing over ADS.
+	// Must be consistent with the type_url in the Any within 'resources' if 'resources' is non-empty.
+	TypeUrl string `protobuf:"bytes,4,opt,name=type_url,json=typeUrl,proto3" json:"type_url,omitempty"`
+	// Resources names of resources that have be deleted and to be removed from the xDS Client.
+	// Removed resources for missing resources can be ignored.
+	RemovedResources []string `protobuf:"bytes,6,rep,name=removed_resources,json=removedResources,proto3" json:"removed_resources,omitempty"`
+	// The nonce provides a way for DeltaDiscoveryRequests to uniquely
+	// reference a DeltaDiscoveryResponse when (N)ACKing. The nonce is required.
+	Nonce string `protobuf:"bytes,5,opt,name=nonce,proto3" json:"nonce,omitempty"`
+}
+
+func (x *DeltaDiscoveryResponse) Reset() {
+	*x = DeltaDiscoveryResponse{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_api_v2_discovery_proto_msgTypes[3]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *DeltaDiscoveryResponse) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*DeltaDiscoveryResponse) ProtoMessage() {}
+
+func (x *DeltaDiscoveryResponse) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_api_v2_discovery_proto_msgTypes[3]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use DeltaDiscoveryResponse.ProtoReflect.Descriptor instead.
+func (*DeltaDiscoveryResponse) Descriptor() ([]byte, []int) {
+	return file_envoy_api_v2_discovery_proto_rawDescGZIP(), []int{3}
+}
+
+func (x *DeltaDiscoveryResponse) GetSystemVersionInfo() string {
+	if x != nil {
+		return x.SystemVersionInfo
+	}
+	return ""
+}
+
+func (x *DeltaDiscoveryResponse) GetResources() []*Resource {
+	if x != nil {
+		return x.Resources
+	}
+	return nil
+}
+
+func (x *DeltaDiscoveryResponse) GetTypeUrl() string {
+	if x != nil {
+		return x.TypeUrl
+	}
+	return ""
+}
+
+func (x *DeltaDiscoveryResponse) GetRemovedResources() []string {
+	if x != nil {
+		return x.RemovedResources
+	}
+	return nil
+}
+
+func (x *DeltaDiscoveryResponse) GetNonce() string {
+	if x != nil {
+		return x.Nonce
+	}
+	return ""
+}
+
+type Resource struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// The resource's name, to distinguish it from others of the same type of resource.
+	Name string `protobuf:"bytes,3,opt,name=name,proto3" json:"name,omitempty"`
+	// The aliases are a list of other names that this resource can go by.
+	Aliases []string `protobuf:"bytes,4,rep,name=aliases,proto3" json:"aliases,omitempty"`
+	// The resource level version. It allows xDS to track the state of individual
+	// resources.
+	Version string `protobuf:"bytes,1,opt,name=version,proto3" json:"version,omitempty"`
+	// The resource being tracked.
+	Resource *any.Any `protobuf:"bytes,2,opt,name=resource,proto3" json:"resource,omitempty"`
+}
+
+func (x *Resource) Reset() {
+	*x = Resource{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_api_v2_discovery_proto_msgTypes[4]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *Resource) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*Resource) ProtoMessage() {}
+
+func (x *Resource) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_api_v2_discovery_proto_msgTypes[4]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use Resource.ProtoReflect.Descriptor instead.
+func (*Resource) Descriptor() ([]byte, []int) {
+	return file_envoy_api_v2_discovery_proto_rawDescGZIP(), []int{4}
+}
+
+func (x *Resource) GetName() string {
+	if x != nil {
+		return x.Name
+	}
+	return ""
+}
+
+func (x *Resource) GetAliases() []string {
+	if x != nil {
+		return x.Aliases
+	}
+	return nil
+}
+
+func (x *Resource) GetVersion() string {
+	if x != nil {
+		return x.Version
+	}
+	return ""
+}
+
+func (x *Resource) GetResource() *any.Any {
+	if x != nil {
+		return x.Resource
+	}
+	return nil
+}
+
+var File_envoy_api_v2_discovery_proto protoreflect.FileDescriptor
+
+var file_envoy_api_v2_discovery_proto_rawDesc = []byte{
+	0x0a, 0x1c, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2f, 0x61, 0x70, 0x69, 0x2f, 0x76, 0x32, 0x2f, 0x64,
+	0x69, 0x73, 0x63, 0x6f, 0x76, 0x65, 0x72, 0x79, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x12, 0x0c,
+	0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x76, 0x32, 0x1a, 0x1c, 0x65, 0x6e,
+	0x76, 0x6f, 0x79, 0x2f, 0x61, 0x70, 0x69, 0x2f, 0x76, 0x32, 0x2f, 0x63, 0x6f, 0x72, 0x65, 0x2f,
+	0x62, 0x61, 0x73, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x19, 0x67, 0x6f, 0x6f, 0x67,
+	0x6c, 0x65, 0x2f, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2f, 0x61, 0x6e, 0x79, 0x2e,
+	0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x17, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2f, 0x72, 0x70,
+	0x63, 0x2f, 0x73, 0x74, 0x61, 0x74, 0x75, 0x73, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x1e,
+	0x75, 0x64, 0x70, 0x61, 0x2f, 0x61, 0x6e, 0x6e, 0x6f, 0x74, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x73,
+	0x2f, 0x6d, 0x69, 0x67, 0x72, 0x61, 0x74, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x1d,
+	0x75, 0x64, 0x70, 0x61, 0x2f, 0x61, 0x6e, 0x6e, 0x6f, 0x74, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x73,
+	0x2f, 0x73, 0x74, 0x61, 0x74, 0x75, 0x73, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x22, 0x82, 0x02,
+	0x0a, 0x10, 0x44, 0x69, 0x73, 0x63, 0x6f, 0x76, 0x65, 0x72, 0x79, 0x52, 0x65, 0x71, 0x75, 0x65,
+	0x73, 0x74, 0x12, 0x21, 0x0a, 0x0c, 0x76, 0x65, 0x72, 0x73, 0x69, 0x6f, 0x6e, 0x5f, 0x69, 0x6e,
+	0x66, 0x6f, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x0b, 0x76, 0x65, 0x72, 0x73, 0x69, 0x6f,
+	0x6e, 0x49, 0x6e, 0x66, 0x6f, 0x12, 0x2b, 0x0a, 0x04, 0x6e, 0x6f, 0x64, 0x65, 0x18, 0x02, 0x20,
+	0x01, 0x28, 0x0b, 0x32, 0x17, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61, 0x70, 0x69, 0x2e,
+	0x76, 0x32, 0x2e, 0x63, 0x6f, 0x72, 0x65, 0x2e, 0x4e, 0x6f, 0x64, 0x65, 0x52, 0x04, 0x6e, 0x6f,
+	0x64, 0x65, 0x12, 0x25, 0x0a, 0x0e, 0x72, 0x65, 0x73, 0x6f, 0x75, 0x72, 0x63, 0x65, 0x5f, 0x6e,
+	0x61, 0x6d, 0x65, 0x73, 0x18, 0x03, 0x20, 0x03, 0x28, 0x09, 0x52, 0x0d, 0x72, 0x65, 0x73, 0x6f,
+	0x75, 0x72, 0x63, 0x65, 0x4e, 0x61, 0x6d, 0x65, 0x73, 0x12, 0x19, 0x0a, 0x08, 0x74, 0x79, 0x70,
+	0x65, 0x5f, 0x75, 0x72, 0x6c, 0x18, 0x04, 0x20, 0x01, 0x28, 0x09, 0x52, 0x07, 0x74, 0x79, 0x70,
+	0x65, 0x55, 0x72, 0x6c, 0x12, 0x25, 0x0a, 0x0e, 0x72, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65,
+	0x5f, 0x6e, 0x6f, 0x6e, 0x63, 0x65, 0x18, 0x05, 0x20, 0x01, 0x28, 0x09, 0x52, 0x0d, 0x72, 0x65,
+	0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x4e, 0x6f, 0x6e, 0x63, 0x65, 0x12, 0x35, 0x0a, 0x0c, 0x65,
+	0x72, 0x72, 0x6f, 0x72, 0x5f, 0x64, 0x65, 0x74, 0x61, 0x69, 0x6c, 0x18, 0x06, 0x20, 0x01, 0x28,
+	0x0b, 0x32, 0x12, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x72, 0x70, 0x63, 0x2e, 0x53,
+	0x74, 0x61, 0x74, 0x75, 0x73, 0x52, 0x0b, 0x65, 0x72, 0x72, 0x6f, 0x72, 0x44, 0x65, 0x74, 0x61,
+	0x69, 0x6c, 0x22, 0xf9, 0x01, 0x0a, 0x11, 0x44, 0x69, 0x73, 0x63, 0x6f, 0x76, 0x65, 0x72, 0x79,
+	0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x12, 0x21, 0x0a, 0x0c, 0x76, 0x65, 0x72, 0x73,
+	0x69, 0x6f, 0x6e, 0x5f, 0x69, 0x6e, 0x66, 0x6f, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x0b,
+	0x76, 0x65, 0x72, 0x73, 0x69, 0x6f, 0x6e, 0x49, 0x6e, 0x66, 0x6f, 0x12, 0x32, 0x0a, 0x09, 0x72,
+	0x65, 0x73, 0x6f, 0x75, 0x72, 0x63, 0x65, 0x73, 0x18, 0x02, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x14,
+	0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66,
+	0x2e, 0x41, 0x6e, 0x79, 0x52, 0x09, 0x72, 0x65, 0x73, 0x6f, 0x75, 0x72, 0x63, 0x65, 0x73, 0x12,
+	0x16, 0x0a, 0x06, 0x63, 0x61, 0x6e, 0x61, 0x72, 0x79, 0x18, 0x03, 0x20, 0x01, 0x28, 0x08, 0x52,
+	0x06, 0x63, 0x61, 0x6e, 0x61, 0x72, 0x79, 0x12, 0x19, 0x0a, 0x08, 0x74, 0x79, 0x70, 0x65, 0x5f,
+	0x75, 0x72, 0x6c, 0x18, 0x04, 0x20, 0x01, 0x28, 0x09, 0x52, 0x07, 0x74, 0x79, 0x70, 0x65, 0x55,
+	0x72, 0x6c, 0x12, 0x14, 0x0a, 0x05, 0x6e, 0x6f, 0x6e, 0x63, 0x65, 0x18, 0x05, 0x20, 0x01, 0x28,
+	0x09, 0x52, 0x05, 0x6e, 0x6f, 0x6e, 0x63, 0x65, 0x12, 0x44, 0x0a, 0x0d, 0x63, 0x6f, 0x6e, 0x74,
+	0x72, 0x6f, 0x6c, 0x5f, 0x70, 0x6c, 0x61, 0x6e, 0x65, 0x18, 0x06, 0x20, 0x01, 0x28, 0x0b, 0x32,
+	0x1f, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x76, 0x32, 0x2e, 0x63,
+	0x6f, 0x72, 0x65, 0x2e, 0x43, 0x6f, 0x6e, 0x74, 0x72, 0x6f, 0x6c, 0x50, 0x6c, 0x61, 0x6e, 0x65,
+	0x52, 0x0c, 0x63, 0x6f, 0x6e, 0x74, 0x72, 0x6f, 0x6c, 0x50, 0x6c, 0x61, 0x6e, 0x65, 0x22, 0xff,
+	0x03, 0x0a, 0x15, 0x44, 0x65, 0x6c, 0x74, 0x61, 0x44, 0x69, 0x73, 0x63, 0x6f, 0x76, 0x65, 0x72,
+	0x79, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x12, 0x2b, 0x0a, 0x04, 0x6e, 0x6f, 0x64, 0x65,
+	0x18, 0x01, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x17, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61,
+	0x70, 0x69, 0x2e, 0x76, 0x32, 0x2e, 0x63, 0x6f, 0x72, 0x65, 0x2e, 0x4e, 0x6f, 0x64, 0x65, 0x52,
+	0x04, 0x6e, 0x6f, 0x64, 0x65, 0x12, 0x19, 0x0a, 0x08, 0x74, 0x79, 0x70, 0x65, 0x5f, 0x75, 0x72,
+	0x6c, 0x18, 0x02, 0x20, 0x01, 0x28, 0x09, 0x52, 0x07, 0x74, 0x79, 0x70, 0x65, 0x55, 0x72, 0x6c,
+	0x12, 0x38, 0x0a, 0x18, 0x72, 0x65, 0x73, 0x6f, 0x75, 0x72, 0x63, 0x65, 0x5f, 0x6e, 0x61, 0x6d,
+	0x65, 0x73, 0x5f, 0x73, 0x75, 0x62, 0x73, 0x63, 0x72, 0x69, 0x62, 0x65, 0x18, 0x03, 0x20, 0x03,
+	0x28, 0x09, 0x52, 0x16, 0x72, 0x65, 0x73, 0x6f, 0x75, 0x72, 0x63, 0x65, 0x4e, 0x61, 0x6d, 0x65,
+	0x73, 0x53, 0x75, 0x62, 0x73, 0x63, 0x72, 0x69, 0x62, 0x65, 0x12, 0x3c, 0x0a, 0x1a, 0x72, 0x65,
+	0x73, 0x6f, 0x75, 0x72, 0x63, 0x65, 0x5f, 0x6e, 0x61, 0x6d, 0x65, 0x73, 0x5f, 0x75, 0x6e, 0x73,
+	0x75, 0x62, 0x73, 0x63, 0x72, 0x69, 0x62, 0x65, 0x18, 0x04, 0x20, 0x03, 0x28, 0x09, 0x52, 0x18,
+	0x72, 0x65, 0x73, 0x6f, 0x75, 0x72, 0x63, 0x65, 0x4e, 0x61, 0x6d, 0x65, 0x73, 0x55, 0x6e, 0x73,
+	0x75, 0x62, 0x73, 0x63, 0x72, 0x69, 0x62, 0x65, 0x12, 0x7c, 0x0a, 0x19, 0x69, 0x6e, 0x69, 0x74,
+	0x69, 0x61, 0x6c, 0x5f, 0x72, 0x65, 0x73, 0x6f, 0x75, 0x72, 0x63, 0x65, 0x5f, 0x76, 0x65, 0x72,
+	0x73, 0x69, 0x6f, 0x6e, 0x73, 0x18, 0x05, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x40, 0x2e, 0x65, 0x6e,
+	0x76, 0x6f, 0x79, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x76, 0x32, 0x2e, 0x44, 0x65, 0x6c, 0x74, 0x61,
+	0x44, 0x69, 0x73, 0x63, 0x6f, 0x76, 0x65, 0x72, 0x79, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74,
+	0x2e, 0x49, 0x6e, 0x69, 0x74, 0x69, 0x61, 0x6c, 0x52, 0x65, 0x73, 0x6f, 0x75, 0x72, 0x63, 0x65,
+	0x56, 0x65, 0x72, 0x73, 0x69, 0x6f, 0x6e, 0x73, 0x45, 0x6e, 0x74, 0x72, 0x79, 0x52, 0x17, 0x69,
+	0x6e, 0x69, 0x74, 0x69, 0x61, 0x6c, 0x52, 0x65, 0x73, 0x6f, 0x75, 0x72, 0x63, 0x65, 0x56, 0x65,
+	0x72, 0x73, 0x69, 0x6f, 0x6e, 0x73, 0x12, 0x25, 0x0a, 0x0e, 0x72, 0x65, 0x73, 0x70, 0x6f, 0x6e,
+	0x73, 0x65, 0x5f, 0x6e, 0x6f, 0x6e, 0x63, 0x65, 0x18, 0x06, 0x20, 0x01, 0x28, 0x09, 0x52, 0x0d,
+	0x72, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x4e, 0x6f, 0x6e, 0x63, 0x65, 0x12, 0x35, 0x0a,
+	0x0c, 0x65, 0x72, 0x72, 0x6f, 0x72, 0x5f, 0x64, 0x65, 0x74, 0x61, 0x69, 0x6c, 0x18, 0x07, 0x20,
+	0x01, 0x28, 0x0b, 0x32, 0x12, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x72, 0x70, 0x63,
+	0x2e, 0x53, 0x74, 0x61, 0x74, 0x75, 0x73, 0x52, 0x0b, 0x65, 0x72, 0x72, 0x6f, 0x72, 0x44, 0x65,
+	0x74, 0x61, 0x69, 0x6c, 0x1a, 0x4a, 0x0a, 0x1c, 0x49, 0x6e, 0x69, 0x74, 0x69, 0x61, 0x6c, 0x52,
+	0x65, 0x73, 0x6f, 0x75, 0x72, 0x63, 0x65, 0x56, 0x65, 0x72, 0x73, 0x69, 0x6f, 0x6e, 0x73, 0x45,
+	0x6e, 0x74, 0x72, 0x79, 0x12, 0x10, 0x0a, 0x03, 0x6b, 0x65, 0x79, 0x18, 0x01, 0x20, 0x01, 0x28,
+	0x09, 0x52, 0x03, 0x6b, 0x65, 0x79, 0x12, 0x14, 0x0a, 0x05, 0x76, 0x61, 0x6c, 0x75, 0x65, 0x18,
+	0x02, 0x20, 0x01, 0x28, 0x09, 0x52, 0x05, 0x76, 0x61, 0x6c, 0x75, 0x65, 0x3a, 0x02, 0x38, 0x01,
+	0x22, 0xdc, 0x01, 0x0a, 0x16, 0x44, 0x65, 0x6c, 0x74, 0x61, 0x44, 0x69, 0x73, 0x63, 0x6f, 0x76,
+	0x65, 0x72, 0x79, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x12, 0x2e, 0x0a, 0x13, 0x73,
+	0x79, 0x73, 0x74, 0x65, 0x6d, 0x5f, 0x76, 0x65, 0x72, 0x73, 0x69, 0x6f, 0x6e, 0x5f, 0x69, 0x6e,
+	0x66, 0x6f, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x11, 0x73, 0x79, 0x73, 0x74, 0x65, 0x6d,
+	0x56, 0x65, 0x72, 0x73, 0x69, 0x6f, 0x6e, 0x49, 0x6e, 0x66, 0x6f, 0x12, 0x34, 0x0a, 0x09, 0x72,
+	0x65, 0x73, 0x6f, 0x75, 0x72, 0x63, 0x65, 0x73, 0x18, 0x02, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x16,
+	0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x76, 0x32, 0x2e, 0x52, 0x65,
+	0x73, 0x6f, 0x75, 0x72, 0x63, 0x65, 0x52, 0x09, 0x72, 0x65, 0x73, 0x6f, 0x75, 0x72, 0x63, 0x65,
+	0x73, 0x12, 0x19, 0x0a, 0x08, 0x74, 0x79, 0x70, 0x65, 0x5f, 0x75, 0x72, 0x6c, 0x18, 0x04, 0x20,
+	0x01, 0x28, 0x09, 0x52, 0x07, 0x74, 0x79, 0x70, 0x65, 0x55, 0x72, 0x6c, 0x12, 0x2b, 0x0a, 0x11,
+	0x72, 0x65, 0x6d, 0x6f, 0x76, 0x65, 0x64, 0x5f, 0x72, 0x65, 0x73, 0x6f, 0x75, 0x72, 0x63, 0x65,
+	0x73, 0x18, 0x06, 0x20, 0x03, 0x28, 0x09, 0x52, 0x10, 0x72, 0x65, 0x6d, 0x6f, 0x76, 0x65, 0x64,
+	0x52, 0x65, 0x73, 0x6f, 0x75, 0x72, 0x63, 0x65, 0x73, 0x12, 0x14, 0x0a, 0x05, 0x6e, 0x6f, 0x6e,
+	0x63, 0x65, 0x18, 0x05, 0x20, 0x01, 0x28, 0x09, 0x52, 0x05, 0x6e, 0x6f, 0x6e, 0x63, 0x65, 0x22,
+	0x84, 0x01, 0x0a, 0x08, 0x52, 0x65, 0x73, 0x6f, 0x75, 0x72, 0x63, 0x65, 0x12, 0x12, 0x0a, 0x04,
+	0x6e, 0x61, 0x6d, 0x65, 0x18, 0x03, 0x20, 0x01, 0x28, 0x09, 0x52, 0x04, 0x6e, 0x61, 0x6d, 0x65,
+	0x12, 0x18, 0x0a, 0x07, 0x61, 0x6c, 0x69, 0x61, 0x73, 0x65, 0x73, 0x18, 0x04, 0x20, 0x03, 0x28,
+	0x09, 0x52, 0x07, 0x61, 0x6c, 0x69, 0x61, 0x73, 0x65, 0x73, 0x12, 0x18, 0x0a, 0x07, 0x76, 0x65,
+	0x72, 0x73, 0x69, 0x6f, 0x6e, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x07, 0x76, 0x65, 0x72,
+	0x73, 0x69, 0x6f, 0x6e, 0x12, 0x30, 0x0a, 0x08, 0x72, 0x65, 0x73, 0x6f, 0x75, 0x72, 0x63, 0x65,
+	0x18, 0x02, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x14, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e,
+	0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x41, 0x6e, 0x79, 0x52, 0x08, 0x72, 0x65,
+	0x73, 0x6f, 0x75, 0x72, 0x63, 0x65, 0x42, 0x58, 0x0a, 0x1a, 0x69, 0x6f, 0x2e, 0x65, 0x6e, 0x76,
+	0x6f, 0x79, 0x70, 0x72, 0x6f, 0x78, 0x79, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61, 0x70,
+	0x69, 0x2e, 0x76, 0x32, 0x42, 0x0e, 0x44, 0x69, 0x73, 0x63, 0x6f, 0x76, 0x65, 0x72, 0x79, 0x50,
+	0x72, 0x6f, 0x74, 0x6f, 0x50, 0x01, 0xf2, 0x98, 0xfe, 0x8f, 0x05, 0x1c, 0x12, 0x1a, 0x65, 0x6e,
+	0x76, 0x6f, 0x79, 0x2e, 0x73, 0x65, 0x72, 0x76, 0x69, 0x63, 0x65, 0x2e, 0x64, 0x69, 0x73, 0x63,
+	0x6f, 0x76, 0x65, 0x72, 0x79, 0x2e, 0x76, 0x33, 0xba, 0x80, 0xc8, 0xd1, 0x06, 0x02, 0x10, 0x01,
+	0x62, 0x06, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x33,
+}
+
+var (
+	file_envoy_api_v2_discovery_proto_rawDescOnce sync.Once
+	file_envoy_api_v2_discovery_proto_rawDescData = file_envoy_api_v2_discovery_proto_rawDesc
+)
+
+func file_envoy_api_v2_discovery_proto_rawDescGZIP() []byte {
+	file_envoy_api_v2_discovery_proto_rawDescOnce.Do(func() {
+		file_envoy_api_v2_discovery_proto_rawDescData = protoimpl.X.CompressGZIP(file_envoy_api_v2_discovery_proto_rawDescData)
+	})
+	return file_envoy_api_v2_discovery_proto_rawDescData
+}
+
+var file_envoy_api_v2_discovery_proto_msgTypes = make([]protoimpl.MessageInfo, 6)
+var file_envoy_api_v2_discovery_proto_goTypes = []interface{}{
+	(*DiscoveryRequest)(nil),       // 0: envoy.api.v2.DiscoveryRequest
+	(*DiscoveryResponse)(nil),      // 1: envoy.api.v2.DiscoveryResponse
+	(*DeltaDiscoveryRequest)(nil),  // 2: envoy.api.v2.DeltaDiscoveryRequest
+	(*DeltaDiscoveryResponse)(nil), // 3: envoy.api.v2.DeltaDiscoveryResponse
+	(*Resource)(nil),               // 4: envoy.api.v2.Resource
+	nil,                            // 5: envoy.api.v2.DeltaDiscoveryRequest.InitialResourceVersionsEntry
+	(*core.Node)(nil),              // 6: envoy.api.v2.core.Node
+	(*status.Status)(nil),          // 7: google.rpc.Status
+	(*any.Any)(nil),                // 8: google.protobuf.Any
+	(*core.ControlPlane)(nil),      // 9: envoy.api.v2.core.ControlPlane
+}
+var file_envoy_api_v2_discovery_proto_depIdxs = []int32{
+	6, // 0: envoy.api.v2.DiscoveryRequest.node:type_name -> envoy.api.v2.core.Node
+	7, // 1: envoy.api.v2.DiscoveryRequest.error_detail:type_name -> google.rpc.Status
+	8, // 2: envoy.api.v2.DiscoveryResponse.resources:type_name -> google.protobuf.Any
+	9, // 3: envoy.api.v2.DiscoveryResponse.control_plane:type_name -> envoy.api.v2.core.ControlPlane
+	6, // 4: envoy.api.v2.DeltaDiscoveryRequest.node:type_name -> envoy.api.v2.core.Node
+	5, // 5: envoy.api.v2.DeltaDiscoveryRequest.initial_resource_versions:type_name -> envoy.api.v2.DeltaDiscoveryRequest.InitialResourceVersionsEntry
+	7, // 6: envoy.api.v2.DeltaDiscoveryRequest.error_detail:type_name -> google.rpc.Status
+	4, // 7: envoy.api.v2.DeltaDiscoveryResponse.resources:type_name -> envoy.api.v2.Resource
+	8, // 8: envoy.api.v2.Resource.resource:type_name -> google.protobuf.Any
+	9, // [9:9] is the sub-list for method output_type
+	9, // [9:9] is the sub-list for method input_type
+	9, // [9:9] is the sub-list for extension type_name
+	9, // [9:9] is the sub-list for extension extendee
+	0, // [0:9] is the sub-list for field type_name
+}
+
+func init() { file_envoy_api_v2_discovery_proto_init() }
+func file_envoy_api_v2_discovery_proto_init() {
+	if File_envoy_api_v2_discovery_proto != nil {
+		return
+	}
+	if !protoimpl.UnsafeEnabled {
+		file_envoy_api_v2_discovery_proto_msgTypes[0].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*DiscoveryRequest); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_api_v2_discovery_proto_msgTypes[1].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*DiscoveryResponse); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_api_v2_discovery_proto_msgTypes[2].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*DeltaDiscoveryRequest); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_api_v2_discovery_proto_msgTypes[3].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*DeltaDiscoveryResponse); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_api_v2_discovery_proto_msgTypes[4].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*Resource); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+	}
+	type x struct{}
+	out := protoimpl.TypeBuilder{
+		File: protoimpl.DescBuilder{
+			GoPackagePath: reflect.TypeOf(x{}).PkgPath(),
+			RawDescriptor: file_envoy_api_v2_discovery_proto_rawDesc,
+			NumEnums:      0,
+			NumMessages:   6,
+			NumExtensions: 0,
+			NumServices:   0,
+		},
+		GoTypes:           file_envoy_api_v2_discovery_proto_goTypes,
+		DependencyIndexes: file_envoy_api_v2_discovery_proto_depIdxs,
+		MessageInfos:      file_envoy_api_v2_discovery_proto_msgTypes,
+	}.Build()
+	File_envoy_api_v2_discovery_proto = out.File
+	file_envoy_api_v2_discovery_proto_rawDesc = nil
+	file_envoy_api_v2_discovery_proto_goTypes = nil
+	file_envoy_api_v2_discovery_proto_depIdxs = nil
+}
diff --git a/vendor/github.com/envoyproxy/go-control-plane/envoy/api/v2/discovery.pb.validate.go b/vendor/github.com/envoyproxy/go-control-plane/envoy/api/v2/discovery.pb.validate.go
new file mode 100644
index 00000000000..ca396273fd7
--- /dev/null
+++ b/vendor/github.com/envoyproxy/go-control-plane/envoy/api/v2/discovery.pb.validate.go
@@ -0,0 +1,808 @@
+// Code generated by protoc-gen-validate. DO NOT EDIT.
+// source: envoy/api/v2/discovery.proto
+
+package envoy_api_v2
+
+import (
+	"bytes"
+	"errors"
+	"fmt"
+	"net"
+	"net/mail"
+	"net/url"
+	"regexp"
+	"sort"
+	"strings"
+	"time"
+	"unicode/utf8"
+
+	"google.golang.org/protobuf/types/known/anypb"
+)
+
+// ensure the imports are used
+var (
+	_ = bytes.MinRead
+	_ = errors.New("")
+	_ = fmt.Print
+	_ = utf8.UTFMax
+	_ = (*regexp.Regexp)(nil)
+	_ = (*strings.Reader)(nil)
+	_ = net.IPv4len
+	_ = time.Duration(0)
+	_ = (*url.URL)(nil)
+	_ = (*mail.Address)(nil)
+	_ = anypb.Any{}
+	_ = sort.Sort
+)
+
+// Validate checks the field values on DiscoveryRequest with the rules defined
+// in the proto definition for this message. If any rules are violated, the
+// first error encountered is returned, or nil if there are no violations.
+func (m *DiscoveryRequest) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on DiscoveryRequest with the rules
+// defined in the proto definition for this message. If any rules are
+// violated, the result is a list of violation errors wrapped in
+// DiscoveryRequestMultiError, or nil if none found.
+func (m *DiscoveryRequest) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *DiscoveryRequest) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	// no validation rules for VersionInfo
+
+	if all {
+		switch v := interface{}(m.GetNode()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, DiscoveryRequestValidationError{
+					field:  "Node",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, DiscoveryRequestValidationError{
+					field:  "Node",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetNode()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return DiscoveryRequestValidationError{
+				field:  "Node",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	// no validation rules for TypeUrl
+
+	// no validation rules for ResponseNonce
+
+	if all {
+		switch v := interface{}(m.GetErrorDetail()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, DiscoveryRequestValidationError{
+					field:  "ErrorDetail",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, DiscoveryRequestValidationError{
+					field:  "ErrorDetail",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetErrorDetail()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return DiscoveryRequestValidationError{
+				field:  "ErrorDetail",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if len(errors) > 0 {
+		return DiscoveryRequestMultiError(errors)
+	}
+	return nil
+}
+
+// DiscoveryRequestMultiError is an error wrapping multiple validation errors
+// returned by DiscoveryRequest.ValidateAll() if the designated constraints
+// aren't met.
+type DiscoveryRequestMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m DiscoveryRequestMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m DiscoveryRequestMultiError) AllErrors() []error { return m }
+
+// DiscoveryRequestValidationError is the validation error returned by
+// DiscoveryRequest.Validate if the designated constraints aren't met.
+type DiscoveryRequestValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e DiscoveryRequestValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e DiscoveryRequestValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e DiscoveryRequestValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e DiscoveryRequestValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e DiscoveryRequestValidationError) ErrorName() string { return "DiscoveryRequestValidationError" }
+
+// Error satisfies the builtin error interface
+func (e DiscoveryRequestValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sDiscoveryRequest.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = DiscoveryRequestValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = DiscoveryRequestValidationError{}
+
+// Validate checks the field values on DiscoveryResponse with the rules defined
+// in the proto definition for this message. If any rules are violated, the
+// first error encountered is returned, or nil if there are no violations.
+func (m *DiscoveryResponse) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on DiscoveryResponse with the rules
+// defined in the proto definition for this message. If any rules are
+// violated, the result is a list of violation errors wrapped in
+// DiscoveryResponseMultiError, or nil if none found.
+func (m *DiscoveryResponse) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *DiscoveryResponse) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	// no validation rules for VersionInfo
+
+	for idx, item := range m.GetResources() {
+		_, _ = idx, item
+
+		if all {
+			switch v := interface{}(item).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, DiscoveryResponseValidationError{
+						field:  fmt.Sprintf("Resources[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, DiscoveryResponseValidationError{
+						field:  fmt.Sprintf("Resources[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(item).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return DiscoveryResponseValidationError{
+					field:  fmt.Sprintf("Resources[%v]", idx),
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	}
+
+	// no validation rules for Canary
+
+	// no validation rules for TypeUrl
+
+	// no validation rules for Nonce
+
+	if all {
+		switch v := interface{}(m.GetControlPlane()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, DiscoveryResponseValidationError{
+					field:  "ControlPlane",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, DiscoveryResponseValidationError{
+					field:  "ControlPlane",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetControlPlane()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return DiscoveryResponseValidationError{
+				field:  "ControlPlane",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if len(errors) > 0 {
+		return DiscoveryResponseMultiError(errors)
+	}
+	return nil
+}
+
+// DiscoveryResponseMultiError is an error wrapping multiple validation errors
+// returned by DiscoveryResponse.ValidateAll() if the designated constraints
+// aren't met.
+type DiscoveryResponseMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m DiscoveryResponseMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m DiscoveryResponseMultiError) AllErrors() []error { return m }
+
+// DiscoveryResponseValidationError is the validation error returned by
+// DiscoveryResponse.Validate if the designated constraints aren't met.
+type DiscoveryResponseValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e DiscoveryResponseValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e DiscoveryResponseValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e DiscoveryResponseValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e DiscoveryResponseValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e DiscoveryResponseValidationError) ErrorName() string {
+	return "DiscoveryResponseValidationError"
+}
+
+// Error satisfies the builtin error interface
+func (e DiscoveryResponseValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sDiscoveryResponse.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = DiscoveryResponseValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = DiscoveryResponseValidationError{}
+
+// Validate checks the field values on DeltaDiscoveryRequest with the rules
+// defined in the proto definition for this message. If any rules are
+// violated, the first error encountered is returned, or nil if there are no violations.
+func (m *DeltaDiscoveryRequest) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on DeltaDiscoveryRequest with the rules
+// defined in the proto definition for this message. If any rules are
+// violated, the result is a list of violation errors wrapped in
+// DeltaDiscoveryRequestMultiError, or nil if none found.
+func (m *DeltaDiscoveryRequest) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *DeltaDiscoveryRequest) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	if all {
+		switch v := interface{}(m.GetNode()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, DeltaDiscoveryRequestValidationError{
+					field:  "Node",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, DeltaDiscoveryRequestValidationError{
+					field:  "Node",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetNode()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return DeltaDiscoveryRequestValidationError{
+				field:  "Node",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	// no validation rules for TypeUrl
+
+	// no validation rules for InitialResourceVersions
+
+	// no validation rules for ResponseNonce
+
+	if all {
+		switch v := interface{}(m.GetErrorDetail()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, DeltaDiscoveryRequestValidationError{
+					field:  "ErrorDetail",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, DeltaDiscoveryRequestValidationError{
+					field:  "ErrorDetail",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetErrorDetail()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return DeltaDiscoveryRequestValidationError{
+				field:  "ErrorDetail",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if len(errors) > 0 {
+		return DeltaDiscoveryRequestMultiError(errors)
+	}
+	return nil
+}
+
+// DeltaDiscoveryRequestMultiError is an error wrapping multiple validation
+// errors returned by DeltaDiscoveryRequest.ValidateAll() if the designated
+// constraints aren't met.
+type DeltaDiscoveryRequestMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m DeltaDiscoveryRequestMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m DeltaDiscoveryRequestMultiError) AllErrors() []error { return m }
+
+// DeltaDiscoveryRequestValidationError is the validation error returned by
+// DeltaDiscoveryRequest.Validate if the designated constraints aren't met.
+type DeltaDiscoveryRequestValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e DeltaDiscoveryRequestValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e DeltaDiscoveryRequestValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e DeltaDiscoveryRequestValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e DeltaDiscoveryRequestValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e DeltaDiscoveryRequestValidationError) ErrorName() string {
+	return "DeltaDiscoveryRequestValidationError"
+}
+
+// Error satisfies the builtin error interface
+func (e DeltaDiscoveryRequestValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sDeltaDiscoveryRequest.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = DeltaDiscoveryRequestValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = DeltaDiscoveryRequestValidationError{}
+
+// Validate checks the field values on DeltaDiscoveryResponse with the rules
+// defined in the proto definition for this message. If any rules are
+// violated, the first error encountered is returned, or nil if there are no violations.
+func (m *DeltaDiscoveryResponse) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on DeltaDiscoveryResponse with the rules
+// defined in the proto definition for this message. If any rules are
+// violated, the result is a list of violation errors wrapped in
+// DeltaDiscoveryResponseMultiError, or nil if none found.
+func (m *DeltaDiscoveryResponse) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *DeltaDiscoveryResponse) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	// no validation rules for SystemVersionInfo
+
+	for idx, item := range m.GetResources() {
+		_, _ = idx, item
+
+		if all {
+			switch v := interface{}(item).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, DeltaDiscoveryResponseValidationError{
+						field:  fmt.Sprintf("Resources[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, DeltaDiscoveryResponseValidationError{
+						field:  fmt.Sprintf("Resources[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(item).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return DeltaDiscoveryResponseValidationError{
+					field:  fmt.Sprintf("Resources[%v]", idx),
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	}
+
+	// no validation rules for TypeUrl
+
+	// no validation rules for Nonce
+
+	if len(errors) > 0 {
+		return DeltaDiscoveryResponseMultiError(errors)
+	}
+	return nil
+}
+
+// DeltaDiscoveryResponseMultiError is an error wrapping multiple validation
+// errors returned by DeltaDiscoveryResponse.ValidateAll() if the designated
+// constraints aren't met.
+type DeltaDiscoveryResponseMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m DeltaDiscoveryResponseMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m DeltaDiscoveryResponseMultiError) AllErrors() []error { return m }
+
+// DeltaDiscoveryResponseValidationError is the validation error returned by
+// DeltaDiscoveryResponse.Validate if the designated constraints aren't met.
+type DeltaDiscoveryResponseValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e DeltaDiscoveryResponseValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e DeltaDiscoveryResponseValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e DeltaDiscoveryResponseValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e DeltaDiscoveryResponseValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e DeltaDiscoveryResponseValidationError) ErrorName() string {
+	return "DeltaDiscoveryResponseValidationError"
+}
+
+// Error satisfies the builtin error interface
+func (e DeltaDiscoveryResponseValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sDeltaDiscoveryResponse.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = DeltaDiscoveryResponseValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = DeltaDiscoveryResponseValidationError{}
+
+// Validate checks the field values on Resource with the rules defined in the
+// proto definition for this message. If any rules are violated, the first
+// error encountered is returned, or nil if there are no violations.
+func (m *Resource) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on Resource with the rules defined in
+// the proto definition for this message. If any rules are violated, the
+// result is a list of violation errors wrapped in ResourceMultiError, or nil
+// if none found.
+func (m *Resource) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *Resource) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	// no validation rules for Name
+
+	// no validation rules for Version
+
+	if all {
+		switch v := interface{}(m.GetResource()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, ResourceValidationError{
+					field:  "Resource",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, ResourceValidationError{
+					field:  "Resource",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetResource()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return ResourceValidationError{
+				field:  "Resource",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if len(errors) > 0 {
+		return ResourceMultiError(errors)
+	}
+	return nil
+}
+
+// ResourceMultiError is an error wrapping multiple validation errors returned
+// by Resource.ValidateAll() if the designated constraints aren't met.
+type ResourceMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m ResourceMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m ResourceMultiError) AllErrors() []error { return m }
+
+// ResourceValidationError is the validation error returned by
+// Resource.Validate if the designated constraints aren't met.
+type ResourceValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e ResourceValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e ResourceValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e ResourceValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e ResourceValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e ResourceValidationError) ErrorName() string { return "ResourceValidationError" }
+
+// Error satisfies the builtin error interface
+func (e ResourceValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sResource.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = ResourceValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = ResourceValidationError{}
diff --git a/vendor/github.com/envoyproxy/go-control-plane/envoy/api/v2/eds.pb.go b/vendor/github.com/envoyproxy/go-control-plane/envoy/api/v2/eds.pb.go
new file mode 100644
index 00000000000..1c2dde0bf54
--- /dev/null
+++ b/vendor/github.com/envoyproxy/go-control-plane/envoy/api/v2/eds.pb.go
@@ -0,0 +1,419 @@
+// Code generated by protoc-gen-go. DO NOT EDIT.
+// versions:
+// 	protoc-gen-go v1.25.0
+// 	protoc        v3.19.1
+// source: envoy/api/v2/eds.proto
+
+package envoy_api_v2
+
+import (
+	context "context"
+	_ "github.com/cncf/xds/go/udpa/annotations"
+	_ "github.com/envoyproxy/go-control-plane/envoy/annotations"
+	proto "github.com/golang/protobuf/proto"
+	_ "google.golang.org/genproto/googleapis/api/annotations"
+	grpc "google.golang.org/grpc"
+	codes "google.golang.org/grpc/codes"
+	status "google.golang.org/grpc/status"
+	protoreflect "google.golang.org/protobuf/reflect/protoreflect"
+	protoimpl "google.golang.org/protobuf/runtime/protoimpl"
+	reflect "reflect"
+	sync "sync"
+)
+
+const (
+	// Verify that this generated code is sufficiently up-to-date.
+	_ = protoimpl.EnforceVersion(20 - protoimpl.MinVersion)
+	// Verify that runtime/protoimpl is sufficiently up-to-date.
+	_ = protoimpl.EnforceVersion(protoimpl.MaxVersion - 20)
+)
+
+// This is a compile-time assertion that a sufficiently up-to-date version
+// of the legacy proto package is being used.
+const _ = proto.ProtoPackageIsVersion4
+
+// [#not-implemented-hide:] Not configuration. Workaround c++ protobuf issue with importing
+// services: https://github.com/google/protobuf/issues/4221 and protoxform to upgrade the file.
+type EdsDummy struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+}
+
+func (x *EdsDummy) Reset() {
+	*x = EdsDummy{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_api_v2_eds_proto_msgTypes[0]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *EdsDummy) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*EdsDummy) ProtoMessage() {}
+
+func (x *EdsDummy) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_api_v2_eds_proto_msgTypes[0]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use EdsDummy.ProtoReflect.Descriptor instead.
+func (*EdsDummy) Descriptor() ([]byte, []int) {
+	return file_envoy_api_v2_eds_proto_rawDescGZIP(), []int{0}
+}
+
+var File_envoy_api_v2_eds_proto protoreflect.FileDescriptor
+
+var file_envoy_api_v2_eds_proto_rawDesc = []byte{
+	0x0a, 0x16, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2f, 0x61, 0x70, 0x69, 0x2f, 0x76, 0x32, 0x2f, 0x65,
+	0x64, 0x73, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x12, 0x0c, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e,
+	0x61, 0x70, 0x69, 0x2e, 0x76, 0x32, 0x1a, 0x1c, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2f, 0x61, 0x70,
+	0x69, 0x2f, 0x76, 0x32, 0x2f, 0x64, 0x69, 0x73, 0x63, 0x6f, 0x76, 0x65, 0x72, 0x79, 0x2e, 0x70,
+	0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x1c, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2f, 0x61, 0x70, 0x69,
+	0x2f, 0x61, 0x6e, 0x6e, 0x6f, 0x74, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x2e, 0x70, 0x72, 0x6f,
+	0x74, 0x6f, 0x1a, 0x20, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2f, 0x61, 0x6e, 0x6e, 0x6f, 0x74, 0x61,
+	0x74, 0x69, 0x6f, 0x6e, 0x73, 0x2f, 0x72, 0x65, 0x73, 0x6f, 0x75, 0x72, 0x63, 0x65, 0x2e, 0x70,
+	0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x1e, 0x75, 0x64, 0x70, 0x61, 0x2f, 0x61, 0x6e, 0x6e, 0x6f, 0x74,
+	0x61, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x2f, 0x6d, 0x69, 0x67, 0x72, 0x61, 0x74, 0x65, 0x2e, 0x70,
+	0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x1d, 0x75, 0x64, 0x70, 0x61, 0x2f, 0x61, 0x6e, 0x6e, 0x6f, 0x74,
+	0x61, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x2f, 0x73, 0x74, 0x61, 0x74, 0x75, 0x73, 0x2e, 0x70, 0x72,
+	0x6f, 0x74, 0x6f, 0x1a, 0x1b, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2f, 0x61, 0x70, 0x69, 0x2f, 0x76,
+	0x32, 0x2f, 0x65, 0x6e, 0x64, 0x70, 0x6f, 0x69, 0x6e, 0x74, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f,
+	0x22, 0x0a, 0x0a, 0x08, 0x45, 0x64, 0x73, 0x44, 0x75, 0x6d, 0x6d, 0x79, 0x32, 0x80, 0x03, 0x0a,
+	0x18, 0x45, 0x6e, 0x64, 0x70, 0x6f, 0x69, 0x6e, 0x74, 0x44, 0x69, 0x73, 0x63, 0x6f, 0x76, 0x65,
+	0x72, 0x79, 0x53, 0x65, 0x72, 0x76, 0x69, 0x63, 0x65, 0x12, 0x58, 0x0a, 0x0f, 0x53, 0x74, 0x72,
+	0x65, 0x61, 0x6d, 0x45, 0x6e, 0x64, 0x70, 0x6f, 0x69, 0x6e, 0x74, 0x73, 0x12, 0x1e, 0x2e, 0x65,
+	0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x76, 0x32, 0x2e, 0x44, 0x69, 0x73, 0x63,
+	0x6f, 0x76, 0x65, 0x72, 0x79, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, 0x1f, 0x2e, 0x65,
+	0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x76, 0x32, 0x2e, 0x44, 0x69, 0x73, 0x63,
+	0x6f, 0x76, 0x65, 0x72, 0x79, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x22, 0x00, 0x28,
+	0x01, 0x30, 0x01, 0x12, 0x61, 0x0a, 0x0e, 0x44, 0x65, 0x6c, 0x74, 0x61, 0x45, 0x6e, 0x64, 0x70,
+	0x6f, 0x69, 0x6e, 0x74, 0x73, 0x12, 0x23, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61, 0x70,
+	0x69, 0x2e, 0x76, 0x32, 0x2e, 0x44, 0x65, 0x6c, 0x74, 0x61, 0x44, 0x69, 0x73, 0x63, 0x6f, 0x76,
+	0x65, 0x72, 0x79, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, 0x24, 0x2e, 0x65, 0x6e, 0x76,
+	0x6f, 0x79, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x76, 0x32, 0x2e, 0x44, 0x65, 0x6c, 0x74, 0x61, 0x44,
+	0x69, 0x73, 0x63, 0x6f, 0x76, 0x65, 0x72, 0x79, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65,
+	0x22, 0x00, 0x28, 0x01, 0x30, 0x01, 0x12, 0x7b, 0x0a, 0x0e, 0x46, 0x65, 0x74, 0x63, 0x68, 0x45,
+	0x6e, 0x64, 0x70, 0x6f, 0x69, 0x6e, 0x74, 0x73, 0x12, 0x1e, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79,
+	0x2e, 0x61, 0x70, 0x69, 0x2e, 0x76, 0x32, 0x2e, 0x44, 0x69, 0x73, 0x63, 0x6f, 0x76, 0x65, 0x72,
+	0x79, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, 0x1f, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79,
+	0x2e, 0x61, 0x70, 0x69, 0x2e, 0x76, 0x32, 0x2e, 0x44, 0x69, 0x73, 0x63, 0x6f, 0x76, 0x65, 0x72,
+	0x79, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x22, 0x28, 0x82, 0xd3, 0xe4, 0x93, 0x02,
+	0x19, 0x22, 0x17, 0x2f, 0x76, 0x32, 0x2f, 0x64, 0x69, 0x73, 0x63, 0x6f, 0x76, 0x65, 0x72, 0x79,
+	0x3a, 0x65, 0x6e, 0x64, 0x70, 0x6f, 0x69, 0x6e, 0x74, 0x73, 0x82, 0xd3, 0xe4, 0x93, 0x02, 0x03,
+	0x3a, 0x01, 0x2a, 0x1a, 0x2a, 0x8a, 0xa4, 0x96, 0xf3, 0x07, 0x24, 0x0a, 0x22, 0x65, 0x6e, 0x76,
+	0x6f, 0x79, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x76, 0x32, 0x2e, 0x43, 0x6c, 0x75, 0x73, 0x74, 0x65,
+	0x72, 0x4c, 0x6f, 0x61, 0x64, 0x41, 0x73, 0x73, 0x69, 0x67, 0x6e, 0x6d, 0x65, 0x6e, 0x74, 0x42,
+	0x54, 0x0a, 0x1a, 0x69, 0x6f, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x70, 0x72, 0x6f, 0x78, 0x79,
+	0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x76, 0x32, 0x42, 0x08, 0x45,
+	0x64, 0x73, 0x50, 0x72, 0x6f, 0x74, 0x6f, 0x50, 0x01, 0x88, 0x01, 0x01, 0xf2, 0x98, 0xfe, 0x8f,
+	0x05, 0x1b, 0x12, 0x19, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x73, 0x65, 0x72, 0x76, 0x69, 0x63,
+	0x65, 0x2e, 0x65, 0x6e, 0x64, 0x70, 0x6f, 0x69, 0x6e, 0x74, 0x2e, 0x76, 0x33, 0xba, 0x80, 0xc8,
+	0xd1, 0x06, 0x02, 0x10, 0x01, 0x50, 0x05, 0x62, 0x06, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x33,
+}
+
+var (
+	file_envoy_api_v2_eds_proto_rawDescOnce sync.Once
+	file_envoy_api_v2_eds_proto_rawDescData = file_envoy_api_v2_eds_proto_rawDesc
+)
+
+func file_envoy_api_v2_eds_proto_rawDescGZIP() []byte {
+	file_envoy_api_v2_eds_proto_rawDescOnce.Do(func() {
+		file_envoy_api_v2_eds_proto_rawDescData = protoimpl.X.CompressGZIP(file_envoy_api_v2_eds_proto_rawDescData)
+	})
+	return file_envoy_api_v2_eds_proto_rawDescData
+}
+
+var file_envoy_api_v2_eds_proto_msgTypes = make([]protoimpl.MessageInfo, 1)
+var file_envoy_api_v2_eds_proto_goTypes = []interface{}{
+	(*EdsDummy)(nil),               // 0: envoy.api.v2.EdsDummy
+	(*DiscoveryRequest)(nil),       // 1: envoy.api.v2.DiscoveryRequest
+	(*DeltaDiscoveryRequest)(nil),  // 2: envoy.api.v2.DeltaDiscoveryRequest
+	(*DiscoveryResponse)(nil),      // 3: envoy.api.v2.DiscoveryResponse
+	(*DeltaDiscoveryResponse)(nil), // 4: envoy.api.v2.DeltaDiscoveryResponse
+}
+var file_envoy_api_v2_eds_proto_depIdxs = []int32{
+	1, // 0: envoy.api.v2.EndpointDiscoveryService.StreamEndpoints:input_type -> envoy.api.v2.DiscoveryRequest
+	2, // 1: envoy.api.v2.EndpointDiscoveryService.DeltaEndpoints:input_type -> envoy.api.v2.DeltaDiscoveryRequest
+	1, // 2: envoy.api.v2.EndpointDiscoveryService.FetchEndpoints:input_type -> envoy.api.v2.DiscoveryRequest
+	3, // 3: envoy.api.v2.EndpointDiscoveryService.StreamEndpoints:output_type -> envoy.api.v2.DiscoveryResponse
+	4, // 4: envoy.api.v2.EndpointDiscoveryService.DeltaEndpoints:output_type -> envoy.api.v2.DeltaDiscoveryResponse
+	3, // 5: envoy.api.v2.EndpointDiscoveryService.FetchEndpoints:output_type -> envoy.api.v2.DiscoveryResponse
+	3, // [3:6] is the sub-list for method output_type
+	0, // [0:3] is the sub-list for method input_type
+	0, // [0:0] is the sub-list for extension type_name
+	0, // [0:0] is the sub-list for extension extendee
+	0, // [0:0] is the sub-list for field type_name
+}
+
+func init() { file_envoy_api_v2_eds_proto_init() }
+func file_envoy_api_v2_eds_proto_init() {
+	if File_envoy_api_v2_eds_proto != nil {
+		return
+	}
+	file_envoy_api_v2_discovery_proto_init()
+	file_envoy_api_v2_endpoint_proto_init()
+	if !protoimpl.UnsafeEnabled {
+		file_envoy_api_v2_eds_proto_msgTypes[0].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*EdsDummy); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+	}
+	type x struct{}
+	out := protoimpl.TypeBuilder{
+		File: protoimpl.DescBuilder{
+			GoPackagePath: reflect.TypeOf(x{}).PkgPath(),
+			RawDescriptor: file_envoy_api_v2_eds_proto_rawDesc,
+			NumEnums:      0,
+			NumMessages:   1,
+			NumExtensions: 0,
+			NumServices:   1,
+		},
+		GoTypes:           file_envoy_api_v2_eds_proto_goTypes,
+		DependencyIndexes: file_envoy_api_v2_eds_proto_depIdxs,
+		MessageInfos:      file_envoy_api_v2_eds_proto_msgTypes,
+	}.Build()
+	File_envoy_api_v2_eds_proto = out.File
+	file_envoy_api_v2_eds_proto_rawDesc = nil
+	file_envoy_api_v2_eds_proto_goTypes = nil
+	file_envoy_api_v2_eds_proto_depIdxs = nil
+}
+
+// Reference imports to suppress errors if they are not otherwise used.
+var _ context.Context
+var _ grpc.ClientConnInterface
+
+// This is a compile-time assertion to ensure that this generated file
+// is compatible with the grpc package it is being compiled against.
+const _ = grpc.SupportPackageIsVersion6
+
+// EndpointDiscoveryServiceClient is the client API for EndpointDiscoveryService service.
+//
+// For semantics around ctx use and closing/ending streaming RPCs, please refer to https://godoc.org/google.golang.org/grpc#ClientConn.NewStream.
+type EndpointDiscoveryServiceClient interface {
+	// The resource_names field in DiscoveryRequest specifies a list of clusters
+	// to subscribe to updates for.
+	StreamEndpoints(ctx context.Context, opts ...grpc.CallOption) (EndpointDiscoveryService_StreamEndpointsClient, error)
+	DeltaEndpoints(ctx context.Context, opts ...grpc.CallOption) (EndpointDiscoveryService_DeltaEndpointsClient, error)
+	FetchEndpoints(ctx context.Context, in *DiscoveryRequest, opts ...grpc.CallOption) (*DiscoveryResponse, error)
+}
+
+type endpointDiscoveryServiceClient struct {
+	cc grpc.ClientConnInterface
+}
+
+func NewEndpointDiscoveryServiceClient(cc grpc.ClientConnInterface) EndpointDiscoveryServiceClient {
+	return &endpointDiscoveryServiceClient{cc}
+}
+
+func (c *endpointDiscoveryServiceClient) StreamEndpoints(ctx context.Context, opts ...grpc.CallOption) (EndpointDiscoveryService_StreamEndpointsClient, error) {
+	stream, err := c.cc.NewStream(ctx, &_EndpointDiscoveryService_serviceDesc.Streams[0], "/envoy.api.v2.EndpointDiscoveryService/StreamEndpoints", opts...)
+	if err != nil {
+		return nil, err
+	}
+	x := &endpointDiscoveryServiceStreamEndpointsClient{stream}
+	return x, nil
+}
+
+type EndpointDiscoveryService_StreamEndpointsClient interface {
+	Send(*DiscoveryRequest) error
+	Recv() (*DiscoveryResponse, error)
+	grpc.ClientStream
+}
+
+type endpointDiscoveryServiceStreamEndpointsClient struct {
+	grpc.ClientStream
+}
+
+func (x *endpointDiscoveryServiceStreamEndpointsClient) Send(m *DiscoveryRequest) error {
+	return x.ClientStream.SendMsg(m)
+}
+
+func (x *endpointDiscoveryServiceStreamEndpointsClient) Recv() (*DiscoveryResponse, error) {
+	m := new(DiscoveryResponse)
+	if err := x.ClientStream.RecvMsg(m); err != nil {
+		return nil, err
+	}
+	return m, nil
+}
+
+func (c *endpointDiscoveryServiceClient) DeltaEndpoints(ctx context.Context, opts ...grpc.CallOption) (EndpointDiscoveryService_DeltaEndpointsClient, error) {
+	stream, err := c.cc.NewStream(ctx, &_EndpointDiscoveryService_serviceDesc.Streams[1], "/envoy.api.v2.EndpointDiscoveryService/DeltaEndpoints", opts...)
+	if err != nil {
+		return nil, err
+	}
+	x := &endpointDiscoveryServiceDeltaEndpointsClient{stream}
+	return x, nil
+}
+
+type EndpointDiscoveryService_DeltaEndpointsClient interface {
+	Send(*DeltaDiscoveryRequest) error
+	Recv() (*DeltaDiscoveryResponse, error)
+	grpc.ClientStream
+}
+
+type endpointDiscoveryServiceDeltaEndpointsClient struct {
+	grpc.ClientStream
+}
+
+func (x *endpointDiscoveryServiceDeltaEndpointsClient) Send(m *DeltaDiscoveryRequest) error {
+	return x.ClientStream.SendMsg(m)
+}
+
+func (x *endpointDiscoveryServiceDeltaEndpointsClient) Recv() (*DeltaDiscoveryResponse, error) {
+	m := new(DeltaDiscoveryResponse)
+	if err := x.ClientStream.RecvMsg(m); err != nil {
+		return nil, err
+	}
+	return m, nil
+}
+
+func (c *endpointDiscoveryServiceClient) FetchEndpoints(ctx context.Context, in *DiscoveryRequest, opts ...grpc.CallOption) (*DiscoveryResponse, error) {
+	out := new(DiscoveryResponse)
+	err := c.cc.Invoke(ctx, "/envoy.api.v2.EndpointDiscoveryService/FetchEndpoints", in, out, opts...)
+	if err != nil {
+		return nil, err
+	}
+	return out, nil
+}
+
+// EndpointDiscoveryServiceServer is the server API for EndpointDiscoveryService service.
+type EndpointDiscoveryServiceServer interface {
+	// The resource_names field in DiscoveryRequest specifies a list of clusters
+	// to subscribe to updates for.
+	StreamEndpoints(EndpointDiscoveryService_StreamEndpointsServer) error
+	DeltaEndpoints(EndpointDiscoveryService_DeltaEndpointsServer) error
+	FetchEndpoints(context.Context, *DiscoveryRequest) (*DiscoveryResponse, error)
+}
+
+// UnimplementedEndpointDiscoveryServiceServer can be embedded to have forward compatible implementations.
+type UnimplementedEndpointDiscoveryServiceServer struct {
+}
+
+func (*UnimplementedEndpointDiscoveryServiceServer) StreamEndpoints(EndpointDiscoveryService_StreamEndpointsServer) error {
+	return status.Errorf(codes.Unimplemented, "method StreamEndpoints not implemented")
+}
+func (*UnimplementedEndpointDiscoveryServiceServer) DeltaEndpoints(EndpointDiscoveryService_DeltaEndpointsServer) error {
+	return status.Errorf(codes.Unimplemented, "method DeltaEndpoints not implemented")
+}
+func (*UnimplementedEndpointDiscoveryServiceServer) FetchEndpoints(context.Context, *DiscoveryRequest) (*DiscoveryResponse, error) {
+	return nil, status.Errorf(codes.Unimplemented, "method FetchEndpoints not implemented")
+}
+
+func RegisterEndpointDiscoveryServiceServer(s *grpc.Server, srv EndpointDiscoveryServiceServer) {
+	s.RegisterService(&_EndpointDiscoveryService_serviceDesc, srv)
+}
+
+func _EndpointDiscoveryService_StreamEndpoints_Handler(srv interface{}, stream grpc.ServerStream) error {
+	return srv.(EndpointDiscoveryServiceServer).StreamEndpoints(&endpointDiscoveryServiceStreamEndpointsServer{stream})
+}
+
+type EndpointDiscoveryService_StreamEndpointsServer interface {
+	Send(*DiscoveryResponse) error
+	Recv() (*DiscoveryRequest, error)
+	grpc.ServerStream
+}
+
+type endpointDiscoveryServiceStreamEndpointsServer struct {
+	grpc.ServerStream
+}
+
+func (x *endpointDiscoveryServiceStreamEndpointsServer) Send(m *DiscoveryResponse) error {
+	return x.ServerStream.SendMsg(m)
+}
+
+func (x *endpointDiscoveryServiceStreamEndpointsServer) Recv() (*DiscoveryRequest, error) {
+	m := new(DiscoveryRequest)
+	if err := x.ServerStream.RecvMsg(m); err != nil {
+		return nil, err
+	}
+	return m, nil
+}
+
+func _EndpointDiscoveryService_DeltaEndpoints_Handler(srv interface{}, stream grpc.ServerStream) error {
+	return srv.(EndpointDiscoveryServiceServer).DeltaEndpoints(&endpointDiscoveryServiceDeltaEndpointsServer{stream})
+}
+
+type EndpointDiscoveryService_DeltaEndpointsServer interface {
+	Send(*DeltaDiscoveryResponse) error
+	Recv() (*DeltaDiscoveryRequest, error)
+	grpc.ServerStream
+}
+
+type endpointDiscoveryServiceDeltaEndpointsServer struct {
+	grpc.ServerStream
+}
+
+func (x *endpointDiscoveryServiceDeltaEndpointsServer) Send(m *DeltaDiscoveryResponse) error {
+	return x.ServerStream.SendMsg(m)
+}
+
+func (x *endpointDiscoveryServiceDeltaEndpointsServer) Recv() (*DeltaDiscoveryRequest, error) {
+	m := new(DeltaDiscoveryRequest)
+	if err := x.ServerStream.RecvMsg(m); err != nil {
+		return nil, err
+	}
+	return m, nil
+}
+
+func _EndpointDiscoveryService_FetchEndpoints_Handler(srv interface{}, ctx context.Context, dec func(interface{}) error, interceptor grpc.UnaryServerInterceptor) (interface{}, error) {
+	in := new(DiscoveryRequest)
+	if err := dec(in); err != nil {
+		return nil, err
+	}
+	if interceptor == nil {
+		return srv.(EndpointDiscoveryServiceServer).FetchEndpoints(ctx, in)
+	}
+	info := &grpc.UnaryServerInfo{
+		Server:     srv,
+		FullMethod: "/envoy.api.v2.EndpointDiscoveryService/FetchEndpoints",
+	}
+	handler := func(ctx context.Context, req interface{}) (interface{}, error) {
+		return srv.(EndpointDiscoveryServiceServer).FetchEndpoints(ctx, req.(*DiscoveryRequest))
+	}
+	return interceptor(ctx, in, info, handler)
+}
+
+var _EndpointDiscoveryService_serviceDesc = grpc.ServiceDesc{
+	ServiceName: "envoy.api.v2.EndpointDiscoveryService",
+	HandlerType: (*EndpointDiscoveryServiceServer)(nil),
+	Methods: []grpc.MethodDesc{
+		{
+			MethodName: "FetchEndpoints",
+			Handler:    _EndpointDiscoveryService_FetchEndpoints_Handler,
+		},
+	},
+	Streams: []grpc.StreamDesc{
+		{
+			StreamName:    "StreamEndpoints",
+			Handler:       _EndpointDiscoveryService_StreamEndpoints_Handler,
+			ServerStreams: true,
+			ClientStreams: true,
+		},
+		{
+			StreamName:    "DeltaEndpoints",
+			Handler:       _EndpointDiscoveryService_DeltaEndpoints_Handler,
+			ServerStreams: true,
+			ClientStreams: true,
+		},
+	},
+	Metadata: "envoy/api/v2/eds.proto",
+}
diff --git a/vendor/github.com/envoyproxy/go-control-plane/envoy/api/v2/eds.pb.validate.go b/vendor/github.com/envoyproxy/go-control-plane/envoy/api/v2/eds.pb.validate.go
new file mode 100644
index 00000000000..0269872f0b9
--- /dev/null
+++ b/vendor/github.com/envoyproxy/go-control-plane/envoy/api/v2/eds.pb.validate.go
@@ -0,0 +1,134 @@
+// Code generated by protoc-gen-validate. DO NOT EDIT.
+// source: envoy/api/v2/eds.proto
+
+package envoy_api_v2
+
+import (
+	"bytes"
+	"errors"
+	"fmt"
+	"net"
+	"net/mail"
+	"net/url"
+	"regexp"
+	"sort"
+	"strings"
+	"time"
+	"unicode/utf8"
+
+	"google.golang.org/protobuf/types/known/anypb"
+)
+
+// ensure the imports are used
+var (
+	_ = bytes.MinRead
+	_ = errors.New("")
+	_ = fmt.Print
+	_ = utf8.UTFMax
+	_ = (*regexp.Regexp)(nil)
+	_ = (*strings.Reader)(nil)
+	_ = net.IPv4len
+	_ = time.Duration(0)
+	_ = (*url.URL)(nil)
+	_ = (*mail.Address)(nil)
+	_ = anypb.Any{}
+	_ = sort.Sort
+)
+
+// Validate checks the field values on EdsDummy with the rules defined in the
+// proto definition for this message. If any rules are violated, the first
+// error encountered is returned, or nil if there are no violations.
+func (m *EdsDummy) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on EdsDummy with the rules defined in
+// the proto definition for this message. If any rules are violated, the
+// result is a list of violation errors wrapped in EdsDummyMultiError, or nil
+// if none found.
+func (m *EdsDummy) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *EdsDummy) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	if len(errors) > 0 {
+		return EdsDummyMultiError(errors)
+	}
+	return nil
+}
+
+// EdsDummyMultiError is an error wrapping multiple validation errors returned
+// by EdsDummy.ValidateAll() if the designated constraints aren't met.
+type EdsDummyMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m EdsDummyMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m EdsDummyMultiError) AllErrors() []error { return m }
+
+// EdsDummyValidationError is the validation error returned by
+// EdsDummy.Validate if the designated constraints aren't met.
+type EdsDummyValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e EdsDummyValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e EdsDummyValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e EdsDummyValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e EdsDummyValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e EdsDummyValidationError) ErrorName() string { return "EdsDummyValidationError" }
+
+// Error satisfies the builtin error interface
+func (e EdsDummyValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sEdsDummy.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = EdsDummyValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = EdsDummyValidationError{}
diff --git a/vendor/github.com/envoyproxy/go-control-plane/envoy/api/v2/endpoint.pb.go b/vendor/github.com/envoyproxy/go-control-plane/envoy/api/v2/endpoint.pb.go
new file mode 100644
index 00000000000..e623446683d
--- /dev/null
+++ b/vendor/github.com/envoyproxy/go-control-plane/envoy/api/v2/endpoint.pb.go
@@ -0,0 +1,488 @@
+// Code generated by protoc-gen-go. DO NOT EDIT.
+// versions:
+// 	protoc-gen-go v1.25.0
+// 	protoc        v3.19.1
+// source: envoy/api/v2/endpoint.proto
+
+package envoy_api_v2
+
+import (
+	_ "github.com/cncf/xds/go/udpa/annotations"
+	endpoint "github.com/envoyproxy/go-control-plane/envoy/api/v2/endpoint"
+	_type "github.com/envoyproxy/go-control-plane/envoy/type"
+	_ "github.com/envoyproxy/protoc-gen-validate/validate"
+	proto "github.com/golang/protobuf/proto"
+	duration "github.com/golang/protobuf/ptypes/duration"
+	wrappers "github.com/golang/protobuf/ptypes/wrappers"
+	protoreflect "google.golang.org/protobuf/reflect/protoreflect"
+	protoimpl "google.golang.org/protobuf/runtime/protoimpl"
+	reflect "reflect"
+	sync "sync"
+)
+
+const (
+	// Verify that this generated code is sufficiently up-to-date.
+	_ = protoimpl.EnforceVersion(20 - protoimpl.MinVersion)
+	// Verify that runtime/protoimpl is sufficiently up-to-date.
+	_ = protoimpl.EnforceVersion(protoimpl.MaxVersion - 20)
+)
+
+// This is a compile-time assertion that a sufficiently up-to-date version
+// of the legacy proto package is being used.
+const _ = proto.ProtoPackageIsVersion4
+
+// Each route from RDS will map to a single cluster or traffic split across
+// clusters using weights expressed in the RDS WeightedCluster.
+//
+// With EDS, each cluster is treated independently from a LB perspective, with
+// LB taking place between the Localities within a cluster and at a finer
+// granularity between the hosts within a locality. The percentage of traffic
+// for each endpoint is determined by both its load_balancing_weight, and the
+// load_balancing_weight of its locality. First, a locality will be selected,
+// then an endpoint within that locality will be chose based on its weight.
+// [#next-free-field: 6]
+type ClusterLoadAssignment struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// Name of the cluster. This will be the :ref:`service_name
+	// <envoy_api_field_Cluster.EdsClusterConfig.service_name>` value if specified
+	// in the cluster :ref:`EdsClusterConfig
+	// <envoy_api_msg_Cluster.EdsClusterConfig>`.
+	ClusterName string `protobuf:"bytes,1,opt,name=cluster_name,json=clusterName,proto3" json:"cluster_name,omitempty"`
+	// List of endpoints to load balance to.
+	Endpoints []*endpoint.LocalityLbEndpoints `protobuf:"bytes,2,rep,name=endpoints,proto3" json:"endpoints,omitempty"`
+	// Map of named endpoints that can be referenced in LocalityLbEndpoints.
+	// [#not-implemented-hide:]
+	NamedEndpoints map[string]*endpoint.Endpoint `protobuf:"bytes,5,rep,name=named_endpoints,json=namedEndpoints,proto3" json:"named_endpoints,omitempty" protobuf_key:"bytes,1,opt,name=key,proto3" protobuf_val:"bytes,2,opt,name=value,proto3"`
+	// Load balancing policy settings.
+	Policy *ClusterLoadAssignment_Policy `protobuf:"bytes,4,opt,name=policy,proto3" json:"policy,omitempty"`
+}
+
+func (x *ClusterLoadAssignment) Reset() {
+	*x = ClusterLoadAssignment{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_api_v2_endpoint_proto_msgTypes[0]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *ClusterLoadAssignment) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*ClusterLoadAssignment) ProtoMessage() {}
+
+func (x *ClusterLoadAssignment) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_api_v2_endpoint_proto_msgTypes[0]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use ClusterLoadAssignment.ProtoReflect.Descriptor instead.
+func (*ClusterLoadAssignment) Descriptor() ([]byte, []int) {
+	return file_envoy_api_v2_endpoint_proto_rawDescGZIP(), []int{0}
+}
+
+func (x *ClusterLoadAssignment) GetClusterName() string {
+	if x != nil {
+		return x.ClusterName
+	}
+	return ""
+}
+
+func (x *ClusterLoadAssignment) GetEndpoints() []*endpoint.LocalityLbEndpoints {
+	if x != nil {
+		return x.Endpoints
+	}
+	return nil
+}
+
+func (x *ClusterLoadAssignment) GetNamedEndpoints() map[string]*endpoint.Endpoint {
+	if x != nil {
+		return x.NamedEndpoints
+	}
+	return nil
+}
+
+func (x *ClusterLoadAssignment) GetPolicy() *ClusterLoadAssignment_Policy {
+	if x != nil {
+		return x.Policy
+	}
+	return nil
+}
+
+// Load balancing policy settings.
+// [#next-free-field: 6]
+type ClusterLoadAssignment_Policy struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// Action to trim the overall incoming traffic to protect the upstream
+	// hosts. This action allows protection in case the hosts are unable to
+	// recover from an outage, or unable to autoscale or unable to handle
+	// incoming traffic volume for any reason.
+	//
+	// At the client each category is applied one after the other to generate
+	// the 'actual' drop percentage on all outgoing traffic. For example:
+	//
+	// .. code-block:: json
+	//
+	//  { "drop_overloads": [
+	//      { "category": "throttle", "drop_percentage": 60 }
+	//      { "category": "lb", "drop_percentage": 50 }
+	//  ]}
+	//
+	// The actual drop percentages applied to the traffic at the clients will be
+	//    "throttle"_drop = 60%
+	//    "lb"_drop = 20%  // 50% of the remaining 'actual' load, which is 40%.
+	//    actual_outgoing_load = 20% // remaining after applying all categories.
+	// [#not-implemented-hide:]
+	DropOverloads []*ClusterLoadAssignment_Policy_DropOverload `protobuf:"bytes,2,rep,name=drop_overloads,json=dropOverloads,proto3" json:"drop_overloads,omitempty"`
+	// Priority levels and localities are considered overprovisioned with this
+	// factor (in percentage). This means that we don't consider a priority
+	// level or locality unhealthy until the percentage of healthy hosts
+	// multiplied by the overprovisioning factor drops below 100.
+	// With the default value 140(1.4), Envoy doesn't consider a priority level
+	// or a locality unhealthy until their percentage of healthy hosts drops
+	// below 72%. For example:
+	//
+	// .. code-block:: json
+	//
+	//  { "overprovisioning_factor": 100 }
+	//
+	// Read more at :ref:`priority levels <arch_overview_load_balancing_priority_levels>` and
+	// :ref:`localities <arch_overview_load_balancing_locality_weighted_lb>`.
+	OverprovisioningFactor *wrappers.UInt32Value `protobuf:"bytes,3,opt,name=overprovisioning_factor,json=overprovisioningFactor,proto3" json:"overprovisioning_factor,omitempty"`
+	// The max time until which the endpoints from this assignment can be used.
+	// If no new assignments are received before this time expires the endpoints
+	// are considered stale and should be marked unhealthy.
+	// Defaults to 0 which means endpoints never go stale.
+	EndpointStaleAfter *duration.Duration `protobuf:"bytes,4,opt,name=endpoint_stale_after,json=endpointStaleAfter,proto3" json:"endpoint_stale_after,omitempty"`
+	// The flag to disable overprovisioning. If it is set to true,
+	// :ref:`overprovisioning factor
+	// <arch_overview_load_balancing_overprovisioning_factor>` will be ignored
+	// and Envoy will not perform graceful failover between priority levels or
+	// localities as endpoints become unhealthy. Otherwise Envoy will perform
+	// graceful failover as :ref:`overprovisioning factor
+	// <arch_overview_load_balancing_overprovisioning_factor>` suggests.
+	// [#not-implemented-hide:]
+	//
+	// Deprecated: Do not use.
+	DisableOverprovisioning bool `protobuf:"varint,5,opt,name=disable_overprovisioning,json=disableOverprovisioning,proto3" json:"disable_overprovisioning,omitempty"`
+}
+
+func (x *ClusterLoadAssignment_Policy) Reset() {
+	*x = ClusterLoadAssignment_Policy{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_api_v2_endpoint_proto_msgTypes[1]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *ClusterLoadAssignment_Policy) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*ClusterLoadAssignment_Policy) ProtoMessage() {}
+
+func (x *ClusterLoadAssignment_Policy) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_api_v2_endpoint_proto_msgTypes[1]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use ClusterLoadAssignment_Policy.ProtoReflect.Descriptor instead.
+func (*ClusterLoadAssignment_Policy) Descriptor() ([]byte, []int) {
+	return file_envoy_api_v2_endpoint_proto_rawDescGZIP(), []int{0, 0}
+}
+
+func (x *ClusterLoadAssignment_Policy) GetDropOverloads() []*ClusterLoadAssignment_Policy_DropOverload {
+	if x != nil {
+		return x.DropOverloads
+	}
+	return nil
+}
+
+func (x *ClusterLoadAssignment_Policy) GetOverprovisioningFactor() *wrappers.UInt32Value {
+	if x != nil {
+		return x.OverprovisioningFactor
+	}
+	return nil
+}
+
+func (x *ClusterLoadAssignment_Policy) GetEndpointStaleAfter() *duration.Duration {
+	if x != nil {
+		return x.EndpointStaleAfter
+	}
+	return nil
+}
+
+// Deprecated: Do not use.
+func (x *ClusterLoadAssignment_Policy) GetDisableOverprovisioning() bool {
+	if x != nil {
+		return x.DisableOverprovisioning
+	}
+	return false
+}
+
+// [#not-implemented-hide:]
+type ClusterLoadAssignment_Policy_DropOverload struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// Identifier for the policy specifying the drop.
+	Category string `protobuf:"bytes,1,opt,name=category,proto3" json:"category,omitempty"`
+	// Percentage of traffic that should be dropped for the category.
+	DropPercentage *_type.FractionalPercent `protobuf:"bytes,2,opt,name=drop_percentage,json=dropPercentage,proto3" json:"drop_percentage,omitempty"`
+}
+
+func (x *ClusterLoadAssignment_Policy_DropOverload) Reset() {
+	*x = ClusterLoadAssignment_Policy_DropOverload{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_api_v2_endpoint_proto_msgTypes[3]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *ClusterLoadAssignment_Policy_DropOverload) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*ClusterLoadAssignment_Policy_DropOverload) ProtoMessage() {}
+
+func (x *ClusterLoadAssignment_Policy_DropOverload) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_api_v2_endpoint_proto_msgTypes[3]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use ClusterLoadAssignment_Policy_DropOverload.ProtoReflect.Descriptor instead.
+func (*ClusterLoadAssignment_Policy_DropOverload) Descriptor() ([]byte, []int) {
+	return file_envoy_api_v2_endpoint_proto_rawDescGZIP(), []int{0, 0, 0}
+}
+
+func (x *ClusterLoadAssignment_Policy_DropOverload) GetCategory() string {
+	if x != nil {
+		return x.Category
+	}
+	return ""
+}
+
+func (x *ClusterLoadAssignment_Policy_DropOverload) GetDropPercentage() *_type.FractionalPercent {
+	if x != nil {
+		return x.DropPercentage
+	}
+	return nil
+}
+
+var File_envoy_api_v2_endpoint_proto protoreflect.FileDescriptor
+
+var file_envoy_api_v2_endpoint_proto_rawDesc = []byte{
+	0x0a, 0x1b, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2f, 0x61, 0x70, 0x69, 0x2f, 0x76, 0x32, 0x2f, 0x65,
+	0x6e, 0x64, 0x70, 0x6f, 0x69, 0x6e, 0x74, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x12, 0x0c, 0x65,
+	0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x76, 0x32, 0x1a, 0x2f, 0x65, 0x6e, 0x76,
+	0x6f, 0x79, 0x2f, 0x61, 0x70, 0x69, 0x2f, 0x76, 0x32, 0x2f, 0x65, 0x6e, 0x64, 0x70, 0x6f, 0x69,
+	0x6e, 0x74, 0x2f, 0x65, 0x6e, 0x64, 0x70, 0x6f, 0x69, 0x6e, 0x74, 0x5f, 0x63, 0x6f, 0x6d, 0x70,
+	0x6f, 0x6e, 0x65, 0x6e, 0x74, 0x73, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x18, 0x65, 0x6e,
+	0x76, 0x6f, 0x79, 0x2f, 0x74, 0x79, 0x70, 0x65, 0x2f, 0x70, 0x65, 0x72, 0x63, 0x65, 0x6e, 0x74,
+	0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x1e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2f, 0x70,
+	0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2f, 0x64, 0x75, 0x72, 0x61, 0x74, 0x69, 0x6f, 0x6e,
+	0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x1e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2f, 0x70,
+	0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2f, 0x77, 0x72, 0x61, 0x70, 0x70, 0x65, 0x72, 0x73,
+	0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x1e, 0x75, 0x64, 0x70, 0x61, 0x2f, 0x61, 0x6e, 0x6e,
+	0x6f, 0x74, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x2f, 0x6d, 0x69, 0x67, 0x72, 0x61, 0x74, 0x65,
+	0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x1d, 0x75, 0x64, 0x70, 0x61, 0x2f, 0x61, 0x6e, 0x6e,
+	0x6f, 0x74, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x2f, 0x73, 0x74, 0x61, 0x74, 0x75, 0x73, 0x2e,
+	0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x17, 0x76, 0x61, 0x6c, 0x69, 0x64, 0x61, 0x74, 0x65, 0x2f,
+	0x76, 0x61, 0x6c, 0x69, 0x64, 0x61, 0x74, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x22, 0xfb,
+	0x06, 0x0a, 0x15, 0x43, 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0x4c, 0x6f, 0x61, 0x64, 0x41, 0x73,
+	0x73, 0x69, 0x67, 0x6e, 0x6d, 0x65, 0x6e, 0x74, 0x12, 0x2a, 0x0a, 0x0c, 0x63, 0x6c, 0x75, 0x73,
+	0x74, 0x65, 0x72, 0x5f, 0x6e, 0x61, 0x6d, 0x65, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x42, 0x07,
+	0xfa, 0x42, 0x04, 0x72, 0x02, 0x20, 0x01, 0x52, 0x0b, 0x63, 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72,
+	0x4e, 0x61, 0x6d, 0x65, 0x12, 0x48, 0x0a, 0x09, 0x65, 0x6e, 0x64, 0x70, 0x6f, 0x69, 0x6e, 0x74,
+	0x73, 0x18, 0x02, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x2a, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e,
+	0x61, 0x70, 0x69, 0x2e, 0x76, 0x32, 0x2e, 0x65, 0x6e, 0x64, 0x70, 0x6f, 0x69, 0x6e, 0x74, 0x2e,
+	0x4c, 0x6f, 0x63, 0x61, 0x6c, 0x69, 0x74, 0x79, 0x4c, 0x62, 0x45, 0x6e, 0x64, 0x70, 0x6f, 0x69,
+	0x6e, 0x74, 0x73, 0x52, 0x09, 0x65, 0x6e, 0x64, 0x70, 0x6f, 0x69, 0x6e, 0x74, 0x73, 0x12, 0x60,
+	0x0a, 0x0f, 0x6e, 0x61, 0x6d, 0x65, 0x64, 0x5f, 0x65, 0x6e, 0x64, 0x70, 0x6f, 0x69, 0x6e, 0x74,
+	0x73, 0x18, 0x05, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x37, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e,
+	0x61, 0x70, 0x69, 0x2e, 0x76, 0x32, 0x2e, 0x43, 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0x4c, 0x6f,
+	0x61, 0x64, 0x41, 0x73, 0x73, 0x69, 0x67, 0x6e, 0x6d, 0x65, 0x6e, 0x74, 0x2e, 0x4e, 0x61, 0x6d,
+	0x65, 0x64, 0x45, 0x6e, 0x64, 0x70, 0x6f, 0x69, 0x6e, 0x74, 0x73, 0x45, 0x6e, 0x74, 0x72, 0x79,
+	0x52, 0x0e, 0x6e, 0x61, 0x6d, 0x65, 0x64, 0x45, 0x6e, 0x64, 0x70, 0x6f, 0x69, 0x6e, 0x74, 0x73,
+	0x12, 0x42, 0x0a, 0x06, 0x70, 0x6f, 0x6c, 0x69, 0x63, 0x79, 0x18, 0x04, 0x20, 0x01, 0x28, 0x0b,
+	0x32, 0x2a, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x76, 0x32, 0x2e,
+	0x43, 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0x4c, 0x6f, 0x61, 0x64, 0x41, 0x73, 0x73, 0x69, 0x67,
+	0x6e, 0x6d, 0x65, 0x6e, 0x74, 0x2e, 0x50, 0x6f, 0x6c, 0x69, 0x63, 0x79, 0x52, 0x06, 0x70, 0x6f,
+	0x6c, 0x69, 0x63, 0x79, 0x1a, 0xe1, 0x03, 0x0a, 0x06, 0x50, 0x6f, 0x6c, 0x69, 0x63, 0x79, 0x12,
+	0x5e, 0x0a, 0x0e, 0x64, 0x72, 0x6f, 0x70, 0x5f, 0x6f, 0x76, 0x65, 0x72, 0x6c, 0x6f, 0x61, 0x64,
+	0x73, 0x18, 0x02, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x37, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e,
+	0x61, 0x70, 0x69, 0x2e, 0x76, 0x32, 0x2e, 0x43, 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0x4c, 0x6f,
+	0x61, 0x64, 0x41, 0x73, 0x73, 0x69, 0x67, 0x6e, 0x6d, 0x65, 0x6e, 0x74, 0x2e, 0x50, 0x6f, 0x6c,
+	0x69, 0x63, 0x79, 0x2e, 0x44, 0x72, 0x6f, 0x70, 0x4f, 0x76, 0x65, 0x72, 0x6c, 0x6f, 0x61, 0x64,
+	0x52, 0x0d, 0x64, 0x72, 0x6f, 0x70, 0x4f, 0x76, 0x65, 0x72, 0x6c, 0x6f, 0x61, 0x64, 0x73, 0x12,
+	0x5e, 0x0a, 0x17, 0x6f, 0x76, 0x65, 0x72, 0x70, 0x72, 0x6f, 0x76, 0x69, 0x73, 0x69, 0x6f, 0x6e,
+	0x69, 0x6e, 0x67, 0x5f, 0x66, 0x61, 0x63, 0x74, 0x6f, 0x72, 0x18, 0x03, 0x20, 0x01, 0x28, 0x0b,
+	0x32, 0x1c, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62,
+	0x75, 0x66, 0x2e, 0x55, 0x49, 0x6e, 0x74, 0x33, 0x32, 0x56, 0x61, 0x6c, 0x75, 0x65, 0x42, 0x07,
+	0xfa, 0x42, 0x04, 0x2a, 0x02, 0x20, 0x00, 0x52, 0x16, 0x6f, 0x76, 0x65, 0x72, 0x70, 0x72, 0x6f,
+	0x76, 0x69, 0x73, 0x69, 0x6f, 0x6e, 0x69, 0x6e, 0x67, 0x46, 0x61, 0x63, 0x74, 0x6f, 0x72, 0x12,
+	0x55, 0x0a, 0x14, 0x65, 0x6e, 0x64, 0x70, 0x6f, 0x69, 0x6e, 0x74, 0x5f, 0x73, 0x74, 0x61, 0x6c,
+	0x65, 0x5f, 0x61, 0x66, 0x74, 0x65, 0x72, 0x18, 0x04, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x19, 0x2e,
+	0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e,
+	0x44, 0x75, 0x72, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x42, 0x08, 0xfa, 0x42, 0x05, 0xaa, 0x01, 0x02,
+	0x2a, 0x00, 0x52, 0x12, 0x65, 0x6e, 0x64, 0x70, 0x6f, 0x69, 0x6e, 0x74, 0x53, 0x74, 0x61, 0x6c,
+	0x65, 0x41, 0x66, 0x74, 0x65, 0x72, 0x12, 0x3d, 0x0a, 0x18, 0x64, 0x69, 0x73, 0x61, 0x62, 0x6c,
+	0x65, 0x5f, 0x6f, 0x76, 0x65, 0x72, 0x70, 0x72, 0x6f, 0x76, 0x69, 0x73, 0x69, 0x6f, 0x6e, 0x69,
+	0x6e, 0x67, 0x18, 0x05, 0x20, 0x01, 0x28, 0x08, 0x42, 0x02, 0x18, 0x01, 0x52, 0x17, 0x64, 0x69,
+	0x73, 0x61, 0x62, 0x6c, 0x65, 0x4f, 0x76, 0x65, 0x72, 0x70, 0x72, 0x6f, 0x76, 0x69, 0x73, 0x69,
+	0x6f, 0x6e, 0x69, 0x6e, 0x67, 0x1a, 0x7b, 0x0a, 0x0c, 0x44, 0x72, 0x6f, 0x70, 0x4f, 0x76, 0x65,
+	0x72, 0x6c, 0x6f, 0x61, 0x64, 0x12, 0x23, 0x0a, 0x08, 0x63, 0x61, 0x74, 0x65, 0x67, 0x6f, 0x72,
+	0x79, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x42, 0x07, 0xfa, 0x42, 0x04, 0x72, 0x02, 0x20, 0x01,
+	0x52, 0x08, 0x63, 0x61, 0x74, 0x65, 0x67, 0x6f, 0x72, 0x79, 0x12, 0x46, 0x0a, 0x0f, 0x64, 0x72,
+	0x6f, 0x70, 0x5f, 0x70, 0x65, 0x72, 0x63, 0x65, 0x6e, 0x74, 0x61, 0x67, 0x65, 0x18, 0x02, 0x20,
+	0x01, 0x28, 0x0b, 0x32, 0x1d, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x74, 0x79, 0x70, 0x65,
+	0x2e, 0x46, 0x72, 0x61, 0x63, 0x74, 0x69, 0x6f, 0x6e, 0x61, 0x6c, 0x50, 0x65, 0x72, 0x63, 0x65,
+	0x6e, 0x74, 0x52, 0x0e, 0x64, 0x72, 0x6f, 0x70, 0x50, 0x65, 0x72, 0x63, 0x65, 0x6e, 0x74, 0x61,
+	0x67, 0x65, 0x4a, 0x04, 0x08, 0x01, 0x10, 0x02, 0x1a, 0x62, 0x0a, 0x13, 0x4e, 0x61, 0x6d, 0x65,
+	0x64, 0x45, 0x6e, 0x64, 0x70, 0x6f, 0x69, 0x6e, 0x74, 0x73, 0x45, 0x6e, 0x74, 0x72, 0x79, 0x12,
+	0x10, 0x0a, 0x03, 0x6b, 0x65, 0x79, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x03, 0x6b, 0x65,
+	0x79, 0x12, 0x35, 0x0a, 0x05, 0x76, 0x61, 0x6c, 0x75, 0x65, 0x18, 0x02, 0x20, 0x01, 0x28, 0x0b,
+	0x32, 0x1f, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x76, 0x32, 0x2e,
+	0x65, 0x6e, 0x64, 0x70, 0x6f, 0x69, 0x6e, 0x74, 0x2e, 0x45, 0x6e, 0x64, 0x70, 0x6f, 0x69, 0x6e,
+	0x74, 0x52, 0x05, 0x76, 0x61, 0x6c, 0x75, 0x65, 0x3a, 0x02, 0x38, 0x01, 0x42, 0x55, 0x0a, 0x1a,
+	0x69, 0x6f, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x70, 0x72, 0x6f, 0x78, 0x79, 0x2e, 0x65, 0x6e,
+	0x76, 0x6f, 0x79, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x76, 0x32, 0x42, 0x0d, 0x45, 0x6e, 0x64, 0x70,
+	0x6f, 0x69, 0x6e, 0x74, 0x50, 0x72, 0x6f, 0x74, 0x6f, 0x50, 0x01, 0xf2, 0x98, 0xfe, 0x8f, 0x05,
+	0x1a, 0x12, 0x18, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e,
+	0x65, 0x6e, 0x64, 0x70, 0x6f, 0x69, 0x6e, 0x74, 0x2e, 0x76, 0x33, 0xba, 0x80, 0xc8, 0xd1, 0x06,
+	0x02, 0x10, 0x01, 0x62, 0x06, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x33,
+}
+
+var (
+	file_envoy_api_v2_endpoint_proto_rawDescOnce sync.Once
+	file_envoy_api_v2_endpoint_proto_rawDescData = file_envoy_api_v2_endpoint_proto_rawDesc
+)
+
+func file_envoy_api_v2_endpoint_proto_rawDescGZIP() []byte {
+	file_envoy_api_v2_endpoint_proto_rawDescOnce.Do(func() {
+		file_envoy_api_v2_endpoint_proto_rawDescData = protoimpl.X.CompressGZIP(file_envoy_api_v2_endpoint_proto_rawDescData)
+	})
+	return file_envoy_api_v2_endpoint_proto_rawDescData
+}
+
+var file_envoy_api_v2_endpoint_proto_msgTypes = make([]protoimpl.MessageInfo, 4)
+var file_envoy_api_v2_endpoint_proto_goTypes = []interface{}{
+	(*ClusterLoadAssignment)(nil),        // 0: envoy.api.v2.ClusterLoadAssignment
+	(*ClusterLoadAssignment_Policy)(nil), // 1: envoy.api.v2.ClusterLoadAssignment.Policy
+	nil,                                  // 2: envoy.api.v2.ClusterLoadAssignment.NamedEndpointsEntry
+	(*ClusterLoadAssignment_Policy_DropOverload)(nil), // 3: envoy.api.v2.ClusterLoadAssignment.Policy.DropOverload
+	(*endpoint.LocalityLbEndpoints)(nil),              // 4: envoy.api.v2.endpoint.LocalityLbEndpoints
+	(*wrappers.UInt32Value)(nil),                      // 5: google.protobuf.UInt32Value
+	(*duration.Duration)(nil),                         // 6: google.protobuf.Duration
+	(*endpoint.Endpoint)(nil),                         // 7: envoy.api.v2.endpoint.Endpoint
+	(*_type.FractionalPercent)(nil),                   // 8: envoy.type.FractionalPercent
+}
+var file_envoy_api_v2_endpoint_proto_depIdxs = []int32{
+	4, // 0: envoy.api.v2.ClusterLoadAssignment.endpoints:type_name -> envoy.api.v2.endpoint.LocalityLbEndpoints
+	2, // 1: envoy.api.v2.ClusterLoadAssignment.named_endpoints:type_name -> envoy.api.v2.ClusterLoadAssignment.NamedEndpointsEntry
+	1, // 2: envoy.api.v2.ClusterLoadAssignment.policy:type_name -> envoy.api.v2.ClusterLoadAssignment.Policy
+	3, // 3: envoy.api.v2.ClusterLoadAssignment.Policy.drop_overloads:type_name -> envoy.api.v2.ClusterLoadAssignment.Policy.DropOverload
+	5, // 4: envoy.api.v2.ClusterLoadAssignment.Policy.overprovisioning_factor:type_name -> google.protobuf.UInt32Value
+	6, // 5: envoy.api.v2.ClusterLoadAssignment.Policy.endpoint_stale_after:type_name -> google.protobuf.Duration
+	7, // 6: envoy.api.v2.ClusterLoadAssignment.NamedEndpointsEntry.value:type_name -> envoy.api.v2.endpoint.Endpoint
+	8, // 7: envoy.api.v2.ClusterLoadAssignment.Policy.DropOverload.drop_percentage:type_name -> envoy.type.FractionalPercent
+	8, // [8:8] is the sub-list for method output_type
+	8, // [8:8] is the sub-list for method input_type
+	8, // [8:8] is the sub-list for extension type_name
+	8, // [8:8] is the sub-list for extension extendee
+	0, // [0:8] is the sub-list for field type_name
+}
+
+func init() { file_envoy_api_v2_endpoint_proto_init() }
+func file_envoy_api_v2_endpoint_proto_init() {
+	if File_envoy_api_v2_endpoint_proto != nil {
+		return
+	}
+	if !protoimpl.UnsafeEnabled {
+		file_envoy_api_v2_endpoint_proto_msgTypes[0].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*ClusterLoadAssignment); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_api_v2_endpoint_proto_msgTypes[1].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*ClusterLoadAssignment_Policy); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_api_v2_endpoint_proto_msgTypes[3].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*ClusterLoadAssignment_Policy_DropOverload); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+	}
+	type x struct{}
+	out := protoimpl.TypeBuilder{
+		File: protoimpl.DescBuilder{
+			GoPackagePath: reflect.TypeOf(x{}).PkgPath(),
+			RawDescriptor: file_envoy_api_v2_endpoint_proto_rawDesc,
+			NumEnums:      0,
+			NumMessages:   4,
+			NumExtensions: 0,
+			NumServices:   0,
+		},
+		GoTypes:           file_envoy_api_v2_endpoint_proto_goTypes,
+		DependencyIndexes: file_envoy_api_v2_endpoint_proto_depIdxs,
+		MessageInfos:      file_envoy_api_v2_endpoint_proto_msgTypes,
+	}.Build()
+	File_envoy_api_v2_endpoint_proto = out.File
+	file_envoy_api_v2_endpoint_proto_rawDesc = nil
+	file_envoy_api_v2_endpoint_proto_goTypes = nil
+	file_envoy_api_v2_endpoint_proto_depIdxs = nil
+}
diff --git a/vendor/github.com/envoyproxy/go-control-plane/envoy/api/v2/endpoint.pb.validate.go b/vendor/github.com/envoyproxy/go-control-plane/envoy/api/v2/endpoint.pb.validate.go
new file mode 100644
index 00000000000..787b7681d2c
--- /dev/null
+++ b/vendor/github.com/envoyproxy/go-control-plane/envoy/api/v2/endpoint.pb.validate.go
@@ -0,0 +1,585 @@
+// Code generated by protoc-gen-validate. DO NOT EDIT.
+// source: envoy/api/v2/endpoint.proto
+
+package envoy_api_v2
+
+import (
+	"bytes"
+	"errors"
+	"fmt"
+	"net"
+	"net/mail"
+	"net/url"
+	"regexp"
+	"sort"
+	"strings"
+	"time"
+	"unicode/utf8"
+
+	"google.golang.org/protobuf/types/known/anypb"
+)
+
+// ensure the imports are used
+var (
+	_ = bytes.MinRead
+	_ = errors.New("")
+	_ = fmt.Print
+	_ = utf8.UTFMax
+	_ = (*regexp.Regexp)(nil)
+	_ = (*strings.Reader)(nil)
+	_ = net.IPv4len
+	_ = time.Duration(0)
+	_ = (*url.URL)(nil)
+	_ = (*mail.Address)(nil)
+	_ = anypb.Any{}
+	_ = sort.Sort
+)
+
+// Validate checks the field values on ClusterLoadAssignment with the rules
+// defined in the proto definition for this message. If any rules are
+// violated, the first error encountered is returned, or nil if there are no violations.
+func (m *ClusterLoadAssignment) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on ClusterLoadAssignment with the rules
+// defined in the proto definition for this message. If any rules are
+// violated, the result is a list of violation errors wrapped in
+// ClusterLoadAssignmentMultiError, or nil if none found.
+func (m *ClusterLoadAssignment) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *ClusterLoadAssignment) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	if len(m.GetClusterName()) < 1 {
+		err := ClusterLoadAssignmentValidationError{
+			field:  "ClusterName",
+			reason: "value length must be at least 1 bytes",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+	}
+
+	for idx, item := range m.GetEndpoints() {
+		_, _ = idx, item
+
+		if all {
+			switch v := interface{}(item).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, ClusterLoadAssignmentValidationError{
+						field:  fmt.Sprintf("Endpoints[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, ClusterLoadAssignmentValidationError{
+						field:  fmt.Sprintf("Endpoints[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(item).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return ClusterLoadAssignmentValidationError{
+					field:  fmt.Sprintf("Endpoints[%v]", idx),
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	}
+
+	{
+		sorted_keys := make([]string, len(m.GetNamedEndpoints()))
+		i := 0
+		for key := range m.GetNamedEndpoints() {
+			sorted_keys[i] = key
+			i++
+		}
+		sort.Slice(sorted_keys, func(i, j int) bool { return sorted_keys[i] < sorted_keys[j] })
+		for _, key := range sorted_keys {
+			val := m.GetNamedEndpoints()[key]
+			_ = val
+
+			// no validation rules for NamedEndpoints[key]
+
+			if all {
+				switch v := interface{}(val).(type) {
+				case interface{ ValidateAll() error }:
+					if err := v.ValidateAll(); err != nil {
+						errors = append(errors, ClusterLoadAssignmentValidationError{
+							field:  fmt.Sprintf("NamedEndpoints[%v]", key),
+							reason: "embedded message failed validation",
+							cause:  err,
+						})
+					}
+				case interface{ Validate() error }:
+					if err := v.Validate(); err != nil {
+						errors = append(errors, ClusterLoadAssignmentValidationError{
+							field:  fmt.Sprintf("NamedEndpoints[%v]", key),
+							reason: "embedded message failed validation",
+							cause:  err,
+						})
+					}
+				}
+			} else if v, ok := interface{}(val).(interface{ Validate() error }); ok {
+				if err := v.Validate(); err != nil {
+					return ClusterLoadAssignmentValidationError{
+						field:  fmt.Sprintf("NamedEndpoints[%v]", key),
+						reason: "embedded message failed validation",
+						cause:  err,
+					}
+				}
+			}
+
+		}
+	}
+
+	if all {
+		switch v := interface{}(m.GetPolicy()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, ClusterLoadAssignmentValidationError{
+					field:  "Policy",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, ClusterLoadAssignmentValidationError{
+					field:  "Policy",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetPolicy()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return ClusterLoadAssignmentValidationError{
+				field:  "Policy",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if len(errors) > 0 {
+		return ClusterLoadAssignmentMultiError(errors)
+	}
+	return nil
+}
+
+// ClusterLoadAssignmentMultiError is an error wrapping multiple validation
+// errors returned by ClusterLoadAssignment.ValidateAll() if the designated
+// constraints aren't met.
+type ClusterLoadAssignmentMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m ClusterLoadAssignmentMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m ClusterLoadAssignmentMultiError) AllErrors() []error { return m }
+
+// ClusterLoadAssignmentValidationError is the validation error returned by
+// ClusterLoadAssignment.Validate if the designated constraints aren't met.
+type ClusterLoadAssignmentValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e ClusterLoadAssignmentValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e ClusterLoadAssignmentValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e ClusterLoadAssignmentValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e ClusterLoadAssignmentValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e ClusterLoadAssignmentValidationError) ErrorName() string {
+	return "ClusterLoadAssignmentValidationError"
+}
+
+// Error satisfies the builtin error interface
+func (e ClusterLoadAssignmentValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sClusterLoadAssignment.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = ClusterLoadAssignmentValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = ClusterLoadAssignmentValidationError{}
+
+// Validate checks the field values on ClusterLoadAssignment_Policy with the
+// rules defined in the proto definition for this message. If any rules are
+// violated, the first error encountered is returned, or nil if there are no violations.
+func (m *ClusterLoadAssignment_Policy) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on ClusterLoadAssignment_Policy with the
+// rules defined in the proto definition for this message. If any rules are
+// violated, the result is a list of violation errors wrapped in
+// ClusterLoadAssignment_PolicyMultiError, or nil if none found.
+func (m *ClusterLoadAssignment_Policy) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *ClusterLoadAssignment_Policy) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	for idx, item := range m.GetDropOverloads() {
+		_, _ = idx, item
+
+		if all {
+			switch v := interface{}(item).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, ClusterLoadAssignment_PolicyValidationError{
+						field:  fmt.Sprintf("DropOverloads[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, ClusterLoadAssignment_PolicyValidationError{
+						field:  fmt.Sprintf("DropOverloads[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(item).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return ClusterLoadAssignment_PolicyValidationError{
+					field:  fmt.Sprintf("DropOverloads[%v]", idx),
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	}
+
+	if wrapper := m.GetOverprovisioningFactor(); wrapper != nil {
+
+		if wrapper.GetValue() <= 0 {
+			err := ClusterLoadAssignment_PolicyValidationError{
+				field:  "OverprovisioningFactor",
+				reason: "value must be greater than 0",
+			}
+			if !all {
+				return err
+			}
+			errors = append(errors, err)
+		}
+
+	}
+
+	if d := m.GetEndpointStaleAfter(); d != nil {
+		dur, err := d.AsDuration(), d.CheckValid()
+		if err != nil {
+			err = ClusterLoadAssignment_PolicyValidationError{
+				field:  "EndpointStaleAfter",
+				reason: "value is not a valid duration",
+				cause:  err,
+			}
+			if !all {
+				return err
+			}
+			errors = append(errors, err)
+		} else {
+
+			gt := time.Duration(0*time.Second + 0*time.Nanosecond)
+
+			if dur <= gt {
+				err := ClusterLoadAssignment_PolicyValidationError{
+					field:  "EndpointStaleAfter",
+					reason: "value must be greater than 0s",
+				}
+				if !all {
+					return err
+				}
+				errors = append(errors, err)
+			}
+
+		}
+	}
+
+	// no validation rules for DisableOverprovisioning
+
+	if len(errors) > 0 {
+		return ClusterLoadAssignment_PolicyMultiError(errors)
+	}
+	return nil
+}
+
+// ClusterLoadAssignment_PolicyMultiError is an error wrapping multiple
+// validation errors returned by ClusterLoadAssignment_Policy.ValidateAll() if
+// the designated constraints aren't met.
+type ClusterLoadAssignment_PolicyMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m ClusterLoadAssignment_PolicyMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m ClusterLoadAssignment_PolicyMultiError) AllErrors() []error { return m }
+
+// ClusterLoadAssignment_PolicyValidationError is the validation error returned
+// by ClusterLoadAssignment_Policy.Validate if the designated constraints
+// aren't met.
+type ClusterLoadAssignment_PolicyValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e ClusterLoadAssignment_PolicyValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e ClusterLoadAssignment_PolicyValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e ClusterLoadAssignment_PolicyValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e ClusterLoadAssignment_PolicyValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e ClusterLoadAssignment_PolicyValidationError) ErrorName() string {
+	return "ClusterLoadAssignment_PolicyValidationError"
+}
+
+// Error satisfies the builtin error interface
+func (e ClusterLoadAssignment_PolicyValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sClusterLoadAssignment_Policy.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = ClusterLoadAssignment_PolicyValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = ClusterLoadAssignment_PolicyValidationError{}
+
+// Validate checks the field values on
+// ClusterLoadAssignment_Policy_DropOverload with the rules defined in the
+// proto definition for this message. If any rules are violated, the first
+// error encountered is returned, or nil if there are no violations.
+func (m *ClusterLoadAssignment_Policy_DropOverload) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on
+// ClusterLoadAssignment_Policy_DropOverload with the rules defined in the
+// proto definition for this message. If any rules are violated, the result is
+// a list of violation errors wrapped in
+// ClusterLoadAssignment_Policy_DropOverloadMultiError, or nil if none found.
+func (m *ClusterLoadAssignment_Policy_DropOverload) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *ClusterLoadAssignment_Policy_DropOverload) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	if len(m.GetCategory()) < 1 {
+		err := ClusterLoadAssignment_Policy_DropOverloadValidationError{
+			field:  "Category",
+			reason: "value length must be at least 1 bytes",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+	}
+
+	if all {
+		switch v := interface{}(m.GetDropPercentage()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, ClusterLoadAssignment_Policy_DropOverloadValidationError{
+					field:  "DropPercentage",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, ClusterLoadAssignment_Policy_DropOverloadValidationError{
+					field:  "DropPercentage",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetDropPercentage()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return ClusterLoadAssignment_Policy_DropOverloadValidationError{
+				field:  "DropPercentage",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if len(errors) > 0 {
+		return ClusterLoadAssignment_Policy_DropOverloadMultiError(errors)
+	}
+	return nil
+}
+
+// ClusterLoadAssignment_Policy_DropOverloadMultiError is an error wrapping
+// multiple validation errors returned by
+// ClusterLoadAssignment_Policy_DropOverload.ValidateAll() if the designated
+// constraints aren't met.
+type ClusterLoadAssignment_Policy_DropOverloadMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m ClusterLoadAssignment_Policy_DropOverloadMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m ClusterLoadAssignment_Policy_DropOverloadMultiError) AllErrors() []error { return m }
+
+// ClusterLoadAssignment_Policy_DropOverloadValidationError is the validation
+// error returned by ClusterLoadAssignment_Policy_DropOverload.Validate if the
+// designated constraints aren't met.
+type ClusterLoadAssignment_Policy_DropOverloadValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e ClusterLoadAssignment_Policy_DropOverloadValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e ClusterLoadAssignment_Policy_DropOverloadValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e ClusterLoadAssignment_Policy_DropOverloadValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e ClusterLoadAssignment_Policy_DropOverloadValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e ClusterLoadAssignment_Policy_DropOverloadValidationError) ErrorName() string {
+	return "ClusterLoadAssignment_Policy_DropOverloadValidationError"
+}
+
+// Error satisfies the builtin error interface
+func (e ClusterLoadAssignment_Policy_DropOverloadValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sClusterLoadAssignment_Policy_DropOverload.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = ClusterLoadAssignment_Policy_DropOverloadValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = ClusterLoadAssignment_Policy_DropOverloadValidationError{}
diff --git a/vendor/github.com/envoyproxy/go-control-plane/envoy/api/v2/endpoint/endpoint.pb.go b/vendor/github.com/envoyproxy/go-control-plane/envoy/api/v2/endpoint/endpoint.pb.go
new file mode 100644
index 00000000000..8c817fcf15d
--- /dev/null
+++ b/vendor/github.com/envoyproxy/go-control-plane/envoy/api/v2/endpoint/endpoint.pb.go
@@ -0,0 +1,75 @@
+// Code generated by protoc-gen-go. DO NOT EDIT.
+// versions:
+// 	protoc-gen-go v1.25.0
+// 	protoc        v3.19.1
+// source: envoy/api/v2/endpoint/endpoint.proto
+
+package envoy_api_v2_endpoint
+
+import (
+	proto "github.com/golang/protobuf/proto"
+	protoreflect "google.golang.org/protobuf/reflect/protoreflect"
+	protoimpl "google.golang.org/protobuf/runtime/protoimpl"
+	reflect "reflect"
+)
+
+const (
+	// Verify that this generated code is sufficiently up-to-date.
+	_ = protoimpl.EnforceVersion(20 - protoimpl.MinVersion)
+	// Verify that runtime/protoimpl is sufficiently up-to-date.
+	_ = protoimpl.EnforceVersion(protoimpl.MaxVersion - 20)
+)
+
+// This is a compile-time assertion that a sufficiently up-to-date version
+// of the legacy proto package is being used.
+const _ = proto.ProtoPackageIsVersion4
+
+var File_envoy_api_v2_endpoint_endpoint_proto protoreflect.FileDescriptor
+
+var file_envoy_api_v2_endpoint_endpoint_proto_rawDesc = []byte{
+	0x0a, 0x24, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2f, 0x61, 0x70, 0x69, 0x2f, 0x76, 0x32, 0x2f, 0x65,
+	0x6e, 0x64, 0x70, 0x6f, 0x69, 0x6e, 0x74, 0x2f, 0x65, 0x6e, 0x64, 0x70, 0x6f, 0x69, 0x6e, 0x74,
+	0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x12, 0x15, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61, 0x70,
+	0x69, 0x2e, 0x76, 0x32, 0x2e, 0x65, 0x6e, 0x64, 0x70, 0x6f, 0x69, 0x6e, 0x74, 0x1a, 0x2f, 0x65,
+	0x6e, 0x76, 0x6f, 0x79, 0x2f, 0x61, 0x70, 0x69, 0x2f, 0x76, 0x32, 0x2f, 0x65, 0x6e, 0x64, 0x70,
+	0x6f, 0x69, 0x6e, 0x74, 0x2f, 0x65, 0x6e, 0x64, 0x70, 0x6f, 0x69, 0x6e, 0x74, 0x5f, 0x63, 0x6f,
+	0x6d, 0x70, 0x6f, 0x6e, 0x65, 0x6e, 0x74, 0x73, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x42, 0x36,
+	0x0a, 0x23, 0x69, 0x6f, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x70, 0x72, 0x6f, 0x78, 0x79, 0x2e,
+	0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x76, 0x32, 0x2e, 0x65, 0x6e, 0x64,
+	0x70, 0x6f, 0x69, 0x6e, 0x74, 0x42, 0x0d, 0x45, 0x6e, 0x64, 0x70, 0x6f, 0x69, 0x6e, 0x74, 0x50,
+	0x72, 0x6f, 0x74, 0x6f, 0x50, 0x01, 0x50, 0x00, 0x62, 0x06, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x33,
+}
+
+var file_envoy_api_v2_endpoint_endpoint_proto_goTypes = []interface{}{}
+var file_envoy_api_v2_endpoint_endpoint_proto_depIdxs = []int32{
+	0, // [0:0] is the sub-list for method output_type
+	0, // [0:0] is the sub-list for method input_type
+	0, // [0:0] is the sub-list for extension type_name
+	0, // [0:0] is the sub-list for extension extendee
+	0, // [0:0] is the sub-list for field type_name
+}
+
+func init() { file_envoy_api_v2_endpoint_endpoint_proto_init() }
+func file_envoy_api_v2_endpoint_endpoint_proto_init() {
+	if File_envoy_api_v2_endpoint_endpoint_proto != nil {
+		return
+	}
+	file_envoy_api_v2_endpoint_endpoint_components_proto_init()
+	type x struct{}
+	out := protoimpl.TypeBuilder{
+		File: protoimpl.DescBuilder{
+			GoPackagePath: reflect.TypeOf(x{}).PkgPath(),
+			RawDescriptor: file_envoy_api_v2_endpoint_endpoint_proto_rawDesc,
+			NumEnums:      0,
+			NumMessages:   0,
+			NumExtensions: 0,
+			NumServices:   0,
+		},
+		GoTypes:           file_envoy_api_v2_endpoint_endpoint_proto_goTypes,
+		DependencyIndexes: file_envoy_api_v2_endpoint_endpoint_proto_depIdxs,
+	}.Build()
+	File_envoy_api_v2_endpoint_endpoint_proto = out.File
+	file_envoy_api_v2_endpoint_endpoint_proto_rawDesc = nil
+	file_envoy_api_v2_endpoint_endpoint_proto_goTypes = nil
+	file_envoy_api_v2_endpoint_endpoint_proto_depIdxs = nil
+}
diff --git a/vendor/github.com/envoyproxy/go-control-plane/envoy/api/v2/endpoint/endpoint.pb.validate.go b/vendor/github.com/envoyproxy/go-control-plane/envoy/api/v2/endpoint/endpoint.pb.validate.go
new file mode 100644
index 00000000000..a83fcece022
--- /dev/null
+++ b/vendor/github.com/envoyproxy/go-control-plane/envoy/api/v2/endpoint/endpoint.pb.validate.go
@@ -0,0 +1,36 @@
+// Code generated by protoc-gen-validate. DO NOT EDIT.
+// source: envoy/api/v2/endpoint/endpoint.proto
+
+package envoy_api_v2_endpoint
+
+import (
+	"bytes"
+	"errors"
+	"fmt"
+	"net"
+	"net/mail"
+	"net/url"
+	"regexp"
+	"sort"
+	"strings"
+	"time"
+	"unicode/utf8"
+
+	"google.golang.org/protobuf/types/known/anypb"
+)
+
+// ensure the imports are used
+var (
+	_ = bytes.MinRead
+	_ = errors.New("")
+	_ = fmt.Print
+	_ = utf8.UTFMax
+	_ = (*regexp.Regexp)(nil)
+	_ = (*strings.Reader)(nil)
+	_ = net.IPv4len
+	_ = time.Duration(0)
+	_ = (*url.URL)(nil)
+	_ = (*mail.Address)(nil)
+	_ = anypb.Any{}
+	_ = sort.Sort
+)
diff --git a/vendor/github.com/envoyproxy/go-control-plane/envoy/api/v2/endpoint/endpoint_components.pb.go b/vendor/github.com/envoyproxy/go-control-plane/envoy/api/v2/endpoint/endpoint_components.pb.go
new file mode 100644
index 00000000000..175cac2ab91
--- /dev/null
+++ b/vendor/github.com/envoyproxy/go-control-plane/envoy/api/v2/endpoint/endpoint_components.pb.go
@@ -0,0 +1,632 @@
+// Code generated by protoc-gen-go. DO NOT EDIT.
+// versions:
+// 	protoc-gen-go v1.25.0
+// 	protoc        v3.19.1
+// source: envoy/api/v2/endpoint/endpoint_components.proto
+
+package envoy_api_v2_endpoint
+
+import (
+	_ "github.com/cncf/xds/go/udpa/annotations"
+	core "github.com/envoyproxy/go-control-plane/envoy/api/v2/core"
+	_ "github.com/envoyproxy/protoc-gen-validate/validate"
+	proto "github.com/golang/protobuf/proto"
+	wrappers "github.com/golang/protobuf/ptypes/wrappers"
+	protoreflect "google.golang.org/protobuf/reflect/protoreflect"
+	protoimpl "google.golang.org/protobuf/runtime/protoimpl"
+	reflect "reflect"
+	sync "sync"
+)
+
+const (
+	// Verify that this generated code is sufficiently up-to-date.
+	_ = protoimpl.EnforceVersion(20 - protoimpl.MinVersion)
+	// Verify that runtime/protoimpl is sufficiently up-to-date.
+	_ = protoimpl.EnforceVersion(protoimpl.MaxVersion - 20)
+)
+
+// This is a compile-time assertion that a sufficiently up-to-date version
+// of the legacy proto package is being used.
+const _ = proto.ProtoPackageIsVersion4
+
+// Upstream host identifier.
+type Endpoint struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// The upstream host address.
+	//
+	// .. attention::
+	//
+	//   The form of host address depends on the given cluster type. For STATIC or EDS,
+	//   it is expected to be a direct IP address (or something resolvable by the
+	//   specified :ref:`resolver <envoy_api_field_core.SocketAddress.resolver_name>`
+	//   in the Address). For LOGICAL or STRICT DNS, it is expected to be hostname,
+	//   and will be resolved via DNS.
+	Address *core.Address `protobuf:"bytes,1,opt,name=address,proto3" json:"address,omitempty"`
+	// The optional health check configuration is used as configuration for the
+	// health checker to contact the health checked host.
+	//
+	// .. attention::
+	//
+	//   This takes into effect only for upstream clusters with
+	//   :ref:`active health checking <arch_overview_health_checking>` enabled.
+	HealthCheckConfig *Endpoint_HealthCheckConfig `protobuf:"bytes,2,opt,name=health_check_config,json=healthCheckConfig,proto3" json:"health_check_config,omitempty"`
+	// The hostname associated with this endpoint. This hostname is not used for routing or address
+	// resolution. If provided, it will be associated with the endpoint, and can be used for features
+	// that require a hostname, like
+	// :ref:`auto_host_rewrite <envoy_api_field_route.RouteAction.auto_host_rewrite>`.
+	Hostname string `protobuf:"bytes,3,opt,name=hostname,proto3" json:"hostname,omitempty"`
+}
+
+func (x *Endpoint) Reset() {
+	*x = Endpoint{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_api_v2_endpoint_endpoint_components_proto_msgTypes[0]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *Endpoint) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*Endpoint) ProtoMessage() {}
+
+func (x *Endpoint) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_api_v2_endpoint_endpoint_components_proto_msgTypes[0]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use Endpoint.ProtoReflect.Descriptor instead.
+func (*Endpoint) Descriptor() ([]byte, []int) {
+	return file_envoy_api_v2_endpoint_endpoint_components_proto_rawDescGZIP(), []int{0}
+}
+
+func (x *Endpoint) GetAddress() *core.Address {
+	if x != nil {
+		return x.Address
+	}
+	return nil
+}
+
+func (x *Endpoint) GetHealthCheckConfig() *Endpoint_HealthCheckConfig {
+	if x != nil {
+		return x.HealthCheckConfig
+	}
+	return nil
+}
+
+func (x *Endpoint) GetHostname() string {
+	if x != nil {
+		return x.Hostname
+	}
+	return ""
+}
+
+// An Endpoint that Envoy can route traffic to.
+// [#next-free-field: 6]
+type LbEndpoint struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// Upstream host identifier or a named reference.
+	//
+	// Types that are assignable to HostIdentifier:
+	//	*LbEndpoint_Endpoint
+	//	*LbEndpoint_EndpointName
+	HostIdentifier isLbEndpoint_HostIdentifier `protobuf_oneof:"host_identifier"`
+	// Optional health status when known and supplied by EDS server.
+	HealthStatus core.HealthStatus `protobuf:"varint,2,opt,name=health_status,json=healthStatus,proto3,enum=envoy.api.v2.core.HealthStatus" json:"health_status,omitempty"`
+	// The endpoint metadata specifies values that may be used by the load
+	// balancer to select endpoints in a cluster for a given request. The filter
+	// name should be specified as *envoy.lb*. An example boolean key-value pair
+	// is *canary*, providing the optional canary status of the upstream host.
+	// This may be matched against in a route's
+	// :ref:`RouteAction <envoy_api_msg_route.RouteAction>` metadata_match field
+	// to subset the endpoints considered in cluster load balancing.
+	Metadata *core.Metadata `protobuf:"bytes,3,opt,name=metadata,proto3" json:"metadata,omitempty"`
+	// The optional load balancing weight of the upstream host; at least 1.
+	// Envoy uses the load balancing weight in some of the built in load
+	// balancers. The load balancing weight for an endpoint is divided by the sum
+	// of the weights of all endpoints in the endpoint's locality to produce a
+	// percentage of traffic for the endpoint. This percentage is then further
+	// weighted by the endpoint's locality's load balancing weight from
+	// LocalityLbEndpoints. If unspecified, each host is presumed to have equal
+	// weight in a locality. The sum of the weights of all endpoints in the
+	// endpoint's locality must not exceed uint32_t maximal value (4294967295).
+	LoadBalancingWeight *wrappers.UInt32Value `protobuf:"bytes,4,opt,name=load_balancing_weight,json=loadBalancingWeight,proto3" json:"load_balancing_weight,omitempty"`
+}
+
+func (x *LbEndpoint) Reset() {
+	*x = LbEndpoint{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_api_v2_endpoint_endpoint_components_proto_msgTypes[1]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *LbEndpoint) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*LbEndpoint) ProtoMessage() {}
+
+func (x *LbEndpoint) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_api_v2_endpoint_endpoint_components_proto_msgTypes[1]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use LbEndpoint.ProtoReflect.Descriptor instead.
+func (*LbEndpoint) Descriptor() ([]byte, []int) {
+	return file_envoy_api_v2_endpoint_endpoint_components_proto_rawDescGZIP(), []int{1}
+}
+
+func (m *LbEndpoint) GetHostIdentifier() isLbEndpoint_HostIdentifier {
+	if m != nil {
+		return m.HostIdentifier
+	}
+	return nil
+}
+
+func (x *LbEndpoint) GetEndpoint() *Endpoint {
+	if x, ok := x.GetHostIdentifier().(*LbEndpoint_Endpoint); ok {
+		return x.Endpoint
+	}
+	return nil
+}
+
+func (x *LbEndpoint) GetEndpointName() string {
+	if x, ok := x.GetHostIdentifier().(*LbEndpoint_EndpointName); ok {
+		return x.EndpointName
+	}
+	return ""
+}
+
+func (x *LbEndpoint) GetHealthStatus() core.HealthStatus {
+	if x != nil {
+		return x.HealthStatus
+	}
+	return core.HealthStatus_UNKNOWN
+}
+
+func (x *LbEndpoint) GetMetadata() *core.Metadata {
+	if x != nil {
+		return x.Metadata
+	}
+	return nil
+}
+
+func (x *LbEndpoint) GetLoadBalancingWeight() *wrappers.UInt32Value {
+	if x != nil {
+		return x.LoadBalancingWeight
+	}
+	return nil
+}
+
+type isLbEndpoint_HostIdentifier interface {
+	isLbEndpoint_HostIdentifier()
+}
+
+type LbEndpoint_Endpoint struct {
+	Endpoint *Endpoint `protobuf:"bytes,1,opt,name=endpoint,proto3,oneof"`
+}
+
+type LbEndpoint_EndpointName struct {
+	// [#not-implemented-hide:]
+	EndpointName string `protobuf:"bytes,5,opt,name=endpoint_name,json=endpointName,proto3,oneof"`
+}
+
+func (*LbEndpoint_Endpoint) isLbEndpoint_HostIdentifier() {}
+
+func (*LbEndpoint_EndpointName) isLbEndpoint_HostIdentifier() {}
+
+// A group of endpoints belonging to a Locality.
+// One can have multiple LocalityLbEndpoints for a locality, but this is
+// generally only done if the different groups need to have different load
+// balancing weights or different priorities.
+// [#next-free-field: 7]
+type LocalityLbEndpoints struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// Identifies location of where the upstream hosts run.
+	Locality *core.Locality `protobuf:"bytes,1,opt,name=locality,proto3" json:"locality,omitempty"`
+	// The group of endpoints belonging to the locality specified.
+	LbEndpoints []*LbEndpoint `protobuf:"bytes,2,rep,name=lb_endpoints,json=lbEndpoints,proto3" json:"lb_endpoints,omitempty"`
+	// Optional: Per priority/region/zone/sub_zone weight; at least 1. The load
+	// balancing weight for a locality is divided by the sum of the weights of all
+	// localities  at the same priority level to produce the effective percentage
+	// of traffic for the locality. The sum of the weights of all localities at
+	// the same priority level must not exceed uint32_t maximal value (4294967295).
+	//
+	// Locality weights are only considered when :ref:`locality weighted load
+	// balancing <arch_overview_load_balancing_locality_weighted_lb>` is
+	// configured. These weights are ignored otherwise. If no weights are
+	// specified when locality weighted load balancing is enabled, the locality is
+	// assigned no load.
+	LoadBalancingWeight *wrappers.UInt32Value `protobuf:"bytes,3,opt,name=load_balancing_weight,json=loadBalancingWeight,proto3" json:"load_balancing_weight,omitempty"`
+	// Optional: the priority for this LocalityLbEndpoints. If unspecified this will
+	// default to the highest priority (0).
+	//
+	// Under usual circumstances, Envoy will only select endpoints for the highest
+	// priority (0). In the event all endpoints for a particular priority are
+	// unavailable/unhealthy, Envoy will fail over to selecting endpoints for the
+	// next highest priority group.
+	//
+	// Priorities should range from 0 (highest) to N (lowest) without skipping.
+	Priority uint32 `protobuf:"varint,5,opt,name=priority,proto3" json:"priority,omitempty"`
+	// Optional: Per locality proximity value which indicates how close this
+	// locality is from the source locality. This value only provides ordering
+	// information (lower the value, closer it is to the source locality).
+	// This will be consumed by load balancing schemes that need proximity order
+	// to determine where to route the requests.
+	// [#not-implemented-hide:]
+	Proximity *wrappers.UInt32Value `protobuf:"bytes,6,opt,name=proximity,proto3" json:"proximity,omitempty"`
+}
+
+func (x *LocalityLbEndpoints) Reset() {
+	*x = LocalityLbEndpoints{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_api_v2_endpoint_endpoint_components_proto_msgTypes[2]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *LocalityLbEndpoints) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*LocalityLbEndpoints) ProtoMessage() {}
+
+func (x *LocalityLbEndpoints) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_api_v2_endpoint_endpoint_components_proto_msgTypes[2]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use LocalityLbEndpoints.ProtoReflect.Descriptor instead.
+func (*LocalityLbEndpoints) Descriptor() ([]byte, []int) {
+	return file_envoy_api_v2_endpoint_endpoint_components_proto_rawDescGZIP(), []int{2}
+}
+
+func (x *LocalityLbEndpoints) GetLocality() *core.Locality {
+	if x != nil {
+		return x.Locality
+	}
+	return nil
+}
+
+func (x *LocalityLbEndpoints) GetLbEndpoints() []*LbEndpoint {
+	if x != nil {
+		return x.LbEndpoints
+	}
+	return nil
+}
+
+func (x *LocalityLbEndpoints) GetLoadBalancingWeight() *wrappers.UInt32Value {
+	if x != nil {
+		return x.LoadBalancingWeight
+	}
+	return nil
+}
+
+func (x *LocalityLbEndpoints) GetPriority() uint32 {
+	if x != nil {
+		return x.Priority
+	}
+	return 0
+}
+
+func (x *LocalityLbEndpoints) GetProximity() *wrappers.UInt32Value {
+	if x != nil {
+		return x.Proximity
+	}
+	return nil
+}
+
+// The optional health check configuration.
+type Endpoint_HealthCheckConfig struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// Optional alternative health check port value.
+	//
+	// By default the health check address port of an upstream host is the same
+	// as the host's serving address port. This provides an alternative health
+	// check port. Setting this with a non-zero value allows an upstream host
+	// to have different health check address port.
+	PortValue uint32 `protobuf:"varint,1,opt,name=port_value,json=portValue,proto3" json:"port_value,omitempty"`
+	// By default, the host header for L7 health checks is controlled by cluster level configuration
+	// (see: :ref:`host <envoy_api_field_core.HealthCheck.HttpHealthCheck.host>` and
+	// :ref:`authority <envoy_api_field_core.HealthCheck.GrpcHealthCheck.authority>`). Setting this
+	// to a non-empty value allows overriding the cluster level configuration for a specific
+	// endpoint.
+	Hostname string `protobuf:"bytes,2,opt,name=hostname,proto3" json:"hostname,omitempty"`
+}
+
+func (x *Endpoint_HealthCheckConfig) Reset() {
+	*x = Endpoint_HealthCheckConfig{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_api_v2_endpoint_endpoint_components_proto_msgTypes[3]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *Endpoint_HealthCheckConfig) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*Endpoint_HealthCheckConfig) ProtoMessage() {}
+
+func (x *Endpoint_HealthCheckConfig) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_api_v2_endpoint_endpoint_components_proto_msgTypes[3]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use Endpoint_HealthCheckConfig.ProtoReflect.Descriptor instead.
+func (*Endpoint_HealthCheckConfig) Descriptor() ([]byte, []int) {
+	return file_envoy_api_v2_endpoint_endpoint_components_proto_rawDescGZIP(), []int{0, 0}
+}
+
+func (x *Endpoint_HealthCheckConfig) GetPortValue() uint32 {
+	if x != nil {
+		return x.PortValue
+	}
+	return 0
+}
+
+func (x *Endpoint_HealthCheckConfig) GetHostname() string {
+	if x != nil {
+		return x.Hostname
+	}
+	return ""
+}
+
+var File_envoy_api_v2_endpoint_endpoint_components_proto protoreflect.FileDescriptor
+
+var file_envoy_api_v2_endpoint_endpoint_components_proto_rawDesc = []byte{
+	0x0a, 0x2f, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2f, 0x61, 0x70, 0x69, 0x2f, 0x76, 0x32, 0x2f, 0x65,
+	0x6e, 0x64, 0x70, 0x6f, 0x69, 0x6e, 0x74, 0x2f, 0x65, 0x6e, 0x64, 0x70, 0x6f, 0x69, 0x6e, 0x74,
+	0x5f, 0x63, 0x6f, 0x6d, 0x70, 0x6f, 0x6e, 0x65, 0x6e, 0x74, 0x73, 0x2e, 0x70, 0x72, 0x6f, 0x74,
+	0x6f, 0x12, 0x15, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x76, 0x32, 0x2e,
+	0x65, 0x6e, 0x64, 0x70, 0x6f, 0x69, 0x6e, 0x74, 0x1a, 0x1f, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2f,
+	0x61, 0x70, 0x69, 0x2f, 0x76, 0x32, 0x2f, 0x63, 0x6f, 0x72, 0x65, 0x2f, 0x61, 0x64, 0x64, 0x72,
+	0x65, 0x73, 0x73, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x1c, 0x65, 0x6e, 0x76, 0x6f, 0x79,
+	0x2f, 0x61, 0x70, 0x69, 0x2f, 0x76, 0x32, 0x2f, 0x63, 0x6f, 0x72, 0x65, 0x2f, 0x62, 0x61, 0x73,
+	0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x24, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2f, 0x61,
+	0x70, 0x69, 0x2f, 0x76, 0x32, 0x2f, 0x63, 0x6f, 0x72, 0x65, 0x2f, 0x68, 0x65, 0x61, 0x6c, 0x74,
+	0x68, 0x5f, 0x63, 0x68, 0x65, 0x63, 0x6b, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x1e, 0x67,
+	0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2f, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2f, 0x77,
+	0x72, 0x61, 0x70, 0x70, 0x65, 0x72, 0x73, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x1e, 0x75,
+	0x64, 0x70, 0x61, 0x2f, 0x61, 0x6e, 0x6e, 0x6f, 0x74, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x2f,
+	0x6d, 0x69, 0x67, 0x72, 0x61, 0x74, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x1d, 0x75,
+	0x64, 0x70, 0x61, 0x2f, 0x61, 0x6e, 0x6e, 0x6f, 0x74, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x2f,
+	0x73, 0x74, 0x61, 0x74, 0x75, 0x73, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x17, 0x76, 0x61,
+	0x6c, 0x69, 0x64, 0x61, 0x74, 0x65, 0x2f, 0x76, 0x61, 0x6c, 0x69, 0x64, 0x61, 0x74, 0x65, 0x2e,
+	0x70, 0x72, 0x6f, 0x74, 0x6f, 0x22, 0x9a, 0x02, 0x0a, 0x08, 0x45, 0x6e, 0x64, 0x70, 0x6f, 0x69,
+	0x6e, 0x74, 0x12, 0x34, 0x0a, 0x07, 0x61, 0x64, 0x64, 0x72, 0x65, 0x73, 0x73, 0x18, 0x01, 0x20,
+	0x01, 0x28, 0x0b, 0x32, 0x1a, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61, 0x70, 0x69, 0x2e,
+	0x76, 0x32, 0x2e, 0x63, 0x6f, 0x72, 0x65, 0x2e, 0x41, 0x64, 0x64, 0x72, 0x65, 0x73, 0x73, 0x52,
+	0x07, 0x61, 0x64, 0x64, 0x72, 0x65, 0x73, 0x73, 0x12, 0x61, 0x0a, 0x13, 0x68, 0x65, 0x61, 0x6c,
+	0x74, 0x68, 0x5f, 0x63, 0x68, 0x65, 0x63, 0x6b, 0x5f, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x18,
+	0x02, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x31, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61, 0x70,
+	0x69, 0x2e, 0x76, 0x32, 0x2e, 0x65, 0x6e, 0x64, 0x70, 0x6f, 0x69, 0x6e, 0x74, 0x2e, 0x45, 0x6e,
+	0x64, 0x70, 0x6f, 0x69, 0x6e, 0x74, 0x2e, 0x48, 0x65, 0x61, 0x6c, 0x74, 0x68, 0x43, 0x68, 0x65,
+	0x63, 0x6b, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x52, 0x11, 0x68, 0x65, 0x61, 0x6c, 0x74, 0x68,
+	0x43, 0x68, 0x65, 0x63, 0x6b, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x12, 0x1a, 0x0a, 0x08, 0x68,
+	0x6f, 0x73, 0x74, 0x6e, 0x61, 0x6d, 0x65, 0x18, 0x03, 0x20, 0x01, 0x28, 0x09, 0x52, 0x08, 0x68,
+	0x6f, 0x73, 0x74, 0x6e, 0x61, 0x6d, 0x65, 0x1a, 0x59, 0x0a, 0x11, 0x48, 0x65, 0x61, 0x6c, 0x74,
+	0x68, 0x43, 0x68, 0x65, 0x63, 0x6b, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x12, 0x28, 0x0a, 0x0a,
+	0x70, 0x6f, 0x72, 0x74, 0x5f, 0x76, 0x61, 0x6c, 0x75, 0x65, 0x18, 0x01, 0x20, 0x01, 0x28, 0x0d,
+	0x42, 0x09, 0xfa, 0x42, 0x06, 0x2a, 0x04, 0x18, 0xff, 0xff, 0x03, 0x52, 0x09, 0x70, 0x6f, 0x72,
+	0x74, 0x56, 0x61, 0x6c, 0x75, 0x65, 0x12, 0x1a, 0x0a, 0x08, 0x68, 0x6f, 0x73, 0x74, 0x6e, 0x61,
+	0x6d, 0x65, 0x18, 0x02, 0x20, 0x01, 0x28, 0x09, 0x52, 0x08, 0x68, 0x6f, 0x73, 0x74, 0x6e, 0x61,
+	0x6d, 0x65, 0x22, 0xdf, 0x02, 0x0a, 0x0a, 0x4c, 0x62, 0x45, 0x6e, 0x64, 0x70, 0x6f, 0x69, 0x6e,
+	0x74, 0x12, 0x3d, 0x0a, 0x08, 0x65, 0x6e, 0x64, 0x70, 0x6f, 0x69, 0x6e, 0x74, 0x18, 0x01, 0x20,
+	0x01, 0x28, 0x0b, 0x32, 0x1f, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61, 0x70, 0x69, 0x2e,
+	0x76, 0x32, 0x2e, 0x65, 0x6e, 0x64, 0x70, 0x6f, 0x69, 0x6e, 0x74, 0x2e, 0x45, 0x6e, 0x64, 0x70,
+	0x6f, 0x69, 0x6e, 0x74, 0x48, 0x00, 0x52, 0x08, 0x65, 0x6e, 0x64, 0x70, 0x6f, 0x69, 0x6e, 0x74,
+	0x12, 0x25, 0x0a, 0x0d, 0x65, 0x6e, 0x64, 0x70, 0x6f, 0x69, 0x6e, 0x74, 0x5f, 0x6e, 0x61, 0x6d,
+	0x65, 0x18, 0x05, 0x20, 0x01, 0x28, 0x09, 0x48, 0x00, 0x52, 0x0c, 0x65, 0x6e, 0x64, 0x70, 0x6f,
+	0x69, 0x6e, 0x74, 0x4e, 0x61, 0x6d, 0x65, 0x12, 0x44, 0x0a, 0x0d, 0x68, 0x65, 0x61, 0x6c, 0x74,
+	0x68, 0x5f, 0x73, 0x74, 0x61, 0x74, 0x75, 0x73, 0x18, 0x02, 0x20, 0x01, 0x28, 0x0e, 0x32, 0x1f,
+	0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x76, 0x32, 0x2e, 0x63, 0x6f,
+	0x72, 0x65, 0x2e, 0x48, 0x65, 0x61, 0x6c, 0x74, 0x68, 0x53, 0x74, 0x61, 0x74, 0x75, 0x73, 0x52,
+	0x0c, 0x68, 0x65, 0x61, 0x6c, 0x74, 0x68, 0x53, 0x74, 0x61, 0x74, 0x75, 0x73, 0x12, 0x37, 0x0a,
+	0x08, 0x6d, 0x65, 0x74, 0x61, 0x64, 0x61, 0x74, 0x61, 0x18, 0x03, 0x20, 0x01, 0x28, 0x0b, 0x32,
+	0x1b, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x76, 0x32, 0x2e, 0x63,
+	0x6f, 0x72, 0x65, 0x2e, 0x4d, 0x65, 0x74, 0x61, 0x64, 0x61, 0x74, 0x61, 0x52, 0x08, 0x6d, 0x65,
+	0x74, 0x61, 0x64, 0x61, 0x74, 0x61, 0x12, 0x59, 0x0a, 0x15, 0x6c, 0x6f, 0x61, 0x64, 0x5f, 0x62,
+	0x61, 0x6c, 0x61, 0x6e, 0x63, 0x69, 0x6e, 0x67, 0x5f, 0x77, 0x65, 0x69, 0x67, 0x68, 0x74, 0x18,
+	0x04, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1c, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70,
+	0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x55, 0x49, 0x6e, 0x74, 0x33, 0x32, 0x56, 0x61,
+	0x6c, 0x75, 0x65, 0x42, 0x07, 0xfa, 0x42, 0x04, 0x2a, 0x02, 0x28, 0x01, 0x52, 0x13, 0x6c, 0x6f,
+	0x61, 0x64, 0x42, 0x61, 0x6c, 0x61, 0x6e, 0x63, 0x69, 0x6e, 0x67, 0x57, 0x65, 0x69, 0x67, 0x68,
+	0x74, 0x42, 0x11, 0x0a, 0x0f, 0x68, 0x6f, 0x73, 0x74, 0x5f, 0x69, 0x64, 0x65, 0x6e, 0x74, 0x69,
+	0x66, 0x69, 0x65, 0x72, 0x22, 0xd1, 0x02, 0x0a, 0x13, 0x4c, 0x6f, 0x63, 0x61, 0x6c, 0x69, 0x74,
+	0x79, 0x4c, 0x62, 0x45, 0x6e, 0x64, 0x70, 0x6f, 0x69, 0x6e, 0x74, 0x73, 0x12, 0x37, 0x0a, 0x08,
+	0x6c, 0x6f, 0x63, 0x61, 0x6c, 0x69, 0x74, 0x79, 0x18, 0x01, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1b,
+	0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x76, 0x32, 0x2e, 0x63, 0x6f,
+	0x72, 0x65, 0x2e, 0x4c, 0x6f, 0x63, 0x61, 0x6c, 0x69, 0x74, 0x79, 0x52, 0x08, 0x6c, 0x6f, 0x63,
+	0x61, 0x6c, 0x69, 0x74, 0x79, 0x12, 0x44, 0x0a, 0x0c, 0x6c, 0x62, 0x5f, 0x65, 0x6e, 0x64, 0x70,
+	0x6f, 0x69, 0x6e, 0x74, 0x73, 0x18, 0x02, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x21, 0x2e, 0x65, 0x6e,
+	0x76, 0x6f, 0x79, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x76, 0x32, 0x2e, 0x65, 0x6e, 0x64, 0x70, 0x6f,
+	0x69, 0x6e, 0x74, 0x2e, 0x4c, 0x62, 0x45, 0x6e, 0x64, 0x70, 0x6f, 0x69, 0x6e, 0x74, 0x52, 0x0b,
+	0x6c, 0x62, 0x45, 0x6e, 0x64, 0x70, 0x6f, 0x69, 0x6e, 0x74, 0x73, 0x12, 0x59, 0x0a, 0x15, 0x6c,
+	0x6f, 0x61, 0x64, 0x5f, 0x62, 0x61, 0x6c, 0x61, 0x6e, 0x63, 0x69, 0x6e, 0x67, 0x5f, 0x77, 0x65,
+	0x69, 0x67, 0x68, 0x74, 0x18, 0x03, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1c, 0x2e, 0x67, 0x6f, 0x6f,
+	0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x55, 0x49, 0x6e,
+	0x74, 0x33, 0x32, 0x56, 0x61, 0x6c, 0x75, 0x65, 0x42, 0x07, 0xfa, 0x42, 0x04, 0x2a, 0x02, 0x28,
+	0x01, 0x52, 0x13, 0x6c, 0x6f, 0x61, 0x64, 0x42, 0x61, 0x6c, 0x61, 0x6e, 0x63, 0x69, 0x6e, 0x67,
+	0x57, 0x65, 0x69, 0x67, 0x68, 0x74, 0x12, 0x24, 0x0a, 0x08, 0x70, 0x72, 0x69, 0x6f, 0x72, 0x69,
+	0x74, 0x79, 0x18, 0x05, 0x20, 0x01, 0x28, 0x0d, 0x42, 0x08, 0xfa, 0x42, 0x05, 0x2a, 0x03, 0x18,
+	0x80, 0x01, 0x52, 0x08, 0x70, 0x72, 0x69, 0x6f, 0x72, 0x69, 0x74, 0x79, 0x12, 0x3a, 0x0a, 0x09,
+	0x70, 0x72, 0x6f, 0x78, 0x69, 0x6d, 0x69, 0x74, 0x79, 0x18, 0x06, 0x20, 0x01, 0x28, 0x0b, 0x32,
+	0x1c, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75,
+	0x66, 0x2e, 0x55, 0x49, 0x6e, 0x74, 0x33, 0x32, 0x56, 0x61, 0x6c, 0x75, 0x65, 0x52, 0x09, 0x70,
+	0x72, 0x6f, 0x78, 0x69, 0x6d, 0x69, 0x74, 0x79, 0x42, 0x68, 0x0a, 0x23, 0x69, 0x6f, 0x2e, 0x65,
+	0x6e, 0x76, 0x6f, 0x79, 0x70, 0x72, 0x6f, 0x78, 0x79, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e,
+	0x61, 0x70, 0x69, 0x2e, 0x76, 0x32, 0x2e, 0x65, 0x6e, 0x64, 0x70, 0x6f, 0x69, 0x6e, 0x74, 0x42,
+	0x17, 0x45, 0x6e, 0x64, 0x70, 0x6f, 0x69, 0x6e, 0x74, 0x43, 0x6f, 0x6d, 0x70, 0x6f, 0x6e, 0x65,
+	0x6e, 0x74, 0x73, 0x50, 0x72, 0x6f, 0x74, 0x6f, 0x50, 0x01, 0xf2, 0x98, 0xfe, 0x8f, 0x05, 0x1a,
+	0x12, 0x18, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x65,
+	0x6e, 0x64, 0x70, 0x6f, 0x69, 0x6e, 0x74, 0x2e, 0x76, 0x33, 0xba, 0x80, 0xc8, 0xd1, 0x06, 0x02,
+	0x10, 0x01, 0x62, 0x06, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x33,
+}
+
+var (
+	file_envoy_api_v2_endpoint_endpoint_components_proto_rawDescOnce sync.Once
+	file_envoy_api_v2_endpoint_endpoint_components_proto_rawDescData = file_envoy_api_v2_endpoint_endpoint_components_proto_rawDesc
+)
+
+func file_envoy_api_v2_endpoint_endpoint_components_proto_rawDescGZIP() []byte {
+	file_envoy_api_v2_endpoint_endpoint_components_proto_rawDescOnce.Do(func() {
+		file_envoy_api_v2_endpoint_endpoint_components_proto_rawDescData = protoimpl.X.CompressGZIP(file_envoy_api_v2_endpoint_endpoint_components_proto_rawDescData)
+	})
+	return file_envoy_api_v2_endpoint_endpoint_components_proto_rawDescData
+}
+
+var file_envoy_api_v2_endpoint_endpoint_components_proto_msgTypes = make([]protoimpl.MessageInfo, 4)
+var file_envoy_api_v2_endpoint_endpoint_components_proto_goTypes = []interface{}{
+	(*Endpoint)(nil),                   // 0: envoy.api.v2.endpoint.Endpoint
+	(*LbEndpoint)(nil),                 // 1: envoy.api.v2.endpoint.LbEndpoint
+	(*LocalityLbEndpoints)(nil),        // 2: envoy.api.v2.endpoint.LocalityLbEndpoints
+	(*Endpoint_HealthCheckConfig)(nil), // 3: envoy.api.v2.endpoint.Endpoint.HealthCheckConfig
+	(*core.Address)(nil),               // 4: envoy.api.v2.core.Address
+	(core.HealthStatus)(0),             // 5: envoy.api.v2.core.HealthStatus
+	(*core.Metadata)(nil),              // 6: envoy.api.v2.core.Metadata
+	(*wrappers.UInt32Value)(nil),       // 7: google.protobuf.UInt32Value
+	(*core.Locality)(nil),              // 8: envoy.api.v2.core.Locality
+}
+var file_envoy_api_v2_endpoint_endpoint_components_proto_depIdxs = []int32{
+	4,  // 0: envoy.api.v2.endpoint.Endpoint.address:type_name -> envoy.api.v2.core.Address
+	3,  // 1: envoy.api.v2.endpoint.Endpoint.health_check_config:type_name -> envoy.api.v2.endpoint.Endpoint.HealthCheckConfig
+	0,  // 2: envoy.api.v2.endpoint.LbEndpoint.endpoint:type_name -> envoy.api.v2.endpoint.Endpoint
+	5,  // 3: envoy.api.v2.endpoint.LbEndpoint.health_status:type_name -> envoy.api.v2.core.HealthStatus
+	6,  // 4: envoy.api.v2.endpoint.LbEndpoint.metadata:type_name -> envoy.api.v2.core.Metadata
+	7,  // 5: envoy.api.v2.endpoint.LbEndpoint.load_balancing_weight:type_name -> google.protobuf.UInt32Value
+	8,  // 6: envoy.api.v2.endpoint.LocalityLbEndpoints.locality:type_name -> envoy.api.v2.core.Locality
+	1,  // 7: envoy.api.v2.endpoint.LocalityLbEndpoints.lb_endpoints:type_name -> envoy.api.v2.endpoint.LbEndpoint
+	7,  // 8: envoy.api.v2.endpoint.LocalityLbEndpoints.load_balancing_weight:type_name -> google.protobuf.UInt32Value
+	7,  // 9: envoy.api.v2.endpoint.LocalityLbEndpoints.proximity:type_name -> google.protobuf.UInt32Value
+	10, // [10:10] is the sub-list for method output_type
+	10, // [10:10] is the sub-list for method input_type
+	10, // [10:10] is the sub-list for extension type_name
+	10, // [10:10] is the sub-list for extension extendee
+	0,  // [0:10] is the sub-list for field type_name
+}
+
+func init() { file_envoy_api_v2_endpoint_endpoint_components_proto_init() }
+func file_envoy_api_v2_endpoint_endpoint_components_proto_init() {
+	if File_envoy_api_v2_endpoint_endpoint_components_proto != nil {
+		return
+	}
+	if !protoimpl.UnsafeEnabled {
+		file_envoy_api_v2_endpoint_endpoint_components_proto_msgTypes[0].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*Endpoint); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_api_v2_endpoint_endpoint_components_proto_msgTypes[1].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*LbEndpoint); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_api_v2_endpoint_endpoint_components_proto_msgTypes[2].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*LocalityLbEndpoints); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_api_v2_endpoint_endpoint_components_proto_msgTypes[3].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*Endpoint_HealthCheckConfig); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+	}
+	file_envoy_api_v2_endpoint_endpoint_components_proto_msgTypes[1].OneofWrappers = []interface{}{
+		(*LbEndpoint_Endpoint)(nil),
+		(*LbEndpoint_EndpointName)(nil),
+	}
+	type x struct{}
+	out := protoimpl.TypeBuilder{
+		File: protoimpl.DescBuilder{
+			GoPackagePath: reflect.TypeOf(x{}).PkgPath(),
+			RawDescriptor: file_envoy_api_v2_endpoint_endpoint_components_proto_rawDesc,
+			NumEnums:      0,
+			NumMessages:   4,
+			NumExtensions: 0,
+			NumServices:   0,
+		},
+		GoTypes:           file_envoy_api_v2_endpoint_endpoint_components_proto_goTypes,
+		DependencyIndexes: file_envoy_api_v2_endpoint_endpoint_components_proto_depIdxs,
+		MessageInfos:      file_envoy_api_v2_endpoint_endpoint_components_proto_msgTypes,
+	}.Build()
+	File_envoy_api_v2_endpoint_endpoint_components_proto = out.File
+	file_envoy_api_v2_endpoint_endpoint_components_proto_rawDesc = nil
+	file_envoy_api_v2_endpoint_endpoint_components_proto_goTypes = nil
+	file_envoy_api_v2_endpoint_endpoint_components_proto_depIdxs = nil
+}
diff --git a/vendor/github.com/envoyproxy/go-control-plane/envoy/api/v2/endpoint/endpoint_components.pb.validate.go b/vendor/github.com/envoyproxy/go-control-plane/envoy/api/v2/endpoint/endpoint_components.pb.validate.go
new file mode 100644
index 00000000000..4c3b6aef91b
--- /dev/null
+++ b/vendor/github.com/envoyproxy/go-control-plane/envoy/api/v2/endpoint/endpoint_components.pb.validate.go
@@ -0,0 +1,713 @@
+// Code generated by protoc-gen-validate. DO NOT EDIT.
+// source: envoy/api/v2/endpoint/endpoint_components.proto
+
+package envoy_api_v2_endpoint
+
+import (
+	"bytes"
+	"errors"
+	"fmt"
+	"net"
+	"net/mail"
+	"net/url"
+	"regexp"
+	"sort"
+	"strings"
+	"time"
+	"unicode/utf8"
+
+	"google.golang.org/protobuf/types/known/anypb"
+
+	core "github.com/envoyproxy/go-control-plane/envoy/api/v2/core"
+)
+
+// ensure the imports are used
+var (
+	_ = bytes.MinRead
+	_ = errors.New("")
+	_ = fmt.Print
+	_ = utf8.UTFMax
+	_ = (*regexp.Regexp)(nil)
+	_ = (*strings.Reader)(nil)
+	_ = net.IPv4len
+	_ = time.Duration(0)
+	_ = (*url.URL)(nil)
+	_ = (*mail.Address)(nil)
+	_ = anypb.Any{}
+	_ = sort.Sort
+
+	_ = core.HealthStatus(0)
+)
+
+// Validate checks the field values on Endpoint with the rules defined in the
+// proto definition for this message. If any rules are violated, the first
+// error encountered is returned, or nil if there are no violations.
+func (m *Endpoint) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on Endpoint with the rules defined in
+// the proto definition for this message. If any rules are violated, the
+// result is a list of violation errors wrapped in EndpointMultiError, or nil
+// if none found.
+func (m *Endpoint) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *Endpoint) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	if all {
+		switch v := interface{}(m.GetAddress()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, EndpointValidationError{
+					field:  "Address",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, EndpointValidationError{
+					field:  "Address",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetAddress()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return EndpointValidationError{
+				field:  "Address",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if all {
+		switch v := interface{}(m.GetHealthCheckConfig()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, EndpointValidationError{
+					field:  "HealthCheckConfig",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, EndpointValidationError{
+					field:  "HealthCheckConfig",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetHealthCheckConfig()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return EndpointValidationError{
+				field:  "HealthCheckConfig",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	// no validation rules for Hostname
+
+	if len(errors) > 0 {
+		return EndpointMultiError(errors)
+	}
+	return nil
+}
+
+// EndpointMultiError is an error wrapping multiple validation errors returned
+// by Endpoint.ValidateAll() if the designated constraints aren't met.
+type EndpointMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m EndpointMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m EndpointMultiError) AllErrors() []error { return m }
+
+// EndpointValidationError is the validation error returned by
+// Endpoint.Validate if the designated constraints aren't met.
+type EndpointValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e EndpointValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e EndpointValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e EndpointValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e EndpointValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e EndpointValidationError) ErrorName() string { return "EndpointValidationError" }
+
+// Error satisfies the builtin error interface
+func (e EndpointValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sEndpoint.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = EndpointValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = EndpointValidationError{}
+
+// Validate checks the field values on LbEndpoint with the rules defined in the
+// proto definition for this message. If any rules are violated, the first
+// error encountered is returned, or nil if there are no violations.
+func (m *LbEndpoint) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on LbEndpoint with the rules defined in
+// the proto definition for this message. If any rules are violated, the
+// result is a list of violation errors wrapped in LbEndpointMultiError, or
+// nil if none found.
+func (m *LbEndpoint) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *LbEndpoint) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	// no validation rules for HealthStatus
+
+	if all {
+		switch v := interface{}(m.GetMetadata()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, LbEndpointValidationError{
+					field:  "Metadata",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, LbEndpointValidationError{
+					field:  "Metadata",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetMetadata()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return LbEndpointValidationError{
+				field:  "Metadata",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if wrapper := m.GetLoadBalancingWeight(); wrapper != nil {
+
+		if wrapper.GetValue() < 1 {
+			err := LbEndpointValidationError{
+				field:  "LoadBalancingWeight",
+				reason: "value must be greater than or equal to 1",
+			}
+			if !all {
+				return err
+			}
+			errors = append(errors, err)
+		}
+
+	}
+
+	switch m.HostIdentifier.(type) {
+
+	case *LbEndpoint_Endpoint:
+
+		if all {
+			switch v := interface{}(m.GetEndpoint()).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, LbEndpointValidationError{
+						field:  "Endpoint",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, LbEndpointValidationError{
+						field:  "Endpoint",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(m.GetEndpoint()).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return LbEndpointValidationError{
+					field:  "Endpoint",
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	case *LbEndpoint_EndpointName:
+		// no validation rules for EndpointName
+
+	}
+
+	if len(errors) > 0 {
+		return LbEndpointMultiError(errors)
+	}
+	return nil
+}
+
+// LbEndpointMultiError is an error wrapping multiple validation errors
+// returned by LbEndpoint.ValidateAll() if the designated constraints aren't met.
+type LbEndpointMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m LbEndpointMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m LbEndpointMultiError) AllErrors() []error { return m }
+
+// LbEndpointValidationError is the validation error returned by
+// LbEndpoint.Validate if the designated constraints aren't met.
+type LbEndpointValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e LbEndpointValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e LbEndpointValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e LbEndpointValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e LbEndpointValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e LbEndpointValidationError) ErrorName() string { return "LbEndpointValidationError" }
+
+// Error satisfies the builtin error interface
+func (e LbEndpointValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sLbEndpoint.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = LbEndpointValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = LbEndpointValidationError{}
+
+// Validate checks the field values on LocalityLbEndpoints with the rules
+// defined in the proto definition for this message. If any rules are
+// violated, the first error encountered is returned, or nil if there are no violations.
+func (m *LocalityLbEndpoints) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on LocalityLbEndpoints with the rules
+// defined in the proto definition for this message. If any rules are
+// violated, the result is a list of violation errors wrapped in
+// LocalityLbEndpointsMultiError, or nil if none found.
+func (m *LocalityLbEndpoints) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *LocalityLbEndpoints) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	if all {
+		switch v := interface{}(m.GetLocality()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, LocalityLbEndpointsValidationError{
+					field:  "Locality",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, LocalityLbEndpointsValidationError{
+					field:  "Locality",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetLocality()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return LocalityLbEndpointsValidationError{
+				field:  "Locality",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	for idx, item := range m.GetLbEndpoints() {
+		_, _ = idx, item
+
+		if all {
+			switch v := interface{}(item).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, LocalityLbEndpointsValidationError{
+						field:  fmt.Sprintf("LbEndpoints[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, LocalityLbEndpointsValidationError{
+						field:  fmt.Sprintf("LbEndpoints[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(item).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return LocalityLbEndpointsValidationError{
+					field:  fmt.Sprintf("LbEndpoints[%v]", idx),
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	}
+
+	if wrapper := m.GetLoadBalancingWeight(); wrapper != nil {
+
+		if wrapper.GetValue() < 1 {
+			err := LocalityLbEndpointsValidationError{
+				field:  "LoadBalancingWeight",
+				reason: "value must be greater than or equal to 1",
+			}
+			if !all {
+				return err
+			}
+			errors = append(errors, err)
+		}
+
+	}
+
+	if m.GetPriority() > 128 {
+		err := LocalityLbEndpointsValidationError{
+			field:  "Priority",
+			reason: "value must be less than or equal to 128",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+	}
+
+	if all {
+		switch v := interface{}(m.GetProximity()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, LocalityLbEndpointsValidationError{
+					field:  "Proximity",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, LocalityLbEndpointsValidationError{
+					field:  "Proximity",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetProximity()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return LocalityLbEndpointsValidationError{
+				field:  "Proximity",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if len(errors) > 0 {
+		return LocalityLbEndpointsMultiError(errors)
+	}
+	return nil
+}
+
+// LocalityLbEndpointsMultiError is an error wrapping multiple validation
+// errors returned by LocalityLbEndpoints.ValidateAll() if the designated
+// constraints aren't met.
+type LocalityLbEndpointsMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m LocalityLbEndpointsMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m LocalityLbEndpointsMultiError) AllErrors() []error { return m }
+
+// LocalityLbEndpointsValidationError is the validation error returned by
+// LocalityLbEndpoints.Validate if the designated constraints aren't met.
+type LocalityLbEndpointsValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e LocalityLbEndpointsValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e LocalityLbEndpointsValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e LocalityLbEndpointsValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e LocalityLbEndpointsValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e LocalityLbEndpointsValidationError) ErrorName() string {
+	return "LocalityLbEndpointsValidationError"
+}
+
+// Error satisfies the builtin error interface
+func (e LocalityLbEndpointsValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sLocalityLbEndpoints.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = LocalityLbEndpointsValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = LocalityLbEndpointsValidationError{}
+
+// Validate checks the field values on Endpoint_HealthCheckConfig with the
+// rules defined in the proto definition for this message. If any rules are
+// violated, the first error encountered is returned, or nil if there are no violations.
+func (m *Endpoint_HealthCheckConfig) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on Endpoint_HealthCheckConfig with the
+// rules defined in the proto definition for this message. If any rules are
+// violated, the result is a list of violation errors wrapped in
+// Endpoint_HealthCheckConfigMultiError, or nil if none found.
+func (m *Endpoint_HealthCheckConfig) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *Endpoint_HealthCheckConfig) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	if m.GetPortValue() > 65535 {
+		err := Endpoint_HealthCheckConfigValidationError{
+			field:  "PortValue",
+			reason: "value must be less than or equal to 65535",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+	}
+
+	// no validation rules for Hostname
+
+	if len(errors) > 0 {
+		return Endpoint_HealthCheckConfigMultiError(errors)
+	}
+	return nil
+}
+
+// Endpoint_HealthCheckConfigMultiError is an error wrapping multiple
+// validation errors returned by Endpoint_HealthCheckConfig.ValidateAll() if
+// the designated constraints aren't met.
+type Endpoint_HealthCheckConfigMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m Endpoint_HealthCheckConfigMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m Endpoint_HealthCheckConfigMultiError) AllErrors() []error { return m }
+
+// Endpoint_HealthCheckConfigValidationError is the validation error returned
+// by Endpoint_HealthCheckConfig.Validate if the designated constraints aren't met.
+type Endpoint_HealthCheckConfigValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e Endpoint_HealthCheckConfigValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e Endpoint_HealthCheckConfigValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e Endpoint_HealthCheckConfigValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e Endpoint_HealthCheckConfigValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e Endpoint_HealthCheckConfigValidationError) ErrorName() string {
+	return "Endpoint_HealthCheckConfigValidationError"
+}
+
+// Error satisfies the builtin error interface
+func (e Endpoint_HealthCheckConfigValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sEndpoint_HealthCheckConfig.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = Endpoint_HealthCheckConfigValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = Endpoint_HealthCheckConfigValidationError{}
diff --git a/vendor/github.com/envoyproxy/go-control-plane/envoy/api/v2/endpoint/load_report.pb.go b/vendor/github.com/envoyproxy/go-control-plane/envoy/api/v2/endpoint/load_report.pb.go
new file mode 100644
index 00000000000..c6ffd2953e6
--- /dev/null
+++ b/vendor/github.com/envoyproxy/go-control-plane/envoy/api/v2/endpoint/load_report.pb.go
@@ -0,0 +1,773 @@
+// Code generated by protoc-gen-go. DO NOT EDIT.
+// versions:
+// 	protoc-gen-go v1.25.0
+// 	protoc        v3.19.1
+// source: envoy/api/v2/endpoint/load_report.proto
+
+package envoy_api_v2_endpoint
+
+import (
+	_ "github.com/cncf/xds/go/udpa/annotations"
+	core "github.com/envoyproxy/go-control-plane/envoy/api/v2/core"
+	_ "github.com/envoyproxy/protoc-gen-validate/validate"
+	proto "github.com/golang/protobuf/proto"
+	duration "github.com/golang/protobuf/ptypes/duration"
+	_struct "github.com/golang/protobuf/ptypes/struct"
+	protoreflect "google.golang.org/protobuf/reflect/protoreflect"
+	protoimpl "google.golang.org/protobuf/runtime/protoimpl"
+	reflect "reflect"
+	sync "sync"
+)
+
+const (
+	// Verify that this generated code is sufficiently up-to-date.
+	_ = protoimpl.EnforceVersion(20 - protoimpl.MinVersion)
+	// Verify that runtime/protoimpl is sufficiently up-to-date.
+	_ = protoimpl.EnforceVersion(protoimpl.MaxVersion - 20)
+)
+
+// This is a compile-time assertion that a sufficiently up-to-date version
+// of the legacy proto package is being used.
+const _ = proto.ProtoPackageIsVersion4
+
+// These are stats Envoy reports to GLB every so often. Report frequency is
+// defined by
+// :ref:`LoadStatsResponse.load_reporting_interval<envoy_api_field_service.load_stats.v2.LoadStatsResponse.load_reporting_interval>`.
+// Stats per upstream region/zone and optionally per subzone.
+// [#not-implemented-hide:] Not configuration. TBD how to doc proto APIs.
+// [#next-free-field: 9]
+type UpstreamLocalityStats struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// Name of zone, region and optionally endpoint group these metrics were
+	// collected from. Zone and region names could be empty if unknown.
+	Locality *core.Locality `protobuf:"bytes,1,opt,name=locality,proto3" json:"locality,omitempty"`
+	// The total number of requests successfully completed by the endpoints in the
+	// locality.
+	TotalSuccessfulRequests uint64 `protobuf:"varint,2,opt,name=total_successful_requests,json=totalSuccessfulRequests,proto3" json:"total_successful_requests,omitempty"`
+	// The total number of unfinished requests
+	TotalRequestsInProgress uint64 `protobuf:"varint,3,opt,name=total_requests_in_progress,json=totalRequestsInProgress,proto3" json:"total_requests_in_progress,omitempty"`
+	// The total number of requests that failed due to errors at the endpoint,
+	// aggregated over all endpoints in the locality.
+	TotalErrorRequests uint64 `protobuf:"varint,4,opt,name=total_error_requests,json=totalErrorRequests,proto3" json:"total_error_requests,omitempty"`
+	// The total number of requests that were issued by this Envoy since
+	// the last report. This information is aggregated over all the
+	// upstream endpoints in the locality.
+	TotalIssuedRequests uint64 `protobuf:"varint,8,opt,name=total_issued_requests,json=totalIssuedRequests,proto3" json:"total_issued_requests,omitempty"`
+	// Stats for multi-dimensional load balancing.
+	LoadMetricStats []*EndpointLoadMetricStats `protobuf:"bytes,5,rep,name=load_metric_stats,json=loadMetricStats,proto3" json:"load_metric_stats,omitempty"`
+	// Endpoint granularity stats information for this locality. This information
+	// is populated if the Server requests it by setting
+	// :ref:`LoadStatsResponse.report_endpoint_granularity<envoy_api_field_service.load_stats.v2.LoadStatsResponse.report_endpoint_granularity>`.
+	UpstreamEndpointStats []*UpstreamEndpointStats `protobuf:"bytes,7,rep,name=upstream_endpoint_stats,json=upstreamEndpointStats,proto3" json:"upstream_endpoint_stats,omitempty"`
+	// [#not-implemented-hide:] The priority of the endpoint group these metrics
+	// were collected from.
+	Priority uint32 `protobuf:"varint,6,opt,name=priority,proto3" json:"priority,omitempty"`
+}
+
+func (x *UpstreamLocalityStats) Reset() {
+	*x = UpstreamLocalityStats{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_api_v2_endpoint_load_report_proto_msgTypes[0]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *UpstreamLocalityStats) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*UpstreamLocalityStats) ProtoMessage() {}
+
+func (x *UpstreamLocalityStats) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_api_v2_endpoint_load_report_proto_msgTypes[0]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use UpstreamLocalityStats.ProtoReflect.Descriptor instead.
+func (*UpstreamLocalityStats) Descriptor() ([]byte, []int) {
+	return file_envoy_api_v2_endpoint_load_report_proto_rawDescGZIP(), []int{0}
+}
+
+func (x *UpstreamLocalityStats) GetLocality() *core.Locality {
+	if x != nil {
+		return x.Locality
+	}
+	return nil
+}
+
+func (x *UpstreamLocalityStats) GetTotalSuccessfulRequests() uint64 {
+	if x != nil {
+		return x.TotalSuccessfulRequests
+	}
+	return 0
+}
+
+func (x *UpstreamLocalityStats) GetTotalRequestsInProgress() uint64 {
+	if x != nil {
+		return x.TotalRequestsInProgress
+	}
+	return 0
+}
+
+func (x *UpstreamLocalityStats) GetTotalErrorRequests() uint64 {
+	if x != nil {
+		return x.TotalErrorRequests
+	}
+	return 0
+}
+
+func (x *UpstreamLocalityStats) GetTotalIssuedRequests() uint64 {
+	if x != nil {
+		return x.TotalIssuedRequests
+	}
+	return 0
+}
+
+func (x *UpstreamLocalityStats) GetLoadMetricStats() []*EndpointLoadMetricStats {
+	if x != nil {
+		return x.LoadMetricStats
+	}
+	return nil
+}
+
+func (x *UpstreamLocalityStats) GetUpstreamEndpointStats() []*UpstreamEndpointStats {
+	if x != nil {
+		return x.UpstreamEndpointStats
+	}
+	return nil
+}
+
+func (x *UpstreamLocalityStats) GetPriority() uint32 {
+	if x != nil {
+		return x.Priority
+	}
+	return 0
+}
+
+// [#not-implemented-hide:] Not configuration. TBD how to doc proto APIs.
+// [#next-free-field: 8]
+type UpstreamEndpointStats struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// Upstream host address.
+	Address *core.Address `protobuf:"bytes,1,opt,name=address,proto3" json:"address,omitempty"`
+	// Opaque and implementation dependent metadata of the
+	// endpoint. Envoy will pass this directly to the management server.
+	Metadata *_struct.Struct `protobuf:"bytes,6,opt,name=metadata,proto3" json:"metadata,omitempty"`
+	// The total number of requests successfully completed by the endpoints in the
+	// locality. These include non-5xx responses for HTTP, where errors
+	// originate at the client and the endpoint responded successfully. For gRPC,
+	// the grpc-status values are those not covered by total_error_requests below.
+	TotalSuccessfulRequests uint64 `protobuf:"varint,2,opt,name=total_successful_requests,json=totalSuccessfulRequests,proto3" json:"total_successful_requests,omitempty"`
+	// The total number of unfinished requests for this endpoint.
+	TotalRequestsInProgress uint64 `protobuf:"varint,3,opt,name=total_requests_in_progress,json=totalRequestsInProgress,proto3" json:"total_requests_in_progress,omitempty"`
+	// The total number of requests that failed due to errors at the endpoint.
+	// For HTTP these are responses with 5xx status codes and for gRPC the
+	// grpc-status values:
+	//
+	//   - DeadlineExceeded
+	//   - Unimplemented
+	//   - Internal
+	//   - Unavailable
+	//   - Unknown
+	//   - DataLoss
+	TotalErrorRequests uint64 `protobuf:"varint,4,opt,name=total_error_requests,json=totalErrorRequests,proto3" json:"total_error_requests,omitempty"`
+	// The total number of requests that were issued to this endpoint
+	// since the last report. A single TCP connection, HTTP or gRPC
+	// request or stream is counted as one request.
+	TotalIssuedRequests uint64 `protobuf:"varint,7,opt,name=total_issued_requests,json=totalIssuedRequests,proto3" json:"total_issued_requests,omitempty"`
+	// Stats for multi-dimensional load balancing.
+	LoadMetricStats []*EndpointLoadMetricStats `protobuf:"bytes,5,rep,name=load_metric_stats,json=loadMetricStats,proto3" json:"load_metric_stats,omitempty"`
+}
+
+func (x *UpstreamEndpointStats) Reset() {
+	*x = UpstreamEndpointStats{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_api_v2_endpoint_load_report_proto_msgTypes[1]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *UpstreamEndpointStats) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*UpstreamEndpointStats) ProtoMessage() {}
+
+func (x *UpstreamEndpointStats) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_api_v2_endpoint_load_report_proto_msgTypes[1]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use UpstreamEndpointStats.ProtoReflect.Descriptor instead.
+func (*UpstreamEndpointStats) Descriptor() ([]byte, []int) {
+	return file_envoy_api_v2_endpoint_load_report_proto_rawDescGZIP(), []int{1}
+}
+
+func (x *UpstreamEndpointStats) GetAddress() *core.Address {
+	if x != nil {
+		return x.Address
+	}
+	return nil
+}
+
+func (x *UpstreamEndpointStats) GetMetadata() *_struct.Struct {
+	if x != nil {
+		return x.Metadata
+	}
+	return nil
+}
+
+func (x *UpstreamEndpointStats) GetTotalSuccessfulRequests() uint64 {
+	if x != nil {
+		return x.TotalSuccessfulRequests
+	}
+	return 0
+}
+
+func (x *UpstreamEndpointStats) GetTotalRequestsInProgress() uint64 {
+	if x != nil {
+		return x.TotalRequestsInProgress
+	}
+	return 0
+}
+
+func (x *UpstreamEndpointStats) GetTotalErrorRequests() uint64 {
+	if x != nil {
+		return x.TotalErrorRequests
+	}
+	return 0
+}
+
+func (x *UpstreamEndpointStats) GetTotalIssuedRequests() uint64 {
+	if x != nil {
+		return x.TotalIssuedRequests
+	}
+	return 0
+}
+
+func (x *UpstreamEndpointStats) GetLoadMetricStats() []*EndpointLoadMetricStats {
+	if x != nil {
+		return x.LoadMetricStats
+	}
+	return nil
+}
+
+// [#not-implemented-hide:] Not configuration. TBD how to doc proto APIs.
+type EndpointLoadMetricStats struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// Name of the metric; may be empty.
+	MetricName string `protobuf:"bytes,1,opt,name=metric_name,json=metricName,proto3" json:"metric_name,omitempty"`
+	// Number of calls that finished and included this metric.
+	NumRequestsFinishedWithMetric uint64 `protobuf:"varint,2,opt,name=num_requests_finished_with_metric,json=numRequestsFinishedWithMetric,proto3" json:"num_requests_finished_with_metric,omitempty"`
+	// Sum of metric values across all calls that finished with this metric for
+	// load_reporting_interval.
+	TotalMetricValue float64 `protobuf:"fixed64,3,opt,name=total_metric_value,json=totalMetricValue,proto3" json:"total_metric_value,omitempty"`
+}
+
+func (x *EndpointLoadMetricStats) Reset() {
+	*x = EndpointLoadMetricStats{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_api_v2_endpoint_load_report_proto_msgTypes[2]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *EndpointLoadMetricStats) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*EndpointLoadMetricStats) ProtoMessage() {}
+
+func (x *EndpointLoadMetricStats) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_api_v2_endpoint_load_report_proto_msgTypes[2]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use EndpointLoadMetricStats.ProtoReflect.Descriptor instead.
+func (*EndpointLoadMetricStats) Descriptor() ([]byte, []int) {
+	return file_envoy_api_v2_endpoint_load_report_proto_rawDescGZIP(), []int{2}
+}
+
+func (x *EndpointLoadMetricStats) GetMetricName() string {
+	if x != nil {
+		return x.MetricName
+	}
+	return ""
+}
+
+func (x *EndpointLoadMetricStats) GetNumRequestsFinishedWithMetric() uint64 {
+	if x != nil {
+		return x.NumRequestsFinishedWithMetric
+	}
+	return 0
+}
+
+func (x *EndpointLoadMetricStats) GetTotalMetricValue() float64 {
+	if x != nil {
+		return x.TotalMetricValue
+	}
+	return 0
+}
+
+// Per cluster load stats. Envoy reports these stats a management server in a
+// :ref:`LoadStatsRequest<envoy_api_msg_service.load_stats.v2.LoadStatsRequest>`
+// [#not-implemented-hide:] Not configuration. TBD how to doc proto APIs.
+// Next ID: 7
+// [#next-free-field: 7]
+type ClusterStats struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// The name of the cluster.
+	ClusterName string `protobuf:"bytes,1,opt,name=cluster_name,json=clusterName,proto3" json:"cluster_name,omitempty"`
+	// The eds_cluster_config service_name of the cluster.
+	// It's possible that two clusters send the same service_name to EDS,
+	// in that case, the management server is supposed to do aggregation on the load reports.
+	ClusterServiceName string `protobuf:"bytes,6,opt,name=cluster_service_name,json=clusterServiceName,proto3" json:"cluster_service_name,omitempty"`
+	// Need at least one.
+	UpstreamLocalityStats []*UpstreamLocalityStats `protobuf:"bytes,2,rep,name=upstream_locality_stats,json=upstreamLocalityStats,proto3" json:"upstream_locality_stats,omitempty"`
+	// Cluster-level stats such as total_successful_requests may be computed by
+	// summing upstream_locality_stats. In addition, below there are additional
+	// cluster-wide stats.
+	//
+	// The total number of dropped requests. This covers requests
+	// deliberately dropped by the drop_overload policy and circuit breaking.
+	TotalDroppedRequests uint64 `protobuf:"varint,3,opt,name=total_dropped_requests,json=totalDroppedRequests,proto3" json:"total_dropped_requests,omitempty"`
+	// Information about deliberately dropped requests for each category specified
+	// in the DropOverload policy.
+	DroppedRequests []*ClusterStats_DroppedRequests `protobuf:"bytes,5,rep,name=dropped_requests,json=droppedRequests,proto3" json:"dropped_requests,omitempty"`
+	// Period over which the actual load report occurred. This will be guaranteed to include every
+	// request reported. Due to system load and delays between the *LoadStatsRequest* sent from Envoy
+	// and the *LoadStatsResponse* message sent from the management server, this may be longer than
+	// the requested load reporting interval in the *LoadStatsResponse*.
+	LoadReportInterval *duration.Duration `protobuf:"bytes,4,opt,name=load_report_interval,json=loadReportInterval,proto3" json:"load_report_interval,omitempty"`
+}
+
+func (x *ClusterStats) Reset() {
+	*x = ClusterStats{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_api_v2_endpoint_load_report_proto_msgTypes[3]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *ClusterStats) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*ClusterStats) ProtoMessage() {}
+
+func (x *ClusterStats) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_api_v2_endpoint_load_report_proto_msgTypes[3]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use ClusterStats.ProtoReflect.Descriptor instead.
+func (*ClusterStats) Descriptor() ([]byte, []int) {
+	return file_envoy_api_v2_endpoint_load_report_proto_rawDescGZIP(), []int{3}
+}
+
+func (x *ClusterStats) GetClusterName() string {
+	if x != nil {
+		return x.ClusterName
+	}
+	return ""
+}
+
+func (x *ClusterStats) GetClusterServiceName() string {
+	if x != nil {
+		return x.ClusterServiceName
+	}
+	return ""
+}
+
+func (x *ClusterStats) GetUpstreamLocalityStats() []*UpstreamLocalityStats {
+	if x != nil {
+		return x.UpstreamLocalityStats
+	}
+	return nil
+}
+
+func (x *ClusterStats) GetTotalDroppedRequests() uint64 {
+	if x != nil {
+		return x.TotalDroppedRequests
+	}
+	return 0
+}
+
+func (x *ClusterStats) GetDroppedRequests() []*ClusterStats_DroppedRequests {
+	if x != nil {
+		return x.DroppedRequests
+	}
+	return nil
+}
+
+func (x *ClusterStats) GetLoadReportInterval() *duration.Duration {
+	if x != nil {
+		return x.LoadReportInterval
+	}
+	return nil
+}
+
+type ClusterStats_DroppedRequests struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// Identifier for the policy specifying the drop.
+	Category string `protobuf:"bytes,1,opt,name=category,proto3" json:"category,omitempty"`
+	// Total number of deliberately dropped requests for the category.
+	DroppedCount uint64 `protobuf:"varint,2,opt,name=dropped_count,json=droppedCount,proto3" json:"dropped_count,omitempty"`
+}
+
+func (x *ClusterStats_DroppedRequests) Reset() {
+	*x = ClusterStats_DroppedRequests{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_api_v2_endpoint_load_report_proto_msgTypes[4]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *ClusterStats_DroppedRequests) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*ClusterStats_DroppedRequests) ProtoMessage() {}
+
+func (x *ClusterStats_DroppedRequests) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_api_v2_endpoint_load_report_proto_msgTypes[4]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use ClusterStats_DroppedRequests.ProtoReflect.Descriptor instead.
+func (*ClusterStats_DroppedRequests) Descriptor() ([]byte, []int) {
+	return file_envoy_api_v2_endpoint_load_report_proto_rawDescGZIP(), []int{3, 0}
+}
+
+func (x *ClusterStats_DroppedRequests) GetCategory() string {
+	if x != nil {
+		return x.Category
+	}
+	return ""
+}
+
+func (x *ClusterStats_DroppedRequests) GetDroppedCount() uint64 {
+	if x != nil {
+		return x.DroppedCount
+	}
+	return 0
+}
+
+var File_envoy_api_v2_endpoint_load_report_proto protoreflect.FileDescriptor
+
+var file_envoy_api_v2_endpoint_load_report_proto_rawDesc = []byte{
+	0x0a, 0x27, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2f, 0x61, 0x70, 0x69, 0x2f, 0x76, 0x32, 0x2f, 0x65,
+	0x6e, 0x64, 0x70, 0x6f, 0x69, 0x6e, 0x74, 0x2f, 0x6c, 0x6f, 0x61, 0x64, 0x5f, 0x72, 0x65, 0x70,
+	0x6f, 0x72, 0x74, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x12, 0x15, 0x65, 0x6e, 0x76, 0x6f, 0x79,
+	0x2e, 0x61, 0x70, 0x69, 0x2e, 0x76, 0x32, 0x2e, 0x65, 0x6e, 0x64, 0x70, 0x6f, 0x69, 0x6e, 0x74,
+	0x1a, 0x1f, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2f, 0x61, 0x70, 0x69, 0x2f, 0x76, 0x32, 0x2f, 0x63,
+	0x6f, 0x72, 0x65, 0x2f, 0x61, 0x64, 0x64, 0x72, 0x65, 0x73, 0x73, 0x2e, 0x70, 0x72, 0x6f, 0x74,
+	0x6f, 0x1a, 0x1c, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2f, 0x61, 0x70, 0x69, 0x2f, 0x76, 0x32, 0x2f,
+	0x63, 0x6f, 0x72, 0x65, 0x2f, 0x62, 0x61, 0x73, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a,
+	0x1e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2f, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66,
+	0x2f, 0x64, 0x75, 0x72, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a,
+	0x1c, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2f, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66,
+	0x2f, 0x73, 0x74, 0x72, 0x75, 0x63, 0x74, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x1e, 0x75,
+	0x64, 0x70, 0x61, 0x2f, 0x61, 0x6e, 0x6e, 0x6f, 0x74, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x2f,
+	0x6d, 0x69, 0x67, 0x72, 0x61, 0x74, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x1d, 0x75,
+	0x64, 0x70, 0x61, 0x2f, 0x61, 0x6e, 0x6e, 0x6f, 0x74, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x2f,
+	0x73, 0x74, 0x61, 0x74, 0x75, 0x73, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x17, 0x76, 0x61,
+	0x6c, 0x69, 0x64, 0x61, 0x74, 0x65, 0x2f, 0x76, 0x61, 0x6c, 0x69, 0x64, 0x61, 0x74, 0x65, 0x2e,
+	0x70, 0x72, 0x6f, 0x74, 0x6f, 0x22, 0x8d, 0x04, 0x0a, 0x15, 0x55, 0x70, 0x73, 0x74, 0x72, 0x65,
+	0x61, 0x6d, 0x4c, 0x6f, 0x63, 0x61, 0x6c, 0x69, 0x74, 0x79, 0x53, 0x74, 0x61, 0x74, 0x73, 0x12,
+	0x37, 0x0a, 0x08, 0x6c, 0x6f, 0x63, 0x61, 0x6c, 0x69, 0x74, 0x79, 0x18, 0x01, 0x20, 0x01, 0x28,
+	0x0b, 0x32, 0x1b, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x76, 0x32,
+	0x2e, 0x63, 0x6f, 0x72, 0x65, 0x2e, 0x4c, 0x6f, 0x63, 0x61, 0x6c, 0x69, 0x74, 0x79, 0x52, 0x08,
+	0x6c, 0x6f, 0x63, 0x61, 0x6c, 0x69, 0x74, 0x79, 0x12, 0x3a, 0x0a, 0x19, 0x74, 0x6f, 0x74, 0x61,
+	0x6c, 0x5f, 0x73, 0x75, 0x63, 0x63, 0x65, 0x73, 0x73, 0x66, 0x75, 0x6c, 0x5f, 0x72, 0x65, 0x71,
+	0x75, 0x65, 0x73, 0x74, 0x73, 0x18, 0x02, 0x20, 0x01, 0x28, 0x04, 0x52, 0x17, 0x74, 0x6f, 0x74,
+	0x61, 0x6c, 0x53, 0x75, 0x63, 0x63, 0x65, 0x73, 0x73, 0x66, 0x75, 0x6c, 0x52, 0x65, 0x71, 0x75,
+	0x65, 0x73, 0x74, 0x73, 0x12, 0x3b, 0x0a, 0x1a, 0x74, 0x6f, 0x74, 0x61, 0x6c, 0x5f, 0x72, 0x65,
+	0x71, 0x75, 0x65, 0x73, 0x74, 0x73, 0x5f, 0x69, 0x6e, 0x5f, 0x70, 0x72, 0x6f, 0x67, 0x72, 0x65,
+	0x73, 0x73, 0x18, 0x03, 0x20, 0x01, 0x28, 0x04, 0x52, 0x17, 0x74, 0x6f, 0x74, 0x61, 0x6c, 0x52,
+	0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x73, 0x49, 0x6e, 0x50, 0x72, 0x6f, 0x67, 0x72, 0x65, 0x73,
+	0x73, 0x12, 0x30, 0x0a, 0x14, 0x74, 0x6f, 0x74, 0x61, 0x6c, 0x5f, 0x65, 0x72, 0x72, 0x6f, 0x72,
+	0x5f, 0x72, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x73, 0x18, 0x04, 0x20, 0x01, 0x28, 0x04, 0x52,
+	0x12, 0x74, 0x6f, 0x74, 0x61, 0x6c, 0x45, 0x72, 0x72, 0x6f, 0x72, 0x52, 0x65, 0x71, 0x75, 0x65,
+	0x73, 0x74, 0x73, 0x12, 0x32, 0x0a, 0x15, 0x74, 0x6f, 0x74, 0x61, 0x6c, 0x5f, 0x69, 0x73, 0x73,
+	0x75, 0x65, 0x64, 0x5f, 0x72, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x73, 0x18, 0x08, 0x20, 0x01,
+	0x28, 0x04, 0x52, 0x13, 0x74, 0x6f, 0x74, 0x61, 0x6c, 0x49, 0x73, 0x73, 0x75, 0x65, 0x64, 0x52,
+	0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x73, 0x12, 0x5a, 0x0a, 0x11, 0x6c, 0x6f, 0x61, 0x64, 0x5f,
+	0x6d, 0x65, 0x74, 0x72, 0x69, 0x63, 0x5f, 0x73, 0x74, 0x61, 0x74, 0x73, 0x18, 0x05, 0x20, 0x03,
+	0x28, 0x0b, 0x32, 0x2e, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x76,
+	0x32, 0x2e, 0x65, 0x6e, 0x64, 0x70, 0x6f, 0x69, 0x6e, 0x74, 0x2e, 0x45, 0x6e, 0x64, 0x70, 0x6f,
+	0x69, 0x6e, 0x74, 0x4c, 0x6f, 0x61, 0x64, 0x4d, 0x65, 0x74, 0x72, 0x69, 0x63, 0x53, 0x74, 0x61,
+	0x74, 0x73, 0x52, 0x0f, 0x6c, 0x6f, 0x61, 0x64, 0x4d, 0x65, 0x74, 0x72, 0x69, 0x63, 0x53, 0x74,
+	0x61, 0x74, 0x73, 0x12, 0x64, 0x0a, 0x17, 0x75, 0x70, 0x73, 0x74, 0x72, 0x65, 0x61, 0x6d, 0x5f,
+	0x65, 0x6e, 0x64, 0x70, 0x6f, 0x69, 0x6e, 0x74, 0x5f, 0x73, 0x74, 0x61, 0x74, 0x73, 0x18, 0x07,
+	0x20, 0x03, 0x28, 0x0b, 0x32, 0x2c, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61, 0x70, 0x69,
+	0x2e, 0x76, 0x32, 0x2e, 0x65, 0x6e, 0x64, 0x70, 0x6f, 0x69, 0x6e, 0x74, 0x2e, 0x55, 0x70, 0x73,
+	0x74, 0x72, 0x65, 0x61, 0x6d, 0x45, 0x6e, 0x64, 0x70, 0x6f, 0x69, 0x6e, 0x74, 0x53, 0x74, 0x61,
+	0x74, 0x73, 0x52, 0x15, 0x75, 0x70, 0x73, 0x74, 0x72, 0x65, 0x61, 0x6d, 0x45, 0x6e, 0x64, 0x70,
+	0x6f, 0x69, 0x6e, 0x74, 0x53, 0x74, 0x61, 0x74, 0x73, 0x12, 0x1a, 0x0a, 0x08, 0x70, 0x72, 0x69,
+	0x6f, 0x72, 0x69, 0x74, 0x79, 0x18, 0x06, 0x20, 0x01, 0x28, 0x0d, 0x52, 0x08, 0x70, 0x72, 0x69,
+	0x6f, 0x72, 0x69, 0x74, 0x79, 0x22, 0xbd, 0x03, 0x0a, 0x15, 0x55, 0x70, 0x73, 0x74, 0x72, 0x65,
+	0x61, 0x6d, 0x45, 0x6e, 0x64, 0x70, 0x6f, 0x69, 0x6e, 0x74, 0x53, 0x74, 0x61, 0x74, 0x73, 0x12,
+	0x34, 0x0a, 0x07, 0x61, 0x64, 0x64, 0x72, 0x65, 0x73, 0x73, 0x18, 0x01, 0x20, 0x01, 0x28, 0x0b,
+	0x32, 0x1a, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x76, 0x32, 0x2e,
+	0x63, 0x6f, 0x72, 0x65, 0x2e, 0x41, 0x64, 0x64, 0x72, 0x65, 0x73, 0x73, 0x52, 0x07, 0x61, 0x64,
+	0x64, 0x72, 0x65, 0x73, 0x73, 0x12, 0x33, 0x0a, 0x08, 0x6d, 0x65, 0x74, 0x61, 0x64, 0x61, 0x74,
+	0x61, 0x18, 0x06, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x17, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65,
+	0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x53, 0x74, 0x72, 0x75, 0x63, 0x74,
+	0x52, 0x08, 0x6d, 0x65, 0x74, 0x61, 0x64, 0x61, 0x74, 0x61, 0x12, 0x3a, 0x0a, 0x19, 0x74, 0x6f,
+	0x74, 0x61, 0x6c, 0x5f, 0x73, 0x75, 0x63, 0x63, 0x65, 0x73, 0x73, 0x66, 0x75, 0x6c, 0x5f, 0x72,
+	0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x73, 0x18, 0x02, 0x20, 0x01, 0x28, 0x04, 0x52, 0x17, 0x74,
+	0x6f, 0x74, 0x61, 0x6c, 0x53, 0x75, 0x63, 0x63, 0x65, 0x73, 0x73, 0x66, 0x75, 0x6c, 0x52, 0x65,
+	0x71, 0x75, 0x65, 0x73, 0x74, 0x73, 0x12, 0x3b, 0x0a, 0x1a, 0x74, 0x6f, 0x74, 0x61, 0x6c, 0x5f,
+	0x72, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x73, 0x5f, 0x69, 0x6e, 0x5f, 0x70, 0x72, 0x6f, 0x67,
+	0x72, 0x65, 0x73, 0x73, 0x18, 0x03, 0x20, 0x01, 0x28, 0x04, 0x52, 0x17, 0x74, 0x6f, 0x74, 0x61,
+	0x6c, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x73, 0x49, 0x6e, 0x50, 0x72, 0x6f, 0x67, 0x72,
+	0x65, 0x73, 0x73, 0x12, 0x30, 0x0a, 0x14, 0x74, 0x6f, 0x74, 0x61, 0x6c, 0x5f, 0x65, 0x72, 0x72,
+	0x6f, 0x72, 0x5f, 0x72, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x73, 0x18, 0x04, 0x20, 0x01, 0x28,
+	0x04, 0x52, 0x12, 0x74, 0x6f, 0x74, 0x61, 0x6c, 0x45, 0x72, 0x72, 0x6f, 0x72, 0x52, 0x65, 0x71,
+	0x75, 0x65, 0x73, 0x74, 0x73, 0x12, 0x32, 0x0a, 0x15, 0x74, 0x6f, 0x74, 0x61, 0x6c, 0x5f, 0x69,
+	0x73, 0x73, 0x75, 0x65, 0x64, 0x5f, 0x72, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x73, 0x18, 0x07,
+	0x20, 0x01, 0x28, 0x04, 0x52, 0x13, 0x74, 0x6f, 0x74, 0x61, 0x6c, 0x49, 0x73, 0x73, 0x75, 0x65,
+	0x64, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x73, 0x12, 0x5a, 0x0a, 0x11, 0x6c, 0x6f, 0x61,
+	0x64, 0x5f, 0x6d, 0x65, 0x74, 0x72, 0x69, 0x63, 0x5f, 0x73, 0x74, 0x61, 0x74, 0x73, 0x18, 0x05,
+	0x20, 0x03, 0x28, 0x0b, 0x32, 0x2e, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61, 0x70, 0x69,
+	0x2e, 0x76, 0x32, 0x2e, 0x65, 0x6e, 0x64, 0x70, 0x6f, 0x69, 0x6e, 0x74, 0x2e, 0x45, 0x6e, 0x64,
+	0x70, 0x6f, 0x69, 0x6e, 0x74, 0x4c, 0x6f, 0x61, 0x64, 0x4d, 0x65, 0x74, 0x72, 0x69, 0x63, 0x53,
+	0x74, 0x61, 0x74, 0x73, 0x52, 0x0f, 0x6c, 0x6f, 0x61, 0x64, 0x4d, 0x65, 0x74, 0x72, 0x69, 0x63,
+	0x53, 0x74, 0x61, 0x74, 0x73, 0x22, 0xb2, 0x01, 0x0a, 0x17, 0x45, 0x6e, 0x64, 0x70, 0x6f, 0x69,
+	0x6e, 0x74, 0x4c, 0x6f, 0x61, 0x64, 0x4d, 0x65, 0x74, 0x72, 0x69, 0x63, 0x53, 0x74, 0x61, 0x74,
+	0x73, 0x12, 0x1f, 0x0a, 0x0b, 0x6d, 0x65, 0x74, 0x72, 0x69, 0x63, 0x5f, 0x6e, 0x61, 0x6d, 0x65,
+	0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x0a, 0x6d, 0x65, 0x74, 0x72, 0x69, 0x63, 0x4e, 0x61,
+	0x6d, 0x65, 0x12, 0x48, 0x0a, 0x21, 0x6e, 0x75, 0x6d, 0x5f, 0x72, 0x65, 0x71, 0x75, 0x65, 0x73,
+	0x74, 0x73, 0x5f, 0x66, 0x69, 0x6e, 0x69, 0x73, 0x68, 0x65, 0x64, 0x5f, 0x77, 0x69, 0x74, 0x68,
+	0x5f, 0x6d, 0x65, 0x74, 0x72, 0x69, 0x63, 0x18, 0x02, 0x20, 0x01, 0x28, 0x04, 0x52, 0x1d, 0x6e,
+	0x75, 0x6d, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x73, 0x46, 0x69, 0x6e, 0x69, 0x73, 0x68,
+	0x65, 0x64, 0x57, 0x69, 0x74, 0x68, 0x4d, 0x65, 0x74, 0x72, 0x69, 0x63, 0x12, 0x2c, 0x0a, 0x12,
+	0x74, 0x6f, 0x74, 0x61, 0x6c, 0x5f, 0x6d, 0x65, 0x74, 0x72, 0x69, 0x63, 0x5f, 0x76, 0x61, 0x6c,
+	0x75, 0x65, 0x18, 0x03, 0x20, 0x01, 0x28, 0x01, 0x52, 0x10, 0x74, 0x6f, 0x74, 0x61, 0x6c, 0x4d,
+	0x65, 0x74, 0x72, 0x69, 0x63, 0x56, 0x61, 0x6c, 0x75, 0x65, 0x22, 0x9c, 0x04, 0x0a, 0x0c, 0x43,
+	0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0x53, 0x74, 0x61, 0x74, 0x73, 0x12, 0x2a, 0x0a, 0x0c, 0x63,
+	0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0x5f, 0x6e, 0x61, 0x6d, 0x65, 0x18, 0x01, 0x20, 0x01, 0x28,
+	0x09, 0x42, 0x07, 0xfa, 0x42, 0x04, 0x72, 0x02, 0x20, 0x01, 0x52, 0x0b, 0x63, 0x6c, 0x75, 0x73,
+	0x74, 0x65, 0x72, 0x4e, 0x61, 0x6d, 0x65, 0x12, 0x30, 0x0a, 0x14, 0x63, 0x6c, 0x75, 0x73, 0x74,
+	0x65, 0x72, 0x5f, 0x73, 0x65, 0x72, 0x76, 0x69, 0x63, 0x65, 0x5f, 0x6e, 0x61, 0x6d, 0x65, 0x18,
+	0x06, 0x20, 0x01, 0x28, 0x09, 0x52, 0x12, 0x63, 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0x53, 0x65,
+	0x72, 0x76, 0x69, 0x63, 0x65, 0x4e, 0x61, 0x6d, 0x65, 0x12, 0x6e, 0x0a, 0x17, 0x75, 0x70, 0x73,
+	0x74, 0x72, 0x65, 0x61, 0x6d, 0x5f, 0x6c, 0x6f, 0x63, 0x61, 0x6c, 0x69, 0x74, 0x79, 0x5f, 0x73,
+	0x74, 0x61, 0x74, 0x73, 0x18, 0x02, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x2c, 0x2e, 0x65, 0x6e, 0x76,
+	0x6f, 0x79, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x76, 0x32, 0x2e, 0x65, 0x6e, 0x64, 0x70, 0x6f, 0x69,
+	0x6e, 0x74, 0x2e, 0x55, 0x70, 0x73, 0x74, 0x72, 0x65, 0x61, 0x6d, 0x4c, 0x6f, 0x63, 0x61, 0x6c,
+	0x69, 0x74, 0x79, 0x53, 0x74, 0x61, 0x74, 0x73, 0x42, 0x08, 0xfa, 0x42, 0x05, 0x92, 0x01, 0x02,
+	0x08, 0x01, 0x52, 0x15, 0x75, 0x70, 0x73, 0x74, 0x72, 0x65, 0x61, 0x6d, 0x4c, 0x6f, 0x63, 0x61,
+	0x6c, 0x69, 0x74, 0x79, 0x53, 0x74, 0x61, 0x74, 0x73, 0x12, 0x34, 0x0a, 0x16, 0x74, 0x6f, 0x74,
+	0x61, 0x6c, 0x5f, 0x64, 0x72, 0x6f, 0x70, 0x70, 0x65, 0x64, 0x5f, 0x72, 0x65, 0x71, 0x75, 0x65,
+	0x73, 0x74, 0x73, 0x18, 0x03, 0x20, 0x01, 0x28, 0x04, 0x52, 0x14, 0x74, 0x6f, 0x74, 0x61, 0x6c,
+	0x44, 0x72, 0x6f, 0x70, 0x70, 0x65, 0x64, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x73, 0x12,
+	0x5e, 0x0a, 0x10, 0x64, 0x72, 0x6f, 0x70, 0x70, 0x65, 0x64, 0x5f, 0x72, 0x65, 0x71, 0x75, 0x65,
+	0x73, 0x74, 0x73, 0x18, 0x05, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x33, 0x2e, 0x65, 0x6e, 0x76, 0x6f,
+	0x79, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x76, 0x32, 0x2e, 0x65, 0x6e, 0x64, 0x70, 0x6f, 0x69, 0x6e,
+	0x74, 0x2e, 0x43, 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0x53, 0x74, 0x61, 0x74, 0x73, 0x2e, 0x44,
+	0x72, 0x6f, 0x70, 0x70, 0x65, 0x64, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x73, 0x52, 0x0f,
+	0x64, 0x72, 0x6f, 0x70, 0x70, 0x65, 0x64, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x73, 0x12,
+	0x4b, 0x0a, 0x14, 0x6c, 0x6f, 0x61, 0x64, 0x5f, 0x72, 0x65, 0x70, 0x6f, 0x72, 0x74, 0x5f, 0x69,
+	0x6e, 0x74, 0x65, 0x72, 0x76, 0x61, 0x6c, 0x18, 0x04, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x19, 0x2e,
+	0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e,
+	0x44, 0x75, 0x72, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x52, 0x12, 0x6c, 0x6f, 0x61, 0x64, 0x52, 0x65,
+	0x70, 0x6f, 0x72, 0x74, 0x49, 0x6e, 0x74, 0x65, 0x72, 0x76, 0x61, 0x6c, 0x1a, 0x5b, 0x0a, 0x0f,
+	0x44, 0x72, 0x6f, 0x70, 0x70, 0x65, 0x64, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x73, 0x12,
+	0x23, 0x0a, 0x08, 0x63, 0x61, 0x74, 0x65, 0x67, 0x6f, 0x72, 0x79, 0x18, 0x01, 0x20, 0x01, 0x28,
+	0x09, 0x42, 0x07, 0xfa, 0x42, 0x04, 0x72, 0x02, 0x20, 0x01, 0x52, 0x08, 0x63, 0x61, 0x74, 0x65,
+	0x67, 0x6f, 0x72, 0x79, 0x12, 0x23, 0x0a, 0x0d, 0x64, 0x72, 0x6f, 0x70, 0x70, 0x65, 0x64, 0x5f,
+	0x63, 0x6f, 0x75, 0x6e, 0x74, 0x18, 0x02, 0x20, 0x01, 0x28, 0x04, 0x52, 0x0c, 0x64, 0x72, 0x6f,
+	0x70, 0x70, 0x65, 0x64, 0x43, 0x6f, 0x75, 0x6e, 0x74, 0x42, 0x60, 0x0a, 0x23, 0x69, 0x6f, 0x2e,
+	0x65, 0x6e, 0x76, 0x6f, 0x79, 0x70, 0x72, 0x6f, 0x78, 0x79, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79,
+	0x2e, 0x61, 0x70, 0x69, 0x2e, 0x76, 0x32, 0x2e, 0x65, 0x6e, 0x64, 0x70, 0x6f, 0x69, 0x6e, 0x74,
+	0x42, 0x0f, 0x4c, 0x6f, 0x61, 0x64, 0x52, 0x65, 0x70, 0x6f, 0x72, 0x74, 0x50, 0x72, 0x6f, 0x74,
+	0x6f, 0x50, 0x01, 0xf2, 0x98, 0xfe, 0x8f, 0x05, 0x1a, 0x12, 0x18, 0x65, 0x6e, 0x76, 0x6f, 0x79,
+	0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x65, 0x6e, 0x64, 0x70, 0x6f, 0x69, 0x6e, 0x74,
+	0x2e, 0x76, 0x33, 0xba, 0x80, 0xc8, 0xd1, 0x06, 0x02, 0x10, 0x01, 0x62, 0x06, 0x70, 0x72, 0x6f,
+	0x74, 0x6f, 0x33,
+}
+
+var (
+	file_envoy_api_v2_endpoint_load_report_proto_rawDescOnce sync.Once
+	file_envoy_api_v2_endpoint_load_report_proto_rawDescData = file_envoy_api_v2_endpoint_load_report_proto_rawDesc
+)
+
+func file_envoy_api_v2_endpoint_load_report_proto_rawDescGZIP() []byte {
+	file_envoy_api_v2_endpoint_load_report_proto_rawDescOnce.Do(func() {
+		file_envoy_api_v2_endpoint_load_report_proto_rawDescData = protoimpl.X.CompressGZIP(file_envoy_api_v2_endpoint_load_report_proto_rawDescData)
+	})
+	return file_envoy_api_v2_endpoint_load_report_proto_rawDescData
+}
+
+var file_envoy_api_v2_endpoint_load_report_proto_msgTypes = make([]protoimpl.MessageInfo, 5)
+var file_envoy_api_v2_endpoint_load_report_proto_goTypes = []interface{}{
+	(*UpstreamLocalityStats)(nil),        // 0: envoy.api.v2.endpoint.UpstreamLocalityStats
+	(*UpstreamEndpointStats)(nil),        // 1: envoy.api.v2.endpoint.UpstreamEndpointStats
+	(*EndpointLoadMetricStats)(nil),      // 2: envoy.api.v2.endpoint.EndpointLoadMetricStats
+	(*ClusterStats)(nil),                 // 3: envoy.api.v2.endpoint.ClusterStats
+	(*ClusterStats_DroppedRequests)(nil), // 4: envoy.api.v2.endpoint.ClusterStats.DroppedRequests
+	(*core.Locality)(nil),                // 5: envoy.api.v2.core.Locality
+	(*core.Address)(nil),                 // 6: envoy.api.v2.core.Address
+	(*_struct.Struct)(nil),               // 7: google.protobuf.Struct
+	(*duration.Duration)(nil),            // 8: google.protobuf.Duration
+}
+var file_envoy_api_v2_endpoint_load_report_proto_depIdxs = []int32{
+	5, // 0: envoy.api.v2.endpoint.UpstreamLocalityStats.locality:type_name -> envoy.api.v2.core.Locality
+	2, // 1: envoy.api.v2.endpoint.UpstreamLocalityStats.load_metric_stats:type_name -> envoy.api.v2.endpoint.EndpointLoadMetricStats
+	1, // 2: envoy.api.v2.endpoint.UpstreamLocalityStats.upstream_endpoint_stats:type_name -> envoy.api.v2.endpoint.UpstreamEndpointStats
+	6, // 3: envoy.api.v2.endpoint.UpstreamEndpointStats.address:type_name -> envoy.api.v2.core.Address
+	7, // 4: envoy.api.v2.endpoint.UpstreamEndpointStats.metadata:type_name -> google.protobuf.Struct
+	2, // 5: envoy.api.v2.endpoint.UpstreamEndpointStats.load_metric_stats:type_name -> envoy.api.v2.endpoint.EndpointLoadMetricStats
+	0, // 6: envoy.api.v2.endpoint.ClusterStats.upstream_locality_stats:type_name -> envoy.api.v2.endpoint.UpstreamLocalityStats
+	4, // 7: envoy.api.v2.endpoint.ClusterStats.dropped_requests:type_name -> envoy.api.v2.endpoint.ClusterStats.DroppedRequests
+	8, // 8: envoy.api.v2.endpoint.ClusterStats.load_report_interval:type_name -> google.protobuf.Duration
+	9, // [9:9] is the sub-list for method output_type
+	9, // [9:9] is the sub-list for method input_type
+	9, // [9:9] is the sub-list for extension type_name
+	9, // [9:9] is the sub-list for extension extendee
+	0, // [0:9] is the sub-list for field type_name
+}
+
+func init() { file_envoy_api_v2_endpoint_load_report_proto_init() }
+func file_envoy_api_v2_endpoint_load_report_proto_init() {
+	if File_envoy_api_v2_endpoint_load_report_proto != nil {
+		return
+	}
+	if !protoimpl.UnsafeEnabled {
+		file_envoy_api_v2_endpoint_load_report_proto_msgTypes[0].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*UpstreamLocalityStats); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_api_v2_endpoint_load_report_proto_msgTypes[1].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*UpstreamEndpointStats); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_api_v2_endpoint_load_report_proto_msgTypes[2].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*EndpointLoadMetricStats); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_api_v2_endpoint_load_report_proto_msgTypes[3].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*ClusterStats); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_api_v2_endpoint_load_report_proto_msgTypes[4].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*ClusterStats_DroppedRequests); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+	}
+	type x struct{}
+	out := protoimpl.TypeBuilder{
+		File: protoimpl.DescBuilder{
+			GoPackagePath: reflect.TypeOf(x{}).PkgPath(),
+			RawDescriptor: file_envoy_api_v2_endpoint_load_report_proto_rawDesc,
+			NumEnums:      0,
+			NumMessages:   5,
+			NumExtensions: 0,
+			NumServices:   0,
+		},
+		GoTypes:           file_envoy_api_v2_endpoint_load_report_proto_goTypes,
+		DependencyIndexes: file_envoy_api_v2_endpoint_load_report_proto_depIdxs,
+		MessageInfos:      file_envoy_api_v2_endpoint_load_report_proto_msgTypes,
+	}.Build()
+	File_envoy_api_v2_endpoint_load_report_proto = out.File
+	file_envoy_api_v2_endpoint_load_report_proto_rawDesc = nil
+	file_envoy_api_v2_endpoint_load_report_proto_goTypes = nil
+	file_envoy_api_v2_endpoint_load_report_proto_depIdxs = nil
+}
diff --git a/vendor/github.com/envoyproxy/go-control-plane/envoy/api/v2/endpoint/load_report.pb.validate.go b/vendor/github.com/envoyproxy/go-control-plane/envoy/api/v2/endpoint/load_report.pb.validate.go
new file mode 100644
index 00000000000..2e3ad976dc9
--- /dev/null
+++ b/vendor/github.com/envoyproxy/go-control-plane/envoy/api/v2/endpoint/load_report.pb.validate.go
@@ -0,0 +1,888 @@
+// Code generated by protoc-gen-validate. DO NOT EDIT.
+// source: envoy/api/v2/endpoint/load_report.proto
+
+package envoy_api_v2_endpoint
+
+import (
+	"bytes"
+	"errors"
+	"fmt"
+	"net"
+	"net/mail"
+	"net/url"
+	"regexp"
+	"sort"
+	"strings"
+	"time"
+	"unicode/utf8"
+
+	"google.golang.org/protobuf/types/known/anypb"
+)
+
+// ensure the imports are used
+var (
+	_ = bytes.MinRead
+	_ = errors.New("")
+	_ = fmt.Print
+	_ = utf8.UTFMax
+	_ = (*regexp.Regexp)(nil)
+	_ = (*strings.Reader)(nil)
+	_ = net.IPv4len
+	_ = time.Duration(0)
+	_ = (*url.URL)(nil)
+	_ = (*mail.Address)(nil)
+	_ = anypb.Any{}
+	_ = sort.Sort
+)
+
+// Validate checks the field values on UpstreamLocalityStats with the rules
+// defined in the proto definition for this message. If any rules are
+// violated, the first error encountered is returned, or nil if there are no violations.
+func (m *UpstreamLocalityStats) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on UpstreamLocalityStats with the rules
+// defined in the proto definition for this message. If any rules are
+// violated, the result is a list of violation errors wrapped in
+// UpstreamLocalityStatsMultiError, or nil if none found.
+func (m *UpstreamLocalityStats) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *UpstreamLocalityStats) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	if all {
+		switch v := interface{}(m.GetLocality()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, UpstreamLocalityStatsValidationError{
+					field:  "Locality",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, UpstreamLocalityStatsValidationError{
+					field:  "Locality",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetLocality()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return UpstreamLocalityStatsValidationError{
+				field:  "Locality",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	// no validation rules for TotalSuccessfulRequests
+
+	// no validation rules for TotalRequestsInProgress
+
+	// no validation rules for TotalErrorRequests
+
+	// no validation rules for TotalIssuedRequests
+
+	for idx, item := range m.GetLoadMetricStats() {
+		_, _ = idx, item
+
+		if all {
+			switch v := interface{}(item).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, UpstreamLocalityStatsValidationError{
+						field:  fmt.Sprintf("LoadMetricStats[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, UpstreamLocalityStatsValidationError{
+						field:  fmt.Sprintf("LoadMetricStats[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(item).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return UpstreamLocalityStatsValidationError{
+					field:  fmt.Sprintf("LoadMetricStats[%v]", idx),
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	}
+
+	for idx, item := range m.GetUpstreamEndpointStats() {
+		_, _ = idx, item
+
+		if all {
+			switch v := interface{}(item).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, UpstreamLocalityStatsValidationError{
+						field:  fmt.Sprintf("UpstreamEndpointStats[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, UpstreamLocalityStatsValidationError{
+						field:  fmt.Sprintf("UpstreamEndpointStats[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(item).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return UpstreamLocalityStatsValidationError{
+					field:  fmt.Sprintf("UpstreamEndpointStats[%v]", idx),
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	}
+
+	// no validation rules for Priority
+
+	if len(errors) > 0 {
+		return UpstreamLocalityStatsMultiError(errors)
+	}
+	return nil
+}
+
+// UpstreamLocalityStatsMultiError is an error wrapping multiple validation
+// errors returned by UpstreamLocalityStats.ValidateAll() if the designated
+// constraints aren't met.
+type UpstreamLocalityStatsMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m UpstreamLocalityStatsMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m UpstreamLocalityStatsMultiError) AllErrors() []error { return m }
+
+// UpstreamLocalityStatsValidationError is the validation error returned by
+// UpstreamLocalityStats.Validate if the designated constraints aren't met.
+type UpstreamLocalityStatsValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e UpstreamLocalityStatsValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e UpstreamLocalityStatsValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e UpstreamLocalityStatsValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e UpstreamLocalityStatsValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e UpstreamLocalityStatsValidationError) ErrorName() string {
+	return "UpstreamLocalityStatsValidationError"
+}
+
+// Error satisfies the builtin error interface
+func (e UpstreamLocalityStatsValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sUpstreamLocalityStats.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = UpstreamLocalityStatsValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = UpstreamLocalityStatsValidationError{}
+
+// Validate checks the field values on UpstreamEndpointStats with the rules
+// defined in the proto definition for this message. If any rules are
+// violated, the first error encountered is returned, or nil if there are no violations.
+func (m *UpstreamEndpointStats) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on UpstreamEndpointStats with the rules
+// defined in the proto definition for this message. If any rules are
+// violated, the result is a list of violation errors wrapped in
+// UpstreamEndpointStatsMultiError, or nil if none found.
+func (m *UpstreamEndpointStats) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *UpstreamEndpointStats) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	if all {
+		switch v := interface{}(m.GetAddress()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, UpstreamEndpointStatsValidationError{
+					field:  "Address",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, UpstreamEndpointStatsValidationError{
+					field:  "Address",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetAddress()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return UpstreamEndpointStatsValidationError{
+				field:  "Address",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if all {
+		switch v := interface{}(m.GetMetadata()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, UpstreamEndpointStatsValidationError{
+					field:  "Metadata",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, UpstreamEndpointStatsValidationError{
+					field:  "Metadata",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetMetadata()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return UpstreamEndpointStatsValidationError{
+				field:  "Metadata",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	// no validation rules for TotalSuccessfulRequests
+
+	// no validation rules for TotalRequestsInProgress
+
+	// no validation rules for TotalErrorRequests
+
+	// no validation rules for TotalIssuedRequests
+
+	for idx, item := range m.GetLoadMetricStats() {
+		_, _ = idx, item
+
+		if all {
+			switch v := interface{}(item).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, UpstreamEndpointStatsValidationError{
+						field:  fmt.Sprintf("LoadMetricStats[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, UpstreamEndpointStatsValidationError{
+						field:  fmt.Sprintf("LoadMetricStats[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(item).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return UpstreamEndpointStatsValidationError{
+					field:  fmt.Sprintf("LoadMetricStats[%v]", idx),
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	}
+
+	if len(errors) > 0 {
+		return UpstreamEndpointStatsMultiError(errors)
+	}
+	return nil
+}
+
+// UpstreamEndpointStatsMultiError is an error wrapping multiple validation
+// errors returned by UpstreamEndpointStats.ValidateAll() if the designated
+// constraints aren't met.
+type UpstreamEndpointStatsMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m UpstreamEndpointStatsMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m UpstreamEndpointStatsMultiError) AllErrors() []error { return m }
+
+// UpstreamEndpointStatsValidationError is the validation error returned by
+// UpstreamEndpointStats.Validate if the designated constraints aren't met.
+type UpstreamEndpointStatsValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e UpstreamEndpointStatsValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e UpstreamEndpointStatsValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e UpstreamEndpointStatsValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e UpstreamEndpointStatsValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e UpstreamEndpointStatsValidationError) ErrorName() string {
+	return "UpstreamEndpointStatsValidationError"
+}
+
+// Error satisfies the builtin error interface
+func (e UpstreamEndpointStatsValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sUpstreamEndpointStats.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = UpstreamEndpointStatsValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = UpstreamEndpointStatsValidationError{}
+
+// Validate checks the field values on EndpointLoadMetricStats with the rules
+// defined in the proto definition for this message. If any rules are
+// violated, the first error encountered is returned, or nil if there are no violations.
+func (m *EndpointLoadMetricStats) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on EndpointLoadMetricStats with the
+// rules defined in the proto definition for this message. If any rules are
+// violated, the result is a list of violation errors wrapped in
+// EndpointLoadMetricStatsMultiError, or nil if none found.
+func (m *EndpointLoadMetricStats) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *EndpointLoadMetricStats) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	// no validation rules for MetricName
+
+	// no validation rules for NumRequestsFinishedWithMetric
+
+	// no validation rules for TotalMetricValue
+
+	if len(errors) > 0 {
+		return EndpointLoadMetricStatsMultiError(errors)
+	}
+	return nil
+}
+
+// EndpointLoadMetricStatsMultiError is an error wrapping multiple validation
+// errors returned by EndpointLoadMetricStats.ValidateAll() if the designated
+// constraints aren't met.
+type EndpointLoadMetricStatsMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m EndpointLoadMetricStatsMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m EndpointLoadMetricStatsMultiError) AllErrors() []error { return m }
+
+// EndpointLoadMetricStatsValidationError is the validation error returned by
+// EndpointLoadMetricStats.Validate if the designated constraints aren't met.
+type EndpointLoadMetricStatsValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e EndpointLoadMetricStatsValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e EndpointLoadMetricStatsValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e EndpointLoadMetricStatsValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e EndpointLoadMetricStatsValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e EndpointLoadMetricStatsValidationError) ErrorName() string {
+	return "EndpointLoadMetricStatsValidationError"
+}
+
+// Error satisfies the builtin error interface
+func (e EndpointLoadMetricStatsValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sEndpointLoadMetricStats.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = EndpointLoadMetricStatsValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = EndpointLoadMetricStatsValidationError{}
+
+// Validate checks the field values on ClusterStats with the rules defined in
+// the proto definition for this message. If any rules are violated, the first
+// error encountered is returned, or nil if there are no violations.
+func (m *ClusterStats) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on ClusterStats with the rules defined
+// in the proto definition for this message. If any rules are violated, the
+// result is a list of violation errors wrapped in ClusterStatsMultiError, or
+// nil if none found.
+func (m *ClusterStats) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *ClusterStats) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	if len(m.GetClusterName()) < 1 {
+		err := ClusterStatsValidationError{
+			field:  "ClusterName",
+			reason: "value length must be at least 1 bytes",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+	}
+
+	// no validation rules for ClusterServiceName
+
+	if len(m.GetUpstreamLocalityStats()) < 1 {
+		err := ClusterStatsValidationError{
+			field:  "UpstreamLocalityStats",
+			reason: "value must contain at least 1 item(s)",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+	}
+
+	for idx, item := range m.GetUpstreamLocalityStats() {
+		_, _ = idx, item
+
+		if all {
+			switch v := interface{}(item).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, ClusterStatsValidationError{
+						field:  fmt.Sprintf("UpstreamLocalityStats[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, ClusterStatsValidationError{
+						field:  fmt.Sprintf("UpstreamLocalityStats[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(item).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return ClusterStatsValidationError{
+					field:  fmt.Sprintf("UpstreamLocalityStats[%v]", idx),
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	}
+
+	// no validation rules for TotalDroppedRequests
+
+	for idx, item := range m.GetDroppedRequests() {
+		_, _ = idx, item
+
+		if all {
+			switch v := interface{}(item).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, ClusterStatsValidationError{
+						field:  fmt.Sprintf("DroppedRequests[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, ClusterStatsValidationError{
+						field:  fmt.Sprintf("DroppedRequests[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(item).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return ClusterStatsValidationError{
+					field:  fmt.Sprintf("DroppedRequests[%v]", idx),
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	}
+
+	if all {
+		switch v := interface{}(m.GetLoadReportInterval()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, ClusterStatsValidationError{
+					field:  "LoadReportInterval",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, ClusterStatsValidationError{
+					field:  "LoadReportInterval",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetLoadReportInterval()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return ClusterStatsValidationError{
+				field:  "LoadReportInterval",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if len(errors) > 0 {
+		return ClusterStatsMultiError(errors)
+	}
+	return nil
+}
+
+// ClusterStatsMultiError is an error wrapping multiple validation errors
+// returned by ClusterStats.ValidateAll() if the designated constraints aren't met.
+type ClusterStatsMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m ClusterStatsMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m ClusterStatsMultiError) AllErrors() []error { return m }
+
+// ClusterStatsValidationError is the validation error returned by
+// ClusterStats.Validate if the designated constraints aren't met.
+type ClusterStatsValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e ClusterStatsValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e ClusterStatsValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e ClusterStatsValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e ClusterStatsValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e ClusterStatsValidationError) ErrorName() string { return "ClusterStatsValidationError" }
+
+// Error satisfies the builtin error interface
+func (e ClusterStatsValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sClusterStats.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = ClusterStatsValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = ClusterStatsValidationError{}
+
+// Validate checks the field values on ClusterStats_DroppedRequests with the
+// rules defined in the proto definition for this message. If any rules are
+// violated, the first error encountered is returned, or nil if there are no violations.
+func (m *ClusterStats_DroppedRequests) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on ClusterStats_DroppedRequests with the
+// rules defined in the proto definition for this message. If any rules are
+// violated, the result is a list of violation errors wrapped in
+// ClusterStats_DroppedRequestsMultiError, or nil if none found.
+func (m *ClusterStats_DroppedRequests) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *ClusterStats_DroppedRequests) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	if len(m.GetCategory()) < 1 {
+		err := ClusterStats_DroppedRequestsValidationError{
+			field:  "Category",
+			reason: "value length must be at least 1 bytes",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+	}
+
+	// no validation rules for DroppedCount
+
+	if len(errors) > 0 {
+		return ClusterStats_DroppedRequestsMultiError(errors)
+	}
+	return nil
+}
+
+// ClusterStats_DroppedRequestsMultiError is an error wrapping multiple
+// validation errors returned by ClusterStats_DroppedRequests.ValidateAll() if
+// the designated constraints aren't met.
+type ClusterStats_DroppedRequestsMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m ClusterStats_DroppedRequestsMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m ClusterStats_DroppedRequestsMultiError) AllErrors() []error { return m }
+
+// ClusterStats_DroppedRequestsValidationError is the validation error returned
+// by ClusterStats_DroppedRequests.Validate if the designated constraints
+// aren't met.
+type ClusterStats_DroppedRequestsValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e ClusterStats_DroppedRequestsValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e ClusterStats_DroppedRequestsValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e ClusterStats_DroppedRequestsValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e ClusterStats_DroppedRequestsValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e ClusterStats_DroppedRequestsValidationError) ErrorName() string {
+	return "ClusterStats_DroppedRequestsValidationError"
+}
+
+// Error satisfies the builtin error interface
+func (e ClusterStats_DroppedRequestsValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sClusterStats_DroppedRequests.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = ClusterStats_DroppedRequestsValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = ClusterStats_DroppedRequestsValidationError{}
diff --git a/vendor/github.com/envoyproxy/go-control-plane/envoy/api/v2/lds.pb.go b/vendor/github.com/envoyproxy/go-control-plane/envoy/api/v2/lds.pb.go
new file mode 100644
index 00000000000..561b6584b1a
--- /dev/null
+++ b/vendor/github.com/envoyproxy/go-control-plane/envoy/api/v2/lds.pb.go
@@ -0,0 +1,415 @@
+// Code generated by protoc-gen-go. DO NOT EDIT.
+// versions:
+// 	protoc-gen-go v1.25.0
+// 	protoc        v3.19.1
+// source: envoy/api/v2/lds.proto
+
+package envoy_api_v2
+
+import (
+	context "context"
+	_ "github.com/cncf/xds/go/udpa/annotations"
+	_ "github.com/envoyproxy/go-control-plane/envoy/annotations"
+	proto "github.com/golang/protobuf/proto"
+	_ "google.golang.org/genproto/googleapis/api/annotations"
+	grpc "google.golang.org/grpc"
+	codes "google.golang.org/grpc/codes"
+	status "google.golang.org/grpc/status"
+	protoreflect "google.golang.org/protobuf/reflect/protoreflect"
+	protoimpl "google.golang.org/protobuf/runtime/protoimpl"
+	reflect "reflect"
+	sync "sync"
+)
+
+const (
+	// Verify that this generated code is sufficiently up-to-date.
+	_ = protoimpl.EnforceVersion(20 - protoimpl.MinVersion)
+	// Verify that runtime/protoimpl is sufficiently up-to-date.
+	_ = protoimpl.EnforceVersion(protoimpl.MaxVersion - 20)
+)
+
+// This is a compile-time assertion that a sufficiently up-to-date version
+// of the legacy proto package is being used.
+const _ = proto.ProtoPackageIsVersion4
+
+// [#not-implemented-hide:] Not configuration. Workaround c++ protobuf issue with importing
+// services: https://github.com/google/protobuf/issues/4221 and protoxform to upgrade the file.
+type LdsDummy struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+}
+
+func (x *LdsDummy) Reset() {
+	*x = LdsDummy{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_api_v2_lds_proto_msgTypes[0]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *LdsDummy) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*LdsDummy) ProtoMessage() {}
+
+func (x *LdsDummy) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_api_v2_lds_proto_msgTypes[0]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use LdsDummy.ProtoReflect.Descriptor instead.
+func (*LdsDummy) Descriptor() ([]byte, []int) {
+	return file_envoy_api_v2_lds_proto_rawDescGZIP(), []int{0}
+}
+
+var File_envoy_api_v2_lds_proto protoreflect.FileDescriptor
+
+var file_envoy_api_v2_lds_proto_rawDesc = []byte{
+	0x0a, 0x16, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2f, 0x61, 0x70, 0x69, 0x2f, 0x76, 0x32, 0x2f, 0x6c,
+	0x64, 0x73, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x12, 0x0c, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e,
+	0x61, 0x70, 0x69, 0x2e, 0x76, 0x32, 0x1a, 0x1c, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2f, 0x61, 0x70,
+	0x69, 0x2f, 0x76, 0x32, 0x2f, 0x64, 0x69, 0x73, 0x63, 0x6f, 0x76, 0x65, 0x72, 0x79, 0x2e, 0x70,
+	0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x1c, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2f, 0x61, 0x70, 0x69,
+	0x2f, 0x61, 0x6e, 0x6e, 0x6f, 0x74, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x2e, 0x70, 0x72, 0x6f,
+	0x74, 0x6f, 0x1a, 0x20, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2f, 0x61, 0x6e, 0x6e, 0x6f, 0x74, 0x61,
+	0x74, 0x69, 0x6f, 0x6e, 0x73, 0x2f, 0x72, 0x65, 0x73, 0x6f, 0x75, 0x72, 0x63, 0x65, 0x2e, 0x70,
+	0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x1e, 0x75, 0x64, 0x70, 0x61, 0x2f, 0x61, 0x6e, 0x6e, 0x6f, 0x74,
+	0x61, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x2f, 0x6d, 0x69, 0x67, 0x72, 0x61, 0x74, 0x65, 0x2e, 0x70,
+	0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x1d, 0x75, 0x64, 0x70, 0x61, 0x2f, 0x61, 0x6e, 0x6e, 0x6f, 0x74,
+	0x61, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x2f, 0x73, 0x74, 0x61, 0x74, 0x75, 0x73, 0x2e, 0x70, 0x72,
+	0x6f, 0x74, 0x6f, 0x1a, 0x1b, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2f, 0x61, 0x70, 0x69, 0x2f, 0x76,
+	0x32, 0x2f, 0x6c, 0x69, 0x73, 0x74, 0x65, 0x6e, 0x65, 0x72, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f,
+	0x22, 0x0a, 0x0a, 0x08, 0x4c, 0x64, 0x73, 0x44, 0x75, 0x6d, 0x6d, 0x79, 0x32, 0xf3, 0x02, 0x0a,
+	0x18, 0x4c, 0x69, 0x73, 0x74, 0x65, 0x6e, 0x65, 0x72, 0x44, 0x69, 0x73, 0x63, 0x6f, 0x76, 0x65,
+	0x72, 0x79, 0x53, 0x65, 0x72, 0x76, 0x69, 0x63, 0x65, 0x12, 0x61, 0x0a, 0x0e, 0x44, 0x65, 0x6c,
+	0x74, 0x61, 0x4c, 0x69, 0x73, 0x74, 0x65, 0x6e, 0x65, 0x72, 0x73, 0x12, 0x23, 0x2e, 0x65, 0x6e,
+	0x76, 0x6f, 0x79, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x76, 0x32, 0x2e, 0x44, 0x65, 0x6c, 0x74, 0x61,
+	0x44, 0x69, 0x73, 0x63, 0x6f, 0x76, 0x65, 0x72, 0x79, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74,
+	0x1a, 0x24, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x76, 0x32, 0x2e,
+	0x44, 0x65, 0x6c, 0x74, 0x61, 0x44, 0x69, 0x73, 0x63, 0x6f, 0x76, 0x65, 0x72, 0x79, 0x52, 0x65,
+	0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x22, 0x00, 0x28, 0x01, 0x30, 0x01, 0x12, 0x58, 0x0a, 0x0f,
+	0x53, 0x74, 0x72, 0x65, 0x61, 0x6d, 0x4c, 0x69, 0x73, 0x74, 0x65, 0x6e, 0x65, 0x72, 0x73, 0x12,
+	0x1e, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x76, 0x32, 0x2e, 0x44,
+	0x69, 0x73, 0x63, 0x6f, 0x76, 0x65, 0x72, 0x79, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a,
+	0x1f, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x76, 0x32, 0x2e, 0x44,
+	0x69, 0x73, 0x63, 0x6f, 0x76, 0x65, 0x72, 0x79, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65,
+	0x22, 0x00, 0x28, 0x01, 0x30, 0x01, 0x12, 0x7b, 0x0a, 0x0e, 0x46, 0x65, 0x74, 0x63, 0x68, 0x4c,
+	0x69, 0x73, 0x74, 0x65, 0x6e, 0x65, 0x72, 0x73, 0x12, 0x1e, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79,
+	0x2e, 0x61, 0x70, 0x69, 0x2e, 0x76, 0x32, 0x2e, 0x44, 0x69, 0x73, 0x63, 0x6f, 0x76, 0x65, 0x72,
+	0x79, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, 0x1f, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79,
+	0x2e, 0x61, 0x70, 0x69, 0x2e, 0x76, 0x32, 0x2e, 0x44, 0x69, 0x73, 0x63, 0x6f, 0x76, 0x65, 0x72,
+	0x79, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x22, 0x28, 0x82, 0xd3, 0xe4, 0x93, 0x02,
+	0x19, 0x22, 0x17, 0x2f, 0x76, 0x32, 0x2f, 0x64, 0x69, 0x73, 0x63, 0x6f, 0x76, 0x65, 0x72, 0x79,
+	0x3a, 0x6c, 0x69, 0x73, 0x74, 0x65, 0x6e, 0x65, 0x72, 0x73, 0x82, 0xd3, 0xe4, 0x93, 0x02, 0x03,
+	0x3a, 0x01, 0x2a, 0x1a, 0x1d, 0x8a, 0xa4, 0x96, 0xf3, 0x07, 0x17, 0x0a, 0x15, 0x65, 0x6e, 0x76,
+	0x6f, 0x79, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x76, 0x32, 0x2e, 0x4c, 0x69, 0x73, 0x74, 0x65, 0x6e,
+	0x65, 0x72, 0x42, 0x54, 0x0a, 0x1a, 0x69, 0x6f, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x70, 0x72,
+	0x6f, 0x78, 0x79, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x76, 0x32,
+	0x42, 0x08, 0x4c, 0x64, 0x73, 0x50, 0x72, 0x6f, 0x74, 0x6f, 0x50, 0x01, 0x88, 0x01, 0x01, 0xf2,
+	0x98, 0xfe, 0x8f, 0x05, 0x1b, 0x12, 0x19, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x73, 0x65, 0x72,
+	0x76, 0x69, 0x63, 0x65, 0x2e, 0x6c, 0x69, 0x73, 0x74, 0x65, 0x6e, 0x65, 0x72, 0x2e, 0x76, 0x33,
+	0xba, 0x80, 0xc8, 0xd1, 0x06, 0x02, 0x10, 0x01, 0x50, 0x05, 0x62, 0x06, 0x70, 0x72, 0x6f, 0x74,
+	0x6f, 0x33,
+}
+
+var (
+	file_envoy_api_v2_lds_proto_rawDescOnce sync.Once
+	file_envoy_api_v2_lds_proto_rawDescData = file_envoy_api_v2_lds_proto_rawDesc
+)
+
+func file_envoy_api_v2_lds_proto_rawDescGZIP() []byte {
+	file_envoy_api_v2_lds_proto_rawDescOnce.Do(func() {
+		file_envoy_api_v2_lds_proto_rawDescData = protoimpl.X.CompressGZIP(file_envoy_api_v2_lds_proto_rawDescData)
+	})
+	return file_envoy_api_v2_lds_proto_rawDescData
+}
+
+var file_envoy_api_v2_lds_proto_msgTypes = make([]protoimpl.MessageInfo, 1)
+var file_envoy_api_v2_lds_proto_goTypes = []interface{}{
+	(*LdsDummy)(nil),               // 0: envoy.api.v2.LdsDummy
+	(*DeltaDiscoveryRequest)(nil),  // 1: envoy.api.v2.DeltaDiscoveryRequest
+	(*DiscoveryRequest)(nil),       // 2: envoy.api.v2.DiscoveryRequest
+	(*DeltaDiscoveryResponse)(nil), // 3: envoy.api.v2.DeltaDiscoveryResponse
+	(*DiscoveryResponse)(nil),      // 4: envoy.api.v2.DiscoveryResponse
+}
+var file_envoy_api_v2_lds_proto_depIdxs = []int32{
+	1, // 0: envoy.api.v2.ListenerDiscoveryService.DeltaListeners:input_type -> envoy.api.v2.DeltaDiscoveryRequest
+	2, // 1: envoy.api.v2.ListenerDiscoveryService.StreamListeners:input_type -> envoy.api.v2.DiscoveryRequest
+	2, // 2: envoy.api.v2.ListenerDiscoveryService.FetchListeners:input_type -> envoy.api.v2.DiscoveryRequest
+	3, // 3: envoy.api.v2.ListenerDiscoveryService.DeltaListeners:output_type -> envoy.api.v2.DeltaDiscoveryResponse
+	4, // 4: envoy.api.v2.ListenerDiscoveryService.StreamListeners:output_type -> envoy.api.v2.DiscoveryResponse
+	4, // 5: envoy.api.v2.ListenerDiscoveryService.FetchListeners:output_type -> envoy.api.v2.DiscoveryResponse
+	3, // [3:6] is the sub-list for method output_type
+	0, // [0:3] is the sub-list for method input_type
+	0, // [0:0] is the sub-list for extension type_name
+	0, // [0:0] is the sub-list for extension extendee
+	0, // [0:0] is the sub-list for field type_name
+}
+
+func init() { file_envoy_api_v2_lds_proto_init() }
+func file_envoy_api_v2_lds_proto_init() {
+	if File_envoy_api_v2_lds_proto != nil {
+		return
+	}
+	file_envoy_api_v2_discovery_proto_init()
+	file_envoy_api_v2_listener_proto_init()
+	if !protoimpl.UnsafeEnabled {
+		file_envoy_api_v2_lds_proto_msgTypes[0].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*LdsDummy); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+	}
+	type x struct{}
+	out := protoimpl.TypeBuilder{
+		File: protoimpl.DescBuilder{
+			GoPackagePath: reflect.TypeOf(x{}).PkgPath(),
+			RawDescriptor: file_envoy_api_v2_lds_proto_rawDesc,
+			NumEnums:      0,
+			NumMessages:   1,
+			NumExtensions: 0,
+			NumServices:   1,
+		},
+		GoTypes:           file_envoy_api_v2_lds_proto_goTypes,
+		DependencyIndexes: file_envoy_api_v2_lds_proto_depIdxs,
+		MessageInfos:      file_envoy_api_v2_lds_proto_msgTypes,
+	}.Build()
+	File_envoy_api_v2_lds_proto = out.File
+	file_envoy_api_v2_lds_proto_rawDesc = nil
+	file_envoy_api_v2_lds_proto_goTypes = nil
+	file_envoy_api_v2_lds_proto_depIdxs = nil
+}
+
+// Reference imports to suppress errors if they are not otherwise used.
+var _ context.Context
+var _ grpc.ClientConnInterface
+
+// This is a compile-time assertion to ensure that this generated file
+// is compatible with the grpc package it is being compiled against.
+const _ = grpc.SupportPackageIsVersion6
+
+// ListenerDiscoveryServiceClient is the client API for ListenerDiscoveryService service.
+//
+// For semantics around ctx use and closing/ending streaming RPCs, please refer to https://godoc.org/google.golang.org/grpc#ClientConn.NewStream.
+type ListenerDiscoveryServiceClient interface {
+	DeltaListeners(ctx context.Context, opts ...grpc.CallOption) (ListenerDiscoveryService_DeltaListenersClient, error)
+	StreamListeners(ctx context.Context, opts ...grpc.CallOption) (ListenerDiscoveryService_StreamListenersClient, error)
+	FetchListeners(ctx context.Context, in *DiscoveryRequest, opts ...grpc.CallOption) (*DiscoveryResponse, error)
+}
+
+type listenerDiscoveryServiceClient struct {
+	cc grpc.ClientConnInterface
+}
+
+func NewListenerDiscoveryServiceClient(cc grpc.ClientConnInterface) ListenerDiscoveryServiceClient {
+	return &listenerDiscoveryServiceClient{cc}
+}
+
+func (c *listenerDiscoveryServiceClient) DeltaListeners(ctx context.Context, opts ...grpc.CallOption) (ListenerDiscoveryService_DeltaListenersClient, error) {
+	stream, err := c.cc.NewStream(ctx, &_ListenerDiscoveryService_serviceDesc.Streams[0], "/envoy.api.v2.ListenerDiscoveryService/DeltaListeners", opts...)
+	if err != nil {
+		return nil, err
+	}
+	x := &listenerDiscoveryServiceDeltaListenersClient{stream}
+	return x, nil
+}
+
+type ListenerDiscoveryService_DeltaListenersClient interface {
+	Send(*DeltaDiscoveryRequest) error
+	Recv() (*DeltaDiscoveryResponse, error)
+	grpc.ClientStream
+}
+
+type listenerDiscoveryServiceDeltaListenersClient struct {
+	grpc.ClientStream
+}
+
+func (x *listenerDiscoveryServiceDeltaListenersClient) Send(m *DeltaDiscoveryRequest) error {
+	return x.ClientStream.SendMsg(m)
+}
+
+func (x *listenerDiscoveryServiceDeltaListenersClient) Recv() (*DeltaDiscoveryResponse, error) {
+	m := new(DeltaDiscoveryResponse)
+	if err := x.ClientStream.RecvMsg(m); err != nil {
+		return nil, err
+	}
+	return m, nil
+}
+
+func (c *listenerDiscoveryServiceClient) StreamListeners(ctx context.Context, opts ...grpc.CallOption) (ListenerDiscoveryService_StreamListenersClient, error) {
+	stream, err := c.cc.NewStream(ctx, &_ListenerDiscoveryService_serviceDesc.Streams[1], "/envoy.api.v2.ListenerDiscoveryService/StreamListeners", opts...)
+	if err != nil {
+		return nil, err
+	}
+	x := &listenerDiscoveryServiceStreamListenersClient{stream}
+	return x, nil
+}
+
+type ListenerDiscoveryService_StreamListenersClient interface {
+	Send(*DiscoveryRequest) error
+	Recv() (*DiscoveryResponse, error)
+	grpc.ClientStream
+}
+
+type listenerDiscoveryServiceStreamListenersClient struct {
+	grpc.ClientStream
+}
+
+func (x *listenerDiscoveryServiceStreamListenersClient) Send(m *DiscoveryRequest) error {
+	return x.ClientStream.SendMsg(m)
+}
+
+func (x *listenerDiscoveryServiceStreamListenersClient) Recv() (*DiscoveryResponse, error) {
+	m := new(DiscoveryResponse)
+	if err := x.ClientStream.RecvMsg(m); err != nil {
+		return nil, err
+	}
+	return m, nil
+}
+
+func (c *listenerDiscoveryServiceClient) FetchListeners(ctx context.Context, in *DiscoveryRequest, opts ...grpc.CallOption) (*DiscoveryResponse, error) {
+	out := new(DiscoveryResponse)
+	err := c.cc.Invoke(ctx, "/envoy.api.v2.ListenerDiscoveryService/FetchListeners", in, out, opts...)
+	if err != nil {
+		return nil, err
+	}
+	return out, nil
+}
+
+// ListenerDiscoveryServiceServer is the server API for ListenerDiscoveryService service.
+type ListenerDiscoveryServiceServer interface {
+	DeltaListeners(ListenerDiscoveryService_DeltaListenersServer) error
+	StreamListeners(ListenerDiscoveryService_StreamListenersServer) error
+	FetchListeners(context.Context, *DiscoveryRequest) (*DiscoveryResponse, error)
+}
+
+// UnimplementedListenerDiscoveryServiceServer can be embedded to have forward compatible implementations.
+type UnimplementedListenerDiscoveryServiceServer struct {
+}
+
+func (*UnimplementedListenerDiscoveryServiceServer) DeltaListeners(ListenerDiscoveryService_DeltaListenersServer) error {
+	return status.Errorf(codes.Unimplemented, "method DeltaListeners not implemented")
+}
+func (*UnimplementedListenerDiscoveryServiceServer) StreamListeners(ListenerDiscoveryService_StreamListenersServer) error {
+	return status.Errorf(codes.Unimplemented, "method StreamListeners not implemented")
+}
+func (*UnimplementedListenerDiscoveryServiceServer) FetchListeners(context.Context, *DiscoveryRequest) (*DiscoveryResponse, error) {
+	return nil, status.Errorf(codes.Unimplemented, "method FetchListeners not implemented")
+}
+
+func RegisterListenerDiscoveryServiceServer(s *grpc.Server, srv ListenerDiscoveryServiceServer) {
+	s.RegisterService(&_ListenerDiscoveryService_serviceDesc, srv)
+}
+
+func _ListenerDiscoveryService_DeltaListeners_Handler(srv interface{}, stream grpc.ServerStream) error {
+	return srv.(ListenerDiscoveryServiceServer).DeltaListeners(&listenerDiscoveryServiceDeltaListenersServer{stream})
+}
+
+type ListenerDiscoveryService_DeltaListenersServer interface {
+	Send(*DeltaDiscoveryResponse) error
+	Recv() (*DeltaDiscoveryRequest, error)
+	grpc.ServerStream
+}
+
+type listenerDiscoveryServiceDeltaListenersServer struct {
+	grpc.ServerStream
+}
+
+func (x *listenerDiscoveryServiceDeltaListenersServer) Send(m *DeltaDiscoveryResponse) error {
+	return x.ServerStream.SendMsg(m)
+}
+
+func (x *listenerDiscoveryServiceDeltaListenersServer) Recv() (*DeltaDiscoveryRequest, error) {
+	m := new(DeltaDiscoveryRequest)
+	if err := x.ServerStream.RecvMsg(m); err != nil {
+		return nil, err
+	}
+	return m, nil
+}
+
+func _ListenerDiscoveryService_StreamListeners_Handler(srv interface{}, stream grpc.ServerStream) error {
+	return srv.(ListenerDiscoveryServiceServer).StreamListeners(&listenerDiscoveryServiceStreamListenersServer{stream})
+}
+
+type ListenerDiscoveryService_StreamListenersServer interface {
+	Send(*DiscoveryResponse) error
+	Recv() (*DiscoveryRequest, error)
+	grpc.ServerStream
+}
+
+type listenerDiscoveryServiceStreamListenersServer struct {
+	grpc.ServerStream
+}
+
+func (x *listenerDiscoveryServiceStreamListenersServer) Send(m *DiscoveryResponse) error {
+	return x.ServerStream.SendMsg(m)
+}
+
+func (x *listenerDiscoveryServiceStreamListenersServer) Recv() (*DiscoveryRequest, error) {
+	m := new(DiscoveryRequest)
+	if err := x.ServerStream.RecvMsg(m); err != nil {
+		return nil, err
+	}
+	return m, nil
+}
+
+func _ListenerDiscoveryService_FetchListeners_Handler(srv interface{}, ctx context.Context, dec func(interface{}) error, interceptor grpc.UnaryServerInterceptor) (interface{}, error) {
+	in := new(DiscoveryRequest)
+	if err := dec(in); err != nil {
+		return nil, err
+	}
+	if interceptor == nil {
+		return srv.(ListenerDiscoveryServiceServer).FetchListeners(ctx, in)
+	}
+	info := &grpc.UnaryServerInfo{
+		Server:     srv,
+		FullMethod: "/envoy.api.v2.ListenerDiscoveryService/FetchListeners",
+	}
+	handler := func(ctx context.Context, req interface{}) (interface{}, error) {
+		return srv.(ListenerDiscoveryServiceServer).FetchListeners(ctx, req.(*DiscoveryRequest))
+	}
+	return interceptor(ctx, in, info, handler)
+}
+
+var _ListenerDiscoveryService_serviceDesc = grpc.ServiceDesc{
+	ServiceName: "envoy.api.v2.ListenerDiscoveryService",
+	HandlerType: (*ListenerDiscoveryServiceServer)(nil),
+	Methods: []grpc.MethodDesc{
+		{
+			MethodName: "FetchListeners",
+			Handler:    _ListenerDiscoveryService_FetchListeners_Handler,
+		},
+	},
+	Streams: []grpc.StreamDesc{
+		{
+			StreamName:    "DeltaListeners",
+			Handler:       _ListenerDiscoveryService_DeltaListeners_Handler,
+			ServerStreams: true,
+			ClientStreams: true,
+		},
+		{
+			StreamName:    "StreamListeners",
+			Handler:       _ListenerDiscoveryService_StreamListeners_Handler,
+			ServerStreams: true,
+			ClientStreams: true,
+		},
+	},
+	Metadata: "envoy/api/v2/lds.proto",
+}
diff --git a/vendor/github.com/envoyproxy/go-control-plane/envoy/api/v2/lds.pb.validate.go b/vendor/github.com/envoyproxy/go-control-plane/envoy/api/v2/lds.pb.validate.go
new file mode 100644
index 00000000000..d6dc51e57a5
--- /dev/null
+++ b/vendor/github.com/envoyproxy/go-control-plane/envoy/api/v2/lds.pb.validate.go
@@ -0,0 +1,134 @@
+// Code generated by protoc-gen-validate. DO NOT EDIT.
+// source: envoy/api/v2/lds.proto
+
+package envoy_api_v2
+
+import (
+	"bytes"
+	"errors"
+	"fmt"
+	"net"
+	"net/mail"
+	"net/url"
+	"regexp"
+	"sort"
+	"strings"
+	"time"
+	"unicode/utf8"
+
+	"google.golang.org/protobuf/types/known/anypb"
+)
+
+// ensure the imports are used
+var (
+	_ = bytes.MinRead
+	_ = errors.New("")
+	_ = fmt.Print
+	_ = utf8.UTFMax
+	_ = (*regexp.Regexp)(nil)
+	_ = (*strings.Reader)(nil)
+	_ = net.IPv4len
+	_ = time.Duration(0)
+	_ = (*url.URL)(nil)
+	_ = (*mail.Address)(nil)
+	_ = anypb.Any{}
+	_ = sort.Sort
+)
+
+// Validate checks the field values on LdsDummy with the rules defined in the
+// proto definition for this message. If any rules are violated, the first
+// error encountered is returned, or nil if there are no violations.
+func (m *LdsDummy) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on LdsDummy with the rules defined in
+// the proto definition for this message. If any rules are violated, the
+// result is a list of violation errors wrapped in LdsDummyMultiError, or nil
+// if none found.
+func (m *LdsDummy) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *LdsDummy) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	if len(errors) > 0 {
+		return LdsDummyMultiError(errors)
+	}
+	return nil
+}
+
+// LdsDummyMultiError is an error wrapping multiple validation errors returned
+// by LdsDummy.ValidateAll() if the designated constraints aren't met.
+type LdsDummyMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m LdsDummyMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m LdsDummyMultiError) AllErrors() []error { return m }
+
+// LdsDummyValidationError is the validation error returned by
+// LdsDummy.Validate if the designated constraints aren't met.
+type LdsDummyValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e LdsDummyValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e LdsDummyValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e LdsDummyValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e LdsDummyValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e LdsDummyValidationError) ErrorName() string { return "LdsDummyValidationError" }
+
+// Error satisfies the builtin error interface
+func (e LdsDummyValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sLdsDummy.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = LdsDummyValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = LdsDummyValidationError{}
diff --git a/vendor/github.com/envoyproxy/go-control-plane/envoy/api/v2/listener.pb.go b/vendor/github.com/envoyproxy/go-control-plane/envoy/api/v2/listener.pb.go
new file mode 100644
index 00000000000..a1f8c386af6
--- /dev/null
+++ b/vendor/github.com/envoyproxy/go-control-plane/envoy/api/v2/listener.pb.go
@@ -0,0 +1,892 @@
+// Code generated by protoc-gen-go. DO NOT EDIT.
+// versions:
+// 	protoc-gen-go v1.25.0
+// 	protoc        v3.19.1
+// source: envoy/api/v2/listener.proto
+
+package envoy_api_v2
+
+import (
+	_ "github.com/cncf/xds/go/udpa/annotations"
+	core "github.com/envoyproxy/go-control-plane/envoy/api/v2/core"
+	listener "github.com/envoyproxy/go-control-plane/envoy/api/v2/listener"
+	v21 "github.com/envoyproxy/go-control-plane/envoy/config/filter/accesslog/v2"
+	v2 "github.com/envoyproxy/go-control-plane/envoy/config/listener/v2"
+	_ "github.com/envoyproxy/protoc-gen-validate/validate"
+	proto "github.com/golang/protobuf/proto"
+	duration "github.com/golang/protobuf/ptypes/duration"
+	wrappers "github.com/golang/protobuf/ptypes/wrappers"
+	protoreflect "google.golang.org/protobuf/reflect/protoreflect"
+	protoimpl "google.golang.org/protobuf/runtime/protoimpl"
+	reflect "reflect"
+	sync "sync"
+)
+
+const (
+	// Verify that this generated code is sufficiently up-to-date.
+	_ = protoimpl.EnforceVersion(20 - protoimpl.MinVersion)
+	// Verify that runtime/protoimpl is sufficiently up-to-date.
+	_ = protoimpl.EnforceVersion(protoimpl.MaxVersion - 20)
+)
+
+// This is a compile-time assertion that a sufficiently up-to-date version
+// of the legacy proto package is being used.
+const _ = proto.ProtoPackageIsVersion4
+
+type Listener_DrainType int32
+
+const (
+	// Drain in response to calling /healthcheck/fail admin endpoint (along with the health check
+	// filter), listener removal/modification, and hot restart.
+	Listener_DEFAULT Listener_DrainType = 0
+	// Drain in response to listener removal/modification and hot restart. This setting does not
+	// include /healthcheck/fail. This setting may be desirable if Envoy is hosting both ingress
+	// and egress listeners.
+	Listener_MODIFY_ONLY Listener_DrainType = 1
+)
+
+// Enum value maps for Listener_DrainType.
+var (
+	Listener_DrainType_name = map[int32]string{
+		0: "DEFAULT",
+		1: "MODIFY_ONLY",
+	}
+	Listener_DrainType_value = map[string]int32{
+		"DEFAULT":     0,
+		"MODIFY_ONLY": 1,
+	}
+)
+
+func (x Listener_DrainType) Enum() *Listener_DrainType {
+	p := new(Listener_DrainType)
+	*p = x
+	return p
+}
+
+func (x Listener_DrainType) String() string {
+	return protoimpl.X.EnumStringOf(x.Descriptor(), protoreflect.EnumNumber(x))
+}
+
+func (Listener_DrainType) Descriptor() protoreflect.EnumDescriptor {
+	return file_envoy_api_v2_listener_proto_enumTypes[0].Descriptor()
+}
+
+func (Listener_DrainType) Type() protoreflect.EnumType {
+	return &file_envoy_api_v2_listener_proto_enumTypes[0]
+}
+
+func (x Listener_DrainType) Number() protoreflect.EnumNumber {
+	return protoreflect.EnumNumber(x)
+}
+
+// Deprecated: Use Listener_DrainType.Descriptor instead.
+func (Listener_DrainType) EnumDescriptor() ([]byte, []int) {
+	return file_envoy_api_v2_listener_proto_rawDescGZIP(), []int{0, 0}
+}
+
+// [#next-free-field: 23]
+type Listener struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// The unique name by which this listener is known. If no name is provided,
+	// Envoy will allocate an internal UUID for the listener. If the listener is to be dynamically
+	// updated or removed via :ref:`LDS <config_listeners_lds>` a unique name must be provided.
+	Name string `protobuf:"bytes,1,opt,name=name,proto3" json:"name,omitempty"`
+	// The address that the listener should listen on. In general, the address must be unique, though
+	// that is governed by the bind rules of the OS. E.g., multiple listeners can listen on port 0 on
+	// Linux as the actual port will be allocated by the OS.
+	Address *core.Address `protobuf:"bytes,2,opt,name=address,proto3" json:"address,omitempty"`
+	// A list of filter chains to consider for this listener. The
+	// :ref:`FilterChain <envoy_api_msg_listener.FilterChain>` with the most specific
+	// :ref:`FilterChainMatch <envoy_api_msg_listener.FilterChainMatch>` criteria is used on a
+	// connection.
+	//
+	// Example using SNI for filter chain selection can be found in the
+	// :ref:`FAQ entry <faq_how_to_setup_sni>`.
+	FilterChains []*listener.FilterChain `protobuf:"bytes,3,rep,name=filter_chains,json=filterChains,proto3" json:"filter_chains,omitempty"`
+	// If a connection is redirected using *iptables*, the port on which the proxy
+	// receives it might be different from the original destination address. When this flag is set to
+	// true, the listener hands off redirected connections to the listener associated with the
+	// original destination address. If there is no listener associated with the original destination
+	// address, the connection is handled by the listener that receives it. Defaults to false.
+	//
+	// .. attention::
+	//
+	//   This field is deprecated. Use :ref:`an original_dst <config_listener_filters_original_dst>`
+	//   :ref:`listener filter <envoy_api_field_Listener.listener_filters>` instead.
+	//
+	//   Note that hand off to another listener is *NOT* performed without this flag. Once
+	//   :ref:`FilterChainMatch <envoy_api_msg_listener.FilterChainMatch>` is implemented this flag
+	//   will be removed, as filter chain matching can be used to select a filter chain based on the
+	//   restored destination address.
+	//
+	// Deprecated: Do not use.
+	UseOriginalDst *wrappers.BoolValue `protobuf:"bytes,4,opt,name=use_original_dst,json=useOriginalDst,proto3" json:"use_original_dst,omitempty"`
+	// Soft limit on size of the listener’s new connection read and write buffers.
+	// If unspecified, an implementation defined default is applied (1MiB).
+	PerConnectionBufferLimitBytes *wrappers.UInt32Value `protobuf:"bytes,5,opt,name=per_connection_buffer_limit_bytes,json=perConnectionBufferLimitBytes,proto3" json:"per_connection_buffer_limit_bytes,omitempty"`
+	// Listener metadata.
+	Metadata *core.Metadata `protobuf:"bytes,6,opt,name=metadata,proto3" json:"metadata,omitempty"`
+	// [#not-implemented-hide:]
+	DeprecatedV1 *Listener_DeprecatedV1 `protobuf:"bytes,7,opt,name=deprecated_v1,json=deprecatedV1,proto3" json:"deprecated_v1,omitempty"`
+	// The type of draining to perform at a listener-wide level.
+	DrainType Listener_DrainType `protobuf:"varint,8,opt,name=drain_type,json=drainType,proto3,enum=envoy.api.v2.Listener_DrainType" json:"drain_type,omitempty"`
+	// Listener filters have the opportunity to manipulate and augment the connection metadata that
+	// is used in connection filter chain matching, for example. These filters are run before any in
+	// :ref:`filter_chains <envoy_api_field_Listener.filter_chains>`. Order matters as the
+	// filters are processed sequentially right after a socket has been accepted by the listener, and
+	// before a connection is created.
+	// UDP Listener filters can be specified when the protocol in the listener socket address in
+	// :ref:`protocol <envoy_api_field_core.SocketAddress.protocol>` is :ref:`UDP
+	// <envoy_api_enum_value_core.SocketAddress.Protocol.UDP>`.
+	// UDP listeners currently support a single filter.
+	ListenerFilters []*listener.ListenerFilter `protobuf:"bytes,9,rep,name=listener_filters,json=listenerFilters,proto3" json:"listener_filters,omitempty"`
+	// The timeout to wait for all listener filters to complete operation. If the timeout is reached,
+	// the accepted socket is closed without a connection being created unless
+	// `continue_on_listener_filters_timeout` is set to true. Specify 0 to disable the
+	// timeout. If not specified, a default timeout of 15s is used.
+	ListenerFiltersTimeout *duration.Duration `protobuf:"bytes,15,opt,name=listener_filters_timeout,json=listenerFiltersTimeout,proto3" json:"listener_filters_timeout,omitempty"`
+	// Whether a connection should be created when listener filters timeout. Default is false.
+	//
+	// .. attention::
+	//
+	//   Some listener filters, such as :ref:`Proxy Protocol filter
+	//   <config_listener_filters_proxy_protocol>`, should not be used with this option. It will cause
+	//   unexpected behavior when a connection is created.
+	ContinueOnListenerFiltersTimeout bool `protobuf:"varint,17,opt,name=continue_on_listener_filters_timeout,json=continueOnListenerFiltersTimeout,proto3" json:"continue_on_listener_filters_timeout,omitempty"`
+	// Whether the listener should be set as a transparent socket.
+	// When this flag is set to true, connections can be redirected to the listener using an
+	// *iptables* *TPROXY* target, in which case the original source and destination addresses and
+	// ports are preserved on accepted connections. This flag should be used in combination with
+	// :ref:`an original_dst <config_listener_filters_original_dst>` :ref:`listener filter
+	// <envoy_api_field_Listener.listener_filters>` to mark the connections' local addresses as
+	// "restored." This can be used to hand off each redirected connection to another listener
+	// associated with the connection's destination address. Direct connections to the socket without
+	// using *TPROXY* cannot be distinguished from connections redirected using *TPROXY* and are
+	// therefore treated as if they were redirected.
+	// When this flag is set to false, the listener's socket is explicitly reset as non-transparent.
+	// Setting this flag requires Envoy to run with the *CAP_NET_ADMIN* capability.
+	// When this flag is not set (default), the socket is not modified, i.e. the transparent option
+	// is neither set nor reset.
+	Transparent *wrappers.BoolValue `protobuf:"bytes,10,opt,name=transparent,proto3" json:"transparent,omitempty"`
+	// Whether the listener should set the *IP_FREEBIND* socket option. When this
+	// flag is set to true, listeners can be bound to an IP address that is not
+	// configured on the system running Envoy. When this flag is set to false, the
+	// option *IP_FREEBIND* is disabled on the socket. When this flag is not set
+	// (default), the socket is not modified, i.e. the option is neither enabled
+	// nor disabled.
+	Freebind *wrappers.BoolValue `protobuf:"bytes,11,opt,name=freebind,proto3" json:"freebind,omitempty"`
+	// Additional socket options that may not be present in Envoy source code or
+	// precompiled binaries.
+	SocketOptions []*core.SocketOption `protobuf:"bytes,13,rep,name=socket_options,json=socketOptions,proto3" json:"socket_options,omitempty"`
+	// Whether the listener should accept TCP Fast Open (TFO) connections.
+	// When this flag is set to a value greater than 0, the option TCP_FASTOPEN is enabled on
+	// the socket, with a queue length of the specified size
+	// (see `details in RFC7413 <https://tools.ietf.org/html/rfc7413#section-5.1>`_).
+	// When this flag is set to 0, the option TCP_FASTOPEN is disabled on the socket.
+	// When this flag is not set (default), the socket is not modified,
+	// i.e. the option is neither enabled nor disabled.
+	//
+	// On Linux, the net.ipv4.tcp_fastopen kernel parameter must include flag 0x2 to enable
+	// TCP_FASTOPEN.
+	// See `ip-sysctl.txt <https://www.kernel.org/doc/Documentation/networking/ip-sysctl.txt>`_.
+	//
+	// On macOS, only values of 0, 1, and unset are valid; other values may result in an error.
+	// To set the queue length on macOS, set the net.inet.tcp.fastopen_backlog kernel parameter.
+	TcpFastOpenQueueLength *wrappers.UInt32Value `protobuf:"bytes,12,opt,name=tcp_fast_open_queue_length,json=tcpFastOpenQueueLength,proto3" json:"tcp_fast_open_queue_length,omitempty"`
+	// Specifies the intended direction of the traffic relative to the local Envoy.
+	// This property is required on Windows for listeners using the original destination filter,
+	// see :ref:`Original Destination <config_listener_filters_original_dst>`.
+	TrafficDirection core.TrafficDirection `protobuf:"varint,16,opt,name=traffic_direction,json=trafficDirection,proto3,enum=envoy.api.v2.core.TrafficDirection" json:"traffic_direction,omitempty"`
+	// If the protocol in the listener socket address in :ref:`protocol
+	// <envoy_api_field_core.SocketAddress.protocol>` is :ref:`UDP
+	// <envoy_api_enum_value_core.SocketAddress.Protocol.UDP>`, this field specifies the actual udp
+	// listener to create, i.e. :ref:`udp_listener_name
+	// <envoy_api_field_listener.UdpListenerConfig.udp_listener_name>` = "raw_udp_listener" for
+	// creating a packet-oriented UDP listener. If not present, treat it as "raw_udp_listener".
+	UdpListenerConfig *listener.UdpListenerConfig `protobuf:"bytes,18,opt,name=udp_listener_config,json=udpListenerConfig,proto3" json:"udp_listener_config,omitempty"`
+	// Used to represent an API listener, which is used in non-proxy clients. The type of API
+	// exposed to the non-proxy application depends on the type of API listener.
+	// When this field is set, no other field except for :ref:`name<envoy_api_field_Listener.name>`
+	// should be set.
+	//
+	// .. note::
+	//
+	//  Currently only one ApiListener can be installed; and it can only be done via bootstrap config,
+	//  not LDS.
+	//
+	// [#next-major-version: In the v3 API, instead of this messy approach where the socket
+	// listener fields are directly in the top-level Listener message and the API listener types
+	// are in the ApiListener message, the socket listener messages should be in their own message,
+	// and the top-level Listener should essentially be a oneof that selects between the
+	// socket listener and the various types of API listener. That way, a given Listener message
+	// can structurally only contain the fields of the relevant type.]
+	ApiListener *v2.ApiListener `protobuf:"bytes,19,opt,name=api_listener,json=apiListener,proto3" json:"api_listener,omitempty"`
+	// The listener's connection balancer configuration, currently only applicable to TCP listeners.
+	// If no configuration is specified, Envoy will not attempt to balance active connections between
+	// worker threads.
+	ConnectionBalanceConfig *Listener_ConnectionBalanceConfig `protobuf:"bytes,20,opt,name=connection_balance_config,json=connectionBalanceConfig,proto3" json:"connection_balance_config,omitempty"`
+	// When this flag is set to true, listeners set the *SO_REUSEPORT* socket option and
+	// create one socket for each worker thread. This makes inbound connections
+	// distribute among worker threads roughly evenly in cases where there are a high number
+	// of connections. When this flag is set to false, all worker threads share one socket.
+	//
+	// Before Linux v4.19-rc1, new TCP connections may be rejected during hot restart
+	// (see `3rd paragraph in 'soreuseport' commit message
+	// <https://github.com/torvalds/linux/commit/c617f398edd4db2b8567a28e89>`_).
+	// This issue was fixed by `tcp: Avoid TCP syncookie rejected by SO_REUSEPORT socket
+	// <https://github.com/torvalds/linux/commit/40a1227ea845a37ab197dd1caffb60b047fa36b1>`_.
+	ReusePort bool `protobuf:"varint,21,opt,name=reuse_port,json=reusePort,proto3" json:"reuse_port,omitempty"`
+	// Configuration for :ref:`access logs <arch_overview_access_logs>`
+	// emitted by this listener.
+	AccessLog []*v21.AccessLog `protobuf:"bytes,22,rep,name=access_log,json=accessLog,proto3" json:"access_log,omitempty"`
+}
+
+func (x *Listener) Reset() {
+	*x = Listener{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_api_v2_listener_proto_msgTypes[0]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *Listener) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*Listener) ProtoMessage() {}
+
+func (x *Listener) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_api_v2_listener_proto_msgTypes[0]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use Listener.ProtoReflect.Descriptor instead.
+func (*Listener) Descriptor() ([]byte, []int) {
+	return file_envoy_api_v2_listener_proto_rawDescGZIP(), []int{0}
+}
+
+func (x *Listener) GetName() string {
+	if x != nil {
+		return x.Name
+	}
+	return ""
+}
+
+func (x *Listener) GetAddress() *core.Address {
+	if x != nil {
+		return x.Address
+	}
+	return nil
+}
+
+func (x *Listener) GetFilterChains() []*listener.FilterChain {
+	if x != nil {
+		return x.FilterChains
+	}
+	return nil
+}
+
+// Deprecated: Do not use.
+func (x *Listener) GetUseOriginalDst() *wrappers.BoolValue {
+	if x != nil {
+		return x.UseOriginalDst
+	}
+	return nil
+}
+
+func (x *Listener) GetPerConnectionBufferLimitBytes() *wrappers.UInt32Value {
+	if x != nil {
+		return x.PerConnectionBufferLimitBytes
+	}
+	return nil
+}
+
+func (x *Listener) GetMetadata() *core.Metadata {
+	if x != nil {
+		return x.Metadata
+	}
+	return nil
+}
+
+func (x *Listener) GetDeprecatedV1() *Listener_DeprecatedV1 {
+	if x != nil {
+		return x.DeprecatedV1
+	}
+	return nil
+}
+
+func (x *Listener) GetDrainType() Listener_DrainType {
+	if x != nil {
+		return x.DrainType
+	}
+	return Listener_DEFAULT
+}
+
+func (x *Listener) GetListenerFilters() []*listener.ListenerFilter {
+	if x != nil {
+		return x.ListenerFilters
+	}
+	return nil
+}
+
+func (x *Listener) GetListenerFiltersTimeout() *duration.Duration {
+	if x != nil {
+		return x.ListenerFiltersTimeout
+	}
+	return nil
+}
+
+func (x *Listener) GetContinueOnListenerFiltersTimeout() bool {
+	if x != nil {
+		return x.ContinueOnListenerFiltersTimeout
+	}
+	return false
+}
+
+func (x *Listener) GetTransparent() *wrappers.BoolValue {
+	if x != nil {
+		return x.Transparent
+	}
+	return nil
+}
+
+func (x *Listener) GetFreebind() *wrappers.BoolValue {
+	if x != nil {
+		return x.Freebind
+	}
+	return nil
+}
+
+func (x *Listener) GetSocketOptions() []*core.SocketOption {
+	if x != nil {
+		return x.SocketOptions
+	}
+	return nil
+}
+
+func (x *Listener) GetTcpFastOpenQueueLength() *wrappers.UInt32Value {
+	if x != nil {
+		return x.TcpFastOpenQueueLength
+	}
+	return nil
+}
+
+func (x *Listener) GetTrafficDirection() core.TrafficDirection {
+	if x != nil {
+		return x.TrafficDirection
+	}
+	return core.TrafficDirection_UNSPECIFIED
+}
+
+func (x *Listener) GetUdpListenerConfig() *listener.UdpListenerConfig {
+	if x != nil {
+		return x.UdpListenerConfig
+	}
+	return nil
+}
+
+func (x *Listener) GetApiListener() *v2.ApiListener {
+	if x != nil {
+		return x.ApiListener
+	}
+	return nil
+}
+
+func (x *Listener) GetConnectionBalanceConfig() *Listener_ConnectionBalanceConfig {
+	if x != nil {
+		return x.ConnectionBalanceConfig
+	}
+	return nil
+}
+
+func (x *Listener) GetReusePort() bool {
+	if x != nil {
+		return x.ReusePort
+	}
+	return false
+}
+
+func (x *Listener) GetAccessLog() []*v21.AccessLog {
+	if x != nil {
+		return x.AccessLog
+	}
+	return nil
+}
+
+// [#not-implemented-hide:]
+type Listener_DeprecatedV1 struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// Whether the listener should bind to the port. A listener that doesn't
+	// bind can only receive connections redirected from other listeners that
+	// set use_original_dst parameter to true. Default is true.
+	//
+	// This is deprecated in v2, all Listeners will bind to their port. An
+	// additional filter chain must be created for every original destination
+	// port this listener may redirect to in v2, with the original port
+	// specified in the FilterChainMatch destination_port field.
+	//
+	// [#comment:TODO(PiotrSikora): Remove this once verified that we no longer need it.]
+	BindToPort *wrappers.BoolValue `protobuf:"bytes,1,opt,name=bind_to_port,json=bindToPort,proto3" json:"bind_to_port,omitempty"`
+}
+
+func (x *Listener_DeprecatedV1) Reset() {
+	*x = Listener_DeprecatedV1{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_api_v2_listener_proto_msgTypes[1]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *Listener_DeprecatedV1) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*Listener_DeprecatedV1) ProtoMessage() {}
+
+func (x *Listener_DeprecatedV1) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_api_v2_listener_proto_msgTypes[1]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use Listener_DeprecatedV1.ProtoReflect.Descriptor instead.
+func (*Listener_DeprecatedV1) Descriptor() ([]byte, []int) {
+	return file_envoy_api_v2_listener_proto_rawDescGZIP(), []int{0, 0}
+}
+
+func (x *Listener_DeprecatedV1) GetBindToPort() *wrappers.BoolValue {
+	if x != nil {
+		return x.BindToPort
+	}
+	return nil
+}
+
+// Configuration for listener connection balancing.
+type Listener_ConnectionBalanceConfig struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// Types that are assignable to BalanceType:
+	//	*Listener_ConnectionBalanceConfig_ExactBalance_
+	BalanceType isListener_ConnectionBalanceConfig_BalanceType `protobuf_oneof:"balance_type"`
+}
+
+func (x *Listener_ConnectionBalanceConfig) Reset() {
+	*x = Listener_ConnectionBalanceConfig{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_api_v2_listener_proto_msgTypes[2]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *Listener_ConnectionBalanceConfig) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*Listener_ConnectionBalanceConfig) ProtoMessage() {}
+
+func (x *Listener_ConnectionBalanceConfig) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_api_v2_listener_proto_msgTypes[2]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use Listener_ConnectionBalanceConfig.ProtoReflect.Descriptor instead.
+func (*Listener_ConnectionBalanceConfig) Descriptor() ([]byte, []int) {
+	return file_envoy_api_v2_listener_proto_rawDescGZIP(), []int{0, 1}
+}
+
+func (m *Listener_ConnectionBalanceConfig) GetBalanceType() isListener_ConnectionBalanceConfig_BalanceType {
+	if m != nil {
+		return m.BalanceType
+	}
+	return nil
+}
+
+func (x *Listener_ConnectionBalanceConfig) GetExactBalance() *Listener_ConnectionBalanceConfig_ExactBalance {
+	if x, ok := x.GetBalanceType().(*Listener_ConnectionBalanceConfig_ExactBalance_); ok {
+		return x.ExactBalance
+	}
+	return nil
+}
+
+type isListener_ConnectionBalanceConfig_BalanceType interface {
+	isListener_ConnectionBalanceConfig_BalanceType()
+}
+
+type Listener_ConnectionBalanceConfig_ExactBalance_ struct {
+	// If specified, the listener will use the exact connection balancer.
+	ExactBalance *Listener_ConnectionBalanceConfig_ExactBalance `protobuf:"bytes,1,opt,name=exact_balance,json=exactBalance,proto3,oneof"`
+}
+
+func (*Listener_ConnectionBalanceConfig_ExactBalance_) isListener_ConnectionBalanceConfig_BalanceType() {
+}
+
+// A connection balancer implementation that does exact balancing. This means that a lock is
+// held during balancing so that connection counts are nearly exactly balanced between worker
+// threads. This is "nearly" exact in the sense that a connection might close in parallel thus
+// making the counts incorrect, but this should be rectified on the next accept. This balancer
+// sacrifices accept throughput for accuracy and should be used when there are a small number of
+// connections that rarely cycle (e.g., service mesh gRPC egress).
+type Listener_ConnectionBalanceConfig_ExactBalance struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+}
+
+func (x *Listener_ConnectionBalanceConfig_ExactBalance) Reset() {
+	*x = Listener_ConnectionBalanceConfig_ExactBalance{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_api_v2_listener_proto_msgTypes[3]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *Listener_ConnectionBalanceConfig_ExactBalance) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*Listener_ConnectionBalanceConfig_ExactBalance) ProtoMessage() {}
+
+func (x *Listener_ConnectionBalanceConfig_ExactBalance) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_api_v2_listener_proto_msgTypes[3]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use Listener_ConnectionBalanceConfig_ExactBalance.ProtoReflect.Descriptor instead.
+func (*Listener_ConnectionBalanceConfig_ExactBalance) Descriptor() ([]byte, []int) {
+	return file_envoy_api_v2_listener_proto_rawDescGZIP(), []int{0, 1, 0}
+}
+
+var File_envoy_api_v2_listener_proto protoreflect.FileDescriptor
+
+var file_envoy_api_v2_listener_proto_rawDesc = []byte{
+	0x0a, 0x1b, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2f, 0x61, 0x70, 0x69, 0x2f, 0x76, 0x32, 0x2f, 0x6c,
+	0x69, 0x73, 0x74, 0x65, 0x6e, 0x65, 0x72, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x12, 0x0c, 0x65,
+	0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x76, 0x32, 0x1a, 0x1f, 0x65, 0x6e, 0x76,
+	0x6f, 0x79, 0x2f, 0x61, 0x70, 0x69, 0x2f, 0x76, 0x32, 0x2f, 0x63, 0x6f, 0x72, 0x65, 0x2f, 0x61,
+	0x64, 0x64, 0x72, 0x65, 0x73, 0x73, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x1c, 0x65, 0x6e,
+	0x76, 0x6f, 0x79, 0x2f, 0x61, 0x70, 0x69, 0x2f, 0x76, 0x32, 0x2f, 0x63, 0x6f, 0x72, 0x65, 0x2f,
+	0x62, 0x61, 0x73, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x25, 0x65, 0x6e, 0x76, 0x6f,
+	0x79, 0x2f, 0x61, 0x70, 0x69, 0x2f, 0x76, 0x32, 0x2f, 0x63, 0x6f, 0x72, 0x65, 0x2f, 0x73, 0x6f,
+	0x63, 0x6b, 0x65, 0x74, 0x5f, 0x6f, 0x70, 0x74, 0x69, 0x6f, 0x6e, 0x2e, 0x70, 0x72, 0x6f, 0x74,
+	0x6f, 0x1a, 0x2f, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2f, 0x61, 0x70, 0x69, 0x2f, 0x76, 0x32, 0x2f,
+	0x6c, 0x69, 0x73, 0x74, 0x65, 0x6e, 0x65, 0x72, 0x2f, 0x6c, 0x69, 0x73, 0x74, 0x65, 0x6e, 0x65,
+	0x72, 0x5f, 0x63, 0x6f, 0x6d, 0x70, 0x6f, 0x6e, 0x65, 0x6e, 0x74, 0x73, 0x2e, 0x70, 0x72, 0x6f,
+	0x74, 0x6f, 0x1a, 0x2f, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2f, 0x61, 0x70, 0x69, 0x2f, 0x76, 0x32,
+	0x2f, 0x6c, 0x69, 0x73, 0x74, 0x65, 0x6e, 0x65, 0x72, 0x2f, 0x75, 0x64, 0x70, 0x5f, 0x6c, 0x69,
+	0x73, 0x74, 0x65, 0x6e, 0x65, 0x72, 0x5f, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x70, 0x72,
+	0x6f, 0x74, 0x6f, 0x1a, 0x30, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2f, 0x63, 0x6f, 0x6e, 0x66, 0x69,
+	0x67, 0x2f, 0x66, 0x69, 0x6c, 0x74, 0x65, 0x72, 0x2f, 0x61, 0x63, 0x63, 0x65, 0x73, 0x73, 0x6c,
+	0x6f, 0x67, 0x2f, 0x76, 0x32, 0x2f, 0x61, 0x63, 0x63, 0x65, 0x73, 0x73, 0x6c, 0x6f, 0x67, 0x2e,
+	0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x2b, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2f, 0x63, 0x6f, 0x6e,
+	0x66, 0x69, 0x67, 0x2f, 0x6c, 0x69, 0x73, 0x74, 0x65, 0x6e, 0x65, 0x72, 0x2f, 0x76, 0x32, 0x2f,
+	0x61, 0x70, 0x69, 0x5f, 0x6c, 0x69, 0x73, 0x74, 0x65, 0x6e, 0x65, 0x72, 0x2e, 0x70, 0x72, 0x6f,
+	0x74, 0x6f, 0x1a, 0x1e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2f, 0x70, 0x72, 0x6f, 0x74, 0x6f,
+	0x62, 0x75, 0x66, 0x2f, 0x64, 0x75, 0x72, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x2e, 0x70, 0x72, 0x6f,
+	0x74, 0x6f, 0x1a, 0x1e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2f, 0x70, 0x72, 0x6f, 0x74, 0x6f,
+	0x62, 0x75, 0x66, 0x2f, 0x77, 0x72, 0x61, 0x70, 0x70, 0x65, 0x72, 0x73, 0x2e, 0x70, 0x72, 0x6f,
+	0x74, 0x6f, 0x1a, 0x1e, 0x75, 0x64, 0x70, 0x61, 0x2f, 0x61, 0x6e, 0x6e, 0x6f, 0x74, 0x61, 0x74,
+	0x69, 0x6f, 0x6e, 0x73, 0x2f, 0x6d, 0x69, 0x67, 0x72, 0x61, 0x74, 0x65, 0x2e, 0x70, 0x72, 0x6f,
+	0x74, 0x6f, 0x1a, 0x1d, 0x75, 0x64, 0x70, 0x61, 0x2f, 0x61, 0x6e, 0x6e, 0x6f, 0x74, 0x61, 0x74,
+	0x69, 0x6f, 0x6e, 0x73, 0x2f, 0x73, 0x74, 0x61, 0x74, 0x75, 0x73, 0x2e, 0x70, 0x72, 0x6f, 0x74,
+	0x6f, 0x1a, 0x17, 0x76, 0x61, 0x6c, 0x69, 0x64, 0x61, 0x74, 0x65, 0x2f, 0x76, 0x61, 0x6c, 0x69,
+	0x64, 0x61, 0x74, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x22, 0x9d, 0x0e, 0x0a, 0x08, 0x4c,
+	0x69, 0x73, 0x74, 0x65, 0x6e, 0x65, 0x72, 0x12, 0x12, 0x0a, 0x04, 0x6e, 0x61, 0x6d, 0x65, 0x18,
+	0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x04, 0x6e, 0x61, 0x6d, 0x65, 0x12, 0x3e, 0x0a, 0x07, 0x61,
+	0x64, 0x64, 0x72, 0x65, 0x73, 0x73, 0x18, 0x02, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1a, 0x2e, 0x65,
+	0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x76, 0x32, 0x2e, 0x63, 0x6f, 0x72, 0x65,
+	0x2e, 0x41, 0x64, 0x64, 0x72, 0x65, 0x73, 0x73, 0x42, 0x08, 0xfa, 0x42, 0x05, 0x8a, 0x01, 0x02,
+	0x10, 0x01, 0x52, 0x07, 0x61, 0x64, 0x64, 0x72, 0x65, 0x73, 0x73, 0x12, 0x47, 0x0a, 0x0d, 0x66,
+	0x69, 0x6c, 0x74, 0x65, 0x72, 0x5f, 0x63, 0x68, 0x61, 0x69, 0x6e, 0x73, 0x18, 0x03, 0x20, 0x03,
+	0x28, 0x0b, 0x32, 0x22, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x76,
+	0x32, 0x2e, 0x6c, 0x69, 0x73, 0x74, 0x65, 0x6e, 0x65, 0x72, 0x2e, 0x46, 0x69, 0x6c, 0x74, 0x65,
+	0x72, 0x43, 0x68, 0x61, 0x69, 0x6e, 0x52, 0x0c, 0x66, 0x69, 0x6c, 0x74, 0x65, 0x72, 0x43, 0x68,
+	0x61, 0x69, 0x6e, 0x73, 0x12, 0x48, 0x0a, 0x10, 0x75, 0x73, 0x65, 0x5f, 0x6f, 0x72, 0x69, 0x67,
+	0x69, 0x6e, 0x61, 0x6c, 0x5f, 0x64, 0x73, 0x74, 0x18, 0x04, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1a,
+	0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66,
+	0x2e, 0x42, 0x6f, 0x6f, 0x6c, 0x56, 0x61, 0x6c, 0x75, 0x65, 0x42, 0x02, 0x18, 0x01, 0x52, 0x0e,
+	0x75, 0x73, 0x65, 0x4f, 0x72, 0x69, 0x67, 0x69, 0x6e, 0x61, 0x6c, 0x44, 0x73, 0x74, 0x12, 0x66,
+	0x0a, 0x21, 0x70, 0x65, 0x72, 0x5f, 0x63, 0x6f, 0x6e, 0x6e, 0x65, 0x63, 0x74, 0x69, 0x6f, 0x6e,
+	0x5f, 0x62, 0x75, 0x66, 0x66, 0x65, 0x72, 0x5f, 0x6c, 0x69, 0x6d, 0x69, 0x74, 0x5f, 0x62, 0x79,
+	0x74, 0x65, 0x73, 0x18, 0x05, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1c, 0x2e, 0x67, 0x6f, 0x6f, 0x67,
+	0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x55, 0x49, 0x6e, 0x74,
+	0x33, 0x32, 0x56, 0x61, 0x6c, 0x75, 0x65, 0x52, 0x1d, 0x70, 0x65, 0x72, 0x43, 0x6f, 0x6e, 0x6e,
+	0x65, 0x63, 0x74, 0x69, 0x6f, 0x6e, 0x42, 0x75, 0x66, 0x66, 0x65, 0x72, 0x4c, 0x69, 0x6d, 0x69,
+	0x74, 0x42, 0x79, 0x74, 0x65, 0x73, 0x12, 0x37, 0x0a, 0x08, 0x6d, 0x65, 0x74, 0x61, 0x64, 0x61,
+	0x74, 0x61, 0x18, 0x06, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1b, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79,
+	0x2e, 0x61, 0x70, 0x69, 0x2e, 0x76, 0x32, 0x2e, 0x63, 0x6f, 0x72, 0x65, 0x2e, 0x4d, 0x65, 0x74,
+	0x61, 0x64, 0x61, 0x74, 0x61, 0x52, 0x08, 0x6d, 0x65, 0x74, 0x61, 0x64, 0x61, 0x74, 0x61, 0x12,
+	0x48, 0x0a, 0x0d, 0x64, 0x65, 0x70, 0x72, 0x65, 0x63, 0x61, 0x74, 0x65, 0x64, 0x5f, 0x76, 0x31,
+	0x18, 0x07, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x23, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61,
+	0x70, 0x69, 0x2e, 0x76, 0x32, 0x2e, 0x4c, 0x69, 0x73, 0x74, 0x65, 0x6e, 0x65, 0x72, 0x2e, 0x44,
+	0x65, 0x70, 0x72, 0x65, 0x63, 0x61, 0x74, 0x65, 0x64, 0x56, 0x31, 0x52, 0x0c, 0x64, 0x65, 0x70,
+	0x72, 0x65, 0x63, 0x61, 0x74, 0x65, 0x64, 0x56, 0x31, 0x12, 0x3f, 0x0a, 0x0a, 0x64, 0x72, 0x61,
+	0x69, 0x6e, 0x5f, 0x74, 0x79, 0x70, 0x65, 0x18, 0x08, 0x20, 0x01, 0x28, 0x0e, 0x32, 0x20, 0x2e,
+	0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x76, 0x32, 0x2e, 0x4c, 0x69, 0x73,
+	0x74, 0x65, 0x6e, 0x65, 0x72, 0x2e, 0x44, 0x72, 0x61, 0x69, 0x6e, 0x54, 0x79, 0x70, 0x65, 0x52,
+	0x09, 0x64, 0x72, 0x61, 0x69, 0x6e, 0x54, 0x79, 0x70, 0x65, 0x12, 0x50, 0x0a, 0x10, 0x6c, 0x69,
+	0x73, 0x74, 0x65, 0x6e, 0x65, 0x72, 0x5f, 0x66, 0x69, 0x6c, 0x74, 0x65, 0x72, 0x73, 0x18, 0x09,
+	0x20, 0x03, 0x28, 0x0b, 0x32, 0x25, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61, 0x70, 0x69,
+	0x2e, 0x76, 0x32, 0x2e, 0x6c, 0x69, 0x73, 0x74, 0x65, 0x6e, 0x65, 0x72, 0x2e, 0x4c, 0x69, 0x73,
+	0x74, 0x65, 0x6e, 0x65, 0x72, 0x46, 0x69, 0x6c, 0x74, 0x65, 0x72, 0x52, 0x0f, 0x6c, 0x69, 0x73,
+	0x74, 0x65, 0x6e, 0x65, 0x72, 0x46, 0x69, 0x6c, 0x74, 0x65, 0x72, 0x73, 0x12, 0x53, 0x0a, 0x18,
+	0x6c, 0x69, 0x73, 0x74, 0x65, 0x6e, 0x65, 0x72, 0x5f, 0x66, 0x69, 0x6c, 0x74, 0x65, 0x72, 0x73,
+	0x5f, 0x74, 0x69, 0x6d, 0x65, 0x6f, 0x75, 0x74, 0x18, 0x0f, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x19,
+	0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66,
+	0x2e, 0x44, 0x75, 0x72, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x52, 0x16, 0x6c, 0x69, 0x73, 0x74, 0x65,
+	0x6e, 0x65, 0x72, 0x46, 0x69, 0x6c, 0x74, 0x65, 0x72, 0x73, 0x54, 0x69, 0x6d, 0x65, 0x6f, 0x75,
+	0x74, 0x12, 0x4e, 0x0a, 0x24, 0x63, 0x6f, 0x6e, 0x74, 0x69, 0x6e, 0x75, 0x65, 0x5f, 0x6f, 0x6e,
+	0x5f, 0x6c, 0x69, 0x73, 0x74, 0x65, 0x6e, 0x65, 0x72, 0x5f, 0x66, 0x69, 0x6c, 0x74, 0x65, 0x72,
+	0x73, 0x5f, 0x74, 0x69, 0x6d, 0x65, 0x6f, 0x75, 0x74, 0x18, 0x11, 0x20, 0x01, 0x28, 0x08, 0x52,
+	0x20, 0x63, 0x6f, 0x6e, 0x74, 0x69, 0x6e, 0x75, 0x65, 0x4f, 0x6e, 0x4c, 0x69, 0x73, 0x74, 0x65,
+	0x6e, 0x65, 0x72, 0x46, 0x69, 0x6c, 0x74, 0x65, 0x72, 0x73, 0x54, 0x69, 0x6d, 0x65, 0x6f, 0x75,
+	0x74, 0x12, 0x3c, 0x0a, 0x0b, 0x74, 0x72, 0x61, 0x6e, 0x73, 0x70, 0x61, 0x72, 0x65, 0x6e, 0x74,
+	0x18, 0x0a, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1a, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e,
+	0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x42, 0x6f, 0x6f, 0x6c, 0x56, 0x61, 0x6c,
+	0x75, 0x65, 0x52, 0x0b, 0x74, 0x72, 0x61, 0x6e, 0x73, 0x70, 0x61, 0x72, 0x65, 0x6e, 0x74, 0x12,
+	0x36, 0x0a, 0x08, 0x66, 0x72, 0x65, 0x65, 0x62, 0x69, 0x6e, 0x64, 0x18, 0x0b, 0x20, 0x01, 0x28,
+	0x0b, 0x32, 0x1a, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f,
+	0x62, 0x75, 0x66, 0x2e, 0x42, 0x6f, 0x6f, 0x6c, 0x56, 0x61, 0x6c, 0x75, 0x65, 0x52, 0x08, 0x66,
+	0x72, 0x65, 0x65, 0x62, 0x69, 0x6e, 0x64, 0x12, 0x46, 0x0a, 0x0e, 0x73, 0x6f, 0x63, 0x6b, 0x65,
+	0x74, 0x5f, 0x6f, 0x70, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x18, 0x0d, 0x20, 0x03, 0x28, 0x0b, 0x32,
+	0x1f, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x76, 0x32, 0x2e, 0x63,
+	0x6f, 0x72, 0x65, 0x2e, 0x53, 0x6f, 0x63, 0x6b, 0x65, 0x74, 0x4f, 0x70, 0x74, 0x69, 0x6f, 0x6e,
+	0x52, 0x0d, 0x73, 0x6f, 0x63, 0x6b, 0x65, 0x74, 0x4f, 0x70, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x12,
+	0x58, 0x0a, 0x1a, 0x74, 0x63, 0x70, 0x5f, 0x66, 0x61, 0x73, 0x74, 0x5f, 0x6f, 0x70, 0x65, 0x6e,
+	0x5f, 0x71, 0x75, 0x65, 0x75, 0x65, 0x5f, 0x6c, 0x65, 0x6e, 0x67, 0x74, 0x68, 0x18, 0x0c, 0x20,
+	0x01, 0x28, 0x0b, 0x32, 0x1c, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f,
+	0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x55, 0x49, 0x6e, 0x74, 0x33, 0x32, 0x56, 0x61, 0x6c, 0x75,
+	0x65, 0x52, 0x16, 0x74, 0x63, 0x70, 0x46, 0x61, 0x73, 0x74, 0x4f, 0x70, 0x65, 0x6e, 0x51, 0x75,
+	0x65, 0x75, 0x65, 0x4c, 0x65, 0x6e, 0x67, 0x74, 0x68, 0x12, 0x50, 0x0a, 0x11, 0x74, 0x72, 0x61,
+	0x66, 0x66, 0x69, 0x63, 0x5f, 0x64, 0x69, 0x72, 0x65, 0x63, 0x74, 0x69, 0x6f, 0x6e, 0x18, 0x10,
+	0x20, 0x01, 0x28, 0x0e, 0x32, 0x23, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61, 0x70, 0x69,
+	0x2e, 0x76, 0x32, 0x2e, 0x63, 0x6f, 0x72, 0x65, 0x2e, 0x54, 0x72, 0x61, 0x66, 0x66, 0x69, 0x63,
+	0x44, 0x69, 0x72, 0x65, 0x63, 0x74, 0x69, 0x6f, 0x6e, 0x52, 0x10, 0x74, 0x72, 0x61, 0x66, 0x66,
+	0x69, 0x63, 0x44, 0x69, 0x72, 0x65, 0x63, 0x74, 0x69, 0x6f, 0x6e, 0x12, 0x58, 0x0a, 0x13, 0x75,
+	0x64, 0x70, 0x5f, 0x6c, 0x69, 0x73, 0x74, 0x65, 0x6e, 0x65, 0x72, 0x5f, 0x63, 0x6f, 0x6e, 0x66,
+	0x69, 0x67, 0x18, 0x12, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x28, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79,
+	0x2e, 0x61, 0x70, 0x69, 0x2e, 0x76, 0x32, 0x2e, 0x6c, 0x69, 0x73, 0x74, 0x65, 0x6e, 0x65, 0x72,
+	0x2e, 0x55, 0x64, 0x70, 0x4c, 0x69, 0x73, 0x74, 0x65, 0x6e, 0x65, 0x72, 0x43, 0x6f, 0x6e, 0x66,
+	0x69, 0x67, 0x52, 0x11, 0x75, 0x64, 0x70, 0x4c, 0x69, 0x73, 0x74, 0x65, 0x6e, 0x65, 0x72, 0x43,
+	0x6f, 0x6e, 0x66, 0x69, 0x67, 0x12, 0x48, 0x0a, 0x0c, 0x61, 0x70, 0x69, 0x5f, 0x6c, 0x69, 0x73,
+	0x74, 0x65, 0x6e, 0x65, 0x72, 0x18, 0x13, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x25, 0x2e, 0x65, 0x6e,
+	0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x6c, 0x69, 0x73, 0x74, 0x65,
+	0x6e, 0x65, 0x72, 0x2e, 0x76, 0x32, 0x2e, 0x41, 0x70, 0x69, 0x4c, 0x69, 0x73, 0x74, 0x65, 0x6e,
+	0x65, 0x72, 0x52, 0x0b, 0x61, 0x70, 0x69, 0x4c, 0x69, 0x73, 0x74, 0x65, 0x6e, 0x65, 0x72, 0x12,
+	0x6a, 0x0a, 0x19, 0x63, 0x6f, 0x6e, 0x6e, 0x65, 0x63, 0x74, 0x69, 0x6f, 0x6e, 0x5f, 0x62, 0x61,
+	0x6c, 0x61, 0x6e, 0x63, 0x65, 0x5f, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x18, 0x14, 0x20, 0x01,
+	0x28, 0x0b, 0x32, 0x2e, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x76,
+	0x32, 0x2e, 0x4c, 0x69, 0x73, 0x74, 0x65, 0x6e, 0x65, 0x72, 0x2e, 0x43, 0x6f, 0x6e, 0x6e, 0x65,
+	0x63, 0x74, 0x69, 0x6f, 0x6e, 0x42, 0x61, 0x6c, 0x61, 0x6e, 0x63, 0x65, 0x43, 0x6f, 0x6e, 0x66,
+	0x69, 0x67, 0x52, 0x17, 0x63, 0x6f, 0x6e, 0x6e, 0x65, 0x63, 0x74, 0x69, 0x6f, 0x6e, 0x42, 0x61,
+	0x6c, 0x61, 0x6e, 0x63, 0x65, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x12, 0x1d, 0x0a, 0x0a, 0x72,
+	0x65, 0x75, 0x73, 0x65, 0x5f, 0x70, 0x6f, 0x72, 0x74, 0x18, 0x15, 0x20, 0x01, 0x28, 0x08, 0x52,
+	0x09, 0x72, 0x65, 0x75, 0x73, 0x65, 0x50, 0x6f, 0x72, 0x74, 0x12, 0x4a, 0x0a, 0x0a, 0x61, 0x63,
+	0x63, 0x65, 0x73, 0x73, 0x5f, 0x6c, 0x6f, 0x67, 0x18, 0x16, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x2b,
+	0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x66, 0x69,
+	0x6c, 0x74, 0x65, 0x72, 0x2e, 0x61, 0x63, 0x63, 0x65, 0x73, 0x73, 0x6c, 0x6f, 0x67, 0x2e, 0x76,
+	0x32, 0x2e, 0x41, 0x63, 0x63, 0x65, 0x73, 0x73, 0x4c, 0x6f, 0x67, 0x52, 0x09, 0x61, 0x63, 0x63,
+	0x65, 0x73, 0x73, 0x4c, 0x6f, 0x67, 0x1a, 0x4c, 0x0a, 0x0c, 0x44, 0x65, 0x70, 0x72, 0x65, 0x63,
+	0x61, 0x74, 0x65, 0x64, 0x56, 0x31, 0x12, 0x3c, 0x0a, 0x0c, 0x62, 0x69, 0x6e, 0x64, 0x5f, 0x74,
+	0x6f, 0x5f, 0x70, 0x6f, 0x72, 0x74, 0x18, 0x01, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1a, 0x2e, 0x67,
+	0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x42,
+	0x6f, 0x6f, 0x6c, 0x56, 0x61, 0x6c, 0x75, 0x65, 0x52, 0x0a, 0x62, 0x69, 0x6e, 0x64, 0x54, 0x6f,
+	0x50, 0x6f, 0x72, 0x74, 0x1a, 0xa2, 0x01, 0x0a, 0x17, 0x43, 0x6f, 0x6e, 0x6e, 0x65, 0x63, 0x74,
+	0x69, 0x6f, 0x6e, 0x42, 0x61, 0x6c, 0x61, 0x6e, 0x63, 0x65, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67,
+	0x12, 0x62, 0x0a, 0x0d, 0x65, 0x78, 0x61, 0x63, 0x74, 0x5f, 0x62, 0x61, 0x6c, 0x61, 0x6e, 0x63,
+	0x65, 0x18, 0x01, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x3b, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e,
+	0x61, 0x70, 0x69, 0x2e, 0x76, 0x32, 0x2e, 0x4c, 0x69, 0x73, 0x74, 0x65, 0x6e, 0x65, 0x72, 0x2e,
+	0x43, 0x6f, 0x6e, 0x6e, 0x65, 0x63, 0x74, 0x69, 0x6f, 0x6e, 0x42, 0x61, 0x6c, 0x61, 0x6e, 0x63,
+	0x65, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x45, 0x78, 0x61, 0x63, 0x74, 0x42, 0x61, 0x6c,
+	0x61, 0x6e, 0x63, 0x65, 0x48, 0x00, 0x52, 0x0c, 0x65, 0x78, 0x61, 0x63, 0x74, 0x42, 0x61, 0x6c,
+	0x61, 0x6e, 0x63, 0x65, 0x1a, 0x0e, 0x0a, 0x0c, 0x45, 0x78, 0x61, 0x63, 0x74, 0x42, 0x61, 0x6c,
+	0x61, 0x6e, 0x63, 0x65, 0x42, 0x13, 0x0a, 0x0c, 0x62, 0x61, 0x6c, 0x61, 0x6e, 0x63, 0x65, 0x5f,
+	0x74, 0x79, 0x70, 0x65, 0x12, 0x03, 0xf8, 0x42, 0x01, 0x22, 0x29, 0x0a, 0x09, 0x44, 0x72, 0x61,
+	0x69, 0x6e, 0x54, 0x79, 0x70, 0x65, 0x12, 0x0b, 0x0a, 0x07, 0x44, 0x45, 0x46, 0x41, 0x55, 0x4c,
+	0x54, 0x10, 0x00, 0x12, 0x0f, 0x0a, 0x0b, 0x4d, 0x4f, 0x44, 0x49, 0x46, 0x59, 0x5f, 0x4f, 0x4e,
+	0x4c, 0x59, 0x10, 0x01, 0x4a, 0x04, 0x08, 0x0e, 0x10, 0x0f, 0x42, 0x55, 0x0a, 0x1a, 0x69, 0x6f,
+	0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x70, 0x72, 0x6f, 0x78, 0x79, 0x2e, 0x65, 0x6e, 0x76, 0x6f,
+	0x79, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x76, 0x32, 0x42, 0x0d, 0x4c, 0x69, 0x73, 0x74, 0x65, 0x6e,
+	0x65, 0x72, 0x50, 0x72, 0x6f, 0x74, 0x6f, 0x50, 0x01, 0xf2, 0x98, 0xfe, 0x8f, 0x05, 0x1a, 0x12,
+	0x18, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x6c, 0x69,
+	0x73, 0x74, 0x65, 0x6e, 0x65, 0x72, 0x2e, 0x76, 0x33, 0xba, 0x80, 0xc8, 0xd1, 0x06, 0x02, 0x10,
+	0x01, 0x62, 0x06, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x33,
+}
+
+var (
+	file_envoy_api_v2_listener_proto_rawDescOnce sync.Once
+	file_envoy_api_v2_listener_proto_rawDescData = file_envoy_api_v2_listener_proto_rawDesc
+)
+
+func file_envoy_api_v2_listener_proto_rawDescGZIP() []byte {
+	file_envoy_api_v2_listener_proto_rawDescOnce.Do(func() {
+		file_envoy_api_v2_listener_proto_rawDescData = protoimpl.X.CompressGZIP(file_envoy_api_v2_listener_proto_rawDescData)
+	})
+	return file_envoy_api_v2_listener_proto_rawDescData
+}
+
+var file_envoy_api_v2_listener_proto_enumTypes = make([]protoimpl.EnumInfo, 1)
+var file_envoy_api_v2_listener_proto_msgTypes = make([]protoimpl.MessageInfo, 4)
+var file_envoy_api_v2_listener_proto_goTypes = []interface{}{
+	(Listener_DrainType)(0),                               // 0: envoy.api.v2.Listener.DrainType
+	(*Listener)(nil),                                      // 1: envoy.api.v2.Listener
+	(*Listener_DeprecatedV1)(nil),                         // 2: envoy.api.v2.Listener.DeprecatedV1
+	(*Listener_ConnectionBalanceConfig)(nil),              // 3: envoy.api.v2.Listener.ConnectionBalanceConfig
+	(*Listener_ConnectionBalanceConfig_ExactBalance)(nil), // 4: envoy.api.v2.Listener.ConnectionBalanceConfig.ExactBalance
+	(*core.Address)(nil),                                  // 5: envoy.api.v2.core.Address
+	(*listener.FilterChain)(nil),                          // 6: envoy.api.v2.listener.FilterChain
+	(*wrappers.BoolValue)(nil),                            // 7: google.protobuf.BoolValue
+	(*wrappers.UInt32Value)(nil),                          // 8: google.protobuf.UInt32Value
+	(*core.Metadata)(nil),                                 // 9: envoy.api.v2.core.Metadata
+	(*listener.ListenerFilter)(nil),                       // 10: envoy.api.v2.listener.ListenerFilter
+	(*duration.Duration)(nil),                             // 11: google.protobuf.Duration
+	(*core.SocketOption)(nil),                             // 12: envoy.api.v2.core.SocketOption
+	(core.TrafficDirection)(0),                            // 13: envoy.api.v2.core.TrafficDirection
+	(*listener.UdpListenerConfig)(nil),                    // 14: envoy.api.v2.listener.UdpListenerConfig
+	(*v2.ApiListener)(nil),                                // 15: envoy.config.listener.v2.ApiListener
+	(*v21.AccessLog)(nil),                                 // 16: envoy.config.filter.accesslog.v2.AccessLog
+}
+var file_envoy_api_v2_listener_proto_depIdxs = []int32{
+	5,  // 0: envoy.api.v2.Listener.address:type_name -> envoy.api.v2.core.Address
+	6,  // 1: envoy.api.v2.Listener.filter_chains:type_name -> envoy.api.v2.listener.FilterChain
+	7,  // 2: envoy.api.v2.Listener.use_original_dst:type_name -> google.protobuf.BoolValue
+	8,  // 3: envoy.api.v2.Listener.per_connection_buffer_limit_bytes:type_name -> google.protobuf.UInt32Value
+	9,  // 4: envoy.api.v2.Listener.metadata:type_name -> envoy.api.v2.core.Metadata
+	2,  // 5: envoy.api.v2.Listener.deprecated_v1:type_name -> envoy.api.v2.Listener.DeprecatedV1
+	0,  // 6: envoy.api.v2.Listener.drain_type:type_name -> envoy.api.v2.Listener.DrainType
+	10, // 7: envoy.api.v2.Listener.listener_filters:type_name -> envoy.api.v2.listener.ListenerFilter
+	11, // 8: envoy.api.v2.Listener.listener_filters_timeout:type_name -> google.protobuf.Duration
+	7,  // 9: envoy.api.v2.Listener.transparent:type_name -> google.protobuf.BoolValue
+	7,  // 10: envoy.api.v2.Listener.freebind:type_name -> google.protobuf.BoolValue
+	12, // 11: envoy.api.v2.Listener.socket_options:type_name -> envoy.api.v2.core.SocketOption
+	8,  // 12: envoy.api.v2.Listener.tcp_fast_open_queue_length:type_name -> google.protobuf.UInt32Value
+	13, // 13: envoy.api.v2.Listener.traffic_direction:type_name -> envoy.api.v2.core.TrafficDirection
+	14, // 14: envoy.api.v2.Listener.udp_listener_config:type_name -> envoy.api.v2.listener.UdpListenerConfig
+	15, // 15: envoy.api.v2.Listener.api_listener:type_name -> envoy.config.listener.v2.ApiListener
+	3,  // 16: envoy.api.v2.Listener.connection_balance_config:type_name -> envoy.api.v2.Listener.ConnectionBalanceConfig
+	16, // 17: envoy.api.v2.Listener.access_log:type_name -> envoy.config.filter.accesslog.v2.AccessLog
+	7,  // 18: envoy.api.v2.Listener.DeprecatedV1.bind_to_port:type_name -> google.protobuf.BoolValue
+	4,  // 19: envoy.api.v2.Listener.ConnectionBalanceConfig.exact_balance:type_name -> envoy.api.v2.Listener.ConnectionBalanceConfig.ExactBalance
+	20, // [20:20] is the sub-list for method output_type
+	20, // [20:20] is the sub-list for method input_type
+	20, // [20:20] is the sub-list for extension type_name
+	20, // [20:20] is the sub-list for extension extendee
+	0,  // [0:20] is the sub-list for field type_name
+}
+
+func init() { file_envoy_api_v2_listener_proto_init() }
+func file_envoy_api_v2_listener_proto_init() {
+	if File_envoy_api_v2_listener_proto != nil {
+		return
+	}
+	if !protoimpl.UnsafeEnabled {
+		file_envoy_api_v2_listener_proto_msgTypes[0].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*Listener); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_api_v2_listener_proto_msgTypes[1].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*Listener_DeprecatedV1); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_api_v2_listener_proto_msgTypes[2].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*Listener_ConnectionBalanceConfig); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_api_v2_listener_proto_msgTypes[3].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*Listener_ConnectionBalanceConfig_ExactBalance); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+	}
+	file_envoy_api_v2_listener_proto_msgTypes[2].OneofWrappers = []interface{}{
+		(*Listener_ConnectionBalanceConfig_ExactBalance_)(nil),
+	}
+	type x struct{}
+	out := protoimpl.TypeBuilder{
+		File: protoimpl.DescBuilder{
+			GoPackagePath: reflect.TypeOf(x{}).PkgPath(),
+			RawDescriptor: file_envoy_api_v2_listener_proto_rawDesc,
+			NumEnums:      1,
+			NumMessages:   4,
+			NumExtensions: 0,
+			NumServices:   0,
+		},
+		GoTypes:           file_envoy_api_v2_listener_proto_goTypes,
+		DependencyIndexes: file_envoy_api_v2_listener_proto_depIdxs,
+		EnumInfos:         file_envoy_api_v2_listener_proto_enumTypes,
+		MessageInfos:      file_envoy_api_v2_listener_proto_msgTypes,
+	}.Build()
+	File_envoy_api_v2_listener_proto = out.File
+	file_envoy_api_v2_listener_proto_rawDesc = nil
+	file_envoy_api_v2_listener_proto_goTypes = nil
+	file_envoy_api_v2_listener_proto_depIdxs = nil
+}
diff --git a/vendor/github.com/envoyproxy/go-control-plane/envoy/api/v2/listener.pb.validate.go b/vendor/github.com/envoyproxy/go-control-plane/envoy/api/v2/listener.pb.validate.go
new file mode 100644
index 00000000000..418f84dab07
--- /dev/null
+++ b/vendor/github.com/envoyproxy/go-control-plane/envoy/api/v2/listener.pb.validate.go
@@ -0,0 +1,1030 @@
+// Code generated by protoc-gen-validate. DO NOT EDIT.
+// source: envoy/api/v2/listener.proto
+
+package envoy_api_v2
+
+import (
+	"bytes"
+	"errors"
+	"fmt"
+	"net"
+	"net/mail"
+	"net/url"
+	"regexp"
+	"sort"
+	"strings"
+	"time"
+	"unicode/utf8"
+
+	"google.golang.org/protobuf/types/known/anypb"
+
+	core "github.com/envoyproxy/go-control-plane/envoy/api/v2/core"
+)
+
+// ensure the imports are used
+var (
+	_ = bytes.MinRead
+	_ = errors.New("")
+	_ = fmt.Print
+	_ = utf8.UTFMax
+	_ = (*regexp.Regexp)(nil)
+	_ = (*strings.Reader)(nil)
+	_ = net.IPv4len
+	_ = time.Duration(0)
+	_ = (*url.URL)(nil)
+	_ = (*mail.Address)(nil)
+	_ = anypb.Any{}
+	_ = sort.Sort
+
+	_ = core.TrafficDirection(0)
+)
+
+// Validate checks the field values on Listener with the rules defined in the
+// proto definition for this message. If any rules are violated, the first
+// error encountered is returned, or nil if there are no violations.
+func (m *Listener) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on Listener with the rules defined in
+// the proto definition for this message. If any rules are violated, the
+// result is a list of violation errors wrapped in ListenerMultiError, or nil
+// if none found.
+func (m *Listener) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *Listener) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	// no validation rules for Name
+
+	if m.GetAddress() == nil {
+		err := ListenerValidationError{
+			field:  "Address",
+			reason: "value is required",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+	}
+
+	if all {
+		switch v := interface{}(m.GetAddress()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, ListenerValidationError{
+					field:  "Address",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, ListenerValidationError{
+					field:  "Address",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetAddress()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return ListenerValidationError{
+				field:  "Address",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	for idx, item := range m.GetFilterChains() {
+		_, _ = idx, item
+
+		if all {
+			switch v := interface{}(item).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, ListenerValidationError{
+						field:  fmt.Sprintf("FilterChains[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, ListenerValidationError{
+						field:  fmt.Sprintf("FilterChains[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(item).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return ListenerValidationError{
+					field:  fmt.Sprintf("FilterChains[%v]", idx),
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	}
+
+	if all {
+		switch v := interface{}(m.GetUseOriginalDst()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, ListenerValidationError{
+					field:  "UseOriginalDst",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, ListenerValidationError{
+					field:  "UseOriginalDst",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetUseOriginalDst()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return ListenerValidationError{
+				field:  "UseOriginalDst",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if all {
+		switch v := interface{}(m.GetPerConnectionBufferLimitBytes()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, ListenerValidationError{
+					field:  "PerConnectionBufferLimitBytes",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, ListenerValidationError{
+					field:  "PerConnectionBufferLimitBytes",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetPerConnectionBufferLimitBytes()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return ListenerValidationError{
+				field:  "PerConnectionBufferLimitBytes",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if all {
+		switch v := interface{}(m.GetMetadata()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, ListenerValidationError{
+					field:  "Metadata",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, ListenerValidationError{
+					field:  "Metadata",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetMetadata()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return ListenerValidationError{
+				field:  "Metadata",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if all {
+		switch v := interface{}(m.GetDeprecatedV1()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, ListenerValidationError{
+					field:  "DeprecatedV1",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, ListenerValidationError{
+					field:  "DeprecatedV1",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetDeprecatedV1()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return ListenerValidationError{
+				field:  "DeprecatedV1",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	// no validation rules for DrainType
+
+	for idx, item := range m.GetListenerFilters() {
+		_, _ = idx, item
+
+		if all {
+			switch v := interface{}(item).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, ListenerValidationError{
+						field:  fmt.Sprintf("ListenerFilters[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, ListenerValidationError{
+						field:  fmt.Sprintf("ListenerFilters[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(item).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return ListenerValidationError{
+					field:  fmt.Sprintf("ListenerFilters[%v]", idx),
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	}
+
+	if all {
+		switch v := interface{}(m.GetListenerFiltersTimeout()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, ListenerValidationError{
+					field:  "ListenerFiltersTimeout",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, ListenerValidationError{
+					field:  "ListenerFiltersTimeout",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetListenerFiltersTimeout()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return ListenerValidationError{
+				field:  "ListenerFiltersTimeout",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	// no validation rules for ContinueOnListenerFiltersTimeout
+
+	if all {
+		switch v := interface{}(m.GetTransparent()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, ListenerValidationError{
+					field:  "Transparent",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, ListenerValidationError{
+					field:  "Transparent",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetTransparent()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return ListenerValidationError{
+				field:  "Transparent",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if all {
+		switch v := interface{}(m.GetFreebind()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, ListenerValidationError{
+					field:  "Freebind",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, ListenerValidationError{
+					field:  "Freebind",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetFreebind()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return ListenerValidationError{
+				field:  "Freebind",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	for idx, item := range m.GetSocketOptions() {
+		_, _ = idx, item
+
+		if all {
+			switch v := interface{}(item).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, ListenerValidationError{
+						field:  fmt.Sprintf("SocketOptions[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, ListenerValidationError{
+						field:  fmt.Sprintf("SocketOptions[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(item).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return ListenerValidationError{
+					field:  fmt.Sprintf("SocketOptions[%v]", idx),
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	}
+
+	if all {
+		switch v := interface{}(m.GetTcpFastOpenQueueLength()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, ListenerValidationError{
+					field:  "TcpFastOpenQueueLength",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, ListenerValidationError{
+					field:  "TcpFastOpenQueueLength",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetTcpFastOpenQueueLength()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return ListenerValidationError{
+				field:  "TcpFastOpenQueueLength",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	// no validation rules for TrafficDirection
+
+	if all {
+		switch v := interface{}(m.GetUdpListenerConfig()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, ListenerValidationError{
+					field:  "UdpListenerConfig",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, ListenerValidationError{
+					field:  "UdpListenerConfig",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetUdpListenerConfig()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return ListenerValidationError{
+				field:  "UdpListenerConfig",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if all {
+		switch v := interface{}(m.GetApiListener()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, ListenerValidationError{
+					field:  "ApiListener",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, ListenerValidationError{
+					field:  "ApiListener",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetApiListener()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return ListenerValidationError{
+				field:  "ApiListener",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if all {
+		switch v := interface{}(m.GetConnectionBalanceConfig()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, ListenerValidationError{
+					field:  "ConnectionBalanceConfig",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, ListenerValidationError{
+					field:  "ConnectionBalanceConfig",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetConnectionBalanceConfig()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return ListenerValidationError{
+				field:  "ConnectionBalanceConfig",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	// no validation rules for ReusePort
+
+	for idx, item := range m.GetAccessLog() {
+		_, _ = idx, item
+
+		if all {
+			switch v := interface{}(item).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, ListenerValidationError{
+						field:  fmt.Sprintf("AccessLog[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, ListenerValidationError{
+						field:  fmt.Sprintf("AccessLog[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(item).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return ListenerValidationError{
+					field:  fmt.Sprintf("AccessLog[%v]", idx),
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	}
+
+	if len(errors) > 0 {
+		return ListenerMultiError(errors)
+	}
+	return nil
+}
+
+// ListenerMultiError is an error wrapping multiple validation errors returned
+// by Listener.ValidateAll() if the designated constraints aren't met.
+type ListenerMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m ListenerMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m ListenerMultiError) AllErrors() []error { return m }
+
+// ListenerValidationError is the validation error returned by
+// Listener.Validate if the designated constraints aren't met.
+type ListenerValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e ListenerValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e ListenerValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e ListenerValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e ListenerValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e ListenerValidationError) ErrorName() string { return "ListenerValidationError" }
+
+// Error satisfies the builtin error interface
+func (e ListenerValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sListener.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = ListenerValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = ListenerValidationError{}
+
+// Validate checks the field values on Listener_DeprecatedV1 with the rules
+// defined in the proto definition for this message. If any rules are
+// violated, the first error encountered is returned, or nil if there are no violations.
+func (m *Listener_DeprecatedV1) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on Listener_DeprecatedV1 with the rules
+// defined in the proto definition for this message. If any rules are
+// violated, the result is a list of violation errors wrapped in
+// Listener_DeprecatedV1MultiError, or nil if none found.
+func (m *Listener_DeprecatedV1) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *Listener_DeprecatedV1) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	if all {
+		switch v := interface{}(m.GetBindToPort()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, Listener_DeprecatedV1ValidationError{
+					field:  "BindToPort",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, Listener_DeprecatedV1ValidationError{
+					field:  "BindToPort",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetBindToPort()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return Listener_DeprecatedV1ValidationError{
+				field:  "BindToPort",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if len(errors) > 0 {
+		return Listener_DeprecatedV1MultiError(errors)
+	}
+	return nil
+}
+
+// Listener_DeprecatedV1MultiError is an error wrapping multiple validation
+// errors returned by Listener_DeprecatedV1.ValidateAll() if the designated
+// constraints aren't met.
+type Listener_DeprecatedV1MultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m Listener_DeprecatedV1MultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m Listener_DeprecatedV1MultiError) AllErrors() []error { return m }
+
+// Listener_DeprecatedV1ValidationError is the validation error returned by
+// Listener_DeprecatedV1.Validate if the designated constraints aren't met.
+type Listener_DeprecatedV1ValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e Listener_DeprecatedV1ValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e Listener_DeprecatedV1ValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e Listener_DeprecatedV1ValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e Listener_DeprecatedV1ValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e Listener_DeprecatedV1ValidationError) ErrorName() string {
+	return "Listener_DeprecatedV1ValidationError"
+}
+
+// Error satisfies the builtin error interface
+func (e Listener_DeprecatedV1ValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sListener_DeprecatedV1.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = Listener_DeprecatedV1ValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = Listener_DeprecatedV1ValidationError{}
+
+// Validate checks the field values on Listener_ConnectionBalanceConfig with
+// the rules defined in the proto definition for this message. If any rules
+// are violated, the first error encountered is returned, or nil if there are
+// no violations.
+func (m *Listener_ConnectionBalanceConfig) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on Listener_ConnectionBalanceConfig with
+// the rules defined in the proto definition for this message. If any rules
+// are violated, the result is a list of violation errors wrapped in
+// Listener_ConnectionBalanceConfigMultiError, or nil if none found.
+func (m *Listener_ConnectionBalanceConfig) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *Listener_ConnectionBalanceConfig) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	switch m.BalanceType.(type) {
+
+	case *Listener_ConnectionBalanceConfig_ExactBalance_:
+
+		if all {
+			switch v := interface{}(m.GetExactBalance()).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, Listener_ConnectionBalanceConfigValidationError{
+						field:  "ExactBalance",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, Listener_ConnectionBalanceConfigValidationError{
+						field:  "ExactBalance",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(m.GetExactBalance()).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return Listener_ConnectionBalanceConfigValidationError{
+					field:  "ExactBalance",
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	default:
+		err := Listener_ConnectionBalanceConfigValidationError{
+			field:  "BalanceType",
+			reason: "value is required",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+
+	}
+
+	if len(errors) > 0 {
+		return Listener_ConnectionBalanceConfigMultiError(errors)
+	}
+	return nil
+}
+
+// Listener_ConnectionBalanceConfigMultiError is an error wrapping multiple
+// validation errors returned by
+// Listener_ConnectionBalanceConfig.ValidateAll() if the designated
+// constraints aren't met.
+type Listener_ConnectionBalanceConfigMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m Listener_ConnectionBalanceConfigMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m Listener_ConnectionBalanceConfigMultiError) AllErrors() []error { return m }
+
+// Listener_ConnectionBalanceConfigValidationError is the validation error
+// returned by Listener_ConnectionBalanceConfig.Validate if the designated
+// constraints aren't met.
+type Listener_ConnectionBalanceConfigValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e Listener_ConnectionBalanceConfigValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e Listener_ConnectionBalanceConfigValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e Listener_ConnectionBalanceConfigValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e Listener_ConnectionBalanceConfigValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e Listener_ConnectionBalanceConfigValidationError) ErrorName() string {
+	return "Listener_ConnectionBalanceConfigValidationError"
+}
+
+// Error satisfies the builtin error interface
+func (e Listener_ConnectionBalanceConfigValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sListener_ConnectionBalanceConfig.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = Listener_ConnectionBalanceConfigValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = Listener_ConnectionBalanceConfigValidationError{}
+
+// Validate checks the field values on
+// Listener_ConnectionBalanceConfig_ExactBalance with the rules defined in the
+// proto definition for this message. If any rules are violated, the first
+// error encountered is returned, or nil if there are no violations.
+func (m *Listener_ConnectionBalanceConfig_ExactBalance) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on
+// Listener_ConnectionBalanceConfig_ExactBalance with the rules defined in the
+// proto definition for this message. If any rules are violated, the result is
+// a list of violation errors wrapped in
+// Listener_ConnectionBalanceConfig_ExactBalanceMultiError, or nil if none found.
+func (m *Listener_ConnectionBalanceConfig_ExactBalance) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *Listener_ConnectionBalanceConfig_ExactBalance) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	if len(errors) > 0 {
+		return Listener_ConnectionBalanceConfig_ExactBalanceMultiError(errors)
+	}
+	return nil
+}
+
+// Listener_ConnectionBalanceConfig_ExactBalanceMultiError is an error wrapping
+// multiple validation errors returned by
+// Listener_ConnectionBalanceConfig_ExactBalance.ValidateAll() if the
+// designated constraints aren't met.
+type Listener_ConnectionBalanceConfig_ExactBalanceMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m Listener_ConnectionBalanceConfig_ExactBalanceMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m Listener_ConnectionBalanceConfig_ExactBalanceMultiError) AllErrors() []error { return m }
+
+// Listener_ConnectionBalanceConfig_ExactBalanceValidationError is the
+// validation error returned by
+// Listener_ConnectionBalanceConfig_ExactBalance.Validate if the designated
+// constraints aren't met.
+type Listener_ConnectionBalanceConfig_ExactBalanceValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e Listener_ConnectionBalanceConfig_ExactBalanceValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e Listener_ConnectionBalanceConfig_ExactBalanceValidationError) Reason() string {
+	return e.reason
+}
+
+// Cause function returns cause value.
+func (e Listener_ConnectionBalanceConfig_ExactBalanceValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e Listener_ConnectionBalanceConfig_ExactBalanceValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e Listener_ConnectionBalanceConfig_ExactBalanceValidationError) ErrorName() string {
+	return "Listener_ConnectionBalanceConfig_ExactBalanceValidationError"
+}
+
+// Error satisfies the builtin error interface
+func (e Listener_ConnectionBalanceConfig_ExactBalanceValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sListener_ConnectionBalanceConfig_ExactBalance.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = Listener_ConnectionBalanceConfig_ExactBalanceValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = Listener_ConnectionBalanceConfig_ExactBalanceValidationError{}
diff --git a/vendor/github.com/envoyproxy/go-control-plane/envoy/api/v2/listener/listener.pb.go b/vendor/github.com/envoyproxy/go-control-plane/envoy/api/v2/listener/listener.pb.go
new file mode 100644
index 00000000000..81f58e07a9f
--- /dev/null
+++ b/vendor/github.com/envoyproxy/go-control-plane/envoy/api/v2/listener/listener.pb.go
@@ -0,0 +1,79 @@
+// Code generated by protoc-gen-go. DO NOT EDIT.
+// versions:
+// 	protoc-gen-go v1.25.0
+// 	protoc        v3.19.1
+// source: envoy/api/v2/listener/listener.proto
+
+package envoy_api_v2_listener
+
+import (
+	proto "github.com/golang/protobuf/proto"
+	protoreflect "google.golang.org/protobuf/reflect/protoreflect"
+	protoimpl "google.golang.org/protobuf/runtime/protoimpl"
+	reflect "reflect"
+)
+
+const (
+	// Verify that this generated code is sufficiently up-to-date.
+	_ = protoimpl.EnforceVersion(20 - protoimpl.MinVersion)
+	// Verify that runtime/protoimpl is sufficiently up-to-date.
+	_ = protoimpl.EnforceVersion(protoimpl.MaxVersion - 20)
+)
+
+// This is a compile-time assertion that a sufficiently up-to-date version
+// of the legacy proto package is being used.
+const _ = proto.ProtoPackageIsVersion4
+
+var File_envoy_api_v2_listener_listener_proto protoreflect.FileDescriptor
+
+var file_envoy_api_v2_listener_listener_proto_rawDesc = []byte{
+	0x0a, 0x24, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2f, 0x61, 0x70, 0x69, 0x2f, 0x76, 0x32, 0x2f, 0x6c,
+	0x69, 0x73, 0x74, 0x65, 0x6e, 0x65, 0x72, 0x2f, 0x6c, 0x69, 0x73, 0x74, 0x65, 0x6e, 0x65, 0x72,
+	0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x12, 0x15, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61, 0x70,
+	0x69, 0x2e, 0x76, 0x32, 0x2e, 0x6c, 0x69, 0x73, 0x74, 0x65, 0x6e, 0x65, 0x72, 0x1a, 0x2f, 0x65,
+	0x6e, 0x76, 0x6f, 0x79, 0x2f, 0x61, 0x70, 0x69, 0x2f, 0x76, 0x32, 0x2f, 0x6c, 0x69, 0x73, 0x74,
+	0x65, 0x6e, 0x65, 0x72, 0x2f, 0x6c, 0x69, 0x73, 0x74, 0x65, 0x6e, 0x65, 0x72, 0x5f, 0x63, 0x6f,
+	0x6d, 0x70, 0x6f, 0x6e, 0x65, 0x6e, 0x74, 0x73, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x42, 0x6a,
+	0x0a, 0x23, 0x69, 0x6f, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x70, 0x72, 0x6f, 0x78, 0x79, 0x2e,
+	0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x76, 0x32, 0x2e, 0x6c, 0x69, 0x73,
+	0x74, 0x65, 0x6e, 0x65, 0x72, 0x42, 0x0d, 0x4c, 0x69, 0x73, 0x74, 0x65, 0x6e, 0x65, 0x72, 0x50,
+	0x72, 0x6f, 0x74, 0x6f, 0x50, 0x01, 0xaa, 0x02, 0x17, 0x45, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x41,
+	0x70, 0x69, 0x2e, 0x56, 0x32, 0x2e, 0x4c, 0x69, 0x73, 0x74, 0x65, 0x6e, 0x65, 0x72, 0x4e, 0x53,
+	0xea, 0x02, 0x17, 0x45, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x41, 0x70, 0x69, 0x2e, 0x56, 0x32, 0x2e,
+	0x4c, 0x69, 0x73, 0x74, 0x65, 0x6e, 0x65, 0x72, 0x4e, 0x53, 0x50, 0x00, 0x62, 0x06, 0x70, 0x72,
+	0x6f, 0x74, 0x6f, 0x33,
+}
+
+var file_envoy_api_v2_listener_listener_proto_goTypes = []interface{}{}
+var file_envoy_api_v2_listener_listener_proto_depIdxs = []int32{
+	0, // [0:0] is the sub-list for method output_type
+	0, // [0:0] is the sub-list for method input_type
+	0, // [0:0] is the sub-list for extension type_name
+	0, // [0:0] is the sub-list for extension extendee
+	0, // [0:0] is the sub-list for field type_name
+}
+
+func init() { file_envoy_api_v2_listener_listener_proto_init() }
+func file_envoy_api_v2_listener_listener_proto_init() {
+	if File_envoy_api_v2_listener_listener_proto != nil {
+		return
+	}
+	file_envoy_api_v2_listener_listener_components_proto_init()
+	type x struct{}
+	out := protoimpl.TypeBuilder{
+		File: protoimpl.DescBuilder{
+			GoPackagePath: reflect.TypeOf(x{}).PkgPath(),
+			RawDescriptor: file_envoy_api_v2_listener_listener_proto_rawDesc,
+			NumEnums:      0,
+			NumMessages:   0,
+			NumExtensions: 0,
+			NumServices:   0,
+		},
+		GoTypes:           file_envoy_api_v2_listener_listener_proto_goTypes,
+		DependencyIndexes: file_envoy_api_v2_listener_listener_proto_depIdxs,
+	}.Build()
+	File_envoy_api_v2_listener_listener_proto = out.File
+	file_envoy_api_v2_listener_listener_proto_rawDesc = nil
+	file_envoy_api_v2_listener_listener_proto_goTypes = nil
+	file_envoy_api_v2_listener_listener_proto_depIdxs = nil
+}
diff --git a/vendor/github.com/envoyproxy/go-control-plane/envoy/api/v2/listener/listener.pb.validate.go b/vendor/github.com/envoyproxy/go-control-plane/envoy/api/v2/listener/listener.pb.validate.go
new file mode 100644
index 00000000000..c20254e439a
--- /dev/null
+++ b/vendor/github.com/envoyproxy/go-control-plane/envoy/api/v2/listener/listener.pb.validate.go
@@ -0,0 +1,36 @@
+// Code generated by protoc-gen-validate. DO NOT EDIT.
+// source: envoy/api/v2/listener/listener.proto
+
+package envoy_api_v2_listener
+
+import (
+	"bytes"
+	"errors"
+	"fmt"
+	"net"
+	"net/mail"
+	"net/url"
+	"regexp"
+	"sort"
+	"strings"
+	"time"
+	"unicode/utf8"
+
+	"google.golang.org/protobuf/types/known/anypb"
+)
+
+// ensure the imports are used
+var (
+	_ = bytes.MinRead
+	_ = errors.New("")
+	_ = fmt.Print
+	_ = utf8.UTFMax
+	_ = (*regexp.Regexp)(nil)
+	_ = (*strings.Reader)(nil)
+	_ = net.IPv4len
+	_ = time.Duration(0)
+	_ = (*url.URL)(nil)
+	_ = (*mail.Address)(nil)
+	_ = anypb.Any{}
+	_ = sort.Sort
+)
diff --git a/vendor/github.com/envoyproxy/go-control-plane/envoy/api/v2/listener/listener_components.pb.go b/vendor/github.com/envoyproxy/go-control-plane/envoy/api/v2/listener/listener_components.pb.go
new file mode 100644
index 00000000000..06730e75268
--- /dev/null
+++ b/vendor/github.com/envoyproxy/go-control-plane/envoy/api/v2/listener/listener_components.pb.go
@@ -0,0 +1,1179 @@
+// Code generated by protoc-gen-go. DO NOT EDIT.
+// versions:
+// 	protoc-gen-go v1.25.0
+// 	protoc        v3.19.1
+// source: envoy/api/v2/listener/listener_components.proto
+
+package envoy_api_v2_listener
+
+import (
+	_ "github.com/cncf/xds/go/udpa/annotations"
+	auth "github.com/envoyproxy/go-control-plane/envoy/api/v2/auth"
+	core "github.com/envoyproxy/go-control-plane/envoy/api/v2/core"
+	_type "github.com/envoyproxy/go-control-plane/envoy/type"
+	_ "github.com/envoyproxy/protoc-gen-validate/validate"
+	proto "github.com/golang/protobuf/proto"
+	any "github.com/golang/protobuf/ptypes/any"
+	_struct "github.com/golang/protobuf/ptypes/struct"
+	wrappers "github.com/golang/protobuf/ptypes/wrappers"
+	protoreflect "google.golang.org/protobuf/reflect/protoreflect"
+	protoimpl "google.golang.org/protobuf/runtime/protoimpl"
+	reflect "reflect"
+	sync "sync"
+)
+
+const (
+	// Verify that this generated code is sufficiently up-to-date.
+	_ = protoimpl.EnforceVersion(20 - protoimpl.MinVersion)
+	// Verify that runtime/protoimpl is sufficiently up-to-date.
+	_ = protoimpl.EnforceVersion(protoimpl.MaxVersion - 20)
+)
+
+// This is a compile-time assertion that a sufficiently up-to-date version
+// of the legacy proto package is being used.
+const _ = proto.ProtoPackageIsVersion4
+
+type FilterChainMatch_ConnectionSourceType int32
+
+const (
+	// Any connection source matches.
+	FilterChainMatch_ANY FilterChainMatch_ConnectionSourceType = 0
+	// Match a connection originating from the same host.
+	FilterChainMatch_LOCAL FilterChainMatch_ConnectionSourceType = 1
+	// Match a connection originating from a different host.
+	FilterChainMatch_EXTERNAL FilterChainMatch_ConnectionSourceType = 2
+)
+
+// Enum value maps for FilterChainMatch_ConnectionSourceType.
+var (
+	FilterChainMatch_ConnectionSourceType_name = map[int32]string{
+		0: "ANY",
+		1: "LOCAL",
+		2: "EXTERNAL",
+	}
+	FilterChainMatch_ConnectionSourceType_value = map[string]int32{
+		"ANY":      0,
+		"LOCAL":    1,
+		"EXTERNAL": 2,
+	}
+)
+
+func (x FilterChainMatch_ConnectionSourceType) Enum() *FilterChainMatch_ConnectionSourceType {
+	p := new(FilterChainMatch_ConnectionSourceType)
+	*p = x
+	return p
+}
+
+func (x FilterChainMatch_ConnectionSourceType) String() string {
+	return protoimpl.X.EnumStringOf(x.Descriptor(), protoreflect.EnumNumber(x))
+}
+
+func (FilterChainMatch_ConnectionSourceType) Descriptor() protoreflect.EnumDescriptor {
+	return file_envoy_api_v2_listener_listener_components_proto_enumTypes[0].Descriptor()
+}
+
+func (FilterChainMatch_ConnectionSourceType) Type() protoreflect.EnumType {
+	return &file_envoy_api_v2_listener_listener_components_proto_enumTypes[0]
+}
+
+func (x FilterChainMatch_ConnectionSourceType) Number() protoreflect.EnumNumber {
+	return protoreflect.EnumNumber(x)
+}
+
+// Deprecated: Use FilterChainMatch_ConnectionSourceType.Descriptor instead.
+func (FilterChainMatch_ConnectionSourceType) EnumDescriptor() ([]byte, []int) {
+	return file_envoy_api_v2_listener_listener_components_proto_rawDescGZIP(), []int{1, 0}
+}
+
+type Filter struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// The name of the filter to instantiate. The name must match a
+	// :ref:`supported filter <config_network_filters>`.
+	Name string `protobuf:"bytes,1,opt,name=name,proto3" json:"name,omitempty"`
+	// Filter specific configuration which depends on the filter being
+	// instantiated. See the supported filters for further documentation.
+	//
+	// Types that are assignable to ConfigType:
+	//	*Filter_Config
+	//	*Filter_TypedConfig
+	ConfigType isFilter_ConfigType `protobuf_oneof:"config_type"`
+}
+
+func (x *Filter) Reset() {
+	*x = Filter{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_api_v2_listener_listener_components_proto_msgTypes[0]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *Filter) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*Filter) ProtoMessage() {}
+
+func (x *Filter) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_api_v2_listener_listener_components_proto_msgTypes[0]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use Filter.ProtoReflect.Descriptor instead.
+func (*Filter) Descriptor() ([]byte, []int) {
+	return file_envoy_api_v2_listener_listener_components_proto_rawDescGZIP(), []int{0}
+}
+
+func (x *Filter) GetName() string {
+	if x != nil {
+		return x.Name
+	}
+	return ""
+}
+
+func (m *Filter) GetConfigType() isFilter_ConfigType {
+	if m != nil {
+		return m.ConfigType
+	}
+	return nil
+}
+
+// Deprecated: Do not use.
+func (x *Filter) GetConfig() *_struct.Struct {
+	if x, ok := x.GetConfigType().(*Filter_Config); ok {
+		return x.Config
+	}
+	return nil
+}
+
+func (x *Filter) GetTypedConfig() *any.Any {
+	if x, ok := x.GetConfigType().(*Filter_TypedConfig); ok {
+		return x.TypedConfig
+	}
+	return nil
+}
+
+type isFilter_ConfigType interface {
+	isFilter_ConfigType()
+}
+
+type Filter_Config struct {
+	// Deprecated: Do not use.
+	Config *_struct.Struct `protobuf:"bytes,2,opt,name=config,proto3,oneof"`
+}
+
+type Filter_TypedConfig struct {
+	TypedConfig *any.Any `protobuf:"bytes,4,opt,name=typed_config,json=typedConfig,proto3,oneof"`
+}
+
+func (*Filter_Config) isFilter_ConfigType() {}
+
+func (*Filter_TypedConfig) isFilter_ConfigType() {}
+
+// Specifies the match criteria for selecting a specific filter chain for a
+// listener.
+//
+// In order for a filter chain to be selected, *ALL* of its criteria must be
+// fulfilled by the incoming connection, properties of which are set by the
+// networking stack and/or listener filters.
+//
+// The following order applies:
+//
+// 1. Destination port.
+// 2. Destination IP address.
+// 3. Server name (e.g. SNI for TLS protocol),
+// 4. Transport protocol.
+// 5. Application protocols (e.g. ALPN for TLS protocol).
+// 6. Source type (e.g. any, local or external network).
+// 7. Source IP address.
+// 8. Source port.
+//
+// For criteria that allow ranges or wildcards, the most specific value in any
+// of the configured filter chains that matches the incoming connection is going
+// to be used (e.g. for SNI ``www.example.com`` the most specific match would be
+// ``www.example.com``, then ``*.example.com``, then ``*.com``, then any filter
+// chain without ``server_names`` requirements).
+//
+// [#comment: Implemented rules are kept in the preference order, with deprecated fields
+// listed at the end, because that's how we want to list them in the docs.
+//
+// [#comment:TODO(PiotrSikora): Add support for configurable precedence of the rules]
+// [#next-free-field: 13]
+type FilterChainMatch struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// Optional destination port to consider when use_original_dst is set on the
+	// listener in determining a filter chain match.
+	DestinationPort *wrappers.UInt32Value `protobuf:"bytes,8,opt,name=destination_port,json=destinationPort,proto3" json:"destination_port,omitempty"`
+	// If non-empty, an IP address and prefix length to match addresses when the
+	// listener is bound to 0.0.0.0/:: or when use_original_dst is specified.
+	PrefixRanges []*core.CidrRange `protobuf:"bytes,3,rep,name=prefix_ranges,json=prefixRanges,proto3" json:"prefix_ranges,omitempty"`
+	// If non-empty, an IP address and suffix length to match addresses when the
+	// listener is bound to 0.0.0.0/:: or when use_original_dst is specified.
+	// [#not-implemented-hide:]
+	AddressSuffix string `protobuf:"bytes,4,opt,name=address_suffix,json=addressSuffix,proto3" json:"address_suffix,omitempty"`
+	// [#not-implemented-hide:]
+	SuffixLen *wrappers.UInt32Value `protobuf:"bytes,5,opt,name=suffix_len,json=suffixLen,proto3" json:"suffix_len,omitempty"`
+	// Specifies the connection source IP match type. Can be any, local or external network.
+	SourceType FilterChainMatch_ConnectionSourceType `protobuf:"varint,12,opt,name=source_type,json=sourceType,proto3,enum=envoy.api.v2.listener.FilterChainMatch_ConnectionSourceType" json:"source_type,omitempty"`
+	// The criteria is satisfied if the source IP address of the downstream
+	// connection is contained in at least one of the specified subnets. If the
+	// parameter is not specified or the list is empty, the source IP address is
+	// ignored.
+	SourcePrefixRanges []*core.CidrRange `protobuf:"bytes,6,rep,name=source_prefix_ranges,json=sourcePrefixRanges,proto3" json:"source_prefix_ranges,omitempty"`
+	// The criteria is satisfied if the source port of the downstream connection
+	// is contained in at least one of the specified ports. If the parameter is
+	// not specified, the source port is ignored.
+	SourcePorts []uint32 `protobuf:"varint,7,rep,packed,name=source_ports,json=sourcePorts,proto3" json:"source_ports,omitempty"`
+	// If non-empty, a list of server names (e.g. SNI for TLS protocol) to consider when determining
+	// a filter chain match. Those values will be compared against the server names of a new
+	// connection, when detected by one of the listener filters.
+	//
+	// The server name will be matched against all wildcard domains, i.e. ``www.example.com``
+	// will be first matched against ``www.example.com``, then ``*.example.com``, then ``*.com``.
+	//
+	// Note that partial wildcards are not supported, and values like ``*w.example.com`` are invalid.
+	//
+	// .. attention::
+	//
+	//   See the :ref:`FAQ entry <faq_how_to_setup_sni>` on how to configure SNI for more
+	//   information.
+	ServerNames []string `protobuf:"bytes,11,rep,name=server_names,json=serverNames,proto3" json:"server_names,omitempty"`
+	// If non-empty, a transport protocol to consider when determining a filter chain match.
+	// This value will be compared against the transport protocol of a new connection, when
+	// it's detected by one of the listener filters.
+	//
+	// Suggested values include:
+	//
+	// * ``raw_buffer`` - default, used when no transport protocol is detected,
+	// * ``tls`` - set by :ref:`envoy.filters.listener.tls_inspector <config_listener_filters_tls_inspector>`
+	//   when TLS protocol is detected.
+	TransportProtocol string `protobuf:"bytes,9,opt,name=transport_protocol,json=transportProtocol,proto3" json:"transport_protocol,omitempty"`
+	// If non-empty, a list of application protocols (e.g. ALPN for TLS protocol) to consider when
+	// determining a filter chain match. Those values will be compared against the application
+	// protocols of a new connection, when detected by one of the listener filters.
+	//
+	// Suggested values include:
+	//
+	// * ``http/1.1`` - set by :ref:`envoy.filters.listener.tls_inspector
+	//   <config_listener_filters_tls_inspector>`,
+	// * ``h2`` - set by :ref:`envoy.filters.listener.tls_inspector <config_listener_filters_tls_inspector>`
+	//
+	// .. attention::
+	//
+	//   Currently, only :ref:`TLS Inspector <config_listener_filters_tls_inspector>` provides
+	//   application protocol detection based on the requested
+	//   `ALPN <https://en.wikipedia.org/wiki/Application-Layer_Protocol_Negotiation>`_ values.
+	//
+	//   However, the use of ALPN is pretty much limited to the HTTP/2 traffic on the Internet,
+	//   and matching on values other than ``h2`` is going to lead to a lot of false negatives,
+	//   unless all connecting clients are known to use ALPN.
+	ApplicationProtocols []string `protobuf:"bytes,10,rep,name=application_protocols,json=applicationProtocols,proto3" json:"application_protocols,omitempty"`
+}
+
+func (x *FilterChainMatch) Reset() {
+	*x = FilterChainMatch{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_api_v2_listener_listener_components_proto_msgTypes[1]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *FilterChainMatch) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*FilterChainMatch) ProtoMessage() {}
+
+func (x *FilterChainMatch) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_api_v2_listener_listener_components_proto_msgTypes[1]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use FilterChainMatch.ProtoReflect.Descriptor instead.
+func (*FilterChainMatch) Descriptor() ([]byte, []int) {
+	return file_envoy_api_v2_listener_listener_components_proto_rawDescGZIP(), []int{1}
+}
+
+func (x *FilterChainMatch) GetDestinationPort() *wrappers.UInt32Value {
+	if x != nil {
+		return x.DestinationPort
+	}
+	return nil
+}
+
+func (x *FilterChainMatch) GetPrefixRanges() []*core.CidrRange {
+	if x != nil {
+		return x.PrefixRanges
+	}
+	return nil
+}
+
+func (x *FilterChainMatch) GetAddressSuffix() string {
+	if x != nil {
+		return x.AddressSuffix
+	}
+	return ""
+}
+
+func (x *FilterChainMatch) GetSuffixLen() *wrappers.UInt32Value {
+	if x != nil {
+		return x.SuffixLen
+	}
+	return nil
+}
+
+func (x *FilterChainMatch) GetSourceType() FilterChainMatch_ConnectionSourceType {
+	if x != nil {
+		return x.SourceType
+	}
+	return FilterChainMatch_ANY
+}
+
+func (x *FilterChainMatch) GetSourcePrefixRanges() []*core.CidrRange {
+	if x != nil {
+		return x.SourcePrefixRanges
+	}
+	return nil
+}
+
+func (x *FilterChainMatch) GetSourcePorts() []uint32 {
+	if x != nil {
+		return x.SourcePorts
+	}
+	return nil
+}
+
+func (x *FilterChainMatch) GetServerNames() []string {
+	if x != nil {
+		return x.ServerNames
+	}
+	return nil
+}
+
+func (x *FilterChainMatch) GetTransportProtocol() string {
+	if x != nil {
+		return x.TransportProtocol
+	}
+	return ""
+}
+
+func (x *FilterChainMatch) GetApplicationProtocols() []string {
+	if x != nil {
+		return x.ApplicationProtocols
+	}
+	return nil
+}
+
+// A filter chain wraps a set of match criteria, an option TLS context, a set of filters, and
+// various other parameters.
+// [#next-free-field: 8]
+type FilterChain struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// The criteria to use when matching a connection to this filter chain.
+	FilterChainMatch *FilterChainMatch `protobuf:"bytes,1,opt,name=filter_chain_match,json=filterChainMatch,proto3" json:"filter_chain_match,omitempty"`
+	// The TLS context for this filter chain.
+	//
+	// .. attention::
+	//
+	//   **This field is deprecated**. Use `transport_socket` with name `tls` instead. If both are
+	//   set, `transport_socket` takes priority.
+	//
+	// Deprecated: Do not use.
+	TlsContext *auth.DownstreamTlsContext `protobuf:"bytes,2,opt,name=tls_context,json=tlsContext,proto3" json:"tls_context,omitempty"`
+	// A list of individual network filters that make up the filter chain for
+	// connections established with the listener. Order matters as the filters are
+	// processed sequentially as connection events happen. Note: If the filter
+	// list is empty, the connection will close by default.
+	Filters []*Filter `protobuf:"bytes,3,rep,name=filters,proto3" json:"filters,omitempty"`
+	// Whether the listener should expect a PROXY protocol V1 header on new
+	// connections. If this option is enabled, the listener will assume that that
+	// remote address of the connection is the one specified in the header. Some
+	// load balancers including the AWS ELB support this option. If the option is
+	// absent or set to false, Envoy will use the physical peer address of the
+	// connection as the remote address.
+	UseProxyProto *wrappers.BoolValue `protobuf:"bytes,4,opt,name=use_proxy_proto,json=useProxyProto,proto3" json:"use_proxy_proto,omitempty"`
+	// [#not-implemented-hide:] filter chain metadata.
+	Metadata *core.Metadata `protobuf:"bytes,5,opt,name=metadata,proto3" json:"metadata,omitempty"`
+	// Optional custom transport socket implementation to use for downstream connections.
+	// To setup TLS, set a transport socket with name `tls` and
+	// :ref:`DownstreamTlsContext <envoy_api_msg_auth.DownstreamTlsContext>` in the `typed_config`.
+	// If no transport socket configuration is specified, new connections
+	// will be set up with plaintext.
+	TransportSocket *core.TransportSocket `protobuf:"bytes,6,opt,name=transport_socket,json=transportSocket,proto3" json:"transport_socket,omitempty"`
+	// [#not-implemented-hide:] The unique name (or empty) by which this filter chain is known. If no
+	// name is provided, Envoy will allocate an internal UUID for the filter chain. If the filter
+	// chain is to be dynamically updated or removed via FCDS a unique name must be provided.
+	Name string `protobuf:"bytes,7,opt,name=name,proto3" json:"name,omitempty"`
+}
+
+func (x *FilterChain) Reset() {
+	*x = FilterChain{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_api_v2_listener_listener_components_proto_msgTypes[2]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *FilterChain) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*FilterChain) ProtoMessage() {}
+
+func (x *FilterChain) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_api_v2_listener_listener_components_proto_msgTypes[2]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use FilterChain.ProtoReflect.Descriptor instead.
+func (*FilterChain) Descriptor() ([]byte, []int) {
+	return file_envoy_api_v2_listener_listener_components_proto_rawDescGZIP(), []int{2}
+}
+
+func (x *FilterChain) GetFilterChainMatch() *FilterChainMatch {
+	if x != nil {
+		return x.FilterChainMatch
+	}
+	return nil
+}
+
+// Deprecated: Do not use.
+func (x *FilterChain) GetTlsContext() *auth.DownstreamTlsContext {
+	if x != nil {
+		return x.TlsContext
+	}
+	return nil
+}
+
+func (x *FilterChain) GetFilters() []*Filter {
+	if x != nil {
+		return x.Filters
+	}
+	return nil
+}
+
+func (x *FilterChain) GetUseProxyProto() *wrappers.BoolValue {
+	if x != nil {
+		return x.UseProxyProto
+	}
+	return nil
+}
+
+func (x *FilterChain) GetMetadata() *core.Metadata {
+	if x != nil {
+		return x.Metadata
+	}
+	return nil
+}
+
+func (x *FilterChain) GetTransportSocket() *core.TransportSocket {
+	if x != nil {
+		return x.TransportSocket
+	}
+	return nil
+}
+
+func (x *FilterChain) GetName() string {
+	if x != nil {
+		return x.Name
+	}
+	return ""
+}
+
+// Listener filter chain match configuration. This is a recursive structure which allows complex
+// nested match configurations to be built using various logical operators.
+//
+// Examples:
+//
+// * Matches if the destination port is 3306.
+//
+// .. code-block:: yaml
+//
+//  destination_port_range:
+//   start: 3306
+//   end: 3307
+//
+// * Matches if the destination port is 3306 or 15000.
+//
+// .. code-block:: yaml
+//
+//  or_match:
+//    rules:
+//      - destination_port_range:
+//          start: 3306
+//          end: 3307
+//      - destination_port_range:
+//          start: 15000
+//          end: 15001
+//
+// [#next-free-field: 6]
+type ListenerFilterChainMatchPredicate struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// Types that are assignable to Rule:
+	//	*ListenerFilterChainMatchPredicate_OrMatch
+	//	*ListenerFilterChainMatchPredicate_AndMatch
+	//	*ListenerFilterChainMatchPredicate_NotMatch
+	//	*ListenerFilterChainMatchPredicate_AnyMatch
+	//	*ListenerFilterChainMatchPredicate_DestinationPortRange
+	Rule isListenerFilterChainMatchPredicate_Rule `protobuf_oneof:"rule"`
+}
+
+func (x *ListenerFilterChainMatchPredicate) Reset() {
+	*x = ListenerFilterChainMatchPredicate{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_api_v2_listener_listener_components_proto_msgTypes[3]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *ListenerFilterChainMatchPredicate) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*ListenerFilterChainMatchPredicate) ProtoMessage() {}
+
+func (x *ListenerFilterChainMatchPredicate) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_api_v2_listener_listener_components_proto_msgTypes[3]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use ListenerFilterChainMatchPredicate.ProtoReflect.Descriptor instead.
+func (*ListenerFilterChainMatchPredicate) Descriptor() ([]byte, []int) {
+	return file_envoy_api_v2_listener_listener_components_proto_rawDescGZIP(), []int{3}
+}
+
+func (m *ListenerFilterChainMatchPredicate) GetRule() isListenerFilterChainMatchPredicate_Rule {
+	if m != nil {
+		return m.Rule
+	}
+	return nil
+}
+
+func (x *ListenerFilterChainMatchPredicate) GetOrMatch() *ListenerFilterChainMatchPredicate_MatchSet {
+	if x, ok := x.GetRule().(*ListenerFilterChainMatchPredicate_OrMatch); ok {
+		return x.OrMatch
+	}
+	return nil
+}
+
+func (x *ListenerFilterChainMatchPredicate) GetAndMatch() *ListenerFilterChainMatchPredicate_MatchSet {
+	if x, ok := x.GetRule().(*ListenerFilterChainMatchPredicate_AndMatch); ok {
+		return x.AndMatch
+	}
+	return nil
+}
+
+func (x *ListenerFilterChainMatchPredicate) GetNotMatch() *ListenerFilterChainMatchPredicate {
+	if x, ok := x.GetRule().(*ListenerFilterChainMatchPredicate_NotMatch); ok {
+		return x.NotMatch
+	}
+	return nil
+}
+
+func (x *ListenerFilterChainMatchPredicate) GetAnyMatch() bool {
+	if x, ok := x.GetRule().(*ListenerFilterChainMatchPredicate_AnyMatch); ok {
+		return x.AnyMatch
+	}
+	return false
+}
+
+func (x *ListenerFilterChainMatchPredicate) GetDestinationPortRange() *_type.Int32Range {
+	if x, ok := x.GetRule().(*ListenerFilterChainMatchPredicate_DestinationPortRange); ok {
+		return x.DestinationPortRange
+	}
+	return nil
+}
+
+type isListenerFilterChainMatchPredicate_Rule interface {
+	isListenerFilterChainMatchPredicate_Rule()
+}
+
+type ListenerFilterChainMatchPredicate_OrMatch struct {
+	// A set that describes a logical OR. If any member of the set matches, the match configuration
+	// matches.
+	OrMatch *ListenerFilterChainMatchPredicate_MatchSet `protobuf:"bytes,1,opt,name=or_match,json=orMatch,proto3,oneof"`
+}
+
+type ListenerFilterChainMatchPredicate_AndMatch struct {
+	// A set that describes a logical AND. If all members of the set match, the match configuration
+	// matches.
+	AndMatch *ListenerFilterChainMatchPredicate_MatchSet `protobuf:"bytes,2,opt,name=and_match,json=andMatch,proto3,oneof"`
+}
+
+type ListenerFilterChainMatchPredicate_NotMatch struct {
+	// A negation match. The match configuration will match if the negated match condition matches.
+	NotMatch *ListenerFilterChainMatchPredicate `protobuf:"bytes,3,opt,name=not_match,json=notMatch,proto3,oneof"`
+}
+
+type ListenerFilterChainMatchPredicate_AnyMatch struct {
+	// The match configuration will always match.
+	AnyMatch bool `protobuf:"varint,4,opt,name=any_match,json=anyMatch,proto3,oneof"`
+}
+
+type ListenerFilterChainMatchPredicate_DestinationPortRange struct {
+	// Match destination port. Particularly, the match evaluation must use the recovered local port if
+	// the owning listener filter is after :ref:`an original_dst listener filter <config_listener_filters_original_dst>`.
+	DestinationPortRange *_type.Int32Range `protobuf:"bytes,5,opt,name=destination_port_range,json=destinationPortRange,proto3,oneof"`
+}
+
+func (*ListenerFilterChainMatchPredicate_OrMatch) isListenerFilterChainMatchPredicate_Rule() {}
+
+func (*ListenerFilterChainMatchPredicate_AndMatch) isListenerFilterChainMatchPredicate_Rule() {}
+
+func (*ListenerFilterChainMatchPredicate_NotMatch) isListenerFilterChainMatchPredicate_Rule() {}
+
+func (*ListenerFilterChainMatchPredicate_AnyMatch) isListenerFilterChainMatchPredicate_Rule() {}
+
+func (*ListenerFilterChainMatchPredicate_DestinationPortRange) isListenerFilterChainMatchPredicate_Rule() {
+}
+
+type ListenerFilter struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// The name of the filter to instantiate. The name must match a
+	// :ref:`supported filter <config_listener_filters>`.
+	Name string `protobuf:"bytes,1,opt,name=name,proto3" json:"name,omitempty"`
+	// Filter specific configuration which depends on the filter being instantiated.
+	// See the supported filters for further documentation.
+	//
+	// Types that are assignable to ConfigType:
+	//	*ListenerFilter_Config
+	//	*ListenerFilter_TypedConfig
+	ConfigType isListenerFilter_ConfigType `protobuf_oneof:"config_type"`
+	// Optional match predicate used to disable the filter. The filter is enabled when this field is empty.
+	// See :ref:`ListenerFilterChainMatchPredicate <envoy_api_msg_listener.ListenerFilterChainMatchPredicate>`
+	// for further examples.
+	FilterDisabled *ListenerFilterChainMatchPredicate `protobuf:"bytes,4,opt,name=filter_disabled,json=filterDisabled,proto3" json:"filter_disabled,omitempty"`
+}
+
+func (x *ListenerFilter) Reset() {
+	*x = ListenerFilter{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_api_v2_listener_listener_components_proto_msgTypes[4]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *ListenerFilter) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*ListenerFilter) ProtoMessage() {}
+
+func (x *ListenerFilter) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_api_v2_listener_listener_components_proto_msgTypes[4]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use ListenerFilter.ProtoReflect.Descriptor instead.
+func (*ListenerFilter) Descriptor() ([]byte, []int) {
+	return file_envoy_api_v2_listener_listener_components_proto_rawDescGZIP(), []int{4}
+}
+
+func (x *ListenerFilter) GetName() string {
+	if x != nil {
+		return x.Name
+	}
+	return ""
+}
+
+func (m *ListenerFilter) GetConfigType() isListenerFilter_ConfigType {
+	if m != nil {
+		return m.ConfigType
+	}
+	return nil
+}
+
+// Deprecated: Do not use.
+func (x *ListenerFilter) GetConfig() *_struct.Struct {
+	if x, ok := x.GetConfigType().(*ListenerFilter_Config); ok {
+		return x.Config
+	}
+	return nil
+}
+
+func (x *ListenerFilter) GetTypedConfig() *any.Any {
+	if x, ok := x.GetConfigType().(*ListenerFilter_TypedConfig); ok {
+		return x.TypedConfig
+	}
+	return nil
+}
+
+func (x *ListenerFilter) GetFilterDisabled() *ListenerFilterChainMatchPredicate {
+	if x != nil {
+		return x.FilterDisabled
+	}
+	return nil
+}
+
+type isListenerFilter_ConfigType interface {
+	isListenerFilter_ConfigType()
+}
+
+type ListenerFilter_Config struct {
+	// Deprecated: Do not use.
+	Config *_struct.Struct `protobuf:"bytes,2,opt,name=config,proto3,oneof"`
+}
+
+type ListenerFilter_TypedConfig struct {
+	TypedConfig *any.Any `protobuf:"bytes,3,opt,name=typed_config,json=typedConfig,proto3,oneof"`
+}
+
+func (*ListenerFilter_Config) isListenerFilter_ConfigType() {}
+
+func (*ListenerFilter_TypedConfig) isListenerFilter_ConfigType() {}
+
+// A set of match configurations used for logical operations.
+type ListenerFilterChainMatchPredicate_MatchSet struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// The list of rules that make up the set.
+	Rules []*ListenerFilterChainMatchPredicate `protobuf:"bytes,1,rep,name=rules,proto3" json:"rules,omitempty"`
+}
+
+func (x *ListenerFilterChainMatchPredicate_MatchSet) Reset() {
+	*x = ListenerFilterChainMatchPredicate_MatchSet{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_api_v2_listener_listener_components_proto_msgTypes[5]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *ListenerFilterChainMatchPredicate_MatchSet) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*ListenerFilterChainMatchPredicate_MatchSet) ProtoMessage() {}
+
+func (x *ListenerFilterChainMatchPredicate_MatchSet) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_api_v2_listener_listener_components_proto_msgTypes[5]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use ListenerFilterChainMatchPredicate_MatchSet.ProtoReflect.Descriptor instead.
+func (*ListenerFilterChainMatchPredicate_MatchSet) Descriptor() ([]byte, []int) {
+	return file_envoy_api_v2_listener_listener_components_proto_rawDescGZIP(), []int{3, 0}
+}
+
+func (x *ListenerFilterChainMatchPredicate_MatchSet) GetRules() []*ListenerFilterChainMatchPredicate {
+	if x != nil {
+		return x.Rules
+	}
+	return nil
+}
+
+var File_envoy_api_v2_listener_listener_components_proto protoreflect.FileDescriptor
+
+var file_envoy_api_v2_listener_listener_components_proto_rawDesc = []byte{
+	0x0a, 0x2f, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2f, 0x61, 0x70, 0x69, 0x2f, 0x76, 0x32, 0x2f, 0x6c,
+	0x69, 0x73, 0x74, 0x65, 0x6e, 0x65, 0x72, 0x2f, 0x6c, 0x69, 0x73, 0x74, 0x65, 0x6e, 0x65, 0x72,
+	0x5f, 0x63, 0x6f, 0x6d, 0x70, 0x6f, 0x6e, 0x65, 0x6e, 0x74, 0x73, 0x2e, 0x70, 0x72, 0x6f, 0x74,
+	0x6f, 0x12, 0x15, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x76, 0x32, 0x2e,
+	0x6c, 0x69, 0x73, 0x74, 0x65, 0x6e, 0x65, 0x72, 0x1a, 0x1b, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2f,
+	0x61, 0x70, 0x69, 0x2f, 0x76, 0x32, 0x2f, 0x61, 0x75, 0x74, 0x68, 0x2f, 0x74, 0x6c, 0x73, 0x2e,
+	0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x1f, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2f, 0x61, 0x70, 0x69,
+	0x2f, 0x76, 0x32, 0x2f, 0x63, 0x6f, 0x72, 0x65, 0x2f, 0x61, 0x64, 0x64, 0x72, 0x65, 0x73, 0x73,
+	0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x1c, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2f, 0x61, 0x70,
+	0x69, 0x2f, 0x76, 0x32, 0x2f, 0x63, 0x6f, 0x72, 0x65, 0x2f, 0x62, 0x61, 0x73, 0x65, 0x2e, 0x70,
+	0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x16, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2f, 0x74, 0x79, 0x70, 0x65,
+	0x2f, 0x72, 0x61, 0x6e, 0x67, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x19, 0x67, 0x6f,
+	0x6f, 0x67, 0x6c, 0x65, 0x2f, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2f, 0x61, 0x6e,
+	0x79, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x1c, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2f,
+	0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2f, 0x73, 0x74, 0x72, 0x75, 0x63, 0x74, 0x2e,
+	0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x1e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2f, 0x70, 0x72,
+	0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2f, 0x77, 0x72, 0x61, 0x70, 0x70, 0x65, 0x72, 0x73, 0x2e,
+	0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x1e, 0x75, 0x64, 0x70, 0x61, 0x2f, 0x61, 0x6e, 0x6e, 0x6f,
+	0x74, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x2f, 0x6d, 0x69, 0x67, 0x72, 0x61, 0x74, 0x65, 0x2e,
+	0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x1d, 0x75, 0x64, 0x70, 0x61, 0x2f, 0x61, 0x6e, 0x6e, 0x6f,
+	0x74, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x2f, 0x73, 0x74, 0x61, 0x74, 0x75, 0x73, 0x2e, 0x70,
+	0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x17, 0x76, 0x61, 0x6c, 0x69, 0x64, 0x61, 0x74, 0x65, 0x2f, 0x76,
+	0x61, 0x6c, 0x69, 0x64, 0x61, 0x74, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x22, 0xac, 0x01,
+	0x0a, 0x06, 0x46, 0x69, 0x6c, 0x74, 0x65, 0x72, 0x12, 0x1b, 0x0a, 0x04, 0x6e, 0x61, 0x6d, 0x65,
+	0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x42, 0x07, 0xfa, 0x42, 0x04, 0x72, 0x02, 0x20, 0x01, 0x52,
+	0x04, 0x6e, 0x61, 0x6d, 0x65, 0x12, 0x35, 0x0a, 0x06, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x18,
+	0x02, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x17, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70,
+	0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x53, 0x74, 0x72, 0x75, 0x63, 0x74, 0x42, 0x02,
+	0x18, 0x01, 0x48, 0x00, 0x52, 0x06, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x12, 0x39, 0x0a, 0x0c,
+	0x74, 0x79, 0x70, 0x65, 0x64, 0x5f, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x18, 0x04, 0x20, 0x01,
+	0x28, 0x0b, 0x32, 0x14, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74,
+	0x6f, 0x62, 0x75, 0x66, 0x2e, 0x41, 0x6e, 0x79, 0x48, 0x00, 0x52, 0x0b, 0x74, 0x79, 0x70, 0x65,
+	0x64, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x42, 0x0d, 0x0a, 0x0b, 0x63, 0x6f, 0x6e, 0x66, 0x69,
+	0x67, 0x5f, 0x74, 0x79, 0x70, 0x65, 0x4a, 0x04, 0x08, 0x03, 0x10, 0x04, 0x22, 0xe1, 0x05, 0x0a,
+	0x10, 0x46, 0x69, 0x6c, 0x74, 0x65, 0x72, 0x43, 0x68, 0x61, 0x69, 0x6e, 0x4d, 0x61, 0x74, 0x63,
+	0x68, 0x12, 0x54, 0x0a, 0x10, 0x64, 0x65, 0x73, 0x74, 0x69, 0x6e, 0x61, 0x74, 0x69, 0x6f, 0x6e,
+	0x5f, 0x70, 0x6f, 0x72, 0x74, 0x18, 0x08, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1c, 0x2e, 0x67, 0x6f,
+	0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x55, 0x49,
+	0x6e, 0x74, 0x33, 0x32, 0x56, 0x61, 0x6c, 0x75, 0x65, 0x42, 0x0b, 0xfa, 0x42, 0x08, 0x2a, 0x06,
+	0x18, 0xff, 0xff, 0x03, 0x28, 0x01, 0x52, 0x0f, 0x64, 0x65, 0x73, 0x74, 0x69, 0x6e, 0x61, 0x74,
+	0x69, 0x6f, 0x6e, 0x50, 0x6f, 0x72, 0x74, 0x12, 0x41, 0x0a, 0x0d, 0x70, 0x72, 0x65, 0x66, 0x69,
+	0x78, 0x5f, 0x72, 0x61, 0x6e, 0x67, 0x65, 0x73, 0x18, 0x03, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x1c,
+	0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x76, 0x32, 0x2e, 0x63, 0x6f,
+	0x72, 0x65, 0x2e, 0x43, 0x69, 0x64, 0x72, 0x52, 0x61, 0x6e, 0x67, 0x65, 0x52, 0x0c, 0x70, 0x72,
+	0x65, 0x66, 0x69, 0x78, 0x52, 0x61, 0x6e, 0x67, 0x65, 0x73, 0x12, 0x25, 0x0a, 0x0e, 0x61, 0x64,
+	0x64, 0x72, 0x65, 0x73, 0x73, 0x5f, 0x73, 0x75, 0x66, 0x66, 0x69, 0x78, 0x18, 0x04, 0x20, 0x01,
+	0x28, 0x09, 0x52, 0x0d, 0x61, 0x64, 0x64, 0x72, 0x65, 0x73, 0x73, 0x53, 0x75, 0x66, 0x66, 0x69,
+	0x78, 0x12, 0x3b, 0x0a, 0x0a, 0x73, 0x75, 0x66, 0x66, 0x69, 0x78, 0x5f, 0x6c, 0x65, 0x6e, 0x18,
+	0x05, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1c, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70,
+	0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x55, 0x49, 0x6e, 0x74, 0x33, 0x32, 0x56, 0x61,
+	0x6c, 0x75, 0x65, 0x52, 0x09, 0x73, 0x75, 0x66, 0x66, 0x69, 0x78, 0x4c, 0x65, 0x6e, 0x12, 0x67,
+	0x0a, 0x0b, 0x73, 0x6f, 0x75, 0x72, 0x63, 0x65, 0x5f, 0x74, 0x79, 0x70, 0x65, 0x18, 0x0c, 0x20,
+	0x01, 0x28, 0x0e, 0x32, 0x3c, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61, 0x70, 0x69, 0x2e,
+	0x76, 0x32, 0x2e, 0x6c, 0x69, 0x73, 0x74, 0x65, 0x6e, 0x65, 0x72, 0x2e, 0x46, 0x69, 0x6c, 0x74,
+	0x65, 0x72, 0x43, 0x68, 0x61, 0x69, 0x6e, 0x4d, 0x61, 0x74, 0x63, 0x68, 0x2e, 0x43, 0x6f, 0x6e,
+	0x6e, 0x65, 0x63, 0x74, 0x69, 0x6f, 0x6e, 0x53, 0x6f, 0x75, 0x72, 0x63, 0x65, 0x54, 0x79, 0x70,
+	0x65, 0x42, 0x08, 0xfa, 0x42, 0x05, 0x82, 0x01, 0x02, 0x10, 0x01, 0x52, 0x0a, 0x73, 0x6f, 0x75,
+	0x72, 0x63, 0x65, 0x54, 0x79, 0x70, 0x65, 0x12, 0x4e, 0x0a, 0x14, 0x73, 0x6f, 0x75, 0x72, 0x63,
+	0x65, 0x5f, 0x70, 0x72, 0x65, 0x66, 0x69, 0x78, 0x5f, 0x72, 0x61, 0x6e, 0x67, 0x65, 0x73, 0x18,
+	0x06, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x1c, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61, 0x70,
+	0x69, 0x2e, 0x76, 0x32, 0x2e, 0x63, 0x6f, 0x72, 0x65, 0x2e, 0x43, 0x69, 0x64, 0x72, 0x52, 0x61,
+	0x6e, 0x67, 0x65, 0x52, 0x12, 0x73, 0x6f, 0x75, 0x72, 0x63, 0x65, 0x50, 0x72, 0x65, 0x66, 0x69,
+	0x78, 0x52, 0x61, 0x6e, 0x67, 0x65, 0x73, 0x12, 0x33, 0x0a, 0x0c, 0x73, 0x6f, 0x75, 0x72, 0x63,
+	0x65, 0x5f, 0x70, 0x6f, 0x72, 0x74, 0x73, 0x18, 0x07, 0x20, 0x03, 0x28, 0x0d, 0x42, 0x10, 0xfa,
+	0x42, 0x0d, 0x92, 0x01, 0x0a, 0x22, 0x08, 0x2a, 0x06, 0x18, 0xff, 0xff, 0x03, 0x28, 0x01, 0x52,
+	0x0b, 0x73, 0x6f, 0x75, 0x72, 0x63, 0x65, 0x50, 0x6f, 0x72, 0x74, 0x73, 0x12, 0x21, 0x0a, 0x0c,
+	0x73, 0x65, 0x72, 0x76, 0x65, 0x72, 0x5f, 0x6e, 0x61, 0x6d, 0x65, 0x73, 0x18, 0x0b, 0x20, 0x03,
+	0x28, 0x09, 0x52, 0x0b, 0x73, 0x65, 0x72, 0x76, 0x65, 0x72, 0x4e, 0x61, 0x6d, 0x65, 0x73, 0x12,
+	0x2d, 0x0a, 0x12, 0x74, 0x72, 0x61, 0x6e, 0x73, 0x70, 0x6f, 0x72, 0x74, 0x5f, 0x70, 0x72, 0x6f,
+	0x74, 0x6f, 0x63, 0x6f, 0x6c, 0x18, 0x09, 0x20, 0x01, 0x28, 0x09, 0x52, 0x11, 0x74, 0x72, 0x61,
+	0x6e, 0x73, 0x70, 0x6f, 0x72, 0x74, 0x50, 0x72, 0x6f, 0x74, 0x6f, 0x63, 0x6f, 0x6c, 0x12, 0x33,
+	0x0a, 0x15, 0x61, 0x70, 0x70, 0x6c, 0x69, 0x63, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x5f, 0x70, 0x72,
+	0x6f, 0x74, 0x6f, 0x63, 0x6f, 0x6c, 0x73, 0x18, 0x0a, 0x20, 0x03, 0x28, 0x09, 0x52, 0x14, 0x61,
+	0x70, 0x70, 0x6c, 0x69, 0x63, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x50, 0x72, 0x6f, 0x74, 0x6f, 0x63,
+	0x6f, 0x6c, 0x73, 0x22, 0x55, 0x0a, 0x14, 0x43, 0x6f, 0x6e, 0x6e, 0x65, 0x63, 0x74, 0x69, 0x6f,
+	0x6e, 0x53, 0x6f, 0x75, 0x72, 0x63, 0x65, 0x54, 0x79, 0x70, 0x65, 0x12, 0x07, 0x0a, 0x03, 0x41,
+	0x4e, 0x59, 0x10, 0x00, 0x12, 0x26, 0x0a, 0x05, 0x4c, 0x4f, 0x43, 0x41, 0x4c, 0x10, 0x01, 0x1a,
+	0x1b, 0xf2, 0x98, 0xfe, 0x8f, 0x05, 0x15, 0x0a, 0x13, 0x53, 0x41, 0x4d, 0x45, 0x5f, 0x49, 0x50,
+	0x5f, 0x4f, 0x52, 0x5f, 0x4c, 0x4f, 0x4f, 0x50, 0x42, 0x41, 0x43, 0x4b, 0x12, 0x0c, 0x0a, 0x08,
+	0x45, 0x58, 0x54, 0x45, 0x52, 0x4e, 0x41, 0x4c, 0x10, 0x02, 0x4a, 0x04, 0x08, 0x01, 0x10, 0x02,
+	0x22, 0xcb, 0x03, 0x0a, 0x0b, 0x46, 0x69, 0x6c, 0x74, 0x65, 0x72, 0x43, 0x68, 0x61, 0x69, 0x6e,
+	0x12, 0x55, 0x0a, 0x12, 0x66, 0x69, 0x6c, 0x74, 0x65, 0x72, 0x5f, 0x63, 0x68, 0x61, 0x69, 0x6e,
+	0x5f, 0x6d, 0x61, 0x74, 0x63, 0x68, 0x18, 0x01, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x27, 0x2e, 0x65,
+	0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x76, 0x32, 0x2e, 0x6c, 0x69, 0x73, 0x74,
+	0x65, 0x6e, 0x65, 0x72, 0x2e, 0x46, 0x69, 0x6c, 0x74, 0x65, 0x72, 0x43, 0x68, 0x61, 0x69, 0x6e,
+	0x4d, 0x61, 0x74, 0x63, 0x68, 0x52, 0x10, 0x66, 0x69, 0x6c, 0x74, 0x65, 0x72, 0x43, 0x68, 0x61,
+	0x69, 0x6e, 0x4d, 0x61, 0x74, 0x63, 0x68, 0x12, 0x4c, 0x0a, 0x0b, 0x74, 0x6c, 0x73, 0x5f, 0x63,
+	0x6f, 0x6e, 0x74, 0x65, 0x78, 0x74, 0x18, 0x02, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x27, 0x2e, 0x65,
+	0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x76, 0x32, 0x2e, 0x61, 0x75, 0x74, 0x68,
+	0x2e, 0x44, 0x6f, 0x77, 0x6e, 0x73, 0x74, 0x72, 0x65, 0x61, 0x6d, 0x54, 0x6c, 0x73, 0x43, 0x6f,
+	0x6e, 0x74, 0x65, 0x78, 0x74, 0x42, 0x02, 0x18, 0x01, 0x52, 0x0a, 0x74, 0x6c, 0x73, 0x43, 0x6f,
+	0x6e, 0x74, 0x65, 0x78, 0x74, 0x12, 0x37, 0x0a, 0x07, 0x66, 0x69, 0x6c, 0x74, 0x65, 0x72, 0x73,
+	0x18, 0x03, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x1d, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61,
+	0x70, 0x69, 0x2e, 0x76, 0x32, 0x2e, 0x6c, 0x69, 0x73, 0x74, 0x65, 0x6e, 0x65, 0x72, 0x2e, 0x46,
+	0x69, 0x6c, 0x74, 0x65, 0x72, 0x52, 0x07, 0x66, 0x69, 0x6c, 0x74, 0x65, 0x72, 0x73, 0x12, 0x42,
+	0x0a, 0x0f, 0x75, 0x73, 0x65, 0x5f, 0x70, 0x72, 0x6f, 0x78, 0x79, 0x5f, 0x70, 0x72, 0x6f, 0x74,
+	0x6f, 0x18, 0x04, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1a, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65,
+	0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x42, 0x6f, 0x6f, 0x6c, 0x56, 0x61,
+	0x6c, 0x75, 0x65, 0x52, 0x0d, 0x75, 0x73, 0x65, 0x50, 0x72, 0x6f, 0x78, 0x79, 0x50, 0x72, 0x6f,
+	0x74, 0x6f, 0x12, 0x37, 0x0a, 0x08, 0x6d, 0x65, 0x74, 0x61, 0x64, 0x61, 0x74, 0x61, 0x18, 0x05,
+	0x20, 0x01, 0x28, 0x0b, 0x32, 0x1b, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61, 0x70, 0x69,
+	0x2e, 0x76, 0x32, 0x2e, 0x63, 0x6f, 0x72, 0x65, 0x2e, 0x4d, 0x65, 0x74, 0x61, 0x64, 0x61, 0x74,
+	0x61, 0x52, 0x08, 0x6d, 0x65, 0x74, 0x61, 0x64, 0x61, 0x74, 0x61, 0x12, 0x4d, 0x0a, 0x10, 0x74,
+	0x72, 0x61, 0x6e, 0x73, 0x70, 0x6f, 0x72, 0x74, 0x5f, 0x73, 0x6f, 0x63, 0x6b, 0x65, 0x74, 0x18,
+	0x06, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x22, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61, 0x70,
+	0x69, 0x2e, 0x76, 0x32, 0x2e, 0x63, 0x6f, 0x72, 0x65, 0x2e, 0x54, 0x72, 0x61, 0x6e, 0x73, 0x70,
+	0x6f, 0x72, 0x74, 0x53, 0x6f, 0x63, 0x6b, 0x65, 0x74, 0x52, 0x0f, 0x74, 0x72, 0x61, 0x6e, 0x73,
+	0x70, 0x6f, 0x72, 0x74, 0x53, 0x6f, 0x63, 0x6b, 0x65, 0x74, 0x12, 0x12, 0x0a, 0x04, 0x6e, 0x61,
+	0x6d, 0x65, 0x18, 0x07, 0x20, 0x01, 0x28, 0x09, 0x52, 0x04, 0x6e, 0x61, 0x6d, 0x65, 0x22, 0xa9,
+	0x04, 0x0a, 0x21, 0x4c, 0x69, 0x73, 0x74, 0x65, 0x6e, 0x65, 0x72, 0x46, 0x69, 0x6c, 0x74, 0x65,
+	0x72, 0x43, 0x68, 0x61, 0x69, 0x6e, 0x4d, 0x61, 0x74, 0x63, 0x68, 0x50, 0x72, 0x65, 0x64, 0x69,
+	0x63, 0x61, 0x74, 0x65, 0x12, 0x5e, 0x0a, 0x08, 0x6f, 0x72, 0x5f, 0x6d, 0x61, 0x74, 0x63, 0x68,
+	0x18, 0x01, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x41, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61,
+	0x70, 0x69, 0x2e, 0x76, 0x32, 0x2e, 0x6c, 0x69, 0x73, 0x74, 0x65, 0x6e, 0x65, 0x72, 0x2e, 0x4c,
+	0x69, 0x73, 0x74, 0x65, 0x6e, 0x65, 0x72, 0x46, 0x69, 0x6c, 0x74, 0x65, 0x72, 0x43, 0x68, 0x61,
+	0x69, 0x6e, 0x4d, 0x61, 0x74, 0x63, 0x68, 0x50, 0x72, 0x65, 0x64, 0x69, 0x63, 0x61, 0x74, 0x65,
+	0x2e, 0x4d, 0x61, 0x74, 0x63, 0x68, 0x53, 0x65, 0x74, 0x48, 0x00, 0x52, 0x07, 0x6f, 0x72, 0x4d,
+	0x61, 0x74, 0x63, 0x68, 0x12, 0x60, 0x0a, 0x09, 0x61, 0x6e, 0x64, 0x5f, 0x6d, 0x61, 0x74, 0x63,
+	0x68, 0x18, 0x02, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x41, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e,
+	0x61, 0x70, 0x69, 0x2e, 0x76, 0x32, 0x2e, 0x6c, 0x69, 0x73, 0x74, 0x65, 0x6e, 0x65, 0x72, 0x2e,
+	0x4c, 0x69, 0x73, 0x74, 0x65, 0x6e, 0x65, 0x72, 0x46, 0x69, 0x6c, 0x74, 0x65, 0x72, 0x43, 0x68,
+	0x61, 0x69, 0x6e, 0x4d, 0x61, 0x74, 0x63, 0x68, 0x50, 0x72, 0x65, 0x64, 0x69, 0x63, 0x61, 0x74,
+	0x65, 0x2e, 0x4d, 0x61, 0x74, 0x63, 0x68, 0x53, 0x65, 0x74, 0x48, 0x00, 0x52, 0x08, 0x61, 0x6e,
+	0x64, 0x4d, 0x61, 0x74, 0x63, 0x68, 0x12, 0x57, 0x0a, 0x09, 0x6e, 0x6f, 0x74, 0x5f, 0x6d, 0x61,
+	0x74, 0x63, 0x68, 0x18, 0x03, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x38, 0x2e, 0x65, 0x6e, 0x76, 0x6f,
+	0x79, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x76, 0x32, 0x2e, 0x6c, 0x69, 0x73, 0x74, 0x65, 0x6e, 0x65,
+	0x72, 0x2e, 0x4c, 0x69, 0x73, 0x74, 0x65, 0x6e, 0x65, 0x72, 0x46, 0x69, 0x6c, 0x74, 0x65, 0x72,
+	0x43, 0x68, 0x61, 0x69, 0x6e, 0x4d, 0x61, 0x74, 0x63, 0x68, 0x50, 0x72, 0x65, 0x64, 0x69, 0x63,
+	0x61, 0x74, 0x65, 0x48, 0x00, 0x52, 0x08, 0x6e, 0x6f, 0x74, 0x4d, 0x61, 0x74, 0x63, 0x68, 0x12,
+	0x26, 0x0a, 0x09, 0x61, 0x6e, 0x79, 0x5f, 0x6d, 0x61, 0x74, 0x63, 0x68, 0x18, 0x04, 0x20, 0x01,
+	0x28, 0x08, 0x42, 0x07, 0xfa, 0x42, 0x04, 0x6a, 0x02, 0x08, 0x01, 0x48, 0x00, 0x52, 0x08, 0x61,
+	0x6e, 0x79, 0x4d, 0x61, 0x74, 0x63, 0x68, 0x12, 0x4e, 0x0a, 0x16, 0x64, 0x65, 0x73, 0x74, 0x69,
+	0x6e, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x5f, 0x70, 0x6f, 0x72, 0x74, 0x5f, 0x72, 0x61, 0x6e, 0x67,
+	0x65, 0x18, 0x05, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x16, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e,
+	0x74, 0x79, 0x70, 0x65, 0x2e, 0x49, 0x6e, 0x74, 0x33, 0x32, 0x52, 0x61, 0x6e, 0x67, 0x65, 0x48,
+	0x00, 0x52, 0x14, 0x64, 0x65, 0x73, 0x74, 0x69, 0x6e, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x50, 0x6f,
+	0x72, 0x74, 0x52, 0x61, 0x6e, 0x67, 0x65, 0x1a, 0x64, 0x0a, 0x08, 0x4d, 0x61, 0x74, 0x63, 0x68,
+	0x53, 0x65, 0x74, 0x12, 0x58, 0x0a, 0x05, 0x72, 0x75, 0x6c, 0x65, 0x73, 0x18, 0x01, 0x20, 0x03,
+	0x28, 0x0b, 0x32, 0x38, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x76,
+	0x32, 0x2e, 0x6c, 0x69, 0x73, 0x74, 0x65, 0x6e, 0x65, 0x72, 0x2e, 0x4c, 0x69, 0x73, 0x74, 0x65,
+	0x6e, 0x65, 0x72, 0x46, 0x69, 0x6c, 0x74, 0x65, 0x72, 0x43, 0x68, 0x61, 0x69, 0x6e, 0x4d, 0x61,
+	0x74, 0x63, 0x68, 0x50, 0x72, 0x65, 0x64, 0x69, 0x63, 0x61, 0x74, 0x65, 0x42, 0x08, 0xfa, 0x42,
+	0x05, 0x92, 0x01, 0x02, 0x08, 0x02, 0x52, 0x05, 0x72, 0x75, 0x6c, 0x65, 0x73, 0x42, 0x0b, 0x0a,
+	0x04, 0x72, 0x75, 0x6c, 0x65, 0x12, 0x03, 0xf8, 0x42, 0x01, 0x22, 0x91, 0x02, 0x0a, 0x0e, 0x4c,
+	0x69, 0x73, 0x74, 0x65, 0x6e, 0x65, 0x72, 0x46, 0x69, 0x6c, 0x74, 0x65, 0x72, 0x12, 0x1b, 0x0a,
+	0x04, 0x6e, 0x61, 0x6d, 0x65, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x42, 0x07, 0xfa, 0x42, 0x04,
+	0x72, 0x02, 0x20, 0x01, 0x52, 0x04, 0x6e, 0x61, 0x6d, 0x65, 0x12, 0x35, 0x0a, 0x06, 0x63, 0x6f,
+	0x6e, 0x66, 0x69, 0x67, 0x18, 0x02, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x17, 0x2e, 0x67, 0x6f, 0x6f,
+	0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x53, 0x74, 0x72,
+	0x75, 0x63, 0x74, 0x42, 0x02, 0x18, 0x01, 0x48, 0x00, 0x52, 0x06, 0x63, 0x6f, 0x6e, 0x66, 0x69,
+	0x67, 0x12, 0x39, 0x0a, 0x0c, 0x74, 0x79, 0x70, 0x65, 0x64, 0x5f, 0x63, 0x6f, 0x6e, 0x66, 0x69,
+	0x67, 0x18, 0x03, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x14, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65,
+	0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x41, 0x6e, 0x79, 0x48, 0x00, 0x52,
+	0x0b, 0x74, 0x79, 0x70, 0x65, 0x64, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x12, 0x61, 0x0a, 0x0f,
+	0x66, 0x69, 0x6c, 0x74, 0x65, 0x72, 0x5f, 0x64, 0x69, 0x73, 0x61, 0x62, 0x6c, 0x65, 0x64, 0x18,
+	0x04, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x38, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61, 0x70,
+	0x69, 0x2e, 0x76, 0x32, 0x2e, 0x6c, 0x69, 0x73, 0x74, 0x65, 0x6e, 0x65, 0x72, 0x2e, 0x4c, 0x69,
+	0x73, 0x74, 0x65, 0x6e, 0x65, 0x72, 0x46, 0x69, 0x6c, 0x74, 0x65, 0x72, 0x43, 0x68, 0x61, 0x69,
+	0x6e, 0x4d, 0x61, 0x74, 0x63, 0x68, 0x50, 0x72, 0x65, 0x64, 0x69, 0x63, 0x61, 0x74, 0x65, 0x52,
+	0x0e, 0x66, 0x69, 0x6c, 0x74, 0x65, 0x72, 0x44, 0x69, 0x73, 0x61, 0x62, 0x6c, 0x65, 0x64, 0x42,
+	0x0d, 0x0a, 0x0b, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x5f, 0x74, 0x79, 0x70, 0x65, 0x42, 0x9c,
+	0x01, 0x0a, 0x23, 0x69, 0x6f, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x70, 0x72, 0x6f, 0x78, 0x79,
+	0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x76, 0x32, 0x2e, 0x6c, 0x69,
+	0x73, 0x74, 0x65, 0x6e, 0x65, 0x72, 0x42, 0x17, 0x4c, 0x69, 0x73, 0x74, 0x65, 0x6e, 0x65, 0x72,
+	0x43, 0x6f, 0x6d, 0x70, 0x6f, 0x6e, 0x65, 0x6e, 0x74, 0x73, 0x50, 0x72, 0x6f, 0x74, 0x6f, 0x50,
+	0x01, 0xaa, 0x02, 0x17, 0x45, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x41, 0x70, 0x69, 0x2e, 0x56, 0x32,
+	0x2e, 0x4c, 0x69, 0x73, 0x74, 0x65, 0x6e, 0x65, 0x72, 0x4e, 0x53, 0xea, 0x02, 0x17, 0x45, 0x6e,
+	0x76, 0x6f, 0x79, 0x2e, 0x41, 0x70, 0x69, 0x2e, 0x56, 0x32, 0x2e, 0x4c, 0x69, 0x73, 0x74, 0x65,
+	0x6e, 0x65, 0x72, 0x4e, 0x53, 0xf2, 0x98, 0xfe, 0x8f, 0x05, 0x1a, 0x12, 0x18, 0x65, 0x6e, 0x76,
+	0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x6c, 0x69, 0x73, 0x74, 0x65, 0x6e,
+	0x65, 0x72, 0x2e, 0x76, 0x33, 0xba, 0x80, 0xc8, 0xd1, 0x06, 0x02, 0x10, 0x01, 0x62, 0x06, 0x70,
+	0x72, 0x6f, 0x74, 0x6f, 0x33,
+}
+
+var (
+	file_envoy_api_v2_listener_listener_components_proto_rawDescOnce sync.Once
+	file_envoy_api_v2_listener_listener_components_proto_rawDescData = file_envoy_api_v2_listener_listener_components_proto_rawDesc
+)
+
+func file_envoy_api_v2_listener_listener_components_proto_rawDescGZIP() []byte {
+	file_envoy_api_v2_listener_listener_components_proto_rawDescOnce.Do(func() {
+		file_envoy_api_v2_listener_listener_components_proto_rawDescData = protoimpl.X.CompressGZIP(file_envoy_api_v2_listener_listener_components_proto_rawDescData)
+	})
+	return file_envoy_api_v2_listener_listener_components_proto_rawDescData
+}
+
+var file_envoy_api_v2_listener_listener_components_proto_enumTypes = make([]protoimpl.EnumInfo, 1)
+var file_envoy_api_v2_listener_listener_components_proto_msgTypes = make([]protoimpl.MessageInfo, 6)
+var file_envoy_api_v2_listener_listener_components_proto_goTypes = []interface{}{
+	(FilterChainMatch_ConnectionSourceType)(0), // 0: envoy.api.v2.listener.FilterChainMatch.ConnectionSourceType
+	(*Filter)(nil),                                     // 1: envoy.api.v2.listener.Filter
+	(*FilterChainMatch)(nil),                           // 2: envoy.api.v2.listener.FilterChainMatch
+	(*FilterChain)(nil),                                // 3: envoy.api.v2.listener.FilterChain
+	(*ListenerFilterChainMatchPredicate)(nil),          // 4: envoy.api.v2.listener.ListenerFilterChainMatchPredicate
+	(*ListenerFilter)(nil),                             // 5: envoy.api.v2.listener.ListenerFilter
+	(*ListenerFilterChainMatchPredicate_MatchSet)(nil), // 6: envoy.api.v2.listener.ListenerFilterChainMatchPredicate.MatchSet
+	(*_struct.Struct)(nil),                             // 7: google.protobuf.Struct
+	(*any.Any)(nil),                                    // 8: google.protobuf.Any
+	(*wrappers.UInt32Value)(nil),                       // 9: google.protobuf.UInt32Value
+	(*core.CidrRange)(nil),                             // 10: envoy.api.v2.core.CidrRange
+	(*auth.DownstreamTlsContext)(nil),                  // 11: envoy.api.v2.auth.DownstreamTlsContext
+	(*wrappers.BoolValue)(nil),                         // 12: google.protobuf.BoolValue
+	(*core.Metadata)(nil),                              // 13: envoy.api.v2.core.Metadata
+	(*core.TransportSocket)(nil),                       // 14: envoy.api.v2.core.TransportSocket
+	(*_type.Int32Range)(nil),                           // 15: envoy.type.Int32Range
+}
+var file_envoy_api_v2_listener_listener_components_proto_depIdxs = []int32{
+	7,  // 0: envoy.api.v2.listener.Filter.config:type_name -> google.protobuf.Struct
+	8,  // 1: envoy.api.v2.listener.Filter.typed_config:type_name -> google.protobuf.Any
+	9,  // 2: envoy.api.v2.listener.FilterChainMatch.destination_port:type_name -> google.protobuf.UInt32Value
+	10, // 3: envoy.api.v2.listener.FilterChainMatch.prefix_ranges:type_name -> envoy.api.v2.core.CidrRange
+	9,  // 4: envoy.api.v2.listener.FilterChainMatch.suffix_len:type_name -> google.protobuf.UInt32Value
+	0,  // 5: envoy.api.v2.listener.FilterChainMatch.source_type:type_name -> envoy.api.v2.listener.FilterChainMatch.ConnectionSourceType
+	10, // 6: envoy.api.v2.listener.FilterChainMatch.source_prefix_ranges:type_name -> envoy.api.v2.core.CidrRange
+	2,  // 7: envoy.api.v2.listener.FilterChain.filter_chain_match:type_name -> envoy.api.v2.listener.FilterChainMatch
+	11, // 8: envoy.api.v2.listener.FilterChain.tls_context:type_name -> envoy.api.v2.auth.DownstreamTlsContext
+	1,  // 9: envoy.api.v2.listener.FilterChain.filters:type_name -> envoy.api.v2.listener.Filter
+	12, // 10: envoy.api.v2.listener.FilterChain.use_proxy_proto:type_name -> google.protobuf.BoolValue
+	13, // 11: envoy.api.v2.listener.FilterChain.metadata:type_name -> envoy.api.v2.core.Metadata
+	14, // 12: envoy.api.v2.listener.FilterChain.transport_socket:type_name -> envoy.api.v2.core.TransportSocket
+	6,  // 13: envoy.api.v2.listener.ListenerFilterChainMatchPredicate.or_match:type_name -> envoy.api.v2.listener.ListenerFilterChainMatchPredicate.MatchSet
+	6,  // 14: envoy.api.v2.listener.ListenerFilterChainMatchPredicate.and_match:type_name -> envoy.api.v2.listener.ListenerFilterChainMatchPredicate.MatchSet
+	4,  // 15: envoy.api.v2.listener.ListenerFilterChainMatchPredicate.not_match:type_name -> envoy.api.v2.listener.ListenerFilterChainMatchPredicate
+	15, // 16: envoy.api.v2.listener.ListenerFilterChainMatchPredicate.destination_port_range:type_name -> envoy.type.Int32Range
+	7,  // 17: envoy.api.v2.listener.ListenerFilter.config:type_name -> google.protobuf.Struct
+	8,  // 18: envoy.api.v2.listener.ListenerFilter.typed_config:type_name -> google.protobuf.Any
+	4,  // 19: envoy.api.v2.listener.ListenerFilter.filter_disabled:type_name -> envoy.api.v2.listener.ListenerFilterChainMatchPredicate
+	4,  // 20: envoy.api.v2.listener.ListenerFilterChainMatchPredicate.MatchSet.rules:type_name -> envoy.api.v2.listener.ListenerFilterChainMatchPredicate
+	21, // [21:21] is the sub-list for method output_type
+	21, // [21:21] is the sub-list for method input_type
+	21, // [21:21] is the sub-list for extension type_name
+	21, // [21:21] is the sub-list for extension extendee
+	0,  // [0:21] is the sub-list for field type_name
+}
+
+func init() { file_envoy_api_v2_listener_listener_components_proto_init() }
+func file_envoy_api_v2_listener_listener_components_proto_init() {
+	if File_envoy_api_v2_listener_listener_components_proto != nil {
+		return
+	}
+	if !protoimpl.UnsafeEnabled {
+		file_envoy_api_v2_listener_listener_components_proto_msgTypes[0].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*Filter); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_api_v2_listener_listener_components_proto_msgTypes[1].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*FilterChainMatch); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_api_v2_listener_listener_components_proto_msgTypes[2].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*FilterChain); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_api_v2_listener_listener_components_proto_msgTypes[3].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*ListenerFilterChainMatchPredicate); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_api_v2_listener_listener_components_proto_msgTypes[4].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*ListenerFilter); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_api_v2_listener_listener_components_proto_msgTypes[5].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*ListenerFilterChainMatchPredicate_MatchSet); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+	}
+	file_envoy_api_v2_listener_listener_components_proto_msgTypes[0].OneofWrappers = []interface{}{
+		(*Filter_Config)(nil),
+		(*Filter_TypedConfig)(nil),
+	}
+	file_envoy_api_v2_listener_listener_components_proto_msgTypes[3].OneofWrappers = []interface{}{
+		(*ListenerFilterChainMatchPredicate_OrMatch)(nil),
+		(*ListenerFilterChainMatchPredicate_AndMatch)(nil),
+		(*ListenerFilterChainMatchPredicate_NotMatch)(nil),
+		(*ListenerFilterChainMatchPredicate_AnyMatch)(nil),
+		(*ListenerFilterChainMatchPredicate_DestinationPortRange)(nil),
+	}
+	file_envoy_api_v2_listener_listener_components_proto_msgTypes[4].OneofWrappers = []interface{}{
+		(*ListenerFilter_Config)(nil),
+		(*ListenerFilter_TypedConfig)(nil),
+	}
+	type x struct{}
+	out := protoimpl.TypeBuilder{
+		File: protoimpl.DescBuilder{
+			GoPackagePath: reflect.TypeOf(x{}).PkgPath(),
+			RawDescriptor: file_envoy_api_v2_listener_listener_components_proto_rawDesc,
+			NumEnums:      1,
+			NumMessages:   6,
+			NumExtensions: 0,
+			NumServices:   0,
+		},
+		GoTypes:           file_envoy_api_v2_listener_listener_components_proto_goTypes,
+		DependencyIndexes: file_envoy_api_v2_listener_listener_components_proto_depIdxs,
+		EnumInfos:         file_envoy_api_v2_listener_listener_components_proto_enumTypes,
+		MessageInfos:      file_envoy_api_v2_listener_listener_components_proto_msgTypes,
+	}.Build()
+	File_envoy_api_v2_listener_listener_components_proto = out.File
+	file_envoy_api_v2_listener_listener_components_proto_rawDesc = nil
+	file_envoy_api_v2_listener_listener_components_proto_goTypes = nil
+	file_envoy_api_v2_listener_listener_components_proto_depIdxs = nil
+}
diff --git a/vendor/github.com/envoyproxy/go-control-plane/envoy/api/v2/listener/listener_components.pb.validate.go b/vendor/github.com/envoyproxy/go-control-plane/envoy/api/v2/listener/listener_components.pb.validate.go
new file mode 100644
index 00000000000..ffd26d78ff2
--- /dev/null
+++ b/vendor/github.com/envoyproxy/go-control-plane/envoy/api/v2/listener/listener_components.pb.validate.go
@@ -0,0 +1,1341 @@
+// Code generated by protoc-gen-validate. DO NOT EDIT.
+// source: envoy/api/v2/listener/listener_components.proto
+
+package envoy_api_v2_listener
+
+import (
+	"bytes"
+	"errors"
+	"fmt"
+	"net"
+	"net/mail"
+	"net/url"
+	"regexp"
+	"sort"
+	"strings"
+	"time"
+	"unicode/utf8"
+
+	"google.golang.org/protobuf/types/known/anypb"
+)
+
+// ensure the imports are used
+var (
+	_ = bytes.MinRead
+	_ = errors.New("")
+	_ = fmt.Print
+	_ = utf8.UTFMax
+	_ = (*regexp.Regexp)(nil)
+	_ = (*strings.Reader)(nil)
+	_ = net.IPv4len
+	_ = time.Duration(0)
+	_ = (*url.URL)(nil)
+	_ = (*mail.Address)(nil)
+	_ = anypb.Any{}
+	_ = sort.Sort
+)
+
+// Validate checks the field values on Filter with the rules defined in the
+// proto definition for this message. If any rules are violated, the first
+// error encountered is returned, or nil if there are no violations.
+func (m *Filter) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on Filter with the rules defined in the
+// proto definition for this message. If any rules are violated, the result is
+// a list of violation errors wrapped in FilterMultiError, or nil if none found.
+func (m *Filter) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *Filter) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	if len(m.GetName()) < 1 {
+		err := FilterValidationError{
+			field:  "Name",
+			reason: "value length must be at least 1 bytes",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+	}
+
+	switch m.ConfigType.(type) {
+
+	case *Filter_Config:
+
+		if all {
+			switch v := interface{}(m.GetConfig()).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, FilterValidationError{
+						field:  "Config",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, FilterValidationError{
+						field:  "Config",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(m.GetConfig()).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return FilterValidationError{
+					field:  "Config",
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	case *Filter_TypedConfig:
+
+		if all {
+			switch v := interface{}(m.GetTypedConfig()).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, FilterValidationError{
+						field:  "TypedConfig",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, FilterValidationError{
+						field:  "TypedConfig",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(m.GetTypedConfig()).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return FilterValidationError{
+					field:  "TypedConfig",
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	}
+
+	if len(errors) > 0 {
+		return FilterMultiError(errors)
+	}
+	return nil
+}
+
+// FilterMultiError is an error wrapping multiple validation errors returned by
+// Filter.ValidateAll() if the designated constraints aren't met.
+type FilterMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m FilterMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m FilterMultiError) AllErrors() []error { return m }
+
+// FilterValidationError is the validation error returned by Filter.Validate if
+// the designated constraints aren't met.
+type FilterValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e FilterValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e FilterValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e FilterValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e FilterValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e FilterValidationError) ErrorName() string { return "FilterValidationError" }
+
+// Error satisfies the builtin error interface
+func (e FilterValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sFilter.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = FilterValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = FilterValidationError{}
+
+// Validate checks the field values on FilterChainMatch with the rules defined
+// in the proto definition for this message. If any rules are violated, the
+// first error encountered is returned, or nil if there are no violations.
+func (m *FilterChainMatch) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on FilterChainMatch with the rules
+// defined in the proto definition for this message. If any rules are
+// violated, the result is a list of violation errors wrapped in
+// FilterChainMatchMultiError, or nil if none found.
+func (m *FilterChainMatch) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *FilterChainMatch) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	if wrapper := m.GetDestinationPort(); wrapper != nil {
+
+		if val := wrapper.GetValue(); val < 1 || val > 65535 {
+			err := FilterChainMatchValidationError{
+				field:  "DestinationPort",
+				reason: "value must be inside range [1, 65535]",
+			}
+			if !all {
+				return err
+			}
+			errors = append(errors, err)
+		}
+
+	}
+
+	for idx, item := range m.GetPrefixRanges() {
+		_, _ = idx, item
+
+		if all {
+			switch v := interface{}(item).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, FilterChainMatchValidationError{
+						field:  fmt.Sprintf("PrefixRanges[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, FilterChainMatchValidationError{
+						field:  fmt.Sprintf("PrefixRanges[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(item).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return FilterChainMatchValidationError{
+					field:  fmt.Sprintf("PrefixRanges[%v]", idx),
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	}
+
+	// no validation rules for AddressSuffix
+
+	if all {
+		switch v := interface{}(m.GetSuffixLen()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, FilterChainMatchValidationError{
+					field:  "SuffixLen",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, FilterChainMatchValidationError{
+					field:  "SuffixLen",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetSuffixLen()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return FilterChainMatchValidationError{
+				field:  "SuffixLen",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if _, ok := FilterChainMatch_ConnectionSourceType_name[int32(m.GetSourceType())]; !ok {
+		err := FilterChainMatchValidationError{
+			field:  "SourceType",
+			reason: "value must be one of the defined enum values",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+	}
+
+	for idx, item := range m.GetSourcePrefixRanges() {
+		_, _ = idx, item
+
+		if all {
+			switch v := interface{}(item).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, FilterChainMatchValidationError{
+						field:  fmt.Sprintf("SourcePrefixRanges[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, FilterChainMatchValidationError{
+						field:  fmt.Sprintf("SourcePrefixRanges[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(item).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return FilterChainMatchValidationError{
+					field:  fmt.Sprintf("SourcePrefixRanges[%v]", idx),
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	}
+
+	for idx, item := range m.GetSourcePorts() {
+		_, _ = idx, item
+
+		if val := item; val < 1 || val > 65535 {
+			err := FilterChainMatchValidationError{
+				field:  fmt.Sprintf("SourcePorts[%v]", idx),
+				reason: "value must be inside range [1, 65535]",
+			}
+			if !all {
+				return err
+			}
+			errors = append(errors, err)
+		}
+
+	}
+
+	// no validation rules for TransportProtocol
+
+	if len(errors) > 0 {
+		return FilterChainMatchMultiError(errors)
+	}
+	return nil
+}
+
+// FilterChainMatchMultiError is an error wrapping multiple validation errors
+// returned by FilterChainMatch.ValidateAll() if the designated constraints
+// aren't met.
+type FilterChainMatchMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m FilterChainMatchMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m FilterChainMatchMultiError) AllErrors() []error { return m }
+
+// FilterChainMatchValidationError is the validation error returned by
+// FilterChainMatch.Validate if the designated constraints aren't met.
+type FilterChainMatchValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e FilterChainMatchValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e FilterChainMatchValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e FilterChainMatchValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e FilterChainMatchValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e FilterChainMatchValidationError) ErrorName() string { return "FilterChainMatchValidationError" }
+
+// Error satisfies the builtin error interface
+func (e FilterChainMatchValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sFilterChainMatch.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = FilterChainMatchValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = FilterChainMatchValidationError{}
+
+// Validate checks the field values on FilterChain with the rules defined in
+// the proto definition for this message. If any rules are violated, the first
+// error encountered is returned, or nil if there are no violations.
+func (m *FilterChain) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on FilterChain with the rules defined in
+// the proto definition for this message. If any rules are violated, the
+// result is a list of violation errors wrapped in FilterChainMultiError, or
+// nil if none found.
+func (m *FilterChain) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *FilterChain) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	if all {
+		switch v := interface{}(m.GetFilterChainMatch()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, FilterChainValidationError{
+					field:  "FilterChainMatch",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, FilterChainValidationError{
+					field:  "FilterChainMatch",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetFilterChainMatch()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return FilterChainValidationError{
+				field:  "FilterChainMatch",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if all {
+		switch v := interface{}(m.GetTlsContext()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, FilterChainValidationError{
+					field:  "TlsContext",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, FilterChainValidationError{
+					field:  "TlsContext",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetTlsContext()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return FilterChainValidationError{
+				field:  "TlsContext",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	for idx, item := range m.GetFilters() {
+		_, _ = idx, item
+
+		if all {
+			switch v := interface{}(item).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, FilterChainValidationError{
+						field:  fmt.Sprintf("Filters[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, FilterChainValidationError{
+						field:  fmt.Sprintf("Filters[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(item).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return FilterChainValidationError{
+					field:  fmt.Sprintf("Filters[%v]", idx),
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	}
+
+	if all {
+		switch v := interface{}(m.GetUseProxyProto()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, FilterChainValidationError{
+					field:  "UseProxyProto",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, FilterChainValidationError{
+					field:  "UseProxyProto",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetUseProxyProto()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return FilterChainValidationError{
+				field:  "UseProxyProto",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if all {
+		switch v := interface{}(m.GetMetadata()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, FilterChainValidationError{
+					field:  "Metadata",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, FilterChainValidationError{
+					field:  "Metadata",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetMetadata()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return FilterChainValidationError{
+				field:  "Metadata",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if all {
+		switch v := interface{}(m.GetTransportSocket()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, FilterChainValidationError{
+					field:  "TransportSocket",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, FilterChainValidationError{
+					field:  "TransportSocket",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetTransportSocket()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return FilterChainValidationError{
+				field:  "TransportSocket",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	// no validation rules for Name
+
+	if len(errors) > 0 {
+		return FilterChainMultiError(errors)
+	}
+	return nil
+}
+
+// FilterChainMultiError is an error wrapping multiple validation errors
+// returned by FilterChain.ValidateAll() if the designated constraints aren't met.
+type FilterChainMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m FilterChainMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m FilterChainMultiError) AllErrors() []error { return m }
+
+// FilterChainValidationError is the validation error returned by
+// FilterChain.Validate if the designated constraints aren't met.
+type FilterChainValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e FilterChainValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e FilterChainValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e FilterChainValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e FilterChainValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e FilterChainValidationError) ErrorName() string { return "FilterChainValidationError" }
+
+// Error satisfies the builtin error interface
+func (e FilterChainValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sFilterChain.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = FilterChainValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = FilterChainValidationError{}
+
+// Validate checks the field values on ListenerFilterChainMatchPredicate with
+// the rules defined in the proto definition for this message. If any rules
+// are violated, the first error encountered is returned, or nil if there are
+// no violations.
+func (m *ListenerFilterChainMatchPredicate) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on ListenerFilterChainMatchPredicate
+// with the rules defined in the proto definition for this message. If any
+// rules are violated, the result is a list of violation errors wrapped in
+// ListenerFilterChainMatchPredicateMultiError, or nil if none found.
+func (m *ListenerFilterChainMatchPredicate) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *ListenerFilterChainMatchPredicate) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	switch m.Rule.(type) {
+
+	case *ListenerFilterChainMatchPredicate_OrMatch:
+
+		if all {
+			switch v := interface{}(m.GetOrMatch()).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, ListenerFilterChainMatchPredicateValidationError{
+						field:  "OrMatch",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, ListenerFilterChainMatchPredicateValidationError{
+						field:  "OrMatch",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(m.GetOrMatch()).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return ListenerFilterChainMatchPredicateValidationError{
+					field:  "OrMatch",
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	case *ListenerFilterChainMatchPredicate_AndMatch:
+
+		if all {
+			switch v := interface{}(m.GetAndMatch()).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, ListenerFilterChainMatchPredicateValidationError{
+						field:  "AndMatch",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, ListenerFilterChainMatchPredicateValidationError{
+						field:  "AndMatch",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(m.GetAndMatch()).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return ListenerFilterChainMatchPredicateValidationError{
+					field:  "AndMatch",
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	case *ListenerFilterChainMatchPredicate_NotMatch:
+
+		if all {
+			switch v := interface{}(m.GetNotMatch()).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, ListenerFilterChainMatchPredicateValidationError{
+						field:  "NotMatch",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, ListenerFilterChainMatchPredicateValidationError{
+						field:  "NotMatch",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(m.GetNotMatch()).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return ListenerFilterChainMatchPredicateValidationError{
+					field:  "NotMatch",
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	case *ListenerFilterChainMatchPredicate_AnyMatch:
+
+		if m.GetAnyMatch() != true {
+			err := ListenerFilterChainMatchPredicateValidationError{
+				field:  "AnyMatch",
+				reason: "value must equal true",
+			}
+			if !all {
+				return err
+			}
+			errors = append(errors, err)
+		}
+
+	case *ListenerFilterChainMatchPredicate_DestinationPortRange:
+
+		if all {
+			switch v := interface{}(m.GetDestinationPortRange()).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, ListenerFilterChainMatchPredicateValidationError{
+						field:  "DestinationPortRange",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, ListenerFilterChainMatchPredicateValidationError{
+						field:  "DestinationPortRange",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(m.GetDestinationPortRange()).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return ListenerFilterChainMatchPredicateValidationError{
+					field:  "DestinationPortRange",
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	default:
+		err := ListenerFilterChainMatchPredicateValidationError{
+			field:  "Rule",
+			reason: "value is required",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+
+	}
+
+	if len(errors) > 0 {
+		return ListenerFilterChainMatchPredicateMultiError(errors)
+	}
+	return nil
+}
+
+// ListenerFilterChainMatchPredicateMultiError is an error wrapping multiple
+// validation errors returned by
+// ListenerFilterChainMatchPredicate.ValidateAll() if the designated
+// constraints aren't met.
+type ListenerFilterChainMatchPredicateMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m ListenerFilterChainMatchPredicateMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m ListenerFilterChainMatchPredicateMultiError) AllErrors() []error { return m }
+
+// ListenerFilterChainMatchPredicateValidationError is the validation error
+// returned by ListenerFilterChainMatchPredicate.Validate if the designated
+// constraints aren't met.
+type ListenerFilterChainMatchPredicateValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e ListenerFilterChainMatchPredicateValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e ListenerFilterChainMatchPredicateValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e ListenerFilterChainMatchPredicateValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e ListenerFilterChainMatchPredicateValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e ListenerFilterChainMatchPredicateValidationError) ErrorName() string {
+	return "ListenerFilterChainMatchPredicateValidationError"
+}
+
+// Error satisfies the builtin error interface
+func (e ListenerFilterChainMatchPredicateValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sListenerFilterChainMatchPredicate.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = ListenerFilterChainMatchPredicateValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = ListenerFilterChainMatchPredicateValidationError{}
+
+// Validate checks the field values on ListenerFilter with the rules defined in
+// the proto definition for this message. If any rules are violated, the first
+// error encountered is returned, or nil if there are no violations.
+func (m *ListenerFilter) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on ListenerFilter with the rules defined
+// in the proto definition for this message. If any rules are violated, the
+// result is a list of violation errors wrapped in ListenerFilterMultiError,
+// or nil if none found.
+func (m *ListenerFilter) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *ListenerFilter) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	if len(m.GetName()) < 1 {
+		err := ListenerFilterValidationError{
+			field:  "Name",
+			reason: "value length must be at least 1 bytes",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+	}
+
+	if all {
+		switch v := interface{}(m.GetFilterDisabled()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, ListenerFilterValidationError{
+					field:  "FilterDisabled",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, ListenerFilterValidationError{
+					field:  "FilterDisabled",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetFilterDisabled()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return ListenerFilterValidationError{
+				field:  "FilterDisabled",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	switch m.ConfigType.(type) {
+
+	case *ListenerFilter_Config:
+
+		if all {
+			switch v := interface{}(m.GetConfig()).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, ListenerFilterValidationError{
+						field:  "Config",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, ListenerFilterValidationError{
+						field:  "Config",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(m.GetConfig()).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return ListenerFilterValidationError{
+					field:  "Config",
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	case *ListenerFilter_TypedConfig:
+
+		if all {
+			switch v := interface{}(m.GetTypedConfig()).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, ListenerFilterValidationError{
+						field:  "TypedConfig",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, ListenerFilterValidationError{
+						field:  "TypedConfig",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(m.GetTypedConfig()).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return ListenerFilterValidationError{
+					field:  "TypedConfig",
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	}
+
+	if len(errors) > 0 {
+		return ListenerFilterMultiError(errors)
+	}
+	return nil
+}
+
+// ListenerFilterMultiError is an error wrapping multiple validation errors
+// returned by ListenerFilter.ValidateAll() if the designated constraints
+// aren't met.
+type ListenerFilterMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m ListenerFilterMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m ListenerFilterMultiError) AllErrors() []error { return m }
+
+// ListenerFilterValidationError is the validation error returned by
+// ListenerFilter.Validate if the designated constraints aren't met.
+type ListenerFilterValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e ListenerFilterValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e ListenerFilterValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e ListenerFilterValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e ListenerFilterValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e ListenerFilterValidationError) ErrorName() string { return "ListenerFilterValidationError" }
+
+// Error satisfies the builtin error interface
+func (e ListenerFilterValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sListenerFilter.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = ListenerFilterValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = ListenerFilterValidationError{}
+
+// Validate checks the field values on
+// ListenerFilterChainMatchPredicate_MatchSet with the rules defined in the
+// proto definition for this message. If any rules are violated, the first
+// error encountered is returned, or nil if there are no violations.
+func (m *ListenerFilterChainMatchPredicate_MatchSet) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on
+// ListenerFilterChainMatchPredicate_MatchSet with the rules defined in the
+// proto definition for this message. If any rules are violated, the result is
+// a list of violation errors wrapped in
+// ListenerFilterChainMatchPredicate_MatchSetMultiError, or nil if none found.
+func (m *ListenerFilterChainMatchPredicate_MatchSet) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *ListenerFilterChainMatchPredicate_MatchSet) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	if len(m.GetRules()) < 2 {
+		err := ListenerFilterChainMatchPredicate_MatchSetValidationError{
+			field:  "Rules",
+			reason: "value must contain at least 2 item(s)",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+	}
+
+	for idx, item := range m.GetRules() {
+		_, _ = idx, item
+
+		if all {
+			switch v := interface{}(item).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, ListenerFilterChainMatchPredicate_MatchSetValidationError{
+						field:  fmt.Sprintf("Rules[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, ListenerFilterChainMatchPredicate_MatchSetValidationError{
+						field:  fmt.Sprintf("Rules[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(item).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return ListenerFilterChainMatchPredicate_MatchSetValidationError{
+					field:  fmt.Sprintf("Rules[%v]", idx),
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	}
+
+	if len(errors) > 0 {
+		return ListenerFilterChainMatchPredicate_MatchSetMultiError(errors)
+	}
+	return nil
+}
+
+// ListenerFilterChainMatchPredicate_MatchSetMultiError is an error wrapping
+// multiple validation errors returned by
+// ListenerFilterChainMatchPredicate_MatchSet.ValidateAll() if the designated
+// constraints aren't met.
+type ListenerFilterChainMatchPredicate_MatchSetMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m ListenerFilterChainMatchPredicate_MatchSetMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m ListenerFilterChainMatchPredicate_MatchSetMultiError) AllErrors() []error { return m }
+
+// ListenerFilterChainMatchPredicate_MatchSetValidationError is the validation
+// error returned by ListenerFilterChainMatchPredicate_MatchSet.Validate if
+// the designated constraints aren't met.
+type ListenerFilterChainMatchPredicate_MatchSetValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e ListenerFilterChainMatchPredicate_MatchSetValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e ListenerFilterChainMatchPredicate_MatchSetValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e ListenerFilterChainMatchPredicate_MatchSetValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e ListenerFilterChainMatchPredicate_MatchSetValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e ListenerFilterChainMatchPredicate_MatchSetValidationError) ErrorName() string {
+	return "ListenerFilterChainMatchPredicate_MatchSetValidationError"
+}
+
+// Error satisfies the builtin error interface
+func (e ListenerFilterChainMatchPredicate_MatchSetValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sListenerFilterChainMatchPredicate_MatchSet.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = ListenerFilterChainMatchPredicate_MatchSetValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = ListenerFilterChainMatchPredicate_MatchSetValidationError{}
diff --git a/vendor/github.com/envoyproxy/go-control-plane/envoy/api/v2/listener/quic_config.pb.go b/vendor/github.com/envoyproxy/go-control-plane/envoy/api/v2/listener/quic_config.pb.go
new file mode 100644
index 00000000000..2f9b8606960
--- /dev/null
+++ b/vendor/github.com/envoyproxy/go-control-plane/envoy/api/v2/listener/quic_config.pb.go
@@ -0,0 +1,211 @@
+// Code generated by protoc-gen-go. DO NOT EDIT.
+// versions:
+// 	protoc-gen-go v1.25.0
+// 	protoc        v3.19.1
+// source: envoy/api/v2/listener/quic_config.proto
+
+package envoy_api_v2_listener
+
+import (
+	_ "github.com/cncf/xds/go/udpa/annotations"
+	proto "github.com/golang/protobuf/proto"
+	duration "github.com/golang/protobuf/ptypes/duration"
+	wrappers "github.com/golang/protobuf/ptypes/wrappers"
+	protoreflect "google.golang.org/protobuf/reflect/protoreflect"
+	protoimpl "google.golang.org/protobuf/runtime/protoimpl"
+	reflect "reflect"
+	sync "sync"
+)
+
+const (
+	// Verify that this generated code is sufficiently up-to-date.
+	_ = protoimpl.EnforceVersion(20 - protoimpl.MinVersion)
+	// Verify that runtime/protoimpl is sufficiently up-to-date.
+	_ = protoimpl.EnforceVersion(protoimpl.MaxVersion - 20)
+)
+
+// This is a compile-time assertion that a sufficiently up-to-date version
+// of the legacy proto package is being used.
+const _ = proto.ProtoPackageIsVersion4
+
+// Configuration specific to the QUIC protocol.
+// Next id: 4
+type QuicProtocolOptions struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// Maximum number of streams that the client can negotiate per connection. 100
+	// if not specified.
+	MaxConcurrentStreams *wrappers.UInt32Value `protobuf:"bytes,1,opt,name=max_concurrent_streams,json=maxConcurrentStreams,proto3" json:"max_concurrent_streams,omitempty"`
+	// Maximum number of milliseconds that connection will be alive when there is
+	// no network activity. 300000ms if not specified.
+	IdleTimeout *duration.Duration `protobuf:"bytes,2,opt,name=idle_timeout,json=idleTimeout,proto3" json:"idle_timeout,omitempty"`
+	// Connection timeout in milliseconds before the crypto handshake is finished.
+	// 20000ms if not specified.
+	CryptoHandshakeTimeout *duration.Duration `protobuf:"bytes,3,opt,name=crypto_handshake_timeout,json=cryptoHandshakeTimeout,proto3" json:"crypto_handshake_timeout,omitempty"`
+}
+
+func (x *QuicProtocolOptions) Reset() {
+	*x = QuicProtocolOptions{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_api_v2_listener_quic_config_proto_msgTypes[0]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *QuicProtocolOptions) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*QuicProtocolOptions) ProtoMessage() {}
+
+func (x *QuicProtocolOptions) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_api_v2_listener_quic_config_proto_msgTypes[0]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use QuicProtocolOptions.ProtoReflect.Descriptor instead.
+func (*QuicProtocolOptions) Descriptor() ([]byte, []int) {
+	return file_envoy_api_v2_listener_quic_config_proto_rawDescGZIP(), []int{0}
+}
+
+func (x *QuicProtocolOptions) GetMaxConcurrentStreams() *wrappers.UInt32Value {
+	if x != nil {
+		return x.MaxConcurrentStreams
+	}
+	return nil
+}
+
+func (x *QuicProtocolOptions) GetIdleTimeout() *duration.Duration {
+	if x != nil {
+		return x.IdleTimeout
+	}
+	return nil
+}
+
+func (x *QuicProtocolOptions) GetCryptoHandshakeTimeout() *duration.Duration {
+	if x != nil {
+		return x.CryptoHandshakeTimeout
+	}
+	return nil
+}
+
+var File_envoy_api_v2_listener_quic_config_proto protoreflect.FileDescriptor
+
+var file_envoy_api_v2_listener_quic_config_proto_rawDesc = []byte{
+	0x0a, 0x27, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2f, 0x61, 0x70, 0x69, 0x2f, 0x76, 0x32, 0x2f, 0x6c,
+	0x69, 0x73, 0x74, 0x65, 0x6e, 0x65, 0x72, 0x2f, 0x71, 0x75, 0x69, 0x63, 0x5f, 0x63, 0x6f, 0x6e,
+	0x66, 0x69, 0x67, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x12, 0x15, 0x65, 0x6e, 0x76, 0x6f, 0x79,
+	0x2e, 0x61, 0x70, 0x69, 0x2e, 0x76, 0x32, 0x2e, 0x6c, 0x69, 0x73, 0x74, 0x65, 0x6e, 0x65, 0x72,
+	0x1a, 0x1e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2f, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75,
+	0x66, 0x2f, 0x64, 0x75, 0x72, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f,
+	0x1a, 0x1e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2f, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75,
+	0x66, 0x2f, 0x77, 0x72, 0x61, 0x70, 0x70, 0x65, 0x72, 0x73, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f,
+	0x1a, 0x1e, 0x75, 0x64, 0x70, 0x61, 0x2f, 0x61, 0x6e, 0x6e, 0x6f, 0x74, 0x61, 0x74, 0x69, 0x6f,
+	0x6e, 0x73, 0x2f, 0x6d, 0x69, 0x67, 0x72, 0x61, 0x74, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f,
+	0x1a, 0x1d, 0x75, 0x64, 0x70, 0x61, 0x2f, 0x61, 0x6e, 0x6e, 0x6f, 0x74, 0x61, 0x74, 0x69, 0x6f,
+	0x6e, 0x73, 0x2f, 0x73, 0x74, 0x61, 0x74, 0x75, 0x73, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x22,
+	0xfc, 0x01, 0x0a, 0x13, 0x51, 0x75, 0x69, 0x63, 0x50, 0x72, 0x6f, 0x74, 0x6f, 0x63, 0x6f, 0x6c,
+	0x4f, 0x70, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x12, 0x52, 0x0a, 0x16, 0x6d, 0x61, 0x78, 0x5f, 0x63,
+	0x6f, 0x6e, 0x63, 0x75, 0x72, 0x72, 0x65, 0x6e, 0x74, 0x5f, 0x73, 0x74, 0x72, 0x65, 0x61, 0x6d,
+	0x73, 0x18, 0x01, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1c, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65,
+	0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x55, 0x49, 0x6e, 0x74, 0x33, 0x32,
+	0x56, 0x61, 0x6c, 0x75, 0x65, 0x52, 0x14, 0x6d, 0x61, 0x78, 0x43, 0x6f, 0x6e, 0x63, 0x75, 0x72,
+	0x72, 0x65, 0x6e, 0x74, 0x53, 0x74, 0x72, 0x65, 0x61, 0x6d, 0x73, 0x12, 0x3c, 0x0a, 0x0c, 0x69,
+	0x64, 0x6c, 0x65, 0x5f, 0x74, 0x69, 0x6d, 0x65, 0x6f, 0x75, 0x74, 0x18, 0x02, 0x20, 0x01, 0x28,
+	0x0b, 0x32, 0x19, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f,
+	0x62, 0x75, 0x66, 0x2e, 0x44, 0x75, 0x72, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x52, 0x0b, 0x69, 0x64,
+	0x6c, 0x65, 0x54, 0x69, 0x6d, 0x65, 0x6f, 0x75, 0x74, 0x12, 0x53, 0x0a, 0x18, 0x63, 0x72, 0x79,
+	0x70, 0x74, 0x6f, 0x5f, 0x68, 0x61, 0x6e, 0x64, 0x73, 0x68, 0x61, 0x6b, 0x65, 0x5f, 0x74, 0x69,
+	0x6d, 0x65, 0x6f, 0x75, 0x74, 0x18, 0x03, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x19, 0x2e, 0x67, 0x6f,
+	0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x44, 0x75,
+	0x72, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x52, 0x16, 0x63, 0x72, 0x79, 0x70, 0x74, 0x6f, 0x48, 0x61,
+	0x6e, 0x64, 0x73, 0x68, 0x61, 0x6b, 0x65, 0x54, 0x69, 0x6d, 0x65, 0x6f, 0x75, 0x74, 0x42, 0x94,
+	0x01, 0x0a, 0x23, 0x69, 0x6f, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x70, 0x72, 0x6f, 0x78, 0x79,
+	0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x76, 0x32, 0x2e, 0x6c, 0x69,
+	0x73, 0x74, 0x65, 0x6e, 0x65, 0x72, 0x42, 0x0f, 0x51, 0x75, 0x69, 0x63, 0x43, 0x6f, 0x6e, 0x66,
+	0x69, 0x67, 0x50, 0x72, 0x6f, 0x74, 0x6f, 0x50, 0x01, 0xaa, 0x02, 0x17, 0x45, 0x6e, 0x76, 0x6f,
+	0x79, 0x2e, 0x41, 0x70, 0x69, 0x2e, 0x56, 0x32, 0x2e, 0x4c, 0x69, 0x73, 0x74, 0x65, 0x6e, 0x65,
+	0x72, 0x4e, 0x53, 0xea, 0x02, 0x17, 0x45, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x41, 0x70, 0x69, 0x2e,
+	0x56, 0x32, 0x2e, 0x4c, 0x69, 0x73, 0x74, 0x65, 0x6e, 0x65, 0x72, 0x4e, 0x53, 0xf2, 0x98, 0xfe,
+	0x8f, 0x05, 0x1a, 0x12, 0x18, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69,
+	0x67, 0x2e, 0x6c, 0x69, 0x73, 0x74, 0x65, 0x6e, 0x65, 0x72, 0x2e, 0x76, 0x33, 0xba, 0x80, 0xc8,
+	0xd1, 0x06, 0x02, 0x10, 0x01, 0x62, 0x06, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x33,
+}
+
+var (
+	file_envoy_api_v2_listener_quic_config_proto_rawDescOnce sync.Once
+	file_envoy_api_v2_listener_quic_config_proto_rawDescData = file_envoy_api_v2_listener_quic_config_proto_rawDesc
+)
+
+func file_envoy_api_v2_listener_quic_config_proto_rawDescGZIP() []byte {
+	file_envoy_api_v2_listener_quic_config_proto_rawDescOnce.Do(func() {
+		file_envoy_api_v2_listener_quic_config_proto_rawDescData = protoimpl.X.CompressGZIP(file_envoy_api_v2_listener_quic_config_proto_rawDescData)
+	})
+	return file_envoy_api_v2_listener_quic_config_proto_rawDescData
+}
+
+var file_envoy_api_v2_listener_quic_config_proto_msgTypes = make([]protoimpl.MessageInfo, 1)
+var file_envoy_api_v2_listener_quic_config_proto_goTypes = []interface{}{
+	(*QuicProtocolOptions)(nil),  // 0: envoy.api.v2.listener.QuicProtocolOptions
+	(*wrappers.UInt32Value)(nil), // 1: google.protobuf.UInt32Value
+	(*duration.Duration)(nil),    // 2: google.protobuf.Duration
+}
+var file_envoy_api_v2_listener_quic_config_proto_depIdxs = []int32{
+	1, // 0: envoy.api.v2.listener.QuicProtocolOptions.max_concurrent_streams:type_name -> google.protobuf.UInt32Value
+	2, // 1: envoy.api.v2.listener.QuicProtocolOptions.idle_timeout:type_name -> google.protobuf.Duration
+	2, // 2: envoy.api.v2.listener.QuicProtocolOptions.crypto_handshake_timeout:type_name -> google.protobuf.Duration
+	3, // [3:3] is the sub-list for method output_type
+	3, // [3:3] is the sub-list for method input_type
+	3, // [3:3] is the sub-list for extension type_name
+	3, // [3:3] is the sub-list for extension extendee
+	0, // [0:3] is the sub-list for field type_name
+}
+
+func init() { file_envoy_api_v2_listener_quic_config_proto_init() }
+func file_envoy_api_v2_listener_quic_config_proto_init() {
+	if File_envoy_api_v2_listener_quic_config_proto != nil {
+		return
+	}
+	if !protoimpl.UnsafeEnabled {
+		file_envoy_api_v2_listener_quic_config_proto_msgTypes[0].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*QuicProtocolOptions); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+	}
+	type x struct{}
+	out := protoimpl.TypeBuilder{
+		File: protoimpl.DescBuilder{
+			GoPackagePath: reflect.TypeOf(x{}).PkgPath(),
+			RawDescriptor: file_envoy_api_v2_listener_quic_config_proto_rawDesc,
+			NumEnums:      0,
+			NumMessages:   1,
+			NumExtensions: 0,
+			NumServices:   0,
+		},
+		GoTypes:           file_envoy_api_v2_listener_quic_config_proto_goTypes,
+		DependencyIndexes: file_envoy_api_v2_listener_quic_config_proto_depIdxs,
+		MessageInfos:      file_envoy_api_v2_listener_quic_config_proto_msgTypes,
+	}.Build()
+	File_envoy_api_v2_listener_quic_config_proto = out.File
+	file_envoy_api_v2_listener_quic_config_proto_rawDesc = nil
+	file_envoy_api_v2_listener_quic_config_proto_goTypes = nil
+	file_envoy_api_v2_listener_quic_config_proto_depIdxs = nil
+}
diff --git a/vendor/github.com/envoyproxy/go-control-plane/envoy/api/v2/listener/quic_config.pb.validate.go b/vendor/github.com/envoyproxy/go-control-plane/envoy/api/v2/listener/quic_config.pb.validate.go
new file mode 100644
index 00000000000..480293085dd
--- /dev/null
+++ b/vendor/github.com/envoyproxy/go-control-plane/envoy/api/v2/listener/quic_config.pb.validate.go
@@ -0,0 +1,224 @@
+// Code generated by protoc-gen-validate. DO NOT EDIT.
+// source: envoy/api/v2/listener/quic_config.proto
+
+package envoy_api_v2_listener
+
+import (
+	"bytes"
+	"errors"
+	"fmt"
+	"net"
+	"net/mail"
+	"net/url"
+	"regexp"
+	"sort"
+	"strings"
+	"time"
+	"unicode/utf8"
+
+	"google.golang.org/protobuf/types/known/anypb"
+)
+
+// ensure the imports are used
+var (
+	_ = bytes.MinRead
+	_ = errors.New("")
+	_ = fmt.Print
+	_ = utf8.UTFMax
+	_ = (*regexp.Regexp)(nil)
+	_ = (*strings.Reader)(nil)
+	_ = net.IPv4len
+	_ = time.Duration(0)
+	_ = (*url.URL)(nil)
+	_ = (*mail.Address)(nil)
+	_ = anypb.Any{}
+	_ = sort.Sort
+)
+
+// Validate checks the field values on QuicProtocolOptions with the rules
+// defined in the proto definition for this message. If any rules are
+// violated, the first error encountered is returned, or nil if there are no violations.
+func (m *QuicProtocolOptions) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on QuicProtocolOptions with the rules
+// defined in the proto definition for this message. If any rules are
+// violated, the result is a list of violation errors wrapped in
+// QuicProtocolOptionsMultiError, or nil if none found.
+func (m *QuicProtocolOptions) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *QuicProtocolOptions) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	if all {
+		switch v := interface{}(m.GetMaxConcurrentStreams()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, QuicProtocolOptionsValidationError{
+					field:  "MaxConcurrentStreams",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, QuicProtocolOptionsValidationError{
+					field:  "MaxConcurrentStreams",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetMaxConcurrentStreams()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return QuicProtocolOptionsValidationError{
+				field:  "MaxConcurrentStreams",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if all {
+		switch v := interface{}(m.GetIdleTimeout()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, QuicProtocolOptionsValidationError{
+					field:  "IdleTimeout",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, QuicProtocolOptionsValidationError{
+					field:  "IdleTimeout",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetIdleTimeout()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return QuicProtocolOptionsValidationError{
+				field:  "IdleTimeout",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if all {
+		switch v := interface{}(m.GetCryptoHandshakeTimeout()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, QuicProtocolOptionsValidationError{
+					field:  "CryptoHandshakeTimeout",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, QuicProtocolOptionsValidationError{
+					field:  "CryptoHandshakeTimeout",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetCryptoHandshakeTimeout()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return QuicProtocolOptionsValidationError{
+				field:  "CryptoHandshakeTimeout",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if len(errors) > 0 {
+		return QuicProtocolOptionsMultiError(errors)
+	}
+	return nil
+}
+
+// QuicProtocolOptionsMultiError is an error wrapping multiple validation
+// errors returned by QuicProtocolOptions.ValidateAll() if the designated
+// constraints aren't met.
+type QuicProtocolOptionsMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m QuicProtocolOptionsMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m QuicProtocolOptionsMultiError) AllErrors() []error { return m }
+
+// QuicProtocolOptionsValidationError is the validation error returned by
+// QuicProtocolOptions.Validate if the designated constraints aren't met.
+type QuicProtocolOptionsValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e QuicProtocolOptionsValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e QuicProtocolOptionsValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e QuicProtocolOptionsValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e QuicProtocolOptionsValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e QuicProtocolOptionsValidationError) ErrorName() string {
+	return "QuicProtocolOptionsValidationError"
+}
+
+// Error satisfies the builtin error interface
+func (e QuicProtocolOptionsValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sQuicProtocolOptions.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = QuicProtocolOptionsValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = QuicProtocolOptionsValidationError{}
diff --git a/vendor/github.com/envoyproxy/go-control-plane/envoy/api/v2/listener/udp_listener_config.pb.go b/vendor/github.com/envoyproxy/go-control-plane/envoy/api/v2/listener/udp_listener_config.pb.go
new file mode 100644
index 00000000000..f9c4a764a78
--- /dev/null
+++ b/vendor/github.com/envoyproxy/go-control-plane/envoy/api/v2/listener/udp_listener_config.pb.go
@@ -0,0 +1,289 @@
+// Code generated by protoc-gen-go. DO NOT EDIT.
+// versions:
+// 	protoc-gen-go v1.25.0
+// 	protoc        v3.19.1
+// source: envoy/api/v2/listener/udp_listener_config.proto
+
+package envoy_api_v2_listener
+
+import (
+	_ "github.com/cncf/xds/go/udpa/annotations"
+	proto "github.com/golang/protobuf/proto"
+	any "github.com/golang/protobuf/ptypes/any"
+	_struct "github.com/golang/protobuf/ptypes/struct"
+	protoreflect "google.golang.org/protobuf/reflect/protoreflect"
+	protoimpl "google.golang.org/protobuf/runtime/protoimpl"
+	reflect "reflect"
+	sync "sync"
+)
+
+const (
+	// Verify that this generated code is sufficiently up-to-date.
+	_ = protoimpl.EnforceVersion(20 - protoimpl.MinVersion)
+	// Verify that runtime/protoimpl is sufficiently up-to-date.
+	_ = protoimpl.EnforceVersion(protoimpl.MaxVersion - 20)
+)
+
+// This is a compile-time assertion that a sufficiently up-to-date version
+// of the legacy proto package is being used.
+const _ = proto.ProtoPackageIsVersion4
+
+type UdpListenerConfig struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// Used to look up UDP listener factory, matches "raw_udp_listener" or
+	// "quic_listener" to create a specific udp listener.
+	// If not specified, treat as "raw_udp_listener".
+	UdpListenerName string `protobuf:"bytes,1,opt,name=udp_listener_name,json=udpListenerName,proto3" json:"udp_listener_name,omitempty"`
+	// Used to create a specific listener factory. To some factory, e.g.
+	// "raw_udp_listener", config is not needed.
+	//
+	// Types that are assignable to ConfigType:
+	//	*UdpListenerConfig_Config
+	//	*UdpListenerConfig_TypedConfig
+	ConfigType isUdpListenerConfig_ConfigType `protobuf_oneof:"config_type"`
+}
+
+func (x *UdpListenerConfig) Reset() {
+	*x = UdpListenerConfig{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_api_v2_listener_udp_listener_config_proto_msgTypes[0]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *UdpListenerConfig) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*UdpListenerConfig) ProtoMessage() {}
+
+func (x *UdpListenerConfig) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_api_v2_listener_udp_listener_config_proto_msgTypes[0]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use UdpListenerConfig.ProtoReflect.Descriptor instead.
+func (*UdpListenerConfig) Descriptor() ([]byte, []int) {
+	return file_envoy_api_v2_listener_udp_listener_config_proto_rawDescGZIP(), []int{0}
+}
+
+func (x *UdpListenerConfig) GetUdpListenerName() string {
+	if x != nil {
+		return x.UdpListenerName
+	}
+	return ""
+}
+
+func (m *UdpListenerConfig) GetConfigType() isUdpListenerConfig_ConfigType {
+	if m != nil {
+		return m.ConfigType
+	}
+	return nil
+}
+
+// Deprecated: Do not use.
+func (x *UdpListenerConfig) GetConfig() *_struct.Struct {
+	if x, ok := x.GetConfigType().(*UdpListenerConfig_Config); ok {
+		return x.Config
+	}
+	return nil
+}
+
+func (x *UdpListenerConfig) GetTypedConfig() *any.Any {
+	if x, ok := x.GetConfigType().(*UdpListenerConfig_TypedConfig); ok {
+		return x.TypedConfig
+	}
+	return nil
+}
+
+type isUdpListenerConfig_ConfigType interface {
+	isUdpListenerConfig_ConfigType()
+}
+
+type UdpListenerConfig_Config struct {
+	// Deprecated: Do not use.
+	Config *_struct.Struct `protobuf:"bytes,2,opt,name=config,proto3,oneof"`
+}
+
+type UdpListenerConfig_TypedConfig struct {
+	TypedConfig *any.Any `protobuf:"bytes,3,opt,name=typed_config,json=typedConfig,proto3,oneof"`
+}
+
+func (*UdpListenerConfig_Config) isUdpListenerConfig_ConfigType() {}
+
+func (*UdpListenerConfig_TypedConfig) isUdpListenerConfig_ConfigType() {}
+
+type ActiveRawUdpListenerConfig struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+}
+
+func (x *ActiveRawUdpListenerConfig) Reset() {
+	*x = ActiveRawUdpListenerConfig{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_api_v2_listener_udp_listener_config_proto_msgTypes[1]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *ActiveRawUdpListenerConfig) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*ActiveRawUdpListenerConfig) ProtoMessage() {}
+
+func (x *ActiveRawUdpListenerConfig) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_api_v2_listener_udp_listener_config_proto_msgTypes[1]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use ActiveRawUdpListenerConfig.ProtoReflect.Descriptor instead.
+func (*ActiveRawUdpListenerConfig) Descriptor() ([]byte, []int) {
+	return file_envoy_api_v2_listener_udp_listener_config_proto_rawDescGZIP(), []int{1}
+}
+
+var File_envoy_api_v2_listener_udp_listener_config_proto protoreflect.FileDescriptor
+
+var file_envoy_api_v2_listener_udp_listener_config_proto_rawDesc = []byte{
+	0x0a, 0x2f, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2f, 0x61, 0x70, 0x69, 0x2f, 0x76, 0x32, 0x2f, 0x6c,
+	0x69, 0x73, 0x74, 0x65, 0x6e, 0x65, 0x72, 0x2f, 0x75, 0x64, 0x70, 0x5f, 0x6c, 0x69, 0x73, 0x74,
+	0x65, 0x6e, 0x65, 0x72, 0x5f, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x70, 0x72, 0x6f, 0x74,
+	0x6f, 0x12, 0x15, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x76, 0x32, 0x2e,
+	0x6c, 0x69, 0x73, 0x74, 0x65, 0x6e, 0x65, 0x72, 0x1a, 0x19, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65,
+	0x2f, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2f, 0x61, 0x6e, 0x79, 0x2e, 0x70, 0x72,
+	0x6f, 0x74, 0x6f, 0x1a, 0x1c, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2f, 0x70, 0x72, 0x6f, 0x74,
+	0x6f, 0x62, 0x75, 0x66, 0x2f, 0x73, 0x74, 0x72, 0x75, 0x63, 0x74, 0x2e, 0x70, 0x72, 0x6f, 0x74,
+	0x6f, 0x1a, 0x1e, 0x75, 0x64, 0x70, 0x61, 0x2f, 0x61, 0x6e, 0x6e, 0x6f, 0x74, 0x61, 0x74, 0x69,
+	0x6f, 0x6e, 0x73, 0x2f, 0x6d, 0x69, 0x67, 0x72, 0x61, 0x74, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74,
+	0x6f, 0x1a, 0x1d, 0x75, 0x64, 0x70, 0x61, 0x2f, 0x61, 0x6e, 0x6e, 0x6f, 0x74, 0x61, 0x74, 0x69,
+	0x6f, 0x6e, 0x73, 0x2f, 0x73, 0x74, 0x61, 0x74, 0x75, 0x73, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f,
+	0x22, 0xc0, 0x01, 0x0a, 0x11, 0x55, 0x64, 0x70, 0x4c, 0x69, 0x73, 0x74, 0x65, 0x6e, 0x65, 0x72,
+	0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x12, 0x2a, 0x0a, 0x11, 0x75, 0x64, 0x70, 0x5f, 0x6c, 0x69,
+	0x73, 0x74, 0x65, 0x6e, 0x65, 0x72, 0x5f, 0x6e, 0x61, 0x6d, 0x65, 0x18, 0x01, 0x20, 0x01, 0x28,
+	0x09, 0x52, 0x0f, 0x75, 0x64, 0x70, 0x4c, 0x69, 0x73, 0x74, 0x65, 0x6e, 0x65, 0x72, 0x4e, 0x61,
+	0x6d, 0x65, 0x12, 0x35, 0x0a, 0x06, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x18, 0x02, 0x20, 0x01,
+	0x28, 0x0b, 0x32, 0x17, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74,
+	0x6f, 0x62, 0x75, 0x66, 0x2e, 0x53, 0x74, 0x72, 0x75, 0x63, 0x74, 0x42, 0x02, 0x18, 0x01, 0x48,
+	0x00, 0x52, 0x06, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x12, 0x39, 0x0a, 0x0c, 0x74, 0x79, 0x70,
+	0x65, 0x64, 0x5f, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x18, 0x03, 0x20, 0x01, 0x28, 0x0b, 0x32,
+	0x14, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75,
+	0x66, 0x2e, 0x41, 0x6e, 0x79, 0x48, 0x00, 0x52, 0x0b, 0x74, 0x79, 0x70, 0x65, 0x64, 0x43, 0x6f,
+	0x6e, 0x66, 0x69, 0x67, 0x42, 0x0d, 0x0a, 0x0b, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x5f, 0x74,
+	0x79, 0x70, 0x65, 0x22, 0x1c, 0x0a, 0x1a, 0x41, 0x63, 0x74, 0x69, 0x76, 0x65, 0x52, 0x61, 0x77,
+	0x55, 0x64, 0x70, 0x4c, 0x69, 0x73, 0x74, 0x65, 0x6e, 0x65, 0x72, 0x43, 0x6f, 0x6e, 0x66, 0x69,
+	0x67, 0x42, 0x9b, 0x01, 0x0a, 0x23, 0x69, 0x6f, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x70, 0x72,
+	0x6f, 0x78, 0x79, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x76, 0x32,
+	0x2e, 0x6c, 0x69, 0x73, 0x74, 0x65, 0x6e, 0x65, 0x72, 0x42, 0x16, 0x55, 0x64, 0x70, 0x4c, 0x69,
+	0x73, 0x74, 0x65, 0x6e, 0x65, 0x72, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x50, 0x72, 0x6f, 0x74,
+	0x6f, 0x50, 0x01, 0xaa, 0x02, 0x17, 0x45, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x41, 0x70, 0x69, 0x2e,
+	0x56, 0x32, 0x2e, 0x4c, 0x69, 0x73, 0x74, 0x65, 0x6e, 0x65, 0x72, 0x4e, 0x53, 0xea, 0x02, 0x17,
+	0x45, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x41, 0x70, 0x69, 0x2e, 0x56, 0x32, 0x2e, 0x4c, 0x69, 0x73,
+	0x74, 0x65, 0x6e, 0x65, 0x72, 0x4e, 0x53, 0xf2, 0x98, 0xfe, 0x8f, 0x05, 0x1a, 0x12, 0x18, 0x65,
+	0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x6c, 0x69, 0x73, 0x74,
+	0x65, 0x6e, 0x65, 0x72, 0x2e, 0x76, 0x33, 0xba, 0x80, 0xc8, 0xd1, 0x06, 0x02, 0x10, 0x01, 0x62,
+	0x06, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x33,
+}
+
+var (
+	file_envoy_api_v2_listener_udp_listener_config_proto_rawDescOnce sync.Once
+	file_envoy_api_v2_listener_udp_listener_config_proto_rawDescData = file_envoy_api_v2_listener_udp_listener_config_proto_rawDesc
+)
+
+func file_envoy_api_v2_listener_udp_listener_config_proto_rawDescGZIP() []byte {
+	file_envoy_api_v2_listener_udp_listener_config_proto_rawDescOnce.Do(func() {
+		file_envoy_api_v2_listener_udp_listener_config_proto_rawDescData = protoimpl.X.CompressGZIP(file_envoy_api_v2_listener_udp_listener_config_proto_rawDescData)
+	})
+	return file_envoy_api_v2_listener_udp_listener_config_proto_rawDescData
+}
+
+var file_envoy_api_v2_listener_udp_listener_config_proto_msgTypes = make([]protoimpl.MessageInfo, 2)
+var file_envoy_api_v2_listener_udp_listener_config_proto_goTypes = []interface{}{
+	(*UdpListenerConfig)(nil),          // 0: envoy.api.v2.listener.UdpListenerConfig
+	(*ActiveRawUdpListenerConfig)(nil), // 1: envoy.api.v2.listener.ActiveRawUdpListenerConfig
+	(*_struct.Struct)(nil),             // 2: google.protobuf.Struct
+	(*any.Any)(nil),                    // 3: google.protobuf.Any
+}
+var file_envoy_api_v2_listener_udp_listener_config_proto_depIdxs = []int32{
+	2, // 0: envoy.api.v2.listener.UdpListenerConfig.config:type_name -> google.protobuf.Struct
+	3, // 1: envoy.api.v2.listener.UdpListenerConfig.typed_config:type_name -> google.protobuf.Any
+	2, // [2:2] is the sub-list for method output_type
+	2, // [2:2] is the sub-list for method input_type
+	2, // [2:2] is the sub-list for extension type_name
+	2, // [2:2] is the sub-list for extension extendee
+	0, // [0:2] is the sub-list for field type_name
+}
+
+func init() { file_envoy_api_v2_listener_udp_listener_config_proto_init() }
+func file_envoy_api_v2_listener_udp_listener_config_proto_init() {
+	if File_envoy_api_v2_listener_udp_listener_config_proto != nil {
+		return
+	}
+	if !protoimpl.UnsafeEnabled {
+		file_envoy_api_v2_listener_udp_listener_config_proto_msgTypes[0].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*UdpListenerConfig); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_api_v2_listener_udp_listener_config_proto_msgTypes[1].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*ActiveRawUdpListenerConfig); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+	}
+	file_envoy_api_v2_listener_udp_listener_config_proto_msgTypes[0].OneofWrappers = []interface{}{
+		(*UdpListenerConfig_Config)(nil),
+		(*UdpListenerConfig_TypedConfig)(nil),
+	}
+	type x struct{}
+	out := protoimpl.TypeBuilder{
+		File: protoimpl.DescBuilder{
+			GoPackagePath: reflect.TypeOf(x{}).PkgPath(),
+			RawDescriptor: file_envoy_api_v2_listener_udp_listener_config_proto_rawDesc,
+			NumEnums:      0,
+			NumMessages:   2,
+			NumExtensions: 0,
+			NumServices:   0,
+		},
+		GoTypes:           file_envoy_api_v2_listener_udp_listener_config_proto_goTypes,
+		DependencyIndexes: file_envoy_api_v2_listener_udp_listener_config_proto_depIdxs,
+		MessageInfos:      file_envoy_api_v2_listener_udp_listener_config_proto_msgTypes,
+	}.Build()
+	File_envoy_api_v2_listener_udp_listener_config_proto = out.File
+	file_envoy_api_v2_listener_udp_listener_config_proto_rawDesc = nil
+	file_envoy_api_v2_listener_udp_listener_config_proto_goTypes = nil
+	file_envoy_api_v2_listener_udp_listener_config_proto_depIdxs = nil
+}
diff --git a/vendor/github.com/envoyproxy/go-control-plane/envoy/api/v2/listener/udp_listener_config.pb.validate.go b/vendor/github.com/envoyproxy/go-control-plane/envoy/api/v2/listener/udp_listener_config.pb.validate.go
new file mode 100644
index 00000000000..21d6305d642
--- /dev/null
+++ b/vendor/github.com/envoyproxy/go-control-plane/envoy/api/v2/listener/udp_listener_config.pb.validate.go
@@ -0,0 +1,306 @@
+// Code generated by protoc-gen-validate. DO NOT EDIT.
+// source: envoy/api/v2/listener/udp_listener_config.proto
+
+package envoy_api_v2_listener
+
+import (
+	"bytes"
+	"errors"
+	"fmt"
+	"net"
+	"net/mail"
+	"net/url"
+	"regexp"
+	"sort"
+	"strings"
+	"time"
+	"unicode/utf8"
+
+	"google.golang.org/protobuf/types/known/anypb"
+)
+
+// ensure the imports are used
+var (
+	_ = bytes.MinRead
+	_ = errors.New("")
+	_ = fmt.Print
+	_ = utf8.UTFMax
+	_ = (*regexp.Regexp)(nil)
+	_ = (*strings.Reader)(nil)
+	_ = net.IPv4len
+	_ = time.Duration(0)
+	_ = (*url.URL)(nil)
+	_ = (*mail.Address)(nil)
+	_ = anypb.Any{}
+	_ = sort.Sort
+)
+
+// Validate checks the field values on UdpListenerConfig with the rules defined
+// in the proto definition for this message. If any rules are violated, the
+// first error encountered is returned, or nil if there are no violations.
+func (m *UdpListenerConfig) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on UdpListenerConfig with the rules
+// defined in the proto definition for this message. If any rules are
+// violated, the result is a list of violation errors wrapped in
+// UdpListenerConfigMultiError, or nil if none found.
+func (m *UdpListenerConfig) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *UdpListenerConfig) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	// no validation rules for UdpListenerName
+
+	switch m.ConfigType.(type) {
+
+	case *UdpListenerConfig_Config:
+
+		if all {
+			switch v := interface{}(m.GetConfig()).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, UdpListenerConfigValidationError{
+						field:  "Config",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, UdpListenerConfigValidationError{
+						field:  "Config",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(m.GetConfig()).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return UdpListenerConfigValidationError{
+					field:  "Config",
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	case *UdpListenerConfig_TypedConfig:
+
+		if all {
+			switch v := interface{}(m.GetTypedConfig()).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, UdpListenerConfigValidationError{
+						field:  "TypedConfig",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, UdpListenerConfigValidationError{
+						field:  "TypedConfig",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(m.GetTypedConfig()).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return UdpListenerConfigValidationError{
+					field:  "TypedConfig",
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	}
+
+	if len(errors) > 0 {
+		return UdpListenerConfigMultiError(errors)
+	}
+	return nil
+}
+
+// UdpListenerConfigMultiError is an error wrapping multiple validation errors
+// returned by UdpListenerConfig.ValidateAll() if the designated constraints
+// aren't met.
+type UdpListenerConfigMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m UdpListenerConfigMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m UdpListenerConfigMultiError) AllErrors() []error { return m }
+
+// UdpListenerConfigValidationError is the validation error returned by
+// UdpListenerConfig.Validate if the designated constraints aren't met.
+type UdpListenerConfigValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e UdpListenerConfigValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e UdpListenerConfigValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e UdpListenerConfigValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e UdpListenerConfigValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e UdpListenerConfigValidationError) ErrorName() string {
+	return "UdpListenerConfigValidationError"
+}
+
+// Error satisfies the builtin error interface
+func (e UdpListenerConfigValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sUdpListenerConfig.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = UdpListenerConfigValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = UdpListenerConfigValidationError{}
+
+// Validate checks the field values on ActiveRawUdpListenerConfig with the
+// rules defined in the proto definition for this message. If any rules are
+// violated, the first error encountered is returned, or nil if there are no violations.
+func (m *ActiveRawUdpListenerConfig) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on ActiveRawUdpListenerConfig with the
+// rules defined in the proto definition for this message. If any rules are
+// violated, the result is a list of violation errors wrapped in
+// ActiveRawUdpListenerConfigMultiError, or nil if none found.
+func (m *ActiveRawUdpListenerConfig) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *ActiveRawUdpListenerConfig) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	if len(errors) > 0 {
+		return ActiveRawUdpListenerConfigMultiError(errors)
+	}
+	return nil
+}
+
+// ActiveRawUdpListenerConfigMultiError is an error wrapping multiple
+// validation errors returned by ActiveRawUdpListenerConfig.ValidateAll() if
+// the designated constraints aren't met.
+type ActiveRawUdpListenerConfigMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m ActiveRawUdpListenerConfigMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m ActiveRawUdpListenerConfigMultiError) AllErrors() []error { return m }
+
+// ActiveRawUdpListenerConfigValidationError is the validation error returned
+// by ActiveRawUdpListenerConfig.Validate if the designated constraints aren't met.
+type ActiveRawUdpListenerConfigValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e ActiveRawUdpListenerConfigValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e ActiveRawUdpListenerConfigValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e ActiveRawUdpListenerConfigValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e ActiveRawUdpListenerConfigValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e ActiveRawUdpListenerConfigValidationError) ErrorName() string {
+	return "ActiveRawUdpListenerConfigValidationError"
+}
+
+// Error satisfies the builtin error interface
+func (e ActiveRawUdpListenerConfigValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sActiveRawUdpListenerConfig.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = ActiveRawUdpListenerConfigValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = ActiveRawUdpListenerConfigValidationError{}
diff --git a/vendor/github.com/envoyproxy/go-control-plane/envoy/api/v2/rds.pb.go b/vendor/github.com/envoyproxy/go-control-plane/envoy/api/v2/rds.pb.go
new file mode 100644
index 00000000000..a3f55898b62
--- /dev/null
+++ b/vendor/github.com/envoyproxy/go-control-plane/envoy/api/v2/rds.pb.go
@@ -0,0 +1,531 @@
+// Code generated by protoc-gen-go. DO NOT EDIT.
+// versions:
+// 	protoc-gen-go v1.25.0
+// 	protoc        v3.19.1
+// source: envoy/api/v2/rds.proto
+
+package envoy_api_v2
+
+import (
+	context "context"
+	_ "github.com/cncf/xds/go/udpa/annotations"
+	_ "github.com/envoyproxy/go-control-plane/envoy/annotations"
+	proto "github.com/golang/protobuf/proto"
+	_ "google.golang.org/genproto/googleapis/api/annotations"
+	grpc "google.golang.org/grpc"
+	codes "google.golang.org/grpc/codes"
+	status "google.golang.org/grpc/status"
+	protoreflect "google.golang.org/protobuf/reflect/protoreflect"
+	protoimpl "google.golang.org/protobuf/runtime/protoimpl"
+	reflect "reflect"
+	sync "sync"
+)
+
+const (
+	// Verify that this generated code is sufficiently up-to-date.
+	_ = protoimpl.EnforceVersion(20 - protoimpl.MinVersion)
+	// Verify that runtime/protoimpl is sufficiently up-to-date.
+	_ = protoimpl.EnforceVersion(protoimpl.MaxVersion - 20)
+)
+
+// This is a compile-time assertion that a sufficiently up-to-date version
+// of the legacy proto package is being used.
+const _ = proto.ProtoPackageIsVersion4
+
+// [#not-implemented-hide:] Not configuration. Workaround c++ protobuf issue with importing
+// services: https://github.com/google/protobuf/issues/4221 and protoxform to upgrade the file.
+type RdsDummy struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+}
+
+func (x *RdsDummy) Reset() {
+	*x = RdsDummy{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_api_v2_rds_proto_msgTypes[0]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *RdsDummy) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*RdsDummy) ProtoMessage() {}
+
+func (x *RdsDummy) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_api_v2_rds_proto_msgTypes[0]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use RdsDummy.ProtoReflect.Descriptor instead.
+func (*RdsDummy) Descriptor() ([]byte, []int) {
+	return file_envoy_api_v2_rds_proto_rawDescGZIP(), []int{0}
+}
+
+var File_envoy_api_v2_rds_proto protoreflect.FileDescriptor
+
+var file_envoy_api_v2_rds_proto_rawDesc = []byte{
+	0x0a, 0x16, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2f, 0x61, 0x70, 0x69, 0x2f, 0x76, 0x32, 0x2f, 0x72,
+	0x64, 0x73, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x12, 0x0c, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e,
+	0x61, 0x70, 0x69, 0x2e, 0x76, 0x32, 0x1a, 0x1c, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2f, 0x61, 0x70,
+	0x69, 0x2f, 0x76, 0x32, 0x2f, 0x64, 0x69, 0x73, 0x63, 0x6f, 0x76, 0x65, 0x72, 0x79, 0x2e, 0x70,
+	0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x1c, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2f, 0x61, 0x70, 0x69,
+	0x2f, 0x61, 0x6e, 0x6e, 0x6f, 0x74, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x2e, 0x70, 0x72, 0x6f,
+	0x74, 0x6f, 0x1a, 0x20, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2f, 0x61, 0x6e, 0x6e, 0x6f, 0x74, 0x61,
+	0x74, 0x69, 0x6f, 0x6e, 0x73, 0x2f, 0x72, 0x65, 0x73, 0x6f, 0x75, 0x72, 0x63, 0x65, 0x2e, 0x70,
+	0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x1e, 0x75, 0x64, 0x70, 0x61, 0x2f, 0x61, 0x6e, 0x6e, 0x6f, 0x74,
+	0x61, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x2f, 0x6d, 0x69, 0x67, 0x72, 0x61, 0x74, 0x65, 0x2e, 0x70,
+	0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x1d, 0x75, 0x64, 0x70, 0x61, 0x2f, 0x61, 0x6e, 0x6e, 0x6f, 0x74,
+	0x61, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x2f, 0x73, 0x74, 0x61, 0x74, 0x75, 0x73, 0x2e, 0x70, 0x72,
+	0x6f, 0x74, 0x6f, 0x1a, 0x18, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2f, 0x61, 0x70, 0x69, 0x2f, 0x76,
+	0x32, 0x2f, 0x72, 0x6f, 0x75, 0x74, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x22, 0x0a, 0x0a,
+	0x08, 0x52, 0x64, 0x73, 0x44, 0x75, 0x6d, 0x6d, 0x79, 0x32, 0xee, 0x02, 0x0a, 0x15, 0x52, 0x6f,
+	0x75, 0x74, 0x65, 0x44, 0x69, 0x73, 0x63, 0x6f, 0x76, 0x65, 0x72, 0x79, 0x53, 0x65, 0x72, 0x76,
+	0x69, 0x63, 0x65, 0x12, 0x55, 0x0a, 0x0c, 0x53, 0x74, 0x72, 0x65, 0x61, 0x6d, 0x52, 0x6f, 0x75,
+	0x74, 0x65, 0x73, 0x12, 0x1e, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61, 0x70, 0x69, 0x2e,
+	0x76, 0x32, 0x2e, 0x44, 0x69, 0x73, 0x63, 0x6f, 0x76, 0x65, 0x72, 0x79, 0x52, 0x65, 0x71, 0x75,
+	0x65, 0x73, 0x74, 0x1a, 0x1f, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61, 0x70, 0x69, 0x2e,
+	0x76, 0x32, 0x2e, 0x44, 0x69, 0x73, 0x63, 0x6f, 0x76, 0x65, 0x72, 0x79, 0x52, 0x65, 0x73, 0x70,
+	0x6f, 0x6e, 0x73, 0x65, 0x22, 0x00, 0x28, 0x01, 0x30, 0x01, 0x12, 0x5e, 0x0a, 0x0b, 0x44, 0x65,
+	0x6c, 0x74, 0x61, 0x52, 0x6f, 0x75, 0x74, 0x65, 0x73, 0x12, 0x23, 0x2e, 0x65, 0x6e, 0x76, 0x6f,
+	0x79, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x76, 0x32, 0x2e, 0x44, 0x65, 0x6c, 0x74, 0x61, 0x44, 0x69,
+	0x73, 0x63, 0x6f, 0x76, 0x65, 0x72, 0x79, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, 0x24,
+	0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x76, 0x32, 0x2e, 0x44, 0x65,
+	0x6c, 0x74, 0x61, 0x44, 0x69, 0x73, 0x63, 0x6f, 0x76, 0x65, 0x72, 0x79, 0x52, 0x65, 0x73, 0x70,
+	0x6f, 0x6e, 0x73, 0x65, 0x22, 0x00, 0x28, 0x01, 0x30, 0x01, 0x12, 0x75, 0x0a, 0x0b, 0x46, 0x65,
+	0x74, 0x63, 0x68, 0x52, 0x6f, 0x75, 0x74, 0x65, 0x73, 0x12, 0x1e, 0x2e, 0x65, 0x6e, 0x76, 0x6f,
+	0x79, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x76, 0x32, 0x2e, 0x44, 0x69, 0x73, 0x63, 0x6f, 0x76, 0x65,
+	0x72, 0x79, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, 0x1f, 0x2e, 0x65, 0x6e, 0x76, 0x6f,
+	0x79, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x76, 0x32, 0x2e, 0x44, 0x69, 0x73, 0x63, 0x6f, 0x76, 0x65,
+	0x72, 0x79, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x22, 0x25, 0x82, 0xd3, 0xe4, 0x93,
+	0x02, 0x16, 0x22, 0x14, 0x2f, 0x76, 0x32, 0x2f, 0x64, 0x69, 0x73, 0x63, 0x6f, 0x76, 0x65, 0x72,
+	0x79, 0x3a, 0x72, 0x6f, 0x75, 0x74, 0x65, 0x73, 0x82, 0xd3, 0xe4, 0x93, 0x02, 0x03, 0x3a, 0x01,
+	0x2a, 0x1a, 0x27, 0x8a, 0xa4, 0x96, 0xf3, 0x07, 0x21, 0x0a, 0x1f, 0x65, 0x6e, 0x76, 0x6f, 0x79,
+	0x2e, 0x61, 0x70, 0x69, 0x2e, 0x76, 0x32, 0x2e, 0x52, 0x6f, 0x75, 0x74, 0x65, 0x43, 0x6f, 0x6e,
+	0x66, 0x69, 0x67, 0x75, 0x72, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x32, 0xab, 0x01, 0x0a, 0x1b, 0x56,
+	0x69, 0x72, 0x74, 0x75, 0x61, 0x6c, 0x48, 0x6f, 0x73, 0x74, 0x44, 0x69, 0x73, 0x63, 0x6f, 0x76,
+	0x65, 0x72, 0x79, 0x53, 0x65, 0x72, 0x76, 0x69, 0x63, 0x65, 0x12, 0x64, 0x0a, 0x11, 0x44, 0x65,
+	0x6c, 0x74, 0x61, 0x56, 0x69, 0x72, 0x74, 0x75, 0x61, 0x6c, 0x48, 0x6f, 0x73, 0x74, 0x73, 0x12,
+	0x23, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x76, 0x32, 0x2e, 0x44,
+	0x65, 0x6c, 0x74, 0x61, 0x44, 0x69, 0x73, 0x63, 0x6f, 0x76, 0x65, 0x72, 0x79, 0x52, 0x65, 0x71,
+	0x75, 0x65, 0x73, 0x74, 0x1a, 0x24, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61, 0x70, 0x69,
+	0x2e, 0x76, 0x32, 0x2e, 0x44, 0x65, 0x6c, 0x74, 0x61, 0x44, 0x69, 0x73, 0x63, 0x6f, 0x76, 0x65,
+	0x72, 0x79, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x22, 0x00, 0x28, 0x01, 0x30, 0x01,
+	0x1a, 0x26, 0x8a, 0xa4, 0x96, 0xf3, 0x07, 0x20, 0x0a, 0x1e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e,
+	0x61, 0x70, 0x69, 0x2e, 0x76, 0x32, 0x2e, 0x72, 0x6f, 0x75, 0x74, 0x65, 0x2e, 0x56, 0x69, 0x72,
+	0x74, 0x75, 0x61, 0x6c, 0x48, 0x6f, 0x73, 0x74, 0x42, 0x51, 0x0a, 0x1a, 0x69, 0x6f, 0x2e, 0x65,
+	0x6e, 0x76, 0x6f, 0x79, 0x70, 0x72, 0x6f, 0x78, 0x79, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e,
+	0x61, 0x70, 0x69, 0x2e, 0x76, 0x32, 0x42, 0x08, 0x52, 0x64, 0x73, 0x50, 0x72, 0x6f, 0x74, 0x6f,
+	0x50, 0x01, 0x88, 0x01, 0x01, 0xf2, 0x98, 0xfe, 0x8f, 0x05, 0x18, 0x12, 0x16, 0x65, 0x6e, 0x76,
+	0x6f, 0x79, 0x2e, 0x73, 0x65, 0x72, 0x76, 0x69, 0x63, 0x65, 0x2e, 0x72, 0x6f, 0x75, 0x74, 0x65,
+	0x2e, 0x76, 0x33, 0xba, 0x80, 0xc8, 0xd1, 0x06, 0x02, 0x10, 0x01, 0x50, 0x05, 0x62, 0x06, 0x70,
+	0x72, 0x6f, 0x74, 0x6f, 0x33,
+}
+
+var (
+	file_envoy_api_v2_rds_proto_rawDescOnce sync.Once
+	file_envoy_api_v2_rds_proto_rawDescData = file_envoy_api_v2_rds_proto_rawDesc
+)
+
+func file_envoy_api_v2_rds_proto_rawDescGZIP() []byte {
+	file_envoy_api_v2_rds_proto_rawDescOnce.Do(func() {
+		file_envoy_api_v2_rds_proto_rawDescData = protoimpl.X.CompressGZIP(file_envoy_api_v2_rds_proto_rawDescData)
+	})
+	return file_envoy_api_v2_rds_proto_rawDescData
+}
+
+var file_envoy_api_v2_rds_proto_msgTypes = make([]protoimpl.MessageInfo, 1)
+var file_envoy_api_v2_rds_proto_goTypes = []interface{}{
+	(*RdsDummy)(nil),               // 0: envoy.api.v2.RdsDummy
+	(*DiscoveryRequest)(nil),       // 1: envoy.api.v2.DiscoveryRequest
+	(*DeltaDiscoveryRequest)(nil),  // 2: envoy.api.v2.DeltaDiscoveryRequest
+	(*DiscoveryResponse)(nil),      // 3: envoy.api.v2.DiscoveryResponse
+	(*DeltaDiscoveryResponse)(nil), // 4: envoy.api.v2.DeltaDiscoveryResponse
+}
+var file_envoy_api_v2_rds_proto_depIdxs = []int32{
+	1, // 0: envoy.api.v2.RouteDiscoveryService.StreamRoutes:input_type -> envoy.api.v2.DiscoveryRequest
+	2, // 1: envoy.api.v2.RouteDiscoveryService.DeltaRoutes:input_type -> envoy.api.v2.DeltaDiscoveryRequest
+	1, // 2: envoy.api.v2.RouteDiscoveryService.FetchRoutes:input_type -> envoy.api.v2.DiscoveryRequest
+	2, // 3: envoy.api.v2.VirtualHostDiscoveryService.DeltaVirtualHosts:input_type -> envoy.api.v2.DeltaDiscoveryRequest
+	3, // 4: envoy.api.v2.RouteDiscoveryService.StreamRoutes:output_type -> envoy.api.v2.DiscoveryResponse
+	4, // 5: envoy.api.v2.RouteDiscoveryService.DeltaRoutes:output_type -> envoy.api.v2.DeltaDiscoveryResponse
+	3, // 6: envoy.api.v2.RouteDiscoveryService.FetchRoutes:output_type -> envoy.api.v2.DiscoveryResponse
+	4, // 7: envoy.api.v2.VirtualHostDiscoveryService.DeltaVirtualHosts:output_type -> envoy.api.v2.DeltaDiscoveryResponse
+	4, // [4:8] is the sub-list for method output_type
+	0, // [0:4] is the sub-list for method input_type
+	0, // [0:0] is the sub-list for extension type_name
+	0, // [0:0] is the sub-list for extension extendee
+	0, // [0:0] is the sub-list for field type_name
+}
+
+func init() { file_envoy_api_v2_rds_proto_init() }
+func file_envoy_api_v2_rds_proto_init() {
+	if File_envoy_api_v2_rds_proto != nil {
+		return
+	}
+	file_envoy_api_v2_discovery_proto_init()
+	file_envoy_api_v2_route_proto_init()
+	if !protoimpl.UnsafeEnabled {
+		file_envoy_api_v2_rds_proto_msgTypes[0].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*RdsDummy); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+	}
+	type x struct{}
+	out := protoimpl.TypeBuilder{
+		File: protoimpl.DescBuilder{
+			GoPackagePath: reflect.TypeOf(x{}).PkgPath(),
+			RawDescriptor: file_envoy_api_v2_rds_proto_rawDesc,
+			NumEnums:      0,
+			NumMessages:   1,
+			NumExtensions: 0,
+			NumServices:   2,
+		},
+		GoTypes:           file_envoy_api_v2_rds_proto_goTypes,
+		DependencyIndexes: file_envoy_api_v2_rds_proto_depIdxs,
+		MessageInfos:      file_envoy_api_v2_rds_proto_msgTypes,
+	}.Build()
+	File_envoy_api_v2_rds_proto = out.File
+	file_envoy_api_v2_rds_proto_rawDesc = nil
+	file_envoy_api_v2_rds_proto_goTypes = nil
+	file_envoy_api_v2_rds_proto_depIdxs = nil
+}
+
+// Reference imports to suppress errors if they are not otherwise used.
+var _ context.Context
+var _ grpc.ClientConnInterface
+
+// This is a compile-time assertion to ensure that this generated file
+// is compatible with the grpc package it is being compiled against.
+const _ = grpc.SupportPackageIsVersion6
+
+// RouteDiscoveryServiceClient is the client API for RouteDiscoveryService service.
+//
+// For semantics around ctx use and closing/ending streaming RPCs, please refer to https://godoc.org/google.golang.org/grpc#ClientConn.NewStream.
+type RouteDiscoveryServiceClient interface {
+	StreamRoutes(ctx context.Context, opts ...grpc.CallOption) (RouteDiscoveryService_StreamRoutesClient, error)
+	DeltaRoutes(ctx context.Context, opts ...grpc.CallOption) (RouteDiscoveryService_DeltaRoutesClient, error)
+	FetchRoutes(ctx context.Context, in *DiscoveryRequest, opts ...grpc.CallOption) (*DiscoveryResponse, error)
+}
+
+type routeDiscoveryServiceClient struct {
+	cc grpc.ClientConnInterface
+}
+
+func NewRouteDiscoveryServiceClient(cc grpc.ClientConnInterface) RouteDiscoveryServiceClient {
+	return &routeDiscoveryServiceClient{cc}
+}
+
+func (c *routeDiscoveryServiceClient) StreamRoutes(ctx context.Context, opts ...grpc.CallOption) (RouteDiscoveryService_StreamRoutesClient, error) {
+	stream, err := c.cc.NewStream(ctx, &_RouteDiscoveryService_serviceDesc.Streams[0], "/envoy.api.v2.RouteDiscoveryService/StreamRoutes", opts...)
+	if err != nil {
+		return nil, err
+	}
+	x := &routeDiscoveryServiceStreamRoutesClient{stream}
+	return x, nil
+}
+
+type RouteDiscoveryService_StreamRoutesClient interface {
+	Send(*DiscoveryRequest) error
+	Recv() (*DiscoveryResponse, error)
+	grpc.ClientStream
+}
+
+type routeDiscoveryServiceStreamRoutesClient struct {
+	grpc.ClientStream
+}
+
+func (x *routeDiscoveryServiceStreamRoutesClient) Send(m *DiscoveryRequest) error {
+	return x.ClientStream.SendMsg(m)
+}
+
+func (x *routeDiscoveryServiceStreamRoutesClient) Recv() (*DiscoveryResponse, error) {
+	m := new(DiscoveryResponse)
+	if err := x.ClientStream.RecvMsg(m); err != nil {
+		return nil, err
+	}
+	return m, nil
+}
+
+func (c *routeDiscoveryServiceClient) DeltaRoutes(ctx context.Context, opts ...grpc.CallOption) (RouteDiscoveryService_DeltaRoutesClient, error) {
+	stream, err := c.cc.NewStream(ctx, &_RouteDiscoveryService_serviceDesc.Streams[1], "/envoy.api.v2.RouteDiscoveryService/DeltaRoutes", opts...)
+	if err != nil {
+		return nil, err
+	}
+	x := &routeDiscoveryServiceDeltaRoutesClient{stream}
+	return x, nil
+}
+
+type RouteDiscoveryService_DeltaRoutesClient interface {
+	Send(*DeltaDiscoveryRequest) error
+	Recv() (*DeltaDiscoveryResponse, error)
+	grpc.ClientStream
+}
+
+type routeDiscoveryServiceDeltaRoutesClient struct {
+	grpc.ClientStream
+}
+
+func (x *routeDiscoveryServiceDeltaRoutesClient) Send(m *DeltaDiscoveryRequest) error {
+	return x.ClientStream.SendMsg(m)
+}
+
+func (x *routeDiscoveryServiceDeltaRoutesClient) Recv() (*DeltaDiscoveryResponse, error) {
+	m := new(DeltaDiscoveryResponse)
+	if err := x.ClientStream.RecvMsg(m); err != nil {
+		return nil, err
+	}
+	return m, nil
+}
+
+func (c *routeDiscoveryServiceClient) FetchRoutes(ctx context.Context, in *DiscoveryRequest, opts ...grpc.CallOption) (*DiscoveryResponse, error) {
+	out := new(DiscoveryResponse)
+	err := c.cc.Invoke(ctx, "/envoy.api.v2.RouteDiscoveryService/FetchRoutes", in, out, opts...)
+	if err != nil {
+		return nil, err
+	}
+	return out, nil
+}
+
+// RouteDiscoveryServiceServer is the server API for RouteDiscoveryService service.
+type RouteDiscoveryServiceServer interface {
+	StreamRoutes(RouteDiscoveryService_StreamRoutesServer) error
+	DeltaRoutes(RouteDiscoveryService_DeltaRoutesServer) error
+	FetchRoutes(context.Context, *DiscoveryRequest) (*DiscoveryResponse, error)
+}
+
+// UnimplementedRouteDiscoveryServiceServer can be embedded to have forward compatible implementations.
+type UnimplementedRouteDiscoveryServiceServer struct {
+}
+
+func (*UnimplementedRouteDiscoveryServiceServer) StreamRoutes(RouteDiscoveryService_StreamRoutesServer) error {
+	return status.Errorf(codes.Unimplemented, "method StreamRoutes not implemented")
+}
+func (*UnimplementedRouteDiscoveryServiceServer) DeltaRoutes(RouteDiscoveryService_DeltaRoutesServer) error {
+	return status.Errorf(codes.Unimplemented, "method DeltaRoutes not implemented")
+}
+func (*UnimplementedRouteDiscoveryServiceServer) FetchRoutes(context.Context, *DiscoveryRequest) (*DiscoveryResponse, error) {
+	return nil, status.Errorf(codes.Unimplemented, "method FetchRoutes not implemented")
+}
+
+func RegisterRouteDiscoveryServiceServer(s *grpc.Server, srv RouteDiscoveryServiceServer) {
+	s.RegisterService(&_RouteDiscoveryService_serviceDesc, srv)
+}
+
+func _RouteDiscoveryService_StreamRoutes_Handler(srv interface{}, stream grpc.ServerStream) error {
+	return srv.(RouteDiscoveryServiceServer).StreamRoutes(&routeDiscoveryServiceStreamRoutesServer{stream})
+}
+
+type RouteDiscoveryService_StreamRoutesServer interface {
+	Send(*DiscoveryResponse) error
+	Recv() (*DiscoveryRequest, error)
+	grpc.ServerStream
+}
+
+type routeDiscoveryServiceStreamRoutesServer struct {
+	grpc.ServerStream
+}
+
+func (x *routeDiscoveryServiceStreamRoutesServer) Send(m *DiscoveryResponse) error {
+	return x.ServerStream.SendMsg(m)
+}
+
+func (x *routeDiscoveryServiceStreamRoutesServer) Recv() (*DiscoveryRequest, error) {
+	m := new(DiscoveryRequest)
+	if err := x.ServerStream.RecvMsg(m); err != nil {
+		return nil, err
+	}
+	return m, nil
+}
+
+func _RouteDiscoveryService_DeltaRoutes_Handler(srv interface{}, stream grpc.ServerStream) error {
+	return srv.(RouteDiscoveryServiceServer).DeltaRoutes(&routeDiscoveryServiceDeltaRoutesServer{stream})
+}
+
+type RouteDiscoveryService_DeltaRoutesServer interface {
+	Send(*DeltaDiscoveryResponse) error
+	Recv() (*DeltaDiscoveryRequest, error)
+	grpc.ServerStream
+}
+
+type routeDiscoveryServiceDeltaRoutesServer struct {
+	grpc.ServerStream
+}
+
+func (x *routeDiscoveryServiceDeltaRoutesServer) Send(m *DeltaDiscoveryResponse) error {
+	return x.ServerStream.SendMsg(m)
+}
+
+func (x *routeDiscoveryServiceDeltaRoutesServer) Recv() (*DeltaDiscoveryRequest, error) {
+	m := new(DeltaDiscoveryRequest)
+	if err := x.ServerStream.RecvMsg(m); err != nil {
+		return nil, err
+	}
+	return m, nil
+}
+
+func _RouteDiscoveryService_FetchRoutes_Handler(srv interface{}, ctx context.Context, dec func(interface{}) error, interceptor grpc.UnaryServerInterceptor) (interface{}, error) {
+	in := new(DiscoveryRequest)
+	if err := dec(in); err != nil {
+		return nil, err
+	}
+	if interceptor == nil {
+		return srv.(RouteDiscoveryServiceServer).FetchRoutes(ctx, in)
+	}
+	info := &grpc.UnaryServerInfo{
+		Server:     srv,
+		FullMethod: "/envoy.api.v2.RouteDiscoveryService/FetchRoutes",
+	}
+	handler := func(ctx context.Context, req interface{}) (interface{}, error) {
+		return srv.(RouteDiscoveryServiceServer).FetchRoutes(ctx, req.(*DiscoveryRequest))
+	}
+	return interceptor(ctx, in, info, handler)
+}
+
+var _RouteDiscoveryService_serviceDesc = grpc.ServiceDesc{
+	ServiceName: "envoy.api.v2.RouteDiscoveryService",
+	HandlerType: (*RouteDiscoveryServiceServer)(nil),
+	Methods: []grpc.MethodDesc{
+		{
+			MethodName: "FetchRoutes",
+			Handler:    _RouteDiscoveryService_FetchRoutes_Handler,
+		},
+	},
+	Streams: []grpc.StreamDesc{
+		{
+			StreamName:    "StreamRoutes",
+			Handler:       _RouteDiscoveryService_StreamRoutes_Handler,
+			ServerStreams: true,
+			ClientStreams: true,
+		},
+		{
+			StreamName:    "DeltaRoutes",
+			Handler:       _RouteDiscoveryService_DeltaRoutes_Handler,
+			ServerStreams: true,
+			ClientStreams: true,
+		},
+	},
+	Metadata: "envoy/api/v2/rds.proto",
+}
+
+// VirtualHostDiscoveryServiceClient is the client API for VirtualHostDiscoveryService service.
+//
+// For semantics around ctx use and closing/ending streaming RPCs, please refer to https://godoc.org/google.golang.org/grpc#ClientConn.NewStream.
+type VirtualHostDiscoveryServiceClient interface {
+	DeltaVirtualHosts(ctx context.Context, opts ...grpc.CallOption) (VirtualHostDiscoveryService_DeltaVirtualHostsClient, error)
+}
+
+type virtualHostDiscoveryServiceClient struct {
+	cc grpc.ClientConnInterface
+}
+
+func NewVirtualHostDiscoveryServiceClient(cc grpc.ClientConnInterface) VirtualHostDiscoveryServiceClient {
+	return &virtualHostDiscoveryServiceClient{cc}
+}
+
+func (c *virtualHostDiscoveryServiceClient) DeltaVirtualHosts(ctx context.Context, opts ...grpc.CallOption) (VirtualHostDiscoveryService_DeltaVirtualHostsClient, error) {
+	stream, err := c.cc.NewStream(ctx, &_VirtualHostDiscoveryService_serviceDesc.Streams[0], "/envoy.api.v2.VirtualHostDiscoveryService/DeltaVirtualHosts", opts...)
+	if err != nil {
+		return nil, err
+	}
+	x := &virtualHostDiscoveryServiceDeltaVirtualHostsClient{stream}
+	return x, nil
+}
+
+type VirtualHostDiscoveryService_DeltaVirtualHostsClient interface {
+	Send(*DeltaDiscoveryRequest) error
+	Recv() (*DeltaDiscoveryResponse, error)
+	grpc.ClientStream
+}
+
+type virtualHostDiscoveryServiceDeltaVirtualHostsClient struct {
+	grpc.ClientStream
+}
+
+func (x *virtualHostDiscoveryServiceDeltaVirtualHostsClient) Send(m *DeltaDiscoveryRequest) error {
+	return x.ClientStream.SendMsg(m)
+}
+
+func (x *virtualHostDiscoveryServiceDeltaVirtualHostsClient) Recv() (*DeltaDiscoveryResponse, error) {
+	m := new(DeltaDiscoveryResponse)
+	if err := x.ClientStream.RecvMsg(m); err != nil {
+		return nil, err
+	}
+	return m, nil
+}
+
+// VirtualHostDiscoveryServiceServer is the server API for VirtualHostDiscoveryService service.
+type VirtualHostDiscoveryServiceServer interface {
+	DeltaVirtualHosts(VirtualHostDiscoveryService_DeltaVirtualHostsServer) error
+}
+
+// UnimplementedVirtualHostDiscoveryServiceServer can be embedded to have forward compatible implementations.
+type UnimplementedVirtualHostDiscoveryServiceServer struct {
+}
+
+func (*UnimplementedVirtualHostDiscoveryServiceServer) DeltaVirtualHosts(VirtualHostDiscoveryService_DeltaVirtualHostsServer) error {
+	return status.Errorf(codes.Unimplemented, "method DeltaVirtualHosts not implemented")
+}
+
+func RegisterVirtualHostDiscoveryServiceServer(s *grpc.Server, srv VirtualHostDiscoveryServiceServer) {
+	s.RegisterService(&_VirtualHostDiscoveryService_serviceDesc, srv)
+}
+
+func _VirtualHostDiscoveryService_DeltaVirtualHosts_Handler(srv interface{}, stream grpc.ServerStream) error {
+	return srv.(VirtualHostDiscoveryServiceServer).DeltaVirtualHosts(&virtualHostDiscoveryServiceDeltaVirtualHostsServer{stream})
+}
+
+type VirtualHostDiscoveryService_DeltaVirtualHostsServer interface {
+	Send(*DeltaDiscoveryResponse) error
+	Recv() (*DeltaDiscoveryRequest, error)
+	grpc.ServerStream
+}
+
+type virtualHostDiscoveryServiceDeltaVirtualHostsServer struct {
+	grpc.ServerStream
+}
+
+func (x *virtualHostDiscoveryServiceDeltaVirtualHostsServer) Send(m *DeltaDiscoveryResponse) error {
+	return x.ServerStream.SendMsg(m)
+}
+
+func (x *virtualHostDiscoveryServiceDeltaVirtualHostsServer) Recv() (*DeltaDiscoveryRequest, error) {
+	m := new(DeltaDiscoveryRequest)
+	if err := x.ServerStream.RecvMsg(m); err != nil {
+		return nil, err
+	}
+	return m, nil
+}
+
+var _VirtualHostDiscoveryService_serviceDesc = grpc.ServiceDesc{
+	ServiceName: "envoy.api.v2.VirtualHostDiscoveryService",
+	HandlerType: (*VirtualHostDiscoveryServiceServer)(nil),
+	Methods:     []grpc.MethodDesc{},
+	Streams: []grpc.StreamDesc{
+		{
+			StreamName:    "DeltaVirtualHosts",
+			Handler:       _VirtualHostDiscoveryService_DeltaVirtualHosts_Handler,
+			ServerStreams: true,
+			ClientStreams: true,
+		},
+	},
+	Metadata: "envoy/api/v2/rds.proto",
+}
diff --git a/vendor/github.com/envoyproxy/go-control-plane/envoy/api/v2/rds.pb.validate.go b/vendor/github.com/envoyproxy/go-control-plane/envoy/api/v2/rds.pb.validate.go
new file mode 100644
index 00000000000..7757336ee24
--- /dev/null
+++ b/vendor/github.com/envoyproxy/go-control-plane/envoy/api/v2/rds.pb.validate.go
@@ -0,0 +1,134 @@
+// Code generated by protoc-gen-validate. DO NOT EDIT.
+// source: envoy/api/v2/rds.proto
+
+package envoy_api_v2
+
+import (
+	"bytes"
+	"errors"
+	"fmt"
+	"net"
+	"net/mail"
+	"net/url"
+	"regexp"
+	"sort"
+	"strings"
+	"time"
+	"unicode/utf8"
+
+	"google.golang.org/protobuf/types/known/anypb"
+)
+
+// ensure the imports are used
+var (
+	_ = bytes.MinRead
+	_ = errors.New("")
+	_ = fmt.Print
+	_ = utf8.UTFMax
+	_ = (*regexp.Regexp)(nil)
+	_ = (*strings.Reader)(nil)
+	_ = net.IPv4len
+	_ = time.Duration(0)
+	_ = (*url.URL)(nil)
+	_ = (*mail.Address)(nil)
+	_ = anypb.Any{}
+	_ = sort.Sort
+)
+
+// Validate checks the field values on RdsDummy with the rules defined in the
+// proto definition for this message. If any rules are violated, the first
+// error encountered is returned, or nil if there are no violations.
+func (m *RdsDummy) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on RdsDummy with the rules defined in
+// the proto definition for this message. If any rules are violated, the
+// result is a list of violation errors wrapped in RdsDummyMultiError, or nil
+// if none found.
+func (m *RdsDummy) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *RdsDummy) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	if len(errors) > 0 {
+		return RdsDummyMultiError(errors)
+	}
+	return nil
+}
+
+// RdsDummyMultiError is an error wrapping multiple validation errors returned
+// by RdsDummy.ValidateAll() if the designated constraints aren't met.
+type RdsDummyMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m RdsDummyMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m RdsDummyMultiError) AllErrors() []error { return m }
+
+// RdsDummyValidationError is the validation error returned by
+// RdsDummy.Validate if the designated constraints aren't met.
+type RdsDummyValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e RdsDummyValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e RdsDummyValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e RdsDummyValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e RdsDummyValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e RdsDummyValidationError) ErrorName() string { return "RdsDummyValidationError" }
+
+// Error satisfies the builtin error interface
+func (e RdsDummyValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sRdsDummy.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = RdsDummyValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = RdsDummyValidationError{}
diff --git a/vendor/github.com/envoyproxy/go-control-plane/envoy/api/v2/route.pb.go b/vendor/github.com/envoyproxy/go-control-plane/envoy/api/v2/route.pb.go
new file mode 100644
index 00000000000..683930dcf56
--- /dev/null
+++ b/vendor/github.com/envoyproxy/go-control-plane/envoy/api/v2/route.pb.go
@@ -0,0 +1,419 @@
+// Code generated by protoc-gen-go. DO NOT EDIT.
+// versions:
+// 	protoc-gen-go v1.25.0
+// 	protoc        v3.19.1
+// source: envoy/api/v2/route.proto
+
+package envoy_api_v2
+
+import (
+	_ "github.com/cncf/xds/go/udpa/annotations"
+	core "github.com/envoyproxy/go-control-plane/envoy/api/v2/core"
+	route "github.com/envoyproxy/go-control-plane/envoy/api/v2/route"
+	_ "github.com/envoyproxy/protoc-gen-validate/validate"
+	proto "github.com/golang/protobuf/proto"
+	wrappers "github.com/golang/protobuf/ptypes/wrappers"
+	protoreflect "google.golang.org/protobuf/reflect/protoreflect"
+	protoimpl "google.golang.org/protobuf/runtime/protoimpl"
+	reflect "reflect"
+	sync "sync"
+)
+
+const (
+	// Verify that this generated code is sufficiently up-to-date.
+	_ = protoimpl.EnforceVersion(20 - protoimpl.MinVersion)
+	// Verify that runtime/protoimpl is sufficiently up-to-date.
+	_ = protoimpl.EnforceVersion(protoimpl.MaxVersion - 20)
+)
+
+// This is a compile-time assertion that a sufficiently up-to-date version
+// of the legacy proto package is being used.
+const _ = proto.ProtoPackageIsVersion4
+
+// [#next-free-field: 11]
+type RouteConfiguration struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// The name of the route configuration. For example, it might match
+	// :ref:`route_config_name
+	// <envoy_api_field_config.filter.network.http_connection_manager.v2.Rds.route_config_name>` in
+	// :ref:`envoy_api_msg_config.filter.network.http_connection_manager.v2.Rds`.
+	Name string `protobuf:"bytes,1,opt,name=name,proto3" json:"name,omitempty"`
+	// An array of virtual hosts that make up the route table.
+	VirtualHosts []*route.VirtualHost `protobuf:"bytes,2,rep,name=virtual_hosts,json=virtualHosts,proto3" json:"virtual_hosts,omitempty"`
+	// An array of virtual hosts will be dynamically loaded via the VHDS API.
+	// Both *virtual_hosts* and *vhds* fields will be used when present. *virtual_hosts* can be used
+	// for a base routing table or for infrequently changing virtual hosts. *vhds* is used for
+	// on-demand discovery of virtual hosts. The contents of these two fields will be merged to
+	// generate a routing table for a given RouteConfiguration, with *vhds* derived configuration
+	// taking precedence.
+	Vhds *Vhds `protobuf:"bytes,9,opt,name=vhds,proto3" json:"vhds,omitempty"`
+	// Optionally specifies a list of HTTP headers that the connection manager
+	// will consider to be internal only. If they are found on external requests they will be cleaned
+	// prior to filter invocation. See :ref:`config_http_conn_man_headers_x-envoy-internal` for more
+	// information.
+	InternalOnlyHeaders []string `protobuf:"bytes,3,rep,name=internal_only_headers,json=internalOnlyHeaders,proto3" json:"internal_only_headers,omitempty"`
+	// Specifies a list of HTTP headers that should be added to each response that
+	// the connection manager encodes. Headers specified at this level are applied
+	// after headers from any enclosed :ref:`envoy_api_msg_route.VirtualHost` or
+	// :ref:`envoy_api_msg_route.RouteAction`. For more information, including details on
+	// header value syntax, see the documentation on :ref:`custom request headers
+	// <config_http_conn_man_headers_custom_request_headers>`.
+	ResponseHeadersToAdd []*core.HeaderValueOption `protobuf:"bytes,4,rep,name=response_headers_to_add,json=responseHeadersToAdd,proto3" json:"response_headers_to_add,omitempty"`
+	// Specifies a list of HTTP headers that should be removed from each response
+	// that the connection manager encodes.
+	ResponseHeadersToRemove []string `protobuf:"bytes,5,rep,name=response_headers_to_remove,json=responseHeadersToRemove,proto3" json:"response_headers_to_remove,omitempty"`
+	// Specifies a list of HTTP headers that should be added to each request
+	// routed by the HTTP connection manager. Headers specified at this level are
+	// applied after headers from any enclosed :ref:`envoy_api_msg_route.VirtualHost` or
+	// :ref:`envoy_api_msg_route.RouteAction`. For more information, including details on
+	// header value syntax, see the documentation on :ref:`custom request headers
+	// <config_http_conn_man_headers_custom_request_headers>`.
+	RequestHeadersToAdd []*core.HeaderValueOption `protobuf:"bytes,6,rep,name=request_headers_to_add,json=requestHeadersToAdd,proto3" json:"request_headers_to_add,omitempty"`
+	// Specifies a list of HTTP headers that should be removed from each request
+	// routed by the HTTP connection manager.
+	RequestHeadersToRemove []string `protobuf:"bytes,8,rep,name=request_headers_to_remove,json=requestHeadersToRemove,proto3" json:"request_headers_to_remove,omitempty"`
+	// By default, headers that should be added/removed are evaluated from most to least specific:
+	//
+	// * route level
+	// * virtual host level
+	// * connection manager level
+	//
+	// To allow setting overrides at the route or virtual host level, this order can be reversed
+	// by setting this option to true. Defaults to false.
+	//
+	// [#next-major-version: In the v3 API, this will default to true.]
+	MostSpecificHeaderMutationsWins bool `protobuf:"varint,10,opt,name=most_specific_header_mutations_wins,json=mostSpecificHeaderMutationsWins,proto3" json:"most_specific_header_mutations_wins,omitempty"`
+	// An optional boolean that specifies whether the clusters that the route
+	// table refers to will be validated by the cluster manager. If set to true
+	// and a route refers to a non-existent cluster, the route table will not
+	// load. If set to false and a route refers to a non-existent cluster, the
+	// route table will load and the router filter will return a 404 if the route
+	// is selected at runtime. This setting defaults to true if the route table
+	// is statically defined via the :ref:`route_config
+	// <envoy_api_field_config.filter.network.http_connection_manager.v2.HttpConnectionManager.route_config>`
+	// option. This setting default to false if the route table is loaded dynamically via the
+	// :ref:`rds
+	// <envoy_api_field_config.filter.network.http_connection_manager.v2.HttpConnectionManager.rds>`
+	// option. Users may wish to override the default behavior in certain cases (for example when
+	// using CDS with a static route table).
+	ValidateClusters *wrappers.BoolValue `protobuf:"bytes,7,opt,name=validate_clusters,json=validateClusters,proto3" json:"validate_clusters,omitempty"`
+}
+
+func (x *RouteConfiguration) Reset() {
+	*x = RouteConfiguration{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_api_v2_route_proto_msgTypes[0]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *RouteConfiguration) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*RouteConfiguration) ProtoMessage() {}
+
+func (x *RouteConfiguration) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_api_v2_route_proto_msgTypes[0]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use RouteConfiguration.ProtoReflect.Descriptor instead.
+func (*RouteConfiguration) Descriptor() ([]byte, []int) {
+	return file_envoy_api_v2_route_proto_rawDescGZIP(), []int{0}
+}
+
+func (x *RouteConfiguration) GetName() string {
+	if x != nil {
+		return x.Name
+	}
+	return ""
+}
+
+func (x *RouteConfiguration) GetVirtualHosts() []*route.VirtualHost {
+	if x != nil {
+		return x.VirtualHosts
+	}
+	return nil
+}
+
+func (x *RouteConfiguration) GetVhds() *Vhds {
+	if x != nil {
+		return x.Vhds
+	}
+	return nil
+}
+
+func (x *RouteConfiguration) GetInternalOnlyHeaders() []string {
+	if x != nil {
+		return x.InternalOnlyHeaders
+	}
+	return nil
+}
+
+func (x *RouteConfiguration) GetResponseHeadersToAdd() []*core.HeaderValueOption {
+	if x != nil {
+		return x.ResponseHeadersToAdd
+	}
+	return nil
+}
+
+func (x *RouteConfiguration) GetResponseHeadersToRemove() []string {
+	if x != nil {
+		return x.ResponseHeadersToRemove
+	}
+	return nil
+}
+
+func (x *RouteConfiguration) GetRequestHeadersToAdd() []*core.HeaderValueOption {
+	if x != nil {
+		return x.RequestHeadersToAdd
+	}
+	return nil
+}
+
+func (x *RouteConfiguration) GetRequestHeadersToRemove() []string {
+	if x != nil {
+		return x.RequestHeadersToRemove
+	}
+	return nil
+}
+
+func (x *RouteConfiguration) GetMostSpecificHeaderMutationsWins() bool {
+	if x != nil {
+		return x.MostSpecificHeaderMutationsWins
+	}
+	return false
+}
+
+func (x *RouteConfiguration) GetValidateClusters() *wrappers.BoolValue {
+	if x != nil {
+		return x.ValidateClusters
+	}
+	return nil
+}
+
+type Vhds struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// Configuration source specifier for VHDS.
+	ConfigSource *core.ConfigSource `protobuf:"bytes,1,opt,name=config_source,json=configSource,proto3" json:"config_source,omitempty"`
+}
+
+func (x *Vhds) Reset() {
+	*x = Vhds{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_api_v2_route_proto_msgTypes[1]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *Vhds) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*Vhds) ProtoMessage() {}
+
+func (x *Vhds) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_api_v2_route_proto_msgTypes[1]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use Vhds.ProtoReflect.Descriptor instead.
+func (*Vhds) Descriptor() ([]byte, []int) {
+	return file_envoy_api_v2_route_proto_rawDescGZIP(), []int{1}
+}
+
+func (x *Vhds) GetConfigSource() *core.ConfigSource {
+	if x != nil {
+		return x.ConfigSource
+	}
+	return nil
+}
+
+var File_envoy_api_v2_route_proto protoreflect.FileDescriptor
+
+var file_envoy_api_v2_route_proto_rawDesc = []byte{
+	0x0a, 0x18, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2f, 0x61, 0x70, 0x69, 0x2f, 0x76, 0x32, 0x2f, 0x72,
+	0x6f, 0x75, 0x74, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x12, 0x0c, 0x65, 0x6e, 0x76, 0x6f,
+	0x79, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x76, 0x32, 0x1a, 0x1c, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2f,
+	0x61, 0x70, 0x69, 0x2f, 0x76, 0x32, 0x2f, 0x63, 0x6f, 0x72, 0x65, 0x2f, 0x62, 0x61, 0x73, 0x65,
+	0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x25, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2f, 0x61, 0x70,
+	0x69, 0x2f, 0x76, 0x32, 0x2f, 0x63, 0x6f, 0x72, 0x65, 0x2f, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67,
+	0x5f, 0x73, 0x6f, 0x75, 0x72, 0x63, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x29, 0x65,
+	0x6e, 0x76, 0x6f, 0x79, 0x2f, 0x61, 0x70, 0x69, 0x2f, 0x76, 0x32, 0x2f, 0x72, 0x6f, 0x75, 0x74,
+	0x65, 0x2f, 0x72, 0x6f, 0x75, 0x74, 0x65, 0x5f, 0x63, 0x6f, 0x6d, 0x70, 0x6f, 0x6e, 0x65, 0x6e,
+	0x74, 0x73, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x1e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65,
+	0x2f, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2f, 0x77, 0x72, 0x61, 0x70, 0x70, 0x65,
+	0x72, 0x73, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x1e, 0x75, 0x64, 0x70, 0x61, 0x2f, 0x61,
+	0x6e, 0x6e, 0x6f, 0x74, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x2f, 0x6d, 0x69, 0x67, 0x72, 0x61,
+	0x74, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x1d, 0x75, 0x64, 0x70, 0x61, 0x2f, 0x61,
+	0x6e, 0x6e, 0x6f, 0x74, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x2f, 0x73, 0x74, 0x61, 0x74, 0x75,
+	0x73, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x17, 0x76, 0x61, 0x6c, 0x69, 0x64, 0x61, 0x74,
+	0x65, 0x2f, 0x76, 0x61, 0x6c, 0x69, 0x64, 0x61, 0x74, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f,
+	0x22, 0xdd, 0x05, 0x0a, 0x12, 0x52, 0x6f, 0x75, 0x74, 0x65, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67,
+	0x75, 0x72, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x12, 0x12, 0x0a, 0x04, 0x6e, 0x61, 0x6d, 0x65, 0x18,
+	0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x04, 0x6e, 0x61, 0x6d, 0x65, 0x12, 0x44, 0x0a, 0x0d, 0x76,
+	0x69, 0x72, 0x74, 0x75, 0x61, 0x6c, 0x5f, 0x68, 0x6f, 0x73, 0x74, 0x73, 0x18, 0x02, 0x20, 0x03,
+	0x28, 0x0b, 0x32, 0x1f, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x76,
+	0x32, 0x2e, 0x72, 0x6f, 0x75, 0x74, 0x65, 0x2e, 0x56, 0x69, 0x72, 0x74, 0x75, 0x61, 0x6c, 0x48,
+	0x6f, 0x73, 0x74, 0x52, 0x0c, 0x76, 0x69, 0x72, 0x74, 0x75, 0x61, 0x6c, 0x48, 0x6f, 0x73, 0x74,
+	0x73, 0x12, 0x26, 0x0a, 0x04, 0x76, 0x68, 0x64, 0x73, 0x18, 0x09, 0x20, 0x01, 0x28, 0x0b, 0x32,
+	0x12, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x76, 0x32, 0x2e, 0x56,
+	0x68, 0x64, 0x73, 0x52, 0x04, 0x76, 0x68, 0x64, 0x73, 0x12, 0x44, 0x0a, 0x15, 0x69, 0x6e, 0x74,
+	0x65, 0x72, 0x6e, 0x61, 0x6c, 0x5f, 0x6f, 0x6e, 0x6c, 0x79, 0x5f, 0x68, 0x65, 0x61, 0x64, 0x65,
+	0x72, 0x73, 0x18, 0x03, 0x20, 0x03, 0x28, 0x09, 0x42, 0x10, 0xfa, 0x42, 0x0d, 0x92, 0x01, 0x0a,
+	0x22, 0x08, 0x72, 0x06, 0xc0, 0x01, 0x01, 0xc8, 0x01, 0x00, 0x52, 0x13, 0x69, 0x6e, 0x74, 0x65,
+	0x72, 0x6e, 0x61, 0x6c, 0x4f, 0x6e, 0x6c, 0x79, 0x48, 0x65, 0x61, 0x64, 0x65, 0x72, 0x73, 0x12,
+	0x66, 0x0a, 0x17, 0x72, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x5f, 0x68, 0x65, 0x61, 0x64,
+	0x65, 0x72, 0x73, 0x5f, 0x74, 0x6f, 0x5f, 0x61, 0x64, 0x64, 0x18, 0x04, 0x20, 0x03, 0x28, 0x0b,
+	0x32, 0x24, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x76, 0x32, 0x2e,
+	0x63, 0x6f, 0x72, 0x65, 0x2e, 0x48, 0x65, 0x61, 0x64, 0x65, 0x72, 0x56, 0x61, 0x6c, 0x75, 0x65,
+	0x4f, 0x70, 0x74, 0x69, 0x6f, 0x6e, 0x42, 0x09, 0xfa, 0x42, 0x06, 0x92, 0x01, 0x03, 0x10, 0xe8,
+	0x07, 0x52, 0x14, 0x72, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x48, 0x65, 0x61, 0x64, 0x65,
+	0x72, 0x73, 0x54, 0x6f, 0x41, 0x64, 0x64, 0x12, 0x4d, 0x0a, 0x1a, 0x72, 0x65, 0x73, 0x70, 0x6f,
+	0x6e, 0x73, 0x65, 0x5f, 0x68, 0x65, 0x61, 0x64, 0x65, 0x72, 0x73, 0x5f, 0x74, 0x6f, 0x5f, 0x72,
+	0x65, 0x6d, 0x6f, 0x76, 0x65, 0x18, 0x05, 0x20, 0x03, 0x28, 0x09, 0x42, 0x10, 0xfa, 0x42, 0x0d,
+	0x92, 0x01, 0x0a, 0x22, 0x08, 0x72, 0x06, 0xc0, 0x01, 0x01, 0xc8, 0x01, 0x00, 0x52, 0x17, 0x72,
+	0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x48, 0x65, 0x61, 0x64, 0x65, 0x72, 0x73, 0x54, 0x6f,
+	0x52, 0x65, 0x6d, 0x6f, 0x76, 0x65, 0x12, 0x64, 0x0a, 0x16, 0x72, 0x65, 0x71, 0x75, 0x65, 0x73,
+	0x74, 0x5f, 0x68, 0x65, 0x61, 0x64, 0x65, 0x72, 0x73, 0x5f, 0x74, 0x6f, 0x5f, 0x61, 0x64, 0x64,
+	0x18, 0x06, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x24, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61,
+	0x70, 0x69, 0x2e, 0x76, 0x32, 0x2e, 0x63, 0x6f, 0x72, 0x65, 0x2e, 0x48, 0x65, 0x61, 0x64, 0x65,
+	0x72, 0x56, 0x61, 0x6c, 0x75, 0x65, 0x4f, 0x70, 0x74, 0x69, 0x6f, 0x6e, 0x42, 0x09, 0xfa, 0x42,
+	0x06, 0x92, 0x01, 0x03, 0x10, 0xe8, 0x07, 0x52, 0x13, 0x72, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74,
+	0x48, 0x65, 0x61, 0x64, 0x65, 0x72, 0x73, 0x54, 0x6f, 0x41, 0x64, 0x64, 0x12, 0x4b, 0x0a, 0x19,
+	0x72, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x5f, 0x68, 0x65, 0x61, 0x64, 0x65, 0x72, 0x73, 0x5f,
+	0x74, 0x6f, 0x5f, 0x72, 0x65, 0x6d, 0x6f, 0x76, 0x65, 0x18, 0x08, 0x20, 0x03, 0x28, 0x09, 0x42,
+	0x10, 0xfa, 0x42, 0x0d, 0x92, 0x01, 0x0a, 0x22, 0x08, 0x72, 0x06, 0xc0, 0x01, 0x01, 0xc8, 0x01,
+	0x00, 0x52, 0x16, 0x72, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x48, 0x65, 0x61, 0x64, 0x65, 0x72,
+	0x73, 0x54, 0x6f, 0x52, 0x65, 0x6d, 0x6f, 0x76, 0x65, 0x12, 0x4c, 0x0a, 0x23, 0x6d, 0x6f, 0x73,
+	0x74, 0x5f, 0x73, 0x70, 0x65, 0x63, 0x69, 0x66, 0x69, 0x63, 0x5f, 0x68, 0x65, 0x61, 0x64, 0x65,
+	0x72, 0x5f, 0x6d, 0x75, 0x74, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x5f, 0x77, 0x69, 0x6e, 0x73,
+	0x18, 0x0a, 0x20, 0x01, 0x28, 0x08, 0x52, 0x1f, 0x6d, 0x6f, 0x73, 0x74, 0x53, 0x70, 0x65, 0x63,
+	0x69, 0x66, 0x69, 0x63, 0x48, 0x65, 0x61, 0x64, 0x65, 0x72, 0x4d, 0x75, 0x74, 0x61, 0x74, 0x69,
+	0x6f, 0x6e, 0x73, 0x57, 0x69, 0x6e, 0x73, 0x12, 0x47, 0x0a, 0x11, 0x76, 0x61, 0x6c, 0x69, 0x64,
+	0x61, 0x74, 0x65, 0x5f, 0x63, 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0x73, 0x18, 0x07, 0x20, 0x01,
+	0x28, 0x0b, 0x32, 0x1a, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74,
+	0x6f, 0x62, 0x75, 0x66, 0x2e, 0x42, 0x6f, 0x6f, 0x6c, 0x56, 0x61, 0x6c, 0x75, 0x65, 0x52, 0x10,
+	0x76, 0x61, 0x6c, 0x69, 0x64, 0x61, 0x74, 0x65, 0x43, 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0x73,
+	0x22, 0x56, 0x0a, 0x04, 0x56, 0x68, 0x64, 0x73, 0x12, 0x4e, 0x0a, 0x0d, 0x63, 0x6f, 0x6e, 0x66,
+	0x69, 0x67, 0x5f, 0x73, 0x6f, 0x75, 0x72, 0x63, 0x65, 0x18, 0x01, 0x20, 0x01, 0x28, 0x0b, 0x32,
+	0x1f, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x76, 0x32, 0x2e, 0x63,
+	0x6f, 0x72, 0x65, 0x2e, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x53, 0x6f, 0x75, 0x72, 0x63, 0x65,
+	0x42, 0x08, 0xfa, 0x42, 0x05, 0x8a, 0x01, 0x02, 0x10, 0x01, 0x52, 0x0c, 0x63, 0x6f, 0x6e, 0x66,
+	0x69, 0x67, 0x53, 0x6f, 0x75, 0x72, 0x63, 0x65, 0x42, 0x4f, 0x0a, 0x1a, 0x69, 0x6f, 0x2e, 0x65,
+	0x6e, 0x76, 0x6f, 0x79, 0x70, 0x72, 0x6f, 0x78, 0x79, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e,
+	0x61, 0x70, 0x69, 0x2e, 0x76, 0x32, 0x42, 0x0a, 0x52, 0x6f, 0x75, 0x74, 0x65, 0x50, 0x72, 0x6f,
+	0x74, 0x6f, 0x50, 0x01, 0xf2, 0x98, 0xfe, 0x8f, 0x05, 0x17, 0x12, 0x15, 0x65, 0x6e, 0x76, 0x6f,
+	0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x72, 0x6f, 0x75, 0x74, 0x65, 0x2e, 0x76,
+	0x33, 0xba, 0x80, 0xc8, 0xd1, 0x06, 0x02, 0x10, 0x01, 0x62, 0x06, 0x70, 0x72, 0x6f, 0x74, 0x6f,
+	0x33,
+}
+
+var (
+	file_envoy_api_v2_route_proto_rawDescOnce sync.Once
+	file_envoy_api_v2_route_proto_rawDescData = file_envoy_api_v2_route_proto_rawDesc
+)
+
+func file_envoy_api_v2_route_proto_rawDescGZIP() []byte {
+	file_envoy_api_v2_route_proto_rawDescOnce.Do(func() {
+		file_envoy_api_v2_route_proto_rawDescData = protoimpl.X.CompressGZIP(file_envoy_api_v2_route_proto_rawDescData)
+	})
+	return file_envoy_api_v2_route_proto_rawDescData
+}
+
+var file_envoy_api_v2_route_proto_msgTypes = make([]protoimpl.MessageInfo, 2)
+var file_envoy_api_v2_route_proto_goTypes = []interface{}{
+	(*RouteConfiguration)(nil),     // 0: envoy.api.v2.RouteConfiguration
+	(*Vhds)(nil),                   // 1: envoy.api.v2.Vhds
+	(*route.VirtualHost)(nil),      // 2: envoy.api.v2.route.VirtualHost
+	(*core.HeaderValueOption)(nil), // 3: envoy.api.v2.core.HeaderValueOption
+	(*wrappers.BoolValue)(nil),     // 4: google.protobuf.BoolValue
+	(*core.ConfigSource)(nil),      // 5: envoy.api.v2.core.ConfigSource
+}
+var file_envoy_api_v2_route_proto_depIdxs = []int32{
+	2, // 0: envoy.api.v2.RouteConfiguration.virtual_hosts:type_name -> envoy.api.v2.route.VirtualHost
+	1, // 1: envoy.api.v2.RouteConfiguration.vhds:type_name -> envoy.api.v2.Vhds
+	3, // 2: envoy.api.v2.RouteConfiguration.response_headers_to_add:type_name -> envoy.api.v2.core.HeaderValueOption
+	3, // 3: envoy.api.v2.RouteConfiguration.request_headers_to_add:type_name -> envoy.api.v2.core.HeaderValueOption
+	4, // 4: envoy.api.v2.RouteConfiguration.validate_clusters:type_name -> google.protobuf.BoolValue
+	5, // 5: envoy.api.v2.Vhds.config_source:type_name -> envoy.api.v2.core.ConfigSource
+	6, // [6:6] is the sub-list for method output_type
+	6, // [6:6] is the sub-list for method input_type
+	6, // [6:6] is the sub-list for extension type_name
+	6, // [6:6] is the sub-list for extension extendee
+	0, // [0:6] is the sub-list for field type_name
+}
+
+func init() { file_envoy_api_v2_route_proto_init() }
+func file_envoy_api_v2_route_proto_init() {
+	if File_envoy_api_v2_route_proto != nil {
+		return
+	}
+	if !protoimpl.UnsafeEnabled {
+		file_envoy_api_v2_route_proto_msgTypes[0].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*RouteConfiguration); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_api_v2_route_proto_msgTypes[1].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*Vhds); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+	}
+	type x struct{}
+	out := protoimpl.TypeBuilder{
+		File: protoimpl.DescBuilder{
+			GoPackagePath: reflect.TypeOf(x{}).PkgPath(),
+			RawDescriptor: file_envoy_api_v2_route_proto_rawDesc,
+			NumEnums:      0,
+			NumMessages:   2,
+			NumExtensions: 0,
+			NumServices:   0,
+		},
+		GoTypes:           file_envoy_api_v2_route_proto_goTypes,
+		DependencyIndexes: file_envoy_api_v2_route_proto_depIdxs,
+		MessageInfos:      file_envoy_api_v2_route_proto_msgTypes,
+	}.Build()
+	File_envoy_api_v2_route_proto = out.File
+	file_envoy_api_v2_route_proto_rawDesc = nil
+	file_envoy_api_v2_route_proto_goTypes = nil
+	file_envoy_api_v2_route_proto_depIdxs = nil
+}
diff --git a/vendor/github.com/envoyproxy/go-control-plane/envoy/api/v2/route.pb.validate.go b/vendor/github.com/envoyproxy/go-control-plane/envoy/api/v2/route.pb.validate.go
new file mode 100644
index 00000000000..2725e4892f3
--- /dev/null
+++ b/vendor/github.com/envoyproxy/go-control-plane/envoy/api/v2/route.pb.validate.go
@@ -0,0 +1,514 @@
+// Code generated by protoc-gen-validate. DO NOT EDIT.
+// source: envoy/api/v2/route.proto
+
+package envoy_api_v2
+
+import (
+	"bytes"
+	"errors"
+	"fmt"
+	"net"
+	"net/mail"
+	"net/url"
+	"regexp"
+	"sort"
+	"strings"
+	"time"
+	"unicode/utf8"
+
+	"google.golang.org/protobuf/types/known/anypb"
+)
+
+// ensure the imports are used
+var (
+	_ = bytes.MinRead
+	_ = errors.New("")
+	_ = fmt.Print
+	_ = utf8.UTFMax
+	_ = (*regexp.Regexp)(nil)
+	_ = (*strings.Reader)(nil)
+	_ = net.IPv4len
+	_ = time.Duration(0)
+	_ = (*url.URL)(nil)
+	_ = (*mail.Address)(nil)
+	_ = anypb.Any{}
+	_ = sort.Sort
+)
+
+// Validate checks the field values on RouteConfiguration with the rules
+// defined in the proto definition for this message. If any rules are
+// violated, the first error encountered is returned, or nil if there are no violations.
+func (m *RouteConfiguration) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on RouteConfiguration with the rules
+// defined in the proto definition for this message. If any rules are
+// violated, the result is a list of violation errors wrapped in
+// RouteConfigurationMultiError, or nil if none found.
+func (m *RouteConfiguration) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *RouteConfiguration) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	// no validation rules for Name
+
+	for idx, item := range m.GetVirtualHosts() {
+		_, _ = idx, item
+
+		if all {
+			switch v := interface{}(item).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, RouteConfigurationValidationError{
+						field:  fmt.Sprintf("VirtualHosts[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, RouteConfigurationValidationError{
+						field:  fmt.Sprintf("VirtualHosts[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(item).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return RouteConfigurationValidationError{
+					field:  fmt.Sprintf("VirtualHosts[%v]", idx),
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	}
+
+	if all {
+		switch v := interface{}(m.GetVhds()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, RouteConfigurationValidationError{
+					field:  "Vhds",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, RouteConfigurationValidationError{
+					field:  "Vhds",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetVhds()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return RouteConfigurationValidationError{
+				field:  "Vhds",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	for idx, item := range m.GetInternalOnlyHeaders() {
+		_, _ = idx, item
+
+		if !_RouteConfiguration_InternalOnlyHeaders_Pattern.MatchString(item) {
+			err := RouteConfigurationValidationError{
+				field:  fmt.Sprintf("InternalOnlyHeaders[%v]", idx),
+				reason: "value does not match regex pattern \"^[^\\x00\\n\\r]*$\"",
+			}
+			if !all {
+				return err
+			}
+			errors = append(errors, err)
+		}
+
+	}
+
+	if len(m.GetResponseHeadersToAdd()) > 1000 {
+		err := RouteConfigurationValidationError{
+			field:  "ResponseHeadersToAdd",
+			reason: "value must contain no more than 1000 item(s)",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+	}
+
+	for idx, item := range m.GetResponseHeadersToAdd() {
+		_, _ = idx, item
+
+		if all {
+			switch v := interface{}(item).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, RouteConfigurationValidationError{
+						field:  fmt.Sprintf("ResponseHeadersToAdd[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, RouteConfigurationValidationError{
+						field:  fmt.Sprintf("ResponseHeadersToAdd[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(item).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return RouteConfigurationValidationError{
+					field:  fmt.Sprintf("ResponseHeadersToAdd[%v]", idx),
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	}
+
+	for idx, item := range m.GetResponseHeadersToRemove() {
+		_, _ = idx, item
+
+		if !_RouteConfiguration_ResponseHeadersToRemove_Pattern.MatchString(item) {
+			err := RouteConfigurationValidationError{
+				field:  fmt.Sprintf("ResponseHeadersToRemove[%v]", idx),
+				reason: "value does not match regex pattern \"^[^\\x00\\n\\r]*$\"",
+			}
+			if !all {
+				return err
+			}
+			errors = append(errors, err)
+		}
+
+	}
+
+	if len(m.GetRequestHeadersToAdd()) > 1000 {
+		err := RouteConfigurationValidationError{
+			field:  "RequestHeadersToAdd",
+			reason: "value must contain no more than 1000 item(s)",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+	}
+
+	for idx, item := range m.GetRequestHeadersToAdd() {
+		_, _ = idx, item
+
+		if all {
+			switch v := interface{}(item).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, RouteConfigurationValidationError{
+						field:  fmt.Sprintf("RequestHeadersToAdd[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, RouteConfigurationValidationError{
+						field:  fmt.Sprintf("RequestHeadersToAdd[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(item).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return RouteConfigurationValidationError{
+					field:  fmt.Sprintf("RequestHeadersToAdd[%v]", idx),
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	}
+
+	for idx, item := range m.GetRequestHeadersToRemove() {
+		_, _ = idx, item
+
+		if !_RouteConfiguration_RequestHeadersToRemove_Pattern.MatchString(item) {
+			err := RouteConfigurationValidationError{
+				field:  fmt.Sprintf("RequestHeadersToRemove[%v]", idx),
+				reason: "value does not match regex pattern \"^[^\\x00\\n\\r]*$\"",
+			}
+			if !all {
+				return err
+			}
+			errors = append(errors, err)
+		}
+
+	}
+
+	// no validation rules for MostSpecificHeaderMutationsWins
+
+	if all {
+		switch v := interface{}(m.GetValidateClusters()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, RouteConfigurationValidationError{
+					field:  "ValidateClusters",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, RouteConfigurationValidationError{
+					field:  "ValidateClusters",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetValidateClusters()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return RouteConfigurationValidationError{
+				field:  "ValidateClusters",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if len(errors) > 0 {
+		return RouteConfigurationMultiError(errors)
+	}
+	return nil
+}
+
+// RouteConfigurationMultiError is an error wrapping multiple validation errors
+// returned by RouteConfiguration.ValidateAll() if the designated constraints
+// aren't met.
+type RouteConfigurationMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m RouteConfigurationMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m RouteConfigurationMultiError) AllErrors() []error { return m }
+
+// RouteConfigurationValidationError is the validation error returned by
+// RouteConfiguration.Validate if the designated constraints aren't met.
+type RouteConfigurationValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e RouteConfigurationValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e RouteConfigurationValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e RouteConfigurationValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e RouteConfigurationValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e RouteConfigurationValidationError) ErrorName() string {
+	return "RouteConfigurationValidationError"
+}
+
+// Error satisfies the builtin error interface
+func (e RouteConfigurationValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sRouteConfiguration.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = RouteConfigurationValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = RouteConfigurationValidationError{}
+
+var _RouteConfiguration_InternalOnlyHeaders_Pattern = regexp.MustCompile("^[^\x00\n\r]*$")
+
+var _RouteConfiguration_ResponseHeadersToRemove_Pattern = regexp.MustCompile("^[^\x00\n\r]*$")
+
+var _RouteConfiguration_RequestHeadersToRemove_Pattern = regexp.MustCompile("^[^\x00\n\r]*$")
+
+// Validate checks the field values on Vhds with the rules defined in the proto
+// definition for this message. If any rules are violated, the first error
+// encountered is returned, or nil if there are no violations.
+func (m *Vhds) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on Vhds with the rules defined in the
+// proto definition for this message. If any rules are violated, the result is
+// a list of violation errors wrapped in VhdsMultiError, or nil if none found.
+func (m *Vhds) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *Vhds) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	if m.GetConfigSource() == nil {
+		err := VhdsValidationError{
+			field:  "ConfigSource",
+			reason: "value is required",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+	}
+
+	if all {
+		switch v := interface{}(m.GetConfigSource()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, VhdsValidationError{
+					field:  "ConfigSource",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, VhdsValidationError{
+					field:  "ConfigSource",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetConfigSource()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return VhdsValidationError{
+				field:  "ConfigSource",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if len(errors) > 0 {
+		return VhdsMultiError(errors)
+	}
+	return nil
+}
+
+// VhdsMultiError is an error wrapping multiple validation errors returned by
+// Vhds.ValidateAll() if the designated constraints aren't met.
+type VhdsMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m VhdsMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m VhdsMultiError) AllErrors() []error { return m }
+
+// VhdsValidationError is the validation error returned by Vhds.Validate if the
+// designated constraints aren't met.
+type VhdsValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e VhdsValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e VhdsValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e VhdsValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e VhdsValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e VhdsValidationError) ErrorName() string { return "VhdsValidationError" }
+
+// Error satisfies the builtin error interface
+func (e VhdsValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sVhds.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = VhdsValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = VhdsValidationError{}
diff --git a/vendor/github.com/envoyproxy/go-control-plane/envoy/api/v2/route/route.pb.go b/vendor/github.com/envoyproxy/go-control-plane/envoy/api/v2/route/route.pb.go
new file mode 100644
index 00000000000..b2c31f06b88
--- /dev/null
+++ b/vendor/github.com/envoyproxy/go-control-plane/envoy/api/v2/route/route.pb.go
@@ -0,0 +1,74 @@
+// Code generated by protoc-gen-go. DO NOT EDIT.
+// versions:
+// 	protoc-gen-go v1.25.0
+// 	protoc        v3.19.1
+// source: envoy/api/v2/route/route.proto
+
+package envoy_api_v2_route
+
+import (
+	proto "github.com/golang/protobuf/proto"
+	protoreflect "google.golang.org/protobuf/reflect/protoreflect"
+	protoimpl "google.golang.org/protobuf/runtime/protoimpl"
+	reflect "reflect"
+)
+
+const (
+	// Verify that this generated code is sufficiently up-to-date.
+	_ = protoimpl.EnforceVersion(20 - protoimpl.MinVersion)
+	// Verify that runtime/protoimpl is sufficiently up-to-date.
+	_ = protoimpl.EnforceVersion(protoimpl.MaxVersion - 20)
+)
+
+// This is a compile-time assertion that a sufficiently up-to-date version
+// of the legacy proto package is being used.
+const _ = proto.ProtoPackageIsVersion4
+
+var File_envoy_api_v2_route_route_proto protoreflect.FileDescriptor
+
+var file_envoy_api_v2_route_route_proto_rawDesc = []byte{
+	0x0a, 0x1e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2f, 0x61, 0x70, 0x69, 0x2f, 0x76, 0x32, 0x2f, 0x72,
+	0x6f, 0x75, 0x74, 0x65, 0x2f, 0x72, 0x6f, 0x75, 0x74, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f,
+	0x12, 0x12, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x76, 0x32, 0x2e, 0x72,
+	0x6f, 0x75, 0x74, 0x65, 0x1a, 0x29, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2f, 0x61, 0x70, 0x69, 0x2f,
+	0x76, 0x32, 0x2f, 0x72, 0x6f, 0x75, 0x74, 0x65, 0x2f, 0x72, 0x6f, 0x75, 0x74, 0x65, 0x5f, 0x63,
+	0x6f, 0x6d, 0x70, 0x6f, 0x6e, 0x65, 0x6e, 0x74, 0x73, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x42,
+	0x30, 0x0a, 0x20, 0x69, 0x6f, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x70, 0x72, 0x6f, 0x78, 0x79,
+	0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x76, 0x32, 0x2e, 0x72, 0x6f,
+	0x75, 0x74, 0x65, 0x42, 0x0a, 0x52, 0x6f, 0x75, 0x74, 0x65, 0x50, 0x72, 0x6f, 0x74, 0x6f, 0x50,
+	0x01, 0x50, 0x00, 0x62, 0x06, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x33,
+}
+
+var file_envoy_api_v2_route_route_proto_goTypes = []interface{}{}
+var file_envoy_api_v2_route_route_proto_depIdxs = []int32{
+	0, // [0:0] is the sub-list for method output_type
+	0, // [0:0] is the sub-list for method input_type
+	0, // [0:0] is the sub-list for extension type_name
+	0, // [0:0] is the sub-list for extension extendee
+	0, // [0:0] is the sub-list for field type_name
+}
+
+func init() { file_envoy_api_v2_route_route_proto_init() }
+func file_envoy_api_v2_route_route_proto_init() {
+	if File_envoy_api_v2_route_route_proto != nil {
+		return
+	}
+	file_envoy_api_v2_route_route_components_proto_init()
+	type x struct{}
+	out := protoimpl.TypeBuilder{
+		File: protoimpl.DescBuilder{
+			GoPackagePath: reflect.TypeOf(x{}).PkgPath(),
+			RawDescriptor: file_envoy_api_v2_route_route_proto_rawDesc,
+			NumEnums:      0,
+			NumMessages:   0,
+			NumExtensions: 0,
+			NumServices:   0,
+		},
+		GoTypes:           file_envoy_api_v2_route_route_proto_goTypes,
+		DependencyIndexes: file_envoy_api_v2_route_route_proto_depIdxs,
+	}.Build()
+	File_envoy_api_v2_route_route_proto = out.File
+	file_envoy_api_v2_route_route_proto_rawDesc = nil
+	file_envoy_api_v2_route_route_proto_goTypes = nil
+	file_envoy_api_v2_route_route_proto_depIdxs = nil
+}
diff --git a/vendor/github.com/envoyproxy/go-control-plane/envoy/api/v2/route/route.pb.validate.go b/vendor/github.com/envoyproxy/go-control-plane/envoy/api/v2/route/route.pb.validate.go
new file mode 100644
index 00000000000..781c50bbc00
--- /dev/null
+++ b/vendor/github.com/envoyproxy/go-control-plane/envoy/api/v2/route/route.pb.validate.go
@@ -0,0 +1,36 @@
+// Code generated by protoc-gen-validate. DO NOT EDIT.
+// source: envoy/api/v2/route/route.proto
+
+package envoy_api_v2_route
+
+import (
+	"bytes"
+	"errors"
+	"fmt"
+	"net"
+	"net/mail"
+	"net/url"
+	"regexp"
+	"sort"
+	"strings"
+	"time"
+	"unicode/utf8"
+
+	"google.golang.org/protobuf/types/known/anypb"
+)
+
+// ensure the imports are used
+var (
+	_ = bytes.MinRead
+	_ = errors.New("")
+	_ = fmt.Print
+	_ = utf8.UTFMax
+	_ = (*regexp.Regexp)(nil)
+	_ = (*strings.Reader)(nil)
+	_ = net.IPv4len
+	_ = time.Duration(0)
+	_ = (*url.URL)(nil)
+	_ = (*mail.Address)(nil)
+	_ = anypb.Any{}
+	_ = sort.Sort
+)
diff --git a/vendor/github.com/envoyproxy/go-control-plane/envoy/api/v2/route/route_components.pb.go b/vendor/github.com/envoyproxy/go-control-plane/envoy/api/v2/route/route_components.pb.go
new file mode 100644
index 00000000000..047b21a82b9
--- /dev/null
+++ b/vendor/github.com/envoyproxy/go-control-plane/envoy/api/v2/route/route_components.pb.go
@@ -0,0 +1,6406 @@
+// Code generated by protoc-gen-go. DO NOT EDIT.
+// versions:
+// 	protoc-gen-go v1.25.0
+// 	protoc        v3.19.1
+// source: envoy/api/v2/route/route_components.proto
+
+package envoy_api_v2_route
+
+import (
+	_ "github.com/cncf/xds/go/udpa/annotations"
+	_ "github.com/envoyproxy/go-control-plane/envoy/annotations"
+	core "github.com/envoyproxy/go-control-plane/envoy/api/v2/core"
+	_type "github.com/envoyproxy/go-control-plane/envoy/type"
+	matcher "github.com/envoyproxy/go-control-plane/envoy/type/matcher"
+	v2 "github.com/envoyproxy/go-control-plane/envoy/type/tracing/v2"
+	_ "github.com/envoyproxy/protoc-gen-validate/validate"
+	proto "github.com/golang/protobuf/proto"
+	any "github.com/golang/protobuf/ptypes/any"
+	duration "github.com/golang/protobuf/ptypes/duration"
+	_struct "github.com/golang/protobuf/ptypes/struct"
+	wrappers "github.com/golang/protobuf/ptypes/wrappers"
+	protoreflect "google.golang.org/protobuf/reflect/protoreflect"
+	protoimpl "google.golang.org/protobuf/runtime/protoimpl"
+	reflect "reflect"
+	sync "sync"
+)
+
+const (
+	// Verify that this generated code is sufficiently up-to-date.
+	_ = protoimpl.EnforceVersion(20 - protoimpl.MinVersion)
+	// Verify that runtime/protoimpl is sufficiently up-to-date.
+	_ = protoimpl.EnforceVersion(protoimpl.MaxVersion - 20)
+)
+
+// This is a compile-time assertion that a sufficiently up-to-date version
+// of the legacy proto package is being used.
+const _ = proto.ProtoPackageIsVersion4
+
+type VirtualHost_TlsRequirementType int32
+
+const (
+	// No TLS requirement for the virtual host.
+	VirtualHost_NONE VirtualHost_TlsRequirementType = 0
+	// External requests must use TLS. If a request is external and it is not
+	// using TLS, a 301 redirect will be sent telling the client to use HTTPS.
+	VirtualHost_EXTERNAL_ONLY VirtualHost_TlsRequirementType = 1
+	// All requests must use TLS. If a request is not using TLS, a 301 redirect
+	// will be sent telling the client to use HTTPS.
+	VirtualHost_ALL VirtualHost_TlsRequirementType = 2
+)
+
+// Enum value maps for VirtualHost_TlsRequirementType.
+var (
+	VirtualHost_TlsRequirementType_name = map[int32]string{
+		0: "NONE",
+		1: "EXTERNAL_ONLY",
+		2: "ALL",
+	}
+	VirtualHost_TlsRequirementType_value = map[string]int32{
+		"NONE":          0,
+		"EXTERNAL_ONLY": 1,
+		"ALL":           2,
+	}
+)
+
+func (x VirtualHost_TlsRequirementType) Enum() *VirtualHost_TlsRequirementType {
+	p := new(VirtualHost_TlsRequirementType)
+	*p = x
+	return p
+}
+
+func (x VirtualHost_TlsRequirementType) String() string {
+	return protoimpl.X.EnumStringOf(x.Descriptor(), protoreflect.EnumNumber(x))
+}
+
+func (VirtualHost_TlsRequirementType) Descriptor() protoreflect.EnumDescriptor {
+	return file_envoy_api_v2_route_route_components_proto_enumTypes[0].Descriptor()
+}
+
+func (VirtualHost_TlsRequirementType) Type() protoreflect.EnumType {
+	return &file_envoy_api_v2_route_route_components_proto_enumTypes[0]
+}
+
+func (x VirtualHost_TlsRequirementType) Number() protoreflect.EnumNumber {
+	return protoreflect.EnumNumber(x)
+}
+
+// Deprecated: Use VirtualHost_TlsRequirementType.Descriptor instead.
+func (VirtualHost_TlsRequirementType) EnumDescriptor() ([]byte, []int) {
+	return file_envoy_api_v2_route_route_components_proto_rawDescGZIP(), []int{0, 0}
+}
+
+type RouteAction_ClusterNotFoundResponseCode int32
+
+const (
+	// HTTP status code - 503 Service Unavailable.
+	RouteAction_SERVICE_UNAVAILABLE RouteAction_ClusterNotFoundResponseCode = 0
+	// HTTP status code - 404 Not Found.
+	RouteAction_NOT_FOUND RouteAction_ClusterNotFoundResponseCode = 1
+)
+
+// Enum value maps for RouteAction_ClusterNotFoundResponseCode.
+var (
+	RouteAction_ClusterNotFoundResponseCode_name = map[int32]string{
+		0: "SERVICE_UNAVAILABLE",
+		1: "NOT_FOUND",
+	}
+	RouteAction_ClusterNotFoundResponseCode_value = map[string]int32{
+		"SERVICE_UNAVAILABLE": 0,
+		"NOT_FOUND":           1,
+	}
+)
+
+func (x RouteAction_ClusterNotFoundResponseCode) Enum() *RouteAction_ClusterNotFoundResponseCode {
+	p := new(RouteAction_ClusterNotFoundResponseCode)
+	*p = x
+	return p
+}
+
+func (x RouteAction_ClusterNotFoundResponseCode) String() string {
+	return protoimpl.X.EnumStringOf(x.Descriptor(), protoreflect.EnumNumber(x))
+}
+
+func (RouteAction_ClusterNotFoundResponseCode) Descriptor() protoreflect.EnumDescriptor {
+	return file_envoy_api_v2_route_route_components_proto_enumTypes[1].Descriptor()
+}
+
+func (RouteAction_ClusterNotFoundResponseCode) Type() protoreflect.EnumType {
+	return &file_envoy_api_v2_route_route_components_proto_enumTypes[1]
+}
+
+func (x RouteAction_ClusterNotFoundResponseCode) Number() protoreflect.EnumNumber {
+	return protoreflect.EnumNumber(x)
+}
+
+// Deprecated: Use RouteAction_ClusterNotFoundResponseCode.Descriptor instead.
+func (RouteAction_ClusterNotFoundResponseCode) EnumDescriptor() ([]byte, []int) {
+	return file_envoy_api_v2_route_route_components_proto_rawDescGZIP(), []int{6, 0}
+}
+
+// Configures :ref:`internal redirect <arch_overview_internal_redirects>` behavior.
+type RouteAction_InternalRedirectAction int32
+
+const (
+	RouteAction_PASS_THROUGH_INTERNAL_REDIRECT RouteAction_InternalRedirectAction = 0
+	RouteAction_HANDLE_INTERNAL_REDIRECT       RouteAction_InternalRedirectAction = 1
+)
+
+// Enum value maps for RouteAction_InternalRedirectAction.
+var (
+	RouteAction_InternalRedirectAction_name = map[int32]string{
+		0: "PASS_THROUGH_INTERNAL_REDIRECT",
+		1: "HANDLE_INTERNAL_REDIRECT",
+	}
+	RouteAction_InternalRedirectAction_value = map[string]int32{
+		"PASS_THROUGH_INTERNAL_REDIRECT": 0,
+		"HANDLE_INTERNAL_REDIRECT":       1,
+	}
+)
+
+func (x RouteAction_InternalRedirectAction) Enum() *RouteAction_InternalRedirectAction {
+	p := new(RouteAction_InternalRedirectAction)
+	*p = x
+	return p
+}
+
+func (x RouteAction_InternalRedirectAction) String() string {
+	return protoimpl.X.EnumStringOf(x.Descriptor(), protoreflect.EnumNumber(x))
+}
+
+func (RouteAction_InternalRedirectAction) Descriptor() protoreflect.EnumDescriptor {
+	return file_envoy_api_v2_route_route_components_proto_enumTypes[2].Descriptor()
+}
+
+func (RouteAction_InternalRedirectAction) Type() protoreflect.EnumType {
+	return &file_envoy_api_v2_route_route_components_proto_enumTypes[2]
+}
+
+func (x RouteAction_InternalRedirectAction) Number() protoreflect.EnumNumber {
+	return protoreflect.EnumNumber(x)
+}
+
+// Deprecated: Use RouteAction_InternalRedirectAction.Descriptor instead.
+func (RouteAction_InternalRedirectAction) EnumDescriptor() ([]byte, []int) {
+	return file_envoy_api_v2_route_route_components_proto_rawDescGZIP(), []int{6, 1}
+}
+
+type RedirectAction_RedirectResponseCode int32
+
+const (
+	// Moved Permanently HTTP Status Code - 301.
+	RedirectAction_MOVED_PERMANENTLY RedirectAction_RedirectResponseCode = 0
+	// Found HTTP Status Code - 302.
+	RedirectAction_FOUND RedirectAction_RedirectResponseCode = 1
+	// See Other HTTP Status Code - 303.
+	RedirectAction_SEE_OTHER RedirectAction_RedirectResponseCode = 2
+	// Temporary Redirect HTTP Status Code - 307.
+	RedirectAction_TEMPORARY_REDIRECT RedirectAction_RedirectResponseCode = 3
+	// Permanent Redirect HTTP Status Code - 308.
+	RedirectAction_PERMANENT_REDIRECT RedirectAction_RedirectResponseCode = 4
+)
+
+// Enum value maps for RedirectAction_RedirectResponseCode.
+var (
+	RedirectAction_RedirectResponseCode_name = map[int32]string{
+		0: "MOVED_PERMANENTLY",
+		1: "FOUND",
+		2: "SEE_OTHER",
+		3: "TEMPORARY_REDIRECT",
+		4: "PERMANENT_REDIRECT",
+	}
+	RedirectAction_RedirectResponseCode_value = map[string]int32{
+		"MOVED_PERMANENTLY":  0,
+		"FOUND":              1,
+		"SEE_OTHER":          2,
+		"TEMPORARY_REDIRECT": 3,
+		"PERMANENT_REDIRECT": 4,
+	}
+)
+
+func (x RedirectAction_RedirectResponseCode) Enum() *RedirectAction_RedirectResponseCode {
+	p := new(RedirectAction_RedirectResponseCode)
+	*p = x
+	return p
+}
+
+func (x RedirectAction_RedirectResponseCode) String() string {
+	return protoimpl.X.EnumStringOf(x.Descriptor(), protoreflect.EnumNumber(x))
+}
+
+func (RedirectAction_RedirectResponseCode) Descriptor() protoreflect.EnumDescriptor {
+	return file_envoy_api_v2_route_route_components_proto_enumTypes[3].Descriptor()
+}
+
+func (RedirectAction_RedirectResponseCode) Type() protoreflect.EnumType {
+	return &file_envoy_api_v2_route_route_components_proto_enumTypes[3]
+}
+
+func (x RedirectAction_RedirectResponseCode) Number() protoreflect.EnumNumber {
+	return protoreflect.EnumNumber(x)
+}
+
+// Deprecated: Use RedirectAction_RedirectResponseCode.Descriptor instead.
+func (RedirectAction_RedirectResponseCode) EnumDescriptor() ([]byte, []int) {
+	return file_envoy_api_v2_route_route_components_proto_rawDescGZIP(), []int{9, 0}
+}
+
+// The top level element in the routing configuration is a virtual host. Each virtual host has
+// a logical name as well as a set of domains that get routed to it based on the incoming request's
+// host header. This allows a single listener to service multiple top level domain path trees. Once
+// a virtual host is selected based on the domain, the routes are processed in order to see which
+// upstream cluster to route to or whether to perform a redirect.
+// [#next-free-field: 21]
+type VirtualHost struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// The logical name of the virtual host. This is used when emitting certain
+	// statistics but is not relevant for routing.
+	Name string `protobuf:"bytes,1,opt,name=name,proto3" json:"name,omitempty"`
+	// A list of domains (host/authority header) that will be matched to this
+	// virtual host. Wildcard hosts are supported in the suffix or prefix form.
+	//
+	// Domain search order:
+	//  1. Exact domain names: ``www.foo.com``.
+	//  2. Suffix domain wildcards: ``*.foo.com`` or ``*-bar.foo.com``.
+	//  3. Prefix domain wildcards: ``foo.*`` or ``foo-*``.
+	//  4. Special wildcard ``*`` matching any domain.
+	//
+	// .. note::
+	//
+	//   The wildcard will not match the empty string.
+	//   e.g. ``*-bar.foo.com`` will match ``baz-bar.foo.com`` but not ``-bar.foo.com``.
+	//   The longest wildcards match first.
+	//   Only a single virtual host in the entire route configuration can match on ``*``. A domain
+	//   must be unique across all virtual hosts or the config will fail to load.
+	//
+	// Domains cannot contain control characters. This is validated by the well_known_regex HTTP_HEADER_VALUE.
+	Domains []string `protobuf:"bytes,2,rep,name=domains,proto3" json:"domains,omitempty"`
+	// The list of routes that will be matched, in order, for incoming requests.
+	// The first route that matches will be used.
+	Routes []*Route `protobuf:"bytes,3,rep,name=routes,proto3" json:"routes,omitempty"`
+	// Specifies the type of TLS enforcement the virtual host expects. If this option is not
+	// specified, there is no TLS requirement for the virtual host.
+	RequireTls VirtualHost_TlsRequirementType `protobuf:"varint,4,opt,name=require_tls,json=requireTls,proto3,enum=envoy.api.v2.route.VirtualHost_TlsRequirementType" json:"require_tls,omitempty"`
+	// A list of virtual clusters defined for this virtual host. Virtual clusters
+	// are used for additional statistics gathering.
+	VirtualClusters []*VirtualCluster `protobuf:"bytes,5,rep,name=virtual_clusters,json=virtualClusters,proto3" json:"virtual_clusters,omitempty"`
+	// Specifies a set of rate limit configurations that will be applied to the
+	// virtual host.
+	RateLimits []*RateLimit `protobuf:"bytes,6,rep,name=rate_limits,json=rateLimits,proto3" json:"rate_limits,omitempty"`
+	// Specifies a list of HTTP headers that should be added to each request
+	// handled by this virtual host. Headers specified at this level are applied
+	// after headers from enclosed :ref:`envoy_api_msg_route.Route` and before headers from the
+	// enclosing :ref:`envoy_api_msg_RouteConfiguration`. For more information, including
+	// details on header value syntax, see the documentation on :ref:`custom request headers
+	// <config_http_conn_man_headers_custom_request_headers>`.
+	RequestHeadersToAdd []*core.HeaderValueOption `protobuf:"bytes,7,rep,name=request_headers_to_add,json=requestHeadersToAdd,proto3" json:"request_headers_to_add,omitempty"`
+	// Specifies a list of HTTP headers that should be removed from each request
+	// handled by this virtual host.
+	RequestHeadersToRemove []string `protobuf:"bytes,13,rep,name=request_headers_to_remove,json=requestHeadersToRemove,proto3" json:"request_headers_to_remove,omitempty"`
+	// Specifies a list of HTTP headers that should be added to each response
+	// handled by this virtual host. Headers specified at this level are applied
+	// after headers from enclosed :ref:`envoy_api_msg_route.Route` and before headers from the
+	// enclosing :ref:`envoy_api_msg_RouteConfiguration`. For more information, including
+	// details on header value syntax, see the documentation on :ref:`custom request headers
+	// <config_http_conn_man_headers_custom_request_headers>`.
+	ResponseHeadersToAdd []*core.HeaderValueOption `protobuf:"bytes,10,rep,name=response_headers_to_add,json=responseHeadersToAdd,proto3" json:"response_headers_to_add,omitempty"`
+	// Specifies a list of HTTP headers that should be removed from each response
+	// handled by this virtual host.
+	ResponseHeadersToRemove []string `protobuf:"bytes,11,rep,name=response_headers_to_remove,json=responseHeadersToRemove,proto3" json:"response_headers_to_remove,omitempty"`
+	// Indicates that the virtual host has a CORS policy.
+	Cors *CorsPolicy `protobuf:"bytes,8,opt,name=cors,proto3" json:"cors,omitempty"`
+	// The per_filter_config field can be used to provide virtual host-specific
+	// configurations for filters. The key should match the filter name, such as
+	// *envoy.filters.http.buffer* for the HTTP buffer filter. Use of this field is filter
+	// specific; see the :ref:`HTTP filter documentation <config_http_filters>`
+	// for if and how it is utilized.
+	//
+	// Deprecated: Do not use.
+	PerFilterConfig map[string]*_struct.Struct `protobuf:"bytes,12,rep,name=per_filter_config,json=perFilterConfig,proto3" json:"per_filter_config,omitempty" protobuf_key:"bytes,1,opt,name=key,proto3" protobuf_val:"bytes,2,opt,name=value,proto3"`
+	// The per_filter_config field can be used to provide virtual host-specific
+	// configurations for filters. The key should match the filter name, such as
+	// *envoy.filters.http.buffer* for the HTTP buffer filter. Use of this field is filter
+	// specific; see the :ref:`HTTP filter documentation <config_http_filters>`
+	// for if and how it is utilized.
+	TypedPerFilterConfig map[string]*any.Any `protobuf:"bytes,15,rep,name=typed_per_filter_config,json=typedPerFilterConfig,proto3" json:"typed_per_filter_config,omitempty" protobuf_key:"bytes,1,opt,name=key,proto3" protobuf_val:"bytes,2,opt,name=value,proto3"`
+	// Decides whether the :ref:`x-envoy-attempt-count
+	// <config_http_filters_router_x-envoy-attempt-count>` header should be included
+	// in the upstream request. Setting this option will cause it to override any existing header
+	// value, so in the case of two Envoys on the request path with this option enabled, the upstream
+	// will see the attempt count as perceived by the second Envoy. Defaults to false.
+	// This header is unaffected by the
+	// :ref:`suppress_envoy_headers
+	// <envoy_api_field_config.filter.http.router.v2.Router.suppress_envoy_headers>` flag.
+	//
+	// [#next-major-version: rename to include_attempt_count_in_request.]
+	IncludeRequestAttemptCount bool `protobuf:"varint,14,opt,name=include_request_attempt_count,json=includeRequestAttemptCount,proto3" json:"include_request_attempt_count,omitempty"`
+	// Decides whether the :ref:`x-envoy-attempt-count
+	// <config_http_filters_router_x-envoy-attempt-count>` header should be included
+	// in the downstream response. Setting this option will cause the router to override any existing header
+	// value, so in the case of two Envoys on the request path with this option enabled, the downstream
+	// will see the attempt count as perceived by the Envoy closest upstream from itself. Defaults to false.
+	// This header is unaffected by the
+	// :ref:`suppress_envoy_headers
+	// <envoy_api_field_config.filter.http.router.v2.Router.suppress_envoy_headers>` flag.
+	IncludeAttemptCountInResponse bool `protobuf:"varint,19,opt,name=include_attempt_count_in_response,json=includeAttemptCountInResponse,proto3" json:"include_attempt_count_in_response,omitempty"`
+	// Indicates the retry policy for all routes in this virtual host. Note that setting a
+	// route level entry will take precedence over this config and it'll be treated
+	// independently (e.g.: values are not inherited).
+	RetryPolicy *RetryPolicy `protobuf:"bytes,16,opt,name=retry_policy,json=retryPolicy,proto3" json:"retry_policy,omitempty"`
+	// [#not-implemented-hide:]
+	// Specifies the configuration for retry policy extension. Note that setting a route level entry
+	// will take precedence over this config and it'll be treated independently (e.g.: values are not
+	// inherited). :ref:`Retry policy <envoy_api_field_route.VirtualHost.retry_policy>` should not be
+	// set if this field is used.
+	RetryPolicyTypedConfig *any.Any `protobuf:"bytes,20,opt,name=retry_policy_typed_config,json=retryPolicyTypedConfig,proto3" json:"retry_policy_typed_config,omitempty"`
+	// Indicates the hedge policy for all routes in this virtual host. Note that setting a
+	// route level entry will take precedence over this config and it'll be treated
+	// independently (e.g.: values are not inherited).
+	HedgePolicy *HedgePolicy `protobuf:"bytes,17,opt,name=hedge_policy,json=hedgePolicy,proto3" json:"hedge_policy,omitempty"`
+	// The maximum bytes which will be buffered for retries and shadowing.
+	// If set and a route-specific limit is not set, the bytes actually buffered will be the minimum
+	// value of this and the listener per_connection_buffer_limit_bytes.
+	PerRequestBufferLimitBytes *wrappers.UInt32Value `protobuf:"bytes,18,opt,name=per_request_buffer_limit_bytes,json=perRequestBufferLimitBytes,proto3" json:"per_request_buffer_limit_bytes,omitempty"`
+}
+
+func (x *VirtualHost) Reset() {
+	*x = VirtualHost{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_api_v2_route_route_components_proto_msgTypes[0]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *VirtualHost) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*VirtualHost) ProtoMessage() {}
+
+func (x *VirtualHost) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_api_v2_route_route_components_proto_msgTypes[0]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use VirtualHost.ProtoReflect.Descriptor instead.
+func (*VirtualHost) Descriptor() ([]byte, []int) {
+	return file_envoy_api_v2_route_route_components_proto_rawDescGZIP(), []int{0}
+}
+
+func (x *VirtualHost) GetName() string {
+	if x != nil {
+		return x.Name
+	}
+	return ""
+}
+
+func (x *VirtualHost) GetDomains() []string {
+	if x != nil {
+		return x.Domains
+	}
+	return nil
+}
+
+func (x *VirtualHost) GetRoutes() []*Route {
+	if x != nil {
+		return x.Routes
+	}
+	return nil
+}
+
+func (x *VirtualHost) GetRequireTls() VirtualHost_TlsRequirementType {
+	if x != nil {
+		return x.RequireTls
+	}
+	return VirtualHost_NONE
+}
+
+func (x *VirtualHost) GetVirtualClusters() []*VirtualCluster {
+	if x != nil {
+		return x.VirtualClusters
+	}
+	return nil
+}
+
+func (x *VirtualHost) GetRateLimits() []*RateLimit {
+	if x != nil {
+		return x.RateLimits
+	}
+	return nil
+}
+
+func (x *VirtualHost) GetRequestHeadersToAdd() []*core.HeaderValueOption {
+	if x != nil {
+		return x.RequestHeadersToAdd
+	}
+	return nil
+}
+
+func (x *VirtualHost) GetRequestHeadersToRemove() []string {
+	if x != nil {
+		return x.RequestHeadersToRemove
+	}
+	return nil
+}
+
+func (x *VirtualHost) GetResponseHeadersToAdd() []*core.HeaderValueOption {
+	if x != nil {
+		return x.ResponseHeadersToAdd
+	}
+	return nil
+}
+
+func (x *VirtualHost) GetResponseHeadersToRemove() []string {
+	if x != nil {
+		return x.ResponseHeadersToRemove
+	}
+	return nil
+}
+
+func (x *VirtualHost) GetCors() *CorsPolicy {
+	if x != nil {
+		return x.Cors
+	}
+	return nil
+}
+
+// Deprecated: Do not use.
+func (x *VirtualHost) GetPerFilterConfig() map[string]*_struct.Struct {
+	if x != nil {
+		return x.PerFilterConfig
+	}
+	return nil
+}
+
+func (x *VirtualHost) GetTypedPerFilterConfig() map[string]*any.Any {
+	if x != nil {
+		return x.TypedPerFilterConfig
+	}
+	return nil
+}
+
+func (x *VirtualHost) GetIncludeRequestAttemptCount() bool {
+	if x != nil {
+		return x.IncludeRequestAttemptCount
+	}
+	return false
+}
+
+func (x *VirtualHost) GetIncludeAttemptCountInResponse() bool {
+	if x != nil {
+		return x.IncludeAttemptCountInResponse
+	}
+	return false
+}
+
+func (x *VirtualHost) GetRetryPolicy() *RetryPolicy {
+	if x != nil {
+		return x.RetryPolicy
+	}
+	return nil
+}
+
+func (x *VirtualHost) GetRetryPolicyTypedConfig() *any.Any {
+	if x != nil {
+		return x.RetryPolicyTypedConfig
+	}
+	return nil
+}
+
+func (x *VirtualHost) GetHedgePolicy() *HedgePolicy {
+	if x != nil {
+		return x.HedgePolicy
+	}
+	return nil
+}
+
+func (x *VirtualHost) GetPerRequestBufferLimitBytes() *wrappers.UInt32Value {
+	if x != nil {
+		return x.PerRequestBufferLimitBytes
+	}
+	return nil
+}
+
+// A filter-defined action type.
+type FilterAction struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	Action *any.Any `protobuf:"bytes,1,opt,name=action,proto3" json:"action,omitempty"`
+}
+
+func (x *FilterAction) Reset() {
+	*x = FilterAction{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_api_v2_route_route_components_proto_msgTypes[1]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *FilterAction) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*FilterAction) ProtoMessage() {}
+
+func (x *FilterAction) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_api_v2_route_route_components_proto_msgTypes[1]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use FilterAction.ProtoReflect.Descriptor instead.
+func (*FilterAction) Descriptor() ([]byte, []int) {
+	return file_envoy_api_v2_route_route_components_proto_rawDescGZIP(), []int{1}
+}
+
+func (x *FilterAction) GetAction() *any.Any {
+	if x != nil {
+		return x.Action
+	}
+	return nil
+}
+
+// A route is both a specification of how to match a request as well as an indication of what to do
+// next (e.g., redirect, forward, rewrite, etc.).
+//
+// .. attention::
+//
+//   Envoy supports routing on HTTP method via :ref:`header matching
+//   <envoy_api_msg_route.HeaderMatcher>`.
+// [#next-free-field: 18]
+type Route struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// Name for the route.
+	Name string `protobuf:"bytes,14,opt,name=name,proto3" json:"name,omitempty"`
+	// Route matching parameters.
+	Match *RouteMatch `protobuf:"bytes,1,opt,name=match,proto3" json:"match,omitempty"`
+	// Types that are assignable to Action:
+	//	*Route_Route
+	//	*Route_Redirect
+	//	*Route_DirectResponse
+	//	*Route_FilterAction
+	Action isRoute_Action `protobuf_oneof:"action"`
+	// The Metadata field can be used to provide additional information
+	// about the route. It can be used for configuration, stats, and logging.
+	// The metadata should go under the filter namespace that will need it.
+	// For instance, if the metadata is intended for the Router filter,
+	// the filter name should be specified as *envoy.filters.http.router*.
+	Metadata *core.Metadata `protobuf:"bytes,4,opt,name=metadata,proto3" json:"metadata,omitempty"`
+	// Decorator for the matched route.
+	Decorator *Decorator `protobuf:"bytes,5,opt,name=decorator,proto3" json:"decorator,omitempty"`
+	// The per_filter_config field can be used to provide route-specific
+	// configurations for filters. The key should match the filter name, such as
+	// *envoy.filters.http.buffer* for the HTTP buffer filter. Use of this field is filter
+	// specific; see the :ref:`HTTP filter documentation <config_http_filters>` for
+	// if and how it is utilized.
+	//
+	// Deprecated: Do not use.
+	PerFilterConfig map[string]*_struct.Struct `protobuf:"bytes,8,rep,name=per_filter_config,json=perFilterConfig,proto3" json:"per_filter_config,omitempty" protobuf_key:"bytes,1,opt,name=key,proto3" protobuf_val:"bytes,2,opt,name=value,proto3"`
+	// The typed_per_filter_config field can be used to provide route-specific
+	// configurations for filters. The key should match the filter name, such as
+	// *envoy.filters.http.buffer* for the HTTP buffer filter. Use of this field is filter
+	// specific; see the :ref:`HTTP filter documentation <config_http_filters>` for
+	// if and how it is utilized.
+	TypedPerFilterConfig map[string]*any.Any `protobuf:"bytes,13,rep,name=typed_per_filter_config,json=typedPerFilterConfig,proto3" json:"typed_per_filter_config,omitempty" protobuf_key:"bytes,1,opt,name=key,proto3" protobuf_val:"bytes,2,opt,name=value,proto3"`
+	// Specifies a set of headers that will be added to requests matching this
+	// route. Headers specified at this level are applied before headers from the
+	// enclosing :ref:`envoy_api_msg_route.VirtualHost` and
+	// :ref:`envoy_api_msg_RouteConfiguration`. For more information, including details on
+	// header value syntax, see the documentation on :ref:`custom request headers
+	// <config_http_conn_man_headers_custom_request_headers>`.
+	RequestHeadersToAdd []*core.HeaderValueOption `protobuf:"bytes,9,rep,name=request_headers_to_add,json=requestHeadersToAdd,proto3" json:"request_headers_to_add,omitempty"`
+	// Specifies a list of HTTP headers that should be removed from each request
+	// matching this route.
+	RequestHeadersToRemove []string `protobuf:"bytes,12,rep,name=request_headers_to_remove,json=requestHeadersToRemove,proto3" json:"request_headers_to_remove,omitempty"`
+	// Specifies a set of headers that will be added to responses to requests
+	// matching this route. Headers specified at this level are applied before
+	// headers from the enclosing :ref:`envoy_api_msg_route.VirtualHost` and
+	// :ref:`envoy_api_msg_RouteConfiguration`. For more information, including
+	// details on header value syntax, see the documentation on
+	// :ref:`custom request headers <config_http_conn_man_headers_custom_request_headers>`.
+	ResponseHeadersToAdd []*core.HeaderValueOption `protobuf:"bytes,10,rep,name=response_headers_to_add,json=responseHeadersToAdd,proto3" json:"response_headers_to_add,omitempty"`
+	// Specifies a list of HTTP headers that should be removed from each response
+	// to requests matching this route.
+	ResponseHeadersToRemove []string `protobuf:"bytes,11,rep,name=response_headers_to_remove,json=responseHeadersToRemove,proto3" json:"response_headers_to_remove,omitempty"`
+	// Presence of the object defines whether the connection manager's tracing configuration
+	// is overridden by this route specific instance.
+	Tracing *Tracing `protobuf:"bytes,15,opt,name=tracing,proto3" json:"tracing,omitempty"`
+	// The maximum bytes which will be buffered for retries and shadowing.
+	// If set, the bytes actually buffered will be the minimum value of this and the
+	// listener per_connection_buffer_limit_bytes.
+	PerRequestBufferLimitBytes *wrappers.UInt32Value `protobuf:"bytes,16,opt,name=per_request_buffer_limit_bytes,json=perRequestBufferLimitBytes,proto3" json:"per_request_buffer_limit_bytes,omitempty"`
+}
+
+func (x *Route) Reset() {
+	*x = Route{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_api_v2_route_route_components_proto_msgTypes[2]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *Route) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*Route) ProtoMessage() {}
+
+func (x *Route) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_api_v2_route_route_components_proto_msgTypes[2]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use Route.ProtoReflect.Descriptor instead.
+func (*Route) Descriptor() ([]byte, []int) {
+	return file_envoy_api_v2_route_route_components_proto_rawDescGZIP(), []int{2}
+}
+
+func (x *Route) GetName() string {
+	if x != nil {
+		return x.Name
+	}
+	return ""
+}
+
+func (x *Route) GetMatch() *RouteMatch {
+	if x != nil {
+		return x.Match
+	}
+	return nil
+}
+
+func (m *Route) GetAction() isRoute_Action {
+	if m != nil {
+		return m.Action
+	}
+	return nil
+}
+
+func (x *Route) GetRoute() *RouteAction {
+	if x, ok := x.GetAction().(*Route_Route); ok {
+		return x.Route
+	}
+	return nil
+}
+
+func (x *Route) GetRedirect() *RedirectAction {
+	if x, ok := x.GetAction().(*Route_Redirect); ok {
+		return x.Redirect
+	}
+	return nil
+}
+
+func (x *Route) GetDirectResponse() *DirectResponseAction {
+	if x, ok := x.GetAction().(*Route_DirectResponse); ok {
+		return x.DirectResponse
+	}
+	return nil
+}
+
+func (x *Route) GetFilterAction() *FilterAction {
+	if x, ok := x.GetAction().(*Route_FilterAction); ok {
+		return x.FilterAction
+	}
+	return nil
+}
+
+func (x *Route) GetMetadata() *core.Metadata {
+	if x != nil {
+		return x.Metadata
+	}
+	return nil
+}
+
+func (x *Route) GetDecorator() *Decorator {
+	if x != nil {
+		return x.Decorator
+	}
+	return nil
+}
+
+// Deprecated: Do not use.
+func (x *Route) GetPerFilterConfig() map[string]*_struct.Struct {
+	if x != nil {
+		return x.PerFilterConfig
+	}
+	return nil
+}
+
+func (x *Route) GetTypedPerFilterConfig() map[string]*any.Any {
+	if x != nil {
+		return x.TypedPerFilterConfig
+	}
+	return nil
+}
+
+func (x *Route) GetRequestHeadersToAdd() []*core.HeaderValueOption {
+	if x != nil {
+		return x.RequestHeadersToAdd
+	}
+	return nil
+}
+
+func (x *Route) GetRequestHeadersToRemove() []string {
+	if x != nil {
+		return x.RequestHeadersToRemove
+	}
+	return nil
+}
+
+func (x *Route) GetResponseHeadersToAdd() []*core.HeaderValueOption {
+	if x != nil {
+		return x.ResponseHeadersToAdd
+	}
+	return nil
+}
+
+func (x *Route) GetResponseHeadersToRemove() []string {
+	if x != nil {
+		return x.ResponseHeadersToRemove
+	}
+	return nil
+}
+
+func (x *Route) GetTracing() *Tracing {
+	if x != nil {
+		return x.Tracing
+	}
+	return nil
+}
+
+func (x *Route) GetPerRequestBufferLimitBytes() *wrappers.UInt32Value {
+	if x != nil {
+		return x.PerRequestBufferLimitBytes
+	}
+	return nil
+}
+
+type isRoute_Action interface {
+	isRoute_Action()
+}
+
+type Route_Route struct {
+	// Route request to some upstream cluster.
+	Route *RouteAction `protobuf:"bytes,2,opt,name=route,proto3,oneof"`
+}
+
+type Route_Redirect struct {
+	// Return a redirect.
+	Redirect *RedirectAction `protobuf:"bytes,3,opt,name=redirect,proto3,oneof"`
+}
+
+type Route_DirectResponse struct {
+	// Return an arbitrary HTTP response directly, without proxying.
+	DirectResponse *DirectResponseAction `protobuf:"bytes,7,opt,name=direct_response,json=directResponse,proto3,oneof"`
+}
+
+type Route_FilterAction struct {
+	// [#not-implemented-hide:]
+	// If true, a filter will define the action (e.g., it could dynamically generate the
+	// RouteAction).
+	FilterAction *FilterAction `protobuf:"bytes,17,opt,name=filter_action,json=filterAction,proto3,oneof"`
+}
+
+func (*Route_Route) isRoute_Action() {}
+
+func (*Route_Redirect) isRoute_Action() {}
+
+func (*Route_DirectResponse) isRoute_Action() {}
+
+func (*Route_FilterAction) isRoute_Action() {}
+
+// Compared to the :ref:`cluster <envoy_api_field_route.RouteAction.cluster>` field that specifies a
+// single upstream cluster as the target of a request, the :ref:`weighted_clusters
+// <envoy_api_field_route.RouteAction.weighted_clusters>` option allows for specification of
+// multiple upstream clusters along with weights that indicate the percentage of
+// traffic to be forwarded to each cluster. The router selects an upstream cluster based on the
+// weights.
+type WeightedCluster struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// Specifies one or more upstream clusters associated with the route.
+	Clusters []*WeightedCluster_ClusterWeight `protobuf:"bytes,1,rep,name=clusters,proto3" json:"clusters,omitempty"`
+	// Specifies the total weight across all clusters. The sum of all cluster weights must equal this
+	// value, which must be greater than 0. Defaults to 100.
+	TotalWeight *wrappers.UInt32Value `protobuf:"bytes,3,opt,name=total_weight,json=totalWeight,proto3" json:"total_weight,omitempty"`
+	// Specifies the runtime key prefix that should be used to construct the
+	// runtime keys associated with each cluster. When the *runtime_key_prefix* is
+	// specified, the router will look for weights associated with each upstream
+	// cluster under the key *runtime_key_prefix* + "." + *cluster[i].name* where
+	// *cluster[i]* denotes an entry in the clusters array field. If the runtime
+	// key for the cluster does not exist, the value specified in the
+	// configuration file will be used as the default weight. See the :ref:`runtime documentation
+	// <operations_runtime>` for how key names map to the underlying implementation.
+	RuntimeKeyPrefix string `protobuf:"bytes,2,opt,name=runtime_key_prefix,json=runtimeKeyPrefix,proto3" json:"runtime_key_prefix,omitempty"`
+}
+
+func (x *WeightedCluster) Reset() {
+	*x = WeightedCluster{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_api_v2_route_route_components_proto_msgTypes[3]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *WeightedCluster) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*WeightedCluster) ProtoMessage() {}
+
+func (x *WeightedCluster) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_api_v2_route_route_components_proto_msgTypes[3]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use WeightedCluster.ProtoReflect.Descriptor instead.
+func (*WeightedCluster) Descriptor() ([]byte, []int) {
+	return file_envoy_api_v2_route_route_components_proto_rawDescGZIP(), []int{3}
+}
+
+func (x *WeightedCluster) GetClusters() []*WeightedCluster_ClusterWeight {
+	if x != nil {
+		return x.Clusters
+	}
+	return nil
+}
+
+func (x *WeightedCluster) GetTotalWeight() *wrappers.UInt32Value {
+	if x != nil {
+		return x.TotalWeight
+	}
+	return nil
+}
+
+func (x *WeightedCluster) GetRuntimeKeyPrefix() string {
+	if x != nil {
+		return x.RuntimeKeyPrefix
+	}
+	return ""
+}
+
+// [#next-free-field: 12]
+type RouteMatch struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// Types that are assignable to PathSpecifier:
+	//	*RouteMatch_Prefix
+	//	*RouteMatch_Path
+	//	*RouteMatch_Regex
+	//	*RouteMatch_SafeRegex
+	PathSpecifier isRouteMatch_PathSpecifier `protobuf_oneof:"path_specifier"`
+	// Indicates that prefix/path matching should be case sensitive. The default
+	// is true.
+	CaseSensitive *wrappers.BoolValue `protobuf:"bytes,4,opt,name=case_sensitive,json=caseSensitive,proto3" json:"case_sensitive,omitempty"`
+	// Indicates that the route should additionally match on a runtime key. Every time the route
+	// is considered for a match, it must also fall under the percentage of matches indicated by
+	// this field. For some fraction N/D, a random number in the range [0,D) is selected. If the
+	// number is <= the value of the numerator N, or if the key is not present, the default
+	// value, the router continues to evaluate the remaining match criteria. A runtime_fraction
+	// route configuration can be used to roll out route changes in a gradual manner without full
+	// code/config deploys. Refer to the :ref:`traffic shifting
+	// <config_http_conn_man_route_table_traffic_splitting_shift>` docs for additional documentation.
+	//
+	// .. note::
+	//
+	//    Parsing this field is implemented such that the runtime key's data may be represented
+	//    as a FractionalPercent proto represented as JSON/YAML and may also be represented as an
+	//    integer with the assumption that the value is an integral percentage out of 100. For
+	//    instance, a runtime key lookup returning the value "42" would parse as a FractionalPercent
+	//    whose numerator is 42 and denominator is HUNDRED. This preserves legacy semantics.
+	RuntimeFraction *core.RuntimeFractionalPercent `protobuf:"bytes,9,opt,name=runtime_fraction,json=runtimeFraction,proto3" json:"runtime_fraction,omitempty"`
+	// Specifies a set of headers that the route should match on. The router will
+	// check the request’s headers against all the specified headers in the route
+	// config. A match will happen if all the headers in the route are present in
+	// the request with the same values (or based on presence if the value field
+	// is not in the config).
+	Headers []*HeaderMatcher `protobuf:"bytes,6,rep,name=headers,proto3" json:"headers,omitempty"`
+	// Specifies a set of URL query parameters on which the route should
+	// match. The router will check the query string from the *path* header
+	// against all the specified query parameters. If the number of specified
+	// query parameters is nonzero, they all must match the *path* header's
+	// query string for a match to occur.
+	QueryParameters []*QueryParameterMatcher `protobuf:"bytes,7,rep,name=query_parameters,json=queryParameters,proto3" json:"query_parameters,omitempty"`
+	// If specified, only gRPC requests will be matched. The router will check
+	// that the content-type header has a application/grpc or one of the various
+	// application/grpc+ values.
+	Grpc *RouteMatch_GrpcRouteMatchOptions `protobuf:"bytes,8,opt,name=grpc,proto3" json:"grpc,omitempty"`
+	// If specified, the client tls context will be matched against the defined
+	// match options.
+	//
+	// [#next-major-version: unify with RBAC]
+	TlsContext *RouteMatch_TlsContextMatchOptions `protobuf:"bytes,11,opt,name=tls_context,json=tlsContext,proto3" json:"tls_context,omitempty"`
+}
+
+func (x *RouteMatch) Reset() {
+	*x = RouteMatch{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_api_v2_route_route_components_proto_msgTypes[4]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *RouteMatch) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*RouteMatch) ProtoMessage() {}
+
+func (x *RouteMatch) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_api_v2_route_route_components_proto_msgTypes[4]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use RouteMatch.ProtoReflect.Descriptor instead.
+func (*RouteMatch) Descriptor() ([]byte, []int) {
+	return file_envoy_api_v2_route_route_components_proto_rawDescGZIP(), []int{4}
+}
+
+func (m *RouteMatch) GetPathSpecifier() isRouteMatch_PathSpecifier {
+	if m != nil {
+		return m.PathSpecifier
+	}
+	return nil
+}
+
+func (x *RouteMatch) GetPrefix() string {
+	if x, ok := x.GetPathSpecifier().(*RouteMatch_Prefix); ok {
+		return x.Prefix
+	}
+	return ""
+}
+
+func (x *RouteMatch) GetPath() string {
+	if x, ok := x.GetPathSpecifier().(*RouteMatch_Path); ok {
+		return x.Path
+	}
+	return ""
+}
+
+// Deprecated: Do not use.
+func (x *RouteMatch) GetRegex() string {
+	if x, ok := x.GetPathSpecifier().(*RouteMatch_Regex); ok {
+		return x.Regex
+	}
+	return ""
+}
+
+func (x *RouteMatch) GetSafeRegex() *matcher.RegexMatcher {
+	if x, ok := x.GetPathSpecifier().(*RouteMatch_SafeRegex); ok {
+		return x.SafeRegex
+	}
+	return nil
+}
+
+func (x *RouteMatch) GetCaseSensitive() *wrappers.BoolValue {
+	if x != nil {
+		return x.CaseSensitive
+	}
+	return nil
+}
+
+func (x *RouteMatch) GetRuntimeFraction() *core.RuntimeFractionalPercent {
+	if x != nil {
+		return x.RuntimeFraction
+	}
+	return nil
+}
+
+func (x *RouteMatch) GetHeaders() []*HeaderMatcher {
+	if x != nil {
+		return x.Headers
+	}
+	return nil
+}
+
+func (x *RouteMatch) GetQueryParameters() []*QueryParameterMatcher {
+	if x != nil {
+		return x.QueryParameters
+	}
+	return nil
+}
+
+func (x *RouteMatch) GetGrpc() *RouteMatch_GrpcRouteMatchOptions {
+	if x != nil {
+		return x.Grpc
+	}
+	return nil
+}
+
+func (x *RouteMatch) GetTlsContext() *RouteMatch_TlsContextMatchOptions {
+	if x != nil {
+		return x.TlsContext
+	}
+	return nil
+}
+
+type isRouteMatch_PathSpecifier interface {
+	isRouteMatch_PathSpecifier()
+}
+
+type RouteMatch_Prefix struct {
+	// If specified, the route is a prefix rule meaning that the prefix must
+	// match the beginning of the *:path* header.
+	Prefix string `protobuf:"bytes,1,opt,name=prefix,proto3,oneof"`
+}
+
+type RouteMatch_Path struct {
+	// If specified, the route is an exact path rule meaning that the path must
+	// exactly match the *:path* header once the query string is removed.
+	Path string `protobuf:"bytes,2,opt,name=path,proto3,oneof"`
+}
+
+type RouteMatch_Regex struct {
+	// If specified, the route is a regular expression rule meaning that the
+	// regex must match the *:path* header once the query string is removed. The entire path
+	// (without the query string) must match the regex. The rule will not match if only a
+	// subsequence of the *:path* header matches the regex. The regex grammar is defined `here
+	// <https://en.cppreference.com/w/cpp/regex/ecmascript>`_.
+	//
+	// Examples:
+	//
+	// * The regex ``/b[io]t`` matches the path */bit*
+	// * The regex ``/b[io]t`` matches the path */bot*
+	// * The regex ``/b[io]t`` does not match the path */bite*
+	// * The regex ``/b[io]t`` does not match the path */bit/bot*
+	//
+	// .. attention::
+	//   This field has been deprecated in favor of `safe_regex` as it is not safe for use with
+	//   untrusted input in all cases.
+	//
+	// Deprecated: Do not use.
+	Regex string `protobuf:"bytes,3,opt,name=regex,proto3,oneof"`
+}
+
+type RouteMatch_SafeRegex struct {
+	// If specified, the route is a regular expression rule meaning that the
+	// regex must match the *:path* header once the query string is removed. The entire path
+	// (without the query string) must match the regex. The rule will not match if only a
+	// subsequence of the *:path* header matches the regex.
+	//
+	// [#next-major-version: In the v3 API we should redo how path specification works such
+	// that we utilize StringMatcher, and additionally have consistent options around whether we
+	// strip query strings, do a case sensitive match, etc. In the interim it will be too disruptive
+	// to deprecate the existing options. We should even consider whether we want to do away with
+	// path_specifier entirely and just rely on a set of header matchers which can already match
+	// on :path, etc. The issue with that is it is unclear how to generically deal with query string
+	// stripping. This needs more thought.]
+	SafeRegex *matcher.RegexMatcher `protobuf:"bytes,10,opt,name=safe_regex,json=safeRegex,proto3,oneof"`
+}
+
+func (*RouteMatch_Prefix) isRouteMatch_PathSpecifier() {}
+
+func (*RouteMatch_Path) isRouteMatch_PathSpecifier() {}
+
+func (*RouteMatch_Regex) isRouteMatch_PathSpecifier() {}
+
+func (*RouteMatch_SafeRegex) isRouteMatch_PathSpecifier() {}
+
+// [#next-free-field: 12]
+type CorsPolicy struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// Specifies the origins that will be allowed to do CORS requests.
+	//
+	// An origin is allowed if either allow_origin or allow_origin_regex match.
+	//
+	// .. attention::
+	//  This field has been deprecated in favor of `allow_origin_string_match`.
+	//
+	// Deprecated: Do not use.
+	AllowOrigin []string `protobuf:"bytes,1,rep,name=allow_origin,json=allowOrigin,proto3" json:"allow_origin,omitempty"`
+	// Specifies regex patterns that match allowed origins.
+	//
+	// An origin is allowed if either allow_origin or allow_origin_regex match.
+	//
+	// .. attention::
+	//   This field has been deprecated in favor of `allow_origin_string_match` as it is not safe for
+	//   use with untrusted input in all cases.
+	//
+	// Deprecated: Do not use.
+	AllowOriginRegex []string `protobuf:"bytes,8,rep,name=allow_origin_regex,json=allowOriginRegex,proto3" json:"allow_origin_regex,omitempty"`
+	// Specifies string patterns that match allowed origins. An origin is allowed if any of the
+	// string matchers match.
+	AllowOriginStringMatch []*matcher.StringMatcher `protobuf:"bytes,11,rep,name=allow_origin_string_match,json=allowOriginStringMatch,proto3" json:"allow_origin_string_match,omitempty"`
+	// Specifies the content for the *access-control-allow-methods* header.
+	AllowMethods string `protobuf:"bytes,2,opt,name=allow_methods,json=allowMethods,proto3" json:"allow_methods,omitempty"`
+	// Specifies the content for the *access-control-allow-headers* header.
+	AllowHeaders string `protobuf:"bytes,3,opt,name=allow_headers,json=allowHeaders,proto3" json:"allow_headers,omitempty"`
+	// Specifies the content for the *access-control-expose-headers* header.
+	ExposeHeaders string `protobuf:"bytes,4,opt,name=expose_headers,json=exposeHeaders,proto3" json:"expose_headers,omitempty"`
+	// Specifies the content for the *access-control-max-age* header.
+	MaxAge string `protobuf:"bytes,5,opt,name=max_age,json=maxAge,proto3" json:"max_age,omitempty"`
+	// Specifies whether the resource allows credentials.
+	AllowCredentials *wrappers.BoolValue `protobuf:"bytes,6,opt,name=allow_credentials,json=allowCredentials,proto3" json:"allow_credentials,omitempty"`
+	// Types that are assignable to EnabledSpecifier:
+	//	*CorsPolicy_Enabled
+	//	*CorsPolicy_FilterEnabled
+	EnabledSpecifier isCorsPolicy_EnabledSpecifier `protobuf_oneof:"enabled_specifier"`
+	// Specifies the % of requests for which the CORS policies will be evaluated and tracked, but not
+	// enforced.
+	//
+	// This field is intended to be used when ``filter_enabled`` and ``enabled`` are off. One of those
+	// fields have to explicitly disable the filter in order for this setting to take effect.
+	//
+	// If :ref:`runtime_key <envoy_api_field_core.RuntimeFractionalPercent.runtime_key>` is specified,
+	// Envoy will lookup the runtime key to get the percentage of requests for which it will evaluate
+	// and track the request's *Origin* to determine if it's valid but will not enforce any policies.
+	ShadowEnabled *core.RuntimeFractionalPercent `protobuf:"bytes,10,opt,name=shadow_enabled,json=shadowEnabled,proto3" json:"shadow_enabled,omitempty"`
+}
+
+func (x *CorsPolicy) Reset() {
+	*x = CorsPolicy{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_api_v2_route_route_components_proto_msgTypes[5]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *CorsPolicy) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*CorsPolicy) ProtoMessage() {}
+
+func (x *CorsPolicy) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_api_v2_route_route_components_proto_msgTypes[5]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use CorsPolicy.ProtoReflect.Descriptor instead.
+func (*CorsPolicy) Descriptor() ([]byte, []int) {
+	return file_envoy_api_v2_route_route_components_proto_rawDescGZIP(), []int{5}
+}
+
+// Deprecated: Do not use.
+func (x *CorsPolicy) GetAllowOrigin() []string {
+	if x != nil {
+		return x.AllowOrigin
+	}
+	return nil
+}
+
+// Deprecated: Do not use.
+func (x *CorsPolicy) GetAllowOriginRegex() []string {
+	if x != nil {
+		return x.AllowOriginRegex
+	}
+	return nil
+}
+
+func (x *CorsPolicy) GetAllowOriginStringMatch() []*matcher.StringMatcher {
+	if x != nil {
+		return x.AllowOriginStringMatch
+	}
+	return nil
+}
+
+func (x *CorsPolicy) GetAllowMethods() string {
+	if x != nil {
+		return x.AllowMethods
+	}
+	return ""
+}
+
+func (x *CorsPolicy) GetAllowHeaders() string {
+	if x != nil {
+		return x.AllowHeaders
+	}
+	return ""
+}
+
+func (x *CorsPolicy) GetExposeHeaders() string {
+	if x != nil {
+		return x.ExposeHeaders
+	}
+	return ""
+}
+
+func (x *CorsPolicy) GetMaxAge() string {
+	if x != nil {
+		return x.MaxAge
+	}
+	return ""
+}
+
+func (x *CorsPolicy) GetAllowCredentials() *wrappers.BoolValue {
+	if x != nil {
+		return x.AllowCredentials
+	}
+	return nil
+}
+
+func (m *CorsPolicy) GetEnabledSpecifier() isCorsPolicy_EnabledSpecifier {
+	if m != nil {
+		return m.EnabledSpecifier
+	}
+	return nil
+}
+
+// Deprecated: Do not use.
+func (x *CorsPolicy) GetEnabled() *wrappers.BoolValue {
+	if x, ok := x.GetEnabledSpecifier().(*CorsPolicy_Enabled); ok {
+		return x.Enabled
+	}
+	return nil
+}
+
+func (x *CorsPolicy) GetFilterEnabled() *core.RuntimeFractionalPercent {
+	if x, ok := x.GetEnabledSpecifier().(*CorsPolicy_FilterEnabled); ok {
+		return x.FilterEnabled
+	}
+	return nil
+}
+
+func (x *CorsPolicy) GetShadowEnabled() *core.RuntimeFractionalPercent {
+	if x != nil {
+		return x.ShadowEnabled
+	}
+	return nil
+}
+
+type isCorsPolicy_EnabledSpecifier interface {
+	isCorsPolicy_EnabledSpecifier()
+}
+
+type CorsPolicy_Enabled struct {
+	// Specifies if the CORS filter is enabled. Defaults to true. Only effective on route.
+	//
+	// .. attention::
+	//
+	//   **This field is deprecated**. Set the
+	//   :ref:`filter_enabled<envoy_api_field_route.CorsPolicy.filter_enabled>` field instead.
+	//
+	// Deprecated: Do not use.
+	Enabled *wrappers.BoolValue `protobuf:"bytes,7,opt,name=enabled,proto3,oneof"`
+}
+
+type CorsPolicy_FilterEnabled struct {
+	// Specifies the % of requests for which the CORS filter is enabled.
+	//
+	// If neither ``enabled``, ``filter_enabled``, nor ``shadow_enabled`` are specified, the CORS
+	// filter will be enabled for 100% of the requests.
+	//
+	// If :ref:`runtime_key <envoy_api_field_core.RuntimeFractionalPercent.runtime_key>` is
+	// specified, Envoy will lookup the runtime key to get the percentage of requests to filter.
+	FilterEnabled *core.RuntimeFractionalPercent `protobuf:"bytes,9,opt,name=filter_enabled,json=filterEnabled,proto3,oneof"`
+}
+
+func (*CorsPolicy_Enabled) isCorsPolicy_EnabledSpecifier() {}
+
+func (*CorsPolicy_FilterEnabled) isCorsPolicy_EnabledSpecifier() {}
+
+// [#next-free-field: 34]
+type RouteAction struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// Types that are assignable to ClusterSpecifier:
+	//	*RouteAction_Cluster
+	//	*RouteAction_ClusterHeader
+	//	*RouteAction_WeightedClusters
+	ClusterSpecifier isRouteAction_ClusterSpecifier `protobuf_oneof:"cluster_specifier"`
+	// The HTTP status code to use when configured cluster is not found.
+	// The default response code is 503 Service Unavailable.
+	ClusterNotFoundResponseCode RouteAction_ClusterNotFoundResponseCode `protobuf:"varint,20,opt,name=cluster_not_found_response_code,json=clusterNotFoundResponseCode,proto3,enum=envoy.api.v2.route.RouteAction_ClusterNotFoundResponseCode" json:"cluster_not_found_response_code,omitempty"`
+	// Optional endpoint metadata match criteria used by the subset load balancer. Only endpoints
+	// in the upstream cluster with metadata matching what's set in this field will be considered
+	// for load balancing. If using :ref:`weighted_clusters
+	// <envoy_api_field_route.RouteAction.weighted_clusters>`, metadata will be merged, with values
+	// provided there taking precedence. The filter name should be specified as *envoy.lb*.
+	MetadataMatch *core.Metadata `protobuf:"bytes,4,opt,name=metadata_match,json=metadataMatch,proto3" json:"metadata_match,omitempty"`
+	// Indicates that during forwarding, the matched prefix (or path) should be
+	// swapped with this value. This option allows application URLs to be rooted
+	// at a different path from those exposed at the reverse proxy layer. The router filter will
+	// place the original path before rewrite into the :ref:`x-envoy-original-path
+	// <config_http_filters_router_x-envoy-original-path>` header.
+	//
+	// Only one of *prefix_rewrite* or
+	// :ref:`regex_rewrite <envoy_api_field_route.RouteAction.regex_rewrite>`
+	// may be specified.
+	//
+	// .. attention::
+	//
+	//   Pay careful attention to the use of trailing slashes in the
+	//   :ref:`route's match <envoy_api_field_route.Route.match>` prefix value.
+	//   Stripping a prefix from a path requires multiple Routes to handle all cases. For example,
+	//   rewriting */prefix* to */* and */prefix/etc* to */etc* cannot be done in a single
+	//   :ref:`Route <envoy_api_msg_route.Route>`, as shown by the below config entries:
+	//
+	//   .. code-block:: yaml
+	//
+	//     - match:
+	//         prefix: "/prefix/"
+	//       route:
+	//         prefix_rewrite: "/"
+	//     - match:
+	//         prefix: "/prefix"
+	//       route:
+	//         prefix_rewrite: "/"
+	//
+	//   Having above entries in the config, requests to */prefix* will be stripped to */*, while
+	//   requests to */prefix/etc* will be stripped to */etc*.
+	PrefixRewrite string `protobuf:"bytes,5,opt,name=prefix_rewrite,json=prefixRewrite,proto3" json:"prefix_rewrite,omitempty"`
+	// Indicates that during forwarding, portions of the path that match the
+	// pattern should be rewritten, even allowing the substitution of capture
+	// groups from the pattern into the new path as specified by the rewrite
+	// substitution string. This is useful to allow application paths to be
+	// rewritten in a way that is aware of segments with variable content like
+	// identifiers. The router filter will place the original path as it was
+	// before the rewrite into the :ref:`x-envoy-original-path
+	// <config_http_filters_router_x-envoy-original-path>` header.
+	//
+	// Only one of :ref:`prefix_rewrite <envoy_api_field_route.RouteAction.prefix_rewrite>`
+	// or *regex_rewrite* may be specified.
+	//
+	// Examples using Google's `RE2 <https://github.com/google/re2>`_ engine:
+	//
+	// * The path pattern ``^/service/([^/]+)(/.*)$`` paired with a substitution
+	//   string of ``\2/instance/\1`` would transform ``/service/foo/v1/api``
+	//   into ``/v1/api/instance/foo``.
+	//
+	// * The pattern ``one`` paired with a substitution string of ``two`` would
+	//   transform ``/xxx/one/yyy/one/zzz`` into ``/xxx/two/yyy/two/zzz``.
+	//
+	// * The pattern ``^(.*?)one(.*)$`` paired with a substitution string of
+	//   ``\1two\2`` would replace only the first occurrence of ``one``,
+	//   transforming path ``/xxx/one/yyy/one/zzz`` into ``/xxx/two/yyy/one/zzz``.
+	//
+	// * The pattern ``(?i)/xxx/`` paired with a substitution string of ``/yyy/``
+	//   would do a case-insensitive match and transform path ``/aaa/XxX/bbb`` to
+	//   ``/aaa/yyy/bbb``.
+	RegexRewrite *matcher.RegexMatchAndSubstitute `protobuf:"bytes,32,opt,name=regex_rewrite,json=regexRewrite,proto3" json:"regex_rewrite,omitempty"`
+	// Types that are assignable to HostRewriteSpecifier:
+	//	*RouteAction_HostRewrite
+	//	*RouteAction_AutoHostRewrite
+	//	*RouteAction_AutoHostRewriteHeader
+	HostRewriteSpecifier isRouteAction_HostRewriteSpecifier `protobuf_oneof:"host_rewrite_specifier"`
+	// Specifies the upstream timeout for the route. If not specified, the default is 15s. This
+	// spans between the point at which the entire downstream request (i.e. end-of-stream) has been
+	// processed and when the upstream response has been completely processed. A value of 0 will
+	// disable the route's timeout.
+	//
+	// .. note::
+	//
+	//   This timeout includes all retries. See also
+	//   :ref:`config_http_filters_router_x-envoy-upstream-rq-timeout-ms`,
+	//   :ref:`config_http_filters_router_x-envoy-upstream-rq-per-try-timeout-ms`, and the
+	//   :ref:`retry overview <arch_overview_http_routing_retry>`.
+	Timeout *duration.Duration `protobuf:"bytes,8,opt,name=timeout,proto3" json:"timeout,omitempty"`
+	// Specifies the idle timeout for the route. If not specified, there is no per-route idle timeout,
+	// although the connection manager wide :ref:`stream_idle_timeout
+	// <envoy_api_field_config.filter.network.http_connection_manager.v2.HttpConnectionManager.stream_idle_timeout>`
+	// will still apply. A value of 0 will completely disable the route's idle timeout, even if a
+	// connection manager stream idle timeout is configured.
+	//
+	// The idle timeout is distinct to :ref:`timeout
+	// <envoy_api_field_route.RouteAction.timeout>`, which provides an upper bound
+	// on the upstream response time; :ref:`idle_timeout
+	// <envoy_api_field_route.RouteAction.idle_timeout>` instead bounds the amount
+	// of time the request's stream may be idle.
+	//
+	// After header decoding, the idle timeout will apply on downstream and
+	// upstream request events. Each time an encode/decode event for headers or
+	// data is processed for the stream, the timer will be reset. If the timeout
+	// fires, the stream is terminated with a 408 Request Timeout error code if no
+	// upstream response header has been received, otherwise a stream reset
+	// occurs.
+	IdleTimeout *duration.Duration `protobuf:"bytes,24,opt,name=idle_timeout,json=idleTimeout,proto3" json:"idle_timeout,omitempty"`
+	// Indicates that the route has a retry policy. Note that if this is set,
+	// it'll take precedence over the virtual host level retry policy entirely
+	// (e.g.: policies are not merged, most internal one becomes the enforced policy).
+	RetryPolicy *RetryPolicy `protobuf:"bytes,9,opt,name=retry_policy,json=retryPolicy,proto3" json:"retry_policy,omitempty"`
+	// [#not-implemented-hide:]
+	// Specifies the configuration for retry policy extension. Note that if this is set, it'll take
+	// precedence over the virtual host level retry policy entirely (e.g.: policies are not merged,
+	// most internal one becomes the enforced policy). :ref:`Retry policy <envoy_api_field_route.VirtualHost.retry_policy>`
+	// should not be set if this field is used.
+	RetryPolicyTypedConfig *any.Any `protobuf:"bytes,33,opt,name=retry_policy_typed_config,json=retryPolicyTypedConfig,proto3" json:"retry_policy_typed_config,omitempty"`
+	// Indicates that the route has a request mirroring policy.
+	//
+	// .. attention::
+	//   This field has been deprecated in favor of `request_mirror_policies` which supports one or
+	//   more mirroring policies.
+	//
+	// Deprecated: Do not use.
+	RequestMirrorPolicy *RouteAction_RequestMirrorPolicy `protobuf:"bytes,10,opt,name=request_mirror_policy,json=requestMirrorPolicy,proto3" json:"request_mirror_policy,omitempty"`
+	// Indicates that the route has request mirroring policies.
+	RequestMirrorPolicies []*RouteAction_RequestMirrorPolicy `protobuf:"bytes,30,rep,name=request_mirror_policies,json=requestMirrorPolicies,proto3" json:"request_mirror_policies,omitempty"`
+	// Optionally specifies the :ref:`routing priority <arch_overview_http_routing_priority>`.
+	Priority core.RoutingPriority `protobuf:"varint,11,opt,name=priority,proto3,enum=envoy.api.v2.core.RoutingPriority" json:"priority,omitempty"`
+	// Specifies a set of rate limit configurations that could be applied to the
+	// route.
+	RateLimits []*RateLimit `protobuf:"bytes,13,rep,name=rate_limits,json=rateLimits,proto3" json:"rate_limits,omitempty"`
+	// Specifies if the rate limit filter should include the virtual host rate
+	// limits. By default, if the route configured rate limits, the virtual host
+	// :ref:`rate_limits <envoy_api_field_route.VirtualHost.rate_limits>` are not applied to the
+	// request.
+	IncludeVhRateLimits *wrappers.BoolValue `protobuf:"bytes,14,opt,name=include_vh_rate_limits,json=includeVhRateLimits,proto3" json:"include_vh_rate_limits,omitempty"`
+	// Specifies a list of hash policies to use for ring hash load balancing. Each
+	// hash policy is evaluated individually and the combined result is used to
+	// route the request. The method of combination is deterministic such that
+	// identical lists of hash policies will produce the same hash. Since a hash
+	// policy examines specific parts of a request, it can fail to produce a hash
+	// (i.e. if the hashed header is not present). If (and only if) all configured
+	// hash policies fail to generate a hash, no hash will be produced for
+	// the route. In this case, the behavior is the same as if no hash policies
+	// were specified (i.e. the ring hash load balancer will choose a random
+	// backend). If a hash policy has the "terminal" attribute set to true, and
+	// there is already a hash generated, the hash is returned immediately,
+	// ignoring the rest of the hash policy list.
+	HashPolicy []*RouteAction_HashPolicy `protobuf:"bytes,15,rep,name=hash_policy,json=hashPolicy,proto3" json:"hash_policy,omitempty"`
+	// Indicates that the route has a CORS policy.
+	Cors *CorsPolicy `protobuf:"bytes,17,opt,name=cors,proto3" json:"cors,omitempty"`
+	// If present, and the request is a gRPC request, use the
+	// `grpc-timeout header <https://github.com/grpc/grpc/blob/master/doc/PROTOCOL-HTTP2.md>`_,
+	// or its default value (infinity) instead of
+	// :ref:`timeout <envoy_api_field_route.RouteAction.timeout>`, but limit the applied timeout
+	// to the maximum value specified here. If configured as 0, the maximum allowed timeout for
+	// gRPC requests is infinity. If not configured at all, the `grpc-timeout` header is not used
+	// and gRPC requests time out like any other requests using
+	// :ref:`timeout <envoy_api_field_route.RouteAction.timeout>` or its default.
+	// This can be used to prevent unexpected upstream request timeouts due to potentially long
+	// time gaps between gRPC request and response in gRPC streaming mode.
+	//
+	// .. note::
+	//
+	//    If a timeout is specified using :ref:`config_http_filters_router_x-envoy-upstream-rq-timeout-ms`, it takes
+	//    precedence over `grpc-timeout header <https://github.com/grpc/grpc/blob/master/doc/PROTOCOL-HTTP2.md>`_, when
+	//    both are present. See also
+	//    :ref:`config_http_filters_router_x-envoy-upstream-rq-timeout-ms`,
+	//    :ref:`config_http_filters_router_x-envoy-upstream-rq-per-try-timeout-ms`, and the
+	//    :ref:`retry overview <arch_overview_http_routing_retry>`.
+	MaxGrpcTimeout *duration.Duration `protobuf:"bytes,23,opt,name=max_grpc_timeout,json=maxGrpcTimeout,proto3" json:"max_grpc_timeout,omitempty"`
+	// If present, Envoy will adjust the timeout provided by the `grpc-timeout` header by subtracting
+	// the provided duration from the header. This is useful in allowing Envoy to set its global
+	// timeout to be less than that of the deadline imposed by the calling client, which makes it more
+	// likely that Envoy will handle the timeout instead of having the call canceled by the client.
+	// The offset will only be applied if the provided grpc_timeout is greater than the offset. This
+	// ensures that the offset will only ever decrease the timeout and never set it to 0 (meaning
+	// infinity).
+	GrpcTimeoutOffset      *duration.Duration                 `protobuf:"bytes,28,opt,name=grpc_timeout_offset,json=grpcTimeoutOffset,proto3" json:"grpc_timeout_offset,omitempty"`
+	UpgradeConfigs         []*RouteAction_UpgradeConfig       `protobuf:"bytes,25,rep,name=upgrade_configs,json=upgradeConfigs,proto3" json:"upgrade_configs,omitempty"`
+	InternalRedirectAction RouteAction_InternalRedirectAction `protobuf:"varint,26,opt,name=internal_redirect_action,json=internalRedirectAction,proto3,enum=envoy.api.v2.route.RouteAction_InternalRedirectAction" json:"internal_redirect_action,omitempty"`
+	// An internal redirect is handled, iff the number of previous internal redirects that a
+	// downstream request has encountered is lower than this value, and
+	// :ref:`internal_redirect_action <envoy_api_field_route.RouteAction.internal_redirect_action>`
+	// is set to :ref:`HANDLE_INTERNAL_REDIRECT
+	// <envoy_api_enum_value_route.RouteAction.InternalRedirectAction.HANDLE_INTERNAL_REDIRECT>`
+	// In the case where a downstream request is bounced among multiple routes by internal redirect,
+	// the first route that hits this threshold, or has
+	// :ref:`internal_redirect_action <envoy_api_field_route.RouteAction.internal_redirect_action>`
+	// set to
+	// :ref:`PASS_THROUGH_INTERNAL_REDIRECT
+	// <envoy_api_enum_value_route.RouteAction.InternalRedirectAction.PASS_THROUGH_INTERNAL_REDIRECT>`
+	// will pass the redirect back to downstream.
+	//
+	// If not specified, at most one redirect will be followed.
+	MaxInternalRedirects *wrappers.UInt32Value `protobuf:"bytes,31,opt,name=max_internal_redirects,json=maxInternalRedirects,proto3" json:"max_internal_redirects,omitempty"`
+	// Indicates that the route has a hedge policy. Note that if this is set,
+	// it'll take precedence over the virtual host level hedge policy entirely
+	// (e.g.: policies are not merged, most internal one becomes the enforced policy).
+	HedgePolicy *HedgePolicy `protobuf:"bytes,27,opt,name=hedge_policy,json=hedgePolicy,proto3" json:"hedge_policy,omitempty"`
+}
+
+func (x *RouteAction) Reset() {
+	*x = RouteAction{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_api_v2_route_route_components_proto_msgTypes[6]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *RouteAction) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*RouteAction) ProtoMessage() {}
+
+func (x *RouteAction) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_api_v2_route_route_components_proto_msgTypes[6]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use RouteAction.ProtoReflect.Descriptor instead.
+func (*RouteAction) Descriptor() ([]byte, []int) {
+	return file_envoy_api_v2_route_route_components_proto_rawDescGZIP(), []int{6}
+}
+
+func (m *RouteAction) GetClusterSpecifier() isRouteAction_ClusterSpecifier {
+	if m != nil {
+		return m.ClusterSpecifier
+	}
+	return nil
+}
+
+func (x *RouteAction) GetCluster() string {
+	if x, ok := x.GetClusterSpecifier().(*RouteAction_Cluster); ok {
+		return x.Cluster
+	}
+	return ""
+}
+
+func (x *RouteAction) GetClusterHeader() string {
+	if x, ok := x.GetClusterSpecifier().(*RouteAction_ClusterHeader); ok {
+		return x.ClusterHeader
+	}
+	return ""
+}
+
+func (x *RouteAction) GetWeightedClusters() *WeightedCluster {
+	if x, ok := x.GetClusterSpecifier().(*RouteAction_WeightedClusters); ok {
+		return x.WeightedClusters
+	}
+	return nil
+}
+
+func (x *RouteAction) GetClusterNotFoundResponseCode() RouteAction_ClusterNotFoundResponseCode {
+	if x != nil {
+		return x.ClusterNotFoundResponseCode
+	}
+	return RouteAction_SERVICE_UNAVAILABLE
+}
+
+func (x *RouteAction) GetMetadataMatch() *core.Metadata {
+	if x != nil {
+		return x.MetadataMatch
+	}
+	return nil
+}
+
+func (x *RouteAction) GetPrefixRewrite() string {
+	if x != nil {
+		return x.PrefixRewrite
+	}
+	return ""
+}
+
+func (x *RouteAction) GetRegexRewrite() *matcher.RegexMatchAndSubstitute {
+	if x != nil {
+		return x.RegexRewrite
+	}
+	return nil
+}
+
+func (m *RouteAction) GetHostRewriteSpecifier() isRouteAction_HostRewriteSpecifier {
+	if m != nil {
+		return m.HostRewriteSpecifier
+	}
+	return nil
+}
+
+func (x *RouteAction) GetHostRewrite() string {
+	if x, ok := x.GetHostRewriteSpecifier().(*RouteAction_HostRewrite); ok {
+		return x.HostRewrite
+	}
+	return ""
+}
+
+func (x *RouteAction) GetAutoHostRewrite() *wrappers.BoolValue {
+	if x, ok := x.GetHostRewriteSpecifier().(*RouteAction_AutoHostRewrite); ok {
+		return x.AutoHostRewrite
+	}
+	return nil
+}
+
+func (x *RouteAction) GetAutoHostRewriteHeader() string {
+	if x, ok := x.GetHostRewriteSpecifier().(*RouteAction_AutoHostRewriteHeader); ok {
+		return x.AutoHostRewriteHeader
+	}
+	return ""
+}
+
+func (x *RouteAction) GetTimeout() *duration.Duration {
+	if x != nil {
+		return x.Timeout
+	}
+	return nil
+}
+
+func (x *RouteAction) GetIdleTimeout() *duration.Duration {
+	if x != nil {
+		return x.IdleTimeout
+	}
+	return nil
+}
+
+func (x *RouteAction) GetRetryPolicy() *RetryPolicy {
+	if x != nil {
+		return x.RetryPolicy
+	}
+	return nil
+}
+
+func (x *RouteAction) GetRetryPolicyTypedConfig() *any.Any {
+	if x != nil {
+		return x.RetryPolicyTypedConfig
+	}
+	return nil
+}
+
+// Deprecated: Do not use.
+func (x *RouteAction) GetRequestMirrorPolicy() *RouteAction_RequestMirrorPolicy {
+	if x != nil {
+		return x.RequestMirrorPolicy
+	}
+	return nil
+}
+
+func (x *RouteAction) GetRequestMirrorPolicies() []*RouteAction_RequestMirrorPolicy {
+	if x != nil {
+		return x.RequestMirrorPolicies
+	}
+	return nil
+}
+
+func (x *RouteAction) GetPriority() core.RoutingPriority {
+	if x != nil {
+		return x.Priority
+	}
+	return core.RoutingPriority_DEFAULT
+}
+
+func (x *RouteAction) GetRateLimits() []*RateLimit {
+	if x != nil {
+		return x.RateLimits
+	}
+	return nil
+}
+
+func (x *RouteAction) GetIncludeVhRateLimits() *wrappers.BoolValue {
+	if x != nil {
+		return x.IncludeVhRateLimits
+	}
+	return nil
+}
+
+func (x *RouteAction) GetHashPolicy() []*RouteAction_HashPolicy {
+	if x != nil {
+		return x.HashPolicy
+	}
+	return nil
+}
+
+func (x *RouteAction) GetCors() *CorsPolicy {
+	if x != nil {
+		return x.Cors
+	}
+	return nil
+}
+
+func (x *RouteAction) GetMaxGrpcTimeout() *duration.Duration {
+	if x != nil {
+		return x.MaxGrpcTimeout
+	}
+	return nil
+}
+
+func (x *RouteAction) GetGrpcTimeoutOffset() *duration.Duration {
+	if x != nil {
+		return x.GrpcTimeoutOffset
+	}
+	return nil
+}
+
+func (x *RouteAction) GetUpgradeConfigs() []*RouteAction_UpgradeConfig {
+	if x != nil {
+		return x.UpgradeConfigs
+	}
+	return nil
+}
+
+func (x *RouteAction) GetInternalRedirectAction() RouteAction_InternalRedirectAction {
+	if x != nil {
+		return x.InternalRedirectAction
+	}
+	return RouteAction_PASS_THROUGH_INTERNAL_REDIRECT
+}
+
+func (x *RouteAction) GetMaxInternalRedirects() *wrappers.UInt32Value {
+	if x != nil {
+		return x.MaxInternalRedirects
+	}
+	return nil
+}
+
+func (x *RouteAction) GetHedgePolicy() *HedgePolicy {
+	if x != nil {
+		return x.HedgePolicy
+	}
+	return nil
+}
+
+type isRouteAction_ClusterSpecifier interface {
+	isRouteAction_ClusterSpecifier()
+}
+
+type RouteAction_Cluster struct {
+	// Indicates the upstream cluster to which the request should be routed
+	// to.
+	Cluster string `protobuf:"bytes,1,opt,name=cluster,proto3,oneof"`
+}
+
+type RouteAction_ClusterHeader struct {
+	// Envoy will determine the cluster to route to by reading the value of the
+	// HTTP header named by cluster_header from the request headers. If the
+	// header is not found or the referenced cluster does not exist, Envoy will
+	// return a 404 response.
+	//
+	// .. attention::
+	//
+	//   Internally, Envoy always uses the HTTP/2 *:authority* header to represent the HTTP/1
+	//   *Host* header. Thus, if attempting to match on *Host*, match on *:authority* instead.
+	//
+	// .. note::
+	//
+	//   If the header appears multiple times only the first value is used.
+	ClusterHeader string `protobuf:"bytes,2,opt,name=cluster_header,json=clusterHeader,proto3,oneof"`
+}
+
+type RouteAction_WeightedClusters struct {
+	// Multiple upstream clusters can be specified for a given route. The
+	// request is routed to one of the upstream clusters based on weights
+	// assigned to each cluster. See
+	// :ref:`traffic splitting <config_http_conn_man_route_table_traffic_splitting_split>`
+	// for additional documentation.
+	WeightedClusters *WeightedCluster `protobuf:"bytes,3,opt,name=weighted_clusters,json=weightedClusters,proto3,oneof"`
+}
+
+func (*RouteAction_Cluster) isRouteAction_ClusterSpecifier() {}
+
+func (*RouteAction_ClusterHeader) isRouteAction_ClusterSpecifier() {}
+
+func (*RouteAction_WeightedClusters) isRouteAction_ClusterSpecifier() {}
+
+type isRouteAction_HostRewriteSpecifier interface {
+	isRouteAction_HostRewriteSpecifier()
+}
+
+type RouteAction_HostRewrite struct {
+	// Indicates that during forwarding, the host header will be swapped with
+	// this value.
+	HostRewrite string `protobuf:"bytes,6,opt,name=host_rewrite,json=hostRewrite,proto3,oneof"`
+}
+
+type RouteAction_AutoHostRewrite struct {
+	// Indicates that during forwarding, the host header will be swapped with
+	// the hostname of the upstream host chosen by the cluster manager. This
+	// option is applicable only when the destination cluster for a route is of
+	// type *strict_dns* or *logical_dns*. Setting this to true with other cluster
+	// types has no effect.
+	AutoHostRewrite *wrappers.BoolValue `protobuf:"bytes,7,opt,name=auto_host_rewrite,json=autoHostRewrite,proto3,oneof"`
+}
+
+type RouteAction_AutoHostRewriteHeader struct {
+	// Indicates that during forwarding, the host header will be swapped with the content of given
+	// downstream or :ref:`custom <config_http_conn_man_headers_custom_request_headers>` header.
+	// If header value is empty, host header is left intact.
+	//
+	// .. attention::
+	//
+	//   Pay attention to the potential security implications of using this option. Provided header
+	//   must come from trusted source.
+	//
+	// .. note::
+	//
+	//   If the header appears multiple times only the first value is used.
+	AutoHostRewriteHeader string `protobuf:"bytes,29,opt,name=auto_host_rewrite_header,json=autoHostRewriteHeader,proto3,oneof"`
+}
+
+func (*RouteAction_HostRewrite) isRouteAction_HostRewriteSpecifier() {}
+
+func (*RouteAction_AutoHostRewrite) isRouteAction_HostRewriteSpecifier() {}
+
+func (*RouteAction_AutoHostRewriteHeader) isRouteAction_HostRewriteSpecifier() {}
+
+// HTTP retry :ref:`architecture overview <arch_overview_http_routing_retry>`.
+// [#next-free-field: 11]
+type RetryPolicy struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// Specifies the conditions under which retry takes place. These are the same
+	// conditions documented for :ref:`config_http_filters_router_x-envoy-retry-on` and
+	// :ref:`config_http_filters_router_x-envoy-retry-grpc-on`.
+	RetryOn string `protobuf:"bytes,1,opt,name=retry_on,json=retryOn,proto3" json:"retry_on,omitempty"`
+	// Specifies the allowed number of retries. This parameter is optional and
+	// defaults to 1. These are the same conditions documented for
+	// :ref:`config_http_filters_router_x-envoy-max-retries`.
+	NumRetries *wrappers.UInt32Value `protobuf:"bytes,2,opt,name=num_retries,json=numRetries,proto3" json:"num_retries,omitempty"`
+	// Specifies a non-zero upstream timeout per retry attempt. This parameter is optional. The
+	// same conditions documented for
+	// :ref:`config_http_filters_router_x-envoy-upstream-rq-per-try-timeout-ms` apply.
+	//
+	// .. note::
+	//
+	//   If left unspecified, Envoy will use the global
+	//   :ref:`route timeout <envoy_api_field_route.RouteAction.timeout>` for the request.
+	//   Consequently, when using a :ref:`5xx <config_http_filters_router_x-envoy-retry-on>` based
+	//   retry policy, a request that times out will not be retried as the total timeout budget
+	//   would have been exhausted.
+	PerTryTimeout *duration.Duration `protobuf:"bytes,3,opt,name=per_try_timeout,json=perTryTimeout,proto3" json:"per_try_timeout,omitempty"`
+	// Specifies an implementation of a RetryPriority which is used to determine the
+	// distribution of load across priorities used for retries. Refer to
+	// :ref:`retry plugin configuration <arch_overview_http_retry_plugins>` for more details.
+	RetryPriority *RetryPolicy_RetryPriority `protobuf:"bytes,4,opt,name=retry_priority,json=retryPriority,proto3" json:"retry_priority,omitempty"`
+	// Specifies a collection of RetryHostPredicates that will be consulted when selecting a host
+	// for retries. If any of the predicates reject the host, host selection will be reattempted.
+	// Refer to :ref:`retry plugin configuration <arch_overview_http_retry_plugins>` for more
+	// details.
+	RetryHostPredicate []*RetryPolicy_RetryHostPredicate `protobuf:"bytes,5,rep,name=retry_host_predicate,json=retryHostPredicate,proto3" json:"retry_host_predicate,omitempty"`
+	// The maximum number of times host selection will be reattempted before giving up, at which
+	// point the host that was last selected will be routed to. If unspecified, this will default to
+	// retrying once.
+	HostSelectionRetryMaxAttempts int64 `protobuf:"varint,6,opt,name=host_selection_retry_max_attempts,json=hostSelectionRetryMaxAttempts,proto3" json:"host_selection_retry_max_attempts,omitempty"`
+	// HTTP status codes that should trigger a retry in addition to those specified by retry_on.
+	RetriableStatusCodes []uint32 `protobuf:"varint,7,rep,packed,name=retriable_status_codes,json=retriableStatusCodes,proto3" json:"retriable_status_codes,omitempty"`
+	// Specifies parameters that control retry back off. This parameter is optional, in which case the
+	// default base interval is 25 milliseconds or, if set, the current value of the
+	// `upstream.base_retry_backoff_ms` runtime parameter. The default maximum interval is 10 times
+	// the base interval. The documentation for :ref:`config_http_filters_router_x-envoy-max-retries`
+	// describes Envoy's back-off algorithm.
+	RetryBackOff *RetryPolicy_RetryBackOff `protobuf:"bytes,8,opt,name=retry_back_off,json=retryBackOff,proto3" json:"retry_back_off,omitempty"`
+	// HTTP response headers that trigger a retry if present in the response. A retry will be
+	// triggered if any of the header matches match the upstream response headers.
+	// The field is only consulted if 'retriable-headers' retry policy is active.
+	RetriableHeaders []*HeaderMatcher `protobuf:"bytes,9,rep,name=retriable_headers,json=retriableHeaders,proto3" json:"retriable_headers,omitempty"`
+	// HTTP headers which must be present in the request for retries to be attempted.
+	RetriableRequestHeaders []*HeaderMatcher `protobuf:"bytes,10,rep,name=retriable_request_headers,json=retriableRequestHeaders,proto3" json:"retriable_request_headers,omitempty"`
+}
+
+func (x *RetryPolicy) Reset() {
+	*x = RetryPolicy{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_api_v2_route_route_components_proto_msgTypes[7]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *RetryPolicy) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*RetryPolicy) ProtoMessage() {}
+
+func (x *RetryPolicy) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_api_v2_route_route_components_proto_msgTypes[7]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use RetryPolicy.ProtoReflect.Descriptor instead.
+func (*RetryPolicy) Descriptor() ([]byte, []int) {
+	return file_envoy_api_v2_route_route_components_proto_rawDescGZIP(), []int{7}
+}
+
+func (x *RetryPolicy) GetRetryOn() string {
+	if x != nil {
+		return x.RetryOn
+	}
+	return ""
+}
+
+func (x *RetryPolicy) GetNumRetries() *wrappers.UInt32Value {
+	if x != nil {
+		return x.NumRetries
+	}
+	return nil
+}
+
+func (x *RetryPolicy) GetPerTryTimeout() *duration.Duration {
+	if x != nil {
+		return x.PerTryTimeout
+	}
+	return nil
+}
+
+func (x *RetryPolicy) GetRetryPriority() *RetryPolicy_RetryPriority {
+	if x != nil {
+		return x.RetryPriority
+	}
+	return nil
+}
+
+func (x *RetryPolicy) GetRetryHostPredicate() []*RetryPolicy_RetryHostPredicate {
+	if x != nil {
+		return x.RetryHostPredicate
+	}
+	return nil
+}
+
+func (x *RetryPolicy) GetHostSelectionRetryMaxAttempts() int64 {
+	if x != nil {
+		return x.HostSelectionRetryMaxAttempts
+	}
+	return 0
+}
+
+func (x *RetryPolicy) GetRetriableStatusCodes() []uint32 {
+	if x != nil {
+		return x.RetriableStatusCodes
+	}
+	return nil
+}
+
+func (x *RetryPolicy) GetRetryBackOff() *RetryPolicy_RetryBackOff {
+	if x != nil {
+		return x.RetryBackOff
+	}
+	return nil
+}
+
+func (x *RetryPolicy) GetRetriableHeaders() []*HeaderMatcher {
+	if x != nil {
+		return x.RetriableHeaders
+	}
+	return nil
+}
+
+func (x *RetryPolicy) GetRetriableRequestHeaders() []*HeaderMatcher {
+	if x != nil {
+		return x.RetriableRequestHeaders
+	}
+	return nil
+}
+
+// HTTP request hedging :ref:`architecture overview <arch_overview_http_routing_hedging>`.
+type HedgePolicy struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// Specifies the number of initial requests that should be sent upstream.
+	// Must be at least 1.
+	// Defaults to 1.
+	// [#not-implemented-hide:]
+	InitialRequests *wrappers.UInt32Value `protobuf:"bytes,1,opt,name=initial_requests,json=initialRequests,proto3" json:"initial_requests,omitempty"`
+	// Specifies a probability that an additional upstream request should be sent
+	// on top of what is specified by initial_requests.
+	// Defaults to 0.
+	// [#not-implemented-hide:]
+	AdditionalRequestChance *_type.FractionalPercent `protobuf:"bytes,2,opt,name=additional_request_chance,json=additionalRequestChance,proto3" json:"additional_request_chance,omitempty"`
+	// Indicates that a hedged request should be sent when the per-try timeout is hit.
+	// This means that a retry will be issued without resetting the original request, leaving multiple upstream requests in flight.
+	// The first request to complete successfully will be the one returned to the caller.
+	//
+	// * At any time, a successful response (i.e. not triggering any of the retry-on conditions) would be returned to the client.
+	// * Before per-try timeout, an error response (per retry-on conditions) would be retried immediately or returned ot the client
+	//   if there are no more retries left.
+	// * After per-try timeout, an error response would be discarded, as a retry in the form of a hedged request is already in progress.
+	//
+	// Note: For this to have effect, you must have a :ref:`RetryPolicy <envoy_api_msg_route.RetryPolicy>` that retries at least
+	// one error code and specifies a maximum number of retries.
+	//
+	// Defaults to false.
+	HedgeOnPerTryTimeout bool `protobuf:"varint,3,opt,name=hedge_on_per_try_timeout,json=hedgeOnPerTryTimeout,proto3" json:"hedge_on_per_try_timeout,omitempty"`
+}
+
+func (x *HedgePolicy) Reset() {
+	*x = HedgePolicy{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_api_v2_route_route_components_proto_msgTypes[8]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *HedgePolicy) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*HedgePolicy) ProtoMessage() {}
+
+func (x *HedgePolicy) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_api_v2_route_route_components_proto_msgTypes[8]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use HedgePolicy.ProtoReflect.Descriptor instead.
+func (*HedgePolicy) Descriptor() ([]byte, []int) {
+	return file_envoy_api_v2_route_route_components_proto_rawDescGZIP(), []int{8}
+}
+
+func (x *HedgePolicy) GetInitialRequests() *wrappers.UInt32Value {
+	if x != nil {
+		return x.InitialRequests
+	}
+	return nil
+}
+
+func (x *HedgePolicy) GetAdditionalRequestChance() *_type.FractionalPercent {
+	if x != nil {
+		return x.AdditionalRequestChance
+	}
+	return nil
+}
+
+func (x *HedgePolicy) GetHedgeOnPerTryTimeout() bool {
+	if x != nil {
+		return x.HedgeOnPerTryTimeout
+	}
+	return false
+}
+
+// [#next-free-field: 9]
+type RedirectAction struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// When the scheme redirection take place, the following rules apply:
+	//  1. If the source URI scheme is `http` and the port is explicitly
+	//     set to `:80`, the port will be removed after the redirection
+	//  2. If the source URI scheme is `https` and the port is explicitly
+	//     set to `:443`, the port will be removed after the redirection
+	//
+	// Types that are assignable to SchemeRewriteSpecifier:
+	//	*RedirectAction_HttpsRedirect
+	//	*RedirectAction_SchemeRedirect
+	SchemeRewriteSpecifier isRedirectAction_SchemeRewriteSpecifier `protobuf_oneof:"scheme_rewrite_specifier"`
+	// The host portion of the URL will be swapped with this value.
+	HostRedirect string `protobuf:"bytes,1,opt,name=host_redirect,json=hostRedirect,proto3" json:"host_redirect,omitempty"`
+	// The port value of the URL will be swapped with this value.
+	PortRedirect uint32 `protobuf:"varint,8,opt,name=port_redirect,json=portRedirect,proto3" json:"port_redirect,omitempty"`
+	// Types that are assignable to PathRewriteSpecifier:
+	//	*RedirectAction_PathRedirect
+	//	*RedirectAction_PrefixRewrite
+	PathRewriteSpecifier isRedirectAction_PathRewriteSpecifier `protobuf_oneof:"path_rewrite_specifier"`
+	// The HTTP status code to use in the redirect response. The default response
+	// code is MOVED_PERMANENTLY (301).
+	ResponseCode RedirectAction_RedirectResponseCode `protobuf:"varint,3,opt,name=response_code,json=responseCode,proto3,enum=envoy.api.v2.route.RedirectAction_RedirectResponseCode" json:"response_code,omitempty"`
+	// Indicates that during redirection, the query portion of the URL will
+	// be removed. Default value is false.
+	StripQuery bool `protobuf:"varint,6,opt,name=strip_query,json=stripQuery,proto3" json:"strip_query,omitempty"`
+}
+
+func (x *RedirectAction) Reset() {
+	*x = RedirectAction{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_api_v2_route_route_components_proto_msgTypes[9]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *RedirectAction) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*RedirectAction) ProtoMessage() {}
+
+func (x *RedirectAction) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_api_v2_route_route_components_proto_msgTypes[9]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use RedirectAction.ProtoReflect.Descriptor instead.
+func (*RedirectAction) Descriptor() ([]byte, []int) {
+	return file_envoy_api_v2_route_route_components_proto_rawDescGZIP(), []int{9}
+}
+
+func (m *RedirectAction) GetSchemeRewriteSpecifier() isRedirectAction_SchemeRewriteSpecifier {
+	if m != nil {
+		return m.SchemeRewriteSpecifier
+	}
+	return nil
+}
+
+func (x *RedirectAction) GetHttpsRedirect() bool {
+	if x, ok := x.GetSchemeRewriteSpecifier().(*RedirectAction_HttpsRedirect); ok {
+		return x.HttpsRedirect
+	}
+	return false
+}
+
+func (x *RedirectAction) GetSchemeRedirect() string {
+	if x, ok := x.GetSchemeRewriteSpecifier().(*RedirectAction_SchemeRedirect); ok {
+		return x.SchemeRedirect
+	}
+	return ""
+}
+
+func (x *RedirectAction) GetHostRedirect() string {
+	if x != nil {
+		return x.HostRedirect
+	}
+	return ""
+}
+
+func (x *RedirectAction) GetPortRedirect() uint32 {
+	if x != nil {
+		return x.PortRedirect
+	}
+	return 0
+}
+
+func (m *RedirectAction) GetPathRewriteSpecifier() isRedirectAction_PathRewriteSpecifier {
+	if m != nil {
+		return m.PathRewriteSpecifier
+	}
+	return nil
+}
+
+func (x *RedirectAction) GetPathRedirect() string {
+	if x, ok := x.GetPathRewriteSpecifier().(*RedirectAction_PathRedirect); ok {
+		return x.PathRedirect
+	}
+	return ""
+}
+
+func (x *RedirectAction) GetPrefixRewrite() string {
+	if x, ok := x.GetPathRewriteSpecifier().(*RedirectAction_PrefixRewrite); ok {
+		return x.PrefixRewrite
+	}
+	return ""
+}
+
+func (x *RedirectAction) GetResponseCode() RedirectAction_RedirectResponseCode {
+	if x != nil {
+		return x.ResponseCode
+	}
+	return RedirectAction_MOVED_PERMANENTLY
+}
+
+func (x *RedirectAction) GetStripQuery() bool {
+	if x != nil {
+		return x.StripQuery
+	}
+	return false
+}
+
+type isRedirectAction_SchemeRewriteSpecifier interface {
+	isRedirectAction_SchemeRewriteSpecifier()
+}
+
+type RedirectAction_HttpsRedirect struct {
+	// The scheme portion of the URL will be swapped with "https".
+	HttpsRedirect bool `protobuf:"varint,4,opt,name=https_redirect,json=httpsRedirect,proto3,oneof"`
+}
+
+type RedirectAction_SchemeRedirect struct {
+	// The scheme portion of the URL will be swapped with this value.
+	SchemeRedirect string `protobuf:"bytes,7,opt,name=scheme_redirect,json=schemeRedirect,proto3,oneof"`
+}
+
+func (*RedirectAction_HttpsRedirect) isRedirectAction_SchemeRewriteSpecifier() {}
+
+func (*RedirectAction_SchemeRedirect) isRedirectAction_SchemeRewriteSpecifier() {}
+
+type isRedirectAction_PathRewriteSpecifier interface {
+	isRedirectAction_PathRewriteSpecifier()
+}
+
+type RedirectAction_PathRedirect struct {
+	// The path portion of the URL will be swapped with this value.
+	// Please note that query string in path_redirect will override the
+	// request's query string and will not be stripped.
+	//
+	// For example, let's say we have the following routes:
+	//
+	// - match: { path: "/old-path-1" }
+	//   redirect: { path_redirect: "/new-path-1" }
+	// - match: { path: "/old-path-2" }
+	//   redirect: { path_redirect: "/new-path-2", strip-query: "true" }
+	// - match: { path: "/old-path-3" }
+	//   redirect: { path_redirect: "/new-path-3?foo=1", strip_query: "true" }
+	//
+	// 1. if request uri is "/old-path-1?bar=1", users will be redirected to "/new-path-1?bar=1"
+	// 2. if request uri is "/old-path-2?bar=1", users will be redirected to "/new-path-2"
+	// 3. if request uri is "/old-path-3?bar=1", users will be redirected to "/new-path-3?foo=1"
+	PathRedirect string `protobuf:"bytes,2,opt,name=path_redirect,json=pathRedirect,proto3,oneof"`
+}
+
+type RedirectAction_PrefixRewrite struct {
+	// Indicates that during redirection, the matched prefix (or path)
+	// should be swapped with this value. This option allows redirect URLs be dynamically created
+	// based on the request.
+	//
+	// .. attention::
+	//
+	//   Pay attention to the use of trailing slashes as mentioned in
+	//   :ref:`RouteAction's prefix_rewrite <envoy_api_field_route.RouteAction.prefix_rewrite>`.
+	PrefixRewrite string `protobuf:"bytes,5,opt,name=prefix_rewrite,json=prefixRewrite,proto3,oneof"`
+}
+
+func (*RedirectAction_PathRedirect) isRedirectAction_PathRewriteSpecifier() {}
+
+func (*RedirectAction_PrefixRewrite) isRedirectAction_PathRewriteSpecifier() {}
+
+type DirectResponseAction struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// Specifies the HTTP response status to be returned.
+	Status uint32 `protobuf:"varint,1,opt,name=status,proto3" json:"status,omitempty"`
+	// Specifies the content of the response body. If this setting is omitted,
+	// no body is included in the generated response.
+	//
+	// .. note::
+	//
+	//   Headers can be specified using *response_headers_to_add* in the enclosing
+	//   :ref:`envoy_api_msg_route.Route`, :ref:`envoy_api_msg_RouteConfiguration` or
+	//   :ref:`envoy_api_msg_route.VirtualHost`.
+	Body *core.DataSource `protobuf:"bytes,2,opt,name=body,proto3" json:"body,omitempty"`
+}
+
+func (x *DirectResponseAction) Reset() {
+	*x = DirectResponseAction{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_api_v2_route_route_components_proto_msgTypes[10]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *DirectResponseAction) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*DirectResponseAction) ProtoMessage() {}
+
+func (x *DirectResponseAction) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_api_v2_route_route_components_proto_msgTypes[10]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use DirectResponseAction.ProtoReflect.Descriptor instead.
+func (*DirectResponseAction) Descriptor() ([]byte, []int) {
+	return file_envoy_api_v2_route_route_components_proto_rawDescGZIP(), []int{10}
+}
+
+func (x *DirectResponseAction) GetStatus() uint32 {
+	if x != nil {
+		return x.Status
+	}
+	return 0
+}
+
+func (x *DirectResponseAction) GetBody() *core.DataSource {
+	if x != nil {
+		return x.Body
+	}
+	return nil
+}
+
+type Decorator struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// The operation name associated with the request matched to this route. If tracing is
+	// enabled, this information will be used as the span name reported for this request.
+	//
+	// .. note::
+	//
+	//   For ingress (inbound) requests, or egress (outbound) responses, this value may be overridden
+	//   by the :ref:`x-envoy-decorator-operation
+	//   <config_http_filters_router_x-envoy-decorator-operation>` header.
+	Operation string `protobuf:"bytes,1,opt,name=operation,proto3" json:"operation,omitempty"`
+	// Whether the decorated details should be propagated to the other party. The default is true.
+	Propagate *wrappers.BoolValue `protobuf:"bytes,2,opt,name=propagate,proto3" json:"propagate,omitempty"`
+}
+
+func (x *Decorator) Reset() {
+	*x = Decorator{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_api_v2_route_route_components_proto_msgTypes[11]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *Decorator) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*Decorator) ProtoMessage() {}
+
+func (x *Decorator) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_api_v2_route_route_components_proto_msgTypes[11]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use Decorator.ProtoReflect.Descriptor instead.
+func (*Decorator) Descriptor() ([]byte, []int) {
+	return file_envoy_api_v2_route_route_components_proto_rawDescGZIP(), []int{11}
+}
+
+func (x *Decorator) GetOperation() string {
+	if x != nil {
+		return x.Operation
+	}
+	return ""
+}
+
+func (x *Decorator) GetPropagate() *wrappers.BoolValue {
+	if x != nil {
+		return x.Propagate
+	}
+	return nil
+}
+
+type Tracing struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// Target percentage of requests managed by this HTTP connection manager that will be force
+	// traced if the :ref:`x-client-trace-id <config_http_conn_man_headers_x-client-trace-id>`
+	// header is set. This field is a direct analog for the runtime variable
+	// 'tracing.client_sampling' in the :ref:`HTTP Connection Manager
+	// <config_http_conn_man_runtime>`.
+	// Default: 100%
+	ClientSampling *_type.FractionalPercent `protobuf:"bytes,1,opt,name=client_sampling,json=clientSampling,proto3" json:"client_sampling,omitempty"`
+	// Target percentage of requests managed by this HTTP connection manager that will be randomly
+	// selected for trace generation, if not requested by the client or not forced. This field is
+	// a direct analog for the runtime variable 'tracing.random_sampling' in the
+	// :ref:`HTTP Connection Manager <config_http_conn_man_runtime>`.
+	// Default: 100%
+	RandomSampling *_type.FractionalPercent `protobuf:"bytes,2,opt,name=random_sampling,json=randomSampling,proto3" json:"random_sampling,omitempty"`
+	// Target percentage of requests managed by this HTTP connection manager that will be traced
+	// after all other sampling checks have been applied (client-directed, force tracing, random
+	// sampling). This field functions as an upper limit on the total configured sampling rate. For
+	// instance, setting client_sampling to 100% but overall_sampling to 1% will result in only 1%
+	// of client requests with the appropriate headers to be force traced. This field is a direct
+	// analog for the runtime variable 'tracing.global_enabled' in the
+	// :ref:`HTTP Connection Manager <config_http_conn_man_runtime>`.
+	// Default: 100%
+	OverallSampling *_type.FractionalPercent `protobuf:"bytes,3,opt,name=overall_sampling,json=overallSampling,proto3" json:"overall_sampling,omitempty"`
+	// A list of custom tags with unique tag name to create tags for the active span.
+	// It will take effect after merging with the :ref:`corresponding configuration
+	// <envoy_api_field_config.filter.network.http_connection_manager.v2.HttpConnectionManager.Tracing.custom_tags>`
+	// configured in the HTTP connection manager. If two tags with the same name are configured
+	// each in the HTTP connection manager and the route level, the one configured here takes
+	// priority.
+	CustomTags []*v2.CustomTag `protobuf:"bytes,4,rep,name=custom_tags,json=customTags,proto3" json:"custom_tags,omitempty"`
+}
+
+func (x *Tracing) Reset() {
+	*x = Tracing{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_api_v2_route_route_components_proto_msgTypes[12]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *Tracing) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*Tracing) ProtoMessage() {}
+
+func (x *Tracing) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_api_v2_route_route_components_proto_msgTypes[12]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use Tracing.ProtoReflect.Descriptor instead.
+func (*Tracing) Descriptor() ([]byte, []int) {
+	return file_envoy_api_v2_route_route_components_proto_rawDescGZIP(), []int{12}
+}
+
+func (x *Tracing) GetClientSampling() *_type.FractionalPercent {
+	if x != nil {
+		return x.ClientSampling
+	}
+	return nil
+}
+
+func (x *Tracing) GetRandomSampling() *_type.FractionalPercent {
+	if x != nil {
+		return x.RandomSampling
+	}
+	return nil
+}
+
+func (x *Tracing) GetOverallSampling() *_type.FractionalPercent {
+	if x != nil {
+		return x.OverallSampling
+	}
+	return nil
+}
+
+func (x *Tracing) GetCustomTags() []*v2.CustomTag {
+	if x != nil {
+		return x.CustomTags
+	}
+	return nil
+}
+
+// A virtual cluster is a way of specifying a regex matching rule against
+// certain important endpoints such that statistics are generated explicitly for
+// the matched requests. The reason this is useful is that when doing
+// prefix/path matching Envoy does not always know what the application
+// considers to be an endpoint. Thus, it’s impossible for Envoy to generically
+// emit per endpoint statistics. However, often systems have highly critical
+// endpoints that they wish to get “perfect” statistics on. Virtual cluster
+// statistics are perfect in the sense that they are emitted on the downstream
+// side such that they include network level failures.
+//
+// Documentation for :ref:`virtual cluster statistics <config_http_filters_router_vcluster_stats>`.
+//
+// .. note::
+//
+//    Virtual clusters are a useful tool, but we do not recommend setting up a virtual cluster for
+//    every application endpoint. This is both not easily maintainable and as well the matching and
+//    statistics output are not free.
+type VirtualCluster struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// Specifies a regex pattern to use for matching requests. The entire path of the request
+	// must match the regex. The regex grammar used is defined `here
+	// <https://en.cppreference.com/w/cpp/regex/ecmascript>`_.
+	//
+	// Examples:
+	//
+	// * The regex ``/rides/\d+`` matches the path */rides/0*
+	// * The regex ``/rides/\d+`` matches the path */rides/123*
+	// * The regex ``/rides/\d+`` does not match the path */rides/123/456*
+	//
+	// .. attention::
+	//   This field has been deprecated in favor of `headers` as it is not safe for use with
+	//   untrusted input in all cases.
+	//
+	// Deprecated: Do not use.
+	Pattern string `protobuf:"bytes,1,opt,name=pattern,proto3" json:"pattern,omitempty"`
+	// Specifies a list of header matchers to use for matching requests. Each specified header must
+	// match. The pseudo-headers `:path` and `:method` can be used to match the request path and
+	// method, respectively.
+	Headers []*HeaderMatcher `protobuf:"bytes,4,rep,name=headers,proto3" json:"headers,omitempty"`
+	// Specifies the name of the virtual cluster. The virtual cluster name as well
+	// as the virtual host name are used when emitting statistics. The statistics are emitted by the
+	// router filter and are documented :ref:`here <config_http_filters_router_stats>`.
+	Name string `protobuf:"bytes,2,opt,name=name,proto3" json:"name,omitempty"`
+	// Optionally specifies the HTTP method to match on. For example GET, PUT,
+	// etc.
+	//
+	// .. attention::
+	//   This field has been deprecated in favor of `headers`.
+	//
+	// Deprecated: Do not use.
+	Method core.RequestMethod `protobuf:"varint,3,opt,name=method,proto3,enum=envoy.api.v2.core.RequestMethod" json:"method,omitempty"`
+}
+
+func (x *VirtualCluster) Reset() {
+	*x = VirtualCluster{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_api_v2_route_route_components_proto_msgTypes[13]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *VirtualCluster) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*VirtualCluster) ProtoMessage() {}
+
+func (x *VirtualCluster) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_api_v2_route_route_components_proto_msgTypes[13]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use VirtualCluster.ProtoReflect.Descriptor instead.
+func (*VirtualCluster) Descriptor() ([]byte, []int) {
+	return file_envoy_api_v2_route_route_components_proto_rawDescGZIP(), []int{13}
+}
+
+// Deprecated: Do not use.
+func (x *VirtualCluster) GetPattern() string {
+	if x != nil {
+		return x.Pattern
+	}
+	return ""
+}
+
+func (x *VirtualCluster) GetHeaders() []*HeaderMatcher {
+	if x != nil {
+		return x.Headers
+	}
+	return nil
+}
+
+func (x *VirtualCluster) GetName() string {
+	if x != nil {
+		return x.Name
+	}
+	return ""
+}
+
+// Deprecated: Do not use.
+func (x *VirtualCluster) GetMethod() core.RequestMethod {
+	if x != nil {
+		return x.Method
+	}
+	return core.RequestMethod_METHOD_UNSPECIFIED
+}
+
+// Global rate limiting :ref:`architecture overview <arch_overview_global_rate_limit>`.
+type RateLimit struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// Refers to the stage set in the filter. The rate limit configuration only
+	// applies to filters with the same stage number. The default stage number is
+	// 0.
+	//
+	// .. note::
+	//
+	//   The filter supports a range of 0 - 10 inclusively for stage numbers.
+	Stage *wrappers.UInt32Value `protobuf:"bytes,1,opt,name=stage,proto3" json:"stage,omitempty"`
+	// The key to be set in runtime to disable this rate limit configuration.
+	DisableKey string `protobuf:"bytes,2,opt,name=disable_key,json=disableKey,proto3" json:"disable_key,omitempty"`
+	// A list of actions that are to be applied for this rate limit configuration.
+	// Order matters as the actions are processed sequentially and the descriptor
+	// is composed by appending descriptor entries in that sequence. If an action
+	// cannot append a descriptor entry, no descriptor is generated for the
+	// configuration. See :ref:`composing actions
+	// <config_http_filters_rate_limit_composing_actions>` for additional documentation.
+	Actions []*RateLimit_Action `protobuf:"bytes,3,rep,name=actions,proto3" json:"actions,omitempty"`
+}
+
+func (x *RateLimit) Reset() {
+	*x = RateLimit{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_api_v2_route_route_components_proto_msgTypes[14]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *RateLimit) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*RateLimit) ProtoMessage() {}
+
+func (x *RateLimit) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_api_v2_route_route_components_proto_msgTypes[14]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use RateLimit.ProtoReflect.Descriptor instead.
+func (*RateLimit) Descriptor() ([]byte, []int) {
+	return file_envoy_api_v2_route_route_components_proto_rawDescGZIP(), []int{14}
+}
+
+func (x *RateLimit) GetStage() *wrappers.UInt32Value {
+	if x != nil {
+		return x.Stage
+	}
+	return nil
+}
+
+func (x *RateLimit) GetDisableKey() string {
+	if x != nil {
+		return x.DisableKey
+	}
+	return ""
+}
+
+func (x *RateLimit) GetActions() []*RateLimit_Action {
+	if x != nil {
+		return x.Actions
+	}
+	return nil
+}
+
+// .. attention::
+//
+//   Internally, Envoy always uses the HTTP/2 *:authority* header to represent the HTTP/1 *Host*
+//   header. Thus, if attempting to match on *Host*, match on *:authority* instead.
+//
+// .. attention::
+//
+//   To route on HTTP method, use the special HTTP/2 *:method* header. This works for both
+//   HTTP/1 and HTTP/2 as Envoy normalizes headers. E.g.,
+//
+//   .. code-block:: json
+//
+//     {
+//       "name": ":method",
+//       "exact_match": "POST"
+//     }
+//
+// .. attention::
+//   In the absence of any header match specifier, match will default to :ref:`present_match
+//   <envoy_api_field_route.HeaderMatcher.present_match>`. i.e, a request that has the :ref:`name
+//   <envoy_api_field_route.HeaderMatcher.name>` header will match, regardless of the header's
+//   value.
+//
+//  [#next-major-version: HeaderMatcher should be refactored to use StringMatcher.]
+// [#next-free-field: 12]
+type HeaderMatcher struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// Specifies the name of the header in the request.
+	Name string `protobuf:"bytes,1,opt,name=name,proto3" json:"name,omitempty"`
+	// Specifies how the header match will be performed to route the request.
+	//
+	// Types that are assignable to HeaderMatchSpecifier:
+	//	*HeaderMatcher_ExactMatch
+	//	*HeaderMatcher_RegexMatch
+	//	*HeaderMatcher_SafeRegexMatch
+	//	*HeaderMatcher_RangeMatch
+	//	*HeaderMatcher_PresentMatch
+	//	*HeaderMatcher_PrefixMatch
+	//	*HeaderMatcher_SuffixMatch
+	HeaderMatchSpecifier isHeaderMatcher_HeaderMatchSpecifier `protobuf_oneof:"header_match_specifier"`
+	// If specified, the match result will be inverted before checking. Defaults to false.
+	//
+	// Examples:
+	//
+	// * The regex ``\d{3}`` does not match the value *1234*, so it will match when inverted.
+	// * The range [-10,0) will match the value -1, so it will not match when inverted.
+	InvertMatch bool `protobuf:"varint,8,opt,name=invert_match,json=invertMatch,proto3" json:"invert_match,omitempty"`
+}
+
+func (x *HeaderMatcher) Reset() {
+	*x = HeaderMatcher{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_api_v2_route_route_components_proto_msgTypes[15]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *HeaderMatcher) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*HeaderMatcher) ProtoMessage() {}
+
+func (x *HeaderMatcher) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_api_v2_route_route_components_proto_msgTypes[15]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use HeaderMatcher.ProtoReflect.Descriptor instead.
+func (*HeaderMatcher) Descriptor() ([]byte, []int) {
+	return file_envoy_api_v2_route_route_components_proto_rawDescGZIP(), []int{15}
+}
+
+func (x *HeaderMatcher) GetName() string {
+	if x != nil {
+		return x.Name
+	}
+	return ""
+}
+
+func (m *HeaderMatcher) GetHeaderMatchSpecifier() isHeaderMatcher_HeaderMatchSpecifier {
+	if m != nil {
+		return m.HeaderMatchSpecifier
+	}
+	return nil
+}
+
+func (x *HeaderMatcher) GetExactMatch() string {
+	if x, ok := x.GetHeaderMatchSpecifier().(*HeaderMatcher_ExactMatch); ok {
+		return x.ExactMatch
+	}
+	return ""
+}
+
+// Deprecated: Do not use.
+func (x *HeaderMatcher) GetRegexMatch() string {
+	if x, ok := x.GetHeaderMatchSpecifier().(*HeaderMatcher_RegexMatch); ok {
+		return x.RegexMatch
+	}
+	return ""
+}
+
+func (x *HeaderMatcher) GetSafeRegexMatch() *matcher.RegexMatcher {
+	if x, ok := x.GetHeaderMatchSpecifier().(*HeaderMatcher_SafeRegexMatch); ok {
+		return x.SafeRegexMatch
+	}
+	return nil
+}
+
+func (x *HeaderMatcher) GetRangeMatch() *_type.Int64Range {
+	if x, ok := x.GetHeaderMatchSpecifier().(*HeaderMatcher_RangeMatch); ok {
+		return x.RangeMatch
+	}
+	return nil
+}
+
+func (x *HeaderMatcher) GetPresentMatch() bool {
+	if x, ok := x.GetHeaderMatchSpecifier().(*HeaderMatcher_PresentMatch); ok {
+		return x.PresentMatch
+	}
+	return false
+}
+
+func (x *HeaderMatcher) GetPrefixMatch() string {
+	if x, ok := x.GetHeaderMatchSpecifier().(*HeaderMatcher_PrefixMatch); ok {
+		return x.PrefixMatch
+	}
+	return ""
+}
+
+func (x *HeaderMatcher) GetSuffixMatch() string {
+	if x, ok := x.GetHeaderMatchSpecifier().(*HeaderMatcher_SuffixMatch); ok {
+		return x.SuffixMatch
+	}
+	return ""
+}
+
+func (x *HeaderMatcher) GetInvertMatch() bool {
+	if x != nil {
+		return x.InvertMatch
+	}
+	return false
+}
+
+type isHeaderMatcher_HeaderMatchSpecifier interface {
+	isHeaderMatcher_HeaderMatchSpecifier()
+}
+
+type HeaderMatcher_ExactMatch struct {
+	// If specified, header match will be performed based on the value of the header.
+	ExactMatch string `protobuf:"bytes,4,opt,name=exact_match,json=exactMatch,proto3,oneof"`
+}
+
+type HeaderMatcher_RegexMatch struct {
+	// If specified, this regex string is a regular expression rule which implies the entire request
+	// header value must match the regex. The rule will not match if only a subsequence of the
+	// request header value matches the regex. The regex grammar used in the value field is defined
+	// `here <https://en.cppreference.com/w/cpp/regex/ecmascript>`_.
+	//
+	// Examples:
+	//
+	// * The regex ``\d{3}`` matches the value *123*
+	// * The regex ``\d{3}`` does not match the value *1234*
+	// * The regex ``\d{3}`` does not match the value *123.456*
+	//
+	// .. attention::
+	//   This field has been deprecated in favor of `safe_regex_match` as it is not safe for use
+	//   with untrusted input in all cases.
+	//
+	// Deprecated: Do not use.
+	RegexMatch string `protobuf:"bytes,5,opt,name=regex_match,json=regexMatch,proto3,oneof"`
+}
+
+type HeaderMatcher_SafeRegexMatch struct {
+	// If specified, this regex string is a regular expression rule which implies the entire request
+	// header value must match the regex. The rule will not match if only a subsequence of the
+	// request header value matches the regex.
+	SafeRegexMatch *matcher.RegexMatcher `protobuf:"bytes,11,opt,name=safe_regex_match,json=safeRegexMatch,proto3,oneof"`
+}
+
+type HeaderMatcher_RangeMatch struct {
+	// If specified, header match will be performed based on range.
+	// The rule will match if the request header value is within this range.
+	// The entire request header value must represent an integer in base 10 notation: consisting of
+	// an optional plus or minus sign followed by a sequence of digits. The rule will not match if
+	// the header value does not represent an integer. Match will fail for empty values, floating
+	// point numbers or if only a subsequence of the header value is an integer.
+	//
+	// Examples:
+	//
+	// * For range [-10,0), route will match for header value -1, but not for 0, "somestring", 10.9,
+	//   "-1somestring"
+	RangeMatch *_type.Int64Range `protobuf:"bytes,6,opt,name=range_match,json=rangeMatch,proto3,oneof"`
+}
+
+type HeaderMatcher_PresentMatch struct {
+	// If specified, header match will be performed based on whether the header is in the
+	// request.
+	PresentMatch bool `protobuf:"varint,7,opt,name=present_match,json=presentMatch,proto3,oneof"`
+}
+
+type HeaderMatcher_PrefixMatch struct {
+	// If specified, header match will be performed based on the prefix of the header value.
+	// Note: empty prefix is not allowed, please use present_match instead.
+	//
+	// Examples:
+	//
+	// * The prefix *abcd* matches the value *abcdxyz*, but not for *abcxyz*.
+	PrefixMatch string `protobuf:"bytes,9,opt,name=prefix_match,json=prefixMatch,proto3,oneof"`
+}
+
+type HeaderMatcher_SuffixMatch struct {
+	// If specified, header match will be performed based on the suffix of the header value.
+	// Note: empty suffix is not allowed, please use present_match instead.
+	//
+	// Examples:
+	//
+	// * The suffix *abcd* matches the value *xyzabcd*, but not for *xyzbcd*.
+	SuffixMatch string `protobuf:"bytes,10,opt,name=suffix_match,json=suffixMatch,proto3,oneof"`
+}
+
+func (*HeaderMatcher_ExactMatch) isHeaderMatcher_HeaderMatchSpecifier() {}
+
+func (*HeaderMatcher_RegexMatch) isHeaderMatcher_HeaderMatchSpecifier() {}
+
+func (*HeaderMatcher_SafeRegexMatch) isHeaderMatcher_HeaderMatchSpecifier() {}
+
+func (*HeaderMatcher_RangeMatch) isHeaderMatcher_HeaderMatchSpecifier() {}
+
+func (*HeaderMatcher_PresentMatch) isHeaderMatcher_HeaderMatchSpecifier() {}
+
+func (*HeaderMatcher_PrefixMatch) isHeaderMatcher_HeaderMatchSpecifier() {}
+
+func (*HeaderMatcher_SuffixMatch) isHeaderMatcher_HeaderMatchSpecifier() {}
+
+// Query parameter matching treats the query string of a request's :path header
+// as an ampersand-separated list of keys and/or key=value elements.
+// [#next-free-field: 7]
+type QueryParameterMatcher struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// Specifies the name of a key that must be present in the requested
+	// *path*'s query string.
+	Name string `protobuf:"bytes,1,opt,name=name,proto3" json:"name,omitempty"`
+	// Specifies the value of the key. If the value is absent, a request
+	// that contains the key in its query string will match, whether the
+	// key appears with a value (e.g., "?debug=true") or not (e.g., "?debug")
+	//
+	// ..attention::
+	//   This field is deprecated. Use an `exact` match inside the `string_match` field.
+	//
+	// Deprecated: Do not use.
+	Value string `protobuf:"bytes,3,opt,name=value,proto3" json:"value,omitempty"`
+	// Specifies whether the query parameter value is a regular expression.
+	// Defaults to false. The entire query parameter value (i.e., the part to
+	// the right of the equals sign in "key=value") must match the regex.
+	// E.g., the regex ``\d+$`` will match *123* but not *a123* or *123a*.
+	//
+	// ..attention::
+	//   This field is deprecated. Use a `safe_regex` match inside the `string_match` field.
+	//
+	// Deprecated: Do not use.
+	Regex *wrappers.BoolValue `protobuf:"bytes,4,opt,name=regex,proto3" json:"regex,omitempty"`
+	// Types that are assignable to QueryParameterMatchSpecifier:
+	//	*QueryParameterMatcher_StringMatch
+	//	*QueryParameterMatcher_PresentMatch
+	QueryParameterMatchSpecifier isQueryParameterMatcher_QueryParameterMatchSpecifier `protobuf_oneof:"query_parameter_match_specifier"`
+}
+
+func (x *QueryParameterMatcher) Reset() {
+	*x = QueryParameterMatcher{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_api_v2_route_route_components_proto_msgTypes[16]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *QueryParameterMatcher) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*QueryParameterMatcher) ProtoMessage() {}
+
+func (x *QueryParameterMatcher) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_api_v2_route_route_components_proto_msgTypes[16]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use QueryParameterMatcher.ProtoReflect.Descriptor instead.
+func (*QueryParameterMatcher) Descriptor() ([]byte, []int) {
+	return file_envoy_api_v2_route_route_components_proto_rawDescGZIP(), []int{16}
+}
+
+func (x *QueryParameterMatcher) GetName() string {
+	if x != nil {
+		return x.Name
+	}
+	return ""
+}
+
+// Deprecated: Do not use.
+func (x *QueryParameterMatcher) GetValue() string {
+	if x != nil {
+		return x.Value
+	}
+	return ""
+}
+
+// Deprecated: Do not use.
+func (x *QueryParameterMatcher) GetRegex() *wrappers.BoolValue {
+	if x != nil {
+		return x.Regex
+	}
+	return nil
+}
+
+func (m *QueryParameterMatcher) GetQueryParameterMatchSpecifier() isQueryParameterMatcher_QueryParameterMatchSpecifier {
+	if m != nil {
+		return m.QueryParameterMatchSpecifier
+	}
+	return nil
+}
+
+func (x *QueryParameterMatcher) GetStringMatch() *matcher.StringMatcher {
+	if x, ok := x.GetQueryParameterMatchSpecifier().(*QueryParameterMatcher_StringMatch); ok {
+		return x.StringMatch
+	}
+	return nil
+}
+
+func (x *QueryParameterMatcher) GetPresentMatch() bool {
+	if x, ok := x.GetQueryParameterMatchSpecifier().(*QueryParameterMatcher_PresentMatch); ok {
+		return x.PresentMatch
+	}
+	return false
+}
+
+type isQueryParameterMatcher_QueryParameterMatchSpecifier interface {
+	isQueryParameterMatcher_QueryParameterMatchSpecifier()
+}
+
+type QueryParameterMatcher_StringMatch struct {
+	// Specifies whether a query parameter value should match against a string.
+	StringMatch *matcher.StringMatcher `protobuf:"bytes,5,opt,name=string_match,json=stringMatch,proto3,oneof"`
+}
+
+type QueryParameterMatcher_PresentMatch struct {
+	// Specifies whether a query parameter should be present.
+	PresentMatch bool `protobuf:"varint,6,opt,name=present_match,json=presentMatch,proto3,oneof"`
+}
+
+func (*QueryParameterMatcher_StringMatch) isQueryParameterMatcher_QueryParameterMatchSpecifier() {}
+
+func (*QueryParameterMatcher_PresentMatch) isQueryParameterMatcher_QueryParameterMatchSpecifier() {}
+
+// [#next-free-field: 11]
+type WeightedCluster_ClusterWeight struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// Name of the upstream cluster. The cluster must exist in the
+	// :ref:`cluster manager configuration <config_cluster_manager>`.
+	Name string `protobuf:"bytes,1,opt,name=name,proto3" json:"name,omitempty"`
+	// An integer between 0 and :ref:`total_weight
+	// <envoy_api_field_route.WeightedCluster.total_weight>`. When a request matches the route,
+	// the choice of an upstream cluster is determined by its weight. The sum of weights across all
+	// entries in the clusters array must add up to the total_weight, which defaults to 100.
+	Weight *wrappers.UInt32Value `protobuf:"bytes,2,opt,name=weight,proto3" json:"weight,omitempty"`
+	// Optional endpoint metadata match criteria used by the subset load balancer. Only endpoints in
+	// the upstream cluster with metadata matching what is set in this field will be considered for
+	// load balancing. Note that this will be merged with what's provided in
+	// :ref:`RouteAction.metadata_match <envoy_api_field_route.RouteAction.metadata_match>`, with
+	// values here taking precedence. The filter name should be specified as *envoy.lb*.
+	MetadataMatch *core.Metadata `protobuf:"bytes,3,opt,name=metadata_match,json=metadataMatch,proto3" json:"metadata_match,omitempty"`
+	// Specifies a list of headers to be added to requests when this cluster is selected
+	// through the enclosing :ref:`envoy_api_msg_route.RouteAction`.
+	// Headers specified at this level are applied before headers from the enclosing
+	// :ref:`envoy_api_msg_route.Route`, :ref:`envoy_api_msg_route.VirtualHost`, and
+	// :ref:`envoy_api_msg_RouteConfiguration`. For more information, including details on
+	// header value syntax, see the documentation on :ref:`custom request headers
+	// <config_http_conn_man_headers_custom_request_headers>`.
+	RequestHeadersToAdd []*core.HeaderValueOption `protobuf:"bytes,4,rep,name=request_headers_to_add,json=requestHeadersToAdd,proto3" json:"request_headers_to_add,omitempty"`
+	// Specifies a list of HTTP headers that should be removed from each request when
+	// this cluster is selected through the enclosing :ref:`envoy_api_msg_route.RouteAction`.
+	RequestHeadersToRemove []string `protobuf:"bytes,9,rep,name=request_headers_to_remove,json=requestHeadersToRemove,proto3" json:"request_headers_to_remove,omitempty"`
+	// Specifies a list of headers to be added to responses when this cluster is selected
+	// through the enclosing :ref:`envoy_api_msg_route.RouteAction`.
+	// Headers specified at this level are applied before headers from the enclosing
+	// :ref:`envoy_api_msg_route.Route`, :ref:`envoy_api_msg_route.VirtualHost`, and
+	// :ref:`envoy_api_msg_RouteConfiguration`. For more information, including details on
+	// header value syntax, see the documentation on :ref:`custom request headers
+	// <config_http_conn_man_headers_custom_request_headers>`.
+	ResponseHeadersToAdd []*core.HeaderValueOption `protobuf:"bytes,5,rep,name=response_headers_to_add,json=responseHeadersToAdd,proto3" json:"response_headers_to_add,omitempty"`
+	// Specifies a list of headers to be removed from responses when this cluster is selected
+	// through the enclosing :ref:`envoy_api_msg_route.RouteAction`.
+	ResponseHeadersToRemove []string `protobuf:"bytes,6,rep,name=response_headers_to_remove,json=responseHeadersToRemove,proto3" json:"response_headers_to_remove,omitempty"`
+	// The per_filter_config field can be used to provide weighted cluster-specific
+	// configurations for filters. The key should match the filter name, such as
+	// *envoy.filters.http.buffer* for the HTTP buffer filter. Use of this field is filter
+	// specific; see the :ref:`HTTP filter documentation <config_http_filters>`
+	// for if and how it is utilized.
+	//
+	// Deprecated: Do not use.
+	PerFilterConfig map[string]*_struct.Struct `protobuf:"bytes,8,rep,name=per_filter_config,json=perFilterConfig,proto3" json:"per_filter_config,omitempty" protobuf_key:"bytes,1,opt,name=key,proto3" protobuf_val:"bytes,2,opt,name=value,proto3"`
+	// The per_filter_config field can be used to provide weighted cluster-specific
+	// configurations for filters. The key should match the filter name, such as
+	// *envoy.filters.http.buffer* for the HTTP buffer filter. Use of this field is filter
+	// specific; see the :ref:`HTTP filter documentation <config_http_filters>`
+	// for if and how it is utilized.
+	TypedPerFilterConfig map[string]*any.Any `protobuf:"bytes,10,rep,name=typed_per_filter_config,json=typedPerFilterConfig,proto3" json:"typed_per_filter_config,omitempty" protobuf_key:"bytes,1,opt,name=key,proto3" protobuf_val:"bytes,2,opt,name=value,proto3"`
+}
+
+func (x *WeightedCluster_ClusterWeight) Reset() {
+	*x = WeightedCluster_ClusterWeight{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_api_v2_route_route_components_proto_msgTypes[21]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *WeightedCluster_ClusterWeight) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*WeightedCluster_ClusterWeight) ProtoMessage() {}
+
+func (x *WeightedCluster_ClusterWeight) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_api_v2_route_route_components_proto_msgTypes[21]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use WeightedCluster_ClusterWeight.ProtoReflect.Descriptor instead.
+func (*WeightedCluster_ClusterWeight) Descriptor() ([]byte, []int) {
+	return file_envoy_api_v2_route_route_components_proto_rawDescGZIP(), []int{3, 0}
+}
+
+func (x *WeightedCluster_ClusterWeight) GetName() string {
+	if x != nil {
+		return x.Name
+	}
+	return ""
+}
+
+func (x *WeightedCluster_ClusterWeight) GetWeight() *wrappers.UInt32Value {
+	if x != nil {
+		return x.Weight
+	}
+	return nil
+}
+
+func (x *WeightedCluster_ClusterWeight) GetMetadataMatch() *core.Metadata {
+	if x != nil {
+		return x.MetadataMatch
+	}
+	return nil
+}
+
+func (x *WeightedCluster_ClusterWeight) GetRequestHeadersToAdd() []*core.HeaderValueOption {
+	if x != nil {
+		return x.RequestHeadersToAdd
+	}
+	return nil
+}
+
+func (x *WeightedCluster_ClusterWeight) GetRequestHeadersToRemove() []string {
+	if x != nil {
+		return x.RequestHeadersToRemove
+	}
+	return nil
+}
+
+func (x *WeightedCluster_ClusterWeight) GetResponseHeadersToAdd() []*core.HeaderValueOption {
+	if x != nil {
+		return x.ResponseHeadersToAdd
+	}
+	return nil
+}
+
+func (x *WeightedCluster_ClusterWeight) GetResponseHeadersToRemove() []string {
+	if x != nil {
+		return x.ResponseHeadersToRemove
+	}
+	return nil
+}
+
+// Deprecated: Do not use.
+func (x *WeightedCluster_ClusterWeight) GetPerFilterConfig() map[string]*_struct.Struct {
+	if x != nil {
+		return x.PerFilterConfig
+	}
+	return nil
+}
+
+func (x *WeightedCluster_ClusterWeight) GetTypedPerFilterConfig() map[string]*any.Any {
+	if x != nil {
+		return x.TypedPerFilterConfig
+	}
+	return nil
+}
+
+type RouteMatch_GrpcRouteMatchOptions struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+}
+
+func (x *RouteMatch_GrpcRouteMatchOptions) Reset() {
+	*x = RouteMatch_GrpcRouteMatchOptions{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_api_v2_route_route_components_proto_msgTypes[24]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *RouteMatch_GrpcRouteMatchOptions) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*RouteMatch_GrpcRouteMatchOptions) ProtoMessage() {}
+
+func (x *RouteMatch_GrpcRouteMatchOptions) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_api_v2_route_route_components_proto_msgTypes[24]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use RouteMatch_GrpcRouteMatchOptions.ProtoReflect.Descriptor instead.
+func (*RouteMatch_GrpcRouteMatchOptions) Descriptor() ([]byte, []int) {
+	return file_envoy_api_v2_route_route_components_proto_rawDescGZIP(), []int{4, 0}
+}
+
+type RouteMatch_TlsContextMatchOptions struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// If specified, the route will match against whether or not a certificate is presented.
+	// If not specified, certificate presentation status (true or false) will not be considered when route matching.
+	Presented *wrappers.BoolValue `protobuf:"bytes,1,opt,name=presented,proto3" json:"presented,omitempty"`
+	// If specified, the route will match against whether or not a certificate is validated.
+	// If not specified, certificate validation status (true or false) will not be considered when route matching.
+	Validated *wrappers.BoolValue `protobuf:"bytes,2,opt,name=validated,proto3" json:"validated,omitempty"`
+}
+
+func (x *RouteMatch_TlsContextMatchOptions) Reset() {
+	*x = RouteMatch_TlsContextMatchOptions{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_api_v2_route_route_components_proto_msgTypes[25]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *RouteMatch_TlsContextMatchOptions) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*RouteMatch_TlsContextMatchOptions) ProtoMessage() {}
+
+func (x *RouteMatch_TlsContextMatchOptions) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_api_v2_route_route_components_proto_msgTypes[25]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use RouteMatch_TlsContextMatchOptions.ProtoReflect.Descriptor instead.
+func (*RouteMatch_TlsContextMatchOptions) Descriptor() ([]byte, []int) {
+	return file_envoy_api_v2_route_route_components_proto_rawDescGZIP(), []int{4, 1}
+}
+
+func (x *RouteMatch_TlsContextMatchOptions) GetPresented() *wrappers.BoolValue {
+	if x != nil {
+		return x.Presented
+	}
+	return nil
+}
+
+func (x *RouteMatch_TlsContextMatchOptions) GetValidated() *wrappers.BoolValue {
+	if x != nil {
+		return x.Validated
+	}
+	return nil
+}
+
+// The router is capable of shadowing traffic from one cluster to another. The current
+// implementation is "fire and forget," meaning Envoy will not wait for the shadow cluster to
+// respond before returning the response from the primary cluster. All normal statistics are
+// collected for the shadow cluster making this feature useful for testing.
+//
+// During shadowing, the host/authority header is altered such that *-shadow* is appended. This is
+// useful for logging. For example, *cluster1* becomes *cluster1-shadow*.
+//
+// .. note::
+//
+//   Shadowing will not be triggered if the primary cluster does not exist.
+type RouteAction_RequestMirrorPolicy struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// Specifies the cluster that requests will be mirrored to. The cluster must
+	// exist in the cluster manager configuration.
+	Cluster string `protobuf:"bytes,1,opt,name=cluster,proto3" json:"cluster,omitempty"`
+	// If not specified, all requests to the target cluster will be mirrored. If
+	// specified, Envoy will lookup the runtime key to get the % of requests to
+	// mirror. Valid values are from 0 to 10000, allowing for increments of
+	// 0.01% of requests to be mirrored. If the runtime key is specified in the
+	// configuration but not present in runtime, 0 is the default and thus 0% of
+	// requests will be mirrored.
+	//
+	// .. attention::
+	//
+	//   **This field is deprecated**. Set the
+	//   :ref:`runtime_fraction
+	//   <envoy_api_field_route.RouteAction.RequestMirrorPolicy.runtime_fraction>`
+	//   field instead. Mirroring occurs if both this and
+	//   <envoy_api_field_route.RouteAction.RequestMirrorPolicy.runtime_fraction>`
+	//   are not set.
+	//
+	// Deprecated: Do not use.
+	RuntimeKey string `protobuf:"bytes,2,opt,name=runtime_key,json=runtimeKey,proto3" json:"runtime_key,omitempty"`
+	// If not specified, all requests to the target cluster will be mirrored.
+	//
+	// If specified, this field takes precedence over the `runtime_key` field and requests must also
+	// fall under the percentage of matches indicated by this field.
+	//
+	// For some fraction N/D, a random number in the range [0,D) is selected. If the
+	// number is <= the value of the numerator N, or if the key is not present, the default
+	// value, the request will be mirrored.
+	RuntimeFraction *core.RuntimeFractionalPercent `protobuf:"bytes,3,opt,name=runtime_fraction,json=runtimeFraction,proto3" json:"runtime_fraction,omitempty"`
+	// Determines if the trace span should be sampled. Defaults to true.
+	TraceSampled *wrappers.BoolValue `protobuf:"bytes,4,opt,name=trace_sampled,json=traceSampled,proto3" json:"trace_sampled,omitempty"`
+}
+
+func (x *RouteAction_RequestMirrorPolicy) Reset() {
+	*x = RouteAction_RequestMirrorPolicy{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_api_v2_route_route_components_proto_msgTypes[26]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *RouteAction_RequestMirrorPolicy) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*RouteAction_RequestMirrorPolicy) ProtoMessage() {}
+
+func (x *RouteAction_RequestMirrorPolicy) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_api_v2_route_route_components_proto_msgTypes[26]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use RouteAction_RequestMirrorPolicy.ProtoReflect.Descriptor instead.
+func (*RouteAction_RequestMirrorPolicy) Descriptor() ([]byte, []int) {
+	return file_envoy_api_v2_route_route_components_proto_rawDescGZIP(), []int{6, 0}
+}
+
+func (x *RouteAction_RequestMirrorPolicy) GetCluster() string {
+	if x != nil {
+		return x.Cluster
+	}
+	return ""
+}
+
+// Deprecated: Do not use.
+func (x *RouteAction_RequestMirrorPolicy) GetRuntimeKey() string {
+	if x != nil {
+		return x.RuntimeKey
+	}
+	return ""
+}
+
+func (x *RouteAction_RequestMirrorPolicy) GetRuntimeFraction() *core.RuntimeFractionalPercent {
+	if x != nil {
+		return x.RuntimeFraction
+	}
+	return nil
+}
+
+func (x *RouteAction_RequestMirrorPolicy) GetTraceSampled() *wrappers.BoolValue {
+	if x != nil {
+		return x.TraceSampled
+	}
+	return nil
+}
+
+// Specifies the route's hashing policy if the upstream cluster uses a hashing :ref:`load balancer
+// <arch_overview_load_balancing_types>`.
+// [#next-free-field: 7]
+type RouteAction_HashPolicy struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// Types that are assignable to PolicySpecifier:
+	//	*RouteAction_HashPolicy_Header_
+	//	*RouteAction_HashPolicy_Cookie_
+	//	*RouteAction_HashPolicy_ConnectionProperties_
+	//	*RouteAction_HashPolicy_QueryParameter_
+	//	*RouteAction_HashPolicy_FilterState_
+	PolicySpecifier isRouteAction_HashPolicy_PolicySpecifier `protobuf_oneof:"policy_specifier"`
+	// The flag that short-circuits the hash computing. This field provides a
+	// 'fallback' style of configuration: "if a terminal policy doesn't work,
+	// fallback to rest of the policy list", it saves time when the terminal
+	// policy works.
+	//
+	// If true, and there is already a hash computed, ignore rest of the
+	// list of hash polices.
+	// For example, if the following hash methods are configured:
+	//
+	//  ========= ========
+	//  specifier terminal
+	//  ========= ========
+	//  Header A  true
+	//  Header B  false
+	//  Header C  false
+	//  ========= ========
+	//
+	// The generateHash process ends if policy "header A" generates a hash, as
+	// it's a terminal policy.
+	Terminal bool `protobuf:"varint,4,opt,name=terminal,proto3" json:"terminal,omitempty"`
+}
+
+func (x *RouteAction_HashPolicy) Reset() {
+	*x = RouteAction_HashPolicy{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_api_v2_route_route_components_proto_msgTypes[27]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *RouteAction_HashPolicy) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*RouteAction_HashPolicy) ProtoMessage() {}
+
+func (x *RouteAction_HashPolicy) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_api_v2_route_route_components_proto_msgTypes[27]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use RouteAction_HashPolicy.ProtoReflect.Descriptor instead.
+func (*RouteAction_HashPolicy) Descriptor() ([]byte, []int) {
+	return file_envoy_api_v2_route_route_components_proto_rawDescGZIP(), []int{6, 1}
+}
+
+func (m *RouteAction_HashPolicy) GetPolicySpecifier() isRouteAction_HashPolicy_PolicySpecifier {
+	if m != nil {
+		return m.PolicySpecifier
+	}
+	return nil
+}
+
+func (x *RouteAction_HashPolicy) GetHeader() *RouteAction_HashPolicy_Header {
+	if x, ok := x.GetPolicySpecifier().(*RouteAction_HashPolicy_Header_); ok {
+		return x.Header
+	}
+	return nil
+}
+
+func (x *RouteAction_HashPolicy) GetCookie() *RouteAction_HashPolicy_Cookie {
+	if x, ok := x.GetPolicySpecifier().(*RouteAction_HashPolicy_Cookie_); ok {
+		return x.Cookie
+	}
+	return nil
+}
+
+func (x *RouteAction_HashPolicy) GetConnectionProperties() *RouteAction_HashPolicy_ConnectionProperties {
+	if x, ok := x.GetPolicySpecifier().(*RouteAction_HashPolicy_ConnectionProperties_); ok {
+		return x.ConnectionProperties
+	}
+	return nil
+}
+
+func (x *RouteAction_HashPolicy) GetQueryParameter() *RouteAction_HashPolicy_QueryParameter {
+	if x, ok := x.GetPolicySpecifier().(*RouteAction_HashPolicy_QueryParameter_); ok {
+		return x.QueryParameter
+	}
+	return nil
+}
+
+func (x *RouteAction_HashPolicy) GetFilterState() *RouteAction_HashPolicy_FilterState {
+	if x, ok := x.GetPolicySpecifier().(*RouteAction_HashPolicy_FilterState_); ok {
+		return x.FilterState
+	}
+	return nil
+}
+
+func (x *RouteAction_HashPolicy) GetTerminal() bool {
+	if x != nil {
+		return x.Terminal
+	}
+	return false
+}
+
+type isRouteAction_HashPolicy_PolicySpecifier interface {
+	isRouteAction_HashPolicy_PolicySpecifier()
+}
+
+type RouteAction_HashPolicy_Header_ struct {
+	// Header hash policy.
+	Header *RouteAction_HashPolicy_Header `protobuf:"bytes,1,opt,name=header,proto3,oneof"`
+}
+
+type RouteAction_HashPolicy_Cookie_ struct {
+	// Cookie hash policy.
+	Cookie *RouteAction_HashPolicy_Cookie `protobuf:"bytes,2,opt,name=cookie,proto3,oneof"`
+}
+
+type RouteAction_HashPolicy_ConnectionProperties_ struct {
+	// Connection properties hash policy.
+	ConnectionProperties *RouteAction_HashPolicy_ConnectionProperties `protobuf:"bytes,3,opt,name=connection_properties,json=connectionProperties,proto3,oneof"`
+}
+
+type RouteAction_HashPolicy_QueryParameter_ struct {
+	// Query parameter hash policy.
+	QueryParameter *RouteAction_HashPolicy_QueryParameter `protobuf:"bytes,5,opt,name=query_parameter,json=queryParameter,proto3,oneof"`
+}
+
+type RouteAction_HashPolicy_FilterState_ struct {
+	// Filter state hash policy.
+	FilterState *RouteAction_HashPolicy_FilterState `protobuf:"bytes,6,opt,name=filter_state,json=filterState,proto3,oneof"`
+}
+
+func (*RouteAction_HashPolicy_Header_) isRouteAction_HashPolicy_PolicySpecifier() {}
+
+func (*RouteAction_HashPolicy_Cookie_) isRouteAction_HashPolicy_PolicySpecifier() {}
+
+func (*RouteAction_HashPolicy_ConnectionProperties_) isRouteAction_HashPolicy_PolicySpecifier() {}
+
+func (*RouteAction_HashPolicy_QueryParameter_) isRouteAction_HashPolicy_PolicySpecifier() {}
+
+func (*RouteAction_HashPolicy_FilterState_) isRouteAction_HashPolicy_PolicySpecifier() {}
+
+// Allows enabling and disabling upgrades on a per-route basis.
+// This overrides any enabled/disabled upgrade filter chain specified in the
+// HttpConnectionManager
+// :ref:`upgrade_configs
+// <envoy_api_field_config.filter.network.http_connection_manager.v2.HttpConnectionManager.upgrade_configs>`
+// but does not affect any custom filter chain specified there.
+type RouteAction_UpgradeConfig struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// The case-insensitive name of this upgrade, e.g. "websocket".
+	// For each upgrade type present in upgrade_configs, requests with
+	// Upgrade: [upgrade_type] will be proxied upstream.
+	UpgradeType string `protobuf:"bytes,1,opt,name=upgrade_type,json=upgradeType,proto3" json:"upgrade_type,omitempty"`
+	// Determines if upgrades are available on this route. Defaults to true.
+	Enabled *wrappers.BoolValue `protobuf:"bytes,2,opt,name=enabled,proto3" json:"enabled,omitempty"`
+}
+
+func (x *RouteAction_UpgradeConfig) Reset() {
+	*x = RouteAction_UpgradeConfig{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_api_v2_route_route_components_proto_msgTypes[28]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *RouteAction_UpgradeConfig) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*RouteAction_UpgradeConfig) ProtoMessage() {}
+
+func (x *RouteAction_UpgradeConfig) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_api_v2_route_route_components_proto_msgTypes[28]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use RouteAction_UpgradeConfig.ProtoReflect.Descriptor instead.
+func (*RouteAction_UpgradeConfig) Descriptor() ([]byte, []int) {
+	return file_envoy_api_v2_route_route_components_proto_rawDescGZIP(), []int{6, 2}
+}
+
+func (x *RouteAction_UpgradeConfig) GetUpgradeType() string {
+	if x != nil {
+		return x.UpgradeType
+	}
+	return ""
+}
+
+func (x *RouteAction_UpgradeConfig) GetEnabled() *wrappers.BoolValue {
+	if x != nil {
+		return x.Enabled
+	}
+	return nil
+}
+
+type RouteAction_HashPolicy_Header struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// The name of the request header that will be used to obtain the hash
+	// key. If the request header is not present, no hash will be produced.
+	HeaderName string `protobuf:"bytes,1,opt,name=header_name,json=headerName,proto3" json:"header_name,omitempty"`
+}
+
+func (x *RouteAction_HashPolicy_Header) Reset() {
+	*x = RouteAction_HashPolicy_Header{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_api_v2_route_route_components_proto_msgTypes[29]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *RouteAction_HashPolicy_Header) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*RouteAction_HashPolicy_Header) ProtoMessage() {}
+
+func (x *RouteAction_HashPolicy_Header) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_api_v2_route_route_components_proto_msgTypes[29]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use RouteAction_HashPolicy_Header.ProtoReflect.Descriptor instead.
+func (*RouteAction_HashPolicy_Header) Descriptor() ([]byte, []int) {
+	return file_envoy_api_v2_route_route_components_proto_rawDescGZIP(), []int{6, 1, 0}
+}
+
+func (x *RouteAction_HashPolicy_Header) GetHeaderName() string {
+	if x != nil {
+		return x.HeaderName
+	}
+	return ""
+}
+
+// Envoy supports two types of cookie affinity:
+//
+// 1. Passive. Envoy takes a cookie that's present in the cookies header and
+//    hashes on its value.
+//
+// 2. Generated. Envoy generates and sets a cookie with an expiration (TTL)
+//    on the first request from the client in its response to the client,
+//    based on the endpoint the request gets sent to. The client then
+//    presents this on the next and all subsequent requests. The hash of
+//    this is sufficient to ensure these requests get sent to the same
+//    endpoint. The cookie is generated by hashing the source and
+//    destination ports and addresses so that multiple independent HTTP2
+//    streams on the same connection will independently receive the same
+//    cookie, even if they arrive at the Envoy simultaneously.
+type RouteAction_HashPolicy_Cookie struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// The name of the cookie that will be used to obtain the hash key. If the
+	// cookie is not present and ttl below is not set, no hash will be
+	// produced.
+	Name string `protobuf:"bytes,1,opt,name=name,proto3" json:"name,omitempty"`
+	// If specified, a cookie with the TTL will be generated if the cookie is
+	// not present. If the TTL is present and zero, the generated cookie will
+	// be a session cookie.
+	Ttl *duration.Duration `protobuf:"bytes,2,opt,name=ttl,proto3" json:"ttl,omitempty"`
+	// The name of the path for the cookie. If no path is specified here, no path
+	// will be set for the cookie.
+	Path string `protobuf:"bytes,3,opt,name=path,proto3" json:"path,omitempty"`
+}
+
+func (x *RouteAction_HashPolicy_Cookie) Reset() {
+	*x = RouteAction_HashPolicy_Cookie{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_api_v2_route_route_components_proto_msgTypes[30]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *RouteAction_HashPolicy_Cookie) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*RouteAction_HashPolicy_Cookie) ProtoMessage() {}
+
+func (x *RouteAction_HashPolicy_Cookie) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_api_v2_route_route_components_proto_msgTypes[30]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use RouteAction_HashPolicy_Cookie.ProtoReflect.Descriptor instead.
+func (*RouteAction_HashPolicy_Cookie) Descriptor() ([]byte, []int) {
+	return file_envoy_api_v2_route_route_components_proto_rawDescGZIP(), []int{6, 1, 1}
+}
+
+func (x *RouteAction_HashPolicy_Cookie) GetName() string {
+	if x != nil {
+		return x.Name
+	}
+	return ""
+}
+
+func (x *RouteAction_HashPolicy_Cookie) GetTtl() *duration.Duration {
+	if x != nil {
+		return x.Ttl
+	}
+	return nil
+}
+
+func (x *RouteAction_HashPolicy_Cookie) GetPath() string {
+	if x != nil {
+		return x.Path
+	}
+	return ""
+}
+
+type RouteAction_HashPolicy_ConnectionProperties struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// Hash on source IP address.
+	SourceIp bool `protobuf:"varint,1,opt,name=source_ip,json=sourceIp,proto3" json:"source_ip,omitempty"`
+}
+
+func (x *RouteAction_HashPolicy_ConnectionProperties) Reset() {
+	*x = RouteAction_HashPolicy_ConnectionProperties{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_api_v2_route_route_components_proto_msgTypes[31]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *RouteAction_HashPolicy_ConnectionProperties) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*RouteAction_HashPolicy_ConnectionProperties) ProtoMessage() {}
+
+func (x *RouteAction_HashPolicy_ConnectionProperties) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_api_v2_route_route_components_proto_msgTypes[31]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use RouteAction_HashPolicy_ConnectionProperties.ProtoReflect.Descriptor instead.
+func (*RouteAction_HashPolicy_ConnectionProperties) Descriptor() ([]byte, []int) {
+	return file_envoy_api_v2_route_route_components_proto_rawDescGZIP(), []int{6, 1, 2}
+}
+
+func (x *RouteAction_HashPolicy_ConnectionProperties) GetSourceIp() bool {
+	if x != nil {
+		return x.SourceIp
+	}
+	return false
+}
+
+type RouteAction_HashPolicy_QueryParameter struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// The name of the URL query parameter that will be used to obtain the hash
+	// key. If the parameter is not present, no hash will be produced. Query
+	// parameter names are case-sensitive.
+	Name string `protobuf:"bytes,1,opt,name=name,proto3" json:"name,omitempty"`
+}
+
+func (x *RouteAction_HashPolicy_QueryParameter) Reset() {
+	*x = RouteAction_HashPolicy_QueryParameter{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_api_v2_route_route_components_proto_msgTypes[32]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *RouteAction_HashPolicy_QueryParameter) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*RouteAction_HashPolicy_QueryParameter) ProtoMessage() {}
+
+func (x *RouteAction_HashPolicy_QueryParameter) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_api_v2_route_route_components_proto_msgTypes[32]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use RouteAction_HashPolicy_QueryParameter.ProtoReflect.Descriptor instead.
+func (*RouteAction_HashPolicy_QueryParameter) Descriptor() ([]byte, []int) {
+	return file_envoy_api_v2_route_route_components_proto_rawDescGZIP(), []int{6, 1, 3}
+}
+
+func (x *RouteAction_HashPolicy_QueryParameter) GetName() string {
+	if x != nil {
+		return x.Name
+	}
+	return ""
+}
+
+type RouteAction_HashPolicy_FilterState struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// The name of the Object in the per-request filterState, which is an
+	// Envoy::Hashable object. If there is no data associated with the key,
+	// or the stored object is not Envoy::Hashable, no hash will be produced.
+	Key string `protobuf:"bytes,1,opt,name=key,proto3" json:"key,omitempty"`
+}
+
+func (x *RouteAction_HashPolicy_FilterState) Reset() {
+	*x = RouteAction_HashPolicy_FilterState{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_api_v2_route_route_components_proto_msgTypes[33]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *RouteAction_HashPolicy_FilterState) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*RouteAction_HashPolicy_FilterState) ProtoMessage() {}
+
+func (x *RouteAction_HashPolicy_FilterState) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_api_v2_route_route_components_proto_msgTypes[33]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use RouteAction_HashPolicy_FilterState.ProtoReflect.Descriptor instead.
+func (*RouteAction_HashPolicy_FilterState) Descriptor() ([]byte, []int) {
+	return file_envoy_api_v2_route_route_components_proto_rawDescGZIP(), []int{6, 1, 4}
+}
+
+func (x *RouteAction_HashPolicy_FilterState) GetKey() string {
+	if x != nil {
+		return x.Key
+	}
+	return ""
+}
+
+type RetryPolicy_RetryPriority struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	Name string `protobuf:"bytes,1,opt,name=name,proto3" json:"name,omitempty"`
+	// Types that are assignable to ConfigType:
+	//	*RetryPolicy_RetryPriority_Config
+	//	*RetryPolicy_RetryPriority_TypedConfig
+	ConfigType isRetryPolicy_RetryPriority_ConfigType `protobuf_oneof:"config_type"`
+}
+
+func (x *RetryPolicy_RetryPriority) Reset() {
+	*x = RetryPolicy_RetryPriority{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_api_v2_route_route_components_proto_msgTypes[34]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *RetryPolicy_RetryPriority) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*RetryPolicy_RetryPriority) ProtoMessage() {}
+
+func (x *RetryPolicy_RetryPriority) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_api_v2_route_route_components_proto_msgTypes[34]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use RetryPolicy_RetryPriority.ProtoReflect.Descriptor instead.
+func (*RetryPolicy_RetryPriority) Descriptor() ([]byte, []int) {
+	return file_envoy_api_v2_route_route_components_proto_rawDescGZIP(), []int{7, 0}
+}
+
+func (x *RetryPolicy_RetryPriority) GetName() string {
+	if x != nil {
+		return x.Name
+	}
+	return ""
+}
+
+func (m *RetryPolicy_RetryPriority) GetConfigType() isRetryPolicy_RetryPriority_ConfigType {
+	if m != nil {
+		return m.ConfigType
+	}
+	return nil
+}
+
+// Deprecated: Do not use.
+func (x *RetryPolicy_RetryPriority) GetConfig() *_struct.Struct {
+	if x, ok := x.GetConfigType().(*RetryPolicy_RetryPriority_Config); ok {
+		return x.Config
+	}
+	return nil
+}
+
+func (x *RetryPolicy_RetryPriority) GetTypedConfig() *any.Any {
+	if x, ok := x.GetConfigType().(*RetryPolicy_RetryPriority_TypedConfig); ok {
+		return x.TypedConfig
+	}
+	return nil
+}
+
+type isRetryPolicy_RetryPriority_ConfigType interface {
+	isRetryPolicy_RetryPriority_ConfigType()
+}
+
+type RetryPolicy_RetryPriority_Config struct {
+	// Deprecated: Do not use.
+	Config *_struct.Struct `protobuf:"bytes,2,opt,name=config,proto3,oneof"`
+}
+
+type RetryPolicy_RetryPriority_TypedConfig struct {
+	TypedConfig *any.Any `protobuf:"bytes,3,opt,name=typed_config,json=typedConfig,proto3,oneof"`
+}
+
+func (*RetryPolicy_RetryPriority_Config) isRetryPolicy_RetryPriority_ConfigType() {}
+
+func (*RetryPolicy_RetryPriority_TypedConfig) isRetryPolicy_RetryPriority_ConfigType() {}
+
+type RetryPolicy_RetryHostPredicate struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	Name string `protobuf:"bytes,1,opt,name=name,proto3" json:"name,omitempty"`
+	// Types that are assignable to ConfigType:
+	//	*RetryPolicy_RetryHostPredicate_Config
+	//	*RetryPolicy_RetryHostPredicate_TypedConfig
+	ConfigType isRetryPolicy_RetryHostPredicate_ConfigType `protobuf_oneof:"config_type"`
+}
+
+func (x *RetryPolicy_RetryHostPredicate) Reset() {
+	*x = RetryPolicy_RetryHostPredicate{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_api_v2_route_route_components_proto_msgTypes[35]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *RetryPolicy_RetryHostPredicate) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*RetryPolicy_RetryHostPredicate) ProtoMessage() {}
+
+func (x *RetryPolicy_RetryHostPredicate) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_api_v2_route_route_components_proto_msgTypes[35]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use RetryPolicy_RetryHostPredicate.ProtoReflect.Descriptor instead.
+func (*RetryPolicy_RetryHostPredicate) Descriptor() ([]byte, []int) {
+	return file_envoy_api_v2_route_route_components_proto_rawDescGZIP(), []int{7, 1}
+}
+
+func (x *RetryPolicy_RetryHostPredicate) GetName() string {
+	if x != nil {
+		return x.Name
+	}
+	return ""
+}
+
+func (m *RetryPolicy_RetryHostPredicate) GetConfigType() isRetryPolicy_RetryHostPredicate_ConfigType {
+	if m != nil {
+		return m.ConfigType
+	}
+	return nil
+}
+
+// Deprecated: Do not use.
+func (x *RetryPolicy_RetryHostPredicate) GetConfig() *_struct.Struct {
+	if x, ok := x.GetConfigType().(*RetryPolicy_RetryHostPredicate_Config); ok {
+		return x.Config
+	}
+	return nil
+}
+
+func (x *RetryPolicy_RetryHostPredicate) GetTypedConfig() *any.Any {
+	if x, ok := x.GetConfigType().(*RetryPolicy_RetryHostPredicate_TypedConfig); ok {
+		return x.TypedConfig
+	}
+	return nil
+}
+
+type isRetryPolicy_RetryHostPredicate_ConfigType interface {
+	isRetryPolicy_RetryHostPredicate_ConfigType()
+}
+
+type RetryPolicy_RetryHostPredicate_Config struct {
+	// Deprecated: Do not use.
+	Config *_struct.Struct `protobuf:"bytes,2,opt,name=config,proto3,oneof"`
+}
+
+type RetryPolicy_RetryHostPredicate_TypedConfig struct {
+	TypedConfig *any.Any `protobuf:"bytes,3,opt,name=typed_config,json=typedConfig,proto3,oneof"`
+}
+
+func (*RetryPolicy_RetryHostPredicate_Config) isRetryPolicy_RetryHostPredicate_ConfigType() {}
+
+func (*RetryPolicy_RetryHostPredicate_TypedConfig) isRetryPolicy_RetryHostPredicate_ConfigType() {}
+
+type RetryPolicy_RetryBackOff struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// Specifies the base interval between retries. This parameter is required and must be greater
+	// than zero. Values less than 1 ms are rounded up to 1 ms.
+	// See :ref:`config_http_filters_router_x-envoy-max-retries` for a discussion of Envoy's
+	// back-off algorithm.
+	BaseInterval *duration.Duration `protobuf:"bytes,1,opt,name=base_interval,json=baseInterval,proto3" json:"base_interval,omitempty"`
+	// Specifies the maximum interval between retries. This parameter is optional, but must be
+	// greater than or equal to the `base_interval` if set. The default is 10 times the
+	// `base_interval`. See :ref:`config_http_filters_router_x-envoy-max-retries` for a discussion
+	// of Envoy's back-off algorithm.
+	MaxInterval *duration.Duration `protobuf:"bytes,2,opt,name=max_interval,json=maxInterval,proto3" json:"max_interval,omitempty"`
+}
+
+func (x *RetryPolicy_RetryBackOff) Reset() {
+	*x = RetryPolicy_RetryBackOff{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_api_v2_route_route_components_proto_msgTypes[36]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *RetryPolicy_RetryBackOff) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*RetryPolicy_RetryBackOff) ProtoMessage() {}
+
+func (x *RetryPolicy_RetryBackOff) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_api_v2_route_route_components_proto_msgTypes[36]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use RetryPolicy_RetryBackOff.ProtoReflect.Descriptor instead.
+func (*RetryPolicy_RetryBackOff) Descriptor() ([]byte, []int) {
+	return file_envoy_api_v2_route_route_components_proto_rawDescGZIP(), []int{7, 2}
+}
+
+func (x *RetryPolicy_RetryBackOff) GetBaseInterval() *duration.Duration {
+	if x != nil {
+		return x.BaseInterval
+	}
+	return nil
+}
+
+func (x *RetryPolicy_RetryBackOff) GetMaxInterval() *duration.Duration {
+	if x != nil {
+		return x.MaxInterval
+	}
+	return nil
+}
+
+// [#next-free-field: 7]
+type RateLimit_Action struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// Types that are assignable to ActionSpecifier:
+	//	*RateLimit_Action_SourceCluster_
+	//	*RateLimit_Action_DestinationCluster_
+	//	*RateLimit_Action_RequestHeaders_
+	//	*RateLimit_Action_RemoteAddress_
+	//	*RateLimit_Action_GenericKey_
+	//	*RateLimit_Action_HeaderValueMatch_
+	ActionSpecifier isRateLimit_Action_ActionSpecifier `protobuf_oneof:"action_specifier"`
+}
+
+func (x *RateLimit_Action) Reset() {
+	*x = RateLimit_Action{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_api_v2_route_route_components_proto_msgTypes[37]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *RateLimit_Action) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*RateLimit_Action) ProtoMessage() {}
+
+func (x *RateLimit_Action) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_api_v2_route_route_components_proto_msgTypes[37]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use RateLimit_Action.ProtoReflect.Descriptor instead.
+func (*RateLimit_Action) Descriptor() ([]byte, []int) {
+	return file_envoy_api_v2_route_route_components_proto_rawDescGZIP(), []int{14, 0}
+}
+
+func (m *RateLimit_Action) GetActionSpecifier() isRateLimit_Action_ActionSpecifier {
+	if m != nil {
+		return m.ActionSpecifier
+	}
+	return nil
+}
+
+func (x *RateLimit_Action) GetSourceCluster() *RateLimit_Action_SourceCluster {
+	if x, ok := x.GetActionSpecifier().(*RateLimit_Action_SourceCluster_); ok {
+		return x.SourceCluster
+	}
+	return nil
+}
+
+func (x *RateLimit_Action) GetDestinationCluster() *RateLimit_Action_DestinationCluster {
+	if x, ok := x.GetActionSpecifier().(*RateLimit_Action_DestinationCluster_); ok {
+		return x.DestinationCluster
+	}
+	return nil
+}
+
+func (x *RateLimit_Action) GetRequestHeaders() *RateLimit_Action_RequestHeaders {
+	if x, ok := x.GetActionSpecifier().(*RateLimit_Action_RequestHeaders_); ok {
+		return x.RequestHeaders
+	}
+	return nil
+}
+
+func (x *RateLimit_Action) GetRemoteAddress() *RateLimit_Action_RemoteAddress {
+	if x, ok := x.GetActionSpecifier().(*RateLimit_Action_RemoteAddress_); ok {
+		return x.RemoteAddress
+	}
+	return nil
+}
+
+func (x *RateLimit_Action) GetGenericKey() *RateLimit_Action_GenericKey {
+	if x, ok := x.GetActionSpecifier().(*RateLimit_Action_GenericKey_); ok {
+		return x.GenericKey
+	}
+	return nil
+}
+
+func (x *RateLimit_Action) GetHeaderValueMatch() *RateLimit_Action_HeaderValueMatch {
+	if x, ok := x.GetActionSpecifier().(*RateLimit_Action_HeaderValueMatch_); ok {
+		return x.HeaderValueMatch
+	}
+	return nil
+}
+
+type isRateLimit_Action_ActionSpecifier interface {
+	isRateLimit_Action_ActionSpecifier()
+}
+
+type RateLimit_Action_SourceCluster_ struct {
+	// Rate limit on source cluster.
+	SourceCluster *RateLimit_Action_SourceCluster `protobuf:"bytes,1,opt,name=source_cluster,json=sourceCluster,proto3,oneof"`
+}
+
+type RateLimit_Action_DestinationCluster_ struct {
+	// Rate limit on destination cluster.
+	DestinationCluster *RateLimit_Action_DestinationCluster `protobuf:"bytes,2,opt,name=destination_cluster,json=destinationCluster,proto3,oneof"`
+}
+
+type RateLimit_Action_RequestHeaders_ struct {
+	// Rate limit on request headers.
+	RequestHeaders *RateLimit_Action_RequestHeaders `protobuf:"bytes,3,opt,name=request_headers,json=requestHeaders,proto3,oneof"`
+}
+
+type RateLimit_Action_RemoteAddress_ struct {
+	// Rate limit on remote address.
+	RemoteAddress *RateLimit_Action_RemoteAddress `protobuf:"bytes,4,opt,name=remote_address,json=remoteAddress,proto3,oneof"`
+}
+
+type RateLimit_Action_GenericKey_ struct {
+	// Rate limit on a generic key.
+	GenericKey *RateLimit_Action_GenericKey `protobuf:"bytes,5,opt,name=generic_key,json=genericKey,proto3,oneof"`
+}
+
+type RateLimit_Action_HeaderValueMatch_ struct {
+	// Rate limit on the existence of request headers.
+	HeaderValueMatch *RateLimit_Action_HeaderValueMatch `protobuf:"bytes,6,opt,name=header_value_match,json=headerValueMatch,proto3,oneof"`
+}
+
+func (*RateLimit_Action_SourceCluster_) isRateLimit_Action_ActionSpecifier() {}
+
+func (*RateLimit_Action_DestinationCluster_) isRateLimit_Action_ActionSpecifier() {}
+
+func (*RateLimit_Action_RequestHeaders_) isRateLimit_Action_ActionSpecifier() {}
+
+func (*RateLimit_Action_RemoteAddress_) isRateLimit_Action_ActionSpecifier() {}
+
+func (*RateLimit_Action_GenericKey_) isRateLimit_Action_ActionSpecifier() {}
+
+func (*RateLimit_Action_HeaderValueMatch_) isRateLimit_Action_ActionSpecifier() {}
+
+// The following descriptor entry is appended to the descriptor:
+//
+// .. code-block:: cpp
+//
+//   ("source_cluster", "<local service cluster>")
+//
+// <local service cluster> is derived from the :option:`--service-cluster` option.
+type RateLimit_Action_SourceCluster struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+}
+
+func (x *RateLimit_Action_SourceCluster) Reset() {
+	*x = RateLimit_Action_SourceCluster{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_api_v2_route_route_components_proto_msgTypes[38]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *RateLimit_Action_SourceCluster) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*RateLimit_Action_SourceCluster) ProtoMessage() {}
+
+func (x *RateLimit_Action_SourceCluster) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_api_v2_route_route_components_proto_msgTypes[38]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use RateLimit_Action_SourceCluster.ProtoReflect.Descriptor instead.
+func (*RateLimit_Action_SourceCluster) Descriptor() ([]byte, []int) {
+	return file_envoy_api_v2_route_route_components_proto_rawDescGZIP(), []int{14, 0, 0}
+}
+
+// The following descriptor entry is appended to the descriptor:
+//
+// .. code-block:: cpp
+//
+//   ("destination_cluster", "<routed target cluster>")
+//
+// Once a request matches against a route table rule, a routed cluster is determined by one of
+// the following :ref:`route table configuration <envoy_api_msg_RouteConfiguration>`
+// settings:
+//
+// * :ref:`cluster <envoy_api_field_route.RouteAction.cluster>` indicates the upstream cluster
+//   to route to.
+// * :ref:`weighted_clusters <envoy_api_field_route.RouteAction.weighted_clusters>`
+//   chooses a cluster randomly from a set of clusters with attributed weight.
+// * :ref:`cluster_header <envoy_api_field_route.RouteAction.cluster_header>` indicates which
+//   header in the request contains the target cluster.
+type RateLimit_Action_DestinationCluster struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+}
+
+func (x *RateLimit_Action_DestinationCluster) Reset() {
+	*x = RateLimit_Action_DestinationCluster{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_api_v2_route_route_components_proto_msgTypes[39]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *RateLimit_Action_DestinationCluster) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*RateLimit_Action_DestinationCluster) ProtoMessage() {}
+
+func (x *RateLimit_Action_DestinationCluster) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_api_v2_route_route_components_proto_msgTypes[39]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use RateLimit_Action_DestinationCluster.ProtoReflect.Descriptor instead.
+func (*RateLimit_Action_DestinationCluster) Descriptor() ([]byte, []int) {
+	return file_envoy_api_v2_route_route_components_proto_rawDescGZIP(), []int{14, 0, 1}
+}
+
+// The following descriptor entry is appended when a header contains a key that matches the
+// *header_name*:
+//
+// .. code-block:: cpp
+//
+//   ("<descriptor_key>", "<header_value_queried_from_header>")
+type RateLimit_Action_RequestHeaders struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// The header name to be queried from the request headers. The header’s
+	// value is used to populate the value of the descriptor entry for the
+	// descriptor_key.
+	HeaderName string `protobuf:"bytes,1,opt,name=header_name,json=headerName,proto3" json:"header_name,omitempty"`
+	// The key to use in the descriptor entry.
+	DescriptorKey string `protobuf:"bytes,2,opt,name=descriptor_key,json=descriptorKey,proto3" json:"descriptor_key,omitempty"`
+}
+
+func (x *RateLimit_Action_RequestHeaders) Reset() {
+	*x = RateLimit_Action_RequestHeaders{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_api_v2_route_route_components_proto_msgTypes[40]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *RateLimit_Action_RequestHeaders) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*RateLimit_Action_RequestHeaders) ProtoMessage() {}
+
+func (x *RateLimit_Action_RequestHeaders) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_api_v2_route_route_components_proto_msgTypes[40]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use RateLimit_Action_RequestHeaders.ProtoReflect.Descriptor instead.
+func (*RateLimit_Action_RequestHeaders) Descriptor() ([]byte, []int) {
+	return file_envoy_api_v2_route_route_components_proto_rawDescGZIP(), []int{14, 0, 2}
+}
+
+func (x *RateLimit_Action_RequestHeaders) GetHeaderName() string {
+	if x != nil {
+		return x.HeaderName
+	}
+	return ""
+}
+
+func (x *RateLimit_Action_RequestHeaders) GetDescriptorKey() string {
+	if x != nil {
+		return x.DescriptorKey
+	}
+	return ""
+}
+
+// The following descriptor entry is appended to the descriptor and is populated using the
+// trusted address from :ref:`x-forwarded-for <config_http_conn_man_headers_x-forwarded-for>`:
+//
+// .. code-block:: cpp
+//
+//   ("remote_address", "<trusted address from x-forwarded-for>")
+type RateLimit_Action_RemoteAddress struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+}
+
+func (x *RateLimit_Action_RemoteAddress) Reset() {
+	*x = RateLimit_Action_RemoteAddress{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_api_v2_route_route_components_proto_msgTypes[41]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *RateLimit_Action_RemoteAddress) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*RateLimit_Action_RemoteAddress) ProtoMessage() {}
+
+func (x *RateLimit_Action_RemoteAddress) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_api_v2_route_route_components_proto_msgTypes[41]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use RateLimit_Action_RemoteAddress.ProtoReflect.Descriptor instead.
+func (*RateLimit_Action_RemoteAddress) Descriptor() ([]byte, []int) {
+	return file_envoy_api_v2_route_route_components_proto_rawDescGZIP(), []int{14, 0, 3}
+}
+
+// The following descriptor entry is appended to the descriptor:
+//
+// .. code-block:: cpp
+//
+//   ("generic_key", "<descriptor_value>")
+type RateLimit_Action_GenericKey struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// The value to use in the descriptor entry.
+	DescriptorValue string `protobuf:"bytes,1,opt,name=descriptor_value,json=descriptorValue,proto3" json:"descriptor_value,omitempty"`
+}
+
+func (x *RateLimit_Action_GenericKey) Reset() {
+	*x = RateLimit_Action_GenericKey{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_api_v2_route_route_components_proto_msgTypes[42]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *RateLimit_Action_GenericKey) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*RateLimit_Action_GenericKey) ProtoMessage() {}
+
+func (x *RateLimit_Action_GenericKey) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_api_v2_route_route_components_proto_msgTypes[42]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use RateLimit_Action_GenericKey.ProtoReflect.Descriptor instead.
+func (*RateLimit_Action_GenericKey) Descriptor() ([]byte, []int) {
+	return file_envoy_api_v2_route_route_components_proto_rawDescGZIP(), []int{14, 0, 4}
+}
+
+func (x *RateLimit_Action_GenericKey) GetDescriptorValue() string {
+	if x != nil {
+		return x.DescriptorValue
+	}
+	return ""
+}
+
+// The following descriptor entry is appended to the descriptor:
+//
+// .. code-block:: cpp
+//
+//   ("header_match", "<descriptor_value>")
+type RateLimit_Action_HeaderValueMatch struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// The value to use in the descriptor entry.
+	DescriptorValue string `protobuf:"bytes,1,opt,name=descriptor_value,json=descriptorValue,proto3" json:"descriptor_value,omitempty"`
+	// If set to true, the action will append a descriptor entry when the
+	// request matches the headers. If set to false, the action will append a
+	// descriptor entry when the request does not match the headers. The
+	// default value is true.
+	ExpectMatch *wrappers.BoolValue `protobuf:"bytes,2,opt,name=expect_match,json=expectMatch,proto3" json:"expect_match,omitempty"`
+	// Specifies a set of headers that the rate limit action should match
+	// on. The action will check the request’s headers against all the
+	// specified headers in the config. A match will happen if all the
+	// headers in the config are present in the request with the same values
+	// (or based on presence if the value field is not in the config).
+	Headers []*HeaderMatcher `protobuf:"bytes,3,rep,name=headers,proto3" json:"headers,omitempty"`
+}
+
+func (x *RateLimit_Action_HeaderValueMatch) Reset() {
+	*x = RateLimit_Action_HeaderValueMatch{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_api_v2_route_route_components_proto_msgTypes[43]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *RateLimit_Action_HeaderValueMatch) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*RateLimit_Action_HeaderValueMatch) ProtoMessage() {}
+
+func (x *RateLimit_Action_HeaderValueMatch) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_api_v2_route_route_components_proto_msgTypes[43]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use RateLimit_Action_HeaderValueMatch.ProtoReflect.Descriptor instead.
+func (*RateLimit_Action_HeaderValueMatch) Descriptor() ([]byte, []int) {
+	return file_envoy_api_v2_route_route_components_proto_rawDescGZIP(), []int{14, 0, 5}
+}
+
+func (x *RateLimit_Action_HeaderValueMatch) GetDescriptorValue() string {
+	if x != nil {
+		return x.DescriptorValue
+	}
+	return ""
+}
+
+func (x *RateLimit_Action_HeaderValueMatch) GetExpectMatch() *wrappers.BoolValue {
+	if x != nil {
+		return x.ExpectMatch
+	}
+	return nil
+}
+
+func (x *RateLimit_Action_HeaderValueMatch) GetHeaders() []*HeaderMatcher {
+	if x != nil {
+		return x.Headers
+	}
+	return nil
+}
+
+var File_envoy_api_v2_route_route_components_proto protoreflect.FileDescriptor
+
+var file_envoy_api_v2_route_route_components_proto_rawDesc = []byte{
+	0x0a, 0x29, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2f, 0x61, 0x70, 0x69, 0x2f, 0x76, 0x32, 0x2f, 0x72,
+	0x6f, 0x75, 0x74, 0x65, 0x2f, 0x72, 0x6f, 0x75, 0x74, 0x65, 0x5f, 0x63, 0x6f, 0x6d, 0x70, 0x6f,
+	0x6e, 0x65, 0x6e, 0x74, 0x73, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x12, 0x12, 0x65, 0x6e, 0x76,
+	0x6f, 0x79, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x76, 0x32, 0x2e, 0x72, 0x6f, 0x75, 0x74, 0x65, 0x1a,
+	0x1c, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2f, 0x61, 0x70, 0x69, 0x2f, 0x76, 0x32, 0x2f, 0x63, 0x6f,
+	0x72, 0x65, 0x2f, 0x62, 0x61, 0x73, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x1e, 0x65,
+	0x6e, 0x76, 0x6f, 0x79, 0x2f, 0x74, 0x79, 0x70, 0x65, 0x2f, 0x6d, 0x61, 0x74, 0x63, 0x68, 0x65,
+	0x72, 0x2f, 0x72, 0x65, 0x67, 0x65, 0x78, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x1f, 0x65,
+	0x6e, 0x76, 0x6f, 0x79, 0x2f, 0x74, 0x79, 0x70, 0x65, 0x2f, 0x6d, 0x61, 0x74, 0x63, 0x68, 0x65,
+	0x72, 0x2f, 0x73, 0x74, 0x72, 0x69, 0x6e, 0x67, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x18,
+	0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2f, 0x74, 0x79, 0x70, 0x65, 0x2f, 0x70, 0x65, 0x72, 0x63, 0x65,
+	0x6e, 0x74, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x16, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2f,
+	0x74, 0x79, 0x70, 0x65, 0x2f, 0x72, 0x61, 0x6e, 0x67, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f,
+	0x1a, 0x26, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2f, 0x74, 0x79, 0x70, 0x65, 0x2f, 0x74, 0x72, 0x61,
+	0x63, 0x69, 0x6e, 0x67, 0x2f, 0x76, 0x32, 0x2f, 0x63, 0x75, 0x73, 0x74, 0x6f, 0x6d, 0x5f, 0x74,
+	0x61, 0x67, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x19, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65,
+	0x2f, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2f, 0x61, 0x6e, 0x79, 0x2e, 0x70, 0x72,
+	0x6f, 0x74, 0x6f, 0x1a, 0x1e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2f, 0x70, 0x72, 0x6f, 0x74,
+	0x6f, 0x62, 0x75, 0x66, 0x2f, 0x64, 0x75, 0x72, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x2e, 0x70, 0x72,
+	0x6f, 0x74, 0x6f, 0x1a, 0x1c, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2f, 0x70, 0x72, 0x6f, 0x74,
+	0x6f, 0x62, 0x75, 0x66, 0x2f, 0x73, 0x74, 0x72, 0x75, 0x63, 0x74, 0x2e, 0x70, 0x72, 0x6f, 0x74,
+	0x6f, 0x1a, 0x1e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2f, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62,
+	0x75, 0x66, 0x2f, 0x77, 0x72, 0x61, 0x70, 0x70, 0x65, 0x72, 0x73, 0x2e, 0x70, 0x72, 0x6f, 0x74,
+	0x6f, 0x1a, 0x23, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2f, 0x61, 0x6e, 0x6e, 0x6f, 0x74, 0x61, 0x74,
+	0x69, 0x6f, 0x6e, 0x73, 0x2f, 0x64, 0x65, 0x70, 0x72, 0x65, 0x63, 0x61, 0x74, 0x69, 0x6f, 0x6e,
+	0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x1e, 0x75, 0x64, 0x70, 0x61, 0x2f, 0x61, 0x6e, 0x6e,
+	0x6f, 0x74, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x2f, 0x6d, 0x69, 0x67, 0x72, 0x61, 0x74, 0x65,
+	0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x1d, 0x75, 0x64, 0x70, 0x61, 0x2f, 0x61, 0x6e, 0x6e,
+	0x6f, 0x74, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x2f, 0x73, 0x74, 0x61, 0x74, 0x75, 0x73, 0x2e,
+	0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x17, 0x76, 0x61, 0x6c, 0x69, 0x64, 0x61, 0x74, 0x65, 0x2f,
+	0x76, 0x61, 0x6c, 0x69, 0x64, 0x61, 0x74, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x22, 0x91,
+	0x0d, 0x0a, 0x0b, 0x56, 0x69, 0x72, 0x74, 0x75, 0x61, 0x6c, 0x48, 0x6f, 0x73, 0x74, 0x12, 0x1b,
+	0x0a, 0x04, 0x6e, 0x61, 0x6d, 0x65, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x42, 0x07, 0xfa, 0x42,
+	0x04, 0x72, 0x02, 0x20, 0x01, 0x52, 0x04, 0x6e, 0x61, 0x6d, 0x65, 0x12, 0x2c, 0x0a, 0x07, 0x64,
+	0x6f, 0x6d, 0x61, 0x69, 0x6e, 0x73, 0x18, 0x02, 0x20, 0x03, 0x28, 0x09, 0x42, 0x12, 0xfa, 0x42,
+	0x0f, 0x92, 0x01, 0x0c, 0x08, 0x01, 0x22, 0x08, 0x72, 0x06, 0xc0, 0x01, 0x02, 0xc8, 0x01, 0x00,
+	0x52, 0x07, 0x64, 0x6f, 0x6d, 0x61, 0x69, 0x6e, 0x73, 0x12, 0x31, 0x0a, 0x06, 0x72, 0x6f, 0x75,
+	0x74, 0x65, 0x73, 0x18, 0x03, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x19, 0x2e, 0x65, 0x6e, 0x76, 0x6f,
+	0x79, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x76, 0x32, 0x2e, 0x72, 0x6f, 0x75, 0x74, 0x65, 0x2e, 0x52,
+	0x6f, 0x75, 0x74, 0x65, 0x52, 0x06, 0x72, 0x6f, 0x75, 0x74, 0x65, 0x73, 0x12, 0x5d, 0x0a, 0x0b,
+	0x72, 0x65, 0x71, 0x75, 0x69, 0x72, 0x65, 0x5f, 0x74, 0x6c, 0x73, 0x18, 0x04, 0x20, 0x01, 0x28,
+	0x0e, 0x32, 0x32, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x76, 0x32,
+	0x2e, 0x72, 0x6f, 0x75, 0x74, 0x65, 0x2e, 0x56, 0x69, 0x72, 0x74, 0x75, 0x61, 0x6c, 0x48, 0x6f,
+	0x73, 0x74, 0x2e, 0x54, 0x6c, 0x73, 0x52, 0x65, 0x71, 0x75, 0x69, 0x72, 0x65, 0x6d, 0x65, 0x6e,
+	0x74, 0x54, 0x79, 0x70, 0x65, 0x42, 0x08, 0xfa, 0x42, 0x05, 0x82, 0x01, 0x02, 0x10, 0x01, 0x52,
+	0x0a, 0x72, 0x65, 0x71, 0x75, 0x69, 0x72, 0x65, 0x54, 0x6c, 0x73, 0x12, 0x4d, 0x0a, 0x10, 0x76,
+	0x69, 0x72, 0x74, 0x75, 0x61, 0x6c, 0x5f, 0x63, 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0x73, 0x18,
+	0x05, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x22, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61, 0x70,
+	0x69, 0x2e, 0x76, 0x32, 0x2e, 0x72, 0x6f, 0x75, 0x74, 0x65, 0x2e, 0x56, 0x69, 0x72, 0x74, 0x75,
+	0x61, 0x6c, 0x43, 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0x52, 0x0f, 0x76, 0x69, 0x72, 0x74, 0x75,
+	0x61, 0x6c, 0x43, 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0x73, 0x12, 0x3e, 0x0a, 0x0b, 0x72, 0x61,
+	0x74, 0x65, 0x5f, 0x6c, 0x69, 0x6d, 0x69, 0x74, 0x73, 0x18, 0x06, 0x20, 0x03, 0x28, 0x0b, 0x32,
+	0x1d, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x76, 0x32, 0x2e, 0x72,
+	0x6f, 0x75, 0x74, 0x65, 0x2e, 0x52, 0x61, 0x74, 0x65, 0x4c, 0x69, 0x6d, 0x69, 0x74, 0x52, 0x0a,
+	0x72, 0x61, 0x74, 0x65, 0x4c, 0x69, 0x6d, 0x69, 0x74, 0x73, 0x12, 0x64, 0x0a, 0x16, 0x72, 0x65,
+	0x71, 0x75, 0x65, 0x73, 0x74, 0x5f, 0x68, 0x65, 0x61, 0x64, 0x65, 0x72, 0x73, 0x5f, 0x74, 0x6f,
+	0x5f, 0x61, 0x64, 0x64, 0x18, 0x07, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x24, 0x2e, 0x65, 0x6e, 0x76,
+	0x6f, 0x79, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x76, 0x32, 0x2e, 0x63, 0x6f, 0x72, 0x65, 0x2e, 0x48,
+	0x65, 0x61, 0x64, 0x65, 0x72, 0x56, 0x61, 0x6c, 0x75, 0x65, 0x4f, 0x70, 0x74, 0x69, 0x6f, 0x6e,
+	0x42, 0x09, 0xfa, 0x42, 0x06, 0x92, 0x01, 0x03, 0x10, 0xe8, 0x07, 0x52, 0x13, 0x72, 0x65, 0x71,
+	0x75, 0x65, 0x73, 0x74, 0x48, 0x65, 0x61, 0x64, 0x65, 0x72, 0x73, 0x54, 0x6f, 0x41, 0x64, 0x64,
+	0x12, 0x39, 0x0a, 0x19, 0x72, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x5f, 0x68, 0x65, 0x61, 0x64,
+	0x65, 0x72, 0x73, 0x5f, 0x74, 0x6f, 0x5f, 0x72, 0x65, 0x6d, 0x6f, 0x76, 0x65, 0x18, 0x0d, 0x20,
+	0x03, 0x28, 0x09, 0x52, 0x16, 0x72, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x48, 0x65, 0x61, 0x64,
+	0x65, 0x72, 0x73, 0x54, 0x6f, 0x52, 0x65, 0x6d, 0x6f, 0x76, 0x65, 0x12, 0x66, 0x0a, 0x17, 0x72,
+	0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x5f, 0x68, 0x65, 0x61, 0x64, 0x65, 0x72, 0x73, 0x5f,
+	0x74, 0x6f, 0x5f, 0x61, 0x64, 0x64, 0x18, 0x0a, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x24, 0x2e, 0x65,
+	0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x76, 0x32, 0x2e, 0x63, 0x6f, 0x72, 0x65,
+	0x2e, 0x48, 0x65, 0x61, 0x64, 0x65, 0x72, 0x56, 0x61, 0x6c, 0x75, 0x65, 0x4f, 0x70, 0x74, 0x69,
+	0x6f, 0x6e, 0x42, 0x09, 0xfa, 0x42, 0x06, 0x92, 0x01, 0x03, 0x10, 0xe8, 0x07, 0x52, 0x14, 0x72,
+	0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x48, 0x65, 0x61, 0x64, 0x65, 0x72, 0x73, 0x54, 0x6f,
+	0x41, 0x64, 0x64, 0x12, 0x3b, 0x0a, 0x1a, 0x72, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x5f,
+	0x68, 0x65, 0x61, 0x64, 0x65, 0x72, 0x73, 0x5f, 0x74, 0x6f, 0x5f, 0x72, 0x65, 0x6d, 0x6f, 0x76,
+	0x65, 0x18, 0x0b, 0x20, 0x03, 0x28, 0x09, 0x52, 0x17, 0x72, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73,
+	0x65, 0x48, 0x65, 0x61, 0x64, 0x65, 0x72, 0x73, 0x54, 0x6f, 0x52, 0x65, 0x6d, 0x6f, 0x76, 0x65,
+	0x12, 0x32, 0x0a, 0x04, 0x63, 0x6f, 0x72, 0x73, 0x18, 0x08, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1e,
+	0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x76, 0x32, 0x2e, 0x72, 0x6f,
+	0x75, 0x74, 0x65, 0x2e, 0x43, 0x6f, 0x72, 0x73, 0x50, 0x6f, 0x6c, 0x69, 0x63, 0x79, 0x52, 0x04,
+	0x63, 0x6f, 0x72, 0x73, 0x12, 0x64, 0x0a, 0x11, 0x70, 0x65, 0x72, 0x5f, 0x66, 0x69, 0x6c, 0x74,
+	0x65, 0x72, 0x5f, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x18, 0x0c, 0x20, 0x03, 0x28, 0x0b, 0x32,
+	0x34, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x76, 0x32, 0x2e, 0x72,
+	0x6f, 0x75, 0x74, 0x65, 0x2e, 0x56, 0x69, 0x72, 0x74, 0x75, 0x61, 0x6c, 0x48, 0x6f, 0x73, 0x74,
+	0x2e, 0x50, 0x65, 0x72, 0x46, 0x69, 0x6c, 0x74, 0x65, 0x72, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67,
+	0x45, 0x6e, 0x74, 0x72, 0x79, 0x42, 0x02, 0x18, 0x01, 0x52, 0x0f, 0x70, 0x65, 0x72, 0x46, 0x69,
+	0x6c, 0x74, 0x65, 0x72, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x12, 0x70, 0x0a, 0x17, 0x74, 0x79,
+	0x70, 0x65, 0x64, 0x5f, 0x70, 0x65, 0x72, 0x5f, 0x66, 0x69, 0x6c, 0x74, 0x65, 0x72, 0x5f, 0x63,
+	0x6f, 0x6e, 0x66, 0x69, 0x67, 0x18, 0x0f, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x39, 0x2e, 0x65, 0x6e,
+	0x76, 0x6f, 0x79, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x76, 0x32, 0x2e, 0x72, 0x6f, 0x75, 0x74, 0x65,
+	0x2e, 0x56, 0x69, 0x72, 0x74, 0x75, 0x61, 0x6c, 0x48, 0x6f, 0x73, 0x74, 0x2e, 0x54, 0x79, 0x70,
+	0x65, 0x64, 0x50, 0x65, 0x72, 0x46, 0x69, 0x6c, 0x74, 0x65, 0x72, 0x43, 0x6f, 0x6e, 0x66, 0x69,
+	0x67, 0x45, 0x6e, 0x74, 0x72, 0x79, 0x52, 0x14, 0x74, 0x79, 0x70, 0x65, 0x64, 0x50, 0x65, 0x72,
+	0x46, 0x69, 0x6c, 0x74, 0x65, 0x72, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x12, 0x41, 0x0a, 0x1d,
+	0x69, 0x6e, 0x63, 0x6c, 0x75, 0x64, 0x65, 0x5f, 0x72, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x5f,
+	0x61, 0x74, 0x74, 0x65, 0x6d, 0x70, 0x74, 0x5f, 0x63, 0x6f, 0x75, 0x6e, 0x74, 0x18, 0x0e, 0x20,
+	0x01, 0x28, 0x08, 0x52, 0x1a, 0x69, 0x6e, 0x63, 0x6c, 0x75, 0x64, 0x65, 0x52, 0x65, 0x71, 0x75,
+	0x65, 0x73, 0x74, 0x41, 0x74, 0x74, 0x65, 0x6d, 0x70, 0x74, 0x43, 0x6f, 0x75, 0x6e, 0x74, 0x12,
+	0x48, 0x0a, 0x21, 0x69, 0x6e, 0x63, 0x6c, 0x75, 0x64, 0x65, 0x5f, 0x61, 0x74, 0x74, 0x65, 0x6d,
+	0x70, 0x74, 0x5f, 0x63, 0x6f, 0x75, 0x6e, 0x74, 0x5f, 0x69, 0x6e, 0x5f, 0x72, 0x65, 0x73, 0x70,
+	0x6f, 0x6e, 0x73, 0x65, 0x18, 0x13, 0x20, 0x01, 0x28, 0x08, 0x52, 0x1d, 0x69, 0x6e, 0x63, 0x6c,
+	0x75, 0x64, 0x65, 0x41, 0x74, 0x74, 0x65, 0x6d, 0x70, 0x74, 0x43, 0x6f, 0x75, 0x6e, 0x74, 0x49,
+	0x6e, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x12, 0x42, 0x0a, 0x0c, 0x72, 0x65, 0x74,
+	0x72, 0x79, 0x5f, 0x70, 0x6f, 0x6c, 0x69, 0x63, 0x79, 0x18, 0x10, 0x20, 0x01, 0x28, 0x0b, 0x32,
+	0x1f, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x76, 0x32, 0x2e, 0x72,
+	0x6f, 0x75, 0x74, 0x65, 0x2e, 0x52, 0x65, 0x74, 0x72, 0x79, 0x50, 0x6f, 0x6c, 0x69, 0x63, 0x79,
+	0x52, 0x0b, 0x72, 0x65, 0x74, 0x72, 0x79, 0x50, 0x6f, 0x6c, 0x69, 0x63, 0x79, 0x12, 0x4f, 0x0a,
+	0x19, 0x72, 0x65, 0x74, 0x72, 0x79, 0x5f, 0x70, 0x6f, 0x6c, 0x69, 0x63, 0x79, 0x5f, 0x74, 0x79,
+	0x70, 0x65, 0x64, 0x5f, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x18, 0x14, 0x20, 0x01, 0x28, 0x0b,
+	0x32, 0x14, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62,
+	0x75, 0x66, 0x2e, 0x41, 0x6e, 0x79, 0x52, 0x16, 0x72, 0x65, 0x74, 0x72, 0x79, 0x50, 0x6f, 0x6c,
+	0x69, 0x63, 0x79, 0x54, 0x79, 0x70, 0x65, 0x64, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x12, 0x42,
+	0x0a, 0x0c, 0x68, 0x65, 0x64, 0x67, 0x65, 0x5f, 0x70, 0x6f, 0x6c, 0x69, 0x63, 0x79, 0x18, 0x11,
+	0x20, 0x01, 0x28, 0x0b, 0x32, 0x1f, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61, 0x70, 0x69,
+	0x2e, 0x76, 0x32, 0x2e, 0x72, 0x6f, 0x75, 0x74, 0x65, 0x2e, 0x48, 0x65, 0x64, 0x67, 0x65, 0x50,
+	0x6f, 0x6c, 0x69, 0x63, 0x79, 0x52, 0x0b, 0x68, 0x65, 0x64, 0x67, 0x65, 0x50, 0x6f, 0x6c, 0x69,
+	0x63, 0x79, 0x12, 0x60, 0x0a, 0x1e, 0x70, 0x65, 0x72, 0x5f, 0x72, 0x65, 0x71, 0x75, 0x65, 0x73,
+	0x74, 0x5f, 0x62, 0x75, 0x66, 0x66, 0x65, 0x72, 0x5f, 0x6c, 0x69, 0x6d, 0x69, 0x74, 0x5f, 0x62,
+	0x79, 0x74, 0x65, 0x73, 0x18, 0x12, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1c, 0x2e, 0x67, 0x6f, 0x6f,
+	0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x55, 0x49, 0x6e,
+	0x74, 0x33, 0x32, 0x56, 0x61, 0x6c, 0x75, 0x65, 0x52, 0x1a, 0x70, 0x65, 0x72, 0x52, 0x65, 0x71,
+	0x75, 0x65, 0x73, 0x74, 0x42, 0x75, 0x66, 0x66, 0x65, 0x72, 0x4c, 0x69, 0x6d, 0x69, 0x74, 0x42,
+	0x79, 0x74, 0x65, 0x73, 0x1a, 0x5b, 0x0a, 0x14, 0x50, 0x65, 0x72, 0x46, 0x69, 0x6c, 0x74, 0x65,
+	0x72, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x45, 0x6e, 0x74, 0x72, 0x79, 0x12, 0x10, 0x0a, 0x03,
+	0x6b, 0x65, 0x79, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x03, 0x6b, 0x65, 0x79, 0x12, 0x2d,
+	0x0a, 0x05, 0x76, 0x61, 0x6c, 0x75, 0x65, 0x18, 0x02, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x17, 0x2e,
+	0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e,
+	0x53, 0x74, 0x72, 0x75, 0x63, 0x74, 0x52, 0x05, 0x76, 0x61, 0x6c, 0x75, 0x65, 0x3a, 0x02, 0x38,
+	0x01, 0x1a, 0x5d, 0x0a, 0x19, 0x54, 0x79, 0x70, 0x65, 0x64, 0x50, 0x65, 0x72, 0x46, 0x69, 0x6c,
+	0x74, 0x65, 0x72, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x45, 0x6e, 0x74, 0x72, 0x79, 0x12, 0x10,
+	0x0a, 0x03, 0x6b, 0x65, 0x79, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x03, 0x6b, 0x65, 0x79,
+	0x12, 0x2a, 0x0a, 0x05, 0x76, 0x61, 0x6c, 0x75, 0x65, 0x18, 0x02, 0x20, 0x01, 0x28, 0x0b, 0x32,
+	0x14, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75,
+	0x66, 0x2e, 0x41, 0x6e, 0x79, 0x52, 0x05, 0x76, 0x61, 0x6c, 0x75, 0x65, 0x3a, 0x02, 0x38, 0x01,
+	0x22, 0x3a, 0x0a, 0x12, 0x54, 0x6c, 0x73, 0x52, 0x65, 0x71, 0x75, 0x69, 0x72, 0x65, 0x6d, 0x65,
+	0x6e, 0x74, 0x54, 0x79, 0x70, 0x65, 0x12, 0x08, 0x0a, 0x04, 0x4e, 0x4f, 0x4e, 0x45, 0x10, 0x00,
+	0x12, 0x11, 0x0a, 0x0d, 0x45, 0x58, 0x54, 0x45, 0x52, 0x4e, 0x41, 0x4c, 0x5f, 0x4f, 0x4e, 0x4c,
+	0x59, 0x10, 0x01, 0x12, 0x07, 0x0a, 0x03, 0x41, 0x4c, 0x4c, 0x10, 0x02, 0x4a, 0x04, 0x08, 0x09,
+	0x10, 0x0a, 0x22, 0x3c, 0x0a, 0x0c, 0x46, 0x69, 0x6c, 0x74, 0x65, 0x72, 0x41, 0x63, 0x74, 0x69,
+	0x6f, 0x6e, 0x12, 0x2c, 0x0a, 0x06, 0x61, 0x63, 0x74, 0x69, 0x6f, 0x6e, 0x18, 0x01, 0x20, 0x01,
+	0x28, 0x0b, 0x32, 0x14, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74,
+	0x6f, 0x62, 0x75, 0x66, 0x2e, 0x41, 0x6e, 0x79, 0x52, 0x06, 0x61, 0x63, 0x74, 0x69, 0x6f, 0x6e,
+	0x22, 0xe6, 0x0a, 0x0a, 0x05, 0x52, 0x6f, 0x75, 0x74, 0x65, 0x12, 0x12, 0x0a, 0x04, 0x6e, 0x61,
+	0x6d, 0x65, 0x18, 0x0e, 0x20, 0x01, 0x28, 0x09, 0x52, 0x04, 0x6e, 0x61, 0x6d, 0x65, 0x12, 0x3e,
+	0x0a, 0x05, 0x6d, 0x61, 0x74, 0x63, 0x68, 0x18, 0x01, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1e, 0x2e,
+	0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x76, 0x32, 0x2e, 0x72, 0x6f, 0x75,
+	0x74, 0x65, 0x2e, 0x52, 0x6f, 0x75, 0x74, 0x65, 0x4d, 0x61, 0x74, 0x63, 0x68, 0x42, 0x08, 0xfa,
+	0x42, 0x05, 0x8a, 0x01, 0x02, 0x10, 0x01, 0x52, 0x05, 0x6d, 0x61, 0x74, 0x63, 0x68, 0x12, 0x37,
+	0x0a, 0x05, 0x72, 0x6f, 0x75, 0x74, 0x65, 0x18, 0x02, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1f, 0x2e,
+	0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x76, 0x32, 0x2e, 0x72, 0x6f, 0x75,
+	0x74, 0x65, 0x2e, 0x52, 0x6f, 0x75, 0x74, 0x65, 0x41, 0x63, 0x74, 0x69, 0x6f, 0x6e, 0x48, 0x00,
+	0x52, 0x05, 0x72, 0x6f, 0x75, 0x74, 0x65, 0x12, 0x40, 0x0a, 0x08, 0x72, 0x65, 0x64, 0x69, 0x72,
+	0x65, 0x63, 0x74, 0x18, 0x03, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x22, 0x2e, 0x65, 0x6e, 0x76, 0x6f,
+	0x79, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x76, 0x32, 0x2e, 0x72, 0x6f, 0x75, 0x74, 0x65, 0x2e, 0x52,
+	0x65, 0x64, 0x69, 0x72, 0x65, 0x63, 0x74, 0x41, 0x63, 0x74, 0x69, 0x6f, 0x6e, 0x48, 0x00, 0x52,
+	0x08, 0x72, 0x65, 0x64, 0x69, 0x72, 0x65, 0x63, 0x74, 0x12, 0x53, 0x0a, 0x0f, 0x64, 0x69, 0x72,
+	0x65, 0x63, 0x74, 0x5f, 0x72, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x18, 0x07, 0x20, 0x01,
+	0x28, 0x0b, 0x32, 0x28, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x76,
+	0x32, 0x2e, 0x72, 0x6f, 0x75, 0x74, 0x65, 0x2e, 0x44, 0x69, 0x72, 0x65, 0x63, 0x74, 0x52, 0x65,
+	0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x41, 0x63, 0x74, 0x69, 0x6f, 0x6e, 0x48, 0x00, 0x52, 0x0e,
+	0x64, 0x69, 0x72, 0x65, 0x63, 0x74, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x12, 0x47,
+	0x0a, 0x0d, 0x66, 0x69, 0x6c, 0x74, 0x65, 0x72, 0x5f, 0x61, 0x63, 0x74, 0x69, 0x6f, 0x6e, 0x18,
+	0x11, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x20, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61, 0x70,
+	0x69, 0x2e, 0x76, 0x32, 0x2e, 0x72, 0x6f, 0x75, 0x74, 0x65, 0x2e, 0x46, 0x69, 0x6c, 0x74, 0x65,
+	0x72, 0x41, 0x63, 0x74, 0x69, 0x6f, 0x6e, 0x48, 0x00, 0x52, 0x0c, 0x66, 0x69, 0x6c, 0x74, 0x65,
+	0x72, 0x41, 0x63, 0x74, 0x69, 0x6f, 0x6e, 0x12, 0x37, 0x0a, 0x08, 0x6d, 0x65, 0x74, 0x61, 0x64,
+	0x61, 0x74, 0x61, 0x18, 0x04, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1b, 0x2e, 0x65, 0x6e, 0x76, 0x6f,
+	0x79, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x76, 0x32, 0x2e, 0x63, 0x6f, 0x72, 0x65, 0x2e, 0x4d, 0x65,
+	0x74, 0x61, 0x64, 0x61, 0x74, 0x61, 0x52, 0x08, 0x6d, 0x65, 0x74, 0x61, 0x64, 0x61, 0x74, 0x61,
+	0x12, 0x3b, 0x0a, 0x09, 0x64, 0x65, 0x63, 0x6f, 0x72, 0x61, 0x74, 0x6f, 0x72, 0x18, 0x05, 0x20,
+	0x01, 0x28, 0x0b, 0x32, 0x1d, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61, 0x70, 0x69, 0x2e,
+	0x76, 0x32, 0x2e, 0x72, 0x6f, 0x75, 0x74, 0x65, 0x2e, 0x44, 0x65, 0x63, 0x6f, 0x72, 0x61, 0x74,
+	0x6f, 0x72, 0x52, 0x09, 0x64, 0x65, 0x63, 0x6f, 0x72, 0x61, 0x74, 0x6f, 0x72, 0x12, 0x5e, 0x0a,
+	0x11, 0x70, 0x65, 0x72, 0x5f, 0x66, 0x69, 0x6c, 0x74, 0x65, 0x72, 0x5f, 0x63, 0x6f, 0x6e, 0x66,
+	0x69, 0x67, 0x18, 0x08, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x2e, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79,
+	0x2e, 0x61, 0x70, 0x69, 0x2e, 0x76, 0x32, 0x2e, 0x72, 0x6f, 0x75, 0x74, 0x65, 0x2e, 0x52, 0x6f,
+	0x75, 0x74, 0x65, 0x2e, 0x50, 0x65, 0x72, 0x46, 0x69, 0x6c, 0x74, 0x65, 0x72, 0x43, 0x6f, 0x6e,
+	0x66, 0x69, 0x67, 0x45, 0x6e, 0x74, 0x72, 0x79, 0x42, 0x02, 0x18, 0x01, 0x52, 0x0f, 0x70, 0x65,
+	0x72, 0x46, 0x69, 0x6c, 0x74, 0x65, 0x72, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x12, 0x6a, 0x0a,
+	0x17, 0x74, 0x79, 0x70, 0x65, 0x64, 0x5f, 0x70, 0x65, 0x72, 0x5f, 0x66, 0x69, 0x6c, 0x74, 0x65,
+	0x72, 0x5f, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x18, 0x0d, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x33,
+	0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x76, 0x32, 0x2e, 0x72, 0x6f,
+	0x75, 0x74, 0x65, 0x2e, 0x52, 0x6f, 0x75, 0x74, 0x65, 0x2e, 0x54, 0x79, 0x70, 0x65, 0x64, 0x50,
+	0x65, 0x72, 0x46, 0x69, 0x6c, 0x74, 0x65, 0x72, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x45, 0x6e,
+	0x74, 0x72, 0x79, 0x52, 0x14, 0x74, 0x79, 0x70, 0x65, 0x64, 0x50, 0x65, 0x72, 0x46, 0x69, 0x6c,
+	0x74, 0x65, 0x72, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x12, 0x64, 0x0a, 0x16, 0x72, 0x65, 0x71,
+	0x75, 0x65, 0x73, 0x74, 0x5f, 0x68, 0x65, 0x61, 0x64, 0x65, 0x72, 0x73, 0x5f, 0x74, 0x6f, 0x5f,
+	0x61, 0x64, 0x64, 0x18, 0x09, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x24, 0x2e, 0x65, 0x6e, 0x76, 0x6f,
+	0x79, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x76, 0x32, 0x2e, 0x63, 0x6f, 0x72, 0x65, 0x2e, 0x48, 0x65,
+	0x61, 0x64, 0x65, 0x72, 0x56, 0x61, 0x6c, 0x75, 0x65, 0x4f, 0x70, 0x74, 0x69, 0x6f, 0x6e, 0x42,
+	0x09, 0xfa, 0x42, 0x06, 0x92, 0x01, 0x03, 0x10, 0xe8, 0x07, 0x52, 0x13, 0x72, 0x65, 0x71, 0x75,
+	0x65, 0x73, 0x74, 0x48, 0x65, 0x61, 0x64, 0x65, 0x72, 0x73, 0x54, 0x6f, 0x41, 0x64, 0x64, 0x12,
+	0x39, 0x0a, 0x19, 0x72, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x5f, 0x68, 0x65, 0x61, 0x64, 0x65,
+	0x72, 0x73, 0x5f, 0x74, 0x6f, 0x5f, 0x72, 0x65, 0x6d, 0x6f, 0x76, 0x65, 0x18, 0x0c, 0x20, 0x03,
+	0x28, 0x09, 0x52, 0x16, 0x72, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x48, 0x65, 0x61, 0x64, 0x65,
+	0x72, 0x73, 0x54, 0x6f, 0x52, 0x65, 0x6d, 0x6f, 0x76, 0x65, 0x12, 0x66, 0x0a, 0x17, 0x72, 0x65,
+	0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x5f, 0x68, 0x65, 0x61, 0x64, 0x65, 0x72, 0x73, 0x5f, 0x74,
+	0x6f, 0x5f, 0x61, 0x64, 0x64, 0x18, 0x0a, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x24, 0x2e, 0x65, 0x6e,
+	0x76, 0x6f, 0x79, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x76, 0x32, 0x2e, 0x63, 0x6f, 0x72, 0x65, 0x2e,
+	0x48, 0x65, 0x61, 0x64, 0x65, 0x72, 0x56, 0x61, 0x6c, 0x75, 0x65, 0x4f, 0x70, 0x74, 0x69, 0x6f,
+	0x6e, 0x42, 0x09, 0xfa, 0x42, 0x06, 0x92, 0x01, 0x03, 0x10, 0xe8, 0x07, 0x52, 0x14, 0x72, 0x65,
+	0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x48, 0x65, 0x61, 0x64, 0x65, 0x72, 0x73, 0x54, 0x6f, 0x41,
+	0x64, 0x64, 0x12, 0x3b, 0x0a, 0x1a, 0x72, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x5f, 0x68,
+	0x65, 0x61, 0x64, 0x65, 0x72, 0x73, 0x5f, 0x74, 0x6f, 0x5f, 0x72, 0x65, 0x6d, 0x6f, 0x76, 0x65,
+	0x18, 0x0b, 0x20, 0x03, 0x28, 0x09, 0x52, 0x17, 0x72, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65,
+	0x48, 0x65, 0x61, 0x64, 0x65, 0x72, 0x73, 0x54, 0x6f, 0x52, 0x65, 0x6d, 0x6f, 0x76, 0x65, 0x12,
+	0x35, 0x0a, 0x07, 0x74, 0x72, 0x61, 0x63, 0x69, 0x6e, 0x67, 0x18, 0x0f, 0x20, 0x01, 0x28, 0x0b,
+	0x32, 0x1b, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x76, 0x32, 0x2e,
+	0x72, 0x6f, 0x75, 0x74, 0x65, 0x2e, 0x54, 0x72, 0x61, 0x63, 0x69, 0x6e, 0x67, 0x52, 0x07, 0x74,
+	0x72, 0x61, 0x63, 0x69, 0x6e, 0x67, 0x12, 0x60, 0x0a, 0x1e, 0x70, 0x65, 0x72, 0x5f, 0x72, 0x65,
+	0x71, 0x75, 0x65, 0x73, 0x74, 0x5f, 0x62, 0x75, 0x66, 0x66, 0x65, 0x72, 0x5f, 0x6c, 0x69, 0x6d,
+	0x69, 0x74, 0x5f, 0x62, 0x79, 0x74, 0x65, 0x73, 0x18, 0x10, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1c,
+	0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66,
+	0x2e, 0x55, 0x49, 0x6e, 0x74, 0x33, 0x32, 0x56, 0x61, 0x6c, 0x75, 0x65, 0x52, 0x1a, 0x70, 0x65,
+	0x72, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x42, 0x75, 0x66, 0x66, 0x65, 0x72, 0x4c, 0x69,
+	0x6d, 0x69, 0x74, 0x42, 0x79, 0x74, 0x65, 0x73, 0x1a, 0x5b, 0x0a, 0x14, 0x50, 0x65, 0x72, 0x46,
+	0x69, 0x6c, 0x74, 0x65, 0x72, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x45, 0x6e, 0x74, 0x72, 0x79,
+	0x12, 0x10, 0x0a, 0x03, 0x6b, 0x65, 0x79, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x03, 0x6b,
+	0x65, 0x79, 0x12, 0x2d, 0x0a, 0x05, 0x76, 0x61, 0x6c, 0x75, 0x65, 0x18, 0x02, 0x20, 0x01, 0x28,
+	0x0b, 0x32, 0x17, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f,
+	0x62, 0x75, 0x66, 0x2e, 0x53, 0x74, 0x72, 0x75, 0x63, 0x74, 0x52, 0x05, 0x76, 0x61, 0x6c, 0x75,
+	0x65, 0x3a, 0x02, 0x38, 0x01, 0x1a, 0x5d, 0x0a, 0x19, 0x54, 0x79, 0x70, 0x65, 0x64, 0x50, 0x65,
+	0x72, 0x46, 0x69, 0x6c, 0x74, 0x65, 0x72, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x45, 0x6e, 0x74,
+	0x72, 0x79, 0x12, 0x10, 0x0a, 0x03, 0x6b, 0x65, 0x79, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52,
+	0x03, 0x6b, 0x65, 0x79, 0x12, 0x2a, 0x0a, 0x05, 0x76, 0x61, 0x6c, 0x75, 0x65, 0x18, 0x02, 0x20,
+	0x01, 0x28, 0x0b, 0x32, 0x14, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f,
+	0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x41, 0x6e, 0x79, 0x52, 0x05, 0x76, 0x61, 0x6c, 0x75, 0x65,
+	0x3a, 0x02, 0x38, 0x01, 0x42, 0x0d, 0x0a, 0x06, 0x61, 0x63, 0x74, 0x69, 0x6f, 0x6e, 0x12, 0x03,
+	0xf8, 0x42, 0x01, 0x4a, 0x04, 0x08, 0x06, 0x10, 0x07, 0x22, 0x90, 0x09, 0x0a, 0x0f, 0x57, 0x65,
+	0x69, 0x67, 0x68, 0x74, 0x65, 0x64, 0x43, 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0x12, 0x57, 0x0a,
+	0x08, 0x63, 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0x73, 0x18, 0x01, 0x20, 0x03, 0x28, 0x0b, 0x32,
+	0x31, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x76, 0x32, 0x2e, 0x72,
+	0x6f, 0x75, 0x74, 0x65, 0x2e, 0x57, 0x65, 0x69, 0x67, 0x68, 0x74, 0x65, 0x64, 0x43, 0x6c, 0x75,
+	0x73, 0x74, 0x65, 0x72, 0x2e, 0x43, 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0x57, 0x65, 0x69, 0x67,
+	0x68, 0x74, 0x42, 0x08, 0xfa, 0x42, 0x05, 0x92, 0x01, 0x02, 0x08, 0x01, 0x52, 0x08, 0x63, 0x6c,
+	0x75, 0x73, 0x74, 0x65, 0x72, 0x73, 0x12, 0x48, 0x0a, 0x0c, 0x74, 0x6f, 0x74, 0x61, 0x6c, 0x5f,
+	0x77, 0x65, 0x69, 0x67, 0x68, 0x74, 0x18, 0x03, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1c, 0x2e, 0x67,
+	0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x55,
+	0x49, 0x6e, 0x74, 0x33, 0x32, 0x56, 0x61, 0x6c, 0x75, 0x65, 0x42, 0x07, 0xfa, 0x42, 0x04, 0x2a,
+	0x02, 0x28, 0x01, 0x52, 0x0b, 0x74, 0x6f, 0x74, 0x61, 0x6c, 0x57, 0x65, 0x69, 0x67, 0x68, 0x74,
+	0x12, 0x2c, 0x0a, 0x12, 0x72, 0x75, 0x6e, 0x74, 0x69, 0x6d, 0x65, 0x5f, 0x6b, 0x65, 0x79, 0x5f,
+	0x70, 0x72, 0x65, 0x66, 0x69, 0x78, 0x18, 0x02, 0x20, 0x01, 0x28, 0x09, 0x52, 0x10, 0x72, 0x75,
+	0x6e, 0x74, 0x69, 0x6d, 0x65, 0x4b, 0x65, 0x79, 0x50, 0x72, 0x65, 0x66, 0x69, 0x78, 0x1a, 0xab,
+	0x07, 0x0a, 0x0d, 0x43, 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0x57, 0x65, 0x69, 0x67, 0x68, 0x74,
+	0x12, 0x1b, 0x0a, 0x04, 0x6e, 0x61, 0x6d, 0x65, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x42, 0x07,
+	0xfa, 0x42, 0x04, 0x72, 0x02, 0x20, 0x01, 0x52, 0x04, 0x6e, 0x61, 0x6d, 0x65, 0x12, 0x34, 0x0a,
+	0x06, 0x77, 0x65, 0x69, 0x67, 0x68, 0x74, 0x18, 0x02, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1c, 0x2e,
+	0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e,
+	0x55, 0x49, 0x6e, 0x74, 0x33, 0x32, 0x56, 0x61, 0x6c, 0x75, 0x65, 0x52, 0x06, 0x77, 0x65, 0x69,
+	0x67, 0x68, 0x74, 0x12, 0x42, 0x0a, 0x0e, 0x6d, 0x65, 0x74, 0x61, 0x64, 0x61, 0x74, 0x61, 0x5f,
+	0x6d, 0x61, 0x74, 0x63, 0x68, 0x18, 0x03, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1b, 0x2e, 0x65, 0x6e,
+	0x76, 0x6f, 0x79, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x76, 0x32, 0x2e, 0x63, 0x6f, 0x72, 0x65, 0x2e,
+	0x4d, 0x65, 0x74, 0x61, 0x64, 0x61, 0x74, 0x61, 0x52, 0x0d, 0x6d, 0x65, 0x74, 0x61, 0x64, 0x61,
+	0x74, 0x61, 0x4d, 0x61, 0x74, 0x63, 0x68, 0x12, 0x64, 0x0a, 0x16, 0x72, 0x65, 0x71, 0x75, 0x65,
+	0x73, 0x74, 0x5f, 0x68, 0x65, 0x61, 0x64, 0x65, 0x72, 0x73, 0x5f, 0x74, 0x6f, 0x5f, 0x61, 0x64,
+	0x64, 0x18, 0x04, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x24, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e,
+	0x61, 0x70, 0x69, 0x2e, 0x76, 0x32, 0x2e, 0x63, 0x6f, 0x72, 0x65, 0x2e, 0x48, 0x65, 0x61, 0x64,
+	0x65, 0x72, 0x56, 0x61, 0x6c, 0x75, 0x65, 0x4f, 0x70, 0x74, 0x69, 0x6f, 0x6e, 0x42, 0x09, 0xfa,
+	0x42, 0x06, 0x92, 0x01, 0x03, 0x10, 0xe8, 0x07, 0x52, 0x13, 0x72, 0x65, 0x71, 0x75, 0x65, 0x73,
+	0x74, 0x48, 0x65, 0x61, 0x64, 0x65, 0x72, 0x73, 0x54, 0x6f, 0x41, 0x64, 0x64, 0x12, 0x39, 0x0a,
+	0x19, 0x72, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x5f, 0x68, 0x65, 0x61, 0x64, 0x65, 0x72, 0x73,
+	0x5f, 0x74, 0x6f, 0x5f, 0x72, 0x65, 0x6d, 0x6f, 0x76, 0x65, 0x18, 0x09, 0x20, 0x03, 0x28, 0x09,
+	0x52, 0x16, 0x72, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x48, 0x65, 0x61, 0x64, 0x65, 0x72, 0x73,
+	0x54, 0x6f, 0x52, 0x65, 0x6d, 0x6f, 0x76, 0x65, 0x12, 0x66, 0x0a, 0x17, 0x72, 0x65, 0x73, 0x70,
+	0x6f, 0x6e, 0x73, 0x65, 0x5f, 0x68, 0x65, 0x61, 0x64, 0x65, 0x72, 0x73, 0x5f, 0x74, 0x6f, 0x5f,
+	0x61, 0x64, 0x64, 0x18, 0x05, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x24, 0x2e, 0x65, 0x6e, 0x76, 0x6f,
+	0x79, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x76, 0x32, 0x2e, 0x63, 0x6f, 0x72, 0x65, 0x2e, 0x48, 0x65,
+	0x61, 0x64, 0x65, 0x72, 0x56, 0x61, 0x6c, 0x75, 0x65, 0x4f, 0x70, 0x74, 0x69, 0x6f, 0x6e, 0x42,
+	0x09, 0xfa, 0x42, 0x06, 0x92, 0x01, 0x03, 0x10, 0xe8, 0x07, 0x52, 0x14, 0x72, 0x65, 0x73, 0x70,
+	0x6f, 0x6e, 0x73, 0x65, 0x48, 0x65, 0x61, 0x64, 0x65, 0x72, 0x73, 0x54, 0x6f, 0x41, 0x64, 0x64,
+	0x12, 0x3b, 0x0a, 0x1a, 0x72, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x5f, 0x68, 0x65, 0x61,
+	0x64, 0x65, 0x72, 0x73, 0x5f, 0x74, 0x6f, 0x5f, 0x72, 0x65, 0x6d, 0x6f, 0x76, 0x65, 0x18, 0x06,
+	0x20, 0x03, 0x28, 0x09, 0x52, 0x17, 0x72, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x48, 0x65,
+	0x61, 0x64, 0x65, 0x72, 0x73, 0x54, 0x6f, 0x52, 0x65, 0x6d, 0x6f, 0x76, 0x65, 0x12, 0x76, 0x0a,
+	0x11, 0x70, 0x65, 0x72, 0x5f, 0x66, 0x69, 0x6c, 0x74, 0x65, 0x72, 0x5f, 0x63, 0x6f, 0x6e, 0x66,
+	0x69, 0x67, 0x18, 0x08, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x46, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79,
+	0x2e, 0x61, 0x70, 0x69, 0x2e, 0x76, 0x32, 0x2e, 0x72, 0x6f, 0x75, 0x74, 0x65, 0x2e, 0x57, 0x65,
+	0x69, 0x67, 0x68, 0x74, 0x65, 0x64, 0x43, 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0x2e, 0x43, 0x6c,
+	0x75, 0x73, 0x74, 0x65, 0x72, 0x57, 0x65, 0x69, 0x67, 0x68, 0x74, 0x2e, 0x50, 0x65, 0x72, 0x46,
+	0x69, 0x6c, 0x74, 0x65, 0x72, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x45, 0x6e, 0x74, 0x72, 0x79,
+	0x42, 0x02, 0x18, 0x01, 0x52, 0x0f, 0x70, 0x65, 0x72, 0x46, 0x69, 0x6c, 0x74, 0x65, 0x72, 0x43,
+	0x6f, 0x6e, 0x66, 0x69, 0x67, 0x12, 0x82, 0x01, 0x0a, 0x17, 0x74, 0x79, 0x70, 0x65, 0x64, 0x5f,
+	0x70, 0x65, 0x72, 0x5f, 0x66, 0x69, 0x6c, 0x74, 0x65, 0x72, 0x5f, 0x63, 0x6f, 0x6e, 0x66, 0x69,
+	0x67, 0x18, 0x0a, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x4b, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e,
+	0x61, 0x70, 0x69, 0x2e, 0x76, 0x32, 0x2e, 0x72, 0x6f, 0x75, 0x74, 0x65, 0x2e, 0x57, 0x65, 0x69,
+	0x67, 0x68, 0x74, 0x65, 0x64, 0x43, 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0x2e, 0x43, 0x6c, 0x75,
+	0x73, 0x74, 0x65, 0x72, 0x57, 0x65, 0x69, 0x67, 0x68, 0x74, 0x2e, 0x54, 0x79, 0x70, 0x65, 0x64,
+	0x50, 0x65, 0x72, 0x46, 0x69, 0x6c, 0x74, 0x65, 0x72, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x45,
+	0x6e, 0x74, 0x72, 0x79, 0x52, 0x14, 0x74, 0x79, 0x70, 0x65, 0x64, 0x50, 0x65, 0x72, 0x46, 0x69,
+	0x6c, 0x74, 0x65, 0x72, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x1a, 0x5b, 0x0a, 0x14, 0x50, 0x65,
+	0x72, 0x46, 0x69, 0x6c, 0x74, 0x65, 0x72, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x45, 0x6e, 0x74,
+	0x72, 0x79, 0x12, 0x10, 0x0a, 0x03, 0x6b, 0x65, 0x79, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52,
+	0x03, 0x6b, 0x65, 0x79, 0x12, 0x2d, 0x0a, 0x05, 0x76, 0x61, 0x6c, 0x75, 0x65, 0x18, 0x02, 0x20,
+	0x01, 0x28, 0x0b, 0x32, 0x17, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f,
+	0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x53, 0x74, 0x72, 0x75, 0x63, 0x74, 0x52, 0x05, 0x76, 0x61,
+	0x6c, 0x75, 0x65, 0x3a, 0x02, 0x38, 0x01, 0x1a, 0x5d, 0x0a, 0x19, 0x54, 0x79, 0x70, 0x65, 0x64,
+	0x50, 0x65, 0x72, 0x46, 0x69, 0x6c, 0x74, 0x65, 0x72, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x45,
+	0x6e, 0x74, 0x72, 0x79, 0x12, 0x10, 0x0a, 0x03, 0x6b, 0x65, 0x79, 0x18, 0x01, 0x20, 0x01, 0x28,
+	0x09, 0x52, 0x03, 0x6b, 0x65, 0x79, 0x12, 0x2a, 0x0a, 0x05, 0x76, 0x61, 0x6c, 0x75, 0x65, 0x18,
+	0x02, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x14, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70,
+	0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x41, 0x6e, 0x79, 0x52, 0x05, 0x76, 0x61, 0x6c,
+	0x75, 0x65, 0x3a, 0x02, 0x38, 0x01, 0x4a, 0x04, 0x08, 0x07, 0x10, 0x08, 0x22, 0xc8, 0x06, 0x0a,
+	0x0a, 0x52, 0x6f, 0x75, 0x74, 0x65, 0x4d, 0x61, 0x74, 0x63, 0x68, 0x12, 0x18, 0x0a, 0x06, 0x70,
+	0x72, 0x65, 0x66, 0x69, 0x78, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x48, 0x00, 0x52, 0x06, 0x70,
+	0x72, 0x65, 0x66, 0x69, 0x78, 0x12, 0x14, 0x0a, 0x04, 0x70, 0x61, 0x74, 0x68, 0x18, 0x02, 0x20,
+	0x01, 0x28, 0x09, 0x48, 0x00, 0x52, 0x04, 0x70, 0x61, 0x74, 0x68, 0x12, 0x28, 0x0a, 0x05, 0x72,
+	0x65, 0x67, 0x65, 0x78, 0x18, 0x03, 0x20, 0x01, 0x28, 0x09, 0x42, 0x10, 0x18, 0x01, 0xfa, 0x42,
+	0x05, 0x72, 0x03, 0x28, 0x80, 0x08, 0xb8, 0xee, 0xf2, 0xd2, 0x05, 0x01, 0x48, 0x00, 0x52, 0x05,
+	0x72, 0x65, 0x67, 0x65, 0x78, 0x12, 0x4b, 0x0a, 0x0a, 0x73, 0x61, 0x66, 0x65, 0x5f, 0x72, 0x65,
+	0x67, 0x65, 0x78, 0x18, 0x0a, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x20, 0x2e, 0x65, 0x6e, 0x76, 0x6f,
+	0x79, 0x2e, 0x74, 0x79, 0x70, 0x65, 0x2e, 0x6d, 0x61, 0x74, 0x63, 0x68, 0x65, 0x72, 0x2e, 0x52,
+	0x65, 0x67, 0x65, 0x78, 0x4d, 0x61, 0x74, 0x63, 0x68, 0x65, 0x72, 0x42, 0x08, 0xfa, 0x42, 0x05,
+	0x8a, 0x01, 0x02, 0x10, 0x01, 0x48, 0x00, 0x52, 0x09, 0x73, 0x61, 0x66, 0x65, 0x52, 0x65, 0x67,
+	0x65, 0x78, 0x12, 0x41, 0x0a, 0x0e, 0x63, 0x61, 0x73, 0x65, 0x5f, 0x73, 0x65, 0x6e, 0x73, 0x69,
+	0x74, 0x69, 0x76, 0x65, 0x18, 0x04, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1a, 0x2e, 0x67, 0x6f, 0x6f,
+	0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x42, 0x6f, 0x6f,
+	0x6c, 0x56, 0x61, 0x6c, 0x75, 0x65, 0x52, 0x0d, 0x63, 0x61, 0x73, 0x65, 0x53, 0x65, 0x6e, 0x73,
+	0x69, 0x74, 0x69, 0x76, 0x65, 0x12, 0x56, 0x0a, 0x10, 0x72, 0x75, 0x6e, 0x74, 0x69, 0x6d, 0x65,
+	0x5f, 0x66, 0x72, 0x61, 0x63, 0x74, 0x69, 0x6f, 0x6e, 0x18, 0x09, 0x20, 0x01, 0x28, 0x0b, 0x32,
+	0x2b, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x76, 0x32, 0x2e, 0x63,
+	0x6f, 0x72, 0x65, 0x2e, 0x52, 0x75, 0x6e, 0x74, 0x69, 0x6d, 0x65, 0x46, 0x72, 0x61, 0x63, 0x74,
+	0x69, 0x6f, 0x6e, 0x61, 0x6c, 0x50, 0x65, 0x72, 0x63, 0x65, 0x6e, 0x74, 0x52, 0x0f, 0x72, 0x75,
+	0x6e, 0x74, 0x69, 0x6d, 0x65, 0x46, 0x72, 0x61, 0x63, 0x74, 0x69, 0x6f, 0x6e, 0x12, 0x3b, 0x0a,
+	0x07, 0x68, 0x65, 0x61, 0x64, 0x65, 0x72, 0x73, 0x18, 0x06, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x21,
+	0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x76, 0x32, 0x2e, 0x72, 0x6f,
+	0x75, 0x74, 0x65, 0x2e, 0x48, 0x65, 0x61, 0x64, 0x65, 0x72, 0x4d, 0x61, 0x74, 0x63, 0x68, 0x65,
+	0x72, 0x52, 0x07, 0x68, 0x65, 0x61, 0x64, 0x65, 0x72, 0x73, 0x12, 0x54, 0x0a, 0x10, 0x71, 0x75,
+	0x65, 0x72, 0x79, 0x5f, 0x70, 0x61, 0x72, 0x61, 0x6d, 0x65, 0x74, 0x65, 0x72, 0x73, 0x18, 0x07,
+	0x20, 0x03, 0x28, 0x0b, 0x32, 0x29, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61, 0x70, 0x69,
+	0x2e, 0x76, 0x32, 0x2e, 0x72, 0x6f, 0x75, 0x74, 0x65, 0x2e, 0x51, 0x75, 0x65, 0x72, 0x79, 0x50,
+	0x61, 0x72, 0x61, 0x6d, 0x65, 0x74, 0x65, 0x72, 0x4d, 0x61, 0x74, 0x63, 0x68, 0x65, 0x72, 0x52,
+	0x0f, 0x71, 0x75, 0x65, 0x72, 0x79, 0x50, 0x61, 0x72, 0x61, 0x6d, 0x65, 0x74, 0x65, 0x72, 0x73,
+	0x12, 0x48, 0x0a, 0x04, 0x67, 0x72, 0x70, 0x63, 0x18, 0x08, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x34,
+	0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x76, 0x32, 0x2e, 0x72, 0x6f,
+	0x75, 0x74, 0x65, 0x2e, 0x52, 0x6f, 0x75, 0x74, 0x65, 0x4d, 0x61, 0x74, 0x63, 0x68, 0x2e, 0x47,
+	0x72, 0x70, 0x63, 0x52, 0x6f, 0x75, 0x74, 0x65, 0x4d, 0x61, 0x74, 0x63, 0x68, 0x4f, 0x70, 0x74,
+	0x69, 0x6f, 0x6e, 0x73, 0x52, 0x04, 0x67, 0x72, 0x70, 0x63, 0x12, 0x56, 0x0a, 0x0b, 0x74, 0x6c,
+	0x73, 0x5f, 0x63, 0x6f, 0x6e, 0x74, 0x65, 0x78, 0x74, 0x18, 0x0b, 0x20, 0x01, 0x28, 0x0b, 0x32,
+	0x35, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x76, 0x32, 0x2e, 0x72,
+	0x6f, 0x75, 0x74, 0x65, 0x2e, 0x52, 0x6f, 0x75, 0x74, 0x65, 0x4d, 0x61, 0x74, 0x63, 0x68, 0x2e,
+	0x54, 0x6c, 0x73, 0x43, 0x6f, 0x6e, 0x74, 0x65, 0x78, 0x74, 0x4d, 0x61, 0x74, 0x63, 0x68, 0x4f,
+	0x70, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x52, 0x0a, 0x74, 0x6c, 0x73, 0x43, 0x6f, 0x6e, 0x74, 0x65,
+	0x78, 0x74, 0x1a, 0x17, 0x0a, 0x15, 0x47, 0x72, 0x70, 0x63, 0x52, 0x6f, 0x75, 0x74, 0x65, 0x4d,
+	0x61, 0x74, 0x63, 0x68, 0x4f, 0x70, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x1a, 0x8c, 0x01, 0x0a, 0x16,
+	0x54, 0x6c, 0x73, 0x43, 0x6f, 0x6e, 0x74, 0x65, 0x78, 0x74, 0x4d, 0x61, 0x74, 0x63, 0x68, 0x4f,
+	0x70, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x12, 0x38, 0x0a, 0x09, 0x70, 0x72, 0x65, 0x73, 0x65, 0x6e,
+	0x74, 0x65, 0x64, 0x18, 0x01, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1a, 0x2e, 0x67, 0x6f, 0x6f, 0x67,
+	0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x42, 0x6f, 0x6f, 0x6c,
+	0x56, 0x61, 0x6c, 0x75, 0x65, 0x52, 0x09, 0x70, 0x72, 0x65, 0x73, 0x65, 0x6e, 0x74, 0x65, 0x64,
+	0x12, 0x38, 0x0a, 0x09, 0x76, 0x61, 0x6c, 0x69, 0x64, 0x61, 0x74, 0x65, 0x64, 0x18, 0x02, 0x20,
+	0x01, 0x28, 0x0b, 0x32, 0x1a, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f,
+	0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x42, 0x6f, 0x6f, 0x6c, 0x56, 0x61, 0x6c, 0x75, 0x65, 0x52,
+	0x09, 0x76, 0x61, 0x6c, 0x69, 0x64, 0x61, 0x74, 0x65, 0x64, 0x42, 0x15, 0x0a, 0x0e, 0x70, 0x61,
+	0x74, 0x68, 0x5f, 0x73, 0x70, 0x65, 0x63, 0x69, 0x66, 0x69, 0x65, 0x72, 0x12, 0x03, 0xf8, 0x42,
+	0x01, 0x4a, 0x04, 0x08, 0x05, 0x10, 0x06, 0x22, 0xaa, 0x05, 0x0a, 0x0a, 0x43, 0x6f, 0x72, 0x73,
+	0x50, 0x6f, 0x6c, 0x69, 0x63, 0x79, 0x12, 0x2b, 0x0a, 0x0c, 0x61, 0x6c, 0x6c, 0x6f, 0x77, 0x5f,
+	0x6f, 0x72, 0x69, 0x67, 0x69, 0x6e, 0x18, 0x01, 0x20, 0x03, 0x28, 0x09, 0x42, 0x08, 0x18, 0x01,
+	0xb8, 0xee, 0xf2, 0xd2, 0x05, 0x01, 0x52, 0x0b, 0x61, 0x6c, 0x6c, 0x6f, 0x77, 0x4f, 0x72, 0x69,
+	0x67, 0x69, 0x6e, 0x12, 0x3d, 0x0a, 0x12, 0x61, 0x6c, 0x6c, 0x6f, 0x77, 0x5f, 0x6f, 0x72, 0x69,
+	0x67, 0x69, 0x6e, 0x5f, 0x72, 0x65, 0x67, 0x65, 0x78, 0x18, 0x08, 0x20, 0x03, 0x28, 0x09, 0x42,
+	0x0f, 0x18, 0x01, 0xfa, 0x42, 0x0a, 0x92, 0x01, 0x07, 0x22, 0x05, 0x72, 0x03, 0x28, 0x80, 0x08,
+	0x52, 0x10, 0x61, 0x6c, 0x6c, 0x6f, 0x77, 0x4f, 0x72, 0x69, 0x67, 0x69, 0x6e, 0x52, 0x65, 0x67,
+	0x65, 0x78, 0x12, 0x5c, 0x0a, 0x19, 0x61, 0x6c, 0x6c, 0x6f, 0x77, 0x5f, 0x6f, 0x72, 0x69, 0x67,
+	0x69, 0x6e, 0x5f, 0x73, 0x74, 0x72, 0x69, 0x6e, 0x67, 0x5f, 0x6d, 0x61, 0x74, 0x63, 0x68, 0x18,
+	0x0b, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x21, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x74, 0x79,
+	0x70, 0x65, 0x2e, 0x6d, 0x61, 0x74, 0x63, 0x68, 0x65, 0x72, 0x2e, 0x53, 0x74, 0x72, 0x69, 0x6e,
+	0x67, 0x4d, 0x61, 0x74, 0x63, 0x68, 0x65, 0x72, 0x52, 0x16, 0x61, 0x6c, 0x6c, 0x6f, 0x77, 0x4f,
+	0x72, 0x69, 0x67, 0x69, 0x6e, 0x53, 0x74, 0x72, 0x69, 0x6e, 0x67, 0x4d, 0x61, 0x74, 0x63, 0x68,
+	0x12, 0x23, 0x0a, 0x0d, 0x61, 0x6c, 0x6c, 0x6f, 0x77, 0x5f, 0x6d, 0x65, 0x74, 0x68, 0x6f, 0x64,
+	0x73, 0x18, 0x02, 0x20, 0x01, 0x28, 0x09, 0x52, 0x0c, 0x61, 0x6c, 0x6c, 0x6f, 0x77, 0x4d, 0x65,
+	0x74, 0x68, 0x6f, 0x64, 0x73, 0x12, 0x23, 0x0a, 0x0d, 0x61, 0x6c, 0x6c, 0x6f, 0x77, 0x5f, 0x68,
+	0x65, 0x61, 0x64, 0x65, 0x72, 0x73, 0x18, 0x03, 0x20, 0x01, 0x28, 0x09, 0x52, 0x0c, 0x61, 0x6c,
+	0x6c, 0x6f, 0x77, 0x48, 0x65, 0x61, 0x64, 0x65, 0x72, 0x73, 0x12, 0x25, 0x0a, 0x0e, 0x65, 0x78,
+	0x70, 0x6f, 0x73, 0x65, 0x5f, 0x68, 0x65, 0x61, 0x64, 0x65, 0x72, 0x73, 0x18, 0x04, 0x20, 0x01,
+	0x28, 0x09, 0x52, 0x0d, 0x65, 0x78, 0x70, 0x6f, 0x73, 0x65, 0x48, 0x65, 0x61, 0x64, 0x65, 0x72,
+	0x73, 0x12, 0x17, 0x0a, 0x07, 0x6d, 0x61, 0x78, 0x5f, 0x61, 0x67, 0x65, 0x18, 0x05, 0x20, 0x01,
+	0x28, 0x09, 0x52, 0x06, 0x6d, 0x61, 0x78, 0x41, 0x67, 0x65, 0x12, 0x47, 0x0a, 0x11, 0x61, 0x6c,
+	0x6c, 0x6f, 0x77, 0x5f, 0x63, 0x72, 0x65, 0x64, 0x65, 0x6e, 0x74, 0x69, 0x61, 0x6c, 0x73, 0x18,
+	0x06, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1a, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70,
+	0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x42, 0x6f, 0x6f, 0x6c, 0x56, 0x61, 0x6c, 0x75,
+	0x65, 0x52, 0x10, 0x61, 0x6c, 0x6c, 0x6f, 0x77, 0x43, 0x72, 0x65, 0x64, 0x65, 0x6e, 0x74, 0x69,
+	0x61, 0x6c, 0x73, 0x12, 0x40, 0x0a, 0x07, 0x65, 0x6e, 0x61, 0x62, 0x6c, 0x65, 0x64, 0x18, 0x07,
+	0x20, 0x01, 0x28, 0x0b, 0x32, 0x1a, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72,
+	0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x42, 0x6f, 0x6f, 0x6c, 0x56, 0x61, 0x6c, 0x75, 0x65,
+	0x42, 0x08, 0x18, 0x01, 0xb8, 0xee, 0xf2, 0xd2, 0x05, 0x01, 0x48, 0x00, 0x52, 0x07, 0x65, 0x6e,
+	0x61, 0x62, 0x6c, 0x65, 0x64, 0x12, 0x54, 0x0a, 0x0e, 0x66, 0x69, 0x6c, 0x74, 0x65, 0x72, 0x5f,
+	0x65, 0x6e, 0x61, 0x62, 0x6c, 0x65, 0x64, 0x18, 0x09, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x2b, 0x2e,
+	0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x76, 0x32, 0x2e, 0x63, 0x6f, 0x72,
+	0x65, 0x2e, 0x52, 0x75, 0x6e, 0x74, 0x69, 0x6d, 0x65, 0x46, 0x72, 0x61, 0x63, 0x74, 0x69, 0x6f,
+	0x6e, 0x61, 0x6c, 0x50, 0x65, 0x72, 0x63, 0x65, 0x6e, 0x74, 0x48, 0x00, 0x52, 0x0d, 0x66, 0x69,
+	0x6c, 0x74, 0x65, 0x72, 0x45, 0x6e, 0x61, 0x62, 0x6c, 0x65, 0x64, 0x12, 0x52, 0x0a, 0x0e, 0x73,
+	0x68, 0x61, 0x64, 0x6f, 0x77, 0x5f, 0x65, 0x6e, 0x61, 0x62, 0x6c, 0x65, 0x64, 0x18, 0x0a, 0x20,
+	0x01, 0x28, 0x0b, 0x32, 0x2b, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61, 0x70, 0x69, 0x2e,
+	0x76, 0x32, 0x2e, 0x63, 0x6f, 0x72, 0x65, 0x2e, 0x52, 0x75, 0x6e, 0x74, 0x69, 0x6d, 0x65, 0x46,
+	0x72, 0x61, 0x63, 0x74, 0x69, 0x6f, 0x6e, 0x61, 0x6c, 0x50, 0x65, 0x72, 0x63, 0x65, 0x6e, 0x74,
+	0x52, 0x0d, 0x73, 0x68, 0x61, 0x64, 0x6f, 0x77, 0x45, 0x6e, 0x61, 0x62, 0x6c, 0x65, 0x64, 0x42,
+	0x13, 0x0a, 0x11, 0x65, 0x6e, 0x61, 0x62, 0x6c, 0x65, 0x64, 0x5f, 0x73, 0x70, 0x65, 0x63, 0x69,
+	0x66, 0x69, 0x65, 0x72, 0x22, 0xfb, 0x1b, 0x0a, 0x0b, 0x52, 0x6f, 0x75, 0x74, 0x65, 0x41, 0x63,
+	0x74, 0x69, 0x6f, 0x6e, 0x12, 0x23, 0x0a, 0x07, 0x63, 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0x18,
+	0x01, 0x20, 0x01, 0x28, 0x09, 0x42, 0x07, 0xfa, 0x42, 0x04, 0x72, 0x02, 0x20, 0x01, 0x48, 0x00,
+	0x52, 0x07, 0x63, 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0x12, 0x36, 0x0a, 0x0e, 0x63, 0x6c, 0x75,
+	0x73, 0x74, 0x65, 0x72, 0x5f, 0x68, 0x65, 0x61, 0x64, 0x65, 0x72, 0x18, 0x02, 0x20, 0x01, 0x28,
+	0x09, 0x42, 0x0d, 0xfa, 0x42, 0x0a, 0x72, 0x08, 0x20, 0x01, 0xc0, 0x01, 0x01, 0xc8, 0x01, 0x00,
+	0x48, 0x00, 0x52, 0x0d, 0x63, 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0x48, 0x65, 0x61, 0x64, 0x65,
+	0x72, 0x12, 0x52, 0x0a, 0x11, 0x77, 0x65, 0x69, 0x67, 0x68, 0x74, 0x65, 0x64, 0x5f, 0x63, 0x6c,
+	0x75, 0x73, 0x74, 0x65, 0x72, 0x73, 0x18, 0x03, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x23, 0x2e, 0x65,
+	0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x76, 0x32, 0x2e, 0x72, 0x6f, 0x75, 0x74,
+	0x65, 0x2e, 0x57, 0x65, 0x69, 0x67, 0x68, 0x74, 0x65, 0x64, 0x43, 0x6c, 0x75, 0x73, 0x74, 0x65,
+	0x72, 0x48, 0x00, 0x52, 0x10, 0x77, 0x65, 0x69, 0x67, 0x68, 0x74, 0x65, 0x64, 0x43, 0x6c, 0x75,
+	0x73, 0x74, 0x65, 0x72, 0x73, 0x12, 0x8b, 0x01, 0x0a, 0x1f, 0x63, 0x6c, 0x75, 0x73, 0x74, 0x65,
+	0x72, 0x5f, 0x6e, 0x6f, 0x74, 0x5f, 0x66, 0x6f, 0x75, 0x6e, 0x64, 0x5f, 0x72, 0x65, 0x73, 0x70,
+	0x6f, 0x6e, 0x73, 0x65, 0x5f, 0x63, 0x6f, 0x64, 0x65, 0x18, 0x14, 0x20, 0x01, 0x28, 0x0e, 0x32,
+	0x3b, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x76, 0x32, 0x2e, 0x72,
+	0x6f, 0x75, 0x74, 0x65, 0x2e, 0x52, 0x6f, 0x75, 0x74, 0x65, 0x41, 0x63, 0x74, 0x69, 0x6f, 0x6e,
+	0x2e, 0x43, 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0x4e, 0x6f, 0x74, 0x46, 0x6f, 0x75, 0x6e, 0x64,
+	0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x43, 0x6f, 0x64, 0x65, 0x42, 0x08, 0xfa, 0x42,
+	0x05, 0x82, 0x01, 0x02, 0x10, 0x01, 0x52, 0x1b, 0x63, 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0x4e,
+	0x6f, 0x74, 0x46, 0x6f, 0x75, 0x6e, 0x64, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x43,
+	0x6f, 0x64, 0x65, 0x12, 0x42, 0x0a, 0x0e, 0x6d, 0x65, 0x74, 0x61, 0x64, 0x61, 0x74, 0x61, 0x5f,
+	0x6d, 0x61, 0x74, 0x63, 0x68, 0x18, 0x04, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1b, 0x2e, 0x65, 0x6e,
+	0x76, 0x6f, 0x79, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x76, 0x32, 0x2e, 0x63, 0x6f, 0x72, 0x65, 0x2e,
+	0x4d, 0x65, 0x74, 0x61, 0x64, 0x61, 0x74, 0x61, 0x52, 0x0d, 0x6d, 0x65, 0x74, 0x61, 0x64, 0x61,
+	0x74, 0x61, 0x4d, 0x61, 0x74, 0x63, 0x68, 0x12, 0x32, 0x0a, 0x0e, 0x70, 0x72, 0x65, 0x66, 0x69,
+	0x78, 0x5f, 0x72, 0x65, 0x77, 0x72, 0x69, 0x74, 0x65, 0x18, 0x05, 0x20, 0x01, 0x28, 0x09, 0x42,
+	0x0b, 0xfa, 0x42, 0x08, 0x72, 0x06, 0xc0, 0x01, 0x02, 0xc8, 0x01, 0x00, 0x52, 0x0d, 0x70, 0x72,
+	0x65, 0x66, 0x69, 0x78, 0x52, 0x65, 0x77, 0x72, 0x69, 0x74, 0x65, 0x12, 0x50, 0x0a, 0x0d, 0x72,
+	0x65, 0x67, 0x65, 0x78, 0x5f, 0x72, 0x65, 0x77, 0x72, 0x69, 0x74, 0x65, 0x18, 0x20, 0x20, 0x01,
+	0x28, 0x0b, 0x32, 0x2b, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x74, 0x79, 0x70, 0x65, 0x2e,
+	0x6d, 0x61, 0x74, 0x63, 0x68, 0x65, 0x72, 0x2e, 0x52, 0x65, 0x67, 0x65, 0x78, 0x4d, 0x61, 0x74,
+	0x63, 0x68, 0x41, 0x6e, 0x64, 0x53, 0x75, 0x62, 0x73, 0x74, 0x69, 0x74, 0x75, 0x74, 0x65, 0x52,
+	0x0c, 0x72, 0x65, 0x67, 0x65, 0x78, 0x52, 0x65, 0x77, 0x72, 0x69, 0x74, 0x65, 0x12, 0x4c, 0x0a,
+	0x0c, 0x68, 0x6f, 0x73, 0x74, 0x5f, 0x72, 0x65, 0x77, 0x72, 0x69, 0x74, 0x65, 0x18, 0x06, 0x20,
+	0x01, 0x28, 0x09, 0x42, 0x27, 0xfa, 0x42, 0x08, 0x72, 0x06, 0xc0, 0x01, 0x02, 0xc8, 0x01, 0x00,
+	0xf2, 0x98, 0xfe, 0x8f, 0x05, 0x16, 0x0a, 0x14, 0x68, 0x6f, 0x73, 0x74, 0x5f, 0x72, 0x65, 0x77,
+	0x72, 0x69, 0x74, 0x65, 0x5f, 0x6c, 0x69, 0x74, 0x65, 0x72, 0x61, 0x6c, 0x48, 0x01, 0x52, 0x0b,
+	0x68, 0x6f, 0x73, 0x74, 0x52, 0x65, 0x77, 0x72, 0x69, 0x74, 0x65, 0x12, 0x48, 0x0a, 0x11, 0x61,
+	0x75, 0x74, 0x6f, 0x5f, 0x68, 0x6f, 0x73, 0x74, 0x5f, 0x72, 0x65, 0x77, 0x72, 0x69, 0x74, 0x65,
+	0x18, 0x07, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1a, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e,
+	0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x42, 0x6f, 0x6f, 0x6c, 0x56, 0x61, 0x6c,
+	0x75, 0x65, 0x48, 0x01, 0x52, 0x0f, 0x61, 0x75, 0x74, 0x6f, 0x48, 0x6f, 0x73, 0x74, 0x52, 0x65,
+	0x77, 0x72, 0x69, 0x74, 0x65, 0x12, 0x61, 0x0a, 0x18, 0x61, 0x75, 0x74, 0x6f, 0x5f, 0x68, 0x6f,
+	0x73, 0x74, 0x5f, 0x72, 0x65, 0x77, 0x72, 0x69, 0x74, 0x65, 0x5f, 0x68, 0x65, 0x61, 0x64, 0x65,
+	0x72, 0x18, 0x1d, 0x20, 0x01, 0x28, 0x09, 0x42, 0x26, 0xfa, 0x42, 0x08, 0x72, 0x06, 0xc0, 0x01,
+	0x01, 0xc8, 0x01, 0x00, 0xf2, 0x98, 0xfe, 0x8f, 0x05, 0x15, 0x0a, 0x13, 0x68, 0x6f, 0x73, 0x74,
+	0x5f, 0x72, 0x65, 0x77, 0x72, 0x69, 0x74, 0x65, 0x5f, 0x68, 0x65, 0x61, 0x64, 0x65, 0x72, 0x48,
+	0x01, 0x52, 0x15, 0x61, 0x75, 0x74, 0x6f, 0x48, 0x6f, 0x73, 0x74, 0x52, 0x65, 0x77, 0x72, 0x69,
+	0x74, 0x65, 0x48, 0x65, 0x61, 0x64, 0x65, 0x72, 0x12, 0x33, 0x0a, 0x07, 0x74, 0x69, 0x6d, 0x65,
+	0x6f, 0x75, 0x74, 0x18, 0x08, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x19, 0x2e, 0x67, 0x6f, 0x6f, 0x67,
+	0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x44, 0x75, 0x72, 0x61,
+	0x74, 0x69, 0x6f, 0x6e, 0x52, 0x07, 0x74, 0x69, 0x6d, 0x65, 0x6f, 0x75, 0x74, 0x12, 0x3c, 0x0a,
+	0x0c, 0x69, 0x64, 0x6c, 0x65, 0x5f, 0x74, 0x69, 0x6d, 0x65, 0x6f, 0x75, 0x74, 0x18, 0x18, 0x20,
+	0x01, 0x28, 0x0b, 0x32, 0x19, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f,
+	0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x44, 0x75, 0x72, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x52, 0x0b,
+	0x69, 0x64, 0x6c, 0x65, 0x54, 0x69, 0x6d, 0x65, 0x6f, 0x75, 0x74, 0x12, 0x42, 0x0a, 0x0c, 0x72,
+	0x65, 0x74, 0x72, 0x79, 0x5f, 0x70, 0x6f, 0x6c, 0x69, 0x63, 0x79, 0x18, 0x09, 0x20, 0x01, 0x28,
+	0x0b, 0x32, 0x1f, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x76, 0x32,
+	0x2e, 0x72, 0x6f, 0x75, 0x74, 0x65, 0x2e, 0x52, 0x65, 0x74, 0x72, 0x79, 0x50, 0x6f, 0x6c, 0x69,
+	0x63, 0x79, 0x52, 0x0b, 0x72, 0x65, 0x74, 0x72, 0x79, 0x50, 0x6f, 0x6c, 0x69, 0x63, 0x79, 0x12,
+	0x4f, 0x0a, 0x19, 0x72, 0x65, 0x74, 0x72, 0x79, 0x5f, 0x70, 0x6f, 0x6c, 0x69, 0x63, 0x79, 0x5f,
+	0x74, 0x79, 0x70, 0x65, 0x64, 0x5f, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x18, 0x21, 0x20, 0x01,
+	0x28, 0x0b, 0x32, 0x14, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74,
+	0x6f, 0x62, 0x75, 0x66, 0x2e, 0x41, 0x6e, 0x79, 0x52, 0x16, 0x72, 0x65, 0x74, 0x72, 0x79, 0x50,
+	0x6f, 0x6c, 0x69, 0x63, 0x79, 0x54, 0x79, 0x70, 0x65, 0x64, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67,
+	0x12, 0x6b, 0x0a, 0x15, 0x72, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x5f, 0x6d, 0x69, 0x72, 0x72,
+	0x6f, 0x72, 0x5f, 0x70, 0x6f, 0x6c, 0x69, 0x63, 0x79, 0x18, 0x0a, 0x20, 0x01, 0x28, 0x0b, 0x32,
+	0x33, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x76, 0x32, 0x2e, 0x72,
+	0x6f, 0x75, 0x74, 0x65, 0x2e, 0x52, 0x6f, 0x75, 0x74, 0x65, 0x41, 0x63, 0x74, 0x69, 0x6f, 0x6e,
+	0x2e, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x4d, 0x69, 0x72, 0x72, 0x6f, 0x72, 0x50, 0x6f,
+	0x6c, 0x69, 0x63, 0x79, 0x42, 0x02, 0x18, 0x01, 0x52, 0x13, 0x72, 0x65, 0x71, 0x75, 0x65, 0x73,
+	0x74, 0x4d, 0x69, 0x72, 0x72, 0x6f, 0x72, 0x50, 0x6f, 0x6c, 0x69, 0x63, 0x79, 0x12, 0x6b, 0x0a,
+	0x17, 0x72, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x5f, 0x6d, 0x69, 0x72, 0x72, 0x6f, 0x72, 0x5f,
+	0x70, 0x6f, 0x6c, 0x69, 0x63, 0x69, 0x65, 0x73, 0x18, 0x1e, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x33,
+	0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x76, 0x32, 0x2e, 0x72, 0x6f,
+	0x75, 0x74, 0x65, 0x2e, 0x52, 0x6f, 0x75, 0x74, 0x65, 0x41, 0x63, 0x74, 0x69, 0x6f, 0x6e, 0x2e,
+	0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x4d, 0x69, 0x72, 0x72, 0x6f, 0x72, 0x50, 0x6f, 0x6c,
+	0x69, 0x63, 0x79, 0x52, 0x15, 0x72, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x4d, 0x69, 0x72, 0x72,
+	0x6f, 0x72, 0x50, 0x6f, 0x6c, 0x69, 0x63, 0x69, 0x65, 0x73, 0x12, 0x48, 0x0a, 0x08, 0x70, 0x72,
+	0x69, 0x6f, 0x72, 0x69, 0x74, 0x79, 0x18, 0x0b, 0x20, 0x01, 0x28, 0x0e, 0x32, 0x22, 0x2e, 0x65,
+	0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x76, 0x32, 0x2e, 0x63, 0x6f, 0x72, 0x65,
+	0x2e, 0x52, 0x6f, 0x75, 0x74, 0x69, 0x6e, 0x67, 0x50, 0x72, 0x69, 0x6f, 0x72, 0x69, 0x74, 0x79,
+	0x42, 0x08, 0xfa, 0x42, 0x05, 0x82, 0x01, 0x02, 0x10, 0x01, 0x52, 0x08, 0x70, 0x72, 0x69, 0x6f,
+	0x72, 0x69, 0x74, 0x79, 0x12, 0x3e, 0x0a, 0x0b, 0x72, 0x61, 0x74, 0x65, 0x5f, 0x6c, 0x69, 0x6d,
+	0x69, 0x74, 0x73, 0x18, 0x0d, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x1d, 0x2e, 0x65, 0x6e, 0x76, 0x6f,
+	0x79, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x76, 0x32, 0x2e, 0x72, 0x6f, 0x75, 0x74, 0x65, 0x2e, 0x52,
+	0x61, 0x74, 0x65, 0x4c, 0x69, 0x6d, 0x69, 0x74, 0x52, 0x0a, 0x72, 0x61, 0x74, 0x65, 0x4c, 0x69,
+	0x6d, 0x69, 0x74, 0x73, 0x12, 0x4f, 0x0a, 0x16, 0x69, 0x6e, 0x63, 0x6c, 0x75, 0x64, 0x65, 0x5f,
+	0x76, 0x68, 0x5f, 0x72, 0x61, 0x74, 0x65, 0x5f, 0x6c, 0x69, 0x6d, 0x69, 0x74, 0x73, 0x18, 0x0e,
+	0x20, 0x01, 0x28, 0x0b, 0x32, 0x1a, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72,
+	0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x42, 0x6f, 0x6f, 0x6c, 0x56, 0x61, 0x6c, 0x75, 0x65,
+	0x52, 0x13, 0x69, 0x6e, 0x63, 0x6c, 0x75, 0x64, 0x65, 0x56, 0x68, 0x52, 0x61, 0x74, 0x65, 0x4c,
+	0x69, 0x6d, 0x69, 0x74, 0x73, 0x12, 0x4b, 0x0a, 0x0b, 0x68, 0x61, 0x73, 0x68, 0x5f, 0x70, 0x6f,
+	0x6c, 0x69, 0x63, 0x79, 0x18, 0x0f, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x2a, 0x2e, 0x65, 0x6e, 0x76,
+	0x6f, 0x79, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x76, 0x32, 0x2e, 0x72, 0x6f, 0x75, 0x74, 0x65, 0x2e,
+	0x52, 0x6f, 0x75, 0x74, 0x65, 0x41, 0x63, 0x74, 0x69, 0x6f, 0x6e, 0x2e, 0x48, 0x61, 0x73, 0x68,
+	0x50, 0x6f, 0x6c, 0x69, 0x63, 0x79, 0x52, 0x0a, 0x68, 0x61, 0x73, 0x68, 0x50, 0x6f, 0x6c, 0x69,
+	0x63, 0x79, 0x12, 0x32, 0x0a, 0x04, 0x63, 0x6f, 0x72, 0x73, 0x18, 0x11, 0x20, 0x01, 0x28, 0x0b,
+	0x32, 0x1e, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x76, 0x32, 0x2e,
+	0x72, 0x6f, 0x75, 0x74, 0x65, 0x2e, 0x43, 0x6f, 0x72, 0x73, 0x50, 0x6f, 0x6c, 0x69, 0x63, 0x79,
+	0x52, 0x04, 0x63, 0x6f, 0x72, 0x73, 0x12, 0x43, 0x0a, 0x10, 0x6d, 0x61, 0x78, 0x5f, 0x67, 0x72,
+	0x70, 0x63, 0x5f, 0x74, 0x69, 0x6d, 0x65, 0x6f, 0x75, 0x74, 0x18, 0x17, 0x20, 0x01, 0x28, 0x0b,
+	0x32, 0x19, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62,
+	0x75, 0x66, 0x2e, 0x44, 0x75, 0x72, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x52, 0x0e, 0x6d, 0x61, 0x78,
+	0x47, 0x72, 0x70, 0x63, 0x54, 0x69, 0x6d, 0x65, 0x6f, 0x75, 0x74, 0x12, 0x49, 0x0a, 0x13, 0x67,
+	0x72, 0x70, 0x63, 0x5f, 0x74, 0x69, 0x6d, 0x65, 0x6f, 0x75, 0x74, 0x5f, 0x6f, 0x66, 0x66, 0x73,
+	0x65, 0x74, 0x18, 0x1c, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x19, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c,
+	0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x44, 0x75, 0x72, 0x61, 0x74,
+	0x69, 0x6f, 0x6e, 0x52, 0x11, 0x67, 0x72, 0x70, 0x63, 0x54, 0x69, 0x6d, 0x65, 0x6f, 0x75, 0x74,
+	0x4f, 0x66, 0x66, 0x73, 0x65, 0x74, 0x12, 0x56, 0x0a, 0x0f, 0x75, 0x70, 0x67, 0x72, 0x61, 0x64,
+	0x65, 0x5f, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x73, 0x18, 0x19, 0x20, 0x03, 0x28, 0x0b, 0x32,
+	0x2d, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x76, 0x32, 0x2e, 0x72,
+	0x6f, 0x75, 0x74, 0x65, 0x2e, 0x52, 0x6f, 0x75, 0x74, 0x65, 0x41, 0x63, 0x74, 0x69, 0x6f, 0x6e,
+	0x2e, 0x55, 0x70, 0x67, 0x72, 0x61, 0x64, 0x65, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x52, 0x0e,
+	0x75, 0x70, 0x67, 0x72, 0x61, 0x64, 0x65, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x73, 0x12, 0x70,
+	0x0a, 0x18, 0x69, 0x6e, 0x74, 0x65, 0x72, 0x6e, 0x61, 0x6c, 0x5f, 0x72, 0x65, 0x64, 0x69, 0x72,
+	0x65, 0x63, 0x74, 0x5f, 0x61, 0x63, 0x74, 0x69, 0x6f, 0x6e, 0x18, 0x1a, 0x20, 0x01, 0x28, 0x0e,
+	0x32, 0x36, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x76, 0x32, 0x2e,
+	0x72, 0x6f, 0x75, 0x74, 0x65, 0x2e, 0x52, 0x6f, 0x75, 0x74, 0x65, 0x41, 0x63, 0x74, 0x69, 0x6f,
+	0x6e, 0x2e, 0x49, 0x6e, 0x74, 0x65, 0x72, 0x6e, 0x61, 0x6c, 0x52, 0x65, 0x64, 0x69, 0x72, 0x65,
+	0x63, 0x74, 0x41, 0x63, 0x74, 0x69, 0x6f, 0x6e, 0x52, 0x16, 0x69, 0x6e, 0x74, 0x65, 0x72, 0x6e,
+	0x61, 0x6c, 0x52, 0x65, 0x64, 0x69, 0x72, 0x65, 0x63, 0x74, 0x41, 0x63, 0x74, 0x69, 0x6f, 0x6e,
+	0x12, 0x52, 0x0a, 0x16, 0x6d, 0x61, 0x78, 0x5f, 0x69, 0x6e, 0x74, 0x65, 0x72, 0x6e, 0x61, 0x6c,
+	0x5f, 0x72, 0x65, 0x64, 0x69, 0x72, 0x65, 0x63, 0x74, 0x73, 0x18, 0x1f, 0x20, 0x01, 0x28, 0x0b,
+	0x32, 0x1c, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62,
+	0x75, 0x66, 0x2e, 0x55, 0x49, 0x6e, 0x74, 0x33, 0x32, 0x56, 0x61, 0x6c, 0x75, 0x65, 0x52, 0x14,
+	0x6d, 0x61, 0x78, 0x49, 0x6e, 0x74, 0x65, 0x72, 0x6e, 0x61, 0x6c, 0x52, 0x65, 0x64, 0x69, 0x72,
+	0x65, 0x63, 0x74, 0x73, 0x12, 0x42, 0x0a, 0x0c, 0x68, 0x65, 0x64, 0x67, 0x65, 0x5f, 0x70, 0x6f,
+	0x6c, 0x69, 0x63, 0x79, 0x18, 0x1b, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1f, 0x2e, 0x65, 0x6e, 0x76,
+	0x6f, 0x79, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x76, 0x32, 0x2e, 0x72, 0x6f, 0x75, 0x74, 0x65, 0x2e,
+	0x48, 0x65, 0x64, 0x67, 0x65, 0x50, 0x6f, 0x6c, 0x69, 0x63, 0x79, 0x52, 0x0b, 0x68, 0x65, 0x64,
+	0x67, 0x65, 0x50, 0x6f, 0x6c, 0x69, 0x63, 0x79, 0x1a, 0xfc, 0x01, 0x0a, 0x13, 0x52, 0x65, 0x71,
+	0x75, 0x65, 0x73, 0x74, 0x4d, 0x69, 0x72, 0x72, 0x6f, 0x72, 0x50, 0x6f, 0x6c, 0x69, 0x63, 0x79,
+	0x12, 0x21, 0x0a, 0x07, 0x63, 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0x18, 0x01, 0x20, 0x01, 0x28,
+	0x09, 0x42, 0x07, 0xfa, 0x42, 0x04, 0x72, 0x02, 0x20, 0x01, 0x52, 0x07, 0x63, 0x6c, 0x75, 0x73,
+	0x74, 0x65, 0x72, 0x12, 0x29, 0x0a, 0x0b, 0x72, 0x75, 0x6e, 0x74, 0x69, 0x6d, 0x65, 0x5f, 0x6b,
+	0x65, 0x79, 0x18, 0x02, 0x20, 0x01, 0x28, 0x09, 0x42, 0x08, 0x18, 0x01, 0xb8, 0xee, 0xf2, 0xd2,
+	0x05, 0x01, 0x52, 0x0a, 0x72, 0x75, 0x6e, 0x74, 0x69, 0x6d, 0x65, 0x4b, 0x65, 0x79, 0x12, 0x56,
+	0x0a, 0x10, 0x72, 0x75, 0x6e, 0x74, 0x69, 0x6d, 0x65, 0x5f, 0x66, 0x72, 0x61, 0x63, 0x74, 0x69,
+	0x6f, 0x6e, 0x18, 0x03, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x2b, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79,
+	0x2e, 0x61, 0x70, 0x69, 0x2e, 0x76, 0x32, 0x2e, 0x63, 0x6f, 0x72, 0x65, 0x2e, 0x52, 0x75, 0x6e,
+	0x74, 0x69, 0x6d, 0x65, 0x46, 0x72, 0x61, 0x63, 0x74, 0x69, 0x6f, 0x6e, 0x61, 0x6c, 0x50, 0x65,
+	0x72, 0x63, 0x65, 0x6e, 0x74, 0x52, 0x0f, 0x72, 0x75, 0x6e, 0x74, 0x69, 0x6d, 0x65, 0x46, 0x72,
+	0x61, 0x63, 0x74, 0x69, 0x6f, 0x6e, 0x12, 0x3f, 0x0a, 0x0d, 0x74, 0x72, 0x61, 0x63, 0x65, 0x5f,
+	0x73, 0x61, 0x6d, 0x70, 0x6c, 0x65, 0x64, 0x18, 0x04, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1a, 0x2e,
+	0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e,
+	0x42, 0x6f, 0x6f, 0x6c, 0x56, 0x61, 0x6c, 0x75, 0x65, 0x52, 0x0c, 0x74, 0x72, 0x61, 0x63, 0x65,
+	0x53, 0x61, 0x6d, 0x70, 0x6c, 0x65, 0x64, 0x1a, 0xc6, 0x06, 0x0a, 0x0a, 0x48, 0x61, 0x73, 0x68,
+	0x50, 0x6f, 0x6c, 0x69, 0x63, 0x79, 0x12, 0x4b, 0x0a, 0x06, 0x68, 0x65, 0x61, 0x64, 0x65, 0x72,
+	0x18, 0x01, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x31, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61,
+	0x70, 0x69, 0x2e, 0x76, 0x32, 0x2e, 0x72, 0x6f, 0x75, 0x74, 0x65, 0x2e, 0x52, 0x6f, 0x75, 0x74,
+	0x65, 0x41, 0x63, 0x74, 0x69, 0x6f, 0x6e, 0x2e, 0x48, 0x61, 0x73, 0x68, 0x50, 0x6f, 0x6c, 0x69,
+	0x63, 0x79, 0x2e, 0x48, 0x65, 0x61, 0x64, 0x65, 0x72, 0x48, 0x00, 0x52, 0x06, 0x68, 0x65, 0x61,
+	0x64, 0x65, 0x72, 0x12, 0x4b, 0x0a, 0x06, 0x63, 0x6f, 0x6f, 0x6b, 0x69, 0x65, 0x18, 0x02, 0x20,
+	0x01, 0x28, 0x0b, 0x32, 0x31, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61, 0x70, 0x69, 0x2e,
+	0x76, 0x32, 0x2e, 0x72, 0x6f, 0x75, 0x74, 0x65, 0x2e, 0x52, 0x6f, 0x75, 0x74, 0x65, 0x41, 0x63,
+	0x74, 0x69, 0x6f, 0x6e, 0x2e, 0x48, 0x61, 0x73, 0x68, 0x50, 0x6f, 0x6c, 0x69, 0x63, 0x79, 0x2e,
+	0x43, 0x6f, 0x6f, 0x6b, 0x69, 0x65, 0x48, 0x00, 0x52, 0x06, 0x63, 0x6f, 0x6f, 0x6b, 0x69, 0x65,
+	0x12, 0x76, 0x0a, 0x15, 0x63, 0x6f, 0x6e, 0x6e, 0x65, 0x63, 0x74, 0x69, 0x6f, 0x6e, 0x5f, 0x70,
+	0x72, 0x6f, 0x70, 0x65, 0x72, 0x74, 0x69, 0x65, 0x73, 0x18, 0x03, 0x20, 0x01, 0x28, 0x0b, 0x32,
+	0x3f, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x76, 0x32, 0x2e, 0x72,
+	0x6f, 0x75, 0x74, 0x65, 0x2e, 0x52, 0x6f, 0x75, 0x74, 0x65, 0x41, 0x63, 0x74, 0x69, 0x6f, 0x6e,
+	0x2e, 0x48, 0x61, 0x73, 0x68, 0x50, 0x6f, 0x6c, 0x69, 0x63, 0x79, 0x2e, 0x43, 0x6f, 0x6e, 0x6e,
+	0x65, 0x63, 0x74, 0x69, 0x6f, 0x6e, 0x50, 0x72, 0x6f, 0x70, 0x65, 0x72, 0x74, 0x69, 0x65, 0x73,
+	0x48, 0x00, 0x52, 0x14, 0x63, 0x6f, 0x6e, 0x6e, 0x65, 0x63, 0x74, 0x69, 0x6f, 0x6e, 0x50, 0x72,
+	0x6f, 0x70, 0x65, 0x72, 0x74, 0x69, 0x65, 0x73, 0x12, 0x64, 0x0a, 0x0f, 0x71, 0x75, 0x65, 0x72,
+	0x79, 0x5f, 0x70, 0x61, 0x72, 0x61, 0x6d, 0x65, 0x74, 0x65, 0x72, 0x18, 0x05, 0x20, 0x01, 0x28,
+	0x0b, 0x32, 0x39, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x76, 0x32,
+	0x2e, 0x72, 0x6f, 0x75, 0x74, 0x65, 0x2e, 0x52, 0x6f, 0x75, 0x74, 0x65, 0x41, 0x63, 0x74, 0x69,
+	0x6f, 0x6e, 0x2e, 0x48, 0x61, 0x73, 0x68, 0x50, 0x6f, 0x6c, 0x69, 0x63, 0x79, 0x2e, 0x51, 0x75,
+	0x65, 0x72, 0x79, 0x50, 0x61, 0x72, 0x61, 0x6d, 0x65, 0x74, 0x65, 0x72, 0x48, 0x00, 0x52, 0x0e,
+	0x71, 0x75, 0x65, 0x72, 0x79, 0x50, 0x61, 0x72, 0x61, 0x6d, 0x65, 0x74, 0x65, 0x72, 0x12, 0x5b,
+	0x0a, 0x0c, 0x66, 0x69, 0x6c, 0x74, 0x65, 0x72, 0x5f, 0x73, 0x74, 0x61, 0x74, 0x65, 0x18, 0x06,
+	0x20, 0x01, 0x28, 0x0b, 0x32, 0x36, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61, 0x70, 0x69,
+	0x2e, 0x76, 0x32, 0x2e, 0x72, 0x6f, 0x75, 0x74, 0x65, 0x2e, 0x52, 0x6f, 0x75, 0x74, 0x65, 0x41,
+	0x63, 0x74, 0x69, 0x6f, 0x6e, 0x2e, 0x48, 0x61, 0x73, 0x68, 0x50, 0x6f, 0x6c, 0x69, 0x63, 0x79,
+	0x2e, 0x46, 0x69, 0x6c, 0x74, 0x65, 0x72, 0x53, 0x74, 0x61, 0x74, 0x65, 0x48, 0x00, 0x52, 0x0b,
+	0x66, 0x69, 0x6c, 0x74, 0x65, 0x72, 0x53, 0x74, 0x61, 0x74, 0x65, 0x12, 0x1a, 0x0a, 0x08, 0x74,
+	0x65, 0x72, 0x6d, 0x69, 0x6e, 0x61, 0x6c, 0x18, 0x04, 0x20, 0x01, 0x28, 0x08, 0x52, 0x08, 0x74,
+	0x65, 0x72, 0x6d, 0x69, 0x6e, 0x61, 0x6c, 0x1a, 0x38, 0x0a, 0x06, 0x48, 0x65, 0x61, 0x64, 0x65,
+	0x72, 0x12, 0x2e, 0x0a, 0x0b, 0x68, 0x65, 0x61, 0x64, 0x65, 0x72, 0x5f, 0x6e, 0x61, 0x6d, 0x65,
+	0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x42, 0x0d, 0xfa, 0x42, 0x0a, 0x72, 0x08, 0x20, 0x01, 0xc0,
+	0x01, 0x01, 0xc8, 0x01, 0x00, 0x52, 0x0a, 0x68, 0x65, 0x61, 0x64, 0x65, 0x72, 0x4e, 0x61, 0x6d,
+	0x65, 0x1a, 0x66, 0x0a, 0x06, 0x43, 0x6f, 0x6f, 0x6b, 0x69, 0x65, 0x12, 0x1b, 0x0a, 0x04, 0x6e,
+	0x61, 0x6d, 0x65, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x42, 0x07, 0xfa, 0x42, 0x04, 0x72, 0x02,
+	0x20, 0x01, 0x52, 0x04, 0x6e, 0x61, 0x6d, 0x65, 0x12, 0x2b, 0x0a, 0x03, 0x74, 0x74, 0x6c, 0x18,
+	0x02, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x19, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70,
+	0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x44, 0x75, 0x72, 0x61, 0x74, 0x69, 0x6f, 0x6e,
+	0x52, 0x03, 0x74, 0x74, 0x6c, 0x12, 0x12, 0x0a, 0x04, 0x70, 0x61, 0x74, 0x68, 0x18, 0x03, 0x20,
+	0x01, 0x28, 0x09, 0x52, 0x04, 0x70, 0x61, 0x74, 0x68, 0x1a, 0x33, 0x0a, 0x14, 0x43, 0x6f, 0x6e,
+	0x6e, 0x65, 0x63, 0x74, 0x69, 0x6f, 0x6e, 0x50, 0x72, 0x6f, 0x70, 0x65, 0x72, 0x74, 0x69, 0x65,
+	0x73, 0x12, 0x1b, 0x0a, 0x09, 0x73, 0x6f, 0x75, 0x72, 0x63, 0x65, 0x5f, 0x69, 0x70, 0x18, 0x01,
+	0x20, 0x01, 0x28, 0x08, 0x52, 0x08, 0x73, 0x6f, 0x75, 0x72, 0x63, 0x65, 0x49, 0x70, 0x1a, 0x2d,
+	0x0a, 0x0e, 0x51, 0x75, 0x65, 0x72, 0x79, 0x50, 0x61, 0x72, 0x61, 0x6d, 0x65, 0x74, 0x65, 0x72,
+	0x12, 0x1b, 0x0a, 0x04, 0x6e, 0x61, 0x6d, 0x65, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x42, 0x07,
+	0xfa, 0x42, 0x04, 0x72, 0x02, 0x20, 0x01, 0x52, 0x04, 0x6e, 0x61, 0x6d, 0x65, 0x1a, 0x28, 0x0a,
+	0x0b, 0x46, 0x69, 0x6c, 0x74, 0x65, 0x72, 0x53, 0x74, 0x61, 0x74, 0x65, 0x12, 0x19, 0x0a, 0x03,
+	0x6b, 0x65, 0x79, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x42, 0x07, 0xfa, 0x42, 0x04, 0x72, 0x02,
+	0x20, 0x01, 0x52, 0x03, 0x6b, 0x65, 0x79, 0x42, 0x17, 0x0a, 0x10, 0x70, 0x6f, 0x6c, 0x69, 0x63,
+	0x79, 0x5f, 0x73, 0x70, 0x65, 0x63, 0x69, 0x66, 0x69, 0x65, 0x72, 0x12, 0x03, 0xf8, 0x42, 0x01,
+	0x1a, 0x75, 0x0a, 0x0d, 0x55, 0x70, 0x67, 0x72, 0x61, 0x64, 0x65, 0x43, 0x6f, 0x6e, 0x66, 0x69,
+	0x67, 0x12, 0x2e, 0x0a, 0x0c, 0x75, 0x70, 0x67, 0x72, 0x61, 0x64, 0x65, 0x5f, 0x74, 0x79, 0x70,
+	0x65, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x42, 0x0b, 0xfa, 0x42, 0x08, 0x72, 0x06, 0xc0, 0x01,
+	0x02, 0xc8, 0x01, 0x00, 0x52, 0x0b, 0x75, 0x70, 0x67, 0x72, 0x61, 0x64, 0x65, 0x54, 0x79, 0x70,
+	0x65, 0x12, 0x34, 0x0a, 0x07, 0x65, 0x6e, 0x61, 0x62, 0x6c, 0x65, 0x64, 0x18, 0x02, 0x20, 0x01,
+	0x28, 0x0b, 0x32, 0x1a, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74,
+	0x6f, 0x62, 0x75, 0x66, 0x2e, 0x42, 0x6f, 0x6f, 0x6c, 0x56, 0x61, 0x6c, 0x75, 0x65, 0x52, 0x07,
+	0x65, 0x6e, 0x61, 0x62, 0x6c, 0x65, 0x64, 0x22, 0x45, 0x0a, 0x1b, 0x43, 0x6c, 0x75, 0x73, 0x74,
+	0x65, 0x72, 0x4e, 0x6f, 0x74, 0x46, 0x6f, 0x75, 0x6e, 0x64, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e,
+	0x73, 0x65, 0x43, 0x6f, 0x64, 0x65, 0x12, 0x17, 0x0a, 0x13, 0x53, 0x45, 0x52, 0x56, 0x49, 0x43,
+	0x45, 0x5f, 0x55, 0x4e, 0x41, 0x56, 0x41, 0x49, 0x4c, 0x41, 0x42, 0x4c, 0x45, 0x10, 0x00, 0x12,
+	0x0d, 0x0a, 0x09, 0x4e, 0x4f, 0x54, 0x5f, 0x46, 0x4f, 0x55, 0x4e, 0x44, 0x10, 0x01, 0x22, 0x5a,
+	0x0a, 0x16, 0x49, 0x6e, 0x74, 0x65, 0x72, 0x6e, 0x61, 0x6c, 0x52, 0x65, 0x64, 0x69, 0x72, 0x65,
+	0x63, 0x74, 0x41, 0x63, 0x74, 0x69, 0x6f, 0x6e, 0x12, 0x22, 0x0a, 0x1e, 0x50, 0x41, 0x53, 0x53,
+	0x5f, 0x54, 0x48, 0x52, 0x4f, 0x55, 0x47, 0x48, 0x5f, 0x49, 0x4e, 0x54, 0x45, 0x52, 0x4e, 0x41,
+	0x4c, 0x5f, 0x52, 0x45, 0x44, 0x49, 0x52, 0x45, 0x43, 0x54, 0x10, 0x00, 0x12, 0x1c, 0x0a, 0x18,
+	0x48, 0x41, 0x4e, 0x44, 0x4c, 0x45, 0x5f, 0x49, 0x4e, 0x54, 0x45, 0x52, 0x4e, 0x41, 0x4c, 0x5f,
+	0x52, 0x45, 0x44, 0x49, 0x52, 0x45, 0x43, 0x54, 0x10, 0x01, 0x42, 0x18, 0x0a, 0x11, 0x63, 0x6c,
+	0x75, 0x73, 0x74, 0x65, 0x72, 0x5f, 0x73, 0x70, 0x65, 0x63, 0x69, 0x66, 0x69, 0x65, 0x72, 0x12,
+	0x03, 0xf8, 0x42, 0x01, 0x42, 0x18, 0x0a, 0x16, 0x68, 0x6f, 0x73, 0x74, 0x5f, 0x72, 0x65, 0x77,
+	0x72, 0x69, 0x74, 0x65, 0x5f, 0x73, 0x70, 0x65, 0x63, 0x69, 0x66, 0x69, 0x65, 0x72, 0x4a, 0x04,
+	0x08, 0x0c, 0x10, 0x0d, 0x4a, 0x04, 0x08, 0x12, 0x10, 0x13, 0x4a, 0x04, 0x08, 0x13, 0x10, 0x14,
+	0x4a, 0x04, 0x08, 0x10, 0x10, 0x11, 0x4a, 0x04, 0x08, 0x16, 0x10, 0x17, 0x4a, 0x04, 0x08, 0x15,
+	0x10, 0x16, 0x22, 0xf3, 0x09, 0x0a, 0x0b, 0x52, 0x65, 0x74, 0x72, 0x79, 0x50, 0x6f, 0x6c, 0x69,
+	0x63, 0x79, 0x12, 0x19, 0x0a, 0x08, 0x72, 0x65, 0x74, 0x72, 0x79, 0x5f, 0x6f, 0x6e, 0x18, 0x01,
+	0x20, 0x01, 0x28, 0x09, 0x52, 0x07, 0x72, 0x65, 0x74, 0x72, 0x79, 0x4f, 0x6e, 0x12, 0x3d, 0x0a,
+	0x0b, 0x6e, 0x75, 0x6d, 0x5f, 0x72, 0x65, 0x74, 0x72, 0x69, 0x65, 0x73, 0x18, 0x02, 0x20, 0x01,
+	0x28, 0x0b, 0x32, 0x1c, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74,
+	0x6f, 0x62, 0x75, 0x66, 0x2e, 0x55, 0x49, 0x6e, 0x74, 0x33, 0x32, 0x56, 0x61, 0x6c, 0x75, 0x65,
+	0x52, 0x0a, 0x6e, 0x75, 0x6d, 0x52, 0x65, 0x74, 0x72, 0x69, 0x65, 0x73, 0x12, 0x41, 0x0a, 0x0f,
+	0x70, 0x65, 0x72, 0x5f, 0x74, 0x72, 0x79, 0x5f, 0x74, 0x69, 0x6d, 0x65, 0x6f, 0x75, 0x74, 0x18,
+	0x03, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x19, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70,
+	0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x44, 0x75, 0x72, 0x61, 0x74, 0x69, 0x6f, 0x6e,
+	0x52, 0x0d, 0x70, 0x65, 0x72, 0x54, 0x72, 0x79, 0x54, 0x69, 0x6d, 0x65, 0x6f, 0x75, 0x74, 0x12,
+	0x54, 0x0a, 0x0e, 0x72, 0x65, 0x74, 0x72, 0x79, 0x5f, 0x70, 0x72, 0x69, 0x6f, 0x72, 0x69, 0x74,
+	0x79, 0x18, 0x04, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x2d, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e,
+	0x61, 0x70, 0x69, 0x2e, 0x76, 0x32, 0x2e, 0x72, 0x6f, 0x75, 0x74, 0x65, 0x2e, 0x52, 0x65, 0x74,
+	0x72, 0x79, 0x50, 0x6f, 0x6c, 0x69, 0x63, 0x79, 0x2e, 0x52, 0x65, 0x74, 0x72, 0x79, 0x50, 0x72,
+	0x69, 0x6f, 0x72, 0x69, 0x74, 0x79, 0x52, 0x0d, 0x72, 0x65, 0x74, 0x72, 0x79, 0x50, 0x72, 0x69,
+	0x6f, 0x72, 0x69, 0x74, 0x79, 0x12, 0x64, 0x0a, 0x14, 0x72, 0x65, 0x74, 0x72, 0x79, 0x5f, 0x68,
+	0x6f, 0x73, 0x74, 0x5f, 0x70, 0x72, 0x65, 0x64, 0x69, 0x63, 0x61, 0x74, 0x65, 0x18, 0x05, 0x20,
+	0x03, 0x28, 0x0b, 0x32, 0x32, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61, 0x70, 0x69, 0x2e,
+	0x76, 0x32, 0x2e, 0x72, 0x6f, 0x75, 0x74, 0x65, 0x2e, 0x52, 0x65, 0x74, 0x72, 0x79, 0x50, 0x6f,
+	0x6c, 0x69, 0x63, 0x79, 0x2e, 0x52, 0x65, 0x74, 0x72, 0x79, 0x48, 0x6f, 0x73, 0x74, 0x50, 0x72,
+	0x65, 0x64, 0x69, 0x63, 0x61, 0x74, 0x65, 0x52, 0x12, 0x72, 0x65, 0x74, 0x72, 0x79, 0x48, 0x6f,
+	0x73, 0x74, 0x50, 0x72, 0x65, 0x64, 0x69, 0x63, 0x61, 0x74, 0x65, 0x12, 0x48, 0x0a, 0x21, 0x68,
+	0x6f, 0x73, 0x74, 0x5f, 0x73, 0x65, 0x6c, 0x65, 0x63, 0x74, 0x69, 0x6f, 0x6e, 0x5f, 0x72, 0x65,
+	0x74, 0x72, 0x79, 0x5f, 0x6d, 0x61, 0x78, 0x5f, 0x61, 0x74, 0x74, 0x65, 0x6d, 0x70, 0x74, 0x73,
+	0x18, 0x06, 0x20, 0x01, 0x28, 0x03, 0x52, 0x1d, 0x68, 0x6f, 0x73, 0x74, 0x53, 0x65, 0x6c, 0x65,
+	0x63, 0x74, 0x69, 0x6f, 0x6e, 0x52, 0x65, 0x74, 0x72, 0x79, 0x4d, 0x61, 0x78, 0x41, 0x74, 0x74,
+	0x65, 0x6d, 0x70, 0x74, 0x73, 0x12, 0x34, 0x0a, 0x16, 0x72, 0x65, 0x74, 0x72, 0x69, 0x61, 0x62,
+	0x6c, 0x65, 0x5f, 0x73, 0x74, 0x61, 0x74, 0x75, 0x73, 0x5f, 0x63, 0x6f, 0x64, 0x65, 0x73, 0x18,
+	0x07, 0x20, 0x03, 0x28, 0x0d, 0x52, 0x14, 0x72, 0x65, 0x74, 0x72, 0x69, 0x61, 0x62, 0x6c, 0x65,
+	0x53, 0x74, 0x61, 0x74, 0x75, 0x73, 0x43, 0x6f, 0x64, 0x65, 0x73, 0x12, 0x52, 0x0a, 0x0e, 0x72,
+	0x65, 0x74, 0x72, 0x79, 0x5f, 0x62, 0x61, 0x63, 0x6b, 0x5f, 0x6f, 0x66, 0x66, 0x18, 0x08, 0x20,
+	0x01, 0x28, 0x0b, 0x32, 0x2c, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61, 0x70, 0x69, 0x2e,
+	0x76, 0x32, 0x2e, 0x72, 0x6f, 0x75, 0x74, 0x65, 0x2e, 0x52, 0x65, 0x74, 0x72, 0x79, 0x50, 0x6f,
+	0x6c, 0x69, 0x63, 0x79, 0x2e, 0x52, 0x65, 0x74, 0x72, 0x79, 0x42, 0x61, 0x63, 0x6b, 0x4f, 0x66,
+	0x66, 0x52, 0x0c, 0x72, 0x65, 0x74, 0x72, 0x79, 0x42, 0x61, 0x63, 0x6b, 0x4f, 0x66, 0x66, 0x12,
+	0x4e, 0x0a, 0x11, 0x72, 0x65, 0x74, 0x72, 0x69, 0x61, 0x62, 0x6c, 0x65, 0x5f, 0x68, 0x65, 0x61,
+	0x64, 0x65, 0x72, 0x73, 0x18, 0x09, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x21, 0x2e, 0x65, 0x6e, 0x76,
+	0x6f, 0x79, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x76, 0x32, 0x2e, 0x72, 0x6f, 0x75, 0x74, 0x65, 0x2e,
+	0x48, 0x65, 0x61, 0x64, 0x65, 0x72, 0x4d, 0x61, 0x74, 0x63, 0x68, 0x65, 0x72, 0x52, 0x10, 0x72,
+	0x65, 0x74, 0x72, 0x69, 0x61, 0x62, 0x6c, 0x65, 0x48, 0x65, 0x61, 0x64, 0x65, 0x72, 0x73, 0x12,
+	0x5d, 0x0a, 0x19, 0x72, 0x65, 0x74, 0x72, 0x69, 0x61, 0x62, 0x6c, 0x65, 0x5f, 0x72, 0x65, 0x71,
+	0x75, 0x65, 0x73, 0x74, 0x5f, 0x68, 0x65, 0x61, 0x64, 0x65, 0x72, 0x73, 0x18, 0x0a, 0x20, 0x03,
+	0x28, 0x0b, 0x32, 0x21, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x76,
+	0x32, 0x2e, 0x72, 0x6f, 0x75, 0x74, 0x65, 0x2e, 0x48, 0x65, 0x61, 0x64, 0x65, 0x72, 0x4d, 0x61,
+	0x74, 0x63, 0x68, 0x65, 0x72, 0x52, 0x17, 0x72, 0x65, 0x74, 0x72, 0x69, 0x61, 0x62, 0x6c, 0x65,
+	0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x48, 0x65, 0x61, 0x64, 0x65, 0x72, 0x73, 0x1a, 0xad,
+	0x01, 0x0a, 0x0d, 0x52, 0x65, 0x74, 0x72, 0x79, 0x50, 0x72, 0x69, 0x6f, 0x72, 0x69, 0x74, 0x79,
+	0x12, 0x1b, 0x0a, 0x04, 0x6e, 0x61, 0x6d, 0x65, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x42, 0x07,
+	0xfa, 0x42, 0x04, 0x72, 0x02, 0x20, 0x01, 0x52, 0x04, 0x6e, 0x61, 0x6d, 0x65, 0x12, 0x35, 0x0a,
+	0x06, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x18, 0x02, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x17, 0x2e,
+	0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e,
+	0x53, 0x74, 0x72, 0x75, 0x63, 0x74, 0x42, 0x02, 0x18, 0x01, 0x48, 0x00, 0x52, 0x06, 0x63, 0x6f,
+	0x6e, 0x66, 0x69, 0x67, 0x12, 0x39, 0x0a, 0x0c, 0x74, 0x79, 0x70, 0x65, 0x64, 0x5f, 0x63, 0x6f,
+	0x6e, 0x66, 0x69, 0x67, 0x18, 0x03, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x14, 0x2e, 0x67, 0x6f, 0x6f,
+	0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x41, 0x6e, 0x79,
+	0x48, 0x00, 0x52, 0x0b, 0x74, 0x79, 0x70, 0x65, 0x64, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x42,
+	0x0d, 0x0a, 0x0b, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x5f, 0x74, 0x79, 0x70, 0x65, 0x1a, 0xb2,
+	0x01, 0x0a, 0x12, 0x52, 0x65, 0x74, 0x72, 0x79, 0x48, 0x6f, 0x73, 0x74, 0x50, 0x72, 0x65, 0x64,
+	0x69, 0x63, 0x61, 0x74, 0x65, 0x12, 0x1b, 0x0a, 0x04, 0x6e, 0x61, 0x6d, 0x65, 0x18, 0x01, 0x20,
+	0x01, 0x28, 0x09, 0x42, 0x07, 0xfa, 0x42, 0x04, 0x72, 0x02, 0x20, 0x01, 0x52, 0x04, 0x6e, 0x61,
+	0x6d, 0x65, 0x12, 0x35, 0x0a, 0x06, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x18, 0x02, 0x20, 0x01,
+	0x28, 0x0b, 0x32, 0x17, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74,
+	0x6f, 0x62, 0x75, 0x66, 0x2e, 0x53, 0x74, 0x72, 0x75, 0x63, 0x74, 0x42, 0x02, 0x18, 0x01, 0x48,
+	0x00, 0x52, 0x06, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x12, 0x39, 0x0a, 0x0c, 0x74, 0x79, 0x70,
+	0x65, 0x64, 0x5f, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x18, 0x03, 0x20, 0x01, 0x28, 0x0b, 0x32,
+	0x14, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75,
+	0x66, 0x2e, 0x41, 0x6e, 0x79, 0x48, 0x00, 0x52, 0x0b, 0x74, 0x79, 0x70, 0x65, 0x64, 0x43, 0x6f,
+	0x6e, 0x66, 0x69, 0x67, 0x42, 0x0d, 0x0a, 0x0b, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x5f, 0x74,
+	0x79, 0x70, 0x65, 0x1a, 0xa2, 0x01, 0x0a, 0x0c, 0x52, 0x65, 0x74, 0x72, 0x79, 0x42, 0x61, 0x63,
+	0x6b, 0x4f, 0x66, 0x66, 0x12, 0x4a, 0x0a, 0x0d, 0x62, 0x61, 0x73, 0x65, 0x5f, 0x69, 0x6e, 0x74,
+	0x65, 0x72, 0x76, 0x61, 0x6c, 0x18, 0x01, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x19, 0x2e, 0x67, 0x6f,
+	0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x44, 0x75,
+	0x72, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x42, 0x0a, 0xfa, 0x42, 0x07, 0xaa, 0x01, 0x04, 0x08, 0x01,
+	0x2a, 0x00, 0x52, 0x0c, 0x62, 0x61, 0x73, 0x65, 0x49, 0x6e, 0x74, 0x65, 0x72, 0x76, 0x61, 0x6c,
+	0x12, 0x46, 0x0a, 0x0c, 0x6d, 0x61, 0x78, 0x5f, 0x69, 0x6e, 0x74, 0x65, 0x72, 0x76, 0x61, 0x6c,
+	0x18, 0x02, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x19, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e,
+	0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x44, 0x75, 0x72, 0x61, 0x74, 0x69, 0x6f,
+	0x6e, 0x42, 0x08, 0xfa, 0x42, 0x05, 0xaa, 0x01, 0x02, 0x2a, 0x00, 0x52, 0x0b, 0x6d, 0x61, 0x78,
+	0x49, 0x6e, 0x74, 0x65, 0x72, 0x76, 0x61, 0x6c, 0x22, 0xf2, 0x01, 0x0a, 0x0b, 0x48, 0x65, 0x64,
+	0x67, 0x65, 0x50, 0x6f, 0x6c, 0x69, 0x63, 0x79, 0x12, 0x50, 0x0a, 0x10, 0x69, 0x6e, 0x69, 0x74,
+	0x69, 0x61, 0x6c, 0x5f, 0x72, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x73, 0x18, 0x01, 0x20, 0x01,
+	0x28, 0x0b, 0x32, 0x1c, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74,
+	0x6f, 0x62, 0x75, 0x66, 0x2e, 0x55, 0x49, 0x6e, 0x74, 0x33, 0x32, 0x56, 0x61, 0x6c, 0x75, 0x65,
+	0x42, 0x07, 0xfa, 0x42, 0x04, 0x2a, 0x02, 0x28, 0x01, 0x52, 0x0f, 0x69, 0x6e, 0x69, 0x74, 0x69,
+	0x61, 0x6c, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x73, 0x12, 0x59, 0x0a, 0x19, 0x61, 0x64,
+	0x64, 0x69, 0x74, 0x69, 0x6f, 0x6e, 0x61, 0x6c, 0x5f, 0x72, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74,
+	0x5f, 0x63, 0x68, 0x61, 0x6e, 0x63, 0x65, 0x18, 0x02, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1d, 0x2e,
+	0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x74, 0x79, 0x70, 0x65, 0x2e, 0x46, 0x72, 0x61, 0x63, 0x74,
+	0x69, 0x6f, 0x6e, 0x61, 0x6c, 0x50, 0x65, 0x72, 0x63, 0x65, 0x6e, 0x74, 0x52, 0x17, 0x61, 0x64,
+	0x64, 0x69, 0x74, 0x69, 0x6f, 0x6e, 0x61, 0x6c, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x43,
+	0x68, 0x61, 0x6e, 0x63, 0x65, 0x12, 0x36, 0x0a, 0x18, 0x68, 0x65, 0x64, 0x67, 0x65, 0x5f, 0x6f,
+	0x6e, 0x5f, 0x70, 0x65, 0x72, 0x5f, 0x74, 0x72, 0x79, 0x5f, 0x74, 0x69, 0x6d, 0x65, 0x6f, 0x75,
+	0x74, 0x18, 0x03, 0x20, 0x01, 0x28, 0x08, 0x52, 0x14, 0x68, 0x65, 0x64, 0x67, 0x65, 0x4f, 0x6e,
+	0x50, 0x65, 0x72, 0x54, 0x72, 0x79, 0x54, 0x69, 0x6d, 0x65, 0x6f, 0x75, 0x74, 0x22, 0xdd, 0x04,
+	0x0a, 0x0e, 0x52, 0x65, 0x64, 0x69, 0x72, 0x65, 0x63, 0x74, 0x41, 0x63, 0x74, 0x69, 0x6f, 0x6e,
+	0x12, 0x27, 0x0a, 0x0e, 0x68, 0x74, 0x74, 0x70, 0x73, 0x5f, 0x72, 0x65, 0x64, 0x69, 0x72, 0x65,
+	0x63, 0x74, 0x18, 0x04, 0x20, 0x01, 0x28, 0x08, 0x48, 0x00, 0x52, 0x0d, 0x68, 0x74, 0x74, 0x70,
+	0x73, 0x52, 0x65, 0x64, 0x69, 0x72, 0x65, 0x63, 0x74, 0x12, 0x29, 0x0a, 0x0f, 0x73, 0x63, 0x68,
+	0x65, 0x6d, 0x65, 0x5f, 0x72, 0x65, 0x64, 0x69, 0x72, 0x65, 0x63, 0x74, 0x18, 0x07, 0x20, 0x01,
+	0x28, 0x09, 0x48, 0x00, 0x52, 0x0e, 0x73, 0x63, 0x68, 0x65, 0x6d, 0x65, 0x52, 0x65, 0x64, 0x69,
+	0x72, 0x65, 0x63, 0x74, 0x12, 0x30, 0x0a, 0x0d, 0x68, 0x6f, 0x73, 0x74, 0x5f, 0x72, 0x65, 0x64,
+	0x69, 0x72, 0x65, 0x63, 0x74, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x42, 0x0b, 0xfa, 0x42, 0x08,
+	0x72, 0x06, 0xc0, 0x01, 0x02, 0xc8, 0x01, 0x00, 0x52, 0x0c, 0x68, 0x6f, 0x73, 0x74, 0x52, 0x65,
+	0x64, 0x69, 0x72, 0x65, 0x63, 0x74, 0x12, 0x23, 0x0a, 0x0d, 0x70, 0x6f, 0x72, 0x74, 0x5f, 0x72,
+	0x65, 0x64, 0x69, 0x72, 0x65, 0x63, 0x74, 0x18, 0x08, 0x20, 0x01, 0x28, 0x0d, 0x52, 0x0c, 0x70,
+	0x6f, 0x72, 0x74, 0x52, 0x65, 0x64, 0x69, 0x72, 0x65, 0x63, 0x74, 0x12, 0x32, 0x0a, 0x0d, 0x70,
+	0x61, 0x74, 0x68, 0x5f, 0x72, 0x65, 0x64, 0x69, 0x72, 0x65, 0x63, 0x74, 0x18, 0x02, 0x20, 0x01,
+	0x28, 0x09, 0x42, 0x0b, 0xfa, 0x42, 0x08, 0x72, 0x06, 0xc0, 0x01, 0x02, 0xc8, 0x01, 0x00, 0x48,
+	0x01, 0x52, 0x0c, 0x70, 0x61, 0x74, 0x68, 0x52, 0x65, 0x64, 0x69, 0x72, 0x65, 0x63, 0x74, 0x12,
+	0x34, 0x0a, 0x0e, 0x70, 0x72, 0x65, 0x66, 0x69, 0x78, 0x5f, 0x72, 0x65, 0x77, 0x72, 0x69, 0x74,
+	0x65, 0x18, 0x05, 0x20, 0x01, 0x28, 0x09, 0x42, 0x0b, 0xfa, 0x42, 0x08, 0x72, 0x06, 0xc0, 0x01,
+	0x02, 0xc8, 0x01, 0x00, 0x48, 0x01, 0x52, 0x0d, 0x70, 0x72, 0x65, 0x66, 0x69, 0x78, 0x52, 0x65,
+	0x77, 0x72, 0x69, 0x74, 0x65, 0x12, 0x66, 0x0a, 0x0d, 0x72, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73,
+	0x65, 0x5f, 0x63, 0x6f, 0x64, 0x65, 0x18, 0x03, 0x20, 0x01, 0x28, 0x0e, 0x32, 0x37, 0x2e, 0x65,
+	0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x76, 0x32, 0x2e, 0x72, 0x6f, 0x75, 0x74,
+	0x65, 0x2e, 0x52, 0x65, 0x64, 0x69, 0x72, 0x65, 0x63, 0x74, 0x41, 0x63, 0x74, 0x69, 0x6f, 0x6e,
+	0x2e, 0x52, 0x65, 0x64, 0x69, 0x72, 0x65, 0x63, 0x74, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73,
+	0x65, 0x43, 0x6f, 0x64, 0x65, 0x42, 0x08, 0xfa, 0x42, 0x05, 0x82, 0x01, 0x02, 0x10, 0x01, 0x52,
+	0x0c, 0x72, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x43, 0x6f, 0x64, 0x65, 0x12, 0x1f, 0x0a,
+	0x0b, 0x73, 0x74, 0x72, 0x69, 0x70, 0x5f, 0x71, 0x75, 0x65, 0x72, 0x79, 0x18, 0x06, 0x20, 0x01,
+	0x28, 0x08, 0x52, 0x0a, 0x73, 0x74, 0x72, 0x69, 0x70, 0x51, 0x75, 0x65, 0x72, 0x79, 0x22, 0x77,
+	0x0a, 0x14, 0x52, 0x65, 0x64, 0x69, 0x72, 0x65, 0x63, 0x74, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e,
+	0x73, 0x65, 0x43, 0x6f, 0x64, 0x65, 0x12, 0x15, 0x0a, 0x11, 0x4d, 0x4f, 0x56, 0x45, 0x44, 0x5f,
+	0x50, 0x45, 0x52, 0x4d, 0x41, 0x4e, 0x45, 0x4e, 0x54, 0x4c, 0x59, 0x10, 0x00, 0x12, 0x09, 0x0a,
+	0x05, 0x46, 0x4f, 0x55, 0x4e, 0x44, 0x10, 0x01, 0x12, 0x0d, 0x0a, 0x09, 0x53, 0x45, 0x45, 0x5f,
+	0x4f, 0x54, 0x48, 0x45, 0x52, 0x10, 0x02, 0x12, 0x16, 0x0a, 0x12, 0x54, 0x45, 0x4d, 0x50, 0x4f,
+	0x52, 0x41, 0x52, 0x59, 0x5f, 0x52, 0x45, 0x44, 0x49, 0x52, 0x45, 0x43, 0x54, 0x10, 0x03, 0x12,
+	0x16, 0x0a, 0x12, 0x50, 0x45, 0x52, 0x4d, 0x41, 0x4e, 0x45, 0x4e, 0x54, 0x5f, 0x52, 0x45, 0x44,
+	0x49, 0x52, 0x45, 0x43, 0x54, 0x10, 0x04, 0x42, 0x1a, 0x0a, 0x18, 0x73, 0x63, 0x68, 0x65, 0x6d,
+	0x65, 0x5f, 0x72, 0x65, 0x77, 0x72, 0x69, 0x74, 0x65, 0x5f, 0x73, 0x70, 0x65, 0x63, 0x69, 0x66,
+	0x69, 0x65, 0x72, 0x42, 0x18, 0x0a, 0x16, 0x70, 0x61, 0x74, 0x68, 0x5f, 0x72, 0x65, 0x77, 0x72,
+	0x69, 0x74, 0x65, 0x5f, 0x73, 0x70, 0x65, 0x63, 0x69, 0x66, 0x69, 0x65, 0x72, 0x22, 0x6d, 0x0a,
+	0x14, 0x44, 0x69, 0x72, 0x65, 0x63, 0x74, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x41,
+	0x63, 0x74, 0x69, 0x6f, 0x6e, 0x12, 0x22, 0x0a, 0x06, 0x73, 0x74, 0x61, 0x74, 0x75, 0x73, 0x18,
+	0x01, 0x20, 0x01, 0x28, 0x0d, 0x42, 0x0a, 0xfa, 0x42, 0x07, 0x2a, 0x05, 0x10, 0xd8, 0x04, 0x28,
+	0x64, 0x52, 0x06, 0x73, 0x74, 0x61, 0x74, 0x75, 0x73, 0x12, 0x31, 0x0a, 0x04, 0x62, 0x6f, 0x64,
+	0x79, 0x18, 0x02, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1d, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e,
+	0x61, 0x70, 0x69, 0x2e, 0x76, 0x32, 0x2e, 0x63, 0x6f, 0x72, 0x65, 0x2e, 0x44, 0x61, 0x74, 0x61,
+	0x53, 0x6f, 0x75, 0x72, 0x63, 0x65, 0x52, 0x04, 0x62, 0x6f, 0x64, 0x79, 0x22, 0x6c, 0x0a, 0x09,
+	0x44, 0x65, 0x63, 0x6f, 0x72, 0x61, 0x74, 0x6f, 0x72, 0x12, 0x25, 0x0a, 0x09, 0x6f, 0x70, 0x65,
+	0x72, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x42, 0x07, 0xfa, 0x42,
+	0x04, 0x72, 0x02, 0x20, 0x01, 0x52, 0x09, 0x6f, 0x70, 0x65, 0x72, 0x61, 0x74, 0x69, 0x6f, 0x6e,
+	0x12, 0x38, 0x0a, 0x09, 0x70, 0x72, 0x6f, 0x70, 0x61, 0x67, 0x61, 0x74, 0x65, 0x18, 0x02, 0x20,
+	0x01, 0x28, 0x0b, 0x32, 0x1a, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f,
+	0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x42, 0x6f, 0x6f, 0x6c, 0x56, 0x61, 0x6c, 0x75, 0x65, 0x52,
+	0x09, 0x70, 0x72, 0x6f, 0x70, 0x61, 0x67, 0x61, 0x74, 0x65, 0x22, 0xa6, 0x02, 0x0a, 0x07, 0x54,
+	0x72, 0x61, 0x63, 0x69, 0x6e, 0x67, 0x12, 0x46, 0x0a, 0x0f, 0x63, 0x6c, 0x69, 0x65, 0x6e, 0x74,
+	0x5f, 0x73, 0x61, 0x6d, 0x70, 0x6c, 0x69, 0x6e, 0x67, 0x18, 0x01, 0x20, 0x01, 0x28, 0x0b, 0x32,
+	0x1d, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x74, 0x79, 0x70, 0x65, 0x2e, 0x46, 0x72, 0x61,
+	0x63, 0x74, 0x69, 0x6f, 0x6e, 0x61, 0x6c, 0x50, 0x65, 0x72, 0x63, 0x65, 0x6e, 0x74, 0x52, 0x0e,
+	0x63, 0x6c, 0x69, 0x65, 0x6e, 0x74, 0x53, 0x61, 0x6d, 0x70, 0x6c, 0x69, 0x6e, 0x67, 0x12, 0x46,
+	0x0a, 0x0f, 0x72, 0x61, 0x6e, 0x64, 0x6f, 0x6d, 0x5f, 0x73, 0x61, 0x6d, 0x70, 0x6c, 0x69, 0x6e,
+	0x67, 0x18, 0x02, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1d, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e,
+	0x74, 0x79, 0x70, 0x65, 0x2e, 0x46, 0x72, 0x61, 0x63, 0x74, 0x69, 0x6f, 0x6e, 0x61, 0x6c, 0x50,
+	0x65, 0x72, 0x63, 0x65, 0x6e, 0x74, 0x52, 0x0e, 0x72, 0x61, 0x6e, 0x64, 0x6f, 0x6d, 0x53, 0x61,
+	0x6d, 0x70, 0x6c, 0x69, 0x6e, 0x67, 0x12, 0x48, 0x0a, 0x10, 0x6f, 0x76, 0x65, 0x72, 0x61, 0x6c,
+	0x6c, 0x5f, 0x73, 0x61, 0x6d, 0x70, 0x6c, 0x69, 0x6e, 0x67, 0x18, 0x03, 0x20, 0x01, 0x28, 0x0b,
+	0x32, 0x1d, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x74, 0x79, 0x70, 0x65, 0x2e, 0x46, 0x72,
+	0x61, 0x63, 0x74, 0x69, 0x6f, 0x6e, 0x61, 0x6c, 0x50, 0x65, 0x72, 0x63, 0x65, 0x6e, 0x74, 0x52,
+	0x0f, 0x6f, 0x76, 0x65, 0x72, 0x61, 0x6c, 0x6c, 0x53, 0x61, 0x6d, 0x70, 0x6c, 0x69, 0x6e, 0x67,
+	0x12, 0x41, 0x0a, 0x0b, 0x63, 0x75, 0x73, 0x74, 0x6f, 0x6d, 0x5f, 0x74, 0x61, 0x67, 0x73, 0x18,
+	0x04, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x20, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x74, 0x79,
+	0x70, 0x65, 0x2e, 0x74, 0x72, 0x61, 0x63, 0x69, 0x6e, 0x67, 0x2e, 0x76, 0x32, 0x2e, 0x43, 0x75,
+	0x73, 0x74, 0x6f, 0x6d, 0x54, 0x61, 0x67, 0x52, 0x0a, 0x63, 0x75, 0x73, 0x74, 0x6f, 0x6d, 0x54,
+	0x61, 0x67, 0x73, 0x22, 0xda, 0x01, 0x0a, 0x0e, 0x56, 0x69, 0x72, 0x74, 0x75, 0x61, 0x6c, 0x43,
+	0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0x12, 0x2a, 0x0a, 0x07, 0x70, 0x61, 0x74, 0x74, 0x65, 0x72,
+	0x6e, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x42, 0x10, 0x18, 0x01, 0xfa, 0x42, 0x05, 0x72, 0x03,
+	0x28, 0x80, 0x08, 0xb8, 0xee, 0xf2, 0xd2, 0x05, 0x01, 0x52, 0x07, 0x70, 0x61, 0x74, 0x74, 0x65,
+	0x72, 0x6e, 0x12, 0x3b, 0x0a, 0x07, 0x68, 0x65, 0x61, 0x64, 0x65, 0x72, 0x73, 0x18, 0x04, 0x20,
+	0x03, 0x28, 0x0b, 0x32, 0x21, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61, 0x70, 0x69, 0x2e,
+	0x76, 0x32, 0x2e, 0x72, 0x6f, 0x75, 0x74, 0x65, 0x2e, 0x48, 0x65, 0x61, 0x64, 0x65, 0x72, 0x4d,
+	0x61, 0x74, 0x63, 0x68, 0x65, 0x72, 0x52, 0x07, 0x68, 0x65, 0x61, 0x64, 0x65, 0x72, 0x73, 0x12,
+	0x1b, 0x0a, 0x04, 0x6e, 0x61, 0x6d, 0x65, 0x18, 0x02, 0x20, 0x01, 0x28, 0x09, 0x42, 0x07, 0xfa,
+	0x42, 0x04, 0x72, 0x02, 0x20, 0x01, 0x52, 0x04, 0x6e, 0x61, 0x6d, 0x65, 0x12, 0x42, 0x0a, 0x06,
+	0x6d, 0x65, 0x74, 0x68, 0x6f, 0x64, 0x18, 0x03, 0x20, 0x01, 0x28, 0x0e, 0x32, 0x20, 0x2e, 0x65,
+	0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x76, 0x32, 0x2e, 0x63, 0x6f, 0x72, 0x65,
+	0x2e, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x4d, 0x65, 0x74, 0x68, 0x6f, 0x64, 0x42, 0x08,
+	0x18, 0x01, 0xb8, 0xee, 0xf2, 0xd2, 0x05, 0x01, 0x52, 0x06, 0x6d, 0x65, 0x74, 0x68, 0x6f, 0x64,
+	0x22, 0xd3, 0x09, 0x0a, 0x09, 0x52, 0x61, 0x74, 0x65, 0x4c, 0x69, 0x6d, 0x69, 0x74, 0x12, 0x3b,
+	0x0a, 0x05, 0x73, 0x74, 0x61, 0x67, 0x65, 0x18, 0x01, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1c, 0x2e,
+	0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e,
+	0x55, 0x49, 0x6e, 0x74, 0x33, 0x32, 0x56, 0x61, 0x6c, 0x75, 0x65, 0x42, 0x07, 0xfa, 0x42, 0x04,
+	0x2a, 0x02, 0x18, 0x0a, 0x52, 0x05, 0x73, 0x74, 0x61, 0x67, 0x65, 0x12, 0x1f, 0x0a, 0x0b, 0x64,
+	0x69, 0x73, 0x61, 0x62, 0x6c, 0x65, 0x5f, 0x6b, 0x65, 0x79, 0x18, 0x02, 0x20, 0x01, 0x28, 0x09,
+	0x52, 0x0a, 0x64, 0x69, 0x73, 0x61, 0x62, 0x6c, 0x65, 0x4b, 0x65, 0x79, 0x12, 0x48, 0x0a, 0x07,
+	0x61, 0x63, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x18, 0x03, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x24, 0x2e,
+	0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x76, 0x32, 0x2e, 0x72, 0x6f, 0x75,
+	0x74, 0x65, 0x2e, 0x52, 0x61, 0x74, 0x65, 0x4c, 0x69, 0x6d, 0x69, 0x74, 0x2e, 0x41, 0x63, 0x74,
+	0x69, 0x6f, 0x6e, 0x42, 0x08, 0xfa, 0x42, 0x05, 0x92, 0x01, 0x02, 0x08, 0x01, 0x52, 0x07, 0x61,
+	0x63, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x1a, 0x9d, 0x08, 0x0a, 0x06, 0x41, 0x63, 0x74, 0x69, 0x6f,
+	0x6e, 0x12, 0x5b, 0x0a, 0x0e, 0x73, 0x6f, 0x75, 0x72, 0x63, 0x65, 0x5f, 0x63, 0x6c, 0x75, 0x73,
+	0x74, 0x65, 0x72, 0x18, 0x01, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x32, 0x2e, 0x65, 0x6e, 0x76, 0x6f,
+	0x79, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x76, 0x32, 0x2e, 0x72, 0x6f, 0x75, 0x74, 0x65, 0x2e, 0x52,
+	0x61, 0x74, 0x65, 0x4c, 0x69, 0x6d, 0x69, 0x74, 0x2e, 0x41, 0x63, 0x74, 0x69, 0x6f, 0x6e, 0x2e,
+	0x53, 0x6f, 0x75, 0x72, 0x63, 0x65, 0x43, 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0x48, 0x00, 0x52,
+	0x0d, 0x73, 0x6f, 0x75, 0x72, 0x63, 0x65, 0x43, 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0x12, 0x6a,
+	0x0a, 0x13, 0x64, 0x65, 0x73, 0x74, 0x69, 0x6e, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x5f, 0x63, 0x6c,
+	0x75, 0x73, 0x74, 0x65, 0x72, 0x18, 0x02, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x37, 0x2e, 0x65, 0x6e,
+	0x76, 0x6f, 0x79, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x76, 0x32, 0x2e, 0x72, 0x6f, 0x75, 0x74, 0x65,
+	0x2e, 0x52, 0x61, 0x74, 0x65, 0x4c, 0x69, 0x6d, 0x69, 0x74, 0x2e, 0x41, 0x63, 0x74, 0x69, 0x6f,
+	0x6e, 0x2e, 0x44, 0x65, 0x73, 0x74, 0x69, 0x6e, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x43, 0x6c, 0x75,
+	0x73, 0x74, 0x65, 0x72, 0x48, 0x00, 0x52, 0x12, 0x64, 0x65, 0x73, 0x74, 0x69, 0x6e, 0x61, 0x74,
+	0x69, 0x6f, 0x6e, 0x43, 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0x12, 0x5e, 0x0a, 0x0f, 0x72, 0x65,
+	0x71, 0x75, 0x65, 0x73, 0x74, 0x5f, 0x68, 0x65, 0x61, 0x64, 0x65, 0x72, 0x73, 0x18, 0x03, 0x20,
+	0x01, 0x28, 0x0b, 0x32, 0x33, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61, 0x70, 0x69, 0x2e,
+	0x76, 0x32, 0x2e, 0x72, 0x6f, 0x75, 0x74, 0x65, 0x2e, 0x52, 0x61, 0x74, 0x65, 0x4c, 0x69, 0x6d,
+	0x69, 0x74, 0x2e, 0x41, 0x63, 0x74, 0x69, 0x6f, 0x6e, 0x2e, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73,
+	0x74, 0x48, 0x65, 0x61, 0x64, 0x65, 0x72, 0x73, 0x48, 0x00, 0x52, 0x0e, 0x72, 0x65, 0x71, 0x75,
+	0x65, 0x73, 0x74, 0x48, 0x65, 0x61, 0x64, 0x65, 0x72, 0x73, 0x12, 0x5b, 0x0a, 0x0e, 0x72, 0x65,
+	0x6d, 0x6f, 0x74, 0x65, 0x5f, 0x61, 0x64, 0x64, 0x72, 0x65, 0x73, 0x73, 0x18, 0x04, 0x20, 0x01,
+	0x28, 0x0b, 0x32, 0x32, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x76,
+	0x32, 0x2e, 0x72, 0x6f, 0x75, 0x74, 0x65, 0x2e, 0x52, 0x61, 0x74, 0x65, 0x4c, 0x69, 0x6d, 0x69,
+	0x74, 0x2e, 0x41, 0x63, 0x74, 0x69, 0x6f, 0x6e, 0x2e, 0x52, 0x65, 0x6d, 0x6f, 0x74, 0x65, 0x41,
+	0x64, 0x64, 0x72, 0x65, 0x73, 0x73, 0x48, 0x00, 0x52, 0x0d, 0x72, 0x65, 0x6d, 0x6f, 0x74, 0x65,
+	0x41, 0x64, 0x64, 0x72, 0x65, 0x73, 0x73, 0x12, 0x52, 0x0a, 0x0b, 0x67, 0x65, 0x6e, 0x65, 0x72,
+	0x69, 0x63, 0x5f, 0x6b, 0x65, 0x79, 0x18, 0x05, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x2f, 0x2e, 0x65,
+	0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x76, 0x32, 0x2e, 0x72, 0x6f, 0x75, 0x74,
+	0x65, 0x2e, 0x52, 0x61, 0x74, 0x65, 0x4c, 0x69, 0x6d, 0x69, 0x74, 0x2e, 0x41, 0x63, 0x74, 0x69,
+	0x6f, 0x6e, 0x2e, 0x47, 0x65, 0x6e, 0x65, 0x72, 0x69, 0x63, 0x4b, 0x65, 0x79, 0x48, 0x00, 0x52,
+	0x0a, 0x67, 0x65, 0x6e, 0x65, 0x72, 0x69, 0x63, 0x4b, 0x65, 0x79, 0x12, 0x65, 0x0a, 0x12, 0x68,
+	0x65, 0x61, 0x64, 0x65, 0x72, 0x5f, 0x76, 0x61, 0x6c, 0x75, 0x65, 0x5f, 0x6d, 0x61, 0x74, 0x63,
+	0x68, 0x18, 0x06, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x35, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e,
+	0x61, 0x70, 0x69, 0x2e, 0x76, 0x32, 0x2e, 0x72, 0x6f, 0x75, 0x74, 0x65, 0x2e, 0x52, 0x61, 0x74,
+	0x65, 0x4c, 0x69, 0x6d, 0x69, 0x74, 0x2e, 0x41, 0x63, 0x74, 0x69, 0x6f, 0x6e, 0x2e, 0x48, 0x65,
+	0x61, 0x64, 0x65, 0x72, 0x56, 0x61, 0x6c, 0x75, 0x65, 0x4d, 0x61, 0x74, 0x63, 0x68, 0x48, 0x00,
+	0x52, 0x10, 0x68, 0x65, 0x61, 0x64, 0x65, 0x72, 0x56, 0x61, 0x6c, 0x75, 0x65, 0x4d, 0x61, 0x74,
+	0x63, 0x68, 0x1a, 0x0f, 0x0a, 0x0d, 0x53, 0x6f, 0x75, 0x72, 0x63, 0x65, 0x43, 0x6c, 0x75, 0x73,
+	0x74, 0x65, 0x72, 0x1a, 0x14, 0x0a, 0x12, 0x44, 0x65, 0x73, 0x74, 0x69, 0x6e, 0x61, 0x74, 0x69,
+	0x6f, 0x6e, 0x43, 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0x1a, 0x70, 0x0a, 0x0e, 0x52, 0x65, 0x71,
+	0x75, 0x65, 0x73, 0x74, 0x48, 0x65, 0x61, 0x64, 0x65, 0x72, 0x73, 0x12, 0x2e, 0x0a, 0x0b, 0x68,
+	0x65, 0x61, 0x64, 0x65, 0x72, 0x5f, 0x6e, 0x61, 0x6d, 0x65, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09,
+	0x42, 0x0d, 0xfa, 0x42, 0x0a, 0x72, 0x08, 0x20, 0x01, 0xc0, 0x01, 0x01, 0xc8, 0x01, 0x00, 0x52,
+	0x0a, 0x68, 0x65, 0x61, 0x64, 0x65, 0x72, 0x4e, 0x61, 0x6d, 0x65, 0x12, 0x2e, 0x0a, 0x0e, 0x64,
+	0x65, 0x73, 0x63, 0x72, 0x69, 0x70, 0x74, 0x6f, 0x72, 0x5f, 0x6b, 0x65, 0x79, 0x18, 0x02, 0x20,
+	0x01, 0x28, 0x09, 0x42, 0x07, 0xfa, 0x42, 0x04, 0x72, 0x02, 0x20, 0x01, 0x52, 0x0d, 0x64, 0x65,
+	0x73, 0x63, 0x72, 0x69, 0x70, 0x74, 0x6f, 0x72, 0x4b, 0x65, 0x79, 0x1a, 0x0f, 0x0a, 0x0d, 0x52,
+	0x65, 0x6d, 0x6f, 0x74, 0x65, 0x41, 0x64, 0x64, 0x72, 0x65, 0x73, 0x73, 0x1a, 0x40, 0x0a, 0x0a,
+	0x47, 0x65, 0x6e, 0x65, 0x72, 0x69, 0x63, 0x4b, 0x65, 0x79, 0x12, 0x32, 0x0a, 0x10, 0x64, 0x65,
+	0x73, 0x63, 0x72, 0x69, 0x70, 0x74, 0x6f, 0x72, 0x5f, 0x76, 0x61, 0x6c, 0x75, 0x65, 0x18, 0x01,
+	0x20, 0x01, 0x28, 0x09, 0x42, 0x07, 0xfa, 0x42, 0x04, 0x72, 0x02, 0x20, 0x01, 0x52, 0x0f, 0x64,
+	0x65, 0x73, 0x63, 0x72, 0x69, 0x70, 0x74, 0x6f, 0x72, 0x56, 0x61, 0x6c, 0x75, 0x65, 0x1a, 0xcc,
+	0x01, 0x0a, 0x10, 0x48, 0x65, 0x61, 0x64, 0x65, 0x72, 0x56, 0x61, 0x6c, 0x75, 0x65, 0x4d, 0x61,
+	0x74, 0x63, 0x68, 0x12, 0x32, 0x0a, 0x10, 0x64, 0x65, 0x73, 0x63, 0x72, 0x69, 0x70, 0x74, 0x6f,
+	0x72, 0x5f, 0x76, 0x61, 0x6c, 0x75, 0x65, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x42, 0x07, 0xfa,
+	0x42, 0x04, 0x72, 0x02, 0x20, 0x01, 0x52, 0x0f, 0x64, 0x65, 0x73, 0x63, 0x72, 0x69, 0x70, 0x74,
+	0x6f, 0x72, 0x56, 0x61, 0x6c, 0x75, 0x65, 0x12, 0x3d, 0x0a, 0x0c, 0x65, 0x78, 0x70, 0x65, 0x63,
+	0x74, 0x5f, 0x6d, 0x61, 0x74, 0x63, 0x68, 0x18, 0x02, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1a, 0x2e,
+	0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e,
+	0x42, 0x6f, 0x6f, 0x6c, 0x56, 0x61, 0x6c, 0x75, 0x65, 0x52, 0x0b, 0x65, 0x78, 0x70, 0x65, 0x63,
+	0x74, 0x4d, 0x61, 0x74, 0x63, 0x68, 0x12, 0x45, 0x0a, 0x07, 0x68, 0x65, 0x61, 0x64, 0x65, 0x72,
+	0x73, 0x18, 0x03, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x21, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e,
+	0x61, 0x70, 0x69, 0x2e, 0x76, 0x32, 0x2e, 0x72, 0x6f, 0x75, 0x74, 0x65, 0x2e, 0x48, 0x65, 0x61,
+	0x64, 0x65, 0x72, 0x4d, 0x61, 0x74, 0x63, 0x68, 0x65, 0x72, 0x42, 0x08, 0xfa, 0x42, 0x05, 0x92,
+	0x01, 0x02, 0x08, 0x01, 0x52, 0x07, 0x68, 0x65, 0x61, 0x64, 0x65, 0x72, 0x73, 0x42, 0x17, 0x0a,
+	0x10, 0x61, 0x63, 0x74, 0x69, 0x6f, 0x6e, 0x5f, 0x73, 0x70, 0x65, 0x63, 0x69, 0x66, 0x69, 0x65,
+	0x72, 0x12, 0x03, 0xf8, 0x42, 0x01, 0x22, 0xdf, 0x03, 0x0a, 0x0d, 0x48, 0x65, 0x61, 0x64, 0x65,
+	0x72, 0x4d, 0x61, 0x74, 0x63, 0x68, 0x65, 0x72, 0x12, 0x21, 0x0a, 0x04, 0x6e, 0x61, 0x6d, 0x65,
+	0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x42, 0x0d, 0xfa, 0x42, 0x0a, 0x72, 0x08, 0x20, 0x01, 0xc0,
+	0x01, 0x01, 0xc8, 0x01, 0x00, 0x52, 0x04, 0x6e, 0x61, 0x6d, 0x65, 0x12, 0x21, 0x0a, 0x0b, 0x65,
+	0x78, 0x61, 0x63, 0x74, 0x5f, 0x6d, 0x61, 0x74, 0x63, 0x68, 0x18, 0x04, 0x20, 0x01, 0x28, 0x09,
+	0x48, 0x00, 0x52, 0x0a, 0x65, 0x78, 0x61, 0x63, 0x74, 0x4d, 0x61, 0x74, 0x63, 0x68, 0x12, 0x33,
+	0x0a, 0x0b, 0x72, 0x65, 0x67, 0x65, 0x78, 0x5f, 0x6d, 0x61, 0x74, 0x63, 0x68, 0x18, 0x05, 0x20,
+	0x01, 0x28, 0x09, 0x42, 0x10, 0x18, 0x01, 0xfa, 0x42, 0x05, 0x72, 0x03, 0x28, 0x80, 0x08, 0xb8,
+	0xee, 0xf2, 0xd2, 0x05, 0x01, 0x48, 0x00, 0x52, 0x0a, 0x72, 0x65, 0x67, 0x65, 0x78, 0x4d, 0x61,
+	0x74, 0x63, 0x68, 0x12, 0x4c, 0x0a, 0x10, 0x73, 0x61, 0x66, 0x65, 0x5f, 0x72, 0x65, 0x67, 0x65,
+	0x78, 0x5f, 0x6d, 0x61, 0x74, 0x63, 0x68, 0x18, 0x0b, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x20, 0x2e,
+	0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x74, 0x79, 0x70, 0x65, 0x2e, 0x6d, 0x61, 0x74, 0x63, 0x68,
+	0x65, 0x72, 0x2e, 0x52, 0x65, 0x67, 0x65, 0x78, 0x4d, 0x61, 0x74, 0x63, 0x68, 0x65, 0x72, 0x48,
+	0x00, 0x52, 0x0e, 0x73, 0x61, 0x66, 0x65, 0x52, 0x65, 0x67, 0x65, 0x78, 0x4d, 0x61, 0x74, 0x63,
+	0x68, 0x12, 0x39, 0x0a, 0x0b, 0x72, 0x61, 0x6e, 0x67, 0x65, 0x5f, 0x6d, 0x61, 0x74, 0x63, 0x68,
+	0x18, 0x06, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x16, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x74,
+	0x79, 0x70, 0x65, 0x2e, 0x49, 0x6e, 0x74, 0x36, 0x34, 0x52, 0x61, 0x6e, 0x67, 0x65, 0x48, 0x00,
+	0x52, 0x0a, 0x72, 0x61, 0x6e, 0x67, 0x65, 0x4d, 0x61, 0x74, 0x63, 0x68, 0x12, 0x25, 0x0a, 0x0d,
+	0x70, 0x72, 0x65, 0x73, 0x65, 0x6e, 0x74, 0x5f, 0x6d, 0x61, 0x74, 0x63, 0x68, 0x18, 0x07, 0x20,
+	0x01, 0x28, 0x08, 0x48, 0x00, 0x52, 0x0c, 0x70, 0x72, 0x65, 0x73, 0x65, 0x6e, 0x74, 0x4d, 0x61,
+	0x74, 0x63, 0x68, 0x12, 0x2c, 0x0a, 0x0c, 0x70, 0x72, 0x65, 0x66, 0x69, 0x78, 0x5f, 0x6d, 0x61,
+	0x74, 0x63, 0x68, 0x18, 0x09, 0x20, 0x01, 0x28, 0x09, 0x42, 0x07, 0xfa, 0x42, 0x04, 0x72, 0x02,
+	0x20, 0x01, 0x48, 0x00, 0x52, 0x0b, 0x70, 0x72, 0x65, 0x66, 0x69, 0x78, 0x4d, 0x61, 0x74, 0x63,
+	0x68, 0x12, 0x2c, 0x0a, 0x0c, 0x73, 0x75, 0x66, 0x66, 0x69, 0x78, 0x5f, 0x6d, 0x61, 0x74, 0x63,
+	0x68, 0x18, 0x0a, 0x20, 0x01, 0x28, 0x09, 0x42, 0x07, 0xfa, 0x42, 0x04, 0x72, 0x02, 0x20, 0x01,
+	0x48, 0x00, 0x52, 0x0b, 0x73, 0x75, 0x66, 0x66, 0x69, 0x78, 0x4d, 0x61, 0x74, 0x63, 0x68, 0x12,
+	0x21, 0x0a, 0x0c, 0x69, 0x6e, 0x76, 0x65, 0x72, 0x74, 0x5f, 0x6d, 0x61, 0x74, 0x63, 0x68, 0x18,
+	0x08, 0x20, 0x01, 0x28, 0x08, 0x52, 0x0b, 0x69, 0x6e, 0x76, 0x65, 0x72, 0x74, 0x4d, 0x61, 0x74,
+	0x63, 0x68, 0x42, 0x18, 0x0a, 0x16, 0x68, 0x65, 0x61, 0x64, 0x65, 0x72, 0x5f, 0x6d, 0x61, 0x74,
+	0x63, 0x68, 0x5f, 0x73, 0x70, 0x65, 0x63, 0x69, 0x66, 0x69, 0x65, 0x72, 0x4a, 0x04, 0x08, 0x02,
+	0x10, 0x03, 0x4a, 0x04, 0x08, 0x03, 0x10, 0x04, 0x22, 0xaf, 0x02, 0x0a, 0x15, 0x51, 0x75, 0x65,
+	0x72, 0x79, 0x50, 0x61, 0x72, 0x61, 0x6d, 0x65, 0x74, 0x65, 0x72, 0x4d, 0x61, 0x74, 0x63, 0x68,
+	0x65, 0x72, 0x12, 0x1e, 0x0a, 0x04, 0x6e, 0x61, 0x6d, 0x65, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09,
+	0x42, 0x0a, 0xfa, 0x42, 0x07, 0x72, 0x05, 0x20, 0x01, 0x28, 0x80, 0x08, 0x52, 0x04, 0x6e, 0x61,
+	0x6d, 0x65, 0x12, 0x1e, 0x0a, 0x05, 0x76, 0x61, 0x6c, 0x75, 0x65, 0x18, 0x03, 0x20, 0x01, 0x28,
+	0x09, 0x42, 0x08, 0x18, 0x01, 0xb8, 0xee, 0xf2, 0xd2, 0x05, 0x01, 0x52, 0x05, 0x76, 0x61, 0x6c,
+	0x75, 0x65, 0x12, 0x3a, 0x0a, 0x05, 0x72, 0x65, 0x67, 0x65, 0x78, 0x18, 0x04, 0x20, 0x01, 0x28,
+	0x0b, 0x32, 0x1a, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f,
+	0x62, 0x75, 0x66, 0x2e, 0x42, 0x6f, 0x6f, 0x6c, 0x56, 0x61, 0x6c, 0x75, 0x65, 0x42, 0x08, 0x18,
+	0x01, 0xb8, 0xee, 0xf2, 0xd2, 0x05, 0x01, 0x52, 0x05, 0x72, 0x65, 0x67, 0x65, 0x78, 0x12, 0x50,
+	0x0a, 0x0c, 0x73, 0x74, 0x72, 0x69, 0x6e, 0x67, 0x5f, 0x6d, 0x61, 0x74, 0x63, 0x68, 0x18, 0x05,
+	0x20, 0x01, 0x28, 0x0b, 0x32, 0x21, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x74, 0x79, 0x70,
+	0x65, 0x2e, 0x6d, 0x61, 0x74, 0x63, 0x68, 0x65, 0x72, 0x2e, 0x53, 0x74, 0x72, 0x69, 0x6e, 0x67,
+	0x4d, 0x61, 0x74, 0x63, 0x68, 0x65, 0x72, 0x42, 0x08, 0xfa, 0x42, 0x05, 0x8a, 0x01, 0x02, 0x10,
+	0x01, 0x48, 0x00, 0x52, 0x0b, 0x73, 0x74, 0x72, 0x69, 0x6e, 0x67, 0x4d, 0x61, 0x74, 0x63, 0x68,
+	0x12, 0x25, 0x0a, 0x0d, 0x70, 0x72, 0x65, 0x73, 0x65, 0x6e, 0x74, 0x5f, 0x6d, 0x61, 0x74, 0x63,
+	0x68, 0x18, 0x06, 0x20, 0x01, 0x28, 0x08, 0x48, 0x00, 0x52, 0x0c, 0x70, 0x72, 0x65, 0x73, 0x65,
+	0x6e, 0x74, 0x4d, 0x61, 0x74, 0x63, 0x68, 0x42, 0x21, 0x0a, 0x1f, 0x71, 0x75, 0x65, 0x72, 0x79,
+	0x5f, 0x70, 0x61, 0x72, 0x61, 0x6d, 0x65, 0x74, 0x65, 0x72, 0x5f, 0x6d, 0x61, 0x74, 0x63, 0x68,
+	0x5f, 0x73, 0x70, 0x65, 0x63, 0x69, 0x66, 0x69, 0x65, 0x72, 0x42, 0x5f, 0x0a, 0x20, 0x69, 0x6f,
+	0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x70, 0x72, 0x6f, 0x78, 0x79, 0x2e, 0x65, 0x6e, 0x76, 0x6f,
+	0x79, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x76, 0x32, 0x2e, 0x72, 0x6f, 0x75, 0x74, 0x65, 0x42, 0x14,
+	0x52, 0x6f, 0x75, 0x74, 0x65, 0x43, 0x6f, 0x6d, 0x70, 0x6f, 0x6e, 0x65, 0x6e, 0x74, 0x73, 0x50,
+	0x72, 0x6f, 0x74, 0x6f, 0x50, 0x01, 0xf2, 0x98, 0xfe, 0x8f, 0x05, 0x17, 0x12, 0x15, 0x65, 0x6e,
+	0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x72, 0x6f, 0x75, 0x74, 0x65,
+	0x2e, 0x76, 0x33, 0xba, 0x80, 0xc8, 0xd1, 0x06, 0x02, 0x10, 0x01, 0x62, 0x06, 0x70, 0x72, 0x6f,
+	0x74, 0x6f, 0x33,
+}
+
+var (
+	file_envoy_api_v2_route_route_components_proto_rawDescOnce sync.Once
+	file_envoy_api_v2_route_route_components_proto_rawDescData = file_envoy_api_v2_route_route_components_proto_rawDesc
+)
+
+func file_envoy_api_v2_route_route_components_proto_rawDescGZIP() []byte {
+	file_envoy_api_v2_route_route_components_proto_rawDescOnce.Do(func() {
+		file_envoy_api_v2_route_route_components_proto_rawDescData = protoimpl.X.CompressGZIP(file_envoy_api_v2_route_route_components_proto_rawDescData)
+	})
+	return file_envoy_api_v2_route_route_components_proto_rawDescData
+}
+
+var file_envoy_api_v2_route_route_components_proto_enumTypes = make([]protoimpl.EnumInfo, 4)
+var file_envoy_api_v2_route_route_components_proto_msgTypes = make([]protoimpl.MessageInfo, 44)
+var file_envoy_api_v2_route_route_components_proto_goTypes = []interface{}{
+	(VirtualHost_TlsRequirementType)(0),          // 0: envoy.api.v2.route.VirtualHost.TlsRequirementType
+	(RouteAction_ClusterNotFoundResponseCode)(0), // 1: envoy.api.v2.route.RouteAction.ClusterNotFoundResponseCode
+	(RouteAction_InternalRedirectAction)(0),      // 2: envoy.api.v2.route.RouteAction.InternalRedirectAction
+	(RedirectAction_RedirectResponseCode)(0),     // 3: envoy.api.v2.route.RedirectAction.RedirectResponseCode
+	(*VirtualHost)(nil),                          // 4: envoy.api.v2.route.VirtualHost
+	(*FilterAction)(nil),                         // 5: envoy.api.v2.route.FilterAction
+	(*Route)(nil),                                // 6: envoy.api.v2.route.Route
+	(*WeightedCluster)(nil),                      // 7: envoy.api.v2.route.WeightedCluster
+	(*RouteMatch)(nil),                           // 8: envoy.api.v2.route.RouteMatch
+	(*CorsPolicy)(nil),                           // 9: envoy.api.v2.route.CorsPolicy
+	(*RouteAction)(nil),                          // 10: envoy.api.v2.route.RouteAction
+	(*RetryPolicy)(nil),                          // 11: envoy.api.v2.route.RetryPolicy
+	(*HedgePolicy)(nil),                          // 12: envoy.api.v2.route.HedgePolicy
+	(*RedirectAction)(nil),                       // 13: envoy.api.v2.route.RedirectAction
+	(*DirectResponseAction)(nil),                 // 14: envoy.api.v2.route.DirectResponseAction
+	(*Decorator)(nil),                            // 15: envoy.api.v2.route.Decorator
+	(*Tracing)(nil),                              // 16: envoy.api.v2.route.Tracing
+	(*VirtualCluster)(nil),                       // 17: envoy.api.v2.route.VirtualCluster
+	(*RateLimit)(nil),                            // 18: envoy.api.v2.route.RateLimit
+	(*HeaderMatcher)(nil),                        // 19: envoy.api.v2.route.HeaderMatcher
+	(*QueryParameterMatcher)(nil),                // 20: envoy.api.v2.route.QueryParameterMatcher
+	nil,                                          // 21: envoy.api.v2.route.VirtualHost.PerFilterConfigEntry
+	nil,                                          // 22: envoy.api.v2.route.VirtualHost.TypedPerFilterConfigEntry
+	nil,                                          // 23: envoy.api.v2.route.Route.PerFilterConfigEntry
+	nil,                                          // 24: envoy.api.v2.route.Route.TypedPerFilterConfigEntry
+	(*WeightedCluster_ClusterWeight)(nil),        // 25: envoy.api.v2.route.WeightedCluster.ClusterWeight
+	nil,                                          // 26: envoy.api.v2.route.WeightedCluster.ClusterWeight.PerFilterConfigEntry
+	nil,                                          // 27: envoy.api.v2.route.WeightedCluster.ClusterWeight.TypedPerFilterConfigEntry
+	(*RouteMatch_GrpcRouteMatchOptions)(nil),     // 28: envoy.api.v2.route.RouteMatch.GrpcRouteMatchOptions
+	(*RouteMatch_TlsContextMatchOptions)(nil),           // 29: envoy.api.v2.route.RouteMatch.TlsContextMatchOptions
+	(*RouteAction_RequestMirrorPolicy)(nil),             // 30: envoy.api.v2.route.RouteAction.RequestMirrorPolicy
+	(*RouteAction_HashPolicy)(nil),                      // 31: envoy.api.v2.route.RouteAction.HashPolicy
+	(*RouteAction_UpgradeConfig)(nil),                   // 32: envoy.api.v2.route.RouteAction.UpgradeConfig
+	(*RouteAction_HashPolicy_Header)(nil),               // 33: envoy.api.v2.route.RouteAction.HashPolicy.Header
+	(*RouteAction_HashPolicy_Cookie)(nil),               // 34: envoy.api.v2.route.RouteAction.HashPolicy.Cookie
+	(*RouteAction_HashPolicy_ConnectionProperties)(nil), // 35: envoy.api.v2.route.RouteAction.HashPolicy.ConnectionProperties
+	(*RouteAction_HashPolicy_QueryParameter)(nil),       // 36: envoy.api.v2.route.RouteAction.HashPolicy.QueryParameter
+	(*RouteAction_HashPolicy_FilterState)(nil),          // 37: envoy.api.v2.route.RouteAction.HashPolicy.FilterState
+	(*RetryPolicy_RetryPriority)(nil),                   // 38: envoy.api.v2.route.RetryPolicy.RetryPriority
+	(*RetryPolicy_RetryHostPredicate)(nil),              // 39: envoy.api.v2.route.RetryPolicy.RetryHostPredicate
+	(*RetryPolicy_RetryBackOff)(nil),                    // 40: envoy.api.v2.route.RetryPolicy.RetryBackOff
+	(*RateLimit_Action)(nil),                            // 41: envoy.api.v2.route.RateLimit.Action
+	(*RateLimit_Action_SourceCluster)(nil),              // 42: envoy.api.v2.route.RateLimit.Action.SourceCluster
+	(*RateLimit_Action_DestinationCluster)(nil),         // 43: envoy.api.v2.route.RateLimit.Action.DestinationCluster
+	(*RateLimit_Action_RequestHeaders)(nil),             // 44: envoy.api.v2.route.RateLimit.Action.RequestHeaders
+	(*RateLimit_Action_RemoteAddress)(nil),              // 45: envoy.api.v2.route.RateLimit.Action.RemoteAddress
+	(*RateLimit_Action_GenericKey)(nil),                 // 46: envoy.api.v2.route.RateLimit.Action.GenericKey
+	(*RateLimit_Action_HeaderValueMatch)(nil),           // 47: envoy.api.v2.route.RateLimit.Action.HeaderValueMatch
+	(*core.HeaderValueOption)(nil),                      // 48: envoy.api.v2.core.HeaderValueOption
+	(*any.Any)(nil),                                     // 49: google.protobuf.Any
+	(*wrappers.UInt32Value)(nil),                        // 50: google.protobuf.UInt32Value
+	(*core.Metadata)(nil),                               // 51: envoy.api.v2.core.Metadata
+	(*matcher.RegexMatcher)(nil),                        // 52: envoy.type.matcher.RegexMatcher
+	(*wrappers.BoolValue)(nil),                          // 53: google.protobuf.BoolValue
+	(*core.RuntimeFractionalPercent)(nil),               // 54: envoy.api.v2.core.RuntimeFractionalPercent
+	(*matcher.StringMatcher)(nil),                       // 55: envoy.type.matcher.StringMatcher
+	(*matcher.RegexMatchAndSubstitute)(nil),             // 56: envoy.type.matcher.RegexMatchAndSubstitute
+	(*duration.Duration)(nil),                           // 57: google.protobuf.Duration
+	(core.RoutingPriority)(0),                           // 58: envoy.api.v2.core.RoutingPriority
+	(*_type.FractionalPercent)(nil),                     // 59: envoy.type.FractionalPercent
+	(*core.DataSource)(nil),                             // 60: envoy.api.v2.core.DataSource
+	(*v2.CustomTag)(nil),                                // 61: envoy.type.tracing.v2.CustomTag
+	(core.RequestMethod)(0),                             // 62: envoy.api.v2.core.RequestMethod
+	(*_type.Int64Range)(nil),                            // 63: envoy.type.Int64Range
+	(*_struct.Struct)(nil),                              // 64: google.protobuf.Struct
+}
+var file_envoy_api_v2_route_route_components_proto_depIdxs = []int32{
+	6,   // 0: envoy.api.v2.route.VirtualHost.routes:type_name -> envoy.api.v2.route.Route
+	0,   // 1: envoy.api.v2.route.VirtualHost.require_tls:type_name -> envoy.api.v2.route.VirtualHost.TlsRequirementType
+	17,  // 2: envoy.api.v2.route.VirtualHost.virtual_clusters:type_name -> envoy.api.v2.route.VirtualCluster
+	18,  // 3: envoy.api.v2.route.VirtualHost.rate_limits:type_name -> envoy.api.v2.route.RateLimit
+	48,  // 4: envoy.api.v2.route.VirtualHost.request_headers_to_add:type_name -> envoy.api.v2.core.HeaderValueOption
+	48,  // 5: envoy.api.v2.route.VirtualHost.response_headers_to_add:type_name -> envoy.api.v2.core.HeaderValueOption
+	9,   // 6: envoy.api.v2.route.VirtualHost.cors:type_name -> envoy.api.v2.route.CorsPolicy
+	21,  // 7: envoy.api.v2.route.VirtualHost.per_filter_config:type_name -> envoy.api.v2.route.VirtualHost.PerFilterConfigEntry
+	22,  // 8: envoy.api.v2.route.VirtualHost.typed_per_filter_config:type_name -> envoy.api.v2.route.VirtualHost.TypedPerFilterConfigEntry
+	11,  // 9: envoy.api.v2.route.VirtualHost.retry_policy:type_name -> envoy.api.v2.route.RetryPolicy
+	49,  // 10: envoy.api.v2.route.VirtualHost.retry_policy_typed_config:type_name -> google.protobuf.Any
+	12,  // 11: envoy.api.v2.route.VirtualHost.hedge_policy:type_name -> envoy.api.v2.route.HedgePolicy
+	50,  // 12: envoy.api.v2.route.VirtualHost.per_request_buffer_limit_bytes:type_name -> google.protobuf.UInt32Value
+	49,  // 13: envoy.api.v2.route.FilterAction.action:type_name -> google.protobuf.Any
+	8,   // 14: envoy.api.v2.route.Route.match:type_name -> envoy.api.v2.route.RouteMatch
+	10,  // 15: envoy.api.v2.route.Route.route:type_name -> envoy.api.v2.route.RouteAction
+	13,  // 16: envoy.api.v2.route.Route.redirect:type_name -> envoy.api.v2.route.RedirectAction
+	14,  // 17: envoy.api.v2.route.Route.direct_response:type_name -> envoy.api.v2.route.DirectResponseAction
+	5,   // 18: envoy.api.v2.route.Route.filter_action:type_name -> envoy.api.v2.route.FilterAction
+	51,  // 19: envoy.api.v2.route.Route.metadata:type_name -> envoy.api.v2.core.Metadata
+	15,  // 20: envoy.api.v2.route.Route.decorator:type_name -> envoy.api.v2.route.Decorator
+	23,  // 21: envoy.api.v2.route.Route.per_filter_config:type_name -> envoy.api.v2.route.Route.PerFilterConfigEntry
+	24,  // 22: envoy.api.v2.route.Route.typed_per_filter_config:type_name -> envoy.api.v2.route.Route.TypedPerFilterConfigEntry
+	48,  // 23: envoy.api.v2.route.Route.request_headers_to_add:type_name -> envoy.api.v2.core.HeaderValueOption
+	48,  // 24: envoy.api.v2.route.Route.response_headers_to_add:type_name -> envoy.api.v2.core.HeaderValueOption
+	16,  // 25: envoy.api.v2.route.Route.tracing:type_name -> envoy.api.v2.route.Tracing
+	50,  // 26: envoy.api.v2.route.Route.per_request_buffer_limit_bytes:type_name -> google.protobuf.UInt32Value
+	25,  // 27: envoy.api.v2.route.WeightedCluster.clusters:type_name -> envoy.api.v2.route.WeightedCluster.ClusterWeight
+	50,  // 28: envoy.api.v2.route.WeightedCluster.total_weight:type_name -> google.protobuf.UInt32Value
+	52,  // 29: envoy.api.v2.route.RouteMatch.safe_regex:type_name -> envoy.type.matcher.RegexMatcher
+	53,  // 30: envoy.api.v2.route.RouteMatch.case_sensitive:type_name -> google.protobuf.BoolValue
+	54,  // 31: envoy.api.v2.route.RouteMatch.runtime_fraction:type_name -> envoy.api.v2.core.RuntimeFractionalPercent
+	19,  // 32: envoy.api.v2.route.RouteMatch.headers:type_name -> envoy.api.v2.route.HeaderMatcher
+	20,  // 33: envoy.api.v2.route.RouteMatch.query_parameters:type_name -> envoy.api.v2.route.QueryParameterMatcher
+	28,  // 34: envoy.api.v2.route.RouteMatch.grpc:type_name -> envoy.api.v2.route.RouteMatch.GrpcRouteMatchOptions
+	29,  // 35: envoy.api.v2.route.RouteMatch.tls_context:type_name -> envoy.api.v2.route.RouteMatch.TlsContextMatchOptions
+	55,  // 36: envoy.api.v2.route.CorsPolicy.allow_origin_string_match:type_name -> envoy.type.matcher.StringMatcher
+	53,  // 37: envoy.api.v2.route.CorsPolicy.allow_credentials:type_name -> google.protobuf.BoolValue
+	53,  // 38: envoy.api.v2.route.CorsPolicy.enabled:type_name -> google.protobuf.BoolValue
+	54,  // 39: envoy.api.v2.route.CorsPolicy.filter_enabled:type_name -> envoy.api.v2.core.RuntimeFractionalPercent
+	54,  // 40: envoy.api.v2.route.CorsPolicy.shadow_enabled:type_name -> envoy.api.v2.core.RuntimeFractionalPercent
+	7,   // 41: envoy.api.v2.route.RouteAction.weighted_clusters:type_name -> envoy.api.v2.route.WeightedCluster
+	1,   // 42: envoy.api.v2.route.RouteAction.cluster_not_found_response_code:type_name -> envoy.api.v2.route.RouteAction.ClusterNotFoundResponseCode
+	51,  // 43: envoy.api.v2.route.RouteAction.metadata_match:type_name -> envoy.api.v2.core.Metadata
+	56,  // 44: envoy.api.v2.route.RouteAction.regex_rewrite:type_name -> envoy.type.matcher.RegexMatchAndSubstitute
+	53,  // 45: envoy.api.v2.route.RouteAction.auto_host_rewrite:type_name -> google.protobuf.BoolValue
+	57,  // 46: envoy.api.v2.route.RouteAction.timeout:type_name -> google.protobuf.Duration
+	57,  // 47: envoy.api.v2.route.RouteAction.idle_timeout:type_name -> google.protobuf.Duration
+	11,  // 48: envoy.api.v2.route.RouteAction.retry_policy:type_name -> envoy.api.v2.route.RetryPolicy
+	49,  // 49: envoy.api.v2.route.RouteAction.retry_policy_typed_config:type_name -> google.protobuf.Any
+	30,  // 50: envoy.api.v2.route.RouteAction.request_mirror_policy:type_name -> envoy.api.v2.route.RouteAction.RequestMirrorPolicy
+	30,  // 51: envoy.api.v2.route.RouteAction.request_mirror_policies:type_name -> envoy.api.v2.route.RouteAction.RequestMirrorPolicy
+	58,  // 52: envoy.api.v2.route.RouteAction.priority:type_name -> envoy.api.v2.core.RoutingPriority
+	18,  // 53: envoy.api.v2.route.RouteAction.rate_limits:type_name -> envoy.api.v2.route.RateLimit
+	53,  // 54: envoy.api.v2.route.RouteAction.include_vh_rate_limits:type_name -> google.protobuf.BoolValue
+	31,  // 55: envoy.api.v2.route.RouteAction.hash_policy:type_name -> envoy.api.v2.route.RouteAction.HashPolicy
+	9,   // 56: envoy.api.v2.route.RouteAction.cors:type_name -> envoy.api.v2.route.CorsPolicy
+	57,  // 57: envoy.api.v2.route.RouteAction.max_grpc_timeout:type_name -> google.protobuf.Duration
+	57,  // 58: envoy.api.v2.route.RouteAction.grpc_timeout_offset:type_name -> google.protobuf.Duration
+	32,  // 59: envoy.api.v2.route.RouteAction.upgrade_configs:type_name -> envoy.api.v2.route.RouteAction.UpgradeConfig
+	2,   // 60: envoy.api.v2.route.RouteAction.internal_redirect_action:type_name -> envoy.api.v2.route.RouteAction.InternalRedirectAction
+	50,  // 61: envoy.api.v2.route.RouteAction.max_internal_redirects:type_name -> google.protobuf.UInt32Value
+	12,  // 62: envoy.api.v2.route.RouteAction.hedge_policy:type_name -> envoy.api.v2.route.HedgePolicy
+	50,  // 63: envoy.api.v2.route.RetryPolicy.num_retries:type_name -> google.protobuf.UInt32Value
+	57,  // 64: envoy.api.v2.route.RetryPolicy.per_try_timeout:type_name -> google.protobuf.Duration
+	38,  // 65: envoy.api.v2.route.RetryPolicy.retry_priority:type_name -> envoy.api.v2.route.RetryPolicy.RetryPriority
+	39,  // 66: envoy.api.v2.route.RetryPolicy.retry_host_predicate:type_name -> envoy.api.v2.route.RetryPolicy.RetryHostPredicate
+	40,  // 67: envoy.api.v2.route.RetryPolicy.retry_back_off:type_name -> envoy.api.v2.route.RetryPolicy.RetryBackOff
+	19,  // 68: envoy.api.v2.route.RetryPolicy.retriable_headers:type_name -> envoy.api.v2.route.HeaderMatcher
+	19,  // 69: envoy.api.v2.route.RetryPolicy.retriable_request_headers:type_name -> envoy.api.v2.route.HeaderMatcher
+	50,  // 70: envoy.api.v2.route.HedgePolicy.initial_requests:type_name -> google.protobuf.UInt32Value
+	59,  // 71: envoy.api.v2.route.HedgePolicy.additional_request_chance:type_name -> envoy.type.FractionalPercent
+	3,   // 72: envoy.api.v2.route.RedirectAction.response_code:type_name -> envoy.api.v2.route.RedirectAction.RedirectResponseCode
+	60,  // 73: envoy.api.v2.route.DirectResponseAction.body:type_name -> envoy.api.v2.core.DataSource
+	53,  // 74: envoy.api.v2.route.Decorator.propagate:type_name -> google.protobuf.BoolValue
+	59,  // 75: envoy.api.v2.route.Tracing.client_sampling:type_name -> envoy.type.FractionalPercent
+	59,  // 76: envoy.api.v2.route.Tracing.random_sampling:type_name -> envoy.type.FractionalPercent
+	59,  // 77: envoy.api.v2.route.Tracing.overall_sampling:type_name -> envoy.type.FractionalPercent
+	61,  // 78: envoy.api.v2.route.Tracing.custom_tags:type_name -> envoy.type.tracing.v2.CustomTag
+	19,  // 79: envoy.api.v2.route.VirtualCluster.headers:type_name -> envoy.api.v2.route.HeaderMatcher
+	62,  // 80: envoy.api.v2.route.VirtualCluster.method:type_name -> envoy.api.v2.core.RequestMethod
+	50,  // 81: envoy.api.v2.route.RateLimit.stage:type_name -> google.protobuf.UInt32Value
+	41,  // 82: envoy.api.v2.route.RateLimit.actions:type_name -> envoy.api.v2.route.RateLimit.Action
+	52,  // 83: envoy.api.v2.route.HeaderMatcher.safe_regex_match:type_name -> envoy.type.matcher.RegexMatcher
+	63,  // 84: envoy.api.v2.route.HeaderMatcher.range_match:type_name -> envoy.type.Int64Range
+	53,  // 85: envoy.api.v2.route.QueryParameterMatcher.regex:type_name -> google.protobuf.BoolValue
+	55,  // 86: envoy.api.v2.route.QueryParameterMatcher.string_match:type_name -> envoy.type.matcher.StringMatcher
+	64,  // 87: envoy.api.v2.route.VirtualHost.PerFilterConfigEntry.value:type_name -> google.protobuf.Struct
+	49,  // 88: envoy.api.v2.route.VirtualHost.TypedPerFilterConfigEntry.value:type_name -> google.protobuf.Any
+	64,  // 89: envoy.api.v2.route.Route.PerFilterConfigEntry.value:type_name -> google.protobuf.Struct
+	49,  // 90: envoy.api.v2.route.Route.TypedPerFilterConfigEntry.value:type_name -> google.protobuf.Any
+	50,  // 91: envoy.api.v2.route.WeightedCluster.ClusterWeight.weight:type_name -> google.protobuf.UInt32Value
+	51,  // 92: envoy.api.v2.route.WeightedCluster.ClusterWeight.metadata_match:type_name -> envoy.api.v2.core.Metadata
+	48,  // 93: envoy.api.v2.route.WeightedCluster.ClusterWeight.request_headers_to_add:type_name -> envoy.api.v2.core.HeaderValueOption
+	48,  // 94: envoy.api.v2.route.WeightedCluster.ClusterWeight.response_headers_to_add:type_name -> envoy.api.v2.core.HeaderValueOption
+	26,  // 95: envoy.api.v2.route.WeightedCluster.ClusterWeight.per_filter_config:type_name -> envoy.api.v2.route.WeightedCluster.ClusterWeight.PerFilterConfigEntry
+	27,  // 96: envoy.api.v2.route.WeightedCluster.ClusterWeight.typed_per_filter_config:type_name -> envoy.api.v2.route.WeightedCluster.ClusterWeight.TypedPerFilterConfigEntry
+	64,  // 97: envoy.api.v2.route.WeightedCluster.ClusterWeight.PerFilterConfigEntry.value:type_name -> google.protobuf.Struct
+	49,  // 98: envoy.api.v2.route.WeightedCluster.ClusterWeight.TypedPerFilterConfigEntry.value:type_name -> google.protobuf.Any
+	53,  // 99: envoy.api.v2.route.RouteMatch.TlsContextMatchOptions.presented:type_name -> google.protobuf.BoolValue
+	53,  // 100: envoy.api.v2.route.RouteMatch.TlsContextMatchOptions.validated:type_name -> google.protobuf.BoolValue
+	54,  // 101: envoy.api.v2.route.RouteAction.RequestMirrorPolicy.runtime_fraction:type_name -> envoy.api.v2.core.RuntimeFractionalPercent
+	53,  // 102: envoy.api.v2.route.RouteAction.RequestMirrorPolicy.trace_sampled:type_name -> google.protobuf.BoolValue
+	33,  // 103: envoy.api.v2.route.RouteAction.HashPolicy.header:type_name -> envoy.api.v2.route.RouteAction.HashPolicy.Header
+	34,  // 104: envoy.api.v2.route.RouteAction.HashPolicy.cookie:type_name -> envoy.api.v2.route.RouteAction.HashPolicy.Cookie
+	35,  // 105: envoy.api.v2.route.RouteAction.HashPolicy.connection_properties:type_name -> envoy.api.v2.route.RouteAction.HashPolicy.ConnectionProperties
+	36,  // 106: envoy.api.v2.route.RouteAction.HashPolicy.query_parameter:type_name -> envoy.api.v2.route.RouteAction.HashPolicy.QueryParameter
+	37,  // 107: envoy.api.v2.route.RouteAction.HashPolicy.filter_state:type_name -> envoy.api.v2.route.RouteAction.HashPolicy.FilterState
+	53,  // 108: envoy.api.v2.route.RouteAction.UpgradeConfig.enabled:type_name -> google.protobuf.BoolValue
+	57,  // 109: envoy.api.v2.route.RouteAction.HashPolicy.Cookie.ttl:type_name -> google.protobuf.Duration
+	64,  // 110: envoy.api.v2.route.RetryPolicy.RetryPriority.config:type_name -> google.protobuf.Struct
+	49,  // 111: envoy.api.v2.route.RetryPolicy.RetryPriority.typed_config:type_name -> google.protobuf.Any
+	64,  // 112: envoy.api.v2.route.RetryPolicy.RetryHostPredicate.config:type_name -> google.protobuf.Struct
+	49,  // 113: envoy.api.v2.route.RetryPolicy.RetryHostPredicate.typed_config:type_name -> google.protobuf.Any
+	57,  // 114: envoy.api.v2.route.RetryPolicy.RetryBackOff.base_interval:type_name -> google.protobuf.Duration
+	57,  // 115: envoy.api.v2.route.RetryPolicy.RetryBackOff.max_interval:type_name -> google.protobuf.Duration
+	42,  // 116: envoy.api.v2.route.RateLimit.Action.source_cluster:type_name -> envoy.api.v2.route.RateLimit.Action.SourceCluster
+	43,  // 117: envoy.api.v2.route.RateLimit.Action.destination_cluster:type_name -> envoy.api.v2.route.RateLimit.Action.DestinationCluster
+	44,  // 118: envoy.api.v2.route.RateLimit.Action.request_headers:type_name -> envoy.api.v2.route.RateLimit.Action.RequestHeaders
+	45,  // 119: envoy.api.v2.route.RateLimit.Action.remote_address:type_name -> envoy.api.v2.route.RateLimit.Action.RemoteAddress
+	46,  // 120: envoy.api.v2.route.RateLimit.Action.generic_key:type_name -> envoy.api.v2.route.RateLimit.Action.GenericKey
+	47,  // 121: envoy.api.v2.route.RateLimit.Action.header_value_match:type_name -> envoy.api.v2.route.RateLimit.Action.HeaderValueMatch
+	53,  // 122: envoy.api.v2.route.RateLimit.Action.HeaderValueMatch.expect_match:type_name -> google.protobuf.BoolValue
+	19,  // 123: envoy.api.v2.route.RateLimit.Action.HeaderValueMatch.headers:type_name -> envoy.api.v2.route.HeaderMatcher
+	124, // [124:124] is the sub-list for method output_type
+	124, // [124:124] is the sub-list for method input_type
+	124, // [124:124] is the sub-list for extension type_name
+	124, // [124:124] is the sub-list for extension extendee
+	0,   // [0:124] is the sub-list for field type_name
+}
+
+func init() { file_envoy_api_v2_route_route_components_proto_init() }
+func file_envoy_api_v2_route_route_components_proto_init() {
+	if File_envoy_api_v2_route_route_components_proto != nil {
+		return
+	}
+	if !protoimpl.UnsafeEnabled {
+		file_envoy_api_v2_route_route_components_proto_msgTypes[0].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*VirtualHost); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_api_v2_route_route_components_proto_msgTypes[1].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*FilterAction); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_api_v2_route_route_components_proto_msgTypes[2].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*Route); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_api_v2_route_route_components_proto_msgTypes[3].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*WeightedCluster); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_api_v2_route_route_components_proto_msgTypes[4].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*RouteMatch); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_api_v2_route_route_components_proto_msgTypes[5].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*CorsPolicy); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_api_v2_route_route_components_proto_msgTypes[6].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*RouteAction); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_api_v2_route_route_components_proto_msgTypes[7].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*RetryPolicy); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_api_v2_route_route_components_proto_msgTypes[8].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*HedgePolicy); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_api_v2_route_route_components_proto_msgTypes[9].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*RedirectAction); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_api_v2_route_route_components_proto_msgTypes[10].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*DirectResponseAction); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_api_v2_route_route_components_proto_msgTypes[11].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*Decorator); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_api_v2_route_route_components_proto_msgTypes[12].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*Tracing); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_api_v2_route_route_components_proto_msgTypes[13].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*VirtualCluster); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_api_v2_route_route_components_proto_msgTypes[14].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*RateLimit); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_api_v2_route_route_components_proto_msgTypes[15].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*HeaderMatcher); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_api_v2_route_route_components_proto_msgTypes[16].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*QueryParameterMatcher); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_api_v2_route_route_components_proto_msgTypes[21].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*WeightedCluster_ClusterWeight); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_api_v2_route_route_components_proto_msgTypes[24].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*RouteMatch_GrpcRouteMatchOptions); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_api_v2_route_route_components_proto_msgTypes[25].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*RouteMatch_TlsContextMatchOptions); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_api_v2_route_route_components_proto_msgTypes[26].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*RouteAction_RequestMirrorPolicy); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_api_v2_route_route_components_proto_msgTypes[27].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*RouteAction_HashPolicy); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_api_v2_route_route_components_proto_msgTypes[28].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*RouteAction_UpgradeConfig); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_api_v2_route_route_components_proto_msgTypes[29].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*RouteAction_HashPolicy_Header); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_api_v2_route_route_components_proto_msgTypes[30].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*RouteAction_HashPolicy_Cookie); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_api_v2_route_route_components_proto_msgTypes[31].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*RouteAction_HashPolicy_ConnectionProperties); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_api_v2_route_route_components_proto_msgTypes[32].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*RouteAction_HashPolicy_QueryParameter); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_api_v2_route_route_components_proto_msgTypes[33].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*RouteAction_HashPolicy_FilterState); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_api_v2_route_route_components_proto_msgTypes[34].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*RetryPolicy_RetryPriority); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_api_v2_route_route_components_proto_msgTypes[35].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*RetryPolicy_RetryHostPredicate); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_api_v2_route_route_components_proto_msgTypes[36].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*RetryPolicy_RetryBackOff); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_api_v2_route_route_components_proto_msgTypes[37].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*RateLimit_Action); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_api_v2_route_route_components_proto_msgTypes[38].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*RateLimit_Action_SourceCluster); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_api_v2_route_route_components_proto_msgTypes[39].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*RateLimit_Action_DestinationCluster); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_api_v2_route_route_components_proto_msgTypes[40].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*RateLimit_Action_RequestHeaders); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_api_v2_route_route_components_proto_msgTypes[41].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*RateLimit_Action_RemoteAddress); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_api_v2_route_route_components_proto_msgTypes[42].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*RateLimit_Action_GenericKey); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_api_v2_route_route_components_proto_msgTypes[43].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*RateLimit_Action_HeaderValueMatch); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+	}
+	file_envoy_api_v2_route_route_components_proto_msgTypes[2].OneofWrappers = []interface{}{
+		(*Route_Route)(nil),
+		(*Route_Redirect)(nil),
+		(*Route_DirectResponse)(nil),
+		(*Route_FilterAction)(nil),
+	}
+	file_envoy_api_v2_route_route_components_proto_msgTypes[4].OneofWrappers = []interface{}{
+		(*RouteMatch_Prefix)(nil),
+		(*RouteMatch_Path)(nil),
+		(*RouteMatch_Regex)(nil),
+		(*RouteMatch_SafeRegex)(nil),
+	}
+	file_envoy_api_v2_route_route_components_proto_msgTypes[5].OneofWrappers = []interface{}{
+		(*CorsPolicy_Enabled)(nil),
+		(*CorsPolicy_FilterEnabled)(nil),
+	}
+	file_envoy_api_v2_route_route_components_proto_msgTypes[6].OneofWrappers = []interface{}{
+		(*RouteAction_Cluster)(nil),
+		(*RouteAction_ClusterHeader)(nil),
+		(*RouteAction_WeightedClusters)(nil),
+		(*RouteAction_HostRewrite)(nil),
+		(*RouteAction_AutoHostRewrite)(nil),
+		(*RouteAction_AutoHostRewriteHeader)(nil),
+	}
+	file_envoy_api_v2_route_route_components_proto_msgTypes[9].OneofWrappers = []interface{}{
+		(*RedirectAction_HttpsRedirect)(nil),
+		(*RedirectAction_SchemeRedirect)(nil),
+		(*RedirectAction_PathRedirect)(nil),
+		(*RedirectAction_PrefixRewrite)(nil),
+	}
+	file_envoy_api_v2_route_route_components_proto_msgTypes[15].OneofWrappers = []interface{}{
+		(*HeaderMatcher_ExactMatch)(nil),
+		(*HeaderMatcher_RegexMatch)(nil),
+		(*HeaderMatcher_SafeRegexMatch)(nil),
+		(*HeaderMatcher_RangeMatch)(nil),
+		(*HeaderMatcher_PresentMatch)(nil),
+		(*HeaderMatcher_PrefixMatch)(nil),
+		(*HeaderMatcher_SuffixMatch)(nil),
+	}
+	file_envoy_api_v2_route_route_components_proto_msgTypes[16].OneofWrappers = []interface{}{
+		(*QueryParameterMatcher_StringMatch)(nil),
+		(*QueryParameterMatcher_PresentMatch)(nil),
+	}
+	file_envoy_api_v2_route_route_components_proto_msgTypes[27].OneofWrappers = []interface{}{
+		(*RouteAction_HashPolicy_Header_)(nil),
+		(*RouteAction_HashPolicy_Cookie_)(nil),
+		(*RouteAction_HashPolicy_ConnectionProperties_)(nil),
+		(*RouteAction_HashPolicy_QueryParameter_)(nil),
+		(*RouteAction_HashPolicy_FilterState_)(nil),
+	}
+	file_envoy_api_v2_route_route_components_proto_msgTypes[34].OneofWrappers = []interface{}{
+		(*RetryPolicy_RetryPriority_Config)(nil),
+		(*RetryPolicy_RetryPriority_TypedConfig)(nil),
+	}
+	file_envoy_api_v2_route_route_components_proto_msgTypes[35].OneofWrappers = []interface{}{
+		(*RetryPolicy_RetryHostPredicate_Config)(nil),
+		(*RetryPolicy_RetryHostPredicate_TypedConfig)(nil),
+	}
+	file_envoy_api_v2_route_route_components_proto_msgTypes[37].OneofWrappers = []interface{}{
+		(*RateLimit_Action_SourceCluster_)(nil),
+		(*RateLimit_Action_DestinationCluster_)(nil),
+		(*RateLimit_Action_RequestHeaders_)(nil),
+		(*RateLimit_Action_RemoteAddress_)(nil),
+		(*RateLimit_Action_GenericKey_)(nil),
+		(*RateLimit_Action_HeaderValueMatch_)(nil),
+	}
+	type x struct{}
+	out := protoimpl.TypeBuilder{
+		File: protoimpl.DescBuilder{
+			GoPackagePath: reflect.TypeOf(x{}).PkgPath(),
+			RawDescriptor: file_envoy_api_v2_route_route_components_proto_rawDesc,
+			NumEnums:      4,
+			NumMessages:   44,
+			NumExtensions: 0,
+			NumServices:   0,
+		},
+		GoTypes:           file_envoy_api_v2_route_route_components_proto_goTypes,
+		DependencyIndexes: file_envoy_api_v2_route_route_components_proto_depIdxs,
+		EnumInfos:         file_envoy_api_v2_route_route_components_proto_enumTypes,
+		MessageInfos:      file_envoy_api_v2_route_route_components_proto_msgTypes,
+	}.Build()
+	File_envoy_api_v2_route_route_components_proto = out.File
+	file_envoy_api_v2_route_route_components_proto_rawDesc = nil
+	file_envoy_api_v2_route_route_components_proto_goTypes = nil
+	file_envoy_api_v2_route_route_components_proto_depIdxs = nil
+}
diff --git a/vendor/github.com/envoyproxy/go-control-plane/envoy/api/v2/route/route_components.pb.validate.go b/vendor/github.com/envoyproxy/go-control-plane/envoy/api/v2/route/route_components.pb.validate.go
new file mode 100644
index 00000000000..45f71ed0f07
--- /dev/null
+++ b/vendor/github.com/envoyproxy/go-control-plane/envoy/api/v2/route/route_components.pb.validate.go
@@ -0,0 +1,8187 @@
+// Code generated by protoc-gen-validate. DO NOT EDIT.
+// source: envoy/api/v2/route/route_components.proto
+
+package envoy_api_v2_route
+
+import (
+	"bytes"
+	"errors"
+	"fmt"
+	"net"
+	"net/mail"
+	"net/url"
+	"regexp"
+	"sort"
+	"strings"
+	"time"
+	"unicode/utf8"
+
+	"google.golang.org/protobuf/types/known/anypb"
+
+	core "github.com/envoyproxy/go-control-plane/envoy/api/v2/core"
+)
+
+// ensure the imports are used
+var (
+	_ = bytes.MinRead
+	_ = errors.New("")
+	_ = fmt.Print
+	_ = utf8.UTFMax
+	_ = (*regexp.Regexp)(nil)
+	_ = (*strings.Reader)(nil)
+	_ = net.IPv4len
+	_ = time.Duration(0)
+	_ = (*url.URL)(nil)
+	_ = (*mail.Address)(nil)
+	_ = anypb.Any{}
+	_ = sort.Sort
+
+	_ = core.RoutingPriority(0)
+
+	_ = core.RequestMethod(0)
+)
+
+// Validate checks the field values on VirtualHost with the rules defined in
+// the proto definition for this message. If any rules are violated, the first
+// error encountered is returned, or nil if there are no violations.
+func (m *VirtualHost) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on VirtualHost with the rules defined in
+// the proto definition for this message. If any rules are violated, the
+// result is a list of violation errors wrapped in VirtualHostMultiError, or
+// nil if none found.
+func (m *VirtualHost) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *VirtualHost) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	if len(m.GetName()) < 1 {
+		err := VirtualHostValidationError{
+			field:  "Name",
+			reason: "value length must be at least 1 bytes",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+	}
+
+	if len(m.GetDomains()) < 1 {
+		err := VirtualHostValidationError{
+			field:  "Domains",
+			reason: "value must contain at least 1 item(s)",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+	}
+
+	for idx, item := range m.GetDomains() {
+		_, _ = idx, item
+
+		if !_VirtualHost_Domains_Pattern.MatchString(item) {
+			err := VirtualHostValidationError{
+				field:  fmt.Sprintf("Domains[%v]", idx),
+				reason: "value does not match regex pattern \"^[^\\x00\\n\\r]*$\"",
+			}
+			if !all {
+				return err
+			}
+			errors = append(errors, err)
+		}
+
+	}
+
+	for idx, item := range m.GetRoutes() {
+		_, _ = idx, item
+
+		if all {
+			switch v := interface{}(item).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, VirtualHostValidationError{
+						field:  fmt.Sprintf("Routes[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, VirtualHostValidationError{
+						field:  fmt.Sprintf("Routes[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(item).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return VirtualHostValidationError{
+					field:  fmt.Sprintf("Routes[%v]", idx),
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	}
+
+	if _, ok := VirtualHost_TlsRequirementType_name[int32(m.GetRequireTls())]; !ok {
+		err := VirtualHostValidationError{
+			field:  "RequireTls",
+			reason: "value must be one of the defined enum values",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+	}
+
+	for idx, item := range m.GetVirtualClusters() {
+		_, _ = idx, item
+
+		if all {
+			switch v := interface{}(item).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, VirtualHostValidationError{
+						field:  fmt.Sprintf("VirtualClusters[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, VirtualHostValidationError{
+						field:  fmt.Sprintf("VirtualClusters[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(item).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return VirtualHostValidationError{
+					field:  fmt.Sprintf("VirtualClusters[%v]", idx),
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	}
+
+	for idx, item := range m.GetRateLimits() {
+		_, _ = idx, item
+
+		if all {
+			switch v := interface{}(item).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, VirtualHostValidationError{
+						field:  fmt.Sprintf("RateLimits[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, VirtualHostValidationError{
+						field:  fmt.Sprintf("RateLimits[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(item).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return VirtualHostValidationError{
+					field:  fmt.Sprintf("RateLimits[%v]", idx),
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	}
+
+	if len(m.GetRequestHeadersToAdd()) > 1000 {
+		err := VirtualHostValidationError{
+			field:  "RequestHeadersToAdd",
+			reason: "value must contain no more than 1000 item(s)",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+	}
+
+	for idx, item := range m.GetRequestHeadersToAdd() {
+		_, _ = idx, item
+
+		if all {
+			switch v := interface{}(item).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, VirtualHostValidationError{
+						field:  fmt.Sprintf("RequestHeadersToAdd[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, VirtualHostValidationError{
+						field:  fmt.Sprintf("RequestHeadersToAdd[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(item).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return VirtualHostValidationError{
+					field:  fmt.Sprintf("RequestHeadersToAdd[%v]", idx),
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	}
+
+	if len(m.GetResponseHeadersToAdd()) > 1000 {
+		err := VirtualHostValidationError{
+			field:  "ResponseHeadersToAdd",
+			reason: "value must contain no more than 1000 item(s)",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+	}
+
+	for idx, item := range m.GetResponseHeadersToAdd() {
+		_, _ = idx, item
+
+		if all {
+			switch v := interface{}(item).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, VirtualHostValidationError{
+						field:  fmt.Sprintf("ResponseHeadersToAdd[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, VirtualHostValidationError{
+						field:  fmt.Sprintf("ResponseHeadersToAdd[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(item).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return VirtualHostValidationError{
+					field:  fmt.Sprintf("ResponseHeadersToAdd[%v]", idx),
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	}
+
+	if all {
+		switch v := interface{}(m.GetCors()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, VirtualHostValidationError{
+					field:  "Cors",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, VirtualHostValidationError{
+					field:  "Cors",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetCors()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return VirtualHostValidationError{
+				field:  "Cors",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	{
+		sorted_keys := make([]string, len(m.GetPerFilterConfig()))
+		i := 0
+		for key := range m.GetPerFilterConfig() {
+			sorted_keys[i] = key
+			i++
+		}
+		sort.Slice(sorted_keys, func(i, j int) bool { return sorted_keys[i] < sorted_keys[j] })
+		for _, key := range sorted_keys {
+			val := m.GetPerFilterConfig()[key]
+			_ = val
+
+			// no validation rules for PerFilterConfig[key]
+
+			if all {
+				switch v := interface{}(val).(type) {
+				case interface{ ValidateAll() error }:
+					if err := v.ValidateAll(); err != nil {
+						errors = append(errors, VirtualHostValidationError{
+							field:  fmt.Sprintf("PerFilterConfig[%v]", key),
+							reason: "embedded message failed validation",
+							cause:  err,
+						})
+					}
+				case interface{ Validate() error }:
+					if err := v.Validate(); err != nil {
+						errors = append(errors, VirtualHostValidationError{
+							field:  fmt.Sprintf("PerFilterConfig[%v]", key),
+							reason: "embedded message failed validation",
+							cause:  err,
+						})
+					}
+				}
+			} else if v, ok := interface{}(val).(interface{ Validate() error }); ok {
+				if err := v.Validate(); err != nil {
+					return VirtualHostValidationError{
+						field:  fmt.Sprintf("PerFilterConfig[%v]", key),
+						reason: "embedded message failed validation",
+						cause:  err,
+					}
+				}
+			}
+
+		}
+	}
+
+	{
+		sorted_keys := make([]string, len(m.GetTypedPerFilterConfig()))
+		i := 0
+		for key := range m.GetTypedPerFilterConfig() {
+			sorted_keys[i] = key
+			i++
+		}
+		sort.Slice(sorted_keys, func(i, j int) bool { return sorted_keys[i] < sorted_keys[j] })
+		for _, key := range sorted_keys {
+			val := m.GetTypedPerFilterConfig()[key]
+			_ = val
+
+			// no validation rules for TypedPerFilterConfig[key]
+
+			if all {
+				switch v := interface{}(val).(type) {
+				case interface{ ValidateAll() error }:
+					if err := v.ValidateAll(); err != nil {
+						errors = append(errors, VirtualHostValidationError{
+							field:  fmt.Sprintf("TypedPerFilterConfig[%v]", key),
+							reason: "embedded message failed validation",
+							cause:  err,
+						})
+					}
+				case interface{ Validate() error }:
+					if err := v.Validate(); err != nil {
+						errors = append(errors, VirtualHostValidationError{
+							field:  fmt.Sprintf("TypedPerFilterConfig[%v]", key),
+							reason: "embedded message failed validation",
+							cause:  err,
+						})
+					}
+				}
+			} else if v, ok := interface{}(val).(interface{ Validate() error }); ok {
+				if err := v.Validate(); err != nil {
+					return VirtualHostValidationError{
+						field:  fmt.Sprintf("TypedPerFilterConfig[%v]", key),
+						reason: "embedded message failed validation",
+						cause:  err,
+					}
+				}
+			}
+
+		}
+	}
+
+	// no validation rules for IncludeRequestAttemptCount
+
+	// no validation rules for IncludeAttemptCountInResponse
+
+	if all {
+		switch v := interface{}(m.GetRetryPolicy()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, VirtualHostValidationError{
+					field:  "RetryPolicy",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, VirtualHostValidationError{
+					field:  "RetryPolicy",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetRetryPolicy()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return VirtualHostValidationError{
+				field:  "RetryPolicy",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if all {
+		switch v := interface{}(m.GetRetryPolicyTypedConfig()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, VirtualHostValidationError{
+					field:  "RetryPolicyTypedConfig",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, VirtualHostValidationError{
+					field:  "RetryPolicyTypedConfig",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetRetryPolicyTypedConfig()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return VirtualHostValidationError{
+				field:  "RetryPolicyTypedConfig",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if all {
+		switch v := interface{}(m.GetHedgePolicy()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, VirtualHostValidationError{
+					field:  "HedgePolicy",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, VirtualHostValidationError{
+					field:  "HedgePolicy",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetHedgePolicy()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return VirtualHostValidationError{
+				field:  "HedgePolicy",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if all {
+		switch v := interface{}(m.GetPerRequestBufferLimitBytes()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, VirtualHostValidationError{
+					field:  "PerRequestBufferLimitBytes",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, VirtualHostValidationError{
+					field:  "PerRequestBufferLimitBytes",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetPerRequestBufferLimitBytes()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return VirtualHostValidationError{
+				field:  "PerRequestBufferLimitBytes",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if len(errors) > 0 {
+		return VirtualHostMultiError(errors)
+	}
+	return nil
+}
+
+// VirtualHostMultiError is an error wrapping multiple validation errors
+// returned by VirtualHost.ValidateAll() if the designated constraints aren't met.
+type VirtualHostMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m VirtualHostMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m VirtualHostMultiError) AllErrors() []error { return m }
+
+// VirtualHostValidationError is the validation error returned by
+// VirtualHost.Validate if the designated constraints aren't met.
+type VirtualHostValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e VirtualHostValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e VirtualHostValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e VirtualHostValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e VirtualHostValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e VirtualHostValidationError) ErrorName() string { return "VirtualHostValidationError" }
+
+// Error satisfies the builtin error interface
+func (e VirtualHostValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sVirtualHost.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = VirtualHostValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = VirtualHostValidationError{}
+
+var _VirtualHost_Domains_Pattern = regexp.MustCompile("^[^\x00\n\r]*$")
+
+// Validate checks the field values on FilterAction with the rules defined in
+// the proto definition for this message. If any rules are violated, the first
+// error encountered is returned, or nil if there are no violations.
+func (m *FilterAction) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on FilterAction with the rules defined
+// in the proto definition for this message. If any rules are violated, the
+// result is a list of violation errors wrapped in FilterActionMultiError, or
+// nil if none found.
+func (m *FilterAction) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *FilterAction) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	if all {
+		switch v := interface{}(m.GetAction()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, FilterActionValidationError{
+					field:  "Action",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, FilterActionValidationError{
+					field:  "Action",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetAction()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return FilterActionValidationError{
+				field:  "Action",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if len(errors) > 0 {
+		return FilterActionMultiError(errors)
+	}
+	return nil
+}
+
+// FilterActionMultiError is an error wrapping multiple validation errors
+// returned by FilterAction.ValidateAll() if the designated constraints aren't met.
+type FilterActionMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m FilterActionMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m FilterActionMultiError) AllErrors() []error { return m }
+
+// FilterActionValidationError is the validation error returned by
+// FilterAction.Validate if the designated constraints aren't met.
+type FilterActionValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e FilterActionValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e FilterActionValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e FilterActionValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e FilterActionValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e FilterActionValidationError) ErrorName() string { return "FilterActionValidationError" }
+
+// Error satisfies the builtin error interface
+func (e FilterActionValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sFilterAction.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = FilterActionValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = FilterActionValidationError{}
+
+// Validate checks the field values on Route with the rules defined in the
+// proto definition for this message. If any rules are violated, the first
+// error encountered is returned, or nil if there are no violations.
+func (m *Route) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on Route with the rules defined in the
+// proto definition for this message. If any rules are violated, the result is
+// a list of violation errors wrapped in RouteMultiError, or nil if none found.
+func (m *Route) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *Route) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	// no validation rules for Name
+
+	if m.GetMatch() == nil {
+		err := RouteValidationError{
+			field:  "Match",
+			reason: "value is required",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+	}
+
+	if all {
+		switch v := interface{}(m.GetMatch()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, RouteValidationError{
+					field:  "Match",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, RouteValidationError{
+					field:  "Match",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetMatch()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return RouteValidationError{
+				field:  "Match",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if all {
+		switch v := interface{}(m.GetMetadata()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, RouteValidationError{
+					field:  "Metadata",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, RouteValidationError{
+					field:  "Metadata",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetMetadata()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return RouteValidationError{
+				field:  "Metadata",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if all {
+		switch v := interface{}(m.GetDecorator()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, RouteValidationError{
+					field:  "Decorator",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, RouteValidationError{
+					field:  "Decorator",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetDecorator()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return RouteValidationError{
+				field:  "Decorator",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	{
+		sorted_keys := make([]string, len(m.GetPerFilterConfig()))
+		i := 0
+		for key := range m.GetPerFilterConfig() {
+			sorted_keys[i] = key
+			i++
+		}
+		sort.Slice(sorted_keys, func(i, j int) bool { return sorted_keys[i] < sorted_keys[j] })
+		for _, key := range sorted_keys {
+			val := m.GetPerFilterConfig()[key]
+			_ = val
+
+			// no validation rules for PerFilterConfig[key]
+
+			if all {
+				switch v := interface{}(val).(type) {
+				case interface{ ValidateAll() error }:
+					if err := v.ValidateAll(); err != nil {
+						errors = append(errors, RouteValidationError{
+							field:  fmt.Sprintf("PerFilterConfig[%v]", key),
+							reason: "embedded message failed validation",
+							cause:  err,
+						})
+					}
+				case interface{ Validate() error }:
+					if err := v.Validate(); err != nil {
+						errors = append(errors, RouteValidationError{
+							field:  fmt.Sprintf("PerFilterConfig[%v]", key),
+							reason: "embedded message failed validation",
+							cause:  err,
+						})
+					}
+				}
+			} else if v, ok := interface{}(val).(interface{ Validate() error }); ok {
+				if err := v.Validate(); err != nil {
+					return RouteValidationError{
+						field:  fmt.Sprintf("PerFilterConfig[%v]", key),
+						reason: "embedded message failed validation",
+						cause:  err,
+					}
+				}
+			}
+
+		}
+	}
+
+	{
+		sorted_keys := make([]string, len(m.GetTypedPerFilterConfig()))
+		i := 0
+		for key := range m.GetTypedPerFilterConfig() {
+			sorted_keys[i] = key
+			i++
+		}
+		sort.Slice(sorted_keys, func(i, j int) bool { return sorted_keys[i] < sorted_keys[j] })
+		for _, key := range sorted_keys {
+			val := m.GetTypedPerFilterConfig()[key]
+			_ = val
+
+			// no validation rules for TypedPerFilterConfig[key]
+
+			if all {
+				switch v := interface{}(val).(type) {
+				case interface{ ValidateAll() error }:
+					if err := v.ValidateAll(); err != nil {
+						errors = append(errors, RouteValidationError{
+							field:  fmt.Sprintf("TypedPerFilterConfig[%v]", key),
+							reason: "embedded message failed validation",
+							cause:  err,
+						})
+					}
+				case interface{ Validate() error }:
+					if err := v.Validate(); err != nil {
+						errors = append(errors, RouteValidationError{
+							field:  fmt.Sprintf("TypedPerFilterConfig[%v]", key),
+							reason: "embedded message failed validation",
+							cause:  err,
+						})
+					}
+				}
+			} else if v, ok := interface{}(val).(interface{ Validate() error }); ok {
+				if err := v.Validate(); err != nil {
+					return RouteValidationError{
+						field:  fmt.Sprintf("TypedPerFilterConfig[%v]", key),
+						reason: "embedded message failed validation",
+						cause:  err,
+					}
+				}
+			}
+
+		}
+	}
+
+	if len(m.GetRequestHeadersToAdd()) > 1000 {
+		err := RouteValidationError{
+			field:  "RequestHeadersToAdd",
+			reason: "value must contain no more than 1000 item(s)",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+	}
+
+	for idx, item := range m.GetRequestHeadersToAdd() {
+		_, _ = idx, item
+
+		if all {
+			switch v := interface{}(item).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, RouteValidationError{
+						field:  fmt.Sprintf("RequestHeadersToAdd[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, RouteValidationError{
+						field:  fmt.Sprintf("RequestHeadersToAdd[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(item).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return RouteValidationError{
+					field:  fmt.Sprintf("RequestHeadersToAdd[%v]", idx),
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	}
+
+	if len(m.GetResponseHeadersToAdd()) > 1000 {
+		err := RouteValidationError{
+			field:  "ResponseHeadersToAdd",
+			reason: "value must contain no more than 1000 item(s)",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+	}
+
+	for idx, item := range m.GetResponseHeadersToAdd() {
+		_, _ = idx, item
+
+		if all {
+			switch v := interface{}(item).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, RouteValidationError{
+						field:  fmt.Sprintf("ResponseHeadersToAdd[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, RouteValidationError{
+						field:  fmt.Sprintf("ResponseHeadersToAdd[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(item).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return RouteValidationError{
+					field:  fmt.Sprintf("ResponseHeadersToAdd[%v]", idx),
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	}
+
+	if all {
+		switch v := interface{}(m.GetTracing()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, RouteValidationError{
+					field:  "Tracing",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, RouteValidationError{
+					field:  "Tracing",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetTracing()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return RouteValidationError{
+				field:  "Tracing",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if all {
+		switch v := interface{}(m.GetPerRequestBufferLimitBytes()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, RouteValidationError{
+					field:  "PerRequestBufferLimitBytes",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, RouteValidationError{
+					field:  "PerRequestBufferLimitBytes",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetPerRequestBufferLimitBytes()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return RouteValidationError{
+				field:  "PerRequestBufferLimitBytes",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	switch m.Action.(type) {
+
+	case *Route_Route:
+
+		if all {
+			switch v := interface{}(m.GetRoute()).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, RouteValidationError{
+						field:  "Route",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, RouteValidationError{
+						field:  "Route",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(m.GetRoute()).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return RouteValidationError{
+					field:  "Route",
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	case *Route_Redirect:
+
+		if all {
+			switch v := interface{}(m.GetRedirect()).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, RouteValidationError{
+						field:  "Redirect",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, RouteValidationError{
+						field:  "Redirect",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(m.GetRedirect()).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return RouteValidationError{
+					field:  "Redirect",
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	case *Route_DirectResponse:
+
+		if all {
+			switch v := interface{}(m.GetDirectResponse()).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, RouteValidationError{
+						field:  "DirectResponse",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, RouteValidationError{
+						field:  "DirectResponse",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(m.GetDirectResponse()).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return RouteValidationError{
+					field:  "DirectResponse",
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	case *Route_FilterAction:
+
+		if all {
+			switch v := interface{}(m.GetFilterAction()).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, RouteValidationError{
+						field:  "FilterAction",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, RouteValidationError{
+						field:  "FilterAction",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(m.GetFilterAction()).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return RouteValidationError{
+					field:  "FilterAction",
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	default:
+		err := RouteValidationError{
+			field:  "Action",
+			reason: "value is required",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+
+	}
+
+	if len(errors) > 0 {
+		return RouteMultiError(errors)
+	}
+	return nil
+}
+
+// RouteMultiError is an error wrapping multiple validation errors returned by
+// Route.ValidateAll() if the designated constraints aren't met.
+type RouteMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m RouteMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m RouteMultiError) AllErrors() []error { return m }
+
+// RouteValidationError is the validation error returned by Route.Validate if
+// the designated constraints aren't met.
+type RouteValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e RouteValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e RouteValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e RouteValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e RouteValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e RouteValidationError) ErrorName() string { return "RouteValidationError" }
+
+// Error satisfies the builtin error interface
+func (e RouteValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sRoute.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = RouteValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = RouteValidationError{}
+
+// Validate checks the field values on WeightedCluster with the rules defined
+// in the proto definition for this message. If any rules are violated, the
+// first error encountered is returned, or nil if there are no violations.
+func (m *WeightedCluster) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on WeightedCluster with the rules
+// defined in the proto definition for this message. If any rules are
+// violated, the result is a list of violation errors wrapped in
+// WeightedClusterMultiError, or nil if none found.
+func (m *WeightedCluster) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *WeightedCluster) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	if len(m.GetClusters()) < 1 {
+		err := WeightedClusterValidationError{
+			field:  "Clusters",
+			reason: "value must contain at least 1 item(s)",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+	}
+
+	for idx, item := range m.GetClusters() {
+		_, _ = idx, item
+
+		if all {
+			switch v := interface{}(item).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, WeightedClusterValidationError{
+						field:  fmt.Sprintf("Clusters[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, WeightedClusterValidationError{
+						field:  fmt.Sprintf("Clusters[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(item).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return WeightedClusterValidationError{
+					field:  fmt.Sprintf("Clusters[%v]", idx),
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	}
+
+	if wrapper := m.GetTotalWeight(); wrapper != nil {
+
+		if wrapper.GetValue() < 1 {
+			err := WeightedClusterValidationError{
+				field:  "TotalWeight",
+				reason: "value must be greater than or equal to 1",
+			}
+			if !all {
+				return err
+			}
+			errors = append(errors, err)
+		}
+
+	}
+
+	// no validation rules for RuntimeKeyPrefix
+
+	if len(errors) > 0 {
+		return WeightedClusterMultiError(errors)
+	}
+	return nil
+}
+
+// WeightedClusterMultiError is an error wrapping multiple validation errors
+// returned by WeightedCluster.ValidateAll() if the designated constraints
+// aren't met.
+type WeightedClusterMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m WeightedClusterMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m WeightedClusterMultiError) AllErrors() []error { return m }
+
+// WeightedClusterValidationError is the validation error returned by
+// WeightedCluster.Validate if the designated constraints aren't met.
+type WeightedClusterValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e WeightedClusterValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e WeightedClusterValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e WeightedClusterValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e WeightedClusterValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e WeightedClusterValidationError) ErrorName() string { return "WeightedClusterValidationError" }
+
+// Error satisfies the builtin error interface
+func (e WeightedClusterValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sWeightedCluster.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = WeightedClusterValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = WeightedClusterValidationError{}
+
+// Validate checks the field values on RouteMatch with the rules defined in the
+// proto definition for this message. If any rules are violated, the first
+// error encountered is returned, or nil if there are no violations.
+func (m *RouteMatch) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on RouteMatch with the rules defined in
+// the proto definition for this message. If any rules are violated, the
+// result is a list of violation errors wrapped in RouteMatchMultiError, or
+// nil if none found.
+func (m *RouteMatch) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *RouteMatch) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	if all {
+		switch v := interface{}(m.GetCaseSensitive()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, RouteMatchValidationError{
+					field:  "CaseSensitive",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, RouteMatchValidationError{
+					field:  "CaseSensitive",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetCaseSensitive()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return RouteMatchValidationError{
+				field:  "CaseSensitive",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if all {
+		switch v := interface{}(m.GetRuntimeFraction()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, RouteMatchValidationError{
+					field:  "RuntimeFraction",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, RouteMatchValidationError{
+					field:  "RuntimeFraction",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetRuntimeFraction()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return RouteMatchValidationError{
+				field:  "RuntimeFraction",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	for idx, item := range m.GetHeaders() {
+		_, _ = idx, item
+
+		if all {
+			switch v := interface{}(item).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, RouteMatchValidationError{
+						field:  fmt.Sprintf("Headers[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, RouteMatchValidationError{
+						field:  fmt.Sprintf("Headers[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(item).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return RouteMatchValidationError{
+					field:  fmt.Sprintf("Headers[%v]", idx),
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	}
+
+	for idx, item := range m.GetQueryParameters() {
+		_, _ = idx, item
+
+		if all {
+			switch v := interface{}(item).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, RouteMatchValidationError{
+						field:  fmt.Sprintf("QueryParameters[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, RouteMatchValidationError{
+						field:  fmt.Sprintf("QueryParameters[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(item).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return RouteMatchValidationError{
+					field:  fmt.Sprintf("QueryParameters[%v]", idx),
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	}
+
+	if all {
+		switch v := interface{}(m.GetGrpc()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, RouteMatchValidationError{
+					field:  "Grpc",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, RouteMatchValidationError{
+					field:  "Grpc",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetGrpc()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return RouteMatchValidationError{
+				field:  "Grpc",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if all {
+		switch v := interface{}(m.GetTlsContext()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, RouteMatchValidationError{
+					field:  "TlsContext",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, RouteMatchValidationError{
+					field:  "TlsContext",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetTlsContext()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return RouteMatchValidationError{
+				field:  "TlsContext",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	switch m.PathSpecifier.(type) {
+
+	case *RouteMatch_Prefix:
+		// no validation rules for Prefix
+
+	case *RouteMatch_Path:
+		// no validation rules for Path
+
+	case *RouteMatch_Regex:
+
+		if len(m.GetRegex()) > 1024 {
+			err := RouteMatchValidationError{
+				field:  "Regex",
+				reason: "value length must be at most 1024 bytes",
+			}
+			if !all {
+				return err
+			}
+			errors = append(errors, err)
+		}
+
+	case *RouteMatch_SafeRegex:
+
+		if m.GetSafeRegex() == nil {
+			err := RouteMatchValidationError{
+				field:  "SafeRegex",
+				reason: "value is required",
+			}
+			if !all {
+				return err
+			}
+			errors = append(errors, err)
+		}
+
+		if all {
+			switch v := interface{}(m.GetSafeRegex()).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, RouteMatchValidationError{
+						field:  "SafeRegex",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, RouteMatchValidationError{
+						field:  "SafeRegex",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(m.GetSafeRegex()).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return RouteMatchValidationError{
+					field:  "SafeRegex",
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	default:
+		err := RouteMatchValidationError{
+			field:  "PathSpecifier",
+			reason: "value is required",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+
+	}
+
+	if len(errors) > 0 {
+		return RouteMatchMultiError(errors)
+	}
+	return nil
+}
+
+// RouteMatchMultiError is an error wrapping multiple validation errors
+// returned by RouteMatch.ValidateAll() if the designated constraints aren't met.
+type RouteMatchMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m RouteMatchMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m RouteMatchMultiError) AllErrors() []error { return m }
+
+// RouteMatchValidationError is the validation error returned by
+// RouteMatch.Validate if the designated constraints aren't met.
+type RouteMatchValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e RouteMatchValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e RouteMatchValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e RouteMatchValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e RouteMatchValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e RouteMatchValidationError) ErrorName() string { return "RouteMatchValidationError" }
+
+// Error satisfies the builtin error interface
+func (e RouteMatchValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sRouteMatch.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = RouteMatchValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = RouteMatchValidationError{}
+
+// Validate checks the field values on CorsPolicy with the rules defined in the
+// proto definition for this message. If any rules are violated, the first
+// error encountered is returned, or nil if there are no violations.
+func (m *CorsPolicy) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on CorsPolicy with the rules defined in
+// the proto definition for this message. If any rules are violated, the
+// result is a list of violation errors wrapped in CorsPolicyMultiError, or
+// nil if none found.
+func (m *CorsPolicy) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *CorsPolicy) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	for idx, item := range m.GetAllowOriginRegex() {
+		_, _ = idx, item
+
+		if len(item) > 1024 {
+			err := CorsPolicyValidationError{
+				field:  fmt.Sprintf("AllowOriginRegex[%v]", idx),
+				reason: "value length must be at most 1024 bytes",
+			}
+			if !all {
+				return err
+			}
+			errors = append(errors, err)
+		}
+
+	}
+
+	for idx, item := range m.GetAllowOriginStringMatch() {
+		_, _ = idx, item
+
+		if all {
+			switch v := interface{}(item).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, CorsPolicyValidationError{
+						field:  fmt.Sprintf("AllowOriginStringMatch[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, CorsPolicyValidationError{
+						field:  fmt.Sprintf("AllowOriginStringMatch[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(item).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return CorsPolicyValidationError{
+					field:  fmt.Sprintf("AllowOriginStringMatch[%v]", idx),
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	}
+
+	// no validation rules for AllowMethods
+
+	// no validation rules for AllowHeaders
+
+	// no validation rules for ExposeHeaders
+
+	// no validation rules for MaxAge
+
+	if all {
+		switch v := interface{}(m.GetAllowCredentials()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, CorsPolicyValidationError{
+					field:  "AllowCredentials",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, CorsPolicyValidationError{
+					field:  "AllowCredentials",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetAllowCredentials()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return CorsPolicyValidationError{
+				field:  "AllowCredentials",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if all {
+		switch v := interface{}(m.GetShadowEnabled()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, CorsPolicyValidationError{
+					field:  "ShadowEnabled",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, CorsPolicyValidationError{
+					field:  "ShadowEnabled",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetShadowEnabled()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return CorsPolicyValidationError{
+				field:  "ShadowEnabled",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	switch m.EnabledSpecifier.(type) {
+
+	case *CorsPolicy_Enabled:
+
+		if all {
+			switch v := interface{}(m.GetEnabled()).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, CorsPolicyValidationError{
+						field:  "Enabled",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, CorsPolicyValidationError{
+						field:  "Enabled",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(m.GetEnabled()).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return CorsPolicyValidationError{
+					field:  "Enabled",
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	case *CorsPolicy_FilterEnabled:
+
+		if all {
+			switch v := interface{}(m.GetFilterEnabled()).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, CorsPolicyValidationError{
+						field:  "FilterEnabled",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, CorsPolicyValidationError{
+						field:  "FilterEnabled",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(m.GetFilterEnabled()).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return CorsPolicyValidationError{
+					field:  "FilterEnabled",
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	}
+
+	if len(errors) > 0 {
+		return CorsPolicyMultiError(errors)
+	}
+	return nil
+}
+
+// CorsPolicyMultiError is an error wrapping multiple validation errors
+// returned by CorsPolicy.ValidateAll() if the designated constraints aren't met.
+type CorsPolicyMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m CorsPolicyMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m CorsPolicyMultiError) AllErrors() []error { return m }
+
+// CorsPolicyValidationError is the validation error returned by
+// CorsPolicy.Validate if the designated constraints aren't met.
+type CorsPolicyValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e CorsPolicyValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e CorsPolicyValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e CorsPolicyValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e CorsPolicyValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e CorsPolicyValidationError) ErrorName() string { return "CorsPolicyValidationError" }
+
+// Error satisfies the builtin error interface
+func (e CorsPolicyValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sCorsPolicy.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = CorsPolicyValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = CorsPolicyValidationError{}
+
+// Validate checks the field values on RouteAction with the rules defined in
+// the proto definition for this message. If any rules are violated, the first
+// error encountered is returned, or nil if there are no violations.
+func (m *RouteAction) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on RouteAction with the rules defined in
+// the proto definition for this message. If any rules are violated, the
+// result is a list of violation errors wrapped in RouteActionMultiError, or
+// nil if none found.
+func (m *RouteAction) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *RouteAction) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	if _, ok := RouteAction_ClusterNotFoundResponseCode_name[int32(m.GetClusterNotFoundResponseCode())]; !ok {
+		err := RouteActionValidationError{
+			field:  "ClusterNotFoundResponseCode",
+			reason: "value must be one of the defined enum values",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+	}
+
+	if all {
+		switch v := interface{}(m.GetMetadataMatch()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, RouteActionValidationError{
+					field:  "MetadataMatch",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, RouteActionValidationError{
+					field:  "MetadataMatch",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetMetadataMatch()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return RouteActionValidationError{
+				field:  "MetadataMatch",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if !_RouteAction_PrefixRewrite_Pattern.MatchString(m.GetPrefixRewrite()) {
+		err := RouteActionValidationError{
+			field:  "PrefixRewrite",
+			reason: "value does not match regex pattern \"^[^\\x00\\n\\r]*$\"",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+	}
+
+	if all {
+		switch v := interface{}(m.GetRegexRewrite()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, RouteActionValidationError{
+					field:  "RegexRewrite",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, RouteActionValidationError{
+					field:  "RegexRewrite",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetRegexRewrite()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return RouteActionValidationError{
+				field:  "RegexRewrite",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if all {
+		switch v := interface{}(m.GetTimeout()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, RouteActionValidationError{
+					field:  "Timeout",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, RouteActionValidationError{
+					field:  "Timeout",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetTimeout()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return RouteActionValidationError{
+				field:  "Timeout",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if all {
+		switch v := interface{}(m.GetIdleTimeout()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, RouteActionValidationError{
+					field:  "IdleTimeout",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, RouteActionValidationError{
+					field:  "IdleTimeout",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetIdleTimeout()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return RouteActionValidationError{
+				field:  "IdleTimeout",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if all {
+		switch v := interface{}(m.GetRetryPolicy()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, RouteActionValidationError{
+					field:  "RetryPolicy",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, RouteActionValidationError{
+					field:  "RetryPolicy",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetRetryPolicy()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return RouteActionValidationError{
+				field:  "RetryPolicy",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if all {
+		switch v := interface{}(m.GetRetryPolicyTypedConfig()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, RouteActionValidationError{
+					field:  "RetryPolicyTypedConfig",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, RouteActionValidationError{
+					field:  "RetryPolicyTypedConfig",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetRetryPolicyTypedConfig()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return RouteActionValidationError{
+				field:  "RetryPolicyTypedConfig",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if all {
+		switch v := interface{}(m.GetRequestMirrorPolicy()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, RouteActionValidationError{
+					field:  "RequestMirrorPolicy",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, RouteActionValidationError{
+					field:  "RequestMirrorPolicy",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetRequestMirrorPolicy()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return RouteActionValidationError{
+				field:  "RequestMirrorPolicy",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	for idx, item := range m.GetRequestMirrorPolicies() {
+		_, _ = idx, item
+
+		if all {
+			switch v := interface{}(item).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, RouteActionValidationError{
+						field:  fmt.Sprintf("RequestMirrorPolicies[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, RouteActionValidationError{
+						field:  fmt.Sprintf("RequestMirrorPolicies[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(item).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return RouteActionValidationError{
+					field:  fmt.Sprintf("RequestMirrorPolicies[%v]", idx),
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	}
+
+	if _, ok := core.RoutingPriority_name[int32(m.GetPriority())]; !ok {
+		err := RouteActionValidationError{
+			field:  "Priority",
+			reason: "value must be one of the defined enum values",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+	}
+
+	for idx, item := range m.GetRateLimits() {
+		_, _ = idx, item
+
+		if all {
+			switch v := interface{}(item).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, RouteActionValidationError{
+						field:  fmt.Sprintf("RateLimits[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, RouteActionValidationError{
+						field:  fmt.Sprintf("RateLimits[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(item).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return RouteActionValidationError{
+					field:  fmt.Sprintf("RateLimits[%v]", idx),
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	}
+
+	if all {
+		switch v := interface{}(m.GetIncludeVhRateLimits()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, RouteActionValidationError{
+					field:  "IncludeVhRateLimits",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, RouteActionValidationError{
+					field:  "IncludeVhRateLimits",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetIncludeVhRateLimits()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return RouteActionValidationError{
+				field:  "IncludeVhRateLimits",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	for idx, item := range m.GetHashPolicy() {
+		_, _ = idx, item
+
+		if all {
+			switch v := interface{}(item).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, RouteActionValidationError{
+						field:  fmt.Sprintf("HashPolicy[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, RouteActionValidationError{
+						field:  fmt.Sprintf("HashPolicy[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(item).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return RouteActionValidationError{
+					field:  fmt.Sprintf("HashPolicy[%v]", idx),
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	}
+
+	if all {
+		switch v := interface{}(m.GetCors()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, RouteActionValidationError{
+					field:  "Cors",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, RouteActionValidationError{
+					field:  "Cors",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetCors()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return RouteActionValidationError{
+				field:  "Cors",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if all {
+		switch v := interface{}(m.GetMaxGrpcTimeout()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, RouteActionValidationError{
+					field:  "MaxGrpcTimeout",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, RouteActionValidationError{
+					field:  "MaxGrpcTimeout",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetMaxGrpcTimeout()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return RouteActionValidationError{
+				field:  "MaxGrpcTimeout",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if all {
+		switch v := interface{}(m.GetGrpcTimeoutOffset()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, RouteActionValidationError{
+					field:  "GrpcTimeoutOffset",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, RouteActionValidationError{
+					field:  "GrpcTimeoutOffset",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetGrpcTimeoutOffset()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return RouteActionValidationError{
+				field:  "GrpcTimeoutOffset",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	for idx, item := range m.GetUpgradeConfigs() {
+		_, _ = idx, item
+
+		if all {
+			switch v := interface{}(item).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, RouteActionValidationError{
+						field:  fmt.Sprintf("UpgradeConfigs[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, RouteActionValidationError{
+						field:  fmt.Sprintf("UpgradeConfigs[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(item).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return RouteActionValidationError{
+					field:  fmt.Sprintf("UpgradeConfigs[%v]", idx),
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	}
+
+	// no validation rules for InternalRedirectAction
+
+	if all {
+		switch v := interface{}(m.GetMaxInternalRedirects()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, RouteActionValidationError{
+					field:  "MaxInternalRedirects",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, RouteActionValidationError{
+					field:  "MaxInternalRedirects",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetMaxInternalRedirects()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return RouteActionValidationError{
+				field:  "MaxInternalRedirects",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if all {
+		switch v := interface{}(m.GetHedgePolicy()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, RouteActionValidationError{
+					field:  "HedgePolicy",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, RouteActionValidationError{
+					field:  "HedgePolicy",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetHedgePolicy()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return RouteActionValidationError{
+				field:  "HedgePolicy",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	switch m.ClusterSpecifier.(type) {
+
+	case *RouteAction_Cluster:
+
+		if len(m.GetCluster()) < 1 {
+			err := RouteActionValidationError{
+				field:  "Cluster",
+				reason: "value length must be at least 1 bytes",
+			}
+			if !all {
+				return err
+			}
+			errors = append(errors, err)
+		}
+
+	case *RouteAction_ClusterHeader:
+
+		if len(m.GetClusterHeader()) < 1 {
+			err := RouteActionValidationError{
+				field:  "ClusterHeader",
+				reason: "value length must be at least 1 bytes",
+			}
+			if !all {
+				return err
+			}
+			errors = append(errors, err)
+		}
+
+		if !_RouteAction_ClusterHeader_Pattern.MatchString(m.GetClusterHeader()) {
+			err := RouteActionValidationError{
+				field:  "ClusterHeader",
+				reason: "value does not match regex pattern \"^[^\\x00\\n\\r]*$\"",
+			}
+			if !all {
+				return err
+			}
+			errors = append(errors, err)
+		}
+
+	case *RouteAction_WeightedClusters:
+
+		if all {
+			switch v := interface{}(m.GetWeightedClusters()).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, RouteActionValidationError{
+						field:  "WeightedClusters",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, RouteActionValidationError{
+						field:  "WeightedClusters",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(m.GetWeightedClusters()).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return RouteActionValidationError{
+					field:  "WeightedClusters",
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	default:
+		err := RouteActionValidationError{
+			field:  "ClusterSpecifier",
+			reason: "value is required",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+
+	}
+
+	switch m.HostRewriteSpecifier.(type) {
+
+	case *RouteAction_HostRewrite:
+
+		if !_RouteAction_HostRewrite_Pattern.MatchString(m.GetHostRewrite()) {
+			err := RouteActionValidationError{
+				field:  "HostRewrite",
+				reason: "value does not match regex pattern \"^[^\\x00\\n\\r]*$\"",
+			}
+			if !all {
+				return err
+			}
+			errors = append(errors, err)
+		}
+
+	case *RouteAction_AutoHostRewrite:
+
+		if all {
+			switch v := interface{}(m.GetAutoHostRewrite()).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, RouteActionValidationError{
+						field:  "AutoHostRewrite",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, RouteActionValidationError{
+						field:  "AutoHostRewrite",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(m.GetAutoHostRewrite()).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return RouteActionValidationError{
+					field:  "AutoHostRewrite",
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	case *RouteAction_AutoHostRewriteHeader:
+
+		if !_RouteAction_AutoHostRewriteHeader_Pattern.MatchString(m.GetAutoHostRewriteHeader()) {
+			err := RouteActionValidationError{
+				field:  "AutoHostRewriteHeader",
+				reason: "value does not match regex pattern \"^[^\\x00\\n\\r]*$\"",
+			}
+			if !all {
+				return err
+			}
+			errors = append(errors, err)
+		}
+
+	}
+
+	if len(errors) > 0 {
+		return RouteActionMultiError(errors)
+	}
+	return nil
+}
+
+// RouteActionMultiError is an error wrapping multiple validation errors
+// returned by RouteAction.ValidateAll() if the designated constraints aren't met.
+type RouteActionMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m RouteActionMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m RouteActionMultiError) AllErrors() []error { return m }
+
+// RouteActionValidationError is the validation error returned by
+// RouteAction.Validate if the designated constraints aren't met.
+type RouteActionValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e RouteActionValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e RouteActionValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e RouteActionValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e RouteActionValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e RouteActionValidationError) ErrorName() string { return "RouteActionValidationError" }
+
+// Error satisfies the builtin error interface
+func (e RouteActionValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sRouteAction.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = RouteActionValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = RouteActionValidationError{}
+
+var _RouteAction_ClusterHeader_Pattern = regexp.MustCompile("^[^\x00\n\r]*$")
+
+var _RouteAction_PrefixRewrite_Pattern = regexp.MustCompile("^[^\x00\n\r]*$")
+
+var _RouteAction_HostRewrite_Pattern = regexp.MustCompile("^[^\x00\n\r]*$")
+
+var _RouteAction_AutoHostRewriteHeader_Pattern = regexp.MustCompile("^[^\x00\n\r]*$")
+
+// Validate checks the field values on RetryPolicy with the rules defined in
+// the proto definition for this message. If any rules are violated, the first
+// error encountered is returned, or nil if there are no violations.
+func (m *RetryPolicy) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on RetryPolicy with the rules defined in
+// the proto definition for this message. If any rules are violated, the
+// result is a list of violation errors wrapped in RetryPolicyMultiError, or
+// nil if none found.
+func (m *RetryPolicy) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *RetryPolicy) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	// no validation rules for RetryOn
+
+	if all {
+		switch v := interface{}(m.GetNumRetries()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, RetryPolicyValidationError{
+					field:  "NumRetries",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, RetryPolicyValidationError{
+					field:  "NumRetries",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetNumRetries()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return RetryPolicyValidationError{
+				field:  "NumRetries",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if all {
+		switch v := interface{}(m.GetPerTryTimeout()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, RetryPolicyValidationError{
+					field:  "PerTryTimeout",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, RetryPolicyValidationError{
+					field:  "PerTryTimeout",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetPerTryTimeout()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return RetryPolicyValidationError{
+				field:  "PerTryTimeout",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if all {
+		switch v := interface{}(m.GetRetryPriority()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, RetryPolicyValidationError{
+					field:  "RetryPriority",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, RetryPolicyValidationError{
+					field:  "RetryPriority",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetRetryPriority()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return RetryPolicyValidationError{
+				field:  "RetryPriority",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	for idx, item := range m.GetRetryHostPredicate() {
+		_, _ = idx, item
+
+		if all {
+			switch v := interface{}(item).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, RetryPolicyValidationError{
+						field:  fmt.Sprintf("RetryHostPredicate[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, RetryPolicyValidationError{
+						field:  fmt.Sprintf("RetryHostPredicate[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(item).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return RetryPolicyValidationError{
+					field:  fmt.Sprintf("RetryHostPredicate[%v]", idx),
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	}
+
+	// no validation rules for HostSelectionRetryMaxAttempts
+
+	if all {
+		switch v := interface{}(m.GetRetryBackOff()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, RetryPolicyValidationError{
+					field:  "RetryBackOff",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, RetryPolicyValidationError{
+					field:  "RetryBackOff",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetRetryBackOff()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return RetryPolicyValidationError{
+				field:  "RetryBackOff",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	for idx, item := range m.GetRetriableHeaders() {
+		_, _ = idx, item
+
+		if all {
+			switch v := interface{}(item).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, RetryPolicyValidationError{
+						field:  fmt.Sprintf("RetriableHeaders[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, RetryPolicyValidationError{
+						field:  fmt.Sprintf("RetriableHeaders[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(item).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return RetryPolicyValidationError{
+					field:  fmt.Sprintf("RetriableHeaders[%v]", idx),
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	}
+
+	for idx, item := range m.GetRetriableRequestHeaders() {
+		_, _ = idx, item
+
+		if all {
+			switch v := interface{}(item).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, RetryPolicyValidationError{
+						field:  fmt.Sprintf("RetriableRequestHeaders[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, RetryPolicyValidationError{
+						field:  fmt.Sprintf("RetriableRequestHeaders[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(item).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return RetryPolicyValidationError{
+					field:  fmt.Sprintf("RetriableRequestHeaders[%v]", idx),
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	}
+
+	if len(errors) > 0 {
+		return RetryPolicyMultiError(errors)
+	}
+	return nil
+}
+
+// RetryPolicyMultiError is an error wrapping multiple validation errors
+// returned by RetryPolicy.ValidateAll() if the designated constraints aren't met.
+type RetryPolicyMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m RetryPolicyMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m RetryPolicyMultiError) AllErrors() []error { return m }
+
+// RetryPolicyValidationError is the validation error returned by
+// RetryPolicy.Validate if the designated constraints aren't met.
+type RetryPolicyValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e RetryPolicyValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e RetryPolicyValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e RetryPolicyValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e RetryPolicyValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e RetryPolicyValidationError) ErrorName() string { return "RetryPolicyValidationError" }
+
+// Error satisfies the builtin error interface
+func (e RetryPolicyValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sRetryPolicy.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = RetryPolicyValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = RetryPolicyValidationError{}
+
+// Validate checks the field values on HedgePolicy with the rules defined in
+// the proto definition for this message. If any rules are violated, the first
+// error encountered is returned, or nil if there are no violations.
+func (m *HedgePolicy) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on HedgePolicy with the rules defined in
+// the proto definition for this message. If any rules are violated, the
+// result is a list of violation errors wrapped in HedgePolicyMultiError, or
+// nil if none found.
+func (m *HedgePolicy) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *HedgePolicy) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	if wrapper := m.GetInitialRequests(); wrapper != nil {
+
+		if wrapper.GetValue() < 1 {
+			err := HedgePolicyValidationError{
+				field:  "InitialRequests",
+				reason: "value must be greater than or equal to 1",
+			}
+			if !all {
+				return err
+			}
+			errors = append(errors, err)
+		}
+
+	}
+
+	if all {
+		switch v := interface{}(m.GetAdditionalRequestChance()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, HedgePolicyValidationError{
+					field:  "AdditionalRequestChance",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, HedgePolicyValidationError{
+					field:  "AdditionalRequestChance",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetAdditionalRequestChance()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return HedgePolicyValidationError{
+				field:  "AdditionalRequestChance",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	// no validation rules for HedgeOnPerTryTimeout
+
+	if len(errors) > 0 {
+		return HedgePolicyMultiError(errors)
+	}
+	return nil
+}
+
+// HedgePolicyMultiError is an error wrapping multiple validation errors
+// returned by HedgePolicy.ValidateAll() if the designated constraints aren't met.
+type HedgePolicyMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m HedgePolicyMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m HedgePolicyMultiError) AllErrors() []error { return m }
+
+// HedgePolicyValidationError is the validation error returned by
+// HedgePolicy.Validate if the designated constraints aren't met.
+type HedgePolicyValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e HedgePolicyValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e HedgePolicyValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e HedgePolicyValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e HedgePolicyValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e HedgePolicyValidationError) ErrorName() string { return "HedgePolicyValidationError" }
+
+// Error satisfies the builtin error interface
+func (e HedgePolicyValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sHedgePolicy.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = HedgePolicyValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = HedgePolicyValidationError{}
+
+// Validate checks the field values on RedirectAction with the rules defined in
+// the proto definition for this message. If any rules are violated, the first
+// error encountered is returned, or nil if there are no violations.
+func (m *RedirectAction) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on RedirectAction with the rules defined
+// in the proto definition for this message. If any rules are violated, the
+// result is a list of violation errors wrapped in RedirectActionMultiError,
+// or nil if none found.
+func (m *RedirectAction) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *RedirectAction) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	if !_RedirectAction_HostRedirect_Pattern.MatchString(m.GetHostRedirect()) {
+		err := RedirectActionValidationError{
+			field:  "HostRedirect",
+			reason: "value does not match regex pattern \"^[^\\x00\\n\\r]*$\"",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+	}
+
+	// no validation rules for PortRedirect
+
+	if _, ok := RedirectAction_RedirectResponseCode_name[int32(m.GetResponseCode())]; !ok {
+		err := RedirectActionValidationError{
+			field:  "ResponseCode",
+			reason: "value must be one of the defined enum values",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+	}
+
+	// no validation rules for StripQuery
+
+	switch m.SchemeRewriteSpecifier.(type) {
+
+	case *RedirectAction_HttpsRedirect:
+		// no validation rules for HttpsRedirect
+
+	case *RedirectAction_SchemeRedirect:
+		// no validation rules for SchemeRedirect
+
+	}
+
+	switch m.PathRewriteSpecifier.(type) {
+
+	case *RedirectAction_PathRedirect:
+
+		if !_RedirectAction_PathRedirect_Pattern.MatchString(m.GetPathRedirect()) {
+			err := RedirectActionValidationError{
+				field:  "PathRedirect",
+				reason: "value does not match regex pattern \"^[^\\x00\\n\\r]*$\"",
+			}
+			if !all {
+				return err
+			}
+			errors = append(errors, err)
+		}
+
+	case *RedirectAction_PrefixRewrite:
+
+		if !_RedirectAction_PrefixRewrite_Pattern.MatchString(m.GetPrefixRewrite()) {
+			err := RedirectActionValidationError{
+				field:  "PrefixRewrite",
+				reason: "value does not match regex pattern \"^[^\\x00\\n\\r]*$\"",
+			}
+			if !all {
+				return err
+			}
+			errors = append(errors, err)
+		}
+
+	}
+
+	if len(errors) > 0 {
+		return RedirectActionMultiError(errors)
+	}
+	return nil
+}
+
+// RedirectActionMultiError is an error wrapping multiple validation errors
+// returned by RedirectAction.ValidateAll() if the designated constraints
+// aren't met.
+type RedirectActionMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m RedirectActionMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m RedirectActionMultiError) AllErrors() []error { return m }
+
+// RedirectActionValidationError is the validation error returned by
+// RedirectAction.Validate if the designated constraints aren't met.
+type RedirectActionValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e RedirectActionValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e RedirectActionValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e RedirectActionValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e RedirectActionValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e RedirectActionValidationError) ErrorName() string { return "RedirectActionValidationError" }
+
+// Error satisfies the builtin error interface
+func (e RedirectActionValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sRedirectAction.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = RedirectActionValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = RedirectActionValidationError{}
+
+var _RedirectAction_HostRedirect_Pattern = regexp.MustCompile("^[^\x00\n\r]*$")
+
+var _RedirectAction_PathRedirect_Pattern = regexp.MustCompile("^[^\x00\n\r]*$")
+
+var _RedirectAction_PrefixRewrite_Pattern = regexp.MustCompile("^[^\x00\n\r]*$")
+
+// Validate checks the field values on DirectResponseAction with the rules
+// defined in the proto definition for this message. If any rules are
+// violated, the first error encountered is returned, or nil if there are no violations.
+func (m *DirectResponseAction) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on DirectResponseAction with the rules
+// defined in the proto definition for this message. If any rules are
+// violated, the result is a list of violation errors wrapped in
+// DirectResponseActionMultiError, or nil if none found.
+func (m *DirectResponseAction) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *DirectResponseAction) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	if val := m.GetStatus(); val < 100 || val >= 600 {
+		err := DirectResponseActionValidationError{
+			field:  "Status",
+			reason: "value must be inside range [100, 600)",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+	}
+
+	if all {
+		switch v := interface{}(m.GetBody()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, DirectResponseActionValidationError{
+					field:  "Body",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, DirectResponseActionValidationError{
+					field:  "Body",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetBody()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return DirectResponseActionValidationError{
+				field:  "Body",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if len(errors) > 0 {
+		return DirectResponseActionMultiError(errors)
+	}
+	return nil
+}
+
+// DirectResponseActionMultiError is an error wrapping multiple validation
+// errors returned by DirectResponseAction.ValidateAll() if the designated
+// constraints aren't met.
+type DirectResponseActionMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m DirectResponseActionMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m DirectResponseActionMultiError) AllErrors() []error { return m }
+
+// DirectResponseActionValidationError is the validation error returned by
+// DirectResponseAction.Validate if the designated constraints aren't met.
+type DirectResponseActionValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e DirectResponseActionValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e DirectResponseActionValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e DirectResponseActionValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e DirectResponseActionValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e DirectResponseActionValidationError) ErrorName() string {
+	return "DirectResponseActionValidationError"
+}
+
+// Error satisfies the builtin error interface
+func (e DirectResponseActionValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sDirectResponseAction.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = DirectResponseActionValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = DirectResponseActionValidationError{}
+
+// Validate checks the field values on Decorator with the rules defined in the
+// proto definition for this message. If any rules are violated, the first
+// error encountered is returned, or nil if there are no violations.
+func (m *Decorator) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on Decorator with the rules defined in
+// the proto definition for this message. If any rules are violated, the
+// result is a list of violation errors wrapped in DecoratorMultiError, or nil
+// if none found.
+func (m *Decorator) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *Decorator) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	if len(m.GetOperation()) < 1 {
+		err := DecoratorValidationError{
+			field:  "Operation",
+			reason: "value length must be at least 1 bytes",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+	}
+
+	if all {
+		switch v := interface{}(m.GetPropagate()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, DecoratorValidationError{
+					field:  "Propagate",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, DecoratorValidationError{
+					field:  "Propagate",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetPropagate()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return DecoratorValidationError{
+				field:  "Propagate",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if len(errors) > 0 {
+		return DecoratorMultiError(errors)
+	}
+	return nil
+}
+
+// DecoratorMultiError is an error wrapping multiple validation errors returned
+// by Decorator.ValidateAll() if the designated constraints aren't met.
+type DecoratorMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m DecoratorMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m DecoratorMultiError) AllErrors() []error { return m }
+
+// DecoratorValidationError is the validation error returned by
+// Decorator.Validate if the designated constraints aren't met.
+type DecoratorValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e DecoratorValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e DecoratorValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e DecoratorValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e DecoratorValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e DecoratorValidationError) ErrorName() string { return "DecoratorValidationError" }
+
+// Error satisfies the builtin error interface
+func (e DecoratorValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sDecorator.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = DecoratorValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = DecoratorValidationError{}
+
+// Validate checks the field values on Tracing with the rules defined in the
+// proto definition for this message. If any rules are violated, the first
+// error encountered is returned, or nil if there are no violations.
+func (m *Tracing) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on Tracing with the rules defined in the
+// proto definition for this message. If any rules are violated, the result is
+// a list of violation errors wrapped in TracingMultiError, or nil if none found.
+func (m *Tracing) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *Tracing) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	if all {
+		switch v := interface{}(m.GetClientSampling()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, TracingValidationError{
+					field:  "ClientSampling",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, TracingValidationError{
+					field:  "ClientSampling",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetClientSampling()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return TracingValidationError{
+				field:  "ClientSampling",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if all {
+		switch v := interface{}(m.GetRandomSampling()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, TracingValidationError{
+					field:  "RandomSampling",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, TracingValidationError{
+					field:  "RandomSampling",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetRandomSampling()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return TracingValidationError{
+				field:  "RandomSampling",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if all {
+		switch v := interface{}(m.GetOverallSampling()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, TracingValidationError{
+					field:  "OverallSampling",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, TracingValidationError{
+					field:  "OverallSampling",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetOverallSampling()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return TracingValidationError{
+				field:  "OverallSampling",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	for idx, item := range m.GetCustomTags() {
+		_, _ = idx, item
+
+		if all {
+			switch v := interface{}(item).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, TracingValidationError{
+						field:  fmt.Sprintf("CustomTags[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, TracingValidationError{
+						field:  fmt.Sprintf("CustomTags[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(item).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return TracingValidationError{
+					field:  fmt.Sprintf("CustomTags[%v]", idx),
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	}
+
+	if len(errors) > 0 {
+		return TracingMultiError(errors)
+	}
+	return nil
+}
+
+// TracingMultiError is an error wrapping multiple validation errors returned
+// by Tracing.ValidateAll() if the designated constraints aren't met.
+type TracingMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m TracingMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m TracingMultiError) AllErrors() []error { return m }
+
+// TracingValidationError is the validation error returned by Tracing.Validate
+// if the designated constraints aren't met.
+type TracingValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e TracingValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e TracingValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e TracingValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e TracingValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e TracingValidationError) ErrorName() string { return "TracingValidationError" }
+
+// Error satisfies the builtin error interface
+func (e TracingValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sTracing.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = TracingValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = TracingValidationError{}
+
+// Validate checks the field values on VirtualCluster with the rules defined in
+// the proto definition for this message. If any rules are violated, the first
+// error encountered is returned, or nil if there are no violations.
+func (m *VirtualCluster) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on VirtualCluster with the rules defined
+// in the proto definition for this message. If any rules are violated, the
+// result is a list of violation errors wrapped in VirtualClusterMultiError,
+// or nil if none found.
+func (m *VirtualCluster) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *VirtualCluster) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	if len(m.GetPattern()) > 1024 {
+		err := VirtualClusterValidationError{
+			field:  "Pattern",
+			reason: "value length must be at most 1024 bytes",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+	}
+
+	for idx, item := range m.GetHeaders() {
+		_, _ = idx, item
+
+		if all {
+			switch v := interface{}(item).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, VirtualClusterValidationError{
+						field:  fmt.Sprintf("Headers[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, VirtualClusterValidationError{
+						field:  fmt.Sprintf("Headers[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(item).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return VirtualClusterValidationError{
+					field:  fmt.Sprintf("Headers[%v]", idx),
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	}
+
+	if len(m.GetName()) < 1 {
+		err := VirtualClusterValidationError{
+			field:  "Name",
+			reason: "value length must be at least 1 bytes",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+	}
+
+	// no validation rules for Method
+
+	if len(errors) > 0 {
+		return VirtualClusterMultiError(errors)
+	}
+	return nil
+}
+
+// VirtualClusterMultiError is an error wrapping multiple validation errors
+// returned by VirtualCluster.ValidateAll() if the designated constraints
+// aren't met.
+type VirtualClusterMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m VirtualClusterMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m VirtualClusterMultiError) AllErrors() []error { return m }
+
+// VirtualClusterValidationError is the validation error returned by
+// VirtualCluster.Validate if the designated constraints aren't met.
+type VirtualClusterValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e VirtualClusterValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e VirtualClusterValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e VirtualClusterValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e VirtualClusterValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e VirtualClusterValidationError) ErrorName() string { return "VirtualClusterValidationError" }
+
+// Error satisfies the builtin error interface
+func (e VirtualClusterValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sVirtualCluster.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = VirtualClusterValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = VirtualClusterValidationError{}
+
+// Validate checks the field values on RateLimit with the rules defined in the
+// proto definition for this message. If any rules are violated, the first
+// error encountered is returned, or nil if there are no violations.
+func (m *RateLimit) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on RateLimit with the rules defined in
+// the proto definition for this message. If any rules are violated, the
+// result is a list of violation errors wrapped in RateLimitMultiError, or nil
+// if none found.
+func (m *RateLimit) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *RateLimit) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	if wrapper := m.GetStage(); wrapper != nil {
+
+		if wrapper.GetValue() > 10 {
+			err := RateLimitValidationError{
+				field:  "Stage",
+				reason: "value must be less than or equal to 10",
+			}
+			if !all {
+				return err
+			}
+			errors = append(errors, err)
+		}
+
+	}
+
+	// no validation rules for DisableKey
+
+	if len(m.GetActions()) < 1 {
+		err := RateLimitValidationError{
+			field:  "Actions",
+			reason: "value must contain at least 1 item(s)",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+	}
+
+	for idx, item := range m.GetActions() {
+		_, _ = idx, item
+
+		if all {
+			switch v := interface{}(item).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, RateLimitValidationError{
+						field:  fmt.Sprintf("Actions[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, RateLimitValidationError{
+						field:  fmt.Sprintf("Actions[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(item).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return RateLimitValidationError{
+					field:  fmt.Sprintf("Actions[%v]", idx),
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	}
+
+	if len(errors) > 0 {
+		return RateLimitMultiError(errors)
+	}
+	return nil
+}
+
+// RateLimitMultiError is an error wrapping multiple validation errors returned
+// by RateLimit.ValidateAll() if the designated constraints aren't met.
+type RateLimitMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m RateLimitMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m RateLimitMultiError) AllErrors() []error { return m }
+
+// RateLimitValidationError is the validation error returned by
+// RateLimit.Validate if the designated constraints aren't met.
+type RateLimitValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e RateLimitValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e RateLimitValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e RateLimitValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e RateLimitValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e RateLimitValidationError) ErrorName() string { return "RateLimitValidationError" }
+
+// Error satisfies the builtin error interface
+func (e RateLimitValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sRateLimit.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = RateLimitValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = RateLimitValidationError{}
+
+// Validate checks the field values on HeaderMatcher with the rules defined in
+// the proto definition for this message. If any rules are violated, the first
+// error encountered is returned, or nil if there are no violations.
+func (m *HeaderMatcher) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on HeaderMatcher with the rules defined
+// in the proto definition for this message. If any rules are violated, the
+// result is a list of violation errors wrapped in HeaderMatcherMultiError, or
+// nil if none found.
+func (m *HeaderMatcher) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *HeaderMatcher) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	if len(m.GetName()) < 1 {
+		err := HeaderMatcherValidationError{
+			field:  "Name",
+			reason: "value length must be at least 1 bytes",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+	}
+
+	if !_HeaderMatcher_Name_Pattern.MatchString(m.GetName()) {
+		err := HeaderMatcherValidationError{
+			field:  "Name",
+			reason: "value does not match regex pattern \"^[^\\x00\\n\\r]*$\"",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+	}
+
+	// no validation rules for InvertMatch
+
+	switch m.HeaderMatchSpecifier.(type) {
+
+	case *HeaderMatcher_ExactMatch:
+		// no validation rules for ExactMatch
+
+	case *HeaderMatcher_RegexMatch:
+
+		if len(m.GetRegexMatch()) > 1024 {
+			err := HeaderMatcherValidationError{
+				field:  "RegexMatch",
+				reason: "value length must be at most 1024 bytes",
+			}
+			if !all {
+				return err
+			}
+			errors = append(errors, err)
+		}
+
+	case *HeaderMatcher_SafeRegexMatch:
+
+		if all {
+			switch v := interface{}(m.GetSafeRegexMatch()).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, HeaderMatcherValidationError{
+						field:  "SafeRegexMatch",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, HeaderMatcherValidationError{
+						field:  "SafeRegexMatch",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(m.GetSafeRegexMatch()).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return HeaderMatcherValidationError{
+					field:  "SafeRegexMatch",
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	case *HeaderMatcher_RangeMatch:
+
+		if all {
+			switch v := interface{}(m.GetRangeMatch()).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, HeaderMatcherValidationError{
+						field:  "RangeMatch",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, HeaderMatcherValidationError{
+						field:  "RangeMatch",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(m.GetRangeMatch()).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return HeaderMatcherValidationError{
+					field:  "RangeMatch",
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	case *HeaderMatcher_PresentMatch:
+		// no validation rules for PresentMatch
+
+	case *HeaderMatcher_PrefixMatch:
+
+		if len(m.GetPrefixMatch()) < 1 {
+			err := HeaderMatcherValidationError{
+				field:  "PrefixMatch",
+				reason: "value length must be at least 1 bytes",
+			}
+			if !all {
+				return err
+			}
+			errors = append(errors, err)
+		}
+
+	case *HeaderMatcher_SuffixMatch:
+
+		if len(m.GetSuffixMatch()) < 1 {
+			err := HeaderMatcherValidationError{
+				field:  "SuffixMatch",
+				reason: "value length must be at least 1 bytes",
+			}
+			if !all {
+				return err
+			}
+			errors = append(errors, err)
+		}
+
+	}
+
+	if len(errors) > 0 {
+		return HeaderMatcherMultiError(errors)
+	}
+	return nil
+}
+
+// HeaderMatcherMultiError is an error wrapping multiple validation errors
+// returned by HeaderMatcher.ValidateAll() if the designated constraints
+// aren't met.
+type HeaderMatcherMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m HeaderMatcherMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m HeaderMatcherMultiError) AllErrors() []error { return m }
+
+// HeaderMatcherValidationError is the validation error returned by
+// HeaderMatcher.Validate if the designated constraints aren't met.
+type HeaderMatcherValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e HeaderMatcherValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e HeaderMatcherValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e HeaderMatcherValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e HeaderMatcherValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e HeaderMatcherValidationError) ErrorName() string { return "HeaderMatcherValidationError" }
+
+// Error satisfies the builtin error interface
+func (e HeaderMatcherValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sHeaderMatcher.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = HeaderMatcherValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = HeaderMatcherValidationError{}
+
+var _HeaderMatcher_Name_Pattern = regexp.MustCompile("^[^\x00\n\r]*$")
+
+// Validate checks the field values on QueryParameterMatcher with the rules
+// defined in the proto definition for this message. If any rules are
+// violated, the first error encountered is returned, or nil if there are no violations.
+func (m *QueryParameterMatcher) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on QueryParameterMatcher with the rules
+// defined in the proto definition for this message. If any rules are
+// violated, the result is a list of violation errors wrapped in
+// QueryParameterMatcherMultiError, or nil if none found.
+func (m *QueryParameterMatcher) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *QueryParameterMatcher) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	if l := len(m.GetName()); l < 1 || l > 1024 {
+		err := QueryParameterMatcherValidationError{
+			field:  "Name",
+			reason: "value length must be between 1 and 1024 bytes, inclusive",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+	}
+
+	// no validation rules for Value
+
+	if all {
+		switch v := interface{}(m.GetRegex()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, QueryParameterMatcherValidationError{
+					field:  "Regex",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, QueryParameterMatcherValidationError{
+					field:  "Regex",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetRegex()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return QueryParameterMatcherValidationError{
+				field:  "Regex",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	switch m.QueryParameterMatchSpecifier.(type) {
+
+	case *QueryParameterMatcher_StringMatch:
+
+		if m.GetStringMatch() == nil {
+			err := QueryParameterMatcherValidationError{
+				field:  "StringMatch",
+				reason: "value is required",
+			}
+			if !all {
+				return err
+			}
+			errors = append(errors, err)
+		}
+
+		if all {
+			switch v := interface{}(m.GetStringMatch()).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, QueryParameterMatcherValidationError{
+						field:  "StringMatch",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, QueryParameterMatcherValidationError{
+						field:  "StringMatch",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(m.GetStringMatch()).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return QueryParameterMatcherValidationError{
+					field:  "StringMatch",
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	case *QueryParameterMatcher_PresentMatch:
+		// no validation rules for PresentMatch
+
+	}
+
+	if len(errors) > 0 {
+		return QueryParameterMatcherMultiError(errors)
+	}
+	return nil
+}
+
+// QueryParameterMatcherMultiError is an error wrapping multiple validation
+// errors returned by QueryParameterMatcher.ValidateAll() if the designated
+// constraints aren't met.
+type QueryParameterMatcherMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m QueryParameterMatcherMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m QueryParameterMatcherMultiError) AllErrors() []error { return m }
+
+// QueryParameterMatcherValidationError is the validation error returned by
+// QueryParameterMatcher.Validate if the designated constraints aren't met.
+type QueryParameterMatcherValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e QueryParameterMatcherValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e QueryParameterMatcherValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e QueryParameterMatcherValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e QueryParameterMatcherValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e QueryParameterMatcherValidationError) ErrorName() string {
+	return "QueryParameterMatcherValidationError"
+}
+
+// Error satisfies the builtin error interface
+func (e QueryParameterMatcherValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sQueryParameterMatcher.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = QueryParameterMatcherValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = QueryParameterMatcherValidationError{}
+
+// Validate checks the field values on WeightedCluster_ClusterWeight with the
+// rules defined in the proto definition for this message. If any rules are
+// violated, the first error encountered is returned, or nil if there are no violations.
+func (m *WeightedCluster_ClusterWeight) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on WeightedCluster_ClusterWeight with
+// the rules defined in the proto definition for this message. If any rules
+// are violated, the result is a list of violation errors wrapped in
+// WeightedCluster_ClusterWeightMultiError, or nil if none found.
+func (m *WeightedCluster_ClusterWeight) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *WeightedCluster_ClusterWeight) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	if len(m.GetName()) < 1 {
+		err := WeightedCluster_ClusterWeightValidationError{
+			field:  "Name",
+			reason: "value length must be at least 1 bytes",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+	}
+
+	if all {
+		switch v := interface{}(m.GetWeight()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, WeightedCluster_ClusterWeightValidationError{
+					field:  "Weight",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, WeightedCluster_ClusterWeightValidationError{
+					field:  "Weight",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetWeight()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return WeightedCluster_ClusterWeightValidationError{
+				field:  "Weight",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if all {
+		switch v := interface{}(m.GetMetadataMatch()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, WeightedCluster_ClusterWeightValidationError{
+					field:  "MetadataMatch",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, WeightedCluster_ClusterWeightValidationError{
+					field:  "MetadataMatch",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetMetadataMatch()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return WeightedCluster_ClusterWeightValidationError{
+				field:  "MetadataMatch",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if len(m.GetRequestHeadersToAdd()) > 1000 {
+		err := WeightedCluster_ClusterWeightValidationError{
+			field:  "RequestHeadersToAdd",
+			reason: "value must contain no more than 1000 item(s)",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+	}
+
+	for idx, item := range m.GetRequestHeadersToAdd() {
+		_, _ = idx, item
+
+		if all {
+			switch v := interface{}(item).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, WeightedCluster_ClusterWeightValidationError{
+						field:  fmt.Sprintf("RequestHeadersToAdd[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, WeightedCluster_ClusterWeightValidationError{
+						field:  fmt.Sprintf("RequestHeadersToAdd[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(item).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return WeightedCluster_ClusterWeightValidationError{
+					field:  fmt.Sprintf("RequestHeadersToAdd[%v]", idx),
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	}
+
+	if len(m.GetResponseHeadersToAdd()) > 1000 {
+		err := WeightedCluster_ClusterWeightValidationError{
+			field:  "ResponseHeadersToAdd",
+			reason: "value must contain no more than 1000 item(s)",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+	}
+
+	for idx, item := range m.GetResponseHeadersToAdd() {
+		_, _ = idx, item
+
+		if all {
+			switch v := interface{}(item).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, WeightedCluster_ClusterWeightValidationError{
+						field:  fmt.Sprintf("ResponseHeadersToAdd[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, WeightedCluster_ClusterWeightValidationError{
+						field:  fmt.Sprintf("ResponseHeadersToAdd[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(item).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return WeightedCluster_ClusterWeightValidationError{
+					field:  fmt.Sprintf("ResponseHeadersToAdd[%v]", idx),
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	}
+
+	{
+		sorted_keys := make([]string, len(m.GetPerFilterConfig()))
+		i := 0
+		for key := range m.GetPerFilterConfig() {
+			sorted_keys[i] = key
+			i++
+		}
+		sort.Slice(sorted_keys, func(i, j int) bool { return sorted_keys[i] < sorted_keys[j] })
+		for _, key := range sorted_keys {
+			val := m.GetPerFilterConfig()[key]
+			_ = val
+
+			// no validation rules for PerFilterConfig[key]
+
+			if all {
+				switch v := interface{}(val).(type) {
+				case interface{ ValidateAll() error }:
+					if err := v.ValidateAll(); err != nil {
+						errors = append(errors, WeightedCluster_ClusterWeightValidationError{
+							field:  fmt.Sprintf("PerFilterConfig[%v]", key),
+							reason: "embedded message failed validation",
+							cause:  err,
+						})
+					}
+				case interface{ Validate() error }:
+					if err := v.Validate(); err != nil {
+						errors = append(errors, WeightedCluster_ClusterWeightValidationError{
+							field:  fmt.Sprintf("PerFilterConfig[%v]", key),
+							reason: "embedded message failed validation",
+							cause:  err,
+						})
+					}
+				}
+			} else if v, ok := interface{}(val).(interface{ Validate() error }); ok {
+				if err := v.Validate(); err != nil {
+					return WeightedCluster_ClusterWeightValidationError{
+						field:  fmt.Sprintf("PerFilterConfig[%v]", key),
+						reason: "embedded message failed validation",
+						cause:  err,
+					}
+				}
+			}
+
+		}
+	}
+
+	{
+		sorted_keys := make([]string, len(m.GetTypedPerFilterConfig()))
+		i := 0
+		for key := range m.GetTypedPerFilterConfig() {
+			sorted_keys[i] = key
+			i++
+		}
+		sort.Slice(sorted_keys, func(i, j int) bool { return sorted_keys[i] < sorted_keys[j] })
+		for _, key := range sorted_keys {
+			val := m.GetTypedPerFilterConfig()[key]
+			_ = val
+
+			// no validation rules for TypedPerFilterConfig[key]
+
+			if all {
+				switch v := interface{}(val).(type) {
+				case interface{ ValidateAll() error }:
+					if err := v.ValidateAll(); err != nil {
+						errors = append(errors, WeightedCluster_ClusterWeightValidationError{
+							field:  fmt.Sprintf("TypedPerFilterConfig[%v]", key),
+							reason: "embedded message failed validation",
+							cause:  err,
+						})
+					}
+				case interface{ Validate() error }:
+					if err := v.Validate(); err != nil {
+						errors = append(errors, WeightedCluster_ClusterWeightValidationError{
+							field:  fmt.Sprintf("TypedPerFilterConfig[%v]", key),
+							reason: "embedded message failed validation",
+							cause:  err,
+						})
+					}
+				}
+			} else if v, ok := interface{}(val).(interface{ Validate() error }); ok {
+				if err := v.Validate(); err != nil {
+					return WeightedCluster_ClusterWeightValidationError{
+						field:  fmt.Sprintf("TypedPerFilterConfig[%v]", key),
+						reason: "embedded message failed validation",
+						cause:  err,
+					}
+				}
+			}
+
+		}
+	}
+
+	if len(errors) > 0 {
+		return WeightedCluster_ClusterWeightMultiError(errors)
+	}
+	return nil
+}
+
+// WeightedCluster_ClusterWeightMultiError is an error wrapping multiple
+// validation errors returned by WeightedCluster_ClusterWeight.ValidateAll()
+// if the designated constraints aren't met.
+type WeightedCluster_ClusterWeightMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m WeightedCluster_ClusterWeightMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m WeightedCluster_ClusterWeightMultiError) AllErrors() []error { return m }
+
+// WeightedCluster_ClusterWeightValidationError is the validation error
+// returned by WeightedCluster_ClusterWeight.Validate if the designated
+// constraints aren't met.
+type WeightedCluster_ClusterWeightValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e WeightedCluster_ClusterWeightValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e WeightedCluster_ClusterWeightValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e WeightedCluster_ClusterWeightValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e WeightedCluster_ClusterWeightValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e WeightedCluster_ClusterWeightValidationError) ErrorName() string {
+	return "WeightedCluster_ClusterWeightValidationError"
+}
+
+// Error satisfies the builtin error interface
+func (e WeightedCluster_ClusterWeightValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sWeightedCluster_ClusterWeight.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = WeightedCluster_ClusterWeightValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = WeightedCluster_ClusterWeightValidationError{}
+
+// Validate checks the field values on RouteMatch_GrpcRouteMatchOptions with
+// the rules defined in the proto definition for this message. If any rules
+// are violated, the first error encountered is returned, or nil if there are
+// no violations.
+func (m *RouteMatch_GrpcRouteMatchOptions) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on RouteMatch_GrpcRouteMatchOptions with
+// the rules defined in the proto definition for this message. If any rules
+// are violated, the result is a list of violation errors wrapped in
+// RouteMatch_GrpcRouteMatchOptionsMultiError, or nil if none found.
+func (m *RouteMatch_GrpcRouteMatchOptions) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *RouteMatch_GrpcRouteMatchOptions) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	if len(errors) > 0 {
+		return RouteMatch_GrpcRouteMatchOptionsMultiError(errors)
+	}
+	return nil
+}
+
+// RouteMatch_GrpcRouteMatchOptionsMultiError is an error wrapping multiple
+// validation errors returned by
+// RouteMatch_GrpcRouteMatchOptions.ValidateAll() if the designated
+// constraints aren't met.
+type RouteMatch_GrpcRouteMatchOptionsMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m RouteMatch_GrpcRouteMatchOptionsMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m RouteMatch_GrpcRouteMatchOptionsMultiError) AllErrors() []error { return m }
+
+// RouteMatch_GrpcRouteMatchOptionsValidationError is the validation error
+// returned by RouteMatch_GrpcRouteMatchOptions.Validate if the designated
+// constraints aren't met.
+type RouteMatch_GrpcRouteMatchOptionsValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e RouteMatch_GrpcRouteMatchOptionsValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e RouteMatch_GrpcRouteMatchOptionsValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e RouteMatch_GrpcRouteMatchOptionsValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e RouteMatch_GrpcRouteMatchOptionsValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e RouteMatch_GrpcRouteMatchOptionsValidationError) ErrorName() string {
+	return "RouteMatch_GrpcRouteMatchOptionsValidationError"
+}
+
+// Error satisfies the builtin error interface
+func (e RouteMatch_GrpcRouteMatchOptionsValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sRouteMatch_GrpcRouteMatchOptions.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = RouteMatch_GrpcRouteMatchOptionsValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = RouteMatch_GrpcRouteMatchOptionsValidationError{}
+
+// Validate checks the field values on RouteMatch_TlsContextMatchOptions with
+// the rules defined in the proto definition for this message. If any rules
+// are violated, the first error encountered is returned, or nil if there are
+// no violations.
+func (m *RouteMatch_TlsContextMatchOptions) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on RouteMatch_TlsContextMatchOptions
+// with the rules defined in the proto definition for this message. If any
+// rules are violated, the result is a list of violation errors wrapped in
+// RouteMatch_TlsContextMatchOptionsMultiError, or nil if none found.
+func (m *RouteMatch_TlsContextMatchOptions) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *RouteMatch_TlsContextMatchOptions) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	if all {
+		switch v := interface{}(m.GetPresented()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, RouteMatch_TlsContextMatchOptionsValidationError{
+					field:  "Presented",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, RouteMatch_TlsContextMatchOptionsValidationError{
+					field:  "Presented",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetPresented()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return RouteMatch_TlsContextMatchOptionsValidationError{
+				field:  "Presented",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if all {
+		switch v := interface{}(m.GetValidated()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, RouteMatch_TlsContextMatchOptionsValidationError{
+					field:  "Validated",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, RouteMatch_TlsContextMatchOptionsValidationError{
+					field:  "Validated",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetValidated()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return RouteMatch_TlsContextMatchOptionsValidationError{
+				field:  "Validated",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if len(errors) > 0 {
+		return RouteMatch_TlsContextMatchOptionsMultiError(errors)
+	}
+	return nil
+}
+
+// RouteMatch_TlsContextMatchOptionsMultiError is an error wrapping multiple
+// validation errors returned by
+// RouteMatch_TlsContextMatchOptions.ValidateAll() if the designated
+// constraints aren't met.
+type RouteMatch_TlsContextMatchOptionsMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m RouteMatch_TlsContextMatchOptionsMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m RouteMatch_TlsContextMatchOptionsMultiError) AllErrors() []error { return m }
+
+// RouteMatch_TlsContextMatchOptionsValidationError is the validation error
+// returned by RouteMatch_TlsContextMatchOptions.Validate if the designated
+// constraints aren't met.
+type RouteMatch_TlsContextMatchOptionsValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e RouteMatch_TlsContextMatchOptionsValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e RouteMatch_TlsContextMatchOptionsValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e RouteMatch_TlsContextMatchOptionsValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e RouteMatch_TlsContextMatchOptionsValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e RouteMatch_TlsContextMatchOptionsValidationError) ErrorName() string {
+	return "RouteMatch_TlsContextMatchOptionsValidationError"
+}
+
+// Error satisfies the builtin error interface
+func (e RouteMatch_TlsContextMatchOptionsValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sRouteMatch_TlsContextMatchOptions.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = RouteMatch_TlsContextMatchOptionsValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = RouteMatch_TlsContextMatchOptionsValidationError{}
+
+// Validate checks the field values on RouteAction_RequestMirrorPolicy with the
+// rules defined in the proto definition for this message. If any rules are
+// violated, the first error encountered is returned, or nil if there are no violations.
+func (m *RouteAction_RequestMirrorPolicy) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on RouteAction_RequestMirrorPolicy with
+// the rules defined in the proto definition for this message. If any rules
+// are violated, the result is a list of violation errors wrapped in
+// RouteAction_RequestMirrorPolicyMultiError, or nil if none found.
+func (m *RouteAction_RequestMirrorPolicy) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *RouteAction_RequestMirrorPolicy) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	if len(m.GetCluster()) < 1 {
+		err := RouteAction_RequestMirrorPolicyValidationError{
+			field:  "Cluster",
+			reason: "value length must be at least 1 bytes",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+	}
+
+	// no validation rules for RuntimeKey
+
+	if all {
+		switch v := interface{}(m.GetRuntimeFraction()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, RouteAction_RequestMirrorPolicyValidationError{
+					field:  "RuntimeFraction",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, RouteAction_RequestMirrorPolicyValidationError{
+					field:  "RuntimeFraction",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetRuntimeFraction()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return RouteAction_RequestMirrorPolicyValidationError{
+				field:  "RuntimeFraction",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if all {
+		switch v := interface{}(m.GetTraceSampled()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, RouteAction_RequestMirrorPolicyValidationError{
+					field:  "TraceSampled",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, RouteAction_RequestMirrorPolicyValidationError{
+					field:  "TraceSampled",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetTraceSampled()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return RouteAction_RequestMirrorPolicyValidationError{
+				field:  "TraceSampled",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if len(errors) > 0 {
+		return RouteAction_RequestMirrorPolicyMultiError(errors)
+	}
+	return nil
+}
+
+// RouteAction_RequestMirrorPolicyMultiError is an error wrapping multiple
+// validation errors returned by RouteAction_RequestMirrorPolicy.ValidateAll()
+// if the designated constraints aren't met.
+type RouteAction_RequestMirrorPolicyMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m RouteAction_RequestMirrorPolicyMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m RouteAction_RequestMirrorPolicyMultiError) AllErrors() []error { return m }
+
+// RouteAction_RequestMirrorPolicyValidationError is the validation error
+// returned by RouteAction_RequestMirrorPolicy.Validate if the designated
+// constraints aren't met.
+type RouteAction_RequestMirrorPolicyValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e RouteAction_RequestMirrorPolicyValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e RouteAction_RequestMirrorPolicyValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e RouteAction_RequestMirrorPolicyValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e RouteAction_RequestMirrorPolicyValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e RouteAction_RequestMirrorPolicyValidationError) ErrorName() string {
+	return "RouteAction_RequestMirrorPolicyValidationError"
+}
+
+// Error satisfies the builtin error interface
+func (e RouteAction_RequestMirrorPolicyValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sRouteAction_RequestMirrorPolicy.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = RouteAction_RequestMirrorPolicyValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = RouteAction_RequestMirrorPolicyValidationError{}
+
+// Validate checks the field values on RouteAction_HashPolicy with the rules
+// defined in the proto definition for this message. If any rules are
+// violated, the first error encountered is returned, or nil if there are no violations.
+func (m *RouteAction_HashPolicy) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on RouteAction_HashPolicy with the rules
+// defined in the proto definition for this message. If any rules are
+// violated, the result is a list of violation errors wrapped in
+// RouteAction_HashPolicyMultiError, or nil if none found.
+func (m *RouteAction_HashPolicy) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *RouteAction_HashPolicy) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	// no validation rules for Terminal
+
+	switch m.PolicySpecifier.(type) {
+
+	case *RouteAction_HashPolicy_Header_:
+
+		if all {
+			switch v := interface{}(m.GetHeader()).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, RouteAction_HashPolicyValidationError{
+						field:  "Header",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, RouteAction_HashPolicyValidationError{
+						field:  "Header",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(m.GetHeader()).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return RouteAction_HashPolicyValidationError{
+					field:  "Header",
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	case *RouteAction_HashPolicy_Cookie_:
+
+		if all {
+			switch v := interface{}(m.GetCookie()).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, RouteAction_HashPolicyValidationError{
+						field:  "Cookie",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, RouteAction_HashPolicyValidationError{
+						field:  "Cookie",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(m.GetCookie()).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return RouteAction_HashPolicyValidationError{
+					field:  "Cookie",
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	case *RouteAction_HashPolicy_ConnectionProperties_:
+
+		if all {
+			switch v := interface{}(m.GetConnectionProperties()).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, RouteAction_HashPolicyValidationError{
+						field:  "ConnectionProperties",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, RouteAction_HashPolicyValidationError{
+						field:  "ConnectionProperties",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(m.GetConnectionProperties()).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return RouteAction_HashPolicyValidationError{
+					field:  "ConnectionProperties",
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	case *RouteAction_HashPolicy_QueryParameter_:
+
+		if all {
+			switch v := interface{}(m.GetQueryParameter()).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, RouteAction_HashPolicyValidationError{
+						field:  "QueryParameter",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, RouteAction_HashPolicyValidationError{
+						field:  "QueryParameter",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(m.GetQueryParameter()).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return RouteAction_HashPolicyValidationError{
+					field:  "QueryParameter",
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	case *RouteAction_HashPolicy_FilterState_:
+
+		if all {
+			switch v := interface{}(m.GetFilterState()).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, RouteAction_HashPolicyValidationError{
+						field:  "FilterState",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, RouteAction_HashPolicyValidationError{
+						field:  "FilterState",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(m.GetFilterState()).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return RouteAction_HashPolicyValidationError{
+					field:  "FilterState",
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	default:
+		err := RouteAction_HashPolicyValidationError{
+			field:  "PolicySpecifier",
+			reason: "value is required",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+
+	}
+
+	if len(errors) > 0 {
+		return RouteAction_HashPolicyMultiError(errors)
+	}
+	return nil
+}
+
+// RouteAction_HashPolicyMultiError is an error wrapping multiple validation
+// errors returned by RouteAction_HashPolicy.ValidateAll() if the designated
+// constraints aren't met.
+type RouteAction_HashPolicyMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m RouteAction_HashPolicyMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m RouteAction_HashPolicyMultiError) AllErrors() []error { return m }
+
+// RouteAction_HashPolicyValidationError is the validation error returned by
+// RouteAction_HashPolicy.Validate if the designated constraints aren't met.
+type RouteAction_HashPolicyValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e RouteAction_HashPolicyValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e RouteAction_HashPolicyValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e RouteAction_HashPolicyValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e RouteAction_HashPolicyValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e RouteAction_HashPolicyValidationError) ErrorName() string {
+	return "RouteAction_HashPolicyValidationError"
+}
+
+// Error satisfies the builtin error interface
+func (e RouteAction_HashPolicyValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sRouteAction_HashPolicy.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = RouteAction_HashPolicyValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = RouteAction_HashPolicyValidationError{}
+
+// Validate checks the field values on RouteAction_UpgradeConfig with the rules
+// defined in the proto definition for this message. If any rules are
+// violated, the first error encountered is returned, or nil if there are no violations.
+func (m *RouteAction_UpgradeConfig) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on RouteAction_UpgradeConfig with the
+// rules defined in the proto definition for this message. If any rules are
+// violated, the result is a list of violation errors wrapped in
+// RouteAction_UpgradeConfigMultiError, or nil if none found.
+func (m *RouteAction_UpgradeConfig) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *RouteAction_UpgradeConfig) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	if !_RouteAction_UpgradeConfig_UpgradeType_Pattern.MatchString(m.GetUpgradeType()) {
+		err := RouteAction_UpgradeConfigValidationError{
+			field:  "UpgradeType",
+			reason: "value does not match regex pattern \"^[^\\x00\\n\\r]*$\"",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+	}
+
+	if all {
+		switch v := interface{}(m.GetEnabled()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, RouteAction_UpgradeConfigValidationError{
+					field:  "Enabled",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, RouteAction_UpgradeConfigValidationError{
+					field:  "Enabled",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetEnabled()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return RouteAction_UpgradeConfigValidationError{
+				field:  "Enabled",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if len(errors) > 0 {
+		return RouteAction_UpgradeConfigMultiError(errors)
+	}
+	return nil
+}
+
+// RouteAction_UpgradeConfigMultiError is an error wrapping multiple validation
+// errors returned by RouteAction_UpgradeConfig.ValidateAll() if the
+// designated constraints aren't met.
+type RouteAction_UpgradeConfigMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m RouteAction_UpgradeConfigMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m RouteAction_UpgradeConfigMultiError) AllErrors() []error { return m }
+
+// RouteAction_UpgradeConfigValidationError is the validation error returned by
+// RouteAction_UpgradeConfig.Validate if the designated constraints aren't met.
+type RouteAction_UpgradeConfigValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e RouteAction_UpgradeConfigValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e RouteAction_UpgradeConfigValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e RouteAction_UpgradeConfigValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e RouteAction_UpgradeConfigValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e RouteAction_UpgradeConfigValidationError) ErrorName() string {
+	return "RouteAction_UpgradeConfigValidationError"
+}
+
+// Error satisfies the builtin error interface
+func (e RouteAction_UpgradeConfigValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sRouteAction_UpgradeConfig.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = RouteAction_UpgradeConfigValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = RouteAction_UpgradeConfigValidationError{}
+
+var _RouteAction_UpgradeConfig_UpgradeType_Pattern = regexp.MustCompile("^[^\x00\n\r]*$")
+
+// Validate checks the field values on RouteAction_HashPolicy_Header with the
+// rules defined in the proto definition for this message. If any rules are
+// violated, the first error encountered is returned, or nil if there are no violations.
+func (m *RouteAction_HashPolicy_Header) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on RouteAction_HashPolicy_Header with
+// the rules defined in the proto definition for this message. If any rules
+// are violated, the result is a list of violation errors wrapped in
+// RouteAction_HashPolicy_HeaderMultiError, or nil if none found.
+func (m *RouteAction_HashPolicy_Header) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *RouteAction_HashPolicy_Header) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	if len(m.GetHeaderName()) < 1 {
+		err := RouteAction_HashPolicy_HeaderValidationError{
+			field:  "HeaderName",
+			reason: "value length must be at least 1 bytes",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+	}
+
+	if !_RouteAction_HashPolicy_Header_HeaderName_Pattern.MatchString(m.GetHeaderName()) {
+		err := RouteAction_HashPolicy_HeaderValidationError{
+			field:  "HeaderName",
+			reason: "value does not match regex pattern \"^[^\\x00\\n\\r]*$\"",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+	}
+
+	if len(errors) > 0 {
+		return RouteAction_HashPolicy_HeaderMultiError(errors)
+	}
+	return nil
+}
+
+// RouteAction_HashPolicy_HeaderMultiError is an error wrapping multiple
+// validation errors returned by RouteAction_HashPolicy_Header.ValidateAll()
+// if the designated constraints aren't met.
+type RouteAction_HashPolicy_HeaderMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m RouteAction_HashPolicy_HeaderMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m RouteAction_HashPolicy_HeaderMultiError) AllErrors() []error { return m }
+
+// RouteAction_HashPolicy_HeaderValidationError is the validation error
+// returned by RouteAction_HashPolicy_Header.Validate if the designated
+// constraints aren't met.
+type RouteAction_HashPolicy_HeaderValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e RouteAction_HashPolicy_HeaderValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e RouteAction_HashPolicy_HeaderValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e RouteAction_HashPolicy_HeaderValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e RouteAction_HashPolicy_HeaderValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e RouteAction_HashPolicy_HeaderValidationError) ErrorName() string {
+	return "RouteAction_HashPolicy_HeaderValidationError"
+}
+
+// Error satisfies the builtin error interface
+func (e RouteAction_HashPolicy_HeaderValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sRouteAction_HashPolicy_Header.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = RouteAction_HashPolicy_HeaderValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = RouteAction_HashPolicy_HeaderValidationError{}
+
+var _RouteAction_HashPolicy_Header_HeaderName_Pattern = regexp.MustCompile("^[^\x00\n\r]*$")
+
+// Validate checks the field values on RouteAction_HashPolicy_Cookie with the
+// rules defined in the proto definition for this message. If any rules are
+// violated, the first error encountered is returned, or nil if there are no violations.
+func (m *RouteAction_HashPolicy_Cookie) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on RouteAction_HashPolicy_Cookie with
+// the rules defined in the proto definition for this message. If any rules
+// are violated, the result is a list of violation errors wrapped in
+// RouteAction_HashPolicy_CookieMultiError, or nil if none found.
+func (m *RouteAction_HashPolicy_Cookie) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *RouteAction_HashPolicy_Cookie) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	if len(m.GetName()) < 1 {
+		err := RouteAction_HashPolicy_CookieValidationError{
+			field:  "Name",
+			reason: "value length must be at least 1 bytes",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+	}
+
+	if all {
+		switch v := interface{}(m.GetTtl()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, RouteAction_HashPolicy_CookieValidationError{
+					field:  "Ttl",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, RouteAction_HashPolicy_CookieValidationError{
+					field:  "Ttl",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetTtl()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return RouteAction_HashPolicy_CookieValidationError{
+				field:  "Ttl",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	// no validation rules for Path
+
+	if len(errors) > 0 {
+		return RouteAction_HashPolicy_CookieMultiError(errors)
+	}
+	return nil
+}
+
+// RouteAction_HashPolicy_CookieMultiError is an error wrapping multiple
+// validation errors returned by RouteAction_HashPolicy_Cookie.ValidateAll()
+// if the designated constraints aren't met.
+type RouteAction_HashPolicy_CookieMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m RouteAction_HashPolicy_CookieMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m RouteAction_HashPolicy_CookieMultiError) AllErrors() []error { return m }
+
+// RouteAction_HashPolicy_CookieValidationError is the validation error
+// returned by RouteAction_HashPolicy_Cookie.Validate if the designated
+// constraints aren't met.
+type RouteAction_HashPolicy_CookieValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e RouteAction_HashPolicy_CookieValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e RouteAction_HashPolicy_CookieValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e RouteAction_HashPolicy_CookieValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e RouteAction_HashPolicy_CookieValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e RouteAction_HashPolicy_CookieValidationError) ErrorName() string {
+	return "RouteAction_HashPolicy_CookieValidationError"
+}
+
+// Error satisfies the builtin error interface
+func (e RouteAction_HashPolicy_CookieValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sRouteAction_HashPolicy_Cookie.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = RouteAction_HashPolicy_CookieValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = RouteAction_HashPolicy_CookieValidationError{}
+
+// Validate checks the field values on
+// RouteAction_HashPolicy_ConnectionProperties with the rules defined in the
+// proto definition for this message. If any rules are violated, the first
+// error encountered is returned, or nil if there are no violations.
+func (m *RouteAction_HashPolicy_ConnectionProperties) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on
+// RouteAction_HashPolicy_ConnectionProperties with the rules defined in the
+// proto definition for this message. If any rules are violated, the result is
+// a list of violation errors wrapped in
+// RouteAction_HashPolicy_ConnectionPropertiesMultiError, or nil if none found.
+func (m *RouteAction_HashPolicy_ConnectionProperties) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *RouteAction_HashPolicy_ConnectionProperties) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	// no validation rules for SourceIp
+
+	if len(errors) > 0 {
+		return RouteAction_HashPolicy_ConnectionPropertiesMultiError(errors)
+	}
+	return nil
+}
+
+// RouteAction_HashPolicy_ConnectionPropertiesMultiError is an error wrapping
+// multiple validation errors returned by
+// RouteAction_HashPolicy_ConnectionProperties.ValidateAll() if the designated
+// constraints aren't met.
+type RouteAction_HashPolicy_ConnectionPropertiesMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m RouteAction_HashPolicy_ConnectionPropertiesMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m RouteAction_HashPolicy_ConnectionPropertiesMultiError) AllErrors() []error { return m }
+
+// RouteAction_HashPolicy_ConnectionPropertiesValidationError is the validation
+// error returned by RouteAction_HashPolicy_ConnectionProperties.Validate if
+// the designated constraints aren't met.
+type RouteAction_HashPolicy_ConnectionPropertiesValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e RouteAction_HashPolicy_ConnectionPropertiesValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e RouteAction_HashPolicy_ConnectionPropertiesValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e RouteAction_HashPolicy_ConnectionPropertiesValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e RouteAction_HashPolicy_ConnectionPropertiesValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e RouteAction_HashPolicy_ConnectionPropertiesValidationError) ErrorName() string {
+	return "RouteAction_HashPolicy_ConnectionPropertiesValidationError"
+}
+
+// Error satisfies the builtin error interface
+func (e RouteAction_HashPolicy_ConnectionPropertiesValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sRouteAction_HashPolicy_ConnectionProperties.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = RouteAction_HashPolicy_ConnectionPropertiesValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = RouteAction_HashPolicy_ConnectionPropertiesValidationError{}
+
+// Validate checks the field values on RouteAction_HashPolicy_QueryParameter
+// with the rules defined in the proto definition for this message. If any
+// rules are violated, the first error encountered is returned, or nil if
+// there are no violations.
+func (m *RouteAction_HashPolicy_QueryParameter) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on RouteAction_HashPolicy_QueryParameter
+// with the rules defined in the proto definition for this message. If any
+// rules are violated, the result is a list of violation errors wrapped in
+// RouteAction_HashPolicy_QueryParameterMultiError, or nil if none found.
+func (m *RouteAction_HashPolicy_QueryParameter) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *RouteAction_HashPolicy_QueryParameter) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	if len(m.GetName()) < 1 {
+		err := RouteAction_HashPolicy_QueryParameterValidationError{
+			field:  "Name",
+			reason: "value length must be at least 1 bytes",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+	}
+
+	if len(errors) > 0 {
+		return RouteAction_HashPolicy_QueryParameterMultiError(errors)
+	}
+	return nil
+}
+
+// RouteAction_HashPolicy_QueryParameterMultiError is an error wrapping
+// multiple validation errors returned by
+// RouteAction_HashPolicy_QueryParameter.ValidateAll() if the designated
+// constraints aren't met.
+type RouteAction_HashPolicy_QueryParameterMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m RouteAction_HashPolicy_QueryParameterMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m RouteAction_HashPolicy_QueryParameterMultiError) AllErrors() []error { return m }
+
+// RouteAction_HashPolicy_QueryParameterValidationError is the validation error
+// returned by RouteAction_HashPolicy_QueryParameter.Validate if the
+// designated constraints aren't met.
+type RouteAction_HashPolicy_QueryParameterValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e RouteAction_HashPolicy_QueryParameterValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e RouteAction_HashPolicy_QueryParameterValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e RouteAction_HashPolicy_QueryParameterValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e RouteAction_HashPolicy_QueryParameterValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e RouteAction_HashPolicy_QueryParameterValidationError) ErrorName() string {
+	return "RouteAction_HashPolicy_QueryParameterValidationError"
+}
+
+// Error satisfies the builtin error interface
+func (e RouteAction_HashPolicy_QueryParameterValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sRouteAction_HashPolicy_QueryParameter.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = RouteAction_HashPolicy_QueryParameterValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = RouteAction_HashPolicy_QueryParameterValidationError{}
+
+// Validate checks the field values on RouteAction_HashPolicy_FilterState with
+// the rules defined in the proto definition for this message. If any rules
+// are violated, the first error encountered is returned, or nil if there are
+// no violations.
+func (m *RouteAction_HashPolicy_FilterState) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on RouteAction_HashPolicy_FilterState
+// with the rules defined in the proto definition for this message. If any
+// rules are violated, the result is a list of violation errors wrapped in
+// RouteAction_HashPolicy_FilterStateMultiError, or nil if none found.
+func (m *RouteAction_HashPolicy_FilterState) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *RouteAction_HashPolicy_FilterState) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	if len(m.GetKey()) < 1 {
+		err := RouteAction_HashPolicy_FilterStateValidationError{
+			field:  "Key",
+			reason: "value length must be at least 1 bytes",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+	}
+
+	if len(errors) > 0 {
+		return RouteAction_HashPolicy_FilterStateMultiError(errors)
+	}
+	return nil
+}
+
+// RouteAction_HashPolicy_FilterStateMultiError is an error wrapping multiple
+// validation errors returned by
+// RouteAction_HashPolicy_FilterState.ValidateAll() if the designated
+// constraints aren't met.
+type RouteAction_HashPolicy_FilterStateMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m RouteAction_HashPolicy_FilterStateMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m RouteAction_HashPolicy_FilterStateMultiError) AllErrors() []error { return m }
+
+// RouteAction_HashPolicy_FilterStateValidationError is the validation error
+// returned by RouteAction_HashPolicy_FilterState.Validate if the designated
+// constraints aren't met.
+type RouteAction_HashPolicy_FilterStateValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e RouteAction_HashPolicy_FilterStateValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e RouteAction_HashPolicy_FilterStateValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e RouteAction_HashPolicy_FilterStateValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e RouteAction_HashPolicy_FilterStateValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e RouteAction_HashPolicy_FilterStateValidationError) ErrorName() string {
+	return "RouteAction_HashPolicy_FilterStateValidationError"
+}
+
+// Error satisfies the builtin error interface
+func (e RouteAction_HashPolicy_FilterStateValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sRouteAction_HashPolicy_FilterState.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = RouteAction_HashPolicy_FilterStateValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = RouteAction_HashPolicy_FilterStateValidationError{}
+
+// Validate checks the field values on RetryPolicy_RetryPriority with the rules
+// defined in the proto definition for this message. If any rules are
+// violated, the first error encountered is returned, or nil if there are no violations.
+func (m *RetryPolicy_RetryPriority) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on RetryPolicy_RetryPriority with the
+// rules defined in the proto definition for this message. If any rules are
+// violated, the result is a list of violation errors wrapped in
+// RetryPolicy_RetryPriorityMultiError, or nil if none found.
+func (m *RetryPolicy_RetryPriority) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *RetryPolicy_RetryPriority) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	if len(m.GetName()) < 1 {
+		err := RetryPolicy_RetryPriorityValidationError{
+			field:  "Name",
+			reason: "value length must be at least 1 bytes",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+	}
+
+	switch m.ConfigType.(type) {
+
+	case *RetryPolicy_RetryPriority_Config:
+
+		if all {
+			switch v := interface{}(m.GetConfig()).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, RetryPolicy_RetryPriorityValidationError{
+						field:  "Config",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, RetryPolicy_RetryPriorityValidationError{
+						field:  "Config",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(m.GetConfig()).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return RetryPolicy_RetryPriorityValidationError{
+					field:  "Config",
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	case *RetryPolicy_RetryPriority_TypedConfig:
+
+		if all {
+			switch v := interface{}(m.GetTypedConfig()).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, RetryPolicy_RetryPriorityValidationError{
+						field:  "TypedConfig",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, RetryPolicy_RetryPriorityValidationError{
+						field:  "TypedConfig",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(m.GetTypedConfig()).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return RetryPolicy_RetryPriorityValidationError{
+					field:  "TypedConfig",
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	}
+
+	if len(errors) > 0 {
+		return RetryPolicy_RetryPriorityMultiError(errors)
+	}
+	return nil
+}
+
+// RetryPolicy_RetryPriorityMultiError is an error wrapping multiple validation
+// errors returned by RetryPolicy_RetryPriority.ValidateAll() if the
+// designated constraints aren't met.
+type RetryPolicy_RetryPriorityMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m RetryPolicy_RetryPriorityMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m RetryPolicy_RetryPriorityMultiError) AllErrors() []error { return m }
+
+// RetryPolicy_RetryPriorityValidationError is the validation error returned by
+// RetryPolicy_RetryPriority.Validate if the designated constraints aren't met.
+type RetryPolicy_RetryPriorityValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e RetryPolicy_RetryPriorityValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e RetryPolicy_RetryPriorityValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e RetryPolicy_RetryPriorityValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e RetryPolicy_RetryPriorityValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e RetryPolicy_RetryPriorityValidationError) ErrorName() string {
+	return "RetryPolicy_RetryPriorityValidationError"
+}
+
+// Error satisfies the builtin error interface
+func (e RetryPolicy_RetryPriorityValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sRetryPolicy_RetryPriority.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = RetryPolicy_RetryPriorityValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = RetryPolicy_RetryPriorityValidationError{}
+
+// Validate checks the field values on RetryPolicy_RetryHostPredicate with the
+// rules defined in the proto definition for this message. If any rules are
+// violated, the first error encountered is returned, or nil if there are no violations.
+func (m *RetryPolicy_RetryHostPredicate) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on RetryPolicy_RetryHostPredicate with
+// the rules defined in the proto definition for this message. If any rules
+// are violated, the result is a list of violation errors wrapped in
+// RetryPolicy_RetryHostPredicateMultiError, or nil if none found.
+func (m *RetryPolicy_RetryHostPredicate) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *RetryPolicy_RetryHostPredicate) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	if len(m.GetName()) < 1 {
+		err := RetryPolicy_RetryHostPredicateValidationError{
+			field:  "Name",
+			reason: "value length must be at least 1 bytes",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+	}
+
+	switch m.ConfigType.(type) {
+
+	case *RetryPolicy_RetryHostPredicate_Config:
+
+		if all {
+			switch v := interface{}(m.GetConfig()).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, RetryPolicy_RetryHostPredicateValidationError{
+						field:  "Config",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, RetryPolicy_RetryHostPredicateValidationError{
+						field:  "Config",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(m.GetConfig()).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return RetryPolicy_RetryHostPredicateValidationError{
+					field:  "Config",
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	case *RetryPolicy_RetryHostPredicate_TypedConfig:
+
+		if all {
+			switch v := interface{}(m.GetTypedConfig()).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, RetryPolicy_RetryHostPredicateValidationError{
+						field:  "TypedConfig",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, RetryPolicy_RetryHostPredicateValidationError{
+						field:  "TypedConfig",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(m.GetTypedConfig()).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return RetryPolicy_RetryHostPredicateValidationError{
+					field:  "TypedConfig",
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	}
+
+	if len(errors) > 0 {
+		return RetryPolicy_RetryHostPredicateMultiError(errors)
+	}
+	return nil
+}
+
+// RetryPolicy_RetryHostPredicateMultiError is an error wrapping multiple
+// validation errors returned by RetryPolicy_RetryHostPredicate.ValidateAll()
+// if the designated constraints aren't met.
+type RetryPolicy_RetryHostPredicateMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m RetryPolicy_RetryHostPredicateMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m RetryPolicy_RetryHostPredicateMultiError) AllErrors() []error { return m }
+
+// RetryPolicy_RetryHostPredicateValidationError is the validation error
+// returned by RetryPolicy_RetryHostPredicate.Validate if the designated
+// constraints aren't met.
+type RetryPolicy_RetryHostPredicateValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e RetryPolicy_RetryHostPredicateValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e RetryPolicy_RetryHostPredicateValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e RetryPolicy_RetryHostPredicateValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e RetryPolicy_RetryHostPredicateValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e RetryPolicy_RetryHostPredicateValidationError) ErrorName() string {
+	return "RetryPolicy_RetryHostPredicateValidationError"
+}
+
+// Error satisfies the builtin error interface
+func (e RetryPolicy_RetryHostPredicateValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sRetryPolicy_RetryHostPredicate.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = RetryPolicy_RetryHostPredicateValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = RetryPolicy_RetryHostPredicateValidationError{}
+
+// Validate checks the field values on RetryPolicy_RetryBackOff with the rules
+// defined in the proto definition for this message. If any rules are
+// violated, the first error encountered is returned, or nil if there are no violations.
+func (m *RetryPolicy_RetryBackOff) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on RetryPolicy_RetryBackOff with the
+// rules defined in the proto definition for this message. If any rules are
+// violated, the result is a list of violation errors wrapped in
+// RetryPolicy_RetryBackOffMultiError, or nil if none found.
+func (m *RetryPolicy_RetryBackOff) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *RetryPolicy_RetryBackOff) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	if m.GetBaseInterval() == nil {
+		err := RetryPolicy_RetryBackOffValidationError{
+			field:  "BaseInterval",
+			reason: "value is required",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+	}
+
+	if d := m.GetBaseInterval(); d != nil {
+		dur, err := d.AsDuration(), d.CheckValid()
+		if err != nil {
+			err = RetryPolicy_RetryBackOffValidationError{
+				field:  "BaseInterval",
+				reason: "value is not a valid duration",
+				cause:  err,
+			}
+			if !all {
+				return err
+			}
+			errors = append(errors, err)
+		} else {
+
+			gt := time.Duration(0*time.Second + 0*time.Nanosecond)
+
+			if dur <= gt {
+				err := RetryPolicy_RetryBackOffValidationError{
+					field:  "BaseInterval",
+					reason: "value must be greater than 0s",
+				}
+				if !all {
+					return err
+				}
+				errors = append(errors, err)
+			}
+
+		}
+	}
+
+	if d := m.GetMaxInterval(); d != nil {
+		dur, err := d.AsDuration(), d.CheckValid()
+		if err != nil {
+			err = RetryPolicy_RetryBackOffValidationError{
+				field:  "MaxInterval",
+				reason: "value is not a valid duration",
+				cause:  err,
+			}
+			if !all {
+				return err
+			}
+			errors = append(errors, err)
+		} else {
+
+			gt := time.Duration(0*time.Second + 0*time.Nanosecond)
+
+			if dur <= gt {
+				err := RetryPolicy_RetryBackOffValidationError{
+					field:  "MaxInterval",
+					reason: "value must be greater than 0s",
+				}
+				if !all {
+					return err
+				}
+				errors = append(errors, err)
+			}
+
+		}
+	}
+
+	if len(errors) > 0 {
+		return RetryPolicy_RetryBackOffMultiError(errors)
+	}
+	return nil
+}
+
+// RetryPolicy_RetryBackOffMultiError is an error wrapping multiple validation
+// errors returned by RetryPolicy_RetryBackOff.ValidateAll() if the designated
+// constraints aren't met.
+type RetryPolicy_RetryBackOffMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m RetryPolicy_RetryBackOffMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m RetryPolicy_RetryBackOffMultiError) AllErrors() []error { return m }
+
+// RetryPolicy_RetryBackOffValidationError is the validation error returned by
+// RetryPolicy_RetryBackOff.Validate if the designated constraints aren't met.
+type RetryPolicy_RetryBackOffValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e RetryPolicy_RetryBackOffValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e RetryPolicy_RetryBackOffValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e RetryPolicy_RetryBackOffValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e RetryPolicy_RetryBackOffValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e RetryPolicy_RetryBackOffValidationError) ErrorName() string {
+	return "RetryPolicy_RetryBackOffValidationError"
+}
+
+// Error satisfies the builtin error interface
+func (e RetryPolicy_RetryBackOffValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sRetryPolicy_RetryBackOff.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = RetryPolicy_RetryBackOffValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = RetryPolicy_RetryBackOffValidationError{}
+
+// Validate checks the field values on RateLimit_Action with the rules defined
+// in the proto definition for this message. If any rules are violated, the
+// first error encountered is returned, or nil if there are no violations.
+func (m *RateLimit_Action) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on RateLimit_Action with the rules
+// defined in the proto definition for this message. If any rules are
+// violated, the result is a list of violation errors wrapped in
+// RateLimit_ActionMultiError, or nil if none found.
+func (m *RateLimit_Action) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *RateLimit_Action) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	switch m.ActionSpecifier.(type) {
+
+	case *RateLimit_Action_SourceCluster_:
+
+		if all {
+			switch v := interface{}(m.GetSourceCluster()).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, RateLimit_ActionValidationError{
+						field:  "SourceCluster",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, RateLimit_ActionValidationError{
+						field:  "SourceCluster",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(m.GetSourceCluster()).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return RateLimit_ActionValidationError{
+					field:  "SourceCluster",
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	case *RateLimit_Action_DestinationCluster_:
+
+		if all {
+			switch v := interface{}(m.GetDestinationCluster()).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, RateLimit_ActionValidationError{
+						field:  "DestinationCluster",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, RateLimit_ActionValidationError{
+						field:  "DestinationCluster",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(m.GetDestinationCluster()).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return RateLimit_ActionValidationError{
+					field:  "DestinationCluster",
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	case *RateLimit_Action_RequestHeaders_:
+
+		if all {
+			switch v := interface{}(m.GetRequestHeaders()).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, RateLimit_ActionValidationError{
+						field:  "RequestHeaders",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, RateLimit_ActionValidationError{
+						field:  "RequestHeaders",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(m.GetRequestHeaders()).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return RateLimit_ActionValidationError{
+					field:  "RequestHeaders",
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	case *RateLimit_Action_RemoteAddress_:
+
+		if all {
+			switch v := interface{}(m.GetRemoteAddress()).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, RateLimit_ActionValidationError{
+						field:  "RemoteAddress",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, RateLimit_ActionValidationError{
+						field:  "RemoteAddress",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(m.GetRemoteAddress()).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return RateLimit_ActionValidationError{
+					field:  "RemoteAddress",
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	case *RateLimit_Action_GenericKey_:
+
+		if all {
+			switch v := interface{}(m.GetGenericKey()).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, RateLimit_ActionValidationError{
+						field:  "GenericKey",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, RateLimit_ActionValidationError{
+						field:  "GenericKey",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(m.GetGenericKey()).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return RateLimit_ActionValidationError{
+					field:  "GenericKey",
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	case *RateLimit_Action_HeaderValueMatch_:
+
+		if all {
+			switch v := interface{}(m.GetHeaderValueMatch()).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, RateLimit_ActionValidationError{
+						field:  "HeaderValueMatch",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, RateLimit_ActionValidationError{
+						field:  "HeaderValueMatch",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(m.GetHeaderValueMatch()).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return RateLimit_ActionValidationError{
+					field:  "HeaderValueMatch",
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	default:
+		err := RateLimit_ActionValidationError{
+			field:  "ActionSpecifier",
+			reason: "value is required",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+
+	}
+
+	if len(errors) > 0 {
+		return RateLimit_ActionMultiError(errors)
+	}
+	return nil
+}
+
+// RateLimit_ActionMultiError is an error wrapping multiple validation errors
+// returned by RateLimit_Action.ValidateAll() if the designated constraints
+// aren't met.
+type RateLimit_ActionMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m RateLimit_ActionMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m RateLimit_ActionMultiError) AllErrors() []error { return m }
+
+// RateLimit_ActionValidationError is the validation error returned by
+// RateLimit_Action.Validate if the designated constraints aren't met.
+type RateLimit_ActionValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e RateLimit_ActionValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e RateLimit_ActionValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e RateLimit_ActionValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e RateLimit_ActionValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e RateLimit_ActionValidationError) ErrorName() string { return "RateLimit_ActionValidationError" }
+
+// Error satisfies the builtin error interface
+func (e RateLimit_ActionValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sRateLimit_Action.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = RateLimit_ActionValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = RateLimit_ActionValidationError{}
+
+// Validate checks the field values on RateLimit_Action_SourceCluster with the
+// rules defined in the proto definition for this message. If any rules are
+// violated, the first error encountered is returned, or nil if there are no violations.
+func (m *RateLimit_Action_SourceCluster) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on RateLimit_Action_SourceCluster with
+// the rules defined in the proto definition for this message. If any rules
+// are violated, the result is a list of violation errors wrapped in
+// RateLimit_Action_SourceClusterMultiError, or nil if none found.
+func (m *RateLimit_Action_SourceCluster) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *RateLimit_Action_SourceCluster) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	if len(errors) > 0 {
+		return RateLimit_Action_SourceClusterMultiError(errors)
+	}
+	return nil
+}
+
+// RateLimit_Action_SourceClusterMultiError is an error wrapping multiple
+// validation errors returned by RateLimit_Action_SourceCluster.ValidateAll()
+// if the designated constraints aren't met.
+type RateLimit_Action_SourceClusterMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m RateLimit_Action_SourceClusterMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m RateLimit_Action_SourceClusterMultiError) AllErrors() []error { return m }
+
+// RateLimit_Action_SourceClusterValidationError is the validation error
+// returned by RateLimit_Action_SourceCluster.Validate if the designated
+// constraints aren't met.
+type RateLimit_Action_SourceClusterValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e RateLimit_Action_SourceClusterValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e RateLimit_Action_SourceClusterValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e RateLimit_Action_SourceClusterValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e RateLimit_Action_SourceClusterValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e RateLimit_Action_SourceClusterValidationError) ErrorName() string {
+	return "RateLimit_Action_SourceClusterValidationError"
+}
+
+// Error satisfies the builtin error interface
+func (e RateLimit_Action_SourceClusterValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sRateLimit_Action_SourceCluster.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = RateLimit_Action_SourceClusterValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = RateLimit_Action_SourceClusterValidationError{}
+
+// Validate checks the field values on RateLimit_Action_DestinationCluster with
+// the rules defined in the proto definition for this message. If any rules
+// are violated, the first error encountered is returned, or nil if there are
+// no violations.
+func (m *RateLimit_Action_DestinationCluster) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on RateLimit_Action_DestinationCluster
+// with the rules defined in the proto definition for this message. If any
+// rules are violated, the result is a list of violation errors wrapped in
+// RateLimit_Action_DestinationClusterMultiError, or nil if none found.
+func (m *RateLimit_Action_DestinationCluster) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *RateLimit_Action_DestinationCluster) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	if len(errors) > 0 {
+		return RateLimit_Action_DestinationClusterMultiError(errors)
+	}
+	return nil
+}
+
+// RateLimit_Action_DestinationClusterMultiError is an error wrapping multiple
+// validation errors returned by
+// RateLimit_Action_DestinationCluster.ValidateAll() if the designated
+// constraints aren't met.
+type RateLimit_Action_DestinationClusterMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m RateLimit_Action_DestinationClusterMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m RateLimit_Action_DestinationClusterMultiError) AllErrors() []error { return m }
+
+// RateLimit_Action_DestinationClusterValidationError is the validation error
+// returned by RateLimit_Action_DestinationCluster.Validate if the designated
+// constraints aren't met.
+type RateLimit_Action_DestinationClusterValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e RateLimit_Action_DestinationClusterValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e RateLimit_Action_DestinationClusterValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e RateLimit_Action_DestinationClusterValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e RateLimit_Action_DestinationClusterValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e RateLimit_Action_DestinationClusterValidationError) ErrorName() string {
+	return "RateLimit_Action_DestinationClusterValidationError"
+}
+
+// Error satisfies the builtin error interface
+func (e RateLimit_Action_DestinationClusterValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sRateLimit_Action_DestinationCluster.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = RateLimit_Action_DestinationClusterValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = RateLimit_Action_DestinationClusterValidationError{}
+
+// Validate checks the field values on RateLimit_Action_RequestHeaders with the
+// rules defined in the proto definition for this message. If any rules are
+// violated, the first error encountered is returned, or nil if there are no violations.
+func (m *RateLimit_Action_RequestHeaders) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on RateLimit_Action_RequestHeaders with
+// the rules defined in the proto definition for this message. If any rules
+// are violated, the result is a list of violation errors wrapped in
+// RateLimit_Action_RequestHeadersMultiError, or nil if none found.
+func (m *RateLimit_Action_RequestHeaders) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *RateLimit_Action_RequestHeaders) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	if len(m.GetHeaderName()) < 1 {
+		err := RateLimit_Action_RequestHeadersValidationError{
+			field:  "HeaderName",
+			reason: "value length must be at least 1 bytes",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+	}
+
+	if !_RateLimit_Action_RequestHeaders_HeaderName_Pattern.MatchString(m.GetHeaderName()) {
+		err := RateLimit_Action_RequestHeadersValidationError{
+			field:  "HeaderName",
+			reason: "value does not match regex pattern \"^[^\\x00\\n\\r]*$\"",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+	}
+
+	if len(m.GetDescriptorKey()) < 1 {
+		err := RateLimit_Action_RequestHeadersValidationError{
+			field:  "DescriptorKey",
+			reason: "value length must be at least 1 bytes",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+	}
+
+	if len(errors) > 0 {
+		return RateLimit_Action_RequestHeadersMultiError(errors)
+	}
+	return nil
+}
+
+// RateLimit_Action_RequestHeadersMultiError is an error wrapping multiple
+// validation errors returned by RateLimit_Action_RequestHeaders.ValidateAll()
+// if the designated constraints aren't met.
+type RateLimit_Action_RequestHeadersMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m RateLimit_Action_RequestHeadersMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m RateLimit_Action_RequestHeadersMultiError) AllErrors() []error { return m }
+
+// RateLimit_Action_RequestHeadersValidationError is the validation error
+// returned by RateLimit_Action_RequestHeaders.Validate if the designated
+// constraints aren't met.
+type RateLimit_Action_RequestHeadersValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e RateLimit_Action_RequestHeadersValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e RateLimit_Action_RequestHeadersValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e RateLimit_Action_RequestHeadersValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e RateLimit_Action_RequestHeadersValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e RateLimit_Action_RequestHeadersValidationError) ErrorName() string {
+	return "RateLimit_Action_RequestHeadersValidationError"
+}
+
+// Error satisfies the builtin error interface
+func (e RateLimit_Action_RequestHeadersValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sRateLimit_Action_RequestHeaders.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = RateLimit_Action_RequestHeadersValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = RateLimit_Action_RequestHeadersValidationError{}
+
+var _RateLimit_Action_RequestHeaders_HeaderName_Pattern = regexp.MustCompile("^[^\x00\n\r]*$")
+
+// Validate checks the field values on RateLimit_Action_RemoteAddress with the
+// rules defined in the proto definition for this message. If any rules are
+// violated, the first error encountered is returned, or nil if there are no violations.
+func (m *RateLimit_Action_RemoteAddress) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on RateLimit_Action_RemoteAddress with
+// the rules defined in the proto definition for this message. If any rules
+// are violated, the result is a list of violation errors wrapped in
+// RateLimit_Action_RemoteAddressMultiError, or nil if none found.
+func (m *RateLimit_Action_RemoteAddress) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *RateLimit_Action_RemoteAddress) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	if len(errors) > 0 {
+		return RateLimit_Action_RemoteAddressMultiError(errors)
+	}
+	return nil
+}
+
+// RateLimit_Action_RemoteAddressMultiError is an error wrapping multiple
+// validation errors returned by RateLimit_Action_RemoteAddress.ValidateAll()
+// if the designated constraints aren't met.
+type RateLimit_Action_RemoteAddressMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m RateLimit_Action_RemoteAddressMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m RateLimit_Action_RemoteAddressMultiError) AllErrors() []error { return m }
+
+// RateLimit_Action_RemoteAddressValidationError is the validation error
+// returned by RateLimit_Action_RemoteAddress.Validate if the designated
+// constraints aren't met.
+type RateLimit_Action_RemoteAddressValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e RateLimit_Action_RemoteAddressValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e RateLimit_Action_RemoteAddressValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e RateLimit_Action_RemoteAddressValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e RateLimit_Action_RemoteAddressValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e RateLimit_Action_RemoteAddressValidationError) ErrorName() string {
+	return "RateLimit_Action_RemoteAddressValidationError"
+}
+
+// Error satisfies the builtin error interface
+func (e RateLimit_Action_RemoteAddressValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sRateLimit_Action_RemoteAddress.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = RateLimit_Action_RemoteAddressValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = RateLimit_Action_RemoteAddressValidationError{}
+
+// Validate checks the field values on RateLimit_Action_GenericKey with the
+// rules defined in the proto definition for this message. If any rules are
+// violated, the first error encountered is returned, or nil if there are no violations.
+func (m *RateLimit_Action_GenericKey) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on RateLimit_Action_GenericKey with the
+// rules defined in the proto definition for this message. If any rules are
+// violated, the result is a list of violation errors wrapped in
+// RateLimit_Action_GenericKeyMultiError, or nil if none found.
+func (m *RateLimit_Action_GenericKey) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *RateLimit_Action_GenericKey) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	if len(m.GetDescriptorValue()) < 1 {
+		err := RateLimit_Action_GenericKeyValidationError{
+			field:  "DescriptorValue",
+			reason: "value length must be at least 1 bytes",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+	}
+
+	if len(errors) > 0 {
+		return RateLimit_Action_GenericKeyMultiError(errors)
+	}
+	return nil
+}
+
+// RateLimit_Action_GenericKeyMultiError is an error wrapping multiple
+// validation errors returned by RateLimit_Action_GenericKey.ValidateAll() if
+// the designated constraints aren't met.
+type RateLimit_Action_GenericKeyMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m RateLimit_Action_GenericKeyMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m RateLimit_Action_GenericKeyMultiError) AllErrors() []error { return m }
+
+// RateLimit_Action_GenericKeyValidationError is the validation error returned
+// by RateLimit_Action_GenericKey.Validate if the designated constraints
+// aren't met.
+type RateLimit_Action_GenericKeyValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e RateLimit_Action_GenericKeyValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e RateLimit_Action_GenericKeyValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e RateLimit_Action_GenericKeyValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e RateLimit_Action_GenericKeyValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e RateLimit_Action_GenericKeyValidationError) ErrorName() string {
+	return "RateLimit_Action_GenericKeyValidationError"
+}
+
+// Error satisfies the builtin error interface
+func (e RateLimit_Action_GenericKeyValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sRateLimit_Action_GenericKey.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = RateLimit_Action_GenericKeyValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = RateLimit_Action_GenericKeyValidationError{}
+
+// Validate checks the field values on RateLimit_Action_HeaderValueMatch with
+// the rules defined in the proto definition for this message. If any rules
+// are violated, the first error encountered is returned, or nil if there are
+// no violations.
+func (m *RateLimit_Action_HeaderValueMatch) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on RateLimit_Action_HeaderValueMatch
+// with the rules defined in the proto definition for this message. If any
+// rules are violated, the result is a list of violation errors wrapped in
+// RateLimit_Action_HeaderValueMatchMultiError, or nil if none found.
+func (m *RateLimit_Action_HeaderValueMatch) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *RateLimit_Action_HeaderValueMatch) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	if len(m.GetDescriptorValue()) < 1 {
+		err := RateLimit_Action_HeaderValueMatchValidationError{
+			field:  "DescriptorValue",
+			reason: "value length must be at least 1 bytes",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+	}
+
+	if all {
+		switch v := interface{}(m.GetExpectMatch()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, RateLimit_Action_HeaderValueMatchValidationError{
+					field:  "ExpectMatch",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, RateLimit_Action_HeaderValueMatchValidationError{
+					field:  "ExpectMatch",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetExpectMatch()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return RateLimit_Action_HeaderValueMatchValidationError{
+				field:  "ExpectMatch",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if len(m.GetHeaders()) < 1 {
+		err := RateLimit_Action_HeaderValueMatchValidationError{
+			field:  "Headers",
+			reason: "value must contain at least 1 item(s)",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+	}
+
+	for idx, item := range m.GetHeaders() {
+		_, _ = idx, item
+
+		if all {
+			switch v := interface{}(item).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, RateLimit_Action_HeaderValueMatchValidationError{
+						field:  fmt.Sprintf("Headers[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, RateLimit_Action_HeaderValueMatchValidationError{
+						field:  fmt.Sprintf("Headers[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(item).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return RateLimit_Action_HeaderValueMatchValidationError{
+					field:  fmt.Sprintf("Headers[%v]", idx),
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	}
+
+	if len(errors) > 0 {
+		return RateLimit_Action_HeaderValueMatchMultiError(errors)
+	}
+	return nil
+}
+
+// RateLimit_Action_HeaderValueMatchMultiError is an error wrapping multiple
+// validation errors returned by
+// RateLimit_Action_HeaderValueMatch.ValidateAll() if the designated
+// constraints aren't met.
+type RateLimit_Action_HeaderValueMatchMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m RateLimit_Action_HeaderValueMatchMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m RateLimit_Action_HeaderValueMatchMultiError) AllErrors() []error { return m }
+
+// RateLimit_Action_HeaderValueMatchValidationError is the validation error
+// returned by RateLimit_Action_HeaderValueMatch.Validate if the designated
+// constraints aren't met.
+type RateLimit_Action_HeaderValueMatchValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e RateLimit_Action_HeaderValueMatchValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e RateLimit_Action_HeaderValueMatchValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e RateLimit_Action_HeaderValueMatchValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e RateLimit_Action_HeaderValueMatchValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e RateLimit_Action_HeaderValueMatchValidationError) ErrorName() string {
+	return "RateLimit_Action_HeaderValueMatchValidationError"
+}
+
+// Error satisfies the builtin error interface
+func (e RateLimit_Action_HeaderValueMatchValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sRateLimit_Action_HeaderValueMatch.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = RateLimit_Action_HeaderValueMatchValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = RateLimit_Action_HeaderValueMatchValidationError{}
diff --git a/vendor/github.com/envoyproxy/go-control-plane/envoy/api/v2/scoped_route.pb.go b/vendor/github.com/envoyproxy/go-control-plane/envoy/api/v2/scoped_route.pb.go
new file mode 100644
index 00000000000..a26f7d16493
--- /dev/null
+++ b/vendor/github.com/envoyproxy/go-control-plane/envoy/api/v2/scoped_route.pb.go
@@ -0,0 +1,414 @@
+// Code generated by protoc-gen-go. DO NOT EDIT.
+// versions:
+// 	protoc-gen-go v1.25.0
+// 	protoc        v3.19.1
+// source: envoy/api/v2/scoped_route.proto
+
+package envoy_api_v2
+
+import (
+	_ "github.com/cncf/xds/go/udpa/annotations"
+	_ "github.com/envoyproxy/protoc-gen-validate/validate"
+	proto "github.com/golang/protobuf/proto"
+	protoreflect "google.golang.org/protobuf/reflect/protoreflect"
+	protoimpl "google.golang.org/protobuf/runtime/protoimpl"
+	reflect "reflect"
+	sync "sync"
+)
+
+const (
+	// Verify that this generated code is sufficiently up-to-date.
+	_ = protoimpl.EnforceVersion(20 - protoimpl.MinVersion)
+	// Verify that runtime/protoimpl is sufficiently up-to-date.
+	_ = protoimpl.EnforceVersion(protoimpl.MaxVersion - 20)
+)
+
+// This is a compile-time assertion that a sufficiently up-to-date version
+// of the legacy proto package is being used.
+const _ = proto.ProtoPackageIsVersion4
+
+// Specifies a routing scope, which associates a
+// :ref:`Key<envoy_api_msg_ScopedRouteConfiguration.Key>` to a
+// :ref:`envoy_api_msg_RouteConfiguration` (identified by its resource name).
+//
+// The HTTP connection manager builds up a table consisting of these Key to
+// RouteConfiguration mappings, and looks up the RouteConfiguration to use per
+// request according to the algorithm specified in the
+// :ref:`scope_key_builder<envoy_api_field_config.filter.network.http_connection_manager.v2.ScopedRoutes.scope_key_builder>`
+// assigned to the HttpConnectionManager.
+//
+// For example, with the following configurations (in YAML):
+//
+// HttpConnectionManager config:
+//
+// .. code::
+//
+//   ...
+//   scoped_routes:
+//     name: foo-scoped-routes
+//     scope_key_builder:
+//       fragments:
+//         - header_value_extractor:
+//             name: X-Route-Selector
+//             element_separator: ,
+//             element:
+//               separator: =
+//               key: vip
+//
+// ScopedRouteConfiguration resources (specified statically via
+// :ref:`scoped_route_configurations_list<envoy_api_field_config.filter.network.http_connection_manager.v2.ScopedRoutes.scoped_route_configurations_list>`
+// or obtained dynamically via SRDS):
+//
+// .. code::
+//
+//  (1)
+//   name: route-scope1
+//   route_configuration_name: route-config1
+//   key:
+//      fragments:
+//        - string_key: 172.10.10.20
+//
+//  (2)
+//   name: route-scope2
+//   route_configuration_name: route-config2
+//   key:
+//     fragments:
+//       - string_key: 172.20.20.30
+//
+// A request from a client such as:
+//
+// .. code::
+//
+//     GET / HTTP/1.1
+//     Host: foo.com
+//     X-Route-Selector: vip=172.10.10.20
+//
+// would result in the routing table defined by the `route-config1`
+// RouteConfiguration being assigned to the HTTP request/stream.
+//
+type ScopedRouteConfiguration struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// The name assigned to the routing scope.
+	Name string `protobuf:"bytes,1,opt,name=name,proto3" json:"name,omitempty"`
+	// The resource name to use for a :ref:`envoy_api_msg_DiscoveryRequest` to an
+	// RDS server to fetch the :ref:`envoy_api_msg_RouteConfiguration` associated
+	// with this scope.
+	RouteConfigurationName string `protobuf:"bytes,2,opt,name=route_configuration_name,json=routeConfigurationName,proto3" json:"route_configuration_name,omitempty"`
+	// The key to match against.
+	Key *ScopedRouteConfiguration_Key `protobuf:"bytes,3,opt,name=key,proto3" json:"key,omitempty"`
+}
+
+func (x *ScopedRouteConfiguration) Reset() {
+	*x = ScopedRouteConfiguration{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_api_v2_scoped_route_proto_msgTypes[0]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *ScopedRouteConfiguration) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*ScopedRouteConfiguration) ProtoMessage() {}
+
+func (x *ScopedRouteConfiguration) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_api_v2_scoped_route_proto_msgTypes[0]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use ScopedRouteConfiguration.ProtoReflect.Descriptor instead.
+func (*ScopedRouteConfiguration) Descriptor() ([]byte, []int) {
+	return file_envoy_api_v2_scoped_route_proto_rawDescGZIP(), []int{0}
+}
+
+func (x *ScopedRouteConfiguration) GetName() string {
+	if x != nil {
+		return x.Name
+	}
+	return ""
+}
+
+func (x *ScopedRouteConfiguration) GetRouteConfigurationName() string {
+	if x != nil {
+		return x.RouteConfigurationName
+	}
+	return ""
+}
+
+func (x *ScopedRouteConfiguration) GetKey() *ScopedRouteConfiguration_Key {
+	if x != nil {
+		return x.Key
+	}
+	return nil
+}
+
+// Specifies a key which is matched against the output of the
+// :ref:`scope_key_builder<envoy_api_field_config.filter.network.http_connection_manager.v2.ScopedRoutes.scope_key_builder>`
+// specified in the HttpConnectionManager. The matching is done per HTTP
+// request and is dependent on the order of the fragments contained in the
+// Key.
+type ScopedRouteConfiguration_Key struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// The ordered set of fragments to match against. The order must match the
+	// fragments in the corresponding
+	// :ref:`scope_key_builder<envoy_api_field_config.filter.network.http_connection_manager.v2.ScopedRoutes.scope_key_builder>`.
+	Fragments []*ScopedRouteConfiguration_Key_Fragment `protobuf:"bytes,1,rep,name=fragments,proto3" json:"fragments,omitempty"`
+}
+
+func (x *ScopedRouteConfiguration_Key) Reset() {
+	*x = ScopedRouteConfiguration_Key{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_api_v2_scoped_route_proto_msgTypes[1]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *ScopedRouteConfiguration_Key) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*ScopedRouteConfiguration_Key) ProtoMessage() {}
+
+func (x *ScopedRouteConfiguration_Key) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_api_v2_scoped_route_proto_msgTypes[1]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use ScopedRouteConfiguration_Key.ProtoReflect.Descriptor instead.
+func (*ScopedRouteConfiguration_Key) Descriptor() ([]byte, []int) {
+	return file_envoy_api_v2_scoped_route_proto_rawDescGZIP(), []int{0, 0}
+}
+
+func (x *ScopedRouteConfiguration_Key) GetFragments() []*ScopedRouteConfiguration_Key_Fragment {
+	if x != nil {
+		return x.Fragments
+	}
+	return nil
+}
+
+type ScopedRouteConfiguration_Key_Fragment struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// Types that are assignable to Type:
+	//	*ScopedRouteConfiguration_Key_Fragment_StringKey
+	Type isScopedRouteConfiguration_Key_Fragment_Type `protobuf_oneof:"type"`
+}
+
+func (x *ScopedRouteConfiguration_Key_Fragment) Reset() {
+	*x = ScopedRouteConfiguration_Key_Fragment{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_api_v2_scoped_route_proto_msgTypes[2]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *ScopedRouteConfiguration_Key_Fragment) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*ScopedRouteConfiguration_Key_Fragment) ProtoMessage() {}
+
+func (x *ScopedRouteConfiguration_Key_Fragment) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_api_v2_scoped_route_proto_msgTypes[2]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use ScopedRouteConfiguration_Key_Fragment.ProtoReflect.Descriptor instead.
+func (*ScopedRouteConfiguration_Key_Fragment) Descriptor() ([]byte, []int) {
+	return file_envoy_api_v2_scoped_route_proto_rawDescGZIP(), []int{0, 0, 0}
+}
+
+func (m *ScopedRouteConfiguration_Key_Fragment) GetType() isScopedRouteConfiguration_Key_Fragment_Type {
+	if m != nil {
+		return m.Type
+	}
+	return nil
+}
+
+func (x *ScopedRouteConfiguration_Key_Fragment) GetStringKey() string {
+	if x, ok := x.GetType().(*ScopedRouteConfiguration_Key_Fragment_StringKey); ok {
+		return x.StringKey
+	}
+	return ""
+}
+
+type isScopedRouteConfiguration_Key_Fragment_Type interface {
+	isScopedRouteConfiguration_Key_Fragment_Type()
+}
+
+type ScopedRouteConfiguration_Key_Fragment_StringKey struct {
+	// A string to match against.
+	StringKey string `protobuf:"bytes,1,opt,name=string_key,json=stringKey,proto3,oneof"`
+}
+
+func (*ScopedRouteConfiguration_Key_Fragment_StringKey) isScopedRouteConfiguration_Key_Fragment_Type() {
+}
+
+var File_envoy_api_v2_scoped_route_proto protoreflect.FileDescriptor
+
+var file_envoy_api_v2_scoped_route_proto_rawDesc = []byte{
+	0x0a, 0x1f, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2f, 0x61, 0x70, 0x69, 0x2f, 0x76, 0x32, 0x2f, 0x73,
+	0x63, 0x6f, 0x70, 0x65, 0x64, 0x5f, 0x72, 0x6f, 0x75, 0x74, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74,
+	0x6f, 0x12, 0x0c, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x76, 0x32, 0x1a,
+	0x1e, 0x75, 0x64, 0x70, 0x61, 0x2f, 0x61, 0x6e, 0x6e, 0x6f, 0x74, 0x61, 0x74, 0x69, 0x6f, 0x6e,
+	0x73, 0x2f, 0x6d, 0x69, 0x67, 0x72, 0x61, 0x74, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a,
+	0x1d, 0x75, 0x64, 0x70, 0x61, 0x2f, 0x61, 0x6e, 0x6e, 0x6f, 0x74, 0x61, 0x74, 0x69, 0x6f, 0x6e,
+	0x73, 0x2f, 0x73, 0x74, 0x61, 0x74, 0x75, 0x73, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x17,
+	0x76, 0x61, 0x6c, 0x69, 0x64, 0x61, 0x74, 0x65, 0x2f, 0x76, 0x61, 0x6c, 0x69, 0x64, 0x61, 0x74,
+	0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x22, 0xe1, 0x02, 0x0a, 0x18, 0x53, 0x63, 0x6f, 0x70,
+	0x65, 0x64, 0x52, 0x6f, 0x75, 0x74, 0x65, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x75, 0x72, 0x61,
+	0x74, 0x69, 0x6f, 0x6e, 0x12, 0x1b, 0x0a, 0x04, 0x6e, 0x61, 0x6d, 0x65, 0x18, 0x01, 0x20, 0x01,
+	0x28, 0x09, 0x42, 0x07, 0xfa, 0x42, 0x04, 0x72, 0x02, 0x20, 0x01, 0x52, 0x04, 0x6e, 0x61, 0x6d,
+	0x65, 0x12, 0x41, 0x0a, 0x18, 0x72, 0x6f, 0x75, 0x74, 0x65, 0x5f, 0x63, 0x6f, 0x6e, 0x66, 0x69,
+	0x67, 0x75, 0x72, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x5f, 0x6e, 0x61, 0x6d, 0x65, 0x18, 0x02, 0x20,
+	0x01, 0x28, 0x09, 0x42, 0x07, 0xfa, 0x42, 0x04, 0x72, 0x02, 0x20, 0x01, 0x52, 0x16, 0x72, 0x6f,
+	0x75, 0x74, 0x65, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x75, 0x72, 0x61, 0x74, 0x69, 0x6f, 0x6e,
+	0x4e, 0x61, 0x6d, 0x65, 0x12, 0x46, 0x0a, 0x03, 0x6b, 0x65, 0x79, 0x18, 0x03, 0x20, 0x01, 0x28,
+	0x0b, 0x32, 0x2a, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x76, 0x32,
+	0x2e, 0x53, 0x63, 0x6f, 0x70, 0x65, 0x64, 0x52, 0x6f, 0x75, 0x74, 0x65, 0x43, 0x6f, 0x6e, 0x66,
+	0x69, 0x67, 0x75, 0x72, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x2e, 0x4b, 0x65, 0x79, 0x42, 0x08, 0xfa,
+	0x42, 0x05, 0x8a, 0x01, 0x02, 0x10, 0x01, 0x52, 0x03, 0x6b, 0x65, 0x79, 0x1a, 0x9c, 0x01, 0x0a,
+	0x03, 0x4b, 0x65, 0x79, 0x12, 0x5b, 0x0a, 0x09, 0x66, 0x72, 0x61, 0x67, 0x6d, 0x65, 0x6e, 0x74,
+	0x73, 0x18, 0x01, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x33, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e,
+	0x61, 0x70, 0x69, 0x2e, 0x76, 0x32, 0x2e, 0x53, 0x63, 0x6f, 0x70, 0x65, 0x64, 0x52, 0x6f, 0x75,
+	0x74, 0x65, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x75, 0x72, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x2e,
+	0x4b, 0x65, 0x79, 0x2e, 0x46, 0x72, 0x61, 0x67, 0x6d, 0x65, 0x6e, 0x74, 0x42, 0x08, 0xfa, 0x42,
+	0x05, 0x92, 0x01, 0x02, 0x08, 0x01, 0x52, 0x09, 0x66, 0x72, 0x61, 0x67, 0x6d, 0x65, 0x6e, 0x74,
+	0x73, 0x1a, 0x38, 0x0a, 0x08, 0x46, 0x72, 0x61, 0x67, 0x6d, 0x65, 0x6e, 0x74, 0x12, 0x1f, 0x0a,
+	0x0a, 0x73, 0x74, 0x72, 0x69, 0x6e, 0x67, 0x5f, 0x6b, 0x65, 0x79, 0x18, 0x01, 0x20, 0x01, 0x28,
+	0x09, 0x48, 0x00, 0x52, 0x09, 0x73, 0x74, 0x72, 0x69, 0x6e, 0x67, 0x4b, 0x65, 0x79, 0x42, 0x0b,
+	0x0a, 0x04, 0x74, 0x79, 0x70, 0x65, 0x12, 0x03, 0xf8, 0x42, 0x01, 0x42, 0x55, 0x0a, 0x1a, 0x69,
+	0x6f, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x70, 0x72, 0x6f, 0x78, 0x79, 0x2e, 0x65, 0x6e, 0x76,
+	0x6f, 0x79, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x76, 0x32, 0x42, 0x10, 0x53, 0x63, 0x6f, 0x70, 0x65,
+	0x64, 0x52, 0x6f, 0x75, 0x74, 0x65, 0x50, 0x72, 0x6f, 0x74, 0x6f, 0x50, 0x01, 0xf2, 0x98, 0xfe,
+	0x8f, 0x05, 0x17, 0x12, 0x15, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69,
+	0x67, 0x2e, 0x72, 0x6f, 0x75, 0x74, 0x65, 0x2e, 0x76, 0x33, 0xba, 0x80, 0xc8, 0xd1, 0x06, 0x02,
+	0x10, 0x01, 0x62, 0x06, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x33,
+}
+
+var (
+	file_envoy_api_v2_scoped_route_proto_rawDescOnce sync.Once
+	file_envoy_api_v2_scoped_route_proto_rawDescData = file_envoy_api_v2_scoped_route_proto_rawDesc
+)
+
+func file_envoy_api_v2_scoped_route_proto_rawDescGZIP() []byte {
+	file_envoy_api_v2_scoped_route_proto_rawDescOnce.Do(func() {
+		file_envoy_api_v2_scoped_route_proto_rawDescData = protoimpl.X.CompressGZIP(file_envoy_api_v2_scoped_route_proto_rawDescData)
+	})
+	return file_envoy_api_v2_scoped_route_proto_rawDescData
+}
+
+var file_envoy_api_v2_scoped_route_proto_msgTypes = make([]protoimpl.MessageInfo, 3)
+var file_envoy_api_v2_scoped_route_proto_goTypes = []interface{}{
+	(*ScopedRouteConfiguration)(nil),              // 0: envoy.api.v2.ScopedRouteConfiguration
+	(*ScopedRouteConfiguration_Key)(nil),          // 1: envoy.api.v2.ScopedRouteConfiguration.Key
+	(*ScopedRouteConfiguration_Key_Fragment)(nil), // 2: envoy.api.v2.ScopedRouteConfiguration.Key.Fragment
+}
+var file_envoy_api_v2_scoped_route_proto_depIdxs = []int32{
+	1, // 0: envoy.api.v2.ScopedRouteConfiguration.key:type_name -> envoy.api.v2.ScopedRouteConfiguration.Key
+	2, // 1: envoy.api.v2.ScopedRouteConfiguration.Key.fragments:type_name -> envoy.api.v2.ScopedRouteConfiguration.Key.Fragment
+	2, // [2:2] is the sub-list for method output_type
+	2, // [2:2] is the sub-list for method input_type
+	2, // [2:2] is the sub-list for extension type_name
+	2, // [2:2] is the sub-list for extension extendee
+	0, // [0:2] is the sub-list for field type_name
+}
+
+func init() { file_envoy_api_v2_scoped_route_proto_init() }
+func file_envoy_api_v2_scoped_route_proto_init() {
+	if File_envoy_api_v2_scoped_route_proto != nil {
+		return
+	}
+	if !protoimpl.UnsafeEnabled {
+		file_envoy_api_v2_scoped_route_proto_msgTypes[0].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*ScopedRouteConfiguration); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_api_v2_scoped_route_proto_msgTypes[1].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*ScopedRouteConfiguration_Key); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_api_v2_scoped_route_proto_msgTypes[2].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*ScopedRouteConfiguration_Key_Fragment); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+	}
+	file_envoy_api_v2_scoped_route_proto_msgTypes[2].OneofWrappers = []interface{}{
+		(*ScopedRouteConfiguration_Key_Fragment_StringKey)(nil),
+	}
+	type x struct{}
+	out := protoimpl.TypeBuilder{
+		File: protoimpl.DescBuilder{
+			GoPackagePath: reflect.TypeOf(x{}).PkgPath(),
+			RawDescriptor: file_envoy_api_v2_scoped_route_proto_rawDesc,
+			NumEnums:      0,
+			NumMessages:   3,
+			NumExtensions: 0,
+			NumServices:   0,
+		},
+		GoTypes:           file_envoy_api_v2_scoped_route_proto_goTypes,
+		DependencyIndexes: file_envoy_api_v2_scoped_route_proto_depIdxs,
+		MessageInfos:      file_envoy_api_v2_scoped_route_proto_msgTypes,
+	}.Build()
+	File_envoy_api_v2_scoped_route_proto = out.File
+	file_envoy_api_v2_scoped_route_proto_rawDesc = nil
+	file_envoy_api_v2_scoped_route_proto_goTypes = nil
+	file_envoy_api_v2_scoped_route_proto_depIdxs = nil
+}
diff --git a/vendor/github.com/envoyproxy/go-control-plane/envoy/api/v2/scoped_route.pb.validate.go b/vendor/github.com/envoyproxy/go-control-plane/envoy/api/v2/scoped_route.pb.validate.go
new file mode 100644
index 00000000000..e7124085e0b
--- /dev/null
+++ b/vendor/github.com/envoyproxy/go-control-plane/envoy/api/v2/scoped_route.pb.validate.go
@@ -0,0 +1,467 @@
+// Code generated by protoc-gen-validate. DO NOT EDIT.
+// source: envoy/api/v2/scoped_route.proto
+
+package envoy_api_v2
+
+import (
+	"bytes"
+	"errors"
+	"fmt"
+	"net"
+	"net/mail"
+	"net/url"
+	"regexp"
+	"sort"
+	"strings"
+	"time"
+	"unicode/utf8"
+
+	"google.golang.org/protobuf/types/known/anypb"
+)
+
+// ensure the imports are used
+var (
+	_ = bytes.MinRead
+	_ = errors.New("")
+	_ = fmt.Print
+	_ = utf8.UTFMax
+	_ = (*regexp.Regexp)(nil)
+	_ = (*strings.Reader)(nil)
+	_ = net.IPv4len
+	_ = time.Duration(0)
+	_ = (*url.URL)(nil)
+	_ = (*mail.Address)(nil)
+	_ = anypb.Any{}
+	_ = sort.Sort
+)
+
+// Validate checks the field values on ScopedRouteConfiguration with the rules
+// defined in the proto definition for this message. If any rules are
+// violated, the first error encountered is returned, or nil if there are no violations.
+func (m *ScopedRouteConfiguration) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on ScopedRouteConfiguration with the
+// rules defined in the proto definition for this message. If any rules are
+// violated, the result is a list of violation errors wrapped in
+// ScopedRouteConfigurationMultiError, or nil if none found.
+func (m *ScopedRouteConfiguration) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *ScopedRouteConfiguration) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	if len(m.GetName()) < 1 {
+		err := ScopedRouteConfigurationValidationError{
+			field:  "Name",
+			reason: "value length must be at least 1 bytes",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+	}
+
+	if len(m.GetRouteConfigurationName()) < 1 {
+		err := ScopedRouteConfigurationValidationError{
+			field:  "RouteConfigurationName",
+			reason: "value length must be at least 1 bytes",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+	}
+
+	if m.GetKey() == nil {
+		err := ScopedRouteConfigurationValidationError{
+			field:  "Key",
+			reason: "value is required",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+	}
+
+	if all {
+		switch v := interface{}(m.GetKey()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, ScopedRouteConfigurationValidationError{
+					field:  "Key",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, ScopedRouteConfigurationValidationError{
+					field:  "Key",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetKey()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return ScopedRouteConfigurationValidationError{
+				field:  "Key",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if len(errors) > 0 {
+		return ScopedRouteConfigurationMultiError(errors)
+	}
+	return nil
+}
+
+// ScopedRouteConfigurationMultiError is an error wrapping multiple validation
+// errors returned by ScopedRouteConfiguration.ValidateAll() if the designated
+// constraints aren't met.
+type ScopedRouteConfigurationMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m ScopedRouteConfigurationMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m ScopedRouteConfigurationMultiError) AllErrors() []error { return m }
+
+// ScopedRouteConfigurationValidationError is the validation error returned by
+// ScopedRouteConfiguration.Validate if the designated constraints aren't met.
+type ScopedRouteConfigurationValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e ScopedRouteConfigurationValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e ScopedRouteConfigurationValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e ScopedRouteConfigurationValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e ScopedRouteConfigurationValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e ScopedRouteConfigurationValidationError) ErrorName() string {
+	return "ScopedRouteConfigurationValidationError"
+}
+
+// Error satisfies the builtin error interface
+func (e ScopedRouteConfigurationValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sScopedRouteConfiguration.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = ScopedRouteConfigurationValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = ScopedRouteConfigurationValidationError{}
+
+// Validate checks the field values on ScopedRouteConfiguration_Key with the
+// rules defined in the proto definition for this message. If any rules are
+// violated, the first error encountered is returned, or nil if there are no violations.
+func (m *ScopedRouteConfiguration_Key) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on ScopedRouteConfiguration_Key with the
+// rules defined in the proto definition for this message. If any rules are
+// violated, the result is a list of violation errors wrapped in
+// ScopedRouteConfiguration_KeyMultiError, or nil if none found.
+func (m *ScopedRouteConfiguration_Key) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *ScopedRouteConfiguration_Key) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	if len(m.GetFragments()) < 1 {
+		err := ScopedRouteConfiguration_KeyValidationError{
+			field:  "Fragments",
+			reason: "value must contain at least 1 item(s)",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+	}
+
+	for idx, item := range m.GetFragments() {
+		_, _ = idx, item
+
+		if all {
+			switch v := interface{}(item).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, ScopedRouteConfiguration_KeyValidationError{
+						field:  fmt.Sprintf("Fragments[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, ScopedRouteConfiguration_KeyValidationError{
+						field:  fmt.Sprintf("Fragments[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(item).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return ScopedRouteConfiguration_KeyValidationError{
+					field:  fmt.Sprintf("Fragments[%v]", idx),
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	}
+
+	if len(errors) > 0 {
+		return ScopedRouteConfiguration_KeyMultiError(errors)
+	}
+	return nil
+}
+
+// ScopedRouteConfiguration_KeyMultiError is an error wrapping multiple
+// validation errors returned by ScopedRouteConfiguration_Key.ValidateAll() if
+// the designated constraints aren't met.
+type ScopedRouteConfiguration_KeyMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m ScopedRouteConfiguration_KeyMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m ScopedRouteConfiguration_KeyMultiError) AllErrors() []error { return m }
+
+// ScopedRouteConfiguration_KeyValidationError is the validation error returned
+// by ScopedRouteConfiguration_Key.Validate if the designated constraints
+// aren't met.
+type ScopedRouteConfiguration_KeyValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e ScopedRouteConfiguration_KeyValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e ScopedRouteConfiguration_KeyValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e ScopedRouteConfiguration_KeyValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e ScopedRouteConfiguration_KeyValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e ScopedRouteConfiguration_KeyValidationError) ErrorName() string {
+	return "ScopedRouteConfiguration_KeyValidationError"
+}
+
+// Error satisfies the builtin error interface
+func (e ScopedRouteConfiguration_KeyValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sScopedRouteConfiguration_Key.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = ScopedRouteConfiguration_KeyValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = ScopedRouteConfiguration_KeyValidationError{}
+
+// Validate checks the field values on ScopedRouteConfiguration_Key_Fragment
+// with the rules defined in the proto definition for this message. If any
+// rules are violated, the first error encountered is returned, or nil if
+// there are no violations.
+func (m *ScopedRouteConfiguration_Key_Fragment) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on ScopedRouteConfiguration_Key_Fragment
+// with the rules defined in the proto definition for this message. If any
+// rules are violated, the result is a list of violation errors wrapped in
+// ScopedRouteConfiguration_Key_FragmentMultiError, or nil if none found.
+func (m *ScopedRouteConfiguration_Key_Fragment) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *ScopedRouteConfiguration_Key_Fragment) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	switch m.Type.(type) {
+
+	case *ScopedRouteConfiguration_Key_Fragment_StringKey:
+		// no validation rules for StringKey
+
+	default:
+		err := ScopedRouteConfiguration_Key_FragmentValidationError{
+			field:  "Type",
+			reason: "value is required",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+
+	}
+
+	if len(errors) > 0 {
+		return ScopedRouteConfiguration_Key_FragmentMultiError(errors)
+	}
+	return nil
+}
+
+// ScopedRouteConfiguration_Key_FragmentMultiError is an error wrapping
+// multiple validation errors returned by
+// ScopedRouteConfiguration_Key_Fragment.ValidateAll() if the designated
+// constraints aren't met.
+type ScopedRouteConfiguration_Key_FragmentMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m ScopedRouteConfiguration_Key_FragmentMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m ScopedRouteConfiguration_Key_FragmentMultiError) AllErrors() []error { return m }
+
+// ScopedRouteConfiguration_Key_FragmentValidationError is the validation error
+// returned by ScopedRouteConfiguration_Key_Fragment.Validate if the
+// designated constraints aren't met.
+type ScopedRouteConfiguration_Key_FragmentValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e ScopedRouteConfiguration_Key_FragmentValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e ScopedRouteConfiguration_Key_FragmentValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e ScopedRouteConfiguration_Key_FragmentValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e ScopedRouteConfiguration_Key_FragmentValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e ScopedRouteConfiguration_Key_FragmentValidationError) ErrorName() string {
+	return "ScopedRouteConfiguration_Key_FragmentValidationError"
+}
+
+// Error satisfies the builtin error interface
+func (e ScopedRouteConfiguration_Key_FragmentValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sScopedRouteConfiguration_Key_Fragment.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = ScopedRouteConfiguration_Key_FragmentValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = ScopedRouteConfiguration_Key_FragmentValidationError{}
diff --git a/vendor/github.com/envoyproxy/go-control-plane/envoy/api/v2/srds.pb.go b/vendor/github.com/envoyproxy/go-control-plane/envoy/api/v2/srds.pb.go
new file mode 100644
index 00000000000..1d9f80123d0
--- /dev/null
+++ b/vendor/github.com/envoyproxy/go-control-plane/envoy/api/v2/srds.pb.go
@@ -0,0 +1,417 @@
+// Code generated by protoc-gen-go. DO NOT EDIT.
+// versions:
+// 	protoc-gen-go v1.25.0
+// 	protoc        v3.19.1
+// source: envoy/api/v2/srds.proto
+
+package envoy_api_v2
+
+import (
+	context "context"
+	_ "github.com/cncf/xds/go/udpa/annotations"
+	_ "github.com/envoyproxy/go-control-plane/envoy/annotations"
+	proto "github.com/golang/protobuf/proto"
+	_ "google.golang.org/genproto/googleapis/api/annotations"
+	grpc "google.golang.org/grpc"
+	codes "google.golang.org/grpc/codes"
+	status "google.golang.org/grpc/status"
+	protoreflect "google.golang.org/protobuf/reflect/protoreflect"
+	protoimpl "google.golang.org/protobuf/runtime/protoimpl"
+	reflect "reflect"
+	sync "sync"
+)
+
+const (
+	// Verify that this generated code is sufficiently up-to-date.
+	_ = protoimpl.EnforceVersion(20 - protoimpl.MinVersion)
+	// Verify that runtime/protoimpl is sufficiently up-to-date.
+	_ = protoimpl.EnforceVersion(protoimpl.MaxVersion - 20)
+)
+
+// This is a compile-time assertion that a sufficiently up-to-date version
+// of the legacy proto package is being used.
+const _ = proto.ProtoPackageIsVersion4
+
+// [#not-implemented-hide:] Not configuration. Workaround c++ protobuf issue with importing
+// services: https://github.com/google/protobuf/issues/4221 and protoxform to upgrade the file.
+type SrdsDummy struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+}
+
+func (x *SrdsDummy) Reset() {
+	*x = SrdsDummy{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_api_v2_srds_proto_msgTypes[0]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *SrdsDummy) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*SrdsDummy) ProtoMessage() {}
+
+func (x *SrdsDummy) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_api_v2_srds_proto_msgTypes[0]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use SrdsDummy.ProtoReflect.Descriptor instead.
+func (*SrdsDummy) Descriptor() ([]byte, []int) {
+	return file_envoy_api_v2_srds_proto_rawDescGZIP(), []int{0}
+}
+
+var File_envoy_api_v2_srds_proto protoreflect.FileDescriptor
+
+var file_envoy_api_v2_srds_proto_rawDesc = []byte{
+	0x0a, 0x17, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2f, 0x61, 0x70, 0x69, 0x2f, 0x76, 0x32, 0x2f, 0x73,
+	0x72, 0x64, 0x73, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x12, 0x0c, 0x65, 0x6e, 0x76, 0x6f, 0x79,
+	0x2e, 0x61, 0x70, 0x69, 0x2e, 0x76, 0x32, 0x1a, 0x1c, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2f, 0x61,
+	0x70, 0x69, 0x2f, 0x76, 0x32, 0x2f, 0x64, 0x69, 0x73, 0x63, 0x6f, 0x76, 0x65, 0x72, 0x79, 0x2e,
+	0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x1c, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2f, 0x61, 0x70,
+	0x69, 0x2f, 0x61, 0x6e, 0x6e, 0x6f, 0x74, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x2e, 0x70, 0x72,
+	0x6f, 0x74, 0x6f, 0x1a, 0x20, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2f, 0x61, 0x6e, 0x6e, 0x6f, 0x74,
+	0x61, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x2f, 0x72, 0x65, 0x73, 0x6f, 0x75, 0x72, 0x63, 0x65, 0x2e,
+	0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x1e, 0x75, 0x64, 0x70, 0x61, 0x2f, 0x61, 0x6e, 0x6e, 0x6f,
+	0x74, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x2f, 0x6d, 0x69, 0x67, 0x72, 0x61, 0x74, 0x65, 0x2e,
+	0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x1d, 0x75, 0x64, 0x70, 0x61, 0x2f, 0x61, 0x6e, 0x6e, 0x6f,
+	0x74, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x2f, 0x73, 0x74, 0x61, 0x74, 0x75, 0x73, 0x2e, 0x70,
+	0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x1f, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2f, 0x61, 0x70, 0x69, 0x2f,
+	0x76, 0x32, 0x2f, 0x73, 0x63, 0x6f, 0x70, 0x65, 0x64, 0x5f, 0x72, 0x6f, 0x75, 0x74, 0x65, 0x2e,
+	0x70, 0x72, 0x6f, 0x74, 0x6f, 0x22, 0x0b, 0x0a, 0x09, 0x53, 0x72, 0x64, 0x73, 0x44, 0x75, 0x6d,
+	0x6d, 0x79, 0x32, 0x95, 0x03, 0x0a, 0x1c, 0x53, 0x63, 0x6f, 0x70, 0x65, 0x64, 0x52, 0x6f, 0x75,
+	0x74, 0x65, 0x73, 0x44, 0x69, 0x73, 0x63, 0x6f, 0x76, 0x65, 0x72, 0x79, 0x53, 0x65, 0x72, 0x76,
+	0x69, 0x63, 0x65, 0x12, 0x5b, 0x0a, 0x12, 0x53, 0x74, 0x72, 0x65, 0x61, 0x6d, 0x53, 0x63, 0x6f,
+	0x70, 0x65, 0x64, 0x52, 0x6f, 0x75, 0x74, 0x65, 0x73, 0x12, 0x1e, 0x2e, 0x65, 0x6e, 0x76, 0x6f,
+	0x79, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x76, 0x32, 0x2e, 0x44, 0x69, 0x73, 0x63, 0x6f, 0x76, 0x65,
+	0x72, 0x79, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, 0x1f, 0x2e, 0x65, 0x6e, 0x76, 0x6f,
+	0x79, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x76, 0x32, 0x2e, 0x44, 0x69, 0x73, 0x63, 0x6f, 0x76, 0x65,
+	0x72, 0x79, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x22, 0x00, 0x28, 0x01, 0x30, 0x01,
+	0x12, 0x64, 0x0a, 0x11, 0x44, 0x65, 0x6c, 0x74, 0x61, 0x53, 0x63, 0x6f, 0x70, 0x65, 0x64, 0x52,
+	0x6f, 0x75, 0x74, 0x65, 0x73, 0x12, 0x23, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61, 0x70,
+	0x69, 0x2e, 0x76, 0x32, 0x2e, 0x44, 0x65, 0x6c, 0x74, 0x61, 0x44, 0x69, 0x73, 0x63, 0x6f, 0x76,
+	0x65, 0x72, 0x79, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, 0x24, 0x2e, 0x65, 0x6e, 0x76,
+	0x6f, 0x79, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x76, 0x32, 0x2e, 0x44, 0x65, 0x6c, 0x74, 0x61, 0x44,
+	0x69, 0x73, 0x63, 0x6f, 0x76, 0x65, 0x72, 0x79, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65,
+	0x22, 0x00, 0x28, 0x01, 0x30, 0x01, 0x12, 0x82, 0x01, 0x0a, 0x11, 0x46, 0x65, 0x74, 0x63, 0x68,
+	0x53, 0x63, 0x6f, 0x70, 0x65, 0x64, 0x52, 0x6f, 0x75, 0x74, 0x65, 0x73, 0x12, 0x1e, 0x2e, 0x65,
+	0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x76, 0x32, 0x2e, 0x44, 0x69, 0x73, 0x63,
+	0x6f, 0x76, 0x65, 0x72, 0x79, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, 0x1f, 0x2e, 0x65,
+	0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x76, 0x32, 0x2e, 0x44, 0x69, 0x73, 0x63,
+	0x6f, 0x76, 0x65, 0x72, 0x79, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x22, 0x2c, 0x82,
+	0xd3, 0xe4, 0x93, 0x02, 0x1d, 0x22, 0x1b, 0x2f, 0x76, 0x32, 0x2f, 0x64, 0x69, 0x73, 0x63, 0x6f,
+	0x76, 0x65, 0x72, 0x79, 0x3a, 0x73, 0x63, 0x6f, 0x70, 0x65, 0x64, 0x2d, 0x72, 0x6f, 0x75, 0x74,
+	0x65, 0x73, 0x82, 0xd3, 0xe4, 0x93, 0x02, 0x03, 0x3a, 0x01, 0x2a, 0x1a, 0x2d, 0x8a, 0xa4, 0x96,
+	0xf3, 0x07, 0x27, 0x0a, 0x25, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x76,
+	0x32, 0x2e, 0x53, 0x63, 0x6f, 0x70, 0x65, 0x64, 0x52, 0x6f, 0x75, 0x74, 0x65, 0x43, 0x6f, 0x6e,
+	0x66, 0x69, 0x67, 0x75, 0x72, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x42, 0x52, 0x0a, 0x1a, 0x69, 0x6f,
+	0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x70, 0x72, 0x6f, 0x78, 0x79, 0x2e, 0x65, 0x6e, 0x76, 0x6f,
+	0x79, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x76, 0x32, 0x42, 0x09, 0x53, 0x72, 0x64, 0x73, 0x50, 0x72,
+	0x6f, 0x74, 0x6f, 0x50, 0x01, 0x88, 0x01, 0x01, 0xf2, 0x98, 0xfe, 0x8f, 0x05, 0x18, 0x12, 0x16,
+	0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x73, 0x65, 0x72, 0x76, 0x69, 0x63, 0x65, 0x2e, 0x72, 0x6f,
+	0x75, 0x74, 0x65, 0x2e, 0x76, 0x33, 0xba, 0x80, 0xc8, 0xd1, 0x06, 0x02, 0x10, 0x01, 0x50, 0x05,
+	0x62, 0x06, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x33,
+}
+
+var (
+	file_envoy_api_v2_srds_proto_rawDescOnce sync.Once
+	file_envoy_api_v2_srds_proto_rawDescData = file_envoy_api_v2_srds_proto_rawDesc
+)
+
+func file_envoy_api_v2_srds_proto_rawDescGZIP() []byte {
+	file_envoy_api_v2_srds_proto_rawDescOnce.Do(func() {
+		file_envoy_api_v2_srds_proto_rawDescData = protoimpl.X.CompressGZIP(file_envoy_api_v2_srds_proto_rawDescData)
+	})
+	return file_envoy_api_v2_srds_proto_rawDescData
+}
+
+var file_envoy_api_v2_srds_proto_msgTypes = make([]protoimpl.MessageInfo, 1)
+var file_envoy_api_v2_srds_proto_goTypes = []interface{}{
+	(*SrdsDummy)(nil),              // 0: envoy.api.v2.SrdsDummy
+	(*DiscoveryRequest)(nil),       // 1: envoy.api.v2.DiscoveryRequest
+	(*DeltaDiscoveryRequest)(nil),  // 2: envoy.api.v2.DeltaDiscoveryRequest
+	(*DiscoveryResponse)(nil),      // 3: envoy.api.v2.DiscoveryResponse
+	(*DeltaDiscoveryResponse)(nil), // 4: envoy.api.v2.DeltaDiscoveryResponse
+}
+var file_envoy_api_v2_srds_proto_depIdxs = []int32{
+	1, // 0: envoy.api.v2.ScopedRoutesDiscoveryService.StreamScopedRoutes:input_type -> envoy.api.v2.DiscoveryRequest
+	2, // 1: envoy.api.v2.ScopedRoutesDiscoveryService.DeltaScopedRoutes:input_type -> envoy.api.v2.DeltaDiscoveryRequest
+	1, // 2: envoy.api.v2.ScopedRoutesDiscoveryService.FetchScopedRoutes:input_type -> envoy.api.v2.DiscoveryRequest
+	3, // 3: envoy.api.v2.ScopedRoutesDiscoveryService.StreamScopedRoutes:output_type -> envoy.api.v2.DiscoveryResponse
+	4, // 4: envoy.api.v2.ScopedRoutesDiscoveryService.DeltaScopedRoutes:output_type -> envoy.api.v2.DeltaDiscoveryResponse
+	3, // 5: envoy.api.v2.ScopedRoutesDiscoveryService.FetchScopedRoutes:output_type -> envoy.api.v2.DiscoveryResponse
+	3, // [3:6] is the sub-list for method output_type
+	0, // [0:3] is the sub-list for method input_type
+	0, // [0:0] is the sub-list for extension type_name
+	0, // [0:0] is the sub-list for extension extendee
+	0, // [0:0] is the sub-list for field type_name
+}
+
+func init() { file_envoy_api_v2_srds_proto_init() }
+func file_envoy_api_v2_srds_proto_init() {
+	if File_envoy_api_v2_srds_proto != nil {
+		return
+	}
+	file_envoy_api_v2_discovery_proto_init()
+	file_envoy_api_v2_scoped_route_proto_init()
+	if !protoimpl.UnsafeEnabled {
+		file_envoy_api_v2_srds_proto_msgTypes[0].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*SrdsDummy); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+	}
+	type x struct{}
+	out := protoimpl.TypeBuilder{
+		File: protoimpl.DescBuilder{
+			GoPackagePath: reflect.TypeOf(x{}).PkgPath(),
+			RawDescriptor: file_envoy_api_v2_srds_proto_rawDesc,
+			NumEnums:      0,
+			NumMessages:   1,
+			NumExtensions: 0,
+			NumServices:   1,
+		},
+		GoTypes:           file_envoy_api_v2_srds_proto_goTypes,
+		DependencyIndexes: file_envoy_api_v2_srds_proto_depIdxs,
+		MessageInfos:      file_envoy_api_v2_srds_proto_msgTypes,
+	}.Build()
+	File_envoy_api_v2_srds_proto = out.File
+	file_envoy_api_v2_srds_proto_rawDesc = nil
+	file_envoy_api_v2_srds_proto_goTypes = nil
+	file_envoy_api_v2_srds_proto_depIdxs = nil
+}
+
+// Reference imports to suppress errors if they are not otherwise used.
+var _ context.Context
+var _ grpc.ClientConnInterface
+
+// This is a compile-time assertion to ensure that this generated file
+// is compatible with the grpc package it is being compiled against.
+const _ = grpc.SupportPackageIsVersion6
+
+// ScopedRoutesDiscoveryServiceClient is the client API for ScopedRoutesDiscoveryService service.
+//
+// For semantics around ctx use and closing/ending streaming RPCs, please refer to https://godoc.org/google.golang.org/grpc#ClientConn.NewStream.
+type ScopedRoutesDiscoveryServiceClient interface {
+	StreamScopedRoutes(ctx context.Context, opts ...grpc.CallOption) (ScopedRoutesDiscoveryService_StreamScopedRoutesClient, error)
+	DeltaScopedRoutes(ctx context.Context, opts ...grpc.CallOption) (ScopedRoutesDiscoveryService_DeltaScopedRoutesClient, error)
+	FetchScopedRoutes(ctx context.Context, in *DiscoveryRequest, opts ...grpc.CallOption) (*DiscoveryResponse, error)
+}
+
+type scopedRoutesDiscoveryServiceClient struct {
+	cc grpc.ClientConnInterface
+}
+
+func NewScopedRoutesDiscoveryServiceClient(cc grpc.ClientConnInterface) ScopedRoutesDiscoveryServiceClient {
+	return &scopedRoutesDiscoveryServiceClient{cc}
+}
+
+func (c *scopedRoutesDiscoveryServiceClient) StreamScopedRoutes(ctx context.Context, opts ...grpc.CallOption) (ScopedRoutesDiscoveryService_StreamScopedRoutesClient, error) {
+	stream, err := c.cc.NewStream(ctx, &_ScopedRoutesDiscoveryService_serviceDesc.Streams[0], "/envoy.api.v2.ScopedRoutesDiscoveryService/StreamScopedRoutes", opts...)
+	if err != nil {
+		return nil, err
+	}
+	x := &scopedRoutesDiscoveryServiceStreamScopedRoutesClient{stream}
+	return x, nil
+}
+
+type ScopedRoutesDiscoveryService_StreamScopedRoutesClient interface {
+	Send(*DiscoveryRequest) error
+	Recv() (*DiscoveryResponse, error)
+	grpc.ClientStream
+}
+
+type scopedRoutesDiscoveryServiceStreamScopedRoutesClient struct {
+	grpc.ClientStream
+}
+
+func (x *scopedRoutesDiscoveryServiceStreamScopedRoutesClient) Send(m *DiscoveryRequest) error {
+	return x.ClientStream.SendMsg(m)
+}
+
+func (x *scopedRoutesDiscoveryServiceStreamScopedRoutesClient) Recv() (*DiscoveryResponse, error) {
+	m := new(DiscoveryResponse)
+	if err := x.ClientStream.RecvMsg(m); err != nil {
+		return nil, err
+	}
+	return m, nil
+}
+
+func (c *scopedRoutesDiscoveryServiceClient) DeltaScopedRoutes(ctx context.Context, opts ...grpc.CallOption) (ScopedRoutesDiscoveryService_DeltaScopedRoutesClient, error) {
+	stream, err := c.cc.NewStream(ctx, &_ScopedRoutesDiscoveryService_serviceDesc.Streams[1], "/envoy.api.v2.ScopedRoutesDiscoveryService/DeltaScopedRoutes", opts...)
+	if err != nil {
+		return nil, err
+	}
+	x := &scopedRoutesDiscoveryServiceDeltaScopedRoutesClient{stream}
+	return x, nil
+}
+
+type ScopedRoutesDiscoveryService_DeltaScopedRoutesClient interface {
+	Send(*DeltaDiscoveryRequest) error
+	Recv() (*DeltaDiscoveryResponse, error)
+	grpc.ClientStream
+}
+
+type scopedRoutesDiscoveryServiceDeltaScopedRoutesClient struct {
+	grpc.ClientStream
+}
+
+func (x *scopedRoutesDiscoveryServiceDeltaScopedRoutesClient) Send(m *DeltaDiscoveryRequest) error {
+	return x.ClientStream.SendMsg(m)
+}
+
+func (x *scopedRoutesDiscoveryServiceDeltaScopedRoutesClient) Recv() (*DeltaDiscoveryResponse, error) {
+	m := new(DeltaDiscoveryResponse)
+	if err := x.ClientStream.RecvMsg(m); err != nil {
+		return nil, err
+	}
+	return m, nil
+}
+
+func (c *scopedRoutesDiscoveryServiceClient) FetchScopedRoutes(ctx context.Context, in *DiscoveryRequest, opts ...grpc.CallOption) (*DiscoveryResponse, error) {
+	out := new(DiscoveryResponse)
+	err := c.cc.Invoke(ctx, "/envoy.api.v2.ScopedRoutesDiscoveryService/FetchScopedRoutes", in, out, opts...)
+	if err != nil {
+		return nil, err
+	}
+	return out, nil
+}
+
+// ScopedRoutesDiscoveryServiceServer is the server API for ScopedRoutesDiscoveryService service.
+type ScopedRoutesDiscoveryServiceServer interface {
+	StreamScopedRoutes(ScopedRoutesDiscoveryService_StreamScopedRoutesServer) error
+	DeltaScopedRoutes(ScopedRoutesDiscoveryService_DeltaScopedRoutesServer) error
+	FetchScopedRoutes(context.Context, *DiscoveryRequest) (*DiscoveryResponse, error)
+}
+
+// UnimplementedScopedRoutesDiscoveryServiceServer can be embedded to have forward compatible implementations.
+type UnimplementedScopedRoutesDiscoveryServiceServer struct {
+}
+
+func (*UnimplementedScopedRoutesDiscoveryServiceServer) StreamScopedRoutes(ScopedRoutesDiscoveryService_StreamScopedRoutesServer) error {
+	return status.Errorf(codes.Unimplemented, "method StreamScopedRoutes not implemented")
+}
+func (*UnimplementedScopedRoutesDiscoveryServiceServer) DeltaScopedRoutes(ScopedRoutesDiscoveryService_DeltaScopedRoutesServer) error {
+	return status.Errorf(codes.Unimplemented, "method DeltaScopedRoutes not implemented")
+}
+func (*UnimplementedScopedRoutesDiscoveryServiceServer) FetchScopedRoutes(context.Context, *DiscoveryRequest) (*DiscoveryResponse, error) {
+	return nil, status.Errorf(codes.Unimplemented, "method FetchScopedRoutes not implemented")
+}
+
+func RegisterScopedRoutesDiscoveryServiceServer(s *grpc.Server, srv ScopedRoutesDiscoveryServiceServer) {
+	s.RegisterService(&_ScopedRoutesDiscoveryService_serviceDesc, srv)
+}
+
+func _ScopedRoutesDiscoveryService_StreamScopedRoutes_Handler(srv interface{}, stream grpc.ServerStream) error {
+	return srv.(ScopedRoutesDiscoveryServiceServer).StreamScopedRoutes(&scopedRoutesDiscoveryServiceStreamScopedRoutesServer{stream})
+}
+
+type ScopedRoutesDiscoveryService_StreamScopedRoutesServer interface {
+	Send(*DiscoveryResponse) error
+	Recv() (*DiscoveryRequest, error)
+	grpc.ServerStream
+}
+
+type scopedRoutesDiscoveryServiceStreamScopedRoutesServer struct {
+	grpc.ServerStream
+}
+
+func (x *scopedRoutesDiscoveryServiceStreamScopedRoutesServer) Send(m *DiscoveryResponse) error {
+	return x.ServerStream.SendMsg(m)
+}
+
+func (x *scopedRoutesDiscoveryServiceStreamScopedRoutesServer) Recv() (*DiscoveryRequest, error) {
+	m := new(DiscoveryRequest)
+	if err := x.ServerStream.RecvMsg(m); err != nil {
+		return nil, err
+	}
+	return m, nil
+}
+
+func _ScopedRoutesDiscoveryService_DeltaScopedRoutes_Handler(srv interface{}, stream grpc.ServerStream) error {
+	return srv.(ScopedRoutesDiscoveryServiceServer).DeltaScopedRoutes(&scopedRoutesDiscoveryServiceDeltaScopedRoutesServer{stream})
+}
+
+type ScopedRoutesDiscoveryService_DeltaScopedRoutesServer interface {
+	Send(*DeltaDiscoveryResponse) error
+	Recv() (*DeltaDiscoveryRequest, error)
+	grpc.ServerStream
+}
+
+type scopedRoutesDiscoveryServiceDeltaScopedRoutesServer struct {
+	grpc.ServerStream
+}
+
+func (x *scopedRoutesDiscoveryServiceDeltaScopedRoutesServer) Send(m *DeltaDiscoveryResponse) error {
+	return x.ServerStream.SendMsg(m)
+}
+
+func (x *scopedRoutesDiscoveryServiceDeltaScopedRoutesServer) Recv() (*DeltaDiscoveryRequest, error) {
+	m := new(DeltaDiscoveryRequest)
+	if err := x.ServerStream.RecvMsg(m); err != nil {
+		return nil, err
+	}
+	return m, nil
+}
+
+func _ScopedRoutesDiscoveryService_FetchScopedRoutes_Handler(srv interface{}, ctx context.Context, dec func(interface{}) error, interceptor grpc.UnaryServerInterceptor) (interface{}, error) {
+	in := new(DiscoveryRequest)
+	if err := dec(in); err != nil {
+		return nil, err
+	}
+	if interceptor == nil {
+		return srv.(ScopedRoutesDiscoveryServiceServer).FetchScopedRoutes(ctx, in)
+	}
+	info := &grpc.UnaryServerInfo{
+		Server:     srv,
+		FullMethod: "/envoy.api.v2.ScopedRoutesDiscoveryService/FetchScopedRoutes",
+	}
+	handler := func(ctx context.Context, req interface{}) (interface{}, error) {
+		return srv.(ScopedRoutesDiscoveryServiceServer).FetchScopedRoutes(ctx, req.(*DiscoveryRequest))
+	}
+	return interceptor(ctx, in, info, handler)
+}
+
+var _ScopedRoutesDiscoveryService_serviceDesc = grpc.ServiceDesc{
+	ServiceName: "envoy.api.v2.ScopedRoutesDiscoveryService",
+	HandlerType: (*ScopedRoutesDiscoveryServiceServer)(nil),
+	Methods: []grpc.MethodDesc{
+		{
+			MethodName: "FetchScopedRoutes",
+			Handler:    _ScopedRoutesDiscoveryService_FetchScopedRoutes_Handler,
+		},
+	},
+	Streams: []grpc.StreamDesc{
+		{
+			StreamName:    "StreamScopedRoutes",
+			Handler:       _ScopedRoutesDiscoveryService_StreamScopedRoutes_Handler,
+			ServerStreams: true,
+			ClientStreams: true,
+		},
+		{
+			StreamName:    "DeltaScopedRoutes",
+			Handler:       _ScopedRoutesDiscoveryService_DeltaScopedRoutes_Handler,
+			ServerStreams: true,
+			ClientStreams: true,
+		},
+	},
+	Metadata: "envoy/api/v2/srds.proto",
+}
diff --git a/vendor/github.com/envoyproxy/go-control-plane/envoy/api/v2/srds.pb.validate.go b/vendor/github.com/envoyproxy/go-control-plane/envoy/api/v2/srds.pb.validate.go
new file mode 100644
index 00000000000..676e25a7419
--- /dev/null
+++ b/vendor/github.com/envoyproxy/go-control-plane/envoy/api/v2/srds.pb.validate.go
@@ -0,0 +1,134 @@
+// Code generated by protoc-gen-validate. DO NOT EDIT.
+// source: envoy/api/v2/srds.proto
+
+package envoy_api_v2
+
+import (
+	"bytes"
+	"errors"
+	"fmt"
+	"net"
+	"net/mail"
+	"net/url"
+	"regexp"
+	"sort"
+	"strings"
+	"time"
+	"unicode/utf8"
+
+	"google.golang.org/protobuf/types/known/anypb"
+)
+
+// ensure the imports are used
+var (
+	_ = bytes.MinRead
+	_ = errors.New("")
+	_ = fmt.Print
+	_ = utf8.UTFMax
+	_ = (*regexp.Regexp)(nil)
+	_ = (*strings.Reader)(nil)
+	_ = net.IPv4len
+	_ = time.Duration(0)
+	_ = (*url.URL)(nil)
+	_ = (*mail.Address)(nil)
+	_ = anypb.Any{}
+	_ = sort.Sort
+)
+
+// Validate checks the field values on SrdsDummy with the rules defined in the
+// proto definition for this message. If any rules are violated, the first
+// error encountered is returned, or nil if there are no violations.
+func (m *SrdsDummy) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on SrdsDummy with the rules defined in
+// the proto definition for this message. If any rules are violated, the
+// result is a list of violation errors wrapped in SrdsDummyMultiError, or nil
+// if none found.
+func (m *SrdsDummy) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *SrdsDummy) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	if len(errors) > 0 {
+		return SrdsDummyMultiError(errors)
+	}
+	return nil
+}
+
+// SrdsDummyMultiError is an error wrapping multiple validation errors returned
+// by SrdsDummy.ValidateAll() if the designated constraints aren't met.
+type SrdsDummyMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m SrdsDummyMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m SrdsDummyMultiError) AllErrors() []error { return m }
+
+// SrdsDummyValidationError is the validation error returned by
+// SrdsDummy.Validate if the designated constraints aren't met.
+type SrdsDummyValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e SrdsDummyValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e SrdsDummyValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e SrdsDummyValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e SrdsDummyValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e SrdsDummyValidationError) ErrorName() string { return "SrdsDummyValidationError" }
+
+// Error satisfies the builtin error interface
+func (e SrdsDummyValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sSrdsDummy.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = SrdsDummyValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = SrdsDummyValidationError{}
diff --git a/vendor/github.com/envoyproxy/go-control-plane/envoy/config/accesslog/v3/accesslog.pb.go b/vendor/github.com/envoyproxy/go-control-plane/envoy/config/accesslog/v3/accesslog.pb.go
new file mode 100644
index 00000000000..18527c61f1b
--- /dev/null
+++ b/vendor/github.com/envoyproxy/go-control-plane/envoy/config/accesslog/v3/accesslog.pb.go
@@ -0,0 +1,1811 @@
+// Code generated by protoc-gen-go. DO NOT EDIT.
+// versions:
+// 	protoc-gen-go v1.25.0
+// 	protoc        v3.19.1
+// source: envoy/config/accesslog/v3/accesslog.proto
+
+package envoy_config_accesslog_v3
+
+import (
+	_ "github.com/cncf/xds/go/udpa/annotations"
+	v3 "github.com/envoyproxy/go-control-plane/envoy/config/core/v3"
+	v32 "github.com/envoyproxy/go-control-plane/envoy/config/route/v3"
+	v33 "github.com/envoyproxy/go-control-plane/envoy/type/matcher/v3"
+	v31 "github.com/envoyproxy/go-control-plane/envoy/type/v3"
+	_ "github.com/envoyproxy/protoc-gen-validate/validate"
+	proto "github.com/golang/protobuf/proto"
+	any "github.com/golang/protobuf/ptypes/any"
+	wrappers "github.com/golang/protobuf/ptypes/wrappers"
+	protoreflect "google.golang.org/protobuf/reflect/protoreflect"
+	protoimpl "google.golang.org/protobuf/runtime/protoimpl"
+	reflect "reflect"
+	sync "sync"
+)
+
+const (
+	// Verify that this generated code is sufficiently up-to-date.
+	_ = protoimpl.EnforceVersion(20 - protoimpl.MinVersion)
+	// Verify that runtime/protoimpl is sufficiently up-to-date.
+	_ = protoimpl.EnforceVersion(protoimpl.MaxVersion - 20)
+)
+
+// This is a compile-time assertion that a sufficiently up-to-date version
+// of the legacy proto package is being used.
+const _ = proto.ProtoPackageIsVersion4
+
+type ComparisonFilter_Op int32
+
+const (
+	// =
+	ComparisonFilter_EQ ComparisonFilter_Op = 0
+	// >=
+	ComparisonFilter_GE ComparisonFilter_Op = 1
+	// <=
+	ComparisonFilter_LE ComparisonFilter_Op = 2
+)
+
+// Enum value maps for ComparisonFilter_Op.
+var (
+	ComparisonFilter_Op_name = map[int32]string{
+		0: "EQ",
+		1: "GE",
+		2: "LE",
+	}
+	ComparisonFilter_Op_value = map[string]int32{
+		"EQ": 0,
+		"GE": 1,
+		"LE": 2,
+	}
+)
+
+func (x ComparisonFilter_Op) Enum() *ComparisonFilter_Op {
+	p := new(ComparisonFilter_Op)
+	*p = x
+	return p
+}
+
+func (x ComparisonFilter_Op) String() string {
+	return protoimpl.X.EnumStringOf(x.Descriptor(), protoreflect.EnumNumber(x))
+}
+
+func (ComparisonFilter_Op) Descriptor() protoreflect.EnumDescriptor {
+	return file_envoy_config_accesslog_v3_accesslog_proto_enumTypes[0].Descriptor()
+}
+
+func (ComparisonFilter_Op) Type() protoreflect.EnumType {
+	return &file_envoy_config_accesslog_v3_accesslog_proto_enumTypes[0]
+}
+
+func (x ComparisonFilter_Op) Number() protoreflect.EnumNumber {
+	return protoreflect.EnumNumber(x)
+}
+
+// Deprecated: Use ComparisonFilter_Op.Descriptor instead.
+func (ComparisonFilter_Op) EnumDescriptor() ([]byte, []int) {
+	return file_envoy_config_accesslog_v3_accesslog_proto_rawDescGZIP(), []int{2, 0}
+}
+
+type GrpcStatusFilter_Status int32
+
+const (
+	GrpcStatusFilter_OK                  GrpcStatusFilter_Status = 0
+	GrpcStatusFilter_CANCELED            GrpcStatusFilter_Status = 1
+	GrpcStatusFilter_UNKNOWN             GrpcStatusFilter_Status = 2
+	GrpcStatusFilter_INVALID_ARGUMENT    GrpcStatusFilter_Status = 3
+	GrpcStatusFilter_DEADLINE_EXCEEDED   GrpcStatusFilter_Status = 4
+	GrpcStatusFilter_NOT_FOUND           GrpcStatusFilter_Status = 5
+	GrpcStatusFilter_ALREADY_EXISTS      GrpcStatusFilter_Status = 6
+	GrpcStatusFilter_PERMISSION_DENIED   GrpcStatusFilter_Status = 7
+	GrpcStatusFilter_RESOURCE_EXHAUSTED  GrpcStatusFilter_Status = 8
+	GrpcStatusFilter_FAILED_PRECONDITION GrpcStatusFilter_Status = 9
+	GrpcStatusFilter_ABORTED             GrpcStatusFilter_Status = 10
+	GrpcStatusFilter_OUT_OF_RANGE        GrpcStatusFilter_Status = 11
+	GrpcStatusFilter_UNIMPLEMENTED       GrpcStatusFilter_Status = 12
+	GrpcStatusFilter_INTERNAL            GrpcStatusFilter_Status = 13
+	GrpcStatusFilter_UNAVAILABLE         GrpcStatusFilter_Status = 14
+	GrpcStatusFilter_DATA_LOSS           GrpcStatusFilter_Status = 15
+	GrpcStatusFilter_UNAUTHENTICATED     GrpcStatusFilter_Status = 16
+)
+
+// Enum value maps for GrpcStatusFilter_Status.
+var (
+	GrpcStatusFilter_Status_name = map[int32]string{
+		0:  "OK",
+		1:  "CANCELED",
+		2:  "UNKNOWN",
+		3:  "INVALID_ARGUMENT",
+		4:  "DEADLINE_EXCEEDED",
+		5:  "NOT_FOUND",
+		6:  "ALREADY_EXISTS",
+		7:  "PERMISSION_DENIED",
+		8:  "RESOURCE_EXHAUSTED",
+		9:  "FAILED_PRECONDITION",
+		10: "ABORTED",
+		11: "OUT_OF_RANGE",
+		12: "UNIMPLEMENTED",
+		13: "INTERNAL",
+		14: "UNAVAILABLE",
+		15: "DATA_LOSS",
+		16: "UNAUTHENTICATED",
+	}
+	GrpcStatusFilter_Status_value = map[string]int32{
+		"OK":                  0,
+		"CANCELED":            1,
+		"UNKNOWN":             2,
+		"INVALID_ARGUMENT":    3,
+		"DEADLINE_EXCEEDED":   4,
+		"NOT_FOUND":           5,
+		"ALREADY_EXISTS":      6,
+		"PERMISSION_DENIED":   7,
+		"RESOURCE_EXHAUSTED":  8,
+		"FAILED_PRECONDITION": 9,
+		"ABORTED":             10,
+		"OUT_OF_RANGE":        11,
+		"UNIMPLEMENTED":       12,
+		"INTERNAL":            13,
+		"UNAVAILABLE":         14,
+		"DATA_LOSS":           15,
+		"UNAUTHENTICATED":     16,
+	}
+)
+
+func (x GrpcStatusFilter_Status) Enum() *GrpcStatusFilter_Status {
+	p := new(GrpcStatusFilter_Status)
+	*p = x
+	return p
+}
+
+func (x GrpcStatusFilter_Status) String() string {
+	return protoimpl.X.EnumStringOf(x.Descriptor(), protoreflect.EnumNumber(x))
+}
+
+func (GrpcStatusFilter_Status) Descriptor() protoreflect.EnumDescriptor {
+	return file_envoy_config_accesslog_v3_accesslog_proto_enumTypes[1].Descriptor()
+}
+
+func (GrpcStatusFilter_Status) Type() protoreflect.EnumType {
+	return &file_envoy_config_accesslog_v3_accesslog_proto_enumTypes[1]
+}
+
+func (x GrpcStatusFilter_Status) Number() protoreflect.EnumNumber {
+	return protoreflect.EnumNumber(x)
+}
+
+// Deprecated: Use GrpcStatusFilter_Status.Descriptor instead.
+func (GrpcStatusFilter_Status) EnumDescriptor() ([]byte, []int) {
+	return file_envoy_config_accesslog_v3_accesslog_proto_rawDescGZIP(), []int{12, 0}
+}
+
+type AccessLog struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// The name of the access log extension to instantiate.
+	// The name must match one of the compiled in loggers.
+	// See the :ref:`extensions listed in typed_config below <extension_category_envoy.access_loggers>` for the default list of available loggers.
+	Name string `protobuf:"bytes,1,opt,name=name,proto3" json:"name,omitempty"`
+	// Filter which is used to determine if the access log needs to be written.
+	Filter *AccessLogFilter `protobuf:"bytes,2,opt,name=filter,proto3" json:"filter,omitempty"`
+	// Custom configuration that must be set according to the access logger extension being instantiated.
+	// [#extension-category: envoy.access_loggers]
+	//
+	// Types that are assignable to ConfigType:
+	//	*AccessLog_TypedConfig
+	ConfigType isAccessLog_ConfigType `protobuf_oneof:"config_type"`
+}
+
+func (x *AccessLog) Reset() {
+	*x = AccessLog{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_config_accesslog_v3_accesslog_proto_msgTypes[0]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *AccessLog) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*AccessLog) ProtoMessage() {}
+
+func (x *AccessLog) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_config_accesslog_v3_accesslog_proto_msgTypes[0]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use AccessLog.ProtoReflect.Descriptor instead.
+func (*AccessLog) Descriptor() ([]byte, []int) {
+	return file_envoy_config_accesslog_v3_accesslog_proto_rawDescGZIP(), []int{0}
+}
+
+func (x *AccessLog) GetName() string {
+	if x != nil {
+		return x.Name
+	}
+	return ""
+}
+
+func (x *AccessLog) GetFilter() *AccessLogFilter {
+	if x != nil {
+		return x.Filter
+	}
+	return nil
+}
+
+func (m *AccessLog) GetConfigType() isAccessLog_ConfigType {
+	if m != nil {
+		return m.ConfigType
+	}
+	return nil
+}
+
+func (x *AccessLog) GetTypedConfig() *any.Any {
+	if x, ok := x.GetConfigType().(*AccessLog_TypedConfig); ok {
+		return x.TypedConfig
+	}
+	return nil
+}
+
+type isAccessLog_ConfigType interface {
+	isAccessLog_ConfigType()
+}
+
+type AccessLog_TypedConfig struct {
+	TypedConfig *any.Any `protobuf:"bytes,4,opt,name=typed_config,json=typedConfig,proto3,oneof"`
+}
+
+func (*AccessLog_TypedConfig) isAccessLog_ConfigType() {}
+
+// [#next-free-field: 13]
+type AccessLogFilter struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// Types that are assignable to FilterSpecifier:
+	//	*AccessLogFilter_StatusCodeFilter
+	//	*AccessLogFilter_DurationFilter
+	//	*AccessLogFilter_NotHealthCheckFilter
+	//	*AccessLogFilter_TraceableFilter
+	//	*AccessLogFilter_RuntimeFilter
+	//	*AccessLogFilter_AndFilter
+	//	*AccessLogFilter_OrFilter
+	//	*AccessLogFilter_HeaderFilter
+	//	*AccessLogFilter_ResponseFlagFilter
+	//	*AccessLogFilter_GrpcStatusFilter
+	//	*AccessLogFilter_ExtensionFilter
+	//	*AccessLogFilter_MetadataFilter
+	FilterSpecifier isAccessLogFilter_FilterSpecifier `protobuf_oneof:"filter_specifier"`
+}
+
+func (x *AccessLogFilter) Reset() {
+	*x = AccessLogFilter{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_config_accesslog_v3_accesslog_proto_msgTypes[1]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *AccessLogFilter) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*AccessLogFilter) ProtoMessage() {}
+
+func (x *AccessLogFilter) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_config_accesslog_v3_accesslog_proto_msgTypes[1]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use AccessLogFilter.ProtoReflect.Descriptor instead.
+func (*AccessLogFilter) Descriptor() ([]byte, []int) {
+	return file_envoy_config_accesslog_v3_accesslog_proto_rawDescGZIP(), []int{1}
+}
+
+func (m *AccessLogFilter) GetFilterSpecifier() isAccessLogFilter_FilterSpecifier {
+	if m != nil {
+		return m.FilterSpecifier
+	}
+	return nil
+}
+
+func (x *AccessLogFilter) GetStatusCodeFilter() *StatusCodeFilter {
+	if x, ok := x.GetFilterSpecifier().(*AccessLogFilter_StatusCodeFilter); ok {
+		return x.StatusCodeFilter
+	}
+	return nil
+}
+
+func (x *AccessLogFilter) GetDurationFilter() *DurationFilter {
+	if x, ok := x.GetFilterSpecifier().(*AccessLogFilter_DurationFilter); ok {
+		return x.DurationFilter
+	}
+	return nil
+}
+
+func (x *AccessLogFilter) GetNotHealthCheckFilter() *NotHealthCheckFilter {
+	if x, ok := x.GetFilterSpecifier().(*AccessLogFilter_NotHealthCheckFilter); ok {
+		return x.NotHealthCheckFilter
+	}
+	return nil
+}
+
+func (x *AccessLogFilter) GetTraceableFilter() *TraceableFilter {
+	if x, ok := x.GetFilterSpecifier().(*AccessLogFilter_TraceableFilter); ok {
+		return x.TraceableFilter
+	}
+	return nil
+}
+
+func (x *AccessLogFilter) GetRuntimeFilter() *RuntimeFilter {
+	if x, ok := x.GetFilterSpecifier().(*AccessLogFilter_RuntimeFilter); ok {
+		return x.RuntimeFilter
+	}
+	return nil
+}
+
+func (x *AccessLogFilter) GetAndFilter() *AndFilter {
+	if x, ok := x.GetFilterSpecifier().(*AccessLogFilter_AndFilter); ok {
+		return x.AndFilter
+	}
+	return nil
+}
+
+func (x *AccessLogFilter) GetOrFilter() *OrFilter {
+	if x, ok := x.GetFilterSpecifier().(*AccessLogFilter_OrFilter); ok {
+		return x.OrFilter
+	}
+	return nil
+}
+
+func (x *AccessLogFilter) GetHeaderFilter() *HeaderFilter {
+	if x, ok := x.GetFilterSpecifier().(*AccessLogFilter_HeaderFilter); ok {
+		return x.HeaderFilter
+	}
+	return nil
+}
+
+func (x *AccessLogFilter) GetResponseFlagFilter() *ResponseFlagFilter {
+	if x, ok := x.GetFilterSpecifier().(*AccessLogFilter_ResponseFlagFilter); ok {
+		return x.ResponseFlagFilter
+	}
+	return nil
+}
+
+func (x *AccessLogFilter) GetGrpcStatusFilter() *GrpcStatusFilter {
+	if x, ok := x.GetFilterSpecifier().(*AccessLogFilter_GrpcStatusFilter); ok {
+		return x.GrpcStatusFilter
+	}
+	return nil
+}
+
+func (x *AccessLogFilter) GetExtensionFilter() *ExtensionFilter {
+	if x, ok := x.GetFilterSpecifier().(*AccessLogFilter_ExtensionFilter); ok {
+		return x.ExtensionFilter
+	}
+	return nil
+}
+
+func (x *AccessLogFilter) GetMetadataFilter() *MetadataFilter {
+	if x, ok := x.GetFilterSpecifier().(*AccessLogFilter_MetadataFilter); ok {
+		return x.MetadataFilter
+	}
+	return nil
+}
+
+type isAccessLogFilter_FilterSpecifier interface {
+	isAccessLogFilter_FilterSpecifier()
+}
+
+type AccessLogFilter_StatusCodeFilter struct {
+	// Status code filter.
+	StatusCodeFilter *StatusCodeFilter `protobuf:"bytes,1,opt,name=status_code_filter,json=statusCodeFilter,proto3,oneof"`
+}
+
+type AccessLogFilter_DurationFilter struct {
+	// Duration filter.
+	DurationFilter *DurationFilter `protobuf:"bytes,2,opt,name=duration_filter,json=durationFilter,proto3,oneof"`
+}
+
+type AccessLogFilter_NotHealthCheckFilter struct {
+	// Not health check filter.
+	NotHealthCheckFilter *NotHealthCheckFilter `protobuf:"bytes,3,opt,name=not_health_check_filter,json=notHealthCheckFilter,proto3,oneof"`
+}
+
+type AccessLogFilter_TraceableFilter struct {
+	// Traceable filter.
+	TraceableFilter *TraceableFilter `protobuf:"bytes,4,opt,name=traceable_filter,json=traceableFilter,proto3,oneof"`
+}
+
+type AccessLogFilter_RuntimeFilter struct {
+	// Runtime filter.
+	RuntimeFilter *RuntimeFilter `protobuf:"bytes,5,opt,name=runtime_filter,json=runtimeFilter,proto3,oneof"`
+}
+
+type AccessLogFilter_AndFilter struct {
+	// And filter.
+	AndFilter *AndFilter `protobuf:"bytes,6,opt,name=and_filter,json=andFilter,proto3,oneof"`
+}
+
+type AccessLogFilter_OrFilter struct {
+	// Or filter.
+	OrFilter *OrFilter `protobuf:"bytes,7,opt,name=or_filter,json=orFilter,proto3,oneof"`
+}
+
+type AccessLogFilter_HeaderFilter struct {
+	// Header filter.
+	HeaderFilter *HeaderFilter `protobuf:"bytes,8,opt,name=header_filter,json=headerFilter,proto3,oneof"`
+}
+
+type AccessLogFilter_ResponseFlagFilter struct {
+	// Response flag filter.
+	ResponseFlagFilter *ResponseFlagFilter `protobuf:"bytes,9,opt,name=response_flag_filter,json=responseFlagFilter,proto3,oneof"`
+}
+
+type AccessLogFilter_GrpcStatusFilter struct {
+	// gRPC status filter.
+	GrpcStatusFilter *GrpcStatusFilter `protobuf:"bytes,10,opt,name=grpc_status_filter,json=grpcStatusFilter,proto3,oneof"`
+}
+
+type AccessLogFilter_ExtensionFilter struct {
+	// Extension filter.
+	ExtensionFilter *ExtensionFilter `protobuf:"bytes,11,opt,name=extension_filter,json=extensionFilter,proto3,oneof"`
+}
+
+type AccessLogFilter_MetadataFilter struct {
+	// Metadata Filter
+	MetadataFilter *MetadataFilter `protobuf:"bytes,12,opt,name=metadata_filter,json=metadataFilter,proto3,oneof"`
+}
+
+func (*AccessLogFilter_StatusCodeFilter) isAccessLogFilter_FilterSpecifier() {}
+
+func (*AccessLogFilter_DurationFilter) isAccessLogFilter_FilterSpecifier() {}
+
+func (*AccessLogFilter_NotHealthCheckFilter) isAccessLogFilter_FilterSpecifier() {}
+
+func (*AccessLogFilter_TraceableFilter) isAccessLogFilter_FilterSpecifier() {}
+
+func (*AccessLogFilter_RuntimeFilter) isAccessLogFilter_FilterSpecifier() {}
+
+func (*AccessLogFilter_AndFilter) isAccessLogFilter_FilterSpecifier() {}
+
+func (*AccessLogFilter_OrFilter) isAccessLogFilter_FilterSpecifier() {}
+
+func (*AccessLogFilter_HeaderFilter) isAccessLogFilter_FilterSpecifier() {}
+
+func (*AccessLogFilter_ResponseFlagFilter) isAccessLogFilter_FilterSpecifier() {}
+
+func (*AccessLogFilter_GrpcStatusFilter) isAccessLogFilter_FilterSpecifier() {}
+
+func (*AccessLogFilter_ExtensionFilter) isAccessLogFilter_FilterSpecifier() {}
+
+func (*AccessLogFilter_MetadataFilter) isAccessLogFilter_FilterSpecifier() {}
+
+// Filter on an integer comparison.
+type ComparisonFilter struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// Comparison operator.
+	Op ComparisonFilter_Op `protobuf:"varint,1,opt,name=op,proto3,enum=envoy.config.accesslog.v3.ComparisonFilter_Op" json:"op,omitempty"`
+	// Value to compare against.
+	Value *v3.RuntimeUInt32 `protobuf:"bytes,2,opt,name=value,proto3" json:"value,omitempty"`
+}
+
+func (x *ComparisonFilter) Reset() {
+	*x = ComparisonFilter{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_config_accesslog_v3_accesslog_proto_msgTypes[2]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *ComparisonFilter) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*ComparisonFilter) ProtoMessage() {}
+
+func (x *ComparisonFilter) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_config_accesslog_v3_accesslog_proto_msgTypes[2]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use ComparisonFilter.ProtoReflect.Descriptor instead.
+func (*ComparisonFilter) Descriptor() ([]byte, []int) {
+	return file_envoy_config_accesslog_v3_accesslog_proto_rawDescGZIP(), []int{2}
+}
+
+func (x *ComparisonFilter) GetOp() ComparisonFilter_Op {
+	if x != nil {
+		return x.Op
+	}
+	return ComparisonFilter_EQ
+}
+
+func (x *ComparisonFilter) GetValue() *v3.RuntimeUInt32 {
+	if x != nil {
+		return x.Value
+	}
+	return nil
+}
+
+// Filters on HTTP response/status code.
+type StatusCodeFilter struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// Comparison.
+	Comparison *ComparisonFilter `protobuf:"bytes,1,opt,name=comparison,proto3" json:"comparison,omitempty"`
+}
+
+func (x *StatusCodeFilter) Reset() {
+	*x = StatusCodeFilter{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_config_accesslog_v3_accesslog_proto_msgTypes[3]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *StatusCodeFilter) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*StatusCodeFilter) ProtoMessage() {}
+
+func (x *StatusCodeFilter) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_config_accesslog_v3_accesslog_proto_msgTypes[3]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use StatusCodeFilter.ProtoReflect.Descriptor instead.
+func (*StatusCodeFilter) Descriptor() ([]byte, []int) {
+	return file_envoy_config_accesslog_v3_accesslog_proto_rawDescGZIP(), []int{3}
+}
+
+func (x *StatusCodeFilter) GetComparison() *ComparisonFilter {
+	if x != nil {
+		return x.Comparison
+	}
+	return nil
+}
+
+// Filters on total request duration in milliseconds.
+type DurationFilter struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// Comparison.
+	Comparison *ComparisonFilter `protobuf:"bytes,1,opt,name=comparison,proto3" json:"comparison,omitempty"`
+}
+
+func (x *DurationFilter) Reset() {
+	*x = DurationFilter{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_config_accesslog_v3_accesslog_proto_msgTypes[4]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *DurationFilter) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*DurationFilter) ProtoMessage() {}
+
+func (x *DurationFilter) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_config_accesslog_v3_accesslog_proto_msgTypes[4]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use DurationFilter.ProtoReflect.Descriptor instead.
+func (*DurationFilter) Descriptor() ([]byte, []int) {
+	return file_envoy_config_accesslog_v3_accesslog_proto_rawDescGZIP(), []int{4}
+}
+
+func (x *DurationFilter) GetComparison() *ComparisonFilter {
+	if x != nil {
+		return x.Comparison
+	}
+	return nil
+}
+
+// Filters for requests that are not health check requests. A health check
+// request is marked by the health check filter.
+type NotHealthCheckFilter struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+}
+
+func (x *NotHealthCheckFilter) Reset() {
+	*x = NotHealthCheckFilter{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_config_accesslog_v3_accesslog_proto_msgTypes[5]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *NotHealthCheckFilter) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*NotHealthCheckFilter) ProtoMessage() {}
+
+func (x *NotHealthCheckFilter) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_config_accesslog_v3_accesslog_proto_msgTypes[5]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use NotHealthCheckFilter.ProtoReflect.Descriptor instead.
+func (*NotHealthCheckFilter) Descriptor() ([]byte, []int) {
+	return file_envoy_config_accesslog_v3_accesslog_proto_rawDescGZIP(), []int{5}
+}
+
+// Filters for requests that are traceable. See the tracing overview for more
+// information on how a request becomes traceable.
+type TraceableFilter struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+}
+
+func (x *TraceableFilter) Reset() {
+	*x = TraceableFilter{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_config_accesslog_v3_accesslog_proto_msgTypes[6]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *TraceableFilter) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*TraceableFilter) ProtoMessage() {}
+
+func (x *TraceableFilter) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_config_accesslog_v3_accesslog_proto_msgTypes[6]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use TraceableFilter.ProtoReflect.Descriptor instead.
+func (*TraceableFilter) Descriptor() ([]byte, []int) {
+	return file_envoy_config_accesslog_v3_accesslog_proto_rawDescGZIP(), []int{6}
+}
+
+// Filters for random sampling of requests.
+type RuntimeFilter struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// Runtime key to get an optional overridden numerator for use in the
+	// *percent_sampled* field. If found in runtime, this value will replace the
+	// default numerator.
+	RuntimeKey string `protobuf:"bytes,1,opt,name=runtime_key,json=runtimeKey,proto3" json:"runtime_key,omitempty"`
+	// The default sampling percentage. If not specified, defaults to 0% with
+	// denominator of 100.
+	PercentSampled *v31.FractionalPercent `protobuf:"bytes,2,opt,name=percent_sampled,json=percentSampled,proto3" json:"percent_sampled,omitempty"`
+	// By default, sampling pivots on the header
+	// :ref:`x-request-id<config_http_conn_man_headers_x-request-id>` being
+	// present. If :ref:`x-request-id<config_http_conn_man_headers_x-request-id>`
+	// is present, the filter will consistently sample across multiple hosts based
+	// on the runtime key value and the value extracted from
+	// :ref:`x-request-id<config_http_conn_man_headers_x-request-id>`. If it is
+	// missing, or *use_independent_randomness* is set to true, the filter will
+	// randomly sample based on the runtime key value alone.
+	// *use_independent_randomness* can be used for logging kill switches within
+	// complex nested :ref:`AndFilter
+	// <envoy_v3_api_msg_config.accesslog.v3.AndFilter>` and :ref:`OrFilter
+	// <envoy_v3_api_msg_config.accesslog.v3.OrFilter>` blocks that are easier to
+	// reason about from a probability perspective (i.e., setting to true will
+	// cause the filter to behave like an independent random variable when
+	// composed within logical operator filters).
+	UseIndependentRandomness bool `protobuf:"varint,3,opt,name=use_independent_randomness,json=useIndependentRandomness,proto3" json:"use_independent_randomness,omitempty"`
+}
+
+func (x *RuntimeFilter) Reset() {
+	*x = RuntimeFilter{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_config_accesslog_v3_accesslog_proto_msgTypes[7]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *RuntimeFilter) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*RuntimeFilter) ProtoMessage() {}
+
+func (x *RuntimeFilter) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_config_accesslog_v3_accesslog_proto_msgTypes[7]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use RuntimeFilter.ProtoReflect.Descriptor instead.
+func (*RuntimeFilter) Descriptor() ([]byte, []int) {
+	return file_envoy_config_accesslog_v3_accesslog_proto_rawDescGZIP(), []int{7}
+}
+
+func (x *RuntimeFilter) GetRuntimeKey() string {
+	if x != nil {
+		return x.RuntimeKey
+	}
+	return ""
+}
+
+func (x *RuntimeFilter) GetPercentSampled() *v31.FractionalPercent {
+	if x != nil {
+		return x.PercentSampled
+	}
+	return nil
+}
+
+func (x *RuntimeFilter) GetUseIndependentRandomness() bool {
+	if x != nil {
+		return x.UseIndependentRandomness
+	}
+	return false
+}
+
+// Performs a logical “and” operation on the result of each filter in filters.
+// Filters are evaluated sequentially and if one of them returns false, the
+// filter returns false immediately.
+type AndFilter struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	Filters []*AccessLogFilter `protobuf:"bytes,1,rep,name=filters,proto3" json:"filters,omitempty"`
+}
+
+func (x *AndFilter) Reset() {
+	*x = AndFilter{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_config_accesslog_v3_accesslog_proto_msgTypes[8]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *AndFilter) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*AndFilter) ProtoMessage() {}
+
+func (x *AndFilter) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_config_accesslog_v3_accesslog_proto_msgTypes[8]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use AndFilter.ProtoReflect.Descriptor instead.
+func (*AndFilter) Descriptor() ([]byte, []int) {
+	return file_envoy_config_accesslog_v3_accesslog_proto_rawDescGZIP(), []int{8}
+}
+
+func (x *AndFilter) GetFilters() []*AccessLogFilter {
+	if x != nil {
+		return x.Filters
+	}
+	return nil
+}
+
+// Performs a logical “or” operation on the result of each individual filter.
+// Filters are evaluated sequentially and if one of them returns true, the
+// filter returns true immediately.
+type OrFilter struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	Filters []*AccessLogFilter `protobuf:"bytes,2,rep,name=filters,proto3" json:"filters,omitempty"`
+}
+
+func (x *OrFilter) Reset() {
+	*x = OrFilter{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_config_accesslog_v3_accesslog_proto_msgTypes[9]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *OrFilter) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*OrFilter) ProtoMessage() {}
+
+func (x *OrFilter) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_config_accesslog_v3_accesslog_proto_msgTypes[9]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use OrFilter.ProtoReflect.Descriptor instead.
+func (*OrFilter) Descriptor() ([]byte, []int) {
+	return file_envoy_config_accesslog_v3_accesslog_proto_rawDescGZIP(), []int{9}
+}
+
+func (x *OrFilter) GetFilters() []*AccessLogFilter {
+	if x != nil {
+		return x.Filters
+	}
+	return nil
+}
+
+// Filters requests based on the presence or value of a request header.
+type HeaderFilter struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// Only requests with a header which matches the specified HeaderMatcher will
+	// pass the filter check.
+	Header *v32.HeaderMatcher `protobuf:"bytes,1,opt,name=header,proto3" json:"header,omitempty"`
+}
+
+func (x *HeaderFilter) Reset() {
+	*x = HeaderFilter{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_config_accesslog_v3_accesslog_proto_msgTypes[10]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *HeaderFilter) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*HeaderFilter) ProtoMessage() {}
+
+func (x *HeaderFilter) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_config_accesslog_v3_accesslog_proto_msgTypes[10]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use HeaderFilter.ProtoReflect.Descriptor instead.
+func (*HeaderFilter) Descriptor() ([]byte, []int) {
+	return file_envoy_config_accesslog_v3_accesslog_proto_rawDescGZIP(), []int{10}
+}
+
+func (x *HeaderFilter) GetHeader() *v32.HeaderMatcher {
+	if x != nil {
+		return x.Header
+	}
+	return nil
+}
+
+// Filters requests that received responses with an Envoy response flag set.
+// A list of the response flags can be found
+// in the access log formatter
+// :ref:`documentation<config_access_log_format_response_flags>`.
+type ResponseFlagFilter struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// Only responses with the any of the flags listed in this field will be
+	// logged. This field is optional. If it is not specified, then any response
+	// flag will pass the filter check.
+	Flags []string `protobuf:"bytes,1,rep,name=flags,proto3" json:"flags,omitempty"`
+}
+
+func (x *ResponseFlagFilter) Reset() {
+	*x = ResponseFlagFilter{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_config_accesslog_v3_accesslog_proto_msgTypes[11]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *ResponseFlagFilter) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*ResponseFlagFilter) ProtoMessage() {}
+
+func (x *ResponseFlagFilter) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_config_accesslog_v3_accesslog_proto_msgTypes[11]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use ResponseFlagFilter.ProtoReflect.Descriptor instead.
+func (*ResponseFlagFilter) Descriptor() ([]byte, []int) {
+	return file_envoy_config_accesslog_v3_accesslog_proto_rawDescGZIP(), []int{11}
+}
+
+func (x *ResponseFlagFilter) GetFlags() []string {
+	if x != nil {
+		return x.Flags
+	}
+	return nil
+}
+
+// Filters gRPC requests based on their response status. If a gRPC status is not
+// provided, the filter will infer the status from the HTTP status code.
+type GrpcStatusFilter struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// Logs only responses that have any one of the gRPC statuses in this field.
+	Statuses []GrpcStatusFilter_Status `protobuf:"varint,1,rep,packed,name=statuses,proto3,enum=envoy.config.accesslog.v3.GrpcStatusFilter_Status" json:"statuses,omitempty"`
+	// If included and set to true, the filter will instead block all responses
+	// with a gRPC status or inferred gRPC status enumerated in statuses, and
+	// allow all other responses.
+	Exclude bool `protobuf:"varint,2,opt,name=exclude,proto3" json:"exclude,omitempty"`
+}
+
+func (x *GrpcStatusFilter) Reset() {
+	*x = GrpcStatusFilter{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_config_accesslog_v3_accesslog_proto_msgTypes[12]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *GrpcStatusFilter) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*GrpcStatusFilter) ProtoMessage() {}
+
+func (x *GrpcStatusFilter) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_config_accesslog_v3_accesslog_proto_msgTypes[12]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use GrpcStatusFilter.ProtoReflect.Descriptor instead.
+func (*GrpcStatusFilter) Descriptor() ([]byte, []int) {
+	return file_envoy_config_accesslog_v3_accesslog_proto_rawDescGZIP(), []int{12}
+}
+
+func (x *GrpcStatusFilter) GetStatuses() []GrpcStatusFilter_Status {
+	if x != nil {
+		return x.Statuses
+	}
+	return nil
+}
+
+func (x *GrpcStatusFilter) GetExclude() bool {
+	if x != nil {
+		return x.Exclude
+	}
+	return false
+}
+
+// Filters based on matching dynamic metadata.
+// If the matcher path and key correspond to an existing key in dynamic
+// metadata, the request is logged only if the matcher value is equal to the
+// metadata value. If the matcher path and key *do not* correspond to an
+// existing key in dynamic metadata, the request is logged only if
+// match_if_key_not_found is "true" or unset.
+type MetadataFilter struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// Matcher to check metadata for specified value. For example, to match on the
+	// access_log_hint metadata, set the filter to "envoy.common" and the path to
+	// "access_log_hint", and the value to "true".
+	Matcher *v33.MetadataMatcher `protobuf:"bytes,1,opt,name=matcher,proto3" json:"matcher,omitempty"`
+	// Default result if the key does not exist in dynamic metadata: if unset or
+	// true, then log; if false, then don't log.
+	MatchIfKeyNotFound *wrappers.BoolValue `protobuf:"bytes,2,opt,name=match_if_key_not_found,json=matchIfKeyNotFound,proto3" json:"match_if_key_not_found,omitempty"`
+}
+
+func (x *MetadataFilter) Reset() {
+	*x = MetadataFilter{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_config_accesslog_v3_accesslog_proto_msgTypes[13]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *MetadataFilter) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*MetadataFilter) ProtoMessage() {}
+
+func (x *MetadataFilter) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_config_accesslog_v3_accesslog_proto_msgTypes[13]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use MetadataFilter.ProtoReflect.Descriptor instead.
+func (*MetadataFilter) Descriptor() ([]byte, []int) {
+	return file_envoy_config_accesslog_v3_accesslog_proto_rawDescGZIP(), []int{13}
+}
+
+func (x *MetadataFilter) GetMatcher() *v33.MetadataMatcher {
+	if x != nil {
+		return x.Matcher
+	}
+	return nil
+}
+
+func (x *MetadataFilter) GetMatchIfKeyNotFound() *wrappers.BoolValue {
+	if x != nil {
+		return x.MatchIfKeyNotFound
+	}
+	return nil
+}
+
+// Extension filter is statically registered at runtime.
+type ExtensionFilter struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// The name of the filter implementation to instantiate. The name must
+	// match a statically registered filter.
+	Name string `protobuf:"bytes,1,opt,name=name,proto3" json:"name,omitempty"`
+	// Custom configuration that depends on the filter being instantiated.
+	//
+	// Types that are assignable to ConfigType:
+	//	*ExtensionFilter_TypedConfig
+	ConfigType isExtensionFilter_ConfigType `protobuf_oneof:"config_type"`
+}
+
+func (x *ExtensionFilter) Reset() {
+	*x = ExtensionFilter{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_config_accesslog_v3_accesslog_proto_msgTypes[14]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *ExtensionFilter) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*ExtensionFilter) ProtoMessage() {}
+
+func (x *ExtensionFilter) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_config_accesslog_v3_accesslog_proto_msgTypes[14]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use ExtensionFilter.ProtoReflect.Descriptor instead.
+func (*ExtensionFilter) Descriptor() ([]byte, []int) {
+	return file_envoy_config_accesslog_v3_accesslog_proto_rawDescGZIP(), []int{14}
+}
+
+func (x *ExtensionFilter) GetName() string {
+	if x != nil {
+		return x.Name
+	}
+	return ""
+}
+
+func (m *ExtensionFilter) GetConfigType() isExtensionFilter_ConfigType {
+	if m != nil {
+		return m.ConfigType
+	}
+	return nil
+}
+
+func (x *ExtensionFilter) GetTypedConfig() *any.Any {
+	if x, ok := x.GetConfigType().(*ExtensionFilter_TypedConfig); ok {
+		return x.TypedConfig
+	}
+	return nil
+}
+
+type isExtensionFilter_ConfigType interface {
+	isExtensionFilter_ConfigType()
+}
+
+type ExtensionFilter_TypedConfig struct {
+	TypedConfig *any.Any `protobuf:"bytes,3,opt,name=typed_config,json=typedConfig,proto3,oneof"`
+}
+
+func (*ExtensionFilter_TypedConfig) isExtensionFilter_ConfigType() {}
+
+var File_envoy_config_accesslog_v3_accesslog_proto protoreflect.FileDescriptor
+
+var file_envoy_config_accesslog_v3_accesslog_proto_rawDesc = []byte{
+	0x0a, 0x29, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2f, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2f, 0x61,
+	0x63, 0x63, 0x65, 0x73, 0x73, 0x6c, 0x6f, 0x67, 0x2f, 0x76, 0x33, 0x2f, 0x61, 0x63, 0x63, 0x65,
+	0x73, 0x73, 0x6c, 0x6f, 0x67, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x12, 0x19, 0x65, 0x6e, 0x76,
+	0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x61, 0x63, 0x63, 0x65, 0x73, 0x73,
+	0x6c, 0x6f, 0x67, 0x2e, 0x76, 0x33, 0x1a, 0x1f, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2f, 0x63, 0x6f,
+	0x6e, 0x66, 0x69, 0x67, 0x2f, 0x63, 0x6f, 0x72, 0x65, 0x2f, 0x76, 0x33, 0x2f, 0x62, 0x61, 0x73,
+	0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x2c, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2f, 0x63,
+	0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2f, 0x72, 0x6f, 0x75, 0x74, 0x65, 0x2f, 0x76, 0x33, 0x2f, 0x72,
+	0x6f, 0x75, 0x74, 0x65, 0x5f, 0x63, 0x6f, 0x6d, 0x70, 0x6f, 0x6e, 0x65, 0x6e, 0x74, 0x73, 0x2e,
+	0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x24, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2f, 0x74, 0x79, 0x70,
+	0x65, 0x2f, 0x6d, 0x61, 0x74, 0x63, 0x68, 0x65, 0x72, 0x2f, 0x76, 0x33, 0x2f, 0x6d, 0x65, 0x74,
+	0x61, 0x64, 0x61, 0x74, 0x61, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x1b, 0x65, 0x6e, 0x76,
+	0x6f, 0x79, 0x2f, 0x74, 0x79, 0x70, 0x65, 0x2f, 0x76, 0x33, 0x2f, 0x70, 0x65, 0x72, 0x63, 0x65,
+	0x6e, 0x74, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x19, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65,
+	0x2f, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2f, 0x61, 0x6e, 0x79, 0x2e, 0x70, 0x72,
+	0x6f, 0x74, 0x6f, 0x1a, 0x1e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2f, 0x70, 0x72, 0x6f, 0x74,
+	0x6f, 0x62, 0x75, 0x66, 0x2f, 0x77, 0x72, 0x61, 0x70, 0x70, 0x65, 0x72, 0x73, 0x2e, 0x70, 0x72,
+	0x6f, 0x74, 0x6f, 0x1a, 0x1d, 0x75, 0x64, 0x70, 0x61, 0x2f, 0x61, 0x6e, 0x6e, 0x6f, 0x74, 0x61,
+	0x74, 0x69, 0x6f, 0x6e, 0x73, 0x2f, 0x73, 0x74, 0x61, 0x74, 0x75, 0x73, 0x2e, 0x70, 0x72, 0x6f,
+	0x74, 0x6f, 0x1a, 0x21, 0x75, 0x64, 0x70, 0x61, 0x2f, 0x61, 0x6e, 0x6e, 0x6f, 0x74, 0x61, 0x74,
+	0x69, 0x6f, 0x6e, 0x73, 0x2f, 0x76, 0x65, 0x72, 0x73, 0x69, 0x6f, 0x6e, 0x69, 0x6e, 0x67, 0x2e,
+	0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x17, 0x76, 0x61, 0x6c, 0x69, 0x64, 0x61, 0x74, 0x65, 0x2f,
+	0x76, 0x61, 0x6c, 0x69, 0x64, 0x61, 0x74, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x22, 0xee,
+	0x01, 0x0a, 0x09, 0x41, 0x63, 0x63, 0x65, 0x73, 0x73, 0x4c, 0x6f, 0x67, 0x12, 0x12, 0x0a, 0x04,
+	0x6e, 0x61, 0x6d, 0x65, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x04, 0x6e, 0x61, 0x6d, 0x65,
+	0x12, 0x42, 0x0a, 0x06, 0x66, 0x69, 0x6c, 0x74, 0x65, 0x72, 0x18, 0x02, 0x20, 0x01, 0x28, 0x0b,
+	0x32, 0x2a, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e,
+	0x61, 0x63, 0x63, 0x65, 0x73, 0x73, 0x6c, 0x6f, 0x67, 0x2e, 0x76, 0x33, 0x2e, 0x41, 0x63, 0x63,
+	0x65, 0x73, 0x73, 0x4c, 0x6f, 0x67, 0x46, 0x69, 0x6c, 0x74, 0x65, 0x72, 0x52, 0x06, 0x66, 0x69,
+	0x6c, 0x74, 0x65, 0x72, 0x12, 0x39, 0x0a, 0x0c, 0x74, 0x79, 0x70, 0x65, 0x64, 0x5f, 0x63, 0x6f,
+	0x6e, 0x66, 0x69, 0x67, 0x18, 0x04, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x14, 0x2e, 0x67, 0x6f, 0x6f,
+	0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x41, 0x6e, 0x79,
+	0x48, 0x00, 0x52, 0x0b, 0x74, 0x79, 0x70, 0x65, 0x64, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x3a,
+	0x31, 0x9a, 0xc5, 0x88, 0x1e, 0x2c, 0x0a, 0x2a, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f,
+	0x6e, 0x66, 0x69, 0x67, 0x2e, 0x66, 0x69, 0x6c, 0x74, 0x65, 0x72, 0x2e, 0x61, 0x63, 0x63, 0x65,
+	0x73, 0x73, 0x6c, 0x6f, 0x67, 0x2e, 0x76, 0x32, 0x2e, 0x41, 0x63, 0x63, 0x65, 0x73, 0x73, 0x4c,
+	0x6f, 0x67, 0x42, 0x0d, 0x0a, 0x0b, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x5f, 0x74, 0x79, 0x70,
+	0x65, 0x4a, 0x04, 0x08, 0x03, 0x10, 0x04, 0x52, 0x06, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x22,
+	0xf6, 0x08, 0x0a, 0x0f, 0x41, 0x63, 0x63, 0x65, 0x73, 0x73, 0x4c, 0x6f, 0x67, 0x46, 0x69, 0x6c,
+	0x74, 0x65, 0x72, 0x12, 0x5b, 0x0a, 0x12, 0x73, 0x74, 0x61, 0x74, 0x75, 0x73, 0x5f, 0x63, 0x6f,
+	0x64, 0x65, 0x5f, 0x66, 0x69, 0x6c, 0x74, 0x65, 0x72, 0x18, 0x01, 0x20, 0x01, 0x28, 0x0b, 0x32,
+	0x2b, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x61,
+	0x63, 0x63, 0x65, 0x73, 0x73, 0x6c, 0x6f, 0x67, 0x2e, 0x76, 0x33, 0x2e, 0x53, 0x74, 0x61, 0x74,
+	0x75, 0x73, 0x43, 0x6f, 0x64, 0x65, 0x46, 0x69, 0x6c, 0x74, 0x65, 0x72, 0x48, 0x00, 0x52, 0x10,
+	0x73, 0x74, 0x61, 0x74, 0x75, 0x73, 0x43, 0x6f, 0x64, 0x65, 0x46, 0x69, 0x6c, 0x74, 0x65, 0x72,
+	0x12, 0x54, 0x0a, 0x0f, 0x64, 0x75, 0x72, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x5f, 0x66, 0x69, 0x6c,
+	0x74, 0x65, 0x72, 0x18, 0x02, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x29, 0x2e, 0x65, 0x6e, 0x76, 0x6f,
+	0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x61, 0x63, 0x63, 0x65, 0x73, 0x73, 0x6c,
+	0x6f, 0x67, 0x2e, 0x76, 0x33, 0x2e, 0x44, 0x75, 0x72, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x46, 0x69,
+	0x6c, 0x74, 0x65, 0x72, 0x48, 0x00, 0x52, 0x0e, 0x64, 0x75, 0x72, 0x61, 0x74, 0x69, 0x6f, 0x6e,
+	0x46, 0x69, 0x6c, 0x74, 0x65, 0x72, 0x12, 0x68, 0x0a, 0x17, 0x6e, 0x6f, 0x74, 0x5f, 0x68, 0x65,
+	0x61, 0x6c, 0x74, 0x68, 0x5f, 0x63, 0x68, 0x65, 0x63, 0x6b, 0x5f, 0x66, 0x69, 0x6c, 0x74, 0x65,
+	0x72, 0x18, 0x03, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x2f, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e,
+	0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x61, 0x63, 0x63, 0x65, 0x73, 0x73, 0x6c, 0x6f, 0x67,
+	0x2e, 0x76, 0x33, 0x2e, 0x4e, 0x6f, 0x74, 0x48, 0x65, 0x61, 0x6c, 0x74, 0x68, 0x43, 0x68, 0x65,
+	0x63, 0x6b, 0x46, 0x69, 0x6c, 0x74, 0x65, 0x72, 0x48, 0x00, 0x52, 0x14, 0x6e, 0x6f, 0x74, 0x48,
+	0x65, 0x61, 0x6c, 0x74, 0x68, 0x43, 0x68, 0x65, 0x63, 0x6b, 0x46, 0x69, 0x6c, 0x74, 0x65, 0x72,
+	0x12, 0x57, 0x0a, 0x10, 0x74, 0x72, 0x61, 0x63, 0x65, 0x61, 0x62, 0x6c, 0x65, 0x5f, 0x66, 0x69,
+	0x6c, 0x74, 0x65, 0x72, 0x18, 0x04, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x2a, 0x2e, 0x65, 0x6e, 0x76,
+	0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x61, 0x63, 0x63, 0x65, 0x73, 0x73,
+	0x6c, 0x6f, 0x67, 0x2e, 0x76, 0x33, 0x2e, 0x54, 0x72, 0x61, 0x63, 0x65, 0x61, 0x62, 0x6c, 0x65,
+	0x46, 0x69, 0x6c, 0x74, 0x65, 0x72, 0x48, 0x00, 0x52, 0x0f, 0x74, 0x72, 0x61, 0x63, 0x65, 0x61,
+	0x62, 0x6c, 0x65, 0x46, 0x69, 0x6c, 0x74, 0x65, 0x72, 0x12, 0x51, 0x0a, 0x0e, 0x72, 0x75, 0x6e,
+	0x74, 0x69, 0x6d, 0x65, 0x5f, 0x66, 0x69, 0x6c, 0x74, 0x65, 0x72, 0x18, 0x05, 0x20, 0x01, 0x28,
+	0x0b, 0x32, 0x28, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67,
+	0x2e, 0x61, 0x63, 0x63, 0x65, 0x73, 0x73, 0x6c, 0x6f, 0x67, 0x2e, 0x76, 0x33, 0x2e, 0x52, 0x75,
+	0x6e, 0x74, 0x69, 0x6d, 0x65, 0x46, 0x69, 0x6c, 0x74, 0x65, 0x72, 0x48, 0x00, 0x52, 0x0d, 0x72,
+	0x75, 0x6e, 0x74, 0x69, 0x6d, 0x65, 0x46, 0x69, 0x6c, 0x74, 0x65, 0x72, 0x12, 0x45, 0x0a, 0x0a,
+	0x61, 0x6e, 0x64, 0x5f, 0x66, 0x69, 0x6c, 0x74, 0x65, 0x72, 0x18, 0x06, 0x20, 0x01, 0x28, 0x0b,
+	0x32, 0x24, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e,
+	0x61, 0x63, 0x63, 0x65, 0x73, 0x73, 0x6c, 0x6f, 0x67, 0x2e, 0x76, 0x33, 0x2e, 0x41, 0x6e, 0x64,
+	0x46, 0x69, 0x6c, 0x74, 0x65, 0x72, 0x48, 0x00, 0x52, 0x09, 0x61, 0x6e, 0x64, 0x46, 0x69, 0x6c,
+	0x74, 0x65, 0x72, 0x12, 0x42, 0x0a, 0x09, 0x6f, 0x72, 0x5f, 0x66, 0x69, 0x6c, 0x74, 0x65, 0x72,
+	0x18, 0x07, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x23, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63,
+	0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x61, 0x63, 0x63, 0x65, 0x73, 0x73, 0x6c, 0x6f, 0x67, 0x2e,
+	0x76, 0x33, 0x2e, 0x4f, 0x72, 0x46, 0x69, 0x6c, 0x74, 0x65, 0x72, 0x48, 0x00, 0x52, 0x08, 0x6f,
+	0x72, 0x46, 0x69, 0x6c, 0x74, 0x65, 0x72, 0x12, 0x4e, 0x0a, 0x0d, 0x68, 0x65, 0x61, 0x64, 0x65,
+	0x72, 0x5f, 0x66, 0x69, 0x6c, 0x74, 0x65, 0x72, 0x18, 0x08, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x27,
+	0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x61, 0x63,
+	0x63, 0x65, 0x73, 0x73, 0x6c, 0x6f, 0x67, 0x2e, 0x76, 0x33, 0x2e, 0x48, 0x65, 0x61, 0x64, 0x65,
+	0x72, 0x46, 0x69, 0x6c, 0x74, 0x65, 0x72, 0x48, 0x00, 0x52, 0x0c, 0x68, 0x65, 0x61, 0x64, 0x65,
+	0x72, 0x46, 0x69, 0x6c, 0x74, 0x65, 0x72, 0x12, 0x61, 0x0a, 0x14, 0x72, 0x65, 0x73, 0x70, 0x6f,
+	0x6e, 0x73, 0x65, 0x5f, 0x66, 0x6c, 0x61, 0x67, 0x5f, 0x66, 0x69, 0x6c, 0x74, 0x65, 0x72, 0x18,
+	0x09, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x2d, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f,
+	0x6e, 0x66, 0x69, 0x67, 0x2e, 0x61, 0x63, 0x63, 0x65, 0x73, 0x73, 0x6c, 0x6f, 0x67, 0x2e, 0x76,
+	0x33, 0x2e, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x46, 0x6c, 0x61, 0x67, 0x46, 0x69,
+	0x6c, 0x74, 0x65, 0x72, 0x48, 0x00, 0x52, 0x12, 0x72, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65,
+	0x46, 0x6c, 0x61, 0x67, 0x46, 0x69, 0x6c, 0x74, 0x65, 0x72, 0x12, 0x5b, 0x0a, 0x12, 0x67, 0x72,
+	0x70, 0x63, 0x5f, 0x73, 0x74, 0x61, 0x74, 0x75, 0x73, 0x5f, 0x66, 0x69, 0x6c, 0x74, 0x65, 0x72,
+	0x18, 0x0a, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x2b, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63,
+	0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x61, 0x63, 0x63, 0x65, 0x73, 0x73, 0x6c, 0x6f, 0x67, 0x2e,
+	0x76, 0x33, 0x2e, 0x47, 0x72, 0x70, 0x63, 0x53, 0x74, 0x61, 0x74, 0x75, 0x73, 0x46, 0x69, 0x6c,
+	0x74, 0x65, 0x72, 0x48, 0x00, 0x52, 0x10, 0x67, 0x72, 0x70, 0x63, 0x53, 0x74, 0x61, 0x74, 0x75,
+	0x73, 0x46, 0x69, 0x6c, 0x74, 0x65, 0x72, 0x12, 0x57, 0x0a, 0x10, 0x65, 0x78, 0x74, 0x65, 0x6e,
+	0x73, 0x69, 0x6f, 0x6e, 0x5f, 0x66, 0x69, 0x6c, 0x74, 0x65, 0x72, 0x18, 0x0b, 0x20, 0x01, 0x28,
+	0x0b, 0x32, 0x2a, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67,
+	0x2e, 0x61, 0x63, 0x63, 0x65, 0x73, 0x73, 0x6c, 0x6f, 0x67, 0x2e, 0x76, 0x33, 0x2e, 0x45, 0x78,
+	0x74, 0x65, 0x6e, 0x73, 0x69, 0x6f, 0x6e, 0x46, 0x69, 0x6c, 0x74, 0x65, 0x72, 0x48, 0x00, 0x52,
+	0x0f, 0x65, 0x78, 0x74, 0x65, 0x6e, 0x73, 0x69, 0x6f, 0x6e, 0x46, 0x69, 0x6c, 0x74, 0x65, 0x72,
+	0x12, 0x54, 0x0a, 0x0f, 0x6d, 0x65, 0x74, 0x61, 0x64, 0x61, 0x74, 0x61, 0x5f, 0x66, 0x69, 0x6c,
+	0x74, 0x65, 0x72, 0x18, 0x0c, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x29, 0x2e, 0x65, 0x6e, 0x76, 0x6f,
+	0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x61, 0x63, 0x63, 0x65, 0x73, 0x73, 0x6c,
+	0x6f, 0x67, 0x2e, 0x76, 0x33, 0x2e, 0x4d, 0x65, 0x74, 0x61, 0x64, 0x61, 0x74, 0x61, 0x46, 0x69,
+	0x6c, 0x74, 0x65, 0x72, 0x48, 0x00, 0x52, 0x0e, 0x6d, 0x65, 0x74, 0x61, 0x64, 0x61, 0x74, 0x61,
+	0x46, 0x69, 0x6c, 0x74, 0x65, 0x72, 0x3a, 0x37, 0x9a, 0xc5, 0x88, 0x1e, 0x32, 0x0a, 0x30, 0x65,
+	0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x66, 0x69, 0x6c, 0x74,
+	0x65, 0x72, 0x2e, 0x61, 0x63, 0x63, 0x65, 0x73, 0x73, 0x6c, 0x6f, 0x67, 0x2e, 0x76, 0x32, 0x2e,
+	0x41, 0x63, 0x63, 0x65, 0x73, 0x73, 0x4c, 0x6f, 0x67, 0x46, 0x69, 0x6c, 0x74, 0x65, 0x72, 0x42,
+	0x17, 0x0a, 0x10, 0x66, 0x69, 0x6c, 0x74, 0x65, 0x72, 0x5f, 0x73, 0x70, 0x65, 0x63, 0x69, 0x66,
+	0x69, 0x65, 0x72, 0x12, 0x03, 0xf8, 0x42, 0x01, 0x22, 0xef, 0x01, 0x0a, 0x10, 0x43, 0x6f, 0x6d,
+	0x70, 0x61, 0x72, 0x69, 0x73, 0x6f, 0x6e, 0x46, 0x69, 0x6c, 0x74, 0x65, 0x72, 0x12, 0x48, 0x0a,
+	0x02, 0x6f, 0x70, 0x18, 0x01, 0x20, 0x01, 0x28, 0x0e, 0x32, 0x2e, 0x2e, 0x65, 0x6e, 0x76, 0x6f,
+	0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x61, 0x63, 0x63, 0x65, 0x73, 0x73, 0x6c,
+	0x6f, 0x67, 0x2e, 0x76, 0x33, 0x2e, 0x43, 0x6f, 0x6d, 0x70, 0x61, 0x72, 0x69, 0x73, 0x6f, 0x6e,
+	0x46, 0x69, 0x6c, 0x74, 0x65, 0x72, 0x2e, 0x4f, 0x70, 0x42, 0x08, 0xfa, 0x42, 0x05, 0x82, 0x01,
+	0x02, 0x10, 0x01, 0x52, 0x02, 0x6f, 0x70, 0x12, 0x39, 0x0a, 0x05, 0x76, 0x61, 0x6c, 0x75, 0x65,
+	0x18, 0x02, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x23, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63,
+	0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x63, 0x6f, 0x72, 0x65, 0x2e, 0x76, 0x33, 0x2e, 0x52, 0x75,
+	0x6e, 0x74, 0x69, 0x6d, 0x65, 0x55, 0x49, 0x6e, 0x74, 0x33, 0x32, 0x52, 0x05, 0x76, 0x61, 0x6c,
+	0x75, 0x65, 0x22, 0x1c, 0x0a, 0x02, 0x4f, 0x70, 0x12, 0x06, 0x0a, 0x02, 0x45, 0x51, 0x10, 0x00,
+	0x12, 0x06, 0x0a, 0x02, 0x47, 0x45, 0x10, 0x01, 0x12, 0x06, 0x0a, 0x02, 0x4c, 0x45, 0x10, 0x02,
+	0x3a, 0x38, 0x9a, 0xc5, 0x88, 0x1e, 0x33, 0x0a, 0x31, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63,
+	0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x66, 0x69, 0x6c, 0x74, 0x65, 0x72, 0x2e, 0x61, 0x63, 0x63,
+	0x65, 0x73, 0x73, 0x6c, 0x6f, 0x67, 0x2e, 0x76, 0x32, 0x2e, 0x43, 0x6f, 0x6d, 0x70, 0x61, 0x72,
+	0x69, 0x73, 0x6f, 0x6e, 0x46, 0x69, 0x6c, 0x74, 0x65, 0x72, 0x22, 0xa3, 0x01, 0x0a, 0x10, 0x53,
+	0x74, 0x61, 0x74, 0x75, 0x73, 0x43, 0x6f, 0x64, 0x65, 0x46, 0x69, 0x6c, 0x74, 0x65, 0x72, 0x12,
+	0x55, 0x0a, 0x0a, 0x63, 0x6f, 0x6d, 0x70, 0x61, 0x72, 0x69, 0x73, 0x6f, 0x6e, 0x18, 0x01, 0x20,
+	0x01, 0x28, 0x0b, 0x32, 0x2b, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66,
+	0x69, 0x67, 0x2e, 0x61, 0x63, 0x63, 0x65, 0x73, 0x73, 0x6c, 0x6f, 0x67, 0x2e, 0x76, 0x33, 0x2e,
+	0x43, 0x6f, 0x6d, 0x70, 0x61, 0x72, 0x69, 0x73, 0x6f, 0x6e, 0x46, 0x69, 0x6c, 0x74, 0x65, 0x72,
+	0x42, 0x08, 0xfa, 0x42, 0x05, 0x8a, 0x01, 0x02, 0x10, 0x01, 0x52, 0x0a, 0x63, 0x6f, 0x6d, 0x70,
+	0x61, 0x72, 0x69, 0x73, 0x6f, 0x6e, 0x3a, 0x38, 0x9a, 0xc5, 0x88, 0x1e, 0x33, 0x0a, 0x31, 0x65,
+	0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x66, 0x69, 0x6c, 0x74,
+	0x65, 0x72, 0x2e, 0x61, 0x63, 0x63, 0x65, 0x73, 0x73, 0x6c, 0x6f, 0x67, 0x2e, 0x76, 0x32, 0x2e,
+	0x53, 0x74, 0x61, 0x74, 0x75, 0x73, 0x43, 0x6f, 0x64, 0x65, 0x46, 0x69, 0x6c, 0x74, 0x65, 0x72,
+	0x22, 0x9f, 0x01, 0x0a, 0x0e, 0x44, 0x75, 0x72, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x46, 0x69, 0x6c,
+	0x74, 0x65, 0x72, 0x12, 0x55, 0x0a, 0x0a, 0x63, 0x6f, 0x6d, 0x70, 0x61, 0x72, 0x69, 0x73, 0x6f,
+	0x6e, 0x18, 0x01, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x2b, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e,
+	0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x61, 0x63, 0x63, 0x65, 0x73, 0x73, 0x6c, 0x6f, 0x67,
+	0x2e, 0x76, 0x33, 0x2e, 0x43, 0x6f, 0x6d, 0x70, 0x61, 0x72, 0x69, 0x73, 0x6f, 0x6e, 0x46, 0x69,
+	0x6c, 0x74, 0x65, 0x72, 0x42, 0x08, 0xfa, 0x42, 0x05, 0x8a, 0x01, 0x02, 0x10, 0x01, 0x52, 0x0a,
+	0x63, 0x6f, 0x6d, 0x70, 0x61, 0x72, 0x69, 0x73, 0x6f, 0x6e, 0x3a, 0x36, 0x9a, 0xc5, 0x88, 0x1e,
+	0x31, 0x0a, 0x2f, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e,
+	0x66, 0x69, 0x6c, 0x74, 0x65, 0x72, 0x2e, 0x61, 0x63, 0x63, 0x65, 0x73, 0x73, 0x6c, 0x6f, 0x67,
+	0x2e, 0x76, 0x32, 0x2e, 0x44, 0x75, 0x72, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x46, 0x69, 0x6c, 0x74,
+	0x65, 0x72, 0x22, 0x54, 0x0a, 0x14, 0x4e, 0x6f, 0x74, 0x48, 0x65, 0x61, 0x6c, 0x74, 0x68, 0x43,
+	0x68, 0x65, 0x63, 0x6b, 0x46, 0x69, 0x6c, 0x74, 0x65, 0x72, 0x3a, 0x3c, 0x9a, 0xc5, 0x88, 0x1e,
+	0x37, 0x0a, 0x35, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e,
+	0x66, 0x69, 0x6c, 0x74, 0x65, 0x72, 0x2e, 0x61, 0x63, 0x63, 0x65, 0x73, 0x73, 0x6c, 0x6f, 0x67,
+	0x2e, 0x76, 0x32, 0x2e, 0x4e, 0x6f, 0x74, 0x48, 0x65, 0x61, 0x6c, 0x74, 0x68, 0x43, 0x68, 0x65,
+	0x63, 0x6b, 0x46, 0x69, 0x6c, 0x74, 0x65, 0x72, 0x22, 0x4a, 0x0a, 0x0f, 0x54, 0x72, 0x61, 0x63,
+	0x65, 0x61, 0x62, 0x6c, 0x65, 0x46, 0x69, 0x6c, 0x74, 0x65, 0x72, 0x3a, 0x37, 0x9a, 0xc5, 0x88,
+	0x1e, 0x32, 0x0a, 0x30, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67,
+	0x2e, 0x66, 0x69, 0x6c, 0x74, 0x65, 0x72, 0x2e, 0x61, 0x63, 0x63, 0x65, 0x73, 0x73, 0x6c, 0x6f,
+	0x67, 0x2e, 0x76, 0x32, 0x2e, 0x54, 0x72, 0x61, 0x63, 0x65, 0x61, 0x62, 0x6c, 0x65, 0x46, 0x69,
+	0x6c, 0x74, 0x65, 0x72, 0x22, 0xf9, 0x01, 0x0a, 0x0d, 0x52, 0x75, 0x6e, 0x74, 0x69, 0x6d, 0x65,
+	0x46, 0x69, 0x6c, 0x74, 0x65, 0x72, 0x12, 0x28, 0x0a, 0x0b, 0x72, 0x75, 0x6e, 0x74, 0x69, 0x6d,
+	0x65, 0x5f, 0x6b, 0x65, 0x79, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x42, 0x07, 0xfa, 0x42, 0x04,
+	0x72, 0x02, 0x10, 0x01, 0x52, 0x0a, 0x72, 0x75, 0x6e, 0x74, 0x69, 0x6d, 0x65, 0x4b, 0x65, 0x79,
+	0x12, 0x49, 0x0a, 0x0f, 0x70, 0x65, 0x72, 0x63, 0x65, 0x6e, 0x74, 0x5f, 0x73, 0x61, 0x6d, 0x70,
+	0x6c, 0x65, 0x64, 0x18, 0x02, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x20, 0x2e, 0x65, 0x6e, 0x76, 0x6f,
+	0x79, 0x2e, 0x74, 0x79, 0x70, 0x65, 0x2e, 0x76, 0x33, 0x2e, 0x46, 0x72, 0x61, 0x63, 0x74, 0x69,
+	0x6f, 0x6e, 0x61, 0x6c, 0x50, 0x65, 0x72, 0x63, 0x65, 0x6e, 0x74, 0x52, 0x0e, 0x70, 0x65, 0x72,
+	0x63, 0x65, 0x6e, 0x74, 0x53, 0x61, 0x6d, 0x70, 0x6c, 0x65, 0x64, 0x12, 0x3c, 0x0a, 0x1a, 0x75,
+	0x73, 0x65, 0x5f, 0x69, 0x6e, 0x64, 0x65, 0x70, 0x65, 0x6e, 0x64, 0x65, 0x6e, 0x74, 0x5f, 0x72,
+	0x61, 0x6e, 0x64, 0x6f, 0x6d, 0x6e, 0x65, 0x73, 0x73, 0x18, 0x03, 0x20, 0x01, 0x28, 0x08, 0x52,
+	0x18, 0x75, 0x73, 0x65, 0x49, 0x6e, 0x64, 0x65, 0x70, 0x65, 0x6e, 0x64, 0x65, 0x6e, 0x74, 0x52,
+	0x61, 0x6e, 0x64, 0x6f, 0x6d, 0x6e, 0x65, 0x73, 0x73, 0x3a, 0x35, 0x9a, 0xc5, 0x88, 0x1e, 0x30,
+	0x0a, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x66,
+	0x69, 0x6c, 0x74, 0x65, 0x72, 0x2e, 0x61, 0x63, 0x63, 0x65, 0x73, 0x73, 0x6c, 0x6f, 0x67, 0x2e,
+	0x76, 0x32, 0x2e, 0x52, 0x75, 0x6e, 0x74, 0x69, 0x6d, 0x65, 0x46, 0x69, 0x6c, 0x74, 0x65, 0x72,
+	0x22, 0x8e, 0x01, 0x0a, 0x09, 0x41, 0x6e, 0x64, 0x46, 0x69, 0x6c, 0x74, 0x65, 0x72, 0x12, 0x4e,
+	0x0a, 0x07, 0x66, 0x69, 0x6c, 0x74, 0x65, 0x72, 0x73, 0x18, 0x01, 0x20, 0x03, 0x28, 0x0b, 0x32,
+	0x2a, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x61,
+	0x63, 0x63, 0x65, 0x73, 0x73, 0x6c, 0x6f, 0x67, 0x2e, 0x76, 0x33, 0x2e, 0x41, 0x63, 0x63, 0x65,
+	0x73, 0x73, 0x4c, 0x6f, 0x67, 0x46, 0x69, 0x6c, 0x74, 0x65, 0x72, 0x42, 0x08, 0xfa, 0x42, 0x05,
+	0x92, 0x01, 0x02, 0x08, 0x02, 0x52, 0x07, 0x66, 0x69, 0x6c, 0x74, 0x65, 0x72, 0x73, 0x3a, 0x31,
+	0x9a, 0xc5, 0x88, 0x1e, 0x2c, 0x0a, 0x2a, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e,
+	0x66, 0x69, 0x67, 0x2e, 0x66, 0x69, 0x6c, 0x74, 0x65, 0x72, 0x2e, 0x61, 0x63, 0x63, 0x65, 0x73,
+	0x73, 0x6c, 0x6f, 0x67, 0x2e, 0x76, 0x32, 0x2e, 0x41, 0x6e, 0x64, 0x46, 0x69, 0x6c, 0x74, 0x65,
+	0x72, 0x22, 0x8c, 0x01, 0x0a, 0x08, 0x4f, 0x72, 0x46, 0x69, 0x6c, 0x74, 0x65, 0x72, 0x12, 0x4e,
+	0x0a, 0x07, 0x66, 0x69, 0x6c, 0x74, 0x65, 0x72, 0x73, 0x18, 0x02, 0x20, 0x03, 0x28, 0x0b, 0x32,
+	0x2a, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x61,
+	0x63, 0x63, 0x65, 0x73, 0x73, 0x6c, 0x6f, 0x67, 0x2e, 0x76, 0x33, 0x2e, 0x41, 0x63, 0x63, 0x65,
+	0x73, 0x73, 0x4c, 0x6f, 0x67, 0x46, 0x69, 0x6c, 0x74, 0x65, 0x72, 0x42, 0x08, 0xfa, 0x42, 0x05,
+	0x92, 0x01, 0x02, 0x08, 0x02, 0x52, 0x07, 0x66, 0x69, 0x6c, 0x74, 0x65, 0x72, 0x73, 0x3a, 0x30,
+	0x9a, 0xc5, 0x88, 0x1e, 0x2b, 0x0a, 0x29, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e,
+	0x66, 0x69, 0x67, 0x2e, 0x66, 0x69, 0x6c, 0x74, 0x65, 0x72, 0x2e, 0x61, 0x63, 0x63, 0x65, 0x73,
+	0x73, 0x6c, 0x6f, 0x67, 0x2e, 0x76, 0x32, 0x2e, 0x4f, 0x72, 0x46, 0x69, 0x6c, 0x74, 0x65, 0x72,
+	0x22, 0x8c, 0x01, 0x0a, 0x0c, 0x48, 0x65, 0x61, 0x64, 0x65, 0x72, 0x46, 0x69, 0x6c, 0x74, 0x65,
+	0x72, 0x12, 0x46, 0x0a, 0x06, 0x68, 0x65, 0x61, 0x64, 0x65, 0x72, 0x18, 0x01, 0x20, 0x01, 0x28,
+	0x0b, 0x32, 0x24, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67,
+	0x2e, 0x72, 0x6f, 0x75, 0x74, 0x65, 0x2e, 0x76, 0x33, 0x2e, 0x48, 0x65, 0x61, 0x64, 0x65, 0x72,
+	0x4d, 0x61, 0x74, 0x63, 0x68, 0x65, 0x72, 0x42, 0x08, 0xfa, 0x42, 0x05, 0x8a, 0x01, 0x02, 0x10,
+	0x01, 0x52, 0x06, 0x68, 0x65, 0x61, 0x64, 0x65, 0x72, 0x3a, 0x34, 0x9a, 0xc5, 0x88, 0x1e, 0x2f,
+	0x0a, 0x2d, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x66,
+	0x69, 0x6c, 0x74, 0x65, 0x72, 0x2e, 0x61, 0x63, 0x63, 0x65, 0x73, 0x73, 0x6c, 0x6f, 0x67, 0x2e,
+	0x76, 0x32, 0x2e, 0x48, 0x65, 0x61, 0x64, 0x65, 0x72, 0x46, 0x69, 0x6c, 0x74, 0x65, 0x72, 0x22,
+	0xea, 0x01, 0x0a, 0x12, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x46, 0x6c, 0x61, 0x67,
+	0x46, 0x69, 0x6c, 0x74, 0x65, 0x72, 0x12, 0x97, 0x01, 0x0a, 0x05, 0x66, 0x6c, 0x61, 0x67, 0x73,
+	0x18, 0x01, 0x20, 0x03, 0x28, 0x09, 0x42, 0x80, 0x01, 0xfa, 0x42, 0x7d, 0x92, 0x01, 0x7a, 0x22,
+	0x78, 0x72, 0x76, 0x52, 0x02, 0x4c, 0x48, 0x52, 0x02, 0x55, 0x48, 0x52, 0x02, 0x55, 0x54, 0x52,
+	0x02, 0x4c, 0x52, 0x52, 0x02, 0x55, 0x52, 0x52, 0x02, 0x55, 0x46, 0x52, 0x02, 0x55, 0x43, 0x52,
+	0x02, 0x55, 0x4f, 0x52, 0x02, 0x4e, 0x52, 0x52, 0x02, 0x44, 0x49, 0x52, 0x02, 0x46, 0x49, 0x52,
+	0x02, 0x52, 0x4c, 0x52, 0x04, 0x55, 0x41, 0x45, 0x58, 0x52, 0x04, 0x52, 0x4c, 0x53, 0x45, 0x52,
+	0x02, 0x44, 0x43, 0x52, 0x03, 0x55, 0x52, 0x58, 0x52, 0x02, 0x53, 0x49, 0x52, 0x02, 0x49, 0x48,
+	0x52, 0x03, 0x44, 0x50, 0x45, 0x52, 0x05, 0x55, 0x4d, 0x53, 0x44, 0x52, 0x52, 0x04, 0x52, 0x46,
+	0x43, 0x46, 0x52, 0x04, 0x4e, 0x46, 0x43, 0x46, 0x52, 0x02, 0x44, 0x54, 0x52, 0x03, 0x55, 0x50,
+	0x45, 0x52, 0x02, 0x4e, 0x43, 0x52, 0x02, 0x4f, 0x4d, 0x52, 0x05, 0x66, 0x6c, 0x61, 0x67, 0x73,
+	0x3a, 0x3a, 0x9a, 0xc5, 0x88, 0x1e, 0x35, 0x0a, 0x33, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63,
+	0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x66, 0x69, 0x6c, 0x74, 0x65, 0x72, 0x2e, 0x61, 0x63, 0x63,
+	0x65, 0x73, 0x73, 0x6c, 0x6f, 0x67, 0x2e, 0x76, 0x32, 0x2e, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e,
+	0x73, 0x65, 0x46, 0x6c, 0x61, 0x67, 0x46, 0x69, 0x6c, 0x74, 0x65, 0x72, 0x22, 0x80, 0x04, 0x0a,
+	0x10, 0x47, 0x72, 0x70, 0x63, 0x53, 0x74, 0x61, 0x74, 0x75, 0x73, 0x46, 0x69, 0x6c, 0x74, 0x65,
+	0x72, 0x12, 0x5d, 0x0a, 0x08, 0x73, 0x74, 0x61, 0x74, 0x75, 0x73, 0x65, 0x73, 0x18, 0x01, 0x20,
+	0x03, 0x28, 0x0e, 0x32, 0x32, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66,
+	0x69, 0x67, 0x2e, 0x61, 0x63, 0x63, 0x65, 0x73, 0x73, 0x6c, 0x6f, 0x67, 0x2e, 0x76, 0x33, 0x2e,
+	0x47, 0x72, 0x70, 0x63, 0x53, 0x74, 0x61, 0x74, 0x75, 0x73, 0x46, 0x69, 0x6c, 0x74, 0x65, 0x72,
+	0x2e, 0x53, 0x74, 0x61, 0x74, 0x75, 0x73, 0x42, 0x0d, 0xfa, 0x42, 0x0a, 0x92, 0x01, 0x07, 0x22,
+	0x05, 0x82, 0x01, 0x02, 0x10, 0x01, 0x52, 0x08, 0x73, 0x74, 0x61, 0x74, 0x75, 0x73, 0x65, 0x73,
+	0x12, 0x18, 0x0a, 0x07, 0x65, 0x78, 0x63, 0x6c, 0x75, 0x64, 0x65, 0x18, 0x02, 0x20, 0x01, 0x28,
+	0x08, 0x52, 0x07, 0x65, 0x78, 0x63, 0x6c, 0x75, 0x64, 0x65, 0x22, 0xb8, 0x02, 0x0a, 0x06, 0x53,
+	0x74, 0x61, 0x74, 0x75, 0x73, 0x12, 0x06, 0x0a, 0x02, 0x4f, 0x4b, 0x10, 0x00, 0x12, 0x0c, 0x0a,
+	0x08, 0x43, 0x41, 0x4e, 0x43, 0x45, 0x4c, 0x45, 0x44, 0x10, 0x01, 0x12, 0x0b, 0x0a, 0x07, 0x55,
+	0x4e, 0x4b, 0x4e, 0x4f, 0x57, 0x4e, 0x10, 0x02, 0x12, 0x14, 0x0a, 0x10, 0x49, 0x4e, 0x56, 0x41,
+	0x4c, 0x49, 0x44, 0x5f, 0x41, 0x52, 0x47, 0x55, 0x4d, 0x45, 0x4e, 0x54, 0x10, 0x03, 0x12, 0x15,
+	0x0a, 0x11, 0x44, 0x45, 0x41, 0x44, 0x4c, 0x49, 0x4e, 0x45, 0x5f, 0x45, 0x58, 0x43, 0x45, 0x45,
+	0x44, 0x45, 0x44, 0x10, 0x04, 0x12, 0x0d, 0x0a, 0x09, 0x4e, 0x4f, 0x54, 0x5f, 0x46, 0x4f, 0x55,
+	0x4e, 0x44, 0x10, 0x05, 0x12, 0x12, 0x0a, 0x0e, 0x41, 0x4c, 0x52, 0x45, 0x41, 0x44, 0x59, 0x5f,
+	0x45, 0x58, 0x49, 0x53, 0x54, 0x53, 0x10, 0x06, 0x12, 0x15, 0x0a, 0x11, 0x50, 0x45, 0x52, 0x4d,
+	0x49, 0x53, 0x53, 0x49, 0x4f, 0x4e, 0x5f, 0x44, 0x45, 0x4e, 0x49, 0x45, 0x44, 0x10, 0x07, 0x12,
+	0x16, 0x0a, 0x12, 0x52, 0x45, 0x53, 0x4f, 0x55, 0x52, 0x43, 0x45, 0x5f, 0x45, 0x58, 0x48, 0x41,
+	0x55, 0x53, 0x54, 0x45, 0x44, 0x10, 0x08, 0x12, 0x17, 0x0a, 0x13, 0x46, 0x41, 0x49, 0x4c, 0x45,
+	0x44, 0x5f, 0x50, 0x52, 0x45, 0x43, 0x4f, 0x4e, 0x44, 0x49, 0x54, 0x49, 0x4f, 0x4e, 0x10, 0x09,
+	0x12, 0x0b, 0x0a, 0x07, 0x41, 0x42, 0x4f, 0x52, 0x54, 0x45, 0x44, 0x10, 0x0a, 0x12, 0x10, 0x0a,
+	0x0c, 0x4f, 0x55, 0x54, 0x5f, 0x4f, 0x46, 0x5f, 0x52, 0x41, 0x4e, 0x47, 0x45, 0x10, 0x0b, 0x12,
+	0x11, 0x0a, 0x0d, 0x55, 0x4e, 0x49, 0x4d, 0x50, 0x4c, 0x45, 0x4d, 0x45, 0x4e, 0x54, 0x45, 0x44,
+	0x10, 0x0c, 0x12, 0x0c, 0x0a, 0x08, 0x49, 0x4e, 0x54, 0x45, 0x52, 0x4e, 0x41, 0x4c, 0x10, 0x0d,
+	0x12, 0x0f, 0x0a, 0x0b, 0x55, 0x4e, 0x41, 0x56, 0x41, 0x49, 0x4c, 0x41, 0x42, 0x4c, 0x45, 0x10,
+	0x0e, 0x12, 0x0d, 0x0a, 0x09, 0x44, 0x41, 0x54, 0x41, 0x5f, 0x4c, 0x4f, 0x53, 0x53, 0x10, 0x0f,
+	0x12, 0x13, 0x0a, 0x0f, 0x55, 0x4e, 0x41, 0x55, 0x54, 0x48, 0x45, 0x4e, 0x54, 0x49, 0x43, 0x41,
+	0x54, 0x45, 0x44, 0x10, 0x10, 0x3a, 0x38, 0x9a, 0xc5, 0x88, 0x1e, 0x33, 0x0a, 0x31, 0x65, 0x6e,
+	0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x66, 0x69, 0x6c, 0x74, 0x65,
+	0x72, 0x2e, 0x61, 0x63, 0x63, 0x65, 0x73, 0x73, 0x6c, 0x6f, 0x67, 0x2e, 0x76, 0x32, 0x2e, 0x47,
+	0x72, 0x70, 0x63, 0x53, 0x74, 0x61, 0x74, 0x75, 0x73, 0x46, 0x69, 0x6c, 0x74, 0x65, 0x72, 0x22,
+	0xda, 0x01, 0x0a, 0x0e, 0x4d, 0x65, 0x74, 0x61, 0x64, 0x61, 0x74, 0x61, 0x46, 0x69, 0x6c, 0x74,
+	0x65, 0x72, 0x12, 0x40, 0x0a, 0x07, 0x6d, 0x61, 0x74, 0x63, 0x68, 0x65, 0x72, 0x18, 0x01, 0x20,
+	0x01, 0x28, 0x0b, 0x32, 0x26, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x74, 0x79, 0x70, 0x65,
+	0x2e, 0x6d, 0x61, 0x74, 0x63, 0x68, 0x65, 0x72, 0x2e, 0x76, 0x33, 0x2e, 0x4d, 0x65, 0x74, 0x61,
+	0x64, 0x61, 0x74, 0x61, 0x4d, 0x61, 0x74, 0x63, 0x68, 0x65, 0x72, 0x52, 0x07, 0x6d, 0x61, 0x74,
+	0x63, 0x68, 0x65, 0x72, 0x12, 0x4e, 0x0a, 0x16, 0x6d, 0x61, 0x74, 0x63, 0x68, 0x5f, 0x69, 0x66,
+	0x5f, 0x6b, 0x65, 0x79, 0x5f, 0x6e, 0x6f, 0x74, 0x5f, 0x66, 0x6f, 0x75, 0x6e, 0x64, 0x18, 0x02,
+	0x20, 0x01, 0x28, 0x0b, 0x32, 0x1a, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72,
+	0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x42, 0x6f, 0x6f, 0x6c, 0x56, 0x61, 0x6c, 0x75, 0x65,
+	0x52, 0x12, 0x6d, 0x61, 0x74, 0x63, 0x68, 0x49, 0x66, 0x4b, 0x65, 0x79, 0x4e, 0x6f, 0x74, 0x46,
+	0x6f, 0x75, 0x6e, 0x64, 0x3a, 0x36, 0x9a, 0xc5, 0x88, 0x1e, 0x31, 0x0a, 0x2f, 0x65, 0x6e, 0x76,
+	0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x66, 0x69, 0x6c, 0x74, 0x65, 0x72,
+	0x2e, 0x61, 0x63, 0x63, 0x65, 0x73, 0x73, 0x6c, 0x6f, 0x67, 0x2e, 0x76, 0x32, 0x2e, 0x4d, 0x65,
+	0x74, 0x61, 0x64, 0x61, 0x74, 0x61, 0x46, 0x69, 0x6c, 0x74, 0x65, 0x72, 0x22, 0xb6, 0x01, 0x0a,
+	0x0f, 0x45, 0x78, 0x74, 0x65, 0x6e, 0x73, 0x69, 0x6f, 0x6e, 0x46, 0x69, 0x6c, 0x74, 0x65, 0x72,
+	0x12, 0x12, 0x0a, 0x04, 0x6e, 0x61, 0x6d, 0x65, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x04,
+	0x6e, 0x61, 0x6d, 0x65, 0x12, 0x39, 0x0a, 0x0c, 0x74, 0x79, 0x70, 0x65, 0x64, 0x5f, 0x63, 0x6f,
+	0x6e, 0x66, 0x69, 0x67, 0x18, 0x03, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x14, 0x2e, 0x67, 0x6f, 0x6f,
+	0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x41, 0x6e, 0x79,
+	0x48, 0x00, 0x52, 0x0b, 0x74, 0x79, 0x70, 0x65, 0x64, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x3a,
+	0x37, 0x9a, 0xc5, 0x88, 0x1e, 0x32, 0x0a, 0x30, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f,
+	0x6e, 0x66, 0x69, 0x67, 0x2e, 0x66, 0x69, 0x6c, 0x74, 0x65, 0x72, 0x2e, 0x61, 0x63, 0x63, 0x65,
+	0x73, 0x73, 0x6c, 0x6f, 0x67, 0x2e, 0x76, 0x32, 0x2e, 0x45, 0x78, 0x74, 0x65, 0x6e, 0x73, 0x69,
+	0x6f, 0x6e, 0x46, 0x69, 0x6c, 0x74, 0x65, 0x72, 0x42, 0x0d, 0x0a, 0x0b, 0x63, 0x6f, 0x6e, 0x66,
+	0x69, 0x67, 0x5f, 0x74, 0x79, 0x70, 0x65, 0x4a, 0x04, 0x08, 0x02, 0x10, 0x03, 0x52, 0x06, 0x63,
+	0x6f, 0x6e, 0x66, 0x69, 0x67, 0x42, 0x43, 0x0a, 0x27, 0x69, 0x6f, 0x2e, 0x65, 0x6e, 0x76, 0x6f,
+	0x79, 0x70, 0x72, 0x6f, 0x78, 0x79, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e,
+	0x66, 0x69, 0x67, 0x2e, 0x61, 0x63, 0x63, 0x65, 0x73, 0x73, 0x6c, 0x6f, 0x67, 0x2e, 0x76, 0x33,
+	0x42, 0x0e, 0x41, 0x63, 0x63, 0x65, 0x73, 0x73, 0x6c, 0x6f, 0x67, 0x50, 0x72, 0x6f, 0x74, 0x6f,
+	0x50, 0x01, 0xba, 0x80, 0xc8, 0xd1, 0x06, 0x02, 0x10, 0x02, 0x62, 0x06, 0x70, 0x72, 0x6f, 0x74,
+	0x6f, 0x33,
+}
+
+var (
+	file_envoy_config_accesslog_v3_accesslog_proto_rawDescOnce sync.Once
+	file_envoy_config_accesslog_v3_accesslog_proto_rawDescData = file_envoy_config_accesslog_v3_accesslog_proto_rawDesc
+)
+
+func file_envoy_config_accesslog_v3_accesslog_proto_rawDescGZIP() []byte {
+	file_envoy_config_accesslog_v3_accesslog_proto_rawDescOnce.Do(func() {
+		file_envoy_config_accesslog_v3_accesslog_proto_rawDescData = protoimpl.X.CompressGZIP(file_envoy_config_accesslog_v3_accesslog_proto_rawDescData)
+	})
+	return file_envoy_config_accesslog_v3_accesslog_proto_rawDescData
+}
+
+var file_envoy_config_accesslog_v3_accesslog_proto_enumTypes = make([]protoimpl.EnumInfo, 2)
+var file_envoy_config_accesslog_v3_accesslog_proto_msgTypes = make([]protoimpl.MessageInfo, 15)
+var file_envoy_config_accesslog_v3_accesslog_proto_goTypes = []interface{}{
+	(ComparisonFilter_Op)(0),      // 0: envoy.config.accesslog.v3.ComparisonFilter.Op
+	(GrpcStatusFilter_Status)(0),  // 1: envoy.config.accesslog.v3.GrpcStatusFilter.Status
+	(*AccessLog)(nil),             // 2: envoy.config.accesslog.v3.AccessLog
+	(*AccessLogFilter)(nil),       // 3: envoy.config.accesslog.v3.AccessLogFilter
+	(*ComparisonFilter)(nil),      // 4: envoy.config.accesslog.v3.ComparisonFilter
+	(*StatusCodeFilter)(nil),      // 5: envoy.config.accesslog.v3.StatusCodeFilter
+	(*DurationFilter)(nil),        // 6: envoy.config.accesslog.v3.DurationFilter
+	(*NotHealthCheckFilter)(nil),  // 7: envoy.config.accesslog.v3.NotHealthCheckFilter
+	(*TraceableFilter)(nil),       // 8: envoy.config.accesslog.v3.TraceableFilter
+	(*RuntimeFilter)(nil),         // 9: envoy.config.accesslog.v3.RuntimeFilter
+	(*AndFilter)(nil),             // 10: envoy.config.accesslog.v3.AndFilter
+	(*OrFilter)(nil),              // 11: envoy.config.accesslog.v3.OrFilter
+	(*HeaderFilter)(nil),          // 12: envoy.config.accesslog.v3.HeaderFilter
+	(*ResponseFlagFilter)(nil),    // 13: envoy.config.accesslog.v3.ResponseFlagFilter
+	(*GrpcStatusFilter)(nil),      // 14: envoy.config.accesslog.v3.GrpcStatusFilter
+	(*MetadataFilter)(nil),        // 15: envoy.config.accesslog.v3.MetadataFilter
+	(*ExtensionFilter)(nil),       // 16: envoy.config.accesslog.v3.ExtensionFilter
+	(*any.Any)(nil),               // 17: google.protobuf.Any
+	(*v3.RuntimeUInt32)(nil),      // 18: envoy.config.core.v3.RuntimeUInt32
+	(*v31.FractionalPercent)(nil), // 19: envoy.type.v3.FractionalPercent
+	(*v32.HeaderMatcher)(nil),     // 20: envoy.config.route.v3.HeaderMatcher
+	(*v33.MetadataMatcher)(nil),   // 21: envoy.type.matcher.v3.MetadataMatcher
+	(*wrappers.BoolValue)(nil),    // 22: google.protobuf.BoolValue
+}
+var file_envoy_config_accesslog_v3_accesslog_proto_depIdxs = []int32{
+	3,  // 0: envoy.config.accesslog.v3.AccessLog.filter:type_name -> envoy.config.accesslog.v3.AccessLogFilter
+	17, // 1: envoy.config.accesslog.v3.AccessLog.typed_config:type_name -> google.protobuf.Any
+	5,  // 2: envoy.config.accesslog.v3.AccessLogFilter.status_code_filter:type_name -> envoy.config.accesslog.v3.StatusCodeFilter
+	6,  // 3: envoy.config.accesslog.v3.AccessLogFilter.duration_filter:type_name -> envoy.config.accesslog.v3.DurationFilter
+	7,  // 4: envoy.config.accesslog.v3.AccessLogFilter.not_health_check_filter:type_name -> envoy.config.accesslog.v3.NotHealthCheckFilter
+	8,  // 5: envoy.config.accesslog.v3.AccessLogFilter.traceable_filter:type_name -> envoy.config.accesslog.v3.TraceableFilter
+	9,  // 6: envoy.config.accesslog.v3.AccessLogFilter.runtime_filter:type_name -> envoy.config.accesslog.v3.RuntimeFilter
+	10, // 7: envoy.config.accesslog.v3.AccessLogFilter.and_filter:type_name -> envoy.config.accesslog.v3.AndFilter
+	11, // 8: envoy.config.accesslog.v3.AccessLogFilter.or_filter:type_name -> envoy.config.accesslog.v3.OrFilter
+	12, // 9: envoy.config.accesslog.v3.AccessLogFilter.header_filter:type_name -> envoy.config.accesslog.v3.HeaderFilter
+	13, // 10: envoy.config.accesslog.v3.AccessLogFilter.response_flag_filter:type_name -> envoy.config.accesslog.v3.ResponseFlagFilter
+	14, // 11: envoy.config.accesslog.v3.AccessLogFilter.grpc_status_filter:type_name -> envoy.config.accesslog.v3.GrpcStatusFilter
+	16, // 12: envoy.config.accesslog.v3.AccessLogFilter.extension_filter:type_name -> envoy.config.accesslog.v3.ExtensionFilter
+	15, // 13: envoy.config.accesslog.v3.AccessLogFilter.metadata_filter:type_name -> envoy.config.accesslog.v3.MetadataFilter
+	0,  // 14: envoy.config.accesslog.v3.ComparisonFilter.op:type_name -> envoy.config.accesslog.v3.ComparisonFilter.Op
+	18, // 15: envoy.config.accesslog.v3.ComparisonFilter.value:type_name -> envoy.config.core.v3.RuntimeUInt32
+	4,  // 16: envoy.config.accesslog.v3.StatusCodeFilter.comparison:type_name -> envoy.config.accesslog.v3.ComparisonFilter
+	4,  // 17: envoy.config.accesslog.v3.DurationFilter.comparison:type_name -> envoy.config.accesslog.v3.ComparisonFilter
+	19, // 18: envoy.config.accesslog.v3.RuntimeFilter.percent_sampled:type_name -> envoy.type.v3.FractionalPercent
+	3,  // 19: envoy.config.accesslog.v3.AndFilter.filters:type_name -> envoy.config.accesslog.v3.AccessLogFilter
+	3,  // 20: envoy.config.accesslog.v3.OrFilter.filters:type_name -> envoy.config.accesslog.v3.AccessLogFilter
+	20, // 21: envoy.config.accesslog.v3.HeaderFilter.header:type_name -> envoy.config.route.v3.HeaderMatcher
+	1,  // 22: envoy.config.accesslog.v3.GrpcStatusFilter.statuses:type_name -> envoy.config.accesslog.v3.GrpcStatusFilter.Status
+	21, // 23: envoy.config.accesslog.v3.MetadataFilter.matcher:type_name -> envoy.type.matcher.v3.MetadataMatcher
+	22, // 24: envoy.config.accesslog.v3.MetadataFilter.match_if_key_not_found:type_name -> google.protobuf.BoolValue
+	17, // 25: envoy.config.accesslog.v3.ExtensionFilter.typed_config:type_name -> google.protobuf.Any
+	26, // [26:26] is the sub-list for method output_type
+	26, // [26:26] is the sub-list for method input_type
+	26, // [26:26] is the sub-list for extension type_name
+	26, // [26:26] is the sub-list for extension extendee
+	0,  // [0:26] is the sub-list for field type_name
+}
+
+func init() { file_envoy_config_accesslog_v3_accesslog_proto_init() }
+func file_envoy_config_accesslog_v3_accesslog_proto_init() {
+	if File_envoy_config_accesslog_v3_accesslog_proto != nil {
+		return
+	}
+	if !protoimpl.UnsafeEnabled {
+		file_envoy_config_accesslog_v3_accesslog_proto_msgTypes[0].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*AccessLog); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_config_accesslog_v3_accesslog_proto_msgTypes[1].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*AccessLogFilter); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_config_accesslog_v3_accesslog_proto_msgTypes[2].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*ComparisonFilter); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_config_accesslog_v3_accesslog_proto_msgTypes[3].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*StatusCodeFilter); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_config_accesslog_v3_accesslog_proto_msgTypes[4].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*DurationFilter); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_config_accesslog_v3_accesslog_proto_msgTypes[5].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*NotHealthCheckFilter); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_config_accesslog_v3_accesslog_proto_msgTypes[6].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*TraceableFilter); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_config_accesslog_v3_accesslog_proto_msgTypes[7].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*RuntimeFilter); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_config_accesslog_v3_accesslog_proto_msgTypes[8].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*AndFilter); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_config_accesslog_v3_accesslog_proto_msgTypes[9].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*OrFilter); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_config_accesslog_v3_accesslog_proto_msgTypes[10].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*HeaderFilter); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_config_accesslog_v3_accesslog_proto_msgTypes[11].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*ResponseFlagFilter); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_config_accesslog_v3_accesslog_proto_msgTypes[12].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*GrpcStatusFilter); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_config_accesslog_v3_accesslog_proto_msgTypes[13].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*MetadataFilter); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_config_accesslog_v3_accesslog_proto_msgTypes[14].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*ExtensionFilter); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+	}
+	file_envoy_config_accesslog_v3_accesslog_proto_msgTypes[0].OneofWrappers = []interface{}{
+		(*AccessLog_TypedConfig)(nil),
+	}
+	file_envoy_config_accesslog_v3_accesslog_proto_msgTypes[1].OneofWrappers = []interface{}{
+		(*AccessLogFilter_StatusCodeFilter)(nil),
+		(*AccessLogFilter_DurationFilter)(nil),
+		(*AccessLogFilter_NotHealthCheckFilter)(nil),
+		(*AccessLogFilter_TraceableFilter)(nil),
+		(*AccessLogFilter_RuntimeFilter)(nil),
+		(*AccessLogFilter_AndFilter)(nil),
+		(*AccessLogFilter_OrFilter)(nil),
+		(*AccessLogFilter_HeaderFilter)(nil),
+		(*AccessLogFilter_ResponseFlagFilter)(nil),
+		(*AccessLogFilter_GrpcStatusFilter)(nil),
+		(*AccessLogFilter_ExtensionFilter)(nil),
+		(*AccessLogFilter_MetadataFilter)(nil),
+	}
+	file_envoy_config_accesslog_v3_accesslog_proto_msgTypes[14].OneofWrappers = []interface{}{
+		(*ExtensionFilter_TypedConfig)(nil),
+	}
+	type x struct{}
+	out := protoimpl.TypeBuilder{
+		File: protoimpl.DescBuilder{
+			GoPackagePath: reflect.TypeOf(x{}).PkgPath(),
+			RawDescriptor: file_envoy_config_accesslog_v3_accesslog_proto_rawDesc,
+			NumEnums:      2,
+			NumMessages:   15,
+			NumExtensions: 0,
+			NumServices:   0,
+		},
+		GoTypes:           file_envoy_config_accesslog_v3_accesslog_proto_goTypes,
+		DependencyIndexes: file_envoy_config_accesslog_v3_accesslog_proto_depIdxs,
+		EnumInfos:         file_envoy_config_accesslog_v3_accesslog_proto_enumTypes,
+		MessageInfos:      file_envoy_config_accesslog_v3_accesslog_proto_msgTypes,
+	}.Build()
+	File_envoy_config_accesslog_v3_accesslog_proto = out.File
+	file_envoy_config_accesslog_v3_accesslog_proto_rawDesc = nil
+	file_envoy_config_accesslog_v3_accesslog_proto_goTypes = nil
+	file_envoy_config_accesslog_v3_accesslog_proto_depIdxs = nil
+}
diff --git a/vendor/github.com/envoyproxy/go-control-plane/envoy/config/accesslog/v3/accesslog.pb.validate.go b/vendor/github.com/envoyproxy/go-control-plane/envoy/config/accesslog/v3/accesslog.pb.validate.go
new file mode 100644
index 00000000000..8596ecc6e2e
--- /dev/null
+++ b/vendor/github.com/envoyproxy/go-control-plane/envoy/config/accesslog/v3/accesslog.pb.validate.go
@@ -0,0 +1,2423 @@
+// Code generated by protoc-gen-validate. DO NOT EDIT.
+// source: envoy/config/accesslog/v3/accesslog.proto
+
+package envoy_config_accesslog_v3
+
+import (
+	"bytes"
+	"errors"
+	"fmt"
+	"net"
+	"net/mail"
+	"net/url"
+	"regexp"
+	"sort"
+	"strings"
+	"time"
+	"unicode/utf8"
+
+	"google.golang.org/protobuf/types/known/anypb"
+)
+
+// ensure the imports are used
+var (
+	_ = bytes.MinRead
+	_ = errors.New("")
+	_ = fmt.Print
+	_ = utf8.UTFMax
+	_ = (*regexp.Regexp)(nil)
+	_ = (*strings.Reader)(nil)
+	_ = net.IPv4len
+	_ = time.Duration(0)
+	_ = (*url.URL)(nil)
+	_ = (*mail.Address)(nil)
+	_ = anypb.Any{}
+	_ = sort.Sort
+)
+
+// Validate checks the field values on AccessLog with the rules defined in the
+// proto definition for this message. If any rules are violated, the first
+// error encountered is returned, or nil if there are no violations.
+func (m *AccessLog) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on AccessLog with the rules defined in
+// the proto definition for this message. If any rules are violated, the
+// result is a list of violation errors wrapped in AccessLogMultiError, or nil
+// if none found.
+func (m *AccessLog) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *AccessLog) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	// no validation rules for Name
+
+	if all {
+		switch v := interface{}(m.GetFilter()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, AccessLogValidationError{
+					field:  "Filter",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, AccessLogValidationError{
+					field:  "Filter",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetFilter()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return AccessLogValidationError{
+				field:  "Filter",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	switch m.ConfigType.(type) {
+
+	case *AccessLog_TypedConfig:
+
+		if all {
+			switch v := interface{}(m.GetTypedConfig()).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, AccessLogValidationError{
+						field:  "TypedConfig",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, AccessLogValidationError{
+						field:  "TypedConfig",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(m.GetTypedConfig()).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return AccessLogValidationError{
+					field:  "TypedConfig",
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	}
+
+	if len(errors) > 0 {
+		return AccessLogMultiError(errors)
+	}
+	return nil
+}
+
+// AccessLogMultiError is an error wrapping multiple validation errors returned
+// by AccessLog.ValidateAll() if the designated constraints aren't met.
+type AccessLogMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m AccessLogMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m AccessLogMultiError) AllErrors() []error { return m }
+
+// AccessLogValidationError is the validation error returned by
+// AccessLog.Validate if the designated constraints aren't met.
+type AccessLogValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e AccessLogValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e AccessLogValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e AccessLogValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e AccessLogValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e AccessLogValidationError) ErrorName() string { return "AccessLogValidationError" }
+
+// Error satisfies the builtin error interface
+func (e AccessLogValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sAccessLog.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = AccessLogValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = AccessLogValidationError{}
+
+// Validate checks the field values on AccessLogFilter with the rules defined
+// in the proto definition for this message. If any rules are violated, the
+// first error encountered is returned, or nil if there are no violations.
+func (m *AccessLogFilter) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on AccessLogFilter with the rules
+// defined in the proto definition for this message. If any rules are
+// violated, the result is a list of violation errors wrapped in
+// AccessLogFilterMultiError, or nil if none found.
+func (m *AccessLogFilter) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *AccessLogFilter) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	switch m.FilterSpecifier.(type) {
+
+	case *AccessLogFilter_StatusCodeFilter:
+
+		if all {
+			switch v := interface{}(m.GetStatusCodeFilter()).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, AccessLogFilterValidationError{
+						field:  "StatusCodeFilter",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, AccessLogFilterValidationError{
+						field:  "StatusCodeFilter",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(m.GetStatusCodeFilter()).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return AccessLogFilterValidationError{
+					field:  "StatusCodeFilter",
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	case *AccessLogFilter_DurationFilter:
+
+		if all {
+			switch v := interface{}(m.GetDurationFilter()).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, AccessLogFilterValidationError{
+						field:  "DurationFilter",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, AccessLogFilterValidationError{
+						field:  "DurationFilter",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(m.GetDurationFilter()).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return AccessLogFilterValidationError{
+					field:  "DurationFilter",
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	case *AccessLogFilter_NotHealthCheckFilter:
+
+		if all {
+			switch v := interface{}(m.GetNotHealthCheckFilter()).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, AccessLogFilterValidationError{
+						field:  "NotHealthCheckFilter",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, AccessLogFilterValidationError{
+						field:  "NotHealthCheckFilter",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(m.GetNotHealthCheckFilter()).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return AccessLogFilterValidationError{
+					field:  "NotHealthCheckFilter",
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	case *AccessLogFilter_TraceableFilter:
+
+		if all {
+			switch v := interface{}(m.GetTraceableFilter()).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, AccessLogFilterValidationError{
+						field:  "TraceableFilter",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, AccessLogFilterValidationError{
+						field:  "TraceableFilter",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(m.GetTraceableFilter()).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return AccessLogFilterValidationError{
+					field:  "TraceableFilter",
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	case *AccessLogFilter_RuntimeFilter:
+
+		if all {
+			switch v := interface{}(m.GetRuntimeFilter()).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, AccessLogFilterValidationError{
+						field:  "RuntimeFilter",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, AccessLogFilterValidationError{
+						field:  "RuntimeFilter",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(m.GetRuntimeFilter()).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return AccessLogFilterValidationError{
+					field:  "RuntimeFilter",
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	case *AccessLogFilter_AndFilter:
+
+		if all {
+			switch v := interface{}(m.GetAndFilter()).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, AccessLogFilterValidationError{
+						field:  "AndFilter",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, AccessLogFilterValidationError{
+						field:  "AndFilter",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(m.GetAndFilter()).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return AccessLogFilterValidationError{
+					field:  "AndFilter",
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	case *AccessLogFilter_OrFilter:
+
+		if all {
+			switch v := interface{}(m.GetOrFilter()).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, AccessLogFilterValidationError{
+						field:  "OrFilter",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, AccessLogFilterValidationError{
+						field:  "OrFilter",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(m.GetOrFilter()).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return AccessLogFilterValidationError{
+					field:  "OrFilter",
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	case *AccessLogFilter_HeaderFilter:
+
+		if all {
+			switch v := interface{}(m.GetHeaderFilter()).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, AccessLogFilterValidationError{
+						field:  "HeaderFilter",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, AccessLogFilterValidationError{
+						field:  "HeaderFilter",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(m.GetHeaderFilter()).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return AccessLogFilterValidationError{
+					field:  "HeaderFilter",
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	case *AccessLogFilter_ResponseFlagFilter:
+
+		if all {
+			switch v := interface{}(m.GetResponseFlagFilter()).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, AccessLogFilterValidationError{
+						field:  "ResponseFlagFilter",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, AccessLogFilterValidationError{
+						field:  "ResponseFlagFilter",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(m.GetResponseFlagFilter()).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return AccessLogFilterValidationError{
+					field:  "ResponseFlagFilter",
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	case *AccessLogFilter_GrpcStatusFilter:
+
+		if all {
+			switch v := interface{}(m.GetGrpcStatusFilter()).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, AccessLogFilterValidationError{
+						field:  "GrpcStatusFilter",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, AccessLogFilterValidationError{
+						field:  "GrpcStatusFilter",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(m.GetGrpcStatusFilter()).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return AccessLogFilterValidationError{
+					field:  "GrpcStatusFilter",
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	case *AccessLogFilter_ExtensionFilter:
+
+		if all {
+			switch v := interface{}(m.GetExtensionFilter()).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, AccessLogFilterValidationError{
+						field:  "ExtensionFilter",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, AccessLogFilterValidationError{
+						field:  "ExtensionFilter",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(m.GetExtensionFilter()).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return AccessLogFilterValidationError{
+					field:  "ExtensionFilter",
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	case *AccessLogFilter_MetadataFilter:
+
+		if all {
+			switch v := interface{}(m.GetMetadataFilter()).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, AccessLogFilterValidationError{
+						field:  "MetadataFilter",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, AccessLogFilterValidationError{
+						field:  "MetadataFilter",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(m.GetMetadataFilter()).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return AccessLogFilterValidationError{
+					field:  "MetadataFilter",
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	default:
+		err := AccessLogFilterValidationError{
+			field:  "FilterSpecifier",
+			reason: "value is required",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+
+	}
+
+	if len(errors) > 0 {
+		return AccessLogFilterMultiError(errors)
+	}
+	return nil
+}
+
+// AccessLogFilterMultiError is an error wrapping multiple validation errors
+// returned by AccessLogFilter.ValidateAll() if the designated constraints
+// aren't met.
+type AccessLogFilterMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m AccessLogFilterMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m AccessLogFilterMultiError) AllErrors() []error { return m }
+
+// AccessLogFilterValidationError is the validation error returned by
+// AccessLogFilter.Validate if the designated constraints aren't met.
+type AccessLogFilterValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e AccessLogFilterValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e AccessLogFilterValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e AccessLogFilterValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e AccessLogFilterValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e AccessLogFilterValidationError) ErrorName() string { return "AccessLogFilterValidationError" }
+
+// Error satisfies the builtin error interface
+func (e AccessLogFilterValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sAccessLogFilter.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = AccessLogFilterValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = AccessLogFilterValidationError{}
+
+// Validate checks the field values on ComparisonFilter with the rules defined
+// in the proto definition for this message. If any rules are violated, the
+// first error encountered is returned, or nil if there are no violations.
+func (m *ComparisonFilter) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on ComparisonFilter with the rules
+// defined in the proto definition for this message. If any rules are
+// violated, the result is a list of violation errors wrapped in
+// ComparisonFilterMultiError, or nil if none found.
+func (m *ComparisonFilter) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *ComparisonFilter) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	if _, ok := ComparisonFilter_Op_name[int32(m.GetOp())]; !ok {
+		err := ComparisonFilterValidationError{
+			field:  "Op",
+			reason: "value must be one of the defined enum values",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+	}
+
+	if all {
+		switch v := interface{}(m.GetValue()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, ComparisonFilterValidationError{
+					field:  "Value",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, ComparisonFilterValidationError{
+					field:  "Value",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetValue()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return ComparisonFilterValidationError{
+				field:  "Value",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if len(errors) > 0 {
+		return ComparisonFilterMultiError(errors)
+	}
+	return nil
+}
+
+// ComparisonFilterMultiError is an error wrapping multiple validation errors
+// returned by ComparisonFilter.ValidateAll() if the designated constraints
+// aren't met.
+type ComparisonFilterMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m ComparisonFilterMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m ComparisonFilterMultiError) AllErrors() []error { return m }
+
+// ComparisonFilterValidationError is the validation error returned by
+// ComparisonFilter.Validate if the designated constraints aren't met.
+type ComparisonFilterValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e ComparisonFilterValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e ComparisonFilterValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e ComparisonFilterValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e ComparisonFilterValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e ComparisonFilterValidationError) ErrorName() string { return "ComparisonFilterValidationError" }
+
+// Error satisfies the builtin error interface
+func (e ComparisonFilterValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sComparisonFilter.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = ComparisonFilterValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = ComparisonFilterValidationError{}
+
+// Validate checks the field values on StatusCodeFilter with the rules defined
+// in the proto definition for this message. If any rules are violated, the
+// first error encountered is returned, or nil if there are no violations.
+func (m *StatusCodeFilter) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on StatusCodeFilter with the rules
+// defined in the proto definition for this message. If any rules are
+// violated, the result is a list of violation errors wrapped in
+// StatusCodeFilterMultiError, or nil if none found.
+func (m *StatusCodeFilter) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *StatusCodeFilter) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	if m.GetComparison() == nil {
+		err := StatusCodeFilterValidationError{
+			field:  "Comparison",
+			reason: "value is required",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+	}
+
+	if all {
+		switch v := interface{}(m.GetComparison()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, StatusCodeFilterValidationError{
+					field:  "Comparison",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, StatusCodeFilterValidationError{
+					field:  "Comparison",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetComparison()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return StatusCodeFilterValidationError{
+				field:  "Comparison",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if len(errors) > 0 {
+		return StatusCodeFilterMultiError(errors)
+	}
+	return nil
+}
+
+// StatusCodeFilterMultiError is an error wrapping multiple validation errors
+// returned by StatusCodeFilter.ValidateAll() if the designated constraints
+// aren't met.
+type StatusCodeFilterMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m StatusCodeFilterMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m StatusCodeFilterMultiError) AllErrors() []error { return m }
+
+// StatusCodeFilterValidationError is the validation error returned by
+// StatusCodeFilter.Validate if the designated constraints aren't met.
+type StatusCodeFilterValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e StatusCodeFilterValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e StatusCodeFilterValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e StatusCodeFilterValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e StatusCodeFilterValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e StatusCodeFilterValidationError) ErrorName() string { return "StatusCodeFilterValidationError" }
+
+// Error satisfies the builtin error interface
+func (e StatusCodeFilterValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sStatusCodeFilter.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = StatusCodeFilterValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = StatusCodeFilterValidationError{}
+
+// Validate checks the field values on DurationFilter with the rules defined in
+// the proto definition for this message. If any rules are violated, the first
+// error encountered is returned, or nil if there are no violations.
+func (m *DurationFilter) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on DurationFilter with the rules defined
+// in the proto definition for this message. If any rules are violated, the
+// result is a list of violation errors wrapped in DurationFilterMultiError,
+// or nil if none found.
+func (m *DurationFilter) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *DurationFilter) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	if m.GetComparison() == nil {
+		err := DurationFilterValidationError{
+			field:  "Comparison",
+			reason: "value is required",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+	}
+
+	if all {
+		switch v := interface{}(m.GetComparison()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, DurationFilterValidationError{
+					field:  "Comparison",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, DurationFilterValidationError{
+					field:  "Comparison",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetComparison()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return DurationFilterValidationError{
+				field:  "Comparison",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if len(errors) > 0 {
+		return DurationFilterMultiError(errors)
+	}
+	return nil
+}
+
+// DurationFilterMultiError is an error wrapping multiple validation errors
+// returned by DurationFilter.ValidateAll() if the designated constraints
+// aren't met.
+type DurationFilterMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m DurationFilterMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m DurationFilterMultiError) AllErrors() []error { return m }
+
+// DurationFilterValidationError is the validation error returned by
+// DurationFilter.Validate if the designated constraints aren't met.
+type DurationFilterValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e DurationFilterValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e DurationFilterValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e DurationFilterValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e DurationFilterValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e DurationFilterValidationError) ErrorName() string { return "DurationFilterValidationError" }
+
+// Error satisfies the builtin error interface
+func (e DurationFilterValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sDurationFilter.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = DurationFilterValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = DurationFilterValidationError{}
+
+// Validate checks the field values on NotHealthCheckFilter with the rules
+// defined in the proto definition for this message. If any rules are
+// violated, the first error encountered is returned, or nil if there are no violations.
+func (m *NotHealthCheckFilter) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on NotHealthCheckFilter with the rules
+// defined in the proto definition for this message. If any rules are
+// violated, the result is a list of violation errors wrapped in
+// NotHealthCheckFilterMultiError, or nil if none found.
+func (m *NotHealthCheckFilter) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *NotHealthCheckFilter) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	if len(errors) > 0 {
+		return NotHealthCheckFilterMultiError(errors)
+	}
+	return nil
+}
+
+// NotHealthCheckFilterMultiError is an error wrapping multiple validation
+// errors returned by NotHealthCheckFilter.ValidateAll() if the designated
+// constraints aren't met.
+type NotHealthCheckFilterMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m NotHealthCheckFilterMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m NotHealthCheckFilterMultiError) AllErrors() []error { return m }
+
+// NotHealthCheckFilterValidationError is the validation error returned by
+// NotHealthCheckFilter.Validate if the designated constraints aren't met.
+type NotHealthCheckFilterValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e NotHealthCheckFilterValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e NotHealthCheckFilterValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e NotHealthCheckFilterValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e NotHealthCheckFilterValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e NotHealthCheckFilterValidationError) ErrorName() string {
+	return "NotHealthCheckFilterValidationError"
+}
+
+// Error satisfies the builtin error interface
+func (e NotHealthCheckFilterValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sNotHealthCheckFilter.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = NotHealthCheckFilterValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = NotHealthCheckFilterValidationError{}
+
+// Validate checks the field values on TraceableFilter with the rules defined
+// in the proto definition for this message. If any rules are violated, the
+// first error encountered is returned, or nil if there are no violations.
+func (m *TraceableFilter) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on TraceableFilter with the rules
+// defined in the proto definition for this message. If any rules are
+// violated, the result is a list of violation errors wrapped in
+// TraceableFilterMultiError, or nil if none found.
+func (m *TraceableFilter) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *TraceableFilter) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	if len(errors) > 0 {
+		return TraceableFilterMultiError(errors)
+	}
+	return nil
+}
+
+// TraceableFilterMultiError is an error wrapping multiple validation errors
+// returned by TraceableFilter.ValidateAll() if the designated constraints
+// aren't met.
+type TraceableFilterMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m TraceableFilterMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m TraceableFilterMultiError) AllErrors() []error { return m }
+
+// TraceableFilterValidationError is the validation error returned by
+// TraceableFilter.Validate if the designated constraints aren't met.
+type TraceableFilterValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e TraceableFilterValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e TraceableFilterValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e TraceableFilterValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e TraceableFilterValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e TraceableFilterValidationError) ErrorName() string { return "TraceableFilterValidationError" }
+
+// Error satisfies the builtin error interface
+func (e TraceableFilterValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sTraceableFilter.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = TraceableFilterValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = TraceableFilterValidationError{}
+
+// Validate checks the field values on RuntimeFilter with the rules defined in
+// the proto definition for this message. If any rules are violated, the first
+// error encountered is returned, or nil if there are no violations.
+func (m *RuntimeFilter) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on RuntimeFilter with the rules defined
+// in the proto definition for this message. If any rules are violated, the
+// result is a list of violation errors wrapped in RuntimeFilterMultiError, or
+// nil if none found.
+func (m *RuntimeFilter) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *RuntimeFilter) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	if utf8.RuneCountInString(m.GetRuntimeKey()) < 1 {
+		err := RuntimeFilterValidationError{
+			field:  "RuntimeKey",
+			reason: "value length must be at least 1 runes",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+	}
+
+	if all {
+		switch v := interface{}(m.GetPercentSampled()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, RuntimeFilterValidationError{
+					field:  "PercentSampled",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, RuntimeFilterValidationError{
+					field:  "PercentSampled",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetPercentSampled()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return RuntimeFilterValidationError{
+				field:  "PercentSampled",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	// no validation rules for UseIndependentRandomness
+
+	if len(errors) > 0 {
+		return RuntimeFilterMultiError(errors)
+	}
+	return nil
+}
+
+// RuntimeFilterMultiError is an error wrapping multiple validation errors
+// returned by RuntimeFilter.ValidateAll() if the designated constraints
+// aren't met.
+type RuntimeFilterMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m RuntimeFilterMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m RuntimeFilterMultiError) AllErrors() []error { return m }
+
+// RuntimeFilterValidationError is the validation error returned by
+// RuntimeFilter.Validate if the designated constraints aren't met.
+type RuntimeFilterValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e RuntimeFilterValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e RuntimeFilterValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e RuntimeFilterValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e RuntimeFilterValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e RuntimeFilterValidationError) ErrorName() string { return "RuntimeFilterValidationError" }
+
+// Error satisfies the builtin error interface
+func (e RuntimeFilterValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sRuntimeFilter.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = RuntimeFilterValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = RuntimeFilterValidationError{}
+
+// Validate checks the field values on AndFilter with the rules defined in the
+// proto definition for this message. If any rules are violated, the first
+// error encountered is returned, or nil if there are no violations.
+func (m *AndFilter) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on AndFilter with the rules defined in
+// the proto definition for this message. If any rules are violated, the
+// result is a list of violation errors wrapped in AndFilterMultiError, or nil
+// if none found.
+func (m *AndFilter) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *AndFilter) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	if len(m.GetFilters()) < 2 {
+		err := AndFilterValidationError{
+			field:  "Filters",
+			reason: "value must contain at least 2 item(s)",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+	}
+
+	for idx, item := range m.GetFilters() {
+		_, _ = idx, item
+
+		if all {
+			switch v := interface{}(item).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, AndFilterValidationError{
+						field:  fmt.Sprintf("Filters[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, AndFilterValidationError{
+						field:  fmt.Sprintf("Filters[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(item).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return AndFilterValidationError{
+					field:  fmt.Sprintf("Filters[%v]", idx),
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	}
+
+	if len(errors) > 0 {
+		return AndFilterMultiError(errors)
+	}
+	return nil
+}
+
+// AndFilterMultiError is an error wrapping multiple validation errors returned
+// by AndFilter.ValidateAll() if the designated constraints aren't met.
+type AndFilterMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m AndFilterMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m AndFilterMultiError) AllErrors() []error { return m }
+
+// AndFilterValidationError is the validation error returned by
+// AndFilter.Validate if the designated constraints aren't met.
+type AndFilterValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e AndFilterValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e AndFilterValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e AndFilterValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e AndFilterValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e AndFilterValidationError) ErrorName() string { return "AndFilterValidationError" }
+
+// Error satisfies the builtin error interface
+func (e AndFilterValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sAndFilter.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = AndFilterValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = AndFilterValidationError{}
+
+// Validate checks the field values on OrFilter with the rules defined in the
+// proto definition for this message. If any rules are violated, the first
+// error encountered is returned, or nil if there are no violations.
+func (m *OrFilter) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on OrFilter with the rules defined in
+// the proto definition for this message. If any rules are violated, the
+// result is a list of violation errors wrapped in OrFilterMultiError, or nil
+// if none found.
+func (m *OrFilter) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *OrFilter) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	if len(m.GetFilters()) < 2 {
+		err := OrFilterValidationError{
+			field:  "Filters",
+			reason: "value must contain at least 2 item(s)",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+	}
+
+	for idx, item := range m.GetFilters() {
+		_, _ = idx, item
+
+		if all {
+			switch v := interface{}(item).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, OrFilterValidationError{
+						field:  fmt.Sprintf("Filters[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, OrFilterValidationError{
+						field:  fmt.Sprintf("Filters[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(item).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return OrFilterValidationError{
+					field:  fmt.Sprintf("Filters[%v]", idx),
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	}
+
+	if len(errors) > 0 {
+		return OrFilterMultiError(errors)
+	}
+	return nil
+}
+
+// OrFilterMultiError is an error wrapping multiple validation errors returned
+// by OrFilter.ValidateAll() if the designated constraints aren't met.
+type OrFilterMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m OrFilterMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m OrFilterMultiError) AllErrors() []error { return m }
+
+// OrFilterValidationError is the validation error returned by
+// OrFilter.Validate if the designated constraints aren't met.
+type OrFilterValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e OrFilterValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e OrFilterValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e OrFilterValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e OrFilterValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e OrFilterValidationError) ErrorName() string { return "OrFilterValidationError" }
+
+// Error satisfies the builtin error interface
+func (e OrFilterValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sOrFilter.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = OrFilterValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = OrFilterValidationError{}
+
+// Validate checks the field values on HeaderFilter with the rules defined in
+// the proto definition for this message. If any rules are violated, the first
+// error encountered is returned, or nil if there are no violations.
+func (m *HeaderFilter) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on HeaderFilter with the rules defined
+// in the proto definition for this message. If any rules are violated, the
+// result is a list of violation errors wrapped in HeaderFilterMultiError, or
+// nil if none found.
+func (m *HeaderFilter) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *HeaderFilter) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	if m.GetHeader() == nil {
+		err := HeaderFilterValidationError{
+			field:  "Header",
+			reason: "value is required",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+	}
+
+	if all {
+		switch v := interface{}(m.GetHeader()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, HeaderFilterValidationError{
+					field:  "Header",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, HeaderFilterValidationError{
+					field:  "Header",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetHeader()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return HeaderFilterValidationError{
+				field:  "Header",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if len(errors) > 0 {
+		return HeaderFilterMultiError(errors)
+	}
+	return nil
+}
+
+// HeaderFilterMultiError is an error wrapping multiple validation errors
+// returned by HeaderFilter.ValidateAll() if the designated constraints aren't met.
+type HeaderFilterMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m HeaderFilterMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m HeaderFilterMultiError) AllErrors() []error { return m }
+
+// HeaderFilterValidationError is the validation error returned by
+// HeaderFilter.Validate if the designated constraints aren't met.
+type HeaderFilterValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e HeaderFilterValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e HeaderFilterValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e HeaderFilterValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e HeaderFilterValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e HeaderFilterValidationError) ErrorName() string { return "HeaderFilterValidationError" }
+
+// Error satisfies the builtin error interface
+func (e HeaderFilterValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sHeaderFilter.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = HeaderFilterValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = HeaderFilterValidationError{}
+
+// Validate checks the field values on ResponseFlagFilter with the rules
+// defined in the proto definition for this message. If any rules are
+// violated, the first error encountered is returned, or nil if there are no violations.
+func (m *ResponseFlagFilter) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on ResponseFlagFilter with the rules
+// defined in the proto definition for this message. If any rules are
+// violated, the result is a list of violation errors wrapped in
+// ResponseFlagFilterMultiError, or nil if none found.
+func (m *ResponseFlagFilter) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *ResponseFlagFilter) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	for idx, item := range m.GetFlags() {
+		_, _ = idx, item
+
+		if _, ok := _ResponseFlagFilter_Flags_InLookup[item]; !ok {
+			err := ResponseFlagFilterValidationError{
+				field:  fmt.Sprintf("Flags[%v]", idx),
+				reason: "value must be in list [LH UH UT LR UR UF UC UO NR DI FI RL UAEX RLSE DC URX SI IH DPE UMSDR RFCF NFCF DT UPE NC OM]",
+			}
+			if !all {
+				return err
+			}
+			errors = append(errors, err)
+		}
+
+	}
+
+	if len(errors) > 0 {
+		return ResponseFlagFilterMultiError(errors)
+	}
+	return nil
+}
+
+// ResponseFlagFilterMultiError is an error wrapping multiple validation errors
+// returned by ResponseFlagFilter.ValidateAll() if the designated constraints
+// aren't met.
+type ResponseFlagFilterMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m ResponseFlagFilterMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m ResponseFlagFilterMultiError) AllErrors() []error { return m }
+
+// ResponseFlagFilterValidationError is the validation error returned by
+// ResponseFlagFilter.Validate if the designated constraints aren't met.
+type ResponseFlagFilterValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e ResponseFlagFilterValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e ResponseFlagFilterValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e ResponseFlagFilterValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e ResponseFlagFilterValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e ResponseFlagFilterValidationError) ErrorName() string {
+	return "ResponseFlagFilterValidationError"
+}
+
+// Error satisfies the builtin error interface
+func (e ResponseFlagFilterValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sResponseFlagFilter.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = ResponseFlagFilterValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = ResponseFlagFilterValidationError{}
+
+var _ResponseFlagFilter_Flags_InLookup = map[string]struct{}{
+	"LH":    {},
+	"UH":    {},
+	"UT":    {},
+	"LR":    {},
+	"UR":    {},
+	"UF":    {},
+	"UC":    {},
+	"UO":    {},
+	"NR":    {},
+	"DI":    {},
+	"FI":    {},
+	"RL":    {},
+	"UAEX":  {},
+	"RLSE":  {},
+	"DC":    {},
+	"URX":   {},
+	"SI":    {},
+	"IH":    {},
+	"DPE":   {},
+	"UMSDR": {},
+	"RFCF":  {},
+	"NFCF":  {},
+	"DT":    {},
+	"UPE":   {},
+	"NC":    {},
+	"OM":    {},
+}
+
+// Validate checks the field values on GrpcStatusFilter with the rules defined
+// in the proto definition for this message. If any rules are violated, the
+// first error encountered is returned, or nil if there are no violations.
+func (m *GrpcStatusFilter) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on GrpcStatusFilter with the rules
+// defined in the proto definition for this message. If any rules are
+// violated, the result is a list of violation errors wrapped in
+// GrpcStatusFilterMultiError, or nil if none found.
+func (m *GrpcStatusFilter) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *GrpcStatusFilter) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	for idx, item := range m.GetStatuses() {
+		_, _ = idx, item
+
+		if _, ok := GrpcStatusFilter_Status_name[int32(item)]; !ok {
+			err := GrpcStatusFilterValidationError{
+				field:  fmt.Sprintf("Statuses[%v]", idx),
+				reason: "value must be one of the defined enum values",
+			}
+			if !all {
+				return err
+			}
+			errors = append(errors, err)
+		}
+
+	}
+
+	// no validation rules for Exclude
+
+	if len(errors) > 0 {
+		return GrpcStatusFilterMultiError(errors)
+	}
+	return nil
+}
+
+// GrpcStatusFilterMultiError is an error wrapping multiple validation errors
+// returned by GrpcStatusFilter.ValidateAll() if the designated constraints
+// aren't met.
+type GrpcStatusFilterMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m GrpcStatusFilterMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m GrpcStatusFilterMultiError) AllErrors() []error { return m }
+
+// GrpcStatusFilterValidationError is the validation error returned by
+// GrpcStatusFilter.Validate if the designated constraints aren't met.
+type GrpcStatusFilterValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e GrpcStatusFilterValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e GrpcStatusFilterValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e GrpcStatusFilterValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e GrpcStatusFilterValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e GrpcStatusFilterValidationError) ErrorName() string { return "GrpcStatusFilterValidationError" }
+
+// Error satisfies the builtin error interface
+func (e GrpcStatusFilterValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sGrpcStatusFilter.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = GrpcStatusFilterValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = GrpcStatusFilterValidationError{}
+
+// Validate checks the field values on MetadataFilter with the rules defined in
+// the proto definition for this message. If any rules are violated, the first
+// error encountered is returned, or nil if there are no violations.
+func (m *MetadataFilter) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on MetadataFilter with the rules defined
+// in the proto definition for this message. If any rules are violated, the
+// result is a list of violation errors wrapped in MetadataFilterMultiError,
+// or nil if none found.
+func (m *MetadataFilter) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *MetadataFilter) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	if all {
+		switch v := interface{}(m.GetMatcher()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, MetadataFilterValidationError{
+					field:  "Matcher",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, MetadataFilterValidationError{
+					field:  "Matcher",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetMatcher()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return MetadataFilterValidationError{
+				field:  "Matcher",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if all {
+		switch v := interface{}(m.GetMatchIfKeyNotFound()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, MetadataFilterValidationError{
+					field:  "MatchIfKeyNotFound",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, MetadataFilterValidationError{
+					field:  "MatchIfKeyNotFound",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetMatchIfKeyNotFound()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return MetadataFilterValidationError{
+				field:  "MatchIfKeyNotFound",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if len(errors) > 0 {
+		return MetadataFilterMultiError(errors)
+	}
+	return nil
+}
+
+// MetadataFilterMultiError is an error wrapping multiple validation errors
+// returned by MetadataFilter.ValidateAll() if the designated constraints
+// aren't met.
+type MetadataFilterMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m MetadataFilterMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m MetadataFilterMultiError) AllErrors() []error { return m }
+
+// MetadataFilterValidationError is the validation error returned by
+// MetadataFilter.Validate if the designated constraints aren't met.
+type MetadataFilterValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e MetadataFilterValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e MetadataFilterValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e MetadataFilterValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e MetadataFilterValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e MetadataFilterValidationError) ErrorName() string { return "MetadataFilterValidationError" }
+
+// Error satisfies the builtin error interface
+func (e MetadataFilterValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sMetadataFilter.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = MetadataFilterValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = MetadataFilterValidationError{}
+
+// Validate checks the field values on ExtensionFilter with the rules defined
+// in the proto definition for this message. If any rules are violated, the
+// first error encountered is returned, or nil if there are no violations.
+func (m *ExtensionFilter) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on ExtensionFilter with the rules
+// defined in the proto definition for this message. If any rules are
+// violated, the result is a list of violation errors wrapped in
+// ExtensionFilterMultiError, or nil if none found.
+func (m *ExtensionFilter) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *ExtensionFilter) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	// no validation rules for Name
+
+	switch m.ConfigType.(type) {
+
+	case *ExtensionFilter_TypedConfig:
+
+		if all {
+			switch v := interface{}(m.GetTypedConfig()).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, ExtensionFilterValidationError{
+						field:  "TypedConfig",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, ExtensionFilterValidationError{
+						field:  "TypedConfig",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(m.GetTypedConfig()).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return ExtensionFilterValidationError{
+					field:  "TypedConfig",
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	}
+
+	if len(errors) > 0 {
+		return ExtensionFilterMultiError(errors)
+	}
+	return nil
+}
+
+// ExtensionFilterMultiError is an error wrapping multiple validation errors
+// returned by ExtensionFilter.ValidateAll() if the designated constraints
+// aren't met.
+type ExtensionFilterMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m ExtensionFilterMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m ExtensionFilterMultiError) AllErrors() []error { return m }
+
+// ExtensionFilterValidationError is the validation error returned by
+// ExtensionFilter.Validate if the designated constraints aren't met.
+type ExtensionFilterValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e ExtensionFilterValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e ExtensionFilterValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e ExtensionFilterValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e ExtensionFilterValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e ExtensionFilterValidationError) ErrorName() string { return "ExtensionFilterValidationError" }
+
+// Error satisfies the builtin error interface
+func (e ExtensionFilterValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sExtensionFilter.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = ExtensionFilterValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = ExtensionFilterValidationError{}
diff --git a/vendor/github.com/envoyproxy/go-control-plane/envoy/config/bootstrap/v3/bootstrap.pb.go b/vendor/github.com/envoyproxy/go-control-plane/envoy/config/bootstrap/v3/bootstrap.pb.go
new file mode 100644
index 00000000000..b923d0a9da9
--- /dev/null
+++ b/vendor/github.com/envoyproxy/go-control-plane/envoy/config/bootstrap/v3/bootstrap.pb.go
@@ -0,0 +1,2695 @@
+// Code generated by protoc-gen-go. DO NOT EDIT.
+// versions:
+// 	protoc-gen-go v1.25.0
+// 	protoc        v3.19.1
+// source: envoy/config/bootstrap/v3/bootstrap.proto
+
+package envoy_config_bootstrap_v3
+
+import (
+	_ "github.com/cncf/xds/go/udpa/annotations"
+	_ "github.com/envoyproxy/go-control-plane/envoy/annotations"
+	v34 "github.com/envoyproxy/go-control-plane/envoy/config/accesslog/v3"
+	v37 "github.com/envoyproxy/go-control-plane/envoy/config/cluster/v3"
+	v3 "github.com/envoyproxy/go-control-plane/envoy/config/core/v3"
+	v36 "github.com/envoyproxy/go-control-plane/envoy/config/listener/v3"
+	v31 "github.com/envoyproxy/go-control-plane/envoy/config/metrics/v3"
+	v33 "github.com/envoyproxy/go-control-plane/envoy/config/overload/v3"
+	v32 "github.com/envoyproxy/go-control-plane/envoy/config/trace/v3"
+	v38 "github.com/envoyproxy/go-control-plane/envoy/extensions/transport_sockets/tls/v3"
+	v35 "github.com/envoyproxy/go-control-plane/envoy/type/v3"
+	_ "github.com/envoyproxy/protoc-gen-validate/validate"
+	proto "github.com/golang/protobuf/proto"
+	duration "github.com/golang/protobuf/ptypes/duration"
+	_struct "github.com/golang/protobuf/ptypes/struct"
+	wrappers "github.com/golang/protobuf/ptypes/wrappers"
+	protoreflect "google.golang.org/protobuf/reflect/protoreflect"
+	protoimpl "google.golang.org/protobuf/runtime/protoimpl"
+	reflect "reflect"
+	sync "sync"
+)
+
+const (
+	// Verify that this generated code is sufficiently up-to-date.
+	_ = protoimpl.EnforceVersion(20 - protoimpl.MinVersion)
+	// Verify that runtime/protoimpl is sufficiently up-to-date.
+	_ = protoimpl.EnforceVersion(protoimpl.MaxVersion - 20)
+)
+
+// This is a compile-time assertion that a sufficiently up-to-date version
+// of the legacy proto package is being used.
+const _ = proto.ProtoPackageIsVersion4
+
+// The events are fired in this order: KILL, MULTIKILL, MEGAMISS, MISS.
+// Within an event type, actions execute in the order they are configured.
+// For KILL/MULTIKILL there is a default PANIC that will run after the
+// registered actions and kills the process if it wasn't already killed.
+// It might be useful to specify several debug actions, and possibly an
+// alternate FATAL action.
+type Watchdog_WatchdogAction_WatchdogEvent int32
+
+const (
+	Watchdog_WatchdogAction_UNKNOWN   Watchdog_WatchdogAction_WatchdogEvent = 0
+	Watchdog_WatchdogAction_KILL      Watchdog_WatchdogAction_WatchdogEvent = 1
+	Watchdog_WatchdogAction_MULTIKILL Watchdog_WatchdogAction_WatchdogEvent = 2
+	Watchdog_WatchdogAction_MEGAMISS  Watchdog_WatchdogAction_WatchdogEvent = 3
+	Watchdog_WatchdogAction_MISS      Watchdog_WatchdogAction_WatchdogEvent = 4
+)
+
+// Enum value maps for Watchdog_WatchdogAction_WatchdogEvent.
+var (
+	Watchdog_WatchdogAction_WatchdogEvent_name = map[int32]string{
+		0: "UNKNOWN",
+		1: "KILL",
+		2: "MULTIKILL",
+		3: "MEGAMISS",
+		4: "MISS",
+	}
+	Watchdog_WatchdogAction_WatchdogEvent_value = map[string]int32{
+		"UNKNOWN":   0,
+		"KILL":      1,
+		"MULTIKILL": 2,
+		"MEGAMISS":  3,
+		"MISS":      4,
+	}
+)
+
+func (x Watchdog_WatchdogAction_WatchdogEvent) Enum() *Watchdog_WatchdogAction_WatchdogEvent {
+	p := new(Watchdog_WatchdogAction_WatchdogEvent)
+	*p = x
+	return p
+}
+
+func (x Watchdog_WatchdogAction_WatchdogEvent) String() string {
+	return protoimpl.X.EnumStringOf(x.Descriptor(), protoreflect.EnumNumber(x))
+}
+
+func (Watchdog_WatchdogAction_WatchdogEvent) Descriptor() protoreflect.EnumDescriptor {
+	return file_envoy_config_bootstrap_v3_bootstrap_proto_enumTypes[0].Descriptor()
+}
+
+func (Watchdog_WatchdogAction_WatchdogEvent) Type() protoreflect.EnumType {
+	return &file_envoy_config_bootstrap_v3_bootstrap_proto_enumTypes[0]
+}
+
+func (x Watchdog_WatchdogAction_WatchdogEvent) Number() protoreflect.EnumNumber {
+	return protoreflect.EnumNumber(x)
+}
+
+// Deprecated: Use Watchdog_WatchdogAction_WatchdogEvent.Descriptor instead.
+func (Watchdog_WatchdogAction_WatchdogEvent) EnumDescriptor() ([]byte, []int) {
+	return file_envoy_config_bootstrap_v3_bootstrap_proto_rawDescGZIP(), []int{4, 0, 0}
+}
+
+type CustomInlineHeader_InlineHeaderType int32
+
+const (
+	CustomInlineHeader_REQUEST_HEADER   CustomInlineHeader_InlineHeaderType = 0
+	CustomInlineHeader_REQUEST_TRAILER  CustomInlineHeader_InlineHeaderType = 1
+	CustomInlineHeader_RESPONSE_HEADER  CustomInlineHeader_InlineHeaderType = 2
+	CustomInlineHeader_RESPONSE_TRAILER CustomInlineHeader_InlineHeaderType = 3
+)
+
+// Enum value maps for CustomInlineHeader_InlineHeaderType.
+var (
+	CustomInlineHeader_InlineHeaderType_name = map[int32]string{
+		0: "REQUEST_HEADER",
+		1: "REQUEST_TRAILER",
+		2: "RESPONSE_HEADER",
+		3: "RESPONSE_TRAILER",
+	}
+	CustomInlineHeader_InlineHeaderType_value = map[string]int32{
+		"REQUEST_HEADER":   0,
+		"REQUEST_TRAILER":  1,
+		"RESPONSE_HEADER":  2,
+		"RESPONSE_TRAILER": 3,
+	}
+)
+
+func (x CustomInlineHeader_InlineHeaderType) Enum() *CustomInlineHeader_InlineHeaderType {
+	p := new(CustomInlineHeader_InlineHeaderType)
+	*p = x
+	return p
+}
+
+func (x CustomInlineHeader_InlineHeaderType) String() string {
+	return protoimpl.X.EnumStringOf(x.Descriptor(), protoreflect.EnumNumber(x))
+}
+
+func (CustomInlineHeader_InlineHeaderType) Descriptor() protoreflect.EnumDescriptor {
+	return file_envoy_config_bootstrap_v3_bootstrap_proto_enumTypes[1].Descriptor()
+}
+
+func (CustomInlineHeader_InlineHeaderType) Type() protoreflect.EnumType {
+	return &file_envoy_config_bootstrap_v3_bootstrap_proto_enumTypes[1]
+}
+
+func (x CustomInlineHeader_InlineHeaderType) Number() protoreflect.EnumNumber {
+	return protoreflect.EnumNumber(x)
+}
+
+// Deprecated: Use CustomInlineHeader_InlineHeaderType.Descriptor instead.
+func (CustomInlineHeader_InlineHeaderType) EnumDescriptor() ([]byte, []int) {
+	return file_envoy_config_bootstrap_v3_bootstrap_proto_rawDescGZIP(), []int{9, 0}
+}
+
+// Bootstrap :ref:`configuration overview <config_overview_bootstrap>`.
+// [#next-free-field: 33]
+type Bootstrap struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// Node identity to present to the management server and for instance
+	// identification purposes (e.g. in generated headers).
+	Node *v3.Node `protobuf:"bytes,1,opt,name=node,proto3" json:"node,omitempty"`
+	// A list of :ref:`Node <envoy_v3_api_msg_config.core.v3.Node>` field names
+	// that will be included in the context parameters of the effective
+	// xdstp:// URL that is sent in a discovery request when resource
+	// locators are used for LDS/CDS. Any non-string field will have its JSON
+	// encoding set as the context parameter value, with the exception of
+	// metadata, which will be flattened (see example below). The supported field
+	// names are:
+	// - "cluster"
+	// - "id"
+	// - "locality.region"
+	// - "locality.sub_zone"
+	// - "locality.zone"
+	// - "metadata"
+	// - "user_agent_build_version.metadata"
+	// - "user_agent_build_version.version"
+	// - "user_agent_name"
+	// - "user_agent_version"
+	//
+	// The node context parameters act as a base layer dictionary for the context
+	// parameters (i.e. more specific resource specific context parameters will
+	// override). Field names will be prefixed with “udpa.node.” when included in
+	// context parameters.
+	//
+	// For example, if node_context_params is ``["user_agent_name", "metadata"]``,
+	// the implied context parameters might be::
+	//
+	//   node.user_agent_name: "envoy"
+	//   node.metadata.foo: "{\"bar\": \"baz\"}"
+	//   node.metadata.some: "42"
+	//   node.metadata.thing: "\"thing\""
+	//
+	// [#not-implemented-hide:]
+	NodeContextParams []string `protobuf:"bytes,26,rep,name=node_context_params,json=nodeContextParams,proto3" json:"node_context_params,omitempty"`
+	// Statically specified resources.
+	StaticResources *Bootstrap_StaticResources `protobuf:"bytes,2,opt,name=static_resources,json=staticResources,proto3" json:"static_resources,omitempty"`
+	// xDS configuration sources.
+	DynamicResources *Bootstrap_DynamicResources `protobuf:"bytes,3,opt,name=dynamic_resources,json=dynamicResources,proto3" json:"dynamic_resources,omitempty"`
+	// Configuration for the cluster manager which owns all upstream clusters
+	// within the server.
+	ClusterManager *ClusterManager `protobuf:"bytes,4,opt,name=cluster_manager,json=clusterManager,proto3" json:"cluster_manager,omitempty"`
+	// Health discovery service config option.
+	// (:ref:`core.ApiConfigSource <envoy_v3_api_msg_config.core.v3.ApiConfigSource>`)
+	HdsConfig *v3.ApiConfigSource `protobuf:"bytes,14,opt,name=hds_config,json=hdsConfig,proto3" json:"hds_config,omitempty"`
+	// Optional file system path to search for startup flag files.
+	FlagsPath string `protobuf:"bytes,5,opt,name=flags_path,json=flagsPath,proto3" json:"flags_path,omitempty"`
+	// Optional set of stats sinks.
+	StatsSinks []*v31.StatsSink `protobuf:"bytes,6,rep,name=stats_sinks,json=statsSinks,proto3" json:"stats_sinks,omitempty"`
+	// Configuration for internal processing of stats.
+	StatsConfig *v31.StatsConfig `protobuf:"bytes,13,opt,name=stats_config,json=statsConfig,proto3" json:"stats_config,omitempty"`
+	// Optional duration between flushes to configured stats sinks. For
+	// performance reasons Envoy latches counters and only flushes counters and
+	// gauges at a periodic interval. If not specified the default is 5000ms (5
+	// seconds). Only one of `stats_flush_interval` or `stats_flush_on_admin`
+	// can be set.
+	// Duration must be at least 1ms and at most 5 min.
+	StatsFlushInterval *duration.Duration `protobuf:"bytes,7,opt,name=stats_flush_interval,json=statsFlushInterval,proto3" json:"stats_flush_interval,omitempty"`
+	// Types that are assignable to StatsFlush:
+	//	*Bootstrap_StatsFlushOnAdmin
+	StatsFlush isBootstrap_StatsFlush `protobuf_oneof:"stats_flush"`
+	// Optional watchdog configuration.
+	// This is for a single watchdog configuration for the entire system.
+	// Deprecated in favor of *watchdogs* which has finer granularity.
+	//
+	// Deprecated: Do not use.
+	Watchdog *Watchdog `protobuf:"bytes,8,opt,name=watchdog,proto3" json:"watchdog,omitempty"`
+	// Optional watchdogs configuration.
+	// This is used for specifying different watchdogs for the different subsystems.
+	// [#extension-category: envoy.guarddog_actions]
+	Watchdogs *Watchdogs `protobuf:"bytes,27,opt,name=watchdogs,proto3" json:"watchdogs,omitempty"`
+	// Configuration for an external tracing provider.
+	//
+	// .. attention::
+	//  This field has been deprecated in favor of :ref:`HttpConnectionManager.Tracing.provider
+	//  <envoy_v3_api_field_extensions.filters.network.http_connection_manager.v3.HttpConnectionManager.Tracing.provider>`.
+	//
+	// Deprecated: Do not use.
+	Tracing *v32.Tracing `protobuf:"bytes,9,opt,name=tracing,proto3" json:"tracing,omitempty"`
+	// Configuration for the runtime configuration provider. If not
+	// specified, a “null” provider will be used which will result in all defaults
+	// being used.
+	LayeredRuntime *LayeredRuntime `protobuf:"bytes,17,opt,name=layered_runtime,json=layeredRuntime,proto3" json:"layered_runtime,omitempty"`
+	// Configuration for the local administration HTTP server.
+	Admin *Admin `protobuf:"bytes,12,opt,name=admin,proto3" json:"admin,omitempty"`
+	// Optional overload manager configuration.
+	OverloadManager *v33.OverloadManager `protobuf:"bytes,15,opt,name=overload_manager,json=overloadManager,proto3" json:"overload_manager,omitempty"`
+	// Enable :ref:`stats for event dispatcher <operations_performance>`, defaults to false.
+	// Note that this records a value for each iteration of the event loop on every thread. This
+	// should normally be minimal overhead, but when using
+	// :ref:`statsd <envoy_v3_api_msg_config.metrics.v3.StatsdSink>`, it will send each observed value
+	// over the wire individually because the statsd protocol doesn't have any way to represent a
+	// histogram summary. Be aware that this can be a very large volume of data.
+	EnableDispatcherStats bool `protobuf:"varint,16,opt,name=enable_dispatcher_stats,json=enableDispatcherStats,proto3" json:"enable_dispatcher_stats,omitempty"`
+	// Optional string which will be used in lieu of x-envoy in prefixing headers.
+	//
+	// For example, if this string is present and set to X-Foo, then x-envoy-retry-on will be
+	// transformed into x-foo-retry-on etc.
+	//
+	// Note this applies to the headers Envoy will generate, the headers Envoy will sanitize, and the
+	// headers Envoy will trust for core code and core extensions only. Be VERY careful making
+	// changes to this string, especially in multi-layer Envoy deployments or deployments using
+	// extensions which are not upstream.
+	HeaderPrefix string `protobuf:"bytes,18,opt,name=header_prefix,json=headerPrefix,proto3" json:"header_prefix,omitempty"`
+	// Optional proxy version which will be used to set the value of :ref:`server.version statistic
+	// <server_statistics>` if specified. Envoy will not process this value, it will be sent as is to
+	// :ref:`stats sinks <envoy_v3_api_msg_config.metrics.v3.StatsSink>`.
+	StatsServerVersionOverride *wrappers.UInt64Value `protobuf:"bytes,19,opt,name=stats_server_version_override,json=statsServerVersionOverride,proto3" json:"stats_server_version_override,omitempty"`
+	// Always use TCP queries instead of UDP queries for DNS lookups.
+	// This may be overridden on a per-cluster basis in cds_config,
+	// when :ref:`dns_resolvers <envoy_v3_api_field_config.cluster.v3.Cluster.dns_resolvers>` and
+	// :ref:`use_tcp_for_dns_lookups <envoy_v3_api_field_config.cluster.v3.Cluster.use_tcp_for_dns_lookups>` are
+	// specified.
+	// This field is deprecated in favor of *dns_resolution_config*
+	// which aggregates all of the DNS resolver configuration in a single message.
+	//
+	// Deprecated: Do not use.
+	UseTcpForDnsLookups bool `protobuf:"varint,20,opt,name=use_tcp_for_dns_lookups,json=useTcpForDnsLookups,proto3" json:"use_tcp_for_dns_lookups,omitempty"`
+	// DNS resolution configuration which includes the underlying dns resolver addresses and options.
+	// This may be overridden on a per-cluster basis in cds_config, when
+	// :ref:`dns_resolution_config <envoy_v3_api_field_config.cluster.v3.Cluster.dns_resolution_config>`
+	// is specified.
+	// This field is deprecated in favor of
+	// :ref:`typed_dns_resolver_config <envoy_v3_api_field_config.bootstrap.v3.Bootstrap.typed_dns_resolver_config>`.
+	//
+	// Deprecated: Do not use.
+	DnsResolutionConfig *v3.DnsResolutionConfig `protobuf:"bytes,30,opt,name=dns_resolution_config,json=dnsResolutionConfig,proto3" json:"dns_resolution_config,omitempty"`
+	// DNS resolver type configuration extension. This extension can be used to configure c-ares, apple,
+	// or any other DNS resolver types and the related parameters.
+	// For example, an object of
+	// :ref:`CaresDnsResolverConfig <envoy_v3_api_msg_extensions.network.dns_resolver.cares.v3.CaresDnsResolverConfig>`
+	// can be packed into this *typed_dns_resolver_config*. This configuration replaces the
+	// :ref:`dns_resolution_config <envoy_v3_api_field_config.bootstrap.v3.Bootstrap.dns_resolution_config>`
+	// configuration.
+	// During the transition period when both *dns_resolution_config* and *typed_dns_resolver_config* exists,
+	// when *typed_dns_resolver_config* is in place, Envoy will use it and ignore *dns_resolution_config*.
+	// When *typed_dns_resolver_config* is missing, the default behavior is in place.
+	// [#extension-category: envoy.network.dns_resolver]
+	TypedDnsResolverConfig *v3.TypedExtensionConfig `protobuf:"bytes,31,opt,name=typed_dns_resolver_config,json=typedDnsResolverConfig,proto3" json:"typed_dns_resolver_config,omitempty"`
+	// Specifies optional bootstrap extensions to be instantiated at startup time.
+	// Each item contains extension specific configuration.
+	// [#extension-category: envoy.bootstrap]
+	BootstrapExtensions []*v3.TypedExtensionConfig `protobuf:"bytes,21,rep,name=bootstrap_extensions,json=bootstrapExtensions,proto3" json:"bootstrap_extensions,omitempty"`
+	// Specifies optional extensions instantiated at startup time and
+	// invoked during crash time on the request that caused the crash.
+	FatalActions []*FatalAction `protobuf:"bytes,28,rep,name=fatal_actions,json=fatalActions,proto3" json:"fatal_actions,omitempty"`
+	// Configuration sources that will participate in
+	// xdstp:// URL authority resolution. The algorithm is as
+	// follows:
+	// 1. The authority field is taken from the xdstp:// URL, call
+	//    this *resource_authority*.
+	// 2. *resource_authority* is compared against the authorities in any peer
+	//    *ConfigSource*. The peer *ConfigSource* is the configuration source
+	//    message which would have been used unconditionally for resolution
+	//    with opaque resource names. If there is a match with an authority, the
+	//    peer *ConfigSource* message is used.
+	// 3. *resource_authority* is compared sequentially with the authorities in
+	//    each configuration source in *config_sources*. The first *ConfigSource*
+	//    to match wins.
+	// 4. As a fallback, if no configuration source matches, then
+	//    *default_config_source* is used.
+	// 5. If *default_config_source* is not specified, resolution fails.
+	// [#not-implemented-hide:]
+	ConfigSources []*v3.ConfigSource `protobuf:"bytes,22,rep,name=config_sources,json=configSources,proto3" json:"config_sources,omitempty"`
+	// Default configuration source for xdstp:// URLs if all
+	// other resolution fails.
+	// [#not-implemented-hide:]
+	DefaultConfigSource *v3.ConfigSource `protobuf:"bytes,23,opt,name=default_config_source,json=defaultConfigSource,proto3" json:"default_config_source,omitempty"`
+	// Optional overriding of default socket interface. The value must be the name of one of the
+	// socket interface factories initialized through a bootstrap extension
+	DefaultSocketInterface string `protobuf:"bytes,24,opt,name=default_socket_interface,json=defaultSocketInterface,proto3" json:"default_socket_interface,omitempty"`
+	// Global map of CertificateProvider instances. These instances are referred to by name in the
+	// :ref:`CommonTlsContext.CertificateProviderInstance.instance_name
+	// <envoy_v3_api_field_extensions.transport_sockets.tls.v3.CommonTlsContext.CertificateProviderInstance.instance_name>`
+	// field.
+	// [#not-implemented-hide:]
+	CertificateProviderInstances map[string]*v3.TypedExtensionConfig `protobuf:"bytes,25,rep,name=certificate_provider_instances,json=certificateProviderInstances,proto3" json:"certificate_provider_instances,omitempty" protobuf_key:"bytes,1,opt,name=key,proto3" protobuf_val:"bytes,2,opt,name=value,proto3"`
+	// Specifies a set of headers that need to be registered as inline header. This configuration
+	// allows users to customize the inline headers on-demand at Envoy startup without modifying
+	// Envoy's source code.
+	//
+	// Note that the 'set-cookie' header cannot be registered as inline header.
+	InlineHeaders []*CustomInlineHeader `protobuf:"bytes,32,rep,name=inline_headers,json=inlineHeaders,proto3" json:"inline_headers,omitempty"`
+}
+
+func (x *Bootstrap) Reset() {
+	*x = Bootstrap{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_config_bootstrap_v3_bootstrap_proto_msgTypes[0]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *Bootstrap) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*Bootstrap) ProtoMessage() {}
+
+func (x *Bootstrap) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_config_bootstrap_v3_bootstrap_proto_msgTypes[0]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use Bootstrap.ProtoReflect.Descriptor instead.
+func (*Bootstrap) Descriptor() ([]byte, []int) {
+	return file_envoy_config_bootstrap_v3_bootstrap_proto_rawDescGZIP(), []int{0}
+}
+
+func (x *Bootstrap) GetNode() *v3.Node {
+	if x != nil {
+		return x.Node
+	}
+	return nil
+}
+
+func (x *Bootstrap) GetNodeContextParams() []string {
+	if x != nil {
+		return x.NodeContextParams
+	}
+	return nil
+}
+
+func (x *Bootstrap) GetStaticResources() *Bootstrap_StaticResources {
+	if x != nil {
+		return x.StaticResources
+	}
+	return nil
+}
+
+func (x *Bootstrap) GetDynamicResources() *Bootstrap_DynamicResources {
+	if x != nil {
+		return x.DynamicResources
+	}
+	return nil
+}
+
+func (x *Bootstrap) GetClusterManager() *ClusterManager {
+	if x != nil {
+		return x.ClusterManager
+	}
+	return nil
+}
+
+func (x *Bootstrap) GetHdsConfig() *v3.ApiConfigSource {
+	if x != nil {
+		return x.HdsConfig
+	}
+	return nil
+}
+
+func (x *Bootstrap) GetFlagsPath() string {
+	if x != nil {
+		return x.FlagsPath
+	}
+	return ""
+}
+
+func (x *Bootstrap) GetStatsSinks() []*v31.StatsSink {
+	if x != nil {
+		return x.StatsSinks
+	}
+	return nil
+}
+
+func (x *Bootstrap) GetStatsConfig() *v31.StatsConfig {
+	if x != nil {
+		return x.StatsConfig
+	}
+	return nil
+}
+
+func (x *Bootstrap) GetStatsFlushInterval() *duration.Duration {
+	if x != nil {
+		return x.StatsFlushInterval
+	}
+	return nil
+}
+
+func (m *Bootstrap) GetStatsFlush() isBootstrap_StatsFlush {
+	if m != nil {
+		return m.StatsFlush
+	}
+	return nil
+}
+
+func (x *Bootstrap) GetStatsFlushOnAdmin() bool {
+	if x, ok := x.GetStatsFlush().(*Bootstrap_StatsFlushOnAdmin); ok {
+		return x.StatsFlushOnAdmin
+	}
+	return false
+}
+
+// Deprecated: Do not use.
+func (x *Bootstrap) GetWatchdog() *Watchdog {
+	if x != nil {
+		return x.Watchdog
+	}
+	return nil
+}
+
+func (x *Bootstrap) GetWatchdogs() *Watchdogs {
+	if x != nil {
+		return x.Watchdogs
+	}
+	return nil
+}
+
+// Deprecated: Do not use.
+func (x *Bootstrap) GetTracing() *v32.Tracing {
+	if x != nil {
+		return x.Tracing
+	}
+	return nil
+}
+
+func (x *Bootstrap) GetLayeredRuntime() *LayeredRuntime {
+	if x != nil {
+		return x.LayeredRuntime
+	}
+	return nil
+}
+
+func (x *Bootstrap) GetAdmin() *Admin {
+	if x != nil {
+		return x.Admin
+	}
+	return nil
+}
+
+func (x *Bootstrap) GetOverloadManager() *v33.OverloadManager {
+	if x != nil {
+		return x.OverloadManager
+	}
+	return nil
+}
+
+func (x *Bootstrap) GetEnableDispatcherStats() bool {
+	if x != nil {
+		return x.EnableDispatcherStats
+	}
+	return false
+}
+
+func (x *Bootstrap) GetHeaderPrefix() string {
+	if x != nil {
+		return x.HeaderPrefix
+	}
+	return ""
+}
+
+func (x *Bootstrap) GetStatsServerVersionOverride() *wrappers.UInt64Value {
+	if x != nil {
+		return x.StatsServerVersionOverride
+	}
+	return nil
+}
+
+// Deprecated: Do not use.
+func (x *Bootstrap) GetUseTcpForDnsLookups() bool {
+	if x != nil {
+		return x.UseTcpForDnsLookups
+	}
+	return false
+}
+
+// Deprecated: Do not use.
+func (x *Bootstrap) GetDnsResolutionConfig() *v3.DnsResolutionConfig {
+	if x != nil {
+		return x.DnsResolutionConfig
+	}
+	return nil
+}
+
+func (x *Bootstrap) GetTypedDnsResolverConfig() *v3.TypedExtensionConfig {
+	if x != nil {
+		return x.TypedDnsResolverConfig
+	}
+	return nil
+}
+
+func (x *Bootstrap) GetBootstrapExtensions() []*v3.TypedExtensionConfig {
+	if x != nil {
+		return x.BootstrapExtensions
+	}
+	return nil
+}
+
+func (x *Bootstrap) GetFatalActions() []*FatalAction {
+	if x != nil {
+		return x.FatalActions
+	}
+	return nil
+}
+
+func (x *Bootstrap) GetConfigSources() []*v3.ConfigSource {
+	if x != nil {
+		return x.ConfigSources
+	}
+	return nil
+}
+
+func (x *Bootstrap) GetDefaultConfigSource() *v3.ConfigSource {
+	if x != nil {
+		return x.DefaultConfigSource
+	}
+	return nil
+}
+
+func (x *Bootstrap) GetDefaultSocketInterface() string {
+	if x != nil {
+		return x.DefaultSocketInterface
+	}
+	return ""
+}
+
+func (x *Bootstrap) GetCertificateProviderInstances() map[string]*v3.TypedExtensionConfig {
+	if x != nil {
+		return x.CertificateProviderInstances
+	}
+	return nil
+}
+
+func (x *Bootstrap) GetInlineHeaders() []*CustomInlineHeader {
+	if x != nil {
+		return x.InlineHeaders
+	}
+	return nil
+}
+
+type isBootstrap_StatsFlush interface {
+	isBootstrap_StatsFlush()
+}
+
+type Bootstrap_StatsFlushOnAdmin struct {
+	// Flush stats to sinks only when queried for on the admin interface. If set,
+	// a flush timer is not created. Only one of `stats_flush_on_admin` or
+	// `stats_flush_interval` can be set.
+	StatsFlushOnAdmin bool `protobuf:"varint,29,opt,name=stats_flush_on_admin,json=statsFlushOnAdmin,proto3,oneof"`
+}
+
+func (*Bootstrap_StatsFlushOnAdmin) isBootstrap_StatsFlush() {}
+
+// Administration interface :ref:`operations documentation
+// <operations_admin_interface>`.
+// [#next-free-field: 6]
+type Admin struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// Configuration for :ref:`access logs <arch_overview_access_logs>`
+	// emitted by the administration server.
+	AccessLog []*v34.AccessLog `protobuf:"bytes,5,rep,name=access_log,json=accessLog,proto3" json:"access_log,omitempty"`
+	// The path to write the access log for the administration server. If no
+	// access log is desired specify ‘/dev/null’. This is only required if
+	// :ref:`address <envoy_v3_api_field_config.bootstrap.v3.Admin.address>` is set.
+	// Deprecated in favor of *access_log* which offers more options.
+	//
+	// Deprecated: Do not use.
+	AccessLogPath string `protobuf:"bytes,1,opt,name=access_log_path,json=accessLogPath,proto3" json:"access_log_path,omitempty"`
+	// The cpu profiler output path for the administration server. If no profile
+	// path is specified, the default is ‘/var/log/envoy/envoy.prof’.
+	ProfilePath string `protobuf:"bytes,2,opt,name=profile_path,json=profilePath,proto3" json:"profile_path,omitempty"`
+	// The TCP address that the administration server will listen on.
+	// If not specified, Envoy will not start an administration server.
+	Address *v3.Address `protobuf:"bytes,3,opt,name=address,proto3" json:"address,omitempty"`
+	// Additional socket options that may not be present in Envoy source code or
+	// precompiled binaries.
+	SocketOptions []*v3.SocketOption `protobuf:"bytes,4,rep,name=socket_options,json=socketOptions,proto3" json:"socket_options,omitempty"`
+}
+
+func (x *Admin) Reset() {
+	*x = Admin{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_config_bootstrap_v3_bootstrap_proto_msgTypes[1]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *Admin) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*Admin) ProtoMessage() {}
+
+func (x *Admin) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_config_bootstrap_v3_bootstrap_proto_msgTypes[1]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use Admin.ProtoReflect.Descriptor instead.
+func (*Admin) Descriptor() ([]byte, []int) {
+	return file_envoy_config_bootstrap_v3_bootstrap_proto_rawDescGZIP(), []int{1}
+}
+
+func (x *Admin) GetAccessLog() []*v34.AccessLog {
+	if x != nil {
+		return x.AccessLog
+	}
+	return nil
+}
+
+// Deprecated: Do not use.
+func (x *Admin) GetAccessLogPath() string {
+	if x != nil {
+		return x.AccessLogPath
+	}
+	return ""
+}
+
+func (x *Admin) GetProfilePath() string {
+	if x != nil {
+		return x.ProfilePath
+	}
+	return ""
+}
+
+func (x *Admin) GetAddress() *v3.Address {
+	if x != nil {
+		return x.Address
+	}
+	return nil
+}
+
+func (x *Admin) GetSocketOptions() []*v3.SocketOption {
+	if x != nil {
+		return x.SocketOptions
+	}
+	return nil
+}
+
+// Cluster manager :ref:`architecture overview <arch_overview_cluster_manager>`.
+type ClusterManager struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// Name of the local cluster (i.e., the cluster that owns the Envoy running
+	// this configuration). In order to enable :ref:`zone aware routing
+	// <arch_overview_load_balancing_zone_aware_routing>` this option must be set.
+	// If *local_cluster_name* is defined then :ref:`clusters
+	// <envoy_v3_api_msg_config.cluster.v3.Cluster>` must be defined in the :ref:`Bootstrap
+	// static cluster resources
+	// <envoy_v3_api_field_config.bootstrap.v3.Bootstrap.StaticResources.clusters>`. This is unrelated to
+	// the :option:`--service-cluster` option which does not `affect zone aware
+	// routing <https://github.com/envoyproxy/envoy/issues/774>`_.
+	LocalClusterName string `protobuf:"bytes,1,opt,name=local_cluster_name,json=localClusterName,proto3" json:"local_cluster_name,omitempty"`
+	// Optional global configuration for outlier detection.
+	OutlierDetection *ClusterManager_OutlierDetection `protobuf:"bytes,2,opt,name=outlier_detection,json=outlierDetection,proto3" json:"outlier_detection,omitempty"`
+	// Optional configuration used to bind newly established upstream connections.
+	// This may be overridden on a per-cluster basis by upstream_bind_config in the cds_config.
+	UpstreamBindConfig *v3.BindConfig `protobuf:"bytes,3,opt,name=upstream_bind_config,json=upstreamBindConfig,proto3" json:"upstream_bind_config,omitempty"`
+	// A management server endpoint to stream load stats to via
+	// *StreamLoadStats*. This must have :ref:`api_type
+	// <envoy_v3_api_field_config.core.v3.ApiConfigSource.api_type>` :ref:`GRPC
+	// <envoy_v3_api_enum_value_config.core.v3.ApiConfigSource.ApiType.GRPC>`.
+	LoadStatsConfig *v3.ApiConfigSource `protobuf:"bytes,4,opt,name=load_stats_config,json=loadStatsConfig,proto3" json:"load_stats_config,omitempty"`
+}
+
+func (x *ClusterManager) Reset() {
+	*x = ClusterManager{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_config_bootstrap_v3_bootstrap_proto_msgTypes[2]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *ClusterManager) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*ClusterManager) ProtoMessage() {}
+
+func (x *ClusterManager) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_config_bootstrap_v3_bootstrap_proto_msgTypes[2]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use ClusterManager.ProtoReflect.Descriptor instead.
+func (*ClusterManager) Descriptor() ([]byte, []int) {
+	return file_envoy_config_bootstrap_v3_bootstrap_proto_rawDescGZIP(), []int{2}
+}
+
+func (x *ClusterManager) GetLocalClusterName() string {
+	if x != nil {
+		return x.LocalClusterName
+	}
+	return ""
+}
+
+func (x *ClusterManager) GetOutlierDetection() *ClusterManager_OutlierDetection {
+	if x != nil {
+		return x.OutlierDetection
+	}
+	return nil
+}
+
+func (x *ClusterManager) GetUpstreamBindConfig() *v3.BindConfig {
+	if x != nil {
+		return x.UpstreamBindConfig
+	}
+	return nil
+}
+
+func (x *ClusterManager) GetLoadStatsConfig() *v3.ApiConfigSource {
+	if x != nil {
+		return x.LoadStatsConfig
+	}
+	return nil
+}
+
+// Allows you to specify different watchdog configs for different subsystems.
+// This allows finer tuned policies for the watchdog. If a subsystem is omitted
+// the default values for that system will be used.
+type Watchdogs struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// Watchdog for the main thread.
+	MainThreadWatchdog *Watchdog `protobuf:"bytes,1,opt,name=main_thread_watchdog,json=mainThreadWatchdog,proto3" json:"main_thread_watchdog,omitempty"`
+	// Watchdog for the worker threads.
+	WorkerWatchdog *Watchdog `protobuf:"bytes,2,opt,name=worker_watchdog,json=workerWatchdog,proto3" json:"worker_watchdog,omitempty"`
+}
+
+func (x *Watchdogs) Reset() {
+	*x = Watchdogs{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_config_bootstrap_v3_bootstrap_proto_msgTypes[3]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *Watchdogs) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*Watchdogs) ProtoMessage() {}
+
+func (x *Watchdogs) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_config_bootstrap_v3_bootstrap_proto_msgTypes[3]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use Watchdogs.ProtoReflect.Descriptor instead.
+func (*Watchdogs) Descriptor() ([]byte, []int) {
+	return file_envoy_config_bootstrap_v3_bootstrap_proto_rawDescGZIP(), []int{3}
+}
+
+func (x *Watchdogs) GetMainThreadWatchdog() *Watchdog {
+	if x != nil {
+		return x.MainThreadWatchdog
+	}
+	return nil
+}
+
+func (x *Watchdogs) GetWorkerWatchdog() *Watchdog {
+	if x != nil {
+		return x.WorkerWatchdog
+	}
+	return nil
+}
+
+// Envoy process watchdog configuration. When configured, this monitors for
+// nonresponsive threads and kills the process after the configured thresholds.
+// See the :ref:`watchdog documentation <operations_performance_watchdog>` for more information.
+// [#next-free-field: 8]
+type Watchdog struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// Register actions that will fire on given WatchDog events.
+	// See *WatchDogAction* for priority of events.
+	Actions []*Watchdog_WatchdogAction `protobuf:"bytes,7,rep,name=actions,proto3" json:"actions,omitempty"`
+	// The duration after which Envoy counts a nonresponsive thread in the
+	// *watchdog_miss* statistic. If not specified the default is 200ms.
+	MissTimeout *duration.Duration `protobuf:"bytes,1,opt,name=miss_timeout,json=missTimeout,proto3" json:"miss_timeout,omitempty"`
+	// The duration after which Envoy counts a nonresponsive thread in the
+	// *watchdog_mega_miss* statistic. If not specified the default is
+	// 1000ms.
+	MegamissTimeout *duration.Duration `protobuf:"bytes,2,opt,name=megamiss_timeout,json=megamissTimeout,proto3" json:"megamiss_timeout,omitempty"`
+	// If a watched thread has been nonresponsive for this duration, assume a
+	// programming error and kill the entire Envoy process. Set to 0 to disable
+	// kill behavior. If not specified the default is 0 (disabled).
+	KillTimeout *duration.Duration `protobuf:"bytes,3,opt,name=kill_timeout,json=killTimeout,proto3" json:"kill_timeout,omitempty"`
+	// Defines the maximum jitter used to adjust the *kill_timeout* if *kill_timeout* is
+	// enabled. Enabling this feature would help to reduce risk of synchronized
+	// watchdog kill events across proxies due to external triggers. Set to 0 to
+	// disable. If not specified the default is 0 (disabled).
+	MaxKillTimeoutJitter *duration.Duration `protobuf:"bytes,6,opt,name=max_kill_timeout_jitter,json=maxKillTimeoutJitter,proto3" json:"max_kill_timeout_jitter,omitempty"`
+	// If max(2, ceil(registered_threads * Fraction(*multikill_threshold*)))
+	// threads have been nonresponsive for at least this duration kill the entire
+	// Envoy process. Set to 0 to disable this behavior. If not specified the
+	// default is 0 (disabled).
+	MultikillTimeout *duration.Duration `protobuf:"bytes,4,opt,name=multikill_timeout,json=multikillTimeout,proto3" json:"multikill_timeout,omitempty"`
+	// Sets the threshold for *multikill_timeout* in terms of the percentage of
+	// nonresponsive threads required for the *multikill_timeout*.
+	// If not specified the default is 0.
+	MultikillThreshold *v35.Percent `protobuf:"bytes,5,opt,name=multikill_threshold,json=multikillThreshold,proto3" json:"multikill_threshold,omitempty"`
+}
+
+func (x *Watchdog) Reset() {
+	*x = Watchdog{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_config_bootstrap_v3_bootstrap_proto_msgTypes[4]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *Watchdog) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*Watchdog) ProtoMessage() {}
+
+func (x *Watchdog) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_config_bootstrap_v3_bootstrap_proto_msgTypes[4]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use Watchdog.ProtoReflect.Descriptor instead.
+func (*Watchdog) Descriptor() ([]byte, []int) {
+	return file_envoy_config_bootstrap_v3_bootstrap_proto_rawDescGZIP(), []int{4}
+}
+
+func (x *Watchdog) GetActions() []*Watchdog_WatchdogAction {
+	if x != nil {
+		return x.Actions
+	}
+	return nil
+}
+
+func (x *Watchdog) GetMissTimeout() *duration.Duration {
+	if x != nil {
+		return x.MissTimeout
+	}
+	return nil
+}
+
+func (x *Watchdog) GetMegamissTimeout() *duration.Duration {
+	if x != nil {
+		return x.MegamissTimeout
+	}
+	return nil
+}
+
+func (x *Watchdog) GetKillTimeout() *duration.Duration {
+	if x != nil {
+		return x.KillTimeout
+	}
+	return nil
+}
+
+func (x *Watchdog) GetMaxKillTimeoutJitter() *duration.Duration {
+	if x != nil {
+		return x.MaxKillTimeoutJitter
+	}
+	return nil
+}
+
+func (x *Watchdog) GetMultikillTimeout() *duration.Duration {
+	if x != nil {
+		return x.MultikillTimeout
+	}
+	return nil
+}
+
+func (x *Watchdog) GetMultikillThreshold() *v35.Percent {
+	if x != nil {
+		return x.MultikillThreshold
+	}
+	return nil
+}
+
+// Fatal actions to run while crashing. Actions can be safe (meaning they are
+// async-signal safe) or unsafe. We run all safe actions before we run unsafe actions.
+// If using an unsafe action that could get stuck or deadlock, it important to
+// have an out of band system to terminate the process.
+//
+// The interface for the extension is ``Envoy::Server::Configuration::FatalAction``.
+// *FatalAction* extensions live in the ``envoy.extensions.fatal_actions`` API
+// namespace.
+type FatalAction struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// Extension specific configuration for the action. It's expected to conform
+	// to the ``Envoy::Server::Configuration::FatalAction`` interface.
+	Config *v3.TypedExtensionConfig `protobuf:"bytes,1,opt,name=config,proto3" json:"config,omitempty"`
+}
+
+func (x *FatalAction) Reset() {
+	*x = FatalAction{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_config_bootstrap_v3_bootstrap_proto_msgTypes[5]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *FatalAction) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*FatalAction) ProtoMessage() {}
+
+func (x *FatalAction) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_config_bootstrap_v3_bootstrap_proto_msgTypes[5]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use FatalAction.ProtoReflect.Descriptor instead.
+func (*FatalAction) Descriptor() ([]byte, []int) {
+	return file_envoy_config_bootstrap_v3_bootstrap_proto_rawDescGZIP(), []int{5}
+}
+
+func (x *FatalAction) GetConfig() *v3.TypedExtensionConfig {
+	if x != nil {
+		return x.Config
+	}
+	return nil
+}
+
+// Runtime :ref:`configuration overview <config_runtime>` (deprecated).
+type Runtime struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// The implementation assumes that the file system tree is accessed via a
+	// symbolic link. An atomic link swap is used when a new tree should be
+	// switched to. This parameter specifies the path to the symbolic link. Envoy
+	// will watch the location for changes and reload the file system tree when
+	// they happen. If this parameter is not set, there will be no disk based
+	// runtime.
+	SymlinkRoot string `protobuf:"bytes,1,opt,name=symlink_root,json=symlinkRoot,proto3" json:"symlink_root,omitempty"`
+	// Specifies the subdirectory to load within the root directory. This is
+	// useful if multiple systems share the same delivery mechanism. Envoy
+	// configuration elements can be contained in a dedicated subdirectory.
+	Subdirectory string `protobuf:"bytes,2,opt,name=subdirectory,proto3" json:"subdirectory,omitempty"`
+	// Specifies an optional subdirectory to load within the root directory. If
+	// specified and the directory exists, configuration values within this
+	// directory will override those found in the primary subdirectory. This is
+	// useful when Envoy is deployed across many different types of servers.
+	// Sometimes it is useful to have a per service cluster directory for runtime
+	// configuration. See below for exactly how the override directory is used.
+	OverrideSubdirectory string `protobuf:"bytes,3,opt,name=override_subdirectory,json=overrideSubdirectory,proto3" json:"override_subdirectory,omitempty"`
+	// Static base runtime. This will be :ref:`overridden
+	// <config_runtime_layering>` by other runtime layers, e.g.
+	// disk or admin. This follows the :ref:`runtime protobuf JSON representation
+	// encoding <config_runtime_proto_json>`.
+	Base *_struct.Struct `protobuf:"bytes,4,opt,name=base,proto3" json:"base,omitempty"`
+}
+
+func (x *Runtime) Reset() {
+	*x = Runtime{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_config_bootstrap_v3_bootstrap_proto_msgTypes[6]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *Runtime) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*Runtime) ProtoMessage() {}
+
+func (x *Runtime) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_config_bootstrap_v3_bootstrap_proto_msgTypes[6]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use Runtime.ProtoReflect.Descriptor instead.
+func (*Runtime) Descriptor() ([]byte, []int) {
+	return file_envoy_config_bootstrap_v3_bootstrap_proto_rawDescGZIP(), []int{6}
+}
+
+func (x *Runtime) GetSymlinkRoot() string {
+	if x != nil {
+		return x.SymlinkRoot
+	}
+	return ""
+}
+
+func (x *Runtime) GetSubdirectory() string {
+	if x != nil {
+		return x.Subdirectory
+	}
+	return ""
+}
+
+func (x *Runtime) GetOverrideSubdirectory() string {
+	if x != nil {
+		return x.OverrideSubdirectory
+	}
+	return ""
+}
+
+func (x *Runtime) GetBase() *_struct.Struct {
+	if x != nil {
+		return x.Base
+	}
+	return nil
+}
+
+// [#next-free-field: 6]
+type RuntimeLayer struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// Descriptive name for the runtime layer. This is only used for the runtime
+	// :http:get:`/runtime` output.
+	Name string `protobuf:"bytes,1,opt,name=name,proto3" json:"name,omitempty"`
+	// Types that are assignable to LayerSpecifier:
+	//	*RuntimeLayer_StaticLayer
+	//	*RuntimeLayer_DiskLayer_
+	//	*RuntimeLayer_AdminLayer_
+	//	*RuntimeLayer_RtdsLayer_
+	LayerSpecifier isRuntimeLayer_LayerSpecifier `protobuf_oneof:"layer_specifier"`
+}
+
+func (x *RuntimeLayer) Reset() {
+	*x = RuntimeLayer{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_config_bootstrap_v3_bootstrap_proto_msgTypes[7]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *RuntimeLayer) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*RuntimeLayer) ProtoMessage() {}
+
+func (x *RuntimeLayer) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_config_bootstrap_v3_bootstrap_proto_msgTypes[7]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use RuntimeLayer.ProtoReflect.Descriptor instead.
+func (*RuntimeLayer) Descriptor() ([]byte, []int) {
+	return file_envoy_config_bootstrap_v3_bootstrap_proto_rawDescGZIP(), []int{7}
+}
+
+func (x *RuntimeLayer) GetName() string {
+	if x != nil {
+		return x.Name
+	}
+	return ""
+}
+
+func (m *RuntimeLayer) GetLayerSpecifier() isRuntimeLayer_LayerSpecifier {
+	if m != nil {
+		return m.LayerSpecifier
+	}
+	return nil
+}
+
+func (x *RuntimeLayer) GetStaticLayer() *_struct.Struct {
+	if x, ok := x.GetLayerSpecifier().(*RuntimeLayer_StaticLayer); ok {
+		return x.StaticLayer
+	}
+	return nil
+}
+
+func (x *RuntimeLayer) GetDiskLayer() *RuntimeLayer_DiskLayer {
+	if x, ok := x.GetLayerSpecifier().(*RuntimeLayer_DiskLayer_); ok {
+		return x.DiskLayer
+	}
+	return nil
+}
+
+func (x *RuntimeLayer) GetAdminLayer() *RuntimeLayer_AdminLayer {
+	if x, ok := x.GetLayerSpecifier().(*RuntimeLayer_AdminLayer_); ok {
+		return x.AdminLayer
+	}
+	return nil
+}
+
+func (x *RuntimeLayer) GetRtdsLayer() *RuntimeLayer_RtdsLayer {
+	if x, ok := x.GetLayerSpecifier().(*RuntimeLayer_RtdsLayer_); ok {
+		return x.RtdsLayer
+	}
+	return nil
+}
+
+type isRuntimeLayer_LayerSpecifier interface {
+	isRuntimeLayer_LayerSpecifier()
+}
+
+type RuntimeLayer_StaticLayer struct {
+	// :ref:`Static runtime <config_runtime_bootstrap>` layer.
+	// This follows the :ref:`runtime protobuf JSON representation encoding
+	// <config_runtime_proto_json>`. Unlike static xDS resources, this static
+	// layer is overridable by later layers in the runtime virtual filesystem.
+	StaticLayer *_struct.Struct `protobuf:"bytes,2,opt,name=static_layer,json=staticLayer,proto3,oneof"`
+}
+
+type RuntimeLayer_DiskLayer_ struct {
+	DiskLayer *RuntimeLayer_DiskLayer `protobuf:"bytes,3,opt,name=disk_layer,json=diskLayer,proto3,oneof"`
+}
+
+type RuntimeLayer_AdminLayer_ struct {
+	AdminLayer *RuntimeLayer_AdminLayer `protobuf:"bytes,4,opt,name=admin_layer,json=adminLayer,proto3,oneof"`
+}
+
+type RuntimeLayer_RtdsLayer_ struct {
+	RtdsLayer *RuntimeLayer_RtdsLayer `protobuf:"bytes,5,opt,name=rtds_layer,json=rtdsLayer,proto3,oneof"`
+}
+
+func (*RuntimeLayer_StaticLayer) isRuntimeLayer_LayerSpecifier() {}
+
+func (*RuntimeLayer_DiskLayer_) isRuntimeLayer_LayerSpecifier() {}
+
+func (*RuntimeLayer_AdminLayer_) isRuntimeLayer_LayerSpecifier() {}
+
+func (*RuntimeLayer_RtdsLayer_) isRuntimeLayer_LayerSpecifier() {}
+
+// Runtime :ref:`configuration overview <config_runtime>`.
+type LayeredRuntime struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// The :ref:`layers <config_runtime_layering>` of the runtime. This is ordered
+	// such that later layers in the list overlay earlier entries.
+	Layers []*RuntimeLayer `protobuf:"bytes,1,rep,name=layers,proto3" json:"layers,omitempty"`
+}
+
+func (x *LayeredRuntime) Reset() {
+	*x = LayeredRuntime{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_config_bootstrap_v3_bootstrap_proto_msgTypes[8]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *LayeredRuntime) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*LayeredRuntime) ProtoMessage() {}
+
+func (x *LayeredRuntime) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_config_bootstrap_v3_bootstrap_proto_msgTypes[8]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use LayeredRuntime.ProtoReflect.Descriptor instead.
+func (*LayeredRuntime) Descriptor() ([]byte, []int) {
+	return file_envoy_config_bootstrap_v3_bootstrap_proto_rawDescGZIP(), []int{8}
+}
+
+func (x *LayeredRuntime) GetLayers() []*RuntimeLayer {
+	if x != nil {
+		return x.Layers
+	}
+	return nil
+}
+
+// Used to specify the header that needs to be registered as an inline header.
+//
+// If request or response contain multiple headers with the same name and the header
+// name is registered as an inline header. Then multiple headers will be folded
+// into one, and multiple header values will be concatenated by a suitable delimiter.
+// The delimiter is generally a comma.
+//
+// For example, if 'foo' is registered as an inline header, and the headers contains
+// the following two headers:
+//
+// .. code-block:: text
+//
+//   foo: bar
+//   foo: eep
+//
+// Then they will eventually be folded into:
+//
+// .. code-block:: text
+//
+//   foo: bar, eep
+//
+// Inline headers provide O(1) search performance, but each inline header imposes
+// an additional memory overhead on all instances of the corresponding type of
+// HeaderMap or TrailerMap.
+type CustomInlineHeader struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// The name of the header that is expected to be set as the inline header.
+	InlineHeaderName string `protobuf:"bytes,1,opt,name=inline_header_name,json=inlineHeaderName,proto3" json:"inline_header_name,omitempty"`
+	// The type of the header that is expected to be set as the inline header.
+	InlineHeaderType CustomInlineHeader_InlineHeaderType `protobuf:"varint,2,opt,name=inline_header_type,json=inlineHeaderType,proto3,enum=envoy.config.bootstrap.v3.CustomInlineHeader_InlineHeaderType" json:"inline_header_type,omitempty"`
+}
+
+func (x *CustomInlineHeader) Reset() {
+	*x = CustomInlineHeader{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_config_bootstrap_v3_bootstrap_proto_msgTypes[9]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *CustomInlineHeader) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*CustomInlineHeader) ProtoMessage() {}
+
+func (x *CustomInlineHeader) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_config_bootstrap_v3_bootstrap_proto_msgTypes[9]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use CustomInlineHeader.ProtoReflect.Descriptor instead.
+func (*CustomInlineHeader) Descriptor() ([]byte, []int) {
+	return file_envoy_config_bootstrap_v3_bootstrap_proto_rawDescGZIP(), []int{9}
+}
+
+func (x *CustomInlineHeader) GetInlineHeaderName() string {
+	if x != nil {
+		return x.InlineHeaderName
+	}
+	return ""
+}
+
+func (x *CustomInlineHeader) GetInlineHeaderType() CustomInlineHeader_InlineHeaderType {
+	if x != nil {
+		return x.InlineHeaderType
+	}
+	return CustomInlineHeader_REQUEST_HEADER
+}
+
+type Bootstrap_StaticResources struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// Static :ref:`Listeners <envoy_v3_api_msg_config.listener.v3.Listener>`. These listeners are
+	// available regardless of LDS configuration.
+	Listeners []*v36.Listener `protobuf:"bytes,1,rep,name=listeners,proto3" json:"listeners,omitempty"`
+	// If a network based configuration source is specified for :ref:`cds_config
+	// <envoy_v3_api_field_config.bootstrap.v3.Bootstrap.DynamicResources.cds_config>`, it's necessary
+	// to have some initial cluster definitions available to allow Envoy to know
+	// how to speak to the management server. These cluster definitions may not
+	// use :ref:`EDS <arch_overview_dynamic_config_eds>` (i.e. they should be static
+	// IP or DNS-based).
+	Clusters []*v37.Cluster `protobuf:"bytes,2,rep,name=clusters,proto3" json:"clusters,omitempty"`
+	// These static secrets can be used by :ref:`SdsSecretConfig
+	// <envoy_v3_api_msg_extensions.transport_sockets.tls.v3.SdsSecretConfig>`
+	Secrets []*v38.Secret `protobuf:"bytes,3,rep,name=secrets,proto3" json:"secrets,omitempty"`
+}
+
+func (x *Bootstrap_StaticResources) Reset() {
+	*x = Bootstrap_StaticResources{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_config_bootstrap_v3_bootstrap_proto_msgTypes[10]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *Bootstrap_StaticResources) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*Bootstrap_StaticResources) ProtoMessage() {}
+
+func (x *Bootstrap_StaticResources) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_config_bootstrap_v3_bootstrap_proto_msgTypes[10]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use Bootstrap_StaticResources.ProtoReflect.Descriptor instead.
+func (*Bootstrap_StaticResources) Descriptor() ([]byte, []int) {
+	return file_envoy_config_bootstrap_v3_bootstrap_proto_rawDescGZIP(), []int{0, 0}
+}
+
+func (x *Bootstrap_StaticResources) GetListeners() []*v36.Listener {
+	if x != nil {
+		return x.Listeners
+	}
+	return nil
+}
+
+func (x *Bootstrap_StaticResources) GetClusters() []*v37.Cluster {
+	if x != nil {
+		return x.Clusters
+	}
+	return nil
+}
+
+func (x *Bootstrap_StaticResources) GetSecrets() []*v38.Secret {
+	if x != nil {
+		return x.Secrets
+	}
+	return nil
+}
+
+// [#next-free-field: 7]
+type Bootstrap_DynamicResources struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// All :ref:`Listeners <envoy_v3_api_msg_config.listener.v3.Listener>` are provided by a single
+	// :ref:`LDS <arch_overview_dynamic_config_lds>` configuration source.
+	LdsConfig *v3.ConfigSource `protobuf:"bytes,1,opt,name=lds_config,json=ldsConfig,proto3" json:"lds_config,omitempty"`
+	// xdstp:// resource locator for listener collection.
+	// [#not-implemented-hide:]
+	LdsResourcesLocator string `protobuf:"bytes,5,opt,name=lds_resources_locator,json=ldsResourcesLocator,proto3" json:"lds_resources_locator,omitempty"`
+	// All post-bootstrap :ref:`Cluster <envoy_v3_api_msg_config.cluster.v3.Cluster>` definitions are
+	// provided by a single :ref:`CDS <arch_overview_dynamic_config_cds>`
+	// configuration source.
+	CdsConfig *v3.ConfigSource `protobuf:"bytes,2,opt,name=cds_config,json=cdsConfig,proto3" json:"cds_config,omitempty"`
+	// xdstp:// resource locator for cluster collection.
+	// [#not-implemented-hide:]
+	CdsResourcesLocator string `protobuf:"bytes,6,opt,name=cds_resources_locator,json=cdsResourcesLocator,proto3" json:"cds_resources_locator,omitempty"`
+	// A single :ref:`ADS <config_overview_ads>` source may be optionally
+	// specified. This must have :ref:`api_type
+	// <envoy_v3_api_field_config.core.v3.ApiConfigSource.api_type>` :ref:`GRPC
+	// <envoy_v3_api_enum_value_config.core.v3.ApiConfigSource.ApiType.GRPC>`. Only
+	// :ref:`ConfigSources <envoy_v3_api_msg_config.core.v3.ConfigSource>` that have
+	// the :ref:`ads <envoy_v3_api_field_config.core.v3.ConfigSource.ads>` field set will be
+	// streamed on the ADS channel.
+	AdsConfig *v3.ApiConfigSource `protobuf:"bytes,3,opt,name=ads_config,json=adsConfig,proto3" json:"ads_config,omitempty"`
+}
+
+func (x *Bootstrap_DynamicResources) Reset() {
+	*x = Bootstrap_DynamicResources{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_config_bootstrap_v3_bootstrap_proto_msgTypes[11]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *Bootstrap_DynamicResources) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*Bootstrap_DynamicResources) ProtoMessage() {}
+
+func (x *Bootstrap_DynamicResources) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_config_bootstrap_v3_bootstrap_proto_msgTypes[11]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use Bootstrap_DynamicResources.ProtoReflect.Descriptor instead.
+func (*Bootstrap_DynamicResources) Descriptor() ([]byte, []int) {
+	return file_envoy_config_bootstrap_v3_bootstrap_proto_rawDescGZIP(), []int{0, 1}
+}
+
+func (x *Bootstrap_DynamicResources) GetLdsConfig() *v3.ConfigSource {
+	if x != nil {
+		return x.LdsConfig
+	}
+	return nil
+}
+
+func (x *Bootstrap_DynamicResources) GetLdsResourcesLocator() string {
+	if x != nil {
+		return x.LdsResourcesLocator
+	}
+	return ""
+}
+
+func (x *Bootstrap_DynamicResources) GetCdsConfig() *v3.ConfigSource {
+	if x != nil {
+		return x.CdsConfig
+	}
+	return nil
+}
+
+func (x *Bootstrap_DynamicResources) GetCdsResourcesLocator() string {
+	if x != nil {
+		return x.CdsResourcesLocator
+	}
+	return ""
+}
+
+func (x *Bootstrap_DynamicResources) GetAdsConfig() *v3.ApiConfigSource {
+	if x != nil {
+		return x.AdsConfig
+	}
+	return nil
+}
+
+type ClusterManager_OutlierDetection struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// Specifies the path to the outlier event log.
+	EventLogPath string `protobuf:"bytes,1,opt,name=event_log_path,json=eventLogPath,proto3" json:"event_log_path,omitempty"`
+	// [#not-implemented-hide:]
+	// The gRPC service for the outlier detection event service.
+	// If empty, outlier detection events won't be sent to a remote endpoint.
+	EventService *v3.EventServiceConfig `protobuf:"bytes,2,opt,name=event_service,json=eventService,proto3" json:"event_service,omitempty"`
+}
+
+func (x *ClusterManager_OutlierDetection) Reset() {
+	*x = ClusterManager_OutlierDetection{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_config_bootstrap_v3_bootstrap_proto_msgTypes[13]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *ClusterManager_OutlierDetection) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*ClusterManager_OutlierDetection) ProtoMessage() {}
+
+func (x *ClusterManager_OutlierDetection) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_config_bootstrap_v3_bootstrap_proto_msgTypes[13]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use ClusterManager_OutlierDetection.ProtoReflect.Descriptor instead.
+func (*ClusterManager_OutlierDetection) Descriptor() ([]byte, []int) {
+	return file_envoy_config_bootstrap_v3_bootstrap_proto_rawDescGZIP(), []int{2, 0}
+}
+
+func (x *ClusterManager_OutlierDetection) GetEventLogPath() string {
+	if x != nil {
+		return x.EventLogPath
+	}
+	return ""
+}
+
+func (x *ClusterManager_OutlierDetection) GetEventService() *v3.EventServiceConfig {
+	if x != nil {
+		return x.EventService
+	}
+	return nil
+}
+
+type Watchdog_WatchdogAction struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// Extension specific configuration for the action.
+	Config *v3.TypedExtensionConfig              `protobuf:"bytes,1,opt,name=config,proto3" json:"config,omitempty"`
+	Event  Watchdog_WatchdogAction_WatchdogEvent `protobuf:"varint,2,opt,name=event,proto3,enum=envoy.config.bootstrap.v3.Watchdog_WatchdogAction_WatchdogEvent" json:"event,omitempty"`
+}
+
+func (x *Watchdog_WatchdogAction) Reset() {
+	*x = Watchdog_WatchdogAction{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_config_bootstrap_v3_bootstrap_proto_msgTypes[14]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *Watchdog_WatchdogAction) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*Watchdog_WatchdogAction) ProtoMessage() {}
+
+func (x *Watchdog_WatchdogAction) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_config_bootstrap_v3_bootstrap_proto_msgTypes[14]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use Watchdog_WatchdogAction.ProtoReflect.Descriptor instead.
+func (*Watchdog_WatchdogAction) Descriptor() ([]byte, []int) {
+	return file_envoy_config_bootstrap_v3_bootstrap_proto_rawDescGZIP(), []int{4, 0}
+}
+
+func (x *Watchdog_WatchdogAction) GetConfig() *v3.TypedExtensionConfig {
+	if x != nil {
+		return x.Config
+	}
+	return nil
+}
+
+func (x *Watchdog_WatchdogAction) GetEvent() Watchdog_WatchdogAction_WatchdogEvent {
+	if x != nil {
+		return x.Event
+	}
+	return Watchdog_WatchdogAction_UNKNOWN
+}
+
+// :ref:`Disk runtime <config_runtime_local_disk>` layer.
+type RuntimeLayer_DiskLayer struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// The implementation assumes that the file system tree is accessed via a
+	// symbolic link. An atomic link swap is used when a new tree should be
+	// switched to. This parameter specifies the path to the symbolic link.
+	// Envoy will watch the location for changes and reload the file system tree
+	// when they happen. See documentation on runtime :ref:`atomicity
+	// <config_runtime_atomicity>` for further details on how reloads are
+	// treated.
+	SymlinkRoot string `protobuf:"bytes,1,opt,name=symlink_root,json=symlinkRoot,proto3" json:"symlink_root,omitempty"`
+	// Specifies the subdirectory to load within the root directory. This is
+	// useful if multiple systems share the same delivery mechanism. Envoy
+	// configuration elements can be contained in a dedicated subdirectory.
+	Subdirectory string `protobuf:"bytes,3,opt,name=subdirectory,proto3" json:"subdirectory,omitempty"`
+	// :ref:`Append <config_runtime_local_disk_service_cluster_subdirs>` the
+	// service cluster to the path under symlink root.
+	AppendServiceCluster bool `protobuf:"varint,2,opt,name=append_service_cluster,json=appendServiceCluster,proto3" json:"append_service_cluster,omitempty"`
+}
+
+func (x *RuntimeLayer_DiskLayer) Reset() {
+	*x = RuntimeLayer_DiskLayer{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_config_bootstrap_v3_bootstrap_proto_msgTypes[15]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *RuntimeLayer_DiskLayer) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*RuntimeLayer_DiskLayer) ProtoMessage() {}
+
+func (x *RuntimeLayer_DiskLayer) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_config_bootstrap_v3_bootstrap_proto_msgTypes[15]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use RuntimeLayer_DiskLayer.ProtoReflect.Descriptor instead.
+func (*RuntimeLayer_DiskLayer) Descriptor() ([]byte, []int) {
+	return file_envoy_config_bootstrap_v3_bootstrap_proto_rawDescGZIP(), []int{7, 0}
+}
+
+func (x *RuntimeLayer_DiskLayer) GetSymlinkRoot() string {
+	if x != nil {
+		return x.SymlinkRoot
+	}
+	return ""
+}
+
+func (x *RuntimeLayer_DiskLayer) GetSubdirectory() string {
+	if x != nil {
+		return x.Subdirectory
+	}
+	return ""
+}
+
+func (x *RuntimeLayer_DiskLayer) GetAppendServiceCluster() bool {
+	if x != nil {
+		return x.AppendServiceCluster
+	}
+	return false
+}
+
+// :ref:`Admin console runtime <config_runtime_admin>` layer.
+type RuntimeLayer_AdminLayer struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+}
+
+func (x *RuntimeLayer_AdminLayer) Reset() {
+	*x = RuntimeLayer_AdminLayer{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_config_bootstrap_v3_bootstrap_proto_msgTypes[16]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *RuntimeLayer_AdminLayer) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*RuntimeLayer_AdminLayer) ProtoMessage() {}
+
+func (x *RuntimeLayer_AdminLayer) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_config_bootstrap_v3_bootstrap_proto_msgTypes[16]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use RuntimeLayer_AdminLayer.ProtoReflect.Descriptor instead.
+func (*RuntimeLayer_AdminLayer) Descriptor() ([]byte, []int) {
+	return file_envoy_config_bootstrap_v3_bootstrap_proto_rawDescGZIP(), []int{7, 1}
+}
+
+// :ref:`Runtime Discovery Service (RTDS) <config_runtime_rtds>` layer.
+type RuntimeLayer_RtdsLayer struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// Resource to subscribe to at *rtds_config* for the RTDS layer.
+	Name string `protobuf:"bytes,1,opt,name=name,proto3" json:"name,omitempty"`
+	// RTDS configuration source.
+	RtdsConfig *v3.ConfigSource `protobuf:"bytes,2,opt,name=rtds_config,json=rtdsConfig,proto3" json:"rtds_config,omitempty"`
+}
+
+func (x *RuntimeLayer_RtdsLayer) Reset() {
+	*x = RuntimeLayer_RtdsLayer{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_config_bootstrap_v3_bootstrap_proto_msgTypes[17]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *RuntimeLayer_RtdsLayer) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*RuntimeLayer_RtdsLayer) ProtoMessage() {}
+
+func (x *RuntimeLayer_RtdsLayer) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_config_bootstrap_v3_bootstrap_proto_msgTypes[17]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use RuntimeLayer_RtdsLayer.ProtoReflect.Descriptor instead.
+func (*RuntimeLayer_RtdsLayer) Descriptor() ([]byte, []int) {
+	return file_envoy_config_bootstrap_v3_bootstrap_proto_rawDescGZIP(), []int{7, 2}
+}
+
+func (x *RuntimeLayer_RtdsLayer) GetName() string {
+	if x != nil {
+		return x.Name
+	}
+	return ""
+}
+
+func (x *RuntimeLayer_RtdsLayer) GetRtdsConfig() *v3.ConfigSource {
+	if x != nil {
+		return x.RtdsConfig
+	}
+	return nil
+}
+
+var File_envoy_config_bootstrap_v3_bootstrap_proto protoreflect.FileDescriptor
+
+var file_envoy_config_bootstrap_v3_bootstrap_proto_rawDesc = []byte{
+	0x0a, 0x29, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2f, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2f, 0x62,
+	0x6f, 0x6f, 0x74, 0x73, 0x74, 0x72, 0x61, 0x70, 0x2f, 0x76, 0x33, 0x2f, 0x62, 0x6f, 0x6f, 0x74,
+	0x73, 0x74, 0x72, 0x61, 0x70, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x12, 0x19, 0x65, 0x6e, 0x76,
+	0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x62, 0x6f, 0x6f, 0x74, 0x73, 0x74,
+	0x72, 0x61, 0x70, 0x2e, 0x76, 0x33, 0x1a, 0x29, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2f, 0x63, 0x6f,
+	0x6e, 0x66, 0x69, 0x67, 0x2f, 0x61, 0x63, 0x63, 0x65, 0x73, 0x73, 0x6c, 0x6f, 0x67, 0x2f, 0x76,
+	0x33, 0x2f, 0x61, 0x63, 0x63, 0x65, 0x73, 0x73, 0x6c, 0x6f, 0x67, 0x2e, 0x70, 0x72, 0x6f, 0x74,
+	0x6f, 0x1a, 0x25, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2f, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2f,
+	0x63, 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0x2f, 0x76, 0x33, 0x2f, 0x63, 0x6c, 0x75, 0x73, 0x74,
+	0x65, 0x72, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x22, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2f,
+	0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2f, 0x63, 0x6f, 0x72, 0x65, 0x2f, 0x76, 0x33, 0x2f, 0x61,
+	0x64, 0x64, 0x72, 0x65, 0x73, 0x73, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x1f, 0x65, 0x6e,
+	0x76, 0x6f, 0x79, 0x2f, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2f, 0x63, 0x6f, 0x72, 0x65, 0x2f,
+	0x76, 0x33, 0x2f, 0x62, 0x61, 0x73, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x28, 0x65,
+	0x6e, 0x76, 0x6f, 0x79, 0x2f, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2f, 0x63, 0x6f, 0x72, 0x65,
+	0x2f, 0x76, 0x33, 0x2f, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x5f, 0x73, 0x6f, 0x75, 0x72, 0x63,
+	0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x2f, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2f, 0x63,
+	0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2f, 0x63, 0x6f, 0x72, 0x65, 0x2f, 0x76, 0x33, 0x2f, 0x65, 0x76,
+	0x65, 0x6e, 0x74, 0x5f, 0x73, 0x65, 0x72, 0x76, 0x69, 0x63, 0x65, 0x5f, 0x63, 0x6f, 0x6e, 0x66,
+	0x69, 0x67, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x24, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2f,
+	0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2f, 0x63, 0x6f, 0x72, 0x65, 0x2f, 0x76, 0x33, 0x2f, 0x65,
+	0x78, 0x74, 0x65, 0x6e, 0x73, 0x69, 0x6f, 0x6e, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x23,
+	0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2f, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2f, 0x63, 0x6f, 0x72,
+	0x65, 0x2f, 0x76, 0x33, 0x2f, 0x72, 0x65, 0x73, 0x6f, 0x6c, 0x76, 0x65, 0x72, 0x2e, 0x70, 0x72,
+	0x6f, 0x74, 0x6f, 0x1a, 0x28, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2f, 0x63, 0x6f, 0x6e, 0x66, 0x69,
+	0x67, 0x2f, 0x63, 0x6f, 0x72, 0x65, 0x2f, 0x76, 0x33, 0x2f, 0x73, 0x6f, 0x63, 0x6b, 0x65, 0x74,
+	0x5f, 0x6f, 0x70, 0x74, 0x69, 0x6f, 0x6e, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x27, 0x65,
+	0x6e, 0x76, 0x6f, 0x79, 0x2f, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2f, 0x6c, 0x69, 0x73, 0x74,
+	0x65, 0x6e, 0x65, 0x72, 0x2f, 0x76, 0x33, 0x2f, 0x6c, 0x69, 0x73, 0x74, 0x65, 0x6e, 0x65, 0x72,
+	0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x23, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2f, 0x63, 0x6f,
+	0x6e, 0x66, 0x69, 0x67, 0x2f, 0x6d, 0x65, 0x74, 0x72, 0x69, 0x63, 0x73, 0x2f, 0x76, 0x33, 0x2f,
+	0x73, 0x74, 0x61, 0x74, 0x73, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x27, 0x65, 0x6e, 0x76,
+	0x6f, 0x79, 0x2f, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2f, 0x6f, 0x76, 0x65, 0x72, 0x6c, 0x6f,
+	0x61, 0x64, 0x2f, 0x76, 0x33, 0x2f, 0x6f, 0x76, 0x65, 0x72, 0x6c, 0x6f, 0x61, 0x64, 0x2e, 0x70,
+	0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x27, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2f, 0x63, 0x6f, 0x6e, 0x66,
+	0x69, 0x67, 0x2f, 0x74, 0x72, 0x61, 0x63, 0x65, 0x2f, 0x76, 0x33, 0x2f, 0x68, 0x74, 0x74, 0x70,
+	0x5f, 0x74, 0x72, 0x61, 0x63, 0x65, 0x72, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x36, 0x65,
+	0x6e, 0x76, 0x6f, 0x79, 0x2f, 0x65, 0x78, 0x74, 0x65, 0x6e, 0x73, 0x69, 0x6f, 0x6e, 0x73, 0x2f,
+	0x74, 0x72, 0x61, 0x6e, 0x73, 0x70, 0x6f, 0x72, 0x74, 0x5f, 0x73, 0x6f, 0x63, 0x6b, 0x65, 0x74,
+	0x73, 0x2f, 0x74, 0x6c, 0x73, 0x2f, 0x76, 0x33, 0x2f, 0x73, 0x65, 0x63, 0x72, 0x65, 0x74, 0x2e,
+	0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x1b, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2f, 0x74, 0x79, 0x70,
+	0x65, 0x2f, 0x76, 0x33, 0x2f, 0x70, 0x65, 0x72, 0x63, 0x65, 0x6e, 0x74, 0x2e, 0x70, 0x72, 0x6f,
+	0x74, 0x6f, 0x1a, 0x1e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2f, 0x70, 0x72, 0x6f, 0x74, 0x6f,
+	0x62, 0x75, 0x66, 0x2f, 0x64, 0x75, 0x72, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x2e, 0x70, 0x72, 0x6f,
+	0x74, 0x6f, 0x1a, 0x1c, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2f, 0x70, 0x72, 0x6f, 0x74, 0x6f,
+	0x62, 0x75, 0x66, 0x2f, 0x73, 0x74, 0x72, 0x75, 0x63, 0x74, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f,
+	0x1a, 0x1e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2f, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75,
+	0x66, 0x2f, 0x77, 0x72, 0x61, 0x70, 0x70, 0x65, 0x72, 0x73, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f,
+	0x1a, 0x23, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2f, 0x61, 0x6e, 0x6e, 0x6f, 0x74, 0x61, 0x74, 0x69,
+	0x6f, 0x6e, 0x73, 0x2f, 0x64, 0x65, 0x70, 0x72, 0x65, 0x63, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x2e,
+	0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x1e, 0x75, 0x64, 0x70, 0x61, 0x2f, 0x61, 0x6e, 0x6e, 0x6f,
+	0x74, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x2f, 0x6d, 0x69, 0x67, 0x72, 0x61, 0x74, 0x65, 0x2e,
+	0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x1f, 0x75, 0x64, 0x70, 0x61, 0x2f, 0x61, 0x6e, 0x6e, 0x6f,
+	0x74, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x2f, 0x73, 0x65, 0x63, 0x75, 0x72, 0x69, 0x74, 0x79,
+	0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x1d, 0x75, 0x64, 0x70, 0x61, 0x2f, 0x61, 0x6e, 0x6e,
+	0x6f, 0x74, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x2f, 0x73, 0x74, 0x61, 0x74, 0x75, 0x73, 0x2e,
+	0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x21, 0x75, 0x64, 0x70, 0x61, 0x2f, 0x61, 0x6e, 0x6e, 0x6f,
+	0x74, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x2f, 0x76, 0x65, 0x72, 0x73, 0x69, 0x6f, 0x6e, 0x69,
+	0x6e, 0x67, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x17, 0x76, 0x61, 0x6c, 0x69, 0x64, 0x61,
+	0x74, 0x65, 0x2f, 0x76, 0x61, 0x6c, 0x69, 0x64, 0x61, 0x74, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74,
+	0x6f, 0x22, 0xa9, 0x19, 0x0a, 0x09, 0x42, 0x6f, 0x6f, 0x74, 0x73, 0x74, 0x72, 0x61, 0x70, 0x12,
+	0x2e, 0x0a, 0x04, 0x6e, 0x6f, 0x64, 0x65, 0x18, 0x01, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1a, 0x2e,
+	0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x63, 0x6f, 0x72,
+	0x65, 0x2e, 0x76, 0x33, 0x2e, 0x4e, 0x6f, 0x64, 0x65, 0x52, 0x04, 0x6e, 0x6f, 0x64, 0x65, 0x12,
+	0x2e, 0x0a, 0x13, 0x6e, 0x6f, 0x64, 0x65, 0x5f, 0x63, 0x6f, 0x6e, 0x74, 0x65, 0x78, 0x74, 0x5f,
+	0x70, 0x61, 0x72, 0x61, 0x6d, 0x73, 0x18, 0x1a, 0x20, 0x03, 0x28, 0x09, 0x52, 0x11, 0x6e, 0x6f,
+	0x64, 0x65, 0x43, 0x6f, 0x6e, 0x74, 0x65, 0x78, 0x74, 0x50, 0x61, 0x72, 0x61, 0x6d, 0x73, 0x12,
+	0x5f, 0x0a, 0x10, 0x73, 0x74, 0x61, 0x74, 0x69, 0x63, 0x5f, 0x72, 0x65, 0x73, 0x6f, 0x75, 0x72,
+	0x63, 0x65, 0x73, 0x18, 0x02, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x34, 0x2e, 0x65, 0x6e, 0x76, 0x6f,
+	0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x62, 0x6f, 0x6f, 0x74, 0x73, 0x74, 0x72,
+	0x61, 0x70, 0x2e, 0x76, 0x33, 0x2e, 0x42, 0x6f, 0x6f, 0x74, 0x73, 0x74, 0x72, 0x61, 0x70, 0x2e,
+	0x53, 0x74, 0x61, 0x74, 0x69, 0x63, 0x52, 0x65, 0x73, 0x6f, 0x75, 0x72, 0x63, 0x65, 0x73, 0x52,
+	0x0f, 0x73, 0x74, 0x61, 0x74, 0x69, 0x63, 0x52, 0x65, 0x73, 0x6f, 0x75, 0x72, 0x63, 0x65, 0x73,
+	0x12, 0x62, 0x0a, 0x11, 0x64, 0x79, 0x6e, 0x61, 0x6d, 0x69, 0x63, 0x5f, 0x72, 0x65, 0x73, 0x6f,
+	0x75, 0x72, 0x63, 0x65, 0x73, 0x18, 0x03, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x35, 0x2e, 0x65, 0x6e,
+	0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x62, 0x6f, 0x6f, 0x74, 0x73,
+	0x74, 0x72, 0x61, 0x70, 0x2e, 0x76, 0x33, 0x2e, 0x42, 0x6f, 0x6f, 0x74, 0x73, 0x74, 0x72, 0x61,
+	0x70, 0x2e, 0x44, 0x79, 0x6e, 0x61, 0x6d, 0x69, 0x63, 0x52, 0x65, 0x73, 0x6f, 0x75, 0x72, 0x63,
+	0x65, 0x73, 0x52, 0x10, 0x64, 0x79, 0x6e, 0x61, 0x6d, 0x69, 0x63, 0x52, 0x65, 0x73, 0x6f, 0x75,
+	0x72, 0x63, 0x65, 0x73, 0x12, 0x52, 0x0a, 0x0f, 0x63, 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0x5f,
+	0x6d, 0x61, 0x6e, 0x61, 0x67, 0x65, 0x72, 0x18, 0x04, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x29, 0x2e,
+	0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x62, 0x6f, 0x6f,
+	0x74, 0x73, 0x74, 0x72, 0x61, 0x70, 0x2e, 0x76, 0x33, 0x2e, 0x43, 0x6c, 0x75, 0x73, 0x74, 0x65,
+	0x72, 0x4d, 0x61, 0x6e, 0x61, 0x67, 0x65, 0x72, 0x52, 0x0e, 0x63, 0x6c, 0x75, 0x73, 0x74, 0x65,
+	0x72, 0x4d, 0x61, 0x6e, 0x61, 0x67, 0x65, 0x72, 0x12, 0x44, 0x0a, 0x0a, 0x68, 0x64, 0x73, 0x5f,
+	0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x18, 0x0e, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x25, 0x2e, 0x65,
+	0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x63, 0x6f, 0x72, 0x65,
+	0x2e, 0x76, 0x33, 0x2e, 0x41, 0x70, 0x69, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x53, 0x6f, 0x75,
+	0x72, 0x63, 0x65, 0x52, 0x09, 0x68, 0x64, 0x73, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x12, 0x1d,
+	0x0a, 0x0a, 0x66, 0x6c, 0x61, 0x67, 0x73, 0x5f, 0x70, 0x61, 0x74, 0x68, 0x18, 0x05, 0x20, 0x01,
+	0x28, 0x09, 0x52, 0x09, 0x66, 0x6c, 0x61, 0x67, 0x73, 0x50, 0x61, 0x74, 0x68, 0x12, 0x43, 0x0a,
+	0x0b, 0x73, 0x74, 0x61, 0x74, 0x73, 0x5f, 0x73, 0x69, 0x6e, 0x6b, 0x73, 0x18, 0x06, 0x20, 0x03,
+	0x28, 0x0b, 0x32, 0x22, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69,
+	0x67, 0x2e, 0x6d, 0x65, 0x74, 0x72, 0x69, 0x63, 0x73, 0x2e, 0x76, 0x33, 0x2e, 0x53, 0x74, 0x61,
+	0x74, 0x73, 0x53, 0x69, 0x6e, 0x6b, 0x52, 0x0a, 0x73, 0x74, 0x61, 0x74, 0x73, 0x53, 0x69, 0x6e,
+	0x6b, 0x73, 0x12, 0x47, 0x0a, 0x0c, 0x73, 0x74, 0x61, 0x74, 0x73, 0x5f, 0x63, 0x6f, 0x6e, 0x66,
+	0x69, 0x67, 0x18, 0x0d, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x24, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79,
+	0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x6d, 0x65, 0x74, 0x72, 0x69, 0x63, 0x73, 0x2e,
+	0x76, 0x33, 0x2e, 0x53, 0x74, 0x61, 0x74, 0x73, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x52, 0x0b,
+	0x73, 0x74, 0x61, 0x74, 0x73, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x12, 0x71, 0x0a, 0x14, 0x73,
+	0x74, 0x61, 0x74, 0x73, 0x5f, 0x66, 0x6c, 0x75, 0x73, 0x68, 0x5f, 0x69, 0x6e, 0x74, 0x65, 0x72,
+	0x76, 0x61, 0x6c, 0x18, 0x07, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x19, 0x2e, 0x67, 0x6f, 0x6f, 0x67,
+	0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x44, 0x75, 0x72, 0x61,
+	0x74, 0x69, 0x6f, 0x6e, 0x42, 0x24, 0xfa, 0x42, 0x0e, 0xaa, 0x01, 0x0b, 0x1a, 0x03, 0x08, 0xac,
+	0x02, 0x32, 0x04, 0x10, 0xc0, 0x84, 0x3d, 0xf2, 0x98, 0xfe, 0x8f, 0x05, 0x0d, 0x12, 0x0b, 0x73,
+	0x74, 0x61, 0x74, 0x73, 0x5f, 0x66, 0x6c, 0x75, 0x73, 0x68, 0x52, 0x12, 0x73, 0x74, 0x61, 0x74,
+	0x73, 0x46, 0x6c, 0x75, 0x73, 0x68, 0x49, 0x6e, 0x74, 0x65, 0x72, 0x76, 0x61, 0x6c, 0x12, 0x3a,
+	0x0a, 0x14, 0x73, 0x74, 0x61, 0x74, 0x73, 0x5f, 0x66, 0x6c, 0x75, 0x73, 0x68, 0x5f, 0x6f, 0x6e,
+	0x5f, 0x61, 0x64, 0x6d, 0x69, 0x6e, 0x18, 0x1d, 0x20, 0x01, 0x28, 0x08, 0x42, 0x07, 0xfa, 0x42,
+	0x04, 0x6a, 0x02, 0x08, 0x01, 0x48, 0x00, 0x52, 0x11, 0x73, 0x74, 0x61, 0x74, 0x73, 0x46, 0x6c,
+	0x75, 0x73, 0x68, 0x4f, 0x6e, 0x41, 0x64, 0x6d, 0x69, 0x6e, 0x12, 0x4c, 0x0a, 0x08, 0x77, 0x61,
+	0x74, 0x63, 0x68, 0x64, 0x6f, 0x67, 0x18, 0x08, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x23, 0x2e, 0x65,
+	0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x62, 0x6f, 0x6f, 0x74,
+	0x73, 0x74, 0x72, 0x61, 0x70, 0x2e, 0x76, 0x33, 0x2e, 0x57, 0x61, 0x74, 0x63, 0x68, 0x64, 0x6f,
+	0x67, 0x42, 0x0b, 0x18, 0x01, 0x92, 0xc7, 0x86, 0xd8, 0x04, 0x03, 0x33, 0x2e, 0x30, 0x52, 0x08,
+	0x77, 0x61, 0x74, 0x63, 0x68, 0x64, 0x6f, 0x67, 0x12, 0x42, 0x0a, 0x09, 0x77, 0x61, 0x74, 0x63,
+	0x68, 0x64, 0x6f, 0x67, 0x73, 0x18, 0x1b, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x24, 0x2e, 0x65, 0x6e,
+	0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x62, 0x6f, 0x6f, 0x74, 0x73,
+	0x74, 0x72, 0x61, 0x70, 0x2e, 0x76, 0x33, 0x2e, 0x57, 0x61, 0x74, 0x63, 0x68, 0x64, 0x6f, 0x67,
+	0x73, 0x52, 0x09, 0x77, 0x61, 0x74, 0x63, 0x68, 0x64, 0x6f, 0x67, 0x73, 0x12, 0x45, 0x0a, 0x07,
+	0x74, 0x72, 0x61, 0x63, 0x69, 0x6e, 0x67, 0x18, 0x09, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1e, 0x2e,
+	0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x74, 0x72, 0x61,
+	0x63, 0x65, 0x2e, 0x76, 0x33, 0x2e, 0x54, 0x72, 0x61, 0x63, 0x69, 0x6e, 0x67, 0x42, 0x0b, 0x18,
+	0x01, 0x92, 0xc7, 0x86, 0xd8, 0x04, 0x03, 0x33, 0x2e, 0x30, 0x52, 0x07, 0x74, 0x72, 0x61, 0x63,
+	0x69, 0x6e, 0x67, 0x12, 0x52, 0x0a, 0x0f, 0x6c, 0x61, 0x79, 0x65, 0x72, 0x65, 0x64, 0x5f, 0x72,
+	0x75, 0x6e, 0x74, 0x69, 0x6d, 0x65, 0x18, 0x11, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x29, 0x2e, 0x65,
+	0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x62, 0x6f, 0x6f, 0x74,
+	0x73, 0x74, 0x72, 0x61, 0x70, 0x2e, 0x76, 0x33, 0x2e, 0x4c, 0x61, 0x79, 0x65, 0x72, 0x65, 0x64,
+	0x52, 0x75, 0x6e, 0x74, 0x69, 0x6d, 0x65, 0x52, 0x0e, 0x6c, 0x61, 0x79, 0x65, 0x72, 0x65, 0x64,
+	0x52, 0x75, 0x6e, 0x74, 0x69, 0x6d, 0x65, 0x12, 0x36, 0x0a, 0x05, 0x61, 0x64, 0x6d, 0x69, 0x6e,
+	0x18, 0x0c, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x20, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63,
+	0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x62, 0x6f, 0x6f, 0x74, 0x73, 0x74, 0x72, 0x61, 0x70, 0x2e,
+	0x76, 0x33, 0x2e, 0x41, 0x64, 0x6d, 0x69, 0x6e, 0x52, 0x05, 0x61, 0x64, 0x6d, 0x69, 0x6e, 0x12,
+	0x64, 0x0a, 0x10, 0x6f, 0x76, 0x65, 0x72, 0x6c, 0x6f, 0x61, 0x64, 0x5f, 0x6d, 0x61, 0x6e, 0x61,
+	0x67, 0x65, 0x72, 0x18, 0x0f, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x29, 0x2e, 0x65, 0x6e, 0x76, 0x6f,
+	0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x6f, 0x76, 0x65, 0x72, 0x6c, 0x6f, 0x61,
+	0x64, 0x2e, 0x76, 0x33, 0x2e, 0x4f, 0x76, 0x65, 0x72, 0x6c, 0x6f, 0x61, 0x64, 0x4d, 0x61, 0x6e,
+	0x61, 0x67, 0x65, 0x72, 0x42, 0x0e, 0x8a, 0x93, 0xb7, 0x2a, 0x02, 0x08, 0x01, 0x8a, 0x93, 0xb7,
+	0x2a, 0x02, 0x10, 0x01, 0x52, 0x0f, 0x6f, 0x76, 0x65, 0x72, 0x6c, 0x6f, 0x61, 0x64, 0x4d, 0x61,
+	0x6e, 0x61, 0x67, 0x65, 0x72, 0x12, 0x36, 0x0a, 0x17, 0x65, 0x6e, 0x61, 0x62, 0x6c, 0x65, 0x5f,
+	0x64, 0x69, 0x73, 0x70, 0x61, 0x74, 0x63, 0x68, 0x65, 0x72, 0x5f, 0x73, 0x74, 0x61, 0x74, 0x73,
+	0x18, 0x10, 0x20, 0x01, 0x28, 0x08, 0x52, 0x15, 0x65, 0x6e, 0x61, 0x62, 0x6c, 0x65, 0x44, 0x69,
+	0x73, 0x70, 0x61, 0x74, 0x63, 0x68, 0x65, 0x72, 0x53, 0x74, 0x61, 0x74, 0x73, 0x12, 0x23, 0x0a,
+	0x0d, 0x68, 0x65, 0x61, 0x64, 0x65, 0x72, 0x5f, 0x70, 0x72, 0x65, 0x66, 0x69, 0x78, 0x18, 0x12,
+	0x20, 0x01, 0x28, 0x09, 0x52, 0x0c, 0x68, 0x65, 0x61, 0x64, 0x65, 0x72, 0x50, 0x72, 0x65, 0x66,
+	0x69, 0x78, 0x12, 0x5f, 0x0a, 0x1d, 0x73, 0x74, 0x61, 0x74, 0x73, 0x5f, 0x73, 0x65, 0x72, 0x76,
+	0x65, 0x72, 0x5f, 0x76, 0x65, 0x72, 0x73, 0x69, 0x6f, 0x6e, 0x5f, 0x6f, 0x76, 0x65, 0x72, 0x72,
+	0x69, 0x64, 0x65, 0x18, 0x13, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1c, 0x2e, 0x67, 0x6f, 0x6f, 0x67,
+	0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x55, 0x49, 0x6e, 0x74,
+	0x36, 0x34, 0x56, 0x61, 0x6c, 0x75, 0x65, 0x52, 0x1a, 0x73, 0x74, 0x61, 0x74, 0x73, 0x53, 0x65,
+	0x72, 0x76, 0x65, 0x72, 0x56, 0x65, 0x72, 0x73, 0x69, 0x6f, 0x6e, 0x4f, 0x76, 0x65, 0x72, 0x72,
+	0x69, 0x64, 0x65, 0x12, 0x41, 0x0a, 0x17, 0x75, 0x73, 0x65, 0x5f, 0x74, 0x63, 0x70, 0x5f, 0x66,
+	0x6f, 0x72, 0x5f, 0x64, 0x6e, 0x73, 0x5f, 0x6c, 0x6f, 0x6f, 0x6b, 0x75, 0x70, 0x73, 0x18, 0x14,
+	0x20, 0x01, 0x28, 0x08, 0x42, 0x0b, 0x18, 0x01, 0x92, 0xc7, 0x86, 0xd8, 0x04, 0x03, 0x33, 0x2e,
+	0x30, 0x52, 0x13, 0x75, 0x73, 0x65, 0x54, 0x63, 0x70, 0x46, 0x6f, 0x72, 0x44, 0x6e, 0x73, 0x4c,
+	0x6f, 0x6f, 0x6b, 0x75, 0x70, 0x73, 0x12, 0x6a, 0x0a, 0x15, 0x64, 0x6e, 0x73, 0x5f, 0x72, 0x65,
+	0x73, 0x6f, 0x6c, 0x75, 0x74, 0x69, 0x6f, 0x6e, 0x5f, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x18,
+	0x1e, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x29, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f,
+	0x6e, 0x66, 0x69, 0x67, 0x2e, 0x63, 0x6f, 0x72, 0x65, 0x2e, 0x76, 0x33, 0x2e, 0x44, 0x6e, 0x73,
+	0x52, 0x65, 0x73, 0x6f, 0x6c, 0x75, 0x74, 0x69, 0x6f, 0x6e, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67,
+	0x42, 0x0b, 0x18, 0x01, 0x92, 0xc7, 0x86, 0xd8, 0x04, 0x03, 0x33, 0x2e, 0x30, 0x52, 0x13, 0x64,
+	0x6e, 0x73, 0x52, 0x65, 0x73, 0x6f, 0x6c, 0x75, 0x74, 0x69, 0x6f, 0x6e, 0x43, 0x6f, 0x6e, 0x66,
+	0x69, 0x67, 0x12, 0x65, 0x0a, 0x19, 0x74, 0x79, 0x70, 0x65, 0x64, 0x5f, 0x64, 0x6e, 0x73, 0x5f,
+	0x72, 0x65, 0x73, 0x6f, 0x6c, 0x76, 0x65, 0x72, 0x5f, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x18,
+	0x1f, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x2a, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f,
+	0x6e, 0x66, 0x69, 0x67, 0x2e, 0x63, 0x6f, 0x72, 0x65, 0x2e, 0x76, 0x33, 0x2e, 0x54, 0x79, 0x70,
+	0x65, 0x64, 0x45, 0x78, 0x74, 0x65, 0x6e, 0x73, 0x69, 0x6f, 0x6e, 0x43, 0x6f, 0x6e, 0x66, 0x69,
+	0x67, 0x52, 0x16, 0x74, 0x79, 0x70, 0x65, 0x64, 0x44, 0x6e, 0x73, 0x52, 0x65, 0x73, 0x6f, 0x6c,
+	0x76, 0x65, 0x72, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x12, 0x5d, 0x0a, 0x14, 0x62, 0x6f, 0x6f,
+	0x74, 0x73, 0x74, 0x72, 0x61, 0x70, 0x5f, 0x65, 0x78, 0x74, 0x65, 0x6e, 0x73, 0x69, 0x6f, 0x6e,
+	0x73, 0x18, 0x15, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x2a, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e,
+	0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x63, 0x6f, 0x72, 0x65, 0x2e, 0x76, 0x33, 0x2e, 0x54,
+	0x79, 0x70, 0x65, 0x64, 0x45, 0x78, 0x74, 0x65, 0x6e, 0x73, 0x69, 0x6f, 0x6e, 0x43, 0x6f, 0x6e,
+	0x66, 0x69, 0x67, 0x52, 0x13, 0x62, 0x6f, 0x6f, 0x74, 0x73, 0x74, 0x72, 0x61, 0x70, 0x45, 0x78,
+	0x74, 0x65, 0x6e, 0x73, 0x69, 0x6f, 0x6e, 0x73, 0x12, 0x4b, 0x0a, 0x0d, 0x66, 0x61, 0x74, 0x61,
+	0x6c, 0x5f, 0x61, 0x63, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x18, 0x1c, 0x20, 0x03, 0x28, 0x0b, 0x32,
+	0x26, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x62,
+	0x6f, 0x6f, 0x74, 0x73, 0x74, 0x72, 0x61, 0x70, 0x2e, 0x76, 0x33, 0x2e, 0x46, 0x61, 0x74, 0x61,
+	0x6c, 0x41, 0x63, 0x74, 0x69, 0x6f, 0x6e, 0x52, 0x0c, 0x66, 0x61, 0x74, 0x61, 0x6c, 0x41, 0x63,
+	0x74, 0x69, 0x6f, 0x6e, 0x73, 0x12, 0x49, 0x0a, 0x0e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x5f,
+	0x73, 0x6f, 0x75, 0x72, 0x63, 0x65, 0x73, 0x18, 0x16, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x22, 0x2e,
+	0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x63, 0x6f, 0x72,
+	0x65, 0x2e, 0x76, 0x33, 0x2e, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x53, 0x6f, 0x75, 0x72, 0x63,
+	0x65, 0x52, 0x0d, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x53, 0x6f, 0x75, 0x72, 0x63, 0x65, 0x73,
+	0x12, 0x56, 0x0a, 0x15, 0x64, 0x65, 0x66, 0x61, 0x75, 0x6c, 0x74, 0x5f, 0x63, 0x6f, 0x6e, 0x66,
+	0x69, 0x67, 0x5f, 0x73, 0x6f, 0x75, 0x72, 0x63, 0x65, 0x18, 0x17, 0x20, 0x01, 0x28, 0x0b, 0x32,
+	0x22, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x63,
+	0x6f, 0x72, 0x65, 0x2e, 0x76, 0x33, 0x2e, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x53, 0x6f, 0x75,
+	0x72, 0x63, 0x65, 0x52, 0x13, 0x64, 0x65, 0x66, 0x61, 0x75, 0x6c, 0x74, 0x43, 0x6f, 0x6e, 0x66,
+	0x69, 0x67, 0x53, 0x6f, 0x75, 0x72, 0x63, 0x65, 0x12, 0x38, 0x0a, 0x18, 0x64, 0x65, 0x66, 0x61,
+	0x75, 0x6c, 0x74, 0x5f, 0x73, 0x6f, 0x63, 0x6b, 0x65, 0x74, 0x5f, 0x69, 0x6e, 0x74, 0x65, 0x72,
+	0x66, 0x61, 0x63, 0x65, 0x18, 0x18, 0x20, 0x01, 0x28, 0x09, 0x52, 0x16, 0x64, 0x65, 0x66, 0x61,
+	0x75, 0x6c, 0x74, 0x53, 0x6f, 0x63, 0x6b, 0x65, 0x74, 0x49, 0x6e, 0x74, 0x65, 0x72, 0x66, 0x61,
+	0x63, 0x65, 0x12, 0x8c, 0x01, 0x0a, 0x1e, 0x63, 0x65, 0x72, 0x74, 0x69, 0x66, 0x69, 0x63, 0x61,
+	0x74, 0x65, 0x5f, 0x70, 0x72, 0x6f, 0x76, 0x69, 0x64, 0x65, 0x72, 0x5f, 0x69, 0x6e, 0x73, 0x74,
+	0x61, 0x6e, 0x63, 0x65, 0x73, 0x18, 0x19, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x46, 0x2e, 0x65, 0x6e,
+	0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x62, 0x6f, 0x6f, 0x74, 0x73,
+	0x74, 0x72, 0x61, 0x70, 0x2e, 0x76, 0x33, 0x2e, 0x42, 0x6f, 0x6f, 0x74, 0x73, 0x74, 0x72, 0x61,
+	0x70, 0x2e, 0x43, 0x65, 0x72, 0x74, 0x69, 0x66, 0x69, 0x63, 0x61, 0x74, 0x65, 0x50, 0x72, 0x6f,
+	0x76, 0x69, 0x64, 0x65, 0x72, 0x49, 0x6e, 0x73, 0x74, 0x61, 0x6e, 0x63, 0x65, 0x73, 0x45, 0x6e,
+	0x74, 0x72, 0x79, 0x52, 0x1c, 0x63, 0x65, 0x72, 0x74, 0x69, 0x66, 0x69, 0x63, 0x61, 0x74, 0x65,
+	0x50, 0x72, 0x6f, 0x76, 0x69, 0x64, 0x65, 0x72, 0x49, 0x6e, 0x73, 0x74, 0x61, 0x6e, 0x63, 0x65,
+	0x73, 0x12, 0x54, 0x0a, 0x0e, 0x69, 0x6e, 0x6c, 0x69, 0x6e, 0x65, 0x5f, 0x68, 0x65, 0x61, 0x64,
+	0x65, 0x72, 0x73, 0x18, 0x20, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x2d, 0x2e, 0x65, 0x6e, 0x76, 0x6f,
+	0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x62, 0x6f, 0x6f, 0x74, 0x73, 0x74, 0x72,
+	0x61, 0x70, 0x2e, 0x76, 0x33, 0x2e, 0x43, 0x75, 0x73, 0x74, 0x6f, 0x6d, 0x49, 0x6e, 0x6c, 0x69,
+	0x6e, 0x65, 0x48, 0x65, 0x61, 0x64, 0x65, 0x72, 0x52, 0x0d, 0x69, 0x6e, 0x6c, 0x69, 0x6e, 0x65,
+	0x48, 0x65, 0x61, 0x64, 0x65, 0x72, 0x73, 0x1a, 0x9a, 0x02, 0x0a, 0x0f, 0x53, 0x74, 0x61, 0x74,
+	0x69, 0x63, 0x52, 0x65, 0x73, 0x6f, 0x75, 0x72, 0x63, 0x65, 0x73, 0x12, 0x40, 0x0a, 0x09, 0x6c,
+	0x69, 0x73, 0x74, 0x65, 0x6e, 0x65, 0x72, 0x73, 0x18, 0x01, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x22,
+	0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x6c, 0x69,
+	0x73, 0x74, 0x65, 0x6e, 0x65, 0x72, 0x2e, 0x76, 0x33, 0x2e, 0x4c, 0x69, 0x73, 0x74, 0x65, 0x6e,
+	0x65, 0x72, 0x52, 0x09, 0x6c, 0x69, 0x73, 0x74, 0x65, 0x6e, 0x65, 0x72, 0x73, 0x12, 0x3c, 0x0a,
+	0x08, 0x63, 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0x73, 0x18, 0x02, 0x20, 0x03, 0x28, 0x0b, 0x32,
+	0x20, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x63,
+	0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0x2e, 0x76, 0x33, 0x2e, 0x43, 0x6c, 0x75, 0x73, 0x74, 0x65,
+	0x72, 0x52, 0x08, 0x63, 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0x73, 0x12, 0x4b, 0x0a, 0x07, 0x73,
+	0x65, 0x63, 0x72, 0x65, 0x74, 0x73, 0x18, 0x03, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x31, 0x2e, 0x65,
+	0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x65, 0x78, 0x74, 0x65, 0x6e, 0x73, 0x69, 0x6f, 0x6e, 0x73, 0x2e,
+	0x74, 0x72, 0x61, 0x6e, 0x73, 0x70, 0x6f, 0x72, 0x74, 0x5f, 0x73, 0x6f, 0x63, 0x6b, 0x65, 0x74,
+	0x73, 0x2e, 0x74, 0x6c, 0x73, 0x2e, 0x76, 0x33, 0x2e, 0x53, 0x65, 0x63, 0x72, 0x65, 0x74, 0x52,
+	0x07, 0x73, 0x65, 0x63, 0x72, 0x65, 0x74, 0x73, 0x3a, 0x3a, 0x9a, 0xc5, 0x88, 0x1e, 0x35, 0x0a,
+	0x33, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x62, 0x6f,
+	0x6f, 0x74, 0x73, 0x74, 0x72, 0x61, 0x70, 0x2e, 0x76, 0x32, 0x2e, 0x42, 0x6f, 0x6f, 0x74, 0x73,
+	0x74, 0x72, 0x61, 0x70, 0x2e, 0x53, 0x74, 0x61, 0x74, 0x69, 0x63, 0x52, 0x65, 0x73, 0x6f, 0x75,
+	0x72, 0x63, 0x65, 0x73, 0x1a, 0x89, 0x03, 0x0a, 0x10, 0x44, 0x79, 0x6e, 0x61, 0x6d, 0x69, 0x63,
+	0x52, 0x65, 0x73, 0x6f, 0x75, 0x72, 0x63, 0x65, 0x73, 0x12, 0x41, 0x0a, 0x0a, 0x6c, 0x64, 0x73,
+	0x5f, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x18, 0x01, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x22, 0x2e,
+	0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x63, 0x6f, 0x72,
+	0x65, 0x2e, 0x76, 0x33, 0x2e, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x53, 0x6f, 0x75, 0x72, 0x63,
+	0x65, 0x52, 0x09, 0x6c, 0x64, 0x73, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x12, 0x32, 0x0a, 0x15,
+	0x6c, 0x64, 0x73, 0x5f, 0x72, 0x65, 0x73, 0x6f, 0x75, 0x72, 0x63, 0x65, 0x73, 0x5f, 0x6c, 0x6f,
+	0x63, 0x61, 0x74, 0x6f, 0x72, 0x18, 0x05, 0x20, 0x01, 0x28, 0x09, 0x52, 0x13, 0x6c, 0x64, 0x73,
+	0x52, 0x65, 0x73, 0x6f, 0x75, 0x72, 0x63, 0x65, 0x73, 0x4c, 0x6f, 0x63, 0x61, 0x74, 0x6f, 0x72,
+	0x12, 0x41, 0x0a, 0x0a, 0x63, 0x64, 0x73, 0x5f, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x18, 0x02,
+	0x20, 0x01, 0x28, 0x0b, 0x32, 0x22, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e,
+	0x66, 0x69, 0x67, 0x2e, 0x63, 0x6f, 0x72, 0x65, 0x2e, 0x76, 0x33, 0x2e, 0x43, 0x6f, 0x6e, 0x66,
+	0x69, 0x67, 0x53, 0x6f, 0x75, 0x72, 0x63, 0x65, 0x52, 0x09, 0x63, 0x64, 0x73, 0x43, 0x6f, 0x6e,
+	0x66, 0x69, 0x67, 0x12, 0x32, 0x0a, 0x15, 0x63, 0x64, 0x73, 0x5f, 0x72, 0x65, 0x73, 0x6f, 0x75,
+	0x72, 0x63, 0x65, 0x73, 0x5f, 0x6c, 0x6f, 0x63, 0x61, 0x74, 0x6f, 0x72, 0x18, 0x06, 0x20, 0x01,
+	0x28, 0x09, 0x52, 0x13, 0x63, 0x64, 0x73, 0x52, 0x65, 0x73, 0x6f, 0x75, 0x72, 0x63, 0x65, 0x73,
+	0x4c, 0x6f, 0x63, 0x61, 0x74, 0x6f, 0x72, 0x12, 0x44, 0x0a, 0x0a, 0x61, 0x64, 0x73, 0x5f, 0x63,
+	0x6f, 0x6e, 0x66, 0x69, 0x67, 0x18, 0x03, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x25, 0x2e, 0x65, 0x6e,
+	0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x63, 0x6f, 0x72, 0x65, 0x2e,
+	0x76, 0x33, 0x2e, 0x41, 0x70, 0x69, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x53, 0x6f, 0x75, 0x72,
+	0x63, 0x65, 0x52, 0x09, 0x61, 0x64, 0x73, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x3a, 0x3b, 0x9a,
+	0xc5, 0x88, 0x1e, 0x36, 0x0a, 0x34, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66,
+	0x69, 0x67, 0x2e, 0x62, 0x6f, 0x6f, 0x74, 0x73, 0x74, 0x72, 0x61, 0x70, 0x2e, 0x76, 0x32, 0x2e,
+	0x42, 0x6f, 0x6f, 0x74, 0x73, 0x74, 0x72, 0x61, 0x70, 0x2e, 0x44, 0x79, 0x6e, 0x61, 0x6d, 0x69,
+	0x63, 0x52, 0x65, 0x73, 0x6f, 0x75, 0x72, 0x63, 0x65, 0x73, 0x4a, 0x04, 0x08, 0x04, 0x10, 0x05,
+	0x1a, 0x7b, 0x0a, 0x21, 0x43, 0x65, 0x72, 0x74, 0x69, 0x66, 0x69, 0x63, 0x61, 0x74, 0x65, 0x50,
+	0x72, 0x6f, 0x76, 0x69, 0x64, 0x65, 0x72, 0x49, 0x6e, 0x73, 0x74, 0x61, 0x6e, 0x63, 0x65, 0x73,
+	0x45, 0x6e, 0x74, 0x72, 0x79, 0x12, 0x10, 0x0a, 0x03, 0x6b, 0x65, 0x79, 0x18, 0x01, 0x20, 0x01,
+	0x28, 0x09, 0x52, 0x03, 0x6b, 0x65, 0x79, 0x12, 0x40, 0x0a, 0x05, 0x76, 0x61, 0x6c, 0x75, 0x65,
+	0x18, 0x02, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x2a, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63,
+	0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x63, 0x6f, 0x72, 0x65, 0x2e, 0x76, 0x33, 0x2e, 0x54, 0x79,
+	0x70, 0x65, 0x64, 0x45, 0x78, 0x74, 0x65, 0x6e, 0x73, 0x69, 0x6f, 0x6e, 0x43, 0x6f, 0x6e, 0x66,
+	0x69, 0x67, 0x52, 0x05, 0x76, 0x61, 0x6c, 0x75, 0x65, 0x3a, 0x02, 0x38, 0x01, 0x3a, 0x2a, 0x9a,
+	0xc5, 0x88, 0x1e, 0x25, 0x0a, 0x23, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66,
+	0x69, 0x67, 0x2e, 0x62, 0x6f, 0x6f, 0x74, 0x73, 0x74, 0x72, 0x61, 0x70, 0x2e, 0x76, 0x32, 0x2e,
+	0x42, 0x6f, 0x6f, 0x74, 0x73, 0x74, 0x72, 0x61, 0x70, 0x42, 0x0d, 0x0a, 0x0b, 0x73, 0x74, 0x61,
+	0x74, 0x73, 0x5f, 0x66, 0x6c, 0x75, 0x73, 0x68, 0x4a, 0x04, 0x08, 0x0a, 0x10, 0x0b, 0x4a, 0x04,
+	0x08, 0x0b, 0x10, 0x0c, 0x52, 0x07, 0x72, 0x75, 0x6e, 0x74, 0x69, 0x6d, 0x65, 0x22, 0xd0, 0x02,
+	0x0a, 0x05, 0x41, 0x64, 0x6d, 0x69, 0x6e, 0x12, 0x43, 0x0a, 0x0a, 0x61, 0x63, 0x63, 0x65, 0x73,
+	0x73, 0x5f, 0x6c, 0x6f, 0x67, 0x18, 0x05, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x24, 0x2e, 0x65, 0x6e,
+	0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x61, 0x63, 0x63, 0x65, 0x73,
+	0x73, 0x6c, 0x6f, 0x67, 0x2e, 0x76, 0x33, 0x2e, 0x41, 0x63, 0x63, 0x65, 0x73, 0x73, 0x4c, 0x6f,
+	0x67, 0x52, 0x09, 0x61, 0x63, 0x63, 0x65, 0x73, 0x73, 0x4c, 0x6f, 0x67, 0x12, 0x33, 0x0a, 0x0f,
+	0x61, 0x63, 0x63, 0x65, 0x73, 0x73, 0x5f, 0x6c, 0x6f, 0x67, 0x5f, 0x70, 0x61, 0x74, 0x68, 0x18,
+	0x01, 0x20, 0x01, 0x28, 0x09, 0x42, 0x0b, 0x18, 0x01, 0x92, 0xc7, 0x86, 0xd8, 0x04, 0x03, 0x33,
+	0x2e, 0x30, 0x52, 0x0d, 0x61, 0x63, 0x63, 0x65, 0x73, 0x73, 0x4c, 0x6f, 0x67, 0x50, 0x61, 0x74,
+	0x68, 0x12, 0x21, 0x0a, 0x0c, 0x70, 0x72, 0x6f, 0x66, 0x69, 0x6c, 0x65, 0x5f, 0x70, 0x61, 0x74,
+	0x68, 0x18, 0x02, 0x20, 0x01, 0x28, 0x09, 0x52, 0x0b, 0x70, 0x72, 0x6f, 0x66, 0x69, 0x6c, 0x65,
+	0x50, 0x61, 0x74, 0x68, 0x12, 0x37, 0x0a, 0x07, 0x61, 0x64, 0x64, 0x72, 0x65, 0x73, 0x73, 0x18,
+	0x03, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1d, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f,
+	0x6e, 0x66, 0x69, 0x67, 0x2e, 0x63, 0x6f, 0x72, 0x65, 0x2e, 0x76, 0x33, 0x2e, 0x41, 0x64, 0x64,
+	0x72, 0x65, 0x73, 0x73, 0x52, 0x07, 0x61, 0x64, 0x64, 0x72, 0x65, 0x73, 0x73, 0x12, 0x49, 0x0a,
+	0x0e, 0x73, 0x6f, 0x63, 0x6b, 0x65, 0x74, 0x5f, 0x6f, 0x70, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x18,
+	0x04, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x22, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f,
+	0x6e, 0x66, 0x69, 0x67, 0x2e, 0x63, 0x6f, 0x72, 0x65, 0x2e, 0x76, 0x33, 0x2e, 0x53, 0x6f, 0x63,
+	0x6b, 0x65, 0x74, 0x4f, 0x70, 0x74, 0x69, 0x6f, 0x6e, 0x52, 0x0d, 0x73, 0x6f, 0x63, 0x6b, 0x65,
+	0x74, 0x4f, 0x70, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x3a, 0x26, 0x9a, 0xc5, 0x88, 0x1e, 0x21, 0x0a,
+	0x1f, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x62, 0x6f,
+	0x6f, 0x74, 0x73, 0x74, 0x72, 0x61, 0x70, 0x2e, 0x76, 0x32, 0x2e, 0x41, 0x64, 0x6d, 0x69, 0x6e,
+	0x22, 0xcb, 0x04, 0x0a, 0x0e, 0x43, 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0x4d, 0x61, 0x6e, 0x61,
+	0x67, 0x65, 0x72, 0x12, 0x2c, 0x0a, 0x12, 0x6c, 0x6f, 0x63, 0x61, 0x6c, 0x5f, 0x63, 0x6c, 0x75,
+	0x73, 0x74, 0x65, 0x72, 0x5f, 0x6e, 0x61, 0x6d, 0x65, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52,
+	0x10, 0x6c, 0x6f, 0x63, 0x61, 0x6c, 0x43, 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0x4e, 0x61, 0x6d,
+	0x65, 0x12, 0x67, 0x0a, 0x11, 0x6f, 0x75, 0x74, 0x6c, 0x69, 0x65, 0x72, 0x5f, 0x64, 0x65, 0x74,
+	0x65, 0x63, 0x74, 0x69, 0x6f, 0x6e, 0x18, 0x02, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x3a, 0x2e, 0x65,
+	0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x62, 0x6f, 0x6f, 0x74,
+	0x73, 0x74, 0x72, 0x61, 0x70, 0x2e, 0x76, 0x33, 0x2e, 0x43, 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72,
+	0x4d, 0x61, 0x6e, 0x61, 0x67, 0x65, 0x72, 0x2e, 0x4f, 0x75, 0x74, 0x6c, 0x69, 0x65, 0x72, 0x44,
+	0x65, 0x74, 0x65, 0x63, 0x74, 0x69, 0x6f, 0x6e, 0x52, 0x10, 0x6f, 0x75, 0x74, 0x6c, 0x69, 0x65,
+	0x72, 0x44, 0x65, 0x74, 0x65, 0x63, 0x74, 0x69, 0x6f, 0x6e, 0x12, 0x52, 0x0a, 0x14, 0x75, 0x70,
+	0x73, 0x74, 0x72, 0x65, 0x61, 0x6d, 0x5f, 0x62, 0x69, 0x6e, 0x64, 0x5f, 0x63, 0x6f, 0x6e, 0x66,
+	0x69, 0x67, 0x18, 0x03, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x20, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79,
+	0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x63, 0x6f, 0x72, 0x65, 0x2e, 0x76, 0x33, 0x2e,
+	0x42, 0x69, 0x6e, 0x64, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x52, 0x12, 0x75, 0x70, 0x73, 0x74,
+	0x72, 0x65, 0x61, 0x6d, 0x42, 0x69, 0x6e, 0x64, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x12, 0x51,
+	0x0a, 0x11, 0x6c, 0x6f, 0x61, 0x64, 0x5f, 0x73, 0x74, 0x61, 0x74, 0x73, 0x5f, 0x63, 0x6f, 0x6e,
+	0x66, 0x69, 0x67, 0x18, 0x04, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x25, 0x2e, 0x65, 0x6e, 0x76, 0x6f,
+	0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x63, 0x6f, 0x72, 0x65, 0x2e, 0x76, 0x33,
+	0x2e, 0x41, 0x70, 0x69, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x53, 0x6f, 0x75, 0x72, 0x63, 0x65,
+	0x52, 0x0f, 0x6c, 0x6f, 0x61, 0x64, 0x53, 0x74, 0x61, 0x74, 0x73, 0x43, 0x6f, 0x6e, 0x66, 0x69,
+	0x67, 0x1a, 0xc9, 0x01, 0x0a, 0x10, 0x4f, 0x75, 0x74, 0x6c, 0x69, 0x65, 0x72, 0x44, 0x65, 0x74,
+	0x65, 0x63, 0x74, 0x69, 0x6f, 0x6e, 0x12, 0x24, 0x0a, 0x0e, 0x65, 0x76, 0x65, 0x6e, 0x74, 0x5f,
+	0x6c, 0x6f, 0x67, 0x5f, 0x70, 0x61, 0x74, 0x68, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x0c,
+	0x65, 0x76, 0x65, 0x6e, 0x74, 0x4c, 0x6f, 0x67, 0x50, 0x61, 0x74, 0x68, 0x12, 0x4d, 0x0a, 0x0d,
+	0x65, 0x76, 0x65, 0x6e, 0x74, 0x5f, 0x73, 0x65, 0x72, 0x76, 0x69, 0x63, 0x65, 0x18, 0x02, 0x20,
+	0x01, 0x28, 0x0b, 0x32, 0x28, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66,
+	0x69, 0x67, 0x2e, 0x63, 0x6f, 0x72, 0x65, 0x2e, 0x76, 0x33, 0x2e, 0x45, 0x76, 0x65, 0x6e, 0x74,
+	0x53, 0x65, 0x72, 0x76, 0x69, 0x63, 0x65, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x52, 0x0c, 0x65,
+	0x76, 0x65, 0x6e, 0x74, 0x53, 0x65, 0x72, 0x76, 0x69, 0x63, 0x65, 0x3a, 0x40, 0x9a, 0xc5, 0x88,
+	0x1e, 0x3b, 0x0a, 0x39, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67,
+	0x2e, 0x62, 0x6f, 0x6f, 0x74, 0x73, 0x74, 0x72, 0x61, 0x70, 0x2e, 0x76, 0x32, 0x2e, 0x43, 0x6c,
+	0x75, 0x73, 0x74, 0x65, 0x72, 0x4d, 0x61, 0x6e, 0x61, 0x67, 0x65, 0x72, 0x2e, 0x4f, 0x75, 0x74,
+	0x6c, 0x69, 0x65, 0x72, 0x44, 0x65, 0x74, 0x65, 0x63, 0x74, 0x69, 0x6f, 0x6e, 0x3a, 0x2f, 0x9a,
+	0xc5, 0x88, 0x1e, 0x2a, 0x0a, 0x28, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66,
+	0x69, 0x67, 0x2e, 0x62, 0x6f, 0x6f, 0x74, 0x73, 0x74, 0x72, 0x61, 0x70, 0x2e, 0x76, 0x32, 0x2e,
+	0x43, 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0x4d, 0x61, 0x6e, 0x61, 0x67, 0x65, 0x72, 0x22, 0xb0,
+	0x01, 0x0a, 0x09, 0x57, 0x61, 0x74, 0x63, 0x68, 0x64, 0x6f, 0x67, 0x73, 0x12, 0x55, 0x0a, 0x14,
+	0x6d, 0x61, 0x69, 0x6e, 0x5f, 0x74, 0x68, 0x72, 0x65, 0x61, 0x64, 0x5f, 0x77, 0x61, 0x74, 0x63,
+	0x68, 0x64, 0x6f, 0x67, 0x18, 0x01, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x23, 0x2e, 0x65, 0x6e, 0x76,
+	0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x62, 0x6f, 0x6f, 0x74, 0x73, 0x74,
+	0x72, 0x61, 0x70, 0x2e, 0x76, 0x33, 0x2e, 0x57, 0x61, 0x74, 0x63, 0x68, 0x64, 0x6f, 0x67, 0x52,
+	0x12, 0x6d, 0x61, 0x69, 0x6e, 0x54, 0x68, 0x72, 0x65, 0x61, 0x64, 0x57, 0x61, 0x74, 0x63, 0x68,
+	0x64, 0x6f, 0x67, 0x12, 0x4c, 0x0a, 0x0f, 0x77, 0x6f, 0x72, 0x6b, 0x65, 0x72, 0x5f, 0x77, 0x61,
+	0x74, 0x63, 0x68, 0x64, 0x6f, 0x67, 0x18, 0x02, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x23, 0x2e, 0x65,
+	0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x62, 0x6f, 0x6f, 0x74,
+	0x73, 0x74, 0x72, 0x61, 0x70, 0x2e, 0x76, 0x33, 0x2e, 0x57, 0x61, 0x74, 0x63, 0x68, 0x64, 0x6f,
+	0x67, 0x52, 0x0e, 0x77, 0x6f, 0x72, 0x6b, 0x65, 0x72, 0x57, 0x61, 0x74, 0x63, 0x68, 0x64, 0x6f,
+	0x67, 0x22, 0xba, 0x06, 0x0a, 0x08, 0x57, 0x61, 0x74, 0x63, 0x68, 0x64, 0x6f, 0x67, 0x12, 0x4c,
+	0x0a, 0x07, 0x61, 0x63, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x18, 0x07, 0x20, 0x03, 0x28, 0x0b, 0x32,
+	0x32, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x62,
+	0x6f, 0x6f, 0x74, 0x73, 0x74, 0x72, 0x61, 0x70, 0x2e, 0x76, 0x33, 0x2e, 0x57, 0x61, 0x74, 0x63,
+	0x68, 0x64, 0x6f, 0x67, 0x2e, 0x57, 0x61, 0x74, 0x63, 0x68, 0x64, 0x6f, 0x67, 0x41, 0x63, 0x74,
+	0x69, 0x6f, 0x6e, 0x52, 0x07, 0x61, 0x63, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x12, 0x3c, 0x0a, 0x0c,
+	0x6d, 0x69, 0x73, 0x73, 0x5f, 0x74, 0x69, 0x6d, 0x65, 0x6f, 0x75, 0x74, 0x18, 0x01, 0x20, 0x01,
+	0x28, 0x0b, 0x32, 0x19, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74,
+	0x6f, 0x62, 0x75, 0x66, 0x2e, 0x44, 0x75, 0x72, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x52, 0x0b, 0x6d,
+	0x69, 0x73, 0x73, 0x54, 0x69, 0x6d, 0x65, 0x6f, 0x75, 0x74, 0x12, 0x44, 0x0a, 0x10, 0x6d, 0x65,
+	0x67, 0x61, 0x6d, 0x69, 0x73, 0x73, 0x5f, 0x74, 0x69, 0x6d, 0x65, 0x6f, 0x75, 0x74, 0x18, 0x02,
+	0x20, 0x01, 0x28, 0x0b, 0x32, 0x19, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72,
+	0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x44, 0x75, 0x72, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x52,
+	0x0f, 0x6d, 0x65, 0x67, 0x61, 0x6d, 0x69, 0x73, 0x73, 0x54, 0x69, 0x6d, 0x65, 0x6f, 0x75, 0x74,
+	0x12, 0x3c, 0x0a, 0x0c, 0x6b, 0x69, 0x6c, 0x6c, 0x5f, 0x74, 0x69, 0x6d, 0x65, 0x6f, 0x75, 0x74,
+	0x18, 0x03, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x19, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e,
+	0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x44, 0x75, 0x72, 0x61, 0x74, 0x69, 0x6f,
+	0x6e, 0x52, 0x0b, 0x6b, 0x69, 0x6c, 0x6c, 0x54, 0x69, 0x6d, 0x65, 0x6f, 0x75, 0x74, 0x12, 0x5a,
+	0x0a, 0x17, 0x6d, 0x61, 0x78, 0x5f, 0x6b, 0x69, 0x6c, 0x6c, 0x5f, 0x74, 0x69, 0x6d, 0x65, 0x6f,
+	0x75, 0x74, 0x5f, 0x6a, 0x69, 0x74, 0x74, 0x65, 0x72, 0x18, 0x06, 0x20, 0x01, 0x28, 0x0b, 0x32,
+	0x19, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75,
+	0x66, 0x2e, 0x44, 0x75, 0x72, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x42, 0x08, 0xfa, 0x42, 0x05, 0xaa,
+	0x01, 0x02, 0x32, 0x00, 0x52, 0x14, 0x6d, 0x61, 0x78, 0x4b, 0x69, 0x6c, 0x6c, 0x54, 0x69, 0x6d,
+	0x65, 0x6f, 0x75, 0x74, 0x4a, 0x69, 0x74, 0x74, 0x65, 0x72, 0x12, 0x46, 0x0a, 0x11, 0x6d, 0x75,
+	0x6c, 0x74, 0x69, 0x6b, 0x69, 0x6c, 0x6c, 0x5f, 0x74, 0x69, 0x6d, 0x65, 0x6f, 0x75, 0x74, 0x18,
+	0x04, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x19, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70,
+	0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x44, 0x75, 0x72, 0x61, 0x74, 0x69, 0x6f, 0x6e,
+	0x52, 0x10, 0x6d, 0x75, 0x6c, 0x74, 0x69, 0x6b, 0x69, 0x6c, 0x6c, 0x54, 0x69, 0x6d, 0x65, 0x6f,
+	0x75, 0x74, 0x12, 0x47, 0x0a, 0x13, 0x6d, 0x75, 0x6c, 0x74, 0x69, 0x6b, 0x69, 0x6c, 0x6c, 0x5f,
+	0x74, 0x68, 0x72, 0x65, 0x73, 0x68, 0x6f, 0x6c, 0x64, 0x18, 0x05, 0x20, 0x01, 0x28, 0x0b, 0x32,
+	0x16, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x74, 0x79, 0x70, 0x65, 0x2e, 0x76, 0x33, 0x2e,
+	0x50, 0x65, 0x72, 0x63, 0x65, 0x6e, 0x74, 0x52, 0x12, 0x6d, 0x75, 0x6c, 0x74, 0x69, 0x6b, 0x69,
+	0x6c, 0x6c, 0x54, 0x68, 0x72, 0x65, 0x73, 0x68, 0x6f, 0x6c, 0x64, 0x1a, 0x85, 0x02, 0x0a, 0x0e,
+	0x57, 0x61, 0x74, 0x63, 0x68, 0x64, 0x6f, 0x67, 0x41, 0x63, 0x74, 0x69, 0x6f, 0x6e, 0x12, 0x42,
+	0x0a, 0x06, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x18, 0x01, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x2a,
+	0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x63, 0x6f,
+	0x72, 0x65, 0x2e, 0x76, 0x33, 0x2e, 0x54, 0x79, 0x70, 0x65, 0x64, 0x45, 0x78, 0x74, 0x65, 0x6e,
+	0x73, 0x69, 0x6f, 0x6e, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x52, 0x06, 0x63, 0x6f, 0x6e, 0x66,
+	0x69, 0x67, 0x12, 0x60, 0x0a, 0x05, 0x65, 0x76, 0x65, 0x6e, 0x74, 0x18, 0x02, 0x20, 0x01, 0x28,
+	0x0e, 0x32, 0x40, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67,
+	0x2e, 0x62, 0x6f, 0x6f, 0x74, 0x73, 0x74, 0x72, 0x61, 0x70, 0x2e, 0x76, 0x33, 0x2e, 0x57, 0x61,
+	0x74, 0x63, 0x68, 0x64, 0x6f, 0x67, 0x2e, 0x57, 0x61, 0x74, 0x63, 0x68, 0x64, 0x6f, 0x67, 0x41,
+	0x63, 0x74, 0x69, 0x6f, 0x6e, 0x2e, 0x57, 0x61, 0x74, 0x63, 0x68, 0x64, 0x6f, 0x67, 0x45, 0x76,
+	0x65, 0x6e, 0x74, 0x42, 0x08, 0xfa, 0x42, 0x05, 0x82, 0x01, 0x02, 0x10, 0x01, 0x52, 0x05, 0x65,
+	0x76, 0x65, 0x6e, 0x74, 0x22, 0x4d, 0x0a, 0x0d, 0x57, 0x61, 0x74, 0x63, 0x68, 0x64, 0x6f, 0x67,
+	0x45, 0x76, 0x65, 0x6e, 0x74, 0x12, 0x0b, 0x0a, 0x07, 0x55, 0x4e, 0x4b, 0x4e, 0x4f, 0x57, 0x4e,
+	0x10, 0x00, 0x12, 0x08, 0x0a, 0x04, 0x4b, 0x49, 0x4c, 0x4c, 0x10, 0x01, 0x12, 0x0d, 0x0a, 0x09,
+	0x4d, 0x55, 0x4c, 0x54, 0x49, 0x4b, 0x49, 0x4c, 0x4c, 0x10, 0x02, 0x12, 0x0c, 0x0a, 0x08, 0x4d,
+	0x45, 0x47, 0x41, 0x4d, 0x49, 0x53, 0x53, 0x10, 0x03, 0x12, 0x08, 0x0a, 0x04, 0x4d, 0x49, 0x53,
+	0x53, 0x10, 0x04, 0x3a, 0x29, 0x9a, 0xc5, 0x88, 0x1e, 0x24, 0x0a, 0x22, 0x65, 0x6e, 0x76, 0x6f,
+	0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x62, 0x6f, 0x6f, 0x74, 0x73, 0x74, 0x72,
+	0x61, 0x70, 0x2e, 0x76, 0x32, 0x2e, 0x57, 0x61, 0x74, 0x63, 0x68, 0x64, 0x6f, 0x67, 0x22, 0x51,
+	0x0a, 0x0b, 0x46, 0x61, 0x74, 0x61, 0x6c, 0x41, 0x63, 0x74, 0x69, 0x6f, 0x6e, 0x12, 0x42, 0x0a,
+	0x06, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x18, 0x01, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x2a, 0x2e,
+	0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x63, 0x6f, 0x72,
+	0x65, 0x2e, 0x76, 0x33, 0x2e, 0x54, 0x79, 0x70, 0x65, 0x64, 0x45, 0x78, 0x74, 0x65, 0x6e, 0x73,
+	0x69, 0x6f, 0x6e, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x52, 0x06, 0x63, 0x6f, 0x6e, 0x66, 0x69,
+	0x67, 0x22, 0xdc, 0x01, 0x0a, 0x07, 0x52, 0x75, 0x6e, 0x74, 0x69, 0x6d, 0x65, 0x12, 0x21, 0x0a,
+	0x0c, 0x73, 0x79, 0x6d, 0x6c, 0x69, 0x6e, 0x6b, 0x5f, 0x72, 0x6f, 0x6f, 0x74, 0x18, 0x01, 0x20,
+	0x01, 0x28, 0x09, 0x52, 0x0b, 0x73, 0x79, 0x6d, 0x6c, 0x69, 0x6e, 0x6b, 0x52, 0x6f, 0x6f, 0x74,
+	0x12, 0x22, 0x0a, 0x0c, 0x73, 0x75, 0x62, 0x64, 0x69, 0x72, 0x65, 0x63, 0x74, 0x6f, 0x72, 0x79,
+	0x18, 0x02, 0x20, 0x01, 0x28, 0x09, 0x52, 0x0c, 0x73, 0x75, 0x62, 0x64, 0x69, 0x72, 0x65, 0x63,
+	0x74, 0x6f, 0x72, 0x79, 0x12, 0x33, 0x0a, 0x15, 0x6f, 0x76, 0x65, 0x72, 0x72, 0x69, 0x64, 0x65,
+	0x5f, 0x73, 0x75, 0x62, 0x64, 0x69, 0x72, 0x65, 0x63, 0x74, 0x6f, 0x72, 0x79, 0x18, 0x03, 0x20,
+	0x01, 0x28, 0x09, 0x52, 0x14, 0x6f, 0x76, 0x65, 0x72, 0x72, 0x69, 0x64, 0x65, 0x53, 0x75, 0x62,
+	0x64, 0x69, 0x72, 0x65, 0x63, 0x74, 0x6f, 0x72, 0x79, 0x12, 0x2b, 0x0a, 0x04, 0x62, 0x61, 0x73,
+	0x65, 0x18, 0x04, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x17, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65,
+	0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x53, 0x74, 0x72, 0x75, 0x63, 0x74,
+	0x52, 0x04, 0x62, 0x61, 0x73, 0x65, 0x3a, 0x28, 0x9a, 0xc5, 0x88, 0x1e, 0x23, 0x0a, 0x21, 0x65,
+	0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x62, 0x6f, 0x6f, 0x74,
+	0x73, 0x74, 0x72, 0x61, 0x70, 0x2e, 0x76, 0x32, 0x2e, 0x52, 0x75, 0x6e, 0x74, 0x69, 0x6d, 0x65,
+	0x22, 0xdb, 0x06, 0x0a, 0x0c, 0x52, 0x75, 0x6e, 0x74, 0x69, 0x6d, 0x65, 0x4c, 0x61, 0x79, 0x65,
+	0x72, 0x12, 0x1b, 0x0a, 0x04, 0x6e, 0x61, 0x6d, 0x65, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x42,
+	0x07, 0xfa, 0x42, 0x04, 0x72, 0x02, 0x10, 0x01, 0x52, 0x04, 0x6e, 0x61, 0x6d, 0x65, 0x12, 0x3c,
+	0x0a, 0x0c, 0x73, 0x74, 0x61, 0x74, 0x69, 0x63, 0x5f, 0x6c, 0x61, 0x79, 0x65, 0x72, 0x18, 0x02,
+	0x20, 0x01, 0x28, 0x0b, 0x32, 0x17, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72,
+	0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x53, 0x74, 0x72, 0x75, 0x63, 0x74, 0x48, 0x00, 0x52,
+	0x0b, 0x73, 0x74, 0x61, 0x74, 0x69, 0x63, 0x4c, 0x61, 0x79, 0x65, 0x72, 0x12, 0x52, 0x0a, 0x0a,
+	0x64, 0x69, 0x73, 0x6b, 0x5f, 0x6c, 0x61, 0x79, 0x65, 0x72, 0x18, 0x03, 0x20, 0x01, 0x28, 0x0b,
+	0x32, 0x31, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e,
+	0x62, 0x6f, 0x6f, 0x74, 0x73, 0x74, 0x72, 0x61, 0x70, 0x2e, 0x76, 0x33, 0x2e, 0x52, 0x75, 0x6e,
+	0x74, 0x69, 0x6d, 0x65, 0x4c, 0x61, 0x79, 0x65, 0x72, 0x2e, 0x44, 0x69, 0x73, 0x6b, 0x4c, 0x61,
+	0x79, 0x65, 0x72, 0x48, 0x00, 0x52, 0x09, 0x64, 0x69, 0x73, 0x6b, 0x4c, 0x61, 0x79, 0x65, 0x72,
+	0x12, 0x55, 0x0a, 0x0b, 0x61, 0x64, 0x6d, 0x69, 0x6e, 0x5f, 0x6c, 0x61, 0x79, 0x65, 0x72, 0x18,
+	0x04, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x32, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f,
+	0x6e, 0x66, 0x69, 0x67, 0x2e, 0x62, 0x6f, 0x6f, 0x74, 0x73, 0x74, 0x72, 0x61, 0x70, 0x2e, 0x76,
+	0x33, 0x2e, 0x52, 0x75, 0x6e, 0x74, 0x69, 0x6d, 0x65, 0x4c, 0x61, 0x79, 0x65, 0x72, 0x2e, 0x41,
+	0x64, 0x6d, 0x69, 0x6e, 0x4c, 0x61, 0x79, 0x65, 0x72, 0x48, 0x00, 0x52, 0x0a, 0x61, 0x64, 0x6d,
+	0x69, 0x6e, 0x4c, 0x61, 0x79, 0x65, 0x72, 0x12, 0x52, 0x0a, 0x0a, 0x72, 0x74, 0x64, 0x73, 0x5f,
+	0x6c, 0x61, 0x79, 0x65, 0x72, 0x18, 0x05, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x31, 0x2e, 0x65, 0x6e,
+	0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x62, 0x6f, 0x6f, 0x74, 0x73,
+	0x74, 0x72, 0x61, 0x70, 0x2e, 0x76, 0x33, 0x2e, 0x52, 0x75, 0x6e, 0x74, 0x69, 0x6d, 0x65, 0x4c,
+	0x61, 0x79, 0x65, 0x72, 0x2e, 0x52, 0x74, 0x64, 0x73, 0x4c, 0x61, 0x79, 0x65, 0x72, 0x48, 0x00,
+	0x52, 0x09, 0x72, 0x74, 0x64, 0x73, 0x4c, 0x61, 0x79, 0x65, 0x72, 0x1a, 0xc1, 0x01, 0x0a, 0x09,
+	0x44, 0x69, 0x73, 0x6b, 0x4c, 0x61, 0x79, 0x65, 0x72, 0x12, 0x21, 0x0a, 0x0c, 0x73, 0x79, 0x6d,
+	0x6c, 0x69, 0x6e, 0x6b, 0x5f, 0x72, 0x6f, 0x6f, 0x74, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52,
+	0x0b, 0x73, 0x79, 0x6d, 0x6c, 0x69, 0x6e, 0x6b, 0x52, 0x6f, 0x6f, 0x74, 0x12, 0x22, 0x0a, 0x0c,
+	0x73, 0x75, 0x62, 0x64, 0x69, 0x72, 0x65, 0x63, 0x74, 0x6f, 0x72, 0x79, 0x18, 0x03, 0x20, 0x01,
+	0x28, 0x09, 0x52, 0x0c, 0x73, 0x75, 0x62, 0x64, 0x69, 0x72, 0x65, 0x63, 0x74, 0x6f, 0x72, 0x79,
+	0x12, 0x34, 0x0a, 0x16, 0x61, 0x70, 0x70, 0x65, 0x6e, 0x64, 0x5f, 0x73, 0x65, 0x72, 0x76, 0x69,
+	0x63, 0x65, 0x5f, 0x63, 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0x18, 0x02, 0x20, 0x01, 0x28, 0x08,
+	0x52, 0x14, 0x61, 0x70, 0x70, 0x65, 0x6e, 0x64, 0x53, 0x65, 0x72, 0x76, 0x69, 0x63, 0x65, 0x43,
+	0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0x3a, 0x37, 0x9a, 0xc5, 0x88, 0x1e, 0x32, 0x0a, 0x30, 0x65,
+	0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x62, 0x6f, 0x6f, 0x74,
+	0x73, 0x74, 0x72, 0x61, 0x70, 0x2e, 0x76, 0x32, 0x2e, 0x52, 0x75, 0x6e, 0x74, 0x69, 0x6d, 0x65,
+	0x4c, 0x61, 0x79, 0x65, 0x72, 0x2e, 0x44, 0x69, 0x73, 0x6b, 0x4c, 0x61, 0x79, 0x65, 0x72, 0x1a,
+	0x46, 0x0a, 0x0a, 0x41, 0x64, 0x6d, 0x69, 0x6e, 0x4c, 0x61, 0x79, 0x65, 0x72, 0x3a, 0x38, 0x9a,
+	0xc5, 0x88, 0x1e, 0x33, 0x0a, 0x31, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66,
+	0x69, 0x67, 0x2e, 0x62, 0x6f, 0x6f, 0x74, 0x73, 0x74, 0x72, 0x61, 0x70, 0x2e, 0x76, 0x32, 0x2e,
+	0x52, 0x75, 0x6e, 0x74, 0x69, 0x6d, 0x65, 0x4c, 0x61, 0x79, 0x65, 0x72, 0x2e, 0x41, 0x64, 0x6d,
+	0x69, 0x6e, 0x4c, 0x61, 0x79, 0x65, 0x72, 0x1a, 0x9d, 0x01, 0x0a, 0x09, 0x52, 0x74, 0x64, 0x73,
+	0x4c, 0x61, 0x79, 0x65, 0x72, 0x12, 0x12, 0x0a, 0x04, 0x6e, 0x61, 0x6d, 0x65, 0x18, 0x01, 0x20,
+	0x01, 0x28, 0x09, 0x52, 0x04, 0x6e, 0x61, 0x6d, 0x65, 0x12, 0x43, 0x0a, 0x0b, 0x72, 0x74, 0x64,
+	0x73, 0x5f, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x18, 0x02, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x22,
+	0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x63, 0x6f,
+	0x72, 0x65, 0x2e, 0x76, 0x33, 0x2e, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x53, 0x6f, 0x75, 0x72,
+	0x63, 0x65, 0x52, 0x0a, 0x72, 0x74, 0x64, 0x73, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x3a, 0x37,
+	0x9a, 0xc5, 0x88, 0x1e, 0x32, 0x0a, 0x30, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e,
+	0x66, 0x69, 0x67, 0x2e, 0x62, 0x6f, 0x6f, 0x74, 0x73, 0x74, 0x72, 0x61, 0x70, 0x2e, 0x76, 0x32,
+	0x2e, 0x52, 0x75, 0x6e, 0x74, 0x69, 0x6d, 0x65, 0x4c, 0x61, 0x79, 0x65, 0x72, 0x2e, 0x52, 0x74,
+	0x64, 0x73, 0x4c, 0x61, 0x79, 0x65, 0x72, 0x3a, 0x2d, 0x9a, 0xc5, 0x88, 0x1e, 0x28, 0x0a, 0x26,
+	0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x62, 0x6f, 0x6f,
+	0x74, 0x73, 0x74, 0x72, 0x61, 0x70, 0x2e, 0x76, 0x32, 0x2e, 0x52, 0x75, 0x6e, 0x74, 0x69, 0x6d,
+	0x65, 0x4c, 0x61, 0x79, 0x65, 0x72, 0x42, 0x16, 0x0a, 0x0f, 0x6c, 0x61, 0x79, 0x65, 0x72, 0x5f,
+	0x73, 0x70, 0x65, 0x63, 0x69, 0x66, 0x69, 0x65, 0x72, 0x12, 0x03, 0xf8, 0x42, 0x01, 0x22, 0x82,
+	0x01, 0x0a, 0x0e, 0x4c, 0x61, 0x79, 0x65, 0x72, 0x65, 0x64, 0x52, 0x75, 0x6e, 0x74, 0x69, 0x6d,
+	0x65, 0x12, 0x3f, 0x0a, 0x06, 0x6c, 0x61, 0x79, 0x65, 0x72, 0x73, 0x18, 0x01, 0x20, 0x03, 0x28,
+	0x0b, 0x32, 0x27, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67,
+	0x2e, 0x62, 0x6f, 0x6f, 0x74, 0x73, 0x74, 0x72, 0x61, 0x70, 0x2e, 0x76, 0x33, 0x2e, 0x52, 0x75,
+	0x6e, 0x74, 0x69, 0x6d, 0x65, 0x4c, 0x61, 0x79, 0x65, 0x72, 0x52, 0x06, 0x6c, 0x61, 0x79, 0x65,
+	0x72, 0x73, 0x3a, 0x2f, 0x9a, 0xc5, 0x88, 0x1e, 0x2a, 0x0a, 0x28, 0x65, 0x6e, 0x76, 0x6f, 0x79,
+	0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x62, 0x6f, 0x6f, 0x74, 0x73, 0x74, 0x72, 0x61,
+	0x70, 0x2e, 0x76, 0x32, 0x2e, 0x4c, 0x61, 0x79, 0x65, 0x72, 0x65, 0x64, 0x52, 0x75, 0x6e, 0x74,
+	0x69, 0x6d, 0x65, 0x22, 0xb1, 0x02, 0x0a, 0x12, 0x43, 0x75, 0x73, 0x74, 0x6f, 0x6d, 0x49, 0x6e,
+	0x6c, 0x69, 0x6e, 0x65, 0x48, 0x65, 0x61, 0x64, 0x65, 0x72, 0x12, 0x3b, 0x0a, 0x12, 0x69, 0x6e,
+	0x6c, 0x69, 0x6e, 0x65, 0x5f, 0x68, 0x65, 0x61, 0x64, 0x65, 0x72, 0x5f, 0x6e, 0x61, 0x6d, 0x65,
+	0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x42, 0x0d, 0xfa, 0x42, 0x0a, 0x72, 0x08, 0x10, 0x01, 0xc0,
+	0x01, 0x01, 0xc8, 0x01, 0x00, 0x52, 0x10, 0x69, 0x6e, 0x6c, 0x69, 0x6e, 0x65, 0x48, 0x65, 0x61,
+	0x64, 0x65, 0x72, 0x4e, 0x61, 0x6d, 0x65, 0x12, 0x76, 0x0a, 0x12, 0x69, 0x6e, 0x6c, 0x69, 0x6e,
+	0x65, 0x5f, 0x68, 0x65, 0x61, 0x64, 0x65, 0x72, 0x5f, 0x74, 0x79, 0x70, 0x65, 0x18, 0x02, 0x20,
+	0x01, 0x28, 0x0e, 0x32, 0x3e, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66,
+	0x69, 0x67, 0x2e, 0x62, 0x6f, 0x6f, 0x74, 0x73, 0x74, 0x72, 0x61, 0x70, 0x2e, 0x76, 0x33, 0x2e,
+	0x43, 0x75, 0x73, 0x74, 0x6f, 0x6d, 0x49, 0x6e, 0x6c, 0x69, 0x6e, 0x65, 0x48, 0x65, 0x61, 0x64,
+	0x65, 0x72, 0x2e, 0x49, 0x6e, 0x6c, 0x69, 0x6e, 0x65, 0x48, 0x65, 0x61, 0x64, 0x65, 0x72, 0x54,
+	0x79, 0x70, 0x65, 0x42, 0x08, 0xfa, 0x42, 0x05, 0x82, 0x01, 0x02, 0x10, 0x01, 0x52, 0x10, 0x69,
+	0x6e, 0x6c, 0x69, 0x6e, 0x65, 0x48, 0x65, 0x61, 0x64, 0x65, 0x72, 0x54, 0x79, 0x70, 0x65, 0x22,
+	0x66, 0x0a, 0x10, 0x49, 0x6e, 0x6c, 0x69, 0x6e, 0x65, 0x48, 0x65, 0x61, 0x64, 0x65, 0x72, 0x54,
+	0x79, 0x70, 0x65, 0x12, 0x12, 0x0a, 0x0e, 0x52, 0x45, 0x51, 0x55, 0x45, 0x53, 0x54, 0x5f, 0x48,
+	0x45, 0x41, 0x44, 0x45, 0x52, 0x10, 0x00, 0x12, 0x13, 0x0a, 0x0f, 0x52, 0x45, 0x51, 0x55, 0x45,
+	0x53, 0x54, 0x5f, 0x54, 0x52, 0x41, 0x49, 0x4c, 0x45, 0x52, 0x10, 0x01, 0x12, 0x13, 0x0a, 0x0f,
+	0x52, 0x45, 0x53, 0x50, 0x4f, 0x4e, 0x53, 0x45, 0x5f, 0x48, 0x45, 0x41, 0x44, 0x45, 0x52, 0x10,
+	0x02, 0x12, 0x14, 0x0a, 0x10, 0x52, 0x45, 0x53, 0x50, 0x4f, 0x4e, 0x53, 0x45, 0x5f, 0x54, 0x52,
+	0x41, 0x49, 0x4c, 0x45, 0x52, 0x10, 0x03, 0x42, 0x43, 0x0a, 0x27, 0x69, 0x6f, 0x2e, 0x65, 0x6e,
+	0x76, 0x6f, 0x79, 0x70, 0x72, 0x6f, 0x78, 0x79, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63,
+	0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x62, 0x6f, 0x6f, 0x74, 0x73, 0x74, 0x72, 0x61, 0x70, 0x2e,
+	0x76, 0x33, 0x42, 0x0e, 0x42, 0x6f, 0x6f, 0x74, 0x73, 0x74, 0x72, 0x61, 0x70, 0x50, 0x72, 0x6f,
+	0x74, 0x6f, 0x50, 0x01, 0xba, 0x80, 0xc8, 0xd1, 0x06, 0x02, 0x10, 0x02, 0x62, 0x06, 0x70, 0x72,
+	0x6f, 0x74, 0x6f, 0x33,
+}
+
+var (
+	file_envoy_config_bootstrap_v3_bootstrap_proto_rawDescOnce sync.Once
+	file_envoy_config_bootstrap_v3_bootstrap_proto_rawDescData = file_envoy_config_bootstrap_v3_bootstrap_proto_rawDesc
+)
+
+func file_envoy_config_bootstrap_v3_bootstrap_proto_rawDescGZIP() []byte {
+	file_envoy_config_bootstrap_v3_bootstrap_proto_rawDescOnce.Do(func() {
+		file_envoy_config_bootstrap_v3_bootstrap_proto_rawDescData = protoimpl.X.CompressGZIP(file_envoy_config_bootstrap_v3_bootstrap_proto_rawDescData)
+	})
+	return file_envoy_config_bootstrap_v3_bootstrap_proto_rawDescData
+}
+
+var file_envoy_config_bootstrap_v3_bootstrap_proto_enumTypes = make([]protoimpl.EnumInfo, 2)
+var file_envoy_config_bootstrap_v3_bootstrap_proto_msgTypes = make([]protoimpl.MessageInfo, 18)
+var file_envoy_config_bootstrap_v3_bootstrap_proto_goTypes = []interface{}{
+	(Watchdog_WatchdogAction_WatchdogEvent)(0), // 0: envoy.config.bootstrap.v3.Watchdog.WatchdogAction.WatchdogEvent
+	(CustomInlineHeader_InlineHeaderType)(0),   // 1: envoy.config.bootstrap.v3.CustomInlineHeader.InlineHeaderType
+	(*Bootstrap)(nil),                          // 2: envoy.config.bootstrap.v3.Bootstrap
+	(*Admin)(nil),                              // 3: envoy.config.bootstrap.v3.Admin
+	(*ClusterManager)(nil),                     // 4: envoy.config.bootstrap.v3.ClusterManager
+	(*Watchdogs)(nil),                          // 5: envoy.config.bootstrap.v3.Watchdogs
+	(*Watchdog)(nil),                           // 6: envoy.config.bootstrap.v3.Watchdog
+	(*FatalAction)(nil),                        // 7: envoy.config.bootstrap.v3.FatalAction
+	(*Runtime)(nil),                            // 8: envoy.config.bootstrap.v3.Runtime
+	(*RuntimeLayer)(nil),                       // 9: envoy.config.bootstrap.v3.RuntimeLayer
+	(*LayeredRuntime)(nil),                     // 10: envoy.config.bootstrap.v3.LayeredRuntime
+	(*CustomInlineHeader)(nil),                 // 11: envoy.config.bootstrap.v3.CustomInlineHeader
+	(*Bootstrap_StaticResources)(nil),          // 12: envoy.config.bootstrap.v3.Bootstrap.StaticResources
+	(*Bootstrap_DynamicResources)(nil),         // 13: envoy.config.bootstrap.v3.Bootstrap.DynamicResources
+	nil,                                        // 14: envoy.config.bootstrap.v3.Bootstrap.CertificateProviderInstancesEntry
+	(*ClusterManager_OutlierDetection)(nil),    // 15: envoy.config.bootstrap.v3.ClusterManager.OutlierDetection
+	(*Watchdog_WatchdogAction)(nil),            // 16: envoy.config.bootstrap.v3.Watchdog.WatchdogAction
+	(*RuntimeLayer_DiskLayer)(nil),             // 17: envoy.config.bootstrap.v3.RuntimeLayer.DiskLayer
+	(*RuntimeLayer_AdminLayer)(nil),            // 18: envoy.config.bootstrap.v3.RuntimeLayer.AdminLayer
+	(*RuntimeLayer_RtdsLayer)(nil),             // 19: envoy.config.bootstrap.v3.RuntimeLayer.RtdsLayer
+	(*v3.Node)(nil),                            // 20: envoy.config.core.v3.Node
+	(*v3.ApiConfigSource)(nil),                 // 21: envoy.config.core.v3.ApiConfigSource
+	(*v31.StatsSink)(nil),                      // 22: envoy.config.metrics.v3.StatsSink
+	(*v31.StatsConfig)(nil),                    // 23: envoy.config.metrics.v3.StatsConfig
+	(*duration.Duration)(nil),                  // 24: google.protobuf.Duration
+	(*v32.Tracing)(nil),                        // 25: envoy.config.trace.v3.Tracing
+	(*v33.OverloadManager)(nil),                // 26: envoy.config.overload.v3.OverloadManager
+	(*wrappers.UInt64Value)(nil),               // 27: google.protobuf.UInt64Value
+	(*v3.DnsResolutionConfig)(nil),             // 28: envoy.config.core.v3.DnsResolutionConfig
+	(*v3.TypedExtensionConfig)(nil),            // 29: envoy.config.core.v3.TypedExtensionConfig
+	(*v3.ConfigSource)(nil),                    // 30: envoy.config.core.v3.ConfigSource
+	(*v34.AccessLog)(nil),                      // 31: envoy.config.accesslog.v3.AccessLog
+	(*v3.Address)(nil),                         // 32: envoy.config.core.v3.Address
+	(*v3.SocketOption)(nil),                    // 33: envoy.config.core.v3.SocketOption
+	(*v3.BindConfig)(nil),                      // 34: envoy.config.core.v3.BindConfig
+	(*v35.Percent)(nil),                        // 35: envoy.type.v3.Percent
+	(*_struct.Struct)(nil),                     // 36: google.protobuf.Struct
+	(*v36.Listener)(nil),                       // 37: envoy.config.listener.v3.Listener
+	(*v37.Cluster)(nil),                        // 38: envoy.config.cluster.v3.Cluster
+	(*v38.Secret)(nil),                         // 39: envoy.extensions.transport_sockets.tls.v3.Secret
+	(*v3.EventServiceConfig)(nil),              // 40: envoy.config.core.v3.EventServiceConfig
+}
+var file_envoy_config_bootstrap_v3_bootstrap_proto_depIdxs = []int32{
+	20, // 0: envoy.config.bootstrap.v3.Bootstrap.node:type_name -> envoy.config.core.v3.Node
+	12, // 1: envoy.config.bootstrap.v3.Bootstrap.static_resources:type_name -> envoy.config.bootstrap.v3.Bootstrap.StaticResources
+	13, // 2: envoy.config.bootstrap.v3.Bootstrap.dynamic_resources:type_name -> envoy.config.bootstrap.v3.Bootstrap.DynamicResources
+	4,  // 3: envoy.config.bootstrap.v3.Bootstrap.cluster_manager:type_name -> envoy.config.bootstrap.v3.ClusterManager
+	21, // 4: envoy.config.bootstrap.v3.Bootstrap.hds_config:type_name -> envoy.config.core.v3.ApiConfigSource
+	22, // 5: envoy.config.bootstrap.v3.Bootstrap.stats_sinks:type_name -> envoy.config.metrics.v3.StatsSink
+	23, // 6: envoy.config.bootstrap.v3.Bootstrap.stats_config:type_name -> envoy.config.metrics.v3.StatsConfig
+	24, // 7: envoy.config.bootstrap.v3.Bootstrap.stats_flush_interval:type_name -> google.protobuf.Duration
+	6,  // 8: envoy.config.bootstrap.v3.Bootstrap.watchdog:type_name -> envoy.config.bootstrap.v3.Watchdog
+	5,  // 9: envoy.config.bootstrap.v3.Bootstrap.watchdogs:type_name -> envoy.config.bootstrap.v3.Watchdogs
+	25, // 10: envoy.config.bootstrap.v3.Bootstrap.tracing:type_name -> envoy.config.trace.v3.Tracing
+	10, // 11: envoy.config.bootstrap.v3.Bootstrap.layered_runtime:type_name -> envoy.config.bootstrap.v3.LayeredRuntime
+	3,  // 12: envoy.config.bootstrap.v3.Bootstrap.admin:type_name -> envoy.config.bootstrap.v3.Admin
+	26, // 13: envoy.config.bootstrap.v3.Bootstrap.overload_manager:type_name -> envoy.config.overload.v3.OverloadManager
+	27, // 14: envoy.config.bootstrap.v3.Bootstrap.stats_server_version_override:type_name -> google.protobuf.UInt64Value
+	28, // 15: envoy.config.bootstrap.v3.Bootstrap.dns_resolution_config:type_name -> envoy.config.core.v3.DnsResolutionConfig
+	29, // 16: envoy.config.bootstrap.v3.Bootstrap.typed_dns_resolver_config:type_name -> envoy.config.core.v3.TypedExtensionConfig
+	29, // 17: envoy.config.bootstrap.v3.Bootstrap.bootstrap_extensions:type_name -> envoy.config.core.v3.TypedExtensionConfig
+	7,  // 18: envoy.config.bootstrap.v3.Bootstrap.fatal_actions:type_name -> envoy.config.bootstrap.v3.FatalAction
+	30, // 19: envoy.config.bootstrap.v3.Bootstrap.config_sources:type_name -> envoy.config.core.v3.ConfigSource
+	30, // 20: envoy.config.bootstrap.v3.Bootstrap.default_config_source:type_name -> envoy.config.core.v3.ConfigSource
+	14, // 21: envoy.config.bootstrap.v3.Bootstrap.certificate_provider_instances:type_name -> envoy.config.bootstrap.v3.Bootstrap.CertificateProviderInstancesEntry
+	11, // 22: envoy.config.bootstrap.v3.Bootstrap.inline_headers:type_name -> envoy.config.bootstrap.v3.CustomInlineHeader
+	31, // 23: envoy.config.bootstrap.v3.Admin.access_log:type_name -> envoy.config.accesslog.v3.AccessLog
+	32, // 24: envoy.config.bootstrap.v3.Admin.address:type_name -> envoy.config.core.v3.Address
+	33, // 25: envoy.config.bootstrap.v3.Admin.socket_options:type_name -> envoy.config.core.v3.SocketOption
+	15, // 26: envoy.config.bootstrap.v3.ClusterManager.outlier_detection:type_name -> envoy.config.bootstrap.v3.ClusterManager.OutlierDetection
+	34, // 27: envoy.config.bootstrap.v3.ClusterManager.upstream_bind_config:type_name -> envoy.config.core.v3.BindConfig
+	21, // 28: envoy.config.bootstrap.v3.ClusterManager.load_stats_config:type_name -> envoy.config.core.v3.ApiConfigSource
+	6,  // 29: envoy.config.bootstrap.v3.Watchdogs.main_thread_watchdog:type_name -> envoy.config.bootstrap.v3.Watchdog
+	6,  // 30: envoy.config.bootstrap.v3.Watchdogs.worker_watchdog:type_name -> envoy.config.bootstrap.v3.Watchdog
+	16, // 31: envoy.config.bootstrap.v3.Watchdog.actions:type_name -> envoy.config.bootstrap.v3.Watchdog.WatchdogAction
+	24, // 32: envoy.config.bootstrap.v3.Watchdog.miss_timeout:type_name -> google.protobuf.Duration
+	24, // 33: envoy.config.bootstrap.v3.Watchdog.megamiss_timeout:type_name -> google.protobuf.Duration
+	24, // 34: envoy.config.bootstrap.v3.Watchdog.kill_timeout:type_name -> google.protobuf.Duration
+	24, // 35: envoy.config.bootstrap.v3.Watchdog.max_kill_timeout_jitter:type_name -> google.protobuf.Duration
+	24, // 36: envoy.config.bootstrap.v3.Watchdog.multikill_timeout:type_name -> google.protobuf.Duration
+	35, // 37: envoy.config.bootstrap.v3.Watchdog.multikill_threshold:type_name -> envoy.type.v3.Percent
+	29, // 38: envoy.config.bootstrap.v3.FatalAction.config:type_name -> envoy.config.core.v3.TypedExtensionConfig
+	36, // 39: envoy.config.bootstrap.v3.Runtime.base:type_name -> google.protobuf.Struct
+	36, // 40: envoy.config.bootstrap.v3.RuntimeLayer.static_layer:type_name -> google.protobuf.Struct
+	17, // 41: envoy.config.bootstrap.v3.RuntimeLayer.disk_layer:type_name -> envoy.config.bootstrap.v3.RuntimeLayer.DiskLayer
+	18, // 42: envoy.config.bootstrap.v3.RuntimeLayer.admin_layer:type_name -> envoy.config.bootstrap.v3.RuntimeLayer.AdminLayer
+	19, // 43: envoy.config.bootstrap.v3.RuntimeLayer.rtds_layer:type_name -> envoy.config.bootstrap.v3.RuntimeLayer.RtdsLayer
+	9,  // 44: envoy.config.bootstrap.v3.LayeredRuntime.layers:type_name -> envoy.config.bootstrap.v3.RuntimeLayer
+	1,  // 45: envoy.config.bootstrap.v3.CustomInlineHeader.inline_header_type:type_name -> envoy.config.bootstrap.v3.CustomInlineHeader.InlineHeaderType
+	37, // 46: envoy.config.bootstrap.v3.Bootstrap.StaticResources.listeners:type_name -> envoy.config.listener.v3.Listener
+	38, // 47: envoy.config.bootstrap.v3.Bootstrap.StaticResources.clusters:type_name -> envoy.config.cluster.v3.Cluster
+	39, // 48: envoy.config.bootstrap.v3.Bootstrap.StaticResources.secrets:type_name -> envoy.extensions.transport_sockets.tls.v3.Secret
+	30, // 49: envoy.config.bootstrap.v3.Bootstrap.DynamicResources.lds_config:type_name -> envoy.config.core.v3.ConfigSource
+	30, // 50: envoy.config.bootstrap.v3.Bootstrap.DynamicResources.cds_config:type_name -> envoy.config.core.v3.ConfigSource
+	21, // 51: envoy.config.bootstrap.v3.Bootstrap.DynamicResources.ads_config:type_name -> envoy.config.core.v3.ApiConfigSource
+	29, // 52: envoy.config.bootstrap.v3.Bootstrap.CertificateProviderInstancesEntry.value:type_name -> envoy.config.core.v3.TypedExtensionConfig
+	40, // 53: envoy.config.bootstrap.v3.ClusterManager.OutlierDetection.event_service:type_name -> envoy.config.core.v3.EventServiceConfig
+	29, // 54: envoy.config.bootstrap.v3.Watchdog.WatchdogAction.config:type_name -> envoy.config.core.v3.TypedExtensionConfig
+	0,  // 55: envoy.config.bootstrap.v3.Watchdog.WatchdogAction.event:type_name -> envoy.config.bootstrap.v3.Watchdog.WatchdogAction.WatchdogEvent
+	30, // 56: envoy.config.bootstrap.v3.RuntimeLayer.RtdsLayer.rtds_config:type_name -> envoy.config.core.v3.ConfigSource
+	57, // [57:57] is the sub-list for method output_type
+	57, // [57:57] is the sub-list for method input_type
+	57, // [57:57] is the sub-list for extension type_name
+	57, // [57:57] is the sub-list for extension extendee
+	0,  // [0:57] is the sub-list for field type_name
+}
+
+func init() { file_envoy_config_bootstrap_v3_bootstrap_proto_init() }
+func file_envoy_config_bootstrap_v3_bootstrap_proto_init() {
+	if File_envoy_config_bootstrap_v3_bootstrap_proto != nil {
+		return
+	}
+	if !protoimpl.UnsafeEnabled {
+		file_envoy_config_bootstrap_v3_bootstrap_proto_msgTypes[0].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*Bootstrap); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_config_bootstrap_v3_bootstrap_proto_msgTypes[1].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*Admin); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_config_bootstrap_v3_bootstrap_proto_msgTypes[2].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*ClusterManager); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_config_bootstrap_v3_bootstrap_proto_msgTypes[3].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*Watchdogs); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_config_bootstrap_v3_bootstrap_proto_msgTypes[4].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*Watchdog); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_config_bootstrap_v3_bootstrap_proto_msgTypes[5].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*FatalAction); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_config_bootstrap_v3_bootstrap_proto_msgTypes[6].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*Runtime); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_config_bootstrap_v3_bootstrap_proto_msgTypes[7].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*RuntimeLayer); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_config_bootstrap_v3_bootstrap_proto_msgTypes[8].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*LayeredRuntime); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_config_bootstrap_v3_bootstrap_proto_msgTypes[9].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*CustomInlineHeader); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_config_bootstrap_v3_bootstrap_proto_msgTypes[10].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*Bootstrap_StaticResources); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_config_bootstrap_v3_bootstrap_proto_msgTypes[11].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*Bootstrap_DynamicResources); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_config_bootstrap_v3_bootstrap_proto_msgTypes[13].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*ClusterManager_OutlierDetection); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_config_bootstrap_v3_bootstrap_proto_msgTypes[14].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*Watchdog_WatchdogAction); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_config_bootstrap_v3_bootstrap_proto_msgTypes[15].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*RuntimeLayer_DiskLayer); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_config_bootstrap_v3_bootstrap_proto_msgTypes[16].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*RuntimeLayer_AdminLayer); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_config_bootstrap_v3_bootstrap_proto_msgTypes[17].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*RuntimeLayer_RtdsLayer); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+	}
+	file_envoy_config_bootstrap_v3_bootstrap_proto_msgTypes[0].OneofWrappers = []interface{}{
+		(*Bootstrap_StatsFlushOnAdmin)(nil),
+	}
+	file_envoy_config_bootstrap_v3_bootstrap_proto_msgTypes[7].OneofWrappers = []interface{}{
+		(*RuntimeLayer_StaticLayer)(nil),
+		(*RuntimeLayer_DiskLayer_)(nil),
+		(*RuntimeLayer_AdminLayer_)(nil),
+		(*RuntimeLayer_RtdsLayer_)(nil),
+	}
+	type x struct{}
+	out := protoimpl.TypeBuilder{
+		File: protoimpl.DescBuilder{
+			GoPackagePath: reflect.TypeOf(x{}).PkgPath(),
+			RawDescriptor: file_envoy_config_bootstrap_v3_bootstrap_proto_rawDesc,
+			NumEnums:      2,
+			NumMessages:   18,
+			NumExtensions: 0,
+			NumServices:   0,
+		},
+		GoTypes:           file_envoy_config_bootstrap_v3_bootstrap_proto_goTypes,
+		DependencyIndexes: file_envoy_config_bootstrap_v3_bootstrap_proto_depIdxs,
+		EnumInfos:         file_envoy_config_bootstrap_v3_bootstrap_proto_enumTypes,
+		MessageInfos:      file_envoy_config_bootstrap_v3_bootstrap_proto_msgTypes,
+	}.Build()
+	File_envoy_config_bootstrap_v3_bootstrap_proto = out.File
+	file_envoy_config_bootstrap_v3_bootstrap_proto_rawDesc = nil
+	file_envoy_config_bootstrap_v3_bootstrap_proto_goTypes = nil
+	file_envoy_config_bootstrap_v3_bootstrap_proto_depIdxs = nil
+}
diff --git a/vendor/github.com/envoyproxy/go-control-plane/envoy/config/bootstrap/v3/bootstrap.pb.validate.go b/vendor/github.com/envoyproxy/go-control-plane/envoy/config/bootstrap/v3/bootstrap.pb.validate.go
new file mode 100644
index 00000000000..e28c92d78cc
--- /dev/null
+++ b/vendor/github.com/envoyproxy/go-control-plane/envoy/config/bootstrap/v3/bootstrap.pb.validate.go
@@ -0,0 +1,3505 @@
+// Code generated by protoc-gen-validate. DO NOT EDIT.
+// source: envoy/config/bootstrap/v3/bootstrap.proto
+
+package envoy_config_bootstrap_v3
+
+import (
+	"bytes"
+	"errors"
+	"fmt"
+	"net"
+	"net/mail"
+	"net/url"
+	"regexp"
+	"sort"
+	"strings"
+	"time"
+	"unicode/utf8"
+
+	"google.golang.org/protobuf/types/known/anypb"
+)
+
+// ensure the imports are used
+var (
+	_ = bytes.MinRead
+	_ = errors.New("")
+	_ = fmt.Print
+	_ = utf8.UTFMax
+	_ = (*regexp.Regexp)(nil)
+	_ = (*strings.Reader)(nil)
+	_ = net.IPv4len
+	_ = time.Duration(0)
+	_ = (*url.URL)(nil)
+	_ = (*mail.Address)(nil)
+	_ = anypb.Any{}
+	_ = sort.Sort
+)
+
+// Validate checks the field values on Bootstrap with the rules defined in the
+// proto definition for this message. If any rules are violated, the first
+// error encountered is returned, or nil if there are no violations.
+func (m *Bootstrap) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on Bootstrap with the rules defined in
+// the proto definition for this message. If any rules are violated, the
+// result is a list of violation errors wrapped in BootstrapMultiError, or nil
+// if none found.
+func (m *Bootstrap) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *Bootstrap) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	if all {
+		switch v := interface{}(m.GetNode()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, BootstrapValidationError{
+					field:  "Node",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, BootstrapValidationError{
+					field:  "Node",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetNode()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return BootstrapValidationError{
+				field:  "Node",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if all {
+		switch v := interface{}(m.GetStaticResources()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, BootstrapValidationError{
+					field:  "StaticResources",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, BootstrapValidationError{
+					field:  "StaticResources",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetStaticResources()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return BootstrapValidationError{
+				field:  "StaticResources",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if all {
+		switch v := interface{}(m.GetDynamicResources()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, BootstrapValidationError{
+					field:  "DynamicResources",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, BootstrapValidationError{
+					field:  "DynamicResources",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetDynamicResources()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return BootstrapValidationError{
+				field:  "DynamicResources",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if all {
+		switch v := interface{}(m.GetClusterManager()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, BootstrapValidationError{
+					field:  "ClusterManager",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, BootstrapValidationError{
+					field:  "ClusterManager",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetClusterManager()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return BootstrapValidationError{
+				field:  "ClusterManager",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if all {
+		switch v := interface{}(m.GetHdsConfig()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, BootstrapValidationError{
+					field:  "HdsConfig",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, BootstrapValidationError{
+					field:  "HdsConfig",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetHdsConfig()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return BootstrapValidationError{
+				field:  "HdsConfig",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	// no validation rules for FlagsPath
+
+	for idx, item := range m.GetStatsSinks() {
+		_, _ = idx, item
+
+		if all {
+			switch v := interface{}(item).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, BootstrapValidationError{
+						field:  fmt.Sprintf("StatsSinks[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, BootstrapValidationError{
+						field:  fmt.Sprintf("StatsSinks[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(item).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return BootstrapValidationError{
+					field:  fmt.Sprintf("StatsSinks[%v]", idx),
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	}
+
+	if all {
+		switch v := interface{}(m.GetStatsConfig()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, BootstrapValidationError{
+					field:  "StatsConfig",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, BootstrapValidationError{
+					field:  "StatsConfig",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetStatsConfig()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return BootstrapValidationError{
+				field:  "StatsConfig",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if d := m.GetStatsFlushInterval(); d != nil {
+		dur, err := d.AsDuration(), d.CheckValid()
+		if err != nil {
+			err = BootstrapValidationError{
+				field:  "StatsFlushInterval",
+				reason: "value is not a valid duration",
+				cause:  err,
+			}
+			if !all {
+				return err
+			}
+			errors = append(errors, err)
+		} else {
+
+			lt := time.Duration(300*time.Second + 0*time.Nanosecond)
+			gte := time.Duration(0*time.Second + 1000000*time.Nanosecond)
+
+			if dur < gte || dur >= lt {
+				err := BootstrapValidationError{
+					field:  "StatsFlushInterval",
+					reason: "value must be inside range [1ms, 5m0s)",
+				}
+				if !all {
+					return err
+				}
+				errors = append(errors, err)
+			}
+
+		}
+	}
+
+	if all {
+		switch v := interface{}(m.GetWatchdog()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, BootstrapValidationError{
+					field:  "Watchdog",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, BootstrapValidationError{
+					field:  "Watchdog",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetWatchdog()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return BootstrapValidationError{
+				field:  "Watchdog",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if all {
+		switch v := interface{}(m.GetWatchdogs()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, BootstrapValidationError{
+					field:  "Watchdogs",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, BootstrapValidationError{
+					field:  "Watchdogs",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetWatchdogs()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return BootstrapValidationError{
+				field:  "Watchdogs",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if all {
+		switch v := interface{}(m.GetTracing()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, BootstrapValidationError{
+					field:  "Tracing",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, BootstrapValidationError{
+					field:  "Tracing",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetTracing()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return BootstrapValidationError{
+				field:  "Tracing",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if all {
+		switch v := interface{}(m.GetLayeredRuntime()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, BootstrapValidationError{
+					field:  "LayeredRuntime",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, BootstrapValidationError{
+					field:  "LayeredRuntime",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetLayeredRuntime()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return BootstrapValidationError{
+				field:  "LayeredRuntime",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if all {
+		switch v := interface{}(m.GetAdmin()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, BootstrapValidationError{
+					field:  "Admin",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, BootstrapValidationError{
+					field:  "Admin",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetAdmin()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return BootstrapValidationError{
+				field:  "Admin",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if all {
+		switch v := interface{}(m.GetOverloadManager()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, BootstrapValidationError{
+					field:  "OverloadManager",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, BootstrapValidationError{
+					field:  "OverloadManager",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetOverloadManager()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return BootstrapValidationError{
+				field:  "OverloadManager",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	// no validation rules for EnableDispatcherStats
+
+	// no validation rules for HeaderPrefix
+
+	if all {
+		switch v := interface{}(m.GetStatsServerVersionOverride()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, BootstrapValidationError{
+					field:  "StatsServerVersionOverride",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, BootstrapValidationError{
+					field:  "StatsServerVersionOverride",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetStatsServerVersionOverride()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return BootstrapValidationError{
+				field:  "StatsServerVersionOverride",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	// no validation rules for UseTcpForDnsLookups
+
+	if all {
+		switch v := interface{}(m.GetDnsResolutionConfig()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, BootstrapValidationError{
+					field:  "DnsResolutionConfig",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, BootstrapValidationError{
+					field:  "DnsResolutionConfig",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetDnsResolutionConfig()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return BootstrapValidationError{
+				field:  "DnsResolutionConfig",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if all {
+		switch v := interface{}(m.GetTypedDnsResolverConfig()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, BootstrapValidationError{
+					field:  "TypedDnsResolverConfig",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, BootstrapValidationError{
+					field:  "TypedDnsResolverConfig",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetTypedDnsResolverConfig()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return BootstrapValidationError{
+				field:  "TypedDnsResolverConfig",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	for idx, item := range m.GetBootstrapExtensions() {
+		_, _ = idx, item
+
+		if all {
+			switch v := interface{}(item).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, BootstrapValidationError{
+						field:  fmt.Sprintf("BootstrapExtensions[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, BootstrapValidationError{
+						field:  fmt.Sprintf("BootstrapExtensions[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(item).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return BootstrapValidationError{
+					field:  fmt.Sprintf("BootstrapExtensions[%v]", idx),
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	}
+
+	for idx, item := range m.GetFatalActions() {
+		_, _ = idx, item
+
+		if all {
+			switch v := interface{}(item).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, BootstrapValidationError{
+						field:  fmt.Sprintf("FatalActions[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, BootstrapValidationError{
+						field:  fmt.Sprintf("FatalActions[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(item).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return BootstrapValidationError{
+					field:  fmt.Sprintf("FatalActions[%v]", idx),
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	}
+
+	for idx, item := range m.GetConfigSources() {
+		_, _ = idx, item
+
+		if all {
+			switch v := interface{}(item).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, BootstrapValidationError{
+						field:  fmt.Sprintf("ConfigSources[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, BootstrapValidationError{
+						field:  fmt.Sprintf("ConfigSources[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(item).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return BootstrapValidationError{
+					field:  fmt.Sprintf("ConfigSources[%v]", idx),
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	}
+
+	if all {
+		switch v := interface{}(m.GetDefaultConfigSource()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, BootstrapValidationError{
+					field:  "DefaultConfigSource",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, BootstrapValidationError{
+					field:  "DefaultConfigSource",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetDefaultConfigSource()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return BootstrapValidationError{
+				field:  "DefaultConfigSource",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	// no validation rules for DefaultSocketInterface
+
+	{
+		sorted_keys := make([]string, len(m.GetCertificateProviderInstances()))
+		i := 0
+		for key := range m.GetCertificateProviderInstances() {
+			sorted_keys[i] = key
+			i++
+		}
+		sort.Slice(sorted_keys, func(i, j int) bool { return sorted_keys[i] < sorted_keys[j] })
+		for _, key := range sorted_keys {
+			val := m.GetCertificateProviderInstances()[key]
+			_ = val
+
+			// no validation rules for CertificateProviderInstances[key]
+
+			if all {
+				switch v := interface{}(val).(type) {
+				case interface{ ValidateAll() error }:
+					if err := v.ValidateAll(); err != nil {
+						errors = append(errors, BootstrapValidationError{
+							field:  fmt.Sprintf("CertificateProviderInstances[%v]", key),
+							reason: "embedded message failed validation",
+							cause:  err,
+						})
+					}
+				case interface{ Validate() error }:
+					if err := v.Validate(); err != nil {
+						errors = append(errors, BootstrapValidationError{
+							field:  fmt.Sprintf("CertificateProviderInstances[%v]", key),
+							reason: "embedded message failed validation",
+							cause:  err,
+						})
+					}
+				}
+			} else if v, ok := interface{}(val).(interface{ Validate() error }); ok {
+				if err := v.Validate(); err != nil {
+					return BootstrapValidationError{
+						field:  fmt.Sprintf("CertificateProviderInstances[%v]", key),
+						reason: "embedded message failed validation",
+						cause:  err,
+					}
+				}
+			}
+
+		}
+	}
+
+	for idx, item := range m.GetInlineHeaders() {
+		_, _ = idx, item
+
+		if all {
+			switch v := interface{}(item).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, BootstrapValidationError{
+						field:  fmt.Sprintf("InlineHeaders[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, BootstrapValidationError{
+						field:  fmt.Sprintf("InlineHeaders[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(item).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return BootstrapValidationError{
+					field:  fmt.Sprintf("InlineHeaders[%v]", idx),
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	}
+
+	switch m.StatsFlush.(type) {
+
+	case *Bootstrap_StatsFlushOnAdmin:
+
+		if m.GetStatsFlushOnAdmin() != true {
+			err := BootstrapValidationError{
+				field:  "StatsFlushOnAdmin",
+				reason: "value must equal true",
+			}
+			if !all {
+				return err
+			}
+			errors = append(errors, err)
+		}
+
+	}
+
+	if len(errors) > 0 {
+		return BootstrapMultiError(errors)
+	}
+	return nil
+}
+
+// BootstrapMultiError is an error wrapping multiple validation errors returned
+// by Bootstrap.ValidateAll() if the designated constraints aren't met.
+type BootstrapMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m BootstrapMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m BootstrapMultiError) AllErrors() []error { return m }
+
+// BootstrapValidationError is the validation error returned by
+// Bootstrap.Validate if the designated constraints aren't met.
+type BootstrapValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e BootstrapValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e BootstrapValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e BootstrapValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e BootstrapValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e BootstrapValidationError) ErrorName() string { return "BootstrapValidationError" }
+
+// Error satisfies the builtin error interface
+func (e BootstrapValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sBootstrap.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = BootstrapValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = BootstrapValidationError{}
+
+// Validate checks the field values on Admin with the rules defined in the
+// proto definition for this message. If any rules are violated, the first
+// error encountered is returned, or nil if there are no violations.
+func (m *Admin) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on Admin with the rules defined in the
+// proto definition for this message. If any rules are violated, the result is
+// a list of violation errors wrapped in AdminMultiError, or nil if none found.
+func (m *Admin) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *Admin) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	for idx, item := range m.GetAccessLog() {
+		_, _ = idx, item
+
+		if all {
+			switch v := interface{}(item).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, AdminValidationError{
+						field:  fmt.Sprintf("AccessLog[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, AdminValidationError{
+						field:  fmt.Sprintf("AccessLog[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(item).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return AdminValidationError{
+					field:  fmt.Sprintf("AccessLog[%v]", idx),
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	}
+
+	// no validation rules for AccessLogPath
+
+	// no validation rules for ProfilePath
+
+	if all {
+		switch v := interface{}(m.GetAddress()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, AdminValidationError{
+					field:  "Address",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, AdminValidationError{
+					field:  "Address",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetAddress()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return AdminValidationError{
+				field:  "Address",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	for idx, item := range m.GetSocketOptions() {
+		_, _ = idx, item
+
+		if all {
+			switch v := interface{}(item).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, AdminValidationError{
+						field:  fmt.Sprintf("SocketOptions[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, AdminValidationError{
+						field:  fmt.Sprintf("SocketOptions[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(item).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return AdminValidationError{
+					field:  fmt.Sprintf("SocketOptions[%v]", idx),
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	}
+
+	if len(errors) > 0 {
+		return AdminMultiError(errors)
+	}
+	return nil
+}
+
+// AdminMultiError is an error wrapping multiple validation errors returned by
+// Admin.ValidateAll() if the designated constraints aren't met.
+type AdminMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m AdminMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m AdminMultiError) AllErrors() []error { return m }
+
+// AdminValidationError is the validation error returned by Admin.Validate if
+// the designated constraints aren't met.
+type AdminValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e AdminValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e AdminValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e AdminValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e AdminValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e AdminValidationError) ErrorName() string { return "AdminValidationError" }
+
+// Error satisfies the builtin error interface
+func (e AdminValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sAdmin.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = AdminValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = AdminValidationError{}
+
+// Validate checks the field values on ClusterManager with the rules defined in
+// the proto definition for this message. If any rules are violated, the first
+// error encountered is returned, or nil if there are no violations.
+func (m *ClusterManager) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on ClusterManager with the rules defined
+// in the proto definition for this message. If any rules are violated, the
+// result is a list of violation errors wrapped in ClusterManagerMultiError,
+// or nil if none found.
+func (m *ClusterManager) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *ClusterManager) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	// no validation rules for LocalClusterName
+
+	if all {
+		switch v := interface{}(m.GetOutlierDetection()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, ClusterManagerValidationError{
+					field:  "OutlierDetection",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, ClusterManagerValidationError{
+					field:  "OutlierDetection",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetOutlierDetection()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return ClusterManagerValidationError{
+				field:  "OutlierDetection",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if all {
+		switch v := interface{}(m.GetUpstreamBindConfig()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, ClusterManagerValidationError{
+					field:  "UpstreamBindConfig",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, ClusterManagerValidationError{
+					field:  "UpstreamBindConfig",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetUpstreamBindConfig()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return ClusterManagerValidationError{
+				field:  "UpstreamBindConfig",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if all {
+		switch v := interface{}(m.GetLoadStatsConfig()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, ClusterManagerValidationError{
+					field:  "LoadStatsConfig",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, ClusterManagerValidationError{
+					field:  "LoadStatsConfig",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetLoadStatsConfig()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return ClusterManagerValidationError{
+				field:  "LoadStatsConfig",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if len(errors) > 0 {
+		return ClusterManagerMultiError(errors)
+	}
+	return nil
+}
+
+// ClusterManagerMultiError is an error wrapping multiple validation errors
+// returned by ClusterManager.ValidateAll() if the designated constraints
+// aren't met.
+type ClusterManagerMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m ClusterManagerMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m ClusterManagerMultiError) AllErrors() []error { return m }
+
+// ClusterManagerValidationError is the validation error returned by
+// ClusterManager.Validate if the designated constraints aren't met.
+type ClusterManagerValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e ClusterManagerValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e ClusterManagerValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e ClusterManagerValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e ClusterManagerValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e ClusterManagerValidationError) ErrorName() string { return "ClusterManagerValidationError" }
+
+// Error satisfies the builtin error interface
+func (e ClusterManagerValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sClusterManager.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = ClusterManagerValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = ClusterManagerValidationError{}
+
+// Validate checks the field values on Watchdogs with the rules defined in the
+// proto definition for this message. If any rules are violated, the first
+// error encountered is returned, or nil if there are no violations.
+func (m *Watchdogs) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on Watchdogs with the rules defined in
+// the proto definition for this message. If any rules are violated, the
+// result is a list of violation errors wrapped in WatchdogsMultiError, or nil
+// if none found.
+func (m *Watchdogs) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *Watchdogs) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	if all {
+		switch v := interface{}(m.GetMainThreadWatchdog()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, WatchdogsValidationError{
+					field:  "MainThreadWatchdog",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, WatchdogsValidationError{
+					field:  "MainThreadWatchdog",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetMainThreadWatchdog()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return WatchdogsValidationError{
+				field:  "MainThreadWatchdog",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if all {
+		switch v := interface{}(m.GetWorkerWatchdog()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, WatchdogsValidationError{
+					field:  "WorkerWatchdog",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, WatchdogsValidationError{
+					field:  "WorkerWatchdog",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetWorkerWatchdog()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return WatchdogsValidationError{
+				field:  "WorkerWatchdog",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if len(errors) > 0 {
+		return WatchdogsMultiError(errors)
+	}
+	return nil
+}
+
+// WatchdogsMultiError is an error wrapping multiple validation errors returned
+// by Watchdogs.ValidateAll() if the designated constraints aren't met.
+type WatchdogsMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m WatchdogsMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m WatchdogsMultiError) AllErrors() []error { return m }
+
+// WatchdogsValidationError is the validation error returned by
+// Watchdogs.Validate if the designated constraints aren't met.
+type WatchdogsValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e WatchdogsValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e WatchdogsValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e WatchdogsValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e WatchdogsValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e WatchdogsValidationError) ErrorName() string { return "WatchdogsValidationError" }
+
+// Error satisfies the builtin error interface
+func (e WatchdogsValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sWatchdogs.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = WatchdogsValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = WatchdogsValidationError{}
+
+// Validate checks the field values on Watchdog with the rules defined in the
+// proto definition for this message. If any rules are violated, the first
+// error encountered is returned, or nil if there are no violations.
+func (m *Watchdog) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on Watchdog with the rules defined in
+// the proto definition for this message. If any rules are violated, the
+// result is a list of violation errors wrapped in WatchdogMultiError, or nil
+// if none found.
+func (m *Watchdog) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *Watchdog) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	for idx, item := range m.GetActions() {
+		_, _ = idx, item
+
+		if all {
+			switch v := interface{}(item).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, WatchdogValidationError{
+						field:  fmt.Sprintf("Actions[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, WatchdogValidationError{
+						field:  fmt.Sprintf("Actions[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(item).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return WatchdogValidationError{
+					field:  fmt.Sprintf("Actions[%v]", idx),
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	}
+
+	if all {
+		switch v := interface{}(m.GetMissTimeout()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, WatchdogValidationError{
+					field:  "MissTimeout",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, WatchdogValidationError{
+					field:  "MissTimeout",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetMissTimeout()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return WatchdogValidationError{
+				field:  "MissTimeout",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if all {
+		switch v := interface{}(m.GetMegamissTimeout()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, WatchdogValidationError{
+					field:  "MegamissTimeout",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, WatchdogValidationError{
+					field:  "MegamissTimeout",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetMegamissTimeout()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return WatchdogValidationError{
+				field:  "MegamissTimeout",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if all {
+		switch v := interface{}(m.GetKillTimeout()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, WatchdogValidationError{
+					field:  "KillTimeout",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, WatchdogValidationError{
+					field:  "KillTimeout",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetKillTimeout()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return WatchdogValidationError{
+				field:  "KillTimeout",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if d := m.GetMaxKillTimeoutJitter(); d != nil {
+		dur, err := d.AsDuration(), d.CheckValid()
+		if err != nil {
+			err = WatchdogValidationError{
+				field:  "MaxKillTimeoutJitter",
+				reason: "value is not a valid duration",
+				cause:  err,
+			}
+			if !all {
+				return err
+			}
+			errors = append(errors, err)
+		} else {
+
+			gte := time.Duration(0*time.Second + 0*time.Nanosecond)
+
+			if dur < gte {
+				err := WatchdogValidationError{
+					field:  "MaxKillTimeoutJitter",
+					reason: "value must be greater than or equal to 0s",
+				}
+				if !all {
+					return err
+				}
+				errors = append(errors, err)
+			}
+
+		}
+	}
+
+	if all {
+		switch v := interface{}(m.GetMultikillTimeout()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, WatchdogValidationError{
+					field:  "MultikillTimeout",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, WatchdogValidationError{
+					field:  "MultikillTimeout",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetMultikillTimeout()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return WatchdogValidationError{
+				field:  "MultikillTimeout",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if all {
+		switch v := interface{}(m.GetMultikillThreshold()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, WatchdogValidationError{
+					field:  "MultikillThreshold",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, WatchdogValidationError{
+					field:  "MultikillThreshold",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetMultikillThreshold()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return WatchdogValidationError{
+				field:  "MultikillThreshold",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if len(errors) > 0 {
+		return WatchdogMultiError(errors)
+	}
+	return nil
+}
+
+// WatchdogMultiError is an error wrapping multiple validation errors returned
+// by Watchdog.ValidateAll() if the designated constraints aren't met.
+type WatchdogMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m WatchdogMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m WatchdogMultiError) AllErrors() []error { return m }
+
+// WatchdogValidationError is the validation error returned by
+// Watchdog.Validate if the designated constraints aren't met.
+type WatchdogValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e WatchdogValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e WatchdogValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e WatchdogValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e WatchdogValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e WatchdogValidationError) ErrorName() string { return "WatchdogValidationError" }
+
+// Error satisfies the builtin error interface
+func (e WatchdogValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sWatchdog.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = WatchdogValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = WatchdogValidationError{}
+
+// Validate checks the field values on FatalAction with the rules defined in
+// the proto definition for this message. If any rules are violated, the first
+// error encountered is returned, or nil if there are no violations.
+func (m *FatalAction) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on FatalAction with the rules defined in
+// the proto definition for this message. If any rules are violated, the
+// result is a list of violation errors wrapped in FatalActionMultiError, or
+// nil if none found.
+func (m *FatalAction) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *FatalAction) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	if all {
+		switch v := interface{}(m.GetConfig()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, FatalActionValidationError{
+					field:  "Config",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, FatalActionValidationError{
+					field:  "Config",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetConfig()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return FatalActionValidationError{
+				field:  "Config",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if len(errors) > 0 {
+		return FatalActionMultiError(errors)
+	}
+	return nil
+}
+
+// FatalActionMultiError is an error wrapping multiple validation errors
+// returned by FatalAction.ValidateAll() if the designated constraints aren't met.
+type FatalActionMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m FatalActionMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m FatalActionMultiError) AllErrors() []error { return m }
+
+// FatalActionValidationError is the validation error returned by
+// FatalAction.Validate if the designated constraints aren't met.
+type FatalActionValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e FatalActionValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e FatalActionValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e FatalActionValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e FatalActionValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e FatalActionValidationError) ErrorName() string { return "FatalActionValidationError" }
+
+// Error satisfies the builtin error interface
+func (e FatalActionValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sFatalAction.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = FatalActionValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = FatalActionValidationError{}
+
+// Validate checks the field values on Runtime with the rules defined in the
+// proto definition for this message. If any rules are violated, the first
+// error encountered is returned, or nil if there are no violations.
+func (m *Runtime) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on Runtime with the rules defined in the
+// proto definition for this message. If any rules are violated, the result is
+// a list of violation errors wrapped in RuntimeMultiError, or nil if none found.
+func (m *Runtime) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *Runtime) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	// no validation rules for SymlinkRoot
+
+	// no validation rules for Subdirectory
+
+	// no validation rules for OverrideSubdirectory
+
+	if all {
+		switch v := interface{}(m.GetBase()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, RuntimeValidationError{
+					field:  "Base",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, RuntimeValidationError{
+					field:  "Base",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetBase()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return RuntimeValidationError{
+				field:  "Base",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if len(errors) > 0 {
+		return RuntimeMultiError(errors)
+	}
+	return nil
+}
+
+// RuntimeMultiError is an error wrapping multiple validation errors returned
+// by Runtime.ValidateAll() if the designated constraints aren't met.
+type RuntimeMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m RuntimeMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m RuntimeMultiError) AllErrors() []error { return m }
+
+// RuntimeValidationError is the validation error returned by Runtime.Validate
+// if the designated constraints aren't met.
+type RuntimeValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e RuntimeValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e RuntimeValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e RuntimeValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e RuntimeValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e RuntimeValidationError) ErrorName() string { return "RuntimeValidationError" }
+
+// Error satisfies the builtin error interface
+func (e RuntimeValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sRuntime.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = RuntimeValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = RuntimeValidationError{}
+
+// Validate checks the field values on RuntimeLayer with the rules defined in
+// the proto definition for this message. If any rules are violated, the first
+// error encountered is returned, or nil if there are no violations.
+func (m *RuntimeLayer) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on RuntimeLayer with the rules defined
+// in the proto definition for this message. If any rules are violated, the
+// result is a list of violation errors wrapped in RuntimeLayerMultiError, or
+// nil if none found.
+func (m *RuntimeLayer) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *RuntimeLayer) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	if utf8.RuneCountInString(m.GetName()) < 1 {
+		err := RuntimeLayerValidationError{
+			field:  "Name",
+			reason: "value length must be at least 1 runes",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+	}
+
+	switch m.LayerSpecifier.(type) {
+
+	case *RuntimeLayer_StaticLayer:
+
+		if all {
+			switch v := interface{}(m.GetStaticLayer()).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, RuntimeLayerValidationError{
+						field:  "StaticLayer",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, RuntimeLayerValidationError{
+						field:  "StaticLayer",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(m.GetStaticLayer()).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return RuntimeLayerValidationError{
+					field:  "StaticLayer",
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	case *RuntimeLayer_DiskLayer_:
+
+		if all {
+			switch v := interface{}(m.GetDiskLayer()).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, RuntimeLayerValidationError{
+						field:  "DiskLayer",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, RuntimeLayerValidationError{
+						field:  "DiskLayer",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(m.GetDiskLayer()).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return RuntimeLayerValidationError{
+					field:  "DiskLayer",
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	case *RuntimeLayer_AdminLayer_:
+
+		if all {
+			switch v := interface{}(m.GetAdminLayer()).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, RuntimeLayerValidationError{
+						field:  "AdminLayer",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, RuntimeLayerValidationError{
+						field:  "AdminLayer",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(m.GetAdminLayer()).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return RuntimeLayerValidationError{
+					field:  "AdminLayer",
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	case *RuntimeLayer_RtdsLayer_:
+
+		if all {
+			switch v := interface{}(m.GetRtdsLayer()).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, RuntimeLayerValidationError{
+						field:  "RtdsLayer",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, RuntimeLayerValidationError{
+						field:  "RtdsLayer",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(m.GetRtdsLayer()).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return RuntimeLayerValidationError{
+					field:  "RtdsLayer",
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	default:
+		err := RuntimeLayerValidationError{
+			field:  "LayerSpecifier",
+			reason: "value is required",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+
+	}
+
+	if len(errors) > 0 {
+		return RuntimeLayerMultiError(errors)
+	}
+	return nil
+}
+
+// RuntimeLayerMultiError is an error wrapping multiple validation errors
+// returned by RuntimeLayer.ValidateAll() if the designated constraints aren't met.
+type RuntimeLayerMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m RuntimeLayerMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m RuntimeLayerMultiError) AllErrors() []error { return m }
+
+// RuntimeLayerValidationError is the validation error returned by
+// RuntimeLayer.Validate if the designated constraints aren't met.
+type RuntimeLayerValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e RuntimeLayerValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e RuntimeLayerValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e RuntimeLayerValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e RuntimeLayerValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e RuntimeLayerValidationError) ErrorName() string { return "RuntimeLayerValidationError" }
+
+// Error satisfies the builtin error interface
+func (e RuntimeLayerValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sRuntimeLayer.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = RuntimeLayerValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = RuntimeLayerValidationError{}
+
+// Validate checks the field values on LayeredRuntime with the rules defined in
+// the proto definition for this message. If any rules are violated, the first
+// error encountered is returned, or nil if there are no violations.
+func (m *LayeredRuntime) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on LayeredRuntime with the rules defined
+// in the proto definition for this message. If any rules are violated, the
+// result is a list of violation errors wrapped in LayeredRuntimeMultiError,
+// or nil if none found.
+func (m *LayeredRuntime) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *LayeredRuntime) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	for idx, item := range m.GetLayers() {
+		_, _ = idx, item
+
+		if all {
+			switch v := interface{}(item).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, LayeredRuntimeValidationError{
+						field:  fmt.Sprintf("Layers[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, LayeredRuntimeValidationError{
+						field:  fmt.Sprintf("Layers[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(item).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return LayeredRuntimeValidationError{
+					field:  fmt.Sprintf("Layers[%v]", idx),
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	}
+
+	if len(errors) > 0 {
+		return LayeredRuntimeMultiError(errors)
+	}
+	return nil
+}
+
+// LayeredRuntimeMultiError is an error wrapping multiple validation errors
+// returned by LayeredRuntime.ValidateAll() if the designated constraints
+// aren't met.
+type LayeredRuntimeMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m LayeredRuntimeMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m LayeredRuntimeMultiError) AllErrors() []error { return m }
+
+// LayeredRuntimeValidationError is the validation error returned by
+// LayeredRuntime.Validate if the designated constraints aren't met.
+type LayeredRuntimeValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e LayeredRuntimeValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e LayeredRuntimeValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e LayeredRuntimeValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e LayeredRuntimeValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e LayeredRuntimeValidationError) ErrorName() string { return "LayeredRuntimeValidationError" }
+
+// Error satisfies the builtin error interface
+func (e LayeredRuntimeValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sLayeredRuntime.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = LayeredRuntimeValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = LayeredRuntimeValidationError{}
+
+// Validate checks the field values on CustomInlineHeader with the rules
+// defined in the proto definition for this message. If any rules are
+// violated, the first error encountered is returned, or nil if there are no violations.
+func (m *CustomInlineHeader) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on CustomInlineHeader with the rules
+// defined in the proto definition for this message. If any rules are
+// violated, the result is a list of violation errors wrapped in
+// CustomInlineHeaderMultiError, or nil if none found.
+func (m *CustomInlineHeader) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *CustomInlineHeader) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	if utf8.RuneCountInString(m.GetInlineHeaderName()) < 1 {
+		err := CustomInlineHeaderValidationError{
+			field:  "InlineHeaderName",
+			reason: "value length must be at least 1 runes",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+	}
+
+	if !_CustomInlineHeader_InlineHeaderName_Pattern.MatchString(m.GetInlineHeaderName()) {
+		err := CustomInlineHeaderValidationError{
+			field:  "InlineHeaderName",
+			reason: "value does not match regex pattern \"^[^\\x00\\n\\r]*$\"",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+	}
+
+	if _, ok := CustomInlineHeader_InlineHeaderType_name[int32(m.GetInlineHeaderType())]; !ok {
+		err := CustomInlineHeaderValidationError{
+			field:  "InlineHeaderType",
+			reason: "value must be one of the defined enum values",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+	}
+
+	if len(errors) > 0 {
+		return CustomInlineHeaderMultiError(errors)
+	}
+	return nil
+}
+
+// CustomInlineHeaderMultiError is an error wrapping multiple validation errors
+// returned by CustomInlineHeader.ValidateAll() if the designated constraints
+// aren't met.
+type CustomInlineHeaderMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m CustomInlineHeaderMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m CustomInlineHeaderMultiError) AllErrors() []error { return m }
+
+// CustomInlineHeaderValidationError is the validation error returned by
+// CustomInlineHeader.Validate if the designated constraints aren't met.
+type CustomInlineHeaderValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e CustomInlineHeaderValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e CustomInlineHeaderValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e CustomInlineHeaderValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e CustomInlineHeaderValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e CustomInlineHeaderValidationError) ErrorName() string {
+	return "CustomInlineHeaderValidationError"
+}
+
+// Error satisfies the builtin error interface
+func (e CustomInlineHeaderValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sCustomInlineHeader.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = CustomInlineHeaderValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = CustomInlineHeaderValidationError{}
+
+var _CustomInlineHeader_InlineHeaderName_Pattern = regexp.MustCompile("^[^\x00\n\r]*$")
+
+// Validate checks the field values on Bootstrap_StaticResources with the rules
+// defined in the proto definition for this message. If any rules are
+// violated, the first error encountered is returned, or nil if there are no violations.
+func (m *Bootstrap_StaticResources) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on Bootstrap_StaticResources with the
+// rules defined in the proto definition for this message. If any rules are
+// violated, the result is a list of violation errors wrapped in
+// Bootstrap_StaticResourcesMultiError, or nil if none found.
+func (m *Bootstrap_StaticResources) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *Bootstrap_StaticResources) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	for idx, item := range m.GetListeners() {
+		_, _ = idx, item
+
+		if all {
+			switch v := interface{}(item).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, Bootstrap_StaticResourcesValidationError{
+						field:  fmt.Sprintf("Listeners[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, Bootstrap_StaticResourcesValidationError{
+						field:  fmt.Sprintf("Listeners[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(item).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return Bootstrap_StaticResourcesValidationError{
+					field:  fmt.Sprintf("Listeners[%v]", idx),
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	}
+
+	for idx, item := range m.GetClusters() {
+		_, _ = idx, item
+
+		if all {
+			switch v := interface{}(item).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, Bootstrap_StaticResourcesValidationError{
+						field:  fmt.Sprintf("Clusters[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, Bootstrap_StaticResourcesValidationError{
+						field:  fmt.Sprintf("Clusters[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(item).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return Bootstrap_StaticResourcesValidationError{
+					field:  fmt.Sprintf("Clusters[%v]", idx),
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	}
+
+	for idx, item := range m.GetSecrets() {
+		_, _ = idx, item
+
+		if all {
+			switch v := interface{}(item).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, Bootstrap_StaticResourcesValidationError{
+						field:  fmt.Sprintf("Secrets[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, Bootstrap_StaticResourcesValidationError{
+						field:  fmt.Sprintf("Secrets[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(item).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return Bootstrap_StaticResourcesValidationError{
+					field:  fmt.Sprintf("Secrets[%v]", idx),
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	}
+
+	if len(errors) > 0 {
+		return Bootstrap_StaticResourcesMultiError(errors)
+	}
+	return nil
+}
+
+// Bootstrap_StaticResourcesMultiError is an error wrapping multiple validation
+// errors returned by Bootstrap_StaticResources.ValidateAll() if the
+// designated constraints aren't met.
+type Bootstrap_StaticResourcesMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m Bootstrap_StaticResourcesMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m Bootstrap_StaticResourcesMultiError) AllErrors() []error { return m }
+
+// Bootstrap_StaticResourcesValidationError is the validation error returned by
+// Bootstrap_StaticResources.Validate if the designated constraints aren't met.
+type Bootstrap_StaticResourcesValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e Bootstrap_StaticResourcesValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e Bootstrap_StaticResourcesValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e Bootstrap_StaticResourcesValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e Bootstrap_StaticResourcesValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e Bootstrap_StaticResourcesValidationError) ErrorName() string {
+	return "Bootstrap_StaticResourcesValidationError"
+}
+
+// Error satisfies the builtin error interface
+func (e Bootstrap_StaticResourcesValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sBootstrap_StaticResources.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = Bootstrap_StaticResourcesValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = Bootstrap_StaticResourcesValidationError{}
+
+// Validate checks the field values on Bootstrap_DynamicResources with the
+// rules defined in the proto definition for this message. If any rules are
+// violated, the first error encountered is returned, or nil if there are no violations.
+func (m *Bootstrap_DynamicResources) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on Bootstrap_DynamicResources with the
+// rules defined in the proto definition for this message. If any rules are
+// violated, the result is a list of violation errors wrapped in
+// Bootstrap_DynamicResourcesMultiError, or nil if none found.
+func (m *Bootstrap_DynamicResources) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *Bootstrap_DynamicResources) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	if all {
+		switch v := interface{}(m.GetLdsConfig()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, Bootstrap_DynamicResourcesValidationError{
+					field:  "LdsConfig",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, Bootstrap_DynamicResourcesValidationError{
+					field:  "LdsConfig",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetLdsConfig()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return Bootstrap_DynamicResourcesValidationError{
+				field:  "LdsConfig",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	// no validation rules for LdsResourcesLocator
+
+	if all {
+		switch v := interface{}(m.GetCdsConfig()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, Bootstrap_DynamicResourcesValidationError{
+					field:  "CdsConfig",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, Bootstrap_DynamicResourcesValidationError{
+					field:  "CdsConfig",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetCdsConfig()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return Bootstrap_DynamicResourcesValidationError{
+				field:  "CdsConfig",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	// no validation rules for CdsResourcesLocator
+
+	if all {
+		switch v := interface{}(m.GetAdsConfig()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, Bootstrap_DynamicResourcesValidationError{
+					field:  "AdsConfig",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, Bootstrap_DynamicResourcesValidationError{
+					field:  "AdsConfig",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetAdsConfig()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return Bootstrap_DynamicResourcesValidationError{
+				field:  "AdsConfig",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if len(errors) > 0 {
+		return Bootstrap_DynamicResourcesMultiError(errors)
+	}
+	return nil
+}
+
+// Bootstrap_DynamicResourcesMultiError is an error wrapping multiple
+// validation errors returned by Bootstrap_DynamicResources.ValidateAll() if
+// the designated constraints aren't met.
+type Bootstrap_DynamicResourcesMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m Bootstrap_DynamicResourcesMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m Bootstrap_DynamicResourcesMultiError) AllErrors() []error { return m }
+
+// Bootstrap_DynamicResourcesValidationError is the validation error returned
+// by Bootstrap_DynamicResources.Validate if the designated constraints aren't met.
+type Bootstrap_DynamicResourcesValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e Bootstrap_DynamicResourcesValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e Bootstrap_DynamicResourcesValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e Bootstrap_DynamicResourcesValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e Bootstrap_DynamicResourcesValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e Bootstrap_DynamicResourcesValidationError) ErrorName() string {
+	return "Bootstrap_DynamicResourcesValidationError"
+}
+
+// Error satisfies the builtin error interface
+func (e Bootstrap_DynamicResourcesValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sBootstrap_DynamicResources.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = Bootstrap_DynamicResourcesValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = Bootstrap_DynamicResourcesValidationError{}
+
+// Validate checks the field values on ClusterManager_OutlierDetection with the
+// rules defined in the proto definition for this message. If any rules are
+// violated, the first error encountered is returned, or nil if there are no violations.
+func (m *ClusterManager_OutlierDetection) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on ClusterManager_OutlierDetection with
+// the rules defined in the proto definition for this message. If any rules
+// are violated, the result is a list of violation errors wrapped in
+// ClusterManager_OutlierDetectionMultiError, or nil if none found.
+func (m *ClusterManager_OutlierDetection) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *ClusterManager_OutlierDetection) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	// no validation rules for EventLogPath
+
+	if all {
+		switch v := interface{}(m.GetEventService()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, ClusterManager_OutlierDetectionValidationError{
+					field:  "EventService",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, ClusterManager_OutlierDetectionValidationError{
+					field:  "EventService",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetEventService()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return ClusterManager_OutlierDetectionValidationError{
+				field:  "EventService",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if len(errors) > 0 {
+		return ClusterManager_OutlierDetectionMultiError(errors)
+	}
+	return nil
+}
+
+// ClusterManager_OutlierDetectionMultiError is an error wrapping multiple
+// validation errors returned by ClusterManager_OutlierDetection.ValidateAll()
+// if the designated constraints aren't met.
+type ClusterManager_OutlierDetectionMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m ClusterManager_OutlierDetectionMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m ClusterManager_OutlierDetectionMultiError) AllErrors() []error { return m }
+
+// ClusterManager_OutlierDetectionValidationError is the validation error
+// returned by ClusterManager_OutlierDetection.Validate if the designated
+// constraints aren't met.
+type ClusterManager_OutlierDetectionValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e ClusterManager_OutlierDetectionValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e ClusterManager_OutlierDetectionValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e ClusterManager_OutlierDetectionValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e ClusterManager_OutlierDetectionValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e ClusterManager_OutlierDetectionValidationError) ErrorName() string {
+	return "ClusterManager_OutlierDetectionValidationError"
+}
+
+// Error satisfies the builtin error interface
+func (e ClusterManager_OutlierDetectionValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sClusterManager_OutlierDetection.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = ClusterManager_OutlierDetectionValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = ClusterManager_OutlierDetectionValidationError{}
+
+// Validate checks the field values on Watchdog_WatchdogAction with the rules
+// defined in the proto definition for this message. If any rules are
+// violated, the first error encountered is returned, or nil if there are no violations.
+func (m *Watchdog_WatchdogAction) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on Watchdog_WatchdogAction with the
+// rules defined in the proto definition for this message. If any rules are
+// violated, the result is a list of violation errors wrapped in
+// Watchdog_WatchdogActionMultiError, or nil if none found.
+func (m *Watchdog_WatchdogAction) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *Watchdog_WatchdogAction) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	if all {
+		switch v := interface{}(m.GetConfig()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, Watchdog_WatchdogActionValidationError{
+					field:  "Config",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, Watchdog_WatchdogActionValidationError{
+					field:  "Config",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetConfig()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return Watchdog_WatchdogActionValidationError{
+				field:  "Config",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if _, ok := Watchdog_WatchdogAction_WatchdogEvent_name[int32(m.GetEvent())]; !ok {
+		err := Watchdog_WatchdogActionValidationError{
+			field:  "Event",
+			reason: "value must be one of the defined enum values",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+	}
+
+	if len(errors) > 0 {
+		return Watchdog_WatchdogActionMultiError(errors)
+	}
+	return nil
+}
+
+// Watchdog_WatchdogActionMultiError is an error wrapping multiple validation
+// errors returned by Watchdog_WatchdogAction.ValidateAll() if the designated
+// constraints aren't met.
+type Watchdog_WatchdogActionMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m Watchdog_WatchdogActionMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m Watchdog_WatchdogActionMultiError) AllErrors() []error { return m }
+
+// Watchdog_WatchdogActionValidationError is the validation error returned by
+// Watchdog_WatchdogAction.Validate if the designated constraints aren't met.
+type Watchdog_WatchdogActionValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e Watchdog_WatchdogActionValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e Watchdog_WatchdogActionValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e Watchdog_WatchdogActionValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e Watchdog_WatchdogActionValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e Watchdog_WatchdogActionValidationError) ErrorName() string {
+	return "Watchdog_WatchdogActionValidationError"
+}
+
+// Error satisfies the builtin error interface
+func (e Watchdog_WatchdogActionValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sWatchdog_WatchdogAction.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = Watchdog_WatchdogActionValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = Watchdog_WatchdogActionValidationError{}
+
+// Validate checks the field values on RuntimeLayer_DiskLayer with the rules
+// defined in the proto definition for this message. If any rules are
+// violated, the first error encountered is returned, or nil if there are no violations.
+func (m *RuntimeLayer_DiskLayer) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on RuntimeLayer_DiskLayer with the rules
+// defined in the proto definition for this message. If any rules are
+// violated, the result is a list of violation errors wrapped in
+// RuntimeLayer_DiskLayerMultiError, or nil if none found.
+func (m *RuntimeLayer_DiskLayer) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *RuntimeLayer_DiskLayer) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	// no validation rules for SymlinkRoot
+
+	// no validation rules for Subdirectory
+
+	// no validation rules for AppendServiceCluster
+
+	if len(errors) > 0 {
+		return RuntimeLayer_DiskLayerMultiError(errors)
+	}
+	return nil
+}
+
+// RuntimeLayer_DiskLayerMultiError is an error wrapping multiple validation
+// errors returned by RuntimeLayer_DiskLayer.ValidateAll() if the designated
+// constraints aren't met.
+type RuntimeLayer_DiskLayerMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m RuntimeLayer_DiskLayerMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m RuntimeLayer_DiskLayerMultiError) AllErrors() []error { return m }
+
+// RuntimeLayer_DiskLayerValidationError is the validation error returned by
+// RuntimeLayer_DiskLayer.Validate if the designated constraints aren't met.
+type RuntimeLayer_DiskLayerValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e RuntimeLayer_DiskLayerValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e RuntimeLayer_DiskLayerValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e RuntimeLayer_DiskLayerValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e RuntimeLayer_DiskLayerValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e RuntimeLayer_DiskLayerValidationError) ErrorName() string {
+	return "RuntimeLayer_DiskLayerValidationError"
+}
+
+// Error satisfies the builtin error interface
+func (e RuntimeLayer_DiskLayerValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sRuntimeLayer_DiskLayer.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = RuntimeLayer_DiskLayerValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = RuntimeLayer_DiskLayerValidationError{}
+
+// Validate checks the field values on RuntimeLayer_AdminLayer with the rules
+// defined in the proto definition for this message. If any rules are
+// violated, the first error encountered is returned, or nil if there are no violations.
+func (m *RuntimeLayer_AdminLayer) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on RuntimeLayer_AdminLayer with the
+// rules defined in the proto definition for this message. If any rules are
+// violated, the result is a list of violation errors wrapped in
+// RuntimeLayer_AdminLayerMultiError, or nil if none found.
+func (m *RuntimeLayer_AdminLayer) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *RuntimeLayer_AdminLayer) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	if len(errors) > 0 {
+		return RuntimeLayer_AdminLayerMultiError(errors)
+	}
+	return nil
+}
+
+// RuntimeLayer_AdminLayerMultiError is an error wrapping multiple validation
+// errors returned by RuntimeLayer_AdminLayer.ValidateAll() if the designated
+// constraints aren't met.
+type RuntimeLayer_AdminLayerMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m RuntimeLayer_AdminLayerMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m RuntimeLayer_AdminLayerMultiError) AllErrors() []error { return m }
+
+// RuntimeLayer_AdminLayerValidationError is the validation error returned by
+// RuntimeLayer_AdminLayer.Validate if the designated constraints aren't met.
+type RuntimeLayer_AdminLayerValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e RuntimeLayer_AdminLayerValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e RuntimeLayer_AdminLayerValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e RuntimeLayer_AdminLayerValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e RuntimeLayer_AdminLayerValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e RuntimeLayer_AdminLayerValidationError) ErrorName() string {
+	return "RuntimeLayer_AdminLayerValidationError"
+}
+
+// Error satisfies the builtin error interface
+func (e RuntimeLayer_AdminLayerValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sRuntimeLayer_AdminLayer.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = RuntimeLayer_AdminLayerValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = RuntimeLayer_AdminLayerValidationError{}
+
+// Validate checks the field values on RuntimeLayer_RtdsLayer with the rules
+// defined in the proto definition for this message. If any rules are
+// violated, the first error encountered is returned, or nil if there are no violations.
+func (m *RuntimeLayer_RtdsLayer) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on RuntimeLayer_RtdsLayer with the rules
+// defined in the proto definition for this message. If any rules are
+// violated, the result is a list of violation errors wrapped in
+// RuntimeLayer_RtdsLayerMultiError, or nil if none found.
+func (m *RuntimeLayer_RtdsLayer) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *RuntimeLayer_RtdsLayer) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	// no validation rules for Name
+
+	if all {
+		switch v := interface{}(m.GetRtdsConfig()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, RuntimeLayer_RtdsLayerValidationError{
+					field:  "RtdsConfig",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, RuntimeLayer_RtdsLayerValidationError{
+					field:  "RtdsConfig",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetRtdsConfig()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return RuntimeLayer_RtdsLayerValidationError{
+				field:  "RtdsConfig",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if len(errors) > 0 {
+		return RuntimeLayer_RtdsLayerMultiError(errors)
+	}
+	return nil
+}
+
+// RuntimeLayer_RtdsLayerMultiError is an error wrapping multiple validation
+// errors returned by RuntimeLayer_RtdsLayer.ValidateAll() if the designated
+// constraints aren't met.
+type RuntimeLayer_RtdsLayerMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m RuntimeLayer_RtdsLayerMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m RuntimeLayer_RtdsLayerMultiError) AllErrors() []error { return m }
+
+// RuntimeLayer_RtdsLayerValidationError is the validation error returned by
+// RuntimeLayer_RtdsLayer.Validate if the designated constraints aren't met.
+type RuntimeLayer_RtdsLayerValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e RuntimeLayer_RtdsLayerValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e RuntimeLayer_RtdsLayerValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e RuntimeLayer_RtdsLayerValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e RuntimeLayer_RtdsLayerValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e RuntimeLayer_RtdsLayerValidationError) ErrorName() string {
+	return "RuntimeLayer_RtdsLayerValidationError"
+}
+
+// Error satisfies the builtin error interface
+func (e RuntimeLayer_RtdsLayerValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sRuntimeLayer_RtdsLayer.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = RuntimeLayer_RtdsLayerValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = RuntimeLayer_RtdsLayerValidationError{}
diff --git a/vendor/github.com/envoyproxy/go-control-plane/envoy/config/cluster/v3/circuit_breaker.pb.go b/vendor/github.com/envoyproxy/go-control-plane/envoy/config/cluster/v3/circuit_breaker.pb.go
new file mode 100644
index 00000000000..f5d23fc0f71
--- /dev/null
+++ b/vendor/github.com/envoyproxy/go-control-plane/envoy/config/cluster/v3/circuit_breaker.pb.go
@@ -0,0 +1,478 @@
+// Code generated by protoc-gen-go. DO NOT EDIT.
+// versions:
+// 	protoc-gen-go v1.25.0
+// 	protoc        v3.19.1
+// source: envoy/config/cluster/v3/circuit_breaker.proto
+
+package envoy_config_cluster_v3
+
+import (
+	_ "github.com/cncf/xds/go/udpa/annotations"
+	v3 "github.com/envoyproxy/go-control-plane/envoy/config/core/v3"
+	v31 "github.com/envoyproxy/go-control-plane/envoy/type/v3"
+	_ "github.com/envoyproxy/protoc-gen-validate/validate"
+	proto "github.com/golang/protobuf/proto"
+	wrappers "github.com/golang/protobuf/ptypes/wrappers"
+	protoreflect "google.golang.org/protobuf/reflect/protoreflect"
+	protoimpl "google.golang.org/protobuf/runtime/protoimpl"
+	reflect "reflect"
+	sync "sync"
+)
+
+const (
+	// Verify that this generated code is sufficiently up-to-date.
+	_ = protoimpl.EnforceVersion(20 - protoimpl.MinVersion)
+	// Verify that runtime/protoimpl is sufficiently up-to-date.
+	_ = protoimpl.EnforceVersion(protoimpl.MaxVersion - 20)
+)
+
+// This is a compile-time assertion that a sufficiently up-to-date version
+// of the legacy proto package is being used.
+const _ = proto.ProtoPackageIsVersion4
+
+// :ref:`Circuit breaking<arch_overview_circuit_break>` settings can be
+// specified individually for each defined priority.
+type CircuitBreakers struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// If multiple :ref:`Thresholds<envoy_v3_api_msg_config.cluster.v3.CircuitBreakers.Thresholds>`
+	// are defined with the same :ref:`RoutingPriority<envoy_v3_api_enum_config.core.v3.RoutingPriority>`,
+	// the first one in the list is used. If no Thresholds is defined for a given
+	// :ref:`RoutingPriority<envoy_v3_api_enum_config.core.v3.RoutingPriority>`, the default values
+	// are used.
+	Thresholds []*CircuitBreakers_Thresholds `protobuf:"bytes,1,rep,name=thresholds,proto3" json:"thresholds,omitempty"`
+}
+
+func (x *CircuitBreakers) Reset() {
+	*x = CircuitBreakers{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_config_cluster_v3_circuit_breaker_proto_msgTypes[0]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *CircuitBreakers) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*CircuitBreakers) ProtoMessage() {}
+
+func (x *CircuitBreakers) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_config_cluster_v3_circuit_breaker_proto_msgTypes[0]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use CircuitBreakers.ProtoReflect.Descriptor instead.
+func (*CircuitBreakers) Descriptor() ([]byte, []int) {
+	return file_envoy_config_cluster_v3_circuit_breaker_proto_rawDescGZIP(), []int{0}
+}
+
+func (x *CircuitBreakers) GetThresholds() []*CircuitBreakers_Thresholds {
+	if x != nil {
+		return x.Thresholds
+	}
+	return nil
+}
+
+// A Thresholds defines CircuitBreaker settings for a
+// :ref:`RoutingPriority<envoy_v3_api_enum_config.core.v3.RoutingPriority>`.
+// [#next-free-field: 9]
+type CircuitBreakers_Thresholds struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// The :ref:`RoutingPriority<envoy_v3_api_enum_config.core.v3.RoutingPriority>`
+	// the specified CircuitBreaker settings apply to.
+	Priority v3.RoutingPriority `protobuf:"varint,1,opt,name=priority,proto3,enum=envoy.config.core.v3.RoutingPriority" json:"priority,omitempty"`
+	// The maximum number of connections that Envoy will make to the upstream
+	// cluster. If not specified, the default is 1024.
+	MaxConnections *wrappers.UInt32Value `protobuf:"bytes,2,opt,name=max_connections,json=maxConnections,proto3" json:"max_connections,omitempty"`
+	// The maximum number of pending requests that Envoy will allow to the
+	// upstream cluster. If not specified, the default is 1024.
+	MaxPendingRequests *wrappers.UInt32Value `protobuf:"bytes,3,opt,name=max_pending_requests,json=maxPendingRequests,proto3" json:"max_pending_requests,omitempty"`
+	// The maximum number of parallel requests that Envoy will make to the
+	// upstream cluster. If not specified, the default is 1024.
+	MaxRequests *wrappers.UInt32Value `protobuf:"bytes,4,opt,name=max_requests,json=maxRequests,proto3" json:"max_requests,omitempty"`
+	// The maximum number of parallel retries that Envoy will allow to the
+	// upstream cluster. If not specified, the default is 3.
+	MaxRetries *wrappers.UInt32Value `protobuf:"bytes,5,opt,name=max_retries,json=maxRetries,proto3" json:"max_retries,omitempty"`
+	// Specifies a limit on concurrent retries in relation to the number of active requests. This
+	// parameter is optional.
+	//
+	// .. note::
+	//
+	//    If this field is set, the retry budget will override any configured retry circuit
+	//    breaker.
+	RetryBudget *CircuitBreakers_Thresholds_RetryBudget `protobuf:"bytes,8,opt,name=retry_budget,json=retryBudget,proto3" json:"retry_budget,omitempty"`
+	// If track_remaining is true, then stats will be published that expose
+	// the number of resources remaining until the circuit breakers open. If
+	// not specified, the default is false.
+	//
+	// .. note::
+	//
+	//    If a retry budget is used in lieu of the max_retries circuit breaker,
+	//    the remaining retry resources remaining will not be tracked.
+	TrackRemaining bool `protobuf:"varint,6,opt,name=track_remaining,json=trackRemaining,proto3" json:"track_remaining,omitempty"`
+	// The maximum number of connection pools per cluster that Envoy will concurrently support at
+	// once. If not specified, the default is unlimited. Set this for clusters which create a
+	// large number of connection pools. See
+	// :ref:`Circuit Breaking <arch_overview_circuit_break_cluster_maximum_connection_pools>` for
+	// more details.
+	MaxConnectionPools *wrappers.UInt32Value `protobuf:"bytes,7,opt,name=max_connection_pools,json=maxConnectionPools,proto3" json:"max_connection_pools,omitempty"`
+}
+
+func (x *CircuitBreakers_Thresholds) Reset() {
+	*x = CircuitBreakers_Thresholds{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_config_cluster_v3_circuit_breaker_proto_msgTypes[1]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *CircuitBreakers_Thresholds) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*CircuitBreakers_Thresholds) ProtoMessage() {}
+
+func (x *CircuitBreakers_Thresholds) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_config_cluster_v3_circuit_breaker_proto_msgTypes[1]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use CircuitBreakers_Thresholds.ProtoReflect.Descriptor instead.
+func (*CircuitBreakers_Thresholds) Descriptor() ([]byte, []int) {
+	return file_envoy_config_cluster_v3_circuit_breaker_proto_rawDescGZIP(), []int{0, 0}
+}
+
+func (x *CircuitBreakers_Thresholds) GetPriority() v3.RoutingPriority {
+	if x != nil {
+		return x.Priority
+	}
+	return v3.RoutingPriority_DEFAULT
+}
+
+func (x *CircuitBreakers_Thresholds) GetMaxConnections() *wrappers.UInt32Value {
+	if x != nil {
+		return x.MaxConnections
+	}
+	return nil
+}
+
+func (x *CircuitBreakers_Thresholds) GetMaxPendingRequests() *wrappers.UInt32Value {
+	if x != nil {
+		return x.MaxPendingRequests
+	}
+	return nil
+}
+
+func (x *CircuitBreakers_Thresholds) GetMaxRequests() *wrappers.UInt32Value {
+	if x != nil {
+		return x.MaxRequests
+	}
+	return nil
+}
+
+func (x *CircuitBreakers_Thresholds) GetMaxRetries() *wrappers.UInt32Value {
+	if x != nil {
+		return x.MaxRetries
+	}
+	return nil
+}
+
+func (x *CircuitBreakers_Thresholds) GetRetryBudget() *CircuitBreakers_Thresholds_RetryBudget {
+	if x != nil {
+		return x.RetryBudget
+	}
+	return nil
+}
+
+func (x *CircuitBreakers_Thresholds) GetTrackRemaining() bool {
+	if x != nil {
+		return x.TrackRemaining
+	}
+	return false
+}
+
+func (x *CircuitBreakers_Thresholds) GetMaxConnectionPools() *wrappers.UInt32Value {
+	if x != nil {
+		return x.MaxConnectionPools
+	}
+	return nil
+}
+
+type CircuitBreakers_Thresholds_RetryBudget struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// Specifies the limit on concurrent retries as a percentage of the sum of active requests and
+	// active pending requests. For example, if there are 100 active requests and the
+	// budget_percent is set to 25, there may be 25 active retries.
+	//
+	// This parameter is optional. Defaults to 20%.
+	BudgetPercent *v31.Percent `protobuf:"bytes,1,opt,name=budget_percent,json=budgetPercent,proto3" json:"budget_percent,omitempty"`
+	// Specifies the minimum retry concurrency allowed for the retry budget. The limit on the
+	// number of active retries may never go below this number.
+	//
+	// This parameter is optional. Defaults to 3.
+	MinRetryConcurrency *wrappers.UInt32Value `protobuf:"bytes,2,opt,name=min_retry_concurrency,json=minRetryConcurrency,proto3" json:"min_retry_concurrency,omitempty"`
+}
+
+func (x *CircuitBreakers_Thresholds_RetryBudget) Reset() {
+	*x = CircuitBreakers_Thresholds_RetryBudget{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_config_cluster_v3_circuit_breaker_proto_msgTypes[2]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *CircuitBreakers_Thresholds_RetryBudget) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*CircuitBreakers_Thresholds_RetryBudget) ProtoMessage() {}
+
+func (x *CircuitBreakers_Thresholds_RetryBudget) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_config_cluster_v3_circuit_breaker_proto_msgTypes[2]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use CircuitBreakers_Thresholds_RetryBudget.ProtoReflect.Descriptor instead.
+func (*CircuitBreakers_Thresholds_RetryBudget) Descriptor() ([]byte, []int) {
+	return file_envoy_config_cluster_v3_circuit_breaker_proto_rawDescGZIP(), []int{0, 0, 0}
+}
+
+func (x *CircuitBreakers_Thresholds_RetryBudget) GetBudgetPercent() *v31.Percent {
+	if x != nil {
+		return x.BudgetPercent
+	}
+	return nil
+}
+
+func (x *CircuitBreakers_Thresholds_RetryBudget) GetMinRetryConcurrency() *wrappers.UInt32Value {
+	if x != nil {
+		return x.MinRetryConcurrency
+	}
+	return nil
+}
+
+var File_envoy_config_cluster_v3_circuit_breaker_proto protoreflect.FileDescriptor
+
+var file_envoy_config_cluster_v3_circuit_breaker_proto_rawDesc = []byte{
+	0x0a, 0x2d, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2f, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2f, 0x63,
+	0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0x2f, 0x76, 0x33, 0x2f, 0x63, 0x69, 0x72, 0x63, 0x75, 0x69,
+	0x74, 0x5f, 0x62, 0x72, 0x65, 0x61, 0x6b, 0x65, 0x72, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x12,
+	0x17, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x63, 0x6c,
+	0x75, 0x73, 0x74, 0x65, 0x72, 0x2e, 0x76, 0x33, 0x1a, 0x1f, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2f,
+	0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2f, 0x63, 0x6f, 0x72, 0x65, 0x2f, 0x76, 0x33, 0x2f, 0x62,
+	0x61, 0x73, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x1b, 0x65, 0x6e, 0x76, 0x6f, 0x79,
+	0x2f, 0x74, 0x79, 0x70, 0x65, 0x2f, 0x76, 0x33, 0x2f, 0x70, 0x65, 0x72, 0x63, 0x65, 0x6e, 0x74,
+	0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x1e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2f, 0x70,
+	0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2f, 0x77, 0x72, 0x61, 0x70, 0x70, 0x65, 0x72, 0x73,
+	0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x1d, 0x75, 0x64, 0x70, 0x61, 0x2f, 0x61, 0x6e, 0x6e,
+	0x6f, 0x74, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x2f, 0x73, 0x74, 0x61, 0x74, 0x75, 0x73, 0x2e,
+	0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x21, 0x75, 0x64, 0x70, 0x61, 0x2f, 0x61, 0x6e, 0x6e, 0x6f,
+	0x74, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x2f, 0x76, 0x65, 0x72, 0x73, 0x69, 0x6f, 0x6e, 0x69,
+	0x6e, 0x67, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x17, 0x76, 0x61, 0x6c, 0x69, 0x64, 0x61,
+	0x74, 0x65, 0x2f, 0x76, 0x61, 0x6c, 0x69, 0x64, 0x61, 0x74, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74,
+	0x6f, 0x22, 0x80, 0x08, 0x0a, 0x0f, 0x43, 0x69, 0x72, 0x63, 0x75, 0x69, 0x74, 0x42, 0x72, 0x65,
+	0x61, 0x6b, 0x65, 0x72, 0x73, 0x12, 0x53, 0x0a, 0x0a, 0x74, 0x68, 0x72, 0x65, 0x73, 0x68, 0x6f,
+	0x6c, 0x64, 0x73, 0x18, 0x01, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x33, 0x2e, 0x65, 0x6e, 0x76, 0x6f,
+	0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x63, 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72,
+	0x2e, 0x76, 0x33, 0x2e, 0x43, 0x69, 0x72, 0x63, 0x75, 0x69, 0x74, 0x42, 0x72, 0x65, 0x61, 0x6b,
+	0x65, 0x72, 0x73, 0x2e, 0x54, 0x68, 0x72, 0x65, 0x73, 0x68, 0x6f, 0x6c, 0x64, 0x73, 0x52, 0x0a,
+	0x74, 0x68, 0x72, 0x65, 0x73, 0x68, 0x6f, 0x6c, 0x64, 0x73, 0x1a, 0xea, 0x06, 0x0a, 0x0a, 0x54,
+	0x68, 0x72, 0x65, 0x73, 0x68, 0x6f, 0x6c, 0x64, 0x73, 0x12, 0x4b, 0x0a, 0x08, 0x70, 0x72, 0x69,
+	0x6f, 0x72, 0x69, 0x74, 0x79, 0x18, 0x01, 0x20, 0x01, 0x28, 0x0e, 0x32, 0x25, 0x2e, 0x65, 0x6e,
+	0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x63, 0x6f, 0x72, 0x65, 0x2e,
+	0x76, 0x33, 0x2e, 0x52, 0x6f, 0x75, 0x74, 0x69, 0x6e, 0x67, 0x50, 0x72, 0x69, 0x6f, 0x72, 0x69,
+	0x74, 0x79, 0x42, 0x08, 0xfa, 0x42, 0x05, 0x82, 0x01, 0x02, 0x10, 0x01, 0x52, 0x08, 0x70, 0x72,
+	0x69, 0x6f, 0x72, 0x69, 0x74, 0x79, 0x12, 0x45, 0x0a, 0x0f, 0x6d, 0x61, 0x78, 0x5f, 0x63, 0x6f,
+	0x6e, 0x6e, 0x65, 0x63, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x18, 0x02, 0x20, 0x01, 0x28, 0x0b, 0x32,
+	0x1c, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75,
+	0x66, 0x2e, 0x55, 0x49, 0x6e, 0x74, 0x33, 0x32, 0x56, 0x61, 0x6c, 0x75, 0x65, 0x52, 0x0e, 0x6d,
+	0x61, 0x78, 0x43, 0x6f, 0x6e, 0x6e, 0x65, 0x63, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x12, 0x4e, 0x0a,
+	0x14, 0x6d, 0x61, 0x78, 0x5f, 0x70, 0x65, 0x6e, 0x64, 0x69, 0x6e, 0x67, 0x5f, 0x72, 0x65, 0x71,
+	0x75, 0x65, 0x73, 0x74, 0x73, 0x18, 0x03, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1c, 0x2e, 0x67, 0x6f,
+	0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x55, 0x49,
+	0x6e, 0x74, 0x33, 0x32, 0x56, 0x61, 0x6c, 0x75, 0x65, 0x52, 0x12, 0x6d, 0x61, 0x78, 0x50, 0x65,
+	0x6e, 0x64, 0x69, 0x6e, 0x67, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x73, 0x12, 0x3f, 0x0a,
+	0x0c, 0x6d, 0x61, 0x78, 0x5f, 0x72, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x73, 0x18, 0x04, 0x20,
+	0x01, 0x28, 0x0b, 0x32, 0x1c, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f,
+	0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x55, 0x49, 0x6e, 0x74, 0x33, 0x32, 0x56, 0x61, 0x6c, 0x75,
+	0x65, 0x52, 0x0b, 0x6d, 0x61, 0x78, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x73, 0x12, 0x3d,
+	0x0a, 0x0b, 0x6d, 0x61, 0x78, 0x5f, 0x72, 0x65, 0x74, 0x72, 0x69, 0x65, 0x73, 0x18, 0x05, 0x20,
+	0x01, 0x28, 0x0b, 0x32, 0x1c, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f,
+	0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x55, 0x49, 0x6e, 0x74, 0x33, 0x32, 0x56, 0x61, 0x6c, 0x75,
+	0x65, 0x52, 0x0a, 0x6d, 0x61, 0x78, 0x52, 0x65, 0x74, 0x72, 0x69, 0x65, 0x73, 0x12, 0x62, 0x0a,
+	0x0c, 0x72, 0x65, 0x74, 0x72, 0x79, 0x5f, 0x62, 0x75, 0x64, 0x67, 0x65, 0x74, 0x18, 0x08, 0x20,
+	0x01, 0x28, 0x0b, 0x32, 0x3f, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66,
+	0x69, 0x67, 0x2e, 0x63, 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0x2e, 0x76, 0x33, 0x2e, 0x43, 0x69,
+	0x72, 0x63, 0x75, 0x69, 0x74, 0x42, 0x72, 0x65, 0x61, 0x6b, 0x65, 0x72, 0x73, 0x2e, 0x54, 0x68,
+	0x72, 0x65, 0x73, 0x68, 0x6f, 0x6c, 0x64, 0x73, 0x2e, 0x52, 0x65, 0x74, 0x72, 0x79, 0x42, 0x75,
+	0x64, 0x67, 0x65, 0x74, 0x52, 0x0b, 0x72, 0x65, 0x74, 0x72, 0x79, 0x42, 0x75, 0x64, 0x67, 0x65,
+	0x74, 0x12, 0x27, 0x0a, 0x0f, 0x74, 0x72, 0x61, 0x63, 0x6b, 0x5f, 0x72, 0x65, 0x6d, 0x61, 0x69,
+	0x6e, 0x69, 0x6e, 0x67, 0x18, 0x06, 0x20, 0x01, 0x28, 0x08, 0x52, 0x0e, 0x74, 0x72, 0x61, 0x63,
+	0x6b, 0x52, 0x65, 0x6d, 0x61, 0x69, 0x6e, 0x69, 0x6e, 0x67, 0x12, 0x4e, 0x0a, 0x14, 0x6d, 0x61,
+	0x78, 0x5f, 0x63, 0x6f, 0x6e, 0x6e, 0x65, 0x63, 0x74, 0x69, 0x6f, 0x6e, 0x5f, 0x70, 0x6f, 0x6f,
+	0x6c, 0x73, 0x18, 0x07, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1c, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c,
+	0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x55, 0x49, 0x6e, 0x74, 0x33,
+	0x32, 0x56, 0x61, 0x6c, 0x75, 0x65, 0x52, 0x12, 0x6d, 0x61, 0x78, 0x43, 0x6f, 0x6e, 0x6e, 0x65,
+	0x63, 0x74, 0x69, 0x6f, 0x6e, 0x50, 0x6f, 0x6f, 0x6c, 0x73, 0x1a, 0xe2, 0x01, 0x0a, 0x0b, 0x52,
+	0x65, 0x74, 0x72, 0x79, 0x42, 0x75, 0x64, 0x67, 0x65, 0x74, 0x12, 0x3d, 0x0a, 0x0e, 0x62, 0x75,
+	0x64, 0x67, 0x65, 0x74, 0x5f, 0x70, 0x65, 0x72, 0x63, 0x65, 0x6e, 0x74, 0x18, 0x01, 0x20, 0x01,
+	0x28, 0x0b, 0x32, 0x16, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x74, 0x79, 0x70, 0x65, 0x2e,
+	0x76, 0x33, 0x2e, 0x50, 0x65, 0x72, 0x63, 0x65, 0x6e, 0x74, 0x52, 0x0d, 0x62, 0x75, 0x64, 0x67,
+	0x65, 0x74, 0x50, 0x65, 0x72, 0x63, 0x65, 0x6e, 0x74, 0x12, 0x50, 0x0a, 0x15, 0x6d, 0x69, 0x6e,
+	0x5f, 0x72, 0x65, 0x74, 0x72, 0x79, 0x5f, 0x63, 0x6f, 0x6e, 0x63, 0x75, 0x72, 0x72, 0x65, 0x6e,
+	0x63, 0x79, 0x18, 0x02, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1c, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c,
+	0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x55, 0x49, 0x6e, 0x74, 0x33,
+	0x32, 0x56, 0x61, 0x6c, 0x75, 0x65, 0x52, 0x13, 0x6d, 0x69, 0x6e, 0x52, 0x65, 0x74, 0x72, 0x79,
+	0x43, 0x6f, 0x6e, 0x63, 0x75, 0x72, 0x72, 0x65, 0x6e, 0x63, 0x79, 0x3a, 0x42, 0x9a, 0xc5, 0x88,
+	0x1e, 0x3d, 0x0a, 0x3b, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x76, 0x32,
+	0x2e, 0x63, 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0x2e, 0x43, 0x69, 0x72, 0x63, 0x75, 0x69, 0x74,
+	0x42, 0x72, 0x65, 0x61, 0x6b, 0x65, 0x72, 0x73, 0x2e, 0x54, 0x68, 0x72, 0x65, 0x73, 0x68, 0x6f,
+	0x6c, 0x64, 0x73, 0x2e, 0x52, 0x65, 0x74, 0x72, 0x79, 0x42, 0x75, 0x64, 0x67, 0x65, 0x74, 0x3a,
+	0x36, 0x9a, 0xc5, 0x88, 0x1e, 0x31, 0x0a, 0x2f, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61, 0x70,
+	0x69, 0x2e, 0x76, 0x32, 0x2e, 0x63, 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0x2e, 0x43, 0x69, 0x72,
+	0x63, 0x75, 0x69, 0x74, 0x42, 0x72, 0x65, 0x61, 0x6b, 0x65, 0x72, 0x73, 0x2e, 0x54, 0x68, 0x72,
+	0x65, 0x73, 0x68, 0x6f, 0x6c, 0x64, 0x73, 0x3a, 0x2b, 0x9a, 0xc5, 0x88, 0x1e, 0x26, 0x0a, 0x24,
+	0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x76, 0x32, 0x2e, 0x63, 0x6c, 0x75,
+	0x73, 0x74, 0x65, 0x72, 0x2e, 0x43, 0x69, 0x72, 0x63, 0x75, 0x69, 0x74, 0x42, 0x72, 0x65, 0x61,
+	0x6b, 0x65, 0x72, 0x73, 0x42, 0x46, 0x0a, 0x25, 0x69, 0x6f, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79,
+	0x70, 0x72, 0x6f, 0x78, 0x79, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66,
+	0x69, 0x67, 0x2e, 0x63, 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0x2e, 0x76, 0x33, 0x42, 0x13, 0x43,
+	0x69, 0x72, 0x63, 0x75, 0x69, 0x74, 0x42, 0x72, 0x65, 0x61, 0x6b, 0x65, 0x72, 0x50, 0x72, 0x6f,
+	0x74, 0x6f, 0x50, 0x01, 0xba, 0x80, 0xc8, 0xd1, 0x06, 0x02, 0x10, 0x02, 0x62, 0x06, 0x70, 0x72,
+	0x6f, 0x74, 0x6f, 0x33,
+}
+
+var (
+	file_envoy_config_cluster_v3_circuit_breaker_proto_rawDescOnce sync.Once
+	file_envoy_config_cluster_v3_circuit_breaker_proto_rawDescData = file_envoy_config_cluster_v3_circuit_breaker_proto_rawDesc
+)
+
+func file_envoy_config_cluster_v3_circuit_breaker_proto_rawDescGZIP() []byte {
+	file_envoy_config_cluster_v3_circuit_breaker_proto_rawDescOnce.Do(func() {
+		file_envoy_config_cluster_v3_circuit_breaker_proto_rawDescData = protoimpl.X.CompressGZIP(file_envoy_config_cluster_v3_circuit_breaker_proto_rawDescData)
+	})
+	return file_envoy_config_cluster_v3_circuit_breaker_proto_rawDescData
+}
+
+var file_envoy_config_cluster_v3_circuit_breaker_proto_msgTypes = make([]protoimpl.MessageInfo, 3)
+var file_envoy_config_cluster_v3_circuit_breaker_proto_goTypes = []interface{}{
+	(*CircuitBreakers)(nil),                        // 0: envoy.config.cluster.v3.CircuitBreakers
+	(*CircuitBreakers_Thresholds)(nil),             // 1: envoy.config.cluster.v3.CircuitBreakers.Thresholds
+	(*CircuitBreakers_Thresholds_RetryBudget)(nil), // 2: envoy.config.cluster.v3.CircuitBreakers.Thresholds.RetryBudget
+	(v3.RoutingPriority)(0),                        // 3: envoy.config.core.v3.RoutingPriority
+	(*wrappers.UInt32Value)(nil),                   // 4: google.protobuf.UInt32Value
+	(*v31.Percent)(nil),                            // 5: envoy.type.v3.Percent
+}
+var file_envoy_config_cluster_v3_circuit_breaker_proto_depIdxs = []int32{
+	1,  // 0: envoy.config.cluster.v3.CircuitBreakers.thresholds:type_name -> envoy.config.cluster.v3.CircuitBreakers.Thresholds
+	3,  // 1: envoy.config.cluster.v3.CircuitBreakers.Thresholds.priority:type_name -> envoy.config.core.v3.RoutingPriority
+	4,  // 2: envoy.config.cluster.v3.CircuitBreakers.Thresholds.max_connections:type_name -> google.protobuf.UInt32Value
+	4,  // 3: envoy.config.cluster.v3.CircuitBreakers.Thresholds.max_pending_requests:type_name -> google.protobuf.UInt32Value
+	4,  // 4: envoy.config.cluster.v3.CircuitBreakers.Thresholds.max_requests:type_name -> google.protobuf.UInt32Value
+	4,  // 5: envoy.config.cluster.v3.CircuitBreakers.Thresholds.max_retries:type_name -> google.protobuf.UInt32Value
+	2,  // 6: envoy.config.cluster.v3.CircuitBreakers.Thresholds.retry_budget:type_name -> envoy.config.cluster.v3.CircuitBreakers.Thresholds.RetryBudget
+	4,  // 7: envoy.config.cluster.v3.CircuitBreakers.Thresholds.max_connection_pools:type_name -> google.protobuf.UInt32Value
+	5,  // 8: envoy.config.cluster.v3.CircuitBreakers.Thresholds.RetryBudget.budget_percent:type_name -> envoy.type.v3.Percent
+	4,  // 9: envoy.config.cluster.v3.CircuitBreakers.Thresholds.RetryBudget.min_retry_concurrency:type_name -> google.protobuf.UInt32Value
+	10, // [10:10] is the sub-list for method output_type
+	10, // [10:10] is the sub-list for method input_type
+	10, // [10:10] is the sub-list for extension type_name
+	10, // [10:10] is the sub-list for extension extendee
+	0,  // [0:10] is the sub-list for field type_name
+}
+
+func init() { file_envoy_config_cluster_v3_circuit_breaker_proto_init() }
+func file_envoy_config_cluster_v3_circuit_breaker_proto_init() {
+	if File_envoy_config_cluster_v3_circuit_breaker_proto != nil {
+		return
+	}
+	if !protoimpl.UnsafeEnabled {
+		file_envoy_config_cluster_v3_circuit_breaker_proto_msgTypes[0].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*CircuitBreakers); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_config_cluster_v3_circuit_breaker_proto_msgTypes[1].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*CircuitBreakers_Thresholds); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_config_cluster_v3_circuit_breaker_proto_msgTypes[2].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*CircuitBreakers_Thresholds_RetryBudget); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+	}
+	type x struct{}
+	out := protoimpl.TypeBuilder{
+		File: protoimpl.DescBuilder{
+			GoPackagePath: reflect.TypeOf(x{}).PkgPath(),
+			RawDescriptor: file_envoy_config_cluster_v3_circuit_breaker_proto_rawDesc,
+			NumEnums:      0,
+			NumMessages:   3,
+			NumExtensions: 0,
+			NumServices:   0,
+		},
+		GoTypes:           file_envoy_config_cluster_v3_circuit_breaker_proto_goTypes,
+		DependencyIndexes: file_envoy_config_cluster_v3_circuit_breaker_proto_depIdxs,
+		MessageInfos:      file_envoy_config_cluster_v3_circuit_breaker_proto_msgTypes,
+	}.Build()
+	File_envoy_config_cluster_v3_circuit_breaker_proto = out.File
+	file_envoy_config_cluster_v3_circuit_breaker_proto_rawDesc = nil
+	file_envoy_config_cluster_v3_circuit_breaker_proto_goTypes = nil
+	file_envoy_config_cluster_v3_circuit_breaker_proto_depIdxs = nil
+}
diff --git a/vendor/github.com/envoyproxy/go-control-plane/envoy/config/cluster/v3/circuit_breaker.pb.validate.go b/vendor/github.com/envoyproxy/go-control-plane/envoy/config/cluster/v3/circuit_breaker.pb.validate.go
new file mode 100644
index 00000000000..e5d62b67639
--- /dev/null
+++ b/vendor/github.com/envoyproxy/go-control-plane/envoy/config/cluster/v3/circuit_breaker.pb.validate.go
@@ -0,0 +1,624 @@
+// Code generated by protoc-gen-validate. DO NOT EDIT.
+// source: envoy/config/cluster/v3/circuit_breaker.proto
+
+package envoy_config_cluster_v3
+
+import (
+	"bytes"
+	"errors"
+	"fmt"
+	"net"
+	"net/mail"
+	"net/url"
+	"regexp"
+	"sort"
+	"strings"
+	"time"
+	"unicode/utf8"
+
+	"google.golang.org/protobuf/types/known/anypb"
+
+	v3 "github.com/envoyproxy/go-control-plane/envoy/config/core/v3"
+)
+
+// ensure the imports are used
+var (
+	_ = bytes.MinRead
+	_ = errors.New("")
+	_ = fmt.Print
+	_ = utf8.UTFMax
+	_ = (*regexp.Regexp)(nil)
+	_ = (*strings.Reader)(nil)
+	_ = net.IPv4len
+	_ = time.Duration(0)
+	_ = (*url.URL)(nil)
+	_ = (*mail.Address)(nil)
+	_ = anypb.Any{}
+	_ = sort.Sort
+
+	_ = v3.RoutingPriority(0)
+)
+
+// Validate checks the field values on CircuitBreakers with the rules defined
+// in the proto definition for this message. If any rules are violated, the
+// first error encountered is returned, or nil if there are no violations.
+func (m *CircuitBreakers) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on CircuitBreakers with the rules
+// defined in the proto definition for this message. If any rules are
+// violated, the result is a list of violation errors wrapped in
+// CircuitBreakersMultiError, or nil if none found.
+func (m *CircuitBreakers) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *CircuitBreakers) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	for idx, item := range m.GetThresholds() {
+		_, _ = idx, item
+
+		if all {
+			switch v := interface{}(item).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, CircuitBreakersValidationError{
+						field:  fmt.Sprintf("Thresholds[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, CircuitBreakersValidationError{
+						field:  fmt.Sprintf("Thresholds[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(item).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return CircuitBreakersValidationError{
+					field:  fmt.Sprintf("Thresholds[%v]", idx),
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	}
+
+	if len(errors) > 0 {
+		return CircuitBreakersMultiError(errors)
+	}
+	return nil
+}
+
+// CircuitBreakersMultiError is an error wrapping multiple validation errors
+// returned by CircuitBreakers.ValidateAll() if the designated constraints
+// aren't met.
+type CircuitBreakersMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m CircuitBreakersMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m CircuitBreakersMultiError) AllErrors() []error { return m }
+
+// CircuitBreakersValidationError is the validation error returned by
+// CircuitBreakers.Validate if the designated constraints aren't met.
+type CircuitBreakersValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e CircuitBreakersValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e CircuitBreakersValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e CircuitBreakersValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e CircuitBreakersValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e CircuitBreakersValidationError) ErrorName() string { return "CircuitBreakersValidationError" }
+
+// Error satisfies the builtin error interface
+func (e CircuitBreakersValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sCircuitBreakers.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = CircuitBreakersValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = CircuitBreakersValidationError{}
+
+// Validate checks the field values on CircuitBreakers_Thresholds with the
+// rules defined in the proto definition for this message. If any rules are
+// violated, the first error encountered is returned, or nil if there are no violations.
+func (m *CircuitBreakers_Thresholds) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on CircuitBreakers_Thresholds with the
+// rules defined in the proto definition for this message. If any rules are
+// violated, the result is a list of violation errors wrapped in
+// CircuitBreakers_ThresholdsMultiError, or nil if none found.
+func (m *CircuitBreakers_Thresholds) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *CircuitBreakers_Thresholds) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	if _, ok := v3.RoutingPriority_name[int32(m.GetPriority())]; !ok {
+		err := CircuitBreakers_ThresholdsValidationError{
+			field:  "Priority",
+			reason: "value must be one of the defined enum values",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+	}
+
+	if all {
+		switch v := interface{}(m.GetMaxConnections()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, CircuitBreakers_ThresholdsValidationError{
+					field:  "MaxConnections",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, CircuitBreakers_ThresholdsValidationError{
+					field:  "MaxConnections",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetMaxConnections()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return CircuitBreakers_ThresholdsValidationError{
+				field:  "MaxConnections",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if all {
+		switch v := interface{}(m.GetMaxPendingRequests()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, CircuitBreakers_ThresholdsValidationError{
+					field:  "MaxPendingRequests",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, CircuitBreakers_ThresholdsValidationError{
+					field:  "MaxPendingRequests",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetMaxPendingRequests()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return CircuitBreakers_ThresholdsValidationError{
+				field:  "MaxPendingRequests",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if all {
+		switch v := interface{}(m.GetMaxRequests()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, CircuitBreakers_ThresholdsValidationError{
+					field:  "MaxRequests",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, CircuitBreakers_ThresholdsValidationError{
+					field:  "MaxRequests",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetMaxRequests()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return CircuitBreakers_ThresholdsValidationError{
+				field:  "MaxRequests",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if all {
+		switch v := interface{}(m.GetMaxRetries()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, CircuitBreakers_ThresholdsValidationError{
+					field:  "MaxRetries",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, CircuitBreakers_ThresholdsValidationError{
+					field:  "MaxRetries",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetMaxRetries()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return CircuitBreakers_ThresholdsValidationError{
+				field:  "MaxRetries",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if all {
+		switch v := interface{}(m.GetRetryBudget()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, CircuitBreakers_ThresholdsValidationError{
+					field:  "RetryBudget",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, CircuitBreakers_ThresholdsValidationError{
+					field:  "RetryBudget",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetRetryBudget()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return CircuitBreakers_ThresholdsValidationError{
+				field:  "RetryBudget",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	// no validation rules for TrackRemaining
+
+	if all {
+		switch v := interface{}(m.GetMaxConnectionPools()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, CircuitBreakers_ThresholdsValidationError{
+					field:  "MaxConnectionPools",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, CircuitBreakers_ThresholdsValidationError{
+					field:  "MaxConnectionPools",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetMaxConnectionPools()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return CircuitBreakers_ThresholdsValidationError{
+				field:  "MaxConnectionPools",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if len(errors) > 0 {
+		return CircuitBreakers_ThresholdsMultiError(errors)
+	}
+	return nil
+}
+
+// CircuitBreakers_ThresholdsMultiError is an error wrapping multiple
+// validation errors returned by CircuitBreakers_Thresholds.ValidateAll() if
+// the designated constraints aren't met.
+type CircuitBreakers_ThresholdsMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m CircuitBreakers_ThresholdsMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m CircuitBreakers_ThresholdsMultiError) AllErrors() []error { return m }
+
+// CircuitBreakers_ThresholdsValidationError is the validation error returned
+// by CircuitBreakers_Thresholds.Validate if the designated constraints aren't met.
+type CircuitBreakers_ThresholdsValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e CircuitBreakers_ThresholdsValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e CircuitBreakers_ThresholdsValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e CircuitBreakers_ThresholdsValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e CircuitBreakers_ThresholdsValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e CircuitBreakers_ThresholdsValidationError) ErrorName() string {
+	return "CircuitBreakers_ThresholdsValidationError"
+}
+
+// Error satisfies the builtin error interface
+func (e CircuitBreakers_ThresholdsValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sCircuitBreakers_Thresholds.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = CircuitBreakers_ThresholdsValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = CircuitBreakers_ThresholdsValidationError{}
+
+// Validate checks the field values on CircuitBreakers_Thresholds_RetryBudget
+// with the rules defined in the proto definition for this message. If any
+// rules are violated, the first error encountered is returned, or nil if
+// there are no violations.
+func (m *CircuitBreakers_Thresholds_RetryBudget) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on
+// CircuitBreakers_Thresholds_RetryBudget with the rules defined in the proto
+// definition for this message. If any rules are violated, the result is a
+// list of violation errors wrapped in
+// CircuitBreakers_Thresholds_RetryBudgetMultiError, or nil if none found.
+func (m *CircuitBreakers_Thresholds_RetryBudget) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *CircuitBreakers_Thresholds_RetryBudget) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	if all {
+		switch v := interface{}(m.GetBudgetPercent()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, CircuitBreakers_Thresholds_RetryBudgetValidationError{
+					field:  "BudgetPercent",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, CircuitBreakers_Thresholds_RetryBudgetValidationError{
+					field:  "BudgetPercent",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetBudgetPercent()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return CircuitBreakers_Thresholds_RetryBudgetValidationError{
+				field:  "BudgetPercent",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if all {
+		switch v := interface{}(m.GetMinRetryConcurrency()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, CircuitBreakers_Thresholds_RetryBudgetValidationError{
+					field:  "MinRetryConcurrency",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, CircuitBreakers_Thresholds_RetryBudgetValidationError{
+					field:  "MinRetryConcurrency",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetMinRetryConcurrency()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return CircuitBreakers_Thresholds_RetryBudgetValidationError{
+				field:  "MinRetryConcurrency",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if len(errors) > 0 {
+		return CircuitBreakers_Thresholds_RetryBudgetMultiError(errors)
+	}
+	return nil
+}
+
+// CircuitBreakers_Thresholds_RetryBudgetMultiError is an error wrapping
+// multiple validation errors returned by
+// CircuitBreakers_Thresholds_RetryBudget.ValidateAll() if the designated
+// constraints aren't met.
+type CircuitBreakers_Thresholds_RetryBudgetMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m CircuitBreakers_Thresholds_RetryBudgetMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m CircuitBreakers_Thresholds_RetryBudgetMultiError) AllErrors() []error { return m }
+
+// CircuitBreakers_Thresholds_RetryBudgetValidationError is the validation
+// error returned by CircuitBreakers_Thresholds_RetryBudget.Validate if the
+// designated constraints aren't met.
+type CircuitBreakers_Thresholds_RetryBudgetValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e CircuitBreakers_Thresholds_RetryBudgetValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e CircuitBreakers_Thresholds_RetryBudgetValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e CircuitBreakers_Thresholds_RetryBudgetValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e CircuitBreakers_Thresholds_RetryBudgetValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e CircuitBreakers_Thresholds_RetryBudgetValidationError) ErrorName() string {
+	return "CircuitBreakers_Thresholds_RetryBudgetValidationError"
+}
+
+// Error satisfies the builtin error interface
+func (e CircuitBreakers_Thresholds_RetryBudgetValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sCircuitBreakers_Thresholds_RetryBudget.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = CircuitBreakers_Thresholds_RetryBudgetValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = CircuitBreakers_Thresholds_RetryBudgetValidationError{}
diff --git a/vendor/github.com/envoyproxy/go-control-plane/envoy/config/cluster/v3/cluster.pb.go b/vendor/github.com/envoyproxy/go-control-plane/envoy/config/cluster/v3/cluster.pb.go
new file mode 100644
index 00000000000..c0c347cb816
--- /dev/null
+++ b/vendor/github.com/envoyproxy/go-control-plane/envoy/config/cluster/v3/cluster.pb.go
@@ -0,0 +1,4262 @@
+// Code generated by protoc-gen-go. DO NOT EDIT.
+// versions:
+// 	protoc-gen-go v1.25.0
+// 	protoc        v3.19.1
+// source: envoy/config/cluster/v3/cluster.proto
+
+package envoy_config_cluster_v3
+
+import (
+	_ "github.com/cncf/xds/go/udpa/annotations"
+	v3 "github.com/cncf/xds/go/xds/core/v3"
+	_ "github.com/envoyproxy/go-control-plane/envoy/annotations"
+	v32 "github.com/envoyproxy/go-control-plane/envoy/config/core/v3"
+	v31 "github.com/envoyproxy/go-control-plane/envoy/config/endpoint/v3"
+	v33 "github.com/envoyproxy/go-control-plane/envoy/type/v3"
+	_ "github.com/envoyproxy/protoc-gen-validate/validate"
+	proto "github.com/golang/protobuf/proto"
+	any "github.com/golang/protobuf/ptypes/any"
+	duration "github.com/golang/protobuf/ptypes/duration"
+	_struct "github.com/golang/protobuf/ptypes/struct"
+	wrappers "github.com/golang/protobuf/ptypes/wrappers"
+	protoreflect "google.golang.org/protobuf/reflect/protoreflect"
+	protoimpl "google.golang.org/protobuf/runtime/protoimpl"
+	reflect "reflect"
+	sync "sync"
+)
+
+const (
+	// Verify that this generated code is sufficiently up-to-date.
+	_ = protoimpl.EnforceVersion(20 - protoimpl.MinVersion)
+	// Verify that runtime/protoimpl is sufficiently up-to-date.
+	_ = protoimpl.EnforceVersion(protoimpl.MaxVersion - 20)
+)
+
+// This is a compile-time assertion that a sufficiently up-to-date version
+// of the legacy proto package is being used.
+const _ = proto.ProtoPackageIsVersion4
+
+// Refer to :ref:`service discovery type <arch_overview_service_discovery_types>`
+// for an explanation on each type.
+type Cluster_DiscoveryType int32
+
+const (
+	// Refer to the :ref:`static discovery type<arch_overview_service_discovery_types_static>`
+	// for an explanation.
+	Cluster_STATIC Cluster_DiscoveryType = 0
+	// Refer to the :ref:`strict DNS discovery
+	// type<arch_overview_service_discovery_types_strict_dns>`
+	// for an explanation.
+	Cluster_STRICT_DNS Cluster_DiscoveryType = 1
+	// Refer to the :ref:`logical DNS discovery
+	// type<arch_overview_service_discovery_types_logical_dns>`
+	// for an explanation.
+	Cluster_LOGICAL_DNS Cluster_DiscoveryType = 2
+	// Refer to the :ref:`service discovery type<arch_overview_service_discovery_types_eds>`
+	// for an explanation.
+	Cluster_EDS Cluster_DiscoveryType = 3
+	// Refer to the :ref:`original destination discovery
+	// type<arch_overview_service_discovery_types_original_destination>`
+	// for an explanation.
+	Cluster_ORIGINAL_DST Cluster_DiscoveryType = 4
+)
+
+// Enum value maps for Cluster_DiscoveryType.
+var (
+	Cluster_DiscoveryType_name = map[int32]string{
+		0: "STATIC",
+		1: "STRICT_DNS",
+		2: "LOGICAL_DNS",
+		3: "EDS",
+		4: "ORIGINAL_DST",
+	}
+	Cluster_DiscoveryType_value = map[string]int32{
+		"STATIC":       0,
+		"STRICT_DNS":   1,
+		"LOGICAL_DNS":  2,
+		"EDS":          3,
+		"ORIGINAL_DST": 4,
+	}
+)
+
+func (x Cluster_DiscoveryType) Enum() *Cluster_DiscoveryType {
+	p := new(Cluster_DiscoveryType)
+	*p = x
+	return p
+}
+
+func (x Cluster_DiscoveryType) String() string {
+	return protoimpl.X.EnumStringOf(x.Descriptor(), protoreflect.EnumNumber(x))
+}
+
+func (Cluster_DiscoveryType) Descriptor() protoreflect.EnumDescriptor {
+	return file_envoy_config_cluster_v3_cluster_proto_enumTypes[0].Descriptor()
+}
+
+func (Cluster_DiscoveryType) Type() protoreflect.EnumType {
+	return &file_envoy_config_cluster_v3_cluster_proto_enumTypes[0]
+}
+
+func (x Cluster_DiscoveryType) Number() protoreflect.EnumNumber {
+	return protoreflect.EnumNumber(x)
+}
+
+// Deprecated: Use Cluster_DiscoveryType.Descriptor instead.
+func (Cluster_DiscoveryType) EnumDescriptor() ([]byte, []int) {
+	return file_envoy_config_cluster_v3_cluster_proto_rawDescGZIP(), []int{1, 0}
+}
+
+// Refer to :ref:`load balancer type <arch_overview_load_balancing_types>` architecture
+// overview section for information on each type.
+type Cluster_LbPolicy int32
+
+const (
+	// Refer to the :ref:`round robin load balancing
+	// policy<arch_overview_load_balancing_types_round_robin>`
+	// for an explanation.
+	Cluster_ROUND_ROBIN Cluster_LbPolicy = 0
+	// Refer to the :ref:`least request load balancing
+	// policy<arch_overview_load_balancing_types_least_request>`
+	// for an explanation.
+	Cluster_LEAST_REQUEST Cluster_LbPolicy = 1
+	// Refer to the :ref:`ring hash load balancing
+	// policy<arch_overview_load_balancing_types_ring_hash>`
+	// for an explanation.
+	Cluster_RING_HASH Cluster_LbPolicy = 2
+	// Refer to the :ref:`random load balancing
+	// policy<arch_overview_load_balancing_types_random>`
+	// for an explanation.
+	Cluster_RANDOM Cluster_LbPolicy = 3
+	// Refer to the :ref:`Maglev load balancing policy<arch_overview_load_balancing_types_maglev>`
+	// for an explanation.
+	Cluster_MAGLEV Cluster_LbPolicy = 5
+	// This load balancer type must be specified if the configured cluster provides a cluster
+	// specific load balancer. Consult the configured cluster's documentation for whether to set
+	// this option or not.
+	Cluster_CLUSTER_PROVIDED Cluster_LbPolicy = 6
+	// Use the new :ref:`load_balancing_policy
+	// <envoy_v3_api_field_config.cluster.v3.Cluster.load_balancing_policy>` field to determine the LB policy.
+	// This has been deprecated in favor of using the :ref:`load_balancing_policy
+	// <envoy_v3_api_field_config.cluster.v3.Cluster.load_balancing_policy>` field without
+	// setting any value in :ref:`lb_policy<envoy_v3_api_field_config.cluster.v3.Cluster.lb_policy>`.
+	Cluster_LOAD_BALANCING_POLICY_CONFIG Cluster_LbPolicy = 7
+)
+
+// Enum value maps for Cluster_LbPolicy.
+var (
+	Cluster_LbPolicy_name = map[int32]string{
+		0: "ROUND_ROBIN",
+		1: "LEAST_REQUEST",
+		2: "RING_HASH",
+		3: "RANDOM",
+		5: "MAGLEV",
+		6: "CLUSTER_PROVIDED",
+		7: "LOAD_BALANCING_POLICY_CONFIG",
+	}
+	Cluster_LbPolicy_value = map[string]int32{
+		"ROUND_ROBIN":                  0,
+		"LEAST_REQUEST":                1,
+		"RING_HASH":                    2,
+		"RANDOM":                       3,
+		"MAGLEV":                       5,
+		"CLUSTER_PROVIDED":             6,
+		"LOAD_BALANCING_POLICY_CONFIG": 7,
+	}
+)
+
+func (x Cluster_LbPolicy) Enum() *Cluster_LbPolicy {
+	p := new(Cluster_LbPolicy)
+	*p = x
+	return p
+}
+
+func (x Cluster_LbPolicy) String() string {
+	return protoimpl.X.EnumStringOf(x.Descriptor(), protoreflect.EnumNumber(x))
+}
+
+func (Cluster_LbPolicy) Descriptor() protoreflect.EnumDescriptor {
+	return file_envoy_config_cluster_v3_cluster_proto_enumTypes[1].Descriptor()
+}
+
+func (Cluster_LbPolicy) Type() protoreflect.EnumType {
+	return &file_envoy_config_cluster_v3_cluster_proto_enumTypes[1]
+}
+
+func (x Cluster_LbPolicy) Number() protoreflect.EnumNumber {
+	return protoreflect.EnumNumber(x)
+}
+
+// Deprecated: Use Cluster_LbPolicy.Descriptor instead.
+func (Cluster_LbPolicy) EnumDescriptor() ([]byte, []int) {
+	return file_envoy_config_cluster_v3_cluster_proto_rawDescGZIP(), []int{1, 1}
+}
+
+// When V4_ONLY is selected, the DNS resolver will only perform a lookup for
+// addresses in the IPv4 family. If V6_ONLY is selected, the DNS resolver will
+// only perform a lookup for addresses in the IPv6 family. If AUTO is
+// specified, the DNS resolver will first perform a lookup for addresses in
+// the IPv6 family and fallback to a lookup for addresses in the IPv4 family.
+// This is semantically equivalent to a non-existent V6_PREFERRED option.
+// AUTO is a legacy name that is more opaque than
+// necessary and will be deprecated in favor of V6_PREFERRED in a future major version of the API.
+// If V4_PREFERRED is specified, the DNS resolver will first perform a lookup for addresses in the
+// IPv4 family and fallback to a lookup for addresses in the IPv6 family. i.e., the callback
+// target will only get v6 addresses if there were NO v4 addresses to return.
+// If ALL is specified, the DNS resolver will perform a lookup for both IPv4 and IPv6 families,
+// and return all resolved addresses.
+// For cluster types other than
+// :ref:`STRICT_DNS<envoy_v3_api_enum_value_config.cluster.v3.Cluster.DiscoveryType.STRICT_DNS>` and
+// :ref:`LOGICAL_DNS<envoy_v3_api_enum_value_config.cluster.v3.Cluster.DiscoveryType.LOGICAL_DNS>`,
+// this setting is
+// ignored.
+// [#next-major-version: deprecate AUTO in favor of a V6_PREFERRED option.]
+type Cluster_DnsLookupFamily int32
+
+const (
+	Cluster_AUTO         Cluster_DnsLookupFamily = 0
+	Cluster_V4_ONLY      Cluster_DnsLookupFamily = 1
+	Cluster_V6_ONLY      Cluster_DnsLookupFamily = 2
+	Cluster_V4_PREFERRED Cluster_DnsLookupFamily = 3
+	Cluster_ALL          Cluster_DnsLookupFamily = 4
+)
+
+// Enum value maps for Cluster_DnsLookupFamily.
+var (
+	Cluster_DnsLookupFamily_name = map[int32]string{
+		0: "AUTO",
+		1: "V4_ONLY",
+		2: "V6_ONLY",
+		3: "V4_PREFERRED",
+		4: "ALL",
+	}
+	Cluster_DnsLookupFamily_value = map[string]int32{
+		"AUTO":         0,
+		"V4_ONLY":      1,
+		"V6_ONLY":      2,
+		"V4_PREFERRED": 3,
+		"ALL":          4,
+	}
+)
+
+func (x Cluster_DnsLookupFamily) Enum() *Cluster_DnsLookupFamily {
+	p := new(Cluster_DnsLookupFamily)
+	*p = x
+	return p
+}
+
+func (x Cluster_DnsLookupFamily) String() string {
+	return protoimpl.X.EnumStringOf(x.Descriptor(), protoreflect.EnumNumber(x))
+}
+
+func (Cluster_DnsLookupFamily) Descriptor() protoreflect.EnumDescriptor {
+	return file_envoy_config_cluster_v3_cluster_proto_enumTypes[2].Descriptor()
+}
+
+func (Cluster_DnsLookupFamily) Type() protoreflect.EnumType {
+	return &file_envoy_config_cluster_v3_cluster_proto_enumTypes[2]
+}
+
+func (x Cluster_DnsLookupFamily) Number() protoreflect.EnumNumber {
+	return protoreflect.EnumNumber(x)
+}
+
+// Deprecated: Use Cluster_DnsLookupFamily.Descriptor instead.
+func (Cluster_DnsLookupFamily) EnumDescriptor() ([]byte, []int) {
+	return file_envoy_config_cluster_v3_cluster_proto_rawDescGZIP(), []int{1, 2}
+}
+
+type Cluster_ClusterProtocolSelection int32
+
+const (
+	// Cluster can only operate on one of the possible upstream protocols (HTTP1.1, HTTP2).
+	// If :ref:`http2_protocol_options <envoy_v3_api_field_config.cluster.v3.Cluster.http2_protocol_options>` are
+	// present, HTTP2 will be used, otherwise HTTP1.1 will be used.
+	Cluster_USE_CONFIGURED_PROTOCOL Cluster_ClusterProtocolSelection = 0
+	// Use HTTP1.1 or HTTP2, depending on which one is used on the downstream connection.
+	Cluster_USE_DOWNSTREAM_PROTOCOL Cluster_ClusterProtocolSelection = 1
+)
+
+// Enum value maps for Cluster_ClusterProtocolSelection.
+var (
+	Cluster_ClusterProtocolSelection_name = map[int32]string{
+		0: "USE_CONFIGURED_PROTOCOL",
+		1: "USE_DOWNSTREAM_PROTOCOL",
+	}
+	Cluster_ClusterProtocolSelection_value = map[string]int32{
+		"USE_CONFIGURED_PROTOCOL": 0,
+		"USE_DOWNSTREAM_PROTOCOL": 1,
+	}
+)
+
+func (x Cluster_ClusterProtocolSelection) Enum() *Cluster_ClusterProtocolSelection {
+	p := new(Cluster_ClusterProtocolSelection)
+	*p = x
+	return p
+}
+
+func (x Cluster_ClusterProtocolSelection) String() string {
+	return protoimpl.X.EnumStringOf(x.Descriptor(), protoreflect.EnumNumber(x))
+}
+
+func (Cluster_ClusterProtocolSelection) Descriptor() protoreflect.EnumDescriptor {
+	return file_envoy_config_cluster_v3_cluster_proto_enumTypes[3].Descriptor()
+}
+
+func (Cluster_ClusterProtocolSelection) Type() protoreflect.EnumType {
+	return &file_envoy_config_cluster_v3_cluster_proto_enumTypes[3]
+}
+
+func (x Cluster_ClusterProtocolSelection) Number() protoreflect.EnumNumber {
+	return protoreflect.EnumNumber(x)
+}
+
+// Deprecated: Use Cluster_ClusterProtocolSelection.Descriptor instead.
+func (Cluster_ClusterProtocolSelection) EnumDescriptor() ([]byte, []int) {
+	return file_envoy_config_cluster_v3_cluster_proto_rawDescGZIP(), []int{1, 3}
+}
+
+// If NO_FALLBACK is selected, a result
+// equivalent to no healthy hosts is reported. If ANY_ENDPOINT is selected,
+// any cluster endpoint may be returned (subject to policy, health checks,
+// etc). If DEFAULT_SUBSET is selected, load balancing is performed over the
+// endpoints matching the values from the default_subset field.
+type Cluster_LbSubsetConfig_LbSubsetFallbackPolicy int32
+
+const (
+	Cluster_LbSubsetConfig_NO_FALLBACK    Cluster_LbSubsetConfig_LbSubsetFallbackPolicy = 0
+	Cluster_LbSubsetConfig_ANY_ENDPOINT   Cluster_LbSubsetConfig_LbSubsetFallbackPolicy = 1
+	Cluster_LbSubsetConfig_DEFAULT_SUBSET Cluster_LbSubsetConfig_LbSubsetFallbackPolicy = 2
+)
+
+// Enum value maps for Cluster_LbSubsetConfig_LbSubsetFallbackPolicy.
+var (
+	Cluster_LbSubsetConfig_LbSubsetFallbackPolicy_name = map[int32]string{
+		0: "NO_FALLBACK",
+		1: "ANY_ENDPOINT",
+		2: "DEFAULT_SUBSET",
+	}
+	Cluster_LbSubsetConfig_LbSubsetFallbackPolicy_value = map[string]int32{
+		"NO_FALLBACK":    0,
+		"ANY_ENDPOINT":   1,
+		"DEFAULT_SUBSET": 2,
+	}
+)
+
+func (x Cluster_LbSubsetConfig_LbSubsetFallbackPolicy) Enum() *Cluster_LbSubsetConfig_LbSubsetFallbackPolicy {
+	p := new(Cluster_LbSubsetConfig_LbSubsetFallbackPolicy)
+	*p = x
+	return p
+}
+
+func (x Cluster_LbSubsetConfig_LbSubsetFallbackPolicy) String() string {
+	return protoimpl.X.EnumStringOf(x.Descriptor(), protoreflect.EnumNumber(x))
+}
+
+func (Cluster_LbSubsetConfig_LbSubsetFallbackPolicy) Descriptor() protoreflect.EnumDescriptor {
+	return file_envoy_config_cluster_v3_cluster_proto_enumTypes[4].Descriptor()
+}
+
+func (Cluster_LbSubsetConfig_LbSubsetFallbackPolicy) Type() protoreflect.EnumType {
+	return &file_envoy_config_cluster_v3_cluster_proto_enumTypes[4]
+}
+
+func (x Cluster_LbSubsetConfig_LbSubsetFallbackPolicy) Number() protoreflect.EnumNumber {
+	return protoreflect.EnumNumber(x)
+}
+
+// Deprecated: Use Cluster_LbSubsetConfig_LbSubsetFallbackPolicy.Descriptor instead.
+func (Cluster_LbSubsetConfig_LbSubsetFallbackPolicy) EnumDescriptor() ([]byte, []int) {
+	return file_envoy_config_cluster_v3_cluster_proto_rawDescGZIP(), []int{1, 3, 0}
+}
+
+// Allows to override top level fallback policy per selector.
+type Cluster_LbSubsetConfig_LbSubsetSelector_LbSubsetSelectorFallbackPolicy int32
+
+const (
+	// If NOT_DEFINED top level config fallback policy is used instead.
+	Cluster_LbSubsetConfig_LbSubsetSelector_NOT_DEFINED Cluster_LbSubsetConfig_LbSubsetSelector_LbSubsetSelectorFallbackPolicy = 0
+	// If NO_FALLBACK is selected, a result equivalent to no healthy hosts is reported.
+	Cluster_LbSubsetConfig_LbSubsetSelector_NO_FALLBACK Cluster_LbSubsetConfig_LbSubsetSelector_LbSubsetSelectorFallbackPolicy = 1
+	// If ANY_ENDPOINT is selected, any cluster endpoint may be returned
+	// (subject to policy, health checks, etc).
+	Cluster_LbSubsetConfig_LbSubsetSelector_ANY_ENDPOINT Cluster_LbSubsetConfig_LbSubsetSelector_LbSubsetSelectorFallbackPolicy = 2
+	// If DEFAULT_SUBSET is selected, load balancing is performed over the
+	// endpoints matching the values from the default_subset field.
+	Cluster_LbSubsetConfig_LbSubsetSelector_DEFAULT_SUBSET Cluster_LbSubsetConfig_LbSubsetSelector_LbSubsetSelectorFallbackPolicy = 3
+	// If KEYS_SUBSET is selected, subset selector matching is performed again with metadata
+	// keys reduced to
+	// :ref:`fallback_keys_subset<envoy_v3_api_field_config.cluster.v3.Cluster.LbSubsetConfig.LbSubsetSelector.fallback_keys_subset>`.
+	// It allows for a fallback to a different, less specific selector if some of the keys of
+	// the selector are considered optional.
+	Cluster_LbSubsetConfig_LbSubsetSelector_KEYS_SUBSET Cluster_LbSubsetConfig_LbSubsetSelector_LbSubsetSelectorFallbackPolicy = 4
+)
+
+// Enum value maps for Cluster_LbSubsetConfig_LbSubsetSelector_LbSubsetSelectorFallbackPolicy.
+var (
+	Cluster_LbSubsetConfig_LbSubsetSelector_LbSubsetSelectorFallbackPolicy_name = map[int32]string{
+		0: "NOT_DEFINED",
+		1: "NO_FALLBACK",
+		2: "ANY_ENDPOINT",
+		3: "DEFAULT_SUBSET",
+		4: "KEYS_SUBSET",
+	}
+	Cluster_LbSubsetConfig_LbSubsetSelector_LbSubsetSelectorFallbackPolicy_value = map[string]int32{
+		"NOT_DEFINED":    0,
+		"NO_FALLBACK":    1,
+		"ANY_ENDPOINT":   2,
+		"DEFAULT_SUBSET": 3,
+		"KEYS_SUBSET":    4,
+	}
+)
+
+func (x Cluster_LbSubsetConfig_LbSubsetSelector_LbSubsetSelectorFallbackPolicy) Enum() *Cluster_LbSubsetConfig_LbSubsetSelector_LbSubsetSelectorFallbackPolicy {
+	p := new(Cluster_LbSubsetConfig_LbSubsetSelector_LbSubsetSelectorFallbackPolicy)
+	*p = x
+	return p
+}
+
+func (x Cluster_LbSubsetConfig_LbSubsetSelector_LbSubsetSelectorFallbackPolicy) String() string {
+	return protoimpl.X.EnumStringOf(x.Descriptor(), protoreflect.EnumNumber(x))
+}
+
+func (Cluster_LbSubsetConfig_LbSubsetSelector_LbSubsetSelectorFallbackPolicy) Descriptor() protoreflect.EnumDescriptor {
+	return file_envoy_config_cluster_v3_cluster_proto_enumTypes[5].Descriptor()
+}
+
+func (Cluster_LbSubsetConfig_LbSubsetSelector_LbSubsetSelectorFallbackPolicy) Type() protoreflect.EnumType {
+	return &file_envoy_config_cluster_v3_cluster_proto_enumTypes[5]
+}
+
+func (x Cluster_LbSubsetConfig_LbSubsetSelector_LbSubsetSelectorFallbackPolicy) Number() protoreflect.EnumNumber {
+	return protoreflect.EnumNumber(x)
+}
+
+// Deprecated: Use Cluster_LbSubsetConfig_LbSubsetSelector_LbSubsetSelectorFallbackPolicy.Descriptor instead.
+func (Cluster_LbSubsetConfig_LbSubsetSelector_LbSubsetSelectorFallbackPolicy) EnumDescriptor() ([]byte, []int) {
+	return file_envoy_config_cluster_v3_cluster_proto_rawDescGZIP(), []int{1, 3, 0, 0}
+}
+
+// The hash function used to hash hosts onto the ketama ring.
+type Cluster_RingHashLbConfig_HashFunction int32
+
+const (
+	// Use `xxHash <https://github.com/Cyan4973/xxHash>`_, this is the default hash function.
+	Cluster_RingHashLbConfig_XX_HASH Cluster_RingHashLbConfig_HashFunction = 0
+	// Use `MurmurHash2 <https://sites.google.com/site/murmurhash/>`_, this is compatible with
+	// std:hash<string> in GNU libstdc++ 3.4.20 or above. This is typically the case when compiled
+	// on Linux and not macOS.
+	Cluster_RingHashLbConfig_MURMUR_HASH_2 Cluster_RingHashLbConfig_HashFunction = 1
+)
+
+// Enum value maps for Cluster_RingHashLbConfig_HashFunction.
+var (
+	Cluster_RingHashLbConfig_HashFunction_name = map[int32]string{
+		0: "XX_HASH",
+		1: "MURMUR_HASH_2",
+	}
+	Cluster_RingHashLbConfig_HashFunction_value = map[string]int32{
+		"XX_HASH":       0,
+		"MURMUR_HASH_2": 1,
+	}
+)
+
+func (x Cluster_RingHashLbConfig_HashFunction) Enum() *Cluster_RingHashLbConfig_HashFunction {
+	p := new(Cluster_RingHashLbConfig_HashFunction)
+	*p = x
+	return p
+}
+
+func (x Cluster_RingHashLbConfig_HashFunction) String() string {
+	return protoimpl.X.EnumStringOf(x.Descriptor(), protoreflect.EnumNumber(x))
+}
+
+func (Cluster_RingHashLbConfig_HashFunction) Descriptor() protoreflect.EnumDescriptor {
+	return file_envoy_config_cluster_v3_cluster_proto_enumTypes[6].Descriptor()
+}
+
+func (Cluster_RingHashLbConfig_HashFunction) Type() protoreflect.EnumType {
+	return &file_envoy_config_cluster_v3_cluster_proto_enumTypes[6]
+}
+
+func (x Cluster_RingHashLbConfig_HashFunction) Number() protoreflect.EnumNumber {
+	return protoreflect.EnumNumber(x)
+}
+
+// Deprecated: Use Cluster_RingHashLbConfig_HashFunction.Descriptor instead.
+func (Cluster_RingHashLbConfig_HashFunction) EnumDescriptor() ([]byte, []int) {
+	return file_envoy_config_cluster_v3_cluster_proto_rawDescGZIP(), []int{1, 7, 0}
+}
+
+// Cluster list collections. Entries are *Cluster* resources or references.
+// [#not-implemented-hide:]
+type ClusterCollection struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	Entries *v3.CollectionEntry `protobuf:"bytes,1,opt,name=entries,proto3" json:"entries,omitempty"`
+}
+
+func (x *ClusterCollection) Reset() {
+	*x = ClusterCollection{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_config_cluster_v3_cluster_proto_msgTypes[0]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *ClusterCollection) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*ClusterCollection) ProtoMessage() {}
+
+func (x *ClusterCollection) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_config_cluster_v3_cluster_proto_msgTypes[0]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use ClusterCollection.ProtoReflect.Descriptor instead.
+func (*ClusterCollection) Descriptor() ([]byte, []int) {
+	return file_envoy_config_cluster_v3_cluster_proto_rawDescGZIP(), []int{0}
+}
+
+func (x *ClusterCollection) GetEntries() *v3.CollectionEntry {
+	if x != nil {
+		return x.Entries
+	}
+	return nil
+}
+
+// Configuration for a single upstream cluster.
+// [#next-free-field: 57]
+type Cluster struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// Configuration to use different transport sockets for different endpoints.
+	// The entry of *envoy.transport_socket_match* in the
+	// :ref:`LbEndpoint.Metadata <envoy_v3_api_field_config.endpoint.v3.LbEndpoint.metadata>`
+	// is used to match against the transport sockets as they appear in the list. The first
+	// :ref:`match <envoy_v3_api_msg_config.cluster.v3.Cluster.TransportSocketMatch>` is used.
+	// For example, with the following match
+	//
+	// .. code-block:: yaml
+	//
+	//  transport_socket_matches:
+	//  - name: "enableMTLS"
+	//    match:
+	//      acceptMTLS: true
+	//    transport_socket:
+	//      name: envoy.transport_sockets.tls
+	//      config: { ... } # tls socket configuration
+	//  - name: "defaultToPlaintext"
+	//    match: {}
+	//    transport_socket:
+	//      name: envoy.transport_sockets.raw_buffer
+	//
+	// Connections to the endpoints whose metadata value under *envoy.transport_socket_match*
+	// having "acceptMTLS"/"true" key/value pair use the "enableMTLS" socket configuration.
+	//
+	// If a :ref:`socket match <envoy_v3_api_msg_config.cluster.v3.Cluster.TransportSocketMatch>` with empty match
+	// criteria is provided, that always match any endpoint. For example, the "defaultToPlaintext"
+	// socket match in case above.
+	//
+	// If an endpoint metadata's value under *envoy.transport_socket_match* does not match any
+	// *TransportSocketMatch*, socket configuration fallbacks to use the *tls_context* or
+	// *transport_socket* specified in this cluster.
+	//
+	// This field allows gradual and flexible transport socket configuration changes.
+	//
+	// The metadata of endpoints in EDS can indicate transport socket capabilities. For example,
+	// an endpoint's metadata can have two key value pairs as "acceptMTLS": "true",
+	// "acceptPlaintext": "true". While some other endpoints, only accepting plaintext traffic
+	// has "acceptPlaintext": "true" metadata information.
+	//
+	// Then the xDS server can configure the CDS to a client, Envoy A, to send mutual TLS
+	// traffic for endpoints with "acceptMTLS": "true", by adding a corresponding
+	// *TransportSocketMatch* in this field. Other client Envoys receive CDS without
+	// *transport_socket_match* set, and still send plain text traffic to the same cluster.
+	//
+	// This field can be used to specify custom transport socket configurations for health
+	// checks by adding matching key/value pairs in a health check's
+	// :ref:`transport socket match criteria <envoy_v3_api_field_config.core.v3.HealthCheck.transport_socket_match_criteria>` field.
+	//
+	// [#comment:TODO(incfly): add a detailed architecture doc on intended usage.]
+	TransportSocketMatches []*Cluster_TransportSocketMatch `protobuf:"bytes,43,rep,name=transport_socket_matches,json=transportSocketMatches,proto3" json:"transport_socket_matches,omitempty"`
+	// Supplies the name of the cluster which must be unique across all clusters.
+	// The cluster name is used when emitting
+	// :ref:`statistics <config_cluster_manager_cluster_stats>` if :ref:`alt_stat_name
+	// <envoy_v3_api_field_config.cluster.v3.Cluster.alt_stat_name>` is not provided.
+	// Any ``:`` in the cluster name will be converted to ``_`` when emitting statistics.
+	Name string `protobuf:"bytes,1,opt,name=name,proto3" json:"name,omitempty"`
+	// An optional alternative to the cluster name to be used for observability. This name is used
+	// emitting stats for the cluster and access logging the cluster name. This will appear as
+	// additional information in configuration dumps of a cluster's current status as
+	// :ref:`observability_name <envoy_v3_api_field_admin.v3.ClusterStatus.observability_name>`
+	// and as an additional tag "upstream_cluster.name" while tracing. Note: access logging using
+	// this field is presently enabled with runtime feature
+	// `envoy.reloadable_features.use_observable_cluster_name`. Any ``:`` in the name will be
+	// converted to ``_`` when emitting statistics. This should not be confused with :ref:`Router
+	// Filter Header <config_http_filters_router_x-envoy-upstream-alt-stat-name>`.
+	AltStatName string `protobuf:"bytes,28,opt,name=alt_stat_name,json=altStatName,proto3" json:"alt_stat_name,omitempty"`
+	// Types that are assignable to ClusterDiscoveryType:
+	//	*Cluster_Type
+	//	*Cluster_ClusterType
+	ClusterDiscoveryType isCluster_ClusterDiscoveryType `protobuf_oneof:"cluster_discovery_type"`
+	// Configuration to use for EDS updates for the Cluster.
+	EdsClusterConfig *Cluster_EdsClusterConfig `protobuf:"bytes,3,opt,name=eds_cluster_config,json=edsClusterConfig,proto3" json:"eds_cluster_config,omitempty"`
+	// The timeout for new network connections to hosts in the cluster.
+	// If not set, a default value of 5s will be used.
+	ConnectTimeout *duration.Duration `protobuf:"bytes,4,opt,name=connect_timeout,json=connectTimeout,proto3" json:"connect_timeout,omitempty"`
+	// Soft limit on size of the cluster’s connections read and write buffers. If
+	// unspecified, an implementation defined default is applied (1MiB).
+	PerConnectionBufferLimitBytes *wrappers.UInt32Value `protobuf:"bytes,5,opt,name=per_connection_buffer_limit_bytes,json=perConnectionBufferLimitBytes,proto3" json:"per_connection_buffer_limit_bytes,omitempty"`
+	// The :ref:`load balancer type <arch_overview_load_balancing_types>` to use
+	// when picking a host in the cluster.
+	LbPolicy Cluster_LbPolicy `protobuf:"varint,6,opt,name=lb_policy,json=lbPolicy,proto3,enum=envoy.config.cluster.v3.Cluster_LbPolicy" json:"lb_policy,omitempty"`
+	// Setting this is required for specifying members of
+	// :ref:`STATIC<envoy_v3_api_enum_value_config.cluster.v3.Cluster.DiscoveryType.STATIC>`,
+	// :ref:`STRICT_DNS<envoy_v3_api_enum_value_config.cluster.v3.Cluster.DiscoveryType.STRICT_DNS>`
+	// or :ref:`LOGICAL_DNS<envoy_v3_api_enum_value_config.cluster.v3.Cluster.DiscoveryType.LOGICAL_DNS>` clusters.
+	// This field supersedes the *hosts* field in the v2 API.
+	//
+	// .. attention::
+	//
+	//   Setting this allows non-EDS cluster types to contain embedded EDS equivalent
+	//   :ref:`endpoint assignments<envoy_v3_api_msg_config.endpoint.v3.ClusterLoadAssignment>`.
+	//
+	LoadAssignment *v31.ClusterLoadAssignment `protobuf:"bytes,33,opt,name=load_assignment,json=loadAssignment,proto3" json:"load_assignment,omitempty"`
+	// Optional :ref:`active health checking <arch_overview_health_checking>`
+	// configuration for the cluster. If no
+	// configuration is specified no health checking will be done and all cluster
+	// members will be considered healthy at all times.
+	HealthChecks []*v32.HealthCheck `protobuf:"bytes,8,rep,name=health_checks,json=healthChecks,proto3" json:"health_checks,omitempty"`
+	// Optional maximum requests for a single upstream connection. This parameter
+	// is respected by both the HTTP/1.1 and HTTP/2 connection pool
+	// implementations. If not specified, there is no limit. Setting this
+	// parameter to 1 will effectively disable keep alive.
+	//
+	// .. attention::
+	//   This field has been deprecated in favor of the :ref:`max_requests_per_connection <envoy_v3_api_field_config.core.v3.HttpProtocolOptions.max_requests_per_connection>` field.
+	//
+	// Deprecated: Do not use.
+	MaxRequestsPerConnection *wrappers.UInt32Value `protobuf:"bytes,9,opt,name=max_requests_per_connection,json=maxRequestsPerConnection,proto3" json:"max_requests_per_connection,omitempty"`
+	// Optional :ref:`circuit breaking <arch_overview_circuit_break>` for the cluster.
+	CircuitBreakers *CircuitBreakers `protobuf:"bytes,10,opt,name=circuit_breakers,json=circuitBreakers,proto3" json:"circuit_breakers,omitempty"`
+	// HTTP protocol options that are applied only to upstream HTTP connections.
+	// These options apply to all HTTP versions.
+	// This has been deprecated in favor of
+	// :ref:`upstream_http_protocol_options <envoy_v3_api_field_extensions.upstreams.http.v3.HttpProtocolOptions.upstream_http_protocol_options>`
+	// in the :ref:`http_protocol_options <envoy_v3_api_msg_extensions.upstreams.http.v3.HttpProtocolOptions>` message.
+	// upstream_http_protocol_options can be set via the cluster's
+	// :ref:`extension_protocol_options<envoy_v3_api_field_config.cluster.v3.Cluster.typed_extension_protocol_options>`.
+	// See :ref:`upstream_http_protocol_options
+	// <envoy_v3_api_field_extensions.upstreams.http.v3.HttpProtocolOptions.upstream_http_protocol_options>`
+	// for example usage.
+	//
+	// Deprecated: Do not use.
+	UpstreamHttpProtocolOptions *v32.UpstreamHttpProtocolOptions `protobuf:"bytes,46,opt,name=upstream_http_protocol_options,json=upstreamHttpProtocolOptions,proto3" json:"upstream_http_protocol_options,omitempty"`
+	// Additional options when handling HTTP requests upstream. These options will be applicable to
+	// both HTTP1 and HTTP2 requests.
+	// This has been deprecated in favor of
+	// :ref:`common_http_protocol_options <envoy_v3_api_field_extensions.upstreams.http.v3.HttpProtocolOptions.common_http_protocol_options>`
+	// in the :ref:`http_protocol_options <envoy_v3_api_msg_extensions.upstreams.http.v3.HttpProtocolOptions>` message.
+	// common_http_protocol_options can be set via the cluster's
+	// :ref:`extension_protocol_options<envoy_v3_api_field_config.cluster.v3.Cluster.typed_extension_protocol_options>`.
+	// See :ref:`upstream_http_protocol_options
+	// <envoy_v3_api_field_extensions.upstreams.http.v3.HttpProtocolOptions.upstream_http_protocol_options>`
+	// for example usage.
+	//
+	// Deprecated: Do not use.
+	CommonHttpProtocolOptions *v32.HttpProtocolOptions `protobuf:"bytes,29,opt,name=common_http_protocol_options,json=commonHttpProtocolOptions,proto3" json:"common_http_protocol_options,omitempty"`
+	// Additional options when handling HTTP1 requests.
+	// This has been deprecated in favor of http_protocol_options fields in the
+	// :ref:`http_protocol_options <envoy_v3_api_msg_extensions.upstreams.http.v3.HttpProtocolOptions>` message.
+	// http_protocol_options can be set via the cluster's
+	// :ref:`extension_protocol_options<envoy_v3_api_field_config.cluster.v3.Cluster.typed_extension_protocol_options>`.
+	// See :ref:`upstream_http_protocol_options
+	// <envoy_v3_api_field_extensions.upstreams.http.v3.HttpProtocolOptions.upstream_http_protocol_options>`
+	// for example usage.
+	//
+	// Deprecated: Do not use.
+	HttpProtocolOptions *v32.Http1ProtocolOptions `protobuf:"bytes,13,opt,name=http_protocol_options,json=httpProtocolOptions,proto3" json:"http_protocol_options,omitempty"`
+	// Even if default HTTP2 protocol options are desired, this field must be
+	// set so that Envoy will assume that the upstream supports HTTP/2 when
+	// making new HTTP connection pool connections. Currently, Envoy only
+	// supports prior knowledge for upstream connections. Even if TLS is used
+	// with ALPN, `http2_protocol_options` must be specified. As an aside this allows HTTP/2
+	// connections to happen over plain text.
+	// This has been deprecated in favor of http2_protocol_options fields in the
+	// :ref:`http_protocol_options <envoy_v3_api_msg_extensions.upstreams.http.v3.HttpProtocolOptions>`
+	// message. http2_protocol_options can be set via the cluster's
+	// :ref:`extension_protocol_options<envoy_v3_api_field_config.cluster.v3.Cluster.typed_extension_protocol_options>`.
+	// See :ref:`upstream_http_protocol_options
+	// <envoy_v3_api_field_extensions.upstreams.http.v3.HttpProtocolOptions.upstream_http_protocol_options>`
+	// for example usage.
+	//
+	// Deprecated: Do not use.
+	Http2ProtocolOptions *v32.Http2ProtocolOptions `protobuf:"bytes,14,opt,name=http2_protocol_options,json=http2ProtocolOptions,proto3" json:"http2_protocol_options,omitempty"`
+	// The extension_protocol_options field is used to provide extension-specific protocol options
+	// for upstream connections. The key should match the extension filter name, such as
+	// "envoy.filters.network.thrift_proxy". See the extension's documentation for details on
+	// specific options.
+	// [#next-major-version: make this a list of typed extensions.]
+	TypedExtensionProtocolOptions map[string]*any.Any `protobuf:"bytes,36,rep,name=typed_extension_protocol_options,json=typedExtensionProtocolOptions,proto3" json:"typed_extension_protocol_options,omitempty" protobuf_key:"bytes,1,opt,name=key,proto3" protobuf_val:"bytes,2,opt,name=value,proto3"`
+	// If the DNS refresh rate is specified and the cluster type is either
+	// :ref:`STRICT_DNS<envoy_v3_api_enum_value_config.cluster.v3.Cluster.DiscoveryType.STRICT_DNS>`,
+	// or :ref:`LOGICAL_DNS<envoy_v3_api_enum_value_config.cluster.v3.Cluster.DiscoveryType.LOGICAL_DNS>`,
+	// this value is used as the cluster’s DNS refresh
+	// rate. The value configured must be at least 1ms. If this setting is not specified, the
+	// value defaults to 5000ms. For cluster types other than
+	// :ref:`STRICT_DNS<envoy_v3_api_enum_value_config.cluster.v3.Cluster.DiscoveryType.STRICT_DNS>`
+	// and :ref:`LOGICAL_DNS<envoy_v3_api_enum_value_config.cluster.v3.Cluster.DiscoveryType.LOGICAL_DNS>`
+	// this setting is ignored.
+	DnsRefreshRate *duration.Duration `protobuf:"bytes,16,opt,name=dns_refresh_rate,json=dnsRefreshRate,proto3" json:"dns_refresh_rate,omitempty"`
+	// If the DNS failure refresh rate is specified and the cluster type is either
+	// :ref:`STRICT_DNS<envoy_v3_api_enum_value_config.cluster.v3.Cluster.DiscoveryType.STRICT_DNS>`,
+	// or :ref:`LOGICAL_DNS<envoy_v3_api_enum_value_config.cluster.v3.Cluster.DiscoveryType.LOGICAL_DNS>`,
+	// this is used as the cluster’s DNS refresh rate when requests are failing. If this setting is
+	// not specified, the failure refresh rate defaults to the DNS refresh rate. For cluster types
+	// other than :ref:`STRICT_DNS<envoy_v3_api_enum_value_config.cluster.v3.Cluster.DiscoveryType.STRICT_DNS>` and
+	// :ref:`LOGICAL_DNS<envoy_v3_api_enum_value_config.cluster.v3.Cluster.DiscoveryType.LOGICAL_DNS>` this setting is
+	// ignored.
+	DnsFailureRefreshRate *Cluster_RefreshRate `protobuf:"bytes,44,opt,name=dns_failure_refresh_rate,json=dnsFailureRefreshRate,proto3" json:"dns_failure_refresh_rate,omitempty"`
+	// Optional configuration for setting cluster's DNS refresh rate. If the value is set to true,
+	// cluster's DNS refresh rate will be set to resource record's TTL which comes from DNS
+	// resolution.
+	RespectDnsTtl bool `protobuf:"varint,39,opt,name=respect_dns_ttl,json=respectDnsTtl,proto3" json:"respect_dns_ttl,omitempty"`
+	// The DNS IP address resolution policy. If this setting is not specified, the
+	// value defaults to
+	// :ref:`AUTO<envoy_v3_api_enum_value_config.cluster.v3.Cluster.DnsLookupFamily.AUTO>`.
+	DnsLookupFamily Cluster_DnsLookupFamily `protobuf:"varint,17,opt,name=dns_lookup_family,json=dnsLookupFamily,proto3,enum=envoy.config.cluster.v3.Cluster_DnsLookupFamily" json:"dns_lookup_family,omitempty"`
+	// If DNS resolvers are specified and the cluster type is either
+	// :ref:`STRICT_DNS<envoy_v3_api_enum_value_config.cluster.v3.Cluster.DiscoveryType.STRICT_DNS>`,
+	// or :ref:`LOGICAL_DNS<envoy_v3_api_enum_value_config.cluster.v3.Cluster.DiscoveryType.LOGICAL_DNS>`,
+	// this value is used to specify the cluster’s dns resolvers.
+	// If this setting is not specified, the value defaults to the default
+	// resolver, which uses /etc/resolv.conf for configuration. For cluster types
+	// other than
+	// :ref:`STRICT_DNS<envoy_v3_api_enum_value_config.cluster.v3.Cluster.DiscoveryType.STRICT_DNS>`
+	// and :ref:`LOGICAL_DNS<envoy_v3_api_enum_value_config.cluster.v3.Cluster.DiscoveryType.LOGICAL_DNS>`
+	// this setting is ignored.
+	// This field is deprecated in favor of *dns_resolution_config*
+	// which aggregates all of the DNS resolver configuration in a single message.
+	//
+	// Deprecated: Do not use.
+	DnsResolvers []*v32.Address `protobuf:"bytes,18,rep,name=dns_resolvers,json=dnsResolvers,proto3" json:"dns_resolvers,omitempty"`
+	// Always use TCP queries instead of UDP queries for DNS lookups.
+	// This field is deprecated in favor of *dns_resolution_config*
+	// which aggregates all of the DNS resolver configuration in a single message.
+	//
+	// Deprecated: Do not use.
+	UseTcpForDnsLookups bool `protobuf:"varint,45,opt,name=use_tcp_for_dns_lookups,json=useTcpForDnsLookups,proto3" json:"use_tcp_for_dns_lookups,omitempty"`
+	// DNS resolution configuration which includes the underlying dns resolver addresses and options.
+	// This field is deprecated in favor of
+	// :ref:`typed_dns_resolver_config <envoy_v3_api_field_config.cluster.v3.Cluster.typed_dns_resolver_config>`.
+	//
+	// Deprecated: Do not use.
+	DnsResolutionConfig *v32.DnsResolutionConfig `protobuf:"bytes,53,opt,name=dns_resolution_config,json=dnsResolutionConfig,proto3" json:"dns_resolution_config,omitempty"`
+	// DNS resolver type configuration extension. This extension can be used to configure c-ares, apple,
+	// or any other DNS resolver types and the related parameters.
+	// For example, an object of
+	// :ref:`CaresDnsResolverConfig <envoy_v3_api_msg_extensions.network.dns_resolver.cares.v3.CaresDnsResolverConfig>`
+	// can be packed into this *typed_dns_resolver_config*. This configuration replaces the
+	// :ref:`dns_resolution_config <envoy_v3_api_field_config.cluster.v3.Cluster.dns_resolution_config>`
+	// configuration.
+	// During the transition period when both *dns_resolution_config* and *typed_dns_resolver_config* exists,
+	// when *typed_dns_resolver_config* is in place, Envoy will use it and ignore *dns_resolution_config*.
+	// When *typed_dns_resolver_config* is missing, the default behavior is in place.
+	// [#extension-category: envoy.network.dns_resolver]
+	TypedDnsResolverConfig *v32.TypedExtensionConfig `protobuf:"bytes,55,opt,name=typed_dns_resolver_config,json=typedDnsResolverConfig,proto3" json:"typed_dns_resolver_config,omitempty"`
+	// Optional configuration for having cluster readiness block on warm-up. Currently, only applicable for
+	// :ref:`STRICT_DNS<envoy_v3_api_enum_value_config.cluster.v3.Cluster.DiscoveryType.STRICT_DNS>`,
+	// or :ref:`LOGICAL_DNS<envoy_v3_api_enum_value_config.cluster.v3.Cluster.DiscoveryType.LOGICAL_DNS>`.
+	// If true, cluster readiness blocks on warm-up. If false, the cluster will complete
+	// initialization whether or not warm-up has completed. Defaults to true.
+	WaitForWarmOnInit *wrappers.BoolValue `protobuf:"bytes,54,opt,name=wait_for_warm_on_init,json=waitForWarmOnInit,proto3" json:"wait_for_warm_on_init,omitempty"`
+	// If specified, outlier detection will be enabled for this upstream cluster.
+	// Each of the configuration values can be overridden via
+	// :ref:`runtime values <config_cluster_manager_cluster_runtime_outlier_detection>`.
+	OutlierDetection *OutlierDetection `protobuf:"bytes,19,opt,name=outlier_detection,json=outlierDetection,proto3" json:"outlier_detection,omitempty"`
+	// The interval for removing stale hosts from a cluster type
+	// :ref:`ORIGINAL_DST<envoy_v3_api_enum_value_config.cluster.v3.Cluster.DiscoveryType.ORIGINAL_DST>`.
+	// Hosts are considered stale if they have not been used
+	// as upstream destinations during this interval. New hosts are added
+	// to original destination clusters on demand as new connections are
+	// redirected to Envoy, causing the number of hosts in the cluster to
+	// grow over time. Hosts that are not stale (they are actively used as
+	// destinations) are kept in the cluster, which allows connections to
+	// them remain open, saving the latency that would otherwise be spent
+	// on opening new connections. If this setting is not specified, the
+	// value defaults to 5000ms. For cluster types other than
+	// :ref:`ORIGINAL_DST<envoy_v3_api_enum_value_config.cluster.v3.Cluster.DiscoveryType.ORIGINAL_DST>`
+	// this setting is ignored.
+	CleanupInterval *duration.Duration `protobuf:"bytes,20,opt,name=cleanup_interval,json=cleanupInterval,proto3" json:"cleanup_interval,omitempty"`
+	// Optional configuration used to bind newly established upstream connections.
+	// This overrides any bind_config specified in the bootstrap proto.
+	// If the address and port are empty, no bind will be performed.
+	UpstreamBindConfig *v32.BindConfig `protobuf:"bytes,21,opt,name=upstream_bind_config,json=upstreamBindConfig,proto3" json:"upstream_bind_config,omitempty"`
+	// Configuration for load balancing subsetting.
+	LbSubsetConfig *Cluster_LbSubsetConfig `protobuf:"bytes,22,opt,name=lb_subset_config,json=lbSubsetConfig,proto3" json:"lb_subset_config,omitempty"`
+	// Optional configuration for the load balancing algorithm selected by
+	// LbPolicy. Currently only
+	// :ref:`RING_HASH<envoy_v3_api_enum_value_config.cluster.v3.Cluster.LbPolicy.RING_HASH>`,
+	// :ref:`MAGLEV<envoy_v3_api_enum_value_config.cluster.v3.Cluster.LbPolicy.MAGLEV>` and
+	// :ref:`LEAST_REQUEST<envoy_v3_api_enum_value_config.cluster.v3.Cluster.LbPolicy.LEAST_REQUEST>`
+	// has additional configuration options.
+	// Specifying ring_hash_lb_config or maglev_lb_config or least_request_lb_config without setting the corresponding
+	// LbPolicy will generate an error at runtime.
+	//
+	// Types that are assignable to LbConfig:
+	//	*Cluster_RingHashLbConfig_
+	//	*Cluster_MaglevLbConfig_
+	//	*Cluster_OriginalDstLbConfig_
+	//	*Cluster_LeastRequestLbConfig_
+	//	*Cluster_RoundRobinLbConfig_
+	LbConfig isCluster_LbConfig `protobuf_oneof:"lb_config"`
+	// Common configuration for all load balancer implementations.
+	CommonLbConfig *Cluster_CommonLbConfig `protobuf:"bytes,27,opt,name=common_lb_config,json=commonLbConfig,proto3" json:"common_lb_config,omitempty"`
+	// Optional custom transport socket implementation to use for upstream connections.
+	// To setup TLS, set a transport socket with name `envoy.transport_sockets.tls` and
+	// :ref:`UpstreamTlsContexts <envoy_v3_api_msg_extensions.transport_sockets.tls.v3.UpstreamTlsContext>` in the `typed_config`.
+	// If no transport socket configuration is specified, new connections
+	// will be set up with plaintext.
+	TransportSocket *v32.TransportSocket `protobuf:"bytes,24,opt,name=transport_socket,json=transportSocket,proto3" json:"transport_socket,omitempty"`
+	// The Metadata field can be used to provide additional information about the
+	// cluster. It can be used for stats, logging, and varying filter behavior.
+	// Fields should use reverse DNS notation to denote which entity within Envoy
+	// will need the information. For instance, if the metadata is intended for
+	// the Router filter, the filter name should be specified as *envoy.filters.http.router*.
+	Metadata *v32.Metadata `protobuf:"bytes,25,opt,name=metadata,proto3" json:"metadata,omitempty"`
+	// Determines how Envoy selects the protocol used to speak to upstream hosts.
+	// This has been deprecated in favor of setting explicit protocol selection
+	// in the :ref:`http_protocol_options
+	// <envoy_v3_api_msg_extensions.upstreams.http.v3.HttpProtocolOptions>` message.
+	// http_protocol_options can be set via the cluster's
+	// :ref:`extension_protocol_options<envoy_v3_api_field_config.cluster.v3.Cluster.typed_extension_protocol_options>`.
+	//
+	// Deprecated: Do not use.
+	ProtocolSelection Cluster_ClusterProtocolSelection `protobuf:"varint,26,opt,name=protocol_selection,json=protocolSelection,proto3,enum=envoy.config.cluster.v3.Cluster_ClusterProtocolSelection" json:"protocol_selection,omitempty"`
+	// Optional options for upstream connections.
+	UpstreamConnectionOptions *UpstreamConnectionOptions `protobuf:"bytes,30,opt,name=upstream_connection_options,json=upstreamConnectionOptions,proto3" json:"upstream_connection_options,omitempty"`
+	// If an upstream host becomes unhealthy (as determined by the configured health checks
+	// or outlier detection), immediately close all connections to the failed host.
+	//
+	// .. note::
+	//
+	//   This is currently only supported for connections created by tcp_proxy.
+	//
+	// .. note::
+	//
+	//   The current implementation of this feature closes all connections immediately when
+	//   the unhealthy status is detected. If there are a large number of connections open
+	//   to an upstream host that becomes unhealthy, Envoy may spend a substantial amount of
+	//   time exclusively closing these connections, and not processing any other traffic.
+	CloseConnectionsOnHostHealthFailure bool `protobuf:"varint,31,opt,name=close_connections_on_host_health_failure,json=closeConnectionsOnHostHealthFailure,proto3" json:"close_connections_on_host_health_failure,omitempty"`
+	// If set to true, Envoy will ignore the health value of a host when processing its removal
+	// from service discovery. This means that if active health checking is used, Envoy will *not*
+	// wait for the endpoint to go unhealthy before removing it.
+	IgnoreHealthOnHostRemoval bool `protobuf:"varint,32,opt,name=ignore_health_on_host_removal,json=ignoreHealthOnHostRemoval,proto3" json:"ignore_health_on_host_removal,omitempty"`
+	// An (optional) network filter chain, listed in the order the filters should be applied.
+	// The chain will be applied to all outgoing connections that Envoy makes to the upstream
+	// servers of this cluster.
+	Filters []*Filter `protobuf:"bytes,40,rep,name=filters,proto3" json:"filters,omitempty"`
+	// If this field is set and is supported by the client, it will supersede the value of
+	// :ref:`lb_policy<envoy_v3_api_field_config.cluster.v3.Cluster.lb_policy>`.
+	LoadBalancingPolicy *LoadBalancingPolicy `protobuf:"bytes,41,opt,name=load_balancing_policy,json=loadBalancingPolicy,proto3" json:"load_balancing_policy,omitempty"`
+	// [#not-implemented-hide:]
+	// If present, tells the client where to send load reports via LRS. If not present, the
+	// client will fall back to a client-side default, which may be either (a) don't send any
+	// load reports or (b) send load reports for all clusters to a single default server
+	// (which may be configured in the bootstrap file).
+	//
+	// Note that if multiple clusters point to the same LRS server, the client may choose to
+	// create a separate stream for each cluster or it may choose to coalesce the data for
+	// multiple clusters onto a single stream. Either way, the client must make sure to send
+	// the data for any given cluster on no more than one stream.
+	//
+	// [#next-major-version: In the v3 API, we should consider restructuring this somehow,
+	// maybe by allowing LRS to go on the ADS stream, or maybe by moving some of the negotiation
+	// from the LRS stream here.]
+	LrsServer *v32.ConfigSource `protobuf:"bytes,42,opt,name=lrs_server,json=lrsServer,proto3" json:"lrs_server,omitempty"`
+	// If track_timeout_budgets is true, the :ref:`timeout budget histograms
+	// <config_cluster_manager_cluster_stats_timeout_budgets>` will be published for each
+	// request. These show what percentage of a request's per try and global timeout was used. A value
+	// of 0 would indicate that none of the timeout was used or that the timeout was infinite. A value
+	// of 100 would indicate that the request took the entirety of the timeout given to it.
+	//
+	// .. attention::
+	//
+	//   This field has been deprecated in favor of `timeout_budgets`, part of
+	//   :ref:`track_cluster_stats <envoy_v3_api_field_config.cluster.v3.Cluster.track_cluster_stats>`.
+	//
+	// Deprecated: Do not use.
+	TrackTimeoutBudgets bool `protobuf:"varint,47,opt,name=track_timeout_budgets,json=trackTimeoutBudgets,proto3" json:"track_timeout_budgets,omitempty"`
+	// Optional customization and configuration of upstream connection pool, and upstream type.
+	//
+	// Currently this field only applies for HTTP traffic but is designed for eventual use for custom
+	// TCP upstreams.
+	//
+	// For HTTP traffic, Envoy will generally take downstream HTTP and send it upstream as upstream
+	// HTTP, using the http connection pool and the codec from `http2_protocol_options`
+	//
+	// For routes where CONNECT termination is configured, Envoy will take downstream CONNECT
+	// requests and forward the CONNECT payload upstream over raw TCP using the tcp connection pool.
+	//
+	// The default pool used is the generic connection pool which creates the HTTP upstream for most
+	// HTTP requests, and the TCP upstream if CONNECT termination is configured.
+	//
+	// If users desire custom connection pool or upstream behavior, for example terminating
+	// CONNECT only if a custom filter indicates it is appropriate, the custom factories
+	// can be registered and configured here.
+	// [#extension-category: envoy.upstreams]
+	UpstreamConfig *v32.TypedExtensionConfig `protobuf:"bytes,48,opt,name=upstream_config,json=upstreamConfig,proto3" json:"upstream_config,omitempty"`
+	// Configuration to track optional cluster stats.
+	TrackClusterStats *TrackClusterStats `protobuf:"bytes,49,opt,name=track_cluster_stats,json=trackClusterStats,proto3" json:"track_cluster_stats,omitempty"`
+	// Preconnect configuration for this cluster.
+	PreconnectPolicy *Cluster_PreconnectPolicy `protobuf:"bytes,50,opt,name=preconnect_policy,json=preconnectPolicy,proto3" json:"preconnect_policy,omitempty"`
+	// If `connection_pool_per_downstream_connection` is true, the cluster will use a separate
+	// connection pool for every downstream connection
+	ConnectionPoolPerDownstreamConnection bool `protobuf:"varint,51,opt,name=connection_pool_per_downstream_connection,json=connectionPoolPerDownstreamConnection,proto3" json:"connection_pool_per_downstream_connection,omitempty"`
+}
+
+func (x *Cluster) Reset() {
+	*x = Cluster{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_config_cluster_v3_cluster_proto_msgTypes[1]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *Cluster) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*Cluster) ProtoMessage() {}
+
+func (x *Cluster) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_config_cluster_v3_cluster_proto_msgTypes[1]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use Cluster.ProtoReflect.Descriptor instead.
+func (*Cluster) Descriptor() ([]byte, []int) {
+	return file_envoy_config_cluster_v3_cluster_proto_rawDescGZIP(), []int{1}
+}
+
+func (x *Cluster) GetTransportSocketMatches() []*Cluster_TransportSocketMatch {
+	if x != nil {
+		return x.TransportSocketMatches
+	}
+	return nil
+}
+
+func (x *Cluster) GetName() string {
+	if x != nil {
+		return x.Name
+	}
+	return ""
+}
+
+func (x *Cluster) GetAltStatName() string {
+	if x != nil {
+		return x.AltStatName
+	}
+	return ""
+}
+
+func (m *Cluster) GetClusterDiscoveryType() isCluster_ClusterDiscoveryType {
+	if m != nil {
+		return m.ClusterDiscoveryType
+	}
+	return nil
+}
+
+func (x *Cluster) GetType() Cluster_DiscoveryType {
+	if x, ok := x.GetClusterDiscoveryType().(*Cluster_Type); ok {
+		return x.Type
+	}
+	return Cluster_STATIC
+}
+
+func (x *Cluster) GetClusterType() *Cluster_CustomClusterType {
+	if x, ok := x.GetClusterDiscoveryType().(*Cluster_ClusterType); ok {
+		return x.ClusterType
+	}
+	return nil
+}
+
+func (x *Cluster) GetEdsClusterConfig() *Cluster_EdsClusterConfig {
+	if x != nil {
+		return x.EdsClusterConfig
+	}
+	return nil
+}
+
+func (x *Cluster) GetConnectTimeout() *duration.Duration {
+	if x != nil {
+		return x.ConnectTimeout
+	}
+	return nil
+}
+
+func (x *Cluster) GetPerConnectionBufferLimitBytes() *wrappers.UInt32Value {
+	if x != nil {
+		return x.PerConnectionBufferLimitBytes
+	}
+	return nil
+}
+
+func (x *Cluster) GetLbPolicy() Cluster_LbPolicy {
+	if x != nil {
+		return x.LbPolicy
+	}
+	return Cluster_ROUND_ROBIN
+}
+
+func (x *Cluster) GetLoadAssignment() *v31.ClusterLoadAssignment {
+	if x != nil {
+		return x.LoadAssignment
+	}
+	return nil
+}
+
+func (x *Cluster) GetHealthChecks() []*v32.HealthCheck {
+	if x != nil {
+		return x.HealthChecks
+	}
+	return nil
+}
+
+// Deprecated: Do not use.
+func (x *Cluster) GetMaxRequestsPerConnection() *wrappers.UInt32Value {
+	if x != nil {
+		return x.MaxRequestsPerConnection
+	}
+	return nil
+}
+
+func (x *Cluster) GetCircuitBreakers() *CircuitBreakers {
+	if x != nil {
+		return x.CircuitBreakers
+	}
+	return nil
+}
+
+// Deprecated: Do not use.
+func (x *Cluster) GetUpstreamHttpProtocolOptions() *v32.UpstreamHttpProtocolOptions {
+	if x != nil {
+		return x.UpstreamHttpProtocolOptions
+	}
+	return nil
+}
+
+// Deprecated: Do not use.
+func (x *Cluster) GetCommonHttpProtocolOptions() *v32.HttpProtocolOptions {
+	if x != nil {
+		return x.CommonHttpProtocolOptions
+	}
+	return nil
+}
+
+// Deprecated: Do not use.
+func (x *Cluster) GetHttpProtocolOptions() *v32.Http1ProtocolOptions {
+	if x != nil {
+		return x.HttpProtocolOptions
+	}
+	return nil
+}
+
+// Deprecated: Do not use.
+func (x *Cluster) GetHttp2ProtocolOptions() *v32.Http2ProtocolOptions {
+	if x != nil {
+		return x.Http2ProtocolOptions
+	}
+	return nil
+}
+
+func (x *Cluster) GetTypedExtensionProtocolOptions() map[string]*any.Any {
+	if x != nil {
+		return x.TypedExtensionProtocolOptions
+	}
+	return nil
+}
+
+func (x *Cluster) GetDnsRefreshRate() *duration.Duration {
+	if x != nil {
+		return x.DnsRefreshRate
+	}
+	return nil
+}
+
+func (x *Cluster) GetDnsFailureRefreshRate() *Cluster_RefreshRate {
+	if x != nil {
+		return x.DnsFailureRefreshRate
+	}
+	return nil
+}
+
+func (x *Cluster) GetRespectDnsTtl() bool {
+	if x != nil {
+		return x.RespectDnsTtl
+	}
+	return false
+}
+
+func (x *Cluster) GetDnsLookupFamily() Cluster_DnsLookupFamily {
+	if x != nil {
+		return x.DnsLookupFamily
+	}
+	return Cluster_AUTO
+}
+
+// Deprecated: Do not use.
+func (x *Cluster) GetDnsResolvers() []*v32.Address {
+	if x != nil {
+		return x.DnsResolvers
+	}
+	return nil
+}
+
+// Deprecated: Do not use.
+func (x *Cluster) GetUseTcpForDnsLookups() bool {
+	if x != nil {
+		return x.UseTcpForDnsLookups
+	}
+	return false
+}
+
+// Deprecated: Do not use.
+func (x *Cluster) GetDnsResolutionConfig() *v32.DnsResolutionConfig {
+	if x != nil {
+		return x.DnsResolutionConfig
+	}
+	return nil
+}
+
+func (x *Cluster) GetTypedDnsResolverConfig() *v32.TypedExtensionConfig {
+	if x != nil {
+		return x.TypedDnsResolverConfig
+	}
+	return nil
+}
+
+func (x *Cluster) GetWaitForWarmOnInit() *wrappers.BoolValue {
+	if x != nil {
+		return x.WaitForWarmOnInit
+	}
+	return nil
+}
+
+func (x *Cluster) GetOutlierDetection() *OutlierDetection {
+	if x != nil {
+		return x.OutlierDetection
+	}
+	return nil
+}
+
+func (x *Cluster) GetCleanupInterval() *duration.Duration {
+	if x != nil {
+		return x.CleanupInterval
+	}
+	return nil
+}
+
+func (x *Cluster) GetUpstreamBindConfig() *v32.BindConfig {
+	if x != nil {
+		return x.UpstreamBindConfig
+	}
+	return nil
+}
+
+func (x *Cluster) GetLbSubsetConfig() *Cluster_LbSubsetConfig {
+	if x != nil {
+		return x.LbSubsetConfig
+	}
+	return nil
+}
+
+func (m *Cluster) GetLbConfig() isCluster_LbConfig {
+	if m != nil {
+		return m.LbConfig
+	}
+	return nil
+}
+
+func (x *Cluster) GetRingHashLbConfig() *Cluster_RingHashLbConfig {
+	if x, ok := x.GetLbConfig().(*Cluster_RingHashLbConfig_); ok {
+		return x.RingHashLbConfig
+	}
+	return nil
+}
+
+func (x *Cluster) GetMaglevLbConfig() *Cluster_MaglevLbConfig {
+	if x, ok := x.GetLbConfig().(*Cluster_MaglevLbConfig_); ok {
+		return x.MaglevLbConfig
+	}
+	return nil
+}
+
+func (x *Cluster) GetOriginalDstLbConfig() *Cluster_OriginalDstLbConfig {
+	if x, ok := x.GetLbConfig().(*Cluster_OriginalDstLbConfig_); ok {
+		return x.OriginalDstLbConfig
+	}
+	return nil
+}
+
+func (x *Cluster) GetLeastRequestLbConfig() *Cluster_LeastRequestLbConfig {
+	if x, ok := x.GetLbConfig().(*Cluster_LeastRequestLbConfig_); ok {
+		return x.LeastRequestLbConfig
+	}
+	return nil
+}
+
+func (x *Cluster) GetRoundRobinLbConfig() *Cluster_RoundRobinLbConfig {
+	if x, ok := x.GetLbConfig().(*Cluster_RoundRobinLbConfig_); ok {
+		return x.RoundRobinLbConfig
+	}
+	return nil
+}
+
+func (x *Cluster) GetCommonLbConfig() *Cluster_CommonLbConfig {
+	if x != nil {
+		return x.CommonLbConfig
+	}
+	return nil
+}
+
+func (x *Cluster) GetTransportSocket() *v32.TransportSocket {
+	if x != nil {
+		return x.TransportSocket
+	}
+	return nil
+}
+
+func (x *Cluster) GetMetadata() *v32.Metadata {
+	if x != nil {
+		return x.Metadata
+	}
+	return nil
+}
+
+// Deprecated: Do not use.
+func (x *Cluster) GetProtocolSelection() Cluster_ClusterProtocolSelection {
+	if x != nil {
+		return x.ProtocolSelection
+	}
+	return Cluster_USE_CONFIGURED_PROTOCOL
+}
+
+func (x *Cluster) GetUpstreamConnectionOptions() *UpstreamConnectionOptions {
+	if x != nil {
+		return x.UpstreamConnectionOptions
+	}
+	return nil
+}
+
+func (x *Cluster) GetCloseConnectionsOnHostHealthFailure() bool {
+	if x != nil {
+		return x.CloseConnectionsOnHostHealthFailure
+	}
+	return false
+}
+
+func (x *Cluster) GetIgnoreHealthOnHostRemoval() bool {
+	if x != nil {
+		return x.IgnoreHealthOnHostRemoval
+	}
+	return false
+}
+
+func (x *Cluster) GetFilters() []*Filter {
+	if x != nil {
+		return x.Filters
+	}
+	return nil
+}
+
+func (x *Cluster) GetLoadBalancingPolicy() *LoadBalancingPolicy {
+	if x != nil {
+		return x.LoadBalancingPolicy
+	}
+	return nil
+}
+
+func (x *Cluster) GetLrsServer() *v32.ConfigSource {
+	if x != nil {
+		return x.LrsServer
+	}
+	return nil
+}
+
+// Deprecated: Do not use.
+func (x *Cluster) GetTrackTimeoutBudgets() bool {
+	if x != nil {
+		return x.TrackTimeoutBudgets
+	}
+	return false
+}
+
+func (x *Cluster) GetUpstreamConfig() *v32.TypedExtensionConfig {
+	if x != nil {
+		return x.UpstreamConfig
+	}
+	return nil
+}
+
+func (x *Cluster) GetTrackClusterStats() *TrackClusterStats {
+	if x != nil {
+		return x.TrackClusterStats
+	}
+	return nil
+}
+
+func (x *Cluster) GetPreconnectPolicy() *Cluster_PreconnectPolicy {
+	if x != nil {
+		return x.PreconnectPolicy
+	}
+	return nil
+}
+
+func (x *Cluster) GetConnectionPoolPerDownstreamConnection() bool {
+	if x != nil {
+		return x.ConnectionPoolPerDownstreamConnection
+	}
+	return false
+}
+
+type isCluster_ClusterDiscoveryType interface {
+	isCluster_ClusterDiscoveryType()
+}
+
+type Cluster_Type struct {
+	// The :ref:`service discovery type <arch_overview_service_discovery_types>`
+	// to use for resolving the cluster.
+	Type Cluster_DiscoveryType `protobuf:"varint,2,opt,name=type,proto3,enum=envoy.config.cluster.v3.Cluster_DiscoveryType,oneof"`
+}
+
+type Cluster_ClusterType struct {
+	// The custom cluster type.
+	ClusterType *Cluster_CustomClusterType `protobuf:"bytes,38,opt,name=cluster_type,json=clusterType,proto3,oneof"`
+}
+
+func (*Cluster_Type) isCluster_ClusterDiscoveryType() {}
+
+func (*Cluster_ClusterType) isCluster_ClusterDiscoveryType() {}
+
+type isCluster_LbConfig interface {
+	isCluster_LbConfig()
+}
+
+type Cluster_RingHashLbConfig_ struct {
+	// Optional configuration for the Ring Hash load balancing policy.
+	RingHashLbConfig *Cluster_RingHashLbConfig `protobuf:"bytes,23,opt,name=ring_hash_lb_config,json=ringHashLbConfig,proto3,oneof"`
+}
+
+type Cluster_MaglevLbConfig_ struct {
+	// Optional configuration for the Maglev load balancing policy.
+	MaglevLbConfig *Cluster_MaglevLbConfig `protobuf:"bytes,52,opt,name=maglev_lb_config,json=maglevLbConfig,proto3,oneof"`
+}
+
+type Cluster_OriginalDstLbConfig_ struct {
+	// Optional configuration for the Original Destination load balancing policy.
+	OriginalDstLbConfig *Cluster_OriginalDstLbConfig `protobuf:"bytes,34,opt,name=original_dst_lb_config,json=originalDstLbConfig,proto3,oneof"`
+}
+
+type Cluster_LeastRequestLbConfig_ struct {
+	// Optional configuration for the LeastRequest load balancing policy.
+	LeastRequestLbConfig *Cluster_LeastRequestLbConfig `protobuf:"bytes,37,opt,name=least_request_lb_config,json=leastRequestLbConfig,proto3,oneof"`
+}
+
+type Cluster_RoundRobinLbConfig_ struct {
+	// Optional configuration for the RoundRobin load balancing policy.
+	RoundRobinLbConfig *Cluster_RoundRobinLbConfig `protobuf:"bytes,56,opt,name=round_robin_lb_config,json=roundRobinLbConfig,proto3,oneof"`
+}
+
+func (*Cluster_RingHashLbConfig_) isCluster_LbConfig() {}
+
+func (*Cluster_MaglevLbConfig_) isCluster_LbConfig() {}
+
+func (*Cluster_OriginalDstLbConfig_) isCluster_LbConfig() {}
+
+func (*Cluster_LeastRequestLbConfig_) isCluster_LbConfig() {}
+
+func (*Cluster_RoundRobinLbConfig_) isCluster_LbConfig() {}
+
+// Extensible load balancing policy configuration.
+//
+// Every LB policy defined via this mechanism will be identified via a unique name using reverse
+// DNS notation. If the policy needs configuration parameters, it must define a message for its
+// own configuration, which will be stored in the config field. The name of the policy will tell
+// clients which type of message they should expect to see in the config field.
+//
+// Note that there are cases where it is useful to be able to independently select LB policies
+// for choosing a locality and for choosing an endpoint within that locality. For example, a
+// given deployment may always use the same policy to choose the locality, but for choosing the
+// endpoint within the locality, some clusters may use weighted-round-robin, while others may
+// use some sort of session-based balancing.
+//
+// This can be accomplished via hierarchical LB policies, where the parent LB policy creates a
+// child LB policy for each locality. For each request, the parent chooses the locality and then
+// delegates to the child policy for that locality to choose the endpoint within the locality.
+//
+// To facilitate this, the config message for the top-level LB policy may include a field of
+// type LoadBalancingPolicy that specifies the child policy.
+type LoadBalancingPolicy struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// Each client will iterate over the list in order and stop at the first policy that it
+	// supports. This provides a mechanism for starting to use new LB policies that are not yet
+	// supported by all clients.
+	Policies []*LoadBalancingPolicy_Policy `protobuf:"bytes,1,rep,name=policies,proto3" json:"policies,omitempty"`
+}
+
+func (x *LoadBalancingPolicy) Reset() {
+	*x = LoadBalancingPolicy{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_config_cluster_v3_cluster_proto_msgTypes[2]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *LoadBalancingPolicy) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*LoadBalancingPolicy) ProtoMessage() {}
+
+func (x *LoadBalancingPolicy) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_config_cluster_v3_cluster_proto_msgTypes[2]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use LoadBalancingPolicy.ProtoReflect.Descriptor instead.
+func (*LoadBalancingPolicy) Descriptor() ([]byte, []int) {
+	return file_envoy_config_cluster_v3_cluster_proto_rawDescGZIP(), []int{2}
+}
+
+func (x *LoadBalancingPolicy) GetPolicies() []*LoadBalancingPolicy_Policy {
+	if x != nil {
+		return x.Policies
+	}
+	return nil
+}
+
+// An extensible structure containing the address Envoy should bind to when
+// establishing upstream connections.
+type UpstreamBindConfig struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// The address Envoy should bind to when establishing upstream connections.
+	SourceAddress *v32.Address `protobuf:"bytes,1,opt,name=source_address,json=sourceAddress,proto3" json:"source_address,omitempty"`
+}
+
+func (x *UpstreamBindConfig) Reset() {
+	*x = UpstreamBindConfig{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_config_cluster_v3_cluster_proto_msgTypes[3]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *UpstreamBindConfig) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*UpstreamBindConfig) ProtoMessage() {}
+
+func (x *UpstreamBindConfig) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_config_cluster_v3_cluster_proto_msgTypes[3]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use UpstreamBindConfig.ProtoReflect.Descriptor instead.
+func (*UpstreamBindConfig) Descriptor() ([]byte, []int) {
+	return file_envoy_config_cluster_v3_cluster_proto_rawDescGZIP(), []int{3}
+}
+
+func (x *UpstreamBindConfig) GetSourceAddress() *v32.Address {
+	if x != nil {
+		return x.SourceAddress
+	}
+	return nil
+}
+
+type UpstreamConnectionOptions struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// If set then set SO_KEEPALIVE on the socket to enable TCP Keepalives.
+	TcpKeepalive *v32.TcpKeepalive `protobuf:"bytes,1,opt,name=tcp_keepalive,json=tcpKeepalive,proto3" json:"tcp_keepalive,omitempty"`
+}
+
+func (x *UpstreamConnectionOptions) Reset() {
+	*x = UpstreamConnectionOptions{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_config_cluster_v3_cluster_proto_msgTypes[4]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *UpstreamConnectionOptions) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*UpstreamConnectionOptions) ProtoMessage() {}
+
+func (x *UpstreamConnectionOptions) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_config_cluster_v3_cluster_proto_msgTypes[4]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use UpstreamConnectionOptions.ProtoReflect.Descriptor instead.
+func (*UpstreamConnectionOptions) Descriptor() ([]byte, []int) {
+	return file_envoy_config_cluster_v3_cluster_proto_rawDescGZIP(), []int{4}
+}
+
+func (x *UpstreamConnectionOptions) GetTcpKeepalive() *v32.TcpKeepalive {
+	if x != nil {
+		return x.TcpKeepalive
+	}
+	return nil
+}
+
+type TrackClusterStats struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// If timeout_budgets is true, the :ref:`timeout budget histograms
+	// <config_cluster_manager_cluster_stats_timeout_budgets>` will be published for each
+	// request. These show what percentage of a request's per try and global timeout was used. A value
+	// of 0 would indicate that none of the timeout was used or that the timeout was infinite. A value
+	// of 100 would indicate that the request took the entirety of the timeout given to it.
+	TimeoutBudgets bool `protobuf:"varint,1,opt,name=timeout_budgets,json=timeoutBudgets,proto3" json:"timeout_budgets,omitempty"`
+	// If request_response_sizes is true, then the :ref:`histograms
+	// <config_cluster_manager_cluster_stats_request_response_sizes>`  tracking header and body sizes
+	// of requests and responses will be published.
+	RequestResponseSizes bool `protobuf:"varint,2,opt,name=request_response_sizes,json=requestResponseSizes,proto3" json:"request_response_sizes,omitempty"`
+}
+
+func (x *TrackClusterStats) Reset() {
+	*x = TrackClusterStats{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_config_cluster_v3_cluster_proto_msgTypes[5]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *TrackClusterStats) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*TrackClusterStats) ProtoMessage() {}
+
+func (x *TrackClusterStats) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_config_cluster_v3_cluster_proto_msgTypes[5]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use TrackClusterStats.ProtoReflect.Descriptor instead.
+func (*TrackClusterStats) Descriptor() ([]byte, []int) {
+	return file_envoy_config_cluster_v3_cluster_proto_rawDescGZIP(), []int{5}
+}
+
+func (x *TrackClusterStats) GetTimeoutBudgets() bool {
+	if x != nil {
+		return x.TimeoutBudgets
+	}
+	return false
+}
+
+func (x *TrackClusterStats) GetRequestResponseSizes() bool {
+	if x != nil {
+		return x.RequestResponseSizes
+	}
+	return false
+}
+
+// TransportSocketMatch specifies what transport socket config will be used
+// when the match conditions are satisfied.
+type Cluster_TransportSocketMatch struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// The name of the match, used in stats generation.
+	Name string `protobuf:"bytes,1,opt,name=name,proto3" json:"name,omitempty"`
+	// Optional endpoint metadata match criteria.
+	// The connection to the endpoint with metadata matching what is set in this field
+	// will use the transport socket configuration specified here.
+	// The endpoint's metadata entry in *envoy.transport_socket_match* is used to match
+	// against the values specified in this field.
+	Match *_struct.Struct `protobuf:"bytes,2,opt,name=match,proto3" json:"match,omitempty"`
+	// The configuration of the transport socket.
+	// [#extension-category: envoy.transport_sockets.upstream]
+	TransportSocket *v32.TransportSocket `protobuf:"bytes,3,opt,name=transport_socket,json=transportSocket,proto3" json:"transport_socket,omitempty"`
+}
+
+func (x *Cluster_TransportSocketMatch) Reset() {
+	*x = Cluster_TransportSocketMatch{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_config_cluster_v3_cluster_proto_msgTypes[6]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *Cluster_TransportSocketMatch) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*Cluster_TransportSocketMatch) ProtoMessage() {}
+
+func (x *Cluster_TransportSocketMatch) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_config_cluster_v3_cluster_proto_msgTypes[6]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use Cluster_TransportSocketMatch.ProtoReflect.Descriptor instead.
+func (*Cluster_TransportSocketMatch) Descriptor() ([]byte, []int) {
+	return file_envoy_config_cluster_v3_cluster_proto_rawDescGZIP(), []int{1, 0}
+}
+
+func (x *Cluster_TransportSocketMatch) GetName() string {
+	if x != nil {
+		return x.Name
+	}
+	return ""
+}
+
+func (x *Cluster_TransportSocketMatch) GetMatch() *_struct.Struct {
+	if x != nil {
+		return x.Match
+	}
+	return nil
+}
+
+func (x *Cluster_TransportSocketMatch) GetTransportSocket() *v32.TransportSocket {
+	if x != nil {
+		return x.TransportSocket
+	}
+	return nil
+}
+
+// Extended cluster type.
+type Cluster_CustomClusterType struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// The type of the cluster to instantiate. The name must match a supported cluster type.
+	Name string `protobuf:"bytes,1,opt,name=name,proto3" json:"name,omitempty"`
+	// Cluster specific configuration which depends on the cluster being instantiated.
+	// See the supported cluster for further documentation.
+	// [#extension-category: envoy.clusters]
+	TypedConfig *any.Any `protobuf:"bytes,2,opt,name=typed_config,json=typedConfig,proto3" json:"typed_config,omitempty"`
+}
+
+func (x *Cluster_CustomClusterType) Reset() {
+	*x = Cluster_CustomClusterType{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_config_cluster_v3_cluster_proto_msgTypes[7]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *Cluster_CustomClusterType) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*Cluster_CustomClusterType) ProtoMessage() {}
+
+func (x *Cluster_CustomClusterType) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_config_cluster_v3_cluster_proto_msgTypes[7]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use Cluster_CustomClusterType.ProtoReflect.Descriptor instead.
+func (*Cluster_CustomClusterType) Descriptor() ([]byte, []int) {
+	return file_envoy_config_cluster_v3_cluster_proto_rawDescGZIP(), []int{1, 1}
+}
+
+func (x *Cluster_CustomClusterType) GetName() string {
+	if x != nil {
+		return x.Name
+	}
+	return ""
+}
+
+func (x *Cluster_CustomClusterType) GetTypedConfig() *any.Any {
+	if x != nil {
+		return x.TypedConfig
+	}
+	return nil
+}
+
+// Only valid when discovery type is EDS.
+type Cluster_EdsClusterConfig struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// Configuration for the source of EDS updates for this Cluster.
+	EdsConfig *v32.ConfigSource `protobuf:"bytes,1,opt,name=eds_config,json=edsConfig,proto3" json:"eds_config,omitempty"`
+	// Optional alternative to cluster name to present to EDS. This does not
+	// have the same restrictions as cluster name, i.e. it may be arbitrary
+	// length. This may be a xdstp:// URL.
+	ServiceName string `protobuf:"bytes,2,opt,name=service_name,json=serviceName,proto3" json:"service_name,omitempty"`
+}
+
+func (x *Cluster_EdsClusterConfig) Reset() {
+	*x = Cluster_EdsClusterConfig{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_config_cluster_v3_cluster_proto_msgTypes[8]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *Cluster_EdsClusterConfig) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*Cluster_EdsClusterConfig) ProtoMessage() {}
+
+func (x *Cluster_EdsClusterConfig) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_config_cluster_v3_cluster_proto_msgTypes[8]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use Cluster_EdsClusterConfig.ProtoReflect.Descriptor instead.
+func (*Cluster_EdsClusterConfig) Descriptor() ([]byte, []int) {
+	return file_envoy_config_cluster_v3_cluster_proto_rawDescGZIP(), []int{1, 2}
+}
+
+func (x *Cluster_EdsClusterConfig) GetEdsConfig() *v32.ConfigSource {
+	if x != nil {
+		return x.EdsConfig
+	}
+	return nil
+}
+
+func (x *Cluster_EdsClusterConfig) GetServiceName() string {
+	if x != nil {
+		return x.ServiceName
+	}
+	return ""
+}
+
+// Optionally divide the endpoints in this cluster into subsets defined by
+// endpoint metadata and selected by route and weighted cluster metadata.
+// [#next-free-field: 8]
+type Cluster_LbSubsetConfig struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// The behavior used when no endpoint subset matches the selected route's
+	// metadata. The value defaults to
+	// :ref:`NO_FALLBACK<envoy_v3_api_enum_value_config.cluster.v3.Cluster.LbSubsetConfig.LbSubsetFallbackPolicy.NO_FALLBACK>`.
+	FallbackPolicy Cluster_LbSubsetConfig_LbSubsetFallbackPolicy `protobuf:"varint,1,opt,name=fallback_policy,json=fallbackPolicy,proto3,enum=envoy.config.cluster.v3.Cluster_LbSubsetConfig_LbSubsetFallbackPolicy" json:"fallback_policy,omitempty"`
+	// Specifies the default subset of endpoints used during fallback if
+	// fallback_policy is
+	// :ref:`DEFAULT_SUBSET<envoy_v3_api_enum_value_config.cluster.v3.Cluster.LbSubsetConfig.LbSubsetFallbackPolicy.DEFAULT_SUBSET>`.
+	// Each field in default_subset is
+	// compared to the matching LbEndpoint.Metadata under the *envoy.lb*
+	// namespace. It is valid for no hosts to match, in which case the behavior
+	// is the same as a fallback_policy of
+	// :ref:`NO_FALLBACK<envoy_v3_api_enum_value_config.cluster.v3.Cluster.LbSubsetConfig.LbSubsetFallbackPolicy.NO_FALLBACK>`.
+	DefaultSubset *_struct.Struct `protobuf:"bytes,2,opt,name=default_subset,json=defaultSubset,proto3" json:"default_subset,omitempty"`
+	// For each entry, LbEndpoint.Metadata's
+	// *envoy.lb* namespace is traversed and a subset is created for each unique
+	// combination of key and value. For example:
+	//
+	// .. code-block:: json
+	//
+	//   { "subset_selectors": [
+	//       { "keys": [ "version" ] },
+	//       { "keys": [ "stage", "hardware_type" ] }
+	//   ]}
+	//
+	// A subset is matched when the metadata from the selected route and
+	// weighted cluster contains the same keys and values as the subset's
+	// metadata. The same host may appear in multiple subsets.
+	SubsetSelectors []*Cluster_LbSubsetConfig_LbSubsetSelector `protobuf:"bytes,3,rep,name=subset_selectors,json=subsetSelectors,proto3" json:"subset_selectors,omitempty"`
+	// If true, routing to subsets will take into account the localities and locality weights of the
+	// endpoints when making the routing decision.
+	//
+	// There are some potential pitfalls associated with enabling this feature, as the resulting
+	// traffic split after applying both a subset match and locality weights might be undesirable.
+	//
+	// Consider for example a situation in which you have 50/50 split across two localities X/Y
+	// which have 100 hosts each without subsetting. If the subset LB results in X having only 1
+	// host selected but Y having 100, then a lot more load is being dumped on the single host in X
+	// than originally anticipated in the load balancing assignment delivered via EDS.
+	LocalityWeightAware bool `protobuf:"varint,4,opt,name=locality_weight_aware,json=localityWeightAware,proto3" json:"locality_weight_aware,omitempty"`
+	// When used with locality_weight_aware, scales the weight of each locality by the ratio
+	// of hosts in the subset vs hosts in the original subset. This aims to even out the load
+	// going to an individual locality if said locality is disproportionately affected by the
+	// subset predicate.
+	ScaleLocalityWeight bool `protobuf:"varint,5,opt,name=scale_locality_weight,json=scaleLocalityWeight,proto3" json:"scale_locality_weight,omitempty"`
+	// If true, when a fallback policy is configured and its corresponding subset fails to find
+	// a host this will cause any host to be selected instead.
+	//
+	// This is useful when using the default subset as the fallback policy, given the default
+	// subset might become empty. With this option enabled, if that happens the LB will attempt
+	// to select a host from the entire cluster.
+	PanicModeAny bool `protobuf:"varint,6,opt,name=panic_mode_any,json=panicModeAny,proto3" json:"panic_mode_any,omitempty"`
+	// If true, metadata specified for a metadata key will be matched against the corresponding
+	// endpoint metadata if the endpoint metadata matches the value exactly OR it is a list value
+	// and any of the elements in the list matches the criteria.
+	ListAsAny bool `protobuf:"varint,7,opt,name=list_as_any,json=listAsAny,proto3" json:"list_as_any,omitempty"`
+}
+
+func (x *Cluster_LbSubsetConfig) Reset() {
+	*x = Cluster_LbSubsetConfig{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_config_cluster_v3_cluster_proto_msgTypes[9]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *Cluster_LbSubsetConfig) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*Cluster_LbSubsetConfig) ProtoMessage() {}
+
+func (x *Cluster_LbSubsetConfig) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_config_cluster_v3_cluster_proto_msgTypes[9]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use Cluster_LbSubsetConfig.ProtoReflect.Descriptor instead.
+func (*Cluster_LbSubsetConfig) Descriptor() ([]byte, []int) {
+	return file_envoy_config_cluster_v3_cluster_proto_rawDescGZIP(), []int{1, 3}
+}
+
+func (x *Cluster_LbSubsetConfig) GetFallbackPolicy() Cluster_LbSubsetConfig_LbSubsetFallbackPolicy {
+	if x != nil {
+		return x.FallbackPolicy
+	}
+	return Cluster_LbSubsetConfig_NO_FALLBACK
+}
+
+func (x *Cluster_LbSubsetConfig) GetDefaultSubset() *_struct.Struct {
+	if x != nil {
+		return x.DefaultSubset
+	}
+	return nil
+}
+
+func (x *Cluster_LbSubsetConfig) GetSubsetSelectors() []*Cluster_LbSubsetConfig_LbSubsetSelector {
+	if x != nil {
+		return x.SubsetSelectors
+	}
+	return nil
+}
+
+func (x *Cluster_LbSubsetConfig) GetLocalityWeightAware() bool {
+	if x != nil {
+		return x.LocalityWeightAware
+	}
+	return false
+}
+
+func (x *Cluster_LbSubsetConfig) GetScaleLocalityWeight() bool {
+	if x != nil {
+		return x.ScaleLocalityWeight
+	}
+	return false
+}
+
+func (x *Cluster_LbSubsetConfig) GetPanicModeAny() bool {
+	if x != nil {
+		return x.PanicModeAny
+	}
+	return false
+}
+
+func (x *Cluster_LbSubsetConfig) GetListAsAny() bool {
+	if x != nil {
+		return x.ListAsAny
+	}
+	return false
+}
+
+// Configuration for :ref:`slow start mode <arch_overview_load_balancing_slow_start>`.
+type Cluster_SlowStartConfig struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// Represents the size of slow start window.
+	// If set, the newly created host remains in slow start mode starting from its creation time
+	// for the duration of slow start window.
+	SlowStartWindow *duration.Duration `protobuf:"bytes,1,opt,name=slow_start_window,json=slowStartWindow,proto3" json:"slow_start_window,omitempty"`
+	// This parameter controls the speed of traffic increase over the slow start window. Defaults to 1.0,
+	// so that endpoint would get linearly increasing amount of traffic.
+	// When increasing the value for this parameter, the speed of traffic ramp-up increases non-linearly.
+	// The value of aggression parameter should be greater than 0.0.
+	// By tuning the parameter, is possible to achieve polynomial or exponential shape of ramp-up curve.
+	//
+	// During slow start window, effective weight of an endpoint would be scaled with time factor and aggression:
+	// `new_weight = weight * time_factor ^ (1 / aggression)`,
+	// where `time_factor=(time_since_start_seconds / slow_start_time_seconds)`.
+	//
+	// As time progresses, more and more traffic would be sent to endpoint, which is in slow start window.
+	// Once host exits slow start, time_factor and aggression no longer affect its weight.
+	Aggression *v32.RuntimeDouble `protobuf:"bytes,2,opt,name=aggression,proto3" json:"aggression,omitempty"`
+}
+
+func (x *Cluster_SlowStartConfig) Reset() {
+	*x = Cluster_SlowStartConfig{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_config_cluster_v3_cluster_proto_msgTypes[10]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *Cluster_SlowStartConfig) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*Cluster_SlowStartConfig) ProtoMessage() {}
+
+func (x *Cluster_SlowStartConfig) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_config_cluster_v3_cluster_proto_msgTypes[10]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use Cluster_SlowStartConfig.ProtoReflect.Descriptor instead.
+func (*Cluster_SlowStartConfig) Descriptor() ([]byte, []int) {
+	return file_envoy_config_cluster_v3_cluster_proto_rawDescGZIP(), []int{1, 4}
+}
+
+func (x *Cluster_SlowStartConfig) GetSlowStartWindow() *duration.Duration {
+	if x != nil {
+		return x.SlowStartWindow
+	}
+	return nil
+}
+
+func (x *Cluster_SlowStartConfig) GetAggression() *v32.RuntimeDouble {
+	if x != nil {
+		return x.Aggression
+	}
+	return nil
+}
+
+// Specific configuration for the RoundRobin load balancing policy.
+type Cluster_RoundRobinLbConfig struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// Configuration for slow start mode.
+	// If this configuration is not set, slow start will not be not enabled.
+	SlowStartConfig *Cluster_SlowStartConfig `protobuf:"bytes,1,opt,name=slow_start_config,json=slowStartConfig,proto3" json:"slow_start_config,omitempty"`
+}
+
+func (x *Cluster_RoundRobinLbConfig) Reset() {
+	*x = Cluster_RoundRobinLbConfig{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_config_cluster_v3_cluster_proto_msgTypes[11]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *Cluster_RoundRobinLbConfig) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*Cluster_RoundRobinLbConfig) ProtoMessage() {}
+
+func (x *Cluster_RoundRobinLbConfig) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_config_cluster_v3_cluster_proto_msgTypes[11]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use Cluster_RoundRobinLbConfig.ProtoReflect.Descriptor instead.
+func (*Cluster_RoundRobinLbConfig) Descriptor() ([]byte, []int) {
+	return file_envoy_config_cluster_v3_cluster_proto_rawDescGZIP(), []int{1, 5}
+}
+
+func (x *Cluster_RoundRobinLbConfig) GetSlowStartConfig() *Cluster_SlowStartConfig {
+	if x != nil {
+		return x.SlowStartConfig
+	}
+	return nil
+}
+
+// Specific configuration for the LeastRequest load balancing policy.
+type Cluster_LeastRequestLbConfig struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// The number of random healthy hosts from which the host with the fewest active requests will
+	// be chosen. Defaults to 2 so that we perform two-choice selection if the field is not set.
+	ChoiceCount *wrappers.UInt32Value `protobuf:"bytes,1,opt,name=choice_count,json=choiceCount,proto3" json:"choice_count,omitempty"`
+	// The following formula is used to calculate the dynamic weights when hosts have different load
+	// balancing weights:
+	//
+	// `weight = load_balancing_weight / (active_requests + 1)^active_request_bias`
+	//
+	// The larger the active request bias is, the more aggressively active requests will lower the
+	// effective weight when all host weights are not equal.
+	//
+	// `active_request_bias` must be greater than or equal to 0.0.
+	//
+	// When `active_request_bias == 0.0` the Least Request Load Balancer doesn't consider the number
+	// of active requests at the time it picks a host and behaves like the Round Robin Load
+	// Balancer.
+	//
+	// When `active_request_bias > 0.0` the Least Request Load Balancer scales the load balancing
+	// weight by the number of active requests at the time it does a pick.
+	//
+	// The value is cached for performance reasons and refreshed whenever one of the Load Balancer's
+	// host sets changes, e.g., whenever there is a host membership update or a host load balancing
+	// weight change.
+	//
+	// .. note::
+	//   This setting only takes effect if all host weights are not equal.
+	ActiveRequestBias *v32.RuntimeDouble `protobuf:"bytes,2,opt,name=active_request_bias,json=activeRequestBias,proto3" json:"active_request_bias,omitempty"`
+	// Configuration for slow start mode.
+	// If this configuration is not set, slow start will not be not enabled.
+	SlowStartConfig *Cluster_SlowStartConfig `protobuf:"bytes,3,opt,name=slow_start_config,json=slowStartConfig,proto3" json:"slow_start_config,omitempty"`
+}
+
+func (x *Cluster_LeastRequestLbConfig) Reset() {
+	*x = Cluster_LeastRequestLbConfig{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_config_cluster_v3_cluster_proto_msgTypes[12]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *Cluster_LeastRequestLbConfig) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*Cluster_LeastRequestLbConfig) ProtoMessage() {}
+
+func (x *Cluster_LeastRequestLbConfig) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_config_cluster_v3_cluster_proto_msgTypes[12]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use Cluster_LeastRequestLbConfig.ProtoReflect.Descriptor instead.
+func (*Cluster_LeastRequestLbConfig) Descriptor() ([]byte, []int) {
+	return file_envoy_config_cluster_v3_cluster_proto_rawDescGZIP(), []int{1, 6}
+}
+
+func (x *Cluster_LeastRequestLbConfig) GetChoiceCount() *wrappers.UInt32Value {
+	if x != nil {
+		return x.ChoiceCount
+	}
+	return nil
+}
+
+func (x *Cluster_LeastRequestLbConfig) GetActiveRequestBias() *v32.RuntimeDouble {
+	if x != nil {
+		return x.ActiveRequestBias
+	}
+	return nil
+}
+
+func (x *Cluster_LeastRequestLbConfig) GetSlowStartConfig() *Cluster_SlowStartConfig {
+	if x != nil {
+		return x.SlowStartConfig
+	}
+	return nil
+}
+
+// Specific configuration for the :ref:`RingHash<arch_overview_load_balancing_types_ring_hash>`
+// load balancing policy.
+type Cluster_RingHashLbConfig struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// Minimum hash ring size. The larger the ring is (that is, the more hashes there are for each
+	// provided host) the better the request distribution will reflect the desired weights. Defaults
+	// to 1024 entries, and limited to 8M entries. See also
+	// :ref:`maximum_ring_size<envoy_v3_api_field_config.cluster.v3.Cluster.RingHashLbConfig.maximum_ring_size>`.
+	MinimumRingSize *wrappers.UInt64Value `protobuf:"bytes,1,opt,name=minimum_ring_size,json=minimumRingSize,proto3" json:"minimum_ring_size,omitempty"`
+	// The hash function used to hash hosts onto the ketama ring. The value defaults to
+	// :ref:`XX_HASH<envoy_v3_api_enum_value_config.cluster.v3.Cluster.RingHashLbConfig.HashFunction.XX_HASH>`.
+	HashFunction Cluster_RingHashLbConfig_HashFunction `protobuf:"varint,3,opt,name=hash_function,json=hashFunction,proto3,enum=envoy.config.cluster.v3.Cluster_RingHashLbConfig_HashFunction" json:"hash_function,omitempty"`
+	// Maximum hash ring size. Defaults to 8M entries, and limited to 8M entries, but can be lowered
+	// to further constrain resource use. See also
+	// :ref:`minimum_ring_size<envoy_v3_api_field_config.cluster.v3.Cluster.RingHashLbConfig.minimum_ring_size>`.
+	MaximumRingSize *wrappers.UInt64Value `protobuf:"bytes,4,opt,name=maximum_ring_size,json=maximumRingSize,proto3" json:"maximum_ring_size,omitempty"`
+}
+
+func (x *Cluster_RingHashLbConfig) Reset() {
+	*x = Cluster_RingHashLbConfig{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_config_cluster_v3_cluster_proto_msgTypes[13]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *Cluster_RingHashLbConfig) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*Cluster_RingHashLbConfig) ProtoMessage() {}
+
+func (x *Cluster_RingHashLbConfig) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_config_cluster_v3_cluster_proto_msgTypes[13]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use Cluster_RingHashLbConfig.ProtoReflect.Descriptor instead.
+func (*Cluster_RingHashLbConfig) Descriptor() ([]byte, []int) {
+	return file_envoy_config_cluster_v3_cluster_proto_rawDescGZIP(), []int{1, 7}
+}
+
+func (x *Cluster_RingHashLbConfig) GetMinimumRingSize() *wrappers.UInt64Value {
+	if x != nil {
+		return x.MinimumRingSize
+	}
+	return nil
+}
+
+func (x *Cluster_RingHashLbConfig) GetHashFunction() Cluster_RingHashLbConfig_HashFunction {
+	if x != nil {
+		return x.HashFunction
+	}
+	return Cluster_RingHashLbConfig_XX_HASH
+}
+
+func (x *Cluster_RingHashLbConfig) GetMaximumRingSize() *wrappers.UInt64Value {
+	if x != nil {
+		return x.MaximumRingSize
+	}
+	return nil
+}
+
+// Specific configuration for the :ref:`Maglev<arch_overview_load_balancing_types_maglev>`
+// load balancing policy.
+type Cluster_MaglevLbConfig struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// The table size for Maglev hashing. The Maglev aims for ‘minimal disruption’ rather than an absolute guarantee.
+	// Minimal disruption means that when the set of upstreams changes, a connection will likely be sent to the same
+	// upstream as it was before. Increasing the table size reduces the amount of disruption.
+	// The table size must be prime number limited to 5000011. If it is not specified, the default is 65537.
+	TableSize *wrappers.UInt64Value `protobuf:"bytes,1,opt,name=table_size,json=tableSize,proto3" json:"table_size,omitempty"`
+}
+
+func (x *Cluster_MaglevLbConfig) Reset() {
+	*x = Cluster_MaglevLbConfig{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_config_cluster_v3_cluster_proto_msgTypes[14]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *Cluster_MaglevLbConfig) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*Cluster_MaglevLbConfig) ProtoMessage() {}
+
+func (x *Cluster_MaglevLbConfig) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_config_cluster_v3_cluster_proto_msgTypes[14]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use Cluster_MaglevLbConfig.ProtoReflect.Descriptor instead.
+func (*Cluster_MaglevLbConfig) Descriptor() ([]byte, []int) {
+	return file_envoy_config_cluster_v3_cluster_proto_rawDescGZIP(), []int{1, 8}
+}
+
+func (x *Cluster_MaglevLbConfig) GetTableSize() *wrappers.UInt64Value {
+	if x != nil {
+		return x.TableSize
+	}
+	return nil
+}
+
+// Specific configuration for the
+// :ref:`Original Destination <arch_overview_load_balancing_types_original_destination>`
+// load balancing policy.
+type Cluster_OriginalDstLbConfig struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// When true, :ref:`x-envoy-original-dst-host
+	// <config_http_conn_man_headers_x-envoy-original-dst-host>` can be used to override destination
+	// address.
+	//
+	// .. attention::
+	//
+	//   This header isn't sanitized by default, so enabling this feature allows HTTP clients to
+	//   route traffic to arbitrary hosts and/or ports, which may have serious security
+	//   consequences.
+	//
+	// .. note::
+	//
+	//   If the header appears multiple times only the first value is used.
+	UseHttpHeader bool `protobuf:"varint,1,opt,name=use_http_header,json=useHttpHeader,proto3" json:"use_http_header,omitempty"`
+}
+
+func (x *Cluster_OriginalDstLbConfig) Reset() {
+	*x = Cluster_OriginalDstLbConfig{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_config_cluster_v3_cluster_proto_msgTypes[15]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *Cluster_OriginalDstLbConfig) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*Cluster_OriginalDstLbConfig) ProtoMessage() {}
+
+func (x *Cluster_OriginalDstLbConfig) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_config_cluster_v3_cluster_proto_msgTypes[15]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use Cluster_OriginalDstLbConfig.ProtoReflect.Descriptor instead.
+func (*Cluster_OriginalDstLbConfig) Descriptor() ([]byte, []int) {
+	return file_envoy_config_cluster_v3_cluster_proto_rawDescGZIP(), []int{1, 9}
+}
+
+func (x *Cluster_OriginalDstLbConfig) GetUseHttpHeader() bool {
+	if x != nil {
+		return x.UseHttpHeader
+	}
+	return false
+}
+
+// Common configuration for all load balancer implementations.
+// [#next-free-field: 8]
+type Cluster_CommonLbConfig struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// Configures the :ref:`healthy panic threshold <arch_overview_load_balancing_panic_threshold>`.
+	// If not specified, the default is 50%.
+	// To disable panic mode, set to 0%.
+	//
+	// .. note::
+	//   The specified percent will be truncated to the nearest 1%.
+	HealthyPanicThreshold *v33.Percent `protobuf:"bytes,1,opt,name=healthy_panic_threshold,json=healthyPanicThreshold,proto3" json:"healthy_panic_threshold,omitempty"`
+	// Types that are assignable to LocalityConfigSpecifier:
+	//	*Cluster_CommonLbConfig_ZoneAwareLbConfig_
+	//	*Cluster_CommonLbConfig_LocalityWeightedLbConfig_
+	LocalityConfigSpecifier isCluster_CommonLbConfig_LocalityConfigSpecifier `protobuf_oneof:"locality_config_specifier"`
+	// If set, all health check/weight/metadata updates that happen within this duration will be
+	// merged and delivered in one shot when the duration expires. The start of the duration is when
+	// the first update happens. This is useful for big clusters, with potentially noisy deploys
+	// that might trigger excessive CPU usage due to a constant stream of healthcheck state changes
+	// or metadata updates. The first set of updates to be seen apply immediately (e.g.: a new
+	// cluster). Please always keep in mind that the use of sandbox technologies may change this
+	// behavior.
+	//
+	// If this is not set, we default to a merge window of 1000ms. To disable it, set the merge
+	// window to 0.
+	//
+	// Note: merging does not apply to cluster membership changes (e.g.: adds/removes); this is
+	// because merging those updates isn't currently safe. See
+	// https://github.com/envoyproxy/envoy/pull/3941.
+	UpdateMergeWindow *duration.Duration `protobuf:"bytes,4,opt,name=update_merge_window,json=updateMergeWindow,proto3" json:"update_merge_window,omitempty"`
+	// If set to true, Envoy will :ref:`exclude <arch_overview_load_balancing_excluded>` new hosts
+	// when computing load balancing weights until they have been health checked for the first time.
+	// This will have no effect unless active health checking is also configured.
+	IgnoreNewHostsUntilFirstHc bool `protobuf:"varint,5,opt,name=ignore_new_hosts_until_first_hc,json=ignoreNewHostsUntilFirstHc,proto3" json:"ignore_new_hosts_until_first_hc,omitempty"`
+	// If set to `true`, the cluster manager will drain all existing
+	// connections to upstream hosts whenever hosts are added or removed from the cluster.
+	CloseConnectionsOnHostSetChange bool `protobuf:"varint,6,opt,name=close_connections_on_host_set_change,json=closeConnectionsOnHostSetChange,proto3" json:"close_connections_on_host_set_change,omitempty"`
+	// Common Configuration for all consistent hashing load balancers (MaglevLb, RingHashLb, etc.)
+	ConsistentHashingLbConfig *Cluster_CommonLbConfig_ConsistentHashingLbConfig `protobuf:"bytes,7,opt,name=consistent_hashing_lb_config,json=consistentHashingLbConfig,proto3" json:"consistent_hashing_lb_config,omitempty"`
+}
+
+func (x *Cluster_CommonLbConfig) Reset() {
+	*x = Cluster_CommonLbConfig{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_config_cluster_v3_cluster_proto_msgTypes[16]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *Cluster_CommonLbConfig) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*Cluster_CommonLbConfig) ProtoMessage() {}
+
+func (x *Cluster_CommonLbConfig) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_config_cluster_v3_cluster_proto_msgTypes[16]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use Cluster_CommonLbConfig.ProtoReflect.Descriptor instead.
+func (*Cluster_CommonLbConfig) Descriptor() ([]byte, []int) {
+	return file_envoy_config_cluster_v3_cluster_proto_rawDescGZIP(), []int{1, 10}
+}
+
+func (x *Cluster_CommonLbConfig) GetHealthyPanicThreshold() *v33.Percent {
+	if x != nil {
+		return x.HealthyPanicThreshold
+	}
+	return nil
+}
+
+func (m *Cluster_CommonLbConfig) GetLocalityConfigSpecifier() isCluster_CommonLbConfig_LocalityConfigSpecifier {
+	if m != nil {
+		return m.LocalityConfigSpecifier
+	}
+	return nil
+}
+
+func (x *Cluster_CommonLbConfig) GetZoneAwareLbConfig() *Cluster_CommonLbConfig_ZoneAwareLbConfig {
+	if x, ok := x.GetLocalityConfigSpecifier().(*Cluster_CommonLbConfig_ZoneAwareLbConfig_); ok {
+		return x.ZoneAwareLbConfig
+	}
+	return nil
+}
+
+func (x *Cluster_CommonLbConfig) GetLocalityWeightedLbConfig() *Cluster_CommonLbConfig_LocalityWeightedLbConfig {
+	if x, ok := x.GetLocalityConfigSpecifier().(*Cluster_CommonLbConfig_LocalityWeightedLbConfig_); ok {
+		return x.LocalityWeightedLbConfig
+	}
+	return nil
+}
+
+func (x *Cluster_CommonLbConfig) GetUpdateMergeWindow() *duration.Duration {
+	if x != nil {
+		return x.UpdateMergeWindow
+	}
+	return nil
+}
+
+func (x *Cluster_CommonLbConfig) GetIgnoreNewHostsUntilFirstHc() bool {
+	if x != nil {
+		return x.IgnoreNewHostsUntilFirstHc
+	}
+	return false
+}
+
+func (x *Cluster_CommonLbConfig) GetCloseConnectionsOnHostSetChange() bool {
+	if x != nil {
+		return x.CloseConnectionsOnHostSetChange
+	}
+	return false
+}
+
+func (x *Cluster_CommonLbConfig) GetConsistentHashingLbConfig() *Cluster_CommonLbConfig_ConsistentHashingLbConfig {
+	if x != nil {
+		return x.ConsistentHashingLbConfig
+	}
+	return nil
+}
+
+type isCluster_CommonLbConfig_LocalityConfigSpecifier interface {
+	isCluster_CommonLbConfig_LocalityConfigSpecifier()
+}
+
+type Cluster_CommonLbConfig_ZoneAwareLbConfig_ struct {
+	ZoneAwareLbConfig *Cluster_CommonLbConfig_ZoneAwareLbConfig `protobuf:"bytes,2,opt,name=zone_aware_lb_config,json=zoneAwareLbConfig,proto3,oneof"`
+}
+
+type Cluster_CommonLbConfig_LocalityWeightedLbConfig_ struct {
+	LocalityWeightedLbConfig *Cluster_CommonLbConfig_LocalityWeightedLbConfig `protobuf:"bytes,3,opt,name=locality_weighted_lb_config,json=localityWeightedLbConfig,proto3,oneof"`
+}
+
+func (*Cluster_CommonLbConfig_ZoneAwareLbConfig_) isCluster_CommonLbConfig_LocalityConfigSpecifier() {
+}
+
+func (*Cluster_CommonLbConfig_LocalityWeightedLbConfig_) isCluster_CommonLbConfig_LocalityConfigSpecifier() {
+}
+
+type Cluster_RefreshRate struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// Specifies the base interval between refreshes. This parameter is required and must be greater
+	// than zero and less than
+	// :ref:`max_interval <envoy_v3_api_field_config.cluster.v3.Cluster.RefreshRate.max_interval>`.
+	BaseInterval *duration.Duration `protobuf:"bytes,1,opt,name=base_interval,json=baseInterval,proto3" json:"base_interval,omitempty"`
+	// Specifies the maximum interval between refreshes. This parameter is optional, but must be
+	// greater than or equal to the
+	// :ref:`base_interval <envoy_v3_api_field_config.cluster.v3.Cluster.RefreshRate.base_interval>`  if set. The default
+	// is 10 times the :ref:`base_interval <envoy_v3_api_field_config.cluster.v3.Cluster.RefreshRate.base_interval>`.
+	MaxInterval *duration.Duration `protobuf:"bytes,2,opt,name=max_interval,json=maxInterval,proto3" json:"max_interval,omitempty"`
+}
+
+func (x *Cluster_RefreshRate) Reset() {
+	*x = Cluster_RefreshRate{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_config_cluster_v3_cluster_proto_msgTypes[17]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *Cluster_RefreshRate) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*Cluster_RefreshRate) ProtoMessage() {}
+
+func (x *Cluster_RefreshRate) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_config_cluster_v3_cluster_proto_msgTypes[17]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use Cluster_RefreshRate.ProtoReflect.Descriptor instead.
+func (*Cluster_RefreshRate) Descriptor() ([]byte, []int) {
+	return file_envoy_config_cluster_v3_cluster_proto_rawDescGZIP(), []int{1, 11}
+}
+
+func (x *Cluster_RefreshRate) GetBaseInterval() *duration.Duration {
+	if x != nil {
+		return x.BaseInterval
+	}
+	return nil
+}
+
+func (x *Cluster_RefreshRate) GetMaxInterval() *duration.Duration {
+	if x != nil {
+		return x.MaxInterval
+	}
+	return nil
+}
+
+type Cluster_PreconnectPolicy struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// Indicates how many streams (rounded up) can be anticipated per-upstream for each
+	// incoming stream. This is useful for high-QPS or latency-sensitive services. Preconnecting
+	// will only be done if the upstream is healthy and the cluster has traffic.
+	//
+	// For example if this is 2, for an incoming HTTP/1.1 stream, 2 connections will be
+	// established, one for the new incoming stream, and one for a presumed follow-up stream. For
+	// HTTP/2, only one connection would be established by default as one connection can
+	// serve both the original and presumed follow-up stream.
+	//
+	// In steady state for non-multiplexed connections a value of 1.5 would mean if there were 100
+	// active streams, there would be 100 connections in use, and 50 connections preconnected.
+	// This might be a useful value for something like short lived single-use connections,
+	// for example proxying HTTP/1.1 if keep-alive were false and each stream resulted in connection
+	// termination. It would likely be overkill for long lived connections, such as TCP proxying SMTP
+	// or regular HTTP/1.1 with keep-alive. For long lived traffic, a value of 1.05 would be more
+	// reasonable, where for every 100 connections, 5 preconnected connections would be in the queue
+	// in case of unexpected disconnects where the connection could not be reused.
+	//
+	// If this value is not set, or set explicitly to one, Envoy will fetch as many connections
+	// as needed to serve streams in flight. This means in steady state if a connection is torn down,
+	// a subsequent streams will pay an upstream-rtt latency penalty waiting for a new connection.
+	//
+	// This is limited somewhat arbitrarily to 3 because preconnecting too aggressively can
+	// harm latency more than the preconnecting helps.
+	PerUpstreamPreconnectRatio *wrappers.DoubleValue `protobuf:"bytes,1,opt,name=per_upstream_preconnect_ratio,json=perUpstreamPreconnectRatio,proto3" json:"per_upstream_preconnect_ratio,omitempty"`
+	// Indicates how many many streams (rounded up) can be anticipated across a cluster for each
+	// stream, useful for low QPS services. This is currently supported for a subset of
+	// deterministic non-hash-based load-balancing algorithms (weighted round robin, random).
+	// Unlike *per_upstream_preconnect_ratio* this preconnects across the upstream instances in a
+	// cluster, doing best effort predictions of what upstream would be picked next and
+	// pre-establishing a connection.
+	//
+	// Preconnecting will be limited to one preconnect per configured upstream in the cluster and will
+	// only be done if there are healthy upstreams and the cluster has traffic.
+	//
+	// For example if preconnecting is set to 2 for a round robin HTTP/2 cluster, on the first
+	// incoming stream, 2 connections will be preconnected - one to the first upstream for this
+	// cluster, one to the second on the assumption there will be a follow-up stream.
+	//
+	// If this value is not set, or set explicitly to one, Envoy will fetch as many connections
+	// as needed to serve streams in flight, so during warm up and in steady state if a connection
+	// is closed (and per_upstream_preconnect_ratio is not set), there will be a latency hit for
+	// connection establishment.
+	//
+	// If both this and preconnect_ratio are set, Envoy will make sure both predicted needs are met,
+	// basically preconnecting max(predictive-preconnect, per-upstream-preconnect), for each
+	// upstream.
+	PredictivePreconnectRatio *wrappers.DoubleValue `protobuf:"bytes,2,opt,name=predictive_preconnect_ratio,json=predictivePreconnectRatio,proto3" json:"predictive_preconnect_ratio,omitempty"`
+}
+
+func (x *Cluster_PreconnectPolicy) Reset() {
+	*x = Cluster_PreconnectPolicy{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_config_cluster_v3_cluster_proto_msgTypes[18]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *Cluster_PreconnectPolicy) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*Cluster_PreconnectPolicy) ProtoMessage() {}
+
+func (x *Cluster_PreconnectPolicy) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_config_cluster_v3_cluster_proto_msgTypes[18]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use Cluster_PreconnectPolicy.ProtoReflect.Descriptor instead.
+func (*Cluster_PreconnectPolicy) Descriptor() ([]byte, []int) {
+	return file_envoy_config_cluster_v3_cluster_proto_rawDescGZIP(), []int{1, 12}
+}
+
+func (x *Cluster_PreconnectPolicy) GetPerUpstreamPreconnectRatio() *wrappers.DoubleValue {
+	if x != nil {
+		return x.PerUpstreamPreconnectRatio
+	}
+	return nil
+}
+
+func (x *Cluster_PreconnectPolicy) GetPredictivePreconnectRatio() *wrappers.DoubleValue {
+	if x != nil {
+		return x.PredictivePreconnectRatio
+	}
+	return nil
+}
+
+// Specifications for subsets.
+type Cluster_LbSubsetConfig_LbSubsetSelector struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// List of keys to match with the weighted cluster metadata.
+	Keys []string `protobuf:"bytes,1,rep,name=keys,proto3" json:"keys,omitempty"`
+	// Selects a mode of operation in which each subset has only one host. This mode uses the same rules for
+	// choosing a host, but updating hosts is faster, especially for large numbers of hosts.
+	//
+	// If a match is found to a host, that host will be used regardless of priority levels, unless the host is unhealthy.
+	//
+	// Currently, this mode is only supported if `subset_selectors` has only one entry, and `keys` contains
+	// only one entry.
+	//
+	// When this mode is enabled, configurations that contain more than one host with the same metadata value for the single key in `keys`
+	// will use only one of the hosts with the given key; no requests will be routed to the others. The cluster gauge
+	// :ref:`lb_subsets_single_host_per_subset_duplicate<config_cluster_manager_cluster_stats_subset_lb>` indicates how many duplicates are
+	// present in the current configuration.
+	SingleHostPerSubset bool `protobuf:"varint,4,opt,name=single_host_per_subset,json=singleHostPerSubset,proto3" json:"single_host_per_subset,omitempty"`
+	// The behavior used when no endpoint subset matches the selected route's
+	// metadata.
+	FallbackPolicy Cluster_LbSubsetConfig_LbSubsetSelector_LbSubsetSelectorFallbackPolicy `protobuf:"varint,2,opt,name=fallback_policy,json=fallbackPolicy,proto3,enum=envoy.config.cluster.v3.Cluster_LbSubsetConfig_LbSubsetSelector_LbSubsetSelectorFallbackPolicy" json:"fallback_policy,omitempty"`
+	// Subset of
+	// :ref:`keys<envoy_v3_api_field_config.cluster.v3.Cluster.LbSubsetConfig.LbSubsetSelector.keys>` used by
+	// :ref:`KEYS_SUBSET<envoy_v3_api_enum_value_config.cluster.v3.Cluster.LbSubsetConfig.LbSubsetSelector.LbSubsetSelectorFallbackPolicy.KEYS_SUBSET>`
+	// fallback policy.
+	// It has to be a non empty list if KEYS_SUBSET fallback policy is selected.
+	// For any other fallback policy the parameter is not used and should not be set.
+	// Only values also present in
+	// :ref:`keys<envoy_v3_api_field_config.cluster.v3.Cluster.LbSubsetConfig.LbSubsetSelector.keys>` are allowed, but
+	// `fallback_keys_subset` cannot be equal to `keys`.
+	FallbackKeysSubset []string `protobuf:"bytes,3,rep,name=fallback_keys_subset,json=fallbackKeysSubset,proto3" json:"fallback_keys_subset,omitempty"`
+}
+
+func (x *Cluster_LbSubsetConfig_LbSubsetSelector) Reset() {
+	*x = Cluster_LbSubsetConfig_LbSubsetSelector{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_config_cluster_v3_cluster_proto_msgTypes[20]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *Cluster_LbSubsetConfig_LbSubsetSelector) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*Cluster_LbSubsetConfig_LbSubsetSelector) ProtoMessage() {}
+
+func (x *Cluster_LbSubsetConfig_LbSubsetSelector) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_config_cluster_v3_cluster_proto_msgTypes[20]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use Cluster_LbSubsetConfig_LbSubsetSelector.ProtoReflect.Descriptor instead.
+func (*Cluster_LbSubsetConfig_LbSubsetSelector) Descriptor() ([]byte, []int) {
+	return file_envoy_config_cluster_v3_cluster_proto_rawDescGZIP(), []int{1, 3, 0}
+}
+
+func (x *Cluster_LbSubsetConfig_LbSubsetSelector) GetKeys() []string {
+	if x != nil {
+		return x.Keys
+	}
+	return nil
+}
+
+func (x *Cluster_LbSubsetConfig_LbSubsetSelector) GetSingleHostPerSubset() bool {
+	if x != nil {
+		return x.SingleHostPerSubset
+	}
+	return false
+}
+
+func (x *Cluster_LbSubsetConfig_LbSubsetSelector) GetFallbackPolicy() Cluster_LbSubsetConfig_LbSubsetSelector_LbSubsetSelectorFallbackPolicy {
+	if x != nil {
+		return x.FallbackPolicy
+	}
+	return Cluster_LbSubsetConfig_LbSubsetSelector_NOT_DEFINED
+}
+
+func (x *Cluster_LbSubsetConfig_LbSubsetSelector) GetFallbackKeysSubset() []string {
+	if x != nil {
+		return x.FallbackKeysSubset
+	}
+	return nil
+}
+
+// Configuration for :ref:`zone aware routing
+// <arch_overview_load_balancing_zone_aware_routing>`.
+type Cluster_CommonLbConfig_ZoneAwareLbConfig struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// Configures percentage of requests that will be considered for zone aware routing
+	// if zone aware routing is configured. If not specified, the default is 100%.
+	// * :ref:`runtime values <config_cluster_manager_cluster_runtime_zone_routing>`.
+	// * :ref:`Zone aware routing support <arch_overview_load_balancing_zone_aware_routing>`.
+	RoutingEnabled *v33.Percent `protobuf:"bytes,1,opt,name=routing_enabled,json=routingEnabled,proto3" json:"routing_enabled,omitempty"`
+	// Configures minimum upstream cluster size required for zone aware routing
+	// If upstream cluster size is less than specified, zone aware routing is not performed
+	// even if zone aware routing is configured. If not specified, the default is 6.
+	// * :ref:`runtime values <config_cluster_manager_cluster_runtime_zone_routing>`.
+	// * :ref:`Zone aware routing support <arch_overview_load_balancing_zone_aware_routing>`.
+	MinClusterSize *wrappers.UInt64Value `protobuf:"bytes,2,opt,name=min_cluster_size,json=minClusterSize,proto3" json:"min_cluster_size,omitempty"`
+	// If set to true, Envoy will not consider any hosts when the cluster is in :ref:`panic
+	// mode<arch_overview_load_balancing_panic_threshold>`. Instead, the cluster will fail all
+	// requests as if all hosts are unhealthy. This can help avoid potentially overwhelming a
+	// failing service.
+	FailTrafficOnPanic bool `protobuf:"varint,3,opt,name=fail_traffic_on_panic,json=failTrafficOnPanic,proto3" json:"fail_traffic_on_panic,omitempty"`
+}
+
+func (x *Cluster_CommonLbConfig_ZoneAwareLbConfig) Reset() {
+	*x = Cluster_CommonLbConfig_ZoneAwareLbConfig{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_config_cluster_v3_cluster_proto_msgTypes[21]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *Cluster_CommonLbConfig_ZoneAwareLbConfig) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*Cluster_CommonLbConfig_ZoneAwareLbConfig) ProtoMessage() {}
+
+func (x *Cluster_CommonLbConfig_ZoneAwareLbConfig) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_config_cluster_v3_cluster_proto_msgTypes[21]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use Cluster_CommonLbConfig_ZoneAwareLbConfig.ProtoReflect.Descriptor instead.
+func (*Cluster_CommonLbConfig_ZoneAwareLbConfig) Descriptor() ([]byte, []int) {
+	return file_envoy_config_cluster_v3_cluster_proto_rawDescGZIP(), []int{1, 10, 0}
+}
+
+func (x *Cluster_CommonLbConfig_ZoneAwareLbConfig) GetRoutingEnabled() *v33.Percent {
+	if x != nil {
+		return x.RoutingEnabled
+	}
+	return nil
+}
+
+func (x *Cluster_CommonLbConfig_ZoneAwareLbConfig) GetMinClusterSize() *wrappers.UInt64Value {
+	if x != nil {
+		return x.MinClusterSize
+	}
+	return nil
+}
+
+func (x *Cluster_CommonLbConfig_ZoneAwareLbConfig) GetFailTrafficOnPanic() bool {
+	if x != nil {
+		return x.FailTrafficOnPanic
+	}
+	return false
+}
+
+// Configuration for :ref:`locality weighted load balancing
+// <arch_overview_load_balancing_locality_weighted_lb>`
+type Cluster_CommonLbConfig_LocalityWeightedLbConfig struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+}
+
+func (x *Cluster_CommonLbConfig_LocalityWeightedLbConfig) Reset() {
+	*x = Cluster_CommonLbConfig_LocalityWeightedLbConfig{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_config_cluster_v3_cluster_proto_msgTypes[22]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *Cluster_CommonLbConfig_LocalityWeightedLbConfig) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*Cluster_CommonLbConfig_LocalityWeightedLbConfig) ProtoMessage() {}
+
+func (x *Cluster_CommonLbConfig_LocalityWeightedLbConfig) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_config_cluster_v3_cluster_proto_msgTypes[22]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use Cluster_CommonLbConfig_LocalityWeightedLbConfig.ProtoReflect.Descriptor instead.
+func (*Cluster_CommonLbConfig_LocalityWeightedLbConfig) Descriptor() ([]byte, []int) {
+	return file_envoy_config_cluster_v3_cluster_proto_rawDescGZIP(), []int{1, 10, 1}
+}
+
+// Common Configuration for all consistent hashing load balancers (MaglevLb, RingHashLb, etc.)
+type Cluster_CommonLbConfig_ConsistentHashingLbConfig struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// If set to `true`, the cluster will use hostname instead of the resolved
+	// address as the key to consistently hash to an upstream host. Only valid for StrictDNS clusters with hostnames which resolve to a single IP address.
+	UseHostnameForHashing bool `protobuf:"varint,1,opt,name=use_hostname_for_hashing,json=useHostnameForHashing,proto3" json:"use_hostname_for_hashing,omitempty"`
+	// Configures percentage of average cluster load to bound per upstream host. For example, with a value of 150
+	// no upstream host will get a load more than 1.5 times the average load of all the hosts in the cluster.
+	// If not specified, the load is not bounded for any upstream host. Typical value for this parameter is between 120 and 200.
+	// Minimum is 100.
+	//
+	// Applies to both Ring Hash and Maglev load balancers.
+	//
+	// This is implemented based on the method described in the paper https://arxiv.org/abs/1608.01350. For the specified
+	// `hash_balance_factor`, requests to any upstream host are capped at `hash_balance_factor/100` times the average number of requests
+	// across the cluster. When a request arrives for an upstream host that is currently serving at its max capacity, linear probing
+	// is used to identify an eligible host. Further, the linear probe is implemented using a random jump in hosts ring/table to identify
+	// the eligible host (this technique is as described in the paper https://arxiv.org/abs/1908.08762 - the random jump avoids the
+	// cascading overflow effect when choosing the next host in the ring/table).
+	//
+	// If weights are specified on the hosts, they are respected.
+	//
+	// This is an O(N) algorithm, unlike other load balancers. Using a lower `hash_balance_factor` results in more hosts
+	// being probed, so use a higher value if you require better performance.
+	HashBalanceFactor *wrappers.UInt32Value `protobuf:"bytes,2,opt,name=hash_balance_factor,json=hashBalanceFactor,proto3" json:"hash_balance_factor,omitempty"`
+}
+
+func (x *Cluster_CommonLbConfig_ConsistentHashingLbConfig) Reset() {
+	*x = Cluster_CommonLbConfig_ConsistentHashingLbConfig{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_config_cluster_v3_cluster_proto_msgTypes[23]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *Cluster_CommonLbConfig_ConsistentHashingLbConfig) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*Cluster_CommonLbConfig_ConsistentHashingLbConfig) ProtoMessage() {}
+
+func (x *Cluster_CommonLbConfig_ConsistentHashingLbConfig) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_config_cluster_v3_cluster_proto_msgTypes[23]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use Cluster_CommonLbConfig_ConsistentHashingLbConfig.ProtoReflect.Descriptor instead.
+func (*Cluster_CommonLbConfig_ConsistentHashingLbConfig) Descriptor() ([]byte, []int) {
+	return file_envoy_config_cluster_v3_cluster_proto_rawDescGZIP(), []int{1, 10, 2}
+}
+
+func (x *Cluster_CommonLbConfig_ConsistentHashingLbConfig) GetUseHostnameForHashing() bool {
+	if x != nil {
+		return x.UseHostnameForHashing
+	}
+	return false
+}
+
+func (x *Cluster_CommonLbConfig_ConsistentHashingLbConfig) GetHashBalanceFactor() *wrappers.UInt32Value {
+	if x != nil {
+		return x.HashBalanceFactor
+	}
+	return nil
+}
+
+type LoadBalancingPolicy_Policy struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	TypedExtensionConfig *v32.TypedExtensionConfig `protobuf:"bytes,4,opt,name=typed_extension_config,json=typedExtensionConfig,proto3" json:"typed_extension_config,omitempty"`
+}
+
+func (x *LoadBalancingPolicy_Policy) Reset() {
+	*x = LoadBalancingPolicy_Policy{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_config_cluster_v3_cluster_proto_msgTypes[24]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *LoadBalancingPolicy_Policy) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*LoadBalancingPolicy_Policy) ProtoMessage() {}
+
+func (x *LoadBalancingPolicy_Policy) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_config_cluster_v3_cluster_proto_msgTypes[24]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use LoadBalancingPolicy_Policy.ProtoReflect.Descriptor instead.
+func (*LoadBalancingPolicy_Policy) Descriptor() ([]byte, []int) {
+	return file_envoy_config_cluster_v3_cluster_proto_rawDescGZIP(), []int{2, 0}
+}
+
+func (x *LoadBalancingPolicy_Policy) GetTypedExtensionConfig() *v32.TypedExtensionConfig {
+	if x != nil {
+		return x.TypedExtensionConfig
+	}
+	return nil
+}
+
+var File_envoy_config_cluster_v3_cluster_proto protoreflect.FileDescriptor
+
+var file_envoy_config_cluster_v3_cluster_proto_rawDesc = []byte{
+	0x0a, 0x25, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2f, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2f, 0x63,
+	0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0x2f, 0x76, 0x33, 0x2f, 0x63, 0x6c, 0x75, 0x73, 0x74, 0x65,
+	0x72, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x12, 0x17, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63,
+	0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x63, 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0x2e, 0x76, 0x33,
+	0x1a, 0x2d, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2f, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2f, 0x63,
+	0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0x2f, 0x76, 0x33, 0x2f, 0x63, 0x69, 0x72, 0x63, 0x75, 0x69,
+	0x74, 0x5f, 0x62, 0x72, 0x65, 0x61, 0x6b, 0x65, 0x72, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a,
+	0x24, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2f, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2f, 0x63, 0x6c,
+	0x75, 0x73, 0x74, 0x65, 0x72, 0x2f, 0x76, 0x33, 0x2f, 0x66, 0x69, 0x6c, 0x74, 0x65, 0x72, 0x2e,
+	0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x2f, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2f, 0x63, 0x6f, 0x6e,
+	0x66, 0x69, 0x67, 0x2f, 0x63, 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0x2f, 0x76, 0x33, 0x2f, 0x6f,
+	0x75, 0x74, 0x6c, 0x69, 0x65, 0x72, 0x5f, 0x64, 0x65, 0x74, 0x65, 0x63, 0x74, 0x69, 0x6f, 0x6e,
+	0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x22, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2f, 0x63, 0x6f,
+	0x6e, 0x66, 0x69, 0x67, 0x2f, 0x63, 0x6f, 0x72, 0x65, 0x2f, 0x76, 0x33, 0x2f, 0x61, 0x64, 0x64,
+	0x72, 0x65, 0x73, 0x73, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x1f, 0x65, 0x6e, 0x76, 0x6f,
+	0x79, 0x2f, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2f, 0x63, 0x6f, 0x72, 0x65, 0x2f, 0x76, 0x33,
+	0x2f, 0x62, 0x61, 0x73, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x28, 0x65, 0x6e, 0x76,
+	0x6f, 0x79, 0x2f, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2f, 0x63, 0x6f, 0x72, 0x65, 0x2f, 0x76,
+	0x33, 0x2f, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x5f, 0x73, 0x6f, 0x75, 0x72, 0x63, 0x65, 0x2e,
+	0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x24, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2f, 0x63, 0x6f, 0x6e,
+	0x66, 0x69, 0x67, 0x2f, 0x63, 0x6f, 0x72, 0x65, 0x2f, 0x76, 0x33, 0x2f, 0x65, 0x78, 0x74, 0x65,
+	0x6e, 0x73, 0x69, 0x6f, 0x6e, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x27, 0x65, 0x6e, 0x76,
+	0x6f, 0x79, 0x2f, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2f, 0x63, 0x6f, 0x72, 0x65, 0x2f, 0x76,
+	0x33, 0x2f, 0x68, 0x65, 0x61, 0x6c, 0x74, 0x68, 0x5f, 0x63, 0x68, 0x65, 0x63, 0x6b, 0x2e, 0x70,
+	0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x23, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2f, 0x63, 0x6f, 0x6e, 0x66,
+	0x69, 0x67, 0x2f, 0x63, 0x6f, 0x72, 0x65, 0x2f, 0x76, 0x33, 0x2f, 0x70, 0x72, 0x6f, 0x74, 0x6f,
+	0x63, 0x6f, 0x6c, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x23, 0x65, 0x6e, 0x76, 0x6f, 0x79,
+	0x2f, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2f, 0x63, 0x6f, 0x72, 0x65, 0x2f, 0x76, 0x33, 0x2f,
+	0x72, 0x65, 0x73, 0x6f, 0x6c, 0x76, 0x65, 0x72, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x27,
+	0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2f, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2f, 0x65, 0x6e, 0x64,
+	0x70, 0x6f, 0x69, 0x6e, 0x74, 0x2f, 0x76, 0x33, 0x2f, 0x65, 0x6e, 0x64, 0x70, 0x6f, 0x69, 0x6e,
+	0x74, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x1b, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2f, 0x74,
+	0x79, 0x70, 0x65, 0x2f, 0x76, 0x33, 0x2f, 0x70, 0x65, 0x72, 0x63, 0x65, 0x6e, 0x74, 0x2e, 0x70,
+	0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x19, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2f, 0x70, 0x72, 0x6f,
+	0x74, 0x6f, 0x62, 0x75, 0x66, 0x2f, 0x61, 0x6e, 0x79, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a,
+	0x1e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2f, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66,
+	0x2f, 0x64, 0x75, 0x72, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a,
+	0x1c, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2f, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66,
+	0x2f, 0x73, 0x74, 0x72, 0x75, 0x63, 0x74, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x1e, 0x67,
+	0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2f, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2f, 0x77,
+	0x72, 0x61, 0x70, 0x70, 0x65, 0x72, 0x73, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x22, 0x78,
+	0x64, 0x73, 0x2f, 0x63, 0x6f, 0x72, 0x65, 0x2f, 0x76, 0x33, 0x2f, 0x63, 0x6f, 0x6c, 0x6c, 0x65,
+	0x63, 0x74, 0x69, 0x6f, 0x6e, 0x5f, 0x65, 0x6e, 0x74, 0x72, 0x79, 0x2e, 0x70, 0x72, 0x6f, 0x74,
+	0x6f, 0x1a, 0x23, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2f, 0x61, 0x6e, 0x6e, 0x6f, 0x74, 0x61, 0x74,
+	0x69, 0x6f, 0x6e, 0x73, 0x2f, 0x64, 0x65, 0x70, 0x72, 0x65, 0x63, 0x61, 0x74, 0x69, 0x6f, 0x6e,
+	0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x1e, 0x75, 0x64, 0x70, 0x61, 0x2f, 0x61, 0x6e, 0x6e,
+	0x6f, 0x74, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x2f, 0x6d, 0x69, 0x67, 0x72, 0x61, 0x74, 0x65,
+	0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x1f, 0x75, 0x64, 0x70, 0x61, 0x2f, 0x61, 0x6e, 0x6e,
+	0x6f, 0x74, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x2f, 0x73, 0x65, 0x63, 0x75, 0x72, 0x69, 0x74,
+	0x79, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x1d, 0x75, 0x64, 0x70, 0x61, 0x2f, 0x61, 0x6e,
+	0x6e, 0x6f, 0x74, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x2f, 0x73, 0x74, 0x61, 0x74, 0x75, 0x73,
+	0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x21, 0x75, 0x64, 0x70, 0x61, 0x2f, 0x61, 0x6e, 0x6e,
+	0x6f, 0x74, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x2f, 0x76, 0x65, 0x72, 0x73, 0x69, 0x6f, 0x6e,
+	0x69, 0x6e, 0x67, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x17, 0x76, 0x61, 0x6c, 0x69, 0x64,
+	0x61, 0x74, 0x65, 0x2f, 0x76, 0x61, 0x6c, 0x69, 0x64, 0x61, 0x74, 0x65, 0x2e, 0x70, 0x72, 0x6f,
+	0x74, 0x6f, 0x22, 0x4b, 0x0a, 0x11, 0x43, 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0x43, 0x6f, 0x6c,
+	0x6c, 0x65, 0x63, 0x74, 0x69, 0x6f, 0x6e, 0x12, 0x36, 0x0a, 0x07, 0x65, 0x6e, 0x74, 0x72, 0x69,
+	0x65, 0x73, 0x18, 0x01, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1c, 0x2e, 0x78, 0x64, 0x73, 0x2e, 0x63,
+	0x6f, 0x72, 0x65, 0x2e, 0x76, 0x33, 0x2e, 0x43, 0x6f, 0x6c, 0x6c, 0x65, 0x63, 0x74, 0x69, 0x6f,
+	0x6e, 0x45, 0x6e, 0x74, 0x72, 0x79, 0x52, 0x07, 0x65, 0x6e, 0x74, 0x72, 0x69, 0x65, 0x73, 0x22,
+	0xc2, 0x4e, 0x0a, 0x07, 0x43, 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0x12, 0x6f, 0x0a, 0x18, 0x74,
+	0x72, 0x61, 0x6e, 0x73, 0x70, 0x6f, 0x72, 0x74, 0x5f, 0x73, 0x6f, 0x63, 0x6b, 0x65, 0x74, 0x5f,
+	0x6d, 0x61, 0x74, 0x63, 0x68, 0x65, 0x73, 0x18, 0x2b, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x35, 0x2e,
+	0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x63, 0x6c, 0x75,
+	0x73, 0x74, 0x65, 0x72, 0x2e, 0x76, 0x33, 0x2e, 0x43, 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0x2e,
+	0x54, 0x72, 0x61, 0x6e, 0x73, 0x70, 0x6f, 0x72, 0x74, 0x53, 0x6f, 0x63, 0x6b, 0x65, 0x74, 0x4d,
+	0x61, 0x74, 0x63, 0x68, 0x52, 0x16, 0x74, 0x72, 0x61, 0x6e, 0x73, 0x70, 0x6f, 0x72, 0x74, 0x53,
+	0x6f, 0x63, 0x6b, 0x65, 0x74, 0x4d, 0x61, 0x74, 0x63, 0x68, 0x65, 0x73, 0x12, 0x1b, 0x0a, 0x04,
+	0x6e, 0x61, 0x6d, 0x65, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x42, 0x07, 0xfa, 0x42, 0x04, 0x72,
+	0x02, 0x10, 0x01, 0x52, 0x04, 0x6e, 0x61, 0x6d, 0x65, 0x12, 0x3e, 0x0a, 0x0d, 0x61, 0x6c, 0x74,
+	0x5f, 0x73, 0x74, 0x61, 0x74, 0x5f, 0x6e, 0x61, 0x6d, 0x65, 0x18, 0x1c, 0x20, 0x01, 0x28, 0x09,
+	0x42, 0x1a, 0xf2, 0x98, 0xfe, 0x8f, 0x05, 0x14, 0x0a, 0x12, 0x6f, 0x62, 0x73, 0x65, 0x72, 0x76,
+	0x61, 0x62, 0x69, 0x6c, 0x69, 0x74, 0x79, 0x5f, 0x6e, 0x61, 0x6d, 0x65, 0x52, 0x0b, 0x61, 0x6c,
+	0x74, 0x53, 0x74, 0x61, 0x74, 0x4e, 0x61, 0x6d, 0x65, 0x12, 0x4e, 0x0a, 0x04, 0x74, 0x79, 0x70,
+	0x65, 0x18, 0x02, 0x20, 0x01, 0x28, 0x0e, 0x32, 0x2e, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e,
+	0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x63, 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0x2e, 0x76,
+	0x33, 0x2e, 0x43, 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0x2e, 0x44, 0x69, 0x73, 0x63, 0x6f, 0x76,
+	0x65, 0x72, 0x79, 0x54, 0x79, 0x70, 0x65, 0x42, 0x08, 0xfa, 0x42, 0x05, 0x82, 0x01, 0x02, 0x10,
+	0x01, 0x48, 0x00, 0x52, 0x04, 0x74, 0x79, 0x70, 0x65, 0x12, 0x57, 0x0a, 0x0c, 0x63, 0x6c, 0x75,
+	0x73, 0x74, 0x65, 0x72, 0x5f, 0x74, 0x79, 0x70, 0x65, 0x18, 0x26, 0x20, 0x01, 0x28, 0x0b, 0x32,
+	0x32, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x63,
+	0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0x2e, 0x76, 0x33, 0x2e, 0x43, 0x6c, 0x75, 0x73, 0x74, 0x65,
+	0x72, 0x2e, 0x43, 0x75, 0x73, 0x74, 0x6f, 0x6d, 0x43, 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0x54,
+	0x79, 0x70, 0x65, 0x48, 0x00, 0x52, 0x0b, 0x63, 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0x54, 0x79,
+	0x70, 0x65, 0x12, 0x5f, 0x0a, 0x12, 0x65, 0x64, 0x73, 0x5f, 0x63, 0x6c, 0x75, 0x73, 0x74, 0x65,
+	0x72, 0x5f, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x18, 0x03, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x31,
+	0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x63, 0x6c,
+	0x75, 0x73, 0x74, 0x65, 0x72, 0x2e, 0x76, 0x33, 0x2e, 0x43, 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72,
+	0x2e, 0x45, 0x64, 0x73, 0x43, 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0x43, 0x6f, 0x6e, 0x66, 0x69,
+	0x67, 0x52, 0x10, 0x65, 0x64, 0x73, 0x43, 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0x43, 0x6f, 0x6e,
+	0x66, 0x69, 0x67, 0x12, 0x4c, 0x0a, 0x0f, 0x63, 0x6f, 0x6e, 0x6e, 0x65, 0x63, 0x74, 0x5f, 0x74,
+	0x69, 0x6d, 0x65, 0x6f, 0x75, 0x74, 0x18, 0x04, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x19, 0x2e, 0x67,
+	0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x44,
+	0x75, 0x72, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x42, 0x08, 0xfa, 0x42, 0x05, 0xaa, 0x01, 0x02, 0x2a,
+	0x00, 0x52, 0x0e, 0x63, 0x6f, 0x6e, 0x6e, 0x65, 0x63, 0x74, 0x54, 0x69, 0x6d, 0x65, 0x6f, 0x75,
+	0x74, 0x12, 0x6f, 0x0a, 0x21, 0x70, 0x65, 0x72, 0x5f, 0x63, 0x6f, 0x6e, 0x6e, 0x65, 0x63, 0x74,
+	0x69, 0x6f, 0x6e, 0x5f, 0x62, 0x75, 0x66, 0x66, 0x65, 0x72, 0x5f, 0x6c, 0x69, 0x6d, 0x69, 0x74,
+	0x5f, 0x62, 0x79, 0x74, 0x65, 0x73, 0x18, 0x05, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1c, 0x2e, 0x67,
+	0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x55,
+	0x49, 0x6e, 0x74, 0x33, 0x32, 0x56, 0x61, 0x6c, 0x75, 0x65, 0x42, 0x07, 0x8a, 0x93, 0xb7, 0x2a,
+	0x02, 0x10, 0x01, 0x52, 0x1d, 0x70, 0x65, 0x72, 0x43, 0x6f, 0x6e, 0x6e, 0x65, 0x63, 0x74, 0x69,
+	0x6f, 0x6e, 0x42, 0x75, 0x66, 0x66, 0x65, 0x72, 0x4c, 0x69, 0x6d, 0x69, 0x74, 0x42, 0x79, 0x74,
+	0x65, 0x73, 0x12, 0x50, 0x0a, 0x09, 0x6c, 0x62, 0x5f, 0x70, 0x6f, 0x6c, 0x69, 0x63, 0x79, 0x18,
+	0x06, 0x20, 0x01, 0x28, 0x0e, 0x32, 0x29, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f,
+	0x6e, 0x66, 0x69, 0x67, 0x2e, 0x63, 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0x2e, 0x76, 0x33, 0x2e,
+	0x43, 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0x2e, 0x4c, 0x62, 0x50, 0x6f, 0x6c, 0x69, 0x63, 0x79,
+	0x42, 0x08, 0xfa, 0x42, 0x05, 0x82, 0x01, 0x02, 0x10, 0x01, 0x52, 0x08, 0x6c, 0x62, 0x50, 0x6f,
+	0x6c, 0x69, 0x63, 0x79, 0x12, 0x58, 0x0a, 0x0f, 0x6c, 0x6f, 0x61, 0x64, 0x5f, 0x61, 0x73, 0x73,
+	0x69, 0x67, 0x6e, 0x6d, 0x65, 0x6e, 0x74, 0x18, 0x21, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x2f, 0x2e,
+	0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x65, 0x6e, 0x64,
+	0x70, 0x6f, 0x69, 0x6e, 0x74, 0x2e, 0x76, 0x33, 0x2e, 0x43, 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72,
+	0x4c, 0x6f, 0x61, 0x64, 0x41, 0x73, 0x73, 0x69, 0x67, 0x6e, 0x6d, 0x65, 0x6e, 0x74, 0x52, 0x0e,
+	0x6c, 0x6f, 0x61, 0x64, 0x41, 0x73, 0x73, 0x69, 0x67, 0x6e, 0x6d, 0x65, 0x6e, 0x74, 0x12, 0x46,
+	0x0a, 0x0d, 0x68, 0x65, 0x61, 0x6c, 0x74, 0x68, 0x5f, 0x63, 0x68, 0x65, 0x63, 0x6b, 0x73, 0x18,
+	0x08, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x21, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f,
+	0x6e, 0x66, 0x69, 0x67, 0x2e, 0x63, 0x6f, 0x72, 0x65, 0x2e, 0x76, 0x33, 0x2e, 0x48, 0x65, 0x61,
+	0x6c, 0x74, 0x68, 0x43, 0x68, 0x65, 0x63, 0x6b, 0x52, 0x0c, 0x68, 0x65, 0x61, 0x6c, 0x74, 0x68,
+	0x43, 0x68, 0x65, 0x63, 0x6b, 0x73, 0x12, 0x68, 0x0a, 0x1b, 0x6d, 0x61, 0x78, 0x5f, 0x72, 0x65,
+	0x71, 0x75, 0x65, 0x73, 0x74, 0x73, 0x5f, 0x70, 0x65, 0x72, 0x5f, 0x63, 0x6f, 0x6e, 0x6e, 0x65,
+	0x63, 0x74, 0x69, 0x6f, 0x6e, 0x18, 0x09, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1c, 0x2e, 0x67, 0x6f,
+	0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x55, 0x49,
+	0x6e, 0x74, 0x33, 0x32, 0x56, 0x61, 0x6c, 0x75, 0x65, 0x42, 0x0b, 0x18, 0x01, 0x92, 0xc7, 0x86,
+	0xd8, 0x04, 0x03, 0x33, 0x2e, 0x30, 0x52, 0x18, 0x6d, 0x61, 0x78, 0x52, 0x65, 0x71, 0x75, 0x65,
+	0x73, 0x74, 0x73, 0x50, 0x65, 0x72, 0x43, 0x6f, 0x6e, 0x6e, 0x65, 0x63, 0x74, 0x69, 0x6f, 0x6e,
+	0x12, 0x53, 0x0a, 0x10, 0x63, 0x69, 0x72, 0x63, 0x75, 0x69, 0x74, 0x5f, 0x62, 0x72, 0x65, 0x61,
+	0x6b, 0x65, 0x72, 0x73, 0x18, 0x0a, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x28, 0x2e, 0x65, 0x6e, 0x76,
+	0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x63, 0x6c, 0x75, 0x73, 0x74, 0x65,
+	0x72, 0x2e, 0x76, 0x33, 0x2e, 0x43, 0x69, 0x72, 0x63, 0x75, 0x69, 0x74, 0x42, 0x72, 0x65, 0x61,
+	0x6b, 0x65, 0x72, 0x73, 0x52, 0x0f, 0x63, 0x69, 0x72, 0x63, 0x75, 0x69, 0x74, 0x42, 0x72, 0x65,
+	0x61, 0x6b, 0x65, 0x72, 0x73, 0x12, 0x83, 0x01, 0x0a, 0x1e, 0x75, 0x70, 0x73, 0x74, 0x72, 0x65,
+	0x61, 0x6d, 0x5f, 0x68, 0x74, 0x74, 0x70, 0x5f, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x63, 0x6f, 0x6c,
+	0x5f, 0x6f, 0x70, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x18, 0x2e, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x31,
+	0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x63, 0x6f,
+	0x72, 0x65, 0x2e, 0x76, 0x33, 0x2e, 0x55, 0x70, 0x73, 0x74, 0x72, 0x65, 0x61, 0x6d, 0x48, 0x74,
+	0x74, 0x70, 0x50, 0x72, 0x6f, 0x74, 0x6f, 0x63, 0x6f, 0x6c, 0x4f, 0x70, 0x74, 0x69, 0x6f, 0x6e,
+	0x73, 0x42, 0x0b, 0x18, 0x01, 0x92, 0xc7, 0x86, 0xd8, 0x04, 0x03, 0x33, 0x2e, 0x30, 0x52, 0x1b,
+	0x75, 0x70, 0x73, 0x74, 0x72, 0x65, 0x61, 0x6d, 0x48, 0x74, 0x74, 0x70, 0x50, 0x72, 0x6f, 0x74,
+	0x6f, 0x63, 0x6f, 0x6c, 0x4f, 0x70, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x12, 0x77, 0x0a, 0x1c, 0x63,
+	0x6f, 0x6d, 0x6d, 0x6f, 0x6e, 0x5f, 0x68, 0x74, 0x74, 0x70, 0x5f, 0x70, 0x72, 0x6f, 0x74, 0x6f,
+	0x63, 0x6f, 0x6c, 0x5f, 0x6f, 0x70, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x18, 0x1d, 0x20, 0x01, 0x28,
+	0x0b, 0x32, 0x29, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67,
+	0x2e, 0x63, 0x6f, 0x72, 0x65, 0x2e, 0x76, 0x33, 0x2e, 0x48, 0x74, 0x74, 0x70, 0x50, 0x72, 0x6f,
+	0x74, 0x6f, 0x63, 0x6f, 0x6c, 0x4f, 0x70, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x42, 0x0b, 0x18, 0x01,
+	0x92, 0xc7, 0x86, 0xd8, 0x04, 0x03, 0x33, 0x2e, 0x30, 0x52, 0x19, 0x63, 0x6f, 0x6d, 0x6d, 0x6f,
+	0x6e, 0x48, 0x74, 0x74, 0x70, 0x50, 0x72, 0x6f, 0x74, 0x6f, 0x63, 0x6f, 0x6c, 0x4f, 0x70, 0x74,
+	0x69, 0x6f, 0x6e, 0x73, 0x12, 0x6b, 0x0a, 0x15, 0x68, 0x74, 0x74, 0x70, 0x5f, 0x70, 0x72, 0x6f,
+	0x74, 0x6f, 0x63, 0x6f, 0x6c, 0x5f, 0x6f, 0x70, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x18, 0x0d, 0x20,
+	0x01, 0x28, 0x0b, 0x32, 0x2a, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66,
+	0x69, 0x67, 0x2e, 0x63, 0x6f, 0x72, 0x65, 0x2e, 0x76, 0x33, 0x2e, 0x48, 0x74, 0x74, 0x70, 0x31,
+	0x50, 0x72, 0x6f, 0x74, 0x6f, 0x63, 0x6f, 0x6c, 0x4f, 0x70, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x42,
+	0x0b, 0x18, 0x01, 0x92, 0xc7, 0x86, 0xd8, 0x04, 0x03, 0x33, 0x2e, 0x30, 0x52, 0x13, 0x68, 0x74,
+	0x74, 0x70, 0x50, 0x72, 0x6f, 0x74, 0x6f, 0x63, 0x6f, 0x6c, 0x4f, 0x70, 0x74, 0x69, 0x6f, 0x6e,
+	0x73, 0x12, 0x74, 0x0a, 0x16, 0x68, 0x74, 0x74, 0x70, 0x32, 0x5f, 0x70, 0x72, 0x6f, 0x74, 0x6f,
+	0x63, 0x6f, 0x6c, 0x5f, 0x6f, 0x70, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x18, 0x0e, 0x20, 0x01, 0x28,
+	0x0b, 0x32, 0x2a, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67,
+	0x2e, 0x63, 0x6f, 0x72, 0x65, 0x2e, 0x76, 0x33, 0x2e, 0x48, 0x74, 0x74, 0x70, 0x32, 0x50, 0x72,
+	0x6f, 0x74, 0x6f, 0x63, 0x6f, 0x6c, 0x4f, 0x70, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x42, 0x12, 0x18,
+	0x01, 0x8a, 0x93, 0xb7, 0x2a, 0x02, 0x10, 0x01, 0x92, 0xc7, 0x86, 0xd8, 0x04, 0x03, 0x33, 0x2e,
+	0x30, 0x52, 0x14, 0x68, 0x74, 0x74, 0x70, 0x32, 0x50, 0x72, 0x6f, 0x74, 0x6f, 0x63, 0x6f, 0x6c,
+	0x4f, 0x70, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x12, 0x8c, 0x01, 0x0a, 0x20, 0x74, 0x79, 0x70, 0x65,
+	0x64, 0x5f, 0x65, 0x78, 0x74, 0x65, 0x6e, 0x73, 0x69, 0x6f, 0x6e, 0x5f, 0x70, 0x72, 0x6f, 0x74,
+	0x6f, 0x63, 0x6f, 0x6c, 0x5f, 0x6f, 0x70, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x18, 0x24, 0x20, 0x03,
+	0x28, 0x0b, 0x32, 0x43, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69,
+	0x67, 0x2e, 0x63, 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0x2e, 0x76, 0x33, 0x2e, 0x43, 0x6c, 0x75,
+	0x73, 0x74, 0x65, 0x72, 0x2e, 0x54, 0x79, 0x70, 0x65, 0x64, 0x45, 0x78, 0x74, 0x65, 0x6e, 0x73,
+	0x69, 0x6f, 0x6e, 0x50, 0x72, 0x6f, 0x74, 0x6f, 0x63, 0x6f, 0x6c, 0x4f, 0x70, 0x74, 0x69, 0x6f,
+	0x6e, 0x73, 0x45, 0x6e, 0x74, 0x72, 0x79, 0x52, 0x1d, 0x74, 0x79, 0x70, 0x65, 0x64, 0x45, 0x78,
+	0x74, 0x65, 0x6e, 0x73, 0x69, 0x6f, 0x6e, 0x50, 0x72, 0x6f, 0x74, 0x6f, 0x63, 0x6f, 0x6c, 0x4f,
+	0x70, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x12, 0x51, 0x0a, 0x10, 0x64, 0x6e, 0x73, 0x5f, 0x72, 0x65,
+	0x66, 0x72, 0x65, 0x73, 0x68, 0x5f, 0x72, 0x61, 0x74, 0x65, 0x18, 0x10, 0x20, 0x01, 0x28, 0x0b,
+	0x32, 0x19, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62,
+	0x75, 0x66, 0x2e, 0x44, 0x75, 0x72, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x42, 0x0c, 0xfa, 0x42, 0x09,
+	0xaa, 0x01, 0x06, 0x2a, 0x04, 0x10, 0xc0, 0x84, 0x3d, 0x52, 0x0e, 0x64, 0x6e, 0x73, 0x52, 0x65,
+	0x66, 0x72, 0x65, 0x73, 0x68, 0x52, 0x61, 0x74, 0x65, 0x12, 0x65, 0x0a, 0x18, 0x64, 0x6e, 0x73,
+	0x5f, 0x66, 0x61, 0x69, 0x6c, 0x75, 0x72, 0x65, 0x5f, 0x72, 0x65, 0x66, 0x72, 0x65, 0x73, 0x68,
+	0x5f, 0x72, 0x61, 0x74, 0x65, 0x18, 0x2c, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x2c, 0x2e, 0x65, 0x6e,
+	0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x63, 0x6c, 0x75, 0x73, 0x74,
+	0x65, 0x72, 0x2e, 0x76, 0x33, 0x2e, 0x43, 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0x2e, 0x52, 0x65,
+	0x66, 0x72, 0x65, 0x73, 0x68, 0x52, 0x61, 0x74, 0x65, 0x52, 0x15, 0x64, 0x6e, 0x73, 0x46, 0x61,
+	0x69, 0x6c, 0x75, 0x72, 0x65, 0x52, 0x65, 0x66, 0x72, 0x65, 0x73, 0x68, 0x52, 0x61, 0x74, 0x65,
+	0x12, 0x26, 0x0a, 0x0f, 0x72, 0x65, 0x73, 0x70, 0x65, 0x63, 0x74, 0x5f, 0x64, 0x6e, 0x73, 0x5f,
+	0x74, 0x74, 0x6c, 0x18, 0x27, 0x20, 0x01, 0x28, 0x08, 0x52, 0x0d, 0x72, 0x65, 0x73, 0x70, 0x65,
+	0x63, 0x74, 0x44, 0x6e, 0x73, 0x54, 0x74, 0x6c, 0x12, 0x66, 0x0a, 0x11, 0x64, 0x6e, 0x73, 0x5f,
+	0x6c, 0x6f, 0x6f, 0x6b, 0x75, 0x70, 0x5f, 0x66, 0x61, 0x6d, 0x69, 0x6c, 0x79, 0x18, 0x11, 0x20,
+	0x01, 0x28, 0x0e, 0x32, 0x30, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66,
+	0x69, 0x67, 0x2e, 0x63, 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0x2e, 0x76, 0x33, 0x2e, 0x43, 0x6c,
+	0x75, 0x73, 0x74, 0x65, 0x72, 0x2e, 0x44, 0x6e, 0x73, 0x4c, 0x6f, 0x6f, 0x6b, 0x75, 0x70, 0x46,
+	0x61, 0x6d, 0x69, 0x6c, 0x79, 0x42, 0x08, 0xfa, 0x42, 0x05, 0x82, 0x01, 0x02, 0x10, 0x01, 0x52,
+	0x0f, 0x64, 0x6e, 0x73, 0x4c, 0x6f, 0x6f, 0x6b, 0x75, 0x70, 0x46, 0x61, 0x6d, 0x69, 0x6c, 0x79,
+	0x12, 0x4f, 0x0a, 0x0d, 0x64, 0x6e, 0x73, 0x5f, 0x72, 0x65, 0x73, 0x6f, 0x6c, 0x76, 0x65, 0x72,
+	0x73, 0x18, 0x12, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x1d, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e,
+	0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x63, 0x6f, 0x72, 0x65, 0x2e, 0x76, 0x33, 0x2e, 0x41,
+	0x64, 0x64, 0x72, 0x65, 0x73, 0x73, 0x42, 0x0b, 0x18, 0x01, 0x92, 0xc7, 0x86, 0xd8, 0x04, 0x03,
+	0x33, 0x2e, 0x30, 0x52, 0x0c, 0x64, 0x6e, 0x73, 0x52, 0x65, 0x73, 0x6f, 0x6c, 0x76, 0x65, 0x72,
+	0x73, 0x12, 0x41, 0x0a, 0x17, 0x75, 0x73, 0x65, 0x5f, 0x74, 0x63, 0x70, 0x5f, 0x66, 0x6f, 0x72,
+	0x5f, 0x64, 0x6e, 0x73, 0x5f, 0x6c, 0x6f, 0x6f, 0x6b, 0x75, 0x70, 0x73, 0x18, 0x2d, 0x20, 0x01,
+	0x28, 0x08, 0x42, 0x0b, 0x18, 0x01, 0x92, 0xc7, 0x86, 0xd8, 0x04, 0x03, 0x33, 0x2e, 0x30, 0x52,
+	0x13, 0x75, 0x73, 0x65, 0x54, 0x63, 0x70, 0x46, 0x6f, 0x72, 0x44, 0x6e, 0x73, 0x4c, 0x6f, 0x6f,
+	0x6b, 0x75, 0x70, 0x73, 0x12, 0x6a, 0x0a, 0x15, 0x64, 0x6e, 0x73, 0x5f, 0x72, 0x65, 0x73, 0x6f,
+	0x6c, 0x75, 0x74, 0x69, 0x6f, 0x6e, 0x5f, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x18, 0x35, 0x20,
+	0x01, 0x28, 0x0b, 0x32, 0x29, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66,
+	0x69, 0x67, 0x2e, 0x63, 0x6f, 0x72, 0x65, 0x2e, 0x76, 0x33, 0x2e, 0x44, 0x6e, 0x73, 0x52, 0x65,
+	0x73, 0x6f, 0x6c, 0x75, 0x74, 0x69, 0x6f, 0x6e, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x42, 0x0b,
+	0x18, 0x01, 0x92, 0xc7, 0x86, 0xd8, 0x04, 0x03, 0x33, 0x2e, 0x30, 0x52, 0x13, 0x64, 0x6e, 0x73,
+	0x52, 0x65, 0x73, 0x6f, 0x6c, 0x75, 0x74, 0x69, 0x6f, 0x6e, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67,
+	0x12, 0x65, 0x0a, 0x19, 0x74, 0x79, 0x70, 0x65, 0x64, 0x5f, 0x64, 0x6e, 0x73, 0x5f, 0x72, 0x65,
+	0x73, 0x6f, 0x6c, 0x76, 0x65, 0x72, 0x5f, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x18, 0x37, 0x20,
+	0x01, 0x28, 0x0b, 0x32, 0x2a, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66,
+	0x69, 0x67, 0x2e, 0x63, 0x6f, 0x72, 0x65, 0x2e, 0x76, 0x33, 0x2e, 0x54, 0x79, 0x70, 0x65, 0x64,
+	0x45, 0x78, 0x74, 0x65, 0x6e, 0x73, 0x69, 0x6f, 0x6e, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x52,
+	0x16, 0x74, 0x79, 0x70, 0x65, 0x64, 0x44, 0x6e, 0x73, 0x52, 0x65, 0x73, 0x6f, 0x6c, 0x76, 0x65,
+	0x72, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x12, 0x4c, 0x0a, 0x15, 0x77, 0x61, 0x69, 0x74, 0x5f,
+	0x66, 0x6f, 0x72, 0x5f, 0x77, 0x61, 0x72, 0x6d, 0x5f, 0x6f, 0x6e, 0x5f, 0x69, 0x6e, 0x69, 0x74,
+	0x18, 0x36, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1a, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e,
+	0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x42, 0x6f, 0x6f, 0x6c, 0x56, 0x61, 0x6c,
+	0x75, 0x65, 0x52, 0x11, 0x77, 0x61, 0x69, 0x74, 0x46, 0x6f, 0x72, 0x57, 0x61, 0x72, 0x6d, 0x4f,
+	0x6e, 0x49, 0x6e, 0x69, 0x74, 0x12, 0x56, 0x0a, 0x11, 0x6f, 0x75, 0x74, 0x6c, 0x69, 0x65, 0x72,
+	0x5f, 0x64, 0x65, 0x74, 0x65, 0x63, 0x74, 0x69, 0x6f, 0x6e, 0x18, 0x13, 0x20, 0x01, 0x28, 0x0b,
+	0x32, 0x29, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e,
+	0x63, 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0x2e, 0x76, 0x33, 0x2e, 0x4f, 0x75, 0x74, 0x6c, 0x69,
+	0x65, 0x72, 0x44, 0x65, 0x74, 0x65, 0x63, 0x74, 0x69, 0x6f, 0x6e, 0x52, 0x10, 0x6f, 0x75, 0x74,
+	0x6c, 0x69, 0x65, 0x72, 0x44, 0x65, 0x74, 0x65, 0x63, 0x74, 0x69, 0x6f, 0x6e, 0x12, 0x4e, 0x0a,
+	0x10, 0x63, 0x6c, 0x65, 0x61, 0x6e, 0x75, 0x70, 0x5f, 0x69, 0x6e, 0x74, 0x65, 0x72, 0x76, 0x61,
+	0x6c, 0x18, 0x14, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x19, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65,
+	0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x44, 0x75, 0x72, 0x61, 0x74, 0x69,
+	0x6f, 0x6e, 0x42, 0x08, 0xfa, 0x42, 0x05, 0xaa, 0x01, 0x02, 0x2a, 0x00, 0x52, 0x0f, 0x63, 0x6c,
+	0x65, 0x61, 0x6e, 0x75, 0x70, 0x49, 0x6e, 0x74, 0x65, 0x72, 0x76, 0x61, 0x6c, 0x12, 0x52, 0x0a,
+	0x14, 0x75, 0x70, 0x73, 0x74, 0x72, 0x65, 0x61, 0x6d, 0x5f, 0x62, 0x69, 0x6e, 0x64, 0x5f, 0x63,
+	0x6f, 0x6e, 0x66, 0x69, 0x67, 0x18, 0x15, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x20, 0x2e, 0x65, 0x6e,
+	0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x63, 0x6f, 0x72, 0x65, 0x2e,
+	0x76, 0x33, 0x2e, 0x42, 0x69, 0x6e, 0x64, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x52, 0x12, 0x75,
+	0x70, 0x73, 0x74, 0x72, 0x65, 0x61, 0x6d, 0x42, 0x69, 0x6e, 0x64, 0x43, 0x6f, 0x6e, 0x66, 0x69,
+	0x67, 0x12, 0x59, 0x0a, 0x10, 0x6c, 0x62, 0x5f, 0x73, 0x75, 0x62, 0x73, 0x65, 0x74, 0x5f, 0x63,
+	0x6f, 0x6e, 0x66, 0x69, 0x67, 0x18, 0x16, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x2f, 0x2e, 0x65, 0x6e,
+	0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x63, 0x6c, 0x75, 0x73, 0x74,
+	0x65, 0x72, 0x2e, 0x76, 0x33, 0x2e, 0x43, 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0x2e, 0x4c, 0x62,
+	0x53, 0x75, 0x62, 0x73, 0x65, 0x74, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x52, 0x0e, 0x6c, 0x62,
+	0x53, 0x75, 0x62, 0x73, 0x65, 0x74, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x12, 0x62, 0x0a, 0x13,
+	0x72, 0x69, 0x6e, 0x67, 0x5f, 0x68, 0x61, 0x73, 0x68, 0x5f, 0x6c, 0x62, 0x5f, 0x63, 0x6f, 0x6e,
+	0x66, 0x69, 0x67, 0x18, 0x17, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x31, 0x2e, 0x65, 0x6e, 0x76, 0x6f,
+	0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x63, 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72,
+	0x2e, 0x76, 0x33, 0x2e, 0x43, 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0x2e, 0x52, 0x69, 0x6e, 0x67,
+	0x48, 0x61, 0x73, 0x68, 0x4c, 0x62, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x48, 0x01, 0x52, 0x10,
+	0x72, 0x69, 0x6e, 0x67, 0x48, 0x61, 0x73, 0x68, 0x4c, 0x62, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67,
+	0x12, 0x5b, 0x0a, 0x10, 0x6d, 0x61, 0x67, 0x6c, 0x65, 0x76, 0x5f, 0x6c, 0x62, 0x5f, 0x63, 0x6f,
+	0x6e, 0x66, 0x69, 0x67, 0x18, 0x34, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x2f, 0x2e, 0x65, 0x6e, 0x76,
+	0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x63, 0x6c, 0x75, 0x73, 0x74, 0x65,
+	0x72, 0x2e, 0x76, 0x33, 0x2e, 0x43, 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0x2e, 0x4d, 0x61, 0x67,
+	0x6c, 0x65, 0x76, 0x4c, 0x62, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x48, 0x01, 0x52, 0x0e, 0x6d,
+	0x61, 0x67, 0x6c, 0x65, 0x76, 0x4c, 0x62, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x12, 0x6b, 0x0a,
+	0x16, 0x6f, 0x72, 0x69, 0x67, 0x69, 0x6e, 0x61, 0x6c, 0x5f, 0x64, 0x73, 0x74, 0x5f, 0x6c, 0x62,
+	0x5f, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x18, 0x22, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x34, 0x2e,
+	0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x63, 0x6c, 0x75,
+	0x73, 0x74, 0x65, 0x72, 0x2e, 0x76, 0x33, 0x2e, 0x43, 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0x2e,
+	0x4f, 0x72, 0x69, 0x67, 0x69, 0x6e, 0x61, 0x6c, 0x44, 0x73, 0x74, 0x4c, 0x62, 0x43, 0x6f, 0x6e,
+	0x66, 0x69, 0x67, 0x48, 0x01, 0x52, 0x13, 0x6f, 0x72, 0x69, 0x67, 0x69, 0x6e, 0x61, 0x6c, 0x44,
+	0x73, 0x74, 0x4c, 0x62, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x12, 0x6e, 0x0a, 0x17, 0x6c, 0x65,
+	0x61, 0x73, 0x74, 0x5f, 0x72, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x5f, 0x6c, 0x62, 0x5f, 0x63,
+	0x6f, 0x6e, 0x66, 0x69, 0x67, 0x18, 0x25, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x35, 0x2e, 0x65, 0x6e,
+	0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x63, 0x6c, 0x75, 0x73, 0x74,
+	0x65, 0x72, 0x2e, 0x76, 0x33, 0x2e, 0x43, 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0x2e, 0x4c, 0x65,
+	0x61, 0x73, 0x74, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x4c, 0x62, 0x43, 0x6f, 0x6e, 0x66,
+	0x69, 0x67, 0x48, 0x01, 0x52, 0x14, 0x6c, 0x65, 0x61, 0x73, 0x74, 0x52, 0x65, 0x71, 0x75, 0x65,
+	0x73, 0x74, 0x4c, 0x62, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x12, 0x68, 0x0a, 0x15, 0x72, 0x6f,
+	0x75, 0x6e, 0x64, 0x5f, 0x72, 0x6f, 0x62, 0x69, 0x6e, 0x5f, 0x6c, 0x62, 0x5f, 0x63, 0x6f, 0x6e,
+	0x66, 0x69, 0x67, 0x18, 0x38, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x33, 0x2e, 0x65, 0x6e, 0x76, 0x6f,
+	0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x63, 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72,
+	0x2e, 0x76, 0x33, 0x2e, 0x43, 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0x2e, 0x52, 0x6f, 0x75, 0x6e,
+	0x64, 0x52, 0x6f, 0x62, 0x69, 0x6e, 0x4c, 0x62, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x48, 0x01,
+	0x52, 0x12, 0x72, 0x6f, 0x75, 0x6e, 0x64, 0x52, 0x6f, 0x62, 0x69, 0x6e, 0x4c, 0x62, 0x43, 0x6f,
+	0x6e, 0x66, 0x69, 0x67, 0x12, 0x59, 0x0a, 0x10, 0x63, 0x6f, 0x6d, 0x6d, 0x6f, 0x6e, 0x5f, 0x6c,
+	0x62, 0x5f, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x18, 0x1b, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x2f,
+	0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x63, 0x6c,
+	0x75, 0x73, 0x74, 0x65, 0x72, 0x2e, 0x76, 0x33, 0x2e, 0x43, 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72,
+	0x2e, 0x43, 0x6f, 0x6d, 0x6d, 0x6f, 0x6e, 0x4c, 0x62, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x52,
+	0x0e, 0x63, 0x6f, 0x6d, 0x6d, 0x6f, 0x6e, 0x4c, 0x62, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x12,
+	0x50, 0x0a, 0x10, 0x74, 0x72, 0x61, 0x6e, 0x73, 0x70, 0x6f, 0x72, 0x74, 0x5f, 0x73, 0x6f, 0x63,
+	0x6b, 0x65, 0x74, 0x18, 0x18, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x25, 0x2e, 0x65, 0x6e, 0x76, 0x6f,
+	0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x63, 0x6f, 0x72, 0x65, 0x2e, 0x76, 0x33,
+	0x2e, 0x54, 0x72, 0x61, 0x6e, 0x73, 0x70, 0x6f, 0x72, 0x74, 0x53, 0x6f, 0x63, 0x6b, 0x65, 0x74,
+	0x52, 0x0f, 0x74, 0x72, 0x61, 0x6e, 0x73, 0x70, 0x6f, 0x72, 0x74, 0x53, 0x6f, 0x63, 0x6b, 0x65,
+	0x74, 0x12, 0x3a, 0x0a, 0x08, 0x6d, 0x65, 0x74, 0x61, 0x64, 0x61, 0x74, 0x61, 0x18, 0x19, 0x20,
+	0x01, 0x28, 0x0b, 0x32, 0x1e, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66,
+	0x69, 0x67, 0x2e, 0x63, 0x6f, 0x72, 0x65, 0x2e, 0x76, 0x33, 0x2e, 0x4d, 0x65, 0x74, 0x61, 0x64,
+	0x61, 0x74, 0x61, 0x52, 0x08, 0x6d, 0x65, 0x74, 0x61, 0x64, 0x61, 0x74, 0x61, 0x12, 0x75, 0x0a,
+	0x12, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x63, 0x6f, 0x6c, 0x5f, 0x73, 0x65, 0x6c, 0x65, 0x63, 0x74,
+	0x69, 0x6f, 0x6e, 0x18, 0x1a, 0x20, 0x01, 0x28, 0x0e, 0x32, 0x39, 0x2e, 0x65, 0x6e, 0x76, 0x6f,
+	0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x63, 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72,
+	0x2e, 0x76, 0x33, 0x2e, 0x43, 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0x2e, 0x43, 0x6c, 0x75, 0x73,
+	0x74, 0x65, 0x72, 0x50, 0x72, 0x6f, 0x74, 0x6f, 0x63, 0x6f, 0x6c, 0x53, 0x65, 0x6c, 0x65, 0x63,
+	0x74, 0x69, 0x6f, 0x6e, 0x42, 0x0b, 0x18, 0x01, 0x92, 0xc7, 0x86, 0xd8, 0x04, 0x03, 0x33, 0x2e,
+	0x30, 0x52, 0x11, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x63, 0x6f, 0x6c, 0x53, 0x65, 0x6c, 0x65, 0x63,
+	0x74, 0x69, 0x6f, 0x6e, 0x12, 0x72, 0x0a, 0x1b, 0x75, 0x70, 0x73, 0x74, 0x72, 0x65, 0x61, 0x6d,
+	0x5f, 0x63, 0x6f, 0x6e, 0x6e, 0x65, 0x63, 0x74, 0x69, 0x6f, 0x6e, 0x5f, 0x6f, 0x70, 0x74, 0x69,
+	0x6f, 0x6e, 0x73, 0x18, 0x1e, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x32, 0x2e, 0x65, 0x6e, 0x76, 0x6f,
+	0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x63, 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72,
+	0x2e, 0x76, 0x33, 0x2e, 0x55, 0x70, 0x73, 0x74, 0x72, 0x65, 0x61, 0x6d, 0x43, 0x6f, 0x6e, 0x6e,
+	0x65, 0x63, 0x74, 0x69, 0x6f, 0x6e, 0x4f, 0x70, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x52, 0x19, 0x75,
+	0x70, 0x73, 0x74, 0x72, 0x65, 0x61, 0x6d, 0x43, 0x6f, 0x6e, 0x6e, 0x65, 0x63, 0x74, 0x69, 0x6f,
+	0x6e, 0x4f, 0x70, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x12, 0x55, 0x0a, 0x28, 0x63, 0x6c, 0x6f, 0x73,
+	0x65, 0x5f, 0x63, 0x6f, 0x6e, 0x6e, 0x65, 0x63, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x5f, 0x6f, 0x6e,
+	0x5f, 0x68, 0x6f, 0x73, 0x74, 0x5f, 0x68, 0x65, 0x61, 0x6c, 0x74, 0x68, 0x5f, 0x66, 0x61, 0x69,
+	0x6c, 0x75, 0x72, 0x65, 0x18, 0x1f, 0x20, 0x01, 0x28, 0x08, 0x52, 0x23, 0x63, 0x6c, 0x6f, 0x73,
+	0x65, 0x43, 0x6f, 0x6e, 0x6e, 0x65, 0x63, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x4f, 0x6e, 0x48, 0x6f,
+	0x73, 0x74, 0x48, 0x65, 0x61, 0x6c, 0x74, 0x68, 0x46, 0x61, 0x69, 0x6c, 0x75, 0x72, 0x65, 0x12,
+	0x40, 0x0a, 0x1d, 0x69, 0x67, 0x6e, 0x6f, 0x72, 0x65, 0x5f, 0x68, 0x65, 0x61, 0x6c, 0x74, 0x68,
+	0x5f, 0x6f, 0x6e, 0x5f, 0x68, 0x6f, 0x73, 0x74, 0x5f, 0x72, 0x65, 0x6d, 0x6f, 0x76, 0x61, 0x6c,
+	0x18, 0x20, 0x20, 0x01, 0x28, 0x08, 0x52, 0x19, 0x69, 0x67, 0x6e, 0x6f, 0x72, 0x65, 0x48, 0x65,
+	0x61, 0x6c, 0x74, 0x68, 0x4f, 0x6e, 0x48, 0x6f, 0x73, 0x74, 0x52, 0x65, 0x6d, 0x6f, 0x76, 0x61,
+	0x6c, 0x12, 0x39, 0x0a, 0x07, 0x66, 0x69, 0x6c, 0x74, 0x65, 0x72, 0x73, 0x18, 0x28, 0x20, 0x03,
+	0x28, 0x0b, 0x32, 0x1f, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69,
+	0x67, 0x2e, 0x63, 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0x2e, 0x76, 0x33, 0x2e, 0x46, 0x69, 0x6c,
+	0x74, 0x65, 0x72, 0x52, 0x07, 0x66, 0x69, 0x6c, 0x74, 0x65, 0x72, 0x73, 0x12, 0x60, 0x0a, 0x15,
+	0x6c, 0x6f, 0x61, 0x64, 0x5f, 0x62, 0x61, 0x6c, 0x61, 0x6e, 0x63, 0x69, 0x6e, 0x67, 0x5f, 0x70,
+	0x6f, 0x6c, 0x69, 0x63, 0x79, 0x18, 0x29, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x2c, 0x2e, 0x65, 0x6e,
+	0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x63, 0x6c, 0x75, 0x73, 0x74,
+	0x65, 0x72, 0x2e, 0x76, 0x33, 0x2e, 0x4c, 0x6f, 0x61, 0x64, 0x42, 0x61, 0x6c, 0x61, 0x6e, 0x63,
+	0x69, 0x6e, 0x67, 0x50, 0x6f, 0x6c, 0x69, 0x63, 0x79, 0x52, 0x13, 0x6c, 0x6f, 0x61, 0x64, 0x42,
+	0x61, 0x6c, 0x61, 0x6e, 0x63, 0x69, 0x6e, 0x67, 0x50, 0x6f, 0x6c, 0x69, 0x63, 0x79, 0x12, 0x41,
+	0x0a, 0x0a, 0x6c, 0x72, 0x73, 0x5f, 0x73, 0x65, 0x72, 0x76, 0x65, 0x72, 0x18, 0x2a, 0x20, 0x01,
+	0x28, 0x0b, 0x32, 0x22, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69,
+	0x67, 0x2e, 0x63, 0x6f, 0x72, 0x65, 0x2e, 0x76, 0x33, 0x2e, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67,
+	0x53, 0x6f, 0x75, 0x72, 0x63, 0x65, 0x52, 0x09, 0x6c, 0x72, 0x73, 0x53, 0x65, 0x72, 0x76, 0x65,
+	0x72, 0x12, 0x3f, 0x0a, 0x15, 0x74, 0x72, 0x61, 0x63, 0x6b, 0x5f, 0x74, 0x69, 0x6d, 0x65, 0x6f,
+	0x75, 0x74, 0x5f, 0x62, 0x75, 0x64, 0x67, 0x65, 0x74, 0x73, 0x18, 0x2f, 0x20, 0x01, 0x28, 0x08,
+	0x42, 0x0b, 0x18, 0x01, 0x92, 0xc7, 0x86, 0xd8, 0x04, 0x03, 0x33, 0x2e, 0x30, 0x52, 0x13, 0x74,
+	0x72, 0x61, 0x63, 0x6b, 0x54, 0x69, 0x6d, 0x65, 0x6f, 0x75, 0x74, 0x42, 0x75, 0x64, 0x67, 0x65,
+	0x74, 0x73, 0x12, 0x53, 0x0a, 0x0f, 0x75, 0x70, 0x73, 0x74, 0x72, 0x65, 0x61, 0x6d, 0x5f, 0x63,
+	0x6f, 0x6e, 0x66, 0x69, 0x67, 0x18, 0x30, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x2a, 0x2e, 0x65, 0x6e,
+	0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x63, 0x6f, 0x72, 0x65, 0x2e,
+	0x76, 0x33, 0x2e, 0x54, 0x79, 0x70, 0x65, 0x64, 0x45, 0x78, 0x74, 0x65, 0x6e, 0x73, 0x69, 0x6f,
+	0x6e, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x52, 0x0e, 0x75, 0x70, 0x73, 0x74, 0x72, 0x65, 0x61,
+	0x6d, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x12, 0x5a, 0x0a, 0x13, 0x74, 0x72, 0x61, 0x63, 0x6b,
+	0x5f, 0x63, 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0x5f, 0x73, 0x74, 0x61, 0x74, 0x73, 0x18, 0x31,
+	0x20, 0x01, 0x28, 0x0b, 0x32, 0x2a, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e,
+	0x66, 0x69, 0x67, 0x2e, 0x63, 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0x2e, 0x76, 0x33, 0x2e, 0x54,
+	0x72, 0x61, 0x63, 0x6b, 0x43, 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0x53, 0x74, 0x61, 0x74, 0x73,
+	0x52, 0x11, 0x74, 0x72, 0x61, 0x63, 0x6b, 0x43, 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0x53, 0x74,
+	0x61, 0x74, 0x73, 0x12, 0x5e, 0x0a, 0x11, 0x70, 0x72, 0x65, 0x63, 0x6f, 0x6e, 0x6e, 0x65, 0x63,
+	0x74, 0x5f, 0x70, 0x6f, 0x6c, 0x69, 0x63, 0x79, 0x18, 0x32, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x31,
+	0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x63, 0x6c,
+	0x75, 0x73, 0x74, 0x65, 0x72, 0x2e, 0x76, 0x33, 0x2e, 0x43, 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72,
+	0x2e, 0x50, 0x72, 0x65, 0x63, 0x6f, 0x6e, 0x6e, 0x65, 0x63, 0x74, 0x50, 0x6f, 0x6c, 0x69, 0x63,
+	0x79, 0x52, 0x10, 0x70, 0x72, 0x65, 0x63, 0x6f, 0x6e, 0x6e, 0x65, 0x63, 0x74, 0x50, 0x6f, 0x6c,
+	0x69, 0x63, 0x79, 0x12, 0x58, 0x0a, 0x29, 0x63, 0x6f, 0x6e, 0x6e, 0x65, 0x63, 0x74, 0x69, 0x6f,
+	0x6e, 0x5f, 0x70, 0x6f, 0x6f, 0x6c, 0x5f, 0x70, 0x65, 0x72, 0x5f, 0x64, 0x6f, 0x77, 0x6e, 0x73,
+	0x74, 0x72, 0x65, 0x61, 0x6d, 0x5f, 0x63, 0x6f, 0x6e, 0x6e, 0x65, 0x63, 0x74, 0x69, 0x6f, 0x6e,
+	0x18, 0x33, 0x20, 0x01, 0x28, 0x08, 0x52, 0x25, 0x63, 0x6f, 0x6e, 0x6e, 0x65, 0x63, 0x74, 0x69,
+	0x6f, 0x6e, 0x50, 0x6f, 0x6f, 0x6c, 0x50, 0x65, 0x72, 0x44, 0x6f, 0x77, 0x6e, 0x73, 0x74, 0x72,
+	0x65, 0x61, 0x6d, 0x43, 0x6f, 0x6e, 0x6e, 0x65, 0x63, 0x74, 0x69, 0x6f, 0x6e, 0x1a, 0xe6, 0x01,
+	0x0a, 0x14, 0x54, 0x72, 0x61, 0x6e, 0x73, 0x70, 0x6f, 0x72, 0x74, 0x53, 0x6f, 0x63, 0x6b, 0x65,
+	0x74, 0x4d, 0x61, 0x74, 0x63, 0x68, 0x12, 0x1b, 0x0a, 0x04, 0x6e, 0x61, 0x6d, 0x65, 0x18, 0x01,
+	0x20, 0x01, 0x28, 0x09, 0x42, 0x07, 0xfa, 0x42, 0x04, 0x72, 0x02, 0x10, 0x01, 0x52, 0x04, 0x6e,
+	0x61, 0x6d, 0x65, 0x12, 0x2d, 0x0a, 0x05, 0x6d, 0x61, 0x74, 0x63, 0x68, 0x18, 0x02, 0x20, 0x01,
+	0x28, 0x0b, 0x32, 0x17, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74,
+	0x6f, 0x62, 0x75, 0x66, 0x2e, 0x53, 0x74, 0x72, 0x75, 0x63, 0x74, 0x52, 0x05, 0x6d, 0x61, 0x74,
+	0x63, 0x68, 0x12, 0x50, 0x0a, 0x10, 0x74, 0x72, 0x61, 0x6e, 0x73, 0x70, 0x6f, 0x72, 0x74, 0x5f,
+	0x73, 0x6f, 0x63, 0x6b, 0x65, 0x74, 0x18, 0x03, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x25, 0x2e, 0x65,
+	0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x63, 0x6f, 0x72, 0x65,
+	0x2e, 0x76, 0x33, 0x2e, 0x54, 0x72, 0x61, 0x6e, 0x73, 0x70, 0x6f, 0x72, 0x74, 0x53, 0x6f, 0x63,
+	0x6b, 0x65, 0x74, 0x52, 0x0f, 0x74, 0x72, 0x61, 0x6e, 0x73, 0x70, 0x6f, 0x72, 0x74, 0x53, 0x6f,
+	0x63, 0x6b, 0x65, 0x74, 0x3a, 0x30, 0x9a, 0xc5, 0x88, 0x1e, 0x2b, 0x0a, 0x29, 0x65, 0x6e, 0x76,
+	0x6f, 0x79, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x76, 0x32, 0x2e, 0x43, 0x6c, 0x75, 0x73, 0x74, 0x65,
+	0x72, 0x2e, 0x54, 0x72, 0x61, 0x6e, 0x73, 0x70, 0x6f, 0x72, 0x74, 0x53, 0x6f, 0x63, 0x6b, 0x65,
+	0x74, 0x4d, 0x61, 0x74, 0x63, 0x68, 0x1a, 0x98, 0x01, 0x0a, 0x11, 0x43, 0x75, 0x73, 0x74, 0x6f,
+	0x6d, 0x43, 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0x54, 0x79, 0x70, 0x65, 0x12, 0x1b, 0x0a, 0x04,
+	0x6e, 0x61, 0x6d, 0x65, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x42, 0x07, 0xfa, 0x42, 0x04, 0x72,
+	0x02, 0x10, 0x01, 0x52, 0x04, 0x6e, 0x61, 0x6d, 0x65, 0x12, 0x37, 0x0a, 0x0c, 0x74, 0x79, 0x70,
+	0x65, 0x64, 0x5f, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x18, 0x02, 0x20, 0x01, 0x28, 0x0b, 0x32,
+	0x14, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75,
+	0x66, 0x2e, 0x41, 0x6e, 0x79, 0x52, 0x0b, 0x74, 0x79, 0x70, 0x65, 0x64, 0x43, 0x6f, 0x6e, 0x66,
+	0x69, 0x67, 0x3a, 0x2d, 0x9a, 0xc5, 0x88, 0x1e, 0x28, 0x0a, 0x26, 0x65, 0x6e, 0x76, 0x6f, 0x79,
+	0x2e, 0x61, 0x70, 0x69, 0x2e, 0x76, 0x32, 0x2e, 0x43, 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0x2e,
+	0x43, 0x75, 0x73, 0x74, 0x6f, 0x6d, 0x43, 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0x54, 0x79, 0x70,
+	0x65, 0x1a, 0xa6, 0x01, 0x0a, 0x10, 0x45, 0x64, 0x73, 0x43, 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72,
+	0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x12, 0x41, 0x0a, 0x0a, 0x65, 0x64, 0x73, 0x5f, 0x63, 0x6f,
+	0x6e, 0x66, 0x69, 0x67, 0x18, 0x01, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x22, 0x2e, 0x65, 0x6e, 0x76,
+	0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x63, 0x6f, 0x72, 0x65, 0x2e, 0x76,
+	0x33, 0x2e, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x53, 0x6f, 0x75, 0x72, 0x63, 0x65, 0x52, 0x09,
+	0x65, 0x64, 0x73, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x12, 0x21, 0x0a, 0x0c, 0x73, 0x65, 0x72,
+	0x76, 0x69, 0x63, 0x65, 0x5f, 0x6e, 0x61, 0x6d, 0x65, 0x18, 0x02, 0x20, 0x01, 0x28, 0x09, 0x52,
+	0x0b, 0x73, 0x65, 0x72, 0x76, 0x69, 0x63, 0x65, 0x4e, 0x61, 0x6d, 0x65, 0x3a, 0x2c, 0x9a, 0xc5,
+	0x88, 0x1e, 0x27, 0x0a, 0x25, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x76,
+	0x32, 0x2e, 0x43, 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0x2e, 0x45, 0x64, 0x73, 0x43, 0x6c, 0x75,
+	0x73, 0x74, 0x65, 0x72, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x1a, 0xc0, 0x08, 0x0a, 0x0e, 0x4c,
+	0x62, 0x53, 0x75, 0x62, 0x73, 0x65, 0x74, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x12, 0x79, 0x0a,
+	0x0f, 0x66, 0x61, 0x6c, 0x6c, 0x62, 0x61, 0x63, 0x6b, 0x5f, 0x70, 0x6f, 0x6c, 0x69, 0x63, 0x79,
+	0x18, 0x01, 0x20, 0x01, 0x28, 0x0e, 0x32, 0x46, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63,
+	0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x63, 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0x2e, 0x76, 0x33,
+	0x2e, 0x43, 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0x2e, 0x4c, 0x62, 0x53, 0x75, 0x62, 0x73, 0x65,
+	0x74, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x4c, 0x62, 0x53, 0x75, 0x62, 0x73, 0x65, 0x74,
+	0x46, 0x61, 0x6c, 0x6c, 0x62, 0x61, 0x63, 0x6b, 0x50, 0x6f, 0x6c, 0x69, 0x63, 0x79, 0x42, 0x08,
+	0xfa, 0x42, 0x05, 0x82, 0x01, 0x02, 0x10, 0x01, 0x52, 0x0e, 0x66, 0x61, 0x6c, 0x6c, 0x62, 0x61,
+	0x63, 0x6b, 0x50, 0x6f, 0x6c, 0x69, 0x63, 0x79, 0x12, 0x3e, 0x0a, 0x0e, 0x64, 0x65, 0x66, 0x61,
+	0x75, 0x6c, 0x74, 0x5f, 0x73, 0x75, 0x62, 0x73, 0x65, 0x74, 0x18, 0x02, 0x20, 0x01, 0x28, 0x0b,
+	0x32, 0x17, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62,
+	0x75, 0x66, 0x2e, 0x53, 0x74, 0x72, 0x75, 0x63, 0x74, 0x52, 0x0d, 0x64, 0x65, 0x66, 0x61, 0x75,
+	0x6c, 0x74, 0x53, 0x75, 0x62, 0x73, 0x65, 0x74, 0x12, 0x6b, 0x0a, 0x10, 0x73, 0x75, 0x62, 0x73,
+	0x65, 0x74, 0x5f, 0x73, 0x65, 0x6c, 0x65, 0x63, 0x74, 0x6f, 0x72, 0x73, 0x18, 0x03, 0x20, 0x03,
+	0x28, 0x0b, 0x32, 0x40, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69,
+	0x67, 0x2e, 0x63, 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0x2e, 0x76, 0x33, 0x2e, 0x43, 0x6c, 0x75,
+	0x73, 0x74, 0x65, 0x72, 0x2e, 0x4c, 0x62, 0x53, 0x75, 0x62, 0x73, 0x65, 0x74, 0x43, 0x6f, 0x6e,
+	0x66, 0x69, 0x67, 0x2e, 0x4c, 0x62, 0x53, 0x75, 0x62, 0x73, 0x65, 0x74, 0x53, 0x65, 0x6c, 0x65,
+	0x63, 0x74, 0x6f, 0x72, 0x52, 0x0f, 0x73, 0x75, 0x62, 0x73, 0x65, 0x74, 0x53, 0x65, 0x6c, 0x65,
+	0x63, 0x74, 0x6f, 0x72, 0x73, 0x12, 0x32, 0x0a, 0x15, 0x6c, 0x6f, 0x63, 0x61, 0x6c, 0x69, 0x74,
+	0x79, 0x5f, 0x77, 0x65, 0x69, 0x67, 0x68, 0x74, 0x5f, 0x61, 0x77, 0x61, 0x72, 0x65, 0x18, 0x04,
+	0x20, 0x01, 0x28, 0x08, 0x52, 0x13, 0x6c, 0x6f, 0x63, 0x61, 0x6c, 0x69, 0x74, 0x79, 0x57, 0x65,
+	0x69, 0x67, 0x68, 0x74, 0x41, 0x77, 0x61, 0x72, 0x65, 0x12, 0x32, 0x0a, 0x15, 0x73, 0x63, 0x61,
+	0x6c, 0x65, 0x5f, 0x6c, 0x6f, 0x63, 0x61, 0x6c, 0x69, 0x74, 0x79, 0x5f, 0x77, 0x65, 0x69, 0x67,
+	0x68, 0x74, 0x18, 0x05, 0x20, 0x01, 0x28, 0x08, 0x52, 0x13, 0x73, 0x63, 0x61, 0x6c, 0x65, 0x4c,
+	0x6f, 0x63, 0x61, 0x6c, 0x69, 0x74, 0x79, 0x57, 0x65, 0x69, 0x67, 0x68, 0x74, 0x12, 0x24, 0x0a,
+	0x0e, 0x70, 0x61, 0x6e, 0x69, 0x63, 0x5f, 0x6d, 0x6f, 0x64, 0x65, 0x5f, 0x61, 0x6e, 0x79, 0x18,
+	0x06, 0x20, 0x01, 0x28, 0x08, 0x52, 0x0c, 0x70, 0x61, 0x6e, 0x69, 0x63, 0x4d, 0x6f, 0x64, 0x65,
+	0x41, 0x6e, 0x79, 0x12, 0x1e, 0x0a, 0x0b, 0x6c, 0x69, 0x73, 0x74, 0x5f, 0x61, 0x73, 0x5f, 0x61,
+	0x6e, 0x79, 0x18, 0x07, 0x20, 0x01, 0x28, 0x08, 0x52, 0x09, 0x6c, 0x69, 0x73, 0x74, 0x41, 0x73,
+	0x41, 0x6e, 0x79, 0x1a, 0xda, 0x03, 0x0a, 0x10, 0x4c, 0x62, 0x53, 0x75, 0x62, 0x73, 0x65, 0x74,
+	0x53, 0x65, 0x6c, 0x65, 0x63, 0x74, 0x6f, 0x72, 0x12, 0x12, 0x0a, 0x04, 0x6b, 0x65, 0x79, 0x73,
+	0x18, 0x01, 0x20, 0x03, 0x28, 0x09, 0x52, 0x04, 0x6b, 0x65, 0x79, 0x73, 0x12, 0x33, 0x0a, 0x16,
+	0x73, 0x69, 0x6e, 0x67, 0x6c, 0x65, 0x5f, 0x68, 0x6f, 0x73, 0x74, 0x5f, 0x70, 0x65, 0x72, 0x5f,
+	0x73, 0x75, 0x62, 0x73, 0x65, 0x74, 0x18, 0x04, 0x20, 0x01, 0x28, 0x08, 0x52, 0x13, 0x73, 0x69,
+	0x6e, 0x67, 0x6c, 0x65, 0x48, 0x6f, 0x73, 0x74, 0x50, 0x65, 0x72, 0x53, 0x75, 0x62, 0x73, 0x65,
+	0x74, 0x12, 0x92, 0x01, 0x0a, 0x0f, 0x66, 0x61, 0x6c, 0x6c, 0x62, 0x61, 0x63, 0x6b, 0x5f, 0x70,
+	0x6f, 0x6c, 0x69, 0x63, 0x79, 0x18, 0x02, 0x20, 0x01, 0x28, 0x0e, 0x32, 0x5f, 0x2e, 0x65, 0x6e,
+	0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x63, 0x6c, 0x75, 0x73, 0x74,
+	0x65, 0x72, 0x2e, 0x76, 0x33, 0x2e, 0x43, 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0x2e, 0x4c, 0x62,
+	0x53, 0x75, 0x62, 0x73, 0x65, 0x74, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x4c, 0x62, 0x53,
+	0x75, 0x62, 0x73, 0x65, 0x74, 0x53, 0x65, 0x6c, 0x65, 0x63, 0x74, 0x6f, 0x72, 0x2e, 0x4c, 0x62,
+	0x53, 0x75, 0x62, 0x73, 0x65, 0x74, 0x53, 0x65, 0x6c, 0x65, 0x63, 0x74, 0x6f, 0x72, 0x46, 0x61,
+	0x6c, 0x6c, 0x62, 0x61, 0x63, 0x6b, 0x50, 0x6f, 0x6c, 0x69, 0x63, 0x79, 0x42, 0x08, 0xfa, 0x42,
+	0x05, 0x82, 0x01, 0x02, 0x10, 0x01, 0x52, 0x0e, 0x66, 0x61, 0x6c, 0x6c, 0x62, 0x61, 0x63, 0x6b,
+	0x50, 0x6f, 0x6c, 0x69, 0x63, 0x79, 0x12, 0x30, 0x0a, 0x14, 0x66, 0x61, 0x6c, 0x6c, 0x62, 0x61,
+	0x63, 0x6b, 0x5f, 0x6b, 0x65, 0x79, 0x73, 0x5f, 0x73, 0x75, 0x62, 0x73, 0x65, 0x74, 0x18, 0x03,
+	0x20, 0x03, 0x28, 0x09, 0x52, 0x12, 0x66, 0x61, 0x6c, 0x6c, 0x62, 0x61, 0x63, 0x6b, 0x4b, 0x65,
+	0x79, 0x73, 0x53, 0x75, 0x62, 0x73, 0x65, 0x74, 0x22, 0x79, 0x0a, 0x1e, 0x4c, 0x62, 0x53, 0x75,
+	0x62, 0x73, 0x65, 0x74, 0x53, 0x65, 0x6c, 0x65, 0x63, 0x74, 0x6f, 0x72, 0x46, 0x61, 0x6c, 0x6c,
+	0x62, 0x61, 0x63, 0x6b, 0x50, 0x6f, 0x6c, 0x69, 0x63, 0x79, 0x12, 0x0f, 0x0a, 0x0b, 0x4e, 0x4f,
+	0x54, 0x5f, 0x44, 0x45, 0x46, 0x49, 0x4e, 0x45, 0x44, 0x10, 0x00, 0x12, 0x0f, 0x0a, 0x0b, 0x4e,
+	0x4f, 0x5f, 0x46, 0x41, 0x4c, 0x4c, 0x42, 0x41, 0x43, 0x4b, 0x10, 0x01, 0x12, 0x10, 0x0a, 0x0c,
+	0x41, 0x4e, 0x59, 0x5f, 0x45, 0x4e, 0x44, 0x50, 0x4f, 0x49, 0x4e, 0x54, 0x10, 0x02, 0x12, 0x12,
+	0x0a, 0x0e, 0x44, 0x45, 0x46, 0x41, 0x55, 0x4c, 0x54, 0x5f, 0x53, 0x55, 0x42, 0x53, 0x45, 0x54,
+	0x10, 0x03, 0x12, 0x0f, 0x0a, 0x0b, 0x4b, 0x45, 0x59, 0x53, 0x5f, 0x53, 0x55, 0x42, 0x53, 0x45,
+	0x54, 0x10, 0x04, 0x3a, 0x3b, 0x9a, 0xc5, 0x88, 0x1e, 0x36, 0x0a, 0x34, 0x65, 0x6e, 0x76, 0x6f,
+	0x79, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x76, 0x32, 0x2e, 0x43, 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72,
+	0x2e, 0x4c, 0x62, 0x53, 0x75, 0x62, 0x73, 0x65, 0x74, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e,
+	0x4c, 0x62, 0x53, 0x75, 0x62, 0x73, 0x65, 0x74, 0x53, 0x65, 0x6c, 0x65, 0x63, 0x74, 0x6f, 0x72,
+	0x22, 0x4f, 0x0a, 0x16, 0x4c, 0x62, 0x53, 0x75, 0x62, 0x73, 0x65, 0x74, 0x46, 0x61, 0x6c, 0x6c,
+	0x62, 0x61, 0x63, 0x6b, 0x50, 0x6f, 0x6c, 0x69, 0x63, 0x79, 0x12, 0x0f, 0x0a, 0x0b, 0x4e, 0x4f,
+	0x5f, 0x46, 0x41, 0x4c, 0x4c, 0x42, 0x41, 0x43, 0x4b, 0x10, 0x00, 0x12, 0x10, 0x0a, 0x0c, 0x41,
+	0x4e, 0x59, 0x5f, 0x45, 0x4e, 0x44, 0x50, 0x4f, 0x49, 0x4e, 0x54, 0x10, 0x01, 0x12, 0x12, 0x0a,
+	0x0e, 0x44, 0x45, 0x46, 0x41, 0x55, 0x4c, 0x54, 0x5f, 0x53, 0x55, 0x42, 0x53, 0x45, 0x54, 0x10,
+	0x02, 0x3a, 0x2a, 0x9a, 0xc5, 0x88, 0x1e, 0x25, 0x0a, 0x23, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e,
+	0x61, 0x70, 0x69, 0x2e, 0x76, 0x32, 0x2e, 0x43, 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0x2e, 0x4c,
+	0x62, 0x53, 0x75, 0x62, 0x73, 0x65, 0x74, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x1a, 0x9d, 0x01,
+	0x0a, 0x0f, 0x53, 0x6c, 0x6f, 0x77, 0x53, 0x74, 0x61, 0x72, 0x74, 0x43, 0x6f, 0x6e, 0x66, 0x69,
+	0x67, 0x12, 0x45, 0x0a, 0x11, 0x73, 0x6c, 0x6f, 0x77, 0x5f, 0x73, 0x74, 0x61, 0x72, 0x74, 0x5f,
+	0x77, 0x69, 0x6e, 0x64, 0x6f, 0x77, 0x18, 0x01, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x19, 0x2e, 0x67,
+	0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x44,
+	0x75, 0x72, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x52, 0x0f, 0x73, 0x6c, 0x6f, 0x77, 0x53, 0x74, 0x61,
+	0x72, 0x74, 0x57, 0x69, 0x6e, 0x64, 0x6f, 0x77, 0x12, 0x43, 0x0a, 0x0a, 0x61, 0x67, 0x67, 0x72,
+	0x65, 0x73, 0x73, 0x69, 0x6f, 0x6e, 0x18, 0x02, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x23, 0x2e, 0x65,
+	0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x63, 0x6f, 0x72, 0x65,
+	0x2e, 0x76, 0x33, 0x2e, 0x52, 0x75, 0x6e, 0x74, 0x69, 0x6d, 0x65, 0x44, 0x6f, 0x75, 0x62, 0x6c,
+	0x65, 0x52, 0x0a, 0x61, 0x67, 0x67, 0x72, 0x65, 0x73, 0x73, 0x69, 0x6f, 0x6e, 0x1a, 0x72, 0x0a,
+	0x12, 0x52, 0x6f, 0x75, 0x6e, 0x64, 0x52, 0x6f, 0x62, 0x69, 0x6e, 0x4c, 0x62, 0x43, 0x6f, 0x6e,
+	0x66, 0x69, 0x67, 0x12, 0x5c, 0x0a, 0x11, 0x73, 0x6c, 0x6f, 0x77, 0x5f, 0x73, 0x74, 0x61, 0x72,
+	0x74, 0x5f, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x18, 0x01, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x30,
+	0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x63, 0x6c,
+	0x75, 0x73, 0x74, 0x65, 0x72, 0x2e, 0x76, 0x33, 0x2e, 0x43, 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72,
+	0x2e, 0x53, 0x6c, 0x6f, 0x77, 0x53, 0x74, 0x61, 0x72, 0x74, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67,
+	0x52, 0x0f, 0x73, 0x6c, 0x6f, 0x77, 0x53, 0x74, 0x61, 0x72, 0x74, 0x43, 0x6f, 0x6e, 0x66, 0x69,
+	0x67, 0x1a, 0xc5, 0x02, 0x0a, 0x14, 0x4c, 0x65, 0x61, 0x73, 0x74, 0x52, 0x65, 0x71, 0x75, 0x65,
+	0x73, 0x74, 0x4c, 0x62, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x12, 0x48, 0x0a, 0x0c, 0x63, 0x68,
+	0x6f, 0x69, 0x63, 0x65, 0x5f, 0x63, 0x6f, 0x75, 0x6e, 0x74, 0x18, 0x01, 0x20, 0x01, 0x28, 0x0b,
+	0x32, 0x1c, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62,
+	0x75, 0x66, 0x2e, 0x55, 0x49, 0x6e, 0x74, 0x33, 0x32, 0x56, 0x61, 0x6c, 0x75, 0x65, 0x42, 0x07,
+	0xfa, 0x42, 0x04, 0x2a, 0x02, 0x28, 0x02, 0x52, 0x0b, 0x63, 0x68, 0x6f, 0x69, 0x63, 0x65, 0x43,
+	0x6f, 0x75, 0x6e, 0x74, 0x12, 0x53, 0x0a, 0x13, 0x61, 0x63, 0x74, 0x69, 0x76, 0x65, 0x5f, 0x72,
+	0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x5f, 0x62, 0x69, 0x61, 0x73, 0x18, 0x02, 0x20, 0x01, 0x28,
+	0x0b, 0x32, 0x23, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67,
+	0x2e, 0x63, 0x6f, 0x72, 0x65, 0x2e, 0x76, 0x33, 0x2e, 0x52, 0x75, 0x6e, 0x74, 0x69, 0x6d, 0x65,
+	0x44, 0x6f, 0x75, 0x62, 0x6c, 0x65, 0x52, 0x11, 0x61, 0x63, 0x74, 0x69, 0x76, 0x65, 0x52, 0x65,
+	0x71, 0x75, 0x65, 0x73, 0x74, 0x42, 0x69, 0x61, 0x73, 0x12, 0x5c, 0x0a, 0x11, 0x73, 0x6c, 0x6f,
+	0x77, 0x5f, 0x73, 0x74, 0x61, 0x72, 0x74, 0x5f, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x18, 0x03,
+	0x20, 0x01, 0x28, 0x0b, 0x32, 0x30, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e,
+	0x66, 0x69, 0x67, 0x2e, 0x63, 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0x2e, 0x76, 0x33, 0x2e, 0x43,
+	0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0x2e, 0x53, 0x6c, 0x6f, 0x77, 0x53, 0x74, 0x61, 0x72, 0x74,
+	0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x52, 0x0f, 0x73, 0x6c, 0x6f, 0x77, 0x53, 0x74, 0x61, 0x72,
+	0x74, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x3a, 0x30, 0x9a, 0xc5, 0x88, 0x1e, 0x2b, 0x0a, 0x29,
+	0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x76, 0x32, 0x2e, 0x43, 0x6c, 0x75,
+	0x73, 0x74, 0x65, 0x72, 0x2e, 0x4c, 0x65, 0x61, 0x73, 0x74, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73,
+	0x74, 0x4c, 0x62, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x1a, 0x91, 0x03, 0x0a, 0x10, 0x52, 0x69,
+	0x6e, 0x67, 0x48, 0x61, 0x73, 0x68, 0x4c, 0x62, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x12, 0x54,
+	0x0a, 0x11, 0x6d, 0x69, 0x6e, 0x69, 0x6d, 0x75, 0x6d, 0x5f, 0x72, 0x69, 0x6e, 0x67, 0x5f, 0x73,
+	0x69, 0x7a, 0x65, 0x18, 0x01, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1c, 0x2e, 0x67, 0x6f, 0x6f, 0x67,
+	0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x55, 0x49, 0x6e, 0x74,
+	0x36, 0x34, 0x56, 0x61, 0x6c, 0x75, 0x65, 0x42, 0x0a, 0xfa, 0x42, 0x07, 0x32, 0x05, 0x18, 0x80,
+	0x80, 0x80, 0x04, 0x52, 0x0f, 0x6d, 0x69, 0x6e, 0x69, 0x6d, 0x75, 0x6d, 0x52, 0x69, 0x6e, 0x67,
+	0x53, 0x69, 0x7a, 0x65, 0x12, 0x6d, 0x0a, 0x0d, 0x68, 0x61, 0x73, 0x68, 0x5f, 0x66, 0x75, 0x6e,
+	0x63, 0x74, 0x69, 0x6f, 0x6e, 0x18, 0x03, 0x20, 0x01, 0x28, 0x0e, 0x32, 0x3e, 0x2e, 0x65, 0x6e,
+	0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x63, 0x6c, 0x75, 0x73, 0x74,
+	0x65, 0x72, 0x2e, 0x76, 0x33, 0x2e, 0x43, 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0x2e, 0x52, 0x69,
+	0x6e, 0x67, 0x48, 0x61, 0x73, 0x68, 0x4c, 0x62, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x48,
+	0x61, 0x73, 0x68, 0x46, 0x75, 0x6e, 0x63, 0x74, 0x69, 0x6f, 0x6e, 0x42, 0x08, 0xfa, 0x42, 0x05,
+	0x82, 0x01, 0x02, 0x10, 0x01, 0x52, 0x0c, 0x68, 0x61, 0x73, 0x68, 0x46, 0x75, 0x6e, 0x63, 0x74,
+	0x69, 0x6f, 0x6e, 0x12, 0x54, 0x0a, 0x11, 0x6d, 0x61, 0x78, 0x69, 0x6d, 0x75, 0x6d, 0x5f, 0x72,
+	0x69, 0x6e, 0x67, 0x5f, 0x73, 0x69, 0x7a, 0x65, 0x18, 0x04, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1c,
+	0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66,
+	0x2e, 0x55, 0x49, 0x6e, 0x74, 0x36, 0x34, 0x56, 0x61, 0x6c, 0x75, 0x65, 0x42, 0x0a, 0xfa, 0x42,
+	0x07, 0x32, 0x05, 0x18, 0x80, 0x80, 0x80, 0x04, 0x52, 0x0f, 0x6d, 0x61, 0x78, 0x69, 0x6d, 0x75,
+	0x6d, 0x52, 0x69, 0x6e, 0x67, 0x53, 0x69, 0x7a, 0x65, 0x22, 0x2e, 0x0a, 0x0c, 0x48, 0x61, 0x73,
+	0x68, 0x46, 0x75, 0x6e, 0x63, 0x74, 0x69, 0x6f, 0x6e, 0x12, 0x0b, 0x0a, 0x07, 0x58, 0x58, 0x5f,
+	0x48, 0x41, 0x53, 0x48, 0x10, 0x00, 0x12, 0x11, 0x0a, 0x0d, 0x4d, 0x55, 0x52, 0x4d, 0x55, 0x52,
+	0x5f, 0x48, 0x41, 0x53, 0x48, 0x5f, 0x32, 0x10, 0x01, 0x3a, 0x2c, 0x9a, 0xc5, 0x88, 0x1e, 0x27,
+	0x0a, 0x25, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x76, 0x32, 0x2e, 0x43,
+	0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0x2e, 0x52, 0x69, 0x6e, 0x67, 0x48, 0x61, 0x73, 0x68, 0x4c,
+	0x62, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x4a, 0x04, 0x08, 0x02, 0x10, 0x03, 0x1a, 0x59, 0x0a,
+	0x0e, 0x4d, 0x61, 0x67, 0x6c, 0x65, 0x76, 0x4c, 0x62, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x12,
+	0x47, 0x0a, 0x0a, 0x74, 0x61, 0x62, 0x6c, 0x65, 0x5f, 0x73, 0x69, 0x7a, 0x65, 0x18, 0x01, 0x20,
+	0x01, 0x28, 0x0b, 0x32, 0x1c, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f,
+	0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x55, 0x49, 0x6e, 0x74, 0x36, 0x34, 0x56, 0x61, 0x6c, 0x75,
+	0x65, 0x42, 0x0a, 0xfa, 0x42, 0x07, 0x32, 0x05, 0x18, 0xcb, 0x96, 0xb1, 0x02, 0x52, 0x09, 0x74,
+	0x61, 0x62, 0x6c, 0x65, 0x53, 0x69, 0x7a, 0x65, 0x1a, 0x6e, 0x0a, 0x13, 0x4f, 0x72, 0x69, 0x67,
+	0x69, 0x6e, 0x61, 0x6c, 0x44, 0x73, 0x74, 0x4c, 0x62, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x12,
+	0x26, 0x0a, 0x0f, 0x75, 0x73, 0x65, 0x5f, 0x68, 0x74, 0x74, 0x70, 0x5f, 0x68, 0x65, 0x61, 0x64,
+	0x65, 0x72, 0x18, 0x01, 0x20, 0x01, 0x28, 0x08, 0x52, 0x0d, 0x75, 0x73, 0x65, 0x48, 0x74, 0x74,
+	0x70, 0x48, 0x65, 0x61, 0x64, 0x65, 0x72, 0x3a, 0x2f, 0x9a, 0xc5, 0x88, 0x1e, 0x2a, 0x0a, 0x28,
+	0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x76, 0x32, 0x2e, 0x43, 0x6c, 0x75,
+	0x73, 0x74, 0x65, 0x72, 0x2e, 0x4f, 0x72, 0x69, 0x67, 0x69, 0x6e, 0x61, 0x6c, 0x44, 0x73, 0x74,
+	0x4c, 0x62, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x1a, 0xfc, 0x0a, 0x0a, 0x0e, 0x43, 0x6f, 0x6d,
+	0x6d, 0x6f, 0x6e, 0x4c, 0x62, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x12, 0x4e, 0x0a, 0x17, 0x68,
+	0x65, 0x61, 0x6c, 0x74, 0x68, 0x79, 0x5f, 0x70, 0x61, 0x6e, 0x69, 0x63, 0x5f, 0x74, 0x68, 0x72,
+	0x65, 0x73, 0x68, 0x6f, 0x6c, 0x64, 0x18, 0x01, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x16, 0x2e, 0x65,
+	0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x74, 0x79, 0x70, 0x65, 0x2e, 0x76, 0x33, 0x2e, 0x50, 0x65, 0x72,
+	0x63, 0x65, 0x6e, 0x74, 0x52, 0x15, 0x68, 0x65, 0x61, 0x6c, 0x74, 0x68, 0x79, 0x50, 0x61, 0x6e,
+	0x69, 0x63, 0x54, 0x68, 0x72, 0x65, 0x73, 0x68, 0x6f, 0x6c, 0x64, 0x12, 0x74, 0x0a, 0x14, 0x7a,
+	0x6f, 0x6e, 0x65, 0x5f, 0x61, 0x77, 0x61, 0x72, 0x65, 0x5f, 0x6c, 0x62, 0x5f, 0x63, 0x6f, 0x6e,
+	0x66, 0x69, 0x67, 0x18, 0x02, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x41, 0x2e, 0x65, 0x6e, 0x76, 0x6f,
+	0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x63, 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72,
+	0x2e, 0x76, 0x33, 0x2e, 0x43, 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0x2e, 0x43, 0x6f, 0x6d, 0x6d,
+	0x6f, 0x6e, 0x4c, 0x62, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x5a, 0x6f, 0x6e, 0x65, 0x41,
+	0x77, 0x61, 0x72, 0x65, 0x4c, 0x62, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x48, 0x00, 0x52, 0x11,
+	0x7a, 0x6f, 0x6e, 0x65, 0x41, 0x77, 0x61, 0x72, 0x65, 0x4c, 0x62, 0x43, 0x6f, 0x6e, 0x66, 0x69,
+	0x67, 0x12, 0x89, 0x01, 0x0a, 0x1b, 0x6c, 0x6f, 0x63, 0x61, 0x6c, 0x69, 0x74, 0x79, 0x5f, 0x77,
+	0x65, 0x69, 0x67, 0x68, 0x74, 0x65, 0x64, 0x5f, 0x6c, 0x62, 0x5f, 0x63, 0x6f, 0x6e, 0x66, 0x69,
+	0x67, 0x18, 0x03, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x48, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e,
+	0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x63, 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0x2e, 0x76,
+	0x33, 0x2e, 0x43, 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0x2e, 0x43, 0x6f, 0x6d, 0x6d, 0x6f, 0x6e,
+	0x4c, 0x62, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x4c, 0x6f, 0x63, 0x61, 0x6c, 0x69, 0x74,
+	0x79, 0x57, 0x65, 0x69, 0x67, 0x68, 0x74, 0x65, 0x64, 0x4c, 0x62, 0x43, 0x6f, 0x6e, 0x66, 0x69,
+	0x67, 0x48, 0x00, 0x52, 0x18, 0x6c, 0x6f, 0x63, 0x61, 0x6c, 0x69, 0x74, 0x79, 0x57, 0x65, 0x69,
+	0x67, 0x68, 0x74, 0x65, 0x64, 0x4c, 0x62, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x12, 0x49, 0x0a,
+	0x13, 0x75, 0x70, 0x64, 0x61, 0x74, 0x65, 0x5f, 0x6d, 0x65, 0x72, 0x67, 0x65, 0x5f, 0x77, 0x69,
+	0x6e, 0x64, 0x6f, 0x77, 0x18, 0x04, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x19, 0x2e, 0x67, 0x6f, 0x6f,
+	0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x44, 0x75, 0x72,
+	0x61, 0x74, 0x69, 0x6f, 0x6e, 0x52, 0x11, 0x75, 0x70, 0x64, 0x61, 0x74, 0x65, 0x4d, 0x65, 0x72,
+	0x67, 0x65, 0x57, 0x69, 0x6e, 0x64, 0x6f, 0x77, 0x12, 0x43, 0x0a, 0x1f, 0x69, 0x67, 0x6e, 0x6f,
+	0x72, 0x65, 0x5f, 0x6e, 0x65, 0x77, 0x5f, 0x68, 0x6f, 0x73, 0x74, 0x73, 0x5f, 0x75, 0x6e, 0x74,
+	0x69, 0x6c, 0x5f, 0x66, 0x69, 0x72, 0x73, 0x74, 0x5f, 0x68, 0x63, 0x18, 0x05, 0x20, 0x01, 0x28,
+	0x08, 0x52, 0x1a, 0x69, 0x67, 0x6e, 0x6f, 0x72, 0x65, 0x4e, 0x65, 0x77, 0x48, 0x6f, 0x73, 0x74,
+	0x73, 0x55, 0x6e, 0x74, 0x69, 0x6c, 0x46, 0x69, 0x72, 0x73, 0x74, 0x48, 0x63, 0x12, 0x4d, 0x0a,
+	0x24, 0x63, 0x6c, 0x6f, 0x73, 0x65, 0x5f, 0x63, 0x6f, 0x6e, 0x6e, 0x65, 0x63, 0x74, 0x69, 0x6f,
+	0x6e, 0x73, 0x5f, 0x6f, 0x6e, 0x5f, 0x68, 0x6f, 0x73, 0x74, 0x5f, 0x73, 0x65, 0x74, 0x5f, 0x63,
+	0x68, 0x61, 0x6e, 0x67, 0x65, 0x18, 0x06, 0x20, 0x01, 0x28, 0x08, 0x52, 0x1f, 0x63, 0x6c, 0x6f,
+	0x73, 0x65, 0x43, 0x6f, 0x6e, 0x6e, 0x65, 0x63, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x4f, 0x6e, 0x48,
+	0x6f, 0x73, 0x74, 0x53, 0x65, 0x74, 0x43, 0x68, 0x61, 0x6e, 0x67, 0x65, 0x12, 0x8a, 0x01, 0x0a,
+	0x1c, 0x63, 0x6f, 0x6e, 0x73, 0x69, 0x73, 0x74, 0x65, 0x6e, 0x74, 0x5f, 0x68, 0x61, 0x73, 0x68,
+	0x69, 0x6e, 0x67, 0x5f, 0x6c, 0x62, 0x5f, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x18, 0x07, 0x20,
+	0x01, 0x28, 0x0b, 0x32, 0x49, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66,
+	0x69, 0x67, 0x2e, 0x63, 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0x2e, 0x76, 0x33, 0x2e, 0x43, 0x6c,
+	0x75, 0x73, 0x74, 0x65, 0x72, 0x2e, 0x43, 0x6f, 0x6d, 0x6d, 0x6f, 0x6e, 0x4c, 0x62, 0x43, 0x6f,
+	0x6e, 0x66, 0x69, 0x67, 0x2e, 0x43, 0x6f, 0x6e, 0x73, 0x69, 0x73, 0x74, 0x65, 0x6e, 0x74, 0x48,
+	0x61, 0x73, 0x68, 0x69, 0x6e, 0x67, 0x4c, 0x62, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x52, 0x19,
+	0x63, 0x6f, 0x6e, 0x73, 0x69, 0x73, 0x74, 0x65, 0x6e, 0x74, 0x48, 0x61, 0x73, 0x68, 0x69, 0x6e,
+	0x67, 0x4c, 0x62, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x1a, 0x8d, 0x02, 0x0a, 0x11, 0x5a, 0x6f,
+	0x6e, 0x65, 0x41, 0x77, 0x61, 0x72, 0x65, 0x4c, 0x62, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x12,
+	0x3f, 0x0a, 0x0f, 0x72, 0x6f, 0x75, 0x74, 0x69, 0x6e, 0x67, 0x5f, 0x65, 0x6e, 0x61, 0x62, 0x6c,
+	0x65, 0x64, 0x18, 0x01, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x16, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79,
+	0x2e, 0x74, 0x79, 0x70, 0x65, 0x2e, 0x76, 0x33, 0x2e, 0x50, 0x65, 0x72, 0x63, 0x65, 0x6e, 0x74,
+	0x52, 0x0e, 0x72, 0x6f, 0x75, 0x74, 0x69, 0x6e, 0x67, 0x45, 0x6e, 0x61, 0x62, 0x6c, 0x65, 0x64,
+	0x12, 0x46, 0x0a, 0x10, 0x6d, 0x69, 0x6e, 0x5f, 0x63, 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0x5f,
+	0x73, 0x69, 0x7a, 0x65, 0x18, 0x02, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1c, 0x2e, 0x67, 0x6f, 0x6f,
+	0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x55, 0x49, 0x6e,
+	0x74, 0x36, 0x34, 0x56, 0x61, 0x6c, 0x75, 0x65, 0x52, 0x0e, 0x6d, 0x69, 0x6e, 0x43, 0x6c, 0x75,
+	0x73, 0x74, 0x65, 0x72, 0x53, 0x69, 0x7a, 0x65, 0x12, 0x31, 0x0a, 0x15, 0x66, 0x61, 0x69, 0x6c,
+	0x5f, 0x74, 0x72, 0x61, 0x66, 0x66, 0x69, 0x63, 0x5f, 0x6f, 0x6e, 0x5f, 0x70, 0x61, 0x6e, 0x69,
+	0x63, 0x18, 0x03, 0x20, 0x01, 0x28, 0x08, 0x52, 0x12, 0x66, 0x61, 0x69, 0x6c, 0x54, 0x72, 0x61,
+	0x66, 0x66, 0x69, 0x63, 0x4f, 0x6e, 0x50, 0x61, 0x6e, 0x69, 0x63, 0x3a, 0x3c, 0x9a, 0xc5, 0x88,
+	0x1e, 0x37, 0x0a, 0x35, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x76, 0x32,
+	0x2e, 0x43, 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0x2e, 0x43, 0x6f, 0x6d, 0x6d, 0x6f, 0x6e, 0x4c,
+	0x62, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x5a, 0x6f, 0x6e, 0x65, 0x41, 0x77, 0x61, 0x72,
+	0x65, 0x4c, 0x62, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x1a, 0x5f, 0x0a, 0x18, 0x4c, 0x6f, 0x63,
+	0x61, 0x6c, 0x69, 0x74, 0x79, 0x57, 0x65, 0x69, 0x67, 0x68, 0x74, 0x65, 0x64, 0x4c, 0x62, 0x43,
+	0x6f, 0x6e, 0x66, 0x69, 0x67, 0x3a, 0x43, 0x9a, 0xc5, 0x88, 0x1e, 0x3e, 0x0a, 0x3c, 0x65, 0x6e,
+	0x76, 0x6f, 0x79, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x76, 0x32, 0x2e, 0x43, 0x6c, 0x75, 0x73, 0x74,
+	0x65, 0x72, 0x2e, 0x43, 0x6f, 0x6d, 0x6d, 0x6f, 0x6e, 0x4c, 0x62, 0x43, 0x6f, 0x6e, 0x66, 0x69,
+	0x67, 0x2e, 0x4c, 0x6f, 0x63, 0x61, 0x6c, 0x69, 0x74, 0x79, 0x57, 0x65, 0x69, 0x67, 0x68, 0x74,
+	0x65, 0x64, 0x4c, 0x62, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x1a, 0xf1, 0x01, 0x0a, 0x19, 0x43,
+	0x6f, 0x6e, 0x73, 0x69, 0x73, 0x74, 0x65, 0x6e, 0x74, 0x48, 0x61, 0x73, 0x68, 0x69, 0x6e, 0x67,
+	0x4c, 0x62, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x12, 0x37, 0x0a, 0x18, 0x75, 0x73, 0x65, 0x5f,
+	0x68, 0x6f, 0x73, 0x74, 0x6e, 0x61, 0x6d, 0x65, 0x5f, 0x66, 0x6f, 0x72, 0x5f, 0x68, 0x61, 0x73,
+	0x68, 0x69, 0x6e, 0x67, 0x18, 0x01, 0x20, 0x01, 0x28, 0x08, 0x52, 0x15, 0x75, 0x73, 0x65, 0x48,
+	0x6f, 0x73, 0x74, 0x6e, 0x61, 0x6d, 0x65, 0x46, 0x6f, 0x72, 0x48, 0x61, 0x73, 0x68, 0x69, 0x6e,
+	0x67, 0x12, 0x55, 0x0a, 0x13, 0x68, 0x61, 0x73, 0x68, 0x5f, 0x62, 0x61, 0x6c, 0x61, 0x6e, 0x63,
+	0x65, 0x5f, 0x66, 0x61, 0x63, 0x74, 0x6f, 0x72, 0x18, 0x02, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1c,
+	0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66,
+	0x2e, 0x55, 0x49, 0x6e, 0x74, 0x33, 0x32, 0x56, 0x61, 0x6c, 0x75, 0x65, 0x42, 0x07, 0xfa, 0x42,
+	0x04, 0x2a, 0x02, 0x28, 0x64, 0x52, 0x11, 0x68, 0x61, 0x73, 0x68, 0x42, 0x61, 0x6c, 0x61, 0x6e,
+	0x63, 0x65, 0x46, 0x61, 0x63, 0x74, 0x6f, 0x72, 0x3a, 0x44, 0x9a, 0xc5, 0x88, 0x1e, 0x3f, 0x0a,
+	0x3d, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x76, 0x32, 0x2e, 0x43, 0x6c,
+	0x75, 0x73, 0x74, 0x65, 0x72, 0x2e, 0x43, 0x6f, 0x6d, 0x6d, 0x6f, 0x6e, 0x4c, 0x62, 0x43, 0x6f,
+	0x6e, 0x66, 0x69, 0x67, 0x2e, 0x43, 0x6f, 0x6e, 0x73, 0x69, 0x73, 0x74, 0x65, 0x6e, 0x74, 0x48,
+	0x61, 0x73, 0x68, 0x69, 0x6e, 0x67, 0x4c, 0x62, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x3a, 0x2a,
+	0x9a, 0xc5, 0x88, 0x1e, 0x25, 0x0a, 0x23, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61, 0x70, 0x69,
+	0x2e, 0x76, 0x32, 0x2e, 0x43, 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0x2e, 0x43, 0x6f, 0x6d, 0x6d,
+	0x6f, 0x6e, 0x4c, 0x62, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x42, 0x1b, 0x0a, 0x19, 0x6c, 0x6f,
+	0x63, 0x61, 0x6c, 0x69, 0x74, 0x79, 0x5f, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x5f, 0x73, 0x70,
+	0x65, 0x63, 0x69, 0x66, 0x69, 0x65, 0x72, 0x1a, 0xd2, 0x01, 0x0a, 0x0b, 0x52, 0x65, 0x66, 0x72,
+	0x65, 0x73, 0x68, 0x52, 0x61, 0x74, 0x65, 0x12, 0x4e, 0x0a, 0x0d, 0x62, 0x61, 0x73, 0x65, 0x5f,
+	0x69, 0x6e, 0x74, 0x65, 0x72, 0x76, 0x61, 0x6c, 0x18, 0x01, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x19,
+	0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66,
+	0x2e, 0x44, 0x75, 0x72, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x42, 0x0e, 0xfa, 0x42, 0x0b, 0xaa, 0x01,
+	0x08, 0x08, 0x01, 0x2a, 0x04, 0x10, 0xc0, 0x84, 0x3d, 0x52, 0x0c, 0x62, 0x61, 0x73, 0x65, 0x49,
+	0x6e, 0x74, 0x65, 0x72, 0x76, 0x61, 0x6c, 0x12, 0x4a, 0x0a, 0x0c, 0x6d, 0x61, 0x78, 0x5f, 0x69,
+	0x6e, 0x74, 0x65, 0x72, 0x76, 0x61, 0x6c, 0x18, 0x02, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x19, 0x2e,
+	0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e,
+	0x44, 0x75, 0x72, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x42, 0x0c, 0xfa, 0x42, 0x09, 0xaa, 0x01, 0x06,
+	0x2a, 0x04, 0x10, 0xc0, 0x84, 0x3d, 0x52, 0x0b, 0x6d, 0x61, 0x78, 0x49, 0x6e, 0x74, 0x65, 0x72,
+	0x76, 0x61, 0x6c, 0x3a, 0x27, 0x9a, 0xc5, 0x88, 0x1e, 0x22, 0x0a, 0x20, 0x65, 0x6e, 0x76, 0x6f,
+	0x79, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x76, 0x32, 0x2e, 0x43, 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72,
+	0x2e, 0x52, 0x65, 0x66, 0x72, 0x65, 0x73, 0x68, 0x52, 0x61, 0x74, 0x65, 0x1a, 0x83, 0x02, 0x0a,
+	0x10, 0x50, 0x72, 0x65, 0x63, 0x6f, 0x6e, 0x6e, 0x65, 0x63, 0x74, 0x50, 0x6f, 0x6c, 0x69, 0x63,
+	0x79, 0x12, 0x78, 0x0a, 0x1d, 0x70, 0x65, 0x72, 0x5f, 0x75, 0x70, 0x73, 0x74, 0x72, 0x65, 0x61,
+	0x6d, 0x5f, 0x70, 0x72, 0x65, 0x63, 0x6f, 0x6e, 0x6e, 0x65, 0x63, 0x74, 0x5f, 0x72, 0x61, 0x74,
+	0x69, 0x6f, 0x18, 0x01, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1c, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c,
+	0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x44, 0x6f, 0x75, 0x62, 0x6c,
+	0x65, 0x56, 0x61, 0x6c, 0x75, 0x65, 0x42, 0x17, 0xfa, 0x42, 0x14, 0x12, 0x12, 0x19, 0x00, 0x00,
+	0x00, 0x00, 0x00, 0x00, 0x08, 0x40, 0x29, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0xf0, 0x3f, 0x52,
+	0x1a, 0x70, 0x65, 0x72, 0x55, 0x70, 0x73, 0x74, 0x72, 0x65, 0x61, 0x6d, 0x50, 0x72, 0x65, 0x63,
+	0x6f, 0x6e, 0x6e, 0x65, 0x63, 0x74, 0x52, 0x61, 0x74, 0x69, 0x6f, 0x12, 0x75, 0x0a, 0x1b, 0x70,
+	0x72, 0x65, 0x64, 0x69, 0x63, 0x74, 0x69, 0x76, 0x65, 0x5f, 0x70, 0x72, 0x65, 0x63, 0x6f, 0x6e,
+	0x6e, 0x65, 0x63, 0x74, 0x5f, 0x72, 0x61, 0x74, 0x69, 0x6f, 0x18, 0x02, 0x20, 0x01, 0x28, 0x0b,
+	0x32, 0x1c, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62,
+	0x75, 0x66, 0x2e, 0x44, 0x6f, 0x75, 0x62, 0x6c, 0x65, 0x56, 0x61, 0x6c, 0x75, 0x65, 0x42, 0x17,
+	0xfa, 0x42, 0x14, 0x12, 0x12, 0x19, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x08, 0x40, 0x29, 0x00,
+	0x00, 0x00, 0x00, 0x00, 0x00, 0xf0, 0x3f, 0x52, 0x19, 0x70, 0x72, 0x65, 0x64, 0x69, 0x63, 0x74,
+	0x69, 0x76, 0x65, 0x50, 0x72, 0x65, 0x63, 0x6f, 0x6e, 0x6e, 0x65, 0x63, 0x74, 0x52, 0x61, 0x74,
+	0x69, 0x6f, 0x1a, 0x66, 0x0a, 0x22, 0x54, 0x79, 0x70, 0x65, 0x64, 0x45, 0x78, 0x74, 0x65, 0x6e,
+	0x73, 0x69, 0x6f, 0x6e, 0x50, 0x72, 0x6f, 0x74, 0x6f, 0x63, 0x6f, 0x6c, 0x4f, 0x70, 0x74, 0x69,
+	0x6f, 0x6e, 0x73, 0x45, 0x6e, 0x74, 0x72, 0x79, 0x12, 0x10, 0x0a, 0x03, 0x6b, 0x65, 0x79, 0x18,
+	0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x03, 0x6b, 0x65, 0x79, 0x12, 0x2a, 0x0a, 0x05, 0x76, 0x61,
+	0x6c, 0x75, 0x65, 0x18, 0x02, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x14, 0x2e, 0x67, 0x6f, 0x6f, 0x67,
+	0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x41, 0x6e, 0x79, 0x52,
+	0x05, 0x76, 0x61, 0x6c, 0x75, 0x65, 0x3a, 0x02, 0x38, 0x01, 0x22, 0x57, 0x0a, 0x0d, 0x44, 0x69,
+	0x73, 0x63, 0x6f, 0x76, 0x65, 0x72, 0x79, 0x54, 0x79, 0x70, 0x65, 0x12, 0x0a, 0x0a, 0x06, 0x53,
+	0x54, 0x41, 0x54, 0x49, 0x43, 0x10, 0x00, 0x12, 0x0e, 0x0a, 0x0a, 0x53, 0x54, 0x52, 0x49, 0x43,
+	0x54, 0x5f, 0x44, 0x4e, 0x53, 0x10, 0x01, 0x12, 0x0f, 0x0a, 0x0b, 0x4c, 0x4f, 0x47, 0x49, 0x43,
+	0x41, 0x4c, 0x5f, 0x44, 0x4e, 0x53, 0x10, 0x02, 0x12, 0x07, 0x0a, 0x03, 0x45, 0x44, 0x53, 0x10,
+	0x03, 0x12, 0x10, 0x0a, 0x0c, 0x4f, 0x52, 0x49, 0x47, 0x49, 0x4e, 0x41, 0x4c, 0x5f, 0x44, 0x53,
+	0x54, 0x10, 0x04, 0x22, 0xa4, 0x01, 0x0a, 0x08, 0x4c, 0x62, 0x50, 0x6f, 0x6c, 0x69, 0x63, 0x79,
+	0x12, 0x0f, 0x0a, 0x0b, 0x52, 0x4f, 0x55, 0x4e, 0x44, 0x5f, 0x52, 0x4f, 0x42, 0x49, 0x4e, 0x10,
+	0x00, 0x12, 0x11, 0x0a, 0x0d, 0x4c, 0x45, 0x41, 0x53, 0x54, 0x5f, 0x52, 0x45, 0x51, 0x55, 0x45,
+	0x53, 0x54, 0x10, 0x01, 0x12, 0x0d, 0x0a, 0x09, 0x52, 0x49, 0x4e, 0x47, 0x5f, 0x48, 0x41, 0x53,
+	0x48, 0x10, 0x02, 0x12, 0x0a, 0x0a, 0x06, 0x52, 0x41, 0x4e, 0x44, 0x4f, 0x4d, 0x10, 0x03, 0x12,
+	0x0a, 0x0a, 0x06, 0x4d, 0x41, 0x47, 0x4c, 0x45, 0x56, 0x10, 0x05, 0x12, 0x14, 0x0a, 0x10, 0x43,
+	0x4c, 0x55, 0x53, 0x54, 0x45, 0x52, 0x5f, 0x50, 0x52, 0x4f, 0x56, 0x49, 0x44, 0x45, 0x44, 0x10,
+	0x06, 0x12, 0x20, 0x0a, 0x1c, 0x4c, 0x4f, 0x41, 0x44, 0x5f, 0x42, 0x41, 0x4c, 0x41, 0x4e, 0x43,
+	0x49, 0x4e, 0x47, 0x5f, 0x50, 0x4f, 0x4c, 0x49, 0x43, 0x59, 0x5f, 0x43, 0x4f, 0x4e, 0x46, 0x49,
+	0x47, 0x10, 0x07, 0x22, 0x04, 0x08, 0x04, 0x10, 0x04, 0x2a, 0x0f, 0x4f, 0x52, 0x49, 0x47, 0x49,
+	0x4e, 0x41, 0x4c, 0x5f, 0x44, 0x53, 0x54, 0x5f, 0x4c, 0x42, 0x22, 0x50, 0x0a, 0x0f, 0x44, 0x6e,
+	0x73, 0x4c, 0x6f, 0x6f, 0x6b, 0x75, 0x70, 0x46, 0x61, 0x6d, 0x69, 0x6c, 0x79, 0x12, 0x08, 0x0a,
+	0x04, 0x41, 0x55, 0x54, 0x4f, 0x10, 0x00, 0x12, 0x0b, 0x0a, 0x07, 0x56, 0x34, 0x5f, 0x4f, 0x4e,
+	0x4c, 0x59, 0x10, 0x01, 0x12, 0x0b, 0x0a, 0x07, 0x56, 0x36, 0x5f, 0x4f, 0x4e, 0x4c, 0x59, 0x10,
+	0x02, 0x12, 0x10, 0x0a, 0x0c, 0x56, 0x34, 0x5f, 0x50, 0x52, 0x45, 0x46, 0x45, 0x52, 0x52, 0x45,
+	0x44, 0x10, 0x03, 0x12, 0x07, 0x0a, 0x03, 0x41, 0x4c, 0x4c, 0x10, 0x04, 0x22, 0x54, 0x0a, 0x18,
+	0x43, 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0x50, 0x72, 0x6f, 0x74, 0x6f, 0x63, 0x6f, 0x6c, 0x53,
+	0x65, 0x6c, 0x65, 0x63, 0x74, 0x69, 0x6f, 0x6e, 0x12, 0x1b, 0x0a, 0x17, 0x55, 0x53, 0x45, 0x5f,
+	0x43, 0x4f, 0x4e, 0x46, 0x49, 0x47, 0x55, 0x52, 0x45, 0x44, 0x5f, 0x50, 0x52, 0x4f, 0x54, 0x4f,
+	0x43, 0x4f, 0x4c, 0x10, 0x00, 0x12, 0x1b, 0x0a, 0x17, 0x55, 0x53, 0x45, 0x5f, 0x44, 0x4f, 0x57,
+	0x4e, 0x53, 0x54, 0x52, 0x45, 0x41, 0x4d, 0x5f, 0x50, 0x52, 0x4f, 0x54, 0x4f, 0x43, 0x4f, 0x4c,
+	0x10, 0x01, 0x3a, 0x1b, 0x9a, 0xc5, 0x88, 0x1e, 0x16, 0x0a, 0x14, 0x65, 0x6e, 0x76, 0x6f, 0x79,
+	0x2e, 0x61, 0x70, 0x69, 0x2e, 0x76, 0x32, 0x2e, 0x43, 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0x42,
+	0x18, 0x0a, 0x16, 0x63, 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0x5f, 0x64, 0x69, 0x73, 0x63, 0x6f,
+	0x76, 0x65, 0x72, 0x79, 0x5f, 0x74, 0x79, 0x70, 0x65, 0x42, 0x0b, 0x0a, 0x09, 0x6c, 0x62, 0x5f,
+	0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x4a, 0x04, 0x08, 0x0c, 0x10, 0x0d, 0x4a, 0x04, 0x08, 0x0f,
+	0x10, 0x10, 0x4a, 0x04, 0x08, 0x07, 0x10, 0x08, 0x4a, 0x04, 0x08, 0x0b, 0x10, 0x0c, 0x4a, 0x04,
+	0x08, 0x23, 0x10, 0x24, 0x52, 0x05, 0x68, 0x6f, 0x73, 0x74, 0x73, 0x52, 0x0b, 0x74, 0x6c, 0x73,
+	0x5f, 0x63, 0x6f, 0x6e, 0x74, 0x65, 0x78, 0x74, 0x52, 0x1a, 0x65, 0x78, 0x74, 0x65, 0x6e, 0x73,
+	0x69, 0x6f, 0x6e, 0x5f, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x63, 0x6f, 0x6c, 0x5f, 0x6f, 0x70, 0x74,
+	0x69, 0x6f, 0x6e, 0x73, 0x22, 0xda, 0x02, 0x0a, 0x13, 0x4c, 0x6f, 0x61, 0x64, 0x42, 0x61, 0x6c,
+	0x61, 0x6e, 0x63, 0x69, 0x6e, 0x67, 0x50, 0x6f, 0x6c, 0x69, 0x63, 0x79, 0x12, 0x4f, 0x0a, 0x08,
+	0x70, 0x6f, 0x6c, 0x69, 0x63, 0x69, 0x65, 0x73, 0x18, 0x01, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x33,
+	0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x63, 0x6c,
+	0x75, 0x73, 0x74, 0x65, 0x72, 0x2e, 0x76, 0x33, 0x2e, 0x4c, 0x6f, 0x61, 0x64, 0x42, 0x61, 0x6c,
+	0x61, 0x6e, 0x63, 0x69, 0x6e, 0x67, 0x50, 0x6f, 0x6c, 0x69, 0x63, 0x79, 0x2e, 0x50, 0x6f, 0x6c,
+	0x69, 0x63, 0x79, 0x52, 0x08, 0x70, 0x6f, 0x6c, 0x69, 0x63, 0x69, 0x65, 0x73, 0x1a, 0xc8, 0x01,
+	0x0a, 0x06, 0x50, 0x6f, 0x6c, 0x69, 0x63, 0x79, 0x12, 0x60, 0x0a, 0x16, 0x74, 0x79, 0x70, 0x65,
+	0x64, 0x5f, 0x65, 0x78, 0x74, 0x65, 0x6e, 0x73, 0x69, 0x6f, 0x6e, 0x5f, 0x63, 0x6f, 0x6e, 0x66,
+	0x69, 0x67, 0x18, 0x04, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x2a, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79,
+	0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x63, 0x6f, 0x72, 0x65, 0x2e, 0x76, 0x33, 0x2e,
+	0x54, 0x79, 0x70, 0x65, 0x64, 0x45, 0x78, 0x74, 0x65, 0x6e, 0x73, 0x69, 0x6f, 0x6e, 0x43, 0x6f,
+	0x6e, 0x66, 0x69, 0x67, 0x52, 0x14, 0x74, 0x79, 0x70, 0x65, 0x64, 0x45, 0x78, 0x74, 0x65, 0x6e,
+	0x73, 0x69, 0x6f, 0x6e, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x3a, 0x2e, 0x9a, 0xc5, 0x88, 0x1e,
+	0x29, 0x0a, 0x27, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x76, 0x32, 0x2e,
+	0x4c, 0x6f, 0x61, 0x64, 0x42, 0x61, 0x6c, 0x61, 0x6e, 0x63, 0x69, 0x6e, 0x67, 0x50, 0x6f, 0x6c,
+	0x69, 0x63, 0x79, 0x2e, 0x50, 0x6f, 0x6c, 0x69, 0x63, 0x79, 0x4a, 0x04, 0x08, 0x02, 0x10, 0x03,
+	0x4a, 0x04, 0x08, 0x01, 0x10, 0x02, 0x4a, 0x04, 0x08, 0x03, 0x10, 0x04, 0x52, 0x06, 0x63, 0x6f,
+	0x6e, 0x66, 0x69, 0x67, 0x52, 0x04, 0x6e, 0x61, 0x6d, 0x65, 0x52, 0x0c, 0x74, 0x79, 0x70, 0x65,
+	0x64, 0x5f, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x3a, 0x27, 0x9a, 0xc5, 0x88, 0x1e, 0x22, 0x0a,
+	0x20, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x76, 0x32, 0x2e, 0x4c, 0x6f,
+	0x61, 0x64, 0x42, 0x61, 0x6c, 0x61, 0x6e, 0x63, 0x69, 0x6e, 0x67, 0x50, 0x6f, 0x6c, 0x69, 0x63,
+	0x79, 0x22, 0x82, 0x01, 0x0a, 0x12, 0x55, 0x70, 0x73, 0x74, 0x72, 0x65, 0x61, 0x6d, 0x42, 0x69,
+	0x6e, 0x64, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x12, 0x44, 0x0a, 0x0e, 0x73, 0x6f, 0x75, 0x72,
+	0x63, 0x65, 0x5f, 0x61, 0x64, 0x64, 0x72, 0x65, 0x73, 0x73, 0x18, 0x01, 0x20, 0x01, 0x28, 0x0b,
+	0x32, 0x1d, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e,
+	0x63, 0x6f, 0x72, 0x65, 0x2e, 0x76, 0x33, 0x2e, 0x41, 0x64, 0x64, 0x72, 0x65, 0x73, 0x73, 0x52,
+	0x0d, 0x73, 0x6f, 0x75, 0x72, 0x63, 0x65, 0x41, 0x64, 0x64, 0x72, 0x65, 0x73, 0x73, 0x3a, 0x26,
+	0x9a, 0xc5, 0x88, 0x1e, 0x21, 0x0a, 0x1f, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61, 0x70, 0x69,
+	0x2e, 0x76, 0x32, 0x2e, 0x55, 0x70, 0x73, 0x74, 0x72, 0x65, 0x61, 0x6d, 0x42, 0x69, 0x6e, 0x64,
+	0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x22, 0x93, 0x01, 0x0a, 0x19, 0x55, 0x70, 0x73, 0x74, 0x72,
+	0x65, 0x61, 0x6d, 0x43, 0x6f, 0x6e, 0x6e, 0x65, 0x63, 0x74, 0x69, 0x6f, 0x6e, 0x4f, 0x70, 0x74,
+	0x69, 0x6f, 0x6e, 0x73, 0x12, 0x47, 0x0a, 0x0d, 0x74, 0x63, 0x70, 0x5f, 0x6b, 0x65, 0x65, 0x70,
+	0x61, 0x6c, 0x69, 0x76, 0x65, 0x18, 0x01, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x22, 0x2e, 0x65, 0x6e,
+	0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x63, 0x6f, 0x72, 0x65, 0x2e,
+	0x76, 0x33, 0x2e, 0x54, 0x63, 0x70, 0x4b, 0x65, 0x65, 0x70, 0x61, 0x6c, 0x69, 0x76, 0x65, 0x52,
+	0x0c, 0x74, 0x63, 0x70, 0x4b, 0x65, 0x65, 0x70, 0x61, 0x6c, 0x69, 0x76, 0x65, 0x3a, 0x2d, 0x9a,
+	0xc5, 0x88, 0x1e, 0x28, 0x0a, 0x26, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61, 0x70, 0x69, 0x2e,
+	0x76, 0x32, 0x2e, 0x55, 0x70, 0x73, 0x74, 0x72, 0x65, 0x61, 0x6d, 0x43, 0x6f, 0x6e, 0x6e, 0x65,
+	0x63, 0x74, 0x69, 0x6f, 0x6e, 0x4f, 0x70, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x22, 0x72, 0x0a, 0x11,
+	0x54, 0x72, 0x61, 0x63, 0x6b, 0x43, 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0x53, 0x74, 0x61, 0x74,
+	0x73, 0x12, 0x27, 0x0a, 0x0f, 0x74, 0x69, 0x6d, 0x65, 0x6f, 0x75, 0x74, 0x5f, 0x62, 0x75, 0x64,
+	0x67, 0x65, 0x74, 0x73, 0x18, 0x01, 0x20, 0x01, 0x28, 0x08, 0x52, 0x0e, 0x74, 0x69, 0x6d, 0x65,
+	0x6f, 0x75, 0x74, 0x42, 0x75, 0x64, 0x67, 0x65, 0x74, 0x73, 0x12, 0x34, 0x0a, 0x16, 0x72, 0x65,
+	0x71, 0x75, 0x65, 0x73, 0x74, 0x5f, 0x72, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x5f, 0x73,
+	0x69, 0x7a, 0x65, 0x73, 0x18, 0x02, 0x20, 0x01, 0x28, 0x08, 0x52, 0x14, 0x72, 0x65, 0x71, 0x75,
+	0x65, 0x73, 0x74, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x53, 0x69, 0x7a, 0x65, 0x73,
+	0x42, 0x3f, 0x0a, 0x25, 0x69, 0x6f, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x70, 0x72, 0x6f, 0x78,
+	0x79, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x63,
+	0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0x2e, 0x76, 0x33, 0x42, 0x0c, 0x43, 0x6c, 0x75, 0x73, 0x74,
+	0x65, 0x72, 0x50, 0x72, 0x6f, 0x74, 0x6f, 0x50, 0x01, 0xba, 0x80, 0xc8, 0xd1, 0x06, 0x02, 0x10,
+	0x02, 0x62, 0x06, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x33,
+}
+
+var (
+	file_envoy_config_cluster_v3_cluster_proto_rawDescOnce sync.Once
+	file_envoy_config_cluster_v3_cluster_proto_rawDescData = file_envoy_config_cluster_v3_cluster_proto_rawDesc
+)
+
+func file_envoy_config_cluster_v3_cluster_proto_rawDescGZIP() []byte {
+	file_envoy_config_cluster_v3_cluster_proto_rawDescOnce.Do(func() {
+		file_envoy_config_cluster_v3_cluster_proto_rawDescData = protoimpl.X.CompressGZIP(file_envoy_config_cluster_v3_cluster_proto_rawDescData)
+	})
+	return file_envoy_config_cluster_v3_cluster_proto_rawDescData
+}
+
+var file_envoy_config_cluster_v3_cluster_proto_enumTypes = make([]protoimpl.EnumInfo, 7)
+var file_envoy_config_cluster_v3_cluster_proto_msgTypes = make([]protoimpl.MessageInfo, 25)
+var file_envoy_config_cluster_v3_cluster_proto_goTypes = []interface{}{
+	(Cluster_DiscoveryType)(0),                                                  // 0: envoy.config.cluster.v3.Cluster.DiscoveryType
+	(Cluster_LbPolicy)(0),                                                       // 1: envoy.config.cluster.v3.Cluster.LbPolicy
+	(Cluster_DnsLookupFamily)(0),                                                // 2: envoy.config.cluster.v3.Cluster.DnsLookupFamily
+	(Cluster_ClusterProtocolSelection)(0),                                       // 3: envoy.config.cluster.v3.Cluster.ClusterProtocolSelection
+	(Cluster_LbSubsetConfig_LbSubsetFallbackPolicy)(0),                          // 4: envoy.config.cluster.v3.Cluster.LbSubsetConfig.LbSubsetFallbackPolicy
+	(Cluster_LbSubsetConfig_LbSubsetSelector_LbSubsetSelectorFallbackPolicy)(0), // 5: envoy.config.cluster.v3.Cluster.LbSubsetConfig.LbSubsetSelector.LbSubsetSelectorFallbackPolicy
+	(Cluster_RingHashLbConfig_HashFunction)(0),                                  // 6: envoy.config.cluster.v3.Cluster.RingHashLbConfig.HashFunction
+	(*ClusterCollection)(nil),                                                   // 7: envoy.config.cluster.v3.ClusterCollection
+	(*Cluster)(nil),                                                             // 8: envoy.config.cluster.v3.Cluster
+	(*LoadBalancingPolicy)(nil),                                                 // 9: envoy.config.cluster.v3.LoadBalancingPolicy
+	(*UpstreamBindConfig)(nil),                                                  // 10: envoy.config.cluster.v3.UpstreamBindConfig
+	(*UpstreamConnectionOptions)(nil),                                           // 11: envoy.config.cluster.v3.UpstreamConnectionOptions
+	(*TrackClusterStats)(nil),                                                   // 12: envoy.config.cluster.v3.TrackClusterStats
+	(*Cluster_TransportSocketMatch)(nil),                                        // 13: envoy.config.cluster.v3.Cluster.TransportSocketMatch
+	(*Cluster_CustomClusterType)(nil),                                           // 14: envoy.config.cluster.v3.Cluster.CustomClusterType
+	(*Cluster_EdsClusterConfig)(nil),                                            // 15: envoy.config.cluster.v3.Cluster.EdsClusterConfig
+	(*Cluster_LbSubsetConfig)(nil),                                              // 16: envoy.config.cluster.v3.Cluster.LbSubsetConfig
+	(*Cluster_SlowStartConfig)(nil),                                             // 17: envoy.config.cluster.v3.Cluster.SlowStartConfig
+	(*Cluster_RoundRobinLbConfig)(nil),                                          // 18: envoy.config.cluster.v3.Cluster.RoundRobinLbConfig
+	(*Cluster_LeastRequestLbConfig)(nil),                                        // 19: envoy.config.cluster.v3.Cluster.LeastRequestLbConfig
+	(*Cluster_RingHashLbConfig)(nil),                                            // 20: envoy.config.cluster.v3.Cluster.RingHashLbConfig
+	(*Cluster_MaglevLbConfig)(nil),                                              // 21: envoy.config.cluster.v3.Cluster.MaglevLbConfig
+	(*Cluster_OriginalDstLbConfig)(nil),                                         // 22: envoy.config.cluster.v3.Cluster.OriginalDstLbConfig
+	(*Cluster_CommonLbConfig)(nil),                                              // 23: envoy.config.cluster.v3.Cluster.CommonLbConfig
+	(*Cluster_RefreshRate)(nil),                                                 // 24: envoy.config.cluster.v3.Cluster.RefreshRate
+	(*Cluster_PreconnectPolicy)(nil),                                            // 25: envoy.config.cluster.v3.Cluster.PreconnectPolicy
+	nil,                                                                         // 26: envoy.config.cluster.v3.Cluster.TypedExtensionProtocolOptionsEntry
+	(*Cluster_LbSubsetConfig_LbSubsetSelector)(nil),                             // 27: envoy.config.cluster.v3.Cluster.LbSubsetConfig.LbSubsetSelector
+	(*Cluster_CommonLbConfig_ZoneAwareLbConfig)(nil),                            // 28: envoy.config.cluster.v3.Cluster.CommonLbConfig.ZoneAwareLbConfig
+	(*Cluster_CommonLbConfig_LocalityWeightedLbConfig)(nil),                     // 29: envoy.config.cluster.v3.Cluster.CommonLbConfig.LocalityWeightedLbConfig
+	(*Cluster_CommonLbConfig_ConsistentHashingLbConfig)(nil),                    // 30: envoy.config.cluster.v3.Cluster.CommonLbConfig.ConsistentHashingLbConfig
+	(*LoadBalancingPolicy_Policy)(nil),                                          // 31: envoy.config.cluster.v3.LoadBalancingPolicy.Policy
+	(*v3.CollectionEntry)(nil),                                                  // 32: xds.core.v3.CollectionEntry
+	(*duration.Duration)(nil),                                                   // 33: google.protobuf.Duration
+	(*wrappers.UInt32Value)(nil),                                                // 34: google.protobuf.UInt32Value
+	(*v31.ClusterLoadAssignment)(nil),                                           // 35: envoy.config.endpoint.v3.ClusterLoadAssignment
+	(*v32.HealthCheck)(nil),                                                     // 36: envoy.config.core.v3.HealthCheck
+	(*CircuitBreakers)(nil),                                                     // 37: envoy.config.cluster.v3.CircuitBreakers
+	(*v32.UpstreamHttpProtocolOptions)(nil),                                     // 38: envoy.config.core.v3.UpstreamHttpProtocolOptions
+	(*v32.HttpProtocolOptions)(nil),                                             // 39: envoy.config.core.v3.HttpProtocolOptions
+	(*v32.Http1ProtocolOptions)(nil),                                            // 40: envoy.config.core.v3.Http1ProtocolOptions
+	(*v32.Http2ProtocolOptions)(nil),                                            // 41: envoy.config.core.v3.Http2ProtocolOptions
+	(*v32.Address)(nil),                                                         // 42: envoy.config.core.v3.Address
+	(*v32.DnsResolutionConfig)(nil),                                             // 43: envoy.config.core.v3.DnsResolutionConfig
+	(*v32.TypedExtensionConfig)(nil),                                            // 44: envoy.config.core.v3.TypedExtensionConfig
+	(*wrappers.BoolValue)(nil),                                                  // 45: google.protobuf.BoolValue
+	(*OutlierDetection)(nil),                                                    // 46: envoy.config.cluster.v3.OutlierDetection
+	(*v32.BindConfig)(nil),                                                      // 47: envoy.config.core.v3.BindConfig
+	(*v32.TransportSocket)(nil),                                                 // 48: envoy.config.core.v3.TransportSocket
+	(*v32.Metadata)(nil),                                                        // 49: envoy.config.core.v3.Metadata
+	(*Filter)(nil),                                                              // 50: envoy.config.cluster.v3.Filter
+	(*v32.ConfigSource)(nil),                                                    // 51: envoy.config.core.v3.ConfigSource
+	(*v32.TcpKeepalive)(nil),                                                    // 52: envoy.config.core.v3.TcpKeepalive
+	(*_struct.Struct)(nil),                                                      // 53: google.protobuf.Struct
+	(*any.Any)(nil),                                                             // 54: google.protobuf.Any
+	(*v32.RuntimeDouble)(nil),                                                   // 55: envoy.config.core.v3.RuntimeDouble
+	(*wrappers.UInt64Value)(nil),                                                // 56: google.protobuf.UInt64Value
+	(*v33.Percent)(nil),                                                         // 57: envoy.type.v3.Percent
+	(*wrappers.DoubleValue)(nil),                                                // 58: google.protobuf.DoubleValue
+}
+var file_envoy_config_cluster_v3_cluster_proto_depIdxs = []int32{
+	32, // 0: envoy.config.cluster.v3.ClusterCollection.entries:type_name -> xds.core.v3.CollectionEntry
+	13, // 1: envoy.config.cluster.v3.Cluster.transport_socket_matches:type_name -> envoy.config.cluster.v3.Cluster.TransportSocketMatch
+	0,  // 2: envoy.config.cluster.v3.Cluster.type:type_name -> envoy.config.cluster.v3.Cluster.DiscoveryType
+	14, // 3: envoy.config.cluster.v3.Cluster.cluster_type:type_name -> envoy.config.cluster.v3.Cluster.CustomClusterType
+	15, // 4: envoy.config.cluster.v3.Cluster.eds_cluster_config:type_name -> envoy.config.cluster.v3.Cluster.EdsClusterConfig
+	33, // 5: envoy.config.cluster.v3.Cluster.connect_timeout:type_name -> google.protobuf.Duration
+	34, // 6: envoy.config.cluster.v3.Cluster.per_connection_buffer_limit_bytes:type_name -> google.protobuf.UInt32Value
+	1,  // 7: envoy.config.cluster.v3.Cluster.lb_policy:type_name -> envoy.config.cluster.v3.Cluster.LbPolicy
+	35, // 8: envoy.config.cluster.v3.Cluster.load_assignment:type_name -> envoy.config.endpoint.v3.ClusterLoadAssignment
+	36, // 9: envoy.config.cluster.v3.Cluster.health_checks:type_name -> envoy.config.core.v3.HealthCheck
+	34, // 10: envoy.config.cluster.v3.Cluster.max_requests_per_connection:type_name -> google.protobuf.UInt32Value
+	37, // 11: envoy.config.cluster.v3.Cluster.circuit_breakers:type_name -> envoy.config.cluster.v3.CircuitBreakers
+	38, // 12: envoy.config.cluster.v3.Cluster.upstream_http_protocol_options:type_name -> envoy.config.core.v3.UpstreamHttpProtocolOptions
+	39, // 13: envoy.config.cluster.v3.Cluster.common_http_protocol_options:type_name -> envoy.config.core.v3.HttpProtocolOptions
+	40, // 14: envoy.config.cluster.v3.Cluster.http_protocol_options:type_name -> envoy.config.core.v3.Http1ProtocolOptions
+	41, // 15: envoy.config.cluster.v3.Cluster.http2_protocol_options:type_name -> envoy.config.core.v3.Http2ProtocolOptions
+	26, // 16: envoy.config.cluster.v3.Cluster.typed_extension_protocol_options:type_name -> envoy.config.cluster.v3.Cluster.TypedExtensionProtocolOptionsEntry
+	33, // 17: envoy.config.cluster.v3.Cluster.dns_refresh_rate:type_name -> google.protobuf.Duration
+	24, // 18: envoy.config.cluster.v3.Cluster.dns_failure_refresh_rate:type_name -> envoy.config.cluster.v3.Cluster.RefreshRate
+	2,  // 19: envoy.config.cluster.v3.Cluster.dns_lookup_family:type_name -> envoy.config.cluster.v3.Cluster.DnsLookupFamily
+	42, // 20: envoy.config.cluster.v3.Cluster.dns_resolvers:type_name -> envoy.config.core.v3.Address
+	43, // 21: envoy.config.cluster.v3.Cluster.dns_resolution_config:type_name -> envoy.config.core.v3.DnsResolutionConfig
+	44, // 22: envoy.config.cluster.v3.Cluster.typed_dns_resolver_config:type_name -> envoy.config.core.v3.TypedExtensionConfig
+	45, // 23: envoy.config.cluster.v3.Cluster.wait_for_warm_on_init:type_name -> google.protobuf.BoolValue
+	46, // 24: envoy.config.cluster.v3.Cluster.outlier_detection:type_name -> envoy.config.cluster.v3.OutlierDetection
+	33, // 25: envoy.config.cluster.v3.Cluster.cleanup_interval:type_name -> google.protobuf.Duration
+	47, // 26: envoy.config.cluster.v3.Cluster.upstream_bind_config:type_name -> envoy.config.core.v3.BindConfig
+	16, // 27: envoy.config.cluster.v3.Cluster.lb_subset_config:type_name -> envoy.config.cluster.v3.Cluster.LbSubsetConfig
+	20, // 28: envoy.config.cluster.v3.Cluster.ring_hash_lb_config:type_name -> envoy.config.cluster.v3.Cluster.RingHashLbConfig
+	21, // 29: envoy.config.cluster.v3.Cluster.maglev_lb_config:type_name -> envoy.config.cluster.v3.Cluster.MaglevLbConfig
+	22, // 30: envoy.config.cluster.v3.Cluster.original_dst_lb_config:type_name -> envoy.config.cluster.v3.Cluster.OriginalDstLbConfig
+	19, // 31: envoy.config.cluster.v3.Cluster.least_request_lb_config:type_name -> envoy.config.cluster.v3.Cluster.LeastRequestLbConfig
+	18, // 32: envoy.config.cluster.v3.Cluster.round_robin_lb_config:type_name -> envoy.config.cluster.v3.Cluster.RoundRobinLbConfig
+	23, // 33: envoy.config.cluster.v3.Cluster.common_lb_config:type_name -> envoy.config.cluster.v3.Cluster.CommonLbConfig
+	48, // 34: envoy.config.cluster.v3.Cluster.transport_socket:type_name -> envoy.config.core.v3.TransportSocket
+	49, // 35: envoy.config.cluster.v3.Cluster.metadata:type_name -> envoy.config.core.v3.Metadata
+	3,  // 36: envoy.config.cluster.v3.Cluster.protocol_selection:type_name -> envoy.config.cluster.v3.Cluster.ClusterProtocolSelection
+	11, // 37: envoy.config.cluster.v3.Cluster.upstream_connection_options:type_name -> envoy.config.cluster.v3.UpstreamConnectionOptions
+	50, // 38: envoy.config.cluster.v3.Cluster.filters:type_name -> envoy.config.cluster.v3.Filter
+	9,  // 39: envoy.config.cluster.v3.Cluster.load_balancing_policy:type_name -> envoy.config.cluster.v3.LoadBalancingPolicy
+	51, // 40: envoy.config.cluster.v3.Cluster.lrs_server:type_name -> envoy.config.core.v3.ConfigSource
+	44, // 41: envoy.config.cluster.v3.Cluster.upstream_config:type_name -> envoy.config.core.v3.TypedExtensionConfig
+	12, // 42: envoy.config.cluster.v3.Cluster.track_cluster_stats:type_name -> envoy.config.cluster.v3.TrackClusterStats
+	25, // 43: envoy.config.cluster.v3.Cluster.preconnect_policy:type_name -> envoy.config.cluster.v3.Cluster.PreconnectPolicy
+	31, // 44: envoy.config.cluster.v3.LoadBalancingPolicy.policies:type_name -> envoy.config.cluster.v3.LoadBalancingPolicy.Policy
+	42, // 45: envoy.config.cluster.v3.UpstreamBindConfig.source_address:type_name -> envoy.config.core.v3.Address
+	52, // 46: envoy.config.cluster.v3.UpstreamConnectionOptions.tcp_keepalive:type_name -> envoy.config.core.v3.TcpKeepalive
+	53, // 47: envoy.config.cluster.v3.Cluster.TransportSocketMatch.match:type_name -> google.protobuf.Struct
+	48, // 48: envoy.config.cluster.v3.Cluster.TransportSocketMatch.transport_socket:type_name -> envoy.config.core.v3.TransportSocket
+	54, // 49: envoy.config.cluster.v3.Cluster.CustomClusterType.typed_config:type_name -> google.protobuf.Any
+	51, // 50: envoy.config.cluster.v3.Cluster.EdsClusterConfig.eds_config:type_name -> envoy.config.core.v3.ConfigSource
+	4,  // 51: envoy.config.cluster.v3.Cluster.LbSubsetConfig.fallback_policy:type_name -> envoy.config.cluster.v3.Cluster.LbSubsetConfig.LbSubsetFallbackPolicy
+	53, // 52: envoy.config.cluster.v3.Cluster.LbSubsetConfig.default_subset:type_name -> google.protobuf.Struct
+	27, // 53: envoy.config.cluster.v3.Cluster.LbSubsetConfig.subset_selectors:type_name -> envoy.config.cluster.v3.Cluster.LbSubsetConfig.LbSubsetSelector
+	33, // 54: envoy.config.cluster.v3.Cluster.SlowStartConfig.slow_start_window:type_name -> google.protobuf.Duration
+	55, // 55: envoy.config.cluster.v3.Cluster.SlowStartConfig.aggression:type_name -> envoy.config.core.v3.RuntimeDouble
+	17, // 56: envoy.config.cluster.v3.Cluster.RoundRobinLbConfig.slow_start_config:type_name -> envoy.config.cluster.v3.Cluster.SlowStartConfig
+	34, // 57: envoy.config.cluster.v3.Cluster.LeastRequestLbConfig.choice_count:type_name -> google.protobuf.UInt32Value
+	55, // 58: envoy.config.cluster.v3.Cluster.LeastRequestLbConfig.active_request_bias:type_name -> envoy.config.core.v3.RuntimeDouble
+	17, // 59: envoy.config.cluster.v3.Cluster.LeastRequestLbConfig.slow_start_config:type_name -> envoy.config.cluster.v3.Cluster.SlowStartConfig
+	56, // 60: envoy.config.cluster.v3.Cluster.RingHashLbConfig.minimum_ring_size:type_name -> google.protobuf.UInt64Value
+	6,  // 61: envoy.config.cluster.v3.Cluster.RingHashLbConfig.hash_function:type_name -> envoy.config.cluster.v3.Cluster.RingHashLbConfig.HashFunction
+	56, // 62: envoy.config.cluster.v3.Cluster.RingHashLbConfig.maximum_ring_size:type_name -> google.protobuf.UInt64Value
+	56, // 63: envoy.config.cluster.v3.Cluster.MaglevLbConfig.table_size:type_name -> google.protobuf.UInt64Value
+	57, // 64: envoy.config.cluster.v3.Cluster.CommonLbConfig.healthy_panic_threshold:type_name -> envoy.type.v3.Percent
+	28, // 65: envoy.config.cluster.v3.Cluster.CommonLbConfig.zone_aware_lb_config:type_name -> envoy.config.cluster.v3.Cluster.CommonLbConfig.ZoneAwareLbConfig
+	29, // 66: envoy.config.cluster.v3.Cluster.CommonLbConfig.locality_weighted_lb_config:type_name -> envoy.config.cluster.v3.Cluster.CommonLbConfig.LocalityWeightedLbConfig
+	33, // 67: envoy.config.cluster.v3.Cluster.CommonLbConfig.update_merge_window:type_name -> google.protobuf.Duration
+	30, // 68: envoy.config.cluster.v3.Cluster.CommonLbConfig.consistent_hashing_lb_config:type_name -> envoy.config.cluster.v3.Cluster.CommonLbConfig.ConsistentHashingLbConfig
+	33, // 69: envoy.config.cluster.v3.Cluster.RefreshRate.base_interval:type_name -> google.protobuf.Duration
+	33, // 70: envoy.config.cluster.v3.Cluster.RefreshRate.max_interval:type_name -> google.protobuf.Duration
+	58, // 71: envoy.config.cluster.v3.Cluster.PreconnectPolicy.per_upstream_preconnect_ratio:type_name -> google.protobuf.DoubleValue
+	58, // 72: envoy.config.cluster.v3.Cluster.PreconnectPolicy.predictive_preconnect_ratio:type_name -> google.protobuf.DoubleValue
+	54, // 73: envoy.config.cluster.v3.Cluster.TypedExtensionProtocolOptionsEntry.value:type_name -> google.protobuf.Any
+	5,  // 74: envoy.config.cluster.v3.Cluster.LbSubsetConfig.LbSubsetSelector.fallback_policy:type_name -> envoy.config.cluster.v3.Cluster.LbSubsetConfig.LbSubsetSelector.LbSubsetSelectorFallbackPolicy
+	57, // 75: envoy.config.cluster.v3.Cluster.CommonLbConfig.ZoneAwareLbConfig.routing_enabled:type_name -> envoy.type.v3.Percent
+	56, // 76: envoy.config.cluster.v3.Cluster.CommonLbConfig.ZoneAwareLbConfig.min_cluster_size:type_name -> google.protobuf.UInt64Value
+	34, // 77: envoy.config.cluster.v3.Cluster.CommonLbConfig.ConsistentHashingLbConfig.hash_balance_factor:type_name -> google.protobuf.UInt32Value
+	44, // 78: envoy.config.cluster.v3.LoadBalancingPolicy.Policy.typed_extension_config:type_name -> envoy.config.core.v3.TypedExtensionConfig
+	79, // [79:79] is the sub-list for method output_type
+	79, // [79:79] is the sub-list for method input_type
+	79, // [79:79] is the sub-list for extension type_name
+	79, // [79:79] is the sub-list for extension extendee
+	0,  // [0:79] is the sub-list for field type_name
+}
+
+func init() { file_envoy_config_cluster_v3_cluster_proto_init() }
+func file_envoy_config_cluster_v3_cluster_proto_init() {
+	if File_envoy_config_cluster_v3_cluster_proto != nil {
+		return
+	}
+	file_envoy_config_cluster_v3_circuit_breaker_proto_init()
+	file_envoy_config_cluster_v3_filter_proto_init()
+	file_envoy_config_cluster_v3_outlier_detection_proto_init()
+	if !protoimpl.UnsafeEnabled {
+		file_envoy_config_cluster_v3_cluster_proto_msgTypes[0].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*ClusterCollection); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_config_cluster_v3_cluster_proto_msgTypes[1].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*Cluster); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_config_cluster_v3_cluster_proto_msgTypes[2].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*LoadBalancingPolicy); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_config_cluster_v3_cluster_proto_msgTypes[3].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*UpstreamBindConfig); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_config_cluster_v3_cluster_proto_msgTypes[4].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*UpstreamConnectionOptions); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_config_cluster_v3_cluster_proto_msgTypes[5].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*TrackClusterStats); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_config_cluster_v3_cluster_proto_msgTypes[6].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*Cluster_TransportSocketMatch); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_config_cluster_v3_cluster_proto_msgTypes[7].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*Cluster_CustomClusterType); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_config_cluster_v3_cluster_proto_msgTypes[8].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*Cluster_EdsClusterConfig); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_config_cluster_v3_cluster_proto_msgTypes[9].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*Cluster_LbSubsetConfig); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_config_cluster_v3_cluster_proto_msgTypes[10].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*Cluster_SlowStartConfig); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_config_cluster_v3_cluster_proto_msgTypes[11].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*Cluster_RoundRobinLbConfig); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_config_cluster_v3_cluster_proto_msgTypes[12].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*Cluster_LeastRequestLbConfig); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_config_cluster_v3_cluster_proto_msgTypes[13].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*Cluster_RingHashLbConfig); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_config_cluster_v3_cluster_proto_msgTypes[14].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*Cluster_MaglevLbConfig); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_config_cluster_v3_cluster_proto_msgTypes[15].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*Cluster_OriginalDstLbConfig); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_config_cluster_v3_cluster_proto_msgTypes[16].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*Cluster_CommonLbConfig); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_config_cluster_v3_cluster_proto_msgTypes[17].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*Cluster_RefreshRate); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_config_cluster_v3_cluster_proto_msgTypes[18].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*Cluster_PreconnectPolicy); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_config_cluster_v3_cluster_proto_msgTypes[20].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*Cluster_LbSubsetConfig_LbSubsetSelector); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_config_cluster_v3_cluster_proto_msgTypes[21].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*Cluster_CommonLbConfig_ZoneAwareLbConfig); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_config_cluster_v3_cluster_proto_msgTypes[22].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*Cluster_CommonLbConfig_LocalityWeightedLbConfig); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_config_cluster_v3_cluster_proto_msgTypes[23].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*Cluster_CommonLbConfig_ConsistentHashingLbConfig); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_config_cluster_v3_cluster_proto_msgTypes[24].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*LoadBalancingPolicy_Policy); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+	}
+	file_envoy_config_cluster_v3_cluster_proto_msgTypes[1].OneofWrappers = []interface{}{
+		(*Cluster_Type)(nil),
+		(*Cluster_ClusterType)(nil),
+		(*Cluster_RingHashLbConfig_)(nil),
+		(*Cluster_MaglevLbConfig_)(nil),
+		(*Cluster_OriginalDstLbConfig_)(nil),
+		(*Cluster_LeastRequestLbConfig_)(nil),
+		(*Cluster_RoundRobinLbConfig_)(nil),
+	}
+	file_envoy_config_cluster_v3_cluster_proto_msgTypes[16].OneofWrappers = []interface{}{
+		(*Cluster_CommonLbConfig_ZoneAwareLbConfig_)(nil),
+		(*Cluster_CommonLbConfig_LocalityWeightedLbConfig_)(nil),
+	}
+	type x struct{}
+	out := protoimpl.TypeBuilder{
+		File: protoimpl.DescBuilder{
+			GoPackagePath: reflect.TypeOf(x{}).PkgPath(),
+			RawDescriptor: file_envoy_config_cluster_v3_cluster_proto_rawDesc,
+			NumEnums:      7,
+			NumMessages:   25,
+			NumExtensions: 0,
+			NumServices:   0,
+		},
+		GoTypes:           file_envoy_config_cluster_v3_cluster_proto_goTypes,
+		DependencyIndexes: file_envoy_config_cluster_v3_cluster_proto_depIdxs,
+		EnumInfos:         file_envoy_config_cluster_v3_cluster_proto_enumTypes,
+		MessageInfos:      file_envoy_config_cluster_v3_cluster_proto_msgTypes,
+	}.Build()
+	File_envoy_config_cluster_v3_cluster_proto = out.File
+	file_envoy_config_cluster_v3_cluster_proto_rawDesc = nil
+	file_envoy_config_cluster_v3_cluster_proto_goTypes = nil
+	file_envoy_config_cluster_v3_cluster_proto_depIdxs = nil
+}
diff --git a/vendor/github.com/envoyproxy/go-control-plane/envoy/config/cluster/v3/cluster.pb.validate.go b/vendor/github.com/envoyproxy/go-control-plane/envoy/config/cluster/v3/cluster.pb.validate.go
new file mode 100644
index 00000000000..9ee7cc6d588
--- /dev/null
+++ b/vendor/github.com/envoyproxy/go-control-plane/envoy/config/cluster/v3/cluster.pb.validate.go
@@ -0,0 +1,4682 @@
+// Code generated by protoc-gen-validate. DO NOT EDIT.
+// source: envoy/config/cluster/v3/cluster.proto
+
+package envoy_config_cluster_v3
+
+import (
+	"bytes"
+	"errors"
+	"fmt"
+	"net"
+	"net/mail"
+	"net/url"
+	"regexp"
+	"sort"
+	"strings"
+	"time"
+	"unicode/utf8"
+
+	"google.golang.org/protobuf/types/known/anypb"
+)
+
+// ensure the imports are used
+var (
+	_ = bytes.MinRead
+	_ = errors.New("")
+	_ = fmt.Print
+	_ = utf8.UTFMax
+	_ = (*regexp.Regexp)(nil)
+	_ = (*strings.Reader)(nil)
+	_ = net.IPv4len
+	_ = time.Duration(0)
+	_ = (*url.URL)(nil)
+	_ = (*mail.Address)(nil)
+	_ = anypb.Any{}
+	_ = sort.Sort
+)
+
+// Validate checks the field values on ClusterCollection with the rules defined
+// in the proto definition for this message. If any rules are violated, the
+// first error encountered is returned, or nil if there are no violations.
+func (m *ClusterCollection) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on ClusterCollection with the rules
+// defined in the proto definition for this message. If any rules are
+// violated, the result is a list of violation errors wrapped in
+// ClusterCollectionMultiError, or nil if none found.
+func (m *ClusterCollection) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *ClusterCollection) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	if all {
+		switch v := interface{}(m.GetEntries()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, ClusterCollectionValidationError{
+					field:  "Entries",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, ClusterCollectionValidationError{
+					field:  "Entries",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetEntries()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return ClusterCollectionValidationError{
+				field:  "Entries",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if len(errors) > 0 {
+		return ClusterCollectionMultiError(errors)
+	}
+	return nil
+}
+
+// ClusterCollectionMultiError is an error wrapping multiple validation errors
+// returned by ClusterCollection.ValidateAll() if the designated constraints
+// aren't met.
+type ClusterCollectionMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m ClusterCollectionMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m ClusterCollectionMultiError) AllErrors() []error { return m }
+
+// ClusterCollectionValidationError is the validation error returned by
+// ClusterCollection.Validate if the designated constraints aren't met.
+type ClusterCollectionValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e ClusterCollectionValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e ClusterCollectionValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e ClusterCollectionValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e ClusterCollectionValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e ClusterCollectionValidationError) ErrorName() string {
+	return "ClusterCollectionValidationError"
+}
+
+// Error satisfies the builtin error interface
+func (e ClusterCollectionValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sClusterCollection.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = ClusterCollectionValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = ClusterCollectionValidationError{}
+
+// Validate checks the field values on Cluster with the rules defined in the
+// proto definition for this message. If any rules are violated, the first
+// error encountered is returned, or nil if there are no violations.
+func (m *Cluster) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on Cluster with the rules defined in the
+// proto definition for this message. If any rules are violated, the result is
+// a list of violation errors wrapped in ClusterMultiError, or nil if none found.
+func (m *Cluster) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *Cluster) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	for idx, item := range m.GetTransportSocketMatches() {
+		_, _ = idx, item
+
+		if all {
+			switch v := interface{}(item).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, ClusterValidationError{
+						field:  fmt.Sprintf("TransportSocketMatches[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, ClusterValidationError{
+						field:  fmt.Sprintf("TransportSocketMatches[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(item).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return ClusterValidationError{
+					field:  fmt.Sprintf("TransportSocketMatches[%v]", idx),
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	}
+
+	if utf8.RuneCountInString(m.GetName()) < 1 {
+		err := ClusterValidationError{
+			field:  "Name",
+			reason: "value length must be at least 1 runes",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+	}
+
+	// no validation rules for AltStatName
+
+	if all {
+		switch v := interface{}(m.GetEdsClusterConfig()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, ClusterValidationError{
+					field:  "EdsClusterConfig",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, ClusterValidationError{
+					field:  "EdsClusterConfig",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetEdsClusterConfig()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return ClusterValidationError{
+				field:  "EdsClusterConfig",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if d := m.GetConnectTimeout(); d != nil {
+		dur, err := d.AsDuration(), d.CheckValid()
+		if err != nil {
+			err = ClusterValidationError{
+				field:  "ConnectTimeout",
+				reason: "value is not a valid duration",
+				cause:  err,
+			}
+			if !all {
+				return err
+			}
+			errors = append(errors, err)
+		} else {
+
+			gt := time.Duration(0*time.Second + 0*time.Nanosecond)
+
+			if dur <= gt {
+				err := ClusterValidationError{
+					field:  "ConnectTimeout",
+					reason: "value must be greater than 0s",
+				}
+				if !all {
+					return err
+				}
+				errors = append(errors, err)
+			}
+
+		}
+	}
+
+	if all {
+		switch v := interface{}(m.GetPerConnectionBufferLimitBytes()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, ClusterValidationError{
+					field:  "PerConnectionBufferLimitBytes",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, ClusterValidationError{
+					field:  "PerConnectionBufferLimitBytes",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetPerConnectionBufferLimitBytes()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return ClusterValidationError{
+				field:  "PerConnectionBufferLimitBytes",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if _, ok := Cluster_LbPolicy_name[int32(m.GetLbPolicy())]; !ok {
+		err := ClusterValidationError{
+			field:  "LbPolicy",
+			reason: "value must be one of the defined enum values",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+	}
+
+	if all {
+		switch v := interface{}(m.GetLoadAssignment()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, ClusterValidationError{
+					field:  "LoadAssignment",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, ClusterValidationError{
+					field:  "LoadAssignment",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetLoadAssignment()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return ClusterValidationError{
+				field:  "LoadAssignment",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	for idx, item := range m.GetHealthChecks() {
+		_, _ = idx, item
+
+		if all {
+			switch v := interface{}(item).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, ClusterValidationError{
+						field:  fmt.Sprintf("HealthChecks[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, ClusterValidationError{
+						field:  fmt.Sprintf("HealthChecks[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(item).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return ClusterValidationError{
+					field:  fmt.Sprintf("HealthChecks[%v]", idx),
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	}
+
+	if all {
+		switch v := interface{}(m.GetMaxRequestsPerConnection()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, ClusterValidationError{
+					field:  "MaxRequestsPerConnection",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, ClusterValidationError{
+					field:  "MaxRequestsPerConnection",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetMaxRequestsPerConnection()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return ClusterValidationError{
+				field:  "MaxRequestsPerConnection",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if all {
+		switch v := interface{}(m.GetCircuitBreakers()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, ClusterValidationError{
+					field:  "CircuitBreakers",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, ClusterValidationError{
+					field:  "CircuitBreakers",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetCircuitBreakers()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return ClusterValidationError{
+				field:  "CircuitBreakers",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if all {
+		switch v := interface{}(m.GetUpstreamHttpProtocolOptions()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, ClusterValidationError{
+					field:  "UpstreamHttpProtocolOptions",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, ClusterValidationError{
+					field:  "UpstreamHttpProtocolOptions",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetUpstreamHttpProtocolOptions()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return ClusterValidationError{
+				field:  "UpstreamHttpProtocolOptions",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if all {
+		switch v := interface{}(m.GetCommonHttpProtocolOptions()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, ClusterValidationError{
+					field:  "CommonHttpProtocolOptions",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, ClusterValidationError{
+					field:  "CommonHttpProtocolOptions",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetCommonHttpProtocolOptions()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return ClusterValidationError{
+				field:  "CommonHttpProtocolOptions",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if all {
+		switch v := interface{}(m.GetHttpProtocolOptions()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, ClusterValidationError{
+					field:  "HttpProtocolOptions",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, ClusterValidationError{
+					field:  "HttpProtocolOptions",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetHttpProtocolOptions()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return ClusterValidationError{
+				field:  "HttpProtocolOptions",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if all {
+		switch v := interface{}(m.GetHttp2ProtocolOptions()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, ClusterValidationError{
+					field:  "Http2ProtocolOptions",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, ClusterValidationError{
+					field:  "Http2ProtocolOptions",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetHttp2ProtocolOptions()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return ClusterValidationError{
+				field:  "Http2ProtocolOptions",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	{
+		sorted_keys := make([]string, len(m.GetTypedExtensionProtocolOptions()))
+		i := 0
+		for key := range m.GetTypedExtensionProtocolOptions() {
+			sorted_keys[i] = key
+			i++
+		}
+		sort.Slice(sorted_keys, func(i, j int) bool { return sorted_keys[i] < sorted_keys[j] })
+		for _, key := range sorted_keys {
+			val := m.GetTypedExtensionProtocolOptions()[key]
+			_ = val
+
+			// no validation rules for TypedExtensionProtocolOptions[key]
+
+			if all {
+				switch v := interface{}(val).(type) {
+				case interface{ ValidateAll() error }:
+					if err := v.ValidateAll(); err != nil {
+						errors = append(errors, ClusterValidationError{
+							field:  fmt.Sprintf("TypedExtensionProtocolOptions[%v]", key),
+							reason: "embedded message failed validation",
+							cause:  err,
+						})
+					}
+				case interface{ Validate() error }:
+					if err := v.Validate(); err != nil {
+						errors = append(errors, ClusterValidationError{
+							field:  fmt.Sprintf("TypedExtensionProtocolOptions[%v]", key),
+							reason: "embedded message failed validation",
+							cause:  err,
+						})
+					}
+				}
+			} else if v, ok := interface{}(val).(interface{ Validate() error }); ok {
+				if err := v.Validate(); err != nil {
+					return ClusterValidationError{
+						field:  fmt.Sprintf("TypedExtensionProtocolOptions[%v]", key),
+						reason: "embedded message failed validation",
+						cause:  err,
+					}
+				}
+			}
+
+		}
+	}
+
+	if d := m.GetDnsRefreshRate(); d != nil {
+		dur, err := d.AsDuration(), d.CheckValid()
+		if err != nil {
+			err = ClusterValidationError{
+				field:  "DnsRefreshRate",
+				reason: "value is not a valid duration",
+				cause:  err,
+			}
+			if !all {
+				return err
+			}
+			errors = append(errors, err)
+		} else {
+
+			gt := time.Duration(0*time.Second + 1000000*time.Nanosecond)
+
+			if dur <= gt {
+				err := ClusterValidationError{
+					field:  "DnsRefreshRate",
+					reason: "value must be greater than 1ms",
+				}
+				if !all {
+					return err
+				}
+				errors = append(errors, err)
+			}
+
+		}
+	}
+
+	if all {
+		switch v := interface{}(m.GetDnsFailureRefreshRate()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, ClusterValidationError{
+					field:  "DnsFailureRefreshRate",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, ClusterValidationError{
+					field:  "DnsFailureRefreshRate",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetDnsFailureRefreshRate()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return ClusterValidationError{
+				field:  "DnsFailureRefreshRate",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	// no validation rules for RespectDnsTtl
+
+	if _, ok := Cluster_DnsLookupFamily_name[int32(m.GetDnsLookupFamily())]; !ok {
+		err := ClusterValidationError{
+			field:  "DnsLookupFamily",
+			reason: "value must be one of the defined enum values",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+	}
+
+	for idx, item := range m.GetDnsResolvers() {
+		_, _ = idx, item
+
+		if all {
+			switch v := interface{}(item).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, ClusterValidationError{
+						field:  fmt.Sprintf("DnsResolvers[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, ClusterValidationError{
+						field:  fmt.Sprintf("DnsResolvers[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(item).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return ClusterValidationError{
+					field:  fmt.Sprintf("DnsResolvers[%v]", idx),
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	}
+
+	// no validation rules for UseTcpForDnsLookups
+
+	if all {
+		switch v := interface{}(m.GetDnsResolutionConfig()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, ClusterValidationError{
+					field:  "DnsResolutionConfig",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, ClusterValidationError{
+					field:  "DnsResolutionConfig",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetDnsResolutionConfig()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return ClusterValidationError{
+				field:  "DnsResolutionConfig",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if all {
+		switch v := interface{}(m.GetTypedDnsResolverConfig()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, ClusterValidationError{
+					field:  "TypedDnsResolverConfig",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, ClusterValidationError{
+					field:  "TypedDnsResolverConfig",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetTypedDnsResolverConfig()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return ClusterValidationError{
+				field:  "TypedDnsResolverConfig",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if all {
+		switch v := interface{}(m.GetWaitForWarmOnInit()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, ClusterValidationError{
+					field:  "WaitForWarmOnInit",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, ClusterValidationError{
+					field:  "WaitForWarmOnInit",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetWaitForWarmOnInit()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return ClusterValidationError{
+				field:  "WaitForWarmOnInit",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if all {
+		switch v := interface{}(m.GetOutlierDetection()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, ClusterValidationError{
+					field:  "OutlierDetection",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, ClusterValidationError{
+					field:  "OutlierDetection",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetOutlierDetection()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return ClusterValidationError{
+				field:  "OutlierDetection",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if d := m.GetCleanupInterval(); d != nil {
+		dur, err := d.AsDuration(), d.CheckValid()
+		if err != nil {
+			err = ClusterValidationError{
+				field:  "CleanupInterval",
+				reason: "value is not a valid duration",
+				cause:  err,
+			}
+			if !all {
+				return err
+			}
+			errors = append(errors, err)
+		} else {
+
+			gt := time.Duration(0*time.Second + 0*time.Nanosecond)
+
+			if dur <= gt {
+				err := ClusterValidationError{
+					field:  "CleanupInterval",
+					reason: "value must be greater than 0s",
+				}
+				if !all {
+					return err
+				}
+				errors = append(errors, err)
+			}
+
+		}
+	}
+
+	if all {
+		switch v := interface{}(m.GetUpstreamBindConfig()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, ClusterValidationError{
+					field:  "UpstreamBindConfig",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, ClusterValidationError{
+					field:  "UpstreamBindConfig",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetUpstreamBindConfig()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return ClusterValidationError{
+				field:  "UpstreamBindConfig",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if all {
+		switch v := interface{}(m.GetLbSubsetConfig()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, ClusterValidationError{
+					field:  "LbSubsetConfig",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, ClusterValidationError{
+					field:  "LbSubsetConfig",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetLbSubsetConfig()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return ClusterValidationError{
+				field:  "LbSubsetConfig",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if all {
+		switch v := interface{}(m.GetCommonLbConfig()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, ClusterValidationError{
+					field:  "CommonLbConfig",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, ClusterValidationError{
+					field:  "CommonLbConfig",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetCommonLbConfig()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return ClusterValidationError{
+				field:  "CommonLbConfig",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if all {
+		switch v := interface{}(m.GetTransportSocket()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, ClusterValidationError{
+					field:  "TransportSocket",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, ClusterValidationError{
+					field:  "TransportSocket",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetTransportSocket()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return ClusterValidationError{
+				field:  "TransportSocket",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if all {
+		switch v := interface{}(m.GetMetadata()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, ClusterValidationError{
+					field:  "Metadata",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, ClusterValidationError{
+					field:  "Metadata",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetMetadata()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return ClusterValidationError{
+				field:  "Metadata",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	// no validation rules for ProtocolSelection
+
+	if all {
+		switch v := interface{}(m.GetUpstreamConnectionOptions()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, ClusterValidationError{
+					field:  "UpstreamConnectionOptions",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, ClusterValidationError{
+					field:  "UpstreamConnectionOptions",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetUpstreamConnectionOptions()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return ClusterValidationError{
+				field:  "UpstreamConnectionOptions",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	// no validation rules for CloseConnectionsOnHostHealthFailure
+
+	// no validation rules for IgnoreHealthOnHostRemoval
+
+	for idx, item := range m.GetFilters() {
+		_, _ = idx, item
+
+		if all {
+			switch v := interface{}(item).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, ClusterValidationError{
+						field:  fmt.Sprintf("Filters[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, ClusterValidationError{
+						field:  fmt.Sprintf("Filters[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(item).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return ClusterValidationError{
+					field:  fmt.Sprintf("Filters[%v]", idx),
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	}
+
+	if all {
+		switch v := interface{}(m.GetLoadBalancingPolicy()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, ClusterValidationError{
+					field:  "LoadBalancingPolicy",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, ClusterValidationError{
+					field:  "LoadBalancingPolicy",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetLoadBalancingPolicy()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return ClusterValidationError{
+				field:  "LoadBalancingPolicy",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if all {
+		switch v := interface{}(m.GetLrsServer()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, ClusterValidationError{
+					field:  "LrsServer",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, ClusterValidationError{
+					field:  "LrsServer",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetLrsServer()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return ClusterValidationError{
+				field:  "LrsServer",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	// no validation rules for TrackTimeoutBudgets
+
+	if all {
+		switch v := interface{}(m.GetUpstreamConfig()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, ClusterValidationError{
+					field:  "UpstreamConfig",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, ClusterValidationError{
+					field:  "UpstreamConfig",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetUpstreamConfig()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return ClusterValidationError{
+				field:  "UpstreamConfig",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if all {
+		switch v := interface{}(m.GetTrackClusterStats()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, ClusterValidationError{
+					field:  "TrackClusterStats",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, ClusterValidationError{
+					field:  "TrackClusterStats",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetTrackClusterStats()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return ClusterValidationError{
+				field:  "TrackClusterStats",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if all {
+		switch v := interface{}(m.GetPreconnectPolicy()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, ClusterValidationError{
+					field:  "PreconnectPolicy",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, ClusterValidationError{
+					field:  "PreconnectPolicy",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetPreconnectPolicy()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return ClusterValidationError{
+				field:  "PreconnectPolicy",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	// no validation rules for ConnectionPoolPerDownstreamConnection
+
+	switch m.ClusterDiscoveryType.(type) {
+
+	case *Cluster_Type:
+
+		if _, ok := Cluster_DiscoveryType_name[int32(m.GetType())]; !ok {
+			err := ClusterValidationError{
+				field:  "Type",
+				reason: "value must be one of the defined enum values",
+			}
+			if !all {
+				return err
+			}
+			errors = append(errors, err)
+		}
+
+	case *Cluster_ClusterType:
+
+		if all {
+			switch v := interface{}(m.GetClusterType()).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, ClusterValidationError{
+						field:  "ClusterType",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, ClusterValidationError{
+						field:  "ClusterType",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(m.GetClusterType()).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return ClusterValidationError{
+					field:  "ClusterType",
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	}
+
+	switch m.LbConfig.(type) {
+
+	case *Cluster_RingHashLbConfig_:
+
+		if all {
+			switch v := interface{}(m.GetRingHashLbConfig()).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, ClusterValidationError{
+						field:  "RingHashLbConfig",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, ClusterValidationError{
+						field:  "RingHashLbConfig",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(m.GetRingHashLbConfig()).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return ClusterValidationError{
+					field:  "RingHashLbConfig",
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	case *Cluster_MaglevLbConfig_:
+
+		if all {
+			switch v := interface{}(m.GetMaglevLbConfig()).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, ClusterValidationError{
+						field:  "MaglevLbConfig",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, ClusterValidationError{
+						field:  "MaglevLbConfig",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(m.GetMaglevLbConfig()).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return ClusterValidationError{
+					field:  "MaglevLbConfig",
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	case *Cluster_OriginalDstLbConfig_:
+
+		if all {
+			switch v := interface{}(m.GetOriginalDstLbConfig()).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, ClusterValidationError{
+						field:  "OriginalDstLbConfig",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, ClusterValidationError{
+						field:  "OriginalDstLbConfig",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(m.GetOriginalDstLbConfig()).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return ClusterValidationError{
+					field:  "OriginalDstLbConfig",
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	case *Cluster_LeastRequestLbConfig_:
+
+		if all {
+			switch v := interface{}(m.GetLeastRequestLbConfig()).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, ClusterValidationError{
+						field:  "LeastRequestLbConfig",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, ClusterValidationError{
+						field:  "LeastRequestLbConfig",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(m.GetLeastRequestLbConfig()).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return ClusterValidationError{
+					field:  "LeastRequestLbConfig",
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	case *Cluster_RoundRobinLbConfig_:
+
+		if all {
+			switch v := interface{}(m.GetRoundRobinLbConfig()).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, ClusterValidationError{
+						field:  "RoundRobinLbConfig",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, ClusterValidationError{
+						field:  "RoundRobinLbConfig",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(m.GetRoundRobinLbConfig()).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return ClusterValidationError{
+					field:  "RoundRobinLbConfig",
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	}
+
+	if len(errors) > 0 {
+		return ClusterMultiError(errors)
+	}
+	return nil
+}
+
+// ClusterMultiError is an error wrapping multiple validation errors returned
+// by Cluster.ValidateAll() if the designated constraints aren't met.
+type ClusterMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m ClusterMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m ClusterMultiError) AllErrors() []error { return m }
+
+// ClusterValidationError is the validation error returned by Cluster.Validate
+// if the designated constraints aren't met.
+type ClusterValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e ClusterValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e ClusterValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e ClusterValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e ClusterValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e ClusterValidationError) ErrorName() string { return "ClusterValidationError" }
+
+// Error satisfies the builtin error interface
+func (e ClusterValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sCluster.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = ClusterValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = ClusterValidationError{}
+
+// Validate checks the field values on LoadBalancingPolicy with the rules
+// defined in the proto definition for this message. If any rules are
+// violated, the first error encountered is returned, or nil if there are no violations.
+func (m *LoadBalancingPolicy) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on LoadBalancingPolicy with the rules
+// defined in the proto definition for this message. If any rules are
+// violated, the result is a list of violation errors wrapped in
+// LoadBalancingPolicyMultiError, or nil if none found.
+func (m *LoadBalancingPolicy) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *LoadBalancingPolicy) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	for idx, item := range m.GetPolicies() {
+		_, _ = idx, item
+
+		if all {
+			switch v := interface{}(item).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, LoadBalancingPolicyValidationError{
+						field:  fmt.Sprintf("Policies[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, LoadBalancingPolicyValidationError{
+						field:  fmt.Sprintf("Policies[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(item).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return LoadBalancingPolicyValidationError{
+					field:  fmt.Sprintf("Policies[%v]", idx),
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	}
+
+	if len(errors) > 0 {
+		return LoadBalancingPolicyMultiError(errors)
+	}
+	return nil
+}
+
+// LoadBalancingPolicyMultiError is an error wrapping multiple validation
+// errors returned by LoadBalancingPolicy.ValidateAll() if the designated
+// constraints aren't met.
+type LoadBalancingPolicyMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m LoadBalancingPolicyMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m LoadBalancingPolicyMultiError) AllErrors() []error { return m }
+
+// LoadBalancingPolicyValidationError is the validation error returned by
+// LoadBalancingPolicy.Validate if the designated constraints aren't met.
+type LoadBalancingPolicyValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e LoadBalancingPolicyValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e LoadBalancingPolicyValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e LoadBalancingPolicyValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e LoadBalancingPolicyValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e LoadBalancingPolicyValidationError) ErrorName() string {
+	return "LoadBalancingPolicyValidationError"
+}
+
+// Error satisfies the builtin error interface
+func (e LoadBalancingPolicyValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sLoadBalancingPolicy.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = LoadBalancingPolicyValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = LoadBalancingPolicyValidationError{}
+
+// Validate checks the field values on UpstreamBindConfig with the rules
+// defined in the proto definition for this message. If any rules are
+// violated, the first error encountered is returned, or nil if there are no violations.
+func (m *UpstreamBindConfig) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on UpstreamBindConfig with the rules
+// defined in the proto definition for this message. If any rules are
+// violated, the result is a list of violation errors wrapped in
+// UpstreamBindConfigMultiError, or nil if none found.
+func (m *UpstreamBindConfig) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *UpstreamBindConfig) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	if all {
+		switch v := interface{}(m.GetSourceAddress()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, UpstreamBindConfigValidationError{
+					field:  "SourceAddress",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, UpstreamBindConfigValidationError{
+					field:  "SourceAddress",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetSourceAddress()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return UpstreamBindConfigValidationError{
+				field:  "SourceAddress",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if len(errors) > 0 {
+		return UpstreamBindConfigMultiError(errors)
+	}
+	return nil
+}
+
+// UpstreamBindConfigMultiError is an error wrapping multiple validation errors
+// returned by UpstreamBindConfig.ValidateAll() if the designated constraints
+// aren't met.
+type UpstreamBindConfigMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m UpstreamBindConfigMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m UpstreamBindConfigMultiError) AllErrors() []error { return m }
+
+// UpstreamBindConfigValidationError is the validation error returned by
+// UpstreamBindConfig.Validate if the designated constraints aren't met.
+type UpstreamBindConfigValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e UpstreamBindConfigValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e UpstreamBindConfigValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e UpstreamBindConfigValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e UpstreamBindConfigValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e UpstreamBindConfigValidationError) ErrorName() string {
+	return "UpstreamBindConfigValidationError"
+}
+
+// Error satisfies the builtin error interface
+func (e UpstreamBindConfigValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sUpstreamBindConfig.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = UpstreamBindConfigValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = UpstreamBindConfigValidationError{}
+
+// Validate checks the field values on UpstreamConnectionOptions with the rules
+// defined in the proto definition for this message. If any rules are
+// violated, the first error encountered is returned, or nil if there are no violations.
+func (m *UpstreamConnectionOptions) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on UpstreamConnectionOptions with the
+// rules defined in the proto definition for this message. If any rules are
+// violated, the result is a list of violation errors wrapped in
+// UpstreamConnectionOptionsMultiError, or nil if none found.
+func (m *UpstreamConnectionOptions) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *UpstreamConnectionOptions) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	if all {
+		switch v := interface{}(m.GetTcpKeepalive()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, UpstreamConnectionOptionsValidationError{
+					field:  "TcpKeepalive",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, UpstreamConnectionOptionsValidationError{
+					field:  "TcpKeepalive",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetTcpKeepalive()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return UpstreamConnectionOptionsValidationError{
+				field:  "TcpKeepalive",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if len(errors) > 0 {
+		return UpstreamConnectionOptionsMultiError(errors)
+	}
+	return nil
+}
+
+// UpstreamConnectionOptionsMultiError is an error wrapping multiple validation
+// errors returned by UpstreamConnectionOptions.ValidateAll() if the
+// designated constraints aren't met.
+type UpstreamConnectionOptionsMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m UpstreamConnectionOptionsMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m UpstreamConnectionOptionsMultiError) AllErrors() []error { return m }
+
+// UpstreamConnectionOptionsValidationError is the validation error returned by
+// UpstreamConnectionOptions.Validate if the designated constraints aren't met.
+type UpstreamConnectionOptionsValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e UpstreamConnectionOptionsValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e UpstreamConnectionOptionsValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e UpstreamConnectionOptionsValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e UpstreamConnectionOptionsValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e UpstreamConnectionOptionsValidationError) ErrorName() string {
+	return "UpstreamConnectionOptionsValidationError"
+}
+
+// Error satisfies the builtin error interface
+func (e UpstreamConnectionOptionsValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sUpstreamConnectionOptions.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = UpstreamConnectionOptionsValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = UpstreamConnectionOptionsValidationError{}
+
+// Validate checks the field values on TrackClusterStats with the rules defined
+// in the proto definition for this message. If any rules are violated, the
+// first error encountered is returned, or nil if there are no violations.
+func (m *TrackClusterStats) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on TrackClusterStats with the rules
+// defined in the proto definition for this message. If any rules are
+// violated, the result is a list of violation errors wrapped in
+// TrackClusterStatsMultiError, or nil if none found.
+func (m *TrackClusterStats) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *TrackClusterStats) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	// no validation rules for TimeoutBudgets
+
+	// no validation rules for RequestResponseSizes
+
+	if len(errors) > 0 {
+		return TrackClusterStatsMultiError(errors)
+	}
+	return nil
+}
+
+// TrackClusterStatsMultiError is an error wrapping multiple validation errors
+// returned by TrackClusterStats.ValidateAll() if the designated constraints
+// aren't met.
+type TrackClusterStatsMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m TrackClusterStatsMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m TrackClusterStatsMultiError) AllErrors() []error { return m }
+
+// TrackClusterStatsValidationError is the validation error returned by
+// TrackClusterStats.Validate if the designated constraints aren't met.
+type TrackClusterStatsValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e TrackClusterStatsValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e TrackClusterStatsValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e TrackClusterStatsValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e TrackClusterStatsValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e TrackClusterStatsValidationError) ErrorName() string {
+	return "TrackClusterStatsValidationError"
+}
+
+// Error satisfies the builtin error interface
+func (e TrackClusterStatsValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sTrackClusterStats.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = TrackClusterStatsValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = TrackClusterStatsValidationError{}
+
+// Validate checks the field values on Cluster_TransportSocketMatch with the
+// rules defined in the proto definition for this message. If any rules are
+// violated, the first error encountered is returned, or nil if there are no violations.
+func (m *Cluster_TransportSocketMatch) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on Cluster_TransportSocketMatch with the
+// rules defined in the proto definition for this message. If any rules are
+// violated, the result is a list of violation errors wrapped in
+// Cluster_TransportSocketMatchMultiError, or nil if none found.
+func (m *Cluster_TransportSocketMatch) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *Cluster_TransportSocketMatch) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	if utf8.RuneCountInString(m.GetName()) < 1 {
+		err := Cluster_TransportSocketMatchValidationError{
+			field:  "Name",
+			reason: "value length must be at least 1 runes",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+	}
+
+	if all {
+		switch v := interface{}(m.GetMatch()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, Cluster_TransportSocketMatchValidationError{
+					field:  "Match",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, Cluster_TransportSocketMatchValidationError{
+					field:  "Match",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetMatch()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return Cluster_TransportSocketMatchValidationError{
+				field:  "Match",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if all {
+		switch v := interface{}(m.GetTransportSocket()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, Cluster_TransportSocketMatchValidationError{
+					field:  "TransportSocket",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, Cluster_TransportSocketMatchValidationError{
+					field:  "TransportSocket",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetTransportSocket()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return Cluster_TransportSocketMatchValidationError{
+				field:  "TransportSocket",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if len(errors) > 0 {
+		return Cluster_TransportSocketMatchMultiError(errors)
+	}
+	return nil
+}
+
+// Cluster_TransportSocketMatchMultiError is an error wrapping multiple
+// validation errors returned by Cluster_TransportSocketMatch.ValidateAll() if
+// the designated constraints aren't met.
+type Cluster_TransportSocketMatchMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m Cluster_TransportSocketMatchMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m Cluster_TransportSocketMatchMultiError) AllErrors() []error { return m }
+
+// Cluster_TransportSocketMatchValidationError is the validation error returned
+// by Cluster_TransportSocketMatch.Validate if the designated constraints
+// aren't met.
+type Cluster_TransportSocketMatchValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e Cluster_TransportSocketMatchValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e Cluster_TransportSocketMatchValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e Cluster_TransportSocketMatchValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e Cluster_TransportSocketMatchValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e Cluster_TransportSocketMatchValidationError) ErrorName() string {
+	return "Cluster_TransportSocketMatchValidationError"
+}
+
+// Error satisfies the builtin error interface
+func (e Cluster_TransportSocketMatchValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sCluster_TransportSocketMatch.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = Cluster_TransportSocketMatchValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = Cluster_TransportSocketMatchValidationError{}
+
+// Validate checks the field values on Cluster_CustomClusterType with the rules
+// defined in the proto definition for this message. If any rules are
+// violated, the first error encountered is returned, or nil if there are no violations.
+func (m *Cluster_CustomClusterType) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on Cluster_CustomClusterType with the
+// rules defined in the proto definition for this message. If any rules are
+// violated, the result is a list of violation errors wrapped in
+// Cluster_CustomClusterTypeMultiError, or nil if none found.
+func (m *Cluster_CustomClusterType) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *Cluster_CustomClusterType) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	if utf8.RuneCountInString(m.GetName()) < 1 {
+		err := Cluster_CustomClusterTypeValidationError{
+			field:  "Name",
+			reason: "value length must be at least 1 runes",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+	}
+
+	if all {
+		switch v := interface{}(m.GetTypedConfig()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, Cluster_CustomClusterTypeValidationError{
+					field:  "TypedConfig",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, Cluster_CustomClusterTypeValidationError{
+					field:  "TypedConfig",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetTypedConfig()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return Cluster_CustomClusterTypeValidationError{
+				field:  "TypedConfig",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if len(errors) > 0 {
+		return Cluster_CustomClusterTypeMultiError(errors)
+	}
+	return nil
+}
+
+// Cluster_CustomClusterTypeMultiError is an error wrapping multiple validation
+// errors returned by Cluster_CustomClusterType.ValidateAll() if the
+// designated constraints aren't met.
+type Cluster_CustomClusterTypeMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m Cluster_CustomClusterTypeMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m Cluster_CustomClusterTypeMultiError) AllErrors() []error { return m }
+
+// Cluster_CustomClusterTypeValidationError is the validation error returned by
+// Cluster_CustomClusterType.Validate if the designated constraints aren't met.
+type Cluster_CustomClusterTypeValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e Cluster_CustomClusterTypeValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e Cluster_CustomClusterTypeValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e Cluster_CustomClusterTypeValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e Cluster_CustomClusterTypeValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e Cluster_CustomClusterTypeValidationError) ErrorName() string {
+	return "Cluster_CustomClusterTypeValidationError"
+}
+
+// Error satisfies the builtin error interface
+func (e Cluster_CustomClusterTypeValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sCluster_CustomClusterType.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = Cluster_CustomClusterTypeValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = Cluster_CustomClusterTypeValidationError{}
+
+// Validate checks the field values on Cluster_EdsClusterConfig with the rules
+// defined in the proto definition for this message. If any rules are
+// violated, the first error encountered is returned, or nil if there are no violations.
+func (m *Cluster_EdsClusterConfig) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on Cluster_EdsClusterConfig with the
+// rules defined in the proto definition for this message. If any rules are
+// violated, the result is a list of violation errors wrapped in
+// Cluster_EdsClusterConfigMultiError, or nil if none found.
+func (m *Cluster_EdsClusterConfig) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *Cluster_EdsClusterConfig) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	if all {
+		switch v := interface{}(m.GetEdsConfig()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, Cluster_EdsClusterConfigValidationError{
+					field:  "EdsConfig",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, Cluster_EdsClusterConfigValidationError{
+					field:  "EdsConfig",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetEdsConfig()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return Cluster_EdsClusterConfigValidationError{
+				field:  "EdsConfig",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	// no validation rules for ServiceName
+
+	if len(errors) > 0 {
+		return Cluster_EdsClusterConfigMultiError(errors)
+	}
+	return nil
+}
+
+// Cluster_EdsClusterConfigMultiError is an error wrapping multiple validation
+// errors returned by Cluster_EdsClusterConfig.ValidateAll() if the designated
+// constraints aren't met.
+type Cluster_EdsClusterConfigMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m Cluster_EdsClusterConfigMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m Cluster_EdsClusterConfigMultiError) AllErrors() []error { return m }
+
+// Cluster_EdsClusterConfigValidationError is the validation error returned by
+// Cluster_EdsClusterConfig.Validate if the designated constraints aren't met.
+type Cluster_EdsClusterConfigValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e Cluster_EdsClusterConfigValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e Cluster_EdsClusterConfigValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e Cluster_EdsClusterConfigValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e Cluster_EdsClusterConfigValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e Cluster_EdsClusterConfigValidationError) ErrorName() string {
+	return "Cluster_EdsClusterConfigValidationError"
+}
+
+// Error satisfies the builtin error interface
+func (e Cluster_EdsClusterConfigValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sCluster_EdsClusterConfig.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = Cluster_EdsClusterConfigValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = Cluster_EdsClusterConfigValidationError{}
+
+// Validate checks the field values on Cluster_LbSubsetConfig with the rules
+// defined in the proto definition for this message. If any rules are
+// violated, the first error encountered is returned, or nil if there are no violations.
+func (m *Cluster_LbSubsetConfig) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on Cluster_LbSubsetConfig with the rules
+// defined in the proto definition for this message. If any rules are
+// violated, the result is a list of violation errors wrapped in
+// Cluster_LbSubsetConfigMultiError, or nil if none found.
+func (m *Cluster_LbSubsetConfig) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *Cluster_LbSubsetConfig) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	if _, ok := Cluster_LbSubsetConfig_LbSubsetFallbackPolicy_name[int32(m.GetFallbackPolicy())]; !ok {
+		err := Cluster_LbSubsetConfigValidationError{
+			field:  "FallbackPolicy",
+			reason: "value must be one of the defined enum values",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+	}
+
+	if all {
+		switch v := interface{}(m.GetDefaultSubset()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, Cluster_LbSubsetConfigValidationError{
+					field:  "DefaultSubset",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, Cluster_LbSubsetConfigValidationError{
+					field:  "DefaultSubset",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetDefaultSubset()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return Cluster_LbSubsetConfigValidationError{
+				field:  "DefaultSubset",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	for idx, item := range m.GetSubsetSelectors() {
+		_, _ = idx, item
+
+		if all {
+			switch v := interface{}(item).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, Cluster_LbSubsetConfigValidationError{
+						field:  fmt.Sprintf("SubsetSelectors[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, Cluster_LbSubsetConfigValidationError{
+						field:  fmt.Sprintf("SubsetSelectors[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(item).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return Cluster_LbSubsetConfigValidationError{
+					field:  fmt.Sprintf("SubsetSelectors[%v]", idx),
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	}
+
+	// no validation rules for LocalityWeightAware
+
+	// no validation rules for ScaleLocalityWeight
+
+	// no validation rules for PanicModeAny
+
+	// no validation rules for ListAsAny
+
+	if len(errors) > 0 {
+		return Cluster_LbSubsetConfigMultiError(errors)
+	}
+	return nil
+}
+
+// Cluster_LbSubsetConfigMultiError is an error wrapping multiple validation
+// errors returned by Cluster_LbSubsetConfig.ValidateAll() if the designated
+// constraints aren't met.
+type Cluster_LbSubsetConfigMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m Cluster_LbSubsetConfigMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m Cluster_LbSubsetConfigMultiError) AllErrors() []error { return m }
+
+// Cluster_LbSubsetConfigValidationError is the validation error returned by
+// Cluster_LbSubsetConfig.Validate if the designated constraints aren't met.
+type Cluster_LbSubsetConfigValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e Cluster_LbSubsetConfigValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e Cluster_LbSubsetConfigValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e Cluster_LbSubsetConfigValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e Cluster_LbSubsetConfigValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e Cluster_LbSubsetConfigValidationError) ErrorName() string {
+	return "Cluster_LbSubsetConfigValidationError"
+}
+
+// Error satisfies the builtin error interface
+func (e Cluster_LbSubsetConfigValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sCluster_LbSubsetConfig.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = Cluster_LbSubsetConfigValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = Cluster_LbSubsetConfigValidationError{}
+
+// Validate checks the field values on Cluster_SlowStartConfig with the rules
+// defined in the proto definition for this message. If any rules are
+// violated, the first error encountered is returned, or nil if there are no violations.
+func (m *Cluster_SlowStartConfig) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on Cluster_SlowStartConfig with the
+// rules defined in the proto definition for this message. If any rules are
+// violated, the result is a list of violation errors wrapped in
+// Cluster_SlowStartConfigMultiError, or nil if none found.
+func (m *Cluster_SlowStartConfig) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *Cluster_SlowStartConfig) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	if all {
+		switch v := interface{}(m.GetSlowStartWindow()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, Cluster_SlowStartConfigValidationError{
+					field:  "SlowStartWindow",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, Cluster_SlowStartConfigValidationError{
+					field:  "SlowStartWindow",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetSlowStartWindow()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return Cluster_SlowStartConfigValidationError{
+				field:  "SlowStartWindow",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if all {
+		switch v := interface{}(m.GetAggression()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, Cluster_SlowStartConfigValidationError{
+					field:  "Aggression",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, Cluster_SlowStartConfigValidationError{
+					field:  "Aggression",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetAggression()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return Cluster_SlowStartConfigValidationError{
+				field:  "Aggression",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if len(errors) > 0 {
+		return Cluster_SlowStartConfigMultiError(errors)
+	}
+	return nil
+}
+
+// Cluster_SlowStartConfigMultiError is an error wrapping multiple validation
+// errors returned by Cluster_SlowStartConfig.ValidateAll() if the designated
+// constraints aren't met.
+type Cluster_SlowStartConfigMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m Cluster_SlowStartConfigMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m Cluster_SlowStartConfigMultiError) AllErrors() []error { return m }
+
+// Cluster_SlowStartConfigValidationError is the validation error returned by
+// Cluster_SlowStartConfig.Validate if the designated constraints aren't met.
+type Cluster_SlowStartConfigValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e Cluster_SlowStartConfigValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e Cluster_SlowStartConfigValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e Cluster_SlowStartConfigValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e Cluster_SlowStartConfigValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e Cluster_SlowStartConfigValidationError) ErrorName() string {
+	return "Cluster_SlowStartConfigValidationError"
+}
+
+// Error satisfies the builtin error interface
+func (e Cluster_SlowStartConfigValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sCluster_SlowStartConfig.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = Cluster_SlowStartConfigValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = Cluster_SlowStartConfigValidationError{}
+
+// Validate checks the field values on Cluster_RoundRobinLbConfig with the
+// rules defined in the proto definition for this message. If any rules are
+// violated, the first error encountered is returned, or nil if there are no violations.
+func (m *Cluster_RoundRobinLbConfig) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on Cluster_RoundRobinLbConfig with the
+// rules defined in the proto definition for this message. If any rules are
+// violated, the result is a list of violation errors wrapped in
+// Cluster_RoundRobinLbConfigMultiError, or nil if none found.
+func (m *Cluster_RoundRobinLbConfig) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *Cluster_RoundRobinLbConfig) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	if all {
+		switch v := interface{}(m.GetSlowStartConfig()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, Cluster_RoundRobinLbConfigValidationError{
+					field:  "SlowStartConfig",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, Cluster_RoundRobinLbConfigValidationError{
+					field:  "SlowStartConfig",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetSlowStartConfig()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return Cluster_RoundRobinLbConfigValidationError{
+				field:  "SlowStartConfig",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if len(errors) > 0 {
+		return Cluster_RoundRobinLbConfigMultiError(errors)
+	}
+	return nil
+}
+
+// Cluster_RoundRobinLbConfigMultiError is an error wrapping multiple
+// validation errors returned by Cluster_RoundRobinLbConfig.ValidateAll() if
+// the designated constraints aren't met.
+type Cluster_RoundRobinLbConfigMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m Cluster_RoundRobinLbConfigMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m Cluster_RoundRobinLbConfigMultiError) AllErrors() []error { return m }
+
+// Cluster_RoundRobinLbConfigValidationError is the validation error returned
+// by Cluster_RoundRobinLbConfig.Validate if the designated constraints aren't met.
+type Cluster_RoundRobinLbConfigValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e Cluster_RoundRobinLbConfigValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e Cluster_RoundRobinLbConfigValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e Cluster_RoundRobinLbConfigValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e Cluster_RoundRobinLbConfigValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e Cluster_RoundRobinLbConfigValidationError) ErrorName() string {
+	return "Cluster_RoundRobinLbConfigValidationError"
+}
+
+// Error satisfies the builtin error interface
+func (e Cluster_RoundRobinLbConfigValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sCluster_RoundRobinLbConfig.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = Cluster_RoundRobinLbConfigValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = Cluster_RoundRobinLbConfigValidationError{}
+
+// Validate checks the field values on Cluster_LeastRequestLbConfig with the
+// rules defined in the proto definition for this message. If any rules are
+// violated, the first error encountered is returned, or nil if there are no violations.
+func (m *Cluster_LeastRequestLbConfig) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on Cluster_LeastRequestLbConfig with the
+// rules defined in the proto definition for this message. If any rules are
+// violated, the result is a list of violation errors wrapped in
+// Cluster_LeastRequestLbConfigMultiError, or nil if none found.
+func (m *Cluster_LeastRequestLbConfig) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *Cluster_LeastRequestLbConfig) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	if wrapper := m.GetChoiceCount(); wrapper != nil {
+
+		if wrapper.GetValue() < 2 {
+			err := Cluster_LeastRequestLbConfigValidationError{
+				field:  "ChoiceCount",
+				reason: "value must be greater than or equal to 2",
+			}
+			if !all {
+				return err
+			}
+			errors = append(errors, err)
+		}
+
+	}
+
+	if all {
+		switch v := interface{}(m.GetActiveRequestBias()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, Cluster_LeastRequestLbConfigValidationError{
+					field:  "ActiveRequestBias",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, Cluster_LeastRequestLbConfigValidationError{
+					field:  "ActiveRequestBias",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetActiveRequestBias()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return Cluster_LeastRequestLbConfigValidationError{
+				field:  "ActiveRequestBias",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if all {
+		switch v := interface{}(m.GetSlowStartConfig()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, Cluster_LeastRequestLbConfigValidationError{
+					field:  "SlowStartConfig",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, Cluster_LeastRequestLbConfigValidationError{
+					field:  "SlowStartConfig",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetSlowStartConfig()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return Cluster_LeastRequestLbConfigValidationError{
+				field:  "SlowStartConfig",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if len(errors) > 0 {
+		return Cluster_LeastRequestLbConfigMultiError(errors)
+	}
+	return nil
+}
+
+// Cluster_LeastRequestLbConfigMultiError is an error wrapping multiple
+// validation errors returned by Cluster_LeastRequestLbConfig.ValidateAll() if
+// the designated constraints aren't met.
+type Cluster_LeastRequestLbConfigMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m Cluster_LeastRequestLbConfigMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m Cluster_LeastRequestLbConfigMultiError) AllErrors() []error { return m }
+
+// Cluster_LeastRequestLbConfigValidationError is the validation error returned
+// by Cluster_LeastRequestLbConfig.Validate if the designated constraints
+// aren't met.
+type Cluster_LeastRequestLbConfigValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e Cluster_LeastRequestLbConfigValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e Cluster_LeastRequestLbConfigValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e Cluster_LeastRequestLbConfigValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e Cluster_LeastRequestLbConfigValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e Cluster_LeastRequestLbConfigValidationError) ErrorName() string {
+	return "Cluster_LeastRequestLbConfigValidationError"
+}
+
+// Error satisfies the builtin error interface
+func (e Cluster_LeastRequestLbConfigValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sCluster_LeastRequestLbConfig.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = Cluster_LeastRequestLbConfigValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = Cluster_LeastRequestLbConfigValidationError{}
+
+// Validate checks the field values on Cluster_RingHashLbConfig with the rules
+// defined in the proto definition for this message. If any rules are
+// violated, the first error encountered is returned, or nil if there are no violations.
+func (m *Cluster_RingHashLbConfig) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on Cluster_RingHashLbConfig with the
+// rules defined in the proto definition for this message. If any rules are
+// violated, the result is a list of violation errors wrapped in
+// Cluster_RingHashLbConfigMultiError, or nil if none found.
+func (m *Cluster_RingHashLbConfig) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *Cluster_RingHashLbConfig) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	if wrapper := m.GetMinimumRingSize(); wrapper != nil {
+
+		if wrapper.GetValue() > 8388608 {
+			err := Cluster_RingHashLbConfigValidationError{
+				field:  "MinimumRingSize",
+				reason: "value must be less than or equal to 8388608",
+			}
+			if !all {
+				return err
+			}
+			errors = append(errors, err)
+		}
+
+	}
+
+	if _, ok := Cluster_RingHashLbConfig_HashFunction_name[int32(m.GetHashFunction())]; !ok {
+		err := Cluster_RingHashLbConfigValidationError{
+			field:  "HashFunction",
+			reason: "value must be one of the defined enum values",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+	}
+
+	if wrapper := m.GetMaximumRingSize(); wrapper != nil {
+
+		if wrapper.GetValue() > 8388608 {
+			err := Cluster_RingHashLbConfigValidationError{
+				field:  "MaximumRingSize",
+				reason: "value must be less than or equal to 8388608",
+			}
+			if !all {
+				return err
+			}
+			errors = append(errors, err)
+		}
+
+	}
+
+	if len(errors) > 0 {
+		return Cluster_RingHashLbConfigMultiError(errors)
+	}
+	return nil
+}
+
+// Cluster_RingHashLbConfigMultiError is an error wrapping multiple validation
+// errors returned by Cluster_RingHashLbConfig.ValidateAll() if the designated
+// constraints aren't met.
+type Cluster_RingHashLbConfigMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m Cluster_RingHashLbConfigMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m Cluster_RingHashLbConfigMultiError) AllErrors() []error { return m }
+
+// Cluster_RingHashLbConfigValidationError is the validation error returned by
+// Cluster_RingHashLbConfig.Validate if the designated constraints aren't met.
+type Cluster_RingHashLbConfigValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e Cluster_RingHashLbConfigValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e Cluster_RingHashLbConfigValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e Cluster_RingHashLbConfigValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e Cluster_RingHashLbConfigValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e Cluster_RingHashLbConfigValidationError) ErrorName() string {
+	return "Cluster_RingHashLbConfigValidationError"
+}
+
+// Error satisfies the builtin error interface
+func (e Cluster_RingHashLbConfigValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sCluster_RingHashLbConfig.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = Cluster_RingHashLbConfigValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = Cluster_RingHashLbConfigValidationError{}
+
+// Validate checks the field values on Cluster_MaglevLbConfig with the rules
+// defined in the proto definition for this message. If any rules are
+// violated, the first error encountered is returned, or nil if there are no violations.
+func (m *Cluster_MaglevLbConfig) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on Cluster_MaglevLbConfig with the rules
+// defined in the proto definition for this message. If any rules are
+// violated, the result is a list of violation errors wrapped in
+// Cluster_MaglevLbConfigMultiError, or nil if none found.
+func (m *Cluster_MaglevLbConfig) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *Cluster_MaglevLbConfig) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	if wrapper := m.GetTableSize(); wrapper != nil {
+
+		if wrapper.GetValue() > 5000011 {
+			err := Cluster_MaglevLbConfigValidationError{
+				field:  "TableSize",
+				reason: "value must be less than or equal to 5000011",
+			}
+			if !all {
+				return err
+			}
+			errors = append(errors, err)
+		}
+
+	}
+
+	if len(errors) > 0 {
+		return Cluster_MaglevLbConfigMultiError(errors)
+	}
+	return nil
+}
+
+// Cluster_MaglevLbConfigMultiError is an error wrapping multiple validation
+// errors returned by Cluster_MaglevLbConfig.ValidateAll() if the designated
+// constraints aren't met.
+type Cluster_MaglevLbConfigMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m Cluster_MaglevLbConfigMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m Cluster_MaglevLbConfigMultiError) AllErrors() []error { return m }
+
+// Cluster_MaglevLbConfigValidationError is the validation error returned by
+// Cluster_MaglevLbConfig.Validate if the designated constraints aren't met.
+type Cluster_MaglevLbConfigValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e Cluster_MaglevLbConfigValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e Cluster_MaglevLbConfigValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e Cluster_MaglevLbConfigValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e Cluster_MaglevLbConfigValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e Cluster_MaglevLbConfigValidationError) ErrorName() string {
+	return "Cluster_MaglevLbConfigValidationError"
+}
+
+// Error satisfies the builtin error interface
+func (e Cluster_MaglevLbConfigValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sCluster_MaglevLbConfig.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = Cluster_MaglevLbConfigValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = Cluster_MaglevLbConfigValidationError{}
+
+// Validate checks the field values on Cluster_OriginalDstLbConfig with the
+// rules defined in the proto definition for this message. If any rules are
+// violated, the first error encountered is returned, or nil if there are no violations.
+func (m *Cluster_OriginalDstLbConfig) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on Cluster_OriginalDstLbConfig with the
+// rules defined in the proto definition for this message. If any rules are
+// violated, the result is a list of violation errors wrapped in
+// Cluster_OriginalDstLbConfigMultiError, or nil if none found.
+func (m *Cluster_OriginalDstLbConfig) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *Cluster_OriginalDstLbConfig) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	// no validation rules for UseHttpHeader
+
+	if len(errors) > 0 {
+		return Cluster_OriginalDstLbConfigMultiError(errors)
+	}
+	return nil
+}
+
+// Cluster_OriginalDstLbConfigMultiError is an error wrapping multiple
+// validation errors returned by Cluster_OriginalDstLbConfig.ValidateAll() if
+// the designated constraints aren't met.
+type Cluster_OriginalDstLbConfigMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m Cluster_OriginalDstLbConfigMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m Cluster_OriginalDstLbConfigMultiError) AllErrors() []error { return m }
+
+// Cluster_OriginalDstLbConfigValidationError is the validation error returned
+// by Cluster_OriginalDstLbConfig.Validate if the designated constraints
+// aren't met.
+type Cluster_OriginalDstLbConfigValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e Cluster_OriginalDstLbConfigValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e Cluster_OriginalDstLbConfigValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e Cluster_OriginalDstLbConfigValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e Cluster_OriginalDstLbConfigValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e Cluster_OriginalDstLbConfigValidationError) ErrorName() string {
+	return "Cluster_OriginalDstLbConfigValidationError"
+}
+
+// Error satisfies the builtin error interface
+func (e Cluster_OriginalDstLbConfigValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sCluster_OriginalDstLbConfig.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = Cluster_OriginalDstLbConfigValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = Cluster_OriginalDstLbConfigValidationError{}
+
+// Validate checks the field values on Cluster_CommonLbConfig with the rules
+// defined in the proto definition for this message. If any rules are
+// violated, the first error encountered is returned, or nil if there are no violations.
+func (m *Cluster_CommonLbConfig) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on Cluster_CommonLbConfig with the rules
+// defined in the proto definition for this message. If any rules are
+// violated, the result is a list of violation errors wrapped in
+// Cluster_CommonLbConfigMultiError, or nil if none found.
+func (m *Cluster_CommonLbConfig) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *Cluster_CommonLbConfig) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	if all {
+		switch v := interface{}(m.GetHealthyPanicThreshold()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, Cluster_CommonLbConfigValidationError{
+					field:  "HealthyPanicThreshold",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, Cluster_CommonLbConfigValidationError{
+					field:  "HealthyPanicThreshold",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetHealthyPanicThreshold()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return Cluster_CommonLbConfigValidationError{
+				field:  "HealthyPanicThreshold",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if all {
+		switch v := interface{}(m.GetUpdateMergeWindow()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, Cluster_CommonLbConfigValidationError{
+					field:  "UpdateMergeWindow",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, Cluster_CommonLbConfigValidationError{
+					field:  "UpdateMergeWindow",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetUpdateMergeWindow()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return Cluster_CommonLbConfigValidationError{
+				field:  "UpdateMergeWindow",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	// no validation rules for IgnoreNewHostsUntilFirstHc
+
+	// no validation rules for CloseConnectionsOnHostSetChange
+
+	if all {
+		switch v := interface{}(m.GetConsistentHashingLbConfig()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, Cluster_CommonLbConfigValidationError{
+					field:  "ConsistentHashingLbConfig",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, Cluster_CommonLbConfigValidationError{
+					field:  "ConsistentHashingLbConfig",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetConsistentHashingLbConfig()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return Cluster_CommonLbConfigValidationError{
+				field:  "ConsistentHashingLbConfig",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	switch m.LocalityConfigSpecifier.(type) {
+
+	case *Cluster_CommonLbConfig_ZoneAwareLbConfig_:
+
+		if all {
+			switch v := interface{}(m.GetZoneAwareLbConfig()).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, Cluster_CommonLbConfigValidationError{
+						field:  "ZoneAwareLbConfig",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, Cluster_CommonLbConfigValidationError{
+						field:  "ZoneAwareLbConfig",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(m.GetZoneAwareLbConfig()).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return Cluster_CommonLbConfigValidationError{
+					field:  "ZoneAwareLbConfig",
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	case *Cluster_CommonLbConfig_LocalityWeightedLbConfig_:
+
+		if all {
+			switch v := interface{}(m.GetLocalityWeightedLbConfig()).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, Cluster_CommonLbConfigValidationError{
+						field:  "LocalityWeightedLbConfig",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, Cluster_CommonLbConfigValidationError{
+						field:  "LocalityWeightedLbConfig",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(m.GetLocalityWeightedLbConfig()).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return Cluster_CommonLbConfigValidationError{
+					field:  "LocalityWeightedLbConfig",
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	}
+
+	if len(errors) > 0 {
+		return Cluster_CommonLbConfigMultiError(errors)
+	}
+	return nil
+}
+
+// Cluster_CommonLbConfigMultiError is an error wrapping multiple validation
+// errors returned by Cluster_CommonLbConfig.ValidateAll() if the designated
+// constraints aren't met.
+type Cluster_CommonLbConfigMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m Cluster_CommonLbConfigMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m Cluster_CommonLbConfigMultiError) AllErrors() []error { return m }
+
+// Cluster_CommonLbConfigValidationError is the validation error returned by
+// Cluster_CommonLbConfig.Validate if the designated constraints aren't met.
+type Cluster_CommonLbConfigValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e Cluster_CommonLbConfigValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e Cluster_CommonLbConfigValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e Cluster_CommonLbConfigValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e Cluster_CommonLbConfigValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e Cluster_CommonLbConfigValidationError) ErrorName() string {
+	return "Cluster_CommonLbConfigValidationError"
+}
+
+// Error satisfies the builtin error interface
+func (e Cluster_CommonLbConfigValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sCluster_CommonLbConfig.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = Cluster_CommonLbConfigValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = Cluster_CommonLbConfigValidationError{}
+
+// Validate checks the field values on Cluster_RefreshRate with the rules
+// defined in the proto definition for this message. If any rules are
+// violated, the first error encountered is returned, or nil if there are no violations.
+func (m *Cluster_RefreshRate) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on Cluster_RefreshRate with the rules
+// defined in the proto definition for this message. If any rules are
+// violated, the result is a list of violation errors wrapped in
+// Cluster_RefreshRateMultiError, or nil if none found.
+func (m *Cluster_RefreshRate) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *Cluster_RefreshRate) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	if m.GetBaseInterval() == nil {
+		err := Cluster_RefreshRateValidationError{
+			field:  "BaseInterval",
+			reason: "value is required",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+	}
+
+	if d := m.GetBaseInterval(); d != nil {
+		dur, err := d.AsDuration(), d.CheckValid()
+		if err != nil {
+			err = Cluster_RefreshRateValidationError{
+				field:  "BaseInterval",
+				reason: "value is not a valid duration",
+				cause:  err,
+			}
+			if !all {
+				return err
+			}
+			errors = append(errors, err)
+		} else {
+
+			gt := time.Duration(0*time.Second + 1000000*time.Nanosecond)
+
+			if dur <= gt {
+				err := Cluster_RefreshRateValidationError{
+					field:  "BaseInterval",
+					reason: "value must be greater than 1ms",
+				}
+				if !all {
+					return err
+				}
+				errors = append(errors, err)
+			}
+
+		}
+	}
+
+	if d := m.GetMaxInterval(); d != nil {
+		dur, err := d.AsDuration(), d.CheckValid()
+		if err != nil {
+			err = Cluster_RefreshRateValidationError{
+				field:  "MaxInterval",
+				reason: "value is not a valid duration",
+				cause:  err,
+			}
+			if !all {
+				return err
+			}
+			errors = append(errors, err)
+		} else {
+
+			gt := time.Duration(0*time.Second + 1000000*time.Nanosecond)
+
+			if dur <= gt {
+				err := Cluster_RefreshRateValidationError{
+					field:  "MaxInterval",
+					reason: "value must be greater than 1ms",
+				}
+				if !all {
+					return err
+				}
+				errors = append(errors, err)
+			}
+
+		}
+	}
+
+	if len(errors) > 0 {
+		return Cluster_RefreshRateMultiError(errors)
+	}
+	return nil
+}
+
+// Cluster_RefreshRateMultiError is an error wrapping multiple validation
+// errors returned by Cluster_RefreshRate.ValidateAll() if the designated
+// constraints aren't met.
+type Cluster_RefreshRateMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m Cluster_RefreshRateMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m Cluster_RefreshRateMultiError) AllErrors() []error { return m }
+
+// Cluster_RefreshRateValidationError is the validation error returned by
+// Cluster_RefreshRate.Validate if the designated constraints aren't met.
+type Cluster_RefreshRateValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e Cluster_RefreshRateValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e Cluster_RefreshRateValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e Cluster_RefreshRateValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e Cluster_RefreshRateValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e Cluster_RefreshRateValidationError) ErrorName() string {
+	return "Cluster_RefreshRateValidationError"
+}
+
+// Error satisfies the builtin error interface
+func (e Cluster_RefreshRateValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sCluster_RefreshRate.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = Cluster_RefreshRateValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = Cluster_RefreshRateValidationError{}
+
+// Validate checks the field values on Cluster_PreconnectPolicy with the rules
+// defined in the proto definition for this message. If any rules are
+// violated, the first error encountered is returned, or nil if there are no violations.
+func (m *Cluster_PreconnectPolicy) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on Cluster_PreconnectPolicy with the
+// rules defined in the proto definition for this message. If any rules are
+// violated, the result is a list of violation errors wrapped in
+// Cluster_PreconnectPolicyMultiError, or nil if none found.
+func (m *Cluster_PreconnectPolicy) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *Cluster_PreconnectPolicy) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	if wrapper := m.GetPerUpstreamPreconnectRatio(); wrapper != nil {
+
+		if val := wrapper.GetValue(); val < 1 || val > 3 {
+			err := Cluster_PreconnectPolicyValidationError{
+				field:  "PerUpstreamPreconnectRatio",
+				reason: "value must be inside range [1, 3]",
+			}
+			if !all {
+				return err
+			}
+			errors = append(errors, err)
+		}
+
+	}
+
+	if wrapper := m.GetPredictivePreconnectRatio(); wrapper != nil {
+
+		if val := wrapper.GetValue(); val < 1 || val > 3 {
+			err := Cluster_PreconnectPolicyValidationError{
+				field:  "PredictivePreconnectRatio",
+				reason: "value must be inside range [1, 3]",
+			}
+			if !all {
+				return err
+			}
+			errors = append(errors, err)
+		}
+
+	}
+
+	if len(errors) > 0 {
+		return Cluster_PreconnectPolicyMultiError(errors)
+	}
+	return nil
+}
+
+// Cluster_PreconnectPolicyMultiError is an error wrapping multiple validation
+// errors returned by Cluster_PreconnectPolicy.ValidateAll() if the designated
+// constraints aren't met.
+type Cluster_PreconnectPolicyMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m Cluster_PreconnectPolicyMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m Cluster_PreconnectPolicyMultiError) AllErrors() []error { return m }
+
+// Cluster_PreconnectPolicyValidationError is the validation error returned by
+// Cluster_PreconnectPolicy.Validate if the designated constraints aren't met.
+type Cluster_PreconnectPolicyValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e Cluster_PreconnectPolicyValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e Cluster_PreconnectPolicyValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e Cluster_PreconnectPolicyValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e Cluster_PreconnectPolicyValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e Cluster_PreconnectPolicyValidationError) ErrorName() string {
+	return "Cluster_PreconnectPolicyValidationError"
+}
+
+// Error satisfies the builtin error interface
+func (e Cluster_PreconnectPolicyValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sCluster_PreconnectPolicy.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = Cluster_PreconnectPolicyValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = Cluster_PreconnectPolicyValidationError{}
+
+// Validate checks the field values on Cluster_LbSubsetConfig_LbSubsetSelector
+// with the rules defined in the proto definition for this message. If any
+// rules are violated, the first error encountered is returned, or nil if
+// there are no violations.
+func (m *Cluster_LbSubsetConfig_LbSubsetSelector) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on
+// Cluster_LbSubsetConfig_LbSubsetSelector with the rules defined in the proto
+// definition for this message. If any rules are violated, the result is a
+// list of violation errors wrapped in
+// Cluster_LbSubsetConfig_LbSubsetSelectorMultiError, or nil if none found.
+func (m *Cluster_LbSubsetConfig_LbSubsetSelector) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *Cluster_LbSubsetConfig_LbSubsetSelector) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	// no validation rules for SingleHostPerSubset
+
+	if _, ok := Cluster_LbSubsetConfig_LbSubsetSelector_LbSubsetSelectorFallbackPolicy_name[int32(m.GetFallbackPolicy())]; !ok {
+		err := Cluster_LbSubsetConfig_LbSubsetSelectorValidationError{
+			field:  "FallbackPolicy",
+			reason: "value must be one of the defined enum values",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+	}
+
+	if len(errors) > 0 {
+		return Cluster_LbSubsetConfig_LbSubsetSelectorMultiError(errors)
+	}
+	return nil
+}
+
+// Cluster_LbSubsetConfig_LbSubsetSelectorMultiError is an error wrapping
+// multiple validation errors returned by
+// Cluster_LbSubsetConfig_LbSubsetSelector.ValidateAll() if the designated
+// constraints aren't met.
+type Cluster_LbSubsetConfig_LbSubsetSelectorMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m Cluster_LbSubsetConfig_LbSubsetSelectorMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m Cluster_LbSubsetConfig_LbSubsetSelectorMultiError) AllErrors() []error { return m }
+
+// Cluster_LbSubsetConfig_LbSubsetSelectorValidationError is the validation
+// error returned by Cluster_LbSubsetConfig_LbSubsetSelector.Validate if the
+// designated constraints aren't met.
+type Cluster_LbSubsetConfig_LbSubsetSelectorValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e Cluster_LbSubsetConfig_LbSubsetSelectorValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e Cluster_LbSubsetConfig_LbSubsetSelectorValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e Cluster_LbSubsetConfig_LbSubsetSelectorValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e Cluster_LbSubsetConfig_LbSubsetSelectorValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e Cluster_LbSubsetConfig_LbSubsetSelectorValidationError) ErrorName() string {
+	return "Cluster_LbSubsetConfig_LbSubsetSelectorValidationError"
+}
+
+// Error satisfies the builtin error interface
+func (e Cluster_LbSubsetConfig_LbSubsetSelectorValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sCluster_LbSubsetConfig_LbSubsetSelector.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = Cluster_LbSubsetConfig_LbSubsetSelectorValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = Cluster_LbSubsetConfig_LbSubsetSelectorValidationError{}
+
+// Validate checks the field values on Cluster_CommonLbConfig_ZoneAwareLbConfig
+// with the rules defined in the proto definition for this message. If any
+// rules are violated, the first error encountered is returned, or nil if
+// there are no violations.
+func (m *Cluster_CommonLbConfig_ZoneAwareLbConfig) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on
+// Cluster_CommonLbConfig_ZoneAwareLbConfig with the rules defined in the
+// proto definition for this message. If any rules are violated, the result is
+// a list of violation errors wrapped in
+// Cluster_CommonLbConfig_ZoneAwareLbConfigMultiError, or nil if none found.
+func (m *Cluster_CommonLbConfig_ZoneAwareLbConfig) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *Cluster_CommonLbConfig_ZoneAwareLbConfig) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	if all {
+		switch v := interface{}(m.GetRoutingEnabled()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, Cluster_CommonLbConfig_ZoneAwareLbConfigValidationError{
+					field:  "RoutingEnabled",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, Cluster_CommonLbConfig_ZoneAwareLbConfigValidationError{
+					field:  "RoutingEnabled",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetRoutingEnabled()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return Cluster_CommonLbConfig_ZoneAwareLbConfigValidationError{
+				field:  "RoutingEnabled",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if all {
+		switch v := interface{}(m.GetMinClusterSize()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, Cluster_CommonLbConfig_ZoneAwareLbConfigValidationError{
+					field:  "MinClusterSize",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, Cluster_CommonLbConfig_ZoneAwareLbConfigValidationError{
+					field:  "MinClusterSize",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetMinClusterSize()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return Cluster_CommonLbConfig_ZoneAwareLbConfigValidationError{
+				field:  "MinClusterSize",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	// no validation rules for FailTrafficOnPanic
+
+	if len(errors) > 0 {
+		return Cluster_CommonLbConfig_ZoneAwareLbConfigMultiError(errors)
+	}
+	return nil
+}
+
+// Cluster_CommonLbConfig_ZoneAwareLbConfigMultiError is an error wrapping
+// multiple validation errors returned by
+// Cluster_CommonLbConfig_ZoneAwareLbConfig.ValidateAll() if the designated
+// constraints aren't met.
+type Cluster_CommonLbConfig_ZoneAwareLbConfigMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m Cluster_CommonLbConfig_ZoneAwareLbConfigMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m Cluster_CommonLbConfig_ZoneAwareLbConfigMultiError) AllErrors() []error { return m }
+
+// Cluster_CommonLbConfig_ZoneAwareLbConfigValidationError is the validation
+// error returned by Cluster_CommonLbConfig_ZoneAwareLbConfig.Validate if the
+// designated constraints aren't met.
+type Cluster_CommonLbConfig_ZoneAwareLbConfigValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e Cluster_CommonLbConfig_ZoneAwareLbConfigValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e Cluster_CommonLbConfig_ZoneAwareLbConfigValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e Cluster_CommonLbConfig_ZoneAwareLbConfigValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e Cluster_CommonLbConfig_ZoneAwareLbConfigValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e Cluster_CommonLbConfig_ZoneAwareLbConfigValidationError) ErrorName() string {
+	return "Cluster_CommonLbConfig_ZoneAwareLbConfigValidationError"
+}
+
+// Error satisfies the builtin error interface
+func (e Cluster_CommonLbConfig_ZoneAwareLbConfigValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sCluster_CommonLbConfig_ZoneAwareLbConfig.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = Cluster_CommonLbConfig_ZoneAwareLbConfigValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = Cluster_CommonLbConfig_ZoneAwareLbConfigValidationError{}
+
+// Validate checks the field values on
+// Cluster_CommonLbConfig_LocalityWeightedLbConfig with the rules defined in
+// the proto definition for this message. If any rules are violated, the first
+// error encountered is returned, or nil if there are no violations.
+func (m *Cluster_CommonLbConfig_LocalityWeightedLbConfig) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on
+// Cluster_CommonLbConfig_LocalityWeightedLbConfig with the rules defined in
+// the proto definition for this message. If any rules are violated, the
+// result is a list of violation errors wrapped in
+// Cluster_CommonLbConfig_LocalityWeightedLbConfigMultiError, or nil if none found.
+func (m *Cluster_CommonLbConfig_LocalityWeightedLbConfig) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *Cluster_CommonLbConfig_LocalityWeightedLbConfig) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	if len(errors) > 0 {
+		return Cluster_CommonLbConfig_LocalityWeightedLbConfigMultiError(errors)
+	}
+	return nil
+}
+
+// Cluster_CommonLbConfig_LocalityWeightedLbConfigMultiError is an error
+// wrapping multiple validation errors returned by
+// Cluster_CommonLbConfig_LocalityWeightedLbConfig.ValidateAll() if the
+// designated constraints aren't met.
+type Cluster_CommonLbConfig_LocalityWeightedLbConfigMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m Cluster_CommonLbConfig_LocalityWeightedLbConfigMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m Cluster_CommonLbConfig_LocalityWeightedLbConfigMultiError) AllErrors() []error { return m }
+
+// Cluster_CommonLbConfig_LocalityWeightedLbConfigValidationError is the
+// validation error returned by
+// Cluster_CommonLbConfig_LocalityWeightedLbConfig.Validate if the designated
+// constraints aren't met.
+type Cluster_CommonLbConfig_LocalityWeightedLbConfigValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e Cluster_CommonLbConfig_LocalityWeightedLbConfigValidationError) Field() string {
+	return e.field
+}
+
+// Reason function returns reason value.
+func (e Cluster_CommonLbConfig_LocalityWeightedLbConfigValidationError) Reason() string {
+	return e.reason
+}
+
+// Cause function returns cause value.
+func (e Cluster_CommonLbConfig_LocalityWeightedLbConfigValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e Cluster_CommonLbConfig_LocalityWeightedLbConfigValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e Cluster_CommonLbConfig_LocalityWeightedLbConfigValidationError) ErrorName() string {
+	return "Cluster_CommonLbConfig_LocalityWeightedLbConfigValidationError"
+}
+
+// Error satisfies the builtin error interface
+func (e Cluster_CommonLbConfig_LocalityWeightedLbConfigValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sCluster_CommonLbConfig_LocalityWeightedLbConfig.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = Cluster_CommonLbConfig_LocalityWeightedLbConfigValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = Cluster_CommonLbConfig_LocalityWeightedLbConfigValidationError{}
+
+// Validate checks the field values on
+// Cluster_CommonLbConfig_ConsistentHashingLbConfig with the rules defined in
+// the proto definition for this message. If any rules are violated, the first
+// error encountered is returned, or nil if there are no violations.
+func (m *Cluster_CommonLbConfig_ConsistentHashingLbConfig) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on
+// Cluster_CommonLbConfig_ConsistentHashingLbConfig with the rules defined in
+// the proto definition for this message. If any rules are violated, the
+// result is a list of violation errors wrapped in
+// Cluster_CommonLbConfig_ConsistentHashingLbConfigMultiError, or nil if none found.
+func (m *Cluster_CommonLbConfig_ConsistentHashingLbConfig) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *Cluster_CommonLbConfig_ConsistentHashingLbConfig) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	// no validation rules for UseHostnameForHashing
+
+	if wrapper := m.GetHashBalanceFactor(); wrapper != nil {
+
+		if wrapper.GetValue() < 100 {
+			err := Cluster_CommonLbConfig_ConsistentHashingLbConfigValidationError{
+				field:  "HashBalanceFactor",
+				reason: "value must be greater than or equal to 100",
+			}
+			if !all {
+				return err
+			}
+			errors = append(errors, err)
+		}
+
+	}
+
+	if len(errors) > 0 {
+		return Cluster_CommonLbConfig_ConsistentHashingLbConfigMultiError(errors)
+	}
+	return nil
+}
+
+// Cluster_CommonLbConfig_ConsistentHashingLbConfigMultiError is an error
+// wrapping multiple validation errors returned by
+// Cluster_CommonLbConfig_ConsistentHashingLbConfig.ValidateAll() if the
+// designated constraints aren't met.
+type Cluster_CommonLbConfig_ConsistentHashingLbConfigMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m Cluster_CommonLbConfig_ConsistentHashingLbConfigMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m Cluster_CommonLbConfig_ConsistentHashingLbConfigMultiError) AllErrors() []error { return m }
+
+// Cluster_CommonLbConfig_ConsistentHashingLbConfigValidationError is the
+// validation error returned by
+// Cluster_CommonLbConfig_ConsistentHashingLbConfig.Validate if the designated
+// constraints aren't met.
+type Cluster_CommonLbConfig_ConsistentHashingLbConfigValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e Cluster_CommonLbConfig_ConsistentHashingLbConfigValidationError) Field() string {
+	return e.field
+}
+
+// Reason function returns reason value.
+func (e Cluster_CommonLbConfig_ConsistentHashingLbConfigValidationError) Reason() string {
+	return e.reason
+}
+
+// Cause function returns cause value.
+func (e Cluster_CommonLbConfig_ConsistentHashingLbConfigValidationError) Cause() error {
+	return e.cause
+}
+
+// Key function returns key value.
+func (e Cluster_CommonLbConfig_ConsistentHashingLbConfigValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e Cluster_CommonLbConfig_ConsistentHashingLbConfigValidationError) ErrorName() string {
+	return "Cluster_CommonLbConfig_ConsistentHashingLbConfigValidationError"
+}
+
+// Error satisfies the builtin error interface
+func (e Cluster_CommonLbConfig_ConsistentHashingLbConfigValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sCluster_CommonLbConfig_ConsistentHashingLbConfig.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = Cluster_CommonLbConfig_ConsistentHashingLbConfigValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = Cluster_CommonLbConfig_ConsistentHashingLbConfigValidationError{}
+
+// Validate checks the field values on LoadBalancingPolicy_Policy with the
+// rules defined in the proto definition for this message. If any rules are
+// violated, the first error encountered is returned, or nil if there are no violations.
+func (m *LoadBalancingPolicy_Policy) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on LoadBalancingPolicy_Policy with the
+// rules defined in the proto definition for this message. If any rules are
+// violated, the result is a list of violation errors wrapped in
+// LoadBalancingPolicy_PolicyMultiError, or nil if none found.
+func (m *LoadBalancingPolicy_Policy) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *LoadBalancingPolicy_Policy) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	if all {
+		switch v := interface{}(m.GetTypedExtensionConfig()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, LoadBalancingPolicy_PolicyValidationError{
+					field:  "TypedExtensionConfig",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, LoadBalancingPolicy_PolicyValidationError{
+					field:  "TypedExtensionConfig",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetTypedExtensionConfig()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return LoadBalancingPolicy_PolicyValidationError{
+				field:  "TypedExtensionConfig",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if len(errors) > 0 {
+		return LoadBalancingPolicy_PolicyMultiError(errors)
+	}
+	return nil
+}
+
+// LoadBalancingPolicy_PolicyMultiError is an error wrapping multiple
+// validation errors returned by LoadBalancingPolicy_Policy.ValidateAll() if
+// the designated constraints aren't met.
+type LoadBalancingPolicy_PolicyMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m LoadBalancingPolicy_PolicyMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m LoadBalancingPolicy_PolicyMultiError) AllErrors() []error { return m }
+
+// LoadBalancingPolicy_PolicyValidationError is the validation error returned
+// by LoadBalancingPolicy_Policy.Validate if the designated constraints aren't met.
+type LoadBalancingPolicy_PolicyValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e LoadBalancingPolicy_PolicyValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e LoadBalancingPolicy_PolicyValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e LoadBalancingPolicy_PolicyValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e LoadBalancingPolicy_PolicyValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e LoadBalancingPolicy_PolicyValidationError) ErrorName() string {
+	return "LoadBalancingPolicy_PolicyValidationError"
+}
+
+// Error satisfies the builtin error interface
+func (e LoadBalancingPolicy_PolicyValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sLoadBalancingPolicy_Policy.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = LoadBalancingPolicy_PolicyValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = LoadBalancingPolicy_PolicyValidationError{}
diff --git a/vendor/github.com/envoyproxy/go-control-plane/envoy/config/cluster/v3/filter.pb.go b/vendor/github.com/envoyproxy/go-control-plane/envoy/config/cluster/v3/filter.pb.go
new file mode 100644
index 00000000000..d9a127e6f08
--- /dev/null
+++ b/vendor/github.com/envoyproxy/go-control-plane/envoy/config/cluster/v3/filter.pb.go
@@ -0,0 +1,184 @@
+// Code generated by protoc-gen-go. DO NOT EDIT.
+// versions:
+// 	protoc-gen-go v1.25.0
+// 	protoc        v3.19.1
+// source: envoy/config/cluster/v3/filter.proto
+
+package envoy_config_cluster_v3
+
+import (
+	_ "github.com/cncf/xds/go/udpa/annotations"
+	_ "github.com/envoyproxy/protoc-gen-validate/validate"
+	proto "github.com/golang/protobuf/proto"
+	any "github.com/golang/protobuf/ptypes/any"
+	protoreflect "google.golang.org/protobuf/reflect/protoreflect"
+	protoimpl "google.golang.org/protobuf/runtime/protoimpl"
+	reflect "reflect"
+	sync "sync"
+)
+
+const (
+	// Verify that this generated code is sufficiently up-to-date.
+	_ = protoimpl.EnforceVersion(20 - protoimpl.MinVersion)
+	// Verify that runtime/protoimpl is sufficiently up-to-date.
+	_ = protoimpl.EnforceVersion(protoimpl.MaxVersion - 20)
+)
+
+// This is a compile-time assertion that a sufficiently up-to-date version
+// of the legacy proto package is being used.
+const _ = proto.ProtoPackageIsVersion4
+
+type Filter struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// The name of the filter to instantiate. The name must match a
+	// supported upstream filter. Note that Envoy's :ref:`downstream network
+	// filters <config_network_filters>` are not valid upstream filters.
+	Name string `protobuf:"bytes,1,opt,name=name,proto3" json:"name,omitempty"`
+	// Filter specific configuration which depends on the filter being
+	// instantiated. See the supported filters for further documentation.
+	TypedConfig *any.Any `protobuf:"bytes,2,opt,name=typed_config,json=typedConfig,proto3" json:"typed_config,omitempty"`
+}
+
+func (x *Filter) Reset() {
+	*x = Filter{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_config_cluster_v3_filter_proto_msgTypes[0]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *Filter) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*Filter) ProtoMessage() {}
+
+func (x *Filter) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_config_cluster_v3_filter_proto_msgTypes[0]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use Filter.ProtoReflect.Descriptor instead.
+func (*Filter) Descriptor() ([]byte, []int) {
+	return file_envoy_config_cluster_v3_filter_proto_rawDescGZIP(), []int{0}
+}
+
+func (x *Filter) GetName() string {
+	if x != nil {
+		return x.Name
+	}
+	return ""
+}
+
+func (x *Filter) GetTypedConfig() *any.Any {
+	if x != nil {
+		return x.TypedConfig
+	}
+	return nil
+}
+
+var File_envoy_config_cluster_v3_filter_proto protoreflect.FileDescriptor
+
+var file_envoy_config_cluster_v3_filter_proto_rawDesc = []byte{
+	0x0a, 0x24, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2f, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2f, 0x63,
+	0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0x2f, 0x76, 0x33, 0x2f, 0x66, 0x69, 0x6c, 0x74, 0x65, 0x72,
+	0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x12, 0x17, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f,
+	0x6e, 0x66, 0x69, 0x67, 0x2e, 0x63, 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0x2e, 0x76, 0x33, 0x1a,
+	0x19, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2f, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66,
+	0x2f, 0x61, 0x6e, 0x79, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x1d, 0x75, 0x64, 0x70, 0x61,
+	0x2f, 0x61, 0x6e, 0x6e, 0x6f, 0x74, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x2f, 0x73, 0x74, 0x61,
+	0x74, 0x75, 0x73, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x21, 0x75, 0x64, 0x70, 0x61, 0x2f,
+	0x61, 0x6e, 0x6e, 0x6f, 0x74, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x2f, 0x76, 0x65, 0x72, 0x73,
+	0x69, 0x6f, 0x6e, 0x69, 0x6e, 0x67, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x17, 0x76, 0x61,
+	0x6c, 0x69, 0x64, 0x61, 0x74, 0x65, 0x2f, 0x76, 0x61, 0x6c, 0x69, 0x64, 0x61, 0x74, 0x65, 0x2e,
+	0x70, 0x72, 0x6f, 0x74, 0x6f, 0x22, 0x82, 0x01, 0x0a, 0x06, 0x46, 0x69, 0x6c, 0x74, 0x65, 0x72,
+	0x12, 0x1b, 0x0a, 0x04, 0x6e, 0x61, 0x6d, 0x65, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x42, 0x07,
+	0xfa, 0x42, 0x04, 0x72, 0x02, 0x10, 0x01, 0x52, 0x04, 0x6e, 0x61, 0x6d, 0x65, 0x12, 0x37, 0x0a,
+	0x0c, 0x74, 0x79, 0x70, 0x65, 0x64, 0x5f, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x18, 0x02, 0x20,
+	0x01, 0x28, 0x0b, 0x32, 0x14, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f,
+	0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x41, 0x6e, 0x79, 0x52, 0x0b, 0x74, 0x79, 0x70, 0x65, 0x64,
+	0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x3a, 0x22, 0x9a, 0xc5, 0x88, 0x1e, 0x1d, 0x0a, 0x1b, 0x65,
+	0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x76, 0x32, 0x2e, 0x63, 0x6c, 0x75, 0x73,
+	0x74, 0x65, 0x72, 0x2e, 0x46, 0x69, 0x6c, 0x74, 0x65, 0x72, 0x42, 0x3e, 0x0a, 0x25, 0x69, 0x6f,
+	0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x70, 0x72, 0x6f, 0x78, 0x79, 0x2e, 0x65, 0x6e, 0x76, 0x6f,
+	0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x63, 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72,
+	0x2e, 0x76, 0x33, 0x42, 0x0b, 0x46, 0x69, 0x6c, 0x74, 0x65, 0x72, 0x50, 0x72, 0x6f, 0x74, 0x6f,
+	0x50, 0x01, 0xba, 0x80, 0xc8, 0xd1, 0x06, 0x02, 0x10, 0x02, 0x62, 0x06, 0x70, 0x72, 0x6f, 0x74,
+	0x6f, 0x33,
+}
+
+var (
+	file_envoy_config_cluster_v3_filter_proto_rawDescOnce sync.Once
+	file_envoy_config_cluster_v3_filter_proto_rawDescData = file_envoy_config_cluster_v3_filter_proto_rawDesc
+)
+
+func file_envoy_config_cluster_v3_filter_proto_rawDescGZIP() []byte {
+	file_envoy_config_cluster_v3_filter_proto_rawDescOnce.Do(func() {
+		file_envoy_config_cluster_v3_filter_proto_rawDescData = protoimpl.X.CompressGZIP(file_envoy_config_cluster_v3_filter_proto_rawDescData)
+	})
+	return file_envoy_config_cluster_v3_filter_proto_rawDescData
+}
+
+var file_envoy_config_cluster_v3_filter_proto_msgTypes = make([]protoimpl.MessageInfo, 1)
+var file_envoy_config_cluster_v3_filter_proto_goTypes = []interface{}{
+	(*Filter)(nil),  // 0: envoy.config.cluster.v3.Filter
+	(*any.Any)(nil), // 1: google.protobuf.Any
+}
+var file_envoy_config_cluster_v3_filter_proto_depIdxs = []int32{
+	1, // 0: envoy.config.cluster.v3.Filter.typed_config:type_name -> google.protobuf.Any
+	1, // [1:1] is the sub-list for method output_type
+	1, // [1:1] is the sub-list for method input_type
+	1, // [1:1] is the sub-list for extension type_name
+	1, // [1:1] is the sub-list for extension extendee
+	0, // [0:1] is the sub-list for field type_name
+}
+
+func init() { file_envoy_config_cluster_v3_filter_proto_init() }
+func file_envoy_config_cluster_v3_filter_proto_init() {
+	if File_envoy_config_cluster_v3_filter_proto != nil {
+		return
+	}
+	if !protoimpl.UnsafeEnabled {
+		file_envoy_config_cluster_v3_filter_proto_msgTypes[0].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*Filter); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+	}
+	type x struct{}
+	out := protoimpl.TypeBuilder{
+		File: protoimpl.DescBuilder{
+			GoPackagePath: reflect.TypeOf(x{}).PkgPath(),
+			RawDescriptor: file_envoy_config_cluster_v3_filter_proto_rawDesc,
+			NumEnums:      0,
+			NumMessages:   1,
+			NumExtensions: 0,
+			NumServices:   0,
+		},
+		GoTypes:           file_envoy_config_cluster_v3_filter_proto_goTypes,
+		DependencyIndexes: file_envoy_config_cluster_v3_filter_proto_depIdxs,
+		MessageInfos:      file_envoy_config_cluster_v3_filter_proto_msgTypes,
+	}.Build()
+	File_envoy_config_cluster_v3_filter_proto = out.File
+	file_envoy_config_cluster_v3_filter_proto_rawDesc = nil
+	file_envoy_config_cluster_v3_filter_proto_goTypes = nil
+	file_envoy_config_cluster_v3_filter_proto_depIdxs = nil
+}
diff --git a/vendor/github.com/envoyproxy/go-control-plane/envoy/config/cluster/v3/filter.pb.validate.go b/vendor/github.com/envoyproxy/go-control-plane/envoy/config/cluster/v3/filter.pb.validate.go
new file mode 100644
index 00000000000..9347fb85440
--- /dev/null
+++ b/vendor/github.com/envoyproxy/go-control-plane/envoy/config/cluster/v3/filter.pb.validate.go
@@ -0,0 +1,173 @@
+// Code generated by protoc-gen-validate. DO NOT EDIT.
+// source: envoy/config/cluster/v3/filter.proto
+
+package envoy_config_cluster_v3
+
+import (
+	"bytes"
+	"errors"
+	"fmt"
+	"net"
+	"net/mail"
+	"net/url"
+	"regexp"
+	"sort"
+	"strings"
+	"time"
+	"unicode/utf8"
+
+	"google.golang.org/protobuf/types/known/anypb"
+)
+
+// ensure the imports are used
+var (
+	_ = bytes.MinRead
+	_ = errors.New("")
+	_ = fmt.Print
+	_ = utf8.UTFMax
+	_ = (*regexp.Regexp)(nil)
+	_ = (*strings.Reader)(nil)
+	_ = net.IPv4len
+	_ = time.Duration(0)
+	_ = (*url.URL)(nil)
+	_ = (*mail.Address)(nil)
+	_ = anypb.Any{}
+	_ = sort.Sort
+)
+
+// Validate checks the field values on Filter with the rules defined in the
+// proto definition for this message. If any rules are violated, the first
+// error encountered is returned, or nil if there are no violations.
+func (m *Filter) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on Filter with the rules defined in the
+// proto definition for this message. If any rules are violated, the result is
+// a list of violation errors wrapped in FilterMultiError, or nil if none found.
+func (m *Filter) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *Filter) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	if utf8.RuneCountInString(m.GetName()) < 1 {
+		err := FilterValidationError{
+			field:  "Name",
+			reason: "value length must be at least 1 runes",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+	}
+
+	if all {
+		switch v := interface{}(m.GetTypedConfig()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, FilterValidationError{
+					field:  "TypedConfig",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, FilterValidationError{
+					field:  "TypedConfig",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetTypedConfig()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return FilterValidationError{
+				field:  "TypedConfig",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if len(errors) > 0 {
+		return FilterMultiError(errors)
+	}
+	return nil
+}
+
+// FilterMultiError is an error wrapping multiple validation errors returned by
+// Filter.ValidateAll() if the designated constraints aren't met.
+type FilterMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m FilterMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m FilterMultiError) AllErrors() []error { return m }
+
+// FilterValidationError is the validation error returned by Filter.Validate if
+// the designated constraints aren't met.
+type FilterValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e FilterValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e FilterValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e FilterValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e FilterValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e FilterValidationError) ErrorName() string { return "FilterValidationError" }
+
+// Error satisfies the builtin error interface
+func (e FilterValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sFilter.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = FilterValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = FilterValidationError{}
diff --git a/vendor/github.com/envoyproxy/go-control-plane/envoy/config/cluster/v3/outlier_detection.pb.go b/vendor/github.com/envoyproxy/go-control-plane/envoy/config/cluster/v3/outlier_detection.pb.go
new file mode 100644
index 00000000000..bfda8e01141
--- /dev/null
+++ b/vendor/github.com/envoyproxy/go-control-plane/envoy/config/cluster/v3/outlier_detection.pb.go
@@ -0,0 +1,566 @@
+// Code generated by protoc-gen-go. DO NOT EDIT.
+// versions:
+// 	protoc-gen-go v1.25.0
+// 	protoc        v3.19.1
+// source: envoy/config/cluster/v3/outlier_detection.proto
+
+package envoy_config_cluster_v3
+
+import (
+	_ "github.com/cncf/xds/go/udpa/annotations"
+	_ "github.com/envoyproxy/protoc-gen-validate/validate"
+	proto "github.com/golang/protobuf/proto"
+	duration "github.com/golang/protobuf/ptypes/duration"
+	wrappers "github.com/golang/protobuf/ptypes/wrappers"
+	protoreflect "google.golang.org/protobuf/reflect/protoreflect"
+	protoimpl "google.golang.org/protobuf/runtime/protoimpl"
+	reflect "reflect"
+	sync "sync"
+)
+
+const (
+	// Verify that this generated code is sufficiently up-to-date.
+	_ = protoimpl.EnforceVersion(20 - protoimpl.MinVersion)
+	// Verify that runtime/protoimpl is sufficiently up-to-date.
+	_ = protoimpl.EnforceVersion(protoimpl.MaxVersion - 20)
+)
+
+// This is a compile-time assertion that a sufficiently up-to-date version
+// of the legacy proto package is being used.
+const _ = proto.ProtoPackageIsVersion4
+
+// See the :ref:`architecture overview <arch_overview_outlier_detection>` for
+// more information on outlier detection.
+// [#next-free-field: 22]
+type OutlierDetection struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// The number of consecutive 5xx responses or local origin errors that are mapped
+	// to 5xx error codes before a consecutive 5xx ejection
+	// occurs. Defaults to 5.
+	Consecutive_5Xx *wrappers.UInt32Value `protobuf:"bytes,1,opt,name=consecutive_5xx,json=consecutive5xx,proto3" json:"consecutive_5xx,omitempty"`
+	// The time interval between ejection analysis sweeps. This can result in
+	// both new ejections as well as hosts being returned to service. Defaults
+	// to 10000ms or 10s.
+	Interval *duration.Duration `protobuf:"bytes,2,opt,name=interval,proto3" json:"interval,omitempty"`
+	// The base time that a host is ejected for. The real time is equal to the
+	// base time multiplied by the number of times the host has been ejected and is
+	// capped by :ref:`max_ejection_time<envoy_v3_api_field_config.cluster.v3.OutlierDetection.max_ejection_time>`.
+	// Defaults to 30000ms or 30s.
+	BaseEjectionTime *duration.Duration `protobuf:"bytes,3,opt,name=base_ejection_time,json=baseEjectionTime,proto3" json:"base_ejection_time,omitempty"`
+	// The maximum % of an upstream cluster that can be ejected due to outlier
+	// detection. Defaults to 10% but will eject at least one host regardless of the value.
+	MaxEjectionPercent *wrappers.UInt32Value `protobuf:"bytes,4,opt,name=max_ejection_percent,json=maxEjectionPercent,proto3" json:"max_ejection_percent,omitempty"`
+	// The % chance that a host will be actually ejected when an outlier status
+	// is detected through consecutive 5xx. This setting can be used to disable
+	// ejection or to ramp it up slowly. Defaults to 100.
+	EnforcingConsecutive_5Xx *wrappers.UInt32Value `protobuf:"bytes,5,opt,name=enforcing_consecutive_5xx,json=enforcingConsecutive5xx,proto3" json:"enforcing_consecutive_5xx,omitempty"`
+	// The % chance that a host will be actually ejected when an outlier status
+	// is detected through success rate statistics. This setting can be used to
+	// disable ejection or to ramp it up slowly. Defaults to 100.
+	EnforcingSuccessRate *wrappers.UInt32Value `protobuf:"bytes,6,opt,name=enforcing_success_rate,json=enforcingSuccessRate,proto3" json:"enforcing_success_rate,omitempty"`
+	// The number of hosts in a cluster that must have enough request volume to
+	// detect success rate outliers. If the number of hosts is less than this
+	// setting, outlier detection via success rate statistics is not performed
+	// for any host in the cluster. Defaults to 5.
+	SuccessRateMinimumHosts *wrappers.UInt32Value `protobuf:"bytes,7,opt,name=success_rate_minimum_hosts,json=successRateMinimumHosts,proto3" json:"success_rate_minimum_hosts,omitempty"`
+	// The minimum number of total requests that must be collected in one
+	// interval (as defined by the interval duration above) to include this host
+	// in success rate based outlier detection. If the volume is lower than this
+	// setting, outlier detection via success rate statistics is not performed
+	// for that host. Defaults to 100.
+	SuccessRateRequestVolume *wrappers.UInt32Value `protobuf:"bytes,8,opt,name=success_rate_request_volume,json=successRateRequestVolume,proto3" json:"success_rate_request_volume,omitempty"`
+	// This factor is used to determine the ejection threshold for success rate
+	// outlier ejection. The ejection threshold is the difference between the
+	// mean success rate, and the product of this factor and the standard
+	// deviation of the mean success rate: mean - (stdev *
+	// success_rate_stdev_factor). This factor is divided by a thousand to get a
+	// double. That is, if the desired factor is 1.9, the runtime value should
+	// be 1900. Defaults to 1900.
+	SuccessRateStdevFactor *wrappers.UInt32Value `protobuf:"bytes,9,opt,name=success_rate_stdev_factor,json=successRateStdevFactor,proto3" json:"success_rate_stdev_factor,omitempty"`
+	// The number of consecutive gateway failures (502, 503, 504 status codes)
+	// before a consecutive gateway failure ejection occurs. Defaults to 5.
+	ConsecutiveGatewayFailure *wrappers.UInt32Value `protobuf:"bytes,10,opt,name=consecutive_gateway_failure,json=consecutiveGatewayFailure,proto3" json:"consecutive_gateway_failure,omitempty"`
+	// The % chance that a host will be actually ejected when an outlier status
+	// is detected through consecutive gateway failures. This setting can be
+	// used to disable ejection or to ramp it up slowly. Defaults to 0.
+	EnforcingConsecutiveGatewayFailure *wrappers.UInt32Value `protobuf:"bytes,11,opt,name=enforcing_consecutive_gateway_failure,json=enforcingConsecutiveGatewayFailure,proto3" json:"enforcing_consecutive_gateway_failure,omitempty"`
+	// Determines whether to distinguish local origin failures from external errors. If set to true
+	// the following configuration parameters are taken into account:
+	// :ref:`consecutive_local_origin_failure<envoy_v3_api_field_config.cluster.v3.OutlierDetection.consecutive_local_origin_failure>`,
+	// :ref:`enforcing_consecutive_local_origin_failure<envoy_v3_api_field_config.cluster.v3.OutlierDetection.enforcing_consecutive_local_origin_failure>`
+	// and
+	// :ref:`enforcing_local_origin_success_rate<envoy_v3_api_field_config.cluster.v3.OutlierDetection.enforcing_local_origin_success_rate>`.
+	// Defaults to false.
+	SplitExternalLocalOriginErrors bool `protobuf:"varint,12,opt,name=split_external_local_origin_errors,json=splitExternalLocalOriginErrors,proto3" json:"split_external_local_origin_errors,omitempty"`
+	// The number of consecutive locally originated failures before ejection
+	// occurs. Defaults to 5. Parameter takes effect only when
+	// :ref:`split_external_local_origin_errors<envoy_v3_api_field_config.cluster.v3.OutlierDetection.split_external_local_origin_errors>`
+	// is set to true.
+	ConsecutiveLocalOriginFailure *wrappers.UInt32Value `protobuf:"bytes,13,opt,name=consecutive_local_origin_failure,json=consecutiveLocalOriginFailure,proto3" json:"consecutive_local_origin_failure,omitempty"`
+	// The % chance that a host will be actually ejected when an outlier status
+	// is detected through consecutive locally originated failures. This setting can be
+	// used to disable ejection or to ramp it up slowly. Defaults to 100.
+	// Parameter takes effect only when
+	// :ref:`split_external_local_origin_errors<envoy_v3_api_field_config.cluster.v3.OutlierDetection.split_external_local_origin_errors>`
+	// is set to true.
+	EnforcingConsecutiveLocalOriginFailure *wrappers.UInt32Value `protobuf:"bytes,14,opt,name=enforcing_consecutive_local_origin_failure,json=enforcingConsecutiveLocalOriginFailure,proto3" json:"enforcing_consecutive_local_origin_failure,omitempty"`
+	// The % chance that a host will be actually ejected when an outlier status
+	// is detected through success rate statistics for locally originated errors.
+	// This setting can be used to disable ejection or to ramp it up slowly. Defaults to 100.
+	// Parameter takes effect only when
+	// :ref:`split_external_local_origin_errors<envoy_v3_api_field_config.cluster.v3.OutlierDetection.split_external_local_origin_errors>`
+	// is set to true.
+	EnforcingLocalOriginSuccessRate *wrappers.UInt32Value `protobuf:"bytes,15,opt,name=enforcing_local_origin_success_rate,json=enforcingLocalOriginSuccessRate,proto3" json:"enforcing_local_origin_success_rate,omitempty"`
+	// The failure percentage to use when determining failure percentage-based outlier detection. If
+	// the failure percentage of a given host is greater than or equal to this value, it will be
+	// ejected. Defaults to 85.
+	FailurePercentageThreshold *wrappers.UInt32Value `protobuf:"bytes,16,opt,name=failure_percentage_threshold,json=failurePercentageThreshold,proto3" json:"failure_percentage_threshold,omitempty"`
+	// The % chance that a host will be actually ejected when an outlier status is detected through
+	// failure percentage statistics. This setting can be used to disable ejection or to ramp it up
+	// slowly. Defaults to 0.
+	//
+	// [#next-major-version: setting this without setting failure_percentage_threshold should be
+	// invalid in v4.]
+	EnforcingFailurePercentage *wrappers.UInt32Value `protobuf:"bytes,17,opt,name=enforcing_failure_percentage,json=enforcingFailurePercentage,proto3" json:"enforcing_failure_percentage,omitempty"`
+	// The % chance that a host will be actually ejected when an outlier status is detected through
+	// local-origin failure percentage statistics. This setting can be used to disable ejection or to
+	// ramp it up slowly. Defaults to 0.
+	EnforcingFailurePercentageLocalOrigin *wrappers.UInt32Value `protobuf:"bytes,18,opt,name=enforcing_failure_percentage_local_origin,json=enforcingFailurePercentageLocalOrigin,proto3" json:"enforcing_failure_percentage_local_origin,omitempty"`
+	// The minimum number of hosts in a cluster in order to perform failure percentage-based ejection.
+	// If the total number of hosts in the cluster is less than this value, failure percentage-based
+	// ejection will not be performed. Defaults to 5.
+	FailurePercentageMinimumHosts *wrappers.UInt32Value `protobuf:"bytes,19,opt,name=failure_percentage_minimum_hosts,json=failurePercentageMinimumHosts,proto3" json:"failure_percentage_minimum_hosts,omitempty"`
+	// The minimum number of total requests that must be collected in one interval (as defined by the
+	// interval duration above) to perform failure percentage-based ejection for this host. If the
+	// volume is lower than this setting, failure percentage-based ejection will not be performed for
+	// this host. Defaults to 50.
+	FailurePercentageRequestVolume *wrappers.UInt32Value `protobuf:"bytes,20,opt,name=failure_percentage_request_volume,json=failurePercentageRequestVolume,proto3" json:"failure_percentage_request_volume,omitempty"`
+	// The maximum time that a host is ejected for. See :ref:`base_ejection_time<envoy_v3_api_field_config.cluster.v3.OutlierDetection.base_ejection_time>`
+	// for more information. If not specified, the default value (300000ms or 300s) or
+	// :ref:`base_ejection_time<envoy_v3_api_field_config.cluster.v3.OutlierDetection.base_ejection_time>` value is applied, whatever is larger.
+	MaxEjectionTime *duration.Duration `protobuf:"bytes,21,opt,name=max_ejection_time,json=maxEjectionTime,proto3" json:"max_ejection_time,omitempty"`
+}
+
+func (x *OutlierDetection) Reset() {
+	*x = OutlierDetection{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_config_cluster_v3_outlier_detection_proto_msgTypes[0]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *OutlierDetection) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*OutlierDetection) ProtoMessage() {}
+
+func (x *OutlierDetection) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_config_cluster_v3_outlier_detection_proto_msgTypes[0]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use OutlierDetection.ProtoReflect.Descriptor instead.
+func (*OutlierDetection) Descriptor() ([]byte, []int) {
+	return file_envoy_config_cluster_v3_outlier_detection_proto_rawDescGZIP(), []int{0}
+}
+
+func (x *OutlierDetection) GetConsecutive_5Xx() *wrappers.UInt32Value {
+	if x != nil {
+		return x.Consecutive_5Xx
+	}
+	return nil
+}
+
+func (x *OutlierDetection) GetInterval() *duration.Duration {
+	if x != nil {
+		return x.Interval
+	}
+	return nil
+}
+
+func (x *OutlierDetection) GetBaseEjectionTime() *duration.Duration {
+	if x != nil {
+		return x.BaseEjectionTime
+	}
+	return nil
+}
+
+func (x *OutlierDetection) GetMaxEjectionPercent() *wrappers.UInt32Value {
+	if x != nil {
+		return x.MaxEjectionPercent
+	}
+	return nil
+}
+
+func (x *OutlierDetection) GetEnforcingConsecutive_5Xx() *wrappers.UInt32Value {
+	if x != nil {
+		return x.EnforcingConsecutive_5Xx
+	}
+	return nil
+}
+
+func (x *OutlierDetection) GetEnforcingSuccessRate() *wrappers.UInt32Value {
+	if x != nil {
+		return x.EnforcingSuccessRate
+	}
+	return nil
+}
+
+func (x *OutlierDetection) GetSuccessRateMinimumHosts() *wrappers.UInt32Value {
+	if x != nil {
+		return x.SuccessRateMinimumHosts
+	}
+	return nil
+}
+
+func (x *OutlierDetection) GetSuccessRateRequestVolume() *wrappers.UInt32Value {
+	if x != nil {
+		return x.SuccessRateRequestVolume
+	}
+	return nil
+}
+
+func (x *OutlierDetection) GetSuccessRateStdevFactor() *wrappers.UInt32Value {
+	if x != nil {
+		return x.SuccessRateStdevFactor
+	}
+	return nil
+}
+
+func (x *OutlierDetection) GetConsecutiveGatewayFailure() *wrappers.UInt32Value {
+	if x != nil {
+		return x.ConsecutiveGatewayFailure
+	}
+	return nil
+}
+
+func (x *OutlierDetection) GetEnforcingConsecutiveGatewayFailure() *wrappers.UInt32Value {
+	if x != nil {
+		return x.EnforcingConsecutiveGatewayFailure
+	}
+	return nil
+}
+
+func (x *OutlierDetection) GetSplitExternalLocalOriginErrors() bool {
+	if x != nil {
+		return x.SplitExternalLocalOriginErrors
+	}
+	return false
+}
+
+func (x *OutlierDetection) GetConsecutiveLocalOriginFailure() *wrappers.UInt32Value {
+	if x != nil {
+		return x.ConsecutiveLocalOriginFailure
+	}
+	return nil
+}
+
+func (x *OutlierDetection) GetEnforcingConsecutiveLocalOriginFailure() *wrappers.UInt32Value {
+	if x != nil {
+		return x.EnforcingConsecutiveLocalOriginFailure
+	}
+	return nil
+}
+
+func (x *OutlierDetection) GetEnforcingLocalOriginSuccessRate() *wrappers.UInt32Value {
+	if x != nil {
+		return x.EnforcingLocalOriginSuccessRate
+	}
+	return nil
+}
+
+func (x *OutlierDetection) GetFailurePercentageThreshold() *wrappers.UInt32Value {
+	if x != nil {
+		return x.FailurePercentageThreshold
+	}
+	return nil
+}
+
+func (x *OutlierDetection) GetEnforcingFailurePercentage() *wrappers.UInt32Value {
+	if x != nil {
+		return x.EnforcingFailurePercentage
+	}
+	return nil
+}
+
+func (x *OutlierDetection) GetEnforcingFailurePercentageLocalOrigin() *wrappers.UInt32Value {
+	if x != nil {
+		return x.EnforcingFailurePercentageLocalOrigin
+	}
+	return nil
+}
+
+func (x *OutlierDetection) GetFailurePercentageMinimumHosts() *wrappers.UInt32Value {
+	if x != nil {
+		return x.FailurePercentageMinimumHosts
+	}
+	return nil
+}
+
+func (x *OutlierDetection) GetFailurePercentageRequestVolume() *wrappers.UInt32Value {
+	if x != nil {
+		return x.FailurePercentageRequestVolume
+	}
+	return nil
+}
+
+func (x *OutlierDetection) GetMaxEjectionTime() *duration.Duration {
+	if x != nil {
+		return x.MaxEjectionTime
+	}
+	return nil
+}
+
+var File_envoy_config_cluster_v3_outlier_detection_proto protoreflect.FileDescriptor
+
+var file_envoy_config_cluster_v3_outlier_detection_proto_rawDesc = []byte{
+	0x0a, 0x2f, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2f, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2f, 0x63,
+	0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0x2f, 0x76, 0x33, 0x2f, 0x6f, 0x75, 0x74, 0x6c, 0x69, 0x65,
+	0x72, 0x5f, 0x64, 0x65, 0x74, 0x65, 0x63, 0x74, 0x69, 0x6f, 0x6e, 0x2e, 0x70, 0x72, 0x6f, 0x74,
+	0x6f, 0x12, 0x17, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e,
+	0x63, 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0x2e, 0x76, 0x33, 0x1a, 0x1e, 0x67, 0x6f, 0x6f, 0x67,
+	0x6c, 0x65, 0x2f, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2f, 0x64, 0x75, 0x72, 0x61,
+	0x74, 0x69, 0x6f, 0x6e, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x1e, 0x67, 0x6f, 0x6f, 0x67,
+	0x6c, 0x65, 0x2f, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2f, 0x77, 0x72, 0x61, 0x70,
+	0x70, 0x65, 0x72, 0x73, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x1d, 0x75, 0x64, 0x70, 0x61,
+	0x2f, 0x61, 0x6e, 0x6e, 0x6f, 0x74, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x2f, 0x73, 0x74, 0x61,
+	0x74, 0x75, 0x73, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x21, 0x75, 0x64, 0x70, 0x61, 0x2f,
+	0x61, 0x6e, 0x6e, 0x6f, 0x74, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x2f, 0x76, 0x65, 0x72, 0x73,
+	0x69, 0x6f, 0x6e, 0x69, 0x6e, 0x67, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x17, 0x76, 0x61,
+	0x6c, 0x69, 0x64, 0x61, 0x74, 0x65, 0x2f, 0x76, 0x61, 0x6c, 0x69, 0x64, 0x61, 0x74, 0x65, 0x2e,
+	0x70, 0x72, 0x6f, 0x74, 0x6f, 0x22, 0xbd, 0x10, 0x0a, 0x10, 0x4f, 0x75, 0x74, 0x6c, 0x69, 0x65,
+	0x72, 0x44, 0x65, 0x74, 0x65, 0x63, 0x74, 0x69, 0x6f, 0x6e, 0x12, 0x45, 0x0a, 0x0f, 0x63, 0x6f,
+	0x6e, 0x73, 0x65, 0x63, 0x75, 0x74, 0x69, 0x76, 0x65, 0x5f, 0x35, 0x78, 0x78, 0x18, 0x01, 0x20,
+	0x01, 0x28, 0x0b, 0x32, 0x1c, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f,
+	0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x55, 0x49, 0x6e, 0x74, 0x33, 0x32, 0x56, 0x61, 0x6c, 0x75,
+	0x65, 0x52, 0x0e, 0x63, 0x6f, 0x6e, 0x73, 0x65, 0x63, 0x75, 0x74, 0x69, 0x76, 0x65, 0x35, 0x78,
+	0x78, 0x12, 0x3f, 0x0a, 0x08, 0x69, 0x6e, 0x74, 0x65, 0x72, 0x76, 0x61, 0x6c, 0x18, 0x02, 0x20,
+	0x01, 0x28, 0x0b, 0x32, 0x19, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f,
+	0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x44, 0x75, 0x72, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x42, 0x08,
+	0xfa, 0x42, 0x05, 0xaa, 0x01, 0x02, 0x2a, 0x00, 0x52, 0x08, 0x69, 0x6e, 0x74, 0x65, 0x72, 0x76,
+	0x61, 0x6c, 0x12, 0x51, 0x0a, 0x12, 0x62, 0x61, 0x73, 0x65, 0x5f, 0x65, 0x6a, 0x65, 0x63, 0x74,
+	0x69, 0x6f, 0x6e, 0x5f, 0x74, 0x69, 0x6d, 0x65, 0x18, 0x03, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x19,
+	0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66,
+	0x2e, 0x44, 0x75, 0x72, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x42, 0x08, 0xfa, 0x42, 0x05, 0xaa, 0x01,
+	0x02, 0x2a, 0x00, 0x52, 0x10, 0x62, 0x61, 0x73, 0x65, 0x45, 0x6a, 0x65, 0x63, 0x74, 0x69, 0x6f,
+	0x6e, 0x54, 0x69, 0x6d, 0x65, 0x12, 0x57, 0x0a, 0x14, 0x6d, 0x61, 0x78, 0x5f, 0x65, 0x6a, 0x65,
+	0x63, 0x74, 0x69, 0x6f, 0x6e, 0x5f, 0x70, 0x65, 0x72, 0x63, 0x65, 0x6e, 0x74, 0x18, 0x04, 0x20,
+	0x01, 0x28, 0x0b, 0x32, 0x1c, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f,
+	0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x55, 0x49, 0x6e, 0x74, 0x33, 0x32, 0x56, 0x61, 0x6c, 0x75,
+	0x65, 0x42, 0x07, 0xfa, 0x42, 0x04, 0x2a, 0x02, 0x18, 0x64, 0x52, 0x12, 0x6d, 0x61, 0x78, 0x45,
+	0x6a, 0x65, 0x63, 0x74, 0x69, 0x6f, 0x6e, 0x50, 0x65, 0x72, 0x63, 0x65, 0x6e, 0x74, 0x12, 0x61,
+	0x0a, 0x19, 0x65, 0x6e, 0x66, 0x6f, 0x72, 0x63, 0x69, 0x6e, 0x67, 0x5f, 0x63, 0x6f, 0x6e, 0x73,
+	0x65, 0x63, 0x75, 0x74, 0x69, 0x76, 0x65, 0x5f, 0x35, 0x78, 0x78, 0x18, 0x05, 0x20, 0x01, 0x28,
+	0x0b, 0x32, 0x1c, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f,
+	0x62, 0x75, 0x66, 0x2e, 0x55, 0x49, 0x6e, 0x74, 0x33, 0x32, 0x56, 0x61, 0x6c, 0x75, 0x65, 0x42,
+	0x07, 0xfa, 0x42, 0x04, 0x2a, 0x02, 0x18, 0x64, 0x52, 0x17, 0x65, 0x6e, 0x66, 0x6f, 0x72, 0x63,
+	0x69, 0x6e, 0x67, 0x43, 0x6f, 0x6e, 0x73, 0x65, 0x63, 0x75, 0x74, 0x69, 0x76, 0x65, 0x35, 0x78,
+	0x78, 0x12, 0x5b, 0x0a, 0x16, 0x65, 0x6e, 0x66, 0x6f, 0x72, 0x63, 0x69, 0x6e, 0x67, 0x5f, 0x73,
+	0x75, 0x63, 0x63, 0x65, 0x73, 0x73, 0x5f, 0x72, 0x61, 0x74, 0x65, 0x18, 0x06, 0x20, 0x01, 0x28,
+	0x0b, 0x32, 0x1c, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f,
+	0x62, 0x75, 0x66, 0x2e, 0x55, 0x49, 0x6e, 0x74, 0x33, 0x32, 0x56, 0x61, 0x6c, 0x75, 0x65, 0x42,
+	0x07, 0xfa, 0x42, 0x04, 0x2a, 0x02, 0x18, 0x64, 0x52, 0x14, 0x65, 0x6e, 0x66, 0x6f, 0x72, 0x63,
+	0x69, 0x6e, 0x67, 0x53, 0x75, 0x63, 0x63, 0x65, 0x73, 0x73, 0x52, 0x61, 0x74, 0x65, 0x12, 0x59,
+	0x0a, 0x1a, 0x73, 0x75, 0x63, 0x63, 0x65, 0x73, 0x73, 0x5f, 0x72, 0x61, 0x74, 0x65, 0x5f, 0x6d,
+	0x69, 0x6e, 0x69, 0x6d, 0x75, 0x6d, 0x5f, 0x68, 0x6f, 0x73, 0x74, 0x73, 0x18, 0x07, 0x20, 0x01,
+	0x28, 0x0b, 0x32, 0x1c, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74,
+	0x6f, 0x62, 0x75, 0x66, 0x2e, 0x55, 0x49, 0x6e, 0x74, 0x33, 0x32, 0x56, 0x61, 0x6c, 0x75, 0x65,
+	0x52, 0x17, 0x73, 0x75, 0x63, 0x63, 0x65, 0x73, 0x73, 0x52, 0x61, 0x74, 0x65, 0x4d, 0x69, 0x6e,
+	0x69, 0x6d, 0x75, 0x6d, 0x48, 0x6f, 0x73, 0x74, 0x73, 0x12, 0x5b, 0x0a, 0x1b, 0x73, 0x75, 0x63,
+	0x63, 0x65, 0x73, 0x73, 0x5f, 0x72, 0x61, 0x74, 0x65, 0x5f, 0x72, 0x65, 0x71, 0x75, 0x65, 0x73,
+	0x74, 0x5f, 0x76, 0x6f, 0x6c, 0x75, 0x6d, 0x65, 0x18, 0x08, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1c,
+	0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66,
+	0x2e, 0x55, 0x49, 0x6e, 0x74, 0x33, 0x32, 0x56, 0x61, 0x6c, 0x75, 0x65, 0x52, 0x18, 0x73, 0x75,
+	0x63, 0x63, 0x65, 0x73, 0x73, 0x52, 0x61, 0x74, 0x65, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74,
+	0x56, 0x6f, 0x6c, 0x75, 0x6d, 0x65, 0x12, 0x57, 0x0a, 0x19, 0x73, 0x75, 0x63, 0x63, 0x65, 0x73,
+	0x73, 0x5f, 0x72, 0x61, 0x74, 0x65, 0x5f, 0x73, 0x74, 0x64, 0x65, 0x76, 0x5f, 0x66, 0x61, 0x63,
+	0x74, 0x6f, 0x72, 0x18, 0x09, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1c, 0x2e, 0x67, 0x6f, 0x6f, 0x67,
+	0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x55, 0x49, 0x6e, 0x74,
+	0x33, 0x32, 0x56, 0x61, 0x6c, 0x75, 0x65, 0x52, 0x16, 0x73, 0x75, 0x63, 0x63, 0x65, 0x73, 0x73,
+	0x52, 0x61, 0x74, 0x65, 0x53, 0x74, 0x64, 0x65, 0x76, 0x46, 0x61, 0x63, 0x74, 0x6f, 0x72, 0x12,
+	0x5c, 0x0a, 0x1b, 0x63, 0x6f, 0x6e, 0x73, 0x65, 0x63, 0x75, 0x74, 0x69, 0x76, 0x65, 0x5f, 0x67,
+	0x61, 0x74, 0x65, 0x77, 0x61, 0x79, 0x5f, 0x66, 0x61, 0x69, 0x6c, 0x75, 0x72, 0x65, 0x18, 0x0a,
+	0x20, 0x01, 0x28, 0x0b, 0x32, 0x1c, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72,
+	0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x55, 0x49, 0x6e, 0x74, 0x33, 0x32, 0x56, 0x61, 0x6c,
+	0x75, 0x65, 0x52, 0x19, 0x63, 0x6f, 0x6e, 0x73, 0x65, 0x63, 0x75, 0x74, 0x69, 0x76, 0x65, 0x47,
+	0x61, 0x74, 0x65, 0x77, 0x61, 0x79, 0x46, 0x61, 0x69, 0x6c, 0x75, 0x72, 0x65, 0x12, 0x78, 0x0a,
+	0x25, 0x65, 0x6e, 0x66, 0x6f, 0x72, 0x63, 0x69, 0x6e, 0x67, 0x5f, 0x63, 0x6f, 0x6e, 0x73, 0x65,
+	0x63, 0x75, 0x74, 0x69, 0x76, 0x65, 0x5f, 0x67, 0x61, 0x74, 0x65, 0x77, 0x61, 0x79, 0x5f, 0x66,
+	0x61, 0x69, 0x6c, 0x75, 0x72, 0x65, 0x18, 0x0b, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1c, 0x2e, 0x67,
+	0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x55,
+	0x49, 0x6e, 0x74, 0x33, 0x32, 0x56, 0x61, 0x6c, 0x75, 0x65, 0x42, 0x07, 0xfa, 0x42, 0x04, 0x2a,
+	0x02, 0x18, 0x64, 0x52, 0x22, 0x65, 0x6e, 0x66, 0x6f, 0x72, 0x63, 0x69, 0x6e, 0x67, 0x43, 0x6f,
+	0x6e, 0x73, 0x65, 0x63, 0x75, 0x74, 0x69, 0x76, 0x65, 0x47, 0x61, 0x74, 0x65, 0x77, 0x61, 0x79,
+	0x46, 0x61, 0x69, 0x6c, 0x75, 0x72, 0x65, 0x12, 0x4a, 0x0a, 0x22, 0x73, 0x70, 0x6c, 0x69, 0x74,
+	0x5f, 0x65, 0x78, 0x74, 0x65, 0x72, 0x6e, 0x61, 0x6c, 0x5f, 0x6c, 0x6f, 0x63, 0x61, 0x6c, 0x5f,
+	0x6f, 0x72, 0x69, 0x67, 0x69, 0x6e, 0x5f, 0x65, 0x72, 0x72, 0x6f, 0x72, 0x73, 0x18, 0x0c, 0x20,
+	0x01, 0x28, 0x08, 0x52, 0x1e, 0x73, 0x70, 0x6c, 0x69, 0x74, 0x45, 0x78, 0x74, 0x65, 0x72, 0x6e,
+	0x61, 0x6c, 0x4c, 0x6f, 0x63, 0x61, 0x6c, 0x4f, 0x72, 0x69, 0x67, 0x69, 0x6e, 0x45, 0x72, 0x72,
+	0x6f, 0x72, 0x73, 0x12, 0x65, 0x0a, 0x20, 0x63, 0x6f, 0x6e, 0x73, 0x65, 0x63, 0x75, 0x74, 0x69,
+	0x76, 0x65, 0x5f, 0x6c, 0x6f, 0x63, 0x61, 0x6c, 0x5f, 0x6f, 0x72, 0x69, 0x67, 0x69, 0x6e, 0x5f,
+	0x66, 0x61, 0x69, 0x6c, 0x75, 0x72, 0x65, 0x18, 0x0d, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1c, 0x2e,
+	0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e,
+	0x55, 0x49, 0x6e, 0x74, 0x33, 0x32, 0x56, 0x61, 0x6c, 0x75, 0x65, 0x52, 0x1d, 0x63, 0x6f, 0x6e,
+	0x73, 0x65, 0x63, 0x75, 0x74, 0x69, 0x76, 0x65, 0x4c, 0x6f, 0x63, 0x61, 0x6c, 0x4f, 0x72, 0x69,
+	0x67, 0x69, 0x6e, 0x46, 0x61, 0x69, 0x6c, 0x75, 0x72, 0x65, 0x12, 0x81, 0x01, 0x0a, 0x2a, 0x65,
+	0x6e, 0x66, 0x6f, 0x72, 0x63, 0x69, 0x6e, 0x67, 0x5f, 0x63, 0x6f, 0x6e, 0x73, 0x65, 0x63, 0x75,
+	0x74, 0x69, 0x76, 0x65, 0x5f, 0x6c, 0x6f, 0x63, 0x61, 0x6c, 0x5f, 0x6f, 0x72, 0x69, 0x67, 0x69,
+	0x6e, 0x5f, 0x66, 0x61, 0x69, 0x6c, 0x75, 0x72, 0x65, 0x18, 0x0e, 0x20, 0x01, 0x28, 0x0b, 0x32,
+	0x1c, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75,
+	0x66, 0x2e, 0x55, 0x49, 0x6e, 0x74, 0x33, 0x32, 0x56, 0x61, 0x6c, 0x75, 0x65, 0x42, 0x07, 0xfa,
+	0x42, 0x04, 0x2a, 0x02, 0x18, 0x64, 0x52, 0x26, 0x65, 0x6e, 0x66, 0x6f, 0x72, 0x63, 0x69, 0x6e,
+	0x67, 0x43, 0x6f, 0x6e, 0x73, 0x65, 0x63, 0x75, 0x74, 0x69, 0x76, 0x65, 0x4c, 0x6f, 0x63, 0x61,
+	0x6c, 0x4f, 0x72, 0x69, 0x67, 0x69, 0x6e, 0x46, 0x61, 0x69, 0x6c, 0x75, 0x72, 0x65, 0x12, 0x73,
+	0x0a, 0x23, 0x65, 0x6e, 0x66, 0x6f, 0x72, 0x63, 0x69, 0x6e, 0x67, 0x5f, 0x6c, 0x6f, 0x63, 0x61,
+	0x6c, 0x5f, 0x6f, 0x72, 0x69, 0x67, 0x69, 0x6e, 0x5f, 0x73, 0x75, 0x63, 0x63, 0x65, 0x73, 0x73,
+	0x5f, 0x72, 0x61, 0x74, 0x65, 0x18, 0x0f, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1c, 0x2e, 0x67, 0x6f,
+	0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x55, 0x49,
+	0x6e, 0x74, 0x33, 0x32, 0x56, 0x61, 0x6c, 0x75, 0x65, 0x42, 0x07, 0xfa, 0x42, 0x04, 0x2a, 0x02,
+	0x18, 0x64, 0x52, 0x1f, 0x65, 0x6e, 0x66, 0x6f, 0x72, 0x63, 0x69, 0x6e, 0x67, 0x4c, 0x6f, 0x63,
+	0x61, 0x6c, 0x4f, 0x72, 0x69, 0x67, 0x69, 0x6e, 0x53, 0x75, 0x63, 0x63, 0x65, 0x73, 0x73, 0x52,
+	0x61, 0x74, 0x65, 0x12, 0x67, 0x0a, 0x1c, 0x66, 0x61, 0x69, 0x6c, 0x75, 0x72, 0x65, 0x5f, 0x70,
+	0x65, 0x72, 0x63, 0x65, 0x6e, 0x74, 0x61, 0x67, 0x65, 0x5f, 0x74, 0x68, 0x72, 0x65, 0x73, 0x68,
+	0x6f, 0x6c, 0x64, 0x18, 0x10, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1c, 0x2e, 0x67, 0x6f, 0x6f, 0x67,
+	0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x55, 0x49, 0x6e, 0x74,
+	0x33, 0x32, 0x56, 0x61, 0x6c, 0x75, 0x65, 0x42, 0x07, 0xfa, 0x42, 0x04, 0x2a, 0x02, 0x18, 0x64,
+	0x52, 0x1a, 0x66, 0x61, 0x69, 0x6c, 0x75, 0x72, 0x65, 0x50, 0x65, 0x72, 0x63, 0x65, 0x6e, 0x74,
+	0x61, 0x67, 0x65, 0x54, 0x68, 0x72, 0x65, 0x73, 0x68, 0x6f, 0x6c, 0x64, 0x12, 0x67, 0x0a, 0x1c,
+	0x65, 0x6e, 0x66, 0x6f, 0x72, 0x63, 0x69, 0x6e, 0x67, 0x5f, 0x66, 0x61, 0x69, 0x6c, 0x75, 0x72,
+	0x65, 0x5f, 0x70, 0x65, 0x72, 0x63, 0x65, 0x6e, 0x74, 0x61, 0x67, 0x65, 0x18, 0x11, 0x20, 0x01,
+	0x28, 0x0b, 0x32, 0x1c, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74,
+	0x6f, 0x62, 0x75, 0x66, 0x2e, 0x55, 0x49, 0x6e, 0x74, 0x33, 0x32, 0x56, 0x61, 0x6c, 0x75, 0x65,
+	0x42, 0x07, 0xfa, 0x42, 0x04, 0x2a, 0x02, 0x18, 0x64, 0x52, 0x1a, 0x65, 0x6e, 0x66, 0x6f, 0x72,
+	0x63, 0x69, 0x6e, 0x67, 0x46, 0x61, 0x69, 0x6c, 0x75, 0x72, 0x65, 0x50, 0x65, 0x72, 0x63, 0x65,
+	0x6e, 0x74, 0x61, 0x67, 0x65, 0x12, 0x7f, 0x0a, 0x29, 0x65, 0x6e, 0x66, 0x6f, 0x72, 0x63, 0x69,
+	0x6e, 0x67, 0x5f, 0x66, 0x61, 0x69, 0x6c, 0x75, 0x72, 0x65, 0x5f, 0x70, 0x65, 0x72, 0x63, 0x65,
+	0x6e, 0x74, 0x61, 0x67, 0x65, 0x5f, 0x6c, 0x6f, 0x63, 0x61, 0x6c, 0x5f, 0x6f, 0x72, 0x69, 0x67,
+	0x69, 0x6e, 0x18, 0x12, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1c, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c,
+	0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x55, 0x49, 0x6e, 0x74, 0x33,
+	0x32, 0x56, 0x61, 0x6c, 0x75, 0x65, 0x42, 0x07, 0xfa, 0x42, 0x04, 0x2a, 0x02, 0x18, 0x64, 0x52,
+	0x25, 0x65, 0x6e, 0x66, 0x6f, 0x72, 0x63, 0x69, 0x6e, 0x67, 0x46, 0x61, 0x69, 0x6c, 0x75, 0x72,
+	0x65, 0x50, 0x65, 0x72, 0x63, 0x65, 0x6e, 0x74, 0x61, 0x67, 0x65, 0x4c, 0x6f, 0x63, 0x61, 0x6c,
+	0x4f, 0x72, 0x69, 0x67, 0x69, 0x6e, 0x12, 0x65, 0x0a, 0x20, 0x66, 0x61, 0x69, 0x6c, 0x75, 0x72,
+	0x65, 0x5f, 0x70, 0x65, 0x72, 0x63, 0x65, 0x6e, 0x74, 0x61, 0x67, 0x65, 0x5f, 0x6d, 0x69, 0x6e,
+	0x69, 0x6d, 0x75, 0x6d, 0x5f, 0x68, 0x6f, 0x73, 0x74, 0x73, 0x18, 0x13, 0x20, 0x01, 0x28, 0x0b,
+	0x32, 0x1c, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62,
+	0x75, 0x66, 0x2e, 0x55, 0x49, 0x6e, 0x74, 0x33, 0x32, 0x56, 0x61, 0x6c, 0x75, 0x65, 0x52, 0x1d,
+	0x66, 0x61, 0x69, 0x6c, 0x75, 0x72, 0x65, 0x50, 0x65, 0x72, 0x63, 0x65, 0x6e, 0x74, 0x61, 0x67,
+	0x65, 0x4d, 0x69, 0x6e, 0x69, 0x6d, 0x75, 0x6d, 0x48, 0x6f, 0x73, 0x74, 0x73, 0x12, 0x67, 0x0a,
+	0x21, 0x66, 0x61, 0x69, 0x6c, 0x75, 0x72, 0x65, 0x5f, 0x70, 0x65, 0x72, 0x63, 0x65, 0x6e, 0x74,
+	0x61, 0x67, 0x65, 0x5f, 0x72, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x5f, 0x76, 0x6f, 0x6c, 0x75,
+	0x6d, 0x65, 0x18, 0x14, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1c, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c,
+	0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x55, 0x49, 0x6e, 0x74, 0x33,
+	0x32, 0x56, 0x61, 0x6c, 0x75, 0x65, 0x52, 0x1e, 0x66, 0x61, 0x69, 0x6c, 0x75, 0x72, 0x65, 0x50,
+	0x65, 0x72, 0x63, 0x65, 0x6e, 0x74, 0x61, 0x67, 0x65, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74,
+	0x56, 0x6f, 0x6c, 0x75, 0x6d, 0x65, 0x12, 0x4f, 0x0a, 0x11, 0x6d, 0x61, 0x78, 0x5f, 0x65, 0x6a,
+	0x65, 0x63, 0x74, 0x69, 0x6f, 0x6e, 0x5f, 0x74, 0x69, 0x6d, 0x65, 0x18, 0x15, 0x20, 0x01, 0x28,
+	0x0b, 0x32, 0x19, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f,
+	0x62, 0x75, 0x66, 0x2e, 0x44, 0x75, 0x72, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x42, 0x08, 0xfa, 0x42,
+	0x05, 0xaa, 0x01, 0x02, 0x2a, 0x00, 0x52, 0x0f, 0x6d, 0x61, 0x78, 0x45, 0x6a, 0x65, 0x63, 0x74,
+	0x69, 0x6f, 0x6e, 0x54, 0x69, 0x6d, 0x65, 0x3a, 0x2c, 0x9a, 0xc5, 0x88, 0x1e, 0x27, 0x0a, 0x25,
+	0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x76, 0x32, 0x2e, 0x63, 0x6c, 0x75,
+	0x73, 0x74, 0x65, 0x72, 0x2e, 0x4f, 0x75, 0x74, 0x6c, 0x69, 0x65, 0x72, 0x44, 0x65, 0x74, 0x65,
+	0x63, 0x74, 0x69, 0x6f, 0x6e, 0x42, 0x48, 0x0a, 0x25, 0x69, 0x6f, 0x2e, 0x65, 0x6e, 0x76, 0x6f,
+	0x79, 0x70, 0x72, 0x6f, 0x78, 0x79, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e,
+	0x66, 0x69, 0x67, 0x2e, 0x63, 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0x2e, 0x76, 0x33, 0x42, 0x15,
+	0x4f, 0x75, 0x74, 0x6c, 0x69, 0x65, 0x72, 0x44, 0x65, 0x74, 0x65, 0x63, 0x74, 0x69, 0x6f, 0x6e,
+	0x50, 0x72, 0x6f, 0x74, 0x6f, 0x50, 0x01, 0xba, 0x80, 0xc8, 0xd1, 0x06, 0x02, 0x10, 0x02, 0x62,
+	0x06, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x33,
+}
+
+var (
+	file_envoy_config_cluster_v3_outlier_detection_proto_rawDescOnce sync.Once
+	file_envoy_config_cluster_v3_outlier_detection_proto_rawDescData = file_envoy_config_cluster_v3_outlier_detection_proto_rawDesc
+)
+
+func file_envoy_config_cluster_v3_outlier_detection_proto_rawDescGZIP() []byte {
+	file_envoy_config_cluster_v3_outlier_detection_proto_rawDescOnce.Do(func() {
+		file_envoy_config_cluster_v3_outlier_detection_proto_rawDescData = protoimpl.X.CompressGZIP(file_envoy_config_cluster_v3_outlier_detection_proto_rawDescData)
+	})
+	return file_envoy_config_cluster_v3_outlier_detection_proto_rawDescData
+}
+
+var file_envoy_config_cluster_v3_outlier_detection_proto_msgTypes = make([]protoimpl.MessageInfo, 1)
+var file_envoy_config_cluster_v3_outlier_detection_proto_goTypes = []interface{}{
+	(*OutlierDetection)(nil),     // 0: envoy.config.cluster.v3.OutlierDetection
+	(*wrappers.UInt32Value)(nil), // 1: google.protobuf.UInt32Value
+	(*duration.Duration)(nil),    // 2: google.protobuf.Duration
+}
+var file_envoy_config_cluster_v3_outlier_detection_proto_depIdxs = []int32{
+	1,  // 0: envoy.config.cluster.v3.OutlierDetection.consecutive_5xx:type_name -> google.protobuf.UInt32Value
+	2,  // 1: envoy.config.cluster.v3.OutlierDetection.interval:type_name -> google.protobuf.Duration
+	2,  // 2: envoy.config.cluster.v3.OutlierDetection.base_ejection_time:type_name -> google.protobuf.Duration
+	1,  // 3: envoy.config.cluster.v3.OutlierDetection.max_ejection_percent:type_name -> google.protobuf.UInt32Value
+	1,  // 4: envoy.config.cluster.v3.OutlierDetection.enforcing_consecutive_5xx:type_name -> google.protobuf.UInt32Value
+	1,  // 5: envoy.config.cluster.v3.OutlierDetection.enforcing_success_rate:type_name -> google.protobuf.UInt32Value
+	1,  // 6: envoy.config.cluster.v3.OutlierDetection.success_rate_minimum_hosts:type_name -> google.protobuf.UInt32Value
+	1,  // 7: envoy.config.cluster.v3.OutlierDetection.success_rate_request_volume:type_name -> google.protobuf.UInt32Value
+	1,  // 8: envoy.config.cluster.v3.OutlierDetection.success_rate_stdev_factor:type_name -> google.protobuf.UInt32Value
+	1,  // 9: envoy.config.cluster.v3.OutlierDetection.consecutive_gateway_failure:type_name -> google.protobuf.UInt32Value
+	1,  // 10: envoy.config.cluster.v3.OutlierDetection.enforcing_consecutive_gateway_failure:type_name -> google.protobuf.UInt32Value
+	1,  // 11: envoy.config.cluster.v3.OutlierDetection.consecutive_local_origin_failure:type_name -> google.protobuf.UInt32Value
+	1,  // 12: envoy.config.cluster.v3.OutlierDetection.enforcing_consecutive_local_origin_failure:type_name -> google.protobuf.UInt32Value
+	1,  // 13: envoy.config.cluster.v3.OutlierDetection.enforcing_local_origin_success_rate:type_name -> google.protobuf.UInt32Value
+	1,  // 14: envoy.config.cluster.v3.OutlierDetection.failure_percentage_threshold:type_name -> google.protobuf.UInt32Value
+	1,  // 15: envoy.config.cluster.v3.OutlierDetection.enforcing_failure_percentage:type_name -> google.protobuf.UInt32Value
+	1,  // 16: envoy.config.cluster.v3.OutlierDetection.enforcing_failure_percentage_local_origin:type_name -> google.protobuf.UInt32Value
+	1,  // 17: envoy.config.cluster.v3.OutlierDetection.failure_percentage_minimum_hosts:type_name -> google.protobuf.UInt32Value
+	1,  // 18: envoy.config.cluster.v3.OutlierDetection.failure_percentage_request_volume:type_name -> google.protobuf.UInt32Value
+	2,  // 19: envoy.config.cluster.v3.OutlierDetection.max_ejection_time:type_name -> google.protobuf.Duration
+	20, // [20:20] is the sub-list for method output_type
+	20, // [20:20] is the sub-list for method input_type
+	20, // [20:20] is the sub-list for extension type_name
+	20, // [20:20] is the sub-list for extension extendee
+	0,  // [0:20] is the sub-list for field type_name
+}
+
+func init() { file_envoy_config_cluster_v3_outlier_detection_proto_init() }
+func file_envoy_config_cluster_v3_outlier_detection_proto_init() {
+	if File_envoy_config_cluster_v3_outlier_detection_proto != nil {
+		return
+	}
+	if !protoimpl.UnsafeEnabled {
+		file_envoy_config_cluster_v3_outlier_detection_proto_msgTypes[0].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*OutlierDetection); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+	}
+	type x struct{}
+	out := protoimpl.TypeBuilder{
+		File: protoimpl.DescBuilder{
+			GoPackagePath: reflect.TypeOf(x{}).PkgPath(),
+			RawDescriptor: file_envoy_config_cluster_v3_outlier_detection_proto_rawDesc,
+			NumEnums:      0,
+			NumMessages:   1,
+			NumExtensions: 0,
+			NumServices:   0,
+		},
+		GoTypes:           file_envoy_config_cluster_v3_outlier_detection_proto_goTypes,
+		DependencyIndexes: file_envoy_config_cluster_v3_outlier_detection_proto_depIdxs,
+		MessageInfos:      file_envoy_config_cluster_v3_outlier_detection_proto_msgTypes,
+	}.Build()
+	File_envoy_config_cluster_v3_outlier_detection_proto = out.File
+	file_envoy_config_cluster_v3_outlier_detection_proto_rawDesc = nil
+	file_envoy_config_cluster_v3_outlier_detection_proto_goTypes = nil
+	file_envoy_config_cluster_v3_outlier_detection_proto_depIdxs = nil
+}
diff --git a/vendor/github.com/envoyproxy/go-control-plane/envoy/config/cluster/v3/outlier_detection.pb.validate.go b/vendor/github.com/envoyproxy/go-control-plane/envoy/config/cluster/v3/outlier_detection.pb.validate.go
new file mode 100644
index 00000000000..a75238e3503
--- /dev/null
+++ b/vendor/github.com/envoyproxy/go-control-plane/envoy/config/cluster/v3/outlier_detection.pb.validate.go
@@ -0,0 +1,594 @@
+// Code generated by protoc-gen-validate. DO NOT EDIT.
+// source: envoy/config/cluster/v3/outlier_detection.proto
+
+package envoy_config_cluster_v3
+
+import (
+	"bytes"
+	"errors"
+	"fmt"
+	"net"
+	"net/mail"
+	"net/url"
+	"regexp"
+	"sort"
+	"strings"
+	"time"
+	"unicode/utf8"
+
+	"google.golang.org/protobuf/types/known/anypb"
+)
+
+// ensure the imports are used
+var (
+	_ = bytes.MinRead
+	_ = errors.New("")
+	_ = fmt.Print
+	_ = utf8.UTFMax
+	_ = (*regexp.Regexp)(nil)
+	_ = (*strings.Reader)(nil)
+	_ = net.IPv4len
+	_ = time.Duration(0)
+	_ = (*url.URL)(nil)
+	_ = (*mail.Address)(nil)
+	_ = anypb.Any{}
+	_ = sort.Sort
+)
+
+// Validate checks the field values on OutlierDetection with the rules defined
+// in the proto definition for this message. If any rules are violated, the
+// first error encountered is returned, or nil if there are no violations.
+func (m *OutlierDetection) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on OutlierDetection with the rules
+// defined in the proto definition for this message. If any rules are
+// violated, the result is a list of violation errors wrapped in
+// OutlierDetectionMultiError, or nil if none found.
+func (m *OutlierDetection) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *OutlierDetection) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	if all {
+		switch v := interface{}(m.GetConsecutive_5Xx()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, OutlierDetectionValidationError{
+					field:  "Consecutive_5Xx",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, OutlierDetectionValidationError{
+					field:  "Consecutive_5Xx",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetConsecutive_5Xx()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return OutlierDetectionValidationError{
+				field:  "Consecutive_5Xx",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if d := m.GetInterval(); d != nil {
+		dur, err := d.AsDuration(), d.CheckValid()
+		if err != nil {
+			err = OutlierDetectionValidationError{
+				field:  "Interval",
+				reason: "value is not a valid duration",
+				cause:  err,
+			}
+			if !all {
+				return err
+			}
+			errors = append(errors, err)
+		} else {
+
+			gt := time.Duration(0*time.Second + 0*time.Nanosecond)
+
+			if dur <= gt {
+				err := OutlierDetectionValidationError{
+					field:  "Interval",
+					reason: "value must be greater than 0s",
+				}
+				if !all {
+					return err
+				}
+				errors = append(errors, err)
+			}
+
+		}
+	}
+
+	if d := m.GetBaseEjectionTime(); d != nil {
+		dur, err := d.AsDuration(), d.CheckValid()
+		if err != nil {
+			err = OutlierDetectionValidationError{
+				field:  "BaseEjectionTime",
+				reason: "value is not a valid duration",
+				cause:  err,
+			}
+			if !all {
+				return err
+			}
+			errors = append(errors, err)
+		} else {
+
+			gt := time.Duration(0*time.Second + 0*time.Nanosecond)
+
+			if dur <= gt {
+				err := OutlierDetectionValidationError{
+					field:  "BaseEjectionTime",
+					reason: "value must be greater than 0s",
+				}
+				if !all {
+					return err
+				}
+				errors = append(errors, err)
+			}
+
+		}
+	}
+
+	if wrapper := m.GetMaxEjectionPercent(); wrapper != nil {
+
+		if wrapper.GetValue() > 100 {
+			err := OutlierDetectionValidationError{
+				field:  "MaxEjectionPercent",
+				reason: "value must be less than or equal to 100",
+			}
+			if !all {
+				return err
+			}
+			errors = append(errors, err)
+		}
+
+	}
+
+	if wrapper := m.GetEnforcingConsecutive_5Xx(); wrapper != nil {
+
+		if wrapper.GetValue() > 100 {
+			err := OutlierDetectionValidationError{
+				field:  "EnforcingConsecutive_5Xx",
+				reason: "value must be less than or equal to 100",
+			}
+			if !all {
+				return err
+			}
+			errors = append(errors, err)
+		}
+
+	}
+
+	if wrapper := m.GetEnforcingSuccessRate(); wrapper != nil {
+
+		if wrapper.GetValue() > 100 {
+			err := OutlierDetectionValidationError{
+				field:  "EnforcingSuccessRate",
+				reason: "value must be less than or equal to 100",
+			}
+			if !all {
+				return err
+			}
+			errors = append(errors, err)
+		}
+
+	}
+
+	if all {
+		switch v := interface{}(m.GetSuccessRateMinimumHosts()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, OutlierDetectionValidationError{
+					field:  "SuccessRateMinimumHosts",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, OutlierDetectionValidationError{
+					field:  "SuccessRateMinimumHosts",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetSuccessRateMinimumHosts()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return OutlierDetectionValidationError{
+				field:  "SuccessRateMinimumHosts",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if all {
+		switch v := interface{}(m.GetSuccessRateRequestVolume()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, OutlierDetectionValidationError{
+					field:  "SuccessRateRequestVolume",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, OutlierDetectionValidationError{
+					field:  "SuccessRateRequestVolume",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetSuccessRateRequestVolume()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return OutlierDetectionValidationError{
+				field:  "SuccessRateRequestVolume",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if all {
+		switch v := interface{}(m.GetSuccessRateStdevFactor()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, OutlierDetectionValidationError{
+					field:  "SuccessRateStdevFactor",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, OutlierDetectionValidationError{
+					field:  "SuccessRateStdevFactor",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetSuccessRateStdevFactor()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return OutlierDetectionValidationError{
+				field:  "SuccessRateStdevFactor",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if all {
+		switch v := interface{}(m.GetConsecutiveGatewayFailure()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, OutlierDetectionValidationError{
+					field:  "ConsecutiveGatewayFailure",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, OutlierDetectionValidationError{
+					field:  "ConsecutiveGatewayFailure",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetConsecutiveGatewayFailure()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return OutlierDetectionValidationError{
+				field:  "ConsecutiveGatewayFailure",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if wrapper := m.GetEnforcingConsecutiveGatewayFailure(); wrapper != nil {
+
+		if wrapper.GetValue() > 100 {
+			err := OutlierDetectionValidationError{
+				field:  "EnforcingConsecutiveGatewayFailure",
+				reason: "value must be less than or equal to 100",
+			}
+			if !all {
+				return err
+			}
+			errors = append(errors, err)
+		}
+
+	}
+
+	// no validation rules for SplitExternalLocalOriginErrors
+
+	if all {
+		switch v := interface{}(m.GetConsecutiveLocalOriginFailure()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, OutlierDetectionValidationError{
+					field:  "ConsecutiveLocalOriginFailure",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, OutlierDetectionValidationError{
+					field:  "ConsecutiveLocalOriginFailure",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetConsecutiveLocalOriginFailure()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return OutlierDetectionValidationError{
+				field:  "ConsecutiveLocalOriginFailure",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if wrapper := m.GetEnforcingConsecutiveLocalOriginFailure(); wrapper != nil {
+
+		if wrapper.GetValue() > 100 {
+			err := OutlierDetectionValidationError{
+				field:  "EnforcingConsecutiveLocalOriginFailure",
+				reason: "value must be less than or equal to 100",
+			}
+			if !all {
+				return err
+			}
+			errors = append(errors, err)
+		}
+
+	}
+
+	if wrapper := m.GetEnforcingLocalOriginSuccessRate(); wrapper != nil {
+
+		if wrapper.GetValue() > 100 {
+			err := OutlierDetectionValidationError{
+				field:  "EnforcingLocalOriginSuccessRate",
+				reason: "value must be less than or equal to 100",
+			}
+			if !all {
+				return err
+			}
+			errors = append(errors, err)
+		}
+
+	}
+
+	if wrapper := m.GetFailurePercentageThreshold(); wrapper != nil {
+
+		if wrapper.GetValue() > 100 {
+			err := OutlierDetectionValidationError{
+				field:  "FailurePercentageThreshold",
+				reason: "value must be less than or equal to 100",
+			}
+			if !all {
+				return err
+			}
+			errors = append(errors, err)
+		}
+
+	}
+
+	if wrapper := m.GetEnforcingFailurePercentage(); wrapper != nil {
+
+		if wrapper.GetValue() > 100 {
+			err := OutlierDetectionValidationError{
+				field:  "EnforcingFailurePercentage",
+				reason: "value must be less than or equal to 100",
+			}
+			if !all {
+				return err
+			}
+			errors = append(errors, err)
+		}
+
+	}
+
+	if wrapper := m.GetEnforcingFailurePercentageLocalOrigin(); wrapper != nil {
+
+		if wrapper.GetValue() > 100 {
+			err := OutlierDetectionValidationError{
+				field:  "EnforcingFailurePercentageLocalOrigin",
+				reason: "value must be less than or equal to 100",
+			}
+			if !all {
+				return err
+			}
+			errors = append(errors, err)
+		}
+
+	}
+
+	if all {
+		switch v := interface{}(m.GetFailurePercentageMinimumHosts()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, OutlierDetectionValidationError{
+					field:  "FailurePercentageMinimumHosts",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, OutlierDetectionValidationError{
+					field:  "FailurePercentageMinimumHosts",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetFailurePercentageMinimumHosts()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return OutlierDetectionValidationError{
+				field:  "FailurePercentageMinimumHosts",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if all {
+		switch v := interface{}(m.GetFailurePercentageRequestVolume()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, OutlierDetectionValidationError{
+					field:  "FailurePercentageRequestVolume",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, OutlierDetectionValidationError{
+					field:  "FailurePercentageRequestVolume",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetFailurePercentageRequestVolume()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return OutlierDetectionValidationError{
+				field:  "FailurePercentageRequestVolume",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if d := m.GetMaxEjectionTime(); d != nil {
+		dur, err := d.AsDuration(), d.CheckValid()
+		if err != nil {
+			err = OutlierDetectionValidationError{
+				field:  "MaxEjectionTime",
+				reason: "value is not a valid duration",
+				cause:  err,
+			}
+			if !all {
+				return err
+			}
+			errors = append(errors, err)
+		} else {
+
+			gt := time.Duration(0*time.Second + 0*time.Nanosecond)
+
+			if dur <= gt {
+				err := OutlierDetectionValidationError{
+					field:  "MaxEjectionTime",
+					reason: "value must be greater than 0s",
+				}
+				if !all {
+					return err
+				}
+				errors = append(errors, err)
+			}
+
+		}
+	}
+
+	if len(errors) > 0 {
+		return OutlierDetectionMultiError(errors)
+	}
+	return nil
+}
+
+// OutlierDetectionMultiError is an error wrapping multiple validation errors
+// returned by OutlierDetection.ValidateAll() if the designated constraints
+// aren't met.
+type OutlierDetectionMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m OutlierDetectionMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m OutlierDetectionMultiError) AllErrors() []error { return m }
+
+// OutlierDetectionValidationError is the validation error returned by
+// OutlierDetection.Validate if the designated constraints aren't met.
+type OutlierDetectionValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e OutlierDetectionValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e OutlierDetectionValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e OutlierDetectionValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e OutlierDetectionValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e OutlierDetectionValidationError) ErrorName() string { return "OutlierDetectionValidationError" }
+
+// Error satisfies the builtin error interface
+func (e OutlierDetectionValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sOutlierDetection.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = OutlierDetectionValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = OutlierDetectionValidationError{}
diff --git a/vendor/github.com/envoyproxy/go-control-plane/envoy/config/common/matcher/v3/matcher.pb.go b/vendor/github.com/envoyproxy/go-control-plane/envoy/config/common/matcher/v3/matcher.pb.go
new file mode 100644
index 00000000000..5029ba45cf5
--- /dev/null
+++ b/vendor/github.com/envoyproxy/go-control-plane/envoy/config/common/matcher/v3/matcher.pb.go
@@ -0,0 +1,1771 @@
+// Code generated by protoc-gen-go. DO NOT EDIT.
+// versions:
+// 	protoc-gen-go v1.25.0
+// 	protoc        v3.19.1
+// source: envoy/config/common/matcher/v3/matcher.proto
+
+package envoy_config_common_matcher_v3
+
+import (
+	_ "github.com/cncf/xds/go/udpa/annotations"
+	_ "github.com/cncf/xds/go/xds/annotations/v3"
+	v31 "github.com/envoyproxy/go-control-plane/envoy/config/core/v3"
+	v3 "github.com/envoyproxy/go-control-plane/envoy/config/route/v3"
+	v32 "github.com/envoyproxy/go-control-plane/envoy/type/matcher/v3"
+	_ "github.com/envoyproxy/protoc-gen-validate/validate"
+	proto "github.com/golang/protobuf/proto"
+	protoreflect "google.golang.org/protobuf/reflect/protoreflect"
+	protoimpl "google.golang.org/protobuf/runtime/protoimpl"
+	reflect "reflect"
+	sync "sync"
+)
+
+const (
+	// Verify that this generated code is sufficiently up-to-date.
+	_ = protoimpl.EnforceVersion(20 - protoimpl.MinVersion)
+	// Verify that runtime/protoimpl is sufficiently up-to-date.
+	_ = protoimpl.EnforceVersion(protoimpl.MaxVersion - 20)
+)
+
+// This is a compile-time assertion that a sufficiently up-to-date version
+// of the legacy proto package is being used.
+const _ = proto.ProtoPackageIsVersion4
+
+// A matcher, which may traverse a matching tree in order to result in a match action.
+// During matching, the tree will be traversed until a match is found, or if no match
+// is found the action specified by the most specific on_no_match will be evaluated.
+// As an on_no_match might result in another matching tree being evaluated, this process
+// might repeat several times until the final OnMatch (or no match) is decided.
+type Matcher struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// Types that are assignable to MatcherType:
+	//	*Matcher_MatcherList_
+	//	*Matcher_MatcherTree_
+	MatcherType isMatcher_MatcherType `protobuf_oneof:"matcher_type"`
+	// Optional OnMatch to use if the matcher failed.
+	// If specified, the OnMatch is used, and the matcher is considered
+	// to have matched.
+	// If not specified, the matcher is considered not to have matched.
+	OnNoMatch *Matcher_OnMatch `protobuf:"bytes,3,opt,name=on_no_match,json=onNoMatch,proto3" json:"on_no_match,omitempty"`
+}
+
+func (x *Matcher) Reset() {
+	*x = Matcher{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_config_common_matcher_v3_matcher_proto_msgTypes[0]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *Matcher) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*Matcher) ProtoMessage() {}
+
+func (x *Matcher) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_config_common_matcher_v3_matcher_proto_msgTypes[0]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use Matcher.ProtoReflect.Descriptor instead.
+func (*Matcher) Descriptor() ([]byte, []int) {
+	return file_envoy_config_common_matcher_v3_matcher_proto_rawDescGZIP(), []int{0}
+}
+
+func (m *Matcher) GetMatcherType() isMatcher_MatcherType {
+	if m != nil {
+		return m.MatcherType
+	}
+	return nil
+}
+
+func (x *Matcher) GetMatcherList() *Matcher_MatcherList {
+	if x, ok := x.GetMatcherType().(*Matcher_MatcherList_); ok {
+		return x.MatcherList
+	}
+	return nil
+}
+
+func (x *Matcher) GetMatcherTree() *Matcher_MatcherTree {
+	if x, ok := x.GetMatcherType().(*Matcher_MatcherTree_); ok {
+		return x.MatcherTree
+	}
+	return nil
+}
+
+func (x *Matcher) GetOnNoMatch() *Matcher_OnMatch {
+	if x != nil {
+		return x.OnNoMatch
+	}
+	return nil
+}
+
+type isMatcher_MatcherType interface {
+	isMatcher_MatcherType()
+}
+
+type Matcher_MatcherList_ struct {
+	// A linear list of matchers to evaluate.
+	MatcherList *Matcher_MatcherList `protobuf:"bytes,1,opt,name=matcher_list,json=matcherList,proto3,oneof"`
+}
+
+type Matcher_MatcherTree_ struct {
+	// A match tree to evaluate.
+	MatcherTree *Matcher_MatcherTree `protobuf:"bytes,2,opt,name=matcher_tree,json=matcherTree,proto3,oneof"`
+}
+
+func (*Matcher_MatcherList_) isMatcher_MatcherType() {}
+
+func (*Matcher_MatcherTree_) isMatcher_MatcherType() {}
+
+// Match configuration. This is a recursive structure which allows complex nested match
+// configurations to be built using various logical operators.
+// [#next-free-field: 11]
+type MatchPredicate struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// Types that are assignable to Rule:
+	//	*MatchPredicate_OrMatch
+	//	*MatchPredicate_AndMatch
+	//	*MatchPredicate_NotMatch
+	//	*MatchPredicate_AnyMatch
+	//	*MatchPredicate_HttpRequestHeadersMatch
+	//	*MatchPredicate_HttpRequestTrailersMatch
+	//	*MatchPredicate_HttpResponseHeadersMatch
+	//	*MatchPredicate_HttpResponseTrailersMatch
+	//	*MatchPredicate_HttpRequestGenericBodyMatch
+	//	*MatchPredicate_HttpResponseGenericBodyMatch
+	Rule isMatchPredicate_Rule `protobuf_oneof:"rule"`
+}
+
+func (x *MatchPredicate) Reset() {
+	*x = MatchPredicate{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_config_common_matcher_v3_matcher_proto_msgTypes[1]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *MatchPredicate) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*MatchPredicate) ProtoMessage() {}
+
+func (x *MatchPredicate) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_config_common_matcher_v3_matcher_proto_msgTypes[1]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use MatchPredicate.ProtoReflect.Descriptor instead.
+func (*MatchPredicate) Descriptor() ([]byte, []int) {
+	return file_envoy_config_common_matcher_v3_matcher_proto_rawDescGZIP(), []int{1}
+}
+
+func (m *MatchPredicate) GetRule() isMatchPredicate_Rule {
+	if m != nil {
+		return m.Rule
+	}
+	return nil
+}
+
+func (x *MatchPredicate) GetOrMatch() *MatchPredicate_MatchSet {
+	if x, ok := x.GetRule().(*MatchPredicate_OrMatch); ok {
+		return x.OrMatch
+	}
+	return nil
+}
+
+func (x *MatchPredicate) GetAndMatch() *MatchPredicate_MatchSet {
+	if x, ok := x.GetRule().(*MatchPredicate_AndMatch); ok {
+		return x.AndMatch
+	}
+	return nil
+}
+
+func (x *MatchPredicate) GetNotMatch() *MatchPredicate {
+	if x, ok := x.GetRule().(*MatchPredicate_NotMatch); ok {
+		return x.NotMatch
+	}
+	return nil
+}
+
+func (x *MatchPredicate) GetAnyMatch() bool {
+	if x, ok := x.GetRule().(*MatchPredicate_AnyMatch); ok {
+		return x.AnyMatch
+	}
+	return false
+}
+
+func (x *MatchPredicate) GetHttpRequestHeadersMatch() *HttpHeadersMatch {
+	if x, ok := x.GetRule().(*MatchPredicate_HttpRequestHeadersMatch); ok {
+		return x.HttpRequestHeadersMatch
+	}
+	return nil
+}
+
+func (x *MatchPredicate) GetHttpRequestTrailersMatch() *HttpHeadersMatch {
+	if x, ok := x.GetRule().(*MatchPredicate_HttpRequestTrailersMatch); ok {
+		return x.HttpRequestTrailersMatch
+	}
+	return nil
+}
+
+func (x *MatchPredicate) GetHttpResponseHeadersMatch() *HttpHeadersMatch {
+	if x, ok := x.GetRule().(*MatchPredicate_HttpResponseHeadersMatch); ok {
+		return x.HttpResponseHeadersMatch
+	}
+	return nil
+}
+
+func (x *MatchPredicate) GetHttpResponseTrailersMatch() *HttpHeadersMatch {
+	if x, ok := x.GetRule().(*MatchPredicate_HttpResponseTrailersMatch); ok {
+		return x.HttpResponseTrailersMatch
+	}
+	return nil
+}
+
+func (x *MatchPredicate) GetHttpRequestGenericBodyMatch() *HttpGenericBodyMatch {
+	if x, ok := x.GetRule().(*MatchPredicate_HttpRequestGenericBodyMatch); ok {
+		return x.HttpRequestGenericBodyMatch
+	}
+	return nil
+}
+
+func (x *MatchPredicate) GetHttpResponseGenericBodyMatch() *HttpGenericBodyMatch {
+	if x, ok := x.GetRule().(*MatchPredicate_HttpResponseGenericBodyMatch); ok {
+		return x.HttpResponseGenericBodyMatch
+	}
+	return nil
+}
+
+type isMatchPredicate_Rule interface {
+	isMatchPredicate_Rule()
+}
+
+type MatchPredicate_OrMatch struct {
+	// A set that describes a logical OR. If any member of the set matches, the match configuration
+	// matches.
+	OrMatch *MatchPredicate_MatchSet `protobuf:"bytes,1,opt,name=or_match,json=orMatch,proto3,oneof"`
+}
+
+type MatchPredicate_AndMatch struct {
+	// A set that describes a logical AND. If all members of the set match, the match configuration
+	// matches.
+	AndMatch *MatchPredicate_MatchSet `protobuf:"bytes,2,opt,name=and_match,json=andMatch,proto3,oneof"`
+}
+
+type MatchPredicate_NotMatch struct {
+	// A negation match. The match configuration will match if the negated match condition matches.
+	NotMatch *MatchPredicate `protobuf:"bytes,3,opt,name=not_match,json=notMatch,proto3,oneof"`
+}
+
+type MatchPredicate_AnyMatch struct {
+	// The match configuration will always match.
+	AnyMatch bool `protobuf:"varint,4,opt,name=any_match,json=anyMatch,proto3,oneof"`
+}
+
+type MatchPredicate_HttpRequestHeadersMatch struct {
+	// HTTP request headers match configuration.
+	HttpRequestHeadersMatch *HttpHeadersMatch `protobuf:"bytes,5,opt,name=http_request_headers_match,json=httpRequestHeadersMatch,proto3,oneof"`
+}
+
+type MatchPredicate_HttpRequestTrailersMatch struct {
+	// HTTP request trailers match configuration.
+	HttpRequestTrailersMatch *HttpHeadersMatch `protobuf:"bytes,6,opt,name=http_request_trailers_match,json=httpRequestTrailersMatch,proto3,oneof"`
+}
+
+type MatchPredicate_HttpResponseHeadersMatch struct {
+	// HTTP response headers match configuration.
+	HttpResponseHeadersMatch *HttpHeadersMatch `protobuf:"bytes,7,opt,name=http_response_headers_match,json=httpResponseHeadersMatch,proto3,oneof"`
+}
+
+type MatchPredicate_HttpResponseTrailersMatch struct {
+	// HTTP response trailers match configuration.
+	HttpResponseTrailersMatch *HttpHeadersMatch `protobuf:"bytes,8,opt,name=http_response_trailers_match,json=httpResponseTrailersMatch,proto3,oneof"`
+}
+
+type MatchPredicate_HttpRequestGenericBodyMatch struct {
+	// HTTP request generic body match configuration.
+	HttpRequestGenericBodyMatch *HttpGenericBodyMatch `protobuf:"bytes,9,opt,name=http_request_generic_body_match,json=httpRequestGenericBodyMatch,proto3,oneof"`
+}
+
+type MatchPredicate_HttpResponseGenericBodyMatch struct {
+	// HTTP response generic body match configuration.
+	HttpResponseGenericBodyMatch *HttpGenericBodyMatch `protobuf:"bytes,10,opt,name=http_response_generic_body_match,json=httpResponseGenericBodyMatch,proto3,oneof"`
+}
+
+func (*MatchPredicate_OrMatch) isMatchPredicate_Rule() {}
+
+func (*MatchPredicate_AndMatch) isMatchPredicate_Rule() {}
+
+func (*MatchPredicate_NotMatch) isMatchPredicate_Rule() {}
+
+func (*MatchPredicate_AnyMatch) isMatchPredicate_Rule() {}
+
+func (*MatchPredicate_HttpRequestHeadersMatch) isMatchPredicate_Rule() {}
+
+func (*MatchPredicate_HttpRequestTrailersMatch) isMatchPredicate_Rule() {}
+
+func (*MatchPredicate_HttpResponseHeadersMatch) isMatchPredicate_Rule() {}
+
+func (*MatchPredicate_HttpResponseTrailersMatch) isMatchPredicate_Rule() {}
+
+func (*MatchPredicate_HttpRequestGenericBodyMatch) isMatchPredicate_Rule() {}
+
+func (*MatchPredicate_HttpResponseGenericBodyMatch) isMatchPredicate_Rule() {}
+
+// HTTP headers match configuration.
+type HttpHeadersMatch struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// HTTP headers to match.
+	Headers []*v3.HeaderMatcher `protobuf:"bytes,1,rep,name=headers,proto3" json:"headers,omitempty"`
+}
+
+func (x *HttpHeadersMatch) Reset() {
+	*x = HttpHeadersMatch{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_config_common_matcher_v3_matcher_proto_msgTypes[2]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *HttpHeadersMatch) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*HttpHeadersMatch) ProtoMessage() {}
+
+func (x *HttpHeadersMatch) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_config_common_matcher_v3_matcher_proto_msgTypes[2]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use HttpHeadersMatch.ProtoReflect.Descriptor instead.
+func (*HttpHeadersMatch) Descriptor() ([]byte, []int) {
+	return file_envoy_config_common_matcher_v3_matcher_proto_rawDescGZIP(), []int{2}
+}
+
+func (x *HttpHeadersMatch) GetHeaders() []*v3.HeaderMatcher {
+	if x != nil {
+		return x.Headers
+	}
+	return nil
+}
+
+// HTTP generic body match configuration.
+// List of text strings and hex strings to be located in HTTP body.
+// All specified strings must be found in the HTTP body for positive match.
+// The search may be limited to specified number of bytes from the body start.
+//
+// .. attention::
+//
+//   Searching for patterns in HTTP body is potentially cpu intensive. For each specified pattern, http body is scanned byte by byte to find a match.
+//   If multiple patterns are specified, the process is repeated for each pattern. If location of a pattern is known, ``bytes_limit`` should be specified
+//   to scan only part of the http body.
+type HttpGenericBodyMatch struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// Limits search to specified number of bytes - default zero (no limit - match entire captured buffer).
+	BytesLimit uint32 `protobuf:"varint,1,opt,name=bytes_limit,json=bytesLimit,proto3" json:"bytes_limit,omitempty"`
+	// List of patterns to match.
+	Patterns []*HttpGenericBodyMatch_GenericTextMatch `protobuf:"bytes,2,rep,name=patterns,proto3" json:"patterns,omitempty"`
+}
+
+func (x *HttpGenericBodyMatch) Reset() {
+	*x = HttpGenericBodyMatch{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_config_common_matcher_v3_matcher_proto_msgTypes[3]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *HttpGenericBodyMatch) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*HttpGenericBodyMatch) ProtoMessage() {}
+
+func (x *HttpGenericBodyMatch) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_config_common_matcher_v3_matcher_proto_msgTypes[3]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use HttpGenericBodyMatch.ProtoReflect.Descriptor instead.
+func (*HttpGenericBodyMatch) Descriptor() ([]byte, []int) {
+	return file_envoy_config_common_matcher_v3_matcher_proto_rawDescGZIP(), []int{3}
+}
+
+func (x *HttpGenericBodyMatch) GetBytesLimit() uint32 {
+	if x != nil {
+		return x.BytesLimit
+	}
+	return 0
+}
+
+func (x *HttpGenericBodyMatch) GetPatterns() []*HttpGenericBodyMatch_GenericTextMatch {
+	if x != nil {
+		return x.Patterns
+	}
+	return nil
+}
+
+// What to do if a match is successful.
+type Matcher_OnMatch struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// Types that are assignable to OnMatch:
+	//	*Matcher_OnMatch_Matcher
+	//	*Matcher_OnMatch_Action
+	OnMatch isMatcher_OnMatch_OnMatch `protobuf_oneof:"on_match"`
+}
+
+func (x *Matcher_OnMatch) Reset() {
+	*x = Matcher_OnMatch{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_config_common_matcher_v3_matcher_proto_msgTypes[4]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *Matcher_OnMatch) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*Matcher_OnMatch) ProtoMessage() {}
+
+func (x *Matcher_OnMatch) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_config_common_matcher_v3_matcher_proto_msgTypes[4]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use Matcher_OnMatch.ProtoReflect.Descriptor instead.
+func (*Matcher_OnMatch) Descriptor() ([]byte, []int) {
+	return file_envoy_config_common_matcher_v3_matcher_proto_rawDescGZIP(), []int{0, 0}
+}
+
+func (m *Matcher_OnMatch) GetOnMatch() isMatcher_OnMatch_OnMatch {
+	if m != nil {
+		return m.OnMatch
+	}
+	return nil
+}
+
+func (x *Matcher_OnMatch) GetMatcher() *Matcher {
+	if x, ok := x.GetOnMatch().(*Matcher_OnMatch_Matcher); ok {
+		return x.Matcher
+	}
+	return nil
+}
+
+func (x *Matcher_OnMatch) GetAction() *v31.TypedExtensionConfig {
+	if x, ok := x.GetOnMatch().(*Matcher_OnMatch_Action); ok {
+		return x.Action
+	}
+	return nil
+}
+
+type isMatcher_OnMatch_OnMatch interface {
+	isMatcher_OnMatch_OnMatch()
+}
+
+type Matcher_OnMatch_Matcher struct {
+	// Nested matcher to evaluate.
+	// If the nested matcher does not match and does not specify
+	// on_no_match, then this matcher is considered not to have
+	// matched, even if a predicate at this level or above returned
+	// true.
+	Matcher *Matcher `protobuf:"bytes,1,opt,name=matcher,proto3,oneof"`
+}
+
+type Matcher_OnMatch_Action struct {
+	// Protocol-specific action to take.
+	Action *v31.TypedExtensionConfig `protobuf:"bytes,2,opt,name=action,proto3,oneof"`
+}
+
+func (*Matcher_OnMatch_Matcher) isMatcher_OnMatch_OnMatch() {}
+
+func (*Matcher_OnMatch_Action) isMatcher_OnMatch_OnMatch() {}
+
+// A linear list of field matchers.
+// The field matchers are evaluated in order, and the first match
+// wins.
+type Matcher_MatcherList struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// A list of matchers. First match wins.
+	Matchers []*Matcher_MatcherList_FieldMatcher `protobuf:"bytes,1,rep,name=matchers,proto3" json:"matchers,omitempty"`
+}
+
+func (x *Matcher_MatcherList) Reset() {
+	*x = Matcher_MatcherList{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_config_common_matcher_v3_matcher_proto_msgTypes[5]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *Matcher_MatcherList) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*Matcher_MatcherList) ProtoMessage() {}
+
+func (x *Matcher_MatcherList) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_config_common_matcher_v3_matcher_proto_msgTypes[5]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use Matcher_MatcherList.ProtoReflect.Descriptor instead.
+func (*Matcher_MatcherList) Descriptor() ([]byte, []int) {
+	return file_envoy_config_common_matcher_v3_matcher_proto_rawDescGZIP(), []int{0, 1}
+}
+
+func (x *Matcher_MatcherList) GetMatchers() []*Matcher_MatcherList_FieldMatcher {
+	if x != nil {
+		return x.Matchers
+	}
+	return nil
+}
+
+type Matcher_MatcherTree struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// Protocol-specific specification of input field to match on.
+	Input *v31.TypedExtensionConfig `protobuf:"bytes,1,opt,name=input,proto3" json:"input,omitempty"`
+	// Exact or prefix match maps in which to look up the input value.
+	// If the lookup succeeds, the match is considered successful, and
+	// the corresponding OnMatch is used.
+	//
+	// Types that are assignable to TreeType:
+	//	*Matcher_MatcherTree_ExactMatchMap
+	//	*Matcher_MatcherTree_PrefixMatchMap
+	//	*Matcher_MatcherTree_CustomMatch
+	TreeType isMatcher_MatcherTree_TreeType `protobuf_oneof:"tree_type"`
+}
+
+func (x *Matcher_MatcherTree) Reset() {
+	*x = Matcher_MatcherTree{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_config_common_matcher_v3_matcher_proto_msgTypes[6]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *Matcher_MatcherTree) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*Matcher_MatcherTree) ProtoMessage() {}
+
+func (x *Matcher_MatcherTree) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_config_common_matcher_v3_matcher_proto_msgTypes[6]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use Matcher_MatcherTree.ProtoReflect.Descriptor instead.
+func (*Matcher_MatcherTree) Descriptor() ([]byte, []int) {
+	return file_envoy_config_common_matcher_v3_matcher_proto_rawDescGZIP(), []int{0, 2}
+}
+
+func (x *Matcher_MatcherTree) GetInput() *v31.TypedExtensionConfig {
+	if x != nil {
+		return x.Input
+	}
+	return nil
+}
+
+func (m *Matcher_MatcherTree) GetTreeType() isMatcher_MatcherTree_TreeType {
+	if m != nil {
+		return m.TreeType
+	}
+	return nil
+}
+
+func (x *Matcher_MatcherTree) GetExactMatchMap() *Matcher_MatcherTree_MatchMap {
+	if x, ok := x.GetTreeType().(*Matcher_MatcherTree_ExactMatchMap); ok {
+		return x.ExactMatchMap
+	}
+	return nil
+}
+
+func (x *Matcher_MatcherTree) GetPrefixMatchMap() *Matcher_MatcherTree_MatchMap {
+	if x, ok := x.GetTreeType().(*Matcher_MatcherTree_PrefixMatchMap); ok {
+		return x.PrefixMatchMap
+	}
+	return nil
+}
+
+func (x *Matcher_MatcherTree) GetCustomMatch() *v31.TypedExtensionConfig {
+	if x, ok := x.GetTreeType().(*Matcher_MatcherTree_CustomMatch); ok {
+		return x.CustomMatch
+	}
+	return nil
+}
+
+type isMatcher_MatcherTree_TreeType interface {
+	isMatcher_MatcherTree_TreeType()
+}
+
+type Matcher_MatcherTree_ExactMatchMap struct {
+	ExactMatchMap *Matcher_MatcherTree_MatchMap `protobuf:"bytes,2,opt,name=exact_match_map,json=exactMatchMap,proto3,oneof"`
+}
+
+type Matcher_MatcherTree_PrefixMatchMap struct {
+	// Longest matching prefix wins.
+	PrefixMatchMap *Matcher_MatcherTree_MatchMap `protobuf:"bytes,3,opt,name=prefix_match_map,json=prefixMatchMap,proto3,oneof"`
+}
+
+type Matcher_MatcherTree_CustomMatch struct {
+	// Extension for custom matching logic.
+	CustomMatch *v31.TypedExtensionConfig `protobuf:"bytes,4,opt,name=custom_match,json=customMatch,proto3,oneof"`
+}
+
+func (*Matcher_MatcherTree_ExactMatchMap) isMatcher_MatcherTree_TreeType() {}
+
+func (*Matcher_MatcherTree_PrefixMatchMap) isMatcher_MatcherTree_TreeType() {}
+
+func (*Matcher_MatcherTree_CustomMatch) isMatcher_MatcherTree_TreeType() {}
+
+// Predicate to determine if a match is successful.
+type Matcher_MatcherList_Predicate struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// Types that are assignable to MatchType:
+	//	*Matcher_MatcherList_Predicate_SinglePredicate_
+	//	*Matcher_MatcherList_Predicate_OrMatcher
+	//	*Matcher_MatcherList_Predicate_AndMatcher
+	//	*Matcher_MatcherList_Predicate_NotMatcher
+	MatchType isMatcher_MatcherList_Predicate_MatchType `protobuf_oneof:"match_type"`
+}
+
+func (x *Matcher_MatcherList_Predicate) Reset() {
+	*x = Matcher_MatcherList_Predicate{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_config_common_matcher_v3_matcher_proto_msgTypes[7]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *Matcher_MatcherList_Predicate) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*Matcher_MatcherList_Predicate) ProtoMessage() {}
+
+func (x *Matcher_MatcherList_Predicate) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_config_common_matcher_v3_matcher_proto_msgTypes[7]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use Matcher_MatcherList_Predicate.ProtoReflect.Descriptor instead.
+func (*Matcher_MatcherList_Predicate) Descriptor() ([]byte, []int) {
+	return file_envoy_config_common_matcher_v3_matcher_proto_rawDescGZIP(), []int{0, 1, 0}
+}
+
+func (m *Matcher_MatcherList_Predicate) GetMatchType() isMatcher_MatcherList_Predicate_MatchType {
+	if m != nil {
+		return m.MatchType
+	}
+	return nil
+}
+
+func (x *Matcher_MatcherList_Predicate) GetSinglePredicate() *Matcher_MatcherList_Predicate_SinglePredicate {
+	if x, ok := x.GetMatchType().(*Matcher_MatcherList_Predicate_SinglePredicate_); ok {
+		return x.SinglePredicate
+	}
+	return nil
+}
+
+func (x *Matcher_MatcherList_Predicate) GetOrMatcher() *Matcher_MatcherList_Predicate_PredicateList {
+	if x, ok := x.GetMatchType().(*Matcher_MatcherList_Predicate_OrMatcher); ok {
+		return x.OrMatcher
+	}
+	return nil
+}
+
+func (x *Matcher_MatcherList_Predicate) GetAndMatcher() *Matcher_MatcherList_Predicate_PredicateList {
+	if x, ok := x.GetMatchType().(*Matcher_MatcherList_Predicate_AndMatcher); ok {
+		return x.AndMatcher
+	}
+	return nil
+}
+
+func (x *Matcher_MatcherList_Predicate) GetNotMatcher() *Matcher_MatcherList_Predicate {
+	if x, ok := x.GetMatchType().(*Matcher_MatcherList_Predicate_NotMatcher); ok {
+		return x.NotMatcher
+	}
+	return nil
+}
+
+type isMatcher_MatcherList_Predicate_MatchType interface {
+	isMatcher_MatcherList_Predicate_MatchType()
+}
+
+type Matcher_MatcherList_Predicate_SinglePredicate_ struct {
+	// A single predicate to evaluate.
+	SinglePredicate *Matcher_MatcherList_Predicate_SinglePredicate `protobuf:"bytes,1,opt,name=single_predicate,json=singlePredicate,proto3,oneof"`
+}
+
+type Matcher_MatcherList_Predicate_OrMatcher struct {
+	// A list of predicates to be OR-ed together.
+	OrMatcher *Matcher_MatcherList_Predicate_PredicateList `protobuf:"bytes,2,opt,name=or_matcher,json=orMatcher,proto3,oneof"`
+}
+
+type Matcher_MatcherList_Predicate_AndMatcher struct {
+	// A list of predicates to be AND-ed together.
+	AndMatcher *Matcher_MatcherList_Predicate_PredicateList `protobuf:"bytes,3,opt,name=and_matcher,json=andMatcher,proto3,oneof"`
+}
+
+type Matcher_MatcherList_Predicate_NotMatcher struct {
+	// The invert of a predicate
+	NotMatcher *Matcher_MatcherList_Predicate `protobuf:"bytes,4,opt,name=not_matcher,json=notMatcher,proto3,oneof"`
+}
+
+func (*Matcher_MatcherList_Predicate_SinglePredicate_) isMatcher_MatcherList_Predicate_MatchType() {}
+
+func (*Matcher_MatcherList_Predicate_OrMatcher) isMatcher_MatcherList_Predicate_MatchType() {}
+
+func (*Matcher_MatcherList_Predicate_AndMatcher) isMatcher_MatcherList_Predicate_MatchType() {}
+
+func (*Matcher_MatcherList_Predicate_NotMatcher) isMatcher_MatcherList_Predicate_MatchType() {}
+
+// An individual matcher.
+type Matcher_MatcherList_FieldMatcher struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// Determines if the match succeeds.
+	Predicate *Matcher_MatcherList_Predicate `protobuf:"bytes,1,opt,name=predicate,proto3" json:"predicate,omitempty"`
+	// What to do if the match succeeds.
+	OnMatch *Matcher_OnMatch `protobuf:"bytes,2,opt,name=on_match,json=onMatch,proto3" json:"on_match,omitempty"`
+}
+
+func (x *Matcher_MatcherList_FieldMatcher) Reset() {
+	*x = Matcher_MatcherList_FieldMatcher{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_config_common_matcher_v3_matcher_proto_msgTypes[8]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *Matcher_MatcherList_FieldMatcher) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*Matcher_MatcherList_FieldMatcher) ProtoMessage() {}
+
+func (x *Matcher_MatcherList_FieldMatcher) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_config_common_matcher_v3_matcher_proto_msgTypes[8]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use Matcher_MatcherList_FieldMatcher.ProtoReflect.Descriptor instead.
+func (*Matcher_MatcherList_FieldMatcher) Descriptor() ([]byte, []int) {
+	return file_envoy_config_common_matcher_v3_matcher_proto_rawDescGZIP(), []int{0, 1, 1}
+}
+
+func (x *Matcher_MatcherList_FieldMatcher) GetPredicate() *Matcher_MatcherList_Predicate {
+	if x != nil {
+		return x.Predicate
+	}
+	return nil
+}
+
+func (x *Matcher_MatcherList_FieldMatcher) GetOnMatch() *Matcher_OnMatch {
+	if x != nil {
+		return x.OnMatch
+	}
+	return nil
+}
+
+// Predicate for a single input field.
+type Matcher_MatcherList_Predicate_SinglePredicate struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// Protocol-specific specification of input field to match on.
+	// [#extension-category: envoy.matching.common_inputs]
+	Input *v31.TypedExtensionConfig `protobuf:"bytes,1,opt,name=input,proto3" json:"input,omitempty"`
+	// Types that are assignable to Matcher:
+	//	*Matcher_MatcherList_Predicate_SinglePredicate_ValueMatch
+	//	*Matcher_MatcherList_Predicate_SinglePredicate_CustomMatch
+	Matcher isMatcher_MatcherList_Predicate_SinglePredicate_Matcher `protobuf_oneof:"matcher"`
+}
+
+func (x *Matcher_MatcherList_Predicate_SinglePredicate) Reset() {
+	*x = Matcher_MatcherList_Predicate_SinglePredicate{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_config_common_matcher_v3_matcher_proto_msgTypes[9]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *Matcher_MatcherList_Predicate_SinglePredicate) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*Matcher_MatcherList_Predicate_SinglePredicate) ProtoMessage() {}
+
+func (x *Matcher_MatcherList_Predicate_SinglePredicate) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_config_common_matcher_v3_matcher_proto_msgTypes[9]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use Matcher_MatcherList_Predicate_SinglePredicate.ProtoReflect.Descriptor instead.
+func (*Matcher_MatcherList_Predicate_SinglePredicate) Descriptor() ([]byte, []int) {
+	return file_envoy_config_common_matcher_v3_matcher_proto_rawDescGZIP(), []int{0, 1, 0, 0}
+}
+
+func (x *Matcher_MatcherList_Predicate_SinglePredicate) GetInput() *v31.TypedExtensionConfig {
+	if x != nil {
+		return x.Input
+	}
+	return nil
+}
+
+func (m *Matcher_MatcherList_Predicate_SinglePredicate) GetMatcher() isMatcher_MatcherList_Predicate_SinglePredicate_Matcher {
+	if m != nil {
+		return m.Matcher
+	}
+	return nil
+}
+
+func (x *Matcher_MatcherList_Predicate_SinglePredicate) GetValueMatch() *v32.StringMatcher {
+	if x, ok := x.GetMatcher().(*Matcher_MatcherList_Predicate_SinglePredicate_ValueMatch); ok {
+		return x.ValueMatch
+	}
+	return nil
+}
+
+func (x *Matcher_MatcherList_Predicate_SinglePredicate) GetCustomMatch() *v31.TypedExtensionConfig {
+	if x, ok := x.GetMatcher().(*Matcher_MatcherList_Predicate_SinglePredicate_CustomMatch); ok {
+		return x.CustomMatch
+	}
+	return nil
+}
+
+type isMatcher_MatcherList_Predicate_SinglePredicate_Matcher interface {
+	isMatcher_MatcherList_Predicate_SinglePredicate_Matcher()
+}
+
+type Matcher_MatcherList_Predicate_SinglePredicate_ValueMatch struct {
+	// Built-in string matcher.
+	ValueMatch *v32.StringMatcher `protobuf:"bytes,2,opt,name=value_match,json=valueMatch,proto3,oneof"`
+}
+
+type Matcher_MatcherList_Predicate_SinglePredicate_CustomMatch struct {
+	// Extension for custom matching logic.
+	// [#extension-category: envoy.matching.input_matchers]
+	CustomMatch *v31.TypedExtensionConfig `protobuf:"bytes,3,opt,name=custom_match,json=customMatch,proto3,oneof"`
+}
+
+func (*Matcher_MatcherList_Predicate_SinglePredicate_ValueMatch) isMatcher_MatcherList_Predicate_SinglePredicate_Matcher() {
+}
+
+func (*Matcher_MatcherList_Predicate_SinglePredicate_CustomMatch) isMatcher_MatcherList_Predicate_SinglePredicate_Matcher() {
+}
+
+// A list of two or more matchers. Used to allow using a list within a oneof.
+type Matcher_MatcherList_Predicate_PredicateList struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	Predicate []*Matcher_MatcherList_Predicate `protobuf:"bytes,1,rep,name=predicate,proto3" json:"predicate,omitempty"`
+}
+
+func (x *Matcher_MatcherList_Predicate_PredicateList) Reset() {
+	*x = Matcher_MatcherList_Predicate_PredicateList{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_config_common_matcher_v3_matcher_proto_msgTypes[10]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *Matcher_MatcherList_Predicate_PredicateList) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*Matcher_MatcherList_Predicate_PredicateList) ProtoMessage() {}
+
+func (x *Matcher_MatcherList_Predicate_PredicateList) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_config_common_matcher_v3_matcher_proto_msgTypes[10]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use Matcher_MatcherList_Predicate_PredicateList.ProtoReflect.Descriptor instead.
+func (*Matcher_MatcherList_Predicate_PredicateList) Descriptor() ([]byte, []int) {
+	return file_envoy_config_common_matcher_v3_matcher_proto_rawDescGZIP(), []int{0, 1, 0, 1}
+}
+
+func (x *Matcher_MatcherList_Predicate_PredicateList) GetPredicate() []*Matcher_MatcherList_Predicate {
+	if x != nil {
+		return x.Predicate
+	}
+	return nil
+}
+
+// A map of configured matchers. Used to allow using a map within a oneof.
+type Matcher_MatcherTree_MatchMap struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	Map map[string]*Matcher_OnMatch `protobuf:"bytes,1,rep,name=map,proto3" json:"map,omitempty" protobuf_key:"bytes,1,opt,name=key,proto3" protobuf_val:"bytes,2,opt,name=value,proto3"`
+}
+
+func (x *Matcher_MatcherTree_MatchMap) Reset() {
+	*x = Matcher_MatcherTree_MatchMap{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_config_common_matcher_v3_matcher_proto_msgTypes[11]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *Matcher_MatcherTree_MatchMap) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*Matcher_MatcherTree_MatchMap) ProtoMessage() {}
+
+func (x *Matcher_MatcherTree_MatchMap) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_config_common_matcher_v3_matcher_proto_msgTypes[11]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use Matcher_MatcherTree_MatchMap.ProtoReflect.Descriptor instead.
+func (*Matcher_MatcherTree_MatchMap) Descriptor() ([]byte, []int) {
+	return file_envoy_config_common_matcher_v3_matcher_proto_rawDescGZIP(), []int{0, 2, 0}
+}
+
+func (x *Matcher_MatcherTree_MatchMap) GetMap() map[string]*Matcher_OnMatch {
+	if x != nil {
+		return x.Map
+	}
+	return nil
+}
+
+// A set of match configurations used for logical operations.
+type MatchPredicate_MatchSet struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// The list of rules that make up the set.
+	Rules []*MatchPredicate `protobuf:"bytes,1,rep,name=rules,proto3" json:"rules,omitempty"`
+}
+
+func (x *MatchPredicate_MatchSet) Reset() {
+	*x = MatchPredicate_MatchSet{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_config_common_matcher_v3_matcher_proto_msgTypes[13]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *MatchPredicate_MatchSet) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*MatchPredicate_MatchSet) ProtoMessage() {}
+
+func (x *MatchPredicate_MatchSet) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_config_common_matcher_v3_matcher_proto_msgTypes[13]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use MatchPredicate_MatchSet.ProtoReflect.Descriptor instead.
+func (*MatchPredicate_MatchSet) Descriptor() ([]byte, []int) {
+	return file_envoy_config_common_matcher_v3_matcher_proto_rawDescGZIP(), []int{1, 0}
+}
+
+func (x *MatchPredicate_MatchSet) GetRules() []*MatchPredicate {
+	if x != nil {
+		return x.Rules
+	}
+	return nil
+}
+
+type HttpGenericBodyMatch_GenericTextMatch struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// Types that are assignable to Rule:
+	//	*HttpGenericBodyMatch_GenericTextMatch_StringMatch
+	//	*HttpGenericBodyMatch_GenericTextMatch_BinaryMatch
+	Rule isHttpGenericBodyMatch_GenericTextMatch_Rule `protobuf_oneof:"rule"`
+}
+
+func (x *HttpGenericBodyMatch_GenericTextMatch) Reset() {
+	*x = HttpGenericBodyMatch_GenericTextMatch{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_config_common_matcher_v3_matcher_proto_msgTypes[14]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *HttpGenericBodyMatch_GenericTextMatch) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*HttpGenericBodyMatch_GenericTextMatch) ProtoMessage() {}
+
+func (x *HttpGenericBodyMatch_GenericTextMatch) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_config_common_matcher_v3_matcher_proto_msgTypes[14]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use HttpGenericBodyMatch_GenericTextMatch.ProtoReflect.Descriptor instead.
+func (*HttpGenericBodyMatch_GenericTextMatch) Descriptor() ([]byte, []int) {
+	return file_envoy_config_common_matcher_v3_matcher_proto_rawDescGZIP(), []int{3, 0}
+}
+
+func (m *HttpGenericBodyMatch_GenericTextMatch) GetRule() isHttpGenericBodyMatch_GenericTextMatch_Rule {
+	if m != nil {
+		return m.Rule
+	}
+	return nil
+}
+
+func (x *HttpGenericBodyMatch_GenericTextMatch) GetStringMatch() string {
+	if x, ok := x.GetRule().(*HttpGenericBodyMatch_GenericTextMatch_StringMatch); ok {
+		return x.StringMatch
+	}
+	return ""
+}
+
+func (x *HttpGenericBodyMatch_GenericTextMatch) GetBinaryMatch() []byte {
+	if x, ok := x.GetRule().(*HttpGenericBodyMatch_GenericTextMatch_BinaryMatch); ok {
+		return x.BinaryMatch
+	}
+	return nil
+}
+
+type isHttpGenericBodyMatch_GenericTextMatch_Rule interface {
+	isHttpGenericBodyMatch_GenericTextMatch_Rule()
+}
+
+type HttpGenericBodyMatch_GenericTextMatch_StringMatch struct {
+	// Text string to be located in HTTP body.
+	StringMatch string `protobuf:"bytes,1,opt,name=string_match,json=stringMatch,proto3,oneof"`
+}
+
+type HttpGenericBodyMatch_GenericTextMatch_BinaryMatch struct {
+	// Sequence of bytes to be located in HTTP body.
+	BinaryMatch []byte `protobuf:"bytes,2,opt,name=binary_match,json=binaryMatch,proto3,oneof"`
+}
+
+func (*HttpGenericBodyMatch_GenericTextMatch_StringMatch) isHttpGenericBodyMatch_GenericTextMatch_Rule() {
+}
+
+func (*HttpGenericBodyMatch_GenericTextMatch_BinaryMatch) isHttpGenericBodyMatch_GenericTextMatch_Rule() {
+}
+
+var File_envoy_config_common_matcher_v3_matcher_proto protoreflect.FileDescriptor
+
+var file_envoy_config_common_matcher_v3_matcher_proto_rawDesc = []byte{
+	0x0a, 0x2c, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2f, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2f, 0x63,
+	0x6f, 0x6d, 0x6d, 0x6f, 0x6e, 0x2f, 0x6d, 0x61, 0x74, 0x63, 0x68, 0x65, 0x72, 0x2f, 0x76, 0x33,
+	0x2f, 0x6d, 0x61, 0x74, 0x63, 0x68, 0x65, 0x72, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x12, 0x1e,
+	0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x63, 0x6f, 0x6d,
+	0x6d, 0x6f, 0x6e, 0x2e, 0x6d, 0x61, 0x74, 0x63, 0x68, 0x65, 0x72, 0x2e, 0x76, 0x33, 0x1a, 0x24,
+	0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2f, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2f, 0x63, 0x6f, 0x72,
+	0x65, 0x2f, 0x76, 0x33, 0x2f, 0x65, 0x78, 0x74, 0x65, 0x6e, 0x73, 0x69, 0x6f, 0x6e, 0x2e, 0x70,
+	0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x2c, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2f, 0x63, 0x6f, 0x6e, 0x66,
+	0x69, 0x67, 0x2f, 0x72, 0x6f, 0x75, 0x74, 0x65, 0x2f, 0x76, 0x33, 0x2f, 0x72, 0x6f, 0x75, 0x74,
+	0x65, 0x5f, 0x63, 0x6f, 0x6d, 0x70, 0x6f, 0x6e, 0x65, 0x6e, 0x74, 0x73, 0x2e, 0x70, 0x72, 0x6f,
+	0x74, 0x6f, 0x1a, 0x22, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2f, 0x74, 0x79, 0x70, 0x65, 0x2f, 0x6d,
+	0x61, 0x74, 0x63, 0x68, 0x65, 0x72, 0x2f, 0x76, 0x33, 0x2f, 0x73, 0x74, 0x72, 0x69, 0x6e, 0x67,
+	0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x1f, 0x78, 0x64, 0x73, 0x2f, 0x61, 0x6e, 0x6e, 0x6f,
+	0x74, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x2f, 0x76, 0x33, 0x2f, 0x73, 0x74, 0x61, 0x74, 0x75,
+	0x73, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x1d, 0x75, 0x64, 0x70, 0x61, 0x2f, 0x61, 0x6e,
+	0x6e, 0x6f, 0x74, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x2f, 0x73, 0x74, 0x61, 0x74, 0x75, 0x73,
+	0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x17, 0x76, 0x61, 0x6c, 0x69, 0x64, 0x61, 0x74, 0x65,
+	0x2f, 0x76, 0x61, 0x6c, 0x69, 0x64, 0x61, 0x74, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x22,
+	0xe4, 0x11, 0x0a, 0x07, 0x4d, 0x61, 0x74, 0x63, 0x68, 0x65, 0x72, 0x12, 0x58, 0x0a, 0x0c, 0x6d,
+	0x61, 0x74, 0x63, 0x68, 0x65, 0x72, 0x5f, 0x6c, 0x69, 0x73, 0x74, 0x18, 0x01, 0x20, 0x01, 0x28,
+	0x0b, 0x32, 0x33, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67,
+	0x2e, 0x63, 0x6f, 0x6d, 0x6d, 0x6f, 0x6e, 0x2e, 0x6d, 0x61, 0x74, 0x63, 0x68, 0x65, 0x72, 0x2e,
+	0x76, 0x33, 0x2e, 0x4d, 0x61, 0x74, 0x63, 0x68, 0x65, 0x72, 0x2e, 0x4d, 0x61, 0x74, 0x63, 0x68,
+	0x65, 0x72, 0x4c, 0x69, 0x73, 0x74, 0x48, 0x00, 0x52, 0x0b, 0x6d, 0x61, 0x74, 0x63, 0x68, 0x65,
+	0x72, 0x4c, 0x69, 0x73, 0x74, 0x12, 0x58, 0x0a, 0x0c, 0x6d, 0x61, 0x74, 0x63, 0x68, 0x65, 0x72,
+	0x5f, 0x74, 0x72, 0x65, 0x65, 0x18, 0x02, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x33, 0x2e, 0x65, 0x6e,
+	0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x63, 0x6f, 0x6d, 0x6d, 0x6f,
+	0x6e, 0x2e, 0x6d, 0x61, 0x74, 0x63, 0x68, 0x65, 0x72, 0x2e, 0x76, 0x33, 0x2e, 0x4d, 0x61, 0x74,
+	0x63, 0x68, 0x65, 0x72, 0x2e, 0x4d, 0x61, 0x74, 0x63, 0x68, 0x65, 0x72, 0x54, 0x72, 0x65, 0x65,
+	0x48, 0x00, 0x52, 0x0b, 0x6d, 0x61, 0x74, 0x63, 0x68, 0x65, 0x72, 0x54, 0x72, 0x65, 0x65, 0x12,
+	0x4f, 0x0a, 0x0b, 0x6f, 0x6e, 0x5f, 0x6e, 0x6f, 0x5f, 0x6d, 0x61, 0x74, 0x63, 0x68, 0x18, 0x03,
+	0x20, 0x01, 0x28, 0x0b, 0x32, 0x2f, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e,
+	0x66, 0x69, 0x67, 0x2e, 0x63, 0x6f, 0x6d, 0x6d, 0x6f, 0x6e, 0x2e, 0x6d, 0x61, 0x74, 0x63, 0x68,
+	0x65, 0x72, 0x2e, 0x76, 0x33, 0x2e, 0x4d, 0x61, 0x74, 0x63, 0x68, 0x65, 0x72, 0x2e, 0x4f, 0x6e,
+	0x4d, 0x61, 0x74, 0x63, 0x68, 0x52, 0x09, 0x6f, 0x6e, 0x4e, 0x6f, 0x4d, 0x61, 0x74, 0x63, 0x68,
+	0x1a, 0xa5, 0x01, 0x0a, 0x07, 0x4f, 0x6e, 0x4d, 0x61, 0x74, 0x63, 0x68, 0x12, 0x43, 0x0a, 0x07,
+	0x6d, 0x61, 0x74, 0x63, 0x68, 0x65, 0x72, 0x18, 0x01, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x27, 0x2e,
+	0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x63, 0x6f, 0x6d,
+	0x6d, 0x6f, 0x6e, 0x2e, 0x6d, 0x61, 0x74, 0x63, 0x68, 0x65, 0x72, 0x2e, 0x76, 0x33, 0x2e, 0x4d,
+	0x61, 0x74, 0x63, 0x68, 0x65, 0x72, 0x48, 0x00, 0x52, 0x07, 0x6d, 0x61, 0x74, 0x63, 0x68, 0x65,
+	0x72, 0x12, 0x44, 0x0a, 0x06, 0x61, 0x63, 0x74, 0x69, 0x6f, 0x6e, 0x18, 0x02, 0x20, 0x01, 0x28,
+	0x0b, 0x32, 0x2a, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67,
+	0x2e, 0x63, 0x6f, 0x72, 0x65, 0x2e, 0x76, 0x33, 0x2e, 0x54, 0x79, 0x70, 0x65, 0x64, 0x45, 0x78,
+	0x74, 0x65, 0x6e, 0x73, 0x69, 0x6f, 0x6e, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x48, 0x00, 0x52,
+	0x06, 0x61, 0x63, 0x74, 0x69, 0x6f, 0x6e, 0x42, 0x0f, 0x0a, 0x08, 0x6f, 0x6e, 0x5f, 0x6d, 0x61,
+	0x74, 0x63, 0x68, 0x12, 0x03, 0xf8, 0x42, 0x01, 0x1a, 0xa2, 0x09, 0x0a, 0x0b, 0x4d, 0x61, 0x74,
+	0x63, 0x68, 0x65, 0x72, 0x4c, 0x69, 0x73, 0x74, 0x12, 0x66, 0x0a, 0x08, 0x6d, 0x61, 0x74, 0x63,
+	0x68, 0x65, 0x72, 0x73, 0x18, 0x01, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x40, 0x2e, 0x65, 0x6e, 0x76,
+	0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x63, 0x6f, 0x6d, 0x6d, 0x6f, 0x6e,
+	0x2e, 0x6d, 0x61, 0x74, 0x63, 0x68, 0x65, 0x72, 0x2e, 0x76, 0x33, 0x2e, 0x4d, 0x61, 0x74, 0x63,
+	0x68, 0x65, 0x72, 0x2e, 0x4d, 0x61, 0x74, 0x63, 0x68, 0x65, 0x72, 0x4c, 0x69, 0x73, 0x74, 0x2e,
+	0x46, 0x69, 0x65, 0x6c, 0x64, 0x4d, 0x61, 0x74, 0x63, 0x68, 0x65, 0x72, 0x42, 0x08, 0xfa, 0x42,
+	0x05, 0x92, 0x01, 0x02, 0x08, 0x01, 0x52, 0x08, 0x6d, 0x61, 0x74, 0x63, 0x68, 0x65, 0x72, 0x73,
+	0x1a, 0xdc, 0x06, 0x0a, 0x09, 0x50, 0x72, 0x65, 0x64, 0x69, 0x63, 0x61, 0x74, 0x65, 0x12, 0x7a,
+	0x0a, 0x10, 0x73, 0x69, 0x6e, 0x67, 0x6c, 0x65, 0x5f, 0x70, 0x72, 0x65, 0x64, 0x69, 0x63, 0x61,
+	0x74, 0x65, 0x18, 0x01, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x4d, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79,
+	0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x63, 0x6f, 0x6d, 0x6d, 0x6f, 0x6e, 0x2e, 0x6d,
+	0x61, 0x74, 0x63, 0x68, 0x65, 0x72, 0x2e, 0x76, 0x33, 0x2e, 0x4d, 0x61, 0x74, 0x63, 0x68, 0x65,
+	0x72, 0x2e, 0x4d, 0x61, 0x74, 0x63, 0x68, 0x65, 0x72, 0x4c, 0x69, 0x73, 0x74, 0x2e, 0x50, 0x72,
+	0x65, 0x64, 0x69, 0x63, 0x61, 0x74, 0x65, 0x2e, 0x53, 0x69, 0x6e, 0x67, 0x6c, 0x65, 0x50, 0x72,
+	0x65, 0x64, 0x69, 0x63, 0x61, 0x74, 0x65, 0x48, 0x00, 0x52, 0x0f, 0x73, 0x69, 0x6e, 0x67, 0x6c,
+	0x65, 0x50, 0x72, 0x65, 0x64, 0x69, 0x63, 0x61, 0x74, 0x65, 0x12, 0x6c, 0x0a, 0x0a, 0x6f, 0x72,
+	0x5f, 0x6d, 0x61, 0x74, 0x63, 0x68, 0x65, 0x72, 0x18, 0x02, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x4b,
+	0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x63, 0x6f,
+	0x6d, 0x6d, 0x6f, 0x6e, 0x2e, 0x6d, 0x61, 0x74, 0x63, 0x68, 0x65, 0x72, 0x2e, 0x76, 0x33, 0x2e,
+	0x4d, 0x61, 0x74, 0x63, 0x68, 0x65, 0x72, 0x2e, 0x4d, 0x61, 0x74, 0x63, 0x68, 0x65, 0x72, 0x4c,
+	0x69, 0x73, 0x74, 0x2e, 0x50, 0x72, 0x65, 0x64, 0x69, 0x63, 0x61, 0x74, 0x65, 0x2e, 0x50, 0x72,
+	0x65, 0x64, 0x69, 0x63, 0x61, 0x74, 0x65, 0x4c, 0x69, 0x73, 0x74, 0x48, 0x00, 0x52, 0x09, 0x6f,
+	0x72, 0x4d, 0x61, 0x74, 0x63, 0x68, 0x65, 0x72, 0x12, 0x6e, 0x0a, 0x0b, 0x61, 0x6e, 0x64, 0x5f,
+	0x6d, 0x61, 0x74, 0x63, 0x68, 0x65, 0x72, 0x18, 0x03, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x4b, 0x2e,
+	0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x63, 0x6f, 0x6d,
+	0x6d, 0x6f, 0x6e, 0x2e, 0x6d, 0x61, 0x74, 0x63, 0x68, 0x65, 0x72, 0x2e, 0x76, 0x33, 0x2e, 0x4d,
+	0x61, 0x74, 0x63, 0x68, 0x65, 0x72, 0x2e, 0x4d, 0x61, 0x74, 0x63, 0x68, 0x65, 0x72, 0x4c, 0x69,
+	0x73, 0x74, 0x2e, 0x50, 0x72, 0x65, 0x64, 0x69, 0x63, 0x61, 0x74, 0x65, 0x2e, 0x50, 0x72, 0x65,
+	0x64, 0x69, 0x63, 0x61, 0x74, 0x65, 0x4c, 0x69, 0x73, 0x74, 0x48, 0x00, 0x52, 0x0a, 0x61, 0x6e,
+	0x64, 0x4d, 0x61, 0x74, 0x63, 0x68, 0x65, 0x72, 0x12, 0x60, 0x0a, 0x0b, 0x6e, 0x6f, 0x74, 0x5f,
+	0x6d, 0x61, 0x74, 0x63, 0x68, 0x65, 0x72, 0x18, 0x04, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x3d, 0x2e,
+	0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x63, 0x6f, 0x6d,
+	0x6d, 0x6f, 0x6e, 0x2e, 0x6d, 0x61, 0x74, 0x63, 0x68, 0x65, 0x72, 0x2e, 0x76, 0x33, 0x2e, 0x4d,
+	0x61, 0x74, 0x63, 0x68, 0x65, 0x72, 0x2e, 0x4d, 0x61, 0x74, 0x63, 0x68, 0x65, 0x72, 0x4c, 0x69,
+	0x73, 0x74, 0x2e, 0x50, 0x72, 0x65, 0x64, 0x69, 0x63, 0x61, 0x74, 0x65, 0x48, 0x00, 0x52, 0x0a,
+	0x6e, 0x6f, 0x74, 0x4d, 0x61, 0x74, 0x63, 0x68, 0x65, 0x72, 0x1a, 0x87, 0x02, 0x0a, 0x0f, 0x53,
+	0x69, 0x6e, 0x67, 0x6c, 0x65, 0x50, 0x72, 0x65, 0x64, 0x69, 0x63, 0x61, 0x74, 0x65, 0x12, 0x4a,
+	0x0a, 0x05, 0x69, 0x6e, 0x70, 0x75, 0x74, 0x18, 0x01, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x2a, 0x2e,
+	0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x63, 0x6f, 0x72,
+	0x65, 0x2e, 0x76, 0x33, 0x2e, 0x54, 0x79, 0x70, 0x65, 0x64, 0x45, 0x78, 0x74, 0x65, 0x6e, 0x73,
+	0x69, 0x6f, 0x6e, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x42, 0x08, 0xfa, 0x42, 0x05, 0x8a, 0x01,
+	0x02, 0x10, 0x01, 0x52, 0x05, 0x69, 0x6e, 0x70, 0x75, 0x74, 0x12, 0x47, 0x0a, 0x0b, 0x76, 0x61,
+	0x6c, 0x75, 0x65, 0x5f, 0x6d, 0x61, 0x74, 0x63, 0x68, 0x18, 0x02, 0x20, 0x01, 0x28, 0x0b, 0x32,
+	0x24, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x74, 0x79, 0x70, 0x65, 0x2e, 0x6d, 0x61, 0x74,
+	0x63, 0x68, 0x65, 0x72, 0x2e, 0x76, 0x33, 0x2e, 0x53, 0x74, 0x72, 0x69, 0x6e, 0x67, 0x4d, 0x61,
+	0x74, 0x63, 0x68, 0x65, 0x72, 0x48, 0x00, 0x52, 0x0a, 0x76, 0x61, 0x6c, 0x75, 0x65, 0x4d, 0x61,
+	0x74, 0x63, 0x68, 0x12, 0x4f, 0x0a, 0x0c, 0x63, 0x75, 0x73, 0x74, 0x6f, 0x6d, 0x5f, 0x6d, 0x61,
+	0x74, 0x63, 0x68, 0x18, 0x03, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x2a, 0x2e, 0x65, 0x6e, 0x76, 0x6f,
+	0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x63, 0x6f, 0x72, 0x65, 0x2e, 0x76, 0x33,
+	0x2e, 0x54, 0x79, 0x70, 0x65, 0x64, 0x45, 0x78, 0x74, 0x65, 0x6e, 0x73, 0x69, 0x6f, 0x6e, 0x43,
+	0x6f, 0x6e, 0x66, 0x69, 0x67, 0x48, 0x00, 0x52, 0x0b, 0x63, 0x75, 0x73, 0x74, 0x6f, 0x6d, 0x4d,
+	0x61, 0x74, 0x63, 0x68, 0x42, 0x0e, 0x0a, 0x07, 0x6d, 0x61, 0x74, 0x63, 0x68, 0x65, 0x72, 0x12,
+	0x03, 0xf8, 0x42, 0x01, 0x1a, 0x76, 0x0a, 0x0d, 0x50, 0x72, 0x65, 0x64, 0x69, 0x63, 0x61, 0x74,
+	0x65, 0x4c, 0x69, 0x73, 0x74, 0x12, 0x65, 0x0a, 0x09, 0x70, 0x72, 0x65, 0x64, 0x69, 0x63, 0x61,
+	0x74, 0x65, 0x18, 0x01, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x3d, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79,
+	0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x63, 0x6f, 0x6d, 0x6d, 0x6f, 0x6e, 0x2e, 0x6d,
+	0x61, 0x74, 0x63, 0x68, 0x65, 0x72, 0x2e, 0x76, 0x33, 0x2e, 0x4d, 0x61, 0x74, 0x63, 0x68, 0x65,
+	0x72, 0x2e, 0x4d, 0x61, 0x74, 0x63, 0x68, 0x65, 0x72, 0x4c, 0x69, 0x73, 0x74, 0x2e, 0x50, 0x72,
+	0x65, 0x64, 0x69, 0x63, 0x61, 0x74, 0x65, 0x42, 0x08, 0xfa, 0x42, 0x05, 0x92, 0x01, 0x02, 0x08,
+	0x02, 0x52, 0x09, 0x70, 0x72, 0x65, 0x64, 0x69, 0x63, 0x61, 0x74, 0x65, 0x42, 0x11, 0x0a, 0x0a,
+	0x6d, 0x61, 0x74, 0x63, 0x68, 0x5f, 0x74, 0x79, 0x70, 0x65, 0x12, 0x03, 0xf8, 0x42, 0x01, 0x1a,
+	0xcb, 0x01, 0x0a, 0x0c, 0x46, 0x69, 0x65, 0x6c, 0x64, 0x4d, 0x61, 0x74, 0x63, 0x68, 0x65, 0x72,
+	0x12, 0x65, 0x0a, 0x09, 0x70, 0x72, 0x65, 0x64, 0x69, 0x63, 0x61, 0x74, 0x65, 0x18, 0x01, 0x20,
+	0x01, 0x28, 0x0b, 0x32, 0x3d, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66,
+	0x69, 0x67, 0x2e, 0x63, 0x6f, 0x6d, 0x6d, 0x6f, 0x6e, 0x2e, 0x6d, 0x61, 0x74, 0x63, 0x68, 0x65,
+	0x72, 0x2e, 0x76, 0x33, 0x2e, 0x4d, 0x61, 0x74, 0x63, 0x68, 0x65, 0x72, 0x2e, 0x4d, 0x61, 0x74,
+	0x63, 0x68, 0x65, 0x72, 0x4c, 0x69, 0x73, 0x74, 0x2e, 0x50, 0x72, 0x65, 0x64, 0x69, 0x63, 0x61,
+	0x74, 0x65, 0x42, 0x08, 0xfa, 0x42, 0x05, 0x8a, 0x01, 0x02, 0x10, 0x01, 0x52, 0x09, 0x70, 0x72,
+	0x65, 0x64, 0x69, 0x63, 0x61, 0x74, 0x65, 0x12, 0x54, 0x0a, 0x08, 0x6f, 0x6e, 0x5f, 0x6d, 0x61,
+	0x74, 0x63, 0x68, 0x18, 0x02, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x2f, 0x2e, 0x65, 0x6e, 0x76, 0x6f,
+	0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x63, 0x6f, 0x6d, 0x6d, 0x6f, 0x6e, 0x2e,
+	0x6d, 0x61, 0x74, 0x63, 0x68, 0x65, 0x72, 0x2e, 0x76, 0x33, 0x2e, 0x4d, 0x61, 0x74, 0x63, 0x68,
+	0x65, 0x72, 0x2e, 0x4f, 0x6e, 0x4d, 0x61, 0x74, 0x63, 0x68, 0x42, 0x08, 0xfa, 0x42, 0x05, 0x8a,
+	0x01, 0x02, 0x10, 0x01, 0x52, 0x07, 0x6f, 0x6e, 0x4d, 0x61, 0x74, 0x63, 0x68, 0x1a, 0xe7, 0x04,
+	0x0a, 0x0b, 0x4d, 0x61, 0x74, 0x63, 0x68, 0x65, 0x72, 0x54, 0x72, 0x65, 0x65, 0x12, 0x4a, 0x0a,
+	0x05, 0x69, 0x6e, 0x70, 0x75, 0x74, 0x18, 0x01, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x2a, 0x2e, 0x65,
+	0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x63, 0x6f, 0x72, 0x65,
+	0x2e, 0x76, 0x33, 0x2e, 0x54, 0x79, 0x70, 0x65, 0x64, 0x45, 0x78, 0x74, 0x65, 0x6e, 0x73, 0x69,
+	0x6f, 0x6e, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x42, 0x08, 0xfa, 0x42, 0x05, 0x8a, 0x01, 0x02,
+	0x10, 0x01, 0x52, 0x05, 0x69, 0x6e, 0x70, 0x75, 0x74, 0x12, 0x66, 0x0a, 0x0f, 0x65, 0x78, 0x61,
+	0x63, 0x74, 0x5f, 0x6d, 0x61, 0x74, 0x63, 0x68, 0x5f, 0x6d, 0x61, 0x70, 0x18, 0x02, 0x20, 0x01,
+	0x28, 0x0b, 0x32, 0x3c, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69,
+	0x67, 0x2e, 0x63, 0x6f, 0x6d, 0x6d, 0x6f, 0x6e, 0x2e, 0x6d, 0x61, 0x74, 0x63, 0x68, 0x65, 0x72,
+	0x2e, 0x76, 0x33, 0x2e, 0x4d, 0x61, 0x74, 0x63, 0x68, 0x65, 0x72, 0x2e, 0x4d, 0x61, 0x74, 0x63,
+	0x68, 0x65, 0x72, 0x54, 0x72, 0x65, 0x65, 0x2e, 0x4d, 0x61, 0x74, 0x63, 0x68, 0x4d, 0x61, 0x70,
+	0x48, 0x00, 0x52, 0x0d, 0x65, 0x78, 0x61, 0x63, 0x74, 0x4d, 0x61, 0x74, 0x63, 0x68, 0x4d, 0x61,
+	0x70, 0x12, 0x68, 0x0a, 0x10, 0x70, 0x72, 0x65, 0x66, 0x69, 0x78, 0x5f, 0x6d, 0x61, 0x74, 0x63,
+	0x68, 0x5f, 0x6d, 0x61, 0x70, 0x18, 0x03, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x3c, 0x2e, 0x65, 0x6e,
+	0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x63, 0x6f, 0x6d, 0x6d, 0x6f,
+	0x6e, 0x2e, 0x6d, 0x61, 0x74, 0x63, 0x68, 0x65, 0x72, 0x2e, 0x76, 0x33, 0x2e, 0x4d, 0x61, 0x74,
+	0x63, 0x68, 0x65, 0x72, 0x2e, 0x4d, 0x61, 0x74, 0x63, 0x68, 0x65, 0x72, 0x54, 0x72, 0x65, 0x65,
+	0x2e, 0x4d, 0x61, 0x74, 0x63, 0x68, 0x4d, 0x61, 0x70, 0x48, 0x00, 0x52, 0x0e, 0x70, 0x72, 0x65,
+	0x66, 0x69, 0x78, 0x4d, 0x61, 0x74, 0x63, 0x68, 0x4d, 0x61, 0x70, 0x12, 0x4f, 0x0a, 0x0c, 0x63,
+	0x75, 0x73, 0x74, 0x6f, 0x6d, 0x5f, 0x6d, 0x61, 0x74, 0x63, 0x68, 0x18, 0x04, 0x20, 0x01, 0x28,
+	0x0b, 0x32, 0x2a, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67,
+	0x2e, 0x63, 0x6f, 0x72, 0x65, 0x2e, 0x76, 0x33, 0x2e, 0x54, 0x79, 0x70, 0x65, 0x64, 0x45, 0x78,
+	0x74, 0x65, 0x6e, 0x73, 0x69, 0x6f, 0x6e, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x48, 0x00, 0x52,
+	0x0b, 0x63, 0x75, 0x73, 0x74, 0x6f, 0x6d, 0x4d, 0x61, 0x74, 0x63, 0x68, 0x1a, 0xd6, 0x01, 0x0a,
+	0x08, 0x4d, 0x61, 0x74, 0x63, 0x68, 0x4d, 0x61, 0x70, 0x12, 0x61, 0x0a, 0x03, 0x6d, 0x61, 0x70,
+	0x18, 0x01, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x45, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63,
+	0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x63, 0x6f, 0x6d, 0x6d, 0x6f, 0x6e, 0x2e, 0x6d, 0x61, 0x74,
+	0x63, 0x68, 0x65, 0x72, 0x2e, 0x76, 0x33, 0x2e, 0x4d, 0x61, 0x74, 0x63, 0x68, 0x65, 0x72, 0x2e,
+	0x4d, 0x61, 0x74, 0x63, 0x68, 0x65, 0x72, 0x54, 0x72, 0x65, 0x65, 0x2e, 0x4d, 0x61, 0x74, 0x63,
+	0x68, 0x4d, 0x61, 0x70, 0x2e, 0x4d, 0x61, 0x70, 0x45, 0x6e, 0x74, 0x72, 0x79, 0x42, 0x08, 0xfa,
+	0x42, 0x05, 0x9a, 0x01, 0x02, 0x08, 0x01, 0x52, 0x03, 0x6d, 0x61, 0x70, 0x1a, 0x67, 0x0a, 0x08,
+	0x4d, 0x61, 0x70, 0x45, 0x6e, 0x74, 0x72, 0x79, 0x12, 0x10, 0x0a, 0x03, 0x6b, 0x65, 0x79, 0x18,
+	0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x03, 0x6b, 0x65, 0x79, 0x12, 0x45, 0x0a, 0x05, 0x76, 0x61,
+	0x6c, 0x75, 0x65, 0x18, 0x02, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x2f, 0x2e, 0x65, 0x6e, 0x76, 0x6f,
+	0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x63, 0x6f, 0x6d, 0x6d, 0x6f, 0x6e, 0x2e,
+	0x6d, 0x61, 0x74, 0x63, 0x68, 0x65, 0x72, 0x2e, 0x76, 0x33, 0x2e, 0x4d, 0x61, 0x74, 0x63, 0x68,
+	0x65, 0x72, 0x2e, 0x4f, 0x6e, 0x4d, 0x61, 0x74, 0x63, 0x68, 0x52, 0x05, 0x76, 0x61, 0x6c, 0x75,
+	0x65, 0x3a, 0x02, 0x38, 0x01, 0x42, 0x10, 0x0a, 0x09, 0x74, 0x72, 0x65, 0x65, 0x5f, 0x74, 0x79,
+	0x70, 0x65, 0x12, 0x03, 0xf8, 0x42, 0x01, 0x3a, 0x08, 0xd2, 0xc6, 0xa4, 0xe1, 0x06, 0x02, 0x08,
+	0x01, 0x42, 0x13, 0x0a, 0x0c, 0x6d, 0x61, 0x74, 0x63, 0x68, 0x65, 0x72, 0x5f, 0x74, 0x79, 0x70,
+	0x65, 0x12, 0x03, 0xf8, 0x42, 0x01, 0x22, 0xe8, 0x08, 0x0a, 0x0e, 0x4d, 0x61, 0x74, 0x63, 0x68,
+	0x50, 0x72, 0x65, 0x64, 0x69, 0x63, 0x61, 0x74, 0x65, 0x12, 0x54, 0x0a, 0x08, 0x6f, 0x72, 0x5f,
+	0x6d, 0x61, 0x74, 0x63, 0x68, 0x18, 0x01, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x37, 0x2e, 0x65, 0x6e,
+	0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x63, 0x6f, 0x6d, 0x6d, 0x6f,
+	0x6e, 0x2e, 0x6d, 0x61, 0x74, 0x63, 0x68, 0x65, 0x72, 0x2e, 0x76, 0x33, 0x2e, 0x4d, 0x61, 0x74,
+	0x63, 0x68, 0x50, 0x72, 0x65, 0x64, 0x69, 0x63, 0x61, 0x74, 0x65, 0x2e, 0x4d, 0x61, 0x74, 0x63,
+	0x68, 0x53, 0x65, 0x74, 0x48, 0x00, 0x52, 0x07, 0x6f, 0x72, 0x4d, 0x61, 0x74, 0x63, 0x68, 0x12,
+	0x56, 0x0a, 0x09, 0x61, 0x6e, 0x64, 0x5f, 0x6d, 0x61, 0x74, 0x63, 0x68, 0x18, 0x02, 0x20, 0x01,
+	0x28, 0x0b, 0x32, 0x37, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69,
+	0x67, 0x2e, 0x63, 0x6f, 0x6d, 0x6d, 0x6f, 0x6e, 0x2e, 0x6d, 0x61, 0x74, 0x63, 0x68, 0x65, 0x72,
+	0x2e, 0x76, 0x33, 0x2e, 0x4d, 0x61, 0x74, 0x63, 0x68, 0x50, 0x72, 0x65, 0x64, 0x69, 0x63, 0x61,
+	0x74, 0x65, 0x2e, 0x4d, 0x61, 0x74, 0x63, 0x68, 0x53, 0x65, 0x74, 0x48, 0x00, 0x52, 0x08, 0x61,
+	0x6e, 0x64, 0x4d, 0x61, 0x74, 0x63, 0x68, 0x12, 0x4d, 0x0a, 0x09, 0x6e, 0x6f, 0x74, 0x5f, 0x6d,
+	0x61, 0x74, 0x63, 0x68, 0x18, 0x03, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x2e, 0x2e, 0x65, 0x6e, 0x76,
+	0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x63, 0x6f, 0x6d, 0x6d, 0x6f, 0x6e,
+	0x2e, 0x6d, 0x61, 0x74, 0x63, 0x68, 0x65, 0x72, 0x2e, 0x76, 0x33, 0x2e, 0x4d, 0x61, 0x74, 0x63,
+	0x68, 0x50, 0x72, 0x65, 0x64, 0x69, 0x63, 0x61, 0x74, 0x65, 0x48, 0x00, 0x52, 0x08, 0x6e, 0x6f,
+	0x74, 0x4d, 0x61, 0x74, 0x63, 0x68, 0x12, 0x26, 0x0a, 0x09, 0x61, 0x6e, 0x79, 0x5f, 0x6d, 0x61,
+	0x74, 0x63, 0x68, 0x18, 0x04, 0x20, 0x01, 0x28, 0x08, 0x42, 0x07, 0xfa, 0x42, 0x04, 0x6a, 0x02,
+	0x08, 0x01, 0x48, 0x00, 0x52, 0x08, 0x61, 0x6e, 0x79, 0x4d, 0x61, 0x74, 0x63, 0x68, 0x12, 0x6f,
+	0x0a, 0x1a, 0x68, 0x74, 0x74, 0x70, 0x5f, 0x72, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x5f, 0x68,
+	0x65, 0x61, 0x64, 0x65, 0x72, 0x73, 0x5f, 0x6d, 0x61, 0x74, 0x63, 0x68, 0x18, 0x05, 0x20, 0x01,
+	0x28, 0x0b, 0x32, 0x30, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69,
+	0x67, 0x2e, 0x63, 0x6f, 0x6d, 0x6d, 0x6f, 0x6e, 0x2e, 0x6d, 0x61, 0x74, 0x63, 0x68, 0x65, 0x72,
+	0x2e, 0x76, 0x33, 0x2e, 0x48, 0x74, 0x74, 0x70, 0x48, 0x65, 0x61, 0x64, 0x65, 0x72, 0x73, 0x4d,
+	0x61, 0x74, 0x63, 0x68, 0x48, 0x00, 0x52, 0x17, 0x68, 0x74, 0x74, 0x70, 0x52, 0x65, 0x71, 0x75,
+	0x65, 0x73, 0x74, 0x48, 0x65, 0x61, 0x64, 0x65, 0x72, 0x73, 0x4d, 0x61, 0x74, 0x63, 0x68, 0x12,
+	0x71, 0x0a, 0x1b, 0x68, 0x74, 0x74, 0x70, 0x5f, 0x72, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x5f,
+	0x74, 0x72, 0x61, 0x69, 0x6c, 0x65, 0x72, 0x73, 0x5f, 0x6d, 0x61, 0x74, 0x63, 0x68, 0x18, 0x06,
+	0x20, 0x01, 0x28, 0x0b, 0x32, 0x30, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e,
+	0x66, 0x69, 0x67, 0x2e, 0x63, 0x6f, 0x6d, 0x6d, 0x6f, 0x6e, 0x2e, 0x6d, 0x61, 0x74, 0x63, 0x68,
+	0x65, 0x72, 0x2e, 0x76, 0x33, 0x2e, 0x48, 0x74, 0x74, 0x70, 0x48, 0x65, 0x61, 0x64, 0x65, 0x72,
+	0x73, 0x4d, 0x61, 0x74, 0x63, 0x68, 0x48, 0x00, 0x52, 0x18, 0x68, 0x74, 0x74, 0x70, 0x52, 0x65,
+	0x71, 0x75, 0x65, 0x73, 0x74, 0x54, 0x72, 0x61, 0x69, 0x6c, 0x65, 0x72, 0x73, 0x4d, 0x61, 0x74,
+	0x63, 0x68, 0x12, 0x71, 0x0a, 0x1b, 0x68, 0x74, 0x74, 0x70, 0x5f, 0x72, 0x65, 0x73, 0x70, 0x6f,
+	0x6e, 0x73, 0x65, 0x5f, 0x68, 0x65, 0x61, 0x64, 0x65, 0x72, 0x73, 0x5f, 0x6d, 0x61, 0x74, 0x63,
+	0x68, 0x18, 0x07, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x30, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e,
+	0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x63, 0x6f, 0x6d, 0x6d, 0x6f, 0x6e, 0x2e, 0x6d, 0x61,
+	0x74, 0x63, 0x68, 0x65, 0x72, 0x2e, 0x76, 0x33, 0x2e, 0x48, 0x74, 0x74, 0x70, 0x48, 0x65, 0x61,
+	0x64, 0x65, 0x72, 0x73, 0x4d, 0x61, 0x74, 0x63, 0x68, 0x48, 0x00, 0x52, 0x18, 0x68, 0x74, 0x74,
+	0x70, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x48, 0x65, 0x61, 0x64, 0x65, 0x72, 0x73,
+	0x4d, 0x61, 0x74, 0x63, 0x68, 0x12, 0x73, 0x0a, 0x1c, 0x68, 0x74, 0x74, 0x70, 0x5f, 0x72, 0x65,
+	0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x5f, 0x74, 0x72, 0x61, 0x69, 0x6c, 0x65, 0x72, 0x73, 0x5f,
+	0x6d, 0x61, 0x74, 0x63, 0x68, 0x18, 0x08, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x30, 0x2e, 0x65, 0x6e,
+	0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x63, 0x6f, 0x6d, 0x6d, 0x6f,
+	0x6e, 0x2e, 0x6d, 0x61, 0x74, 0x63, 0x68, 0x65, 0x72, 0x2e, 0x76, 0x33, 0x2e, 0x48, 0x74, 0x74,
+	0x70, 0x48, 0x65, 0x61, 0x64, 0x65, 0x72, 0x73, 0x4d, 0x61, 0x74, 0x63, 0x68, 0x48, 0x00, 0x52,
+	0x19, 0x68, 0x74, 0x74, 0x70, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x54, 0x72, 0x61,
+	0x69, 0x6c, 0x65, 0x72, 0x73, 0x4d, 0x61, 0x74, 0x63, 0x68, 0x12, 0x7c, 0x0a, 0x1f, 0x68, 0x74,
+	0x74, 0x70, 0x5f, 0x72, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x5f, 0x67, 0x65, 0x6e, 0x65, 0x72,
+	0x69, 0x63, 0x5f, 0x62, 0x6f, 0x64, 0x79, 0x5f, 0x6d, 0x61, 0x74, 0x63, 0x68, 0x18, 0x09, 0x20,
+	0x01, 0x28, 0x0b, 0x32, 0x34, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66,
+	0x69, 0x67, 0x2e, 0x63, 0x6f, 0x6d, 0x6d, 0x6f, 0x6e, 0x2e, 0x6d, 0x61, 0x74, 0x63, 0x68, 0x65,
+	0x72, 0x2e, 0x76, 0x33, 0x2e, 0x48, 0x74, 0x74, 0x70, 0x47, 0x65, 0x6e, 0x65, 0x72, 0x69, 0x63,
+	0x42, 0x6f, 0x64, 0x79, 0x4d, 0x61, 0x74, 0x63, 0x68, 0x48, 0x00, 0x52, 0x1b, 0x68, 0x74, 0x74,
+	0x70, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x47, 0x65, 0x6e, 0x65, 0x72, 0x69, 0x63, 0x42,
+	0x6f, 0x64, 0x79, 0x4d, 0x61, 0x74, 0x63, 0x68, 0x12, 0x7e, 0x0a, 0x20, 0x68, 0x74, 0x74, 0x70,
+	0x5f, 0x72, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x5f, 0x67, 0x65, 0x6e, 0x65, 0x72, 0x69,
+	0x63, 0x5f, 0x62, 0x6f, 0x64, 0x79, 0x5f, 0x6d, 0x61, 0x74, 0x63, 0x68, 0x18, 0x0a, 0x20, 0x01,
+	0x28, 0x0b, 0x32, 0x34, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69,
+	0x67, 0x2e, 0x63, 0x6f, 0x6d, 0x6d, 0x6f, 0x6e, 0x2e, 0x6d, 0x61, 0x74, 0x63, 0x68, 0x65, 0x72,
+	0x2e, 0x76, 0x33, 0x2e, 0x48, 0x74, 0x74, 0x70, 0x47, 0x65, 0x6e, 0x65, 0x72, 0x69, 0x63, 0x42,
+	0x6f, 0x64, 0x79, 0x4d, 0x61, 0x74, 0x63, 0x68, 0x48, 0x00, 0x52, 0x1c, 0x68, 0x74, 0x74, 0x70,
+	0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x47, 0x65, 0x6e, 0x65, 0x72, 0x69, 0x63, 0x42,
+	0x6f, 0x64, 0x79, 0x4d, 0x61, 0x74, 0x63, 0x68, 0x1a, 0x5a, 0x0a, 0x08, 0x4d, 0x61, 0x74, 0x63,
+	0x68, 0x53, 0x65, 0x74, 0x12, 0x4e, 0x0a, 0x05, 0x72, 0x75, 0x6c, 0x65, 0x73, 0x18, 0x01, 0x20,
+	0x03, 0x28, 0x0b, 0x32, 0x2e, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66,
+	0x69, 0x67, 0x2e, 0x63, 0x6f, 0x6d, 0x6d, 0x6f, 0x6e, 0x2e, 0x6d, 0x61, 0x74, 0x63, 0x68, 0x65,
+	0x72, 0x2e, 0x76, 0x33, 0x2e, 0x4d, 0x61, 0x74, 0x63, 0x68, 0x50, 0x72, 0x65, 0x64, 0x69, 0x63,
+	0x61, 0x74, 0x65, 0x42, 0x08, 0xfa, 0x42, 0x05, 0x92, 0x01, 0x02, 0x08, 0x02, 0x52, 0x05, 0x72,
+	0x75, 0x6c, 0x65, 0x73, 0x42, 0x0b, 0x0a, 0x04, 0x72, 0x75, 0x6c, 0x65, 0x12, 0x03, 0xf8, 0x42,
+	0x01, 0x22, 0x52, 0x0a, 0x10, 0x48, 0x74, 0x74, 0x70, 0x48, 0x65, 0x61, 0x64, 0x65, 0x72, 0x73,
+	0x4d, 0x61, 0x74, 0x63, 0x68, 0x12, 0x3e, 0x0a, 0x07, 0x68, 0x65, 0x61, 0x64, 0x65, 0x72, 0x73,
+	0x18, 0x01, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x24, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63,
+	0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x72, 0x6f, 0x75, 0x74, 0x65, 0x2e, 0x76, 0x33, 0x2e, 0x48,
+	0x65, 0x61, 0x64, 0x65, 0x72, 0x4d, 0x61, 0x74, 0x63, 0x68, 0x65, 0x72, 0x52, 0x07, 0x68, 0x65,
+	0x61, 0x64, 0x65, 0x72, 0x73, 0x22, 0xa1, 0x02, 0x0a, 0x14, 0x48, 0x74, 0x74, 0x70, 0x47, 0x65,
+	0x6e, 0x65, 0x72, 0x69, 0x63, 0x42, 0x6f, 0x64, 0x79, 0x4d, 0x61, 0x74, 0x63, 0x68, 0x12, 0x1f,
+	0x0a, 0x0b, 0x62, 0x79, 0x74, 0x65, 0x73, 0x5f, 0x6c, 0x69, 0x6d, 0x69, 0x74, 0x18, 0x01, 0x20,
+	0x01, 0x28, 0x0d, 0x52, 0x0a, 0x62, 0x79, 0x74, 0x65, 0x73, 0x4c, 0x69, 0x6d, 0x69, 0x74, 0x12,
+	0x6b, 0x0a, 0x08, 0x70, 0x61, 0x74, 0x74, 0x65, 0x72, 0x6e, 0x73, 0x18, 0x02, 0x20, 0x03, 0x28,
+	0x0b, 0x32, 0x45, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67,
+	0x2e, 0x63, 0x6f, 0x6d, 0x6d, 0x6f, 0x6e, 0x2e, 0x6d, 0x61, 0x74, 0x63, 0x68, 0x65, 0x72, 0x2e,
+	0x76, 0x33, 0x2e, 0x48, 0x74, 0x74, 0x70, 0x47, 0x65, 0x6e, 0x65, 0x72, 0x69, 0x63, 0x42, 0x6f,
+	0x64, 0x79, 0x4d, 0x61, 0x74, 0x63, 0x68, 0x2e, 0x47, 0x65, 0x6e, 0x65, 0x72, 0x69, 0x63, 0x54,
+	0x65, 0x78, 0x74, 0x4d, 0x61, 0x74, 0x63, 0x68, 0x42, 0x08, 0xfa, 0x42, 0x05, 0x92, 0x01, 0x02,
+	0x08, 0x01, 0x52, 0x08, 0x70, 0x61, 0x74, 0x74, 0x65, 0x72, 0x6e, 0x73, 0x1a, 0x7b, 0x0a, 0x10,
+	0x47, 0x65, 0x6e, 0x65, 0x72, 0x69, 0x63, 0x54, 0x65, 0x78, 0x74, 0x4d, 0x61, 0x74, 0x63, 0x68,
+	0x12, 0x2c, 0x0a, 0x0c, 0x73, 0x74, 0x72, 0x69, 0x6e, 0x67, 0x5f, 0x6d, 0x61, 0x74, 0x63, 0x68,
+	0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x42, 0x07, 0xfa, 0x42, 0x04, 0x72, 0x02, 0x10, 0x01, 0x48,
+	0x00, 0x52, 0x0b, 0x73, 0x74, 0x72, 0x69, 0x6e, 0x67, 0x4d, 0x61, 0x74, 0x63, 0x68, 0x12, 0x2c,
+	0x0a, 0x0c, 0x62, 0x69, 0x6e, 0x61, 0x72, 0x79, 0x5f, 0x6d, 0x61, 0x74, 0x63, 0x68, 0x18, 0x02,
+	0x20, 0x01, 0x28, 0x0c, 0x42, 0x07, 0xfa, 0x42, 0x04, 0x7a, 0x02, 0x10, 0x01, 0x48, 0x00, 0x52,
+	0x0b, 0x62, 0x69, 0x6e, 0x61, 0x72, 0x79, 0x4d, 0x61, 0x74, 0x63, 0x68, 0x42, 0x0b, 0x0a, 0x04,
+	0x72, 0x75, 0x6c, 0x65, 0x12, 0x03, 0xf8, 0x42, 0x01, 0x42, 0x46, 0x0a, 0x2c, 0x69, 0x6f, 0x2e,
+	0x65, 0x6e, 0x76, 0x6f, 0x79, 0x70, 0x72, 0x6f, 0x78, 0x79, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79,
+	0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x63, 0x6f, 0x6d, 0x6d, 0x6f, 0x6e, 0x2e, 0x6d,
+	0x61, 0x74, 0x63, 0x68, 0x65, 0x72, 0x2e, 0x76, 0x33, 0x42, 0x0c, 0x4d, 0x61, 0x74, 0x63, 0x68,
+	0x65, 0x72, 0x50, 0x72, 0x6f, 0x74, 0x6f, 0x50, 0x01, 0xba, 0x80, 0xc8, 0xd1, 0x06, 0x02, 0x10,
+	0x02, 0x62, 0x06, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x33,
+}
+
+var (
+	file_envoy_config_common_matcher_v3_matcher_proto_rawDescOnce sync.Once
+	file_envoy_config_common_matcher_v3_matcher_proto_rawDescData = file_envoy_config_common_matcher_v3_matcher_proto_rawDesc
+)
+
+func file_envoy_config_common_matcher_v3_matcher_proto_rawDescGZIP() []byte {
+	file_envoy_config_common_matcher_v3_matcher_proto_rawDescOnce.Do(func() {
+		file_envoy_config_common_matcher_v3_matcher_proto_rawDescData = protoimpl.X.CompressGZIP(file_envoy_config_common_matcher_v3_matcher_proto_rawDescData)
+	})
+	return file_envoy_config_common_matcher_v3_matcher_proto_rawDescData
+}
+
+var file_envoy_config_common_matcher_v3_matcher_proto_msgTypes = make([]protoimpl.MessageInfo, 15)
+var file_envoy_config_common_matcher_v3_matcher_proto_goTypes = []interface{}{
+	(*Matcher)(nil),                                       // 0: envoy.config.common.matcher.v3.Matcher
+	(*MatchPredicate)(nil),                                // 1: envoy.config.common.matcher.v3.MatchPredicate
+	(*HttpHeadersMatch)(nil),                              // 2: envoy.config.common.matcher.v3.HttpHeadersMatch
+	(*HttpGenericBodyMatch)(nil),                          // 3: envoy.config.common.matcher.v3.HttpGenericBodyMatch
+	(*Matcher_OnMatch)(nil),                               // 4: envoy.config.common.matcher.v3.Matcher.OnMatch
+	(*Matcher_MatcherList)(nil),                           // 5: envoy.config.common.matcher.v3.Matcher.MatcherList
+	(*Matcher_MatcherTree)(nil),                           // 6: envoy.config.common.matcher.v3.Matcher.MatcherTree
+	(*Matcher_MatcherList_Predicate)(nil),                 // 7: envoy.config.common.matcher.v3.Matcher.MatcherList.Predicate
+	(*Matcher_MatcherList_FieldMatcher)(nil),              // 8: envoy.config.common.matcher.v3.Matcher.MatcherList.FieldMatcher
+	(*Matcher_MatcherList_Predicate_SinglePredicate)(nil), // 9: envoy.config.common.matcher.v3.Matcher.MatcherList.Predicate.SinglePredicate
+	(*Matcher_MatcherList_Predicate_PredicateList)(nil),   // 10: envoy.config.common.matcher.v3.Matcher.MatcherList.Predicate.PredicateList
+	(*Matcher_MatcherTree_MatchMap)(nil),                  // 11: envoy.config.common.matcher.v3.Matcher.MatcherTree.MatchMap
+	nil,                                                   // 12: envoy.config.common.matcher.v3.Matcher.MatcherTree.MatchMap.MapEntry
+	(*MatchPredicate_MatchSet)(nil),                       // 13: envoy.config.common.matcher.v3.MatchPredicate.MatchSet
+	(*HttpGenericBodyMatch_GenericTextMatch)(nil),         // 14: envoy.config.common.matcher.v3.HttpGenericBodyMatch.GenericTextMatch
+	(*v3.HeaderMatcher)(nil),                              // 15: envoy.config.route.v3.HeaderMatcher
+	(*v31.TypedExtensionConfig)(nil),                      // 16: envoy.config.core.v3.TypedExtensionConfig
+	(*v32.StringMatcher)(nil),                             // 17: envoy.type.matcher.v3.StringMatcher
+}
+var file_envoy_config_common_matcher_v3_matcher_proto_depIdxs = []int32{
+	5,  // 0: envoy.config.common.matcher.v3.Matcher.matcher_list:type_name -> envoy.config.common.matcher.v3.Matcher.MatcherList
+	6,  // 1: envoy.config.common.matcher.v3.Matcher.matcher_tree:type_name -> envoy.config.common.matcher.v3.Matcher.MatcherTree
+	4,  // 2: envoy.config.common.matcher.v3.Matcher.on_no_match:type_name -> envoy.config.common.matcher.v3.Matcher.OnMatch
+	13, // 3: envoy.config.common.matcher.v3.MatchPredicate.or_match:type_name -> envoy.config.common.matcher.v3.MatchPredicate.MatchSet
+	13, // 4: envoy.config.common.matcher.v3.MatchPredicate.and_match:type_name -> envoy.config.common.matcher.v3.MatchPredicate.MatchSet
+	1,  // 5: envoy.config.common.matcher.v3.MatchPredicate.not_match:type_name -> envoy.config.common.matcher.v3.MatchPredicate
+	2,  // 6: envoy.config.common.matcher.v3.MatchPredicate.http_request_headers_match:type_name -> envoy.config.common.matcher.v3.HttpHeadersMatch
+	2,  // 7: envoy.config.common.matcher.v3.MatchPredicate.http_request_trailers_match:type_name -> envoy.config.common.matcher.v3.HttpHeadersMatch
+	2,  // 8: envoy.config.common.matcher.v3.MatchPredicate.http_response_headers_match:type_name -> envoy.config.common.matcher.v3.HttpHeadersMatch
+	2,  // 9: envoy.config.common.matcher.v3.MatchPredicate.http_response_trailers_match:type_name -> envoy.config.common.matcher.v3.HttpHeadersMatch
+	3,  // 10: envoy.config.common.matcher.v3.MatchPredicate.http_request_generic_body_match:type_name -> envoy.config.common.matcher.v3.HttpGenericBodyMatch
+	3,  // 11: envoy.config.common.matcher.v3.MatchPredicate.http_response_generic_body_match:type_name -> envoy.config.common.matcher.v3.HttpGenericBodyMatch
+	15, // 12: envoy.config.common.matcher.v3.HttpHeadersMatch.headers:type_name -> envoy.config.route.v3.HeaderMatcher
+	14, // 13: envoy.config.common.matcher.v3.HttpGenericBodyMatch.patterns:type_name -> envoy.config.common.matcher.v3.HttpGenericBodyMatch.GenericTextMatch
+	0,  // 14: envoy.config.common.matcher.v3.Matcher.OnMatch.matcher:type_name -> envoy.config.common.matcher.v3.Matcher
+	16, // 15: envoy.config.common.matcher.v3.Matcher.OnMatch.action:type_name -> envoy.config.core.v3.TypedExtensionConfig
+	8,  // 16: envoy.config.common.matcher.v3.Matcher.MatcherList.matchers:type_name -> envoy.config.common.matcher.v3.Matcher.MatcherList.FieldMatcher
+	16, // 17: envoy.config.common.matcher.v3.Matcher.MatcherTree.input:type_name -> envoy.config.core.v3.TypedExtensionConfig
+	11, // 18: envoy.config.common.matcher.v3.Matcher.MatcherTree.exact_match_map:type_name -> envoy.config.common.matcher.v3.Matcher.MatcherTree.MatchMap
+	11, // 19: envoy.config.common.matcher.v3.Matcher.MatcherTree.prefix_match_map:type_name -> envoy.config.common.matcher.v3.Matcher.MatcherTree.MatchMap
+	16, // 20: envoy.config.common.matcher.v3.Matcher.MatcherTree.custom_match:type_name -> envoy.config.core.v3.TypedExtensionConfig
+	9,  // 21: envoy.config.common.matcher.v3.Matcher.MatcherList.Predicate.single_predicate:type_name -> envoy.config.common.matcher.v3.Matcher.MatcherList.Predicate.SinglePredicate
+	10, // 22: envoy.config.common.matcher.v3.Matcher.MatcherList.Predicate.or_matcher:type_name -> envoy.config.common.matcher.v3.Matcher.MatcherList.Predicate.PredicateList
+	10, // 23: envoy.config.common.matcher.v3.Matcher.MatcherList.Predicate.and_matcher:type_name -> envoy.config.common.matcher.v3.Matcher.MatcherList.Predicate.PredicateList
+	7,  // 24: envoy.config.common.matcher.v3.Matcher.MatcherList.Predicate.not_matcher:type_name -> envoy.config.common.matcher.v3.Matcher.MatcherList.Predicate
+	7,  // 25: envoy.config.common.matcher.v3.Matcher.MatcherList.FieldMatcher.predicate:type_name -> envoy.config.common.matcher.v3.Matcher.MatcherList.Predicate
+	4,  // 26: envoy.config.common.matcher.v3.Matcher.MatcherList.FieldMatcher.on_match:type_name -> envoy.config.common.matcher.v3.Matcher.OnMatch
+	16, // 27: envoy.config.common.matcher.v3.Matcher.MatcherList.Predicate.SinglePredicate.input:type_name -> envoy.config.core.v3.TypedExtensionConfig
+	17, // 28: envoy.config.common.matcher.v3.Matcher.MatcherList.Predicate.SinglePredicate.value_match:type_name -> envoy.type.matcher.v3.StringMatcher
+	16, // 29: envoy.config.common.matcher.v3.Matcher.MatcherList.Predicate.SinglePredicate.custom_match:type_name -> envoy.config.core.v3.TypedExtensionConfig
+	7,  // 30: envoy.config.common.matcher.v3.Matcher.MatcherList.Predicate.PredicateList.predicate:type_name -> envoy.config.common.matcher.v3.Matcher.MatcherList.Predicate
+	12, // 31: envoy.config.common.matcher.v3.Matcher.MatcherTree.MatchMap.map:type_name -> envoy.config.common.matcher.v3.Matcher.MatcherTree.MatchMap.MapEntry
+	4,  // 32: envoy.config.common.matcher.v3.Matcher.MatcherTree.MatchMap.MapEntry.value:type_name -> envoy.config.common.matcher.v3.Matcher.OnMatch
+	1,  // 33: envoy.config.common.matcher.v3.MatchPredicate.MatchSet.rules:type_name -> envoy.config.common.matcher.v3.MatchPredicate
+	34, // [34:34] is the sub-list for method output_type
+	34, // [34:34] is the sub-list for method input_type
+	34, // [34:34] is the sub-list for extension type_name
+	34, // [34:34] is the sub-list for extension extendee
+	0,  // [0:34] is the sub-list for field type_name
+}
+
+func init() { file_envoy_config_common_matcher_v3_matcher_proto_init() }
+func file_envoy_config_common_matcher_v3_matcher_proto_init() {
+	if File_envoy_config_common_matcher_v3_matcher_proto != nil {
+		return
+	}
+	if !protoimpl.UnsafeEnabled {
+		file_envoy_config_common_matcher_v3_matcher_proto_msgTypes[0].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*Matcher); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_config_common_matcher_v3_matcher_proto_msgTypes[1].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*MatchPredicate); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_config_common_matcher_v3_matcher_proto_msgTypes[2].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*HttpHeadersMatch); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_config_common_matcher_v3_matcher_proto_msgTypes[3].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*HttpGenericBodyMatch); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_config_common_matcher_v3_matcher_proto_msgTypes[4].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*Matcher_OnMatch); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_config_common_matcher_v3_matcher_proto_msgTypes[5].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*Matcher_MatcherList); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_config_common_matcher_v3_matcher_proto_msgTypes[6].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*Matcher_MatcherTree); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_config_common_matcher_v3_matcher_proto_msgTypes[7].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*Matcher_MatcherList_Predicate); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_config_common_matcher_v3_matcher_proto_msgTypes[8].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*Matcher_MatcherList_FieldMatcher); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_config_common_matcher_v3_matcher_proto_msgTypes[9].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*Matcher_MatcherList_Predicate_SinglePredicate); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_config_common_matcher_v3_matcher_proto_msgTypes[10].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*Matcher_MatcherList_Predicate_PredicateList); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_config_common_matcher_v3_matcher_proto_msgTypes[11].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*Matcher_MatcherTree_MatchMap); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_config_common_matcher_v3_matcher_proto_msgTypes[13].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*MatchPredicate_MatchSet); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_config_common_matcher_v3_matcher_proto_msgTypes[14].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*HttpGenericBodyMatch_GenericTextMatch); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+	}
+	file_envoy_config_common_matcher_v3_matcher_proto_msgTypes[0].OneofWrappers = []interface{}{
+		(*Matcher_MatcherList_)(nil),
+		(*Matcher_MatcherTree_)(nil),
+	}
+	file_envoy_config_common_matcher_v3_matcher_proto_msgTypes[1].OneofWrappers = []interface{}{
+		(*MatchPredicate_OrMatch)(nil),
+		(*MatchPredicate_AndMatch)(nil),
+		(*MatchPredicate_NotMatch)(nil),
+		(*MatchPredicate_AnyMatch)(nil),
+		(*MatchPredicate_HttpRequestHeadersMatch)(nil),
+		(*MatchPredicate_HttpRequestTrailersMatch)(nil),
+		(*MatchPredicate_HttpResponseHeadersMatch)(nil),
+		(*MatchPredicate_HttpResponseTrailersMatch)(nil),
+		(*MatchPredicate_HttpRequestGenericBodyMatch)(nil),
+		(*MatchPredicate_HttpResponseGenericBodyMatch)(nil),
+	}
+	file_envoy_config_common_matcher_v3_matcher_proto_msgTypes[4].OneofWrappers = []interface{}{
+		(*Matcher_OnMatch_Matcher)(nil),
+		(*Matcher_OnMatch_Action)(nil),
+	}
+	file_envoy_config_common_matcher_v3_matcher_proto_msgTypes[6].OneofWrappers = []interface{}{
+		(*Matcher_MatcherTree_ExactMatchMap)(nil),
+		(*Matcher_MatcherTree_PrefixMatchMap)(nil),
+		(*Matcher_MatcherTree_CustomMatch)(nil),
+	}
+	file_envoy_config_common_matcher_v3_matcher_proto_msgTypes[7].OneofWrappers = []interface{}{
+		(*Matcher_MatcherList_Predicate_SinglePredicate_)(nil),
+		(*Matcher_MatcherList_Predicate_OrMatcher)(nil),
+		(*Matcher_MatcherList_Predicate_AndMatcher)(nil),
+		(*Matcher_MatcherList_Predicate_NotMatcher)(nil),
+	}
+	file_envoy_config_common_matcher_v3_matcher_proto_msgTypes[9].OneofWrappers = []interface{}{
+		(*Matcher_MatcherList_Predicate_SinglePredicate_ValueMatch)(nil),
+		(*Matcher_MatcherList_Predicate_SinglePredicate_CustomMatch)(nil),
+	}
+	file_envoy_config_common_matcher_v3_matcher_proto_msgTypes[14].OneofWrappers = []interface{}{
+		(*HttpGenericBodyMatch_GenericTextMatch_StringMatch)(nil),
+		(*HttpGenericBodyMatch_GenericTextMatch_BinaryMatch)(nil),
+	}
+	type x struct{}
+	out := protoimpl.TypeBuilder{
+		File: protoimpl.DescBuilder{
+			GoPackagePath: reflect.TypeOf(x{}).PkgPath(),
+			RawDescriptor: file_envoy_config_common_matcher_v3_matcher_proto_rawDesc,
+			NumEnums:      0,
+			NumMessages:   15,
+			NumExtensions: 0,
+			NumServices:   0,
+		},
+		GoTypes:           file_envoy_config_common_matcher_v3_matcher_proto_goTypes,
+		DependencyIndexes: file_envoy_config_common_matcher_v3_matcher_proto_depIdxs,
+		MessageInfos:      file_envoy_config_common_matcher_v3_matcher_proto_msgTypes,
+	}.Build()
+	File_envoy_config_common_matcher_v3_matcher_proto = out.File
+	file_envoy_config_common_matcher_v3_matcher_proto_rawDesc = nil
+	file_envoy_config_common_matcher_v3_matcher_proto_goTypes = nil
+	file_envoy_config_common_matcher_v3_matcher_proto_depIdxs = nil
+}
diff --git a/vendor/github.com/envoyproxy/go-control-plane/envoy/config/common/matcher/v3/matcher.pb.validate.go b/vendor/github.com/envoyproxy/go-control-plane/envoy/config/common/matcher/v3/matcher.pb.validate.go
new file mode 100644
index 00000000000..52d22f90f93
--- /dev/null
+++ b/vendor/github.com/envoyproxy/go-control-plane/envoy/config/common/matcher/v3/matcher.pb.validate.go
@@ -0,0 +1,2740 @@
+// Code generated by protoc-gen-validate. DO NOT EDIT.
+// source: envoy/config/common/matcher/v3/matcher.proto
+
+package envoy_config_common_matcher_v3
+
+import (
+	"bytes"
+	"errors"
+	"fmt"
+	"net"
+	"net/mail"
+	"net/url"
+	"regexp"
+	"sort"
+	"strings"
+	"time"
+	"unicode/utf8"
+
+	"google.golang.org/protobuf/types/known/anypb"
+)
+
+// ensure the imports are used
+var (
+	_ = bytes.MinRead
+	_ = errors.New("")
+	_ = fmt.Print
+	_ = utf8.UTFMax
+	_ = (*regexp.Regexp)(nil)
+	_ = (*strings.Reader)(nil)
+	_ = net.IPv4len
+	_ = time.Duration(0)
+	_ = (*url.URL)(nil)
+	_ = (*mail.Address)(nil)
+	_ = anypb.Any{}
+	_ = sort.Sort
+)
+
+// Validate checks the field values on Matcher with the rules defined in the
+// proto definition for this message. If any rules are violated, the first
+// error encountered is returned, or nil if there are no violations.
+func (m *Matcher) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on Matcher with the rules defined in the
+// proto definition for this message. If any rules are violated, the result is
+// a list of violation errors wrapped in MatcherMultiError, or nil if none found.
+func (m *Matcher) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *Matcher) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	if all {
+		switch v := interface{}(m.GetOnNoMatch()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, MatcherValidationError{
+					field:  "OnNoMatch",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, MatcherValidationError{
+					field:  "OnNoMatch",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetOnNoMatch()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return MatcherValidationError{
+				field:  "OnNoMatch",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	switch m.MatcherType.(type) {
+
+	case *Matcher_MatcherList_:
+
+		if all {
+			switch v := interface{}(m.GetMatcherList()).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, MatcherValidationError{
+						field:  "MatcherList",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, MatcherValidationError{
+						field:  "MatcherList",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(m.GetMatcherList()).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return MatcherValidationError{
+					field:  "MatcherList",
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	case *Matcher_MatcherTree_:
+
+		if all {
+			switch v := interface{}(m.GetMatcherTree()).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, MatcherValidationError{
+						field:  "MatcherTree",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, MatcherValidationError{
+						field:  "MatcherTree",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(m.GetMatcherTree()).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return MatcherValidationError{
+					field:  "MatcherTree",
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	default:
+		err := MatcherValidationError{
+			field:  "MatcherType",
+			reason: "value is required",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+
+	}
+
+	if len(errors) > 0 {
+		return MatcherMultiError(errors)
+	}
+	return nil
+}
+
+// MatcherMultiError is an error wrapping multiple validation errors returned
+// by Matcher.ValidateAll() if the designated constraints aren't met.
+type MatcherMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m MatcherMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m MatcherMultiError) AllErrors() []error { return m }
+
+// MatcherValidationError is the validation error returned by Matcher.Validate
+// if the designated constraints aren't met.
+type MatcherValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e MatcherValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e MatcherValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e MatcherValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e MatcherValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e MatcherValidationError) ErrorName() string { return "MatcherValidationError" }
+
+// Error satisfies the builtin error interface
+func (e MatcherValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sMatcher.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = MatcherValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = MatcherValidationError{}
+
+// Validate checks the field values on MatchPredicate with the rules defined in
+// the proto definition for this message. If any rules are violated, the first
+// error encountered is returned, or nil if there are no violations.
+func (m *MatchPredicate) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on MatchPredicate with the rules defined
+// in the proto definition for this message. If any rules are violated, the
+// result is a list of violation errors wrapped in MatchPredicateMultiError,
+// or nil if none found.
+func (m *MatchPredicate) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *MatchPredicate) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	switch m.Rule.(type) {
+
+	case *MatchPredicate_OrMatch:
+
+		if all {
+			switch v := interface{}(m.GetOrMatch()).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, MatchPredicateValidationError{
+						field:  "OrMatch",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, MatchPredicateValidationError{
+						field:  "OrMatch",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(m.GetOrMatch()).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return MatchPredicateValidationError{
+					field:  "OrMatch",
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	case *MatchPredicate_AndMatch:
+
+		if all {
+			switch v := interface{}(m.GetAndMatch()).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, MatchPredicateValidationError{
+						field:  "AndMatch",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, MatchPredicateValidationError{
+						field:  "AndMatch",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(m.GetAndMatch()).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return MatchPredicateValidationError{
+					field:  "AndMatch",
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	case *MatchPredicate_NotMatch:
+
+		if all {
+			switch v := interface{}(m.GetNotMatch()).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, MatchPredicateValidationError{
+						field:  "NotMatch",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, MatchPredicateValidationError{
+						field:  "NotMatch",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(m.GetNotMatch()).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return MatchPredicateValidationError{
+					field:  "NotMatch",
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	case *MatchPredicate_AnyMatch:
+
+		if m.GetAnyMatch() != true {
+			err := MatchPredicateValidationError{
+				field:  "AnyMatch",
+				reason: "value must equal true",
+			}
+			if !all {
+				return err
+			}
+			errors = append(errors, err)
+		}
+
+	case *MatchPredicate_HttpRequestHeadersMatch:
+
+		if all {
+			switch v := interface{}(m.GetHttpRequestHeadersMatch()).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, MatchPredicateValidationError{
+						field:  "HttpRequestHeadersMatch",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, MatchPredicateValidationError{
+						field:  "HttpRequestHeadersMatch",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(m.GetHttpRequestHeadersMatch()).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return MatchPredicateValidationError{
+					field:  "HttpRequestHeadersMatch",
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	case *MatchPredicate_HttpRequestTrailersMatch:
+
+		if all {
+			switch v := interface{}(m.GetHttpRequestTrailersMatch()).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, MatchPredicateValidationError{
+						field:  "HttpRequestTrailersMatch",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, MatchPredicateValidationError{
+						field:  "HttpRequestTrailersMatch",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(m.GetHttpRequestTrailersMatch()).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return MatchPredicateValidationError{
+					field:  "HttpRequestTrailersMatch",
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	case *MatchPredicate_HttpResponseHeadersMatch:
+
+		if all {
+			switch v := interface{}(m.GetHttpResponseHeadersMatch()).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, MatchPredicateValidationError{
+						field:  "HttpResponseHeadersMatch",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, MatchPredicateValidationError{
+						field:  "HttpResponseHeadersMatch",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(m.GetHttpResponseHeadersMatch()).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return MatchPredicateValidationError{
+					field:  "HttpResponseHeadersMatch",
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	case *MatchPredicate_HttpResponseTrailersMatch:
+
+		if all {
+			switch v := interface{}(m.GetHttpResponseTrailersMatch()).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, MatchPredicateValidationError{
+						field:  "HttpResponseTrailersMatch",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, MatchPredicateValidationError{
+						field:  "HttpResponseTrailersMatch",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(m.GetHttpResponseTrailersMatch()).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return MatchPredicateValidationError{
+					field:  "HttpResponseTrailersMatch",
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	case *MatchPredicate_HttpRequestGenericBodyMatch:
+
+		if all {
+			switch v := interface{}(m.GetHttpRequestGenericBodyMatch()).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, MatchPredicateValidationError{
+						field:  "HttpRequestGenericBodyMatch",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, MatchPredicateValidationError{
+						field:  "HttpRequestGenericBodyMatch",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(m.GetHttpRequestGenericBodyMatch()).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return MatchPredicateValidationError{
+					field:  "HttpRequestGenericBodyMatch",
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	case *MatchPredicate_HttpResponseGenericBodyMatch:
+
+		if all {
+			switch v := interface{}(m.GetHttpResponseGenericBodyMatch()).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, MatchPredicateValidationError{
+						field:  "HttpResponseGenericBodyMatch",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, MatchPredicateValidationError{
+						field:  "HttpResponseGenericBodyMatch",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(m.GetHttpResponseGenericBodyMatch()).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return MatchPredicateValidationError{
+					field:  "HttpResponseGenericBodyMatch",
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	default:
+		err := MatchPredicateValidationError{
+			field:  "Rule",
+			reason: "value is required",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+
+	}
+
+	if len(errors) > 0 {
+		return MatchPredicateMultiError(errors)
+	}
+	return nil
+}
+
+// MatchPredicateMultiError is an error wrapping multiple validation errors
+// returned by MatchPredicate.ValidateAll() if the designated constraints
+// aren't met.
+type MatchPredicateMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m MatchPredicateMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m MatchPredicateMultiError) AllErrors() []error { return m }
+
+// MatchPredicateValidationError is the validation error returned by
+// MatchPredicate.Validate if the designated constraints aren't met.
+type MatchPredicateValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e MatchPredicateValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e MatchPredicateValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e MatchPredicateValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e MatchPredicateValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e MatchPredicateValidationError) ErrorName() string { return "MatchPredicateValidationError" }
+
+// Error satisfies the builtin error interface
+func (e MatchPredicateValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sMatchPredicate.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = MatchPredicateValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = MatchPredicateValidationError{}
+
+// Validate checks the field values on HttpHeadersMatch with the rules defined
+// in the proto definition for this message. If any rules are violated, the
+// first error encountered is returned, or nil if there are no violations.
+func (m *HttpHeadersMatch) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on HttpHeadersMatch with the rules
+// defined in the proto definition for this message. If any rules are
+// violated, the result is a list of violation errors wrapped in
+// HttpHeadersMatchMultiError, or nil if none found.
+func (m *HttpHeadersMatch) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *HttpHeadersMatch) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	for idx, item := range m.GetHeaders() {
+		_, _ = idx, item
+
+		if all {
+			switch v := interface{}(item).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, HttpHeadersMatchValidationError{
+						field:  fmt.Sprintf("Headers[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, HttpHeadersMatchValidationError{
+						field:  fmt.Sprintf("Headers[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(item).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return HttpHeadersMatchValidationError{
+					field:  fmt.Sprintf("Headers[%v]", idx),
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	}
+
+	if len(errors) > 0 {
+		return HttpHeadersMatchMultiError(errors)
+	}
+	return nil
+}
+
+// HttpHeadersMatchMultiError is an error wrapping multiple validation errors
+// returned by HttpHeadersMatch.ValidateAll() if the designated constraints
+// aren't met.
+type HttpHeadersMatchMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m HttpHeadersMatchMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m HttpHeadersMatchMultiError) AllErrors() []error { return m }
+
+// HttpHeadersMatchValidationError is the validation error returned by
+// HttpHeadersMatch.Validate if the designated constraints aren't met.
+type HttpHeadersMatchValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e HttpHeadersMatchValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e HttpHeadersMatchValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e HttpHeadersMatchValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e HttpHeadersMatchValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e HttpHeadersMatchValidationError) ErrorName() string { return "HttpHeadersMatchValidationError" }
+
+// Error satisfies the builtin error interface
+func (e HttpHeadersMatchValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sHttpHeadersMatch.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = HttpHeadersMatchValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = HttpHeadersMatchValidationError{}
+
+// Validate checks the field values on HttpGenericBodyMatch with the rules
+// defined in the proto definition for this message. If any rules are
+// violated, the first error encountered is returned, or nil if there are no violations.
+func (m *HttpGenericBodyMatch) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on HttpGenericBodyMatch with the rules
+// defined in the proto definition for this message. If any rules are
+// violated, the result is a list of violation errors wrapped in
+// HttpGenericBodyMatchMultiError, or nil if none found.
+func (m *HttpGenericBodyMatch) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *HttpGenericBodyMatch) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	// no validation rules for BytesLimit
+
+	if len(m.GetPatterns()) < 1 {
+		err := HttpGenericBodyMatchValidationError{
+			field:  "Patterns",
+			reason: "value must contain at least 1 item(s)",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+	}
+
+	for idx, item := range m.GetPatterns() {
+		_, _ = idx, item
+
+		if all {
+			switch v := interface{}(item).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, HttpGenericBodyMatchValidationError{
+						field:  fmt.Sprintf("Patterns[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, HttpGenericBodyMatchValidationError{
+						field:  fmt.Sprintf("Patterns[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(item).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return HttpGenericBodyMatchValidationError{
+					field:  fmt.Sprintf("Patterns[%v]", idx),
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	}
+
+	if len(errors) > 0 {
+		return HttpGenericBodyMatchMultiError(errors)
+	}
+	return nil
+}
+
+// HttpGenericBodyMatchMultiError is an error wrapping multiple validation
+// errors returned by HttpGenericBodyMatch.ValidateAll() if the designated
+// constraints aren't met.
+type HttpGenericBodyMatchMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m HttpGenericBodyMatchMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m HttpGenericBodyMatchMultiError) AllErrors() []error { return m }
+
+// HttpGenericBodyMatchValidationError is the validation error returned by
+// HttpGenericBodyMatch.Validate if the designated constraints aren't met.
+type HttpGenericBodyMatchValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e HttpGenericBodyMatchValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e HttpGenericBodyMatchValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e HttpGenericBodyMatchValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e HttpGenericBodyMatchValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e HttpGenericBodyMatchValidationError) ErrorName() string {
+	return "HttpGenericBodyMatchValidationError"
+}
+
+// Error satisfies the builtin error interface
+func (e HttpGenericBodyMatchValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sHttpGenericBodyMatch.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = HttpGenericBodyMatchValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = HttpGenericBodyMatchValidationError{}
+
+// Validate checks the field values on Matcher_OnMatch with the rules defined
+// in the proto definition for this message. If any rules are violated, the
+// first error encountered is returned, or nil if there are no violations.
+func (m *Matcher_OnMatch) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on Matcher_OnMatch with the rules
+// defined in the proto definition for this message. If any rules are
+// violated, the result is a list of violation errors wrapped in
+// Matcher_OnMatchMultiError, or nil if none found.
+func (m *Matcher_OnMatch) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *Matcher_OnMatch) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	switch m.OnMatch.(type) {
+
+	case *Matcher_OnMatch_Matcher:
+
+		if all {
+			switch v := interface{}(m.GetMatcher()).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, Matcher_OnMatchValidationError{
+						field:  "Matcher",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, Matcher_OnMatchValidationError{
+						field:  "Matcher",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(m.GetMatcher()).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return Matcher_OnMatchValidationError{
+					field:  "Matcher",
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	case *Matcher_OnMatch_Action:
+
+		if all {
+			switch v := interface{}(m.GetAction()).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, Matcher_OnMatchValidationError{
+						field:  "Action",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, Matcher_OnMatchValidationError{
+						field:  "Action",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(m.GetAction()).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return Matcher_OnMatchValidationError{
+					field:  "Action",
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	default:
+		err := Matcher_OnMatchValidationError{
+			field:  "OnMatch",
+			reason: "value is required",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+
+	}
+
+	if len(errors) > 0 {
+		return Matcher_OnMatchMultiError(errors)
+	}
+	return nil
+}
+
+// Matcher_OnMatchMultiError is an error wrapping multiple validation errors
+// returned by Matcher_OnMatch.ValidateAll() if the designated constraints
+// aren't met.
+type Matcher_OnMatchMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m Matcher_OnMatchMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m Matcher_OnMatchMultiError) AllErrors() []error { return m }
+
+// Matcher_OnMatchValidationError is the validation error returned by
+// Matcher_OnMatch.Validate if the designated constraints aren't met.
+type Matcher_OnMatchValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e Matcher_OnMatchValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e Matcher_OnMatchValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e Matcher_OnMatchValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e Matcher_OnMatchValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e Matcher_OnMatchValidationError) ErrorName() string { return "Matcher_OnMatchValidationError" }
+
+// Error satisfies the builtin error interface
+func (e Matcher_OnMatchValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sMatcher_OnMatch.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = Matcher_OnMatchValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = Matcher_OnMatchValidationError{}
+
+// Validate checks the field values on Matcher_MatcherList with the rules
+// defined in the proto definition for this message. If any rules are
+// violated, the first error encountered is returned, or nil if there are no violations.
+func (m *Matcher_MatcherList) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on Matcher_MatcherList with the rules
+// defined in the proto definition for this message. If any rules are
+// violated, the result is a list of violation errors wrapped in
+// Matcher_MatcherListMultiError, or nil if none found.
+func (m *Matcher_MatcherList) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *Matcher_MatcherList) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	if len(m.GetMatchers()) < 1 {
+		err := Matcher_MatcherListValidationError{
+			field:  "Matchers",
+			reason: "value must contain at least 1 item(s)",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+	}
+
+	for idx, item := range m.GetMatchers() {
+		_, _ = idx, item
+
+		if all {
+			switch v := interface{}(item).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, Matcher_MatcherListValidationError{
+						field:  fmt.Sprintf("Matchers[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, Matcher_MatcherListValidationError{
+						field:  fmt.Sprintf("Matchers[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(item).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return Matcher_MatcherListValidationError{
+					field:  fmt.Sprintf("Matchers[%v]", idx),
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	}
+
+	if len(errors) > 0 {
+		return Matcher_MatcherListMultiError(errors)
+	}
+	return nil
+}
+
+// Matcher_MatcherListMultiError is an error wrapping multiple validation
+// errors returned by Matcher_MatcherList.ValidateAll() if the designated
+// constraints aren't met.
+type Matcher_MatcherListMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m Matcher_MatcherListMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m Matcher_MatcherListMultiError) AllErrors() []error { return m }
+
+// Matcher_MatcherListValidationError is the validation error returned by
+// Matcher_MatcherList.Validate if the designated constraints aren't met.
+type Matcher_MatcherListValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e Matcher_MatcherListValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e Matcher_MatcherListValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e Matcher_MatcherListValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e Matcher_MatcherListValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e Matcher_MatcherListValidationError) ErrorName() string {
+	return "Matcher_MatcherListValidationError"
+}
+
+// Error satisfies the builtin error interface
+func (e Matcher_MatcherListValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sMatcher_MatcherList.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = Matcher_MatcherListValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = Matcher_MatcherListValidationError{}
+
+// Validate checks the field values on Matcher_MatcherTree with the rules
+// defined in the proto definition for this message. If any rules are
+// violated, the first error encountered is returned, or nil if there are no violations.
+func (m *Matcher_MatcherTree) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on Matcher_MatcherTree with the rules
+// defined in the proto definition for this message. If any rules are
+// violated, the result is a list of violation errors wrapped in
+// Matcher_MatcherTreeMultiError, or nil if none found.
+func (m *Matcher_MatcherTree) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *Matcher_MatcherTree) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	if m.GetInput() == nil {
+		err := Matcher_MatcherTreeValidationError{
+			field:  "Input",
+			reason: "value is required",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+	}
+
+	if all {
+		switch v := interface{}(m.GetInput()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, Matcher_MatcherTreeValidationError{
+					field:  "Input",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, Matcher_MatcherTreeValidationError{
+					field:  "Input",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetInput()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return Matcher_MatcherTreeValidationError{
+				field:  "Input",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	switch m.TreeType.(type) {
+
+	case *Matcher_MatcherTree_ExactMatchMap:
+
+		if all {
+			switch v := interface{}(m.GetExactMatchMap()).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, Matcher_MatcherTreeValidationError{
+						field:  "ExactMatchMap",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, Matcher_MatcherTreeValidationError{
+						field:  "ExactMatchMap",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(m.GetExactMatchMap()).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return Matcher_MatcherTreeValidationError{
+					field:  "ExactMatchMap",
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	case *Matcher_MatcherTree_PrefixMatchMap:
+
+		if all {
+			switch v := interface{}(m.GetPrefixMatchMap()).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, Matcher_MatcherTreeValidationError{
+						field:  "PrefixMatchMap",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, Matcher_MatcherTreeValidationError{
+						field:  "PrefixMatchMap",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(m.GetPrefixMatchMap()).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return Matcher_MatcherTreeValidationError{
+					field:  "PrefixMatchMap",
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	case *Matcher_MatcherTree_CustomMatch:
+
+		if all {
+			switch v := interface{}(m.GetCustomMatch()).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, Matcher_MatcherTreeValidationError{
+						field:  "CustomMatch",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, Matcher_MatcherTreeValidationError{
+						field:  "CustomMatch",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(m.GetCustomMatch()).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return Matcher_MatcherTreeValidationError{
+					field:  "CustomMatch",
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	default:
+		err := Matcher_MatcherTreeValidationError{
+			field:  "TreeType",
+			reason: "value is required",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+
+	}
+
+	if len(errors) > 0 {
+		return Matcher_MatcherTreeMultiError(errors)
+	}
+	return nil
+}
+
+// Matcher_MatcherTreeMultiError is an error wrapping multiple validation
+// errors returned by Matcher_MatcherTree.ValidateAll() if the designated
+// constraints aren't met.
+type Matcher_MatcherTreeMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m Matcher_MatcherTreeMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m Matcher_MatcherTreeMultiError) AllErrors() []error { return m }
+
+// Matcher_MatcherTreeValidationError is the validation error returned by
+// Matcher_MatcherTree.Validate if the designated constraints aren't met.
+type Matcher_MatcherTreeValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e Matcher_MatcherTreeValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e Matcher_MatcherTreeValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e Matcher_MatcherTreeValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e Matcher_MatcherTreeValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e Matcher_MatcherTreeValidationError) ErrorName() string {
+	return "Matcher_MatcherTreeValidationError"
+}
+
+// Error satisfies the builtin error interface
+func (e Matcher_MatcherTreeValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sMatcher_MatcherTree.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = Matcher_MatcherTreeValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = Matcher_MatcherTreeValidationError{}
+
+// Validate checks the field values on Matcher_MatcherList_Predicate with the
+// rules defined in the proto definition for this message. If any rules are
+// violated, the first error encountered is returned, or nil if there are no violations.
+func (m *Matcher_MatcherList_Predicate) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on Matcher_MatcherList_Predicate with
+// the rules defined in the proto definition for this message. If any rules
+// are violated, the result is a list of violation errors wrapped in
+// Matcher_MatcherList_PredicateMultiError, or nil if none found.
+func (m *Matcher_MatcherList_Predicate) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *Matcher_MatcherList_Predicate) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	switch m.MatchType.(type) {
+
+	case *Matcher_MatcherList_Predicate_SinglePredicate_:
+
+		if all {
+			switch v := interface{}(m.GetSinglePredicate()).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, Matcher_MatcherList_PredicateValidationError{
+						field:  "SinglePredicate",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, Matcher_MatcherList_PredicateValidationError{
+						field:  "SinglePredicate",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(m.GetSinglePredicate()).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return Matcher_MatcherList_PredicateValidationError{
+					field:  "SinglePredicate",
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	case *Matcher_MatcherList_Predicate_OrMatcher:
+
+		if all {
+			switch v := interface{}(m.GetOrMatcher()).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, Matcher_MatcherList_PredicateValidationError{
+						field:  "OrMatcher",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, Matcher_MatcherList_PredicateValidationError{
+						field:  "OrMatcher",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(m.GetOrMatcher()).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return Matcher_MatcherList_PredicateValidationError{
+					field:  "OrMatcher",
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	case *Matcher_MatcherList_Predicate_AndMatcher:
+
+		if all {
+			switch v := interface{}(m.GetAndMatcher()).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, Matcher_MatcherList_PredicateValidationError{
+						field:  "AndMatcher",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, Matcher_MatcherList_PredicateValidationError{
+						field:  "AndMatcher",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(m.GetAndMatcher()).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return Matcher_MatcherList_PredicateValidationError{
+					field:  "AndMatcher",
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	case *Matcher_MatcherList_Predicate_NotMatcher:
+
+		if all {
+			switch v := interface{}(m.GetNotMatcher()).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, Matcher_MatcherList_PredicateValidationError{
+						field:  "NotMatcher",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, Matcher_MatcherList_PredicateValidationError{
+						field:  "NotMatcher",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(m.GetNotMatcher()).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return Matcher_MatcherList_PredicateValidationError{
+					field:  "NotMatcher",
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	default:
+		err := Matcher_MatcherList_PredicateValidationError{
+			field:  "MatchType",
+			reason: "value is required",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+
+	}
+
+	if len(errors) > 0 {
+		return Matcher_MatcherList_PredicateMultiError(errors)
+	}
+	return nil
+}
+
+// Matcher_MatcherList_PredicateMultiError is an error wrapping multiple
+// validation errors returned by Matcher_MatcherList_Predicate.ValidateAll()
+// if the designated constraints aren't met.
+type Matcher_MatcherList_PredicateMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m Matcher_MatcherList_PredicateMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m Matcher_MatcherList_PredicateMultiError) AllErrors() []error { return m }
+
+// Matcher_MatcherList_PredicateValidationError is the validation error
+// returned by Matcher_MatcherList_Predicate.Validate if the designated
+// constraints aren't met.
+type Matcher_MatcherList_PredicateValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e Matcher_MatcherList_PredicateValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e Matcher_MatcherList_PredicateValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e Matcher_MatcherList_PredicateValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e Matcher_MatcherList_PredicateValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e Matcher_MatcherList_PredicateValidationError) ErrorName() string {
+	return "Matcher_MatcherList_PredicateValidationError"
+}
+
+// Error satisfies the builtin error interface
+func (e Matcher_MatcherList_PredicateValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sMatcher_MatcherList_Predicate.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = Matcher_MatcherList_PredicateValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = Matcher_MatcherList_PredicateValidationError{}
+
+// Validate checks the field values on Matcher_MatcherList_FieldMatcher with
+// the rules defined in the proto definition for this message. If any rules
+// are violated, the first error encountered is returned, or nil if there are
+// no violations.
+func (m *Matcher_MatcherList_FieldMatcher) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on Matcher_MatcherList_FieldMatcher with
+// the rules defined in the proto definition for this message. If any rules
+// are violated, the result is a list of violation errors wrapped in
+// Matcher_MatcherList_FieldMatcherMultiError, or nil if none found.
+func (m *Matcher_MatcherList_FieldMatcher) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *Matcher_MatcherList_FieldMatcher) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	if m.GetPredicate() == nil {
+		err := Matcher_MatcherList_FieldMatcherValidationError{
+			field:  "Predicate",
+			reason: "value is required",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+	}
+
+	if all {
+		switch v := interface{}(m.GetPredicate()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, Matcher_MatcherList_FieldMatcherValidationError{
+					field:  "Predicate",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, Matcher_MatcherList_FieldMatcherValidationError{
+					field:  "Predicate",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetPredicate()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return Matcher_MatcherList_FieldMatcherValidationError{
+				field:  "Predicate",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if m.GetOnMatch() == nil {
+		err := Matcher_MatcherList_FieldMatcherValidationError{
+			field:  "OnMatch",
+			reason: "value is required",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+	}
+
+	if all {
+		switch v := interface{}(m.GetOnMatch()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, Matcher_MatcherList_FieldMatcherValidationError{
+					field:  "OnMatch",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, Matcher_MatcherList_FieldMatcherValidationError{
+					field:  "OnMatch",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetOnMatch()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return Matcher_MatcherList_FieldMatcherValidationError{
+				field:  "OnMatch",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if len(errors) > 0 {
+		return Matcher_MatcherList_FieldMatcherMultiError(errors)
+	}
+	return nil
+}
+
+// Matcher_MatcherList_FieldMatcherMultiError is an error wrapping multiple
+// validation errors returned by
+// Matcher_MatcherList_FieldMatcher.ValidateAll() if the designated
+// constraints aren't met.
+type Matcher_MatcherList_FieldMatcherMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m Matcher_MatcherList_FieldMatcherMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m Matcher_MatcherList_FieldMatcherMultiError) AllErrors() []error { return m }
+
+// Matcher_MatcherList_FieldMatcherValidationError is the validation error
+// returned by Matcher_MatcherList_FieldMatcher.Validate if the designated
+// constraints aren't met.
+type Matcher_MatcherList_FieldMatcherValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e Matcher_MatcherList_FieldMatcherValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e Matcher_MatcherList_FieldMatcherValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e Matcher_MatcherList_FieldMatcherValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e Matcher_MatcherList_FieldMatcherValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e Matcher_MatcherList_FieldMatcherValidationError) ErrorName() string {
+	return "Matcher_MatcherList_FieldMatcherValidationError"
+}
+
+// Error satisfies the builtin error interface
+func (e Matcher_MatcherList_FieldMatcherValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sMatcher_MatcherList_FieldMatcher.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = Matcher_MatcherList_FieldMatcherValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = Matcher_MatcherList_FieldMatcherValidationError{}
+
+// Validate checks the field values on
+// Matcher_MatcherList_Predicate_SinglePredicate with the rules defined in the
+// proto definition for this message. If any rules are violated, the first
+// error encountered is returned, or nil if there are no violations.
+func (m *Matcher_MatcherList_Predicate_SinglePredicate) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on
+// Matcher_MatcherList_Predicate_SinglePredicate with the rules defined in the
+// proto definition for this message. If any rules are violated, the result is
+// a list of violation errors wrapped in
+// Matcher_MatcherList_Predicate_SinglePredicateMultiError, or nil if none found.
+func (m *Matcher_MatcherList_Predicate_SinglePredicate) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *Matcher_MatcherList_Predicate_SinglePredicate) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	if m.GetInput() == nil {
+		err := Matcher_MatcherList_Predicate_SinglePredicateValidationError{
+			field:  "Input",
+			reason: "value is required",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+	}
+
+	if all {
+		switch v := interface{}(m.GetInput()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, Matcher_MatcherList_Predicate_SinglePredicateValidationError{
+					field:  "Input",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, Matcher_MatcherList_Predicate_SinglePredicateValidationError{
+					field:  "Input",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetInput()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return Matcher_MatcherList_Predicate_SinglePredicateValidationError{
+				field:  "Input",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	switch m.Matcher.(type) {
+
+	case *Matcher_MatcherList_Predicate_SinglePredicate_ValueMatch:
+
+		if all {
+			switch v := interface{}(m.GetValueMatch()).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, Matcher_MatcherList_Predicate_SinglePredicateValidationError{
+						field:  "ValueMatch",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, Matcher_MatcherList_Predicate_SinglePredicateValidationError{
+						field:  "ValueMatch",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(m.GetValueMatch()).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return Matcher_MatcherList_Predicate_SinglePredicateValidationError{
+					field:  "ValueMatch",
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	case *Matcher_MatcherList_Predicate_SinglePredicate_CustomMatch:
+
+		if all {
+			switch v := interface{}(m.GetCustomMatch()).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, Matcher_MatcherList_Predicate_SinglePredicateValidationError{
+						field:  "CustomMatch",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, Matcher_MatcherList_Predicate_SinglePredicateValidationError{
+						field:  "CustomMatch",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(m.GetCustomMatch()).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return Matcher_MatcherList_Predicate_SinglePredicateValidationError{
+					field:  "CustomMatch",
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	default:
+		err := Matcher_MatcherList_Predicate_SinglePredicateValidationError{
+			field:  "Matcher",
+			reason: "value is required",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+
+	}
+
+	if len(errors) > 0 {
+		return Matcher_MatcherList_Predicate_SinglePredicateMultiError(errors)
+	}
+	return nil
+}
+
+// Matcher_MatcherList_Predicate_SinglePredicateMultiError is an error wrapping
+// multiple validation errors returned by
+// Matcher_MatcherList_Predicate_SinglePredicate.ValidateAll() if the
+// designated constraints aren't met.
+type Matcher_MatcherList_Predicate_SinglePredicateMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m Matcher_MatcherList_Predicate_SinglePredicateMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m Matcher_MatcherList_Predicate_SinglePredicateMultiError) AllErrors() []error { return m }
+
+// Matcher_MatcherList_Predicate_SinglePredicateValidationError is the
+// validation error returned by
+// Matcher_MatcherList_Predicate_SinglePredicate.Validate if the designated
+// constraints aren't met.
+type Matcher_MatcherList_Predicate_SinglePredicateValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e Matcher_MatcherList_Predicate_SinglePredicateValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e Matcher_MatcherList_Predicate_SinglePredicateValidationError) Reason() string {
+	return e.reason
+}
+
+// Cause function returns cause value.
+func (e Matcher_MatcherList_Predicate_SinglePredicateValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e Matcher_MatcherList_Predicate_SinglePredicateValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e Matcher_MatcherList_Predicate_SinglePredicateValidationError) ErrorName() string {
+	return "Matcher_MatcherList_Predicate_SinglePredicateValidationError"
+}
+
+// Error satisfies the builtin error interface
+func (e Matcher_MatcherList_Predicate_SinglePredicateValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sMatcher_MatcherList_Predicate_SinglePredicate.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = Matcher_MatcherList_Predicate_SinglePredicateValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = Matcher_MatcherList_Predicate_SinglePredicateValidationError{}
+
+// Validate checks the field values on
+// Matcher_MatcherList_Predicate_PredicateList with the rules defined in the
+// proto definition for this message. If any rules are violated, the first
+// error encountered is returned, or nil if there are no violations.
+func (m *Matcher_MatcherList_Predicate_PredicateList) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on
+// Matcher_MatcherList_Predicate_PredicateList with the rules defined in the
+// proto definition for this message. If any rules are violated, the result is
+// a list of violation errors wrapped in
+// Matcher_MatcherList_Predicate_PredicateListMultiError, or nil if none found.
+func (m *Matcher_MatcherList_Predicate_PredicateList) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *Matcher_MatcherList_Predicate_PredicateList) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	if len(m.GetPredicate()) < 2 {
+		err := Matcher_MatcherList_Predicate_PredicateListValidationError{
+			field:  "Predicate",
+			reason: "value must contain at least 2 item(s)",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+	}
+
+	for idx, item := range m.GetPredicate() {
+		_, _ = idx, item
+
+		if all {
+			switch v := interface{}(item).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, Matcher_MatcherList_Predicate_PredicateListValidationError{
+						field:  fmt.Sprintf("Predicate[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, Matcher_MatcherList_Predicate_PredicateListValidationError{
+						field:  fmt.Sprintf("Predicate[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(item).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return Matcher_MatcherList_Predicate_PredicateListValidationError{
+					field:  fmt.Sprintf("Predicate[%v]", idx),
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	}
+
+	if len(errors) > 0 {
+		return Matcher_MatcherList_Predicate_PredicateListMultiError(errors)
+	}
+	return nil
+}
+
+// Matcher_MatcherList_Predicate_PredicateListMultiError is an error wrapping
+// multiple validation errors returned by
+// Matcher_MatcherList_Predicate_PredicateList.ValidateAll() if the designated
+// constraints aren't met.
+type Matcher_MatcherList_Predicate_PredicateListMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m Matcher_MatcherList_Predicate_PredicateListMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m Matcher_MatcherList_Predicate_PredicateListMultiError) AllErrors() []error { return m }
+
+// Matcher_MatcherList_Predicate_PredicateListValidationError is the validation
+// error returned by Matcher_MatcherList_Predicate_PredicateList.Validate if
+// the designated constraints aren't met.
+type Matcher_MatcherList_Predicate_PredicateListValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e Matcher_MatcherList_Predicate_PredicateListValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e Matcher_MatcherList_Predicate_PredicateListValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e Matcher_MatcherList_Predicate_PredicateListValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e Matcher_MatcherList_Predicate_PredicateListValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e Matcher_MatcherList_Predicate_PredicateListValidationError) ErrorName() string {
+	return "Matcher_MatcherList_Predicate_PredicateListValidationError"
+}
+
+// Error satisfies the builtin error interface
+func (e Matcher_MatcherList_Predicate_PredicateListValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sMatcher_MatcherList_Predicate_PredicateList.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = Matcher_MatcherList_Predicate_PredicateListValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = Matcher_MatcherList_Predicate_PredicateListValidationError{}
+
+// Validate checks the field values on Matcher_MatcherTree_MatchMap with the
+// rules defined in the proto definition for this message. If any rules are
+// violated, the first error encountered is returned, or nil if there are no violations.
+func (m *Matcher_MatcherTree_MatchMap) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on Matcher_MatcherTree_MatchMap with the
+// rules defined in the proto definition for this message. If any rules are
+// violated, the result is a list of violation errors wrapped in
+// Matcher_MatcherTree_MatchMapMultiError, or nil if none found.
+func (m *Matcher_MatcherTree_MatchMap) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *Matcher_MatcherTree_MatchMap) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	if len(m.GetMap()) < 1 {
+		err := Matcher_MatcherTree_MatchMapValidationError{
+			field:  "Map",
+			reason: "value must contain at least 1 pair(s)",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+	}
+
+	{
+		sorted_keys := make([]string, len(m.GetMap()))
+		i := 0
+		for key := range m.GetMap() {
+			sorted_keys[i] = key
+			i++
+		}
+		sort.Slice(sorted_keys, func(i, j int) bool { return sorted_keys[i] < sorted_keys[j] })
+		for _, key := range sorted_keys {
+			val := m.GetMap()[key]
+			_ = val
+
+			// no validation rules for Map[key]
+
+			if all {
+				switch v := interface{}(val).(type) {
+				case interface{ ValidateAll() error }:
+					if err := v.ValidateAll(); err != nil {
+						errors = append(errors, Matcher_MatcherTree_MatchMapValidationError{
+							field:  fmt.Sprintf("Map[%v]", key),
+							reason: "embedded message failed validation",
+							cause:  err,
+						})
+					}
+				case interface{ Validate() error }:
+					if err := v.Validate(); err != nil {
+						errors = append(errors, Matcher_MatcherTree_MatchMapValidationError{
+							field:  fmt.Sprintf("Map[%v]", key),
+							reason: "embedded message failed validation",
+							cause:  err,
+						})
+					}
+				}
+			} else if v, ok := interface{}(val).(interface{ Validate() error }); ok {
+				if err := v.Validate(); err != nil {
+					return Matcher_MatcherTree_MatchMapValidationError{
+						field:  fmt.Sprintf("Map[%v]", key),
+						reason: "embedded message failed validation",
+						cause:  err,
+					}
+				}
+			}
+
+		}
+	}
+
+	if len(errors) > 0 {
+		return Matcher_MatcherTree_MatchMapMultiError(errors)
+	}
+	return nil
+}
+
+// Matcher_MatcherTree_MatchMapMultiError is an error wrapping multiple
+// validation errors returned by Matcher_MatcherTree_MatchMap.ValidateAll() if
+// the designated constraints aren't met.
+type Matcher_MatcherTree_MatchMapMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m Matcher_MatcherTree_MatchMapMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m Matcher_MatcherTree_MatchMapMultiError) AllErrors() []error { return m }
+
+// Matcher_MatcherTree_MatchMapValidationError is the validation error returned
+// by Matcher_MatcherTree_MatchMap.Validate if the designated constraints
+// aren't met.
+type Matcher_MatcherTree_MatchMapValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e Matcher_MatcherTree_MatchMapValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e Matcher_MatcherTree_MatchMapValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e Matcher_MatcherTree_MatchMapValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e Matcher_MatcherTree_MatchMapValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e Matcher_MatcherTree_MatchMapValidationError) ErrorName() string {
+	return "Matcher_MatcherTree_MatchMapValidationError"
+}
+
+// Error satisfies the builtin error interface
+func (e Matcher_MatcherTree_MatchMapValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sMatcher_MatcherTree_MatchMap.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = Matcher_MatcherTree_MatchMapValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = Matcher_MatcherTree_MatchMapValidationError{}
+
+// Validate checks the field values on MatchPredicate_MatchSet with the rules
+// defined in the proto definition for this message. If any rules are
+// violated, the first error encountered is returned, or nil if there are no violations.
+func (m *MatchPredicate_MatchSet) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on MatchPredicate_MatchSet with the
+// rules defined in the proto definition for this message. If any rules are
+// violated, the result is a list of violation errors wrapped in
+// MatchPredicate_MatchSetMultiError, or nil if none found.
+func (m *MatchPredicate_MatchSet) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *MatchPredicate_MatchSet) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	if len(m.GetRules()) < 2 {
+		err := MatchPredicate_MatchSetValidationError{
+			field:  "Rules",
+			reason: "value must contain at least 2 item(s)",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+	}
+
+	for idx, item := range m.GetRules() {
+		_, _ = idx, item
+
+		if all {
+			switch v := interface{}(item).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, MatchPredicate_MatchSetValidationError{
+						field:  fmt.Sprintf("Rules[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, MatchPredicate_MatchSetValidationError{
+						field:  fmt.Sprintf("Rules[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(item).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return MatchPredicate_MatchSetValidationError{
+					field:  fmt.Sprintf("Rules[%v]", idx),
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	}
+
+	if len(errors) > 0 {
+		return MatchPredicate_MatchSetMultiError(errors)
+	}
+	return nil
+}
+
+// MatchPredicate_MatchSetMultiError is an error wrapping multiple validation
+// errors returned by MatchPredicate_MatchSet.ValidateAll() if the designated
+// constraints aren't met.
+type MatchPredicate_MatchSetMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m MatchPredicate_MatchSetMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m MatchPredicate_MatchSetMultiError) AllErrors() []error { return m }
+
+// MatchPredicate_MatchSetValidationError is the validation error returned by
+// MatchPredicate_MatchSet.Validate if the designated constraints aren't met.
+type MatchPredicate_MatchSetValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e MatchPredicate_MatchSetValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e MatchPredicate_MatchSetValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e MatchPredicate_MatchSetValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e MatchPredicate_MatchSetValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e MatchPredicate_MatchSetValidationError) ErrorName() string {
+	return "MatchPredicate_MatchSetValidationError"
+}
+
+// Error satisfies the builtin error interface
+func (e MatchPredicate_MatchSetValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sMatchPredicate_MatchSet.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = MatchPredicate_MatchSetValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = MatchPredicate_MatchSetValidationError{}
+
+// Validate checks the field values on HttpGenericBodyMatch_GenericTextMatch
+// with the rules defined in the proto definition for this message. If any
+// rules are violated, the first error encountered is returned, or nil if
+// there are no violations.
+func (m *HttpGenericBodyMatch_GenericTextMatch) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on HttpGenericBodyMatch_GenericTextMatch
+// with the rules defined in the proto definition for this message. If any
+// rules are violated, the result is a list of violation errors wrapped in
+// HttpGenericBodyMatch_GenericTextMatchMultiError, or nil if none found.
+func (m *HttpGenericBodyMatch_GenericTextMatch) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *HttpGenericBodyMatch_GenericTextMatch) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	switch m.Rule.(type) {
+
+	case *HttpGenericBodyMatch_GenericTextMatch_StringMatch:
+
+		if utf8.RuneCountInString(m.GetStringMatch()) < 1 {
+			err := HttpGenericBodyMatch_GenericTextMatchValidationError{
+				field:  "StringMatch",
+				reason: "value length must be at least 1 runes",
+			}
+			if !all {
+				return err
+			}
+			errors = append(errors, err)
+		}
+
+	case *HttpGenericBodyMatch_GenericTextMatch_BinaryMatch:
+
+		if len(m.GetBinaryMatch()) < 1 {
+			err := HttpGenericBodyMatch_GenericTextMatchValidationError{
+				field:  "BinaryMatch",
+				reason: "value length must be at least 1 bytes",
+			}
+			if !all {
+				return err
+			}
+			errors = append(errors, err)
+		}
+
+	default:
+		err := HttpGenericBodyMatch_GenericTextMatchValidationError{
+			field:  "Rule",
+			reason: "value is required",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+
+	}
+
+	if len(errors) > 0 {
+		return HttpGenericBodyMatch_GenericTextMatchMultiError(errors)
+	}
+	return nil
+}
+
+// HttpGenericBodyMatch_GenericTextMatchMultiError is an error wrapping
+// multiple validation errors returned by
+// HttpGenericBodyMatch_GenericTextMatch.ValidateAll() if the designated
+// constraints aren't met.
+type HttpGenericBodyMatch_GenericTextMatchMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m HttpGenericBodyMatch_GenericTextMatchMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m HttpGenericBodyMatch_GenericTextMatchMultiError) AllErrors() []error { return m }
+
+// HttpGenericBodyMatch_GenericTextMatchValidationError is the validation error
+// returned by HttpGenericBodyMatch_GenericTextMatch.Validate if the
+// designated constraints aren't met.
+type HttpGenericBodyMatch_GenericTextMatchValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e HttpGenericBodyMatch_GenericTextMatchValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e HttpGenericBodyMatch_GenericTextMatchValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e HttpGenericBodyMatch_GenericTextMatchValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e HttpGenericBodyMatch_GenericTextMatchValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e HttpGenericBodyMatch_GenericTextMatchValidationError) ErrorName() string {
+	return "HttpGenericBodyMatch_GenericTextMatchValidationError"
+}
+
+// Error satisfies the builtin error interface
+func (e HttpGenericBodyMatch_GenericTextMatchValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sHttpGenericBodyMatch_GenericTextMatch.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = HttpGenericBodyMatch_GenericTextMatchValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = HttpGenericBodyMatch_GenericTextMatchValidationError{}
diff --git a/vendor/github.com/envoyproxy/go-control-plane/envoy/config/core/v3/address.pb.go b/vendor/github.com/envoyproxy/go-control-plane/envoy/config/core/v3/address.pb.go
new file mode 100644
index 00000000000..5b957c8e74c
--- /dev/null
+++ b/vendor/github.com/envoyproxy/go-control-plane/envoy/config/core/v3/address.pb.go
@@ -0,0 +1,936 @@
+// Code generated by protoc-gen-go. DO NOT EDIT.
+// versions:
+// 	protoc-gen-go v1.25.0
+// 	protoc        v3.19.1
+// source: envoy/config/core/v3/address.proto
+
+package envoy_config_core_v3
+
+import (
+	_ "github.com/cncf/xds/go/udpa/annotations"
+	_ "github.com/envoyproxy/protoc-gen-validate/validate"
+	proto "github.com/golang/protobuf/proto"
+	wrappers "github.com/golang/protobuf/ptypes/wrappers"
+	protoreflect "google.golang.org/protobuf/reflect/protoreflect"
+	protoimpl "google.golang.org/protobuf/runtime/protoimpl"
+	reflect "reflect"
+	sync "sync"
+)
+
+const (
+	// Verify that this generated code is sufficiently up-to-date.
+	_ = protoimpl.EnforceVersion(20 - protoimpl.MinVersion)
+	// Verify that runtime/protoimpl is sufficiently up-to-date.
+	_ = protoimpl.EnforceVersion(protoimpl.MaxVersion - 20)
+)
+
+// This is a compile-time assertion that a sufficiently up-to-date version
+// of the legacy proto package is being used.
+const _ = proto.ProtoPackageIsVersion4
+
+type SocketAddress_Protocol int32
+
+const (
+	SocketAddress_TCP SocketAddress_Protocol = 0
+	SocketAddress_UDP SocketAddress_Protocol = 1
+)
+
+// Enum value maps for SocketAddress_Protocol.
+var (
+	SocketAddress_Protocol_name = map[int32]string{
+		0: "TCP",
+		1: "UDP",
+	}
+	SocketAddress_Protocol_value = map[string]int32{
+		"TCP": 0,
+		"UDP": 1,
+	}
+)
+
+func (x SocketAddress_Protocol) Enum() *SocketAddress_Protocol {
+	p := new(SocketAddress_Protocol)
+	*p = x
+	return p
+}
+
+func (x SocketAddress_Protocol) String() string {
+	return protoimpl.X.EnumStringOf(x.Descriptor(), protoreflect.EnumNumber(x))
+}
+
+func (SocketAddress_Protocol) Descriptor() protoreflect.EnumDescriptor {
+	return file_envoy_config_core_v3_address_proto_enumTypes[0].Descriptor()
+}
+
+func (SocketAddress_Protocol) Type() protoreflect.EnumType {
+	return &file_envoy_config_core_v3_address_proto_enumTypes[0]
+}
+
+func (x SocketAddress_Protocol) Number() protoreflect.EnumNumber {
+	return protoreflect.EnumNumber(x)
+}
+
+// Deprecated: Use SocketAddress_Protocol.Descriptor instead.
+func (SocketAddress_Protocol) EnumDescriptor() ([]byte, []int) {
+	return file_envoy_config_core_v3_address_proto_rawDescGZIP(), []int{2, 0}
+}
+
+type Pipe struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// Unix Domain Socket path. On Linux, paths starting with '@' will use the
+	// abstract namespace. The starting '@' is replaced by a null byte by Envoy.
+	// Paths starting with '@' will result in an error in environments other than
+	// Linux.
+	Path string `protobuf:"bytes,1,opt,name=path,proto3" json:"path,omitempty"`
+	// The mode for the Pipe. Not applicable for abstract sockets.
+	Mode uint32 `protobuf:"varint,2,opt,name=mode,proto3" json:"mode,omitempty"`
+}
+
+func (x *Pipe) Reset() {
+	*x = Pipe{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_config_core_v3_address_proto_msgTypes[0]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *Pipe) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*Pipe) ProtoMessage() {}
+
+func (x *Pipe) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_config_core_v3_address_proto_msgTypes[0]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use Pipe.ProtoReflect.Descriptor instead.
+func (*Pipe) Descriptor() ([]byte, []int) {
+	return file_envoy_config_core_v3_address_proto_rawDescGZIP(), []int{0}
+}
+
+func (x *Pipe) GetPath() string {
+	if x != nil {
+		return x.Path
+	}
+	return ""
+}
+
+func (x *Pipe) GetMode() uint32 {
+	if x != nil {
+		return x.Mode
+	}
+	return 0
+}
+
+// [#not-implemented-hide:] The address represents an envoy internal listener.
+// TODO(lambdai): Make this address available for listener and endpoint.
+// TODO(asraa): When address available, remove workaround from test/server/server_fuzz_test.cc:30.
+type EnvoyInternalAddress struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// Types that are assignable to AddressNameSpecifier:
+	//	*EnvoyInternalAddress_ServerListenerName
+	AddressNameSpecifier isEnvoyInternalAddress_AddressNameSpecifier `protobuf_oneof:"address_name_specifier"`
+}
+
+func (x *EnvoyInternalAddress) Reset() {
+	*x = EnvoyInternalAddress{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_config_core_v3_address_proto_msgTypes[1]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *EnvoyInternalAddress) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*EnvoyInternalAddress) ProtoMessage() {}
+
+func (x *EnvoyInternalAddress) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_config_core_v3_address_proto_msgTypes[1]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use EnvoyInternalAddress.ProtoReflect.Descriptor instead.
+func (*EnvoyInternalAddress) Descriptor() ([]byte, []int) {
+	return file_envoy_config_core_v3_address_proto_rawDescGZIP(), []int{1}
+}
+
+func (m *EnvoyInternalAddress) GetAddressNameSpecifier() isEnvoyInternalAddress_AddressNameSpecifier {
+	if m != nil {
+		return m.AddressNameSpecifier
+	}
+	return nil
+}
+
+func (x *EnvoyInternalAddress) GetServerListenerName() string {
+	if x, ok := x.GetAddressNameSpecifier().(*EnvoyInternalAddress_ServerListenerName); ok {
+		return x.ServerListenerName
+	}
+	return ""
+}
+
+type isEnvoyInternalAddress_AddressNameSpecifier interface {
+	isEnvoyInternalAddress_AddressNameSpecifier()
+}
+
+type EnvoyInternalAddress_ServerListenerName struct {
+	// [#not-implemented-hide:] The :ref:`listener name <envoy_v3_api_field_config.listener.v3.Listener.name>` of the destination internal listener.
+	ServerListenerName string `protobuf:"bytes,1,opt,name=server_listener_name,json=serverListenerName,proto3,oneof"`
+}
+
+func (*EnvoyInternalAddress_ServerListenerName) isEnvoyInternalAddress_AddressNameSpecifier() {}
+
+// [#next-free-field: 7]
+type SocketAddress struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	Protocol SocketAddress_Protocol `protobuf:"varint,1,opt,name=protocol,proto3,enum=envoy.config.core.v3.SocketAddress_Protocol" json:"protocol,omitempty"`
+	// The address for this socket. :ref:`Listeners <config_listeners>` will bind
+	// to the address. An empty address is not allowed. Specify ``0.0.0.0`` or ``::``
+	// to bind to any address. [#comment:TODO(zuercher) reinstate when implemented:
+	// It is possible to distinguish a Listener address via the prefix/suffix matching
+	// in :ref:`FilterChainMatch <envoy_v3_api_msg_config.listener.v3.FilterChainMatch>`.] When used
+	// within an upstream :ref:`BindConfig <envoy_v3_api_msg_config.core.v3.BindConfig>`, the address
+	// controls the source address of outbound connections. For :ref:`clusters
+	// <envoy_v3_api_msg_config.cluster.v3.Cluster>`, the cluster type determines whether the
+	// address must be an IP (*STATIC* or *EDS* clusters) or a hostname resolved by DNS
+	// (*STRICT_DNS* or *LOGICAL_DNS* clusters). Address resolution can be customized
+	// via :ref:`resolver_name <envoy_v3_api_field_config.core.v3.SocketAddress.resolver_name>`.
+	Address string `protobuf:"bytes,2,opt,name=address,proto3" json:"address,omitempty"`
+	// Types that are assignable to PortSpecifier:
+	//	*SocketAddress_PortValue
+	//	*SocketAddress_NamedPort
+	PortSpecifier isSocketAddress_PortSpecifier `protobuf_oneof:"port_specifier"`
+	// The name of the custom resolver. This must have been registered with Envoy. If
+	// this is empty, a context dependent default applies. If the address is a concrete
+	// IP address, no resolution will occur. If address is a hostname this
+	// should be set for resolution other than DNS. Specifying a custom resolver with
+	// *STRICT_DNS* or *LOGICAL_DNS* will generate an error at runtime.
+	ResolverName string `protobuf:"bytes,5,opt,name=resolver_name,json=resolverName,proto3" json:"resolver_name,omitempty"`
+	// When binding to an IPv6 address above, this enables `IPv4 compatibility
+	// <https://tools.ietf.org/html/rfc3493#page-11>`_. Binding to ``::`` will
+	// allow both IPv4 and IPv6 connections, with peer IPv4 addresses mapped into
+	// IPv6 space as ``::FFFF:<IPv4-address>``.
+	Ipv4Compat bool `protobuf:"varint,6,opt,name=ipv4_compat,json=ipv4Compat,proto3" json:"ipv4_compat,omitempty"`
+}
+
+func (x *SocketAddress) Reset() {
+	*x = SocketAddress{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_config_core_v3_address_proto_msgTypes[2]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *SocketAddress) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*SocketAddress) ProtoMessage() {}
+
+func (x *SocketAddress) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_config_core_v3_address_proto_msgTypes[2]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use SocketAddress.ProtoReflect.Descriptor instead.
+func (*SocketAddress) Descriptor() ([]byte, []int) {
+	return file_envoy_config_core_v3_address_proto_rawDescGZIP(), []int{2}
+}
+
+func (x *SocketAddress) GetProtocol() SocketAddress_Protocol {
+	if x != nil {
+		return x.Protocol
+	}
+	return SocketAddress_TCP
+}
+
+func (x *SocketAddress) GetAddress() string {
+	if x != nil {
+		return x.Address
+	}
+	return ""
+}
+
+func (m *SocketAddress) GetPortSpecifier() isSocketAddress_PortSpecifier {
+	if m != nil {
+		return m.PortSpecifier
+	}
+	return nil
+}
+
+func (x *SocketAddress) GetPortValue() uint32 {
+	if x, ok := x.GetPortSpecifier().(*SocketAddress_PortValue); ok {
+		return x.PortValue
+	}
+	return 0
+}
+
+func (x *SocketAddress) GetNamedPort() string {
+	if x, ok := x.GetPortSpecifier().(*SocketAddress_NamedPort); ok {
+		return x.NamedPort
+	}
+	return ""
+}
+
+func (x *SocketAddress) GetResolverName() string {
+	if x != nil {
+		return x.ResolverName
+	}
+	return ""
+}
+
+func (x *SocketAddress) GetIpv4Compat() bool {
+	if x != nil {
+		return x.Ipv4Compat
+	}
+	return false
+}
+
+type isSocketAddress_PortSpecifier interface {
+	isSocketAddress_PortSpecifier()
+}
+
+type SocketAddress_PortValue struct {
+	PortValue uint32 `protobuf:"varint,3,opt,name=port_value,json=portValue,proto3,oneof"`
+}
+
+type SocketAddress_NamedPort struct {
+	// This is only valid if :ref:`resolver_name
+	// <envoy_v3_api_field_config.core.v3.SocketAddress.resolver_name>` is specified below and the
+	// named resolver is capable of named port resolution.
+	NamedPort string `protobuf:"bytes,4,opt,name=named_port,json=namedPort,proto3,oneof"`
+}
+
+func (*SocketAddress_PortValue) isSocketAddress_PortSpecifier() {}
+
+func (*SocketAddress_NamedPort) isSocketAddress_PortSpecifier() {}
+
+type TcpKeepalive struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// Maximum number of keepalive probes to send without response before deciding
+	// the connection is dead. Default is to use the OS level configuration (unless
+	// overridden, Linux defaults to 9.)
+	KeepaliveProbes *wrappers.UInt32Value `protobuf:"bytes,1,opt,name=keepalive_probes,json=keepaliveProbes,proto3" json:"keepalive_probes,omitempty"`
+	// The number of seconds a connection needs to be idle before keep-alive probes
+	// start being sent. Default is to use the OS level configuration (unless
+	// overridden, Linux defaults to 7200s (i.e., 2 hours.)
+	KeepaliveTime *wrappers.UInt32Value `protobuf:"bytes,2,opt,name=keepalive_time,json=keepaliveTime,proto3" json:"keepalive_time,omitempty"`
+	// The number of seconds between keep-alive probes. Default is to use the OS
+	// level configuration (unless overridden, Linux defaults to 75s.)
+	KeepaliveInterval *wrappers.UInt32Value `protobuf:"bytes,3,opt,name=keepalive_interval,json=keepaliveInterval,proto3" json:"keepalive_interval,omitempty"`
+}
+
+func (x *TcpKeepalive) Reset() {
+	*x = TcpKeepalive{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_config_core_v3_address_proto_msgTypes[3]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *TcpKeepalive) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*TcpKeepalive) ProtoMessage() {}
+
+func (x *TcpKeepalive) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_config_core_v3_address_proto_msgTypes[3]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use TcpKeepalive.ProtoReflect.Descriptor instead.
+func (*TcpKeepalive) Descriptor() ([]byte, []int) {
+	return file_envoy_config_core_v3_address_proto_rawDescGZIP(), []int{3}
+}
+
+func (x *TcpKeepalive) GetKeepaliveProbes() *wrappers.UInt32Value {
+	if x != nil {
+		return x.KeepaliveProbes
+	}
+	return nil
+}
+
+func (x *TcpKeepalive) GetKeepaliveTime() *wrappers.UInt32Value {
+	if x != nil {
+		return x.KeepaliveTime
+	}
+	return nil
+}
+
+func (x *TcpKeepalive) GetKeepaliveInterval() *wrappers.UInt32Value {
+	if x != nil {
+		return x.KeepaliveInterval
+	}
+	return nil
+}
+
+type BindConfig struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// The address to bind to when creating a socket.
+	SourceAddress *SocketAddress `protobuf:"bytes,1,opt,name=source_address,json=sourceAddress,proto3" json:"source_address,omitempty"`
+	// Whether to set the *IP_FREEBIND* option when creating the socket. When this
+	// flag is set to true, allows the :ref:`source_address
+	// <envoy_v3_api_field_config.cluster.v3.UpstreamBindConfig.source_address>` to be an IP address
+	// that is not configured on the system running Envoy. When this flag is set
+	// to false, the option *IP_FREEBIND* is disabled on the socket. When this
+	// flag is not set (default), the socket is not modified, i.e. the option is
+	// neither enabled nor disabled.
+	Freebind *wrappers.BoolValue `protobuf:"bytes,2,opt,name=freebind,proto3" json:"freebind,omitempty"`
+	// Additional socket options that may not be present in Envoy source code or
+	// precompiled binaries.
+	SocketOptions []*SocketOption `protobuf:"bytes,3,rep,name=socket_options,json=socketOptions,proto3" json:"socket_options,omitempty"`
+}
+
+func (x *BindConfig) Reset() {
+	*x = BindConfig{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_config_core_v3_address_proto_msgTypes[4]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *BindConfig) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*BindConfig) ProtoMessage() {}
+
+func (x *BindConfig) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_config_core_v3_address_proto_msgTypes[4]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use BindConfig.ProtoReflect.Descriptor instead.
+func (*BindConfig) Descriptor() ([]byte, []int) {
+	return file_envoy_config_core_v3_address_proto_rawDescGZIP(), []int{4}
+}
+
+func (x *BindConfig) GetSourceAddress() *SocketAddress {
+	if x != nil {
+		return x.SourceAddress
+	}
+	return nil
+}
+
+func (x *BindConfig) GetFreebind() *wrappers.BoolValue {
+	if x != nil {
+		return x.Freebind
+	}
+	return nil
+}
+
+func (x *BindConfig) GetSocketOptions() []*SocketOption {
+	if x != nil {
+		return x.SocketOptions
+	}
+	return nil
+}
+
+// Addresses specify either a logical or physical address and port, which are
+// used to tell Envoy where to bind/listen, connect to upstream and find
+// management servers.
+type Address struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// Types that are assignable to Address:
+	//	*Address_SocketAddress
+	//	*Address_Pipe
+	//	*Address_EnvoyInternalAddress
+	Address isAddress_Address `protobuf_oneof:"address"`
+}
+
+func (x *Address) Reset() {
+	*x = Address{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_config_core_v3_address_proto_msgTypes[5]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *Address) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*Address) ProtoMessage() {}
+
+func (x *Address) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_config_core_v3_address_proto_msgTypes[5]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use Address.ProtoReflect.Descriptor instead.
+func (*Address) Descriptor() ([]byte, []int) {
+	return file_envoy_config_core_v3_address_proto_rawDescGZIP(), []int{5}
+}
+
+func (m *Address) GetAddress() isAddress_Address {
+	if m != nil {
+		return m.Address
+	}
+	return nil
+}
+
+func (x *Address) GetSocketAddress() *SocketAddress {
+	if x, ok := x.GetAddress().(*Address_SocketAddress); ok {
+		return x.SocketAddress
+	}
+	return nil
+}
+
+func (x *Address) GetPipe() *Pipe {
+	if x, ok := x.GetAddress().(*Address_Pipe); ok {
+		return x.Pipe
+	}
+	return nil
+}
+
+func (x *Address) GetEnvoyInternalAddress() *EnvoyInternalAddress {
+	if x, ok := x.GetAddress().(*Address_EnvoyInternalAddress); ok {
+		return x.EnvoyInternalAddress
+	}
+	return nil
+}
+
+type isAddress_Address interface {
+	isAddress_Address()
+}
+
+type Address_SocketAddress struct {
+	SocketAddress *SocketAddress `protobuf:"bytes,1,opt,name=socket_address,json=socketAddress,proto3,oneof"`
+}
+
+type Address_Pipe struct {
+	Pipe *Pipe `protobuf:"bytes,2,opt,name=pipe,proto3,oneof"`
+}
+
+type Address_EnvoyInternalAddress struct {
+	// [#not-implemented-hide:]
+	EnvoyInternalAddress *EnvoyInternalAddress `protobuf:"bytes,3,opt,name=envoy_internal_address,json=envoyInternalAddress,proto3,oneof"`
+}
+
+func (*Address_SocketAddress) isAddress_Address() {}
+
+func (*Address_Pipe) isAddress_Address() {}
+
+func (*Address_EnvoyInternalAddress) isAddress_Address() {}
+
+// CidrRange specifies an IP Address and a prefix length to construct
+// the subnet mask for a `CIDR <https://tools.ietf.org/html/rfc4632>`_ range.
+type CidrRange struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// IPv4 or IPv6 address, e.g. ``192.0.0.0`` or ``2001:db8::``.
+	AddressPrefix string `protobuf:"bytes,1,opt,name=address_prefix,json=addressPrefix,proto3" json:"address_prefix,omitempty"`
+	// Length of prefix, e.g. 0, 32. Defaults to 0 when unset.
+	PrefixLen *wrappers.UInt32Value `protobuf:"bytes,2,opt,name=prefix_len,json=prefixLen,proto3" json:"prefix_len,omitempty"`
+}
+
+func (x *CidrRange) Reset() {
+	*x = CidrRange{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_config_core_v3_address_proto_msgTypes[6]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *CidrRange) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*CidrRange) ProtoMessage() {}
+
+func (x *CidrRange) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_config_core_v3_address_proto_msgTypes[6]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use CidrRange.ProtoReflect.Descriptor instead.
+func (*CidrRange) Descriptor() ([]byte, []int) {
+	return file_envoy_config_core_v3_address_proto_rawDescGZIP(), []int{6}
+}
+
+func (x *CidrRange) GetAddressPrefix() string {
+	if x != nil {
+		return x.AddressPrefix
+	}
+	return ""
+}
+
+func (x *CidrRange) GetPrefixLen() *wrappers.UInt32Value {
+	if x != nil {
+		return x.PrefixLen
+	}
+	return nil
+}
+
+var File_envoy_config_core_v3_address_proto protoreflect.FileDescriptor
+
+var file_envoy_config_core_v3_address_proto_rawDesc = []byte{
+	0x0a, 0x22, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2f, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2f, 0x63,
+	0x6f, 0x72, 0x65, 0x2f, 0x76, 0x33, 0x2f, 0x61, 0x64, 0x64, 0x72, 0x65, 0x73, 0x73, 0x2e, 0x70,
+	0x72, 0x6f, 0x74, 0x6f, 0x12, 0x14, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66,
+	0x69, 0x67, 0x2e, 0x63, 0x6f, 0x72, 0x65, 0x2e, 0x76, 0x33, 0x1a, 0x28, 0x65, 0x6e, 0x76, 0x6f,
+	0x79, 0x2f, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2f, 0x63, 0x6f, 0x72, 0x65, 0x2f, 0x76, 0x33,
+	0x2f, 0x73, 0x6f, 0x63, 0x6b, 0x65, 0x74, 0x5f, 0x6f, 0x70, 0x74, 0x69, 0x6f, 0x6e, 0x2e, 0x70,
+	0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x1e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2f, 0x70, 0x72, 0x6f,
+	0x74, 0x6f, 0x62, 0x75, 0x66, 0x2f, 0x77, 0x72, 0x61, 0x70, 0x70, 0x65, 0x72, 0x73, 0x2e, 0x70,
+	0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x1d, 0x75, 0x64, 0x70, 0x61, 0x2f, 0x61, 0x6e, 0x6e, 0x6f, 0x74,
+	0x61, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x2f, 0x73, 0x74, 0x61, 0x74, 0x75, 0x73, 0x2e, 0x70, 0x72,
+	0x6f, 0x74, 0x6f, 0x1a, 0x21, 0x75, 0x64, 0x70, 0x61, 0x2f, 0x61, 0x6e, 0x6e, 0x6f, 0x74, 0x61,
+	0x74, 0x69, 0x6f, 0x6e, 0x73, 0x2f, 0x76, 0x65, 0x72, 0x73, 0x69, 0x6f, 0x6e, 0x69, 0x6e, 0x67,
+	0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x17, 0x76, 0x61, 0x6c, 0x69, 0x64, 0x61, 0x74, 0x65,
+	0x2f, 0x76, 0x61, 0x6c, 0x69, 0x64, 0x61, 0x74, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x22,
+	0x60, 0x0a, 0x04, 0x50, 0x69, 0x70, 0x65, 0x12, 0x1b, 0x0a, 0x04, 0x70, 0x61, 0x74, 0x68, 0x18,
+	0x01, 0x20, 0x01, 0x28, 0x09, 0x42, 0x07, 0xfa, 0x42, 0x04, 0x72, 0x02, 0x10, 0x01, 0x52, 0x04,
+	0x70, 0x61, 0x74, 0x68, 0x12, 0x1c, 0x0a, 0x04, 0x6d, 0x6f, 0x64, 0x65, 0x18, 0x02, 0x20, 0x01,
+	0x28, 0x0d, 0x42, 0x08, 0xfa, 0x42, 0x05, 0x2a, 0x03, 0x18, 0xff, 0x03, 0x52, 0x04, 0x6d, 0x6f,
+	0x64, 0x65, 0x3a, 0x1d, 0x9a, 0xc5, 0x88, 0x1e, 0x18, 0x0a, 0x16, 0x65, 0x6e, 0x76, 0x6f, 0x79,
+	0x2e, 0x61, 0x70, 0x69, 0x2e, 0x76, 0x32, 0x2e, 0x63, 0x6f, 0x72, 0x65, 0x2e, 0x50, 0x69, 0x70,
+	0x65, 0x22, 0x69, 0x0a, 0x14, 0x45, 0x6e, 0x76, 0x6f, 0x79, 0x49, 0x6e, 0x74, 0x65, 0x72, 0x6e,
+	0x61, 0x6c, 0x41, 0x64, 0x64, 0x72, 0x65, 0x73, 0x73, 0x12, 0x32, 0x0a, 0x14, 0x73, 0x65, 0x72,
+	0x76, 0x65, 0x72, 0x5f, 0x6c, 0x69, 0x73, 0x74, 0x65, 0x6e, 0x65, 0x72, 0x5f, 0x6e, 0x61, 0x6d,
+	0x65, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x48, 0x00, 0x52, 0x12, 0x73, 0x65, 0x72, 0x76, 0x65,
+	0x72, 0x4c, 0x69, 0x73, 0x74, 0x65, 0x6e, 0x65, 0x72, 0x4e, 0x61, 0x6d, 0x65, 0x42, 0x1d, 0x0a,
+	0x16, 0x61, 0x64, 0x64, 0x72, 0x65, 0x73, 0x73, 0x5f, 0x6e, 0x61, 0x6d, 0x65, 0x5f, 0x73, 0x70,
+	0x65, 0x63, 0x69, 0x66, 0x69, 0x65, 0x72, 0x12, 0x03, 0xf8, 0x42, 0x01, 0x22, 0xf6, 0x02, 0x0a,
+	0x0d, 0x53, 0x6f, 0x63, 0x6b, 0x65, 0x74, 0x41, 0x64, 0x64, 0x72, 0x65, 0x73, 0x73, 0x12, 0x52,
+	0x0a, 0x08, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x63, 0x6f, 0x6c, 0x18, 0x01, 0x20, 0x01, 0x28, 0x0e,
+	0x32, 0x2c, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e,
+	0x63, 0x6f, 0x72, 0x65, 0x2e, 0x76, 0x33, 0x2e, 0x53, 0x6f, 0x63, 0x6b, 0x65, 0x74, 0x41, 0x64,
+	0x64, 0x72, 0x65, 0x73, 0x73, 0x2e, 0x50, 0x72, 0x6f, 0x74, 0x6f, 0x63, 0x6f, 0x6c, 0x42, 0x08,
+	0xfa, 0x42, 0x05, 0x82, 0x01, 0x02, 0x10, 0x01, 0x52, 0x08, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x63,
+	0x6f, 0x6c, 0x12, 0x21, 0x0a, 0x07, 0x61, 0x64, 0x64, 0x72, 0x65, 0x73, 0x73, 0x18, 0x02, 0x20,
+	0x01, 0x28, 0x09, 0x42, 0x07, 0xfa, 0x42, 0x04, 0x72, 0x02, 0x10, 0x01, 0x52, 0x07, 0x61, 0x64,
+	0x64, 0x72, 0x65, 0x73, 0x73, 0x12, 0x2a, 0x0a, 0x0a, 0x70, 0x6f, 0x72, 0x74, 0x5f, 0x76, 0x61,
+	0x6c, 0x75, 0x65, 0x18, 0x03, 0x20, 0x01, 0x28, 0x0d, 0x42, 0x09, 0xfa, 0x42, 0x06, 0x2a, 0x04,
+	0x18, 0xff, 0xff, 0x03, 0x48, 0x00, 0x52, 0x09, 0x70, 0x6f, 0x72, 0x74, 0x56, 0x61, 0x6c, 0x75,
+	0x65, 0x12, 0x1f, 0x0a, 0x0a, 0x6e, 0x61, 0x6d, 0x65, 0x64, 0x5f, 0x70, 0x6f, 0x72, 0x74, 0x18,
+	0x04, 0x20, 0x01, 0x28, 0x09, 0x48, 0x00, 0x52, 0x09, 0x6e, 0x61, 0x6d, 0x65, 0x64, 0x50, 0x6f,
+	0x72, 0x74, 0x12, 0x23, 0x0a, 0x0d, 0x72, 0x65, 0x73, 0x6f, 0x6c, 0x76, 0x65, 0x72, 0x5f, 0x6e,
+	0x61, 0x6d, 0x65, 0x18, 0x05, 0x20, 0x01, 0x28, 0x09, 0x52, 0x0c, 0x72, 0x65, 0x73, 0x6f, 0x6c,
+	0x76, 0x65, 0x72, 0x4e, 0x61, 0x6d, 0x65, 0x12, 0x1f, 0x0a, 0x0b, 0x69, 0x70, 0x76, 0x34, 0x5f,
+	0x63, 0x6f, 0x6d, 0x70, 0x61, 0x74, 0x18, 0x06, 0x20, 0x01, 0x28, 0x08, 0x52, 0x0a, 0x69, 0x70,
+	0x76, 0x34, 0x43, 0x6f, 0x6d, 0x70, 0x61, 0x74, 0x22, 0x1c, 0x0a, 0x08, 0x50, 0x72, 0x6f, 0x74,
+	0x6f, 0x63, 0x6f, 0x6c, 0x12, 0x07, 0x0a, 0x03, 0x54, 0x43, 0x50, 0x10, 0x00, 0x12, 0x07, 0x0a,
+	0x03, 0x55, 0x44, 0x50, 0x10, 0x01, 0x3a, 0x26, 0x9a, 0xc5, 0x88, 0x1e, 0x21, 0x0a, 0x1f, 0x65,
+	0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x76, 0x32, 0x2e, 0x63, 0x6f, 0x72, 0x65,
+	0x2e, 0x53, 0x6f, 0x63, 0x6b, 0x65, 0x74, 0x41, 0x64, 0x64, 0x72, 0x65, 0x73, 0x73, 0x42, 0x15,
+	0x0a, 0x0e, 0x70, 0x6f, 0x72, 0x74, 0x5f, 0x73, 0x70, 0x65, 0x63, 0x69, 0x66, 0x69, 0x65, 0x72,
+	0x12, 0x03, 0xf8, 0x42, 0x01, 0x22, 0x90, 0x02, 0x0a, 0x0c, 0x54, 0x63, 0x70, 0x4b, 0x65, 0x65,
+	0x70, 0x61, 0x6c, 0x69, 0x76, 0x65, 0x12, 0x47, 0x0a, 0x10, 0x6b, 0x65, 0x65, 0x70, 0x61, 0x6c,
+	0x69, 0x76, 0x65, 0x5f, 0x70, 0x72, 0x6f, 0x62, 0x65, 0x73, 0x18, 0x01, 0x20, 0x01, 0x28, 0x0b,
+	0x32, 0x1c, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62,
+	0x75, 0x66, 0x2e, 0x55, 0x49, 0x6e, 0x74, 0x33, 0x32, 0x56, 0x61, 0x6c, 0x75, 0x65, 0x52, 0x0f,
+	0x6b, 0x65, 0x65, 0x70, 0x61, 0x6c, 0x69, 0x76, 0x65, 0x50, 0x72, 0x6f, 0x62, 0x65, 0x73, 0x12,
+	0x43, 0x0a, 0x0e, 0x6b, 0x65, 0x65, 0x70, 0x61, 0x6c, 0x69, 0x76, 0x65, 0x5f, 0x74, 0x69, 0x6d,
+	0x65, 0x18, 0x02, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1c, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65,
+	0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x55, 0x49, 0x6e, 0x74, 0x33, 0x32,
+	0x56, 0x61, 0x6c, 0x75, 0x65, 0x52, 0x0d, 0x6b, 0x65, 0x65, 0x70, 0x61, 0x6c, 0x69, 0x76, 0x65,
+	0x54, 0x69, 0x6d, 0x65, 0x12, 0x4b, 0x0a, 0x12, 0x6b, 0x65, 0x65, 0x70, 0x61, 0x6c, 0x69, 0x76,
+	0x65, 0x5f, 0x69, 0x6e, 0x74, 0x65, 0x72, 0x76, 0x61, 0x6c, 0x18, 0x03, 0x20, 0x01, 0x28, 0x0b,
+	0x32, 0x1c, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62,
+	0x75, 0x66, 0x2e, 0x55, 0x49, 0x6e, 0x74, 0x33, 0x32, 0x56, 0x61, 0x6c, 0x75, 0x65, 0x52, 0x11,
+	0x6b, 0x65, 0x65, 0x70, 0x61, 0x6c, 0x69, 0x76, 0x65, 0x49, 0x6e, 0x74, 0x65, 0x72, 0x76, 0x61,
+	0x6c, 0x3a, 0x25, 0x9a, 0xc5, 0x88, 0x1e, 0x20, 0x0a, 0x1e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e,
+	0x61, 0x70, 0x69, 0x2e, 0x76, 0x32, 0x2e, 0x63, 0x6f, 0x72, 0x65, 0x2e, 0x54, 0x63, 0x70, 0x4b,
+	0x65, 0x65, 0x70, 0x61, 0x6c, 0x69, 0x76, 0x65, 0x22, 0x8a, 0x02, 0x0a, 0x0a, 0x42, 0x69, 0x6e,
+	0x64, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x12, 0x54, 0x0a, 0x0e, 0x73, 0x6f, 0x75, 0x72, 0x63,
+	0x65, 0x5f, 0x61, 0x64, 0x64, 0x72, 0x65, 0x73, 0x73, 0x18, 0x01, 0x20, 0x01, 0x28, 0x0b, 0x32,
+	0x23, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x63,
+	0x6f, 0x72, 0x65, 0x2e, 0x76, 0x33, 0x2e, 0x53, 0x6f, 0x63, 0x6b, 0x65, 0x74, 0x41, 0x64, 0x64,
+	0x72, 0x65, 0x73, 0x73, 0x42, 0x08, 0xfa, 0x42, 0x05, 0x8a, 0x01, 0x02, 0x10, 0x01, 0x52, 0x0d,
+	0x73, 0x6f, 0x75, 0x72, 0x63, 0x65, 0x41, 0x64, 0x64, 0x72, 0x65, 0x73, 0x73, 0x12, 0x36, 0x0a,
+	0x08, 0x66, 0x72, 0x65, 0x65, 0x62, 0x69, 0x6e, 0x64, 0x18, 0x02, 0x20, 0x01, 0x28, 0x0b, 0x32,
+	0x1a, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75,
+	0x66, 0x2e, 0x42, 0x6f, 0x6f, 0x6c, 0x56, 0x61, 0x6c, 0x75, 0x65, 0x52, 0x08, 0x66, 0x72, 0x65,
+	0x65, 0x62, 0x69, 0x6e, 0x64, 0x12, 0x49, 0x0a, 0x0e, 0x73, 0x6f, 0x63, 0x6b, 0x65, 0x74, 0x5f,
+	0x6f, 0x70, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x18, 0x03, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x22, 0x2e,
+	0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x63, 0x6f, 0x72,
+	0x65, 0x2e, 0x76, 0x33, 0x2e, 0x53, 0x6f, 0x63, 0x6b, 0x65, 0x74, 0x4f, 0x70, 0x74, 0x69, 0x6f,
+	0x6e, 0x52, 0x0d, 0x73, 0x6f, 0x63, 0x6b, 0x65, 0x74, 0x4f, 0x70, 0x74, 0x69, 0x6f, 0x6e, 0x73,
+	0x3a, 0x23, 0x9a, 0xc5, 0x88, 0x1e, 0x1e, 0x0a, 0x1c, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61,
+	0x70, 0x69, 0x2e, 0x76, 0x32, 0x2e, 0x63, 0x6f, 0x72, 0x65, 0x2e, 0x42, 0x69, 0x6e, 0x64, 0x43,
+	0x6f, 0x6e, 0x66, 0x69, 0x67, 0x22, 0x9f, 0x02, 0x0a, 0x07, 0x41, 0x64, 0x64, 0x72, 0x65, 0x73,
+	0x73, 0x12, 0x4c, 0x0a, 0x0e, 0x73, 0x6f, 0x63, 0x6b, 0x65, 0x74, 0x5f, 0x61, 0x64, 0x64, 0x72,
+	0x65, 0x73, 0x73, 0x18, 0x01, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x23, 0x2e, 0x65, 0x6e, 0x76, 0x6f,
+	0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x63, 0x6f, 0x72, 0x65, 0x2e, 0x76, 0x33,
+	0x2e, 0x53, 0x6f, 0x63, 0x6b, 0x65, 0x74, 0x41, 0x64, 0x64, 0x72, 0x65, 0x73, 0x73, 0x48, 0x00,
+	0x52, 0x0d, 0x73, 0x6f, 0x63, 0x6b, 0x65, 0x74, 0x41, 0x64, 0x64, 0x72, 0x65, 0x73, 0x73, 0x12,
+	0x30, 0x0a, 0x04, 0x70, 0x69, 0x70, 0x65, 0x18, 0x02, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1a, 0x2e,
+	0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x63, 0x6f, 0x72,
+	0x65, 0x2e, 0x76, 0x33, 0x2e, 0x50, 0x69, 0x70, 0x65, 0x48, 0x00, 0x52, 0x04, 0x70, 0x69, 0x70,
+	0x65, 0x12, 0x62, 0x0a, 0x16, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x5f, 0x69, 0x6e, 0x74, 0x65, 0x72,
+	0x6e, 0x61, 0x6c, 0x5f, 0x61, 0x64, 0x64, 0x72, 0x65, 0x73, 0x73, 0x18, 0x03, 0x20, 0x01, 0x28,
+	0x0b, 0x32, 0x2a, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67,
+	0x2e, 0x63, 0x6f, 0x72, 0x65, 0x2e, 0x76, 0x33, 0x2e, 0x45, 0x6e, 0x76, 0x6f, 0x79, 0x49, 0x6e,
+	0x74, 0x65, 0x72, 0x6e, 0x61, 0x6c, 0x41, 0x64, 0x64, 0x72, 0x65, 0x73, 0x73, 0x48, 0x00, 0x52,
+	0x14, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x49, 0x6e, 0x74, 0x65, 0x72, 0x6e, 0x61, 0x6c, 0x41, 0x64,
+	0x64, 0x72, 0x65, 0x73, 0x73, 0x3a, 0x20, 0x9a, 0xc5, 0x88, 0x1e, 0x1b, 0x0a, 0x19, 0x65, 0x6e,
+	0x76, 0x6f, 0x79, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x76, 0x32, 0x2e, 0x63, 0x6f, 0x72, 0x65, 0x2e,
+	0x41, 0x64, 0x64, 0x72, 0x65, 0x73, 0x73, 0x42, 0x0e, 0x0a, 0x07, 0x61, 0x64, 0x64, 0x72, 0x65,
+	0x73, 0x73, 0x12, 0x03, 0xf8, 0x42, 0x01, 0x22, 0xa6, 0x01, 0x0a, 0x09, 0x43, 0x69, 0x64, 0x72,
+	0x52, 0x61, 0x6e, 0x67, 0x65, 0x12, 0x2e, 0x0a, 0x0e, 0x61, 0x64, 0x64, 0x72, 0x65, 0x73, 0x73,
+	0x5f, 0x70, 0x72, 0x65, 0x66, 0x69, 0x78, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x42, 0x07, 0xfa,
+	0x42, 0x04, 0x72, 0x02, 0x10, 0x01, 0x52, 0x0d, 0x61, 0x64, 0x64, 0x72, 0x65, 0x73, 0x73, 0x50,
+	0x72, 0x65, 0x66, 0x69, 0x78, 0x12, 0x45, 0x0a, 0x0a, 0x70, 0x72, 0x65, 0x66, 0x69, 0x78, 0x5f,
+	0x6c, 0x65, 0x6e, 0x18, 0x02, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1c, 0x2e, 0x67, 0x6f, 0x6f, 0x67,
+	0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x55, 0x49, 0x6e, 0x74,
+	0x33, 0x32, 0x56, 0x61, 0x6c, 0x75, 0x65, 0x42, 0x08, 0xfa, 0x42, 0x05, 0x2a, 0x03, 0x18, 0x80,
+	0x01, 0x52, 0x09, 0x70, 0x72, 0x65, 0x66, 0x69, 0x78, 0x4c, 0x65, 0x6e, 0x3a, 0x22, 0x9a, 0xc5,
+	0x88, 0x1e, 0x1d, 0x0a, 0x1b, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x76,
+	0x32, 0x2e, 0x63, 0x6f, 0x72, 0x65, 0x2e, 0x43, 0x69, 0x64, 0x72, 0x52, 0x61, 0x6e, 0x67, 0x65,
+	0x42, 0x3c, 0x0a, 0x22, 0x69, 0x6f, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x70, 0x72, 0x6f, 0x78,
+	0x79, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x63,
+	0x6f, 0x72, 0x65, 0x2e, 0x76, 0x33, 0x42, 0x0c, 0x41, 0x64, 0x64, 0x72, 0x65, 0x73, 0x73, 0x50,
+	0x72, 0x6f, 0x74, 0x6f, 0x50, 0x01, 0xba, 0x80, 0xc8, 0xd1, 0x06, 0x02, 0x10, 0x02, 0x62, 0x06,
+	0x70, 0x72, 0x6f, 0x74, 0x6f, 0x33,
+}
+
+var (
+	file_envoy_config_core_v3_address_proto_rawDescOnce sync.Once
+	file_envoy_config_core_v3_address_proto_rawDescData = file_envoy_config_core_v3_address_proto_rawDesc
+)
+
+func file_envoy_config_core_v3_address_proto_rawDescGZIP() []byte {
+	file_envoy_config_core_v3_address_proto_rawDescOnce.Do(func() {
+		file_envoy_config_core_v3_address_proto_rawDescData = protoimpl.X.CompressGZIP(file_envoy_config_core_v3_address_proto_rawDescData)
+	})
+	return file_envoy_config_core_v3_address_proto_rawDescData
+}
+
+var file_envoy_config_core_v3_address_proto_enumTypes = make([]protoimpl.EnumInfo, 1)
+var file_envoy_config_core_v3_address_proto_msgTypes = make([]protoimpl.MessageInfo, 7)
+var file_envoy_config_core_v3_address_proto_goTypes = []interface{}{
+	(SocketAddress_Protocol)(0),  // 0: envoy.config.core.v3.SocketAddress.Protocol
+	(*Pipe)(nil),                 // 1: envoy.config.core.v3.Pipe
+	(*EnvoyInternalAddress)(nil), // 2: envoy.config.core.v3.EnvoyInternalAddress
+	(*SocketAddress)(nil),        // 3: envoy.config.core.v3.SocketAddress
+	(*TcpKeepalive)(nil),         // 4: envoy.config.core.v3.TcpKeepalive
+	(*BindConfig)(nil),           // 5: envoy.config.core.v3.BindConfig
+	(*Address)(nil),              // 6: envoy.config.core.v3.Address
+	(*CidrRange)(nil),            // 7: envoy.config.core.v3.CidrRange
+	(*wrappers.UInt32Value)(nil), // 8: google.protobuf.UInt32Value
+	(*wrappers.BoolValue)(nil),   // 9: google.protobuf.BoolValue
+	(*SocketOption)(nil),         // 10: envoy.config.core.v3.SocketOption
+}
+var file_envoy_config_core_v3_address_proto_depIdxs = []int32{
+	0,  // 0: envoy.config.core.v3.SocketAddress.protocol:type_name -> envoy.config.core.v3.SocketAddress.Protocol
+	8,  // 1: envoy.config.core.v3.TcpKeepalive.keepalive_probes:type_name -> google.protobuf.UInt32Value
+	8,  // 2: envoy.config.core.v3.TcpKeepalive.keepalive_time:type_name -> google.protobuf.UInt32Value
+	8,  // 3: envoy.config.core.v3.TcpKeepalive.keepalive_interval:type_name -> google.protobuf.UInt32Value
+	3,  // 4: envoy.config.core.v3.BindConfig.source_address:type_name -> envoy.config.core.v3.SocketAddress
+	9,  // 5: envoy.config.core.v3.BindConfig.freebind:type_name -> google.protobuf.BoolValue
+	10, // 6: envoy.config.core.v3.BindConfig.socket_options:type_name -> envoy.config.core.v3.SocketOption
+	3,  // 7: envoy.config.core.v3.Address.socket_address:type_name -> envoy.config.core.v3.SocketAddress
+	1,  // 8: envoy.config.core.v3.Address.pipe:type_name -> envoy.config.core.v3.Pipe
+	2,  // 9: envoy.config.core.v3.Address.envoy_internal_address:type_name -> envoy.config.core.v3.EnvoyInternalAddress
+	8,  // 10: envoy.config.core.v3.CidrRange.prefix_len:type_name -> google.protobuf.UInt32Value
+	11, // [11:11] is the sub-list for method output_type
+	11, // [11:11] is the sub-list for method input_type
+	11, // [11:11] is the sub-list for extension type_name
+	11, // [11:11] is the sub-list for extension extendee
+	0,  // [0:11] is the sub-list for field type_name
+}
+
+func init() { file_envoy_config_core_v3_address_proto_init() }
+func file_envoy_config_core_v3_address_proto_init() {
+	if File_envoy_config_core_v3_address_proto != nil {
+		return
+	}
+	file_envoy_config_core_v3_socket_option_proto_init()
+	if !protoimpl.UnsafeEnabled {
+		file_envoy_config_core_v3_address_proto_msgTypes[0].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*Pipe); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_config_core_v3_address_proto_msgTypes[1].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*EnvoyInternalAddress); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_config_core_v3_address_proto_msgTypes[2].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*SocketAddress); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_config_core_v3_address_proto_msgTypes[3].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*TcpKeepalive); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_config_core_v3_address_proto_msgTypes[4].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*BindConfig); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_config_core_v3_address_proto_msgTypes[5].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*Address); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_config_core_v3_address_proto_msgTypes[6].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*CidrRange); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+	}
+	file_envoy_config_core_v3_address_proto_msgTypes[1].OneofWrappers = []interface{}{
+		(*EnvoyInternalAddress_ServerListenerName)(nil),
+	}
+	file_envoy_config_core_v3_address_proto_msgTypes[2].OneofWrappers = []interface{}{
+		(*SocketAddress_PortValue)(nil),
+		(*SocketAddress_NamedPort)(nil),
+	}
+	file_envoy_config_core_v3_address_proto_msgTypes[5].OneofWrappers = []interface{}{
+		(*Address_SocketAddress)(nil),
+		(*Address_Pipe)(nil),
+		(*Address_EnvoyInternalAddress)(nil),
+	}
+	type x struct{}
+	out := protoimpl.TypeBuilder{
+		File: protoimpl.DescBuilder{
+			GoPackagePath: reflect.TypeOf(x{}).PkgPath(),
+			RawDescriptor: file_envoy_config_core_v3_address_proto_rawDesc,
+			NumEnums:      1,
+			NumMessages:   7,
+			NumExtensions: 0,
+			NumServices:   0,
+		},
+		GoTypes:           file_envoy_config_core_v3_address_proto_goTypes,
+		DependencyIndexes: file_envoy_config_core_v3_address_proto_depIdxs,
+		EnumInfos:         file_envoy_config_core_v3_address_proto_enumTypes,
+		MessageInfos:      file_envoy_config_core_v3_address_proto_msgTypes,
+	}.Build()
+	File_envoy_config_core_v3_address_proto = out.File
+	file_envoy_config_core_v3_address_proto_rawDesc = nil
+	file_envoy_config_core_v3_address_proto_goTypes = nil
+	file_envoy_config_core_v3_address_proto_depIdxs = nil
+}
diff --git a/vendor/github.com/envoyproxy/go-control-plane/envoy/config/core/v3/address.pb.validate.go b/vendor/github.com/envoyproxy/go-control-plane/envoy/config/core/v3/address.pb.validate.go
new file mode 100644
index 00000000000..341349f84a3
--- /dev/null
+++ b/vendor/github.com/envoyproxy/go-control-plane/envoy/config/core/v3/address.pb.validate.go
@@ -0,0 +1,1142 @@
+// Code generated by protoc-gen-validate. DO NOT EDIT.
+// source: envoy/config/core/v3/address.proto
+
+package envoy_config_core_v3
+
+import (
+	"bytes"
+	"errors"
+	"fmt"
+	"net"
+	"net/mail"
+	"net/url"
+	"regexp"
+	"sort"
+	"strings"
+	"time"
+	"unicode/utf8"
+
+	"google.golang.org/protobuf/types/known/anypb"
+)
+
+// ensure the imports are used
+var (
+	_ = bytes.MinRead
+	_ = errors.New("")
+	_ = fmt.Print
+	_ = utf8.UTFMax
+	_ = (*regexp.Regexp)(nil)
+	_ = (*strings.Reader)(nil)
+	_ = net.IPv4len
+	_ = time.Duration(0)
+	_ = (*url.URL)(nil)
+	_ = (*mail.Address)(nil)
+	_ = anypb.Any{}
+	_ = sort.Sort
+)
+
+// Validate checks the field values on Pipe with the rules defined in the proto
+// definition for this message. If any rules are violated, the first error
+// encountered is returned, or nil if there are no violations.
+func (m *Pipe) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on Pipe with the rules defined in the
+// proto definition for this message. If any rules are violated, the result is
+// a list of violation errors wrapped in PipeMultiError, or nil if none found.
+func (m *Pipe) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *Pipe) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	if utf8.RuneCountInString(m.GetPath()) < 1 {
+		err := PipeValidationError{
+			field:  "Path",
+			reason: "value length must be at least 1 runes",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+	}
+
+	if m.GetMode() > 511 {
+		err := PipeValidationError{
+			field:  "Mode",
+			reason: "value must be less than or equal to 511",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+	}
+
+	if len(errors) > 0 {
+		return PipeMultiError(errors)
+	}
+	return nil
+}
+
+// PipeMultiError is an error wrapping multiple validation errors returned by
+// Pipe.ValidateAll() if the designated constraints aren't met.
+type PipeMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m PipeMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m PipeMultiError) AllErrors() []error { return m }
+
+// PipeValidationError is the validation error returned by Pipe.Validate if the
+// designated constraints aren't met.
+type PipeValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e PipeValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e PipeValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e PipeValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e PipeValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e PipeValidationError) ErrorName() string { return "PipeValidationError" }
+
+// Error satisfies the builtin error interface
+func (e PipeValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sPipe.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = PipeValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = PipeValidationError{}
+
+// Validate checks the field values on EnvoyInternalAddress with the rules
+// defined in the proto definition for this message. If any rules are
+// violated, the first error encountered is returned, or nil if there are no violations.
+func (m *EnvoyInternalAddress) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on EnvoyInternalAddress with the rules
+// defined in the proto definition for this message. If any rules are
+// violated, the result is a list of violation errors wrapped in
+// EnvoyInternalAddressMultiError, or nil if none found.
+func (m *EnvoyInternalAddress) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *EnvoyInternalAddress) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	switch m.AddressNameSpecifier.(type) {
+
+	case *EnvoyInternalAddress_ServerListenerName:
+		// no validation rules for ServerListenerName
+
+	default:
+		err := EnvoyInternalAddressValidationError{
+			field:  "AddressNameSpecifier",
+			reason: "value is required",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+
+	}
+
+	if len(errors) > 0 {
+		return EnvoyInternalAddressMultiError(errors)
+	}
+	return nil
+}
+
+// EnvoyInternalAddressMultiError is an error wrapping multiple validation
+// errors returned by EnvoyInternalAddress.ValidateAll() if the designated
+// constraints aren't met.
+type EnvoyInternalAddressMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m EnvoyInternalAddressMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m EnvoyInternalAddressMultiError) AllErrors() []error { return m }
+
+// EnvoyInternalAddressValidationError is the validation error returned by
+// EnvoyInternalAddress.Validate if the designated constraints aren't met.
+type EnvoyInternalAddressValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e EnvoyInternalAddressValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e EnvoyInternalAddressValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e EnvoyInternalAddressValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e EnvoyInternalAddressValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e EnvoyInternalAddressValidationError) ErrorName() string {
+	return "EnvoyInternalAddressValidationError"
+}
+
+// Error satisfies the builtin error interface
+func (e EnvoyInternalAddressValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sEnvoyInternalAddress.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = EnvoyInternalAddressValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = EnvoyInternalAddressValidationError{}
+
+// Validate checks the field values on SocketAddress with the rules defined in
+// the proto definition for this message. If any rules are violated, the first
+// error encountered is returned, or nil if there are no violations.
+func (m *SocketAddress) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on SocketAddress with the rules defined
+// in the proto definition for this message. If any rules are violated, the
+// result is a list of violation errors wrapped in SocketAddressMultiError, or
+// nil if none found.
+func (m *SocketAddress) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *SocketAddress) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	if _, ok := SocketAddress_Protocol_name[int32(m.GetProtocol())]; !ok {
+		err := SocketAddressValidationError{
+			field:  "Protocol",
+			reason: "value must be one of the defined enum values",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+	}
+
+	if utf8.RuneCountInString(m.GetAddress()) < 1 {
+		err := SocketAddressValidationError{
+			field:  "Address",
+			reason: "value length must be at least 1 runes",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+	}
+
+	// no validation rules for ResolverName
+
+	// no validation rules for Ipv4Compat
+
+	switch m.PortSpecifier.(type) {
+
+	case *SocketAddress_PortValue:
+
+		if m.GetPortValue() > 65535 {
+			err := SocketAddressValidationError{
+				field:  "PortValue",
+				reason: "value must be less than or equal to 65535",
+			}
+			if !all {
+				return err
+			}
+			errors = append(errors, err)
+		}
+
+	case *SocketAddress_NamedPort:
+		// no validation rules for NamedPort
+
+	default:
+		err := SocketAddressValidationError{
+			field:  "PortSpecifier",
+			reason: "value is required",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+
+	}
+
+	if len(errors) > 0 {
+		return SocketAddressMultiError(errors)
+	}
+	return nil
+}
+
+// SocketAddressMultiError is an error wrapping multiple validation errors
+// returned by SocketAddress.ValidateAll() if the designated constraints
+// aren't met.
+type SocketAddressMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m SocketAddressMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m SocketAddressMultiError) AllErrors() []error { return m }
+
+// SocketAddressValidationError is the validation error returned by
+// SocketAddress.Validate if the designated constraints aren't met.
+type SocketAddressValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e SocketAddressValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e SocketAddressValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e SocketAddressValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e SocketAddressValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e SocketAddressValidationError) ErrorName() string { return "SocketAddressValidationError" }
+
+// Error satisfies the builtin error interface
+func (e SocketAddressValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sSocketAddress.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = SocketAddressValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = SocketAddressValidationError{}
+
+// Validate checks the field values on TcpKeepalive with the rules defined in
+// the proto definition for this message. If any rules are violated, the first
+// error encountered is returned, or nil if there are no violations.
+func (m *TcpKeepalive) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on TcpKeepalive with the rules defined
+// in the proto definition for this message. If any rules are violated, the
+// result is a list of violation errors wrapped in TcpKeepaliveMultiError, or
+// nil if none found.
+func (m *TcpKeepalive) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *TcpKeepalive) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	if all {
+		switch v := interface{}(m.GetKeepaliveProbes()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, TcpKeepaliveValidationError{
+					field:  "KeepaliveProbes",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, TcpKeepaliveValidationError{
+					field:  "KeepaliveProbes",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetKeepaliveProbes()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return TcpKeepaliveValidationError{
+				field:  "KeepaliveProbes",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if all {
+		switch v := interface{}(m.GetKeepaliveTime()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, TcpKeepaliveValidationError{
+					field:  "KeepaliveTime",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, TcpKeepaliveValidationError{
+					field:  "KeepaliveTime",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetKeepaliveTime()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return TcpKeepaliveValidationError{
+				field:  "KeepaliveTime",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if all {
+		switch v := interface{}(m.GetKeepaliveInterval()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, TcpKeepaliveValidationError{
+					field:  "KeepaliveInterval",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, TcpKeepaliveValidationError{
+					field:  "KeepaliveInterval",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetKeepaliveInterval()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return TcpKeepaliveValidationError{
+				field:  "KeepaliveInterval",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if len(errors) > 0 {
+		return TcpKeepaliveMultiError(errors)
+	}
+	return nil
+}
+
+// TcpKeepaliveMultiError is an error wrapping multiple validation errors
+// returned by TcpKeepalive.ValidateAll() if the designated constraints aren't met.
+type TcpKeepaliveMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m TcpKeepaliveMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m TcpKeepaliveMultiError) AllErrors() []error { return m }
+
+// TcpKeepaliveValidationError is the validation error returned by
+// TcpKeepalive.Validate if the designated constraints aren't met.
+type TcpKeepaliveValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e TcpKeepaliveValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e TcpKeepaliveValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e TcpKeepaliveValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e TcpKeepaliveValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e TcpKeepaliveValidationError) ErrorName() string { return "TcpKeepaliveValidationError" }
+
+// Error satisfies the builtin error interface
+func (e TcpKeepaliveValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sTcpKeepalive.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = TcpKeepaliveValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = TcpKeepaliveValidationError{}
+
+// Validate checks the field values on BindConfig with the rules defined in the
+// proto definition for this message. If any rules are violated, the first
+// error encountered is returned, or nil if there are no violations.
+func (m *BindConfig) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on BindConfig with the rules defined in
+// the proto definition for this message. If any rules are violated, the
+// result is a list of violation errors wrapped in BindConfigMultiError, or
+// nil if none found.
+func (m *BindConfig) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *BindConfig) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	if m.GetSourceAddress() == nil {
+		err := BindConfigValidationError{
+			field:  "SourceAddress",
+			reason: "value is required",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+	}
+
+	if all {
+		switch v := interface{}(m.GetSourceAddress()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, BindConfigValidationError{
+					field:  "SourceAddress",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, BindConfigValidationError{
+					field:  "SourceAddress",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetSourceAddress()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return BindConfigValidationError{
+				field:  "SourceAddress",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if all {
+		switch v := interface{}(m.GetFreebind()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, BindConfigValidationError{
+					field:  "Freebind",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, BindConfigValidationError{
+					field:  "Freebind",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetFreebind()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return BindConfigValidationError{
+				field:  "Freebind",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	for idx, item := range m.GetSocketOptions() {
+		_, _ = idx, item
+
+		if all {
+			switch v := interface{}(item).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, BindConfigValidationError{
+						field:  fmt.Sprintf("SocketOptions[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, BindConfigValidationError{
+						field:  fmt.Sprintf("SocketOptions[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(item).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return BindConfigValidationError{
+					field:  fmt.Sprintf("SocketOptions[%v]", idx),
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	}
+
+	if len(errors) > 0 {
+		return BindConfigMultiError(errors)
+	}
+	return nil
+}
+
+// BindConfigMultiError is an error wrapping multiple validation errors
+// returned by BindConfig.ValidateAll() if the designated constraints aren't met.
+type BindConfigMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m BindConfigMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m BindConfigMultiError) AllErrors() []error { return m }
+
+// BindConfigValidationError is the validation error returned by
+// BindConfig.Validate if the designated constraints aren't met.
+type BindConfigValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e BindConfigValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e BindConfigValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e BindConfigValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e BindConfigValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e BindConfigValidationError) ErrorName() string { return "BindConfigValidationError" }
+
+// Error satisfies the builtin error interface
+func (e BindConfigValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sBindConfig.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = BindConfigValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = BindConfigValidationError{}
+
+// Validate checks the field values on Address with the rules defined in the
+// proto definition for this message. If any rules are violated, the first
+// error encountered is returned, or nil if there are no violations.
+func (m *Address) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on Address with the rules defined in the
+// proto definition for this message. If any rules are violated, the result is
+// a list of violation errors wrapped in AddressMultiError, or nil if none found.
+func (m *Address) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *Address) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	switch m.Address.(type) {
+
+	case *Address_SocketAddress:
+
+		if all {
+			switch v := interface{}(m.GetSocketAddress()).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, AddressValidationError{
+						field:  "SocketAddress",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, AddressValidationError{
+						field:  "SocketAddress",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(m.GetSocketAddress()).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return AddressValidationError{
+					field:  "SocketAddress",
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	case *Address_Pipe:
+
+		if all {
+			switch v := interface{}(m.GetPipe()).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, AddressValidationError{
+						field:  "Pipe",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, AddressValidationError{
+						field:  "Pipe",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(m.GetPipe()).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return AddressValidationError{
+					field:  "Pipe",
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	case *Address_EnvoyInternalAddress:
+
+		if all {
+			switch v := interface{}(m.GetEnvoyInternalAddress()).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, AddressValidationError{
+						field:  "EnvoyInternalAddress",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, AddressValidationError{
+						field:  "EnvoyInternalAddress",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(m.GetEnvoyInternalAddress()).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return AddressValidationError{
+					field:  "EnvoyInternalAddress",
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	default:
+		err := AddressValidationError{
+			field:  "Address",
+			reason: "value is required",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+
+	}
+
+	if len(errors) > 0 {
+		return AddressMultiError(errors)
+	}
+	return nil
+}
+
+// AddressMultiError is an error wrapping multiple validation errors returned
+// by Address.ValidateAll() if the designated constraints aren't met.
+type AddressMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m AddressMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m AddressMultiError) AllErrors() []error { return m }
+
+// AddressValidationError is the validation error returned by Address.Validate
+// if the designated constraints aren't met.
+type AddressValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e AddressValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e AddressValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e AddressValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e AddressValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e AddressValidationError) ErrorName() string { return "AddressValidationError" }
+
+// Error satisfies the builtin error interface
+func (e AddressValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sAddress.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = AddressValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = AddressValidationError{}
+
+// Validate checks the field values on CidrRange with the rules defined in the
+// proto definition for this message. If any rules are violated, the first
+// error encountered is returned, or nil if there are no violations.
+func (m *CidrRange) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on CidrRange with the rules defined in
+// the proto definition for this message. If any rules are violated, the
+// result is a list of violation errors wrapped in CidrRangeMultiError, or nil
+// if none found.
+func (m *CidrRange) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *CidrRange) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	if utf8.RuneCountInString(m.GetAddressPrefix()) < 1 {
+		err := CidrRangeValidationError{
+			field:  "AddressPrefix",
+			reason: "value length must be at least 1 runes",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+	}
+
+	if wrapper := m.GetPrefixLen(); wrapper != nil {
+
+		if wrapper.GetValue() > 128 {
+			err := CidrRangeValidationError{
+				field:  "PrefixLen",
+				reason: "value must be less than or equal to 128",
+			}
+			if !all {
+				return err
+			}
+			errors = append(errors, err)
+		}
+
+	}
+
+	if len(errors) > 0 {
+		return CidrRangeMultiError(errors)
+	}
+	return nil
+}
+
+// CidrRangeMultiError is an error wrapping multiple validation errors returned
+// by CidrRange.ValidateAll() if the designated constraints aren't met.
+type CidrRangeMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m CidrRangeMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m CidrRangeMultiError) AllErrors() []error { return m }
+
+// CidrRangeValidationError is the validation error returned by
+// CidrRange.Validate if the designated constraints aren't met.
+type CidrRangeValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e CidrRangeValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e CidrRangeValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e CidrRangeValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e CidrRangeValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e CidrRangeValidationError) ErrorName() string { return "CidrRangeValidationError" }
+
+// Error satisfies the builtin error interface
+func (e CidrRangeValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sCidrRange.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = CidrRangeValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = CidrRangeValidationError{}
diff --git a/vendor/github.com/envoyproxy/go-control-plane/envoy/config/core/v3/backoff.pb.go b/vendor/github.com/envoyproxy/go-control-plane/envoy/config/core/v3/backoff.pb.go
new file mode 100644
index 00000000000..338dc6717ff
--- /dev/null
+++ b/vendor/github.com/envoyproxy/go-control-plane/envoy/config/core/v3/backoff.pb.go
@@ -0,0 +1,194 @@
+// Code generated by protoc-gen-go. DO NOT EDIT.
+// versions:
+// 	protoc-gen-go v1.25.0
+// 	protoc        v3.19.1
+// source: envoy/config/core/v3/backoff.proto
+
+package envoy_config_core_v3
+
+import (
+	_ "github.com/cncf/xds/go/udpa/annotations"
+	_ "github.com/envoyproxy/protoc-gen-validate/validate"
+	proto "github.com/golang/protobuf/proto"
+	duration "github.com/golang/protobuf/ptypes/duration"
+	protoreflect "google.golang.org/protobuf/reflect/protoreflect"
+	protoimpl "google.golang.org/protobuf/runtime/protoimpl"
+	reflect "reflect"
+	sync "sync"
+)
+
+const (
+	// Verify that this generated code is sufficiently up-to-date.
+	_ = protoimpl.EnforceVersion(20 - protoimpl.MinVersion)
+	// Verify that runtime/protoimpl is sufficiently up-to-date.
+	_ = protoimpl.EnforceVersion(protoimpl.MaxVersion - 20)
+)
+
+// This is a compile-time assertion that a sufficiently up-to-date version
+// of the legacy proto package is being used.
+const _ = proto.ProtoPackageIsVersion4
+
+// Configuration defining a jittered exponential back off strategy.
+type BackoffStrategy struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// The base interval to be used for the next back off computation. It should
+	// be greater than zero and less than or equal to :ref:`max_interval
+	// <envoy_v3_api_field_config.core.v3.BackoffStrategy.max_interval>`.
+	BaseInterval *duration.Duration `protobuf:"bytes,1,opt,name=base_interval,json=baseInterval,proto3" json:"base_interval,omitempty"`
+	// Specifies the maximum interval between retries. This parameter is optional,
+	// but must be greater than or equal to the :ref:`base_interval
+	// <envoy_v3_api_field_config.core.v3.BackoffStrategy.base_interval>` if set. The default
+	// is 10 times the :ref:`base_interval
+	// <envoy_v3_api_field_config.core.v3.BackoffStrategy.base_interval>`.
+	MaxInterval *duration.Duration `protobuf:"bytes,2,opt,name=max_interval,json=maxInterval,proto3" json:"max_interval,omitempty"`
+}
+
+func (x *BackoffStrategy) Reset() {
+	*x = BackoffStrategy{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_config_core_v3_backoff_proto_msgTypes[0]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *BackoffStrategy) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*BackoffStrategy) ProtoMessage() {}
+
+func (x *BackoffStrategy) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_config_core_v3_backoff_proto_msgTypes[0]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use BackoffStrategy.ProtoReflect.Descriptor instead.
+func (*BackoffStrategy) Descriptor() ([]byte, []int) {
+	return file_envoy_config_core_v3_backoff_proto_rawDescGZIP(), []int{0}
+}
+
+func (x *BackoffStrategy) GetBaseInterval() *duration.Duration {
+	if x != nil {
+		return x.BaseInterval
+	}
+	return nil
+}
+
+func (x *BackoffStrategy) GetMaxInterval() *duration.Duration {
+	if x != nil {
+		return x.MaxInterval
+	}
+	return nil
+}
+
+var File_envoy_config_core_v3_backoff_proto protoreflect.FileDescriptor
+
+var file_envoy_config_core_v3_backoff_proto_rawDesc = []byte{
+	0x0a, 0x22, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2f, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2f, 0x63,
+	0x6f, 0x72, 0x65, 0x2f, 0x76, 0x33, 0x2f, 0x62, 0x61, 0x63, 0x6b, 0x6f, 0x66, 0x66, 0x2e, 0x70,
+	0x72, 0x6f, 0x74, 0x6f, 0x12, 0x14, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66,
+	0x69, 0x67, 0x2e, 0x63, 0x6f, 0x72, 0x65, 0x2e, 0x76, 0x33, 0x1a, 0x1e, 0x67, 0x6f, 0x6f, 0x67,
+	0x6c, 0x65, 0x2f, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2f, 0x64, 0x75, 0x72, 0x61,
+	0x74, 0x69, 0x6f, 0x6e, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x1d, 0x75, 0x64, 0x70, 0x61,
+	0x2f, 0x61, 0x6e, 0x6e, 0x6f, 0x74, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x2f, 0x73, 0x74, 0x61,
+	0x74, 0x75, 0x73, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x21, 0x75, 0x64, 0x70, 0x61, 0x2f,
+	0x61, 0x6e, 0x6e, 0x6f, 0x74, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x2f, 0x76, 0x65, 0x72, 0x73,
+	0x69, 0x6f, 0x6e, 0x69, 0x6e, 0x67, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x17, 0x76, 0x61,
+	0x6c, 0x69, 0x64, 0x61, 0x74, 0x65, 0x2f, 0x76, 0x61, 0x6c, 0x69, 0x64, 0x61, 0x74, 0x65, 0x2e,
+	0x70, 0x72, 0x6f, 0x74, 0x6f, 0x22, 0xd3, 0x01, 0x0a, 0x0f, 0x42, 0x61, 0x63, 0x6b, 0x6f, 0x66,
+	0x66, 0x53, 0x74, 0x72, 0x61, 0x74, 0x65, 0x67, 0x79, 0x12, 0x4e, 0x0a, 0x0d, 0x62, 0x61, 0x73,
+	0x65, 0x5f, 0x69, 0x6e, 0x74, 0x65, 0x72, 0x76, 0x61, 0x6c, 0x18, 0x01, 0x20, 0x01, 0x28, 0x0b,
+	0x32, 0x19, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62,
+	0x75, 0x66, 0x2e, 0x44, 0x75, 0x72, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x42, 0x0e, 0xfa, 0x42, 0x0b,
+	0xaa, 0x01, 0x08, 0x08, 0x01, 0x32, 0x04, 0x10, 0xc0, 0x84, 0x3d, 0x52, 0x0c, 0x62, 0x61, 0x73,
+	0x65, 0x49, 0x6e, 0x74, 0x65, 0x72, 0x76, 0x61, 0x6c, 0x12, 0x46, 0x0a, 0x0c, 0x6d, 0x61, 0x78,
+	0x5f, 0x69, 0x6e, 0x74, 0x65, 0x72, 0x76, 0x61, 0x6c, 0x18, 0x02, 0x20, 0x01, 0x28, 0x0b, 0x32,
+	0x19, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75,
+	0x66, 0x2e, 0x44, 0x75, 0x72, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x42, 0x08, 0xfa, 0x42, 0x05, 0xaa,
+	0x01, 0x02, 0x2a, 0x00, 0x52, 0x0b, 0x6d, 0x61, 0x78, 0x49, 0x6e, 0x74, 0x65, 0x72, 0x76, 0x61,
+	0x6c, 0x3a, 0x28, 0x9a, 0xc5, 0x88, 0x1e, 0x23, 0x0a, 0x21, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e,
+	0x61, 0x70, 0x69, 0x2e, 0x76, 0x32, 0x2e, 0x63, 0x6f, 0x72, 0x65, 0x2e, 0x42, 0x61, 0x63, 0x6b,
+	0x6f, 0x66, 0x66, 0x53, 0x74, 0x72, 0x61, 0x74, 0x65, 0x67, 0x79, 0x42, 0x3c, 0x0a, 0x22, 0x69,
+	0x6f, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x70, 0x72, 0x6f, 0x78, 0x79, 0x2e, 0x65, 0x6e, 0x76,
+	0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x63, 0x6f, 0x72, 0x65, 0x2e, 0x76,
+	0x33, 0x42, 0x0c, 0x42, 0x61, 0x63, 0x6b, 0x6f, 0x66, 0x66, 0x50, 0x72, 0x6f, 0x74, 0x6f, 0x50,
+	0x01, 0xba, 0x80, 0xc8, 0xd1, 0x06, 0x02, 0x10, 0x02, 0x62, 0x06, 0x70, 0x72, 0x6f, 0x74, 0x6f,
+	0x33,
+}
+
+var (
+	file_envoy_config_core_v3_backoff_proto_rawDescOnce sync.Once
+	file_envoy_config_core_v3_backoff_proto_rawDescData = file_envoy_config_core_v3_backoff_proto_rawDesc
+)
+
+func file_envoy_config_core_v3_backoff_proto_rawDescGZIP() []byte {
+	file_envoy_config_core_v3_backoff_proto_rawDescOnce.Do(func() {
+		file_envoy_config_core_v3_backoff_proto_rawDescData = protoimpl.X.CompressGZIP(file_envoy_config_core_v3_backoff_proto_rawDescData)
+	})
+	return file_envoy_config_core_v3_backoff_proto_rawDescData
+}
+
+var file_envoy_config_core_v3_backoff_proto_msgTypes = make([]protoimpl.MessageInfo, 1)
+var file_envoy_config_core_v3_backoff_proto_goTypes = []interface{}{
+	(*BackoffStrategy)(nil),   // 0: envoy.config.core.v3.BackoffStrategy
+	(*duration.Duration)(nil), // 1: google.protobuf.Duration
+}
+var file_envoy_config_core_v3_backoff_proto_depIdxs = []int32{
+	1, // 0: envoy.config.core.v3.BackoffStrategy.base_interval:type_name -> google.protobuf.Duration
+	1, // 1: envoy.config.core.v3.BackoffStrategy.max_interval:type_name -> google.protobuf.Duration
+	2, // [2:2] is the sub-list for method output_type
+	2, // [2:2] is the sub-list for method input_type
+	2, // [2:2] is the sub-list for extension type_name
+	2, // [2:2] is the sub-list for extension extendee
+	0, // [0:2] is the sub-list for field type_name
+}
+
+func init() { file_envoy_config_core_v3_backoff_proto_init() }
+func file_envoy_config_core_v3_backoff_proto_init() {
+	if File_envoy_config_core_v3_backoff_proto != nil {
+		return
+	}
+	if !protoimpl.UnsafeEnabled {
+		file_envoy_config_core_v3_backoff_proto_msgTypes[0].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*BackoffStrategy); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+	}
+	type x struct{}
+	out := protoimpl.TypeBuilder{
+		File: protoimpl.DescBuilder{
+			GoPackagePath: reflect.TypeOf(x{}).PkgPath(),
+			RawDescriptor: file_envoy_config_core_v3_backoff_proto_rawDesc,
+			NumEnums:      0,
+			NumMessages:   1,
+			NumExtensions: 0,
+			NumServices:   0,
+		},
+		GoTypes:           file_envoy_config_core_v3_backoff_proto_goTypes,
+		DependencyIndexes: file_envoy_config_core_v3_backoff_proto_depIdxs,
+		MessageInfos:      file_envoy_config_core_v3_backoff_proto_msgTypes,
+	}.Build()
+	File_envoy_config_core_v3_backoff_proto = out.File
+	file_envoy_config_core_v3_backoff_proto_rawDesc = nil
+	file_envoy_config_core_v3_backoff_proto_goTypes = nil
+	file_envoy_config_core_v3_backoff_proto_depIdxs = nil
+}
diff --git a/vendor/github.com/envoyproxy/go-control-plane/envoy/config/core/v3/backoff.pb.validate.go b/vendor/github.com/envoyproxy/go-control-plane/envoy/config/core/v3/backoff.pb.validate.go
new file mode 100644
index 00000000000..b78be34bf7c
--- /dev/null
+++ b/vendor/github.com/envoyproxy/go-control-plane/envoy/config/core/v3/backoff.pb.validate.go
@@ -0,0 +1,206 @@
+// Code generated by protoc-gen-validate. DO NOT EDIT.
+// source: envoy/config/core/v3/backoff.proto
+
+package envoy_config_core_v3
+
+import (
+	"bytes"
+	"errors"
+	"fmt"
+	"net"
+	"net/mail"
+	"net/url"
+	"regexp"
+	"sort"
+	"strings"
+	"time"
+	"unicode/utf8"
+
+	"google.golang.org/protobuf/types/known/anypb"
+)
+
+// ensure the imports are used
+var (
+	_ = bytes.MinRead
+	_ = errors.New("")
+	_ = fmt.Print
+	_ = utf8.UTFMax
+	_ = (*regexp.Regexp)(nil)
+	_ = (*strings.Reader)(nil)
+	_ = net.IPv4len
+	_ = time.Duration(0)
+	_ = (*url.URL)(nil)
+	_ = (*mail.Address)(nil)
+	_ = anypb.Any{}
+	_ = sort.Sort
+)
+
+// Validate checks the field values on BackoffStrategy with the rules defined
+// in the proto definition for this message. If any rules are violated, the
+// first error encountered is returned, or nil if there are no violations.
+func (m *BackoffStrategy) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on BackoffStrategy with the rules
+// defined in the proto definition for this message. If any rules are
+// violated, the result is a list of violation errors wrapped in
+// BackoffStrategyMultiError, or nil if none found.
+func (m *BackoffStrategy) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *BackoffStrategy) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	if m.GetBaseInterval() == nil {
+		err := BackoffStrategyValidationError{
+			field:  "BaseInterval",
+			reason: "value is required",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+	}
+
+	if d := m.GetBaseInterval(); d != nil {
+		dur, err := d.AsDuration(), d.CheckValid()
+		if err != nil {
+			err = BackoffStrategyValidationError{
+				field:  "BaseInterval",
+				reason: "value is not a valid duration",
+				cause:  err,
+			}
+			if !all {
+				return err
+			}
+			errors = append(errors, err)
+		} else {
+
+			gte := time.Duration(0*time.Second + 1000000*time.Nanosecond)
+
+			if dur < gte {
+				err := BackoffStrategyValidationError{
+					field:  "BaseInterval",
+					reason: "value must be greater than or equal to 1ms",
+				}
+				if !all {
+					return err
+				}
+				errors = append(errors, err)
+			}
+
+		}
+	}
+
+	if d := m.GetMaxInterval(); d != nil {
+		dur, err := d.AsDuration(), d.CheckValid()
+		if err != nil {
+			err = BackoffStrategyValidationError{
+				field:  "MaxInterval",
+				reason: "value is not a valid duration",
+				cause:  err,
+			}
+			if !all {
+				return err
+			}
+			errors = append(errors, err)
+		} else {
+
+			gt := time.Duration(0*time.Second + 0*time.Nanosecond)
+
+			if dur <= gt {
+				err := BackoffStrategyValidationError{
+					field:  "MaxInterval",
+					reason: "value must be greater than 0s",
+				}
+				if !all {
+					return err
+				}
+				errors = append(errors, err)
+			}
+
+		}
+	}
+
+	if len(errors) > 0 {
+		return BackoffStrategyMultiError(errors)
+	}
+	return nil
+}
+
+// BackoffStrategyMultiError is an error wrapping multiple validation errors
+// returned by BackoffStrategy.ValidateAll() if the designated constraints
+// aren't met.
+type BackoffStrategyMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m BackoffStrategyMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m BackoffStrategyMultiError) AllErrors() []error { return m }
+
+// BackoffStrategyValidationError is the validation error returned by
+// BackoffStrategy.Validate if the designated constraints aren't met.
+type BackoffStrategyValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e BackoffStrategyValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e BackoffStrategyValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e BackoffStrategyValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e BackoffStrategyValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e BackoffStrategyValidationError) ErrorName() string { return "BackoffStrategyValidationError" }
+
+// Error satisfies the builtin error interface
+func (e BackoffStrategyValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sBackoffStrategy.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = BackoffStrategyValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = BackoffStrategyValidationError{}
diff --git a/vendor/github.com/envoyproxy/go-control-plane/envoy/config/core/v3/base.pb.go b/vendor/github.com/envoyproxy/go-control-plane/envoy/config/core/v3/base.pb.go
new file mode 100644
index 00000000000..417501beb6f
--- /dev/null
+++ b/vendor/github.com/envoyproxy/go-control-plane/envoy/config/core/v3/base.pb.go
@@ -0,0 +1,2562 @@
+// Code generated by protoc-gen-go. DO NOT EDIT.
+// versions:
+// 	protoc-gen-go v1.25.0
+// 	protoc        v3.19.1
+// source: envoy/config/core/v3/base.proto
+
+package envoy_config_core_v3
+
+import (
+	_ "github.com/cncf/xds/go/udpa/annotations"
+	v31 "github.com/cncf/xds/go/xds/core/v3"
+	_ "github.com/envoyproxy/go-control-plane/envoy/annotations"
+	v3 "github.com/envoyproxy/go-control-plane/envoy/type/v3"
+	_ "github.com/envoyproxy/protoc-gen-validate/validate"
+	proto "github.com/golang/protobuf/proto"
+	any "github.com/golang/protobuf/ptypes/any"
+	_struct "github.com/golang/protobuf/ptypes/struct"
+	wrappers "github.com/golang/protobuf/ptypes/wrappers"
+	protoreflect "google.golang.org/protobuf/reflect/protoreflect"
+	protoimpl "google.golang.org/protobuf/runtime/protoimpl"
+	reflect "reflect"
+	sync "sync"
+)
+
+const (
+	// Verify that this generated code is sufficiently up-to-date.
+	_ = protoimpl.EnforceVersion(20 - protoimpl.MinVersion)
+	// Verify that runtime/protoimpl is sufficiently up-to-date.
+	_ = protoimpl.EnforceVersion(protoimpl.MaxVersion - 20)
+)
+
+// This is a compile-time assertion that a sufficiently up-to-date version
+// of the legacy proto package is being used.
+const _ = proto.ProtoPackageIsVersion4
+
+// Envoy supports :ref:`upstream priority routing
+// <arch_overview_http_routing_priority>` both at the route and the virtual
+// cluster level. The current priority implementation uses different connection
+// pool and circuit breaking settings for each priority level. This means that
+// even for HTTP/2 requests, two physical connections will be used to an
+// upstream host. In the future Envoy will likely support true HTTP/2 priority
+// over a single upstream connection.
+type RoutingPriority int32
+
+const (
+	RoutingPriority_DEFAULT RoutingPriority = 0
+	RoutingPriority_HIGH    RoutingPriority = 1
+)
+
+// Enum value maps for RoutingPriority.
+var (
+	RoutingPriority_name = map[int32]string{
+		0: "DEFAULT",
+		1: "HIGH",
+	}
+	RoutingPriority_value = map[string]int32{
+		"DEFAULT": 0,
+		"HIGH":    1,
+	}
+)
+
+func (x RoutingPriority) Enum() *RoutingPriority {
+	p := new(RoutingPriority)
+	*p = x
+	return p
+}
+
+func (x RoutingPriority) String() string {
+	return protoimpl.X.EnumStringOf(x.Descriptor(), protoreflect.EnumNumber(x))
+}
+
+func (RoutingPriority) Descriptor() protoreflect.EnumDescriptor {
+	return file_envoy_config_core_v3_base_proto_enumTypes[0].Descriptor()
+}
+
+func (RoutingPriority) Type() protoreflect.EnumType {
+	return &file_envoy_config_core_v3_base_proto_enumTypes[0]
+}
+
+func (x RoutingPriority) Number() protoreflect.EnumNumber {
+	return protoreflect.EnumNumber(x)
+}
+
+// Deprecated: Use RoutingPriority.Descriptor instead.
+func (RoutingPriority) EnumDescriptor() ([]byte, []int) {
+	return file_envoy_config_core_v3_base_proto_rawDescGZIP(), []int{0}
+}
+
+// HTTP request method.
+type RequestMethod int32
+
+const (
+	RequestMethod_METHOD_UNSPECIFIED RequestMethod = 0
+	RequestMethod_GET                RequestMethod = 1
+	RequestMethod_HEAD               RequestMethod = 2
+	RequestMethod_POST               RequestMethod = 3
+	RequestMethod_PUT                RequestMethod = 4
+	RequestMethod_DELETE             RequestMethod = 5
+	RequestMethod_CONNECT            RequestMethod = 6
+	RequestMethod_OPTIONS            RequestMethod = 7
+	RequestMethod_TRACE              RequestMethod = 8
+	RequestMethod_PATCH              RequestMethod = 9
+)
+
+// Enum value maps for RequestMethod.
+var (
+	RequestMethod_name = map[int32]string{
+		0: "METHOD_UNSPECIFIED",
+		1: "GET",
+		2: "HEAD",
+		3: "POST",
+		4: "PUT",
+		5: "DELETE",
+		6: "CONNECT",
+		7: "OPTIONS",
+		8: "TRACE",
+		9: "PATCH",
+	}
+	RequestMethod_value = map[string]int32{
+		"METHOD_UNSPECIFIED": 0,
+		"GET":                1,
+		"HEAD":               2,
+		"POST":               3,
+		"PUT":                4,
+		"DELETE":             5,
+		"CONNECT":            6,
+		"OPTIONS":            7,
+		"TRACE":              8,
+		"PATCH":              9,
+	}
+)
+
+func (x RequestMethod) Enum() *RequestMethod {
+	p := new(RequestMethod)
+	*p = x
+	return p
+}
+
+func (x RequestMethod) String() string {
+	return protoimpl.X.EnumStringOf(x.Descriptor(), protoreflect.EnumNumber(x))
+}
+
+func (RequestMethod) Descriptor() protoreflect.EnumDescriptor {
+	return file_envoy_config_core_v3_base_proto_enumTypes[1].Descriptor()
+}
+
+func (RequestMethod) Type() protoreflect.EnumType {
+	return &file_envoy_config_core_v3_base_proto_enumTypes[1]
+}
+
+func (x RequestMethod) Number() protoreflect.EnumNumber {
+	return protoreflect.EnumNumber(x)
+}
+
+// Deprecated: Use RequestMethod.Descriptor instead.
+func (RequestMethod) EnumDescriptor() ([]byte, []int) {
+	return file_envoy_config_core_v3_base_proto_rawDescGZIP(), []int{1}
+}
+
+// Identifies the direction of the traffic relative to the local Envoy.
+type TrafficDirection int32
+
+const (
+	// Default option is unspecified.
+	TrafficDirection_UNSPECIFIED TrafficDirection = 0
+	// The transport is used for incoming traffic.
+	TrafficDirection_INBOUND TrafficDirection = 1
+	// The transport is used for outgoing traffic.
+	TrafficDirection_OUTBOUND TrafficDirection = 2
+)
+
+// Enum value maps for TrafficDirection.
+var (
+	TrafficDirection_name = map[int32]string{
+		0: "UNSPECIFIED",
+		1: "INBOUND",
+		2: "OUTBOUND",
+	}
+	TrafficDirection_value = map[string]int32{
+		"UNSPECIFIED": 0,
+		"INBOUND":     1,
+		"OUTBOUND":    2,
+	}
+)
+
+func (x TrafficDirection) Enum() *TrafficDirection {
+	p := new(TrafficDirection)
+	*p = x
+	return p
+}
+
+func (x TrafficDirection) String() string {
+	return protoimpl.X.EnumStringOf(x.Descriptor(), protoreflect.EnumNumber(x))
+}
+
+func (TrafficDirection) Descriptor() protoreflect.EnumDescriptor {
+	return file_envoy_config_core_v3_base_proto_enumTypes[2].Descriptor()
+}
+
+func (TrafficDirection) Type() protoreflect.EnumType {
+	return &file_envoy_config_core_v3_base_proto_enumTypes[2]
+}
+
+func (x TrafficDirection) Number() protoreflect.EnumNumber {
+	return protoreflect.EnumNumber(x)
+}
+
+// Deprecated: Use TrafficDirection.Descriptor instead.
+func (TrafficDirection) EnumDescriptor() ([]byte, []int) {
+	return file_envoy_config_core_v3_base_proto_rawDescGZIP(), []int{2}
+}
+
+// Describes the supported actions types for header append action.
+type HeaderValueOption_HeaderAppendAction int32
+
+const (
+	// This action will append the specified value to the existing values if the header
+	// already exists. If the header doesn't exist then this will add the header with
+	// specified key and value.
+	HeaderValueOption_APPEND_IF_EXISTS_OR_ADD HeaderValueOption_HeaderAppendAction = 0
+	// This action will add the header if it doesn't already exist. If the header
+	// already exists then this will be a no-op.
+	HeaderValueOption_ADD_IF_ABSENT HeaderValueOption_HeaderAppendAction = 1
+	// This action will overwrite the specified value by discarding any existing values if
+	// the header already exists. If the header doesn't exist then this will add the header
+	// with specified key and value.
+	HeaderValueOption_OVERWRITE_IF_EXISTS_OR_ADD HeaderValueOption_HeaderAppendAction = 2
+)
+
+// Enum value maps for HeaderValueOption_HeaderAppendAction.
+var (
+	HeaderValueOption_HeaderAppendAction_name = map[int32]string{
+		0: "APPEND_IF_EXISTS_OR_ADD",
+		1: "ADD_IF_ABSENT",
+		2: "OVERWRITE_IF_EXISTS_OR_ADD",
+	}
+	HeaderValueOption_HeaderAppendAction_value = map[string]int32{
+		"APPEND_IF_EXISTS_OR_ADD":    0,
+		"ADD_IF_ABSENT":              1,
+		"OVERWRITE_IF_EXISTS_OR_ADD": 2,
+	}
+)
+
+func (x HeaderValueOption_HeaderAppendAction) Enum() *HeaderValueOption_HeaderAppendAction {
+	p := new(HeaderValueOption_HeaderAppendAction)
+	*p = x
+	return p
+}
+
+func (x HeaderValueOption_HeaderAppendAction) String() string {
+	return protoimpl.X.EnumStringOf(x.Descriptor(), protoreflect.EnumNumber(x))
+}
+
+func (HeaderValueOption_HeaderAppendAction) Descriptor() protoreflect.EnumDescriptor {
+	return file_envoy_config_core_v3_base_proto_enumTypes[3].Descriptor()
+}
+
+func (HeaderValueOption_HeaderAppendAction) Type() protoreflect.EnumType {
+	return &file_envoy_config_core_v3_base_proto_enumTypes[3]
+}
+
+func (x HeaderValueOption_HeaderAppendAction) Number() protoreflect.EnumNumber {
+	return protoreflect.EnumNumber(x)
+}
+
+// Deprecated: Use HeaderValueOption_HeaderAppendAction.Descriptor instead.
+func (HeaderValueOption_HeaderAppendAction) EnumDescriptor() ([]byte, []int) {
+	return file_envoy_config_core_v3_base_proto_rawDescGZIP(), []int{11, 0}
+}
+
+// Identifies location of where either Envoy runs or where upstream hosts run.
+type Locality struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// Region this :ref:`zone <envoy_v3_api_field_config.core.v3.Locality.zone>` belongs to.
+	Region string `protobuf:"bytes,1,opt,name=region,proto3" json:"region,omitempty"`
+	// Defines the local service zone where Envoy is running. Though optional, it
+	// should be set if discovery service routing is used and the discovery
+	// service exposes :ref:`zone data <envoy_v3_api_field_config.endpoint.v3.LocalityLbEndpoints.locality>`,
+	// either in this message or via :option:`--service-zone`. The meaning of zone
+	// is context dependent, e.g. `Availability Zone (AZ)
+	// <https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/using-regions-availability-zones.html>`_
+	// on AWS, `Zone <https://cloud.google.com/compute/docs/regions-zones/>`_ on
+	// GCP, etc.
+	Zone string `protobuf:"bytes,2,opt,name=zone,proto3" json:"zone,omitempty"`
+	// When used for locality of upstream hosts, this field further splits zone
+	// into smaller chunks of sub-zones so they can be load balanced
+	// independently.
+	SubZone string `protobuf:"bytes,3,opt,name=sub_zone,json=subZone,proto3" json:"sub_zone,omitempty"`
+}
+
+func (x *Locality) Reset() {
+	*x = Locality{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_config_core_v3_base_proto_msgTypes[0]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *Locality) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*Locality) ProtoMessage() {}
+
+func (x *Locality) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_config_core_v3_base_proto_msgTypes[0]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use Locality.ProtoReflect.Descriptor instead.
+func (*Locality) Descriptor() ([]byte, []int) {
+	return file_envoy_config_core_v3_base_proto_rawDescGZIP(), []int{0}
+}
+
+func (x *Locality) GetRegion() string {
+	if x != nil {
+		return x.Region
+	}
+	return ""
+}
+
+func (x *Locality) GetZone() string {
+	if x != nil {
+		return x.Zone
+	}
+	return ""
+}
+
+func (x *Locality) GetSubZone() string {
+	if x != nil {
+		return x.SubZone
+	}
+	return ""
+}
+
+// BuildVersion combines SemVer version of extension with free-form build information
+// (i.e. 'alpha', 'private-build') as a set of strings.
+type BuildVersion struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// SemVer version of extension.
+	Version *v3.SemanticVersion `protobuf:"bytes,1,opt,name=version,proto3" json:"version,omitempty"`
+	// Free-form build information.
+	// Envoy defines several well known keys in the source/common/version/version.h file
+	Metadata *_struct.Struct `protobuf:"bytes,2,opt,name=metadata,proto3" json:"metadata,omitempty"`
+}
+
+func (x *BuildVersion) Reset() {
+	*x = BuildVersion{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_config_core_v3_base_proto_msgTypes[1]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *BuildVersion) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*BuildVersion) ProtoMessage() {}
+
+func (x *BuildVersion) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_config_core_v3_base_proto_msgTypes[1]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use BuildVersion.ProtoReflect.Descriptor instead.
+func (*BuildVersion) Descriptor() ([]byte, []int) {
+	return file_envoy_config_core_v3_base_proto_rawDescGZIP(), []int{1}
+}
+
+func (x *BuildVersion) GetVersion() *v3.SemanticVersion {
+	if x != nil {
+		return x.Version
+	}
+	return nil
+}
+
+func (x *BuildVersion) GetMetadata() *_struct.Struct {
+	if x != nil {
+		return x.Metadata
+	}
+	return nil
+}
+
+// Version and identification for an Envoy extension.
+// [#next-free-field: 6]
+type Extension struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// This is the name of the Envoy filter as specified in the Envoy
+	// configuration, e.g. envoy.filters.http.router, com.acme.widget.
+	Name string `protobuf:"bytes,1,opt,name=name,proto3" json:"name,omitempty"`
+	// Category of the extension.
+	// Extension category names use reverse DNS notation. For instance "envoy.filters.listener"
+	// for Envoy's built-in listener filters or "com.acme.filters.http" for HTTP filters from
+	// acme.com vendor.
+	// [#comment:TODO(yanavlasov): Link to the doc with existing envoy category names.]
+	Category string `protobuf:"bytes,2,opt,name=category,proto3" json:"category,omitempty"`
+	// [#not-implemented-hide:] Type descriptor of extension configuration proto.
+	// [#comment:TODO(yanavlasov): Link to the doc with existing configuration protos.]
+	// [#comment:TODO(yanavlasov): Add tests when PR #9391 lands.]
+	TypeDescriptor string `protobuf:"bytes,3,opt,name=type_descriptor,json=typeDescriptor,proto3" json:"type_descriptor,omitempty"`
+	// The version is a property of the extension and maintained independently
+	// of other extensions and the Envoy API.
+	// This field is not set when extension did not provide version information.
+	Version *BuildVersion `protobuf:"bytes,4,opt,name=version,proto3" json:"version,omitempty"`
+	// Indicates that the extension is present but was disabled via dynamic configuration.
+	Disabled bool `protobuf:"varint,5,opt,name=disabled,proto3" json:"disabled,omitempty"`
+}
+
+func (x *Extension) Reset() {
+	*x = Extension{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_config_core_v3_base_proto_msgTypes[2]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *Extension) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*Extension) ProtoMessage() {}
+
+func (x *Extension) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_config_core_v3_base_proto_msgTypes[2]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use Extension.ProtoReflect.Descriptor instead.
+func (*Extension) Descriptor() ([]byte, []int) {
+	return file_envoy_config_core_v3_base_proto_rawDescGZIP(), []int{2}
+}
+
+func (x *Extension) GetName() string {
+	if x != nil {
+		return x.Name
+	}
+	return ""
+}
+
+func (x *Extension) GetCategory() string {
+	if x != nil {
+		return x.Category
+	}
+	return ""
+}
+
+func (x *Extension) GetTypeDescriptor() string {
+	if x != nil {
+		return x.TypeDescriptor
+	}
+	return ""
+}
+
+func (x *Extension) GetVersion() *BuildVersion {
+	if x != nil {
+		return x.Version
+	}
+	return nil
+}
+
+func (x *Extension) GetDisabled() bool {
+	if x != nil {
+		return x.Disabled
+	}
+	return false
+}
+
+// Identifies a specific Envoy instance. The node identifier is presented to the
+// management server, which may use this identifier to distinguish per Envoy
+// configuration for serving.
+// [#next-free-field: 13]
+type Node struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// An opaque node identifier for the Envoy node. This also provides the local
+	// service node name. It should be set if any of the following features are
+	// used: :ref:`statsd <arch_overview_statistics>`, :ref:`CDS
+	// <config_cluster_manager_cds>`, and :ref:`HTTP tracing
+	// <arch_overview_tracing>`, either in this message or via
+	// :option:`--service-node`.
+	Id string `protobuf:"bytes,1,opt,name=id,proto3" json:"id,omitempty"`
+	// Defines the local service cluster name where Envoy is running. Though
+	// optional, it should be set if any of the following features are used:
+	// :ref:`statsd <arch_overview_statistics>`, :ref:`health check cluster
+	// verification
+	// <envoy_v3_api_field_config.core.v3.HealthCheck.HttpHealthCheck.service_name_matcher>`,
+	// :ref:`runtime override directory <envoy_v3_api_msg_config.bootstrap.v3.Runtime>`,
+	// :ref:`user agent addition
+	// <envoy_v3_api_field_extensions.filters.network.http_connection_manager.v3.HttpConnectionManager.add_user_agent>`,
+	// :ref:`HTTP global rate limiting <config_http_filters_rate_limit>`,
+	// :ref:`CDS <config_cluster_manager_cds>`, and :ref:`HTTP tracing
+	// <arch_overview_tracing>`, either in this message or via
+	// :option:`--service-cluster`.
+	Cluster string `protobuf:"bytes,2,opt,name=cluster,proto3" json:"cluster,omitempty"`
+	// Opaque metadata extending the node identifier. Envoy will pass this
+	// directly to the management server.
+	Metadata *_struct.Struct `protobuf:"bytes,3,opt,name=metadata,proto3" json:"metadata,omitempty"`
+	// Map from xDS resource type URL to dynamic context parameters. These may vary at runtime (unlike
+	// other fields in this message). For example, the xDS client may have a shard identifier that
+	// changes during the lifetime of the xDS client. In Envoy, this would be achieved by updating the
+	// dynamic context on the Server::Instance's LocalInfo context provider. The shard ID dynamic
+	// parameter then appears in this field during future discovery requests.
+	DynamicParameters map[string]*v31.ContextParams `protobuf:"bytes,12,rep,name=dynamic_parameters,json=dynamicParameters,proto3" json:"dynamic_parameters,omitempty" protobuf_key:"bytes,1,opt,name=key,proto3" protobuf_val:"bytes,2,opt,name=value,proto3"`
+	// Locality specifying where the Envoy instance is running.
+	Locality *Locality `protobuf:"bytes,4,opt,name=locality,proto3" json:"locality,omitempty"`
+	// Free-form string that identifies the entity requesting config.
+	// E.g. "envoy" or "grpc"
+	UserAgentName string `protobuf:"bytes,6,opt,name=user_agent_name,json=userAgentName,proto3" json:"user_agent_name,omitempty"`
+	// Types that are assignable to UserAgentVersionType:
+	//	*Node_UserAgentVersion
+	//	*Node_UserAgentBuildVersion
+	UserAgentVersionType isNode_UserAgentVersionType `protobuf_oneof:"user_agent_version_type"`
+	// List of extensions and their versions supported by the node.
+	Extensions []*Extension `protobuf:"bytes,9,rep,name=extensions,proto3" json:"extensions,omitempty"`
+	// Client feature support list. These are well known features described
+	// in the Envoy API repository for a given major version of an API. Client features
+	// use reverse DNS naming scheme, for example `com.acme.feature`.
+	// See :ref:`the list of features <client_features>` that xDS client may
+	// support.
+	ClientFeatures []string `protobuf:"bytes,10,rep,name=client_features,json=clientFeatures,proto3" json:"client_features,omitempty"`
+	// Known listening ports on the node as a generic hint to the management server
+	// for filtering :ref:`listeners <config_listeners>` to be returned. For example,
+	// if there is a listener bound to port 80, the list can optionally contain the
+	// SocketAddress `(0.0.0.0,80)`. The field is optional and just a hint.
+	//
+	// Deprecated: Do not use.
+	ListeningAddresses []*Address `protobuf:"bytes,11,rep,name=listening_addresses,json=listeningAddresses,proto3" json:"listening_addresses,omitempty"`
+}
+
+func (x *Node) Reset() {
+	*x = Node{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_config_core_v3_base_proto_msgTypes[3]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *Node) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*Node) ProtoMessage() {}
+
+func (x *Node) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_config_core_v3_base_proto_msgTypes[3]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use Node.ProtoReflect.Descriptor instead.
+func (*Node) Descriptor() ([]byte, []int) {
+	return file_envoy_config_core_v3_base_proto_rawDescGZIP(), []int{3}
+}
+
+func (x *Node) GetId() string {
+	if x != nil {
+		return x.Id
+	}
+	return ""
+}
+
+func (x *Node) GetCluster() string {
+	if x != nil {
+		return x.Cluster
+	}
+	return ""
+}
+
+func (x *Node) GetMetadata() *_struct.Struct {
+	if x != nil {
+		return x.Metadata
+	}
+	return nil
+}
+
+func (x *Node) GetDynamicParameters() map[string]*v31.ContextParams {
+	if x != nil {
+		return x.DynamicParameters
+	}
+	return nil
+}
+
+func (x *Node) GetLocality() *Locality {
+	if x != nil {
+		return x.Locality
+	}
+	return nil
+}
+
+func (x *Node) GetUserAgentName() string {
+	if x != nil {
+		return x.UserAgentName
+	}
+	return ""
+}
+
+func (m *Node) GetUserAgentVersionType() isNode_UserAgentVersionType {
+	if m != nil {
+		return m.UserAgentVersionType
+	}
+	return nil
+}
+
+func (x *Node) GetUserAgentVersion() string {
+	if x, ok := x.GetUserAgentVersionType().(*Node_UserAgentVersion); ok {
+		return x.UserAgentVersion
+	}
+	return ""
+}
+
+func (x *Node) GetUserAgentBuildVersion() *BuildVersion {
+	if x, ok := x.GetUserAgentVersionType().(*Node_UserAgentBuildVersion); ok {
+		return x.UserAgentBuildVersion
+	}
+	return nil
+}
+
+func (x *Node) GetExtensions() []*Extension {
+	if x != nil {
+		return x.Extensions
+	}
+	return nil
+}
+
+func (x *Node) GetClientFeatures() []string {
+	if x != nil {
+		return x.ClientFeatures
+	}
+	return nil
+}
+
+// Deprecated: Do not use.
+func (x *Node) GetListeningAddresses() []*Address {
+	if x != nil {
+		return x.ListeningAddresses
+	}
+	return nil
+}
+
+type isNode_UserAgentVersionType interface {
+	isNode_UserAgentVersionType()
+}
+
+type Node_UserAgentVersion struct {
+	// Free-form string that identifies the version of the entity requesting config.
+	// E.g. "1.12.2" or "abcd1234", or "SpecialEnvoyBuild"
+	UserAgentVersion string `protobuf:"bytes,7,opt,name=user_agent_version,json=userAgentVersion,proto3,oneof"`
+}
+
+type Node_UserAgentBuildVersion struct {
+	// Structured version of the entity requesting config.
+	UserAgentBuildVersion *BuildVersion `protobuf:"bytes,8,opt,name=user_agent_build_version,json=userAgentBuildVersion,proto3,oneof"`
+}
+
+func (*Node_UserAgentVersion) isNode_UserAgentVersionType() {}
+
+func (*Node_UserAgentBuildVersion) isNode_UserAgentVersionType() {}
+
+// Metadata provides additional inputs to filters based on matched listeners,
+// filter chains, routes and endpoints. It is structured as a map, usually from
+// filter name (in reverse DNS format) to metadata specific to the filter. Metadata
+// key-values for a filter are merged as connection and request handling occurs,
+// with later values for the same key overriding earlier values.
+//
+// An example use of metadata is providing additional values to
+// http_connection_manager in the envoy.http_connection_manager.access_log
+// namespace.
+//
+// Another example use of metadata is to per service config info in cluster metadata, which may get
+// consumed by multiple filters.
+//
+// For load balancing, Metadata provides a means to subset cluster endpoints.
+// Endpoints have a Metadata object associated and routes contain a Metadata
+// object to match against. There are some well defined metadata used today for
+// this purpose:
+//
+// * ``{"envoy.lb": {"canary": <bool> }}`` This indicates the canary status of an
+//   endpoint and is also used during header processing
+//   (x-envoy-upstream-canary) and for stats purposes.
+// [#next-major-version: move to type/metadata/v2]
+type Metadata struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// Key is the reverse DNS filter name, e.g. com.acme.widget. The envoy.*
+	// namespace is reserved for Envoy's built-in filters.
+	// If both *filter_metadata* and
+	// :ref:`typed_filter_metadata <envoy_v3_api_field_config.core.v3.Metadata.typed_filter_metadata>`
+	// fields are present in the metadata with same keys,
+	// only *typed_filter_metadata* field will be parsed.
+	FilterMetadata map[string]*_struct.Struct `protobuf:"bytes,1,rep,name=filter_metadata,json=filterMetadata,proto3" json:"filter_metadata,omitempty" protobuf_key:"bytes,1,opt,name=key,proto3" protobuf_val:"bytes,2,opt,name=value,proto3"`
+	// Key is the reverse DNS filter name, e.g. com.acme.widget. The envoy.*
+	// namespace is reserved for Envoy's built-in filters.
+	// The value is encoded as google.protobuf.Any.
+	// If both :ref:`filter_metadata <envoy_v3_api_field_config.core.v3.Metadata.filter_metadata>`
+	// and *typed_filter_metadata* fields are present in the metadata with same keys,
+	// only *typed_filter_metadata* field will be parsed.
+	TypedFilterMetadata map[string]*any.Any `protobuf:"bytes,2,rep,name=typed_filter_metadata,json=typedFilterMetadata,proto3" json:"typed_filter_metadata,omitempty" protobuf_key:"bytes,1,opt,name=key,proto3" protobuf_val:"bytes,2,opt,name=value,proto3"`
+}
+
+func (x *Metadata) Reset() {
+	*x = Metadata{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_config_core_v3_base_proto_msgTypes[4]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *Metadata) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*Metadata) ProtoMessage() {}
+
+func (x *Metadata) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_config_core_v3_base_proto_msgTypes[4]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use Metadata.ProtoReflect.Descriptor instead.
+func (*Metadata) Descriptor() ([]byte, []int) {
+	return file_envoy_config_core_v3_base_proto_rawDescGZIP(), []int{4}
+}
+
+func (x *Metadata) GetFilterMetadata() map[string]*_struct.Struct {
+	if x != nil {
+		return x.FilterMetadata
+	}
+	return nil
+}
+
+func (x *Metadata) GetTypedFilterMetadata() map[string]*any.Any {
+	if x != nil {
+		return x.TypedFilterMetadata
+	}
+	return nil
+}
+
+// Runtime derived uint32 with a default when not specified.
+type RuntimeUInt32 struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// Default value if runtime value is not available.
+	DefaultValue uint32 `protobuf:"varint,2,opt,name=default_value,json=defaultValue,proto3" json:"default_value,omitempty"`
+	// Runtime key to get value for comparison. This value is used if defined.
+	RuntimeKey string `protobuf:"bytes,3,opt,name=runtime_key,json=runtimeKey,proto3" json:"runtime_key,omitempty"`
+}
+
+func (x *RuntimeUInt32) Reset() {
+	*x = RuntimeUInt32{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_config_core_v3_base_proto_msgTypes[5]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *RuntimeUInt32) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*RuntimeUInt32) ProtoMessage() {}
+
+func (x *RuntimeUInt32) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_config_core_v3_base_proto_msgTypes[5]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use RuntimeUInt32.ProtoReflect.Descriptor instead.
+func (*RuntimeUInt32) Descriptor() ([]byte, []int) {
+	return file_envoy_config_core_v3_base_proto_rawDescGZIP(), []int{5}
+}
+
+func (x *RuntimeUInt32) GetDefaultValue() uint32 {
+	if x != nil {
+		return x.DefaultValue
+	}
+	return 0
+}
+
+func (x *RuntimeUInt32) GetRuntimeKey() string {
+	if x != nil {
+		return x.RuntimeKey
+	}
+	return ""
+}
+
+// Runtime derived percentage with a default when not specified.
+type RuntimePercent struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// Default value if runtime value is not available.
+	DefaultValue *v3.Percent `protobuf:"bytes,1,opt,name=default_value,json=defaultValue,proto3" json:"default_value,omitempty"`
+	// Runtime key to get value for comparison. This value is used if defined.
+	RuntimeKey string `protobuf:"bytes,2,opt,name=runtime_key,json=runtimeKey,proto3" json:"runtime_key,omitempty"`
+}
+
+func (x *RuntimePercent) Reset() {
+	*x = RuntimePercent{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_config_core_v3_base_proto_msgTypes[6]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *RuntimePercent) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*RuntimePercent) ProtoMessage() {}
+
+func (x *RuntimePercent) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_config_core_v3_base_proto_msgTypes[6]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use RuntimePercent.ProtoReflect.Descriptor instead.
+func (*RuntimePercent) Descriptor() ([]byte, []int) {
+	return file_envoy_config_core_v3_base_proto_rawDescGZIP(), []int{6}
+}
+
+func (x *RuntimePercent) GetDefaultValue() *v3.Percent {
+	if x != nil {
+		return x.DefaultValue
+	}
+	return nil
+}
+
+func (x *RuntimePercent) GetRuntimeKey() string {
+	if x != nil {
+		return x.RuntimeKey
+	}
+	return ""
+}
+
+// Runtime derived double with a default when not specified.
+type RuntimeDouble struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// Default value if runtime value is not available.
+	DefaultValue float64 `protobuf:"fixed64,1,opt,name=default_value,json=defaultValue,proto3" json:"default_value,omitempty"`
+	// Runtime key to get value for comparison. This value is used if defined.
+	RuntimeKey string `protobuf:"bytes,2,opt,name=runtime_key,json=runtimeKey,proto3" json:"runtime_key,omitempty"`
+}
+
+func (x *RuntimeDouble) Reset() {
+	*x = RuntimeDouble{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_config_core_v3_base_proto_msgTypes[7]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *RuntimeDouble) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*RuntimeDouble) ProtoMessage() {}
+
+func (x *RuntimeDouble) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_config_core_v3_base_proto_msgTypes[7]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use RuntimeDouble.ProtoReflect.Descriptor instead.
+func (*RuntimeDouble) Descriptor() ([]byte, []int) {
+	return file_envoy_config_core_v3_base_proto_rawDescGZIP(), []int{7}
+}
+
+func (x *RuntimeDouble) GetDefaultValue() float64 {
+	if x != nil {
+		return x.DefaultValue
+	}
+	return 0
+}
+
+func (x *RuntimeDouble) GetRuntimeKey() string {
+	if x != nil {
+		return x.RuntimeKey
+	}
+	return ""
+}
+
+// Runtime derived bool with a default when not specified.
+type RuntimeFeatureFlag struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// Default value if runtime value is not available.
+	DefaultValue *wrappers.BoolValue `protobuf:"bytes,1,opt,name=default_value,json=defaultValue,proto3" json:"default_value,omitempty"`
+	// Runtime key to get value for comparison. This value is used if defined. The boolean value must
+	// be represented via its
+	// `canonical JSON encoding <https://developers.google.com/protocol-buffers/docs/proto3#json>`_.
+	RuntimeKey string `protobuf:"bytes,2,opt,name=runtime_key,json=runtimeKey,proto3" json:"runtime_key,omitempty"`
+}
+
+func (x *RuntimeFeatureFlag) Reset() {
+	*x = RuntimeFeatureFlag{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_config_core_v3_base_proto_msgTypes[8]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *RuntimeFeatureFlag) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*RuntimeFeatureFlag) ProtoMessage() {}
+
+func (x *RuntimeFeatureFlag) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_config_core_v3_base_proto_msgTypes[8]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use RuntimeFeatureFlag.ProtoReflect.Descriptor instead.
+func (*RuntimeFeatureFlag) Descriptor() ([]byte, []int) {
+	return file_envoy_config_core_v3_base_proto_rawDescGZIP(), []int{8}
+}
+
+func (x *RuntimeFeatureFlag) GetDefaultValue() *wrappers.BoolValue {
+	if x != nil {
+		return x.DefaultValue
+	}
+	return nil
+}
+
+func (x *RuntimeFeatureFlag) GetRuntimeKey() string {
+	if x != nil {
+		return x.RuntimeKey
+	}
+	return ""
+}
+
+// Query parameter name/value pair.
+type QueryParameter struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// The key of the query parameter. Case sensitive.
+	Key string `protobuf:"bytes,1,opt,name=key,proto3" json:"key,omitempty"`
+	// The value of the query parameter.
+	Value string `protobuf:"bytes,2,opt,name=value,proto3" json:"value,omitempty"`
+}
+
+func (x *QueryParameter) Reset() {
+	*x = QueryParameter{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_config_core_v3_base_proto_msgTypes[9]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *QueryParameter) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*QueryParameter) ProtoMessage() {}
+
+func (x *QueryParameter) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_config_core_v3_base_proto_msgTypes[9]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use QueryParameter.ProtoReflect.Descriptor instead.
+func (*QueryParameter) Descriptor() ([]byte, []int) {
+	return file_envoy_config_core_v3_base_proto_rawDescGZIP(), []int{9}
+}
+
+func (x *QueryParameter) GetKey() string {
+	if x != nil {
+		return x.Key
+	}
+	return ""
+}
+
+func (x *QueryParameter) GetValue() string {
+	if x != nil {
+		return x.Value
+	}
+	return ""
+}
+
+// Header name/value pair.
+type HeaderValue struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// Header name.
+	Key string `protobuf:"bytes,1,opt,name=key,proto3" json:"key,omitempty"`
+	// Header value.
+	//
+	// The same :ref:`format specifier <config_access_log_format>` as used for
+	// :ref:`HTTP access logging <config_access_log>` applies here, however
+	// unknown header values are replaced with the empty string instead of `-`.
+	Value string `protobuf:"bytes,2,opt,name=value,proto3" json:"value,omitempty"`
+}
+
+func (x *HeaderValue) Reset() {
+	*x = HeaderValue{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_config_core_v3_base_proto_msgTypes[10]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *HeaderValue) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*HeaderValue) ProtoMessage() {}
+
+func (x *HeaderValue) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_config_core_v3_base_proto_msgTypes[10]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use HeaderValue.ProtoReflect.Descriptor instead.
+func (*HeaderValue) Descriptor() ([]byte, []int) {
+	return file_envoy_config_core_v3_base_proto_rawDescGZIP(), []int{10}
+}
+
+func (x *HeaderValue) GetKey() string {
+	if x != nil {
+		return x.Key
+	}
+	return ""
+}
+
+func (x *HeaderValue) GetValue() string {
+	if x != nil {
+		return x.Value
+	}
+	return ""
+}
+
+// Header name/value pair plus option to control append behavior.
+type HeaderValueOption struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// Header name/value pair that this option applies to.
+	Header *HeaderValue `protobuf:"bytes,1,opt,name=header,proto3" json:"header,omitempty"`
+	// Should the value be appended? If true (default), the value is appended to
+	// existing values. Otherwise it replaces any existing values.
+	Append *wrappers.BoolValue `protobuf:"bytes,2,opt,name=append,proto3" json:"append,omitempty"`
+	// [#not-implemented-hide:] Describes the action taken to append/overwrite the given value for an existing header
+	// or to only add this header if it's absent. Value defaults to :ref:`APPEND_IF_EXISTS_OR_ADD<envoy_v3_api_enum_value_config.core.v3.HeaderValueOption.HeaderAppendAction.APPEND_IF_EXISTS_OR_ADD>`.
+	AppendAction HeaderValueOption_HeaderAppendAction `protobuf:"varint,3,opt,name=append_action,json=appendAction,proto3,enum=envoy.config.core.v3.HeaderValueOption_HeaderAppendAction" json:"append_action,omitempty"`
+}
+
+func (x *HeaderValueOption) Reset() {
+	*x = HeaderValueOption{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_config_core_v3_base_proto_msgTypes[11]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *HeaderValueOption) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*HeaderValueOption) ProtoMessage() {}
+
+func (x *HeaderValueOption) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_config_core_v3_base_proto_msgTypes[11]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use HeaderValueOption.ProtoReflect.Descriptor instead.
+func (*HeaderValueOption) Descriptor() ([]byte, []int) {
+	return file_envoy_config_core_v3_base_proto_rawDescGZIP(), []int{11}
+}
+
+func (x *HeaderValueOption) GetHeader() *HeaderValue {
+	if x != nil {
+		return x.Header
+	}
+	return nil
+}
+
+func (x *HeaderValueOption) GetAppend() *wrappers.BoolValue {
+	if x != nil {
+		return x.Append
+	}
+	return nil
+}
+
+func (x *HeaderValueOption) GetAppendAction() HeaderValueOption_HeaderAppendAction {
+	if x != nil {
+		return x.AppendAction
+	}
+	return HeaderValueOption_APPEND_IF_EXISTS_OR_ADD
+}
+
+// Wrapper for a set of headers.
+type HeaderMap struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	Headers []*HeaderValue `protobuf:"bytes,1,rep,name=headers,proto3" json:"headers,omitempty"`
+}
+
+func (x *HeaderMap) Reset() {
+	*x = HeaderMap{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_config_core_v3_base_proto_msgTypes[12]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *HeaderMap) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*HeaderMap) ProtoMessage() {}
+
+func (x *HeaderMap) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_config_core_v3_base_proto_msgTypes[12]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use HeaderMap.ProtoReflect.Descriptor instead.
+func (*HeaderMap) Descriptor() ([]byte, []int) {
+	return file_envoy_config_core_v3_base_proto_rawDescGZIP(), []int{12}
+}
+
+func (x *HeaderMap) GetHeaders() []*HeaderValue {
+	if x != nil {
+		return x.Headers
+	}
+	return nil
+}
+
+// A directory that is watched for changes, e.g. by inotify on Linux. Move/rename
+// events inside this directory trigger the watch.
+type WatchedDirectory struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// Directory path to watch.
+	Path string `protobuf:"bytes,1,opt,name=path,proto3" json:"path,omitempty"`
+}
+
+func (x *WatchedDirectory) Reset() {
+	*x = WatchedDirectory{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_config_core_v3_base_proto_msgTypes[13]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *WatchedDirectory) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*WatchedDirectory) ProtoMessage() {}
+
+func (x *WatchedDirectory) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_config_core_v3_base_proto_msgTypes[13]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use WatchedDirectory.ProtoReflect.Descriptor instead.
+func (*WatchedDirectory) Descriptor() ([]byte, []int) {
+	return file_envoy_config_core_v3_base_proto_rawDescGZIP(), []int{13}
+}
+
+func (x *WatchedDirectory) GetPath() string {
+	if x != nil {
+		return x.Path
+	}
+	return ""
+}
+
+// Data source consisting of a file, an inline value, or an environment variable.
+type DataSource struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// Types that are assignable to Specifier:
+	//	*DataSource_Filename
+	//	*DataSource_InlineBytes
+	//	*DataSource_InlineString
+	//	*DataSource_EnvironmentVariable
+	Specifier isDataSource_Specifier `protobuf_oneof:"specifier"`
+}
+
+func (x *DataSource) Reset() {
+	*x = DataSource{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_config_core_v3_base_proto_msgTypes[14]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *DataSource) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*DataSource) ProtoMessage() {}
+
+func (x *DataSource) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_config_core_v3_base_proto_msgTypes[14]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use DataSource.ProtoReflect.Descriptor instead.
+func (*DataSource) Descriptor() ([]byte, []int) {
+	return file_envoy_config_core_v3_base_proto_rawDescGZIP(), []int{14}
+}
+
+func (m *DataSource) GetSpecifier() isDataSource_Specifier {
+	if m != nil {
+		return m.Specifier
+	}
+	return nil
+}
+
+func (x *DataSource) GetFilename() string {
+	if x, ok := x.GetSpecifier().(*DataSource_Filename); ok {
+		return x.Filename
+	}
+	return ""
+}
+
+func (x *DataSource) GetInlineBytes() []byte {
+	if x, ok := x.GetSpecifier().(*DataSource_InlineBytes); ok {
+		return x.InlineBytes
+	}
+	return nil
+}
+
+func (x *DataSource) GetInlineString() string {
+	if x, ok := x.GetSpecifier().(*DataSource_InlineString); ok {
+		return x.InlineString
+	}
+	return ""
+}
+
+func (x *DataSource) GetEnvironmentVariable() string {
+	if x, ok := x.GetSpecifier().(*DataSource_EnvironmentVariable); ok {
+		return x.EnvironmentVariable
+	}
+	return ""
+}
+
+type isDataSource_Specifier interface {
+	isDataSource_Specifier()
+}
+
+type DataSource_Filename struct {
+	// Local filesystem data source.
+	Filename string `protobuf:"bytes,1,opt,name=filename,proto3,oneof"`
+}
+
+type DataSource_InlineBytes struct {
+	// Bytes inlined in the configuration.
+	InlineBytes []byte `protobuf:"bytes,2,opt,name=inline_bytes,json=inlineBytes,proto3,oneof"`
+}
+
+type DataSource_InlineString struct {
+	// String inlined in the configuration.
+	InlineString string `protobuf:"bytes,3,opt,name=inline_string,json=inlineString,proto3,oneof"`
+}
+
+type DataSource_EnvironmentVariable struct {
+	// Environment variable data source.
+	EnvironmentVariable string `protobuf:"bytes,4,opt,name=environment_variable,json=environmentVariable,proto3,oneof"`
+}
+
+func (*DataSource_Filename) isDataSource_Specifier() {}
+
+func (*DataSource_InlineBytes) isDataSource_Specifier() {}
+
+func (*DataSource_InlineString) isDataSource_Specifier() {}
+
+func (*DataSource_EnvironmentVariable) isDataSource_Specifier() {}
+
+// The message specifies the retry policy of remote data source when fetching fails.
+type RetryPolicy struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// Specifies parameters that control :ref:`retry backoff strategy <envoy_v3_api_msg_config.core.v3.BackoffStrategy>`.
+	// This parameter is optional, in which case the default base interval is 1000 milliseconds. The
+	// default maximum interval is 10 times the base interval.
+	RetryBackOff *BackoffStrategy `protobuf:"bytes,1,opt,name=retry_back_off,json=retryBackOff,proto3" json:"retry_back_off,omitempty"`
+	// Specifies the allowed number of retries. This parameter is optional and
+	// defaults to 1.
+	NumRetries *wrappers.UInt32Value `protobuf:"bytes,2,opt,name=num_retries,json=numRetries,proto3" json:"num_retries,omitempty"`
+}
+
+func (x *RetryPolicy) Reset() {
+	*x = RetryPolicy{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_config_core_v3_base_proto_msgTypes[15]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *RetryPolicy) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*RetryPolicy) ProtoMessage() {}
+
+func (x *RetryPolicy) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_config_core_v3_base_proto_msgTypes[15]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use RetryPolicy.ProtoReflect.Descriptor instead.
+func (*RetryPolicy) Descriptor() ([]byte, []int) {
+	return file_envoy_config_core_v3_base_proto_rawDescGZIP(), []int{15}
+}
+
+func (x *RetryPolicy) GetRetryBackOff() *BackoffStrategy {
+	if x != nil {
+		return x.RetryBackOff
+	}
+	return nil
+}
+
+func (x *RetryPolicy) GetNumRetries() *wrappers.UInt32Value {
+	if x != nil {
+		return x.NumRetries
+	}
+	return nil
+}
+
+// The message specifies how to fetch data from remote and how to verify it.
+type RemoteDataSource struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// The HTTP URI to fetch the remote data.
+	HttpUri *HttpUri `protobuf:"bytes,1,opt,name=http_uri,json=httpUri,proto3" json:"http_uri,omitempty"`
+	// SHA256 string for verifying data.
+	Sha256 string `protobuf:"bytes,2,opt,name=sha256,proto3" json:"sha256,omitempty"`
+	// Retry policy for fetching remote data.
+	RetryPolicy *RetryPolicy `protobuf:"bytes,3,opt,name=retry_policy,json=retryPolicy,proto3" json:"retry_policy,omitempty"`
+}
+
+func (x *RemoteDataSource) Reset() {
+	*x = RemoteDataSource{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_config_core_v3_base_proto_msgTypes[16]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *RemoteDataSource) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*RemoteDataSource) ProtoMessage() {}
+
+func (x *RemoteDataSource) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_config_core_v3_base_proto_msgTypes[16]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use RemoteDataSource.ProtoReflect.Descriptor instead.
+func (*RemoteDataSource) Descriptor() ([]byte, []int) {
+	return file_envoy_config_core_v3_base_proto_rawDescGZIP(), []int{16}
+}
+
+func (x *RemoteDataSource) GetHttpUri() *HttpUri {
+	if x != nil {
+		return x.HttpUri
+	}
+	return nil
+}
+
+func (x *RemoteDataSource) GetSha256() string {
+	if x != nil {
+		return x.Sha256
+	}
+	return ""
+}
+
+func (x *RemoteDataSource) GetRetryPolicy() *RetryPolicy {
+	if x != nil {
+		return x.RetryPolicy
+	}
+	return nil
+}
+
+// Async data source which support async data fetch.
+type AsyncDataSource struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// Types that are assignable to Specifier:
+	//	*AsyncDataSource_Local
+	//	*AsyncDataSource_Remote
+	Specifier isAsyncDataSource_Specifier `protobuf_oneof:"specifier"`
+}
+
+func (x *AsyncDataSource) Reset() {
+	*x = AsyncDataSource{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_config_core_v3_base_proto_msgTypes[17]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *AsyncDataSource) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*AsyncDataSource) ProtoMessage() {}
+
+func (x *AsyncDataSource) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_config_core_v3_base_proto_msgTypes[17]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use AsyncDataSource.ProtoReflect.Descriptor instead.
+func (*AsyncDataSource) Descriptor() ([]byte, []int) {
+	return file_envoy_config_core_v3_base_proto_rawDescGZIP(), []int{17}
+}
+
+func (m *AsyncDataSource) GetSpecifier() isAsyncDataSource_Specifier {
+	if m != nil {
+		return m.Specifier
+	}
+	return nil
+}
+
+func (x *AsyncDataSource) GetLocal() *DataSource {
+	if x, ok := x.GetSpecifier().(*AsyncDataSource_Local); ok {
+		return x.Local
+	}
+	return nil
+}
+
+func (x *AsyncDataSource) GetRemote() *RemoteDataSource {
+	if x, ok := x.GetSpecifier().(*AsyncDataSource_Remote); ok {
+		return x.Remote
+	}
+	return nil
+}
+
+type isAsyncDataSource_Specifier interface {
+	isAsyncDataSource_Specifier()
+}
+
+type AsyncDataSource_Local struct {
+	// Local async data source.
+	Local *DataSource `protobuf:"bytes,1,opt,name=local,proto3,oneof"`
+}
+
+type AsyncDataSource_Remote struct {
+	// Remote async data source.
+	Remote *RemoteDataSource `protobuf:"bytes,2,opt,name=remote,proto3,oneof"`
+}
+
+func (*AsyncDataSource_Local) isAsyncDataSource_Specifier() {}
+
+func (*AsyncDataSource_Remote) isAsyncDataSource_Specifier() {}
+
+// Configuration for transport socket in :ref:`listeners <config_listeners>` and
+// :ref:`clusters <envoy_v3_api_msg_config.cluster.v3.Cluster>`. If the configuration is
+// empty, a default transport socket implementation and configuration will be
+// chosen based on the platform and existence of tls_context.
+type TransportSocket struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// The name of the transport socket to instantiate. The name must match a supported transport
+	// socket implementation.
+	Name string `protobuf:"bytes,1,opt,name=name,proto3" json:"name,omitempty"`
+	// Implementation specific configuration which depends on the implementation being instantiated.
+	// See the supported transport socket implementations for further documentation.
+	//
+	// Types that are assignable to ConfigType:
+	//	*TransportSocket_TypedConfig
+	ConfigType isTransportSocket_ConfigType `protobuf_oneof:"config_type"`
+}
+
+func (x *TransportSocket) Reset() {
+	*x = TransportSocket{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_config_core_v3_base_proto_msgTypes[18]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *TransportSocket) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*TransportSocket) ProtoMessage() {}
+
+func (x *TransportSocket) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_config_core_v3_base_proto_msgTypes[18]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use TransportSocket.ProtoReflect.Descriptor instead.
+func (*TransportSocket) Descriptor() ([]byte, []int) {
+	return file_envoy_config_core_v3_base_proto_rawDescGZIP(), []int{18}
+}
+
+func (x *TransportSocket) GetName() string {
+	if x != nil {
+		return x.Name
+	}
+	return ""
+}
+
+func (m *TransportSocket) GetConfigType() isTransportSocket_ConfigType {
+	if m != nil {
+		return m.ConfigType
+	}
+	return nil
+}
+
+func (x *TransportSocket) GetTypedConfig() *any.Any {
+	if x, ok := x.GetConfigType().(*TransportSocket_TypedConfig); ok {
+		return x.TypedConfig
+	}
+	return nil
+}
+
+type isTransportSocket_ConfigType interface {
+	isTransportSocket_ConfigType()
+}
+
+type TransportSocket_TypedConfig struct {
+	TypedConfig *any.Any `protobuf:"bytes,3,opt,name=typed_config,json=typedConfig,proto3,oneof"`
+}
+
+func (*TransportSocket_TypedConfig) isTransportSocket_ConfigType() {}
+
+// Runtime derived FractionalPercent with defaults for when the numerator or denominator is not
+// specified via a runtime key.
+//
+// .. note::
+//
+//   Parsing of the runtime key's data is implemented such that it may be represented as a
+//   :ref:`FractionalPercent <envoy_v3_api_msg_type.v3.FractionalPercent>` proto represented as JSON/YAML
+//   and may also be represented as an integer with the assumption that the value is an integral
+//   percentage out of 100. For instance, a runtime key lookup returning the value "42" would parse
+//   as a `FractionalPercent` whose numerator is 42 and denominator is HUNDRED.
+type RuntimeFractionalPercent struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// Default value if the runtime value's for the numerator/denominator keys are not available.
+	DefaultValue *v3.FractionalPercent `protobuf:"bytes,1,opt,name=default_value,json=defaultValue,proto3" json:"default_value,omitempty"`
+	// Runtime key for a YAML representation of a FractionalPercent.
+	RuntimeKey string `protobuf:"bytes,2,opt,name=runtime_key,json=runtimeKey,proto3" json:"runtime_key,omitempty"`
+}
+
+func (x *RuntimeFractionalPercent) Reset() {
+	*x = RuntimeFractionalPercent{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_config_core_v3_base_proto_msgTypes[19]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *RuntimeFractionalPercent) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*RuntimeFractionalPercent) ProtoMessage() {}
+
+func (x *RuntimeFractionalPercent) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_config_core_v3_base_proto_msgTypes[19]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use RuntimeFractionalPercent.ProtoReflect.Descriptor instead.
+func (*RuntimeFractionalPercent) Descriptor() ([]byte, []int) {
+	return file_envoy_config_core_v3_base_proto_rawDescGZIP(), []int{19}
+}
+
+func (x *RuntimeFractionalPercent) GetDefaultValue() *v3.FractionalPercent {
+	if x != nil {
+		return x.DefaultValue
+	}
+	return nil
+}
+
+func (x *RuntimeFractionalPercent) GetRuntimeKey() string {
+	if x != nil {
+		return x.RuntimeKey
+	}
+	return ""
+}
+
+// Identifies a specific ControlPlane instance that Envoy is connected to.
+type ControlPlane struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// An opaque control plane identifier that uniquely identifies an instance
+	// of control plane. This can be used to identify which control plane instance,
+	// the Envoy is connected to.
+	Identifier string `protobuf:"bytes,1,opt,name=identifier,proto3" json:"identifier,omitempty"`
+}
+
+func (x *ControlPlane) Reset() {
+	*x = ControlPlane{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_config_core_v3_base_proto_msgTypes[20]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *ControlPlane) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*ControlPlane) ProtoMessage() {}
+
+func (x *ControlPlane) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_config_core_v3_base_proto_msgTypes[20]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use ControlPlane.ProtoReflect.Descriptor instead.
+func (*ControlPlane) Descriptor() ([]byte, []int) {
+	return file_envoy_config_core_v3_base_proto_rawDescGZIP(), []int{20}
+}
+
+func (x *ControlPlane) GetIdentifier() string {
+	if x != nil {
+		return x.Identifier
+	}
+	return ""
+}
+
+var File_envoy_config_core_v3_base_proto protoreflect.FileDescriptor
+
+var file_envoy_config_core_v3_base_proto_rawDesc = []byte{
+	0x0a, 0x1f, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2f, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2f, 0x63,
+	0x6f, 0x72, 0x65, 0x2f, 0x76, 0x33, 0x2f, 0x62, 0x61, 0x73, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74,
+	0x6f, 0x12, 0x14, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e,
+	0x63, 0x6f, 0x72, 0x65, 0x2e, 0x76, 0x33, 0x1a, 0x22, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2f, 0x63,
+	0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2f, 0x63, 0x6f, 0x72, 0x65, 0x2f, 0x76, 0x33, 0x2f, 0x61, 0x64,
+	0x64, 0x72, 0x65, 0x73, 0x73, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x22, 0x65, 0x6e, 0x76,
+	0x6f, 0x79, 0x2f, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2f, 0x63, 0x6f, 0x72, 0x65, 0x2f, 0x76,
+	0x33, 0x2f, 0x62, 0x61, 0x63, 0x6b, 0x6f, 0x66, 0x66, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a,
+	0x23, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2f, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2f, 0x63, 0x6f,
+	0x72, 0x65, 0x2f, 0x76, 0x33, 0x2f, 0x68, 0x74, 0x74, 0x70, 0x5f, 0x75, 0x72, 0x69, 0x2e, 0x70,
+	0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x1b, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2f, 0x74, 0x79, 0x70, 0x65,
+	0x2f, 0x76, 0x33, 0x2f, 0x70, 0x65, 0x72, 0x63, 0x65, 0x6e, 0x74, 0x2e, 0x70, 0x72, 0x6f, 0x74,
+	0x6f, 0x1a, 0x24, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2f, 0x74, 0x79, 0x70, 0x65, 0x2f, 0x76, 0x33,
+	0x2f, 0x73, 0x65, 0x6d, 0x61, 0x6e, 0x74, 0x69, 0x63, 0x5f, 0x76, 0x65, 0x72, 0x73, 0x69, 0x6f,
+	0x6e, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x19, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2f,
+	0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2f, 0x61, 0x6e, 0x79, 0x2e, 0x70, 0x72, 0x6f,
+	0x74, 0x6f, 0x1a, 0x1c, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2f, 0x70, 0x72, 0x6f, 0x74, 0x6f,
+	0x62, 0x75, 0x66, 0x2f, 0x73, 0x74, 0x72, 0x75, 0x63, 0x74, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f,
+	0x1a, 0x1e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2f, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75,
+	0x66, 0x2f, 0x77, 0x72, 0x61, 0x70, 0x70, 0x65, 0x72, 0x73, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f,
+	0x1a, 0x20, 0x78, 0x64, 0x73, 0x2f, 0x63, 0x6f, 0x72, 0x65, 0x2f, 0x76, 0x33, 0x2f, 0x63, 0x6f,
+	0x6e, 0x74, 0x65, 0x78, 0x74, 0x5f, 0x70, 0x61, 0x72, 0x61, 0x6d, 0x73, 0x2e, 0x70, 0x72, 0x6f,
+	0x74, 0x6f, 0x1a, 0x23, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2f, 0x61, 0x6e, 0x6e, 0x6f, 0x74, 0x61,
+	0x74, 0x69, 0x6f, 0x6e, 0x73, 0x2f, 0x64, 0x65, 0x70, 0x72, 0x65, 0x63, 0x61, 0x74, 0x69, 0x6f,
+	0x6e, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x1e, 0x75, 0x64, 0x70, 0x61, 0x2f, 0x61, 0x6e,
+	0x6e, 0x6f, 0x74, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x2f, 0x6d, 0x69, 0x67, 0x72, 0x61, 0x74,
+	0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x1d, 0x75, 0x64, 0x70, 0x61, 0x2f, 0x61, 0x6e,
+	0x6e, 0x6f, 0x74, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x2f, 0x73, 0x74, 0x61, 0x74, 0x75, 0x73,
+	0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x21, 0x75, 0x64, 0x70, 0x61, 0x2f, 0x61, 0x6e, 0x6e,
+	0x6f, 0x74, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x2f, 0x76, 0x65, 0x72, 0x73, 0x69, 0x6f, 0x6e,
+	0x69, 0x6e, 0x67, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x17, 0x76, 0x61, 0x6c, 0x69, 0x64,
+	0x61, 0x74, 0x65, 0x2f, 0x76, 0x61, 0x6c, 0x69, 0x64, 0x61, 0x74, 0x65, 0x2e, 0x70, 0x72, 0x6f,
+	0x74, 0x6f, 0x22, 0x74, 0x0a, 0x08, 0x4c, 0x6f, 0x63, 0x61, 0x6c, 0x69, 0x74, 0x79, 0x12, 0x16,
+	0x0a, 0x06, 0x72, 0x65, 0x67, 0x69, 0x6f, 0x6e, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x06,
+	0x72, 0x65, 0x67, 0x69, 0x6f, 0x6e, 0x12, 0x12, 0x0a, 0x04, 0x7a, 0x6f, 0x6e, 0x65, 0x18, 0x02,
+	0x20, 0x01, 0x28, 0x09, 0x52, 0x04, 0x7a, 0x6f, 0x6e, 0x65, 0x12, 0x19, 0x0a, 0x08, 0x73, 0x75,
+	0x62, 0x5f, 0x7a, 0x6f, 0x6e, 0x65, 0x18, 0x03, 0x20, 0x01, 0x28, 0x09, 0x52, 0x07, 0x73, 0x75,
+	0x62, 0x5a, 0x6f, 0x6e, 0x65, 0x3a, 0x21, 0x9a, 0xc5, 0x88, 0x1e, 0x1c, 0x0a, 0x1a, 0x65, 0x6e,
+	0x76, 0x6f, 0x79, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x76, 0x32, 0x2e, 0x63, 0x6f, 0x72, 0x65, 0x2e,
+	0x4c, 0x6f, 0x63, 0x61, 0x6c, 0x69, 0x74, 0x79, 0x22, 0xa4, 0x01, 0x0a, 0x0c, 0x42, 0x75, 0x69,
+	0x6c, 0x64, 0x56, 0x65, 0x72, 0x73, 0x69, 0x6f, 0x6e, 0x12, 0x38, 0x0a, 0x07, 0x76, 0x65, 0x72,
+	0x73, 0x69, 0x6f, 0x6e, 0x18, 0x01, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1e, 0x2e, 0x65, 0x6e, 0x76,
+	0x6f, 0x79, 0x2e, 0x74, 0x79, 0x70, 0x65, 0x2e, 0x76, 0x33, 0x2e, 0x53, 0x65, 0x6d, 0x61, 0x6e,
+	0x74, 0x69, 0x63, 0x56, 0x65, 0x72, 0x73, 0x69, 0x6f, 0x6e, 0x52, 0x07, 0x76, 0x65, 0x72, 0x73,
+	0x69, 0x6f, 0x6e, 0x12, 0x33, 0x0a, 0x08, 0x6d, 0x65, 0x74, 0x61, 0x64, 0x61, 0x74, 0x61, 0x18,
+	0x02, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x17, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70,
+	0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x53, 0x74, 0x72, 0x75, 0x63, 0x74, 0x52, 0x08,
+	0x6d, 0x65, 0x74, 0x61, 0x64, 0x61, 0x74, 0x61, 0x3a, 0x25, 0x9a, 0xc5, 0x88, 0x1e, 0x20, 0x0a,
+	0x1e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x76, 0x32, 0x2e, 0x63, 0x6f,
+	0x72, 0x65, 0x2e, 0x42, 0x75, 0x69, 0x6c, 0x64, 0x56, 0x65, 0x72, 0x73, 0x69, 0x6f, 0x6e, 0x22,
+	0xe2, 0x01, 0x0a, 0x09, 0x45, 0x78, 0x74, 0x65, 0x6e, 0x73, 0x69, 0x6f, 0x6e, 0x12, 0x12, 0x0a,
+	0x04, 0x6e, 0x61, 0x6d, 0x65, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x04, 0x6e, 0x61, 0x6d,
+	0x65, 0x12, 0x1a, 0x0a, 0x08, 0x63, 0x61, 0x74, 0x65, 0x67, 0x6f, 0x72, 0x79, 0x18, 0x02, 0x20,
+	0x01, 0x28, 0x09, 0x52, 0x08, 0x63, 0x61, 0x74, 0x65, 0x67, 0x6f, 0x72, 0x79, 0x12, 0x27, 0x0a,
+	0x0f, 0x74, 0x79, 0x70, 0x65, 0x5f, 0x64, 0x65, 0x73, 0x63, 0x72, 0x69, 0x70, 0x74, 0x6f, 0x72,
+	0x18, 0x03, 0x20, 0x01, 0x28, 0x09, 0x52, 0x0e, 0x74, 0x79, 0x70, 0x65, 0x44, 0x65, 0x73, 0x63,
+	0x72, 0x69, 0x70, 0x74, 0x6f, 0x72, 0x12, 0x3c, 0x0a, 0x07, 0x76, 0x65, 0x72, 0x73, 0x69, 0x6f,
+	0x6e, 0x18, 0x04, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x22, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e,
+	0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x63, 0x6f, 0x72, 0x65, 0x2e, 0x76, 0x33, 0x2e, 0x42,
+	0x75, 0x69, 0x6c, 0x64, 0x56, 0x65, 0x72, 0x73, 0x69, 0x6f, 0x6e, 0x52, 0x07, 0x76, 0x65, 0x72,
+	0x73, 0x69, 0x6f, 0x6e, 0x12, 0x1a, 0x0a, 0x08, 0x64, 0x69, 0x73, 0x61, 0x62, 0x6c, 0x65, 0x64,
+	0x18, 0x05, 0x20, 0x01, 0x28, 0x08, 0x52, 0x08, 0x64, 0x69, 0x73, 0x61, 0x62, 0x6c, 0x65, 0x64,
+	0x3a, 0x22, 0x9a, 0xc5, 0x88, 0x1e, 0x1d, 0x0a, 0x1b, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61,
+	0x70, 0x69, 0x2e, 0x76, 0x32, 0x2e, 0x63, 0x6f, 0x72, 0x65, 0x2e, 0x45, 0x78, 0x74, 0x65, 0x6e,
+	0x73, 0x69, 0x6f, 0x6e, 0x22, 0xb2, 0x06, 0x0a, 0x04, 0x4e, 0x6f, 0x64, 0x65, 0x12, 0x0e, 0x0a,
+	0x02, 0x69, 0x64, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x02, 0x69, 0x64, 0x12, 0x18, 0x0a,
+	0x07, 0x63, 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0x18, 0x02, 0x20, 0x01, 0x28, 0x09, 0x52, 0x07,
+	0x63, 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0x12, 0x33, 0x0a, 0x08, 0x6d, 0x65, 0x74, 0x61, 0x64,
+	0x61, 0x74, 0x61, 0x18, 0x03, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x17, 0x2e, 0x67, 0x6f, 0x6f, 0x67,
+	0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x53, 0x74, 0x72, 0x75,
+	0x63, 0x74, 0x52, 0x08, 0x6d, 0x65, 0x74, 0x61, 0x64, 0x61, 0x74, 0x61, 0x12, 0x60, 0x0a, 0x12,
+	0x64, 0x79, 0x6e, 0x61, 0x6d, 0x69, 0x63, 0x5f, 0x70, 0x61, 0x72, 0x61, 0x6d, 0x65, 0x74, 0x65,
+	0x72, 0x73, 0x18, 0x0c, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x31, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79,
+	0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x63, 0x6f, 0x72, 0x65, 0x2e, 0x76, 0x33, 0x2e,
+	0x4e, 0x6f, 0x64, 0x65, 0x2e, 0x44, 0x79, 0x6e, 0x61, 0x6d, 0x69, 0x63, 0x50, 0x61, 0x72, 0x61,
+	0x6d, 0x65, 0x74, 0x65, 0x72, 0x73, 0x45, 0x6e, 0x74, 0x72, 0x79, 0x52, 0x11, 0x64, 0x79, 0x6e,
+	0x61, 0x6d, 0x69, 0x63, 0x50, 0x61, 0x72, 0x61, 0x6d, 0x65, 0x74, 0x65, 0x72, 0x73, 0x12, 0x3a,
+	0x0a, 0x08, 0x6c, 0x6f, 0x63, 0x61, 0x6c, 0x69, 0x74, 0x79, 0x18, 0x04, 0x20, 0x01, 0x28, 0x0b,
+	0x32, 0x1e, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e,
+	0x63, 0x6f, 0x72, 0x65, 0x2e, 0x76, 0x33, 0x2e, 0x4c, 0x6f, 0x63, 0x61, 0x6c, 0x69, 0x74, 0x79,
+	0x52, 0x08, 0x6c, 0x6f, 0x63, 0x61, 0x6c, 0x69, 0x74, 0x79, 0x12, 0x26, 0x0a, 0x0f, 0x75, 0x73,
+	0x65, 0x72, 0x5f, 0x61, 0x67, 0x65, 0x6e, 0x74, 0x5f, 0x6e, 0x61, 0x6d, 0x65, 0x18, 0x06, 0x20,
+	0x01, 0x28, 0x09, 0x52, 0x0d, 0x75, 0x73, 0x65, 0x72, 0x41, 0x67, 0x65, 0x6e, 0x74, 0x4e, 0x61,
+	0x6d, 0x65, 0x12, 0x2e, 0x0a, 0x12, 0x75, 0x73, 0x65, 0x72, 0x5f, 0x61, 0x67, 0x65, 0x6e, 0x74,
+	0x5f, 0x76, 0x65, 0x72, 0x73, 0x69, 0x6f, 0x6e, 0x18, 0x07, 0x20, 0x01, 0x28, 0x09, 0x48, 0x00,
+	0x52, 0x10, 0x75, 0x73, 0x65, 0x72, 0x41, 0x67, 0x65, 0x6e, 0x74, 0x56, 0x65, 0x72, 0x73, 0x69,
+	0x6f, 0x6e, 0x12, 0x5d, 0x0a, 0x18, 0x75, 0x73, 0x65, 0x72, 0x5f, 0x61, 0x67, 0x65, 0x6e, 0x74,
+	0x5f, 0x62, 0x75, 0x69, 0x6c, 0x64, 0x5f, 0x76, 0x65, 0x72, 0x73, 0x69, 0x6f, 0x6e, 0x18, 0x08,
+	0x20, 0x01, 0x28, 0x0b, 0x32, 0x22, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e,
+	0x66, 0x69, 0x67, 0x2e, 0x63, 0x6f, 0x72, 0x65, 0x2e, 0x76, 0x33, 0x2e, 0x42, 0x75, 0x69, 0x6c,
+	0x64, 0x56, 0x65, 0x72, 0x73, 0x69, 0x6f, 0x6e, 0x48, 0x00, 0x52, 0x15, 0x75, 0x73, 0x65, 0x72,
+	0x41, 0x67, 0x65, 0x6e, 0x74, 0x42, 0x75, 0x69, 0x6c, 0x64, 0x56, 0x65, 0x72, 0x73, 0x69, 0x6f,
+	0x6e, 0x12, 0x3f, 0x0a, 0x0a, 0x65, 0x78, 0x74, 0x65, 0x6e, 0x73, 0x69, 0x6f, 0x6e, 0x73, 0x18,
+	0x09, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x1f, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f,
+	0x6e, 0x66, 0x69, 0x67, 0x2e, 0x63, 0x6f, 0x72, 0x65, 0x2e, 0x76, 0x33, 0x2e, 0x45, 0x78, 0x74,
+	0x65, 0x6e, 0x73, 0x69, 0x6f, 0x6e, 0x52, 0x0a, 0x65, 0x78, 0x74, 0x65, 0x6e, 0x73, 0x69, 0x6f,
+	0x6e, 0x73, 0x12, 0x27, 0x0a, 0x0f, 0x63, 0x6c, 0x69, 0x65, 0x6e, 0x74, 0x5f, 0x66, 0x65, 0x61,
+	0x74, 0x75, 0x72, 0x65, 0x73, 0x18, 0x0a, 0x20, 0x03, 0x28, 0x09, 0x52, 0x0e, 0x63, 0x6c, 0x69,
+	0x65, 0x6e, 0x74, 0x46, 0x65, 0x61, 0x74, 0x75, 0x72, 0x65, 0x73, 0x12, 0x5b, 0x0a, 0x13, 0x6c,
+	0x69, 0x73, 0x74, 0x65, 0x6e, 0x69, 0x6e, 0x67, 0x5f, 0x61, 0x64, 0x64, 0x72, 0x65, 0x73, 0x73,
+	0x65, 0x73, 0x18, 0x0b, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x1d, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79,
+	0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x63, 0x6f, 0x72, 0x65, 0x2e, 0x76, 0x33, 0x2e,
+	0x41, 0x64, 0x64, 0x72, 0x65, 0x73, 0x73, 0x42, 0x0b, 0x18, 0x01, 0x92, 0xc7, 0x86, 0xd8, 0x04,
+	0x03, 0x33, 0x2e, 0x30, 0x52, 0x12, 0x6c, 0x69, 0x73, 0x74, 0x65, 0x6e, 0x69, 0x6e, 0x67, 0x41,
+	0x64, 0x64, 0x72, 0x65, 0x73, 0x73, 0x65, 0x73, 0x1a, 0x60, 0x0a, 0x16, 0x44, 0x79, 0x6e, 0x61,
+	0x6d, 0x69, 0x63, 0x50, 0x61, 0x72, 0x61, 0x6d, 0x65, 0x74, 0x65, 0x72, 0x73, 0x45, 0x6e, 0x74,
+	0x72, 0x79, 0x12, 0x10, 0x0a, 0x03, 0x6b, 0x65, 0x79, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52,
+	0x03, 0x6b, 0x65, 0x79, 0x12, 0x30, 0x0a, 0x05, 0x76, 0x61, 0x6c, 0x75, 0x65, 0x18, 0x02, 0x20,
+	0x01, 0x28, 0x0b, 0x32, 0x1a, 0x2e, 0x78, 0x64, 0x73, 0x2e, 0x63, 0x6f, 0x72, 0x65, 0x2e, 0x76,
+	0x33, 0x2e, 0x43, 0x6f, 0x6e, 0x74, 0x65, 0x78, 0x74, 0x50, 0x61, 0x72, 0x61, 0x6d, 0x73, 0x52,
+	0x05, 0x76, 0x61, 0x6c, 0x75, 0x65, 0x3a, 0x02, 0x38, 0x01, 0x3a, 0x1d, 0x9a, 0xc5, 0x88, 0x1e,
+	0x18, 0x0a, 0x16, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x76, 0x32, 0x2e,
+	0x63, 0x6f, 0x72, 0x65, 0x2e, 0x4e, 0x6f, 0x64, 0x65, 0x42, 0x19, 0x0a, 0x17, 0x75, 0x73, 0x65,
+	0x72, 0x5f, 0x61, 0x67, 0x65, 0x6e, 0x74, 0x5f, 0x76, 0x65, 0x72, 0x73, 0x69, 0x6f, 0x6e, 0x5f,
+	0x74, 0x79, 0x70, 0x65, 0x4a, 0x04, 0x08, 0x05, 0x10, 0x06, 0x52, 0x0d, 0x62, 0x75, 0x69, 0x6c,
+	0x64, 0x5f, 0x76, 0x65, 0x72, 0x73, 0x69, 0x6f, 0x6e, 0x22, 0xb1, 0x03, 0x0a, 0x08, 0x4d, 0x65,
+	0x74, 0x61, 0x64, 0x61, 0x74, 0x61, 0x12, 0x5b, 0x0a, 0x0f, 0x66, 0x69, 0x6c, 0x74, 0x65, 0x72,
+	0x5f, 0x6d, 0x65, 0x74, 0x61, 0x64, 0x61, 0x74, 0x61, 0x18, 0x01, 0x20, 0x03, 0x28, 0x0b, 0x32,
+	0x32, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x63,
+	0x6f, 0x72, 0x65, 0x2e, 0x76, 0x33, 0x2e, 0x4d, 0x65, 0x74, 0x61, 0x64, 0x61, 0x74, 0x61, 0x2e,
+	0x46, 0x69, 0x6c, 0x74, 0x65, 0x72, 0x4d, 0x65, 0x74, 0x61, 0x64, 0x61, 0x74, 0x61, 0x45, 0x6e,
+	0x74, 0x72, 0x79, 0x52, 0x0e, 0x66, 0x69, 0x6c, 0x74, 0x65, 0x72, 0x4d, 0x65, 0x74, 0x61, 0x64,
+	0x61, 0x74, 0x61, 0x12, 0x6b, 0x0a, 0x15, 0x74, 0x79, 0x70, 0x65, 0x64, 0x5f, 0x66, 0x69, 0x6c,
+	0x74, 0x65, 0x72, 0x5f, 0x6d, 0x65, 0x74, 0x61, 0x64, 0x61, 0x74, 0x61, 0x18, 0x02, 0x20, 0x03,
+	0x28, 0x0b, 0x32, 0x37, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69,
+	0x67, 0x2e, 0x63, 0x6f, 0x72, 0x65, 0x2e, 0x76, 0x33, 0x2e, 0x4d, 0x65, 0x74, 0x61, 0x64, 0x61,
+	0x74, 0x61, 0x2e, 0x54, 0x79, 0x70, 0x65, 0x64, 0x46, 0x69, 0x6c, 0x74, 0x65, 0x72, 0x4d, 0x65,
+	0x74, 0x61, 0x64, 0x61, 0x74, 0x61, 0x45, 0x6e, 0x74, 0x72, 0x79, 0x52, 0x13, 0x74, 0x79, 0x70,
+	0x65, 0x64, 0x46, 0x69, 0x6c, 0x74, 0x65, 0x72, 0x4d, 0x65, 0x74, 0x61, 0x64, 0x61, 0x74, 0x61,
+	0x1a, 0x5a, 0x0a, 0x13, 0x46, 0x69, 0x6c, 0x74, 0x65, 0x72, 0x4d, 0x65, 0x74, 0x61, 0x64, 0x61,
+	0x74, 0x61, 0x45, 0x6e, 0x74, 0x72, 0x79, 0x12, 0x10, 0x0a, 0x03, 0x6b, 0x65, 0x79, 0x18, 0x01,
+	0x20, 0x01, 0x28, 0x09, 0x52, 0x03, 0x6b, 0x65, 0x79, 0x12, 0x2d, 0x0a, 0x05, 0x76, 0x61, 0x6c,
+	0x75, 0x65, 0x18, 0x02, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x17, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c,
+	0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x53, 0x74, 0x72, 0x75, 0x63,
+	0x74, 0x52, 0x05, 0x76, 0x61, 0x6c, 0x75, 0x65, 0x3a, 0x02, 0x38, 0x01, 0x1a, 0x5c, 0x0a, 0x18,
+	0x54, 0x79, 0x70, 0x65, 0x64, 0x46, 0x69, 0x6c, 0x74, 0x65, 0x72, 0x4d, 0x65, 0x74, 0x61, 0x64,
+	0x61, 0x74, 0x61, 0x45, 0x6e, 0x74, 0x72, 0x79, 0x12, 0x10, 0x0a, 0x03, 0x6b, 0x65, 0x79, 0x18,
+	0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x03, 0x6b, 0x65, 0x79, 0x12, 0x2a, 0x0a, 0x05, 0x76, 0x61,
+	0x6c, 0x75, 0x65, 0x18, 0x02, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x14, 0x2e, 0x67, 0x6f, 0x6f, 0x67,
+	0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x41, 0x6e, 0x79, 0x52,
+	0x05, 0x76, 0x61, 0x6c, 0x75, 0x65, 0x3a, 0x02, 0x38, 0x01, 0x3a, 0x21, 0x9a, 0xc5, 0x88, 0x1e,
+	0x1c, 0x0a, 0x1a, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x76, 0x32, 0x2e,
+	0x63, 0x6f, 0x72, 0x65, 0x2e, 0x4d, 0x65, 0x74, 0x61, 0x64, 0x61, 0x74, 0x61, 0x22, 0x86, 0x01,
+	0x0a, 0x0d, 0x52, 0x75, 0x6e, 0x74, 0x69, 0x6d, 0x65, 0x55, 0x49, 0x6e, 0x74, 0x33, 0x32, 0x12,
+	0x23, 0x0a, 0x0d, 0x64, 0x65, 0x66, 0x61, 0x75, 0x6c, 0x74, 0x5f, 0x76, 0x61, 0x6c, 0x75, 0x65,
+	0x18, 0x02, 0x20, 0x01, 0x28, 0x0d, 0x52, 0x0c, 0x64, 0x65, 0x66, 0x61, 0x75, 0x6c, 0x74, 0x56,
+	0x61, 0x6c, 0x75, 0x65, 0x12, 0x28, 0x0a, 0x0b, 0x72, 0x75, 0x6e, 0x74, 0x69, 0x6d, 0x65, 0x5f,
+	0x6b, 0x65, 0x79, 0x18, 0x03, 0x20, 0x01, 0x28, 0x09, 0x42, 0x07, 0xfa, 0x42, 0x04, 0x72, 0x02,
+	0x10, 0x01, 0x52, 0x0a, 0x72, 0x75, 0x6e, 0x74, 0x69, 0x6d, 0x65, 0x4b, 0x65, 0x79, 0x3a, 0x26,
+	0x9a, 0xc5, 0x88, 0x1e, 0x21, 0x0a, 0x1f, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61, 0x70, 0x69,
+	0x2e, 0x76, 0x32, 0x2e, 0x63, 0x6f, 0x72, 0x65, 0x2e, 0x52, 0x75, 0x6e, 0x74, 0x69, 0x6d, 0x65,
+	0x55, 0x49, 0x6e, 0x74, 0x33, 0x32, 0x22, 0x77, 0x0a, 0x0e, 0x52, 0x75, 0x6e, 0x74, 0x69, 0x6d,
+	0x65, 0x50, 0x65, 0x72, 0x63, 0x65, 0x6e, 0x74, 0x12, 0x3b, 0x0a, 0x0d, 0x64, 0x65, 0x66, 0x61,
+	0x75, 0x6c, 0x74, 0x5f, 0x76, 0x61, 0x6c, 0x75, 0x65, 0x18, 0x01, 0x20, 0x01, 0x28, 0x0b, 0x32,
+	0x16, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x74, 0x79, 0x70, 0x65, 0x2e, 0x76, 0x33, 0x2e,
+	0x50, 0x65, 0x72, 0x63, 0x65, 0x6e, 0x74, 0x52, 0x0c, 0x64, 0x65, 0x66, 0x61, 0x75, 0x6c, 0x74,
+	0x56, 0x61, 0x6c, 0x75, 0x65, 0x12, 0x28, 0x0a, 0x0b, 0x72, 0x75, 0x6e, 0x74, 0x69, 0x6d, 0x65,
+	0x5f, 0x6b, 0x65, 0x79, 0x18, 0x02, 0x20, 0x01, 0x28, 0x09, 0x42, 0x07, 0xfa, 0x42, 0x04, 0x72,
+	0x02, 0x10, 0x01, 0x52, 0x0a, 0x72, 0x75, 0x6e, 0x74, 0x69, 0x6d, 0x65, 0x4b, 0x65, 0x79, 0x22,
+	0x86, 0x01, 0x0a, 0x0d, 0x52, 0x75, 0x6e, 0x74, 0x69, 0x6d, 0x65, 0x44, 0x6f, 0x75, 0x62, 0x6c,
+	0x65, 0x12, 0x23, 0x0a, 0x0d, 0x64, 0x65, 0x66, 0x61, 0x75, 0x6c, 0x74, 0x5f, 0x76, 0x61, 0x6c,
+	0x75, 0x65, 0x18, 0x01, 0x20, 0x01, 0x28, 0x01, 0x52, 0x0c, 0x64, 0x65, 0x66, 0x61, 0x75, 0x6c,
+	0x74, 0x56, 0x61, 0x6c, 0x75, 0x65, 0x12, 0x28, 0x0a, 0x0b, 0x72, 0x75, 0x6e, 0x74, 0x69, 0x6d,
+	0x65, 0x5f, 0x6b, 0x65, 0x79, 0x18, 0x02, 0x20, 0x01, 0x28, 0x09, 0x42, 0x07, 0xfa, 0x42, 0x04,
+	0x72, 0x02, 0x10, 0x01, 0x52, 0x0a, 0x72, 0x75, 0x6e, 0x74, 0x69, 0x6d, 0x65, 0x4b, 0x65, 0x79,
+	0x3a, 0x26, 0x9a, 0xc5, 0x88, 0x1e, 0x21, 0x0a, 0x1f, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61,
+	0x70, 0x69, 0x2e, 0x76, 0x32, 0x2e, 0x63, 0x6f, 0x72, 0x65, 0x2e, 0x52, 0x75, 0x6e, 0x74, 0x69,
+	0x6d, 0x65, 0x44, 0x6f, 0x75, 0x62, 0x6c, 0x65, 0x22, 0xb6, 0x01, 0x0a, 0x12, 0x52, 0x75, 0x6e,
+	0x74, 0x69, 0x6d, 0x65, 0x46, 0x65, 0x61, 0x74, 0x75, 0x72, 0x65, 0x46, 0x6c, 0x61, 0x67, 0x12,
+	0x49, 0x0a, 0x0d, 0x64, 0x65, 0x66, 0x61, 0x75, 0x6c, 0x74, 0x5f, 0x76, 0x61, 0x6c, 0x75, 0x65,
+	0x18, 0x01, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1a, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e,
+	0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x42, 0x6f, 0x6f, 0x6c, 0x56, 0x61, 0x6c,
+	0x75, 0x65, 0x42, 0x08, 0xfa, 0x42, 0x05, 0x8a, 0x01, 0x02, 0x10, 0x01, 0x52, 0x0c, 0x64, 0x65,
+	0x66, 0x61, 0x75, 0x6c, 0x74, 0x56, 0x61, 0x6c, 0x75, 0x65, 0x12, 0x28, 0x0a, 0x0b, 0x72, 0x75,
+	0x6e, 0x74, 0x69, 0x6d, 0x65, 0x5f, 0x6b, 0x65, 0x79, 0x18, 0x02, 0x20, 0x01, 0x28, 0x09, 0x42,
+	0x07, 0xfa, 0x42, 0x04, 0x72, 0x02, 0x10, 0x01, 0x52, 0x0a, 0x72, 0x75, 0x6e, 0x74, 0x69, 0x6d,
+	0x65, 0x4b, 0x65, 0x79, 0x3a, 0x2b, 0x9a, 0xc5, 0x88, 0x1e, 0x26, 0x0a, 0x24, 0x65, 0x6e, 0x76,
+	0x6f, 0x79, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x76, 0x32, 0x2e, 0x63, 0x6f, 0x72, 0x65, 0x2e, 0x52,
+	0x75, 0x6e, 0x74, 0x69, 0x6d, 0x65, 0x46, 0x65, 0x61, 0x74, 0x75, 0x72, 0x65, 0x46, 0x6c, 0x61,
+	0x67, 0x22, 0x41, 0x0a, 0x0e, 0x51, 0x75, 0x65, 0x72, 0x79, 0x50, 0x61, 0x72, 0x61, 0x6d, 0x65,
+	0x74, 0x65, 0x72, 0x12, 0x19, 0x0a, 0x03, 0x6b, 0x65, 0x79, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09,
+	0x42, 0x07, 0xfa, 0x42, 0x04, 0x72, 0x02, 0x10, 0x01, 0x52, 0x03, 0x6b, 0x65, 0x79, 0x12, 0x14,
+	0x0a, 0x05, 0x76, 0x61, 0x6c, 0x75, 0x65, 0x18, 0x02, 0x20, 0x01, 0x28, 0x09, 0x52, 0x05, 0x76,
+	0x61, 0x6c, 0x75, 0x65, 0x22, 0x7f, 0x0a, 0x0b, 0x48, 0x65, 0x61, 0x64, 0x65, 0x72, 0x56, 0x61,
+	0x6c, 0x75, 0x65, 0x12, 0x23, 0x0a, 0x03, 0x6b, 0x65, 0x79, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09,
+	0x42, 0x11, 0xfa, 0x42, 0x0e, 0x72, 0x0c, 0x10, 0x01, 0x28, 0x80, 0x80, 0x01, 0xc0, 0x01, 0x01,
+	0xc8, 0x01, 0x00, 0x52, 0x03, 0x6b, 0x65, 0x79, 0x12, 0x25, 0x0a, 0x05, 0x76, 0x61, 0x6c, 0x75,
+	0x65, 0x18, 0x02, 0x20, 0x01, 0x28, 0x09, 0x42, 0x0f, 0xfa, 0x42, 0x0c, 0x72, 0x0a, 0x28, 0x80,
+	0x80, 0x01, 0xc0, 0x01, 0x02, 0xc8, 0x01, 0x00, 0x52, 0x05, 0x76, 0x61, 0x6c, 0x75, 0x65, 0x3a,
+	0x24, 0x9a, 0xc5, 0x88, 0x1e, 0x1f, 0x0a, 0x1d, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61, 0x70,
+	0x69, 0x2e, 0x76, 0x32, 0x2e, 0x63, 0x6f, 0x72, 0x65, 0x2e, 0x48, 0x65, 0x61, 0x64, 0x65, 0x72,
+	0x56, 0x61, 0x6c, 0x75, 0x65, 0x22, 0x89, 0x03, 0x0a, 0x11, 0x48, 0x65, 0x61, 0x64, 0x65, 0x72,
+	0x56, 0x61, 0x6c, 0x75, 0x65, 0x4f, 0x70, 0x74, 0x69, 0x6f, 0x6e, 0x12, 0x43, 0x0a, 0x06, 0x68,
+	0x65, 0x61, 0x64, 0x65, 0x72, 0x18, 0x01, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x21, 0x2e, 0x65, 0x6e,
+	0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x63, 0x6f, 0x72, 0x65, 0x2e,
+	0x76, 0x33, 0x2e, 0x48, 0x65, 0x61, 0x64, 0x65, 0x72, 0x56, 0x61, 0x6c, 0x75, 0x65, 0x42, 0x08,
+	0xfa, 0x42, 0x05, 0x8a, 0x01, 0x02, 0x10, 0x01, 0x52, 0x06, 0x68, 0x65, 0x61, 0x64, 0x65, 0x72,
+	0x12, 0x32, 0x0a, 0x06, 0x61, 0x70, 0x70, 0x65, 0x6e, 0x64, 0x18, 0x02, 0x20, 0x01, 0x28, 0x0b,
+	0x32, 0x1a, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62,
+	0x75, 0x66, 0x2e, 0x42, 0x6f, 0x6f, 0x6c, 0x56, 0x61, 0x6c, 0x75, 0x65, 0x52, 0x06, 0x61, 0x70,
+	0x70, 0x65, 0x6e, 0x64, 0x12, 0x69, 0x0a, 0x0d, 0x61, 0x70, 0x70, 0x65, 0x6e, 0x64, 0x5f, 0x61,
+	0x63, 0x74, 0x69, 0x6f, 0x6e, 0x18, 0x03, 0x20, 0x01, 0x28, 0x0e, 0x32, 0x3a, 0x2e, 0x65, 0x6e,
+	0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x63, 0x6f, 0x72, 0x65, 0x2e,
+	0x76, 0x33, 0x2e, 0x48, 0x65, 0x61, 0x64, 0x65, 0x72, 0x56, 0x61, 0x6c, 0x75, 0x65, 0x4f, 0x70,
+	0x74, 0x69, 0x6f, 0x6e, 0x2e, 0x48, 0x65, 0x61, 0x64, 0x65, 0x72, 0x41, 0x70, 0x70, 0x65, 0x6e,
+	0x64, 0x41, 0x63, 0x74, 0x69, 0x6f, 0x6e, 0x42, 0x08, 0xfa, 0x42, 0x05, 0x82, 0x01, 0x02, 0x10,
+	0x01, 0x52, 0x0c, 0x61, 0x70, 0x70, 0x65, 0x6e, 0x64, 0x41, 0x63, 0x74, 0x69, 0x6f, 0x6e, 0x22,
+	0x64, 0x0a, 0x12, 0x48, 0x65, 0x61, 0x64, 0x65, 0x72, 0x41, 0x70, 0x70, 0x65, 0x6e, 0x64, 0x41,
+	0x63, 0x74, 0x69, 0x6f, 0x6e, 0x12, 0x1b, 0x0a, 0x17, 0x41, 0x50, 0x50, 0x45, 0x4e, 0x44, 0x5f,
+	0x49, 0x46, 0x5f, 0x45, 0x58, 0x49, 0x53, 0x54, 0x53, 0x5f, 0x4f, 0x52, 0x5f, 0x41, 0x44, 0x44,
+	0x10, 0x00, 0x12, 0x11, 0x0a, 0x0d, 0x41, 0x44, 0x44, 0x5f, 0x49, 0x46, 0x5f, 0x41, 0x42, 0x53,
+	0x45, 0x4e, 0x54, 0x10, 0x01, 0x12, 0x1e, 0x0a, 0x1a, 0x4f, 0x56, 0x45, 0x52, 0x57, 0x52, 0x49,
+	0x54, 0x45, 0x5f, 0x49, 0x46, 0x5f, 0x45, 0x58, 0x49, 0x53, 0x54, 0x53, 0x5f, 0x4f, 0x52, 0x5f,
+	0x41, 0x44, 0x44, 0x10, 0x02, 0x3a, 0x2a, 0x9a, 0xc5, 0x88, 0x1e, 0x25, 0x0a, 0x23, 0x65, 0x6e,
+	0x76, 0x6f, 0x79, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x76, 0x32, 0x2e, 0x63, 0x6f, 0x72, 0x65, 0x2e,
+	0x48, 0x65, 0x61, 0x64, 0x65, 0x72, 0x56, 0x61, 0x6c, 0x75, 0x65, 0x4f, 0x70, 0x74, 0x69, 0x6f,
+	0x6e, 0x22, 0x6c, 0x0a, 0x09, 0x48, 0x65, 0x61, 0x64, 0x65, 0x72, 0x4d, 0x61, 0x70, 0x12, 0x3b,
+	0x0a, 0x07, 0x68, 0x65, 0x61, 0x64, 0x65, 0x72, 0x73, 0x18, 0x01, 0x20, 0x03, 0x28, 0x0b, 0x32,
+	0x21, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x63,
+	0x6f, 0x72, 0x65, 0x2e, 0x76, 0x33, 0x2e, 0x48, 0x65, 0x61, 0x64, 0x65, 0x72, 0x56, 0x61, 0x6c,
+	0x75, 0x65, 0x52, 0x07, 0x68, 0x65, 0x61, 0x64, 0x65, 0x72, 0x73, 0x3a, 0x22, 0x9a, 0xc5, 0x88,
+	0x1e, 0x1d, 0x0a, 0x1b, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x76, 0x32,
+	0x2e, 0x63, 0x6f, 0x72, 0x65, 0x2e, 0x48, 0x65, 0x61, 0x64, 0x65, 0x72, 0x4d, 0x61, 0x70, 0x22,
+	0x2f, 0x0a, 0x10, 0x57, 0x61, 0x74, 0x63, 0x68, 0x65, 0x64, 0x44, 0x69, 0x72, 0x65, 0x63, 0x74,
+	0x6f, 0x72, 0x79, 0x12, 0x1b, 0x0a, 0x04, 0x70, 0x61, 0x74, 0x68, 0x18, 0x01, 0x20, 0x01, 0x28,
+	0x09, 0x42, 0x07, 0xfa, 0x42, 0x04, 0x72, 0x02, 0x10, 0x01, 0x52, 0x04, 0x70, 0x61, 0x74, 0x68,
+	0x22, 0xf4, 0x01, 0x0a, 0x0a, 0x44, 0x61, 0x74, 0x61, 0x53, 0x6f, 0x75, 0x72, 0x63, 0x65, 0x12,
+	0x25, 0x0a, 0x08, 0x66, 0x69, 0x6c, 0x65, 0x6e, 0x61, 0x6d, 0x65, 0x18, 0x01, 0x20, 0x01, 0x28,
+	0x09, 0x42, 0x07, 0xfa, 0x42, 0x04, 0x72, 0x02, 0x10, 0x01, 0x48, 0x00, 0x52, 0x08, 0x66, 0x69,
+	0x6c, 0x65, 0x6e, 0x61, 0x6d, 0x65, 0x12, 0x23, 0x0a, 0x0c, 0x69, 0x6e, 0x6c, 0x69, 0x6e, 0x65,
+	0x5f, 0x62, 0x79, 0x74, 0x65, 0x73, 0x18, 0x02, 0x20, 0x01, 0x28, 0x0c, 0x48, 0x00, 0x52, 0x0b,
+	0x69, 0x6e, 0x6c, 0x69, 0x6e, 0x65, 0x42, 0x79, 0x74, 0x65, 0x73, 0x12, 0x25, 0x0a, 0x0d, 0x69,
+	0x6e, 0x6c, 0x69, 0x6e, 0x65, 0x5f, 0x73, 0x74, 0x72, 0x69, 0x6e, 0x67, 0x18, 0x03, 0x20, 0x01,
+	0x28, 0x09, 0x48, 0x00, 0x52, 0x0c, 0x69, 0x6e, 0x6c, 0x69, 0x6e, 0x65, 0x53, 0x74, 0x72, 0x69,
+	0x6e, 0x67, 0x12, 0x3c, 0x0a, 0x14, 0x65, 0x6e, 0x76, 0x69, 0x72, 0x6f, 0x6e, 0x6d, 0x65, 0x6e,
+	0x74, 0x5f, 0x76, 0x61, 0x72, 0x69, 0x61, 0x62, 0x6c, 0x65, 0x18, 0x04, 0x20, 0x01, 0x28, 0x09,
+	0x42, 0x07, 0xfa, 0x42, 0x04, 0x72, 0x02, 0x10, 0x01, 0x48, 0x00, 0x52, 0x13, 0x65, 0x6e, 0x76,
+	0x69, 0x72, 0x6f, 0x6e, 0x6d, 0x65, 0x6e, 0x74, 0x56, 0x61, 0x72, 0x69, 0x61, 0x62, 0x6c, 0x65,
+	0x3a, 0x23, 0x9a, 0xc5, 0x88, 0x1e, 0x1e, 0x0a, 0x1c, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61,
+	0x70, 0x69, 0x2e, 0x76, 0x32, 0x2e, 0x63, 0x6f, 0x72, 0x65, 0x2e, 0x44, 0x61, 0x74, 0x61, 0x53,
+	0x6f, 0x75, 0x72, 0x63, 0x65, 0x42, 0x10, 0x0a, 0x09, 0x73, 0x70, 0x65, 0x63, 0x69, 0x66, 0x69,
+	0x65, 0x72, 0x12, 0x03, 0xf8, 0x42, 0x01, 0x22, 0xd4, 0x01, 0x0a, 0x0b, 0x52, 0x65, 0x74, 0x72,
+	0x79, 0x50, 0x6f, 0x6c, 0x69, 0x63, 0x79, 0x12, 0x4b, 0x0a, 0x0e, 0x72, 0x65, 0x74, 0x72, 0x79,
+	0x5f, 0x62, 0x61, 0x63, 0x6b, 0x5f, 0x6f, 0x66, 0x66, 0x18, 0x01, 0x20, 0x01, 0x28, 0x0b, 0x32,
+	0x25, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x63,
+	0x6f, 0x72, 0x65, 0x2e, 0x76, 0x33, 0x2e, 0x42, 0x61, 0x63, 0x6b, 0x6f, 0x66, 0x66, 0x53, 0x74,
+	0x72, 0x61, 0x74, 0x65, 0x67, 0x79, 0x52, 0x0c, 0x72, 0x65, 0x74, 0x72, 0x79, 0x42, 0x61, 0x63,
+	0x6b, 0x4f, 0x66, 0x66, 0x12, 0x52, 0x0a, 0x0b, 0x6e, 0x75, 0x6d, 0x5f, 0x72, 0x65, 0x74, 0x72,
+	0x69, 0x65, 0x73, 0x18, 0x02, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1c, 0x2e, 0x67, 0x6f, 0x6f, 0x67,
+	0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x55, 0x49, 0x6e, 0x74,
+	0x33, 0x32, 0x56, 0x61, 0x6c, 0x75, 0x65, 0x42, 0x13, 0xf2, 0x98, 0xfe, 0x8f, 0x05, 0x0d, 0x0a,
+	0x0b, 0x6d, 0x61, 0x78, 0x5f, 0x72, 0x65, 0x74, 0x72, 0x69, 0x65, 0x73, 0x52, 0x0a, 0x6e, 0x75,
+	0x6d, 0x52, 0x65, 0x74, 0x72, 0x69, 0x65, 0x73, 0x3a, 0x24, 0x9a, 0xc5, 0x88, 0x1e, 0x1f, 0x0a,
+	0x1d, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x76, 0x32, 0x2e, 0x63, 0x6f,
+	0x72, 0x65, 0x2e, 0x52, 0x65, 0x74, 0x72, 0x79, 0x50, 0x6f, 0x6c, 0x69, 0x63, 0x79, 0x22, 0xe8,
+	0x01, 0x0a, 0x10, 0x52, 0x65, 0x6d, 0x6f, 0x74, 0x65, 0x44, 0x61, 0x74, 0x61, 0x53, 0x6f, 0x75,
+	0x72, 0x63, 0x65, 0x12, 0x42, 0x0a, 0x08, 0x68, 0x74, 0x74, 0x70, 0x5f, 0x75, 0x72, 0x69, 0x18,
+	0x01, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1d, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f,
+	0x6e, 0x66, 0x69, 0x67, 0x2e, 0x63, 0x6f, 0x72, 0x65, 0x2e, 0x76, 0x33, 0x2e, 0x48, 0x74, 0x74,
+	0x70, 0x55, 0x72, 0x69, 0x42, 0x08, 0xfa, 0x42, 0x05, 0x8a, 0x01, 0x02, 0x10, 0x01, 0x52, 0x07,
+	0x68, 0x74, 0x74, 0x70, 0x55, 0x72, 0x69, 0x12, 0x1f, 0x0a, 0x06, 0x73, 0x68, 0x61, 0x32, 0x35,
+	0x36, 0x18, 0x02, 0x20, 0x01, 0x28, 0x09, 0x42, 0x07, 0xfa, 0x42, 0x04, 0x72, 0x02, 0x10, 0x01,
+	0x52, 0x06, 0x73, 0x68, 0x61, 0x32, 0x35, 0x36, 0x12, 0x44, 0x0a, 0x0c, 0x72, 0x65, 0x74, 0x72,
+	0x79, 0x5f, 0x70, 0x6f, 0x6c, 0x69, 0x63, 0x79, 0x18, 0x03, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x21,
+	0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x63, 0x6f,
+	0x72, 0x65, 0x2e, 0x76, 0x33, 0x2e, 0x52, 0x65, 0x74, 0x72, 0x79, 0x50, 0x6f, 0x6c, 0x69, 0x63,
+	0x79, 0x52, 0x0b, 0x72, 0x65, 0x74, 0x72, 0x79, 0x50, 0x6f, 0x6c, 0x69, 0x63, 0x79, 0x3a, 0x29,
+	0x9a, 0xc5, 0x88, 0x1e, 0x24, 0x0a, 0x22, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61, 0x70, 0x69,
+	0x2e, 0x76, 0x32, 0x2e, 0x63, 0x6f, 0x72, 0x65, 0x2e, 0x52, 0x65, 0x6d, 0x6f, 0x74, 0x65, 0x44,
+	0x61, 0x74, 0x61, 0x53, 0x6f, 0x75, 0x72, 0x63, 0x65, 0x22, 0xc9, 0x01, 0x0a, 0x0f, 0x41, 0x73,
+	0x79, 0x6e, 0x63, 0x44, 0x61, 0x74, 0x61, 0x53, 0x6f, 0x75, 0x72, 0x63, 0x65, 0x12, 0x38, 0x0a,
+	0x05, 0x6c, 0x6f, 0x63, 0x61, 0x6c, 0x18, 0x01, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x20, 0x2e, 0x65,
+	0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x63, 0x6f, 0x72, 0x65,
+	0x2e, 0x76, 0x33, 0x2e, 0x44, 0x61, 0x74, 0x61, 0x53, 0x6f, 0x75, 0x72, 0x63, 0x65, 0x48, 0x00,
+	0x52, 0x05, 0x6c, 0x6f, 0x63, 0x61, 0x6c, 0x12, 0x40, 0x0a, 0x06, 0x72, 0x65, 0x6d, 0x6f, 0x74,
+	0x65, 0x18, 0x02, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x26, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e,
+	0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x63, 0x6f, 0x72, 0x65, 0x2e, 0x76, 0x33, 0x2e, 0x52,
+	0x65, 0x6d, 0x6f, 0x74, 0x65, 0x44, 0x61, 0x74, 0x61, 0x53, 0x6f, 0x75, 0x72, 0x63, 0x65, 0x48,
+	0x00, 0x52, 0x06, 0x72, 0x65, 0x6d, 0x6f, 0x74, 0x65, 0x3a, 0x28, 0x9a, 0xc5, 0x88, 0x1e, 0x23,
+	0x0a, 0x21, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x76, 0x32, 0x2e, 0x63,
+	0x6f, 0x72, 0x65, 0x2e, 0x41, 0x73, 0x79, 0x6e, 0x63, 0x44, 0x61, 0x74, 0x61, 0x53, 0x6f, 0x75,
+	0x72, 0x63, 0x65, 0x42, 0x10, 0x0a, 0x09, 0x73, 0x70, 0x65, 0x63, 0x69, 0x66, 0x69, 0x65, 0x72,
+	0x12, 0x03, 0xf8, 0x42, 0x01, 0x22, 0xb0, 0x01, 0x0a, 0x0f, 0x54, 0x72, 0x61, 0x6e, 0x73, 0x70,
+	0x6f, 0x72, 0x74, 0x53, 0x6f, 0x63, 0x6b, 0x65, 0x74, 0x12, 0x1b, 0x0a, 0x04, 0x6e, 0x61, 0x6d,
+	0x65, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x42, 0x07, 0xfa, 0x42, 0x04, 0x72, 0x02, 0x10, 0x01,
+	0x52, 0x04, 0x6e, 0x61, 0x6d, 0x65, 0x12, 0x39, 0x0a, 0x0c, 0x74, 0x79, 0x70, 0x65, 0x64, 0x5f,
+	0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x18, 0x03, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x14, 0x2e, 0x67,
+	0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x41,
+	0x6e, 0x79, 0x48, 0x00, 0x52, 0x0b, 0x74, 0x79, 0x70, 0x65, 0x64, 0x43, 0x6f, 0x6e, 0x66, 0x69,
+	0x67, 0x3a, 0x28, 0x9a, 0xc5, 0x88, 0x1e, 0x23, 0x0a, 0x21, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e,
+	0x61, 0x70, 0x69, 0x2e, 0x76, 0x32, 0x2e, 0x63, 0x6f, 0x72, 0x65, 0x2e, 0x54, 0x72, 0x61, 0x6e,
+	0x73, 0x70, 0x6f, 0x72, 0x74, 0x53, 0x6f, 0x63, 0x6b, 0x65, 0x74, 0x42, 0x0d, 0x0a, 0x0b, 0x63,
+	0x6f, 0x6e, 0x66, 0x69, 0x67, 0x5f, 0x74, 0x79, 0x70, 0x65, 0x4a, 0x04, 0x08, 0x02, 0x10, 0x03,
+	0x52, 0x06, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x22, 0xbf, 0x01, 0x0a, 0x18, 0x52, 0x75, 0x6e,
+	0x74, 0x69, 0x6d, 0x65, 0x46, 0x72, 0x61, 0x63, 0x74, 0x69, 0x6f, 0x6e, 0x61, 0x6c, 0x50, 0x65,
+	0x72, 0x63, 0x65, 0x6e, 0x74, 0x12, 0x4f, 0x0a, 0x0d, 0x64, 0x65, 0x66, 0x61, 0x75, 0x6c, 0x74,
+	0x5f, 0x76, 0x61, 0x6c, 0x75, 0x65, 0x18, 0x01, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x20, 0x2e, 0x65,
+	0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x74, 0x79, 0x70, 0x65, 0x2e, 0x76, 0x33, 0x2e, 0x46, 0x72, 0x61,
+	0x63, 0x74, 0x69, 0x6f, 0x6e, 0x61, 0x6c, 0x50, 0x65, 0x72, 0x63, 0x65, 0x6e, 0x74, 0x42, 0x08,
+	0xfa, 0x42, 0x05, 0x8a, 0x01, 0x02, 0x10, 0x01, 0x52, 0x0c, 0x64, 0x65, 0x66, 0x61, 0x75, 0x6c,
+	0x74, 0x56, 0x61, 0x6c, 0x75, 0x65, 0x12, 0x1f, 0x0a, 0x0b, 0x72, 0x75, 0x6e, 0x74, 0x69, 0x6d,
+	0x65, 0x5f, 0x6b, 0x65, 0x79, 0x18, 0x02, 0x20, 0x01, 0x28, 0x09, 0x52, 0x0a, 0x72, 0x75, 0x6e,
+	0x74, 0x69, 0x6d, 0x65, 0x4b, 0x65, 0x79, 0x3a, 0x31, 0x9a, 0xc5, 0x88, 0x1e, 0x2c, 0x0a, 0x2a,
+	0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x76, 0x32, 0x2e, 0x63, 0x6f, 0x72,
+	0x65, 0x2e, 0x52, 0x75, 0x6e, 0x74, 0x69, 0x6d, 0x65, 0x46, 0x72, 0x61, 0x63, 0x74, 0x69, 0x6f,
+	0x6e, 0x61, 0x6c, 0x50, 0x65, 0x72, 0x63, 0x65, 0x6e, 0x74, 0x22, 0x55, 0x0a, 0x0c, 0x43, 0x6f,
+	0x6e, 0x74, 0x72, 0x6f, 0x6c, 0x50, 0x6c, 0x61, 0x6e, 0x65, 0x12, 0x1e, 0x0a, 0x0a, 0x69, 0x64,
+	0x65, 0x6e, 0x74, 0x69, 0x66, 0x69, 0x65, 0x72, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x0a,
+	0x69, 0x64, 0x65, 0x6e, 0x74, 0x69, 0x66, 0x69, 0x65, 0x72, 0x3a, 0x25, 0x9a, 0xc5, 0x88, 0x1e,
+	0x20, 0x0a, 0x1e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x76, 0x32, 0x2e,
+	0x63, 0x6f, 0x72, 0x65, 0x2e, 0x43, 0x6f, 0x6e, 0x74, 0x72, 0x6f, 0x6c, 0x50, 0x6c, 0x61, 0x6e,
+	0x65, 0x2a, 0x28, 0x0a, 0x0f, 0x52, 0x6f, 0x75, 0x74, 0x69, 0x6e, 0x67, 0x50, 0x72, 0x69, 0x6f,
+	0x72, 0x69, 0x74, 0x79, 0x12, 0x0b, 0x0a, 0x07, 0x44, 0x45, 0x46, 0x41, 0x55, 0x4c, 0x54, 0x10,
+	0x00, 0x12, 0x08, 0x0a, 0x04, 0x48, 0x49, 0x47, 0x48, 0x10, 0x01, 0x2a, 0x89, 0x01, 0x0a, 0x0d,
+	0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x4d, 0x65, 0x74, 0x68, 0x6f, 0x64, 0x12, 0x16, 0x0a,
+	0x12, 0x4d, 0x45, 0x54, 0x48, 0x4f, 0x44, 0x5f, 0x55, 0x4e, 0x53, 0x50, 0x45, 0x43, 0x49, 0x46,
+	0x49, 0x45, 0x44, 0x10, 0x00, 0x12, 0x07, 0x0a, 0x03, 0x47, 0x45, 0x54, 0x10, 0x01, 0x12, 0x08,
+	0x0a, 0x04, 0x48, 0x45, 0x41, 0x44, 0x10, 0x02, 0x12, 0x08, 0x0a, 0x04, 0x50, 0x4f, 0x53, 0x54,
+	0x10, 0x03, 0x12, 0x07, 0x0a, 0x03, 0x50, 0x55, 0x54, 0x10, 0x04, 0x12, 0x0a, 0x0a, 0x06, 0x44,
+	0x45, 0x4c, 0x45, 0x54, 0x45, 0x10, 0x05, 0x12, 0x0b, 0x0a, 0x07, 0x43, 0x4f, 0x4e, 0x4e, 0x45,
+	0x43, 0x54, 0x10, 0x06, 0x12, 0x0b, 0x0a, 0x07, 0x4f, 0x50, 0x54, 0x49, 0x4f, 0x4e, 0x53, 0x10,
+	0x07, 0x12, 0x09, 0x0a, 0x05, 0x54, 0x52, 0x41, 0x43, 0x45, 0x10, 0x08, 0x12, 0x09, 0x0a, 0x05,
+	0x50, 0x41, 0x54, 0x43, 0x48, 0x10, 0x09, 0x2a, 0x3e, 0x0a, 0x10, 0x54, 0x72, 0x61, 0x66, 0x66,
+	0x69, 0x63, 0x44, 0x69, 0x72, 0x65, 0x63, 0x74, 0x69, 0x6f, 0x6e, 0x12, 0x0f, 0x0a, 0x0b, 0x55,
+	0x4e, 0x53, 0x50, 0x45, 0x43, 0x49, 0x46, 0x49, 0x45, 0x44, 0x10, 0x00, 0x12, 0x0b, 0x0a, 0x07,
+	0x49, 0x4e, 0x42, 0x4f, 0x55, 0x4e, 0x44, 0x10, 0x01, 0x12, 0x0c, 0x0a, 0x08, 0x4f, 0x55, 0x54,
+	0x42, 0x4f, 0x55, 0x4e, 0x44, 0x10, 0x02, 0x42, 0x39, 0x0a, 0x22, 0x69, 0x6f, 0x2e, 0x65, 0x6e,
+	0x76, 0x6f, 0x79, 0x70, 0x72, 0x6f, 0x78, 0x79, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63,
+	0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x63, 0x6f, 0x72, 0x65, 0x2e, 0x76, 0x33, 0x42, 0x09, 0x42,
+	0x61, 0x73, 0x65, 0x50, 0x72, 0x6f, 0x74, 0x6f, 0x50, 0x01, 0xba, 0x80, 0xc8, 0xd1, 0x06, 0x02,
+	0x10, 0x02, 0x62, 0x06, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x33,
+}
+
+var (
+	file_envoy_config_core_v3_base_proto_rawDescOnce sync.Once
+	file_envoy_config_core_v3_base_proto_rawDescData = file_envoy_config_core_v3_base_proto_rawDesc
+)
+
+func file_envoy_config_core_v3_base_proto_rawDescGZIP() []byte {
+	file_envoy_config_core_v3_base_proto_rawDescOnce.Do(func() {
+		file_envoy_config_core_v3_base_proto_rawDescData = protoimpl.X.CompressGZIP(file_envoy_config_core_v3_base_proto_rawDescData)
+	})
+	return file_envoy_config_core_v3_base_proto_rawDescData
+}
+
+var file_envoy_config_core_v3_base_proto_enumTypes = make([]protoimpl.EnumInfo, 4)
+var file_envoy_config_core_v3_base_proto_msgTypes = make([]protoimpl.MessageInfo, 24)
+var file_envoy_config_core_v3_base_proto_goTypes = []interface{}{
+	(RoutingPriority)(0),                      // 0: envoy.config.core.v3.RoutingPriority
+	(RequestMethod)(0),                        // 1: envoy.config.core.v3.RequestMethod
+	(TrafficDirection)(0),                     // 2: envoy.config.core.v3.TrafficDirection
+	(HeaderValueOption_HeaderAppendAction)(0), // 3: envoy.config.core.v3.HeaderValueOption.HeaderAppendAction
+	(*Locality)(nil),                          // 4: envoy.config.core.v3.Locality
+	(*BuildVersion)(nil),                      // 5: envoy.config.core.v3.BuildVersion
+	(*Extension)(nil),                         // 6: envoy.config.core.v3.Extension
+	(*Node)(nil),                              // 7: envoy.config.core.v3.Node
+	(*Metadata)(nil),                          // 8: envoy.config.core.v3.Metadata
+	(*RuntimeUInt32)(nil),                     // 9: envoy.config.core.v3.RuntimeUInt32
+	(*RuntimePercent)(nil),                    // 10: envoy.config.core.v3.RuntimePercent
+	(*RuntimeDouble)(nil),                     // 11: envoy.config.core.v3.RuntimeDouble
+	(*RuntimeFeatureFlag)(nil),                // 12: envoy.config.core.v3.RuntimeFeatureFlag
+	(*QueryParameter)(nil),                    // 13: envoy.config.core.v3.QueryParameter
+	(*HeaderValue)(nil),                       // 14: envoy.config.core.v3.HeaderValue
+	(*HeaderValueOption)(nil),                 // 15: envoy.config.core.v3.HeaderValueOption
+	(*HeaderMap)(nil),                         // 16: envoy.config.core.v3.HeaderMap
+	(*WatchedDirectory)(nil),                  // 17: envoy.config.core.v3.WatchedDirectory
+	(*DataSource)(nil),                        // 18: envoy.config.core.v3.DataSource
+	(*RetryPolicy)(nil),                       // 19: envoy.config.core.v3.RetryPolicy
+	(*RemoteDataSource)(nil),                  // 20: envoy.config.core.v3.RemoteDataSource
+	(*AsyncDataSource)(nil),                   // 21: envoy.config.core.v3.AsyncDataSource
+	(*TransportSocket)(nil),                   // 22: envoy.config.core.v3.TransportSocket
+	(*RuntimeFractionalPercent)(nil),          // 23: envoy.config.core.v3.RuntimeFractionalPercent
+	(*ControlPlane)(nil),                      // 24: envoy.config.core.v3.ControlPlane
+	nil,                                       // 25: envoy.config.core.v3.Node.DynamicParametersEntry
+	nil,                                       // 26: envoy.config.core.v3.Metadata.FilterMetadataEntry
+	nil,                                       // 27: envoy.config.core.v3.Metadata.TypedFilterMetadataEntry
+	(*v3.SemanticVersion)(nil),                // 28: envoy.type.v3.SemanticVersion
+	(*_struct.Struct)(nil),                    // 29: google.protobuf.Struct
+	(*Address)(nil),                           // 30: envoy.config.core.v3.Address
+	(*v3.Percent)(nil),                        // 31: envoy.type.v3.Percent
+	(*wrappers.BoolValue)(nil),                // 32: google.protobuf.BoolValue
+	(*BackoffStrategy)(nil),                   // 33: envoy.config.core.v3.BackoffStrategy
+	(*wrappers.UInt32Value)(nil),              // 34: google.protobuf.UInt32Value
+	(*HttpUri)(nil),                           // 35: envoy.config.core.v3.HttpUri
+	(*any.Any)(nil),                           // 36: google.protobuf.Any
+	(*v3.FractionalPercent)(nil),              // 37: envoy.type.v3.FractionalPercent
+	(*v31.ContextParams)(nil),                 // 38: xds.core.v3.ContextParams
+}
+var file_envoy_config_core_v3_base_proto_depIdxs = []int32{
+	28, // 0: envoy.config.core.v3.BuildVersion.version:type_name -> envoy.type.v3.SemanticVersion
+	29, // 1: envoy.config.core.v3.BuildVersion.metadata:type_name -> google.protobuf.Struct
+	5,  // 2: envoy.config.core.v3.Extension.version:type_name -> envoy.config.core.v3.BuildVersion
+	29, // 3: envoy.config.core.v3.Node.metadata:type_name -> google.protobuf.Struct
+	25, // 4: envoy.config.core.v3.Node.dynamic_parameters:type_name -> envoy.config.core.v3.Node.DynamicParametersEntry
+	4,  // 5: envoy.config.core.v3.Node.locality:type_name -> envoy.config.core.v3.Locality
+	5,  // 6: envoy.config.core.v3.Node.user_agent_build_version:type_name -> envoy.config.core.v3.BuildVersion
+	6,  // 7: envoy.config.core.v3.Node.extensions:type_name -> envoy.config.core.v3.Extension
+	30, // 8: envoy.config.core.v3.Node.listening_addresses:type_name -> envoy.config.core.v3.Address
+	26, // 9: envoy.config.core.v3.Metadata.filter_metadata:type_name -> envoy.config.core.v3.Metadata.FilterMetadataEntry
+	27, // 10: envoy.config.core.v3.Metadata.typed_filter_metadata:type_name -> envoy.config.core.v3.Metadata.TypedFilterMetadataEntry
+	31, // 11: envoy.config.core.v3.RuntimePercent.default_value:type_name -> envoy.type.v3.Percent
+	32, // 12: envoy.config.core.v3.RuntimeFeatureFlag.default_value:type_name -> google.protobuf.BoolValue
+	14, // 13: envoy.config.core.v3.HeaderValueOption.header:type_name -> envoy.config.core.v3.HeaderValue
+	32, // 14: envoy.config.core.v3.HeaderValueOption.append:type_name -> google.protobuf.BoolValue
+	3,  // 15: envoy.config.core.v3.HeaderValueOption.append_action:type_name -> envoy.config.core.v3.HeaderValueOption.HeaderAppendAction
+	14, // 16: envoy.config.core.v3.HeaderMap.headers:type_name -> envoy.config.core.v3.HeaderValue
+	33, // 17: envoy.config.core.v3.RetryPolicy.retry_back_off:type_name -> envoy.config.core.v3.BackoffStrategy
+	34, // 18: envoy.config.core.v3.RetryPolicy.num_retries:type_name -> google.protobuf.UInt32Value
+	35, // 19: envoy.config.core.v3.RemoteDataSource.http_uri:type_name -> envoy.config.core.v3.HttpUri
+	19, // 20: envoy.config.core.v3.RemoteDataSource.retry_policy:type_name -> envoy.config.core.v3.RetryPolicy
+	18, // 21: envoy.config.core.v3.AsyncDataSource.local:type_name -> envoy.config.core.v3.DataSource
+	20, // 22: envoy.config.core.v3.AsyncDataSource.remote:type_name -> envoy.config.core.v3.RemoteDataSource
+	36, // 23: envoy.config.core.v3.TransportSocket.typed_config:type_name -> google.protobuf.Any
+	37, // 24: envoy.config.core.v3.RuntimeFractionalPercent.default_value:type_name -> envoy.type.v3.FractionalPercent
+	38, // 25: envoy.config.core.v3.Node.DynamicParametersEntry.value:type_name -> xds.core.v3.ContextParams
+	29, // 26: envoy.config.core.v3.Metadata.FilterMetadataEntry.value:type_name -> google.protobuf.Struct
+	36, // 27: envoy.config.core.v3.Metadata.TypedFilterMetadataEntry.value:type_name -> google.protobuf.Any
+	28, // [28:28] is the sub-list for method output_type
+	28, // [28:28] is the sub-list for method input_type
+	28, // [28:28] is the sub-list for extension type_name
+	28, // [28:28] is the sub-list for extension extendee
+	0,  // [0:28] is the sub-list for field type_name
+}
+
+func init() { file_envoy_config_core_v3_base_proto_init() }
+func file_envoy_config_core_v3_base_proto_init() {
+	if File_envoy_config_core_v3_base_proto != nil {
+		return
+	}
+	file_envoy_config_core_v3_address_proto_init()
+	file_envoy_config_core_v3_backoff_proto_init()
+	file_envoy_config_core_v3_http_uri_proto_init()
+	if !protoimpl.UnsafeEnabled {
+		file_envoy_config_core_v3_base_proto_msgTypes[0].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*Locality); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_config_core_v3_base_proto_msgTypes[1].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*BuildVersion); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_config_core_v3_base_proto_msgTypes[2].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*Extension); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_config_core_v3_base_proto_msgTypes[3].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*Node); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_config_core_v3_base_proto_msgTypes[4].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*Metadata); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_config_core_v3_base_proto_msgTypes[5].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*RuntimeUInt32); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_config_core_v3_base_proto_msgTypes[6].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*RuntimePercent); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_config_core_v3_base_proto_msgTypes[7].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*RuntimeDouble); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_config_core_v3_base_proto_msgTypes[8].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*RuntimeFeatureFlag); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_config_core_v3_base_proto_msgTypes[9].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*QueryParameter); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_config_core_v3_base_proto_msgTypes[10].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*HeaderValue); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_config_core_v3_base_proto_msgTypes[11].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*HeaderValueOption); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_config_core_v3_base_proto_msgTypes[12].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*HeaderMap); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_config_core_v3_base_proto_msgTypes[13].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*WatchedDirectory); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_config_core_v3_base_proto_msgTypes[14].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*DataSource); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_config_core_v3_base_proto_msgTypes[15].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*RetryPolicy); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_config_core_v3_base_proto_msgTypes[16].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*RemoteDataSource); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_config_core_v3_base_proto_msgTypes[17].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*AsyncDataSource); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_config_core_v3_base_proto_msgTypes[18].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*TransportSocket); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_config_core_v3_base_proto_msgTypes[19].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*RuntimeFractionalPercent); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_config_core_v3_base_proto_msgTypes[20].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*ControlPlane); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+	}
+	file_envoy_config_core_v3_base_proto_msgTypes[3].OneofWrappers = []interface{}{
+		(*Node_UserAgentVersion)(nil),
+		(*Node_UserAgentBuildVersion)(nil),
+	}
+	file_envoy_config_core_v3_base_proto_msgTypes[14].OneofWrappers = []interface{}{
+		(*DataSource_Filename)(nil),
+		(*DataSource_InlineBytes)(nil),
+		(*DataSource_InlineString)(nil),
+		(*DataSource_EnvironmentVariable)(nil),
+	}
+	file_envoy_config_core_v3_base_proto_msgTypes[17].OneofWrappers = []interface{}{
+		(*AsyncDataSource_Local)(nil),
+		(*AsyncDataSource_Remote)(nil),
+	}
+	file_envoy_config_core_v3_base_proto_msgTypes[18].OneofWrappers = []interface{}{
+		(*TransportSocket_TypedConfig)(nil),
+	}
+	type x struct{}
+	out := protoimpl.TypeBuilder{
+		File: protoimpl.DescBuilder{
+			GoPackagePath: reflect.TypeOf(x{}).PkgPath(),
+			RawDescriptor: file_envoy_config_core_v3_base_proto_rawDesc,
+			NumEnums:      4,
+			NumMessages:   24,
+			NumExtensions: 0,
+			NumServices:   0,
+		},
+		GoTypes:           file_envoy_config_core_v3_base_proto_goTypes,
+		DependencyIndexes: file_envoy_config_core_v3_base_proto_depIdxs,
+		EnumInfos:         file_envoy_config_core_v3_base_proto_enumTypes,
+		MessageInfos:      file_envoy_config_core_v3_base_proto_msgTypes,
+	}.Build()
+	File_envoy_config_core_v3_base_proto = out.File
+	file_envoy_config_core_v3_base_proto_rawDesc = nil
+	file_envoy_config_core_v3_base_proto_goTypes = nil
+	file_envoy_config_core_v3_base_proto_depIdxs = nil
+}
diff --git a/vendor/github.com/envoyproxy/go-control-plane/envoy/config/core/v3/base.pb.validate.go b/vendor/github.com/envoyproxy/go-control-plane/envoy/config/core/v3/base.pb.validate.go
new file mode 100644
index 00000000000..1e41110a13d
--- /dev/null
+++ b/vendor/github.com/envoyproxy/go-control-plane/envoy/config/core/v3/base.pb.validate.go
@@ -0,0 +1,3183 @@
+// Code generated by protoc-gen-validate. DO NOT EDIT.
+// source: envoy/config/core/v3/base.proto
+
+package envoy_config_core_v3
+
+import (
+	"bytes"
+	"errors"
+	"fmt"
+	"net"
+	"net/mail"
+	"net/url"
+	"regexp"
+	"sort"
+	"strings"
+	"time"
+	"unicode/utf8"
+
+	"google.golang.org/protobuf/types/known/anypb"
+)
+
+// ensure the imports are used
+var (
+	_ = bytes.MinRead
+	_ = errors.New("")
+	_ = fmt.Print
+	_ = utf8.UTFMax
+	_ = (*regexp.Regexp)(nil)
+	_ = (*strings.Reader)(nil)
+	_ = net.IPv4len
+	_ = time.Duration(0)
+	_ = (*url.URL)(nil)
+	_ = (*mail.Address)(nil)
+	_ = anypb.Any{}
+	_ = sort.Sort
+)
+
+// Validate checks the field values on Locality with the rules defined in the
+// proto definition for this message. If any rules are violated, the first
+// error encountered is returned, or nil if there are no violations.
+func (m *Locality) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on Locality with the rules defined in
+// the proto definition for this message. If any rules are violated, the
+// result is a list of violation errors wrapped in LocalityMultiError, or nil
+// if none found.
+func (m *Locality) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *Locality) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	// no validation rules for Region
+
+	// no validation rules for Zone
+
+	// no validation rules for SubZone
+
+	if len(errors) > 0 {
+		return LocalityMultiError(errors)
+	}
+	return nil
+}
+
+// LocalityMultiError is an error wrapping multiple validation errors returned
+// by Locality.ValidateAll() if the designated constraints aren't met.
+type LocalityMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m LocalityMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m LocalityMultiError) AllErrors() []error { return m }
+
+// LocalityValidationError is the validation error returned by
+// Locality.Validate if the designated constraints aren't met.
+type LocalityValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e LocalityValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e LocalityValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e LocalityValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e LocalityValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e LocalityValidationError) ErrorName() string { return "LocalityValidationError" }
+
+// Error satisfies the builtin error interface
+func (e LocalityValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sLocality.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = LocalityValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = LocalityValidationError{}
+
+// Validate checks the field values on BuildVersion with the rules defined in
+// the proto definition for this message. If any rules are violated, the first
+// error encountered is returned, or nil if there are no violations.
+func (m *BuildVersion) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on BuildVersion with the rules defined
+// in the proto definition for this message. If any rules are violated, the
+// result is a list of violation errors wrapped in BuildVersionMultiError, or
+// nil if none found.
+func (m *BuildVersion) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *BuildVersion) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	if all {
+		switch v := interface{}(m.GetVersion()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, BuildVersionValidationError{
+					field:  "Version",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, BuildVersionValidationError{
+					field:  "Version",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetVersion()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return BuildVersionValidationError{
+				field:  "Version",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if all {
+		switch v := interface{}(m.GetMetadata()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, BuildVersionValidationError{
+					field:  "Metadata",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, BuildVersionValidationError{
+					field:  "Metadata",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetMetadata()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return BuildVersionValidationError{
+				field:  "Metadata",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if len(errors) > 0 {
+		return BuildVersionMultiError(errors)
+	}
+	return nil
+}
+
+// BuildVersionMultiError is an error wrapping multiple validation errors
+// returned by BuildVersion.ValidateAll() if the designated constraints aren't met.
+type BuildVersionMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m BuildVersionMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m BuildVersionMultiError) AllErrors() []error { return m }
+
+// BuildVersionValidationError is the validation error returned by
+// BuildVersion.Validate if the designated constraints aren't met.
+type BuildVersionValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e BuildVersionValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e BuildVersionValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e BuildVersionValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e BuildVersionValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e BuildVersionValidationError) ErrorName() string { return "BuildVersionValidationError" }
+
+// Error satisfies the builtin error interface
+func (e BuildVersionValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sBuildVersion.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = BuildVersionValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = BuildVersionValidationError{}
+
+// Validate checks the field values on Extension with the rules defined in the
+// proto definition for this message. If any rules are violated, the first
+// error encountered is returned, or nil if there are no violations.
+func (m *Extension) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on Extension with the rules defined in
+// the proto definition for this message. If any rules are violated, the
+// result is a list of violation errors wrapped in ExtensionMultiError, or nil
+// if none found.
+func (m *Extension) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *Extension) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	// no validation rules for Name
+
+	// no validation rules for Category
+
+	// no validation rules for TypeDescriptor
+
+	if all {
+		switch v := interface{}(m.GetVersion()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, ExtensionValidationError{
+					field:  "Version",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, ExtensionValidationError{
+					field:  "Version",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetVersion()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return ExtensionValidationError{
+				field:  "Version",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	// no validation rules for Disabled
+
+	if len(errors) > 0 {
+		return ExtensionMultiError(errors)
+	}
+	return nil
+}
+
+// ExtensionMultiError is an error wrapping multiple validation errors returned
+// by Extension.ValidateAll() if the designated constraints aren't met.
+type ExtensionMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m ExtensionMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m ExtensionMultiError) AllErrors() []error { return m }
+
+// ExtensionValidationError is the validation error returned by
+// Extension.Validate if the designated constraints aren't met.
+type ExtensionValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e ExtensionValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e ExtensionValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e ExtensionValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e ExtensionValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e ExtensionValidationError) ErrorName() string { return "ExtensionValidationError" }
+
+// Error satisfies the builtin error interface
+func (e ExtensionValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sExtension.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = ExtensionValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = ExtensionValidationError{}
+
+// Validate checks the field values on Node with the rules defined in the proto
+// definition for this message. If any rules are violated, the first error
+// encountered is returned, or nil if there are no violations.
+func (m *Node) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on Node with the rules defined in the
+// proto definition for this message. If any rules are violated, the result is
+// a list of violation errors wrapped in NodeMultiError, or nil if none found.
+func (m *Node) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *Node) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	// no validation rules for Id
+
+	// no validation rules for Cluster
+
+	if all {
+		switch v := interface{}(m.GetMetadata()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, NodeValidationError{
+					field:  "Metadata",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, NodeValidationError{
+					field:  "Metadata",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetMetadata()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return NodeValidationError{
+				field:  "Metadata",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	{
+		sorted_keys := make([]string, len(m.GetDynamicParameters()))
+		i := 0
+		for key := range m.GetDynamicParameters() {
+			sorted_keys[i] = key
+			i++
+		}
+		sort.Slice(sorted_keys, func(i, j int) bool { return sorted_keys[i] < sorted_keys[j] })
+		for _, key := range sorted_keys {
+			val := m.GetDynamicParameters()[key]
+			_ = val
+
+			// no validation rules for DynamicParameters[key]
+
+			if all {
+				switch v := interface{}(val).(type) {
+				case interface{ ValidateAll() error }:
+					if err := v.ValidateAll(); err != nil {
+						errors = append(errors, NodeValidationError{
+							field:  fmt.Sprintf("DynamicParameters[%v]", key),
+							reason: "embedded message failed validation",
+							cause:  err,
+						})
+					}
+				case interface{ Validate() error }:
+					if err := v.Validate(); err != nil {
+						errors = append(errors, NodeValidationError{
+							field:  fmt.Sprintf("DynamicParameters[%v]", key),
+							reason: "embedded message failed validation",
+							cause:  err,
+						})
+					}
+				}
+			} else if v, ok := interface{}(val).(interface{ Validate() error }); ok {
+				if err := v.Validate(); err != nil {
+					return NodeValidationError{
+						field:  fmt.Sprintf("DynamicParameters[%v]", key),
+						reason: "embedded message failed validation",
+						cause:  err,
+					}
+				}
+			}
+
+		}
+	}
+
+	if all {
+		switch v := interface{}(m.GetLocality()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, NodeValidationError{
+					field:  "Locality",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, NodeValidationError{
+					field:  "Locality",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetLocality()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return NodeValidationError{
+				field:  "Locality",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	// no validation rules for UserAgentName
+
+	for idx, item := range m.GetExtensions() {
+		_, _ = idx, item
+
+		if all {
+			switch v := interface{}(item).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, NodeValidationError{
+						field:  fmt.Sprintf("Extensions[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, NodeValidationError{
+						field:  fmt.Sprintf("Extensions[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(item).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return NodeValidationError{
+					field:  fmt.Sprintf("Extensions[%v]", idx),
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	}
+
+	for idx, item := range m.GetListeningAddresses() {
+		_, _ = idx, item
+
+		if all {
+			switch v := interface{}(item).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, NodeValidationError{
+						field:  fmt.Sprintf("ListeningAddresses[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, NodeValidationError{
+						field:  fmt.Sprintf("ListeningAddresses[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(item).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return NodeValidationError{
+					field:  fmt.Sprintf("ListeningAddresses[%v]", idx),
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	}
+
+	switch m.UserAgentVersionType.(type) {
+
+	case *Node_UserAgentVersion:
+		// no validation rules for UserAgentVersion
+
+	case *Node_UserAgentBuildVersion:
+
+		if all {
+			switch v := interface{}(m.GetUserAgentBuildVersion()).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, NodeValidationError{
+						field:  "UserAgentBuildVersion",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, NodeValidationError{
+						field:  "UserAgentBuildVersion",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(m.GetUserAgentBuildVersion()).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return NodeValidationError{
+					field:  "UserAgentBuildVersion",
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	}
+
+	if len(errors) > 0 {
+		return NodeMultiError(errors)
+	}
+	return nil
+}
+
+// NodeMultiError is an error wrapping multiple validation errors returned by
+// Node.ValidateAll() if the designated constraints aren't met.
+type NodeMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m NodeMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m NodeMultiError) AllErrors() []error { return m }
+
+// NodeValidationError is the validation error returned by Node.Validate if the
+// designated constraints aren't met.
+type NodeValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e NodeValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e NodeValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e NodeValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e NodeValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e NodeValidationError) ErrorName() string { return "NodeValidationError" }
+
+// Error satisfies the builtin error interface
+func (e NodeValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sNode.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = NodeValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = NodeValidationError{}
+
+// Validate checks the field values on Metadata with the rules defined in the
+// proto definition for this message. If any rules are violated, the first
+// error encountered is returned, or nil if there are no violations.
+func (m *Metadata) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on Metadata with the rules defined in
+// the proto definition for this message. If any rules are violated, the
+// result is a list of violation errors wrapped in MetadataMultiError, or nil
+// if none found.
+func (m *Metadata) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *Metadata) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	{
+		sorted_keys := make([]string, len(m.GetFilterMetadata()))
+		i := 0
+		for key := range m.GetFilterMetadata() {
+			sorted_keys[i] = key
+			i++
+		}
+		sort.Slice(sorted_keys, func(i, j int) bool { return sorted_keys[i] < sorted_keys[j] })
+		for _, key := range sorted_keys {
+			val := m.GetFilterMetadata()[key]
+			_ = val
+
+			// no validation rules for FilterMetadata[key]
+
+			if all {
+				switch v := interface{}(val).(type) {
+				case interface{ ValidateAll() error }:
+					if err := v.ValidateAll(); err != nil {
+						errors = append(errors, MetadataValidationError{
+							field:  fmt.Sprintf("FilterMetadata[%v]", key),
+							reason: "embedded message failed validation",
+							cause:  err,
+						})
+					}
+				case interface{ Validate() error }:
+					if err := v.Validate(); err != nil {
+						errors = append(errors, MetadataValidationError{
+							field:  fmt.Sprintf("FilterMetadata[%v]", key),
+							reason: "embedded message failed validation",
+							cause:  err,
+						})
+					}
+				}
+			} else if v, ok := interface{}(val).(interface{ Validate() error }); ok {
+				if err := v.Validate(); err != nil {
+					return MetadataValidationError{
+						field:  fmt.Sprintf("FilterMetadata[%v]", key),
+						reason: "embedded message failed validation",
+						cause:  err,
+					}
+				}
+			}
+
+		}
+	}
+
+	{
+		sorted_keys := make([]string, len(m.GetTypedFilterMetadata()))
+		i := 0
+		for key := range m.GetTypedFilterMetadata() {
+			sorted_keys[i] = key
+			i++
+		}
+		sort.Slice(sorted_keys, func(i, j int) bool { return sorted_keys[i] < sorted_keys[j] })
+		for _, key := range sorted_keys {
+			val := m.GetTypedFilterMetadata()[key]
+			_ = val
+
+			// no validation rules for TypedFilterMetadata[key]
+
+			if all {
+				switch v := interface{}(val).(type) {
+				case interface{ ValidateAll() error }:
+					if err := v.ValidateAll(); err != nil {
+						errors = append(errors, MetadataValidationError{
+							field:  fmt.Sprintf("TypedFilterMetadata[%v]", key),
+							reason: "embedded message failed validation",
+							cause:  err,
+						})
+					}
+				case interface{ Validate() error }:
+					if err := v.Validate(); err != nil {
+						errors = append(errors, MetadataValidationError{
+							field:  fmt.Sprintf("TypedFilterMetadata[%v]", key),
+							reason: "embedded message failed validation",
+							cause:  err,
+						})
+					}
+				}
+			} else if v, ok := interface{}(val).(interface{ Validate() error }); ok {
+				if err := v.Validate(); err != nil {
+					return MetadataValidationError{
+						field:  fmt.Sprintf("TypedFilterMetadata[%v]", key),
+						reason: "embedded message failed validation",
+						cause:  err,
+					}
+				}
+			}
+
+		}
+	}
+
+	if len(errors) > 0 {
+		return MetadataMultiError(errors)
+	}
+	return nil
+}
+
+// MetadataMultiError is an error wrapping multiple validation errors returned
+// by Metadata.ValidateAll() if the designated constraints aren't met.
+type MetadataMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m MetadataMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m MetadataMultiError) AllErrors() []error { return m }
+
+// MetadataValidationError is the validation error returned by
+// Metadata.Validate if the designated constraints aren't met.
+type MetadataValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e MetadataValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e MetadataValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e MetadataValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e MetadataValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e MetadataValidationError) ErrorName() string { return "MetadataValidationError" }
+
+// Error satisfies the builtin error interface
+func (e MetadataValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sMetadata.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = MetadataValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = MetadataValidationError{}
+
+// Validate checks the field values on RuntimeUInt32 with the rules defined in
+// the proto definition for this message. If any rules are violated, the first
+// error encountered is returned, or nil if there are no violations.
+func (m *RuntimeUInt32) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on RuntimeUInt32 with the rules defined
+// in the proto definition for this message. If any rules are violated, the
+// result is a list of violation errors wrapped in RuntimeUInt32MultiError, or
+// nil if none found.
+func (m *RuntimeUInt32) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *RuntimeUInt32) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	// no validation rules for DefaultValue
+
+	if utf8.RuneCountInString(m.GetRuntimeKey()) < 1 {
+		err := RuntimeUInt32ValidationError{
+			field:  "RuntimeKey",
+			reason: "value length must be at least 1 runes",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+	}
+
+	if len(errors) > 0 {
+		return RuntimeUInt32MultiError(errors)
+	}
+	return nil
+}
+
+// RuntimeUInt32MultiError is an error wrapping multiple validation errors
+// returned by RuntimeUInt32.ValidateAll() if the designated constraints
+// aren't met.
+type RuntimeUInt32MultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m RuntimeUInt32MultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m RuntimeUInt32MultiError) AllErrors() []error { return m }
+
+// RuntimeUInt32ValidationError is the validation error returned by
+// RuntimeUInt32.Validate if the designated constraints aren't met.
+type RuntimeUInt32ValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e RuntimeUInt32ValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e RuntimeUInt32ValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e RuntimeUInt32ValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e RuntimeUInt32ValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e RuntimeUInt32ValidationError) ErrorName() string { return "RuntimeUInt32ValidationError" }
+
+// Error satisfies the builtin error interface
+func (e RuntimeUInt32ValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sRuntimeUInt32.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = RuntimeUInt32ValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = RuntimeUInt32ValidationError{}
+
+// Validate checks the field values on RuntimePercent with the rules defined in
+// the proto definition for this message. If any rules are violated, the first
+// error encountered is returned, or nil if there are no violations.
+func (m *RuntimePercent) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on RuntimePercent with the rules defined
+// in the proto definition for this message. If any rules are violated, the
+// result is a list of violation errors wrapped in RuntimePercentMultiError,
+// or nil if none found.
+func (m *RuntimePercent) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *RuntimePercent) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	if all {
+		switch v := interface{}(m.GetDefaultValue()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, RuntimePercentValidationError{
+					field:  "DefaultValue",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, RuntimePercentValidationError{
+					field:  "DefaultValue",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetDefaultValue()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return RuntimePercentValidationError{
+				field:  "DefaultValue",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if utf8.RuneCountInString(m.GetRuntimeKey()) < 1 {
+		err := RuntimePercentValidationError{
+			field:  "RuntimeKey",
+			reason: "value length must be at least 1 runes",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+	}
+
+	if len(errors) > 0 {
+		return RuntimePercentMultiError(errors)
+	}
+	return nil
+}
+
+// RuntimePercentMultiError is an error wrapping multiple validation errors
+// returned by RuntimePercent.ValidateAll() if the designated constraints
+// aren't met.
+type RuntimePercentMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m RuntimePercentMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m RuntimePercentMultiError) AllErrors() []error { return m }
+
+// RuntimePercentValidationError is the validation error returned by
+// RuntimePercent.Validate if the designated constraints aren't met.
+type RuntimePercentValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e RuntimePercentValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e RuntimePercentValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e RuntimePercentValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e RuntimePercentValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e RuntimePercentValidationError) ErrorName() string { return "RuntimePercentValidationError" }
+
+// Error satisfies the builtin error interface
+func (e RuntimePercentValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sRuntimePercent.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = RuntimePercentValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = RuntimePercentValidationError{}
+
+// Validate checks the field values on RuntimeDouble with the rules defined in
+// the proto definition for this message. If any rules are violated, the first
+// error encountered is returned, or nil if there are no violations.
+func (m *RuntimeDouble) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on RuntimeDouble with the rules defined
+// in the proto definition for this message. If any rules are violated, the
+// result is a list of violation errors wrapped in RuntimeDoubleMultiError, or
+// nil if none found.
+func (m *RuntimeDouble) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *RuntimeDouble) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	// no validation rules for DefaultValue
+
+	if utf8.RuneCountInString(m.GetRuntimeKey()) < 1 {
+		err := RuntimeDoubleValidationError{
+			field:  "RuntimeKey",
+			reason: "value length must be at least 1 runes",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+	}
+
+	if len(errors) > 0 {
+		return RuntimeDoubleMultiError(errors)
+	}
+	return nil
+}
+
+// RuntimeDoubleMultiError is an error wrapping multiple validation errors
+// returned by RuntimeDouble.ValidateAll() if the designated constraints
+// aren't met.
+type RuntimeDoubleMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m RuntimeDoubleMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m RuntimeDoubleMultiError) AllErrors() []error { return m }
+
+// RuntimeDoubleValidationError is the validation error returned by
+// RuntimeDouble.Validate if the designated constraints aren't met.
+type RuntimeDoubleValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e RuntimeDoubleValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e RuntimeDoubleValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e RuntimeDoubleValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e RuntimeDoubleValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e RuntimeDoubleValidationError) ErrorName() string { return "RuntimeDoubleValidationError" }
+
+// Error satisfies the builtin error interface
+func (e RuntimeDoubleValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sRuntimeDouble.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = RuntimeDoubleValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = RuntimeDoubleValidationError{}
+
+// Validate checks the field values on RuntimeFeatureFlag with the rules
+// defined in the proto definition for this message. If any rules are
+// violated, the first error encountered is returned, or nil if there are no violations.
+func (m *RuntimeFeatureFlag) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on RuntimeFeatureFlag with the rules
+// defined in the proto definition for this message. If any rules are
+// violated, the result is a list of violation errors wrapped in
+// RuntimeFeatureFlagMultiError, or nil if none found.
+func (m *RuntimeFeatureFlag) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *RuntimeFeatureFlag) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	if m.GetDefaultValue() == nil {
+		err := RuntimeFeatureFlagValidationError{
+			field:  "DefaultValue",
+			reason: "value is required",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+	}
+
+	if all {
+		switch v := interface{}(m.GetDefaultValue()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, RuntimeFeatureFlagValidationError{
+					field:  "DefaultValue",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, RuntimeFeatureFlagValidationError{
+					field:  "DefaultValue",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetDefaultValue()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return RuntimeFeatureFlagValidationError{
+				field:  "DefaultValue",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if utf8.RuneCountInString(m.GetRuntimeKey()) < 1 {
+		err := RuntimeFeatureFlagValidationError{
+			field:  "RuntimeKey",
+			reason: "value length must be at least 1 runes",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+	}
+
+	if len(errors) > 0 {
+		return RuntimeFeatureFlagMultiError(errors)
+	}
+	return nil
+}
+
+// RuntimeFeatureFlagMultiError is an error wrapping multiple validation errors
+// returned by RuntimeFeatureFlag.ValidateAll() if the designated constraints
+// aren't met.
+type RuntimeFeatureFlagMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m RuntimeFeatureFlagMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m RuntimeFeatureFlagMultiError) AllErrors() []error { return m }
+
+// RuntimeFeatureFlagValidationError is the validation error returned by
+// RuntimeFeatureFlag.Validate if the designated constraints aren't met.
+type RuntimeFeatureFlagValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e RuntimeFeatureFlagValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e RuntimeFeatureFlagValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e RuntimeFeatureFlagValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e RuntimeFeatureFlagValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e RuntimeFeatureFlagValidationError) ErrorName() string {
+	return "RuntimeFeatureFlagValidationError"
+}
+
+// Error satisfies the builtin error interface
+func (e RuntimeFeatureFlagValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sRuntimeFeatureFlag.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = RuntimeFeatureFlagValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = RuntimeFeatureFlagValidationError{}
+
+// Validate checks the field values on QueryParameter with the rules defined in
+// the proto definition for this message. If any rules are violated, the first
+// error encountered is returned, or nil if there are no violations.
+func (m *QueryParameter) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on QueryParameter with the rules defined
+// in the proto definition for this message. If any rules are violated, the
+// result is a list of violation errors wrapped in QueryParameterMultiError,
+// or nil if none found.
+func (m *QueryParameter) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *QueryParameter) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	if utf8.RuneCountInString(m.GetKey()) < 1 {
+		err := QueryParameterValidationError{
+			field:  "Key",
+			reason: "value length must be at least 1 runes",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+	}
+
+	// no validation rules for Value
+
+	if len(errors) > 0 {
+		return QueryParameterMultiError(errors)
+	}
+	return nil
+}
+
+// QueryParameterMultiError is an error wrapping multiple validation errors
+// returned by QueryParameter.ValidateAll() if the designated constraints
+// aren't met.
+type QueryParameterMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m QueryParameterMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m QueryParameterMultiError) AllErrors() []error { return m }
+
+// QueryParameterValidationError is the validation error returned by
+// QueryParameter.Validate if the designated constraints aren't met.
+type QueryParameterValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e QueryParameterValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e QueryParameterValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e QueryParameterValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e QueryParameterValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e QueryParameterValidationError) ErrorName() string { return "QueryParameterValidationError" }
+
+// Error satisfies the builtin error interface
+func (e QueryParameterValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sQueryParameter.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = QueryParameterValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = QueryParameterValidationError{}
+
+// Validate checks the field values on HeaderValue with the rules defined in
+// the proto definition for this message. If any rules are violated, the first
+// error encountered is returned, or nil if there are no violations.
+func (m *HeaderValue) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on HeaderValue with the rules defined in
+// the proto definition for this message. If any rules are violated, the
+// result is a list of violation errors wrapped in HeaderValueMultiError, or
+// nil if none found.
+func (m *HeaderValue) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *HeaderValue) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	if utf8.RuneCountInString(m.GetKey()) < 1 {
+		err := HeaderValueValidationError{
+			field:  "Key",
+			reason: "value length must be at least 1 runes",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+	}
+
+	if len(m.GetKey()) > 16384 {
+		err := HeaderValueValidationError{
+			field:  "Key",
+			reason: "value length must be at most 16384 bytes",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+	}
+
+	if !_HeaderValue_Key_Pattern.MatchString(m.GetKey()) {
+		err := HeaderValueValidationError{
+			field:  "Key",
+			reason: "value does not match regex pattern \"^[^\\x00\\n\\r]*$\"",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+	}
+
+	if len(m.GetValue()) > 16384 {
+		err := HeaderValueValidationError{
+			field:  "Value",
+			reason: "value length must be at most 16384 bytes",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+	}
+
+	if !_HeaderValue_Value_Pattern.MatchString(m.GetValue()) {
+		err := HeaderValueValidationError{
+			field:  "Value",
+			reason: "value does not match regex pattern \"^[^\\x00\\n\\r]*$\"",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+	}
+
+	if len(errors) > 0 {
+		return HeaderValueMultiError(errors)
+	}
+	return nil
+}
+
+// HeaderValueMultiError is an error wrapping multiple validation errors
+// returned by HeaderValue.ValidateAll() if the designated constraints aren't met.
+type HeaderValueMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m HeaderValueMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m HeaderValueMultiError) AllErrors() []error { return m }
+
+// HeaderValueValidationError is the validation error returned by
+// HeaderValue.Validate if the designated constraints aren't met.
+type HeaderValueValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e HeaderValueValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e HeaderValueValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e HeaderValueValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e HeaderValueValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e HeaderValueValidationError) ErrorName() string { return "HeaderValueValidationError" }
+
+// Error satisfies the builtin error interface
+func (e HeaderValueValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sHeaderValue.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = HeaderValueValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = HeaderValueValidationError{}
+
+var _HeaderValue_Key_Pattern = regexp.MustCompile("^[^\x00\n\r]*$")
+
+var _HeaderValue_Value_Pattern = regexp.MustCompile("^[^\x00\n\r]*$")
+
+// Validate checks the field values on HeaderValueOption with the rules defined
+// in the proto definition for this message. If any rules are violated, the
+// first error encountered is returned, or nil if there are no violations.
+func (m *HeaderValueOption) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on HeaderValueOption with the rules
+// defined in the proto definition for this message. If any rules are
+// violated, the result is a list of violation errors wrapped in
+// HeaderValueOptionMultiError, or nil if none found.
+func (m *HeaderValueOption) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *HeaderValueOption) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	if m.GetHeader() == nil {
+		err := HeaderValueOptionValidationError{
+			field:  "Header",
+			reason: "value is required",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+	}
+
+	if all {
+		switch v := interface{}(m.GetHeader()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, HeaderValueOptionValidationError{
+					field:  "Header",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, HeaderValueOptionValidationError{
+					field:  "Header",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetHeader()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return HeaderValueOptionValidationError{
+				field:  "Header",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if all {
+		switch v := interface{}(m.GetAppend()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, HeaderValueOptionValidationError{
+					field:  "Append",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, HeaderValueOptionValidationError{
+					field:  "Append",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetAppend()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return HeaderValueOptionValidationError{
+				field:  "Append",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if _, ok := HeaderValueOption_HeaderAppendAction_name[int32(m.GetAppendAction())]; !ok {
+		err := HeaderValueOptionValidationError{
+			field:  "AppendAction",
+			reason: "value must be one of the defined enum values",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+	}
+
+	if len(errors) > 0 {
+		return HeaderValueOptionMultiError(errors)
+	}
+	return nil
+}
+
+// HeaderValueOptionMultiError is an error wrapping multiple validation errors
+// returned by HeaderValueOption.ValidateAll() if the designated constraints
+// aren't met.
+type HeaderValueOptionMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m HeaderValueOptionMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m HeaderValueOptionMultiError) AllErrors() []error { return m }
+
+// HeaderValueOptionValidationError is the validation error returned by
+// HeaderValueOption.Validate if the designated constraints aren't met.
+type HeaderValueOptionValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e HeaderValueOptionValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e HeaderValueOptionValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e HeaderValueOptionValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e HeaderValueOptionValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e HeaderValueOptionValidationError) ErrorName() string {
+	return "HeaderValueOptionValidationError"
+}
+
+// Error satisfies the builtin error interface
+func (e HeaderValueOptionValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sHeaderValueOption.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = HeaderValueOptionValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = HeaderValueOptionValidationError{}
+
+// Validate checks the field values on HeaderMap with the rules defined in the
+// proto definition for this message. If any rules are violated, the first
+// error encountered is returned, or nil if there are no violations.
+func (m *HeaderMap) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on HeaderMap with the rules defined in
+// the proto definition for this message. If any rules are violated, the
+// result is a list of violation errors wrapped in HeaderMapMultiError, or nil
+// if none found.
+func (m *HeaderMap) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *HeaderMap) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	for idx, item := range m.GetHeaders() {
+		_, _ = idx, item
+
+		if all {
+			switch v := interface{}(item).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, HeaderMapValidationError{
+						field:  fmt.Sprintf("Headers[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, HeaderMapValidationError{
+						field:  fmt.Sprintf("Headers[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(item).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return HeaderMapValidationError{
+					field:  fmt.Sprintf("Headers[%v]", idx),
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	}
+
+	if len(errors) > 0 {
+		return HeaderMapMultiError(errors)
+	}
+	return nil
+}
+
+// HeaderMapMultiError is an error wrapping multiple validation errors returned
+// by HeaderMap.ValidateAll() if the designated constraints aren't met.
+type HeaderMapMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m HeaderMapMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m HeaderMapMultiError) AllErrors() []error { return m }
+
+// HeaderMapValidationError is the validation error returned by
+// HeaderMap.Validate if the designated constraints aren't met.
+type HeaderMapValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e HeaderMapValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e HeaderMapValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e HeaderMapValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e HeaderMapValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e HeaderMapValidationError) ErrorName() string { return "HeaderMapValidationError" }
+
+// Error satisfies the builtin error interface
+func (e HeaderMapValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sHeaderMap.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = HeaderMapValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = HeaderMapValidationError{}
+
+// Validate checks the field values on WatchedDirectory with the rules defined
+// in the proto definition for this message. If any rules are violated, the
+// first error encountered is returned, or nil if there are no violations.
+func (m *WatchedDirectory) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on WatchedDirectory with the rules
+// defined in the proto definition for this message. If any rules are
+// violated, the result is a list of violation errors wrapped in
+// WatchedDirectoryMultiError, or nil if none found.
+func (m *WatchedDirectory) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *WatchedDirectory) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	if utf8.RuneCountInString(m.GetPath()) < 1 {
+		err := WatchedDirectoryValidationError{
+			field:  "Path",
+			reason: "value length must be at least 1 runes",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+	}
+
+	if len(errors) > 0 {
+		return WatchedDirectoryMultiError(errors)
+	}
+	return nil
+}
+
+// WatchedDirectoryMultiError is an error wrapping multiple validation errors
+// returned by WatchedDirectory.ValidateAll() if the designated constraints
+// aren't met.
+type WatchedDirectoryMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m WatchedDirectoryMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m WatchedDirectoryMultiError) AllErrors() []error { return m }
+
+// WatchedDirectoryValidationError is the validation error returned by
+// WatchedDirectory.Validate if the designated constraints aren't met.
+type WatchedDirectoryValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e WatchedDirectoryValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e WatchedDirectoryValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e WatchedDirectoryValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e WatchedDirectoryValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e WatchedDirectoryValidationError) ErrorName() string { return "WatchedDirectoryValidationError" }
+
+// Error satisfies the builtin error interface
+func (e WatchedDirectoryValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sWatchedDirectory.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = WatchedDirectoryValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = WatchedDirectoryValidationError{}
+
+// Validate checks the field values on DataSource with the rules defined in the
+// proto definition for this message. If any rules are violated, the first
+// error encountered is returned, or nil if there are no violations.
+func (m *DataSource) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on DataSource with the rules defined in
+// the proto definition for this message. If any rules are violated, the
+// result is a list of violation errors wrapped in DataSourceMultiError, or
+// nil if none found.
+func (m *DataSource) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *DataSource) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	switch m.Specifier.(type) {
+
+	case *DataSource_Filename:
+
+		if utf8.RuneCountInString(m.GetFilename()) < 1 {
+			err := DataSourceValidationError{
+				field:  "Filename",
+				reason: "value length must be at least 1 runes",
+			}
+			if !all {
+				return err
+			}
+			errors = append(errors, err)
+		}
+
+	case *DataSource_InlineBytes:
+		// no validation rules for InlineBytes
+
+	case *DataSource_InlineString:
+		// no validation rules for InlineString
+
+	case *DataSource_EnvironmentVariable:
+
+		if utf8.RuneCountInString(m.GetEnvironmentVariable()) < 1 {
+			err := DataSourceValidationError{
+				field:  "EnvironmentVariable",
+				reason: "value length must be at least 1 runes",
+			}
+			if !all {
+				return err
+			}
+			errors = append(errors, err)
+		}
+
+	default:
+		err := DataSourceValidationError{
+			field:  "Specifier",
+			reason: "value is required",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+
+	}
+
+	if len(errors) > 0 {
+		return DataSourceMultiError(errors)
+	}
+	return nil
+}
+
+// DataSourceMultiError is an error wrapping multiple validation errors
+// returned by DataSource.ValidateAll() if the designated constraints aren't met.
+type DataSourceMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m DataSourceMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m DataSourceMultiError) AllErrors() []error { return m }
+
+// DataSourceValidationError is the validation error returned by
+// DataSource.Validate if the designated constraints aren't met.
+type DataSourceValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e DataSourceValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e DataSourceValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e DataSourceValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e DataSourceValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e DataSourceValidationError) ErrorName() string { return "DataSourceValidationError" }
+
+// Error satisfies the builtin error interface
+func (e DataSourceValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sDataSource.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = DataSourceValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = DataSourceValidationError{}
+
+// Validate checks the field values on RetryPolicy with the rules defined in
+// the proto definition for this message. If any rules are violated, the first
+// error encountered is returned, or nil if there are no violations.
+func (m *RetryPolicy) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on RetryPolicy with the rules defined in
+// the proto definition for this message. If any rules are violated, the
+// result is a list of violation errors wrapped in RetryPolicyMultiError, or
+// nil if none found.
+func (m *RetryPolicy) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *RetryPolicy) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	if all {
+		switch v := interface{}(m.GetRetryBackOff()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, RetryPolicyValidationError{
+					field:  "RetryBackOff",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, RetryPolicyValidationError{
+					field:  "RetryBackOff",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetRetryBackOff()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return RetryPolicyValidationError{
+				field:  "RetryBackOff",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if all {
+		switch v := interface{}(m.GetNumRetries()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, RetryPolicyValidationError{
+					field:  "NumRetries",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, RetryPolicyValidationError{
+					field:  "NumRetries",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetNumRetries()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return RetryPolicyValidationError{
+				field:  "NumRetries",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if len(errors) > 0 {
+		return RetryPolicyMultiError(errors)
+	}
+	return nil
+}
+
+// RetryPolicyMultiError is an error wrapping multiple validation errors
+// returned by RetryPolicy.ValidateAll() if the designated constraints aren't met.
+type RetryPolicyMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m RetryPolicyMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m RetryPolicyMultiError) AllErrors() []error { return m }
+
+// RetryPolicyValidationError is the validation error returned by
+// RetryPolicy.Validate if the designated constraints aren't met.
+type RetryPolicyValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e RetryPolicyValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e RetryPolicyValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e RetryPolicyValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e RetryPolicyValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e RetryPolicyValidationError) ErrorName() string { return "RetryPolicyValidationError" }
+
+// Error satisfies the builtin error interface
+func (e RetryPolicyValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sRetryPolicy.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = RetryPolicyValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = RetryPolicyValidationError{}
+
+// Validate checks the field values on RemoteDataSource with the rules defined
+// in the proto definition for this message. If any rules are violated, the
+// first error encountered is returned, or nil if there are no violations.
+func (m *RemoteDataSource) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on RemoteDataSource with the rules
+// defined in the proto definition for this message. If any rules are
+// violated, the result is a list of violation errors wrapped in
+// RemoteDataSourceMultiError, or nil if none found.
+func (m *RemoteDataSource) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *RemoteDataSource) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	if m.GetHttpUri() == nil {
+		err := RemoteDataSourceValidationError{
+			field:  "HttpUri",
+			reason: "value is required",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+	}
+
+	if all {
+		switch v := interface{}(m.GetHttpUri()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, RemoteDataSourceValidationError{
+					field:  "HttpUri",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, RemoteDataSourceValidationError{
+					field:  "HttpUri",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetHttpUri()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return RemoteDataSourceValidationError{
+				field:  "HttpUri",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if utf8.RuneCountInString(m.GetSha256()) < 1 {
+		err := RemoteDataSourceValidationError{
+			field:  "Sha256",
+			reason: "value length must be at least 1 runes",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+	}
+
+	if all {
+		switch v := interface{}(m.GetRetryPolicy()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, RemoteDataSourceValidationError{
+					field:  "RetryPolicy",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, RemoteDataSourceValidationError{
+					field:  "RetryPolicy",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetRetryPolicy()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return RemoteDataSourceValidationError{
+				field:  "RetryPolicy",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if len(errors) > 0 {
+		return RemoteDataSourceMultiError(errors)
+	}
+	return nil
+}
+
+// RemoteDataSourceMultiError is an error wrapping multiple validation errors
+// returned by RemoteDataSource.ValidateAll() if the designated constraints
+// aren't met.
+type RemoteDataSourceMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m RemoteDataSourceMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m RemoteDataSourceMultiError) AllErrors() []error { return m }
+
+// RemoteDataSourceValidationError is the validation error returned by
+// RemoteDataSource.Validate if the designated constraints aren't met.
+type RemoteDataSourceValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e RemoteDataSourceValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e RemoteDataSourceValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e RemoteDataSourceValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e RemoteDataSourceValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e RemoteDataSourceValidationError) ErrorName() string { return "RemoteDataSourceValidationError" }
+
+// Error satisfies the builtin error interface
+func (e RemoteDataSourceValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sRemoteDataSource.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = RemoteDataSourceValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = RemoteDataSourceValidationError{}
+
+// Validate checks the field values on AsyncDataSource with the rules defined
+// in the proto definition for this message. If any rules are violated, the
+// first error encountered is returned, or nil if there are no violations.
+func (m *AsyncDataSource) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on AsyncDataSource with the rules
+// defined in the proto definition for this message. If any rules are
+// violated, the result is a list of violation errors wrapped in
+// AsyncDataSourceMultiError, or nil if none found.
+func (m *AsyncDataSource) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *AsyncDataSource) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	switch m.Specifier.(type) {
+
+	case *AsyncDataSource_Local:
+
+		if all {
+			switch v := interface{}(m.GetLocal()).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, AsyncDataSourceValidationError{
+						field:  "Local",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, AsyncDataSourceValidationError{
+						field:  "Local",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(m.GetLocal()).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return AsyncDataSourceValidationError{
+					field:  "Local",
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	case *AsyncDataSource_Remote:
+
+		if all {
+			switch v := interface{}(m.GetRemote()).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, AsyncDataSourceValidationError{
+						field:  "Remote",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, AsyncDataSourceValidationError{
+						field:  "Remote",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(m.GetRemote()).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return AsyncDataSourceValidationError{
+					field:  "Remote",
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	default:
+		err := AsyncDataSourceValidationError{
+			field:  "Specifier",
+			reason: "value is required",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+
+	}
+
+	if len(errors) > 0 {
+		return AsyncDataSourceMultiError(errors)
+	}
+	return nil
+}
+
+// AsyncDataSourceMultiError is an error wrapping multiple validation errors
+// returned by AsyncDataSource.ValidateAll() if the designated constraints
+// aren't met.
+type AsyncDataSourceMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m AsyncDataSourceMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m AsyncDataSourceMultiError) AllErrors() []error { return m }
+
+// AsyncDataSourceValidationError is the validation error returned by
+// AsyncDataSource.Validate if the designated constraints aren't met.
+type AsyncDataSourceValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e AsyncDataSourceValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e AsyncDataSourceValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e AsyncDataSourceValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e AsyncDataSourceValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e AsyncDataSourceValidationError) ErrorName() string { return "AsyncDataSourceValidationError" }
+
+// Error satisfies the builtin error interface
+func (e AsyncDataSourceValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sAsyncDataSource.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = AsyncDataSourceValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = AsyncDataSourceValidationError{}
+
+// Validate checks the field values on TransportSocket with the rules defined
+// in the proto definition for this message. If any rules are violated, the
+// first error encountered is returned, or nil if there are no violations.
+func (m *TransportSocket) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on TransportSocket with the rules
+// defined in the proto definition for this message. If any rules are
+// violated, the result is a list of violation errors wrapped in
+// TransportSocketMultiError, or nil if none found.
+func (m *TransportSocket) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *TransportSocket) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	if utf8.RuneCountInString(m.GetName()) < 1 {
+		err := TransportSocketValidationError{
+			field:  "Name",
+			reason: "value length must be at least 1 runes",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+	}
+
+	switch m.ConfigType.(type) {
+
+	case *TransportSocket_TypedConfig:
+
+		if all {
+			switch v := interface{}(m.GetTypedConfig()).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, TransportSocketValidationError{
+						field:  "TypedConfig",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, TransportSocketValidationError{
+						field:  "TypedConfig",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(m.GetTypedConfig()).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return TransportSocketValidationError{
+					field:  "TypedConfig",
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	}
+
+	if len(errors) > 0 {
+		return TransportSocketMultiError(errors)
+	}
+	return nil
+}
+
+// TransportSocketMultiError is an error wrapping multiple validation errors
+// returned by TransportSocket.ValidateAll() if the designated constraints
+// aren't met.
+type TransportSocketMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m TransportSocketMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m TransportSocketMultiError) AllErrors() []error { return m }
+
+// TransportSocketValidationError is the validation error returned by
+// TransportSocket.Validate if the designated constraints aren't met.
+type TransportSocketValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e TransportSocketValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e TransportSocketValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e TransportSocketValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e TransportSocketValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e TransportSocketValidationError) ErrorName() string { return "TransportSocketValidationError" }
+
+// Error satisfies the builtin error interface
+func (e TransportSocketValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sTransportSocket.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = TransportSocketValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = TransportSocketValidationError{}
+
+// Validate checks the field values on RuntimeFractionalPercent with the rules
+// defined in the proto definition for this message. If any rules are
+// violated, the first error encountered is returned, or nil if there are no violations.
+func (m *RuntimeFractionalPercent) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on RuntimeFractionalPercent with the
+// rules defined in the proto definition for this message. If any rules are
+// violated, the result is a list of violation errors wrapped in
+// RuntimeFractionalPercentMultiError, or nil if none found.
+func (m *RuntimeFractionalPercent) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *RuntimeFractionalPercent) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	if m.GetDefaultValue() == nil {
+		err := RuntimeFractionalPercentValidationError{
+			field:  "DefaultValue",
+			reason: "value is required",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+	}
+
+	if all {
+		switch v := interface{}(m.GetDefaultValue()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, RuntimeFractionalPercentValidationError{
+					field:  "DefaultValue",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, RuntimeFractionalPercentValidationError{
+					field:  "DefaultValue",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetDefaultValue()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return RuntimeFractionalPercentValidationError{
+				field:  "DefaultValue",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	// no validation rules for RuntimeKey
+
+	if len(errors) > 0 {
+		return RuntimeFractionalPercentMultiError(errors)
+	}
+	return nil
+}
+
+// RuntimeFractionalPercentMultiError is an error wrapping multiple validation
+// errors returned by RuntimeFractionalPercent.ValidateAll() if the designated
+// constraints aren't met.
+type RuntimeFractionalPercentMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m RuntimeFractionalPercentMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m RuntimeFractionalPercentMultiError) AllErrors() []error { return m }
+
+// RuntimeFractionalPercentValidationError is the validation error returned by
+// RuntimeFractionalPercent.Validate if the designated constraints aren't met.
+type RuntimeFractionalPercentValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e RuntimeFractionalPercentValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e RuntimeFractionalPercentValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e RuntimeFractionalPercentValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e RuntimeFractionalPercentValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e RuntimeFractionalPercentValidationError) ErrorName() string {
+	return "RuntimeFractionalPercentValidationError"
+}
+
+// Error satisfies the builtin error interface
+func (e RuntimeFractionalPercentValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sRuntimeFractionalPercent.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = RuntimeFractionalPercentValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = RuntimeFractionalPercentValidationError{}
+
+// Validate checks the field values on ControlPlane with the rules defined in
+// the proto definition for this message. If any rules are violated, the first
+// error encountered is returned, or nil if there are no violations.
+func (m *ControlPlane) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on ControlPlane with the rules defined
+// in the proto definition for this message. If any rules are violated, the
+// result is a list of violation errors wrapped in ControlPlaneMultiError, or
+// nil if none found.
+func (m *ControlPlane) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *ControlPlane) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	// no validation rules for Identifier
+
+	if len(errors) > 0 {
+		return ControlPlaneMultiError(errors)
+	}
+	return nil
+}
+
+// ControlPlaneMultiError is an error wrapping multiple validation errors
+// returned by ControlPlane.ValidateAll() if the designated constraints aren't met.
+type ControlPlaneMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m ControlPlaneMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m ControlPlaneMultiError) AllErrors() []error { return m }
+
+// ControlPlaneValidationError is the validation error returned by
+// ControlPlane.Validate if the designated constraints aren't met.
+type ControlPlaneValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e ControlPlaneValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e ControlPlaneValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e ControlPlaneValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e ControlPlaneValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e ControlPlaneValidationError) ErrorName() string { return "ControlPlaneValidationError" }
+
+// Error satisfies the builtin error interface
+func (e ControlPlaneValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sControlPlane.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = ControlPlaneValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = ControlPlaneValidationError{}
diff --git a/vendor/github.com/envoyproxy/go-control-plane/envoy/config/core/v3/config_source.pb.go b/vendor/github.com/envoyproxy/go-control-plane/envoy/config/core/v3/config_source.pb.go
new file mode 100644
index 00000000000..1f3a4c824a8
--- /dev/null
+++ b/vendor/github.com/envoyproxy/go-control-plane/envoy/config/core/v3/config_source.pb.go
@@ -0,0 +1,918 @@
+// Code generated by protoc-gen-go. DO NOT EDIT.
+// versions:
+// 	protoc-gen-go v1.25.0
+// 	protoc        v3.19.1
+// source: envoy/config/core/v3/config_source.proto
+
+package envoy_config_core_v3
+
+import (
+	_ "github.com/cncf/xds/go/udpa/annotations"
+	v3 "github.com/cncf/xds/go/xds/core/v3"
+	_ "github.com/envoyproxy/go-control-plane/envoy/annotations"
+	_ "github.com/envoyproxy/protoc-gen-validate/validate"
+	proto "github.com/golang/protobuf/proto"
+	duration "github.com/golang/protobuf/ptypes/duration"
+	wrappers "github.com/golang/protobuf/ptypes/wrappers"
+	protoreflect "google.golang.org/protobuf/reflect/protoreflect"
+	protoimpl "google.golang.org/protobuf/runtime/protoimpl"
+	reflect "reflect"
+	sync "sync"
+)
+
+const (
+	// Verify that this generated code is sufficiently up-to-date.
+	_ = protoimpl.EnforceVersion(20 - protoimpl.MinVersion)
+	// Verify that runtime/protoimpl is sufficiently up-to-date.
+	_ = protoimpl.EnforceVersion(protoimpl.MaxVersion - 20)
+)
+
+// This is a compile-time assertion that a sufficiently up-to-date version
+// of the legacy proto package is being used.
+const _ = proto.ProtoPackageIsVersion4
+
+// xDS API and non-xDS services version. This is used to describe both resource and transport
+// protocol versions (in distinct configuration fields).
+type ApiVersion int32
+
+const (
+	// When not specified, we assume v2, to ease migration to Envoy's stable API
+	// versioning. If a client does not support v2 (e.g. due to deprecation), this
+	// is an invalid value.
+	//
+	// Deprecated: Do not use.
+	ApiVersion_AUTO ApiVersion = 0
+	// Use xDS v2 API.
+	//
+	// Deprecated: Do not use.
+	ApiVersion_V2 ApiVersion = 1
+	// Use xDS v3 API.
+	ApiVersion_V3 ApiVersion = 2
+)
+
+// Enum value maps for ApiVersion.
+var (
+	ApiVersion_name = map[int32]string{
+		0: "AUTO",
+		1: "V2",
+		2: "V3",
+	}
+	ApiVersion_value = map[string]int32{
+		"AUTO": 0,
+		"V2":   1,
+		"V3":   2,
+	}
+)
+
+func (x ApiVersion) Enum() *ApiVersion {
+	p := new(ApiVersion)
+	*p = x
+	return p
+}
+
+func (x ApiVersion) String() string {
+	return protoimpl.X.EnumStringOf(x.Descriptor(), protoreflect.EnumNumber(x))
+}
+
+func (ApiVersion) Descriptor() protoreflect.EnumDescriptor {
+	return file_envoy_config_core_v3_config_source_proto_enumTypes[0].Descriptor()
+}
+
+func (ApiVersion) Type() protoreflect.EnumType {
+	return &file_envoy_config_core_v3_config_source_proto_enumTypes[0]
+}
+
+func (x ApiVersion) Number() protoreflect.EnumNumber {
+	return protoreflect.EnumNumber(x)
+}
+
+// Deprecated: Use ApiVersion.Descriptor instead.
+func (ApiVersion) EnumDescriptor() ([]byte, []int) {
+	return file_envoy_config_core_v3_config_source_proto_rawDescGZIP(), []int{0}
+}
+
+// APIs may be fetched via either REST or gRPC.
+type ApiConfigSource_ApiType int32
+
+const (
+	// Ideally this would be 'reserved 0' but one can't reserve the default
+	// value. Instead we throw an exception if this is ever used.
+	//
+	// Deprecated: Do not use.
+	ApiConfigSource_DEPRECATED_AND_UNAVAILABLE_DO_NOT_USE ApiConfigSource_ApiType = 0
+	// REST-JSON v2 API. The `canonical JSON encoding
+	// <https://developers.google.com/protocol-buffers/docs/proto3#json>`_ for
+	// the v2 protos is used.
+	ApiConfigSource_REST ApiConfigSource_ApiType = 1
+	// SotW gRPC service.
+	ApiConfigSource_GRPC ApiConfigSource_ApiType = 2
+	// Using the delta xDS gRPC service, i.e. DeltaDiscovery{Request,Response}
+	// rather than Discovery{Request,Response}. Rather than sending Envoy the entire state
+	// with every update, the xDS server only sends what has changed since the last update.
+	ApiConfigSource_DELTA_GRPC ApiConfigSource_ApiType = 3
+	// SotW xDS gRPC with ADS. All resources which resolve to this configuration source will be
+	// multiplexed on a single connection to an ADS endpoint.
+	// [#not-implemented-hide:]
+	ApiConfigSource_AGGREGATED_GRPC ApiConfigSource_ApiType = 5
+	// Delta xDS gRPC with ADS. All resources which resolve to this configuration source will be
+	// multiplexed on a single connection to an ADS endpoint.
+	// [#not-implemented-hide:]
+	ApiConfigSource_AGGREGATED_DELTA_GRPC ApiConfigSource_ApiType = 6
+)
+
+// Enum value maps for ApiConfigSource_ApiType.
+var (
+	ApiConfigSource_ApiType_name = map[int32]string{
+		0: "DEPRECATED_AND_UNAVAILABLE_DO_NOT_USE",
+		1: "REST",
+		2: "GRPC",
+		3: "DELTA_GRPC",
+		5: "AGGREGATED_GRPC",
+		6: "AGGREGATED_DELTA_GRPC",
+	}
+	ApiConfigSource_ApiType_value = map[string]int32{
+		"DEPRECATED_AND_UNAVAILABLE_DO_NOT_USE": 0,
+		"REST":                                  1,
+		"GRPC":                                  2,
+		"DELTA_GRPC":                            3,
+		"AGGREGATED_GRPC":                       5,
+		"AGGREGATED_DELTA_GRPC":                 6,
+	}
+)
+
+func (x ApiConfigSource_ApiType) Enum() *ApiConfigSource_ApiType {
+	p := new(ApiConfigSource_ApiType)
+	*p = x
+	return p
+}
+
+func (x ApiConfigSource_ApiType) String() string {
+	return protoimpl.X.EnumStringOf(x.Descriptor(), protoreflect.EnumNumber(x))
+}
+
+func (ApiConfigSource_ApiType) Descriptor() protoreflect.EnumDescriptor {
+	return file_envoy_config_core_v3_config_source_proto_enumTypes[1].Descriptor()
+}
+
+func (ApiConfigSource_ApiType) Type() protoreflect.EnumType {
+	return &file_envoy_config_core_v3_config_source_proto_enumTypes[1]
+}
+
+func (x ApiConfigSource_ApiType) Number() protoreflect.EnumNumber {
+	return protoreflect.EnumNumber(x)
+}
+
+// Deprecated: Use ApiConfigSource_ApiType.Descriptor instead.
+func (ApiConfigSource_ApiType) EnumDescriptor() ([]byte, []int) {
+	return file_envoy_config_core_v3_config_source_proto_rawDescGZIP(), []int{0, 0}
+}
+
+// API configuration source. This identifies the API type and cluster that Envoy
+// will use to fetch an xDS API.
+// [#next-free-field: 9]
+type ApiConfigSource struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// API type (gRPC, REST, delta gRPC)
+	ApiType ApiConfigSource_ApiType `protobuf:"varint,1,opt,name=api_type,json=apiType,proto3,enum=envoy.config.core.v3.ApiConfigSource_ApiType" json:"api_type,omitempty"`
+	// API version for xDS transport protocol. This describes the xDS gRPC/REST
+	// endpoint and version of [Delta]DiscoveryRequest/Response used on the wire.
+	TransportApiVersion ApiVersion `protobuf:"varint,8,opt,name=transport_api_version,json=transportApiVersion,proto3,enum=envoy.config.core.v3.ApiVersion" json:"transport_api_version,omitempty"`
+	// Cluster names should be used only with REST. If > 1
+	// cluster is defined, clusters will be cycled through if any kind of failure
+	// occurs.
+	//
+	// .. note::
+	//
+	//  The cluster with name ``cluster_name`` must be statically defined and its
+	//  type must not be ``EDS``.
+	ClusterNames []string `protobuf:"bytes,2,rep,name=cluster_names,json=clusterNames,proto3" json:"cluster_names,omitempty"`
+	// Multiple gRPC services be provided for GRPC. If > 1 cluster is defined,
+	// services will be cycled through if any kind of failure occurs.
+	GrpcServices []*GrpcService `protobuf:"bytes,4,rep,name=grpc_services,json=grpcServices,proto3" json:"grpc_services,omitempty"`
+	// For REST APIs, the delay between successive polls.
+	RefreshDelay *duration.Duration `protobuf:"bytes,3,opt,name=refresh_delay,json=refreshDelay,proto3" json:"refresh_delay,omitempty"`
+	// For REST APIs, the request timeout. If not set, a default value of 1s will be used.
+	RequestTimeout *duration.Duration `protobuf:"bytes,5,opt,name=request_timeout,json=requestTimeout,proto3" json:"request_timeout,omitempty"`
+	// For GRPC APIs, the rate limit settings. If present, discovery requests made by Envoy will be
+	// rate limited.
+	RateLimitSettings *RateLimitSettings `protobuf:"bytes,6,opt,name=rate_limit_settings,json=rateLimitSettings,proto3" json:"rate_limit_settings,omitempty"`
+	// Skip the node identifier in subsequent discovery requests for streaming gRPC config types.
+	SetNodeOnFirstMessageOnly bool `protobuf:"varint,7,opt,name=set_node_on_first_message_only,json=setNodeOnFirstMessageOnly,proto3" json:"set_node_on_first_message_only,omitempty"`
+}
+
+func (x *ApiConfigSource) Reset() {
+	*x = ApiConfigSource{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_config_core_v3_config_source_proto_msgTypes[0]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *ApiConfigSource) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*ApiConfigSource) ProtoMessage() {}
+
+func (x *ApiConfigSource) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_config_core_v3_config_source_proto_msgTypes[0]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use ApiConfigSource.ProtoReflect.Descriptor instead.
+func (*ApiConfigSource) Descriptor() ([]byte, []int) {
+	return file_envoy_config_core_v3_config_source_proto_rawDescGZIP(), []int{0}
+}
+
+func (x *ApiConfigSource) GetApiType() ApiConfigSource_ApiType {
+	if x != nil {
+		return x.ApiType
+	}
+	return ApiConfigSource_DEPRECATED_AND_UNAVAILABLE_DO_NOT_USE
+}
+
+func (x *ApiConfigSource) GetTransportApiVersion() ApiVersion {
+	if x != nil {
+		return x.TransportApiVersion
+	}
+	return ApiVersion_AUTO
+}
+
+func (x *ApiConfigSource) GetClusterNames() []string {
+	if x != nil {
+		return x.ClusterNames
+	}
+	return nil
+}
+
+func (x *ApiConfigSource) GetGrpcServices() []*GrpcService {
+	if x != nil {
+		return x.GrpcServices
+	}
+	return nil
+}
+
+func (x *ApiConfigSource) GetRefreshDelay() *duration.Duration {
+	if x != nil {
+		return x.RefreshDelay
+	}
+	return nil
+}
+
+func (x *ApiConfigSource) GetRequestTimeout() *duration.Duration {
+	if x != nil {
+		return x.RequestTimeout
+	}
+	return nil
+}
+
+func (x *ApiConfigSource) GetRateLimitSettings() *RateLimitSettings {
+	if x != nil {
+		return x.RateLimitSettings
+	}
+	return nil
+}
+
+func (x *ApiConfigSource) GetSetNodeOnFirstMessageOnly() bool {
+	if x != nil {
+		return x.SetNodeOnFirstMessageOnly
+	}
+	return false
+}
+
+// Aggregated Discovery Service (ADS) options. This is currently empty, but when
+// set in :ref:`ConfigSource <envoy_v3_api_msg_config.core.v3.ConfigSource>` can be used to
+// specify that ADS is to be used.
+type AggregatedConfigSource struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+}
+
+func (x *AggregatedConfigSource) Reset() {
+	*x = AggregatedConfigSource{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_config_core_v3_config_source_proto_msgTypes[1]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *AggregatedConfigSource) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*AggregatedConfigSource) ProtoMessage() {}
+
+func (x *AggregatedConfigSource) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_config_core_v3_config_source_proto_msgTypes[1]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use AggregatedConfigSource.ProtoReflect.Descriptor instead.
+func (*AggregatedConfigSource) Descriptor() ([]byte, []int) {
+	return file_envoy_config_core_v3_config_source_proto_rawDescGZIP(), []int{1}
+}
+
+// [#not-implemented-hide:]
+// Self-referencing config source options. This is currently empty, but when
+// set in :ref:`ConfigSource <envoy_v3_api_msg_config.core.v3.ConfigSource>` can be used to
+// specify that other data can be obtained from the same server.
+type SelfConfigSource struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// API version for xDS transport protocol. This describes the xDS gRPC/REST
+	// endpoint and version of [Delta]DiscoveryRequest/Response used on the wire.
+	TransportApiVersion ApiVersion `protobuf:"varint,1,opt,name=transport_api_version,json=transportApiVersion,proto3,enum=envoy.config.core.v3.ApiVersion" json:"transport_api_version,omitempty"`
+}
+
+func (x *SelfConfigSource) Reset() {
+	*x = SelfConfigSource{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_config_core_v3_config_source_proto_msgTypes[2]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *SelfConfigSource) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*SelfConfigSource) ProtoMessage() {}
+
+func (x *SelfConfigSource) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_config_core_v3_config_source_proto_msgTypes[2]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use SelfConfigSource.ProtoReflect.Descriptor instead.
+func (*SelfConfigSource) Descriptor() ([]byte, []int) {
+	return file_envoy_config_core_v3_config_source_proto_rawDescGZIP(), []int{2}
+}
+
+func (x *SelfConfigSource) GetTransportApiVersion() ApiVersion {
+	if x != nil {
+		return x.TransportApiVersion
+	}
+	return ApiVersion_AUTO
+}
+
+// Rate Limit settings to be applied for discovery requests made by Envoy.
+type RateLimitSettings struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// Maximum number of tokens to be used for rate limiting discovery request calls. If not set, a
+	// default value of 100 will be used.
+	MaxTokens *wrappers.UInt32Value `protobuf:"bytes,1,opt,name=max_tokens,json=maxTokens,proto3" json:"max_tokens,omitempty"`
+	// Rate at which tokens will be filled per second. If not set, a default fill rate of 10 tokens
+	// per second will be used.
+	FillRate *wrappers.DoubleValue `protobuf:"bytes,2,opt,name=fill_rate,json=fillRate,proto3" json:"fill_rate,omitempty"`
+}
+
+func (x *RateLimitSettings) Reset() {
+	*x = RateLimitSettings{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_config_core_v3_config_source_proto_msgTypes[3]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *RateLimitSettings) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*RateLimitSettings) ProtoMessage() {}
+
+func (x *RateLimitSettings) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_config_core_v3_config_source_proto_msgTypes[3]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use RateLimitSettings.ProtoReflect.Descriptor instead.
+func (*RateLimitSettings) Descriptor() ([]byte, []int) {
+	return file_envoy_config_core_v3_config_source_proto_rawDescGZIP(), []int{3}
+}
+
+func (x *RateLimitSettings) GetMaxTokens() *wrappers.UInt32Value {
+	if x != nil {
+		return x.MaxTokens
+	}
+	return nil
+}
+
+func (x *RateLimitSettings) GetFillRate() *wrappers.DoubleValue {
+	if x != nil {
+		return x.FillRate
+	}
+	return nil
+}
+
+// Configuration for :ref:`listeners <config_listeners>`, :ref:`clusters
+// <config_cluster_manager>`, :ref:`routes
+// <envoy_v3_api_msg_config.route.v3.RouteConfiguration>`, :ref:`endpoints
+// <arch_overview_service_discovery>` etc. may either be sourced from the
+// filesystem or from an xDS API source. Filesystem configs are watched with
+// inotify for updates.
+// [#next-free-field: 8]
+type ConfigSource struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// Authorities that this config source may be used for. An authority specified in a xdstp:// URL
+	// is resolved to a *ConfigSource* prior to configuration fetch. This field provides the
+	// association between authority name and configuration source.
+	// [#not-implemented-hide:]
+	Authorities []*v3.Authority `protobuf:"bytes,7,rep,name=authorities,proto3" json:"authorities,omitempty"`
+	// Types that are assignable to ConfigSourceSpecifier:
+	//	*ConfigSource_Path
+	//	*ConfigSource_ApiConfigSource
+	//	*ConfigSource_Ads
+	//	*ConfigSource_Self
+	ConfigSourceSpecifier isConfigSource_ConfigSourceSpecifier `protobuf_oneof:"config_source_specifier"`
+	// When this timeout is specified, Envoy will wait no longer than the specified time for first
+	// config response on this xDS subscription during the :ref:`initialization process
+	// <arch_overview_initialization>`. After reaching the timeout, Envoy will move to the next
+	// initialization phase, even if the first config is not delivered yet. The timer is activated
+	// when the xDS API subscription starts, and is disarmed on first config update or on error. 0
+	// means no timeout - Envoy will wait indefinitely for the first xDS config (unless another
+	// timeout applies). The default is 15s.
+	InitialFetchTimeout *duration.Duration `protobuf:"bytes,4,opt,name=initial_fetch_timeout,json=initialFetchTimeout,proto3" json:"initial_fetch_timeout,omitempty"`
+	// API version for xDS resources. This implies the type URLs that the client
+	// will request for resources and the resource type that the client will in
+	// turn expect to be delivered.
+	ResourceApiVersion ApiVersion `protobuf:"varint,6,opt,name=resource_api_version,json=resourceApiVersion,proto3,enum=envoy.config.core.v3.ApiVersion" json:"resource_api_version,omitempty"`
+}
+
+func (x *ConfigSource) Reset() {
+	*x = ConfigSource{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_config_core_v3_config_source_proto_msgTypes[4]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *ConfigSource) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*ConfigSource) ProtoMessage() {}
+
+func (x *ConfigSource) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_config_core_v3_config_source_proto_msgTypes[4]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use ConfigSource.ProtoReflect.Descriptor instead.
+func (*ConfigSource) Descriptor() ([]byte, []int) {
+	return file_envoy_config_core_v3_config_source_proto_rawDescGZIP(), []int{4}
+}
+
+func (x *ConfigSource) GetAuthorities() []*v3.Authority {
+	if x != nil {
+		return x.Authorities
+	}
+	return nil
+}
+
+func (m *ConfigSource) GetConfigSourceSpecifier() isConfigSource_ConfigSourceSpecifier {
+	if m != nil {
+		return m.ConfigSourceSpecifier
+	}
+	return nil
+}
+
+func (x *ConfigSource) GetPath() string {
+	if x, ok := x.GetConfigSourceSpecifier().(*ConfigSource_Path); ok {
+		return x.Path
+	}
+	return ""
+}
+
+func (x *ConfigSource) GetApiConfigSource() *ApiConfigSource {
+	if x, ok := x.GetConfigSourceSpecifier().(*ConfigSource_ApiConfigSource); ok {
+		return x.ApiConfigSource
+	}
+	return nil
+}
+
+func (x *ConfigSource) GetAds() *AggregatedConfigSource {
+	if x, ok := x.GetConfigSourceSpecifier().(*ConfigSource_Ads); ok {
+		return x.Ads
+	}
+	return nil
+}
+
+func (x *ConfigSource) GetSelf() *SelfConfigSource {
+	if x, ok := x.GetConfigSourceSpecifier().(*ConfigSource_Self); ok {
+		return x.Self
+	}
+	return nil
+}
+
+func (x *ConfigSource) GetInitialFetchTimeout() *duration.Duration {
+	if x != nil {
+		return x.InitialFetchTimeout
+	}
+	return nil
+}
+
+func (x *ConfigSource) GetResourceApiVersion() ApiVersion {
+	if x != nil {
+		return x.ResourceApiVersion
+	}
+	return ApiVersion_AUTO
+}
+
+type isConfigSource_ConfigSourceSpecifier interface {
+	isConfigSource_ConfigSourceSpecifier()
+}
+
+type ConfigSource_Path struct {
+	// Path on the filesystem to source and watch for configuration updates.
+	// When sourcing configuration for :ref:`secret <envoy_v3_api_msg_extensions.transport_sockets.tls.v3.Secret>`,
+	// the certificate and key files are also watched for updates.
+	//
+	// .. note::
+	//
+	//  The path to the source must exist at config load time.
+	//
+	// .. note::
+	//
+	//   Envoy will only watch the file path for *moves.* This is because in general only moves
+	//   are atomic. The same method of swapping files as is demonstrated in the
+	//   :ref:`runtime documentation <config_runtime_symbolic_link_swap>` can be used here also.
+	Path string `protobuf:"bytes,1,opt,name=path,proto3,oneof"`
+}
+
+type ConfigSource_ApiConfigSource struct {
+	// API configuration source.
+	ApiConfigSource *ApiConfigSource `protobuf:"bytes,2,opt,name=api_config_source,json=apiConfigSource,proto3,oneof"`
+}
+
+type ConfigSource_Ads struct {
+	// When set, ADS will be used to fetch resources. The ADS API configuration
+	// source in the bootstrap configuration is used.
+	Ads *AggregatedConfigSource `protobuf:"bytes,3,opt,name=ads,proto3,oneof"`
+}
+
+type ConfigSource_Self struct {
+	// [#not-implemented-hide:]
+	// When set, the client will access the resources from the same server it got the
+	// ConfigSource from, although not necessarily from the same stream. This is similar to the
+	// :ref:`ads<envoy_v3_api_field.ConfigSource.ads>` field, except that the client may use a
+	// different stream to the same server. As a result, this field can be used for things
+	// like LRS that cannot be sent on an ADS stream. It can also be used to link from (e.g.)
+	// LDS to RDS on the same server without requiring the management server to know its name
+	// or required credentials.
+	// [#next-major-version: In xDS v3, consider replacing the ads field with this one, since
+	// this field can implicitly mean to use the same stream in the case where the ConfigSource
+	// is provided via ADS and the specified data can also be obtained via ADS.]
+	Self *SelfConfigSource `protobuf:"bytes,5,opt,name=self,proto3,oneof"`
+}
+
+func (*ConfigSource_Path) isConfigSource_ConfigSourceSpecifier() {}
+
+func (*ConfigSource_ApiConfigSource) isConfigSource_ConfigSourceSpecifier() {}
+
+func (*ConfigSource_Ads) isConfigSource_ConfigSourceSpecifier() {}
+
+func (*ConfigSource_Self) isConfigSource_ConfigSourceSpecifier() {}
+
+var File_envoy_config_core_v3_config_source_proto protoreflect.FileDescriptor
+
+var file_envoy_config_core_v3_config_source_proto_rawDesc = []byte{
+	0x0a, 0x28, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2f, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2f, 0x63,
+	0x6f, 0x72, 0x65, 0x2f, 0x76, 0x33, 0x2f, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x5f, 0x73, 0x6f,
+	0x75, 0x72, 0x63, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x12, 0x14, 0x65, 0x6e, 0x76, 0x6f,
+	0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x63, 0x6f, 0x72, 0x65, 0x2e, 0x76, 0x33,
+	0x1a, 0x27, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2f, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2f, 0x63,
+	0x6f, 0x72, 0x65, 0x2f, 0x76, 0x33, 0x2f, 0x67, 0x72, 0x70, 0x63, 0x5f, 0x73, 0x65, 0x72, 0x76,
+	0x69, 0x63, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x1e, 0x67, 0x6f, 0x6f, 0x67, 0x6c,
+	0x65, 0x2f, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2f, 0x64, 0x75, 0x72, 0x61, 0x74,
+	0x69, 0x6f, 0x6e, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x1e, 0x67, 0x6f, 0x6f, 0x67, 0x6c,
+	0x65, 0x2f, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2f, 0x77, 0x72, 0x61, 0x70, 0x70,
+	0x65, 0x72, 0x73, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x1b, 0x78, 0x64, 0x73, 0x2f, 0x63,
+	0x6f, 0x72, 0x65, 0x2f, 0x76, 0x33, 0x2f, 0x61, 0x75, 0x74, 0x68, 0x6f, 0x72, 0x69, 0x74, 0x79,
+	0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x23, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2f, 0x61, 0x6e,
+	0x6e, 0x6f, 0x74, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x2f, 0x64, 0x65, 0x70, 0x72, 0x65, 0x63,
+	0x61, 0x74, 0x69, 0x6f, 0x6e, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x1d, 0x75, 0x64, 0x70,
+	0x61, 0x2f, 0x61, 0x6e, 0x6e, 0x6f, 0x74, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x2f, 0x73, 0x74,
+	0x61, 0x74, 0x75, 0x73, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x21, 0x75, 0x64, 0x70, 0x61,
+	0x2f, 0x61, 0x6e, 0x6e, 0x6f, 0x74, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x2f, 0x76, 0x65, 0x72,
+	0x73, 0x69, 0x6f, 0x6e, 0x69, 0x6e, 0x67, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x17, 0x76,
+	0x61, 0x6c, 0x69, 0x64, 0x61, 0x74, 0x65, 0x2f, 0x76, 0x61, 0x6c, 0x69, 0x64, 0x61, 0x74, 0x65,
+	0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x22, 0x9b, 0x06, 0x0a, 0x0f, 0x41, 0x70, 0x69, 0x43, 0x6f,
+	0x6e, 0x66, 0x69, 0x67, 0x53, 0x6f, 0x75, 0x72, 0x63, 0x65, 0x12, 0x52, 0x0a, 0x08, 0x61, 0x70,
+	0x69, 0x5f, 0x74, 0x79, 0x70, 0x65, 0x18, 0x01, 0x20, 0x01, 0x28, 0x0e, 0x32, 0x2d, 0x2e, 0x65,
+	0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x63, 0x6f, 0x72, 0x65,
+	0x2e, 0x76, 0x33, 0x2e, 0x41, 0x70, 0x69, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x53, 0x6f, 0x75,
+	0x72, 0x63, 0x65, 0x2e, 0x41, 0x70, 0x69, 0x54, 0x79, 0x70, 0x65, 0x42, 0x08, 0xfa, 0x42, 0x05,
+	0x82, 0x01, 0x02, 0x10, 0x01, 0x52, 0x07, 0x61, 0x70, 0x69, 0x54, 0x79, 0x70, 0x65, 0x12, 0x5e,
+	0x0a, 0x15, 0x74, 0x72, 0x61, 0x6e, 0x73, 0x70, 0x6f, 0x72, 0x74, 0x5f, 0x61, 0x70, 0x69, 0x5f,
+	0x76, 0x65, 0x72, 0x73, 0x69, 0x6f, 0x6e, 0x18, 0x08, 0x20, 0x01, 0x28, 0x0e, 0x32, 0x20, 0x2e,
+	0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x63, 0x6f, 0x72,
+	0x65, 0x2e, 0x76, 0x33, 0x2e, 0x41, 0x70, 0x69, 0x56, 0x65, 0x72, 0x73, 0x69, 0x6f, 0x6e, 0x42,
+	0x08, 0xfa, 0x42, 0x05, 0x82, 0x01, 0x02, 0x10, 0x01, 0x52, 0x13, 0x74, 0x72, 0x61, 0x6e, 0x73,
+	0x70, 0x6f, 0x72, 0x74, 0x41, 0x70, 0x69, 0x56, 0x65, 0x72, 0x73, 0x69, 0x6f, 0x6e, 0x12, 0x23,
+	0x0a, 0x0d, 0x63, 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0x5f, 0x6e, 0x61, 0x6d, 0x65, 0x73, 0x18,
+	0x02, 0x20, 0x03, 0x28, 0x09, 0x52, 0x0c, 0x63, 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0x4e, 0x61,
+	0x6d, 0x65, 0x73, 0x12, 0x46, 0x0a, 0x0d, 0x67, 0x72, 0x70, 0x63, 0x5f, 0x73, 0x65, 0x72, 0x76,
+	0x69, 0x63, 0x65, 0x73, 0x18, 0x04, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x21, 0x2e, 0x65, 0x6e, 0x76,
+	0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x63, 0x6f, 0x72, 0x65, 0x2e, 0x76,
+	0x33, 0x2e, 0x47, 0x72, 0x70, 0x63, 0x53, 0x65, 0x72, 0x76, 0x69, 0x63, 0x65, 0x52, 0x0c, 0x67,
+	0x72, 0x70, 0x63, 0x53, 0x65, 0x72, 0x76, 0x69, 0x63, 0x65, 0x73, 0x12, 0x3e, 0x0a, 0x0d, 0x72,
+	0x65, 0x66, 0x72, 0x65, 0x73, 0x68, 0x5f, 0x64, 0x65, 0x6c, 0x61, 0x79, 0x18, 0x03, 0x20, 0x01,
+	0x28, 0x0b, 0x32, 0x19, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74,
+	0x6f, 0x62, 0x75, 0x66, 0x2e, 0x44, 0x75, 0x72, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x52, 0x0c, 0x72,
+	0x65, 0x66, 0x72, 0x65, 0x73, 0x68, 0x44, 0x65, 0x6c, 0x61, 0x79, 0x12, 0x4c, 0x0a, 0x0f, 0x72,
+	0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x5f, 0x74, 0x69, 0x6d, 0x65, 0x6f, 0x75, 0x74, 0x18, 0x05,
+	0x20, 0x01, 0x28, 0x0b, 0x32, 0x19, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72,
+	0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x44, 0x75, 0x72, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x42,
+	0x08, 0xfa, 0x42, 0x05, 0xaa, 0x01, 0x02, 0x2a, 0x00, 0x52, 0x0e, 0x72, 0x65, 0x71, 0x75, 0x65,
+	0x73, 0x74, 0x54, 0x69, 0x6d, 0x65, 0x6f, 0x75, 0x74, 0x12, 0x57, 0x0a, 0x13, 0x72, 0x61, 0x74,
+	0x65, 0x5f, 0x6c, 0x69, 0x6d, 0x69, 0x74, 0x5f, 0x73, 0x65, 0x74, 0x74, 0x69, 0x6e, 0x67, 0x73,
+	0x18, 0x06, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x27, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63,
+	0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x63, 0x6f, 0x72, 0x65, 0x2e, 0x76, 0x33, 0x2e, 0x52, 0x61,
+	0x74, 0x65, 0x4c, 0x69, 0x6d, 0x69, 0x74, 0x53, 0x65, 0x74, 0x74, 0x69, 0x6e, 0x67, 0x73, 0x52,
+	0x11, 0x72, 0x61, 0x74, 0x65, 0x4c, 0x69, 0x6d, 0x69, 0x74, 0x53, 0x65, 0x74, 0x74, 0x69, 0x6e,
+	0x67, 0x73, 0x12, 0x41, 0x0a, 0x1e, 0x73, 0x65, 0x74, 0x5f, 0x6e, 0x6f, 0x64, 0x65, 0x5f, 0x6f,
+	0x6e, 0x5f, 0x66, 0x69, 0x72, 0x73, 0x74, 0x5f, 0x6d, 0x65, 0x73, 0x73, 0x61, 0x67, 0x65, 0x5f,
+	0x6f, 0x6e, 0x6c, 0x79, 0x18, 0x07, 0x20, 0x01, 0x28, 0x08, 0x52, 0x19, 0x73, 0x65, 0x74, 0x4e,
+	0x6f, 0x64, 0x65, 0x4f, 0x6e, 0x46, 0x69, 0x72, 0x73, 0x74, 0x4d, 0x65, 0x73, 0x73, 0x61, 0x67,
+	0x65, 0x4f, 0x6e, 0x6c, 0x79, 0x22, 0x92, 0x01, 0x0a, 0x07, 0x41, 0x70, 0x69, 0x54, 0x79, 0x70,
+	0x65, 0x12, 0x33, 0x0a, 0x25, 0x44, 0x45, 0x50, 0x52, 0x45, 0x43, 0x41, 0x54, 0x45, 0x44, 0x5f,
+	0x41, 0x4e, 0x44, 0x5f, 0x55, 0x4e, 0x41, 0x56, 0x41, 0x49, 0x4c, 0x41, 0x42, 0x4c, 0x45, 0x5f,
+	0x44, 0x4f, 0x5f, 0x4e, 0x4f, 0x54, 0x5f, 0x55, 0x53, 0x45, 0x10, 0x00, 0x1a, 0x08, 0x08, 0x01,
+	0xa8, 0xf7, 0xb4, 0x8b, 0x02, 0x01, 0x12, 0x08, 0x0a, 0x04, 0x52, 0x45, 0x53, 0x54, 0x10, 0x01,
+	0x12, 0x08, 0x0a, 0x04, 0x47, 0x52, 0x50, 0x43, 0x10, 0x02, 0x12, 0x0e, 0x0a, 0x0a, 0x44, 0x45,
+	0x4c, 0x54, 0x41, 0x5f, 0x47, 0x52, 0x50, 0x43, 0x10, 0x03, 0x12, 0x13, 0x0a, 0x0f, 0x41, 0x47,
+	0x47, 0x52, 0x45, 0x47, 0x41, 0x54, 0x45, 0x44, 0x5f, 0x47, 0x52, 0x50, 0x43, 0x10, 0x05, 0x12,
+	0x19, 0x0a, 0x15, 0x41, 0x47, 0x47, 0x52, 0x45, 0x47, 0x41, 0x54, 0x45, 0x44, 0x5f, 0x44, 0x45,
+	0x4c, 0x54, 0x41, 0x5f, 0x47, 0x52, 0x50, 0x43, 0x10, 0x06, 0x3a, 0x28, 0x9a, 0xc5, 0x88, 0x1e,
+	0x23, 0x0a, 0x21, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x76, 0x32, 0x2e,
+	0x63, 0x6f, 0x72, 0x65, 0x2e, 0x41, 0x70, 0x69, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x53, 0x6f,
+	0x75, 0x72, 0x63, 0x65, 0x22, 0x49, 0x0a, 0x16, 0x41, 0x67, 0x67, 0x72, 0x65, 0x67, 0x61, 0x74,
+	0x65, 0x64, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x53, 0x6f, 0x75, 0x72, 0x63, 0x65, 0x3a, 0x2f,
+	0x9a, 0xc5, 0x88, 0x1e, 0x2a, 0x0a, 0x28, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61, 0x70, 0x69,
+	0x2e, 0x76, 0x32, 0x2e, 0x63, 0x6f, 0x72, 0x65, 0x2e, 0x41, 0x67, 0x67, 0x72, 0x65, 0x67, 0x61,
+	0x74, 0x65, 0x64, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x53, 0x6f, 0x75, 0x72, 0x63, 0x65, 0x22,
+	0x9d, 0x01, 0x0a, 0x10, 0x53, 0x65, 0x6c, 0x66, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x53, 0x6f,
+	0x75, 0x72, 0x63, 0x65, 0x12, 0x5e, 0x0a, 0x15, 0x74, 0x72, 0x61, 0x6e, 0x73, 0x70, 0x6f, 0x72,
+	0x74, 0x5f, 0x61, 0x70, 0x69, 0x5f, 0x76, 0x65, 0x72, 0x73, 0x69, 0x6f, 0x6e, 0x18, 0x01, 0x20,
+	0x01, 0x28, 0x0e, 0x32, 0x20, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66,
+	0x69, 0x67, 0x2e, 0x63, 0x6f, 0x72, 0x65, 0x2e, 0x76, 0x33, 0x2e, 0x41, 0x70, 0x69, 0x56, 0x65,
+	0x72, 0x73, 0x69, 0x6f, 0x6e, 0x42, 0x08, 0xfa, 0x42, 0x05, 0x82, 0x01, 0x02, 0x10, 0x01, 0x52,
+	0x13, 0x74, 0x72, 0x61, 0x6e, 0x73, 0x70, 0x6f, 0x72, 0x74, 0x41, 0x70, 0x69, 0x56, 0x65, 0x72,
+	0x73, 0x69, 0x6f, 0x6e, 0x3a, 0x29, 0x9a, 0xc5, 0x88, 0x1e, 0x24, 0x0a, 0x22, 0x65, 0x6e, 0x76,
+	0x6f, 0x79, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x76, 0x32, 0x2e, 0x63, 0x6f, 0x72, 0x65, 0x2e, 0x53,
+	0x65, 0x6c, 0x66, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x53, 0x6f, 0x75, 0x72, 0x63, 0x65, 0x22,
+	0xc7, 0x01, 0x0a, 0x11, 0x52, 0x61, 0x74, 0x65, 0x4c, 0x69, 0x6d, 0x69, 0x74, 0x53, 0x65, 0x74,
+	0x74, 0x69, 0x6e, 0x67, 0x73, 0x12, 0x3b, 0x0a, 0x0a, 0x6d, 0x61, 0x78, 0x5f, 0x74, 0x6f, 0x6b,
+	0x65, 0x6e, 0x73, 0x18, 0x01, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1c, 0x2e, 0x67, 0x6f, 0x6f, 0x67,
+	0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x55, 0x49, 0x6e, 0x74,
+	0x33, 0x32, 0x56, 0x61, 0x6c, 0x75, 0x65, 0x52, 0x09, 0x6d, 0x61, 0x78, 0x54, 0x6f, 0x6b, 0x65,
+	0x6e, 0x73, 0x12, 0x49, 0x0a, 0x09, 0x66, 0x69, 0x6c, 0x6c, 0x5f, 0x72, 0x61, 0x74, 0x65, 0x18,
+	0x02, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1c, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70,
+	0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x44, 0x6f, 0x75, 0x62, 0x6c, 0x65, 0x56, 0x61,
+	0x6c, 0x75, 0x65, 0x42, 0x0e, 0xfa, 0x42, 0x0b, 0x12, 0x09, 0x21, 0x00, 0x00, 0x00, 0x00, 0x00,
+	0x00, 0x00, 0x00, 0x52, 0x08, 0x66, 0x69, 0x6c, 0x6c, 0x52, 0x61, 0x74, 0x65, 0x3a, 0x2a, 0x9a,
+	0xc5, 0x88, 0x1e, 0x25, 0x0a, 0x23, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61, 0x70, 0x69, 0x2e,
+	0x76, 0x32, 0x2e, 0x63, 0x6f, 0x72, 0x65, 0x2e, 0x52, 0x61, 0x74, 0x65, 0x4c, 0x69, 0x6d, 0x69,
+	0x74, 0x53, 0x65, 0x74, 0x74, 0x69, 0x6e, 0x67, 0x73, 0x22, 0xa7, 0x04, 0x0a, 0x0c, 0x43, 0x6f,
+	0x6e, 0x66, 0x69, 0x67, 0x53, 0x6f, 0x75, 0x72, 0x63, 0x65, 0x12, 0x38, 0x0a, 0x0b, 0x61, 0x75,
+	0x74, 0x68, 0x6f, 0x72, 0x69, 0x74, 0x69, 0x65, 0x73, 0x18, 0x07, 0x20, 0x03, 0x28, 0x0b, 0x32,
+	0x16, 0x2e, 0x78, 0x64, 0x73, 0x2e, 0x63, 0x6f, 0x72, 0x65, 0x2e, 0x76, 0x33, 0x2e, 0x41, 0x75,
+	0x74, 0x68, 0x6f, 0x72, 0x69, 0x74, 0x79, 0x52, 0x0b, 0x61, 0x75, 0x74, 0x68, 0x6f, 0x72, 0x69,
+	0x74, 0x69, 0x65, 0x73, 0x12, 0x14, 0x0a, 0x04, 0x70, 0x61, 0x74, 0x68, 0x18, 0x01, 0x20, 0x01,
+	0x28, 0x09, 0x48, 0x00, 0x52, 0x04, 0x70, 0x61, 0x74, 0x68, 0x12, 0x53, 0x0a, 0x11, 0x61, 0x70,
+	0x69, 0x5f, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x5f, 0x73, 0x6f, 0x75, 0x72, 0x63, 0x65, 0x18,
+	0x02, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x25, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f,
+	0x6e, 0x66, 0x69, 0x67, 0x2e, 0x63, 0x6f, 0x72, 0x65, 0x2e, 0x76, 0x33, 0x2e, 0x41, 0x70, 0x69,
+	0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x53, 0x6f, 0x75, 0x72, 0x63, 0x65, 0x48, 0x00, 0x52, 0x0f,
+	0x61, 0x70, 0x69, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x53, 0x6f, 0x75, 0x72, 0x63, 0x65, 0x12,
+	0x40, 0x0a, 0x03, 0x61, 0x64, 0x73, 0x18, 0x03, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x2c, 0x2e, 0x65,
+	0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x63, 0x6f, 0x72, 0x65,
+	0x2e, 0x76, 0x33, 0x2e, 0x41, 0x67, 0x67, 0x72, 0x65, 0x67, 0x61, 0x74, 0x65, 0x64, 0x43, 0x6f,
+	0x6e, 0x66, 0x69, 0x67, 0x53, 0x6f, 0x75, 0x72, 0x63, 0x65, 0x48, 0x00, 0x52, 0x03, 0x61, 0x64,
+	0x73, 0x12, 0x3c, 0x0a, 0x04, 0x73, 0x65, 0x6c, 0x66, 0x18, 0x05, 0x20, 0x01, 0x28, 0x0b, 0x32,
+	0x26, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x63,
+	0x6f, 0x72, 0x65, 0x2e, 0x76, 0x33, 0x2e, 0x53, 0x65, 0x6c, 0x66, 0x43, 0x6f, 0x6e, 0x66, 0x69,
+	0x67, 0x53, 0x6f, 0x75, 0x72, 0x63, 0x65, 0x48, 0x00, 0x52, 0x04, 0x73, 0x65, 0x6c, 0x66, 0x12,
+	0x4d, 0x0a, 0x15, 0x69, 0x6e, 0x69, 0x74, 0x69, 0x61, 0x6c, 0x5f, 0x66, 0x65, 0x74, 0x63, 0x68,
+	0x5f, 0x74, 0x69, 0x6d, 0x65, 0x6f, 0x75, 0x74, 0x18, 0x04, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x19,
+	0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66,
+	0x2e, 0x44, 0x75, 0x72, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x52, 0x13, 0x69, 0x6e, 0x69, 0x74, 0x69,
+	0x61, 0x6c, 0x46, 0x65, 0x74, 0x63, 0x68, 0x54, 0x69, 0x6d, 0x65, 0x6f, 0x75, 0x74, 0x12, 0x5c,
+	0x0a, 0x14, 0x72, 0x65, 0x73, 0x6f, 0x75, 0x72, 0x63, 0x65, 0x5f, 0x61, 0x70, 0x69, 0x5f, 0x76,
+	0x65, 0x72, 0x73, 0x69, 0x6f, 0x6e, 0x18, 0x06, 0x20, 0x01, 0x28, 0x0e, 0x32, 0x20, 0x2e, 0x65,
+	0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x63, 0x6f, 0x72, 0x65,
+	0x2e, 0x76, 0x33, 0x2e, 0x41, 0x70, 0x69, 0x56, 0x65, 0x72, 0x73, 0x69, 0x6f, 0x6e, 0x42, 0x08,
+	0xfa, 0x42, 0x05, 0x82, 0x01, 0x02, 0x10, 0x01, 0x52, 0x12, 0x72, 0x65, 0x73, 0x6f, 0x75, 0x72,
+	0x63, 0x65, 0x41, 0x70, 0x69, 0x56, 0x65, 0x72, 0x73, 0x69, 0x6f, 0x6e, 0x3a, 0x25, 0x9a, 0xc5,
+	0x88, 0x1e, 0x20, 0x0a, 0x1e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x76,
+	0x32, 0x2e, 0x63, 0x6f, 0x72, 0x65, 0x2e, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x53, 0x6f, 0x75,
+	0x72, 0x63, 0x65, 0x42, 0x1e, 0x0a, 0x17, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x5f, 0x73, 0x6f,
+	0x75, 0x72, 0x63, 0x65, 0x5f, 0x73, 0x70, 0x65, 0x63, 0x69, 0x66, 0x69, 0x65, 0x72, 0x12, 0x03,
+	0xf8, 0x42, 0x01, 0x2a, 0x40, 0x0a, 0x0a, 0x41, 0x70, 0x69, 0x56, 0x65, 0x72, 0x73, 0x69, 0x6f,
+	0x6e, 0x12, 0x15, 0x0a, 0x04, 0x41, 0x55, 0x54, 0x4f, 0x10, 0x00, 0x1a, 0x0b, 0x08, 0x01, 0x8a,
+	0xf4, 0x9b, 0xb3, 0x05, 0x03, 0x33, 0x2e, 0x30, 0x12, 0x13, 0x0a, 0x02, 0x56, 0x32, 0x10, 0x01,
+	0x1a, 0x0b, 0x08, 0x01, 0x8a, 0xf4, 0x9b, 0xb3, 0x05, 0x03, 0x33, 0x2e, 0x30, 0x12, 0x06, 0x0a,
+	0x02, 0x56, 0x33, 0x10, 0x02, 0x42, 0x41, 0x0a, 0x22, 0x69, 0x6f, 0x2e, 0x65, 0x6e, 0x76, 0x6f,
+	0x79, 0x70, 0x72, 0x6f, 0x78, 0x79, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e,
+	0x66, 0x69, 0x67, 0x2e, 0x63, 0x6f, 0x72, 0x65, 0x2e, 0x76, 0x33, 0x42, 0x11, 0x43, 0x6f, 0x6e,
+	0x66, 0x69, 0x67, 0x53, 0x6f, 0x75, 0x72, 0x63, 0x65, 0x50, 0x72, 0x6f, 0x74, 0x6f, 0x50, 0x01,
+	0xba, 0x80, 0xc8, 0xd1, 0x06, 0x02, 0x10, 0x02, 0x62, 0x06, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x33,
+}
+
+var (
+	file_envoy_config_core_v3_config_source_proto_rawDescOnce sync.Once
+	file_envoy_config_core_v3_config_source_proto_rawDescData = file_envoy_config_core_v3_config_source_proto_rawDesc
+)
+
+func file_envoy_config_core_v3_config_source_proto_rawDescGZIP() []byte {
+	file_envoy_config_core_v3_config_source_proto_rawDescOnce.Do(func() {
+		file_envoy_config_core_v3_config_source_proto_rawDescData = protoimpl.X.CompressGZIP(file_envoy_config_core_v3_config_source_proto_rawDescData)
+	})
+	return file_envoy_config_core_v3_config_source_proto_rawDescData
+}
+
+var file_envoy_config_core_v3_config_source_proto_enumTypes = make([]protoimpl.EnumInfo, 2)
+var file_envoy_config_core_v3_config_source_proto_msgTypes = make([]protoimpl.MessageInfo, 5)
+var file_envoy_config_core_v3_config_source_proto_goTypes = []interface{}{
+	(ApiVersion)(0),                // 0: envoy.config.core.v3.ApiVersion
+	(ApiConfigSource_ApiType)(0),   // 1: envoy.config.core.v3.ApiConfigSource.ApiType
+	(*ApiConfigSource)(nil),        // 2: envoy.config.core.v3.ApiConfigSource
+	(*AggregatedConfigSource)(nil), // 3: envoy.config.core.v3.AggregatedConfigSource
+	(*SelfConfigSource)(nil),       // 4: envoy.config.core.v3.SelfConfigSource
+	(*RateLimitSettings)(nil),      // 5: envoy.config.core.v3.RateLimitSettings
+	(*ConfigSource)(nil),           // 6: envoy.config.core.v3.ConfigSource
+	(*GrpcService)(nil),            // 7: envoy.config.core.v3.GrpcService
+	(*duration.Duration)(nil),      // 8: google.protobuf.Duration
+	(*wrappers.UInt32Value)(nil),   // 9: google.protobuf.UInt32Value
+	(*wrappers.DoubleValue)(nil),   // 10: google.protobuf.DoubleValue
+	(*v3.Authority)(nil),           // 11: xds.core.v3.Authority
+}
+var file_envoy_config_core_v3_config_source_proto_depIdxs = []int32{
+	1,  // 0: envoy.config.core.v3.ApiConfigSource.api_type:type_name -> envoy.config.core.v3.ApiConfigSource.ApiType
+	0,  // 1: envoy.config.core.v3.ApiConfigSource.transport_api_version:type_name -> envoy.config.core.v3.ApiVersion
+	7,  // 2: envoy.config.core.v3.ApiConfigSource.grpc_services:type_name -> envoy.config.core.v3.GrpcService
+	8,  // 3: envoy.config.core.v3.ApiConfigSource.refresh_delay:type_name -> google.protobuf.Duration
+	8,  // 4: envoy.config.core.v3.ApiConfigSource.request_timeout:type_name -> google.protobuf.Duration
+	5,  // 5: envoy.config.core.v3.ApiConfigSource.rate_limit_settings:type_name -> envoy.config.core.v3.RateLimitSettings
+	0,  // 6: envoy.config.core.v3.SelfConfigSource.transport_api_version:type_name -> envoy.config.core.v3.ApiVersion
+	9,  // 7: envoy.config.core.v3.RateLimitSettings.max_tokens:type_name -> google.protobuf.UInt32Value
+	10, // 8: envoy.config.core.v3.RateLimitSettings.fill_rate:type_name -> google.protobuf.DoubleValue
+	11, // 9: envoy.config.core.v3.ConfigSource.authorities:type_name -> xds.core.v3.Authority
+	2,  // 10: envoy.config.core.v3.ConfigSource.api_config_source:type_name -> envoy.config.core.v3.ApiConfigSource
+	3,  // 11: envoy.config.core.v3.ConfigSource.ads:type_name -> envoy.config.core.v3.AggregatedConfigSource
+	4,  // 12: envoy.config.core.v3.ConfigSource.self:type_name -> envoy.config.core.v3.SelfConfigSource
+	8,  // 13: envoy.config.core.v3.ConfigSource.initial_fetch_timeout:type_name -> google.protobuf.Duration
+	0,  // 14: envoy.config.core.v3.ConfigSource.resource_api_version:type_name -> envoy.config.core.v3.ApiVersion
+	15, // [15:15] is the sub-list for method output_type
+	15, // [15:15] is the sub-list for method input_type
+	15, // [15:15] is the sub-list for extension type_name
+	15, // [15:15] is the sub-list for extension extendee
+	0,  // [0:15] is the sub-list for field type_name
+}
+
+func init() { file_envoy_config_core_v3_config_source_proto_init() }
+func file_envoy_config_core_v3_config_source_proto_init() {
+	if File_envoy_config_core_v3_config_source_proto != nil {
+		return
+	}
+	file_envoy_config_core_v3_grpc_service_proto_init()
+	if !protoimpl.UnsafeEnabled {
+		file_envoy_config_core_v3_config_source_proto_msgTypes[0].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*ApiConfigSource); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_config_core_v3_config_source_proto_msgTypes[1].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*AggregatedConfigSource); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_config_core_v3_config_source_proto_msgTypes[2].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*SelfConfigSource); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_config_core_v3_config_source_proto_msgTypes[3].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*RateLimitSettings); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_config_core_v3_config_source_proto_msgTypes[4].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*ConfigSource); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+	}
+	file_envoy_config_core_v3_config_source_proto_msgTypes[4].OneofWrappers = []interface{}{
+		(*ConfigSource_Path)(nil),
+		(*ConfigSource_ApiConfigSource)(nil),
+		(*ConfigSource_Ads)(nil),
+		(*ConfigSource_Self)(nil),
+	}
+	type x struct{}
+	out := protoimpl.TypeBuilder{
+		File: protoimpl.DescBuilder{
+			GoPackagePath: reflect.TypeOf(x{}).PkgPath(),
+			RawDescriptor: file_envoy_config_core_v3_config_source_proto_rawDesc,
+			NumEnums:      2,
+			NumMessages:   5,
+			NumExtensions: 0,
+			NumServices:   0,
+		},
+		GoTypes:           file_envoy_config_core_v3_config_source_proto_goTypes,
+		DependencyIndexes: file_envoy_config_core_v3_config_source_proto_depIdxs,
+		EnumInfos:         file_envoy_config_core_v3_config_source_proto_enumTypes,
+		MessageInfos:      file_envoy_config_core_v3_config_source_proto_msgTypes,
+	}.Build()
+	File_envoy_config_core_v3_config_source_proto = out.File
+	file_envoy_config_core_v3_config_source_proto_rawDesc = nil
+	file_envoy_config_core_v3_config_source_proto_goTypes = nil
+	file_envoy_config_core_v3_config_source_proto_depIdxs = nil
+}
diff --git a/vendor/github.com/envoyproxy/go-control-plane/envoy/config/core/v3/config_source.pb.validate.go b/vendor/github.com/envoyproxy/go-control-plane/envoy/config/core/v3/config_source.pb.validate.go
new file mode 100644
index 00000000000..ee96b1a929b
--- /dev/null
+++ b/vendor/github.com/envoyproxy/go-control-plane/envoy/config/core/v3/config_source.pb.validate.go
@@ -0,0 +1,919 @@
+// Code generated by protoc-gen-validate. DO NOT EDIT.
+// source: envoy/config/core/v3/config_source.proto
+
+package envoy_config_core_v3
+
+import (
+	"bytes"
+	"errors"
+	"fmt"
+	"net"
+	"net/mail"
+	"net/url"
+	"regexp"
+	"sort"
+	"strings"
+	"time"
+	"unicode/utf8"
+
+	"google.golang.org/protobuf/types/known/anypb"
+)
+
+// ensure the imports are used
+var (
+	_ = bytes.MinRead
+	_ = errors.New("")
+	_ = fmt.Print
+	_ = utf8.UTFMax
+	_ = (*regexp.Regexp)(nil)
+	_ = (*strings.Reader)(nil)
+	_ = net.IPv4len
+	_ = time.Duration(0)
+	_ = (*url.URL)(nil)
+	_ = (*mail.Address)(nil)
+	_ = anypb.Any{}
+	_ = sort.Sort
+)
+
+// Validate checks the field values on ApiConfigSource with the rules defined
+// in the proto definition for this message. If any rules are violated, the
+// first error encountered is returned, or nil if there are no violations.
+func (m *ApiConfigSource) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on ApiConfigSource with the rules
+// defined in the proto definition for this message. If any rules are
+// violated, the result is a list of violation errors wrapped in
+// ApiConfigSourceMultiError, or nil if none found.
+func (m *ApiConfigSource) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *ApiConfigSource) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	if _, ok := ApiConfigSource_ApiType_name[int32(m.GetApiType())]; !ok {
+		err := ApiConfigSourceValidationError{
+			field:  "ApiType",
+			reason: "value must be one of the defined enum values",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+	}
+
+	if _, ok := ApiVersion_name[int32(m.GetTransportApiVersion())]; !ok {
+		err := ApiConfigSourceValidationError{
+			field:  "TransportApiVersion",
+			reason: "value must be one of the defined enum values",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+	}
+
+	for idx, item := range m.GetGrpcServices() {
+		_, _ = idx, item
+
+		if all {
+			switch v := interface{}(item).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, ApiConfigSourceValidationError{
+						field:  fmt.Sprintf("GrpcServices[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, ApiConfigSourceValidationError{
+						field:  fmt.Sprintf("GrpcServices[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(item).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return ApiConfigSourceValidationError{
+					field:  fmt.Sprintf("GrpcServices[%v]", idx),
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	}
+
+	if all {
+		switch v := interface{}(m.GetRefreshDelay()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, ApiConfigSourceValidationError{
+					field:  "RefreshDelay",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, ApiConfigSourceValidationError{
+					field:  "RefreshDelay",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetRefreshDelay()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return ApiConfigSourceValidationError{
+				field:  "RefreshDelay",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if d := m.GetRequestTimeout(); d != nil {
+		dur, err := d.AsDuration(), d.CheckValid()
+		if err != nil {
+			err = ApiConfigSourceValidationError{
+				field:  "RequestTimeout",
+				reason: "value is not a valid duration",
+				cause:  err,
+			}
+			if !all {
+				return err
+			}
+			errors = append(errors, err)
+		} else {
+
+			gt := time.Duration(0*time.Second + 0*time.Nanosecond)
+
+			if dur <= gt {
+				err := ApiConfigSourceValidationError{
+					field:  "RequestTimeout",
+					reason: "value must be greater than 0s",
+				}
+				if !all {
+					return err
+				}
+				errors = append(errors, err)
+			}
+
+		}
+	}
+
+	if all {
+		switch v := interface{}(m.GetRateLimitSettings()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, ApiConfigSourceValidationError{
+					field:  "RateLimitSettings",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, ApiConfigSourceValidationError{
+					field:  "RateLimitSettings",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetRateLimitSettings()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return ApiConfigSourceValidationError{
+				field:  "RateLimitSettings",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	// no validation rules for SetNodeOnFirstMessageOnly
+
+	if len(errors) > 0 {
+		return ApiConfigSourceMultiError(errors)
+	}
+	return nil
+}
+
+// ApiConfigSourceMultiError is an error wrapping multiple validation errors
+// returned by ApiConfigSource.ValidateAll() if the designated constraints
+// aren't met.
+type ApiConfigSourceMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m ApiConfigSourceMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m ApiConfigSourceMultiError) AllErrors() []error { return m }
+
+// ApiConfigSourceValidationError is the validation error returned by
+// ApiConfigSource.Validate if the designated constraints aren't met.
+type ApiConfigSourceValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e ApiConfigSourceValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e ApiConfigSourceValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e ApiConfigSourceValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e ApiConfigSourceValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e ApiConfigSourceValidationError) ErrorName() string { return "ApiConfigSourceValidationError" }
+
+// Error satisfies the builtin error interface
+func (e ApiConfigSourceValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sApiConfigSource.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = ApiConfigSourceValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = ApiConfigSourceValidationError{}
+
+// Validate checks the field values on AggregatedConfigSource with the rules
+// defined in the proto definition for this message. If any rules are
+// violated, the first error encountered is returned, or nil if there are no violations.
+func (m *AggregatedConfigSource) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on AggregatedConfigSource with the rules
+// defined in the proto definition for this message. If any rules are
+// violated, the result is a list of violation errors wrapped in
+// AggregatedConfigSourceMultiError, or nil if none found.
+func (m *AggregatedConfigSource) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *AggregatedConfigSource) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	if len(errors) > 0 {
+		return AggregatedConfigSourceMultiError(errors)
+	}
+	return nil
+}
+
+// AggregatedConfigSourceMultiError is an error wrapping multiple validation
+// errors returned by AggregatedConfigSource.ValidateAll() if the designated
+// constraints aren't met.
+type AggregatedConfigSourceMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m AggregatedConfigSourceMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m AggregatedConfigSourceMultiError) AllErrors() []error { return m }
+
+// AggregatedConfigSourceValidationError is the validation error returned by
+// AggregatedConfigSource.Validate if the designated constraints aren't met.
+type AggregatedConfigSourceValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e AggregatedConfigSourceValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e AggregatedConfigSourceValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e AggregatedConfigSourceValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e AggregatedConfigSourceValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e AggregatedConfigSourceValidationError) ErrorName() string {
+	return "AggregatedConfigSourceValidationError"
+}
+
+// Error satisfies the builtin error interface
+func (e AggregatedConfigSourceValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sAggregatedConfigSource.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = AggregatedConfigSourceValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = AggregatedConfigSourceValidationError{}
+
+// Validate checks the field values on SelfConfigSource with the rules defined
+// in the proto definition for this message. If any rules are violated, the
+// first error encountered is returned, or nil if there are no violations.
+func (m *SelfConfigSource) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on SelfConfigSource with the rules
+// defined in the proto definition for this message. If any rules are
+// violated, the result is a list of violation errors wrapped in
+// SelfConfigSourceMultiError, or nil if none found.
+func (m *SelfConfigSource) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *SelfConfigSource) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	if _, ok := ApiVersion_name[int32(m.GetTransportApiVersion())]; !ok {
+		err := SelfConfigSourceValidationError{
+			field:  "TransportApiVersion",
+			reason: "value must be one of the defined enum values",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+	}
+
+	if len(errors) > 0 {
+		return SelfConfigSourceMultiError(errors)
+	}
+	return nil
+}
+
+// SelfConfigSourceMultiError is an error wrapping multiple validation errors
+// returned by SelfConfigSource.ValidateAll() if the designated constraints
+// aren't met.
+type SelfConfigSourceMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m SelfConfigSourceMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m SelfConfigSourceMultiError) AllErrors() []error { return m }
+
+// SelfConfigSourceValidationError is the validation error returned by
+// SelfConfigSource.Validate if the designated constraints aren't met.
+type SelfConfigSourceValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e SelfConfigSourceValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e SelfConfigSourceValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e SelfConfigSourceValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e SelfConfigSourceValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e SelfConfigSourceValidationError) ErrorName() string { return "SelfConfigSourceValidationError" }
+
+// Error satisfies the builtin error interface
+func (e SelfConfigSourceValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sSelfConfigSource.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = SelfConfigSourceValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = SelfConfigSourceValidationError{}
+
+// Validate checks the field values on RateLimitSettings with the rules defined
+// in the proto definition for this message. If any rules are violated, the
+// first error encountered is returned, or nil if there are no violations.
+func (m *RateLimitSettings) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on RateLimitSettings with the rules
+// defined in the proto definition for this message. If any rules are
+// violated, the result is a list of violation errors wrapped in
+// RateLimitSettingsMultiError, or nil if none found.
+func (m *RateLimitSettings) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *RateLimitSettings) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	if all {
+		switch v := interface{}(m.GetMaxTokens()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, RateLimitSettingsValidationError{
+					field:  "MaxTokens",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, RateLimitSettingsValidationError{
+					field:  "MaxTokens",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetMaxTokens()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return RateLimitSettingsValidationError{
+				field:  "MaxTokens",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if wrapper := m.GetFillRate(); wrapper != nil {
+
+		if wrapper.GetValue() <= 0 {
+			err := RateLimitSettingsValidationError{
+				field:  "FillRate",
+				reason: "value must be greater than 0",
+			}
+			if !all {
+				return err
+			}
+			errors = append(errors, err)
+		}
+
+	}
+
+	if len(errors) > 0 {
+		return RateLimitSettingsMultiError(errors)
+	}
+	return nil
+}
+
+// RateLimitSettingsMultiError is an error wrapping multiple validation errors
+// returned by RateLimitSettings.ValidateAll() if the designated constraints
+// aren't met.
+type RateLimitSettingsMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m RateLimitSettingsMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m RateLimitSettingsMultiError) AllErrors() []error { return m }
+
+// RateLimitSettingsValidationError is the validation error returned by
+// RateLimitSettings.Validate if the designated constraints aren't met.
+type RateLimitSettingsValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e RateLimitSettingsValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e RateLimitSettingsValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e RateLimitSettingsValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e RateLimitSettingsValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e RateLimitSettingsValidationError) ErrorName() string {
+	return "RateLimitSettingsValidationError"
+}
+
+// Error satisfies the builtin error interface
+func (e RateLimitSettingsValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sRateLimitSettings.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = RateLimitSettingsValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = RateLimitSettingsValidationError{}
+
+// Validate checks the field values on ConfigSource with the rules defined in
+// the proto definition for this message. If any rules are violated, the first
+// error encountered is returned, or nil if there are no violations.
+func (m *ConfigSource) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on ConfigSource with the rules defined
+// in the proto definition for this message. If any rules are violated, the
+// result is a list of violation errors wrapped in ConfigSourceMultiError, or
+// nil if none found.
+func (m *ConfigSource) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *ConfigSource) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	for idx, item := range m.GetAuthorities() {
+		_, _ = idx, item
+
+		if all {
+			switch v := interface{}(item).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, ConfigSourceValidationError{
+						field:  fmt.Sprintf("Authorities[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, ConfigSourceValidationError{
+						field:  fmt.Sprintf("Authorities[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(item).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return ConfigSourceValidationError{
+					field:  fmt.Sprintf("Authorities[%v]", idx),
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	}
+
+	if all {
+		switch v := interface{}(m.GetInitialFetchTimeout()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, ConfigSourceValidationError{
+					field:  "InitialFetchTimeout",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, ConfigSourceValidationError{
+					field:  "InitialFetchTimeout",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetInitialFetchTimeout()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return ConfigSourceValidationError{
+				field:  "InitialFetchTimeout",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if _, ok := ApiVersion_name[int32(m.GetResourceApiVersion())]; !ok {
+		err := ConfigSourceValidationError{
+			field:  "ResourceApiVersion",
+			reason: "value must be one of the defined enum values",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+	}
+
+	switch m.ConfigSourceSpecifier.(type) {
+
+	case *ConfigSource_Path:
+		// no validation rules for Path
+
+	case *ConfigSource_ApiConfigSource:
+
+		if all {
+			switch v := interface{}(m.GetApiConfigSource()).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, ConfigSourceValidationError{
+						field:  "ApiConfigSource",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, ConfigSourceValidationError{
+						field:  "ApiConfigSource",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(m.GetApiConfigSource()).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return ConfigSourceValidationError{
+					field:  "ApiConfigSource",
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	case *ConfigSource_Ads:
+
+		if all {
+			switch v := interface{}(m.GetAds()).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, ConfigSourceValidationError{
+						field:  "Ads",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, ConfigSourceValidationError{
+						field:  "Ads",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(m.GetAds()).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return ConfigSourceValidationError{
+					field:  "Ads",
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	case *ConfigSource_Self:
+
+		if all {
+			switch v := interface{}(m.GetSelf()).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, ConfigSourceValidationError{
+						field:  "Self",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, ConfigSourceValidationError{
+						field:  "Self",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(m.GetSelf()).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return ConfigSourceValidationError{
+					field:  "Self",
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	default:
+		err := ConfigSourceValidationError{
+			field:  "ConfigSourceSpecifier",
+			reason: "value is required",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+
+	}
+
+	if len(errors) > 0 {
+		return ConfigSourceMultiError(errors)
+	}
+	return nil
+}
+
+// ConfigSourceMultiError is an error wrapping multiple validation errors
+// returned by ConfigSource.ValidateAll() if the designated constraints aren't met.
+type ConfigSourceMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m ConfigSourceMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m ConfigSourceMultiError) AllErrors() []error { return m }
+
+// ConfigSourceValidationError is the validation error returned by
+// ConfigSource.Validate if the designated constraints aren't met.
+type ConfigSourceValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e ConfigSourceValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e ConfigSourceValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e ConfigSourceValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e ConfigSourceValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e ConfigSourceValidationError) ErrorName() string { return "ConfigSourceValidationError" }
+
+// Error satisfies the builtin error interface
+func (e ConfigSourceValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sConfigSource.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = ConfigSourceValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = ConfigSourceValidationError{}
diff --git a/vendor/github.com/envoyproxy/go-control-plane/envoy/config/core/v3/event_service_config.pb.go b/vendor/github.com/envoyproxy/go-control-plane/envoy/config/core/v3/event_service_config.pb.go
new file mode 100644
index 00000000000..b65a9841a0e
--- /dev/null
+++ b/vendor/github.com/envoyproxy/go-control-plane/envoy/config/core/v3/event_service_config.pb.go
@@ -0,0 +1,200 @@
+// Code generated by protoc-gen-go. DO NOT EDIT.
+// versions:
+// 	protoc-gen-go v1.25.0
+// 	protoc        v3.19.1
+// source: envoy/config/core/v3/event_service_config.proto
+
+package envoy_config_core_v3
+
+import (
+	_ "github.com/cncf/xds/go/udpa/annotations"
+	_ "github.com/envoyproxy/protoc-gen-validate/validate"
+	proto "github.com/golang/protobuf/proto"
+	protoreflect "google.golang.org/protobuf/reflect/protoreflect"
+	protoimpl "google.golang.org/protobuf/runtime/protoimpl"
+	reflect "reflect"
+	sync "sync"
+)
+
+const (
+	// Verify that this generated code is sufficiently up-to-date.
+	_ = protoimpl.EnforceVersion(20 - protoimpl.MinVersion)
+	// Verify that runtime/protoimpl is sufficiently up-to-date.
+	_ = protoimpl.EnforceVersion(protoimpl.MaxVersion - 20)
+)
+
+// This is a compile-time assertion that a sufficiently up-to-date version
+// of the legacy proto package is being used.
+const _ = proto.ProtoPackageIsVersion4
+
+// [#not-implemented-hide:]
+// Configuration of the event reporting service endpoint.
+type EventServiceConfig struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// Types that are assignable to ConfigSourceSpecifier:
+	//	*EventServiceConfig_GrpcService
+	ConfigSourceSpecifier isEventServiceConfig_ConfigSourceSpecifier `protobuf_oneof:"config_source_specifier"`
+}
+
+func (x *EventServiceConfig) Reset() {
+	*x = EventServiceConfig{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_config_core_v3_event_service_config_proto_msgTypes[0]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *EventServiceConfig) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*EventServiceConfig) ProtoMessage() {}
+
+func (x *EventServiceConfig) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_config_core_v3_event_service_config_proto_msgTypes[0]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use EventServiceConfig.ProtoReflect.Descriptor instead.
+func (*EventServiceConfig) Descriptor() ([]byte, []int) {
+	return file_envoy_config_core_v3_event_service_config_proto_rawDescGZIP(), []int{0}
+}
+
+func (m *EventServiceConfig) GetConfigSourceSpecifier() isEventServiceConfig_ConfigSourceSpecifier {
+	if m != nil {
+		return m.ConfigSourceSpecifier
+	}
+	return nil
+}
+
+func (x *EventServiceConfig) GetGrpcService() *GrpcService {
+	if x, ok := x.GetConfigSourceSpecifier().(*EventServiceConfig_GrpcService); ok {
+		return x.GrpcService
+	}
+	return nil
+}
+
+type isEventServiceConfig_ConfigSourceSpecifier interface {
+	isEventServiceConfig_ConfigSourceSpecifier()
+}
+
+type EventServiceConfig_GrpcService struct {
+	// Specifies the gRPC service that hosts the event reporting service.
+	GrpcService *GrpcService `protobuf:"bytes,1,opt,name=grpc_service,json=grpcService,proto3,oneof"`
+}
+
+func (*EventServiceConfig_GrpcService) isEventServiceConfig_ConfigSourceSpecifier() {}
+
+var File_envoy_config_core_v3_event_service_config_proto protoreflect.FileDescriptor
+
+var file_envoy_config_core_v3_event_service_config_proto_rawDesc = []byte{
+	0x0a, 0x2f, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2f, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2f, 0x63,
+	0x6f, 0x72, 0x65, 0x2f, 0x76, 0x33, 0x2f, 0x65, 0x76, 0x65, 0x6e, 0x74, 0x5f, 0x73, 0x65, 0x72,
+	0x76, 0x69, 0x63, 0x65, 0x5f, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x70, 0x72, 0x6f, 0x74,
+	0x6f, 0x12, 0x14, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e,
+	0x63, 0x6f, 0x72, 0x65, 0x2e, 0x76, 0x33, 0x1a, 0x27, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2f, 0x63,
+	0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2f, 0x63, 0x6f, 0x72, 0x65, 0x2f, 0x76, 0x33, 0x2f, 0x67, 0x72,
+	0x70, 0x63, 0x5f, 0x73, 0x65, 0x72, 0x76, 0x69, 0x63, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f,
+	0x1a, 0x1d, 0x75, 0x64, 0x70, 0x61, 0x2f, 0x61, 0x6e, 0x6e, 0x6f, 0x74, 0x61, 0x74, 0x69, 0x6f,
+	0x6e, 0x73, 0x2f, 0x73, 0x74, 0x61, 0x74, 0x75, 0x73, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a,
+	0x21, 0x75, 0x64, 0x70, 0x61, 0x2f, 0x61, 0x6e, 0x6e, 0x6f, 0x74, 0x61, 0x74, 0x69, 0x6f, 0x6e,
+	0x73, 0x2f, 0x76, 0x65, 0x72, 0x73, 0x69, 0x6f, 0x6e, 0x69, 0x6e, 0x67, 0x2e, 0x70, 0x72, 0x6f,
+	0x74, 0x6f, 0x1a, 0x17, 0x76, 0x61, 0x6c, 0x69, 0x64, 0x61, 0x74, 0x65, 0x2f, 0x76, 0x61, 0x6c,
+	0x69, 0x64, 0x61, 0x74, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x22, 0xa9, 0x01, 0x0a, 0x12,
+	0x45, 0x76, 0x65, 0x6e, 0x74, 0x53, 0x65, 0x72, 0x76, 0x69, 0x63, 0x65, 0x43, 0x6f, 0x6e, 0x66,
+	0x69, 0x67, 0x12, 0x46, 0x0a, 0x0c, 0x67, 0x72, 0x70, 0x63, 0x5f, 0x73, 0x65, 0x72, 0x76, 0x69,
+	0x63, 0x65, 0x18, 0x01, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x21, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79,
+	0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x63, 0x6f, 0x72, 0x65, 0x2e, 0x76, 0x33, 0x2e,
+	0x47, 0x72, 0x70, 0x63, 0x53, 0x65, 0x72, 0x76, 0x69, 0x63, 0x65, 0x48, 0x00, 0x52, 0x0b, 0x67,
+	0x72, 0x70, 0x63, 0x53, 0x65, 0x72, 0x76, 0x69, 0x63, 0x65, 0x3a, 0x2b, 0x9a, 0xc5, 0x88, 0x1e,
+	0x26, 0x0a, 0x24, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x76, 0x32, 0x2e,
+	0x63, 0x6f, 0x72, 0x65, 0x2e, 0x45, 0x76, 0x65, 0x6e, 0x74, 0x53, 0x65, 0x72, 0x76, 0x69, 0x63,
+	0x65, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x42, 0x1e, 0x0a, 0x17, 0x63, 0x6f, 0x6e, 0x66, 0x69,
+	0x67, 0x5f, 0x73, 0x6f, 0x75, 0x72, 0x63, 0x65, 0x5f, 0x73, 0x70, 0x65, 0x63, 0x69, 0x66, 0x69,
+	0x65, 0x72, 0x12, 0x03, 0xf8, 0x42, 0x01, 0x42, 0x47, 0x0a, 0x22, 0x69, 0x6f, 0x2e, 0x65, 0x6e,
+	0x76, 0x6f, 0x79, 0x70, 0x72, 0x6f, 0x78, 0x79, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63,
+	0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x63, 0x6f, 0x72, 0x65, 0x2e, 0x76, 0x33, 0x42, 0x17, 0x45,
+	0x76, 0x65, 0x6e, 0x74, 0x53, 0x65, 0x72, 0x76, 0x69, 0x63, 0x65, 0x43, 0x6f, 0x6e, 0x66, 0x69,
+	0x67, 0x50, 0x72, 0x6f, 0x74, 0x6f, 0x50, 0x01, 0xba, 0x80, 0xc8, 0xd1, 0x06, 0x02, 0x10, 0x02,
+	0x62, 0x06, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x33,
+}
+
+var (
+	file_envoy_config_core_v3_event_service_config_proto_rawDescOnce sync.Once
+	file_envoy_config_core_v3_event_service_config_proto_rawDescData = file_envoy_config_core_v3_event_service_config_proto_rawDesc
+)
+
+func file_envoy_config_core_v3_event_service_config_proto_rawDescGZIP() []byte {
+	file_envoy_config_core_v3_event_service_config_proto_rawDescOnce.Do(func() {
+		file_envoy_config_core_v3_event_service_config_proto_rawDescData = protoimpl.X.CompressGZIP(file_envoy_config_core_v3_event_service_config_proto_rawDescData)
+	})
+	return file_envoy_config_core_v3_event_service_config_proto_rawDescData
+}
+
+var file_envoy_config_core_v3_event_service_config_proto_msgTypes = make([]protoimpl.MessageInfo, 1)
+var file_envoy_config_core_v3_event_service_config_proto_goTypes = []interface{}{
+	(*EventServiceConfig)(nil), // 0: envoy.config.core.v3.EventServiceConfig
+	(*GrpcService)(nil),        // 1: envoy.config.core.v3.GrpcService
+}
+var file_envoy_config_core_v3_event_service_config_proto_depIdxs = []int32{
+	1, // 0: envoy.config.core.v3.EventServiceConfig.grpc_service:type_name -> envoy.config.core.v3.GrpcService
+	1, // [1:1] is the sub-list for method output_type
+	1, // [1:1] is the sub-list for method input_type
+	1, // [1:1] is the sub-list for extension type_name
+	1, // [1:1] is the sub-list for extension extendee
+	0, // [0:1] is the sub-list for field type_name
+}
+
+func init() { file_envoy_config_core_v3_event_service_config_proto_init() }
+func file_envoy_config_core_v3_event_service_config_proto_init() {
+	if File_envoy_config_core_v3_event_service_config_proto != nil {
+		return
+	}
+	file_envoy_config_core_v3_grpc_service_proto_init()
+	if !protoimpl.UnsafeEnabled {
+		file_envoy_config_core_v3_event_service_config_proto_msgTypes[0].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*EventServiceConfig); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+	}
+	file_envoy_config_core_v3_event_service_config_proto_msgTypes[0].OneofWrappers = []interface{}{
+		(*EventServiceConfig_GrpcService)(nil),
+	}
+	type x struct{}
+	out := protoimpl.TypeBuilder{
+		File: protoimpl.DescBuilder{
+			GoPackagePath: reflect.TypeOf(x{}).PkgPath(),
+			RawDescriptor: file_envoy_config_core_v3_event_service_config_proto_rawDesc,
+			NumEnums:      0,
+			NumMessages:   1,
+			NumExtensions: 0,
+			NumServices:   0,
+		},
+		GoTypes:           file_envoy_config_core_v3_event_service_config_proto_goTypes,
+		DependencyIndexes: file_envoy_config_core_v3_event_service_config_proto_depIdxs,
+		MessageInfos:      file_envoy_config_core_v3_event_service_config_proto_msgTypes,
+	}.Build()
+	File_envoy_config_core_v3_event_service_config_proto = out.File
+	file_envoy_config_core_v3_event_service_config_proto_rawDesc = nil
+	file_envoy_config_core_v3_event_service_config_proto_goTypes = nil
+	file_envoy_config_core_v3_event_service_config_proto_depIdxs = nil
+}
diff --git a/vendor/github.com/envoyproxy/go-control-plane/envoy/config/core/v3/event_service_config.pb.validate.go b/vendor/github.com/envoyproxy/go-control-plane/envoy/config/core/v3/event_service_config.pb.validate.go
new file mode 100644
index 00000000000..fb7c5f3a7c9
--- /dev/null
+++ b/vendor/github.com/envoyproxy/go-control-plane/envoy/config/core/v3/event_service_config.pb.validate.go
@@ -0,0 +1,182 @@
+// Code generated by protoc-gen-validate. DO NOT EDIT.
+// source: envoy/config/core/v3/event_service_config.proto
+
+package envoy_config_core_v3
+
+import (
+	"bytes"
+	"errors"
+	"fmt"
+	"net"
+	"net/mail"
+	"net/url"
+	"regexp"
+	"sort"
+	"strings"
+	"time"
+	"unicode/utf8"
+
+	"google.golang.org/protobuf/types/known/anypb"
+)
+
+// ensure the imports are used
+var (
+	_ = bytes.MinRead
+	_ = errors.New("")
+	_ = fmt.Print
+	_ = utf8.UTFMax
+	_ = (*regexp.Regexp)(nil)
+	_ = (*strings.Reader)(nil)
+	_ = net.IPv4len
+	_ = time.Duration(0)
+	_ = (*url.URL)(nil)
+	_ = (*mail.Address)(nil)
+	_ = anypb.Any{}
+	_ = sort.Sort
+)
+
+// Validate checks the field values on EventServiceConfig with the rules
+// defined in the proto definition for this message. If any rules are
+// violated, the first error encountered is returned, or nil if there are no violations.
+func (m *EventServiceConfig) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on EventServiceConfig with the rules
+// defined in the proto definition for this message. If any rules are
+// violated, the result is a list of violation errors wrapped in
+// EventServiceConfigMultiError, or nil if none found.
+func (m *EventServiceConfig) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *EventServiceConfig) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	switch m.ConfigSourceSpecifier.(type) {
+
+	case *EventServiceConfig_GrpcService:
+
+		if all {
+			switch v := interface{}(m.GetGrpcService()).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, EventServiceConfigValidationError{
+						field:  "GrpcService",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, EventServiceConfigValidationError{
+						field:  "GrpcService",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(m.GetGrpcService()).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return EventServiceConfigValidationError{
+					field:  "GrpcService",
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	default:
+		err := EventServiceConfigValidationError{
+			field:  "ConfigSourceSpecifier",
+			reason: "value is required",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+
+	}
+
+	if len(errors) > 0 {
+		return EventServiceConfigMultiError(errors)
+	}
+	return nil
+}
+
+// EventServiceConfigMultiError is an error wrapping multiple validation errors
+// returned by EventServiceConfig.ValidateAll() if the designated constraints
+// aren't met.
+type EventServiceConfigMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m EventServiceConfigMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m EventServiceConfigMultiError) AllErrors() []error { return m }
+
+// EventServiceConfigValidationError is the validation error returned by
+// EventServiceConfig.Validate if the designated constraints aren't met.
+type EventServiceConfigValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e EventServiceConfigValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e EventServiceConfigValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e EventServiceConfigValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e EventServiceConfigValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e EventServiceConfigValidationError) ErrorName() string {
+	return "EventServiceConfigValidationError"
+}
+
+// Error satisfies the builtin error interface
+func (e EventServiceConfigValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sEventServiceConfig.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = EventServiceConfigValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = EventServiceConfigValidationError{}
diff --git a/vendor/github.com/envoyproxy/go-control-plane/envoy/config/core/v3/extension.pb.go b/vendor/github.com/envoyproxy/go-control-plane/envoy/config/core/v3/extension.pb.go
new file mode 100644
index 00000000000..d0be6e0bf24
--- /dev/null
+++ b/vendor/github.com/envoyproxy/go-control-plane/envoy/config/core/v3/extension.pb.go
@@ -0,0 +1,313 @@
+// Code generated by protoc-gen-go. DO NOT EDIT.
+// versions:
+// 	protoc-gen-go v1.25.0
+// 	protoc        v3.19.1
+// source: envoy/config/core/v3/extension.proto
+
+package envoy_config_core_v3
+
+import (
+	_ "github.com/cncf/xds/go/udpa/annotations"
+	_ "github.com/envoyproxy/protoc-gen-validate/validate"
+	proto "github.com/golang/protobuf/proto"
+	any "github.com/golang/protobuf/ptypes/any"
+	protoreflect "google.golang.org/protobuf/reflect/protoreflect"
+	protoimpl "google.golang.org/protobuf/runtime/protoimpl"
+	reflect "reflect"
+	sync "sync"
+)
+
+const (
+	// Verify that this generated code is sufficiently up-to-date.
+	_ = protoimpl.EnforceVersion(20 - protoimpl.MinVersion)
+	// Verify that runtime/protoimpl is sufficiently up-to-date.
+	_ = protoimpl.EnforceVersion(protoimpl.MaxVersion - 20)
+)
+
+// This is a compile-time assertion that a sufficiently up-to-date version
+// of the legacy proto package is being used.
+const _ = proto.ProtoPackageIsVersion4
+
+// Message type for extension configuration.
+// [#next-major-version: revisit all existing typed_config that doesn't use this wrapper.].
+type TypedExtensionConfig struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// The name of an extension. This is not used to select the extension, instead
+	// it serves the role of an opaque identifier.
+	Name string `protobuf:"bytes,1,opt,name=name,proto3" json:"name,omitempty"`
+	// The typed config for the extension. The type URL will be used to identify
+	// the extension. In the case that the type URL is *xds.type.v3.TypedStruct*
+	// (or, for historical reasons, *udpa.type.v1.TypedStruct*), the inner type
+	// URL of *TypedStruct* will be utilized. See the
+	// :ref:`extension configuration overview
+	// <config_overview_extension_configuration>` for further details.
+	TypedConfig *any.Any `protobuf:"bytes,2,opt,name=typed_config,json=typedConfig,proto3" json:"typed_config,omitempty"`
+}
+
+func (x *TypedExtensionConfig) Reset() {
+	*x = TypedExtensionConfig{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_config_core_v3_extension_proto_msgTypes[0]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *TypedExtensionConfig) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*TypedExtensionConfig) ProtoMessage() {}
+
+func (x *TypedExtensionConfig) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_config_core_v3_extension_proto_msgTypes[0]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use TypedExtensionConfig.ProtoReflect.Descriptor instead.
+func (*TypedExtensionConfig) Descriptor() ([]byte, []int) {
+	return file_envoy_config_core_v3_extension_proto_rawDescGZIP(), []int{0}
+}
+
+func (x *TypedExtensionConfig) GetName() string {
+	if x != nil {
+		return x.Name
+	}
+	return ""
+}
+
+func (x *TypedExtensionConfig) GetTypedConfig() *any.Any {
+	if x != nil {
+		return x.TypedConfig
+	}
+	return nil
+}
+
+// Configuration source specifier for a late-bound extension configuration. The
+// parent resource is warmed until all the initial extension configurations are
+// received, unless the flag to apply the default configuration is set.
+// Subsequent extension updates are atomic on a per-worker basis. Once an
+// extension configuration is applied to a request or a connection, it remains
+// constant for the duration of processing. If the initial delivery of the
+// extension configuration fails, due to a timeout for example, the optional
+// default configuration is applied. Without a default configuration, the
+// extension is disabled, until an extension configuration is received. The
+// behavior of a disabled extension depends on the context. For example, a
+// filter chain with a disabled extension filter rejects all incoming streams.
+type ExtensionConfigSource struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	ConfigSource *ConfigSource `protobuf:"bytes,1,opt,name=config_source,json=configSource,proto3" json:"config_source,omitempty"`
+	// Optional default configuration to use as the initial configuration if
+	// there is a failure to receive the initial extension configuration or if
+	// `apply_default_config_without_warming` flag is set.
+	DefaultConfig *any.Any `protobuf:"bytes,2,opt,name=default_config,json=defaultConfig,proto3" json:"default_config,omitempty"`
+	// Use the default config as the initial configuration without warming and
+	// waiting for the first discovery response. Requires the default configuration
+	// to be supplied.
+	ApplyDefaultConfigWithoutWarming bool `protobuf:"varint,3,opt,name=apply_default_config_without_warming,json=applyDefaultConfigWithoutWarming,proto3" json:"apply_default_config_without_warming,omitempty"`
+	// A set of permitted extension type URLs. Extension configuration updates are rejected
+	// if they do not match any type URL in the set.
+	TypeUrls []string `protobuf:"bytes,4,rep,name=type_urls,json=typeUrls,proto3" json:"type_urls,omitempty"`
+}
+
+func (x *ExtensionConfigSource) Reset() {
+	*x = ExtensionConfigSource{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_config_core_v3_extension_proto_msgTypes[1]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *ExtensionConfigSource) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*ExtensionConfigSource) ProtoMessage() {}
+
+func (x *ExtensionConfigSource) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_config_core_v3_extension_proto_msgTypes[1]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use ExtensionConfigSource.ProtoReflect.Descriptor instead.
+func (*ExtensionConfigSource) Descriptor() ([]byte, []int) {
+	return file_envoy_config_core_v3_extension_proto_rawDescGZIP(), []int{1}
+}
+
+func (x *ExtensionConfigSource) GetConfigSource() *ConfigSource {
+	if x != nil {
+		return x.ConfigSource
+	}
+	return nil
+}
+
+func (x *ExtensionConfigSource) GetDefaultConfig() *any.Any {
+	if x != nil {
+		return x.DefaultConfig
+	}
+	return nil
+}
+
+func (x *ExtensionConfigSource) GetApplyDefaultConfigWithoutWarming() bool {
+	if x != nil {
+		return x.ApplyDefaultConfigWithoutWarming
+	}
+	return false
+}
+
+func (x *ExtensionConfigSource) GetTypeUrls() []string {
+	if x != nil {
+		return x.TypeUrls
+	}
+	return nil
+}
+
+var File_envoy_config_core_v3_extension_proto protoreflect.FileDescriptor
+
+var file_envoy_config_core_v3_extension_proto_rawDesc = []byte{
+	0x0a, 0x24, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2f, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2f, 0x63,
+	0x6f, 0x72, 0x65, 0x2f, 0x76, 0x33, 0x2f, 0x65, 0x78, 0x74, 0x65, 0x6e, 0x73, 0x69, 0x6f, 0x6e,
+	0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x12, 0x14, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f,
+	0x6e, 0x66, 0x69, 0x67, 0x2e, 0x63, 0x6f, 0x72, 0x65, 0x2e, 0x76, 0x33, 0x1a, 0x28, 0x65, 0x6e,
+	0x76, 0x6f, 0x79, 0x2f, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2f, 0x63, 0x6f, 0x72, 0x65, 0x2f,
+	0x76, 0x33, 0x2f, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x5f, 0x73, 0x6f, 0x75, 0x72, 0x63, 0x65,
+	0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x19, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2f, 0x70,
+	0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2f, 0x61, 0x6e, 0x79, 0x2e, 0x70, 0x72, 0x6f, 0x74,
+	0x6f, 0x1a, 0x1d, 0x75, 0x64, 0x70, 0x61, 0x2f, 0x61, 0x6e, 0x6e, 0x6f, 0x74, 0x61, 0x74, 0x69,
+	0x6f, 0x6e, 0x73, 0x2f, 0x73, 0x74, 0x61, 0x74, 0x75, 0x73, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f,
+	0x1a, 0x17, 0x76, 0x61, 0x6c, 0x69, 0x64, 0x61, 0x74, 0x65, 0x2f, 0x76, 0x61, 0x6c, 0x69, 0x64,
+	0x61, 0x74, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x22, 0x76, 0x0a, 0x14, 0x54, 0x79, 0x70,
+	0x65, 0x64, 0x45, 0x78, 0x74, 0x65, 0x6e, 0x73, 0x69, 0x6f, 0x6e, 0x43, 0x6f, 0x6e, 0x66, 0x69,
+	0x67, 0x12, 0x1b, 0x0a, 0x04, 0x6e, 0x61, 0x6d, 0x65, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x42,
+	0x07, 0xfa, 0x42, 0x04, 0x72, 0x02, 0x10, 0x01, 0x52, 0x04, 0x6e, 0x61, 0x6d, 0x65, 0x12, 0x41,
+	0x0a, 0x0c, 0x74, 0x79, 0x70, 0x65, 0x64, 0x5f, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x18, 0x02,
+	0x20, 0x01, 0x28, 0x0b, 0x32, 0x14, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72,
+	0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x41, 0x6e, 0x79, 0x42, 0x08, 0xfa, 0x42, 0x05, 0xa2,
+	0x01, 0x02, 0x08, 0x01, 0x52, 0x0b, 0x74, 0x79, 0x70, 0x65, 0x64, 0x43, 0x6f, 0x6e, 0x66, 0x69,
+	0x67, 0x22, 0x9e, 0x02, 0x0a, 0x15, 0x45, 0x78, 0x74, 0x65, 0x6e, 0x73, 0x69, 0x6f, 0x6e, 0x43,
+	0x6f, 0x6e, 0x66, 0x69, 0x67, 0x53, 0x6f, 0x75, 0x72, 0x63, 0x65, 0x12, 0x51, 0x0a, 0x0d, 0x63,
+	0x6f, 0x6e, 0x66, 0x69, 0x67, 0x5f, 0x73, 0x6f, 0x75, 0x72, 0x63, 0x65, 0x18, 0x01, 0x20, 0x01,
+	0x28, 0x0b, 0x32, 0x22, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69,
+	0x67, 0x2e, 0x63, 0x6f, 0x72, 0x65, 0x2e, 0x76, 0x33, 0x2e, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67,
+	0x53, 0x6f, 0x75, 0x72, 0x63, 0x65, 0x42, 0x08, 0xfa, 0x42, 0x05, 0xa2, 0x01, 0x02, 0x08, 0x01,
+	0x52, 0x0c, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x53, 0x6f, 0x75, 0x72, 0x63, 0x65, 0x12, 0x3b,
+	0x0a, 0x0e, 0x64, 0x65, 0x66, 0x61, 0x75, 0x6c, 0x74, 0x5f, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67,
+	0x18, 0x02, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x14, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e,
+	0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x41, 0x6e, 0x79, 0x52, 0x0d, 0x64, 0x65,
+	0x66, 0x61, 0x75, 0x6c, 0x74, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x12, 0x4e, 0x0a, 0x24, 0x61,
+	0x70, 0x70, 0x6c, 0x79, 0x5f, 0x64, 0x65, 0x66, 0x61, 0x75, 0x6c, 0x74, 0x5f, 0x63, 0x6f, 0x6e,
+	0x66, 0x69, 0x67, 0x5f, 0x77, 0x69, 0x74, 0x68, 0x6f, 0x75, 0x74, 0x5f, 0x77, 0x61, 0x72, 0x6d,
+	0x69, 0x6e, 0x67, 0x18, 0x03, 0x20, 0x01, 0x28, 0x08, 0x52, 0x20, 0x61, 0x70, 0x70, 0x6c, 0x79,
+	0x44, 0x65, 0x66, 0x61, 0x75, 0x6c, 0x74, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x57, 0x69, 0x74,
+	0x68, 0x6f, 0x75, 0x74, 0x57, 0x61, 0x72, 0x6d, 0x69, 0x6e, 0x67, 0x12, 0x25, 0x0a, 0x09, 0x74,
+	0x79, 0x70, 0x65, 0x5f, 0x75, 0x72, 0x6c, 0x73, 0x18, 0x04, 0x20, 0x03, 0x28, 0x09, 0x42, 0x08,
+	0xfa, 0x42, 0x05, 0x92, 0x01, 0x02, 0x08, 0x01, 0x52, 0x08, 0x74, 0x79, 0x70, 0x65, 0x55, 0x72,
+	0x6c, 0x73, 0x42, 0x3e, 0x0a, 0x22, 0x69, 0x6f, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x70, 0x72,
+	0x6f, 0x78, 0x79, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67,
+	0x2e, 0x63, 0x6f, 0x72, 0x65, 0x2e, 0x76, 0x33, 0x42, 0x0e, 0x45, 0x78, 0x74, 0x65, 0x6e, 0x73,
+	0x69, 0x6f, 0x6e, 0x50, 0x72, 0x6f, 0x74, 0x6f, 0x50, 0x01, 0xba, 0x80, 0xc8, 0xd1, 0x06, 0x02,
+	0x10, 0x02, 0x62, 0x06, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x33,
+}
+
+var (
+	file_envoy_config_core_v3_extension_proto_rawDescOnce sync.Once
+	file_envoy_config_core_v3_extension_proto_rawDescData = file_envoy_config_core_v3_extension_proto_rawDesc
+)
+
+func file_envoy_config_core_v3_extension_proto_rawDescGZIP() []byte {
+	file_envoy_config_core_v3_extension_proto_rawDescOnce.Do(func() {
+		file_envoy_config_core_v3_extension_proto_rawDescData = protoimpl.X.CompressGZIP(file_envoy_config_core_v3_extension_proto_rawDescData)
+	})
+	return file_envoy_config_core_v3_extension_proto_rawDescData
+}
+
+var file_envoy_config_core_v3_extension_proto_msgTypes = make([]protoimpl.MessageInfo, 2)
+var file_envoy_config_core_v3_extension_proto_goTypes = []interface{}{
+	(*TypedExtensionConfig)(nil),  // 0: envoy.config.core.v3.TypedExtensionConfig
+	(*ExtensionConfigSource)(nil), // 1: envoy.config.core.v3.ExtensionConfigSource
+	(*any.Any)(nil),               // 2: google.protobuf.Any
+	(*ConfigSource)(nil),          // 3: envoy.config.core.v3.ConfigSource
+}
+var file_envoy_config_core_v3_extension_proto_depIdxs = []int32{
+	2, // 0: envoy.config.core.v3.TypedExtensionConfig.typed_config:type_name -> google.protobuf.Any
+	3, // 1: envoy.config.core.v3.ExtensionConfigSource.config_source:type_name -> envoy.config.core.v3.ConfigSource
+	2, // 2: envoy.config.core.v3.ExtensionConfigSource.default_config:type_name -> google.protobuf.Any
+	3, // [3:3] is the sub-list for method output_type
+	3, // [3:3] is the sub-list for method input_type
+	3, // [3:3] is the sub-list for extension type_name
+	3, // [3:3] is the sub-list for extension extendee
+	0, // [0:3] is the sub-list for field type_name
+}
+
+func init() { file_envoy_config_core_v3_extension_proto_init() }
+func file_envoy_config_core_v3_extension_proto_init() {
+	if File_envoy_config_core_v3_extension_proto != nil {
+		return
+	}
+	file_envoy_config_core_v3_config_source_proto_init()
+	if !protoimpl.UnsafeEnabled {
+		file_envoy_config_core_v3_extension_proto_msgTypes[0].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*TypedExtensionConfig); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_config_core_v3_extension_proto_msgTypes[1].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*ExtensionConfigSource); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+	}
+	type x struct{}
+	out := protoimpl.TypeBuilder{
+		File: protoimpl.DescBuilder{
+			GoPackagePath: reflect.TypeOf(x{}).PkgPath(),
+			RawDescriptor: file_envoy_config_core_v3_extension_proto_rawDesc,
+			NumEnums:      0,
+			NumMessages:   2,
+			NumExtensions: 0,
+			NumServices:   0,
+		},
+		GoTypes:           file_envoy_config_core_v3_extension_proto_goTypes,
+		DependencyIndexes: file_envoy_config_core_v3_extension_proto_depIdxs,
+		MessageInfos:      file_envoy_config_core_v3_extension_proto_msgTypes,
+	}.Build()
+	File_envoy_config_core_v3_extension_proto = out.File
+	file_envoy_config_core_v3_extension_proto_rawDesc = nil
+	file_envoy_config_core_v3_extension_proto_goTypes = nil
+	file_envoy_config_core_v3_extension_proto_depIdxs = nil
+}
diff --git a/vendor/github.com/envoyproxy/go-control-plane/envoy/config/core/v3/extension.pb.validate.go b/vendor/github.com/envoyproxy/go-control-plane/envoy/config/core/v3/extension.pb.validate.go
new file mode 100644
index 00000000000..5e0be48891d
--- /dev/null
+++ b/vendor/github.com/envoyproxy/go-control-plane/envoy/config/core/v3/extension.pb.validate.go
@@ -0,0 +1,321 @@
+// Code generated by protoc-gen-validate. DO NOT EDIT.
+// source: envoy/config/core/v3/extension.proto
+
+package envoy_config_core_v3
+
+import (
+	"bytes"
+	"errors"
+	"fmt"
+	"net"
+	"net/mail"
+	"net/url"
+	"regexp"
+	"sort"
+	"strings"
+	"time"
+	"unicode/utf8"
+
+	"google.golang.org/protobuf/types/known/anypb"
+)
+
+// ensure the imports are used
+var (
+	_ = bytes.MinRead
+	_ = errors.New("")
+	_ = fmt.Print
+	_ = utf8.UTFMax
+	_ = (*regexp.Regexp)(nil)
+	_ = (*strings.Reader)(nil)
+	_ = net.IPv4len
+	_ = time.Duration(0)
+	_ = (*url.URL)(nil)
+	_ = (*mail.Address)(nil)
+	_ = anypb.Any{}
+	_ = sort.Sort
+)
+
+// Validate checks the field values on TypedExtensionConfig with the rules
+// defined in the proto definition for this message. If any rules are
+// violated, the first error encountered is returned, or nil if there are no violations.
+func (m *TypedExtensionConfig) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on TypedExtensionConfig with the rules
+// defined in the proto definition for this message. If any rules are
+// violated, the result is a list of violation errors wrapped in
+// TypedExtensionConfigMultiError, or nil if none found.
+func (m *TypedExtensionConfig) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *TypedExtensionConfig) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	if utf8.RuneCountInString(m.GetName()) < 1 {
+		err := TypedExtensionConfigValidationError{
+			field:  "Name",
+			reason: "value length must be at least 1 runes",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+	}
+
+	if m.GetTypedConfig() == nil {
+		err := TypedExtensionConfigValidationError{
+			field:  "TypedConfig",
+			reason: "value is required",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+	}
+
+	if a := m.GetTypedConfig(); a != nil {
+
+	}
+
+	if len(errors) > 0 {
+		return TypedExtensionConfigMultiError(errors)
+	}
+	return nil
+}
+
+// TypedExtensionConfigMultiError is an error wrapping multiple validation
+// errors returned by TypedExtensionConfig.ValidateAll() if the designated
+// constraints aren't met.
+type TypedExtensionConfigMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m TypedExtensionConfigMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m TypedExtensionConfigMultiError) AllErrors() []error { return m }
+
+// TypedExtensionConfigValidationError is the validation error returned by
+// TypedExtensionConfig.Validate if the designated constraints aren't met.
+type TypedExtensionConfigValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e TypedExtensionConfigValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e TypedExtensionConfigValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e TypedExtensionConfigValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e TypedExtensionConfigValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e TypedExtensionConfigValidationError) ErrorName() string {
+	return "TypedExtensionConfigValidationError"
+}
+
+// Error satisfies the builtin error interface
+func (e TypedExtensionConfigValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sTypedExtensionConfig.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = TypedExtensionConfigValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = TypedExtensionConfigValidationError{}
+
+// Validate checks the field values on ExtensionConfigSource with the rules
+// defined in the proto definition for this message. If any rules are
+// violated, the first error encountered is returned, or nil if there are no violations.
+func (m *ExtensionConfigSource) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on ExtensionConfigSource with the rules
+// defined in the proto definition for this message. If any rules are
+// violated, the result is a list of violation errors wrapped in
+// ExtensionConfigSourceMultiError, or nil if none found.
+func (m *ExtensionConfigSource) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *ExtensionConfigSource) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	if m.GetConfigSource() == nil {
+		err := ExtensionConfigSourceValidationError{
+			field:  "ConfigSource",
+			reason: "value is required",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+	}
+
+	if a := m.GetConfigSource(); a != nil {
+
+	}
+
+	if all {
+		switch v := interface{}(m.GetDefaultConfig()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, ExtensionConfigSourceValidationError{
+					field:  "DefaultConfig",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, ExtensionConfigSourceValidationError{
+					field:  "DefaultConfig",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetDefaultConfig()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return ExtensionConfigSourceValidationError{
+				field:  "DefaultConfig",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	// no validation rules for ApplyDefaultConfigWithoutWarming
+
+	if len(m.GetTypeUrls()) < 1 {
+		err := ExtensionConfigSourceValidationError{
+			field:  "TypeUrls",
+			reason: "value must contain at least 1 item(s)",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+	}
+
+	if len(errors) > 0 {
+		return ExtensionConfigSourceMultiError(errors)
+	}
+	return nil
+}
+
+// ExtensionConfigSourceMultiError is an error wrapping multiple validation
+// errors returned by ExtensionConfigSource.ValidateAll() if the designated
+// constraints aren't met.
+type ExtensionConfigSourceMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m ExtensionConfigSourceMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m ExtensionConfigSourceMultiError) AllErrors() []error { return m }
+
+// ExtensionConfigSourceValidationError is the validation error returned by
+// ExtensionConfigSource.Validate if the designated constraints aren't met.
+type ExtensionConfigSourceValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e ExtensionConfigSourceValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e ExtensionConfigSourceValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e ExtensionConfigSourceValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e ExtensionConfigSourceValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e ExtensionConfigSourceValidationError) ErrorName() string {
+	return "ExtensionConfigSourceValidationError"
+}
+
+// Error satisfies the builtin error interface
+func (e ExtensionConfigSourceValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sExtensionConfigSource.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = ExtensionConfigSourceValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = ExtensionConfigSourceValidationError{}
diff --git a/vendor/github.com/envoyproxy/go-control-plane/envoy/config/core/v3/grpc_method_list.pb.go b/vendor/github.com/envoyproxy/go-control-plane/envoy/config/core/v3/grpc_method_list.pb.go
new file mode 100644
index 00000000000..70361ce8819
--- /dev/null
+++ b/vendor/github.com/envoyproxy/go-control-plane/envoy/config/core/v3/grpc_method_list.pb.go
@@ -0,0 +1,247 @@
+// Code generated by protoc-gen-go. DO NOT EDIT.
+// versions:
+// 	protoc-gen-go v1.25.0
+// 	protoc        v3.19.1
+// source: envoy/config/core/v3/grpc_method_list.proto
+
+package envoy_config_core_v3
+
+import (
+	_ "github.com/cncf/xds/go/udpa/annotations"
+	_ "github.com/envoyproxy/protoc-gen-validate/validate"
+	proto "github.com/golang/protobuf/proto"
+	protoreflect "google.golang.org/protobuf/reflect/protoreflect"
+	protoimpl "google.golang.org/protobuf/runtime/protoimpl"
+	reflect "reflect"
+	sync "sync"
+)
+
+const (
+	// Verify that this generated code is sufficiently up-to-date.
+	_ = protoimpl.EnforceVersion(20 - protoimpl.MinVersion)
+	// Verify that runtime/protoimpl is sufficiently up-to-date.
+	_ = protoimpl.EnforceVersion(protoimpl.MaxVersion - 20)
+)
+
+// This is a compile-time assertion that a sufficiently up-to-date version
+// of the legacy proto package is being used.
+const _ = proto.ProtoPackageIsVersion4
+
+// A list of gRPC methods which can be used as an allowlist, for example.
+type GrpcMethodList struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	Services []*GrpcMethodList_Service `protobuf:"bytes,1,rep,name=services,proto3" json:"services,omitempty"`
+}
+
+func (x *GrpcMethodList) Reset() {
+	*x = GrpcMethodList{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_config_core_v3_grpc_method_list_proto_msgTypes[0]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *GrpcMethodList) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*GrpcMethodList) ProtoMessage() {}
+
+func (x *GrpcMethodList) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_config_core_v3_grpc_method_list_proto_msgTypes[0]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use GrpcMethodList.ProtoReflect.Descriptor instead.
+func (*GrpcMethodList) Descriptor() ([]byte, []int) {
+	return file_envoy_config_core_v3_grpc_method_list_proto_rawDescGZIP(), []int{0}
+}
+
+func (x *GrpcMethodList) GetServices() []*GrpcMethodList_Service {
+	if x != nil {
+		return x.Services
+	}
+	return nil
+}
+
+type GrpcMethodList_Service struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// The name of the gRPC service.
+	Name string `protobuf:"bytes,1,opt,name=name,proto3" json:"name,omitempty"`
+	// The names of the gRPC methods in this service.
+	MethodNames []string `protobuf:"bytes,2,rep,name=method_names,json=methodNames,proto3" json:"method_names,omitempty"`
+}
+
+func (x *GrpcMethodList_Service) Reset() {
+	*x = GrpcMethodList_Service{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_config_core_v3_grpc_method_list_proto_msgTypes[1]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *GrpcMethodList_Service) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*GrpcMethodList_Service) ProtoMessage() {}
+
+func (x *GrpcMethodList_Service) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_config_core_v3_grpc_method_list_proto_msgTypes[1]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use GrpcMethodList_Service.ProtoReflect.Descriptor instead.
+func (*GrpcMethodList_Service) Descriptor() ([]byte, []int) {
+	return file_envoy_config_core_v3_grpc_method_list_proto_rawDescGZIP(), []int{0, 0}
+}
+
+func (x *GrpcMethodList_Service) GetName() string {
+	if x != nil {
+		return x.Name
+	}
+	return ""
+}
+
+func (x *GrpcMethodList_Service) GetMethodNames() []string {
+	if x != nil {
+		return x.MethodNames
+	}
+	return nil
+}
+
+var File_envoy_config_core_v3_grpc_method_list_proto protoreflect.FileDescriptor
+
+var file_envoy_config_core_v3_grpc_method_list_proto_rawDesc = []byte{
+	0x0a, 0x2b, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2f, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2f, 0x63,
+	0x6f, 0x72, 0x65, 0x2f, 0x76, 0x33, 0x2f, 0x67, 0x72, 0x70, 0x63, 0x5f, 0x6d, 0x65, 0x74, 0x68,
+	0x6f, 0x64, 0x5f, 0x6c, 0x69, 0x73, 0x74, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x12, 0x14, 0x65,
+	0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x63, 0x6f, 0x72, 0x65,
+	0x2e, 0x76, 0x33, 0x1a, 0x1d, 0x75, 0x64, 0x70, 0x61, 0x2f, 0x61, 0x6e, 0x6e, 0x6f, 0x74, 0x61,
+	0x74, 0x69, 0x6f, 0x6e, 0x73, 0x2f, 0x73, 0x74, 0x61, 0x74, 0x75, 0x73, 0x2e, 0x70, 0x72, 0x6f,
+	0x74, 0x6f, 0x1a, 0x21, 0x75, 0x64, 0x70, 0x61, 0x2f, 0x61, 0x6e, 0x6e, 0x6f, 0x74, 0x61, 0x74,
+	0x69, 0x6f, 0x6e, 0x73, 0x2f, 0x76, 0x65, 0x72, 0x73, 0x69, 0x6f, 0x6e, 0x69, 0x6e, 0x67, 0x2e,
+	0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x17, 0x76, 0x61, 0x6c, 0x69, 0x64, 0x61, 0x74, 0x65, 0x2f,
+	0x76, 0x61, 0x6c, 0x69, 0x64, 0x61, 0x74, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x22, 0x8a,
+	0x02, 0x0a, 0x0e, 0x47, 0x72, 0x70, 0x63, 0x4d, 0x65, 0x74, 0x68, 0x6f, 0x64, 0x4c, 0x69, 0x73,
+	0x74, 0x12, 0x48, 0x0a, 0x08, 0x73, 0x65, 0x72, 0x76, 0x69, 0x63, 0x65, 0x73, 0x18, 0x01, 0x20,
+	0x03, 0x28, 0x0b, 0x32, 0x2c, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66,
+	0x69, 0x67, 0x2e, 0x63, 0x6f, 0x72, 0x65, 0x2e, 0x76, 0x33, 0x2e, 0x47, 0x72, 0x70, 0x63, 0x4d,
+	0x65, 0x74, 0x68, 0x6f, 0x64, 0x4c, 0x69, 0x73, 0x74, 0x2e, 0x53, 0x65, 0x72, 0x76, 0x69, 0x63,
+	0x65, 0x52, 0x08, 0x73, 0x65, 0x72, 0x76, 0x69, 0x63, 0x65, 0x73, 0x1a, 0x84, 0x01, 0x0a, 0x07,
+	0x53, 0x65, 0x72, 0x76, 0x69, 0x63, 0x65, 0x12, 0x1b, 0x0a, 0x04, 0x6e, 0x61, 0x6d, 0x65, 0x18,
+	0x01, 0x20, 0x01, 0x28, 0x09, 0x42, 0x07, 0xfa, 0x42, 0x04, 0x72, 0x02, 0x10, 0x01, 0x52, 0x04,
+	0x6e, 0x61, 0x6d, 0x65, 0x12, 0x2b, 0x0a, 0x0c, 0x6d, 0x65, 0x74, 0x68, 0x6f, 0x64, 0x5f, 0x6e,
+	0x61, 0x6d, 0x65, 0x73, 0x18, 0x02, 0x20, 0x03, 0x28, 0x09, 0x42, 0x08, 0xfa, 0x42, 0x05, 0x92,
+	0x01, 0x02, 0x08, 0x01, 0x52, 0x0b, 0x6d, 0x65, 0x74, 0x68, 0x6f, 0x64, 0x4e, 0x61, 0x6d, 0x65,
+	0x73, 0x3a, 0x2f, 0x9a, 0xc5, 0x88, 0x1e, 0x2a, 0x0a, 0x28, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e,
+	0x61, 0x70, 0x69, 0x2e, 0x76, 0x32, 0x2e, 0x63, 0x6f, 0x72, 0x65, 0x2e, 0x47, 0x72, 0x70, 0x63,
+	0x4d, 0x65, 0x74, 0x68, 0x6f, 0x64, 0x4c, 0x69, 0x73, 0x74, 0x2e, 0x53, 0x65, 0x72, 0x76, 0x69,
+	0x63, 0x65, 0x3a, 0x27, 0x9a, 0xc5, 0x88, 0x1e, 0x22, 0x0a, 0x20, 0x65, 0x6e, 0x76, 0x6f, 0x79,
+	0x2e, 0x61, 0x70, 0x69, 0x2e, 0x76, 0x32, 0x2e, 0x63, 0x6f, 0x72, 0x65, 0x2e, 0x47, 0x72, 0x70,
+	0x63, 0x4d, 0x65, 0x74, 0x68, 0x6f, 0x64, 0x4c, 0x69, 0x73, 0x74, 0x42, 0x43, 0x0a, 0x22, 0x69,
+	0x6f, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x70, 0x72, 0x6f, 0x78, 0x79, 0x2e, 0x65, 0x6e, 0x76,
+	0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x63, 0x6f, 0x72, 0x65, 0x2e, 0x76,
+	0x33, 0x42, 0x13, 0x47, 0x72, 0x70, 0x63, 0x4d, 0x65, 0x74, 0x68, 0x6f, 0x64, 0x4c, 0x69, 0x73,
+	0x74, 0x50, 0x72, 0x6f, 0x74, 0x6f, 0x50, 0x01, 0xba, 0x80, 0xc8, 0xd1, 0x06, 0x02, 0x10, 0x02,
+	0x62, 0x06, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x33,
+}
+
+var (
+	file_envoy_config_core_v3_grpc_method_list_proto_rawDescOnce sync.Once
+	file_envoy_config_core_v3_grpc_method_list_proto_rawDescData = file_envoy_config_core_v3_grpc_method_list_proto_rawDesc
+)
+
+func file_envoy_config_core_v3_grpc_method_list_proto_rawDescGZIP() []byte {
+	file_envoy_config_core_v3_grpc_method_list_proto_rawDescOnce.Do(func() {
+		file_envoy_config_core_v3_grpc_method_list_proto_rawDescData = protoimpl.X.CompressGZIP(file_envoy_config_core_v3_grpc_method_list_proto_rawDescData)
+	})
+	return file_envoy_config_core_v3_grpc_method_list_proto_rawDescData
+}
+
+var file_envoy_config_core_v3_grpc_method_list_proto_msgTypes = make([]protoimpl.MessageInfo, 2)
+var file_envoy_config_core_v3_grpc_method_list_proto_goTypes = []interface{}{
+	(*GrpcMethodList)(nil),         // 0: envoy.config.core.v3.GrpcMethodList
+	(*GrpcMethodList_Service)(nil), // 1: envoy.config.core.v3.GrpcMethodList.Service
+}
+var file_envoy_config_core_v3_grpc_method_list_proto_depIdxs = []int32{
+	1, // 0: envoy.config.core.v3.GrpcMethodList.services:type_name -> envoy.config.core.v3.GrpcMethodList.Service
+	1, // [1:1] is the sub-list for method output_type
+	1, // [1:1] is the sub-list for method input_type
+	1, // [1:1] is the sub-list for extension type_name
+	1, // [1:1] is the sub-list for extension extendee
+	0, // [0:1] is the sub-list for field type_name
+}
+
+func init() { file_envoy_config_core_v3_grpc_method_list_proto_init() }
+func file_envoy_config_core_v3_grpc_method_list_proto_init() {
+	if File_envoy_config_core_v3_grpc_method_list_proto != nil {
+		return
+	}
+	if !protoimpl.UnsafeEnabled {
+		file_envoy_config_core_v3_grpc_method_list_proto_msgTypes[0].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*GrpcMethodList); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_config_core_v3_grpc_method_list_proto_msgTypes[1].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*GrpcMethodList_Service); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+	}
+	type x struct{}
+	out := protoimpl.TypeBuilder{
+		File: protoimpl.DescBuilder{
+			GoPackagePath: reflect.TypeOf(x{}).PkgPath(),
+			RawDescriptor: file_envoy_config_core_v3_grpc_method_list_proto_rawDesc,
+			NumEnums:      0,
+			NumMessages:   2,
+			NumExtensions: 0,
+			NumServices:   0,
+		},
+		GoTypes:           file_envoy_config_core_v3_grpc_method_list_proto_goTypes,
+		DependencyIndexes: file_envoy_config_core_v3_grpc_method_list_proto_depIdxs,
+		MessageInfos:      file_envoy_config_core_v3_grpc_method_list_proto_msgTypes,
+	}.Build()
+	File_envoy_config_core_v3_grpc_method_list_proto = out.File
+	file_envoy_config_core_v3_grpc_method_list_proto_rawDesc = nil
+	file_envoy_config_core_v3_grpc_method_list_proto_goTypes = nil
+	file_envoy_config_core_v3_grpc_method_list_proto_depIdxs = nil
+}
diff --git a/vendor/github.com/envoyproxy/go-control-plane/envoy/config/core/v3/grpc_method_list.pb.validate.go b/vendor/github.com/envoyproxy/go-control-plane/envoy/config/core/v3/grpc_method_list.pb.validate.go
new file mode 100644
index 00000000000..eb0b6c2defd
--- /dev/null
+++ b/vendor/github.com/envoyproxy/go-control-plane/envoy/config/core/v3/grpc_method_list.pb.validate.go
@@ -0,0 +1,292 @@
+// Code generated by protoc-gen-validate. DO NOT EDIT.
+// source: envoy/config/core/v3/grpc_method_list.proto
+
+package envoy_config_core_v3
+
+import (
+	"bytes"
+	"errors"
+	"fmt"
+	"net"
+	"net/mail"
+	"net/url"
+	"regexp"
+	"sort"
+	"strings"
+	"time"
+	"unicode/utf8"
+
+	"google.golang.org/protobuf/types/known/anypb"
+)
+
+// ensure the imports are used
+var (
+	_ = bytes.MinRead
+	_ = errors.New("")
+	_ = fmt.Print
+	_ = utf8.UTFMax
+	_ = (*regexp.Regexp)(nil)
+	_ = (*strings.Reader)(nil)
+	_ = net.IPv4len
+	_ = time.Duration(0)
+	_ = (*url.URL)(nil)
+	_ = (*mail.Address)(nil)
+	_ = anypb.Any{}
+	_ = sort.Sort
+)
+
+// Validate checks the field values on GrpcMethodList with the rules defined in
+// the proto definition for this message. If any rules are violated, the first
+// error encountered is returned, or nil if there are no violations.
+func (m *GrpcMethodList) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on GrpcMethodList with the rules defined
+// in the proto definition for this message. If any rules are violated, the
+// result is a list of violation errors wrapped in GrpcMethodListMultiError,
+// or nil if none found.
+func (m *GrpcMethodList) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *GrpcMethodList) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	for idx, item := range m.GetServices() {
+		_, _ = idx, item
+
+		if all {
+			switch v := interface{}(item).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, GrpcMethodListValidationError{
+						field:  fmt.Sprintf("Services[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, GrpcMethodListValidationError{
+						field:  fmt.Sprintf("Services[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(item).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return GrpcMethodListValidationError{
+					field:  fmt.Sprintf("Services[%v]", idx),
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	}
+
+	if len(errors) > 0 {
+		return GrpcMethodListMultiError(errors)
+	}
+	return nil
+}
+
+// GrpcMethodListMultiError is an error wrapping multiple validation errors
+// returned by GrpcMethodList.ValidateAll() if the designated constraints
+// aren't met.
+type GrpcMethodListMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m GrpcMethodListMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m GrpcMethodListMultiError) AllErrors() []error { return m }
+
+// GrpcMethodListValidationError is the validation error returned by
+// GrpcMethodList.Validate if the designated constraints aren't met.
+type GrpcMethodListValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e GrpcMethodListValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e GrpcMethodListValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e GrpcMethodListValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e GrpcMethodListValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e GrpcMethodListValidationError) ErrorName() string { return "GrpcMethodListValidationError" }
+
+// Error satisfies the builtin error interface
+func (e GrpcMethodListValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sGrpcMethodList.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = GrpcMethodListValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = GrpcMethodListValidationError{}
+
+// Validate checks the field values on GrpcMethodList_Service with the rules
+// defined in the proto definition for this message. If any rules are
+// violated, the first error encountered is returned, or nil if there are no violations.
+func (m *GrpcMethodList_Service) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on GrpcMethodList_Service with the rules
+// defined in the proto definition for this message. If any rules are
+// violated, the result is a list of violation errors wrapped in
+// GrpcMethodList_ServiceMultiError, or nil if none found.
+func (m *GrpcMethodList_Service) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *GrpcMethodList_Service) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	if utf8.RuneCountInString(m.GetName()) < 1 {
+		err := GrpcMethodList_ServiceValidationError{
+			field:  "Name",
+			reason: "value length must be at least 1 runes",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+	}
+
+	if len(m.GetMethodNames()) < 1 {
+		err := GrpcMethodList_ServiceValidationError{
+			field:  "MethodNames",
+			reason: "value must contain at least 1 item(s)",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+	}
+
+	if len(errors) > 0 {
+		return GrpcMethodList_ServiceMultiError(errors)
+	}
+	return nil
+}
+
+// GrpcMethodList_ServiceMultiError is an error wrapping multiple validation
+// errors returned by GrpcMethodList_Service.ValidateAll() if the designated
+// constraints aren't met.
+type GrpcMethodList_ServiceMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m GrpcMethodList_ServiceMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m GrpcMethodList_ServiceMultiError) AllErrors() []error { return m }
+
+// GrpcMethodList_ServiceValidationError is the validation error returned by
+// GrpcMethodList_Service.Validate if the designated constraints aren't met.
+type GrpcMethodList_ServiceValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e GrpcMethodList_ServiceValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e GrpcMethodList_ServiceValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e GrpcMethodList_ServiceValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e GrpcMethodList_ServiceValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e GrpcMethodList_ServiceValidationError) ErrorName() string {
+	return "GrpcMethodList_ServiceValidationError"
+}
+
+// Error satisfies the builtin error interface
+func (e GrpcMethodList_ServiceValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sGrpcMethodList_Service.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = GrpcMethodList_ServiceValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = GrpcMethodList_ServiceValidationError{}
diff --git a/vendor/github.com/envoyproxy/go-control-plane/envoy/config/core/v3/grpc_service.pb.go b/vendor/github.com/envoyproxy/go-control-plane/envoy/config/core/v3/grpc_service.pb.go
new file mode 100644
index 00000000000..857972995d2
--- /dev/null
+++ b/vendor/github.com/envoyproxy/go-control-plane/envoy/config/core/v3/grpc_service.pb.go
@@ -0,0 +1,1740 @@
+// Code generated by protoc-gen-go. DO NOT EDIT.
+// versions:
+// 	protoc-gen-go v1.25.0
+// 	protoc        v3.19.1
+// source: envoy/config/core/v3/grpc_service.proto
+
+package envoy_config_core_v3
+
+import (
+	_ "github.com/cncf/xds/go/udpa/annotations"
+	_ "github.com/envoyproxy/protoc-gen-validate/validate"
+	proto "github.com/golang/protobuf/proto"
+	any "github.com/golang/protobuf/ptypes/any"
+	duration "github.com/golang/protobuf/ptypes/duration"
+	_struct "github.com/golang/protobuf/ptypes/struct"
+	wrappers "github.com/golang/protobuf/ptypes/wrappers"
+	protoreflect "google.golang.org/protobuf/reflect/protoreflect"
+	protoimpl "google.golang.org/protobuf/runtime/protoimpl"
+	emptypb "google.golang.org/protobuf/types/known/emptypb"
+	reflect "reflect"
+	sync "sync"
+)
+
+const (
+	// Verify that this generated code is sufficiently up-to-date.
+	_ = protoimpl.EnforceVersion(20 - protoimpl.MinVersion)
+	// Verify that runtime/protoimpl is sufficiently up-to-date.
+	_ = protoimpl.EnforceVersion(protoimpl.MaxVersion - 20)
+)
+
+// This is a compile-time assertion that a sufficiently up-to-date version
+// of the legacy proto package is being used.
+const _ = proto.ProtoPackageIsVersion4
+
+// gRPC service configuration. This is used by :ref:`ApiConfigSource
+// <envoy_v3_api_msg_config.core.v3.ApiConfigSource>` and filter configurations.
+// [#next-free-field: 6]
+type GrpcService struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// Types that are assignable to TargetSpecifier:
+	//	*GrpcService_EnvoyGrpc_
+	//	*GrpcService_GoogleGrpc_
+	TargetSpecifier isGrpcService_TargetSpecifier `protobuf_oneof:"target_specifier"`
+	// The timeout for the gRPC request. This is the timeout for a specific
+	// request.
+	Timeout *duration.Duration `protobuf:"bytes,3,opt,name=timeout,proto3" json:"timeout,omitempty"`
+	// Additional metadata to include in streams initiated to the GrpcService. This can be used for
+	// scenarios in which additional ad hoc authorization headers (e.g. ``x-foo-bar: baz-key``) are to
+	// be injected. For more information, including details on header value syntax, see the
+	// documentation on :ref:`custom request headers
+	// <config_http_conn_man_headers_custom_request_headers>`.
+	InitialMetadata []*HeaderValue `protobuf:"bytes,5,rep,name=initial_metadata,json=initialMetadata,proto3" json:"initial_metadata,omitempty"`
+}
+
+func (x *GrpcService) Reset() {
+	*x = GrpcService{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_config_core_v3_grpc_service_proto_msgTypes[0]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *GrpcService) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*GrpcService) ProtoMessage() {}
+
+func (x *GrpcService) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_config_core_v3_grpc_service_proto_msgTypes[0]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use GrpcService.ProtoReflect.Descriptor instead.
+func (*GrpcService) Descriptor() ([]byte, []int) {
+	return file_envoy_config_core_v3_grpc_service_proto_rawDescGZIP(), []int{0}
+}
+
+func (m *GrpcService) GetTargetSpecifier() isGrpcService_TargetSpecifier {
+	if m != nil {
+		return m.TargetSpecifier
+	}
+	return nil
+}
+
+func (x *GrpcService) GetEnvoyGrpc() *GrpcService_EnvoyGrpc {
+	if x, ok := x.GetTargetSpecifier().(*GrpcService_EnvoyGrpc_); ok {
+		return x.EnvoyGrpc
+	}
+	return nil
+}
+
+func (x *GrpcService) GetGoogleGrpc() *GrpcService_GoogleGrpc {
+	if x, ok := x.GetTargetSpecifier().(*GrpcService_GoogleGrpc_); ok {
+		return x.GoogleGrpc
+	}
+	return nil
+}
+
+func (x *GrpcService) GetTimeout() *duration.Duration {
+	if x != nil {
+		return x.Timeout
+	}
+	return nil
+}
+
+func (x *GrpcService) GetInitialMetadata() []*HeaderValue {
+	if x != nil {
+		return x.InitialMetadata
+	}
+	return nil
+}
+
+type isGrpcService_TargetSpecifier interface {
+	isGrpcService_TargetSpecifier()
+}
+
+type GrpcService_EnvoyGrpc_ struct {
+	// Envoy's in-built gRPC client.
+	// See the :ref:`gRPC services overview <arch_overview_grpc_services>`
+	// documentation for discussion on gRPC client selection.
+	EnvoyGrpc *GrpcService_EnvoyGrpc `protobuf:"bytes,1,opt,name=envoy_grpc,json=envoyGrpc,proto3,oneof"`
+}
+
+type GrpcService_GoogleGrpc_ struct {
+	// `Google C++ gRPC client <https://github.com/grpc/grpc>`_
+	// See the :ref:`gRPC services overview <arch_overview_grpc_services>`
+	// documentation for discussion on gRPC client selection.
+	GoogleGrpc *GrpcService_GoogleGrpc `protobuf:"bytes,2,opt,name=google_grpc,json=googleGrpc,proto3,oneof"`
+}
+
+func (*GrpcService_EnvoyGrpc_) isGrpcService_TargetSpecifier() {}
+
+func (*GrpcService_GoogleGrpc_) isGrpcService_TargetSpecifier() {}
+
+type GrpcService_EnvoyGrpc struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// The name of the upstream gRPC cluster. SSL credentials will be supplied
+	// in the :ref:`Cluster <envoy_v3_api_msg_config.cluster.v3.Cluster>` :ref:`transport_socket
+	// <envoy_v3_api_field_config.cluster.v3.Cluster.transport_socket>`.
+	ClusterName string `protobuf:"bytes,1,opt,name=cluster_name,json=clusterName,proto3" json:"cluster_name,omitempty"`
+	// The `:authority` header in the grpc request. If this field is not set, the authority header value will be `cluster_name`.
+	// Note that this authority does not override the SNI. The SNI is provided by the transport socket of the cluster.
+	Authority string `protobuf:"bytes,2,opt,name=authority,proto3" json:"authority,omitempty"`
+}
+
+func (x *GrpcService_EnvoyGrpc) Reset() {
+	*x = GrpcService_EnvoyGrpc{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_config_core_v3_grpc_service_proto_msgTypes[1]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *GrpcService_EnvoyGrpc) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*GrpcService_EnvoyGrpc) ProtoMessage() {}
+
+func (x *GrpcService_EnvoyGrpc) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_config_core_v3_grpc_service_proto_msgTypes[1]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use GrpcService_EnvoyGrpc.ProtoReflect.Descriptor instead.
+func (*GrpcService_EnvoyGrpc) Descriptor() ([]byte, []int) {
+	return file_envoy_config_core_v3_grpc_service_proto_rawDescGZIP(), []int{0, 0}
+}
+
+func (x *GrpcService_EnvoyGrpc) GetClusterName() string {
+	if x != nil {
+		return x.ClusterName
+	}
+	return ""
+}
+
+func (x *GrpcService_EnvoyGrpc) GetAuthority() string {
+	if x != nil {
+		return x.Authority
+	}
+	return ""
+}
+
+// [#next-free-field: 9]
+type GrpcService_GoogleGrpc struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// The target URI when using the `Google C++ gRPC client
+	// <https://github.com/grpc/grpc>`_. SSL credentials will be supplied in
+	// :ref:`channel_credentials <envoy_v3_api_field_config.core.v3.GrpcService.GoogleGrpc.channel_credentials>`.
+	TargetUri          string                                     `protobuf:"bytes,1,opt,name=target_uri,json=targetUri,proto3" json:"target_uri,omitempty"`
+	ChannelCredentials *GrpcService_GoogleGrpc_ChannelCredentials `protobuf:"bytes,2,opt,name=channel_credentials,json=channelCredentials,proto3" json:"channel_credentials,omitempty"`
+	// A set of call credentials that can be composed with `channel credentials
+	// <https://grpc.io/docs/guides/auth.html#credential-types>`_.
+	CallCredentials []*GrpcService_GoogleGrpc_CallCredentials `protobuf:"bytes,3,rep,name=call_credentials,json=callCredentials,proto3" json:"call_credentials,omitempty"`
+	// The human readable prefix to use when emitting statistics for the gRPC
+	// service.
+	//
+	// .. csv-table::
+	//    :header: Name, Type, Description
+	//    :widths: 1, 1, 2
+	//
+	//    streams_total, Counter, Total number of streams opened
+	//    streams_closed_<gRPC status code>, Counter, Total streams closed with <gRPC status code>
+	StatPrefix string `protobuf:"bytes,4,opt,name=stat_prefix,json=statPrefix,proto3" json:"stat_prefix,omitempty"`
+	// The name of the Google gRPC credentials factory to use. This must have been registered with
+	// Envoy. If this is empty, a default credentials factory will be used that sets up channel
+	// credentials based on other configuration parameters.
+	CredentialsFactoryName string `protobuf:"bytes,5,opt,name=credentials_factory_name,json=credentialsFactoryName,proto3" json:"credentials_factory_name,omitempty"`
+	// Additional configuration for site-specific customizations of the Google
+	// gRPC library.
+	Config *_struct.Struct `protobuf:"bytes,6,opt,name=config,proto3" json:"config,omitempty"`
+	// How many bytes each stream can buffer internally.
+	// If not set an implementation defined default is applied (1MiB).
+	PerStreamBufferLimitBytes *wrappers.UInt32Value `protobuf:"bytes,7,opt,name=per_stream_buffer_limit_bytes,json=perStreamBufferLimitBytes,proto3" json:"per_stream_buffer_limit_bytes,omitempty"`
+	// Custom channels args.
+	ChannelArgs *GrpcService_GoogleGrpc_ChannelArgs `protobuf:"bytes,8,opt,name=channel_args,json=channelArgs,proto3" json:"channel_args,omitempty"`
+}
+
+func (x *GrpcService_GoogleGrpc) Reset() {
+	*x = GrpcService_GoogleGrpc{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_config_core_v3_grpc_service_proto_msgTypes[2]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *GrpcService_GoogleGrpc) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*GrpcService_GoogleGrpc) ProtoMessage() {}
+
+func (x *GrpcService_GoogleGrpc) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_config_core_v3_grpc_service_proto_msgTypes[2]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use GrpcService_GoogleGrpc.ProtoReflect.Descriptor instead.
+func (*GrpcService_GoogleGrpc) Descriptor() ([]byte, []int) {
+	return file_envoy_config_core_v3_grpc_service_proto_rawDescGZIP(), []int{0, 1}
+}
+
+func (x *GrpcService_GoogleGrpc) GetTargetUri() string {
+	if x != nil {
+		return x.TargetUri
+	}
+	return ""
+}
+
+func (x *GrpcService_GoogleGrpc) GetChannelCredentials() *GrpcService_GoogleGrpc_ChannelCredentials {
+	if x != nil {
+		return x.ChannelCredentials
+	}
+	return nil
+}
+
+func (x *GrpcService_GoogleGrpc) GetCallCredentials() []*GrpcService_GoogleGrpc_CallCredentials {
+	if x != nil {
+		return x.CallCredentials
+	}
+	return nil
+}
+
+func (x *GrpcService_GoogleGrpc) GetStatPrefix() string {
+	if x != nil {
+		return x.StatPrefix
+	}
+	return ""
+}
+
+func (x *GrpcService_GoogleGrpc) GetCredentialsFactoryName() string {
+	if x != nil {
+		return x.CredentialsFactoryName
+	}
+	return ""
+}
+
+func (x *GrpcService_GoogleGrpc) GetConfig() *_struct.Struct {
+	if x != nil {
+		return x.Config
+	}
+	return nil
+}
+
+func (x *GrpcService_GoogleGrpc) GetPerStreamBufferLimitBytes() *wrappers.UInt32Value {
+	if x != nil {
+		return x.PerStreamBufferLimitBytes
+	}
+	return nil
+}
+
+func (x *GrpcService_GoogleGrpc) GetChannelArgs() *GrpcService_GoogleGrpc_ChannelArgs {
+	if x != nil {
+		return x.ChannelArgs
+	}
+	return nil
+}
+
+// See https://grpc.io/grpc/cpp/structgrpc_1_1_ssl_credentials_options.html.
+type GrpcService_GoogleGrpc_SslCredentials struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// PEM encoded server root certificates.
+	RootCerts *DataSource `protobuf:"bytes,1,opt,name=root_certs,json=rootCerts,proto3" json:"root_certs,omitempty"`
+	// PEM encoded client private key.
+	PrivateKey *DataSource `protobuf:"bytes,2,opt,name=private_key,json=privateKey,proto3" json:"private_key,omitempty"`
+	// PEM encoded client certificate chain.
+	CertChain *DataSource `protobuf:"bytes,3,opt,name=cert_chain,json=certChain,proto3" json:"cert_chain,omitempty"`
+}
+
+func (x *GrpcService_GoogleGrpc_SslCredentials) Reset() {
+	*x = GrpcService_GoogleGrpc_SslCredentials{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_config_core_v3_grpc_service_proto_msgTypes[3]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *GrpcService_GoogleGrpc_SslCredentials) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*GrpcService_GoogleGrpc_SslCredentials) ProtoMessage() {}
+
+func (x *GrpcService_GoogleGrpc_SslCredentials) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_config_core_v3_grpc_service_proto_msgTypes[3]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use GrpcService_GoogleGrpc_SslCredentials.ProtoReflect.Descriptor instead.
+func (*GrpcService_GoogleGrpc_SslCredentials) Descriptor() ([]byte, []int) {
+	return file_envoy_config_core_v3_grpc_service_proto_rawDescGZIP(), []int{0, 1, 0}
+}
+
+func (x *GrpcService_GoogleGrpc_SslCredentials) GetRootCerts() *DataSource {
+	if x != nil {
+		return x.RootCerts
+	}
+	return nil
+}
+
+func (x *GrpcService_GoogleGrpc_SslCredentials) GetPrivateKey() *DataSource {
+	if x != nil {
+		return x.PrivateKey
+	}
+	return nil
+}
+
+func (x *GrpcService_GoogleGrpc_SslCredentials) GetCertChain() *DataSource {
+	if x != nil {
+		return x.CertChain
+	}
+	return nil
+}
+
+// Local channel credentials. Only UDS is supported for now.
+// See https://github.com/grpc/grpc/pull/15909.
+type GrpcService_GoogleGrpc_GoogleLocalCredentials struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+}
+
+func (x *GrpcService_GoogleGrpc_GoogleLocalCredentials) Reset() {
+	*x = GrpcService_GoogleGrpc_GoogleLocalCredentials{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_config_core_v3_grpc_service_proto_msgTypes[4]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *GrpcService_GoogleGrpc_GoogleLocalCredentials) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*GrpcService_GoogleGrpc_GoogleLocalCredentials) ProtoMessage() {}
+
+func (x *GrpcService_GoogleGrpc_GoogleLocalCredentials) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_config_core_v3_grpc_service_proto_msgTypes[4]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use GrpcService_GoogleGrpc_GoogleLocalCredentials.ProtoReflect.Descriptor instead.
+func (*GrpcService_GoogleGrpc_GoogleLocalCredentials) Descriptor() ([]byte, []int) {
+	return file_envoy_config_core_v3_grpc_service_proto_rawDescGZIP(), []int{0, 1, 1}
+}
+
+// See https://grpc.io/docs/guides/auth.html#credential-types to understand Channel and Call
+// credential types.
+type GrpcService_GoogleGrpc_ChannelCredentials struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// Types that are assignable to CredentialSpecifier:
+	//	*GrpcService_GoogleGrpc_ChannelCredentials_SslCredentials
+	//	*GrpcService_GoogleGrpc_ChannelCredentials_GoogleDefault
+	//	*GrpcService_GoogleGrpc_ChannelCredentials_LocalCredentials
+	CredentialSpecifier isGrpcService_GoogleGrpc_ChannelCredentials_CredentialSpecifier `protobuf_oneof:"credential_specifier"`
+}
+
+func (x *GrpcService_GoogleGrpc_ChannelCredentials) Reset() {
+	*x = GrpcService_GoogleGrpc_ChannelCredentials{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_config_core_v3_grpc_service_proto_msgTypes[5]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *GrpcService_GoogleGrpc_ChannelCredentials) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*GrpcService_GoogleGrpc_ChannelCredentials) ProtoMessage() {}
+
+func (x *GrpcService_GoogleGrpc_ChannelCredentials) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_config_core_v3_grpc_service_proto_msgTypes[5]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use GrpcService_GoogleGrpc_ChannelCredentials.ProtoReflect.Descriptor instead.
+func (*GrpcService_GoogleGrpc_ChannelCredentials) Descriptor() ([]byte, []int) {
+	return file_envoy_config_core_v3_grpc_service_proto_rawDescGZIP(), []int{0, 1, 2}
+}
+
+func (m *GrpcService_GoogleGrpc_ChannelCredentials) GetCredentialSpecifier() isGrpcService_GoogleGrpc_ChannelCredentials_CredentialSpecifier {
+	if m != nil {
+		return m.CredentialSpecifier
+	}
+	return nil
+}
+
+func (x *GrpcService_GoogleGrpc_ChannelCredentials) GetSslCredentials() *GrpcService_GoogleGrpc_SslCredentials {
+	if x, ok := x.GetCredentialSpecifier().(*GrpcService_GoogleGrpc_ChannelCredentials_SslCredentials); ok {
+		return x.SslCredentials
+	}
+	return nil
+}
+
+func (x *GrpcService_GoogleGrpc_ChannelCredentials) GetGoogleDefault() *emptypb.Empty {
+	if x, ok := x.GetCredentialSpecifier().(*GrpcService_GoogleGrpc_ChannelCredentials_GoogleDefault); ok {
+		return x.GoogleDefault
+	}
+	return nil
+}
+
+func (x *GrpcService_GoogleGrpc_ChannelCredentials) GetLocalCredentials() *GrpcService_GoogleGrpc_GoogleLocalCredentials {
+	if x, ok := x.GetCredentialSpecifier().(*GrpcService_GoogleGrpc_ChannelCredentials_LocalCredentials); ok {
+		return x.LocalCredentials
+	}
+	return nil
+}
+
+type isGrpcService_GoogleGrpc_ChannelCredentials_CredentialSpecifier interface {
+	isGrpcService_GoogleGrpc_ChannelCredentials_CredentialSpecifier()
+}
+
+type GrpcService_GoogleGrpc_ChannelCredentials_SslCredentials struct {
+	SslCredentials *GrpcService_GoogleGrpc_SslCredentials `protobuf:"bytes,1,opt,name=ssl_credentials,json=sslCredentials,proto3,oneof"`
+}
+
+type GrpcService_GoogleGrpc_ChannelCredentials_GoogleDefault struct {
+	// https://grpc.io/grpc/cpp/namespacegrpc.html#a6beb3ac70ff94bd2ebbd89b8f21d1f61
+	GoogleDefault *emptypb.Empty `protobuf:"bytes,2,opt,name=google_default,json=googleDefault,proto3,oneof"`
+}
+
+type GrpcService_GoogleGrpc_ChannelCredentials_LocalCredentials struct {
+	LocalCredentials *GrpcService_GoogleGrpc_GoogleLocalCredentials `protobuf:"bytes,3,opt,name=local_credentials,json=localCredentials,proto3,oneof"`
+}
+
+func (*GrpcService_GoogleGrpc_ChannelCredentials_SslCredentials) isGrpcService_GoogleGrpc_ChannelCredentials_CredentialSpecifier() {
+}
+
+func (*GrpcService_GoogleGrpc_ChannelCredentials_GoogleDefault) isGrpcService_GoogleGrpc_ChannelCredentials_CredentialSpecifier() {
+}
+
+func (*GrpcService_GoogleGrpc_ChannelCredentials_LocalCredentials) isGrpcService_GoogleGrpc_ChannelCredentials_CredentialSpecifier() {
+}
+
+// [#next-free-field: 8]
+type GrpcService_GoogleGrpc_CallCredentials struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// Types that are assignable to CredentialSpecifier:
+	//	*GrpcService_GoogleGrpc_CallCredentials_AccessToken
+	//	*GrpcService_GoogleGrpc_CallCredentials_GoogleComputeEngine
+	//	*GrpcService_GoogleGrpc_CallCredentials_GoogleRefreshToken
+	//	*GrpcService_GoogleGrpc_CallCredentials_ServiceAccountJwtAccess
+	//	*GrpcService_GoogleGrpc_CallCredentials_GoogleIam
+	//	*GrpcService_GoogleGrpc_CallCredentials_FromPlugin
+	//	*GrpcService_GoogleGrpc_CallCredentials_StsService_
+	CredentialSpecifier isGrpcService_GoogleGrpc_CallCredentials_CredentialSpecifier `protobuf_oneof:"credential_specifier"`
+}
+
+func (x *GrpcService_GoogleGrpc_CallCredentials) Reset() {
+	*x = GrpcService_GoogleGrpc_CallCredentials{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_config_core_v3_grpc_service_proto_msgTypes[6]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *GrpcService_GoogleGrpc_CallCredentials) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*GrpcService_GoogleGrpc_CallCredentials) ProtoMessage() {}
+
+func (x *GrpcService_GoogleGrpc_CallCredentials) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_config_core_v3_grpc_service_proto_msgTypes[6]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use GrpcService_GoogleGrpc_CallCredentials.ProtoReflect.Descriptor instead.
+func (*GrpcService_GoogleGrpc_CallCredentials) Descriptor() ([]byte, []int) {
+	return file_envoy_config_core_v3_grpc_service_proto_rawDescGZIP(), []int{0, 1, 3}
+}
+
+func (m *GrpcService_GoogleGrpc_CallCredentials) GetCredentialSpecifier() isGrpcService_GoogleGrpc_CallCredentials_CredentialSpecifier {
+	if m != nil {
+		return m.CredentialSpecifier
+	}
+	return nil
+}
+
+func (x *GrpcService_GoogleGrpc_CallCredentials) GetAccessToken() string {
+	if x, ok := x.GetCredentialSpecifier().(*GrpcService_GoogleGrpc_CallCredentials_AccessToken); ok {
+		return x.AccessToken
+	}
+	return ""
+}
+
+func (x *GrpcService_GoogleGrpc_CallCredentials) GetGoogleComputeEngine() *emptypb.Empty {
+	if x, ok := x.GetCredentialSpecifier().(*GrpcService_GoogleGrpc_CallCredentials_GoogleComputeEngine); ok {
+		return x.GoogleComputeEngine
+	}
+	return nil
+}
+
+func (x *GrpcService_GoogleGrpc_CallCredentials) GetGoogleRefreshToken() string {
+	if x, ok := x.GetCredentialSpecifier().(*GrpcService_GoogleGrpc_CallCredentials_GoogleRefreshToken); ok {
+		return x.GoogleRefreshToken
+	}
+	return ""
+}
+
+func (x *GrpcService_GoogleGrpc_CallCredentials) GetServiceAccountJwtAccess() *GrpcService_GoogleGrpc_CallCredentials_ServiceAccountJWTAccessCredentials {
+	if x, ok := x.GetCredentialSpecifier().(*GrpcService_GoogleGrpc_CallCredentials_ServiceAccountJwtAccess); ok {
+		return x.ServiceAccountJwtAccess
+	}
+	return nil
+}
+
+func (x *GrpcService_GoogleGrpc_CallCredentials) GetGoogleIam() *GrpcService_GoogleGrpc_CallCredentials_GoogleIAMCredentials {
+	if x, ok := x.GetCredentialSpecifier().(*GrpcService_GoogleGrpc_CallCredentials_GoogleIam); ok {
+		return x.GoogleIam
+	}
+	return nil
+}
+
+func (x *GrpcService_GoogleGrpc_CallCredentials) GetFromPlugin() *GrpcService_GoogleGrpc_CallCredentials_MetadataCredentialsFromPlugin {
+	if x, ok := x.GetCredentialSpecifier().(*GrpcService_GoogleGrpc_CallCredentials_FromPlugin); ok {
+		return x.FromPlugin
+	}
+	return nil
+}
+
+func (x *GrpcService_GoogleGrpc_CallCredentials) GetStsService() *GrpcService_GoogleGrpc_CallCredentials_StsService {
+	if x, ok := x.GetCredentialSpecifier().(*GrpcService_GoogleGrpc_CallCredentials_StsService_); ok {
+		return x.StsService
+	}
+	return nil
+}
+
+type isGrpcService_GoogleGrpc_CallCredentials_CredentialSpecifier interface {
+	isGrpcService_GoogleGrpc_CallCredentials_CredentialSpecifier()
+}
+
+type GrpcService_GoogleGrpc_CallCredentials_AccessToken struct {
+	// Access token credentials.
+	// https://grpc.io/grpc/cpp/namespacegrpc.html#ad3a80da696ffdaea943f0f858d7a360d.
+	AccessToken string `protobuf:"bytes,1,opt,name=access_token,json=accessToken,proto3,oneof"`
+}
+
+type GrpcService_GoogleGrpc_CallCredentials_GoogleComputeEngine struct {
+	// Google Compute Engine credentials.
+	// https://grpc.io/grpc/cpp/namespacegrpc.html#a6beb3ac70ff94bd2ebbd89b8f21d1f61
+	GoogleComputeEngine *emptypb.Empty `protobuf:"bytes,2,opt,name=google_compute_engine,json=googleComputeEngine,proto3,oneof"`
+}
+
+type GrpcService_GoogleGrpc_CallCredentials_GoogleRefreshToken struct {
+	// Google refresh token credentials.
+	// https://grpc.io/grpc/cpp/namespacegrpc.html#a96901c997b91bc6513b08491e0dca37c.
+	GoogleRefreshToken string `protobuf:"bytes,3,opt,name=google_refresh_token,json=googleRefreshToken,proto3,oneof"`
+}
+
+type GrpcService_GoogleGrpc_CallCredentials_ServiceAccountJwtAccess struct {
+	// Service Account JWT Access credentials.
+	// https://grpc.io/grpc/cpp/namespacegrpc.html#a92a9f959d6102461f66ee973d8e9d3aa.
+	ServiceAccountJwtAccess *GrpcService_GoogleGrpc_CallCredentials_ServiceAccountJWTAccessCredentials `protobuf:"bytes,4,opt,name=service_account_jwt_access,json=serviceAccountJwtAccess,proto3,oneof"`
+}
+
+type GrpcService_GoogleGrpc_CallCredentials_GoogleIam struct {
+	// Google IAM credentials.
+	// https://grpc.io/grpc/cpp/namespacegrpc.html#a9fc1fc101b41e680d47028166e76f9d0.
+	GoogleIam *GrpcService_GoogleGrpc_CallCredentials_GoogleIAMCredentials `protobuf:"bytes,5,opt,name=google_iam,json=googleIam,proto3,oneof"`
+}
+
+type GrpcService_GoogleGrpc_CallCredentials_FromPlugin struct {
+	// Custom authenticator credentials.
+	// https://grpc.io/grpc/cpp/namespacegrpc.html#a823c6a4b19ffc71fb33e90154ee2ad07.
+	// https://grpc.io/docs/guides/auth.html#extending-grpc-to-support-other-authentication-mechanisms.
+	FromPlugin *GrpcService_GoogleGrpc_CallCredentials_MetadataCredentialsFromPlugin `protobuf:"bytes,6,opt,name=from_plugin,json=fromPlugin,proto3,oneof"`
+}
+
+type GrpcService_GoogleGrpc_CallCredentials_StsService_ struct {
+	// Custom security token service which implements OAuth 2.0 token exchange.
+	// https://tools.ietf.org/html/draft-ietf-oauth-token-exchange-16
+	// See https://github.com/grpc/grpc/pull/19587.
+	StsService *GrpcService_GoogleGrpc_CallCredentials_StsService `protobuf:"bytes,7,opt,name=sts_service,json=stsService,proto3,oneof"`
+}
+
+func (*GrpcService_GoogleGrpc_CallCredentials_AccessToken) isGrpcService_GoogleGrpc_CallCredentials_CredentialSpecifier() {
+}
+
+func (*GrpcService_GoogleGrpc_CallCredentials_GoogleComputeEngine) isGrpcService_GoogleGrpc_CallCredentials_CredentialSpecifier() {
+}
+
+func (*GrpcService_GoogleGrpc_CallCredentials_GoogleRefreshToken) isGrpcService_GoogleGrpc_CallCredentials_CredentialSpecifier() {
+}
+
+func (*GrpcService_GoogleGrpc_CallCredentials_ServiceAccountJwtAccess) isGrpcService_GoogleGrpc_CallCredentials_CredentialSpecifier() {
+}
+
+func (*GrpcService_GoogleGrpc_CallCredentials_GoogleIam) isGrpcService_GoogleGrpc_CallCredentials_CredentialSpecifier() {
+}
+
+func (*GrpcService_GoogleGrpc_CallCredentials_FromPlugin) isGrpcService_GoogleGrpc_CallCredentials_CredentialSpecifier() {
+}
+
+func (*GrpcService_GoogleGrpc_CallCredentials_StsService_) isGrpcService_GoogleGrpc_CallCredentials_CredentialSpecifier() {
+}
+
+// Channel arguments.
+type GrpcService_GoogleGrpc_ChannelArgs struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// See grpc_types.h GRPC_ARG #defines for keys that work here.
+	Args map[string]*GrpcService_GoogleGrpc_ChannelArgs_Value `protobuf:"bytes,1,rep,name=args,proto3" json:"args,omitempty" protobuf_key:"bytes,1,opt,name=key,proto3" protobuf_val:"bytes,2,opt,name=value,proto3"`
+}
+
+func (x *GrpcService_GoogleGrpc_ChannelArgs) Reset() {
+	*x = GrpcService_GoogleGrpc_ChannelArgs{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_config_core_v3_grpc_service_proto_msgTypes[7]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *GrpcService_GoogleGrpc_ChannelArgs) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*GrpcService_GoogleGrpc_ChannelArgs) ProtoMessage() {}
+
+func (x *GrpcService_GoogleGrpc_ChannelArgs) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_config_core_v3_grpc_service_proto_msgTypes[7]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use GrpcService_GoogleGrpc_ChannelArgs.ProtoReflect.Descriptor instead.
+func (*GrpcService_GoogleGrpc_ChannelArgs) Descriptor() ([]byte, []int) {
+	return file_envoy_config_core_v3_grpc_service_proto_rawDescGZIP(), []int{0, 1, 4}
+}
+
+func (x *GrpcService_GoogleGrpc_ChannelArgs) GetArgs() map[string]*GrpcService_GoogleGrpc_ChannelArgs_Value {
+	if x != nil {
+		return x.Args
+	}
+	return nil
+}
+
+type GrpcService_GoogleGrpc_CallCredentials_ServiceAccountJWTAccessCredentials struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	JsonKey              string `protobuf:"bytes,1,opt,name=json_key,json=jsonKey,proto3" json:"json_key,omitempty"`
+	TokenLifetimeSeconds uint64 `protobuf:"varint,2,opt,name=token_lifetime_seconds,json=tokenLifetimeSeconds,proto3" json:"token_lifetime_seconds,omitempty"`
+}
+
+func (x *GrpcService_GoogleGrpc_CallCredentials_ServiceAccountJWTAccessCredentials) Reset() {
+	*x = GrpcService_GoogleGrpc_CallCredentials_ServiceAccountJWTAccessCredentials{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_config_core_v3_grpc_service_proto_msgTypes[8]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *GrpcService_GoogleGrpc_CallCredentials_ServiceAccountJWTAccessCredentials) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*GrpcService_GoogleGrpc_CallCredentials_ServiceAccountJWTAccessCredentials) ProtoMessage() {}
+
+func (x *GrpcService_GoogleGrpc_CallCredentials_ServiceAccountJWTAccessCredentials) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_config_core_v3_grpc_service_proto_msgTypes[8]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use GrpcService_GoogleGrpc_CallCredentials_ServiceAccountJWTAccessCredentials.ProtoReflect.Descriptor instead.
+func (*GrpcService_GoogleGrpc_CallCredentials_ServiceAccountJWTAccessCredentials) Descriptor() ([]byte, []int) {
+	return file_envoy_config_core_v3_grpc_service_proto_rawDescGZIP(), []int{0, 1, 3, 0}
+}
+
+func (x *GrpcService_GoogleGrpc_CallCredentials_ServiceAccountJWTAccessCredentials) GetJsonKey() string {
+	if x != nil {
+		return x.JsonKey
+	}
+	return ""
+}
+
+func (x *GrpcService_GoogleGrpc_CallCredentials_ServiceAccountJWTAccessCredentials) GetTokenLifetimeSeconds() uint64 {
+	if x != nil {
+		return x.TokenLifetimeSeconds
+	}
+	return 0
+}
+
+type GrpcService_GoogleGrpc_CallCredentials_GoogleIAMCredentials struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	AuthorizationToken string `protobuf:"bytes,1,opt,name=authorization_token,json=authorizationToken,proto3" json:"authorization_token,omitempty"`
+	AuthoritySelector  string `protobuf:"bytes,2,opt,name=authority_selector,json=authoritySelector,proto3" json:"authority_selector,omitempty"`
+}
+
+func (x *GrpcService_GoogleGrpc_CallCredentials_GoogleIAMCredentials) Reset() {
+	*x = GrpcService_GoogleGrpc_CallCredentials_GoogleIAMCredentials{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_config_core_v3_grpc_service_proto_msgTypes[9]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *GrpcService_GoogleGrpc_CallCredentials_GoogleIAMCredentials) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*GrpcService_GoogleGrpc_CallCredentials_GoogleIAMCredentials) ProtoMessage() {}
+
+func (x *GrpcService_GoogleGrpc_CallCredentials_GoogleIAMCredentials) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_config_core_v3_grpc_service_proto_msgTypes[9]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use GrpcService_GoogleGrpc_CallCredentials_GoogleIAMCredentials.ProtoReflect.Descriptor instead.
+func (*GrpcService_GoogleGrpc_CallCredentials_GoogleIAMCredentials) Descriptor() ([]byte, []int) {
+	return file_envoy_config_core_v3_grpc_service_proto_rawDescGZIP(), []int{0, 1, 3, 1}
+}
+
+func (x *GrpcService_GoogleGrpc_CallCredentials_GoogleIAMCredentials) GetAuthorizationToken() string {
+	if x != nil {
+		return x.AuthorizationToken
+	}
+	return ""
+}
+
+func (x *GrpcService_GoogleGrpc_CallCredentials_GoogleIAMCredentials) GetAuthoritySelector() string {
+	if x != nil {
+		return x.AuthoritySelector
+	}
+	return ""
+}
+
+type GrpcService_GoogleGrpc_CallCredentials_MetadataCredentialsFromPlugin struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	Name string `protobuf:"bytes,1,opt,name=name,proto3" json:"name,omitempty"`
+	// [#extension-category: envoy.grpc_credentials]
+	//
+	// Types that are assignable to ConfigType:
+	//	*GrpcService_GoogleGrpc_CallCredentials_MetadataCredentialsFromPlugin_TypedConfig
+	ConfigType isGrpcService_GoogleGrpc_CallCredentials_MetadataCredentialsFromPlugin_ConfigType `protobuf_oneof:"config_type"`
+}
+
+func (x *GrpcService_GoogleGrpc_CallCredentials_MetadataCredentialsFromPlugin) Reset() {
+	*x = GrpcService_GoogleGrpc_CallCredentials_MetadataCredentialsFromPlugin{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_config_core_v3_grpc_service_proto_msgTypes[10]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *GrpcService_GoogleGrpc_CallCredentials_MetadataCredentialsFromPlugin) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*GrpcService_GoogleGrpc_CallCredentials_MetadataCredentialsFromPlugin) ProtoMessage() {}
+
+func (x *GrpcService_GoogleGrpc_CallCredentials_MetadataCredentialsFromPlugin) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_config_core_v3_grpc_service_proto_msgTypes[10]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use GrpcService_GoogleGrpc_CallCredentials_MetadataCredentialsFromPlugin.ProtoReflect.Descriptor instead.
+func (*GrpcService_GoogleGrpc_CallCredentials_MetadataCredentialsFromPlugin) Descriptor() ([]byte, []int) {
+	return file_envoy_config_core_v3_grpc_service_proto_rawDescGZIP(), []int{0, 1, 3, 2}
+}
+
+func (x *GrpcService_GoogleGrpc_CallCredentials_MetadataCredentialsFromPlugin) GetName() string {
+	if x != nil {
+		return x.Name
+	}
+	return ""
+}
+
+func (m *GrpcService_GoogleGrpc_CallCredentials_MetadataCredentialsFromPlugin) GetConfigType() isGrpcService_GoogleGrpc_CallCredentials_MetadataCredentialsFromPlugin_ConfigType {
+	if m != nil {
+		return m.ConfigType
+	}
+	return nil
+}
+
+func (x *GrpcService_GoogleGrpc_CallCredentials_MetadataCredentialsFromPlugin) GetTypedConfig() *any.Any {
+	if x, ok := x.GetConfigType().(*GrpcService_GoogleGrpc_CallCredentials_MetadataCredentialsFromPlugin_TypedConfig); ok {
+		return x.TypedConfig
+	}
+	return nil
+}
+
+type isGrpcService_GoogleGrpc_CallCredentials_MetadataCredentialsFromPlugin_ConfigType interface {
+	isGrpcService_GoogleGrpc_CallCredentials_MetadataCredentialsFromPlugin_ConfigType()
+}
+
+type GrpcService_GoogleGrpc_CallCredentials_MetadataCredentialsFromPlugin_TypedConfig struct {
+	TypedConfig *any.Any `protobuf:"bytes,3,opt,name=typed_config,json=typedConfig,proto3,oneof"`
+}
+
+func (*GrpcService_GoogleGrpc_CallCredentials_MetadataCredentialsFromPlugin_TypedConfig) isGrpcService_GoogleGrpc_CallCredentials_MetadataCredentialsFromPlugin_ConfigType() {
+}
+
+// Security token service configuration that allows Google gRPC to
+// fetch security token from an OAuth 2.0 authorization server.
+// See https://tools.ietf.org/html/draft-ietf-oauth-token-exchange-16 and
+// https://github.com/grpc/grpc/pull/19587.
+// [#next-free-field: 10]
+type GrpcService_GoogleGrpc_CallCredentials_StsService struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// URI of the token exchange service that handles token exchange requests.
+	// [#comment:TODO(asraa): Add URI validation when implemented. Tracked by
+	// https://github.com/envoyproxy/protoc-gen-validate/issues/303]
+	TokenExchangeServiceUri string `protobuf:"bytes,1,opt,name=token_exchange_service_uri,json=tokenExchangeServiceUri,proto3" json:"token_exchange_service_uri,omitempty"`
+	// Location of the target service or resource where the client
+	// intends to use the requested security token.
+	Resource string `protobuf:"bytes,2,opt,name=resource,proto3" json:"resource,omitempty"`
+	// Logical name of the target service where the client intends to
+	// use the requested security token.
+	Audience string `protobuf:"bytes,3,opt,name=audience,proto3" json:"audience,omitempty"`
+	// The desired scope of the requested security token in the
+	// context of the service or resource where the token will be used.
+	Scope string `protobuf:"bytes,4,opt,name=scope,proto3" json:"scope,omitempty"`
+	// Type of the requested security token.
+	RequestedTokenType string `protobuf:"bytes,5,opt,name=requested_token_type,json=requestedTokenType,proto3" json:"requested_token_type,omitempty"`
+	// The path of subject token, a security token that represents the
+	// identity of the party on behalf of whom the request is being made.
+	SubjectTokenPath string `protobuf:"bytes,6,opt,name=subject_token_path,json=subjectTokenPath,proto3" json:"subject_token_path,omitempty"`
+	// Type of the subject token.
+	SubjectTokenType string `protobuf:"bytes,7,opt,name=subject_token_type,json=subjectTokenType,proto3" json:"subject_token_type,omitempty"`
+	// The path of actor token, a security token that represents the identity
+	// of the acting party. The acting party is authorized to use the
+	// requested security token and act on behalf of the subject.
+	ActorTokenPath string `protobuf:"bytes,8,opt,name=actor_token_path,json=actorTokenPath,proto3" json:"actor_token_path,omitempty"`
+	// Type of the actor token.
+	ActorTokenType string `protobuf:"bytes,9,opt,name=actor_token_type,json=actorTokenType,proto3" json:"actor_token_type,omitempty"`
+}
+
+func (x *GrpcService_GoogleGrpc_CallCredentials_StsService) Reset() {
+	*x = GrpcService_GoogleGrpc_CallCredentials_StsService{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_config_core_v3_grpc_service_proto_msgTypes[11]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *GrpcService_GoogleGrpc_CallCredentials_StsService) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*GrpcService_GoogleGrpc_CallCredentials_StsService) ProtoMessage() {}
+
+func (x *GrpcService_GoogleGrpc_CallCredentials_StsService) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_config_core_v3_grpc_service_proto_msgTypes[11]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use GrpcService_GoogleGrpc_CallCredentials_StsService.ProtoReflect.Descriptor instead.
+func (*GrpcService_GoogleGrpc_CallCredentials_StsService) Descriptor() ([]byte, []int) {
+	return file_envoy_config_core_v3_grpc_service_proto_rawDescGZIP(), []int{0, 1, 3, 3}
+}
+
+func (x *GrpcService_GoogleGrpc_CallCredentials_StsService) GetTokenExchangeServiceUri() string {
+	if x != nil {
+		return x.TokenExchangeServiceUri
+	}
+	return ""
+}
+
+func (x *GrpcService_GoogleGrpc_CallCredentials_StsService) GetResource() string {
+	if x != nil {
+		return x.Resource
+	}
+	return ""
+}
+
+func (x *GrpcService_GoogleGrpc_CallCredentials_StsService) GetAudience() string {
+	if x != nil {
+		return x.Audience
+	}
+	return ""
+}
+
+func (x *GrpcService_GoogleGrpc_CallCredentials_StsService) GetScope() string {
+	if x != nil {
+		return x.Scope
+	}
+	return ""
+}
+
+func (x *GrpcService_GoogleGrpc_CallCredentials_StsService) GetRequestedTokenType() string {
+	if x != nil {
+		return x.RequestedTokenType
+	}
+	return ""
+}
+
+func (x *GrpcService_GoogleGrpc_CallCredentials_StsService) GetSubjectTokenPath() string {
+	if x != nil {
+		return x.SubjectTokenPath
+	}
+	return ""
+}
+
+func (x *GrpcService_GoogleGrpc_CallCredentials_StsService) GetSubjectTokenType() string {
+	if x != nil {
+		return x.SubjectTokenType
+	}
+	return ""
+}
+
+func (x *GrpcService_GoogleGrpc_CallCredentials_StsService) GetActorTokenPath() string {
+	if x != nil {
+		return x.ActorTokenPath
+	}
+	return ""
+}
+
+func (x *GrpcService_GoogleGrpc_CallCredentials_StsService) GetActorTokenType() string {
+	if x != nil {
+		return x.ActorTokenType
+	}
+	return ""
+}
+
+type GrpcService_GoogleGrpc_ChannelArgs_Value struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// Pointer values are not supported, since they don't make any sense when
+	// delivered via the API.
+	//
+	// Types that are assignable to ValueSpecifier:
+	//	*GrpcService_GoogleGrpc_ChannelArgs_Value_StringValue
+	//	*GrpcService_GoogleGrpc_ChannelArgs_Value_IntValue
+	ValueSpecifier isGrpcService_GoogleGrpc_ChannelArgs_Value_ValueSpecifier `protobuf_oneof:"value_specifier"`
+}
+
+func (x *GrpcService_GoogleGrpc_ChannelArgs_Value) Reset() {
+	*x = GrpcService_GoogleGrpc_ChannelArgs_Value{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_config_core_v3_grpc_service_proto_msgTypes[12]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *GrpcService_GoogleGrpc_ChannelArgs_Value) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*GrpcService_GoogleGrpc_ChannelArgs_Value) ProtoMessage() {}
+
+func (x *GrpcService_GoogleGrpc_ChannelArgs_Value) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_config_core_v3_grpc_service_proto_msgTypes[12]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use GrpcService_GoogleGrpc_ChannelArgs_Value.ProtoReflect.Descriptor instead.
+func (*GrpcService_GoogleGrpc_ChannelArgs_Value) Descriptor() ([]byte, []int) {
+	return file_envoy_config_core_v3_grpc_service_proto_rawDescGZIP(), []int{0, 1, 4, 0}
+}
+
+func (m *GrpcService_GoogleGrpc_ChannelArgs_Value) GetValueSpecifier() isGrpcService_GoogleGrpc_ChannelArgs_Value_ValueSpecifier {
+	if m != nil {
+		return m.ValueSpecifier
+	}
+	return nil
+}
+
+func (x *GrpcService_GoogleGrpc_ChannelArgs_Value) GetStringValue() string {
+	if x, ok := x.GetValueSpecifier().(*GrpcService_GoogleGrpc_ChannelArgs_Value_StringValue); ok {
+		return x.StringValue
+	}
+	return ""
+}
+
+func (x *GrpcService_GoogleGrpc_ChannelArgs_Value) GetIntValue() int64 {
+	if x, ok := x.GetValueSpecifier().(*GrpcService_GoogleGrpc_ChannelArgs_Value_IntValue); ok {
+		return x.IntValue
+	}
+	return 0
+}
+
+type isGrpcService_GoogleGrpc_ChannelArgs_Value_ValueSpecifier interface {
+	isGrpcService_GoogleGrpc_ChannelArgs_Value_ValueSpecifier()
+}
+
+type GrpcService_GoogleGrpc_ChannelArgs_Value_StringValue struct {
+	StringValue string `protobuf:"bytes,1,opt,name=string_value,json=stringValue,proto3,oneof"`
+}
+
+type GrpcService_GoogleGrpc_ChannelArgs_Value_IntValue struct {
+	IntValue int64 `protobuf:"varint,2,opt,name=int_value,json=intValue,proto3,oneof"`
+}
+
+func (*GrpcService_GoogleGrpc_ChannelArgs_Value_StringValue) isGrpcService_GoogleGrpc_ChannelArgs_Value_ValueSpecifier() {
+}
+
+func (*GrpcService_GoogleGrpc_ChannelArgs_Value_IntValue) isGrpcService_GoogleGrpc_ChannelArgs_Value_ValueSpecifier() {
+}
+
+var File_envoy_config_core_v3_grpc_service_proto protoreflect.FileDescriptor
+
+var file_envoy_config_core_v3_grpc_service_proto_rawDesc = []byte{
+	0x0a, 0x27, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2f, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2f, 0x63,
+	0x6f, 0x72, 0x65, 0x2f, 0x76, 0x33, 0x2f, 0x67, 0x72, 0x70, 0x63, 0x5f, 0x73, 0x65, 0x72, 0x76,
+	0x69, 0x63, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x12, 0x14, 0x65, 0x6e, 0x76, 0x6f, 0x79,
+	0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x63, 0x6f, 0x72, 0x65, 0x2e, 0x76, 0x33, 0x1a,
+	0x1f, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2f, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2f, 0x63, 0x6f,
+	0x72, 0x65, 0x2f, 0x76, 0x33, 0x2f, 0x62, 0x61, 0x73, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f,
+	0x1a, 0x19, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2f, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75,
+	0x66, 0x2f, 0x61, 0x6e, 0x79, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x1e, 0x67, 0x6f, 0x6f,
+	0x67, 0x6c, 0x65, 0x2f, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2f, 0x64, 0x75, 0x72,
+	0x61, 0x74, 0x69, 0x6f, 0x6e, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x1b, 0x67, 0x6f, 0x6f,
+	0x67, 0x6c, 0x65, 0x2f, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2f, 0x65, 0x6d, 0x70,
+	0x74, 0x79, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x1c, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65,
+	0x2f, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2f, 0x73, 0x74, 0x72, 0x75, 0x63, 0x74,
+	0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x1e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2f, 0x70,
+	0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2f, 0x77, 0x72, 0x61, 0x70, 0x70, 0x65, 0x72, 0x73,
+	0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x20, 0x75, 0x64, 0x70, 0x61, 0x2f, 0x61, 0x6e, 0x6e,
+	0x6f, 0x74, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x2f, 0x73, 0x65, 0x6e, 0x73, 0x69, 0x74, 0x69,
+	0x76, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x1d, 0x75, 0x64, 0x70, 0x61, 0x2f, 0x61,
+	0x6e, 0x6e, 0x6f, 0x74, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x2f, 0x73, 0x74, 0x61, 0x74, 0x75,
+	0x73, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x21, 0x75, 0x64, 0x70, 0x61, 0x2f, 0x61, 0x6e,
+	0x6e, 0x6f, 0x74, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x2f, 0x76, 0x65, 0x72, 0x73, 0x69, 0x6f,
+	0x6e, 0x69, 0x6e, 0x67, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x17, 0x76, 0x61, 0x6c, 0x69,
+	0x64, 0x61, 0x74, 0x65, 0x2f, 0x76, 0x61, 0x6c, 0x69, 0x64, 0x61, 0x74, 0x65, 0x2e, 0x70, 0x72,
+	0x6f, 0x74, 0x6f, 0x22, 0x8c, 0x21, 0x0a, 0x0b, 0x47, 0x72, 0x70, 0x63, 0x53, 0x65, 0x72, 0x76,
+	0x69, 0x63, 0x65, 0x12, 0x4c, 0x0a, 0x0a, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x5f, 0x67, 0x72, 0x70,
+	0x63, 0x18, 0x01, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x2b, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e,
+	0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x63, 0x6f, 0x72, 0x65, 0x2e, 0x76, 0x33, 0x2e, 0x47,
+	0x72, 0x70, 0x63, 0x53, 0x65, 0x72, 0x76, 0x69, 0x63, 0x65, 0x2e, 0x45, 0x6e, 0x76, 0x6f, 0x79,
+	0x47, 0x72, 0x70, 0x63, 0x48, 0x00, 0x52, 0x09, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x47, 0x72, 0x70,
+	0x63, 0x12, 0x4f, 0x0a, 0x0b, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x5f, 0x67, 0x72, 0x70, 0x63,
+	0x18, 0x02, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x2c, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63,
+	0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x63, 0x6f, 0x72, 0x65, 0x2e, 0x76, 0x33, 0x2e, 0x47, 0x72,
+	0x70, 0x63, 0x53, 0x65, 0x72, 0x76, 0x69, 0x63, 0x65, 0x2e, 0x47, 0x6f, 0x6f, 0x67, 0x6c, 0x65,
+	0x47, 0x72, 0x70, 0x63, 0x48, 0x00, 0x52, 0x0a, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x47, 0x72,
+	0x70, 0x63, 0x12, 0x33, 0x0a, 0x07, 0x74, 0x69, 0x6d, 0x65, 0x6f, 0x75, 0x74, 0x18, 0x03, 0x20,
+	0x01, 0x28, 0x0b, 0x32, 0x19, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f,
+	0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x44, 0x75, 0x72, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x52, 0x07,
+	0x74, 0x69, 0x6d, 0x65, 0x6f, 0x75, 0x74, 0x12, 0x4c, 0x0a, 0x10, 0x69, 0x6e, 0x69, 0x74, 0x69,
+	0x61, 0x6c, 0x5f, 0x6d, 0x65, 0x74, 0x61, 0x64, 0x61, 0x74, 0x61, 0x18, 0x05, 0x20, 0x03, 0x28,
+	0x0b, 0x32, 0x21, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67,
+	0x2e, 0x63, 0x6f, 0x72, 0x65, 0x2e, 0x76, 0x33, 0x2e, 0x48, 0x65, 0x61, 0x64, 0x65, 0x72, 0x56,
+	0x61, 0x6c, 0x75, 0x65, 0x52, 0x0f, 0x69, 0x6e, 0x69, 0x74, 0x69, 0x61, 0x6c, 0x4d, 0x65, 0x74,
+	0x61, 0x64, 0x61, 0x74, 0x61, 0x1a, 0x98, 0x01, 0x0a, 0x09, 0x45, 0x6e, 0x76, 0x6f, 0x79, 0x47,
+	0x72, 0x70, 0x63, 0x12, 0x2a, 0x0a, 0x0c, 0x63, 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0x5f, 0x6e,
+	0x61, 0x6d, 0x65, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x42, 0x07, 0xfa, 0x42, 0x04, 0x72, 0x02,
+	0x10, 0x01, 0x52, 0x0b, 0x63, 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0x4e, 0x61, 0x6d, 0x65, 0x12,
+	0x2f, 0x0a, 0x09, 0x61, 0x75, 0x74, 0x68, 0x6f, 0x72, 0x69, 0x74, 0x79, 0x18, 0x02, 0x20, 0x01,
+	0x28, 0x09, 0x42, 0x11, 0xfa, 0x42, 0x0e, 0x72, 0x0c, 0x10, 0x00, 0x28, 0x80, 0x80, 0x01, 0xc0,
+	0x01, 0x02, 0xc8, 0x01, 0x00, 0x52, 0x09, 0x61, 0x75, 0x74, 0x68, 0x6f, 0x72, 0x69, 0x74, 0x79,
+	0x3a, 0x2e, 0x9a, 0xc5, 0x88, 0x1e, 0x29, 0x0a, 0x27, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61,
+	0x70, 0x69, 0x2e, 0x76, 0x32, 0x2e, 0x63, 0x6f, 0x72, 0x65, 0x2e, 0x47, 0x72, 0x70, 0x63, 0x53,
+	0x65, 0x72, 0x76, 0x69, 0x63, 0x65, 0x2e, 0x45, 0x6e, 0x76, 0x6f, 0x79, 0x47, 0x72, 0x70, 0x63,
+	0x1a, 0xfa, 0x1c, 0x0a, 0x0a, 0x47, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x47, 0x72, 0x70, 0x63, 0x12,
+	0x26, 0x0a, 0x0a, 0x74, 0x61, 0x72, 0x67, 0x65, 0x74, 0x5f, 0x75, 0x72, 0x69, 0x18, 0x01, 0x20,
+	0x01, 0x28, 0x09, 0x42, 0x07, 0xfa, 0x42, 0x04, 0x72, 0x02, 0x10, 0x01, 0x52, 0x09, 0x74, 0x61,
+	0x72, 0x67, 0x65, 0x74, 0x55, 0x72, 0x69, 0x12, 0x70, 0x0a, 0x13, 0x63, 0x68, 0x61, 0x6e, 0x6e,
+	0x65, 0x6c, 0x5f, 0x63, 0x72, 0x65, 0x64, 0x65, 0x6e, 0x74, 0x69, 0x61, 0x6c, 0x73, 0x18, 0x02,
+	0x20, 0x01, 0x28, 0x0b, 0x32, 0x3f, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e,
+	0x66, 0x69, 0x67, 0x2e, 0x63, 0x6f, 0x72, 0x65, 0x2e, 0x76, 0x33, 0x2e, 0x47, 0x72, 0x70, 0x63,
+	0x53, 0x65, 0x72, 0x76, 0x69, 0x63, 0x65, 0x2e, 0x47, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x47, 0x72,
+	0x70, 0x63, 0x2e, 0x43, 0x68, 0x61, 0x6e, 0x6e, 0x65, 0x6c, 0x43, 0x72, 0x65, 0x64, 0x65, 0x6e,
+	0x74, 0x69, 0x61, 0x6c, 0x73, 0x52, 0x12, 0x63, 0x68, 0x61, 0x6e, 0x6e, 0x65, 0x6c, 0x43, 0x72,
+	0x65, 0x64, 0x65, 0x6e, 0x74, 0x69, 0x61, 0x6c, 0x73, 0x12, 0x67, 0x0a, 0x10, 0x63, 0x61, 0x6c,
+	0x6c, 0x5f, 0x63, 0x72, 0x65, 0x64, 0x65, 0x6e, 0x74, 0x69, 0x61, 0x6c, 0x73, 0x18, 0x03, 0x20,
+	0x03, 0x28, 0x0b, 0x32, 0x3c, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66,
+	0x69, 0x67, 0x2e, 0x63, 0x6f, 0x72, 0x65, 0x2e, 0x76, 0x33, 0x2e, 0x47, 0x72, 0x70, 0x63, 0x53,
+	0x65, 0x72, 0x76, 0x69, 0x63, 0x65, 0x2e, 0x47, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x47, 0x72, 0x70,
+	0x63, 0x2e, 0x43, 0x61, 0x6c, 0x6c, 0x43, 0x72, 0x65, 0x64, 0x65, 0x6e, 0x74, 0x69, 0x61, 0x6c,
+	0x73, 0x52, 0x0f, 0x63, 0x61, 0x6c, 0x6c, 0x43, 0x72, 0x65, 0x64, 0x65, 0x6e, 0x74, 0x69, 0x61,
+	0x6c, 0x73, 0x12, 0x28, 0x0a, 0x0b, 0x73, 0x74, 0x61, 0x74, 0x5f, 0x70, 0x72, 0x65, 0x66, 0x69,
+	0x78, 0x18, 0x04, 0x20, 0x01, 0x28, 0x09, 0x42, 0x07, 0xfa, 0x42, 0x04, 0x72, 0x02, 0x10, 0x01,
+	0x52, 0x0a, 0x73, 0x74, 0x61, 0x74, 0x50, 0x72, 0x65, 0x66, 0x69, 0x78, 0x12, 0x38, 0x0a, 0x18,
+	0x63, 0x72, 0x65, 0x64, 0x65, 0x6e, 0x74, 0x69, 0x61, 0x6c, 0x73, 0x5f, 0x66, 0x61, 0x63, 0x74,
+	0x6f, 0x72, 0x79, 0x5f, 0x6e, 0x61, 0x6d, 0x65, 0x18, 0x05, 0x20, 0x01, 0x28, 0x09, 0x52, 0x16,
+	0x63, 0x72, 0x65, 0x64, 0x65, 0x6e, 0x74, 0x69, 0x61, 0x6c, 0x73, 0x46, 0x61, 0x63, 0x74, 0x6f,
+	0x72, 0x79, 0x4e, 0x61, 0x6d, 0x65, 0x12, 0x2f, 0x0a, 0x06, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67,
+	0x18, 0x06, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x17, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e,
+	0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x53, 0x74, 0x72, 0x75, 0x63, 0x74, 0x52,
+	0x06, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x12, 0x5e, 0x0a, 0x1d, 0x70, 0x65, 0x72, 0x5f, 0x73,
+	0x74, 0x72, 0x65, 0x61, 0x6d, 0x5f, 0x62, 0x75, 0x66, 0x66, 0x65, 0x72, 0x5f, 0x6c, 0x69, 0x6d,
+	0x69, 0x74, 0x5f, 0x62, 0x79, 0x74, 0x65, 0x73, 0x18, 0x07, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1c,
+	0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66,
+	0x2e, 0x55, 0x49, 0x6e, 0x74, 0x33, 0x32, 0x56, 0x61, 0x6c, 0x75, 0x65, 0x52, 0x19, 0x70, 0x65,
+	0x72, 0x53, 0x74, 0x72, 0x65, 0x61, 0x6d, 0x42, 0x75, 0x66, 0x66, 0x65, 0x72, 0x4c, 0x69, 0x6d,
+	0x69, 0x74, 0x42, 0x79, 0x74, 0x65, 0x73, 0x12, 0x5b, 0x0a, 0x0c, 0x63, 0x68, 0x61, 0x6e, 0x6e,
+	0x65, 0x6c, 0x5f, 0x61, 0x72, 0x67, 0x73, 0x18, 0x08, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x38, 0x2e,
+	0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x63, 0x6f, 0x72,
+	0x65, 0x2e, 0x76, 0x33, 0x2e, 0x47, 0x72, 0x70, 0x63, 0x53, 0x65, 0x72, 0x76, 0x69, 0x63, 0x65,
+	0x2e, 0x47, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x47, 0x72, 0x70, 0x63, 0x2e, 0x43, 0x68, 0x61, 0x6e,
+	0x6e, 0x65, 0x6c, 0x41, 0x72, 0x67, 0x73, 0x52, 0x0b, 0x63, 0x68, 0x61, 0x6e, 0x6e, 0x65, 0x6c,
+	0x41, 0x72, 0x67, 0x73, 0x1a, 0x9d, 0x02, 0x0a, 0x0e, 0x53, 0x73, 0x6c, 0x43, 0x72, 0x65, 0x64,
+	0x65, 0x6e, 0x74, 0x69, 0x61, 0x6c, 0x73, 0x12, 0x3f, 0x0a, 0x0a, 0x72, 0x6f, 0x6f, 0x74, 0x5f,
+	0x63, 0x65, 0x72, 0x74, 0x73, 0x18, 0x01, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x20, 0x2e, 0x65, 0x6e,
+	0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x63, 0x6f, 0x72, 0x65, 0x2e,
+	0x76, 0x33, 0x2e, 0x44, 0x61, 0x74, 0x61, 0x53, 0x6f, 0x75, 0x72, 0x63, 0x65, 0x52, 0x09, 0x72,
+	0x6f, 0x6f, 0x74, 0x43, 0x65, 0x72, 0x74, 0x73, 0x12, 0x49, 0x0a, 0x0b, 0x70, 0x72, 0x69, 0x76,
+	0x61, 0x74, 0x65, 0x5f, 0x6b, 0x65, 0x79, 0x18, 0x02, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x20, 0x2e,
+	0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x63, 0x6f, 0x72,
+	0x65, 0x2e, 0x76, 0x33, 0x2e, 0x44, 0x61, 0x74, 0x61, 0x53, 0x6f, 0x75, 0x72, 0x63, 0x65, 0x42,
+	0x06, 0xb8, 0xb7, 0x8b, 0xa4, 0x02, 0x01, 0x52, 0x0a, 0x70, 0x72, 0x69, 0x76, 0x61, 0x74, 0x65,
+	0x4b, 0x65, 0x79, 0x12, 0x3f, 0x0a, 0x0a, 0x63, 0x65, 0x72, 0x74, 0x5f, 0x63, 0x68, 0x61, 0x69,
+	0x6e, 0x18, 0x03, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x20, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e,
+	0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x63, 0x6f, 0x72, 0x65, 0x2e, 0x76, 0x33, 0x2e, 0x44,
+	0x61, 0x74, 0x61, 0x53, 0x6f, 0x75, 0x72, 0x63, 0x65, 0x52, 0x09, 0x63, 0x65, 0x72, 0x74, 0x43,
+	0x68, 0x61, 0x69, 0x6e, 0x3a, 0x3e, 0x9a, 0xc5, 0x88, 0x1e, 0x39, 0x0a, 0x37, 0x65, 0x6e, 0x76,
+	0x6f, 0x79, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x76, 0x32, 0x2e, 0x63, 0x6f, 0x72, 0x65, 0x2e, 0x47,
+	0x72, 0x70, 0x63, 0x53, 0x65, 0x72, 0x76, 0x69, 0x63, 0x65, 0x2e, 0x47, 0x6f, 0x6f, 0x67, 0x6c,
+	0x65, 0x47, 0x72, 0x70, 0x63, 0x2e, 0x53, 0x73, 0x6c, 0x43, 0x72, 0x65, 0x64, 0x65, 0x6e, 0x74,
+	0x69, 0x61, 0x6c, 0x73, 0x1a, 0x60, 0x0a, 0x16, 0x47, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x4c, 0x6f,
+	0x63, 0x61, 0x6c, 0x43, 0x72, 0x65, 0x64, 0x65, 0x6e, 0x74, 0x69, 0x61, 0x6c, 0x73, 0x3a, 0x46,
+	0x9a, 0xc5, 0x88, 0x1e, 0x41, 0x0a, 0x3f, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61, 0x70, 0x69,
+	0x2e, 0x76, 0x32, 0x2e, 0x63, 0x6f, 0x72, 0x65, 0x2e, 0x47, 0x72, 0x70, 0x63, 0x53, 0x65, 0x72,
+	0x76, 0x69, 0x63, 0x65, 0x2e, 0x47, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x47, 0x72, 0x70, 0x63, 0x2e,
+	0x47, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x4c, 0x6f, 0x63, 0x61, 0x6c, 0x43, 0x72, 0x65, 0x64, 0x65,
+	0x6e, 0x74, 0x69, 0x61, 0x6c, 0x73, 0x1a, 0x92, 0x03, 0x0a, 0x12, 0x43, 0x68, 0x61, 0x6e, 0x6e,
+	0x65, 0x6c, 0x43, 0x72, 0x65, 0x64, 0x65, 0x6e, 0x74, 0x69, 0x61, 0x6c, 0x73, 0x12, 0x66, 0x0a,
+	0x0f, 0x73, 0x73, 0x6c, 0x5f, 0x63, 0x72, 0x65, 0x64, 0x65, 0x6e, 0x74, 0x69, 0x61, 0x6c, 0x73,
+	0x18, 0x01, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x3b, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63,
+	0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x63, 0x6f, 0x72, 0x65, 0x2e, 0x76, 0x33, 0x2e, 0x47, 0x72,
+	0x70, 0x63, 0x53, 0x65, 0x72, 0x76, 0x69, 0x63, 0x65, 0x2e, 0x47, 0x6f, 0x6f, 0x67, 0x6c, 0x65,
+	0x47, 0x72, 0x70, 0x63, 0x2e, 0x53, 0x73, 0x6c, 0x43, 0x72, 0x65, 0x64, 0x65, 0x6e, 0x74, 0x69,
+	0x61, 0x6c, 0x73, 0x48, 0x00, 0x52, 0x0e, 0x73, 0x73, 0x6c, 0x43, 0x72, 0x65, 0x64, 0x65, 0x6e,
+	0x74, 0x69, 0x61, 0x6c, 0x73, 0x12, 0x3f, 0x0a, 0x0e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x5f,
+	0x64, 0x65, 0x66, 0x61, 0x75, 0x6c, 0x74, 0x18, 0x02, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x16, 0x2e,
+	0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e,
+	0x45, 0x6d, 0x70, 0x74, 0x79, 0x48, 0x00, 0x52, 0x0d, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x44,
+	0x65, 0x66, 0x61, 0x75, 0x6c, 0x74, 0x12, 0x72, 0x0a, 0x11, 0x6c, 0x6f, 0x63, 0x61, 0x6c, 0x5f,
+	0x63, 0x72, 0x65, 0x64, 0x65, 0x6e, 0x74, 0x69, 0x61, 0x6c, 0x73, 0x18, 0x03, 0x20, 0x01, 0x28,
+	0x0b, 0x32, 0x43, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67,
+	0x2e, 0x63, 0x6f, 0x72, 0x65, 0x2e, 0x76, 0x33, 0x2e, 0x47, 0x72, 0x70, 0x63, 0x53, 0x65, 0x72,
+	0x76, 0x69, 0x63, 0x65, 0x2e, 0x47, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x47, 0x72, 0x70, 0x63, 0x2e,
+	0x47, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x4c, 0x6f, 0x63, 0x61, 0x6c, 0x43, 0x72, 0x65, 0x64, 0x65,
+	0x6e, 0x74, 0x69, 0x61, 0x6c, 0x73, 0x48, 0x00, 0x52, 0x10, 0x6c, 0x6f, 0x63, 0x61, 0x6c, 0x43,
+	0x72, 0x65, 0x64, 0x65, 0x6e, 0x74, 0x69, 0x61, 0x6c, 0x73, 0x3a, 0x42, 0x9a, 0xc5, 0x88, 0x1e,
+	0x3d, 0x0a, 0x3b, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x76, 0x32, 0x2e,
+	0x63, 0x6f, 0x72, 0x65, 0x2e, 0x47, 0x72, 0x70, 0x63, 0x53, 0x65, 0x72, 0x76, 0x69, 0x63, 0x65,
+	0x2e, 0x47, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x47, 0x72, 0x70, 0x63, 0x2e, 0x43, 0x68, 0x61, 0x6e,
+	0x6e, 0x65, 0x6c, 0x43, 0x72, 0x65, 0x64, 0x65, 0x6e, 0x74, 0x69, 0x61, 0x6c, 0x73, 0x42, 0x1b,
+	0x0a, 0x14, 0x63, 0x72, 0x65, 0x64, 0x65, 0x6e, 0x74, 0x69, 0x61, 0x6c, 0x5f, 0x73, 0x70, 0x65,
+	0x63, 0x69, 0x66, 0x69, 0x65, 0x72, 0x12, 0x03, 0xf8, 0x42, 0x01, 0x1a, 0x88, 0x0f, 0x0a, 0x0f,
+	0x43, 0x61, 0x6c, 0x6c, 0x43, 0x72, 0x65, 0x64, 0x65, 0x6e, 0x74, 0x69, 0x61, 0x6c, 0x73, 0x12,
+	0x23, 0x0a, 0x0c, 0x61, 0x63, 0x63, 0x65, 0x73, 0x73, 0x5f, 0x74, 0x6f, 0x6b, 0x65, 0x6e, 0x18,
+	0x01, 0x20, 0x01, 0x28, 0x09, 0x48, 0x00, 0x52, 0x0b, 0x61, 0x63, 0x63, 0x65, 0x73, 0x73, 0x54,
+	0x6f, 0x6b, 0x65, 0x6e, 0x12, 0x4c, 0x0a, 0x15, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x5f, 0x63,
+	0x6f, 0x6d, 0x70, 0x75, 0x74, 0x65, 0x5f, 0x65, 0x6e, 0x67, 0x69, 0x6e, 0x65, 0x18, 0x02, 0x20,
+	0x01, 0x28, 0x0b, 0x32, 0x16, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f,
+	0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x45, 0x6d, 0x70, 0x74, 0x79, 0x48, 0x00, 0x52, 0x13, 0x67,
+	0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x43, 0x6f, 0x6d, 0x70, 0x75, 0x74, 0x65, 0x45, 0x6e, 0x67, 0x69,
+	0x6e, 0x65, 0x12, 0x32, 0x0a, 0x14, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x5f, 0x72, 0x65, 0x66,
+	0x72, 0x65, 0x73, 0x68, 0x5f, 0x74, 0x6f, 0x6b, 0x65, 0x6e, 0x18, 0x03, 0x20, 0x01, 0x28, 0x09,
+	0x48, 0x00, 0x52, 0x12, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x52, 0x65, 0x66, 0x72, 0x65, 0x73,
+	0x68, 0x54, 0x6f, 0x6b, 0x65, 0x6e, 0x12, 0x9e, 0x01, 0x0a, 0x1a, 0x73, 0x65, 0x72, 0x76, 0x69,
+	0x63, 0x65, 0x5f, 0x61, 0x63, 0x63, 0x6f, 0x75, 0x6e, 0x74, 0x5f, 0x6a, 0x77, 0x74, 0x5f, 0x61,
+	0x63, 0x63, 0x65, 0x73, 0x73, 0x18, 0x04, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x5f, 0x2e, 0x65, 0x6e,
+	0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x63, 0x6f, 0x72, 0x65, 0x2e,
+	0x76, 0x33, 0x2e, 0x47, 0x72, 0x70, 0x63, 0x53, 0x65, 0x72, 0x76, 0x69, 0x63, 0x65, 0x2e, 0x47,
+	0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x47, 0x72, 0x70, 0x63, 0x2e, 0x43, 0x61, 0x6c, 0x6c, 0x43, 0x72,
+	0x65, 0x64, 0x65, 0x6e, 0x74, 0x69, 0x61, 0x6c, 0x73, 0x2e, 0x53, 0x65, 0x72, 0x76, 0x69, 0x63,
+	0x65, 0x41, 0x63, 0x63, 0x6f, 0x75, 0x6e, 0x74, 0x4a, 0x57, 0x54, 0x41, 0x63, 0x63, 0x65, 0x73,
+	0x73, 0x43, 0x72, 0x65, 0x64, 0x65, 0x6e, 0x74, 0x69, 0x61, 0x6c, 0x73, 0x48, 0x00, 0x52, 0x17,
+	0x73, 0x65, 0x72, 0x76, 0x69, 0x63, 0x65, 0x41, 0x63, 0x63, 0x6f, 0x75, 0x6e, 0x74, 0x4a, 0x77,
+	0x74, 0x41, 0x63, 0x63, 0x65, 0x73, 0x73, 0x12, 0x72, 0x0a, 0x0a, 0x67, 0x6f, 0x6f, 0x67, 0x6c,
+	0x65, 0x5f, 0x69, 0x61, 0x6d, 0x18, 0x05, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x51, 0x2e, 0x65, 0x6e,
+	0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x63, 0x6f, 0x72, 0x65, 0x2e,
+	0x76, 0x33, 0x2e, 0x47, 0x72, 0x70, 0x63, 0x53, 0x65, 0x72, 0x76, 0x69, 0x63, 0x65, 0x2e, 0x47,
+	0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x47, 0x72, 0x70, 0x63, 0x2e, 0x43, 0x61, 0x6c, 0x6c, 0x43, 0x72,
+	0x65, 0x64, 0x65, 0x6e, 0x74, 0x69, 0x61, 0x6c, 0x73, 0x2e, 0x47, 0x6f, 0x6f, 0x67, 0x6c, 0x65,
+	0x49, 0x41, 0x4d, 0x43, 0x72, 0x65, 0x64, 0x65, 0x6e, 0x74, 0x69, 0x61, 0x6c, 0x73, 0x48, 0x00,
+	0x52, 0x09, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x49, 0x61, 0x6d, 0x12, 0x7d, 0x0a, 0x0b, 0x66,
+	0x72, 0x6f, 0x6d, 0x5f, 0x70, 0x6c, 0x75, 0x67, 0x69, 0x6e, 0x18, 0x06, 0x20, 0x01, 0x28, 0x0b,
+	0x32, 0x5a, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e,
+	0x63, 0x6f, 0x72, 0x65, 0x2e, 0x76, 0x33, 0x2e, 0x47, 0x72, 0x70, 0x63, 0x53, 0x65, 0x72, 0x76,
+	0x69, 0x63, 0x65, 0x2e, 0x47, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x47, 0x72, 0x70, 0x63, 0x2e, 0x43,
+	0x61, 0x6c, 0x6c, 0x43, 0x72, 0x65, 0x64, 0x65, 0x6e, 0x74, 0x69, 0x61, 0x6c, 0x73, 0x2e, 0x4d,
+	0x65, 0x74, 0x61, 0x64, 0x61, 0x74, 0x61, 0x43, 0x72, 0x65, 0x64, 0x65, 0x6e, 0x74, 0x69, 0x61,
+	0x6c, 0x73, 0x46, 0x72, 0x6f, 0x6d, 0x50, 0x6c, 0x75, 0x67, 0x69, 0x6e, 0x48, 0x00, 0x52, 0x0a,
+	0x66, 0x72, 0x6f, 0x6d, 0x50, 0x6c, 0x75, 0x67, 0x69, 0x6e, 0x12, 0x6a, 0x0a, 0x0b, 0x73, 0x74,
+	0x73, 0x5f, 0x73, 0x65, 0x72, 0x76, 0x69, 0x63, 0x65, 0x18, 0x07, 0x20, 0x01, 0x28, 0x0b, 0x32,
+	0x47, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x63,
+	0x6f, 0x72, 0x65, 0x2e, 0x76, 0x33, 0x2e, 0x47, 0x72, 0x70, 0x63, 0x53, 0x65, 0x72, 0x76, 0x69,
+	0x63, 0x65, 0x2e, 0x47, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x47, 0x72, 0x70, 0x63, 0x2e, 0x43, 0x61,
+	0x6c, 0x6c, 0x43, 0x72, 0x65, 0x64, 0x65, 0x6e, 0x74, 0x69, 0x61, 0x6c, 0x73, 0x2e, 0x53, 0x74,
+	0x73, 0x53, 0x65, 0x72, 0x76, 0x69, 0x63, 0x65, 0x48, 0x00, 0x52, 0x0a, 0x73, 0x74, 0x73, 0x53,
+	0x65, 0x72, 0x76, 0x69, 0x63, 0x65, 0x1a, 0xd9, 0x01, 0x0a, 0x22, 0x53, 0x65, 0x72, 0x76, 0x69,
+	0x63, 0x65, 0x41, 0x63, 0x63, 0x6f, 0x75, 0x6e, 0x74, 0x4a, 0x57, 0x54, 0x41, 0x63, 0x63, 0x65,
+	0x73, 0x73, 0x43, 0x72, 0x65, 0x64, 0x65, 0x6e, 0x74, 0x69, 0x61, 0x6c, 0x73, 0x12, 0x19, 0x0a,
+	0x08, 0x6a, 0x73, 0x6f, 0x6e, 0x5f, 0x6b, 0x65, 0x79, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52,
+	0x07, 0x6a, 0x73, 0x6f, 0x6e, 0x4b, 0x65, 0x79, 0x12, 0x34, 0x0a, 0x16, 0x74, 0x6f, 0x6b, 0x65,
+	0x6e, 0x5f, 0x6c, 0x69, 0x66, 0x65, 0x74, 0x69, 0x6d, 0x65, 0x5f, 0x73, 0x65, 0x63, 0x6f, 0x6e,
+	0x64, 0x73, 0x18, 0x02, 0x20, 0x01, 0x28, 0x04, 0x52, 0x14, 0x74, 0x6f, 0x6b, 0x65, 0x6e, 0x4c,
+	0x69, 0x66, 0x65, 0x74, 0x69, 0x6d, 0x65, 0x53, 0x65, 0x63, 0x6f, 0x6e, 0x64, 0x73, 0x3a, 0x62,
+	0x9a, 0xc5, 0x88, 0x1e, 0x5d, 0x0a, 0x5b, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61, 0x70, 0x69,
+	0x2e, 0x76, 0x32, 0x2e, 0x63, 0x6f, 0x72, 0x65, 0x2e, 0x47, 0x72, 0x70, 0x63, 0x53, 0x65, 0x72,
+	0x76, 0x69, 0x63, 0x65, 0x2e, 0x47, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x47, 0x72, 0x70, 0x63, 0x2e,
+	0x43, 0x61, 0x6c, 0x6c, 0x43, 0x72, 0x65, 0x64, 0x65, 0x6e, 0x74, 0x69, 0x61, 0x6c, 0x73, 0x2e,
+	0x53, 0x65, 0x72, 0x76, 0x69, 0x63, 0x65, 0x41, 0x63, 0x63, 0x6f, 0x75, 0x6e, 0x74, 0x4a, 0x57,
+	0x54, 0x41, 0x63, 0x63, 0x65, 0x73, 0x73, 0x43, 0x72, 0x65, 0x64, 0x65, 0x6e, 0x74, 0x69, 0x61,
+	0x6c, 0x73, 0x1a, 0xcc, 0x01, 0x0a, 0x14, 0x47, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x49, 0x41, 0x4d,
+	0x43, 0x72, 0x65, 0x64, 0x65, 0x6e, 0x74, 0x69, 0x61, 0x6c, 0x73, 0x12, 0x2f, 0x0a, 0x13, 0x61,
+	0x75, 0x74, 0x68, 0x6f, 0x72, 0x69, 0x7a, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x5f, 0x74, 0x6f, 0x6b,
+	0x65, 0x6e, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x12, 0x61, 0x75, 0x74, 0x68, 0x6f, 0x72,
+	0x69, 0x7a, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x54, 0x6f, 0x6b, 0x65, 0x6e, 0x12, 0x2d, 0x0a, 0x12,
+	0x61, 0x75, 0x74, 0x68, 0x6f, 0x72, 0x69, 0x74, 0x79, 0x5f, 0x73, 0x65, 0x6c, 0x65, 0x63, 0x74,
+	0x6f, 0x72, 0x18, 0x02, 0x20, 0x01, 0x28, 0x09, 0x52, 0x11, 0x61, 0x75, 0x74, 0x68, 0x6f, 0x72,
+	0x69, 0x74, 0x79, 0x53, 0x65, 0x6c, 0x65, 0x63, 0x74, 0x6f, 0x72, 0x3a, 0x54, 0x9a, 0xc5, 0x88,
+	0x1e, 0x4f, 0x0a, 0x4d, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x76, 0x32,
+	0x2e, 0x63, 0x6f, 0x72, 0x65, 0x2e, 0x47, 0x72, 0x70, 0x63, 0x53, 0x65, 0x72, 0x76, 0x69, 0x63,
+	0x65, 0x2e, 0x47, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x47, 0x72, 0x70, 0x63, 0x2e, 0x43, 0x61, 0x6c,
+	0x6c, 0x43, 0x72, 0x65, 0x64, 0x65, 0x6e, 0x74, 0x69, 0x61, 0x6c, 0x73, 0x2e, 0x47, 0x6f, 0x6f,
+	0x67, 0x6c, 0x65, 0x49, 0x41, 0x4d, 0x43, 0x72, 0x65, 0x64, 0x65, 0x6e, 0x74, 0x69, 0x61, 0x6c,
+	0x73, 0x1a, 0xea, 0x01, 0x0a, 0x1d, 0x4d, 0x65, 0x74, 0x61, 0x64, 0x61, 0x74, 0x61, 0x43, 0x72,
+	0x65, 0x64, 0x65, 0x6e, 0x74, 0x69, 0x61, 0x6c, 0x73, 0x46, 0x72, 0x6f, 0x6d, 0x50, 0x6c, 0x75,
+	0x67, 0x69, 0x6e, 0x12, 0x12, 0x0a, 0x04, 0x6e, 0x61, 0x6d, 0x65, 0x18, 0x01, 0x20, 0x01, 0x28,
+	0x09, 0x52, 0x04, 0x6e, 0x61, 0x6d, 0x65, 0x12, 0x39, 0x0a, 0x0c, 0x74, 0x79, 0x70, 0x65, 0x64,
+	0x5f, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x18, 0x03, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x14, 0x2e,
+	0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e,
+	0x41, 0x6e, 0x79, 0x48, 0x00, 0x52, 0x0b, 0x74, 0x79, 0x70, 0x65, 0x64, 0x43, 0x6f, 0x6e, 0x66,
+	0x69, 0x67, 0x3a, 0x5d, 0x9a, 0xc5, 0x88, 0x1e, 0x58, 0x0a, 0x56, 0x65, 0x6e, 0x76, 0x6f, 0x79,
+	0x2e, 0x61, 0x70, 0x69, 0x2e, 0x76, 0x32, 0x2e, 0x63, 0x6f, 0x72, 0x65, 0x2e, 0x47, 0x72, 0x70,
+	0x63, 0x53, 0x65, 0x72, 0x76, 0x69, 0x63, 0x65, 0x2e, 0x47, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x47,
+	0x72, 0x70, 0x63, 0x2e, 0x43, 0x61, 0x6c, 0x6c, 0x43, 0x72, 0x65, 0x64, 0x65, 0x6e, 0x74, 0x69,
+	0x61, 0x6c, 0x73, 0x2e, 0x4d, 0x65, 0x74, 0x61, 0x64, 0x61, 0x74, 0x61, 0x43, 0x72, 0x65, 0x64,
+	0x65, 0x6e, 0x74, 0x69, 0x61, 0x6c, 0x73, 0x46, 0x72, 0x6f, 0x6d, 0x50, 0x6c, 0x75, 0x67, 0x69,
+	0x6e, 0x42, 0x0d, 0x0a, 0x0b, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x5f, 0x74, 0x79, 0x70, 0x65,
+	0x4a, 0x04, 0x08, 0x02, 0x10, 0x03, 0x52, 0x06, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x1a, 0xd7,
+	0x03, 0x0a, 0x0a, 0x53, 0x74, 0x73, 0x53, 0x65, 0x72, 0x76, 0x69, 0x63, 0x65, 0x12, 0x3b, 0x0a,
+	0x1a, 0x74, 0x6f, 0x6b, 0x65, 0x6e, 0x5f, 0x65, 0x78, 0x63, 0x68, 0x61, 0x6e, 0x67, 0x65, 0x5f,
+	0x73, 0x65, 0x72, 0x76, 0x69, 0x63, 0x65, 0x5f, 0x75, 0x72, 0x69, 0x18, 0x01, 0x20, 0x01, 0x28,
+	0x09, 0x52, 0x17, 0x74, 0x6f, 0x6b, 0x65, 0x6e, 0x45, 0x78, 0x63, 0x68, 0x61, 0x6e, 0x67, 0x65,
+	0x53, 0x65, 0x72, 0x76, 0x69, 0x63, 0x65, 0x55, 0x72, 0x69, 0x12, 0x1a, 0x0a, 0x08, 0x72, 0x65,
+	0x73, 0x6f, 0x75, 0x72, 0x63, 0x65, 0x18, 0x02, 0x20, 0x01, 0x28, 0x09, 0x52, 0x08, 0x72, 0x65,
+	0x73, 0x6f, 0x75, 0x72, 0x63, 0x65, 0x12, 0x1a, 0x0a, 0x08, 0x61, 0x75, 0x64, 0x69, 0x65, 0x6e,
+	0x63, 0x65, 0x18, 0x03, 0x20, 0x01, 0x28, 0x09, 0x52, 0x08, 0x61, 0x75, 0x64, 0x69, 0x65, 0x6e,
+	0x63, 0x65, 0x12, 0x14, 0x0a, 0x05, 0x73, 0x63, 0x6f, 0x70, 0x65, 0x18, 0x04, 0x20, 0x01, 0x28,
+	0x09, 0x52, 0x05, 0x73, 0x63, 0x6f, 0x70, 0x65, 0x12, 0x30, 0x0a, 0x14, 0x72, 0x65, 0x71, 0x75,
+	0x65, 0x73, 0x74, 0x65, 0x64, 0x5f, 0x74, 0x6f, 0x6b, 0x65, 0x6e, 0x5f, 0x74, 0x79, 0x70, 0x65,
+	0x18, 0x05, 0x20, 0x01, 0x28, 0x09, 0x52, 0x12, 0x72, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x65,
+	0x64, 0x54, 0x6f, 0x6b, 0x65, 0x6e, 0x54, 0x79, 0x70, 0x65, 0x12, 0x35, 0x0a, 0x12, 0x73, 0x75,
+	0x62, 0x6a, 0x65, 0x63, 0x74, 0x5f, 0x74, 0x6f, 0x6b, 0x65, 0x6e, 0x5f, 0x70, 0x61, 0x74, 0x68,
+	0x18, 0x06, 0x20, 0x01, 0x28, 0x09, 0x42, 0x07, 0xfa, 0x42, 0x04, 0x72, 0x02, 0x10, 0x01, 0x52,
+	0x10, 0x73, 0x75, 0x62, 0x6a, 0x65, 0x63, 0x74, 0x54, 0x6f, 0x6b, 0x65, 0x6e, 0x50, 0x61, 0x74,
+	0x68, 0x12, 0x35, 0x0a, 0x12, 0x73, 0x75, 0x62, 0x6a, 0x65, 0x63, 0x74, 0x5f, 0x74, 0x6f, 0x6b,
+	0x65, 0x6e, 0x5f, 0x74, 0x79, 0x70, 0x65, 0x18, 0x07, 0x20, 0x01, 0x28, 0x09, 0x42, 0x07, 0xfa,
+	0x42, 0x04, 0x72, 0x02, 0x10, 0x01, 0x52, 0x10, 0x73, 0x75, 0x62, 0x6a, 0x65, 0x63, 0x74, 0x54,
+	0x6f, 0x6b, 0x65, 0x6e, 0x54, 0x79, 0x70, 0x65, 0x12, 0x28, 0x0a, 0x10, 0x61, 0x63, 0x74, 0x6f,
+	0x72, 0x5f, 0x74, 0x6f, 0x6b, 0x65, 0x6e, 0x5f, 0x70, 0x61, 0x74, 0x68, 0x18, 0x08, 0x20, 0x01,
+	0x28, 0x09, 0x52, 0x0e, 0x61, 0x63, 0x74, 0x6f, 0x72, 0x54, 0x6f, 0x6b, 0x65, 0x6e, 0x50, 0x61,
+	0x74, 0x68, 0x12, 0x28, 0x0a, 0x10, 0x61, 0x63, 0x74, 0x6f, 0x72, 0x5f, 0x74, 0x6f, 0x6b, 0x65,
+	0x6e, 0x5f, 0x74, 0x79, 0x70, 0x65, 0x18, 0x09, 0x20, 0x01, 0x28, 0x09, 0x52, 0x0e, 0x61, 0x63,
+	0x74, 0x6f, 0x72, 0x54, 0x6f, 0x6b, 0x65, 0x6e, 0x54, 0x79, 0x70, 0x65, 0x3a, 0x4a, 0x9a, 0xc5,
+	0x88, 0x1e, 0x45, 0x0a, 0x43, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x76,
+	0x32, 0x2e, 0x63, 0x6f, 0x72, 0x65, 0x2e, 0x47, 0x72, 0x70, 0x63, 0x53, 0x65, 0x72, 0x76, 0x69,
+	0x63, 0x65, 0x2e, 0x47, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x47, 0x72, 0x70, 0x63, 0x2e, 0x43, 0x61,
+	0x6c, 0x6c, 0x43, 0x72, 0x65, 0x64, 0x65, 0x6e, 0x74, 0x69, 0x61, 0x6c, 0x73, 0x2e, 0x53, 0x74,
+	0x73, 0x53, 0x65, 0x72, 0x76, 0x69, 0x63, 0x65, 0x3a, 0x3f, 0x9a, 0xc5, 0x88, 0x1e, 0x3a, 0x0a,
+	0x38, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x76, 0x32, 0x2e, 0x63, 0x6f,
+	0x72, 0x65, 0x2e, 0x47, 0x72, 0x70, 0x63, 0x53, 0x65, 0x72, 0x76, 0x69, 0x63, 0x65, 0x2e, 0x47,
+	0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x47, 0x72, 0x70, 0x63, 0x2e, 0x43, 0x61, 0x6c, 0x6c, 0x43, 0x72,
+	0x65, 0x64, 0x65, 0x6e, 0x74, 0x69, 0x61, 0x6c, 0x73, 0x42, 0x1b, 0x0a, 0x14, 0x63, 0x72, 0x65,
+	0x64, 0x65, 0x6e, 0x74, 0x69, 0x61, 0x6c, 0x5f, 0x73, 0x70, 0x65, 0x63, 0x69, 0x66, 0x69, 0x65,
+	0x72, 0x12, 0x03, 0xf8, 0x42, 0x01, 0x1a, 0xc3, 0x02, 0x0a, 0x0b, 0x43, 0x68, 0x61, 0x6e, 0x6e,
+	0x65, 0x6c, 0x41, 0x72, 0x67, 0x73, 0x12, 0x56, 0x0a, 0x04, 0x61, 0x72, 0x67, 0x73, 0x18, 0x01,
+	0x20, 0x03, 0x28, 0x0b, 0x32, 0x42, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e,
+	0x66, 0x69, 0x67, 0x2e, 0x63, 0x6f, 0x72, 0x65, 0x2e, 0x76, 0x33, 0x2e, 0x47, 0x72, 0x70, 0x63,
+	0x53, 0x65, 0x72, 0x76, 0x69, 0x63, 0x65, 0x2e, 0x47, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x47, 0x72,
+	0x70, 0x63, 0x2e, 0x43, 0x68, 0x61, 0x6e, 0x6e, 0x65, 0x6c, 0x41, 0x72, 0x67, 0x73, 0x2e, 0x41,
+	0x72, 0x67, 0x73, 0x45, 0x6e, 0x74, 0x72, 0x79, 0x52, 0x04, 0x61, 0x72, 0x67, 0x73, 0x1a, 0x63,
+	0x0a, 0x05, 0x56, 0x61, 0x6c, 0x75, 0x65, 0x12, 0x23, 0x0a, 0x0c, 0x73, 0x74, 0x72, 0x69, 0x6e,
+	0x67, 0x5f, 0x76, 0x61, 0x6c, 0x75, 0x65, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x48, 0x00, 0x52,
+	0x0b, 0x73, 0x74, 0x72, 0x69, 0x6e, 0x67, 0x56, 0x61, 0x6c, 0x75, 0x65, 0x12, 0x1d, 0x0a, 0x09,
+	0x69, 0x6e, 0x74, 0x5f, 0x76, 0x61, 0x6c, 0x75, 0x65, 0x18, 0x02, 0x20, 0x01, 0x28, 0x03, 0x48,
+	0x00, 0x52, 0x08, 0x69, 0x6e, 0x74, 0x56, 0x61, 0x6c, 0x75, 0x65, 0x42, 0x16, 0x0a, 0x0f, 0x76,
+	0x61, 0x6c, 0x75, 0x65, 0x5f, 0x73, 0x70, 0x65, 0x63, 0x69, 0x66, 0x69, 0x65, 0x72, 0x12, 0x03,
+	0xf8, 0x42, 0x01, 0x1a, 0x77, 0x0a, 0x09, 0x41, 0x72, 0x67, 0x73, 0x45, 0x6e, 0x74, 0x72, 0x79,
+	0x12, 0x10, 0x0a, 0x03, 0x6b, 0x65, 0x79, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x03, 0x6b,
+	0x65, 0x79, 0x12, 0x54, 0x0a, 0x05, 0x76, 0x61, 0x6c, 0x75, 0x65, 0x18, 0x02, 0x20, 0x01, 0x28,
+	0x0b, 0x32, 0x3e, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67,
+	0x2e, 0x63, 0x6f, 0x72, 0x65, 0x2e, 0x76, 0x33, 0x2e, 0x47, 0x72, 0x70, 0x63, 0x53, 0x65, 0x72,
+	0x76, 0x69, 0x63, 0x65, 0x2e, 0x47, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x47, 0x72, 0x70, 0x63, 0x2e,
+	0x43, 0x68, 0x61, 0x6e, 0x6e, 0x65, 0x6c, 0x41, 0x72, 0x67, 0x73, 0x2e, 0x56, 0x61, 0x6c, 0x75,
+	0x65, 0x52, 0x05, 0x76, 0x61, 0x6c, 0x75, 0x65, 0x3a, 0x02, 0x38, 0x01, 0x3a, 0x2f, 0x9a, 0xc5,
+	0x88, 0x1e, 0x2a, 0x0a, 0x28, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x76,
+	0x32, 0x2e, 0x63, 0x6f, 0x72, 0x65, 0x2e, 0x47, 0x72, 0x70, 0x63, 0x53, 0x65, 0x72, 0x76, 0x69,
+	0x63, 0x65, 0x2e, 0x47, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x47, 0x72, 0x70, 0x63, 0x3a, 0x24, 0x9a,
+	0xc5, 0x88, 0x1e, 0x1f, 0x0a, 0x1d, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61, 0x70, 0x69, 0x2e,
+	0x76, 0x32, 0x2e, 0x63, 0x6f, 0x72, 0x65, 0x2e, 0x47, 0x72, 0x70, 0x63, 0x53, 0x65, 0x72, 0x76,
+	0x69, 0x63, 0x65, 0x42, 0x17, 0x0a, 0x10, 0x74, 0x61, 0x72, 0x67, 0x65, 0x74, 0x5f, 0x73, 0x70,
+	0x65, 0x63, 0x69, 0x66, 0x69, 0x65, 0x72, 0x12, 0x03, 0xf8, 0x42, 0x01, 0x4a, 0x04, 0x08, 0x04,
+	0x10, 0x05, 0x42, 0x40, 0x0a, 0x22, 0x69, 0x6f, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x70, 0x72,
+	0x6f, 0x78, 0x79, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67,
+	0x2e, 0x63, 0x6f, 0x72, 0x65, 0x2e, 0x76, 0x33, 0x42, 0x10, 0x47, 0x72, 0x70, 0x63, 0x53, 0x65,
+	0x72, 0x76, 0x69, 0x63, 0x65, 0x50, 0x72, 0x6f, 0x74, 0x6f, 0x50, 0x01, 0xba, 0x80, 0xc8, 0xd1,
+	0x06, 0x02, 0x10, 0x02, 0x62, 0x06, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x33,
+}
+
+var (
+	file_envoy_config_core_v3_grpc_service_proto_rawDescOnce sync.Once
+	file_envoy_config_core_v3_grpc_service_proto_rawDescData = file_envoy_config_core_v3_grpc_service_proto_rawDesc
+)
+
+func file_envoy_config_core_v3_grpc_service_proto_rawDescGZIP() []byte {
+	file_envoy_config_core_v3_grpc_service_proto_rawDescOnce.Do(func() {
+		file_envoy_config_core_v3_grpc_service_proto_rawDescData = protoimpl.X.CompressGZIP(file_envoy_config_core_v3_grpc_service_proto_rawDescData)
+	})
+	return file_envoy_config_core_v3_grpc_service_proto_rawDescData
+}
+
+var file_envoy_config_core_v3_grpc_service_proto_msgTypes = make([]protoimpl.MessageInfo, 14)
+var file_envoy_config_core_v3_grpc_service_proto_goTypes = []interface{}{
+	(*GrpcService)(nil),                                                               // 0: envoy.config.core.v3.GrpcService
+	(*GrpcService_EnvoyGrpc)(nil),                                                     // 1: envoy.config.core.v3.GrpcService.EnvoyGrpc
+	(*GrpcService_GoogleGrpc)(nil),                                                    // 2: envoy.config.core.v3.GrpcService.GoogleGrpc
+	(*GrpcService_GoogleGrpc_SslCredentials)(nil),                                     // 3: envoy.config.core.v3.GrpcService.GoogleGrpc.SslCredentials
+	(*GrpcService_GoogleGrpc_GoogleLocalCredentials)(nil),                             // 4: envoy.config.core.v3.GrpcService.GoogleGrpc.GoogleLocalCredentials
+	(*GrpcService_GoogleGrpc_ChannelCredentials)(nil),                                 // 5: envoy.config.core.v3.GrpcService.GoogleGrpc.ChannelCredentials
+	(*GrpcService_GoogleGrpc_CallCredentials)(nil),                                    // 6: envoy.config.core.v3.GrpcService.GoogleGrpc.CallCredentials
+	(*GrpcService_GoogleGrpc_ChannelArgs)(nil),                                        // 7: envoy.config.core.v3.GrpcService.GoogleGrpc.ChannelArgs
+	(*GrpcService_GoogleGrpc_CallCredentials_ServiceAccountJWTAccessCredentials)(nil), // 8: envoy.config.core.v3.GrpcService.GoogleGrpc.CallCredentials.ServiceAccountJWTAccessCredentials
+	(*GrpcService_GoogleGrpc_CallCredentials_GoogleIAMCredentials)(nil),               // 9: envoy.config.core.v3.GrpcService.GoogleGrpc.CallCredentials.GoogleIAMCredentials
+	(*GrpcService_GoogleGrpc_CallCredentials_MetadataCredentialsFromPlugin)(nil),      // 10: envoy.config.core.v3.GrpcService.GoogleGrpc.CallCredentials.MetadataCredentialsFromPlugin
+	(*GrpcService_GoogleGrpc_CallCredentials_StsService)(nil),                         // 11: envoy.config.core.v3.GrpcService.GoogleGrpc.CallCredentials.StsService
+	(*GrpcService_GoogleGrpc_ChannelArgs_Value)(nil),                                  // 12: envoy.config.core.v3.GrpcService.GoogleGrpc.ChannelArgs.Value
+	nil,                          // 13: envoy.config.core.v3.GrpcService.GoogleGrpc.ChannelArgs.ArgsEntry
+	(*duration.Duration)(nil),    // 14: google.protobuf.Duration
+	(*HeaderValue)(nil),          // 15: envoy.config.core.v3.HeaderValue
+	(*_struct.Struct)(nil),       // 16: google.protobuf.Struct
+	(*wrappers.UInt32Value)(nil), // 17: google.protobuf.UInt32Value
+	(*DataSource)(nil),           // 18: envoy.config.core.v3.DataSource
+	(*emptypb.Empty)(nil),        // 19: google.protobuf.Empty
+	(*any.Any)(nil),              // 20: google.protobuf.Any
+}
+var file_envoy_config_core_v3_grpc_service_proto_depIdxs = []int32{
+	1,  // 0: envoy.config.core.v3.GrpcService.envoy_grpc:type_name -> envoy.config.core.v3.GrpcService.EnvoyGrpc
+	2,  // 1: envoy.config.core.v3.GrpcService.google_grpc:type_name -> envoy.config.core.v3.GrpcService.GoogleGrpc
+	14, // 2: envoy.config.core.v3.GrpcService.timeout:type_name -> google.protobuf.Duration
+	15, // 3: envoy.config.core.v3.GrpcService.initial_metadata:type_name -> envoy.config.core.v3.HeaderValue
+	5,  // 4: envoy.config.core.v3.GrpcService.GoogleGrpc.channel_credentials:type_name -> envoy.config.core.v3.GrpcService.GoogleGrpc.ChannelCredentials
+	6,  // 5: envoy.config.core.v3.GrpcService.GoogleGrpc.call_credentials:type_name -> envoy.config.core.v3.GrpcService.GoogleGrpc.CallCredentials
+	16, // 6: envoy.config.core.v3.GrpcService.GoogleGrpc.config:type_name -> google.protobuf.Struct
+	17, // 7: envoy.config.core.v3.GrpcService.GoogleGrpc.per_stream_buffer_limit_bytes:type_name -> google.protobuf.UInt32Value
+	7,  // 8: envoy.config.core.v3.GrpcService.GoogleGrpc.channel_args:type_name -> envoy.config.core.v3.GrpcService.GoogleGrpc.ChannelArgs
+	18, // 9: envoy.config.core.v3.GrpcService.GoogleGrpc.SslCredentials.root_certs:type_name -> envoy.config.core.v3.DataSource
+	18, // 10: envoy.config.core.v3.GrpcService.GoogleGrpc.SslCredentials.private_key:type_name -> envoy.config.core.v3.DataSource
+	18, // 11: envoy.config.core.v3.GrpcService.GoogleGrpc.SslCredentials.cert_chain:type_name -> envoy.config.core.v3.DataSource
+	3,  // 12: envoy.config.core.v3.GrpcService.GoogleGrpc.ChannelCredentials.ssl_credentials:type_name -> envoy.config.core.v3.GrpcService.GoogleGrpc.SslCredentials
+	19, // 13: envoy.config.core.v3.GrpcService.GoogleGrpc.ChannelCredentials.google_default:type_name -> google.protobuf.Empty
+	4,  // 14: envoy.config.core.v3.GrpcService.GoogleGrpc.ChannelCredentials.local_credentials:type_name -> envoy.config.core.v3.GrpcService.GoogleGrpc.GoogleLocalCredentials
+	19, // 15: envoy.config.core.v3.GrpcService.GoogleGrpc.CallCredentials.google_compute_engine:type_name -> google.protobuf.Empty
+	8,  // 16: envoy.config.core.v3.GrpcService.GoogleGrpc.CallCredentials.service_account_jwt_access:type_name -> envoy.config.core.v3.GrpcService.GoogleGrpc.CallCredentials.ServiceAccountJWTAccessCredentials
+	9,  // 17: envoy.config.core.v3.GrpcService.GoogleGrpc.CallCredentials.google_iam:type_name -> envoy.config.core.v3.GrpcService.GoogleGrpc.CallCredentials.GoogleIAMCredentials
+	10, // 18: envoy.config.core.v3.GrpcService.GoogleGrpc.CallCredentials.from_plugin:type_name -> envoy.config.core.v3.GrpcService.GoogleGrpc.CallCredentials.MetadataCredentialsFromPlugin
+	11, // 19: envoy.config.core.v3.GrpcService.GoogleGrpc.CallCredentials.sts_service:type_name -> envoy.config.core.v3.GrpcService.GoogleGrpc.CallCredentials.StsService
+	13, // 20: envoy.config.core.v3.GrpcService.GoogleGrpc.ChannelArgs.args:type_name -> envoy.config.core.v3.GrpcService.GoogleGrpc.ChannelArgs.ArgsEntry
+	20, // 21: envoy.config.core.v3.GrpcService.GoogleGrpc.CallCredentials.MetadataCredentialsFromPlugin.typed_config:type_name -> google.protobuf.Any
+	12, // 22: envoy.config.core.v3.GrpcService.GoogleGrpc.ChannelArgs.ArgsEntry.value:type_name -> envoy.config.core.v3.GrpcService.GoogleGrpc.ChannelArgs.Value
+	23, // [23:23] is the sub-list for method output_type
+	23, // [23:23] is the sub-list for method input_type
+	23, // [23:23] is the sub-list for extension type_name
+	23, // [23:23] is the sub-list for extension extendee
+	0,  // [0:23] is the sub-list for field type_name
+}
+
+func init() { file_envoy_config_core_v3_grpc_service_proto_init() }
+func file_envoy_config_core_v3_grpc_service_proto_init() {
+	if File_envoy_config_core_v3_grpc_service_proto != nil {
+		return
+	}
+	file_envoy_config_core_v3_base_proto_init()
+	if !protoimpl.UnsafeEnabled {
+		file_envoy_config_core_v3_grpc_service_proto_msgTypes[0].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*GrpcService); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_config_core_v3_grpc_service_proto_msgTypes[1].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*GrpcService_EnvoyGrpc); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_config_core_v3_grpc_service_proto_msgTypes[2].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*GrpcService_GoogleGrpc); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_config_core_v3_grpc_service_proto_msgTypes[3].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*GrpcService_GoogleGrpc_SslCredentials); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_config_core_v3_grpc_service_proto_msgTypes[4].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*GrpcService_GoogleGrpc_GoogleLocalCredentials); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_config_core_v3_grpc_service_proto_msgTypes[5].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*GrpcService_GoogleGrpc_ChannelCredentials); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_config_core_v3_grpc_service_proto_msgTypes[6].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*GrpcService_GoogleGrpc_CallCredentials); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_config_core_v3_grpc_service_proto_msgTypes[7].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*GrpcService_GoogleGrpc_ChannelArgs); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_config_core_v3_grpc_service_proto_msgTypes[8].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*GrpcService_GoogleGrpc_CallCredentials_ServiceAccountJWTAccessCredentials); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_config_core_v3_grpc_service_proto_msgTypes[9].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*GrpcService_GoogleGrpc_CallCredentials_GoogleIAMCredentials); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_config_core_v3_grpc_service_proto_msgTypes[10].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*GrpcService_GoogleGrpc_CallCredentials_MetadataCredentialsFromPlugin); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_config_core_v3_grpc_service_proto_msgTypes[11].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*GrpcService_GoogleGrpc_CallCredentials_StsService); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_config_core_v3_grpc_service_proto_msgTypes[12].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*GrpcService_GoogleGrpc_ChannelArgs_Value); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+	}
+	file_envoy_config_core_v3_grpc_service_proto_msgTypes[0].OneofWrappers = []interface{}{
+		(*GrpcService_EnvoyGrpc_)(nil),
+		(*GrpcService_GoogleGrpc_)(nil),
+	}
+	file_envoy_config_core_v3_grpc_service_proto_msgTypes[5].OneofWrappers = []interface{}{
+		(*GrpcService_GoogleGrpc_ChannelCredentials_SslCredentials)(nil),
+		(*GrpcService_GoogleGrpc_ChannelCredentials_GoogleDefault)(nil),
+		(*GrpcService_GoogleGrpc_ChannelCredentials_LocalCredentials)(nil),
+	}
+	file_envoy_config_core_v3_grpc_service_proto_msgTypes[6].OneofWrappers = []interface{}{
+		(*GrpcService_GoogleGrpc_CallCredentials_AccessToken)(nil),
+		(*GrpcService_GoogleGrpc_CallCredentials_GoogleComputeEngine)(nil),
+		(*GrpcService_GoogleGrpc_CallCredentials_GoogleRefreshToken)(nil),
+		(*GrpcService_GoogleGrpc_CallCredentials_ServiceAccountJwtAccess)(nil),
+		(*GrpcService_GoogleGrpc_CallCredentials_GoogleIam)(nil),
+		(*GrpcService_GoogleGrpc_CallCredentials_FromPlugin)(nil),
+		(*GrpcService_GoogleGrpc_CallCredentials_StsService_)(nil),
+	}
+	file_envoy_config_core_v3_grpc_service_proto_msgTypes[10].OneofWrappers = []interface{}{
+		(*GrpcService_GoogleGrpc_CallCredentials_MetadataCredentialsFromPlugin_TypedConfig)(nil),
+	}
+	file_envoy_config_core_v3_grpc_service_proto_msgTypes[12].OneofWrappers = []interface{}{
+		(*GrpcService_GoogleGrpc_ChannelArgs_Value_StringValue)(nil),
+		(*GrpcService_GoogleGrpc_ChannelArgs_Value_IntValue)(nil),
+	}
+	type x struct{}
+	out := protoimpl.TypeBuilder{
+		File: protoimpl.DescBuilder{
+			GoPackagePath: reflect.TypeOf(x{}).PkgPath(),
+			RawDescriptor: file_envoy_config_core_v3_grpc_service_proto_rawDesc,
+			NumEnums:      0,
+			NumMessages:   14,
+			NumExtensions: 0,
+			NumServices:   0,
+		},
+		GoTypes:           file_envoy_config_core_v3_grpc_service_proto_goTypes,
+		DependencyIndexes: file_envoy_config_core_v3_grpc_service_proto_depIdxs,
+		MessageInfos:      file_envoy_config_core_v3_grpc_service_proto_msgTypes,
+	}.Build()
+	File_envoy_config_core_v3_grpc_service_proto = out.File
+	file_envoy_config_core_v3_grpc_service_proto_rawDesc = nil
+	file_envoy_config_core_v3_grpc_service_proto_goTypes = nil
+	file_envoy_config_core_v3_grpc_service_proto_depIdxs = nil
+}
diff --git a/vendor/github.com/envoyproxy/go-control-plane/envoy/config/core/v3/grpc_service.pb.validate.go b/vendor/github.com/envoyproxy/go-control-plane/envoy/config/core/v3/grpc_service.pb.validate.go
new file mode 100644
index 00000000000..6c8f9dab057
--- /dev/null
+++ b/vendor/github.com/envoyproxy/go-control-plane/envoy/config/core/v3/grpc_service.pb.validate.go
@@ -0,0 +1,2307 @@
+// Code generated by protoc-gen-validate. DO NOT EDIT.
+// source: envoy/config/core/v3/grpc_service.proto
+
+package envoy_config_core_v3
+
+import (
+	"bytes"
+	"errors"
+	"fmt"
+	"net"
+	"net/mail"
+	"net/url"
+	"regexp"
+	"sort"
+	"strings"
+	"time"
+	"unicode/utf8"
+
+	"google.golang.org/protobuf/types/known/anypb"
+)
+
+// ensure the imports are used
+var (
+	_ = bytes.MinRead
+	_ = errors.New("")
+	_ = fmt.Print
+	_ = utf8.UTFMax
+	_ = (*regexp.Regexp)(nil)
+	_ = (*strings.Reader)(nil)
+	_ = net.IPv4len
+	_ = time.Duration(0)
+	_ = (*url.URL)(nil)
+	_ = (*mail.Address)(nil)
+	_ = anypb.Any{}
+	_ = sort.Sort
+)
+
+// Validate checks the field values on GrpcService with the rules defined in
+// the proto definition for this message. If any rules are violated, the first
+// error encountered is returned, or nil if there are no violations.
+func (m *GrpcService) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on GrpcService with the rules defined in
+// the proto definition for this message. If any rules are violated, the
+// result is a list of violation errors wrapped in GrpcServiceMultiError, or
+// nil if none found.
+func (m *GrpcService) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *GrpcService) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	if all {
+		switch v := interface{}(m.GetTimeout()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, GrpcServiceValidationError{
+					field:  "Timeout",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, GrpcServiceValidationError{
+					field:  "Timeout",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetTimeout()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return GrpcServiceValidationError{
+				field:  "Timeout",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	for idx, item := range m.GetInitialMetadata() {
+		_, _ = idx, item
+
+		if all {
+			switch v := interface{}(item).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, GrpcServiceValidationError{
+						field:  fmt.Sprintf("InitialMetadata[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, GrpcServiceValidationError{
+						field:  fmt.Sprintf("InitialMetadata[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(item).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return GrpcServiceValidationError{
+					field:  fmt.Sprintf("InitialMetadata[%v]", idx),
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	}
+
+	switch m.TargetSpecifier.(type) {
+
+	case *GrpcService_EnvoyGrpc_:
+
+		if all {
+			switch v := interface{}(m.GetEnvoyGrpc()).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, GrpcServiceValidationError{
+						field:  "EnvoyGrpc",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, GrpcServiceValidationError{
+						field:  "EnvoyGrpc",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(m.GetEnvoyGrpc()).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return GrpcServiceValidationError{
+					field:  "EnvoyGrpc",
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	case *GrpcService_GoogleGrpc_:
+
+		if all {
+			switch v := interface{}(m.GetGoogleGrpc()).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, GrpcServiceValidationError{
+						field:  "GoogleGrpc",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, GrpcServiceValidationError{
+						field:  "GoogleGrpc",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(m.GetGoogleGrpc()).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return GrpcServiceValidationError{
+					field:  "GoogleGrpc",
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	default:
+		err := GrpcServiceValidationError{
+			field:  "TargetSpecifier",
+			reason: "value is required",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+
+	}
+
+	if len(errors) > 0 {
+		return GrpcServiceMultiError(errors)
+	}
+	return nil
+}
+
+// GrpcServiceMultiError is an error wrapping multiple validation errors
+// returned by GrpcService.ValidateAll() if the designated constraints aren't met.
+type GrpcServiceMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m GrpcServiceMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m GrpcServiceMultiError) AllErrors() []error { return m }
+
+// GrpcServiceValidationError is the validation error returned by
+// GrpcService.Validate if the designated constraints aren't met.
+type GrpcServiceValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e GrpcServiceValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e GrpcServiceValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e GrpcServiceValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e GrpcServiceValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e GrpcServiceValidationError) ErrorName() string { return "GrpcServiceValidationError" }
+
+// Error satisfies the builtin error interface
+func (e GrpcServiceValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sGrpcService.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = GrpcServiceValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = GrpcServiceValidationError{}
+
+// Validate checks the field values on GrpcService_EnvoyGrpc with the rules
+// defined in the proto definition for this message. If any rules are
+// violated, the first error encountered is returned, or nil if there are no violations.
+func (m *GrpcService_EnvoyGrpc) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on GrpcService_EnvoyGrpc with the rules
+// defined in the proto definition for this message. If any rules are
+// violated, the result is a list of violation errors wrapped in
+// GrpcService_EnvoyGrpcMultiError, or nil if none found.
+func (m *GrpcService_EnvoyGrpc) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *GrpcService_EnvoyGrpc) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	if utf8.RuneCountInString(m.GetClusterName()) < 1 {
+		err := GrpcService_EnvoyGrpcValidationError{
+			field:  "ClusterName",
+			reason: "value length must be at least 1 runes",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+	}
+
+	if utf8.RuneCountInString(m.GetAuthority()) < 0 {
+		err := GrpcService_EnvoyGrpcValidationError{
+			field:  "Authority",
+			reason: "value length must be at least 0 runes",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+	}
+
+	if len(m.GetAuthority()) > 16384 {
+		err := GrpcService_EnvoyGrpcValidationError{
+			field:  "Authority",
+			reason: "value length must be at most 16384 bytes",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+	}
+
+	if !_GrpcService_EnvoyGrpc_Authority_Pattern.MatchString(m.GetAuthority()) {
+		err := GrpcService_EnvoyGrpcValidationError{
+			field:  "Authority",
+			reason: "value does not match regex pattern \"^[^\\x00\\n\\r]*$\"",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+	}
+
+	if len(errors) > 0 {
+		return GrpcService_EnvoyGrpcMultiError(errors)
+	}
+	return nil
+}
+
+// GrpcService_EnvoyGrpcMultiError is an error wrapping multiple validation
+// errors returned by GrpcService_EnvoyGrpc.ValidateAll() if the designated
+// constraints aren't met.
+type GrpcService_EnvoyGrpcMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m GrpcService_EnvoyGrpcMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m GrpcService_EnvoyGrpcMultiError) AllErrors() []error { return m }
+
+// GrpcService_EnvoyGrpcValidationError is the validation error returned by
+// GrpcService_EnvoyGrpc.Validate if the designated constraints aren't met.
+type GrpcService_EnvoyGrpcValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e GrpcService_EnvoyGrpcValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e GrpcService_EnvoyGrpcValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e GrpcService_EnvoyGrpcValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e GrpcService_EnvoyGrpcValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e GrpcService_EnvoyGrpcValidationError) ErrorName() string {
+	return "GrpcService_EnvoyGrpcValidationError"
+}
+
+// Error satisfies the builtin error interface
+func (e GrpcService_EnvoyGrpcValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sGrpcService_EnvoyGrpc.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = GrpcService_EnvoyGrpcValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = GrpcService_EnvoyGrpcValidationError{}
+
+var _GrpcService_EnvoyGrpc_Authority_Pattern = regexp.MustCompile("^[^\x00\n\r]*$")
+
+// Validate checks the field values on GrpcService_GoogleGrpc with the rules
+// defined in the proto definition for this message. If any rules are
+// violated, the first error encountered is returned, or nil if there are no violations.
+func (m *GrpcService_GoogleGrpc) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on GrpcService_GoogleGrpc with the rules
+// defined in the proto definition for this message. If any rules are
+// violated, the result is a list of violation errors wrapped in
+// GrpcService_GoogleGrpcMultiError, or nil if none found.
+func (m *GrpcService_GoogleGrpc) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *GrpcService_GoogleGrpc) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	if utf8.RuneCountInString(m.GetTargetUri()) < 1 {
+		err := GrpcService_GoogleGrpcValidationError{
+			field:  "TargetUri",
+			reason: "value length must be at least 1 runes",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+	}
+
+	if all {
+		switch v := interface{}(m.GetChannelCredentials()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, GrpcService_GoogleGrpcValidationError{
+					field:  "ChannelCredentials",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, GrpcService_GoogleGrpcValidationError{
+					field:  "ChannelCredentials",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetChannelCredentials()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return GrpcService_GoogleGrpcValidationError{
+				field:  "ChannelCredentials",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	for idx, item := range m.GetCallCredentials() {
+		_, _ = idx, item
+
+		if all {
+			switch v := interface{}(item).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, GrpcService_GoogleGrpcValidationError{
+						field:  fmt.Sprintf("CallCredentials[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, GrpcService_GoogleGrpcValidationError{
+						field:  fmt.Sprintf("CallCredentials[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(item).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return GrpcService_GoogleGrpcValidationError{
+					field:  fmt.Sprintf("CallCredentials[%v]", idx),
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	}
+
+	if utf8.RuneCountInString(m.GetStatPrefix()) < 1 {
+		err := GrpcService_GoogleGrpcValidationError{
+			field:  "StatPrefix",
+			reason: "value length must be at least 1 runes",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+	}
+
+	// no validation rules for CredentialsFactoryName
+
+	if all {
+		switch v := interface{}(m.GetConfig()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, GrpcService_GoogleGrpcValidationError{
+					field:  "Config",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, GrpcService_GoogleGrpcValidationError{
+					field:  "Config",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetConfig()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return GrpcService_GoogleGrpcValidationError{
+				field:  "Config",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if all {
+		switch v := interface{}(m.GetPerStreamBufferLimitBytes()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, GrpcService_GoogleGrpcValidationError{
+					field:  "PerStreamBufferLimitBytes",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, GrpcService_GoogleGrpcValidationError{
+					field:  "PerStreamBufferLimitBytes",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetPerStreamBufferLimitBytes()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return GrpcService_GoogleGrpcValidationError{
+				field:  "PerStreamBufferLimitBytes",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if all {
+		switch v := interface{}(m.GetChannelArgs()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, GrpcService_GoogleGrpcValidationError{
+					field:  "ChannelArgs",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, GrpcService_GoogleGrpcValidationError{
+					field:  "ChannelArgs",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetChannelArgs()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return GrpcService_GoogleGrpcValidationError{
+				field:  "ChannelArgs",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if len(errors) > 0 {
+		return GrpcService_GoogleGrpcMultiError(errors)
+	}
+	return nil
+}
+
+// GrpcService_GoogleGrpcMultiError is an error wrapping multiple validation
+// errors returned by GrpcService_GoogleGrpc.ValidateAll() if the designated
+// constraints aren't met.
+type GrpcService_GoogleGrpcMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m GrpcService_GoogleGrpcMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m GrpcService_GoogleGrpcMultiError) AllErrors() []error { return m }
+
+// GrpcService_GoogleGrpcValidationError is the validation error returned by
+// GrpcService_GoogleGrpc.Validate if the designated constraints aren't met.
+type GrpcService_GoogleGrpcValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e GrpcService_GoogleGrpcValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e GrpcService_GoogleGrpcValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e GrpcService_GoogleGrpcValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e GrpcService_GoogleGrpcValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e GrpcService_GoogleGrpcValidationError) ErrorName() string {
+	return "GrpcService_GoogleGrpcValidationError"
+}
+
+// Error satisfies the builtin error interface
+func (e GrpcService_GoogleGrpcValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sGrpcService_GoogleGrpc.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = GrpcService_GoogleGrpcValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = GrpcService_GoogleGrpcValidationError{}
+
+// Validate checks the field values on GrpcService_GoogleGrpc_SslCredentials
+// with the rules defined in the proto definition for this message. If any
+// rules are violated, the first error encountered is returned, or nil if
+// there are no violations.
+func (m *GrpcService_GoogleGrpc_SslCredentials) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on GrpcService_GoogleGrpc_SslCredentials
+// with the rules defined in the proto definition for this message. If any
+// rules are violated, the result is a list of violation errors wrapped in
+// GrpcService_GoogleGrpc_SslCredentialsMultiError, or nil if none found.
+func (m *GrpcService_GoogleGrpc_SslCredentials) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *GrpcService_GoogleGrpc_SslCredentials) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	if all {
+		switch v := interface{}(m.GetRootCerts()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, GrpcService_GoogleGrpc_SslCredentialsValidationError{
+					field:  "RootCerts",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, GrpcService_GoogleGrpc_SslCredentialsValidationError{
+					field:  "RootCerts",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetRootCerts()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return GrpcService_GoogleGrpc_SslCredentialsValidationError{
+				field:  "RootCerts",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if all {
+		switch v := interface{}(m.GetPrivateKey()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, GrpcService_GoogleGrpc_SslCredentialsValidationError{
+					field:  "PrivateKey",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, GrpcService_GoogleGrpc_SslCredentialsValidationError{
+					field:  "PrivateKey",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetPrivateKey()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return GrpcService_GoogleGrpc_SslCredentialsValidationError{
+				field:  "PrivateKey",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if all {
+		switch v := interface{}(m.GetCertChain()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, GrpcService_GoogleGrpc_SslCredentialsValidationError{
+					field:  "CertChain",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, GrpcService_GoogleGrpc_SslCredentialsValidationError{
+					field:  "CertChain",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetCertChain()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return GrpcService_GoogleGrpc_SslCredentialsValidationError{
+				field:  "CertChain",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if len(errors) > 0 {
+		return GrpcService_GoogleGrpc_SslCredentialsMultiError(errors)
+	}
+	return nil
+}
+
+// GrpcService_GoogleGrpc_SslCredentialsMultiError is an error wrapping
+// multiple validation errors returned by
+// GrpcService_GoogleGrpc_SslCredentials.ValidateAll() if the designated
+// constraints aren't met.
+type GrpcService_GoogleGrpc_SslCredentialsMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m GrpcService_GoogleGrpc_SslCredentialsMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m GrpcService_GoogleGrpc_SslCredentialsMultiError) AllErrors() []error { return m }
+
+// GrpcService_GoogleGrpc_SslCredentialsValidationError is the validation error
+// returned by GrpcService_GoogleGrpc_SslCredentials.Validate if the
+// designated constraints aren't met.
+type GrpcService_GoogleGrpc_SslCredentialsValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e GrpcService_GoogleGrpc_SslCredentialsValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e GrpcService_GoogleGrpc_SslCredentialsValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e GrpcService_GoogleGrpc_SslCredentialsValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e GrpcService_GoogleGrpc_SslCredentialsValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e GrpcService_GoogleGrpc_SslCredentialsValidationError) ErrorName() string {
+	return "GrpcService_GoogleGrpc_SslCredentialsValidationError"
+}
+
+// Error satisfies the builtin error interface
+func (e GrpcService_GoogleGrpc_SslCredentialsValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sGrpcService_GoogleGrpc_SslCredentials.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = GrpcService_GoogleGrpc_SslCredentialsValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = GrpcService_GoogleGrpc_SslCredentialsValidationError{}
+
+// Validate checks the field values on
+// GrpcService_GoogleGrpc_GoogleLocalCredentials with the rules defined in the
+// proto definition for this message. If any rules are violated, the first
+// error encountered is returned, or nil if there are no violations.
+func (m *GrpcService_GoogleGrpc_GoogleLocalCredentials) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on
+// GrpcService_GoogleGrpc_GoogleLocalCredentials with the rules defined in the
+// proto definition for this message. If any rules are violated, the result is
+// a list of violation errors wrapped in
+// GrpcService_GoogleGrpc_GoogleLocalCredentialsMultiError, or nil if none found.
+func (m *GrpcService_GoogleGrpc_GoogleLocalCredentials) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *GrpcService_GoogleGrpc_GoogleLocalCredentials) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	if len(errors) > 0 {
+		return GrpcService_GoogleGrpc_GoogleLocalCredentialsMultiError(errors)
+	}
+	return nil
+}
+
+// GrpcService_GoogleGrpc_GoogleLocalCredentialsMultiError is an error wrapping
+// multiple validation errors returned by
+// GrpcService_GoogleGrpc_GoogleLocalCredentials.ValidateAll() if the
+// designated constraints aren't met.
+type GrpcService_GoogleGrpc_GoogleLocalCredentialsMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m GrpcService_GoogleGrpc_GoogleLocalCredentialsMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m GrpcService_GoogleGrpc_GoogleLocalCredentialsMultiError) AllErrors() []error { return m }
+
+// GrpcService_GoogleGrpc_GoogleLocalCredentialsValidationError is the
+// validation error returned by
+// GrpcService_GoogleGrpc_GoogleLocalCredentials.Validate if the designated
+// constraints aren't met.
+type GrpcService_GoogleGrpc_GoogleLocalCredentialsValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e GrpcService_GoogleGrpc_GoogleLocalCredentialsValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e GrpcService_GoogleGrpc_GoogleLocalCredentialsValidationError) Reason() string {
+	return e.reason
+}
+
+// Cause function returns cause value.
+func (e GrpcService_GoogleGrpc_GoogleLocalCredentialsValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e GrpcService_GoogleGrpc_GoogleLocalCredentialsValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e GrpcService_GoogleGrpc_GoogleLocalCredentialsValidationError) ErrorName() string {
+	return "GrpcService_GoogleGrpc_GoogleLocalCredentialsValidationError"
+}
+
+// Error satisfies the builtin error interface
+func (e GrpcService_GoogleGrpc_GoogleLocalCredentialsValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sGrpcService_GoogleGrpc_GoogleLocalCredentials.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = GrpcService_GoogleGrpc_GoogleLocalCredentialsValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = GrpcService_GoogleGrpc_GoogleLocalCredentialsValidationError{}
+
+// Validate checks the field values on
+// GrpcService_GoogleGrpc_ChannelCredentials with the rules defined in the
+// proto definition for this message. If any rules are violated, the first
+// error encountered is returned, or nil if there are no violations.
+func (m *GrpcService_GoogleGrpc_ChannelCredentials) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on
+// GrpcService_GoogleGrpc_ChannelCredentials with the rules defined in the
+// proto definition for this message. If any rules are violated, the result is
+// a list of violation errors wrapped in
+// GrpcService_GoogleGrpc_ChannelCredentialsMultiError, or nil if none found.
+func (m *GrpcService_GoogleGrpc_ChannelCredentials) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *GrpcService_GoogleGrpc_ChannelCredentials) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	switch m.CredentialSpecifier.(type) {
+
+	case *GrpcService_GoogleGrpc_ChannelCredentials_SslCredentials:
+
+		if all {
+			switch v := interface{}(m.GetSslCredentials()).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, GrpcService_GoogleGrpc_ChannelCredentialsValidationError{
+						field:  "SslCredentials",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, GrpcService_GoogleGrpc_ChannelCredentialsValidationError{
+						field:  "SslCredentials",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(m.GetSslCredentials()).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return GrpcService_GoogleGrpc_ChannelCredentialsValidationError{
+					field:  "SslCredentials",
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	case *GrpcService_GoogleGrpc_ChannelCredentials_GoogleDefault:
+
+		if all {
+			switch v := interface{}(m.GetGoogleDefault()).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, GrpcService_GoogleGrpc_ChannelCredentialsValidationError{
+						field:  "GoogleDefault",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, GrpcService_GoogleGrpc_ChannelCredentialsValidationError{
+						field:  "GoogleDefault",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(m.GetGoogleDefault()).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return GrpcService_GoogleGrpc_ChannelCredentialsValidationError{
+					field:  "GoogleDefault",
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	case *GrpcService_GoogleGrpc_ChannelCredentials_LocalCredentials:
+
+		if all {
+			switch v := interface{}(m.GetLocalCredentials()).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, GrpcService_GoogleGrpc_ChannelCredentialsValidationError{
+						field:  "LocalCredentials",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, GrpcService_GoogleGrpc_ChannelCredentialsValidationError{
+						field:  "LocalCredentials",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(m.GetLocalCredentials()).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return GrpcService_GoogleGrpc_ChannelCredentialsValidationError{
+					field:  "LocalCredentials",
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	default:
+		err := GrpcService_GoogleGrpc_ChannelCredentialsValidationError{
+			field:  "CredentialSpecifier",
+			reason: "value is required",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+
+	}
+
+	if len(errors) > 0 {
+		return GrpcService_GoogleGrpc_ChannelCredentialsMultiError(errors)
+	}
+	return nil
+}
+
+// GrpcService_GoogleGrpc_ChannelCredentialsMultiError is an error wrapping
+// multiple validation errors returned by
+// GrpcService_GoogleGrpc_ChannelCredentials.ValidateAll() if the designated
+// constraints aren't met.
+type GrpcService_GoogleGrpc_ChannelCredentialsMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m GrpcService_GoogleGrpc_ChannelCredentialsMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m GrpcService_GoogleGrpc_ChannelCredentialsMultiError) AllErrors() []error { return m }
+
+// GrpcService_GoogleGrpc_ChannelCredentialsValidationError is the validation
+// error returned by GrpcService_GoogleGrpc_ChannelCredentials.Validate if the
+// designated constraints aren't met.
+type GrpcService_GoogleGrpc_ChannelCredentialsValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e GrpcService_GoogleGrpc_ChannelCredentialsValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e GrpcService_GoogleGrpc_ChannelCredentialsValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e GrpcService_GoogleGrpc_ChannelCredentialsValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e GrpcService_GoogleGrpc_ChannelCredentialsValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e GrpcService_GoogleGrpc_ChannelCredentialsValidationError) ErrorName() string {
+	return "GrpcService_GoogleGrpc_ChannelCredentialsValidationError"
+}
+
+// Error satisfies the builtin error interface
+func (e GrpcService_GoogleGrpc_ChannelCredentialsValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sGrpcService_GoogleGrpc_ChannelCredentials.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = GrpcService_GoogleGrpc_ChannelCredentialsValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = GrpcService_GoogleGrpc_ChannelCredentialsValidationError{}
+
+// Validate checks the field values on GrpcService_GoogleGrpc_CallCredentials
+// with the rules defined in the proto definition for this message. If any
+// rules are violated, the first error encountered is returned, or nil if
+// there are no violations.
+func (m *GrpcService_GoogleGrpc_CallCredentials) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on
+// GrpcService_GoogleGrpc_CallCredentials with the rules defined in the proto
+// definition for this message. If any rules are violated, the result is a
+// list of violation errors wrapped in
+// GrpcService_GoogleGrpc_CallCredentialsMultiError, or nil if none found.
+func (m *GrpcService_GoogleGrpc_CallCredentials) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *GrpcService_GoogleGrpc_CallCredentials) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	switch m.CredentialSpecifier.(type) {
+
+	case *GrpcService_GoogleGrpc_CallCredentials_AccessToken:
+		// no validation rules for AccessToken
+
+	case *GrpcService_GoogleGrpc_CallCredentials_GoogleComputeEngine:
+
+		if all {
+			switch v := interface{}(m.GetGoogleComputeEngine()).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, GrpcService_GoogleGrpc_CallCredentialsValidationError{
+						field:  "GoogleComputeEngine",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, GrpcService_GoogleGrpc_CallCredentialsValidationError{
+						field:  "GoogleComputeEngine",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(m.GetGoogleComputeEngine()).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return GrpcService_GoogleGrpc_CallCredentialsValidationError{
+					field:  "GoogleComputeEngine",
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	case *GrpcService_GoogleGrpc_CallCredentials_GoogleRefreshToken:
+		// no validation rules for GoogleRefreshToken
+
+	case *GrpcService_GoogleGrpc_CallCredentials_ServiceAccountJwtAccess:
+
+		if all {
+			switch v := interface{}(m.GetServiceAccountJwtAccess()).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, GrpcService_GoogleGrpc_CallCredentialsValidationError{
+						field:  "ServiceAccountJwtAccess",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, GrpcService_GoogleGrpc_CallCredentialsValidationError{
+						field:  "ServiceAccountJwtAccess",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(m.GetServiceAccountJwtAccess()).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return GrpcService_GoogleGrpc_CallCredentialsValidationError{
+					field:  "ServiceAccountJwtAccess",
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	case *GrpcService_GoogleGrpc_CallCredentials_GoogleIam:
+
+		if all {
+			switch v := interface{}(m.GetGoogleIam()).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, GrpcService_GoogleGrpc_CallCredentialsValidationError{
+						field:  "GoogleIam",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, GrpcService_GoogleGrpc_CallCredentialsValidationError{
+						field:  "GoogleIam",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(m.GetGoogleIam()).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return GrpcService_GoogleGrpc_CallCredentialsValidationError{
+					field:  "GoogleIam",
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	case *GrpcService_GoogleGrpc_CallCredentials_FromPlugin:
+
+		if all {
+			switch v := interface{}(m.GetFromPlugin()).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, GrpcService_GoogleGrpc_CallCredentialsValidationError{
+						field:  "FromPlugin",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, GrpcService_GoogleGrpc_CallCredentialsValidationError{
+						field:  "FromPlugin",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(m.GetFromPlugin()).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return GrpcService_GoogleGrpc_CallCredentialsValidationError{
+					field:  "FromPlugin",
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	case *GrpcService_GoogleGrpc_CallCredentials_StsService_:
+
+		if all {
+			switch v := interface{}(m.GetStsService()).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, GrpcService_GoogleGrpc_CallCredentialsValidationError{
+						field:  "StsService",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, GrpcService_GoogleGrpc_CallCredentialsValidationError{
+						field:  "StsService",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(m.GetStsService()).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return GrpcService_GoogleGrpc_CallCredentialsValidationError{
+					field:  "StsService",
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	default:
+		err := GrpcService_GoogleGrpc_CallCredentialsValidationError{
+			field:  "CredentialSpecifier",
+			reason: "value is required",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+
+	}
+
+	if len(errors) > 0 {
+		return GrpcService_GoogleGrpc_CallCredentialsMultiError(errors)
+	}
+	return nil
+}
+
+// GrpcService_GoogleGrpc_CallCredentialsMultiError is an error wrapping
+// multiple validation errors returned by
+// GrpcService_GoogleGrpc_CallCredentials.ValidateAll() if the designated
+// constraints aren't met.
+type GrpcService_GoogleGrpc_CallCredentialsMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m GrpcService_GoogleGrpc_CallCredentialsMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m GrpcService_GoogleGrpc_CallCredentialsMultiError) AllErrors() []error { return m }
+
+// GrpcService_GoogleGrpc_CallCredentialsValidationError is the validation
+// error returned by GrpcService_GoogleGrpc_CallCredentials.Validate if the
+// designated constraints aren't met.
+type GrpcService_GoogleGrpc_CallCredentialsValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e GrpcService_GoogleGrpc_CallCredentialsValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e GrpcService_GoogleGrpc_CallCredentialsValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e GrpcService_GoogleGrpc_CallCredentialsValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e GrpcService_GoogleGrpc_CallCredentialsValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e GrpcService_GoogleGrpc_CallCredentialsValidationError) ErrorName() string {
+	return "GrpcService_GoogleGrpc_CallCredentialsValidationError"
+}
+
+// Error satisfies the builtin error interface
+func (e GrpcService_GoogleGrpc_CallCredentialsValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sGrpcService_GoogleGrpc_CallCredentials.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = GrpcService_GoogleGrpc_CallCredentialsValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = GrpcService_GoogleGrpc_CallCredentialsValidationError{}
+
+// Validate checks the field values on GrpcService_GoogleGrpc_ChannelArgs with
+// the rules defined in the proto definition for this message. If any rules
+// are violated, the first error encountered is returned, or nil if there are
+// no violations.
+func (m *GrpcService_GoogleGrpc_ChannelArgs) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on GrpcService_GoogleGrpc_ChannelArgs
+// with the rules defined in the proto definition for this message. If any
+// rules are violated, the result is a list of violation errors wrapped in
+// GrpcService_GoogleGrpc_ChannelArgsMultiError, or nil if none found.
+func (m *GrpcService_GoogleGrpc_ChannelArgs) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *GrpcService_GoogleGrpc_ChannelArgs) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	{
+		sorted_keys := make([]string, len(m.GetArgs()))
+		i := 0
+		for key := range m.GetArgs() {
+			sorted_keys[i] = key
+			i++
+		}
+		sort.Slice(sorted_keys, func(i, j int) bool { return sorted_keys[i] < sorted_keys[j] })
+		for _, key := range sorted_keys {
+			val := m.GetArgs()[key]
+			_ = val
+
+			// no validation rules for Args[key]
+
+			if all {
+				switch v := interface{}(val).(type) {
+				case interface{ ValidateAll() error }:
+					if err := v.ValidateAll(); err != nil {
+						errors = append(errors, GrpcService_GoogleGrpc_ChannelArgsValidationError{
+							field:  fmt.Sprintf("Args[%v]", key),
+							reason: "embedded message failed validation",
+							cause:  err,
+						})
+					}
+				case interface{ Validate() error }:
+					if err := v.Validate(); err != nil {
+						errors = append(errors, GrpcService_GoogleGrpc_ChannelArgsValidationError{
+							field:  fmt.Sprintf("Args[%v]", key),
+							reason: "embedded message failed validation",
+							cause:  err,
+						})
+					}
+				}
+			} else if v, ok := interface{}(val).(interface{ Validate() error }); ok {
+				if err := v.Validate(); err != nil {
+					return GrpcService_GoogleGrpc_ChannelArgsValidationError{
+						field:  fmt.Sprintf("Args[%v]", key),
+						reason: "embedded message failed validation",
+						cause:  err,
+					}
+				}
+			}
+
+		}
+	}
+
+	if len(errors) > 0 {
+		return GrpcService_GoogleGrpc_ChannelArgsMultiError(errors)
+	}
+	return nil
+}
+
+// GrpcService_GoogleGrpc_ChannelArgsMultiError is an error wrapping multiple
+// validation errors returned by
+// GrpcService_GoogleGrpc_ChannelArgs.ValidateAll() if the designated
+// constraints aren't met.
+type GrpcService_GoogleGrpc_ChannelArgsMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m GrpcService_GoogleGrpc_ChannelArgsMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m GrpcService_GoogleGrpc_ChannelArgsMultiError) AllErrors() []error { return m }
+
+// GrpcService_GoogleGrpc_ChannelArgsValidationError is the validation error
+// returned by GrpcService_GoogleGrpc_ChannelArgs.Validate if the designated
+// constraints aren't met.
+type GrpcService_GoogleGrpc_ChannelArgsValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e GrpcService_GoogleGrpc_ChannelArgsValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e GrpcService_GoogleGrpc_ChannelArgsValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e GrpcService_GoogleGrpc_ChannelArgsValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e GrpcService_GoogleGrpc_ChannelArgsValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e GrpcService_GoogleGrpc_ChannelArgsValidationError) ErrorName() string {
+	return "GrpcService_GoogleGrpc_ChannelArgsValidationError"
+}
+
+// Error satisfies the builtin error interface
+func (e GrpcService_GoogleGrpc_ChannelArgsValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sGrpcService_GoogleGrpc_ChannelArgs.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = GrpcService_GoogleGrpc_ChannelArgsValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = GrpcService_GoogleGrpc_ChannelArgsValidationError{}
+
+// Validate checks the field values on
+// GrpcService_GoogleGrpc_CallCredentials_ServiceAccountJWTAccessCredentials
+// with the rules defined in the proto definition for this message. If any
+// rules are violated, the first error encountered is returned, or nil if
+// there are no violations.
+func (m *GrpcService_GoogleGrpc_CallCredentials_ServiceAccountJWTAccessCredentials) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on
+// GrpcService_GoogleGrpc_CallCredentials_ServiceAccountJWTAccessCredentials
+// with the rules defined in the proto definition for this message. If any
+// rules are violated, the result is a list of violation errors wrapped in
+// GrpcService_GoogleGrpc_CallCredentials_ServiceAccountJWTAccessCredentialsMultiError,
+// or nil if none found.
+func (m *GrpcService_GoogleGrpc_CallCredentials_ServiceAccountJWTAccessCredentials) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *GrpcService_GoogleGrpc_CallCredentials_ServiceAccountJWTAccessCredentials) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	// no validation rules for JsonKey
+
+	// no validation rules for TokenLifetimeSeconds
+
+	if len(errors) > 0 {
+		return GrpcService_GoogleGrpc_CallCredentials_ServiceAccountJWTAccessCredentialsMultiError(errors)
+	}
+	return nil
+}
+
+// GrpcService_GoogleGrpc_CallCredentials_ServiceAccountJWTAccessCredentialsMultiError
+// is an error wrapping multiple validation errors returned by
+// GrpcService_GoogleGrpc_CallCredentials_ServiceAccountJWTAccessCredentials.ValidateAll()
+// if the designated constraints aren't met.
+type GrpcService_GoogleGrpc_CallCredentials_ServiceAccountJWTAccessCredentialsMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m GrpcService_GoogleGrpc_CallCredentials_ServiceAccountJWTAccessCredentialsMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m GrpcService_GoogleGrpc_CallCredentials_ServiceAccountJWTAccessCredentialsMultiError) AllErrors() []error {
+	return m
+}
+
+// GrpcService_GoogleGrpc_CallCredentials_ServiceAccountJWTAccessCredentialsValidationError
+// is the validation error returned by
+// GrpcService_GoogleGrpc_CallCredentials_ServiceAccountJWTAccessCredentials.Validate
+// if the designated constraints aren't met.
+type GrpcService_GoogleGrpc_CallCredentials_ServiceAccountJWTAccessCredentialsValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e GrpcService_GoogleGrpc_CallCredentials_ServiceAccountJWTAccessCredentialsValidationError) Field() string {
+	return e.field
+}
+
+// Reason function returns reason value.
+func (e GrpcService_GoogleGrpc_CallCredentials_ServiceAccountJWTAccessCredentialsValidationError) Reason() string {
+	return e.reason
+}
+
+// Cause function returns cause value.
+func (e GrpcService_GoogleGrpc_CallCredentials_ServiceAccountJWTAccessCredentialsValidationError) Cause() error {
+	return e.cause
+}
+
+// Key function returns key value.
+func (e GrpcService_GoogleGrpc_CallCredentials_ServiceAccountJWTAccessCredentialsValidationError) Key() bool {
+	return e.key
+}
+
+// ErrorName returns error name.
+func (e GrpcService_GoogleGrpc_CallCredentials_ServiceAccountJWTAccessCredentialsValidationError) ErrorName() string {
+	return "GrpcService_GoogleGrpc_CallCredentials_ServiceAccountJWTAccessCredentialsValidationError"
+}
+
+// Error satisfies the builtin error interface
+func (e GrpcService_GoogleGrpc_CallCredentials_ServiceAccountJWTAccessCredentialsValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sGrpcService_GoogleGrpc_CallCredentials_ServiceAccountJWTAccessCredentials.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = GrpcService_GoogleGrpc_CallCredentials_ServiceAccountJWTAccessCredentialsValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = GrpcService_GoogleGrpc_CallCredentials_ServiceAccountJWTAccessCredentialsValidationError{}
+
+// Validate checks the field values on
+// GrpcService_GoogleGrpc_CallCredentials_GoogleIAMCredentials with the rules
+// defined in the proto definition for this message. If any rules are
+// violated, the first error encountered is returned, or nil if there are no violations.
+func (m *GrpcService_GoogleGrpc_CallCredentials_GoogleIAMCredentials) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on
+// GrpcService_GoogleGrpc_CallCredentials_GoogleIAMCredentials with the rules
+// defined in the proto definition for this message. If any rules are
+// violated, the result is a list of violation errors wrapped in
+// GrpcService_GoogleGrpc_CallCredentials_GoogleIAMCredentialsMultiError, or
+// nil if none found.
+func (m *GrpcService_GoogleGrpc_CallCredentials_GoogleIAMCredentials) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *GrpcService_GoogleGrpc_CallCredentials_GoogleIAMCredentials) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	// no validation rules for AuthorizationToken
+
+	// no validation rules for AuthoritySelector
+
+	if len(errors) > 0 {
+		return GrpcService_GoogleGrpc_CallCredentials_GoogleIAMCredentialsMultiError(errors)
+	}
+	return nil
+}
+
+// GrpcService_GoogleGrpc_CallCredentials_GoogleIAMCredentialsMultiError is an
+// error wrapping multiple validation errors returned by
+// GrpcService_GoogleGrpc_CallCredentials_GoogleIAMCredentials.ValidateAll()
+// if the designated constraints aren't met.
+type GrpcService_GoogleGrpc_CallCredentials_GoogleIAMCredentialsMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m GrpcService_GoogleGrpc_CallCredentials_GoogleIAMCredentialsMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m GrpcService_GoogleGrpc_CallCredentials_GoogleIAMCredentialsMultiError) AllErrors() []error {
+	return m
+}
+
+// GrpcService_GoogleGrpc_CallCredentials_GoogleIAMCredentialsValidationError
+// is the validation error returned by
+// GrpcService_GoogleGrpc_CallCredentials_GoogleIAMCredentials.Validate if the
+// designated constraints aren't met.
+type GrpcService_GoogleGrpc_CallCredentials_GoogleIAMCredentialsValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e GrpcService_GoogleGrpc_CallCredentials_GoogleIAMCredentialsValidationError) Field() string {
+	return e.field
+}
+
+// Reason function returns reason value.
+func (e GrpcService_GoogleGrpc_CallCredentials_GoogleIAMCredentialsValidationError) Reason() string {
+	return e.reason
+}
+
+// Cause function returns cause value.
+func (e GrpcService_GoogleGrpc_CallCredentials_GoogleIAMCredentialsValidationError) Cause() error {
+	return e.cause
+}
+
+// Key function returns key value.
+func (e GrpcService_GoogleGrpc_CallCredentials_GoogleIAMCredentialsValidationError) Key() bool {
+	return e.key
+}
+
+// ErrorName returns error name.
+func (e GrpcService_GoogleGrpc_CallCredentials_GoogleIAMCredentialsValidationError) ErrorName() string {
+	return "GrpcService_GoogleGrpc_CallCredentials_GoogleIAMCredentialsValidationError"
+}
+
+// Error satisfies the builtin error interface
+func (e GrpcService_GoogleGrpc_CallCredentials_GoogleIAMCredentialsValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sGrpcService_GoogleGrpc_CallCredentials_GoogleIAMCredentials.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = GrpcService_GoogleGrpc_CallCredentials_GoogleIAMCredentialsValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = GrpcService_GoogleGrpc_CallCredentials_GoogleIAMCredentialsValidationError{}
+
+// Validate checks the field values on
+// GrpcService_GoogleGrpc_CallCredentials_MetadataCredentialsFromPlugin with
+// the rules defined in the proto definition for this message. If any rules
+// are violated, the first error encountered is returned, or nil if there are
+// no violations.
+func (m *GrpcService_GoogleGrpc_CallCredentials_MetadataCredentialsFromPlugin) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on
+// GrpcService_GoogleGrpc_CallCredentials_MetadataCredentialsFromPlugin with
+// the rules defined in the proto definition for this message. If any rules
+// are violated, the result is a list of violation errors wrapped in
+// GrpcService_GoogleGrpc_CallCredentials_MetadataCredentialsFromPluginMultiError,
+// or nil if none found.
+func (m *GrpcService_GoogleGrpc_CallCredentials_MetadataCredentialsFromPlugin) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *GrpcService_GoogleGrpc_CallCredentials_MetadataCredentialsFromPlugin) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	// no validation rules for Name
+
+	switch m.ConfigType.(type) {
+
+	case *GrpcService_GoogleGrpc_CallCredentials_MetadataCredentialsFromPlugin_TypedConfig:
+
+		if all {
+			switch v := interface{}(m.GetTypedConfig()).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, GrpcService_GoogleGrpc_CallCredentials_MetadataCredentialsFromPluginValidationError{
+						field:  "TypedConfig",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, GrpcService_GoogleGrpc_CallCredentials_MetadataCredentialsFromPluginValidationError{
+						field:  "TypedConfig",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(m.GetTypedConfig()).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return GrpcService_GoogleGrpc_CallCredentials_MetadataCredentialsFromPluginValidationError{
+					field:  "TypedConfig",
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	}
+
+	if len(errors) > 0 {
+		return GrpcService_GoogleGrpc_CallCredentials_MetadataCredentialsFromPluginMultiError(errors)
+	}
+	return nil
+}
+
+// GrpcService_GoogleGrpc_CallCredentials_MetadataCredentialsFromPluginMultiError
+// is an error wrapping multiple validation errors returned by
+// GrpcService_GoogleGrpc_CallCredentials_MetadataCredentialsFromPlugin.ValidateAll()
+// if the designated constraints aren't met.
+type GrpcService_GoogleGrpc_CallCredentials_MetadataCredentialsFromPluginMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m GrpcService_GoogleGrpc_CallCredentials_MetadataCredentialsFromPluginMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m GrpcService_GoogleGrpc_CallCredentials_MetadataCredentialsFromPluginMultiError) AllErrors() []error {
+	return m
+}
+
+// GrpcService_GoogleGrpc_CallCredentials_MetadataCredentialsFromPluginValidationError
+// is the validation error returned by
+// GrpcService_GoogleGrpc_CallCredentials_MetadataCredentialsFromPlugin.Validate
+// if the designated constraints aren't met.
+type GrpcService_GoogleGrpc_CallCredentials_MetadataCredentialsFromPluginValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e GrpcService_GoogleGrpc_CallCredentials_MetadataCredentialsFromPluginValidationError) Field() string {
+	return e.field
+}
+
+// Reason function returns reason value.
+func (e GrpcService_GoogleGrpc_CallCredentials_MetadataCredentialsFromPluginValidationError) Reason() string {
+	return e.reason
+}
+
+// Cause function returns cause value.
+func (e GrpcService_GoogleGrpc_CallCredentials_MetadataCredentialsFromPluginValidationError) Cause() error {
+	return e.cause
+}
+
+// Key function returns key value.
+func (e GrpcService_GoogleGrpc_CallCredentials_MetadataCredentialsFromPluginValidationError) Key() bool {
+	return e.key
+}
+
+// ErrorName returns error name.
+func (e GrpcService_GoogleGrpc_CallCredentials_MetadataCredentialsFromPluginValidationError) ErrorName() string {
+	return "GrpcService_GoogleGrpc_CallCredentials_MetadataCredentialsFromPluginValidationError"
+}
+
+// Error satisfies the builtin error interface
+func (e GrpcService_GoogleGrpc_CallCredentials_MetadataCredentialsFromPluginValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sGrpcService_GoogleGrpc_CallCredentials_MetadataCredentialsFromPlugin.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = GrpcService_GoogleGrpc_CallCredentials_MetadataCredentialsFromPluginValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = GrpcService_GoogleGrpc_CallCredentials_MetadataCredentialsFromPluginValidationError{}
+
+// Validate checks the field values on
+// GrpcService_GoogleGrpc_CallCredentials_StsService with the rules defined in
+// the proto definition for this message. If any rules are violated, the first
+// error encountered is returned, or nil if there are no violations.
+func (m *GrpcService_GoogleGrpc_CallCredentials_StsService) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on
+// GrpcService_GoogleGrpc_CallCredentials_StsService with the rules defined in
+// the proto definition for this message. If any rules are violated, the
+// result is a list of violation errors wrapped in
+// GrpcService_GoogleGrpc_CallCredentials_StsServiceMultiError, or nil if none found.
+func (m *GrpcService_GoogleGrpc_CallCredentials_StsService) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *GrpcService_GoogleGrpc_CallCredentials_StsService) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	// no validation rules for TokenExchangeServiceUri
+
+	// no validation rules for Resource
+
+	// no validation rules for Audience
+
+	// no validation rules for Scope
+
+	// no validation rules for RequestedTokenType
+
+	if utf8.RuneCountInString(m.GetSubjectTokenPath()) < 1 {
+		err := GrpcService_GoogleGrpc_CallCredentials_StsServiceValidationError{
+			field:  "SubjectTokenPath",
+			reason: "value length must be at least 1 runes",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+	}
+
+	if utf8.RuneCountInString(m.GetSubjectTokenType()) < 1 {
+		err := GrpcService_GoogleGrpc_CallCredentials_StsServiceValidationError{
+			field:  "SubjectTokenType",
+			reason: "value length must be at least 1 runes",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+	}
+
+	// no validation rules for ActorTokenPath
+
+	// no validation rules for ActorTokenType
+
+	if len(errors) > 0 {
+		return GrpcService_GoogleGrpc_CallCredentials_StsServiceMultiError(errors)
+	}
+	return nil
+}
+
+// GrpcService_GoogleGrpc_CallCredentials_StsServiceMultiError is an error
+// wrapping multiple validation errors returned by
+// GrpcService_GoogleGrpc_CallCredentials_StsService.ValidateAll() if the
+// designated constraints aren't met.
+type GrpcService_GoogleGrpc_CallCredentials_StsServiceMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m GrpcService_GoogleGrpc_CallCredentials_StsServiceMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m GrpcService_GoogleGrpc_CallCredentials_StsServiceMultiError) AllErrors() []error { return m }
+
+// GrpcService_GoogleGrpc_CallCredentials_StsServiceValidationError is the
+// validation error returned by
+// GrpcService_GoogleGrpc_CallCredentials_StsService.Validate if the
+// designated constraints aren't met.
+type GrpcService_GoogleGrpc_CallCredentials_StsServiceValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e GrpcService_GoogleGrpc_CallCredentials_StsServiceValidationError) Field() string {
+	return e.field
+}
+
+// Reason function returns reason value.
+func (e GrpcService_GoogleGrpc_CallCredentials_StsServiceValidationError) Reason() string {
+	return e.reason
+}
+
+// Cause function returns cause value.
+func (e GrpcService_GoogleGrpc_CallCredentials_StsServiceValidationError) Cause() error {
+	return e.cause
+}
+
+// Key function returns key value.
+func (e GrpcService_GoogleGrpc_CallCredentials_StsServiceValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e GrpcService_GoogleGrpc_CallCredentials_StsServiceValidationError) ErrorName() string {
+	return "GrpcService_GoogleGrpc_CallCredentials_StsServiceValidationError"
+}
+
+// Error satisfies the builtin error interface
+func (e GrpcService_GoogleGrpc_CallCredentials_StsServiceValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sGrpcService_GoogleGrpc_CallCredentials_StsService.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = GrpcService_GoogleGrpc_CallCredentials_StsServiceValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = GrpcService_GoogleGrpc_CallCredentials_StsServiceValidationError{}
+
+// Validate checks the field values on GrpcService_GoogleGrpc_ChannelArgs_Value
+// with the rules defined in the proto definition for this message. If any
+// rules are violated, the first error encountered is returned, or nil if
+// there are no violations.
+func (m *GrpcService_GoogleGrpc_ChannelArgs_Value) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on
+// GrpcService_GoogleGrpc_ChannelArgs_Value with the rules defined in the
+// proto definition for this message. If any rules are violated, the result is
+// a list of violation errors wrapped in
+// GrpcService_GoogleGrpc_ChannelArgs_ValueMultiError, or nil if none found.
+func (m *GrpcService_GoogleGrpc_ChannelArgs_Value) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *GrpcService_GoogleGrpc_ChannelArgs_Value) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	switch m.ValueSpecifier.(type) {
+
+	case *GrpcService_GoogleGrpc_ChannelArgs_Value_StringValue:
+		// no validation rules for StringValue
+
+	case *GrpcService_GoogleGrpc_ChannelArgs_Value_IntValue:
+		// no validation rules for IntValue
+
+	default:
+		err := GrpcService_GoogleGrpc_ChannelArgs_ValueValidationError{
+			field:  "ValueSpecifier",
+			reason: "value is required",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+
+	}
+
+	if len(errors) > 0 {
+		return GrpcService_GoogleGrpc_ChannelArgs_ValueMultiError(errors)
+	}
+	return nil
+}
+
+// GrpcService_GoogleGrpc_ChannelArgs_ValueMultiError is an error wrapping
+// multiple validation errors returned by
+// GrpcService_GoogleGrpc_ChannelArgs_Value.ValidateAll() if the designated
+// constraints aren't met.
+type GrpcService_GoogleGrpc_ChannelArgs_ValueMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m GrpcService_GoogleGrpc_ChannelArgs_ValueMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m GrpcService_GoogleGrpc_ChannelArgs_ValueMultiError) AllErrors() []error { return m }
+
+// GrpcService_GoogleGrpc_ChannelArgs_ValueValidationError is the validation
+// error returned by GrpcService_GoogleGrpc_ChannelArgs_Value.Validate if the
+// designated constraints aren't met.
+type GrpcService_GoogleGrpc_ChannelArgs_ValueValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e GrpcService_GoogleGrpc_ChannelArgs_ValueValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e GrpcService_GoogleGrpc_ChannelArgs_ValueValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e GrpcService_GoogleGrpc_ChannelArgs_ValueValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e GrpcService_GoogleGrpc_ChannelArgs_ValueValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e GrpcService_GoogleGrpc_ChannelArgs_ValueValidationError) ErrorName() string {
+	return "GrpcService_GoogleGrpc_ChannelArgs_ValueValidationError"
+}
+
+// Error satisfies the builtin error interface
+func (e GrpcService_GoogleGrpc_ChannelArgs_ValueValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sGrpcService_GoogleGrpc_ChannelArgs_Value.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = GrpcService_GoogleGrpc_ChannelArgs_ValueValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = GrpcService_GoogleGrpc_ChannelArgs_ValueValidationError{}
diff --git a/vendor/github.com/envoyproxy/go-control-plane/envoy/config/core/v3/health_check.pb.go b/vendor/github.com/envoyproxy/go-control-plane/envoy/config/core/v3/health_check.pb.go
new file mode 100644
index 00000000000..15e9c3ec800
--- /dev/null
+++ b/vendor/github.com/envoyproxy/go-control-plane/envoy/config/core/v3/health_check.pb.go
@@ -0,0 +1,1499 @@
+// Code generated by protoc-gen-go. DO NOT EDIT.
+// versions:
+// 	protoc-gen-go v1.25.0
+// 	protoc        v3.19.1
+// source: envoy/config/core/v3/health_check.proto
+
+package envoy_config_core_v3
+
+import (
+	_ "github.com/cncf/xds/go/udpa/annotations"
+	v31 "github.com/envoyproxy/go-control-plane/envoy/type/matcher/v3"
+	v3 "github.com/envoyproxy/go-control-plane/envoy/type/v3"
+	_ "github.com/envoyproxy/protoc-gen-validate/validate"
+	proto "github.com/golang/protobuf/proto"
+	any "github.com/golang/protobuf/ptypes/any"
+	duration "github.com/golang/protobuf/ptypes/duration"
+	_struct "github.com/golang/protobuf/ptypes/struct"
+	wrappers "github.com/golang/protobuf/ptypes/wrappers"
+	protoreflect "google.golang.org/protobuf/reflect/protoreflect"
+	protoimpl "google.golang.org/protobuf/runtime/protoimpl"
+	reflect "reflect"
+	sync "sync"
+)
+
+const (
+	// Verify that this generated code is sufficiently up-to-date.
+	_ = protoimpl.EnforceVersion(20 - protoimpl.MinVersion)
+	// Verify that runtime/protoimpl is sufficiently up-to-date.
+	_ = protoimpl.EnforceVersion(protoimpl.MaxVersion - 20)
+)
+
+// This is a compile-time assertion that a sufficiently up-to-date version
+// of the legacy proto package is being used.
+const _ = proto.ProtoPackageIsVersion4
+
+// Endpoint health status.
+type HealthStatus int32
+
+const (
+	// The health status is not known. This is interpreted by Envoy as *HEALTHY*.
+	HealthStatus_UNKNOWN HealthStatus = 0
+	// Healthy.
+	HealthStatus_HEALTHY HealthStatus = 1
+	// Unhealthy.
+	HealthStatus_UNHEALTHY HealthStatus = 2
+	// Connection draining in progress. E.g.,
+	// `<https://aws.amazon.com/blogs/aws/elb-connection-draining-remove-instances-from-service-with-care/>`_
+	// or
+	// `<https://cloud.google.com/compute/docs/load-balancing/enabling-connection-draining>`_.
+	// This is interpreted by Envoy as *UNHEALTHY*.
+	HealthStatus_DRAINING HealthStatus = 3
+	// Health check timed out. This is part of HDS and is interpreted by Envoy as
+	// *UNHEALTHY*.
+	HealthStatus_TIMEOUT HealthStatus = 4
+	// Degraded.
+	HealthStatus_DEGRADED HealthStatus = 5
+)
+
+// Enum value maps for HealthStatus.
+var (
+	HealthStatus_name = map[int32]string{
+		0: "UNKNOWN",
+		1: "HEALTHY",
+		2: "UNHEALTHY",
+		3: "DRAINING",
+		4: "TIMEOUT",
+		5: "DEGRADED",
+	}
+	HealthStatus_value = map[string]int32{
+		"UNKNOWN":   0,
+		"HEALTHY":   1,
+		"UNHEALTHY": 2,
+		"DRAINING":  3,
+		"TIMEOUT":   4,
+		"DEGRADED":  5,
+	}
+)
+
+func (x HealthStatus) Enum() *HealthStatus {
+	p := new(HealthStatus)
+	*p = x
+	return p
+}
+
+func (x HealthStatus) String() string {
+	return protoimpl.X.EnumStringOf(x.Descriptor(), protoreflect.EnumNumber(x))
+}
+
+func (HealthStatus) Descriptor() protoreflect.EnumDescriptor {
+	return file_envoy_config_core_v3_health_check_proto_enumTypes[0].Descriptor()
+}
+
+func (HealthStatus) Type() protoreflect.EnumType {
+	return &file_envoy_config_core_v3_health_check_proto_enumTypes[0]
+}
+
+func (x HealthStatus) Number() protoreflect.EnumNumber {
+	return protoreflect.EnumNumber(x)
+}
+
+// Deprecated: Use HealthStatus.Descriptor instead.
+func (HealthStatus) EnumDescriptor() ([]byte, []int) {
+	return file_envoy_config_core_v3_health_check_proto_rawDescGZIP(), []int{0}
+}
+
+// [#next-free-field: 25]
+type HealthCheck struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// The time to wait for a health check response. If the timeout is reached the
+	// health check attempt will be considered a failure.
+	Timeout *duration.Duration `protobuf:"bytes,1,opt,name=timeout,proto3" json:"timeout,omitempty"`
+	// The interval between health checks.
+	Interval *duration.Duration `protobuf:"bytes,2,opt,name=interval,proto3" json:"interval,omitempty"`
+	// An optional jitter amount in milliseconds. If specified, Envoy will start health
+	// checking after for a random time in ms between 0 and initial_jitter. This only
+	// applies to the first health check.
+	InitialJitter *duration.Duration `protobuf:"bytes,20,opt,name=initial_jitter,json=initialJitter,proto3" json:"initial_jitter,omitempty"`
+	// An optional jitter amount in milliseconds. If specified, during every
+	// interval Envoy will add interval_jitter to the wait time.
+	IntervalJitter *duration.Duration `protobuf:"bytes,3,opt,name=interval_jitter,json=intervalJitter,proto3" json:"interval_jitter,omitempty"`
+	// An optional jitter amount as a percentage of interval_ms. If specified,
+	// during every interval Envoy will add interval_ms *
+	// interval_jitter_percent / 100 to the wait time.
+	//
+	// If interval_jitter_ms and interval_jitter_percent are both set, both of
+	// them will be used to increase the wait time.
+	IntervalJitterPercent uint32 `protobuf:"varint,18,opt,name=interval_jitter_percent,json=intervalJitterPercent,proto3" json:"interval_jitter_percent,omitempty"`
+	// The number of unhealthy health checks required before a host is marked
+	// unhealthy. Note that for *http* health checking if a host responds with a code not in
+	// :ref:`expected_statuses <envoy_v3_api_field_config.core.v3.HealthCheck.HttpHealthCheck.expected_statuses>`
+	// or :ref:`retriable_statuses <envoy_v3_api_field_config.core.v3.HealthCheck.HttpHealthCheck.retriable_statuses>`,
+	// this threshold is ignored and the host is considered immediately unhealthy.
+	UnhealthyThreshold *wrappers.UInt32Value `protobuf:"bytes,4,opt,name=unhealthy_threshold,json=unhealthyThreshold,proto3" json:"unhealthy_threshold,omitempty"`
+	// The number of healthy health checks required before a host is marked
+	// healthy. Note that during startup, only a single successful health check is
+	// required to mark a host healthy.
+	HealthyThreshold *wrappers.UInt32Value `protobuf:"bytes,5,opt,name=healthy_threshold,json=healthyThreshold,proto3" json:"healthy_threshold,omitempty"`
+	// [#not-implemented-hide:] Non-serving port for health checking.
+	AltPort *wrappers.UInt32Value `protobuf:"bytes,6,opt,name=alt_port,json=altPort,proto3" json:"alt_port,omitempty"`
+	// Reuse health check connection between health checks. Default is true.
+	ReuseConnection *wrappers.BoolValue `protobuf:"bytes,7,opt,name=reuse_connection,json=reuseConnection,proto3" json:"reuse_connection,omitempty"`
+	// Types that are assignable to HealthChecker:
+	//	*HealthCheck_HttpHealthCheck_
+	//	*HealthCheck_TcpHealthCheck_
+	//	*HealthCheck_GrpcHealthCheck_
+	//	*HealthCheck_CustomHealthCheck_
+	HealthChecker isHealthCheck_HealthChecker `protobuf_oneof:"health_checker"`
+	// The "no traffic interval" is a special health check interval that is used when a cluster has
+	// never had traffic routed to it. This lower interval allows cluster information to be kept up to
+	// date, without sending a potentially large amount of active health checking traffic for no
+	// reason. Once a cluster has been used for traffic routing, Envoy will shift back to using the
+	// standard health check interval that is defined. Note that this interval takes precedence over
+	// any other.
+	//
+	// The default value for "no traffic interval" is 60 seconds.
+	NoTrafficInterval *duration.Duration `protobuf:"bytes,12,opt,name=no_traffic_interval,json=noTrafficInterval,proto3" json:"no_traffic_interval,omitempty"`
+	// The "no traffic healthy interval" is a special health check interval that
+	// is used for hosts that are currently passing active health checking
+	// (including new hosts) when the cluster has received no traffic.
+	//
+	// This is useful for when we want to send frequent health checks with
+	// `no_traffic_interval` but then revert to lower frequency `no_traffic_healthy_interval` once
+	// a host in the cluster is marked as healthy.
+	//
+	// Once a cluster has been used for traffic routing, Envoy will shift back to using the
+	// standard health check interval that is defined.
+	//
+	// If no_traffic_healthy_interval is not set, it will default to the
+	// no traffic interval and send that interval regardless of health state.
+	NoTrafficHealthyInterval *duration.Duration `protobuf:"bytes,24,opt,name=no_traffic_healthy_interval,json=noTrafficHealthyInterval,proto3" json:"no_traffic_healthy_interval,omitempty"`
+	// The "unhealthy interval" is a health check interval that is used for hosts that are marked as
+	// unhealthy. As soon as the host is marked as healthy, Envoy will shift back to using the
+	// standard health check interval that is defined.
+	//
+	// The default value for "unhealthy interval" is the same as "interval".
+	UnhealthyInterval *duration.Duration `protobuf:"bytes,14,opt,name=unhealthy_interval,json=unhealthyInterval,proto3" json:"unhealthy_interval,omitempty"`
+	// The "unhealthy edge interval" is a special health check interval that is used for the first
+	// health check right after a host is marked as unhealthy. For subsequent health checks
+	// Envoy will shift back to using either "unhealthy interval" if present or the standard health
+	// check interval that is defined.
+	//
+	// The default value for "unhealthy edge interval" is the same as "unhealthy interval".
+	UnhealthyEdgeInterval *duration.Duration `protobuf:"bytes,15,opt,name=unhealthy_edge_interval,json=unhealthyEdgeInterval,proto3" json:"unhealthy_edge_interval,omitempty"`
+	// The "healthy edge interval" is a special health check interval that is used for the first
+	// health check right after a host is marked as healthy. For subsequent health checks
+	// Envoy will shift back to using the standard health check interval that is defined.
+	//
+	// The default value for "healthy edge interval" is the same as the default interval.
+	HealthyEdgeInterval *duration.Duration `protobuf:"bytes,16,opt,name=healthy_edge_interval,json=healthyEdgeInterval,proto3" json:"healthy_edge_interval,omitempty"`
+	// Specifies the path to the :ref:`health check event log <arch_overview_health_check_logging>`.
+	// If empty, no event log will be written.
+	EventLogPath string `protobuf:"bytes,17,opt,name=event_log_path,json=eventLogPath,proto3" json:"event_log_path,omitempty"`
+	// [#not-implemented-hide:]
+	// The gRPC service for the health check event service.
+	// If empty, health check events won't be sent to a remote endpoint.
+	EventService *EventServiceConfig `protobuf:"bytes,22,opt,name=event_service,json=eventService,proto3" json:"event_service,omitempty"`
+	// If set to true, health check failure events will always be logged. If set to false, only the
+	// initial health check failure event will be logged.
+	// The default value is false.
+	AlwaysLogHealthCheckFailures bool `protobuf:"varint,19,opt,name=always_log_health_check_failures,json=alwaysLogHealthCheckFailures,proto3" json:"always_log_health_check_failures,omitempty"`
+	// This allows overriding the cluster TLS settings, just for health check connections.
+	TlsOptions *HealthCheck_TlsOptions `protobuf:"bytes,21,opt,name=tls_options,json=tlsOptions,proto3" json:"tls_options,omitempty"`
+	// Optional key/value pairs that will be used to match a transport socket from those specified in the cluster's
+	// :ref:`tranport socket matches <envoy_v3_api_field_config.cluster.v3.Cluster.transport_socket_matches>`.
+	// For example, the following match criteria
+	//
+	// .. code-block:: yaml
+	//
+	//  transport_socket_match_criteria:
+	//    useMTLS: true
+	//
+	// Will match the following :ref:`cluster socket match <envoy_v3_api_msg_config.cluster.v3.Cluster.TransportSocketMatch>`
+	//
+	// .. code-block:: yaml
+	//
+	//  transport_socket_matches:
+	//  - name: "useMTLS"
+	//    match:
+	//      useMTLS: true
+	//    transport_socket:
+	//      name: envoy.transport_sockets.tls
+	//      config: { ... } # tls socket configuration
+	//
+	// If this field is set, then for health checks it will supersede an entry of *envoy.transport_socket* in the
+	// :ref:`LbEndpoint.Metadata <envoy_v3_api_field_config.endpoint.v3.LbEndpoint.metadata>`.
+	// This allows using different transport socket capabilities for health checking versus proxying to the
+	// endpoint.
+	//
+	// If the key/values pairs specified do not match any
+	// :ref:`transport socket matches <envoy_v3_api_field_config.cluster.v3.Cluster.transport_socket_matches>`,
+	// the cluster's :ref:`transport socket <envoy_v3_api_field_config.cluster.v3.Cluster.transport_socket>`
+	// will be used for health check socket configuration.
+	TransportSocketMatchCriteria *_struct.Struct `protobuf:"bytes,23,opt,name=transport_socket_match_criteria,json=transportSocketMatchCriteria,proto3" json:"transport_socket_match_criteria,omitempty"`
+}
+
+func (x *HealthCheck) Reset() {
+	*x = HealthCheck{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_config_core_v3_health_check_proto_msgTypes[0]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *HealthCheck) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*HealthCheck) ProtoMessage() {}
+
+func (x *HealthCheck) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_config_core_v3_health_check_proto_msgTypes[0]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use HealthCheck.ProtoReflect.Descriptor instead.
+func (*HealthCheck) Descriptor() ([]byte, []int) {
+	return file_envoy_config_core_v3_health_check_proto_rawDescGZIP(), []int{0}
+}
+
+func (x *HealthCheck) GetTimeout() *duration.Duration {
+	if x != nil {
+		return x.Timeout
+	}
+	return nil
+}
+
+func (x *HealthCheck) GetInterval() *duration.Duration {
+	if x != nil {
+		return x.Interval
+	}
+	return nil
+}
+
+func (x *HealthCheck) GetInitialJitter() *duration.Duration {
+	if x != nil {
+		return x.InitialJitter
+	}
+	return nil
+}
+
+func (x *HealthCheck) GetIntervalJitter() *duration.Duration {
+	if x != nil {
+		return x.IntervalJitter
+	}
+	return nil
+}
+
+func (x *HealthCheck) GetIntervalJitterPercent() uint32 {
+	if x != nil {
+		return x.IntervalJitterPercent
+	}
+	return 0
+}
+
+func (x *HealthCheck) GetUnhealthyThreshold() *wrappers.UInt32Value {
+	if x != nil {
+		return x.UnhealthyThreshold
+	}
+	return nil
+}
+
+func (x *HealthCheck) GetHealthyThreshold() *wrappers.UInt32Value {
+	if x != nil {
+		return x.HealthyThreshold
+	}
+	return nil
+}
+
+func (x *HealthCheck) GetAltPort() *wrappers.UInt32Value {
+	if x != nil {
+		return x.AltPort
+	}
+	return nil
+}
+
+func (x *HealthCheck) GetReuseConnection() *wrappers.BoolValue {
+	if x != nil {
+		return x.ReuseConnection
+	}
+	return nil
+}
+
+func (m *HealthCheck) GetHealthChecker() isHealthCheck_HealthChecker {
+	if m != nil {
+		return m.HealthChecker
+	}
+	return nil
+}
+
+func (x *HealthCheck) GetHttpHealthCheck() *HealthCheck_HttpHealthCheck {
+	if x, ok := x.GetHealthChecker().(*HealthCheck_HttpHealthCheck_); ok {
+		return x.HttpHealthCheck
+	}
+	return nil
+}
+
+func (x *HealthCheck) GetTcpHealthCheck() *HealthCheck_TcpHealthCheck {
+	if x, ok := x.GetHealthChecker().(*HealthCheck_TcpHealthCheck_); ok {
+		return x.TcpHealthCheck
+	}
+	return nil
+}
+
+func (x *HealthCheck) GetGrpcHealthCheck() *HealthCheck_GrpcHealthCheck {
+	if x, ok := x.GetHealthChecker().(*HealthCheck_GrpcHealthCheck_); ok {
+		return x.GrpcHealthCheck
+	}
+	return nil
+}
+
+func (x *HealthCheck) GetCustomHealthCheck() *HealthCheck_CustomHealthCheck {
+	if x, ok := x.GetHealthChecker().(*HealthCheck_CustomHealthCheck_); ok {
+		return x.CustomHealthCheck
+	}
+	return nil
+}
+
+func (x *HealthCheck) GetNoTrafficInterval() *duration.Duration {
+	if x != nil {
+		return x.NoTrafficInterval
+	}
+	return nil
+}
+
+func (x *HealthCheck) GetNoTrafficHealthyInterval() *duration.Duration {
+	if x != nil {
+		return x.NoTrafficHealthyInterval
+	}
+	return nil
+}
+
+func (x *HealthCheck) GetUnhealthyInterval() *duration.Duration {
+	if x != nil {
+		return x.UnhealthyInterval
+	}
+	return nil
+}
+
+func (x *HealthCheck) GetUnhealthyEdgeInterval() *duration.Duration {
+	if x != nil {
+		return x.UnhealthyEdgeInterval
+	}
+	return nil
+}
+
+func (x *HealthCheck) GetHealthyEdgeInterval() *duration.Duration {
+	if x != nil {
+		return x.HealthyEdgeInterval
+	}
+	return nil
+}
+
+func (x *HealthCheck) GetEventLogPath() string {
+	if x != nil {
+		return x.EventLogPath
+	}
+	return ""
+}
+
+func (x *HealthCheck) GetEventService() *EventServiceConfig {
+	if x != nil {
+		return x.EventService
+	}
+	return nil
+}
+
+func (x *HealthCheck) GetAlwaysLogHealthCheckFailures() bool {
+	if x != nil {
+		return x.AlwaysLogHealthCheckFailures
+	}
+	return false
+}
+
+func (x *HealthCheck) GetTlsOptions() *HealthCheck_TlsOptions {
+	if x != nil {
+		return x.TlsOptions
+	}
+	return nil
+}
+
+func (x *HealthCheck) GetTransportSocketMatchCriteria() *_struct.Struct {
+	if x != nil {
+		return x.TransportSocketMatchCriteria
+	}
+	return nil
+}
+
+type isHealthCheck_HealthChecker interface {
+	isHealthCheck_HealthChecker()
+}
+
+type HealthCheck_HttpHealthCheck_ struct {
+	// HTTP health check.
+	HttpHealthCheck *HealthCheck_HttpHealthCheck `protobuf:"bytes,8,opt,name=http_health_check,json=httpHealthCheck,proto3,oneof"`
+}
+
+type HealthCheck_TcpHealthCheck_ struct {
+	// TCP health check.
+	TcpHealthCheck *HealthCheck_TcpHealthCheck `protobuf:"bytes,9,opt,name=tcp_health_check,json=tcpHealthCheck,proto3,oneof"`
+}
+
+type HealthCheck_GrpcHealthCheck_ struct {
+	// gRPC health check.
+	GrpcHealthCheck *HealthCheck_GrpcHealthCheck `protobuf:"bytes,11,opt,name=grpc_health_check,json=grpcHealthCheck,proto3,oneof"`
+}
+
+type HealthCheck_CustomHealthCheck_ struct {
+	// Custom health check.
+	CustomHealthCheck *HealthCheck_CustomHealthCheck `protobuf:"bytes,13,opt,name=custom_health_check,json=customHealthCheck,proto3,oneof"`
+}
+
+func (*HealthCheck_HttpHealthCheck_) isHealthCheck_HealthChecker() {}
+
+func (*HealthCheck_TcpHealthCheck_) isHealthCheck_HealthChecker() {}
+
+func (*HealthCheck_GrpcHealthCheck_) isHealthCheck_HealthChecker() {}
+
+func (*HealthCheck_CustomHealthCheck_) isHealthCheck_HealthChecker() {}
+
+// Describes the encoding of the payload bytes in the payload.
+type HealthCheck_Payload struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// Types that are assignable to Payload:
+	//	*HealthCheck_Payload_Text
+	//	*HealthCheck_Payload_Binary
+	Payload isHealthCheck_Payload_Payload `protobuf_oneof:"payload"`
+}
+
+func (x *HealthCheck_Payload) Reset() {
+	*x = HealthCheck_Payload{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_config_core_v3_health_check_proto_msgTypes[1]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *HealthCheck_Payload) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*HealthCheck_Payload) ProtoMessage() {}
+
+func (x *HealthCheck_Payload) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_config_core_v3_health_check_proto_msgTypes[1]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use HealthCheck_Payload.ProtoReflect.Descriptor instead.
+func (*HealthCheck_Payload) Descriptor() ([]byte, []int) {
+	return file_envoy_config_core_v3_health_check_proto_rawDescGZIP(), []int{0, 0}
+}
+
+func (m *HealthCheck_Payload) GetPayload() isHealthCheck_Payload_Payload {
+	if m != nil {
+		return m.Payload
+	}
+	return nil
+}
+
+func (x *HealthCheck_Payload) GetText() string {
+	if x, ok := x.GetPayload().(*HealthCheck_Payload_Text); ok {
+		return x.Text
+	}
+	return ""
+}
+
+func (x *HealthCheck_Payload) GetBinary() []byte {
+	if x, ok := x.GetPayload().(*HealthCheck_Payload_Binary); ok {
+		return x.Binary
+	}
+	return nil
+}
+
+type isHealthCheck_Payload_Payload interface {
+	isHealthCheck_Payload_Payload()
+}
+
+type HealthCheck_Payload_Text struct {
+	// Hex encoded payload. E.g., "000000FF".
+	Text string `protobuf:"bytes,1,opt,name=text,proto3,oneof"`
+}
+
+type HealthCheck_Payload_Binary struct {
+	// [#not-implemented-hide:] Binary payload.
+	Binary []byte `protobuf:"bytes,2,opt,name=binary,proto3,oneof"`
+}
+
+func (*HealthCheck_Payload_Text) isHealthCheck_Payload_Payload() {}
+
+func (*HealthCheck_Payload_Binary) isHealthCheck_Payload_Payload() {}
+
+// [#next-free-field: 13]
+type HealthCheck_HttpHealthCheck struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// The value of the host header in the HTTP health check request. If
+	// left empty (default value), the name of the cluster this health check is associated
+	// with will be used. The host header can be customized for a specific endpoint by setting the
+	// :ref:`hostname <envoy_v3_api_field_config.endpoint.v3.Endpoint.HealthCheckConfig.hostname>` field.
+	Host string `protobuf:"bytes,1,opt,name=host,proto3" json:"host,omitempty"`
+	// Specifies the HTTP path that will be requested during health checking. For example
+	// */healthcheck*.
+	Path string `protobuf:"bytes,2,opt,name=path,proto3" json:"path,omitempty"`
+	// [#not-implemented-hide:] HTTP specific payload.
+	Send *HealthCheck_Payload `protobuf:"bytes,3,opt,name=send,proto3" json:"send,omitempty"`
+	// [#not-implemented-hide:] HTTP specific response.
+	Receive *HealthCheck_Payload `protobuf:"bytes,4,opt,name=receive,proto3" json:"receive,omitempty"`
+	// Specifies a list of HTTP headers that should be added to each request that is sent to the
+	// health checked cluster. For more information, including details on header value syntax, see
+	// the documentation on :ref:`custom request headers
+	// <config_http_conn_man_headers_custom_request_headers>`.
+	RequestHeadersToAdd []*HeaderValueOption `protobuf:"bytes,6,rep,name=request_headers_to_add,json=requestHeadersToAdd,proto3" json:"request_headers_to_add,omitempty"`
+	// Specifies a list of HTTP headers that should be removed from each request that is sent to the
+	// health checked cluster.
+	RequestHeadersToRemove []string `protobuf:"bytes,8,rep,name=request_headers_to_remove,json=requestHeadersToRemove,proto3" json:"request_headers_to_remove,omitempty"`
+	// Specifies a list of HTTP response statuses considered healthy. If provided, replaces default
+	// 200-only policy - 200 must be included explicitly as needed. Ranges follow half-open
+	// semantics of :ref:`Int64Range <envoy_v3_api_msg_type.v3.Int64Range>`. The start and end of each
+	// range are required. Only statuses in the range [100, 600) are allowed.
+	ExpectedStatuses []*v3.Int64Range `protobuf:"bytes,9,rep,name=expected_statuses,json=expectedStatuses,proto3" json:"expected_statuses,omitempty"`
+	// Specifies a list of HTTP response statuses considered retriable. If provided, responses in this range
+	// will count towards the configured :ref:`unhealthy_threshold <envoy_v3_api_field_config.core.v3.HealthCheck.unhealthy_threshold>`,
+	// but will not result in the host being considered immediately unhealthy. Ranges follow half-open semantics of
+	// :ref:`Int64Range <envoy_v3_api_msg_type.v3.Int64Range>`. The start and end of each range are required.
+	// Only statuses in the range [100, 600) are allowed. The :ref:`expected_statuses <envoy_v3_api_field_config.core.v3.HealthCheck.HttpHealthCheck.expected_statuses>`
+	// field takes precedence for any range overlaps with this field i.e. if status code 200 is both retriable and expected, a 200 response will
+	// be considered a successful health check. By default all responses not in
+	// :ref:`expected_statuses <envoy_v3_api_field_config.core.v3.HealthCheck.HttpHealthCheck.expected_statuses>` will result in
+	// the host being considered immediately unhealthy i.e. if status code 200 is expected and there are no configured retriable statuses, any
+	// non-200 response will result in the host being marked unhealthy.
+	RetriableStatuses []*v3.Int64Range `protobuf:"bytes,12,rep,name=retriable_statuses,json=retriableStatuses,proto3" json:"retriable_statuses,omitempty"`
+	// Use specified application protocol for health checks.
+	CodecClientType v3.CodecClientType `protobuf:"varint,10,opt,name=codec_client_type,json=codecClientType,proto3,enum=envoy.type.v3.CodecClientType" json:"codec_client_type,omitempty"`
+	// An optional service name parameter which is used to validate the identity of
+	// the health checked cluster using a :ref:`StringMatcher
+	// <envoy_v3_api_msg_type.matcher.v3.StringMatcher>`. See the :ref:`architecture overview
+	// <arch_overview_health_checking_identity>` for more information.
+	ServiceNameMatcher *v31.StringMatcher `protobuf:"bytes,11,opt,name=service_name_matcher,json=serviceNameMatcher,proto3" json:"service_name_matcher,omitempty"`
+}
+
+func (x *HealthCheck_HttpHealthCheck) Reset() {
+	*x = HealthCheck_HttpHealthCheck{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_config_core_v3_health_check_proto_msgTypes[2]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *HealthCheck_HttpHealthCheck) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*HealthCheck_HttpHealthCheck) ProtoMessage() {}
+
+func (x *HealthCheck_HttpHealthCheck) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_config_core_v3_health_check_proto_msgTypes[2]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use HealthCheck_HttpHealthCheck.ProtoReflect.Descriptor instead.
+func (*HealthCheck_HttpHealthCheck) Descriptor() ([]byte, []int) {
+	return file_envoy_config_core_v3_health_check_proto_rawDescGZIP(), []int{0, 1}
+}
+
+func (x *HealthCheck_HttpHealthCheck) GetHost() string {
+	if x != nil {
+		return x.Host
+	}
+	return ""
+}
+
+func (x *HealthCheck_HttpHealthCheck) GetPath() string {
+	if x != nil {
+		return x.Path
+	}
+	return ""
+}
+
+func (x *HealthCheck_HttpHealthCheck) GetSend() *HealthCheck_Payload {
+	if x != nil {
+		return x.Send
+	}
+	return nil
+}
+
+func (x *HealthCheck_HttpHealthCheck) GetReceive() *HealthCheck_Payload {
+	if x != nil {
+		return x.Receive
+	}
+	return nil
+}
+
+func (x *HealthCheck_HttpHealthCheck) GetRequestHeadersToAdd() []*HeaderValueOption {
+	if x != nil {
+		return x.RequestHeadersToAdd
+	}
+	return nil
+}
+
+func (x *HealthCheck_HttpHealthCheck) GetRequestHeadersToRemove() []string {
+	if x != nil {
+		return x.RequestHeadersToRemove
+	}
+	return nil
+}
+
+func (x *HealthCheck_HttpHealthCheck) GetExpectedStatuses() []*v3.Int64Range {
+	if x != nil {
+		return x.ExpectedStatuses
+	}
+	return nil
+}
+
+func (x *HealthCheck_HttpHealthCheck) GetRetriableStatuses() []*v3.Int64Range {
+	if x != nil {
+		return x.RetriableStatuses
+	}
+	return nil
+}
+
+func (x *HealthCheck_HttpHealthCheck) GetCodecClientType() v3.CodecClientType {
+	if x != nil {
+		return x.CodecClientType
+	}
+	return v3.CodecClientType_HTTP1
+}
+
+func (x *HealthCheck_HttpHealthCheck) GetServiceNameMatcher() *v31.StringMatcher {
+	if x != nil {
+		return x.ServiceNameMatcher
+	}
+	return nil
+}
+
+type HealthCheck_TcpHealthCheck struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// Empty payloads imply a connect-only health check.
+	Send *HealthCheck_Payload `protobuf:"bytes,1,opt,name=send,proto3" json:"send,omitempty"`
+	// When checking the response, “fuzzy” matching is performed such that each
+	// binary block must be found, and in the order specified, but not
+	// necessarily contiguous.
+	Receive []*HealthCheck_Payload `protobuf:"bytes,2,rep,name=receive,proto3" json:"receive,omitempty"`
+}
+
+func (x *HealthCheck_TcpHealthCheck) Reset() {
+	*x = HealthCheck_TcpHealthCheck{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_config_core_v3_health_check_proto_msgTypes[3]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *HealthCheck_TcpHealthCheck) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*HealthCheck_TcpHealthCheck) ProtoMessage() {}
+
+func (x *HealthCheck_TcpHealthCheck) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_config_core_v3_health_check_proto_msgTypes[3]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use HealthCheck_TcpHealthCheck.ProtoReflect.Descriptor instead.
+func (*HealthCheck_TcpHealthCheck) Descriptor() ([]byte, []int) {
+	return file_envoy_config_core_v3_health_check_proto_rawDescGZIP(), []int{0, 2}
+}
+
+func (x *HealthCheck_TcpHealthCheck) GetSend() *HealthCheck_Payload {
+	if x != nil {
+		return x.Send
+	}
+	return nil
+}
+
+func (x *HealthCheck_TcpHealthCheck) GetReceive() []*HealthCheck_Payload {
+	if x != nil {
+		return x.Receive
+	}
+	return nil
+}
+
+type HealthCheck_RedisHealthCheck struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// If set, optionally perform ``EXISTS <key>`` instead of ``PING``. A return value
+	// from Redis of 0 (does not exist) is considered a passing healthcheck. A return value other
+	// than 0 is considered a failure. This allows the user to mark a Redis instance for maintenance
+	// by setting the specified key to any value and waiting for traffic to drain.
+	Key string `protobuf:"bytes,1,opt,name=key,proto3" json:"key,omitempty"`
+}
+
+func (x *HealthCheck_RedisHealthCheck) Reset() {
+	*x = HealthCheck_RedisHealthCheck{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_config_core_v3_health_check_proto_msgTypes[4]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *HealthCheck_RedisHealthCheck) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*HealthCheck_RedisHealthCheck) ProtoMessage() {}
+
+func (x *HealthCheck_RedisHealthCheck) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_config_core_v3_health_check_proto_msgTypes[4]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use HealthCheck_RedisHealthCheck.ProtoReflect.Descriptor instead.
+func (*HealthCheck_RedisHealthCheck) Descriptor() ([]byte, []int) {
+	return file_envoy_config_core_v3_health_check_proto_rawDescGZIP(), []int{0, 3}
+}
+
+func (x *HealthCheck_RedisHealthCheck) GetKey() string {
+	if x != nil {
+		return x.Key
+	}
+	return ""
+}
+
+// `grpc.health.v1.Health
+// <https://github.com/grpc/grpc/blob/master/src/proto/grpc/health/v1/health.proto>`_-based
+// healthcheck. See `gRPC doc <https://github.com/grpc/grpc/blob/master/doc/health-checking.md>`_
+// for details.
+type HealthCheck_GrpcHealthCheck struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// An optional service name parameter which will be sent to gRPC service in
+	// `grpc.health.v1.HealthCheckRequest
+	// <https://github.com/grpc/grpc/blob/master/src/proto/grpc/health/v1/health.proto#L20>`_.
+	// message. See `gRPC health-checking overview
+	// <https://github.com/grpc/grpc/blob/master/doc/health-checking.md>`_ for more information.
+	ServiceName string `protobuf:"bytes,1,opt,name=service_name,json=serviceName,proto3" json:"service_name,omitempty"`
+	// The value of the :authority header in the gRPC health check request. If
+	// left empty (default value), the name of the cluster this health check is associated
+	// with will be used. The authority header can be customized for a specific endpoint by setting
+	// the :ref:`hostname <envoy_v3_api_field_config.endpoint.v3.Endpoint.HealthCheckConfig.hostname>` field.
+	Authority string `protobuf:"bytes,2,opt,name=authority,proto3" json:"authority,omitempty"`
+}
+
+func (x *HealthCheck_GrpcHealthCheck) Reset() {
+	*x = HealthCheck_GrpcHealthCheck{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_config_core_v3_health_check_proto_msgTypes[5]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *HealthCheck_GrpcHealthCheck) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*HealthCheck_GrpcHealthCheck) ProtoMessage() {}
+
+func (x *HealthCheck_GrpcHealthCheck) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_config_core_v3_health_check_proto_msgTypes[5]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use HealthCheck_GrpcHealthCheck.ProtoReflect.Descriptor instead.
+func (*HealthCheck_GrpcHealthCheck) Descriptor() ([]byte, []int) {
+	return file_envoy_config_core_v3_health_check_proto_rawDescGZIP(), []int{0, 4}
+}
+
+func (x *HealthCheck_GrpcHealthCheck) GetServiceName() string {
+	if x != nil {
+		return x.ServiceName
+	}
+	return ""
+}
+
+func (x *HealthCheck_GrpcHealthCheck) GetAuthority() string {
+	if x != nil {
+		return x.Authority
+	}
+	return ""
+}
+
+// Custom health check.
+type HealthCheck_CustomHealthCheck struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// The registered name of the custom health checker.
+	Name string `protobuf:"bytes,1,opt,name=name,proto3" json:"name,omitempty"`
+	// A custom health checker specific configuration which depends on the custom health checker
+	// being instantiated. See :api:`envoy/config/health_checker` for reference.
+	// [#extension-category: envoy.health_checkers]
+	//
+	// Types that are assignable to ConfigType:
+	//	*HealthCheck_CustomHealthCheck_TypedConfig
+	ConfigType isHealthCheck_CustomHealthCheck_ConfigType `protobuf_oneof:"config_type"`
+}
+
+func (x *HealthCheck_CustomHealthCheck) Reset() {
+	*x = HealthCheck_CustomHealthCheck{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_config_core_v3_health_check_proto_msgTypes[6]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *HealthCheck_CustomHealthCheck) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*HealthCheck_CustomHealthCheck) ProtoMessage() {}
+
+func (x *HealthCheck_CustomHealthCheck) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_config_core_v3_health_check_proto_msgTypes[6]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use HealthCheck_CustomHealthCheck.ProtoReflect.Descriptor instead.
+func (*HealthCheck_CustomHealthCheck) Descriptor() ([]byte, []int) {
+	return file_envoy_config_core_v3_health_check_proto_rawDescGZIP(), []int{0, 5}
+}
+
+func (x *HealthCheck_CustomHealthCheck) GetName() string {
+	if x != nil {
+		return x.Name
+	}
+	return ""
+}
+
+func (m *HealthCheck_CustomHealthCheck) GetConfigType() isHealthCheck_CustomHealthCheck_ConfigType {
+	if m != nil {
+		return m.ConfigType
+	}
+	return nil
+}
+
+func (x *HealthCheck_CustomHealthCheck) GetTypedConfig() *any.Any {
+	if x, ok := x.GetConfigType().(*HealthCheck_CustomHealthCheck_TypedConfig); ok {
+		return x.TypedConfig
+	}
+	return nil
+}
+
+type isHealthCheck_CustomHealthCheck_ConfigType interface {
+	isHealthCheck_CustomHealthCheck_ConfigType()
+}
+
+type HealthCheck_CustomHealthCheck_TypedConfig struct {
+	TypedConfig *any.Any `protobuf:"bytes,3,opt,name=typed_config,json=typedConfig,proto3,oneof"`
+}
+
+func (*HealthCheck_CustomHealthCheck_TypedConfig) isHealthCheck_CustomHealthCheck_ConfigType() {}
+
+// Health checks occur over the transport socket specified for the cluster. This implies that if a
+// cluster is using a TLS-enabled transport socket, the health check will also occur over TLS.
+//
+// This allows overriding the cluster TLS settings, just for health check connections.
+type HealthCheck_TlsOptions struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// Specifies the ALPN protocols for health check connections. This is useful if the
+	// corresponding upstream is using ALPN-based :ref:`FilterChainMatch
+	// <envoy_v3_api_msg_config.listener.v3.FilterChainMatch>` along with different protocols for health checks
+	// versus data connections. If empty, no ALPN protocols will be set on health check connections.
+	AlpnProtocols []string `protobuf:"bytes,1,rep,name=alpn_protocols,json=alpnProtocols,proto3" json:"alpn_protocols,omitempty"`
+}
+
+func (x *HealthCheck_TlsOptions) Reset() {
+	*x = HealthCheck_TlsOptions{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_config_core_v3_health_check_proto_msgTypes[7]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *HealthCheck_TlsOptions) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*HealthCheck_TlsOptions) ProtoMessage() {}
+
+func (x *HealthCheck_TlsOptions) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_config_core_v3_health_check_proto_msgTypes[7]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use HealthCheck_TlsOptions.ProtoReflect.Descriptor instead.
+func (*HealthCheck_TlsOptions) Descriptor() ([]byte, []int) {
+	return file_envoy_config_core_v3_health_check_proto_rawDescGZIP(), []int{0, 6}
+}
+
+func (x *HealthCheck_TlsOptions) GetAlpnProtocols() []string {
+	if x != nil {
+		return x.AlpnProtocols
+	}
+	return nil
+}
+
+var File_envoy_config_core_v3_health_check_proto protoreflect.FileDescriptor
+
+var file_envoy_config_core_v3_health_check_proto_rawDesc = []byte{
+	0x0a, 0x27, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2f, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2f, 0x63,
+	0x6f, 0x72, 0x65, 0x2f, 0x76, 0x33, 0x2f, 0x68, 0x65, 0x61, 0x6c, 0x74, 0x68, 0x5f, 0x63, 0x68,
+	0x65, 0x63, 0x6b, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x12, 0x14, 0x65, 0x6e, 0x76, 0x6f, 0x79,
+	0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x63, 0x6f, 0x72, 0x65, 0x2e, 0x76, 0x33, 0x1a,
+	0x1f, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2f, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2f, 0x63, 0x6f,
+	0x72, 0x65, 0x2f, 0x76, 0x33, 0x2f, 0x62, 0x61, 0x73, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f,
+	0x1a, 0x2f, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2f, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2f, 0x63,
+	0x6f, 0x72, 0x65, 0x2f, 0x76, 0x33, 0x2f, 0x65, 0x76, 0x65, 0x6e, 0x74, 0x5f, 0x73, 0x65, 0x72,
+	0x76, 0x69, 0x63, 0x65, 0x5f, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x70, 0x72, 0x6f, 0x74,
+	0x6f, 0x1a, 0x22, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2f, 0x74, 0x79, 0x70, 0x65, 0x2f, 0x6d, 0x61,
+	0x74, 0x63, 0x68, 0x65, 0x72, 0x2f, 0x76, 0x33, 0x2f, 0x73, 0x74, 0x72, 0x69, 0x6e, 0x67, 0x2e,
+	0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x18, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2f, 0x74, 0x79, 0x70,
+	0x65, 0x2f, 0x76, 0x33, 0x2f, 0x68, 0x74, 0x74, 0x70, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a,
+	0x19, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2f, 0x74, 0x79, 0x70, 0x65, 0x2f, 0x76, 0x33, 0x2f, 0x72,
+	0x61, 0x6e, 0x67, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x19, 0x67, 0x6f, 0x6f, 0x67,
+	0x6c, 0x65, 0x2f, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2f, 0x61, 0x6e, 0x79, 0x2e,
+	0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x1e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2f, 0x70, 0x72,
+	0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2f, 0x64, 0x75, 0x72, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x2e,
+	0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x1c, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2f, 0x70, 0x72,
+	0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2f, 0x73, 0x74, 0x72, 0x75, 0x63, 0x74, 0x2e, 0x70, 0x72,
+	0x6f, 0x74, 0x6f, 0x1a, 0x1e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2f, 0x70, 0x72, 0x6f, 0x74,
+	0x6f, 0x62, 0x75, 0x66, 0x2f, 0x77, 0x72, 0x61, 0x70, 0x70, 0x65, 0x72, 0x73, 0x2e, 0x70, 0x72,
+	0x6f, 0x74, 0x6f, 0x1a, 0x1d, 0x75, 0x64, 0x70, 0x61, 0x2f, 0x61, 0x6e, 0x6e, 0x6f, 0x74, 0x61,
+	0x74, 0x69, 0x6f, 0x6e, 0x73, 0x2f, 0x73, 0x74, 0x61, 0x74, 0x75, 0x73, 0x2e, 0x70, 0x72, 0x6f,
+	0x74, 0x6f, 0x1a, 0x21, 0x75, 0x64, 0x70, 0x61, 0x2f, 0x61, 0x6e, 0x6e, 0x6f, 0x74, 0x61, 0x74,
+	0x69, 0x6f, 0x6e, 0x73, 0x2f, 0x76, 0x65, 0x72, 0x73, 0x69, 0x6f, 0x6e, 0x69, 0x6e, 0x67, 0x2e,
+	0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x17, 0x76, 0x61, 0x6c, 0x69, 0x64, 0x61, 0x74, 0x65, 0x2f,
+	0x76, 0x61, 0x6c, 0x69, 0x64, 0x61, 0x74, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x22, 0x90,
+	0x1c, 0x0a, 0x0b, 0x48, 0x65, 0x61, 0x6c, 0x74, 0x68, 0x43, 0x68, 0x65, 0x63, 0x6b, 0x12, 0x3f,
+	0x0a, 0x07, 0x74, 0x69, 0x6d, 0x65, 0x6f, 0x75, 0x74, 0x18, 0x01, 0x20, 0x01, 0x28, 0x0b, 0x32,
+	0x19, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75,
+	0x66, 0x2e, 0x44, 0x75, 0x72, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x42, 0x0a, 0xfa, 0x42, 0x07, 0xaa,
+	0x01, 0x04, 0x08, 0x01, 0x2a, 0x00, 0x52, 0x07, 0x74, 0x69, 0x6d, 0x65, 0x6f, 0x75, 0x74, 0x12,
+	0x41, 0x0a, 0x08, 0x69, 0x6e, 0x74, 0x65, 0x72, 0x76, 0x61, 0x6c, 0x18, 0x02, 0x20, 0x01, 0x28,
+	0x0b, 0x32, 0x19, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f,
+	0x62, 0x75, 0x66, 0x2e, 0x44, 0x75, 0x72, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x42, 0x0a, 0xfa, 0x42,
+	0x07, 0xaa, 0x01, 0x04, 0x08, 0x01, 0x2a, 0x00, 0x52, 0x08, 0x69, 0x6e, 0x74, 0x65, 0x72, 0x76,
+	0x61, 0x6c, 0x12, 0x40, 0x0a, 0x0e, 0x69, 0x6e, 0x69, 0x74, 0x69, 0x61, 0x6c, 0x5f, 0x6a, 0x69,
+	0x74, 0x74, 0x65, 0x72, 0x18, 0x14, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x19, 0x2e, 0x67, 0x6f, 0x6f,
+	0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x44, 0x75, 0x72,
+	0x61, 0x74, 0x69, 0x6f, 0x6e, 0x52, 0x0d, 0x69, 0x6e, 0x69, 0x74, 0x69, 0x61, 0x6c, 0x4a, 0x69,
+	0x74, 0x74, 0x65, 0x72, 0x12, 0x42, 0x0a, 0x0f, 0x69, 0x6e, 0x74, 0x65, 0x72, 0x76, 0x61, 0x6c,
+	0x5f, 0x6a, 0x69, 0x74, 0x74, 0x65, 0x72, 0x18, 0x03, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x19, 0x2e,
+	0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e,
+	0x44, 0x75, 0x72, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x52, 0x0e, 0x69, 0x6e, 0x74, 0x65, 0x72, 0x76,
+	0x61, 0x6c, 0x4a, 0x69, 0x74, 0x74, 0x65, 0x72, 0x12, 0x36, 0x0a, 0x17, 0x69, 0x6e, 0x74, 0x65,
+	0x72, 0x76, 0x61, 0x6c, 0x5f, 0x6a, 0x69, 0x74, 0x74, 0x65, 0x72, 0x5f, 0x70, 0x65, 0x72, 0x63,
+	0x65, 0x6e, 0x74, 0x18, 0x12, 0x20, 0x01, 0x28, 0x0d, 0x52, 0x15, 0x69, 0x6e, 0x74, 0x65, 0x72,
+	0x76, 0x61, 0x6c, 0x4a, 0x69, 0x74, 0x74, 0x65, 0x72, 0x50, 0x65, 0x72, 0x63, 0x65, 0x6e, 0x74,
+	0x12, 0x57, 0x0a, 0x13, 0x75, 0x6e, 0x68, 0x65, 0x61, 0x6c, 0x74, 0x68, 0x79, 0x5f, 0x74, 0x68,
+	0x72, 0x65, 0x73, 0x68, 0x6f, 0x6c, 0x64, 0x18, 0x04, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1c, 0x2e,
+	0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e,
+	0x55, 0x49, 0x6e, 0x74, 0x33, 0x32, 0x56, 0x61, 0x6c, 0x75, 0x65, 0x42, 0x08, 0xfa, 0x42, 0x05,
+	0x8a, 0x01, 0x02, 0x10, 0x01, 0x52, 0x12, 0x75, 0x6e, 0x68, 0x65, 0x61, 0x6c, 0x74, 0x68, 0x79,
+	0x54, 0x68, 0x72, 0x65, 0x73, 0x68, 0x6f, 0x6c, 0x64, 0x12, 0x53, 0x0a, 0x11, 0x68, 0x65, 0x61,
+	0x6c, 0x74, 0x68, 0x79, 0x5f, 0x74, 0x68, 0x72, 0x65, 0x73, 0x68, 0x6f, 0x6c, 0x64, 0x18, 0x05,
+	0x20, 0x01, 0x28, 0x0b, 0x32, 0x1c, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72,
+	0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x55, 0x49, 0x6e, 0x74, 0x33, 0x32, 0x56, 0x61, 0x6c,
+	0x75, 0x65, 0x42, 0x08, 0xfa, 0x42, 0x05, 0x8a, 0x01, 0x02, 0x10, 0x01, 0x52, 0x10, 0x68, 0x65,
+	0x61, 0x6c, 0x74, 0x68, 0x79, 0x54, 0x68, 0x72, 0x65, 0x73, 0x68, 0x6f, 0x6c, 0x64, 0x12, 0x37,
+	0x0a, 0x08, 0x61, 0x6c, 0x74, 0x5f, 0x70, 0x6f, 0x72, 0x74, 0x18, 0x06, 0x20, 0x01, 0x28, 0x0b,
+	0x32, 0x1c, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62,
+	0x75, 0x66, 0x2e, 0x55, 0x49, 0x6e, 0x74, 0x33, 0x32, 0x56, 0x61, 0x6c, 0x75, 0x65, 0x52, 0x07,
+	0x61, 0x6c, 0x74, 0x50, 0x6f, 0x72, 0x74, 0x12, 0x45, 0x0a, 0x10, 0x72, 0x65, 0x75, 0x73, 0x65,
+	0x5f, 0x63, 0x6f, 0x6e, 0x6e, 0x65, 0x63, 0x74, 0x69, 0x6f, 0x6e, 0x18, 0x07, 0x20, 0x01, 0x28,
+	0x0b, 0x32, 0x1a, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f,
+	0x62, 0x75, 0x66, 0x2e, 0x42, 0x6f, 0x6f, 0x6c, 0x56, 0x61, 0x6c, 0x75, 0x65, 0x52, 0x0f, 0x72,
+	0x65, 0x75, 0x73, 0x65, 0x43, 0x6f, 0x6e, 0x6e, 0x65, 0x63, 0x74, 0x69, 0x6f, 0x6e, 0x12, 0x5f,
+	0x0a, 0x11, 0x68, 0x74, 0x74, 0x70, 0x5f, 0x68, 0x65, 0x61, 0x6c, 0x74, 0x68, 0x5f, 0x63, 0x68,
+	0x65, 0x63, 0x6b, 0x18, 0x08, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x31, 0x2e, 0x65, 0x6e, 0x76, 0x6f,
+	0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x63, 0x6f, 0x72, 0x65, 0x2e, 0x76, 0x33,
+	0x2e, 0x48, 0x65, 0x61, 0x6c, 0x74, 0x68, 0x43, 0x68, 0x65, 0x63, 0x6b, 0x2e, 0x48, 0x74, 0x74,
+	0x70, 0x48, 0x65, 0x61, 0x6c, 0x74, 0x68, 0x43, 0x68, 0x65, 0x63, 0x6b, 0x48, 0x00, 0x52, 0x0f,
+	0x68, 0x74, 0x74, 0x70, 0x48, 0x65, 0x61, 0x6c, 0x74, 0x68, 0x43, 0x68, 0x65, 0x63, 0x6b, 0x12,
+	0x5c, 0x0a, 0x10, 0x74, 0x63, 0x70, 0x5f, 0x68, 0x65, 0x61, 0x6c, 0x74, 0x68, 0x5f, 0x63, 0x68,
+	0x65, 0x63, 0x6b, 0x18, 0x09, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x30, 0x2e, 0x65, 0x6e, 0x76, 0x6f,
+	0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x63, 0x6f, 0x72, 0x65, 0x2e, 0x76, 0x33,
+	0x2e, 0x48, 0x65, 0x61, 0x6c, 0x74, 0x68, 0x43, 0x68, 0x65, 0x63, 0x6b, 0x2e, 0x54, 0x63, 0x70,
+	0x48, 0x65, 0x61, 0x6c, 0x74, 0x68, 0x43, 0x68, 0x65, 0x63, 0x6b, 0x48, 0x00, 0x52, 0x0e, 0x74,
+	0x63, 0x70, 0x48, 0x65, 0x61, 0x6c, 0x74, 0x68, 0x43, 0x68, 0x65, 0x63, 0x6b, 0x12, 0x5f, 0x0a,
+	0x11, 0x67, 0x72, 0x70, 0x63, 0x5f, 0x68, 0x65, 0x61, 0x6c, 0x74, 0x68, 0x5f, 0x63, 0x68, 0x65,
+	0x63, 0x6b, 0x18, 0x0b, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x31, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79,
+	0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x63, 0x6f, 0x72, 0x65, 0x2e, 0x76, 0x33, 0x2e,
+	0x48, 0x65, 0x61, 0x6c, 0x74, 0x68, 0x43, 0x68, 0x65, 0x63, 0x6b, 0x2e, 0x47, 0x72, 0x70, 0x63,
+	0x48, 0x65, 0x61, 0x6c, 0x74, 0x68, 0x43, 0x68, 0x65, 0x63, 0x6b, 0x48, 0x00, 0x52, 0x0f, 0x67,
+	0x72, 0x70, 0x63, 0x48, 0x65, 0x61, 0x6c, 0x74, 0x68, 0x43, 0x68, 0x65, 0x63, 0x6b, 0x12, 0x65,
+	0x0a, 0x13, 0x63, 0x75, 0x73, 0x74, 0x6f, 0x6d, 0x5f, 0x68, 0x65, 0x61, 0x6c, 0x74, 0x68, 0x5f,
+	0x63, 0x68, 0x65, 0x63, 0x6b, 0x18, 0x0d, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x33, 0x2e, 0x65, 0x6e,
+	0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x63, 0x6f, 0x72, 0x65, 0x2e,
+	0x76, 0x33, 0x2e, 0x48, 0x65, 0x61, 0x6c, 0x74, 0x68, 0x43, 0x68, 0x65, 0x63, 0x6b, 0x2e, 0x43,
+	0x75, 0x73, 0x74, 0x6f, 0x6d, 0x48, 0x65, 0x61, 0x6c, 0x74, 0x68, 0x43, 0x68, 0x65, 0x63, 0x6b,
+	0x48, 0x00, 0x52, 0x11, 0x63, 0x75, 0x73, 0x74, 0x6f, 0x6d, 0x48, 0x65, 0x61, 0x6c, 0x74, 0x68,
+	0x43, 0x68, 0x65, 0x63, 0x6b, 0x12, 0x53, 0x0a, 0x13, 0x6e, 0x6f, 0x5f, 0x74, 0x72, 0x61, 0x66,
+	0x66, 0x69, 0x63, 0x5f, 0x69, 0x6e, 0x74, 0x65, 0x72, 0x76, 0x61, 0x6c, 0x18, 0x0c, 0x20, 0x01,
+	0x28, 0x0b, 0x32, 0x19, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74,
+	0x6f, 0x62, 0x75, 0x66, 0x2e, 0x44, 0x75, 0x72, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x42, 0x08, 0xfa,
+	0x42, 0x05, 0xaa, 0x01, 0x02, 0x2a, 0x00, 0x52, 0x11, 0x6e, 0x6f, 0x54, 0x72, 0x61, 0x66, 0x66,
+	0x69, 0x63, 0x49, 0x6e, 0x74, 0x65, 0x72, 0x76, 0x61, 0x6c, 0x12, 0x62, 0x0a, 0x1b, 0x6e, 0x6f,
+	0x5f, 0x74, 0x72, 0x61, 0x66, 0x66, 0x69, 0x63, 0x5f, 0x68, 0x65, 0x61, 0x6c, 0x74, 0x68, 0x79,
+	0x5f, 0x69, 0x6e, 0x74, 0x65, 0x72, 0x76, 0x61, 0x6c, 0x18, 0x18, 0x20, 0x01, 0x28, 0x0b, 0x32,
+	0x19, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75,
+	0x66, 0x2e, 0x44, 0x75, 0x72, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x42, 0x08, 0xfa, 0x42, 0x05, 0xaa,
+	0x01, 0x02, 0x2a, 0x00, 0x52, 0x18, 0x6e, 0x6f, 0x54, 0x72, 0x61, 0x66, 0x66, 0x69, 0x63, 0x48,
+	0x65, 0x61, 0x6c, 0x74, 0x68, 0x79, 0x49, 0x6e, 0x74, 0x65, 0x72, 0x76, 0x61, 0x6c, 0x12, 0x52,
+	0x0a, 0x12, 0x75, 0x6e, 0x68, 0x65, 0x61, 0x6c, 0x74, 0x68, 0x79, 0x5f, 0x69, 0x6e, 0x74, 0x65,
+	0x72, 0x76, 0x61, 0x6c, 0x18, 0x0e, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x19, 0x2e, 0x67, 0x6f, 0x6f,
+	0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x44, 0x75, 0x72,
+	0x61, 0x74, 0x69, 0x6f, 0x6e, 0x42, 0x08, 0xfa, 0x42, 0x05, 0xaa, 0x01, 0x02, 0x2a, 0x00, 0x52,
+	0x11, 0x75, 0x6e, 0x68, 0x65, 0x61, 0x6c, 0x74, 0x68, 0x79, 0x49, 0x6e, 0x74, 0x65, 0x72, 0x76,
+	0x61, 0x6c, 0x12, 0x5b, 0x0a, 0x17, 0x75, 0x6e, 0x68, 0x65, 0x61, 0x6c, 0x74, 0x68, 0x79, 0x5f,
+	0x65, 0x64, 0x67, 0x65, 0x5f, 0x69, 0x6e, 0x74, 0x65, 0x72, 0x76, 0x61, 0x6c, 0x18, 0x0f, 0x20,
+	0x01, 0x28, 0x0b, 0x32, 0x19, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f,
+	0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x44, 0x75, 0x72, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x42, 0x08,
+	0xfa, 0x42, 0x05, 0xaa, 0x01, 0x02, 0x2a, 0x00, 0x52, 0x15, 0x75, 0x6e, 0x68, 0x65, 0x61, 0x6c,
+	0x74, 0x68, 0x79, 0x45, 0x64, 0x67, 0x65, 0x49, 0x6e, 0x74, 0x65, 0x72, 0x76, 0x61, 0x6c, 0x12,
+	0x57, 0x0a, 0x15, 0x68, 0x65, 0x61, 0x6c, 0x74, 0x68, 0x79, 0x5f, 0x65, 0x64, 0x67, 0x65, 0x5f,
+	0x69, 0x6e, 0x74, 0x65, 0x72, 0x76, 0x61, 0x6c, 0x18, 0x10, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x19,
+	0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66,
+	0x2e, 0x44, 0x75, 0x72, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x42, 0x08, 0xfa, 0x42, 0x05, 0xaa, 0x01,
+	0x02, 0x2a, 0x00, 0x52, 0x13, 0x68, 0x65, 0x61, 0x6c, 0x74, 0x68, 0x79, 0x45, 0x64, 0x67, 0x65,
+	0x49, 0x6e, 0x74, 0x65, 0x72, 0x76, 0x61, 0x6c, 0x12, 0x24, 0x0a, 0x0e, 0x65, 0x76, 0x65, 0x6e,
+	0x74, 0x5f, 0x6c, 0x6f, 0x67, 0x5f, 0x70, 0x61, 0x74, 0x68, 0x18, 0x11, 0x20, 0x01, 0x28, 0x09,
+	0x52, 0x0c, 0x65, 0x76, 0x65, 0x6e, 0x74, 0x4c, 0x6f, 0x67, 0x50, 0x61, 0x74, 0x68, 0x12, 0x4d,
+	0x0a, 0x0d, 0x65, 0x76, 0x65, 0x6e, 0x74, 0x5f, 0x73, 0x65, 0x72, 0x76, 0x69, 0x63, 0x65, 0x18,
+	0x16, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x28, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f,
+	0x6e, 0x66, 0x69, 0x67, 0x2e, 0x63, 0x6f, 0x72, 0x65, 0x2e, 0x76, 0x33, 0x2e, 0x45, 0x76, 0x65,
+	0x6e, 0x74, 0x53, 0x65, 0x72, 0x76, 0x69, 0x63, 0x65, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x52,
+	0x0c, 0x65, 0x76, 0x65, 0x6e, 0x74, 0x53, 0x65, 0x72, 0x76, 0x69, 0x63, 0x65, 0x12, 0x46, 0x0a,
+	0x20, 0x61, 0x6c, 0x77, 0x61, 0x79, 0x73, 0x5f, 0x6c, 0x6f, 0x67, 0x5f, 0x68, 0x65, 0x61, 0x6c,
+	0x74, 0x68, 0x5f, 0x63, 0x68, 0x65, 0x63, 0x6b, 0x5f, 0x66, 0x61, 0x69, 0x6c, 0x75, 0x72, 0x65,
+	0x73, 0x18, 0x13, 0x20, 0x01, 0x28, 0x08, 0x52, 0x1c, 0x61, 0x6c, 0x77, 0x61, 0x79, 0x73, 0x4c,
+	0x6f, 0x67, 0x48, 0x65, 0x61, 0x6c, 0x74, 0x68, 0x43, 0x68, 0x65, 0x63, 0x6b, 0x46, 0x61, 0x69,
+	0x6c, 0x75, 0x72, 0x65, 0x73, 0x12, 0x4d, 0x0a, 0x0b, 0x74, 0x6c, 0x73, 0x5f, 0x6f, 0x70, 0x74,
+	0x69, 0x6f, 0x6e, 0x73, 0x18, 0x15, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x2c, 0x2e, 0x65, 0x6e, 0x76,
+	0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x63, 0x6f, 0x72, 0x65, 0x2e, 0x76,
+	0x33, 0x2e, 0x48, 0x65, 0x61, 0x6c, 0x74, 0x68, 0x43, 0x68, 0x65, 0x63, 0x6b, 0x2e, 0x54, 0x6c,
+	0x73, 0x4f, 0x70, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x52, 0x0a, 0x74, 0x6c, 0x73, 0x4f, 0x70, 0x74,
+	0x69, 0x6f, 0x6e, 0x73, 0x12, 0x5e, 0x0a, 0x1f, 0x74, 0x72, 0x61, 0x6e, 0x73, 0x70, 0x6f, 0x72,
+	0x74, 0x5f, 0x73, 0x6f, 0x63, 0x6b, 0x65, 0x74, 0x5f, 0x6d, 0x61, 0x74, 0x63, 0x68, 0x5f, 0x63,
+	0x72, 0x69, 0x74, 0x65, 0x72, 0x69, 0x61, 0x18, 0x17, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x17, 0x2e,
+	0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e,
+	0x53, 0x74, 0x72, 0x75, 0x63, 0x74, 0x52, 0x1c, 0x74, 0x72, 0x61, 0x6e, 0x73, 0x70, 0x6f, 0x72,
+	0x74, 0x53, 0x6f, 0x63, 0x6b, 0x65, 0x74, 0x4d, 0x61, 0x74, 0x63, 0x68, 0x43, 0x72, 0x69, 0x74,
+	0x65, 0x72, 0x69, 0x61, 0x1a, 0x80, 0x01, 0x0a, 0x07, 0x50, 0x61, 0x79, 0x6c, 0x6f, 0x61, 0x64,
+	0x12, 0x1d, 0x0a, 0x04, 0x74, 0x65, 0x78, 0x74, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x42, 0x07,
+	0xfa, 0x42, 0x04, 0x72, 0x02, 0x10, 0x01, 0x48, 0x00, 0x52, 0x04, 0x74, 0x65, 0x78, 0x74, 0x12,
+	0x18, 0x0a, 0x06, 0x62, 0x69, 0x6e, 0x61, 0x72, 0x79, 0x18, 0x02, 0x20, 0x01, 0x28, 0x0c, 0x48,
+	0x00, 0x52, 0x06, 0x62, 0x69, 0x6e, 0x61, 0x72, 0x79, 0x3a, 0x2c, 0x9a, 0xc5, 0x88, 0x1e, 0x27,
+	0x0a, 0x25, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x76, 0x32, 0x2e, 0x63,
+	0x6f, 0x72, 0x65, 0x2e, 0x48, 0x65, 0x61, 0x6c, 0x74, 0x68, 0x43, 0x68, 0x65, 0x63, 0x6b, 0x2e,
+	0x50, 0x61, 0x79, 0x6c, 0x6f, 0x61, 0x64, 0x42, 0x0e, 0x0a, 0x07, 0x70, 0x61, 0x79, 0x6c, 0x6f,
+	0x61, 0x64, 0x12, 0x03, 0xf8, 0x42, 0x01, 0x1a, 0xaa, 0x06, 0x0a, 0x0f, 0x48, 0x74, 0x74, 0x70,
+	0x48, 0x65, 0x61, 0x6c, 0x74, 0x68, 0x43, 0x68, 0x65, 0x63, 0x6b, 0x12, 0x1f, 0x0a, 0x04, 0x68,
+	0x6f, 0x73, 0x74, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x42, 0x0b, 0xfa, 0x42, 0x08, 0x72, 0x06,
+	0xc0, 0x01, 0x02, 0xc8, 0x01, 0x00, 0x52, 0x04, 0x68, 0x6f, 0x73, 0x74, 0x12, 0x21, 0x0a, 0x04,
+	0x70, 0x61, 0x74, 0x68, 0x18, 0x02, 0x20, 0x01, 0x28, 0x09, 0x42, 0x0d, 0xfa, 0x42, 0x0a, 0x72,
+	0x08, 0x10, 0x01, 0xc0, 0x01, 0x02, 0xc8, 0x01, 0x00, 0x52, 0x04, 0x70, 0x61, 0x74, 0x68, 0x12,
+	0x3d, 0x0a, 0x04, 0x73, 0x65, 0x6e, 0x64, 0x18, 0x03, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x29, 0x2e,
+	0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x63, 0x6f, 0x72,
+	0x65, 0x2e, 0x76, 0x33, 0x2e, 0x48, 0x65, 0x61, 0x6c, 0x74, 0x68, 0x43, 0x68, 0x65, 0x63, 0x6b,
+	0x2e, 0x50, 0x61, 0x79, 0x6c, 0x6f, 0x61, 0x64, 0x52, 0x04, 0x73, 0x65, 0x6e, 0x64, 0x12, 0x43,
+	0x0a, 0x07, 0x72, 0x65, 0x63, 0x65, 0x69, 0x76, 0x65, 0x18, 0x04, 0x20, 0x01, 0x28, 0x0b, 0x32,
+	0x29, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x63,
+	0x6f, 0x72, 0x65, 0x2e, 0x76, 0x33, 0x2e, 0x48, 0x65, 0x61, 0x6c, 0x74, 0x68, 0x43, 0x68, 0x65,
+	0x63, 0x6b, 0x2e, 0x50, 0x61, 0x79, 0x6c, 0x6f, 0x61, 0x64, 0x52, 0x07, 0x72, 0x65, 0x63, 0x65,
+	0x69, 0x76, 0x65, 0x12, 0x67, 0x0a, 0x16, 0x72, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x5f, 0x68,
+	0x65, 0x61, 0x64, 0x65, 0x72, 0x73, 0x5f, 0x74, 0x6f, 0x5f, 0x61, 0x64, 0x64, 0x18, 0x06, 0x20,
+	0x03, 0x28, 0x0b, 0x32, 0x27, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66,
+	0x69, 0x67, 0x2e, 0x63, 0x6f, 0x72, 0x65, 0x2e, 0x76, 0x33, 0x2e, 0x48, 0x65, 0x61, 0x64, 0x65,
+	0x72, 0x56, 0x61, 0x6c, 0x75, 0x65, 0x4f, 0x70, 0x74, 0x69, 0x6f, 0x6e, 0x42, 0x09, 0xfa, 0x42,
+	0x06, 0x92, 0x01, 0x03, 0x10, 0xe8, 0x07, 0x52, 0x13, 0x72, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74,
+	0x48, 0x65, 0x61, 0x64, 0x65, 0x72, 0x73, 0x54, 0x6f, 0x41, 0x64, 0x64, 0x12, 0x4b, 0x0a, 0x19,
+	0x72, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x5f, 0x68, 0x65, 0x61, 0x64, 0x65, 0x72, 0x73, 0x5f,
+	0x74, 0x6f, 0x5f, 0x72, 0x65, 0x6d, 0x6f, 0x76, 0x65, 0x18, 0x08, 0x20, 0x03, 0x28, 0x09, 0x42,
+	0x10, 0xfa, 0x42, 0x0d, 0x92, 0x01, 0x0a, 0x22, 0x08, 0x72, 0x06, 0xc0, 0x01, 0x01, 0xc8, 0x01,
+	0x00, 0x52, 0x16, 0x72, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x48, 0x65, 0x61, 0x64, 0x65, 0x72,
+	0x73, 0x54, 0x6f, 0x52, 0x65, 0x6d, 0x6f, 0x76, 0x65, 0x12, 0x46, 0x0a, 0x11, 0x65, 0x78, 0x70,
+	0x65, 0x63, 0x74, 0x65, 0x64, 0x5f, 0x73, 0x74, 0x61, 0x74, 0x75, 0x73, 0x65, 0x73, 0x18, 0x09,
+	0x20, 0x03, 0x28, 0x0b, 0x32, 0x19, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x74, 0x79, 0x70,
+	0x65, 0x2e, 0x76, 0x33, 0x2e, 0x49, 0x6e, 0x74, 0x36, 0x34, 0x52, 0x61, 0x6e, 0x67, 0x65, 0x52,
+	0x10, 0x65, 0x78, 0x70, 0x65, 0x63, 0x74, 0x65, 0x64, 0x53, 0x74, 0x61, 0x74, 0x75, 0x73, 0x65,
+	0x73, 0x12, 0x48, 0x0a, 0x12, 0x72, 0x65, 0x74, 0x72, 0x69, 0x61, 0x62, 0x6c, 0x65, 0x5f, 0x73,
+	0x74, 0x61, 0x74, 0x75, 0x73, 0x65, 0x73, 0x18, 0x0c, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x19, 0x2e,
+	0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x74, 0x79, 0x70, 0x65, 0x2e, 0x76, 0x33, 0x2e, 0x49, 0x6e,
+	0x74, 0x36, 0x34, 0x52, 0x61, 0x6e, 0x67, 0x65, 0x52, 0x11, 0x72, 0x65, 0x74, 0x72, 0x69, 0x61,
+	0x62, 0x6c, 0x65, 0x53, 0x74, 0x61, 0x74, 0x75, 0x73, 0x65, 0x73, 0x12, 0x54, 0x0a, 0x11, 0x63,
+	0x6f, 0x64, 0x65, 0x63, 0x5f, 0x63, 0x6c, 0x69, 0x65, 0x6e, 0x74, 0x5f, 0x74, 0x79, 0x70, 0x65,
+	0x18, 0x0a, 0x20, 0x01, 0x28, 0x0e, 0x32, 0x1e, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x74,
+	0x79, 0x70, 0x65, 0x2e, 0x76, 0x33, 0x2e, 0x43, 0x6f, 0x64, 0x65, 0x63, 0x43, 0x6c, 0x69, 0x65,
+	0x6e, 0x74, 0x54, 0x79, 0x70, 0x65, 0x42, 0x08, 0xfa, 0x42, 0x05, 0x82, 0x01, 0x02, 0x10, 0x01,
+	0x52, 0x0f, 0x63, 0x6f, 0x64, 0x65, 0x63, 0x43, 0x6c, 0x69, 0x65, 0x6e, 0x74, 0x54, 0x79, 0x70,
+	0x65, 0x12, 0x56, 0x0a, 0x14, 0x73, 0x65, 0x72, 0x76, 0x69, 0x63, 0x65, 0x5f, 0x6e, 0x61, 0x6d,
+	0x65, 0x5f, 0x6d, 0x61, 0x74, 0x63, 0x68, 0x65, 0x72, 0x18, 0x0b, 0x20, 0x01, 0x28, 0x0b, 0x32,
+	0x24, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x74, 0x79, 0x70, 0x65, 0x2e, 0x6d, 0x61, 0x74,
+	0x63, 0x68, 0x65, 0x72, 0x2e, 0x76, 0x33, 0x2e, 0x53, 0x74, 0x72, 0x69, 0x6e, 0x67, 0x4d, 0x61,
+	0x74, 0x63, 0x68, 0x65, 0x72, 0x52, 0x12, 0x73, 0x65, 0x72, 0x76, 0x69, 0x63, 0x65, 0x4e, 0x61,
+	0x6d, 0x65, 0x4d, 0x61, 0x74, 0x63, 0x68, 0x65, 0x72, 0x3a, 0x34, 0x9a, 0xc5, 0x88, 0x1e, 0x2f,
+	0x0a, 0x2d, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x76, 0x32, 0x2e, 0x63,
+	0x6f, 0x72, 0x65, 0x2e, 0x48, 0x65, 0x61, 0x6c, 0x74, 0x68, 0x43, 0x68, 0x65, 0x63, 0x6b, 0x2e,
+	0x48, 0x74, 0x74, 0x70, 0x48, 0x65, 0x61, 0x6c, 0x74, 0x68, 0x43, 0x68, 0x65, 0x63, 0x6b, 0x4a,
+	0x04, 0x08, 0x05, 0x10, 0x06, 0x4a, 0x04, 0x08, 0x07, 0x10, 0x08, 0x52, 0x0c, 0x73, 0x65, 0x72,
+	0x76, 0x69, 0x63, 0x65, 0x5f, 0x6e, 0x61, 0x6d, 0x65, 0x52, 0x09, 0x75, 0x73, 0x65, 0x5f, 0x68,
+	0x74, 0x74, 0x70, 0x32, 0x1a, 0xc9, 0x01, 0x0a, 0x0e, 0x54, 0x63, 0x70, 0x48, 0x65, 0x61, 0x6c,
+	0x74, 0x68, 0x43, 0x68, 0x65, 0x63, 0x6b, 0x12, 0x3d, 0x0a, 0x04, 0x73, 0x65, 0x6e, 0x64, 0x18,
+	0x01, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x29, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f,
+	0x6e, 0x66, 0x69, 0x67, 0x2e, 0x63, 0x6f, 0x72, 0x65, 0x2e, 0x76, 0x33, 0x2e, 0x48, 0x65, 0x61,
+	0x6c, 0x74, 0x68, 0x43, 0x68, 0x65, 0x63, 0x6b, 0x2e, 0x50, 0x61, 0x79, 0x6c, 0x6f, 0x61, 0x64,
+	0x52, 0x04, 0x73, 0x65, 0x6e, 0x64, 0x12, 0x43, 0x0a, 0x07, 0x72, 0x65, 0x63, 0x65, 0x69, 0x76,
+	0x65, 0x18, 0x02, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x29, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e,
+	0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x63, 0x6f, 0x72, 0x65, 0x2e, 0x76, 0x33, 0x2e, 0x48,
+	0x65, 0x61, 0x6c, 0x74, 0x68, 0x43, 0x68, 0x65, 0x63, 0x6b, 0x2e, 0x50, 0x61, 0x79, 0x6c, 0x6f,
+	0x61, 0x64, 0x52, 0x07, 0x72, 0x65, 0x63, 0x65, 0x69, 0x76, 0x65, 0x3a, 0x33, 0x9a, 0xc5, 0x88,
+	0x1e, 0x2e, 0x0a, 0x2c, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x76, 0x32,
+	0x2e, 0x63, 0x6f, 0x72, 0x65, 0x2e, 0x48, 0x65, 0x61, 0x6c, 0x74, 0x68, 0x43, 0x68, 0x65, 0x63,
+	0x6b, 0x2e, 0x54, 0x63, 0x70, 0x48, 0x65, 0x61, 0x6c, 0x74, 0x68, 0x43, 0x68, 0x65, 0x63, 0x6b,
+	0x1a, 0x5b, 0x0a, 0x10, 0x52, 0x65, 0x64, 0x69, 0x73, 0x48, 0x65, 0x61, 0x6c, 0x74, 0x68, 0x43,
+	0x68, 0x65, 0x63, 0x6b, 0x12, 0x10, 0x0a, 0x03, 0x6b, 0x65, 0x79, 0x18, 0x01, 0x20, 0x01, 0x28,
+	0x09, 0x52, 0x03, 0x6b, 0x65, 0x79, 0x3a, 0x35, 0x9a, 0xc5, 0x88, 0x1e, 0x30, 0x0a, 0x2e, 0x65,
+	0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x76, 0x32, 0x2e, 0x63, 0x6f, 0x72, 0x65,
+	0x2e, 0x48, 0x65, 0x61, 0x6c, 0x74, 0x68, 0x43, 0x68, 0x65, 0x63, 0x6b, 0x2e, 0x52, 0x65, 0x64,
+	0x69, 0x73, 0x48, 0x65, 0x61, 0x6c, 0x74, 0x68, 0x43, 0x68, 0x65, 0x63, 0x6b, 0x1a, 0x95, 0x01,
+	0x0a, 0x0f, 0x47, 0x72, 0x70, 0x63, 0x48, 0x65, 0x61, 0x6c, 0x74, 0x68, 0x43, 0x68, 0x65, 0x63,
+	0x6b, 0x12, 0x21, 0x0a, 0x0c, 0x73, 0x65, 0x72, 0x76, 0x69, 0x63, 0x65, 0x5f, 0x6e, 0x61, 0x6d,
+	0x65, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x0b, 0x73, 0x65, 0x72, 0x76, 0x69, 0x63, 0x65,
+	0x4e, 0x61, 0x6d, 0x65, 0x12, 0x29, 0x0a, 0x09, 0x61, 0x75, 0x74, 0x68, 0x6f, 0x72, 0x69, 0x74,
+	0x79, 0x18, 0x02, 0x20, 0x01, 0x28, 0x09, 0x42, 0x0b, 0xfa, 0x42, 0x08, 0x72, 0x06, 0xc0, 0x01,
+	0x02, 0xc8, 0x01, 0x00, 0x52, 0x09, 0x61, 0x75, 0x74, 0x68, 0x6f, 0x72, 0x69, 0x74, 0x79, 0x3a,
+	0x34, 0x9a, 0xc5, 0x88, 0x1e, 0x2f, 0x0a, 0x2d, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61, 0x70,
+	0x69, 0x2e, 0x76, 0x32, 0x2e, 0x63, 0x6f, 0x72, 0x65, 0x2e, 0x48, 0x65, 0x61, 0x6c, 0x74, 0x68,
+	0x43, 0x68, 0x65, 0x63, 0x6b, 0x2e, 0x47, 0x72, 0x70, 0x63, 0x48, 0x65, 0x61, 0x6c, 0x74, 0x68,
+	0x43, 0x68, 0x65, 0x63, 0x6b, 0x1a, 0xc0, 0x01, 0x0a, 0x11, 0x43, 0x75, 0x73, 0x74, 0x6f, 0x6d,
+	0x48, 0x65, 0x61, 0x6c, 0x74, 0x68, 0x43, 0x68, 0x65, 0x63, 0x6b, 0x12, 0x1b, 0x0a, 0x04, 0x6e,
+	0x61, 0x6d, 0x65, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x42, 0x07, 0xfa, 0x42, 0x04, 0x72, 0x02,
+	0x10, 0x01, 0x52, 0x04, 0x6e, 0x61, 0x6d, 0x65, 0x12, 0x39, 0x0a, 0x0c, 0x74, 0x79, 0x70, 0x65,
+	0x64, 0x5f, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x18, 0x03, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x14,
+	0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66,
+	0x2e, 0x41, 0x6e, 0x79, 0x48, 0x00, 0x52, 0x0b, 0x74, 0x79, 0x70, 0x65, 0x64, 0x43, 0x6f, 0x6e,
+	0x66, 0x69, 0x67, 0x3a, 0x36, 0x9a, 0xc5, 0x88, 0x1e, 0x31, 0x0a, 0x2f, 0x65, 0x6e, 0x76, 0x6f,
+	0x79, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x76, 0x32, 0x2e, 0x63, 0x6f, 0x72, 0x65, 0x2e, 0x48, 0x65,
+	0x61, 0x6c, 0x74, 0x68, 0x43, 0x68, 0x65, 0x63, 0x6b, 0x2e, 0x43, 0x75, 0x73, 0x74, 0x6f, 0x6d,
+	0x48, 0x65, 0x61, 0x6c, 0x74, 0x68, 0x43, 0x68, 0x65, 0x63, 0x6b, 0x42, 0x0d, 0x0a, 0x0b, 0x63,
+	0x6f, 0x6e, 0x66, 0x69, 0x67, 0x5f, 0x74, 0x79, 0x70, 0x65, 0x4a, 0x04, 0x08, 0x02, 0x10, 0x03,
+	0x52, 0x06, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x1a, 0x64, 0x0a, 0x0a, 0x54, 0x6c, 0x73, 0x4f,
+	0x70, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x12, 0x25, 0x0a, 0x0e, 0x61, 0x6c, 0x70, 0x6e, 0x5f, 0x70,
+	0x72, 0x6f, 0x74, 0x6f, 0x63, 0x6f, 0x6c, 0x73, 0x18, 0x01, 0x20, 0x03, 0x28, 0x09, 0x52, 0x0d,
+	0x61, 0x6c, 0x70, 0x6e, 0x50, 0x72, 0x6f, 0x74, 0x6f, 0x63, 0x6f, 0x6c, 0x73, 0x3a, 0x2f, 0x9a,
+	0xc5, 0x88, 0x1e, 0x2a, 0x0a, 0x28, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61, 0x70, 0x69, 0x2e,
+	0x76, 0x32, 0x2e, 0x63, 0x6f, 0x72, 0x65, 0x2e, 0x48, 0x65, 0x61, 0x6c, 0x74, 0x68, 0x43, 0x68,
+	0x65, 0x63, 0x6b, 0x2e, 0x54, 0x6c, 0x73, 0x4f, 0x70, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x3a, 0x24,
+	0x9a, 0xc5, 0x88, 0x1e, 0x1f, 0x0a, 0x1d, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61, 0x70, 0x69,
+	0x2e, 0x76, 0x32, 0x2e, 0x63, 0x6f, 0x72, 0x65, 0x2e, 0x48, 0x65, 0x61, 0x6c, 0x74, 0x68, 0x43,
+	0x68, 0x65, 0x63, 0x6b, 0x42, 0x15, 0x0a, 0x0e, 0x68, 0x65, 0x61, 0x6c, 0x74, 0x68, 0x5f, 0x63,
+	0x68, 0x65, 0x63, 0x6b, 0x65, 0x72, 0x12, 0x03, 0xf8, 0x42, 0x01, 0x4a, 0x04, 0x08, 0x0a, 0x10,
+	0x0b, 0x2a, 0x60, 0x0a, 0x0c, 0x48, 0x65, 0x61, 0x6c, 0x74, 0x68, 0x53, 0x74, 0x61, 0x74, 0x75,
+	0x73, 0x12, 0x0b, 0x0a, 0x07, 0x55, 0x4e, 0x4b, 0x4e, 0x4f, 0x57, 0x4e, 0x10, 0x00, 0x12, 0x0b,
+	0x0a, 0x07, 0x48, 0x45, 0x41, 0x4c, 0x54, 0x48, 0x59, 0x10, 0x01, 0x12, 0x0d, 0x0a, 0x09, 0x55,
+	0x4e, 0x48, 0x45, 0x41, 0x4c, 0x54, 0x48, 0x59, 0x10, 0x02, 0x12, 0x0c, 0x0a, 0x08, 0x44, 0x52,
+	0x41, 0x49, 0x4e, 0x49, 0x4e, 0x47, 0x10, 0x03, 0x12, 0x0b, 0x0a, 0x07, 0x54, 0x49, 0x4d, 0x45,
+	0x4f, 0x55, 0x54, 0x10, 0x04, 0x12, 0x0c, 0x0a, 0x08, 0x44, 0x45, 0x47, 0x52, 0x41, 0x44, 0x45,
+	0x44, 0x10, 0x05, 0x42, 0x40, 0x0a, 0x22, 0x69, 0x6f, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x70,
+	0x72, 0x6f, 0x78, 0x79, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69,
+	0x67, 0x2e, 0x63, 0x6f, 0x72, 0x65, 0x2e, 0x76, 0x33, 0x42, 0x10, 0x48, 0x65, 0x61, 0x6c, 0x74,
+	0x68, 0x43, 0x68, 0x65, 0x63, 0x6b, 0x50, 0x72, 0x6f, 0x74, 0x6f, 0x50, 0x01, 0xba, 0x80, 0xc8,
+	0xd1, 0x06, 0x02, 0x10, 0x02, 0x62, 0x06, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x33,
+}
+
+var (
+	file_envoy_config_core_v3_health_check_proto_rawDescOnce sync.Once
+	file_envoy_config_core_v3_health_check_proto_rawDescData = file_envoy_config_core_v3_health_check_proto_rawDesc
+)
+
+func file_envoy_config_core_v3_health_check_proto_rawDescGZIP() []byte {
+	file_envoy_config_core_v3_health_check_proto_rawDescOnce.Do(func() {
+		file_envoy_config_core_v3_health_check_proto_rawDescData = protoimpl.X.CompressGZIP(file_envoy_config_core_v3_health_check_proto_rawDescData)
+	})
+	return file_envoy_config_core_v3_health_check_proto_rawDescData
+}
+
+var file_envoy_config_core_v3_health_check_proto_enumTypes = make([]protoimpl.EnumInfo, 1)
+var file_envoy_config_core_v3_health_check_proto_msgTypes = make([]protoimpl.MessageInfo, 8)
+var file_envoy_config_core_v3_health_check_proto_goTypes = []interface{}{
+	(HealthStatus)(0),                     // 0: envoy.config.core.v3.HealthStatus
+	(*HealthCheck)(nil),                   // 1: envoy.config.core.v3.HealthCheck
+	(*HealthCheck_Payload)(nil),           // 2: envoy.config.core.v3.HealthCheck.Payload
+	(*HealthCheck_HttpHealthCheck)(nil),   // 3: envoy.config.core.v3.HealthCheck.HttpHealthCheck
+	(*HealthCheck_TcpHealthCheck)(nil),    // 4: envoy.config.core.v3.HealthCheck.TcpHealthCheck
+	(*HealthCheck_RedisHealthCheck)(nil),  // 5: envoy.config.core.v3.HealthCheck.RedisHealthCheck
+	(*HealthCheck_GrpcHealthCheck)(nil),   // 6: envoy.config.core.v3.HealthCheck.GrpcHealthCheck
+	(*HealthCheck_CustomHealthCheck)(nil), // 7: envoy.config.core.v3.HealthCheck.CustomHealthCheck
+	(*HealthCheck_TlsOptions)(nil),        // 8: envoy.config.core.v3.HealthCheck.TlsOptions
+	(*duration.Duration)(nil),             // 9: google.protobuf.Duration
+	(*wrappers.UInt32Value)(nil),          // 10: google.protobuf.UInt32Value
+	(*wrappers.BoolValue)(nil),            // 11: google.protobuf.BoolValue
+	(*EventServiceConfig)(nil),            // 12: envoy.config.core.v3.EventServiceConfig
+	(*_struct.Struct)(nil),                // 13: google.protobuf.Struct
+	(*HeaderValueOption)(nil),             // 14: envoy.config.core.v3.HeaderValueOption
+	(*v3.Int64Range)(nil),                 // 15: envoy.type.v3.Int64Range
+	(v3.CodecClientType)(0),               // 16: envoy.type.v3.CodecClientType
+	(*v31.StringMatcher)(nil),             // 17: envoy.type.matcher.v3.StringMatcher
+	(*any.Any)(nil),                       // 18: google.protobuf.Any
+}
+var file_envoy_config_core_v3_health_check_proto_depIdxs = []int32{
+	9,  // 0: envoy.config.core.v3.HealthCheck.timeout:type_name -> google.protobuf.Duration
+	9,  // 1: envoy.config.core.v3.HealthCheck.interval:type_name -> google.protobuf.Duration
+	9,  // 2: envoy.config.core.v3.HealthCheck.initial_jitter:type_name -> google.protobuf.Duration
+	9,  // 3: envoy.config.core.v3.HealthCheck.interval_jitter:type_name -> google.protobuf.Duration
+	10, // 4: envoy.config.core.v3.HealthCheck.unhealthy_threshold:type_name -> google.protobuf.UInt32Value
+	10, // 5: envoy.config.core.v3.HealthCheck.healthy_threshold:type_name -> google.protobuf.UInt32Value
+	10, // 6: envoy.config.core.v3.HealthCheck.alt_port:type_name -> google.protobuf.UInt32Value
+	11, // 7: envoy.config.core.v3.HealthCheck.reuse_connection:type_name -> google.protobuf.BoolValue
+	3,  // 8: envoy.config.core.v3.HealthCheck.http_health_check:type_name -> envoy.config.core.v3.HealthCheck.HttpHealthCheck
+	4,  // 9: envoy.config.core.v3.HealthCheck.tcp_health_check:type_name -> envoy.config.core.v3.HealthCheck.TcpHealthCheck
+	6,  // 10: envoy.config.core.v3.HealthCheck.grpc_health_check:type_name -> envoy.config.core.v3.HealthCheck.GrpcHealthCheck
+	7,  // 11: envoy.config.core.v3.HealthCheck.custom_health_check:type_name -> envoy.config.core.v3.HealthCheck.CustomHealthCheck
+	9,  // 12: envoy.config.core.v3.HealthCheck.no_traffic_interval:type_name -> google.protobuf.Duration
+	9,  // 13: envoy.config.core.v3.HealthCheck.no_traffic_healthy_interval:type_name -> google.protobuf.Duration
+	9,  // 14: envoy.config.core.v3.HealthCheck.unhealthy_interval:type_name -> google.protobuf.Duration
+	9,  // 15: envoy.config.core.v3.HealthCheck.unhealthy_edge_interval:type_name -> google.protobuf.Duration
+	9,  // 16: envoy.config.core.v3.HealthCheck.healthy_edge_interval:type_name -> google.protobuf.Duration
+	12, // 17: envoy.config.core.v3.HealthCheck.event_service:type_name -> envoy.config.core.v3.EventServiceConfig
+	8,  // 18: envoy.config.core.v3.HealthCheck.tls_options:type_name -> envoy.config.core.v3.HealthCheck.TlsOptions
+	13, // 19: envoy.config.core.v3.HealthCheck.transport_socket_match_criteria:type_name -> google.protobuf.Struct
+	2,  // 20: envoy.config.core.v3.HealthCheck.HttpHealthCheck.send:type_name -> envoy.config.core.v3.HealthCheck.Payload
+	2,  // 21: envoy.config.core.v3.HealthCheck.HttpHealthCheck.receive:type_name -> envoy.config.core.v3.HealthCheck.Payload
+	14, // 22: envoy.config.core.v3.HealthCheck.HttpHealthCheck.request_headers_to_add:type_name -> envoy.config.core.v3.HeaderValueOption
+	15, // 23: envoy.config.core.v3.HealthCheck.HttpHealthCheck.expected_statuses:type_name -> envoy.type.v3.Int64Range
+	15, // 24: envoy.config.core.v3.HealthCheck.HttpHealthCheck.retriable_statuses:type_name -> envoy.type.v3.Int64Range
+	16, // 25: envoy.config.core.v3.HealthCheck.HttpHealthCheck.codec_client_type:type_name -> envoy.type.v3.CodecClientType
+	17, // 26: envoy.config.core.v3.HealthCheck.HttpHealthCheck.service_name_matcher:type_name -> envoy.type.matcher.v3.StringMatcher
+	2,  // 27: envoy.config.core.v3.HealthCheck.TcpHealthCheck.send:type_name -> envoy.config.core.v3.HealthCheck.Payload
+	2,  // 28: envoy.config.core.v3.HealthCheck.TcpHealthCheck.receive:type_name -> envoy.config.core.v3.HealthCheck.Payload
+	18, // 29: envoy.config.core.v3.HealthCheck.CustomHealthCheck.typed_config:type_name -> google.protobuf.Any
+	30, // [30:30] is the sub-list for method output_type
+	30, // [30:30] is the sub-list for method input_type
+	30, // [30:30] is the sub-list for extension type_name
+	30, // [30:30] is the sub-list for extension extendee
+	0,  // [0:30] is the sub-list for field type_name
+}
+
+func init() { file_envoy_config_core_v3_health_check_proto_init() }
+func file_envoy_config_core_v3_health_check_proto_init() {
+	if File_envoy_config_core_v3_health_check_proto != nil {
+		return
+	}
+	file_envoy_config_core_v3_base_proto_init()
+	file_envoy_config_core_v3_event_service_config_proto_init()
+	if !protoimpl.UnsafeEnabled {
+		file_envoy_config_core_v3_health_check_proto_msgTypes[0].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*HealthCheck); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_config_core_v3_health_check_proto_msgTypes[1].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*HealthCheck_Payload); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_config_core_v3_health_check_proto_msgTypes[2].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*HealthCheck_HttpHealthCheck); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_config_core_v3_health_check_proto_msgTypes[3].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*HealthCheck_TcpHealthCheck); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_config_core_v3_health_check_proto_msgTypes[4].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*HealthCheck_RedisHealthCheck); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_config_core_v3_health_check_proto_msgTypes[5].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*HealthCheck_GrpcHealthCheck); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_config_core_v3_health_check_proto_msgTypes[6].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*HealthCheck_CustomHealthCheck); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_config_core_v3_health_check_proto_msgTypes[7].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*HealthCheck_TlsOptions); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+	}
+	file_envoy_config_core_v3_health_check_proto_msgTypes[0].OneofWrappers = []interface{}{
+		(*HealthCheck_HttpHealthCheck_)(nil),
+		(*HealthCheck_TcpHealthCheck_)(nil),
+		(*HealthCheck_GrpcHealthCheck_)(nil),
+		(*HealthCheck_CustomHealthCheck_)(nil),
+	}
+	file_envoy_config_core_v3_health_check_proto_msgTypes[1].OneofWrappers = []interface{}{
+		(*HealthCheck_Payload_Text)(nil),
+		(*HealthCheck_Payload_Binary)(nil),
+	}
+	file_envoy_config_core_v3_health_check_proto_msgTypes[6].OneofWrappers = []interface{}{
+		(*HealthCheck_CustomHealthCheck_TypedConfig)(nil),
+	}
+	type x struct{}
+	out := protoimpl.TypeBuilder{
+		File: protoimpl.DescBuilder{
+			GoPackagePath: reflect.TypeOf(x{}).PkgPath(),
+			RawDescriptor: file_envoy_config_core_v3_health_check_proto_rawDesc,
+			NumEnums:      1,
+			NumMessages:   8,
+			NumExtensions: 0,
+			NumServices:   0,
+		},
+		GoTypes:           file_envoy_config_core_v3_health_check_proto_goTypes,
+		DependencyIndexes: file_envoy_config_core_v3_health_check_proto_depIdxs,
+		EnumInfos:         file_envoy_config_core_v3_health_check_proto_enumTypes,
+		MessageInfos:      file_envoy_config_core_v3_health_check_proto_msgTypes,
+	}.Build()
+	File_envoy_config_core_v3_health_check_proto = out.File
+	file_envoy_config_core_v3_health_check_proto_rawDesc = nil
+	file_envoy_config_core_v3_health_check_proto_goTypes = nil
+	file_envoy_config_core_v3_health_check_proto_depIdxs = nil
+}
diff --git a/vendor/github.com/envoyproxy/go-control-plane/envoy/config/core/v3/health_check.pb.validate.go b/vendor/github.com/envoyproxy/go-control-plane/envoy/config/core/v3/health_check.pb.validate.go
new file mode 100644
index 00000000000..1c5bd34c5c7
--- /dev/null
+++ b/vendor/github.com/envoyproxy/go-control-plane/envoy/config/core/v3/health_check.pb.validate.go
@@ -0,0 +1,1930 @@
+// Code generated by protoc-gen-validate. DO NOT EDIT.
+// source: envoy/config/core/v3/health_check.proto
+
+package envoy_config_core_v3
+
+import (
+	"bytes"
+	"errors"
+	"fmt"
+	"net"
+	"net/mail"
+	"net/url"
+	"regexp"
+	"sort"
+	"strings"
+	"time"
+	"unicode/utf8"
+
+	"google.golang.org/protobuf/types/known/anypb"
+
+	v3 "github.com/envoyproxy/go-control-plane/envoy/type/v3"
+)
+
+// ensure the imports are used
+var (
+	_ = bytes.MinRead
+	_ = errors.New("")
+	_ = fmt.Print
+	_ = utf8.UTFMax
+	_ = (*regexp.Regexp)(nil)
+	_ = (*strings.Reader)(nil)
+	_ = net.IPv4len
+	_ = time.Duration(0)
+	_ = (*url.URL)(nil)
+	_ = (*mail.Address)(nil)
+	_ = anypb.Any{}
+	_ = sort.Sort
+
+	_ = v3.CodecClientType(0)
+)
+
+// Validate checks the field values on HealthCheck with the rules defined in
+// the proto definition for this message. If any rules are violated, the first
+// error encountered is returned, or nil if there are no violations.
+func (m *HealthCheck) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on HealthCheck with the rules defined in
+// the proto definition for this message. If any rules are violated, the
+// result is a list of violation errors wrapped in HealthCheckMultiError, or
+// nil if none found.
+func (m *HealthCheck) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *HealthCheck) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	if m.GetTimeout() == nil {
+		err := HealthCheckValidationError{
+			field:  "Timeout",
+			reason: "value is required",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+	}
+
+	if d := m.GetTimeout(); d != nil {
+		dur, err := d.AsDuration(), d.CheckValid()
+		if err != nil {
+			err = HealthCheckValidationError{
+				field:  "Timeout",
+				reason: "value is not a valid duration",
+				cause:  err,
+			}
+			if !all {
+				return err
+			}
+			errors = append(errors, err)
+		} else {
+
+			gt := time.Duration(0*time.Second + 0*time.Nanosecond)
+
+			if dur <= gt {
+				err := HealthCheckValidationError{
+					field:  "Timeout",
+					reason: "value must be greater than 0s",
+				}
+				if !all {
+					return err
+				}
+				errors = append(errors, err)
+			}
+
+		}
+	}
+
+	if m.GetInterval() == nil {
+		err := HealthCheckValidationError{
+			field:  "Interval",
+			reason: "value is required",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+	}
+
+	if d := m.GetInterval(); d != nil {
+		dur, err := d.AsDuration(), d.CheckValid()
+		if err != nil {
+			err = HealthCheckValidationError{
+				field:  "Interval",
+				reason: "value is not a valid duration",
+				cause:  err,
+			}
+			if !all {
+				return err
+			}
+			errors = append(errors, err)
+		} else {
+
+			gt := time.Duration(0*time.Second + 0*time.Nanosecond)
+
+			if dur <= gt {
+				err := HealthCheckValidationError{
+					field:  "Interval",
+					reason: "value must be greater than 0s",
+				}
+				if !all {
+					return err
+				}
+				errors = append(errors, err)
+			}
+
+		}
+	}
+
+	if all {
+		switch v := interface{}(m.GetInitialJitter()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, HealthCheckValidationError{
+					field:  "InitialJitter",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, HealthCheckValidationError{
+					field:  "InitialJitter",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetInitialJitter()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return HealthCheckValidationError{
+				field:  "InitialJitter",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if all {
+		switch v := interface{}(m.GetIntervalJitter()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, HealthCheckValidationError{
+					field:  "IntervalJitter",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, HealthCheckValidationError{
+					field:  "IntervalJitter",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetIntervalJitter()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return HealthCheckValidationError{
+				field:  "IntervalJitter",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	// no validation rules for IntervalJitterPercent
+
+	if m.GetUnhealthyThreshold() == nil {
+		err := HealthCheckValidationError{
+			field:  "UnhealthyThreshold",
+			reason: "value is required",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+	}
+
+	if all {
+		switch v := interface{}(m.GetUnhealthyThreshold()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, HealthCheckValidationError{
+					field:  "UnhealthyThreshold",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, HealthCheckValidationError{
+					field:  "UnhealthyThreshold",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetUnhealthyThreshold()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return HealthCheckValidationError{
+				field:  "UnhealthyThreshold",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if m.GetHealthyThreshold() == nil {
+		err := HealthCheckValidationError{
+			field:  "HealthyThreshold",
+			reason: "value is required",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+	}
+
+	if all {
+		switch v := interface{}(m.GetHealthyThreshold()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, HealthCheckValidationError{
+					field:  "HealthyThreshold",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, HealthCheckValidationError{
+					field:  "HealthyThreshold",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetHealthyThreshold()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return HealthCheckValidationError{
+				field:  "HealthyThreshold",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if all {
+		switch v := interface{}(m.GetAltPort()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, HealthCheckValidationError{
+					field:  "AltPort",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, HealthCheckValidationError{
+					field:  "AltPort",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetAltPort()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return HealthCheckValidationError{
+				field:  "AltPort",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if all {
+		switch v := interface{}(m.GetReuseConnection()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, HealthCheckValidationError{
+					field:  "ReuseConnection",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, HealthCheckValidationError{
+					field:  "ReuseConnection",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetReuseConnection()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return HealthCheckValidationError{
+				field:  "ReuseConnection",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if d := m.GetNoTrafficInterval(); d != nil {
+		dur, err := d.AsDuration(), d.CheckValid()
+		if err != nil {
+			err = HealthCheckValidationError{
+				field:  "NoTrafficInterval",
+				reason: "value is not a valid duration",
+				cause:  err,
+			}
+			if !all {
+				return err
+			}
+			errors = append(errors, err)
+		} else {
+
+			gt := time.Duration(0*time.Second + 0*time.Nanosecond)
+
+			if dur <= gt {
+				err := HealthCheckValidationError{
+					field:  "NoTrafficInterval",
+					reason: "value must be greater than 0s",
+				}
+				if !all {
+					return err
+				}
+				errors = append(errors, err)
+			}
+
+		}
+	}
+
+	if d := m.GetNoTrafficHealthyInterval(); d != nil {
+		dur, err := d.AsDuration(), d.CheckValid()
+		if err != nil {
+			err = HealthCheckValidationError{
+				field:  "NoTrafficHealthyInterval",
+				reason: "value is not a valid duration",
+				cause:  err,
+			}
+			if !all {
+				return err
+			}
+			errors = append(errors, err)
+		} else {
+
+			gt := time.Duration(0*time.Second + 0*time.Nanosecond)
+
+			if dur <= gt {
+				err := HealthCheckValidationError{
+					field:  "NoTrafficHealthyInterval",
+					reason: "value must be greater than 0s",
+				}
+				if !all {
+					return err
+				}
+				errors = append(errors, err)
+			}
+
+		}
+	}
+
+	if d := m.GetUnhealthyInterval(); d != nil {
+		dur, err := d.AsDuration(), d.CheckValid()
+		if err != nil {
+			err = HealthCheckValidationError{
+				field:  "UnhealthyInterval",
+				reason: "value is not a valid duration",
+				cause:  err,
+			}
+			if !all {
+				return err
+			}
+			errors = append(errors, err)
+		} else {
+
+			gt := time.Duration(0*time.Second + 0*time.Nanosecond)
+
+			if dur <= gt {
+				err := HealthCheckValidationError{
+					field:  "UnhealthyInterval",
+					reason: "value must be greater than 0s",
+				}
+				if !all {
+					return err
+				}
+				errors = append(errors, err)
+			}
+
+		}
+	}
+
+	if d := m.GetUnhealthyEdgeInterval(); d != nil {
+		dur, err := d.AsDuration(), d.CheckValid()
+		if err != nil {
+			err = HealthCheckValidationError{
+				field:  "UnhealthyEdgeInterval",
+				reason: "value is not a valid duration",
+				cause:  err,
+			}
+			if !all {
+				return err
+			}
+			errors = append(errors, err)
+		} else {
+
+			gt := time.Duration(0*time.Second + 0*time.Nanosecond)
+
+			if dur <= gt {
+				err := HealthCheckValidationError{
+					field:  "UnhealthyEdgeInterval",
+					reason: "value must be greater than 0s",
+				}
+				if !all {
+					return err
+				}
+				errors = append(errors, err)
+			}
+
+		}
+	}
+
+	if d := m.GetHealthyEdgeInterval(); d != nil {
+		dur, err := d.AsDuration(), d.CheckValid()
+		if err != nil {
+			err = HealthCheckValidationError{
+				field:  "HealthyEdgeInterval",
+				reason: "value is not a valid duration",
+				cause:  err,
+			}
+			if !all {
+				return err
+			}
+			errors = append(errors, err)
+		} else {
+
+			gt := time.Duration(0*time.Second + 0*time.Nanosecond)
+
+			if dur <= gt {
+				err := HealthCheckValidationError{
+					field:  "HealthyEdgeInterval",
+					reason: "value must be greater than 0s",
+				}
+				if !all {
+					return err
+				}
+				errors = append(errors, err)
+			}
+
+		}
+	}
+
+	// no validation rules for EventLogPath
+
+	if all {
+		switch v := interface{}(m.GetEventService()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, HealthCheckValidationError{
+					field:  "EventService",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, HealthCheckValidationError{
+					field:  "EventService",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetEventService()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return HealthCheckValidationError{
+				field:  "EventService",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	// no validation rules for AlwaysLogHealthCheckFailures
+
+	if all {
+		switch v := interface{}(m.GetTlsOptions()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, HealthCheckValidationError{
+					field:  "TlsOptions",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, HealthCheckValidationError{
+					field:  "TlsOptions",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetTlsOptions()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return HealthCheckValidationError{
+				field:  "TlsOptions",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if all {
+		switch v := interface{}(m.GetTransportSocketMatchCriteria()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, HealthCheckValidationError{
+					field:  "TransportSocketMatchCriteria",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, HealthCheckValidationError{
+					field:  "TransportSocketMatchCriteria",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetTransportSocketMatchCriteria()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return HealthCheckValidationError{
+				field:  "TransportSocketMatchCriteria",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	switch m.HealthChecker.(type) {
+
+	case *HealthCheck_HttpHealthCheck_:
+
+		if all {
+			switch v := interface{}(m.GetHttpHealthCheck()).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, HealthCheckValidationError{
+						field:  "HttpHealthCheck",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, HealthCheckValidationError{
+						field:  "HttpHealthCheck",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(m.GetHttpHealthCheck()).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return HealthCheckValidationError{
+					field:  "HttpHealthCheck",
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	case *HealthCheck_TcpHealthCheck_:
+
+		if all {
+			switch v := interface{}(m.GetTcpHealthCheck()).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, HealthCheckValidationError{
+						field:  "TcpHealthCheck",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, HealthCheckValidationError{
+						field:  "TcpHealthCheck",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(m.GetTcpHealthCheck()).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return HealthCheckValidationError{
+					field:  "TcpHealthCheck",
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	case *HealthCheck_GrpcHealthCheck_:
+
+		if all {
+			switch v := interface{}(m.GetGrpcHealthCheck()).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, HealthCheckValidationError{
+						field:  "GrpcHealthCheck",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, HealthCheckValidationError{
+						field:  "GrpcHealthCheck",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(m.GetGrpcHealthCheck()).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return HealthCheckValidationError{
+					field:  "GrpcHealthCheck",
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	case *HealthCheck_CustomHealthCheck_:
+
+		if all {
+			switch v := interface{}(m.GetCustomHealthCheck()).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, HealthCheckValidationError{
+						field:  "CustomHealthCheck",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, HealthCheckValidationError{
+						field:  "CustomHealthCheck",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(m.GetCustomHealthCheck()).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return HealthCheckValidationError{
+					field:  "CustomHealthCheck",
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	default:
+		err := HealthCheckValidationError{
+			field:  "HealthChecker",
+			reason: "value is required",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+
+	}
+
+	if len(errors) > 0 {
+		return HealthCheckMultiError(errors)
+	}
+	return nil
+}
+
+// HealthCheckMultiError is an error wrapping multiple validation errors
+// returned by HealthCheck.ValidateAll() if the designated constraints aren't met.
+type HealthCheckMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m HealthCheckMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m HealthCheckMultiError) AllErrors() []error { return m }
+
+// HealthCheckValidationError is the validation error returned by
+// HealthCheck.Validate if the designated constraints aren't met.
+type HealthCheckValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e HealthCheckValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e HealthCheckValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e HealthCheckValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e HealthCheckValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e HealthCheckValidationError) ErrorName() string { return "HealthCheckValidationError" }
+
+// Error satisfies the builtin error interface
+func (e HealthCheckValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sHealthCheck.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = HealthCheckValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = HealthCheckValidationError{}
+
+// Validate checks the field values on HealthCheck_Payload with the rules
+// defined in the proto definition for this message. If any rules are
+// violated, the first error encountered is returned, or nil if there are no violations.
+func (m *HealthCheck_Payload) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on HealthCheck_Payload with the rules
+// defined in the proto definition for this message. If any rules are
+// violated, the result is a list of violation errors wrapped in
+// HealthCheck_PayloadMultiError, or nil if none found.
+func (m *HealthCheck_Payload) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *HealthCheck_Payload) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	switch m.Payload.(type) {
+
+	case *HealthCheck_Payload_Text:
+
+		if utf8.RuneCountInString(m.GetText()) < 1 {
+			err := HealthCheck_PayloadValidationError{
+				field:  "Text",
+				reason: "value length must be at least 1 runes",
+			}
+			if !all {
+				return err
+			}
+			errors = append(errors, err)
+		}
+
+	case *HealthCheck_Payload_Binary:
+		// no validation rules for Binary
+
+	default:
+		err := HealthCheck_PayloadValidationError{
+			field:  "Payload",
+			reason: "value is required",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+
+	}
+
+	if len(errors) > 0 {
+		return HealthCheck_PayloadMultiError(errors)
+	}
+	return nil
+}
+
+// HealthCheck_PayloadMultiError is an error wrapping multiple validation
+// errors returned by HealthCheck_Payload.ValidateAll() if the designated
+// constraints aren't met.
+type HealthCheck_PayloadMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m HealthCheck_PayloadMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m HealthCheck_PayloadMultiError) AllErrors() []error { return m }
+
+// HealthCheck_PayloadValidationError is the validation error returned by
+// HealthCheck_Payload.Validate if the designated constraints aren't met.
+type HealthCheck_PayloadValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e HealthCheck_PayloadValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e HealthCheck_PayloadValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e HealthCheck_PayloadValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e HealthCheck_PayloadValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e HealthCheck_PayloadValidationError) ErrorName() string {
+	return "HealthCheck_PayloadValidationError"
+}
+
+// Error satisfies the builtin error interface
+func (e HealthCheck_PayloadValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sHealthCheck_Payload.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = HealthCheck_PayloadValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = HealthCheck_PayloadValidationError{}
+
+// Validate checks the field values on HealthCheck_HttpHealthCheck with the
+// rules defined in the proto definition for this message. If any rules are
+// violated, the first error encountered is returned, or nil if there are no violations.
+func (m *HealthCheck_HttpHealthCheck) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on HealthCheck_HttpHealthCheck with the
+// rules defined in the proto definition for this message. If any rules are
+// violated, the result is a list of violation errors wrapped in
+// HealthCheck_HttpHealthCheckMultiError, or nil if none found.
+func (m *HealthCheck_HttpHealthCheck) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *HealthCheck_HttpHealthCheck) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	if !_HealthCheck_HttpHealthCheck_Host_Pattern.MatchString(m.GetHost()) {
+		err := HealthCheck_HttpHealthCheckValidationError{
+			field:  "Host",
+			reason: "value does not match regex pattern \"^[^\\x00\\n\\r]*$\"",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+	}
+
+	if utf8.RuneCountInString(m.GetPath()) < 1 {
+		err := HealthCheck_HttpHealthCheckValidationError{
+			field:  "Path",
+			reason: "value length must be at least 1 runes",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+	}
+
+	if !_HealthCheck_HttpHealthCheck_Path_Pattern.MatchString(m.GetPath()) {
+		err := HealthCheck_HttpHealthCheckValidationError{
+			field:  "Path",
+			reason: "value does not match regex pattern \"^[^\\x00\\n\\r]*$\"",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+	}
+
+	if all {
+		switch v := interface{}(m.GetSend()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, HealthCheck_HttpHealthCheckValidationError{
+					field:  "Send",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, HealthCheck_HttpHealthCheckValidationError{
+					field:  "Send",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetSend()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return HealthCheck_HttpHealthCheckValidationError{
+				field:  "Send",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if all {
+		switch v := interface{}(m.GetReceive()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, HealthCheck_HttpHealthCheckValidationError{
+					field:  "Receive",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, HealthCheck_HttpHealthCheckValidationError{
+					field:  "Receive",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetReceive()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return HealthCheck_HttpHealthCheckValidationError{
+				field:  "Receive",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if len(m.GetRequestHeadersToAdd()) > 1000 {
+		err := HealthCheck_HttpHealthCheckValidationError{
+			field:  "RequestHeadersToAdd",
+			reason: "value must contain no more than 1000 item(s)",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+	}
+
+	for idx, item := range m.GetRequestHeadersToAdd() {
+		_, _ = idx, item
+
+		if all {
+			switch v := interface{}(item).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, HealthCheck_HttpHealthCheckValidationError{
+						field:  fmt.Sprintf("RequestHeadersToAdd[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, HealthCheck_HttpHealthCheckValidationError{
+						field:  fmt.Sprintf("RequestHeadersToAdd[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(item).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return HealthCheck_HttpHealthCheckValidationError{
+					field:  fmt.Sprintf("RequestHeadersToAdd[%v]", idx),
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	}
+
+	for idx, item := range m.GetRequestHeadersToRemove() {
+		_, _ = idx, item
+
+		if !_HealthCheck_HttpHealthCheck_RequestHeadersToRemove_Pattern.MatchString(item) {
+			err := HealthCheck_HttpHealthCheckValidationError{
+				field:  fmt.Sprintf("RequestHeadersToRemove[%v]", idx),
+				reason: "value does not match regex pattern \"^[^\\x00\\n\\r]*$\"",
+			}
+			if !all {
+				return err
+			}
+			errors = append(errors, err)
+		}
+
+	}
+
+	for idx, item := range m.GetExpectedStatuses() {
+		_, _ = idx, item
+
+		if all {
+			switch v := interface{}(item).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, HealthCheck_HttpHealthCheckValidationError{
+						field:  fmt.Sprintf("ExpectedStatuses[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, HealthCheck_HttpHealthCheckValidationError{
+						field:  fmt.Sprintf("ExpectedStatuses[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(item).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return HealthCheck_HttpHealthCheckValidationError{
+					field:  fmt.Sprintf("ExpectedStatuses[%v]", idx),
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	}
+
+	for idx, item := range m.GetRetriableStatuses() {
+		_, _ = idx, item
+
+		if all {
+			switch v := interface{}(item).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, HealthCheck_HttpHealthCheckValidationError{
+						field:  fmt.Sprintf("RetriableStatuses[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, HealthCheck_HttpHealthCheckValidationError{
+						field:  fmt.Sprintf("RetriableStatuses[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(item).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return HealthCheck_HttpHealthCheckValidationError{
+					field:  fmt.Sprintf("RetriableStatuses[%v]", idx),
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	}
+
+	if _, ok := v3.CodecClientType_name[int32(m.GetCodecClientType())]; !ok {
+		err := HealthCheck_HttpHealthCheckValidationError{
+			field:  "CodecClientType",
+			reason: "value must be one of the defined enum values",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+	}
+
+	if all {
+		switch v := interface{}(m.GetServiceNameMatcher()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, HealthCheck_HttpHealthCheckValidationError{
+					field:  "ServiceNameMatcher",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, HealthCheck_HttpHealthCheckValidationError{
+					field:  "ServiceNameMatcher",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetServiceNameMatcher()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return HealthCheck_HttpHealthCheckValidationError{
+				field:  "ServiceNameMatcher",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if len(errors) > 0 {
+		return HealthCheck_HttpHealthCheckMultiError(errors)
+	}
+	return nil
+}
+
+// HealthCheck_HttpHealthCheckMultiError is an error wrapping multiple
+// validation errors returned by HealthCheck_HttpHealthCheck.ValidateAll() if
+// the designated constraints aren't met.
+type HealthCheck_HttpHealthCheckMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m HealthCheck_HttpHealthCheckMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m HealthCheck_HttpHealthCheckMultiError) AllErrors() []error { return m }
+
+// HealthCheck_HttpHealthCheckValidationError is the validation error returned
+// by HealthCheck_HttpHealthCheck.Validate if the designated constraints
+// aren't met.
+type HealthCheck_HttpHealthCheckValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e HealthCheck_HttpHealthCheckValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e HealthCheck_HttpHealthCheckValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e HealthCheck_HttpHealthCheckValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e HealthCheck_HttpHealthCheckValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e HealthCheck_HttpHealthCheckValidationError) ErrorName() string {
+	return "HealthCheck_HttpHealthCheckValidationError"
+}
+
+// Error satisfies the builtin error interface
+func (e HealthCheck_HttpHealthCheckValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sHealthCheck_HttpHealthCheck.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = HealthCheck_HttpHealthCheckValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = HealthCheck_HttpHealthCheckValidationError{}
+
+var _HealthCheck_HttpHealthCheck_Host_Pattern = regexp.MustCompile("^[^\x00\n\r]*$")
+
+var _HealthCheck_HttpHealthCheck_Path_Pattern = regexp.MustCompile("^[^\x00\n\r]*$")
+
+var _HealthCheck_HttpHealthCheck_RequestHeadersToRemove_Pattern = regexp.MustCompile("^[^\x00\n\r]*$")
+
+// Validate checks the field values on HealthCheck_TcpHealthCheck with the
+// rules defined in the proto definition for this message. If any rules are
+// violated, the first error encountered is returned, or nil if there are no violations.
+func (m *HealthCheck_TcpHealthCheck) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on HealthCheck_TcpHealthCheck with the
+// rules defined in the proto definition for this message. If any rules are
+// violated, the result is a list of violation errors wrapped in
+// HealthCheck_TcpHealthCheckMultiError, or nil if none found.
+func (m *HealthCheck_TcpHealthCheck) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *HealthCheck_TcpHealthCheck) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	if all {
+		switch v := interface{}(m.GetSend()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, HealthCheck_TcpHealthCheckValidationError{
+					field:  "Send",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, HealthCheck_TcpHealthCheckValidationError{
+					field:  "Send",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetSend()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return HealthCheck_TcpHealthCheckValidationError{
+				field:  "Send",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	for idx, item := range m.GetReceive() {
+		_, _ = idx, item
+
+		if all {
+			switch v := interface{}(item).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, HealthCheck_TcpHealthCheckValidationError{
+						field:  fmt.Sprintf("Receive[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, HealthCheck_TcpHealthCheckValidationError{
+						field:  fmt.Sprintf("Receive[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(item).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return HealthCheck_TcpHealthCheckValidationError{
+					field:  fmt.Sprintf("Receive[%v]", idx),
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	}
+
+	if len(errors) > 0 {
+		return HealthCheck_TcpHealthCheckMultiError(errors)
+	}
+	return nil
+}
+
+// HealthCheck_TcpHealthCheckMultiError is an error wrapping multiple
+// validation errors returned by HealthCheck_TcpHealthCheck.ValidateAll() if
+// the designated constraints aren't met.
+type HealthCheck_TcpHealthCheckMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m HealthCheck_TcpHealthCheckMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m HealthCheck_TcpHealthCheckMultiError) AllErrors() []error { return m }
+
+// HealthCheck_TcpHealthCheckValidationError is the validation error returned
+// by HealthCheck_TcpHealthCheck.Validate if the designated constraints aren't met.
+type HealthCheck_TcpHealthCheckValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e HealthCheck_TcpHealthCheckValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e HealthCheck_TcpHealthCheckValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e HealthCheck_TcpHealthCheckValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e HealthCheck_TcpHealthCheckValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e HealthCheck_TcpHealthCheckValidationError) ErrorName() string {
+	return "HealthCheck_TcpHealthCheckValidationError"
+}
+
+// Error satisfies the builtin error interface
+func (e HealthCheck_TcpHealthCheckValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sHealthCheck_TcpHealthCheck.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = HealthCheck_TcpHealthCheckValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = HealthCheck_TcpHealthCheckValidationError{}
+
+// Validate checks the field values on HealthCheck_RedisHealthCheck with the
+// rules defined in the proto definition for this message. If any rules are
+// violated, the first error encountered is returned, or nil if there are no violations.
+func (m *HealthCheck_RedisHealthCheck) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on HealthCheck_RedisHealthCheck with the
+// rules defined in the proto definition for this message. If any rules are
+// violated, the result is a list of violation errors wrapped in
+// HealthCheck_RedisHealthCheckMultiError, or nil if none found.
+func (m *HealthCheck_RedisHealthCheck) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *HealthCheck_RedisHealthCheck) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	// no validation rules for Key
+
+	if len(errors) > 0 {
+		return HealthCheck_RedisHealthCheckMultiError(errors)
+	}
+	return nil
+}
+
+// HealthCheck_RedisHealthCheckMultiError is an error wrapping multiple
+// validation errors returned by HealthCheck_RedisHealthCheck.ValidateAll() if
+// the designated constraints aren't met.
+type HealthCheck_RedisHealthCheckMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m HealthCheck_RedisHealthCheckMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m HealthCheck_RedisHealthCheckMultiError) AllErrors() []error { return m }
+
+// HealthCheck_RedisHealthCheckValidationError is the validation error returned
+// by HealthCheck_RedisHealthCheck.Validate if the designated constraints
+// aren't met.
+type HealthCheck_RedisHealthCheckValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e HealthCheck_RedisHealthCheckValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e HealthCheck_RedisHealthCheckValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e HealthCheck_RedisHealthCheckValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e HealthCheck_RedisHealthCheckValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e HealthCheck_RedisHealthCheckValidationError) ErrorName() string {
+	return "HealthCheck_RedisHealthCheckValidationError"
+}
+
+// Error satisfies the builtin error interface
+func (e HealthCheck_RedisHealthCheckValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sHealthCheck_RedisHealthCheck.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = HealthCheck_RedisHealthCheckValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = HealthCheck_RedisHealthCheckValidationError{}
+
+// Validate checks the field values on HealthCheck_GrpcHealthCheck with the
+// rules defined in the proto definition for this message. If any rules are
+// violated, the first error encountered is returned, or nil if there are no violations.
+func (m *HealthCheck_GrpcHealthCheck) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on HealthCheck_GrpcHealthCheck with the
+// rules defined in the proto definition for this message. If any rules are
+// violated, the result is a list of violation errors wrapped in
+// HealthCheck_GrpcHealthCheckMultiError, or nil if none found.
+func (m *HealthCheck_GrpcHealthCheck) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *HealthCheck_GrpcHealthCheck) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	// no validation rules for ServiceName
+
+	if !_HealthCheck_GrpcHealthCheck_Authority_Pattern.MatchString(m.GetAuthority()) {
+		err := HealthCheck_GrpcHealthCheckValidationError{
+			field:  "Authority",
+			reason: "value does not match regex pattern \"^[^\\x00\\n\\r]*$\"",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+	}
+
+	if len(errors) > 0 {
+		return HealthCheck_GrpcHealthCheckMultiError(errors)
+	}
+	return nil
+}
+
+// HealthCheck_GrpcHealthCheckMultiError is an error wrapping multiple
+// validation errors returned by HealthCheck_GrpcHealthCheck.ValidateAll() if
+// the designated constraints aren't met.
+type HealthCheck_GrpcHealthCheckMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m HealthCheck_GrpcHealthCheckMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m HealthCheck_GrpcHealthCheckMultiError) AllErrors() []error { return m }
+
+// HealthCheck_GrpcHealthCheckValidationError is the validation error returned
+// by HealthCheck_GrpcHealthCheck.Validate if the designated constraints
+// aren't met.
+type HealthCheck_GrpcHealthCheckValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e HealthCheck_GrpcHealthCheckValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e HealthCheck_GrpcHealthCheckValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e HealthCheck_GrpcHealthCheckValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e HealthCheck_GrpcHealthCheckValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e HealthCheck_GrpcHealthCheckValidationError) ErrorName() string {
+	return "HealthCheck_GrpcHealthCheckValidationError"
+}
+
+// Error satisfies the builtin error interface
+func (e HealthCheck_GrpcHealthCheckValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sHealthCheck_GrpcHealthCheck.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = HealthCheck_GrpcHealthCheckValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = HealthCheck_GrpcHealthCheckValidationError{}
+
+var _HealthCheck_GrpcHealthCheck_Authority_Pattern = regexp.MustCompile("^[^\x00\n\r]*$")
+
+// Validate checks the field values on HealthCheck_CustomHealthCheck with the
+// rules defined in the proto definition for this message. If any rules are
+// violated, the first error encountered is returned, or nil if there are no violations.
+func (m *HealthCheck_CustomHealthCheck) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on HealthCheck_CustomHealthCheck with
+// the rules defined in the proto definition for this message. If any rules
+// are violated, the result is a list of violation errors wrapped in
+// HealthCheck_CustomHealthCheckMultiError, or nil if none found.
+func (m *HealthCheck_CustomHealthCheck) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *HealthCheck_CustomHealthCheck) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	if utf8.RuneCountInString(m.GetName()) < 1 {
+		err := HealthCheck_CustomHealthCheckValidationError{
+			field:  "Name",
+			reason: "value length must be at least 1 runes",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+	}
+
+	switch m.ConfigType.(type) {
+
+	case *HealthCheck_CustomHealthCheck_TypedConfig:
+
+		if all {
+			switch v := interface{}(m.GetTypedConfig()).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, HealthCheck_CustomHealthCheckValidationError{
+						field:  "TypedConfig",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, HealthCheck_CustomHealthCheckValidationError{
+						field:  "TypedConfig",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(m.GetTypedConfig()).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return HealthCheck_CustomHealthCheckValidationError{
+					field:  "TypedConfig",
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	}
+
+	if len(errors) > 0 {
+		return HealthCheck_CustomHealthCheckMultiError(errors)
+	}
+	return nil
+}
+
+// HealthCheck_CustomHealthCheckMultiError is an error wrapping multiple
+// validation errors returned by HealthCheck_CustomHealthCheck.ValidateAll()
+// if the designated constraints aren't met.
+type HealthCheck_CustomHealthCheckMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m HealthCheck_CustomHealthCheckMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m HealthCheck_CustomHealthCheckMultiError) AllErrors() []error { return m }
+
+// HealthCheck_CustomHealthCheckValidationError is the validation error
+// returned by HealthCheck_CustomHealthCheck.Validate if the designated
+// constraints aren't met.
+type HealthCheck_CustomHealthCheckValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e HealthCheck_CustomHealthCheckValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e HealthCheck_CustomHealthCheckValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e HealthCheck_CustomHealthCheckValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e HealthCheck_CustomHealthCheckValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e HealthCheck_CustomHealthCheckValidationError) ErrorName() string {
+	return "HealthCheck_CustomHealthCheckValidationError"
+}
+
+// Error satisfies the builtin error interface
+func (e HealthCheck_CustomHealthCheckValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sHealthCheck_CustomHealthCheck.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = HealthCheck_CustomHealthCheckValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = HealthCheck_CustomHealthCheckValidationError{}
+
+// Validate checks the field values on HealthCheck_TlsOptions with the rules
+// defined in the proto definition for this message. If any rules are
+// violated, the first error encountered is returned, or nil if there are no violations.
+func (m *HealthCheck_TlsOptions) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on HealthCheck_TlsOptions with the rules
+// defined in the proto definition for this message. If any rules are
+// violated, the result is a list of violation errors wrapped in
+// HealthCheck_TlsOptionsMultiError, or nil if none found.
+func (m *HealthCheck_TlsOptions) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *HealthCheck_TlsOptions) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	if len(errors) > 0 {
+		return HealthCheck_TlsOptionsMultiError(errors)
+	}
+	return nil
+}
+
+// HealthCheck_TlsOptionsMultiError is an error wrapping multiple validation
+// errors returned by HealthCheck_TlsOptions.ValidateAll() if the designated
+// constraints aren't met.
+type HealthCheck_TlsOptionsMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m HealthCheck_TlsOptionsMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m HealthCheck_TlsOptionsMultiError) AllErrors() []error { return m }
+
+// HealthCheck_TlsOptionsValidationError is the validation error returned by
+// HealthCheck_TlsOptions.Validate if the designated constraints aren't met.
+type HealthCheck_TlsOptionsValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e HealthCheck_TlsOptionsValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e HealthCheck_TlsOptionsValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e HealthCheck_TlsOptionsValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e HealthCheck_TlsOptionsValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e HealthCheck_TlsOptionsValidationError) ErrorName() string {
+	return "HealthCheck_TlsOptionsValidationError"
+}
+
+// Error satisfies the builtin error interface
+func (e HealthCheck_TlsOptionsValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sHealthCheck_TlsOptions.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = HealthCheck_TlsOptionsValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = HealthCheck_TlsOptionsValidationError{}
diff --git a/vendor/github.com/envoyproxy/go-control-plane/envoy/config/core/v3/http_uri.pb.go b/vendor/github.com/envoyproxy/go-control-plane/envoy/config/core/v3/http_uri.pb.go
new file mode 100644
index 00000000000..0f56fe4934c
--- /dev/null
+++ b/vendor/github.com/envoyproxy/go-control-plane/envoy/config/core/v3/http_uri.pb.go
@@ -0,0 +1,237 @@
+// Code generated by protoc-gen-go. DO NOT EDIT.
+// versions:
+// 	protoc-gen-go v1.25.0
+// 	protoc        v3.19.1
+// source: envoy/config/core/v3/http_uri.proto
+
+package envoy_config_core_v3
+
+import (
+	_ "github.com/cncf/xds/go/udpa/annotations"
+	_ "github.com/envoyproxy/protoc-gen-validate/validate"
+	proto "github.com/golang/protobuf/proto"
+	duration "github.com/golang/protobuf/ptypes/duration"
+	protoreflect "google.golang.org/protobuf/reflect/protoreflect"
+	protoimpl "google.golang.org/protobuf/runtime/protoimpl"
+	reflect "reflect"
+	sync "sync"
+)
+
+const (
+	// Verify that this generated code is sufficiently up-to-date.
+	_ = protoimpl.EnforceVersion(20 - protoimpl.MinVersion)
+	// Verify that runtime/protoimpl is sufficiently up-to-date.
+	_ = protoimpl.EnforceVersion(protoimpl.MaxVersion - 20)
+)
+
+// This is a compile-time assertion that a sufficiently up-to-date version
+// of the legacy proto package is being used.
+const _ = proto.ProtoPackageIsVersion4
+
+// Envoy external URI descriptor
+type HttpUri struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// The HTTP server URI. It should be a full FQDN with protocol, host and path.
+	//
+	// Example:
+	//
+	// .. code-block:: yaml
+	//
+	//    uri: https://www.googleapis.com/oauth2/v1/certs
+	//
+	Uri string `protobuf:"bytes,1,opt,name=uri,proto3" json:"uri,omitempty"`
+	// Specify how `uri` is to be fetched. Today, this requires an explicit
+	// cluster, but in the future we may support dynamic cluster creation or
+	// inline DNS resolution. See `issue
+	// <https://github.com/envoyproxy/envoy/issues/1606>`_.
+	//
+	// Types that are assignable to HttpUpstreamType:
+	//	*HttpUri_Cluster
+	HttpUpstreamType isHttpUri_HttpUpstreamType `protobuf_oneof:"http_upstream_type"`
+	// Sets the maximum duration in milliseconds that a response can take to arrive upon request.
+	Timeout *duration.Duration `protobuf:"bytes,3,opt,name=timeout,proto3" json:"timeout,omitempty"`
+}
+
+func (x *HttpUri) Reset() {
+	*x = HttpUri{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_config_core_v3_http_uri_proto_msgTypes[0]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *HttpUri) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*HttpUri) ProtoMessage() {}
+
+func (x *HttpUri) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_config_core_v3_http_uri_proto_msgTypes[0]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use HttpUri.ProtoReflect.Descriptor instead.
+func (*HttpUri) Descriptor() ([]byte, []int) {
+	return file_envoy_config_core_v3_http_uri_proto_rawDescGZIP(), []int{0}
+}
+
+func (x *HttpUri) GetUri() string {
+	if x != nil {
+		return x.Uri
+	}
+	return ""
+}
+
+func (m *HttpUri) GetHttpUpstreamType() isHttpUri_HttpUpstreamType {
+	if m != nil {
+		return m.HttpUpstreamType
+	}
+	return nil
+}
+
+func (x *HttpUri) GetCluster() string {
+	if x, ok := x.GetHttpUpstreamType().(*HttpUri_Cluster); ok {
+		return x.Cluster
+	}
+	return ""
+}
+
+func (x *HttpUri) GetTimeout() *duration.Duration {
+	if x != nil {
+		return x.Timeout
+	}
+	return nil
+}
+
+type isHttpUri_HttpUpstreamType interface {
+	isHttpUri_HttpUpstreamType()
+}
+
+type HttpUri_Cluster struct {
+	// A cluster is created in the Envoy "cluster_manager" config
+	// section. This field specifies the cluster name.
+	//
+	// Example:
+	//
+	// .. code-block:: yaml
+	//
+	//    cluster: jwks_cluster
+	//
+	Cluster string `protobuf:"bytes,2,opt,name=cluster,proto3,oneof"`
+}
+
+func (*HttpUri_Cluster) isHttpUri_HttpUpstreamType() {}
+
+var File_envoy_config_core_v3_http_uri_proto protoreflect.FileDescriptor
+
+var file_envoy_config_core_v3_http_uri_proto_rawDesc = []byte{
+	0x0a, 0x23, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2f, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2f, 0x63,
+	0x6f, 0x72, 0x65, 0x2f, 0x76, 0x33, 0x2f, 0x68, 0x74, 0x74, 0x70, 0x5f, 0x75, 0x72, 0x69, 0x2e,
+	0x70, 0x72, 0x6f, 0x74, 0x6f, 0x12, 0x14, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e,
+	0x66, 0x69, 0x67, 0x2e, 0x63, 0x6f, 0x72, 0x65, 0x2e, 0x76, 0x33, 0x1a, 0x1e, 0x67, 0x6f, 0x6f,
+	0x67, 0x6c, 0x65, 0x2f, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2f, 0x64, 0x75, 0x72,
+	0x61, 0x74, 0x69, 0x6f, 0x6e, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x1d, 0x75, 0x64, 0x70,
+	0x61, 0x2f, 0x61, 0x6e, 0x6e, 0x6f, 0x74, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x2f, 0x73, 0x74,
+	0x61, 0x74, 0x75, 0x73, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x21, 0x75, 0x64, 0x70, 0x61,
+	0x2f, 0x61, 0x6e, 0x6e, 0x6f, 0x74, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x2f, 0x76, 0x65, 0x72,
+	0x73, 0x69, 0x6f, 0x6e, 0x69, 0x6e, 0x67, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x17, 0x76,
+	0x61, 0x6c, 0x69, 0x64, 0x61, 0x74, 0x65, 0x2f, 0x76, 0x61, 0x6c, 0x69, 0x64, 0x61, 0x74, 0x65,
+	0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x22, 0xc7, 0x01, 0x0a, 0x07, 0x48, 0x74, 0x74, 0x70, 0x55,
+	0x72, 0x69, 0x12, 0x19, 0x0a, 0x03, 0x75, 0x72, 0x69, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x42,
+	0x07, 0xfa, 0x42, 0x04, 0x72, 0x02, 0x10, 0x01, 0x52, 0x03, 0x75, 0x72, 0x69, 0x12, 0x23, 0x0a,
+	0x07, 0x63, 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0x18, 0x02, 0x20, 0x01, 0x28, 0x09, 0x42, 0x07,
+	0xfa, 0x42, 0x04, 0x72, 0x02, 0x10, 0x01, 0x48, 0x00, 0x52, 0x07, 0x63, 0x6c, 0x75, 0x73, 0x74,
+	0x65, 0x72, 0x12, 0x3f, 0x0a, 0x07, 0x74, 0x69, 0x6d, 0x65, 0x6f, 0x75, 0x74, 0x18, 0x03, 0x20,
+	0x01, 0x28, 0x0b, 0x32, 0x19, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f,
+	0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x44, 0x75, 0x72, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x42, 0x0a,
+	0xfa, 0x42, 0x07, 0xaa, 0x01, 0x04, 0x08, 0x01, 0x32, 0x00, 0x52, 0x07, 0x74, 0x69, 0x6d, 0x65,
+	0x6f, 0x75, 0x74, 0x3a, 0x20, 0x9a, 0xc5, 0x88, 0x1e, 0x1b, 0x0a, 0x19, 0x65, 0x6e, 0x76, 0x6f,
+	0x79, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x76, 0x32, 0x2e, 0x63, 0x6f, 0x72, 0x65, 0x2e, 0x48, 0x74,
+	0x74, 0x70, 0x55, 0x72, 0x69, 0x42, 0x19, 0x0a, 0x12, 0x68, 0x74, 0x74, 0x70, 0x5f, 0x75, 0x70,
+	0x73, 0x74, 0x72, 0x65, 0x61, 0x6d, 0x5f, 0x74, 0x79, 0x70, 0x65, 0x12, 0x03, 0xf8, 0x42, 0x01,
+	0x42, 0x3c, 0x0a, 0x22, 0x69, 0x6f, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x70, 0x72, 0x6f, 0x78,
+	0x79, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x63,
+	0x6f, 0x72, 0x65, 0x2e, 0x76, 0x33, 0x42, 0x0c, 0x48, 0x74, 0x74, 0x70, 0x55, 0x72, 0x69, 0x50,
+	0x72, 0x6f, 0x74, 0x6f, 0x50, 0x01, 0xba, 0x80, 0xc8, 0xd1, 0x06, 0x02, 0x10, 0x02, 0x62, 0x06,
+	0x70, 0x72, 0x6f, 0x74, 0x6f, 0x33,
+}
+
+var (
+	file_envoy_config_core_v3_http_uri_proto_rawDescOnce sync.Once
+	file_envoy_config_core_v3_http_uri_proto_rawDescData = file_envoy_config_core_v3_http_uri_proto_rawDesc
+)
+
+func file_envoy_config_core_v3_http_uri_proto_rawDescGZIP() []byte {
+	file_envoy_config_core_v3_http_uri_proto_rawDescOnce.Do(func() {
+		file_envoy_config_core_v3_http_uri_proto_rawDescData = protoimpl.X.CompressGZIP(file_envoy_config_core_v3_http_uri_proto_rawDescData)
+	})
+	return file_envoy_config_core_v3_http_uri_proto_rawDescData
+}
+
+var file_envoy_config_core_v3_http_uri_proto_msgTypes = make([]protoimpl.MessageInfo, 1)
+var file_envoy_config_core_v3_http_uri_proto_goTypes = []interface{}{
+	(*HttpUri)(nil),           // 0: envoy.config.core.v3.HttpUri
+	(*duration.Duration)(nil), // 1: google.protobuf.Duration
+}
+var file_envoy_config_core_v3_http_uri_proto_depIdxs = []int32{
+	1, // 0: envoy.config.core.v3.HttpUri.timeout:type_name -> google.protobuf.Duration
+	1, // [1:1] is the sub-list for method output_type
+	1, // [1:1] is the sub-list for method input_type
+	1, // [1:1] is the sub-list for extension type_name
+	1, // [1:1] is the sub-list for extension extendee
+	0, // [0:1] is the sub-list for field type_name
+}
+
+func init() { file_envoy_config_core_v3_http_uri_proto_init() }
+func file_envoy_config_core_v3_http_uri_proto_init() {
+	if File_envoy_config_core_v3_http_uri_proto != nil {
+		return
+	}
+	if !protoimpl.UnsafeEnabled {
+		file_envoy_config_core_v3_http_uri_proto_msgTypes[0].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*HttpUri); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+	}
+	file_envoy_config_core_v3_http_uri_proto_msgTypes[0].OneofWrappers = []interface{}{
+		(*HttpUri_Cluster)(nil),
+	}
+	type x struct{}
+	out := protoimpl.TypeBuilder{
+		File: protoimpl.DescBuilder{
+			GoPackagePath: reflect.TypeOf(x{}).PkgPath(),
+			RawDescriptor: file_envoy_config_core_v3_http_uri_proto_rawDesc,
+			NumEnums:      0,
+			NumMessages:   1,
+			NumExtensions: 0,
+			NumServices:   0,
+		},
+		GoTypes:           file_envoy_config_core_v3_http_uri_proto_goTypes,
+		DependencyIndexes: file_envoy_config_core_v3_http_uri_proto_depIdxs,
+		MessageInfos:      file_envoy_config_core_v3_http_uri_proto_msgTypes,
+	}.Build()
+	File_envoy_config_core_v3_http_uri_proto = out.File
+	file_envoy_config_core_v3_http_uri_proto_rawDesc = nil
+	file_envoy_config_core_v3_http_uri_proto_goTypes = nil
+	file_envoy_config_core_v3_http_uri_proto_depIdxs = nil
+}
diff --git a/vendor/github.com/envoyproxy/go-control-plane/envoy/config/core/v3/http_uri.pb.validate.go b/vendor/github.com/envoyproxy/go-control-plane/envoy/config/core/v3/http_uri.pb.validate.go
new file mode 100644
index 00000000000..1dd513f8700
--- /dev/null
+++ b/vendor/github.com/envoyproxy/go-control-plane/envoy/config/core/v3/http_uri.pb.validate.go
@@ -0,0 +1,212 @@
+// Code generated by protoc-gen-validate. DO NOT EDIT.
+// source: envoy/config/core/v3/http_uri.proto
+
+package envoy_config_core_v3
+
+import (
+	"bytes"
+	"errors"
+	"fmt"
+	"net"
+	"net/mail"
+	"net/url"
+	"regexp"
+	"sort"
+	"strings"
+	"time"
+	"unicode/utf8"
+
+	"google.golang.org/protobuf/types/known/anypb"
+)
+
+// ensure the imports are used
+var (
+	_ = bytes.MinRead
+	_ = errors.New("")
+	_ = fmt.Print
+	_ = utf8.UTFMax
+	_ = (*regexp.Regexp)(nil)
+	_ = (*strings.Reader)(nil)
+	_ = net.IPv4len
+	_ = time.Duration(0)
+	_ = (*url.URL)(nil)
+	_ = (*mail.Address)(nil)
+	_ = anypb.Any{}
+	_ = sort.Sort
+)
+
+// Validate checks the field values on HttpUri with the rules defined in the
+// proto definition for this message. If any rules are violated, the first
+// error encountered is returned, or nil if there are no violations.
+func (m *HttpUri) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on HttpUri with the rules defined in the
+// proto definition for this message. If any rules are violated, the result is
+// a list of violation errors wrapped in HttpUriMultiError, or nil if none found.
+func (m *HttpUri) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *HttpUri) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	if utf8.RuneCountInString(m.GetUri()) < 1 {
+		err := HttpUriValidationError{
+			field:  "Uri",
+			reason: "value length must be at least 1 runes",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+	}
+
+	if m.GetTimeout() == nil {
+		err := HttpUriValidationError{
+			field:  "Timeout",
+			reason: "value is required",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+	}
+
+	if d := m.GetTimeout(); d != nil {
+		dur, err := d.AsDuration(), d.CheckValid()
+		if err != nil {
+			err = HttpUriValidationError{
+				field:  "Timeout",
+				reason: "value is not a valid duration",
+				cause:  err,
+			}
+			if !all {
+				return err
+			}
+			errors = append(errors, err)
+		} else {
+
+			gte := time.Duration(0*time.Second + 0*time.Nanosecond)
+
+			if dur < gte {
+				err := HttpUriValidationError{
+					field:  "Timeout",
+					reason: "value must be greater than or equal to 0s",
+				}
+				if !all {
+					return err
+				}
+				errors = append(errors, err)
+			}
+
+		}
+	}
+
+	switch m.HttpUpstreamType.(type) {
+
+	case *HttpUri_Cluster:
+
+		if utf8.RuneCountInString(m.GetCluster()) < 1 {
+			err := HttpUriValidationError{
+				field:  "Cluster",
+				reason: "value length must be at least 1 runes",
+			}
+			if !all {
+				return err
+			}
+			errors = append(errors, err)
+		}
+
+	default:
+		err := HttpUriValidationError{
+			field:  "HttpUpstreamType",
+			reason: "value is required",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+
+	}
+
+	if len(errors) > 0 {
+		return HttpUriMultiError(errors)
+	}
+	return nil
+}
+
+// HttpUriMultiError is an error wrapping multiple validation errors returned
+// by HttpUri.ValidateAll() if the designated constraints aren't met.
+type HttpUriMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m HttpUriMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m HttpUriMultiError) AllErrors() []error { return m }
+
+// HttpUriValidationError is the validation error returned by HttpUri.Validate
+// if the designated constraints aren't met.
+type HttpUriValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e HttpUriValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e HttpUriValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e HttpUriValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e HttpUriValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e HttpUriValidationError) ErrorName() string { return "HttpUriValidationError" }
+
+// Error satisfies the builtin error interface
+func (e HttpUriValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sHttpUri.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = HttpUriValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = HttpUriValidationError{}
diff --git a/vendor/github.com/envoyproxy/go-control-plane/envoy/config/core/v3/protocol.pb.go b/vendor/github.com/envoyproxy/go-control-plane/envoy/config/core/v3/protocol.pb.go
new file mode 100644
index 00000000000..5cc4415ab85
--- /dev/null
+++ b/vendor/github.com/envoyproxy/go-control-plane/envoy/config/core/v3/protocol.pb.go
@@ -0,0 +1,2171 @@
+// Code generated by protoc-gen-go. DO NOT EDIT.
+// versions:
+// 	protoc-gen-go v1.25.0
+// 	protoc        v3.19.1
+// source: envoy/config/core/v3/protocol.proto
+
+package envoy_config_core_v3
+
+import (
+	_ "github.com/cncf/xds/go/udpa/annotations"
+	_ "github.com/cncf/xds/go/xds/annotations/v3"
+	_ "github.com/envoyproxy/go-control-plane/envoy/annotations"
+	v3 "github.com/envoyproxy/go-control-plane/envoy/type/v3"
+	_ "github.com/envoyproxy/protoc-gen-validate/validate"
+	proto "github.com/golang/protobuf/proto"
+	duration "github.com/golang/protobuf/ptypes/duration"
+	wrappers "github.com/golang/protobuf/ptypes/wrappers"
+	protoreflect "google.golang.org/protobuf/reflect/protoreflect"
+	protoimpl "google.golang.org/protobuf/runtime/protoimpl"
+	reflect "reflect"
+	sync "sync"
+)
+
+const (
+	// Verify that this generated code is sufficiently up-to-date.
+	_ = protoimpl.EnforceVersion(20 - protoimpl.MinVersion)
+	// Verify that runtime/protoimpl is sufficiently up-to-date.
+	_ = protoimpl.EnforceVersion(protoimpl.MaxVersion - 20)
+)
+
+// This is a compile-time assertion that a sufficiently up-to-date version
+// of the legacy proto package is being used.
+const _ = proto.ProtoPackageIsVersion4
+
+// Action to take when Envoy receives client request with header names containing underscore
+// characters.
+// Underscore character is allowed in header names by the RFC-7230 and this behavior is implemented
+// as a security measure due to systems that treat '_' and '-' as interchangeable. Envoy by default allows client request headers with underscore
+// characters.
+type HttpProtocolOptions_HeadersWithUnderscoresAction int32
+
+const (
+	// Allow headers with underscores. This is the default behavior.
+	HttpProtocolOptions_ALLOW HttpProtocolOptions_HeadersWithUnderscoresAction = 0
+	// Reject client request. HTTP/1 requests are rejected with the 400 status. HTTP/2 requests
+	// end with the stream reset. The "httpN.requests_rejected_with_underscores_in_headers" counter
+	// is incremented for each rejected request.
+	HttpProtocolOptions_REJECT_REQUEST HttpProtocolOptions_HeadersWithUnderscoresAction = 1
+	// Drop the header with name containing underscores. The header is dropped before the filter chain is
+	// invoked and as such filters will not see dropped headers. The
+	// "httpN.dropped_headers_with_underscores" is incremented for each dropped header.
+	HttpProtocolOptions_DROP_HEADER HttpProtocolOptions_HeadersWithUnderscoresAction = 2
+)
+
+// Enum value maps for HttpProtocolOptions_HeadersWithUnderscoresAction.
+var (
+	HttpProtocolOptions_HeadersWithUnderscoresAction_name = map[int32]string{
+		0: "ALLOW",
+		1: "REJECT_REQUEST",
+		2: "DROP_HEADER",
+	}
+	HttpProtocolOptions_HeadersWithUnderscoresAction_value = map[string]int32{
+		"ALLOW":          0,
+		"REJECT_REQUEST": 1,
+		"DROP_HEADER":    2,
+	}
+)
+
+func (x HttpProtocolOptions_HeadersWithUnderscoresAction) Enum() *HttpProtocolOptions_HeadersWithUnderscoresAction {
+	p := new(HttpProtocolOptions_HeadersWithUnderscoresAction)
+	*p = x
+	return p
+}
+
+func (x HttpProtocolOptions_HeadersWithUnderscoresAction) String() string {
+	return protoimpl.X.EnumStringOf(x.Descriptor(), protoreflect.EnumNumber(x))
+}
+
+func (HttpProtocolOptions_HeadersWithUnderscoresAction) Descriptor() protoreflect.EnumDescriptor {
+	return file_envoy_config_core_v3_protocol_proto_enumTypes[0].Descriptor()
+}
+
+func (HttpProtocolOptions_HeadersWithUnderscoresAction) Type() protoreflect.EnumType {
+	return &file_envoy_config_core_v3_protocol_proto_enumTypes[0]
+}
+
+func (x HttpProtocolOptions_HeadersWithUnderscoresAction) Number() protoreflect.EnumNumber {
+	return protoreflect.EnumNumber(x)
+}
+
+// Deprecated: Use HttpProtocolOptions_HeadersWithUnderscoresAction.Descriptor instead.
+func (HttpProtocolOptions_HeadersWithUnderscoresAction) EnumDescriptor() ([]byte, []int) {
+	return file_envoy_config_core_v3_protocol_proto_rawDescGZIP(), []int{5, 0}
+}
+
+// [#not-implemented-hide:]
+type TcpProtocolOptions struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+}
+
+func (x *TcpProtocolOptions) Reset() {
+	*x = TcpProtocolOptions{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_config_core_v3_protocol_proto_msgTypes[0]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *TcpProtocolOptions) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*TcpProtocolOptions) ProtoMessage() {}
+
+func (x *TcpProtocolOptions) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_config_core_v3_protocol_proto_msgTypes[0]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use TcpProtocolOptions.ProtoReflect.Descriptor instead.
+func (*TcpProtocolOptions) Descriptor() ([]byte, []int) {
+	return file_envoy_config_core_v3_protocol_proto_rawDescGZIP(), []int{0}
+}
+
+// Config for keepalive probes in a QUIC connection.
+// Note that QUIC keep-alive probing packets work differently from HTTP/2 keep-alive PINGs in a sense that the probing packet
+// itself doesn't timeout waiting for a probing response. Quic has a shorter idle timeout than TCP, so it doesn't rely on such probing to discover dead connections. If the peer fails to respond, the connection will idle timeout eventually. Thus, they are configured differently from :ref:`connection_keepalive <envoy_v3_api_field_config.core.v3.Http2ProtocolOptions.connection_keepalive>`.
+type QuicKeepAliveSettings struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// The max interval for a connection to send keep-alive probing packets (with PING or PATH_RESPONSE). The value should be smaller than :ref:`connection idle_timeout <envoy_v3_api_field_config.listener.v3.QuicProtocolOptions.idle_timeout>` to prevent idle timeout while not less than 1s to avoid throttling the connection or flooding the peer with probes.
+	//
+	// If :ref:`initial_interval <envoy_v3_api_field_config.core.v3.QuicKeepAliveSettings.initial_interval>` is absent or zero, a client connection will use this value to start probing.
+	//
+	// If zero, disable keepalive probing.
+	// If absent, use the QUICHE default interval to probe.
+	MaxInterval *duration.Duration `protobuf:"bytes,1,opt,name=max_interval,json=maxInterval,proto3" json:"max_interval,omitempty"`
+	// The interval to send the first few keep-alive probing packets to prevent connection from hitting the idle timeout. Subsequent probes will be sent, each one with an interval exponentially longer than previous one, till it reaches :ref:`max_interval <envoy_v3_api_field_config.core.v3.QuicKeepAliveSettings.max_interval>`. And the probes afterwards will always use :ref:`max_interval <envoy_v3_api_field_config.core.v3.QuicKeepAliveSettings.max_interval>`.
+	//
+	// The value should be smaller than :ref:`connection idle_timeout <envoy_v3_api_field_config.listener.v3.QuicProtocolOptions.idle_timeout>` to prevent idle timeout and smaller than max_interval to take effect.
+	//
+	// If absent or zero, disable keepalive probing for a server connection. For a client connection, if :ref:`max_interval <envoy_v3_api_field_config.core.v3.QuicKeepAliveSettings.max_interval>`  is also zero, do not keepalive, otherwise use max_interval or QUICHE default to probe all the time.
+	InitialInterval *duration.Duration `protobuf:"bytes,2,opt,name=initial_interval,json=initialInterval,proto3" json:"initial_interval,omitempty"`
+}
+
+func (x *QuicKeepAliveSettings) Reset() {
+	*x = QuicKeepAliveSettings{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_config_core_v3_protocol_proto_msgTypes[1]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *QuicKeepAliveSettings) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*QuicKeepAliveSettings) ProtoMessage() {}
+
+func (x *QuicKeepAliveSettings) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_config_core_v3_protocol_proto_msgTypes[1]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use QuicKeepAliveSettings.ProtoReflect.Descriptor instead.
+func (*QuicKeepAliveSettings) Descriptor() ([]byte, []int) {
+	return file_envoy_config_core_v3_protocol_proto_rawDescGZIP(), []int{1}
+}
+
+func (x *QuicKeepAliveSettings) GetMaxInterval() *duration.Duration {
+	if x != nil {
+		return x.MaxInterval
+	}
+	return nil
+}
+
+func (x *QuicKeepAliveSettings) GetInitialInterval() *duration.Duration {
+	if x != nil {
+		return x.InitialInterval
+	}
+	return nil
+}
+
+// QUIC protocol options which apply to both downstream and upstream connections.
+// [#next-free-field: 6]
+type QuicProtocolOptions struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// Maximum number of streams that the client can negotiate per connection. 100
+	// if not specified.
+	MaxConcurrentStreams *wrappers.UInt32Value `protobuf:"bytes,1,opt,name=max_concurrent_streams,json=maxConcurrentStreams,proto3" json:"max_concurrent_streams,omitempty"`
+	// `Initial stream-level flow-control receive window
+	// <https://tools.ietf.org/html/draft-ietf-quic-transport-34#section-4.1>`_ size. Valid values range from
+	// 1 to 16777216 (2^24, maximum supported by QUICHE) and defaults to 65536 (2^16).
+	//
+	// NOTE: 16384 (2^14) is the minimum window size supported in Google QUIC. If configured smaller than it, we will use 16384 instead.
+	// QUICHE IETF Quic implementation supports 1 bytes window. We only support increasing the default window size now, so it's also the minimum.
+	//
+	// This field also acts as a soft limit on the number of bytes Envoy will buffer per-stream in the
+	// QUIC stream send and receive buffers. Once the buffer reaches this pointer, watermark callbacks will fire to
+	// stop the flow of data to the stream buffers.
+	InitialStreamWindowSize *wrappers.UInt32Value `protobuf:"bytes,2,opt,name=initial_stream_window_size,json=initialStreamWindowSize,proto3" json:"initial_stream_window_size,omitempty"`
+	// Similar to *initial_stream_window_size*, but for connection-level
+	// flow-control. Valid values rage from 1 to 25165824 (24MB, maximum supported by QUICHE) and defaults to 65536 (2^16).
+	// window. Currently, this has the same minimum/default as *initial_stream_window_size*.
+	//
+	// NOTE: 16384 (2^14) is the minimum window size supported in Google QUIC. We only support increasing the default
+	// window size now, so it's also the minimum.
+	InitialConnectionWindowSize *wrappers.UInt32Value `protobuf:"bytes,3,opt,name=initial_connection_window_size,json=initialConnectionWindowSize,proto3" json:"initial_connection_window_size,omitempty"`
+	// The number of timeouts that can occur before port migration is triggered for QUIC clients.
+	// This defaults to 1. If set to 0, port migration will not occur on path degrading.
+	// Timeout here refers to QUIC internal path degrading timeout mechanism, such as PTO.
+	// This has no effect on server sessions.
+	NumTimeoutsToTriggerPortMigration *wrappers.UInt32Value `protobuf:"bytes,4,opt,name=num_timeouts_to_trigger_port_migration,json=numTimeoutsToTriggerPortMigration,proto3" json:"num_timeouts_to_trigger_port_migration,omitempty"`
+	// Probes the peer at the configured interval to solicit traffic, i.e. ACK or PATH_RESPONSE, from the peer to push back connection idle timeout.
+	// If absent, use the default keepalive behavior of which a client connection sends PINGs every 15s, and a server connection doesn't do anything.
+	ConnectionKeepalive *QuicKeepAliveSettings `protobuf:"bytes,5,opt,name=connection_keepalive,json=connectionKeepalive,proto3" json:"connection_keepalive,omitempty"`
+}
+
+func (x *QuicProtocolOptions) Reset() {
+	*x = QuicProtocolOptions{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_config_core_v3_protocol_proto_msgTypes[2]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *QuicProtocolOptions) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*QuicProtocolOptions) ProtoMessage() {}
+
+func (x *QuicProtocolOptions) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_config_core_v3_protocol_proto_msgTypes[2]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use QuicProtocolOptions.ProtoReflect.Descriptor instead.
+func (*QuicProtocolOptions) Descriptor() ([]byte, []int) {
+	return file_envoy_config_core_v3_protocol_proto_rawDescGZIP(), []int{2}
+}
+
+func (x *QuicProtocolOptions) GetMaxConcurrentStreams() *wrappers.UInt32Value {
+	if x != nil {
+		return x.MaxConcurrentStreams
+	}
+	return nil
+}
+
+func (x *QuicProtocolOptions) GetInitialStreamWindowSize() *wrappers.UInt32Value {
+	if x != nil {
+		return x.InitialStreamWindowSize
+	}
+	return nil
+}
+
+func (x *QuicProtocolOptions) GetInitialConnectionWindowSize() *wrappers.UInt32Value {
+	if x != nil {
+		return x.InitialConnectionWindowSize
+	}
+	return nil
+}
+
+func (x *QuicProtocolOptions) GetNumTimeoutsToTriggerPortMigration() *wrappers.UInt32Value {
+	if x != nil {
+		return x.NumTimeoutsToTriggerPortMigration
+	}
+	return nil
+}
+
+func (x *QuicProtocolOptions) GetConnectionKeepalive() *QuicKeepAliveSettings {
+	if x != nil {
+		return x.ConnectionKeepalive
+	}
+	return nil
+}
+
+type UpstreamHttpProtocolOptions struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// Set transport socket `SNI <https://en.wikipedia.org/wiki/Server_Name_Indication>`_ for new
+	// upstream connections based on the downstream HTTP host/authority header or any other arbitrary
+	// header when :ref:`override_auto_sni_header <envoy_v3_api_field_config.core.v3.UpstreamHttpProtocolOptions.override_auto_sni_header>`
+	// is set, as seen by the :ref:`router filter <config_http_filters_router>`.
+	AutoSni bool `protobuf:"varint,1,opt,name=auto_sni,json=autoSni,proto3" json:"auto_sni,omitempty"`
+	// Automatic validate upstream presented certificate for new upstream connections based on the
+	// downstream HTTP host/authority header or any other arbitrary header when :ref:`override_auto_sni_header <envoy_v3_api_field_config.core.v3.UpstreamHttpProtocolOptions.override_auto_sni_header>`
+	// is set, as seen by the :ref:`router filter <config_http_filters_router>`.
+	// This field is intended to be set with `auto_sni` field.
+	AutoSanValidation bool `protobuf:"varint,2,opt,name=auto_san_validation,json=autoSanValidation,proto3" json:"auto_san_validation,omitempty"`
+	// An optional alternative to the host/authority header to be used for setting the SNI value.
+	// It should be a valid downstream HTTP header, as seen by the
+	// :ref:`router filter <config_http_filters_router>`.
+	// If unset, host/authority header will be used for populating the SNI. If the specified header
+	// is not found or the value is empty, host/authority header will be used instead.
+	// This field is intended to be set with `auto_sni` and/or `auto_san_validation` fields.
+	// If none of these fields are set then setting this would be a no-op.
+	OverrideAutoSniHeader string `protobuf:"bytes,3,opt,name=override_auto_sni_header,json=overrideAutoSniHeader,proto3" json:"override_auto_sni_header,omitempty"`
+}
+
+func (x *UpstreamHttpProtocolOptions) Reset() {
+	*x = UpstreamHttpProtocolOptions{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_config_core_v3_protocol_proto_msgTypes[3]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *UpstreamHttpProtocolOptions) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*UpstreamHttpProtocolOptions) ProtoMessage() {}
+
+func (x *UpstreamHttpProtocolOptions) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_config_core_v3_protocol_proto_msgTypes[3]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use UpstreamHttpProtocolOptions.ProtoReflect.Descriptor instead.
+func (*UpstreamHttpProtocolOptions) Descriptor() ([]byte, []int) {
+	return file_envoy_config_core_v3_protocol_proto_rawDescGZIP(), []int{3}
+}
+
+func (x *UpstreamHttpProtocolOptions) GetAutoSni() bool {
+	if x != nil {
+		return x.AutoSni
+	}
+	return false
+}
+
+func (x *UpstreamHttpProtocolOptions) GetAutoSanValidation() bool {
+	if x != nil {
+		return x.AutoSanValidation
+	}
+	return false
+}
+
+func (x *UpstreamHttpProtocolOptions) GetOverrideAutoSniHeader() string {
+	if x != nil {
+		return x.OverrideAutoSniHeader
+	}
+	return ""
+}
+
+// Configures the alternate protocols cache which tracks alternate protocols that can be used to
+// make an HTTP connection to an origin server. See https://tools.ietf.org/html/rfc7838 for
+// HTTP Alternative Services and https://datatracker.ietf.org/doc/html/draft-ietf-dnsop-svcb-https-04
+// for the "HTTPS" DNS resource record.
+type AlternateProtocolsCacheOptions struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// The name of the cache. Multiple named caches allow independent alternate protocols cache
+	// configurations to operate within a single Envoy process using different configurations. All
+	// alternate protocols cache options with the same name *must* be equal in all fields when
+	// referenced from different configuration components. Configuration will fail to load if this is
+	// not the case.
+	Name string `protobuf:"bytes,1,opt,name=name,proto3" json:"name,omitempty"`
+	// The maximum number of entries that the cache will hold. If not specified defaults to 1024.
+	//
+	// .. note:
+	//
+	//   The implementation is approximate and enforced independently on each worker thread, thus
+	//   it is possible for the maximum entries in the cache to go slightly above the configured
+	//   value depending on timing. This is similar to how other circuit breakers work.
+	MaxEntries *wrappers.UInt32Value `protobuf:"bytes,2,opt,name=max_entries,json=maxEntries,proto3" json:"max_entries,omitempty"`
+	// Allows configuring a persistent
+	// :ref:`key value store <envoy_v3_api_msg_config.common.key_value.v3.KeyValueStoreConfig>` to flush
+	// alternate protocols entries to disk.
+	// This function is currently only supported if concurrency is 1
+	KeyValueStoreConfig *TypedExtensionConfig `protobuf:"bytes,3,opt,name=key_value_store_config,json=keyValueStoreConfig,proto3" json:"key_value_store_config,omitempty"`
+}
+
+func (x *AlternateProtocolsCacheOptions) Reset() {
+	*x = AlternateProtocolsCacheOptions{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_config_core_v3_protocol_proto_msgTypes[4]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *AlternateProtocolsCacheOptions) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*AlternateProtocolsCacheOptions) ProtoMessage() {}
+
+func (x *AlternateProtocolsCacheOptions) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_config_core_v3_protocol_proto_msgTypes[4]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use AlternateProtocolsCacheOptions.ProtoReflect.Descriptor instead.
+func (*AlternateProtocolsCacheOptions) Descriptor() ([]byte, []int) {
+	return file_envoy_config_core_v3_protocol_proto_rawDescGZIP(), []int{4}
+}
+
+func (x *AlternateProtocolsCacheOptions) GetName() string {
+	if x != nil {
+		return x.Name
+	}
+	return ""
+}
+
+func (x *AlternateProtocolsCacheOptions) GetMaxEntries() *wrappers.UInt32Value {
+	if x != nil {
+		return x.MaxEntries
+	}
+	return nil
+}
+
+func (x *AlternateProtocolsCacheOptions) GetKeyValueStoreConfig() *TypedExtensionConfig {
+	if x != nil {
+		return x.KeyValueStoreConfig
+	}
+	return nil
+}
+
+// [#next-free-field: 7]
+type HttpProtocolOptions struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// The idle timeout for connections. The idle timeout is defined as the
+	// period in which there are no active requests. When the
+	// idle timeout is reached the connection will be closed. If the connection is an HTTP/2
+	// downstream connection a drain sequence will occur prior to closing the connection, see
+	// :ref:`drain_timeout
+	// <envoy_v3_api_field_extensions.filters.network.http_connection_manager.v3.HttpConnectionManager.drain_timeout>`.
+	// Note that request based timeouts mean that HTTP/2 PINGs will not keep the connection alive.
+	// If not specified, this defaults to 1 hour. To disable idle timeouts explicitly set this to 0.
+	//
+	// .. warning::
+	//   Disabling this timeout has a highly likelihood of yielding connection leaks due to lost TCP
+	//   FIN packets, etc.
+	//
+	// If the :ref:`overload action <config_overload_manager_overload_actions>` "envoy.overload_actions.reduce_timeouts"
+	// is configured, this timeout is scaled for downstream connections according to the value for
+	// :ref:`HTTP_DOWNSTREAM_CONNECTION_IDLE <envoy_v3_api_enum_value_config.overload.v3.ScaleTimersOverloadActionConfig.TimerType.HTTP_DOWNSTREAM_CONNECTION_IDLE>`.
+	IdleTimeout *duration.Duration `protobuf:"bytes,1,opt,name=idle_timeout,json=idleTimeout,proto3" json:"idle_timeout,omitempty"`
+	// The maximum duration of a connection. The duration is defined as a period since a connection
+	// was established. If not set, there is no max duration. When max_connection_duration is reached
+	// and if there are no active streams, the connection will be closed. If the connection is a
+	// downstream connection and there are any active streams, the drain sequence will kick-in,
+	// and the connection will be force-closed after the drain period. See :ref:`drain_timeout
+	// <envoy_v3_api_field_extensions.filters.network.http_connection_manager.v3.HttpConnectionManager.drain_timeout>`.
+	MaxConnectionDuration *duration.Duration `protobuf:"bytes,3,opt,name=max_connection_duration,json=maxConnectionDuration,proto3" json:"max_connection_duration,omitempty"`
+	// The maximum number of headers. If unconfigured, the default
+	// maximum number of request headers allowed is 100. Requests that exceed this limit will receive
+	// a 431 response for HTTP/1.x and cause a stream reset for HTTP/2.
+	MaxHeadersCount *wrappers.UInt32Value `protobuf:"bytes,2,opt,name=max_headers_count,json=maxHeadersCount,proto3" json:"max_headers_count,omitempty"`
+	// Total duration to keep alive an HTTP request/response stream. If the time limit is reached the stream will be
+	// reset independent of any other timeouts. If not specified, this value is not set.
+	MaxStreamDuration *duration.Duration `protobuf:"bytes,4,opt,name=max_stream_duration,json=maxStreamDuration,proto3" json:"max_stream_duration,omitempty"`
+	// Action to take when a client request with a header name containing underscore characters is received.
+	// If this setting is not specified, the value defaults to ALLOW.
+	// Note: upstream responses are not affected by this setting.
+	HeadersWithUnderscoresAction HttpProtocolOptions_HeadersWithUnderscoresAction `protobuf:"varint,5,opt,name=headers_with_underscores_action,json=headersWithUnderscoresAction,proto3,enum=envoy.config.core.v3.HttpProtocolOptions_HeadersWithUnderscoresAction" json:"headers_with_underscores_action,omitempty"`
+	// Optional maximum requests for both upstream and downstream connections.
+	// If not specified, there is no limit.
+	// Setting this parameter to 1 will effectively disable keep alive.
+	// For HTTP/2 and HTTP/3, due to concurrent stream processing, the limit is approximate.
+	MaxRequestsPerConnection *wrappers.UInt32Value `protobuf:"bytes,6,opt,name=max_requests_per_connection,json=maxRequestsPerConnection,proto3" json:"max_requests_per_connection,omitempty"`
+}
+
+func (x *HttpProtocolOptions) Reset() {
+	*x = HttpProtocolOptions{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_config_core_v3_protocol_proto_msgTypes[5]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *HttpProtocolOptions) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*HttpProtocolOptions) ProtoMessage() {}
+
+func (x *HttpProtocolOptions) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_config_core_v3_protocol_proto_msgTypes[5]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use HttpProtocolOptions.ProtoReflect.Descriptor instead.
+func (*HttpProtocolOptions) Descriptor() ([]byte, []int) {
+	return file_envoy_config_core_v3_protocol_proto_rawDescGZIP(), []int{5}
+}
+
+func (x *HttpProtocolOptions) GetIdleTimeout() *duration.Duration {
+	if x != nil {
+		return x.IdleTimeout
+	}
+	return nil
+}
+
+func (x *HttpProtocolOptions) GetMaxConnectionDuration() *duration.Duration {
+	if x != nil {
+		return x.MaxConnectionDuration
+	}
+	return nil
+}
+
+func (x *HttpProtocolOptions) GetMaxHeadersCount() *wrappers.UInt32Value {
+	if x != nil {
+		return x.MaxHeadersCount
+	}
+	return nil
+}
+
+func (x *HttpProtocolOptions) GetMaxStreamDuration() *duration.Duration {
+	if x != nil {
+		return x.MaxStreamDuration
+	}
+	return nil
+}
+
+func (x *HttpProtocolOptions) GetHeadersWithUnderscoresAction() HttpProtocolOptions_HeadersWithUnderscoresAction {
+	if x != nil {
+		return x.HeadersWithUnderscoresAction
+	}
+	return HttpProtocolOptions_ALLOW
+}
+
+func (x *HttpProtocolOptions) GetMaxRequestsPerConnection() *wrappers.UInt32Value {
+	if x != nil {
+		return x.MaxRequestsPerConnection
+	}
+	return nil
+}
+
+// [#next-free-field: 8]
+type Http1ProtocolOptions struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// Handle HTTP requests with absolute URLs in the requests. These requests
+	// are generally sent by clients to forward/explicit proxies. This allows clients to configure
+	// envoy as their HTTP proxy. In Unix, for example, this is typically done by setting the
+	// *http_proxy* environment variable.
+	AllowAbsoluteUrl *wrappers.BoolValue `protobuf:"bytes,1,opt,name=allow_absolute_url,json=allowAbsoluteUrl,proto3" json:"allow_absolute_url,omitempty"`
+	// Handle incoming HTTP/1.0 and HTTP 0.9 requests.
+	// This is off by default, and not fully standards compliant. There is support for pre-HTTP/1.1
+	// style connect logic, dechunking, and handling lack of client host iff
+	// *default_host_for_http_10* is configured.
+	AcceptHttp_10 bool `protobuf:"varint,2,opt,name=accept_http_10,json=acceptHttp10,proto3" json:"accept_http_10,omitempty"`
+	// A default host for HTTP/1.0 requests. This is highly suggested if *accept_http_10* is true as
+	// Envoy does not otherwise support HTTP/1.0 without a Host header.
+	// This is a no-op if *accept_http_10* is not true.
+	DefaultHostForHttp_10 string `protobuf:"bytes,3,opt,name=default_host_for_http_10,json=defaultHostForHttp10,proto3" json:"default_host_for_http_10,omitempty"`
+	// Describes how the keys for response headers should be formatted. By default, all header keys
+	// are lower cased.
+	HeaderKeyFormat *Http1ProtocolOptions_HeaderKeyFormat `protobuf:"bytes,4,opt,name=header_key_format,json=headerKeyFormat,proto3" json:"header_key_format,omitempty"`
+	// Enables trailers for HTTP/1. By default the HTTP/1 codec drops proxied trailers.
+	//
+	// .. attention::
+	//
+	//   Note that this only happens when Envoy is chunk encoding which occurs when:
+	//   - The request is HTTP/1.1.
+	//   - Is neither a HEAD only request nor a HTTP Upgrade.
+	//   - Not a response to a HEAD request.
+	//   - The content length header is not present.
+	EnableTrailers bool `protobuf:"varint,5,opt,name=enable_trailers,json=enableTrailers,proto3" json:"enable_trailers,omitempty"`
+	// Allows Envoy to process requests/responses with both `Content-Length` and `Transfer-Encoding`
+	// headers set. By default such messages are rejected, but if option is enabled - Envoy will
+	// remove Content-Length header and process message.
+	// See `RFC7230, sec. 3.3.3 <https://tools.ietf.org/html/rfc7230#section-3.3.3>` for details.
+	//
+	// .. attention::
+	//   Enabling this option might lead to request smuggling vulnerability, especially if traffic
+	//   is proxied via multiple layers of proxies.
+	AllowChunkedLength bool `protobuf:"varint,6,opt,name=allow_chunked_length,json=allowChunkedLength,proto3" json:"allow_chunked_length,omitempty"`
+	// Allows invalid HTTP messaging. When this option is false, then Envoy will terminate
+	// HTTP/1.1 connections upon receiving an invalid HTTP message. However,
+	// when this option is true, then Envoy will leave the HTTP/1.1 connection
+	// open where possible.
+	// If set, this overrides any HCM :ref:`stream_error_on_invalid_http_messaging
+	// <envoy_v3_api_field_extensions.filters.network.http_connection_manager.v3.HttpConnectionManager.stream_error_on_invalid_http_message>`.
+	OverrideStreamErrorOnInvalidHttpMessage *wrappers.BoolValue `protobuf:"bytes,7,opt,name=override_stream_error_on_invalid_http_message,json=overrideStreamErrorOnInvalidHttpMessage,proto3" json:"override_stream_error_on_invalid_http_message,omitempty"`
+}
+
+func (x *Http1ProtocolOptions) Reset() {
+	*x = Http1ProtocolOptions{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_config_core_v3_protocol_proto_msgTypes[6]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *Http1ProtocolOptions) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*Http1ProtocolOptions) ProtoMessage() {}
+
+func (x *Http1ProtocolOptions) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_config_core_v3_protocol_proto_msgTypes[6]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use Http1ProtocolOptions.ProtoReflect.Descriptor instead.
+func (*Http1ProtocolOptions) Descriptor() ([]byte, []int) {
+	return file_envoy_config_core_v3_protocol_proto_rawDescGZIP(), []int{6}
+}
+
+func (x *Http1ProtocolOptions) GetAllowAbsoluteUrl() *wrappers.BoolValue {
+	if x != nil {
+		return x.AllowAbsoluteUrl
+	}
+	return nil
+}
+
+func (x *Http1ProtocolOptions) GetAcceptHttp_10() bool {
+	if x != nil {
+		return x.AcceptHttp_10
+	}
+	return false
+}
+
+func (x *Http1ProtocolOptions) GetDefaultHostForHttp_10() string {
+	if x != nil {
+		return x.DefaultHostForHttp_10
+	}
+	return ""
+}
+
+func (x *Http1ProtocolOptions) GetHeaderKeyFormat() *Http1ProtocolOptions_HeaderKeyFormat {
+	if x != nil {
+		return x.HeaderKeyFormat
+	}
+	return nil
+}
+
+func (x *Http1ProtocolOptions) GetEnableTrailers() bool {
+	if x != nil {
+		return x.EnableTrailers
+	}
+	return false
+}
+
+func (x *Http1ProtocolOptions) GetAllowChunkedLength() bool {
+	if x != nil {
+		return x.AllowChunkedLength
+	}
+	return false
+}
+
+func (x *Http1ProtocolOptions) GetOverrideStreamErrorOnInvalidHttpMessage() *wrappers.BoolValue {
+	if x != nil {
+		return x.OverrideStreamErrorOnInvalidHttpMessage
+	}
+	return nil
+}
+
+type KeepaliveSettings struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// Send HTTP/2 PING frames at this period, in order to test that the connection is still alive.
+	// If this is zero, interval PINGs will not be sent.
+	Interval *duration.Duration `protobuf:"bytes,1,opt,name=interval,proto3" json:"interval,omitempty"`
+	// How long to wait for a response to a keepalive PING. If a response is not received within this
+	// time period, the connection will be aborted.
+	Timeout *duration.Duration `protobuf:"bytes,2,opt,name=timeout,proto3" json:"timeout,omitempty"`
+	// A random jitter amount as a percentage of interval that will be added to each interval.
+	// A value of zero means there will be no jitter.
+	// The default value is 15%.
+	IntervalJitter *v3.Percent `protobuf:"bytes,3,opt,name=interval_jitter,json=intervalJitter,proto3" json:"interval_jitter,omitempty"`
+	// If the connection has been idle for this duration, send a HTTP/2 ping ahead
+	// of new stream creation, to quickly detect dead connections.
+	// If this is zero, this type of PING will not be sent.
+	// If an interval ping is outstanding, a second ping will not be sent as the
+	// interval ping will determine if the connection is dead.
+	//
+	// The same feature for HTTP/3 is given by inheritance from QUICHE which uses :ref:`connection idle_timeout <envoy_v3_api_field_config.listener.v3.QuicProtocolOptions.idle_timeout>` and the current PTO of the connection to decide whether to probe before sending a new request.
+	ConnectionIdleInterval *duration.Duration `protobuf:"bytes,4,opt,name=connection_idle_interval,json=connectionIdleInterval,proto3" json:"connection_idle_interval,omitempty"`
+}
+
+func (x *KeepaliveSettings) Reset() {
+	*x = KeepaliveSettings{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_config_core_v3_protocol_proto_msgTypes[7]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *KeepaliveSettings) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*KeepaliveSettings) ProtoMessage() {}
+
+func (x *KeepaliveSettings) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_config_core_v3_protocol_proto_msgTypes[7]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use KeepaliveSettings.ProtoReflect.Descriptor instead.
+func (*KeepaliveSettings) Descriptor() ([]byte, []int) {
+	return file_envoy_config_core_v3_protocol_proto_rawDescGZIP(), []int{7}
+}
+
+func (x *KeepaliveSettings) GetInterval() *duration.Duration {
+	if x != nil {
+		return x.Interval
+	}
+	return nil
+}
+
+func (x *KeepaliveSettings) GetTimeout() *duration.Duration {
+	if x != nil {
+		return x.Timeout
+	}
+	return nil
+}
+
+func (x *KeepaliveSettings) GetIntervalJitter() *v3.Percent {
+	if x != nil {
+		return x.IntervalJitter
+	}
+	return nil
+}
+
+func (x *KeepaliveSettings) GetConnectionIdleInterval() *duration.Duration {
+	if x != nil {
+		return x.ConnectionIdleInterval
+	}
+	return nil
+}
+
+// [#next-free-field: 16]
+type Http2ProtocolOptions struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// `Maximum table size <https://httpwg.org/specs/rfc7541.html#rfc.section.4.2>`_
+	// (in octets) that the encoder is permitted to use for the dynamic HPACK table. Valid values
+	// range from 0 to 4294967295 (2^32 - 1) and defaults to 4096. 0 effectively disables header
+	// compression.
+	HpackTableSize *wrappers.UInt32Value `protobuf:"bytes,1,opt,name=hpack_table_size,json=hpackTableSize,proto3" json:"hpack_table_size,omitempty"`
+	// `Maximum concurrent streams <https://httpwg.org/specs/rfc7540.html#rfc.section.5.1.2>`_
+	// allowed for peer on one HTTP/2 connection. Valid values range from 1 to 2147483647 (2^31 - 1)
+	// and defaults to 2147483647.
+	//
+	// For upstream connections, this also limits how many streams Envoy will initiate concurrently
+	// on a single connection. If the limit is reached, Envoy may queue requests or establish
+	// additional connections (as allowed per circuit breaker limits).
+	//
+	// This acts as an upper bound: Envoy will lower the max concurrent streams allowed on a given
+	// connection based on upstream settings. Config dumps will reflect the configured upper bound,
+	// not the per-connection negotiated limits.
+	MaxConcurrentStreams *wrappers.UInt32Value `protobuf:"bytes,2,opt,name=max_concurrent_streams,json=maxConcurrentStreams,proto3" json:"max_concurrent_streams,omitempty"`
+	// `Initial stream-level flow-control window
+	// <https://httpwg.org/specs/rfc7540.html#rfc.section.6.9.2>`_ size. Valid values range from 65535
+	// (2^16 - 1, HTTP/2 default) to 2147483647 (2^31 - 1, HTTP/2 maximum) and defaults to 268435456
+	// (256 * 1024 * 1024).
+	//
+	// NOTE: 65535 is the initial window size from HTTP/2 spec. We only support increasing the default
+	// window size now, so it's also the minimum.
+	//
+	// This field also acts as a soft limit on the number of bytes Envoy will buffer per-stream in the
+	// HTTP/2 codec buffers. Once the buffer reaches this pointer, watermark callbacks will fire to
+	// stop the flow of data to the codec buffers.
+	InitialStreamWindowSize *wrappers.UInt32Value `protobuf:"bytes,3,opt,name=initial_stream_window_size,json=initialStreamWindowSize,proto3" json:"initial_stream_window_size,omitempty"`
+	// Similar to *initial_stream_window_size*, but for connection-level flow-control
+	// window. Currently, this has the same minimum/maximum/default as *initial_stream_window_size*.
+	InitialConnectionWindowSize *wrappers.UInt32Value `protobuf:"bytes,4,opt,name=initial_connection_window_size,json=initialConnectionWindowSize,proto3" json:"initial_connection_window_size,omitempty"`
+	// Allows proxying Websocket and other upgrades over H2 connect.
+	AllowConnect bool `protobuf:"varint,5,opt,name=allow_connect,json=allowConnect,proto3" json:"allow_connect,omitempty"`
+	// [#not-implemented-hide:] Hiding until envoy has full metadata support.
+	// Still under implementation. DO NOT USE.
+	//
+	// Allows metadata. See [metadata
+	// docs](https://github.com/envoyproxy/envoy/blob/main/source/docs/h2_metadata.md) for more
+	// information.
+	AllowMetadata bool `protobuf:"varint,6,opt,name=allow_metadata,json=allowMetadata,proto3" json:"allow_metadata,omitempty"`
+	// Limit the number of pending outbound downstream frames of all types (frames that are waiting to
+	// be written into the socket). Exceeding this limit triggers flood mitigation and connection is
+	// terminated. The ``http2.outbound_flood`` stat tracks the number of terminated connections due
+	// to flood mitigation. The default limit is 10000.
+	// NOTE: flood and abuse mitigation for upstream connections is presently enabled by the
+	// `envoy.reloadable_features.upstream_http2_flood_checks` flag.
+	MaxOutboundFrames *wrappers.UInt32Value `protobuf:"bytes,7,opt,name=max_outbound_frames,json=maxOutboundFrames,proto3" json:"max_outbound_frames,omitempty"`
+	// Limit the number of pending outbound downstream frames of types PING, SETTINGS and RST_STREAM,
+	// preventing high memory utilization when receiving continuous stream of these frames. Exceeding
+	// this limit triggers flood mitigation and connection is terminated. The
+	// ``http2.outbound_control_flood`` stat tracks the number of terminated connections due to flood
+	// mitigation. The default limit is 1000.
+	// NOTE: flood and abuse mitigation for upstream connections is presently enabled by the
+	// `envoy.reloadable_features.upstream_http2_flood_checks` flag.
+	MaxOutboundControlFrames *wrappers.UInt32Value `protobuf:"bytes,8,opt,name=max_outbound_control_frames,json=maxOutboundControlFrames,proto3" json:"max_outbound_control_frames,omitempty"`
+	// Limit the number of consecutive inbound frames of types HEADERS, CONTINUATION and DATA with an
+	// empty payload and no end stream flag. Those frames have no legitimate use and are abusive, but
+	// might be a result of a broken HTTP/2 implementation. The `http2.inbound_empty_frames_flood``
+	// stat tracks the number of connections terminated due to flood mitigation.
+	// Setting this to 0 will terminate connection upon receiving first frame with an empty payload
+	// and no end stream flag. The default limit is 1.
+	// NOTE: flood and abuse mitigation for upstream connections is presently enabled by the
+	// `envoy.reloadable_features.upstream_http2_flood_checks` flag.
+	MaxConsecutiveInboundFramesWithEmptyPayload *wrappers.UInt32Value `protobuf:"bytes,9,opt,name=max_consecutive_inbound_frames_with_empty_payload,json=maxConsecutiveInboundFramesWithEmptyPayload,proto3" json:"max_consecutive_inbound_frames_with_empty_payload,omitempty"`
+	// Limit the number of inbound PRIORITY frames allowed per each opened stream. If the number
+	// of PRIORITY frames received over the lifetime of connection exceeds the value calculated
+	// using this formula::
+	//
+	//   max_inbound_priority_frames_per_stream * (1 + opened_streams)
+	//
+	// the connection is terminated. For downstream connections the `opened_streams` is incremented when
+	// Envoy receives complete response headers from the upstream server. For upstream connection the
+	// `opened_streams` is incremented when Envoy send the HEADERS frame for a new stream. The
+	// ``http2.inbound_priority_frames_flood`` stat tracks
+	// the number of connections terminated due to flood mitigation. The default limit is 100.
+	// NOTE: flood and abuse mitigation for upstream connections is presently enabled by the
+	// `envoy.reloadable_features.upstream_http2_flood_checks` flag.
+	MaxInboundPriorityFramesPerStream *wrappers.UInt32Value `protobuf:"bytes,10,opt,name=max_inbound_priority_frames_per_stream,json=maxInboundPriorityFramesPerStream,proto3" json:"max_inbound_priority_frames_per_stream,omitempty"`
+	// Limit the number of inbound WINDOW_UPDATE frames allowed per DATA frame sent. If the number
+	// of WINDOW_UPDATE frames received over the lifetime of connection exceeds the value calculated
+	// using this formula::
+	//
+	//   5 + 2 * (opened_streams +
+	//            max_inbound_window_update_frames_per_data_frame_sent * outbound_data_frames)
+	//
+	// the connection is terminated. For downstream connections the `opened_streams` is incremented when
+	// Envoy receives complete response headers from the upstream server. For upstream connections the
+	// `opened_streams` is incremented when Envoy sends the HEADERS frame for a new stream. The
+	// ``http2.inbound_priority_frames_flood`` stat tracks the number of connections terminated due to
+	// flood mitigation. The default max_inbound_window_update_frames_per_data_frame_sent value is 10.
+	// Setting this to 1 should be enough to support HTTP/2 implementations with basic flow control,
+	// but more complex implementations that try to estimate available bandwidth require at least 2.
+	// NOTE: flood and abuse mitigation for upstream connections is presently enabled by the
+	// `envoy.reloadable_features.upstream_http2_flood_checks` flag.
+	MaxInboundWindowUpdateFramesPerDataFrameSent *wrappers.UInt32Value `protobuf:"bytes,11,opt,name=max_inbound_window_update_frames_per_data_frame_sent,json=maxInboundWindowUpdateFramesPerDataFrameSent,proto3" json:"max_inbound_window_update_frames_per_data_frame_sent,omitempty"`
+	// Allows invalid HTTP messaging and headers. When this option is disabled (default), then
+	// the whole HTTP/2 connection is terminated upon receiving invalid HEADERS frame. However,
+	// when this option is enabled, only the offending stream is terminated.
+	//
+	// This is overridden by HCM :ref:`stream_error_on_invalid_http_messaging
+	// <envoy_v3_api_field_extensions.filters.network.http_connection_manager.v3.HttpConnectionManager.stream_error_on_invalid_http_message>`
+	// iff present.
+	//
+	// This is deprecated in favor of :ref:`override_stream_error_on_invalid_http_message
+	// <envoy_v3_api_field_config.core.v3.Http2ProtocolOptions.override_stream_error_on_invalid_http_message>`
+	//
+	// See `RFC7540, sec. 8.1 <https://tools.ietf.org/html/rfc7540#section-8.1>`_ for details.
+	//
+	// Deprecated: Do not use.
+	StreamErrorOnInvalidHttpMessaging bool `protobuf:"varint,12,opt,name=stream_error_on_invalid_http_messaging,json=streamErrorOnInvalidHttpMessaging,proto3" json:"stream_error_on_invalid_http_messaging,omitempty"`
+	// Allows invalid HTTP messaging and headers. When this option is disabled (default), then
+	// the whole HTTP/2 connection is terminated upon receiving invalid HEADERS frame. However,
+	// when this option is enabled, only the offending stream is terminated.
+	//
+	// This overrides any HCM :ref:`stream_error_on_invalid_http_messaging
+	// <envoy_v3_api_field_extensions.filters.network.http_connection_manager.v3.HttpConnectionManager.stream_error_on_invalid_http_message>`
+	//
+	// See `RFC7540, sec. 8.1 <https://tools.ietf.org/html/rfc7540#section-8.1>`_ for details.
+	OverrideStreamErrorOnInvalidHttpMessage *wrappers.BoolValue `protobuf:"bytes,14,opt,name=override_stream_error_on_invalid_http_message,json=overrideStreamErrorOnInvalidHttpMessage,proto3" json:"override_stream_error_on_invalid_http_message,omitempty"`
+	// [#not-implemented-hide:]
+	// Specifies SETTINGS frame parameters to be sent to the peer, with two exceptions:
+	//
+	// 1. SETTINGS_ENABLE_PUSH (0x2) is not configurable as HTTP/2 server push is not supported by
+	// Envoy.
+	//
+	// 2. SETTINGS_ENABLE_CONNECT_PROTOCOL (0x8) is only configurable through the named field
+	// 'allow_connect'.
+	//
+	// Note that custom parameters specified through this field can not also be set in the
+	// corresponding named parameters:
+	//
+	// .. code-block:: text
+	//
+	//   ID    Field Name
+	//   ----------------
+	//   0x1   hpack_table_size
+	//   0x3   max_concurrent_streams
+	//   0x4   initial_stream_window_size
+	//
+	// Collisions will trigger config validation failure on load/update. Likewise, inconsistencies
+	// between custom parameters with the same identifier will trigger a failure.
+	//
+	// See `IANA HTTP/2 Settings
+	// <https://www.iana.org/assignments/http2-parameters/http2-parameters.xhtml#settings>`_ for
+	// standardized identifiers.
+	CustomSettingsParameters []*Http2ProtocolOptions_SettingsParameter `protobuf:"bytes,13,rep,name=custom_settings_parameters,json=customSettingsParameters,proto3" json:"custom_settings_parameters,omitempty"`
+	// Send HTTP/2 PING frames to verify that the connection is still healthy. If the remote peer
+	// does not respond within the configured timeout, the connection will be aborted.
+	ConnectionKeepalive *KeepaliveSettings `protobuf:"bytes,15,opt,name=connection_keepalive,json=connectionKeepalive,proto3" json:"connection_keepalive,omitempty"`
+}
+
+func (x *Http2ProtocolOptions) Reset() {
+	*x = Http2ProtocolOptions{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_config_core_v3_protocol_proto_msgTypes[8]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *Http2ProtocolOptions) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*Http2ProtocolOptions) ProtoMessage() {}
+
+func (x *Http2ProtocolOptions) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_config_core_v3_protocol_proto_msgTypes[8]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use Http2ProtocolOptions.ProtoReflect.Descriptor instead.
+func (*Http2ProtocolOptions) Descriptor() ([]byte, []int) {
+	return file_envoy_config_core_v3_protocol_proto_rawDescGZIP(), []int{8}
+}
+
+func (x *Http2ProtocolOptions) GetHpackTableSize() *wrappers.UInt32Value {
+	if x != nil {
+		return x.HpackTableSize
+	}
+	return nil
+}
+
+func (x *Http2ProtocolOptions) GetMaxConcurrentStreams() *wrappers.UInt32Value {
+	if x != nil {
+		return x.MaxConcurrentStreams
+	}
+	return nil
+}
+
+func (x *Http2ProtocolOptions) GetInitialStreamWindowSize() *wrappers.UInt32Value {
+	if x != nil {
+		return x.InitialStreamWindowSize
+	}
+	return nil
+}
+
+func (x *Http2ProtocolOptions) GetInitialConnectionWindowSize() *wrappers.UInt32Value {
+	if x != nil {
+		return x.InitialConnectionWindowSize
+	}
+	return nil
+}
+
+func (x *Http2ProtocolOptions) GetAllowConnect() bool {
+	if x != nil {
+		return x.AllowConnect
+	}
+	return false
+}
+
+func (x *Http2ProtocolOptions) GetAllowMetadata() bool {
+	if x != nil {
+		return x.AllowMetadata
+	}
+	return false
+}
+
+func (x *Http2ProtocolOptions) GetMaxOutboundFrames() *wrappers.UInt32Value {
+	if x != nil {
+		return x.MaxOutboundFrames
+	}
+	return nil
+}
+
+func (x *Http2ProtocolOptions) GetMaxOutboundControlFrames() *wrappers.UInt32Value {
+	if x != nil {
+		return x.MaxOutboundControlFrames
+	}
+	return nil
+}
+
+func (x *Http2ProtocolOptions) GetMaxConsecutiveInboundFramesWithEmptyPayload() *wrappers.UInt32Value {
+	if x != nil {
+		return x.MaxConsecutiveInboundFramesWithEmptyPayload
+	}
+	return nil
+}
+
+func (x *Http2ProtocolOptions) GetMaxInboundPriorityFramesPerStream() *wrappers.UInt32Value {
+	if x != nil {
+		return x.MaxInboundPriorityFramesPerStream
+	}
+	return nil
+}
+
+func (x *Http2ProtocolOptions) GetMaxInboundWindowUpdateFramesPerDataFrameSent() *wrappers.UInt32Value {
+	if x != nil {
+		return x.MaxInboundWindowUpdateFramesPerDataFrameSent
+	}
+	return nil
+}
+
+// Deprecated: Do not use.
+func (x *Http2ProtocolOptions) GetStreamErrorOnInvalidHttpMessaging() bool {
+	if x != nil {
+		return x.StreamErrorOnInvalidHttpMessaging
+	}
+	return false
+}
+
+func (x *Http2ProtocolOptions) GetOverrideStreamErrorOnInvalidHttpMessage() *wrappers.BoolValue {
+	if x != nil {
+		return x.OverrideStreamErrorOnInvalidHttpMessage
+	}
+	return nil
+}
+
+func (x *Http2ProtocolOptions) GetCustomSettingsParameters() []*Http2ProtocolOptions_SettingsParameter {
+	if x != nil {
+		return x.CustomSettingsParameters
+	}
+	return nil
+}
+
+func (x *Http2ProtocolOptions) GetConnectionKeepalive() *KeepaliveSettings {
+	if x != nil {
+		return x.ConnectionKeepalive
+	}
+	return nil
+}
+
+// [#not-implemented-hide:]
+type GrpcProtocolOptions struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	Http2ProtocolOptions *Http2ProtocolOptions `protobuf:"bytes,1,opt,name=http2_protocol_options,json=http2ProtocolOptions,proto3" json:"http2_protocol_options,omitempty"`
+}
+
+func (x *GrpcProtocolOptions) Reset() {
+	*x = GrpcProtocolOptions{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_config_core_v3_protocol_proto_msgTypes[9]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *GrpcProtocolOptions) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*GrpcProtocolOptions) ProtoMessage() {}
+
+func (x *GrpcProtocolOptions) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_config_core_v3_protocol_proto_msgTypes[9]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use GrpcProtocolOptions.ProtoReflect.Descriptor instead.
+func (*GrpcProtocolOptions) Descriptor() ([]byte, []int) {
+	return file_envoy_config_core_v3_protocol_proto_rawDescGZIP(), []int{9}
+}
+
+func (x *GrpcProtocolOptions) GetHttp2ProtocolOptions() *Http2ProtocolOptions {
+	if x != nil {
+		return x.Http2ProtocolOptions
+	}
+	return nil
+}
+
+// A message which allows using HTTP/3.
+// [#next-free-field: 6]
+type Http3ProtocolOptions struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	QuicProtocolOptions *QuicProtocolOptions `protobuf:"bytes,1,opt,name=quic_protocol_options,json=quicProtocolOptions,proto3" json:"quic_protocol_options,omitempty"`
+	// Allows invalid HTTP messaging and headers. When this option is disabled (default), then
+	// the whole HTTP/3 connection is terminated upon receiving invalid HEADERS frame. However,
+	// when this option is enabled, only the offending stream is terminated.
+	//
+	// If set, this overrides any HCM :ref:`stream_error_on_invalid_http_messaging
+	// <envoy_v3_api_field_extensions.filters.network.http_connection_manager.v3.HttpConnectionManager.stream_error_on_invalid_http_message>`.
+	OverrideStreamErrorOnInvalidHttpMessage *wrappers.BoolValue `protobuf:"bytes,2,opt,name=override_stream_error_on_invalid_http_message,json=overrideStreamErrorOnInvalidHttpMessage,proto3" json:"override_stream_error_on_invalid_http_message,omitempty"`
+	// Allows proxying Websocket and other upgrades over HTTP/3 CONNECT using
+	// the header mechanisms from the `HTTP/2 extended connect RFC
+	// <https://datatracker.ietf.org/doc/html/rfc8441>`_
+	// and settings `proposed for HTTP/3
+	// <https://datatracker.ietf.org/doc/draft-ietf-httpbis-h3-websockets/>`_
+	// Note that HTTP/3 CONNECT is not yet an RFC.
+	AllowExtendedConnect bool `protobuf:"varint,5,opt,name=allow_extended_connect,json=allowExtendedConnect,proto3" json:"allow_extended_connect,omitempty"`
+}
+
+func (x *Http3ProtocolOptions) Reset() {
+	*x = Http3ProtocolOptions{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_config_core_v3_protocol_proto_msgTypes[10]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *Http3ProtocolOptions) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*Http3ProtocolOptions) ProtoMessage() {}
+
+func (x *Http3ProtocolOptions) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_config_core_v3_protocol_proto_msgTypes[10]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use Http3ProtocolOptions.ProtoReflect.Descriptor instead.
+func (*Http3ProtocolOptions) Descriptor() ([]byte, []int) {
+	return file_envoy_config_core_v3_protocol_proto_rawDescGZIP(), []int{10}
+}
+
+func (x *Http3ProtocolOptions) GetQuicProtocolOptions() *QuicProtocolOptions {
+	if x != nil {
+		return x.QuicProtocolOptions
+	}
+	return nil
+}
+
+func (x *Http3ProtocolOptions) GetOverrideStreamErrorOnInvalidHttpMessage() *wrappers.BoolValue {
+	if x != nil {
+		return x.OverrideStreamErrorOnInvalidHttpMessage
+	}
+	return nil
+}
+
+func (x *Http3ProtocolOptions) GetAllowExtendedConnect() bool {
+	if x != nil {
+		return x.AllowExtendedConnect
+	}
+	return false
+}
+
+// A message to control transformations to the :scheme header
+type SchemeHeaderTransformation struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// Types that are assignable to Transformation:
+	//	*SchemeHeaderTransformation_SchemeToOverwrite
+	Transformation isSchemeHeaderTransformation_Transformation `protobuf_oneof:"transformation"`
+}
+
+func (x *SchemeHeaderTransformation) Reset() {
+	*x = SchemeHeaderTransformation{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_config_core_v3_protocol_proto_msgTypes[11]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *SchemeHeaderTransformation) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*SchemeHeaderTransformation) ProtoMessage() {}
+
+func (x *SchemeHeaderTransformation) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_config_core_v3_protocol_proto_msgTypes[11]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use SchemeHeaderTransformation.ProtoReflect.Descriptor instead.
+func (*SchemeHeaderTransformation) Descriptor() ([]byte, []int) {
+	return file_envoy_config_core_v3_protocol_proto_rawDescGZIP(), []int{11}
+}
+
+func (m *SchemeHeaderTransformation) GetTransformation() isSchemeHeaderTransformation_Transformation {
+	if m != nil {
+		return m.Transformation
+	}
+	return nil
+}
+
+func (x *SchemeHeaderTransformation) GetSchemeToOverwrite() string {
+	if x, ok := x.GetTransformation().(*SchemeHeaderTransformation_SchemeToOverwrite); ok {
+		return x.SchemeToOverwrite
+	}
+	return ""
+}
+
+type isSchemeHeaderTransformation_Transformation interface {
+	isSchemeHeaderTransformation_Transformation()
+}
+
+type SchemeHeaderTransformation_SchemeToOverwrite struct {
+	// Overwrite any Scheme header with the contents of this string.
+	SchemeToOverwrite string `protobuf:"bytes,1,opt,name=scheme_to_overwrite,json=schemeToOverwrite,proto3,oneof"`
+}
+
+func (*SchemeHeaderTransformation_SchemeToOverwrite) isSchemeHeaderTransformation_Transformation() {}
+
+// [#next-free-field: 9]
+type Http1ProtocolOptions_HeaderKeyFormat struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// Types that are assignable to HeaderFormat:
+	//	*Http1ProtocolOptions_HeaderKeyFormat_ProperCaseWords_
+	//	*Http1ProtocolOptions_HeaderKeyFormat_StatefulFormatter
+	HeaderFormat isHttp1ProtocolOptions_HeaderKeyFormat_HeaderFormat `protobuf_oneof:"header_format"`
+}
+
+func (x *Http1ProtocolOptions_HeaderKeyFormat) Reset() {
+	*x = Http1ProtocolOptions_HeaderKeyFormat{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_config_core_v3_protocol_proto_msgTypes[12]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *Http1ProtocolOptions_HeaderKeyFormat) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*Http1ProtocolOptions_HeaderKeyFormat) ProtoMessage() {}
+
+func (x *Http1ProtocolOptions_HeaderKeyFormat) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_config_core_v3_protocol_proto_msgTypes[12]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use Http1ProtocolOptions_HeaderKeyFormat.ProtoReflect.Descriptor instead.
+func (*Http1ProtocolOptions_HeaderKeyFormat) Descriptor() ([]byte, []int) {
+	return file_envoy_config_core_v3_protocol_proto_rawDescGZIP(), []int{6, 0}
+}
+
+func (m *Http1ProtocolOptions_HeaderKeyFormat) GetHeaderFormat() isHttp1ProtocolOptions_HeaderKeyFormat_HeaderFormat {
+	if m != nil {
+		return m.HeaderFormat
+	}
+	return nil
+}
+
+func (x *Http1ProtocolOptions_HeaderKeyFormat) GetProperCaseWords() *Http1ProtocolOptions_HeaderKeyFormat_ProperCaseWords {
+	if x, ok := x.GetHeaderFormat().(*Http1ProtocolOptions_HeaderKeyFormat_ProperCaseWords_); ok {
+		return x.ProperCaseWords
+	}
+	return nil
+}
+
+func (x *Http1ProtocolOptions_HeaderKeyFormat) GetStatefulFormatter() *TypedExtensionConfig {
+	if x, ok := x.GetHeaderFormat().(*Http1ProtocolOptions_HeaderKeyFormat_StatefulFormatter); ok {
+		return x.StatefulFormatter
+	}
+	return nil
+}
+
+type isHttp1ProtocolOptions_HeaderKeyFormat_HeaderFormat interface {
+	isHttp1ProtocolOptions_HeaderKeyFormat_HeaderFormat()
+}
+
+type Http1ProtocolOptions_HeaderKeyFormat_ProperCaseWords_ struct {
+	// Formats the header by proper casing words: the first character and any character following
+	// a special character will be capitalized if it's an alpha character. For example,
+	// "content-type" becomes "Content-Type", and "foo$b#$are" becomes "Foo$B#$Are".
+	// Note that while this results in most headers following conventional casing, certain headers
+	// are not covered. For example, the "TE" header will be formatted as "Te".
+	ProperCaseWords *Http1ProtocolOptions_HeaderKeyFormat_ProperCaseWords `protobuf:"bytes,1,opt,name=proper_case_words,json=properCaseWords,proto3,oneof"`
+}
+
+type Http1ProtocolOptions_HeaderKeyFormat_StatefulFormatter struct {
+	// Configuration for stateful formatter extensions that allow using received headers to
+	// affect the output of encoding headers. E.g., preserving case during proxying.
+	// [#extension-category: envoy.http.stateful_header_formatters]
+	StatefulFormatter *TypedExtensionConfig `protobuf:"bytes,8,opt,name=stateful_formatter,json=statefulFormatter,proto3,oneof"`
+}
+
+func (*Http1ProtocolOptions_HeaderKeyFormat_ProperCaseWords_) isHttp1ProtocolOptions_HeaderKeyFormat_HeaderFormat() {
+}
+
+func (*Http1ProtocolOptions_HeaderKeyFormat_StatefulFormatter) isHttp1ProtocolOptions_HeaderKeyFormat_HeaderFormat() {
+}
+
+type Http1ProtocolOptions_HeaderKeyFormat_ProperCaseWords struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+}
+
+func (x *Http1ProtocolOptions_HeaderKeyFormat_ProperCaseWords) Reset() {
+	*x = Http1ProtocolOptions_HeaderKeyFormat_ProperCaseWords{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_config_core_v3_protocol_proto_msgTypes[13]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *Http1ProtocolOptions_HeaderKeyFormat_ProperCaseWords) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*Http1ProtocolOptions_HeaderKeyFormat_ProperCaseWords) ProtoMessage() {}
+
+func (x *Http1ProtocolOptions_HeaderKeyFormat_ProperCaseWords) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_config_core_v3_protocol_proto_msgTypes[13]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use Http1ProtocolOptions_HeaderKeyFormat_ProperCaseWords.ProtoReflect.Descriptor instead.
+func (*Http1ProtocolOptions_HeaderKeyFormat_ProperCaseWords) Descriptor() ([]byte, []int) {
+	return file_envoy_config_core_v3_protocol_proto_rawDescGZIP(), []int{6, 0, 0}
+}
+
+// Defines a parameter to be sent in the SETTINGS frame.
+// See `RFC7540, sec. 6.5.1 <https://tools.ietf.org/html/rfc7540#section-6.5.1>`_ for details.
+type Http2ProtocolOptions_SettingsParameter struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// The 16 bit parameter identifier.
+	Identifier *wrappers.UInt32Value `protobuf:"bytes,1,opt,name=identifier,proto3" json:"identifier,omitempty"`
+	// The 32 bit parameter value.
+	Value *wrappers.UInt32Value `protobuf:"bytes,2,opt,name=value,proto3" json:"value,omitempty"`
+}
+
+func (x *Http2ProtocolOptions_SettingsParameter) Reset() {
+	*x = Http2ProtocolOptions_SettingsParameter{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_config_core_v3_protocol_proto_msgTypes[14]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *Http2ProtocolOptions_SettingsParameter) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*Http2ProtocolOptions_SettingsParameter) ProtoMessage() {}
+
+func (x *Http2ProtocolOptions_SettingsParameter) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_config_core_v3_protocol_proto_msgTypes[14]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use Http2ProtocolOptions_SettingsParameter.ProtoReflect.Descriptor instead.
+func (*Http2ProtocolOptions_SettingsParameter) Descriptor() ([]byte, []int) {
+	return file_envoy_config_core_v3_protocol_proto_rawDescGZIP(), []int{8, 0}
+}
+
+func (x *Http2ProtocolOptions_SettingsParameter) GetIdentifier() *wrappers.UInt32Value {
+	if x != nil {
+		return x.Identifier
+	}
+	return nil
+}
+
+func (x *Http2ProtocolOptions_SettingsParameter) GetValue() *wrappers.UInt32Value {
+	if x != nil {
+		return x.Value
+	}
+	return nil
+}
+
+var File_envoy_config_core_v3_protocol_proto protoreflect.FileDescriptor
+
+var file_envoy_config_core_v3_protocol_proto_rawDesc = []byte{
+	0x0a, 0x23, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2f, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2f, 0x63,
+	0x6f, 0x72, 0x65, 0x2f, 0x76, 0x33, 0x2f, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x63, 0x6f, 0x6c, 0x2e,
+	0x70, 0x72, 0x6f, 0x74, 0x6f, 0x12, 0x14, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e,
+	0x66, 0x69, 0x67, 0x2e, 0x63, 0x6f, 0x72, 0x65, 0x2e, 0x76, 0x33, 0x1a, 0x24, 0x65, 0x6e, 0x76,
+	0x6f, 0x79, 0x2f, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2f, 0x63, 0x6f, 0x72, 0x65, 0x2f, 0x76,
+	0x33, 0x2f, 0x65, 0x78, 0x74, 0x65, 0x6e, 0x73, 0x69, 0x6f, 0x6e, 0x2e, 0x70, 0x72, 0x6f, 0x74,
+	0x6f, 0x1a, 0x1b, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2f, 0x74, 0x79, 0x70, 0x65, 0x2f, 0x76, 0x33,
+	0x2f, 0x70, 0x65, 0x72, 0x63, 0x65, 0x6e, 0x74, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x1e,
+	0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2f, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2f,
+	0x64, 0x75, 0x72, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x1e,
+	0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2f, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2f,
+	0x77, 0x72, 0x61, 0x70, 0x70, 0x65, 0x72, 0x73, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x1f,
+	0x78, 0x64, 0x73, 0x2f, 0x61, 0x6e, 0x6e, 0x6f, 0x74, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x2f,
+	0x76, 0x33, 0x2f, 0x73, 0x74, 0x61, 0x74, 0x75, 0x73, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a,
+	0x23, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2f, 0x61, 0x6e, 0x6e, 0x6f, 0x74, 0x61, 0x74, 0x69, 0x6f,
+	0x6e, 0x73, 0x2f, 0x64, 0x65, 0x70, 0x72, 0x65, 0x63, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x2e, 0x70,
+	0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x1d, 0x75, 0x64, 0x70, 0x61, 0x2f, 0x61, 0x6e, 0x6e, 0x6f, 0x74,
+	0x61, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x2f, 0x73, 0x74, 0x61, 0x74, 0x75, 0x73, 0x2e, 0x70, 0x72,
+	0x6f, 0x74, 0x6f, 0x1a, 0x21, 0x75, 0x64, 0x70, 0x61, 0x2f, 0x61, 0x6e, 0x6e, 0x6f, 0x74, 0x61,
+	0x74, 0x69, 0x6f, 0x6e, 0x73, 0x2f, 0x76, 0x65, 0x72, 0x73, 0x69, 0x6f, 0x6e, 0x69, 0x6e, 0x67,
+	0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x17, 0x76, 0x61, 0x6c, 0x69, 0x64, 0x61, 0x74, 0x65,
+	0x2f, 0x76, 0x61, 0x6c, 0x69, 0x64, 0x61, 0x74, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x22,
+	0x41, 0x0a, 0x12, 0x54, 0x63, 0x70, 0x50, 0x72, 0x6f, 0x74, 0x6f, 0x63, 0x6f, 0x6c, 0x4f, 0x70,
+	0x74, 0x69, 0x6f, 0x6e, 0x73, 0x3a, 0x2b, 0x9a, 0xc5, 0x88, 0x1e, 0x26, 0x0a, 0x24, 0x65, 0x6e,
+	0x76, 0x6f, 0x79, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x76, 0x32, 0x2e, 0x63, 0x6f, 0x72, 0x65, 0x2e,
+	0x54, 0x63, 0x70, 0x50, 0x72, 0x6f, 0x74, 0x6f, 0x63, 0x6f, 0x6c, 0x4f, 0x70, 0x74, 0x69, 0x6f,
+	0x6e, 0x73, 0x22, 0xb7, 0x01, 0x0a, 0x15, 0x51, 0x75, 0x69, 0x63, 0x4b, 0x65, 0x65, 0x70, 0x41,
+	0x6c, 0x69, 0x76, 0x65, 0x53, 0x65, 0x74, 0x74, 0x69, 0x6e, 0x67, 0x73, 0x12, 0x4a, 0x0a, 0x0c,
+	0x6d, 0x61, 0x78, 0x5f, 0x69, 0x6e, 0x74, 0x65, 0x72, 0x76, 0x61, 0x6c, 0x18, 0x01, 0x20, 0x01,
+	0x28, 0x0b, 0x32, 0x19, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74,
+	0x6f, 0x62, 0x75, 0x66, 0x2e, 0x44, 0x75, 0x72, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x42, 0x0c, 0xfa,
+	0x42, 0x09, 0xaa, 0x01, 0x06, 0x22, 0x00, 0x32, 0x02, 0x08, 0x01, 0x52, 0x0b, 0x6d, 0x61, 0x78,
+	0x49, 0x6e, 0x74, 0x65, 0x72, 0x76, 0x61, 0x6c, 0x12, 0x52, 0x0a, 0x10, 0x69, 0x6e, 0x69, 0x74,
+	0x69, 0x61, 0x6c, 0x5f, 0x69, 0x6e, 0x74, 0x65, 0x72, 0x76, 0x61, 0x6c, 0x18, 0x02, 0x20, 0x01,
+	0x28, 0x0b, 0x32, 0x19, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74,
+	0x6f, 0x62, 0x75, 0x66, 0x2e, 0x44, 0x75, 0x72, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x42, 0x0c, 0xfa,
+	0x42, 0x09, 0xaa, 0x01, 0x06, 0x22, 0x00, 0x32, 0x02, 0x08, 0x01, 0x52, 0x0f, 0x69, 0x6e, 0x69,
+	0x74, 0x69, 0x61, 0x6c, 0x49, 0x6e, 0x74, 0x65, 0x72, 0x76, 0x61, 0x6c, 0x22, 0xa8, 0x04, 0x0a,
+	0x13, 0x51, 0x75, 0x69, 0x63, 0x50, 0x72, 0x6f, 0x74, 0x6f, 0x63, 0x6f, 0x6c, 0x4f, 0x70, 0x74,
+	0x69, 0x6f, 0x6e, 0x73, 0x12, 0x5b, 0x0a, 0x16, 0x6d, 0x61, 0x78, 0x5f, 0x63, 0x6f, 0x6e, 0x63,
+	0x75, 0x72, 0x72, 0x65, 0x6e, 0x74, 0x5f, 0x73, 0x74, 0x72, 0x65, 0x61, 0x6d, 0x73, 0x18, 0x01,
+	0x20, 0x01, 0x28, 0x0b, 0x32, 0x1c, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72,
+	0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x55, 0x49, 0x6e, 0x74, 0x33, 0x32, 0x56, 0x61, 0x6c,
+	0x75, 0x65, 0x42, 0x07, 0xfa, 0x42, 0x04, 0x2a, 0x02, 0x28, 0x01, 0x52, 0x14, 0x6d, 0x61, 0x78,
+	0x43, 0x6f, 0x6e, 0x63, 0x75, 0x72, 0x72, 0x65, 0x6e, 0x74, 0x53, 0x74, 0x72, 0x65, 0x61, 0x6d,
+	0x73, 0x12, 0x67, 0x0a, 0x1a, 0x69, 0x6e, 0x69, 0x74, 0x69, 0x61, 0x6c, 0x5f, 0x73, 0x74, 0x72,
+	0x65, 0x61, 0x6d, 0x5f, 0x77, 0x69, 0x6e, 0x64, 0x6f, 0x77, 0x5f, 0x73, 0x69, 0x7a, 0x65, 0x18,
+	0x02, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1c, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70,
+	0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x55, 0x49, 0x6e, 0x74, 0x33, 0x32, 0x56, 0x61,
+	0x6c, 0x75, 0x65, 0x42, 0x0c, 0xfa, 0x42, 0x09, 0x2a, 0x07, 0x18, 0x80, 0x80, 0x80, 0x08, 0x28,
+	0x01, 0x52, 0x17, 0x69, 0x6e, 0x69, 0x74, 0x69, 0x61, 0x6c, 0x53, 0x74, 0x72, 0x65, 0x61, 0x6d,
+	0x57, 0x69, 0x6e, 0x64, 0x6f, 0x77, 0x53, 0x69, 0x7a, 0x65, 0x12, 0x6f, 0x0a, 0x1e, 0x69, 0x6e,
+	0x69, 0x74, 0x69, 0x61, 0x6c, 0x5f, 0x63, 0x6f, 0x6e, 0x6e, 0x65, 0x63, 0x74, 0x69, 0x6f, 0x6e,
+	0x5f, 0x77, 0x69, 0x6e, 0x64, 0x6f, 0x77, 0x5f, 0x73, 0x69, 0x7a, 0x65, 0x18, 0x03, 0x20, 0x01,
+	0x28, 0x0b, 0x32, 0x1c, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74,
+	0x6f, 0x62, 0x75, 0x66, 0x2e, 0x55, 0x49, 0x6e, 0x74, 0x33, 0x32, 0x56, 0x61, 0x6c, 0x75, 0x65,
+	0x42, 0x0c, 0xfa, 0x42, 0x09, 0x2a, 0x07, 0x18, 0x80, 0x80, 0x80, 0x0c, 0x28, 0x01, 0x52, 0x1b,
+	0x69, 0x6e, 0x69, 0x74, 0x69, 0x61, 0x6c, 0x43, 0x6f, 0x6e, 0x6e, 0x65, 0x63, 0x74, 0x69, 0x6f,
+	0x6e, 0x57, 0x69, 0x6e, 0x64, 0x6f, 0x77, 0x53, 0x69, 0x7a, 0x65, 0x12, 0x7a, 0x0a, 0x26, 0x6e,
+	0x75, 0x6d, 0x5f, 0x74, 0x69, 0x6d, 0x65, 0x6f, 0x75, 0x74, 0x73, 0x5f, 0x74, 0x6f, 0x5f, 0x74,
+	0x72, 0x69, 0x67, 0x67, 0x65, 0x72, 0x5f, 0x70, 0x6f, 0x72, 0x74, 0x5f, 0x6d, 0x69, 0x67, 0x72,
+	0x61, 0x74, 0x69, 0x6f, 0x6e, 0x18, 0x04, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1c, 0x2e, 0x67, 0x6f,
+	0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x55, 0x49,
+	0x6e, 0x74, 0x33, 0x32, 0x56, 0x61, 0x6c, 0x75, 0x65, 0x42, 0x09, 0xfa, 0x42, 0x06, 0x2a, 0x04,
+	0x18, 0x05, 0x28, 0x00, 0x52, 0x21, 0x6e, 0x75, 0x6d, 0x54, 0x69, 0x6d, 0x65, 0x6f, 0x75, 0x74,
+	0x73, 0x54, 0x6f, 0x54, 0x72, 0x69, 0x67, 0x67, 0x65, 0x72, 0x50, 0x6f, 0x72, 0x74, 0x4d, 0x69,
+	0x67, 0x72, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x12, 0x5e, 0x0a, 0x14, 0x63, 0x6f, 0x6e, 0x6e, 0x65,
+	0x63, 0x74, 0x69, 0x6f, 0x6e, 0x5f, 0x6b, 0x65, 0x65, 0x70, 0x61, 0x6c, 0x69, 0x76, 0x65, 0x18,
+	0x05, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x2b, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f,
+	0x6e, 0x66, 0x69, 0x67, 0x2e, 0x63, 0x6f, 0x72, 0x65, 0x2e, 0x76, 0x33, 0x2e, 0x51, 0x75, 0x69,
+	0x63, 0x4b, 0x65, 0x65, 0x70, 0x41, 0x6c, 0x69, 0x76, 0x65, 0x53, 0x65, 0x74, 0x74, 0x69, 0x6e,
+	0x67, 0x73, 0x52, 0x13, 0x63, 0x6f, 0x6e, 0x6e, 0x65, 0x63, 0x74, 0x69, 0x6f, 0x6e, 0x4b, 0x65,
+	0x65, 0x70, 0x61, 0x6c, 0x69, 0x76, 0x65, 0x22, 0xe4, 0x01, 0x0a, 0x1b, 0x55, 0x70, 0x73, 0x74,
+	0x72, 0x65, 0x61, 0x6d, 0x48, 0x74, 0x74, 0x70, 0x50, 0x72, 0x6f, 0x74, 0x6f, 0x63, 0x6f, 0x6c,
+	0x4f, 0x70, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x12, 0x19, 0x0a, 0x08, 0x61, 0x75, 0x74, 0x6f, 0x5f,
+	0x73, 0x6e, 0x69, 0x18, 0x01, 0x20, 0x01, 0x28, 0x08, 0x52, 0x07, 0x61, 0x75, 0x74, 0x6f, 0x53,
+	0x6e, 0x69, 0x12, 0x2e, 0x0a, 0x13, 0x61, 0x75, 0x74, 0x6f, 0x5f, 0x73, 0x61, 0x6e, 0x5f, 0x76,
+	0x61, 0x6c, 0x69, 0x64, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x18, 0x02, 0x20, 0x01, 0x28, 0x08, 0x52,
+	0x11, 0x61, 0x75, 0x74, 0x6f, 0x53, 0x61, 0x6e, 0x56, 0x61, 0x6c, 0x69, 0x64, 0x61, 0x74, 0x69,
+	0x6f, 0x6e, 0x12, 0x44, 0x0a, 0x18, 0x6f, 0x76, 0x65, 0x72, 0x72, 0x69, 0x64, 0x65, 0x5f, 0x61,
+	0x75, 0x74, 0x6f, 0x5f, 0x73, 0x6e, 0x69, 0x5f, 0x68, 0x65, 0x61, 0x64, 0x65, 0x72, 0x18, 0x03,
+	0x20, 0x01, 0x28, 0x09, 0x42, 0x0b, 0xfa, 0x42, 0x08, 0x72, 0x06, 0xc0, 0x01, 0x01, 0xd0, 0x01,
+	0x01, 0x52, 0x15, 0x6f, 0x76, 0x65, 0x72, 0x72, 0x69, 0x64, 0x65, 0x41, 0x75, 0x74, 0x6f, 0x53,
+	0x6e, 0x69, 0x48, 0x65, 0x61, 0x64, 0x65, 0x72, 0x3a, 0x34, 0x9a, 0xc5, 0x88, 0x1e, 0x2f, 0x0a,
+	0x2d, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x76, 0x32, 0x2e, 0x63, 0x6f,
+	0x72, 0x65, 0x2e, 0x55, 0x70, 0x73, 0x74, 0x72, 0x65, 0x61, 0x6d, 0x48, 0x74, 0x74, 0x70, 0x50,
+	0x72, 0x6f, 0x74, 0x6f, 0x63, 0x6f, 0x6c, 0x4f, 0x70, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x22, 0xe6,
+	0x01, 0x0a, 0x1e, 0x41, 0x6c, 0x74, 0x65, 0x72, 0x6e, 0x61, 0x74, 0x65, 0x50, 0x72, 0x6f, 0x74,
+	0x6f, 0x63, 0x6f, 0x6c, 0x73, 0x43, 0x61, 0x63, 0x68, 0x65, 0x4f, 0x70, 0x74, 0x69, 0x6f, 0x6e,
+	0x73, 0x12, 0x1b, 0x0a, 0x04, 0x6e, 0x61, 0x6d, 0x65, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x42,
+	0x07, 0xfa, 0x42, 0x04, 0x72, 0x02, 0x10, 0x01, 0x52, 0x04, 0x6e, 0x61, 0x6d, 0x65, 0x12, 0x46,
+	0x0a, 0x0b, 0x6d, 0x61, 0x78, 0x5f, 0x65, 0x6e, 0x74, 0x72, 0x69, 0x65, 0x73, 0x18, 0x02, 0x20,
+	0x01, 0x28, 0x0b, 0x32, 0x1c, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f,
+	0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x55, 0x49, 0x6e, 0x74, 0x33, 0x32, 0x56, 0x61, 0x6c, 0x75,
+	0x65, 0x42, 0x07, 0xfa, 0x42, 0x04, 0x2a, 0x02, 0x20, 0x00, 0x52, 0x0a, 0x6d, 0x61, 0x78, 0x45,
+	0x6e, 0x74, 0x72, 0x69, 0x65, 0x73, 0x12, 0x5f, 0x0a, 0x16, 0x6b, 0x65, 0x79, 0x5f, 0x76, 0x61,
+	0x6c, 0x75, 0x65, 0x5f, 0x73, 0x74, 0x6f, 0x72, 0x65, 0x5f, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67,
+	0x18, 0x03, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x2a, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63,
+	0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x63, 0x6f, 0x72, 0x65, 0x2e, 0x76, 0x33, 0x2e, 0x54, 0x79,
+	0x70, 0x65, 0x64, 0x45, 0x78, 0x74, 0x65, 0x6e, 0x73, 0x69, 0x6f, 0x6e, 0x43, 0x6f, 0x6e, 0x66,
+	0x69, 0x67, 0x52, 0x13, 0x6b, 0x65, 0x79, 0x56, 0x61, 0x6c, 0x75, 0x65, 0x53, 0x74, 0x6f, 0x72,
+	0x65, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x22, 0xaf, 0x05, 0x0a, 0x13, 0x48, 0x74, 0x74, 0x70,
+	0x50, 0x72, 0x6f, 0x74, 0x6f, 0x63, 0x6f, 0x6c, 0x4f, 0x70, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x12,
+	0x3c, 0x0a, 0x0c, 0x69, 0x64, 0x6c, 0x65, 0x5f, 0x74, 0x69, 0x6d, 0x65, 0x6f, 0x75, 0x74, 0x18,
+	0x01, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x19, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70,
+	0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x44, 0x75, 0x72, 0x61, 0x74, 0x69, 0x6f, 0x6e,
+	0x52, 0x0b, 0x69, 0x64, 0x6c, 0x65, 0x54, 0x69, 0x6d, 0x65, 0x6f, 0x75, 0x74, 0x12, 0x51, 0x0a,
+	0x17, 0x6d, 0x61, 0x78, 0x5f, 0x63, 0x6f, 0x6e, 0x6e, 0x65, 0x63, 0x74, 0x69, 0x6f, 0x6e, 0x5f,
+	0x64, 0x75, 0x72, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x18, 0x03, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x19,
+	0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66,
+	0x2e, 0x44, 0x75, 0x72, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x52, 0x15, 0x6d, 0x61, 0x78, 0x43, 0x6f,
+	0x6e, 0x6e, 0x65, 0x63, 0x74, 0x69, 0x6f, 0x6e, 0x44, 0x75, 0x72, 0x61, 0x74, 0x69, 0x6f, 0x6e,
+	0x12, 0x51, 0x0a, 0x11, 0x6d, 0x61, 0x78, 0x5f, 0x68, 0x65, 0x61, 0x64, 0x65, 0x72, 0x73, 0x5f,
+	0x63, 0x6f, 0x75, 0x6e, 0x74, 0x18, 0x02, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1c, 0x2e, 0x67, 0x6f,
+	0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x55, 0x49,
+	0x6e, 0x74, 0x33, 0x32, 0x56, 0x61, 0x6c, 0x75, 0x65, 0x42, 0x07, 0xfa, 0x42, 0x04, 0x2a, 0x02,
+	0x28, 0x01, 0x52, 0x0f, 0x6d, 0x61, 0x78, 0x48, 0x65, 0x61, 0x64, 0x65, 0x72, 0x73, 0x43, 0x6f,
+	0x75, 0x6e, 0x74, 0x12, 0x49, 0x0a, 0x13, 0x6d, 0x61, 0x78, 0x5f, 0x73, 0x74, 0x72, 0x65, 0x61,
+	0x6d, 0x5f, 0x64, 0x75, 0x72, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x18, 0x04, 0x20, 0x01, 0x28, 0x0b,
+	0x32, 0x19, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62,
+	0x75, 0x66, 0x2e, 0x44, 0x75, 0x72, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x52, 0x11, 0x6d, 0x61, 0x78,
+	0x53, 0x74, 0x72, 0x65, 0x61, 0x6d, 0x44, 0x75, 0x72, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x12, 0x8d,
+	0x01, 0x0a, 0x1f, 0x68, 0x65, 0x61, 0x64, 0x65, 0x72, 0x73, 0x5f, 0x77, 0x69, 0x74, 0x68, 0x5f,
+	0x75, 0x6e, 0x64, 0x65, 0x72, 0x73, 0x63, 0x6f, 0x72, 0x65, 0x73, 0x5f, 0x61, 0x63, 0x74, 0x69,
+	0x6f, 0x6e, 0x18, 0x05, 0x20, 0x01, 0x28, 0x0e, 0x32, 0x46, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79,
+	0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x63, 0x6f, 0x72, 0x65, 0x2e, 0x76, 0x33, 0x2e,
+	0x48, 0x74, 0x74, 0x70, 0x50, 0x72, 0x6f, 0x74, 0x6f, 0x63, 0x6f, 0x6c, 0x4f, 0x70, 0x74, 0x69,
+	0x6f, 0x6e, 0x73, 0x2e, 0x48, 0x65, 0x61, 0x64, 0x65, 0x72, 0x73, 0x57, 0x69, 0x74, 0x68, 0x55,
+	0x6e, 0x64, 0x65, 0x72, 0x73, 0x63, 0x6f, 0x72, 0x65, 0x73, 0x41, 0x63, 0x74, 0x69, 0x6f, 0x6e,
+	0x52, 0x1c, 0x68, 0x65, 0x61, 0x64, 0x65, 0x72, 0x73, 0x57, 0x69, 0x74, 0x68, 0x55, 0x6e, 0x64,
+	0x65, 0x72, 0x73, 0x63, 0x6f, 0x72, 0x65, 0x73, 0x41, 0x63, 0x74, 0x69, 0x6f, 0x6e, 0x12, 0x5b,
+	0x0a, 0x1b, 0x6d, 0x61, 0x78, 0x5f, 0x72, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x73, 0x5f, 0x70,
+	0x65, 0x72, 0x5f, 0x63, 0x6f, 0x6e, 0x6e, 0x65, 0x63, 0x74, 0x69, 0x6f, 0x6e, 0x18, 0x06, 0x20,
+	0x01, 0x28, 0x0b, 0x32, 0x1c, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f,
+	0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x55, 0x49, 0x6e, 0x74, 0x33, 0x32, 0x56, 0x61, 0x6c, 0x75,
+	0x65, 0x52, 0x18, 0x6d, 0x61, 0x78, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x73, 0x50, 0x65,
+	0x72, 0x43, 0x6f, 0x6e, 0x6e, 0x65, 0x63, 0x74, 0x69, 0x6f, 0x6e, 0x22, 0x4e, 0x0a, 0x1c, 0x48,
+	0x65, 0x61, 0x64, 0x65, 0x72, 0x73, 0x57, 0x69, 0x74, 0x68, 0x55, 0x6e, 0x64, 0x65, 0x72, 0x73,
+	0x63, 0x6f, 0x72, 0x65, 0x73, 0x41, 0x63, 0x74, 0x69, 0x6f, 0x6e, 0x12, 0x09, 0x0a, 0x05, 0x41,
+	0x4c, 0x4c, 0x4f, 0x57, 0x10, 0x00, 0x12, 0x12, 0x0a, 0x0e, 0x52, 0x45, 0x4a, 0x45, 0x43, 0x54,
+	0x5f, 0x52, 0x45, 0x51, 0x55, 0x45, 0x53, 0x54, 0x10, 0x01, 0x12, 0x0f, 0x0a, 0x0b, 0x44, 0x52,
+	0x4f, 0x50, 0x5f, 0x48, 0x45, 0x41, 0x44, 0x45, 0x52, 0x10, 0x02, 0x3a, 0x2c, 0x9a, 0xc5, 0x88,
+	0x1e, 0x27, 0x0a, 0x25, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x76, 0x32,
+	0x2e, 0x63, 0x6f, 0x72, 0x65, 0x2e, 0x48, 0x74, 0x74, 0x70, 0x50, 0x72, 0x6f, 0x74, 0x6f, 0x63,
+	0x6f, 0x6c, 0x4f, 0x70, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x22, 0xce, 0x07, 0x0a, 0x14, 0x48, 0x74,
+	0x74, 0x70, 0x31, 0x50, 0x72, 0x6f, 0x74, 0x6f, 0x63, 0x6f, 0x6c, 0x4f, 0x70, 0x74, 0x69, 0x6f,
+	0x6e, 0x73, 0x12, 0x48, 0x0a, 0x12, 0x61, 0x6c, 0x6c, 0x6f, 0x77, 0x5f, 0x61, 0x62, 0x73, 0x6f,
+	0x6c, 0x75, 0x74, 0x65, 0x5f, 0x75, 0x72, 0x6c, 0x18, 0x01, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1a,
+	0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66,
+	0x2e, 0x42, 0x6f, 0x6f, 0x6c, 0x56, 0x61, 0x6c, 0x75, 0x65, 0x52, 0x10, 0x61, 0x6c, 0x6c, 0x6f,
+	0x77, 0x41, 0x62, 0x73, 0x6f, 0x6c, 0x75, 0x74, 0x65, 0x55, 0x72, 0x6c, 0x12, 0x24, 0x0a, 0x0e,
+	0x61, 0x63, 0x63, 0x65, 0x70, 0x74, 0x5f, 0x68, 0x74, 0x74, 0x70, 0x5f, 0x31, 0x30, 0x18, 0x02,
+	0x20, 0x01, 0x28, 0x08, 0x52, 0x0c, 0x61, 0x63, 0x63, 0x65, 0x70, 0x74, 0x48, 0x74, 0x74, 0x70,
+	0x31, 0x30, 0x12, 0x36, 0x0a, 0x18, 0x64, 0x65, 0x66, 0x61, 0x75, 0x6c, 0x74, 0x5f, 0x68, 0x6f,
+	0x73, 0x74, 0x5f, 0x66, 0x6f, 0x72, 0x5f, 0x68, 0x74, 0x74, 0x70, 0x5f, 0x31, 0x30, 0x18, 0x03,
+	0x20, 0x01, 0x28, 0x09, 0x52, 0x14, 0x64, 0x65, 0x66, 0x61, 0x75, 0x6c, 0x74, 0x48, 0x6f, 0x73,
+	0x74, 0x46, 0x6f, 0x72, 0x48, 0x74, 0x74, 0x70, 0x31, 0x30, 0x12, 0x66, 0x0a, 0x11, 0x68, 0x65,
+	0x61, 0x64, 0x65, 0x72, 0x5f, 0x6b, 0x65, 0x79, 0x5f, 0x66, 0x6f, 0x72, 0x6d, 0x61, 0x74, 0x18,
+	0x04, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x3a, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f,
+	0x6e, 0x66, 0x69, 0x67, 0x2e, 0x63, 0x6f, 0x72, 0x65, 0x2e, 0x76, 0x33, 0x2e, 0x48, 0x74, 0x74,
+	0x70, 0x31, 0x50, 0x72, 0x6f, 0x74, 0x6f, 0x63, 0x6f, 0x6c, 0x4f, 0x70, 0x74, 0x69, 0x6f, 0x6e,
+	0x73, 0x2e, 0x48, 0x65, 0x61, 0x64, 0x65, 0x72, 0x4b, 0x65, 0x79, 0x46, 0x6f, 0x72, 0x6d, 0x61,
+	0x74, 0x52, 0x0f, 0x68, 0x65, 0x61, 0x64, 0x65, 0x72, 0x4b, 0x65, 0x79, 0x46, 0x6f, 0x72, 0x6d,
+	0x61, 0x74, 0x12, 0x27, 0x0a, 0x0f, 0x65, 0x6e, 0x61, 0x62, 0x6c, 0x65, 0x5f, 0x74, 0x72, 0x61,
+	0x69, 0x6c, 0x65, 0x72, 0x73, 0x18, 0x05, 0x20, 0x01, 0x28, 0x08, 0x52, 0x0e, 0x65, 0x6e, 0x61,
+	0x62, 0x6c, 0x65, 0x54, 0x72, 0x61, 0x69, 0x6c, 0x65, 0x72, 0x73, 0x12, 0x30, 0x0a, 0x14, 0x61,
+	0x6c, 0x6c, 0x6f, 0x77, 0x5f, 0x63, 0x68, 0x75, 0x6e, 0x6b, 0x65, 0x64, 0x5f, 0x6c, 0x65, 0x6e,
+	0x67, 0x74, 0x68, 0x18, 0x06, 0x20, 0x01, 0x28, 0x08, 0x52, 0x12, 0x61, 0x6c, 0x6c, 0x6f, 0x77,
+	0x43, 0x68, 0x75, 0x6e, 0x6b, 0x65, 0x64, 0x4c, 0x65, 0x6e, 0x67, 0x74, 0x68, 0x12, 0x7a, 0x0a,
+	0x2d, 0x6f, 0x76, 0x65, 0x72, 0x72, 0x69, 0x64, 0x65, 0x5f, 0x73, 0x74, 0x72, 0x65, 0x61, 0x6d,
+	0x5f, 0x65, 0x72, 0x72, 0x6f, 0x72, 0x5f, 0x6f, 0x6e, 0x5f, 0x69, 0x6e, 0x76, 0x61, 0x6c, 0x69,
+	0x64, 0x5f, 0x68, 0x74, 0x74, 0x70, 0x5f, 0x6d, 0x65, 0x73, 0x73, 0x61, 0x67, 0x65, 0x18, 0x07,
+	0x20, 0x01, 0x28, 0x0b, 0x32, 0x1a, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72,
+	0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x42, 0x6f, 0x6f, 0x6c, 0x56, 0x61, 0x6c, 0x75, 0x65,
+	0x52, 0x27, 0x6f, 0x76, 0x65, 0x72, 0x72, 0x69, 0x64, 0x65, 0x53, 0x74, 0x72, 0x65, 0x61, 0x6d,
+	0x45, 0x72, 0x72, 0x6f, 0x72, 0x4f, 0x6e, 0x49, 0x6e, 0x76, 0x61, 0x6c, 0x69, 0x64, 0x48, 0x74,
+	0x74, 0x70, 0x4d, 0x65, 0x73, 0x73, 0x61, 0x67, 0x65, 0x1a, 0x9f, 0x03, 0x0a, 0x0f, 0x48, 0x65,
+	0x61, 0x64, 0x65, 0x72, 0x4b, 0x65, 0x79, 0x46, 0x6f, 0x72, 0x6d, 0x61, 0x74, 0x12, 0x78, 0x0a,
+	0x11, 0x70, 0x72, 0x6f, 0x70, 0x65, 0x72, 0x5f, 0x63, 0x61, 0x73, 0x65, 0x5f, 0x77, 0x6f, 0x72,
+	0x64, 0x73, 0x18, 0x01, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x4a, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79,
+	0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x63, 0x6f, 0x72, 0x65, 0x2e, 0x76, 0x33, 0x2e,
+	0x48, 0x74, 0x74, 0x70, 0x31, 0x50, 0x72, 0x6f, 0x74, 0x6f, 0x63, 0x6f, 0x6c, 0x4f, 0x70, 0x74,
+	0x69, 0x6f, 0x6e, 0x73, 0x2e, 0x48, 0x65, 0x61, 0x64, 0x65, 0x72, 0x4b, 0x65, 0x79, 0x46, 0x6f,
+	0x72, 0x6d, 0x61, 0x74, 0x2e, 0x50, 0x72, 0x6f, 0x70, 0x65, 0x72, 0x43, 0x61, 0x73, 0x65, 0x57,
+	0x6f, 0x72, 0x64, 0x73, 0x48, 0x00, 0x52, 0x0f, 0x70, 0x72, 0x6f, 0x70, 0x65, 0x72, 0x43, 0x61,
+	0x73, 0x65, 0x57, 0x6f, 0x72, 0x64, 0x73, 0x12, 0x5b, 0x0a, 0x12, 0x73, 0x74, 0x61, 0x74, 0x65,
+	0x66, 0x75, 0x6c, 0x5f, 0x66, 0x6f, 0x72, 0x6d, 0x61, 0x74, 0x74, 0x65, 0x72, 0x18, 0x08, 0x20,
+	0x01, 0x28, 0x0b, 0x32, 0x2a, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66,
+	0x69, 0x67, 0x2e, 0x63, 0x6f, 0x72, 0x65, 0x2e, 0x76, 0x33, 0x2e, 0x54, 0x79, 0x70, 0x65, 0x64,
+	0x45, 0x78, 0x74, 0x65, 0x6e, 0x73, 0x69, 0x6f, 0x6e, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x48,
+	0x00, 0x52, 0x11, 0x73, 0x74, 0x61, 0x74, 0x65, 0x66, 0x75, 0x6c, 0x46, 0x6f, 0x72, 0x6d, 0x61,
+	0x74, 0x74, 0x65, 0x72, 0x1a, 0x60, 0x0a, 0x0f, 0x50, 0x72, 0x6f, 0x70, 0x65, 0x72, 0x43, 0x61,
+	0x73, 0x65, 0x57, 0x6f, 0x72, 0x64, 0x73, 0x3a, 0x4d, 0x9a, 0xc5, 0x88, 0x1e, 0x48, 0x0a, 0x46,
+	0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x76, 0x32, 0x2e, 0x63, 0x6f, 0x72,
+	0x65, 0x2e, 0x48, 0x74, 0x74, 0x70, 0x31, 0x50, 0x72, 0x6f, 0x74, 0x6f, 0x63, 0x6f, 0x6c, 0x4f,
+	0x70, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x2e, 0x48, 0x65, 0x61, 0x64, 0x65, 0x72, 0x4b, 0x65, 0x79,
+	0x46, 0x6f, 0x72, 0x6d, 0x61, 0x74, 0x2e, 0x50, 0x72, 0x6f, 0x70, 0x65, 0x72, 0x43, 0x61, 0x73,
+	0x65, 0x57, 0x6f, 0x72, 0x64, 0x73, 0x3a, 0x3d, 0x9a, 0xc5, 0x88, 0x1e, 0x38, 0x0a, 0x36, 0x65,
+	0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x76, 0x32, 0x2e, 0x63, 0x6f, 0x72, 0x65,
+	0x2e, 0x48, 0x74, 0x74, 0x70, 0x31, 0x50, 0x72, 0x6f, 0x74, 0x6f, 0x63, 0x6f, 0x6c, 0x4f, 0x70,
+	0x74, 0x69, 0x6f, 0x6e, 0x73, 0x2e, 0x48, 0x65, 0x61, 0x64, 0x65, 0x72, 0x4b, 0x65, 0x79, 0x46,
+	0x6f, 0x72, 0x6d, 0x61, 0x74, 0x42, 0x14, 0x0a, 0x0d, 0x68, 0x65, 0x61, 0x64, 0x65, 0x72, 0x5f,
+	0x66, 0x6f, 0x72, 0x6d, 0x61, 0x74, 0x12, 0x03, 0xf8, 0x42, 0x01, 0x3a, 0x2d, 0x9a, 0xc5, 0x88,
+	0x1e, 0x28, 0x0a, 0x26, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x76, 0x32,
+	0x2e, 0x63, 0x6f, 0x72, 0x65, 0x2e, 0x48, 0x74, 0x74, 0x70, 0x31, 0x50, 0x72, 0x6f, 0x74, 0x6f,
+	0x63, 0x6f, 0x6c, 0x4f, 0x70, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x22, 0xc1, 0x02, 0x0a, 0x11, 0x4b,
+	0x65, 0x65, 0x70, 0x61, 0x6c, 0x69, 0x76, 0x65, 0x53, 0x65, 0x74, 0x74, 0x69, 0x6e, 0x67, 0x73,
+	0x12, 0x43, 0x0a, 0x08, 0x69, 0x6e, 0x74, 0x65, 0x72, 0x76, 0x61, 0x6c, 0x18, 0x01, 0x20, 0x01,
+	0x28, 0x0b, 0x32, 0x19, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74,
+	0x6f, 0x62, 0x75, 0x66, 0x2e, 0x44, 0x75, 0x72, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x42, 0x0c, 0xfa,
+	0x42, 0x09, 0xaa, 0x01, 0x06, 0x32, 0x04, 0x10, 0xc0, 0x84, 0x3d, 0x52, 0x08, 0x69, 0x6e, 0x74,
+	0x65, 0x72, 0x76, 0x61, 0x6c, 0x12, 0x43, 0x0a, 0x07, 0x74, 0x69, 0x6d, 0x65, 0x6f, 0x75, 0x74,
+	0x18, 0x02, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x19, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e,
+	0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x44, 0x75, 0x72, 0x61, 0x74, 0x69, 0x6f,
+	0x6e, 0x42, 0x0e, 0xfa, 0x42, 0x0b, 0xaa, 0x01, 0x08, 0x08, 0x01, 0x32, 0x04, 0x10, 0xc0, 0x84,
+	0x3d, 0x52, 0x07, 0x74, 0x69, 0x6d, 0x65, 0x6f, 0x75, 0x74, 0x12, 0x3f, 0x0a, 0x0f, 0x69, 0x6e,
+	0x74, 0x65, 0x72, 0x76, 0x61, 0x6c, 0x5f, 0x6a, 0x69, 0x74, 0x74, 0x65, 0x72, 0x18, 0x03, 0x20,
+	0x01, 0x28, 0x0b, 0x32, 0x16, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x74, 0x79, 0x70, 0x65,
+	0x2e, 0x76, 0x33, 0x2e, 0x50, 0x65, 0x72, 0x63, 0x65, 0x6e, 0x74, 0x52, 0x0e, 0x69, 0x6e, 0x74,
+	0x65, 0x72, 0x76, 0x61, 0x6c, 0x4a, 0x69, 0x74, 0x74, 0x65, 0x72, 0x12, 0x61, 0x0a, 0x18, 0x63,
+	0x6f, 0x6e, 0x6e, 0x65, 0x63, 0x74, 0x69, 0x6f, 0x6e, 0x5f, 0x69, 0x64, 0x6c, 0x65, 0x5f, 0x69,
+	0x6e, 0x74, 0x65, 0x72, 0x76, 0x61, 0x6c, 0x18, 0x04, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x19, 0x2e,
+	0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e,
+	0x44, 0x75, 0x72, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x42, 0x0c, 0xfa, 0x42, 0x09, 0xaa, 0x01, 0x06,
+	0x32, 0x04, 0x10, 0xc0, 0x84, 0x3d, 0x52, 0x16, 0x63, 0x6f, 0x6e, 0x6e, 0x65, 0x63, 0x74, 0x69,
+	0x6f, 0x6e, 0x49, 0x64, 0x6c, 0x65, 0x49, 0x6e, 0x74, 0x65, 0x72, 0x76, 0x61, 0x6c, 0x22, 0x81,
+	0x0e, 0x0a, 0x14, 0x48, 0x74, 0x74, 0x70, 0x32, 0x50, 0x72, 0x6f, 0x74, 0x6f, 0x63, 0x6f, 0x6c,
+	0x4f, 0x70, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x12, 0x46, 0x0a, 0x10, 0x68, 0x70, 0x61, 0x63, 0x6b,
+	0x5f, 0x74, 0x61, 0x62, 0x6c, 0x65, 0x5f, 0x73, 0x69, 0x7a, 0x65, 0x18, 0x01, 0x20, 0x01, 0x28,
+	0x0b, 0x32, 0x1c, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f,
+	0x62, 0x75, 0x66, 0x2e, 0x55, 0x49, 0x6e, 0x74, 0x33, 0x32, 0x56, 0x61, 0x6c, 0x75, 0x65, 0x52,
+	0x0e, 0x68, 0x70, 0x61, 0x63, 0x6b, 0x54, 0x61, 0x62, 0x6c, 0x65, 0x53, 0x69, 0x7a, 0x65, 0x12,
+	0x61, 0x0a, 0x16, 0x6d, 0x61, 0x78, 0x5f, 0x63, 0x6f, 0x6e, 0x63, 0x75, 0x72, 0x72, 0x65, 0x6e,
+	0x74, 0x5f, 0x73, 0x74, 0x72, 0x65, 0x61, 0x6d, 0x73, 0x18, 0x02, 0x20, 0x01, 0x28, 0x0b, 0x32,
+	0x1c, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75,
+	0x66, 0x2e, 0x55, 0x49, 0x6e, 0x74, 0x33, 0x32, 0x56, 0x61, 0x6c, 0x75, 0x65, 0x42, 0x0d, 0xfa,
+	0x42, 0x0a, 0x2a, 0x08, 0x18, 0xff, 0xff, 0xff, 0xff, 0x07, 0x28, 0x01, 0x52, 0x14, 0x6d, 0x61,
+	0x78, 0x43, 0x6f, 0x6e, 0x63, 0x75, 0x72, 0x72, 0x65, 0x6e, 0x74, 0x53, 0x74, 0x72, 0x65, 0x61,
+	0x6d, 0x73, 0x12, 0x6a, 0x0a, 0x1a, 0x69, 0x6e, 0x69, 0x74, 0x69, 0x61, 0x6c, 0x5f, 0x73, 0x74,
+	0x72, 0x65, 0x61, 0x6d, 0x5f, 0x77, 0x69, 0x6e, 0x64, 0x6f, 0x77, 0x5f, 0x73, 0x69, 0x7a, 0x65,
+	0x18, 0x03, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1c, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e,
+	0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x55, 0x49, 0x6e, 0x74, 0x33, 0x32, 0x56,
+	0x61, 0x6c, 0x75, 0x65, 0x42, 0x0f, 0xfa, 0x42, 0x0c, 0x2a, 0x0a, 0x18, 0xff, 0xff, 0xff, 0xff,
+	0x07, 0x28, 0xff, 0xff, 0x03, 0x52, 0x17, 0x69, 0x6e, 0x69, 0x74, 0x69, 0x61, 0x6c, 0x53, 0x74,
+	0x72, 0x65, 0x61, 0x6d, 0x57, 0x69, 0x6e, 0x64, 0x6f, 0x77, 0x53, 0x69, 0x7a, 0x65, 0x12, 0x72,
+	0x0a, 0x1e, 0x69, 0x6e, 0x69, 0x74, 0x69, 0x61, 0x6c, 0x5f, 0x63, 0x6f, 0x6e, 0x6e, 0x65, 0x63,
+	0x74, 0x69, 0x6f, 0x6e, 0x5f, 0x77, 0x69, 0x6e, 0x64, 0x6f, 0x77, 0x5f, 0x73, 0x69, 0x7a, 0x65,
+	0x18, 0x04, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1c, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e,
+	0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x55, 0x49, 0x6e, 0x74, 0x33, 0x32, 0x56,
+	0x61, 0x6c, 0x75, 0x65, 0x42, 0x0f, 0xfa, 0x42, 0x0c, 0x2a, 0x0a, 0x18, 0xff, 0xff, 0xff, 0xff,
+	0x07, 0x28, 0xff, 0xff, 0x03, 0x52, 0x1b, 0x69, 0x6e, 0x69, 0x74, 0x69, 0x61, 0x6c, 0x43, 0x6f,
+	0x6e, 0x6e, 0x65, 0x63, 0x74, 0x69, 0x6f, 0x6e, 0x57, 0x69, 0x6e, 0x64, 0x6f, 0x77, 0x53, 0x69,
+	0x7a, 0x65, 0x12, 0x23, 0x0a, 0x0d, 0x61, 0x6c, 0x6c, 0x6f, 0x77, 0x5f, 0x63, 0x6f, 0x6e, 0x6e,
+	0x65, 0x63, 0x74, 0x18, 0x05, 0x20, 0x01, 0x28, 0x08, 0x52, 0x0c, 0x61, 0x6c, 0x6c, 0x6f, 0x77,
+	0x43, 0x6f, 0x6e, 0x6e, 0x65, 0x63, 0x74, 0x12, 0x25, 0x0a, 0x0e, 0x61, 0x6c, 0x6c, 0x6f, 0x77,
+	0x5f, 0x6d, 0x65, 0x74, 0x61, 0x64, 0x61, 0x74, 0x61, 0x18, 0x06, 0x20, 0x01, 0x28, 0x08, 0x52,
+	0x0d, 0x61, 0x6c, 0x6c, 0x6f, 0x77, 0x4d, 0x65, 0x74, 0x61, 0x64, 0x61, 0x74, 0x61, 0x12, 0x55,
+	0x0a, 0x13, 0x6d, 0x61, 0x78, 0x5f, 0x6f, 0x75, 0x74, 0x62, 0x6f, 0x75, 0x6e, 0x64, 0x5f, 0x66,
+	0x72, 0x61, 0x6d, 0x65, 0x73, 0x18, 0x07, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1c, 0x2e, 0x67, 0x6f,
+	0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x55, 0x49,
+	0x6e, 0x74, 0x33, 0x32, 0x56, 0x61, 0x6c, 0x75, 0x65, 0x42, 0x07, 0xfa, 0x42, 0x04, 0x2a, 0x02,
+	0x28, 0x01, 0x52, 0x11, 0x6d, 0x61, 0x78, 0x4f, 0x75, 0x74, 0x62, 0x6f, 0x75, 0x6e, 0x64, 0x46,
+	0x72, 0x61, 0x6d, 0x65, 0x73, 0x12, 0x64, 0x0a, 0x1b, 0x6d, 0x61, 0x78, 0x5f, 0x6f, 0x75, 0x74,
+	0x62, 0x6f, 0x75, 0x6e, 0x64, 0x5f, 0x63, 0x6f, 0x6e, 0x74, 0x72, 0x6f, 0x6c, 0x5f, 0x66, 0x72,
+	0x61, 0x6d, 0x65, 0x73, 0x18, 0x08, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1c, 0x2e, 0x67, 0x6f, 0x6f,
+	0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x55, 0x49, 0x6e,
+	0x74, 0x33, 0x32, 0x56, 0x61, 0x6c, 0x75, 0x65, 0x42, 0x07, 0xfa, 0x42, 0x04, 0x2a, 0x02, 0x28,
+	0x01, 0x52, 0x18, 0x6d, 0x61, 0x78, 0x4f, 0x75, 0x74, 0x62, 0x6f, 0x75, 0x6e, 0x64, 0x43, 0x6f,
+	0x6e, 0x74, 0x72, 0x6f, 0x6c, 0x46, 0x72, 0x61, 0x6d, 0x65, 0x73, 0x12, 0x84, 0x01, 0x0a, 0x31,
+	0x6d, 0x61, 0x78, 0x5f, 0x63, 0x6f, 0x6e, 0x73, 0x65, 0x63, 0x75, 0x74, 0x69, 0x76, 0x65, 0x5f,
+	0x69, 0x6e, 0x62, 0x6f, 0x75, 0x6e, 0x64, 0x5f, 0x66, 0x72, 0x61, 0x6d, 0x65, 0x73, 0x5f, 0x77,
+	0x69, 0x74, 0x68, 0x5f, 0x65, 0x6d, 0x70, 0x74, 0x79, 0x5f, 0x70, 0x61, 0x79, 0x6c, 0x6f, 0x61,
+	0x64, 0x18, 0x09, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1c, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65,
+	0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x55, 0x49, 0x6e, 0x74, 0x33, 0x32,
+	0x56, 0x61, 0x6c, 0x75, 0x65, 0x52, 0x2b, 0x6d, 0x61, 0x78, 0x43, 0x6f, 0x6e, 0x73, 0x65, 0x63,
+	0x75, 0x74, 0x69, 0x76, 0x65, 0x49, 0x6e, 0x62, 0x6f, 0x75, 0x6e, 0x64, 0x46, 0x72, 0x61, 0x6d,
+	0x65, 0x73, 0x57, 0x69, 0x74, 0x68, 0x45, 0x6d, 0x70, 0x74, 0x79, 0x50, 0x61, 0x79, 0x6c, 0x6f,
+	0x61, 0x64, 0x12, 0x6f, 0x0a, 0x26, 0x6d, 0x61, 0x78, 0x5f, 0x69, 0x6e, 0x62, 0x6f, 0x75, 0x6e,
+	0x64, 0x5f, 0x70, 0x72, 0x69, 0x6f, 0x72, 0x69, 0x74, 0x79, 0x5f, 0x66, 0x72, 0x61, 0x6d, 0x65,
+	0x73, 0x5f, 0x70, 0x65, 0x72, 0x5f, 0x73, 0x74, 0x72, 0x65, 0x61, 0x6d, 0x18, 0x0a, 0x20, 0x01,
+	0x28, 0x0b, 0x32, 0x1c, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74,
+	0x6f, 0x62, 0x75, 0x66, 0x2e, 0x55, 0x49, 0x6e, 0x74, 0x33, 0x32, 0x56, 0x61, 0x6c, 0x75, 0x65,
+	0x52, 0x21, 0x6d, 0x61, 0x78, 0x49, 0x6e, 0x62, 0x6f, 0x75, 0x6e, 0x64, 0x50, 0x72, 0x69, 0x6f,
+	0x72, 0x69, 0x74, 0x79, 0x46, 0x72, 0x61, 0x6d, 0x65, 0x73, 0x50, 0x65, 0x72, 0x53, 0x74, 0x72,
+	0x65, 0x61, 0x6d, 0x12, 0x91, 0x01, 0x0a, 0x34, 0x6d, 0x61, 0x78, 0x5f, 0x69, 0x6e, 0x62, 0x6f,
+	0x75, 0x6e, 0x64, 0x5f, 0x77, 0x69, 0x6e, 0x64, 0x6f, 0x77, 0x5f, 0x75, 0x70, 0x64, 0x61, 0x74,
+	0x65, 0x5f, 0x66, 0x72, 0x61, 0x6d, 0x65, 0x73, 0x5f, 0x70, 0x65, 0x72, 0x5f, 0x64, 0x61, 0x74,
+	0x61, 0x5f, 0x66, 0x72, 0x61, 0x6d, 0x65, 0x5f, 0x73, 0x65, 0x6e, 0x74, 0x18, 0x0b, 0x20, 0x01,
+	0x28, 0x0b, 0x32, 0x1c, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74,
+	0x6f, 0x62, 0x75, 0x66, 0x2e, 0x55, 0x49, 0x6e, 0x74, 0x33, 0x32, 0x56, 0x61, 0x6c, 0x75, 0x65,
+	0x42, 0x07, 0xfa, 0x42, 0x04, 0x2a, 0x02, 0x28, 0x01, 0x52, 0x2c, 0x6d, 0x61, 0x78, 0x49, 0x6e,
+	0x62, 0x6f, 0x75, 0x6e, 0x64, 0x57, 0x69, 0x6e, 0x64, 0x6f, 0x77, 0x55, 0x70, 0x64, 0x61, 0x74,
+	0x65, 0x46, 0x72, 0x61, 0x6d, 0x65, 0x73, 0x50, 0x65, 0x72, 0x44, 0x61, 0x74, 0x61, 0x46, 0x72,
+	0x61, 0x6d, 0x65, 0x53, 0x65, 0x6e, 0x74, 0x12, 0x5e, 0x0a, 0x26, 0x73, 0x74, 0x72, 0x65, 0x61,
+	0x6d, 0x5f, 0x65, 0x72, 0x72, 0x6f, 0x72, 0x5f, 0x6f, 0x6e, 0x5f, 0x69, 0x6e, 0x76, 0x61, 0x6c,
+	0x69, 0x64, 0x5f, 0x68, 0x74, 0x74, 0x70, 0x5f, 0x6d, 0x65, 0x73, 0x73, 0x61, 0x67, 0x69, 0x6e,
+	0x67, 0x18, 0x0c, 0x20, 0x01, 0x28, 0x08, 0x42, 0x0b, 0x18, 0x01, 0x92, 0xc7, 0x86, 0xd8, 0x04,
+	0x03, 0x33, 0x2e, 0x30, 0x52, 0x21, 0x73, 0x74, 0x72, 0x65, 0x61, 0x6d, 0x45, 0x72, 0x72, 0x6f,
+	0x72, 0x4f, 0x6e, 0x49, 0x6e, 0x76, 0x61, 0x6c, 0x69, 0x64, 0x48, 0x74, 0x74, 0x70, 0x4d, 0x65,
+	0x73, 0x73, 0x61, 0x67, 0x69, 0x6e, 0x67, 0x12, 0x7a, 0x0a, 0x2d, 0x6f, 0x76, 0x65, 0x72, 0x72,
+	0x69, 0x64, 0x65, 0x5f, 0x73, 0x74, 0x72, 0x65, 0x61, 0x6d, 0x5f, 0x65, 0x72, 0x72, 0x6f, 0x72,
+	0x5f, 0x6f, 0x6e, 0x5f, 0x69, 0x6e, 0x76, 0x61, 0x6c, 0x69, 0x64, 0x5f, 0x68, 0x74, 0x74, 0x70,
+	0x5f, 0x6d, 0x65, 0x73, 0x73, 0x61, 0x67, 0x65, 0x18, 0x0e, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1a,
+	0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66,
+	0x2e, 0x42, 0x6f, 0x6f, 0x6c, 0x56, 0x61, 0x6c, 0x75, 0x65, 0x52, 0x27, 0x6f, 0x76, 0x65, 0x72,
+	0x72, 0x69, 0x64, 0x65, 0x53, 0x74, 0x72, 0x65, 0x61, 0x6d, 0x45, 0x72, 0x72, 0x6f, 0x72, 0x4f,
+	0x6e, 0x49, 0x6e, 0x76, 0x61, 0x6c, 0x69, 0x64, 0x48, 0x74, 0x74, 0x70, 0x4d, 0x65, 0x73, 0x73,
+	0x61, 0x67, 0x65, 0x12, 0x7a, 0x0a, 0x1a, 0x63, 0x75, 0x73, 0x74, 0x6f, 0x6d, 0x5f, 0x73, 0x65,
+	0x74, 0x74, 0x69, 0x6e, 0x67, 0x73, 0x5f, 0x70, 0x61, 0x72, 0x61, 0x6d, 0x65, 0x74, 0x65, 0x72,
+	0x73, 0x18, 0x0d, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x3c, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e,
+	0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x63, 0x6f, 0x72, 0x65, 0x2e, 0x76, 0x33, 0x2e, 0x48,
+	0x74, 0x74, 0x70, 0x32, 0x50, 0x72, 0x6f, 0x74, 0x6f, 0x63, 0x6f, 0x6c, 0x4f, 0x70, 0x74, 0x69,
+	0x6f, 0x6e, 0x73, 0x2e, 0x53, 0x65, 0x74, 0x74, 0x69, 0x6e, 0x67, 0x73, 0x50, 0x61, 0x72, 0x61,
+	0x6d, 0x65, 0x74, 0x65, 0x72, 0x52, 0x18, 0x63, 0x75, 0x73, 0x74, 0x6f, 0x6d, 0x53, 0x65, 0x74,
+	0x74, 0x69, 0x6e, 0x67, 0x73, 0x50, 0x61, 0x72, 0x61, 0x6d, 0x65, 0x74, 0x65, 0x72, 0x73, 0x12,
+	0x5a, 0x0a, 0x14, 0x63, 0x6f, 0x6e, 0x6e, 0x65, 0x63, 0x74, 0x69, 0x6f, 0x6e, 0x5f, 0x6b, 0x65,
+	0x65, 0x70, 0x61, 0x6c, 0x69, 0x76, 0x65, 0x18, 0x0f, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x27, 0x2e,
+	0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x63, 0x6f, 0x72,
+	0x65, 0x2e, 0x76, 0x33, 0x2e, 0x4b, 0x65, 0x65, 0x70, 0x61, 0x6c, 0x69, 0x76, 0x65, 0x53, 0x65,
+	0x74, 0x74, 0x69, 0x6e, 0x67, 0x73, 0x52, 0x13, 0x63, 0x6f, 0x6e, 0x6e, 0x65, 0x63, 0x74, 0x69,
+	0x6f, 0x6e, 0x4b, 0x65, 0x65, 0x70, 0x61, 0x6c, 0x69, 0x76, 0x65, 0x1a, 0xe5, 0x01, 0x0a, 0x11,
+	0x53, 0x65, 0x74, 0x74, 0x69, 0x6e, 0x67, 0x73, 0x50, 0x61, 0x72, 0x61, 0x6d, 0x65, 0x74, 0x65,
+	0x72, 0x12, 0x51, 0x0a, 0x0a, 0x69, 0x64, 0x65, 0x6e, 0x74, 0x69, 0x66, 0x69, 0x65, 0x72, 0x18,
+	0x01, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1c, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70,
+	0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x55, 0x49, 0x6e, 0x74, 0x33, 0x32, 0x56, 0x61,
+	0x6c, 0x75, 0x65, 0x42, 0x13, 0xfa, 0x42, 0x08, 0x2a, 0x06, 0x18, 0xff, 0xff, 0x03, 0x28, 0x00,
+	0xfa, 0x42, 0x05, 0x8a, 0x01, 0x02, 0x10, 0x01, 0x52, 0x0a, 0x69, 0x64, 0x65, 0x6e, 0x74, 0x69,
+	0x66, 0x69, 0x65, 0x72, 0x12, 0x3c, 0x0a, 0x05, 0x76, 0x61, 0x6c, 0x75, 0x65, 0x18, 0x02, 0x20,
+	0x01, 0x28, 0x0b, 0x32, 0x1c, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f,
+	0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x55, 0x49, 0x6e, 0x74, 0x33, 0x32, 0x56, 0x61, 0x6c, 0x75,
+	0x65, 0x42, 0x08, 0xfa, 0x42, 0x05, 0x8a, 0x01, 0x02, 0x10, 0x01, 0x52, 0x05, 0x76, 0x61, 0x6c,
+	0x75, 0x65, 0x3a, 0x3f, 0x9a, 0xc5, 0x88, 0x1e, 0x3a, 0x0a, 0x38, 0x65, 0x6e, 0x76, 0x6f, 0x79,
+	0x2e, 0x61, 0x70, 0x69, 0x2e, 0x76, 0x32, 0x2e, 0x63, 0x6f, 0x72, 0x65, 0x2e, 0x48, 0x74, 0x74,
+	0x70, 0x32, 0x50, 0x72, 0x6f, 0x74, 0x6f, 0x63, 0x6f, 0x6c, 0x4f, 0x70, 0x74, 0x69, 0x6f, 0x6e,
+	0x73, 0x2e, 0x53, 0x65, 0x74, 0x74, 0x69, 0x6e, 0x67, 0x73, 0x50, 0x61, 0x72, 0x61, 0x6d, 0x65,
+	0x74, 0x65, 0x72, 0x3a, 0x2d, 0x9a, 0xc5, 0x88, 0x1e, 0x28, 0x0a, 0x26, 0x65, 0x6e, 0x76, 0x6f,
+	0x79, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x76, 0x32, 0x2e, 0x63, 0x6f, 0x72, 0x65, 0x2e, 0x48, 0x74,
+	0x74, 0x70, 0x32, 0x50, 0x72, 0x6f, 0x74, 0x6f, 0x63, 0x6f, 0x6c, 0x4f, 0x70, 0x74, 0x69, 0x6f,
+	0x6e, 0x73, 0x22, 0xa5, 0x01, 0x0a, 0x13, 0x47, 0x72, 0x70, 0x63, 0x50, 0x72, 0x6f, 0x74, 0x6f,
+	0x63, 0x6f, 0x6c, 0x4f, 0x70, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x12, 0x60, 0x0a, 0x16, 0x68, 0x74,
+	0x74, 0x70, 0x32, 0x5f, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x63, 0x6f, 0x6c, 0x5f, 0x6f, 0x70, 0x74,
+	0x69, 0x6f, 0x6e, 0x73, 0x18, 0x01, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x2a, 0x2e, 0x65, 0x6e, 0x76,
+	0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x63, 0x6f, 0x72, 0x65, 0x2e, 0x76,
+	0x33, 0x2e, 0x48, 0x74, 0x74, 0x70, 0x32, 0x50, 0x72, 0x6f, 0x74, 0x6f, 0x63, 0x6f, 0x6c, 0x4f,
+	0x70, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x52, 0x14, 0x68, 0x74, 0x74, 0x70, 0x32, 0x50, 0x72, 0x6f,
+	0x74, 0x6f, 0x63, 0x6f, 0x6c, 0x4f, 0x70, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x3a, 0x2c, 0x9a, 0xc5,
+	0x88, 0x1e, 0x27, 0x0a, 0x25, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x76,
+	0x32, 0x2e, 0x63, 0x6f, 0x72, 0x65, 0x2e, 0x47, 0x72, 0x70, 0x63, 0x50, 0x72, 0x6f, 0x74, 0x6f,
+	0x63, 0x6f, 0x6c, 0x4f, 0x70, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x22, 0xb1, 0x02, 0x0a, 0x14, 0x48,
+	0x74, 0x74, 0x70, 0x33, 0x50, 0x72, 0x6f, 0x74, 0x6f, 0x63, 0x6f, 0x6c, 0x4f, 0x70, 0x74, 0x69,
+	0x6f, 0x6e, 0x73, 0x12, 0x5d, 0x0a, 0x15, 0x71, 0x75, 0x69, 0x63, 0x5f, 0x70, 0x72, 0x6f, 0x74,
+	0x6f, 0x63, 0x6f, 0x6c, 0x5f, 0x6f, 0x70, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x18, 0x01, 0x20, 0x01,
+	0x28, 0x0b, 0x32, 0x29, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69,
+	0x67, 0x2e, 0x63, 0x6f, 0x72, 0x65, 0x2e, 0x76, 0x33, 0x2e, 0x51, 0x75, 0x69, 0x63, 0x50, 0x72,
+	0x6f, 0x74, 0x6f, 0x63, 0x6f, 0x6c, 0x4f, 0x70, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x52, 0x13, 0x71,
+	0x75, 0x69, 0x63, 0x50, 0x72, 0x6f, 0x74, 0x6f, 0x63, 0x6f, 0x6c, 0x4f, 0x70, 0x74, 0x69, 0x6f,
+	0x6e, 0x73, 0x12, 0x7a, 0x0a, 0x2d, 0x6f, 0x76, 0x65, 0x72, 0x72, 0x69, 0x64, 0x65, 0x5f, 0x73,
+	0x74, 0x72, 0x65, 0x61, 0x6d, 0x5f, 0x65, 0x72, 0x72, 0x6f, 0x72, 0x5f, 0x6f, 0x6e, 0x5f, 0x69,
+	0x6e, 0x76, 0x61, 0x6c, 0x69, 0x64, 0x5f, 0x68, 0x74, 0x74, 0x70, 0x5f, 0x6d, 0x65, 0x73, 0x73,
+	0x61, 0x67, 0x65, 0x18, 0x02, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1a, 0x2e, 0x67, 0x6f, 0x6f, 0x67,
+	0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x42, 0x6f, 0x6f, 0x6c,
+	0x56, 0x61, 0x6c, 0x75, 0x65, 0x52, 0x27, 0x6f, 0x76, 0x65, 0x72, 0x72, 0x69, 0x64, 0x65, 0x53,
+	0x74, 0x72, 0x65, 0x61, 0x6d, 0x45, 0x72, 0x72, 0x6f, 0x72, 0x4f, 0x6e, 0x49, 0x6e, 0x76, 0x61,
+	0x6c, 0x69, 0x64, 0x48, 0x74, 0x74, 0x70, 0x4d, 0x65, 0x73, 0x73, 0x61, 0x67, 0x65, 0x12, 0x3e,
+	0x0a, 0x16, 0x61, 0x6c, 0x6c, 0x6f, 0x77, 0x5f, 0x65, 0x78, 0x74, 0x65, 0x6e, 0x64, 0x65, 0x64,
+	0x5f, 0x63, 0x6f, 0x6e, 0x6e, 0x65, 0x63, 0x74, 0x18, 0x05, 0x20, 0x01, 0x28, 0x08, 0x42, 0x08,
+	0xd2, 0xc6, 0xa4, 0xe1, 0x06, 0x02, 0x08, 0x01, 0x52, 0x14, 0x61, 0x6c, 0x6c, 0x6f, 0x77, 0x45,
+	0x78, 0x74, 0x65, 0x6e, 0x64, 0x65, 0x64, 0x43, 0x6f, 0x6e, 0x6e, 0x65, 0x63, 0x74, 0x22, 0x74,
+	0x0a, 0x1a, 0x53, 0x63, 0x68, 0x65, 0x6d, 0x65, 0x48, 0x65, 0x61, 0x64, 0x65, 0x72, 0x54, 0x72,
+	0x61, 0x6e, 0x73, 0x66, 0x6f, 0x72, 0x6d, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x12, 0x44, 0x0a, 0x13,
+	0x73, 0x63, 0x68, 0x65, 0x6d, 0x65, 0x5f, 0x74, 0x6f, 0x5f, 0x6f, 0x76, 0x65, 0x72, 0x77, 0x72,
+	0x69, 0x74, 0x65, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x42, 0x12, 0xfa, 0x42, 0x0f, 0x72, 0x0d,
+	0x52, 0x04, 0x68, 0x74, 0x74, 0x70, 0x52, 0x05, 0x68, 0x74, 0x74, 0x70, 0x73, 0x48, 0x00, 0x52,
+	0x11, 0x73, 0x63, 0x68, 0x65, 0x6d, 0x65, 0x54, 0x6f, 0x4f, 0x76, 0x65, 0x72, 0x77, 0x72, 0x69,
+	0x74, 0x65, 0x42, 0x10, 0x0a, 0x0e, 0x74, 0x72, 0x61, 0x6e, 0x73, 0x66, 0x6f, 0x72, 0x6d, 0x61,
+	0x74, 0x69, 0x6f, 0x6e, 0x42, 0x3d, 0x0a, 0x22, 0x69, 0x6f, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79,
+	0x70, 0x72, 0x6f, 0x78, 0x79, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66,
+	0x69, 0x67, 0x2e, 0x63, 0x6f, 0x72, 0x65, 0x2e, 0x76, 0x33, 0x42, 0x0d, 0x50, 0x72, 0x6f, 0x74,
+	0x6f, 0x63, 0x6f, 0x6c, 0x50, 0x72, 0x6f, 0x74, 0x6f, 0x50, 0x01, 0xba, 0x80, 0xc8, 0xd1, 0x06,
+	0x02, 0x10, 0x02, 0x62, 0x06, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x33,
+}
+
+var (
+	file_envoy_config_core_v3_protocol_proto_rawDescOnce sync.Once
+	file_envoy_config_core_v3_protocol_proto_rawDescData = file_envoy_config_core_v3_protocol_proto_rawDesc
+)
+
+func file_envoy_config_core_v3_protocol_proto_rawDescGZIP() []byte {
+	file_envoy_config_core_v3_protocol_proto_rawDescOnce.Do(func() {
+		file_envoy_config_core_v3_protocol_proto_rawDescData = protoimpl.X.CompressGZIP(file_envoy_config_core_v3_protocol_proto_rawDescData)
+	})
+	return file_envoy_config_core_v3_protocol_proto_rawDescData
+}
+
+var file_envoy_config_core_v3_protocol_proto_enumTypes = make([]protoimpl.EnumInfo, 1)
+var file_envoy_config_core_v3_protocol_proto_msgTypes = make([]protoimpl.MessageInfo, 15)
+var file_envoy_config_core_v3_protocol_proto_goTypes = []interface{}{
+	(HttpProtocolOptions_HeadersWithUnderscoresAction)(0),        // 0: envoy.config.core.v3.HttpProtocolOptions.HeadersWithUnderscoresAction
+	(*TcpProtocolOptions)(nil),                                   // 1: envoy.config.core.v3.TcpProtocolOptions
+	(*QuicKeepAliveSettings)(nil),                                // 2: envoy.config.core.v3.QuicKeepAliveSettings
+	(*QuicProtocolOptions)(nil),                                  // 3: envoy.config.core.v3.QuicProtocolOptions
+	(*UpstreamHttpProtocolOptions)(nil),                          // 4: envoy.config.core.v3.UpstreamHttpProtocolOptions
+	(*AlternateProtocolsCacheOptions)(nil),                       // 5: envoy.config.core.v3.AlternateProtocolsCacheOptions
+	(*HttpProtocolOptions)(nil),                                  // 6: envoy.config.core.v3.HttpProtocolOptions
+	(*Http1ProtocolOptions)(nil),                                 // 7: envoy.config.core.v3.Http1ProtocolOptions
+	(*KeepaliveSettings)(nil),                                    // 8: envoy.config.core.v3.KeepaliveSettings
+	(*Http2ProtocolOptions)(nil),                                 // 9: envoy.config.core.v3.Http2ProtocolOptions
+	(*GrpcProtocolOptions)(nil),                                  // 10: envoy.config.core.v3.GrpcProtocolOptions
+	(*Http3ProtocolOptions)(nil),                                 // 11: envoy.config.core.v3.Http3ProtocolOptions
+	(*SchemeHeaderTransformation)(nil),                           // 12: envoy.config.core.v3.SchemeHeaderTransformation
+	(*Http1ProtocolOptions_HeaderKeyFormat)(nil),                 // 13: envoy.config.core.v3.Http1ProtocolOptions.HeaderKeyFormat
+	(*Http1ProtocolOptions_HeaderKeyFormat_ProperCaseWords)(nil), // 14: envoy.config.core.v3.Http1ProtocolOptions.HeaderKeyFormat.ProperCaseWords
+	(*Http2ProtocolOptions_SettingsParameter)(nil),               // 15: envoy.config.core.v3.Http2ProtocolOptions.SettingsParameter
+	(*duration.Duration)(nil),                                    // 16: google.protobuf.Duration
+	(*wrappers.UInt32Value)(nil),                                 // 17: google.protobuf.UInt32Value
+	(*TypedExtensionConfig)(nil),                                 // 18: envoy.config.core.v3.TypedExtensionConfig
+	(*wrappers.BoolValue)(nil),                                   // 19: google.protobuf.BoolValue
+	(*v3.Percent)(nil),                                           // 20: envoy.type.v3.Percent
+}
+var file_envoy_config_core_v3_protocol_proto_depIdxs = []int32{
+	16, // 0: envoy.config.core.v3.QuicKeepAliveSettings.max_interval:type_name -> google.protobuf.Duration
+	16, // 1: envoy.config.core.v3.QuicKeepAliveSettings.initial_interval:type_name -> google.protobuf.Duration
+	17, // 2: envoy.config.core.v3.QuicProtocolOptions.max_concurrent_streams:type_name -> google.protobuf.UInt32Value
+	17, // 3: envoy.config.core.v3.QuicProtocolOptions.initial_stream_window_size:type_name -> google.protobuf.UInt32Value
+	17, // 4: envoy.config.core.v3.QuicProtocolOptions.initial_connection_window_size:type_name -> google.protobuf.UInt32Value
+	17, // 5: envoy.config.core.v3.QuicProtocolOptions.num_timeouts_to_trigger_port_migration:type_name -> google.protobuf.UInt32Value
+	2,  // 6: envoy.config.core.v3.QuicProtocolOptions.connection_keepalive:type_name -> envoy.config.core.v3.QuicKeepAliveSettings
+	17, // 7: envoy.config.core.v3.AlternateProtocolsCacheOptions.max_entries:type_name -> google.protobuf.UInt32Value
+	18, // 8: envoy.config.core.v3.AlternateProtocolsCacheOptions.key_value_store_config:type_name -> envoy.config.core.v3.TypedExtensionConfig
+	16, // 9: envoy.config.core.v3.HttpProtocolOptions.idle_timeout:type_name -> google.protobuf.Duration
+	16, // 10: envoy.config.core.v3.HttpProtocolOptions.max_connection_duration:type_name -> google.protobuf.Duration
+	17, // 11: envoy.config.core.v3.HttpProtocolOptions.max_headers_count:type_name -> google.protobuf.UInt32Value
+	16, // 12: envoy.config.core.v3.HttpProtocolOptions.max_stream_duration:type_name -> google.protobuf.Duration
+	0,  // 13: envoy.config.core.v3.HttpProtocolOptions.headers_with_underscores_action:type_name -> envoy.config.core.v3.HttpProtocolOptions.HeadersWithUnderscoresAction
+	17, // 14: envoy.config.core.v3.HttpProtocolOptions.max_requests_per_connection:type_name -> google.protobuf.UInt32Value
+	19, // 15: envoy.config.core.v3.Http1ProtocolOptions.allow_absolute_url:type_name -> google.protobuf.BoolValue
+	13, // 16: envoy.config.core.v3.Http1ProtocolOptions.header_key_format:type_name -> envoy.config.core.v3.Http1ProtocolOptions.HeaderKeyFormat
+	19, // 17: envoy.config.core.v3.Http1ProtocolOptions.override_stream_error_on_invalid_http_message:type_name -> google.protobuf.BoolValue
+	16, // 18: envoy.config.core.v3.KeepaliveSettings.interval:type_name -> google.protobuf.Duration
+	16, // 19: envoy.config.core.v3.KeepaliveSettings.timeout:type_name -> google.protobuf.Duration
+	20, // 20: envoy.config.core.v3.KeepaliveSettings.interval_jitter:type_name -> envoy.type.v3.Percent
+	16, // 21: envoy.config.core.v3.KeepaliveSettings.connection_idle_interval:type_name -> google.protobuf.Duration
+	17, // 22: envoy.config.core.v3.Http2ProtocolOptions.hpack_table_size:type_name -> google.protobuf.UInt32Value
+	17, // 23: envoy.config.core.v3.Http2ProtocolOptions.max_concurrent_streams:type_name -> google.protobuf.UInt32Value
+	17, // 24: envoy.config.core.v3.Http2ProtocolOptions.initial_stream_window_size:type_name -> google.protobuf.UInt32Value
+	17, // 25: envoy.config.core.v3.Http2ProtocolOptions.initial_connection_window_size:type_name -> google.protobuf.UInt32Value
+	17, // 26: envoy.config.core.v3.Http2ProtocolOptions.max_outbound_frames:type_name -> google.protobuf.UInt32Value
+	17, // 27: envoy.config.core.v3.Http2ProtocolOptions.max_outbound_control_frames:type_name -> google.protobuf.UInt32Value
+	17, // 28: envoy.config.core.v3.Http2ProtocolOptions.max_consecutive_inbound_frames_with_empty_payload:type_name -> google.protobuf.UInt32Value
+	17, // 29: envoy.config.core.v3.Http2ProtocolOptions.max_inbound_priority_frames_per_stream:type_name -> google.protobuf.UInt32Value
+	17, // 30: envoy.config.core.v3.Http2ProtocolOptions.max_inbound_window_update_frames_per_data_frame_sent:type_name -> google.protobuf.UInt32Value
+	19, // 31: envoy.config.core.v3.Http2ProtocolOptions.override_stream_error_on_invalid_http_message:type_name -> google.protobuf.BoolValue
+	15, // 32: envoy.config.core.v3.Http2ProtocolOptions.custom_settings_parameters:type_name -> envoy.config.core.v3.Http2ProtocolOptions.SettingsParameter
+	8,  // 33: envoy.config.core.v3.Http2ProtocolOptions.connection_keepalive:type_name -> envoy.config.core.v3.KeepaliveSettings
+	9,  // 34: envoy.config.core.v3.GrpcProtocolOptions.http2_protocol_options:type_name -> envoy.config.core.v3.Http2ProtocolOptions
+	3,  // 35: envoy.config.core.v3.Http3ProtocolOptions.quic_protocol_options:type_name -> envoy.config.core.v3.QuicProtocolOptions
+	19, // 36: envoy.config.core.v3.Http3ProtocolOptions.override_stream_error_on_invalid_http_message:type_name -> google.protobuf.BoolValue
+	14, // 37: envoy.config.core.v3.Http1ProtocolOptions.HeaderKeyFormat.proper_case_words:type_name -> envoy.config.core.v3.Http1ProtocolOptions.HeaderKeyFormat.ProperCaseWords
+	18, // 38: envoy.config.core.v3.Http1ProtocolOptions.HeaderKeyFormat.stateful_formatter:type_name -> envoy.config.core.v3.TypedExtensionConfig
+	17, // 39: envoy.config.core.v3.Http2ProtocolOptions.SettingsParameter.identifier:type_name -> google.protobuf.UInt32Value
+	17, // 40: envoy.config.core.v3.Http2ProtocolOptions.SettingsParameter.value:type_name -> google.protobuf.UInt32Value
+	41, // [41:41] is the sub-list for method output_type
+	41, // [41:41] is the sub-list for method input_type
+	41, // [41:41] is the sub-list for extension type_name
+	41, // [41:41] is the sub-list for extension extendee
+	0,  // [0:41] is the sub-list for field type_name
+}
+
+func init() { file_envoy_config_core_v3_protocol_proto_init() }
+func file_envoy_config_core_v3_protocol_proto_init() {
+	if File_envoy_config_core_v3_protocol_proto != nil {
+		return
+	}
+	file_envoy_config_core_v3_extension_proto_init()
+	if !protoimpl.UnsafeEnabled {
+		file_envoy_config_core_v3_protocol_proto_msgTypes[0].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*TcpProtocolOptions); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_config_core_v3_protocol_proto_msgTypes[1].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*QuicKeepAliveSettings); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_config_core_v3_protocol_proto_msgTypes[2].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*QuicProtocolOptions); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_config_core_v3_protocol_proto_msgTypes[3].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*UpstreamHttpProtocolOptions); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_config_core_v3_protocol_proto_msgTypes[4].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*AlternateProtocolsCacheOptions); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_config_core_v3_protocol_proto_msgTypes[5].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*HttpProtocolOptions); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_config_core_v3_protocol_proto_msgTypes[6].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*Http1ProtocolOptions); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_config_core_v3_protocol_proto_msgTypes[7].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*KeepaliveSettings); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_config_core_v3_protocol_proto_msgTypes[8].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*Http2ProtocolOptions); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_config_core_v3_protocol_proto_msgTypes[9].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*GrpcProtocolOptions); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_config_core_v3_protocol_proto_msgTypes[10].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*Http3ProtocolOptions); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_config_core_v3_protocol_proto_msgTypes[11].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*SchemeHeaderTransformation); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_config_core_v3_protocol_proto_msgTypes[12].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*Http1ProtocolOptions_HeaderKeyFormat); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_config_core_v3_protocol_proto_msgTypes[13].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*Http1ProtocolOptions_HeaderKeyFormat_ProperCaseWords); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_config_core_v3_protocol_proto_msgTypes[14].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*Http2ProtocolOptions_SettingsParameter); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+	}
+	file_envoy_config_core_v3_protocol_proto_msgTypes[11].OneofWrappers = []interface{}{
+		(*SchemeHeaderTransformation_SchemeToOverwrite)(nil),
+	}
+	file_envoy_config_core_v3_protocol_proto_msgTypes[12].OneofWrappers = []interface{}{
+		(*Http1ProtocolOptions_HeaderKeyFormat_ProperCaseWords_)(nil),
+		(*Http1ProtocolOptions_HeaderKeyFormat_StatefulFormatter)(nil),
+	}
+	type x struct{}
+	out := protoimpl.TypeBuilder{
+		File: protoimpl.DescBuilder{
+			GoPackagePath: reflect.TypeOf(x{}).PkgPath(),
+			RawDescriptor: file_envoy_config_core_v3_protocol_proto_rawDesc,
+			NumEnums:      1,
+			NumMessages:   15,
+			NumExtensions: 0,
+			NumServices:   0,
+		},
+		GoTypes:           file_envoy_config_core_v3_protocol_proto_goTypes,
+		DependencyIndexes: file_envoy_config_core_v3_protocol_proto_depIdxs,
+		EnumInfos:         file_envoy_config_core_v3_protocol_proto_enumTypes,
+		MessageInfos:      file_envoy_config_core_v3_protocol_proto_msgTypes,
+	}.Build()
+	File_envoy_config_core_v3_protocol_proto = out.File
+	file_envoy_config_core_v3_protocol_proto_rawDesc = nil
+	file_envoy_config_core_v3_protocol_proto_goTypes = nil
+	file_envoy_config_core_v3_protocol_proto_depIdxs = nil
+}
diff --git a/vendor/github.com/envoyproxy/go-control-plane/envoy/config/core/v3/protocol.pb.validate.go b/vendor/github.com/envoyproxy/go-control-plane/envoy/config/core/v3/protocol.pb.validate.go
new file mode 100644
index 00000000000..dfef4ed41fb
--- /dev/null
+++ b/vendor/github.com/envoyproxy/go-control-plane/envoy/config/core/v3/protocol.pb.validate.go
@@ -0,0 +1,2683 @@
+// Code generated by protoc-gen-validate. DO NOT EDIT.
+// source: envoy/config/core/v3/protocol.proto
+
+package envoy_config_core_v3
+
+import (
+	"bytes"
+	"errors"
+	"fmt"
+	"net"
+	"net/mail"
+	"net/url"
+	"regexp"
+	"sort"
+	"strings"
+	"time"
+	"unicode/utf8"
+
+	"google.golang.org/protobuf/types/known/anypb"
+)
+
+// ensure the imports are used
+var (
+	_ = bytes.MinRead
+	_ = errors.New("")
+	_ = fmt.Print
+	_ = utf8.UTFMax
+	_ = (*regexp.Regexp)(nil)
+	_ = (*strings.Reader)(nil)
+	_ = net.IPv4len
+	_ = time.Duration(0)
+	_ = (*url.URL)(nil)
+	_ = (*mail.Address)(nil)
+	_ = anypb.Any{}
+	_ = sort.Sort
+)
+
+// Validate checks the field values on TcpProtocolOptions with the rules
+// defined in the proto definition for this message. If any rules are
+// violated, the first error encountered is returned, or nil if there are no violations.
+func (m *TcpProtocolOptions) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on TcpProtocolOptions with the rules
+// defined in the proto definition for this message. If any rules are
+// violated, the result is a list of violation errors wrapped in
+// TcpProtocolOptionsMultiError, or nil if none found.
+func (m *TcpProtocolOptions) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *TcpProtocolOptions) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	if len(errors) > 0 {
+		return TcpProtocolOptionsMultiError(errors)
+	}
+	return nil
+}
+
+// TcpProtocolOptionsMultiError is an error wrapping multiple validation errors
+// returned by TcpProtocolOptions.ValidateAll() if the designated constraints
+// aren't met.
+type TcpProtocolOptionsMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m TcpProtocolOptionsMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m TcpProtocolOptionsMultiError) AllErrors() []error { return m }
+
+// TcpProtocolOptionsValidationError is the validation error returned by
+// TcpProtocolOptions.Validate if the designated constraints aren't met.
+type TcpProtocolOptionsValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e TcpProtocolOptionsValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e TcpProtocolOptionsValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e TcpProtocolOptionsValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e TcpProtocolOptionsValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e TcpProtocolOptionsValidationError) ErrorName() string {
+	return "TcpProtocolOptionsValidationError"
+}
+
+// Error satisfies the builtin error interface
+func (e TcpProtocolOptionsValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sTcpProtocolOptions.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = TcpProtocolOptionsValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = TcpProtocolOptionsValidationError{}
+
+// Validate checks the field values on QuicKeepAliveSettings with the rules
+// defined in the proto definition for this message. If any rules are
+// violated, the first error encountered is returned, or nil if there are no violations.
+func (m *QuicKeepAliveSettings) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on QuicKeepAliveSettings with the rules
+// defined in the proto definition for this message. If any rules are
+// violated, the result is a list of violation errors wrapped in
+// QuicKeepAliveSettingsMultiError, or nil if none found.
+func (m *QuicKeepAliveSettings) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *QuicKeepAliveSettings) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	if d := m.GetMaxInterval(); d != nil {
+		dur, err := d.AsDuration(), d.CheckValid()
+		if err != nil {
+			err = QuicKeepAliveSettingsValidationError{
+				field:  "MaxInterval",
+				reason: "value is not a valid duration",
+				cause:  err,
+			}
+			if !all {
+				return err
+			}
+			errors = append(errors, err)
+		} else {
+
+			lte := time.Duration(0*time.Second + 0*time.Nanosecond)
+			gte := time.Duration(1*time.Second + 0*time.Nanosecond)
+
+			if dur > lte && dur < gte {
+				err := QuicKeepAliveSettingsValidationError{
+					field:  "MaxInterval",
+					reason: "value must be outside range (0s, 1s)",
+				}
+				if !all {
+					return err
+				}
+				errors = append(errors, err)
+			}
+
+		}
+	}
+
+	if d := m.GetInitialInterval(); d != nil {
+		dur, err := d.AsDuration(), d.CheckValid()
+		if err != nil {
+			err = QuicKeepAliveSettingsValidationError{
+				field:  "InitialInterval",
+				reason: "value is not a valid duration",
+				cause:  err,
+			}
+			if !all {
+				return err
+			}
+			errors = append(errors, err)
+		} else {
+
+			lte := time.Duration(0*time.Second + 0*time.Nanosecond)
+			gte := time.Duration(1*time.Second + 0*time.Nanosecond)
+
+			if dur > lte && dur < gte {
+				err := QuicKeepAliveSettingsValidationError{
+					field:  "InitialInterval",
+					reason: "value must be outside range (0s, 1s)",
+				}
+				if !all {
+					return err
+				}
+				errors = append(errors, err)
+			}
+
+		}
+	}
+
+	if len(errors) > 0 {
+		return QuicKeepAliveSettingsMultiError(errors)
+	}
+	return nil
+}
+
+// QuicKeepAliveSettingsMultiError is an error wrapping multiple validation
+// errors returned by QuicKeepAliveSettings.ValidateAll() if the designated
+// constraints aren't met.
+type QuicKeepAliveSettingsMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m QuicKeepAliveSettingsMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m QuicKeepAliveSettingsMultiError) AllErrors() []error { return m }
+
+// QuicKeepAliveSettingsValidationError is the validation error returned by
+// QuicKeepAliveSettings.Validate if the designated constraints aren't met.
+type QuicKeepAliveSettingsValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e QuicKeepAliveSettingsValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e QuicKeepAliveSettingsValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e QuicKeepAliveSettingsValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e QuicKeepAliveSettingsValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e QuicKeepAliveSettingsValidationError) ErrorName() string {
+	return "QuicKeepAliveSettingsValidationError"
+}
+
+// Error satisfies the builtin error interface
+func (e QuicKeepAliveSettingsValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sQuicKeepAliveSettings.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = QuicKeepAliveSettingsValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = QuicKeepAliveSettingsValidationError{}
+
+// Validate checks the field values on QuicProtocolOptions with the rules
+// defined in the proto definition for this message. If any rules are
+// violated, the first error encountered is returned, or nil if there are no violations.
+func (m *QuicProtocolOptions) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on QuicProtocolOptions with the rules
+// defined in the proto definition for this message. If any rules are
+// violated, the result is a list of violation errors wrapped in
+// QuicProtocolOptionsMultiError, or nil if none found.
+func (m *QuicProtocolOptions) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *QuicProtocolOptions) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	if wrapper := m.GetMaxConcurrentStreams(); wrapper != nil {
+
+		if wrapper.GetValue() < 1 {
+			err := QuicProtocolOptionsValidationError{
+				field:  "MaxConcurrentStreams",
+				reason: "value must be greater than or equal to 1",
+			}
+			if !all {
+				return err
+			}
+			errors = append(errors, err)
+		}
+
+	}
+
+	if wrapper := m.GetInitialStreamWindowSize(); wrapper != nil {
+
+		if val := wrapper.GetValue(); val < 1 || val > 16777216 {
+			err := QuicProtocolOptionsValidationError{
+				field:  "InitialStreamWindowSize",
+				reason: "value must be inside range [1, 16777216]",
+			}
+			if !all {
+				return err
+			}
+			errors = append(errors, err)
+		}
+
+	}
+
+	if wrapper := m.GetInitialConnectionWindowSize(); wrapper != nil {
+
+		if val := wrapper.GetValue(); val < 1 || val > 25165824 {
+			err := QuicProtocolOptionsValidationError{
+				field:  "InitialConnectionWindowSize",
+				reason: "value must be inside range [1, 25165824]",
+			}
+			if !all {
+				return err
+			}
+			errors = append(errors, err)
+		}
+
+	}
+
+	if wrapper := m.GetNumTimeoutsToTriggerPortMigration(); wrapper != nil {
+
+		if val := wrapper.GetValue(); val < 0 || val > 5 {
+			err := QuicProtocolOptionsValidationError{
+				field:  "NumTimeoutsToTriggerPortMigration",
+				reason: "value must be inside range [0, 5]",
+			}
+			if !all {
+				return err
+			}
+			errors = append(errors, err)
+		}
+
+	}
+
+	if all {
+		switch v := interface{}(m.GetConnectionKeepalive()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, QuicProtocolOptionsValidationError{
+					field:  "ConnectionKeepalive",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, QuicProtocolOptionsValidationError{
+					field:  "ConnectionKeepalive",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetConnectionKeepalive()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return QuicProtocolOptionsValidationError{
+				field:  "ConnectionKeepalive",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if len(errors) > 0 {
+		return QuicProtocolOptionsMultiError(errors)
+	}
+	return nil
+}
+
+// QuicProtocolOptionsMultiError is an error wrapping multiple validation
+// errors returned by QuicProtocolOptions.ValidateAll() if the designated
+// constraints aren't met.
+type QuicProtocolOptionsMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m QuicProtocolOptionsMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m QuicProtocolOptionsMultiError) AllErrors() []error { return m }
+
+// QuicProtocolOptionsValidationError is the validation error returned by
+// QuicProtocolOptions.Validate if the designated constraints aren't met.
+type QuicProtocolOptionsValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e QuicProtocolOptionsValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e QuicProtocolOptionsValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e QuicProtocolOptionsValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e QuicProtocolOptionsValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e QuicProtocolOptionsValidationError) ErrorName() string {
+	return "QuicProtocolOptionsValidationError"
+}
+
+// Error satisfies the builtin error interface
+func (e QuicProtocolOptionsValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sQuicProtocolOptions.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = QuicProtocolOptionsValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = QuicProtocolOptionsValidationError{}
+
+// Validate checks the field values on UpstreamHttpProtocolOptions with the
+// rules defined in the proto definition for this message. If any rules are
+// violated, the first error encountered is returned, or nil if there are no violations.
+func (m *UpstreamHttpProtocolOptions) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on UpstreamHttpProtocolOptions with the
+// rules defined in the proto definition for this message. If any rules are
+// violated, the result is a list of violation errors wrapped in
+// UpstreamHttpProtocolOptionsMultiError, or nil if none found.
+func (m *UpstreamHttpProtocolOptions) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *UpstreamHttpProtocolOptions) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	// no validation rules for AutoSni
+
+	// no validation rules for AutoSanValidation
+
+	if m.GetOverrideAutoSniHeader() != "" {
+
+		if !_UpstreamHttpProtocolOptions_OverrideAutoSniHeader_Pattern.MatchString(m.GetOverrideAutoSniHeader()) {
+			err := UpstreamHttpProtocolOptionsValidationError{
+				field:  "OverrideAutoSniHeader",
+				reason: "value does not match regex pattern \"^:?[0-9a-zA-Z!#$%&'*+-.^_|~`]+$\"",
+			}
+			if !all {
+				return err
+			}
+			errors = append(errors, err)
+		}
+
+	}
+
+	if len(errors) > 0 {
+		return UpstreamHttpProtocolOptionsMultiError(errors)
+	}
+	return nil
+}
+
+// UpstreamHttpProtocolOptionsMultiError is an error wrapping multiple
+// validation errors returned by UpstreamHttpProtocolOptions.ValidateAll() if
+// the designated constraints aren't met.
+type UpstreamHttpProtocolOptionsMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m UpstreamHttpProtocolOptionsMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m UpstreamHttpProtocolOptionsMultiError) AllErrors() []error { return m }
+
+// UpstreamHttpProtocolOptionsValidationError is the validation error returned
+// by UpstreamHttpProtocolOptions.Validate if the designated constraints
+// aren't met.
+type UpstreamHttpProtocolOptionsValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e UpstreamHttpProtocolOptionsValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e UpstreamHttpProtocolOptionsValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e UpstreamHttpProtocolOptionsValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e UpstreamHttpProtocolOptionsValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e UpstreamHttpProtocolOptionsValidationError) ErrorName() string {
+	return "UpstreamHttpProtocolOptionsValidationError"
+}
+
+// Error satisfies the builtin error interface
+func (e UpstreamHttpProtocolOptionsValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sUpstreamHttpProtocolOptions.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = UpstreamHttpProtocolOptionsValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = UpstreamHttpProtocolOptionsValidationError{}
+
+var _UpstreamHttpProtocolOptions_OverrideAutoSniHeader_Pattern = regexp.MustCompile("^:?[0-9a-zA-Z!#$%&'*+-.^_|~`]+$")
+
+// Validate checks the field values on AlternateProtocolsCacheOptions with the
+// rules defined in the proto definition for this message. If any rules are
+// violated, the first error encountered is returned, or nil if there are no violations.
+func (m *AlternateProtocolsCacheOptions) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on AlternateProtocolsCacheOptions with
+// the rules defined in the proto definition for this message. If any rules
+// are violated, the result is a list of violation errors wrapped in
+// AlternateProtocolsCacheOptionsMultiError, or nil if none found.
+func (m *AlternateProtocolsCacheOptions) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *AlternateProtocolsCacheOptions) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	if utf8.RuneCountInString(m.GetName()) < 1 {
+		err := AlternateProtocolsCacheOptionsValidationError{
+			field:  "Name",
+			reason: "value length must be at least 1 runes",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+	}
+
+	if wrapper := m.GetMaxEntries(); wrapper != nil {
+
+		if wrapper.GetValue() <= 0 {
+			err := AlternateProtocolsCacheOptionsValidationError{
+				field:  "MaxEntries",
+				reason: "value must be greater than 0",
+			}
+			if !all {
+				return err
+			}
+			errors = append(errors, err)
+		}
+
+	}
+
+	if all {
+		switch v := interface{}(m.GetKeyValueStoreConfig()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, AlternateProtocolsCacheOptionsValidationError{
+					field:  "KeyValueStoreConfig",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, AlternateProtocolsCacheOptionsValidationError{
+					field:  "KeyValueStoreConfig",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetKeyValueStoreConfig()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return AlternateProtocolsCacheOptionsValidationError{
+				field:  "KeyValueStoreConfig",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if len(errors) > 0 {
+		return AlternateProtocolsCacheOptionsMultiError(errors)
+	}
+	return nil
+}
+
+// AlternateProtocolsCacheOptionsMultiError is an error wrapping multiple
+// validation errors returned by AlternateProtocolsCacheOptions.ValidateAll()
+// if the designated constraints aren't met.
+type AlternateProtocolsCacheOptionsMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m AlternateProtocolsCacheOptionsMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m AlternateProtocolsCacheOptionsMultiError) AllErrors() []error { return m }
+
+// AlternateProtocolsCacheOptionsValidationError is the validation error
+// returned by AlternateProtocolsCacheOptions.Validate if the designated
+// constraints aren't met.
+type AlternateProtocolsCacheOptionsValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e AlternateProtocolsCacheOptionsValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e AlternateProtocolsCacheOptionsValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e AlternateProtocolsCacheOptionsValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e AlternateProtocolsCacheOptionsValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e AlternateProtocolsCacheOptionsValidationError) ErrorName() string {
+	return "AlternateProtocolsCacheOptionsValidationError"
+}
+
+// Error satisfies the builtin error interface
+func (e AlternateProtocolsCacheOptionsValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sAlternateProtocolsCacheOptions.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = AlternateProtocolsCacheOptionsValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = AlternateProtocolsCacheOptionsValidationError{}
+
+// Validate checks the field values on HttpProtocolOptions with the rules
+// defined in the proto definition for this message. If any rules are
+// violated, the first error encountered is returned, or nil if there are no violations.
+func (m *HttpProtocolOptions) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on HttpProtocolOptions with the rules
+// defined in the proto definition for this message. If any rules are
+// violated, the result is a list of violation errors wrapped in
+// HttpProtocolOptionsMultiError, or nil if none found.
+func (m *HttpProtocolOptions) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *HttpProtocolOptions) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	if all {
+		switch v := interface{}(m.GetIdleTimeout()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, HttpProtocolOptionsValidationError{
+					field:  "IdleTimeout",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, HttpProtocolOptionsValidationError{
+					field:  "IdleTimeout",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetIdleTimeout()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return HttpProtocolOptionsValidationError{
+				field:  "IdleTimeout",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if all {
+		switch v := interface{}(m.GetMaxConnectionDuration()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, HttpProtocolOptionsValidationError{
+					field:  "MaxConnectionDuration",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, HttpProtocolOptionsValidationError{
+					field:  "MaxConnectionDuration",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetMaxConnectionDuration()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return HttpProtocolOptionsValidationError{
+				field:  "MaxConnectionDuration",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if wrapper := m.GetMaxHeadersCount(); wrapper != nil {
+
+		if wrapper.GetValue() < 1 {
+			err := HttpProtocolOptionsValidationError{
+				field:  "MaxHeadersCount",
+				reason: "value must be greater than or equal to 1",
+			}
+			if !all {
+				return err
+			}
+			errors = append(errors, err)
+		}
+
+	}
+
+	if all {
+		switch v := interface{}(m.GetMaxStreamDuration()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, HttpProtocolOptionsValidationError{
+					field:  "MaxStreamDuration",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, HttpProtocolOptionsValidationError{
+					field:  "MaxStreamDuration",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetMaxStreamDuration()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return HttpProtocolOptionsValidationError{
+				field:  "MaxStreamDuration",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	// no validation rules for HeadersWithUnderscoresAction
+
+	if all {
+		switch v := interface{}(m.GetMaxRequestsPerConnection()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, HttpProtocolOptionsValidationError{
+					field:  "MaxRequestsPerConnection",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, HttpProtocolOptionsValidationError{
+					field:  "MaxRequestsPerConnection",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetMaxRequestsPerConnection()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return HttpProtocolOptionsValidationError{
+				field:  "MaxRequestsPerConnection",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if len(errors) > 0 {
+		return HttpProtocolOptionsMultiError(errors)
+	}
+	return nil
+}
+
+// HttpProtocolOptionsMultiError is an error wrapping multiple validation
+// errors returned by HttpProtocolOptions.ValidateAll() if the designated
+// constraints aren't met.
+type HttpProtocolOptionsMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m HttpProtocolOptionsMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m HttpProtocolOptionsMultiError) AllErrors() []error { return m }
+
+// HttpProtocolOptionsValidationError is the validation error returned by
+// HttpProtocolOptions.Validate if the designated constraints aren't met.
+type HttpProtocolOptionsValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e HttpProtocolOptionsValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e HttpProtocolOptionsValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e HttpProtocolOptionsValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e HttpProtocolOptionsValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e HttpProtocolOptionsValidationError) ErrorName() string {
+	return "HttpProtocolOptionsValidationError"
+}
+
+// Error satisfies the builtin error interface
+func (e HttpProtocolOptionsValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sHttpProtocolOptions.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = HttpProtocolOptionsValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = HttpProtocolOptionsValidationError{}
+
+// Validate checks the field values on Http1ProtocolOptions with the rules
+// defined in the proto definition for this message. If any rules are
+// violated, the first error encountered is returned, or nil if there are no violations.
+func (m *Http1ProtocolOptions) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on Http1ProtocolOptions with the rules
+// defined in the proto definition for this message. If any rules are
+// violated, the result is a list of violation errors wrapped in
+// Http1ProtocolOptionsMultiError, or nil if none found.
+func (m *Http1ProtocolOptions) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *Http1ProtocolOptions) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	if all {
+		switch v := interface{}(m.GetAllowAbsoluteUrl()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, Http1ProtocolOptionsValidationError{
+					field:  "AllowAbsoluteUrl",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, Http1ProtocolOptionsValidationError{
+					field:  "AllowAbsoluteUrl",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetAllowAbsoluteUrl()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return Http1ProtocolOptionsValidationError{
+				field:  "AllowAbsoluteUrl",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	// no validation rules for AcceptHttp_10
+
+	// no validation rules for DefaultHostForHttp_10
+
+	if all {
+		switch v := interface{}(m.GetHeaderKeyFormat()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, Http1ProtocolOptionsValidationError{
+					field:  "HeaderKeyFormat",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, Http1ProtocolOptionsValidationError{
+					field:  "HeaderKeyFormat",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetHeaderKeyFormat()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return Http1ProtocolOptionsValidationError{
+				field:  "HeaderKeyFormat",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	// no validation rules for EnableTrailers
+
+	// no validation rules for AllowChunkedLength
+
+	if all {
+		switch v := interface{}(m.GetOverrideStreamErrorOnInvalidHttpMessage()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, Http1ProtocolOptionsValidationError{
+					field:  "OverrideStreamErrorOnInvalidHttpMessage",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, Http1ProtocolOptionsValidationError{
+					field:  "OverrideStreamErrorOnInvalidHttpMessage",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetOverrideStreamErrorOnInvalidHttpMessage()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return Http1ProtocolOptionsValidationError{
+				field:  "OverrideStreamErrorOnInvalidHttpMessage",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if len(errors) > 0 {
+		return Http1ProtocolOptionsMultiError(errors)
+	}
+	return nil
+}
+
+// Http1ProtocolOptionsMultiError is an error wrapping multiple validation
+// errors returned by Http1ProtocolOptions.ValidateAll() if the designated
+// constraints aren't met.
+type Http1ProtocolOptionsMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m Http1ProtocolOptionsMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m Http1ProtocolOptionsMultiError) AllErrors() []error { return m }
+
+// Http1ProtocolOptionsValidationError is the validation error returned by
+// Http1ProtocolOptions.Validate if the designated constraints aren't met.
+type Http1ProtocolOptionsValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e Http1ProtocolOptionsValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e Http1ProtocolOptionsValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e Http1ProtocolOptionsValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e Http1ProtocolOptionsValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e Http1ProtocolOptionsValidationError) ErrorName() string {
+	return "Http1ProtocolOptionsValidationError"
+}
+
+// Error satisfies the builtin error interface
+func (e Http1ProtocolOptionsValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sHttp1ProtocolOptions.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = Http1ProtocolOptionsValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = Http1ProtocolOptionsValidationError{}
+
+// Validate checks the field values on KeepaliveSettings with the rules defined
+// in the proto definition for this message. If any rules are violated, the
+// first error encountered is returned, or nil if there are no violations.
+func (m *KeepaliveSettings) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on KeepaliveSettings with the rules
+// defined in the proto definition for this message. If any rules are
+// violated, the result is a list of violation errors wrapped in
+// KeepaliveSettingsMultiError, or nil if none found.
+func (m *KeepaliveSettings) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *KeepaliveSettings) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	if d := m.GetInterval(); d != nil {
+		dur, err := d.AsDuration(), d.CheckValid()
+		if err != nil {
+			err = KeepaliveSettingsValidationError{
+				field:  "Interval",
+				reason: "value is not a valid duration",
+				cause:  err,
+			}
+			if !all {
+				return err
+			}
+			errors = append(errors, err)
+		} else {
+
+			gte := time.Duration(0*time.Second + 1000000*time.Nanosecond)
+
+			if dur < gte {
+				err := KeepaliveSettingsValidationError{
+					field:  "Interval",
+					reason: "value must be greater than or equal to 1ms",
+				}
+				if !all {
+					return err
+				}
+				errors = append(errors, err)
+			}
+
+		}
+	}
+
+	if m.GetTimeout() == nil {
+		err := KeepaliveSettingsValidationError{
+			field:  "Timeout",
+			reason: "value is required",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+	}
+
+	if d := m.GetTimeout(); d != nil {
+		dur, err := d.AsDuration(), d.CheckValid()
+		if err != nil {
+			err = KeepaliveSettingsValidationError{
+				field:  "Timeout",
+				reason: "value is not a valid duration",
+				cause:  err,
+			}
+			if !all {
+				return err
+			}
+			errors = append(errors, err)
+		} else {
+
+			gte := time.Duration(0*time.Second + 1000000*time.Nanosecond)
+
+			if dur < gte {
+				err := KeepaliveSettingsValidationError{
+					field:  "Timeout",
+					reason: "value must be greater than or equal to 1ms",
+				}
+				if !all {
+					return err
+				}
+				errors = append(errors, err)
+			}
+
+		}
+	}
+
+	if all {
+		switch v := interface{}(m.GetIntervalJitter()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, KeepaliveSettingsValidationError{
+					field:  "IntervalJitter",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, KeepaliveSettingsValidationError{
+					field:  "IntervalJitter",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetIntervalJitter()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return KeepaliveSettingsValidationError{
+				field:  "IntervalJitter",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if d := m.GetConnectionIdleInterval(); d != nil {
+		dur, err := d.AsDuration(), d.CheckValid()
+		if err != nil {
+			err = KeepaliveSettingsValidationError{
+				field:  "ConnectionIdleInterval",
+				reason: "value is not a valid duration",
+				cause:  err,
+			}
+			if !all {
+				return err
+			}
+			errors = append(errors, err)
+		} else {
+
+			gte := time.Duration(0*time.Second + 1000000*time.Nanosecond)
+
+			if dur < gte {
+				err := KeepaliveSettingsValidationError{
+					field:  "ConnectionIdleInterval",
+					reason: "value must be greater than or equal to 1ms",
+				}
+				if !all {
+					return err
+				}
+				errors = append(errors, err)
+			}
+
+		}
+	}
+
+	if len(errors) > 0 {
+		return KeepaliveSettingsMultiError(errors)
+	}
+	return nil
+}
+
+// KeepaliveSettingsMultiError is an error wrapping multiple validation errors
+// returned by KeepaliveSettings.ValidateAll() if the designated constraints
+// aren't met.
+type KeepaliveSettingsMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m KeepaliveSettingsMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m KeepaliveSettingsMultiError) AllErrors() []error { return m }
+
+// KeepaliveSettingsValidationError is the validation error returned by
+// KeepaliveSettings.Validate if the designated constraints aren't met.
+type KeepaliveSettingsValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e KeepaliveSettingsValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e KeepaliveSettingsValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e KeepaliveSettingsValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e KeepaliveSettingsValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e KeepaliveSettingsValidationError) ErrorName() string {
+	return "KeepaliveSettingsValidationError"
+}
+
+// Error satisfies the builtin error interface
+func (e KeepaliveSettingsValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sKeepaliveSettings.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = KeepaliveSettingsValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = KeepaliveSettingsValidationError{}
+
+// Validate checks the field values on Http2ProtocolOptions with the rules
+// defined in the proto definition for this message. If any rules are
+// violated, the first error encountered is returned, or nil if there are no violations.
+func (m *Http2ProtocolOptions) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on Http2ProtocolOptions with the rules
+// defined in the proto definition for this message. If any rules are
+// violated, the result is a list of violation errors wrapped in
+// Http2ProtocolOptionsMultiError, or nil if none found.
+func (m *Http2ProtocolOptions) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *Http2ProtocolOptions) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	if all {
+		switch v := interface{}(m.GetHpackTableSize()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, Http2ProtocolOptionsValidationError{
+					field:  "HpackTableSize",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, Http2ProtocolOptionsValidationError{
+					field:  "HpackTableSize",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetHpackTableSize()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return Http2ProtocolOptionsValidationError{
+				field:  "HpackTableSize",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if wrapper := m.GetMaxConcurrentStreams(); wrapper != nil {
+
+		if val := wrapper.GetValue(); val < 1 || val > 2147483647 {
+			err := Http2ProtocolOptionsValidationError{
+				field:  "MaxConcurrentStreams",
+				reason: "value must be inside range [1, 2147483647]",
+			}
+			if !all {
+				return err
+			}
+			errors = append(errors, err)
+		}
+
+	}
+
+	if wrapper := m.GetInitialStreamWindowSize(); wrapper != nil {
+
+		if val := wrapper.GetValue(); val < 65535 || val > 2147483647 {
+			err := Http2ProtocolOptionsValidationError{
+				field:  "InitialStreamWindowSize",
+				reason: "value must be inside range [65535, 2147483647]",
+			}
+			if !all {
+				return err
+			}
+			errors = append(errors, err)
+		}
+
+	}
+
+	if wrapper := m.GetInitialConnectionWindowSize(); wrapper != nil {
+
+		if val := wrapper.GetValue(); val < 65535 || val > 2147483647 {
+			err := Http2ProtocolOptionsValidationError{
+				field:  "InitialConnectionWindowSize",
+				reason: "value must be inside range [65535, 2147483647]",
+			}
+			if !all {
+				return err
+			}
+			errors = append(errors, err)
+		}
+
+	}
+
+	// no validation rules for AllowConnect
+
+	// no validation rules for AllowMetadata
+
+	if wrapper := m.GetMaxOutboundFrames(); wrapper != nil {
+
+		if wrapper.GetValue() < 1 {
+			err := Http2ProtocolOptionsValidationError{
+				field:  "MaxOutboundFrames",
+				reason: "value must be greater than or equal to 1",
+			}
+			if !all {
+				return err
+			}
+			errors = append(errors, err)
+		}
+
+	}
+
+	if wrapper := m.GetMaxOutboundControlFrames(); wrapper != nil {
+
+		if wrapper.GetValue() < 1 {
+			err := Http2ProtocolOptionsValidationError{
+				field:  "MaxOutboundControlFrames",
+				reason: "value must be greater than or equal to 1",
+			}
+			if !all {
+				return err
+			}
+			errors = append(errors, err)
+		}
+
+	}
+
+	if all {
+		switch v := interface{}(m.GetMaxConsecutiveInboundFramesWithEmptyPayload()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, Http2ProtocolOptionsValidationError{
+					field:  "MaxConsecutiveInboundFramesWithEmptyPayload",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, Http2ProtocolOptionsValidationError{
+					field:  "MaxConsecutiveInboundFramesWithEmptyPayload",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetMaxConsecutiveInboundFramesWithEmptyPayload()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return Http2ProtocolOptionsValidationError{
+				field:  "MaxConsecutiveInboundFramesWithEmptyPayload",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if all {
+		switch v := interface{}(m.GetMaxInboundPriorityFramesPerStream()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, Http2ProtocolOptionsValidationError{
+					field:  "MaxInboundPriorityFramesPerStream",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, Http2ProtocolOptionsValidationError{
+					field:  "MaxInboundPriorityFramesPerStream",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetMaxInboundPriorityFramesPerStream()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return Http2ProtocolOptionsValidationError{
+				field:  "MaxInboundPriorityFramesPerStream",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if wrapper := m.GetMaxInboundWindowUpdateFramesPerDataFrameSent(); wrapper != nil {
+
+		if wrapper.GetValue() < 1 {
+			err := Http2ProtocolOptionsValidationError{
+				field:  "MaxInboundWindowUpdateFramesPerDataFrameSent",
+				reason: "value must be greater than or equal to 1",
+			}
+			if !all {
+				return err
+			}
+			errors = append(errors, err)
+		}
+
+	}
+
+	// no validation rules for StreamErrorOnInvalidHttpMessaging
+
+	if all {
+		switch v := interface{}(m.GetOverrideStreamErrorOnInvalidHttpMessage()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, Http2ProtocolOptionsValidationError{
+					field:  "OverrideStreamErrorOnInvalidHttpMessage",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, Http2ProtocolOptionsValidationError{
+					field:  "OverrideStreamErrorOnInvalidHttpMessage",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetOverrideStreamErrorOnInvalidHttpMessage()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return Http2ProtocolOptionsValidationError{
+				field:  "OverrideStreamErrorOnInvalidHttpMessage",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	for idx, item := range m.GetCustomSettingsParameters() {
+		_, _ = idx, item
+
+		if all {
+			switch v := interface{}(item).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, Http2ProtocolOptionsValidationError{
+						field:  fmt.Sprintf("CustomSettingsParameters[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, Http2ProtocolOptionsValidationError{
+						field:  fmt.Sprintf("CustomSettingsParameters[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(item).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return Http2ProtocolOptionsValidationError{
+					field:  fmt.Sprintf("CustomSettingsParameters[%v]", idx),
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	}
+
+	if all {
+		switch v := interface{}(m.GetConnectionKeepalive()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, Http2ProtocolOptionsValidationError{
+					field:  "ConnectionKeepalive",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, Http2ProtocolOptionsValidationError{
+					field:  "ConnectionKeepalive",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetConnectionKeepalive()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return Http2ProtocolOptionsValidationError{
+				field:  "ConnectionKeepalive",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if len(errors) > 0 {
+		return Http2ProtocolOptionsMultiError(errors)
+	}
+	return nil
+}
+
+// Http2ProtocolOptionsMultiError is an error wrapping multiple validation
+// errors returned by Http2ProtocolOptions.ValidateAll() if the designated
+// constraints aren't met.
+type Http2ProtocolOptionsMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m Http2ProtocolOptionsMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m Http2ProtocolOptionsMultiError) AllErrors() []error { return m }
+
+// Http2ProtocolOptionsValidationError is the validation error returned by
+// Http2ProtocolOptions.Validate if the designated constraints aren't met.
+type Http2ProtocolOptionsValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e Http2ProtocolOptionsValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e Http2ProtocolOptionsValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e Http2ProtocolOptionsValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e Http2ProtocolOptionsValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e Http2ProtocolOptionsValidationError) ErrorName() string {
+	return "Http2ProtocolOptionsValidationError"
+}
+
+// Error satisfies the builtin error interface
+func (e Http2ProtocolOptionsValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sHttp2ProtocolOptions.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = Http2ProtocolOptionsValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = Http2ProtocolOptionsValidationError{}
+
+// Validate checks the field values on GrpcProtocolOptions with the rules
+// defined in the proto definition for this message. If any rules are
+// violated, the first error encountered is returned, or nil if there are no violations.
+func (m *GrpcProtocolOptions) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on GrpcProtocolOptions with the rules
+// defined in the proto definition for this message. If any rules are
+// violated, the result is a list of violation errors wrapped in
+// GrpcProtocolOptionsMultiError, or nil if none found.
+func (m *GrpcProtocolOptions) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *GrpcProtocolOptions) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	if all {
+		switch v := interface{}(m.GetHttp2ProtocolOptions()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, GrpcProtocolOptionsValidationError{
+					field:  "Http2ProtocolOptions",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, GrpcProtocolOptionsValidationError{
+					field:  "Http2ProtocolOptions",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetHttp2ProtocolOptions()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return GrpcProtocolOptionsValidationError{
+				field:  "Http2ProtocolOptions",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if len(errors) > 0 {
+		return GrpcProtocolOptionsMultiError(errors)
+	}
+	return nil
+}
+
+// GrpcProtocolOptionsMultiError is an error wrapping multiple validation
+// errors returned by GrpcProtocolOptions.ValidateAll() if the designated
+// constraints aren't met.
+type GrpcProtocolOptionsMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m GrpcProtocolOptionsMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m GrpcProtocolOptionsMultiError) AllErrors() []error { return m }
+
+// GrpcProtocolOptionsValidationError is the validation error returned by
+// GrpcProtocolOptions.Validate if the designated constraints aren't met.
+type GrpcProtocolOptionsValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e GrpcProtocolOptionsValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e GrpcProtocolOptionsValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e GrpcProtocolOptionsValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e GrpcProtocolOptionsValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e GrpcProtocolOptionsValidationError) ErrorName() string {
+	return "GrpcProtocolOptionsValidationError"
+}
+
+// Error satisfies the builtin error interface
+func (e GrpcProtocolOptionsValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sGrpcProtocolOptions.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = GrpcProtocolOptionsValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = GrpcProtocolOptionsValidationError{}
+
+// Validate checks the field values on Http3ProtocolOptions with the rules
+// defined in the proto definition for this message. If any rules are
+// violated, the first error encountered is returned, or nil if there are no violations.
+func (m *Http3ProtocolOptions) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on Http3ProtocolOptions with the rules
+// defined in the proto definition for this message. If any rules are
+// violated, the result is a list of violation errors wrapped in
+// Http3ProtocolOptionsMultiError, or nil if none found.
+func (m *Http3ProtocolOptions) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *Http3ProtocolOptions) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	if all {
+		switch v := interface{}(m.GetQuicProtocolOptions()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, Http3ProtocolOptionsValidationError{
+					field:  "QuicProtocolOptions",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, Http3ProtocolOptionsValidationError{
+					field:  "QuicProtocolOptions",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetQuicProtocolOptions()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return Http3ProtocolOptionsValidationError{
+				field:  "QuicProtocolOptions",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if all {
+		switch v := interface{}(m.GetOverrideStreamErrorOnInvalidHttpMessage()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, Http3ProtocolOptionsValidationError{
+					field:  "OverrideStreamErrorOnInvalidHttpMessage",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, Http3ProtocolOptionsValidationError{
+					field:  "OverrideStreamErrorOnInvalidHttpMessage",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetOverrideStreamErrorOnInvalidHttpMessage()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return Http3ProtocolOptionsValidationError{
+				field:  "OverrideStreamErrorOnInvalidHttpMessage",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	// no validation rules for AllowExtendedConnect
+
+	if len(errors) > 0 {
+		return Http3ProtocolOptionsMultiError(errors)
+	}
+	return nil
+}
+
+// Http3ProtocolOptionsMultiError is an error wrapping multiple validation
+// errors returned by Http3ProtocolOptions.ValidateAll() if the designated
+// constraints aren't met.
+type Http3ProtocolOptionsMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m Http3ProtocolOptionsMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m Http3ProtocolOptionsMultiError) AllErrors() []error { return m }
+
+// Http3ProtocolOptionsValidationError is the validation error returned by
+// Http3ProtocolOptions.Validate if the designated constraints aren't met.
+type Http3ProtocolOptionsValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e Http3ProtocolOptionsValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e Http3ProtocolOptionsValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e Http3ProtocolOptionsValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e Http3ProtocolOptionsValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e Http3ProtocolOptionsValidationError) ErrorName() string {
+	return "Http3ProtocolOptionsValidationError"
+}
+
+// Error satisfies the builtin error interface
+func (e Http3ProtocolOptionsValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sHttp3ProtocolOptions.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = Http3ProtocolOptionsValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = Http3ProtocolOptionsValidationError{}
+
+// Validate checks the field values on SchemeHeaderTransformation with the
+// rules defined in the proto definition for this message. If any rules are
+// violated, the first error encountered is returned, or nil if there are no violations.
+func (m *SchemeHeaderTransformation) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on SchemeHeaderTransformation with the
+// rules defined in the proto definition for this message. If any rules are
+// violated, the result is a list of violation errors wrapped in
+// SchemeHeaderTransformationMultiError, or nil if none found.
+func (m *SchemeHeaderTransformation) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *SchemeHeaderTransformation) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	switch m.Transformation.(type) {
+
+	case *SchemeHeaderTransformation_SchemeToOverwrite:
+
+		if _, ok := _SchemeHeaderTransformation_SchemeToOverwrite_InLookup[m.GetSchemeToOverwrite()]; !ok {
+			err := SchemeHeaderTransformationValidationError{
+				field:  "SchemeToOverwrite",
+				reason: "value must be in list [http https]",
+			}
+			if !all {
+				return err
+			}
+			errors = append(errors, err)
+		}
+
+	}
+
+	if len(errors) > 0 {
+		return SchemeHeaderTransformationMultiError(errors)
+	}
+	return nil
+}
+
+// SchemeHeaderTransformationMultiError is an error wrapping multiple
+// validation errors returned by SchemeHeaderTransformation.ValidateAll() if
+// the designated constraints aren't met.
+type SchemeHeaderTransformationMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m SchemeHeaderTransformationMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m SchemeHeaderTransformationMultiError) AllErrors() []error { return m }
+
+// SchemeHeaderTransformationValidationError is the validation error returned
+// by SchemeHeaderTransformation.Validate if the designated constraints aren't met.
+type SchemeHeaderTransformationValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e SchemeHeaderTransformationValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e SchemeHeaderTransformationValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e SchemeHeaderTransformationValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e SchemeHeaderTransformationValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e SchemeHeaderTransformationValidationError) ErrorName() string {
+	return "SchemeHeaderTransformationValidationError"
+}
+
+// Error satisfies the builtin error interface
+func (e SchemeHeaderTransformationValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sSchemeHeaderTransformation.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = SchemeHeaderTransformationValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = SchemeHeaderTransformationValidationError{}
+
+var _SchemeHeaderTransformation_SchemeToOverwrite_InLookup = map[string]struct{}{
+	"http":  {},
+	"https": {},
+}
+
+// Validate checks the field values on Http1ProtocolOptions_HeaderKeyFormat
+// with the rules defined in the proto definition for this message. If any
+// rules are violated, the first error encountered is returned, or nil if
+// there are no violations.
+func (m *Http1ProtocolOptions_HeaderKeyFormat) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on Http1ProtocolOptions_HeaderKeyFormat
+// with the rules defined in the proto definition for this message. If any
+// rules are violated, the result is a list of violation errors wrapped in
+// Http1ProtocolOptions_HeaderKeyFormatMultiError, or nil if none found.
+func (m *Http1ProtocolOptions_HeaderKeyFormat) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *Http1ProtocolOptions_HeaderKeyFormat) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	switch m.HeaderFormat.(type) {
+
+	case *Http1ProtocolOptions_HeaderKeyFormat_ProperCaseWords_:
+
+		if all {
+			switch v := interface{}(m.GetProperCaseWords()).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, Http1ProtocolOptions_HeaderKeyFormatValidationError{
+						field:  "ProperCaseWords",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, Http1ProtocolOptions_HeaderKeyFormatValidationError{
+						field:  "ProperCaseWords",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(m.GetProperCaseWords()).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return Http1ProtocolOptions_HeaderKeyFormatValidationError{
+					field:  "ProperCaseWords",
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	case *Http1ProtocolOptions_HeaderKeyFormat_StatefulFormatter:
+
+		if all {
+			switch v := interface{}(m.GetStatefulFormatter()).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, Http1ProtocolOptions_HeaderKeyFormatValidationError{
+						field:  "StatefulFormatter",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, Http1ProtocolOptions_HeaderKeyFormatValidationError{
+						field:  "StatefulFormatter",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(m.GetStatefulFormatter()).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return Http1ProtocolOptions_HeaderKeyFormatValidationError{
+					field:  "StatefulFormatter",
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	default:
+		err := Http1ProtocolOptions_HeaderKeyFormatValidationError{
+			field:  "HeaderFormat",
+			reason: "value is required",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+
+	}
+
+	if len(errors) > 0 {
+		return Http1ProtocolOptions_HeaderKeyFormatMultiError(errors)
+	}
+	return nil
+}
+
+// Http1ProtocolOptions_HeaderKeyFormatMultiError is an error wrapping multiple
+// validation errors returned by
+// Http1ProtocolOptions_HeaderKeyFormat.ValidateAll() if the designated
+// constraints aren't met.
+type Http1ProtocolOptions_HeaderKeyFormatMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m Http1ProtocolOptions_HeaderKeyFormatMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m Http1ProtocolOptions_HeaderKeyFormatMultiError) AllErrors() []error { return m }
+
+// Http1ProtocolOptions_HeaderKeyFormatValidationError is the validation error
+// returned by Http1ProtocolOptions_HeaderKeyFormat.Validate if the designated
+// constraints aren't met.
+type Http1ProtocolOptions_HeaderKeyFormatValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e Http1ProtocolOptions_HeaderKeyFormatValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e Http1ProtocolOptions_HeaderKeyFormatValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e Http1ProtocolOptions_HeaderKeyFormatValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e Http1ProtocolOptions_HeaderKeyFormatValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e Http1ProtocolOptions_HeaderKeyFormatValidationError) ErrorName() string {
+	return "Http1ProtocolOptions_HeaderKeyFormatValidationError"
+}
+
+// Error satisfies the builtin error interface
+func (e Http1ProtocolOptions_HeaderKeyFormatValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sHttp1ProtocolOptions_HeaderKeyFormat.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = Http1ProtocolOptions_HeaderKeyFormatValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = Http1ProtocolOptions_HeaderKeyFormatValidationError{}
+
+// Validate checks the field values on
+// Http1ProtocolOptions_HeaderKeyFormat_ProperCaseWords with the rules defined
+// in the proto definition for this message. If any rules are violated, the
+// first error encountered is returned, or nil if there are no violations.
+func (m *Http1ProtocolOptions_HeaderKeyFormat_ProperCaseWords) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on
+// Http1ProtocolOptions_HeaderKeyFormat_ProperCaseWords with the rules defined
+// in the proto definition for this message. If any rules are violated, the
+// result is a list of violation errors wrapped in
+// Http1ProtocolOptions_HeaderKeyFormat_ProperCaseWordsMultiError, or nil if
+// none found.
+func (m *Http1ProtocolOptions_HeaderKeyFormat_ProperCaseWords) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *Http1ProtocolOptions_HeaderKeyFormat_ProperCaseWords) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	if len(errors) > 0 {
+		return Http1ProtocolOptions_HeaderKeyFormat_ProperCaseWordsMultiError(errors)
+	}
+	return nil
+}
+
+// Http1ProtocolOptions_HeaderKeyFormat_ProperCaseWordsMultiError is an error
+// wrapping multiple validation errors returned by
+// Http1ProtocolOptions_HeaderKeyFormat_ProperCaseWords.ValidateAll() if the
+// designated constraints aren't met.
+type Http1ProtocolOptions_HeaderKeyFormat_ProperCaseWordsMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m Http1ProtocolOptions_HeaderKeyFormat_ProperCaseWordsMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m Http1ProtocolOptions_HeaderKeyFormat_ProperCaseWordsMultiError) AllErrors() []error { return m }
+
+// Http1ProtocolOptions_HeaderKeyFormat_ProperCaseWordsValidationError is the
+// validation error returned by
+// Http1ProtocolOptions_HeaderKeyFormat_ProperCaseWords.Validate if the
+// designated constraints aren't met.
+type Http1ProtocolOptions_HeaderKeyFormat_ProperCaseWordsValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e Http1ProtocolOptions_HeaderKeyFormat_ProperCaseWordsValidationError) Field() string {
+	return e.field
+}
+
+// Reason function returns reason value.
+func (e Http1ProtocolOptions_HeaderKeyFormat_ProperCaseWordsValidationError) Reason() string {
+	return e.reason
+}
+
+// Cause function returns cause value.
+func (e Http1ProtocolOptions_HeaderKeyFormat_ProperCaseWordsValidationError) Cause() error {
+	return e.cause
+}
+
+// Key function returns key value.
+func (e Http1ProtocolOptions_HeaderKeyFormat_ProperCaseWordsValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e Http1ProtocolOptions_HeaderKeyFormat_ProperCaseWordsValidationError) ErrorName() string {
+	return "Http1ProtocolOptions_HeaderKeyFormat_ProperCaseWordsValidationError"
+}
+
+// Error satisfies the builtin error interface
+func (e Http1ProtocolOptions_HeaderKeyFormat_ProperCaseWordsValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sHttp1ProtocolOptions_HeaderKeyFormat_ProperCaseWords.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = Http1ProtocolOptions_HeaderKeyFormat_ProperCaseWordsValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = Http1ProtocolOptions_HeaderKeyFormat_ProperCaseWordsValidationError{}
+
+// Validate checks the field values on Http2ProtocolOptions_SettingsParameter
+// with the rules defined in the proto definition for this message. If any
+// rules are violated, the first error encountered is returned, or nil if
+// there are no violations.
+func (m *Http2ProtocolOptions_SettingsParameter) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on
+// Http2ProtocolOptions_SettingsParameter with the rules defined in the proto
+// definition for this message. If any rules are violated, the result is a
+// list of violation errors wrapped in
+// Http2ProtocolOptions_SettingsParameterMultiError, or nil if none found.
+func (m *Http2ProtocolOptions_SettingsParameter) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *Http2ProtocolOptions_SettingsParameter) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	if wrapper := m.GetIdentifier(); wrapper != nil {
+
+		if val := wrapper.GetValue(); val < 0 || val > 65535 {
+			err := Http2ProtocolOptions_SettingsParameterValidationError{
+				field:  "Identifier",
+				reason: "value must be inside range [0, 65535]",
+			}
+			if !all {
+				return err
+			}
+			errors = append(errors, err)
+		}
+
+	} else {
+		err := Http2ProtocolOptions_SettingsParameterValidationError{
+			field:  "Identifier",
+			reason: "value is required and must not be nil.",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+	}
+
+	if m.GetValue() == nil {
+		err := Http2ProtocolOptions_SettingsParameterValidationError{
+			field:  "Value",
+			reason: "value is required",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+	}
+
+	if all {
+		switch v := interface{}(m.GetValue()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, Http2ProtocolOptions_SettingsParameterValidationError{
+					field:  "Value",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, Http2ProtocolOptions_SettingsParameterValidationError{
+					field:  "Value",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetValue()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return Http2ProtocolOptions_SettingsParameterValidationError{
+				field:  "Value",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if len(errors) > 0 {
+		return Http2ProtocolOptions_SettingsParameterMultiError(errors)
+	}
+	return nil
+}
+
+// Http2ProtocolOptions_SettingsParameterMultiError is an error wrapping
+// multiple validation errors returned by
+// Http2ProtocolOptions_SettingsParameter.ValidateAll() if the designated
+// constraints aren't met.
+type Http2ProtocolOptions_SettingsParameterMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m Http2ProtocolOptions_SettingsParameterMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m Http2ProtocolOptions_SettingsParameterMultiError) AllErrors() []error { return m }
+
+// Http2ProtocolOptions_SettingsParameterValidationError is the validation
+// error returned by Http2ProtocolOptions_SettingsParameter.Validate if the
+// designated constraints aren't met.
+type Http2ProtocolOptions_SettingsParameterValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e Http2ProtocolOptions_SettingsParameterValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e Http2ProtocolOptions_SettingsParameterValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e Http2ProtocolOptions_SettingsParameterValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e Http2ProtocolOptions_SettingsParameterValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e Http2ProtocolOptions_SettingsParameterValidationError) ErrorName() string {
+	return "Http2ProtocolOptions_SettingsParameterValidationError"
+}
+
+// Error satisfies the builtin error interface
+func (e Http2ProtocolOptions_SettingsParameterValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sHttp2ProtocolOptions_SettingsParameter.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = Http2ProtocolOptions_SettingsParameterValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = Http2ProtocolOptions_SettingsParameterValidationError{}
diff --git a/vendor/github.com/envoyproxy/go-control-plane/envoy/config/core/v3/proxy_protocol.pb.go b/vendor/github.com/envoyproxy/go-control-plane/envoy/config/core/v3/proxy_protocol.pb.go
new file mode 100644
index 00000000000..18e030f3a16
--- /dev/null
+++ b/vendor/github.com/envoyproxy/go-control-plane/envoy/config/core/v3/proxy_protocol.pb.go
@@ -0,0 +1,214 @@
+// Code generated by protoc-gen-go. DO NOT EDIT.
+// versions:
+// 	protoc-gen-go v1.25.0
+// 	protoc        v3.19.1
+// source: envoy/config/core/v3/proxy_protocol.proto
+
+package envoy_config_core_v3
+
+import (
+	_ "github.com/cncf/xds/go/udpa/annotations"
+	proto "github.com/golang/protobuf/proto"
+	protoreflect "google.golang.org/protobuf/reflect/protoreflect"
+	protoimpl "google.golang.org/protobuf/runtime/protoimpl"
+	reflect "reflect"
+	sync "sync"
+)
+
+const (
+	// Verify that this generated code is sufficiently up-to-date.
+	_ = protoimpl.EnforceVersion(20 - protoimpl.MinVersion)
+	// Verify that runtime/protoimpl is sufficiently up-to-date.
+	_ = protoimpl.EnforceVersion(protoimpl.MaxVersion - 20)
+)
+
+// This is a compile-time assertion that a sufficiently up-to-date version
+// of the legacy proto package is being used.
+const _ = proto.ProtoPackageIsVersion4
+
+type ProxyProtocolConfig_Version int32
+
+const (
+	// PROXY protocol version 1. Human readable format.
+	ProxyProtocolConfig_V1 ProxyProtocolConfig_Version = 0
+	// PROXY protocol version 2. Binary format.
+	ProxyProtocolConfig_V2 ProxyProtocolConfig_Version = 1
+)
+
+// Enum value maps for ProxyProtocolConfig_Version.
+var (
+	ProxyProtocolConfig_Version_name = map[int32]string{
+		0: "V1",
+		1: "V2",
+	}
+	ProxyProtocolConfig_Version_value = map[string]int32{
+		"V1": 0,
+		"V2": 1,
+	}
+)
+
+func (x ProxyProtocolConfig_Version) Enum() *ProxyProtocolConfig_Version {
+	p := new(ProxyProtocolConfig_Version)
+	*p = x
+	return p
+}
+
+func (x ProxyProtocolConfig_Version) String() string {
+	return protoimpl.X.EnumStringOf(x.Descriptor(), protoreflect.EnumNumber(x))
+}
+
+func (ProxyProtocolConfig_Version) Descriptor() protoreflect.EnumDescriptor {
+	return file_envoy_config_core_v3_proxy_protocol_proto_enumTypes[0].Descriptor()
+}
+
+func (ProxyProtocolConfig_Version) Type() protoreflect.EnumType {
+	return &file_envoy_config_core_v3_proxy_protocol_proto_enumTypes[0]
+}
+
+func (x ProxyProtocolConfig_Version) Number() protoreflect.EnumNumber {
+	return protoreflect.EnumNumber(x)
+}
+
+// Deprecated: Use ProxyProtocolConfig_Version.Descriptor instead.
+func (ProxyProtocolConfig_Version) EnumDescriptor() ([]byte, []int) {
+	return file_envoy_config_core_v3_proxy_protocol_proto_rawDescGZIP(), []int{0, 0}
+}
+
+type ProxyProtocolConfig struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// The PROXY protocol version to use. See https://www.haproxy.org/download/2.1/doc/proxy-protocol.txt for details
+	Version ProxyProtocolConfig_Version `protobuf:"varint,1,opt,name=version,proto3,enum=envoy.config.core.v3.ProxyProtocolConfig_Version" json:"version,omitempty"`
+}
+
+func (x *ProxyProtocolConfig) Reset() {
+	*x = ProxyProtocolConfig{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_config_core_v3_proxy_protocol_proto_msgTypes[0]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *ProxyProtocolConfig) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*ProxyProtocolConfig) ProtoMessage() {}
+
+func (x *ProxyProtocolConfig) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_config_core_v3_proxy_protocol_proto_msgTypes[0]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use ProxyProtocolConfig.ProtoReflect.Descriptor instead.
+func (*ProxyProtocolConfig) Descriptor() ([]byte, []int) {
+	return file_envoy_config_core_v3_proxy_protocol_proto_rawDescGZIP(), []int{0}
+}
+
+func (x *ProxyProtocolConfig) GetVersion() ProxyProtocolConfig_Version {
+	if x != nil {
+		return x.Version
+	}
+	return ProxyProtocolConfig_V1
+}
+
+var File_envoy_config_core_v3_proxy_protocol_proto protoreflect.FileDescriptor
+
+var file_envoy_config_core_v3_proxy_protocol_proto_rawDesc = []byte{
+	0x0a, 0x29, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2f, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2f, 0x63,
+	0x6f, 0x72, 0x65, 0x2f, 0x76, 0x33, 0x2f, 0x70, 0x72, 0x6f, 0x78, 0x79, 0x5f, 0x70, 0x72, 0x6f,
+	0x74, 0x6f, 0x63, 0x6f, 0x6c, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x12, 0x14, 0x65, 0x6e, 0x76,
+	0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x63, 0x6f, 0x72, 0x65, 0x2e, 0x76,
+	0x33, 0x1a, 0x1d, 0x75, 0x64, 0x70, 0x61, 0x2f, 0x61, 0x6e, 0x6e, 0x6f, 0x74, 0x61, 0x74, 0x69,
+	0x6f, 0x6e, 0x73, 0x2f, 0x73, 0x74, 0x61, 0x74, 0x75, 0x73, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f,
+	0x22, 0x7d, 0x0a, 0x13, 0x50, 0x72, 0x6f, 0x78, 0x79, 0x50, 0x72, 0x6f, 0x74, 0x6f, 0x63, 0x6f,
+	0x6c, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x12, 0x4b, 0x0a, 0x07, 0x76, 0x65, 0x72, 0x73, 0x69,
+	0x6f, 0x6e, 0x18, 0x01, 0x20, 0x01, 0x28, 0x0e, 0x32, 0x31, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79,
+	0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x63, 0x6f, 0x72, 0x65, 0x2e, 0x76, 0x33, 0x2e,
+	0x50, 0x72, 0x6f, 0x78, 0x79, 0x50, 0x72, 0x6f, 0x74, 0x6f, 0x63, 0x6f, 0x6c, 0x43, 0x6f, 0x6e,
+	0x66, 0x69, 0x67, 0x2e, 0x56, 0x65, 0x72, 0x73, 0x69, 0x6f, 0x6e, 0x52, 0x07, 0x76, 0x65, 0x72,
+	0x73, 0x69, 0x6f, 0x6e, 0x22, 0x19, 0x0a, 0x07, 0x56, 0x65, 0x72, 0x73, 0x69, 0x6f, 0x6e, 0x12,
+	0x06, 0x0a, 0x02, 0x56, 0x31, 0x10, 0x00, 0x12, 0x06, 0x0a, 0x02, 0x56, 0x32, 0x10, 0x01, 0x42,
+	0x42, 0x0a, 0x22, 0x69, 0x6f, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x70, 0x72, 0x6f, 0x78, 0x79,
+	0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x63, 0x6f,
+	0x72, 0x65, 0x2e, 0x76, 0x33, 0x42, 0x12, 0x50, 0x72, 0x6f, 0x78, 0x79, 0x50, 0x72, 0x6f, 0x74,
+	0x6f, 0x63, 0x6f, 0x6c, 0x50, 0x72, 0x6f, 0x74, 0x6f, 0x50, 0x01, 0xba, 0x80, 0xc8, 0xd1, 0x06,
+	0x02, 0x10, 0x02, 0x62, 0x06, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x33,
+}
+
+var (
+	file_envoy_config_core_v3_proxy_protocol_proto_rawDescOnce sync.Once
+	file_envoy_config_core_v3_proxy_protocol_proto_rawDescData = file_envoy_config_core_v3_proxy_protocol_proto_rawDesc
+)
+
+func file_envoy_config_core_v3_proxy_protocol_proto_rawDescGZIP() []byte {
+	file_envoy_config_core_v3_proxy_protocol_proto_rawDescOnce.Do(func() {
+		file_envoy_config_core_v3_proxy_protocol_proto_rawDescData = protoimpl.X.CompressGZIP(file_envoy_config_core_v3_proxy_protocol_proto_rawDescData)
+	})
+	return file_envoy_config_core_v3_proxy_protocol_proto_rawDescData
+}
+
+var file_envoy_config_core_v3_proxy_protocol_proto_enumTypes = make([]protoimpl.EnumInfo, 1)
+var file_envoy_config_core_v3_proxy_protocol_proto_msgTypes = make([]protoimpl.MessageInfo, 1)
+var file_envoy_config_core_v3_proxy_protocol_proto_goTypes = []interface{}{
+	(ProxyProtocolConfig_Version)(0), // 0: envoy.config.core.v3.ProxyProtocolConfig.Version
+	(*ProxyProtocolConfig)(nil),      // 1: envoy.config.core.v3.ProxyProtocolConfig
+}
+var file_envoy_config_core_v3_proxy_protocol_proto_depIdxs = []int32{
+	0, // 0: envoy.config.core.v3.ProxyProtocolConfig.version:type_name -> envoy.config.core.v3.ProxyProtocolConfig.Version
+	1, // [1:1] is the sub-list for method output_type
+	1, // [1:1] is the sub-list for method input_type
+	1, // [1:1] is the sub-list for extension type_name
+	1, // [1:1] is the sub-list for extension extendee
+	0, // [0:1] is the sub-list for field type_name
+}
+
+func init() { file_envoy_config_core_v3_proxy_protocol_proto_init() }
+func file_envoy_config_core_v3_proxy_protocol_proto_init() {
+	if File_envoy_config_core_v3_proxy_protocol_proto != nil {
+		return
+	}
+	if !protoimpl.UnsafeEnabled {
+		file_envoy_config_core_v3_proxy_protocol_proto_msgTypes[0].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*ProxyProtocolConfig); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+	}
+	type x struct{}
+	out := protoimpl.TypeBuilder{
+		File: protoimpl.DescBuilder{
+			GoPackagePath: reflect.TypeOf(x{}).PkgPath(),
+			RawDescriptor: file_envoy_config_core_v3_proxy_protocol_proto_rawDesc,
+			NumEnums:      1,
+			NumMessages:   1,
+			NumExtensions: 0,
+			NumServices:   0,
+		},
+		GoTypes:           file_envoy_config_core_v3_proxy_protocol_proto_goTypes,
+		DependencyIndexes: file_envoy_config_core_v3_proxy_protocol_proto_depIdxs,
+		EnumInfos:         file_envoy_config_core_v3_proxy_protocol_proto_enumTypes,
+		MessageInfos:      file_envoy_config_core_v3_proxy_protocol_proto_msgTypes,
+	}.Build()
+	File_envoy_config_core_v3_proxy_protocol_proto = out.File
+	file_envoy_config_core_v3_proxy_protocol_proto_rawDesc = nil
+	file_envoy_config_core_v3_proxy_protocol_proto_goTypes = nil
+	file_envoy_config_core_v3_proxy_protocol_proto_depIdxs = nil
+}
diff --git a/vendor/github.com/envoyproxy/go-control-plane/envoy/config/core/v3/proxy_protocol.pb.validate.go b/vendor/github.com/envoyproxy/go-control-plane/envoy/config/core/v3/proxy_protocol.pb.validate.go
new file mode 100644
index 00000000000..ad058933e9a
--- /dev/null
+++ b/vendor/github.com/envoyproxy/go-control-plane/envoy/config/core/v3/proxy_protocol.pb.validate.go
@@ -0,0 +1,139 @@
+// Code generated by protoc-gen-validate. DO NOT EDIT.
+// source: envoy/config/core/v3/proxy_protocol.proto
+
+package envoy_config_core_v3
+
+import (
+	"bytes"
+	"errors"
+	"fmt"
+	"net"
+	"net/mail"
+	"net/url"
+	"regexp"
+	"sort"
+	"strings"
+	"time"
+	"unicode/utf8"
+
+	"google.golang.org/protobuf/types/known/anypb"
+)
+
+// ensure the imports are used
+var (
+	_ = bytes.MinRead
+	_ = errors.New("")
+	_ = fmt.Print
+	_ = utf8.UTFMax
+	_ = (*regexp.Regexp)(nil)
+	_ = (*strings.Reader)(nil)
+	_ = net.IPv4len
+	_ = time.Duration(0)
+	_ = (*url.URL)(nil)
+	_ = (*mail.Address)(nil)
+	_ = anypb.Any{}
+	_ = sort.Sort
+)
+
+// Validate checks the field values on ProxyProtocolConfig with the rules
+// defined in the proto definition for this message. If any rules are
+// violated, the first error encountered is returned, or nil if there are no violations.
+func (m *ProxyProtocolConfig) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on ProxyProtocolConfig with the rules
+// defined in the proto definition for this message. If any rules are
+// violated, the result is a list of violation errors wrapped in
+// ProxyProtocolConfigMultiError, or nil if none found.
+func (m *ProxyProtocolConfig) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *ProxyProtocolConfig) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	// no validation rules for Version
+
+	if len(errors) > 0 {
+		return ProxyProtocolConfigMultiError(errors)
+	}
+	return nil
+}
+
+// ProxyProtocolConfigMultiError is an error wrapping multiple validation
+// errors returned by ProxyProtocolConfig.ValidateAll() if the designated
+// constraints aren't met.
+type ProxyProtocolConfigMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m ProxyProtocolConfigMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m ProxyProtocolConfigMultiError) AllErrors() []error { return m }
+
+// ProxyProtocolConfigValidationError is the validation error returned by
+// ProxyProtocolConfig.Validate if the designated constraints aren't met.
+type ProxyProtocolConfigValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e ProxyProtocolConfigValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e ProxyProtocolConfigValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e ProxyProtocolConfigValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e ProxyProtocolConfigValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e ProxyProtocolConfigValidationError) ErrorName() string {
+	return "ProxyProtocolConfigValidationError"
+}
+
+// Error satisfies the builtin error interface
+func (e ProxyProtocolConfigValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sProxyProtocolConfig.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = ProxyProtocolConfigValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = ProxyProtocolConfigValidationError{}
diff --git a/vendor/github.com/envoyproxy/go-control-plane/envoy/config/core/v3/resolver.pb.go b/vendor/github.com/envoyproxy/go-control-plane/envoy/config/core/v3/resolver.pb.go
new file mode 100644
index 00000000000..8dd51167105
--- /dev/null
+++ b/vendor/github.com/envoyproxy/go-control-plane/envoy/config/core/v3/resolver.pb.go
@@ -0,0 +1,265 @@
+// Code generated by protoc-gen-go. DO NOT EDIT.
+// versions:
+// 	protoc-gen-go v1.25.0
+// 	protoc        v3.19.1
+// source: envoy/config/core/v3/resolver.proto
+
+package envoy_config_core_v3
+
+import (
+	_ "github.com/cncf/xds/go/udpa/annotations"
+	_ "github.com/envoyproxy/protoc-gen-validate/validate"
+	proto "github.com/golang/protobuf/proto"
+	protoreflect "google.golang.org/protobuf/reflect/protoreflect"
+	protoimpl "google.golang.org/protobuf/runtime/protoimpl"
+	reflect "reflect"
+	sync "sync"
+)
+
+const (
+	// Verify that this generated code is sufficiently up-to-date.
+	_ = protoimpl.EnforceVersion(20 - protoimpl.MinVersion)
+	// Verify that runtime/protoimpl is sufficiently up-to-date.
+	_ = protoimpl.EnforceVersion(protoimpl.MaxVersion - 20)
+)
+
+// This is a compile-time assertion that a sufficiently up-to-date version
+// of the legacy proto package is being used.
+const _ = proto.ProtoPackageIsVersion4
+
+// Configuration of DNS resolver option flags which control the behavior of the DNS resolver.
+type DnsResolverOptions struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// Use TCP for all DNS queries instead of the default protocol UDP.
+	UseTcpForDnsLookups bool `protobuf:"varint,1,opt,name=use_tcp_for_dns_lookups,json=useTcpForDnsLookups,proto3" json:"use_tcp_for_dns_lookups,omitempty"`
+	// Do not use the default search domains; only query hostnames as-is or as aliases.
+	NoDefaultSearchDomain bool `protobuf:"varint,2,opt,name=no_default_search_domain,json=noDefaultSearchDomain,proto3" json:"no_default_search_domain,omitempty"`
+}
+
+func (x *DnsResolverOptions) Reset() {
+	*x = DnsResolverOptions{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_config_core_v3_resolver_proto_msgTypes[0]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *DnsResolverOptions) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*DnsResolverOptions) ProtoMessage() {}
+
+func (x *DnsResolverOptions) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_config_core_v3_resolver_proto_msgTypes[0]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use DnsResolverOptions.ProtoReflect.Descriptor instead.
+func (*DnsResolverOptions) Descriptor() ([]byte, []int) {
+	return file_envoy_config_core_v3_resolver_proto_rawDescGZIP(), []int{0}
+}
+
+func (x *DnsResolverOptions) GetUseTcpForDnsLookups() bool {
+	if x != nil {
+		return x.UseTcpForDnsLookups
+	}
+	return false
+}
+
+func (x *DnsResolverOptions) GetNoDefaultSearchDomain() bool {
+	if x != nil {
+		return x.NoDefaultSearchDomain
+	}
+	return false
+}
+
+// DNS resolution configuration which includes the underlying dns resolver addresses and options.
+type DnsResolutionConfig struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// A list of dns resolver addresses. If specified, the DNS client library will perform resolution
+	// via the underlying DNS resolvers. Otherwise, the default system resolvers
+	// (e.g., /etc/resolv.conf) will be used.
+	Resolvers []*Address `protobuf:"bytes,1,rep,name=resolvers,proto3" json:"resolvers,omitempty"`
+	// Configuration of DNS resolver option flags which control the behavior of the DNS resolver.
+	DnsResolverOptions *DnsResolverOptions `protobuf:"bytes,2,opt,name=dns_resolver_options,json=dnsResolverOptions,proto3" json:"dns_resolver_options,omitempty"`
+}
+
+func (x *DnsResolutionConfig) Reset() {
+	*x = DnsResolutionConfig{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_config_core_v3_resolver_proto_msgTypes[1]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *DnsResolutionConfig) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*DnsResolutionConfig) ProtoMessage() {}
+
+func (x *DnsResolutionConfig) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_config_core_v3_resolver_proto_msgTypes[1]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use DnsResolutionConfig.ProtoReflect.Descriptor instead.
+func (*DnsResolutionConfig) Descriptor() ([]byte, []int) {
+	return file_envoy_config_core_v3_resolver_proto_rawDescGZIP(), []int{1}
+}
+
+func (x *DnsResolutionConfig) GetResolvers() []*Address {
+	if x != nil {
+		return x.Resolvers
+	}
+	return nil
+}
+
+func (x *DnsResolutionConfig) GetDnsResolverOptions() *DnsResolverOptions {
+	if x != nil {
+		return x.DnsResolverOptions
+	}
+	return nil
+}
+
+var File_envoy_config_core_v3_resolver_proto protoreflect.FileDescriptor
+
+var file_envoy_config_core_v3_resolver_proto_rawDesc = []byte{
+	0x0a, 0x23, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2f, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2f, 0x63,
+	0x6f, 0x72, 0x65, 0x2f, 0x76, 0x33, 0x2f, 0x72, 0x65, 0x73, 0x6f, 0x6c, 0x76, 0x65, 0x72, 0x2e,
+	0x70, 0x72, 0x6f, 0x74, 0x6f, 0x12, 0x14, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e,
+	0x66, 0x69, 0x67, 0x2e, 0x63, 0x6f, 0x72, 0x65, 0x2e, 0x76, 0x33, 0x1a, 0x22, 0x65, 0x6e, 0x76,
+	0x6f, 0x79, 0x2f, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2f, 0x63, 0x6f, 0x72, 0x65, 0x2f, 0x76,
+	0x33, 0x2f, 0x61, 0x64, 0x64, 0x72, 0x65, 0x73, 0x73, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a,
+	0x1d, 0x75, 0x64, 0x70, 0x61, 0x2f, 0x61, 0x6e, 0x6e, 0x6f, 0x74, 0x61, 0x74, 0x69, 0x6f, 0x6e,
+	0x73, 0x2f, 0x73, 0x74, 0x61, 0x74, 0x75, 0x73, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x17,
+	0x76, 0x61, 0x6c, 0x69, 0x64, 0x61, 0x74, 0x65, 0x2f, 0x76, 0x61, 0x6c, 0x69, 0x64, 0x61, 0x74,
+	0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x22, 0x83, 0x01, 0x0a, 0x12, 0x44, 0x6e, 0x73, 0x52,
+	0x65, 0x73, 0x6f, 0x6c, 0x76, 0x65, 0x72, 0x4f, 0x70, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x12, 0x34,
+	0x0a, 0x17, 0x75, 0x73, 0x65, 0x5f, 0x74, 0x63, 0x70, 0x5f, 0x66, 0x6f, 0x72, 0x5f, 0x64, 0x6e,
+	0x73, 0x5f, 0x6c, 0x6f, 0x6f, 0x6b, 0x75, 0x70, 0x73, 0x18, 0x01, 0x20, 0x01, 0x28, 0x08, 0x52,
+	0x13, 0x75, 0x73, 0x65, 0x54, 0x63, 0x70, 0x46, 0x6f, 0x72, 0x44, 0x6e, 0x73, 0x4c, 0x6f, 0x6f,
+	0x6b, 0x75, 0x70, 0x73, 0x12, 0x37, 0x0a, 0x18, 0x6e, 0x6f, 0x5f, 0x64, 0x65, 0x66, 0x61, 0x75,
+	0x6c, 0x74, 0x5f, 0x73, 0x65, 0x61, 0x72, 0x63, 0x68, 0x5f, 0x64, 0x6f, 0x6d, 0x61, 0x69, 0x6e,
+	0x18, 0x02, 0x20, 0x01, 0x28, 0x08, 0x52, 0x15, 0x6e, 0x6f, 0x44, 0x65, 0x66, 0x61, 0x75, 0x6c,
+	0x74, 0x53, 0x65, 0x61, 0x72, 0x63, 0x68, 0x44, 0x6f, 0x6d, 0x61, 0x69, 0x6e, 0x22, 0xb8, 0x01,
+	0x0a, 0x13, 0x44, 0x6e, 0x73, 0x52, 0x65, 0x73, 0x6f, 0x6c, 0x75, 0x74, 0x69, 0x6f, 0x6e, 0x43,
+	0x6f, 0x6e, 0x66, 0x69, 0x67, 0x12, 0x45, 0x0a, 0x09, 0x72, 0x65, 0x73, 0x6f, 0x6c, 0x76, 0x65,
+	0x72, 0x73, 0x18, 0x01, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x1d, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79,
+	0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x63, 0x6f, 0x72, 0x65, 0x2e, 0x76, 0x33, 0x2e,
+	0x41, 0x64, 0x64, 0x72, 0x65, 0x73, 0x73, 0x42, 0x08, 0xfa, 0x42, 0x05, 0x92, 0x01, 0x02, 0x08,
+	0x01, 0x52, 0x09, 0x72, 0x65, 0x73, 0x6f, 0x6c, 0x76, 0x65, 0x72, 0x73, 0x12, 0x5a, 0x0a, 0x14,
+	0x64, 0x6e, 0x73, 0x5f, 0x72, 0x65, 0x73, 0x6f, 0x6c, 0x76, 0x65, 0x72, 0x5f, 0x6f, 0x70, 0x74,
+	0x69, 0x6f, 0x6e, 0x73, 0x18, 0x02, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x28, 0x2e, 0x65, 0x6e, 0x76,
+	0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x63, 0x6f, 0x72, 0x65, 0x2e, 0x76,
+	0x33, 0x2e, 0x44, 0x6e, 0x73, 0x52, 0x65, 0x73, 0x6f, 0x6c, 0x76, 0x65, 0x72, 0x4f, 0x70, 0x74,
+	0x69, 0x6f, 0x6e, 0x73, 0x52, 0x12, 0x64, 0x6e, 0x73, 0x52, 0x65, 0x73, 0x6f, 0x6c, 0x76, 0x65,
+	0x72, 0x4f, 0x70, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x42, 0x3d, 0x0a, 0x22, 0x69, 0x6f, 0x2e, 0x65,
+	0x6e, 0x76, 0x6f, 0x79, 0x70, 0x72, 0x6f, 0x78, 0x79, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e,
+	0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x63, 0x6f, 0x72, 0x65, 0x2e, 0x76, 0x33, 0x42, 0x0d,
+	0x52, 0x65, 0x73, 0x6f, 0x6c, 0x76, 0x65, 0x72, 0x50, 0x72, 0x6f, 0x74, 0x6f, 0x50, 0x01, 0xba,
+	0x80, 0xc8, 0xd1, 0x06, 0x02, 0x10, 0x02, 0x62, 0x06, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x33,
+}
+
+var (
+	file_envoy_config_core_v3_resolver_proto_rawDescOnce sync.Once
+	file_envoy_config_core_v3_resolver_proto_rawDescData = file_envoy_config_core_v3_resolver_proto_rawDesc
+)
+
+func file_envoy_config_core_v3_resolver_proto_rawDescGZIP() []byte {
+	file_envoy_config_core_v3_resolver_proto_rawDescOnce.Do(func() {
+		file_envoy_config_core_v3_resolver_proto_rawDescData = protoimpl.X.CompressGZIP(file_envoy_config_core_v3_resolver_proto_rawDescData)
+	})
+	return file_envoy_config_core_v3_resolver_proto_rawDescData
+}
+
+var file_envoy_config_core_v3_resolver_proto_msgTypes = make([]protoimpl.MessageInfo, 2)
+var file_envoy_config_core_v3_resolver_proto_goTypes = []interface{}{
+	(*DnsResolverOptions)(nil),  // 0: envoy.config.core.v3.DnsResolverOptions
+	(*DnsResolutionConfig)(nil), // 1: envoy.config.core.v3.DnsResolutionConfig
+	(*Address)(nil),             // 2: envoy.config.core.v3.Address
+}
+var file_envoy_config_core_v3_resolver_proto_depIdxs = []int32{
+	2, // 0: envoy.config.core.v3.DnsResolutionConfig.resolvers:type_name -> envoy.config.core.v3.Address
+	0, // 1: envoy.config.core.v3.DnsResolutionConfig.dns_resolver_options:type_name -> envoy.config.core.v3.DnsResolverOptions
+	2, // [2:2] is the sub-list for method output_type
+	2, // [2:2] is the sub-list for method input_type
+	2, // [2:2] is the sub-list for extension type_name
+	2, // [2:2] is the sub-list for extension extendee
+	0, // [0:2] is the sub-list for field type_name
+}
+
+func init() { file_envoy_config_core_v3_resolver_proto_init() }
+func file_envoy_config_core_v3_resolver_proto_init() {
+	if File_envoy_config_core_v3_resolver_proto != nil {
+		return
+	}
+	file_envoy_config_core_v3_address_proto_init()
+	if !protoimpl.UnsafeEnabled {
+		file_envoy_config_core_v3_resolver_proto_msgTypes[0].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*DnsResolverOptions); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_config_core_v3_resolver_proto_msgTypes[1].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*DnsResolutionConfig); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+	}
+	type x struct{}
+	out := protoimpl.TypeBuilder{
+		File: protoimpl.DescBuilder{
+			GoPackagePath: reflect.TypeOf(x{}).PkgPath(),
+			RawDescriptor: file_envoy_config_core_v3_resolver_proto_rawDesc,
+			NumEnums:      0,
+			NumMessages:   2,
+			NumExtensions: 0,
+			NumServices:   0,
+		},
+		GoTypes:           file_envoy_config_core_v3_resolver_proto_goTypes,
+		DependencyIndexes: file_envoy_config_core_v3_resolver_proto_depIdxs,
+		MessageInfos:      file_envoy_config_core_v3_resolver_proto_msgTypes,
+	}.Build()
+	File_envoy_config_core_v3_resolver_proto = out.File
+	file_envoy_config_core_v3_resolver_proto_rawDesc = nil
+	file_envoy_config_core_v3_resolver_proto_goTypes = nil
+	file_envoy_config_core_v3_resolver_proto_depIdxs = nil
+}
diff --git a/vendor/github.com/envoyproxy/go-control-plane/envoy/config/core/v3/resolver.pb.validate.go b/vendor/github.com/envoyproxy/go-control-plane/envoy/config/core/v3/resolver.pb.validate.go
new file mode 100644
index 00000000000..994d4e01292
--- /dev/null
+++ b/vendor/github.com/envoyproxy/go-control-plane/envoy/config/core/v3/resolver.pb.validate.go
@@ -0,0 +1,316 @@
+// Code generated by protoc-gen-validate. DO NOT EDIT.
+// source: envoy/config/core/v3/resolver.proto
+
+package envoy_config_core_v3
+
+import (
+	"bytes"
+	"errors"
+	"fmt"
+	"net"
+	"net/mail"
+	"net/url"
+	"regexp"
+	"sort"
+	"strings"
+	"time"
+	"unicode/utf8"
+
+	"google.golang.org/protobuf/types/known/anypb"
+)
+
+// ensure the imports are used
+var (
+	_ = bytes.MinRead
+	_ = errors.New("")
+	_ = fmt.Print
+	_ = utf8.UTFMax
+	_ = (*regexp.Regexp)(nil)
+	_ = (*strings.Reader)(nil)
+	_ = net.IPv4len
+	_ = time.Duration(0)
+	_ = (*url.URL)(nil)
+	_ = (*mail.Address)(nil)
+	_ = anypb.Any{}
+	_ = sort.Sort
+)
+
+// Validate checks the field values on DnsResolverOptions with the rules
+// defined in the proto definition for this message. If any rules are
+// violated, the first error encountered is returned, or nil if there are no violations.
+func (m *DnsResolverOptions) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on DnsResolverOptions with the rules
+// defined in the proto definition for this message. If any rules are
+// violated, the result is a list of violation errors wrapped in
+// DnsResolverOptionsMultiError, or nil if none found.
+func (m *DnsResolverOptions) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *DnsResolverOptions) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	// no validation rules for UseTcpForDnsLookups
+
+	// no validation rules for NoDefaultSearchDomain
+
+	if len(errors) > 0 {
+		return DnsResolverOptionsMultiError(errors)
+	}
+	return nil
+}
+
+// DnsResolverOptionsMultiError is an error wrapping multiple validation errors
+// returned by DnsResolverOptions.ValidateAll() if the designated constraints
+// aren't met.
+type DnsResolverOptionsMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m DnsResolverOptionsMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m DnsResolverOptionsMultiError) AllErrors() []error { return m }
+
+// DnsResolverOptionsValidationError is the validation error returned by
+// DnsResolverOptions.Validate if the designated constraints aren't met.
+type DnsResolverOptionsValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e DnsResolverOptionsValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e DnsResolverOptionsValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e DnsResolverOptionsValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e DnsResolverOptionsValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e DnsResolverOptionsValidationError) ErrorName() string {
+	return "DnsResolverOptionsValidationError"
+}
+
+// Error satisfies the builtin error interface
+func (e DnsResolverOptionsValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sDnsResolverOptions.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = DnsResolverOptionsValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = DnsResolverOptionsValidationError{}
+
+// Validate checks the field values on DnsResolutionConfig with the rules
+// defined in the proto definition for this message. If any rules are
+// violated, the first error encountered is returned, or nil if there are no violations.
+func (m *DnsResolutionConfig) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on DnsResolutionConfig with the rules
+// defined in the proto definition for this message. If any rules are
+// violated, the result is a list of violation errors wrapped in
+// DnsResolutionConfigMultiError, or nil if none found.
+func (m *DnsResolutionConfig) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *DnsResolutionConfig) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	if len(m.GetResolvers()) < 1 {
+		err := DnsResolutionConfigValidationError{
+			field:  "Resolvers",
+			reason: "value must contain at least 1 item(s)",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+	}
+
+	for idx, item := range m.GetResolvers() {
+		_, _ = idx, item
+
+		if all {
+			switch v := interface{}(item).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, DnsResolutionConfigValidationError{
+						field:  fmt.Sprintf("Resolvers[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, DnsResolutionConfigValidationError{
+						field:  fmt.Sprintf("Resolvers[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(item).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return DnsResolutionConfigValidationError{
+					field:  fmt.Sprintf("Resolvers[%v]", idx),
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	}
+
+	if all {
+		switch v := interface{}(m.GetDnsResolverOptions()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, DnsResolutionConfigValidationError{
+					field:  "DnsResolverOptions",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, DnsResolutionConfigValidationError{
+					field:  "DnsResolverOptions",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetDnsResolverOptions()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return DnsResolutionConfigValidationError{
+				field:  "DnsResolverOptions",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if len(errors) > 0 {
+		return DnsResolutionConfigMultiError(errors)
+	}
+	return nil
+}
+
+// DnsResolutionConfigMultiError is an error wrapping multiple validation
+// errors returned by DnsResolutionConfig.ValidateAll() if the designated
+// constraints aren't met.
+type DnsResolutionConfigMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m DnsResolutionConfigMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m DnsResolutionConfigMultiError) AllErrors() []error { return m }
+
+// DnsResolutionConfigValidationError is the validation error returned by
+// DnsResolutionConfig.Validate if the designated constraints aren't met.
+type DnsResolutionConfigValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e DnsResolutionConfigValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e DnsResolutionConfigValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e DnsResolutionConfigValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e DnsResolutionConfigValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e DnsResolutionConfigValidationError) ErrorName() string {
+	return "DnsResolutionConfigValidationError"
+}
+
+// Error satisfies the builtin error interface
+func (e DnsResolutionConfigValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sDnsResolutionConfig.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = DnsResolutionConfigValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = DnsResolutionConfigValidationError{}
diff --git a/vendor/github.com/envoyproxy/go-control-plane/envoy/config/core/v3/socket_option.pb.go b/vendor/github.com/envoyproxy/go-control-plane/envoy/config/core/v3/socket_option.pb.go
new file mode 100644
index 00000000000..eab22caebf9
--- /dev/null
+++ b/vendor/github.com/envoyproxy/go-control-plane/envoy/config/core/v3/socket_option.pb.go
@@ -0,0 +1,316 @@
+// Code generated by protoc-gen-go. DO NOT EDIT.
+// versions:
+// 	protoc-gen-go v1.25.0
+// 	protoc        v3.19.1
+// source: envoy/config/core/v3/socket_option.proto
+
+package envoy_config_core_v3
+
+import (
+	_ "github.com/cncf/xds/go/udpa/annotations"
+	_ "github.com/envoyproxy/protoc-gen-validate/validate"
+	proto "github.com/golang/protobuf/proto"
+	protoreflect "google.golang.org/protobuf/reflect/protoreflect"
+	protoimpl "google.golang.org/protobuf/runtime/protoimpl"
+	reflect "reflect"
+	sync "sync"
+)
+
+const (
+	// Verify that this generated code is sufficiently up-to-date.
+	_ = protoimpl.EnforceVersion(20 - protoimpl.MinVersion)
+	// Verify that runtime/protoimpl is sufficiently up-to-date.
+	_ = protoimpl.EnforceVersion(protoimpl.MaxVersion - 20)
+)
+
+// This is a compile-time assertion that a sufficiently up-to-date version
+// of the legacy proto package is being used.
+const _ = proto.ProtoPackageIsVersion4
+
+type SocketOption_SocketState int32
+
+const (
+	// Socket options are applied after socket creation but before binding the socket to a port
+	SocketOption_STATE_PREBIND SocketOption_SocketState = 0
+	// Socket options are applied after binding the socket to a port but before calling listen()
+	SocketOption_STATE_BOUND SocketOption_SocketState = 1
+	// Socket options are applied after calling listen()
+	SocketOption_STATE_LISTENING SocketOption_SocketState = 2
+)
+
+// Enum value maps for SocketOption_SocketState.
+var (
+	SocketOption_SocketState_name = map[int32]string{
+		0: "STATE_PREBIND",
+		1: "STATE_BOUND",
+		2: "STATE_LISTENING",
+	}
+	SocketOption_SocketState_value = map[string]int32{
+		"STATE_PREBIND":   0,
+		"STATE_BOUND":     1,
+		"STATE_LISTENING": 2,
+	}
+)
+
+func (x SocketOption_SocketState) Enum() *SocketOption_SocketState {
+	p := new(SocketOption_SocketState)
+	*p = x
+	return p
+}
+
+func (x SocketOption_SocketState) String() string {
+	return protoimpl.X.EnumStringOf(x.Descriptor(), protoreflect.EnumNumber(x))
+}
+
+func (SocketOption_SocketState) Descriptor() protoreflect.EnumDescriptor {
+	return file_envoy_config_core_v3_socket_option_proto_enumTypes[0].Descriptor()
+}
+
+func (SocketOption_SocketState) Type() protoreflect.EnumType {
+	return &file_envoy_config_core_v3_socket_option_proto_enumTypes[0]
+}
+
+func (x SocketOption_SocketState) Number() protoreflect.EnumNumber {
+	return protoreflect.EnumNumber(x)
+}
+
+// Deprecated: Use SocketOption_SocketState.Descriptor instead.
+func (SocketOption_SocketState) EnumDescriptor() ([]byte, []int) {
+	return file_envoy_config_core_v3_socket_option_proto_rawDescGZIP(), []int{0, 0}
+}
+
+// Generic socket option message. This would be used to set socket options that
+// might not exist in upstream kernels or precompiled Envoy binaries.
+// [#next-free-field: 7]
+type SocketOption struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// An optional name to give this socket option for debugging, etc.
+	// Uniqueness is not required and no special meaning is assumed.
+	Description string `protobuf:"bytes,1,opt,name=description,proto3" json:"description,omitempty"`
+	// Corresponding to the level value passed to setsockopt, such as IPPROTO_TCP
+	Level int64 `protobuf:"varint,2,opt,name=level,proto3" json:"level,omitempty"`
+	// The numeric name as passed to setsockopt
+	Name int64 `protobuf:"varint,3,opt,name=name,proto3" json:"name,omitempty"`
+	// Types that are assignable to Value:
+	//	*SocketOption_IntValue
+	//	*SocketOption_BufValue
+	Value isSocketOption_Value `protobuf_oneof:"value"`
+	// The state in which the option will be applied. When used in BindConfig
+	// STATE_PREBIND is currently the only valid value.
+	State SocketOption_SocketState `protobuf:"varint,6,opt,name=state,proto3,enum=envoy.config.core.v3.SocketOption_SocketState" json:"state,omitempty"`
+}
+
+func (x *SocketOption) Reset() {
+	*x = SocketOption{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_config_core_v3_socket_option_proto_msgTypes[0]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *SocketOption) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*SocketOption) ProtoMessage() {}
+
+func (x *SocketOption) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_config_core_v3_socket_option_proto_msgTypes[0]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use SocketOption.ProtoReflect.Descriptor instead.
+func (*SocketOption) Descriptor() ([]byte, []int) {
+	return file_envoy_config_core_v3_socket_option_proto_rawDescGZIP(), []int{0}
+}
+
+func (x *SocketOption) GetDescription() string {
+	if x != nil {
+		return x.Description
+	}
+	return ""
+}
+
+func (x *SocketOption) GetLevel() int64 {
+	if x != nil {
+		return x.Level
+	}
+	return 0
+}
+
+func (x *SocketOption) GetName() int64 {
+	if x != nil {
+		return x.Name
+	}
+	return 0
+}
+
+func (m *SocketOption) GetValue() isSocketOption_Value {
+	if m != nil {
+		return m.Value
+	}
+	return nil
+}
+
+func (x *SocketOption) GetIntValue() int64 {
+	if x, ok := x.GetValue().(*SocketOption_IntValue); ok {
+		return x.IntValue
+	}
+	return 0
+}
+
+func (x *SocketOption) GetBufValue() []byte {
+	if x, ok := x.GetValue().(*SocketOption_BufValue); ok {
+		return x.BufValue
+	}
+	return nil
+}
+
+func (x *SocketOption) GetState() SocketOption_SocketState {
+	if x != nil {
+		return x.State
+	}
+	return SocketOption_STATE_PREBIND
+}
+
+type isSocketOption_Value interface {
+	isSocketOption_Value()
+}
+
+type SocketOption_IntValue struct {
+	// Because many sockopts take an int value.
+	IntValue int64 `protobuf:"varint,4,opt,name=int_value,json=intValue,proto3,oneof"`
+}
+
+type SocketOption_BufValue struct {
+	// Otherwise it's a byte buffer.
+	BufValue []byte `protobuf:"bytes,5,opt,name=buf_value,json=bufValue,proto3,oneof"`
+}
+
+func (*SocketOption_IntValue) isSocketOption_Value() {}
+
+func (*SocketOption_BufValue) isSocketOption_Value() {}
+
+var File_envoy_config_core_v3_socket_option_proto protoreflect.FileDescriptor
+
+var file_envoy_config_core_v3_socket_option_proto_rawDesc = []byte{
+	0x0a, 0x28, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2f, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2f, 0x63,
+	0x6f, 0x72, 0x65, 0x2f, 0x76, 0x33, 0x2f, 0x73, 0x6f, 0x63, 0x6b, 0x65, 0x74, 0x5f, 0x6f, 0x70,
+	0x74, 0x69, 0x6f, 0x6e, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x12, 0x14, 0x65, 0x6e, 0x76, 0x6f,
+	0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x63, 0x6f, 0x72, 0x65, 0x2e, 0x76, 0x33,
+	0x1a, 0x1d, 0x75, 0x64, 0x70, 0x61, 0x2f, 0x61, 0x6e, 0x6e, 0x6f, 0x74, 0x61, 0x74, 0x69, 0x6f,
+	0x6e, 0x73, 0x2f, 0x73, 0x74, 0x61, 0x74, 0x75, 0x73, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a,
+	0x21, 0x75, 0x64, 0x70, 0x61, 0x2f, 0x61, 0x6e, 0x6e, 0x6f, 0x74, 0x61, 0x74, 0x69, 0x6f, 0x6e,
+	0x73, 0x2f, 0x76, 0x65, 0x72, 0x73, 0x69, 0x6f, 0x6e, 0x69, 0x6e, 0x67, 0x2e, 0x70, 0x72, 0x6f,
+	0x74, 0x6f, 0x1a, 0x17, 0x76, 0x61, 0x6c, 0x69, 0x64, 0x61, 0x74, 0x65, 0x2f, 0x76, 0x61, 0x6c,
+	0x69, 0x64, 0x61, 0x74, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x22, 0xe5, 0x02, 0x0a, 0x0c,
+	0x53, 0x6f, 0x63, 0x6b, 0x65, 0x74, 0x4f, 0x70, 0x74, 0x69, 0x6f, 0x6e, 0x12, 0x20, 0x0a, 0x0b,
+	0x64, 0x65, 0x73, 0x63, 0x72, 0x69, 0x70, 0x74, 0x69, 0x6f, 0x6e, 0x18, 0x01, 0x20, 0x01, 0x28,
+	0x09, 0x52, 0x0b, 0x64, 0x65, 0x73, 0x63, 0x72, 0x69, 0x70, 0x74, 0x69, 0x6f, 0x6e, 0x12, 0x14,
+	0x0a, 0x05, 0x6c, 0x65, 0x76, 0x65, 0x6c, 0x18, 0x02, 0x20, 0x01, 0x28, 0x03, 0x52, 0x05, 0x6c,
+	0x65, 0x76, 0x65, 0x6c, 0x12, 0x12, 0x0a, 0x04, 0x6e, 0x61, 0x6d, 0x65, 0x18, 0x03, 0x20, 0x01,
+	0x28, 0x03, 0x52, 0x04, 0x6e, 0x61, 0x6d, 0x65, 0x12, 0x1d, 0x0a, 0x09, 0x69, 0x6e, 0x74, 0x5f,
+	0x76, 0x61, 0x6c, 0x75, 0x65, 0x18, 0x04, 0x20, 0x01, 0x28, 0x03, 0x48, 0x00, 0x52, 0x08, 0x69,
+	0x6e, 0x74, 0x56, 0x61, 0x6c, 0x75, 0x65, 0x12, 0x1d, 0x0a, 0x09, 0x62, 0x75, 0x66, 0x5f, 0x76,
+	0x61, 0x6c, 0x75, 0x65, 0x18, 0x05, 0x20, 0x01, 0x28, 0x0c, 0x48, 0x00, 0x52, 0x08, 0x62, 0x75,
+	0x66, 0x56, 0x61, 0x6c, 0x75, 0x65, 0x12, 0x4e, 0x0a, 0x05, 0x73, 0x74, 0x61, 0x74, 0x65, 0x18,
+	0x06, 0x20, 0x01, 0x28, 0x0e, 0x32, 0x2e, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f,
+	0x6e, 0x66, 0x69, 0x67, 0x2e, 0x63, 0x6f, 0x72, 0x65, 0x2e, 0x76, 0x33, 0x2e, 0x53, 0x6f, 0x63,
+	0x6b, 0x65, 0x74, 0x4f, 0x70, 0x74, 0x69, 0x6f, 0x6e, 0x2e, 0x53, 0x6f, 0x63, 0x6b, 0x65, 0x74,
+	0x53, 0x74, 0x61, 0x74, 0x65, 0x42, 0x08, 0xfa, 0x42, 0x05, 0x82, 0x01, 0x02, 0x10, 0x01, 0x52,
+	0x05, 0x73, 0x74, 0x61, 0x74, 0x65, 0x22, 0x46, 0x0a, 0x0b, 0x53, 0x6f, 0x63, 0x6b, 0x65, 0x74,
+	0x53, 0x74, 0x61, 0x74, 0x65, 0x12, 0x11, 0x0a, 0x0d, 0x53, 0x54, 0x41, 0x54, 0x45, 0x5f, 0x50,
+	0x52, 0x45, 0x42, 0x49, 0x4e, 0x44, 0x10, 0x00, 0x12, 0x0f, 0x0a, 0x0b, 0x53, 0x54, 0x41, 0x54,
+	0x45, 0x5f, 0x42, 0x4f, 0x55, 0x4e, 0x44, 0x10, 0x01, 0x12, 0x13, 0x0a, 0x0f, 0x53, 0x54, 0x41,
+	0x54, 0x45, 0x5f, 0x4c, 0x49, 0x53, 0x54, 0x45, 0x4e, 0x49, 0x4e, 0x47, 0x10, 0x02, 0x3a, 0x25,
+	0x9a, 0xc5, 0x88, 0x1e, 0x20, 0x0a, 0x1e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61, 0x70, 0x69,
+	0x2e, 0x76, 0x32, 0x2e, 0x63, 0x6f, 0x72, 0x65, 0x2e, 0x53, 0x6f, 0x63, 0x6b, 0x65, 0x74, 0x4f,
+	0x70, 0x74, 0x69, 0x6f, 0x6e, 0x42, 0x0c, 0x0a, 0x05, 0x76, 0x61, 0x6c, 0x75, 0x65, 0x12, 0x03,
+	0xf8, 0x42, 0x01, 0x42, 0x41, 0x0a, 0x22, 0x69, 0x6f, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x70,
+	0x72, 0x6f, 0x78, 0x79, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69,
+	0x67, 0x2e, 0x63, 0x6f, 0x72, 0x65, 0x2e, 0x76, 0x33, 0x42, 0x11, 0x53, 0x6f, 0x63, 0x6b, 0x65,
+	0x74, 0x4f, 0x70, 0x74, 0x69, 0x6f, 0x6e, 0x50, 0x72, 0x6f, 0x74, 0x6f, 0x50, 0x01, 0xba, 0x80,
+	0xc8, 0xd1, 0x06, 0x02, 0x10, 0x02, 0x62, 0x06, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x33,
+}
+
+var (
+	file_envoy_config_core_v3_socket_option_proto_rawDescOnce sync.Once
+	file_envoy_config_core_v3_socket_option_proto_rawDescData = file_envoy_config_core_v3_socket_option_proto_rawDesc
+)
+
+func file_envoy_config_core_v3_socket_option_proto_rawDescGZIP() []byte {
+	file_envoy_config_core_v3_socket_option_proto_rawDescOnce.Do(func() {
+		file_envoy_config_core_v3_socket_option_proto_rawDescData = protoimpl.X.CompressGZIP(file_envoy_config_core_v3_socket_option_proto_rawDescData)
+	})
+	return file_envoy_config_core_v3_socket_option_proto_rawDescData
+}
+
+var file_envoy_config_core_v3_socket_option_proto_enumTypes = make([]protoimpl.EnumInfo, 1)
+var file_envoy_config_core_v3_socket_option_proto_msgTypes = make([]protoimpl.MessageInfo, 1)
+var file_envoy_config_core_v3_socket_option_proto_goTypes = []interface{}{
+	(SocketOption_SocketState)(0), // 0: envoy.config.core.v3.SocketOption.SocketState
+	(*SocketOption)(nil),          // 1: envoy.config.core.v3.SocketOption
+}
+var file_envoy_config_core_v3_socket_option_proto_depIdxs = []int32{
+	0, // 0: envoy.config.core.v3.SocketOption.state:type_name -> envoy.config.core.v3.SocketOption.SocketState
+	1, // [1:1] is the sub-list for method output_type
+	1, // [1:1] is the sub-list for method input_type
+	1, // [1:1] is the sub-list for extension type_name
+	1, // [1:1] is the sub-list for extension extendee
+	0, // [0:1] is the sub-list for field type_name
+}
+
+func init() { file_envoy_config_core_v3_socket_option_proto_init() }
+func file_envoy_config_core_v3_socket_option_proto_init() {
+	if File_envoy_config_core_v3_socket_option_proto != nil {
+		return
+	}
+	if !protoimpl.UnsafeEnabled {
+		file_envoy_config_core_v3_socket_option_proto_msgTypes[0].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*SocketOption); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+	}
+	file_envoy_config_core_v3_socket_option_proto_msgTypes[0].OneofWrappers = []interface{}{
+		(*SocketOption_IntValue)(nil),
+		(*SocketOption_BufValue)(nil),
+	}
+	type x struct{}
+	out := protoimpl.TypeBuilder{
+		File: protoimpl.DescBuilder{
+			GoPackagePath: reflect.TypeOf(x{}).PkgPath(),
+			RawDescriptor: file_envoy_config_core_v3_socket_option_proto_rawDesc,
+			NumEnums:      1,
+			NumMessages:   1,
+			NumExtensions: 0,
+			NumServices:   0,
+		},
+		GoTypes:           file_envoy_config_core_v3_socket_option_proto_goTypes,
+		DependencyIndexes: file_envoy_config_core_v3_socket_option_proto_depIdxs,
+		EnumInfos:         file_envoy_config_core_v3_socket_option_proto_enumTypes,
+		MessageInfos:      file_envoy_config_core_v3_socket_option_proto_msgTypes,
+	}.Build()
+	File_envoy_config_core_v3_socket_option_proto = out.File
+	file_envoy_config_core_v3_socket_option_proto_rawDesc = nil
+	file_envoy_config_core_v3_socket_option_proto_goTypes = nil
+	file_envoy_config_core_v3_socket_option_proto_depIdxs = nil
+}
diff --git a/vendor/github.com/envoyproxy/go-control-plane/envoy/config/core/v3/socket_option.pb.validate.go b/vendor/github.com/envoyproxy/go-control-plane/envoy/config/core/v3/socket_option.pb.validate.go
new file mode 100644
index 00000000000..b72f7b3bb4f
--- /dev/null
+++ b/vendor/github.com/envoyproxy/go-control-plane/envoy/config/core/v3/socket_option.pb.validate.go
@@ -0,0 +1,171 @@
+// Code generated by protoc-gen-validate. DO NOT EDIT.
+// source: envoy/config/core/v3/socket_option.proto
+
+package envoy_config_core_v3
+
+import (
+	"bytes"
+	"errors"
+	"fmt"
+	"net"
+	"net/mail"
+	"net/url"
+	"regexp"
+	"sort"
+	"strings"
+	"time"
+	"unicode/utf8"
+
+	"google.golang.org/protobuf/types/known/anypb"
+)
+
+// ensure the imports are used
+var (
+	_ = bytes.MinRead
+	_ = errors.New("")
+	_ = fmt.Print
+	_ = utf8.UTFMax
+	_ = (*regexp.Regexp)(nil)
+	_ = (*strings.Reader)(nil)
+	_ = net.IPv4len
+	_ = time.Duration(0)
+	_ = (*url.URL)(nil)
+	_ = (*mail.Address)(nil)
+	_ = anypb.Any{}
+	_ = sort.Sort
+)
+
+// Validate checks the field values on SocketOption with the rules defined in
+// the proto definition for this message. If any rules are violated, the first
+// error encountered is returned, or nil if there are no violations.
+func (m *SocketOption) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on SocketOption with the rules defined
+// in the proto definition for this message. If any rules are violated, the
+// result is a list of violation errors wrapped in SocketOptionMultiError, or
+// nil if none found.
+func (m *SocketOption) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *SocketOption) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	// no validation rules for Description
+
+	// no validation rules for Level
+
+	// no validation rules for Name
+
+	if _, ok := SocketOption_SocketState_name[int32(m.GetState())]; !ok {
+		err := SocketOptionValidationError{
+			field:  "State",
+			reason: "value must be one of the defined enum values",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+	}
+
+	switch m.Value.(type) {
+
+	case *SocketOption_IntValue:
+		// no validation rules for IntValue
+
+	case *SocketOption_BufValue:
+		// no validation rules for BufValue
+
+	default:
+		err := SocketOptionValidationError{
+			field:  "Value",
+			reason: "value is required",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+
+	}
+
+	if len(errors) > 0 {
+		return SocketOptionMultiError(errors)
+	}
+	return nil
+}
+
+// SocketOptionMultiError is an error wrapping multiple validation errors
+// returned by SocketOption.ValidateAll() if the designated constraints aren't met.
+type SocketOptionMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m SocketOptionMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m SocketOptionMultiError) AllErrors() []error { return m }
+
+// SocketOptionValidationError is the validation error returned by
+// SocketOption.Validate if the designated constraints aren't met.
+type SocketOptionValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e SocketOptionValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e SocketOptionValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e SocketOptionValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e SocketOptionValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e SocketOptionValidationError) ErrorName() string { return "SocketOptionValidationError" }
+
+// Error satisfies the builtin error interface
+func (e SocketOptionValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sSocketOption.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = SocketOptionValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = SocketOptionValidationError{}
diff --git a/vendor/github.com/envoyproxy/go-control-plane/envoy/config/core/v3/substitution_format_string.pb.go b/vendor/github.com/envoyproxy/go-control-plane/envoy/config/core/v3/substitution_format_string.pb.go
new file mode 100644
index 00000000000..e107d3bd0a4
--- /dev/null
+++ b/vendor/github.com/envoyproxy/go-control-plane/envoy/config/core/v3/substitution_format_string.pb.go
@@ -0,0 +1,356 @@
+// Code generated by protoc-gen-go. DO NOT EDIT.
+// versions:
+// 	protoc-gen-go v1.25.0
+// 	protoc        v3.19.1
+// source: envoy/config/core/v3/substitution_format_string.proto
+
+package envoy_config_core_v3
+
+import (
+	_ "github.com/cncf/xds/go/udpa/annotations"
+	_ "github.com/envoyproxy/go-control-plane/envoy/annotations"
+	_ "github.com/envoyproxy/protoc-gen-validate/validate"
+	proto "github.com/golang/protobuf/proto"
+	_struct "github.com/golang/protobuf/ptypes/struct"
+	protoreflect "google.golang.org/protobuf/reflect/protoreflect"
+	protoimpl "google.golang.org/protobuf/runtime/protoimpl"
+	reflect "reflect"
+	sync "sync"
+)
+
+const (
+	// Verify that this generated code is sufficiently up-to-date.
+	_ = protoimpl.EnforceVersion(20 - protoimpl.MinVersion)
+	// Verify that runtime/protoimpl is sufficiently up-to-date.
+	_ = protoimpl.EnforceVersion(protoimpl.MaxVersion - 20)
+)
+
+// This is a compile-time assertion that a sufficiently up-to-date version
+// of the legacy proto package is being used.
+const _ = proto.ProtoPackageIsVersion4
+
+// Configuration to use multiple :ref:`command operators <config_access_log_command_operators>`
+// to generate a new string in either plain text or JSON format.
+// [#next-free-field: 7]
+type SubstitutionFormatString struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// Types that are assignable to Format:
+	//	*SubstitutionFormatString_TextFormat
+	//	*SubstitutionFormatString_JsonFormat
+	//	*SubstitutionFormatString_TextFormatSource
+	Format isSubstitutionFormatString_Format `protobuf_oneof:"format"`
+	// If set to true, when command operators are evaluated to null,
+	//
+	// * for ``text_format``, the output of the empty operator is changed from ``-`` to an
+	//   empty string, so that empty values are omitted entirely.
+	// * for ``json_format`` the keys with null values are omitted in the output structure.
+	OmitEmptyValues bool `protobuf:"varint,3,opt,name=omit_empty_values,json=omitEmptyValues,proto3" json:"omit_empty_values,omitempty"`
+	// Specify a *content_type* field.
+	// If this field is not set then ``text/plain`` is used for *text_format* and
+	// ``application/json`` is used for *json_format*.
+	//
+	// .. validated-code-block:: yaml
+	//   :type-name: envoy.config.core.v3.SubstitutionFormatString
+	//
+	//   content_type: "text/html; charset=UTF-8"
+	//
+	ContentType string `protobuf:"bytes,4,opt,name=content_type,json=contentType,proto3" json:"content_type,omitempty"`
+	// Specifies a collection of Formatter plugins that can be called from the access log configuration.
+	// See the formatters extensions documentation for details.
+	// [#extension-category: envoy.formatter]
+	Formatters []*TypedExtensionConfig `protobuf:"bytes,6,rep,name=formatters,proto3" json:"formatters,omitempty"`
+}
+
+func (x *SubstitutionFormatString) Reset() {
+	*x = SubstitutionFormatString{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_config_core_v3_substitution_format_string_proto_msgTypes[0]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *SubstitutionFormatString) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*SubstitutionFormatString) ProtoMessage() {}
+
+func (x *SubstitutionFormatString) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_config_core_v3_substitution_format_string_proto_msgTypes[0]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use SubstitutionFormatString.ProtoReflect.Descriptor instead.
+func (*SubstitutionFormatString) Descriptor() ([]byte, []int) {
+	return file_envoy_config_core_v3_substitution_format_string_proto_rawDescGZIP(), []int{0}
+}
+
+func (m *SubstitutionFormatString) GetFormat() isSubstitutionFormatString_Format {
+	if m != nil {
+		return m.Format
+	}
+	return nil
+}
+
+// Deprecated: Do not use.
+func (x *SubstitutionFormatString) GetTextFormat() string {
+	if x, ok := x.GetFormat().(*SubstitutionFormatString_TextFormat); ok {
+		return x.TextFormat
+	}
+	return ""
+}
+
+func (x *SubstitutionFormatString) GetJsonFormat() *_struct.Struct {
+	if x, ok := x.GetFormat().(*SubstitutionFormatString_JsonFormat); ok {
+		return x.JsonFormat
+	}
+	return nil
+}
+
+func (x *SubstitutionFormatString) GetTextFormatSource() *DataSource {
+	if x, ok := x.GetFormat().(*SubstitutionFormatString_TextFormatSource); ok {
+		return x.TextFormatSource
+	}
+	return nil
+}
+
+func (x *SubstitutionFormatString) GetOmitEmptyValues() bool {
+	if x != nil {
+		return x.OmitEmptyValues
+	}
+	return false
+}
+
+func (x *SubstitutionFormatString) GetContentType() string {
+	if x != nil {
+		return x.ContentType
+	}
+	return ""
+}
+
+func (x *SubstitutionFormatString) GetFormatters() []*TypedExtensionConfig {
+	if x != nil {
+		return x.Formatters
+	}
+	return nil
+}
+
+type isSubstitutionFormatString_Format interface {
+	isSubstitutionFormatString_Format()
+}
+
+type SubstitutionFormatString_TextFormat struct {
+	// Specify a format with command operators to form a text string.
+	// Its details is described in :ref:`format string<config_access_log_format_strings>`.
+	//
+	// For example, setting ``text_format`` like below,
+	//
+	// .. validated-code-block:: yaml
+	//   :type-name: envoy.config.core.v3.SubstitutionFormatString
+	//
+	//   text_format: "%LOCAL_REPLY_BODY%:%RESPONSE_CODE%:path=%REQ(:path)%\n"
+	//
+	// generates plain text similar to:
+	//
+	// .. code-block:: text
+	//
+	//   upstream connect error:503:path=/foo
+	//
+	// Deprecated in favor of :ref:`text_format_source <envoy_v3_api_field_config.core.v3.SubstitutionFormatString.text_format_source>`. To migrate text format strings, use the :ref:`inline_string <envoy_v3_api_field_config.core.v3.DataSource.inline_string>` field.
+	//
+	// Deprecated: Do not use.
+	TextFormat string `protobuf:"bytes,1,opt,name=text_format,json=textFormat,proto3,oneof"`
+}
+
+type SubstitutionFormatString_JsonFormat struct {
+	// Specify a format with command operators to form a JSON string.
+	// Its details is described in :ref:`format dictionary<config_access_log_format_dictionaries>`.
+	// Values are rendered as strings, numbers, or boolean values as appropriate.
+	// Nested JSON objects may be produced by some command operators (e.g. FILTER_STATE or DYNAMIC_METADATA).
+	// See the documentation for a specific command operator for details.
+	//
+	// .. validated-code-block:: yaml
+	//   :type-name: envoy.config.core.v3.SubstitutionFormatString
+	//
+	//   json_format:
+	//     status: "%RESPONSE_CODE%"
+	//     message: "%LOCAL_REPLY_BODY%"
+	//
+	// The following JSON object would be created:
+	//
+	// .. code-block:: json
+	//
+	//  {
+	//    "status": 500,
+	//    "message": "My error message"
+	//  }
+	//
+	JsonFormat *_struct.Struct `protobuf:"bytes,2,opt,name=json_format,json=jsonFormat,proto3,oneof"`
+}
+
+type SubstitutionFormatString_TextFormatSource struct {
+	// Specify a format with command operators to form a text string.
+	// Its details is described in :ref:`format string<config_access_log_format_strings>`.
+	//
+	// For example, setting ``text_format`` like below,
+	//
+	// .. validated-code-block:: yaml
+	//   :type-name: envoy.config.core.v3.SubstitutionFormatString
+	//
+	//   text_format_source:
+	//     inline_string: "%LOCAL_REPLY_BODY%:%RESPONSE_CODE%:path=%REQ(:path)%\n"
+	//
+	// generates plain text similar to:
+	//
+	// .. code-block:: text
+	//
+	//   upstream connect error:503:path=/foo
+	//
+	TextFormatSource *DataSource `protobuf:"bytes,5,opt,name=text_format_source,json=textFormatSource,proto3,oneof"`
+}
+
+func (*SubstitutionFormatString_TextFormat) isSubstitutionFormatString_Format() {}
+
+func (*SubstitutionFormatString_JsonFormat) isSubstitutionFormatString_Format() {}
+
+func (*SubstitutionFormatString_TextFormatSource) isSubstitutionFormatString_Format() {}
+
+var File_envoy_config_core_v3_substitution_format_string_proto protoreflect.FileDescriptor
+
+var file_envoy_config_core_v3_substitution_format_string_proto_rawDesc = []byte{
+	0x0a, 0x35, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2f, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2f, 0x63,
+	0x6f, 0x72, 0x65, 0x2f, 0x76, 0x33, 0x2f, 0x73, 0x75, 0x62, 0x73, 0x74, 0x69, 0x74, 0x75, 0x74,
+	0x69, 0x6f, 0x6e, 0x5f, 0x66, 0x6f, 0x72, 0x6d, 0x61, 0x74, 0x5f, 0x73, 0x74, 0x72, 0x69, 0x6e,
+	0x67, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x12, 0x14, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63,
+	0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x63, 0x6f, 0x72, 0x65, 0x2e, 0x76, 0x33, 0x1a, 0x1f, 0x65,
+	0x6e, 0x76, 0x6f, 0x79, 0x2f, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2f, 0x63, 0x6f, 0x72, 0x65,
+	0x2f, 0x76, 0x33, 0x2f, 0x62, 0x61, 0x73, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x24,
+	0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2f, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2f, 0x63, 0x6f, 0x72,
+	0x65, 0x2f, 0x76, 0x33, 0x2f, 0x65, 0x78, 0x74, 0x65, 0x6e, 0x73, 0x69, 0x6f, 0x6e, 0x2e, 0x70,
+	0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x1c, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2f, 0x70, 0x72, 0x6f,
+	0x74, 0x6f, 0x62, 0x75, 0x66, 0x2f, 0x73, 0x74, 0x72, 0x75, 0x63, 0x74, 0x2e, 0x70, 0x72, 0x6f,
+	0x74, 0x6f, 0x1a, 0x23, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2f, 0x61, 0x6e, 0x6e, 0x6f, 0x74, 0x61,
+	0x74, 0x69, 0x6f, 0x6e, 0x73, 0x2f, 0x64, 0x65, 0x70, 0x72, 0x65, 0x63, 0x61, 0x74, 0x69, 0x6f,
+	0x6e, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x1d, 0x75, 0x64, 0x70, 0x61, 0x2f, 0x61, 0x6e,
+	0x6e, 0x6f, 0x74, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x2f, 0x73, 0x74, 0x61, 0x74, 0x75, 0x73,
+	0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x17, 0x76, 0x61, 0x6c, 0x69, 0x64, 0x61, 0x74, 0x65,
+	0x2f, 0x76, 0x61, 0x6c, 0x69, 0x64, 0x61, 0x74, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x22,
+	0x8c, 0x03, 0x0a, 0x18, 0x53, 0x75, 0x62, 0x73, 0x74, 0x69, 0x74, 0x75, 0x74, 0x69, 0x6f, 0x6e,
+	0x46, 0x6f, 0x72, 0x6d, 0x61, 0x74, 0x53, 0x74, 0x72, 0x69, 0x6e, 0x67, 0x12, 0x2e, 0x0a, 0x0b,
+	0x74, 0x65, 0x78, 0x74, 0x5f, 0x66, 0x6f, 0x72, 0x6d, 0x61, 0x74, 0x18, 0x01, 0x20, 0x01, 0x28,
+	0x09, 0x42, 0x0b, 0x18, 0x01, 0x92, 0xc7, 0x86, 0xd8, 0x04, 0x03, 0x33, 0x2e, 0x30, 0x48, 0x00,
+	0x52, 0x0a, 0x74, 0x65, 0x78, 0x74, 0x46, 0x6f, 0x72, 0x6d, 0x61, 0x74, 0x12, 0x44, 0x0a, 0x0b,
+	0x6a, 0x73, 0x6f, 0x6e, 0x5f, 0x66, 0x6f, 0x72, 0x6d, 0x61, 0x74, 0x18, 0x02, 0x20, 0x01, 0x28,
+	0x0b, 0x32, 0x17, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f,
+	0x62, 0x75, 0x66, 0x2e, 0x53, 0x74, 0x72, 0x75, 0x63, 0x74, 0x42, 0x08, 0xfa, 0x42, 0x05, 0x8a,
+	0x01, 0x02, 0x10, 0x01, 0x48, 0x00, 0x52, 0x0a, 0x6a, 0x73, 0x6f, 0x6e, 0x46, 0x6f, 0x72, 0x6d,
+	0x61, 0x74, 0x12, 0x50, 0x0a, 0x12, 0x74, 0x65, 0x78, 0x74, 0x5f, 0x66, 0x6f, 0x72, 0x6d, 0x61,
+	0x74, 0x5f, 0x73, 0x6f, 0x75, 0x72, 0x63, 0x65, 0x18, 0x05, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x20,
+	0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x63, 0x6f,
+	0x72, 0x65, 0x2e, 0x76, 0x33, 0x2e, 0x44, 0x61, 0x74, 0x61, 0x53, 0x6f, 0x75, 0x72, 0x63, 0x65,
+	0x48, 0x00, 0x52, 0x10, 0x74, 0x65, 0x78, 0x74, 0x46, 0x6f, 0x72, 0x6d, 0x61, 0x74, 0x53, 0x6f,
+	0x75, 0x72, 0x63, 0x65, 0x12, 0x2a, 0x0a, 0x11, 0x6f, 0x6d, 0x69, 0x74, 0x5f, 0x65, 0x6d, 0x70,
+	0x74, 0x79, 0x5f, 0x76, 0x61, 0x6c, 0x75, 0x65, 0x73, 0x18, 0x03, 0x20, 0x01, 0x28, 0x08, 0x52,
+	0x0f, 0x6f, 0x6d, 0x69, 0x74, 0x45, 0x6d, 0x70, 0x74, 0x79, 0x56, 0x61, 0x6c, 0x75, 0x65, 0x73,
+	0x12, 0x21, 0x0a, 0x0c, 0x63, 0x6f, 0x6e, 0x74, 0x65, 0x6e, 0x74, 0x5f, 0x74, 0x79, 0x70, 0x65,
+	0x18, 0x04, 0x20, 0x01, 0x28, 0x09, 0x52, 0x0b, 0x63, 0x6f, 0x6e, 0x74, 0x65, 0x6e, 0x74, 0x54,
+	0x79, 0x70, 0x65, 0x12, 0x4a, 0x0a, 0x0a, 0x66, 0x6f, 0x72, 0x6d, 0x61, 0x74, 0x74, 0x65, 0x72,
+	0x73, 0x18, 0x06, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x2a, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e,
+	0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x63, 0x6f, 0x72, 0x65, 0x2e, 0x76, 0x33, 0x2e, 0x54,
+	0x79, 0x70, 0x65, 0x64, 0x45, 0x78, 0x74, 0x65, 0x6e, 0x73, 0x69, 0x6f, 0x6e, 0x43, 0x6f, 0x6e,
+	0x66, 0x69, 0x67, 0x52, 0x0a, 0x66, 0x6f, 0x72, 0x6d, 0x61, 0x74, 0x74, 0x65, 0x72, 0x73, 0x42,
+	0x0d, 0x0a, 0x06, 0x66, 0x6f, 0x72, 0x6d, 0x61, 0x74, 0x12, 0x03, 0xf8, 0x42, 0x01, 0x42, 0x4d,
+	0x0a, 0x22, 0x69, 0x6f, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x70, 0x72, 0x6f, 0x78, 0x79, 0x2e,
+	0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x63, 0x6f, 0x72,
+	0x65, 0x2e, 0x76, 0x33, 0x42, 0x1d, 0x53, 0x75, 0x62, 0x73, 0x74, 0x69, 0x74, 0x75, 0x74, 0x69,
+	0x6f, 0x6e, 0x46, 0x6f, 0x72, 0x6d, 0x61, 0x74, 0x53, 0x74, 0x72, 0x69, 0x6e, 0x67, 0x50, 0x72,
+	0x6f, 0x74, 0x6f, 0x50, 0x01, 0xba, 0x80, 0xc8, 0xd1, 0x06, 0x02, 0x10, 0x02, 0x62, 0x06, 0x70,
+	0x72, 0x6f, 0x74, 0x6f, 0x33,
+}
+
+var (
+	file_envoy_config_core_v3_substitution_format_string_proto_rawDescOnce sync.Once
+	file_envoy_config_core_v3_substitution_format_string_proto_rawDescData = file_envoy_config_core_v3_substitution_format_string_proto_rawDesc
+)
+
+func file_envoy_config_core_v3_substitution_format_string_proto_rawDescGZIP() []byte {
+	file_envoy_config_core_v3_substitution_format_string_proto_rawDescOnce.Do(func() {
+		file_envoy_config_core_v3_substitution_format_string_proto_rawDescData = protoimpl.X.CompressGZIP(file_envoy_config_core_v3_substitution_format_string_proto_rawDescData)
+	})
+	return file_envoy_config_core_v3_substitution_format_string_proto_rawDescData
+}
+
+var file_envoy_config_core_v3_substitution_format_string_proto_msgTypes = make([]protoimpl.MessageInfo, 1)
+var file_envoy_config_core_v3_substitution_format_string_proto_goTypes = []interface{}{
+	(*SubstitutionFormatString)(nil), // 0: envoy.config.core.v3.SubstitutionFormatString
+	(*_struct.Struct)(nil),           // 1: google.protobuf.Struct
+	(*DataSource)(nil),               // 2: envoy.config.core.v3.DataSource
+	(*TypedExtensionConfig)(nil),     // 3: envoy.config.core.v3.TypedExtensionConfig
+}
+var file_envoy_config_core_v3_substitution_format_string_proto_depIdxs = []int32{
+	1, // 0: envoy.config.core.v3.SubstitutionFormatString.json_format:type_name -> google.protobuf.Struct
+	2, // 1: envoy.config.core.v3.SubstitutionFormatString.text_format_source:type_name -> envoy.config.core.v3.DataSource
+	3, // 2: envoy.config.core.v3.SubstitutionFormatString.formatters:type_name -> envoy.config.core.v3.TypedExtensionConfig
+	3, // [3:3] is the sub-list for method output_type
+	3, // [3:3] is the sub-list for method input_type
+	3, // [3:3] is the sub-list for extension type_name
+	3, // [3:3] is the sub-list for extension extendee
+	0, // [0:3] is the sub-list for field type_name
+}
+
+func init() { file_envoy_config_core_v3_substitution_format_string_proto_init() }
+func file_envoy_config_core_v3_substitution_format_string_proto_init() {
+	if File_envoy_config_core_v3_substitution_format_string_proto != nil {
+		return
+	}
+	file_envoy_config_core_v3_base_proto_init()
+	file_envoy_config_core_v3_extension_proto_init()
+	if !protoimpl.UnsafeEnabled {
+		file_envoy_config_core_v3_substitution_format_string_proto_msgTypes[0].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*SubstitutionFormatString); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+	}
+	file_envoy_config_core_v3_substitution_format_string_proto_msgTypes[0].OneofWrappers = []interface{}{
+		(*SubstitutionFormatString_TextFormat)(nil),
+		(*SubstitutionFormatString_JsonFormat)(nil),
+		(*SubstitutionFormatString_TextFormatSource)(nil),
+	}
+	type x struct{}
+	out := protoimpl.TypeBuilder{
+		File: protoimpl.DescBuilder{
+			GoPackagePath: reflect.TypeOf(x{}).PkgPath(),
+			RawDescriptor: file_envoy_config_core_v3_substitution_format_string_proto_rawDesc,
+			NumEnums:      0,
+			NumMessages:   1,
+			NumExtensions: 0,
+			NumServices:   0,
+		},
+		GoTypes:           file_envoy_config_core_v3_substitution_format_string_proto_goTypes,
+		DependencyIndexes: file_envoy_config_core_v3_substitution_format_string_proto_depIdxs,
+		MessageInfos:      file_envoy_config_core_v3_substitution_format_string_proto_msgTypes,
+	}.Build()
+	File_envoy_config_core_v3_substitution_format_string_proto = out.File
+	file_envoy_config_core_v3_substitution_format_string_proto_rawDesc = nil
+	file_envoy_config_core_v3_substitution_format_string_proto_goTypes = nil
+	file_envoy_config_core_v3_substitution_format_string_proto_depIdxs = nil
+}
diff --git a/vendor/github.com/envoyproxy/go-control-plane/envoy/config/core/v3/substitution_format_string.pb.validate.go b/vendor/github.com/envoyproxy/go-control-plane/envoy/config/core/v3/substitution_format_string.pb.validate.go
new file mode 100644
index 00000000000..c7d2c3ce2f8
--- /dev/null
+++ b/vendor/github.com/envoyproxy/go-control-plane/envoy/config/core/v3/substitution_format_string.pb.validate.go
@@ -0,0 +1,265 @@
+// Code generated by protoc-gen-validate. DO NOT EDIT.
+// source: envoy/config/core/v3/substitution_format_string.proto
+
+package envoy_config_core_v3
+
+import (
+	"bytes"
+	"errors"
+	"fmt"
+	"net"
+	"net/mail"
+	"net/url"
+	"regexp"
+	"sort"
+	"strings"
+	"time"
+	"unicode/utf8"
+
+	"google.golang.org/protobuf/types/known/anypb"
+)
+
+// ensure the imports are used
+var (
+	_ = bytes.MinRead
+	_ = errors.New("")
+	_ = fmt.Print
+	_ = utf8.UTFMax
+	_ = (*regexp.Regexp)(nil)
+	_ = (*strings.Reader)(nil)
+	_ = net.IPv4len
+	_ = time.Duration(0)
+	_ = (*url.URL)(nil)
+	_ = (*mail.Address)(nil)
+	_ = anypb.Any{}
+	_ = sort.Sort
+)
+
+// Validate checks the field values on SubstitutionFormatString with the rules
+// defined in the proto definition for this message. If any rules are
+// violated, the first error encountered is returned, or nil if there are no violations.
+func (m *SubstitutionFormatString) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on SubstitutionFormatString with the
+// rules defined in the proto definition for this message. If any rules are
+// violated, the result is a list of violation errors wrapped in
+// SubstitutionFormatStringMultiError, or nil if none found.
+func (m *SubstitutionFormatString) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *SubstitutionFormatString) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	// no validation rules for OmitEmptyValues
+
+	// no validation rules for ContentType
+
+	for idx, item := range m.GetFormatters() {
+		_, _ = idx, item
+
+		if all {
+			switch v := interface{}(item).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, SubstitutionFormatStringValidationError{
+						field:  fmt.Sprintf("Formatters[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, SubstitutionFormatStringValidationError{
+						field:  fmt.Sprintf("Formatters[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(item).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return SubstitutionFormatStringValidationError{
+					field:  fmt.Sprintf("Formatters[%v]", idx),
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	}
+
+	switch m.Format.(type) {
+
+	case *SubstitutionFormatString_TextFormat:
+		// no validation rules for TextFormat
+
+	case *SubstitutionFormatString_JsonFormat:
+
+		if m.GetJsonFormat() == nil {
+			err := SubstitutionFormatStringValidationError{
+				field:  "JsonFormat",
+				reason: "value is required",
+			}
+			if !all {
+				return err
+			}
+			errors = append(errors, err)
+		}
+
+		if all {
+			switch v := interface{}(m.GetJsonFormat()).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, SubstitutionFormatStringValidationError{
+						field:  "JsonFormat",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, SubstitutionFormatStringValidationError{
+						field:  "JsonFormat",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(m.GetJsonFormat()).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return SubstitutionFormatStringValidationError{
+					field:  "JsonFormat",
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	case *SubstitutionFormatString_TextFormatSource:
+
+		if all {
+			switch v := interface{}(m.GetTextFormatSource()).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, SubstitutionFormatStringValidationError{
+						field:  "TextFormatSource",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, SubstitutionFormatStringValidationError{
+						field:  "TextFormatSource",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(m.GetTextFormatSource()).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return SubstitutionFormatStringValidationError{
+					field:  "TextFormatSource",
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	default:
+		err := SubstitutionFormatStringValidationError{
+			field:  "Format",
+			reason: "value is required",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+
+	}
+
+	if len(errors) > 0 {
+		return SubstitutionFormatStringMultiError(errors)
+	}
+	return nil
+}
+
+// SubstitutionFormatStringMultiError is an error wrapping multiple validation
+// errors returned by SubstitutionFormatString.ValidateAll() if the designated
+// constraints aren't met.
+type SubstitutionFormatStringMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m SubstitutionFormatStringMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m SubstitutionFormatStringMultiError) AllErrors() []error { return m }
+
+// SubstitutionFormatStringValidationError is the validation error returned by
+// SubstitutionFormatString.Validate if the designated constraints aren't met.
+type SubstitutionFormatStringValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e SubstitutionFormatStringValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e SubstitutionFormatStringValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e SubstitutionFormatStringValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e SubstitutionFormatStringValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e SubstitutionFormatStringValidationError) ErrorName() string {
+	return "SubstitutionFormatStringValidationError"
+}
+
+// Error satisfies the builtin error interface
+func (e SubstitutionFormatStringValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sSubstitutionFormatString.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = SubstitutionFormatStringValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = SubstitutionFormatStringValidationError{}
diff --git a/vendor/github.com/envoyproxy/go-control-plane/envoy/config/core/v3/udp_socket_config.pb.go b/vendor/github.com/envoyproxy/go-control-plane/envoy/config/core/v3/udp_socket_config.pb.go
new file mode 100644
index 00000000000..ac0428c6c3a
--- /dev/null
+++ b/vendor/github.com/envoyproxy/go-control-plane/envoy/config/core/v3/udp_socket_config.pb.go
@@ -0,0 +1,191 @@
+// Code generated by protoc-gen-go. DO NOT EDIT.
+// versions:
+// 	protoc-gen-go v1.25.0
+// 	protoc        v3.19.1
+// source: envoy/config/core/v3/udp_socket_config.proto
+
+package envoy_config_core_v3
+
+import (
+	_ "github.com/cncf/xds/go/udpa/annotations"
+	_ "github.com/envoyproxy/protoc-gen-validate/validate"
+	proto "github.com/golang/protobuf/proto"
+	wrappers "github.com/golang/protobuf/ptypes/wrappers"
+	protoreflect "google.golang.org/protobuf/reflect/protoreflect"
+	protoimpl "google.golang.org/protobuf/runtime/protoimpl"
+	reflect "reflect"
+	sync "sync"
+)
+
+const (
+	// Verify that this generated code is sufficiently up-to-date.
+	_ = protoimpl.EnforceVersion(20 - protoimpl.MinVersion)
+	// Verify that runtime/protoimpl is sufficiently up-to-date.
+	_ = protoimpl.EnforceVersion(protoimpl.MaxVersion - 20)
+)
+
+// This is a compile-time assertion that a sufficiently up-to-date version
+// of the legacy proto package is being used.
+const _ = proto.ProtoPackageIsVersion4
+
+// Generic UDP socket configuration.
+type UdpSocketConfig struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// The maximum size of received UDP datagrams. Using a larger size will cause Envoy to allocate
+	// more memory per socket. Received datagrams above this size will be dropped. If not set
+	// defaults to 1500 bytes.
+	MaxRxDatagramSize *wrappers.UInt64Value `protobuf:"bytes,1,opt,name=max_rx_datagram_size,json=maxRxDatagramSize,proto3" json:"max_rx_datagram_size,omitempty"`
+	// Configures whether Generic Receive Offload (GRO)
+	// <https://en.wikipedia.org/wiki/Large_receive_offload>_ is preferred when reading from the
+	// UDP socket. The default is context dependent and is documented where UdpSocketConfig is used.
+	// This option affects performance but not functionality. If GRO is not supported by the operating
+	// system, non-GRO receive will be used.
+	PreferGro *wrappers.BoolValue `protobuf:"bytes,2,opt,name=prefer_gro,json=preferGro,proto3" json:"prefer_gro,omitempty"`
+}
+
+func (x *UdpSocketConfig) Reset() {
+	*x = UdpSocketConfig{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_config_core_v3_udp_socket_config_proto_msgTypes[0]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *UdpSocketConfig) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*UdpSocketConfig) ProtoMessage() {}
+
+func (x *UdpSocketConfig) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_config_core_v3_udp_socket_config_proto_msgTypes[0]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use UdpSocketConfig.ProtoReflect.Descriptor instead.
+func (*UdpSocketConfig) Descriptor() ([]byte, []int) {
+	return file_envoy_config_core_v3_udp_socket_config_proto_rawDescGZIP(), []int{0}
+}
+
+func (x *UdpSocketConfig) GetMaxRxDatagramSize() *wrappers.UInt64Value {
+	if x != nil {
+		return x.MaxRxDatagramSize
+	}
+	return nil
+}
+
+func (x *UdpSocketConfig) GetPreferGro() *wrappers.BoolValue {
+	if x != nil {
+		return x.PreferGro
+	}
+	return nil
+}
+
+var File_envoy_config_core_v3_udp_socket_config_proto protoreflect.FileDescriptor
+
+var file_envoy_config_core_v3_udp_socket_config_proto_rawDesc = []byte{
+	0x0a, 0x2c, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2f, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2f, 0x63,
+	0x6f, 0x72, 0x65, 0x2f, 0x76, 0x33, 0x2f, 0x75, 0x64, 0x70, 0x5f, 0x73, 0x6f, 0x63, 0x6b, 0x65,
+	0x74, 0x5f, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x12, 0x14,
+	0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x63, 0x6f, 0x72,
+	0x65, 0x2e, 0x76, 0x33, 0x1a, 0x1e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2f, 0x70, 0x72, 0x6f,
+	0x74, 0x6f, 0x62, 0x75, 0x66, 0x2f, 0x77, 0x72, 0x61, 0x70, 0x70, 0x65, 0x72, 0x73, 0x2e, 0x70,
+	0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x1d, 0x75, 0x64, 0x70, 0x61, 0x2f, 0x61, 0x6e, 0x6e, 0x6f, 0x74,
+	0x61, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x2f, 0x73, 0x74, 0x61, 0x74, 0x75, 0x73, 0x2e, 0x70, 0x72,
+	0x6f, 0x74, 0x6f, 0x1a, 0x17, 0x76, 0x61, 0x6c, 0x69, 0x64, 0x61, 0x74, 0x65, 0x2f, 0x76, 0x61,
+	0x6c, 0x69, 0x64, 0x61, 0x74, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x22, 0xa8, 0x01, 0x0a,
+	0x0f, 0x55, 0x64, 0x70, 0x53, 0x6f, 0x63, 0x6b, 0x65, 0x74, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67,
+	0x12, 0x5a, 0x0a, 0x14, 0x6d, 0x61, 0x78, 0x5f, 0x72, 0x78, 0x5f, 0x64, 0x61, 0x74, 0x61, 0x67,
+	0x72, 0x61, 0x6d, 0x5f, 0x73, 0x69, 0x7a, 0x65, 0x18, 0x01, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1c,
+	0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66,
+	0x2e, 0x55, 0x49, 0x6e, 0x74, 0x36, 0x34, 0x56, 0x61, 0x6c, 0x75, 0x65, 0x42, 0x0b, 0xfa, 0x42,
+	0x08, 0x32, 0x06, 0x10, 0x80, 0x80, 0x04, 0x20, 0x00, 0x52, 0x11, 0x6d, 0x61, 0x78, 0x52, 0x78,
+	0x44, 0x61, 0x74, 0x61, 0x67, 0x72, 0x61, 0x6d, 0x53, 0x69, 0x7a, 0x65, 0x12, 0x39, 0x0a, 0x0a,
+	0x70, 0x72, 0x65, 0x66, 0x65, 0x72, 0x5f, 0x67, 0x72, 0x6f, 0x18, 0x02, 0x20, 0x01, 0x28, 0x0b,
+	0x32, 0x1a, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62,
+	0x75, 0x66, 0x2e, 0x42, 0x6f, 0x6f, 0x6c, 0x56, 0x61, 0x6c, 0x75, 0x65, 0x52, 0x09, 0x70, 0x72,
+	0x65, 0x66, 0x65, 0x72, 0x47, 0x72, 0x6f, 0x42, 0x44, 0x0a, 0x22, 0x69, 0x6f, 0x2e, 0x65, 0x6e,
+	0x76, 0x6f, 0x79, 0x70, 0x72, 0x6f, 0x78, 0x79, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63,
+	0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x63, 0x6f, 0x72, 0x65, 0x2e, 0x76, 0x33, 0x42, 0x14, 0x55,
+	0x64, 0x70, 0x53, 0x6f, 0x63, 0x6b, 0x65, 0x74, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x50, 0x72,
+	0x6f, 0x74, 0x6f, 0x50, 0x01, 0xba, 0x80, 0xc8, 0xd1, 0x06, 0x02, 0x10, 0x02, 0x62, 0x06, 0x70,
+	0x72, 0x6f, 0x74, 0x6f, 0x33,
+}
+
+var (
+	file_envoy_config_core_v3_udp_socket_config_proto_rawDescOnce sync.Once
+	file_envoy_config_core_v3_udp_socket_config_proto_rawDescData = file_envoy_config_core_v3_udp_socket_config_proto_rawDesc
+)
+
+func file_envoy_config_core_v3_udp_socket_config_proto_rawDescGZIP() []byte {
+	file_envoy_config_core_v3_udp_socket_config_proto_rawDescOnce.Do(func() {
+		file_envoy_config_core_v3_udp_socket_config_proto_rawDescData = protoimpl.X.CompressGZIP(file_envoy_config_core_v3_udp_socket_config_proto_rawDescData)
+	})
+	return file_envoy_config_core_v3_udp_socket_config_proto_rawDescData
+}
+
+var file_envoy_config_core_v3_udp_socket_config_proto_msgTypes = make([]protoimpl.MessageInfo, 1)
+var file_envoy_config_core_v3_udp_socket_config_proto_goTypes = []interface{}{
+	(*UdpSocketConfig)(nil),      // 0: envoy.config.core.v3.UdpSocketConfig
+	(*wrappers.UInt64Value)(nil), // 1: google.protobuf.UInt64Value
+	(*wrappers.BoolValue)(nil),   // 2: google.protobuf.BoolValue
+}
+var file_envoy_config_core_v3_udp_socket_config_proto_depIdxs = []int32{
+	1, // 0: envoy.config.core.v3.UdpSocketConfig.max_rx_datagram_size:type_name -> google.protobuf.UInt64Value
+	2, // 1: envoy.config.core.v3.UdpSocketConfig.prefer_gro:type_name -> google.protobuf.BoolValue
+	2, // [2:2] is the sub-list for method output_type
+	2, // [2:2] is the sub-list for method input_type
+	2, // [2:2] is the sub-list for extension type_name
+	2, // [2:2] is the sub-list for extension extendee
+	0, // [0:2] is the sub-list for field type_name
+}
+
+func init() { file_envoy_config_core_v3_udp_socket_config_proto_init() }
+func file_envoy_config_core_v3_udp_socket_config_proto_init() {
+	if File_envoy_config_core_v3_udp_socket_config_proto != nil {
+		return
+	}
+	if !protoimpl.UnsafeEnabled {
+		file_envoy_config_core_v3_udp_socket_config_proto_msgTypes[0].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*UdpSocketConfig); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+	}
+	type x struct{}
+	out := protoimpl.TypeBuilder{
+		File: protoimpl.DescBuilder{
+			GoPackagePath: reflect.TypeOf(x{}).PkgPath(),
+			RawDescriptor: file_envoy_config_core_v3_udp_socket_config_proto_rawDesc,
+			NumEnums:      0,
+			NumMessages:   1,
+			NumExtensions: 0,
+			NumServices:   0,
+		},
+		GoTypes:           file_envoy_config_core_v3_udp_socket_config_proto_goTypes,
+		DependencyIndexes: file_envoy_config_core_v3_udp_socket_config_proto_depIdxs,
+		MessageInfos:      file_envoy_config_core_v3_udp_socket_config_proto_msgTypes,
+	}.Build()
+	File_envoy_config_core_v3_udp_socket_config_proto = out.File
+	file_envoy_config_core_v3_udp_socket_config_proto_rawDesc = nil
+	file_envoy_config_core_v3_udp_socket_config_proto_goTypes = nil
+	file_envoy_config_core_v3_udp_socket_config_proto_depIdxs = nil
+}
diff --git a/vendor/github.com/envoyproxy/go-control-plane/envoy/config/core/v3/udp_socket_config.pb.validate.go b/vendor/github.com/envoyproxy/go-control-plane/envoy/config/core/v3/udp_socket_config.pb.validate.go
new file mode 100644
index 00000000000..b34066766b1
--- /dev/null
+++ b/vendor/github.com/envoyproxy/go-control-plane/envoy/config/core/v3/udp_socket_config.pb.validate.go
@@ -0,0 +1,179 @@
+// Code generated by protoc-gen-validate. DO NOT EDIT.
+// source: envoy/config/core/v3/udp_socket_config.proto
+
+package envoy_config_core_v3
+
+import (
+	"bytes"
+	"errors"
+	"fmt"
+	"net"
+	"net/mail"
+	"net/url"
+	"regexp"
+	"sort"
+	"strings"
+	"time"
+	"unicode/utf8"
+
+	"google.golang.org/protobuf/types/known/anypb"
+)
+
+// ensure the imports are used
+var (
+	_ = bytes.MinRead
+	_ = errors.New("")
+	_ = fmt.Print
+	_ = utf8.UTFMax
+	_ = (*regexp.Regexp)(nil)
+	_ = (*strings.Reader)(nil)
+	_ = net.IPv4len
+	_ = time.Duration(0)
+	_ = (*url.URL)(nil)
+	_ = (*mail.Address)(nil)
+	_ = anypb.Any{}
+	_ = sort.Sort
+)
+
+// Validate checks the field values on UdpSocketConfig with the rules defined
+// in the proto definition for this message. If any rules are violated, the
+// first error encountered is returned, or nil if there are no violations.
+func (m *UdpSocketConfig) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on UdpSocketConfig with the rules
+// defined in the proto definition for this message. If any rules are
+// violated, the result is a list of violation errors wrapped in
+// UdpSocketConfigMultiError, or nil if none found.
+func (m *UdpSocketConfig) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *UdpSocketConfig) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	if wrapper := m.GetMaxRxDatagramSize(); wrapper != nil {
+
+		if val := wrapper.GetValue(); val <= 0 || val >= 65536 {
+			err := UdpSocketConfigValidationError{
+				field:  "MaxRxDatagramSize",
+				reason: "value must be inside range (0, 65536)",
+			}
+			if !all {
+				return err
+			}
+			errors = append(errors, err)
+		}
+
+	}
+
+	if all {
+		switch v := interface{}(m.GetPreferGro()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, UdpSocketConfigValidationError{
+					field:  "PreferGro",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, UdpSocketConfigValidationError{
+					field:  "PreferGro",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetPreferGro()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return UdpSocketConfigValidationError{
+				field:  "PreferGro",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if len(errors) > 0 {
+		return UdpSocketConfigMultiError(errors)
+	}
+	return nil
+}
+
+// UdpSocketConfigMultiError is an error wrapping multiple validation errors
+// returned by UdpSocketConfig.ValidateAll() if the designated constraints
+// aren't met.
+type UdpSocketConfigMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m UdpSocketConfigMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m UdpSocketConfigMultiError) AllErrors() []error { return m }
+
+// UdpSocketConfigValidationError is the validation error returned by
+// UdpSocketConfig.Validate if the designated constraints aren't met.
+type UdpSocketConfigValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e UdpSocketConfigValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e UdpSocketConfigValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e UdpSocketConfigValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e UdpSocketConfigValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e UdpSocketConfigValidationError) ErrorName() string { return "UdpSocketConfigValidationError" }
+
+// Error satisfies the builtin error interface
+func (e UdpSocketConfigValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sUdpSocketConfig.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = UdpSocketConfigValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = UdpSocketConfigValidationError{}
diff --git a/vendor/github.com/envoyproxy/go-control-plane/envoy/config/endpoint/v3/endpoint.pb.go b/vendor/github.com/envoyproxy/go-control-plane/envoy/config/endpoint/v3/endpoint.pb.go
new file mode 100644
index 00000000000..d159a470c99
--- /dev/null
+++ b/vendor/github.com/envoyproxy/go-control-plane/envoy/config/endpoint/v3/endpoint.pb.go
@@ -0,0 +1,481 @@
+// Code generated by protoc-gen-go. DO NOT EDIT.
+// versions:
+// 	protoc-gen-go v1.25.0
+// 	protoc        v3.19.1
+// source: envoy/config/endpoint/v3/endpoint.proto
+
+package envoy_config_endpoint_v3
+
+import (
+	_ "github.com/cncf/xds/go/udpa/annotations"
+	v3 "github.com/envoyproxy/go-control-plane/envoy/type/v3"
+	_ "github.com/envoyproxy/protoc-gen-validate/validate"
+	proto "github.com/golang/protobuf/proto"
+	duration "github.com/golang/protobuf/ptypes/duration"
+	wrappers "github.com/golang/protobuf/ptypes/wrappers"
+	protoreflect "google.golang.org/protobuf/reflect/protoreflect"
+	protoimpl "google.golang.org/protobuf/runtime/protoimpl"
+	reflect "reflect"
+	sync "sync"
+)
+
+const (
+	// Verify that this generated code is sufficiently up-to-date.
+	_ = protoimpl.EnforceVersion(20 - protoimpl.MinVersion)
+	// Verify that runtime/protoimpl is sufficiently up-to-date.
+	_ = protoimpl.EnforceVersion(protoimpl.MaxVersion - 20)
+)
+
+// This is a compile-time assertion that a sufficiently up-to-date version
+// of the legacy proto package is being used.
+const _ = proto.ProtoPackageIsVersion4
+
+// Each route from RDS will map to a single cluster or traffic split across
+// clusters using weights expressed in the RDS WeightedCluster.
+//
+// With EDS, each cluster is treated independently from a LB perspective, with
+// LB taking place between the Localities within a cluster and at a finer
+// granularity between the hosts within a locality. The percentage of traffic
+// for each endpoint is determined by both its load_balancing_weight, and the
+// load_balancing_weight of its locality. First, a locality will be selected,
+// then an endpoint within that locality will be chose based on its weight.
+// [#next-free-field: 6]
+type ClusterLoadAssignment struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// Name of the cluster. This will be the :ref:`service_name
+	// <envoy_v3_api_field_config.cluster.v3.Cluster.EdsClusterConfig.service_name>` value if specified
+	// in the cluster :ref:`EdsClusterConfig
+	// <envoy_v3_api_msg_config.cluster.v3.Cluster.EdsClusterConfig>`.
+	ClusterName string `protobuf:"bytes,1,opt,name=cluster_name,json=clusterName,proto3" json:"cluster_name,omitempty"`
+	// List of endpoints to load balance to.
+	Endpoints []*LocalityLbEndpoints `protobuf:"bytes,2,rep,name=endpoints,proto3" json:"endpoints,omitempty"`
+	// Map of named endpoints that can be referenced in LocalityLbEndpoints.
+	// [#not-implemented-hide:]
+	NamedEndpoints map[string]*Endpoint `protobuf:"bytes,5,rep,name=named_endpoints,json=namedEndpoints,proto3" json:"named_endpoints,omitempty" protobuf_key:"bytes,1,opt,name=key,proto3" protobuf_val:"bytes,2,opt,name=value,proto3"`
+	// Load balancing policy settings.
+	Policy *ClusterLoadAssignment_Policy `protobuf:"bytes,4,opt,name=policy,proto3" json:"policy,omitempty"`
+}
+
+func (x *ClusterLoadAssignment) Reset() {
+	*x = ClusterLoadAssignment{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_config_endpoint_v3_endpoint_proto_msgTypes[0]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *ClusterLoadAssignment) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*ClusterLoadAssignment) ProtoMessage() {}
+
+func (x *ClusterLoadAssignment) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_config_endpoint_v3_endpoint_proto_msgTypes[0]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use ClusterLoadAssignment.ProtoReflect.Descriptor instead.
+func (*ClusterLoadAssignment) Descriptor() ([]byte, []int) {
+	return file_envoy_config_endpoint_v3_endpoint_proto_rawDescGZIP(), []int{0}
+}
+
+func (x *ClusterLoadAssignment) GetClusterName() string {
+	if x != nil {
+		return x.ClusterName
+	}
+	return ""
+}
+
+func (x *ClusterLoadAssignment) GetEndpoints() []*LocalityLbEndpoints {
+	if x != nil {
+		return x.Endpoints
+	}
+	return nil
+}
+
+func (x *ClusterLoadAssignment) GetNamedEndpoints() map[string]*Endpoint {
+	if x != nil {
+		return x.NamedEndpoints
+	}
+	return nil
+}
+
+func (x *ClusterLoadAssignment) GetPolicy() *ClusterLoadAssignment_Policy {
+	if x != nil {
+		return x.Policy
+	}
+	return nil
+}
+
+// Load balancing policy settings.
+// [#next-free-field: 6]
+type ClusterLoadAssignment_Policy struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// Action to trim the overall incoming traffic to protect the upstream
+	// hosts. This action allows protection in case the hosts are unable to
+	// recover from an outage, or unable to autoscale or unable to handle
+	// incoming traffic volume for any reason.
+	//
+	// At the client each category is applied one after the other to generate
+	// the 'actual' drop percentage on all outgoing traffic. For example:
+	//
+	// .. code-block:: json
+	//
+	//  { "drop_overloads": [
+	//      { "category": "throttle", "drop_percentage": 60 }
+	//      { "category": "lb", "drop_percentage": 50 }
+	//  ]}
+	//
+	// The actual drop percentages applied to the traffic at the clients will be
+	//    "throttle"_drop = 60%
+	//    "lb"_drop = 20%  // 50% of the remaining 'actual' load, which is 40%.
+	//    actual_outgoing_load = 20% // remaining after applying all categories.
+	// [#not-implemented-hide:]
+	DropOverloads []*ClusterLoadAssignment_Policy_DropOverload `protobuf:"bytes,2,rep,name=drop_overloads,json=dropOverloads,proto3" json:"drop_overloads,omitempty"`
+	// Priority levels and localities are considered overprovisioned with this
+	// factor (in percentage). This means that we don't consider a priority
+	// level or locality unhealthy until the fraction of healthy hosts
+	// multiplied by the overprovisioning factor drops below 100.
+	// With the default value 140(1.4), Envoy doesn't consider a priority level
+	// or a locality unhealthy until their percentage of healthy hosts drops
+	// below 72%. For example:
+	//
+	// .. code-block:: json
+	//
+	//  { "overprovisioning_factor": 100 }
+	//
+	// Read more at :ref:`priority levels <arch_overview_load_balancing_priority_levels>` and
+	// :ref:`localities <arch_overview_load_balancing_locality_weighted_lb>`.
+	OverprovisioningFactor *wrappers.UInt32Value `protobuf:"bytes,3,opt,name=overprovisioning_factor,json=overprovisioningFactor,proto3" json:"overprovisioning_factor,omitempty"`
+	// The max time until which the endpoints from this assignment can be used.
+	// If no new assignments are received before this time expires the endpoints
+	// are considered stale and should be marked unhealthy.
+	// Defaults to 0 which means endpoints never go stale.
+	EndpointStaleAfter *duration.Duration `protobuf:"bytes,4,opt,name=endpoint_stale_after,json=endpointStaleAfter,proto3" json:"endpoint_stale_after,omitempty"`
+}
+
+func (x *ClusterLoadAssignment_Policy) Reset() {
+	*x = ClusterLoadAssignment_Policy{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_config_endpoint_v3_endpoint_proto_msgTypes[1]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *ClusterLoadAssignment_Policy) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*ClusterLoadAssignment_Policy) ProtoMessage() {}
+
+func (x *ClusterLoadAssignment_Policy) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_config_endpoint_v3_endpoint_proto_msgTypes[1]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use ClusterLoadAssignment_Policy.ProtoReflect.Descriptor instead.
+func (*ClusterLoadAssignment_Policy) Descriptor() ([]byte, []int) {
+	return file_envoy_config_endpoint_v3_endpoint_proto_rawDescGZIP(), []int{0, 0}
+}
+
+func (x *ClusterLoadAssignment_Policy) GetDropOverloads() []*ClusterLoadAssignment_Policy_DropOverload {
+	if x != nil {
+		return x.DropOverloads
+	}
+	return nil
+}
+
+func (x *ClusterLoadAssignment_Policy) GetOverprovisioningFactor() *wrappers.UInt32Value {
+	if x != nil {
+		return x.OverprovisioningFactor
+	}
+	return nil
+}
+
+func (x *ClusterLoadAssignment_Policy) GetEndpointStaleAfter() *duration.Duration {
+	if x != nil {
+		return x.EndpointStaleAfter
+	}
+	return nil
+}
+
+// [#not-implemented-hide:]
+type ClusterLoadAssignment_Policy_DropOverload struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// Identifier for the policy specifying the drop.
+	Category string `protobuf:"bytes,1,opt,name=category,proto3" json:"category,omitempty"`
+	// Percentage of traffic that should be dropped for the category.
+	DropPercentage *v3.FractionalPercent `protobuf:"bytes,2,opt,name=drop_percentage,json=dropPercentage,proto3" json:"drop_percentage,omitempty"`
+}
+
+func (x *ClusterLoadAssignment_Policy_DropOverload) Reset() {
+	*x = ClusterLoadAssignment_Policy_DropOverload{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_config_endpoint_v3_endpoint_proto_msgTypes[3]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *ClusterLoadAssignment_Policy_DropOverload) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*ClusterLoadAssignment_Policy_DropOverload) ProtoMessage() {}
+
+func (x *ClusterLoadAssignment_Policy_DropOverload) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_config_endpoint_v3_endpoint_proto_msgTypes[3]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use ClusterLoadAssignment_Policy_DropOverload.ProtoReflect.Descriptor instead.
+func (*ClusterLoadAssignment_Policy_DropOverload) Descriptor() ([]byte, []int) {
+	return file_envoy_config_endpoint_v3_endpoint_proto_rawDescGZIP(), []int{0, 0, 0}
+}
+
+func (x *ClusterLoadAssignment_Policy_DropOverload) GetCategory() string {
+	if x != nil {
+		return x.Category
+	}
+	return ""
+}
+
+func (x *ClusterLoadAssignment_Policy_DropOverload) GetDropPercentage() *v3.FractionalPercent {
+	if x != nil {
+		return x.DropPercentage
+	}
+	return nil
+}
+
+var File_envoy_config_endpoint_v3_endpoint_proto protoreflect.FileDescriptor
+
+var file_envoy_config_endpoint_v3_endpoint_proto_rawDesc = []byte{
+	0x0a, 0x27, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2f, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2f, 0x65,
+	0x6e, 0x64, 0x70, 0x6f, 0x69, 0x6e, 0x74, 0x2f, 0x76, 0x33, 0x2f, 0x65, 0x6e, 0x64, 0x70, 0x6f,
+	0x69, 0x6e, 0x74, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x12, 0x18, 0x65, 0x6e, 0x76, 0x6f, 0x79,
+	0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x65, 0x6e, 0x64, 0x70, 0x6f, 0x69, 0x6e, 0x74,
+	0x2e, 0x76, 0x33, 0x1a, 0x32, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2f, 0x63, 0x6f, 0x6e, 0x66, 0x69,
+	0x67, 0x2f, 0x65, 0x6e, 0x64, 0x70, 0x6f, 0x69, 0x6e, 0x74, 0x2f, 0x76, 0x33, 0x2f, 0x65, 0x6e,
+	0x64, 0x70, 0x6f, 0x69, 0x6e, 0x74, 0x5f, 0x63, 0x6f, 0x6d, 0x70, 0x6f, 0x6e, 0x65, 0x6e, 0x74,
+	0x73, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x1b, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2f, 0x74,
+	0x79, 0x70, 0x65, 0x2f, 0x76, 0x33, 0x2f, 0x70, 0x65, 0x72, 0x63, 0x65, 0x6e, 0x74, 0x2e, 0x70,
+	0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x1e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2f, 0x70, 0x72, 0x6f,
+	0x74, 0x6f, 0x62, 0x75, 0x66, 0x2f, 0x64, 0x75, 0x72, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x2e, 0x70,
+	0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x1e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2f, 0x70, 0x72, 0x6f,
+	0x74, 0x6f, 0x62, 0x75, 0x66, 0x2f, 0x77, 0x72, 0x61, 0x70, 0x70, 0x65, 0x72, 0x73, 0x2e, 0x70,
+	0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x1d, 0x75, 0x64, 0x70, 0x61, 0x2f, 0x61, 0x6e, 0x6e, 0x6f, 0x74,
+	0x61, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x2f, 0x73, 0x74, 0x61, 0x74, 0x75, 0x73, 0x2e, 0x70, 0x72,
+	0x6f, 0x74, 0x6f, 0x1a, 0x21, 0x75, 0x64, 0x70, 0x61, 0x2f, 0x61, 0x6e, 0x6e, 0x6f, 0x74, 0x61,
+	0x74, 0x69, 0x6f, 0x6e, 0x73, 0x2f, 0x76, 0x65, 0x72, 0x73, 0x69, 0x6f, 0x6e, 0x69, 0x6e, 0x67,
+	0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x17, 0x76, 0x61, 0x6c, 0x69, 0x64, 0x61, 0x74, 0x65,
+	0x2f, 0x76, 0x61, 0x6c, 0x69, 0x64, 0x61, 0x74, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x22,
+	0xa6, 0x08, 0x0a, 0x15, 0x43, 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0x4c, 0x6f, 0x61, 0x64, 0x41,
+	0x73, 0x73, 0x69, 0x67, 0x6e, 0x6d, 0x65, 0x6e, 0x74, 0x12, 0x2a, 0x0a, 0x0c, 0x63, 0x6c, 0x75,
+	0x73, 0x74, 0x65, 0x72, 0x5f, 0x6e, 0x61, 0x6d, 0x65, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x42,
+	0x07, 0xfa, 0x42, 0x04, 0x72, 0x02, 0x10, 0x01, 0x52, 0x0b, 0x63, 0x6c, 0x75, 0x73, 0x74, 0x65,
+	0x72, 0x4e, 0x61, 0x6d, 0x65, 0x12, 0x4b, 0x0a, 0x09, 0x65, 0x6e, 0x64, 0x70, 0x6f, 0x69, 0x6e,
+	0x74, 0x73, 0x18, 0x02, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x2d, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79,
+	0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x65, 0x6e, 0x64, 0x70, 0x6f, 0x69, 0x6e, 0x74,
+	0x2e, 0x76, 0x33, 0x2e, 0x4c, 0x6f, 0x63, 0x61, 0x6c, 0x69, 0x74, 0x79, 0x4c, 0x62, 0x45, 0x6e,
+	0x64, 0x70, 0x6f, 0x69, 0x6e, 0x74, 0x73, 0x52, 0x09, 0x65, 0x6e, 0x64, 0x70, 0x6f, 0x69, 0x6e,
+	0x74, 0x73, 0x12, 0x6c, 0x0a, 0x0f, 0x6e, 0x61, 0x6d, 0x65, 0x64, 0x5f, 0x65, 0x6e, 0x64, 0x70,
+	0x6f, 0x69, 0x6e, 0x74, 0x73, 0x18, 0x05, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x43, 0x2e, 0x65, 0x6e,
+	0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x65, 0x6e, 0x64, 0x70, 0x6f,
+	0x69, 0x6e, 0x74, 0x2e, 0x76, 0x33, 0x2e, 0x43, 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0x4c, 0x6f,
+	0x61, 0x64, 0x41, 0x73, 0x73, 0x69, 0x67, 0x6e, 0x6d, 0x65, 0x6e, 0x74, 0x2e, 0x4e, 0x61, 0x6d,
+	0x65, 0x64, 0x45, 0x6e, 0x64, 0x70, 0x6f, 0x69, 0x6e, 0x74, 0x73, 0x45, 0x6e, 0x74, 0x72, 0x79,
+	0x52, 0x0e, 0x6e, 0x61, 0x6d, 0x65, 0x64, 0x45, 0x6e, 0x64, 0x70, 0x6f, 0x69, 0x6e, 0x74, 0x73,
+	0x12, 0x4e, 0x0a, 0x06, 0x70, 0x6f, 0x6c, 0x69, 0x63, 0x79, 0x18, 0x04, 0x20, 0x01, 0x28, 0x0b,
+	0x32, 0x36, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e,
+	0x65, 0x6e, 0x64, 0x70, 0x6f, 0x69, 0x6e, 0x74, 0x2e, 0x76, 0x33, 0x2e, 0x43, 0x6c, 0x75, 0x73,
+	0x74, 0x65, 0x72, 0x4c, 0x6f, 0x61, 0x64, 0x41, 0x73, 0x73, 0x69, 0x67, 0x6e, 0x6d, 0x65, 0x6e,
+	0x74, 0x2e, 0x50, 0x6f, 0x6c, 0x69, 0x63, 0x79, 0x52, 0x06, 0x70, 0x6f, 0x6c, 0x69, 0x63, 0x79,
+	0x1a, 0xc3, 0x04, 0x0a, 0x06, 0x50, 0x6f, 0x6c, 0x69, 0x63, 0x79, 0x12, 0x6a, 0x0a, 0x0e, 0x64,
+	0x72, 0x6f, 0x70, 0x5f, 0x6f, 0x76, 0x65, 0x72, 0x6c, 0x6f, 0x61, 0x64, 0x73, 0x18, 0x02, 0x20,
+	0x03, 0x28, 0x0b, 0x32, 0x43, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66,
+	0x69, 0x67, 0x2e, 0x65, 0x6e, 0x64, 0x70, 0x6f, 0x69, 0x6e, 0x74, 0x2e, 0x76, 0x33, 0x2e, 0x43,
+	0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0x4c, 0x6f, 0x61, 0x64, 0x41, 0x73, 0x73, 0x69, 0x67, 0x6e,
+	0x6d, 0x65, 0x6e, 0x74, 0x2e, 0x50, 0x6f, 0x6c, 0x69, 0x63, 0x79, 0x2e, 0x44, 0x72, 0x6f, 0x70,
+	0x4f, 0x76, 0x65, 0x72, 0x6c, 0x6f, 0x61, 0x64, 0x52, 0x0d, 0x64, 0x72, 0x6f, 0x70, 0x4f, 0x76,
+	0x65, 0x72, 0x6c, 0x6f, 0x61, 0x64, 0x73, 0x12, 0x5e, 0x0a, 0x17, 0x6f, 0x76, 0x65, 0x72, 0x70,
+	0x72, 0x6f, 0x76, 0x69, 0x73, 0x69, 0x6f, 0x6e, 0x69, 0x6e, 0x67, 0x5f, 0x66, 0x61, 0x63, 0x74,
+	0x6f, 0x72, 0x18, 0x03, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1c, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c,
+	0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x55, 0x49, 0x6e, 0x74, 0x33,
+	0x32, 0x56, 0x61, 0x6c, 0x75, 0x65, 0x42, 0x07, 0xfa, 0x42, 0x04, 0x2a, 0x02, 0x20, 0x00, 0x52,
+	0x16, 0x6f, 0x76, 0x65, 0x72, 0x70, 0x72, 0x6f, 0x76, 0x69, 0x73, 0x69, 0x6f, 0x6e, 0x69, 0x6e,
+	0x67, 0x46, 0x61, 0x63, 0x74, 0x6f, 0x72, 0x12, 0x55, 0x0a, 0x14, 0x65, 0x6e, 0x64, 0x70, 0x6f,
+	0x69, 0x6e, 0x74, 0x5f, 0x73, 0x74, 0x61, 0x6c, 0x65, 0x5f, 0x61, 0x66, 0x74, 0x65, 0x72, 0x18,
+	0x04, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x19, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70,
+	0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x44, 0x75, 0x72, 0x61, 0x74, 0x69, 0x6f, 0x6e,
+	0x42, 0x08, 0xfa, 0x42, 0x05, 0xaa, 0x01, 0x02, 0x2a, 0x00, 0x52, 0x12, 0x65, 0x6e, 0x64, 0x70,
+	0x6f, 0x69, 0x6e, 0x74, 0x53, 0x74, 0x61, 0x6c, 0x65, 0x41, 0x66, 0x74, 0x65, 0x72, 0x1a, 0xbd,
+	0x01, 0x0a, 0x0c, 0x44, 0x72, 0x6f, 0x70, 0x4f, 0x76, 0x65, 0x72, 0x6c, 0x6f, 0x61, 0x64, 0x12,
+	0x23, 0x0a, 0x08, 0x63, 0x61, 0x74, 0x65, 0x67, 0x6f, 0x72, 0x79, 0x18, 0x01, 0x20, 0x01, 0x28,
+	0x09, 0x42, 0x07, 0xfa, 0x42, 0x04, 0x72, 0x02, 0x10, 0x01, 0x52, 0x08, 0x63, 0x61, 0x74, 0x65,
+	0x67, 0x6f, 0x72, 0x79, 0x12, 0x49, 0x0a, 0x0f, 0x64, 0x72, 0x6f, 0x70, 0x5f, 0x70, 0x65, 0x72,
+	0x63, 0x65, 0x6e, 0x74, 0x61, 0x67, 0x65, 0x18, 0x02, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x20, 0x2e,
+	0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x74, 0x79, 0x70, 0x65, 0x2e, 0x76, 0x33, 0x2e, 0x46, 0x72,
+	0x61, 0x63, 0x74, 0x69, 0x6f, 0x6e, 0x61, 0x6c, 0x50, 0x65, 0x72, 0x63, 0x65, 0x6e, 0x74, 0x52,
+	0x0e, 0x64, 0x72, 0x6f, 0x70, 0x50, 0x65, 0x72, 0x63, 0x65, 0x6e, 0x74, 0x61, 0x67, 0x65, 0x3a,
+	0x3d, 0x9a, 0xc5, 0x88, 0x1e, 0x38, 0x0a, 0x36, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61, 0x70,
+	0x69, 0x2e, 0x76, 0x32, 0x2e, 0x43, 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0x4c, 0x6f, 0x61, 0x64,
+	0x41, 0x73, 0x73, 0x69, 0x67, 0x6e, 0x6d, 0x65, 0x6e, 0x74, 0x2e, 0x50, 0x6f, 0x6c, 0x69, 0x63,
+	0x79, 0x2e, 0x44, 0x72, 0x6f, 0x70, 0x4f, 0x76, 0x65, 0x72, 0x6c, 0x6f, 0x61, 0x64, 0x3a, 0x30,
+	0x9a, 0xc5, 0x88, 0x1e, 0x2b, 0x0a, 0x29, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61, 0x70, 0x69,
+	0x2e, 0x76, 0x32, 0x2e, 0x43, 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0x4c, 0x6f, 0x61, 0x64, 0x41,
+	0x73, 0x73, 0x69, 0x67, 0x6e, 0x6d, 0x65, 0x6e, 0x74, 0x2e, 0x50, 0x6f, 0x6c, 0x69, 0x63, 0x79,
+	0x4a, 0x04, 0x08, 0x01, 0x10, 0x02, 0x4a, 0x04, 0x08, 0x05, 0x10, 0x06, 0x52, 0x18, 0x64, 0x69,
+	0x73, 0x61, 0x62, 0x6c, 0x65, 0x5f, 0x6f, 0x76, 0x65, 0x72, 0x70, 0x72, 0x6f, 0x76, 0x69, 0x73,
+	0x69, 0x6f, 0x6e, 0x69, 0x6e, 0x67, 0x1a, 0x65, 0x0a, 0x13, 0x4e, 0x61, 0x6d, 0x65, 0x64, 0x45,
+	0x6e, 0x64, 0x70, 0x6f, 0x69, 0x6e, 0x74, 0x73, 0x45, 0x6e, 0x74, 0x72, 0x79, 0x12, 0x10, 0x0a,
+	0x03, 0x6b, 0x65, 0x79, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x03, 0x6b, 0x65, 0x79, 0x12,
+	0x38, 0x0a, 0x05, 0x76, 0x61, 0x6c, 0x75, 0x65, 0x18, 0x02, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x22,
+	0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x65, 0x6e,
+	0x64, 0x70, 0x6f, 0x69, 0x6e, 0x74, 0x2e, 0x76, 0x33, 0x2e, 0x45, 0x6e, 0x64, 0x70, 0x6f, 0x69,
+	0x6e, 0x74, 0x52, 0x05, 0x76, 0x61, 0x6c, 0x75, 0x65, 0x3a, 0x02, 0x38, 0x01, 0x3a, 0x29, 0x9a,
+	0xc5, 0x88, 0x1e, 0x24, 0x0a, 0x22, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61, 0x70, 0x69, 0x2e,
+	0x76, 0x32, 0x2e, 0x43, 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0x4c, 0x6f, 0x61, 0x64, 0x41, 0x73,
+	0x73, 0x69, 0x67, 0x6e, 0x6d, 0x65, 0x6e, 0x74, 0x42, 0x41, 0x0a, 0x26, 0x69, 0x6f, 0x2e, 0x65,
+	0x6e, 0x76, 0x6f, 0x79, 0x70, 0x72, 0x6f, 0x78, 0x79, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e,
+	0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x65, 0x6e, 0x64, 0x70, 0x6f, 0x69, 0x6e, 0x74, 0x2e,
+	0x76, 0x33, 0x42, 0x0d, 0x45, 0x6e, 0x64, 0x70, 0x6f, 0x69, 0x6e, 0x74, 0x50, 0x72, 0x6f, 0x74,
+	0x6f, 0x50, 0x01, 0xba, 0x80, 0xc8, 0xd1, 0x06, 0x02, 0x10, 0x02, 0x62, 0x06, 0x70, 0x72, 0x6f,
+	0x74, 0x6f, 0x33,
+}
+
+var (
+	file_envoy_config_endpoint_v3_endpoint_proto_rawDescOnce sync.Once
+	file_envoy_config_endpoint_v3_endpoint_proto_rawDescData = file_envoy_config_endpoint_v3_endpoint_proto_rawDesc
+)
+
+func file_envoy_config_endpoint_v3_endpoint_proto_rawDescGZIP() []byte {
+	file_envoy_config_endpoint_v3_endpoint_proto_rawDescOnce.Do(func() {
+		file_envoy_config_endpoint_v3_endpoint_proto_rawDescData = protoimpl.X.CompressGZIP(file_envoy_config_endpoint_v3_endpoint_proto_rawDescData)
+	})
+	return file_envoy_config_endpoint_v3_endpoint_proto_rawDescData
+}
+
+var file_envoy_config_endpoint_v3_endpoint_proto_msgTypes = make([]protoimpl.MessageInfo, 4)
+var file_envoy_config_endpoint_v3_endpoint_proto_goTypes = []interface{}{
+	(*ClusterLoadAssignment)(nil),        // 0: envoy.config.endpoint.v3.ClusterLoadAssignment
+	(*ClusterLoadAssignment_Policy)(nil), // 1: envoy.config.endpoint.v3.ClusterLoadAssignment.Policy
+	nil,                                  // 2: envoy.config.endpoint.v3.ClusterLoadAssignment.NamedEndpointsEntry
+	(*ClusterLoadAssignment_Policy_DropOverload)(nil), // 3: envoy.config.endpoint.v3.ClusterLoadAssignment.Policy.DropOverload
+	(*LocalityLbEndpoints)(nil),                       // 4: envoy.config.endpoint.v3.LocalityLbEndpoints
+	(*wrappers.UInt32Value)(nil),                      // 5: google.protobuf.UInt32Value
+	(*duration.Duration)(nil),                         // 6: google.protobuf.Duration
+	(*Endpoint)(nil),                                  // 7: envoy.config.endpoint.v3.Endpoint
+	(*v3.FractionalPercent)(nil),                      // 8: envoy.type.v3.FractionalPercent
+}
+var file_envoy_config_endpoint_v3_endpoint_proto_depIdxs = []int32{
+	4, // 0: envoy.config.endpoint.v3.ClusterLoadAssignment.endpoints:type_name -> envoy.config.endpoint.v3.LocalityLbEndpoints
+	2, // 1: envoy.config.endpoint.v3.ClusterLoadAssignment.named_endpoints:type_name -> envoy.config.endpoint.v3.ClusterLoadAssignment.NamedEndpointsEntry
+	1, // 2: envoy.config.endpoint.v3.ClusterLoadAssignment.policy:type_name -> envoy.config.endpoint.v3.ClusterLoadAssignment.Policy
+	3, // 3: envoy.config.endpoint.v3.ClusterLoadAssignment.Policy.drop_overloads:type_name -> envoy.config.endpoint.v3.ClusterLoadAssignment.Policy.DropOverload
+	5, // 4: envoy.config.endpoint.v3.ClusterLoadAssignment.Policy.overprovisioning_factor:type_name -> google.protobuf.UInt32Value
+	6, // 5: envoy.config.endpoint.v3.ClusterLoadAssignment.Policy.endpoint_stale_after:type_name -> google.protobuf.Duration
+	7, // 6: envoy.config.endpoint.v3.ClusterLoadAssignment.NamedEndpointsEntry.value:type_name -> envoy.config.endpoint.v3.Endpoint
+	8, // 7: envoy.config.endpoint.v3.ClusterLoadAssignment.Policy.DropOverload.drop_percentage:type_name -> envoy.type.v3.FractionalPercent
+	8, // [8:8] is the sub-list for method output_type
+	8, // [8:8] is the sub-list for method input_type
+	8, // [8:8] is the sub-list for extension type_name
+	8, // [8:8] is the sub-list for extension extendee
+	0, // [0:8] is the sub-list for field type_name
+}
+
+func init() { file_envoy_config_endpoint_v3_endpoint_proto_init() }
+func file_envoy_config_endpoint_v3_endpoint_proto_init() {
+	if File_envoy_config_endpoint_v3_endpoint_proto != nil {
+		return
+	}
+	file_envoy_config_endpoint_v3_endpoint_components_proto_init()
+	if !protoimpl.UnsafeEnabled {
+		file_envoy_config_endpoint_v3_endpoint_proto_msgTypes[0].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*ClusterLoadAssignment); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_config_endpoint_v3_endpoint_proto_msgTypes[1].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*ClusterLoadAssignment_Policy); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_config_endpoint_v3_endpoint_proto_msgTypes[3].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*ClusterLoadAssignment_Policy_DropOverload); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+	}
+	type x struct{}
+	out := protoimpl.TypeBuilder{
+		File: protoimpl.DescBuilder{
+			GoPackagePath: reflect.TypeOf(x{}).PkgPath(),
+			RawDescriptor: file_envoy_config_endpoint_v3_endpoint_proto_rawDesc,
+			NumEnums:      0,
+			NumMessages:   4,
+			NumExtensions: 0,
+			NumServices:   0,
+		},
+		GoTypes:           file_envoy_config_endpoint_v3_endpoint_proto_goTypes,
+		DependencyIndexes: file_envoy_config_endpoint_v3_endpoint_proto_depIdxs,
+		MessageInfos:      file_envoy_config_endpoint_v3_endpoint_proto_msgTypes,
+	}.Build()
+	File_envoy_config_endpoint_v3_endpoint_proto = out.File
+	file_envoy_config_endpoint_v3_endpoint_proto_rawDesc = nil
+	file_envoy_config_endpoint_v3_endpoint_proto_goTypes = nil
+	file_envoy_config_endpoint_v3_endpoint_proto_depIdxs = nil
+}
diff --git a/vendor/github.com/envoyproxy/go-control-plane/envoy/config/endpoint/v3/endpoint.pb.validate.go b/vendor/github.com/envoyproxy/go-control-plane/envoy/config/endpoint/v3/endpoint.pb.validate.go
new file mode 100644
index 00000000000..3392749f945
--- /dev/null
+++ b/vendor/github.com/envoyproxy/go-control-plane/envoy/config/endpoint/v3/endpoint.pb.validate.go
@@ -0,0 +1,583 @@
+// Code generated by protoc-gen-validate. DO NOT EDIT.
+// source: envoy/config/endpoint/v3/endpoint.proto
+
+package envoy_config_endpoint_v3
+
+import (
+	"bytes"
+	"errors"
+	"fmt"
+	"net"
+	"net/mail"
+	"net/url"
+	"regexp"
+	"sort"
+	"strings"
+	"time"
+	"unicode/utf8"
+
+	"google.golang.org/protobuf/types/known/anypb"
+)
+
+// ensure the imports are used
+var (
+	_ = bytes.MinRead
+	_ = errors.New("")
+	_ = fmt.Print
+	_ = utf8.UTFMax
+	_ = (*regexp.Regexp)(nil)
+	_ = (*strings.Reader)(nil)
+	_ = net.IPv4len
+	_ = time.Duration(0)
+	_ = (*url.URL)(nil)
+	_ = (*mail.Address)(nil)
+	_ = anypb.Any{}
+	_ = sort.Sort
+)
+
+// Validate checks the field values on ClusterLoadAssignment with the rules
+// defined in the proto definition for this message. If any rules are
+// violated, the first error encountered is returned, or nil if there are no violations.
+func (m *ClusterLoadAssignment) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on ClusterLoadAssignment with the rules
+// defined in the proto definition for this message. If any rules are
+// violated, the result is a list of violation errors wrapped in
+// ClusterLoadAssignmentMultiError, or nil if none found.
+func (m *ClusterLoadAssignment) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *ClusterLoadAssignment) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	if utf8.RuneCountInString(m.GetClusterName()) < 1 {
+		err := ClusterLoadAssignmentValidationError{
+			field:  "ClusterName",
+			reason: "value length must be at least 1 runes",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+	}
+
+	for idx, item := range m.GetEndpoints() {
+		_, _ = idx, item
+
+		if all {
+			switch v := interface{}(item).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, ClusterLoadAssignmentValidationError{
+						field:  fmt.Sprintf("Endpoints[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, ClusterLoadAssignmentValidationError{
+						field:  fmt.Sprintf("Endpoints[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(item).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return ClusterLoadAssignmentValidationError{
+					field:  fmt.Sprintf("Endpoints[%v]", idx),
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	}
+
+	{
+		sorted_keys := make([]string, len(m.GetNamedEndpoints()))
+		i := 0
+		for key := range m.GetNamedEndpoints() {
+			sorted_keys[i] = key
+			i++
+		}
+		sort.Slice(sorted_keys, func(i, j int) bool { return sorted_keys[i] < sorted_keys[j] })
+		for _, key := range sorted_keys {
+			val := m.GetNamedEndpoints()[key]
+			_ = val
+
+			// no validation rules for NamedEndpoints[key]
+
+			if all {
+				switch v := interface{}(val).(type) {
+				case interface{ ValidateAll() error }:
+					if err := v.ValidateAll(); err != nil {
+						errors = append(errors, ClusterLoadAssignmentValidationError{
+							field:  fmt.Sprintf("NamedEndpoints[%v]", key),
+							reason: "embedded message failed validation",
+							cause:  err,
+						})
+					}
+				case interface{ Validate() error }:
+					if err := v.Validate(); err != nil {
+						errors = append(errors, ClusterLoadAssignmentValidationError{
+							field:  fmt.Sprintf("NamedEndpoints[%v]", key),
+							reason: "embedded message failed validation",
+							cause:  err,
+						})
+					}
+				}
+			} else if v, ok := interface{}(val).(interface{ Validate() error }); ok {
+				if err := v.Validate(); err != nil {
+					return ClusterLoadAssignmentValidationError{
+						field:  fmt.Sprintf("NamedEndpoints[%v]", key),
+						reason: "embedded message failed validation",
+						cause:  err,
+					}
+				}
+			}
+
+		}
+	}
+
+	if all {
+		switch v := interface{}(m.GetPolicy()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, ClusterLoadAssignmentValidationError{
+					field:  "Policy",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, ClusterLoadAssignmentValidationError{
+					field:  "Policy",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetPolicy()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return ClusterLoadAssignmentValidationError{
+				field:  "Policy",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if len(errors) > 0 {
+		return ClusterLoadAssignmentMultiError(errors)
+	}
+	return nil
+}
+
+// ClusterLoadAssignmentMultiError is an error wrapping multiple validation
+// errors returned by ClusterLoadAssignment.ValidateAll() if the designated
+// constraints aren't met.
+type ClusterLoadAssignmentMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m ClusterLoadAssignmentMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m ClusterLoadAssignmentMultiError) AllErrors() []error { return m }
+
+// ClusterLoadAssignmentValidationError is the validation error returned by
+// ClusterLoadAssignment.Validate if the designated constraints aren't met.
+type ClusterLoadAssignmentValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e ClusterLoadAssignmentValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e ClusterLoadAssignmentValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e ClusterLoadAssignmentValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e ClusterLoadAssignmentValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e ClusterLoadAssignmentValidationError) ErrorName() string {
+	return "ClusterLoadAssignmentValidationError"
+}
+
+// Error satisfies the builtin error interface
+func (e ClusterLoadAssignmentValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sClusterLoadAssignment.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = ClusterLoadAssignmentValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = ClusterLoadAssignmentValidationError{}
+
+// Validate checks the field values on ClusterLoadAssignment_Policy with the
+// rules defined in the proto definition for this message. If any rules are
+// violated, the first error encountered is returned, or nil if there are no violations.
+func (m *ClusterLoadAssignment_Policy) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on ClusterLoadAssignment_Policy with the
+// rules defined in the proto definition for this message. If any rules are
+// violated, the result is a list of violation errors wrapped in
+// ClusterLoadAssignment_PolicyMultiError, or nil if none found.
+func (m *ClusterLoadAssignment_Policy) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *ClusterLoadAssignment_Policy) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	for idx, item := range m.GetDropOverloads() {
+		_, _ = idx, item
+
+		if all {
+			switch v := interface{}(item).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, ClusterLoadAssignment_PolicyValidationError{
+						field:  fmt.Sprintf("DropOverloads[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, ClusterLoadAssignment_PolicyValidationError{
+						field:  fmt.Sprintf("DropOverloads[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(item).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return ClusterLoadAssignment_PolicyValidationError{
+					field:  fmt.Sprintf("DropOverloads[%v]", idx),
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	}
+
+	if wrapper := m.GetOverprovisioningFactor(); wrapper != nil {
+
+		if wrapper.GetValue() <= 0 {
+			err := ClusterLoadAssignment_PolicyValidationError{
+				field:  "OverprovisioningFactor",
+				reason: "value must be greater than 0",
+			}
+			if !all {
+				return err
+			}
+			errors = append(errors, err)
+		}
+
+	}
+
+	if d := m.GetEndpointStaleAfter(); d != nil {
+		dur, err := d.AsDuration(), d.CheckValid()
+		if err != nil {
+			err = ClusterLoadAssignment_PolicyValidationError{
+				field:  "EndpointStaleAfter",
+				reason: "value is not a valid duration",
+				cause:  err,
+			}
+			if !all {
+				return err
+			}
+			errors = append(errors, err)
+		} else {
+
+			gt := time.Duration(0*time.Second + 0*time.Nanosecond)
+
+			if dur <= gt {
+				err := ClusterLoadAssignment_PolicyValidationError{
+					field:  "EndpointStaleAfter",
+					reason: "value must be greater than 0s",
+				}
+				if !all {
+					return err
+				}
+				errors = append(errors, err)
+			}
+
+		}
+	}
+
+	if len(errors) > 0 {
+		return ClusterLoadAssignment_PolicyMultiError(errors)
+	}
+	return nil
+}
+
+// ClusterLoadAssignment_PolicyMultiError is an error wrapping multiple
+// validation errors returned by ClusterLoadAssignment_Policy.ValidateAll() if
+// the designated constraints aren't met.
+type ClusterLoadAssignment_PolicyMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m ClusterLoadAssignment_PolicyMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m ClusterLoadAssignment_PolicyMultiError) AllErrors() []error { return m }
+
+// ClusterLoadAssignment_PolicyValidationError is the validation error returned
+// by ClusterLoadAssignment_Policy.Validate if the designated constraints
+// aren't met.
+type ClusterLoadAssignment_PolicyValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e ClusterLoadAssignment_PolicyValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e ClusterLoadAssignment_PolicyValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e ClusterLoadAssignment_PolicyValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e ClusterLoadAssignment_PolicyValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e ClusterLoadAssignment_PolicyValidationError) ErrorName() string {
+	return "ClusterLoadAssignment_PolicyValidationError"
+}
+
+// Error satisfies the builtin error interface
+func (e ClusterLoadAssignment_PolicyValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sClusterLoadAssignment_Policy.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = ClusterLoadAssignment_PolicyValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = ClusterLoadAssignment_PolicyValidationError{}
+
+// Validate checks the field values on
+// ClusterLoadAssignment_Policy_DropOverload with the rules defined in the
+// proto definition for this message. If any rules are violated, the first
+// error encountered is returned, or nil if there are no violations.
+func (m *ClusterLoadAssignment_Policy_DropOverload) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on
+// ClusterLoadAssignment_Policy_DropOverload with the rules defined in the
+// proto definition for this message. If any rules are violated, the result is
+// a list of violation errors wrapped in
+// ClusterLoadAssignment_Policy_DropOverloadMultiError, or nil if none found.
+func (m *ClusterLoadAssignment_Policy_DropOverload) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *ClusterLoadAssignment_Policy_DropOverload) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	if utf8.RuneCountInString(m.GetCategory()) < 1 {
+		err := ClusterLoadAssignment_Policy_DropOverloadValidationError{
+			field:  "Category",
+			reason: "value length must be at least 1 runes",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+	}
+
+	if all {
+		switch v := interface{}(m.GetDropPercentage()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, ClusterLoadAssignment_Policy_DropOverloadValidationError{
+					field:  "DropPercentage",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, ClusterLoadAssignment_Policy_DropOverloadValidationError{
+					field:  "DropPercentage",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetDropPercentage()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return ClusterLoadAssignment_Policy_DropOverloadValidationError{
+				field:  "DropPercentage",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if len(errors) > 0 {
+		return ClusterLoadAssignment_Policy_DropOverloadMultiError(errors)
+	}
+	return nil
+}
+
+// ClusterLoadAssignment_Policy_DropOverloadMultiError is an error wrapping
+// multiple validation errors returned by
+// ClusterLoadAssignment_Policy_DropOverload.ValidateAll() if the designated
+// constraints aren't met.
+type ClusterLoadAssignment_Policy_DropOverloadMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m ClusterLoadAssignment_Policy_DropOverloadMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m ClusterLoadAssignment_Policy_DropOverloadMultiError) AllErrors() []error { return m }
+
+// ClusterLoadAssignment_Policy_DropOverloadValidationError is the validation
+// error returned by ClusterLoadAssignment_Policy_DropOverload.Validate if the
+// designated constraints aren't met.
+type ClusterLoadAssignment_Policy_DropOverloadValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e ClusterLoadAssignment_Policy_DropOverloadValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e ClusterLoadAssignment_Policy_DropOverloadValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e ClusterLoadAssignment_Policy_DropOverloadValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e ClusterLoadAssignment_Policy_DropOverloadValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e ClusterLoadAssignment_Policy_DropOverloadValidationError) ErrorName() string {
+	return "ClusterLoadAssignment_Policy_DropOverloadValidationError"
+}
+
+// Error satisfies the builtin error interface
+func (e ClusterLoadAssignment_Policy_DropOverloadValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sClusterLoadAssignment_Policy_DropOverload.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = ClusterLoadAssignment_Policy_DropOverloadValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = ClusterLoadAssignment_Policy_DropOverloadValidationError{}
diff --git a/vendor/github.com/envoyproxy/go-control-plane/envoy/config/endpoint/v3/endpoint_components.pb.go b/vendor/github.com/envoyproxy/go-control-plane/envoy/config/endpoint/v3/endpoint_components.pb.go
new file mode 100644
index 00000000000..9fe228a8292
--- /dev/null
+++ b/vendor/github.com/envoyproxy/go-control-plane/envoy/config/endpoint/v3/endpoint_components.pb.go
@@ -0,0 +1,871 @@
+// Code generated by protoc-gen-go. DO NOT EDIT.
+// versions:
+// 	protoc-gen-go v1.25.0
+// 	protoc        v3.19.1
+// source: envoy/config/endpoint/v3/endpoint_components.proto
+
+package envoy_config_endpoint_v3
+
+import (
+	_ "github.com/cncf/xds/go/udpa/annotations"
+	v3 "github.com/envoyproxy/go-control-plane/envoy/config/core/v3"
+	_ "github.com/envoyproxy/protoc-gen-validate/validate"
+	proto "github.com/golang/protobuf/proto"
+	wrappers "github.com/golang/protobuf/ptypes/wrappers"
+	protoreflect "google.golang.org/protobuf/reflect/protoreflect"
+	protoimpl "google.golang.org/protobuf/runtime/protoimpl"
+	reflect "reflect"
+	sync "sync"
+)
+
+const (
+	// Verify that this generated code is sufficiently up-to-date.
+	_ = protoimpl.EnforceVersion(20 - protoimpl.MinVersion)
+	// Verify that runtime/protoimpl is sufficiently up-to-date.
+	_ = protoimpl.EnforceVersion(protoimpl.MaxVersion - 20)
+)
+
+// This is a compile-time assertion that a sufficiently up-to-date version
+// of the legacy proto package is being used.
+const _ = proto.ProtoPackageIsVersion4
+
+// Upstream host identifier.
+type Endpoint struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// The upstream host address.
+	//
+	// .. attention::
+	//
+	//   The form of host address depends on the given cluster type. For STATIC or EDS,
+	//   it is expected to be a direct IP address (or something resolvable by the
+	//   specified :ref:`resolver <envoy_v3_api_field_config.core.v3.SocketAddress.resolver_name>`
+	//   in the Address). For LOGICAL or STRICT DNS, it is expected to be hostname,
+	//   and will be resolved via DNS.
+	Address *v3.Address `protobuf:"bytes,1,opt,name=address,proto3" json:"address,omitempty"`
+	// The optional health check configuration is used as configuration for the
+	// health checker to contact the health checked host.
+	//
+	// .. attention::
+	//
+	//   This takes into effect only for upstream clusters with
+	//   :ref:`active health checking <arch_overview_health_checking>` enabled.
+	HealthCheckConfig *Endpoint_HealthCheckConfig `protobuf:"bytes,2,opt,name=health_check_config,json=healthCheckConfig,proto3" json:"health_check_config,omitempty"`
+	// The hostname associated with this endpoint. This hostname is not used for routing or address
+	// resolution. If provided, it will be associated with the endpoint, and can be used for features
+	// that require a hostname, like
+	// :ref:`auto_host_rewrite <envoy_v3_api_field_config.route.v3.RouteAction.auto_host_rewrite>`.
+	Hostname string `protobuf:"bytes,3,opt,name=hostname,proto3" json:"hostname,omitempty"`
+}
+
+func (x *Endpoint) Reset() {
+	*x = Endpoint{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_config_endpoint_v3_endpoint_components_proto_msgTypes[0]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *Endpoint) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*Endpoint) ProtoMessage() {}
+
+func (x *Endpoint) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_config_endpoint_v3_endpoint_components_proto_msgTypes[0]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use Endpoint.ProtoReflect.Descriptor instead.
+func (*Endpoint) Descriptor() ([]byte, []int) {
+	return file_envoy_config_endpoint_v3_endpoint_components_proto_rawDescGZIP(), []int{0}
+}
+
+func (x *Endpoint) GetAddress() *v3.Address {
+	if x != nil {
+		return x.Address
+	}
+	return nil
+}
+
+func (x *Endpoint) GetHealthCheckConfig() *Endpoint_HealthCheckConfig {
+	if x != nil {
+		return x.HealthCheckConfig
+	}
+	return nil
+}
+
+func (x *Endpoint) GetHostname() string {
+	if x != nil {
+		return x.Hostname
+	}
+	return ""
+}
+
+// An Endpoint that Envoy can route traffic to.
+// [#next-free-field: 6]
+type LbEndpoint struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// Upstream host identifier or a named reference.
+	//
+	// Types that are assignable to HostIdentifier:
+	//	*LbEndpoint_Endpoint
+	//	*LbEndpoint_EndpointName
+	HostIdentifier isLbEndpoint_HostIdentifier `protobuf_oneof:"host_identifier"`
+	// Optional health status when known and supplied by EDS server.
+	HealthStatus v3.HealthStatus `protobuf:"varint,2,opt,name=health_status,json=healthStatus,proto3,enum=envoy.config.core.v3.HealthStatus" json:"health_status,omitempty"`
+	// The endpoint metadata specifies values that may be used by the load
+	// balancer to select endpoints in a cluster for a given request. The filter
+	// name should be specified as *envoy.lb*. An example boolean key-value pair
+	// is *canary*, providing the optional canary status of the upstream host.
+	// This may be matched against in a route's
+	// :ref:`RouteAction <envoy_v3_api_msg_config.route.v3.RouteAction>` metadata_match field
+	// to subset the endpoints considered in cluster load balancing.
+	Metadata *v3.Metadata `protobuf:"bytes,3,opt,name=metadata,proto3" json:"metadata,omitempty"`
+	// The optional load balancing weight of the upstream host; at least 1.
+	// Envoy uses the load balancing weight in some of the built in load
+	// balancers. The load balancing weight for an endpoint is divided by the sum
+	// of the weights of all endpoints in the endpoint's locality to produce a
+	// percentage of traffic for the endpoint. This percentage is then further
+	// weighted by the endpoint's locality's load balancing weight from
+	// LocalityLbEndpoints. If unspecified, each host is presumed to have equal
+	// weight in a locality. The sum of the weights of all endpoints in the
+	// endpoint's locality must not exceed uint32_t maximal value (4294967295).
+	LoadBalancingWeight *wrappers.UInt32Value `protobuf:"bytes,4,opt,name=load_balancing_weight,json=loadBalancingWeight,proto3" json:"load_balancing_weight,omitempty"`
+}
+
+func (x *LbEndpoint) Reset() {
+	*x = LbEndpoint{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_config_endpoint_v3_endpoint_components_proto_msgTypes[1]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *LbEndpoint) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*LbEndpoint) ProtoMessage() {}
+
+func (x *LbEndpoint) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_config_endpoint_v3_endpoint_components_proto_msgTypes[1]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use LbEndpoint.ProtoReflect.Descriptor instead.
+func (*LbEndpoint) Descriptor() ([]byte, []int) {
+	return file_envoy_config_endpoint_v3_endpoint_components_proto_rawDescGZIP(), []int{1}
+}
+
+func (m *LbEndpoint) GetHostIdentifier() isLbEndpoint_HostIdentifier {
+	if m != nil {
+		return m.HostIdentifier
+	}
+	return nil
+}
+
+func (x *LbEndpoint) GetEndpoint() *Endpoint {
+	if x, ok := x.GetHostIdentifier().(*LbEndpoint_Endpoint); ok {
+		return x.Endpoint
+	}
+	return nil
+}
+
+func (x *LbEndpoint) GetEndpointName() string {
+	if x, ok := x.GetHostIdentifier().(*LbEndpoint_EndpointName); ok {
+		return x.EndpointName
+	}
+	return ""
+}
+
+func (x *LbEndpoint) GetHealthStatus() v3.HealthStatus {
+	if x != nil {
+		return x.HealthStatus
+	}
+	return v3.HealthStatus_UNKNOWN
+}
+
+func (x *LbEndpoint) GetMetadata() *v3.Metadata {
+	if x != nil {
+		return x.Metadata
+	}
+	return nil
+}
+
+func (x *LbEndpoint) GetLoadBalancingWeight() *wrappers.UInt32Value {
+	if x != nil {
+		return x.LoadBalancingWeight
+	}
+	return nil
+}
+
+type isLbEndpoint_HostIdentifier interface {
+	isLbEndpoint_HostIdentifier()
+}
+
+type LbEndpoint_Endpoint struct {
+	Endpoint *Endpoint `protobuf:"bytes,1,opt,name=endpoint,proto3,oneof"`
+}
+
+type LbEndpoint_EndpointName struct {
+	// [#not-implemented-hide:]
+	EndpointName string `protobuf:"bytes,5,opt,name=endpoint_name,json=endpointName,proto3,oneof"`
+}
+
+func (*LbEndpoint_Endpoint) isLbEndpoint_HostIdentifier() {}
+
+func (*LbEndpoint_EndpointName) isLbEndpoint_HostIdentifier() {}
+
+// [#not-implemented-hide:]
+// A configuration for a LEDS collection.
+type LedsClusterLocalityConfig struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// Configuration for the source of LEDS updates for a Locality.
+	LedsConfig *v3.ConfigSource `protobuf:"bytes,1,opt,name=leds_config,json=ledsConfig,proto3" json:"leds_config,omitempty"`
+	// The xDS transport protocol glob collection resource name.
+	// The service is only supported in delta xDS (incremental) mode.
+	LedsCollectionName string `protobuf:"bytes,2,opt,name=leds_collection_name,json=ledsCollectionName,proto3" json:"leds_collection_name,omitempty"`
+}
+
+func (x *LedsClusterLocalityConfig) Reset() {
+	*x = LedsClusterLocalityConfig{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_config_endpoint_v3_endpoint_components_proto_msgTypes[2]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *LedsClusterLocalityConfig) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*LedsClusterLocalityConfig) ProtoMessage() {}
+
+func (x *LedsClusterLocalityConfig) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_config_endpoint_v3_endpoint_components_proto_msgTypes[2]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use LedsClusterLocalityConfig.ProtoReflect.Descriptor instead.
+func (*LedsClusterLocalityConfig) Descriptor() ([]byte, []int) {
+	return file_envoy_config_endpoint_v3_endpoint_components_proto_rawDescGZIP(), []int{2}
+}
+
+func (x *LedsClusterLocalityConfig) GetLedsConfig() *v3.ConfigSource {
+	if x != nil {
+		return x.LedsConfig
+	}
+	return nil
+}
+
+func (x *LedsClusterLocalityConfig) GetLedsCollectionName() string {
+	if x != nil {
+		return x.LedsCollectionName
+	}
+	return ""
+}
+
+// A group of endpoints belonging to a Locality.
+// One can have multiple LocalityLbEndpoints for a locality, but this is
+// generally only done if the different groups need to have different load
+// balancing weights or different priorities.
+// [#next-free-field: 9]
+type LocalityLbEndpoints struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// Identifies location of where the upstream hosts run.
+	Locality *v3.Locality `protobuf:"bytes,1,opt,name=locality,proto3" json:"locality,omitempty"`
+	// The group of endpoints belonging to the locality specified.
+	// [#comment:TODO(adisuissa): Once LEDS is implemented this field needs to be
+	// deprecated and replaced by *load_balancer_endpoints*.]
+	LbEndpoints []*LbEndpoint `protobuf:"bytes,2,rep,name=lb_endpoints,json=lbEndpoints,proto3" json:"lb_endpoints,omitempty"`
+	// [#not-implemented-hide:]
+	//
+	// Types that are assignable to LbConfig:
+	//	*LocalityLbEndpoints_LoadBalancerEndpoints
+	//	*LocalityLbEndpoints_LedsClusterLocalityConfig
+	LbConfig isLocalityLbEndpoints_LbConfig `protobuf_oneof:"lb_config"`
+	// Optional: Per priority/region/zone/sub_zone weight; at least 1. The load
+	// balancing weight for a locality is divided by the sum of the weights of all
+	// localities  at the same priority level to produce the effective percentage
+	// of traffic for the locality. The sum of the weights of all localities at
+	// the same priority level must not exceed uint32_t maximal value (4294967295).
+	//
+	// Locality weights are only considered when :ref:`locality weighted load
+	// balancing <arch_overview_load_balancing_locality_weighted_lb>` is
+	// configured. These weights are ignored otherwise. If no weights are
+	// specified when locality weighted load balancing is enabled, the locality is
+	// assigned no load.
+	LoadBalancingWeight *wrappers.UInt32Value `protobuf:"bytes,3,opt,name=load_balancing_weight,json=loadBalancingWeight,proto3" json:"load_balancing_weight,omitempty"`
+	// Optional: the priority for this LocalityLbEndpoints. If unspecified this will
+	// default to the highest priority (0).
+	//
+	// Under usual circumstances, Envoy will only select endpoints for the highest
+	// priority (0). In the event all endpoints for a particular priority are
+	// unavailable/unhealthy, Envoy will fail over to selecting endpoints for the
+	// next highest priority group.
+	//
+	// Priorities should range from 0 (highest) to N (lowest) without skipping.
+	Priority uint32 `protobuf:"varint,5,opt,name=priority,proto3" json:"priority,omitempty"`
+	// Optional: Per locality proximity value which indicates how close this
+	// locality is from the source locality. This value only provides ordering
+	// information (lower the value, closer it is to the source locality).
+	// This will be consumed by load balancing schemes that need proximity order
+	// to determine where to route the requests.
+	// [#not-implemented-hide:]
+	Proximity *wrappers.UInt32Value `protobuf:"bytes,6,opt,name=proximity,proto3" json:"proximity,omitempty"`
+}
+
+func (x *LocalityLbEndpoints) Reset() {
+	*x = LocalityLbEndpoints{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_config_endpoint_v3_endpoint_components_proto_msgTypes[3]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *LocalityLbEndpoints) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*LocalityLbEndpoints) ProtoMessage() {}
+
+func (x *LocalityLbEndpoints) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_config_endpoint_v3_endpoint_components_proto_msgTypes[3]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use LocalityLbEndpoints.ProtoReflect.Descriptor instead.
+func (*LocalityLbEndpoints) Descriptor() ([]byte, []int) {
+	return file_envoy_config_endpoint_v3_endpoint_components_proto_rawDescGZIP(), []int{3}
+}
+
+func (x *LocalityLbEndpoints) GetLocality() *v3.Locality {
+	if x != nil {
+		return x.Locality
+	}
+	return nil
+}
+
+func (x *LocalityLbEndpoints) GetLbEndpoints() []*LbEndpoint {
+	if x != nil {
+		return x.LbEndpoints
+	}
+	return nil
+}
+
+func (m *LocalityLbEndpoints) GetLbConfig() isLocalityLbEndpoints_LbConfig {
+	if m != nil {
+		return m.LbConfig
+	}
+	return nil
+}
+
+func (x *LocalityLbEndpoints) GetLoadBalancerEndpoints() *LocalityLbEndpoints_LbEndpointList {
+	if x, ok := x.GetLbConfig().(*LocalityLbEndpoints_LoadBalancerEndpoints); ok {
+		return x.LoadBalancerEndpoints
+	}
+	return nil
+}
+
+func (x *LocalityLbEndpoints) GetLedsClusterLocalityConfig() *LedsClusterLocalityConfig {
+	if x, ok := x.GetLbConfig().(*LocalityLbEndpoints_LedsClusterLocalityConfig); ok {
+		return x.LedsClusterLocalityConfig
+	}
+	return nil
+}
+
+func (x *LocalityLbEndpoints) GetLoadBalancingWeight() *wrappers.UInt32Value {
+	if x != nil {
+		return x.LoadBalancingWeight
+	}
+	return nil
+}
+
+func (x *LocalityLbEndpoints) GetPriority() uint32 {
+	if x != nil {
+		return x.Priority
+	}
+	return 0
+}
+
+func (x *LocalityLbEndpoints) GetProximity() *wrappers.UInt32Value {
+	if x != nil {
+		return x.Proximity
+	}
+	return nil
+}
+
+type isLocalityLbEndpoints_LbConfig interface {
+	isLocalityLbEndpoints_LbConfig()
+}
+
+type LocalityLbEndpoints_LoadBalancerEndpoints struct {
+	// The group of endpoints belonging to the locality.
+	// [#comment:TODO(adisuissa): Once LEDS is implemented the *lb_endpoints* field
+	// needs to be deprecated.]
+	LoadBalancerEndpoints *LocalityLbEndpoints_LbEndpointList `protobuf:"bytes,7,opt,name=load_balancer_endpoints,json=loadBalancerEndpoints,proto3,oneof"`
+}
+
+type LocalityLbEndpoints_LedsClusterLocalityConfig struct {
+	// LEDS Configuration for the current locality.
+	LedsClusterLocalityConfig *LedsClusterLocalityConfig `protobuf:"bytes,8,opt,name=leds_cluster_locality_config,json=ledsClusterLocalityConfig,proto3,oneof"`
+}
+
+func (*LocalityLbEndpoints_LoadBalancerEndpoints) isLocalityLbEndpoints_LbConfig() {}
+
+func (*LocalityLbEndpoints_LedsClusterLocalityConfig) isLocalityLbEndpoints_LbConfig() {}
+
+// The optional health check configuration.
+type Endpoint_HealthCheckConfig struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// Optional alternative health check port value.
+	//
+	// By default the health check address port of an upstream host is the same
+	// as the host's serving address port. This provides an alternative health
+	// check port. Setting this with a non-zero value allows an upstream host
+	// to have different health check address port.
+	PortValue uint32 `protobuf:"varint,1,opt,name=port_value,json=portValue,proto3" json:"port_value,omitempty"`
+	// By default, the host header for L7 health checks is controlled by cluster level configuration
+	// (see: :ref:`host <envoy_v3_api_field_config.core.v3.HealthCheck.HttpHealthCheck.host>` and
+	// :ref:`authority <envoy_v3_api_field_config.core.v3.HealthCheck.GrpcHealthCheck.authority>`). Setting this
+	// to a non-empty value allows overriding the cluster level configuration for a specific
+	// endpoint.
+	Hostname string `protobuf:"bytes,2,opt,name=hostname,proto3" json:"hostname,omitempty"`
+}
+
+func (x *Endpoint_HealthCheckConfig) Reset() {
+	*x = Endpoint_HealthCheckConfig{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_config_endpoint_v3_endpoint_components_proto_msgTypes[4]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *Endpoint_HealthCheckConfig) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*Endpoint_HealthCheckConfig) ProtoMessage() {}
+
+func (x *Endpoint_HealthCheckConfig) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_config_endpoint_v3_endpoint_components_proto_msgTypes[4]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use Endpoint_HealthCheckConfig.ProtoReflect.Descriptor instead.
+func (*Endpoint_HealthCheckConfig) Descriptor() ([]byte, []int) {
+	return file_envoy_config_endpoint_v3_endpoint_components_proto_rawDescGZIP(), []int{0, 0}
+}
+
+func (x *Endpoint_HealthCheckConfig) GetPortValue() uint32 {
+	if x != nil {
+		return x.PortValue
+	}
+	return 0
+}
+
+func (x *Endpoint_HealthCheckConfig) GetHostname() string {
+	if x != nil {
+		return x.Hostname
+	}
+	return ""
+}
+
+// [#not-implemented-hide:]
+// A list of endpoints of a specific locality.
+type LocalityLbEndpoints_LbEndpointList struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	LbEndpoints []*LbEndpoint `protobuf:"bytes,1,rep,name=lb_endpoints,json=lbEndpoints,proto3" json:"lb_endpoints,omitempty"`
+}
+
+func (x *LocalityLbEndpoints_LbEndpointList) Reset() {
+	*x = LocalityLbEndpoints_LbEndpointList{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_config_endpoint_v3_endpoint_components_proto_msgTypes[5]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *LocalityLbEndpoints_LbEndpointList) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*LocalityLbEndpoints_LbEndpointList) ProtoMessage() {}
+
+func (x *LocalityLbEndpoints_LbEndpointList) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_config_endpoint_v3_endpoint_components_proto_msgTypes[5]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use LocalityLbEndpoints_LbEndpointList.ProtoReflect.Descriptor instead.
+func (*LocalityLbEndpoints_LbEndpointList) Descriptor() ([]byte, []int) {
+	return file_envoy_config_endpoint_v3_endpoint_components_proto_rawDescGZIP(), []int{3, 0}
+}
+
+func (x *LocalityLbEndpoints_LbEndpointList) GetLbEndpoints() []*LbEndpoint {
+	if x != nil {
+		return x.LbEndpoints
+	}
+	return nil
+}
+
+var File_envoy_config_endpoint_v3_endpoint_components_proto protoreflect.FileDescriptor
+
+var file_envoy_config_endpoint_v3_endpoint_components_proto_rawDesc = []byte{
+	0x0a, 0x32, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2f, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2f, 0x65,
+	0x6e, 0x64, 0x70, 0x6f, 0x69, 0x6e, 0x74, 0x2f, 0x76, 0x33, 0x2f, 0x65, 0x6e, 0x64, 0x70, 0x6f,
+	0x69, 0x6e, 0x74, 0x5f, 0x63, 0x6f, 0x6d, 0x70, 0x6f, 0x6e, 0x65, 0x6e, 0x74, 0x73, 0x2e, 0x70,
+	0x72, 0x6f, 0x74, 0x6f, 0x12, 0x18, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66,
+	0x69, 0x67, 0x2e, 0x65, 0x6e, 0x64, 0x70, 0x6f, 0x69, 0x6e, 0x74, 0x2e, 0x76, 0x33, 0x1a, 0x22,
+	0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2f, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2f, 0x63, 0x6f, 0x72,
+	0x65, 0x2f, 0x76, 0x33, 0x2f, 0x61, 0x64, 0x64, 0x72, 0x65, 0x73, 0x73, 0x2e, 0x70, 0x72, 0x6f,
+	0x74, 0x6f, 0x1a, 0x1f, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2f, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67,
+	0x2f, 0x63, 0x6f, 0x72, 0x65, 0x2f, 0x76, 0x33, 0x2f, 0x62, 0x61, 0x73, 0x65, 0x2e, 0x70, 0x72,
+	0x6f, 0x74, 0x6f, 0x1a, 0x28, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2f, 0x63, 0x6f, 0x6e, 0x66, 0x69,
+	0x67, 0x2f, 0x63, 0x6f, 0x72, 0x65, 0x2f, 0x76, 0x33, 0x2f, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67,
+	0x5f, 0x73, 0x6f, 0x75, 0x72, 0x63, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x27, 0x65,
+	0x6e, 0x76, 0x6f, 0x79, 0x2f, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2f, 0x63, 0x6f, 0x72, 0x65,
+	0x2f, 0x76, 0x33, 0x2f, 0x68, 0x65, 0x61, 0x6c, 0x74, 0x68, 0x5f, 0x63, 0x68, 0x65, 0x63, 0x6b,
+	0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x1e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2f, 0x70,
+	0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2f, 0x77, 0x72, 0x61, 0x70, 0x70, 0x65, 0x72, 0x73,
+	0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x1d, 0x75, 0x64, 0x70, 0x61, 0x2f, 0x61, 0x6e, 0x6e,
+	0x6f, 0x74, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x2f, 0x73, 0x74, 0x61, 0x74, 0x75, 0x73, 0x2e,
+	0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x21, 0x75, 0x64, 0x70, 0x61, 0x2f, 0x61, 0x6e, 0x6e, 0x6f,
+	0x74, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x2f, 0x76, 0x65, 0x72, 0x73, 0x69, 0x6f, 0x6e, 0x69,
+	0x6e, 0x67, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x17, 0x76, 0x61, 0x6c, 0x69, 0x64, 0x61,
+	0x74, 0x65, 0x2f, 0x76, 0x61, 0x6c, 0x69, 0x64, 0x61, 0x74, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74,
+	0x6f, 0x22, 0x81, 0x03, 0x0a, 0x08, 0x45, 0x6e, 0x64, 0x70, 0x6f, 0x69, 0x6e, 0x74, 0x12, 0x37,
+	0x0a, 0x07, 0x61, 0x64, 0x64, 0x72, 0x65, 0x73, 0x73, 0x18, 0x01, 0x20, 0x01, 0x28, 0x0b, 0x32,
+	0x1d, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x63,
+	0x6f, 0x72, 0x65, 0x2e, 0x76, 0x33, 0x2e, 0x41, 0x64, 0x64, 0x72, 0x65, 0x73, 0x73, 0x52, 0x07,
+	0x61, 0x64, 0x64, 0x72, 0x65, 0x73, 0x73, 0x12, 0x64, 0x0a, 0x13, 0x68, 0x65, 0x61, 0x6c, 0x74,
+	0x68, 0x5f, 0x63, 0x68, 0x65, 0x63, 0x6b, 0x5f, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x18, 0x02,
+	0x20, 0x01, 0x28, 0x0b, 0x32, 0x34, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e,
+	0x66, 0x69, 0x67, 0x2e, 0x65, 0x6e, 0x64, 0x70, 0x6f, 0x69, 0x6e, 0x74, 0x2e, 0x76, 0x33, 0x2e,
+	0x45, 0x6e, 0x64, 0x70, 0x6f, 0x69, 0x6e, 0x74, 0x2e, 0x48, 0x65, 0x61, 0x6c, 0x74, 0x68, 0x43,
+	0x68, 0x65, 0x63, 0x6b, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x52, 0x11, 0x68, 0x65, 0x61, 0x6c,
+	0x74, 0x68, 0x43, 0x68, 0x65, 0x63, 0x6b, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x12, 0x1a, 0x0a,
+	0x08, 0x68, 0x6f, 0x73, 0x74, 0x6e, 0x61, 0x6d, 0x65, 0x18, 0x03, 0x20, 0x01, 0x28, 0x09, 0x52,
+	0x08, 0x68, 0x6f, 0x73, 0x74, 0x6e, 0x61, 0x6d, 0x65, 0x1a, 0x92, 0x01, 0x0a, 0x11, 0x48, 0x65,
+	0x61, 0x6c, 0x74, 0x68, 0x43, 0x68, 0x65, 0x63, 0x6b, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x12,
+	0x28, 0x0a, 0x0a, 0x70, 0x6f, 0x72, 0x74, 0x5f, 0x76, 0x61, 0x6c, 0x75, 0x65, 0x18, 0x01, 0x20,
+	0x01, 0x28, 0x0d, 0x42, 0x09, 0xfa, 0x42, 0x06, 0x2a, 0x04, 0x18, 0xff, 0xff, 0x03, 0x52, 0x09,
+	0x70, 0x6f, 0x72, 0x74, 0x56, 0x61, 0x6c, 0x75, 0x65, 0x12, 0x1a, 0x0a, 0x08, 0x68, 0x6f, 0x73,
+	0x74, 0x6e, 0x61, 0x6d, 0x65, 0x18, 0x02, 0x20, 0x01, 0x28, 0x09, 0x52, 0x08, 0x68, 0x6f, 0x73,
+	0x74, 0x6e, 0x61, 0x6d, 0x65, 0x3a, 0x37, 0x9a, 0xc5, 0x88, 0x1e, 0x32, 0x0a, 0x30, 0x65, 0x6e,
+	0x76, 0x6f, 0x79, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x76, 0x32, 0x2e, 0x65, 0x6e, 0x64, 0x70, 0x6f,
+	0x69, 0x6e, 0x74, 0x2e, 0x45, 0x6e, 0x64, 0x70, 0x6f, 0x69, 0x6e, 0x74, 0x2e, 0x48, 0x65, 0x61,
+	0x6c, 0x74, 0x68, 0x43, 0x68, 0x65, 0x63, 0x6b, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x3a, 0x25,
+	0x9a, 0xc5, 0x88, 0x1e, 0x20, 0x0a, 0x1e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61, 0x70, 0x69,
+	0x2e, 0x76, 0x32, 0x2e, 0x65, 0x6e, 0x64, 0x70, 0x6f, 0x69, 0x6e, 0x74, 0x2e, 0x45, 0x6e, 0x64,
+	0x70, 0x6f, 0x69, 0x6e, 0x74, 0x22, 0x91, 0x03, 0x0a, 0x0a, 0x4c, 0x62, 0x45, 0x6e, 0x64, 0x70,
+	0x6f, 0x69, 0x6e, 0x74, 0x12, 0x40, 0x0a, 0x08, 0x65, 0x6e, 0x64, 0x70, 0x6f, 0x69, 0x6e, 0x74,
+	0x18, 0x01, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x22, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63,
+	0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x65, 0x6e, 0x64, 0x70, 0x6f, 0x69, 0x6e, 0x74, 0x2e, 0x76,
+	0x33, 0x2e, 0x45, 0x6e, 0x64, 0x70, 0x6f, 0x69, 0x6e, 0x74, 0x48, 0x00, 0x52, 0x08, 0x65, 0x6e,
+	0x64, 0x70, 0x6f, 0x69, 0x6e, 0x74, 0x12, 0x25, 0x0a, 0x0d, 0x65, 0x6e, 0x64, 0x70, 0x6f, 0x69,
+	0x6e, 0x74, 0x5f, 0x6e, 0x61, 0x6d, 0x65, 0x18, 0x05, 0x20, 0x01, 0x28, 0x09, 0x48, 0x00, 0x52,
+	0x0c, 0x65, 0x6e, 0x64, 0x70, 0x6f, 0x69, 0x6e, 0x74, 0x4e, 0x61, 0x6d, 0x65, 0x12, 0x47, 0x0a,
+	0x0d, 0x68, 0x65, 0x61, 0x6c, 0x74, 0x68, 0x5f, 0x73, 0x74, 0x61, 0x74, 0x75, 0x73, 0x18, 0x02,
+	0x20, 0x01, 0x28, 0x0e, 0x32, 0x22, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e,
+	0x66, 0x69, 0x67, 0x2e, 0x63, 0x6f, 0x72, 0x65, 0x2e, 0x76, 0x33, 0x2e, 0x48, 0x65, 0x61, 0x6c,
+	0x74, 0x68, 0x53, 0x74, 0x61, 0x74, 0x75, 0x73, 0x52, 0x0c, 0x68, 0x65, 0x61, 0x6c, 0x74, 0x68,
+	0x53, 0x74, 0x61, 0x74, 0x75, 0x73, 0x12, 0x3a, 0x0a, 0x08, 0x6d, 0x65, 0x74, 0x61, 0x64, 0x61,
+	0x74, 0x61, 0x18, 0x03, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1e, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79,
+	0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x63, 0x6f, 0x72, 0x65, 0x2e, 0x76, 0x33, 0x2e,
+	0x4d, 0x65, 0x74, 0x61, 0x64, 0x61, 0x74, 0x61, 0x52, 0x08, 0x6d, 0x65, 0x74, 0x61, 0x64, 0x61,
+	0x74, 0x61, 0x12, 0x59, 0x0a, 0x15, 0x6c, 0x6f, 0x61, 0x64, 0x5f, 0x62, 0x61, 0x6c, 0x61, 0x6e,
+	0x63, 0x69, 0x6e, 0x67, 0x5f, 0x77, 0x65, 0x69, 0x67, 0x68, 0x74, 0x18, 0x04, 0x20, 0x01, 0x28,
+	0x0b, 0x32, 0x1c, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f,
+	0x62, 0x75, 0x66, 0x2e, 0x55, 0x49, 0x6e, 0x74, 0x33, 0x32, 0x56, 0x61, 0x6c, 0x75, 0x65, 0x42,
+	0x07, 0xfa, 0x42, 0x04, 0x2a, 0x02, 0x28, 0x01, 0x52, 0x13, 0x6c, 0x6f, 0x61, 0x64, 0x42, 0x61,
+	0x6c, 0x61, 0x6e, 0x63, 0x69, 0x6e, 0x67, 0x57, 0x65, 0x69, 0x67, 0x68, 0x74, 0x3a, 0x27, 0x9a,
+	0xc5, 0x88, 0x1e, 0x22, 0x0a, 0x20, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61, 0x70, 0x69, 0x2e,
+	0x76, 0x32, 0x2e, 0x65, 0x6e, 0x64, 0x70, 0x6f, 0x69, 0x6e, 0x74, 0x2e, 0x4c, 0x62, 0x45, 0x6e,
+	0x64, 0x70, 0x6f, 0x69, 0x6e, 0x74, 0x42, 0x11, 0x0a, 0x0f, 0x68, 0x6f, 0x73, 0x74, 0x5f, 0x69,
+	0x64, 0x65, 0x6e, 0x74, 0x69, 0x66, 0x69, 0x65, 0x72, 0x22, 0x92, 0x01, 0x0a, 0x19, 0x4c, 0x65,
+	0x64, 0x73, 0x43, 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0x4c, 0x6f, 0x63, 0x61, 0x6c, 0x69, 0x74,
+	0x79, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x12, 0x43, 0x0a, 0x0b, 0x6c, 0x65, 0x64, 0x73, 0x5f,
+	0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x18, 0x01, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x22, 0x2e, 0x65,
+	0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x63, 0x6f, 0x72, 0x65,
+	0x2e, 0x76, 0x33, 0x2e, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x53, 0x6f, 0x75, 0x72, 0x63, 0x65,
+	0x52, 0x0a, 0x6c, 0x65, 0x64, 0x73, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x12, 0x30, 0x0a, 0x14,
+	0x6c, 0x65, 0x64, 0x73, 0x5f, 0x63, 0x6f, 0x6c, 0x6c, 0x65, 0x63, 0x74, 0x69, 0x6f, 0x6e, 0x5f,
+	0x6e, 0x61, 0x6d, 0x65, 0x18, 0x02, 0x20, 0x01, 0x28, 0x09, 0x52, 0x12, 0x6c, 0x65, 0x64, 0x73,
+	0x43, 0x6f, 0x6c, 0x6c, 0x65, 0x63, 0x74, 0x69, 0x6f, 0x6e, 0x4e, 0x61, 0x6d, 0x65, 0x22, 0xe1,
+	0x05, 0x0a, 0x13, 0x4c, 0x6f, 0x63, 0x61, 0x6c, 0x69, 0x74, 0x79, 0x4c, 0x62, 0x45, 0x6e, 0x64,
+	0x70, 0x6f, 0x69, 0x6e, 0x74, 0x73, 0x12, 0x3a, 0x0a, 0x08, 0x6c, 0x6f, 0x63, 0x61, 0x6c, 0x69,
+	0x74, 0x79, 0x18, 0x01, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1e, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79,
+	0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x63, 0x6f, 0x72, 0x65, 0x2e, 0x76, 0x33, 0x2e,
+	0x4c, 0x6f, 0x63, 0x61, 0x6c, 0x69, 0x74, 0x79, 0x52, 0x08, 0x6c, 0x6f, 0x63, 0x61, 0x6c, 0x69,
+	0x74, 0x79, 0x12, 0x47, 0x0a, 0x0c, 0x6c, 0x62, 0x5f, 0x65, 0x6e, 0x64, 0x70, 0x6f, 0x69, 0x6e,
+	0x74, 0x73, 0x18, 0x02, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x24, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79,
+	0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x65, 0x6e, 0x64, 0x70, 0x6f, 0x69, 0x6e, 0x74,
+	0x2e, 0x76, 0x33, 0x2e, 0x4c, 0x62, 0x45, 0x6e, 0x64, 0x70, 0x6f, 0x69, 0x6e, 0x74, 0x52, 0x0b,
+	0x6c, 0x62, 0x45, 0x6e, 0x64, 0x70, 0x6f, 0x69, 0x6e, 0x74, 0x73, 0x12, 0x76, 0x0a, 0x17, 0x6c,
+	0x6f, 0x61, 0x64, 0x5f, 0x62, 0x61, 0x6c, 0x61, 0x6e, 0x63, 0x65, 0x72, 0x5f, 0x65, 0x6e, 0x64,
+	0x70, 0x6f, 0x69, 0x6e, 0x74, 0x73, 0x18, 0x07, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x3c, 0x2e, 0x65,
+	0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x65, 0x6e, 0x64, 0x70,
+	0x6f, 0x69, 0x6e, 0x74, 0x2e, 0x76, 0x33, 0x2e, 0x4c, 0x6f, 0x63, 0x61, 0x6c, 0x69, 0x74, 0x79,
+	0x4c, 0x62, 0x45, 0x6e, 0x64, 0x70, 0x6f, 0x69, 0x6e, 0x74, 0x73, 0x2e, 0x4c, 0x62, 0x45, 0x6e,
+	0x64, 0x70, 0x6f, 0x69, 0x6e, 0x74, 0x4c, 0x69, 0x73, 0x74, 0x48, 0x00, 0x52, 0x15, 0x6c, 0x6f,
+	0x61, 0x64, 0x42, 0x61, 0x6c, 0x61, 0x6e, 0x63, 0x65, 0x72, 0x45, 0x6e, 0x64, 0x70, 0x6f, 0x69,
+	0x6e, 0x74, 0x73, 0x12, 0x76, 0x0a, 0x1c, 0x6c, 0x65, 0x64, 0x73, 0x5f, 0x63, 0x6c, 0x75, 0x73,
+	0x74, 0x65, 0x72, 0x5f, 0x6c, 0x6f, 0x63, 0x61, 0x6c, 0x69, 0x74, 0x79, 0x5f, 0x63, 0x6f, 0x6e,
+	0x66, 0x69, 0x67, 0x18, 0x08, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x33, 0x2e, 0x65, 0x6e, 0x76, 0x6f,
+	0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x65, 0x6e, 0x64, 0x70, 0x6f, 0x69, 0x6e,
+	0x74, 0x2e, 0x76, 0x33, 0x2e, 0x4c, 0x65, 0x64, 0x73, 0x43, 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72,
+	0x4c, 0x6f, 0x63, 0x61, 0x6c, 0x69, 0x74, 0x79, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x48, 0x00,
+	0x52, 0x19, 0x6c, 0x65, 0x64, 0x73, 0x43, 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0x4c, 0x6f, 0x63,
+	0x61, 0x6c, 0x69, 0x74, 0x79, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x12, 0x59, 0x0a, 0x15, 0x6c,
+	0x6f, 0x61, 0x64, 0x5f, 0x62, 0x61, 0x6c, 0x61, 0x6e, 0x63, 0x69, 0x6e, 0x67, 0x5f, 0x77, 0x65,
+	0x69, 0x67, 0x68, 0x74, 0x18, 0x03, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1c, 0x2e, 0x67, 0x6f, 0x6f,
+	0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x55, 0x49, 0x6e,
+	0x74, 0x33, 0x32, 0x56, 0x61, 0x6c, 0x75, 0x65, 0x42, 0x07, 0xfa, 0x42, 0x04, 0x2a, 0x02, 0x28,
+	0x01, 0x52, 0x13, 0x6c, 0x6f, 0x61, 0x64, 0x42, 0x61, 0x6c, 0x61, 0x6e, 0x63, 0x69, 0x6e, 0x67,
+	0x57, 0x65, 0x69, 0x67, 0x68, 0x74, 0x12, 0x24, 0x0a, 0x08, 0x70, 0x72, 0x69, 0x6f, 0x72, 0x69,
+	0x74, 0x79, 0x18, 0x05, 0x20, 0x01, 0x28, 0x0d, 0x42, 0x08, 0xfa, 0x42, 0x05, 0x2a, 0x03, 0x18,
+	0x80, 0x01, 0x52, 0x08, 0x70, 0x72, 0x69, 0x6f, 0x72, 0x69, 0x74, 0x79, 0x12, 0x3a, 0x0a, 0x09,
+	0x70, 0x72, 0x6f, 0x78, 0x69, 0x6d, 0x69, 0x74, 0x79, 0x18, 0x06, 0x20, 0x01, 0x28, 0x0b, 0x32,
+	0x1c, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75,
+	0x66, 0x2e, 0x55, 0x49, 0x6e, 0x74, 0x33, 0x32, 0x56, 0x61, 0x6c, 0x75, 0x65, 0x52, 0x09, 0x70,
+	0x72, 0x6f, 0x78, 0x69, 0x6d, 0x69, 0x74, 0x79, 0x1a, 0x59, 0x0a, 0x0e, 0x4c, 0x62, 0x45, 0x6e,
+	0x64, 0x70, 0x6f, 0x69, 0x6e, 0x74, 0x4c, 0x69, 0x73, 0x74, 0x12, 0x47, 0x0a, 0x0c, 0x6c, 0x62,
+	0x5f, 0x65, 0x6e, 0x64, 0x70, 0x6f, 0x69, 0x6e, 0x74, 0x73, 0x18, 0x01, 0x20, 0x03, 0x28, 0x0b,
+	0x32, 0x24, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e,
+	0x65, 0x6e, 0x64, 0x70, 0x6f, 0x69, 0x6e, 0x74, 0x2e, 0x76, 0x33, 0x2e, 0x4c, 0x62, 0x45, 0x6e,
+	0x64, 0x70, 0x6f, 0x69, 0x6e, 0x74, 0x52, 0x0b, 0x6c, 0x62, 0x45, 0x6e, 0x64, 0x70, 0x6f, 0x69,
+	0x6e, 0x74, 0x73, 0x3a, 0x30, 0x9a, 0xc5, 0x88, 0x1e, 0x2b, 0x0a, 0x29, 0x65, 0x6e, 0x76, 0x6f,
+	0x79, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x76, 0x32, 0x2e, 0x65, 0x6e, 0x64, 0x70, 0x6f, 0x69, 0x6e,
+	0x74, 0x2e, 0x4c, 0x6f, 0x63, 0x61, 0x6c, 0x69, 0x74, 0x79, 0x4c, 0x62, 0x45, 0x6e, 0x64, 0x70,
+	0x6f, 0x69, 0x6e, 0x74, 0x73, 0x42, 0x0b, 0x0a, 0x09, 0x6c, 0x62, 0x5f, 0x63, 0x6f, 0x6e, 0x66,
+	0x69, 0x67, 0x42, 0x4b, 0x0a, 0x26, 0x69, 0x6f, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x70, 0x72,
+	0x6f, 0x78, 0x79, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67,
+	0x2e, 0x65, 0x6e, 0x64, 0x70, 0x6f, 0x69, 0x6e, 0x74, 0x2e, 0x76, 0x33, 0x42, 0x17, 0x45, 0x6e,
+	0x64, 0x70, 0x6f, 0x69, 0x6e, 0x74, 0x43, 0x6f, 0x6d, 0x70, 0x6f, 0x6e, 0x65, 0x6e, 0x74, 0x73,
+	0x50, 0x72, 0x6f, 0x74, 0x6f, 0x50, 0x01, 0xba, 0x80, 0xc8, 0xd1, 0x06, 0x02, 0x10, 0x02, 0x62,
+	0x06, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x33,
+}
+
+var (
+	file_envoy_config_endpoint_v3_endpoint_components_proto_rawDescOnce sync.Once
+	file_envoy_config_endpoint_v3_endpoint_components_proto_rawDescData = file_envoy_config_endpoint_v3_endpoint_components_proto_rawDesc
+)
+
+func file_envoy_config_endpoint_v3_endpoint_components_proto_rawDescGZIP() []byte {
+	file_envoy_config_endpoint_v3_endpoint_components_proto_rawDescOnce.Do(func() {
+		file_envoy_config_endpoint_v3_endpoint_components_proto_rawDescData = protoimpl.X.CompressGZIP(file_envoy_config_endpoint_v3_endpoint_components_proto_rawDescData)
+	})
+	return file_envoy_config_endpoint_v3_endpoint_components_proto_rawDescData
+}
+
+var file_envoy_config_endpoint_v3_endpoint_components_proto_msgTypes = make([]protoimpl.MessageInfo, 6)
+var file_envoy_config_endpoint_v3_endpoint_components_proto_goTypes = []interface{}{
+	(*Endpoint)(nil),                           // 0: envoy.config.endpoint.v3.Endpoint
+	(*LbEndpoint)(nil),                         // 1: envoy.config.endpoint.v3.LbEndpoint
+	(*LedsClusterLocalityConfig)(nil),          // 2: envoy.config.endpoint.v3.LedsClusterLocalityConfig
+	(*LocalityLbEndpoints)(nil),                // 3: envoy.config.endpoint.v3.LocalityLbEndpoints
+	(*Endpoint_HealthCheckConfig)(nil),         // 4: envoy.config.endpoint.v3.Endpoint.HealthCheckConfig
+	(*LocalityLbEndpoints_LbEndpointList)(nil), // 5: envoy.config.endpoint.v3.LocalityLbEndpoints.LbEndpointList
+	(*v3.Address)(nil),                         // 6: envoy.config.core.v3.Address
+	(v3.HealthStatus)(0),                       // 7: envoy.config.core.v3.HealthStatus
+	(*v3.Metadata)(nil),                        // 8: envoy.config.core.v3.Metadata
+	(*wrappers.UInt32Value)(nil),               // 9: google.protobuf.UInt32Value
+	(*v3.ConfigSource)(nil),                    // 10: envoy.config.core.v3.ConfigSource
+	(*v3.Locality)(nil),                        // 11: envoy.config.core.v3.Locality
+}
+var file_envoy_config_endpoint_v3_endpoint_components_proto_depIdxs = []int32{
+	6,  // 0: envoy.config.endpoint.v3.Endpoint.address:type_name -> envoy.config.core.v3.Address
+	4,  // 1: envoy.config.endpoint.v3.Endpoint.health_check_config:type_name -> envoy.config.endpoint.v3.Endpoint.HealthCheckConfig
+	0,  // 2: envoy.config.endpoint.v3.LbEndpoint.endpoint:type_name -> envoy.config.endpoint.v3.Endpoint
+	7,  // 3: envoy.config.endpoint.v3.LbEndpoint.health_status:type_name -> envoy.config.core.v3.HealthStatus
+	8,  // 4: envoy.config.endpoint.v3.LbEndpoint.metadata:type_name -> envoy.config.core.v3.Metadata
+	9,  // 5: envoy.config.endpoint.v3.LbEndpoint.load_balancing_weight:type_name -> google.protobuf.UInt32Value
+	10, // 6: envoy.config.endpoint.v3.LedsClusterLocalityConfig.leds_config:type_name -> envoy.config.core.v3.ConfigSource
+	11, // 7: envoy.config.endpoint.v3.LocalityLbEndpoints.locality:type_name -> envoy.config.core.v3.Locality
+	1,  // 8: envoy.config.endpoint.v3.LocalityLbEndpoints.lb_endpoints:type_name -> envoy.config.endpoint.v3.LbEndpoint
+	5,  // 9: envoy.config.endpoint.v3.LocalityLbEndpoints.load_balancer_endpoints:type_name -> envoy.config.endpoint.v3.LocalityLbEndpoints.LbEndpointList
+	2,  // 10: envoy.config.endpoint.v3.LocalityLbEndpoints.leds_cluster_locality_config:type_name -> envoy.config.endpoint.v3.LedsClusterLocalityConfig
+	9,  // 11: envoy.config.endpoint.v3.LocalityLbEndpoints.load_balancing_weight:type_name -> google.protobuf.UInt32Value
+	9,  // 12: envoy.config.endpoint.v3.LocalityLbEndpoints.proximity:type_name -> google.protobuf.UInt32Value
+	1,  // 13: envoy.config.endpoint.v3.LocalityLbEndpoints.LbEndpointList.lb_endpoints:type_name -> envoy.config.endpoint.v3.LbEndpoint
+	14, // [14:14] is the sub-list for method output_type
+	14, // [14:14] is the sub-list for method input_type
+	14, // [14:14] is the sub-list for extension type_name
+	14, // [14:14] is the sub-list for extension extendee
+	0,  // [0:14] is the sub-list for field type_name
+}
+
+func init() { file_envoy_config_endpoint_v3_endpoint_components_proto_init() }
+func file_envoy_config_endpoint_v3_endpoint_components_proto_init() {
+	if File_envoy_config_endpoint_v3_endpoint_components_proto != nil {
+		return
+	}
+	if !protoimpl.UnsafeEnabled {
+		file_envoy_config_endpoint_v3_endpoint_components_proto_msgTypes[0].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*Endpoint); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_config_endpoint_v3_endpoint_components_proto_msgTypes[1].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*LbEndpoint); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_config_endpoint_v3_endpoint_components_proto_msgTypes[2].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*LedsClusterLocalityConfig); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_config_endpoint_v3_endpoint_components_proto_msgTypes[3].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*LocalityLbEndpoints); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_config_endpoint_v3_endpoint_components_proto_msgTypes[4].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*Endpoint_HealthCheckConfig); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_config_endpoint_v3_endpoint_components_proto_msgTypes[5].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*LocalityLbEndpoints_LbEndpointList); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+	}
+	file_envoy_config_endpoint_v3_endpoint_components_proto_msgTypes[1].OneofWrappers = []interface{}{
+		(*LbEndpoint_Endpoint)(nil),
+		(*LbEndpoint_EndpointName)(nil),
+	}
+	file_envoy_config_endpoint_v3_endpoint_components_proto_msgTypes[3].OneofWrappers = []interface{}{
+		(*LocalityLbEndpoints_LoadBalancerEndpoints)(nil),
+		(*LocalityLbEndpoints_LedsClusterLocalityConfig)(nil),
+	}
+	type x struct{}
+	out := protoimpl.TypeBuilder{
+		File: protoimpl.DescBuilder{
+			GoPackagePath: reflect.TypeOf(x{}).PkgPath(),
+			RawDescriptor: file_envoy_config_endpoint_v3_endpoint_components_proto_rawDesc,
+			NumEnums:      0,
+			NumMessages:   6,
+			NumExtensions: 0,
+			NumServices:   0,
+		},
+		GoTypes:           file_envoy_config_endpoint_v3_endpoint_components_proto_goTypes,
+		DependencyIndexes: file_envoy_config_endpoint_v3_endpoint_components_proto_depIdxs,
+		MessageInfos:      file_envoy_config_endpoint_v3_endpoint_components_proto_msgTypes,
+	}.Build()
+	File_envoy_config_endpoint_v3_endpoint_components_proto = out.File
+	file_envoy_config_endpoint_v3_endpoint_components_proto_rawDesc = nil
+	file_envoy_config_endpoint_v3_endpoint_components_proto_goTypes = nil
+	file_envoy_config_endpoint_v3_endpoint_components_proto_depIdxs = nil
+}
diff --git a/vendor/github.com/envoyproxy/go-control-plane/envoy/config/endpoint/v3/endpoint_components.pb.validate.go b/vendor/github.com/envoyproxy/go-control-plane/envoy/config/endpoint/v3/endpoint_components.pb.validate.go
new file mode 100644
index 00000000000..45cde65979a
--- /dev/null
+++ b/vendor/github.com/envoyproxy/go-control-plane/envoy/config/endpoint/v3/endpoint_components.pb.validate.go
@@ -0,0 +1,1049 @@
+// Code generated by protoc-gen-validate. DO NOT EDIT.
+// source: envoy/config/endpoint/v3/endpoint_components.proto
+
+package envoy_config_endpoint_v3
+
+import (
+	"bytes"
+	"errors"
+	"fmt"
+	"net"
+	"net/mail"
+	"net/url"
+	"regexp"
+	"sort"
+	"strings"
+	"time"
+	"unicode/utf8"
+
+	"google.golang.org/protobuf/types/known/anypb"
+
+	v3 "github.com/envoyproxy/go-control-plane/envoy/config/core/v3"
+)
+
+// ensure the imports are used
+var (
+	_ = bytes.MinRead
+	_ = errors.New("")
+	_ = fmt.Print
+	_ = utf8.UTFMax
+	_ = (*regexp.Regexp)(nil)
+	_ = (*strings.Reader)(nil)
+	_ = net.IPv4len
+	_ = time.Duration(0)
+	_ = (*url.URL)(nil)
+	_ = (*mail.Address)(nil)
+	_ = anypb.Any{}
+	_ = sort.Sort
+
+	_ = v3.HealthStatus(0)
+)
+
+// Validate checks the field values on Endpoint with the rules defined in the
+// proto definition for this message. If any rules are violated, the first
+// error encountered is returned, or nil if there are no violations.
+func (m *Endpoint) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on Endpoint with the rules defined in
+// the proto definition for this message. If any rules are violated, the
+// result is a list of violation errors wrapped in EndpointMultiError, or nil
+// if none found.
+func (m *Endpoint) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *Endpoint) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	if all {
+		switch v := interface{}(m.GetAddress()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, EndpointValidationError{
+					field:  "Address",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, EndpointValidationError{
+					field:  "Address",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetAddress()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return EndpointValidationError{
+				field:  "Address",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if all {
+		switch v := interface{}(m.GetHealthCheckConfig()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, EndpointValidationError{
+					field:  "HealthCheckConfig",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, EndpointValidationError{
+					field:  "HealthCheckConfig",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetHealthCheckConfig()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return EndpointValidationError{
+				field:  "HealthCheckConfig",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	// no validation rules for Hostname
+
+	if len(errors) > 0 {
+		return EndpointMultiError(errors)
+	}
+	return nil
+}
+
+// EndpointMultiError is an error wrapping multiple validation errors returned
+// by Endpoint.ValidateAll() if the designated constraints aren't met.
+type EndpointMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m EndpointMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m EndpointMultiError) AllErrors() []error { return m }
+
+// EndpointValidationError is the validation error returned by
+// Endpoint.Validate if the designated constraints aren't met.
+type EndpointValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e EndpointValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e EndpointValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e EndpointValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e EndpointValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e EndpointValidationError) ErrorName() string { return "EndpointValidationError" }
+
+// Error satisfies the builtin error interface
+func (e EndpointValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sEndpoint.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = EndpointValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = EndpointValidationError{}
+
+// Validate checks the field values on LbEndpoint with the rules defined in the
+// proto definition for this message. If any rules are violated, the first
+// error encountered is returned, or nil if there are no violations.
+func (m *LbEndpoint) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on LbEndpoint with the rules defined in
+// the proto definition for this message. If any rules are violated, the
+// result is a list of violation errors wrapped in LbEndpointMultiError, or
+// nil if none found.
+func (m *LbEndpoint) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *LbEndpoint) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	// no validation rules for HealthStatus
+
+	if all {
+		switch v := interface{}(m.GetMetadata()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, LbEndpointValidationError{
+					field:  "Metadata",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, LbEndpointValidationError{
+					field:  "Metadata",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetMetadata()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return LbEndpointValidationError{
+				field:  "Metadata",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if wrapper := m.GetLoadBalancingWeight(); wrapper != nil {
+
+		if wrapper.GetValue() < 1 {
+			err := LbEndpointValidationError{
+				field:  "LoadBalancingWeight",
+				reason: "value must be greater than or equal to 1",
+			}
+			if !all {
+				return err
+			}
+			errors = append(errors, err)
+		}
+
+	}
+
+	switch m.HostIdentifier.(type) {
+
+	case *LbEndpoint_Endpoint:
+
+		if all {
+			switch v := interface{}(m.GetEndpoint()).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, LbEndpointValidationError{
+						field:  "Endpoint",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, LbEndpointValidationError{
+						field:  "Endpoint",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(m.GetEndpoint()).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return LbEndpointValidationError{
+					field:  "Endpoint",
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	case *LbEndpoint_EndpointName:
+		// no validation rules for EndpointName
+
+	}
+
+	if len(errors) > 0 {
+		return LbEndpointMultiError(errors)
+	}
+	return nil
+}
+
+// LbEndpointMultiError is an error wrapping multiple validation errors
+// returned by LbEndpoint.ValidateAll() if the designated constraints aren't met.
+type LbEndpointMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m LbEndpointMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m LbEndpointMultiError) AllErrors() []error { return m }
+
+// LbEndpointValidationError is the validation error returned by
+// LbEndpoint.Validate if the designated constraints aren't met.
+type LbEndpointValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e LbEndpointValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e LbEndpointValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e LbEndpointValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e LbEndpointValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e LbEndpointValidationError) ErrorName() string { return "LbEndpointValidationError" }
+
+// Error satisfies the builtin error interface
+func (e LbEndpointValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sLbEndpoint.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = LbEndpointValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = LbEndpointValidationError{}
+
+// Validate checks the field values on LedsClusterLocalityConfig with the rules
+// defined in the proto definition for this message. If any rules are
+// violated, the first error encountered is returned, or nil if there are no violations.
+func (m *LedsClusterLocalityConfig) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on LedsClusterLocalityConfig with the
+// rules defined in the proto definition for this message. If any rules are
+// violated, the result is a list of violation errors wrapped in
+// LedsClusterLocalityConfigMultiError, or nil if none found.
+func (m *LedsClusterLocalityConfig) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *LedsClusterLocalityConfig) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	if all {
+		switch v := interface{}(m.GetLedsConfig()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, LedsClusterLocalityConfigValidationError{
+					field:  "LedsConfig",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, LedsClusterLocalityConfigValidationError{
+					field:  "LedsConfig",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetLedsConfig()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return LedsClusterLocalityConfigValidationError{
+				field:  "LedsConfig",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	// no validation rules for LedsCollectionName
+
+	if len(errors) > 0 {
+		return LedsClusterLocalityConfigMultiError(errors)
+	}
+	return nil
+}
+
+// LedsClusterLocalityConfigMultiError is an error wrapping multiple validation
+// errors returned by LedsClusterLocalityConfig.ValidateAll() if the
+// designated constraints aren't met.
+type LedsClusterLocalityConfigMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m LedsClusterLocalityConfigMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m LedsClusterLocalityConfigMultiError) AllErrors() []error { return m }
+
+// LedsClusterLocalityConfigValidationError is the validation error returned by
+// LedsClusterLocalityConfig.Validate if the designated constraints aren't met.
+type LedsClusterLocalityConfigValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e LedsClusterLocalityConfigValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e LedsClusterLocalityConfigValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e LedsClusterLocalityConfigValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e LedsClusterLocalityConfigValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e LedsClusterLocalityConfigValidationError) ErrorName() string {
+	return "LedsClusterLocalityConfigValidationError"
+}
+
+// Error satisfies the builtin error interface
+func (e LedsClusterLocalityConfigValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sLedsClusterLocalityConfig.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = LedsClusterLocalityConfigValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = LedsClusterLocalityConfigValidationError{}
+
+// Validate checks the field values on LocalityLbEndpoints with the rules
+// defined in the proto definition for this message. If any rules are
+// violated, the first error encountered is returned, or nil if there are no violations.
+func (m *LocalityLbEndpoints) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on LocalityLbEndpoints with the rules
+// defined in the proto definition for this message. If any rules are
+// violated, the result is a list of violation errors wrapped in
+// LocalityLbEndpointsMultiError, or nil if none found.
+func (m *LocalityLbEndpoints) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *LocalityLbEndpoints) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	if all {
+		switch v := interface{}(m.GetLocality()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, LocalityLbEndpointsValidationError{
+					field:  "Locality",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, LocalityLbEndpointsValidationError{
+					field:  "Locality",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetLocality()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return LocalityLbEndpointsValidationError{
+				field:  "Locality",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	for idx, item := range m.GetLbEndpoints() {
+		_, _ = idx, item
+
+		if all {
+			switch v := interface{}(item).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, LocalityLbEndpointsValidationError{
+						field:  fmt.Sprintf("LbEndpoints[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, LocalityLbEndpointsValidationError{
+						field:  fmt.Sprintf("LbEndpoints[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(item).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return LocalityLbEndpointsValidationError{
+					field:  fmt.Sprintf("LbEndpoints[%v]", idx),
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	}
+
+	if wrapper := m.GetLoadBalancingWeight(); wrapper != nil {
+
+		if wrapper.GetValue() < 1 {
+			err := LocalityLbEndpointsValidationError{
+				field:  "LoadBalancingWeight",
+				reason: "value must be greater than or equal to 1",
+			}
+			if !all {
+				return err
+			}
+			errors = append(errors, err)
+		}
+
+	}
+
+	if m.GetPriority() > 128 {
+		err := LocalityLbEndpointsValidationError{
+			field:  "Priority",
+			reason: "value must be less than or equal to 128",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+	}
+
+	if all {
+		switch v := interface{}(m.GetProximity()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, LocalityLbEndpointsValidationError{
+					field:  "Proximity",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, LocalityLbEndpointsValidationError{
+					field:  "Proximity",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetProximity()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return LocalityLbEndpointsValidationError{
+				field:  "Proximity",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	switch m.LbConfig.(type) {
+
+	case *LocalityLbEndpoints_LoadBalancerEndpoints:
+
+		if all {
+			switch v := interface{}(m.GetLoadBalancerEndpoints()).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, LocalityLbEndpointsValidationError{
+						field:  "LoadBalancerEndpoints",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, LocalityLbEndpointsValidationError{
+						field:  "LoadBalancerEndpoints",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(m.GetLoadBalancerEndpoints()).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return LocalityLbEndpointsValidationError{
+					field:  "LoadBalancerEndpoints",
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	case *LocalityLbEndpoints_LedsClusterLocalityConfig:
+
+		if all {
+			switch v := interface{}(m.GetLedsClusterLocalityConfig()).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, LocalityLbEndpointsValidationError{
+						field:  "LedsClusterLocalityConfig",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, LocalityLbEndpointsValidationError{
+						field:  "LedsClusterLocalityConfig",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(m.GetLedsClusterLocalityConfig()).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return LocalityLbEndpointsValidationError{
+					field:  "LedsClusterLocalityConfig",
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	}
+
+	if len(errors) > 0 {
+		return LocalityLbEndpointsMultiError(errors)
+	}
+	return nil
+}
+
+// LocalityLbEndpointsMultiError is an error wrapping multiple validation
+// errors returned by LocalityLbEndpoints.ValidateAll() if the designated
+// constraints aren't met.
+type LocalityLbEndpointsMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m LocalityLbEndpointsMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m LocalityLbEndpointsMultiError) AllErrors() []error { return m }
+
+// LocalityLbEndpointsValidationError is the validation error returned by
+// LocalityLbEndpoints.Validate if the designated constraints aren't met.
+type LocalityLbEndpointsValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e LocalityLbEndpointsValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e LocalityLbEndpointsValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e LocalityLbEndpointsValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e LocalityLbEndpointsValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e LocalityLbEndpointsValidationError) ErrorName() string {
+	return "LocalityLbEndpointsValidationError"
+}
+
+// Error satisfies the builtin error interface
+func (e LocalityLbEndpointsValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sLocalityLbEndpoints.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = LocalityLbEndpointsValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = LocalityLbEndpointsValidationError{}
+
+// Validate checks the field values on Endpoint_HealthCheckConfig with the
+// rules defined in the proto definition for this message. If any rules are
+// violated, the first error encountered is returned, or nil if there are no violations.
+func (m *Endpoint_HealthCheckConfig) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on Endpoint_HealthCheckConfig with the
+// rules defined in the proto definition for this message. If any rules are
+// violated, the result is a list of violation errors wrapped in
+// Endpoint_HealthCheckConfigMultiError, or nil if none found.
+func (m *Endpoint_HealthCheckConfig) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *Endpoint_HealthCheckConfig) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	if m.GetPortValue() > 65535 {
+		err := Endpoint_HealthCheckConfigValidationError{
+			field:  "PortValue",
+			reason: "value must be less than or equal to 65535",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+	}
+
+	// no validation rules for Hostname
+
+	if len(errors) > 0 {
+		return Endpoint_HealthCheckConfigMultiError(errors)
+	}
+	return nil
+}
+
+// Endpoint_HealthCheckConfigMultiError is an error wrapping multiple
+// validation errors returned by Endpoint_HealthCheckConfig.ValidateAll() if
+// the designated constraints aren't met.
+type Endpoint_HealthCheckConfigMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m Endpoint_HealthCheckConfigMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m Endpoint_HealthCheckConfigMultiError) AllErrors() []error { return m }
+
+// Endpoint_HealthCheckConfigValidationError is the validation error returned
+// by Endpoint_HealthCheckConfig.Validate if the designated constraints aren't met.
+type Endpoint_HealthCheckConfigValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e Endpoint_HealthCheckConfigValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e Endpoint_HealthCheckConfigValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e Endpoint_HealthCheckConfigValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e Endpoint_HealthCheckConfigValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e Endpoint_HealthCheckConfigValidationError) ErrorName() string {
+	return "Endpoint_HealthCheckConfigValidationError"
+}
+
+// Error satisfies the builtin error interface
+func (e Endpoint_HealthCheckConfigValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sEndpoint_HealthCheckConfig.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = Endpoint_HealthCheckConfigValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = Endpoint_HealthCheckConfigValidationError{}
+
+// Validate checks the field values on LocalityLbEndpoints_LbEndpointList with
+// the rules defined in the proto definition for this message. If any rules
+// are violated, the first error encountered is returned, or nil if there are
+// no violations.
+func (m *LocalityLbEndpoints_LbEndpointList) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on LocalityLbEndpoints_LbEndpointList
+// with the rules defined in the proto definition for this message. If any
+// rules are violated, the result is a list of violation errors wrapped in
+// LocalityLbEndpoints_LbEndpointListMultiError, or nil if none found.
+func (m *LocalityLbEndpoints_LbEndpointList) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *LocalityLbEndpoints_LbEndpointList) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	for idx, item := range m.GetLbEndpoints() {
+		_, _ = idx, item
+
+		if all {
+			switch v := interface{}(item).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, LocalityLbEndpoints_LbEndpointListValidationError{
+						field:  fmt.Sprintf("LbEndpoints[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, LocalityLbEndpoints_LbEndpointListValidationError{
+						field:  fmt.Sprintf("LbEndpoints[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(item).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return LocalityLbEndpoints_LbEndpointListValidationError{
+					field:  fmt.Sprintf("LbEndpoints[%v]", idx),
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	}
+
+	if len(errors) > 0 {
+		return LocalityLbEndpoints_LbEndpointListMultiError(errors)
+	}
+	return nil
+}
+
+// LocalityLbEndpoints_LbEndpointListMultiError is an error wrapping multiple
+// validation errors returned by
+// LocalityLbEndpoints_LbEndpointList.ValidateAll() if the designated
+// constraints aren't met.
+type LocalityLbEndpoints_LbEndpointListMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m LocalityLbEndpoints_LbEndpointListMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m LocalityLbEndpoints_LbEndpointListMultiError) AllErrors() []error { return m }
+
+// LocalityLbEndpoints_LbEndpointListValidationError is the validation error
+// returned by LocalityLbEndpoints_LbEndpointList.Validate if the designated
+// constraints aren't met.
+type LocalityLbEndpoints_LbEndpointListValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e LocalityLbEndpoints_LbEndpointListValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e LocalityLbEndpoints_LbEndpointListValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e LocalityLbEndpoints_LbEndpointListValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e LocalityLbEndpoints_LbEndpointListValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e LocalityLbEndpoints_LbEndpointListValidationError) ErrorName() string {
+	return "LocalityLbEndpoints_LbEndpointListValidationError"
+}
+
+// Error satisfies the builtin error interface
+func (e LocalityLbEndpoints_LbEndpointListValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sLocalityLbEndpoints_LbEndpointList.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = LocalityLbEndpoints_LbEndpointListValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = LocalityLbEndpoints_LbEndpointListValidationError{}
diff --git a/vendor/github.com/envoyproxy/go-control-plane/envoy/config/endpoint/v3/load_report.pb.go b/vendor/github.com/envoyproxy/go-control-plane/envoy/config/endpoint/v3/load_report.pb.go
new file mode 100644
index 00000000000..43543fa9ce4
--- /dev/null
+++ b/vendor/github.com/envoyproxy/go-control-plane/envoy/config/endpoint/v3/load_report.pb.go
@@ -0,0 +1,784 @@
+// Code generated by protoc-gen-go. DO NOT EDIT.
+// versions:
+// 	protoc-gen-go v1.25.0
+// 	protoc        v3.19.1
+// source: envoy/config/endpoint/v3/load_report.proto
+
+package envoy_config_endpoint_v3
+
+import (
+	_ "github.com/cncf/xds/go/udpa/annotations"
+	v3 "github.com/envoyproxy/go-control-plane/envoy/config/core/v3"
+	_ "github.com/envoyproxy/protoc-gen-validate/validate"
+	proto "github.com/golang/protobuf/proto"
+	duration "github.com/golang/protobuf/ptypes/duration"
+	_struct "github.com/golang/protobuf/ptypes/struct"
+	protoreflect "google.golang.org/protobuf/reflect/protoreflect"
+	protoimpl "google.golang.org/protobuf/runtime/protoimpl"
+	reflect "reflect"
+	sync "sync"
+)
+
+const (
+	// Verify that this generated code is sufficiently up-to-date.
+	_ = protoimpl.EnforceVersion(20 - protoimpl.MinVersion)
+	// Verify that runtime/protoimpl is sufficiently up-to-date.
+	_ = protoimpl.EnforceVersion(protoimpl.MaxVersion - 20)
+)
+
+// This is a compile-time assertion that a sufficiently up-to-date version
+// of the legacy proto package is being used.
+const _ = proto.ProtoPackageIsVersion4
+
+// These are stats Envoy reports to the management server at a frequency defined by
+// :ref:`LoadStatsResponse.load_reporting_interval<envoy_v3_api_field_service.load_stats.v3.LoadStatsResponse.load_reporting_interval>`.
+// Stats per upstream region/zone and optionally per subzone.
+// [#next-free-field: 9]
+type UpstreamLocalityStats struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// Name of zone, region and optionally endpoint group these metrics were
+	// collected from. Zone and region names could be empty if unknown.
+	Locality *v3.Locality `protobuf:"bytes,1,opt,name=locality,proto3" json:"locality,omitempty"`
+	// The total number of requests successfully completed by the endpoints in the
+	// locality.
+	TotalSuccessfulRequests uint64 `protobuf:"varint,2,opt,name=total_successful_requests,json=totalSuccessfulRequests,proto3" json:"total_successful_requests,omitempty"`
+	// The total number of unfinished requests
+	TotalRequestsInProgress uint64 `protobuf:"varint,3,opt,name=total_requests_in_progress,json=totalRequestsInProgress,proto3" json:"total_requests_in_progress,omitempty"`
+	// The total number of requests that failed due to errors at the endpoint,
+	// aggregated over all endpoints in the locality.
+	TotalErrorRequests uint64 `protobuf:"varint,4,opt,name=total_error_requests,json=totalErrorRequests,proto3" json:"total_error_requests,omitempty"`
+	// The total number of requests that were issued by this Envoy since
+	// the last report. This information is aggregated over all the
+	// upstream endpoints in the locality.
+	TotalIssuedRequests uint64 `protobuf:"varint,8,opt,name=total_issued_requests,json=totalIssuedRequests,proto3" json:"total_issued_requests,omitempty"`
+	// Stats for multi-dimensional load balancing.
+	LoadMetricStats []*EndpointLoadMetricStats `protobuf:"bytes,5,rep,name=load_metric_stats,json=loadMetricStats,proto3" json:"load_metric_stats,omitempty"`
+	// Endpoint granularity stats information for this locality. This information
+	// is populated if the Server requests it by setting
+	// :ref:`LoadStatsResponse.report_endpoint_granularity<envoy_v3_api_field_service.load_stats.v3.LoadStatsResponse.report_endpoint_granularity>`.
+	UpstreamEndpointStats []*UpstreamEndpointStats `protobuf:"bytes,7,rep,name=upstream_endpoint_stats,json=upstreamEndpointStats,proto3" json:"upstream_endpoint_stats,omitempty"`
+	// [#not-implemented-hide:] The priority of the endpoint group these metrics
+	// were collected from.
+	Priority uint32 `protobuf:"varint,6,opt,name=priority,proto3" json:"priority,omitempty"`
+}
+
+func (x *UpstreamLocalityStats) Reset() {
+	*x = UpstreamLocalityStats{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_config_endpoint_v3_load_report_proto_msgTypes[0]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *UpstreamLocalityStats) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*UpstreamLocalityStats) ProtoMessage() {}
+
+func (x *UpstreamLocalityStats) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_config_endpoint_v3_load_report_proto_msgTypes[0]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use UpstreamLocalityStats.ProtoReflect.Descriptor instead.
+func (*UpstreamLocalityStats) Descriptor() ([]byte, []int) {
+	return file_envoy_config_endpoint_v3_load_report_proto_rawDescGZIP(), []int{0}
+}
+
+func (x *UpstreamLocalityStats) GetLocality() *v3.Locality {
+	if x != nil {
+		return x.Locality
+	}
+	return nil
+}
+
+func (x *UpstreamLocalityStats) GetTotalSuccessfulRequests() uint64 {
+	if x != nil {
+		return x.TotalSuccessfulRequests
+	}
+	return 0
+}
+
+func (x *UpstreamLocalityStats) GetTotalRequestsInProgress() uint64 {
+	if x != nil {
+		return x.TotalRequestsInProgress
+	}
+	return 0
+}
+
+func (x *UpstreamLocalityStats) GetTotalErrorRequests() uint64 {
+	if x != nil {
+		return x.TotalErrorRequests
+	}
+	return 0
+}
+
+func (x *UpstreamLocalityStats) GetTotalIssuedRequests() uint64 {
+	if x != nil {
+		return x.TotalIssuedRequests
+	}
+	return 0
+}
+
+func (x *UpstreamLocalityStats) GetLoadMetricStats() []*EndpointLoadMetricStats {
+	if x != nil {
+		return x.LoadMetricStats
+	}
+	return nil
+}
+
+func (x *UpstreamLocalityStats) GetUpstreamEndpointStats() []*UpstreamEndpointStats {
+	if x != nil {
+		return x.UpstreamEndpointStats
+	}
+	return nil
+}
+
+func (x *UpstreamLocalityStats) GetPriority() uint32 {
+	if x != nil {
+		return x.Priority
+	}
+	return 0
+}
+
+// [#next-free-field: 8]
+type UpstreamEndpointStats struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// Upstream host address.
+	Address *v3.Address `protobuf:"bytes,1,opt,name=address,proto3" json:"address,omitempty"`
+	// Opaque and implementation dependent metadata of the
+	// endpoint. Envoy will pass this directly to the management server.
+	Metadata *_struct.Struct `protobuf:"bytes,6,opt,name=metadata,proto3" json:"metadata,omitempty"`
+	// The total number of requests successfully completed by the endpoints in the
+	// locality. These include non-5xx responses for HTTP, where errors
+	// originate at the client and the endpoint responded successfully. For gRPC,
+	// the grpc-status values are those not covered by total_error_requests below.
+	TotalSuccessfulRequests uint64 `protobuf:"varint,2,opt,name=total_successful_requests,json=totalSuccessfulRequests,proto3" json:"total_successful_requests,omitempty"`
+	// The total number of unfinished requests for this endpoint.
+	TotalRequestsInProgress uint64 `protobuf:"varint,3,opt,name=total_requests_in_progress,json=totalRequestsInProgress,proto3" json:"total_requests_in_progress,omitempty"`
+	// The total number of requests that failed due to errors at the endpoint.
+	// For HTTP these are responses with 5xx status codes and for gRPC the
+	// grpc-status values:
+	//
+	//   - DeadlineExceeded
+	//   - Unimplemented
+	//   - Internal
+	//   - Unavailable
+	//   - Unknown
+	//   - DataLoss
+	TotalErrorRequests uint64 `protobuf:"varint,4,opt,name=total_error_requests,json=totalErrorRequests,proto3" json:"total_error_requests,omitempty"`
+	// The total number of requests that were issued to this endpoint
+	// since the last report. A single TCP connection, HTTP or gRPC
+	// request or stream is counted as one request.
+	TotalIssuedRequests uint64 `protobuf:"varint,7,opt,name=total_issued_requests,json=totalIssuedRequests,proto3" json:"total_issued_requests,omitempty"`
+	// Stats for multi-dimensional load balancing.
+	LoadMetricStats []*EndpointLoadMetricStats `protobuf:"bytes,5,rep,name=load_metric_stats,json=loadMetricStats,proto3" json:"load_metric_stats,omitempty"`
+}
+
+func (x *UpstreamEndpointStats) Reset() {
+	*x = UpstreamEndpointStats{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_config_endpoint_v3_load_report_proto_msgTypes[1]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *UpstreamEndpointStats) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*UpstreamEndpointStats) ProtoMessage() {}
+
+func (x *UpstreamEndpointStats) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_config_endpoint_v3_load_report_proto_msgTypes[1]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use UpstreamEndpointStats.ProtoReflect.Descriptor instead.
+func (*UpstreamEndpointStats) Descriptor() ([]byte, []int) {
+	return file_envoy_config_endpoint_v3_load_report_proto_rawDescGZIP(), []int{1}
+}
+
+func (x *UpstreamEndpointStats) GetAddress() *v3.Address {
+	if x != nil {
+		return x.Address
+	}
+	return nil
+}
+
+func (x *UpstreamEndpointStats) GetMetadata() *_struct.Struct {
+	if x != nil {
+		return x.Metadata
+	}
+	return nil
+}
+
+func (x *UpstreamEndpointStats) GetTotalSuccessfulRequests() uint64 {
+	if x != nil {
+		return x.TotalSuccessfulRequests
+	}
+	return 0
+}
+
+func (x *UpstreamEndpointStats) GetTotalRequestsInProgress() uint64 {
+	if x != nil {
+		return x.TotalRequestsInProgress
+	}
+	return 0
+}
+
+func (x *UpstreamEndpointStats) GetTotalErrorRequests() uint64 {
+	if x != nil {
+		return x.TotalErrorRequests
+	}
+	return 0
+}
+
+func (x *UpstreamEndpointStats) GetTotalIssuedRequests() uint64 {
+	if x != nil {
+		return x.TotalIssuedRequests
+	}
+	return 0
+}
+
+func (x *UpstreamEndpointStats) GetLoadMetricStats() []*EndpointLoadMetricStats {
+	if x != nil {
+		return x.LoadMetricStats
+	}
+	return nil
+}
+
+type EndpointLoadMetricStats struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// Name of the metric; may be empty.
+	MetricName string `protobuf:"bytes,1,opt,name=metric_name,json=metricName,proto3" json:"metric_name,omitempty"`
+	// Number of calls that finished and included this metric.
+	NumRequestsFinishedWithMetric uint64 `protobuf:"varint,2,opt,name=num_requests_finished_with_metric,json=numRequestsFinishedWithMetric,proto3" json:"num_requests_finished_with_metric,omitempty"`
+	// Sum of metric values across all calls that finished with this metric for
+	// load_reporting_interval.
+	TotalMetricValue float64 `protobuf:"fixed64,3,opt,name=total_metric_value,json=totalMetricValue,proto3" json:"total_metric_value,omitempty"`
+}
+
+func (x *EndpointLoadMetricStats) Reset() {
+	*x = EndpointLoadMetricStats{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_config_endpoint_v3_load_report_proto_msgTypes[2]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *EndpointLoadMetricStats) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*EndpointLoadMetricStats) ProtoMessage() {}
+
+func (x *EndpointLoadMetricStats) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_config_endpoint_v3_load_report_proto_msgTypes[2]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use EndpointLoadMetricStats.ProtoReflect.Descriptor instead.
+func (*EndpointLoadMetricStats) Descriptor() ([]byte, []int) {
+	return file_envoy_config_endpoint_v3_load_report_proto_rawDescGZIP(), []int{2}
+}
+
+func (x *EndpointLoadMetricStats) GetMetricName() string {
+	if x != nil {
+		return x.MetricName
+	}
+	return ""
+}
+
+func (x *EndpointLoadMetricStats) GetNumRequestsFinishedWithMetric() uint64 {
+	if x != nil {
+		return x.NumRequestsFinishedWithMetric
+	}
+	return 0
+}
+
+func (x *EndpointLoadMetricStats) GetTotalMetricValue() float64 {
+	if x != nil {
+		return x.TotalMetricValue
+	}
+	return 0
+}
+
+// Per cluster load stats. Envoy reports these stats a management server in a
+// :ref:`LoadStatsRequest<envoy_v3_api_msg_service.load_stats.v3.LoadStatsRequest>`
+// Next ID: 7
+// [#next-free-field: 7]
+type ClusterStats struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// The name of the cluster.
+	ClusterName string `protobuf:"bytes,1,opt,name=cluster_name,json=clusterName,proto3" json:"cluster_name,omitempty"`
+	// The eds_cluster_config service_name of the cluster.
+	// It's possible that two clusters send the same service_name to EDS,
+	// in that case, the management server is supposed to do aggregation on the load reports.
+	ClusterServiceName string `protobuf:"bytes,6,opt,name=cluster_service_name,json=clusterServiceName,proto3" json:"cluster_service_name,omitempty"`
+	// Need at least one.
+	UpstreamLocalityStats []*UpstreamLocalityStats `protobuf:"bytes,2,rep,name=upstream_locality_stats,json=upstreamLocalityStats,proto3" json:"upstream_locality_stats,omitempty"`
+	// Cluster-level stats such as total_successful_requests may be computed by
+	// summing upstream_locality_stats. In addition, below there are additional
+	// cluster-wide stats.
+	//
+	// The total number of dropped requests. This covers requests
+	// deliberately dropped by the drop_overload policy and circuit breaking.
+	TotalDroppedRequests uint64 `protobuf:"varint,3,opt,name=total_dropped_requests,json=totalDroppedRequests,proto3" json:"total_dropped_requests,omitempty"`
+	// Information about deliberately dropped requests for each category specified
+	// in the DropOverload policy.
+	DroppedRequests []*ClusterStats_DroppedRequests `protobuf:"bytes,5,rep,name=dropped_requests,json=droppedRequests,proto3" json:"dropped_requests,omitempty"`
+	// Period over which the actual load report occurred. This will be guaranteed to include every
+	// request reported. Due to system load and delays between the *LoadStatsRequest* sent from Envoy
+	// and the *LoadStatsResponse* message sent from the management server, this may be longer than
+	// the requested load reporting interval in the *LoadStatsResponse*.
+	LoadReportInterval *duration.Duration `protobuf:"bytes,4,opt,name=load_report_interval,json=loadReportInterval,proto3" json:"load_report_interval,omitempty"`
+}
+
+func (x *ClusterStats) Reset() {
+	*x = ClusterStats{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_config_endpoint_v3_load_report_proto_msgTypes[3]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *ClusterStats) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*ClusterStats) ProtoMessage() {}
+
+func (x *ClusterStats) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_config_endpoint_v3_load_report_proto_msgTypes[3]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use ClusterStats.ProtoReflect.Descriptor instead.
+func (*ClusterStats) Descriptor() ([]byte, []int) {
+	return file_envoy_config_endpoint_v3_load_report_proto_rawDescGZIP(), []int{3}
+}
+
+func (x *ClusterStats) GetClusterName() string {
+	if x != nil {
+		return x.ClusterName
+	}
+	return ""
+}
+
+func (x *ClusterStats) GetClusterServiceName() string {
+	if x != nil {
+		return x.ClusterServiceName
+	}
+	return ""
+}
+
+func (x *ClusterStats) GetUpstreamLocalityStats() []*UpstreamLocalityStats {
+	if x != nil {
+		return x.UpstreamLocalityStats
+	}
+	return nil
+}
+
+func (x *ClusterStats) GetTotalDroppedRequests() uint64 {
+	if x != nil {
+		return x.TotalDroppedRequests
+	}
+	return 0
+}
+
+func (x *ClusterStats) GetDroppedRequests() []*ClusterStats_DroppedRequests {
+	if x != nil {
+		return x.DroppedRequests
+	}
+	return nil
+}
+
+func (x *ClusterStats) GetLoadReportInterval() *duration.Duration {
+	if x != nil {
+		return x.LoadReportInterval
+	}
+	return nil
+}
+
+type ClusterStats_DroppedRequests struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// Identifier for the policy specifying the drop.
+	Category string `protobuf:"bytes,1,opt,name=category,proto3" json:"category,omitempty"`
+	// Total number of deliberately dropped requests for the category.
+	DroppedCount uint64 `protobuf:"varint,2,opt,name=dropped_count,json=droppedCount,proto3" json:"dropped_count,omitempty"`
+}
+
+func (x *ClusterStats_DroppedRequests) Reset() {
+	*x = ClusterStats_DroppedRequests{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_config_endpoint_v3_load_report_proto_msgTypes[4]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *ClusterStats_DroppedRequests) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*ClusterStats_DroppedRequests) ProtoMessage() {}
+
+func (x *ClusterStats_DroppedRequests) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_config_endpoint_v3_load_report_proto_msgTypes[4]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use ClusterStats_DroppedRequests.ProtoReflect.Descriptor instead.
+func (*ClusterStats_DroppedRequests) Descriptor() ([]byte, []int) {
+	return file_envoy_config_endpoint_v3_load_report_proto_rawDescGZIP(), []int{3, 0}
+}
+
+func (x *ClusterStats_DroppedRequests) GetCategory() string {
+	if x != nil {
+		return x.Category
+	}
+	return ""
+}
+
+func (x *ClusterStats_DroppedRequests) GetDroppedCount() uint64 {
+	if x != nil {
+		return x.DroppedCount
+	}
+	return 0
+}
+
+var File_envoy_config_endpoint_v3_load_report_proto protoreflect.FileDescriptor
+
+var file_envoy_config_endpoint_v3_load_report_proto_rawDesc = []byte{
+	0x0a, 0x2a, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2f, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2f, 0x65,
+	0x6e, 0x64, 0x70, 0x6f, 0x69, 0x6e, 0x74, 0x2f, 0x76, 0x33, 0x2f, 0x6c, 0x6f, 0x61, 0x64, 0x5f,
+	0x72, 0x65, 0x70, 0x6f, 0x72, 0x74, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x12, 0x18, 0x65, 0x6e,
+	0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x65, 0x6e, 0x64, 0x70, 0x6f,
+	0x69, 0x6e, 0x74, 0x2e, 0x76, 0x33, 0x1a, 0x22, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2f, 0x63, 0x6f,
+	0x6e, 0x66, 0x69, 0x67, 0x2f, 0x63, 0x6f, 0x72, 0x65, 0x2f, 0x76, 0x33, 0x2f, 0x61, 0x64, 0x64,
+	0x72, 0x65, 0x73, 0x73, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x1f, 0x65, 0x6e, 0x76, 0x6f,
+	0x79, 0x2f, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2f, 0x63, 0x6f, 0x72, 0x65, 0x2f, 0x76, 0x33,
+	0x2f, 0x62, 0x61, 0x73, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x1e, 0x67, 0x6f, 0x6f,
+	0x67, 0x6c, 0x65, 0x2f, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2f, 0x64, 0x75, 0x72,
+	0x61, 0x74, 0x69, 0x6f, 0x6e, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x1c, 0x67, 0x6f, 0x6f,
+	0x67, 0x6c, 0x65, 0x2f, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2f, 0x73, 0x74, 0x72,
+	0x75, 0x63, 0x74, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x1d, 0x75, 0x64, 0x70, 0x61, 0x2f,
+	0x61, 0x6e, 0x6e, 0x6f, 0x74, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x2f, 0x73, 0x74, 0x61, 0x74,
+	0x75, 0x73, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x21, 0x75, 0x64, 0x70, 0x61, 0x2f, 0x61,
+	0x6e, 0x6e, 0x6f, 0x74, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x2f, 0x76, 0x65, 0x72, 0x73, 0x69,
+	0x6f, 0x6e, 0x69, 0x6e, 0x67, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x17, 0x76, 0x61, 0x6c,
+	0x69, 0x64, 0x61, 0x74, 0x65, 0x2f, 0x76, 0x61, 0x6c, 0x69, 0x64, 0x61, 0x74, 0x65, 0x2e, 0x70,
+	0x72, 0x6f, 0x74, 0x6f, 0x22, 0xca, 0x04, 0x0a, 0x15, 0x55, 0x70, 0x73, 0x74, 0x72, 0x65, 0x61,
+	0x6d, 0x4c, 0x6f, 0x63, 0x61, 0x6c, 0x69, 0x74, 0x79, 0x53, 0x74, 0x61, 0x74, 0x73, 0x12, 0x3a,
+	0x0a, 0x08, 0x6c, 0x6f, 0x63, 0x61, 0x6c, 0x69, 0x74, 0x79, 0x18, 0x01, 0x20, 0x01, 0x28, 0x0b,
+	0x32, 0x1e, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e,
+	0x63, 0x6f, 0x72, 0x65, 0x2e, 0x76, 0x33, 0x2e, 0x4c, 0x6f, 0x63, 0x61, 0x6c, 0x69, 0x74, 0x79,
+	0x52, 0x08, 0x6c, 0x6f, 0x63, 0x61, 0x6c, 0x69, 0x74, 0x79, 0x12, 0x3a, 0x0a, 0x19, 0x74, 0x6f,
+	0x74, 0x61, 0x6c, 0x5f, 0x73, 0x75, 0x63, 0x63, 0x65, 0x73, 0x73, 0x66, 0x75, 0x6c, 0x5f, 0x72,
+	0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x73, 0x18, 0x02, 0x20, 0x01, 0x28, 0x04, 0x52, 0x17, 0x74,
+	0x6f, 0x74, 0x61, 0x6c, 0x53, 0x75, 0x63, 0x63, 0x65, 0x73, 0x73, 0x66, 0x75, 0x6c, 0x52, 0x65,
+	0x71, 0x75, 0x65, 0x73, 0x74, 0x73, 0x12, 0x3b, 0x0a, 0x1a, 0x74, 0x6f, 0x74, 0x61, 0x6c, 0x5f,
+	0x72, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x73, 0x5f, 0x69, 0x6e, 0x5f, 0x70, 0x72, 0x6f, 0x67,
+	0x72, 0x65, 0x73, 0x73, 0x18, 0x03, 0x20, 0x01, 0x28, 0x04, 0x52, 0x17, 0x74, 0x6f, 0x74, 0x61,
+	0x6c, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x73, 0x49, 0x6e, 0x50, 0x72, 0x6f, 0x67, 0x72,
+	0x65, 0x73, 0x73, 0x12, 0x30, 0x0a, 0x14, 0x74, 0x6f, 0x74, 0x61, 0x6c, 0x5f, 0x65, 0x72, 0x72,
+	0x6f, 0x72, 0x5f, 0x72, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x73, 0x18, 0x04, 0x20, 0x01, 0x28,
+	0x04, 0x52, 0x12, 0x74, 0x6f, 0x74, 0x61, 0x6c, 0x45, 0x72, 0x72, 0x6f, 0x72, 0x52, 0x65, 0x71,
+	0x75, 0x65, 0x73, 0x74, 0x73, 0x12, 0x32, 0x0a, 0x15, 0x74, 0x6f, 0x74, 0x61, 0x6c, 0x5f, 0x69,
+	0x73, 0x73, 0x75, 0x65, 0x64, 0x5f, 0x72, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x73, 0x18, 0x08,
+	0x20, 0x01, 0x28, 0x04, 0x52, 0x13, 0x74, 0x6f, 0x74, 0x61, 0x6c, 0x49, 0x73, 0x73, 0x75, 0x65,
+	0x64, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x73, 0x12, 0x5d, 0x0a, 0x11, 0x6c, 0x6f, 0x61,
+	0x64, 0x5f, 0x6d, 0x65, 0x74, 0x72, 0x69, 0x63, 0x5f, 0x73, 0x74, 0x61, 0x74, 0x73, 0x18, 0x05,
+	0x20, 0x03, 0x28, 0x0b, 0x32, 0x31, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e,
+	0x66, 0x69, 0x67, 0x2e, 0x65, 0x6e, 0x64, 0x70, 0x6f, 0x69, 0x6e, 0x74, 0x2e, 0x76, 0x33, 0x2e,
+	0x45, 0x6e, 0x64, 0x70, 0x6f, 0x69, 0x6e, 0x74, 0x4c, 0x6f, 0x61, 0x64, 0x4d, 0x65, 0x74, 0x72,
+	0x69, 0x63, 0x53, 0x74, 0x61, 0x74, 0x73, 0x52, 0x0f, 0x6c, 0x6f, 0x61, 0x64, 0x4d, 0x65, 0x74,
+	0x72, 0x69, 0x63, 0x53, 0x74, 0x61, 0x74, 0x73, 0x12, 0x67, 0x0a, 0x17, 0x75, 0x70, 0x73, 0x74,
+	0x72, 0x65, 0x61, 0x6d, 0x5f, 0x65, 0x6e, 0x64, 0x70, 0x6f, 0x69, 0x6e, 0x74, 0x5f, 0x73, 0x74,
+	0x61, 0x74, 0x73, 0x18, 0x07, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x2f, 0x2e, 0x65, 0x6e, 0x76, 0x6f,
+	0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x65, 0x6e, 0x64, 0x70, 0x6f, 0x69, 0x6e,
+	0x74, 0x2e, 0x76, 0x33, 0x2e, 0x55, 0x70, 0x73, 0x74, 0x72, 0x65, 0x61, 0x6d, 0x45, 0x6e, 0x64,
+	0x70, 0x6f, 0x69, 0x6e, 0x74, 0x53, 0x74, 0x61, 0x74, 0x73, 0x52, 0x15, 0x75, 0x70, 0x73, 0x74,
+	0x72, 0x65, 0x61, 0x6d, 0x45, 0x6e, 0x64, 0x70, 0x6f, 0x69, 0x6e, 0x74, 0x53, 0x74, 0x61, 0x74,
+	0x73, 0x12, 0x1a, 0x0a, 0x08, 0x70, 0x72, 0x69, 0x6f, 0x72, 0x69, 0x74, 0x79, 0x18, 0x06, 0x20,
+	0x01, 0x28, 0x0d, 0x52, 0x08, 0x70, 0x72, 0x69, 0x6f, 0x72, 0x69, 0x74, 0x79, 0x3a, 0x32, 0x9a,
+	0xc5, 0x88, 0x1e, 0x2d, 0x0a, 0x2b, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61, 0x70, 0x69, 0x2e,
+	0x76, 0x32, 0x2e, 0x65, 0x6e, 0x64, 0x70, 0x6f, 0x69, 0x6e, 0x74, 0x2e, 0x55, 0x70, 0x73, 0x74,
+	0x72, 0x65, 0x61, 0x6d, 0x4c, 0x6f, 0x63, 0x61, 0x6c, 0x69, 0x74, 0x79, 0x53, 0x74, 0x61, 0x74,
+	0x73, 0x22, 0xf7, 0x03, 0x0a, 0x15, 0x55, 0x70, 0x73, 0x74, 0x72, 0x65, 0x61, 0x6d, 0x45, 0x6e,
+	0x64, 0x70, 0x6f, 0x69, 0x6e, 0x74, 0x53, 0x74, 0x61, 0x74, 0x73, 0x12, 0x37, 0x0a, 0x07, 0x61,
+	0x64, 0x64, 0x72, 0x65, 0x73, 0x73, 0x18, 0x01, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1d, 0x2e, 0x65,
+	0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x63, 0x6f, 0x72, 0x65,
+	0x2e, 0x76, 0x33, 0x2e, 0x41, 0x64, 0x64, 0x72, 0x65, 0x73, 0x73, 0x52, 0x07, 0x61, 0x64, 0x64,
+	0x72, 0x65, 0x73, 0x73, 0x12, 0x33, 0x0a, 0x08, 0x6d, 0x65, 0x74, 0x61, 0x64, 0x61, 0x74, 0x61,
+	0x18, 0x06, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x17, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e,
+	0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x53, 0x74, 0x72, 0x75, 0x63, 0x74, 0x52,
+	0x08, 0x6d, 0x65, 0x74, 0x61, 0x64, 0x61, 0x74, 0x61, 0x12, 0x3a, 0x0a, 0x19, 0x74, 0x6f, 0x74,
+	0x61, 0x6c, 0x5f, 0x73, 0x75, 0x63, 0x63, 0x65, 0x73, 0x73, 0x66, 0x75, 0x6c, 0x5f, 0x72, 0x65,
+	0x71, 0x75, 0x65, 0x73, 0x74, 0x73, 0x18, 0x02, 0x20, 0x01, 0x28, 0x04, 0x52, 0x17, 0x74, 0x6f,
+	0x74, 0x61, 0x6c, 0x53, 0x75, 0x63, 0x63, 0x65, 0x73, 0x73, 0x66, 0x75, 0x6c, 0x52, 0x65, 0x71,
+	0x75, 0x65, 0x73, 0x74, 0x73, 0x12, 0x3b, 0x0a, 0x1a, 0x74, 0x6f, 0x74, 0x61, 0x6c, 0x5f, 0x72,
+	0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x73, 0x5f, 0x69, 0x6e, 0x5f, 0x70, 0x72, 0x6f, 0x67, 0x72,
+	0x65, 0x73, 0x73, 0x18, 0x03, 0x20, 0x01, 0x28, 0x04, 0x52, 0x17, 0x74, 0x6f, 0x74, 0x61, 0x6c,
+	0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x73, 0x49, 0x6e, 0x50, 0x72, 0x6f, 0x67, 0x72, 0x65,
+	0x73, 0x73, 0x12, 0x30, 0x0a, 0x14, 0x74, 0x6f, 0x74, 0x61, 0x6c, 0x5f, 0x65, 0x72, 0x72, 0x6f,
+	0x72, 0x5f, 0x72, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x73, 0x18, 0x04, 0x20, 0x01, 0x28, 0x04,
+	0x52, 0x12, 0x74, 0x6f, 0x74, 0x61, 0x6c, 0x45, 0x72, 0x72, 0x6f, 0x72, 0x52, 0x65, 0x71, 0x75,
+	0x65, 0x73, 0x74, 0x73, 0x12, 0x32, 0x0a, 0x15, 0x74, 0x6f, 0x74, 0x61, 0x6c, 0x5f, 0x69, 0x73,
+	0x73, 0x75, 0x65, 0x64, 0x5f, 0x72, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x73, 0x18, 0x07, 0x20,
+	0x01, 0x28, 0x04, 0x52, 0x13, 0x74, 0x6f, 0x74, 0x61, 0x6c, 0x49, 0x73, 0x73, 0x75, 0x65, 0x64,
+	0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x73, 0x12, 0x5d, 0x0a, 0x11, 0x6c, 0x6f, 0x61, 0x64,
+	0x5f, 0x6d, 0x65, 0x74, 0x72, 0x69, 0x63, 0x5f, 0x73, 0x74, 0x61, 0x74, 0x73, 0x18, 0x05, 0x20,
+	0x03, 0x28, 0x0b, 0x32, 0x31, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66,
+	0x69, 0x67, 0x2e, 0x65, 0x6e, 0x64, 0x70, 0x6f, 0x69, 0x6e, 0x74, 0x2e, 0x76, 0x33, 0x2e, 0x45,
+	0x6e, 0x64, 0x70, 0x6f, 0x69, 0x6e, 0x74, 0x4c, 0x6f, 0x61, 0x64, 0x4d, 0x65, 0x74, 0x72, 0x69,
+	0x63, 0x53, 0x74, 0x61, 0x74, 0x73, 0x52, 0x0f, 0x6c, 0x6f, 0x61, 0x64, 0x4d, 0x65, 0x74, 0x72,
+	0x69, 0x63, 0x53, 0x74, 0x61, 0x74, 0x73, 0x3a, 0x32, 0x9a, 0xc5, 0x88, 0x1e, 0x2d, 0x0a, 0x2b,
+	0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x76, 0x32, 0x2e, 0x65, 0x6e, 0x64,
+	0x70, 0x6f, 0x69, 0x6e, 0x74, 0x2e, 0x55, 0x70, 0x73, 0x74, 0x72, 0x65, 0x61, 0x6d, 0x45, 0x6e,
+	0x64, 0x70, 0x6f, 0x69, 0x6e, 0x74, 0x53, 0x74, 0x61, 0x74, 0x73, 0x22, 0xe8, 0x01, 0x0a, 0x17,
+	0x45, 0x6e, 0x64, 0x70, 0x6f, 0x69, 0x6e, 0x74, 0x4c, 0x6f, 0x61, 0x64, 0x4d, 0x65, 0x74, 0x72,
+	0x69, 0x63, 0x53, 0x74, 0x61, 0x74, 0x73, 0x12, 0x1f, 0x0a, 0x0b, 0x6d, 0x65, 0x74, 0x72, 0x69,
+	0x63, 0x5f, 0x6e, 0x61, 0x6d, 0x65, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x0a, 0x6d, 0x65,
+	0x74, 0x72, 0x69, 0x63, 0x4e, 0x61, 0x6d, 0x65, 0x12, 0x48, 0x0a, 0x21, 0x6e, 0x75, 0x6d, 0x5f,
+	0x72, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x73, 0x5f, 0x66, 0x69, 0x6e, 0x69, 0x73, 0x68, 0x65,
+	0x64, 0x5f, 0x77, 0x69, 0x74, 0x68, 0x5f, 0x6d, 0x65, 0x74, 0x72, 0x69, 0x63, 0x18, 0x02, 0x20,
+	0x01, 0x28, 0x04, 0x52, 0x1d, 0x6e, 0x75, 0x6d, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x73,
+	0x46, 0x69, 0x6e, 0x69, 0x73, 0x68, 0x65, 0x64, 0x57, 0x69, 0x74, 0x68, 0x4d, 0x65, 0x74, 0x72,
+	0x69, 0x63, 0x12, 0x2c, 0x0a, 0x12, 0x74, 0x6f, 0x74, 0x61, 0x6c, 0x5f, 0x6d, 0x65, 0x74, 0x72,
+	0x69, 0x63, 0x5f, 0x76, 0x61, 0x6c, 0x75, 0x65, 0x18, 0x03, 0x20, 0x01, 0x28, 0x01, 0x52, 0x10,
+	0x74, 0x6f, 0x74, 0x61, 0x6c, 0x4d, 0x65, 0x74, 0x72, 0x69, 0x63, 0x56, 0x61, 0x6c, 0x75, 0x65,
+	0x3a, 0x34, 0x9a, 0xc5, 0x88, 0x1e, 0x2f, 0x0a, 0x2d, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61,
+	0x70, 0x69, 0x2e, 0x76, 0x32, 0x2e, 0x65, 0x6e, 0x64, 0x70, 0x6f, 0x69, 0x6e, 0x74, 0x2e, 0x45,
+	0x6e, 0x64, 0x70, 0x6f, 0x69, 0x6e, 0x74, 0x4c, 0x6f, 0x61, 0x64, 0x4d, 0x65, 0x74, 0x72, 0x69,
+	0x63, 0x53, 0x74, 0x61, 0x74, 0x73, 0x22, 0x89, 0x05, 0x0a, 0x0c, 0x43, 0x6c, 0x75, 0x73, 0x74,
+	0x65, 0x72, 0x53, 0x74, 0x61, 0x74, 0x73, 0x12, 0x2a, 0x0a, 0x0c, 0x63, 0x6c, 0x75, 0x73, 0x74,
+	0x65, 0x72, 0x5f, 0x6e, 0x61, 0x6d, 0x65, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x42, 0x07, 0xfa,
+	0x42, 0x04, 0x72, 0x02, 0x10, 0x01, 0x52, 0x0b, 0x63, 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0x4e,
+	0x61, 0x6d, 0x65, 0x12, 0x30, 0x0a, 0x14, 0x63, 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0x5f, 0x73,
+	0x65, 0x72, 0x76, 0x69, 0x63, 0x65, 0x5f, 0x6e, 0x61, 0x6d, 0x65, 0x18, 0x06, 0x20, 0x01, 0x28,
+	0x09, 0x52, 0x12, 0x63, 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0x53, 0x65, 0x72, 0x76, 0x69, 0x63,
+	0x65, 0x4e, 0x61, 0x6d, 0x65, 0x12, 0x71, 0x0a, 0x17, 0x75, 0x70, 0x73, 0x74, 0x72, 0x65, 0x61,
+	0x6d, 0x5f, 0x6c, 0x6f, 0x63, 0x61, 0x6c, 0x69, 0x74, 0x79, 0x5f, 0x73, 0x74, 0x61, 0x74, 0x73,
+	0x18, 0x02, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x2f, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63,
+	0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x65, 0x6e, 0x64, 0x70, 0x6f, 0x69, 0x6e, 0x74, 0x2e, 0x76,
+	0x33, 0x2e, 0x55, 0x70, 0x73, 0x74, 0x72, 0x65, 0x61, 0x6d, 0x4c, 0x6f, 0x63, 0x61, 0x6c, 0x69,
+	0x74, 0x79, 0x53, 0x74, 0x61, 0x74, 0x73, 0x42, 0x08, 0xfa, 0x42, 0x05, 0x92, 0x01, 0x02, 0x08,
+	0x01, 0x52, 0x15, 0x75, 0x70, 0x73, 0x74, 0x72, 0x65, 0x61, 0x6d, 0x4c, 0x6f, 0x63, 0x61, 0x6c,
+	0x69, 0x74, 0x79, 0x53, 0x74, 0x61, 0x74, 0x73, 0x12, 0x34, 0x0a, 0x16, 0x74, 0x6f, 0x74, 0x61,
+	0x6c, 0x5f, 0x64, 0x72, 0x6f, 0x70, 0x70, 0x65, 0x64, 0x5f, 0x72, 0x65, 0x71, 0x75, 0x65, 0x73,
+	0x74, 0x73, 0x18, 0x03, 0x20, 0x01, 0x28, 0x04, 0x52, 0x14, 0x74, 0x6f, 0x74, 0x61, 0x6c, 0x44,
+	0x72, 0x6f, 0x70, 0x70, 0x65, 0x64, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x73, 0x12, 0x61,
+	0x0a, 0x10, 0x64, 0x72, 0x6f, 0x70, 0x70, 0x65, 0x64, 0x5f, 0x72, 0x65, 0x71, 0x75, 0x65, 0x73,
+	0x74, 0x73, 0x18, 0x05, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x36, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79,
+	0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x65, 0x6e, 0x64, 0x70, 0x6f, 0x69, 0x6e, 0x74,
+	0x2e, 0x76, 0x33, 0x2e, 0x43, 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0x53, 0x74, 0x61, 0x74, 0x73,
+	0x2e, 0x44, 0x72, 0x6f, 0x70, 0x70, 0x65, 0x64, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x73,
+	0x52, 0x0f, 0x64, 0x72, 0x6f, 0x70, 0x70, 0x65, 0x64, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74,
+	0x73, 0x12, 0x4b, 0x0a, 0x14, 0x6c, 0x6f, 0x61, 0x64, 0x5f, 0x72, 0x65, 0x70, 0x6f, 0x72, 0x74,
+	0x5f, 0x69, 0x6e, 0x74, 0x65, 0x72, 0x76, 0x61, 0x6c, 0x18, 0x04, 0x20, 0x01, 0x28, 0x0b, 0x32,
+	0x19, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75,
+	0x66, 0x2e, 0x44, 0x75, 0x72, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x52, 0x12, 0x6c, 0x6f, 0x61, 0x64,
+	0x52, 0x65, 0x70, 0x6f, 0x72, 0x74, 0x49, 0x6e, 0x74, 0x65, 0x72, 0x76, 0x61, 0x6c, 0x1a, 0x96,
+	0x01, 0x0a, 0x0f, 0x44, 0x72, 0x6f, 0x70, 0x70, 0x65, 0x64, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73,
+	0x74, 0x73, 0x12, 0x23, 0x0a, 0x08, 0x63, 0x61, 0x74, 0x65, 0x67, 0x6f, 0x72, 0x79, 0x18, 0x01,
+	0x20, 0x01, 0x28, 0x09, 0x42, 0x07, 0xfa, 0x42, 0x04, 0x72, 0x02, 0x10, 0x01, 0x52, 0x08, 0x63,
+	0x61, 0x74, 0x65, 0x67, 0x6f, 0x72, 0x79, 0x12, 0x23, 0x0a, 0x0d, 0x64, 0x72, 0x6f, 0x70, 0x70,
+	0x65, 0x64, 0x5f, 0x63, 0x6f, 0x75, 0x6e, 0x74, 0x18, 0x02, 0x20, 0x01, 0x28, 0x04, 0x52, 0x0c,
+	0x64, 0x72, 0x6f, 0x70, 0x70, 0x65, 0x64, 0x43, 0x6f, 0x75, 0x6e, 0x74, 0x3a, 0x39, 0x9a, 0xc5,
+	0x88, 0x1e, 0x34, 0x0a, 0x32, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x76,
+	0x32, 0x2e, 0x65, 0x6e, 0x64, 0x70, 0x6f, 0x69, 0x6e, 0x74, 0x2e, 0x43, 0x6c, 0x75, 0x73, 0x74,
+	0x65, 0x72, 0x53, 0x74, 0x61, 0x74, 0x73, 0x2e, 0x44, 0x72, 0x6f, 0x70, 0x70, 0x65, 0x64, 0x52,
+	0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x73, 0x3a, 0x29, 0x9a, 0xc5, 0x88, 0x1e, 0x24, 0x0a, 0x22,
+	0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x76, 0x32, 0x2e, 0x65, 0x6e, 0x64,
+	0x70, 0x6f, 0x69, 0x6e, 0x74, 0x2e, 0x43, 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0x53, 0x74, 0x61,
+	0x74, 0x73, 0x42, 0x43, 0x0a, 0x26, 0x69, 0x6f, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x70, 0x72,
+	0x6f, 0x78, 0x79, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67,
+	0x2e, 0x65, 0x6e, 0x64, 0x70, 0x6f, 0x69, 0x6e, 0x74, 0x2e, 0x76, 0x33, 0x42, 0x0f, 0x4c, 0x6f,
+	0x61, 0x64, 0x52, 0x65, 0x70, 0x6f, 0x72, 0x74, 0x50, 0x72, 0x6f, 0x74, 0x6f, 0x50, 0x01, 0xba,
+	0x80, 0xc8, 0xd1, 0x06, 0x02, 0x10, 0x02, 0x62, 0x06, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x33,
+}
+
+var (
+	file_envoy_config_endpoint_v3_load_report_proto_rawDescOnce sync.Once
+	file_envoy_config_endpoint_v3_load_report_proto_rawDescData = file_envoy_config_endpoint_v3_load_report_proto_rawDesc
+)
+
+func file_envoy_config_endpoint_v3_load_report_proto_rawDescGZIP() []byte {
+	file_envoy_config_endpoint_v3_load_report_proto_rawDescOnce.Do(func() {
+		file_envoy_config_endpoint_v3_load_report_proto_rawDescData = protoimpl.X.CompressGZIP(file_envoy_config_endpoint_v3_load_report_proto_rawDescData)
+	})
+	return file_envoy_config_endpoint_v3_load_report_proto_rawDescData
+}
+
+var file_envoy_config_endpoint_v3_load_report_proto_msgTypes = make([]protoimpl.MessageInfo, 5)
+var file_envoy_config_endpoint_v3_load_report_proto_goTypes = []interface{}{
+	(*UpstreamLocalityStats)(nil),        // 0: envoy.config.endpoint.v3.UpstreamLocalityStats
+	(*UpstreamEndpointStats)(nil),        // 1: envoy.config.endpoint.v3.UpstreamEndpointStats
+	(*EndpointLoadMetricStats)(nil),      // 2: envoy.config.endpoint.v3.EndpointLoadMetricStats
+	(*ClusterStats)(nil),                 // 3: envoy.config.endpoint.v3.ClusterStats
+	(*ClusterStats_DroppedRequests)(nil), // 4: envoy.config.endpoint.v3.ClusterStats.DroppedRequests
+	(*v3.Locality)(nil),                  // 5: envoy.config.core.v3.Locality
+	(*v3.Address)(nil),                   // 6: envoy.config.core.v3.Address
+	(*_struct.Struct)(nil),               // 7: google.protobuf.Struct
+	(*duration.Duration)(nil),            // 8: google.protobuf.Duration
+}
+var file_envoy_config_endpoint_v3_load_report_proto_depIdxs = []int32{
+	5, // 0: envoy.config.endpoint.v3.UpstreamLocalityStats.locality:type_name -> envoy.config.core.v3.Locality
+	2, // 1: envoy.config.endpoint.v3.UpstreamLocalityStats.load_metric_stats:type_name -> envoy.config.endpoint.v3.EndpointLoadMetricStats
+	1, // 2: envoy.config.endpoint.v3.UpstreamLocalityStats.upstream_endpoint_stats:type_name -> envoy.config.endpoint.v3.UpstreamEndpointStats
+	6, // 3: envoy.config.endpoint.v3.UpstreamEndpointStats.address:type_name -> envoy.config.core.v3.Address
+	7, // 4: envoy.config.endpoint.v3.UpstreamEndpointStats.metadata:type_name -> google.protobuf.Struct
+	2, // 5: envoy.config.endpoint.v3.UpstreamEndpointStats.load_metric_stats:type_name -> envoy.config.endpoint.v3.EndpointLoadMetricStats
+	0, // 6: envoy.config.endpoint.v3.ClusterStats.upstream_locality_stats:type_name -> envoy.config.endpoint.v3.UpstreamLocalityStats
+	4, // 7: envoy.config.endpoint.v3.ClusterStats.dropped_requests:type_name -> envoy.config.endpoint.v3.ClusterStats.DroppedRequests
+	8, // 8: envoy.config.endpoint.v3.ClusterStats.load_report_interval:type_name -> google.protobuf.Duration
+	9, // [9:9] is the sub-list for method output_type
+	9, // [9:9] is the sub-list for method input_type
+	9, // [9:9] is the sub-list for extension type_name
+	9, // [9:9] is the sub-list for extension extendee
+	0, // [0:9] is the sub-list for field type_name
+}
+
+func init() { file_envoy_config_endpoint_v3_load_report_proto_init() }
+func file_envoy_config_endpoint_v3_load_report_proto_init() {
+	if File_envoy_config_endpoint_v3_load_report_proto != nil {
+		return
+	}
+	if !protoimpl.UnsafeEnabled {
+		file_envoy_config_endpoint_v3_load_report_proto_msgTypes[0].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*UpstreamLocalityStats); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_config_endpoint_v3_load_report_proto_msgTypes[1].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*UpstreamEndpointStats); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_config_endpoint_v3_load_report_proto_msgTypes[2].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*EndpointLoadMetricStats); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_config_endpoint_v3_load_report_proto_msgTypes[3].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*ClusterStats); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_config_endpoint_v3_load_report_proto_msgTypes[4].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*ClusterStats_DroppedRequests); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+	}
+	type x struct{}
+	out := protoimpl.TypeBuilder{
+		File: protoimpl.DescBuilder{
+			GoPackagePath: reflect.TypeOf(x{}).PkgPath(),
+			RawDescriptor: file_envoy_config_endpoint_v3_load_report_proto_rawDesc,
+			NumEnums:      0,
+			NumMessages:   5,
+			NumExtensions: 0,
+			NumServices:   0,
+		},
+		GoTypes:           file_envoy_config_endpoint_v3_load_report_proto_goTypes,
+		DependencyIndexes: file_envoy_config_endpoint_v3_load_report_proto_depIdxs,
+		MessageInfos:      file_envoy_config_endpoint_v3_load_report_proto_msgTypes,
+	}.Build()
+	File_envoy_config_endpoint_v3_load_report_proto = out.File
+	file_envoy_config_endpoint_v3_load_report_proto_rawDesc = nil
+	file_envoy_config_endpoint_v3_load_report_proto_goTypes = nil
+	file_envoy_config_endpoint_v3_load_report_proto_depIdxs = nil
+}
diff --git a/vendor/github.com/envoyproxy/go-control-plane/envoy/config/endpoint/v3/load_report.pb.validate.go b/vendor/github.com/envoyproxy/go-control-plane/envoy/config/endpoint/v3/load_report.pb.validate.go
new file mode 100644
index 00000000000..1e9efcccebb
--- /dev/null
+++ b/vendor/github.com/envoyproxy/go-control-plane/envoy/config/endpoint/v3/load_report.pb.validate.go
@@ -0,0 +1,888 @@
+// Code generated by protoc-gen-validate. DO NOT EDIT.
+// source: envoy/config/endpoint/v3/load_report.proto
+
+package envoy_config_endpoint_v3
+
+import (
+	"bytes"
+	"errors"
+	"fmt"
+	"net"
+	"net/mail"
+	"net/url"
+	"regexp"
+	"sort"
+	"strings"
+	"time"
+	"unicode/utf8"
+
+	"google.golang.org/protobuf/types/known/anypb"
+)
+
+// ensure the imports are used
+var (
+	_ = bytes.MinRead
+	_ = errors.New("")
+	_ = fmt.Print
+	_ = utf8.UTFMax
+	_ = (*regexp.Regexp)(nil)
+	_ = (*strings.Reader)(nil)
+	_ = net.IPv4len
+	_ = time.Duration(0)
+	_ = (*url.URL)(nil)
+	_ = (*mail.Address)(nil)
+	_ = anypb.Any{}
+	_ = sort.Sort
+)
+
+// Validate checks the field values on UpstreamLocalityStats with the rules
+// defined in the proto definition for this message. If any rules are
+// violated, the first error encountered is returned, or nil if there are no violations.
+func (m *UpstreamLocalityStats) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on UpstreamLocalityStats with the rules
+// defined in the proto definition for this message. If any rules are
+// violated, the result is a list of violation errors wrapped in
+// UpstreamLocalityStatsMultiError, or nil if none found.
+func (m *UpstreamLocalityStats) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *UpstreamLocalityStats) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	if all {
+		switch v := interface{}(m.GetLocality()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, UpstreamLocalityStatsValidationError{
+					field:  "Locality",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, UpstreamLocalityStatsValidationError{
+					field:  "Locality",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetLocality()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return UpstreamLocalityStatsValidationError{
+				field:  "Locality",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	// no validation rules for TotalSuccessfulRequests
+
+	// no validation rules for TotalRequestsInProgress
+
+	// no validation rules for TotalErrorRequests
+
+	// no validation rules for TotalIssuedRequests
+
+	for idx, item := range m.GetLoadMetricStats() {
+		_, _ = idx, item
+
+		if all {
+			switch v := interface{}(item).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, UpstreamLocalityStatsValidationError{
+						field:  fmt.Sprintf("LoadMetricStats[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, UpstreamLocalityStatsValidationError{
+						field:  fmt.Sprintf("LoadMetricStats[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(item).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return UpstreamLocalityStatsValidationError{
+					field:  fmt.Sprintf("LoadMetricStats[%v]", idx),
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	}
+
+	for idx, item := range m.GetUpstreamEndpointStats() {
+		_, _ = idx, item
+
+		if all {
+			switch v := interface{}(item).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, UpstreamLocalityStatsValidationError{
+						field:  fmt.Sprintf("UpstreamEndpointStats[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, UpstreamLocalityStatsValidationError{
+						field:  fmt.Sprintf("UpstreamEndpointStats[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(item).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return UpstreamLocalityStatsValidationError{
+					field:  fmt.Sprintf("UpstreamEndpointStats[%v]", idx),
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	}
+
+	// no validation rules for Priority
+
+	if len(errors) > 0 {
+		return UpstreamLocalityStatsMultiError(errors)
+	}
+	return nil
+}
+
+// UpstreamLocalityStatsMultiError is an error wrapping multiple validation
+// errors returned by UpstreamLocalityStats.ValidateAll() if the designated
+// constraints aren't met.
+type UpstreamLocalityStatsMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m UpstreamLocalityStatsMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m UpstreamLocalityStatsMultiError) AllErrors() []error { return m }
+
+// UpstreamLocalityStatsValidationError is the validation error returned by
+// UpstreamLocalityStats.Validate if the designated constraints aren't met.
+type UpstreamLocalityStatsValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e UpstreamLocalityStatsValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e UpstreamLocalityStatsValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e UpstreamLocalityStatsValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e UpstreamLocalityStatsValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e UpstreamLocalityStatsValidationError) ErrorName() string {
+	return "UpstreamLocalityStatsValidationError"
+}
+
+// Error satisfies the builtin error interface
+func (e UpstreamLocalityStatsValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sUpstreamLocalityStats.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = UpstreamLocalityStatsValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = UpstreamLocalityStatsValidationError{}
+
+// Validate checks the field values on UpstreamEndpointStats with the rules
+// defined in the proto definition for this message. If any rules are
+// violated, the first error encountered is returned, or nil if there are no violations.
+func (m *UpstreamEndpointStats) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on UpstreamEndpointStats with the rules
+// defined in the proto definition for this message. If any rules are
+// violated, the result is a list of violation errors wrapped in
+// UpstreamEndpointStatsMultiError, or nil if none found.
+func (m *UpstreamEndpointStats) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *UpstreamEndpointStats) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	if all {
+		switch v := interface{}(m.GetAddress()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, UpstreamEndpointStatsValidationError{
+					field:  "Address",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, UpstreamEndpointStatsValidationError{
+					field:  "Address",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetAddress()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return UpstreamEndpointStatsValidationError{
+				field:  "Address",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if all {
+		switch v := interface{}(m.GetMetadata()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, UpstreamEndpointStatsValidationError{
+					field:  "Metadata",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, UpstreamEndpointStatsValidationError{
+					field:  "Metadata",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetMetadata()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return UpstreamEndpointStatsValidationError{
+				field:  "Metadata",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	// no validation rules for TotalSuccessfulRequests
+
+	// no validation rules for TotalRequestsInProgress
+
+	// no validation rules for TotalErrorRequests
+
+	// no validation rules for TotalIssuedRequests
+
+	for idx, item := range m.GetLoadMetricStats() {
+		_, _ = idx, item
+
+		if all {
+			switch v := interface{}(item).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, UpstreamEndpointStatsValidationError{
+						field:  fmt.Sprintf("LoadMetricStats[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, UpstreamEndpointStatsValidationError{
+						field:  fmt.Sprintf("LoadMetricStats[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(item).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return UpstreamEndpointStatsValidationError{
+					field:  fmt.Sprintf("LoadMetricStats[%v]", idx),
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	}
+
+	if len(errors) > 0 {
+		return UpstreamEndpointStatsMultiError(errors)
+	}
+	return nil
+}
+
+// UpstreamEndpointStatsMultiError is an error wrapping multiple validation
+// errors returned by UpstreamEndpointStats.ValidateAll() if the designated
+// constraints aren't met.
+type UpstreamEndpointStatsMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m UpstreamEndpointStatsMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m UpstreamEndpointStatsMultiError) AllErrors() []error { return m }
+
+// UpstreamEndpointStatsValidationError is the validation error returned by
+// UpstreamEndpointStats.Validate if the designated constraints aren't met.
+type UpstreamEndpointStatsValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e UpstreamEndpointStatsValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e UpstreamEndpointStatsValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e UpstreamEndpointStatsValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e UpstreamEndpointStatsValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e UpstreamEndpointStatsValidationError) ErrorName() string {
+	return "UpstreamEndpointStatsValidationError"
+}
+
+// Error satisfies the builtin error interface
+func (e UpstreamEndpointStatsValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sUpstreamEndpointStats.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = UpstreamEndpointStatsValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = UpstreamEndpointStatsValidationError{}
+
+// Validate checks the field values on EndpointLoadMetricStats with the rules
+// defined in the proto definition for this message. If any rules are
+// violated, the first error encountered is returned, or nil if there are no violations.
+func (m *EndpointLoadMetricStats) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on EndpointLoadMetricStats with the
+// rules defined in the proto definition for this message. If any rules are
+// violated, the result is a list of violation errors wrapped in
+// EndpointLoadMetricStatsMultiError, or nil if none found.
+func (m *EndpointLoadMetricStats) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *EndpointLoadMetricStats) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	// no validation rules for MetricName
+
+	// no validation rules for NumRequestsFinishedWithMetric
+
+	// no validation rules for TotalMetricValue
+
+	if len(errors) > 0 {
+		return EndpointLoadMetricStatsMultiError(errors)
+	}
+	return nil
+}
+
+// EndpointLoadMetricStatsMultiError is an error wrapping multiple validation
+// errors returned by EndpointLoadMetricStats.ValidateAll() if the designated
+// constraints aren't met.
+type EndpointLoadMetricStatsMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m EndpointLoadMetricStatsMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m EndpointLoadMetricStatsMultiError) AllErrors() []error { return m }
+
+// EndpointLoadMetricStatsValidationError is the validation error returned by
+// EndpointLoadMetricStats.Validate if the designated constraints aren't met.
+type EndpointLoadMetricStatsValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e EndpointLoadMetricStatsValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e EndpointLoadMetricStatsValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e EndpointLoadMetricStatsValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e EndpointLoadMetricStatsValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e EndpointLoadMetricStatsValidationError) ErrorName() string {
+	return "EndpointLoadMetricStatsValidationError"
+}
+
+// Error satisfies the builtin error interface
+func (e EndpointLoadMetricStatsValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sEndpointLoadMetricStats.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = EndpointLoadMetricStatsValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = EndpointLoadMetricStatsValidationError{}
+
+// Validate checks the field values on ClusterStats with the rules defined in
+// the proto definition for this message. If any rules are violated, the first
+// error encountered is returned, or nil if there are no violations.
+func (m *ClusterStats) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on ClusterStats with the rules defined
+// in the proto definition for this message. If any rules are violated, the
+// result is a list of violation errors wrapped in ClusterStatsMultiError, or
+// nil if none found.
+func (m *ClusterStats) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *ClusterStats) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	if utf8.RuneCountInString(m.GetClusterName()) < 1 {
+		err := ClusterStatsValidationError{
+			field:  "ClusterName",
+			reason: "value length must be at least 1 runes",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+	}
+
+	// no validation rules for ClusterServiceName
+
+	if len(m.GetUpstreamLocalityStats()) < 1 {
+		err := ClusterStatsValidationError{
+			field:  "UpstreamLocalityStats",
+			reason: "value must contain at least 1 item(s)",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+	}
+
+	for idx, item := range m.GetUpstreamLocalityStats() {
+		_, _ = idx, item
+
+		if all {
+			switch v := interface{}(item).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, ClusterStatsValidationError{
+						field:  fmt.Sprintf("UpstreamLocalityStats[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, ClusterStatsValidationError{
+						field:  fmt.Sprintf("UpstreamLocalityStats[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(item).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return ClusterStatsValidationError{
+					field:  fmt.Sprintf("UpstreamLocalityStats[%v]", idx),
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	}
+
+	// no validation rules for TotalDroppedRequests
+
+	for idx, item := range m.GetDroppedRequests() {
+		_, _ = idx, item
+
+		if all {
+			switch v := interface{}(item).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, ClusterStatsValidationError{
+						field:  fmt.Sprintf("DroppedRequests[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, ClusterStatsValidationError{
+						field:  fmt.Sprintf("DroppedRequests[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(item).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return ClusterStatsValidationError{
+					field:  fmt.Sprintf("DroppedRequests[%v]", idx),
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	}
+
+	if all {
+		switch v := interface{}(m.GetLoadReportInterval()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, ClusterStatsValidationError{
+					field:  "LoadReportInterval",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, ClusterStatsValidationError{
+					field:  "LoadReportInterval",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetLoadReportInterval()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return ClusterStatsValidationError{
+				field:  "LoadReportInterval",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if len(errors) > 0 {
+		return ClusterStatsMultiError(errors)
+	}
+	return nil
+}
+
+// ClusterStatsMultiError is an error wrapping multiple validation errors
+// returned by ClusterStats.ValidateAll() if the designated constraints aren't met.
+type ClusterStatsMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m ClusterStatsMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m ClusterStatsMultiError) AllErrors() []error { return m }
+
+// ClusterStatsValidationError is the validation error returned by
+// ClusterStats.Validate if the designated constraints aren't met.
+type ClusterStatsValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e ClusterStatsValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e ClusterStatsValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e ClusterStatsValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e ClusterStatsValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e ClusterStatsValidationError) ErrorName() string { return "ClusterStatsValidationError" }
+
+// Error satisfies the builtin error interface
+func (e ClusterStatsValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sClusterStats.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = ClusterStatsValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = ClusterStatsValidationError{}
+
+// Validate checks the field values on ClusterStats_DroppedRequests with the
+// rules defined in the proto definition for this message. If any rules are
+// violated, the first error encountered is returned, or nil if there are no violations.
+func (m *ClusterStats_DroppedRequests) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on ClusterStats_DroppedRequests with the
+// rules defined in the proto definition for this message. If any rules are
+// violated, the result is a list of violation errors wrapped in
+// ClusterStats_DroppedRequestsMultiError, or nil if none found.
+func (m *ClusterStats_DroppedRequests) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *ClusterStats_DroppedRequests) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	if utf8.RuneCountInString(m.GetCategory()) < 1 {
+		err := ClusterStats_DroppedRequestsValidationError{
+			field:  "Category",
+			reason: "value length must be at least 1 runes",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+	}
+
+	// no validation rules for DroppedCount
+
+	if len(errors) > 0 {
+		return ClusterStats_DroppedRequestsMultiError(errors)
+	}
+	return nil
+}
+
+// ClusterStats_DroppedRequestsMultiError is an error wrapping multiple
+// validation errors returned by ClusterStats_DroppedRequests.ValidateAll() if
+// the designated constraints aren't met.
+type ClusterStats_DroppedRequestsMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m ClusterStats_DroppedRequestsMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m ClusterStats_DroppedRequestsMultiError) AllErrors() []error { return m }
+
+// ClusterStats_DroppedRequestsValidationError is the validation error returned
+// by ClusterStats_DroppedRequests.Validate if the designated constraints
+// aren't met.
+type ClusterStats_DroppedRequestsValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e ClusterStats_DroppedRequestsValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e ClusterStats_DroppedRequestsValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e ClusterStats_DroppedRequestsValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e ClusterStats_DroppedRequestsValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e ClusterStats_DroppedRequestsValidationError) ErrorName() string {
+	return "ClusterStats_DroppedRequestsValidationError"
+}
+
+// Error satisfies the builtin error interface
+func (e ClusterStats_DroppedRequestsValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sClusterStats_DroppedRequests.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = ClusterStats_DroppedRequestsValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = ClusterStats_DroppedRequestsValidationError{}
diff --git a/vendor/github.com/envoyproxy/go-control-plane/envoy/config/filter/accesslog/v2/accesslog.pb.go b/vendor/github.com/envoyproxy/go-control-plane/envoy/config/filter/accesslog/v2/accesslog.pb.go
new file mode 100644
index 00000000000..10729110800
--- /dev/null
+++ b/vendor/github.com/envoyproxy/go-control-plane/envoy/config/filter/accesslog/v2/accesslog.pb.go
@@ -0,0 +1,1691 @@
+// Code generated by protoc-gen-go. DO NOT EDIT.
+// versions:
+// 	protoc-gen-go v1.25.0
+// 	protoc        v3.19.1
+// source: envoy/config/filter/accesslog/v2/accesslog.proto
+
+package envoy_config_filter_accesslog_v2
+
+import (
+	_ "github.com/cncf/xds/go/udpa/annotations"
+	core "github.com/envoyproxy/go-control-plane/envoy/api/v2/core"
+	route "github.com/envoyproxy/go-control-plane/envoy/api/v2/route"
+	_type "github.com/envoyproxy/go-control-plane/envoy/type"
+	_ "github.com/envoyproxy/protoc-gen-validate/validate"
+	proto "github.com/golang/protobuf/proto"
+	any "github.com/golang/protobuf/ptypes/any"
+	_struct "github.com/golang/protobuf/ptypes/struct"
+	protoreflect "google.golang.org/protobuf/reflect/protoreflect"
+	protoimpl "google.golang.org/protobuf/runtime/protoimpl"
+	reflect "reflect"
+	sync "sync"
+)
+
+const (
+	// Verify that this generated code is sufficiently up-to-date.
+	_ = protoimpl.EnforceVersion(20 - protoimpl.MinVersion)
+	// Verify that runtime/protoimpl is sufficiently up-to-date.
+	_ = protoimpl.EnforceVersion(protoimpl.MaxVersion - 20)
+)
+
+// This is a compile-time assertion that a sufficiently up-to-date version
+// of the legacy proto package is being used.
+const _ = proto.ProtoPackageIsVersion4
+
+type ComparisonFilter_Op int32
+
+const (
+	// =
+	ComparisonFilter_EQ ComparisonFilter_Op = 0
+	// >=
+	ComparisonFilter_GE ComparisonFilter_Op = 1
+	// <=
+	ComparisonFilter_LE ComparisonFilter_Op = 2
+)
+
+// Enum value maps for ComparisonFilter_Op.
+var (
+	ComparisonFilter_Op_name = map[int32]string{
+		0: "EQ",
+		1: "GE",
+		2: "LE",
+	}
+	ComparisonFilter_Op_value = map[string]int32{
+		"EQ": 0,
+		"GE": 1,
+		"LE": 2,
+	}
+)
+
+func (x ComparisonFilter_Op) Enum() *ComparisonFilter_Op {
+	p := new(ComparisonFilter_Op)
+	*p = x
+	return p
+}
+
+func (x ComparisonFilter_Op) String() string {
+	return protoimpl.X.EnumStringOf(x.Descriptor(), protoreflect.EnumNumber(x))
+}
+
+func (ComparisonFilter_Op) Descriptor() protoreflect.EnumDescriptor {
+	return file_envoy_config_filter_accesslog_v2_accesslog_proto_enumTypes[0].Descriptor()
+}
+
+func (ComparisonFilter_Op) Type() protoreflect.EnumType {
+	return &file_envoy_config_filter_accesslog_v2_accesslog_proto_enumTypes[0]
+}
+
+func (x ComparisonFilter_Op) Number() protoreflect.EnumNumber {
+	return protoreflect.EnumNumber(x)
+}
+
+// Deprecated: Use ComparisonFilter_Op.Descriptor instead.
+func (ComparisonFilter_Op) EnumDescriptor() ([]byte, []int) {
+	return file_envoy_config_filter_accesslog_v2_accesslog_proto_rawDescGZIP(), []int{2, 0}
+}
+
+type GrpcStatusFilter_Status int32
+
+const (
+	GrpcStatusFilter_OK                  GrpcStatusFilter_Status = 0
+	GrpcStatusFilter_CANCELED            GrpcStatusFilter_Status = 1
+	GrpcStatusFilter_UNKNOWN             GrpcStatusFilter_Status = 2
+	GrpcStatusFilter_INVALID_ARGUMENT    GrpcStatusFilter_Status = 3
+	GrpcStatusFilter_DEADLINE_EXCEEDED   GrpcStatusFilter_Status = 4
+	GrpcStatusFilter_NOT_FOUND           GrpcStatusFilter_Status = 5
+	GrpcStatusFilter_ALREADY_EXISTS      GrpcStatusFilter_Status = 6
+	GrpcStatusFilter_PERMISSION_DENIED   GrpcStatusFilter_Status = 7
+	GrpcStatusFilter_RESOURCE_EXHAUSTED  GrpcStatusFilter_Status = 8
+	GrpcStatusFilter_FAILED_PRECONDITION GrpcStatusFilter_Status = 9
+	GrpcStatusFilter_ABORTED             GrpcStatusFilter_Status = 10
+	GrpcStatusFilter_OUT_OF_RANGE        GrpcStatusFilter_Status = 11
+	GrpcStatusFilter_UNIMPLEMENTED       GrpcStatusFilter_Status = 12
+	GrpcStatusFilter_INTERNAL            GrpcStatusFilter_Status = 13
+	GrpcStatusFilter_UNAVAILABLE         GrpcStatusFilter_Status = 14
+	GrpcStatusFilter_DATA_LOSS           GrpcStatusFilter_Status = 15
+	GrpcStatusFilter_UNAUTHENTICATED     GrpcStatusFilter_Status = 16
+)
+
+// Enum value maps for GrpcStatusFilter_Status.
+var (
+	GrpcStatusFilter_Status_name = map[int32]string{
+		0:  "OK",
+		1:  "CANCELED",
+		2:  "UNKNOWN",
+		3:  "INVALID_ARGUMENT",
+		4:  "DEADLINE_EXCEEDED",
+		5:  "NOT_FOUND",
+		6:  "ALREADY_EXISTS",
+		7:  "PERMISSION_DENIED",
+		8:  "RESOURCE_EXHAUSTED",
+		9:  "FAILED_PRECONDITION",
+		10: "ABORTED",
+		11: "OUT_OF_RANGE",
+		12: "UNIMPLEMENTED",
+		13: "INTERNAL",
+		14: "UNAVAILABLE",
+		15: "DATA_LOSS",
+		16: "UNAUTHENTICATED",
+	}
+	GrpcStatusFilter_Status_value = map[string]int32{
+		"OK":                  0,
+		"CANCELED":            1,
+		"UNKNOWN":             2,
+		"INVALID_ARGUMENT":    3,
+		"DEADLINE_EXCEEDED":   4,
+		"NOT_FOUND":           5,
+		"ALREADY_EXISTS":      6,
+		"PERMISSION_DENIED":   7,
+		"RESOURCE_EXHAUSTED":  8,
+		"FAILED_PRECONDITION": 9,
+		"ABORTED":             10,
+		"OUT_OF_RANGE":        11,
+		"UNIMPLEMENTED":       12,
+		"INTERNAL":            13,
+		"UNAVAILABLE":         14,
+		"DATA_LOSS":           15,
+		"UNAUTHENTICATED":     16,
+	}
+)
+
+func (x GrpcStatusFilter_Status) Enum() *GrpcStatusFilter_Status {
+	p := new(GrpcStatusFilter_Status)
+	*p = x
+	return p
+}
+
+func (x GrpcStatusFilter_Status) String() string {
+	return protoimpl.X.EnumStringOf(x.Descriptor(), protoreflect.EnumNumber(x))
+}
+
+func (GrpcStatusFilter_Status) Descriptor() protoreflect.EnumDescriptor {
+	return file_envoy_config_filter_accesslog_v2_accesslog_proto_enumTypes[1].Descriptor()
+}
+
+func (GrpcStatusFilter_Status) Type() protoreflect.EnumType {
+	return &file_envoy_config_filter_accesslog_v2_accesslog_proto_enumTypes[1]
+}
+
+func (x GrpcStatusFilter_Status) Number() protoreflect.EnumNumber {
+	return protoreflect.EnumNumber(x)
+}
+
+// Deprecated: Use GrpcStatusFilter_Status.Descriptor instead.
+func (GrpcStatusFilter_Status) EnumDescriptor() ([]byte, []int) {
+	return file_envoy_config_filter_accesslog_v2_accesslog_proto_rawDescGZIP(), []int{12, 0}
+}
+
+type AccessLog struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// The name of the access log implementation to instantiate. The name must
+	// match a statically registered access log. Current built-in loggers include:
+	//
+	// #. "envoy.access_loggers.file"
+	// #. "envoy.access_loggers.http_grpc"
+	// #. "envoy.access_loggers.tcp_grpc"
+	Name string `protobuf:"bytes,1,opt,name=name,proto3" json:"name,omitempty"`
+	// Filter which is used to determine if the access log needs to be written.
+	Filter *AccessLogFilter `protobuf:"bytes,2,opt,name=filter,proto3" json:"filter,omitempty"`
+	// Custom configuration that depends on the access log being instantiated. Built-in
+	// configurations include:
+	//
+	// #. "envoy.access_loggers.file": :ref:`FileAccessLog
+	//    <envoy_api_msg_config.accesslog.v2.FileAccessLog>`
+	// #. "envoy.access_loggers.http_grpc": :ref:`HttpGrpcAccessLogConfig
+	//    <envoy_api_msg_config.accesslog.v2.HttpGrpcAccessLogConfig>`
+	// #. "envoy.access_loggers.tcp_grpc": :ref:`TcpGrpcAccessLogConfig
+	//    <envoy_api_msg_config.accesslog.v2.TcpGrpcAccessLogConfig>`
+	//
+	// Types that are assignable to ConfigType:
+	//	*AccessLog_Config
+	//	*AccessLog_TypedConfig
+	ConfigType isAccessLog_ConfigType `protobuf_oneof:"config_type"`
+}
+
+func (x *AccessLog) Reset() {
+	*x = AccessLog{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_config_filter_accesslog_v2_accesslog_proto_msgTypes[0]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *AccessLog) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*AccessLog) ProtoMessage() {}
+
+func (x *AccessLog) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_config_filter_accesslog_v2_accesslog_proto_msgTypes[0]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use AccessLog.ProtoReflect.Descriptor instead.
+func (*AccessLog) Descriptor() ([]byte, []int) {
+	return file_envoy_config_filter_accesslog_v2_accesslog_proto_rawDescGZIP(), []int{0}
+}
+
+func (x *AccessLog) GetName() string {
+	if x != nil {
+		return x.Name
+	}
+	return ""
+}
+
+func (x *AccessLog) GetFilter() *AccessLogFilter {
+	if x != nil {
+		return x.Filter
+	}
+	return nil
+}
+
+func (m *AccessLog) GetConfigType() isAccessLog_ConfigType {
+	if m != nil {
+		return m.ConfigType
+	}
+	return nil
+}
+
+// Deprecated: Do not use.
+func (x *AccessLog) GetConfig() *_struct.Struct {
+	if x, ok := x.GetConfigType().(*AccessLog_Config); ok {
+		return x.Config
+	}
+	return nil
+}
+
+func (x *AccessLog) GetTypedConfig() *any.Any {
+	if x, ok := x.GetConfigType().(*AccessLog_TypedConfig); ok {
+		return x.TypedConfig
+	}
+	return nil
+}
+
+type isAccessLog_ConfigType interface {
+	isAccessLog_ConfigType()
+}
+
+type AccessLog_Config struct {
+	// Deprecated: Do not use.
+	Config *_struct.Struct `protobuf:"bytes,3,opt,name=config,proto3,oneof"`
+}
+
+type AccessLog_TypedConfig struct {
+	TypedConfig *any.Any `protobuf:"bytes,4,opt,name=typed_config,json=typedConfig,proto3,oneof"`
+}
+
+func (*AccessLog_Config) isAccessLog_ConfigType() {}
+
+func (*AccessLog_TypedConfig) isAccessLog_ConfigType() {}
+
+// [#next-free-field: 12]
+type AccessLogFilter struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// Types that are assignable to FilterSpecifier:
+	//	*AccessLogFilter_StatusCodeFilter
+	//	*AccessLogFilter_DurationFilter
+	//	*AccessLogFilter_NotHealthCheckFilter
+	//	*AccessLogFilter_TraceableFilter
+	//	*AccessLogFilter_RuntimeFilter
+	//	*AccessLogFilter_AndFilter
+	//	*AccessLogFilter_OrFilter
+	//	*AccessLogFilter_HeaderFilter
+	//	*AccessLogFilter_ResponseFlagFilter
+	//	*AccessLogFilter_GrpcStatusFilter
+	//	*AccessLogFilter_ExtensionFilter
+	FilterSpecifier isAccessLogFilter_FilterSpecifier `protobuf_oneof:"filter_specifier"`
+}
+
+func (x *AccessLogFilter) Reset() {
+	*x = AccessLogFilter{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_config_filter_accesslog_v2_accesslog_proto_msgTypes[1]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *AccessLogFilter) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*AccessLogFilter) ProtoMessage() {}
+
+func (x *AccessLogFilter) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_config_filter_accesslog_v2_accesslog_proto_msgTypes[1]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use AccessLogFilter.ProtoReflect.Descriptor instead.
+func (*AccessLogFilter) Descriptor() ([]byte, []int) {
+	return file_envoy_config_filter_accesslog_v2_accesslog_proto_rawDescGZIP(), []int{1}
+}
+
+func (m *AccessLogFilter) GetFilterSpecifier() isAccessLogFilter_FilterSpecifier {
+	if m != nil {
+		return m.FilterSpecifier
+	}
+	return nil
+}
+
+func (x *AccessLogFilter) GetStatusCodeFilter() *StatusCodeFilter {
+	if x, ok := x.GetFilterSpecifier().(*AccessLogFilter_StatusCodeFilter); ok {
+		return x.StatusCodeFilter
+	}
+	return nil
+}
+
+func (x *AccessLogFilter) GetDurationFilter() *DurationFilter {
+	if x, ok := x.GetFilterSpecifier().(*AccessLogFilter_DurationFilter); ok {
+		return x.DurationFilter
+	}
+	return nil
+}
+
+func (x *AccessLogFilter) GetNotHealthCheckFilter() *NotHealthCheckFilter {
+	if x, ok := x.GetFilterSpecifier().(*AccessLogFilter_NotHealthCheckFilter); ok {
+		return x.NotHealthCheckFilter
+	}
+	return nil
+}
+
+func (x *AccessLogFilter) GetTraceableFilter() *TraceableFilter {
+	if x, ok := x.GetFilterSpecifier().(*AccessLogFilter_TraceableFilter); ok {
+		return x.TraceableFilter
+	}
+	return nil
+}
+
+func (x *AccessLogFilter) GetRuntimeFilter() *RuntimeFilter {
+	if x, ok := x.GetFilterSpecifier().(*AccessLogFilter_RuntimeFilter); ok {
+		return x.RuntimeFilter
+	}
+	return nil
+}
+
+func (x *AccessLogFilter) GetAndFilter() *AndFilter {
+	if x, ok := x.GetFilterSpecifier().(*AccessLogFilter_AndFilter); ok {
+		return x.AndFilter
+	}
+	return nil
+}
+
+func (x *AccessLogFilter) GetOrFilter() *OrFilter {
+	if x, ok := x.GetFilterSpecifier().(*AccessLogFilter_OrFilter); ok {
+		return x.OrFilter
+	}
+	return nil
+}
+
+func (x *AccessLogFilter) GetHeaderFilter() *HeaderFilter {
+	if x, ok := x.GetFilterSpecifier().(*AccessLogFilter_HeaderFilter); ok {
+		return x.HeaderFilter
+	}
+	return nil
+}
+
+func (x *AccessLogFilter) GetResponseFlagFilter() *ResponseFlagFilter {
+	if x, ok := x.GetFilterSpecifier().(*AccessLogFilter_ResponseFlagFilter); ok {
+		return x.ResponseFlagFilter
+	}
+	return nil
+}
+
+func (x *AccessLogFilter) GetGrpcStatusFilter() *GrpcStatusFilter {
+	if x, ok := x.GetFilterSpecifier().(*AccessLogFilter_GrpcStatusFilter); ok {
+		return x.GrpcStatusFilter
+	}
+	return nil
+}
+
+func (x *AccessLogFilter) GetExtensionFilter() *ExtensionFilter {
+	if x, ok := x.GetFilterSpecifier().(*AccessLogFilter_ExtensionFilter); ok {
+		return x.ExtensionFilter
+	}
+	return nil
+}
+
+type isAccessLogFilter_FilterSpecifier interface {
+	isAccessLogFilter_FilterSpecifier()
+}
+
+type AccessLogFilter_StatusCodeFilter struct {
+	// Status code filter.
+	StatusCodeFilter *StatusCodeFilter `protobuf:"bytes,1,opt,name=status_code_filter,json=statusCodeFilter,proto3,oneof"`
+}
+
+type AccessLogFilter_DurationFilter struct {
+	// Duration filter.
+	DurationFilter *DurationFilter `protobuf:"bytes,2,opt,name=duration_filter,json=durationFilter,proto3,oneof"`
+}
+
+type AccessLogFilter_NotHealthCheckFilter struct {
+	// Not health check filter.
+	NotHealthCheckFilter *NotHealthCheckFilter `protobuf:"bytes,3,opt,name=not_health_check_filter,json=notHealthCheckFilter,proto3,oneof"`
+}
+
+type AccessLogFilter_TraceableFilter struct {
+	// Traceable filter.
+	TraceableFilter *TraceableFilter `protobuf:"bytes,4,opt,name=traceable_filter,json=traceableFilter,proto3,oneof"`
+}
+
+type AccessLogFilter_RuntimeFilter struct {
+	// Runtime filter.
+	RuntimeFilter *RuntimeFilter `protobuf:"bytes,5,opt,name=runtime_filter,json=runtimeFilter,proto3,oneof"`
+}
+
+type AccessLogFilter_AndFilter struct {
+	// And filter.
+	AndFilter *AndFilter `protobuf:"bytes,6,opt,name=and_filter,json=andFilter,proto3,oneof"`
+}
+
+type AccessLogFilter_OrFilter struct {
+	// Or filter.
+	OrFilter *OrFilter `protobuf:"bytes,7,opt,name=or_filter,json=orFilter,proto3,oneof"`
+}
+
+type AccessLogFilter_HeaderFilter struct {
+	// Header filter.
+	HeaderFilter *HeaderFilter `protobuf:"bytes,8,opt,name=header_filter,json=headerFilter,proto3,oneof"`
+}
+
+type AccessLogFilter_ResponseFlagFilter struct {
+	// Response flag filter.
+	ResponseFlagFilter *ResponseFlagFilter `protobuf:"bytes,9,opt,name=response_flag_filter,json=responseFlagFilter,proto3,oneof"`
+}
+
+type AccessLogFilter_GrpcStatusFilter struct {
+	// gRPC status filter.
+	GrpcStatusFilter *GrpcStatusFilter `protobuf:"bytes,10,opt,name=grpc_status_filter,json=grpcStatusFilter,proto3,oneof"`
+}
+
+type AccessLogFilter_ExtensionFilter struct {
+	// Extension filter.
+	ExtensionFilter *ExtensionFilter `protobuf:"bytes,11,opt,name=extension_filter,json=extensionFilter,proto3,oneof"`
+}
+
+func (*AccessLogFilter_StatusCodeFilter) isAccessLogFilter_FilterSpecifier() {}
+
+func (*AccessLogFilter_DurationFilter) isAccessLogFilter_FilterSpecifier() {}
+
+func (*AccessLogFilter_NotHealthCheckFilter) isAccessLogFilter_FilterSpecifier() {}
+
+func (*AccessLogFilter_TraceableFilter) isAccessLogFilter_FilterSpecifier() {}
+
+func (*AccessLogFilter_RuntimeFilter) isAccessLogFilter_FilterSpecifier() {}
+
+func (*AccessLogFilter_AndFilter) isAccessLogFilter_FilterSpecifier() {}
+
+func (*AccessLogFilter_OrFilter) isAccessLogFilter_FilterSpecifier() {}
+
+func (*AccessLogFilter_HeaderFilter) isAccessLogFilter_FilterSpecifier() {}
+
+func (*AccessLogFilter_ResponseFlagFilter) isAccessLogFilter_FilterSpecifier() {}
+
+func (*AccessLogFilter_GrpcStatusFilter) isAccessLogFilter_FilterSpecifier() {}
+
+func (*AccessLogFilter_ExtensionFilter) isAccessLogFilter_FilterSpecifier() {}
+
+// Filter on an integer comparison.
+type ComparisonFilter struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// Comparison operator.
+	Op ComparisonFilter_Op `protobuf:"varint,1,opt,name=op,proto3,enum=envoy.config.filter.accesslog.v2.ComparisonFilter_Op" json:"op,omitempty"`
+	// Value to compare against.
+	Value *core.RuntimeUInt32 `protobuf:"bytes,2,opt,name=value,proto3" json:"value,omitempty"`
+}
+
+func (x *ComparisonFilter) Reset() {
+	*x = ComparisonFilter{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_config_filter_accesslog_v2_accesslog_proto_msgTypes[2]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *ComparisonFilter) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*ComparisonFilter) ProtoMessage() {}
+
+func (x *ComparisonFilter) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_config_filter_accesslog_v2_accesslog_proto_msgTypes[2]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use ComparisonFilter.ProtoReflect.Descriptor instead.
+func (*ComparisonFilter) Descriptor() ([]byte, []int) {
+	return file_envoy_config_filter_accesslog_v2_accesslog_proto_rawDescGZIP(), []int{2}
+}
+
+func (x *ComparisonFilter) GetOp() ComparisonFilter_Op {
+	if x != nil {
+		return x.Op
+	}
+	return ComparisonFilter_EQ
+}
+
+func (x *ComparisonFilter) GetValue() *core.RuntimeUInt32 {
+	if x != nil {
+		return x.Value
+	}
+	return nil
+}
+
+// Filters on HTTP response/status code.
+type StatusCodeFilter struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// Comparison.
+	Comparison *ComparisonFilter `protobuf:"bytes,1,opt,name=comparison,proto3" json:"comparison,omitempty"`
+}
+
+func (x *StatusCodeFilter) Reset() {
+	*x = StatusCodeFilter{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_config_filter_accesslog_v2_accesslog_proto_msgTypes[3]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *StatusCodeFilter) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*StatusCodeFilter) ProtoMessage() {}
+
+func (x *StatusCodeFilter) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_config_filter_accesslog_v2_accesslog_proto_msgTypes[3]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use StatusCodeFilter.ProtoReflect.Descriptor instead.
+func (*StatusCodeFilter) Descriptor() ([]byte, []int) {
+	return file_envoy_config_filter_accesslog_v2_accesslog_proto_rawDescGZIP(), []int{3}
+}
+
+func (x *StatusCodeFilter) GetComparison() *ComparisonFilter {
+	if x != nil {
+		return x.Comparison
+	}
+	return nil
+}
+
+// Filters on total request duration in milliseconds.
+type DurationFilter struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// Comparison.
+	Comparison *ComparisonFilter `protobuf:"bytes,1,opt,name=comparison,proto3" json:"comparison,omitempty"`
+}
+
+func (x *DurationFilter) Reset() {
+	*x = DurationFilter{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_config_filter_accesslog_v2_accesslog_proto_msgTypes[4]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *DurationFilter) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*DurationFilter) ProtoMessage() {}
+
+func (x *DurationFilter) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_config_filter_accesslog_v2_accesslog_proto_msgTypes[4]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use DurationFilter.ProtoReflect.Descriptor instead.
+func (*DurationFilter) Descriptor() ([]byte, []int) {
+	return file_envoy_config_filter_accesslog_v2_accesslog_proto_rawDescGZIP(), []int{4}
+}
+
+func (x *DurationFilter) GetComparison() *ComparisonFilter {
+	if x != nil {
+		return x.Comparison
+	}
+	return nil
+}
+
+// Filters for requests that are not health check requests. A health check
+// request is marked by the health check filter.
+type NotHealthCheckFilter struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+}
+
+func (x *NotHealthCheckFilter) Reset() {
+	*x = NotHealthCheckFilter{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_config_filter_accesslog_v2_accesslog_proto_msgTypes[5]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *NotHealthCheckFilter) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*NotHealthCheckFilter) ProtoMessage() {}
+
+func (x *NotHealthCheckFilter) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_config_filter_accesslog_v2_accesslog_proto_msgTypes[5]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use NotHealthCheckFilter.ProtoReflect.Descriptor instead.
+func (*NotHealthCheckFilter) Descriptor() ([]byte, []int) {
+	return file_envoy_config_filter_accesslog_v2_accesslog_proto_rawDescGZIP(), []int{5}
+}
+
+// Filters for requests that are traceable. See the tracing overview for more
+// information on how a request becomes traceable.
+type TraceableFilter struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+}
+
+func (x *TraceableFilter) Reset() {
+	*x = TraceableFilter{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_config_filter_accesslog_v2_accesslog_proto_msgTypes[6]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *TraceableFilter) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*TraceableFilter) ProtoMessage() {}
+
+func (x *TraceableFilter) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_config_filter_accesslog_v2_accesslog_proto_msgTypes[6]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use TraceableFilter.ProtoReflect.Descriptor instead.
+func (*TraceableFilter) Descriptor() ([]byte, []int) {
+	return file_envoy_config_filter_accesslog_v2_accesslog_proto_rawDescGZIP(), []int{6}
+}
+
+// Filters for random sampling of requests.
+type RuntimeFilter struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// Runtime key to get an optional overridden numerator for use in the *percent_sampled* field.
+	// If found in runtime, this value will replace the default numerator.
+	RuntimeKey string `protobuf:"bytes,1,opt,name=runtime_key,json=runtimeKey,proto3" json:"runtime_key,omitempty"`
+	// The default sampling percentage. If not specified, defaults to 0% with denominator of 100.
+	PercentSampled *_type.FractionalPercent `protobuf:"bytes,2,opt,name=percent_sampled,json=percentSampled,proto3" json:"percent_sampled,omitempty"`
+	// By default, sampling pivots on the header
+	// :ref:`x-request-id<config_http_conn_man_headers_x-request-id>` being present. If
+	// :ref:`x-request-id<config_http_conn_man_headers_x-request-id>` is present, the filter will
+	// consistently sample across multiple hosts based on the runtime key value and the value
+	// extracted from :ref:`x-request-id<config_http_conn_man_headers_x-request-id>`. If it is
+	// missing, or *use_independent_randomness* is set to true, the filter will randomly sample based
+	// on the runtime key value alone. *use_independent_randomness* can be used for logging kill
+	// switches within complex nested :ref:`AndFilter
+	// <envoy_api_msg_config.filter.accesslog.v2.AndFilter>` and :ref:`OrFilter
+	// <envoy_api_msg_config.filter.accesslog.v2.OrFilter>` blocks that are easier to reason about
+	// from a probability perspective (i.e., setting to true will cause the filter to behave like
+	// an independent random variable when composed within logical operator filters).
+	UseIndependentRandomness bool `protobuf:"varint,3,opt,name=use_independent_randomness,json=useIndependentRandomness,proto3" json:"use_independent_randomness,omitempty"`
+}
+
+func (x *RuntimeFilter) Reset() {
+	*x = RuntimeFilter{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_config_filter_accesslog_v2_accesslog_proto_msgTypes[7]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *RuntimeFilter) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*RuntimeFilter) ProtoMessage() {}
+
+func (x *RuntimeFilter) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_config_filter_accesslog_v2_accesslog_proto_msgTypes[7]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use RuntimeFilter.ProtoReflect.Descriptor instead.
+func (*RuntimeFilter) Descriptor() ([]byte, []int) {
+	return file_envoy_config_filter_accesslog_v2_accesslog_proto_rawDescGZIP(), []int{7}
+}
+
+func (x *RuntimeFilter) GetRuntimeKey() string {
+	if x != nil {
+		return x.RuntimeKey
+	}
+	return ""
+}
+
+func (x *RuntimeFilter) GetPercentSampled() *_type.FractionalPercent {
+	if x != nil {
+		return x.PercentSampled
+	}
+	return nil
+}
+
+func (x *RuntimeFilter) GetUseIndependentRandomness() bool {
+	if x != nil {
+		return x.UseIndependentRandomness
+	}
+	return false
+}
+
+// Performs a logical “and” operation on the result of each filter in filters.
+// Filters are evaluated sequentially and if one of them returns false, the
+// filter returns false immediately.
+type AndFilter struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	Filters []*AccessLogFilter `protobuf:"bytes,1,rep,name=filters,proto3" json:"filters,omitempty"`
+}
+
+func (x *AndFilter) Reset() {
+	*x = AndFilter{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_config_filter_accesslog_v2_accesslog_proto_msgTypes[8]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *AndFilter) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*AndFilter) ProtoMessage() {}
+
+func (x *AndFilter) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_config_filter_accesslog_v2_accesslog_proto_msgTypes[8]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use AndFilter.ProtoReflect.Descriptor instead.
+func (*AndFilter) Descriptor() ([]byte, []int) {
+	return file_envoy_config_filter_accesslog_v2_accesslog_proto_rawDescGZIP(), []int{8}
+}
+
+func (x *AndFilter) GetFilters() []*AccessLogFilter {
+	if x != nil {
+		return x.Filters
+	}
+	return nil
+}
+
+// Performs a logical “or” operation on the result of each individual filter.
+// Filters are evaluated sequentially and if one of them returns true, the
+// filter returns true immediately.
+type OrFilter struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	Filters []*AccessLogFilter `protobuf:"bytes,2,rep,name=filters,proto3" json:"filters,omitempty"`
+}
+
+func (x *OrFilter) Reset() {
+	*x = OrFilter{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_config_filter_accesslog_v2_accesslog_proto_msgTypes[9]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *OrFilter) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*OrFilter) ProtoMessage() {}
+
+func (x *OrFilter) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_config_filter_accesslog_v2_accesslog_proto_msgTypes[9]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use OrFilter.ProtoReflect.Descriptor instead.
+func (*OrFilter) Descriptor() ([]byte, []int) {
+	return file_envoy_config_filter_accesslog_v2_accesslog_proto_rawDescGZIP(), []int{9}
+}
+
+func (x *OrFilter) GetFilters() []*AccessLogFilter {
+	if x != nil {
+		return x.Filters
+	}
+	return nil
+}
+
+// Filters requests based on the presence or value of a request header.
+type HeaderFilter struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// Only requests with a header which matches the specified HeaderMatcher will pass the filter
+	// check.
+	Header *route.HeaderMatcher `protobuf:"bytes,1,opt,name=header,proto3" json:"header,omitempty"`
+}
+
+func (x *HeaderFilter) Reset() {
+	*x = HeaderFilter{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_config_filter_accesslog_v2_accesslog_proto_msgTypes[10]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *HeaderFilter) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*HeaderFilter) ProtoMessage() {}
+
+func (x *HeaderFilter) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_config_filter_accesslog_v2_accesslog_proto_msgTypes[10]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use HeaderFilter.ProtoReflect.Descriptor instead.
+func (*HeaderFilter) Descriptor() ([]byte, []int) {
+	return file_envoy_config_filter_accesslog_v2_accesslog_proto_rawDescGZIP(), []int{10}
+}
+
+func (x *HeaderFilter) GetHeader() *route.HeaderMatcher {
+	if x != nil {
+		return x.Header
+	}
+	return nil
+}
+
+// Filters requests that received responses with an Envoy response flag set.
+// A list of the response flags can be found
+// in the access log formatter :ref:`documentation<config_access_log_format_response_flags>`.
+type ResponseFlagFilter struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// Only responses with the any of the flags listed in this field will be logged.
+	// This field is optional. If it is not specified, then any response flag will pass
+	// the filter check.
+	Flags []string `protobuf:"bytes,1,rep,name=flags,proto3" json:"flags,omitempty"`
+}
+
+func (x *ResponseFlagFilter) Reset() {
+	*x = ResponseFlagFilter{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_config_filter_accesslog_v2_accesslog_proto_msgTypes[11]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *ResponseFlagFilter) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*ResponseFlagFilter) ProtoMessage() {}
+
+func (x *ResponseFlagFilter) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_config_filter_accesslog_v2_accesslog_proto_msgTypes[11]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use ResponseFlagFilter.ProtoReflect.Descriptor instead.
+func (*ResponseFlagFilter) Descriptor() ([]byte, []int) {
+	return file_envoy_config_filter_accesslog_v2_accesslog_proto_rawDescGZIP(), []int{11}
+}
+
+func (x *ResponseFlagFilter) GetFlags() []string {
+	if x != nil {
+		return x.Flags
+	}
+	return nil
+}
+
+// Filters gRPC requests based on their response status. If a gRPC status is not provided, the
+// filter will infer the status from the HTTP status code.
+type GrpcStatusFilter struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// Logs only responses that have any one of the gRPC statuses in this field.
+	Statuses []GrpcStatusFilter_Status `protobuf:"varint,1,rep,packed,name=statuses,proto3,enum=envoy.config.filter.accesslog.v2.GrpcStatusFilter_Status" json:"statuses,omitempty"`
+	// If included and set to true, the filter will instead block all responses with a gRPC status or
+	// inferred gRPC status enumerated in statuses, and allow all other responses.
+	Exclude bool `protobuf:"varint,2,opt,name=exclude,proto3" json:"exclude,omitempty"`
+}
+
+func (x *GrpcStatusFilter) Reset() {
+	*x = GrpcStatusFilter{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_config_filter_accesslog_v2_accesslog_proto_msgTypes[12]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *GrpcStatusFilter) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*GrpcStatusFilter) ProtoMessage() {}
+
+func (x *GrpcStatusFilter) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_config_filter_accesslog_v2_accesslog_proto_msgTypes[12]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use GrpcStatusFilter.ProtoReflect.Descriptor instead.
+func (*GrpcStatusFilter) Descriptor() ([]byte, []int) {
+	return file_envoy_config_filter_accesslog_v2_accesslog_proto_rawDescGZIP(), []int{12}
+}
+
+func (x *GrpcStatusFilter) GetStatuses() []GrpcStatusFilter_Status {
+	if x != nil {
+		return x.Statuses
+	}
+	return nil
+}
+
+func (x *GrpcStatusFilter) GetExclude() bool {
+	if x != nil {
+		return x.Exclude
+	}
+	return false
+}
+
+// Extension filter is statically registered at runtime.
+type ExtensionFilter struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// The name of the filter implementation to instantiate. The name must
+	// match a statically registered filter.
+	Name string `protobuf:"bytes,1,opt,name=name,proto3" json:"name,omitempty"`
+	// Custom configuration that depends on the filter being instantiated.
+	//
+	// Types that are assignable to ConfigType:
+	//	*ExtensionFilter_Config
+	//	*ExtensionFilter_TypedConfig
+	ConfigType isExtensionFilter_ConfigType `protobuf_oneof:"config_type"`
+}
+
+func (x *ExtensionFilter) Reset() {
+	*x = ExtensionFilter{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_config_filter_accesslog_v2_accesslog_proto_msgTypes[13]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *ExtensionFilter) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*ExtensionFilter) ProtoMessage() {}
+
+func (x *ExtensionFilter) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_config_filter_accesslog_v2_accesslog_proto_msgTypes[13]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use ExtensionFilter.ProtoReflect.Descriptor instead.
+func (*ExtensionFilter) Descriptor() ([]byte, []int) {
+	return file_envoy_config_filter_accesslog_v2_accesslog_proto_rawDescGZIP(), []int{13}
+}
+
+func (x *ExtensionFilter) GetName() string {
+	if x != nil {
+		return x.Name
+	}
+	return ""
+}
+
+func (m *ExtensionFilter) GetConfigType() isExtensionFilter_ConfigType {
+	if m != nil {
+		return m.ConfigType
+	}
+	return nil
+}
+
+// Deprecated: Do not use.
+func (x *ExtensionFilter) GetConfig() *_struct.Struct {
+	if x, ok := x.GetConfigType().(*ExtensionFilter_Config); ok {
+		return x.Config
+	}
+	return nil
+}
+
+func (x *ExtensionFilter) GetTypedConfig() *any.Any {
+	if x, ok := x.GetConfigType().(*ExtensionFilter_TypedConfig); ok {
+		return x.TypedConfig
+	}
+	return nil
+}
+
+type isExtensionFilter_ConfigType interface {
+	isExtensionFilter_ConfigType()
+}
+
+type ExtensionFilter_Config struct {
+	// Deprecated: Do not use.
+	Config *_struct.Struct `protobuf:"bytes,2,opt,name=config,proto3,oneof"`
+}
+
+type ExtensionFilter_TypedConfig struct {
+	TypedConfig *any.Any `protobuf:"bytes,3,opt,name=typed_config,json=typedConfig,proto3,oneof"`
+}
+
+func (*ExtensionFilter_Config) isExtensionFilter_ConfigType() {}
+
+func (*ExtensionFilter_TypedConfig) isExtensionFilter_ConfigType() {}
+
+var File_envoy_config_filter_accesslog_v2_accesslog_proto protoreflect.FileDescriptor
+
+var file_envoy_config_filter_accesslog_v2_accesslog_proto_rawDesc = []byte{
+	0x0a, 0x30, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2f, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2f, 0x66,
+	0x69, 0x6c, 0x74, 0x65, 0x72, 0x2f, 0x61, 0x63, 0x63, 0x65, 0x73, 0x73, 0x6c, 0x6f, 0x67, 0x2f,
+	0x76, 0x32, 0x2f, 0x61, 0x63, 0x63, 0x65, 0x73, 0x73, 0x6c, 0x6f, 0x67, 0x2e, 0x70, 0x72, 0x6f,
+	0x74, 0x6f, 0x12, 0x20, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67,
+	0x2e, 0x66, 0x69, 0x6c, 0x74, 0x65, 0x72, 0x2e, 0x61, 0x63, 0x63, 0x65, 0x73, 0x73, 0x6c, 0x6f,
+	0x67, 0x2e, 0x76, 0x32, 0x1a, 0x1c, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2f, 0x61, 0x70, 0x69, 0x2f,
+	0x76, 0x32, 0x2f, 0x63, 0x6f, 0x72, 0x65, 0x2f, 0x62, 0x61, 0x73, 0x65, 0x2e, 0x70, 0x72, 0x6f,
+	0x74, 0x6f, 0x1a, 0x29, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2f, 0x61, 0x70, 0x69, 0x2f, 0x76, 0x32,
+	0x2f, 0x72, 0x6f, 0x75, 0x74, 0x65, 0x2f, 0x72, 0x6f, 0x75, 0x74, 0x65, 0x5f, 0x63, 0x6f, 0x6d,
+	0x70, 0x6f, 0x6e, 0x65, 0x6e, 0x74, 0x73, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x18, 0x65,
+	0x6e, 0x76, 0x6f, 0x79, 0x2f, 0x74, 0x79, 0x70, 0x65, 0x2f, 0x70, 0x65, 0x72, 0x63, 0x65, 0x6e,
+	0x74, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x19, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2f,
+	0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2f, 0x61, 0x6e, 0x79, 0x2e, 0x70, 0x72, 0x6f,
+	0x74, 0x6f, 0x1a, 0x1c, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2f, 0x70, 0x72, 0x6f, 0x74, 0x6f,
+	0x62, 0x75, 0x66, 0x2f, 0x73, 0x74, 0x72, 0x75, 0x63, 0x74, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f,
+	0x1a, 0x1e, 0x75, 0x64, 0x70, 0x61, 0x2f, 0x61, 0x6e, 0x6e, 0x6f, 0x74, 0x61, 0x74, 0x69, 0x6f,
+	0x6e, 0x73, 0x2f, 0x6d, 0x69, 0x67, 0x72, 0x61, 0x74, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f,
+	0x1a, 0x1d, 0x75, 0x64, 0x70, 0x61, 0x2f, 0x61, 0x6e, 0x6e, 0x6f, 0x74, 0x61, 0x74, 0x69, 0x6f,
+	0x6e, 0x73, 0x2f, 0x73, 0x74, 0x61, 0x74, 0x75, 0x73, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a,
+	0x17, 0x76, 0x61, 0x6c, 0x69, 0x64, 0x61, 0x74, 0x65, 0x2f, 0x76, 0x61, 0x6c, 0x69, 0x64, 0x61,
+	0x74, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x22, 0xeb, 0x01, 0x0a, 0x09, 0x41, 0x63, 0x63,
+	0x65, 0x73, 0x73, 0x4c, 0x6f, 0x67, 0x12, 0x12, 0x0a, 0x04, 0x6e, 0x61, 0x6d, 0x65, 0x18, 0x01,
+	0x20, 0x01, 0x28, 0x09, 0x52, 0x04, 0x6e, 0x61, 0x6d, 0x65, 0x12, 0x49, 0x0a, 0x06, 0x66, 0x69,
+	0x6c, 0x74, 0x65, 0x72, 0x18, 0x02, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x31, 0x2e, 0x65, 0x6e, 0x76,
+	0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x66, 0x69, 0x6c, 0x74, 0x65, 0x72,
+	0x2e, 0x61, 0x63, 0x63, 0x65, 0x73, 0x73, 0x6c, 0x6f, 0x67, 0x2e, 0x76, 0x32, 0x2e, 0x41, 0x63,
+	0x63, 0x65, 0x73, 0x73, 0x4c, 0x6f, 0x67, 0x46, 0x69, 0x6c, 0x74, 0x65, 0x72, 0x52, 0x06, 0x66,
+	0x69, 0x6c, 0x74, 0x65, 0x72, 0x12, 0x35, 0x0a, 0x06, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x18,
+	0x03, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x17, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70,
+	0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x53, 0x74, 0x72, 0x75, 0x63, 0x74, 0x42, 0x02,
+	0x18, 0x01, 0x48, 0x00, 0x52, 0x06, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x12, 0x39, 0x0a, 0x0c,
+	0x74, 0x79, 0x70, 0x65, 0x64, 0x5f, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x18, 0x04, 0x20, 0x01,
+	0x28, 0x0b, 0x32, 0x14, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74,
+	0x6f, 0x62, 0x75, 0x66, 0x2e, 0x41, 0x6e, 0x79, 0x48, 0x00, 0x52, 0x0b, 0x74, 0x79, 0x70, 0x65,
+	0x64, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x42, 0x0d, 0x0a, 0x0b, 0x63, 0x6f, 0x6e, 0x66, 0x69,
+	0x67, 0x5f, 0x74, 0x79, 0x70, 0x65, 0x22, 0xb4, 0x08, 0x0a, 0x0f, 0x41, 0x63, 0x63, 0x65, 0x73,
+	0x73, 0x4c, 0x6f, 0x67, 0x46, 0x69, 0x6c, 0x74, 0x65, 0x72, 0x12, 0x62, 0x0a, 0x12, 0x73, 0x74,
+	0x61, 0x74, 0x75, 0x73, 0x5f, 0x63, 0x6f, 0x64, 0x65, 0x5f, 0x66, 0x69, 0x6c, 0x74, 0x65, 0x72,
+	0x18, 0x01, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x32, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63,
+	0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x66, 0x69, 0x6c, 0x74, 0x65, 0x72, 0x2e, 0x61, 0x63, 0x63,
+	0x65, 0x73, 0x73, 0x6c, 0x6f, 0x67, 0x2e, 0x76, 0x32, 0x2e, 0x53, 0x74, 0x61, 0x74, 0x75, 0x73,
+	0x43, 0x6f, 0x64, 0x65, 0x46, 0x69, 0x6c, 0x74, 0x65, 0x72, 0x48, 0x00, 0x52, 0x10, 0x73, 0x74,
+	0x61, 0x74, 0x75, 0x73, 0x43, 0x6f, 0x64, 0x65, 0x46, 0x69, 0x6c, 0x74, 0x65, 0x72, 0x12, 0x5b,
+	0x0a, 0x0f, 0x64, 0x75, 0x72, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x5f, 0x66, 0x69, 0x6c, 0x74, 0x65,
+	0x72, 0x18, 0x02, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x30, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e,
+	0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x66, 0x69, 0x6c, 0x74, 0x65, 0x72, 0x2e, 0x61, 0x63,
+	0x63, 0x65, 0x73, 0x73, 0x6c, 0x6f, 0x67, 0x2e, 0x76, 0x32, 0x2e, 0x44, 0x75, 0x72, 0x61, 0x74,
+	0x69, 0x6f, 0x6e, 0x46, 0x69, 0x6c, 0x74, 0x65, 0x72, 0x48, 0x00, 0x52, 0x0e, 0x64, 0x75, 0x72,
+	0x61, 0x74, 0x69, 0x6f, 0x6e, 0x46, 0x69, 0x6c, 0x74, 0x65, 0x72, 0x12, 0x6f, 0x0a, 0x17, 0x6e,
+	0x6f, 0x74, 0x5f, 0x68, 0x65, 0x61, 0x6c, 0x74, 0x68, 0x5f, 0x63, 0x68, 0x65, 0x63, 0x6b, 0x5f,
+	0x66, 0x69, 0x6c, 0x74, 0x65, 0x72, 0x18, 0x03, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x36, 0x2e, 0x65,
+	0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x66, 0x69, 0x6c, 0x74,
+	0x65, 0x72, 0x2e, 0x61, 0x63, 0x63, 0x65, 0x73, 0x73, 0x6c, 0x6f, 0x67, 0x2e, 0x76, 0x32, 0x2e,
+	0x4e, 0x6f, 0x74, 0x48, 0x65, 0x61, 0x6c, 0x74, 0x68, 0x43, 0x68, 0x65, 0x63, 0x6b, 0x46, 0x69,
+	0x6c, 0x74, 0x65, 0x72, 0x48, 0x00, 0x52, 0x14, 0x6e, 0x6f, 0x74, 0x48, 0x65, 0x61, 0x6c, 0x74,
+	0x68, 0x43, 0x68, 0x65, 0x63, 0x6b, 0x46, 0x69, 0x6c, 0x74, 0x65, 0x72, 0x12, 0x5e, 0x0a, 0x10,
+	0x74, 0x72, 0x61, 0x63, 0x65, 0x61, 0x62, 0x6c, 0x65, 0x5f, 0x66, 0x69, 0x6c, 0x74, 0x65, 0x72,
+	0x18, 0x04, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x31, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63,
+	0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x66, 0x69, 0x6c, 0x74, 0x65, 0x72, 0x2e, 0x61, 0x63, 0x63,
+	0x65, 0x73, 0x73, 0x6c, 0x6f, 0x67, 0x2e, 0x76, 0x32, 0x2e, 0x54, 0x72, 0x61, 0x63, 0x65, 0x61,
+	0x62, 0x6c, 0x65, 0x46, 0x69, 0x6c, 0x74, 0x65, 0x72, 0x48, 0x00, 0x52, 0x0f, 0x74, 0x72, 0x61,
+	0x63, 0x65, 0x61, 0x62, 0x6c, 0x65, 0x46, 0x69, 0x6c, 0x74, 0x65, 0x72, 0x12, 0x58, 0x0a, 0x0e,
+	0x72, 0x75, 0x6e, 0x74, 0x69, 0x6d, 0x65, 0x5f, 0x66, 0x69, 0x6c, 0x74, 0x65, 0x72, 0x18, 0x05,
+	0x20, 0x01, 0x28, 0x0b, 0x32, 0x2f, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e,
+	0x66, 0x69, 0x67, 0x2e, 0x66, 0x69, 0x6c, 0x74, 0x65, 0x72, 0x2e, 0x61, 0x63, 0x63, 0x65, 0x73,
+	0x73, 0x6c, 0x6f, 0x67, 0x2e, 0x76, 0x32, 0x2e, 0x52, 0x75, 0x6e, 0x74, 0x69, 0x6d, 0x65, 0x46,
+	0x69, 0x6c, 0x74, 0x65, 0x72, 0x48, 0x00, 0x52, 0x0d, 0x72, 0x75, 0x6e, 0x74, 0x69, 0x6d, 0x65,
+	0x46, 0x69, 0x6c, 0x74, 0x65, 0x72, 0x12, 0x4c, 0x0a, 0x0a, 0x61, 0x6e, 0x64, 0x5f, 0x66, 0x69,
+	0x6c, 0x74, 0x65, 0x72, 0x18, 0x06, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x2b, 0x2e, 0x65, 0x6e, 0x76,
+	0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x66, 0x69, 0x6c, 0x74, 0x65, 0x72,
+	0x2e, 0x61, 0x63, 0x63, 0x65, 0x73, 0x73, 0x6c, 0x6f, 0x67, 0x2e, 0x76, 0x32, 0x2e, 0x41, 0x6e,
+	0x64, 0x46, 0x69, 0x6c, 0x74, 0x65, 0x72, 0x48, 0x00, 0x52, 0x09, 0x61, 0x6e, 0x64, 0x46, 0x69,
+	0x6c, 0x74, 0x65, 0x72, 0x12, 0x49, 0x0a, 0x09, 0x6f, 0x72, 0x5f, 0x66, 0x69, 0x6c, 0x74, 0x65,
+	0x72, 0x18, 0x07, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x2a, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e,
+	0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x66, 0x69, 0x6c, 0x74, 0x65, 0x72, 0x2e, 0x61, 0x63,
+	0x63, 0x65, 0x73, 0x73, 0x6c, 0x6f, 0x67, 0x2e, 0x76, 0x32, 0x2e, 0x4f, 0x72, 0x46, 0x69, 0x6c,
+	0x74, 0x65, 0x72, 0x48, 0x00, 0x52, 0x08, 0x6f, 0x72, 0x46, 0x69, 0x6c, 0x74, 0x65, 0x72, 0x12,
+	0x55, 0x0a, 0x0d, 0x68, 0x65, 0x61, 0x64, 0x65, 0x72, 0x5f, 0x66, 0x69, 0x6c, 0x74, 0x65, 0x72,
+	0x18, 0x08, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x2e, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63,
+	0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x66, 0x69, 0x6c, 0x74, 0x65, 0x72, 0x2e, 0x61, 0x63, 0x63,
+	0x65, 0x73, 0x73, 0x6c, 0x6f, 0x67, 0x2e, 0x76, 0x32, 0x2e, 0x48, 0x65, 0x61, 0x64, 0x65, 0x72,
+	0x46, 0x69, 0x6c, 0x74, 0x65, 0x72, 0x48, 0x00, 0x52, 0x0c, 0x68, 0x65, 0x61, 0x64, 0x65, 0x72,
+	0x46, 0x69, 0x6c, 0x74, 0x65, 0x72, 0x12, 0x68, 0x0a, 0x14, 0x72, 0x65, 0x73, 0x70, 0x6f, 0x6e,
+	0x73, 0x65, 0x5f, 0x66, 0x6c, 0x61, 0x67, 0x5f, 0x66, 0x69, 0x6c, 0x74, 0x65, 0x72, 0x18, 0x09,
+	0x20, 0x01, 0x28, 0x0b, 0x32, 0x34, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e,
+	0x66, 0x69, 0x67, 0x2e, 0x66, 0x69, 0x6c, 0x74, 0x65, 0x72, 0x2e, 0x61, 0x63, 0x63, 0x65, 0x73,
+	0x73, 0x6c, 0x6f, 0x67, 0x2e, 0x76, 0x32, 0x2e, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65,
+	0x46, 0x6c, 0x61, 0x67, 0x46, 0x69, 0x6c, 0x74, 0x65, 0x72, 0x48, 0x00, 0x52, 0x12, 0x72, 0x65,
+	0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x46, 0x6c, 0x61, 0x67, 0x46, 0x69, 0x6c, 0x74, 0x65, 0x72,
+	0x12, 0x62, 0x0a, 0x12, 0x67, 0x72, 0x70, 0x63, 0x5f, 0x73, 0x74, 0x61, 0x74, 0x75, 0x73, 0x5f,
+	0x66, 0x69, 0x6c, 0x74, 0x65, 0x72, 0x18, 0x0a, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x32, 0x2e, 0x65,
+	0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x66, 0x69, 0x6c, 0x74,
+	0x65, 0x72, 0x2e, 0x61, 0x63, 0x63, 0x65, 0x73, 0x73, 0x6c, 0x6f, 0x67, 0x2e, 0x76, 0x32, 0x2e,
+	0x47, 0x72, 0x70, 0x63, 0x53, 0x74, 0x61, 0x74, 0x75, 0x73, 0x46, 0x69, 0x6c, 0x74, 0x65, 0x72,
+	0x48, 0x00, 0x52, 0x10, 0x67, 0x72, 0x70, 0x63, 0x53, 0x74, 0x61, 0x74, 0x75, 0x73, 0x46, 0x69,
+	0x6c, 0x74, 0x65, 0x72, 0x12, 0x5e, 0x0a, 0x10, 0x65, 0x78, 0x74, 0x65, 0x6e, 0x73, 0x69, 0x6f,
+	0x6e, 0x5f, 0x66, 0x69, 0x6c, 0x74, 0x65, 0x72, 0x18, 0x0b, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x31,
+	0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x66, 0x69,
+	0x6c, 0x74, 0x65, 0x72, 0x2e, 0x61, 0x63, 0x63, 0x65, 0x73, 0x73, 0x6c, 0x6f, 0x67, 0x2e, 0x76,
+	0x32, 0x2e, 0x45, 0x78, 0x74, 0x65, 0x6e, 0x73, 0x69, 0x6f, 0x6e, 0x46, 0x69, 0x6c, 0x74, 0x65,
+	0x72, 0x48, 0x00, 0x52, 0x0f, 0x65, 0x78, 0x74, 0x65, 0x6e, 0x73, 0x69, 0x6f, 0x6e, 0x46, 0x69,
+	0x6c, 0x74, 0x65, 0x72, 0x42, 0x17, 0x0a, 0x10, 0x66, 0x69, 0x6c, 0x74, 0x65, 0x72, 0x5f, 0x73,
+	0x70, 0x65, 0x63, 0x69, 0x66, 0x69, 0x65, 0x72, 0x12, 0x03, 0xf8, 0x42, 0x01, 0x22, 0xb9, 0x01,
+	0x0a, 0x10, 0x43, 0x6f, 0x6d, 0x70, 0x61, 0x72, 0x69, 0x73, 0x6f, 0x6e, 0x46, 0x69, 0x6c, 0x74,
+	0x65, 0x72, 0x12, 0x4f, 0x0a, 0x02, 0x6f, 0x70, 0x18, 0x01, 0x20, 0x01, 0x28, 0x0e, 0x32, 0x35,
+	0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x66, 0x69,
+	0x6c, 0x74, 0x65, 0x72, 0x2e, 0x61, 0x63, 0x63, 0x65, 0x73, 0x73, 0x6c, 0x6f, 0x67, 0x2e, 0x76,
+	0x32, 0x2e, 0x43, 0x6f, 0x6d, 0x70, 0x61, 0x72, 0x69, 0x73, 0x6f, 0x6e, 0x46, 0x69, 0x6c, 0x74,
+	0x65, 0x72, 0x2e, 0x4f, 0x70, 0x42, 0x08, 0xfa, 0x42, 0x05, 0x82, 0x01, 0x02, 0x10, 0x01, 0x52,
+	0x02, 0x6f, 0x70, 0x12, 0x36, 0x0a, 0x05, 0x76, 0x61, 0x6c, 0x75, 0x65, 0x18, 0x02, 0x20, 0x01,
+	0x28, 0x0b, 0x32, 0x20, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x76,
+	0x32, 0x2e, 0x63, 0x6f, 0x72, 0x65, 0x2e, 0x52, 0x75, 0x6e, 0x74, 0x69, 0x6d, 0x65, 0x55, 0x49,
+	0x6e, 0x74, 0x33, 0x32, 0x52, 0x05, 0x76, 0x61, 0x6c, 0x75, 0x65, 0x22, 0x1c, 0x0a, 0x02, 0x4f,
+	0x70, 0x12, 0x06, 0x0a, 0x02, 0x45, 0x51, 0x10, 0x00, 0x12, 0x06, 0x0a, 0x02, 0x47, 0x45, 0x10,
+	0x01, 0x12, 0x06, 0x0a, 0x02, 0x4c, 0x45, 0x10, 0x02, 0x22, 0x70, 0x0a, 0x10, 0x53, 0x74, 0x61,
+	0x74, 0x75, 0x73, 0x43, 0x6f, 0x64, 0x65, 0x46, 0x69, 0x6c, 0x74, 0x65, 0x72, 0x12, 0x5c, 0x0a,
+	0x0a, 0x63, 0x6f, 0x6d, 0x70, 0x61, 0x72, 0x69, 0x73, 0x6f, 0x6e, 0x18, 0x01, 0x20, 0x01, 0x28,
+	0x0b, 0x32, 0x32, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67,
+	0x2e, 0x66, 0x69, 0x6c, 0x74, 0x65, 0x72, 0x2e, 0x61, 0x63, 0x63, 0x65, 0x73, 0x73, 0x6c, 0x6f,
+	0x67, 0x2e, 0x76, 0x32, 0x2e, 0x43, 0x6f, 0x6d, 0x70, 0x61, 0x72, 0x69, 0x73, 0x6f, 0x6e, 0x46,
+	0x69, 0x6c, 0x74, 0x65, 0x72, 0x42, 0x08, 0xfa, 0x42, 0x05, 0x8a, 0x01, 0x02, 0x10, 0x01, 0x52,
+	0x0a, 0x63, 0x6f, 0x6d, 0x70, 0x61, 0x72, 0x69, 0x73, 0x6f, 0x6e, 0x22, 0x6e, 0x0a, 0x0e, 0x44,
+	0x75, 0x72, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x46, 0x69, 0x6c, 0x74, 0x65, 0x72, 0x12, 0x5c, 0x0a,
+	0x0a, 0x63, 0x6f, 0x6d, 0x70, 0x61, 0x72, 0x69, 0x73, 0x6f, 0x6e, 0x18, 0x01, 0x20, 0x01, 0x28,
+	0x0b, 0x32, 0x32, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67,
+	0x2e, 0x66, 0x69, 0x6c, 0x74, 0x65, 0x72, 0x2e, 0x61, 0x63, 0x63, 0x65, 0x73, 0x73, 0x6c, 0x6f,
+	0x67, 0x2e, 0x76, 0x32, 0x2e, 0x43, 0x6f, 0x6d, 0x70, 0x61, 0x72, 0x69, 0x73, 0x6f, 0x6e, 0x46,
+	0x69, 0x6c, 0x74, 0x65, 0x72, 0x42, 0x08, 0xfa, 0x42, 0x05, 0x8a, 0x01, 0x02, 0x10, 0x01, 0x52,
+	0x0a, 0x63, 0x6f, 0x6d, 0x70, 0x61, 0x72, 0x69, 0x73, 0x6f, 0x6e, 0x22, 0x16, 0x0a, 0x14, 0x4e,
+	0x6f, 0x74, 0x48, 0x65, 0x61, 0x6c, 0x74, 0x68, 0x43, 0x68, 0x65, 0x63, 0x6b, 0x46, 0x69, 0x6c,
+	0x74, 0x65, 0x72, 0x22, 0x11, 0x0a, 0x0f, 0x54, 0x72, 0x61, 0x63, 0x65, 0x61, 0x62, 0x6c, 0x65,
+	0x46, 0x69, 0x6c, 0x74, 0x65, 0x72, 0x22, 0xbf, 0x01, 0x0a, 0x0d, 0x52, 0x75, 0x6e, 0x74, 0x69,
+	0x6d, 0x65, 0x46, 0x69, 0x6c, 0x74, 0x65, 0x72, 0x12, 0x28, 0x0a, 0x0b, 0x72, 0x75, 0x6e, 0x74,
+	0x69, 0x6d, 0x65, 0x5f, 0x6b, 0x65, 0x79, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x42, 0x07, 0xfa,
+	0x42, 0x04, 0x72, 0x02, 0x20, 0x01, 0x52, 0x0a, 0x72, 0x75, 0x6e, 0x74, 0x69, 0x6d, 0x65, 0x4b,
+	0x65, 0x79, 0x12, 0x46, 0x0a, 0x0f, 0x70, 0x65, 0x72, 0x63, 0x65, 0x6e, 0x74, 0x5f, 0x73, 0x61,
+	0x6d, 0x70, 0x6c, 0x65, 0x64, 0x18, 0x02, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1d, 0x2e, 0x65, 0x6e,
+	0x76, 0x6f, 0x79, 0x2e, 0x74, 0x79, 0x70, 0x65, 0x2e, 0x46, 0x72, 0x61, 0x63, 0x74, 0x69, 0x6f,
+	0x6e, 0x61, 0x6c, 0x50, 0x65, 0x72, 0x63, 0x65, 0x6e, 0x74, 0x52, 0x0e, 0x70, 0x65, 0x72, 0x63,
+	0x65, 0x6e, 0x74, 0x53, 0x61, 0x6d, 0x70, 0x6c, 0x65, 0x64, 0x12, 0x3c, 0x0a, 0x1a, 0x75, 0x73,
+	0x65, 0x5f, 0x69, 0x6e, 0x64, 0x65, 0x70, 0x65, 0x6e, 0x64, 0x65, 0x6e, 0x74, 0x5f, 0x72, 0x61,
+	0x6e, 0x64, 0x6f, 0x6d, 0x6e, 0x65, 0x73, 0x73, 0x18, 0x03, 0x20, 0x01, 0x28, 0x08, 0x52, 0x18,
+	0x75, 0x73, 0x65, 0x49, 0x6e, 0x64, 0x65, 0x70, 0x65, 0x6e, 0x64, 0x65, 0x6e, 0x74, 0x52, 0x61,
+	0x6e, 0x64, 0x6f, 0x6d, 0x6e, 0x65, 0x73, 0x73, 0x22, 0x62, 0x0a, 0x09, 0x41, 0x6e, 0x64, 0x46,
+	0x69, 0x6c, 0x74, 0x65, 0x72, 0x12, 0x55, 0x0a, 0x07, 0x66, 0x69, 0x6c, 0x74, 0x65, 0x72, 0x73,
+	0x18, 0x01, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x31, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63,
+	0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x66, 0x69, 0x6c, 0x74, 0x65, 0x72, 0x2e, 0x61, 0x63, 0x63,
+	0x65, 0x73, 0x73, 0x6c, 0x6f, 0x67, 0x2e, 0x76, 0x32, 0x2e, 0x41, 0x63, 0x63, 0x65, 0x73, 0x73,
+	0x4c, 0x6f, 0x67, 0x46, 0x69, 0x6c, 0x74, 0x65, 0x72, 0x42, 0x08, 0xfa, 0x42, 0x05, 0x92, 0x01,
+	0x02, 0x08, 0x02, 0x52, 0x07, 0x66, 0x69, 0x6c, 0x74, 0x65, 0x72, 0x73, 0x22, 0x61, 0x0a, 0x08,
+	0x4f, 0x72, 0x46, 0x69, 0x6c, 0x74, 0x65, 0x72, 0x12, 0x55, 0x0a, 0x07, 0x66, 0x69, 0x6c, 0x74,
+	0x65, 0x72, 0x73, 0x18, 0x02, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x31, 0x2e, 0x65, 0x6e, 0x76, 0x6f,
+	0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x66, 0x69, 0x6c, 0x74, 0x65, 0x72, 0x2e,
+	0x61, 0x63, 0x63, 0x65, 0x73, 0x73, 0x6c, 0x6f, 0x67, 0x2e, 0x76, 0x32, 0x2e, 0x41, 0x63, 0x63,
+	0x65, 0x73, 0x73, 0x4c, 0x6f, 0x67, 0x46, 0x69, 0x6c, 0x74, 0x65, 0x72, 0x42, 0x08, 0xfa, 0x42,
+	0x05, 0x92, 0x01, 0x02, 0x08, 0x02, 0x52, 0x07, 0x66, 0x69, 0x6c, 0x74, 0x65, 0x72, 0x73, 0x22,
+	0x53, 0x0a, 0x0c, 0x48, 0x65, 0x61, 0x64, 0x65, 0x72, 0x46, 0x69, 0x6c, 0x74, 0x65, 0x72, 0x12,
+	0x43, 0x0a, 0x06, 0x68, 0x65, 0x61, 0x64, 0x65, 0x72, 0x18, 0x01, 0x20, 0x01, 0x28, 0x0b, 0x32,
+	0x21, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x76, 0x32, 0x2e, 0x72,
+	0x6f, 0x75, 0x74, 0x65, 0x2e, 0x48, 0x65, 0x61, 0x64, 0x65, 0x72, 0x4d, 0x61, 0x74, 0x63, 0x68,
+	0x65, 0x72, 0x42, 0x08, 0xfa, 0x42, 0x05, 0x8a, 0x01, 0x02, 0x10, 0x01, 0x52, 0x06, 0x68, 0x65,
+	0x61, 0x64, 0x65, 0x72, 0x22, 0x88, 0x01, 0x0a, 0x12, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73,
+	0x65, 0x46, 0x6c, 0x61, 0x67, 0x46, 0x69, 0x6c, 0x74, 0x65, 0x72, 0x12, 0x72, 0x0a, 0x05, 0x66,
+	0x6c, 0x61, 0x67, 0x73, 0x18, 0x01, 0x20, 0x03, 0x28, 0x09, 0x42, 0x5c, 0xfa, 0x42, 0x59, 0x92,
+	0x01, 0x56, 0x22, 0x54, 0x72, 0x52, 0x52, 0x02, 0x4c, 0x48, 0x52, 0x02, 0x55, 0x48, 0x52, 0x02,
+	0x55, 0x54, 0x52, 0x02, 0x4c, 0x52, 0x52, 0x02, 0x55, 0x52, 0x52, 0x02, 0x55, 0x46, 0x52, 0x02,
+	0x55, 0x43, 0x52, 0x02, 0x55, 0x4f, 0x52, 0x02, 0x4e, 0x52, 0x52, 0x02, 0x44, 0x49, 0x52, 0x02,
+	0x46, 0x49, 0x52, 0x02, 0x52, 0x4c, 0x52, 0x04, 0x55, 0x41, 0x45, 0x58, 0x52, 0x04, 0x52, 0x4c,
+	0x53, 0x45, 0x52, 0x02, 0x44, 0x43, 0x52, 0x03, 0x55, 0x52, 0x58, 0x52, 0x02, 0x53, 0x49, 0x52,
+	0x02, 0x49, 0x48, 0x52, 0x03, 0x44, 0x50, 0x45, 0x52, 0x05, 0x66, 0x6c, 0x61, 0x67, 0x73, 0x22,
+	0xcd, 0x03, 0x0a, 0x10, 0x47, 0x72, 0x70, 0x63, 0x53, 0x74, 0x61, 0x74, 0x75, 0x73, 0x46, 0x69,
+	0x6c, 0x74, 0x65, 0x72, 0x12, 0x64, 0x0a, 0x08, 0x73, 0x74, 0x61, 0x74, 0x75, 0x73, 0x65, 0x73,
+	0x18, 0x01, 0x20, 0x03, 0x28, 0x0e, 0x32, 0x39, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63,
+	0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x66, 0x69, 0x6c, 0x74, 0x65, 0x72, 0x2e, 0x61, 0x63, 0x63,
+	0x65, 0x73, 0x73, 0x6c, 0x6f, 0x67, 0x2e, 0x76, 0x32, 0x2e, 0x47, 0x72, 0x70, 0x63, 0x53, 0x74,
+	0x61, 0x74, 0x75, 0x73, 0x46, 0x69, 0x6c, 0x74, 0x65, 0x72, 0x2e, 0x53, 0x74, 0x61, 0x74, 0x75,
+	0x73, 0x42, 0x0d, 0xfa, 0x42, 0x0a, 0x92, 0x01, 0x07, 0x22, 0x05, 0x82, 0x01, 0x02, 0x10, 0x01,
+	0x52, 0x08, 0x73, 0x74, 0x61, 0x74, 0x75, 0x73, 0x65, 0x73, 0x12, 0x18, 0x0a, 0x07, 0x65, 0x78,
+	0x63, 0x6c, 0x75, 0x64, 0x65, 0x18, 0x02, 0x20, 0x01, 0x28, 0x08, 0x52, 0x07, 0x65, 0x78, 0x63,
+	0x6c, 0x75, 0x64, 0x65, 0x22, 0xb8, 0x02, 0x0a, 0x06, 0x53, 0x74, 0x61, 0x74, 0x75, 0x73, 0x12,
+	0x06, 0x0a, 0x02, 0x4f, 0x4b, 0x10, 0x00, 0x12, 0x0c, 0x0a, 0x08, 0x43, 0x41, 0x4e, 0x43, 0x45,
+	0x4c, 0x45, 0x44, 0x10, 0x01, 0x12, 0x0b, 0x0a, 0x07, 0x55, 0x4e, 0x4b, 0x4e, 0x4f, 0x57, 0x4e,
+	0x10, 0x02, 0x12, 0x14, 0x0a, 0x10, 0x49, 0x4e, 0x56, 0x41, 0x4c, 0x49, 0x44, 0x5f, 0x41, 0x52,
+	0x47, 0x55, 0x4d, 0x45, 0x4e, 0x54, 0x10, 0x03, 0x12, 0x15, 0x0a, 0x11, 0x44, 0x45, 0x41, 0x44,
+	0x4c, 0x49, 0x4e, 0x45, 0x5f, 0x45, 0x58, 0x43, 0x45, 0x45, 0x44, 0x45, 0x44, 0x10, 0x04, 0x12,
+	0x0d, 0x0a, 0x09, 0x4e, 0x4f, 0x54, 0x5f, 0x46, 0x4f, 0x55, 0x4e, 0x44, 0x10, 0x05, 0x12, 0x12,
+	0x0a, 0x0e, 0x41, 0x4c, 0x52, 0x45, 0x41, 0x44, 0x59, 0x5f, 0x45, 0x58, 0x49, 0x53, 0x54, 0x53,
+	0x10, 0x06, 0x12, 0x15, 0x0a, 0x11, 0x50, 0x45, 0x52, 0x4d, 0x49, 0x53, 0x53, 0x49, 0x4f, 0x4e,
+	0x5f, 0x44, 0x45, 0x4e, 0x49, 0x45, 0x44, 0x10, 0x07, 0x12, 0x16, 0x0a, 0x12, 0x52, 0x45, 0x53,
+	0x4f, 0x55, 0x52, 0x43, 0x45, 0x5f, 0x45, 0x58, 0x48, 0x41, 0x55, 0x53, 0x54, 0x45, 0x44, 0x10,
+	0x08, 0x12, 0x17, 0x0a, 0x13, 0x46, 0x41, 0x49, 0x4c, 0x45, 0x44, 0x5f, 0x50, 0x52, 0x45, 0x43,
+	0x4f, 0x4e, 0x44, 0x49, 0x54, 0x49, 0x4f, 0x4e, 0x10, 0x09, 0x12, 0x0b, 0x0a, 0x07, 0x41, 0x42,
+	0x4f, 0x52, 0x54, 0x45, 0x44, 0x10, 0x0a, 0x12, 0x10, 0x0a, 0x0c, 0x4f, 0x55, 0x54, 0x5f, 0x4f,
+	0x46, 0x5f, 0x52, 0x41, 0x4e, 0x47, 0x45, 0x10, 0x0b, 0x12, 0x11, 0x0a, 0x0d, 0x55, 0x4e, 0x49,
+	0x4d, 0x50, 0x4c, 0x45, 0x4d, 0x45, 0x4e, 0x54, 0x45, 0x44, 0x10, 0x0c, 0x12, 0x0c, 0x0a, 0x08,
+	0x49, 0x4e, 0x54, 0x45, 0x52, 0x4e, 0x41, 0x4c, 0x10, 0x0d, 0x12, 0x0f, 0x0a, 0x0b, 0x55, 0x4e,
+	0x41, 0x56, 0x41, 0x49, 0x4c, 0x41, 0x42, 0x4c, 0x45, 0x10, 0x0e, 0x12, 0x0d, 0x0a, 0x09, 0x44,
+	0x41, 0x54, 0x41, 0x5f, 0x4c, 0x4f, 0x53, 0x53, 0x10, 0x0f, 0x12, 0x13, 0x0a, 0x0f, 0x55, 0x4e,
+	0x41, 0x55, 0x54, 0x48, 0x45, 0x4e, 0x54, 0x49, 0x43, 0x41, 0x54, 0x45, 0x44, 0x10, 0x10, 0x22,
+	0xa6, 0x01, 0x0a, 0x0f, 0x45, 0x78, 0x74, 0x65, 0x6e, 0x73, 0x69, 0x6f, 0x6e, 0x46, 0x69, 0x6c,
+	0x74, 0x65, 0x72, 0x12, 0x12, 0x0a, 0x04, 0x6e, 0x61, 0x6d, 0x65, 0x18, 0x01, 0x20, 0x01, 0x28,
+	0x09, 0x52, 0x04, 0x6e, 0x61, 0x6d, 0x65, 0x12, 0x35, 0x0a, 0x06, 0x63, 0x6f, 0x6e, 0x66, 0x69,
+	0x67, 0x18, 0x02, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x17, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65,
+	0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x53, 0x74, 0x72, 0x75, 0x63, 0x74,
+	0x42, 0x02, 0x18, 0x01, 0x48, 0x00, 0x52, 0x06, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x12, 0x39,
+	0x0a, 0x0c, 0x74, 0x79, 0x70, 0x65, 0x64, 0x5f, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x18, 0x03,
+	0x20, 0x01, 0x28, 0x0b, 0x32, 0x14, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72,
+	0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x41, 0x6e, 0x79, 0x48, 0x00, 0x52, 0x0b, 0x74, 0x79,
+	0x70, 0x65, 0x64, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x42, 0x0d, 0x0a, 0x0b, 0x63, 0x6f, 0x6e,
+	0x66, 0x69, 0x67, 0x5f, 0x74, 0x79, 0x70, 0x65, 0x42, 0x6b, 0x0a, 0x2e, 0x69, 0x6f, 0x2e, 0x65,
+	0x6e, 0x76, 0x6f, 0x79, 0x70, 0x72, 0x6f, 0x78, 0x79, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e,
+	0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x66, 0x69, 0x6c, 0x74, 0x65, 0x72, 0x2e, 0x61, 0x63,
+	0x63, 0x65, 0x73, 0x73, 0x6c, 0x6f, 0x67, 0x2e, 0x76, 0x32, 0x42, 0x0e, 0x41, 0x63, 0x63, 0x65,
+	0x73, 0x73, 0x6c, 0x6f, 0x67, 0x50, 0x72, 0x6f, 0x74, 0x6f, 0x50, 0x01, 0xf2, 0x98, 0xfe, 0x8f,
+	0x05, 0x1b, 0x12, 0x19, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67,
+	0x2e, 0x61, 0x63, 0x63, 0x65, 0x73, 0x73, 0x6c, 0x6f, 0x67, 0x2e, 0x76, 0x33, 0xba, 0x80, 0xc8,
+	0xd1, 0x06, 0x02, 0x10, 0x01, 0x62, 0x06, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x33,
+}
+
+var (
+	file_envoy_config_filter_accesslog_v2_accesslog_proto_rawDescOnce sync.Once
+	file_envoy_config_filter_accesslog_v2_accesslog_proto_rawDescData = file_envoy_config_filter_accesslog_v2_accesslog_proto_rawDesc
+)
+
+func file_envoy_config_filter_accesslog_v2_accesslog_proto_rawDescGZIP() []byte {
+	file_envoy_config_filter_accesslog_v2_accesslog_proto_rawDescOnce.Do(func() {
+		file_envoy_config_filter_accesslog_v2_accesslog_proto_rawDescData = protoimpl.X.CompressGZIP(file_envoy_config_filter_accesslog_v2_accesslog_proto_rawDescData)
+	})
+	return file_envoy_config_filter_accesslog_v2_accesslog_proto_rawDescData
+}
+
+var file_envoy_config_filter_accesslog_v2_accesslog_proto_enumTypes = make([]protoimpl.EnumInfo, 2)
+var file_envoy_config_filter_accesslog_v2_accesslog_proto_msgTypes = make([]protoimpl.MessageInfo, 14)
+var file_envoy_config_filter_accesslog_v2_accesslog_proto_goTypes = []interface{}{
+	(ComparisonFilter_Op)(0),        // 0: envoy.config.filter.accesslog.v2.ComparisonFilter.Op
+	(GrpcStatusFilter_Status)(0),    // 1: envoy.config.filter.accesslog.v2.GrpcStatusFilter.Status
+	(*AccessLog)(nil),               // 2: envoy.config.filter.accesslog.v2.AccessLog
+	(*AccessLogFilter)(nil),         // 3: envoy.config.filter.accesslog.v2.AccessLogFilter
+	(*ComparisonFilter)(nil),        // 4: envoy.config.filter.accesslog.v2.ComparisonFilter
+	(*StatusCodeFilter)(nil),        // 5: envoy.config.filter.accesslog.v2.StatusCodeFilter
+	(*DurationFilter)(nil),          // 6: envoy.config.filter.accesslog.v2.DurationFilter
+	(*NotHealthCheckFilter)(nil),    // 7: envoy.config.filter.accesslog.v2.NotHealthCheckFilter
+	(*TraceableFilter)(nil),         // 8: envoy.config.filter.accesslog.v2.TraceableFilter
+	(*RuntimeFilter)(nil),           // 9: envoy.config.filter.accesslog.v2.RuntimeFilter
+	(*AndFilter)(nil),               // 10: envoy.config.filter.accesslog.v2.AndFilter
+	(*OrFilter)(nil),                // 11: envoy.config.filter.accesslog.v2.OrFilter
+	(*HeaderFilter)(nil),            // 12: envoy.config.filter.accesslog.v2.HeaderFilter
+	(*ResponseFlagFilter)(nil),      // 13: envoy.config.filter.accesslog.v2.ResponseFlagFilter
+	(*GrpcStatusFilter)(nil),        // 14: envoy.config.filter.accesslog.v2.GrpcStatusFilter
+	(*ExtensionFilter)(nil),         // 15: envoy.config.filter.accesslog.v2.ExtensionFilter
+	(*_struct.Struct)(nil),          // 16: google.protobuf.Struct
+	(*any.Any)(nil),                 // 17: google.protobuf.Any
+	(*core.RuntimeUInt32)(nil),      // 18: envoy.api.v2.core.RuntimeUInt32
+	(*_type.FractionalPercent)(nil), // 19: envoy.type.FractionalPercent
+	(*route.HeaderMatcher)(nil),     // 20: envoy.api.v2.route.HeaderMatcher
+}
+var file_envoy_config_filter_accesslog_v2_accesslog_proto_depIdxs = []int32{
+	3,  // 0: envoy.config.filter.accesslog.v2.AccessLog.filter:type_name -> envoy.config.filter.accesslog.v2.AccessLogFilter
+	16, // 1: envoy.config.filter.accesslog.v2.AccessLog.config:type_name -> google.protobuf.Struct
+	17, // 2: envoy.config.filter.accesslog.v2.AccessLog.typed_config:type_name -> google.protobuf.Any
+	5,  // 3: envoy.config.filter.accesslog.v2.AccessLogFilter.status_code_filter:type_name -> envoy.config.filter.accesslog.v2.StatusCodeFilter
+	6,  // 4: envoy.config.filter.accesslog.v2.AccessLogFilter.duration_filter:type_name -> envoy.config.filter.accesslog.v2.DurationFilter
+	7,  // 5: envoy.config.filter.accesslog.v2.AccessLogFilter.not_health_check_filter:type_name -> envoy.config.filter.accesslog.v2.NotHealthCheckFilter
+	8,  // 6: envoy.config.filter.accesslog.v2.AccessLogFilter.traceable_filter:type_name -> envoy.config.filter.accesslog.v2.TraceableFilter
+	9,  // 7: envoy.config.filter.accesslog.v2.AccessLogFilter.runtime_filter:type_name -> envoy.config.filter.accesslog.v2.RuntimeFilter
+	10, // 8: envoy.config.filter.accesslog.v2.AccessLogFilter.and_filter:type_name -> envoy.config.filter.accesslog.v2.AndFilter
+	11, // 9: envoy.config.filter.accesslog.v2.AccessLogFilter.or_filter:type_name -> envoy.config.filter.accesslog.v2.OrFilter
+	12, // 10: envoy.config.filter.accesslog.v2.AccessLogFilter.header_filter:type_name -> envoy.config.filter.accesslog.v2.HeaderFilter
+	13, // 11: envoy.config.filter.accesslog.v2.AccessLogFilter.response_flag_filter:type_name -> envoy.config.filter.accesslog.v2.ResponseFlagFilter
+	14, // 12: envoy.config.filter.accesslog.v2.AccessLogFilter.grpc_status_filter:type_name -> envoy.config.filter.accesslog.v2.GrpcStatusFilter
+	15, // 13: envoy.config.filter.accesslog.v2.AccessLogFilter.extension_filter:type_name -> envoy.config.filter.accesslog.v2.ExtensionFilter
+	0,  // 14: envoy.config.filter.accesslog.v2.ComparisonFilter.op:type_name -> envoy.config.filter.accesslog.v2.ComparisonFilter.Op
+	18, // 15: envoy.config.filter.accesslog.v2.ComparisonFilter.value:type_name -> envoy.api.v2.core.RuntimeUInt32
+	4,  // 16: envoy.config.filter.accesslog.v2.StatusCodeFilter.comparison:type_name -> envoy.config.filter.accesslog.v2.ComparisonFilter
+	4,  // 17: envoy.config.filter.accesslog.v2.DurationFilter.comparison:type_name -> envoy.config.filter.accesslog.v2.ComparisonFilter
+	19, // 18: envoy.config.filter.accesslog.v2.RuntimeFilter.percent_sampled:type_name -> envoy.type.FractionalPercent
+	3,  // 19: envoy.config.filter.accesslog.v2.AndFilter.filters:type_name -> envoy.config.filter.accesslog.v2.AccessLogFilter
+	3,  // 20: envoy.config.filter.accesslog.v2.OrFilter.filters:type_name -> envoy.config.filter.accesslog.v2.AccessLogFilter
+	20, // 21: envoy.config.filter.accesslog.v2.HeaderFilter.header:type_name -> envoy.api.v2.route.HeaderMatcher
+	1,  // 22: envoy.config.filter.accesslog.v2.GrpcStatusFilter.statuses:type_name -> envoy.config.filter.accesslog.v2.GrpcStatusFilter.Status
+	16, // 23: envoy.config.filter.accesslog.v2.ExtensionFilter.config:type_name -> google.protobuf.Struct
+	17, // 24: envoy.config.filter.accesslog.v2.ExtensionFilter.typed_config:type_name -> google.protobuf.Any
+	25, // [25:25] is the sub-list for method output_type
+	25, // [25:25] is the sub-list for method input_type
+	25, // [25:25] is the sub-list for extension type_name
+	25, // [25:25] is the sub-list for extension extendee
+	0,  // [0:25] is the sub-list for field type_name
+}
+
+func init() { file_envoy_config_filter_accesslog_v2_accesslog_proto_init() }
+func file_envoy_config_filter_accesslog_v2_accesslog_proto_init() {
+	if File_envoy_config_filter_accesslog_v2_accesslog_proto != nil {
+		return
+	}
+	if !protoimpl.UnsafeEnabled {
+		file_envoy_config_filter_accesslog_v2_accesslog_proto_msgTypes[0].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*AccessLog); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_config_filter_accesslog_v2_accesslog_proto_msgTypes[1].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*AccessLogFilter); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_config_filter_accesslog_v2_accesslog_proto_msgTypes[2].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*ComparisonFilter); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_config_filter_accesslog_v2_accesslog_proto_msgTypes[3].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*StatusCodeFilter); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_config_filter_accesslog_v2_accesslog_proto_msgTypes[4].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*DurationFilter); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_config_filter_accesslog_v2_accesslog_proto_msgTypes[5].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*NotHealthCheckFilter); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_config_filter_accesslog_v2_accesslog_proto_msgTypes[6].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*TraceableFilter); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_config_filter_accesslog_v2_accesslog_proto_msgTypes[7].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*RuntimeFilter); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_config_filter_accesslog_v2_accesslog_proto_msgTypes[8].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*AndFilter); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_config_filter_accesslog_v2_accesslog_proto_msgTypes[9].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*OrFilter); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_config_filter_accesslog_v2_accesslog_proto_msgTypes[10].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*HeaderFilter); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_config_filter_accesslog_v2_accesslog_proto_msgTypes[11].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*ResponseFlagFilter); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_config_filter_accesslog_v2_accesslog_proto_msgTypes[12].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*GrpcStatusFilter); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_config_filter_accesslog_v2_accesslog_proto_msgTypes[13].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*ExtensionFilter); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+	}
+	file_envoy_config_filter_accesslog_v2_accesslog_proto_msgTypes[0].OneofWrappers = []interface{}{
+		(*AccessLog_Config)(nil),
+		(*AccessLog_TypedConfig)(nil),
+	}
+	file_envoy_config_filter_accesslog_v2_accesslog_proto_msgTypes[1].OneofWrappers = []interface{}{
+		(*AccessLogFilter_StatusCodeFilter)(nil),
+		(*AccessLogFilter_DurationFilter)(nil),
+		(*AccessLogFilter_NotHealthCheckFilter)(nil),
+		(*AccessLogFilter_TraceableFilter)(nil),
+		(*AccessLogFilter_RuntimeFilter)(nil),
+		(*AccessLogFilter_AndFilter)(nil),
+		(*AccessLogFilter_OrFilter)(nil),
+		(*AccessLogFilter_HeaderFilter)(nil),
+		(*AccessLogFilter_ResponseFlagFilter)(nil),
+		(*AccessLogFilter_GrpcStatusFilter)(nil),
+		(*AccessLogFilter_ExtensionFilter)(nil),
+	}
+	file_envoy_config_filter_accesslog_v2_accesslog_proto_msgTypes[13].OneofWrappers = []interface{}{
+		(*ExtensionFilter_Config)(nil),
+		(*ExtensionFilter_TypedConfig)(nil),
+	}
+	type x struct{}
+	out := protoimpl.TypeBuilder{
+		File: protoimpl.DescBuilder{
+			GoPackagePath: reflect.TypeOf(x{}).PkgPath(),
+			RawDescriptor: file_envoy_config_filter_accesslog_v2_accesslog_proto_rawDesc,
+			NumEnums:      2,
+			NumMessages:   14,
+			NumExtensions: 0,
+			NumServices:   0,
+		},
+		GoTypes:           file_envoy_config_filter_accesslog_v2_accesslog_proto_goTypes,
+		DependencyIndexes: file_envoy_config_filter_accesslog_v2_accesslog_proto_depIdxs,
+		EnumInfos:         file_envoy_config_filter_accesslog_v2_accesslog_proto_enumTypes,
+		MessageInfos:      file_envoy_config_filter_accesslog_v2_accesslog_proto_msgTypes,
+	}.Build()
+	File_envoy_config_filter_accesslog_v2_accesslog_proto = out.File
+	file_envoy_config_filter_accesslog_v2_accesslog_proto_rawDesc = nil
+	file_envoy_config_filter_accesslog_v2_accesslog_proto_goTypes = nil
+	file_envoy_config_filter_accesslog_v2_accesslog_proto_depIdxs = nil
+}
diff --git a/vendor/github.com/envoyproxy/go-control-plane/envoy/config/filter/accesslog/v2/accesslog.pb.validate.go b/vendor/github.com/envoyproxy/go-control-plane/envoy/config/filter/accesslog/v2/accesslog.pb.validate.go
new file mode 100644
index 00000000000..21db1614646
--- /dev/null
+++ b/vendor/github.com/envoyproxy/go-control-plane/envoy/config/filter/accesslog/v2/accesslog.pb.validate.go
@@ -0,0 +1,2290 @@
+// Code generated by protoc-gen-validate. DO NOT EDIT.
+// source: envoy/config/filter/accesslog/v2/accesslog.proto
+
+package envoy_config_filter_accesslog_v2
+
+import (
+	"bytes"
+	"errors"
+	"fmt"
+	"net"
+	"net/mail"
+	"net/url"
+	"regexp"
+	"sort"
+	"strings"
+	"time"
+	"unicode/utf8"
+
+	"google.golang.org/protobuf/types/known/anypb"
+)
+
+// ensure the imports are used
+var (
+	_ = bytes.MinRead
+	_ = errors.New("")
+	_ = fmt.Print
+	_ = utf8.UTFMax
+	_ = (*regexp.Regexp)(nil)
+	_ = (*strings.Reader)(nil)
+	_ = net.IPv4len
+	_ = time.Duration(0)
+	_ = (*url.URL)(nil)
+	_ = (*mail.Address)(nil)
+	_ = anypb.Any{}
+	_ = sort.Sort
+)
+
+// Validate checks the field values on AccessLog with the rules defined in the
+// proto definition for this message. If any rules are violated, the first
+// error encountered is returned, or nil if there are no violations.
+func (m *AccessLog) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on AccessLog with the rules defined in
+// the proto definition for this message. If any rules are violated, the
+// result is a list of violation errors wrapped in AccessLogMultiError, or nil
+// if none found.
+func (m *AccessLog) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *AccessLog) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	// no validation rules for Name
+
+	if all {
+		switch v := interface{}(m.GetFilter()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, AccessLogValidationError{
+					field:  "Filter",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, AccessLogValidationError{
+					field:  "Filter",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetFilter()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return AccessLogValidationError{
+				field:  "Filter",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	switch m.ConfigType.(type) {
+
+	case *AccessLog_Config:
+
+		if all {
+			switch v := interface{}(m.GetConfig()).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, AccessLogValidationError{
+						field:  "Config",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, AccessLogValidationError{
+						field:  "Config",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(m.GetConfig()).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return AccessLogValidationError{
+					field:  "Config",
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	case *AccessLog_TypedConfig:
+
+		if all {
+			switch v := interface{}(m.GetTypedConfig()).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, AccessLogValidationError{
+						field:  "TypedConfig",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, AccessLogValidationError{
+						field:  "TypedConfig",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(m.GetTypedConfig()).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return AccessLogValidationError{
+					field:  "TypedConfig",
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	}
+
+	if len(errors) > 0 {
+		return AccessLogMultiError(errors)
+	}
+	return nil
+}
+
+// AccessLogMultiError is an error wrapping multiple validation errors returned
+// by AccessLog.ValidateAll() if the designated constraints aren't met.
+type AccessLogMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m AccessLogMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m AccessLogMultiError) AllErrors() []error { return m }
+
+// AccessLogValidationError is the validation error returned by
+// AccessLog.Validate if the designated constraints aren't met.
+type AccessLogValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e AccessLogValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e AccessLogValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e AccessLogValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e AccessLogValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e AccessLogValidationError) ErrorName() string { return "AccessLogValidationError" }
+
+// Error satisfies the builtin error interface
+func (e AccessLogValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sAccessLog.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = AccessLogValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = AccessLogValidationError{}
+
+// Validate checks the field values on AccessLogFilter with the rules defined
+// in the proto definition for this message. If any rules are violated, the
+// first error encountered is returned, or nil if there are no violations.
+func (m *AccessLogFilter) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on AccessLogFilter with the rules
+// defined in the proto definition for this message. If any rules are
+// violated, the result is a list of violation errors wrapped in
+// AccessLogFilterMultiError, or nil if none found.
+func (m *AccessLogFilter) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *AccessLogFilter) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	switch m.FilterSpecifier.(type) {
+
+	case *AccessLogFilter_StatusCodeFilter:
+
+		if all {
+			switch v := interface{}(m.GetStatusCodeFilter()).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, AccessLogFilterValidationError{
+						field:  "StatusCodeFilter",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, AccessLogFilterValidationError{
+						field:  "StatusCodeFilter",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(m.GetStatusCodeFilter()).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return AccessLogFilterValidationError{
+					field:  "StatusCodeFilter",
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	case *AccessLogFilter_DurationFilter:
+
+		if all {
+			switch v := interface{}(m.GetDurationFilter()).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, AccessLogFilterValidationError{
+						field:  "DurationFilter",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, AccessLogFilterValidationError{
+						field:  "DurationFilter",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(m.GetDurationFilter()).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return AccessLogFilterValidationError{
+					field:  "DurationFilter",
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	case *AccessLogFilter_NotHealthCheckFilter:
+
+		if all {
+			switch v := interface{}(m.GetNotHealthCheckFilter()).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, AccessLogFilterValidationError{
+						field:  "NotHealthCheckFilter",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, AccessLogFilterValidationError{
+						field:  "NotHealthCheckFilter",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(m.GetNotHealthCheckFilter()).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return AccessLogFilterValidationError{
+					field:  "NotHealthCheckFilter",
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	case *AccessLogFilter_TraceableFilter:
+
+		if all {
+			switch v := interface{}(m.GetTraceableFilter()).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, AccessLogFilterValidationError{
+						field:  "TraceableFilter",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, AccessLogFilterValidationError{
+						field:  "TraceableFilter",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(m.GetTraceableFilter()).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return AccessLogFilterValidationError{
+					field:  "TraceableFilter",
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	case *AccessLogFilter_RuntimeFilter:
+
+		if all {
+			switch v := interface{}(m.GetRuntimeFilter()).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, AccessLogFilterValidationError{
+						field:  "RuntimeFilter",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, AccessLogFilterValidationError{
+						field:  "RuntimeFilter",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(m.GetRuntimeFilter()).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return AccessLogFilterValidationError{
+					field:  "RuntimeFilter",
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	case *AccessLogFilter_AndFilter:
+
+		if all {
+			switch v := interface{}(m.GetAndFilter()).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, AccessLogFilterValidationError{
+						field:  "AndFilter",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, AccessLogFilterValidationError{
+						field:  "AndFilter",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(m.GetAndFilter()).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return AccessLogFilterValidationError{
+					field:  "AndFilter",
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	case *AccessLogFilter_OrFilter:
+
+		if all {
+			switch v := interface{}(m.GetOrFilter()).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, AccessLogFilterValidationError{
+						field:  "OrFilter",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, AccessLogFilterValidationError{
+						field:  "OrFilter",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(m.GetOrFilter()).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return AccessLogFilterValidationError{
+					field:  "OrFilter",
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	case *AccessLogFilter_HeaderFilter:
+
+		if all {
+			switch v := interface{}(m.GetHeaderFilter()).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, AccessLogFilterValidationError{
+						field:  "HeaderFilter",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, AccessLogFilterValidationError{
+						field:  "HeaderFilter",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(m.GetHeaderFilter()).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return AccessLogFilterValidationError{
+					field:  "HeaderFilter",
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	case *AccessLogFilter_ResponseFlagFilter:
+
+		if all {
+			switch v := interface{}(m.GetResponseFlagFilter()).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, AccessLogFilterValidationError{
+						field:  "ResponseFlagFilter",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, AccessLogFilterValidationError{
+						field:  "ResponseFlagFilter",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(m.GetResponseFlagFilter()).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return AccessLogFilterValidationError{
+					field:  "ResponseFlagFilter",
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	case *AccessLogFilter_GrpcStatusFilter:
+
+		if all {
+			switch v := interface{}(m.GetGrpcStatusFilter()).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, AccessLogFilterValidationError{
+						field:  "GrpcStatusFilter",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, AccessLogFilterValidationError{
+						field:  "GrpcStatusFilter",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(m.GetGrpcStatusFilter()).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return AccessLogFilterValidationError{
+					field:  "GrpcStatusFilter",
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	case *AccessLogFilter_ExtensionFilter:
+
+		if all {
+			switch v := interface{}(m.GetExtensionFilter()).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, AccessLogFilterValidationError{
+						field:  "ExtensionFilter",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, AccessLogFilterValidationError{
+						field:  "ExtensionFilter",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(m.GetExtensionFilter()).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return AccessLogFilterValidationError{
+					field:  "ExtensionFilter",
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	default:
+		err := AccessLogFilterValidationError{
+			field:  "FilterSpecifier",
+			reason: "value is required",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+
+	}
+
+	if len(errors) > 0 {
+		return AccessLogFilterMultiError(errors)
+	}
+	return nil
+}
+
+// AccessLogFilterMultiError is an error wrapping multiple validation errors
+// returned by AccessLogFilter.ValidateAll() if the designated constraints
+// aren't met.
+type AccessLogFilterMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m AccessLogFilterMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m AccessLogFilterMultiError) AllErrors() []error { return m }
+
+// AccessLogFilterValidationError is the validation error returned by
+// AccessLogFilter.Validate if the designated constraints aren't met.
+type AccessLogFilterValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e AccessLogFilterValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e AccessLogFilterValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e AccessLogFilterValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e AccessLogFilterValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e AccessLogFilterValidationError) ErrorName() string { return "AccessLogFilterValidationError" }
+
+// Error satisfies the builtin error interface
+func (e AccessLogFilterValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sAccessLogFilter.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = AccessLogFilterValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = AccessLogFilterValidationError{}
+
+// Validate checks the field values on ComparisonFilter with the rules defined
+// in the proto definition for this message. If any rules are violated, the
+// first error encountered is returned, or nil if there are no violations.
+func (m *ComparisonFilter) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on ComparisonFilter with the rules
+// defined in the proto definition for this message. If any rules are
+// violated, the result is a list of violation errors wrapped in
+// ComparisonFilterMultiError, or nil if none found.
+func (m *ComparisonFilter) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *ComparisonFilter) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	if _, ok := ComparisonFilter_Op_name[int32(m.GetOp())]; !ok {
+		err := ComparisonFilterValidationError{
+			field:  "Op",
+			reason: "value must be one of the defined enum values",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+	}
+
+	if all {
+		switch v := interface{}(m.GetValue()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, ComparisonFilterValidationError{
+					field:  "Value",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, ComparisonFilterValidationError{
+					field:  "Value",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetValue()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return ComparisonFilterValidationError{
+				field:  "Value",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if len(errors) > 0 {
+		return ComparisonFilterMultiError(errors)
+	}
+	return nil
+}
+
+// ComparisonFilterMultiError is an error wrapping multiple validation errors
+// returned by ComparisonFilter.ValidateAll() if the designated constraints
+// aren't met.
+type ComparisonFilterMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m ComparisonFilterMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m ComparisonFilterMultiError) AllErrors() []error { return m }
+
+// ComparisonFilterValidationError is the validation error returned by
+// ComparisonFilter.Validate if the designated constraints aren't met.
+type ComparisonFilterValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e ComparisonFilterValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e ComparisonFilterValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e ComparisonFilterValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e ComparisonFilterValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e ComparisonFilterValidationError) ErrorName() string { return "ComparisonFilterValidationError" }
+
+// Error satisfies the builtin error interface
+func (e ComparisonFilterValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sComparisonFilter.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = ComparisonFilterValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = ComparisonFilterValidationError{}
+
+// Validate checks the field values on StatusCodeFilter with the rules defined
+// in the proto definition for this message. If any rules are violated, the
+// first error encountered is returned, or nil if there are no violations.
+func (m *StatusCodeFilter) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on StatusCodeFilter with the rules
+// defined in the proto definition for this message. If any rules are
+// violated, the result is a list of violation errors wrapped in
+// StatusCodeFilterMultiError, or nil if none found.
+func (m *StatusCodeFilter) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *StatusCodeFilter) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	if m.GetComparison() == nil {
+		err := StatusCodeFilterValidationError{
+			field:  "Comparison",
+			reason: "value is required",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+	}
+
+	if all {
+		switch v := interface{}(m.GetComparison()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, StatusCodeFilterValidationError{
+					field:  "Comparison",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, StatusCodeFilterValidationError{
+					field:  "Comparison",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetComparison()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return StatusCodeFilterValidationError{
+				field:  "Comparison",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if len(errors) > 0 {
+		return StatusCodeFilterMultiError(errors)
+	}
+	return nil
+}
+
+// StatusCodeFilterMultiError is an error wrapping multiple validation errors
+// returned by StatusCodeFilter.ValidateAll() if the designated constraints
+// aren't met.
+type StatusCodeFilterMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m StatusCodeFilterMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m StatusCodeFilterMultiError) AllErrors() []error { return m }
+
+// StatusCodeFilterValidationError is the validation error returned by
+// StatusCodeFilter.Validate if the designated constraints aren't met.
+type StatusCodeFilterValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e StatusCodeFilterValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e StatusCodeFilterValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e StatusCodeFilterValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e StatusCodeFilterValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e StatusCodeFilterValidationError) ErrorName() string { return "StatusCodeFilterValidationError" }
+
+// Error satisfies the builtin error interface
+func (e StatusCodeFilterValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sStatusCodeFilter.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = StatusCodeFilterValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = StatusCodeFilterValidationError{}
+
+// Validate checks the field values on DurationFilter with the rules defined in
+// the proto definition for this message. If any rules are violated, the first
+// error encountered is returned, or nil if there are no violations.
+func (m *DurationFilter) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on DurationFilter with the rules defined
+// in the proto definition for this message. If any rules are violated, the
+// result is a list of violation errors wrapped in DurationFilterMultiError,
+// or nil if none found.
+func (m *DurationFilter) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *DurationFilter) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	if m.GetComparison() == nil {
+		err := DurationFilterValidationError{
+			field:  "Comparison",
+			reason: "value is required",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+	}
+
+	if all {
+		switch v := interface{}(m.GetComparison()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, DurationFilterValidationError{
+					field:  "Comparison",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, DurationFilterValidationError{
+					field:  "Comparison",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetComparison()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return DurationFilterValidationError{
+				field:  "Comparison",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if len(errors) > 0 {
+		return DurationFilterMultiError(errors)
+	}
+	return nil
+}
+
+// DurationFilterMultiError is an error wrapping multiple validation errors
+// returned by DurationFilter.ValidateAll() if the designated constraints
+// aren't met.
+type DurationFilterMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m DurationFilterMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m DurationFilterMultiError) AllErrors() []error { return m }
+
+// DurationFilterValidationError is the validation error returned by
+// DurationFilter.Validate if the designated constraints aren't met.
+type DurationFilterValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e DurationFilterValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e DurationFilterValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e DurationFilterValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e DurationFilterValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e DurationFilterValidationError) ErrorName() string { return "DurationFilterValidationError" }
+
+// Error satisfies the builtin error interface
+func (e DurationFilterValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sDurationFilter.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = DurationFilterValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = DurationFilterValidationError{}
+
+// Validate checks the field values on NotHealthCheckFilter with the rules
+// defined in the proto definition for this message. If any rules are
+// violated, the first error encountered is returned, or nil if there are no violations.
+func (m *NotHealthCheckFilter) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on NotHealthCheckFilter with the rules
+// defined in the proto definition for this message. If any rules are
+// violated, the result is a list of violation errors wrapped in
+// NotHealthCheckFilterMultiError, or nil if none found.
+func (m *NotHealthCheckFilter) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *NotHealthCheckFilter) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	if len(errors) > 0 {
+		return NotHealthCheckFilterMultiError(errors)
+	}
+	return nil
+}
+
+// NotHealthCheckFilterMultiError is an error wrapping multiple validation
+// errors returned by NotHealthCheckFilter.ValidateAll() if the designated
+// constraints aren't met.
+type NotHealthCheckFilterMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m NotHealthCheckFilterMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m NotHealthCheckFilterMultiError) AllErrors() []error { return m }
+
+// NotHealthCheckFilterValidationError is the validation error returned by
+// NotHealthCheckFilter.Validate if the designated constraints aren't met.
+type NotHealthCheckFilterValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e NotHealthCheckFilterValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e NotHealthCheckFilterValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e NotHealthCheckFilterValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e NotHealthCheckFilterValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e NotHealthCheckFilterValidationError) ErrorName() string {
+	return "NotHealthCheckFilterValidationError"
+}
+
+// Error satisfies the builtin error interface
+func (e NotHealthCheckFilterValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sNotHealthCheckFilter.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = NotHealthCheckFilterValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = NotHealthCheckFilterValidationError{}
+
+// Validate checks the field values on TraceableFilter with the rules defined
+// in the proto definition for this message. If any rules are violated, the
+// first error encountered is returned, or nil if there are no violations.
+func (m *TraceableFilter) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on TraceableFilter with the rules
+// defined in the proto definition for this message. If any rules are
+// violated, the result is a list of violation errors wrapped in
+// TraceableFilterMultiError, or nil if none found.
+func (m *TraceableFilter) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *TraceableFilter) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	if len(errors) > 0 {
+		return TraceableFilterMultiError(errors)
+	}
+	return nil
+}
+
+// TraceableFilterMultiError is an error wrapping multiple validation errors
+// returned by TraceableFilter.ValidateAll() if the designated constraints
+// aren't met.
+type TraceableFilterMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m TraceableFilterMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m TraceableFilterMultiError) AllErrors() []error { return m }
+
+// TraceableFilterValidationError is the validation error returned by
+// TraceableFilter.Validate if the designated constraints aren't met.
+type TraceableFilterValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e TraceableFilterValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e TraceableFilterValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e TraceableFilterValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e TraceableFilterValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e TraceableFilterValidationError) ErrorName() string { return "TraceableFilterValidationError" }
+
+// Error satisfies the builtin error interface
+func (e TraceableFilterValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sTraceableFilter.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = TraceableFilterValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = TraceableFilterValidationError{}
+
+// Validate checks the field values on RuntimeFilter with the rules defined in
+// the proto definition for this message. If any rules are violated, the first
+// error encountered is returned, or nil if there are no violations.
+func (m *RuntimeFilter) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on RuntimeFilter with the rules defined
+// in the proto definition for this message. If any rules are violated, the
+// result is a list of violation errors wrapped in RuntimeFilterMultiError, or
+// nil if none found.
+func (m *RuntimeFilter) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *RuntimeFilter) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	if len(m.GetRuntimeKey()) < 1 {
+		err := RuntimeFilterValidationError{
+			field:  "RuntimeKey",
+			reason: "value length must be at least 1 bytes",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+	}
+
+	if all {
+		switch v := interface{}(m.GetPercentSampled()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, RuntimeFilterValidationError{
+					field:  "PercentSampled",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, RuntimeFilterValidationError{
+					field:  "PercentSampled",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetPercentSampled()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return RuntimeFilterValidationError{
+				field:  "PercentSampled",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	// no validation rules for UseIndependentRandomness
+
+	if len(errors) > 0 {
+		return RuntimeFilterMultiError(errors)
+	}
+	return nil
+}
+
+// RuntimeFilterMultiError is an error wrapping multiple validation errors
+// returned by RuntimeFilter.ValidateAll() if the designated constraints
+// aren't met.
+type RuntimeFilterMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m RuntimeFilterMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m RuntimeFilterMultiError) AllErrors() []error { return m }
+
+// RuntimeFilterValidationError is the validation error returned by
+// RuntimeFilter.Validate if the designated constraints aren't met.
+type RuntimeFilterValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e RuntimeFilterValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e RuntimeFilterValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e RuntimeFilterValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e RuntimeFilterValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e RuntimeFilterValidationError) ErrorName() string { return "RuntimeFilterValidationError" }
+
+// Error satisfies the builtin error interface
+func (e RuntimeFilterValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sRuntimeFilter.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = RuntimeFilterValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = RuntimeFilterValidationError{}
+
+// Validate checks the field values on AndFilter with the rules defined in the
+// proto definition for this message. If any rules are violated, the first
+// error encountered is returned, or nil if there are no violations.
+func (m *AndFilter) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on AndFilter with the rules defined in
+// the proto definition for this message. If any rules are violated, the
+// result is a list of violation errors wrapped in AndFilterMultiError, or nil
+// if none found.
+func (m *AndFilter) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *AndFilter) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	if len(m.GetFilters()) < 2 {
+		err := AndFilterValidationError{
+			field:  "Filters",
+			reason: "value must contain at least 2 item(s)",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+	}
+
+	for idx, item := range m.GetFilters() {
+		_, _ = idx, item
+
+		if all {
+			switch v := interface{}(item).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, AndFilterValidationError{
+						field:  fmt.Sprintf("Filters[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, AndFilterValidationError{
+						field:  fmt.Sprintf("Filters[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(item).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return AndFilterValidationError{
+					field:  fmt.Sprintf("Filters[%v]", idx),
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	}
+
+	if len(errors) > 0 {
+		return AndFilterMultiError(errors)
+	}
+	return nil
+}
+
+// AndFilterMultiError is an error wrapping multiple validation errors returned
+// by AndFilter.ValidateAll() if the designated constraints aren't met.
+type AndFilterMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m AndFilterMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m AndFilterMultiError) AllErrors() []error { return m }
+
+// AndFilterValidationError is the validation error returned by
+// AndFilter.Validate if the designated constraints aren't met.
+type AndFilterValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e AndFilterValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e AndFilterValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e AndFilterValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e AndFilterValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e AndFilterValidationError) ErrorName() string { return "AndFilterValidationError" }
+
+// Error satisfies the builtin error interface
+func (e AndFilterValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sAndFilter.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = AndFilterValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = AndFilterValidationError{}
+
+// Validate checks the field values on OrFilter with the rules defined in the
+// proto definition for this message. If any rules are violated, the first
+// error encountered is returned, or nil if there are no violations.
+func (m *OrFilter) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on OrFilter with the rules defined in
+// the proto definition for this message. If any rules are violated, the
+// result is a list of violation errors wrapped in OrFilterMultiError, or nil
+// if none found.
+func (m *OrFilter) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *OrFilter) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	if len(m.GetFilters()) < 2 {
+		err := OrFilterValidationError{
+			field:  "Filters",
+			reason: "value must contain at least 2 item(s)",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+	}
+
+	for idx, item := range m.GetFilters() {
+		_, _ = idx, item
+
+		if all {
+			switch v := interface{}(item).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, OrFilterValidationError{
+						field:  fmt.Sprintf("Filters[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, OrFilterValidationError{
+						field:  fmt.Sprintf("Filters[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(item).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return OrFilterValidationError{
+					field:  fmt.Sprintf("Filters[%v]", idx),
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	}
+
+	if len(errors) > 0 {
+		return OrFilterMultiError(errors)
+	}
+	return nil
+}
+
+// OrFilterMultiError is an error wrapping multiple validation errors returned
+// by OrFilter.ValidateAll() if the designated constraints aren't met.
+type OrFilterMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m OrFilterMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m OrFilterMultiError) AllErrors() []error { return m }
+
+// OrFilterValidationError is the validation error returned by
+// OrFilter.Validate if the designated constraints aren't met.
+type OrFilterValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e OrFilterValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e OrFilterValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e OrFilterValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e OrFilterValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e OrFilterValidationError) ErrorName() string { return "OrFilterValidationError" }
+
+// Error satisfies the builtin error interface
+func (e OrFilterValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sOrFilter.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = OrFilterValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = OrFilterValidationError{}
+
+// Validate checks the field values on HeaderFilter with the rules defined in
+// the proto definition for this message. If any rules are violated, the first
+// error encountered is returned, or nil if there are no violations.
+func (m *HeaderFilter) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on HeaderFilter with the rules defined
+// in the proto definition for this message. If any rules are violated, the
+// result is a list of violation errors wrapped in HeaderFilterMultiError, or
+// nil if none found.
+func (m *HeaderFilter) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *HeaderFilter) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	if m.GetHeader() == nil {
+		err := HeaderFilterValidationError{
+			field:  "Header",
+			reason: "value is required",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+	}
+
+	if all {
+		switch v := interface{}(m.GetHeader()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, HeaderFilterValidationError{
+					field:  "Header",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, HeaderFilterValidationError{
+					field:  "Header",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetHeader()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return HeaderFilterValidationError{
+				field:  "Header",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if len(errors) > 0 {
+		return HeaderFilterMultiError(errors)
+	}
+	return nil
+}
+
+// HeaderFilterMultiError is an error wrapping multiple validation errors
+// returned by HeaderFilter.ValidateAll() if the designated constraints aren't met.
+type HeaderFilterMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m HeaderFilterMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m HeaderFilterMultiError) AllErrors() []error { return m }
+
+// HeaderFilterValidationError is the validation error returned by
+// HeaderFilter.Validate if the designated constraints aren't met.
+type HeaderFilterValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e HeaderFilterValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e HeaderFilterValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e HeaderFilterValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e HeaderFilterValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e HeaderFilterValidationError) ErrorName() string { return "HeaderFilterValidationError" }
+
+// Error satisfies the builtin error interface
+func (e HeaderFilterValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sHeaderFilter.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = HeaderFilterValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = HeaderFilterValidationError{}
+
+// Validate checks the field values on ResponseFlagFilter with the rules
+// defined in the proto definition for this message. If any rules are
+// violated, the first error encountered is returned, or nil if there are no violations.
+func (m *ResponseFlagFilter) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on ResponseFlagFilter with the rules
+// defined in the proto definition for this message. If any rules are
+// violated, the result is a list of violation errors wrapped in
+// ResponseFlagFilterMultiError, or nil if none found.
+func (m *ResponseFlagFilter) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *ResponseFlagFilter) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	for idx, item := range m.GetFlags() {
+		_, _ = idx, item
+
+		if _, ok := _ResponseFlagFilter_Flags_InLookup[item]; !ok {
+			err := ResponseFlagFilterValidationError{
+				field:  fmt.Sprintf("Flags[%v]", idx),
+				reason: "value must be in list [LH UH UT LR UR UF UC UO NR DI FI RL UAEX RLSE DC URX SI IH DPE]",
+			}
+			if !all {
+				return err
+			}
+			errors = append(errors, err)
+		}
+
+	}
+
+	if len(errors) > 0 {
+		return ResponseFlagFilterMultiError(errors)
+	}
+	return nil
+}
+
+// ResponseFlagFilterMultiError is an error wrapping multiple validation errors
+// returned by ResponseFlagFilter.ValidateAll() if the designated constraints
+// aren't met.
+type ResponseFlagFilterMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m ResponseFlagFilterMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m ResponseFlagFilterMultiError) AllErrors() []error { return m }
+
+// ResponseFlagFilterValidationError is the validation error returned by
+// ResponseFlagFilter.Validate if the designated constraints aren't met.
+type ResponseFlagFilterValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e ResponseFlagFilterValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e ResponseFlagFilterValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e ResponseFlagFilterValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e ResponseFlagFilterValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e ResponseFlagFilterValidationError) ErrorName() string {
+	return "ResponseFlagFilterValidationError"
+}
+
+// Error satisfies the builtin error interface
+func (e ResponseFlagFilterValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sResponseFlagFilter.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = ResponseFlagFilterValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = ResponseFlagFilterValidationError{}
+
+var _ResponseFlagFilter_Flags_InLookup = map[string]struct{}{
+	"LH":   {},
+	"UH":   {},
+	"UT":   {},
+	"LR":   {},
+	"UR":   {},
+	"UF":   {},
+	"UC":   {},
+	"UO":   {},
+	"NR":   {},
+	"DI":   {},
+	"FI":   {},
+	"RL":   {},
+	"UAEX": {},
+	"RLSE": {},
+	"DC":   {},
+	"URX":  {},
+	"SI":   {},
+	"IH":   {},
+	"DPE":  {},
+}
+
+// Validate checks the field values on GrpcStatusFilter with the rules defined
+// in the proto definition for this message. If any rules are violated, the
+// first error encountered is returned, or nil if there are no violations.
+func (m *GrpcStatusFilter) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on GrpcStatusFilter with the rules
+// defined in the proto definition for this message. If any rules are
+// violated, the result is a list of violation errors wrapped in
+// GrpcStatusFilterMultiError, or nil if none found.
+func (m *GrpcStatusFilter) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *GrpcStatusFilter) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	for idx, item := range m.GetStatuses() {
+		_, _ = idx, item
+
+		if _, ok := GrpcStatusFilter_Status_name[int32(item)]; !ok {
+			err := GrpcStatusFilterValidationError{
+				field:  fmt.Sprintf("Statuses[%v]", idx),
+				reason: "value must be one of the defined enum values",
+			}
+			if !all {
+				return err
+			}
+			errors = append(errors, err)
+		}
+
+	}
+
+	// no validation rules for Exclude
+
+	if len(errors) > 0 {
+		return GrpcStatusFilterMultiError(errors)
+	}
+	return nil
+}
+
+// GrpcStatusFilterMultiError is an error wrapping multiple validation errors
+// returned by GrpcStatusFilter.ValidateAll() if the designated constraints
+// aren't met.
+type GrpcStatusFilterMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m GrpcStatusFilterMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m GrpcStatusFilterMultiError) AllErrors() []error { return m }
+
+// GrpcStatusFilterValidationError is the validation error returned by
+// GrpcStatusFilter.Validate if the designated constraints aren't met.
+type GrpcStatusFilterValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e GrpcStatusFilterValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e GrpcStatusFilterValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e GrpcStatusFilterValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e GrpcStatusFilterValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e GrpcStatusFilterValidationError) ErrorName() string { return "GrpcStatusFilterValidationError" }
+
+// Error satisfies the builtin error interface
+func (e GrpcStatusFilterValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sGrpcStatusFilter.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = GrpcStatusFilterValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = GrpcStatusFilterValidationError{}
+
+// Validate checks the field values on ExtensionFilter with the rules defined
+// in the proto definition for this message. If any rules are violated, the
+// first error encountered is returned, or nil if there are no violations.
+func (m *ExtensionFilter) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on ExtensionFilter with the rules
+// defined in the proto definition for this message. If any rules are
+// violated, the result is a list of violation errors wrapped in
+// ExtensionFilterMultiError, or nil if none found.
+func (m *ExtensionFilter) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *ExtensionFilter) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	// no validation rules for Name
+
+	switch m.ConfigType.(type) {
+
+	case *ExtensionFilter_Config:
+
+		if all {
+			switch v := interface{}(m.GetConfig()).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, ExtensionFilterValidationError{
+						field:  "Config",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, ExtensionFilterValidationError{
+						field:  "Config",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(m.GetConfig()).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return ExtensionFilterValidationError{
+					field:  "Config",
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	case *ExtensionFilter_TypedConfig:
+
+		if all {
+			switch v := interface{}(m.GetTypedConfig()).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, ExtensionFilterValidationError{
+						field:  "TypedConfig",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, ExtensionFilterValidationError{
+						field:  "TypedConfig",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(m.GetTypedConfig()).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return ExtensionFilterValidationError{
+					field:  "TypedConfig",
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	}
+
+	if len(errors) > 0 {
+		return ExtensionFilterMultiError(errors)
+	}
+	return nil
+}
+
+// ExtensionFilterMultiError is an error wrapping multiple validation errors
+// returned by ExtensionFilter.ValidateAll() if the designated constraints
+// aren't met.
+type ExtensionFilterMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m ExtensionFilterMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m ExtensionFilterMultiError) AllErrors() []error { return m }
+
+// ExtensionFilterValidationError is the validation error returned by
+// ExtensionFilter.Validate if the designated constraints aren't met.
+type ExtensionFilterValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e ExtensionFilterValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e ExtensionFilterValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e ExtensionFilterValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e ExtensionFilterValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e ExtensionFilterValidationError) ErrorName() string { return "ExtensionFilterValidationError" }
+
+// Error satisfies the builtin error interface
+func (e ExtensionFilterValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sExtensionFilter.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = ExtensionFilterValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = ExtensionFilterValidationError{}
diff --git a/vendor/github.com/envoyproxy/go-control-plane/envoy/config/listener/v2/api_listener.pb.go b/vendor/github.com/envoyproxy/go-control-plane/envoy/config/listener/v2/api_listener.pb.go
new file mode 100644
index 00000000000..13379fce8d3
--- /dev/null
+++ b/vendor/github.com/envoyproxy/go-control-plane/envoy/config/listener/v2/api_listener.pb.go
@@ -0,0 +1,177 @@
+// Code generated by protoc-gen-go. DO NOT EDIT.
+// versions:
+// 	protoc-gen-go v1.25.0
+// 	protoc        v3.19.1
+// source: envoy/config/listener/v2/api_listener.proto
+
+package envoy_config_listener_v2
+
+import (
+	_ "github.com/cncf/xds/go/udpa/annotations"
+	proto "github.com/golang/protobuf/proto"
+	any "github.com/golang/protobuf/ptypes/any"
+	protoreflect "google.golang.org/protobuf/reflect/protoreflect"
+	protoimpl "google.golang.org/protobuf/runtime/protoimpl"
+	reflect "reflect"
+	sync "sync"
+)
+
+const (
+	// Verify that this generated code is sufficiently up-to-date.
+	_ = protoimpl.EnforceVersion(20 - protoimpl.MinVersion)
+	// Verify that runtime/protoimpl is sufficiently up-to-date.
+	_ = protoimpl.EnforceVersion(protoimpl.MaxVersion - 20)
+)
+
+// This is a compile-time assertion that a sufficiently up-to-date version
+// of the legacy proto package is being used.
+const _ = proto.ProtoPackageIsVersion4
+
+// Describes a type of API listener, which is used in non-proxy clients. The type of API
+// exposed to the non-proxy application depends on the type of API listener.
+type ApiListener struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// The type in this field determines the type of API listener. At present, the following
+	// types are supported:
+	// envoy.config.filter.network.http_connection_manager.v2.HttpConnectionManager (HTTP)
+	// [#next-major-version: In the v3 API, replace this Any field with a oneof containing the
+	// specific config message for each type of API listener. We could not do this in v2 because
+	// it would have caused circular dependencies for go protos: lds.proto depends on this file,
+	// and http_connection_manager.proto depends on rds.proto, which is in the same directory as
+	// lds.proto, so lds.proto cannot depend on this file.]
+	ApiListener *any.Any `protobuf:"bytes,1,opt,name=api_listener,json=apiListener,proto3" json:"api_listener,omitempty"`
+}
+
+func (x *ApiListener) Reset() {
+	*x = ApiListener{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_config_listener_v2_api_listener_proto_msgTypes[0]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *ApiListener) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*ApiListener) ProtoMessage() {}
+
+func (x *ApiListener) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_config_listener_v2_api_listener_proto_msgTypes[0]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use ApiListener.ProtoReflect.Descriptor instead.
+func (*ApiListener) Descriptor() ([]byte, []int) {
+	return file_envoy_config_listener_v2_api_listener_proto_rawDescGZIP(), []int{0}
+}
+
+func (x *ApiListener) GetApiListener() *any.Any {
+	if x != nil {
+		return x.ApiListener
+	}
+	return nil
+}
+
+var File_envoy_config_listener_v2_api_listener_proto protoreflect.FileDescriptor
+
+var file_envoy_config_listener_v2_api_listener_proto_rawDesc = []byte{
+	0x0a, 0x2b, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2f, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2f, 0x6c,
+	0x69, 0x73, 0x74, 0x65, 0x6e, 0x65, 0x72, 0x2f, 0x76, 0x32, 0x2f, 0x61, 0x70, 0x69, 0x5f, 0x6c,
+	0x69, 0x73, 0x74, 0x65, 0x6e, 0x65, 0x72, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x12, 0x18, 0x65,
+	0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x6c, 0x69, 0x73, 0x74,
+	0x65, 0x6e, 0x65, 0x72, 0x2e, 0x76, 0x32, 0x1a, 0x19, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2f,
+	0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2f, 0x61, 0x6e, 0x79, 0x2e, 0x70, 0x72, 0x6f,
+	0x74, 0x6f, 0x1a, 0x1e, 0x75, 0x64, 0x70, 0x61, 0x2f, 0x61, 0x6e, 0x6e, 0x6f, 0x74, 0x61, 0x74,
+	0x69, 0x6f, 0x6e, 0x73, 0x2f, 0x6d, 0x69, 0x67, 0x72, 0x61, 0x74, 0x65, 0x2e, 0x70, 0x72, 0x6f,
+	0x74, 0x6f, 0x1a, 0x1d, 0x75, 0x64, 0x70, 0x61, 0x2f, 0x61, 0x6e, 0x6e, 0x6f, 0x74, 0x61, 0x74,
+	0x69, 0x6f, 0x6e, 0x73, 0x2f, 0x73, 0x74, 0x61, 0x74, 0x75, 0x73, 0x2e, 0x70, 0x72, 0x6f, 0x74,
+	0x6f, 0x22, 0x46, 0x0a, 0x0b, 0x41, 0x70, 0x69, 0x4c, 0x69, 0x73, 0x74, 0x65, 0x6e, 0x65, 0x72,
+	0x12, 0x37, 0x0a, 0x0c, 0x61, 0x70, 0x69, 0x5f, 0x6c, 0x69, 0x73, 0x74, 0x65, 0x6e, 0x65, 0x72,
+	0x18, 0x01, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x14, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e,
+	0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x41, 0x6e, 0x79, 0x52, 0x0b, 0x61, 0x70,
+	0x69, 0x4c, 0x69, 0x73, 0x74, 0x65, 0x6e, 0x65, 0x72, 0x42, 0x64, 0x0a, 0x26, 0x69, 0x6f, 0x2e,
+	0x65, 0x6e, 0x76, 0x6f, 0x79, 0x70, 0x72, 0x6f, 0x78, 0x79, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79,
+	0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x6c, 0x69, 0x73, 0x74, 0x65, 0x6e, 0x65, 0x72,
+	0x2e, 0x76, 0x32, 0x42, 0x10, 0x41, 0x70, 0x69, 0x4c, 0x69, 0x73, 0x74, 0x65, 0x6e, 0x65, 0x72,
+	0x50, 0x72, 0x6f, 0x74, 0x6f, 0x50, 0x01, 0xf2, 0x98, 0xfe, 0x8f, 0x05, 0x1a, 0x12, 0x18, 0x65,
+	0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x6c, 0x69, 0x73, 0x74,
+	0x65, 0x6e, 0x65, 0x72, 0x2e, 0x76, 0x33, 0xba, 0x80, 0xc8, 0xd1, 0x06, 0x02, 0x10, 0x01, 0x62,
+	0x06, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x33,
+}
+
+var (
+	file_envoy_config_listener_v2_api_listener_proto_rawDescOnce sync.Once
+	file_envoy_config_listener_v2_api_listener_proto_rawDescData = file_envoy_config_listener_v2_api_listener_proto_rawDesc
+)
+
+func file_envoy_config_listener_v2_api_listener_proto_rawDescGZIP() []byte {
+	file_envoy_config_listener_v2_api_listener_proto_rawDescOnce.Do(func() {
+		file_envoy_config_listener_v2_api_listener_proto_rawDescData = protoimpl.X.CompressGZIP(file_envoy_config_listener_v2_api_listener_proto_rawDescData)
+	})
+	return file_envoy_config_listener_v2_api_listener_proto_rawDescData
+}
+
+var file_envoy_config_listener_v2_api_listener_proto_msgTypes = make([]protoimpl.MessageInfo, 1)
+var file_envoy_config_listener_v2_api_listener_proto_goTypes = []interface{}{
+	(*ApiListener)(nil), // 0: envoy.config.listener.v2.ApiListener
+	(*any.Any)(nil),     // 1: google.protobuf.Any
+}
+var file_envoy_config_listener_v2_api_listener_proto_depIdxs = []int32{
+	1, // 0: envoy.config.listener.v2.ApiListener.api_listener:type_name -> google.protobuf.Any
+	1, // [1:1] is the sub-list for method output_type
+	1, // [1:1] is the sub-list for method input_type
+	1, // [1:1] is the sub-list for extension type_name
+	1, // [1:1] is the sub-list for extension extendee
+	0, // [0:1] is the sub-list for field type_name
+}
+
+func init() { file_envoy_config_listener_v2_api_listener_proto_init() }
+func file_envoy_config_listener_v2_api_listener_proto_init() {
+	if File_envoy_config_listener_v2_api_listener_proto != nil {
+		return
+	}
+	if !protoimpl.UnsafeEnabled {
+		file_envoy_config_listener_v2_api_listener_proto_msgTypes[0].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*ApiListener); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+	}
+	type x struct{}
+	out := protoimpl.TypeBuilder{
+		File: protoimpl.DescBuilder{
+			GoPackagePath: reflect.TypeOf(x{}).PkgPath(),
+			RawDescriptor: file_envoy_config_listener_v2_api_listener_proto_rawDesc,
+			NumEnums:      0,
+			NumMessages:   1,
+			NumExtensions: 0,
+			NumServices:   0,
+		},
+		GoTypes:           file_envoy_config_listener_v2_api_listener_proto_goTypes,
+		DependencyIndexes: file_envoy_config_listener_v2_api_listener_proto_depIdxs,
+		MessageInfos:      file_envoy_config_listener_v2_api_listener_proto_msgTypes,
+	}.Build()
+	File_envoy_config_listener_v2_api_listener_proto = out.File
+	file_envoy_config_listener_v2_api_listener_proto_rawDesc = nil
+	file_envoy_config_listener_v2_api_listener_proto_goTypes = nil
+	file_envoy_config_listener_v2_api_listener_proto_depIdxs = nil
+}
diff --git a/vendor/github.com/envoyproxy/go-control-plane/envoy/config/listener/v2/api_listener.pb.validate.go b/vendor/github.com/envoyproxy/go-control-plane/envoy/config/listener/v2/api_listener.pb.validate.go
new file mode 100644
index 00000000000..0f49d9664f8
--- /dev/null
+++ b/vendor/github.com/envoyproxy/go-control-plane/envoy/config/listener/v2/api_listener.pb.validate.go
@@ -0,0 +1,163 @@
+// Code generated by protoc-gen-validate. DO NOT EDIT.
+// source: envoy/config/listener/v2/api_listener.proto
+
+package envoy_config_listener_v2
+
+import (
+	"bytes"
+	"errors"
+	"fmt"
+	"net"
+	"net/mail"
+	"net/url"
+	"regexp"
+	"sort"
+	"strings"
+	"time"
+	"unicode/utf8"
+
+	"google.golang.org/protobuf/types/known/anypb"
+)
+
+// ensure the imports are used
+var (
+	_ = bytes.MinRead
+	_ = errors.New("")
+	_ = fmt.Print
+	_ = utf8.UTFMax
+	_ = (*regexp.Regexp)(nil)
+	_ = (*strings.Reader)(nil)
+	_ = net.IPv4len
+	_ = time.Duration(0)
+	_ = (*url.URL)(nil)
+	_ = (*mail.Address)(nil)
+	_ = anypb.Any{}
+	_ = sort.Sort
+)
+
+// Validate checks the field values on ApiListener with the rules defined in
+// the proto definition for this message. If any rules are violated, the first
+// error encountered is returned, or nil if there are no violations.
+func (m *ApiListener) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on ApiListener with the rules defined in
+// the proto definition for this message. If any rules are violated, the
+// result is a list of violation errors wrapped in ApiListenerMultiError, or
+// nil if none found.
+func (m *ApiListener) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *ApiListener) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	if all {
+		switch v := interface{}(m.GetApiListener()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, ApiListenerValidationError{
+					field:  "ApiListener",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, ApiListenerValidationError{
+					field:  "ApiListener",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetApiListener()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return ApiListenerValidationError{
+				field:  "ApiListener",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if len(errors) > 0 {
+		return ApiListenerMultiError(errors)
+	}
+	return nil
+}
+
+// ApiListenerMultiError is an error wrapping multiple validation errors
+// returned by ApiListener.ValidateAll() if the designated constraints aren't met.
+type ApiListenerMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m ApiListenerMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m ApiListenerMultiError) AllErrors() []error { return m }
+
+// ApiListenerValidationError is the validation error returned by
+// ApiListener.Validate if the designated constraints aren't met.
+type ApiListenerValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e ApiListenerValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e ApiListenerValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e ApiListenerValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e ApiListenerValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e ApiListenerValidationError) ErrorName() string { return "ApiListenerValidationError" }
+
+// Error satisfies the builtin error interface
+func (e ApiListenerValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sApiListener.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = ApiListenerValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = ApiListenerValidationError{}
diff --git a/vendor/github.com/envoyproxy/go-control-plane/envoy/config/listener/v3/api_listener.pb.go b/vendor/github.com/envoyproxy/go-control-plane/envoy/config/listener/v3/api_listener.pb.go
new file mode 100644
index 00000000000..708ca86c1eb
--- /dev/null
+++ b/vendor/github.com/envoyproxy/go-control-plane/envoy/config/listener/v3/api_listener.pb.go
@@ -0,0 +1,179 @@
+// Code generated by protoc-gen-go. DO NOT EDIT.
+// versions:
+// 	protoc-gen-go v1.25.0
+// 	protoc        v3.19.1
+// source: envoy/config/listener/v3/api_listener.proto
+
+package envoy_config_listener_v3
+
+import (
+	_ "github.com/cncf/xds/go/udpa/annotations"
+	proto "github.com/golang/protobuf/proto"
+	any "github.com/golang/protobuf/ptypes/any"
+	protoreflect "google.golang.org/protobuf/reflect/protoreflect"
+	protoimpl "google.golang.org/protobuf/runtime/protoimpl"
+	reflect "reflect"
+	sync "sync"
+)
+
+const (
+	// Verify that this generated code is sufficiently up-to-date.
+	_ = protoimpl.EnforceVersion(20 - protoimpl.MinVersion)
+	// Verify that runtime/protoimpl is sufficiently up-to-date.
+	_ = protoimpl.EnforceVersion(protoimpl.MaxVersion - 20)
+)
+
+// This is a compile-time assertion that a sufficiently up-to-date version
+// of the legacy proto package is being used.
+const _ = proto.ProtoPackageIsVersion4
+
+// Describes a type of API listener, which is used in non-proxy clients. The type of API
+// exposed to the non-proxy application depends on the type of API listener.
+type ApiListener struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// The type in this field determines the type of API listener. At present, the following
+	// types are supported:
+	// envoy.extensions.filters.network.http_connection_manager.v3.HttpConnectionManager (HTTP)
+	// envoy.extensions.filters.network.http_connection_manager.v3.EnvoyMobileHttpConnectionManager (HTTP)
+	// [#next-major-version: In the v3 API, replace this Any field with a oneof containing the
+	// specific config message for each type of API listener. We could not do this in v2 because
+	// it would have caused circular dependencies for go protos: lds.proto depends on this file,
+	// and http_connection_manager.proto depends on rds.proto, which is in the same directory as
+	// lds.proto, so lds.proto cannot depend on this file.]
+	ApiListener *any.Any `protobuf:"bytes,1,opt,name=api_listener,json=apiListener,proto3" json:"api_listener,omitempty"`
+}
+
+func (x *ApiListener) Reset() {
+	*x = ApiListener{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_config_listener_v3_api_listener_proto_msgTypes[0]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *ApiListener) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*ApiListener) ProtoMessage() {}
+
+func (x *ApiListener) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_config_listener_v3_api_listener_proto_msgTypes[0]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use ApiListener.ProtoReflect.Descriptor instead.
+func (*ApiListener) Descriptor() ([]byte, []int) {
+	return file_envoy_config_listener_v3_api_listener_proto_rawDescGZIP(), []int{0}
+}
+
+func (x *ApiListener) GetApiListener() *any.Any {
+	if x != nil {
+		return x.ApiListener
+	}
+	return nil
+}
+
+var File_envoy_config_listener_v3_api_listener_proto protoreflect.FileDescriptor
+
+var file_envoy_config_listener_v3_api_listener_proto_rawDesc = []byte{
+	0x0a, 0x2b, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2f, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2f, 0x6c,
+	0x69, 0x73, 0x74, 0x65, 0x6e, 0x65, 0x72, 0x2f, 0x76, 0x33, 0x2f, 0x61, 0x70, 0x69, 0x5f, 0x6c,
+	0x69, 0x73, 0x74, 0x65, 0x6e, 0x65, 0x72, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x12, 0x18, 0x65,
+	0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x6c, 0x69, 0x73, 0x74,
+	0x65, 0x6e, 0x65, 0x72, 0x2e, 0x76, 0x33, 0x1a, 0x19, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2f,
+	0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2f, 0x61, 0x6e, 0x79, 0x2e, 0x70, 0x72, 0x6f,
+	0x74, 0x6f, 0x1a, 0x1d, 0x75, 0x64, 0x70, 0x61, 0x2f, 0x61, 0x6e, 0x6e, 0x6f, 0x74, 0x61, 0x74,
+	0x69, 0x6f, 0x6e, 0x73, 0x2f, 0x73, 0x74, 0x61, 0x74, 0x75, 0x73, 0x2e, 0x70, 0x72, 0x6f, 0x74,
+	0x6f, 0x1a, 0x21, 0x75, 0x64, 0x70, 0x61, 0x2f, 0x61, 0x6e, 0x6e, 0x6f, 0x74, 0x61, 0x74, 0x69,
+	0x6f, 0x6e, 0x73, 0x2f, 0x76, 0x65, 0x72, 0x73, 0x69, 0x6f, 0x6e, 0x69, 0x6e, 0x67, 0x2e, 0x70,
+	0x72, 0x6f, 0x74, 0x6f, 0x22, 0x73, 0x0a, 0x0b, 0x41, 0x70, 0x69, 0x4c, 0x69, 0x73, 0x74, 0x65,
+	0x6e, 0x65, 0x72, 0x12, 0x37, 0x0a, 0x0c, 0x61, 0x70, 0x69, 0x5f, 0x6c, 0x69, 0x73, 0x74, 0x65,
+	0x6e, 0x65, 0x72, 0x18, 0x01, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x14, 0x2e, 0x67, 0x6f, 0x6f, 0x67,
+	0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x41, 0x6e, 0x79, 0x52,
+	0x0b, 0x61, 0x70, 0x69, 0x4c, 0x69, 0x73, 0x74, 0x65, 0x6e, 0x65, 0x72, 0x3a, 0x2b, 0x9a, 0xc5,
+	0x88, 0x1e, 0x26, 0x0a, 0x24, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69,
+	0x67, 0x2e, 0x6c, 0x69, 0x73, 0x74, 0x65, 0x6e, 0x65, 0x72, 0x2e, 0x76, 0x32, 0x2e, 0x41, 0x70,
+	0x69, 0x4c, 0x69, 0x73, 0x74, 0x65, 0x6e, 0x65, 0x72, 0x42, 0x44, 0x0a, 0x26, 0x69, 0x6f, 0x2e,
+	0x65, 0x6e, 0x76, 0x6f, 0x79, 0x70, 0x72, 0x6f, 0x78, 0x79, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79,
+	0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x6c, 0x69, 0x73, 0x74, 0x65, 0x6e, 0x65, 0x72,
+	0x2e, 0x76, 0x33, 0x42, 0x10, 0x41, 0x70, 0x69, 0x4c, 0x69, 0x73, 0x74, 0x65, 0x6e, 0x65, 0x72,
+	0x50, 0x72, 0x6f, 0x74, 0x6f, 0x50, 0x01, 0xba, 0x80, 0xc8, 0xd1, 0x06, 0x02, 0x10, 0x02, 0x62,
+	0x06, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x33,
+}
+
+var (
+	file_envoy_config_listener_v3_api_listener_proto_rawDescOnce sync.Once
+	file_envoy_config_listener_v3_api_listener_proto_rawDescData = file_envoy_config_listener_v3_api_listener_proto_rawDesc
+)
+
+func file_envoy_config_listener_v3_api_listener_proto_rawDescGZIP() []byte {
+	file_envoy_config_listener_v3_api_listener_proto_rawDescOnce.Do(func() {
+		file_envoy_config_listener_v3_api_listener_proto_rawDescData = protoimpl.X.CompressGZIP(file_envoy_config_listener_v3_api_listener_proto_rawDescData)
+	})
+	return file_envoy_config_listener_v3_api_listener_proto_rawDescData
+}
+
+var file_envoy_config_listener_v3_api_listener_proto_msgTypes = make([]protoimpl.MessageInfo, 1)
+var file_envoy_config_listener_v3_api_listener_proto_goTypes = []interface{}{
+	(*ApiListener)(nil), // 0: envoy.config.listener.v3.ApiListener
+	(*any.Any)(nil),     // 1: google.protobuf.Any
+}
+var file_envoy_config_listener_v3_api_listener_proto_depIdxs = []int32{
+	1, // 0: envoy.config.listener.v3.ApiListener.api_listener:type_name -> google.protobuf.Any
+	1, // [1:1] is the sub-list for method output_type
+	1, // [1:1] is the sub-list for method input_type
+	1, // [1:1] is the sub-list for extension type_name
+	1, // [1:1] is the sub-list for extension extendee
+	0, // [0:1] is the sub-list for field type_name
+}
+
+func init() { file_envoy_config_listener_v3_api_listener_proto_init() }
+func file_envoy_config_listener_v3_api_listener_proto_init() {
+	if File_envoy_config_listener_v3_api_listener_proto != nil {
+		return
+	}
+	if !protoimpl.UnsafeEnabled {
+		file_envoy_config_listener_v3_api_listener_proto_msgTypes[0].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*ApiListener); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+	}
+	type x struct{}
+	out := protoimpl.TypeBuilder{
+		File: protoimpl.DescBuilder{
+			GoPackagePath: reflect.TypeOf(x{}).PkgPath(),
+			RawDescriptor: file_envoy_config_listener_v3_api_listener_proto_rawDesc,
+			NumEnums:      0,
+			NumMessages:   1,
+			NumExtensions: 0,
+			NumServices:   0,
+		},
+		GoTypes:           file_envoy_config_listener_v3_api_listener_proto_goTypes,
+		DependencyIndexes: file_envoy_config_listener_v3_api_listener_proto_depIdxs,
+		MessageInfos:      file_envoy_config_listener_v3_api_listener_proto_msgTypes,
+	}.Build()
+	File_envoy_config_listener_v3_api_listener_proto = out.File
+	file_envoy_config_listener_v3_api_listener_proto_rawDesc = nil
+	file_envoy_config_listener_v3_api_listener_proto_goTypes = nil
+	file_envoy_config_listener_v3_api_listener_proto_depIdxs = nil
+}
diff --git a/vendor/github.com/envoyproxy/go-control-plane/envoy/config/listener/v3/api_listener.pb.validate.go b/vendor/github.com/envoyproxy/go-control-plane/envoy/config/listener/v3/api_listener.pb.validate.go
new file mode 100644
index 00000000000..9e77d341a34
--- /dev/null
+++ b/vendor/github.com/envoyproxy/go-control-plane/envoy/config/listener/v3/api_listener.pb.validate.go
@@ -0,0 +1,163 @@
+// Code generated by protoc-gen-validate. DO NOT EDIT.
+// source: envoy/config/listener/v3/api_listener.proto
+
+package envoy_config_listener_v3
+
+import (
+	"bytes"
+	"errors"
+	"fmt"
+	"net"
+	"net/mail"
+	"net/url"
+	"regexp"
+	"sort"
+	"strings"
+	"time"
+	"unicode/utf8"
+
+	"google.golang.org/protobuf/types/known/anypb"
+)
+
+// ensure the imports are used
+var (
+	_ = bytes.MinRead
+	_ = errors.New("")
+	_ = fmt.Print
+	_ = utf8.UTFMax
+	_ = (*regexp.Regexp)(nil)
+	_ = (*strings.Reader)(nil)
+	_ = net.IPv4len
+	_ = time.Duration(0)
+	_ = (*url.URL)(nil)
+	_ = (*mail.Address)(nil)
+	_ = anypb.Any{}
+	_ = sort.Sort
+)
+
+// Validate checks the field values on ApiListener with the rules defined in
+// the proto definition for this message. If any rules are violated, the first
+// error encountered is returned, or nil if there are no violations.
+func (m *ApiListener) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on ApiListener with the rules defined in
+// the proto definition for this message. If any rules are violated, the
+// result is a list of violation errors wrapped in ApiListenerMultiError, or
+// nil if none found.
+func (m *ApiListener) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *ApiListener) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	if all {
+		switch v := interface{}(m.GetApiListener()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, ApiListenerValidationError{
+					field:  "ApiListener",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, ApiListenerValidationError{
+					field:  "ApiListener",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetApiListener()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return ApiListenerValidationError{
+				field:  "ApiListener",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if len(errors) > 0 {
+		return ApiListenerMultiError(errors)
+	}
+	return nil
+}
+
+// ApiListenerMultiError is an error wrapping multiple validation errors
+// returned by ApiListener.ValidateAll() if the designated constraints aren't met.
+type ApiListenerMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m ApiListenerMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m ApiListenerMultiError) AllErrors() []error { return m }
+
+// ApiListenerValidationError is the validation error returned by
+// ApiListener.Validate if the designated constraints aren't met.
+type ApiListenerValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e ApiListenerValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e ApiListenerValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e ApiListenerValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e ApiListenerValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e ApiListenerValidationError) ErrorName() string { return "ApiListenerValidationError" }
+
+// Error satisfies the builtin error interface
+func (e ApiListenerValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sApiListener.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = ApiListenerValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = ApiListenerValidationError{}
diff --git a/vendor/github.com/envoyproxy/go-control-plane/envoy/config/listener/v3/listener.pb.go b/vendor/github.com/envoyproxy/go-control-plane/envoy/config/listener/v3/listener.pb.go
new file mode 100644
index 00000000000..6944f51251b
--- /dev/null
+++ b/vendor/github.com/envoyproxy/go-control-plane/envoy/config/listener/v3/listener.pb.go
@@ -0,0 +1,1193 @@
+// Code generated by protoc-gen-go. DO NOT EDIT.
+// versions:
+// 	protoc-gen-go v1.25.0
+// 	protoc        v3.19.1
+// source: envoy/config/listener/v3/listener.proto
+
+package envoy_config_listener_v3
+
+import (
+	_ "github.com/cncf/xds/go/udpa/annotations"
+	v3 "github.com/cncf/xds/go/xds/core/v3"
+	_ "github.com/envoyproxy/go-control-plane/envoy/annotations"
+	v32 "github.com/envoyproxy/go-control-plane/envoy/config/accesslog/v3"
+	v31 "github.com/envoyproxy/go-control-plane/envoy/config/core/v3"
+	_ "github.com/envoyproxy/protoc-gen-validate/validate"
+	proto "github.com/golang/protobuf/proto"
+	duration "github.com/golang/protobuf/ptypes/duration"
+	wrappers "github.com/golang/protobuf/ptypes/wrappers"
+	protoreflect "google.golang.org/protobuf/reflect/protoreflect"
+	protoimpl "google.golang.org/protobuf/runtime/protoimpl"
+	reflect "reflect"
+	sync "sync"
+)
+
+const (
+	// Verify that this generated code is sufficiently up-to-date.
+	_ = protoimpl.EnforceVersion(20 - protoimpl.MinVersion)
+	// Verify that runtime/protoimpl is sufficiently up-to-date.
+	_ = protoimpl.EnforceVersion(protoimpl.MaxVersion - 20)
+)
+
+// This is a compile-time assertion that a sufficiently up-to-date version
+// of the legacy proto package is being used.
+const _ = proto.ProtoPackageIsVersion4
+
+type Listener_DrainType int32
+
+const (
+	// Drain in response to calling /healthcheck/fail admin endpoint (along with the health check
+	// filter), listener removal/modification, and hot restart.
+	Listener_DEFAULT Listener_DrainType = 0
+	// Drain in response to listener removal/modification and hot restart. This setting does not
+	// include /healthcheck/fail. This setting may be desirable if Envoy is hosting both ingress
+	// and egress listeners.
+	Listener_MODIFY_ONLY Listener_DrainType = 1
+)
+
+// Enum value maps for Listener_DrainType.
+var (
+	Listener_DrainType_name = map[int32]string{
+		0: "DEFAULT",
+		1: "MODIFY_ONLY",
+	}
+	Listener_DrainType_value = map[string]int32{
+		"DEFAULT":     0,
+		"MODIFY_ONLY": 1,
+	}
+)
+
+func (x Listener_DrainType) Enum() *Listener_DrainType {
+	p := new(Listener_DrainType)
+	*p = x
+	return p
+}
+
+func (x Listener_DrainType) String() string {
+	return protoimpl.X.EnumStringOf(x.Descriptor(), protoreflect.EnumNumber(x))
+}
+
+func (Listener_DrainType) Descriptor() protoreflect.EnumDescriptor {
+	return file_envoy_config_listener_v3_listener_proto_enumTypes[0].Descriptor()
+}
+
+func (Listener_DrainType) Type() protoreflect.EnumType {
+	return &file_envoy_config_listener_v3_listener_proto_enumTypes[0]
+}
+
+func (x Listener_DrainType) Number() protoreflect.EnumNumber {
+	return protoreflect.EnumNumber(x)
+}
+
+// Deprecated: Use Listener_DrainType.Descriptor instead.
+func (Listener_DrainType) EnumDescriptor() ([]byte, []int) {
+	return file_envoy_config_listener_v3_listener_proto_rawDescGZIP(), []int{1, 0}
+}
+
+// Listener list collections. Entries are *Listener* resources or references.
+// [#not-implemented-hide:]
+type ListenerCollection struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	Entries []*v3.CollectionEntry `protobuf:"bytes,1,rep,name=entries,proto3" json:"entries,omitempty"`
+}
+
+func (x *ListenerCollection) Reset() {
+	*x = ListenerCollection{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_config_listener_v3_listener_proto_msgTypes[0]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *ListenerCollection) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*ListenerCollection) ProtoMessage() {}
+
+func (x *ListenerCollection) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_config_listener_v3_listener_proto_msgTypes[0]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use ListenerCollection.ProtoReflect.Descriptor instead.
+func (*ListenerCollection) Descriptor() ([]byte, []int) {
+	return file_envoy_config_listener_v3_listener_proto_rawDescGZIP(), []int{0}
+}
+
+func (x *ListenerCollection) GetEntries() []*v3.CollectionEntry {
+	if x != nil {
+		return x.Entries
+	}
+	return nil
+}
+
+// [#next-free-field: 31]
+type Listener struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// The unique name by which this listener is known. If no name is provided,
+	// Envoy will allocate an internal UUID for the listener. If the listener is to be dynamically
+	// updated or removed via :ref:`LDS <config_listeners_lds>` a unique name must be provided.
+	Name string `protobuf:"bytes,1,opt,name=name,proto3" json:"name,omitempty"`
+	// The address that the listener should listen on. In general, the address must be unique, though
+	// that is governed by the bind rules of the OS. E.g., multiple listeners can listen on port 0 on
+	// Linux as the actual port will be allocated by the OS.
+	Address *v31.Address `protobuf:"bytes,2,opt,name=address,proto3" json:"address,omitempty"`
+	// Optional prefix to use on listener stats. If empty, the stats will be rooted at
+	// `listener.<address as string>.`. If non-empty, stats will be rooted at
+	// `listener.<stat_prefix>.`.
+	StatPrefix string `protobuf:"bytes,28,opt,name=stat_prefix,json=statPrefix,proto3" json:"stat_prefix,omitempty"`
+	// A list of filter chains to consider for this listener. The
+	// :ref:`FilterChain <envoy_v3_api_msg_config.listener.v3.FilterChain>` with the most specific
+	// :ref:`FilterChainMatch <envoy_v3_api_msg_config.listener.v3.FilterChainMatch>` criteria is used on a
+	// connection.
+	//
+	// Example using SNI for filter chain selection can be found in the
+	// :ref:`FAQ entry <faq_how_to_setup_sni>`.
+	FilterChains []*FilterChain `protobuf:"bytes,3,rep,name=filter_chains,json=filterChains,proto3" json:"filter_chains,omitempty"`
+	// If a connection is redirected using *iptables*, the port on which the proxy
+	// receives it might be different from the original destination address. When this flag is set to
+	// true, the listener hands off redirected connections to the listener associated with the
+	// original destination address. If there is no listener associated with the original destination
+	// address, the connection is handled by the listener that receives it. Defaults to false.
+	UseOriginalDst *wrappers.BoolValue `protobuf:"bytes,4,opt,name=use_original_dst,json=useOriginalDst,proto3" json:"use_original_dst,omitempty"`
+	// The default filter chain if none of the filter chain matches. If no default filter chain is supplied,
+	// the connection will be closed. The filter chain match is ignored in this field.
+	DefaultFilterChain *FilterChain `protobuf:"bytes,25,opt,name=default_filter_chain,json=defaultFilterChain,proto3" json:"default_filter_chain,omitempty"`
+	// Soft limit on size of the listener’s new connection read and write buffers.
+	// If unspecified, an implementation defined default is applied (1MiB).
+	PerConnectionBufferLimitBytes *wrappers.UInt32Value `protobuf:"bytes,5,opt,name=per_connection_buffer_limit_bytes,json=perConnectionBufferLimitBytes,proto3" json:"per_connection_buffer_limit_bytes,omitempty"`
+	// Listener metadata.
+	Metadata *v31.Metadata `protobuf:"bytes,6,opt,name=metadata,proto3" json:"metadata,omitempty"`
+	// [#not-implemented-hide:]
+	//
+	// Deprecated: Do not use.
+	DeprecatedV1 *Listener_DeprecatedV1 `protobuf:"bytes,7,opt,name=deprecated_v1,json=deprecatedV1,proto3" json:"deprecated_v1,omitempty"`
+	// The type of draining to perform at a listener-wide level.
+	DrainType Listener_DrainType `protobuf:"varint,8,opt,name=drain_type,json=drainType,proto3,enum=envoy.config.listener.v3.Listener_DrainType" json:"drain_type,omitempty"`
+	// Listener filters have the opportunity to manipulate and augment the connection metadata that
+	// is used in connection filter chain matching, for example. These filters are run before any in
+	// :ref:`filter_chains <envoy_v3_api_field_config.listener.v3.Listener.filter_chains>`. Order matters as the
+	// filters are processed sequentially right after a socket has been accepted by the listener, and
+	// before a connection is created.
+	// UDP Listener filters can be specified when the protocol in the listener socket address in
+	// :ref:`protocol <envoy_v3_api_field_config.core.v3.SocketAddress.protocol>` is :ref:`UDP
+	// <envoy_v3_api_enum_value_config.core.v3.SocketAddress.Protocol.UDP>`.
+	ListenerFilters []*ListenerFilter `protobuf:"bytes,9,rep,name=listener_filters,json=listenerFilters,proto3" json:"listener_filters,omitempty"`
+	// The timeout to wait for all listener filters to complete operation. If the timeout is reached,
+	// the accepted socket is closed without a connection being created unless
+	// `continue_on_listener_filters_timeout` is set to true. Specify 0 to disable the
+	// timeout. If not specified, a default timeout of 15s is used.
+	ListenerFiltersTimeout *duration.Duration `protobuf:"bytes,15,opt,name=listener_filters_timeout,json=listenerFiltersTimeout,proto3" json:"listener_filters_timeout,omitempty"`
+	// Whether a connection should be created when listener filters timeout. Default is false.
+	//
+	// .. attention::
+	//
+	//   Some listener filters, such as :ref:`Proxy Protocol filter
+	//   <config_listener_filters_proxy_protocol>`, should not be used with this option. It will cause
+	//   unexpected behavior when a connection is created.
+	ContinueOnListenerFiltersTimeout bool `protobuf:"varint,17,opt,name=continue_on_listener_filters_timeout,json=continueOnListenerFiltersTimeout,proto3" json:"continue_on_listener_filters_timeout,omitempty"`
+	// Whether the listener should be set as a transparent socket.
+	// When this flag is set to true, connections can be redirected to the listener using an
+	// *iptables* *TPROXY* target, in which case the original source and destination addresses and
+	// ports are preserved on accepted connections. This flag should be used in combination with
+	// :ref:`an original_dst <config_listener_filters_original_dst>` :ref:`listener filter
+	// <envoy_v3_api_field_config.listener.v3.Listener.listener_filters>` to mark the connections' local addresses as
+	// "restored." This can be used to hand off each redirected connection to another listener
+	// associated with the connection's destination address. Direct connections to the socket without
+	// using *TPROXY* cannot be distinguished from connections redirected using *TPROXY* and are
+	// therefore treated as if they were redirected.
+	// When this flag is set to false, the listener's socket is explicitly reset as non-transparent.
+	// Setting this flag requires Envoy to run with the *CAP_NET_ADMIN* capability.
+	// When this flag is not set (default), the socket is not modified, i.e. the transparent option
+	// is neither set nor reset.
+	Transparent *wrappers.BoolValue `protobuf:"bytes,10,opt,name=transparent,proto3" json:"transparent,omitempty"`
+	// Whether the listener should set the *IP_FREEBIND* socket option. When this
+	// flag is set to true, listeners can be bound to an IP address that is not
+	// configured on the system running Envoy. When this flag is set to false, the
+	// option *IP_FREEBIND* is disabled on the socket. When this flag is not set
+	// (default), the socket is not modified, i.e. the option is neither enabled
+	// nor disabled.
+	Freebind *wrappers.BoolValue `protobuf:"bytes,11,opt,name=freebind,proto3" json:"freebind,omitempty"`
+	// Additional socket options that may not be present in Envoy source code or
+	// precompiled binaries.
+	SocketOptions []*v31.SocketOption `protobuf:"bytes,13,rep,name=socket_options,json=socketOptions,proto3" json:"socket_options,omitempty"`
+	// Whether the listener should accept TCP Fast Open (TFO) connections.
+	// When this flag is set to a value greater than 0, the option TCP_FASTOPEN is enabled on
+	// the socket, with a queue length of the specified size
+	// (see `details in RFC7413 <https://tools.ietf.org/html/rfc7413#section-5.1>`_).
+	// When this flag is set to 0, the option TCP_FASTOPEN is disabled on the socket.
+	// When this flag is not set (default), the socket is not modified,
+	// i.e. the option is neither enabled nor disabled.
+	//
+	// On Linux, the net.ipv4.tcp_fastopen kernel parameter must include flag 0x2 to enable
+	// TCP_FASTOPEN.
+	// See `ip-sysctl.txt <https://www.kernel.org/doc/Documentation/networking/ip-sysctl.txt>`_.
+	//
+	// On macOS, only values of 0, 1, and unset are valid; other values may result in an error.
+	// To set the queue length on macOS, set the net.inet.tcp.fastopen_backlog kernel parameter.
+	TcpFastOpenQueueLength *wrappers.UInt32Value `protobuf:"bytes,12,opt,name=tcp_fast_open_queue_length,json=tcpFastOpenQueueLength,proto3" json:"tcp_fast_open_queue_length,omitempty"`
+	// Specifies the intended direction of the traffic relative to the local Envoy.
+	// This property is required on Windows for listeners using the original destination filter,
+	// see :ref:`Original Destination <config_listener_filters_original_dst>`.
+	TrafficDirection v31.TrafficDirection `protobuf:"varint,16,opt,name=traffic_direction,json=trafficDirection,proto3,enum=envoy.config.core.v3.TrafficDirection" json:"traffic_direction,omitempty"`
+	// If the protocol in the listener socket address in :ref:`protocol
+	// <envoy_v3_api_field_config.core.v3.SocketAddress.protocol>` is :ref:`UDP
+	// <envoy_v3_api_enum_value_config.core.v3.SocketAddress.Protocol.UDP>`, this field specifies UDP
+	// listener specific configuration.
+	UdpListenerConfig *UdpListenerConfig `protobuf:"bytes,18,opt,name=udp_listener_config,json=udpListenerConfig,proto3" json:"udp_listener_config,omitempty"`
+	// Used to represent an API listener, which is used in non-proxy clients. The type of API
+	// exposed to the non-proxy application depends on the type of API listener.
+	// When this field is set, no other field except for :ref:`name<envoy_v3_api_field_config.listener.v3.Listener.name>`
+	// should be set.
+	//
+	// .. note::
+	//
+	//  Currently only one ApiListener can be installed; and it can only be done via bootstrap config,
+	//  not LDS.
+	//
+	// [#next-major-version: In the v3 API, instead of this messy approach where the socket
+	// listener fields are directly in the top-level Listener message and the API listener types
+	// are in the ApiListener message, the socket listener messages should be in their own message,
+	// and the top-level Listener should essentially be a oneof that selects between the
+	// socket listener and the various types of API listener. That way, a given Listener message
+	// can structurally only contain the fields of the relevant type.]
+	ApiListener *ApiListener `protobuf:"bytes,19,opt,name=api_listener,json=apiListener,proto3" json:"api_listener,omitempty"`
+	// The listener's connection balancer configuration, currently only applicable to TCP listeners.
+	// If no configuration is specified, Envoy will not attempt to balance active connections between
+	// worker threads.
+	//
+	// In the scenario that the listener X redirects all the connections to the listeners Y1 and Y2
+	// by setting :ref:`use_original_dst <envoy_v3_api_field_config.listener.v3.Listener.use_original_dst>` in X
+	// and :ref:`bind_to_port <envoy_v3_api_field_config.listener.v3.Listener.bind_to_port>` to false in Y1 and Y2,
+	// it is recommended to disable the balance config in listener X to avoid the cost of balancing, and
+	// enable the balance config in Y1 and Y2 to balance the connections among the workers.
+	ConnectionBalanceConfig *Listener_ConnectionBalanceConfig `protobuf:"bytes,20,opt,name=connection_balance_config,json=connectionBalanceConfig,proto3" json:"connection_balance_config,omitempty"`
+	// Deprecated. Use `enable_reuse_port` instead.
+	//
+	// Deprecated: Do not use.
+	ReusePort bool `protobuf:"varint,21,opt,name=reuse_port,json=reusePort,proto3" json:"reuse_port,omitempty"`
+	// When this flag is set to true, listeners set the *SO_REUSEPORT* socket option and
+	// create one socket for each worker thread. This makes inbound connections
+	// distribute among worker threads roughly evenly in cases where there are a high number
+	// of connections. When this flag is set to false, all worker threads share one socket. This field
+	// defaults to true.
+	//
+	// .. attention::
+	//
+	//   Although this field defaults to true, it has different behavior on different platforms. See
+	//   the following text for more information.
+	//
+	// * On Linux, reuse_port is respected for both TCP and UDP listeners. It also works correctly
+	//   with hot restart.
+	// * On macOS, reuse_port for TCP does not do what it does on Linux. Instead of load balancing,
+	//   the last socket wins and receives all connections/packets. For TCP, reuse_port is force
+	//   disabled and the user is warned. For UDP, it is enabled, but only one worker will receive
+	//   packets. For QUIC/H3, SW routing will send packets to other workers. For "raw" UDP, only
+	//   a single worker will currently receive packets.
+	// * On Windows, reuse_port for TCP has undefined behavior. It is force disabled and the user
+	//   is warned similar to macOS. It is left enabled for UDP with undefined behavior currently.
+	EnableReusePort *wrappers.BoolValue `protobuf:"bytes,29,opt,name=enable_reuse_port,json=enableReusePort,proto3" json:"enable_reuse_port,omitempty"`
+	// Configuration for :ref:`access logs <arch_overview_access_logs>`
+	// emitted by this listener.
+	AccessLog []*v32.AccessLog `protobuf:"bytes,22,rep,name=access_log,json=accessLog,proto3" json:"access_log,omitempty"`
+	// The maximum length a tcp listener's pending connections queue can grow to. If no value is
+	// provided net.core.somaxconn will be used on Linux and 128 otherwise.
+	TcpBacklogSize *wrappers.UInt32Value `protobuf:"bytes,24,opt,name=tcp_backlog_size,json=tcpBacklogSize,proto3" json:"tcp_backlog_size,omitempty"`
+	// Whether the listener should bind to the port. A listener that doesn't
+	// bind can only receive connections redirected from other listeners that set
+	// :ref:`use_original_dst <envoy_v3_api_field_config.listener.v3.Listener.use_original_dst>`
+	// to true. Default is true.
+	BindToPort *wrappers.BoolValue `protobuf:"bytes,26,opt,name=bind_to_port,json=bindToPort,proto3" json:"bind_to_port,omitempty"`
+	// The exclusive listener type and the corresponding config.
+	// TODO(lambdai): https://github.com/envoyproxy/envoy/issues/15372
+	// Will create and add TcpListenerConfig. Will add UdpListenerConfig and ApiListener.
+	// [#not-implemented-hide:]
+	//
+	// Types that are assignable to ListenerSpecifier:
+	//	*Listener_InternalListener
+	ListenerSpecifier isListener_ListenerSpecifier `protobuf_oneof:"listener_specifier"`
+	// Enable MPTCP (multi-path TCP) on this listener. Clients will be allowed to establish
+	// MPTCP connections. Non-MPTCP clients will fall back to regular TCP.
+	EnableMptcp bool `protobuf:"varint,30,opt,name=enable_mptcp,json=enableMptcp,proto3" json:"enable_mptcp,omitempty"`
+}
+
+func (x *Listener) Reset() {
+	*x = Listener{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_config_listener_v3_listener_proto_msgTypes[1]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *Listener) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*Listener) ProtoMessage() {}
+
+func (x *Listener) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_config_listener_v3_listener_proto_msgTypes[1]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use Listener.ProtoReflect.Descriptor instead.
+func (*Listener) Descriptor() ([]byte, []int) {
+	return file_envoy_config_listener_v3_listener_proto_rawDescGZIP(), []int{1}
+}
+
+func (x *Listener) GetName() string {
+	if x != nil {
+		return x.Name
+	}
+	return ""
+}
+
+func (x *Listener) GetAddress() *v31.Address {
+	if x != nil {
+		return x.Address
+	}
+	return nil
+}
+
+func (x *Listener) GetStatPrefix() string {
+	if x != nil {
+		return x.StatPrefix
+	}
+	return ""
+}
+
+func (x *Listener) GetFilterChains() []*FilterChain {
+	if x != nil {
+		return x.FilterChains
+	}
+	return nil
+}
+
+func (x *Listener) GetUseOriginalDst() *wrappers.BoolValue {
+	if x != nil {
+		return x.UseOriginalDst
+	}
+	return nil
+}
+
+func (x *Listener) GetDefaultFilterChain() *FilterChain {
+	if x != nil {
+		return x.DefaultFilterChain
+	}
+	return nil
+}
+
+func (x *Listener) GetPerConnectionBufferLimitBytes() *wrappers.UInt32Value {
+	if x != nil {
+		return x.PerConnectionBufferLimitBytes
+	}
+	return nil
+}
+
+func (x *Listener) GetMetadata() *v31.Metadata {
+	if x != nil {
+		return x.Metadata
+	}
+	return nil
+}
+
+// Deprecated: Do not use.
+func (x *Listener) GetDeprecatedV1() *Listener_DeprecatedV1 {
+	if x != nil {
+		return x.DeprecatedV1
+	}
+	return nil
+}
+
+func (x *Listener) GetDrainType() Listener_DrainType {
+	if x != nil {
+		return x.DrainType
+	}
+	return Listener_DEFAULT
+}
+
+func (x *Listener) GetListenerFilters() []*ListenerFilter {
+	if x != nil {
+		return x.ListenerFilters
+	}
+	return nil
+}
+
+func (x *Listener) GetListenerFiltersTimeout() *duration.Duration {
+	if x != nil {
+		return x.ListenerFiltersTimeout
+	}
+	return nil
+}
+
+func (x *Listener) GetContinueOnListenerFiltersTimeout() bool {
+	if x != nil {
+		return x.ContinueOnListenerFiltersTimeout
+	}
+	return false
+}
+
+func (x *Listener) GetTransparent() *wrappers.BoolValue {
+	if x != nil {
+		return x.Transparent
+	}
+	return nil
+}
+
+func (x *Listener) GetFreebind() *wrappers.BoolValue {
+	if x != nil {
+		return x.Freebind
+	}
+	return nil
+}
+
+func (x *Listener) GetSocketOptions() []*v31.SocketOption {
+	if x != nil {
+		return x.SocketOptions
+	}
+	return nil
+}
+
+func (x *Listener) GetTcpFastOpenQueueLength() *wrappers.UInt32Value {
+	if x != nil {
+		return x.TcpFastOpenQueueLength
+	}
+	return nil
+}
+
+func (x *Listener) GetTrafficDirection() v31.TrafficDirection {
+	if x != nil {
+		return x.TrafficDirection
+	}
+	return v31.TrafficDirection_UNSPECIFIED
+}
+
+func (x *Listener) GetUdpListenerConfig() *UdpListenerConfig {
+	if x != nil {
+		return x.UdpListenerConfig
+	}
+	return nil
+}
+
+func (x *Listener) GetApiListener() *ApiListener {
+	if x != nil {
+		return x.ApiListener
+	}
+	return nil
+}
+
+func (x *Listener) GetConnectionBalanceConfig() *Listener_ConnectionBalanceConfig {
+	if x != nil {
+		return x.ConnectionBalanceConfig
+	}
+	return nil
+}
+
+// Deprecated: Do not use.
+func (x *Listener) GetReusePort() bool {
+	if x != nil {
+		return x.ReusePort
+	}
+	return false
+}
+
+func (x *Listener) GetEnableReusePort() *wrappers.BoolValue {
+	if x != nil {
+		return x.EnableReusePort
+	}
+	return nil
+}
+
+func (x *Listener) GetAccessLog() []*v32.AccessLog {
+	if x != nil {
+		return x.AccessLog
+	}
+	return nil
+}
+
+func (x *Listener) GetTcpBacklogSize() *wrappers.UInt32Value {
+	if x != nil {
+		return x.TcpBacklogSize
+	}
+	return nil
+}
+
+func (x *Listener) GetBindToPort() *wrappers.BoolValue {
+	if x != nil {
+		return x.BindToPort
+	}
+	return nil
+}
+
+func (m *Listener) GetListenerSpecifier() isListener_ListenerSpecifier {
+	if m != nil {
+		return m.ListenerSpecifier
+	}
+	return nil
+}
+
+func (x *Listener) GetInternalListener() *Listener_InternalListenerConfig {
+	if x, ok := x.GetListenerSpecifier().(*Listener_InternalListener); ok {
+		return x.InternalListener
+	}
+	return nil
+}
+
+func (x *Listener) GetEnableMptcp() bool {
+	if x != nil {
+		return x.EnableMptcp
+	}
+	return false
+}
+
+type isListener_ListenerSpecifier interface {
+	isListener_ListenerSpecifier()
+}
+
+type Listener_InternalListener struct {
+	// Used to represent an internal listener which does not listen on OSI L4 address but can be used by the
+	// :ref:`envoy cluster <envoy_v3_api_msg_config.cluster.v3.Cluster>` to create a user space connection to.
+	// The internal listener acts as a tcp listener. It supports listener filters and network filter chains.
+	// The internal listener require :ref:`address <envoy_v3_api_field_config.listener.v3.Listener.address>` has
+	// field `envoy_internal_address`.
+	//
+	// There are some limitations are derived from the implementation. The known limitations include
+	//
+	// * :ref:`ConnectionBalanceConfig <envoy_v3_api_msg_config.listener.v3.Listener.ConnectionBalanceConfig>` is not
+	//   allowed because both cluster connection and listener connection must be owned by the same dispatcher.
+	// * :ref:`tcp_backlog_size <envoy_v3_api_field_config.listener.v3.Listener.tcp_backlog_size>`
+	// * :ref:`freebind <envoy_v3_api_field_config.listener.v3.Listener.freebind>`
+	// * :ref:`transparent <envoy_v3_api_field_config.listener.v3.Listener.transparent>`
+	// [#not-implemented-hide:]
+	InternalListener *Listener_InternalListenerConfig `protobuf:"bytes,27,opt,name=internal_listener,json=internalListener,proto3,oneof"`
+}
+
+func (*Listener_InternalListener) isListener_ListenerSpecifier() {}
+
+// [#not-implemented-hide:]
+type Listener_DeprecatedV1 struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// Whether the listener should bind to the port. A listener that doesn't
+	// bind can only receive connections redirected from other listeners that
+	// set use_original_dst parameter to true. Default is true.
+	//
+	// This is deprecated. Use :ref:`Listener.bind_to_port
+	// <envoy_v3_api_field_config.listener.v3.Listener.bind_to_port>`
+	BindToPort *wrappers.BoolValue `protobuf:"bytes,1,opt,name=bind_to_port,json=bindToPort,proto3" json:"bind_to_port,omitempty"`
+}
+
+func (x *Listener_DeprecatedV1) Reset() {
+	*x = Listener_DeprecatedV1{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_config_listener_v3_listener_proto_msgTypes[2]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *Listener_DeprecatedV1) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*Listener_DeprecatedV1) ProtoMessage() {}
+
+func (x *Listener_DeprecatedV1) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_config_listener_v3_listener_proto_msgTypes[2]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use Listener_DeprecatedV1.ProtoReflect.Descriptor instead.
+func (*Listener_DeprecatedV1) Descriptor() ([]byte, []int) {
+	return file_envoy_config_listener_v3_listener_proto_rawDescGZIP(), []int{1, 0}
+}
+
+func (x *Listener_DeprecatedV1) GetBindToPort() *wrappers.BoolValue {
+	if x != nil {
+		return x.BindToPort
+	}
+	return nil
+}
+
+// Configuration for listener connection balancing.
+type Listener_ConnectionBalanceConfig struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// Types that are assignable to BalanceType:
+	//	*Listener_ConnectionBalanceConfig_ExactBalance_
+	BalanceType isListener_ConnectionBalanceConfig_BalanceType `protobuf_oneof:"balance_type"`
+}
+
+func (x *Listener_ConnectionBalanceConfig) Reset() {
+	*x = Listener_ConnectionBalanceConfig{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_config_listener_v3_listener_proto_msgTypes[3]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *Listener_ConnectionBalanceConfig) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*Listener_ConnectionBalanceConfig) ProtoMessage() {}
+
+func (x *Listener_ConnectionBalanceConfig) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_config_listener_v3_listener_proto_msgTypes[3]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use Listener_ConnectionBalanceConfig.ProtoReflect.Descriptor instead.
+func (*Listener_ConnectionBalanceConfig) Descriptor() ([]byte, []int) {
+	return file_envoy_config_listener_v3_listener_proto_rawDescGZIP(), []int{1, 1}
+}
+
+func (m *Listener_ConnectionBalanceConfig) GetBalanceType() isListener_ConnectionBalanceConfig_BalanceType {
+	if m != nil {
+		return m.BalanceType
+	}
+	return nil
+}
+
+func (x *Listener_ConnectionBalanceConfig) GetExactBalance() *Listener_ConnectionBalanceConfig_ExactBalance {
+	if x, ok := x.GetBalanceType().(*Listener_ConnectionBalanceConfig_ExactBalance_); ok {
+		return x.ExactBalance
+	}
+	return nil
+}
+
+type isListener_ConnectionBalanceConfig_BalanceType interface {
+	isListener_ConnectionBalanceConfig_BalanceType()
+}
+
+type Listener_ConnectionBalanceConfig_ExactBalance_ struct {
+	// If specified, the listener will use the exact connection balancer.
+	ExactBalance *Listener_ConnectionBalanceConfig_ExactBalance `protobuf:"bytes,1,opt,name=exact_balance,json=exactBalance,proto3,oneof"`
+}
+
+func (*Listener_ConnectionBalanceConfig_ExactBalance_) isListener_ConnectionBalanceConfig_BalanceType() {
+}
+
+// Configuration for envoy internal listener. All the future internal listener features should be added here.
+// [#not-implemented-hide:]
+type Listener_InternalListenerConfig struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+}
+
+func (x *Listener_InternalListenerConfig) Reset() {
+	*x = Listener_InternalListenerConfig{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_config_listener_v3_listener_proto_msgTypes[4]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *Listener_InternalListenerConfig) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*Listener_InternalListenerConfig) ProtoMessage() {}
+
+func (x *Listener_InternalListenerConfig) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_config_listener_v3_listener_proto_msgTypes[4]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use Listener_InternalListenerConfig.ProtoReflect.Descriptor instead.
+func (*Listener_InternalListenerConfig) Descriptor() ([]byte, []int) {
+	return file_envoy_config_listener_v3_listener_proto_rawDescGZIP(), []int{1, 2}
+}
+
+// A connection balancer implementation that does exact balancing. This means that a lock is
+// held during balancing so that connection counts are nearly exactly balanced between worker
+// threads. This is "nearly" exact in the sense that a connection might close in parallel thus
+// making the counts incorrect, but this should be rectified on the next accept. This balancer
+// sacrifices accept throughput for accuracy and should be used when there are a small number of
+// connections that rarely cycle (e.g., service mesh gRPC egress).
+type Listener_ConnectionBalanceConfig_ExactBalance struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+}
+
+func (x *Listener_ConnectionBalanceConfig_ExactBalance) Reset() {
+	*x = Listener_ConnectionBalanceConfig_ExactBalance{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_config_listener_v3_listener_proto_msgTypes[5]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *Listener_ConnectionBalanceConfig_ExactBalance) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*Listener_ConnectionBalanceConfig_ExactBalance) ProtoMessage() {}
+
+func (x *Listener_ConnectionBalanceConfig_ExactBalance) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_config_listener_v3_listener_proto_msgTypes[5]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use Listener_ConnectionBalanceConfig_ExactBalance.ProtoReflect.Descriptor instead.
+func (*Listener_ConnectionBalanceConfig_ExactBalance) Descriptor() ([]byte, []int) {
+	return file_envoy_config_listener_v3_listener_proto_rawDescGZIP(), []int{1, 1, 0}
+}
+
+var File_envoy_config_listener_v3_listener_proto protoreflect.FileDescriptor
+
+var file_envoy_config_listener_v3_listener_proto_rawDesc = []byte{
+	0x0a, 0x27, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2f, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2f, 0x6c,
+	0x69, 0x73, 0x74, 0x65, 0x6e, 0x65, 0x72, 0x2f, 0x76, 0x33, 0x2f, 0x6c, 0x69, 0x73, 0x74, 0x65,
+	0x6e, 0x65, 0x72, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x12, 0x18, 0x65, 0x6e, 0x76, 0x6f, 0x79,
+	0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x6c, 0x69, 0x73, 0x74, 0x65, 0x6e, 0x65, 0x72,
+	0x2e, 0x76, 0x33, 0x1a, 0x29, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2f, 0x63, 0x6f, 0x6e, 0x66, 0x69,
+	0x67, 0x2f, 0x61, 0x63, 0x63, 0x65, 0x73, 0x73, 0x6c, 0x6f, 0x67, 0x2f, 0x76, 0x33, 0x2f, 0x61,
+	0x63, 0x63, 0x65, 0x73, 0x73, 0x6c, 0x6f, 0x67, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x22,
+	0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2f, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2f, 0x63, 0x6f, 0x72,
+	0x65, 0x2f, 0x76, 0x33, 0x2f, 0x61, 0x64, 0x64, 0x72, 0x65, 0x73, 0x73, 0x2e, 0x70, 0x72, 0x6f,
+	0x74, 0x6f, 0x1a, 0x1f, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2f, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67,
+	0x2f, 0x63, 0x6f, 0x72, 0x65, 0x2f, 0x76, 0x33, 0x2f, 0x62, 0x61, 0x73, 0x65, 0x2e, 0x70, 0x72,
+	0x6f, 0x74, 0x6f, 0x1a, 0x28, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2f, 0x63, 0x6f, 0x6e, 0x66, 0x69,
+	0x67, 0x2f, 0x63, 0x6f, 0x72, 0x65, 0x2f, 0x76, 0x33, 0x2f, 0x73, 0x6f, 0x63, 0x6b, 0x65, 0x74,
+	0x5f, 0x6f, 0x70, 0x74, 0x69, 0x6f, 0x6e, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x2b, 0x65,
+	0x6e, 0x76, 0x6f, 0x79, 0x2f, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2f, 0x6c, 0x69, 0x73, 0x74,
+	0x65, 0x6e, 0x65, 0x72, 0x2f, 0x76, 0x33, 0x2f, 0x61, 0x70, 0x69, 0x5f, 0x6c, 0x69, 0x73, 0x74,
+	0x65, 0x6e, 0x65, 0x72, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x32, 0x65, 0x6e, 0x76, 0x6f,
+	0x79, 0x2f, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2f, 0x6c, 0x69, 0x73, 0x74, 0x65, 0x6e, 0x65,
+	0x72, 0x2f, 0x76, 0x33, 0x2f, 0x6c, 0x69, 0x73, 0x74, 0x65, 0x6e, 0x65, 0x72, 0x5f, 0x63, 0x6f,
+	0x6d, 0x70, 0x6f, 0x6e, 0x65, 0x6e, 0x74, 0x73, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x32,
+	0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2f, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2f, 0x6c, 0x69, 0x73,
+	0x74, 0x65, 0x6e, 0x65, 0x72, 0x2f, 0x76, 0x33, 0x2f, 0x75, 0x64, 0x70, 0x5f, 0x6c, 0x69, 0x73,
+	0x74, 0x65, 0x6e, 0x65, 0x72, 0x5f, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x70, 0x72, 0x6f,
+	0x74, 0x6f, 0x1a, 0x1e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2f, 0x70, 0x72, 0x6f, 0x74, 0x6f,
+	0x62, 0x75, 0x66, 0x2f, 0x64, 0x75, 0x72, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x2e, 0x70, 0x72, 0x6f,
+	0x74, 0x6f, 0x1a, 0x1e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2f, 0x70, 0x72, 0x6f, 0x74, 0x6f,
+	0x62, 0x75, 0x66, 0x2f, 0x77, 0x72, 0x61, 0x70, 0x70, 0x65, 0x72, 0x73, 0x2e, 0x70, 0x72, 0x6f,
+	0x74, 0x6f, 0x1a, 0x22, 0x78, 0x64, 0x73, 0x2f, 0x63, 0x6f, 0x72, 0x65, 0x2f, 0x76, 0x33, 0x2f,
+	0x63, 0x6f, 0x6c, 0x6c, 0x65, 0x63, 0x74, 0x69, 0x6f, 0x6e, 0x5f, 0x65, 0x6e, 0x74, 0x72, 0x79,
+	0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x23, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2f, 0x61, 0x6e,
+	0x6e, 0x6f, 0x74, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x2f, 0x64, 0x65, 0x70, 0x72, 0x65, 0x63,
+	0x61, 0x74, 0x69, 0x6f, 0x6e, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x1f, 0x75, 0x64, 0x70,
+	0x61, 0x2f, 0x61, 0x6e, 0x6e, 0x6f, 0x74, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x2f, 0x73, 0x65,
+	0x63, 0x75, 0x72, 0x69, 0x74, 0x79, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x1d, 0x75, 0x64,
+	0x70, 0x61, 0x2f, 0x61, 0x6e, 0x6e, 0x6f, 0x74, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x2f, 0x73,
+	0x74, 0x61, 0x74, 0x75, 0x73, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x21, 0x75, 0x64, 0x70,
+	0x61, 0x2f, 0x61, 0x6e, 0x6e, 0x6f, 0x74, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x2f, 0x76, 0x65,
+	0x72, 0x73, 0x69, 0x6f, 0x6e, 0x69, 0x6e, 0x67, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x17,
+	0x76, 0x61, 0x6c, 0x69, 0x64, 0x61, 0x74, 0x65, 0x2f, 0x76, 0x61, 0x6c, 0x69, 0x64, 0x61, 0x74,
+	0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x22, 0x4c, 0x0a, 0x12, 0x4c, 0x69, 0x73, 0x74, 0x65,
+	0x6e, 0x65, 0x72, 0x43, 0x6f, 0x6c, 0x6c, 0x65, 0x63, 0x74, 0x69, 0x6f, 0x6e, 0x12, 0x36, 0x0a,
+	0x07, 0x65, 0x6e, 0x74, 0x72, 0x69, 0x65, 0x73, 0x18, 0x01, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x1c,
+	0x2e, 0x78, 0x64, 0x73, 0x2e, 0x63, 0x6f, 0x72, 0x65, 0x2e, 0x76, 0x33, 0x2e, 0x43, 0x6f, 0x6c,
+	0x6c, 0x65, 0x63, 0x74, 0x69, 0x6f, 0x6e, 0x45, 0x6e, 0x74, 0x72, 0x79, 0x52, 0x07, 0x65, 0x6e,
+	0x74, 0x72, 0x69, 0x65, 0x73, 0x22, 0xc7, 0x14, 0x0a, 0x08, 0x4c, 0x69, 0x73, 0x74, 0x65, 0x6e,
+	0x65, 0x72, 0x12, 0x12, 0x0a, 0x04, 0x6e, 0x61, 0x6d, 0x65, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09,
+	0x52, 0x04, 0x6e, 0x61, 0x6d, 0x65, 0x12, 0x41, 0x0a, 0x07, 0x61, 0x64, 0x64, 0x72, 0x65, 0x73,
+	0x73, 0x18, 0x02, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1d, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e,
+	0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x63, 0x6f, 0x72, 0x65, 0x2e, 0x76, 0x33, 0x2e, 0x41,
+	0x64, 0x64, 0x72, 0x65, 0x73, 0x73, 0x42, 0x08, 0xfa, 0x42, 0x05, 0x8a, 0x01, 0x02, 0x10, 0x01,
+	0x52, 0x07, 0x61, 0x64, 0x64, 0x72, 0x65, 0x73, 0x73, 0x12, 0x1f, 0x0a, 0x0b, 0x73, 0x74, 0x61,
+	0x74, 0x5f, 0x70, 0x72, 0x65, 0x66, 0x69, 0x78, 0x18, 0x1c, 0x20, 0x01, 0x28, 0x09, 0x52, 0x0a,
+	0x73, 0x74, 0x61, 0x74, 0x50, 0x72, 0x65, 0x66, 0x69, 0x78, 0x12, 0x4a, 0x0a, 0x0d, 0x66, 0x69,
+	0x6c, 0x74, 0x65, 0x72, 0x5f, 0x63, 0x68, 0x61, 0x69, 0x6e, 0x73, 0x18, 0x03, 0x20, 0x03, 0x28,
+	0x0b, 0x32, 0x25, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67,
+	0x2e, 0x6c, 0x69, 0x73, 0x74, 0x65, 0x6e, 0x65, 0x72, 0x2e, 0x76, 0x33, 0x2e, 0x46, 0x69, 0x6c,
+	0x74, 0x65, 0x72, 0x43, 0x68, 0x61, 0x69, 0x6e, 0x52, 0x0c, 0x66, 0x69, 0x6c, 0x74, 0x65, 0x72,
+	0x43, 0x68, 0x61, 0x69, 0x6e, 0x73, 0x12, 0x44, 0x0a, 0x10, 0x75, 0x73, 0x65, 0x5f, 0x6f, 0x72,
+	0x69, 0x67, 0x69, 0x6e, 0x61, 0x6c, 0x5f, 0x64, 0x73, 0x74, 0x18, 0x04, 0x20, 0x01, 0x28, 0x0b,
+	0x32, 0x1a, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62,
+	0x75, 0x66, 0x2e, 0x42, 0x6f, 0x6f, 0x6c, 0x56, 0x61, 0x6c, 0x75, 0x65, 0x52, 0x0e, 0x75, 0x73,
+	0x65, 0x4f, 0x72, 0x69, 0x67, 0x69, 0x6e, 0x61, 0x6c, 0x44, 0x73, 0x74, 0x12, 0x57, 0x0a, 0x14,
+	0x64, 0x65, 0x66, 0x61, 0x75, 0x6c, 0x74, 0x5f, 0x66, 0x69, 0x6c, 0x74, 0x65, 0x72, 0x5f, 0x63,
+	0x68, 0x61, 0x69, 0x6e, 0x18, 0x19, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x25, 0x2e, 0x65, 0x6e, 0x76,
+	0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x6c, 0x69, 0x73, 0x74, 0x65, 0x6e,
+	0x65, 0x72, 0x2e, 0x76, 0x33, 0x2e, 0x46, 0x69, 0x6c, 0x74, 0x65, 0x72, 0x43, 0x68, 0x61, 0x69,
+	0x6e, 0x52, 0x12, 0x64, 0x65, 0x66, 0x61, 0x75, 0x6c, 0x74, 0x46, 0x69, 0x6c, 0x74, 0x65, 0x72,
+	0x43, 0x68, 0x61, 0x69, 0x6e, 0x12, 0x6f, 0x0a, 0x21, 0x70, 0x65, 0x72, 0x5f, 0x63, 0x6f, 0x6e,
+	0x6e, 0x65, 0x63, 0x74, 0x69, 0x6f, 0x6e, 0x5f, 0x62, 0x75, 0x66, 0x66, 0x65, 0x72, 0x5f, 0x6c,
+	0x69, 0x6d, 0x69, 0x74, 0x5f, 0x62, 0x79, 0x74, 0x65, 0x73, 0x18, 0x05, 0x20, 0x01, 0x28, 0x0b,
+	0x32, 0x1c, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62,
+	0x75, 0x66, 0x2e, 0x55, 0x49, 0x6e, 0x74, 0x33, 0x32, 0x56, 0x61, 0x6c, 0x75, 0x65, 0x42, 0x07,
+	0x8a, 0x93, 0xb7, 0x2a, 0x02, 0x08, 0x01, 0x52, 0x1d, 0x70, 0x65, 0x72, 0x43, 0x6f, 0x6e, 0x6e,
+	0x65, 0x63, 0x74, 0x69, 0x6f, 0x6e, 0x42, 0x75, 0x66, 0x66, 0x65, 0x72, 0x4c, 0x69, 0x6d, 0x69,
+	0x74, 0x42, 0x79, 0x74, 0x65, 0x73, 0x12, 0x3a, 0x0a, 0x08, 0x6d, 0x65, 0x74, 0x61, 0x64, 0x61,
+	0x74, 0x61, 0x18, 0x06, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1e, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79,
+	0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x63, 0x6f, 0x72, 0x65, 0x2e, 0x76, 0x33, 0x2e,
+	0x4d, 0x65, 0x74, 0x61, 0x64, 0x61, 0x74, 0x61, 0x52, 0x08, 0x6d, 0x65, 0x74, 0x61, 0x64, 0x61,
+	0x74, 0x61, 0x12, 0x61, 0x0a, 0x0d, 0x64, 0x65, 0x70, 0x72, 0x65, 0x63, 0x61, 0x74, 0x65, 0x64,
+	0x5f, 0x76, 0x31, 0x18, 0x07, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x2f, 0x2e, 0x65, 0x6e, 0x76, 0x6f,
+	0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x6c, 0x69, 0x73, 0x74, 0x65, 0x6e, 0x65,
+	0x72, 0x2e, 0x76, 0x33, 0x2e, 0x4c, 0x69, 0x73, 0x74, 0x65, 0x6e, 0x65, 0x72, 0x2e, 0x44, 0x65,
+	0x70, 0x72, 0x65, 0x63, 0x61, 0x74, 0x65, 0x64, 0x56, 0x31, 0x42, 0x0b, 0x18, 0x01, 0x92, 0xc7,
+	0x86, 0xd8, 0x04, 0x03, 0x33, 0x2e, 0x30, 0x52, 0x0c, 0x64, 0x65, 0x70, 0x72, 0x65, 0x63, 0x61,
+	0x74, 0x65, 0x64, 0x56, 0x31, 0x12, 0x4b, 0x0a, 0x0a, 0x64, 0x72, 0x61, 0x69, 0x6e, 0x5f, 0x74,
+	0x79, 0x70, 0x65, 0x18, 0x08, 0x20, 0x01, 0x28, 0x0e, 0x32, 0x2c, 0x2e, 0x65, 0x6e, 0x76, 0x6f,
+	0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x6c, 0x69, 0x73, 0x74, 0x65, 0x6e, 0x65,
+	0x72, 0x2e, 0x76, 0x33, 0x2e, 0x4c, 0x69, 0x73, 0x74, 0x65, 0x6e, 0x65, 0x72, 0x2e, 0x44, 0x72,
+	0x61, 0x69, 0x6e, 0x54, 0x79, 0x70, 0x65, 0x52, 0x09, 0x64, 0x72, 0x61, 0x69, 0x6e, 0x54, 0x79,
+	0x70, 0x65, 0x12, 0x53, 0x0a, 0x10, 0x6c, 0x69, 0x73, 0x74, 0x65, 0x6e, 0x65, 0x72, 0x5f, 0x66,
+	0x69, 0x6c, 0x74, 0x65, 0x72, 0x73, 0x18, 0x09, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x28, 0x2e, 0x65,
+	0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x6c, 0x69, 0x73, 0x74,
+	0x65, 0x6e, 0x65, 0x72, 0x2e, 0x76, 0x33, 0x2e, 0x4c, 0x69, 0x73, 0x74, 0x65, 0x6e, 0x65, 0x72,
+	0x46, 0x69, 0x6c, 0x74, 0x65, 0x72, 0x52, 0x0f, 0x6c, 0x69, 0x73, 0x74, 0x65, 0x6e, 0x65, 0x72,
+	0x46, 0x69, 0x6c, 0x74, 0x65, 0x72, 0x73, 0x12, 0x53, 0x0a, 0x18, 0x6c, 0x69, 0x73, 0x74, 0x65,
+	0x6e, 0x65, 0x72, 0x5f, 0x66, 0x69, 0x6c, 0x74, 0x65, 0x72, 0x73, 0x5f, 0x74, 0x69, 0x6d, 0x65,
+	0x6f, 0x75, 0x74, 0x18, 0x0f, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x19, 0x2e, 0x67, 0x6f, 0x6f, 0x67,
+	0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x44, 0x75, 0x72, 0x61,
+	0x74, 0x69, 0x6f, 0x6e, 0x52, 0x16, 0x6c, 0x69, 0x73, 0x74, 0x65, 0x6e, 0x65, 0x72, 0x46, 0x69,
+	0x6c, 0x74, 0x65, 0x72, 0x73, 0x54, 0x69, 0x6d, 0x65, 0x6f, 0x75, 0x74, 0x12, 0x4e, 0x0a, 0x24,
+	0x63, 0x6f, 0x6e, 0x74, 0x69, 0x6e, 0x75, 0x65, 0x5f, 0x6f, 0x6e, 0x5f, 0x6c, 0x69, 0x73, 0x74,
+	0x65, 0x6e, 0x65, 0x72, 0x5f, 0x66, 0x69, 0x6c, 0x74, 0x65, 0x72, 0x73, 0x5f, 0x74, 0x69, 0x6d,
+	0x65, 0x6f, 0x75, 0x74, 0x18, 0x11, 0x20, 0x01, 0x28, 0x08, 0x52, 0x20, 0x63, 0x6f, 0x6e, 0x74,
+	0x69, 0x6e, 0x75, 0x65, 0x4f, 0x6e, 0x4c, 0x69, 0x73, 0x74, 0x65, 0x6e, 0x65, 0x72, 0x46, 0x69,
+	0x6c, 0x74, 0x65, 0x72, 0x73, 0x54, 0x69, 0x6d, 0x65, 0x6f, 0x75, 0x74, 0x12, 0x3c, 0x0a, 0x0b,
+	0x74, 0x72, 0x61, 0x6e, 0x73, 0x70, 0x61, 0x72, 0x65, 0x6e, 0x74, 0x18, 0x0a, 0x20, 0x01, 0x28,
+	0x0b, 0x32, 0x1a, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f,
+	0x62, 0x75, 0x66, 0x2e, 0x42, 0x6f, 0x6f, 0x6c, 0x56, 0x61, 0x6c, 0x75, 0x65, 0x52, 0x0b, 0x74,
+	0x72, 0x61, 0x6e, 0x73, 0x70, 0x61, 0x72, 0x65, 0x6e, 0x74, 0x12, 0x36, 0x0a, 0x08, 0x66, 0x72,
+	0x65, 0x65, 0x62, 0x69, 0x6e, 0x64, 0x18, 0x0b, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1a, 0x2e, 0x67,
+	0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x42,
+	0x6f, 0x6f, 0x6c, 0x56, 0x61, 0x6c, 0x75, 0x65, 0x52, 0x08, 0x66, 0x72, 0x65, 0x65, 0x62, 0x69,
+	0x6e, 0x64, 0x12, 0x49, 0x0a, 0x0e, 0x73, 0x6f, 0x63, 0x6b, 0x65, 0x74, 0x5f, 0x6f, 0x70, 0x74,
+	0x69, 0x6f, 0x6e, 0x73, 0x18, 0x0d, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x22, 0x2e, 0x65, 0x6e, 0x76,
+	0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x63, 0x6f, 0x72, 0x65, 0x2e, 0x76,
+	0x33, 0x2e, 0x53, 0x6f, 0x63, 0x6b, 0x65, 0x74, 0x4f, 0x70, 0x74, 0x69, 0x6f, 0x6e, 0x52, 0x0d,
+	0x73, 0x6f, 0x63, 0x6b, 0x65, 0x74, 0x4f, 0x70, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x12, 0x58, 0x0a,
+	0x1a, 0x74, 0x63, 0x70, 0x5f, 0x66, 0x61, 0x73, 0x74, 0x5f, 0x6f, 0x70, 0x65, 0x6e, 0x5f, 0x71,
+	0x75, 0x65, 0x75, 0x65, 0x5f, 0x6c, 0x65, 0x6e, 0x67, 0x74, 0x68, 0x18, 0x0c, 0x20, 0x01, 0x28,
+	0x0b, 0x32, 0x1c, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f,
+	0x62, 0x75, 0x66, 0x2e, 0x55, 0x49, 0x6e, 0x74, 0x33, 0x32, 0x56, 0x61, 0x6c, 0x75, 0x65, 0x52,
+	0x16, 0x74, 0x63, 0x70, 0x46, 0x61, 0x73, 0x74, 0x4f, 0x70, 0x65, 0x6e, 0x51, 0x75, 0x65, 0x75,
+	0x65, 0x4c, 0x65, 0x6e, 0x67, 0x74, 0x68, 0x12, 0x53, 0x0a, 0x11, 0x74, 0x72, 0x61, 0x66, 0x66,
+	0x69, 0x63, 0x5f, 0x64, 0x69, 0x72, 0x65, 0x63, 0x74, 0x69, 0x6f, 0x6e, 0x18, 0x10, 0x20, 0x01,
+	0x28, 0x0e, 0x32, 0x26, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69,
+	0x67, 0x2e, 0x63, 0x6f, 0x72, 0x65, 0x2e, 0x76, 0x33, 0x2e, 0x54, 0x72, 0x61, 0x66, 0x66, 0x69,
+	0x63, 0x44, 0x69, 0x72, 0x65, 0x63, 0x74, 0x69, 0x6f, 0x6e, 0x52, 0x10, 0x74, 0x72, 0x61, 0x66,
+	0x66, 0x69, 0x63, 0x44, 0x69, 0x72, 0x65, 0x63, 0x74, 0x69, 0x6f, 0x6e, 0x12, 0x5b, 0x0a, 0x13,
+	0x75, 0x64, 0x70, 0x5f, 0x6c, 0x69, 0x73, 0x74, 0x65, 0x6e, 0x65, 0x72, 0x5f, 0x63, 0x6f, 0x6e,
+	0x66, 0x69, 0x67, 0x18, 0x12, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x2b, 0x2e, 0x65, 0x6e, 0x76, 0x6f,
+	0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x6c, 0x69, 0x73, 0x74, 0x65, 0x6e, 0x65,
+	0x72, 0x2e, 0x76, 0x33, 0x2e, 0x55, 0x64, 0x70, 0x4c, 0x69, 0x73, 0x74, 0x65, 0x6e, 0x65, 0x72,
+	0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x52, 0x11, 0x75, 0x64, 0x70, 0x4c, 0x69, 0x73, 0x74, 0x65,
+	0x6e, 0x65, 0x72, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x12, 0x48, 0x0a, 0x0c, 0x61, 0x70, 0x69,
+	0x5f, 0x6c, 0x69, 0x73, 0x74, 0x65, 0x6e, 0x65, 0x72, 0x18, 0x13, 0x20, 0x01, 0x28, 0x0b, 0x32,
+	0x25, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x6c,
+	0x69, 0x73, 0x74, 0x65, 0x6e, 0x65, 0x72, 0x2e, 0x76, 0x33, 0x2e, 0x41, 0x70, 0x69, 0x4c, 0x69,
+	0x73, 0x74, 0x65, 0x6e, 0x65, 0x72, 0x52, 0x0b, 0x61, 0x70, 0x69, 0x4c, 0x69, 0x73, 0x74, 0x65,
+	0x6e, 0x65, 0x72, 0x12, 0x76, 0x0a, 0x19, 0x63, 0x6f, 0x6e, 0x6e, 0x65, 0x63, 0x74, 0x69, 0x6f,
+	0x6e, 0x5f, 0x62, 0x61, 0x6c, 0x61, 0x6e, 0x63, 0x65, 0x5f, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67,
+	0x18, 0x14, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x3a, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63,
+	0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x6c, 0x69, 0x73, 0x74, 0x65, 0x6e, 0x65, 0x72, 0x2e, 0x76,
+	0x33, 0x2e, 0x4c, 0x69, 0x73, 0x74, 0x65, 0x6e, 0x65, 0x72, 0x2e, 0x43, 0x6f, 0x6e, 0x6e, 0x65,
+	0x63, 0x74, 0x69, 0x6f, 0x6e, 0x42, 0x61, 0x6c, 0x61, 0x6e, 0x63, 0x65, 0x43, 0x6f, 0x6e, 0x66,
+	0x69, 0x67, 0x52, 0x17, 0x63, 0x6f, 0x6e, 0x6e, 0x65, 0x63, 0x74, 0x69, 0x6f, 0x6e, 0x42, 0x61,
+	0x6c, 0x61, 0x6e, 0x63, 0x65, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x12, 0x2a, 0x0a, 0x0a, 0x72,
+	0x65, 0x75, 0x73, 0x65, 0x5f, 0x70, 0x6f, 0x72, 0x74, 0x18, 0x15, 0x20, 0x01, 0x28, 0x08, 0x42,
+	0x0b, 0x18, 0x01, 0x92, 0xc7, 0x86, 0xd8, 0x04, 0x03, 0x33, 0x2e, 0x30, 0x52, 0x09, 0x72, 0x65,
+	0x75, 0x73, 0x65, 0x50, 0x6f, 0x72, 0x74, 0x12, 0x46, 0x0a, 0x11, 0x65, 0x6e, 0x61, 0x62, 0x6c,
+	0x65, 0x5f, 0x72, 0x65, 0x75, 0x73, 0x65, 0x5f, 0x70, 0x6f, 0x72, 0x74, 0x18, 0x1d, 0x20, 0x01,
+	0x28, 0x0b, 0x32, 0x1a, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74,
+	0x6f, 0x62, 0x75, 0x66, 0x2e, 0x42, 0x6f, 0x6f, 0x6c, 0x56, 0x61, 0x6c, 0x75, 0x65, 0x52, 0x0f,
+	0x65, 0x6e, 0x61, 0x62, 0x6c, 0x65, 0x52, 0x65, 0x75, 0x73, 0x65, 0x50, 0x6f, 0x72, 0x74, 0x12,
+	0x43, 0x0a, 0x0a, 0x61, 0x63, 0x63, 0x65, 0x73, 0x73, 0x5f, 0x6c, 0x6f, 0x67, 0x18, 0x16, 0x20,
+	0x03, 0x28, 0x0b, 0x32, 0x24, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66,
+	0x69, 0x67, 0x2e, 0x61, 0x63, 0x63, 0x65, 0x73, 0x73, 0x6c, 0x6f, 0x67, 0x2e, 0x76, 0x33, 0x2e,
+	0x41, 0x63, 0x63, 0x65, 0x73, 0x73, 0x4c, 0x6f, 0x67, 0x52, 0x09, 0x61, 0x63, 0x63, 0x65, 0x73,
+	0x73, 0x4c, 0x6f, 0x67, 0x12, 0x46, 0x0a, 0x10, 0x74, 0x63, 0x70, 0x5f, 0x62, 0x61, 0x63, 0x6b,
+	0x6c, 0x6f, 0x67, 0x5f, 0x73, 0x69, 0x7a, 0x65, 0x18, 0x18, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1c,
+	0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66,
+	0x2e, 0x55, 0x49, 0x6e, 0x74, 0x33, 0x32, 0x56, 0x61, 0x6c, 0x75, 0x65, 0x52, 0x0e, 0x74, 0x63,
+	0x70, 0x42, 0x61, 0x63, 0x6b, 0x6c, 0x6f, 0x67, 0x53, 0x69, 0x7a, 0x65, 0x12, 0x3c, 0x0a, 0x0c,
+	0x62, 0x69, 0x6e, 0x64, 0x5f, 0x74, 0x6f, 0x5f, 0x70, 0x6f, 0x72, 0x74, 0x18, 0x1a, 0x20, 0x01,
+	0x28, 0x0b, 0x32, 0x1a, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74,
+	0x6f, 0x62, 0x75, 0x66, 0x2e, 0x42, 0x6f, 0x6f, 0x6c, 0x56, 0x61, 0x6c, 0x75, 0x65, 0x52, 0x0a,
+	0x62, 0x69, 0x6e, 0x64, 0x54, 0x6f, 0x50, 0x6f, 0x72, 0x74, 0x12, 0x68, 0x0a, 0x11, 0x69, 0x6e,
+	0x74, 0x65, 0x72, 0x6e, 0x61, 0x6c, 0x5f, 0x6c, 0x69, 0x73, 0x74, 0x65, 0x6e, 0x65, 0x72, 0x18,
+	0x1b, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x39, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f,
+	0x6e, 0x66, 0x69, 0x67, 0x2e, 0x6c, 0x69, 0x73, 0x74, 0x65, 0x6e, 0x65, 0x72, 0x2e, 0x76, 0x33,
+	0x2e, 0x4c, 0x69, 0x73, 0x74, 0x65, 0x6e, 0x65, 0x72, 0x2e, 0x49, 0x6e, 0x74, 0x65, 0x72, 0x6e,
+	0x61, 0x6c, 0x4c, 0x69, 0x73, 0x74, 0x65, 0x6e, 0x65, 0x72, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67,
+	0x48, 0x00, 0x52, 0x10, 0x69, 0x6e, 0x74, 0x65, 0x72, 0x6e, 0x61, 0x6c, 0x4c, 0x69, 0x73, 0x74,
+	0x65, 0x6e, 0x65, 0x72, 0x12, 0x21, 0x0a, 0x0c, 0x65, 0x6e, 0x61, 0x62, 0x6c, 0x65, 0x5f, 0x6d,
+	0x70, 0x74, 0x63, 0x70, 0x18, 0x1e, 0x20, 0x01, 0x28, 0x08, 0x52, 0x0b, 0x65, 0x6e, 0x61, 0x62,
+	0x6c, 0x65, 0x4d, 0x70, 0x74, 0x63, 0x70, 0x1a, 0x77, 0x0a, 0x0c, 0x44, 0x65, 0x70, 0x72, 0x65,
+	0x63, 0x61, 0x74, 0x65, 0x64, 0x56, 0x31, 0x12, 0x3c, 0x0a, 0x0c, 0x62, 0x69, 0x6e, 0x64, 0x5f,
+	0x74, 0x6f, 0x5f, 0x70, 0x6f, 0x72, 0x74, 0x18, 0x01, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1a, 0x2e,
+	0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e,
+	0x42, 0x6f, 0x6f, 0x6c, 0x56, 0x61, 0x6c, 0x75, 0x65, 0x52, 0x0a, 0x62, 0x69, 0x6e, 0x64, 0x54,
+	0x6f, 0x50, 0x6f, 0x72, 0x74, 0x3a, 0x29, 0x9a, 0xc5, 0x88, 0x1e, 0x24, 0x0a, 0x22, 0x65, 0x6e,
+	0x76, 0x6f, 0x79, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x76, 0x32, 0x2e, 0x4c, 0x69, 0x73, 0x74, 0x65,
+	0x6e, 0x65, 0x72, 0x2e, 0x44, 0x65, 0x70, 0x72, 0x65, 0x63, 0x61, 0x74, 0x65, 0x64, 0x56, 0x31,
+	0x1a, 0xa7, 0x02, 0x0a, 0x17, 0x43, 0x6f, 0x6e, 0x6e, 0x65, 0x63, 0x74, 0x69, 0x6f, 0x6e, 0x42,
+	0x61, 0x6c, 0x61, 0x6e, 0x63, 0x65, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x12, 0x6e, 0x0a, 0x0d,
+	0x65, 0x78, 0x61, 0x63, 0x74, 0x5f, 0x62, 0x61, 0x6c, 0x61, 0x6e, 0x63, 0x65, 0x18, 0x01, 0x20,
+	0x01, 0x28, 0x0b, 0x32, 0x47, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66,
+	0x69, 0x67, 0x2e, 0x6c, 0x69, 0x73, 0x74, 0x65, 0x6e, 0x65, 0x72, 0x2e, 0x76, 0x33, 0x2e, 0x4c,
+	0x69, 0x73, 0x74, 0x65, 0x6e, 0x65, 0x72, 0x2e, 0x43, 0x6f, 0x6e, 0x6e, 0x65, 0x63, 0x74, 0x69,
+	0x6f, 0x6e, 0x42, 0x61, 0x6c, 0x61, 0x6e, 0x63, 0x65, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e,
+	0x45, 0x78, 0x61, 0x63, 0x74, 0x42, 0x61, 0x6c, 0x61, 0x6e, 0x63, 0x65, 0x48, 0x00, 0x52, 0x0c,
+	0x65, 0x78, 0x61, 0x63, 0x74, 0x42, 0x61, 0x6c, 0x61, 0x6e, 0x63, 0x65, 0x1a, 0x51, 0x0a, 0x0c,
+	0x45, 0x78, 0x61, 0x63, 0x74, 0x42, 0x61, 0x6c, 0x61, 0x6e, 0x63, 0x65, 0x3a, 0x41, 0x9a, 0xc5,
+	0x88, 0x1e, 0x3c, 0x0a, 0x3a, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x76,
+	0x32, 0x2e, 0x4c, 0x69, 0x73, 0x74, 0x65, 0x6e, 0x65, 0x72, 0x2e, 0x43, 0x6f, 0x6e, 0x6e, 0x65,
+	0x63, 0x74, 0x69, 0x6f, 0x6e, 0x42, 0x61, 0x6c, 0x61, 0x6e, 0x63, 0x65, 0x43, 0x6f, 0x6e, 0x66,
+	0x69, 0x67, 0x2e, 0x45, 0x78, 0x61, 0x63, 0x74, 0x42, 0x61, 0x6c, 0x61, 0x6e, 0x63, 0x65, 0x3a,
+	0x34, 0x9a, 0xc5, 0x88, 0x1e, 0x2f, 0x0a, 0x2d, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61, 0x70,
+	0x69, 0x2e, 0x76, 0x32, 0x2e, 0x4c, 0x69, 0x73, 0x74, 0x65, 0x6e, 0x65, 0x72, 0x2e, 0x43, 0x6f,
+	0x6e, 0x6e, 0x65, 0x63, 0x74, 0x69, 0x6f, 0x6e, 0x42, 0x61, 0x6c, 0x61, 0x6e, 0x63, 0x65, 0x43,
+	0x6f, 0x6e, 0x66, 0x69, 0x67, 0x42, 0x13, 0x0a, 0x0c, 0x62, 0x61, 0x6c, 0x61, 0x6e, 0x63, 0x65,
+	0x5f, 0x74, 0x79, 0x70, 0x65, 0x12, 0x03, 0xf8, 0x42, 0x01, 0x1a, 0x18, 0x0a, 0x16, 0x49, 0x6e,
+	0x74, 0x65, 0x72, 0x6e, 0x61, 0x6c, 0x4c, 0x69, 0x73, 0x74, 0x65, 0x6e, 0x65, 0x72, 0x43, 0x6f,
+	0x6e, 0x66, 0x69, 0x67, 0x22, 0x29, 0x0a, 0x09, 0x44, 0x72, 0x61, 0x69, 0x6e, 0x54, 0x79, 0x70,
+	0x65, 0x12, 0x0b, 0x0a, 0x07, 0x44, 0x45, 0x46, 0x41, 0x55, 0x4c, 0x54, 0x10, 0x00, 0x12, 0x0f,
+	0x0a, 0x0b, 0x4d, 0x4f, 0x44, 0x49, 0x46, 0x59, 0x5f, 0x4f, 0x4e, 0x4c, 0x59, 0x10, 0x01, 0x3a,
+	0x1c, 0x9a, 0xc5, 0x88, 0x1e, 0x17, 0x0a, 0x15, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61, 0x70,
+	0x69, 0x2e, 0x76, 0x32, 0x2e, 0x4c, 0x69, 0x73, 0x74, 0x65, 0x6e, 0x65, 0x72, 0x42, 0x14, 0x0a,
+	0x12, 0x6c, 0x69, 0x73, 0x74, 0x65, 0x6e, 0x65, 0x72, 0x5f, 0x73, 0x70, 0x65, 0x63, 0x69, 0x66,
+	0x69, 0x65, 0x72, 0x4a, 0x04, 0x08, 0x0e, 0x10, 0x0f, 0x4a, 0x04, 0x08, 0x17, 0x10, 0x18, 0x42,
+	0x41, 0x0a, 0x26, 0x69, 0x6f, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x70, 0x72, 0x6f, 0x78, 0x79,
+	0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x6c, 0x69,
+	0x73, 0x74, 0x65, 0x6e, 0x65, 0x72, 0x2e, 0x76, 0x33, 0x42, 0x0d, 0x4c, 0x69, 0x73, 0x74, 0x65,
+	0x6e, 0x65, 0x72, 0x50, 0x72, 0x6f, 0x74, 0x6f, 0x50, 0x01, 0xba, 0x80, 0xc8, 0xd1, 0x06, 0x02,
+	0x10, 0x02, 0x62, 0x06, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x33,
+}
+
+var (
+	file_envoy_config_listener_v3_listener_proto_rawDescOnce sync.Once
+	file_envoy_config_listener_v3_listener_proto_rawDescData = file_envoy_config_listener_v3_listener_proto_rawDesc
+)
+
+func file_envoy_config_listener_v3_listener_proto_rawDescGZIP() []byte {
+	file_envoy_config_listener_v3_listener_proto_rawDescOnce.Do(func() {
+		file_envoy_config_listener_v3_listener_proto_rawDescData = protoimpl.X.CompressGZIP(file_envoy_config_listener_v3_listener_proto_rawDescData)
+	})
+	return file_envoy_config_listener_v3_listener_proto_rawDescData
+}
+
+var file_envoy_config_listener_v3_listener_proto_enumTypes = make([]protoimpl.EnumInfo, 1)
+var file_envoy_config_listener_v3_listener_proto_msgTypes = make([]protoimpl.MessageInfo, 6)
+var file_envoy_config_listener_v3_listener_proto_goTypes = []interface{}{
+	(Listener_DrainType)(0),                               // 0: envoy.config.listener.v3.Listener.DrainType
+	(*ListenerCollection)(nil),                            // 1: envoy.config.listener.v3.ListenerCollection
+	(*Listener)(nil),                                      // 2: envoy.config.listener.v3.Listener
+	(*Listener_DeprecatedV1)(nil),                         // 3: envoy.config.listener.v3.Listener.DeprecatedV1
+	(*Listener_ConnectionBalanceConfig)(nil),              // 4: envoy.config.listener.v3.Listener.ConnectionBalanceConfig
+	(*Listener_InternalListenerConfig)(nil),               // 5: envoy.config.listener.v3.Listener.InternalListenerConfig
+	(*Listener_ConnectionBalanceConfig_ExactBalance)(nil), // 6: envoy.config.listener.v3.Listener.ConnectionBalanceConfig.ExactBalance
+	(*v3.CollectionEntry)(nil),                            // 7: xds.core.v3.CollectionEntry
+	(*v31.Address)(nil),                                   // 8: envoy.config.core.v3.Address
+	(*FilterChain)(nil),                                   // 9: envoy.config.listener.v3.FilterChain
+	(*wrappers.BoolValue)(nil),                            // 10: google.protobuf.BoolValue
+	(*wrappers.UInt32Value)(nil),                          // 11: google.protobuf.UInt32Value
+	(*v31.Metadata)(nil),                                  // 12: envoy.config.core.v3.Metadata
+	(*ListenerFilter)(nil),                                // 13: envoy.config.listener.v3.ListenerFilter
+	(*duration.Duration)(nil),                             // 14: google.protobuf.Duration
+	(*v31.SocketOption)(nil),                              // 15: envoy.config.core.v3.SocketOption
+	(v31.TrafficDirection)(0),                             // 16: envoy.config.core.v3.TrafficDirection
+	(*UdpListenerConfig)(nil),                             // 17: envoy.config.listener.v3.UdpListenerConfig
+	(*ApiListener)(nil),                                   // 18: envoy.config.listener.v3.ApiListener
+	(*v32.AccessLog)(nil),                                 // 19: envoy.config.accesslog.v3.AccessLog
+}
+var file_envoy_config_listener_v3_listener_proto_depIdxs = []int32{
+	7,  // 0: envoy.config.listener.v3.ListenerCollection.entries:type_name -> xds.core.v3.CollectionEntry
+	8,  // 1: envoy.config.listener.v3.Listener.address:type_name -> envoy.config.core.v3.Address
+	9,  // 2: envoy.config.listener.v3.Listener.filter_chains:type_name -> envoy.config.listener.v3.FilterChain
+	10, // 3: envoy.config.listener.v3.Listener.use_original_dst:type_name -> google.protobuf.BoolValue
+	9,  // 4: envoy.config.listener.v3.Listener.default_filter_chain:type_name -> envoy.config.listener.v3.FilterChain
+	11, // 5: envoy.config.listener.v3.Listener.per_connection_buffer_limit_bytes:type_name -> google.protobuf.UInt32Value
+	12, // 6: envoy.config.listener.v3.Listener.metadata:type_name -> envoy.config.core.v3.Metadata
+	3,  // 7: envoy.config.listener.v3.Listener.deprecated_v1:type_name -> envoy.config.listener.v3.Listener.DeprecatedV1
+	0,  // 8: envoy.config.listener.v3.Listener.drain_type:type_name -> envoy.config.listener.v3.Listener.DrainType
+	13, // 9: envoy.config.listener.v3.Listener.listener_filters:type_name -> envoy.config.listener.v3.ListenerFilter
+	14, // 10: envoy.config.listener.v3.Listener.listener_filters_timeout:type_name -> google.protobuf.Duration
+	10, // 11: envoy.config.listener.v3.Listener.transparent:type_name -> google.protobuf.BoolValue
+	10, // 12: envoy.config.listener.v3.Listener.freebind:type_name -> google.protobuf.BoolValue
+	15, // 13: envoy.config.listener.v3.Listener.socket_options:type_name -> envoy.config.core.v3.SocketOption
+	11, // 14: envoy.config.listener.v3.Listener.tcp_fast_open_queue_length:type_name -> google.protobuf.UInt32Value
+	16, // 15: envoy.config.listener.v3.Listener.traffic_direction:type_name -> envoy.config.core.v3.TrafficDirection
+	17, // 16: envoy.config.listener.v3.Listener.udp_listener_config:type_name -> envoy.config.listener.v3.UdpListenerConfig
+	18, // 17: envoy.config.listener.v3.Listener.api_listener:type_name -> envoy.config.listener.v3.ApiListener
+	4,  // 18: envoy.config.listener.v3.Listener.connection_balance_config:type_name -> envoy.config.listener.v3.Listener.ConnectionBalanceConfig
+	10, // 19: envoy.config.listener.v3.Listener.enable_reuse_port:type_name -> google.protobuf.BoolValue
+	19, // 20: envoy.config.listener.v3.Listener.access_log:type_name -> envoy.config.accesslog.v3.AccessLog
+	11, // 21: envoy.config.listener.v3.Listener.tcp_backlog_size:type_name -> google.protobuf.UInt32Value
+	10, // 22: envoy.config.listener.v3.Listener.bind_to_port:type_name -> google.protobuf.BoolValue
+	5,  // 23: envoy.config.listener.v3.Listener.internal_listener:type_name -> envoy.config.listener.v3.Listener.InternalListenerConfig
+	10, // 24: envoy.config.listener.v3.Listener.DeprecatedV1.bind_to_port:type_name -> google.protobuf.BoolValue
+	6,  // 25: envoy.config.listener.v3.Listener.ConnectionBalanceConfig.exact_balance:type_name -> envoy.config.listener.v3.Listener.ConnectionBalanceConfig.ExactBalance
+	26, // [26:26] is the sub-list for method output_type
+	26, // [26:26] is the sub-list for method input_type
+	26, // [26:26] is the sub-list for extension type_name
+	26, // [26:26] is the sub-list for extension extendee
+	0,  // [0:26] is the sub-list for field type_name
+}
+
+func init() { file_envoy_config_listener_v3_listener_proto_init() }
+func file_envoy_config_listener_v3_listener_proto_init() {
+	if File_envoy_config_listener_v3_listener_proto != nil {
+		return
+	}
+	file_envoy_config_listener_v3_api_listener_proto_init()
+	file_envoy_config_listener_v3_listener_components_proto_init()
+	file_envoy_config_listener_v3_udp_listener_config_proto_init()
+	if !protoimpl.UnsafeEnabled {
+		file_envoy_config_listener_v3_listener_proto_msgTypes[0].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*ListenerCollection); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_config_listener_v3_listener_proto_msgTypes[1].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*Listener); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_config_listener_v3_listener_proto_msgTypes[2].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*Listener_DeprecatedV1); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_config_listener_v3_listener_proto_msgTypes[3].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*Listener_ConnectionBalanceConfig); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_config_listener_v3_listener_proto_msgTypes[4].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*Listener_InternalListenerConfig); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_config_listener_v3_listener_proto_msgTypes[5].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*Listener_ConnectionBalanceConfig_ExactBalance); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+	}
+	file_envoy_config_listener_v3_listener_proto_msgTypes[1].OneofWrappers = []interface{}{
+		(*Listener_InternalListener)(nil),
+	}
+	file_envoy_config_listener_v3_listener_proto_msgTypes[3].OneofWrappers = []interface{}{
+		(*Listener_ConnectionBalanceConfig_ExactBalance_)(nil),
+	}
+	type x struct{}
+	out := protoimpl.TypeBuilder{
+		File: protoimpl.DescBuilder{
+			GoPackagePath: reflect.TypeOf(x{}).PkgPath(),
+			RawDescriptor: file_envoy_config_listener_v3_listener_proto_rawDesc,
+			NumEnums:      1,
+			NumMessages:   6,
+			NumExtensions: 0,
+			NumServices:   0,
+		},
+		GoTypes:           file_envoy_config_listener_v3_listener_proto_goTypes,
+		DependencyIndexes: file_envoy_config_listener_v3_listener_proto_depIdxs,
+		EnumInfos:         file_envoy_config_listener_v3_listener_proto_enumTypes,
+		MessageInfos:      file_envoy_config_listener_v3_listener_proto_msgTypes,
+	}.Build()
+	File_envoy_config_listener_v3_listener_proto = out.File
+	file_envoy_config_listener_v3_listener_proto_rawDesc = nil
+	file_envoy_config_listener_v3_listener_proto_goTypes = nil
+	file_envoy_config_listener_v3_listener_proto_depIdxs = nil
+}
diff --git a/vendor/github.com/envoyproxy/go-control-plane/envoy/config/listener/v3/listener.pb.validate.go b/vendor/github.com/envoyproxy/go-control-plane/envoy/config/listener/v3/listener.pb.validate.go
new file mode 100644
index 00000000000..48d1c87e32c
--- /dev/null
+++ b/vendor/github.com/envoyproxy/go-control-plane/envoy/config/listener/v3/listener.pb.validate.go
@@ -0,0 +1,1422 @@
+// Code generated by protoc-gen-validate. DO NOT EDIT.
+// source: envoy/config/listener/v3/listener.proto
+
+package envoy_config_listener_v3
+
+import (
+	"bytes"
+	"errors"
+	"fmt"
+	"net"
+	"net/mail"
+	"net/url"
+	"regexp"
+	"sort"
+	"strings"
+	"time"
+	"unicode/utf8"
+
+	"google.golang.org/protobuf/types/known/anypb"
+
+	v3 "github.com/envoyproxy/go-control-plane/envoy/config/core/v3"
+)
+
+// ensure the imports are used
+var (
+	_ = bytes.MinRead
+	_ = errors.New("")
+	_ = fmt.Print
+	_ = utf8.UTFMax
+	_ = (*regexp.Regexp)(nil)
+	_ = (*strings.Reader)(nil)
+	_ = net.IPv4len
+	_ = time.Duration(0)
+	_ = (*url.URL)(nil)
+	_ = (*mail.Address)(nil)
+	_ = anypb.Any{}
+	_ = sort.Sort
+
+	_ = v3.TrafficDirection(0)
+)
+
+// Validate checks the field values on ListenerCollection with the rules
+// defined in the proto definition for this message. If any rules are
+// violated, the first error encountered is returned, or nil if there are no violations.
+func (m *ListenerCollection) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on ListenerCollection with the rules
+// defined in the proto definition for this message. If any rules are
+// violated, the result is a list of violation errors wrapped in
+// ListenerCollectionMultiError, or nil if none found.
+func (m *ListenerCollection) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *ListenerCollection) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	for idx, item := range m.GetEntries() {
+		_, _ = idx, item
+
+		if all {
+			switch v := interface{}(item).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, ListenerCollectionValidationError{
+						field:  fmt.Sprintf("Entries[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, ListenerCollectionValidationError{
+						field:  fmt.Sprintf("Entries[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(item).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return ListenerCollectionValidationError{
+					field:  fmt.Sprintf("Entries[%v]", idx),
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	}
+
+	if len(errors) > 0 {
+		return ListenerCollectionMultiError(errors)
+	}
+	return nil
+}
+
+// ListenerCollectionMultiError is an error wrapping multiple validation errors
+// returned by ListenerCollection.ValidateAll() if the designated constraints
+// aren't met.
+type ListenerCollectionMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m ListenerCollectionMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m ListenerCollectionMultiError) AllErrors() []error { return m }
+
+// ListenerCollectionValidationError is the validation error returned by
+// ListenerCollection.Validate if the designated constraints aren't met.
+type ListenerCollectionValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e ListenerCollectionValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e ListenerCollectionValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e ListenerCollectionValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e ListenerCollectionValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e ListenerCollectionValidationError) ErrorName() string {
+	return "ListenerCollectionValidationError"
+}
+
+// Error satisfies the builtin error interface
+func (e ListenerCollectionValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sListenerCollection.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = ListenerCollectionValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = ListenerCollectionValidationError{}
+
+// Validate checks the field values on Listener with the rules defined in the
+// proto definition for this message. If any rules are violated, the first
+// error encountered is returned, or nil if there are no violations.
+func (m *Listener) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on Listener with the rules defined in
+// the proto definition for this message. If any rules are violated, the
+// result is a list of violation errors wrapped in ListenerMultiError, or nil
+// if none found.
+func (m *Listener) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *Listener) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	// no validation rules for Name
+
+	if m.GetAddress() == nil {
+		err := ListenerValidationError{
+			field:  "Address",
+			reason: "value is required",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+	}
+
+	if all {
+		switch v := interface{}(m.GetAddress()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, ListenerValidationError{
+					field:  "Address",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, ListenerValidationError{
+					field:  "Address",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetAddress()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return ListenerValidationError{
+				field:  "Address",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	// no validation rules for StatPrefix
+
+	for idx, item := range m.GetFilterChains() {
+		_, _ = idx, item
+
+		if all {
+			switch v := interface{}(item).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, ListenerValidationError{
+						field:  fmt.Sprintf("FilterChains[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, ListenerValidationError{
+						field:  fmt.Sprintf("FilterChains[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(item).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return ListenerValidationError{
+					field:  fmt.Sprintf("FilterChains[%v]", idx),
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	}
+
+	if all {
+		switch v := interface{}(m.GetUseOriginalDst()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, ListenerValidationError{
+					field:  "UseOriginalDst",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, ListenerValidationError{
+					field:  "UseOriginalDst",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetUseOriginalDst()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return ListenerValidationError{
+				field:  "UseOriginalDst",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if all {
+		switch v := interface{}(m.GetDefaultFilterChain()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, ListenerValidationError{
+					field:  "DefaultFilterChain",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, ListenerValidationError{
+					field:  "DefaultFilterChain",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetDefaultFilterChain()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return ListenerValidationError{
+				field:  "DefaultFilterChain",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if all {
+		switch v := interface{}(m.GetPerConnectionBufferLimitBytes()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, ListenerValidationError{
+					field:  "PerConnectionBufferLimitBytes",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, ListenerValidationError{
+					field:  "PerConnectionBufferLimitBytes",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetPerConnectionBufferLimitBytes()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return ListenerValidationError{
+				field:  "PerConnectionBufferLimitBytes",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if all {
+		switch v := interface{}(m.GetMetadata()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, ListenerValidationError{
+					field:  "Metadata",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, ListenerValidationError{
+					field:  "Metadata",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetMetadata()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return ListenerValidationError{
+				field:  "Metadata",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if all {
+		switch v := interface{}(m.GetDeprecatedV1()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, ListenerValidationError{
+					field:  "DeprecatedV1",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, ListenerValidationError{
+					field:  "DeprecatedV1",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetDeprecatedV1()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return ListenerValidationError{
+				field:  "DeprecatedV1",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	// no validation rules for DrainType
+
+	for idx, item := range m.GetListenerFilters() {
+		_, _ = idx, item
+
+		if all {
+			switch v := interface{}(item).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, ListenerValidationError{
+						field:  fmt.Sprintf("ListenerFilters[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, ListenerValidationError{
+						field:  fmt.Sprintf("ListenerFilters[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(item).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return ListenerValidationError{
+					field:  fmt.Sprintf("ListenerFilters[%v]", idx),
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	}
+
+	if all {
+		switch v := interface{}(m.GetListenerFiltersTimeout()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, ListenerValidationError{
+					field:  "ListenerFiltersTimeout",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, ListenerValidationError{
+					field:  "ListenerFiltersTimeout",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetListenerFiltersTimeout()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return ListenerValidationError{
+				field:  "ListenerFiltersTimeout",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	// no validation rules for ContinueOnListenerFiltersTimeout
+
+	if all {
+		switch v := interface{}(m.GetTransparent()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, ListenerValidationError{
+					field:  "Transparent",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, ListenerValidationError{
+					field:  "Transparent",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetTransparent()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return ListenerValidationError{
+				field:  "Transparent",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if all {
+		switch v := interface{}(m.GetFreebind()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, ListenerValidationError{
+					field:  "Freebind",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, ListenerValidationError{
+					field:  "Freebind",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetFreebind()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return ListenerValidationError{
+				field:  "Freebind",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	for idx, item := range m.GetSocketOptions() {
+		_, _ = idx, item
+
+		if all {
+			switch v := interface{}(item).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, ListenerValidationError{
+						field:  fmt.Sprintf("SocketOptions[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, ListenerValidationError{
+						field:  fmt.Sprintf("SocketOptions[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(item).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return ListenerValidationError{
+					field:  fmt.Sprintf("SocketOptions[%v]", idx),
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	}
+
+	if all {
+		switch v := interface{}(m.GetTcpFastOpenQueueLength()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, ListenerValidationError{
+					field:  "TcpFastOpenQueueLength",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, ListenerValidationError{
+					field:  "TcpFastOpenQueueLength",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetTcpFastOpenQueueLength()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return ListenerValidationError{
+				field:  "TcpFastOpenQueueLength",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	// no validation rules for TrafficDirection
+
+	if all {
+		switch v := interface{}(m.GetUdpListenerConfig()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, ListenerValidationError{
+					field:  "UdpListenerConfig",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, ListenerValidationError{
+					field:  "UdpListenerConfig",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetUdpListenerConfig()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return ListenerValidationError{
+				field:  "UdpListenerConfig",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if all {
+		switch v := interface{}(m.GetApiListener()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, ListenerValidationError{
+					field:  "ApiListener",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, ListenerValidationError{
+					field:  "ApiListener",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetApiListener()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return ListenerValidationError{
+				field:  "ApiListener",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if all {
+		switch v := interface{}(m.GetConnectionBalanceConfig()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, ListenerValidationError{
+					field:  "ConnectionBalanceConfig",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, ListenerValidationError{
+					field:  "ConnectionBalanceConfig",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetConnectionBalanceConfig()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return ListenerValidationError{
+				field:  "ConnectionBalanceConfig",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	// no validation rules for ReusePort
+
+	if all {
+		switch v := interface{}(m.GetEnableReusePort()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, ListenerValidationError{
+					field:  "EnableReusePort",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, ListenerValidationError{
+					field:  "EnableReusePort",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetEnableReusePort()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return ListenerValidationError{
+				field:  "EnableReusePort",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	for idx, item := range m.GetAccessLog() {
+		_, _ = idx, item
+
+		if all {
+			switch v := interface{}(item).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, ListenerValidationError{
+						field:  fmt.Sprintf("AccessLog[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, ListenerValidationError{
+						field:  fmt.Sprintf("AccessLog[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(item).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return ListenerValidationError{
+					field:  fmt.Sprintf("AccessLog[%v]", idx),
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	}
+
+	if all {
+		switch v := interface{}(m.GetTcpBacklogSize()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, ListenerValidationError{
+					field:  "TcpBacklogSize",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, ListenerValidationError{
+					field:  "TcpBacklogSize",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetTcpBacklogSize()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return ListenerValidationError{
+				field:  "TcpBacklogSize",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if all {
+		switch v := interface{}(m.GetBindToPort()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, ListenerValidationError{
+					field:  "BindToPort",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, ListenerValidationError{
+					field:  "BindToPort",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetBindToPort()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return ListenerValidationError{
+				field:  "BindToPort",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	// no validation rules for EnableMptcp
+
+	switch m.ListenerSpecifier.(type) {
+
+	case *Listener_InternalListener:
+
+		if all {
+			switch v := interface{}(m.GetInternalListener()).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, ListenerValidationError{
+						field:  "InternalListener",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, ListenerValidationError{
+						field:  "InternalListener",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(m.GetInternalListener()).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return ListenerValidationError{
+					field:  "InternalListener",
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	}
+
+	if len(errors) > 0 {
+		return ListenerMultiError(errors)
+	}
+	return nil
+}
+
+// ListenerMultiError is an error wrapping multiple validation errors returned
+// by Listener.ValidateAll() if the designated constraints aren't met.
+type ListenerMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m ListenerMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m ListenerMultiError) AllErrors() []error { return m }
+
+// ListenerValidationError is the validation error returned by
+// Listener.Validate if the designated constraints aren't met.
+type ListenerValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e ListenerValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e ListenerValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e ListenerValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e ListenerValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e ListenerValidationError) ErrorName() string { return "ListenerValidationError" }
+
+// Error satisfies the builtin error interface
+func (e ListenerValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sListener.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = ListenerValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = ListenerValidationError{}
+
+// Validate checks the field values on Listener_DeprecatedV1 with the rules
+// defined in the proto definition for this message. If any rules are
+// violated, the first error encountered is returned, or nil if there are no violations.
+func (m *Listener_DeprecatedV1) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on Listener_DeprecatedV1 with the rules
+// defined in the proto definition for this message. If any rules are
+// violated, the result is a list of violation errors wrapped in
+// Listener_DeprecatedV1MultiError, or nil if none found.
+func (m *Listener_DeprecatedV1) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *Listener_DeprecatedV1) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	if all {
+		switch v := interface{}(m.GetBindToPort()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, Listener_DeprecatedV1ValidationError{
+					field:  "BindToPort",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, Listener_DeprecatedV1ValidationError{
+					field:  "BindToPort",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetBindToPort()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return Listener_DeprecatedV1ValidationError{
+				field:  "BindToPort",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if len(errors) > 0 {
+		return Listener_DeprecatedV1MultiError(errors)
+	}
+	return nil
+}
+
+// Listener_DeprecatedV1MultiError is an error wrapping multiple validation
+// errors returned by Listener_DeprecatedV1.ValidateAll() if the designated
+// constraints aren't met.
+type Listener_DeprecatedV1MultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m Listener_DeprecatedV1MultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m Listener_DeprecatedV1MultiError) AllErrors() []error { return m }
+
+// Listener_DeprecatedV1ValidationError is the validation error returned by
+// Listener_DeprecatedV1.Validate if the designated constraints aren't met.
+type Listener_DeprecatedV1ValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e Listener_DeprecatedV1ValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e Listener_DeprecatedV1ValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e Listener_DeprecatedV1ValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e Listener_DeprecatedV1ValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e Listener_DeprecatedV1ValidationError) ErrorName() string {
+	return "Listener_DeprecatedV1ValidationError"
+}
+
+// Error satisfies the builtin error interface
+func (e Listener_DeprecatedV1ValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sListener_DeprecatedV1.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = Listener_DeprecatedV1ValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = Listener_DeprecatedV1ValidationError{}
+
+// Validate checks the field values on Listener_ConnectionBalanceConfig with
+// the rules defined in the proto definition for this message. If any rules
+// are violated, the first error encountered is returned, or nil if there are
+// no violations.
+func (m *Listener_ConnectionBalanceConfig) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on Listener_ConnectionBalanceConfig with
+// the rules defined in the proto definition for this message. If any rules
+// are violated, the result is a list of violation errors wrapped in
+// Listener_ConnectionBalanceConfigMultiError, or nil if none found.
+func (m *Listener_ConnectionBalanceConfig) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *Listener_ConnectionBalanceConfig) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	switch m.BalanceType.(type) {
+
+	case *Listener_ConnectionBalanceConfig_ExactBalance_:
+
+		if all {
+			switch v := interface{}(m.GetExactBalance()).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, Listener_ConnectionBalanceConfigValidationError{
+						field:  "ExactBalance",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, Listener_ConnectionBalanceConfigValidationError{
+						field:  "ExactBalance",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(m.GetExactBalance()).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return Listener_ConnectionBalanceConfigValidationError{
+					field:  "ExactBalance",
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	default:
+		err := Listener_ConnectionBalanceConfigValidationError{
+			field:  "BalanceType",
+			reason: "value is required",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+
+	}
+
+	if len(errors) > 0 {
+		return Listener_ConnectionBalanceConfigMultiError(errors)
+	}
+	return nil
+}
+
+// Listener_ConnectionBalanceConfigMultiError is an error wrapping multiple
+// validation errors returned by
+// Listener_ConnectionBalanceConfig.ValidateAll() if the designated
+// constraints aren't met.
+type Listener_ConnectionBalanceConfigMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m Listener_ConnectionBalanceConfigMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m Listener_ConnectionBalanceConfigMultiError) AllErrors() []error { return m }
+
+// Listener_ConnectionBalanceConfigValidationError is the validation error
+// returned by Listener_ConnectionBalanceConfig.Validate if the designated
+// constraints aren't met.
+type Listener_ConnectionBalanceConfigValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e Listener_ConnectionBalanceConfigValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e Listener_ConnectionBalanceConfigValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e Listener_ConnectionBalanceConfigValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e Listener_ConnectionBalanceConfigValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e Listener_ConnectionBalanceConfigValidationError) ErrorName() string {
+	return "Listener_ConnectionBalanceConfigValidationError"
+}
+
+// Error satisfies the builtin error interface
+func (e Listener_ConnectionBalanceConfigValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sListener_ConnectionBalanceConfig.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = Listener_ConnectionBalanceConfigValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = Listener_ConnectionBalanceConfigValidationError{}
+
+// Validate checks the field values on Listener_InternalListenerConfig with the
+// rules defined in the proto definition for this message. If any rules are
+// violated, the first error encountered is returned, or nil if there are no violations.
+func (m *Listener_InternalListenerConfig) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on Listener_InternalListenerConfig with
+// the rules defined in the proto definition for this message. If any rules
+// are violated, the result is a list of violation errors wrapped in
+// Listener_InternalListenerConfigMultiError, or nil if none found.
+func (m *Listener_InternalListenerConfig) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *Listener_InternalListenerConfig) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	if len(errors) > 0 {
+		return Listener_InternalListenerConfigMultiError(errors)
+	}
+	return nil
+}
+
+// Listener_InternalListenerConfigMultiError is an error wrapping multiple
+// validation errors returned by Listener_InternalListenerConfig.ValidateAll()
+// if the designated constraints aren't met.
+type Listener_InternalListenerConfigMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m Listener_InternalListenerConfigMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m Listener_InternalListenerConfigMultiError) AllErrors() []error { return m }
+
+// Listener_InternalListenerConfigValidationError is the validation error
+// returned by Listener_InternalListenerConfig.Validate if the designated
+// constraints aren't met.
+type Listener_InternalListenerConfigValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e Listener_InternalListenerConfigValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e Listener_InternalListenerConfigValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e Listener_InternalListenerConfigValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e Listener_InternalListenerConfigValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e Listener_InternalListenerConfigValidationError) ErrorName() string {
+	return "Listener_InternalListenerConfigValidationError"
+}
+
+// Error satisfies the builtin error interface
+func (e Listener_InternalListenerConfigValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sListener_InternalListenerConfig.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = Listener_InternalListenerConfigValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = Listener_InternalListenerConfigValidationError{}
+
+// Validate checks the field values on
+// Listener_ConnectionBalanceConfig_ExactBalance with the rules defined in the
+// proto definition for this message. If any rules are violated, the first
+// error encountered is returned, or nil if there are no violations.
+func (m *Listener_ConnectionBalanceConfig_ExactBalance) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on
+// Listener_ConnectionBalanceConfig_ExactBalance with the rules defined in the
+// proto definition for this message. If any rules are violated, the result is
+// a list of violation errors wrapped in
+// Listener_ConnectionBalanceConfig_ExactBalanceMultiError, or nil if none found.
+func (m *Listener_ConnectionBalanceConfig_ExactBalance) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *Listener_ConnectionBalanceConfig_ExactBalance) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	if len(errors) > 0 {
+		return Listener_ConnectionBalanceConfig_ExactBalanceMultiError(errors)
+	}
+	return nil
+}
+
+// Listener_ConnectionBalanceConfig_ExactBalanceMultiError is an error wrapping
+// multiple validation errors returned by
+// Listener_ConnectionBalanceConfig_ExactBalance.ValidateAll() if the
+// designated constraints aren't met.
+type Listener_ConnectionBalanceConfig_ExactBalanceMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m Listener_ConnectionBalanceConfig_ExactBalanceMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m Listener_ConnectionBalanceConfig_ExactBalanceMultiError) AllErrors() []error { return m }
+
+// Listener_ConnectionBalanceConfig_ExactBalanceValidationError is the
+// validation error returned by
+// Listener_ConnectionBalanceConfig_ExactBalance.Validate if the designated
+// constraints aren't met.
+type Listener_ConnectionBalanceConfig_ExactBalanceValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e Listener_ConnectionBalanceConfig_ExactBalanceValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e Listener_ConnectionBalanceConfig_ExactBalanceValidationError) Reason() string {
+	return e.reason
+}
+
+// Cause function returns cause value.
+func (e Listener_ConnectionBalanceConfig_ExactBalanceValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e Listener_ConnectionBalanceConfig_ExactBalanceValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e Listener_ConnectionBalanceConfig_ExactBalanceValidationError) ErrorName() string {
+	return "Listener_ConnectionBalanceConfig_ExactBalanceValidationError"
+}
+
+// Error satisfies the builtin error interface
+func (e Listener_ConnectionBalanceConfig_ExactBalanceValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sListener_ConnectionBalanceConfig_ExactBalance.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = Listener_ConnectionBalanceConfig_ExactBalanceValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = Listener_ConnectionBalanceConfig_ExactBalanceValidationError{}
diff --git a/vendor/github.com/envoyproxy/go-control-plane/envoy/config/listener/v3/listener_components.pb.go b/vendor/github.com/envoyproxy/go-control-plane/envoy/config/listener/v3/listener_components.pb.go
new file mode 100644
index 00000000000..d149ef48e62
--- /dev/null
+++ b/vendor/github.com/envoyproxy/go-control-plane/envoy/config/listener/v3/listener_components.pb.go
@@ -0,0 +1,1320 @@
+// Code generated by protoc-gen-go. DO NOT EDIT.
+// versions:
+// 	protoc-gen-go v1.25.0
+// 	protoc        v3.19.1
+// source: envoy/config/listener/v3/listener_components.proto
+
+package envoy_config_listener_v3
+
+import (
+	_ "github.com/cncf/xds/go/udpa/annotations"
+	_ "github.com/envoyproxy/go-control-plane/envoy/annotations"
+	v3 "github.com/envoyproxy/go-control-plane/envoy/config/core/v3"
+	v31 "github.com/envoyproxy/go-control-plane/envoy/type/v3"
+	_ "github.com/envoyproxy/protoc-gen-validate/validate"
+	proto "github.com/golang/protobuf/proto"
+	any "github.com/golang/protobuf/ptypes/any"
+	duration "github.com/golang/protobuf/ptypes/duration"
+	wrappers "github.com/golang/protobuf/ptypes/wrappers"
+	protoreflect "google.golang.org/protobuf/reflect/protoreflect"
+	protoimpl "google.golang.org/protobuf/runtime/protoimpl"
+	reflect "reflect"
+	sync "sync"
+)
+
+const (
+	// Verify that this generated code is sufficiently up-to-date.
+	_ = protoimpl.EnforceVersion(20 - protoimpl.MinVersion)
+	// Verify that runtime/protoimpl is sufficiently up-to-date.
+	_ = protoimpl.EnforceVersion(protoimpl.MaxVersion - 20)
+)
+
+// This is a compile-time assertion that a sufficiently up-to-date version
+// of the legacy proto package is being used.
+const _ = proto.ProtoPackageIsVersion4
+
+type FilterChainMatch_ConnectionSourceType int32
+
+const (
+	// Any connection source matches.
+	FilterChainMatch_ANY FilterChainMatch_ConnectionSourceType = 0
+	// Match a connection originating from the same host.
+	FilterChainMatch_SAME_IP_OR_LOOPBACK FilterChainMatch_ConnectionSourceType = 1
+	// Match a connection originating from a different host.
+	FilterChainMatch_EXTERNAL FilterChainMatch_ConnectionSourceType = 2
+)
+
+// Enum value maps for FilterChainMatch_ConnectionSourceType.
+var (
+	FilterChainMatch_ConnectionSourceType_name = map[int32]string{
+		0: "ANY",
+		1: "SAME_IP_OR_LOOPBACK",
+		2: "EXTERNAL",
+	}
+	FilterChainMatch_ConnectionSourceType_value = map[string]int32{
+		"ANY":                 0,
+		"SAME_IP_OR_LOOPBACK": 1,
+		"EXTERNAL":            2,
+	}
+)
+
+func (x FilterChainMatch_ConnectionSourceType) Enum() *FilterChainMatch_ConnectionSourceType {
+	p := new(FilterChainMatch_ConnectionSourceType)
+	*p = x
+	return p
+}
+
+func (x FilterChainMatch_ConnectionSourceType) String() string {
+	return protoimpl.X.EnumStringOf(x.Descriptor(), protoreflect.EnumNumber(x))
+}
+
+func (FilterChainMatch_ConnectionSourceType) Descriptor() protoreflect.EnumDescriptor {
+	return file_envoy_config_listener_v3_listener_components_proto_enumTypes[0].Descriptor()
+}
+
+func (FilterChainMatch_ConnectionSourceType) Type() protoreflect.EnumType {
+	return &file_envoy_config_listener_v3_listener_components_proto_enumTypes[0]
+}
+
+func (x FilterChainMatch_ConnectionSourceType) Number() protoreflect.EnumNumber {
+	return protoreflect.EnumNumber(x)
+}
+
+// Deprecated: Use FilterChainMatch_ConnectionSourceType.Descriptor instead.
+func (FilterChainMatch_ConnectionSourceType) EnumDescriptor() ([]byte, []int) {
+	return file_envoy_config_listener_v3_listener_components_proto_rawDescGZIP(), []int{1, 0}
+}
+
+// [#next-free-field: 6]
+type Filter struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// The name of the filter to instantiate. The name must match a
+	// :ref:`supported filter <config_network_filters>`.
+	Name string `protobuf:"bytes,1,opt,name=name,proto3" json:"name,omitempty"`
+	// Types that are assignable to ConfigType:
+	//	*Filter_TypedConfig
+	//	*Filter_ConfigDiscovery
+	ConfigType isFilter_ConfigType `protobuf_oneof:"config_type"`
+}
+
+func (x *Filter) Reset() {
+	*x = Filter{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_config_listener_v3_listener_components_proto_msgTypes[0]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *Filter) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*Filter) ProtoMessage() {}
+
+func (x *Filter) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_config_listener_v3_listener_components_proto_msgTypes[0]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use Filter.ProtoReflect.Descriptor instead.
+func (*Filter) Descriptor() ([]byte, []int) {
+	return file_envoy_config_listener_v3_listener_components_proto_rawDescGZIP(), []int{0}
+}
+
+func (x *Filter) GetName() string {
+	if x != nil {
+		return x.Name
+	}
+	return ""
+}
+
+func (m *Filter) GetConfigType() isFilter_ConfigType {
+	if m != nil {
+		return m.ConfigType
+	}
+	return nil
+}
+
+func (x *Filter) GetTypedConfig() *any.Any {
+	if x, ok := x.GetConfigType().(*Filter_TypedConfig); ok {
+		return x.TypedConfig
+	}
+	return nil
+}
+
+func (x *Filter) GetConfigDiscovery() *v3.ExtensionConfigSource {
+	if x, ok := x.GetConfigType().(*Filter_ConfigDiscovery); ok {
+		return x.ConfigDiscovery
+	}
+	return nil
+}
+
+type isFilter_ConfigType interface {
+	isFilter_ConfigType()
+}
+
+type Filter_TypedConfig struct {
+	// Filter specific configuration which depends on the filter being
+	// instantiated. See the supported filters for further documentation.
+	// [#extension-category: envoy.filters.network]
+	TypedConfig *any.Any `protobuf:"bytes,4,opt,name=typed_config,json=typedConfig,proto3,oneof"`
+}
+
+type Filter_ConfigDiscovery struct {
+	// Configuration source specifier for an extension configuration discovery
+	// service. In case of a failure and without the default configuration, the
+	// listener closes the connections.
+	// [#not-implemented-hide:]
+	ConfigDiscovery *v3.ExtensionConfigSource `protobuf:"bytes,5,opt,name=config_discovery,json=configDiscovery,proto3,oneof"`
+}
+
+func (*Filter_TypedConfig) isFilter_ConfigType() {}
+
+func (*Filter_ConfigDiscovery) isFilter_ConfigType() {}
+
+// Specifies the match criteria for selecting a specific filter chain for a
+// listener.
+//
+// In order for a filter chain to be selected, *ALL* of its criteria must be
+// fulfilled by the incoming connection, properties of which are set by the
+// networking stack and/or listener filters.
+//
+// The following order applies:
+//
+// 1. Destination port.
+// 2. Destination IP address.
+// 3. Server name (e.g. SNI for TLS protocol),
+// 4. Transport protocol.
+// 5. Application protocols (e.g. ALPN for TLS protocol).
+// 6. Directly connected source IP address (this will only be different from the source IP address
+//    when using a listener filter that overrides the source address, such as the :ref:`Proxy Protocol
+//    listener filter <config_listener_filters_proxy_protocol>`).
+// 7. Source type (e.g. any, local or external network).
+// 8. Source IP address.
+// 9. Source port.
+//
+// For criteria that allow ranges or wildcards, the most specific value in any
+// of the configured filter chains that matches the incoming connection is going
+// to be used (e.g. for SNI ``www.example.com`` the most specific match would be
+// ``www.example.com``, then ``*.example.com``, then ``*.com``, then any filter
+// chain without ``server_names`` requirements).
+//
+// A different way to reason about the filter chain matches:
+// Suppose there exists N filter chains. Prune the filter chain set using the above 8 steps.
+// In each step, filter chains which most specifically matches the attributes continue to the next step.
+// The listener guarantees at most 1 filter chain is left after all of the steps.
+//
+// Example:
+//
+// For destination port, filter chains specifying the destination port of incoming traffic are the
+// most specific match. If none of the filter chains specifies the exact destination port, the filter
+// chains which do not specify ports are the most specific match. Filter chains specifying the
+// wrong port can never be the most specific match.
+//
+// [#comment: Implemented rules are kept in the preference order, with deprecated fields
+// listed at the end, because that's how we want to list them in the docs.
+//
+// [#comment:TODO(PiotrSikora): Add support for configurable precedence of the rules]
+// [#next-free-field: 14]
+type FilterChainMatch struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// Optional destination port to consider when use_original_dst is set on the
+	// listener in determining a filter chain match.
+	DestinationPort *wrappers.UInt32Value `protobuf:"bytes,8,opt,name=destination_port,json=destinationPort,proto3" json:"destination_port,omitempty"`
+	// If non-empty, an IP address and prefix length to match addresses when the
+	// listener is bound to 0.0.0.0/:: or when use_original_dst is specified.
+	PrefixRanges []*v3.CidrRange `protobuf:"bytes,3,rep,name=prefix_ranges,json=prefixRanges,proto3" json:"prefix_ranges,omitempty"`
+	// If non-empty, an IP address and suffix length to match addresses when the
+	// listener is bound to 0.0.0.0/:: or when use_original_dst is specified.
+	// [#not-implemented-hide:]
+	AddressSuffix string `protobuf:"bytes,4,opt,name=address_suffix,json=addressSuffix,proto3" json:"address_suffix,omitempty"`
+	// [#not-implemented-hide:]
+	SuffixLen *wrappers.UInt32Value `protobuf:"bytes,5,opt,name=suffix_len,json=suffixLen,proto3" json:"suffix_len,omitempty"`
+	// The criteria is satisfied if the directly connected source IP address of the downstream
+	// connection is contained in at least one of the specified subnets. If the parameter is not
+	// specified or the list is empty, the directly connected source IP address is ignored.
+	DirectSourcePrefixRanges []*v3.CidrRange `protobuf:"bytes,13,rep,name=direct_source_prefix_ranges,json=directSourcePrefixRanges,proto3" json:"direct_source_prefix_ranges,omitempty"`
+	// Specifies the connection source IP match type. Can be any, local or external network.
+	SourceType FilterChainMatch_ConnectionSourceType `protobuf:"varint,12,opt,name=source_type,json=sourceType,proto3,enum=envoy.config.listener.v3.FilterChainMatch_ConnectionSourceType" json:"source_type,omitempty"`
+	// The criteria is satisfied if the source IP address of the downstream
+	// connection is contained in at least one of the specified subnets. If the
+	// parameter is not specified or the list is empty, the source IP address is
+	// ignored.
+	SourcePrefixRanges []*v3.CidrRange `protobuf:"bytes,6,rep,name=source_prefix_ranges,json=sourcePrefixRanges,proto3" json:"source_prefix_ranges,omitempty"`
+	// The criteria is satisfied if the source port of the downstream connection
+	// is contained in at least one of the specified ports. If the parameter is
+	// not specified, the source port is ignored.
+	SourcePorts []uint32 `protobuf:"varint,7,rep,packed,name=source_ports,json=sourcePorts,proto3" json:"source_ports,omitempty"`
+	// If non-empty, a list of server names (e.g. SNI for TLS protocol) to consider when determining
+	// a filter chain match. Those values will be compared against the server names of a new
+	// connection, when detected by one of the listener filters.
+	//
+	// The server name will be matched against all wildcard domains, i.e. ``www.example.com``
+	// will be first matched against ``www.example.com``, then ``*.example.com``, then ``*.com``.
+	//
+	// Note that partial wildcards are not supported, and values like ``*w.example.com`` are invalid.
+	//
+	// .. attention::
+	//
+	//   See the :ref:`FAQ entry <faq_how_to_setup_sni>` on how to configure SNI for more
+	//   information.
+	ServerNames []string `protobuf:"bytes,11,rep,name=server_names,json=serverNames,proto3" json:"server_names,omitempty"`
+	// If non-empty, a transport protocol to consider when determining a filter chain match.
+	// This value will be compared against the transport protocol of a new connection, when
+	// it's detected by one of the listener filters.
+	//
+	// Suggested values include:
+	//
+	// * ``raw_buffer`` - default, used when no transport protocol is detected,
+	// * ``tls`` - set by :ref:`envoy.filters.listener.tls_inspector <config_listener_filters_tls_inspector>`
+	//   when TLS protocol is detected.
+	TransportProtocol string `protobuf:"bytes,9,opt,name=transport_protocol,json=transportProtocol,proto3" json:"transport_protocol,omitempty"`
+	// If non-empty, a list of application protocols (e.g. ALPN for TLS protocol) to consider when
+	// determining a filter chain match. Those values will be compared against the application
+	// protocols of a new connection, when detected by one of the listener filters.
+	//
+	// Suggested values include:
+	//
+	// * ``http/1.1`` - set by :ref:`envoy.filters.listener.tls_inspector
+	//   <config_listener_filters_tls_inspector>`,
+	// * ``h2`` - set by :ref:`envoy.filters.listener.tls_inspector <config_listener_filters_tls_inspector>`
+	//
+	// .. attention::
+	//
+	//   Currently, only :ref:`TLS Inspector <config_listener_filters_tls_inspector>` provides
+	//   application protocol detection based on the requested
+	//   `ALPN <https://en.wikipedia.org/wiki/Application-Layer_Protocol_Negotiation>`_ values.
+	//
+	//   However, the use of ALPN is pretty much limited to the HTTP/2 traffic on the Internet,
+	//   and matching on values other than ``h2`` is going to lead to a lot of false negatives,
+	//   unless all connecting clients are known to use ALPN.
+	ApplicationProtocols []string `protobuf:"bytes,10,rep,name=application_protocols,json=applicationProtocols,proto3" json:"application_protocols,omitempty"`
+}
+
+func (x *FilterChainMatch) Reset() {
+	*x = FilterChainMatch{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_config_listener_v3_listener_components_proto_msgTypes[1]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *FilterChainMatch) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*FilterChainMatch) ProtoMessage() {}
+
+func (x *FilterChainMatch) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_config_listener_v3_listener_components_proto_msgTypes[1]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use FilterChainMatch.ProtoReflect.Descriptor instead.
+func (*FilterChainMatch) Descriptor() ([]byte, []int) {
+	return file_envoy_config_listener_v3_listener_components_proto_rawDescGZIP(), []int{1}
+}
+
+func (x *FilterChainMatch) GetDestinationPort() *wrappers.UInt32Value {
+	if x != nil {
+		return x.DestinationPort
+	}
+	return nil
+}
+
+func (x *FilterChainMatch) GetPrefixRanges() []*v3.CidrRange {
+	if x != nil {
+		return x.PrefixRanges
+	}
+	return nil
+}
+
+func (x *FilterChainMatch) GetAddressSuffix() string {
+	if x != nil {
+		return x.AddressSuffix
+	}
+	return ""
+}
+
+func (x *FilterChainMatch) GetSuffixLen() *wrappers.UInt32Value {
+	if x != nil {
+		return x.SuffixLen
+	}
+	return nil
+}
+
+func (x *FilterChainMatch) GetDirectSourcePrefixRanges() []*v3.CidrRange {
+	if x != nil {
+		return x.DirectSourcePrefixRanges
+	}
+	return nil
+}
+
+func (x *FilterChainMatch) GetSourceType() FilterChainMatch_ConnectionSourceType {
+	if x != nil {
+		return x.SourceType
+	}
+	return FilterChainMatch_ANY
+}
+
+func (x *FilterChainMatch) GetSourcePrefixRanges() []*v3.CidrRange {
+	if x != nil {
+		return x.SourcePrefixRanges
+	}
+	return nil
+}
+
+func (x *FilterChainMatch) GetSourcePorts() []uint32 {
+	if x != nil {
+		return x.SourcePorts
+	}
+	return nil
+}
+
+func (x *FilterChainMatch) GetServerNames() []string {
+	if x != nil {
+		return x.ServerNames
+	}
+	return nil
+}
+
+func (x *FilterChainMatch) GetTransportProtocol() string {
+	if x != nil {
+		return x.TransportProtocol
+	}
+	return ""
+}
+
+func (x *FilterChainMatch) GetApplicationProtocols() []string {
+	if x != nil {
+		return x.ApplicationProtocols
+	}
+	return nil
+}
+
+// A filter chain wraps a set of match criteria, an option TLS context, a set of filters, and
+// various other parameters.
+// [#next-free-field: 10]
+type FilterChain struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// The criteria to use when matching a connection to this filter chain.
+	FilterChainMatch *FilterChainMatch `protobuf:"bytes,1,opt,name=filter_chain_match,json=filterChainMatch,proto3" json:"filter_chain_match,omitempty"`
+	// A list of individual network filters that make up the filter chain for
+	// connections established with the listener. Order matters as the filters are
+	// processed sequentially as connection events happen. Note: If the filter
+	// list is empty, the connection will close by default.
+	Filters []*Filter `protobuf:"bytes,3,rep,name=filters,proto3" json:"filters,omitempty"`
+	// Whether the listener should expect a PROXY protocol V1 header on new
+	// connections. If this option is enabled, the listener will assume that that
+	// remote address of the connection is the one specified in the header. Some
+	// load balancers including the AWS ELB support this option. If the option is
+	// absent or set to false, Envoy will use the physical peer address of the
+	// connection as the remote address.
+	//
+	// This field is deprecated. Add a
+	// :ref:`PROXY protocol listener filter <config_listener_filters_proxy_protocol>`
+	// explicitly instead.
+	//
+	// Deprecated: Do not use.
+	UseProxyProto *wrappers.BoolValue `protobuf:"bytes,4,opt,name=use_proxy_proto,json=useProxyProto,proto3" json:"use_proxy_proto,omitempty"`
+	// [#not-implemented-hide:] filter chain metadata.
+	Metadata *v3.Metadata `protobuf:"bytes,5,opt,name=metadata,proto3" json:"metadata,omitempty"`
+	// Optional custom transport socket implementation to use for downstream connections.
+	// To setup TLS, set a transport socket with name `envoy.transport_sockets.tls` and
+	// :ref:`DownstreamTlsContext <envoy_v3_api_msg_extensions.transport_sockets.tls.v3.DownstreamTlsContext>` in the `typed_config`.
+	// If no transport socket configuration is specified, new connections
+	// will be set up with plaintext.
+	// [#extension-category: envoy.transport_sockets.downstream]
+	TransportSocket *v3.TransportSocket `protobuf:"bytes,6,opt,name=transport_socket,json=transportSocket,proto3" json:"transport_socket,omitempty"`
+	// If present and nonzero, the amount of time to allow incoming connections to complete any
+	// transport socket negotiations. If this expires before the transport reports connection
+	// establishment, the connection is summarily closed.
+	TransportSocketConnectTimeout *duration.Duration `protobuf:"bytes,9,opt,name=transport_socket_connect_timeout,json=transportSocketConnectTimeout,proto3" json:"transport_socket_connect_timeout,omitempty"`
+	// [#not-implemented-hide:] The unique name (or empty) by which this filter chain is known. If no
+	// name is provided, Envoy will allocate an internal UUID for the filter chain. If the filter
+	// chain is to be dynamically updated or removed via FCDS a unique name must be provided.
+	Name string `protobuf:"bytes,7,opt,name=name,proto3" json:"name,omitempty"`
+	// [#not-implemented-hide:] The configuration to specify whether the filter chain will be built on-demand.
+	// If this field is not empty, the filter chain will be built on-demand.
+	// Otherwise, the filter chain will be built normally and block listener warming.
+	OnDemandConfiguration *FilterChain_OnDemandConfiguration `protobuf:"bytes,8,opt,name=on_demand_configuration,json=onDemandConfiguration,proto3" json:"on_demand_configuration,omitempty"`
+}
+
+func (x *FilterChain) Reset() {
+	*x = FilterChain{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_config_listener_v3_listener_components_proto_msgTypes[2]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *FilterChain) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*FilterChain) ProtoMessage() {}
+
+func (x *FilterChain) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_config_listener_v3_listener_components_proto_msgTypes[2]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use FilterChain.ProtoReflect.Descriptor instead.
+func (*FilterChain) Descriptor() ([]byte, []int) {
+	return file_envoy_config_listener_v3_listener_components_proto_rawDescGZIP(), []int{2}
+}
+
+func (x *FilterChain) GetFilterChainMatch() *FilterChainMatch {
+	if x != nil {
+		return x.FilterChainMatch
+	}
+	return nil
+}
+
+func (x *FilterChain) GetFilters() []*Filter {
+	if x != nil {
+		return x.Filters
+	}
+	return nil
+}
+
+// Deprecated: Do not use.
+func (x *FilterChain) GetUseProxyProto() *wrappers.BoolValue {
+	if x != nil {
+		return x.UseProxyProto
+	}
+	return nil
+}
+
+func (x *FilterChain) GetMetadata() *v3.Metadata {
+	if x != nil {
+		return x.Metadata
+	}
+	return nil
+}
+
+func (x *FilterChain) GetTransportSocket() *v3.TransportSocket {
+	if x != nil {
+		return x.TransportSocket
+	}
+	return nil
+}
+
+func (x *FilterChain) GetTransportSocketConnectTimeout() *duration.Duration {
+	if x != nil {
+		return x.TransportSocketConnectTimeout
+	}
+	return nil
+}
+
+func (x *FilterChain) GetName() string {
+	if x != nil {
+		return x.Name
+	}
+	return ""
+}
+
+func (x *FilterChain) GetOnDemandConfiguration() *FilterChain_OnDemandConfiguration {
+	if x != nil {
+		return x.OnDemandConfiguration
+	}
+	return nil
+}
+
+// Listener filter chain match configuration. This is a recursive structure which allows complex
+// nested match configurations to be built using various logical operators.
+//
+// Examples:
+//
+// * Matches if the destination port is 3306.
+//
+// .. code-block:: yaml
+//
+//  destination_port_range:
+//   start: 3306
+//   end: 3307
+//
+// * Matches if the destination port is 3306 or 15000.
+//
+// .. code-block:: yaml
+//
+//  or_match:
+//    rules:
+//      - destination_port_range:
+//          start: 3306
+//          end: 3307
+//      - destination_port_range:
+//          start: 15000
+//          end: 15001
+//
+// [#next-free-field: 6]
+type ListenerFilterChainMatchPredicate struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// Types that are assignable to Rule:
+	//	*ListenerFilterChainMatchPredicate_OrMatch
+	//	*ListenerFilterChainMatchPredicate_AndMatch
+	//	*ListenerFilterChainMatchPredicate_NotMatch
+	//	*ListenerFilterChainMatchPredicate_AnyMatch
+	//	*ListenerFilterChainMatchPredicate_DestinationPortRange
+	Rule isListenerFilterChainMatchPredicate_Rule `protobuf_oneof:"rule"`
+}
+
+func (x *ListenerFilterChainMatchPredicate) Reset() {
+	*x = ListenerFilterChainMatchPredicate{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_config_listener_v3_listener_components_proto_msgTypes[3]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *ListenerFilterChainMatchPredicate) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*ListenerFilterChainMatchPredicate) ProtoMessage() {}
+
+func (x *ListenerFilterChainMatchPredicate) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_config_listener_v3_listener_components_proto_msgTypes[3]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use ListenerFilterChainMatchPredicate.ProtoReflect.Descriptor instead.
+func (*ListenerFilterChainMatchPredicate) Descriptor() ([]byte, []int) {
+	return file_envoy_config_listener_v3_listener_components_proto_rawDescGZIP(), []int{3}
+}
+
+func (m *ListenerFilterChainMatchPredicate) GetRule() isListenerFilterChainMatchPredicate_Rule {
+	if m != nil {
+		return m.Rule
+	}
+	return nil
+}
+
+func (x *ListenerFilterChainMatchPredicate) GetOrMatch() *ListenerFilterChainMatchPredicate_MatchSet {
+	if x, ok := x.GetRule().(*ListenerFilterChainMatchPredicate_OrMatch); ok {
+		return x.OrMatch
+	}
+	return nil
+}
+
+func (x *ListenerFilterChainMatchPredicate) GetAndMatch() *ListenerFilterChainMatchPredicate_MatchSet {
+	if x, ok := x.GetRule().(*ListenerFilterChainMatchPredicate_AndMatch); ok {
+		return x.AndMatch
+	}
+	return nil
+}
+
+func (x *ListenerFilterChainMatchPredicate) GetNotMatch() *ListenerFilterChainMatchPredicate {
+	if x, ok := x.GetRule().(*ListenerFilterChainMatchPredicate_NotMatch); ok {
+		return x.NotMatch
+	}
+	return nil
+}
+
+func (x *ListenerFilterChainMatchPredicate) GetAnyMatch() bool {
+	if x, ok := x.GetRule().(*ListenerFilterChainMatchPredicate_AnyMatch); ok {
+		return x.AnyMatch
+	}
+	return false
+}
+
+func (x *ListenerFilterChainMatchPredicate) GetDestinationPortRange() *v31.Int32Range {
+	if x, ok := x.GetRule().(*ListenerFilterChainMatchPredicate_DestinationPortRange); ok {
+		return x.DestinationPortRange
+	}
+	return nil
+}
+
+type isListenerFilterChainMatchPredicate_Rule interface {
+	isListenerFilterChainMatchPredicate_Rule()
+}
+
+type ListenerFilterChainMatchPredicate_OrMatch struct {
+	// A set that describes a logical OR. If any member of the set matches, the match configuration
+	// matches.
+	OrMatch *ListenerFilterChainMatchPredicate_MatchSet `protobuf:"bytes,1,opt,name=or_match,json=orMatch,proto3,oneof"`
+}
+
+type ListenerFilterChainMatchPredicate_AndMatch struct {
+	// A set that describes a logical AND. If all members of the set match, the match configuration
+	// matches.
+	AndMatch *ListenerFilterChainMatchPredicate_MatchSet `protobuf:"bytes,2,opt,name=and_match,json=andMatch,proto3,oneof"`
+}
+
+type ListenerFilterChainMatchPredicate_NotMatch struct {
+	// A negation match. The match configuration will match if the negated match condition matches.
+	NotMatch *ListenerFilterChainMatchPredicate `protobuf:"bytes,3,opt,name=not_match,json=notMatch,proto3,oneof"`
+}
+
+type ListenerFilterChainMatchPredicate_AnyMatch struct {
+	// The match configuration will always match.
+	AnyMatch bool `protobuf:"varint,4,opt,name=any_match,json=anyMatch,proto3,oneof"`
+}
+
+type ListenerFilterChainMatchPredicate_DestinationPortRange struct {
+	// Match destination port. Particularly, the match evaluation must use the recovered local port if
+	// the owning listener filter is after :ref:`an original_dst listener filter <config_listener_filters_original_dst>`.
+	DestinationPortRange *v31.Int32Range `protobuf:"bytes,5,opt,name=destination_port_range,json=destinationPortRange,proto3,oneof"`
+}
+
+func (*ListenerFilterChainMatchPredicate_OrMatch) isListenerFilterChainMatchPredicate_Rule() {}
+
+func (*ListenerFilterChainMatchPredicate_AndMatch) isListenerFilterChainMatchPredicate_Rule() {}
+
+func (*ListenerFilterChainMatchPredicate_NotMatch) isListenerFilterChainMatchPredicate_Rule() {}
+
+func (*ListenerFilterChainMatchPredicate_AnyMatch) isListenerFilterChainMatchPredicate_Rule() {}
+
+func (*ListenerFilterChainMatchPredicate_DestinationPortRange) isListenerFilterChainMatchPredicate_Rule() {
+}
+
+type ListenerFilter struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// The name of the filter to instantiate. The name must match a
+	// :ref:`supported filter <config_listener_filters>`.
+	Name string `protobuf:"bytes,1,opt,name=name,proto3" json:"name,omitempty"`
+	// Types that are assignable to ConfigType:
+	//	*ListenerFilter_TypedConfig
+	ConfigType isListenerFilter_ConfigType `protobuf_oneof:"config_type"`
+	// Optional match predicate used to disable the filter. The filter is enabled when this field is empty.
+	// See :ref:`ListenerFilterChainMatchPredicate <envoy_v3_api_msg_config.listener.v3.ListenerFilterChainMatchPredicate>`
+	// for further examples.
+	FilterDisabled *ListenerFilterChainMatchPredicate `protobuf:"bytes,4,opt,name=filter_disabled,json=filterDisabled,proto3" json:"filter_disabled,omitempty"`
+}
+
+func (x *ListenerFilter) Reset() {
+	*x = ListenerFilter{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_config_listener_v3_listener_components_proto_msgTypes[4]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *ListenerFilter) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*ListenerFilter) ProtoMessage() {}
+
+func (x *ListenerFilter) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_config_listener_v3_listener_components_proto_msgTypes[4]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use ListenerFilter.ProtoReflect.Descriptor instead.
+func (*ListenerFilter) Descriptor() ([]byte, []int) {
+	return file_envoy_config_listener_v3_listener_components_proto_rawDescGZIP(), []int{4}
+}
+
+func (x *ListenerFilter) GetName() string {
+	if x != nil {
+		return x.Name
+	}
+	return ""
+}
+
+func (m *ListenerFilter) GetConfigType() isListenerFilter_ConfigType {
+	if m != nil {
+		return m.ConfigType
+	}
+	return nil
+}
+
+func (x *ListenerFilter) GetTypedConfig() *any.Any {
+	if x, ok := x.GetConfigType().(*ListenerFilter_TypedConfig); ok {
+		return x.TypedConfig
+	}
+	return nil
+}
+
+func (x *ListenerFilter) GetFilterDisabled() *ListenerFilterChainMatchPredicate {
+	if x != nil {
+		return x.FilterDisabled
+	}
+	return nil
+}
+
+type isListenerFilter_ConfigType interface {
+	isListenerFilter_ConfigType()
+}
+
+type ListenerFilter_TypedConfig struct {
+	// Filter specific configuration which depends on the filter being
+	// instantiated. See the supported filters for further documentation.
+	// [#extension-category: envoy.filters.listener,envoy.filters.udp_listener]
+	TypedConfig *any.Any `protobuf:"bytes,3,opt,name=typed_config,json=typedConfig,proto3,oneof"`
+}
+
+func (*ListenerFilter_TypedConfig) isListenerFilter_ConfigType() {}
+
+// The configuration for on-demand filter chain. If this field is not empty in FilterChain message,
+// a filter chain will be built on-demand.
+// On-demand filter chains help speedup the warming up of listeners since the building and initialization of
+// an on-demand filter chain will be postponed to the arrival of new connection requests that require this filter chain.
+// Filter chains that are not often used can be set as on-demand.
+type FilterChain_OnDemandConfiguration struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// The timeout to wait for filter chain placeholders to complete rebuilding.
+	// 1. If this field is set to 0, timeout is disabled.
+	// 2. If not specified, a default timeout of 15s is used.
+	// Rebuilding will wait until dependencies are ready, have failed, or this timeout is reached.
+	// Upon failure or timeout, all connections related to this filter chain will be closed.
+	// Rebuilding will start again on the next new connection.
+	RebuildTimeout *duration.Duration `protobuf:"bytes,1,opt,name=rebuild_timeout,json=rebuildTimeout,proto3" json:"rebuild_timeout,omitempty"`
+}
+
+func (x *FilterChain_OnDemandConfiguration) Reset() {
+	*x = FilterChain_OnDemandConfiguration{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_config_listener_v3_listener_components_proto_msgTypes[5]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *FilterChain_OnDemandConfiguration) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*FilterChain_OnDemandConfiguration) ProtoMessage() {}
+
+func (x *FilterChain_OnDemandConfiguration) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_config_listener_v3_listener_components_proto_msgTypes[5]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use FilterChain_OnDemandConfiguration.ProtoReflect.Descriptor instead.
+func (*FilterChain_OnDemandConfiguration) Descriptor() ([]byte, []int) {
+	return file_envoy_config_listener_v3_listener_components_proto_rawDescGZIP(), []int{2, 0}
+}
+
+func (x *FilterChain_OnDemandConfiguration) GetRebuildTimeout() *duration.Duration {
+	if x != nil {
+		return x.RebuildTimeout
+	}
+	return nil
+}
+
+// A set of match configurations used for logical operations.
+type ListenerFilterChainMatchPredicate_MatchSet struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// The list of rules that make up the set.
+	Rules []*ListenerFilterChainMatchPredicate `protobuf:"bytes,1,rep,name=rules,proto3" json:"rules,omitempty"`
+}
+
+func (x *ListenerFilterChainMatchPredicate_MatchSet) Reset() {
+	*x = ListenerFilterChainMatchPredicate_MatchSet{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_config_listener_v3_listener_components_proto_msgTypes[6]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *ListenerFilterChainMatchPredicate_MatchSet) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*ListenerFilterChainMatchPredicate_MatchSet) ProtoMessage() {}
+
+func (x *ListenerFilterChainMatchPredicate_MatchSet) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_config_listener_v3_listener_components_proto_msgTypes[6]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use ListenerFilterChainMatchPredicate_MatchSet.ProtoReflect.Descriptor instead.
+func (*ListenerFilterChainMatchPredicate_MatchSet) Descriptor() ([]byte, []int) {
+	return file_envoy_config_listener_v3_listener_components_proto_rawDescGZIP(), []int{3, 0}
+}
+
+func (x *ListenerFilterChainMatchPredicate_MatchSet) GetRules() []*ListenerFilterChainMatchPredicate {
+	if x != nil {
+		return x.Rules
+	}
+	return nil
+}
+
+var File_envoy_config_listener_v3_listener_components_proto protoreflect.FileDescriptor
+
+var file_envoy_config_listener_v3_listener_components_proto_rawDesc = []byte{
+	0x0a, 0x32, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2f, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2f, 0x6c,
+	0x69, 0x73, 0x74, 0x65, 0x6e, 0x65, 0x72, 0x2f, 0x76, 0x33, 0x2f, 0x6c, 0x69, 0x73, 0x74, 0x65,
+	0x6e, 0x65, 0x72, 0x5f, 0x63, 0x6f, 0x6d, 0x70, 0x6f, 0x6e, 0x65, 0x6e, 0x74, 0x73, 0x2e, 0x70,
+	0x72, 0x6f, 0x74, 0x6f, 0x12, 0x18, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66,
+	0x69, 0x67, 0x2e, 0x6c, 0x69, 0x73, 0x74, 0x65, 0x6e, 0x65, 0x72, 0x2e, 0x76, 0x33, 0x1a, 0x22,
+	0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2f, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2f, 0x63, 0x6f, 0x72,
+	0x65, 0x2f, 0x76, 0x33, 0x2f, 0x61, 0x64, 0x64, 0x72, 0x65, 0x73, 0x73, 0x2e, 0x70, 0x72, 0x6f,
+	0x74, 0x6f, 0x1a, 0x1f, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2f, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67,
+	0x2f, 0x63, 0x6f, 0x72, 0x65, 0x2f, 0x76, 0x33, 0x2f, 0x62, 0x61, 0x73, 0x65, 0x2e, 0x70, 0x72,
+	0x6f, 0x74, 0x6f, 0x1a, 0x24, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2f, 0x63, 0x6f, 0x6e, 0x66, 0x69,
+	0x67, 0x2f, 0x63, 0x6f, 0x72, 0x65, 0x2f, 0x76, 0x33, 0x2f, 0x65, 0x78, 0x74, 0x65, 0x6e, 0x73,
+	0x69, 0x6f, 0x6e, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x19, 0x65, 0x6e, 0x76, 0x6f, 0x79,
+	0x2f, 0x74, 0x79, 0x70, 0x65, 0x2f, 0x76, 0x33, 0x2f, 0x72, 0x61, 0x6e, 0x67, 0x65, 0x2e, 0x70,
+	0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x19, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2f, 0x70, 0x72, 0x6f,
+	0x74, 0x6f, 0x62, 0x75, 0x66, 0x2f, 0x61, 0x6e, 0x79, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a,
+	0x1e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2f, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66,
+	0x2f, 0x64, 0x75, 0x72, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a,
+	0x1e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2f, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66,
+	0x2f, 0x77, 0x72, 0x61, 0x70, 0x70, 0x65, 0x72, 0x73, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a,
+	0x23, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2f, 0x61, 0x6e, 0x6e, 0x6f, 0x74, 0x61, 0x74, 0x69, 0x6f,
+	0x6e, 0x73, 0x2f, 0x64, 0x65, 0x70, 0x72, 0x65, 0x63, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x2e, 0x70,
+	0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x1d, 0x75, 0x64, 0x70, 0x61, 0x2f, 0x61, 0x6e, 0x6e, 0x6f, 0x74,
+	0x61, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x2f, 0x73, 0x74, 0x61, 0x74, 0x75, 0x73, 0x2e, 0x70, 0x72,
+	0x6f, 0x74, 0x6f, 0x1a, 0x21, 0x75, 0x64, 0x70, 0x61, 0x2f, 0x61, 0x6e, 0x6e, 0x6f, 0x74, 0x61,
+	0x74, 0x69, 0x6f, 0x6e, 0x73, 0x2f, 0x76, 0x65, 0x72, 0x73, 0x69, 0x6f, 0x6e, 0x69, 0x6e, 0x67,
+	0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x17, 0x76, 0x61, 0x6c, 0x69, 0x64, 0x61, 0x74, 0x65,
+	0x2f, 0x76, 0x61, 0x6c, 0x69, 0x64, 0x61, 0x74, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x22,
+	0x82, 0x02, 0x0a, 0x06, 0x46, 0x69, 0x6c, 0x74, 0x65, 0x72, 0x12, 0x1b, 0x0a, 0x04, 0x6e, 0x61,
+	0x6d, 0x65, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x42, 0x07, 0xfa, 0x42, 0x04, 0x72, 0x02, 0x10,
+	0x01, 0x52, 0x04, 0x6e, 0x61, 0x6d, 0x65, 0x12, 0x39, 0x0a, 0x0c, 0x74, 0x79, 0x70, 0x65, 0x64,
+	0x5f, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x18, 0x04, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x14, 0x2e,
+	0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e,
+	0x41, 0x6e, 0x79, 0x48, 0x00, 0x52, 0x0b, 0x74, 0x79, 0x70, 0x65, 0x64, 0x43, 0x6f, 0x6e, 0x66,
+	0x69, 0x67, 0x12, 0x58, 0x0a, 0x10, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x5f, 0x64, 0x69, 0x73,
+	0x63, 0x6f, 0x76, 0x65, 0x72, 0x79, 0x18, 0x05, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x2b, 0x2e, 0x65,
+	0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x63, 0x6f, 0x72, 0x65,
+	0x2e, 0x76, 0x33, 0x2e, 0x45, 0x78, 0x74, 0x65, 0x6e, 0x73, 0x69, 0x6f, 0x6e, 0x43, 0x6f, 0x6e,
+	0x66, 0x69, 0x67, 0x53, 0x6f, 0x75, 0x72, 0x63, 0x65, 0x48, 0x00, 0x52, 0x0f, 0x63, 0x6f, 0x6e,
+	0x66, 0x69, 0x67, 0x44, 0x69, 0x73, 0x63, 0x6f, 0x76, 0x65, 0x72, 0x79, 0x3a, 0x23, 0x9a, 0xc5,
+	0x88, 0x1e, 0x1e, 0x0a, 0x1c, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x76,
+	0x32, 0x2e, 0x6c, 0x69, 0x73, 0x74, 0x65, 0x6e, 0x65, 0x72, 0x2e, 0x46, 0x69, 0x6c, 0x74, 0x65,
+	0x72, 0x42, 0x0d, 0x0a, 0x0b, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x5f, 0x74, 0x79, 0x70, 0x65,
+	0x4a, 0x04, 0x08, 0x03, 0x10, 0x04, 0x4a, 0x04, 0x08, 0x02, 0x10, 0x03, 0x52, 0x06, 0x63, 0x6f,
+	0x6e, 0x66, 0x69, 0x67, 0x22, 0xea, 0x06, 0x0a, 0x10, 0x46, 0x69, 0x6c, 0x74, 0x65, 0x72, 0x43,
+	0x68, 0x61, 0x69, 0x6e, 0x4d, 0x61, 0x74, 0x63, 0x68, 0x12, 0x54, 0x0a, 0x10, 0x64, 0x65, 0x73,
+	0x74, 0x69, 0x6e, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x5f, 0x70, 0x6f, 0x72, 0x74, 0x18, 0x08, 0x20,
+	0x01, 0x28, 0x0b, 0x32, 0x1c, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f,
+	0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x55, 0x49, 0x6e, 0x74, 0x33, 0x32, 0x56, 0x61, 0x6c, 0x75,
+	0x65, 0x42, 0x0b, 0xfa, 0x42, 0x08, 0x2a, 0x06, 0x18, 0xff, 0xff, 0x03, 0x28, 0x01, 0x52, 0x0f,
+	0x64, 0x65, 0x73, 0x74, 0x69, 0x6e, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x50, 0x6f, 0x72, 0x74, 0x12,
+	0x44, 0x0a, 0x0d, 0x70, 0x72, 0x65, 0x66, 0x69, 0x78, 0x5f, 0x72, 0x61, 0x6e, 0x67, 0x65, 0x73,
+	0x18, 0x03, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x1f, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63,
+	0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x63, 0x6f, 0x72, 0x65, 0x2e, 0x76, 0x33, 0x2e, 0x43, 0x69,
+	0x64, 0x72, 0x52, 0x61, 0x6e, 0x67, 0x65, 0x52, 0x0c, 0x70, 0x72, 0x65, 0x66, 0x69, 0x78, 0x52,
+	0x61, 0x6e, 0x67, 0x65, 0x73, 0x12, 0x25, 0x0a, 0x0e, 0x61, 0x64, 0x64, 0x72, 0x65, 0x73, 0x73,
+	0x5f, 0x73, 0x75, 0x66, 0x66, 0x69, 0x78, 0x18, 0x04, 0x20, 0x01, 0x28, 0x09, 0x52, 0x0d, 0x61,
+	0x64, 0x64, 0x72, 0x65, 0x73, 0x73, 0x53, 0x75, 0x66, 0x66, 0x69, 0x78, 0x12, 0x3b, 0x0a, 0x0a,
+	0x73, 0x75, 0x66, 0x66, 0x69, 0x78, 0x5f, 0x6c, 0x65, 0x6e, 0x18, 0x05, 0x20, 0x01, 0x28, 0x0b,
+	0x32, 0x1c, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62,
+	0x75, 0x66, 0x2e, 0x55, 0x49, 0x6e, 0x74, 0x33, 0x32, 0x56, 0x61, 0x6c, 0x75, 0x65, 0x52, 0x09,
+	0x73, 0x75, 0x66, 0x66, 0x69, 0x78, 0x4c, 0x65, 0x6e, 0x12, 0x5e, 0x0a, 0x1b, 0x64, 0x69, 0x72,
+	0x65, 0x63, 0x74, 0x5f, 0x73, 0x6f, 0x75, 0x72, 0x63, 0x65, 0x5f, 0x70, 0x72, 0x65, 0x66, 0x69,
+	0x78, 0x5f, 0x72, 0x61, 0x6e, 0x67, 0x65, 0x73, 0x18, 0x0d, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x1f,
+	0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x63, 0x6f,
+	0x72, 0x65, 0x2e, 0x76, 0x33, 0x2e, 0x43, 0x69, 0x64, 0x72, 0x52, 0x61, 0x6e, 0x67, 0x65, 0x52,
+	0x18, 0x64, 0x69, 0x72, 0x65, 0x63, 0x74, 0x53, 0x6f, 0x75, 0x72, 0x63, 0x65, 0x50, 0x72, 0x65,
+	0x66, 0x69, 0x78, 0x52, 0x61, 0x6e, 0x67, 0x65, 0x73, 0x12, 0x6a, 0x0a, 0x0b, 0x73, 0x6f, 0x75,
+	0x72, 0x63, 0x65, 0x5f, 0x74, 0x79, 0x70, 0x65, 0x18, 0x0c, 0x20, 0x01, 0x28, 0x0e, 0x32, 0x3f,
+	0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x6c, 0x69,
+	0x73, 0x74, 0x65, 0x6e, 0x65, 0x72, 0x2e, 0x76, 0x33, 0x2e, 0x46, 0x69, 0x6c, 0x74, 0x65, 0x72,
+	0x43, 0x68, 0x61, 0x69, 0x6e, 0x4d, 0x61, 0x74, 0x63, 0x68, 0x2e, 0x43, 0x6f, 0x6e, 0x6e, 0x65,
+	0x63, 0x74, 0x69, 0x6f, 0x6e, 0x53, 0x6f, 0x75, 0x72, 0x63, 0x65, 0x54, 0x79, 0x70, 0x65, 0x42,
+	0x08, 0xfa, 0x42, 0x05, 0x82, 0x01, 0x02, 0x10, 0x01, 0x52, 0x0a, 0x73, 0x6f, 0x75, 0x72, 0x63,
+	0x65, 0x54, 0x79, 0x70, 0x65, 0x12, 0x51, 0x0a, 0x14, 0x73, 0x6f, 0x75, 0x72, 0x63, 0x65, 0x5f,
+	0x70, 0x72, 0x65, 0x66, 0x69, 0x78, 0x5f, 0x72, 0x61, 0x6e, 0x67, 0x65, 0x73, 0x18, 0x06, 0x20,
+	0x03, 0x28, 0x0b, 0x32, 0x1f, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66,
+	0x69, 0x67, 0x2e, 0x63, 0x6f, 0x72, 0x65, 0x2e, 0x76, 0x33, 0x2e, 0x43, 0x69, 0x64, 0x72, 0x52,
+	0x61, 0x6e, 0x67, 0x65, 0x52, 0x12, 0x73, 0x6f, 0x75, 0x72, 0x63, 0x65, 0x50, 0x72, 0x65, 0x66,
+	0x69, 0x78, 0x52, 0x61, 0x6e, 0x67, 0x65, 0x73, 0x12, 0x33, 0x0a, 0x0c, 0x73, 0x6f, 0x75, 0x72,
+	0x63, 0x65, 0x5f, 0x70, 0x6f, 0x72, 0x74, 0x73, 0x18, 0x07, 0x20, 0x03, 0x28, 0x0d, 0x42, 0x10,
+	0xfa, 0x42, 0x0d, 0x92, 0x01, 0x0a, 0x22, 0x08, 0x2a, 0x06, 0x18, 0xff, 0xff, 0x03, 0x28, 0x01,
+	0x52, 0x0b, 0x73, 0x6f, 0x75, 0x72, 0x63, 0x65, 0x50, 0x6f, 0x72, 0x74, 0x73, 0x12, 0x21, 0x0a,
+	0x0c, 0x73, 0x65, 0x72, 0x76, 0x65, 0x72, 0x5f, 0x6e, 0x61, 0x6d, 0x65, 0x73, 0x18, 0x0b, 0x20,
+	0x03, 0x28, 0x09, 0x52, 0x0b, 0x73, 0x65, 0x72, 0x76, 0x65, 0x72, 0x4e, 0x61, 0x6d, 0x65, 0x73,
+	0x12, 0x2d, 0x0a, 0x12, 0x74, 0x72, 0x61, 0x6e, 0x73, 0x70, 0x6f, 0x72, 0x74, 0x5f, 0x70, 0x72,
+	0x6f, 0x74, 0x6f, 0x63, 0x6f, 0x6c, 0x18, 0x09, 0x20, 0x01, 0x28, 0x09, 0x52, 0x11, 0x74, 0x72,
+	0x61, 0x6e, 0x73, 0x70, 0x6f, 0x72, 0x74, 0x50, 0x72, 0x6f, 0x74, 0x6f, 0x63, 0x6f, 0x6c, 0x12,
+	0x33, 0x0a, 0x15, 0x61, 0x70, 0x70, 0x6c, 0x69, 0x63, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x5f, 0x70,
+	0x72, 0x6f, 0x74, 0x6f, 0x63, 0x6f, 0x6c, 0x73, 0x18, 0x0a, 0x20, 0x03, 0x28, 0x09, 0x52, 0x14,
+	0x61, 0x70, 0x70, 0x6c, 0x69, 0x63, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x50, 0x72, 0x6f, 0x74, 0x6f,
+	0x63, 0x6f, 0x6c, 0x73, 0x22, 0x46, 0x0a, 0x14, 0x43, 0x6f, 0x6e, 0x6e, 0x65, 0x63, 0x74, 0x69,
+	0x6f, 0x6e, 0x53, 0x6f, 0x75, 0x72, 0x63, 0x65, 0x54, 0x79, 0x70, 0x65, 0x12, 0x07, 0x0a, 0x03,
+	0x41, 0x4e, 0x59, 0x10, 0x00, 0x12, 0x17, 0x0a, 0x13, 0x53, 0x41, 0x4d, 0x45, 0x5f, 0x49, 0x50,
+	0x5f, 0x4f, 0x52, 0x5f, 0x4c, 0x4f, 0x4f, 0x50, 0x42, 0x41, 0x43, 0x4b, 0x10, 0x01, 0x12, 0x0c,
+	0x0a, 0x08, 0x45, 0x58, 0x54, 0x45, 0x52, 0x4e, 0x41, 0x4c, 0x10, 0x02, 0x3a, 0x2d, 0x9a, 0xc5,
+	0x88, 0x1e, 0x28, 0x0a, 0x26, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x76,
+	0x32, 0x2e, 0x6c, 0x69, 0x73, 0x74, 0x65, 0x6e, 0x65, 0x72, 0x2e, 0x46, 0x69, 0x6c, 0x74, 0x65,
+	0x72, 0x43, 0x68, 0x61, 0x69, 0x6e, 0x4d, 0x61, 0x74, 0x63, 0x68, 0x4a, 0x04, 0x08, 0x01, 0x10,
+	0x02, 0x22, 0x89, 0x06, 0x0a, 0x0b, 0x46, 0x69, 0x6c, 0x74, 0x65, 0x72, 0x43, 0x68, 0x61, 0x69,
+	0x6e, 0x12, 0x58, 0x0a, 0x12, 0x66, 0x69, 0x6c, 0x74, 0x65, 0x72, 0x5f, 0x63, 0x68, 0x61, 0x69,
+	0x6e, 0x5f, 0x6d, 0x61, 0x74, 0x63, 0x68, 0x18, 0x01, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x2a, 0x2e,
+	0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x6c, 0x69, 0x73,
+	0x74, 0x65, 0x6e, 0x65, 0x72, 0x2e, 0x76, 0x33, 0x2e, 0x46, 0x69, 0x6c, 0x74, 0x65, 0x72, 0x43,
+	0x68, 0x61, 0x69, 0x6e, 0x4d, 0x61, 0x74, 0x63, 0x68, 0x52, 0x10, 0x66, 0x69, 0x6c, 0x74, 0x65,
+	0x72, 0x43, 0x68, 0x61, 0x69, 0x6e, 0x4d, 0x61, 0x74, 0x63, 0x68, 0x12, 0x3a, 0x0a, 0x07, 0x66,
+	0x69, 0x6c, 0x74, 0x65, 0x72, 0x73, 0x18, 0x03, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x20, 0x2e, 0x65,
+	0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x6c, 0x69, 0x73, 0x74,
+	0x65, 0x6e, 0x65, 0x72, 0x2e, 0x76, 0x33, 0x2e, 0x46, 0x69, 0x6c, 0x74, 0x65, 0x72, 0x52, 0x07,
+	0x66, 0x69, 0x6c, 0x74, 0x65, 0x72, 0x73, 0x12, 0x4f, 0x0a, 0x0f, 0x75, 0x73, 0x65, 0x5f, 0x70,
+	0x72, 0x6f, 0x78, 0x79, 0x5f, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x18, 0x04, 0x20, 0x01, 0x28, 0x0b,
+	0x32, 0x1a, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62,
+	0x75, 0x66, 0x2e, 0x42, 0x6f, 0x6f, 0x6c, 0x56, 0x61, 0x6c, 0x75, 0x65, 0x42, 0x0b, 0x18, 0x01,
+	0x92, 0xc7, 0x86, 0xd8, 0x04, 0x03, 0x33, 0x2e, 0x30, 0x52, 0x0d, 0x75, 0x73, 0x65, 0x50, 0x72,
+	0x6f, 0x78, 0x79, 0x50, 0x72, 0x6f, 0x74, 0x6f, 0x12, 0x3a, 0x0a, 0x08, 0x6d, 0x65, 0x74, 0x61,
+	0x64, 0x61, 0x74, 0x61, 0x18, 0x05, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1e, 0x2e, 0x65, 0x6e, 0x76,
+	0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x63, 0x6f, 0x72, 0x65, 0x2e, 0x76,
+	0x33, 0x2e, 0x4d, 0x65, 0x74, 0x61, 0x64, 0x61, 0x74, 0x61, 0x52, 0x08, 0x6d, 0x65, 0x74, 0x61,
+	0x64, 0x61, 0x74, 0x61, 0x12, 0x50, 0x0a, 0x10, 0x74, 0x72, 0x61, 0x6e, 0x73, 0x70, 0x6f, 0x72,
+	0x74, 0x5f, 0x73, 0x6f, 0x63, 0x6b, 0x65, 0x74, 0x18, 0x06, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x25,
+	0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x63, 0x6f,
+	0x72, 0x65, 0x2e, 0x76, 0x33, 0x2e, 0x54, 0x72, 0x61, 0x6e, 0x73, 0x70, 0x6f, 0x72, 0x74, 0x53,
+	0x6f, 0x63, 0x6b, 0x65, 0x74, 0x52, 0x0f, 0x74, 0x72, 0x61, 0x6e, 0x73, 0x70, 0x6f, 0x72, 0x74,
+	0x53, 0x6f, 0x63, 0x6b, 0x65, 0x74, 0x12, 0x62, 0x0a, 0x20, 0x74, 0x72, 0x61, 0x6e, 0x73, 0x70,
+	0x6f, 0x72, 0x74, 0x5f, 0x73, 0x6f, 0x63, 0x6b, 0x65, 0x74, 0x5f, 0x63, 0x6f, 0x6e, 0x6e, 0x65,
+	0x63, 0x74, 0x5f, 0x74, 0x69, 0x6d, 0x65, 0x6f, 0x75, 0x74, 0x18, 0x09, 0x20, 0x01, 0x28, 0x0b,
+	0x32, 0x19, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62,
+	0x75, 0x66, 0x2e, 0x44, 0x75, 0x72, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x52, 0x1d, 0x74, 0x72, 0x61,
+	0x6e, 0x73, 0x70, 0x6f, 0x72, 0x74, 0x53, 0x6f, 0x63, 0x6b, 0x65, 0x74, 0x43, 0x6f, 0x6e, 0x6e,
+	0x65, 0x63, 0x74, 0x54, 0x69, 0x6d, 0x65, 0x6f, 0x75, 0x74, 0x12, 0x12, 0x0a, 0x04, 0x6e, 0x61,
+	0x6d, 0x65, 0x18, 0x07, 0x20, 0x01, 0x28, 0x09, 0x52, 0x04, 0x6e, 0x61, 0x6d, 0x65, 0x12, 0x73,
+	0x0a, 0x17, 0x6f, 0x6e, 0x5f, 0x64, 0x65, 0x6d, 0x61, 0x6e, 0x64, 0x5f, 0x63, 0x6f, 0x6e, 0x66,
+	0x69, 0x67, 0x75, 0x72, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x18, 0x08, 0x20, 0x01, 0x28, 0x0b, 0x32,
+	0x3b, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x6c,
+	0x69, 0x73, 0x74, 0x65, 0x6e, 0x65, 0x72, 0x2e, 0x76, 0x33, 0x2e, 0x46, 0x69, 0x6c, 0x74, 0x65,
+	0x72, 0x43, 0x68, 0x61, 0x69, 0x6e, 0x2e, 0x4f, 0x6e, 0x44, 0x65, 0x6d, 0x61, 0x6e, 0x64, 0x43,
+	0x6f, 0x6e, 0x66, 0x69, 0x67, 0x75, 0x72, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x52, 0x15, 0x6f, 0x6e,
+	0x44, 0x65, 0x6d, 0x61, 0x6e, 0x64, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x75, 0x72, 0x61, 0x74,
+	0x69, 0x6f, 0x6e, 0x1a, 0x5b, 0x0a, 0x15, 0x4f, 0x6e, 0x44, 0x65, 0x6d, 0x61, 0x6e, 0x64, 0x43,
+	0x6f, 0x6e, 0x66, 0x69, 0x67, 0x75, 0x72, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x12, 0x42, 0x0a, 0x0f,
+	0x72, 0x65, 0x62, 0x75, 0x69, 0x6c, 0x64, 0x5f, 0x74, 0x69, 0x6d, 0x65, 0x6f, 0x75, 0x74, 0x18,
+	0x01, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x19, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70,
+	0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x44, 0x75, 0x72, 0x61, 0x74, 0x69, 0x6f, 0x6e,
+	0x52, 0x0e, 0x72, 0x65, 0x62, 0x75, 0x69, 0x6c, 0x64, 0x54, 0x69, 0x6d, 0x65, 0x6f, 0x75, 0x74,
+	0x3a, 0x28, 0x9a, 0xc5, 0x88, 0x1e, 0x23, 0x0a, 0x21, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61,
+	0x70, 0x69, 0x2e, 0x76, 0x32, 0x2e, 0x6c, 0x69, 0x73, 0x74, 0x65, 0x6e, 0x65, 0x72, 0x2e, 0x46,
+	0x69, 0x6c, 0x74, 0x65, 0x72, 0x43, 0x68, 0x61, 0x69, 0x6e, 0x4a, 0x04, 0x08, 0x02, 0x10, 0x03,
+	0x52, 0x0b, 0x74, 0x6c, 0x73, 0x5f, 0x63, 0x6f, 0x6e, 0x74, 0x65, 0x78, 0x74, 0x22, 0xc2, 0x05,
+	0x0a, 0x21, 0x4c, 0x69, 0x73, 0x74, 0x65, 0x6e, 0x65, 0x72, 0x46, 0x69, 0x6c, 0x74, 0x65, 0x72,
+	0x43, 0x68, 0x61, 0x69, 0x6e, 0x4d, 0x61, 0x74, 0x63, 0x68, 0x50, 0x72, 0x65, 0x64, 0x69, 0x63,
+	0x61, 0x74, 0x65, 0x12, 0x61, 0x0a, 0x08, 0x6f, 0x72, 0x5f, 0x6d, 0x61, 0x74, 0x63, 0x68, 0x18,
+	0x01, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x44, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f,
+	0x6e, 0x66, 0x69, 0x67, 0x2e, 0x6c, 0x69, 0x73, 0x74, 0x65, 0x6e, 0x65, 0x72, 0x2e, 0x76, 0x33,
+	0x2e, 0x4c, 0x69, 0x73, 0x74, 0x65, 0x6e, 0x65, 0x72, 0x46, 0x69, 0x6c, 0x74, 0x65, 0x72, 0x43,
+	0x68, 0x61, 0x69, 0x6e, 0x4d, 0x61, 0x74, 0x63, 0x68, 0x50, 0x72, 0x65, 0x64, 0x69, 0x63, 0x61,
+	0x74, 0x65, 0x2e, 0x4d, 0x61, 0x74, 0x63, 0x68, 0x53, 0x65, 0x74, 0x48, 0x00, 0x52, 0x07, 0x6f,
+	0x72, 0x4d, 0x61, 0x74, 0x63, 0x68, 0x12, 0x63, 0x0a, 0x09, 0x61, 0x6e, 0x64, 0x5f, 0x6d, 0x61,
+	0x74, 0x63, 0x68, 0x18, 0x02, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x44, 0x2e, 0x65, 0x6e, 0x76, 0x6f,
+	0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x6c, 0x69, 0x73, 0x74, 0x65, 0x6e, 0x65,
+	0x72, 0x2e, 0x76, 0x33, 0x2e, 0x4c, 0x69, 0x73, 0x74, 0x65, 0x6e, 0x65, 0x72, 0x46, 0x69, 0x6c,
+	0x74, 0x65, 0x72, 0x43, 0x68, 0x61, 0x69, 0x6e, 0x4d, 0x61, 0x74, 0x63, 0x68, 0x50, 0x72, 0x65,
+	0x64, 0x69, 0x63, 0x61, 0x74, 0x65, 0x2e, 0x4d, 0x61, 0x74, 0x63, 0x68, 0x53, 0x65, 0x74, 0x48,
+	0x00, 0x52, 0x08, 0x61, 0x6e, 0x64, 0x4d, 0x61, 0x74, 0x63, 0x68, 0x12, 0x5a, 0x0a, 0x09, 0x6e,
+	0x6f, 0x74, 0x5f, 0x6d, 0x61, 0x74, 0x63, 0x68, 0x18, 0x03, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x3b,
+	0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x6c, 0x69,
+	0x73, 0x74, 0x65, 0x6e, 0x65, 0x72, 0x2e, 0x76, 0x33, 0x2e, 0x4c, 0x69, 0x73, 0x74, 0x65, 0x6e,
+	0x65, 0x72, 0x46, 0x69, 0x6c, 0x74, 0x65, 0x72, 0x43, 0x68, 0x61, 0x69, 0x6e, 0x4d, 0x61, 0x74,
+	0x63, 0x68, 0x50, 0x72, 0x65, 0x64, 0x69, 0x63, 0x61, 0x74, 0x65, 0x48, 0x00, 0x52, 0x08, 0x6e,
+	0x6f, 0x74, 0x4d, 0x61, 0x74, 0x63, 0x68, 0x12, 0x26, 0x0a, 0x09, 0x61, 0x6e, 0x79, 0x5f, 0x6d,
+	0x61, 0x74, 0x63, 0x68, 0x18, 0x04, 0x20, 0x01, 0x28, 0x08, 0x42, 0x07, 0xfa, 0x42, 0x04, 0x6a,
+	0x02, 0x08, 0x01, 0x48, 0x00, 0x52, 0x08, 0x61, 0x6e, 0x79, 0x4d, 0x61, 0x74, 0x63, 0x68, 0x12,
+	0x51, 0x0a, 0x16, 0x64, 0x65, 0x73, 0x74, 0x69, 0x6e, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x5f, 0x70,
+	0x6f, 0x72, 0x74, 0x5f, 0x72, 0x61, 0x6e, 0x67, 0x65, 0x18, 0x05, 0x20, 0x01, 0x28, 0x0b, 0x32,
+	0x19, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x74, 0x79, 0x70, 0x65, 0x2e, 0x76, 0x33, 0x2e,
+	0x49, 0x6e, 0x74, 0x33, 0x32, 0x52, 0x61, 0x6e, 0x67, 0x65, 0x48, 0x00, 0x52, 0x14, 0x64, 0x65,
+	0x73, 0x74, 0x69, 0x6e, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x50, 0x6f, 0x72, 0x74, 0x52, 0x61, 0x6e,
+	0x67, 0x65, 0x1a, 0xb0, 0x01, 0x0a, 0x08, 0x4d, 0x61, 0x74, 0x63, 0x68, 0x53, 0x65, 0x74, 0x12,
+	0x5b, 0x0a, 0x05, 0x72, 0x75, 0x6c, 0x65, 0x73, 0x18, 0x01, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x3b,
+	0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x6c, 0x69,
+	0x73, 0x74, 0x65, 0x6e, 0x65, 0x72, 0x2e, 0x76, 0x33, 0x2e, 0x4c, 0x69, 0x73, 0x74, 0x65, 0x6e,
+	0x65, 0x72, 0x46, 0x69, 0x6c, 0x74, 0x65, 0x72, 0x43, 0x68, 0x61, 0x69, 0x6e, 0x4d, 0x61, 0x74,
+	0x63, 0x68, 0x50, 0x72, 0x65, 0x64, 0x69, 0x63, 0x61, 0x74, 0x65, 0x42, 0x08, 0xfa, 0x42, 0x05,
+	0x92, 0x01, 0x02, 0x08, 0x02, 0x52, 0x05, 0x72, 0x75, 0x6c, 0x65, 0x73, 0x3a, 0x47, 0x9a, 0xc5,
+	0x88, 0x1e, 0x42, 0x0a, 0x40, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x76,
+	0x32, 0x2e, 0x6c, 0x69, 0x73, 0x74, 0x65, 0x6e, 0x65, 0x72, 0x2e, 0x4c, 0x69, 0x73, 0x74, 0x65,
+	0x6e, 0x65, 0x72, 0x46, 0x69, 0x6c, 0x74, 0x65, 0x72, 0x43, 0x68, 0x61, 0x69, 0x6e, 0x4d, 0x61,
+	0x74, 0x63, 0x68, 0x50, 0x72, 0x65, 0x64, 0x69, 0x63, 0x61, 0x74, 0x65, 0x2e, 0x4d, 0x61, 0x74,
+	0x63, 0x68, 0x53, 0x65, 0x74, 0x3a, 0x3e, 0x9a, 0xc5, 0x88, 0x1e, 0x39, 0x0a, 0x37, 0x65, 0x6e,
+	0x76, 0x6f, 0x79, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x76, 0x32, 0x2e, 0x6c, 0x69, 0x73, 0x74, 0x65,
+	0x6e, 0x65, 0x72, 0x2e, 0x4c, 0x69, 0x73, 0x74, 0x65, 0x6e, 0x65, 0x72, 0x46, 0x69, 0x6c, 0x74,
+	0x65, 0x72, 0x43, 0x68, 0x61, 0x69, 0x6e, 0x4d, 0x61, 0x74, 0x63, 0x68, 0x50, 0x72, 0x65, 0x64,
+	0x69, 0x63, 0x61, 0x74, 0x65, 0x42, 0x0b, 0x0a, 0x04, 0x72, 0x75, 0x6c, 0x65, 0x12, 0x03, 0xf8,
+	0x42, 0x01, 0x22, 0x98, 0x02, 0x0a, 0x0e, 0x4c, 0x69, 0x73, 0x74, 0x65, 0x6e, 0x65, 0x72, 0x46,
+	0x69, 0x6c, 0x74, 0x65, 0x72, 0x12, 0x1b, 0x0a, 0x04, 0x6e, 0x61, 0x6d, 0x65, 0x18, 0x01, 0x20,
+	0x01, 0x28, 0x09, 0x42, 0x07, 0xfa, 0x42, 0x04, 0x72, 0x02, 0x10, 0x01, 0x52, 0x04, 0x6e, 0x61,
+	0x6d, 0x65, 0x12, 0x39, 0x0a, 0x0c, 0x74, 0x79, 0x70, 0x65, 0x64, 0x5f, 0x63, 0x6f, 0x6e, 0x66,
+	0x69, 0x67, 0x18, 0x03, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x14, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c,
+	0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x41, 0x6e, 0x79, 0x48, 0x00,
+	0x52, 0x0b, 0x74, 0x79, 0x70, 0x65, 0x64, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x12, 0x64, 0x0a,
+	0x0f, 0x66, 0x69, 0x6c, 0x74, 0x65, 0x72, 0x5f, 0x64, 0x69, 0x73, 0x61, 0x62, 0x6c, 0x65, 0x64,
+	0x18, 0x04, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x3b, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63,
+	0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x6c, 0x69, 0x73, 0x74, 0x65, 0x6e, 0x65, 0x72, 0x2e, 0x76,
+	0x33, 0x2e, 0x4c, 0x69, 0x73, 0x74, 0x65, 0x6e, 0x65, 0x72, 0x46, 0x69, 0x6c, 0x74, 0x65, 0x72,
+	0x43, 0x68, 0x61, 0x69, 0x6e, 0x4d, 0x61, 0x74, 0x63, 0x68, 0x50, 0x72, 0x65, 0x64, 0x69, 0x63,
+	0x61, 0x74, 0x65, 0x52, 0x0e, 0x66, 0x69, 0x6c, 0x74, 0x65, 0x72, 0x44, 0x69, 0x73, 0x61, 0x62,
+	0x6c, 0x65, 0x64, 0x3a, 0x2b, 0x9a, 0xc5, 0x88, 0x1e, 0x26, 0x0a, 0x24, 0x65, 0x6e, 0x76, 0x6f,
+	0x79, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x76, 0x32, 0x2e, 0x6c, 0x69, 0x73, 0x74, 0x65, 0x6e, 0x65,
+	0x72, 0x2e, 0x4c, 0x69, 0x73, 0x74, 0x65, 0x6e, 0x65, 0x72, 0x46, 0x69, 0x6c, 0x74, 0x65, 0x72,
+	0x42, 0x0d, 0x0a, 0x0b, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x5f, 0x74, 0x79, 0x70, 0x65, 0x4a,
+	0x04, 0x08, 0x02, 0x10, 0x03, 0x52, 0x06, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x42, 0x4b, 0x0a,
+	0x26, 0x69, 0x6f, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x70, 0x72, 0x6f, 0x78, 0x79, 0x2e, 0x65,
+	0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x6c, 0x69, 0x73, 0x74,
+	0x65, 0x6e, 0x65, 0x72, 0x2e, 0x76, 0x33, 0x42, 0x17, 0x4c, 0x69, 0x73, 0x74, 0x65, 0x6e, 0x65,
+	0x72, 0x43, 0x6f, 0x6d, 0x70, 0x6f, 0x6e, 0x65, 0x6e, 0x74, 0x73, 0x50, 0x72, 0x6f, 0x74, 0x6f,
+	0x50, 0x01, 0xba, 0x80, 0xc8, 0xd1, 0x06, 0x02, 0x10, 0x02, 0x62, 0x06, 0x70, 0x72, 0x6f, 0x74,
+	0x6f, 0x33,
+}
+
+var (
+	file_envoy_config_listener_v3_listener_components_proto_rawDescOnce sync.Once
+	file_envoy_config_listener_v3_listener_components_proto_rawDescData = file_envoy_config_listener_v3_listener_components_proto_rawDesc
+)
+
+func file_envoy_config_listener_v3_listener_components_proto_rawDescGZIP() []byte {
+	file_envoy_config_listener_v3_listener_components_proto_rawDescOnce.Do(func() {
+		file_envoy_config_listener_v3_listener_components_proto_rawDescData = protoimpl.X.CompressGZIP(file_envoy_config_listener_v3_listener_components_proto_rawDescData)
+	})
+	return file_envoy_config_listener_v3_listener_components_proto_rawDescData
+}
+
+var file_envoy_config_listener_v3_listener_components_proto_enumTypes = make([]protoimpl.EnumInfo, 1)
+var file_envoy_config_listener_v3_listener_components_proto_msgTypes = make([]protoimpl.MessageInfo, 7)
+var file_envoy_config_listener_v3_listener_components_proto_goTypes = []interface{}{
+	(FilterChainMatch_ConnectionSourceType)(0), // 0: envoy.config.listener.v3.FilterChainMatch.ConnectionSourceType
+	(*Filter)(nil),                                     // 1: envoy.config.listener.v3.Filter
+	(*FilterChainMatch)(nil),                           // 2: envoy.config.listener.v3.FilterChainMatch
+	(*FilterChain)(nil),                                // 3: envoy.config.listener.v3.FilterChain
+	(*ListenerFilterChainMatchPredicate)(nil),          // 4: envoy.config.listener.v3.ListenerFilterChainMatchPredicate
+	(*ListenerFilter)(nil),                             // 5: envoy.config.listener.v3.ListenerFilter
+	(*FilterChain_OnDemandConfiguration)(nil),          // 6: envoy.config.listener.v3.FilterChain.OnDemandConfiguration
+	(*ListenerFilterChainMatchPredicate_MatchSet)(nil), // 7: envoy.config.listener.v3.ListenerFilterChainMatchPredicate.MatchSet
+	(*any.Any)(nil),                                    // 8: google.protobuf.Any
+	(*v3.ExtensionConfigSource)(nil),                   // 9: envoy.config.core.v3.ExtensionConfigSource
+	(*wrappers.UInt32Value)(nil),                       // 10: google.protobuf.UInt32Value
+	(*v3.CidrRange)(nil),                               // 11: envoy.config.core.v3.CidrRange
+	(*wrappers.BoolValue)(nil),                         // 12: google.protobuf.BoolValue
+	(*v3.Metadata)(nil),                                // 13: envoy.config.core.v3.Metadata
+	(*v3.TransportSocket)(nil),                         // 14: envoy.config.core.v3.TransportSocket
+	(*duration.Duration)(nil),                          // 15: google.protobuf.Duration
+	(*v31.Int32Range)(nil),                             // 16: envoy.type.v3.Int32Range
+}
+var file_envoy_config_listener_v3_listener_components_proto_depIdxs = []int32{
+	8,  // 0: envoy.config.listener.v3.Filter.typed_config:type_name -> google.protobuf.Any
+	9,  // 1: envoy.config.listener.v3.Filter.config_discovery:type_name -> envoy.config.core.v3.ExtensionConfigSource
+	10, // 2: envoy.config.listener.v3.FilterChainMatch.destination_port:type_name -> google.protobuf.UInt32Value
+	11, // 3: envoy.config.listener.v3.FilterChainMatch.prefix_ranges:type_name -> envoy.config.core.v3.CidrRange
+	10, // 4: envoy.config.listener.v3.FilterChainMatch.suffix_len:type_name -> google.protobuf.UInt32Value
+	11, // 5: envoy.config.listener.v3.FilterChainMatch.direct_source_prefix_ranges:type_name -> envoy.config.core.v3.CidrRange
+	0,  // 6: envoy.config.listener.v3.FilterChainMatch.source_type:type_name -> envoy.config.listener.v3.FilterChainMatch.ConnectionSourceType
+	11, // 7: envoy.config.listener.v3.FilterChainMatch.source_prefix_ranges:type_name -> envoy.config.core.v3.CidrRange
+	2,  // 8: envoy.config.listener.v3.FilterChain.filter_chain_match:type_name -> envoy.config.listener.v3.FilterChainMatch
+	1,  // 9: envoy.config.listener.v3.FilterChain.filters:type_name -> envoy.config.listener.v3.Filter
+	12, // 10: envoy.config.listener.v3.FilterChain.use_proxy_proto:type_name -> google.protobuf.BoolValue
+	13, // 11: envoy.config.listener.v3.FilterChain.metadata:type_name -> envoy.config.core.v3.Metadata
+	14, // 12: envoy.config.listener.v3.FilterChain.transport_socket:type_name -> envoy.config.core.v3.TransportSocket
+	15, // 13: envoy.config.listener.v3.FilterChain.transport_socket_connect_timeout:type_name -> google.protobuf.Duration
+	6,  // 14: envoy.config.listener.v3.FilterChain.on_demand_configuration:type_name -> envoy.config.listener.v3.FilterChain.OnDemandConfiguration
+	7,  // 15: envoy.config.listener.v3.ListenerFilterChainMatchPredicate.or_match:type_name -> envoy.config.listener.v3.ListenerFilterChainMatchPredicate.MatchSet
+	7,  // 16: envoy.config.listener.v3.ListenerFilterChainMatchPredicate.and_match:type_name -> envoy.config.listener.v3.ListenerFilterChainMatchPredicate.MatchSet
+	4,  // 17: envoy.config.listener.v3.ListenerFilterChainMatchPredicate.not_match:type_name -> envoy.config.listener.v3.ListenerFilterChainMatchPredicate
+	16, // 18: envoy.config.listener.v3.ListenerFilterChainMatchPredicate.destination_port_range:type_name -> envoy.type.v3.Int32Range
+	8,  // 19: envoy.config.listener.v3.ListenerFilter.typed_config:type_name -> google.protobuf.Any
+	4,  // 20: envoy.config.listener.v3.ListenerFilter.filter_disabled:type_name -> envoy.config.listener.v3.ListenerFilterChainMatchPredicate
+	15, // 21: envoy.config.listener.v3.FilterChain.OnDemandConfiguration.rebuild_timeout:type_name -> google.protobuf.Duration
+	4,  // 22: envoy.config.listener.v3.ListenerFilterChainMatchPredicate.MatchSet.rules:type_name -> envoy.config.listener.v3.ListenerFilterChainMatchPredicate
+	23, // [23:23] is the sub-list for method output_type
+	23, // [23:23] is the sub-list for method input_type
+	23, // [23:23] is the sub-list for extension type_name
+	23, // [23:23] is the sub-list for extension extendee
+	0,  // [0:23] is the sub-list for field type_name
+}
+
+func init() { file_envoy_config_listener_v3_listener_components_proto_init() }
+func file_envoy_config_listener_v3_listener_components_proto_init() {
+	if File_envoy_config_listener_v3_listener_components_proto != nil {
+		return
+	}
+	if !protoimpl.UnsafeEnabled {
+		file_envoy_config_listener_v3_listener_components_proto_msgTypes[0].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*Filter); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_config_listener_v3_listener_components_proto_msgTypes[1].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*FilterChainMatch); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_config_listener_v3_listener_components_proto_msgTypes[2].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*FilterChain); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_config_listener_v3_listener_components_proto_msgTypes[3].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*ListenerFilterChainMatchPredicate); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_config_listener_v3_listener_components_proto_msgTypes[4].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*ListenerFilter); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_config_listener_v3_listener_components_proto_msgTypes[5].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*FilterChain_OnDemandConfiguration); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_config_listener_v3_listener_components_proto_msgTypes[6].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*ListenerFilterChainMatchPredicate_MatchSet); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+	}
+	file_envoy_config_listener_v3_listener_components_proto_msgTypes[0].OneofWrappers = []interface{}{
+		(*Filter_TypedConfig)(nil),
+		(*Filter_ConfigDiscovery)(nil),
+	}
+	file_envoy_config_listener_v3_listener_components_proto_msgTypes[3].OneofWrappers = []interface{}{
+		(*ListenerFilterChainMatchPredicate_OrMatch)(nil),
+		(*ListenerFilterChainMatchPredicate_AndMatch)(nil),
+		(*ListenerFilterChainMatchPredicate_NotMatch)(nil),
+		(*ListenerFilterChainMatchPredicate_AnyMatch)(nil),
+		(*ListenerFilterChainMatchPredicate_DestinationPortRange)(nil),
+	}
+	file_envoy_config_listener_v3_listener_components_proto_msgTypes[4].OneofWrappers = []interface{}{
+		(*ListenerFilter_TypedConfig)(nil),
+	}
+	type x struct{}
+	out := protoimpl.TypeBuilder{
+		File: protoimpl.DescBuilder{
+			GoPackagePath: reflect.TypeOf(x{}).PkgPath(),
+			RawDescriptor: file_envoy_config_listener_v3_listener_components_proto_rawDesc,
+			NumEnums:      1,
+			NumMessages:   7,
+			NumExtensions: 0,
+			NumServices:   0,
+		},
+		GoTypes:           file_envoy_config_listener_v3_listener_components_proto_goTypes,
+		DependencyIndexes: file_envoy_config_listener_v3_listener_components_proto_depIdxs,
+		EnumInfos:         file_envoy_config_listener_v3_listener_components_proto_enumTypes,
+		MessageInfos:      file_envoy_config_listener_v3_listener_components_proto_msgTypes,
+	}.Build()
+	File_envoy_config_listener_v3_listener_components_proto = out.File
+	file_envoy_config_listener_v3_listener_components_proto_rawDesc = nil
+	file_envoy_config_listener_v3_listener_components_proto_goTypes = nil
+	file_envoy_config_listener_v3_listener_components_proto_depIdxs = nil
+}
diff --git a/vendor/github.com/envoyproxy/go-control-plane/envoy/config/listener/v3/listener_components.pb.validate.go b/vendor/github.com/envoyproxy/go-control-plane/envoy/config/listener/v3/listener_components.pb.validate.go
new file mode 100644
index 00000000000..fd0f78c8065
--- /dev/null
+++ b/vendor/github.com/envoyproxy/go-control-plane/envoy/config/listener/v3/listener_components.pb.validate.go
@@ -0,0 +1,1506 @@
+// Code generated by protoc-gen-validate. DO NOT EDIT.
+// source: envoy/config/listener/v3/listener_components.proto
+
+package envoy_config_listener_v3
+
+import (
+	"bytes"
+	"errors"
+	"fmt"
+	"net"
+	"net/mail"
+	"net/url"
+	"regexp"
+	"sort"
+	"strings"
+	"time"
+	"unicode/utf8"
+
+	"google.golang.org/protobuf/types/known/anypb"
+)
+
+// ensure the imports are used
+var (
+	_ = bytes.MinRead
+	_ = errors.New("")
+	_ = fmt.Print
+	_ = utf8.UTFMax
+	_ = (*regexp.Regexp)(nil)
+	_ = (*strings.Reader)(nil)
+	_ = net.IPv4len
+	_ = time.Duration(0)
+	_ = (*url.URL)(nil)
+	_ = (*mail.Address)(nil)
+	_ = anypb.Any{}
+	_ = sort.Sort
+)
+
+// Validate checks the field values on Filter with the rules defined in the
+// proto definition for this message. If any rules are violated, the first
+// error encountered is returned, or nil if there are no violations.
+func (m *Filter) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on Filter with the rules defined in the
+// proto definition for this message. If any rules are violated, the result is
+// a list of violation errors wrapped in FilterMultiError, or nil if none found.
+func (m *Filter) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *Filter) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	if utf8.RuneCountInString(m.GetName()) < 1 {
+		err := FilterValidationError{
+			field:  "Name",
+			reason: "value length must be at least 1 runes",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+	}
+
+	switch m.ConfigType.(type) {
+
+	case *Filter_TypedConfig:
+
+		if all {
+			switch v := interface{}(m.GetTypedConfig()).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, FilterValidationError{
+						field:  "TypedConfig",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, FilterValidationError{
+						field:  "TypedConfig",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(m.GetTypedConfig()).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return FilterValidationError{
+					field:  "TypedConfig",
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	case *Filter_ConfigDiscovery:
+
+		if all {
+			switch v := interface{}(m.GetConfigDiscovery()).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, FilterValidationError{
+						field:  "ConfigDiscovery",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, FilterValidationError{
+						field:  "ConfigDiscovery",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(m.GetConfigDiscovery()).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return FilterValidationError{
+					field:  "ConfigDiscovery",
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	}
+
+	if len(errors) > 0 {
+		return FilterMultiError(errors)
+	}
+	return nil
+}
+
+// FilterMultiError is an error wrapping multiple validation errors returned by
+// Filter.ValidateAll() if the designated constraints aren't met.
+type FilterMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m FilterMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m FilterMultiError) AllErrors() []error { return m }
+
+// FilterValidationError is the validation error returned by Filter.Validate if
+// the designated constraints aren't met.
+type FilterValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e FilterValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e FilterValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e FilterValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e FilterValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e FilterValidationError) ErrorName() string { return "FilterValidationError" }
+
+// Error satisfies the builtin error interface
+func (e FilterValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sFilter.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = FilterValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = FilterValidationError{}
+
+// Validate checks the field values on FilterChainMatch with the rules defined
+// in the proto definition for this message. If any rules are violated, the
+// first error encountered is returned, or nil if there are no violations.
+func (m *FilterChainMatch) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on FilterChainMatch with the rules
+// defined in the proto definition for this message. If any rules are
+// violated, the result is a list of violation errors wrapped in
+// FilterChainMatchMultiError, or nil if none found.
+func (m *FilterChainMatch) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *FilterChainMatch) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	if wrapper := m.GetDestinationPort(); wrapper != nil {
+
+		if val := wrapper.GetValue(); val < 1 || val > 65535 {
+			err := FilterChainMatchValidationError{
+				field:  "DestinationPort",
+				reason: "value must be inside range [1, 65535]",
+			}
+			if !all {
+				return err
+			}
+			errors = append(errors, err)
+		}
+
+	}
+
+	for idx, item := range m.GetPrefixRanges() {
+		_, _ = idx, item
+
+		if all {
+			switch v := interface{}(item).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, FilterChainMatchValidationError{
+						field:  fmt.Sprintf("PrefixRanges[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, FilterChainMatchValidationError{
+						field:  fmt.Sprintf("PrefixRanges[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(item).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return FilterChainMatchValidationError{
+					field:  fmt.Sprintf("PrefixRanges[%v]", idx),
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	}
+
+	// no validation rules for AddressSuffix
+
+	if all {
+		switch v := interface{}(m.GetSuffixLen()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, FilterChainMatchValidationError{
+					field:  "SuffixLen",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, FilterChainMatchValidationError{
+					field:  "SuffixLen",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetSuffixLen()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return FilterChainMatchValidationError{
+				field:  "SuffixLen",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	for idx, item := range m.GetDirectSourcePrefixRanges() {
+		_, _ = idx, item
+
+		if all {
+			switch v := interface{}(item).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, FilterChainMatchValidationError{
+						field:  fmt.Sprintf("DirectSourcePrefixRanges[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, FilterChainMatchValidationError{
+						field:  fmt.Sprintf("DirectSourcePrefixRanges[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(item).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return FilterChainMatchValidationError{
+					field:  fmt.Sprintf("DirectSourcePrefixRanges[%v]", idx),
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	}
+
+	if _, ok := FilterChainMatch_ConnectionSourceType_name[int32(m.GetSourceType())]; !ok {
+		err := FilterChainMatchValidationError{
+			field:  "SourceType",
+			reason: "value must be one of the defined enum values",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+	}
+
+	for idx, item := range m.GetSourcePrefixRanges() {
+		_, _ = idx, item
+
+		if all {
+			switch v := interface{}(item).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, FilterChainMatchValidationError{
+						field:  fmt.Sprintf("SourcePrefixRanges[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, FilterChainMatchValidationError{
+						field:  fmt.Sprintf("SourcePrefixRanges[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(item).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return FilterChainMatchValidationError{
+					field:  fmt.Sprintf("SourcePrefixRanges[%v]", idx),
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	}
+
+	for idx, item := range m.GetSourcePorts() {
+		_, _ = idx, item
+
+		if val := item; val < 1 || val > 65535 {
+			err := FilterChainMatchValidationError{
+				field:  fmt.Sprintf("SourcePorts[%v]", idx),
+				reason: "value must be inside range [1, 65535]",
+			}
+			if !all {
+				return err
+			}
+			errors = append(errors, err)
+		}
+
+	}
+
+	// no validation rules for TransportProtocol
+
+	if len(errors) > 0 {
+		return FilterChainMatchMultiError(errors)
+	}
+	return nil
+}
+
+// FilterChainMatchMultiError is an error wrapping multiple validation errors
+// returned by FilterChainMatch.ValidateAll() if the designated constraints
+// aren't met.
+type FilterChainMatchMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m FilterChainMatchMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m FilterChainMatchMultiError) AllErrors() []error { return m }
+
+// FilterChainMatchValidationError is the validation error returned by
+// FilterChainMatch.Validate if the designated constraints aren't met.
+type FilterChainMatchValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e FilterChainMatchValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e FilterChainMatchValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e FilterChainMatchValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e FilterChainMatchValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e FilterChainMatchValidationError) ErrorName() string { return "FilterChainMatchValidationError" }
+
+// Error satisfies the builtin error interface
+func (e FilterChainMatchValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sFilterChainMatch.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = FilterChainMatchValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = FilterChainMatchValidationError{}
+
+// Validate checks the field values on FilterChain with the rules defined in
+// the proto definition for this message. If any rules are violated, the first
+// error encountered is returned, or nil if there are no violations.
+func (m *FilterChain) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on FilterChain with the rules defined in
+// the proto definition for this message. If any rules are violated, the
+// result is a list of violation errors wrapped in FilterChainMultiError, or
+// nil if none found.
+func (m *FilterChain) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *FilterChain) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	if all {
+		switch v := interface{}(m.GetFilterChainMatch()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, FilterChainValidationError{
+					field:  "FilterChainMatch",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, FilterChainValidationError{
+					field:  "FilterChainMatch",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetFilterChainMatch()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return FilterChainValidationError{
+				field:  "FilterChainMatch",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	for idx, item := range m.GetFilters() {
+		_, _ = idx, item
+
+		if all {
+			switch v := interface{}(item).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, FilterChainValidationError{
+						field:  fmt.Sprintf("Filters[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, FilterChainValidationError{
+						field:  fmt.Sprintf("Filters[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(item).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return FilterChainValidationError{
+					field:  fmt.Sprintf("Filters[%v]", idx),
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	}
+
+	if all {
+		switch v := interface{}(m.GetUseProxyProto()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, FilterChainValidationError{
+					field:  "UseProxyProto",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, FilterChainValidationError{
+					field:  "UseProxyProto",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetUseProxyProto()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return FilterChainValidationError{
+				field:  "UseProxyProto",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if all {
+		switch v := interface{}(m.GetMetadata()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, FilterChainValidationError{
+					field:  "Metadata",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, FilterChainValidationError{
+					field:  "Metadata",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetMetadata()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return FilterChainValidationError{
+				field:  "Metadata",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if all {
+		switch v := interface{}(m.GetTransportSocket()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, FilterChainValidationError{
+					field:  "TransportSocket",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, FilterChainValidationError{
+					field:  "TransportSocket",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetTransportSocket()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return FilterChainValidationError{
+				field:  "TransportSocket",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if all {
+		switch v := interface{}(m.GetTransportSocketConnectTimeout()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, FilterChainValidationError{
+					field:  "TransportSocketConnectTimeout",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, FilterChainValidationError{
+					field:  "TransportSocketConnectTimeout",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetTransportSocketConnectTimeout()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return FilterChainValidationError{
+				field:  "TransportSocketConnectTimeout",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	// no validation rules for Name
+
+	if all {
+		switch v := interface{}(m.GetOnDemandConfiguration()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, FilterChainValidationError{
+					field:  "OnDemandConfiguration",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, FilterChainValidationError{
+					field:  "OnDemandConfiguration",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetOnDemandConfiguration()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return FilterChainValidationError{
+				field:  "OnDemandConfiguration",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if len(errors) > 0 {
+		return FilterChainMultiError(errors)
+	}
+	return nil
+}
+
+// FilterChainMultiError is an error wrapping multiple validation errors
+// returned by FilterChain.ValidateAll() if the designated constraints aren't met.
+type FilterChainMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m FilterChainMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m FilterChainMultiError) AllErrors() []error { return m }
+
+// FilterChainValidationError is the validation error returned by
+// FilterChain.Validate if the designated constraints aren't met.
+type FilterChainValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e FilterChainValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e FilterChainValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e FilterChainValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e FilterChainValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e FilterChainValidationError) ErrorName() string { return "FilterChainValidationError" }
+
+// Error satisfies the builtin error interface
+func (e FilterChainValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sFilterChain.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = FilterChainValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = FilterChainValidationError{}
+
+// Validate checks the field values on ListenerFilterChainMatchPredicate with
+// the rules defined in the proto definition for this message. If any rules
+// are violated, the first error encountered is returned, or nil if there are
+// no violations.
+func (m *ListenerFilterChainMatchPredicate) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on ListenerFilterChainMatchPredicate
+// with the rules defined in the proto definition for this message. If any
+// rules are violated, the result is a list of violation errors wrapped in
+// ListenerFilterChainMatchPredicateMultiError, or nil if none found.
+func (m *ListenerFilterChainMatchPredicate) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *ListenerFilterChainMatchPredicate) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	switch m.Rule.(type) {
+
+	case *ListenerFilterChainMatchPredicate_OrMatch:
+
+		if all {
+			switch v := interface{}(m.GetOrMatch()).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, ListenerFilterChainMatchPredicateValidationError{
+						field:  "OrMatch",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, ListenerFilterChainMatchPredicateValidationError{
+						field:  "OrMatch",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(m.GetOrMatch()).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return ListenerFilterChainMatchPredicateValidationError{
+					field:  "OrMatch",
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	case *ListenerFilterChainMatchPredicate_AndMatch:
+
+		if all {
+			switch v := interface{}(m.GetAndMatch()).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, ListenerFilterChainMatchPredicateValidationError{
+						field:  "AndMatch",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, ListenerFilterChainMatchPredicateValidationError{
+						field:  "AndMatch",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(m.GetAndMatch()).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return ListenerFilterChainMatchPredicateValidationError{
+					field:  "AndMatch",
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	case *ListenerFilterChainMatchPredicate_NotMatch:
+
+		if all {
+			switch v := interface{}(m.GetNotMatch()).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, ListenerFilterChainMatchPredicateValidationError{
+						field:  "NotMatch",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, ListenerFilterChainMatchPredicateValidationError{
+						field:  "NotMatch",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(m.GetNotMatch()).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return ListenerFilterChainMatchPredicateValidationError{
+					field:  "NotMatch",
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	case *ListenerFilterChainMatchPredicate_AnyMatch:
+
+		if m.GetAnyMatch() != true {
+			err := ListenerFilterChainMatchPredicateValidationError{
+				field:  "AnyMatch",
+				reason: "value must equal true",
+			}
+			if !all {
+				return err
+			}
+			errors = append(errors, err)
+		}
+
+	case *ListenerFilterChainMatchPredicate_DestinationPortRange:
+
+		if all {
+			switch v := interface{}(m.GetDestinationPortRange()).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, ListenerFilterChainMatchPredicateValidationError{
+						field:  "DestinationPortRange",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, ListenerFilterChainMatchPredicateValidationError{
+						field:  "DestinationPortRange",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(m.GetDestinationPortRange()).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return ListenerFilterChainMatchPredicateValidationError{
+					field:  "DestinationPortRange",
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	default:
+		err := ListenerFilterChainMatchPredicateValidationError{
+			field:  "Rule",
+			reason: "value is required",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+
+	}
+
+	if len(errors) > 0 {
+		return ListenerFilterChainMatchPredicateMultiError(errors)
+	}
+	return nil
+}
+
+// ListenerFilterChainMatchPredicateMultiError is an error wrapping multiple
+// validation errors returned by
+// ListenerFilterChainMatchPredicate.ValidateAll() if the designated
+// constraints aren't met.
+type ListenerFilterChainMatchPredicateMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m ListenerFilterChainMatchPredicateMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m ListenerFilterChainMatchPredicateMultiError) AllErrors() []error { return m }
+
+// ListenerFilterChainMatchPredicateValidationError is the validation error
+// returned by ListenerFilterChainMatchPredicate.Validate if the designated
+// constraints aren't met.
+type ListenerFilterChainMatchPredicateValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e ListenerFilterChainMatchPredicateValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e ListenerFilterChainMatchPredicateValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e ListenerFilterChainMatchPredicateValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e ListenerFilterChainMatchPredicateValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e ListenerFilterChainMatchPredicateValidationError) ErrorName() string {
+	return "ListenerFilterChainMatchPredicateValidationError"
+}
+
+// Error satisfies the builtin error interface
+func (e ListenerFilterChainMatchPredicateValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sListenerFilterChainMatchPredicate.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = ListenerFilterChainMatchPredicateValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = ListenerFilterChainMatchPredicateValidationError{}
+
+// Validate checks the field values on ListenerFilter with the rules defined in
+// the proto definition for this message. If any rules are violated, the first
+// error encountered is returned, or nil if there are no violations.
+func (m *ListenerFilter) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on ListenerFilter with the rules defined
+// in the proto definition for this message. If any rules are violated, the
+// result is a list of violation errors wrapped in ListenerFilterMultiError,
+// or nil if none found.
+func (m *ListenerFilter) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *ListenerFilter) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	if utf8.RuneCountInString(m.GetName()) < 1 {
+		err := ListenerFilterValidationError{
+			field:  "Name",
+			reason: "value length must be at least 1 runes",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+	}
+
+	if all {
+		switch v := interface{}(m.GetFilterDisabled()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, ListenerFilterValidationError{
+					field:  "FilterDisabled",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, ListenerFilterValidationError{
+					field:  "FilterDisabled",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetFilterDisabled()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return ListenerFilterValidationError{
+				field:  "FilterDisabled",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	switch m.ConfigType.(type) {
+
+	case *ListenerFilter_TypedConfig:
+
+		if all {
+			switch v := interface{}(m.GetTypedConfig()).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, ListenerFilterValidationError{
+						field:  "TypedConfig",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, ListenerFilterValidationError{
+						field:  "TypedConfig",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(m.GetTypedConfig()).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return ListenerFilterValidationError{
+					field:  "TypedConfig",
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	}
+
+	if len(errors) > 0 {
+		return ListenerFilterMultiError(errors)
+	}
+	return nil
+}
+
+// ListenerFilterMultiError is an error wrapping multiple validation errors
+// returned by ListenerFilter.ValidateAll() if the designated constraints
+// aren't met.
+type ListenerFilterMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m ListenerFilterMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m ListenerFilterMultiError) AllErrors() []error { return m }
+
+// ListenerFilterValidationError is the validation error returned by
+// ListenerFilter.Validate if the designated constraints aren't met.
+type ListenerFilterValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e ListenerFilterValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e ListenerFilterValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e ListenerFilterValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e ListenerFilterValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e ListenerFilterValidationError) ErrorName() string { return "ListenerFilterValidationError" }
+
+// Error satisfies the builtin error interface
+func (e ListenerFilterValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sListenerFilter.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = ListenerFilterValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = ListenerFilterValidationError{}
+
+// Validate checks the field values on FilterChain_OnDemandConfiguration with
+// the rules defined in the proto definition for this message. If any rules
+// are violated, the first error encountered is returned, or nil if there are
+// no violations.
+func (m *FilterChain_OnDemandConfiguration) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on FilterChain_OnDemandConfiguration
+// with the rules defined in the proto definition for this message. If any
+// rules are violated, the result is a list of violation errors wrapped in
+// FilterChain_OnDemandConfigurationMultiError, or nil if none found.
+func (m *FilterChain_OnDemandConfiguration) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *FilterChain_OnDemandConfiguration) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	if all {
+		switch v := interface{}(m.GetRebuildTimeout()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, FilterChain_OnDemandConfigurationValidationError{
+					field:  "RebuildTimeout",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, FilterChain_OnDemandConfigurationValidationError{
+					field:  "RebuildTimeout",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetRebuildTimeout()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return FilterChain_OnDemandConfigurationValidationError{
+				field:  "RebuildTimeout",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if len(errors) > 0 {
+		return FilterChain_OnDemandConfigurationMultiError(errors)
+	}
+	return nil
+}
+
+// FilterChain_OnDemandConfigurationMultiError is an error wrapping multiple
+// validation errors returned by
+// FilterChain_OnDemandConfiguration.ValidateAll() if the designated
+// constraints aren't met.
+type FilterChain_OnDemandConfigurationMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m FilterChain_OnDemandConfigurationMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m FilterChain_OnDemandConfigurationMultiError) AllErrors() []error { return m }
+
+// FilterChain_OnDemandConfigurationValidationError is the validation error
+// returned by FilterChain_OnDemandConfiguration.Validate if the designated
+// constraints aren't met.
+type FilterChain_OnDemandConfigurationValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e FilterChain_OnDemandConfigurationValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e FilterChain_OnDemandConfigurationValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e FilterChain_OnDemandConfigurationValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e FilterChain_OnDemandConfigurationValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e FilterChain_OnDemandConfigurationValidationError) ErrorName() string {
+	return "FilterChain_OnDemandConfigurationValidationError"
+}
+
+// Error satisfies the builtin error interface
+func (e FilterChain_OnDemandConfigurationValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sFilterChain_OnDemandConfiguration.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = FilterChain_OnDemandConfigurationValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = FilterChain_OnDemandConfigurationValidationError{}
+
+// Validate checks the field values on
+// ListenerFilterChainMatchPredicate_MatchSet with the rules defined in the
+// proto definition for this message. If any rules are violated, the first
+// error encountered is returned, or nil if there are no violations.
+func (m *ListenerFilterChainMatchPredicate_MatchSet) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on
+// ListenerFilterChainMatchPredicate_MatchSet with the rules defined in the
+// proto definition for this message. If any rules are violated, the result is
+// a list of violation errors wrapped in
+// ListenerFilterChainMatchPredicate_MatchSetMultiError, or nil if none found.
+func (m *ListenerFilterChainMatchPredicate_MatchSet) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *ListenerFilterChainMatchPredicate_MatchSet) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	if len(m.GetRules()) < 2 {
+		err := ListenerFilterChainMatchPredicate_MatchSetValidationError{
+			field:  "Rules",
+			reason: "value must contain at least 2 item(s)",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+	}
+
+	for idx, item := range m.GetRules() {
+		_, _ = idx, item
+
+		if all {
+			switch v := interface{}(item).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, ListenerFilterChainMatchPredicate_MatchSetValidationError{
+						field:  fmt.Sprintf("Rules[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, ListenerFilterChainMatchPredicate_MatchSetValidationError{
+						field:  fmt.Sprintf("Rules[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(item).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return ListenerFilterChainMatchPredicate_MatchSetValidationError{
+					field:  fmt.Sprintf("Rules[%v]", idx),
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	}
+
+	if len(errors) > 0 {
+		return ListenerFilterChainMatchPredicate_MatchSetMultiError(errors)
+	}
+	return nil
+}
+
+// ListenerFilterChainMatchPredicate_MatchSetMultiError is an error wrapping
+// multiple validation errors returned by
+// ListenerFilterChainMatchPredicate_MatchSet.ValidateAll() if the designated
+// constraints aren't met.
+type ListenerFilterChainMatchPredicate_MatchSetMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m ListenerFilterChainMatchPredicate_MatchSetMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m ListenerFilterChainMatchPredicate_MatchSetMultiError) AllErrors() []error { return m }
+
+// ListenerFilterChainMatchPredicate_MatchSetValidationError is the validation
+// error returned by ListenerFilterChainMatchPredicate_MatchSet.Validate if
+// the designated constraints aren't met.
+type ListenerFilterChainMatchPredicate_MatchSetValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e ListenerFilterChainMatchPredicate_MatchSetValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e ListenerFilterChainMatchPredicate_MatchSetValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e ListenerFilterChainMatchPredicate_MatchSetValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e ListenerFilterChainMatchPredicate_MatchSetValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e ListenerFilterChainMatchPredicate_MatchSetValidationError) ErrorName() string {
+	return "ListenerFilterChainMatchPredicate_MatchSetValidationError"
+}
+
+// Error satisfies the builtin error interface
+func (e ListenerFilterChainMatchPredicate_MatchSetValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sListenerFilterChainMatchPredicate_MatchSet.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = ListenerFilterChainMatchPredicate_MatchSetValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = ListenerFilterChainMatchPredicate_MatchSetValidationError{}
diff --git a/vendor/github.com/envoyproxy/go-control-plane/envoy/config/listener/v3/quic_config.pb.go b/vendor/github.com/envoyproxy/go-control-plane/envoy/config/listener/v3/quic_config.pb.go
new file mode 100644
index 00000000000..ad8f36b083c
--- /dev/null
+++ b/vendor/github.com/envoyproxy/go-control-plane/envoy/config/listener/v3/quic_config.pb.go
@@ -0,0 +1,297 @@
+// Code generated by protoc-gen-go. DO NOT EDIT.
+// versions:
+// 	protoc-gen-go v1.25.0
+// 	protoc        v3.19.1
+// source: envoy/config/listener/v3/quic_config.proto
+
+package envoy_config_listener_v3
+
+import (
+	_ "github.com/cncf/xds/go/udpa/annotations"
+	v3 "github.com/envoyproxy/go-control-plane/envoy/config/core/v3"
+	_ "github.com/envoyproxy/protoc-gen-validate/validate"
+	proto "github.com/golang/protobuf/proto"
+	duration "github.com/golang/protobuf/ptypes/duration"
+	wrappers "github.com/golang/protobuf/ptypes/wrappers"
+	protoreflect "google.golang.org/protobuf/reflect/protoreflect"
+	protoimpl "google.golang.org/protobuf/runtime/protoimpl"
+	reflect "reflect"
+	sync "sync"
+)
+
+const (
+	// Verify that this generated code is sufficiently up-to-date.
+	_ = protoimpl.EnforceVersion(20 - protoimpl.MinVersion)
+	// Verify that runtime/protoimpl is sufficiently up-to-date.
+	_ = protoimpl.EnforceVersion(protoimpl.MaxVersion - 20)
+)
+
+// This is a compile-time assertion that a sufficiently up-to-date version
+// of the legacy proto package is being used.
+const _ = proto.ProtoPackageIsVersion4
+
+// Configuration specific to the UDP QUIC listener.
+// [#next-free-field: 8]
+type QuicProtocolOptions struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	QuicProtocolOptions *v3.QuicProtocolOptions `protobuf:"bytes,1,opt,name=quic_protocol_options,json=quicProtocolOptions,proto3" json:"quic_protocol_options,omitempty"`
+	// Maximum number of milliseconds that connection will be alive when there is
+	// no network activity. 300000ms if not specified.
+	IdleTimeout *duration.Duration `protobuf:"bytes,2,opt,name=idle_timeout,json=idleTimeout,proto3" json:"idle_timeout,omitempty"`
+	// Connection timeout in milliseconds before the crypto handshake is finished.
+	// 20000ms if not specified.
+	CryptoHandshakeTimeout *duration.Duration `protobuf:"bytes,3,opt,name=crypto_handshake_timeout,json=cryptoHandshakeTimeout,proto3" json:"crypto_handshake_timeout,omitempty"`
+	// Runtime flag that controls whether the listener is enabled or not. If not specified, defaults
+	// to enabled.
+	Enabled *v3.RuntimeFeatureFlag `protobuf:"bytes,4,opt,name=enabled,proto3" json:"enabled,omitempty"`
+	// A multiplier to number of connections which is used to determine how many packets to read per
+	// event loop. A reasonable number should allow the listener to process enough payload but not
+	// starve TCP and other UDP sockets and also prevent long event loop duration.
+	// The default value is 32. This means if there are N QUIC connections, the total number of
+	// packets to read in each read event will be 32 * N.
+	// The actual number of packets to read in total by the UDP listener is also
+	// bound by 6000, regardless of this field or how many connections there are.
+	PacketsToReadToConnectionCountRatio *wrappers.UInt32Value `protobuf:"bytes,5,opt,name=packets_to_read_to_connection_count_ratio,json=packetsToReadToConnectionCountRatio,proto3" json:"packets_to_read_to_connection_count_ratio,omitempty"`
+	// Configure which implementation of `quic::QuicCryptoClientStreamBase` to be used for this listener.
+	// If not specified the :ref:`QUICHE default one configured by <envoy_v3_api_msg_extensions.quic.crypto_stream.v3.CryptoServerStreamConfig>` will be used.
+	// [#extension-category: envoy.quic.server.crypto_stream]
+	CryptoStreamConfig *v3.TypedExtensionConfig `protobuf:"bytes,6,opt,name=crypto_stream_config,json=cryptoStreamConfig,proto3" json:"crypto_stream_config,omitempty"`
+	// Configure which implementation of `quic::ProofSource` to be used for this listener.
+	// If not specified the :ref:`default one configured by <envoy_v3_api_msg_extensions.quic.proof_source.v3.ProofSourceConfig>` will be used.
+	// [#extension-category: envoy.quic.proof_source]
+	ProofSourceConfig *v3.TypedExtensionConfig `protobuf:"bytes,7,opt,name=proof_source_config,json=proofSourceConfig,proto3" json:"proof_source_config,omitempty"`
+}
+
+func (x *QuicProtocolOptions) Reset() {
+	*x = QuicProtocolOptions{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_config_listener_v3_quic_config_proto_msgTypes[0]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *QuicProtocolOptions) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*QuicProtocolOptions) ProtoMessage() {}
+
+func (x *QuicProtocolOptions) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_config_listener_v3_quic_config_proto_msgTypes[0]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use QuicProtocolOptions.ProtoReflect.Descriptor instead.
+func (*QuicProtocolOptions) Descriptor() ([]byte, []int) {
+	return file_envoy_config_listener_v3_quic_config_proto_rawDescGZIP(), []int{0}
+}
+
+func (x *QuicProtocolOptions) GetQuicProtocolOptions() *v3.QuicProtocolOptions {
+	if x != nil {
+		return x.QuicProtocolOptions
+	}
+	return nil
+}
+
+func (x *QuicProtocolOptions) GetIdleTimeout() *duration.Duration {
+	if x != nil {
+		return x.IdleTimeout
+	}
+	return nil
+}
+
+func (x *QuicProtocolOptions) GetCryptoHandshakeTimeout() *duration.Duration {
+	if x != nil {
+		return x.CryptoHandshakeTimeout
+	}
+	return nil
+}
+
+func (x *QuicProtocolOptions) GetEnabled() *v3.RuntimeFeatureFlag {
+	if x != nil {
+		return x.Enabled
+	}
+	return nil
+}
+
+func (x *QuicProtocolOptions) GetPacketsToReadToConnectionCountRatio() *wrappers.UInt32Value {
+	if x != nil {
+		return x.PacketsToReadToConnectionCountRatio
+	}
+	return nil
+}
+
+func (x *QuicProtocolOptions) GetCryptoStreamConfig() *v3.TypedExtensionConfig {
+	if x != nil {
+		return x.CryptoStreamConfig
+	}
+	return nil
+}
+
+func (x *QuicProtocolOptions) GetProofSourceConfig() *v3.TypedExtensionConfig {
+	if x != nil {
+		return x.ProofSourceConfig
+	}
+	return nil
+}
+
+var File_envoy_config_listener_v3_quic_config_proto protoreflect.FileDescriptor
+
+var file_envoy_config_listener_v3_quic_config_proto_rawDesc = []byte{
+	0x0a, 0x2a, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2f, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2f, 0x6c,
+	0x69, 0x73, 0x74, 0x65, 0x6e, 0x65, 0x72, 0x2f, 0x76, 0x33, 0x2f, 0x71, 0x75, 0x69, 0x63, 0x5f,
+	0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x12, 0x18, 0x65, 0x6e,
+	0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x6c, 0x69, 0x73, 0x74, 0x65,
+	0x6e, 0x65, 0x72, 0x2e, 0x76, 0x33, 0x1a, 0x1f, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2f, 0x63, 0x6f,
+	0x6e, 0x66, 0x69, 0x67, 0x2f, 0x63, 0x6f, 0x72, 0x65, 0x2f, 0x76, 0x33, 0x2f, 0x62, 0x61, 0x73,
+	0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x24, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2f, 0x63,
+	0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2f, 0x63, 0x6f, 0x72, 0x65, 0x2f, 0x76, 0x33, 0x2f, 0x65, 0x78,
+	0x74, 0x65, 0x6e, 0x73, 0x69, 0x6f, 0x6e, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x23, 0x65,
+	0x6e, 0x76, 0x6f, 0x79, 0x2f, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2f, 0x63, 0x6f, 0x72, 0x65,
+	0x2f, 0x76, 0x33, 0x2f, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x63, 0x6f, 0x6c, 0x2e, 0x70, 0x72, 0x6f,
+	0x74, 0x6f, 0x1a, 0x1e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2f, 0x70, 0x72, 0x6f, 0x74, 0x6f,
+	0x62, 0x75, 0x66, 0x2f, 0x64, 0x75, 0x72, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x2e, 0x70, 0x72, 0x6f,
+	0x74, 0x6f, 0x1a, 0x1e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2f, 0x70, 0x72, 0x6f, 0x74, 0x6f,
+	0x62, 0x75, 0x66, 0x2f, 0x77, 0x72, 0x61, 0x70, 0x70, 0x65, 0x72, 0x73, 0x2e, 0x70, 0x72, 0x6f,
+	0x74, 0x6f, 0x1a, 0x1d, 0x75, 0x64, 0x70, 0x61, 0x2f, 0x61, 0x6e, 0x6e, 0x6f, 0x74, 0x61, 0x74,
+	0x69, 0x6f, 0x6e, 0x73, 0x2f, 0x73, 0x74, 0x61, 0x74, 0x75, 0x73, 0x2e, 0x70, 0x72, 0x6f, 0x74,
+	0x6f, 0x1a, 0x21, 0x75, 0x64, 0x70, 0x61, 0x2f, 0x61, 0x6e, 0x6e, 0x6f, 0x74, 0x61, 0x74, 0x69,
+	0x6f, 0x6e, 0x73, 0x2f, 0x76, 0x65, 0x72, 0x73, 0x69, 0x6f, 0x6e, 0x69, 0x6e, 0x67, 0x2e, 0x70,
+	0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x17, 0x76, 0x61, 0x6c, 0x69, 0x64, 0x61, 0x74, 0x65, 0x2f, 0x76,
+	0x61, 0x6c, 0x69, 0x64, 0x61, 0x74, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x22, 0xb6, 0x05,
+	0x0a, 0x13, 0x51, 0x75, 0x69, 0x63, 0x50, 0x72, 0x6f, 0x74, 0x6f, 0x63, 0x6f, 0x6c, 0x4f, 0x70,
+	0x74, 0x69, 0x6f, 0x6e, 0x73, 0x12, 0x5d, 0x0a, 0x15, 0x71, 0x75, 0x69, 0x63, 0x5f, 0x70, 0x72,
+	0x6f, 0x74, 0x6f, 0x63, 0x6f, 0x6c, 0x5f, 0x6f, 0x70, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x18, 0x01,
+	0x20, 0x01, 0x28, 0x0b, 0x32, 0x29, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e,
+	0x66, 0x69, 0x67, 0x2e, 0x63, 0x6f, 0x72, 0x65, 0x2e, 0x76, 0x33, 0x2e, 0x51, 0x75, 0x69, 0x63,
+	0x50, 0x72, 0x6f, 0x74, 0x6f, 0x63, 0x6f, 0x6c, 0x4f, 0x70, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x52,
+	0x13, 0x71, 0x75, 0x69, 0x63, 0x50, 0x72, 0x6f, 0x74, 0x6f, 0x63, 0x6f, 0x6c, 0x4f, 0x70, 0x74,
+	0x69, 0x6f, 0x6e, 0x73, 0x12, 0x3c, 0x0a, 0x0c, 0x69, 0x64, 0x6c, 0x65, 0x5f, 0x74, 0x69, 0x6d,
+	0x65, 0x6f, 0x75, 0x74, 0x18, 0x02, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x19, 0x2e, 0x67, 0x6f, 0x6f,
+	0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x44, 0x75, 0x72,
+	0x61, 0x74, 0x69, 0x6f, 0x6e, 0x52, 0x0b, 0x69, 0x64, 0x6c, 0x65, 0x54, 0x69, 0x6d, 0x65, 0x6f,
+	0x75, 0x74, 0x12, 0x53, 0x0a, 0x18, 0x63, 0x72, 0x79, 0x70, 0x74, 0x6f, 0x5f, 0x68, 0x61, 0x6e,
+	0x64, 0x73, 0x68, 0x61, 0x6b, 0x65, 0x5f, 0x74, 0x69, 0x6d, 0x65, 0x6f, 0x75, 0x74, 0x18, 0x03,
+	0x20, 0x01, 0x28, 0x0b, 0x32, 0x19, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72,
+	0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x44, 0x75, 0x72, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x52,
+	0x16, 0x63, 0x72, 0x79, 0x70, 0x74, 0x6f, 0x48, 0x61, 0x6e, 0x64, 0x73, 0x68, 0x61, 0x6b, 0x65,
+	0x54, 0x69, 0x6d, 0x65, 0x6f, 0x75, 0x74, 0x12, 0x42, 0x0a, 0x07, 0x65, 0x6e, 0x61, 0x62, 0x6c,
+	0x65, 0x64, 0x18, 0x04, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x28, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79,
+	0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x63, 0x6f, 0x72, 0x65, 0x2e, 0x76, 0x33, 0x2e,
+	0x52, 0x75, 0x6e, 0x74, 0x69, 0x6d, 0x65, 0x46, 0x65, 0x61, 0x74, 0x75, 0x72, 0x65, 0x46, 0x6c,
+	0x61, 0x67, 0x52, 0x07, 0x65, 0x6e, 0x61, 0x62, 0x6c, 0x65, 0x64, 0x12, 0x7d, 0x0a, 0x29, 0x70,
+	0x61, 0x63, 0x6b, 0x65, 0x74, 0x73, 0x5f, 0x74, 0x6f, 0x5f, 0x72, 0x65, 0x61, 0x64, 0x5f, 0x74,
+	0x6f, 0x5f, 0x63, 0x6f, 0x6e, 0x6e, 0x65, 0x63, 0x74, 0x69, 0x6f, 0x6e, 0x5f, 0x63, 0x6f, 0x75,
+	0x6e, 0x74, 0x5f, 0x72, 0x61, 0x74, 0x69, 0x6f, 0x18, 0x05, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1c,
+	0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66,
+	0x2e, 0x55, 0x49, 0x6e, 0x74, 0x33, 0x32, 0x56, 0x61, 0x6c, 0x75, 0x65, 0x42, 0x07, 0xfa, 0x42,
+	0x04, 0x2a, 0x02, 0x28, 0x01, 0x52, 0x23, 0x70, 0x61, 0x63, 0x6b, 0x65, 0x74, 0x73, 0x54, 0x6f,
+	0x52, 0x65, 0x61, 0x64, 0x54, 0x6f, 0x43, 0x6f, 0x6e, 0x6e, 0x65, 0x63, 0x74, 0x69, 0x6f, 0x6e,
+	0x43, 0x6f, 0x75, 0x6e, 0x74, 0x52, 0x61, 0x74, 0x69, 0x6f, 0x12, 0x5c, 0x0a, 0x14, 0x63, 0x72,
+	0x79, 0x70, 0x74, 0x6f, 0x5f, 0x73, 0x74, 0x72, 0x65, 0x61, 0x6d, 0x5f, 0x63, 0x6f, 0x6e, 0x66,
+	0x69, 0x67, 0x18, 0x06, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x2a, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79,
+	0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x63, 0x6f, 0x72, 0x65, 0x2e, 0x76, 0x33, 0x2e,
+	0x54, 0x79, 0x70, 0x65, 0x64, 0x45, 0x78, 0x74, 0x65, 0x6e, 0x73, 0x69, 0x6f, 0x6e, 0x43, 0x6f,
+	0x6e, 0x66, 0x69, 0x67, 0x52, 0x12, 0x63, 0x72, 0x79, 0x70, 0x74, 0x6f, 0x53, 0x74, 0x72, 0x65,
+	0x61, 0x6d, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x12, 0x5a, 0x0a, 0x13, 0x70, 0x72, 0x6f, 0x6f,
+	0x66, 0x5f, 0x73, 0x6f, 0x75, 0x72, 0x63, 0x65, 0x5f, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x18,
+	0x07, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x2a, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f,
+	0x6e, 0x66, 0x69, 0x67, 0x2e, 0x63, 0x6f, 0x72, 0x65, 0x2e, 0x76, 0x33, 0x2e, 0x54, 0x79, 0x70,
+	0x65, 0x64, 0x45, 0x78, 0x74, 0x65, 0x6e, 0x73, 0x69, 0x6f, 0x6e, 0x43, 0x6f, 0x6e, 0x66, 0x69,
+	0x67, 0x52, 0x11, 0x70, 0x72, 0x6f, 0x6f, 0x66, 0x53, 0x6f, 0x75, 0x72, 0x63, 0x65, 0x43, 0x6f,
+	0x6e, 0x66, 0x69, 0x67, 0x3a, 0x30, 0x9a, 0xc5, 0x88, 0x1e, 0x2b, 0x0a, 0x29, 0x65, 0x6e, 0x76,
+	0x6f, 0x79, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x76, 0x32, 0x2e, 0x6c, 0x69, 0x73, 0x74, 0x65, 0x6e,
+	0x65, 0x72, 0x2e, 0x51, 0x75, 0x69, 0x63, 0x50, 0x72, 0x6f, 0x74, 0x6f, 0x63, 0x6f, 0x6c, 0x4f,
+	0x70, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x42, 0x43, 0x0a, 0x26, 0x69, 0x6f, 0x2e, 0x65, 0x6e, 0x76,
+	0x6f, 0x79, 0x70, 0x72, 0x6f, 0x78, 0x79, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f,
+	0x6e, 0x66, 0x69, 0x67, 0x2e, 0x6c, 0x69, 0x73, 0x74, 0x65, 0x6e, 0x65, 0x72, 0x2e, 0x76, 0x33,
+	0x42, 0x0f, 0x51, 0x75, 0x69, 0x63, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x50, 0x72, 0x6f, 0x74,
+	0x6f, 0x50, 0x01, 0xba, 0x80, 0xc8, 0xd1, 0x06, 0x02, 0x10, 0x02, 0x62, 0x06, 0x70, 0x72, 0x6f,
+	0x74, 0x6f, 0x33,
+}
+
+var (
+	file_envoy_config_listener_v3_quic_config_proto_rawDescOnce sync.Once
+	file_envoy_config_listener_v3_quic_config_proto_rawDescData = file_envoy_config_listener_v3_quic_config_proto_rawDesc
+)
+
+func file_envoy_config_listener_v3_quic_config_proto_rawDescGZIP() []byte {
+	file_envoy_config_listener_v3_quic_config_proto_rawDescOnce.Do(func() {
+		file_envoy_config_listener_v3_quic_config_proto_rawDescData = protoimpl.X.CompressGZIP(file_envoy_config_listener_v3_quic_config_proto_rawDescData)
+	})
+	return file_envoy_config_listener_v3_quic_config_proto_rawDescData
+}
+
+var file_envoy_config_listener_v3_quic_config_proto_msgTypes = make([]protoimpl.MessageInfo, 1)
+var file_envoy_config_listener_v3_quic_config_proto_goTypes = []interface{}{
+	(*QuicProtocolOptions)(nil),     // 0: envoy.config.listener.v3.QuicProtocolOptions
+	(*v3.QuicProtocolOptions)(nil),  // 1: envoy.config.core.v3.QuicProtocolOptions
+	(*duration.Duration)(nil),       // 2: google.protobuf.Duration
+	(*v3.RuntimeFeatureFlag)(nil),   // 3: envoy.config.core.v3.RuntimeFeatureFlag
+	(*wrappers.UInt32Value)(nil),    // 4: google.protobuf.UInt32Value
+	(*v3.TypedExtensionConfig)(nil), // 5: envoy.config.core.v3.TypedExtensionConfig
+}
+var file_envoy_config_listener_v3_quic_config_proto_depIdxs = []int32{
+	1, // 0: envoy.config.listener.v3.QuicProtocolOptions.quic_protocol_options:type_name -> envoy.config.core.v3.QuicProtocolOptions
+	2, // 1: envoy.config.listener.v3.QuicProtocolOptions.idle_timeout:type_name -> google.protobuf.Duration
+	2, // 2: envoy.config.listener.v3.QuicProtocolOptions.crypto_handshake_timeout:type_name -> google.protobuf.Duration
+	3, // 3: envoy.config.listener.v3.QuicProtocolOptions.enabled:type_name -> envoy.config.core.v3.RuntimeFeatureFlag
+	4, // 4: envoy.config.listener.v3.QuicProtocolOptions.packets_to_read_to_connection_count_ratio:type_name -> google.protobuf.UInt32Value
+	5, // 5: envoy.config.listener.v3.QuicProtocolOptions.crypto_stream_config:type_name -> envoy.config.core.v3.TypedExtensionConfig
+	5, // 6: envoy.config.listener.v3.QuicProtocolOptions.proof_source_config:type_name -> envoy.config.core.v3.TypedExtensionConfig
+	7, // [7:7] is the sub-list for method output_type
+	7, // [7:7] is the sub-list for method input_type
+	7, // [7:7] is the sub-list for extension type_name
+	7, // [7:7] is the sub-list for extension extendee
+	0, // [0:7] is the sub-list for field type_name
+}
+
+func init() { file_envoy_config_listener_v3_quic_config_proto_init() }
+func file_envoy_config_listener_v3_quic_config_proto_init() {
+	if File_envoy_config_listener_v3_quic_config_proto != nil {
+		return
+	}
+	if !protoimpl.UnsafeEnabled {
+		file_envoy_config_listener_v3_quic_config_proto_msgTypes[0].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*QuicProtocolOptions); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+	}
+	type x struct{}
+	out := protoimpl.TypeBuilder{
+		File: protoimpl.DescBuilder{
+			GoPackagePath: reflect.TypeOf(x{}).PkgPath(),
+			RawDescriptor: file_envoy_config_listener_v3_quic_config_proto_rawDesc,
+			NumEnums:      0,
+			NumMessages:   1,
+			NumExtensions: 0,
+			NumServices:   0,
+		},
+		GoTypes:           file_envoy_config_listener_v3_quic_config_proto_goTypes,
+		DependencyIndexes: file_envoy_config_listener_v3_quic_config_proto_depIdxs,
+		MessageInfos:      file_envoy_config_listener_v3_quic_config_proto_msgTypes,
+	}.Build()
+	File_envoy_config_listener_v3_quic_config_proto = out.File
+	file_envoy_config_listener_v3_quic_config_proto_rawDesc = nil
+	file_envoy_config_listener_v3_quic_config_proto_goTypes = nil
+	file_envoy_config_listener_v3_quic_config_proto_depIdxs = nil
+}
diff --git a/vendor/github.com/envoyproxy/go-control-plane/envoy/config/listener/v3/quic_config.pb.validate.go b/vendor/github.com/envoyproxy/go-control-plane/envoy/config/listener/v3/quic_config.pb.validate.go
new file mode 100644
index 00000000000..dace31a9925
--- /dev/null
+++ b/vendor/github.com/envoyproxy/go-control-plane/envoy/config/listener/v3/quic_config.pb.validate.go
@@ -0,0 +1,326 @@
+// Code generated by protoc-gen-validate. DO NOT EDIT.
+// source: envoy/config/listener/v3/quic_config.proto
+
+package envoy_config_listener_v3
+
+import (
+	"bytes"
+	"errors"
+	"fmt"
+	"net"
+	"net/mail"
+	"net/url"
+	"regexp"
+	"sort"
+	"strings"
+	"time"
+	"unicode/utf8"
+
+	"google.golang.org/protobuf/types/known/anypb"
+)
+
+// ensure the imports are used
+var (
+	_ = bytes.MinRead
+	_ = errors.New("")
+	_ = fmt.Print
+	_ = utf8.UTFMax
+	_ = (*regexp.Regexp)(nil)
+	_ = (*strings.Reader)(nil)
+	_ = net.IPv4len
+	_ = time.Duration(0)
+	_ = (*url.URL)(nil)
+	_ = (*mail.Address)(nil)
+	_ = anypb.Any{}
+	_ = sort.Sort
+)
+
+// Validate checks the field values on QuicProtocolOptions with the rules
+// defined in the proto definition for this message. If any rules are
+// violated, the first error encountered is returned, or nil if there are no violations.
+func (m *QuicProtocolOptions) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on QuicProtocolOptions with the rules
+// defined in the proto definition for this message. If any rules are
+// violated, the result is a list of violation errors wrapped in
+// QuicProtocolOptionsMultiError, or nil if none found.
+func (m *QuicProtocolOptions) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *QuicProtocolOptions) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	if all {
+		switch v := interface{}(m.GetQuicProtocolOptions()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, QuicProtocolOptionsValidationError{
+					field:  "QuicProtocolOptions",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, QuicProtocolOptionsValidationError{
+					field:  "QuicProtocolOptions",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetQuicProtocolOptions()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return QuicProtocolOptionsValidationError{
+				field:  "QuicProtocolOptions",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if all {
+		switch v := interface{}(m.GetIdleTimeout()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, QuicProtocolOptionsValidationError{
+					field:  "IdleTimeout",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, QuicProtocolOptionsValidationError{
+					field:  "IdleTimeout",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetIdleTimeout()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return QuicProtocolOptionsValidationError{
+				field:  "IdleTimeout",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if all {
+		switch v := interface{}(m.GetCryptoHandshakeTimeout()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, QuicProtocolOptionsValidationError{
+					field:  "CryptoHandshakeTimeout",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, QuicProtocolOptionsValidationError{
+					field:  "CryptoHandshakeTimeout",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetCryptoHandshakeTimeout()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return QuicProtocolOptionsValidationError{
+				field:  "CryptoHandshakeTimeout",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if all {
+		switch v := interface{}(m.GetEnabled()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, QuicProtocolOptionsValidationError{
+					field:  "Enabled",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, QuicProtocolOptionsValidationError{
+					field:  "Enabled",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetEnabled()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return QuicProtocolOptionsValidationError{
+				field:  "Enabled",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if wrapper := m.GetPacketsToReadToConnectionCountRatio(); wrapper != nil {
+
+		if wrapper.GetValue() < 1 {
+			err := QuicProtocolOptionsValidationError{
+				field:  "PacketsToReadToConnectionCountRatio",
+				reason: "value must be greater than or equal to 1",
+			}
+			if !all {
+				return err
+			}
+			errors = append(errors, err)
+		}
+
+	}
+
+	if all {
+		switch v := interface{}(m.GetCryptoStreamConfig()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, QuicProtocolOptionsValidationError{
+					field:  "CryptoStreamConfig",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, QuicProtocolOptionsValidationError{
+					field:  "CryptoStreamConfig",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetCryptoStreamConfig()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return QuicProtocolOptionsValidationError{
+				field:  "CryptoStreamConfig",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if all {
+		switch v := interface{}(m.GetProofSourceConfig()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, QuicProtocolOptionsValidationError{
+					field:  "ProofSourceConfig",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, QuicProtocolOptionsValidationError{
+					field:  "ProofSourceConfig",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetProofSourceConfig()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return QuicProtocolOptionsValidationError{
+				field:  "ProofSourceConfig",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if len(errors) > 0 {
+		return QuicProtocolOptionsMultiError(errors)
+	}
+	return nil
+}
+
+// QuicProtocolOptionsMultiError is an error wrapping multiple validation
+// errors returned by QuicProtocolOptions.ValidateAll() if the designated
+// constraints aren't met.
+type QuicProtocolOptionsMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m QuicProtocolOptionsMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m QuicProtocolOptionsMultiError) AllErrors() []error { return m }
+
+// QuicProtocolOptionsValidationError is the validation error returned by
+// QuicProtocolOptions.Validate if the designated constraints aren't met.
+type QuicProtocolOptionsValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e QuicProtocolOptionsValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e QuicProtocolOptionsValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e QuicProtocolOptionsValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e QuicProtocolOptionsValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e QuicProtocolOptionsValidationError) ErrorName() string {
+	return "QuicProtocolOptionsValidationError"
+}
+
+// Error satisfies the builtin error interface
+func (e QuicProtocolOptionsValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sQuicProtocolOptions.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = QuicProtocolOptionsValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = QuicProtocolOptionsValidationError{}
diff --git a/vendor/github.com/envoyproxy/go-control-plane/envoy/config/listener/v3/udp_listener_config.pb.go b/vendor/github.com/envoyproxy/go-control-plane/envoy/config/listener/v3/udp_listener_config.pb.go
new file mode 100644
index 00000000000..8373b5110a3
--- /dev/null
+++ b/vendor/github.com/envoyproxy/go-control-plane/envoy/config/listener/v3/udp_listener_config.pb.go
@@ -0,0 +1,262 @@
+// Code generated by protoc-gen-go. DO NOT EDIT.
+// versions:
+// 	protoc-gen-go v1.25.0
+// 	protoc        v3.19.1
+// source: envoy/config/listener/v3/udp_listener_config.proto
+
+package envoy_config_listener_v3
+
+import (
+	_ "github.com/cncf/xds/go/udpa/annotations"
+	v3 "github.com/envoyproxy/go-control-plane/envoy/config/core/v3"
+	proto "github.com/golang/protobuf/proto"
+	protoreflect "google.golang.org/protobuf/reflect/protoreflect"
+	protoimpl "google.golang.org/protobuf/runtime/protoimpl"
+	reflect "reflect"
+	sync "sync"
+)
+
+const (
+	// Verify that this generated code is sufficiently up-to-date.
+	_ = protoimpl.EnforceVersion(20 - protoimpl.MinVersion)
+	// Verify that runtime/protoimpl is sufficiently up-to-date.
+	_ = protoimpl.EnforceVersion(protoimpl.MaxVersion - 20)
+)
+
+// This is a compile-time assertion that a sufficiently up-to-date version
+// of the legacy proto package is being used.
+const _ = proto.ProtoPackageIsVersion4
+
+// [#next-free-field: 8]
+type UdpListenerConfig struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// UDP socket configuration for the listener. The default for
+	// :ref:`prefer_gro <envoy_v3_api_field_config.core.v3.UdpSocketConfig.prefer_gro>` is false for
+	// listener sockets. If receiving a large amount of datagrams from a small number of sources, it
+	// may be worthwhile to enable this option after performance testing.
+	DownstreamSocketConfig *v3.UdpSocketConfig `protobuf:"bytes,5,opt,name=downstream_socket_config,json=downstreamSocketConfig,proto3" json:"downstream_socket_config,omitempty"`
+	// Configuration for QUIC protocol. If empty, QUIC will not be enabled on this listener. Set
+	// to the default object to enable QUIC without modifying any additional options.
+	//
+	// .. warning::
+	//   QUIC support is currently alpha and should be used with caution. Please
+	//   see :ref:`here <arch_overview_http3>` for details.
+	QuicOptions *QuicProtocolOptions `protobuf:"bytes,7,opt,name=quic_options,json=quicOptions,proto3" json:"quic_options,omitempty"`
+}
+
+func (x *UdpListenerConfig) Reset() {
+	*x = UdpListenerConfig{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_config_listener_v3_udp_listener_config_proto_msgTypes[0]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *UdpListenerConfig) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*UdpListenerConfig) ProtoMessage() {}
+
+func (x *UdpListenerConfig) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_config_listener_v3_udp_listener_config_proto_msgTypes[0]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use UdpListenerConfig.ProtoReflect.Descriptor instead.
+func (*UdpListenerConfig) Descriptor() ([]byte, []int) {
+	return file_envoy_config_listener_v3_udp_listener_config_proto_rawDescGZIP(), []int{0}
+}
+
+func (x *UdpListenerConfig) GetDownstreamSocketConfig() *v3.UdpSocketConfig {
+	if x != nil {
+		return x.DownstreamSocketConfig
+	}
+	return nil
+}
+
+func (x *UdpListenerConfig) GetQuicOptions() *QuicProtocolOptions {
+	if x != nil {
+		return x.QuicOptions
+	}
+	return nil
+}
+
+type ActiveRawUdpListenerConfig struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+}
+
+func (x *ActiveRawUdpListenerConfig) Reset() {
+	*x = ActiveRawUdpListenerConfig{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_config_listener_v3_udp_listener_config_proto_msgTypes[1]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *ActiveRawUdpListenerConfig) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*ActiveRawUdpListenerConfig) ProtoMessage() {}
+
+func (x *ActiveRawUdpListenerConfig) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_config_listener_v3_udp_listener_config_proto_msgTypes[1]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use ActiveRawUdpListenerConfig.ProtoReflect.Descriptor instead.
+func (*ActiveRawUdpListenerConfig) Descriptor() ([]byte, []int) {
+	return file_envoy_config_listener_v3_udp_listener_config_proto_rawDescGZIP(), []int{1}
+}
+
+var File_envoy_config_listener_v3_udp_listener_config_proto protoreflect.FileDescriptor
+
+var file_envoy_config_listener_v3_udp_listener_config_proto_rawDesc = []byte{
+	0x0a, 0x32, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2f, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2f, 0x6c,
+	0x69, 0x73, 0x74, 0x65, 0x6e, 0x65, 0x72, 0x2f, 0x76, 0x33, 0x2f, 0x75, 0x64, 0x70, 0x5f, 0x6c,
+	0x69, 0x73, 0x74, 0x65, 0x6e, 0x65, 0x72, 0x5f, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x70,
+	0x72, 0x6f, 0x74, 0x6f, 0x12, 0x18, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66,
+	0x69, 0x67, 0x2e, 0x6c, 0x69, 0x73, 0x74, 0x65, 0x6e, 0x65, 0x72, 0x2e, 0x76, 0x33, 0x1a, 0x2c,
+	0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2f, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2f, 0x63, 0x6f, 0x72,
+	0x65, 0x2f, 0x76, 0x33, 0x2f, 0x75, 0x64, 0x70, 0x5f, 0x73, 0x6f, 0x63, 0x6b, 0x65, 0x74, 0x5f,
+	0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x2a, 0x65, 0x6e,
+	0x76, 0x6f, 0x79, 0x2f, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2f, 0x6c, 0x69, 0x73, 0x74, 0x65,
+	0x6e, 0x65, 0x72, 0x2f, 0x76, 0x33, 0x2f, 0x71, 0x75, 0x69, 0x63, 0x5f, 0x63, 0x6f, 0x6e, 0x66,
+	0x69, 0x67, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x1d, 0x75, 0x64, 0x70, 0x61, 0x2f, 0x61,
+	0x6e, 0x6e, 0x6f, 0x74, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x2f, 0x73, 0x74, 0x61, 0x74, 0x75,
+	0x73, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x21, 0x75, 0x64, 0x70, 0x61, 0x2f, 0x61, 0x6e,
+	0x6e, 0x6f, 0x74, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x2f, 0x76, 0x65, 0x72, 0x73, 0x69, 0x6f,
+	0x6e, 0x69, 0x6e, 0x67, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x22, 0x9c, 0x02, 0x0a, 0x11, 0x55,
+	0x64, 0x70, 0x4c, 0x69, 0x73, 0x74, 0x65, 0x6e, 0x65, 0x72, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67,
+	0x12, 0x5f, 0x0a, 0x18, 0x64, 0x6f, 0x77, 0x6e, 0x73, 0x74, 0x72, 0x65, 0x61, 0x6d, 0x5f, 0x73,
+	0x6f, 0x63, 0x6b, 0x65, 0x74, 0x5f, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x18, 0x05, 0x20, 0x01,
+	0x28, 0x0b, 0x32, 0x25, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69,
+	0x67, 0x2e, 0x63, 0x6f, 0x72, 0x65, 0x2e, 0x76, 0x33, 0x2e, 0x55, 0x64, 0x70, 0x53, 0x6f, 0x63,
+	0x6b, 0x65, 0x74, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x52, 0x16, 0x64, 0x6f, 0x77, 0x6e, 0x73,
+	0x74, 0x72, 0x65, 0x61, 0x6d, 0x53, 0x6f, 0x63, 0x6b, 0x65, 0x74, 0x43, 0x6f, 0x6e, 0x66, 0x69,
+	0x67, 0x12, 0x50, 0x0a, 0x0c, 0x71, 0x75, 0x69, 0x63, 0x5f, 0x6f, 0x70, 0x74, 0x69, 0x6f, 0x6e,
+	0x73, 0x18, 0x07, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x2d, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e,
+	0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x6c, 0x69, 0x73, 0x74, 0x65, 0x6e, 0x65, 0x72, 0x2e,
+	0x76, 0x33, 0x2e, 0x51, 0x75, 0x69, 0x63, 0x50, 0x72, 0x6f, 0x74, 0x6f, 0x63, 0x6f, 0x6c, 0x4f,
+	0x70, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x52, 0x0b, 0x71, 0x75, 0x69, 0x63, 0x4f, 0x70, 0x74, 0x69,
+	0x6f, 0x6e, 0x73, 0x3a, 0x2e, 0x9a, 0xc5, 0x88, 0x1e, 0x29, 0x0a, 0x27, 0x65, 0x6e, 0x76, 0x6f,
+	0x79, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x76, 0x32, 0x2e, 0x6c, 0x69, 0x73, 0x74, 0x65, 0x6e, 0x65,
+	0x72, 0x2e, 0x55, 0x64, 0x70, 0x4c, 0x69, 0x73, 0x74, 0x65, 0x6e, 0x65, 0x72, 0x43, 0x6f, 0x6e,
+	0x66, 0x69, 0x67, 0x4a, 0x04, 0x08, 0x01, 0x10, 0x02, 0x4a, 0x04, 0x08, 0x02, 0x10, 0x03, 0x4a,
+	0x04, 0x08, 0x03, 0x10, 0x04, 0x4a, 0x04, 0x08, 0x04, 0x10, 0x05, 0x4a, 0x04, 0x08, 0x06, 0x10,
+	0x07, 0x52, 0x06, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x22, 0x55, 0x0a, 0x1a, 0x41, 0x63, 0x74,
+	0x69, 0x76, 0x65, 0x52, 0x61, 0x77, 0x55, 0x64, 0x70, 0x4c, 0x69, 0x73, 0x74, 0x65, 0x6e, 0x65,
+	0x72, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x3a, 0x37, 0x9a, 0xc5, 0x88, 0x1e, 0x32, 0x0a, 0x30,
+	0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x76, 0x32, 0x2e, 0x6c, 0x69, 0x73,
+	0x74, 0x65, 0x6e, 0x65, 0x72, 0x2e, 0x41, 0x63, 0x74, 0x69, 0x76, 0x65, 0x52, 0x61, 0x77, 0x55,
+	0x64, 0x70, 0x4c, 0x69, 0x73, 0x74, 0x65, 0x6e, 0x65, 0x72, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67,
+	0x42, 0x4a, 0x0a, 0x26, 0x69, 0x6f, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x70, 0x72, 0x6f, 0x78,
+	0x79, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x6c,
+	0x69, 0x73, 0x74, 0x65, 0x6e, 0x65, 0x72, 0x2e, 0x76, 0x33, 0x42, 0x16, 0x55, 0x64, 0x70, 0x4c,
+	0x69, 0x73, 0x74, 0x65, 0x6e, 0x65, 0x72, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x50, 0x72, 0x6f,
+	0x74, 0x6f, 0x50, 0x01, 0xba, 0x80, 0xc8, 0xd1, 0x06, 0x02, 0x10, 0x02, 0x62, 0x06, 0x70, 0x72,
+	0x6f, 0x74, 0x6f, 0x33,
+}
+
+var (
+	file_envoy_config_listener_v3_udp_listener_config_proto_rawDescOnce sync.Once
+	file_envoy_config_listener_v3_udp_listener_config_proto_rawDescData = file_envoy_config_listener_v3_udp_listener_config_proto_rawDesc
+)
+
+func file_envoy_config_listener_v3_udp_listener_config_proto_rawDescGZIP() []byte {
+	file_envoy_config_listener_v3_udp_listener_config_proto_rawDescOnce.Do(func() {
+		file_envoy_config_listener_v3_udp_listener_config_proto_rawDescData = protoimpl.X.CompressGZIP(file_envoy_config_listener_v3_udp_listener_config_proto_rawDescData)
+	})
+	return file_envoy_config_listener_v3_udp_listener_config_proto_rawDescData
+}
+
+var file_envoy_config_listener_v3_udp_listener_config_proto_msgTypes = make([]protoimpl.MessageInfo, 2)
+var file_envoy_config_listener_v3_udp_listener_config_proto_goTypes = []interface{}{
+	(*UdpListenerConfig)(nil),          // 0: envoy.config.listener.v3.UdpListenerConfig
+	(*ActiveRawUdpListenerConfig)(nil), // 1: envoy.config.listener.v3.ActiveRawUdpListenerConfig
+	(*v3.UdpSocketConfig)(nil),         // 2: envoy.config.core.v3.UdpSocketConfig
+	(*QuicProtocolOptions)(nil),        // 3: envoy.config.listener.v3.QuicProtocolOptions
+}
+var file_envoy_config_listener_v3_udp_listener_config_proto_depIdxs = []int32{
+	2, // 0: envoy.config.listener.v3.UdpListenerConfig.downstream_socket_config:type_name -> envoy.config.core.v3.UdpSocketConfig
+	3, // 1: envoy.config.listener.v3.UdpListenerConfig.quic_options:type_name -> envoy.config.listener.v3.QuicProtocolOptions
+	2, // [2:2] is the sub-list for method output_type
+	2, // [2:2] is the sub-list for method input_type
+	2, // [2:2] is the sub-list for extension type_name
+	2, // [2:2] is the sub-list for extension extendee
+	0, // [0:2] is the sub-list for field type_name
+}
+
+func init() { file_envoy_config_listener_v3_udp_listener_config_proto_init() }
+func file_envoy_config_listener_v3_udp_listener_config_proto_init() {
+	if File_envoy_config_listener_v3_udp_listener_config_proto != nil {
+		return
+	}
+	file_envoy_config_listener_v3_quic_config_proto_init()
+	if !protoimpl.UnsafeEnabled {
+		file_envoy_config_listener_v3_udp_listener_config_proto_msgTypes[0].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*UdpListenerConfig); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_config_listener_v3_udp_listener_config_proto_msgTypes[1].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*ActiveRawUdpListenerConfig); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+	}
+	type x struct{}
+	out := protoimpl.TypeBuilder{
+		File: protoimpl.DescBuilder{
+			GoPackagePath: reflect.TypeOf(x{}).PkgPath(),
+			RawDescriptor: file_envoy_config_listener_v3_udp_listener_config_proto_rawDesc,
+			NumEnums:      0,
+			NumMessages:   2,
+			NumExtensions: 0,
+			NumServices:   0,
+		},
+		GoTypes:           file_envoy_config_listener_v3_udp_listener_config_proto_goTypes,
+		DependencyIndexes: file_envoy_config_listener_v3_udp_listener_config_proto_depIdxs,
+		MessageInfos:      file_envoy_config_listener_v3_udp_listener_config_proto_msgTypes,
+	}.Build()
+	File_envoy_config_listener_v3_udp_listener_config_proto = out.File
+	file_envoy_config_listener_v3_udp_listener_config_proto_rawDesc = nil
+	file_envoy_config_listener_v3_udp_listener_config_proto_goTypes = nil
+	file_envoy_config_listener_v3_udp_listener_config_proto_depIdxs = nil
+}
diff --git a/vendor/github.com/envoyproxy/go-control-plane/envoy/config/listener/v3/udp_listener_config.pb.validate.go b/vendor/github.com/envoyproxy/go-control-plane/envoy/config/listener/v3/udp_listener_config.pb.validate.go
new file mode 100644
index 00000000000..be3d156bb4b
--- /dev/null
+++ b/vendor/github.com/envoyproxy/go-control-plane/envoy/config/listener/v3/udp_listener_config.pb.validate.go
@@ -0,0 +1,296 @@
+// Code generated by protoc-gen-validate. DO NOT EDIT.
+// source: envoy/config/listener/v3/udp_listener_config.proto
+
+package envoy_config_listener_v3
+
+import (
+	"bytes"
+	"errors"
+	"fmt"
+	"net"
+	"net/mail"
+	"net/url"
+	"regexp"
+	"sort"
+	"strings"
+	"time"
+	"unicode/utf8"
+
+	"google.golang.org/protobuf/types/known/anypb"
+)
+
+// ensure the imports are used
+var (
+	_ = bytes.MinRead
+	_ = errors.New("")
+	_ = fmt.Print
+	_ = utf8.UTFMax
+	_ = (*regexp.Regexp)(nil)
+	_ = (*strings.Reader)(nil)
+	_ = net.IPv4len
+	_ = time.Duration(0)
+	_ = (*url.URL)(nil)
+	_ = (*mail.Address)(nil)
+	_ = anypb.Any{}
+	_ = sort.Sort
+)
+
+// Validate checks the field values on UdpListenerConfig with the rules defined
+// in the proto definition for this message. If any rules are violated, the
+// first error encountered is returned, or nil if there are no violations.
+func (m *UdpListenerConfig) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on UdpListenerConfig with the rules
+// defined in the proto definition for this message. If any rules are
+// violated, the result is a list of violation errors wrapped in
+// UdpListenerConfigMultiError, or nil if none found.
+func (m *UdpListenerConfig) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *UdpListenerConfig) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	if all {
+		switch v := interface{}(m.GetDownstreamSocketConfig()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, UdpListenerConfigValidationError{
+					field:  "DownstreamSocketConfig",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, UdpListenerConfigValidationError{
+					field:  "DownstreamSocketConfig",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetDownstreamSocketConfig()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return UdpListenerConfigValidationError{
+				field:  "DownstreamSocketConfig",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if all {
+		switch v := interface{}(m.GetQuicOptions()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, UdpListenerConfigValidationError{
+					field:  "QuicOptions",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, UdpListenerConfigValidationError{
+					field:  "QuicOptions",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetQuicOptions()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return UdpListenerConfigValidationError{
+				field:  "QuicOptions",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if len(errors) > 0 {
+		return UdpListenerConfigMultiError(errors)
+	}
+	return nil
+}
+
+// UdpListenerConfigMultiError is an error wrapping multiple validation errors
+// returned by UdpListenerConfig.ValidateAll() if the designated constraints
+// aren't met.
+type UdpListenerConfigMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m UdpListenerConfigMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m UdpListenerConfigMultiError) AllErrors() []error { return m }
+
+// UdpListenerConfigValidationError is the validation error returned by
+// UdpListenerConfig.Validate if the designated constraints aren't met.
+type UdpListenerConfigValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e UdpListenerConfigValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e UdpListenerConfigValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e UdpListenerConfigValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e UdpListenerConfigValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e UdpListenerConfigValidationError) ErrorName() string {
+	return "UdpListenerConfigValidationError"
+}
+
+// Error satisfies the builtin error interface
+func (e UdpListenerConfigValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sUdpListenerConfig.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = UdpListenerConfigValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = UdpListenerConfigValidationError{}
+
+// Validate checks the field values on ActiveRawUdpListenerConfig with the
+// rules defined in the proto definition for this message. If any rules are
+// violated, the first error encountered is returned, or nil if there are no violations.
+func (m *ActiveRawUdpListenerConfig) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on ActiveRawUdpListenerConfig with the
+// rules defined in the proto definition for this message. If any rules are
+// violated, the result is a list of violation errors wrapped in
+// ActiveRawUdpListenerConfigMultiError, or nil if none found.
+func (m *ActiveRawUdpListenerConfig) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *ActiveRawUdpListenerConfig) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	if len(errors) > 0 {
+		return ActiveRawUdpListenerConfigMultiError(errors)
+	}
+	return nil
+}
+
+// ActiveRawUdpListenerConfigMultiError is an error wrapping multiple
+// validation errors returned by ActiveRawUdpListenerConfig.ValidateAll() if
+// the designated constraints aren't met.
+type ActiveRawUdpListenerConfigMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m ActiveRawUdpListenerConfigMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m ActiveRawUdpListenerConfigMultiError) AllErrors() []error { return m }
+
+// ActiveRawUdpListenerConfigValidationError is the validation error returned
+// by ActiveRawUdpListenerConfig.Validate if the designated constraints aren't met.
+type ActiveRawUdpListenerConfigValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e ActiveRawUdpListenerConfigValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e ActiveRawUdpListenerConfigValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e ActiveRawUdpListenerConfigValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e ActiveRawUdpListenerConfigValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e ActiveRawUdpListenerConfigValidationError) ErrorName() string {
+	return "ActiveRawUdpListenerConfigValidationError"
+}
+
+// Error satisfies the builtin error interface
+func (e ActiveRawUdpListenerConfigValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sActiveRawUdpListenerConfig.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = ActiveRawUdpListenerConfigValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = ActiveRawUdpListenerConfigValidationError{}
diff --git a/vendor/github.com/envoyproxy/go-control-plane/envoy/config/metrics/v3/metrics_service.pb.go b/vendor/github.com/envoyproxy/go-control-plane/envoy/config/metrics/v3/metrics_service.pb.go
new file mode 100644
index 00000000000..a518b89a06d
--- /dev/null
+++ b/vendor/github.com/envoyproxy/go-control-plane/envoy/config/metrics/v3/metrics_service.pb.go
@@ -0,0 +1,247 @@
+// Code generated by protoc-gen-go. DO NOT EDIT.
+// versions:
+// 	protoc-gen-go v1.25.0
+// 	protoc        v3.19.1
+// source: envoy/config/metrics/v3/metrics_service.proto
+
+package envoy_config_metrics_v3
+
+import (
+	_ "github.com/cncf/xds/go/udpa/annotations"
+	v3 "github.com/envoyproxy/go-control-plane/envoy/config/core/v3"
+	_ "github.com/envoyproxy/protoc-gen-validate/validate"
+	proto "github.com/golang/protobuf/proto"
+	wrappers "github.com/golang/protobuf/ptypes/wrappers"
+	protoreflect "google.golang.org/protobuf/reflect/protoreflect"
+	protoimpl "google.golang.org/protobuf/runtime/protoimpl"
+	reflect "reflect"
+	sync "sync"
+)
+
+const (
+	// Verify that this generated code is sufficiently up-to-date.
+	_ = protoimpl.EnforceVersion(20 - protoimpl.MinVersion)
+	// Verify that runtime/protoimpl is sufficiently up-to-date.
+	_ = protoimpl.EnforceVersion(protoimpl.MaxVersion - 20)
+)
+
+// This is a compile-time assertion that a sufficiently up-to-date version
+// of the legacy proto package is being used.
+const _ = proto.ProtoPackageIsVersion4
+
+// Metrics Service is configured as a built-in *envoy.stat_sinks.metrics_service* :ref:`StatsSink
+// <envoy_v3_api_msg_config.metrics.v3.StatsSink>`. This opaque configuration will be used to create
+// Metrics Service.
+//
+// Example:
+//
+// .. code-block:: yaml
+//
+//     stats_sinks:
+//       - name: envoy.stat_sinks.metrics_service
+//         typed_config:
+//           "@type": type.googleapis.com/envoy.config.metrics.v3.MetricsServiceConfig
+//           transport_api_version: V3
+//
+// [#extension: envoy.stat_sinks.metrics_service]
+type MetricsServiceConfig struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// The upstream gRPC cluster that hosts the metrics service.
+	GrpcService *v3.GrpcService `protobuf:"bytes,1,opt,name=grpc_service,json=grpcService,proto3" json:"grpc_service,omitempty"`
+	// API version for metric service transport protocol. This describes the metric service gRPC
+	// endpoint and version of messages used on the wire.
+	TransportApiVersion v3.ApiVersion `protobuf:"varint,3,opt,name=transport_api_version,json=transportApiVersion,proto3,enum=envoy.config.core.v3.ApiVersion" json:"transport_api_version,omitempty"`
+	// If true, counters are reported as the delta between flushing intervals. Otherwise, the current
+	// counter value is reported. Defaults to false.
+	// Eventually (https://github.com/envoyproxy/envoy/issues/10968) if this value is not set, the
+	// sink will take updates from the :ref:`MetricsResponse <envoy_v3_api_msg_service.metrics.v3.StreamMetricsResponse>`.
+	ReportCountersAsDeltas *wrappers.BoolValue `protobuf:"bytes,2,opt,name=report_counters_as_deltas,json=reportCountersAsDeltas,proto3" json:"report_counters_as_deltas,omitempty"`
+	// If true, metrics will have their tags emitted as labels on the metrics objects sent to the MetricsService,
+	// and the tag extracted name will be used instead of the full name, which may contain values used by the tag
+	// extractor or additional tags added during stats creation.
+	EmitTagsAsLabels bool `protobuf:"varint,4,opt,name=emit_tags_as_labels,json=emitTagsAsLabels,proto3" json:"emit_tags_as_labels,omitempty"`
+}
+
+func (x *MetricsServiceConfig) Reset() {
+	*x = MetricsServiceConfig{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_config_metrics_v3_metrics_service_proto_msgTypes[0]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *MetricsServiceConfig) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*MetricsServiceConfig) ProtoMessage() {}
+
+func (x *MetricsServiceConfig) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_config_metrics_v3_metrics_service_proto_msgTypes[0]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use MetricsServiceConfig.ProtoReflect.Descriptor instead.
+func (*MetricsServiceConfig) Descriptor() ([]byte, []int) {
+	return file_envoy_config_metrics_v3_metrics_service_proto_rawDescGZIP(), []int{0}
+}
+
+func (x *MetricsServiceConfig) GetGrpcService() *v3.GrpcService {
+	if x != nil {
+		return x.GrpcService
+	}
+	return nil
+}
+
+func (x *MetricsServiceConfig) GetTransportApiVersion() v3.ApiVersion {
+	if x != nil {
+		return x.TransportApiVersion
+	}
+	return v3.ApiVersion_AUTO
+}
+
+func (x *MetricsServiceConfig) GetReportCountersAsDeltas() *wrappers.BoolValue {
+	if x != nil {
+		return x.ReportCountersAsDeltas
+	}
+	return nil
+}
+
+func (x *MetricsServiceConfig) GetEmitTagsAsLabels() bool {
+	if x != nil {
+		return x.EmitTagsAsLabels
+	}
+	return false
+}
+
+var File_envoy_config_metrics_v3_metrics_service_proto protoreflect.FileDescriptor
+
+var file_envoy_config_metrics_v3_metrics_service_proto_rawDesc = []byte{
+	0x0a, 0x2d, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2f, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2f, 0x6d,
+	0x65, 0x74, 0x72, 0x69, 0x63, 0x73, 0x2f, 0x76, 0x33, 0x2f, 0x6d, 0x65, 0x74, 0x72, 0x69, 0x63,
+	0x73, 0x5f, 0x73, 0x65, 0x72, 0x76, 0x69, 0x63, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x12,
+	0x17, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x6d, 0x65,
+	0x74, 0x72, 0x69, 0x63, 0x73, 0x2e, 0x76, 0x33, 0x1a, 0x28, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2f,
+	0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2f, 0x63, 0x6f, 0x72, 0x65, 0x2f, 0x76, 0x33, 0x2f, 0x63,
+	0x6f, 0x6e, 0x66, 0x69, 0x67, 0x5f, 0x73, 0x6f, 0x75, 0x72, 0x63, 0x65, 0x2e, 0x70, 0x72, 0x6f,
+	0x74, 0x6f, 0x1a, 0x27, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2f, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67,
+	0x2f, 0x63, 0x6f, 0x72, 0x65, 0x2f, 0x76, 0x33, 0x2f, 0x67, 0x72, 0x70, 0x63, 0x5f, 0x73, 0x65,
+	0x72, 0x76, 0x69, 0x63, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x1e, 0x67, 0x6f, 0x6f,
+	0x67, 0x6c, 0x65, 0x2f, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2f, 0x77, 0x72, 0x61,
+	0x70, 0x70, 0x65, 0x72, 0x73, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x1d, 0x75, 0x64, 0x70,
+	0x61, 0x2f, 0x61, 0x6e, 0x6e, 0x6f, 0x74, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x2f, 0x73, 0x74,
+	0x61, 0x74, 0x75, 0x73, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x21, 0x75, 0x64, 0x70, 0x61,
+	0x2f, 0x61, 0x6e, 0x6e, 0x6f, 0x74, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x2f, 0x76, 0x65, 0x72,
+	0x73, 0x69, 0x6f, 0x6e, 0x69, 0x6e, 0x67, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x17, 0x76,
+	0x61, 0x6c, 0x69, 0x64, 0x61, 0x74, 0x65, 0x2f, 0x76, 0x61, 0x6c, 0x69, 0x64, 0x61, 0x74, 0x65,
+	0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x22, 0x81, 0x03, 0x0a, 0x14, 0x4d, 0x65, 0x74, 0x72, 0x69,
+	0x63, 0x73, 0x53, 0x65, 0x72, 0x76, 0x69, 0x63, 0x65, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x12,
+	0x4e, 0x0a, 0x0c, 0x67, 0x72, 0x70, 0x63, 0x5f, 0x73, 0x65, 0x72, 0x76, 0x69, 0x63, 0x65, 0x18,
+	0x01, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x21, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f,
+	0x6e, 0x66, 0x69, 0x67, 0x2e, 0x63, 0x6f, 0x72, 0x65, 0x2e, 0x76, 0x33, 0x2e, 0x47, 0x72, 0x70,
+	0x63, 0x53, 0x65, 0x72, 0x76, 0x69, 0x63, 0x65, 0x42, 0x08, 0xfa, 0x42, 0x05, 0x8a, 0x01, 0x02,
+	0x10, 0x01, 0x52, 0x0b, 0x67, 0x72, 0x70, 0x63, 0x53, 0x65, 0x72, 0x76, 0x69, 0x63, 0x65, 0x12,
+	0x5e, 0x0a, 0x15, 0x74, 0x72, 0x61, 0x6e, 0x73, 0x70, 0x6f, 0x72, 0x74, 0x5f, 0x61, 0x70, 0x69,
+	0x5f, 0x76, 0x65, 0x72, 0x73, 0x69, 0x6f, 0x6e, 0x18, 0x03, 0x20, 0x01, 0x28, 0x0e, 0x32, 0x20,
+	0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x63, 0x6f,
+	0x72, 0x65, 0x2e, 0x76, 0x33, 0x2e, 0x41, 0x70, 0x69, 0x56, 0x65, 0x72, 0x73, 0x69, 0x6f, 0x6e,
+	0x42, 0x08, 0xfa, 0x42, 0x05, 0x82, 0x01, 0x02, 0x10, 0x01, 0x52, 0x13, 0x74, 0x72, 0x61, 0x6e,
+	0x73, 0x70, 0x6f, 0x72, 0x74, 0x41, 0x70, 0x69, 0x56, 0x65, 0x72, 0x73, 0x69, 0x6f, 0x6e, 0x12,
+	0x55, 0x0a, 0x19, 0x72, 0x65, 0x70, 0x6f, 0x72, 0x74, 0x5f, 0x63, 0x6f, 0x75, 0x6e, 0x74, 0x65,
+	0x72, 0x73, 0x5f, 0x61, 0x73, 0x5f, 0x64, 0x65, 0x6c, 0x74, 0x61, 0x73, 0x18, 0x02, 0x20, 0x01,
+	0x28, 0x0b, 0x32, 0x1a, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74,
+	0x6f, 0x62, 0x75, 0x66, 0x2e, 0x42, 0x6f, 0x6f, 0x6c, 0x56, 0x61, 0x6c, 0x75, 0x65, 0x52, 0x16,
+	0x72, 0x65, 0x70, 0x6f, 0x72, 0x74, 0x43, 0x6f, 0x75, 0x6e, 0x74, 0x65, 0x72, 0x73, 0x41, 0x73,
+	0x44, 0x65, 0x6c, 0x74, 0x61, 0x73, 0x12, 0x2d, 0x0a, 0x13, 0x65, 0x6d, 0x69, 0x74, 0x5f, 0x74,
+	0x61, 0x67, 0x73, 0x5f, 0x61, 0x73, 0x5f, 0x6c, 0x61, 0x62, 0x65, 0x6c, 0x73, 0x18, 0x04, 0x20,
+	0x01, 0x28, 0x08, 0x52, 0x10, 0x65, 0x6d, 0x69, 0x74, 0x54, 0x61, 0x67, 0x73, 0x41, 0x73, 0x4c,
+	0x61, 0x62, 0x65, 0x6c, 0x73, 0x3a, 0x33, 0x9a, 0xc5, 0x88, 0x1e, 0x2e, 0x0a, 0x2c, 0x65, 0x6e,
+	0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x6d, 0x65, 0x74, 0x72, 0x69,
+	0x63, 0x73, 0x2e, 0x76, 0x32, 0x2e, 0x4d, 0x65, 0x74, 0x72, 0x69, 0x63, 0x73, 0x53, 0x65, 0x72,
+	0x76, 0x69, 0x63, 0x65, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x42, 0x46, 0x0a, 0x25, 0x69, 0x6f,
+	0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x70, 0x72, 0x6f, 0x78, 0x79, 0x2e, 0x65, 0x6e, 0x76, 0x6f,
+	0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x6d, 0x65, 0x74, 0x72, 0x69, 0x63, 0x73,
+	0x2e, 0x76, 0x33, 0x42, 0x13, 0x4d, 0x65, 0x74, 0x72, 0x69, 0x63, 0x73, 0x53, 0x65, 0x72, 0x76,
+	0x69, 0x63, 0x65, 0x50, 0x72, 0x6f, 0x74, 0x6f, 0x50, 0x01, 0xba, 0x80, 0xc8, 0xd1, 0x06, 0x02,
+	0x10, 0x02, 0x62, 0x06, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x33,
+}
+
+var (
+	file_envoy_config_metrics_v3_metrics_service_proto_rawDescOnce sync.Once
+	file_envoy_config_metrics_v3_metrics_service_proto_rawDescData = file_envoy_config_metrics_v3_metrics_service_proto_rawDesc
+)
+
+func file_envoy_config_metrics_v3_metrics_service_proto_rawDescGZIP() []byte {
+	file_envoy_config_metrics_v3_metrics_service_proto_rawDescOnce.Do(func() {
+		file_envoy_config_metrics_v3_metrics_service_proto_rawDescData = protoimpl.X.CompressGZIP(file_envoy_config_metrics_v3_metrics_service_proto_rawDescData)
+	})
+	return file_envoy_config_metrics_v3_metrics_service_proto_rawDescData
+}
+
+var file_envoy_config_metrics_v3_metrics_service_proto_msgTypes = make([]protoimpl.MessageInfo, 1)
+var file_envoy_config_metrics_v3_metrics_service_proto_goTypes = []interface{}{
+	(*MetricsServiceConfig)(nil), // 0: envoy.config.metrics.v3.MetricsServiceConfig
+	(*v3.GrpcService)(nil),       // 1: envoy.config.core.v3.GrpcService
+	(v3.ApiVersion)(0),           // 2: envoy.config.core.v3.ApiVersion
+	(*wrappers.BoolValue)(nil),   // 3: google.protobuf.BoolValue
+}
+var file_envoy_config_metrics_v3_metrics_service_proto_depIdxs = []int32{
+	1, // 0: envoy.config.metrics.v3.MetricsServiceConfig.grpc_service:type_name -> envoy.config.core.v3.GrpcService
+	2, // 1: envoy.config.metrics.v3.MetricsServiceConfig.transport_api_version:type_name -> envoy.config.core.v3.ApiVersion
+	3, // 2: envoy.config.metrics.v3.MetricsServiceConfig.report_counters_as_deltas:type_name -> google.protobuf.BoolValue
+	3, // [3:3] is the sub-list for method output_type
+	3, // [3:3] is the sub-list for method input_type
+	3, // [3:3] is the sub-list for extension type_name
+	3, // [3:3] is the sub-list for extension extendee
+	0, // [0:3] is the sub-list for field type_name
+}
+
+func init() { file_envoy_config_metrics_v3_metrics_service_proto_init() }
+func file_envoy_config_metrics_v3_metrics_service_proto_init() {
+	if File_envoy_config_metrics_v3_metrics_service_proto != nil {
+		return
+	}
+	if !protoimpl.UnsafeEnabled {
+		file_envoy_config_metrics_v3_metrics_service_proto_msgTypes[0].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*MetricsServiceConfig); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+	}
+	type x struct{}
+	out := protoimpl.TypeBuilder{
+		File: protoimpl.DescBuilder{
+			GoPackagePath: reflect.TypeOf(x{}).PkgPath(),
+			RawDescriptor: file_envoy_config_metrics_v3_metrics_service_proto_rawDesc,
+			NumEnums:      0,
+			NumMessages:   1,
+			NumExtensions: 0,
+			NumServices:   0,
+		},
+		GoTypes:           file_envoy_config_metrics_v3_metrics_service_proto_goTypes,
+		DependencyIndexes: file_envoy_config_metrics_v3_metrics_service_proto_depIdxs,
+		MessageInfos:      file_envoy_config_metrics_v3_metrics_service_proto_msgTypes,
+	}.Build()
+	File_envoy_config_metrics_v3_metrics_service_proto = out.File
+	file_envoy_config_metrics_v3_metrics_service_proto_rawDesc = nil
+	file_envoy_config_metrics_v3_metrics_service_proto_goTypes = nil
+	file_envoy_config_metrics_v3_metrics_service_proto_depIdxs = nil
+}
diff --git a/vendor/github.com/envoyproxy/go-control-plane/envoy/config/metrics/v3/metrics_service.pb.validate.go b/vendor/github.com/envoyproxy/go-control-plane/envoy/config/metrics/v3/metrics_service.pb.validate.go
new file mode 100644
index 00000000000..24b74b0c30f
--- /dev/null
+++ b/vendor/github.com/envoyproxy/go-control-plane/envoy/config/metrics/v3/metrics_service.pb.validate.go
@@ -0,0 +1,223 @@
+// Code generated by protoc-gen-validate. DO NOT EDIT.
+// source: envoy/config/metrics/v3/metrics_service.proto
+
+package envoy_config_metrics_v3
+
+import (
+	"bytes"
+	"errors"
+	"fmt"
+	"net"
+	"net/mail"
+	"net/url"
+	"regexp"
+	"sort"
+	"strings"
+	"time"
+	"unicode/utf8"
+
+	"google.golang.org/protobuf/types/known/anypb"
+
+	v3 "github.com/envoyproxy/go-control-plane/envoy/config/core/v3"
+)
+
+// ensure the imports are used
+var (
+	_ = bytes.MinRead
+	_ = errors.New("")
+	_ = fmt.Print
+	_ = utf8.UTFMax
+	_ = (*regexp.Regexp)(nil)
+	_ = (*strings.Reader)(nil)
+	_ = net.IPv4len
+	_ = time.Duration(0)
+	_ = (*url.URL)(nil)
+	_ = (*mail.Address)(nil)
+	_ = anypb.Any{}
+	_ = sort.Sort
+
+	_ = v3.ApiVersion(0)
+)
+
+// Validate checks the field values on MetricsServiceConfig with the rules
+// defined in the proto definition for this message. If any rules are
+// violated, the first error encountered is returned, or nil if there are no violations.
+func (m *MetricsServiceConfig) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on MetricsServiceConfig with the rules
+// defined in the proto definition for this message. If any rules are
+// violated, the result is a list of violation errors wrapped in
+// MetricsServiceConfigMultiError, or nil if none found.
+func (m *MetricsServiceConfig) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *MetricsServiceConfig) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	if m.GetGrpcService() == nil {
+		err := MetricsServiceConfigValidationError{
+			field:  "GrpcService",
+			reason: "value is required",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+	}
+
+	if all {
+		switch v := interface{}(m.GetGrpcService()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, MetricsServiceConfigValidationError{
+					field:  "GrpcService",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, MetricsServiceConfigValidationError{
+					field:  "GrpcService",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetGrpcService()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return MetricsServiceConfigValidationError{
+				field:  "GrpcService",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if _, ok := v3.ApiVersion_name[int32(m.GetTransportApiVersion())]; !ok {
+		err := MetricsServiceConfigValidationError{
+			field:  "TransportApiVersion",
+			reason: "value must be one of the defined enum values",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+	}
+
+	if all {
+		switch v := interface{}(m.GetReportCountersAsDeltas()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, MetricsServiceConfigValidationError{
+					field:  "ReportCountersAsDeltas",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, MetricsServiceConfigValidationError{
+					field:  "ReportCountersAsDeltas",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetReportCountersAsDeltas()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return MetricsServiceConfigValidationError{
+				field:  "ReportCountersAsDeltas",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	// no validation rules for EmitTagsAsLabels
+
+	if len(errors) > 0 {
+		return MetricsServiceConfigMultiError(errors)
+	}
+	return nil
+}
+
+// MetricsServiceConfigMultiError is an error wrapping multiple validation
+// errors returned by MetricsServiceConfig.ValidateAll() if the designated
+// constraints aren't met.
+type MetricsServiceConfigMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m MetricsServiceConfigMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m MetricsServiceConfigMultiError) AllErrors() []error { return m }
+
+// MetricsServiceConfigValidationError is the validation error returned by
+// MetricsServiceConfig.Validate if the designated constraints aren't met.
+type MetricsServiceConfigValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e MetricsServiceConfigValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e MetricsServiceConfigValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e MetricsServiceConfigValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e MetricsServiceConfigValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e MetricsServiceConfigValidationError) ErrorName() string {
+	return "MetricsServiceConfigValidationError"
+}
+
+// Error satisfies the builtin error interface
+func (e MetricsServiceConfigValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sMetricsServiceConfig.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = MetricsServiceConfigValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = MetricsServiceConfigValidationError{}
diff --git a/vendor/github.com/envoyproxy/go-control-plane/envoy/config/metrics/v3/stats.pb.go b/vendor/github.com/envoyproxy/go-control-plane/envoy/config/metrics/v3/stats.pb.go
new file mode 100644
index 00000000000..cebd9f4c7f9
--- /dev/null
+++ b/vendor/github.com/envoyproxy/go-control-plane/envoy/config/metrics/v3/stats.pb.go
@@ -0,0 +1,1174 @@
+// Code generated by protoc-gen-go. DO NOT EDIT.
+// versions:
+// 	protoc-gen-go v1.25.0
+// 	protoc        v3.19.1
+// source: envoy/config/metrics/v3/stats.proto
+
+package envoy_config_metrics_v3
+
+import (
+	_ "github.com/cncf/xds/go/udpa/annotations"
+	v31 "github.com/envoyproxy/go-control-plane/envoy/config/core/v3"
+	v3 "github.com/envoyproxy/go-control-plane/envoy/type/matcher/v3"
+	_ "github.com/envoyproxy/protoc-gen-validate/validate"
+	proto "github.com/golang/protobuf/proto"
+	any "github.com/golang/protobuf/ptypes/any"
+	wrappers "github.com/golang/protobuf/ptypes/wrappers"
+	protoreflect "google.golang.org/protobuf/reflect/protoreflect"
+	protoimpl "google.golang.org/protobuf/runtime/protoimpl"
+	reflect "reflect"
+	sync "sync"
+)
+
+const (
+	// Verify that this generated code is sufficiently up-to-date.
+	_ = protoimpl.EnforceVersion(20 - protoimpl.MinVersion)
+	// Verify that runtime/protoimpl is sufficiently up-to-date.
+	_ = protoimpl.EnforceVersion(protoimpl.MaxVersion - 20)
+)
+
+// This is a compile-time assertion that a sufficiently up-to-date version
+// of the legacy proto package is being used.
+const _ = proto.ProtoPackageIsVersion4
+
+// Configuration for pluggable stats sinks.
+type StatsSink struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// The name of the stats sink to instantiate. The name must match a supported
+	// stats sink.
+	// See the :ref:`extensions listed in typed_config below <extension_category_envoy.stats_sinks>` for the default list of available stats sink.
+	// Sinks optionally support tagged/multiple dimensional metrics.
+	Name string `protobuf:"bytes,1,opt,name=name,proto3" json:"name,omitempty"`
+	// Stats sink specific configuration which depends on the sink being instantiated. See
+	// :ref:`StatsdSink <envoy_v3_api_msg_config.metrics.v3.StatsdSink>` for an example.
+	// [#extension-category: envoy.stats_sinks]
+	//
+	// Types that are assignable to ConfigType:
+	//	*StatsSink_TypedConfig
+	ConfigType isStatsSink_ConfigType `protobuf_oneof:"config_type"`
+}
+
+func (x *StatsSink) Reset() {
+	*x = StatsSink{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_config_metrics_v3_stats_proto_msgTypes[0]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *StatsSink) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*StatsSink) ProtoMessage() {}
+
+func (x *StatsSink) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_config_metrics_v3_stats_proto_msgTypes[0]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use StatsSink.ProtoReflect.Descriptor instead.
+func (*StatsSink) Descriptor() ([]byte, []int) {
+	return file_envoy_config_metrics_v3_stats_proto_rawDescGZIP(), []int{0}
+}
+
+func (x *StatsSink) GetName() string {
+	if x != nil {
+		return x.Name
+	}
+	return ""
+}
+
+func (m *StatsSink) GetConfigType() isStatsSink_ConfigType {
+	if m != nil {
+		return m.ConfigType
+	}
+	return nil
+}
+
+func (x *StatsSink) GetTypedConfig() *any.Any {
+	if x, ok := x.GetConfigType().(*StatsSink_TypedConfig); ok {
+		return x.TypedConfig
+	}
+	return nil
+}
+
+type isStatsSink_ConfigType interface {
+	isStatsSink_ConfigType()
+}
+
+type StatsSink_TypedConfig struct {
+	TypedConfig *any.Any `protobuf:"bytes,3,opt,name=typed_config,json=typedConfig,proto3,oneof"`
+}
+
+func (*StatsSink_TypedConfig) isStatsSink_ConfigType() {}
+
+// Statistics configuration such as tagging.
+type StatsConfig struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// Each stat name is iteratively processed through these tag specifiers.
+	// When a tag is matched, the first capture group is removed from the name so
+	// later :ref:`TagSpecifiers <envoy_v3_api_msg_config.metrics.v3.TagSpecifier>` cannot match that
+	// same portion of the match.
+	StatsTags []*TagSpecifier `protobuf:"bytes,1,rep,name=stats_tags,json=statsTags,proto3" json:"stats_tags,omitempty"`
+	// Use all default tag regexes specified in Envoy. These can be combined with
+	// custom tags specified in :ref:`stats_tags
+	// <envoy_v3_api_field_config.metrics.v3.StatsConfig.stats_tags>`. They will be processed before
+	// the custom tags.
+	//
+	// .. note::
+	//
+	//   If any default tags are specified twice, the config will be considered
+	//   invalid.
+	//
+	// See :repo:`well_known_names.h <source/common/config/well_known_names.h>` for a list of the
+	// default tags in Envoy.
+	//
+	// If not provided, the value is assumed to be true.
+	UseAllDefaultTags *wrappers.BoolValue `protobuf:"bytes,2,opt,name=use_all_default_tags,json=useAllDefaultTags,proto3" json:"use_all_default_tags,omitempty"`
+	// Inclusion/exclusion matcher for stat name creation. If not provided, all stats are instantiated
+	// as normal. Preventing the instantiation of certain families of stats can improve memory
+	// performance for Envoys running especially large configs.
+	//
+	// .. warning::
+	//   Excluding stats may affect Envoy's behavior in undocumented ways. See
+	//   `issue #8771 <https://github.com/envoyproxy/envoy/issues/8771>`_ for more information.
+	//   If any unexpected behavior changes are observed, please open a new issue immediately.
+	StatsMatcher *StatsMatcher `protobuf:"bytes,3,opt,name=stats_matcher,json=statsMatcher,proto3" json:"stats_matcher,omitempty"`
+	// Defines rules for setting the histogram buckets. Rules are evaluated in order, and the first
+	// match is applied. If no match is found (or if no rules are set), the following default buckets
+	// are used:
+	//
+	//   .. code-block:: json
+	//
+	//     [
+	//       0.5,
+	//       1,
+	//       5,
+	//       10,
+	//       25,
+	//       50,
+	//       100,
+	//       250,
+	//       500,
+	//       1000,
+	//       2500,
+	//       5000,
+	//       10000,
+	//       30000,
+	//       60000,
+	//       300000,
+	//       600000,
+	//       1800000,
+	//       3600000
+	//     ]
+	HistogramBucketSettings []*HistogramBucketSettings `protobuf:"bytes,4,rep,name=histogram_bucket_settings,json=histogramBucketSettings,proto3" json:"histogram_bucket_settings,omitempty"`
+}
+
+func (x *StatsConfig) Reset() {
+	*x = StatsConfig{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_config_metrics_v3_stats_proto_msgTypes[1]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *StatsConfig) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*StatsConfig) ProtoMessage() {}
+
+func (x *StatsConfig) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_config_metrics_v3_stats_proto_msgTypes[1]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use StatsConfig.ProtoReflect.Descriptor instead.
+func (*StatsConfig) Descriptor() ([]byte, []int) {
+	return file_envoy_config_metrics_v3_stats_proto_rawDescGZIP(), []int{1}
+}
+
+func (x *StatsConfig) GetStatsTags() []*TagSpecifier {
+	if x != nil {
+		return x.StatsTags
+	}
+	return nil
+}
+
+func (x *StatsConfig) GetUseAllDefaultTags() *wrappers.BoolValue {
+	if x != nil {
+		return x.UseAllDefaultTags
+	}
+	return nil
+}
+
+func (x *StatsConfig) GetStatsMatcher() *StatsMatcher {
+	if x != nil {
+		return x.StatsMatcher
+	}
+	return nil
+}
+
+func (x *StatsConfig) GetHistogramBucketSettings() []*HistogramBucketSettings {
+	if x != nil {
+		return x.HistogramBucketSettings
+	}
+	return nil
+}
+
+// Configuration for disabling stat instantiation.
+type StatsMatcher struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// Types that are assignable to StatsMatcher:
+	//	*StatsMatcher_RejectAll
+	//	*StatsMatcher_ExclusionList
+	//	*StatsMatcher_InclusionList
+	StatsMatcher isStatsMatcher_StatsMatcher `protobuf_oneof:"stats_matcher"`
+}
+
+func (x *StatsMatcher) Reset() {
+	*x = StatsMatcher{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_config_metrics_v3_stats_proto_msgTypes[2]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *StatsMatcher) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*StatsMatcher) ProtoMessage() {}
+
+func (x *StatsMatcher) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_config_metrics_v3_stats_proto_msgTypes[2]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use StatsMatcher.ProtoReflect.Descriptor instead.
+func (*StatsMatcher) Descriptor() ([]byte, []int) {
+	return file_envoy_config_metrics_v3_stats_proto_rawDescGZIP(), []int{2}
+}
+
+func (m *StatsMatcher) GetStatsMatcher() isStatsMatcher_StatsMatcher {
+	if m != nil {
+		return m.StatsMatcher
+	}
+	return nil
+}
+
+func (x *StatsMatcher) GetRejectAll() bool {
+	if x, ok := x.GetStatsMatcher().(*StatsMatcher_RejectAll); ok {
+		return x.RejectAll
+	}
+	return false
+}
+
+func (x *StatsMatcher) GetExclusionList() *v3.ListStringMatcher {
+	if x, ok := x.GetStatsMatcher().(*StatsMatcher_ExclusionList); ok {
+		return x.ExclusionList
+	}
+	return nil
+}
+
+func (x *StatsMatcher) GetInclusionList() *v3.ListStringMatcher {
+	if x, ok := x.GetStatsMatcher().(*StatsMatcher_InclusionList); ok {
+		return x.InclusionList
+	}
+	return nil
+}
+
+type isStatsMatcher_StatsMatcher interface {
+	isStatsMatcher_StatsMatcher()
+}
+
+type StatsMatcher_RejectAll struct {
+	// If `reject_all` is true, then all stats are disabled. If `reject_all` is false, then all
+	// stats are enabled.
+	RejectAll bool `protobuf:"varint,1,opt,name=reject_all,json=rejectAll,proto3,oneof"`
+}
+
+type StatsMatcher_ExclusionList struct {
+	// Exclusive match. All stats are enabled except for those matching one of the supplied
+	// StringMatcher protos.
+	ExclusionList *v3.ListStringMatcher `protobuf:"bytes,2,opt,name=exclusion_list,json=exclusionList,proto3,oneof"`
+}
+
+type StatsMatcher_InclusionList struct {
+	// Inclusive match. No stats are enabled except for those matching one of the supplied
+	// StringMatcher protos.
+	InclusionList *v3.ListStringMatcher `protobuf:"bytes,3,opt,name=inclusion_list,json=inclusionList,proto3,oneof"`
+}
+
+func (*StatsMatcher_RejectAll) isStatsMatcher_StatsMatcher() {}
+
+func (*StatsMatcher_ExclusionList) isStatsMatcher_StatsMatcher() {}
+
+func (*StatsMatcher_InclusionList) isStatsMatcher_StatsMatcher() {}
+
+// Designates a tag name and value pair. The value may be either a fixed value
+// or a regex providing the value via capture groups. The specified tag will be
+// unconditionally set if a fixed value, otherwise it will only be set if one
+// or more capture groups in the regex match.
+type TagSpecifier struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// Attaches an identifier to the tag values to identify the tag being in the
+	// sink. Envoy has a set of default names and regexes to extract dynamic
+	// portions of existing stats, which can be found in :repo:`well_known_names.h
+	// <source/common/config/well_known_names.h>` in the Envoy repository. If a :ref:`tag_name
+	// <envoy_v3_api_field_config.metrics.v3.TagSpecifier.tag_name>` is provided in the config and
+	// neither :ref:`regex <envoy_v3_api_field_config.metrics.v3.TagSpecifier.regex>` or
+	// :ref:`fixed_value <envoy_v3_api_field_config.metrics.v3.TagSpecifier.fixed_value>` were specified,
+	// Envoy will attempt to find that name in its set of defaults and use the accompanying regex.
+	//
+	// .. note::
+	//
+	//   It is invalid to specify the same tag name twice in a config.
+	TagName string `protobuf:"bytes,1,opt,name=tag_name,json=tagName,proto3" json:"tag_name,omitempty"`
+	// Types that are assignable to TagValue:
+	//	*TagSpecifier_Regex
+	//	*TagSpecifier_FixedValue
+	TagValue isTagSpecifier_TagValue `protobuf_oneof:"tag_value"`
+}
+
+func (x *TagSpecifier) Reset() {
+	*x = TagSpecifier{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_config_metrics_v3_stats_proto_msgTypes[3]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *TagSpecifier) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*TagSpecifier) ProtoMessage() {}
+
+func (x *TagSpecifier) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_config_metrics_v3_stats_proto_msgTypes[3]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use TagSpecifier.ProtoReflect.Descriptor instead.
+func (*TagSpecifier) Descriptor() ([]byte, []int) {
+	return file_envoy_config_metrics_v3_stats_proto_rawDescGZIP(), []int{3}
+}
+
+func (x *TagSpecifier) GetTagName() string {
+	if x != nil {
+		return x.TagName
+	}
+	return ""
+}
+
+func (m *TagSpecifier) GetTagValue() isTagSpecifier_TagValue {
+	if m != nil {
+		return m.TagValue
+	}
+	return nil
+}
+
+func (x *TagSpecifier) GetRegex() string {
+	if x, ok := x.GetTagValue().(*TagSpecifier_Regex); ok {
+		return x.Regex
+	}
+	return ""
+}
+
+func (x *TagSpecifier) GetFixedValue() string {
+	if x, ok := x.GetTagValue().(*TagSpecifier_FixedValue); ok {
+		return x.FixedValue
+	}
+	return ""
+}
+
+type isTagSpecifier_TagValue interface {
+	isTagSpecifier_TagValue()
+}
+
+type TagSpecifier_Regex struct {
+	// Designates a tag to strip from the tag extracted name and provide as a named
+	// tag value for all statistics. This will only occur if any part of the name
+	// matches the regex provided with one or more capture groups.
+	//
+	// The first capture group identifies the portion of the name to remove. The
+	// second capture group (which will normally be nested inside the first) will
+	// designate the value of the tag for the statistic. If no second capture
+	// group is provided, the first will also be used to set the value of the tag.
+	// All other capture groups will be ignored.
+	//
+	// Example 1. a stat name ``cluster.foo_cluster.upstream_rq_timeout`` and
+	// one tag specifier:
+	//
+	// .. code-block:: json
+	//
+	//   {
+	//     "tag_name": "envoy.cluster_name",
+	//     "regex": "^cluster\\.((.+?)\\.)"
+	//   }
+	//
+	// Note that the regex will remove ``foo_cluster.`` making the tag extracted
+	// name ``cluster.upstream_rq_timeout`` and the tag value for
+	// ``envoy.cluster_name`` will be ``foo_cluster`` (note: there will be no
+	// ``.`` character because of the second capture group).
+	//
+	// Example 2. a stat name
+	// ``http.connection_manager_1.user_agent.ios.downstream_cx_total`` and two
+	// tag specifiers:
+	//
+	// .. code-block:: json
+	//
+	//   [
+	//     {
+	//       "tag_name": "envoy.http_user_agent",
+	//       "regex": "^http(?=\\.).*?\\.user_agent\\.((.+?)\\.)\\w+?$"
+	//     },
+	//     {
+	//       "tag_name": "envoy.http_conn_manager_prefix",
+	//       "regex": "^http\\.((.*?)\\.)"
+	//     }
+	//   ]
+	//
+	// The two regexes of the specifiers will be processed in the definition order.
+	//
+	// The first regex will remove ``ios.``, leaving the tag extracted name
+	// ``http.connection_manager_1.user_agent.downstream_cx_total``. The tag
+	// ``envoy.http_user_agent`` will be added with tag value ``ios``.
+	//
+	// The second regex will remove ``connection_manager_1.`` from the tag
+	// extracted name produced by the first regex
+	// ``http.connection_manager_1.user_agent.downstream_cx_total``, leaving
+	// ``http.user_agent.downstream_cx_total`` as the tag extracted name. The tag
+	// ``envoy.http_conn_manager_prefix`` will be added with the tag value
+	// ``connection_manager_1``.
+	Regex string `protobuf:"bytes,2,opt,name=regex,proto3,oneof"`
+}
+
+type TagSpecifier_FixedValue struct {
+	// Specifies a fixed tag value for the ``tag_name``.
+	FixedValue string `protobuf:"bytes,3,opt,name=fixed_value,json=fixedValue,proto3,oneof"`
+}
+
+func (*TagSpecifier_Regex) isTagSpecifier_TagValue() {}
+
+func (*TagSpecifier_FixedValue) isTagSpecifier_TagValue() {}
+
+// Specifies a matcher for stats and the buckets that matching stats should use.
+type HistogramBucketSettings struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// The stats that this rule applies to. The match is applied to the original stat name
+	// before tag-extraction, for example `cluster.exampleclustername.upstream_cx_length_ms`.
+	Match *v3.StringMatcher `protobuf:"bytes,1,opt,name=match,proto3" json:"match,omitempty"`
+	// Each value is the upper bound of a bucket. Each bucket must be greater than 0 and unique.
+	// The order of the buckets does not matter.
+	Buckets []float64 `protobuf:"fixed64,2,rep,packed,name=buckets,proto3" json:"buckets,omitempty"`
+}
+
+func (x *HistogramBucketSettings) Reset() {
+	*x = HistogramBucketSettings{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_config_metrics_v3_stats_proto_msgTypes[4]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *HistogramBucketSettings) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*HistogramBucketSettings) ProtoMessage() {}
+
+func (x *HistogramBucketSettings) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_config_metrics_v3_stats_proto_msgTypes[4]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use HistogramBucketSettings.ProtoReflect.Descriptor instead.
+func (*HistogramBucketSettings) Descriptor() ([]byte, []int) {
+	return file_envoy_config_metrics_v3_stats_proto_rawDescGZIP(), []int{4}
+}
+
+func (x *HistogramBucketSettings) GetMatch() *v3.StringMatcher {
+	if x != nil {
+		return x.Match
+	}
+	return nil
+}
+
+func (x *HistogramBucketSettings) GetBuckets() []float64 {
+	if x != nil {
+		return x.Buckets
+	}
+	return nil
+}
+
+// Stats configuration proto schema for built-in *envoy.stat_sinks.statsd* sink. This sink does not support
+// tagged metrics.
+// [#extension: envoy.stat_sinks.statsd]
+type StatsdSink struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// Types that are assignable to StatsdSpecifier:
+	//	*StatsdSink_Address
+	//	*StatsdSink_TcpClusterName
+	StatsdSpecifier isStatsdSink_StatsdSpecifier `protobuf_oneof:"statsd_specifier"`
+	// Optional custom prefix for StatsdSink. If
+	// specified, this will override the default prefix.
+	// For example:
+	//
+	// .. code-block:: json
+	//
+	//   {
+	//     "prefix" : "envoy-prod"
+	//   }
+	//
+	// will change emitted stats to
+	//
+	// .. code-block:: cpp
+	//
+	//   envoy-prod.test_counter:1|c
+	//   envoy-prod.test_timer:5|ms
+	//
+	// Note that the default prefix, "envoy", will be used if a prefix is not
+	// specified.
+	//
+	// Stats with default prefix:
+	//
+	// .. code-block:: cpp
+	//
+	//   envoy.test_counter:1|c
+	//   envoy.test_timer:5|ms
+	Prefix string `protobuf:"bytes,3,opt,name=prefix,proto3" json:"prefix,omitempty"`
+}
+
+func (x *StatsdSink) Reset() {
+	*x = StatsdSink{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_config_metrics_v3_stats_proto_msgTypes[5]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *StatsdSink) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*StatsdSink) ProtoMessage() {}
+
+func (x *StatsdSink) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_config_metrics_v3_stats_proto_msgTypes[5]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use StatsdSink.ProtoReflect.Descriptor instead.
+func (*StatsdSink) Descriptor() ([]byte, []int) {
+	return file_envoy_config_metrics_v3_stats_proto_rawDescGZIP(), []int{5}
+}
+
+func (m *StatsdSink) GetStatsdSpecifier() isStatsdSink_StatsdSpecifier {
+	if m != nil {
+		return m.StatsdSpecifier
+	}
+	return nil
+}
+
+func (x *StatsdSink) GetAddress() *v31.Address {
+	if x, ok := x.GetStatsdSpecifier().(*StatsdSink_Address); ok {
+		return x.Address
+	}
+	return nil
+}
+
+func (x *StatsdSink) GetTcpClusterName() string {
+	if x, ok := x.GetStatsdSpecifier().(*StatsdSink_TcpClusterName); ok {
+		return x.TcpClusterName
+	}
+	return ""
+}
+
+func (x *StatsdSink) GetPrefix() string {
+	if x != nil {
+		return x.Prefix
+	}
+	return ""
+}
+
+type isStatsdSink_StatsdSpecifier interface {
+	isStatsdSink_StatsdSpecifier()
+}
+
+type StatsdSink_Address struct {
+	// The UDP address of a running `statsd <https://github.com/etsy/statsd>`_
+	// compliant listener. If specified, statistics will be flushed to this
+	// address.
+	Address *v31.Address `protobuf:"bytes,1,opt,name=address,proto3,oneof"`
+}
+
+type StatsdSink_TcpClusterName struct {
+	// The name of a cluster that is running a TCP `statsd
+	// <https://github.com/etsy/statsd>`_ compliant listener. If specified,
+	// Envoy will connect to this cluster to flush statistics.
+	TcpClusterName string `protobuf:"bytes,2,opt,name=tcp_cluster_name,json=tcpClusterName,proto3,oneof"`
+}
+
+func (*StatsdSink_Address) isStatsdSink_StatsdSpecifier() {}
+
+func (*StatsdSink_TcpClusterName) isStatsdSink_StatsdSpecifier() {}
+
+// Stats configuration proto schema for built-in *envoy.stat_sinks.dog_statsd* sink.
+// The sink emits stats with `DogStatsD <https://docs.datadoghq.com/guides/dogstatsd/>`_
+// compatible tags. Tags are configurable via :ref:`StatsConfig
+// <envoy_v3_api_msg_config.metrics.v3.StatsConfig>`.
+// [#extension: envoy.stat_sinks.dog_statsd]
+type DogStatsdSink struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// Types that are assignable to DogStatsdSpecifier:
+	//	*DogStatsdSink_Address
+	DogStatsdSpecifier isDogStatsdSink_DogStatsdSpecifier `protobuf_oneof:"dog_statsd_specifier"`
+	// Optional custom metric name prefix. See :ref:`StatsdSink's prefix field
+	// <envoy_v3_api_field_config.metrics.v3.StatsdSink.prefix>` for more details.
+	Prefix string `protobuf:"bytes,3,opt,name=prefix,proto3" json:"prefix,omitempty"`
+	// Optional max datagram size to use when sending UDP messages. By default Envoy
+	// will emit one metric per datagram. By specifying a max-size larger than a single
+	// metric, Envoy will emit multiple, new-line separated metrics. The max datagram
+	// size should not exceed your network's MTU.
+	//
+	// Note that this value may not be respected if smaller than a single metric.
+	MaxBytesPerDatagram *wrappers.UInt64Value `protobuf:"bytes,4,opt,name=max_bytes_per_datagram,json=maxBytesPerDatagram,proto3" json:"max_bytes_per_datagram,omitempty"`
+}
+
+func (x *DogStatsdSink) Reset() {
+	*x = DogStatsdSink{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_config_metrics_v3_stats_proto_msgTypes[6]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *DogStatsdSink) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*DogStatsdSink) ProtoMessage() {}
+
+func (x *DogStatsdSink) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_config_metrics_v3_stats_proto_msgTypes[6]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use DogStatsdSink.ProtoReflect.Descriptor instead.
+func (*DogStatsdSink) Descriptor() ([]byte, []int) {
+	return file_envoy_config_metrics_v3_stats_proto_rawDescGZIP(), []int{6}
+}
+
+func (m *DogStatsdSink) GetDogStatsdSpecifier() isDogStatsdSink_DogStatsdSpecifier {
+	if m != nil {
+		return m.DogStatsdSpecifier
+	}
+	return nil
+}
+
+func (x *DogStatsdSink) GetAddress() *v31.Address {
+	if x, ok := x.GetDogStatsdSpecifier().(*DogStatsdSink_Address); ok {
+		return x.Address
+	}
+	return nil
+}
+
+func (x *DogStatsdSink) GetPrefix() string {
+	if x != nil {
+		return x.Prefix
+	}
+	return ""
+}
+
+func (x *DogStatsdSink) GetMaxBytesPerDatagram() *wrappers.UInt64Value {
+	if x != nil {
+		return x.MaxBytesPerDatagram
+	}
+	return nil
+}
+
+type isDogStatsdSink_DogStatsdSpecifier interface {
+	isDogStatsdSink_DogStatsdSpecifier()
+}
+
+type DogStatsdSink_Address struct {
+	// The UDP address of a running DogStatsD compliant listener. If specified,
+	// statistics will be flushed to this address.
+	Address *v31.Address `protobuf:"bytes,1,opt,name=address,proto3,oneof"`
+}
+
+func (*DogStatsdSink_Address) isDogStatsdSink_DogStatsdSpecifier() {}
+
+// Stats configuration proto schema for built-in *envoy.stat_sinks.hystrix* sink.
+// The sink emits stats in `text/event-stream
+// <https://developer.mozilla.org/en-US/docs/Web/API/Server-sent_events/Using_server-sent_events>`_
+// formatted stream for use by `Hystrix dashboard
+// <https://github.com/Netflix-Skunkworks/hystrix-dashboard/wiki>`_.
+//
+// Note that only a single HystrixSink should be configured.
+//
+// Streaming is started through an admin endpoint :http:get:`/hystrix_event_stream`.
+// [#extension: envoy.stat_sinks.hystrix]
+type HystrixSink struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// The number of buckets the rolling statistical window is divided into.
+	//
+	// Each time the sink is flushed, all relevant Envoy statistics are sampled and
+	// added to the rolling window (removing the oldest samples in the window
+	// in the process). The sink then outputs the aggregate statistics across the
+	// current rolling window to the event stream(s).
+	//
+	// rolling_window(ms) = stats_flush_interval(ms) * num_of_buckets
+	//
+	// More detailed explanation can be found in `Hystrix wiki
+	// <https://github.com/Netflix/Hystrix/wiki/Metrics-and-Monitoring#hystrixrollingnumber>`_.
+	NumBuckets int64 `protobuf:"varint,1,opt,name=num_buckets,json=numBuckets,proto3" json:"num_buckets,omitempty"`
+}
+
+func (x *HystrixSink) Reset() {
+	*x = HystrixSink{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_config_metrics_v3_stats_proto_msgTypes[7]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *HystrixSink) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*HystrixSink) ProtoMessage() {}
+
+func (x *HystrixSink) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_config_metrics_v3_stats_proto_msgTypes[7]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use HystrixSink.ProtoReflect.Descriptor instead.
+func (*HystrixSink) Descriptor() ([]byte, []int) {
+	return file_envoy_config_metrics_v3_stats_proto_rawDescGZIP(), []int{7}
+}
+
+func (x *HystrixSink) GetNumBuckets() int64 {
+	if x != nil {
+		return x.NumBuckets
+	}
+	return 0
+}
+
+var File_envoy_config_metrics_v3_stats_proto protoreflect.FileDescriptor
+
+var file_envoy_config_metrics_v3_stats_proto_rawDesc = []byte{
+	0x0a, 0x23, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2f, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2f, 0x6d,
+	0x65, 0x74, 0x72, 0x69, 0x63, 0x73, 0x2f, 0x76, 0x33, 0x2f, 0x73, 0x74, 0x61, 0x74, 0x73, 0x2e,
+	0x70, 0x72, 0x6f, 0x74, 0x6f, 0x12, 0x17, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e,
+	0x66, 0x69, 0x67, 0x2e, 0x6d, 0x65, 0x74, 0x72, 0x69, 0x63, 0x73, 0x2e, 0x76, 0x33, 0x1a, 0x22,
+	0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2f, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2f, 0x63, 0x6f, 0x72,
+	0x65, 0x2f, 0x76, 0x33, 0x2f, 0x61, 0x64, 0x64, 0x72, 0x65, 0x73, 0x73, 0x2e, 0x70, 0x72, 0x6f,
+	0x74, 0x6f, 0x1a, 0x22, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2f, 0x74, 0x79, 0x70, 0x65, 0x2f, 0x6d,
+	0x61, 0x74, 0x63, 0x68, 0x65, 0x72, 0x2f, 0x76, 0x33, 0x2f, 0x73, 0x74, 0x72, 0x69, 0x6e, 0x67,
+	0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x19, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2f, 0x70,
+	0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2f, 0x61, 0x6e, 0x79, 0x2e, 0x70, 0x72, 0x6f, 0x74,
+	0x6f, 0x1a, 0x1e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2f, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62,
+	0x75, 0x66, 0x2f, 0x77, 0x72, 0x61, 0x70, 0x70, 0x65, 0x72, 0x73, 0x2e, 0x70, 0x72, 0x6f, 0x74,
+	0x6f, 0x1a, 0x1d, 0x75, 0x64, 0x70, 0x61, 0x2f, 0x61, 0x6e, 0x6e, 0x6f, 0x74, 0x61, 0x74, 0x69,
+	0x6f, 0x6e, 0x73, 0x2f, 0x73, 0x74, 0x61, 0x74, 0x75, 0x73, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f,
+	0x1a, 0x21, 0x75, 0x64, 0x70, 0x61, 0x2f, 0x61, 0x6e, 0x6e, 0x6f, 0x74, 0x61, 0x74, 0x69, 0x6f,
+	0x6e, 0x73, 0x2f, 0x76, 0x65, 0x72, 0x73, 0x69, 0x6f, 0x6e, 0x69, 0x6e, 0x67, 0x2e, 0x70, 0x72,
+	0x6f, 0x74, 0x6f, 0x1a, 0x17, 0x76, 0x61, 0x6c, 0x69, 0x64, 0x61, 0x74, 0x65, 0x2f, 0x76, 0x61,
+	0x6c, 0x69, 0x64, 0x61, 0x74, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x22, 0xa1, 0x01, 0x0a,
+	0x09, 0x53, 0x74, 0x61, 0x74, 0x73, 0x53, 0x69, 0x6e, 0x6b, 0x12, 0x12, 0x0a, 0x04, 0x6e, 0x61,
+	0x6d, 0x65, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x04, 0x6e, 0x61, 0x6d, 0x65, 0x12, 0x39,
+	0x0a, 0x0c, 0x74, 0x79, 0x70, 0x65, 0x64, 0x5f, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x18, 0x03,
+	0x20, 0x01, 0x28, 0x0b, 0x32, 0x14, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72,
+	0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x41, 0x6e, 0x79, 0x48, 0x00, 0x52, 0x0b, 0x74, 0x79,
+	0x70, 0x65, 0x64, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x3a, 0x28, 0x9a, 0xc5, 0x88, 0x1e, 0x23,
+	0x0a, 0x21, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x6d,
+	0x65, 0x74, 0x72, 0x69, 0x63, 0x73, 0x2e, 0x76, 0x32, 0x2e, 0x53, 0x74, 0x61, 0x74, 0x73, 0x53,
+	0x69, 0x6e, 0x6b, 0x42, 0x0d, 0x0a, 0x0b, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x5f, 0x74, 0x79,
+	0x70, 0x65, 0x4a, 0x04, 0x08, 0x02, 0x10, 0x03, 0x52, 0x06, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67,
+	0x22, 0x86, 0x03, 0x0a, 0x0b, 0x53, 0x74, 0x61, 0x74, 0x73, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67,
+	0x12, 0x44, 0x0a, 0x0a, 0x73, 0x74, 0x61, 0x74, 0x73, 0x5f, 0x74, 0x61, 0x67, 0x73, 0x18, 0x01,
+	0x20, 0x03, 0x28, 0x0b, 0x32, 0x25, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e,
+	0x66, 0x69, 0x67, 0x2e, 0x6d, 0x65, 0x74, 0x72, 0x69, 0x63, 0x73, 0x2e, 0x76, 0x33, 0x2e, 0x54,
+	0x61, 0x67, 0x53, 0x70, 0x65, 0x63, 0x69, 0x66, 0x69, 0x65, 0x72, 0x52, 0x09, 0x73, 0x74, 0x61,
+	0x74, 0x73, 0x54, 0x61, 0x67, 0x73, 0x12, 0x4b, 0x0a, 0x14, 0x75, 0x73, 0x65, 0x5f, 0x61, 0x6c,
+	0x6c, 0x5f, 0x64, 0x65, 0x66, 0x61, 0x75, 0x6c, 0x74, 0x5f, 0x74, 0x61, 0x67, 0x73, 0x18, 0x02,
+	0x20, 0x01, 0x28, 0x0b, 0x32, 0x1a, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72,
+	0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x42, 0x6f, 0x6f, 0x6c, 0x56, 0x61, 0x6c, 0x75, 0x65,
+	0x52, 0x11, 0x75, 0x73, 0x65, 0x41, 0x6c, 0x6c, 0x44, 0x65, 0x66, 0x61, 0x75, 0x6c, 0x74, 0x54,
+	0x61, 0x67, 0x73, 0x12, 0x4a, 0x0a, 0x0d, 0x73, 0x74, 0x61, 0x74, 0x73, 0x5f, 0x6d, 0x61, 0x74,
+	0x63, 0x68, 0x65, 0x72, 0x18, 0x03, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x25, 0x2e, 0x65, 0x6e, 0x76,
+	0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x6d, 0x65, 0x74, 0x72, 0x69, 0x63,
+	0x73, 0x2e, 0x76, 0x33, 0x2e, 0x53, 0x74, 0x61, 0x74, 0x73, 0x4d, 0x61, 0x74, 0x63, 0x68, 0x65,
+	0x72, 0x52, 0x0c, 0x73, 0x74, 0x61, 0x74, 0x73, 0x4d, 0x61, 0x74, 0x63, 0x68, 0x65, 0x72, 0x12,
+	0x6c, 0x0a, 0x19, 0x68, 0x69, 0x73, 0x74, 0x6f, 0x67, 0x72, 0x61, 0x6d, 0x5f, 0x62, 0x75, 0x63,
+	0x6b, 0x65, 0x74, 0x5f, 0x73, 0x65, 0x74, 0x74, 0x69, 0x6e, 0x67, 0x73, 0x18, 0x04, 0x20, 0x03,
+	0x28, 0x0b, 0x32, 0x30, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69,
+	0x67, 0x2e, 0x6d, 0x65, 0x74, 0x72, 0x69, 0x63, 0x73, 0x2e, 0x76, 0x33, 0x2e, 0x48, 0x69, 0x73,
+	0x74, 0x6f, 0x67, 0x72, 0x61, 0x6d, 0x42, 0x75, 0x63, 0x6b, 0x65, 0x74, 0x53, 0x65, 0x74, 0x74,
+	0x69, 0x6e, 0x67, 0x73, 0x52, 0x17, 0x68, 0x69, 0x73, 0x74, 0x6f, 0x67, 0x72, 0x61, 0x6d, 0x42,
+	0x75, 0x63, 0x6b, 0x65, 0x74, 0x53, 0x65, 0x74, 0x74, 0x69, 0x6e, 0x67, 0x73, 0x3a, 0x2a, 0x9a,
+	0xc5, 0x88, 0x1e, 0x25, 0x0a, 0x23, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66,
+	0x69, 0x67, 0x2e, 0x6d, 0x65, 0x74, 0x72, 0x69, 0x63, 0x73, 0x2e, 0x76, 0x32, 0x2e, 0x53, 0x74,
+	0x61, 0x74, 0x73, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x22, 0x98, 0x02, 0x0a, 0x0c, 0x53, 0x74,
+	0x61, 0x74, 0x73, 0x4d, 0x61, 0x74, 0x63, 0x68, 0x65, 0x72, 0x12, 0x1f, 0x0a, 0x0a, 0x72, 0x65,
+	0x6a, 0x65, 0x63, 0x74, 0x5f, 0x61, 0x6c, 0x6c, 0x18, 0x01, 0x20, 0x01, 0x28, 0x08, 0x48, 0x00,
+	0x52, 0x09, 0x72, 0x65, 0x6a, 0x65, 0x63, 0x74, 0x41, 0x6c, 0x6c, 0x12, 0x51, 0x0a, 0x0e, 0x65,
+	0x78, 0x63, 0x6c, 0x75, 0x73, 0x69, 0x6f, 0x6e, 0x5f, 0x6c, 0x69, 0x73, 0x74, 0x18, 0x02, 0x20,
+	0x01, 0x28, 0x0b, 0x32, 0x28, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x74, 0x79, 0x70, 0x65,
+	0x2e, 0x6d, 0x61, 0x74, 0x63, 0x68, 0x65, 0x72, 0x2e, 0x76, 0x33, 0x2e, 0x4c, 0x69, 0x73, 0x74,
+	0x53, 0x74, 0x72, 0x69, 0x6e, 0x67, 0x4d, 0x61, 0x74, 0x63, 0x68, 0x65, 0x72, 0x48, 0x00, 0x52,
+	0x0d, 0x65, 0x78, 0x63, 0x6c, 0x75, 0x73, 0x69, 0x6f, 0x6e, 0x4c, 0x69, 0x73, 0x74, 0x12, 0x51,
+	0x0a, 0x0e, 0x69, 0x6e, 0x63, 0x6c, 0x75, 0x73, 0x69, 0x6f, 0x6e, 0x5f, 0x6c, 0x69, 0x73, 0x74,
+	0x18, 0x03, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x28, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x74,
+	0x79, 0x70, 0x65, 0x2e, 0x6d, 0x61, 0x74, 0x63, 0x68, 0x65, 0x72, 0x2e, 0x76, 0x33, 0x2e, 0x4c,
+	0x69, 0x73, 0x74, 0x53, 0x74, 0x72, 0x69, 0x6e, 0x67, 0x4d, 0x61, 0x74, 0x63, 0x68, 0x65, 0x72,
+	0x48, 0x00, 0x52, 0x0d, 0x69, 0x6e, 0x63, 0x6c, 0x75, 0x73, 0x69, 0x6f, 0x6e, 0x4c, 0x69, 0x73,
+	0x74, 0x3a, 0x2b, 0x9a, 0xc5, 0x88, 0x1e, 0x26, 0x0a, 0x24, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e,
+	0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x6d, 0x65, 0x74, 0x72, 0x69, 0x63, 0x73, 0x2e, 0x76,
+	0x32, 0x2e, 0x53, 0x74, 0x61, 0x74, 0x73, 0x4d, 0x61, 0x74, 0x63, 0x68, 0x65, 0x72, 0x42, 0x14,
+	0x0a, 0x0d, 0x73, 0x74, 0x61, 0x74, 0x73, 0x5f, 0x6d, 0x61, 0x74, 0x63, 0x68, 0x65, 0x72, 0x12,
+	0x03, 0xf8, 0x42, 0x01, 0x22, 0xa8, 0x01, 0x0a, 0x0c, 0x54, 0x61, 0x67, 0x53, 0x70, 0x65, 0x63,
+	0x69, 0x66, 0x69, 0x65, 0x72, 0x12, 0x19, 0x0a, 0x08, 0x74, 0x61, 0x67, 0x5f, 0x6e, 0x61, 0x6d,
+	0x65, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x07, 0x74, 0x61, 0x67, 0x4e, 0x61, 0x6d, 0x65,
+	0x12, 0x20, 0x0a, 0x05, 0x72, 0x65, 0x67, 0x65, 0x78, 0x18, 0x02, 0x20, 0x01, 0x28, 0x09, 0x42,
+	0x08, 0xfa, 0x42, 0x05, 0x72, 0x03, 0x28, 0x80, 0x08, 0x48, 0x00, 0x52, 0x05, 0x72, 0x65, 0x67,
+	0x65, 0x78, 0x12, 0x21, 0x0a, 0x0b, 0x66, 0x69, 0x78, 0x65, 0x64, 0x5f, 0x76, 0x61, 0x6c, 0x75,
+	0x65, 0x18, 0x03, 0x20, 0x01, 0x28, 0x09, 0x48, 0x00, 0x52, 0x0a, 0x66, 0x69, 0x78, 0x65, 0x64,
+	0x56, 0x61, 0x6c, 0x75, 0x65, 0x3a, 0x2b, 0x9a, 0xc5, 0x88, 0x1e, 0x26, 0x0a, 0x24, 0x65, 0x6e,
+	0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x6d, 0x65, 0x74, 0x72, 0x69,
+	0x63, 0x73, 0x2e, 0x76, 0x32, 0x2e, 0x54, 0x61, 0x67, 0x53, 0x70, 0x65, 0x63, 0x69, 0x66, 0x69,
+	0x65, 0x72, 0x42, 0x0b, 0x0a, 0x09, 0x74, 0x61, 0x67, 0x5f, 0x76, 0x61, 0x6c, 0x75, 0x65, 0x22,
+	0x92, 0x01, 0x0a, 0x17, 0x48, 0x69, 0x73, 0x74, 0x6f, 0x67, 0x72, 0x61, 0x6d, 0x42, 0x75, 0x63,
+	0x6b, 0x65, 0x74, 0x53, 0x65, 0x74, 0x74, 0x69, 0x6e, 0x67, 0x73, 0x12, 0x44, 0x0a, 0x05, 0x6d,
+	0x61, 0x74, 0x63, 0x68, 0x18, 0x01, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x24, 0x2e, 0x65, 0x6e, 0x76,
+	0x6f, 0x79, 0x2e, 0x74, 0x79, 0x70, 0x65, 0x2e, 0x6d, 0x61, 0x74, 0x63, 0x68, 0x65, 0x72, 0x2e,
+	0x76, 0x33, 0x2e, 0x53, 0x74, 0x72, 0x69, 0x6e, 0x67, 0x4d, 0x61, 0x74, 0x63, 0x68, 0x65, 0x72,
+	0x42, 0x08, 0xfa, 0x42, 0x05, 0x8a, 0x01, 0x02, 0x10, 0x01, 0x52, 0x05, 0x6d, 0x61, 0x74, 0x63,
+	0x68, 0x12, 0x31, 0x0a, 0x07, 0x62, 0x75, 0x63, 0x6b, 0x65, 0x74, 0x73, 0x18, 0x02, 0x20, 0x03,
+	0x28, 0x01, 0x42, 0x17, 0xfa, 0x42, 0x14, 0x92, 0x01, 0x11, 0x08, 0x01, 0x18, 0x01, 0x22, 0x0b,
+	0x12, 0x09, 0x21, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x52, 0x07, 0x62, 0x75, 0x63,
+	0x6b, 0x65, 0x74, 0x73, 0x22, 0xcf, 0x01, 0x0a, 0x0a, 0x53, 0x74, 0x61, 0x74, 0x73, 0x64, 0x53,
+	0x69, 0x6e, 0x6b, 0x12, 0x39, 0x0a, 0x07, 0x61, 0x64, 0x64, 0x72, 0x65, 0x73, 0x73, 0x18, 0x01,
+	0x20, 0x01, 0x28, 0x0b, 0x32, 0x1d, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e,
+	0x66, 0x69, 0x67, 0x2e, 0x63, 0x6f, 0x72, 0x65, 0x2e, 0x76, 0x33, 0x2e, 0x41, 0x64, 0x64, 0x72,
+	0x65, 0x73, 0x73, 0x48, 0x00, 0x52, 0x07, 0x61, 0x64, 0x64, 0x72, 0x65, 0x73, 0x73, 0x12, 0x2a,
+	0x0a, 0x10, 0x74, 0x63, 0x70, 0x5f, 0x63, 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0x5f, 0x6e, 0x61,
+	0x6d, 0x65, 0x18, 0x02, 0x20, 0x01, 0x28, 0x09, 0x48, 0x00, 0x52, 0x0e, 0x74, 0x63, 0x70, 0x43,
+	0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0x4e, 0x61, 0x6d, 0x65, 0x12, 0x16, 0x0a, 0x06, 0x70, 0x72,
+	0x65, 0x66, 0x69, 0x78, 0x18, 0x03, 0x20, 0x01, 0x28, 0x09, 0x52, 0x06, 0x70, 0x72, 0x65, 0x66,
+	0x69, 0x78, 0x3a, 0x29, 0x9a, 0xc5, 0x88, 0x1e, 0x24, 0x0a, 0x22, 0x65, 0x6e, 0x76, 0x6f, 0x79,
+	0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x6d, 0x65, 0x74, 0x72, 0x69, 0x63, 0x73, 0x2e,
+	0x76, 0x32, 0x2e, 0x53, 0x74, 0x61, 0x74, 0x73, 0x64, 0x53, 0x69, 0x6e, 0x6b, 0x42, 0x17, 0x0a,
+	0x10, 0x73, 0x74, 0x61, 0x74, 0x73, 0x64, 0x5f, 0x73, 0x70, 0x65, 0x63, 0x69, 0x66, 0x69, 0x65,
+	0x72, 0x12, 0x03, 0xf8, 0x42, 0x01, 0x22, 0x8f, 0x02, 0x0a, 0x0d, 0x44, 0x6f, 0x67, 0x53, 0x74,
+	0x61, 0x74, 0x73, 0x64, 0x53, 0x69, 0x6e, 0x6b, 0x12, 0x39, 0x0a, 0x07, 0x61, 0x64, 0x64, 0x72,
+	0x65, 0x73, 0x73, 0x18, 0x01, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1d, 0x2e, 0x65, 0x6e, 0x76, 0x6f,
+	0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x63, 0x6f, 0x72, 0x65, 0x2e, 0x76, 0x33,
+	0x2e, 0x41, 0x64, 0x64, 0x72, 0x65, 0x73, 0x73, 0x48, 0x00, 0x52, 0x07, 0x61, 0x64, 0x64, 0x72,
+	0x65, 0x73, 0x73, 0x12, 0x16, 0x0a, 0x06, 0x70, 0x72, 0x65, 0x66, 0x69, 0x78, 0x18, 0x03, 0x20,
+	0x01, 0x28, 0x09, 0x52, 0x06, 0x70, 0x72, 0x65, 0x66, 0x69, 0x78, 0x12, 0x5a, 0x0a, 0x16, 0x6d,
+	0x61, 0x78, 0x5f, 0x62, 0x79, 0x74, 0x65, 0x73, 0x5f, 0x70, 0x65, 0x72, 0x5f, 0x64, 0x61, 0x74,
+	0x61, 0x67, 0x72, 0x61, 0x6d, 0x18, 0x04, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1c, 0x2e, 0x67, 0x6f,
+	0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x55, 0x49,
+	0x6e, 0x74, 0x36, 0x34, 0x56, 0x61, 0x6c, 0x75, 0x65, 0x42, 0x07, 0xfa, 0x42, 0x04, 0x32, 0x02,
+	0x20, 0x00, 0x52, 0x13, 0x6d, 0x61, 0x78, 0x42, 0x79, 0x74, 0x65, 0x73, 0x50, 0x65, 0x72, 0x44,
+	0x61, 0x74, 0x61, 0x67, 0x72, 0x61, 0x6d, 0x3a, 0x2c, 0x9a, 0xc5, 0x88, 0x1e, 0x27, 0x0a, 0x25,
+	0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x6d, 0x65, 0x74,
+	0x72, 0x69, 0x63, 0x73, 0x2e, 0x76, 0x32, 0x2e, 0x44, 0x6f, 0x67, 0x53, 0x74, 0x61, 0x74, 0x73,
+	0x64, 0x53, 0x69, 0x6e, 0x6b, 0x42, 0x1b, 0x0a, 0x14, 0x64, 0x6f, 0x67, 0x5f, 0x73, 0x74, 0x61,
+	0x74, 0x73, 0x64, 0x5f, 0x73, 0x70, 0x65, 0x63, 0x69, 0x66, 0x69, 0x65, 0x72, 0x12, 0x03, 0xf8,
+	0x42, 0x01, 0x4a, 0x04, 0x08, 0x02, 0x10, 0x03, 0x22, 0x5a, 0x0a, 0x0b, 0x48, 0x79, 0x73, 0x74,
+	0x72, 0x69, 0x78, 0x53, 0x69, 0x6e, 0x6b, 0x12, 0x1f, 0x0a, 0x0b, 0x6e, 0x75, 0x6d, 0x5f, 0x62,
+	0x75, 0x63, 0x6b, 0x65, 0x74, 0x73, 0x18, 0x01, 0x20, 0x01, 0x28, 0x03, 0x52, 0x0a, 0x6e, 0x75,
+	0x6d, 0x42, 0x75, 0x63, 0x6b, 0x65, 0x74, 0x73, 0x3a, 0x2a, 0x9a, 0xc5, 0x88, 0x1e, 0x25, 0x0a,
+	0x23, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x6d, 0x65,
+	0x74, 0x72, 0x69, 0x63, 0x73, 0x2e, 0x76, 0x32, 0x2e, 0x48, 0x79, 0x73, 0x74, 0x72, 0x69, 0x78,
+	0x53, 0x69, 0x6e, 0x6b, 0x42, 0x3d, 0x0a, 0x25, 0x69, 0x6f, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79,
+	0x70, 0x72, 0x6f, 0x78, 0x79, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66,
+	0x69, 0x67, 0x2e, 0x6d, 0x65, 0x74, 0x72, 0x69, 0x63, 0x73, 0x2e, 0x76, 0x33, 0x42, 0x0a, 0x53,
+	0x74, 0x61, 0x74, 0x73, 0x50, 0x72, 0x6f, 0x74, 0x6f, 0x50, 0x01, 0xba, 0x80, 0xc8, 0xd1, 0x06,
+	0x02, 0x10, 0x02, 0x62, 0x06, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x33,
+}
+
+var (
+	file_envoy_config_metrics_v3_stats_proto_rawDescOnce sync.Once
+	file_envoy_config_metrics_v3_stats_proto_rawDescData = file_envoy_config_metrics_v3_stats_proto_rawDesc
+)
+
+func file_envoy_config_metrics_v3_stats_proto_rawDescGZIP() []byte {
+	file_envoy_config_metrics_v3_stats_proto_rawDescOnce.Do(func() {
+		file_envoy_config_metrics_v3_stats_proto_rawDescData = protoimpl.X.CompressGZIP(file_envoy_config_metrics_v3_stats_proto_rawDescData)
+	})
+	return file_envoy_config_metrics_v3_stats_proto_rawDescData
+}
+
+var file_envoy_config_metrics_v3_stats_proto_msgTypes = make([]protoimpl.MessageInfo, 8)
+var file_envoy_config_metrics_v3_stats_proto_goTypes = []interface{}{
+	(*StatsSink)(nil),               // 0: envoy.config.metrics.v3.StatsSink
+	(*StatsConfig)(nil),             // 1: envoy.config.metrics.v3.StatsConfig
+	(*StatsMatcher)(nil),            // 2: envoy.config.metrics.v3.StatsMatcher
+	(*TagSpecifier)(nil),            // 3: envoy.config.metrics.v3.TagSpecifier
+	(*HistogramBucketSettings)(nil), // 4: envoy.config.metrics.v3.HistogramBucketSettings
+	(*StatsdSink)(nil),              // 5: envoy.config.metrics.v3.StatsdSink
+	(*DogStatsdSink)(nil),           // 6: envoy.config.metrics.v3.DogStatsdSink
+	(*HystrixSink)(nil),             // 7: envoy.config.metrics.v3.HystrixSink
+	(*any.Any)(nil),                 // 8: google.protobuf.Any
+	(*wrappers.BoolValue)(nil),      // 9: google.protobuf.BoolValue
+	(*v3.ListStringMatcher)(nil),    // 10: envoy.type.matcher.v3.ListStringMatcher
+	(*v3.StringMatcher)(nil),        // 11: envoy.type.matcher.v3.StringMatcher
+	(*v31.Address)(nil),             // 12: envoy.config.core.v3.Address
+	(*wrappers.UInt64Value)(nil),    // 13: google.protobuf.UInt64Value
+}
+var file_envoy_config_metrics_v3_stats_proto_depIdxs = []int32{
+	8,  // 0: envoy.config.metrics.v3.StatsSink.typed_config:type_name -> google.protobuf.Any
+	3,  // 1: envoy.config.metrics.v3.StatsConfig.stats_tags:type_name -> envoy.config.metrics.v3.TagSpecifier
+	9,  // 2: envoy.config.metrics.v3.StatsConfig.use_all_default_tags:type_name -> google.protobuf.BoolValue
+	2,  // 3: envoy.config.metrics.v3.StatsConfig.stats_matcher:type_name -> envoy.config.metrics.v3.StatsMatcher
+	4,  // 4: envoy.config.metrics.v3.StatsConfig.histogram_bucket_settings:type_name -> envoy.config.metrics.v3.HistogramBucketSettings
+	10, // 5: envoy.config.metrics.v3.StatsMatcher.exclusion_list:type_name -> envoy.type.matcher.v3.ListStringMatcher
+	10, // 6: envoy.config.metrics.v3.StatsMatcher.inclusion_list:type_name -> envoy.type.matcher.v3.ListStringMatcher
+	11, // 7: envoy.config.metrics.v3.HistogramBucketSettings.match:type_name -> envoy.type.matcher.v3.StringMatcher
+	12, // 8: envoy.config.metrics.v3.StatsdSink.address:type_name -> envoy.config.core.v3.Address
+	12, // 9: envoy.config.metrics.v3.DogStatsdSink.address:type_name -> envoy.config.core.v3.Address
+	13, // 10: envoy.config.metrics.v3.DogStatsdSink.max_bytes_per_datagram:type_name -> google.protobuf.UInt64Value
+	11, // [11:11] is the sub-list for method output_type
+	11, // [11:11] is the sub-list for method input_type
+	11, // [11:11] is the sub-list for extension type_name
+	11, // [11:11] is the sub-list for extension extendee
+	0,  // [0:11] is the sub-list for field type_name
+}
+
+func init() { file_envoy_config_metrics_v3_stats_proto_init() }
+func file_envoy_config_metrics_v3_stats_proto_init() {
+	if File_envoy_config_metrics_v3_stats_proto != nil {
+		return
+	}
+	if !protoimpl.UnsafeEnabled {
+		file_envoy_config_metrics_v3_stats_proto_msgTypes[0].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*StatsSink); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_config_metrics_v3_stats_proto_msgTypes[1].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*StatsConfig); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_config_metrics_v3_stats_proto_msgTypes[2].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*StatsMatcher); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_config_metrics_v3_stats_proto_msgTypes[3].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*TagSpecifier); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_config_metrics_v3_stats_proto_msgTypes[4].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*HistogramBucketSettings); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_config_metrics_v3_stats_proto_msgTypes[5].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*StatsdSink); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_config_metrics_v3_stats_proto_msgTypes[6].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*DogStatsdSink); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_config_metrics_v3_stats_proto_msgTypes[7].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*HystrixSink); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+	}
+	file_envoy_config_metrics_v3_stats_proto_msgTypes[0].OneofWrappers = []interface{}{
+		(*StatsSink_TypedConfig)(nil),
+	}
+	file_envoy_config_metrics_v3_stats_proto_msgTypes[2].OneofWrappers = []interface{}{
+		(*StatsMatcher_RejectAll)(nil),
+		(*StatsMatcher_ExclusionList)(nil),
+		(*StatsMatcher_InclusionList)(nil),
+	}
+	file_envoy_config_metrics_v3_stats_proto_msgTypes[3].OneofWrappers = []interface{}{
+		(*TagSpecifier_Regex)(nil),
+		(*TagSpecifier_FixedValue)(nil),
+	}
+	file_envoy_config_metrics_v3_stats_proto_msgTypes[5].OneofWrappers = []interface{}{
+		(*StatsdSink_Address)(nil),
+		(*StatsdSink_TcpClusterName)(nil),
+	}
+	file_envoy_config_metrics_v3_stats_proto_msgTypes[6].OneofWrappers = []interface{}{
+		(*DogStatsdSink_Address)(nil),
+	}
+	type x struct{}
+	out := protoimpl.TypeBuilder{
+		File: protoimpl.DescBuilder{
+			GoPackagePath: reflect.TypeOf(x{}).PkgPath(),
+			RawDescriptor: file_envoy_config_metrics_v3_stats_proto_rawDesc,
+			NumEnums:      0,
+			NumMessages:   8,
+			NumExtensions: 0,
+			NumServices:   0,
+		},
+		GoTypes:           file_envoy_config_metrics_v3_stats_proto_goTypes,
+		DependencyIndexes: file_envoy_config_metrics_v3_stats_proto_depIdxs,
+		MessageInfos:      file_envoy_config_metrics_v3_stats_proto_msgTypes,
+	}.Build()
+	File_envoy_config_metrics_v3_stats_proto = out.File
+	file_envoy_config_metrics_v3_stats_proto_rawDesc = nil
+	file_envoy_config_metrics_v3_stats_proto_goTypes = nil
+	file_envoy_config_metrics_v3_stats_proto_depIdxs = nil
+}
diff --git a/vendor/github.com/envoyproxy/go-control-plane/envoy/config/metrics/v3/stats.pb.validate.go b/vendor/github.com/envoyproxy/go-control-plane/envoy/config/metrics/v3/stats.pb.validate.go
new file mode 100644
index 00000000000..af05f69662d
--- /dev/null
+++ b/vendor/github.com/envoyproxy/go-control-plane/envoy/config/metrics/v3/stats.pb.validate.go
@@ -0,0 +1,1284 @@
+// Code generated by protoc-gen-validate. DO NOT EDIT.
+// source: envoy/config/metrics/v3/stats.proto
+
+package envoy_config_metrics_v3
+
+import (
+	"bytes"
+	"errors"
+	"fmt"
+	"net"
+	"net/mail"
+	"net/url"
+	"regexp"
+	"sort"
+	"strings"
+	"time"
+	"unicode/utf8"
+
+	"google.golang.org/protobuf/types/known/anypb"
+)
+
+// ensure the imports are used
+var (
+	_ = bytes.MinRead
+	_ = errors.New("")
+	_ = fmt.Print
+	_ = utf8.UTFMax
+	_ = (*regexp.Regexp)(nil)
+	_ = (*strings.Reader)(nil)
+	_ = net.IPv4len
+	_ = time.Duration(0)
+	_ = (*url.URL)(nil)
+	_ = (*mail.Address)(nil)
+	_ = anypb.Any{}
+	_ = sort.Sort
+)
+
+// Validate checks the field values on StatsSink with the rules defined in the
+// proto definition for this message. If any rules are violated, the first
+// error encountered is returned, or nil if there are no violations.
+func (m *StatsSink) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on StatsSink with the rules defined in
+// the proto definition for this message. If any rules are violated, the
+// result is a list of violation errors wrapped in StatsSinkMultiError, or nil
+// if none found.
+func (m *StatsSink) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *StatsSink) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	// no validation rules for Name
+
+	switch m.ConfigType.(type) {
+
+	case *StatsSink_TypedConfig:
+
+		if all {
+			switch v := interface{}(m.GetTypedConfig()).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, StatsSinkValidationError{
+						field:  "TypedConfig",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, StatsSinkValidationError{
+						field:  "TypedConfig",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(m.GetTypedConfig()).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return StatsSinkValidationError{
+					field:  "TypedConfig",
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	}
+
+	if len(errors) > 0 {
+		return StatsSinkMultiError(errors)
+	}
+	return nil
+}
+
+// StatsSinkMultiError is an error wrapping multiple validation errors returned
+// by StatsSink.ValidateAll() if the designated constraints aren't met.
+type StatsSinkMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m StatsSinkMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m StatsSinkMultiError) AllErrors() []error { return m }
+
+// StatsSinkValidationError is the validation error returned by
+// StatsSink.Validate if the designated constraints aren't met.
+type StatsSinkValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e StatsSinkValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e StatsSinkValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e StatsSinkValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e StatsSinkValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e StatsSinkValidationError) ErrorName() string { return "StatsSinkValidationError" }
+
+// Error satisfies the builtin error interface
+func (e StatsSinkValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sStatsSink.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = StatsSinkValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = StatsSinkValidationError{}
+
+// Validate checks the field values on StatsConfig with the rules defined in
+// the proto definition for this message. If any rules are violated, the first
+// error encountered is returned, or nil if there are no violations.
+func (m *StatsConfig) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on StatsConfig with the rules defined in
+// the proto definition for this message. If any rules are violated, the
+// result is a list of violation errors wrapped in StatsConfigMultiError, or
+// nil if none found.
+func (m *StatsConfig) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *StatsConfig) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	for idx, item := range m.GetStatsTags() {
+		_, _ = idx, item
+
+		if all {
+			switch v := interface{}(item).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, StatsConfigValidationError{
+						field:  fmt.Sprintf("StatsTags[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, StatsConfigValidationError{
+						field:  fmt.Sprintf("StatsTags[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(item).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return StatsConfigValidationError{
+					field:  fmt.Sprintf("StatsTags[%v]", idx),
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	}
+
+	if all {
+		switch v := interface{}(m.GetUseAllDefaultTags()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, StatsConfigValidationError{
+					field:  "UseAllDefaultTags",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, StatsConfigValidationError{
+					field:  "UseAllDefaultTags",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetUseAllDefaultTags()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return StatsConfigValidationError{
+				field:  "UseAllDefaultTags",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if all {
+		switch v := interface{}(m.GetStatsMatcher()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, StatsConfigValidationError{
+					field:  "StatsMatcher",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, StatsConfigValidationError{
+					field:  "StatsMatcher",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetStatsMatcher()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return StatsConfigValidationError{
+				field:  "StatsMatcher",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	for idx, item := range m.GetHistogramBucketSettings() {
+		_, _ = idx, item
+
+		if all {
+			switch v := interface{}(item).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, StatsConfigValidationError{
+						field:  fmt.Sprintf("HistogramBucketSettings[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, StatsConfigValidationError{
+						field:  fmt.Sprintf("HistogramBucketSettings[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(item).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return StatsConfigValidationError{
+					field:  fmt.Sprintf("HistogramBucketSettings[%v]", idx),
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	}
+
+	if len(errors) > 0 {
+		return StatsConfigMultiError(errors)
+	}
+	return nil
+}
+
+// StatsConfigMultiError is an error wrapping multiple validation errors
+// returned by StatsConfig.ValidateAll() if the designated constraints aren't met.
+type StatsConfigMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m StatsConfigMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m StatsConfigMultiError) AllErrors() []error { return m }
+
+// StatsConfigValidationError is the validation error returned by
+// StatsConfig.Validate if the designated constraints aren't met.
+type StatsConfigValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e StatsConfigValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e StatsConfigValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e StatsConfigValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e StatsConfigValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e StatsConfigValidationError) ErrorName() string { return "StatsConfigValidationError" }
+
+// Error satisfies the builtin error interface
+func (e StatsConfigValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sStatsConfig.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = StatsConfigValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = StatsConfigValidationError{}
+
+// Validate checks the field values on StatsMatcher with the rules defined in
+// the proto definition for this message. If any rules are violated, the first
+// error encountered is returned, or nil if there are no violations.
+func (m *StatsMatcher) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on StatsMatcher with the rules defined
+// in the proto definition for this message. If any rules are violated, the
+// result is a list of violation errors wrapped in StatsMatcherMultiError, or
+// nil if none found.
+func (m *StatsMatcher) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *StatsMatcher) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	switch m.StatsMatcher.(type) {
+
+	case *StatsMatcher_RejectAll:
+		// no validation rules for RejectAll
+
+	case *StatsMatcher_ExclusionList:
+
+		if all {
+			switch v := interface{}(m.GetExclusionList()).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, StatsMatcherValidationError{
+						field:  "ExclusionList",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, StatsMatcherValidationError{
+						field:  "ExclusionList",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(m.GetExclusionList()).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return StatsMatcherValidationError{
+					field:  "ExclusionList",
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	case *StatsMatcher_InclusionList:
+
+		if all {
+			switch v := interface{}(m.GetInclusionList()).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, StatsMatcherValidationError{
+						field:  "InclusionList",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, StatsMatcherValidationError{
+						field:  "InclusionList",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(m.GetInclusionList()).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return StatsMatcherValidationError{
+					field:  "InclusionList",
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	default:
+		err := StatsMatcherValidationError{
+			field:  "StatsMatcher",
+			reason: "value is required",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+
+	}
+
+	if len(errors) > 0 {
+		return StatsMatcherMultiError(errors)
+	}
+	return nil
+}
+
+// StatsMatcherMultiError is an error wrapping multiple validation errors
+// returned by StatsMatcher.ValidateAll() if the designated constraints aren't met.
+type StatsMatcherMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m StatsMatcherMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m StatsMatcherMultiError) AllErrors() []error { return m }
+
+// StatsMatcherValidationError is the validation error returned by
+// StatsMatcher.Validate if the designated constraints aren't met.
+type StatsMatcherValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e StatsMatcherValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e StatsMatcherValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e StatsMatcherValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e StatsMatcherValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e StatsMatcherValidationError) ErrorName() string { return "StatsMatcherValidationError" }
+
+// Error satisfies the builtin error interface
+func (e StatsMatcherValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sStatsMatcher.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = StatsMatcherValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = StatsMatcherValidationError{}
+
+// Validate checks the field values on TagSpecifier with the rules defined in
+// the proto definition for this message. If any rules are violated, the first
+// error encountered is returned, or nil if there are no violations.
+func (m *TagSpecifier) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on TagSpecifier with the rules defined
+// in the proto definition for this message. If any rules are violated, the
+// result is a list of violation errors wrapped in TagSpecifierMultiError, or
+// nil if none found.
+func (m *TagSpecifier) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *TagSpecifier) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	// no validation rules for TagName
+
+	switch m.TagValue.(type) {
+
+	case *TagSpecifier_Regex:
+
+		if len(m.GetRegex()) > 1024 {
+			err := TagSpecifierValidationError{
+				field:  "Regex",
+				reason: "value length must be at most 1024 bytes",
+			}
+			if !all {
+				return err
+			}
+			errors = append(errors, err)
+		}
+
+	case *TagSpecifier_FixedValue:
+		// no validation rules for FixedValue
+
+	}
+
+	if len(errors) > 0 {
+		return TagSpecifierMultiError(errors)
+	}
+	return nil
+}
+
+// TagSpecifierMultiError is an error wrapping multiple validation errors
+// returned by TagSpecifier.ValidateAll() if the designated constraints aren't met.
+type TagSpecifierMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m TagSpecifierMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m TagSpecifierMultiError) AllErrors() []error { return m }
+
+// TagSpecifierValidationError is the validation error returned by
+// TagSpecifier.Validate if the designated constraints aren't met.
+type TagSpecifierValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e TagSpecifierValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e TagSpecifierValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e TagSpecifierValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e TagSpecifierValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e TagSpecifierValidationError) ErrorName() string { return "TagSpecifierValidationError" }
+
+// Error satisfies the builtin error interface
+func (e TagSpecifierValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sTagSpecifier.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = TagSpecifierValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = TagSpecifierValidationError{}
+
+// Validate checks the field values on HistogramBucketSettings with the rules
+// defined in the proto definition for this message. If any rules are
+// violated, the first error encountered is returned, or nil if there are no violations.
+func (m *HistogramBucketSettings) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on HistogramBucketSettings with the
+// rules defined in the proto definition for this message. If any rules are
+// violated, the result is a list of violation errors wrapped in
+// HistogramBucketSettingsMultiError, or nil if none found.
+func (m *HistogramBucketSettings) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *HistogramBucketSettings) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	if m.GetMatch() == nil {
+		err := HistogramBucketSettingsValidationError{
+			field:  "Match",
+			reason: "value is required",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+	}
+
+	if all {
+		switch v := interface{}(m.GetMatch()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, HistogramBucketSettingsValidationError{
+					field:  "Match",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, HistogramBucketSettingsValidationError{
+					field:  "Match",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetMatch()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return HistogramBucketSettingsValidationError{
+				field:  "Match",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if len(m.GetBuckets()) < 1 {
+		err := HistogramBucketSettingsValidationError{
+			field:  "Buckets",
+			reason: "value must contain at least 1 item(s)",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+	}
+
+	_HistogramBucketSettings_Buckets_Unique := make(map[float64]struct{}, len(m.GetBuckets()))
+
+	for idx, item := range m.GetBuckets() {
+		_, _ = idx, item
+
+		if _, exists := _HistogramBucketSettings_Buckets_Unique[item]; exists {
+			err := HistogramBucketSettingsValidationError{
+				field:  fmt.Sprintf("Buckets[%v]", idx),
+				reason: "repeated value must contain unique items",
+			}
+			if !all {
+				return err
+			}
+			errors = append(errors, err)
+		} else {
+			_HistogramBucketSettings_Buckets_Unique[item] = struct{}{}
+		}
+
+		if item <= 0 {
+			err := HistogramBucketSettingsValidationError{
+				field:  fmt.Sprintf("Buckets[%v]", idx),
+				reason: "value must be greater than 0",
+			}
+			if !all {
+				return err
+			}
+			errors = append(errors, err)
+		}
+
+	}
+
+	if len(errors) > 0 {
+		return HistogramBucketSettingsMultiError(errors)
+	}
+	return nil
+}
+
+// HistogramBucketSettingsMultiError is an error wrapping multiple validation
+// errors returned by HistogramBucketSettings.ValidateAll() if the designated
+// constraints aren't met.
+type HistogramBucketSettingsMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m HistogramBucketSettingsMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m HistogramBucketSettingsMultiError) AllErrors() []error { return m }
+
+// HistogramBucketSettingsValidationError is the validation error returned by
+// HistogramBucketSettings.Validate if the designated constraints aren't met.
+type HistogramBucketSettingsValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e HistogramBucketSettingsValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e HistogramBucketSettingsValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e HistogramBucketSettingsValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e HistogramBucketSettingsValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e HistogramBucketSettingsValidationError) ErrorName() string {
+	return "HistogramBucketSettingsValidationError"
+}
+
+// Error satisfies the builtin error interface
+func (e HistogramBucketSettingsValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sHistogramBucketSettings.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = HistogramBucketSettingsValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = HistogramBucketSettingsValidationError{}
+
+// Validate checks the field values on StatsdSink with the rules defined in the
+// proto definition for this message. If any rules are violated, the first
+// error encountered is returned, or nil if there are no violations.
+func (m *StatsdSink) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on StatsdSink with the rules defined in
+// the proto definition for this message. If any rules are violated, the
+// result is a list of violation errors wrapped in StatsdSinkMultiError, or
+// nil if none found.
+func (m *StatsdSink) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *StatsdSink) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	// no validation rules for Prefix
+
+	switch m.StatsdSpecifier.(type) {
+
+	case *StatsdSink_Address:
+
+		if all {
+			switch v := interface{}(m.GetAddress()).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, StatsdSinkValidationError{
+						field:  "Address",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, StatsdSinkValidationError{
+						field:  "Address",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(m.GetAddress()).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return StatsdSinkValidationError{
+					field:  "Address",
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	case *StatsdSink_TcpClusterName:
+		// no validation rules for TcpClusterName
+
+	default:
+		err := StatsdSinkValidationError{
+			field:  "StatsdSpecifier",
+			reason: "value is required",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+
+	}
+
+	if len(errors) > 0 {
+		return StatsdSinkMultiError(errors)
+	}
+	return nil
+}
+
+// StatsdSinkMultiError is an error wrapping multiple validation errors
+// returned by StatsdSink.ValidateAll() if the designated constraints aren't met.
+type StatsdSinkMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m StatsdSinkMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m StatsdSinkMultiError) AllErrors() []error { return m }
+
+// StatsdSinkValidationError is the validation error returned by
+// StatsdSink.Validate if the designated constraints aren't met.
+type StatsdSinkValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e StatsdSinkValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e StatsdSinkValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e StatsdSinkValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e StatsdSinkValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e StatsdSinkValidationError) ErrorName() string { return "StatsdSinkValidationError" }
+
+// Error satisfies the builtin error interface
+func (e StatsdSinkValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sStatsdSink.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = StatsdSinkValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = StatsdSinkValidationError{}
+
+// Validate checks the field values on DogStatsdSink with the rules defined in
+// the proto definition for this message. If any rules are violated, the first
+// error encountered is returned, or nil if there are no violations.
+func (m *DogStatsdSink) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on DogStatsdSink with the rules defined
+// in the proto definition for this message. If any rules are violated, the
+// result is a list of violation errors wrapped in DogStatsdSinkMultiError, or
+// nil if none found.
+func (m *DogStatsdSink) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *DogStatsdSink) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	// no validation rules for Prefix
+
+	if wrapper := m.GetMaxBytesPerDatagram(); wrapper != nil {
+
+		if wrapper.GetValue() <= 0 {
+			err := DogStatsdSinkValidationError{
+				field:  "MaxBytesPerDatagram",
+				reason: "value must be greater than 0",
+			}
+			if !all {
+				return err
+			}
+			errors = append(errors, err)
+		}
+
+	}
+
+	switch m.DogStatsdSpecifier.(type) {
+
+	case *DogStatsdSink_Address:
+
+		if all {
+			switch v := interface{}(m.GetAddress()).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, DogStatsdSinkValidationError{
+						field:  "Address",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, DogStatsdSinkValidationError{
+						field:  "Address",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(m.GetAddress()).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return DogStatsdSinkValidationError{
+					field:  "Address",
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	default:
+		err := DogStatsdSinkValidationError{
+			field:  "DogStatsdSpecifier",
+			reason: "value is required",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+
+	}
+
+	if len(errors) > 0 {
+		return DogStatsdSinkMultiError(errors)
+	}
+	return nil
+}
+
+// DogStatsdSinkMultiError is an error wrapping multiple validation errors
+// returned by DogStatsdSink.ValidateAll() if the designated constraints
+// aren't met.
+type DogStatsdSinkMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m DogStatsdSinkMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m DogStatsdSinkMultiError) AllErrors() []error { return m }
+
+// DogStatsdSinkValidationError is the validation error returned by
+// DogStatsdSink.Validate if the designated constraints aren't met.
+type DogStatsdSinkValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e DogStatsdSinkValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e DogStatsdSinkValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e DogStatsdSinkValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e DogStatsdSinkValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e DogStatsdSinkValidationError) ErrorName() string { return "DogStatsdSinkValidationError" }
+
+// Error satisfies the builtin error interface
+func (e DogStatsdSinkValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sDogStatsdSink.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = DogStatsdSinkValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = DogStatsdSinkValidationError{}
+
+// Validate checks the field values on HystrixSink with the rules defined in
+// the proto definition for this message. If any rules are violated, the first
+// error encountered is returned, or nil if there are no violations.
+func (m *HystrixSink) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on HystrixSink with the rules defined in
+// the proto definition for this message. If any rules are violated, the
+// result is a list of violation errors wrapped in HystrixSinkMultiError, or
+// nil if none found.
+func (m *HystrixSink) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *HystrixSink) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	// no validation rules for NumBuckets
+
+	if len(errors) > 0 {
+		return HystrixSinkMultiError(errors)
+	}
+	return nil
+}
+
+// HystrixSinkMultiError is an error wrapping multiple validation errors
+// returned by HystrixSink.ValidateAll() if the designated constraints aren't met.
+type HystrixSinkMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m HystrixSinkMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m HystrixSinkMultiError) AllErrors() []error { return m }
+
+// HystrixSinkValidationError is the validation error returned by
+// HystrixSink.Validate if the designated constraints aren't met.
+type HystrixSinkValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e HystrixSinkValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e HystrixSinkValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e HystrixSinkValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e HystrixSinkValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e HystrixSinkValidationError) ErrorName() string { return "HystrixSinkValidationError" }
+
+// Error satisfies the builtin error interface
+func (e HystrixSinkValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sHystrixSink.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = HystrixSinkValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = HystrixSinkValidationError{}
diff --git a/vendor/github.com/envoyproxy/go-control-plane/envoy/config/overload/v3/overload.pb.go b/vendor/github.com/envoyproxy/go-control-plane/envoy/config/overload/v3/overload.pb.go
new file mode 100644
index 00000000000..5dd13f88295
--- /dev/null
+++ b/vendor/github.com/envoyproxy/go-control-plane/envoy/config/overload/v3/overload.pb.go
@@ -0,0 +1,1074 @@
+// Code generated by protoc-gen-go. DO NOT EDIT.
+// versions:
+// 	protoc-gen-go v1.25.0
+// 	protoc        v3.19.1
+// source: envoy/config/overload/v3/overload.proto
+
+package envoy_config_overload_v3
+
+import (
+	_ "github.com/cncf/xds/go/udpa/annotations"
+	v3 "github.com/envoyproxy/go-control-plane/envoy/type/v3"
+	_ "github.com/envoyproxy/protoc-gen-validate/validate"
+	proto "github.com/golang/protobuf/proto"
+	any "github.com/golang/protobuf/ptypes/any"
+	duration "github.com/golang/protobuf/ptypes/duration"
+	protoreflect "google.golang.org/protobuf/reflect/protoreflect"
+	protoimpl "google.golang.org/protobuf/runtime/protoimpl"
+	reflect "reflect"
+	sync "sync"
+)
+
+const (
+	// Verify that this generated code is sufficiently up-to-date.
+	_ = protoimpl.EnforceVersion(20 - protoimpl.MinVersion)
+	// Verify that runtime/protoimpl is sufficiently up-to-date.
+	_ = protoimpl.EnforceVersion(protoimpl.MaxVersion - 20)
+)
+
+// This is a compile-time assertion that a sufficiently up-to-date version
+// of the legacy proto package is being used.
+const _ = proto.ProtoPackageIsVersion4
+
+type ScaleTimersOverloadActionConfig_TimerType int32
+
+const (
+	// Unsupported value; users must explicitly specify the timer they want scaled.
+	ScaleTimersOverloadActionConfig_UNSPECIFIED ScaleTimersOverloadActionConfig_TimerType = 0
+	// Adjusts the idle timer for downstream HTTP connections that takes effect when there are no active streams.
+	// This affects the value of :ref:`HttpConnectionManager.common_http_protocol_options.idle_timeout
+	// <envoy_v3_api_field_config.core.v3.HttpProtocolOptions.idle_timeout>`
+	ScaleTimersOverloadActionConfig_HTTP_DOWNSTREAM_CONNECTION_IDLE ScaleTimersOverloadActionConfig_TimerType = 1
+	// Adjusts the idle timer for HTTP streams initiated by downstream clients.
+	// This affects the value of :ref:`RouteAction.idle_timeout <envoy_v3_api_field_config.route.v3.RouteAction.idle_timeout>` and
+	// :ref:`HttpConnectionManager.stream_idle_timeout
+	// <envoy_v3_api_field_extensions.filters.network.http_connection_manager.v3.HttpConnectionManager.stream_idle_timeout>`
+	ScaleTimersOverloadActionConfig_HTTP_DOWNSTREAM_STREAM_IDLE ScaleTimersOverloadActionConfig_TimerType = 2
+	// Adjusts the timer for how long downstream clients have to finish transport-level negotiations
+	// before the connection is closed.
+	// This affects the value of
+	// :ref:`FilterChain.transport_socket_connect_timeout <envoy_v3_api_field_config.listener.v3.FilterChain.transport_socket_connect_timeout>`.
+	ScaleTimersOverloadActionConfig_TRANSPORT_SOCKET_CONNECT ScaleTimersOverloadActionConfig_TimerType = 3
+)
+
+// Enum value maps for ScaleTimersOverloadActionConfig_TimerType.
+var (
+	ScaleTimersOverloadActionConfig_TimerType_name = map[int32]string{
+		0: "UNSPECIFIED",
+		1: "HTTP_DOWNSTREAM_CONNECTION_IDLE",
+		2: "HTTP_DOWNSTREAM_STREAM_IDLE",
+		3: "TRANSPORT_SOCKET_CONNECT",
+	}
+	ScaleTimersOverloadActionConfig_TimerType_value = map[string]int32{
+		"UNSPECIFIED":                     0,
+		"HTTP_DOWNSTREAM_CONNECTION_IDLE": 1,
+		"HTTP_DOWNSTREAM_STREAM_IDLE":     2,
+		"TRANSPORT_SOCKET_CONNECT":        3,
+	}
+)
+
+func (x ScaleTimersOverloadActionConfig_TimerType) Enum() *ScaleTimersOverloadActionConfig_TimerType {
+	p := new(ScaleTimersOverloadActionConfig_TimerType)
+	*p = x
+	return p
+}
+
+func (x ScaleTimersOverloadActionConfig_TimerType) String() string {
+	return protoimpl.X.EnumStringOf(x.Descriptor(), protoreflect.EnumNumber(x))
+}
+
+func (ScaleTimersOverloadActionConfig_TimerType) Descriptor() protoreflect.EnumDescriptor {
+	return file_envoy_config_overload_v3_overload_proto_enumTypes[0].Descriptor()
+}
+
+func (ScaleTimersOverloadActionConfig_TimerType) Type() protoreflect.EnumType {
+	return &file_envoy_config_overload_v3_overload_proto_enumTypes[0]
+}
+
+func (x ScaleTimersOverloadActionConfig_TimerType) Number() protoreflect.EnumNumber {
+	return protoreflect.EnumNumber(x)
+}
+
+// Deprecated: Use ScaleTimersOverloadActionConfig_TimerType.Descriptor instead.
+func (ScaleTimersOverloadActionConfig_TimerType) EnumDescriptor() ([]byte, []int) {
+	return file_envoy_config_overload_v3_overload_proto_rawDescGZIP(), []int{4, 0}
+}
+
+type ResourceMonitor struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// The name of the resource monitor to instantiate. Must match a registered
+	// resource monitor type.
+	// See the :ref:`extensions listed in typed_config below <extension_category_envoy.resource_monitors>` for the default list of available resource monitor.
+	Name string `protobuf:"bytes,1,opt,name=name,proto3" json:"name,omitempty"`
+	// Configuration for the resource monitor being instantiated.
+	// [#extension-category: envoy.resource_monitors]
+	//
+	// Types that are assignable to ConfigType:
+	//	*ResourceMonitor_TypedConfig
+	ConfigType isResourceMonitor_ConfigType `protobuf_oneof:"config_type"`
+}
+
+func (x *ResourceMonitor) Reset() {
+	*x = ResourceMonitor{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_config_overload_v3_overload_proto_msgTypes[0]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *ResourceMonitor) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*ResourceMonitor) ProtoMessage() {}
+
+func (x *ResourceMonitor) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_config_overload_v3_overload_proto_msgTypes[0]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use ResourceMonitor.ProtoReflect.Descriptor instead.
+func (*ResourceMonitor) Descriptor() ([]byte, []int) {
+	return file_envoy_config_overload_v3_overload_proto_rawDescGZIP(), []int{0}
+}
+
+func (x *ResourceMonitor) GetName() string {
+	if x != nil {
+		return x.Name
+	}
+	return ""
+}
+
+func (m *ResourceMonitor) GetConfigType() isResourceMonitor_ConfigType {
+	if m != nil {
+		return m.ConfigType
+	}
+	return nil
+}
+
+func (x *ResourceMonitor) GetTypedConfig() *any.Any {
+	if x, ok := x.GetConfigType().(*ResourceMonitor_TypedConfig); ok {
+		return x.TypedConfig
+	}
+	return nil
+}
+
+type isResourceMonitor_ConfigType interface {
+	isResourceMonitor_ConfigType()
+}
+
+type ResourceMonitor_TypedConfig struct {
+	TypedConfig *any.Any `protobuf:"bytes,3,opt,name=typed_config,json=typedConfig,proto3,oneof"`
+}
+
+func (*ResourceMonitor_TypedConfig) isResourceMonitor_ConfigType() {}
+
+type ThresholdTrigger struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// If the resource pressure is greater than or equal to this value, the trigger
+	// will enter saturation.
+	Value float64 `protobuf:"fixed64,1,opt,name=value,proto3" json:"value,omitempty"`
+}
+
+func (x *ThresholdTrigger) Reset() {
+	*x = ThresholdTrigger{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_config_overload_v3_overload_proto_msgTypes[1]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *ThresholdTrigger) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*ThresholdTrigger) ProtoMessage() {}
+
+func (x *ThresholdTrigger) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_config_overload_v3_overload_proto_msgTypes[1]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use ThresholdTrigger.ProtoReflect.Descriptor instead.
+func (*ThresholdTrigger) Descriptor() ([]byte, []int) {
+	return file_envoy_config_overload_v3_overload_proto_rawDescGZIP(), []int{1}
+}
+
+func (x *ThresholdTrigger) GetValue() float64 {
+	if x != nil {
+		return x.Value
+	}
+	return 0
+}
+
+type ScaledTrigger struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// If the resource pressure is greater than this value, the trigger will be in the
+	// :ref:`scaling <arch_overview_overload_manager-triggers-state>` state with value
+	// `(pressure - scaling_threshold) / (saturation_threshold - scaling_threshold)`.
+	ScalingThreshold float64 `protobuf:"fixed64,1,opt,name=scaling_threshold,json=scalingThreshold,proto3" json:"scaling_threshold,omitempty"`
+	// If the resource pressure is greater than this value, the trigger will enter saturation.
+	SaturationThreshold float64 `protobuf:"fixed64,2,opt,name=saturation_threshold,json=saturationThreshold,proto3" json:"saturation_threshold,omitempty"`
+}
+
+func (x *ScaledTrigger) Reset() {
+	*x = ScaledTrigger{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_config_overload_v3_overload_proto_msgTypes[2]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *ScaledTrigger) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*ScaledTrigger) ProtoMessage() {}
+
+func (x *ScaledTrigger) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_config_overload_v3_overload_proto_msgTypes[2]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use ScaledTrigger.ProtoReflect.Descriptor instead.
+func (*ScaledTrigger) Descriptor() ([]byte, []int) {
+	return file_envoy_config_overload_v3_overload_proto_rawDescGZIP(), []int{2}
+}
+
+func (x *ScaledTrigger) GetScalingThreshold() float64 {
+	if x != nil {
+		return x.ScalingThreshold
+	}
+	return 0
+}
+
+func (x *ScaledTrigger) GetSaturationThreshold() float64 {
+	if x != nil {
+		return x.SaturationThreshold
+	}
+	return 0
+}
+
+type Trigger struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// The name of the resource this is a trigger for.
+	Name string `protobuf:"bytes,1,opt,name=name,proto3" json:"name,omitempty"`
+	// Types that are assignable to TriggerOneof:
+	//	*Trigger_Threshold
+	//	*Trigger_Scaled
+	TriggerOneof isTrigger_TriggerOneof `protobuf_oneof:"trigger_oneof"`
+}
+
+func (x *Trigger) Reset() {
+	*x = Trigger{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_config_overload_v3_overload_proto_msgTypes[3]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *Trigger) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*Trigger) ProtoMessage() {}
+
+func (x *Trigger) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_config_overload_v3_overload_proto_msgTypes[3]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use Trigger.ProtoReflect.Descriptor instead.
+func (*Trigger) Descriptor() ([]byte, []int) {
+	return file_envoy_config_overload_v3_overload_proto_rawDescGZIP(), []int{3}
+}
+
+func (x *Trigger) GetName() string {
+	if x != nil {
+		return x.Name
+	}
+	return ""
+}
+
+func (m *Trigger) GetTriggerOneof() isTrigger_TriggerOneof {
+	if m != nil {
+		return m.TriggerOneof
+	}
+	return nil
+}
+
+func (x *Trigger) GetThreshold() *ThresholdTrigger {
+	if x, ok := x.GetTriggerOneof().(*Trigger_Threshold); ok {
+		return x.Threshold
+	}
+	return nil
+}
+
+func (x *Trigger) GetScaled() *ScaledTrigger {
+	if x, ok := x.GetTriggerOneof().(*Trigger_Scaled); ok {
+		return x.Scaled
+	}
+	return nil
+}
+
+type isTrigger_TriggerOneof interface {
+	isTrigger_TriggerOneof()
+}
+
+type Trigger_Threshold struct {
+	Threshold *ThresholdTrigger `protobuf:"bytes,2,opt,name=threshold,proto3,oneof"`
+}
+
+type Trigger_Scaled struct {
+	Scaled *ScaledTrigger `protobuf:"bytes,3,opt,name=scaled,proto3,oneof"`
+}
+
+func (*Trigger_Threshold) isTrigger_TriggerOneof() {}
+
+func (*Trigger_Scaled) isTrigger_TriggerOneof() {}
+
+// Typed configuration for the "envoy.overload_actions.reduce_timeouts" action. See
+// :ref:`the docs <config_overload_manager_reducing_timeouts>` for an example of how to configure
+// the action with different timeouts and minimum values.
+type ScaleTimersOverloadActionConfig struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// A set of timer scaling rules to be applied.
+	TimerScaleFactors []*ScaleTimersOverloadActionConfig_ScaleTimer `protobuf:"bytes,1,rep,name=timer_scale_factors,json=timerScaleFactors,proto3" json:"timer_scale_factors,omitempty"`
+}
+
+func (x *ScaleTimersOverloadActionConfig) Reset() {
+	*x = ScaleTimersOverloadActionConfig{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_config_overload_v3_overload_proto_msgTypes[4]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *ScaleTimersOverloadActionConfig) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*ScaleTimersOverloadActionConfig) ProtoMessage() {}
+
+func (x *ScaleTimersOverloadActionConfig) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_config_overload_v3_overload_proto_msgTypes[4]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use ScaleTimersOverloadActionConfig.ProtoReflect.Descriptor instead.
+func (*ScaleTimersOverloadActionConfig) Descriptor() ([]byte, []int) {
+	return file_envoy_config_overload_v3_overload_proto_rawDescGZIP(), []int{4}
+}
+
+func (x *ScaleTimersOverloadActionConfig) GetTimerScaleFactors() []*ScaleTimersOverloadActionConfig_ScaleTimer {
+	if x != nil {
+		return x.TimerScaleFactors
+	}
+	return nil
+}
+
+type OverloadAction struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// The name of the overload action. This is just a well-known string that listeners can
+	// use for registering callbacks. Custom overload actions should be named using reverse
+	// DNS to ensure uniqueness.
+	Name string `protobuf:"bytes,1,opt,name=name,proto3" json:"name,omitempty"`
+	// A set of triggers for this action. The state of the action is the maximum
+	// state of all triggers, which can be scaling between 0 and 1 or saturated. Listeners
+	// are notified when the overload action changes state.
+	Triggers []*Trigger `protobuf:"bytes,2,rep,name=triggers,proto3" json:"triggers,omitempty"`
+	// Configuration for the action being instantiated.
+	TypedConfig *any.Any `protobuf:"bytes,3,opt,name=typed_config,json=typedConfig,proto3" json:"typed_config,omitempty"`
+}
+
+func (x *OverloadAction) Reset() {
+	*x = OverloadAction{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_config_overload_v3_overload_proto_msgTypes[5]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *OverloadAction) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*OverloadAction) ProtoMessage() {}
+
+func (x *OverloadAction) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_config_overload_v3_overload_proto_msgTypes[5]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use OverloadAction.ProtoReflect.Descriptor instead.
+func (*OverloadAction) Descriptor() ([]byte, []int) {
+	return file_envoy_config_overload_v3_overload_proto_rawDescGZIP(), []int{5}
+}
+
+func (x *OverloadAction) GetName() string {
+	if x != nil {
+		return x.Name
+	}
+	return ""
+}
+
+func (x *OverloadAction) GetTriggers() []*Trigger {
+	if x != nil {
+		return x.Triggers
+	}
+	return nil
+}
+
+func (x *OverloadAction) GetTypedConfig() *any.Any {
+	if x != nil {
+		return x.TypedConfig
+	}
+	return nil
+}
+
+// Configuration for which accounts the WatermarkBuffer Factories should
+// track.
+type BufferFactoryConfig struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// The minimum power of two at which Envoy starts tracking an account.
+	//
+	// Envoy has 8 power of two buckets starting with the provided exponent below.
+	// Concretely the 1st bucket contains accounts for streams that use
+	// [2^minimum_account_to_track_power_of_two,
+	// 2^(minimum_account_to_track_power_of_two + 1)) bytes.
+	// With the 8th bucket tracking accounts
+	// >= 128 * 2^minimum_account_to_track_power_of_two.
+	//
+	// The maximum value is 56, since we're using uint64_t for bytes counting,
+	// and that's the last value that would use the 8 buckets. In practice,
+	// we don't expect the proxy to be holding 2^56 bytes.
+	//
+	// If omitted, Envoy should not do any tracking.
+	MinimumAccountToTrackPowerOfTwo uint32 `protobuf:"varint,1,opt,name=minimum_account_to_track_power_of_two,json=minimumAccountToTrackPowerOfTwo,proto3" json:"minimum_account_to_track_power_of_two,omitempty"`
+}
+
+func (x *BufferFactoryConfig) Reset() {
+	*x = BufferFactoryConfig{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_config_overload_v3_overload_proto_msgTypes[6]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *BufferFactoryConfig) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*BufferFactoryConfig) ProtoMessage() {}
+
+func (x *BufferFactoryConfig) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_config_overload_v3_overload_proto_msgTypes[6]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use BufferFactoryConfig.ProtoReflect.Descriptor instead.
+func (*BufferFactoryConfig) Descriptor() ([]byte, []int) {
+	return file_envoy_config_overload_v3_overload_proto_rawDescGZIP(), []int{6}
+}
+
+func (x *BufferFactoryConfig) GetMinimumAccountToTrackPowerOfTwo() uint32 {
+	if x != nil {
+		return x.MinimumAccountToTrackPowerOfTwo
+	}
+	return 0
+}
+
+type OverloadManager struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// The interval for refreshing resource usage.
+	RefreshInterval *duration.Duration `protobuf:"bytes,1,opt,name=refresh_interval,json=refreshInterval,proto3" json:"refresh_interval,omitempty"`
+	// The set of resources to monitor.
+	ResourceMonitors []*ResourceMonitor `protobuf:"bytes,2,rep,name=resource_monitors,json=resourceMonitors,proto3" json:"resource_monitors,omitempty"`
+	// The set of overload actions.
+	Actions []*OverloadAction `protobuf:"bytes,3,rep,name=actions,proto3" json:"actions,omitempty"`
+	// Configuration for buffer factory.
+	BufferFactoryConfig *BufferFactoryConfig `protobuf:"bytes,4,opt,name=buffer_factory_config,json=bufferFactoryConfig,proto3" json:"buffer_factory_config,omitempty"`
+}
+
+func (x *OverloadManager) Reset() {
+	*x = OverloadManager{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_config_overload_v3_overload_proto_msgTypes[7]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *OverloadManager) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*OverloadManager) ProtoMessage() {}
+
+func (x *OverloadManager) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_config_overload_v3_overload_proto_msgTypes[7]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use OverloadManager.ProtoReflect.Descriptor instead.
+func (*OverloadManager) Descriptor() ([]byte, []int) {
+	return file_envoy_config_overload_v3_overload_proto_rawDescGZIP(), []int{7}
+}
+
+func (x *OverloadManager) GetRefreshInterval() *duration.Duration {
+	if x != nil {
+		return x.RefreshInterval
+	}
+	return nil
+}
+
+func (x *OverloadManager) GetResourceMonitors() []*ResourceMonitor {
+	if x != nil {
+		return x.ResourceMonitors
+	}
+	return nil
+}
+
+func (x *OverloadManager) GetActions() []*OverloadAction {
+	if x != nil {
+		return x.Actions
+	}
+	return nil
+}
+
+func (x *OverloadManager) GetBufferFactoryConfig() *BufferFactoryConfig {
+	if x != nil {
+		return x.BufferFactoryConfig
+	}
+	return nil
+}
+
+type ScaleTimersOverloadActionConfig_ScaleTimer struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// The type of timer this minimum applies to.
+	Timer ScaleTimersOverloadActionConfig_TimerType `protobuf:"varint,1,opt,name=timer,proto3,enum=envoy.config.overload.v3.ScaleTimersOverloadActionConfig_TimerType" json:"timer,omitempty"`
+	// Types that are assignable to OverloadAdjust:
+	//	*ScaleTimersOverloadActionConfig_ScaleTimer_MinTimeout
+	//	*ScaleTimersOverloadActionConfig_ScaleTimer_MinScale
+	OverloadAdjust isScaleTimersOverloadActionConfig_ScaleTimer_OverloadAdjust `protobuf_oneof:"overload_adjust"`
+}
+
+func (x *ScaleTimersOverloadActionConfig_ScaleTimer) Reset() {
+	*x = ScaleTimersOverloadActionConfig_ScaleTimer{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_config_overload_v3_overload_proto_msgTypes[8]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *ScaleTimersOverloadActionConfig_ScaleTimer) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*ScaleTimersOverloadActionConfig_ScaleTimer) ProtoMessage() {}
+
+func (x *ScaleTimersOverloadActionConfig_ScaleTimer) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_config_overload_v3_overload_proto_msgTypes[8]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use ScaleTimersOverloadActionConfig_ScaleTimer.ProtoReflect.Descriptor instead.
+func (*ScaleTimersOverloadActionConfig_ScaleTimer) Descriptor() ([]byte, []int) {
+	return file_envoy_config_overload_v3_overload_proto_rawDescGZIP(), []int{4, 0}
+}
+
+func (x *ScaleTimersOverloadActionConfig_ScaleTimer) GetTimer() ScaleTimersOverloadActionConfig_TimerType {
+	if x != nil {
+		return x.Timer
+	}
+	return ScaleTimersOverloadActionConfig_UNSPECIFIED
+}
+
+func (m *ScaleTimersOverloadActionConfig_ScaleTimer) GetOverloadAdjust() isScaleTimersOverloadActionConfig_ScaleTimer_OverloadAdjust {
+	if m != nil {
+		return m.OverloadAdjust
+	}
+	return nil
+}
+
+func (x *ScaleTimersOverloadActionConfig_ScaleTimer) GetMinTimeout() *duration.Duration {
+	if x, ok := x.GetOverloadAdjust().(*ScaleTimersOverloadActionConfig_ScaleTimer_MinTimeout); ok {
+		return x.MinTimeout
+	}
+	return nil
+}
+
+func (x *ScaleTimersOverloadActionConfig_ScaleTimer) GetMinScale() *v3.Percent {
+	if x, ok := x.GetOverloadAdjust().(*ScaleTimersOverloadActionConfig_ScaleTimer_MinScale); ok {
+		return x.MinScale
+	}
+	return nil
+}
+
+type isScaleTimersOverloadActionConfig_ScaleTimer_OverloadAdjust interface {
+	isScaleTimersOverloadActionConfig_ScaleTimer_OverloadAdjust()
+}
+
+type ScaleTimersOverloadActionConfig_ScaleTimer_MinTimeout struct {
+	// Sets the minimum duration as an absolute value.
+	MinTimeout *duration.Duration `protobuf:"bytes,2,opt,name=min_timeout,json=minTimeout,proto3,oneof"`
+}
+
+type ScaleTimersOverloadActionConfig_ScaleTimer_MinScale struct {
+	// Sets the minimum duration as a percentage of the maximum value.
+	MinScale *v3.Percent `protobuf:"bytes,3,opt,name=min_scale,json=minScale,proto3,oneof"`
+}
+
+func (*ScaleTimersOverloadActionConfig_ScaleTimer_MinTimeout) isScaleTimersOverloadActionConfig_ScaleTimer_OverloadAdjust() {
+}
+
+func (*ScaleTimersOverloadActionConfig_ScaleTimer_MinScale) isScaleTimersOverloadActionConfig_ScaleTimer_OverloadAdjust() {
+}
+
+var File_envoy_config_overload_v3_overload_proto protoreflect.FileDescriptor
+
+var file_envoy_config_overload_v3_overload_proto_rawDesc = []byte{
+	0x0a, 0x27, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2f, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2f, 0x6f,
+	0x76, 0x65, 0x72, 0x6c, 0x6f, 0x61, 0x64, 0x2f, 0x76, 0x33, 0x2f, 0x6f, 0x76, 0x65, 0x72, 0x6c,
+	0x6f, 0x61, 0x64, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x12, 0x18, 0x65, 0x6e, 0x76, 0x6f, 0x79,
+	0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x6f, 0x76, 0x65, 0x72, 0x6c, 0x6f, 0x61, 0x64,
+	0x2e, 0x76, 0x33, 0x1a, 0x1b, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2f, 0x74, 0x79, 0x70, 0x65, 0x2f,
+	0x76, 0x33, 0x2f, 0x70, 0x65, 0x72, 0x63, 0x65, 0x6e, 0x74, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f,
+	0x1a, 0x19, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2f, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75,
+	0x66, 0x2f, 0x61, 0x6e, 0x79, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x1e, 0x67, 0x6f, 0x6f,
+	0x67, 0x6c, 0x65, 0x2f, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2f, 0x64, 0x75, 0x72,
+	0x61, 0x74, 0x69, 0x6f, 0x6e, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x1d, 0x75, 0x64, 0x70,
+	0x61, 0x2f, 0x61, 0x6e, 0x6e, 0x6f, 0x74, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x2f, 0x73, 0x74,
+	0x61, 0x74, 0x75, 0x73, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x21, 0x75, 0x64, 0x70, 0x61,
+	0x2f, 0x61, 0x6e, 0x6e, 0x6f, 0x74, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x2f, 0x76, 0x65, 0x72,
+	0x73, 0x69, 0x6f, 0x6e, 0x69, 0x6e, 0x67, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x17, 0x76,
+	0x61, 0x6c, 0x69, 0x64, 0x61, 0x74, 0x65, 0x2f, 0x76, 0x61, 0x6c, 0x69, 0x64, 0x61, 0x74, 0x65,
+	0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x22, 0xbc, 0x01, 0x0a, 0x0f, 0x52, 0x65, 0x73, 0x6f, 0x75,
+	0x72, 0x63, 0x65, 0x4d, 0x6f, 0x6e, 0x69, 0x74, 0x6f, 0x72, 0x12, 0x1b, 0x0a, 0x04, 0x6e, 0x61,
+	0x6d, 0x65, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x42, 0x07, 0xfa, 0x42, 0x04, 0x72, 0x02, 0x10,
+	0x01, 0x52, 0x04, 0x6e, 0x61, 0x6d, 0x65, 0x12, 0x39, 0x0a, 0x0c, 0x74, 0x79, 0x70, 0x65, 0x64,
+	0x5f, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x18, 0x03, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x14, 0x2e,
+	0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e,
+	0x41, 0x6e, 0x79, 0x48, 0x00, 0x52, 0x0b, 0x74, 0x79, 0x70, 0x65, 0x64, 0x43, 0x6f, 0x6e, 0x66,
+	0x69, 0x67, 0x3a, 0x34, 0x9a, 0xc5, 0x88, 0x1e, 0x2f, 0x0a, 0x2d, 0x65, 0x6e, 0x76, 0x6f, 0x79,
+	0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x6f, 0x76, 0x65, 0x72, 0x6c, 0x6f, 0x61, 0x64,
+	0x2e, 0x76, 0x32, 0x61, 0x6c, 0x70, 0x68, 0x61, 0x2e, 0x52, 0x65, 0x73, 0x6f, 0x75, 0x72, 0x63,
+	0x65, 0x4d, 0x6f, 0x6e, 0x69, 0x74, 0x6f, 0x72, 0x42, 0x0d, 0x0a, 0x0b, 0x63, 0x6f, 0x6e, 0x66,
+	0x69, 0x67, 0x5f, 0x74, 0x79, 0x70, 0x65, 0x4a, 0x04, 0x08, 0x02, 0x10, 0x03, 0x52, 0x06, 0x63,
+	0x6f, 0x6e, 0x66, 0x69, 0x67, 0x22, 0x78, 0x0a, 0x10, 0x54, 0x68, 0x72, 0x65, 0x73, 0x68, 0x6f,
+	0x6c, 0x64, 0x54, 0x72, 0x69, 0x67, 0x67, 0x65, 0x72, 0x12, 0x2d, 0x0a, 0x05, 0x76, 0x61, 0x6c,
+	0x75, 0x65, 0x18, 0x01, 0x20, 0x01, 0x28, 0x01, 0x42, 0x17, 0xfa, 0x42, 0x14, 0x12, 0x12, 0x19,
+	0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0xf0, 0x3f, 0x29, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+	0x00, 0x52, 0x05, 0x76, 0x61, 0x6c, 0x75, 0x65, 0x3a, 0x35, 0x9a, 0xc5, 0x88, 0x1e, 0x30, 0x0a,
+	0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x6f, 0x76,
+	0x65, 0x72, 0x6c, 0x6f, 0x61, 0x64, 0x2e, 0x76, 0x32, 0x61, 0x6c, 0x70, 0x68, 0x61, 0x2e, 0x54,
+	0x68, 0x72, 0x65, 0x73, 0x68, 0x6f, 0x6c, 0x64, 0x54, 0x72, 0x69, 0x67, 0x67, 0x65, 0x72, 0x22,
+	0xa1, 0x01, 0x0a, 0x0d, 0x53, 0x63, 0x61, 0x6c, 0x65, 0x64, 0x54, 0x72, 0x69, 0x67, 0x67, 0x65,
+	0x72, 0x12, 0x44, 0x0a, 0x11, 0x73, 0x63, 0x61, 0x6c, 0x69, 0x6e, 0x67, 0x5f, 0x74, 0x68, 0x72,
+	0x65, 0x73, 0x68, 0x6f, 0x6c, 0x64, 0x18, 0x01, 0x20, 0x01, 0x28, 0x01, 0x42, 0x17, 0xfa, 0x42,
+	0x14, 0x12, 0x12, 0x19, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0xf0, 0x3f, 0x29, 0x00, 0x00, 0x00,
+	0x00, 0x00, 0x00, 0x00, 0x00, 0x52, 0x10, 0x73, 0x63, 0x61, 0x6c, 0x69, 0x6e, 0x67, 0x54, 0x68,
+	0x72, 0x65, 0x73, 0x68, 0x6f, 0x6c, 0x64, 0x12, 0x4a, 0x0a, 0x14, 0x73, 0x61, 0x74, 0x75, 0x72,
+	0x61, 0x74, 0x69, 0x6f, 0x6e, 0x5f, 0x74, 0x68, 0x72, 0x65, 0x73, 0x68, 0x6f, 0x6c, 0x64, 0x18,
+	0x02, 0x20, 0x01, 0x28, 0x01, 0x42, 0x17, 0xfa, 0x42, 0x14, 0x12, 0x12, 0x19, 0x00, 0x00, 0x00,
+	0x00, 0x00, 0x00, 0xf0, 0x3f, 0x29, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x52, 0x13,
+	0x73, 0x61, 0x74, 0x75, 0x72, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x54, 0x68, 0x72, 0x65, 0x73, 0x68,
+	0x6f, 0x6c, 0x64, 0x22, 0xf9, 0x01, 0x0a, 0x07, 0x54, 0x72, 0x69, 0x67, 0x67, 0x65, 0x72, 0x12,
+	0x1b, 0x0a, 0x04, 0x6e, 0x61, 0x6d, 0x65, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x42, 0x07, 0xfa,
+	0x42, 0x04, 0x72, 0x02, 0x10, 0x01, 0x52, 0x04, 0x6e, 0x61, 0x6d, 0x65, 0x12, 0x4a, 0x0a, 0x09,
+	0x74, 0x68, 0x72, 0x65, 0x73, 0x68, 0x6f, 0x6c, 0x64, 0x18, 0x02, 0x20, 0x01, 0x28, 0x0b, 0x32,
+	0x2a, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x6f,
+	0x76, 0x65, 0x72, 0x6c, 0x6f, 0x61, 0x64, 0x2e, 0x76, 0x33, 0x2e, 0x54, 0x68, 0x72, 0x65, 0x73,
+	0x68, 0x6f, 0x6c, 0x64, 0x54, 0x72, 0x69, 0x67, 0x67, 0x65, 0x72, 0x48, 0x00, 0x52, 0x09, 0x74,
+	0x68, 0x72, 0x65, 0x73, 0x68, 0x6f, 0x6c, 0x64, 0x12, 0x41, 0x0a, 0x06, 0x73, 0x63, 0x61, 0x6c,
+	0x65, 0x64, 0x18, 0x03, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x27, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79,
+	0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x6f, 0x76, 0x65, 0x72, 0x6c, 0x6f, 0x61, 0x64,
+	0x2e, 0x76, 0x33, 0x2e, 0x53, 0x63, 0x61, 0x6c, 0x65, 0x64, 0x54, 0x72, 0x69, 0x67, 0x67, 0x65,
+	0x72, 0x48, 0x00, 0x52, 0x06, 0x73, 0x63, 0x61, 0x6c, 0x65, 0x64, 0x3a, 0x2c, 0x9a, 0xc5, 0x88,
+	0x1e, 0x27, 0x0a, 0x25, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67,
+	0x2e, 0x6f, 0x76, 0x65, 0x72, 0x6c, 0x6f, 0x61, 0x64, 0x2e, 0x76, 0x32, 0x61, 0x6c, 0x70, 0x68,
+	0x61, 0x2e, 0x54, 0x72, 0x69, 0x67, 0x67, 0x65, 0x72, 0x42, 0x14, 0x0a, 0x0d, 0x74, 0x72, 0x69,
+	0x67, 0x67, 0x65, 0x72, 0x5f, 0x6f, 0x6e, 0x65, 0x6f, 0x66, 0x12, 0x03, 0xf8, 0x42, 0x01, 0x22,
+	0xa7, 0x04, 0x0a, 0x1f, 0x53, 0x63, 0x61, 0x6c, 0x65, 0x54, 0x69, 0x6d, 0x65, 0x72, 0x73, 0x4f,
+	0x76, 0x65, 0x72, 0x6c, 0x6f, 0x61, 0x64, 0x41, 0x63, 0x74, 0x69, 0x6f, 0x6e, 0x43, 0x6f, 0x6e,
+	0x66, 0x69, 0x67, 0x12, 0x7e, 0x0a, 0x13, 0x74, 0x69, 0x6d, 0x65, 0x72, 0x5f, 0x73, 0x63, 0x61,
+	0x6c, 0x65, 0x5f, 0x66, 0x61, 0x63, 0x74, 0x6f, 0x72, 0x73, 0x18, 0x01, 0x20, 0x03, 0x28, 0x0b,
+	0x32, 0x44, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e,
+	0x6f, 0x76, 0x65, 0x72, 0x6c, 0x6f, 0x61, 0x64, 0x2e, 0x76, 0x33, 0x2e, 0x53, 0x63, 0x61, 0x6c,
+	0x65, 0x54, 0x69, 0x6d, 0x65, 0x72, 0x73, 0x4f, 0x76, 0x65, 0x72, 0x6c, 0x6f, 0x61, 0x64, 0x41,
+	0x63, 0x74, 0x69, 0x6f, 0x6e, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x53, 0x63, 0x61, 0x6c,
+	0x65, 0x54, 0x69, 0x6d, 0x65, 0x72, 0x42, 0x08, 0xfa, 0x42, 0x05, 0x92, 0x01, 0x02, 0x08, 0x01,
+	0x52, 0x11, 0x74, 0x69, 0x6d, 0x65, 0x72, 0x53, 0x63, 0x61, 0x6c, 0x65, 0x46, 0x61, 0x63, 0x74,
+	0x6f, 0x72, 0x73, 0x1a, 0x80, 0x02, 0x0a, 0x0a, 0x53, 0x63, 0x61, 0x6c, 0x65, 0x54, 0x69, 0x6d,
+	0x65, 0x72, 0x12, 0x65, 0x0a, 0x05, 0x74, 0x69, 0x6d, 0x65, 0x72, 0x18, 0x01, 0x20, 0x01, 0x28,
+	0x0e, 0x32, 0x43, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67,
+	0x2e, 0x6f, 0x76, 0x65, 0x72, 0x6c, 0x6f, 0x61, 0x64, 0x2e, 0x76, 0x33, 0x2e, 0x53, 0x63, 0x61,
+	0x6c, 0x65, 0x54, 0x69, 0x6d, 0x65, 0x72, 0x73, 0x4f, 0x76, 0x65, 0x72, 0x6c, 0x6f, 0x61, 0x64,
+	0x41, 0x63, 0x74, 0x69, 0x6f, 0x6e, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x54, 0x69, 0x6d,
+	0x65, 0x72, 0x54, 0x79, 0x70, 0x65, 0x42, 0x0a, 0xfa, 0x42, 0x07, 0x82, 0x01, 0x04, 0x10, 0x01,
+	0x20, 0x00, 0x52, 0x05, 0x74, 0x69, 0x6d, 0x65, 0x72, 0x12, 0x3c, 0x0a, 0x0b, 0x6d, 0x69, 0x6e,
+	0x5f, 0x74, 0x69, 0x6d, 0x65, 0x6f, 0x75, 0x74, 0x18, 0x02, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x19,
+	0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66,
+	0x2e, 0x44, 0x75, 0x72, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x48, 0x00, 0x52, 0x0a, 0x6d, 0x69, 0x6e,
+	0x54, 0x69, 0x6d, 0x65, 0x6f, 0x75, 0x74, 0x12, 0x35, 0x0a, 0x09, 0x6d, 0x69, 0x6e, 0x5f, 0x73,
+	0x63, 0x61, 0x6c, 0x65, 0x18, 0x03, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x16, 0x2e, 0x65, 0x6e, 0x76,
+	0x6f, 0x79, 0x2e, 0x74, 0x79, 0x70, 0x65, 0x2e, 0x76, 0x33, 0x2e, 0x50, 0x65, 0x72, 0x63, 0x65,
+	0x6e, 0x74, 0x48, 0x00, 0x52, 0x08, 0x6d, 0x69, 0x6e, 0x53, 0x63, 0x61, 0x6c, 0x65, 0x42, 0x16,
+	0x0a, 0x0f, 0x6f, 0x76, 0x65, 0x72, 0x6c, 0x6f, 0x61, 0x64, 0x5f, 0x61, 0x64, 0x6a, 0x75, 0x73,
+	0x74, 0x12, 0x03, 0xf8, 0x42, 0x01, 0x22, 0x80, 0x01, 0x0a, 0x09, 0x54, 0x69, 0x6d, 0x65, 0x72,
+	0x54, 0x79, 0x70, 0x65, 0x12, 0x0f, 0x0a, 0x0b, 0x55, 0x4e, 0x53, 0x50, 0x45, 0x43, 0x49, 0x46,
+	0x49, 0x45, 0x44, 0x10, 0x00, 0x12, 0x23, 0x0a, 0x1f, 0x48, 0x54, 0x54, 0x50, 0x5f, 0x44, 0x4f,
+	0x57, 0x4e, 0x53, 0x54, 0x52, 0x45, 0x41, 0x4d, 0x5f, 0x43, 0x4f, 0x4e, 0x4e, 0x45, 0x43, 0x54,
+	0x49, 0x4f, 0x4e, 0x5f, 0x49, 0x44, 0x4c, 0x45, 0x10, 0x01, 0x12, 0x1f, 0x0a, 0x1b, 0x48, 0x54,
+	0x54, 0x50, 0x5f, 0x44, 0x4f, 0x57, 0x4e, 0x53, 0x54, 0x52, 0x45, 0x41, 0x4d, 0x5f, 0x53, 0x54,
+	0x52, 0x45, 0x41, 0x4d, 0x5f, 0x49, 0x44, 0x4c, 0x45, 0x10, 0x02, 0x12, 0x1c, 0x0a, 0x18, 0x54,
+	0x52, 0x41, 0x4e, 0x53, 0x50, 0x4f, 0x52, 0x54, 0x5f, 0x53, 0x4f, 0x43, 0x4b, 0x45, 0x54, 0x5f,
+	0x43, 0x4f, 0x4e, 0x4e, 0x45, 0x43, 0x54, 0x10, 0x03, 0x22, 0xe4, 0x01, 0x0a, 0x0e, 0x4f, 0x76,
+	0x65, 0x72, 0x6c, 0x6f, 0x61, 0x64, 0x41, 0x63, 0x74, 0x69, 0x6f, 0x6e, 0x12, 0x1b, 0x0a, 0x04,
+	0x6e, 0x61, 0x6d, 0x65, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x42, 0x07, 0xfa, 0x42, 0x04, 0x72,
+	0x02, 0x10, 0x01, 0x52, 0x04, 0x6e, 0x61, 0x6d, 0x65, 0x12, 0x47, 0x0a, 0x08, 0x74, 0x72, 0x69,
+	0x67, 0x67, 0x65, 0x72, 0x73, 0x18, 0x02, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x21, 0x2e, 0x65, 0x6e,
+	0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x6f, 0x76, 0x65, 0x72, 0x6c,
+	0x6f, 0x61, 0x64, 0x2e, 0x76, 0x33, 0x2e, 0x54, 0x72, 0x69, 0x67, 0x67, 0x65, 0x72, 0x42, 0x08,
+	0xfa, 0x42, 0x05, 0x92, 0x01, 0x02, 0x08, 0x01, 0x52, 0x08, 0x74, 0x72, 0x69, 0x67, 0x67, 0x65,
+	0x72, 0x73, 0x12, 0x37, 0x0a, 0x0c, 0x74, 0x79, 0x70, 0x65, 0x64, 0x5f, 0x63, 0x6f, 0x6e, 0x66,
+	0x69, 0x67, 0x18, 0x03, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x14, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c,
+	0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x41, 0x6e, 0x79, 0x52, 0x0b,
+	0x74, 0x79, 0x70, 0x65, 0x64, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x3a, 0x33, 0x9a, 0xc5, 0x88,
+	0x1e, 0x2e, 0x0a, 0x2c, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67,
+	0x2e, 0x6f, 0x76, 0x65, 0x72, 0x6c, 0x6f, 0x61, 0x64, 0x2e, 0x76, 0x32, 0x61, 0x6c, 0x70, 0x68,
+	0x61, 0x2e, 0x4f, 0x76, 0x65, 0x72, 0x6c, 0x6f, 0x61, 0x64, 0x41, 0x63, 0x74, 0x69, 0x6f, 0x6e,
+	0x22, 0x70, 0x0a, 0x13, 0x42, 0x75, 0x66, 0x66, 0x65, 0x72, 0x46, 0x61, 0x63, 0x74, 0x6f, 0x72,
+	0x79, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x12, 0x59, 0x0a, 0x25, 0x6d, 0x69, 0x6e, 0x69, 0x6d,
+	0x75, 0x6d, 0x5f, 0x61, 0x63, 0x63, 0x6f, 0x75, 0x6e, 0x74, 0x5f, 0x74, 0x6f, 0x5f, 0x74, 0x72,
+	0x61, 0x63, 0x6b, 0x5f, 0x70, 0x6f, 0x77, 0x65, 0x72, 0x5f, 0x6f, 0x66, 0x5f, 0x74, 0x77, 0x6f,
+	0x18, 0x01, 0x20, 0x01, 0x28, 0x0d, 0x42, 0x09, 0xfa, 0x42, 0x06, 0x2a, 0x04, 0x18, 0x38, 0x28,
+	0x0a, 0x52, 0x1f, 0x6d, 0x69, 0x6e, 0x69, 0x6d, 0x75, 0x6d, 0x41, 0x63, 0x63, 0x6f, 0x75, 0x6e,
+	0x74, 0x54, 0x6f, 0x54, 0x72, 0x61, 0x63, 0x6b, 0x50, 0x6f, 0x77, 0x65, 0x72, 0x4f, 0x66, 0x54,
+	0x77, 0x6f, 0x22, 0x96, 0x03, 0x0a, 0x0f, 0x4f, 0x76, 0x65, 0x72, 0x6c, 0x6f, 0x61, 0x64, 0x4d,
+	0x61, 0x6e, 0x61, 0x67, 0x65, 0x72, 0x12, 0x44, 0x0a, 0x10, 0x72, 0x65, 0x66, 0x72, 0x65, 0x73,
+	0x68, 0x5f, 0x69, 0x6e, 0x74, 0x65, 0x72, 0x76, 0x61, 0x6c, 0x18, 0x01, 0x20, 0x01, 0x28, 0x0b,
+	0x32, 0x19, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62,
+	0x75, 0x66, 0x2e, 0x44, 0x75, 0x72, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x52, 0x0f, 0x72, 0x65, 0x66,
+	0x72, 0x65, 0x73, 0x68, 0x49, 0x6e, 0x74, 0x65, 0x72, 0x76, 0x61, 0x6c, 0x12, 0x60, 0x0a, 0x11,
+	0x72, 0x65, 0x73, 0x6f, 0x75, 0x72, 0x63, 0x65, 0x5f, 0x6d, 0x6f, 0x6e, 0x69, 0x74, 0x6f, 0x72,
+	0x73, 0x18, 0x02, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x29, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e,
+	0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x6f, 0x76, 0x65, 0x72, 0x6c, 0x6f, 0x61, 0x64, 0x2e,
+	0x76, 0x33, 0x2e, 0x52, 0x65, 0x73, 0x6f, 0x75, 0x72, 0x63, 0x65, 0x4d, 0x6f, 0x6e, 0x69, 0x74,
+	0x6f, 0x72, 0x42, 0x08, 0xfa, 0x42, 0x05, 0x92, 0x01, 0x02, 0x08, 0x01, 0x52, 0x10, 0x72, 0x65,
+	0x73, 0x6f, 0x75, 0x72, 0x63, 0x65, 0x4d, 0x6f, 0x6e, 0x69, 0x74, 0x6f, 0x72, 0x73, 0x12, 0x42,
+	0x0a, 0x07, 0x61, 0x63, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x18, 0x03, 0x20, 0x03, 0x28, 0x0b, 0x32,
+	0x28, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x6f,
+	0x76, 0x65, 0x72, 0x6c, 0x6f, 0x61, 0x64, 0x2e, 0x76, 0x33, 0x2e, 0x4f, 0x76, 0x65, 0x72, 0x6c,
+	0x6f, 0x61, 0x64, 0x41, 0x63, 0x74, 0x69, 0x6f, 0x6e, 0x52, 0x07, 0x61, 0x63, 0x74, 0x69, 0x6f,
+	0x6e, 0x73, 0x12, 0x61, 0x0a, 0x15, 0x62, 0x75, 0x66, 0x66, 0x65, 0x72, 0x5f, 0x66, 0x61, 0x63,
+	0x74, 0x6f, 0x72, 0x79, 0x5f, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x18, 0x04, 0x20, 0x01, 0x28,
+	0x0b, 0x32, 0x2d, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67,
+	0x2e, 0x6f, 0x76, 0x65, 0x72, 0x6c, 0x6f, 0x61, 0x64, 0x2e, 0x76, 0x33, 0x2e, 0x42, 0x75, 0x66,
+	0x66, 0x65, 0x72, 0x46, 0x61, 0x63, 0x74, 0x6f, 0x72, 0x79, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67,
+	0x52, 0x13, 0x62, 0x75, 0x66, 0x66, 0x65, 0x72, 0x46, 0x61, 0x63, 0x74, 0x6f, 0x72, 0x79, 0x43,
+	0x6f, 0x6e, 0x66, 0x69, 0x67, 0x3a, 0x34, 0x9a, 0xc5, 0x88, 0x1e, 0x2f, 0x0a, 0x2d, 0x65, 0x6e,
+	0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x6f, 0x76, 0x65, 0x72, 0x6c,
+	0x6f, 0x61, 0x64, 0x2e, 0x76, 0x32, 0x61, 0x6c, 0x70, 0x68, 0x61, 0x2e, 0x4f, 0x76, 0x65, 0x72,
+	0x6c, 0x6f, 0x61, 0x64, 0x4d, 0x61, 0x6e, 0x61, 0x67, 0x65, 0x72, 0x42, 0x41, 0x0a, 0x26, 0x69,
+	0x6f, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x70, 0x72, 0x6f, 0x78, 0x79, 0x2e, 0x65, 0x6e, 0x76,
+	0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x6f, 0x76, 0x65, 0x72, 0x6c, 0x6f,
+	0x61, 0x64, 0x2e, 0x76, 0x33, 0x42, 0x0d, 0x4f, 0x76, 0x65, 0x72, 0x6c, 0x6f, 0x61, 0x64, 0x50,
+	0x72, 0x6f, 0x74, 0x6f, 0x50, 0x01, 0xba, 0x80, 0xc8, 0xd1, 0x06, 0x02, 0x10, 0x02, 0x62, 0x06,
+	0x70, 0x72, 0x6f, 0x74, 0x6f, 0x33,
+}
+
+var (
+	file_envoy_config_overload_v3_overload_proto_rawDescOnce sync.Once
+	file_envoy_config_overload_v3_overload_proto_rawDescData = file_envoy_config_overload_v3_overload_proto_rawDesc
+)
+
+func file_envoy_config_overload_v3_overload_proto_rawDescGZIP() []byte {
+	file_envoy_config_overload_v3_overload_proto_rawDescOnce.Do(func() {
+		file_envoy_config_overload_v3_overload_proto_rawDescData = protoimpl.X.CompressGZIP(file_envoy_config_overload_v3_overload_proto_rawDescData)
+	})
+	return file_envoy_config_overload_v3_overload_proto_rawDescData
+}
+
+var file_envoy_config_overload_v3_overload_proto_enumTypes = make([]protoimpl.EnumInfo, 1)
+var file_envoy_config_overload_v3_overload_proto_msgTypes = make([]protoimpl.MessageInfo, 9)
+var file_envoy_config_overload_v3_overload_proto_goTypes = []interface{}{
+	(ScaleTimersOverloadActionConfig_TimerType)(0),     // 0: envoy.config.overload.v3.ScaleTimersOverloadActionConfig.TimerType
+	(*ResourceMonitor)(nil),                            // 1: envoy.config.overload.v3.ResourceMonitor
+	(*ThresholdTrigger)(nil),                           // 2: envoy.config.overload.v3.ThresholdTrigger
+	(*ScaledTrigger)(nil),                              // 3: envoy.config.overload.v3.ScaledTrigger
+	(*Trigger)(nil),                                    // 4: envoy.config.overload.v3.Trigger
+	(*ScaleTimersOverloadActionConfig)(nil),            // 5: envoy.config.overload.v3.ScaleTimersOverloadActionConfig
+	(*OverloadAction)(nil),                             // 6: envoy.config.overload.v3.OverloadAction
+	(*BufferFactoryConfig)(nil),                        // 7: envoy.config.overload.v3.BufferFactoryConfig
+	(*OverloadManager)(nil),                            // 8: envoy.config.overload.v3.OverloadManager
+	(*ScaleTimersOverloadActionConfig_ScaleTimer)(nil), // 9: envoy.config.overload.v3.ScaleTimersOverloadActionConfig.ScaleTimer
+	(*any.Any)(nil),                                    // 10: google.protobuf.Any
+	(*duration.Duration)(nil),                          // 11: google.protobuf.Duration
+	(*v3.Percent)(nil),                                 // 12: envoy.type.v3.Percent
+}
+var file_envoy_config_overload_v3_overload_proto_depIdxs = []int32{
+	10, // 0: envoy.config.overload.v3.ResourceMonitor.typed_config:type_name -> google.protobuf.Any
+	2,  // 1: envoy.config.overload.v3.Trigger.threshold:type_name -> envoy.config.overload.v3.ThresholdTrigger
+	3,  // 2: envoy.config.overload.v3.Trigger.scaled:type_name -> envoy.config.overload.v3.ScaledTrigger
+	9,  // 3: envoy.config.overload.v3.ScaleTimersOverloadActionConfig.timer_scale_factors:type_name -> envoy.config.overload.v3.ScaleTimersOverloadActionConfig.ScaleTimer
+	4,  // 4: envoy.config.overload.v3.OverloadAction.triggers:type_name -> envoy.config.overload.v3.Trigger
+	10, // 5: envoy.config.overload.v3.OverloadAction.typed_config:type_name -> google.protobuf.Any
+	11, // 6: envoy.config.overload.v3.OverloadManager.refresh_interval:type_name -> google.protobuf.Duration
+	1,  // 7: envoy.config.overload.v3.OverloadManager.resource_monitors:type_name -> envoy.config.overload.v3.ResourceMonitor
+	6,  // 8: envoy.config.overload.v3.OverloadManager.actions:type_name -> envoy.config.overload.v3.OverloadAction
+	7,  // 9: envoy.config.overload.v3.OverloadManager.buffer_factory_config:type_name -> envoy.config.overload.v3.BufferFactoryConfig
+	0,  // 10: envoy.config.overload.v3.ScaleTimersOverloadActionConfig.ScaleTimer.timer:type_name -> envoy.config.overload.v3.ScaleTimersOverloadActionConfig.TimerType
+	11, // 11: envoy.config.overload.v3.ScaleTimersOverloadActionConfig.ScaleTimer.min_timeout:type_name -> google.protobuf.Duration
+	12, // 12: envoy.config.overload.v3.ScaleTimersOverloadActionConfig.ScaleTimer.min_scale:type_name -> envoy.type.v3.Percent
+	13, // [13:13] is the sub-list for method output_type
+	13, // [13:13] is the sub-list for method input_type
+	13, // [13:13] is the sub-list for extension type_name
+	13, // [13:13] is the sub-list for extension extendee
+	0,  // [0:13] is the sub-list for field type_name
+}
+
+func init() { file_envoy_config_overload_v3_overload_proto_init() }
+func file_envoy_config_overload_v3_overload_proto_init() {
+	if File_envoy_config_overload_v3_overload_proto != nil {
+		return
+	}
+	if !protoimpl.UnsafeEnabled {
+		file_envoy_config_overload_v3_overload_proto_msgTypes[0].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*ResourceMonitor); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_config_overload_v3_overload_proto_msgTypes[1].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*ThresholdTrigger); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_config_overload_v3_overload_proto_msgTypes[2].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*ScaledTrigger); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_config_overload_v3_overload_proto_msgTypes[3].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*Trigger); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_config_overload_v3_overload_proto_msgTypes[4].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*ScaleTimersOverloadActionConfig); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_config_overload_v3_overload_proto_msgTypes[5].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*OverloadAction); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_config_overload_v3_overload_proto_msgTypes[6].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*BufferFactoryConfig); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_config_overload_v3_overload_proto_msgTypes[7].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*OverloadManager); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_config_overload_v3_overload_proto_msgTypes[8].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*ScaleTimersOverloadActionConfig_ScaleTimer); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+	}
+	file_envoy_config_overload_v3_overload_proto_msgTypes[0].OneofWrappers = []interface{}{
+		(*ResourceMonitor_TypedConfig)(nil),
+	}
+	file_envoy_config_overload_v3_overload_proto_msgTypes[3].OneofWrappers = []interface{}{
+		(*Trigger_Threshold)(nil),
+		(*Trigger_Scaled)(nil),
+	}
+	file_envoy_config_overload_v3_overload_proto_msgTypes[8].OneofWrappers = []interface{}{
+		(*ScaleTimersOverloadActionConfig_ScaleTimer_MinTimeout)(nil),
+		(*ScaleTimersOverloadActionConfig_ScaleTimer_MinScale)(nil),
+	}
+	type x struct{}
+	out := protoimpl.TypeBuilder{
+		File: protoimpl.DescBuilder{
+			GoPackagePath: reflect.TypeOf(x{}).PkgPath(),
+			RawDescriptor: file_envoy_config_overload_v3_overload_proto_rawDesc,
+			NumEnums:      1,
+			NumMessages:   9,
+			NumExtensions: 0,
+			NumServices:   0,
+		},
+		GoTypes:           file_envoy_config_overload_v3_overload_proto_goTypes,
+		DependencyIndexes: file_envoy_config_overload_v3_overload_proto_depIdxs,
+		EnumInfos:         file_envoy_config_overload_v3_overload_proto_enumTypes,
+		MessageInfos:      file_envoy_config_overload_v3_overload_proto_msgTypes,
+	}.Build()
+	File_envoy_config_overload_v3_overload_proto = out.File
+	file_envoy_config_overload_v3_overload_proto_rawDesc = nil
+	file_envoy_config_overload_v3_overload_proto_goTypes = nil
+	file_envoy_config_overload_v3_overload_proto_depIdxs = nil
+}
diff --git a/vendor/github.com/envoyproxy/go-control-plane/envoy/config/overload/v3/overload.pb.validate.go b/vendor/github.com/envoyproxy/go-control-plane/envoy/config/overload/v3/overload.pb.validate.go
new file mode 100644
index 00000000000..8ae690cdf66
--- /dev/null
+++ b/vendor/github.com/envoyproxy/go-control-plane/envoy/config/overload/v3/overload.pb.validate.go
@@ -0,0 +1,1482 @@
+// Code generated by protoc-gen-validate. DO NOT EDIT.
+// source: envoy/config/overload/v3/overload.proto
+
+package envoy_config_overload_v3
+
+import (
+	"bytes"
+	"errors"
+	"fmt"
+	"net"
+	"net/mail"
+	"net/url"
+	"regexp"
+	"sort"
+	"strings"
+	"time"
+	"unicode/utf8"
+
+	"google.golang.org/protobuf/types/known/anypb"
+)
+
+// ensure the imports are used
+var (
+	_ = bytes.MinRead
+	_ = errors.New("")
+	_ = fmt.Print
+	_ = utf8.UTFMax
+	_ = (*regexp.Regexp)(nil)
+	_ = (*strings.Reader)(nil)
+	_ = net.IPv4len
+	_ = time.Duration(0)
+	_ = (*url.URL)(nil)
+	_ = (*mail.Address)(nil)
+	_ = anypb.Any{}
+	_ = sort.Sort
+)
+
+// Validate checks the field values on ResourceMonitor with the rules defined
+// in the proto definition for this message. If any rules are violated, the
+// first error encountered is returned, or nil if there are no violations.
+func (m *ResourceMonitor) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on ResourceMonitor with the rules
+// defined in the proto definition for this message. If any rules are
+// violated, the result is a list of violation errors wrapped in
+// ResourceMonitorMultiError, or nil if none found.
+func (m *ResourceMonitor) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *ResourceMonitor) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	if utf8.RuneCountInString(m.GetName()) < 1 {
+		err := ResourceMonitorValidationError{
+			field:  "Name",
+			reason: "value length must be at least 1 runes",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+	}
+
+	switch m.ConfigType.(type) {
+
+	case *ResourceMonitor_TypedConfig:
+
+		if all {
+			switch v := interface{}(m.GetTypedConfig()).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, ResourceMonitorValidationError{
+						field:  "TypedConfig",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, ResourceMonitorValidationError{
+						field:  "TypedConfig",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(m.GetTypedConfig()).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return ResourceMonitorValidationError{
+					field:  "TypedConfig",
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	}
+
+	if len(errors) > 0 {
+		return ResourceMonitorMultiError(errors)
+	}
+	return nil
+}
+
+// ResourceMonitorMultiError is an error wrapping multiple validation errors
+// returned by ResourceMonitor.ValidateAll() if the designated constraints
+// aren't met.
+type ResourceMonitorMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m ResourceMonitorMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m ResourceMonitorMultiError) AllErrors() []error { return m }
+
+// ResourceMonitorValidationError is the validation error returned by
+// ResourceMonitor.Validate if the designated constraints aren't met.
+type ResourceMonitorValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e ResourceMonitorValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e ResourceMonitorValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e ResourceMonitorValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e ResourceMonitorValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e ResourceMonitorValidationError) ErrorName() string { return "ResourceMonitorValidationError" }
+
+// Error satisfies the builtin error interface
+func (e ResourceMonitorValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sResourceMonitor.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = ResourceMonitorValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = ResourceMonitorValidationError{}
+
+// Validate checks the field values on ThresholdTrigger with the rules defined
+// in the proto definition for this message. If any rules are violated, the
+// first error encountered is returned, or nil if there are no violations.
+func (m *ThresholdTrigger) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on ThresholdTrigger with the rules
+// defined in the proto definition for this message. If any rules are
+// violated, the result is a list of violation errors wrapped in
+// ThresholdTriggerMultiError, or nil if none found.
+func (m *ThresholdTrigger) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *ThresholdTrigger) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	if val := m.GetValue(); val < 0 || val > 1 {
+		err := ThresholdTriggerValidationError{
+			field:  "Value",
+			reason: "value must be inside range [0, 1]",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+	}
+
+	if len(errors) > 0 {
+		return ThresholdTriggerMultiError(errors)
+	}
+	return nil
+}
+
+// ThresholdTriggerMultiError is an error wrapping multiple validation errors
+// returned by ThresholdTrigger.ValidateAll() if the designated constraints
+// aren't met.
+type ThresholdTriggerMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m ThresholdTriggerMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m ThresholdTriggerMultiError) AllErrors() []error { return m }
+
+// ThresholdTriggerValidationError is the validation error returned by
+// ThresholdTrigger.Validate if the designated constraints aren't met.
+type ThresholdTriggerValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e ThresholdTriggerValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e ThresholdTriggerValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e ThresholdTriggerValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e ThresholdTriggerValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e ThresholdTriggerValidationError) ErrorName() string { return "ThresholdTriggerValidationError" }
+
+// Error satisfies the builtin error interface
+func (e ThresholdTriggerValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sThresholdTrigger.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = ThresholdTriggerValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = ThresholdTriggerValidationError{}
+
+// Validate checks the field values on ScaledTrigger with the rules defined in
+// the proto definition for this message. If any rules are violated, the first
+// error encountered is returned, or nil if there are no violations.
+func (m *ScaledTrigger) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on ScaledTrigger with the rules defined
+// in the proto definition for this message. If any rules are violated, the
+// result is a list of violation errors wrapped in ScaledTriggerMultiError, or
+// nil if none found.
+func (m *ScaledTrigger) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *ScaledTrigger) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	if val := m.GetScalingThreshold(); val < 0 || val > 1 {
+		err := ScaledTriggerValidationError{
+			field:  "ScalingThreshold",
+			reason: "value must be inside range [0, 1]",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+	}
+
+	if val := m.GetSaturationThreshold(); val < 0 || val > 1 {
+		err := ScaledTriggerValidationError{
+			field:  "SaturationThreshold",
+			reason: "value must be inside range [0, 1]",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+	}
+
+	if len(errors) > 0 {
+		return ScaledTriggerMultiError(errors)
+	}
+	return nil
+}
+
+// ScaledTriggerMultiError is an error wrapping multiple validation errors
+// returned by ScaledTrigger.ValidateAll() if the designated constraints
+// aren't met.
+type ScaledTriggerMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m ScaledTriggerMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m ScaledTriggerMultiError) AllErrors() []error { return m }
+
+// ScaledTriggerValidationError is the validation error returned by
+// ScaledTrigger.Validate if the designated constraints aren't met.
+type ScaledTriggerValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e ScaledTriggerValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e ScaledTriggerValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e ScaledTriggerValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e ScaledTriggerValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e ScaledTriggerValidationError) ErrorName() string { return "ScaledTriggerValidationError" }
+
+// Error satisfies the builtin error interface
+func (e ScaledTriggerValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sScaledTrigger.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = ScaledTriggerValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = ScaledTriggerValidationError{}
+
+// Validate checks the field values on Trigger with the rules defined in the
+// proto definition for this message. If any rules are violated, the first
+// error encountered is returned, or nil if there are no violations.
+func (m *Trigger) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on Trigger with the rules defined in the
+// proto definition for this message. If any rules are violated, the result is
+// a list of violation errors wrapped in TriggerMultiError, or nil if none found.
+func (m *Trigger) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *Trigger) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	if utf8.RuneCountInString(m.GetName()) < 1 {
+		err := TriggerValidationError{
+			field:  "Name",
+			reason: "value length must be at least 1 runes",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+	}
+
+	switch m.TriggerOneof.(type) {
+
+	case *Trigger_Threshold:
+
+		if all {
+			switch v := interface{}(m.GetThreshold()).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, TriggerValidationError{
+						field:  "Threshold",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, TriggerValidationError{
+						field:  "Threshold",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(m.GetThreshold()).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return TriggerValidationError{
+					field:  "Threshold",
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	case *Trigger_Scaled:
+
+		if all {
+			switch v := interface{}(m.GetScaled()).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, TriggerValidationError{
+						field:  "Scaled",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, TriggerValidationError{
+						field:  "Scaled",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(m.GetScaled()).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return TriggerValidationError{
+					field:  "Scaled",
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	default:
+		err := TriggerValidationError{
+			field:  "TriggerOneof",
+			reason: "value is required",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+
+	}
+
+	if len(errors) > 0 {
+		return TriggerMultiError(errors)
+	}
+	return nil
+}
+
+// TriggerMultiError is an error wrapping multiple validation errors returned
+// by Trigger.ValidateAll() if the designated constraints aren't met.
+type TriggerMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m TriggerMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m TriggerMultiError) AllErrors() []error { return m }
+
+// TriggerValidationError is the validation error returned by Trigger.Validate
+// if the designated constraints aren't met.
+type TriggerValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e TriggerValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e TriggerValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e TriggerValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e TriggerValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e TriggerValidationError) ErrorName() string { return "TriggerValidationError" }
+
+// Error satisfies the builtin error interface
+func (e TriggerValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sTrigger.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = TriggerValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = TriggerValidationError{}
+
+// Validate checks the field values on ScaleTimersOverloadActionConfig with the
+// rules defined in the proto definition for this message. If any rules are
+// violated, the first error encountered is returned, or nil if there are no violations.
+func (m *ScaleTimersOverloadActionConfig) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on ScaleTimersOverloadActionConfig with
+// the rules defined in the proto definition for this message. If any rules
+// are violated, the result is a list of violation errors wrapped in
+// ScaleTimersOverloadActionConfigMultiError, or nil if none found.
+func (m *ScaleTimersOverloadActionConfig) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *ScaleTimersOverloadActionConfig) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	if len(m.GetTimerScaleFactors()) < 1 {
+		err := ScaleTimersOverloadActionConfigValidationError{
+			field:  "TimerScaleFactors",
+			reason: "value must contain at least 1 item(s)",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+	}
+
+	for idx, item := range m.GetTimerScaleFactors() {
+		_, _ = idx, item
+
+		if all {
+			switch v := interface{}(item).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, ScaleTimersOverloadActionConfigValidationError{
+						field:  fmt.Sprintf("TimerScaleFactors[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, ScaleTimersOverloadActionConfigValidationError{
+						field:  fmt.Sprintf("TimerScaleFactors[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(item).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return ScaleTimersOverloadActionConfigValidationError{
+					field:  fmt.Sprintf("TimerScaleFactors[%v]", idx),
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	}
+
+	if len(errors) > 0 {
+		return ScaleTimersOverloadActionConfigMultiError(errors)
+	}
+	return nil
+}
+
+// ScaleTimersOverloadActionConfigMultiError is an error wrapping multiple
+// validation errors returned by ScaleTimersOverloadActionConfig.ValidateAll()
+// if the designated constraints aren't met.
+type ScaleTimersOverloadActionConfigMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m ScaleTimersOverloadActionConfigMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m ScaleTimersOverloadActionConfigMultiError) AllErrors() []error { return m }
+
+// ScaleTimersOverloadActionConfigValidationError is the validation error
+// returned by ScaleTimersOverloadActionConfig.Validate if the designated
+// constraints aren't met.
+type ScaleTimersOverloadActionConfigValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e ScaleTimersOverloadActionConfigValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e ScaleTimersOverloadActionConfigValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e ScaleTimersOverloadActionConfigValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e ScaleTimersOverloadActionConfigValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e ScaleTimersOverloadActionConfigValidationError) ErrorName() string {
+	return "ScaleTimersOverloadActionConfigValidationError"
+}
+
+// Error satisfies the builtin error interface
+func (e ScaleTimersOverloadActionConfigValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sScaleTimersOverloadActionConfig.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = ScaleTimersOverloadActionConfigValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = ScaleTimersOverloadActionConfigValidationError{}
+
+// Validate checks the field values on OverloadAction with the rules defined in
+// the proto definition for this message. If any rules are violated, the first
+// error encountered is returned, or nil if there are no violations.
+func (m *OverloadAction) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on OverloadAction with the rules defined
+// in the proto definition for this message. If any rules are violated, the
+// result is a list of violation errors wrapped in OverloadActionMultiError,
+// or nil if none found.
+func (m *OverloadAction) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *OverloadAction) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	if utf8.RuneCountInString(m.GetName()) < 1 {
+		err := OverloadActionValidationError{
+			field:  "Name",
+			reason: "value length must be at least 1 runes",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+	}
+
+	if len(m.GetTriggers()) < 1 {
+		err := OverloadActionValidationError{
+			field:  "Triggers",
+			reason: "value must contain at least 1 item(s)",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+	}
+
+	for idx, item := range m.GetTriggers() {
+		_, _ = idx, item
+
+		if all {
+			switch v := interface{}(item).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, OverloadActionValidationError{
+						field:  fmt.Sprintf("Triggers[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, OverloadActionValidationError{
+						field:  fmt.Sprintf("Triggers[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(item).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return OverloadActionValidationError{
+					field:  fmt.Sprintf("Triggers[%v]", idx),
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	}
+
+	if all {
+		switch v := interface{}(m.GetTypedConfig()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, OverloadActionValidationError{
+					field:  "TypedConfig",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, OverloadActionValidationError{
+					field:  "TypedConfig",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetTypedConfig()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return OverloadActionValidationError{
+				field:  "TypedConfig",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if len(errors) > 0 {
+		return OverloadActionMultiError(errors)
+	}
+	return nil
+}
+
+// OverloadActionMultiError is an error wrapping multiple validation errors
+// returned by OverloadAction.ValidateAll() if the designated constraints
+// aren't met.
+type OverloadActionMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m OverloadActionMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m OverloadActionMultiError) AllErrors() []error { return m }
+
+// OverloadActionValidationError is the validation error returned by
+// OverloadAction.Validate if the designated constraints aren't met.
+type OverloadActionValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e OverloadActionValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e OverloadActionValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e OverloadActionValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e OverloadActionValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e OverloadActionValidationError) ErrorName() string { return "OverloadActionValidationError" }
+
+// Error satisfies the builtin error interface
+func (e OverloadActionValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sOverloadAction.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = OverloadActionValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = OverloadActionValidationError{}
+
+// Validate checks the field values on BufferFactoryConfig with the rules
+// defined in the proto definition for this message. If any rules are
+// violated, the first error encountered is returned, or nil if there are no violations.
+func (m *BufferFactoryConfig) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on BufferFactoryConfig with the rules
+// defined in the proto definition for this message. If any rules are
+// violated, the result is a list of violation errors wrapped in
+// BufferFactoryConfigMultiError, or nil if none found.
+func (m *BufferFactoryConfig) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *BufferFactoryConfig) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	if val := m.GetMinimumAccountToTrackPowerOfTwo(); val < 10 || val > 56 {
+		err := BufferFactoryConfigValidationError{
+			field:  "MinimumAccountToTrackPowerOfTwo",
+			reason: "value must be inside range [10, 56]",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+	}
+
+	if len(errors) > 0 {
+		return BufferFactoryConfigMultiError(errors)
+	}
+	return nil
+}
+
+// BufferFactoryConfigMultiError is an error wrapping multiple validation
+// errors returned by BufferFactoryConfig.ValidateAll() if the designated
+// constraints aren't met.
+type BufferFactoryConfigMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m BufferFactoryConfigMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m BufferFactoryConfigMultiError) AllErrors() []error { return m }
+
+// BufferFactoryConfigValidationError is the validation error returned by
+// BufferFactoryConfig.Validate if the designated constraints aren't met.
+type BufferFactoryConfigValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e BufferFactoryConfigValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e BufferFactoryConfigValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e BufferFactoryConfigValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e BufferFactoryConfigValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e BufferFactoryConfigValidationError) ErrorName() string {
+	return "BufferFactoryConfigValidationError"
+}
+
+// Error satisfies the builtin error interface
+func (e BufferFactoryConfigValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sBufferFactoryConfig.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = BufferFactoryConfigValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = BufferFactoryConfigValidationError{}
+
+// Validate checks the field values on OverloadManager with the rules defined
+// in the proto definition for this message. If any rules are violated, the
+// first error encountered is returned, or nil if there are no violations.
+func (m *OverloadManager) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on OverloadManager with the rules
+// defined in the proto definition for this message. If any rules are
+// violated, the result is a list of violation errors wrapped in
+// OverloadManagerMultiError, or nil if none found.
+func (m *OverloadManager) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *OverloadManager) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	if all {
+		switch v := interface{}(m.GetRefreshInterval()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, OverloadManagerValidationError{
+					field:  "RefreshInterval",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, OverloadManagerValidationError{
+					field:  "RefreshInterval",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetRefreshInterval()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return OverloadManagerValidationError{
+				field:  "RefreshInterval",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if len(m.GetResourceMonitors()) < 1 {
+		err := OverloadManagerValidationError{
+			field:  "ResourceMonitors",
+			reason: "value must contain at least 1 item(s)",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+	}
+
+	for idx, item := range m.GetResourceMonitors() {
+		_, _ = idx, item
+
+		if all {
+			switch v := interface{}(item).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, OverloadManagerValidationError{
+						field:  fmt.Sprintf("ResourceMonitors[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, OverloadManagerValidationError{
+						field:  fmt.Sprintf("ResourceMonitors[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(item).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return OverloadManagerValidationError{
+					field:  fmt.Sprintf("ResourceMonitors[%v]", idx),
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	}
+
+	for idx, item := range m.GetActions() {
+		_, _ = idx, item
+
+		if all {
+			switch v := interface{}(item).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, OverloadManagerValidationError{
+						field:  fmt.Sprintf("Actions[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, OverloadManagerValidationError{
+						field:  fmt.Sprintf("Actions[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(item).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return OverloadManagerValidationError{
+					field:  fmt.Sprintf("Actions[%v]", idx),
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	}
+
+	if all {
+		switch v := interface{}(m.GetBufferFactoryConfig()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, OverloadManagerValidationError{
+					field:  "BufferFactoryConfig",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, OverloadManagerValidationError{
+					field:  "BufferFactoryConfig",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetBufferFactoryConfig()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return OverloadManagerValidationError{
+				field:  "BufferFactoryConfig",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if len(errors) > 0 {
+		return OverloadManagerMultiError(errors)
+	}
+	return nil
+}
+
+// OverloadManagerMultiError is an error wrapping multiple validation errors
+// returned by OverloadManager.ValidateAll() if the designated constraints
+// aren't met.
+type OverloadManagerMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m OverloadManagerMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m OverloadManagerMultiError) AllErrors() []error { return m }
+
+// OverloadManagerValidationError is the validation error returned by
+// OverloadManager.Validate if the designated constraints aren't met.
+type OverloadManagerValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e OverloadManagerValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e OverloadManagerValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e OverloadManagerValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e OverloadManagerValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e OverloadManagerValidationError) ErrorName() string { return "OverloadManagerValidationError" }
+
+// Error satisfies the builtin error interface
+func (e OverloadManagerValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sOverloadManager.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = OverloadManagerValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = OverloadManagerValidationError{}
+
+// Validate checks the field values on
+// ScaleTimersOverloadActionConfig_ScaleTimer with the rules defined in the
+// proto definition for this message. If any rules are violated, the first
+// error encountered is returned, or nil if there are no violations.
+func (m *ScaleTimersOverloadActionConfig_ScaleTimer) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on
+// ScaleTimersOverloadActionConfig_ScaleTimer with the rules defined in the
+// proto definition for this message. If any rules are violated, the result is
+// a list of violation errors wrapped in
+// ScaleTimersOverloadActionConfig_ScaleTimerMultiError, or nil if none found.
+func (m *ScaleTimersOverloadActionConfig_ScaleTimer) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *ScaleTimersOverloadActionConfig_ScaleTimer) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	if _, ok := _ScaleTimersOverloadActionConfig_ScaleTimer_Timer_NotInLookup[m.GetTimer()]; ok {
+		err := ScaleTimersOverloadActionConfig_ScaleTimerValidationError{
+			field:  "Timer",
+			reason: "value must not be in list [0]",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+	}
+
+	if _, ok := ScaleTimersOverloadActionConfig_TimerType_name[int32(m.GetTimer())]; !ok {
+		err := ScaleTimersOverloadActionConfig_ScaleTimerValidationError{
+			field:  "Timer",
+			reason: "value must be one of the defined enum values",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+	}
+
+	switch m.OverloadAdjust.(type) {
+
+	case *ScaleTimersOverloadActionConfig_ScaleTimer_MinTimeout:
+
+		if all {
+			switch v := interface{}(m.GetMinTimeout()).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, ScaleTimersOverloadActionConfig_ScaleTimerValidationError{
+						field:  "MinTimeout",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, ScaleTimersOverloadActionConfig_ScaleTimerValidationError{
+						field:  "MinTimeout",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(m.GetMinTimeout()).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return ScaleTimersOverloadActionConfig_ScaleTimerValidationError{
+					field:  "MinTimeout",
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	case *ScaleTimersOverloadActionConfig_ScaleTimer_MinScale:
+
+		if all {
+			switch v := interface{}(m.GetMinScale()).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, ScaleTimersOverloadActionConfig_ScaleTimerValidationError{
+						field:  "MinScale",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, ScaleTimersOverloadActionConfig_ScaleTimerValidationError{
+						field:  "MinScale",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(m.GetMinScale()).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return ScaleTimersOverloadActionConfig_ScaleTimerValidationError{
+					field:  "MinScale",
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	default:
+		err := ScaleTimersOverloadActionConfig_ScaleTimerValidationError{
+			field:  "OverloadAdjust",
+			reason: "value is required",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+
+	}
+
+	if len(errors) > 0 {
+		return ScaleTimersOverloadActionConfig_ScaleTimerMultiError(errors)
+	}
+	return nil
+}
+
+// ScaleTimersOverloadActionConfig_ScaleTimerMultiError is an error wrapping
+// multiple validation errors returned by
+// ScaleTimersOverloadActionConfig_ScaleTimer.ValidateAll() if the designated
+// constraints aren't met.
+type ScaleTimersOverloadActionConfig_ScaleTimerMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m ScaleTimersOverloadActionConfig_ScaleTimerMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m ScaleTimersOverloadActionConfig_ScaleTimerMultiError) AllErrors() []error { return m }
+
+// ScaleTimersOverloadActionConfig_ScaleTimerValidationError is the validation
+// error returned by ScaleTimersOverloadActionConfig_ScaleTimer.Validate if
+// the designated constraints aren't met.
+type ScaleTimersOverloadActionConfig_ScaleTimerValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e ScaleTimersOverloadActionConfig_ScaleTimerValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e ScaleTimersOverloadActionConfig_ScaleTimerValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e ScaleTimersOverloadActionConfig_ScaleTimerValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e ScaleTimersOverloadActionConfig_ScaleTimerValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e ScaleTimersOverloadActionConfig_ScaleTimerValidationError) ErrorName() string {
+	return "ScaleTimersOverloadActionConfig_ScaleTimerValidationError"
+}
+
+// Error satisfies the builtin error interface
+func (e ScaleTimersOverloadActionConfig_ScaleTimerValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sScaleTimersOverloadActionConfig_ScaleTimer.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = ScaleTimersOverloadActionConfig_ScaleTimerValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = ScaleTimersOverloadActionConfig_ScaleTimerValidationError{}
+
+var _ScaleTimersOverloadActionConfig_ScaleTimer_Timer_NotInLookup = map[ScaleTimersOverloadActionConfig_TimerType]struct{}{
+	0: {},
+}
diff --git a/vendor/github.com/envoyproxy/go-control-plane/envoy/config/route/v3/route.pb.go b/vendor/github.com/envoyproxy/go-control-plane/envoy/config/route/v3/route.pb.go
new file mode 100644
index 00000000000..33c1979f25d
--- /dev/null
+++ b/vendor/github.com/envoyproxy/go-control-plane/envoy/config/route/v3/route.pb.go
@@ -0,0 +1,545 @@
+// Code generated by protoc-gen-go. DO NOT EDIT.
+// versions:
+// 	protoc-gen-go v1.25.0
+// 	protoc        v3.19.1
+// source: envoy/config/route/v3/route.proto
+
+package envoy_config_route_v3
+
+import (
+	_ "github.com/cncf/xds/go/udpa/annotations"
+	v3 "github.com/envoyproxy/go-control-plane/envoy/config/core/v3"
+	_ "github.com/envoyproxy/protoc-gen-validate/validate"
+	proto "github.com/golang/protobuf/proto"
+	wrappers "github.com/golang/protobuf/ptypes/wrappers"
+	protoreflect "google.golang.org/protobuf/reflect/protoreflect"
+	protoimpl "google.golang.org/protobuf/runtime/protoimpl"
+	reflect "reflect"
+	sync "sync"
+)
+
+const (
+	// Verify that this generated code is sufficiently up-to-date.
+	_ = protoimpl.EnforceVersion(20 - protoimpl.MinVersion)
+	// Verify that runtime/protoimpl is sufficiently up-to-date.
+	_ = protoimpl.EnforceVersion(protoimpl.MaxVersion - 20)
+)
+
+// This is a compile-time assertion that a sufficiently up-to-date version
+// of the legacy proto package is being used.
+const _ = proto.ProtoPackageIsVersion4
+
+// [#next-free-field: 13]
+type RouteConfiguration struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// The name of the route configuration. For example, it might match
+	// :ref:`route_config_name
+	// <envoy_v3_api_field_extensions.filters.network.http_connection_manager.v3.Rds.route_config_name>` in
+	// :ref:`envoy_v3_api_msg_extensions.filters.network.http_connection_manager.v3.Rds`.
+	Name string `protobuf:"bytes,1,opt,name=name,proto3" json:"name,omitempty"`
+	// An array of virtual hosts that make up the route table.
+	VirtualHosts []*VirtualHost `protobuf:"bytes,2,rep,name=virtual_hosts,json=virtualHosts,proto3" json:"virtual_hosts,omitempty"`
+	// An array of virtual hosts will be dynamically loaded via the VHDS API.
+	// Both *virtual_hosts* and *vhds* fields will be used when present. *virtual_hosts* can be used
+	// for a base routing table or for infrequently changing virtual hosts. *vhds* is used for
+	// on-demand discovery of virtual hosts. The contents of these two fields will be merged to
+	// generate a routing table for a given RouteConfiguration, with *vhds* derived configuration
+	// taking precedence.
+	Vhds *Vhds `protobuf:"bytes,9,opt,name=vhds,proto3" json:"vhds,omitempty"`
+	// Optionally specifies a list of HTTP headers that the connection manager
+	// will consider to be internal only. If they are found on external requests they will be cleaned
+	// prior to filter invocation. See :ref:`config_http_conn_man_headers_x-envoy-internal` for more
+	// information.
+	InternalOnlyHeaders []string `protobuf:"bytes,3,rep,name=internal_only_headers,json=internalOnlyHeaders,proto3" json:"internal_only_headers,omitempty"`
+	// Specifies a list of HTTP headers that should be added to each response that
+	// the connection manager encodes. Headers specified at this level are applied
+	// after headers from any enclosed :ref:`envoy_v3_api_msg_config.route.v3.VirtualHost` or
+	// :ref:`envoy_v3_api_msg_config.route.v3.RouteAction`. For more information, including details on
+	// header value syntax, see the documentation on :ref:`custom request headers
+	// <config_http_conn_man_headers_custom_request_headers>`.
+	ResponseHeadersToAdd []*v3.HeaderValueOption `protobuf:"bytes,4,rep,name=response_headers_to_add,json=responseHeadersToAdd,proto3" json:"response_headers_to_add,omitempty"`
+	// Specifies a list of HTTP headers that should be removed from each response
+	// that the connection manager encodes.
+	ResponseHeadersToRemove []string `protobuf:"bytes,5,rep,name=response_headers_to_remove,json=responseHeadersToRemove,proto3" json:"response_headers_to_remove,omitempty"`
+	// Specifies a list of HTTP headers that should be added to each request
+	// routed by the HTTP connection manager. Headers specified at this level are
+	// applied after headers from any enclosed :ref:`envoy_v3_api_msg_config.route.v3.VirtualHost` or
+	// :ref:`envoy_v3_api_msg_config.route.v3.RouteAction`. For more information, including details on
+	// header value syntax, see the documentation on :ref:`custom request headers
+	// <config_http_conn_man_headers_custom_request_headers>`.
+	RequestHeadersToAdd []*v3.HeaderValueOption `protobuf:"bytes,6,rep,name=request_headers_to_add,json=requestHeadersToAdd,proto3" json:"request_headers_to_add,omitempty"`
+	// Specifies a list of HTTP headers that should be removed from each request
+	// routed by the HTTP connection manager.
+	RequestHeadersToRemove []string `protobuf:"bytes,8,rep,name=request_headers_to_remove,json=requestHeadersToRemove,proto3" json:"request_headers_to_remove,omitempty"`
+	// By default, headers that should be added/removed are evaluated from most to least specific:
+	//
+	// * route level
+	// * virtual host level
+	// * connection manager level
+	//
+	// To allow setting overrides at the route or virtual host level, this order can be reversed
+	// by setting this option to true. Defaults to false.
+	//
+	// [#next-major-version: In the v3 API, this will default to true.]
+	MostSpecificHeaderMutationsWins bool `protobuf:"varint,10,opt,name=most_specific_header_mutations_wins,json=mostSpecificHeaderMutationsWins,proto3" json:"most_specific_header_mutations_wins,omitempty"`
+	// An optional boolean that specifies whether the clusters that the route
+	// table refers to will be validated by the cluster manager. If set to true
+	// and a route refers to a non-existent cluster, the route table will not
+	// load. If set to false and a route refers to a non-existent cluster, the
+	// route table will load and the router filter will return a 404 if the route
+	// is selected at runtime. This setting defaults to true if the route table
+	// is statically defined via the :ref:`route_config
+	// <envoy_v3_api_field_extensions.filters.network.http_connection_manager.v3.HttpConnectionManager.route_config>`
+	// option. This setting default to false if the route table is loaded dynamically via the
+	// :ref:`rds
+	// <envoy_v3_api_field_extensions.filters.network.http_connection_manager.v3.HttpConnectionManager.rds>`
+	// option. Users may wish to override the default behavior in certain cases (for example when
+	// using CDS with a static route table).
+	ValidateClusters *wrappers.BoolValue `protobuf:"bytes,7,opt,name=validate_clusters,json=validateClusters,proto3" json:"validate_clusters,omitempty"`
+	// The maximum bytes of the response :ref:`direct response body
+	// <envoy_v3_api_field_config.route.v3.DirectResponseAction.body>` size. If not specified the default
+	// is 4096.
+	//
+	// .. warning::
+	//
+	//   Envoy currently holds the content of :ref:`direct response body
+	//   <envoy_v3_api_field_config.route.v3.DirectResponseAction.body>` in memory. Be careful setting
+	//   this to be larger than the default 4KB, since the allocated memory for direct response body
+	//   is not subject to data plane buffering controls.
+	//
+	MaxDirectResponseBodySizeBytes *wrappers.UInt32Value `protobuf:"bytes,11,opt,name=max_direct_response_body_size_bytes,json=maxDirectResponseBodySizeBytes,proto3" json:"max_direct_response_body_size_bytes,omitempty"`
+	// [#not-implemented-hide:]
+	// A list of plugins and their configurations which may be used by a
+	// :ref:`envoy_v3_api_field_config.route.v3.RouteAction.cluster_specifier_plugin`
+	// within the route. All *extension.name* fields in this list must be unique.
+	ClusterSpecifierPlugins []*ClusterSpecifierPlugin `protobuf:"bytes,12,rep,name=cluster_specifier_plugins,json=clusterSpecifierPlugins,proto3" json:"cluster_specifier_plugins,omitempty"`
+}
+
+func (x *RouteConfiguration) Reset() {
+	*x = RouteConfiguration{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_config_route_v3_route_proto_msgTypes[0]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *RouteConfiguration) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*RouteConfiguration) ProtoMessage() {}
+
+func (x *RouteConfiguration) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_config_route_v3_route_proto_msgTypes[0]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use RouteConfiguration.ProtoReflect.Descriptor instead.
+func (*RouteConfiguration) Descriptor() ([]byte, []int) {
+	return file_envoy_config_route_v3_route_proto_rawDescGZIP(), []int{0}
+}
+
+func (x *RouteConfiguration) GetName() string {
+	if x != nil {
+		return x.Name
+	}
+	return ""
+}
+
+func (x *RouteConfiguration) GetVirtualHosts() []*VirtualHost {
+	if x != nil {
+		return x.VirtualHosts
+	}
+	return nil
+}
+
+func (x *RouteConfiguration) GetVhds() *Vhds {
+	if x != nil {
+		return x.Vhds
+	}
+	return nil
+}
+
+func (x *RouteConfiguration) GetInternalOnlyHeaders() []string {
+	if x != nil {
+		return x.InternalOnlyHeaders
+	}
+	return nil
+}
+
+func (x *RouteConfiguration) GetResponseHeadersToAdd() []*v3.HeaderValueOption {
+	if x != nil {
+		return x.ResponseHeadersToAdd
+	}
+	return nil
+}
+
+func (x *RouteConfiguration) GetResponseHeadersToRemove() []string {
+	if x != nil {
+		return x.ResponseHeadersToRemove
+	}
+	return nil
+}
+
+func (x *RouteConfiguration) GetRequestHeadersToAdd() []*v3.HeaderValueOption {
+	if x != nil {
+		return x.RequestHeadersToAdd
+	}
+	return nil
+}
+
+func (x *RouteConfiguration) GetRequestHeadersToRemove() []string {
+	if x != nil {
+		return x.RequestHeadersToRemove
+	}
+	return nil
+}
+
+func (x *RouteConfiguration) GetMostSpecificHeaderMutationsWins() bool {
+	if x != nil {
+		return x.MostSpecificHeaderMutationsWins
+	}
+	return false
+}
+
+func (x *RouteConfiguration) GetValidateClusters() *wrappers.BoolValue {
+	if x != nil {
+		return x.ValidateClusters
+	}
+	return nil
+}
+
+func (x *RouteConfiguration) GetMaxDirectResponseBodySizeBytes() *wrappers.UInt32Value {
+	if x != nil {
+		return x.MaxDirectResponseBodySizeBytes
+	}
+	return nil
+}
+
+func (x *RouteConfiguration) GetClusterSpecifierPlugins() []*ClusterSpecifierPlugin {
+	if x != nil {
+		return x.ClusterSpecifierPlugins
+	}
+	return nil
+}
+
+// Configuration for a cluster specifier plugin.
+type ClusterSpecifierPlugin struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// The name of the plugin and its opaque configuration.
+	Extension *v3.TypedExtensionConfig `protobuf:"bytes,1,opt,name=extension,proto3" json:"extension,omitempty"`
+}
+
+func (x *ClusterSpecifierPlugin) Reset() {
+	*x = ClusterSpecifierPlugin{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_config_route_v3_route_proto_msgTypes[1]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *ClusterSpecifierPlugin) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*ClusterSpecifierPlugin) ProtoMessage() {}
+
+func (x *ClusterSpecifierPlugin) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_config_route_v3_route_proto_msgTypes[1]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use ClusterSpecifierPlugin.ProtoReflect.Descriptor instead.
+func (*ClusterSpecifierPlugin) Descriptor() ([]byte, []int) {
+	return file_envoy_config_route_v3_route_proto_rawDescGZIP(), []int{1}
+}
+
+func (x *ClusterSpecifierPlugin) GetExtension() *v3.TypedExtensionConfig {
+	if x != nil {
+		return x.Extension
+	}
+	return nil
+}
+
+type Vhds struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// Configuration source specifier for VHDS.
+	ConfigSource *v3.ConfigSource `protobuf:"bytes,1,opt,name=config_source,json=configSource,proto3" json:"config_source,omitempty"`
+}
+
+func (x *Vhds) Reset() {
+	*x = Vhds{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_config_route_v3_route_proto_msgTypes[2]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *Vhds) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*Vhds) ProtoMessage() {}
+
+func (x *Vhds) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_config_route_v3_route_proto_msgTypes[2]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use Vhds.ProtoReflect.Descriptor instead.
+func (*Vhds) Descriptor() ([]byte, []int) {
+	return file_envoy_config_route_v3_route_proto_rawDescGZIP(), []int{2}
+}
+
+func (x *Vhds) GetConfigSource() *v3.ConfigSource {
+	if x != nil {
+		return x.ConfigSource
+	}
+	return nil
+}
+
+var File_envoy_config_route_v3_route_proto protoreflect.FileDescriptor
+
+var file_envoy_config_route_v3_route_proto_rawDesc = []byte{
+	0x0a, 0x21, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2f, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2f, 0x72,
+	0x6f, 0x75, 0x74, 0x65, 0x2f, 0x76, 0x33, 0x2f, 0x72, 0x6f, 0x75, 0x74, 0x65, 0x2e, 0x70, 0x72,
+	0x6f, 0x74, 0x6f, 0x12, 0x15, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69,
+	0x67, 0x2e, 0x72, 0x6f, 0x75, 0x74, 0x65, 0x2e, 0x76, 0x33, 0x1a, 0x1f, 0x65, 0x6e, 0x76, 0x6f,
+	0x79, 0x2f, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2f, 0x63, 0x6f, 0x72, 0x65, 0x2f, 0x76, 0x33,
+	0x2f, 0x62, 0x61, 0x73, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x28, 0x65, 0x6e, 0x76,
+	0x6f, 0x79, 0x2f, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2f, 0x63, 0x6f, 0x72, 0x65, 0x2f, 0x76,
+	0x33, 0x2f, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x5f, 0x73, 0x6f, 0x75, 0x72, 0x63, 0x65, 0x2e,
+	0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x24, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2f, 0x63, 0x6f, 0x6e,
+	0x66, 0x69, 0x67, 0x2f, 0x63, 0x6f, 0x72, 0x65, 0x2f, 0x76, 0x33, 0x2f, 0x65, 0x78, 0x74, 0x65,
+	0x6e, 0x73, 0x69, 0x6f, 0x6e, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x2c, 0x65, 0x6e, 0x76,
+	0x6f, 0x79, 0x2f, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2f, 0x72, 0x6f, 0x75, 0x74, 0x65, 0x2f,
+	0x76, 0x33, 0x2f, 0x72, 0x6f, 0x75, 0x74, 0x65, 0x5f, 0x63, 0x6f, 0x6d, 0x70, 0x6f, 0x6e, 0x65,
+	0x6e, 0x74, 0x73, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x1e, 0x67, 0x6f, 0x6f, 0x67, 0x6c,
+	0x65, 0x2f, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2f, 0x77, 0x72, 0x61, 0x70, 0x70,
+	0x65, 0x72, 0x73, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x1d, 0x75, 0x64, 0x70, 0x61, 0x2f,
+	0x61, 0x6e, 0x6e, 0x6f, 0x74, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x2f, 0x73, 0x74, 0x61, 0x74,
+	0x75, 0x73, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x21, 0x75, 0x64, 0x70, 0x61, 0x2f, 0x61,
+	0x6e, 0x6e, 0x6f, 0x74, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x2f, 0x76, 0x65, 0x72, 0x73, 0x69,
+	0x6f, 0x6e, 0x69, 0x6e, 0x67, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x17, 0x76, 0x61, 0x6c,
+	0x69, 0x64, 0x61, 0x74, 0x65, 0x2f, 0x76, 0x61, 0x6c, 0x69, 0x64, 0x61, 0x74, 0x65, 0x2e, 0x70,
+	0x72, 0x6f, 0x74, 0x6f, 0x22, 0xed, 0x07, 0x0a, 0x12, 0x52, 0x6f, 0x75, 0x74, 0x65, 0x43, 0x6f,
+	0x6e, 0x66, 0x69, 0x67, 0x75, 0x72, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x12, 0x12, 0x0a, 0x04, 0x6e,
+	0x61, 0x6d, 0x65, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x04, 0x6e, 0x61, 0x6d, 0x65, 0x12,
+	0x47, 0x0a, 0x0d, 0x76, 0x69, 0x72, 0x74, 0x75, 0x61, 0x6c, 0x5f, 0x68, 0x6f, 0x73, 0x74, 0x73,
+	0x18, 0x02, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x22, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63,
+	0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x72, 0x6f, 0x75, 0x74, 0x65, 0x2e, 0x76, 0x33, 0x2e, 0x56,
+	0x69, 0x72, 0x74, 0x75, 0x61, 0x6c, 0x48, 0x6f, 0x73, 0x74, 0x52, 0x0c, 0x76, 0x69, 0x72, 0x74,
+	0x75, 0x61, 0x6c, 0x48, 0x6f, 0x73, 0x74, 0x73, 0x12, 0x2f, 0x0a, 0x04, 0x76, 0x68, 0x64, 0x73,
+	0x18, 0x09, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1b, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63,
+	0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x72, 0x6f, 0x75, 0x74, 0x65, 0x2e, 0x76, 0x33, 0x2e, 0x56,
+	0x68, 0x64, 0x73, 0x52, 0x04, 0x76, 0x68, 0x64, 0x73, 0x12, 0x44, 0x0a, 0x15, 0x69, 0x6e, 0x74,
+	0x65, 0x72, 0x6e, 0x61, 0x6c, 0x5f, 0x6f, 0x6e, 0x6c, 0x79, 0x5f, 0x68, 0x65, 0x61, 0x64, 0x65,
+	0x72, 0x73, 0x18, 0x03, 0x20, 0x03, 0x28, 0x09, 0x42, 0x10, 0xfa, 0x42, 0x0d, 0x92, 0x01, 0x0a,
+	0x22, 0x08, 0x72, 0x06, 0xc0, 0x01, 0x01, 0xc8, 0x01, 0x00, 0x52, 0x13, 0x69, 0x6e, 0x74, 0x65,
+	0x72, 0x6e, 0x61, 0x6c, 0x4f, 0x6e, 0x6c, 0x79, 0x48, 0x65, 0x61, 0x64, 0x65, 0x72, 0x73, 0x12,
+	0x69, 0x0a, 0x17, 0x72, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x5f, 0x68, 0x65, 0x61, 0x64,
+	0x65, 0x72, 0x73, 0x5f, 0x74, 0x6f, 0x5f, 0x61, 0x64, 0x64, 0x18, 0x04, 0x20, 0x03, 0x28, 0x0b,
+	0x32, 0x27, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e,
+	0x63, 0x6f, 0x72, 0x65, 0x2e, 0x76, 0x33, 0x2e, 0x48, 0x65, 0x61, 0x64, 0x65, 0x72, 0x56, 0x61,
+	0x6c, 0x75, 0x65, 0x4f, 0x70, 0x74, 0x69, 0x6f, 0x6e, 0x42, 0x09, 0xfa, 0x42, 0x06, 0x92, 0x01,
+	0x03, 0x10, 0xe8, 0x07, 0x52, 0x14, 0x72, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x48, 0x65,
+	0x61, 0x64, 0x65, 0x72, 0x73, 0x54, 0x6f, 0x41, 0x64, 0x64, 0x12, 0x4d, 0x0a, 0x1a, 0x72, 0x65,
+	0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x5f, 0x68, 0x65, 0x61, 0x64, 0x65, 0x72, 0x73, 0x5f, 0x74,
+	0x6f, 0x5f, 0x72, 0x65, 0x6d, 0x6f, 0x76, 0x65, 0x18, 0x05, 0x20, 0x03, 0x28, 0x09, 0x42, 0x10,
+	0xfa, 0x42, 0x0d, 0x92, 0x01, 0x0a, 0x22, 0x08, 0x72, 0x06, 0xc0, 0x01, 0x01, 0xc8, 0x01, 0x00,
+	0x52, 0x17, 0x72, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x48, 0x65, 0x61, 0x64, 0x65, 0x72,
+	0x73, 0x54, 0x6f, 0x52, 0x65, 0x6d, 0x6f, 0x76, 0x65, 0x12, 0x67, 0x0a, 0x16, 0x72, 0x65, 0x71,
+	0x75, 0x65, 0x73, 0x74, 0x5f, 0x68, 0x65, 0x61, 0x64, 0x65, 0x72, 0x73, 0x5f, 0x74, 0x6f, 0x5f,
+	0x61, 0x64, 0x64, 0x18, 0x06, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x27, 0x2e, 0x65, 0x6e, 0x76, 0x6f,
+	0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x63, 0x6f, 0x72, 0x65, 0x2e, 0x76, 0x33,
+	0x2e, 0x48, 0x65, 0x61, 0x64, 0x65, 0x72, 0x56, 0x61, 0x6c, 0x75, 0x65, 0x4f, 0x70, 0x74, 0x69,
+	0x6f, 0x6e, 0x42, 0x09, 0xfa, 0x42, 0x06, 0x92, 0x01, 0x03, 0x10, 0xe8, 0x07, 0x52, 0x13, 0x72,
+	0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x48, 0x65, 0x61, 0x64, 0x65, 0x72, 0x73, 0x54, 0x6f, 0x41,
+	0x64, 0x64, 0x12, 0x4b, 0x0a, 0x19, 0x72, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x5f, 0x68, 0x65,
+	0x61, 0x64, 0x65, 0x72, 0x73, 0x5f, 0x74, 0x6f, 0x5f, 0x72, 0x65, 0x6d, 0x6f, 0x76, 0x65, 0x18,
+	0x08, 0x20, 0x03, 0x28, 0x09, 0x42, 0x10, 0xfa, 0x42, 0x0d, 0x92, 0x01, 0x0a, 0x22, 0x08, 0x72,
+	0x06, 0xc0, 0x01, 0x01, 0xc8, 0x01, 0x00, 0x52, 0x16, 0x72, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74,
+	0x48, 0x65, 0x61, 0x64, 0x65, 0x72, 0x73, 0x54, 0x6f, 0x52, 0x65, 0x6d, 0x6f, 0x76, 0x65, 0x12,
+	0x4c, 0x0a, 0x23, 0x6d, 0x6f, 0x73, 0x74, 0x5f, 0x73, 0x70, 0x65, 0x63, 0x69, 0x66, 0x69, 0x63,
+	0x5f, 0x68, 0x65, 0x61, 0x64, 0x65, 0x72, 0x5f, 0x6d, 0x75, 0x74, 0x61, 0x74, 0x69, 0x6f, 0x6e,
+	0x73, 0x5f, 0x77, 0x69, 0x6e, 0x73, 0x18, 0x0a, 0x20, 0x01, 0x28, 0x08, 0x52, 0x1f, 0x6d, 0x6f,
+	0x73, 0x74, 0x53, 0x70, 0x65, 0x63, 0x69, 0x66, 0x69, 0x63, 0x48, 0x65, 0x61, 0x64, 0x65, 0x72,
+	0x4d, 0x75, 0x74, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x57, 0x69, 0x6e, 0x73, 0x12, 0x47, 0x0a,
+	0x11, 0x76, 0x61, 0x6c, 0x69, 0x64, 0x61, 0x74, 0x65, 0x5f, 0x63, 0x6c, 0x75, 0x73, 0x74, 0x65,
+	0x72, 0x73, 0x18, 0x07, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1a, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c,
+	0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x42, 0x6f, 0x6f, 0x6c, 0x56,
+	0x61, 0x6c, 0x75, 0x65, 0x52, 0x10, 0x76, 0x61, 0x6c, 0x69, 0x64, 0x61, 0x74, 0x65, 0x43, 0x6c,
+	0x75, 0x73, 0x74, 0x65, 0x72, 0x73, 0x12, 0x69, 0x0a, 0x23, 0x6d, 0x61, 0x78, 0x5f, 0x64, 0x69,
+	0x72, 0x65, 0x63, 0x74, 0x5f, 0x72, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x5f, 0x62, 0x6f,
+	0x64, 0x79, 0x5f, 0x73, 0x69, 0x7a, 0x65, 0x5f, 0x62, 0x79, 0x74, 0x65, 0x73, 0x18, 0x0b, 0x20,
+	0x01, 0x28, 0x0b, 0x32, 0x1c, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f,
+	0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x55, 0x49, 0x6e, 0x74, 0x33, 0x32, 0x56, 0x61, 0x6c, 0x75,
+	0x65, 0x52, 0x1e, 0x6d, 0x61, 0x78, 0x44, 0x69, 0x72, 0x65, 0x63, 0x74, 0x52, 0x65, 0x73, 0x70,
+	0x6f, 0x6e, 0x73, 0x65, 0x42, 0x6f, 0x64, 0x79, 0x53, 0x69, 0x7a, 0x65, 0x42, 0x79, 0x74, 0x65,
+	0x73, 0x12, 0x69, 0x0a, 0x19, 0x63, 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0x5f, 0x73, 0x70, 0x65,
+	0x63, 0x69, 0x66, 0x69, 0x65, 0x72, 0x5f, 0x70, 0x6c, 0x75, 0x67, 0x69, 0x6e, 0x73, 0x18, 0x0c,
+	0x20, 0x03, 0x28, 0x0b, 0x32, 0x2d, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e,
+	0x66, 0x69, 0x67, 0x2e, 0x72, 0x6f, 0x75, 0x74, 0x65, 0x2e, 0x76, 0x33, 0x2e, 0x43, 0x6c, 0x75,
+	0x73, 0x74, 0x65, 0x72, 0x53, 0x70, 0x65, 0x63, 0x69, 0x66, 0x69, 0x65, 0x72, 0x50, 0x6c, 0x75,
+	0x67, 0x69, 0x6e, 0x52, 0x17, 0x63, 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0x53, 0x70, 0x65, 0x63,
+	0x69, 0x66, 0x69, 0x65, 0x72, 0x50, 0x6c, 0x75, 0x67, 0x69, 0x6e, 0x73, 0x3a, 0x26, 0x9a, 0xc5,
+	0x88, 0x1e, 0x21, 0x0a, 0x1f, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x76,
+	0x32, 0x2e, 0x52, 0x6f, 0x75, 0x74, 0x65, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x75, 0x72, 0x61,
+	0x74, 0x69, 0x6f, 0x6e, 0x22, 0x62, 0x0a, 0x16, 0x43, 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0x53,
+	0x70, 0x65, 0x63, 0x69, 0x66, 0x69, 0x65, 0x72, 0x50, 0x6c, 0x75, 0x67, 0x69, 0x6e, 0x12, 0x48,
+	0x0a, 0x09, 0x65, 0x78, 0x74, 0x65, 0x6e, 0x73, 0x69, 0x6f, 0x6e, 0x18, 0x01, 0x20, 0x01, 0x28,
+	0x0b, 0x32, 0x2a, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67,
+	0x2e, 0x63, 0x6f, 0x72, 0x65, 0x2e, 0x76, 0x33, 0x2e, 0x54, 0x79, 0x70, 0x65, 0x64, 0x45, 0x78,
+	0x74, 0x65, 0x6e, 0x73, 0x69, 0x6f, 0x6e, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x52, 0x09, 0x65,
+	0x78, 0x74, 0x65, 0x6e, 0x73, 0x69, 0x6f, 0x6e, 0x22, 0x73, 0x0a, 0x04, 0x56, 0x68, 0x64, 0x73,
+	0x12, 0x51, 0x0a, 0x0d, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x5f, 0x73, 0x6f, 0x75, 0x72, 0x63,
+	0x65, 0x18, 0x01, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x22, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e,
+	0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x63, 0x6f, 0x72, 0x65, 0x2e, 0x76, 0x33, 0x2e, 0x43,
+	0x6f, 0x6e, 0x66, 0x69, 0x67, 0x53, 0x6f, 0x75, 0x72, 0x63, 0x65, 0x42, 0x08, 0xfa, 0x42, 0x05,
+	0x8a, 0x01, 0x02, 0x10, 0x01, 0x52, 0x0c, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x53, 0x6f, 0x75,
+	0x72, 0x63, 0x65, 0x3a, 0x18, 0x9a, 0xc5, 0x88, 0x1e, 0x13, 0x0a, 0x11, 0x65, 0x6e, 0x76, 0x6f,
+	0x79, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x76, 0x32, 0x2e, 0x56, 0x68, 0x64, 0x73, 0x42, 0x3b, 0x0a,
+	0x23, 0x69, 0x6f, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x70, 0x72, 0x6f, 0x78, 0x79, 0x2e, 0x65,
+	0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x72, 0x6f, 0x75, 0x74,
+	0x65, 0x2e, 0x76, 0x33, 0x42, 0x0a, 0x52, 0x6f, 0x75, 0x74, 0x65, 0x50, 0x72, 0x6f, 0x74, 0x6f,
+	0x50, 0x01, 0xba, 0x80, 0xc8, 0xd1, 0x06, 0x02, 0x10, 0x02, 0x62, 0x06, 0x70, 0x72, 0x6f, 0x74,
+	0x6f, 0x33,
+}
+
+var (
+	file_envoy_config_route_v3_route_proto_rawDescOnce sync.Once
+	file_envoy_config_route_v3_route_proto_rawDescData = file_envoy_config_route_v3_route_proto_rawDesc
+)
+
+func file_envoy_config_route_v3_route_proto_rawDescGZIP() []byte {
+	file_envoy_config_route_v3_route_proto_rawDescOnce.Do(func() {
+		file_envoy_config_route_v3_route_proto_rawDescData = protoimpl.X.CompressGZIP(file_envoy_config_route_v3_route_proto_rawDescData)
+	})
+	return file_envoy_config_route_v3_route_proto_rawDescData
+}
+
+var file_envoy_config_route_v3_route_proto_msgTypes = make([]protoimpl.MessageInfo, 3)
+var file_envoy_config_route_v3_route_proto_goTypes = []interface{}{
+	(*RouteConfiguration)(nil),      // 0: envoy.config.route.v3.RouteConfiguration
+	(*ClusterSpecifierPlugin)(nil),  // 1: envoy.config.route.v3.ClusterSpecifierPlugin
+	(*Vhds)(nil),                    // 2: envoy.config.route.v3.Vhds
+	(*VirtualHost)(nil),             // 3: envoy.config.route.v3.VirtualHost
+	(*v3.HeaderValueOption)(nil),    // 4: envoy.config.core.v3.HeaderValueOption
+	(*wrappers.BoolValue)(nil),      // 5: google.protobuf.BoolValue
+	(*wrappers.UInt32Value)(nil),    // 6: google.protobuf.UInt32Value
+	(*v3.TypedExtensionConfig)(nil), // 7: envoy.config.core.v3.TypedExtensionConfig
+	(*v3.ConfigSource)(nil),         // 8: envoy.config.core.v3.ConfigSource
+}
+var file_envoy_config_route_v3_route_proto_depIdxs = []int32{
+	3, // 0: envoy.config.route.v3.RouteConfiguration.virtual_hosts:type_name -> envoy.config.route.v3.VirtualHost
+	2, // 1: envoy.config.route.v3.RouteConfiguration.vhds:type_name -> envoy.config.route.v3.Vhds
+	4, // 2: envoy.config.route.v3.RouteConfiguration.response_headers_to_add:type_name -> envoy.config.core.v3.HeaderValueOption
+	4, // 3: envoy.config.route.v3.RouteConfiguration.request_headers_to_add:type_name -> envoy.config.core.v3.HeaderValueOption
+	5, // 4: envoy.config.route.v3.RouteConfiguration.validate_clusters:type_name -> google.protobuf.BoolValue
+	6, // 5: envoy.config.route.v3.RouteConfiguration.max_direct_response_body_size_bytes:type_name -> google.protobuf.UInt32Value
+	1, // 6: envoy.config.route.v3.RouteConfiguration.cluster_specifier_plugins:type_name -> envoy.config.route.v3.ClusterSpecifierPlugin
+	7, // 7: envoy.config.route.v3.ClusterSpecifierPlugin.extension:type_name -> envoy.config.core.v3.TypedExtensionConfig
+	8, // 8: envoy.config.route.v3.Vhds.config_source:type_name -> envoy.config.core.v3.ConfigSource
+	9, // [9:9] is the sub-list for method output_type
+	9, // [9:9] is the sub-list for method input_type
+	9, // [9:9] is the sub-list for extension type_name
+	9, // [9:9] is the sub-list for extension extendee
+	0, // [0:9] is the sub-list for field type_name
+}
+
+func init() { file_envoy_config_route_v3_route_proto_init() }
+func file_envoy_config_route_v3_route_proto_init() {
+	if File_envoy_config_route_v3_route_proto != nil {
+		return
+	}
+	file_envoy_config_route_v3_route_components_proto_init()
+	if !protoimpl.UnsafeEnabled {
+		file_envoy_config_route_v3_route_proto_msgTypes[0].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*RouteConfiguration); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_config_route_v3_route_proto_msgTypes[1].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*ClusterSpecifierPlugin); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_config_route_v3_route_proto_msgTypes[2].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*Vhds); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+	}
+	type x struct{}
+	out := protoimpl.TypeBuilder{
+		File: protoimpl.DescBuilder{
+			GoPackagePath: reflect.TypeOf(x{}).PkgPath(),
+			RawDescriptor: file_envoy_config_route_v3_route_proto_rawDesc,
+			NumEnums:      0,
+			NumMessages:   3,
+			NumExtensions: 0,
+			NumServices:   0,
+		},
+		GoTypes:           file_envoy_config_route_v3_route_proto_goTypes,
+		DependencyIndexes: file_envoy_config_route_v3_route_proto_depIdxs,
+		MessageInfos:      file_envoy_config_route_v3_route_proto_msgTypes,
+	}.Build()
+	File_envoy_config_route_v3_route_proto = out.File
+	file_envoy_config_route_v3_route_proto_rawDesc = nil
+	file_envoy_config_route_v3_route_proto_goTypes = nil
+	file_envoy_config_route_v3_route_proto_depIdxs = nil
+}
diff --git a/vendor/github.com/envoyproxy/go-control-plane/envoy/config/route/v3/route.pb.validate.go b/vendor/github.com/envoyproxy/go-control-plane/envoy/config/route/v3/route.pb.validate.go
new file mode 100644
index 00000000000..3b89b9d4a19
--- /dev/null
+++ b/vendor/github.com/envoyproxy/go-control-plane/envoy/config/route/v3/route.pb.validate.go
@@ -0,0 +1,707 @@
+// Code generated by protoc-gen-validate. DO NOT EDIT.
+// source: envoy/config/route/v3/route.proto
+
+package envoy_config_route_v3
+
+import (
+	"bytes"
+	"errors"
+	"fmt"
+	"net"
+	"net/mail"
+	"net/url"
+	"regexp"
+	"sort"
+	"strings"
+	"time"
+	"unicode/utf8"
+
+	"google.golang.org/protobuf/types/known/anypb"
+)
+
+// ensure the imports are used
+var (
+	_ = bytes.MinRead
+	_ = errors.New("")
+	_ = fmt.Print
+	_ = utf8.UTFMax
+	_ = (*regexp.Regexp)(nil)
+	_ = (*strings.Reader)(nil)
+	_ = net.IPv4len
+	_ = time.Duration(0)
+	_ = (*url.URL)(nil)
+	_ = (*mail.Address)(nil)
+	_ = anypb.Any{}
+	_ = sort.Sort
+)
+
+// Validate checks the field values on RouteConfiguration with the rules
+// defined in the proto definition for this message. If any rules are
+// violated, the first error encountered is returned, or nil if there are no violations.
+func (m *RouteConfiguration) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on RouteConfiguration with the rules
+// defined in the proto definition for this message. If any rules are
+// violated, the result is a list of violation errors wrapped in
+// RouteConfigurationMultiError, or nil if none found.
+func (m *RouteConfiguration) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *RouteConfiguration) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	// no validation rules for Name
+
+	for idx, item := range m.GetVirtualHosts() {
+		_, _ = idx, item
+
+		if all {
+			switch v := interface{}(item).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, RouteConfigurationValidationError{
+						field:  fmt.Sprintf("VirtualHosts[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, RouteConfigurationValidationError{
+						field:  fmt.Sprintf("VirtualHosts[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(item).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return RouteConfigurationValidationError{
+					field:  fmt.Sprintf("VirtualHosts[%v]", idx),
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	}
+
+	if all {
+		switch v := interface{}(m.GetVhds()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, RouteConfigurationValidationError{
+					field:  "Vhds",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, RouteConfigurationValidationError{
+					field:  "Vhds",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetVhds()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return RouteConfigurationValidationError{
+				field:  "Vhds",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	for idx, item := range m.GetInternalOnlyHeaders() {
+		_, _ = idx, item
+
+		if !_RouteConfiguration_InternalOnlyHeaders_Pattern.MatchString(item) {
+			err := RouteConfigurationValidationError{
+				field:  fmt.Sprintf("InternalOnlyHeaders[%v]", idx),
+				reason: "value does not match regex pattern \"^[^\\x00\\n\\r]*$\"",
+			}
+			if !all {
+				return err
+			}
+			errors = append(errors, err)
+		}
+
+	}
+
+	if len(m.GetResponseHeadersToAdd()) > 1000 {
+		err := RouteConfigurationValidationError{
+			field:  "ResponseHeadersToAdd",
+			reason: "value must contain no more than 1000 item(s)",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+	}
+
+	for idx, item := range m.GetResponseHeadersToAdd() {
+		_, _ = idx, item
+
+		if all {
+			switch v := interface{}(item).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, RouteConfigurationValidationError{
+						field:  fmt.Sprintf("ResponseHeadersToAdd[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, RouteConfigurationValidationError{
+						field:  fmt.Sprintf("ResponseHeadersToAdd[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(item).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return RouteConfigurationValidationError{
+					field:  fmt.Sprintf("ResponseHeadersToAdd[%v]", idx),
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	}
+
+	for idx, item := range m.GetResponseHeadersToRemove() {
+		_, _ = idx, item
+
+		if !_RouteConfiguration_ResponseHeadersToRemove_Pattern.MatchString(item) {
+			err := RouteConfigurationValidationError{
+				field:  fmt.Sprintf("ResponseHeadersToRemove[%v]", idx),
+				reason: "value does not match regex pattern \"^[^\\x00\\n\\r]*$\"",
+			}
+			if !all {
+				return err
+			}
+			errors = append(errors, err)
+		}
+
+	}
+
+	if len(m.GetRequestHeadersToAdd()) > 1000 {
+		err := RouteConfigurationValidationError{
+			field:  "RequestHeadersToAdd",
+			reason: "value must contain no more than 1000 item(s)",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+	}
+
+	for idx, item := range m.GetRequestHeadersToAdd() {
+		_, _ = idx, item
+
+		if all {
+			switch v := interface{}(item).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, RouteConfigurationValidationError{
+						field:  fmt.Sprintf("RequestHeadersToAdd[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, RouteConfigurationValidationError{
+						field:  fmt.Sprintf("RequestHeadersToAdd[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(item).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return RouteConfigurationValidationError{
+					field:  fmt.Sprintf("RequestHeadersToAdd[%v]", idx),
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	}
+
+	for idx, item := range m.GetRequestHeadersToRemove() {
+		_, _ = idx, item
+
+		if !_RouteConfiguration_RequestHeadersToRemove_Pattern.MatchString(item) {
+			err := RouteConfigurationValidationError{
+				field:  fmt.Sprintf("RequestHeadersToRemove[%v]", idx),
+				reason: "value does not match regex pattern \"^[^\\x00\\n\\r]*$\"",
+			}
+			if !all {
+				return err
+			}
+			errors = append(errors, err)
+		}
+
+	}
+
+	// no validation rules for MostSpecificHeaderMutationsWins
+
+	if all {
+		switch v := interface{}(m.GetValidateClusters()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, RouteConfigurationValidationError{
+					field:  "ValidateClusters",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, RouteConfigurationValidationError{
+					field:  "ValidateClusters",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetValidateClusters()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return RouteConfigurationValidationError{
+				field:  "ValidateClusters",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if all {
+		switch v := interface{}(m.GetMaxDirectResponseBodySizeBytes()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, RouteConfigurationValidationError{
+					field:  "MaxDirectResponseBodySizeBytes",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, RouteConfigurationValidationError{
+					field:  "MaxDirectResponseBodySizeBytes",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetMaxDirectResponseBodySizeBytes()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return RouteConfigurationValidationError{
+				field:  "MaxDirectResponseBodySizeBytes",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	for idx, item := range m.GetClusterSpecifierPlugins() {
+		_, _ = idx, item
+
+		if all {
+			switch v := interface{}(item).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, RouteConfigurationValidationError{
+						field:  fmt.Sprintf("ClusterSpecifierPlugins[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, RouteConfigurationValidationError{
+						field:  fmt.Sprintf("ClusterSpecifierPlugins[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(item).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return RouteConfigurationValidationError{
+					field:  fmt.Sprintf("ClusterSpecifierPlugins[%v]", idx),
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	}
+
+	if len(errors) > 0 {
+		return RouteConfigurationMultiError(errors)
+	}
+	return nil
+}
+
+// RouteConfigurationMultiError is an error wrapping multiple validation errors
+// returned by RouteConfiguration.ValidateAll() if the designated constraints
+// aren't met.
+type RouteConfigurationMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m RouteConfigurationMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m RouteConfigurationMultiError) AllErrors() []error { return m }
+
+// RouteConfigurationValidationError is the validation error returned by
+// RouteConfiguration.Validate if the designated constraints aren't met.
+type RouteConfigurationValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e RouteConfigurationValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e RouteConfigurationValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e RouteConfigurationValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e RouteConfigurationValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e RouteConfigurationValidationError) ErrorName() string {
+	return "RouteConfigurationValidationError"
+}
+
+// Error satisfies the builtin error interface
+func (e RouteConfigurationValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sRouteConfiguration.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = RouteConfigurationValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = RouteConfigurationValidationError{}
+
+var _RouteConfiguration_InternalOnlyHeaders_Pattern = regexp.MustCompile("^[^\x00\n\r]*$")
+
+var _RouteConfiguration_ResponseHeadersToRemove_Pattern = regexp.MustCompile("^[^\x00\n\r]*$")
+
+var _RouteConfiguration_RequestHeadersToRemove_Pattern = regexp.MustCompile("^[^\x00\n\r]*$")
+
+// Validate checks the field values on ClusterSpecifierPlugin with the rules
+// defined in the proto definition for this message. If any rules are
+// violated, the first error encountered is returned, or nil if there are no violations.
+func (m *ClusterSpecifierPlugin) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on ClusterSpecifierPlugin with the rules
+// defined in the proto definition for this message. If any rules are
+// violated, the result is a list of violation errors wrapped in
+// ClusterSpecifierPluginMultiError, or nil if none found.
+func (m *ClusterSpecifierPlugin) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *ClusterSpecifierPlugin) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	if all {
+		switch v := interface{}(m.GetExtension()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, ClusterSpecifierPluginValidationError{
+					field:  "Extension",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, ClusterSpecifierPluginValidationError{
+					field:  "Extension",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetExtension()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return ClusterSpecifierPluginValidationError{
+				field:  "Extension",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if len(errors) > 0 {
+		return ClusterSpecifierPluginMultiError(errors)
+	}
+	return nil
+}
+
+// ClusterSpecifierPluginMultiError is an error wrapping multiple validation
+// errors returned by ClusterSpecifierPlugin.ValidateAll() if the designated
+// constraints aren't met.
+type ClusterSpecifierPluginMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m ClusterSpecifierPluginMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m ClusterSpecifierPluginMultiError) AllErrors() []error { return m }
+
+// ClusterSpecifierPluginValidationError is the validation error returned by
+// ClusterSpecifierPlugin.Validate if the designated constraints aren't met.
+type ClusterSpecifierPluginValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e ClusterSpecifierPluginValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e ClusterSpecifierPluginValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e ClusterSpecifierPluginValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e ClusterSpecifierPluginValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e ClusterSpecifierPluginValidationError) ErrorName() string {
+	return "ClusterSpecifierPluginValidationError"
+}
+
+// Error satisfies the builtin error interface
+func (e ClusterSpecifierPluginValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sClusterSpecifierPlugin.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = ClusterSpecifierPluginValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = ClusterSpecifierPluginValidationError{}
+
+// Validate checks the field values on Vhds with the rules defined in the proto
+// definition for this message. If any rules are violated, the first error
+// encountered is returned, or nil if there are no violations.
+func (m *Vhds) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on Vhds with the rules defined in the
+// proto definition for this message. If any rules are violated, the result is
+// a list of violation errors wrapped in VhdsMultiError, or nil if none found.
+func (m *Vhds) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *Vhds) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	if m.GetConfigSource() == nil {
+		err := VhdsValidationError{
+			field:  "ConfigSource",
+			reason: "value is required",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+	}
+
+	if all {
+		switch v := interface{}(m.GetConfigSource()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, VhdsValidationError{
+					field:  "ConfigSource",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, VhdsValidationError{
+					field:  "ConfigSource",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetConfigSource()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return VhdsValidationError{
+				field:  "ConfigSource",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if len(errors) > 0 {
+		return VhdsMultiError(errors)
+	}
+	return nil
+}
+
+// VhdsMultiError is an error wrapping multiple validation errors returned by
+// Vhds.ValidateAll() if the designated constraints aren't met.
+type VhdsMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m VhdsMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m VhdsMultiError) AllErrors() []error { return m }
+
+// VhdsValidationError is the validation error returned by Vhds.Validate if the
+// designated constraints aren't met.
+type VhdsValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e VhdsValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e VhdsValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e VhdsValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e VhdsValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e VhdsValidationError) ErrorName() string { return "VhdsValidationError" }
+
+// Error satisfies the builtin error interface
+func (e VhdsValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sVhds.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = VhdsValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = VhdsValidationError{}
diff --git a/vendor/github.com/envoyproxy/go-control-plane/envoy/config/route/v3/route_components.pb.go b/vendor/github.com/envoyproxy/go-control-plane/envoy/config/route/v3/route_components.pb.go
new file mode 100644
index 00000000000..b7cece6dfb2
--- /dev/null
+++ b/vendor/github.com/envoyproxy/go-control-plane/envoy/config/route/v3/route_components.pb.go
@@ -0,0 +1,8029 @@
+// Code generated by protoc-gen-go. DO NOT EDIT.
+// versions:
+// 	protoc-gen-go v1.25.0
+// 	protoc        v3.19.1
+// source: envoy/config/route/v3/route_components.proto
+
+package envoy_config_route_v3
+
+import (
+	_ "github.com/cncf/xds/go/udpa/annotations"
+	_ "github.com/cncf/xds/go/xds/annotations/v3"
+	v3 "github.com/cncf/xds/go/xds/type/matcher/v3"
+	_ "github.com/envoyproxy/go-control-plane/envoy/annotations"
+	v31 "github.com/envoyproxy/go-control-plane/envoy/config/core/v3"
+	v32 "github.com/envoyproxy/go-control-plane/envoy/type/matcher/v3"
+	v35 "github.com/envoyproxy/go-control-plane/envoy/type/metadata/v3"
+	v34 "github.com/envoyproxy/go-control-plane/envoy/type/tracing/v3"
+	v33 "github.com/envoyproxy/go-control-plane/envoy/type/v3"
+	_ "github.com/envoyproxy/protoc-gen-validate/validate"
+	proto "github.com/golang/protobuf/proto"
+	any "github.com/golang/protobuf/ptypes/any"
+	duration "github.com/golang/protobuf/ptypes/duration"
+	wrappers "github.com/golang/protobuf/ptypes/wrappers"
+	protoreflect "google.golang.org/protobuf/reflect/protoreflect"
+	protoimpl "google.golang.org/protobuf/runtime/protoimpl"
+	reflect "reflect"
+	sync "sync"
+)
+
+const (
+	// Verify that this generated code is sufficiently up-to-date.
+	_ = protoimpl.EnforceVersion(20 - protoimpl.MinVersion)
+	// Verify that runtime/protoimpl is sufficiently up-to-date.
+	_ = protoimpl.EnforceVersion(protoimpl.MaxVersion - 20)
+)
+
+// This is a compile-time assertion that a sufficiently up-to-date version
+// of the legacy proto package is being used.
+const _ = proto.ProtoPackageIsVersion4
+
+type VirtualHost_TlsRequirementType int32
+
+const (
+	// No TLS requirement for the virtual host.
+	VirtualHost_NONE VirtualHost_TlsRequirementType = 0
+	// External requests must use TLS. If a request is external and it is not
+	// using TLS, a 301 redirect will be sent telling the client to use HTTPS.
+	VirtualHost_EXTERNAL_ONLY VirtualHost_TlsRequirementType = 1
+	// All requests must use TLS. If a request is not using TLS, a 301 redirect
+	// will be sent telling the client to use HTTPS.
+	VirtualHost_ALL VirtualHost_TlsRequirementType = 2
+)
+
+// Enum value maps for VirtualHost_TlsRequirementType.
+var (
+	VirtualHost_TlsRequirementType_name = map[int32]string{
+		0: "NONE",
+		1: "EXTERNAL_ONLY",
+		2: "ALL",
+	}
+	VirtualHost_TlsRequirementType_value = map[string]int32{
+		"NONE":          0,
+		"EXTERNAL_ONLY": 1,
+		"ALL":           2,
+	}
+)
+
+func (x VirtualHost_TlsRequirementType) Enum() *VirtualHost_TlsRequirementType {
+	p := new(VirtualHost_TlsRequirementType)
+	*p = x
+	return p
+}
+
+func (x VirtualHost_TlsRequirementType) String() string {
+	return protoimpl.X.EnumStringOf(x.Descriptor(), protoreflect.EnumNumber(x))
+}
+
+func (VirtualHost_TlsRequirementType) Descriptor() protoreflect.EnumDescriptor {
+	return file_envoy_config_route_v3_route_components_proto_enumTypes[0].Descriptor()
+}
+
+func (VirtualHost_TlsRequirementType) Type() protoreflect.EnumType {
+	return &file_envoy_config_route_v3_route_components_proto_enumTypes[0]
+}
+
+func (x VirtualHost_TlsRequirementType) Number() protoreflect.EnumNumber {
+	return protoreflect.EnumNumber(x)
+}
+
+// Deprecated: Use VirtualHost_TlsRequirementType.Descriptor instead.
+func (VirtualHost_TlsRequirementType) EnumDescriptor() ([]byte, []int) {
+	return file_envoy_config_route_v3_route_components_proto_rawDescGZIP(), []int{0, 0}
+}
+
+type RouteAction_ClusterNotFoundResponseCode int32
+
+const (
+	// HTTP status code - 503 Service Unavailable.
+	RouteAction_SERVICE_UNAVAILABLE RouteAction_ClusterNotFoundResponseCode = 0
+	// HTTP status code - 404 Not Found.
+	RouteAction_NOT_FOUND RouteAction_ClusterNotFoundResponseCode = 1
+)
+
+// Enum value maps for RouteAction_ClusterNotFoundResponseCode.
+var (
+	RouteAction_ClusterNotFoundResponseCode_name = map[int32]string{
+		0: "SERVICE_UNAVAILABLE",
+		1: "NOT_FOUND",
+	}
+	RouteAction_ClusterNotFoundResponseCode_value = map[string]int32{
+		"SERVICE_UNAVAILABLE": 0,
+		"NOT_FOUND":           1,
+	}
+)
+
+func (x RouteAction_ClusterNotFoundResponseCode) Enum() *RouteAction_ClusterNotFoundResponseCode {
+	p := new(RouteAction_ClusterNotFoundResponseCode)
+	*p = x
+	return p
+}
+
+func (x RouteAction_ClusterNotFoundResponseCode) String() string {
+	return protoimpl.X.EnumStringOf(x.Descriptor(), protoreflect.EnumNumber(x))
+}
+
+func (RouteAction_ClusterNotFoundResponseCode) Descriptor() protoreflect.EnumDescriptor {
+	return file_envoy_config_route_v3_route_components_proto_enumTypes[1].Descriptor()
+}
+
+func (RouteAction_ClusterNotFoundResponseCode) Type() protoreflect.EnumType {
+	return &file_envoy_config_route_v3_route_components_proto_enumTypes[1]
+}
+
+func (x RouteAction_ClusterNotFoundResponseCode) Number() protoreflect.EnumNumber {
+	return protoreflect.EnumNumber(x)
+}
+
+// Deprecated: Use RouteAction_ClusterNotFoundResponseCode.Descriptor instead.
+func (RouteAction_ClusterNotFoundResponseCode) EnumDescriptor() ([]byte, []int) {
+	return file_envoy_config_route_v3_route_components_proto_rawDescGZIP(), []int{6, 0}
+}
+
+// Configures :ref:`internal redirect <arch_overview_internal_redirects>` behavior.
+// [#next-major-version: remove this definition - it's defined in the InternalRedirectPolicy message.]
+//
+// Deprecated: Do not use.
+type RouteAction_InternalRedirectAction int32
+
+const (
+	RouteAction_PASS_THROUGH_INTERNAL_REDIRECT RouteAction_InternalRedirectAction = 0
+	RouteAction_HANDLE_INTERNAL_REDIRECT       RouteAction_InternalRedirectAction = 1
+)
+
+// Enum value maps for RouteAction_InternalRedirectAction.
+var (
+	RouteAction_InternalRedirectAction_name = map[int32]string{
+		0: "PASS_THROUGH_INTERNAL_REDIRECT",
+		1: "HANDLE_INTERNAL_REDIRECT",
+	}
+	RouteAction_InternalRedirectAction_value = map[string]int32{
+		"PASS_THROUGH_INTERNAL_REDIRECT": 0,
+		"HANDLE_INTERNAL_REDIRECT":       1,
+	}
+)
+
+func (x RouteAction_InternalRedirectAction) Enum() *RouteAction_InternalRedirectAction {
+	p := new(RouteAction_InternalRedirectAction)
+	*p = x
+	return p
+}
+
+func (x RouteAction_InternalRedirectAction) String() string {
+	return protoimpl.X.EnumStringOf(x.Descriptor(), protoreflect.EnumNumber(x))
+}
+
+func (RouteAction_InternalRedirectAction) Descriptor() protoreflect.EnumDescriptor {
+	return file_envoy_config_route_v3_route_components_proto_enumTypes[2].Descriptor()
+}
+
+func (RouteAction_InternalRedirectAction) Type() protoreflect.EnumType {
+	return &file_envoy_config_route_v3_route_components_proto_enumTypes[2]
+}
+
+func (x RouteAction_InternalRedirectAction) Number() protoreflect.EnumNumber {
+	return protoreflect.EnumNumber(x)
+}
+
+// Deprecated: Use RouteAction_InternalRedirectAction.Descriptor instead.
+func (RouteAction_InternalRedirectAction) EnumDescriptor() ([]byte, []int) {
+	return file_envoy_config_route_v3_route_components_proto_rawDescGZIP(), []int{6, 1}
+}
+
+type RetryPolicy_ResetHeaderFormat int32
+
+const (
+	RetryPolicy_SECONDS        RetryPolicy_ResetHeaderFormat = 0
+	RetryPolicy_UNIX_TIMESTAMP RetryPolicy_ResetHeaderFormat = 1
+)
+
+// Enum value maps for RetryPolicy_ResetHeaderFormat.
+var (
+	RetryPolicy_ResetHeaderFormat_name = map[int32]string{
+		0: "SECONDS",
+		1: "UNIX_TIMESTAMP",
+	}
+	RetryPolicy_ResetHeaderFormat_value = map[string]int32{
+		"SECONDS":        0,
+		"UNIX_TIMESTAMP": 1,
+	}
+)
+
+func (x RetryPolicy_ResetHeaderFormat) Enum() *RetryPolicy_ResetHeaderFormat {
+	p := new(RetryPolicy_ResetHeaderFormat)
+	*p = x
+	return p
+}
+
+func (x RetryPolicy_ResetHeaderFormat) String() string {
+	return protoimpl.X.EnumStringOf(x.Descriptor(), protoreflect.EnumNumber(x))
+}
+
+func (RetryPolicy_ResetHeaderFormat) Descriptor() protoreflect.EnumDescriptor {
+	return file_envoy_config_route_v3_route_components_proto_enumTypes[3].Descriptor()
+}
+
+func (RetryPolicy_ResetHeaderFormat) Type() protoreflect.EnumType {
+	return &file_envoy_config_route_v3_route_components_proto_enumTypes[3]
+}
+
+func (x RetryPolicy_ResetHeaderFormat) Number() protoreflect.EnumNumber {
+	return protoreflect.EnumNumber(x)
+}
+
+// Deprecated: Use RetryPolicy_ResetHeaderFormat.Descriptor instead.
+func (RetryPolicy_ResetHeaderFormat) EnumDescriptor() ([]byte, []int) {
+	return file_envoy_config_route_v3_route_components_proto_rawDescGZIP(), []int{7, 0}
+}
+
+type RedirectAction_RedirectResponseCode int32
+
+const (
+	// Moved Permanently HTTP Status Code - 301.
+	RedirectAction_MOVED_PERMANENTLY RedirectAction_RedirectResponseCode = 0
+	// Found HTTP Status Code - 302.
+	RedirectAction_FOUND RedirectAction_RedirectResponseCode = 1
+	// See Other HTTP Status Code - 303.
+	RedirectAction_SEE_OTHER RedirectAction_RedirectResponseCode = 2
+	// Temporary Redirect HTTP Status Code - 307.
+	RedirectAction_TEMPORARY_REDIRECT RedirectAction_RedirectResponseCode = 3
+	// Permanent Redirect HTTP Status Code - 308.
+	RedirectAction_PERMANENT_REDIRECT RedirectAction_RedirectResponseCode = 4
+)
+
+// Enum value maps for RedirectAction_RedirectResponseCode.
+var (
+	RedirectAction_RedirectResponseCode_name = map[int32]string{
+		0: "MOVED_PERMANENTLY",
+		1: "FOUND",
+		2: "SEE_OTHER",
+		3: "TEMPORARY_REDIRECT",
+		4: "PERMANENT_REDIRECT",
+	}
+	RedirectAction_RedirectResponseCode_value = map[string]int32{
+		"MOVED_PERMANENTLY":  0,
+		"FOUND":              1,
+		"SEE_OTHER":          2,
+		"TEMPORARY_REDIRECT": 3,
+		"PERMANENT_REDIRECT": 4,
+	}
+)
+
+func (x RedirectAction_RedirectResponseCode) Enum() *RedirectAction_RedirectResponseCode {
+	p := new(RedirectAction_RedirectResponseCode)
+	*p = x
+	return p
+}
+
+func (x RedirectAction_RedirectResponseCode) String() string {
+	return protoimpl.X.EnumStringOf(x.Descriptor(), protoreflect.EnumNumber(x))
+}
+
+func (RedirectAction_RedirectResponseCode) Descriptor() protoreflect.EnumDescriptor {
+	return file_envoy_config_route_v3_route_components_proto_enumTypes[4].Descriptor()
+}
+
+func (RedirectAction_RedirectResponseCode) Type() protoreflect.EnumType {
+	return &file_envoy_config_route_v3_route_components_proto_enumTypes[4]
+}
+
+func (x RedirectAction_RedirectResponseCode) Number() protoreflect.EnumNumber {
+	return protoreflect.EnumNumber(x)
+}
+
+// Deprecated: Use RedirectAction_RedirectResponseCode.Descriptor instead.
+func (RedirectAction_RedirectResponseCode) EnumDescriptor() ([]byte, []int) {
+	return file_envoy_config_route_v3_route_components_proto_rawDescGZIP(), []int{9, 0}
+}
+
+type RateLimit_Action_MetaData_Source int32
+
+const (
+	// Query :ref:`dynamic metadata <well_known_dynamic_metadata>`
+	RateLimit_Action_MetaData_DYNAMIC RateLimit_Action_MetaData_Source = 0
+	// Query :ref:`route entry metadata <envoy_v3_api_field_config.route.v3.Route.metadata>`
+	RateLimit_Action_MetaData_ROUTE_ENTRY RateLimit_Action_MetaData_Source = 1
+)
+
+// Enum value maps for RateLimit_Action_MetaData_Source.
+var (
+	RateLimit_Action_MetaData_Source_name = map[int32]string{
+		0: "DYNAMIC",
+		1: "ROUTE_ENTRY",
+	}
+	RateLimit_Action_MetaData_Source_value = map[string]int32{
+		"DYNAMIC":     0,
+		"ROUTE_ENTRY": 1,
+	}
+)
+
+func (x RateLimit_Action_MetaData_Source) Enum() *RateLimit_Action_MetaData_Source {
+	p := new(RateLimit_Action_MetaData_Source)
+	*p = x
+	return p
+}
+
+func (x RateLimit_Action_MetaData_Source) String() string {
+	return protoimpl.X.EnumStringOf(x.Descriptor(), protoreflect.EnumNumber(x))
+}
+
+func (RateLimit_Action_MetaData_Source) Descriptor() protoreflect.EnumDescriptor {
+	return file_envoy_config_route_v3_route_components_proto_enumTypes[5].Descriptor()
+}
+
+func (RateLimit_Action_MetaData_Source) Type() protoreflect.EnumType {
+	return &file_envoy_config_route_v3_route_components_proto_enumTypes[5]
+}
+
+func (x RateLimit_Action_MetaData_Source) Number() protoreflect.EnumNumber {
+	return protoreflect.EnumNumber(x)
+}
+
+// Deprecated: Use RateLimit_Action_MetaData_Source.Descriptor instead.
+func (RateLimit_Action_MetaData_Source) EnumDescriptor() ([]byte, []int) {
+	return file_envoy_config_route_v3_route_components_proto_rawDescGZIP(), []int{15, 0, 7, 0}
+}
+
+// The top level element in the routing configuration is a virtual host. Each virtual host has
+// a logical name as well as a set of domains that get routed to it based on the incoming request's
+// host header. This allows a single listener to service multiple top level domain path trees. Once
+// a virtual host is selected based on the domain, the routes are processed in order to see which
+// upstream cluster to route to or whether to perform a redirect.
+// [#next-free-field: 22]
+type VirtualHost struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// The logical name of the virtual host. This is used when emitting certain
+	// statistics but is not relevant for routing.
+	Name string `protobuf:"bytes,1,opt,name=name,proto3" json:"name,omitempty"`
+	// A list of domains (host/authority header) that will be matched to this
+	// virtual host. Wildcard hosts are supported in the suffix or prefix form.
+	//
+	// Domain search order:
+	//  1. Exact domain names: ``www.foo.com``.
+	//  2. Suffix domain wildcards: ``*.foo.com`` or ``*-bar.foo.com``.
+	//  3. Prefix domain wildcards: ``foo.*`` or ``foo-*``.
+	//  4. Special wildcard ``*`` matching any domain.
+	//
+	// .. note::
+	//
+	//   The wildcard will not match the empty string.
+	//   e.g. ``*-bar.foo.com`` will match ``baz-bar.foo.com`` but not ``-bar.foo.com``.
+	//   The longest wildcards match first.
+	//   Only a single virtual host in the entire route configuration can match on ``*``. A domain
+	//   must be unique across all virtual hosts or the config will fail to load.
+	//
+	// Domains cannot contain control characters. This is validated by the well_known_regex HTTP_HEADER_VALUE.
+	Domains []string `protobuf:"bytes,2,rep,name=domains,proto3" json:"domains,omitempty"`
+	// The list of routes that will be matched, in order, for incoming requests.
+	// The first route that matches will be used.
+	// Only one of this and `matcher` can be specified.
+	Routes []*Route `protobuf:"bytes,3,rep,name=routes,proto3" json:"routes,omitempty"`
+	// [#next-major-version: This should be included in a oneof with routes wrapped in a message.]
+	// The match tree to use when resolving route actions for incoming requests. Only one of this and `routes`
+	// can be specified.
+	Matcher *v3.Matcher `protobuf:"bytes,21,opt,name=matcher,proto3" json:"matcher,omitempty"`
+	// Specifies the type of TLS enforcement the virtual host expects. If this option is not
+	// specified, there is no TLS requirement for the virtual host.
+	RequireTls VirtualHost_TlsRequirementType `protobuf:"varint,4,opt,name=require_tls,json=requireTls,proto3,enum=envoy.config.route.v3.VirtualHost_TlsRequirementType" json:"require_tls,omitempty"`
+	// A list of virtual clusters defined for this virtual host. Virtual clusters
+	// are used for additional statistics gathering.
+	VirtualClusters []*VirtualCluster `protobuf:"bytes,5,rep,name=virtual_clusters,json=virtualClusters,proto3" json:"virtual_clusters,omitempty"`
+	// Specifies a set of rate limit configurations that will be applied to the
+	// virtual host.
+	RateLimits []*RateLimit `protobuf:"bytes,6,rep,name=rate_limits,json=rateLimits,proto3" json:"rate_limits,omitempty"`
+	// Specifies a list of HTTP headers that should be added to each request
+	// handled by this virtual host. Headers specified at this level are applied
+	// after headers from enclosed :ref:`envoy_v3_api_msg_config.route.v3.Route` and before headers from the
+	// enclosing :ref:`envoy_v3_api_msg_config.route.v3.RouteConfiguration`. For more information, including
+	// details on header value syntax, see the documentation on :ref:`custom request headers
+	// <config_http_conn_man_headers_custom_request_headers>`.
+	RequestHeadersToAdd []*v31.HeaderValueOption `protobuf:"bytes,7,rep,name=request_headers_to_add,json=requestHeadersToAdd,proto3" json:"request_headers_to_add,omitempty"`
+	// Specifies a list of HTTP headers that should be removed from each request
+	// handled by this virtual host.
+	RequestHeadersToRemove []string `protobuf:"bytes,13,rep,name=request_headers_to_remove,json=requestHeadersToRemove,proto3" json:"request_headers_to_remove,omitempty"`
+	// Specifies a list of HTTP headers that should be added to each response
+	// handled by this virtual host. Headers specified at this level are applied
+	// after headers from enclosed :ref:`envoy_v3_api_msg_config.route.v3.Route` and before headers from the
+	// enclosing :ref:`envoy_v3_api_msg_config.route.v3.RouteConfiguration`. For more information, including
+	// details on header value syntax, see the documentation on :ref:`custom request headers
+	// <config_http_conn_man_headers_custom_request_headers>`.
+	ResponseHeadersToAdd []*v31.HeaderValueOption `protobuf:"bytes,10,rep,name=response_headers_to_add,json=responseHeadersToAdd,proto3" json:"response_headers_to_add,omitempty"`
+	// Specifies a list of HTTP headers that should be removed from each response
+	// handled by this virtual host.
+	ResponseHeadersToRemove []string `protobuf:"bytes,11,rep,name=response_headers_to_remove,json=responseHeadersToRemove,proto3" json:"response_headers_to_remove,omitempty"`
+	// Indicates that the virtual host has a CORS policy.
+	Cors *CorsPolicy `protobuf:"bytes,8,opt,name=cors,proto3" json:"cors,omitempty"`
+	// The per_filter_config field can be used to provide virtual host-specific
+	// configurations for filters. The key should match the filter name, such as
+	// *envoy.filters.http.buffer* for the HTTP buffer filter. Use of this field is filter
+	// specific; see the :ref:`HTTP filter documentation <config_http_filters>`
+	// for if and how it is utilized.
+	// [#comment: An entry's value may be wrapped in a
+	// :ref:`FilterConfig<envoy_v3_api_msg_config.route.v3.FilterConfig>`
+	// message to specify additional options.]
+	TypedPerFilterConfig map[string]*any.Any `protobuf:"bytes,15,rep,name=typed_per_filter_config,json=typedPerFilterConfig,proto3" json:"typed_per_filter_config,omitempty" protobuf_key:"bytes,1,opt,name=key,proto3" protobuf_val:"bytes,2,opt,name=value,proto3"`
+	// Decides whether the :ref:`x-envoy-attempt-count
+	// <config_http_filters_router_x-envoy-attempt-count>` header should be included
+	// in the upstream request. Setting this option will cause it to override any existing header
+	// value, so in the case of two Envoys on the request path with this option enabled, the upstream
+	// will see the attempt count as perceived by the second Envoy. Defaults to false.
+	// This header is unaffected by the
+	// :ref:`suppress_envoy_headers
+	// <envoy_v3_api_field_extensions.filters.http.router.v3.Router.suppress_envoy_headers>` flag.
+	//
+	// [#next-major-version: rename to include_attempt_count_in_request.]
+	IncludeRequestAttemptCount bool `protobuf:"varint,14,opt,name=include_request_attempt_count,json=includeRequestAttemptCount,proto3" json:"include_request_attempt_count,omitempty"`
+	// Decides whether the :ref:`x-envoy-attempt-count
+	// <config_http_filters_router_x-envoy-attempt-count>` header should be included
+	// in the downstream response. Setting this option will cause the router to override any existing header
+	// value, so in the case of two Envoys on the request path with this option enabled, the downstream
+	// will see the attempt count as perceived by the Envoy closest upstream from itself. Defaults to false.
+	// This header is unaffected by the
+	// :ref:`suppress_envoy_headers
+	// <envoy_v3_api_field_extensions.filters.http.router.v3.Router.suppress_envoy_headers>` flag.
+	IncludeAttemptCountInResponse bool `protobuf:"varint,19,opt,name=include_attempt_count_in_response,json=includeAttemptCountInResponse,proto3" json:"include_attempt_count_in_response,omitempty"`
+	// Indicates the retry policy for all routes in this virtual host. Note that setting a
+	// route level entry will take precedence over this config and it'll be treated
+	// independently (e.g.: values are not inherited).
+	RetryPolicy *RetryPolicy `protobuf:"bytes,16,opt,name=retry_policy,json=retryPolicy,proto3" json:"retry_policy,omitempty"`
+	// [#not-implemented-hide:]
+	// Specifies the configuration for retry policy extension. Note that setting a route level entry
+	// will take precedence over this config and it'll be treated independently (e.g.: values are not
+	// inherited). :ref:`Retry policy <envoy_v3_api_field_config.route.v3.VirtualHost.retry_policy>` should not be
+	// set if this field is used.
+	RetryPolicyTypedConfig *any.Any `protobuf:"bytes,20,opt,name=retry_policy_typed_config,json=retryPolicyTypedConfig,proto3" json:"retry_policy_typed_config,omitempty"`
+	// Indicates the hedge policy for all routes in this virtual host. Note that setting a
+	// route level entry will take precedence over this config and it'll be treated
+	// independently (e.g.: values are not inherited).
+	HedgePolicy *HedgePolicy `protobuf:"bytes,17,opt,name=hedge_policy,json=hedgePolicy,proto3" json:"hedge_policy,omitempty"`
+	// The maximum bytes which will be buffered for retries and shadowing.
+	// If set and a route-specific limit is not set, the bytes actually buffered will be the minimum
+	// value of this and the listener per_connection_buffer_limit_bytes.
+	PerRequestBufferLimitBytes *wrappers.UInt32Value `protobuf:"bytes,18,opt,name=per_request_buffer_limit_bytes,json=perRequestBufferLimitBytes,proto3" json:"per_request_buffer_limit_bytes,omitempty"`
+}
+
+func (x *VirtualHost) Reset() {
+	*x = VirtualHost{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_config_route_v3_route_components_proto_msgTypes[0]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *VirtualHost) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*VirtualHost) ProtoMessage() {}
+
+func (x *VirtualHost) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_config_route_v3_route_components_proto_msgTypes[0]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use VirtualHost.ProtoReflect.Descriptor instead.
+func (*VirtualHost) Descriptor() ([]byte, []int) {
+	return file_envoy_config_route_v3_route_components_proto_rawDescGZIP(), []int{0}
+}
+
+func (x *VirtualHost) GetName() string {
+	if x != nil {
+		return x.Name
+	}
+	return ""
+}
+
+func (x *VirtualHost) GetDomains() []string {
+	if x != nil {
+		return x.Domains
+	}
+	return nil
+}
+
+func (x *VirtualHost) GetRoutes() []*Route {
+	if x != nil {
+		return x.Routes
+	}
+	return nil
+}
+
+func (x *VirtualHost) GetMatcher() *v3.Matcher {
+	if x != nil {
+		return x.Matcher
+	}
+	return nil
+}
+
+func (x *VirtualHost) GetRequireTls() VirtualHost_TlsRequirementType {
+	if x != nil {
+		return x.RequireTls
+	}
+	return VirtualHost_NONE
+}
+
+func (x *VirtualHost) GetVirtualClusters() []*VirtualCluster {
+	if x != nil {
+		return x.VirtualClusters
+	}
+	return nil
+}
+
+func (x *VirtualHost) GetRateLimits() []*RateLimit {
+	if x != nil {
+		return x.RateLimits
+	}
+	return nil
+}
+
+func (x *VirtualHost) GetRequestHeadersToAdd() []*v31.HeaderValueOption {
+	if x != nil {
+		return x.RequestHeadersToAdd
+	}
+	return nil
+}
+
+func (x *VirtualHost) GetRequestHeadersToRemove() []string {
+	if x != nil {
+		return x.RequestHeadersToRemove
+	}
+	return nil
+}
+
+func (x *VirtualHost) GetResponseHeadersToAdd() []*v31.HeaderValueOption {
+	if x != nil {
+		return x.ResponseHeadersToAdd
+	}
+	return nil
+}
+
+func (x *VirtualHost) GetResponseHeadersToRemove() []string {
+	if x != nil {
+		return x.ResponseHeadersToRemove
+	}
+	return nil
+}
+
+func (x *VirtualHost) GetCors() *CorsPolicy {
+	if x != nil {
+		return x.Cors
+	}
+	return nil
+}
+
+func (x *VirtualHost) GetTypedPerFilterConfig() map[string]*any.Any {
+	if x != nil {
+		return x.TypedPerFilterConfig
+	}
+	return nil
+}
+
+func (x *VirtualHost) GetIncludeRequestAttemptCount() bool {
+	if x != nil {
+		return x.IncludeRequestAttemptCount
+	}
+	return false
+}
+
+func (x *VirtualHost) GetIncludeAttemptCountInResponse() bool {
+	if x != nil {
+		return x.IncludeAttemptCountInResponse
+	}
+	return false
+}
+
+func (x *VirtualHost) GetRetryPolicy() *RetryPolicy {
+	if x != nil {
+		return x.RetryPolicy
+	}
+	return nil
+}
+
+func (x *VirtualHost) GetRetryPolicyTypedConfig() *any.Any {
+	if x != nil {
+		return x.RetryPolicyTypedConfig
+	}
+	return nil
+}
+
+func (x *VirtualHost) GetHedgePolicy() *HedgePolicy {
+	if x != nil {
+		return x.HedgePolicy
+	}
+	return nil
+}
+
+func (x *VirtualHost) GetPerRequestBufferLimitBytes() *wrappers.UInt32Value {
+	if x != nil {
+		return x.PerRequestBufferLimitBytes
+	}
+	return nil
+}
+
+// A filter-defined action type.
+type FilterAction struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	Action *any.Any `protobuf:"bytes,1,opt,name=action,proto3" json:"action,omitempty"`
+}
+
+func (x *FilterAction) Reset() {
+	*x = FilterAction{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_config_route_v3_route_components_proto_msgTypes[1]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *FilterAction) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*FilterAction) ProtoMessage() {}
+
+func (x *FilterAction) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_config_route_v3_route_components_proto_msgTypes[1]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use FilterAction.ProtoReflect.Descriptor instead.
+func (*FilterAction) Descriptor() ([]byte, []int) {
+	return file_envoy_config_route_v3_route_components_proto_rawDescGZIP(), []int{1}
+}
+
+func (x *FilterAction) GetAction() *any.Any {
+	if x != nil {
+		return x.Action
+	}
+	return nil
+}
+
+// A route is both a specification of how to match a request as well as an indication of what to do
+// next (e.g., redirect, forward, rewrite, etc.).
+//
+// .. attention::
+//
+//   Envoy supports routing on HTTP method via :ref:`header matching
+//   <envoy_v3_api_msg_config.route.v3.HeaderMatcher>`.
+// [#next-free-field: 19]
+type Route struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// Name for the route.
+	Name string `protobuf:"bytes,14,opt,name=name,proto3" json:"name,omitempty"`
+	// Route matching parameters.
+	Match *RouteMatch `protobuf:"bytes,1,opt,name=match,proto3" json:"match,omitempty"`
+	// Types that are assignable to Action:
+	//	*Route_Route
+	//	*Route_Redirect
+	//	*Route_DirectResponse
+	//	*Route_FilterAction
+	//	*Route_NonForwardingAction
+	Action isRoute_Action `protobuf_oneof:"action"`
+	// The Metadata field can be used to provide additional information
+	// about the route. It can be used for configuration, stats, and logging.
+	// The metadata should go under the filter namespace that will need it.
+	// For instance, if the metadata is intended for the Router filter,
+	// the filter name should be specified as *envoy.filters.http.router*.
+	Metadata *v31.Metadata `protobuf:"bytes,4,opt,name=metadata,proto3" json:"metadata,omitempty"`
+	// Decorator for the matched route.
+	Decorator *Decorator `protobuf:"bytes,5,opt,name=decorator,proto3" json:"decorator,omitempty"`
+	// The typed_per_filter_config field can be used to provide route-specific
+	// configurations for filters. The key should match the filter name, such as
+	// *envoy.filters.http.buffer* for the HTTP buffer filter. Use of this field is filter
+	// specific; see the :ref:`HTTP filter documentation <config_http_filters>` for
+	// if and how it is utilized.
+	// [#comment: An entry's value may be wrapped in a
+	// :ref:`FilterConfig<envoy_v3_api_msg_config.route.v3.FilterConfig>`
+	// message to specify additional options.]
+	TypedPerFilterConfig map[string]*any.Any `protobuf:"bytes,13,rep,name=typed_per_filter_config,json=typedPerFilterConfig,proto3" json:"typed_per_filter_config,omitempty" protobuf_key:"bytes,1,opt,name=key,proto3" protobuf_val:"bytes,2,opt,name=value,proto3"`
+	// Specifies a set of headers that will be added to requests matching this
+	// route. Headers specified at this level are applied before headers from the
+	// enclosing :ref:`envoy_v3_api_msg_config.route.v3.VirtualHost` and
+	// :ref:`envoy_v3_api_msg_config.route.v3.RouteConfiguration`. For more information, including details on
+	// header value syntax, see the documentation on :ref:`custom request headers
+	// <config_http_conn_man_headers_custom_request_headers>`.
+	RequestHeadersToAdd []*v31.HeaderValueOption `protobuf:"bytes,9,rep,name=request_headers_to_add,json=requestHeadersToAdd,proto3" json:"request_headers_to_add,omitempty"`
+	// Specifies a list of HTTP headers that should be removed from each request
+	// matching this route.
+	RequestHeadersToRemove []string `protobuf:"bytes,12,rep,name=request_headers_to_remove,json=requestHeadersToRemove,proto3" json:"request_headers_to_remove,omitempty"`
+	// Specifies a set of headers that will be added to responses to requests
+	// matching this route. Headers specified at this level are applied before
+	// headers from the enclosing :ref:`envoy_v3_api_msg_config.route.v3.VirtualHost` and
+	// :ref:`envoy_v3_api_msg_config.route.v3.RouteConfiguration`. For more information, including
+	// details on header value syntax, see the documentation on
+	// :ref:`custom request headers <config_http_conn_man_headers_custom_request_headers>`.
+	ResponseHeadersToAdd []*v31.HeaderValueOption `protobuf:"bytes,10,rep,name=response_headers_to_add,json=responseHeadersToAdd,proto3" json:"response_headers_to_add,omitempty"`
+	// Specifies a list of HTTP headers that should be removed from each response
+	// to requests matching this route.
+	ResponseHeadersToRemove []string `protobuf:"bytes,11,rep,name=response_headers_to_remove,json=responseHeadersToRemove,proto3" json:"response_headers_to_remove,omitempty"`
+	// Presence of the object defines whether the connection manager's tracing configuration
+	// is overridden by this route specific instance.
+	Tracing *Tracing `protobuf:"bytes,15,opt,name=tracing,proto3" json:"tracing,omitempty"`
+	// The maximum bytes which will be buffered for retries and shadowing.
+	// If set, the bytes actually buffered will be the minimum value of this and the
+	// listener per_connection_buffer_limit_bytes.
+	PerRequestBufferLimitBytes *wrappers.UInt32Value `protobuf:"bytes,16,opt,name=per_request_buffer_limit_bytes,json=perRequestBufferLimitBytes,proto3" json:"per_request_buffer_limit_bytes,omitempty"`
+}
+
+func (x *Route) Reset() {
+	*x = Route{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_config_route_v3_route_components_proto_msgTypes[2]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *Route) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*Route) ProtoMessage() {}
+
+func (x *Route) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_config_route_v3_route_components_proto_msgTypes[2]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use Route.ProtoReflect.Descriptor instead.
+func (*Route) Descriptor() ([]byte, []int) {
+	return file_envoy_config_route_v3_route_components_proto_rawDescGZIP(), []int{2}
+}
+
+func (x *Route) GetName() string {
+	if x != nil {
+		return x.Name
+	}
+	return ""
+}
+
+func (x *Route) GetMatch() *RouteMatch {
+	if x != nil {
+		return x.Match
+	}
+	return nil
+}
+
+func (m *Route) GetAction() isRoute_Action {
+	if m != nil {
+		return m.Action
+	}
+	return nil
+}
+
+func (x *Route) GetRoute() *RouteAction {
+	if x, ok := x.GetAction().(*Route_Route); ok {
+		return x.Route
+	}
+	return nil
+}
+
+func (x *Route) GetRedirect() *RedirectAction {
+	if x, ok := x.GetAction().(*Route_Redirect); ok {
+		return x.Redirect
+	}
+	return nil
+}
+
+func (x *Route) GetDirectResponse() *DirectResponseAction {
+	if x, ok := x.GetAction().(*Route_DirectResponse); ok {
+		return x.DirectResponse
+	}
+	return nil
+}
+
+func (x *Route) GetFilterAction() *FilterAction {
+	if x, ok := x.GetAction().(*Route_FilterAction); ok {
+		return x.FilterAction
+	}
+	return nil
+}
+
+func (x *Route) GetNonForwardingAction() *NonForwardingAction {
+	if x, ok := x.GetAction().(*Route_NonForwardingAction); ok {
+		return x.NonForwardingAction
+	}
+	return nil
+}
+
+func (x *Route) GetMetadata() *v31.Metadata {
+	if x != nil {
+		return x.Metadata
+	}
+	return nil
+}
+
+func (x *Route) GetDecorator() *Decorator {
+	if x != nil {
+		return x.Decorator
+	}
+	return nil
+}
+
+func (x *Route) GetTypedPerFilterConfig() map[string]*any.Any {
+	if x != nil {
+		return x.TypedPerFilterConfig
+	}
+	return nil
+}
+
+func (x *Route) GetRequestHeadersToAdd() []*v31.HeaderValueOption {
+	if x != nil {
+		return x.RequestHeadersToAdd
+	}
+	return nil
+}
+
+func (x *Route) GetRequestHeadersToRemove() []string {
+	if x != nil {
+		return x.RequestHeadersToRemove
+	}
+	return nil
+}
+
+func (x *Route) GetResponseHeadersToAdd() []*v31.HeaderValueOption {
+	if x != nil {
+		return x.ResponseHeadersToAdd
+	}
+	return nil
+}
+
+func (x *Route) GetResponseHeadersToRemove() []string {
+	if x != nil {
+		return x.ResponseHeadersToRemove
+	}
+	return nil
+}
+
+func (x *Route) GetTracing() *Tracing {
+	if x != nil {
+		return x.Tracing
+	}
+	return nil
+}
+
+func (x *Route) GetPerRequestBufferLimitBytes() *wrappers.UInt32Value {
+	if x != nil {
+		return x.PerRequestBufferLimitBytes
+	}
+	return nil
+}
+
+type isRoute_Action interface {
+	isRoute_Action()
+}
+
+type Route_Route struct {
+	// Route request to some upstream cluster.
+	Route *RouteAction `protobuf:"bytes,2,opt,name=route,proto3,oneof"`
+}
+
+type Route_Redirect struct {
+	// Return a redirect.
+	Redirect *RedirectAction `protobuf:"bytes,3,opt,name=redirect,proto3,oneof"`
+}
+
+type Route_DirectResponse struct {
+	// Return an arbitrary HTTP response directly, without proxying.
+	DirectResponse *DirectResponseAction `protobuf:"bytes,7,opt,name=direct_response,json=directResponse,proto3,oneof"`
+}
+
+type Route_FilterAction struct {
+	// [#not-implemented-hide:]
+	// A filter-defined action (e.g., it could dynamically generate the RouteAction).
+	// [#comment: TODO(samflattery): Remove cleanup in route_fuzz_test.cc when
+	// implemented]
+	FilterAction *FilterAction `protobuf:"bytes,17,opt,name=filter_action,json=filterAction,proto3,oneof"`
+}
+
+type Route_NonForwardingAction struct {
+	// [#not-implemented-hide:]
+	// An action used when the route will generate a response directly,
+	// without forwarding to an upstream host. This will be used in non-proxy
+	// xDS clients like the gRPC server. It could also be used in the future
+	// in Envoy for a filter that directly generates responses for requests.
+	NonForwardingAction *NonForwardingAction `protobuf:"bytes,18,opt,name=non_forwarding_action,json=nonForwardingAction,proto3,oneof"`
+}
+
+func (*Route_Route) isRoute_Action() {}
+
+func (*Route_Redirect) isRoute_Action() {}
+
+func (*Route_DirectResponse) isRoute_Action() {}
+
+func (*Route_FilterAction) isRoute_Action() {}
+
+func (*Route_NonForwardingAction) isRoute_Action() {}
+
+// Compared to the :ref:`cluster <envoy_v3_api_field_config.route.v3.RouteAction.cluster>` field that specifies a
+// single upstream cluster as the target of a request, the :ref:`weighted_clusters
+// <envoy_v3_api_field_config.route.v3.RouteAction.weighted_clusters>` option allows for specification of
+// multiple upstream clusters along with weights that indicate the percentage of
+// traffic to be forwarded to each cluster. The router selects an upstream cluster based on the
+// weights.
+type WeightedCluster struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// Specifies one or more upstream clusters associated with the route.
+	Clusters []*WeightedCluster_ClusterWeight `protobuf:"bytes,1,rep,name=clusters,proto3" json:"clusters,omitempty"`
+	// Specifies the total weight across all clusters. The sum of all cluster weights must equal this
+	// value, which must be greater than 0. Defaults to 100.
+	TotalWeight *wrappers.UInt32Value `protobuf:"bytes,3,opt,name=total_weight,json=totalWeight,proto3" json:"total_weight,omitempty"`
+	// Specifies the runtime key prefix that should be used to construct the
+	// runtime keys associated with each cluster. When the *runtime_key_prefix* is
+	// specified, the router will look for weights associated with each upstream
+	// cluster under the key *runtime_key_prefix* + "." + *cluster[i].name* where
+	// *cluster[i]* denotes an entry in the clusters array field. If the runtime
+	// key for the cluster does not exist, the value specified in the
+	// configuration file will be used as the default weight. See the :ref:`runtime documentation
+	// <operations_runtime>` for how key names map to the underlying implementation.
+	RuntimeKeyPrefix string `protobuf:"bytes,2,opt,name=runtime_key_prefix,json=runtimeKeyPrefix,proto3" json:"runtime_key_prefix,omitempty"`
+}
+
+func (x *WeightedCluster) Reset() {
+	*x = WeightedCluster{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_config_route_v3_route_components_proto_msgTypes[3]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *WeightedCluster) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*WeightedCluster) ProtoMessage() {}
+
+func (x *WeightedCluster) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_config_route_v3_route_components_proto_msgTypes[3]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use WeightedCluster.ProtoReflect.Descriptor instead.
+func (*WeightedCluster) Descriptor() ([]byte, []int) {
+	return file_envoy_config_route_v3_route_components_proto_rawDescGZIP(), []int{3}
+}
+
+func (x *WeightedCluster) GetClusters() []*WeightedCluster_ClusterWeight {
+	if x != nil {
+		return x.Clusters
+	}
+	return nil
+}
+
+func (x *WeightedCluster) GetTotalWeight() *wrappers.UInt32Value {
+	if x != nil {
+		return x.TotalWeight
+	}
+	return nil
+}
+
+func (x *WeightedCluster) GetRuntimeKeyPrefix() string {
+	if x != nil {
+		return x.RuntimeKeyPrefix
+	}
+	return ""
+}
+
+// [#next-free-field: 14]
+type RouteMatch struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// Types that are assignable to PathSpecifier:
+	//	*RouteMatch_Prefix
+	//	*RouteMatch_Path
+	//	*RouteMatch_SafeRegex
+	//	*RouteMatch_ConnectMatcher_
+	PathSpecifier isRouteMatch_PathSpecifier `protobuf_oneof:"path_specifier"`
+	// Indicates that prefix/path matching should be case sensitive. The default
+	// is true. Ignored for safe_regex matching.
+	CaseSensitive *wrappers.BoolValue `protobuf:"bytes,4,opt,name=case_sensitive,json=caseSensitive,proto3" json:"case_sensitive,omitempty"`
+	// Indicates that the route should additionally match on a runtime key. Every time the route
+	// is considered for a match, it must also fall under the percentage of matches indicated by
+	// this field. For some fraction N/D, a random number in the range [0,D) is selected. If the
+	// number is <= the value of the numerator N, or if the key is not present, the default
+	// value, the router continues to evaluate the remaining match criteria. A runtime_fraction
+	// route configuration can be used to roll out route changes in a gradual manner without full
+	// code/config deploys. Refer to the :ref:`traffic shifting
+	// <config_http_conn_man_route_table_traffic_splitting_shift>` docs for additional documentation.
+	//
+	// .. note::
+	//
+	//    Parsing this field is implemented such that the runtime key's data may be represented
+	//    as a FractionalPercent proto represented as JSON/YAML and may also be represented as an
+	//    integer with the assumption that the value is an integral percentage out of 100. For
+	//    instance, a runtime key lookup returning the value "42" would parse as a FractionalPercent
+	//    whose numerator is 42 and denominator is HUNDRED. This preserves legacy semantics.
+	RuntimeFraction *v31.RuntimeFractionalPercent `protobuf:"bytes,9,opt,name=runtime_fraction,json=runtimeFraction,proto3" json:"runtime_fraction,omitempty"`
+	// Specifies a set of headers that the route should match on. The router will
+	// check the request’s headers against all the specified headers in the route
+	// config. A match will happen if all the headers in the route are present in
+	// the request with the same values (or based on presence if the value field
+	// is not in the config).
+	Headers []*HeaderMatcher `protobuf:"bytes,6,rep,name=headers,proto3" json:"headers,omitempty"`
+	// Specifies a set of URL query parameters on which the route should
+	// match. The router will check the query string from the *path* header
+	// against all the specified query parameters. If the number of specified
+	// query parameters is nonzero, they all must match the *path* header's
+	// query string for a match to occur.
+	//
+	// .. note::
+	//
+	//    If query parameters are used to pass request message fields when
+	//    `grpc_json_transcoder <https://www.envoyproxy.io/docs/envoy/latest/configuration/http/http_filters/grpc_json_transcoder_filter>`_
+	//    is used, the transcoded message fields maybe different. The query parameters are
+	//    url encoded, but the message fields are not. For example, if a query
+	//    parameter is "foo%20bar", the message field will be "foo bar".
+	QueryParameters []*QueryParameterMatcher `protobuf:"bytes,7,rep,name=query_parameters,json=queryParameters,proto3" json:"query_parameters,omitempty"`
+	// If specified, only gRPC requests will be matched. The router will check
+	// that the content-type header has a application/grpc or one of the various
+	// application/grpc+ values.
+	Grpc *RouteMatch_GrpcRouteMatchOptions `protobuf:"bytes,8,opt,name=grpc,proto3" json:"grpc,omitempty"`
+	// If specified, the client tls context will be matched against the defined
+	// match options.
+	//
+	// [#next-major-version: unify with RBAC]
+	TlsContext *RouteMatch_TlsContextMatchOptions `protobuf:"bytes,11,opt,name=tls_context,json=tlsContext,proto3" json:"tls_context,omitempty"`
+	// Specifies a set of dynamic metadata matchers on which the route should match.
+	// The router will check the dynamic metadata against all the specified dynamic metadata matchers.
+	// If the number of specified dynamic metadata matchers is nonzero, they all must match the
+	// dynamic metadata for a match to occur.
+	DynamicMetadata []*v32.MetadataMatcher `protobuf:"bytes,13,rep,name=dynamic_metadata,json=dynamicMetadata,proto3" json:"dynamic_metadata,omitempty"`
+}
+
+func (x *RouteMatch) Reset() {
+	*x = RouteMatch{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_config_route_v3_route_components_proto_msgTypes[4]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *RouteMatch) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*RouteMatch) ProtoMessage() {}
+
+func (x *RouteMatch) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_config_route_v3_route_components_proto_msgTypes[4]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use RouteMatch.ProtoReflect.Descriptor instead.
+func (*RouteMatch) Descriptor() ([]byte, []int) {
+	return file_envoy_config_route_v3_route_components_proto_rawDescGZIP(), []int{4}
+}
+
+func (m *RouteMatch) GetPathSpecifier() isRouteMatch_PathSpecifier {
+	if m != nil {
+		return m.PathSpecifier
+	}
+	return nil
+}
+
+func (x *RouteMatch) GetPrefix() string {
+	if x, ok := x.GetPathSpecifier().(*RouteMatch_Prefix); ok {
+		return x.Prefix
+	}
+	return ""
+}
+
+func (x *RouteMatch) GetPath() string {
+	if x, ok := x.GetPathSpecifier().(*RouteMatch_Path); ok {
+		return x.Path
+	}
+	return ""
+}
+
+func (x *RouteMatch) GetSafeRegex() *v32.RegexMatcher {
+	if x, ok := x.GetPathSpecifier().(*RouteMatch_SafeRegex); ok {
+		return x.SafeRegex
+	}
+	return nil
+}
+
+func (x *RouteMatch) GetConnectMatcher() *RouteMatch_ConnectMatcher {
+	if x, ok := x.GetPathSpecifier().(*RouteMatch_ConnectMatcher_); ok {
+		return x.ConnectMatcher
+	}
+	return nil
+}
+
+func (x *RouteMatch) GetCaseSensitive() *wrappers.BoolValue {
+	if x != nil {
+		return x.CaseSensitive
+	}
+	return nil
+}
+
+func (x *RouteMatch) GetRuntimeFraction() *v31.RuntimeFractionalPercent {
+	if x != nil {
+		return x.RuntimeFraction
+	}
+	return nil
+}
+
+func (x *RouteMatch) GetHeaders() []*HeaderMatcher {
+	if x != nil {
+		return x.Headers
+	}
+	return nil
+}
+
+func (x *RouteMatch) GetQueryParameters() []*QueryParameterMatcher {
+	if x != nil {
+		return x.QueryParameters
+	}
+	return nil
+}
+
+func (x *RouteMatch) GetGrpc() *RouteMatch_GrpcRouteMatchOptions {
+	if x != nil {
+		return x.Grpc
+	}
+	return nil
+}
+
+func (x *RouteMatch) GetTlsContext() *RouteMatch_TlsContextMatchOptions {
+	if x != nil {
+		return x.TlsContext
+	}
+	return nil
+}
+
+func (x *RouteMatch) GetDynamicMetadata() []*v32.MetadataMatcher {
+	if x != nil {
+		return x.DynamicMetadata
+	}
+	return nil
+}
+
+type isRouteMatch_PathSpecifier interface {
+	isRouteMatch_PathSpecifier()
+}
+
+type RouteMatch_Prefix struct {
+	// If specified, the route is a prefix rule meaning that the prefix must
+	// match the beginning of the *:path* header.
+	Prefix string `protobuf:"bytes,1,opt,name=prefix,proto3,oneof"`
+}
+
+type RouteMatch_Path struct {
+	// If specified, the route is an exact path rule meaning that the path must
+	// exactly match the *:path* header once the query string is removed.
+	Path string `protobuf:"bytes,2,opt,name=path,proto3,oneof"`
+}
+
+type RouteMatch_SafeRegex struct {
+	// If specified, the route is a regular expression rule meaning that the
+	// regex must match the *:path* header once the query string is removed. The entire path
+	// (without the query string) must match the regex. The rule will not match if only a
+	// subsequence of the *:path* header matches the regex.
+	//
+	// [#next-major-version: In the v3 API we should redo how path specification works such
+	// that we utilize StringMatcher, and additionally have consistent options around whether we
+	// strip query strings, do a case sensitive match, etc. In the interim it will be too disruptive
+	// to deprecate the existing options. We should even consider whether we want to do away with
+	// path_specifier entirely and just rely on a set of header matchers which can already match
+	// on :path, etc. The issue with that is it is unclear how to generically deal with query string
+	// stripping. This needs more thought.]
+	SafeRegex *v32.RegexMatcher `protobuf:"bytes,10,opt,name=safe_regex,json=safeRegex,proto3,oneof"`
+}
+
+type RouteMatch_ConnectMatcher_ struct {
+	// If this is used as the matcher, the matcher will only match CONNECT requests.
+	// Note that this will not match HTTP/2 upgrade-style CONNECT requests
+	// (WebSocket and the like) as they are normalized in Envoy as HTTP/1.1 style
+	// upgrades.
+	// This is the only way to match CONNECT requests for HTTP/1.1. For HTTP/2,
+	// where Extended CONNECT requests may have a path, the path matchers will work if
+	// there is a path present.
+	// Note that CONNECT support is currently considered alpha in Envoy.
+	// [#comment: TODO(htuch): Replace the above comment with an alpha tag.]
+	ConnectMatcher *RouteMatch_ConnectMatcher `protobuf:"bytes,12,opt,name=connect_matcher,json=connectMatcher,proto3,oneof"`
+}
+
+func (*RouteMatch_Prefix) isRouteMatch_PathSpecifier() {}
+
+func (*RouteMatch_Path) isRouteMatch_PathSpecifier() {}
+
+func (*RouteMatch_SafeRegex) isRouteMatch_PathSpecifier() {}
+
+func (*RouteMatch_ConnectMatcher_) isRouteMatch_PathSpecifier() {}
+
+// [#next-free-field: 12]
+type CorsPolicy struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// Specifies string patterns that match allowed origins. An origin is allowed if any of the
+	// string matchers match.
+	AllowOriginStringMatch []*v32.StringMatcher `protobuf:"bytes,11,rep,name=allow_origin_string_match,json=allowOriginStringMatch,proto3" json:"allow_origin_string_match,omitempty"`
+	// Specifies the content for the *access-control-allow-methods* header.
+	AllowMethods string `protobuf:"bytes,2,opt,name=allow_methods,json=allowMethods,proto3" json:"allow_methods,omitempty"`
+	// Specifies the content for the *access-control-allow-headers* header.
+	AllowHeaders string `protobuf:"bytes,3,opt,name=allow_headers,json=allowHeaders,proto3" json:"allow_headers,omitempty"`
+	// Specifies the content for the *access-control-expose-headers* header.
+	ExposeHeaders string `protobuf:"bytes,4,opt,name=expose_headers,json=exposeHeaders,proto3" json:"expose_headers,omitempty"`
+	// Specifies the content for the *access-control-max-age* header.
+	MaxAge string `protobuf:"bytes,5,opt,name=max_age,json=maxAge,proto3" json:"max_age,omitempty"`
+	// Specifies whether the resource allows credentials.
+	AllowCredentials *wrappers.BoolValue `protobuf:"bytes,6,opt,name=allow_credentials,json=allowCredentials,proto3" json:"allow_credentials,omitempty"`
+	// Types that are assignable to EnabledSpecifier:
+	//	*CorsPolicy_FilterEnabled
+	EnabledSpecifier isCorsPolicy_EnabledSpecifier `protobuf_oneof:"enabled_specifier"`
+	// Specifies the % of requests for which the CORS policies will be evaluated and tracked, but not
+	// enforced.
+	//
+	// This field is intended to be used when ``filter_enabled`` and ``enabled`` are off. One of those
+	// fields have to explicitly disable the filter in order for this setting to take effect.
+	//
+	// If :ref:`runtime_key <envoy_v3_api_field_config.core.v3.RuntimeFractionalPercent.runtime_key>` is specified,
+	// Envoy will lookup the runtime key to get the percentage of requests for which it will evaluate
+	// and track the request's *Origin* to determine if it's valid but will not enforce any policies.
+	ShadowEnabled *v31.RuntimeFractionalPercent `protobuf:"bytes,10,opt,name=shadow_enabled,json=shadowEnabled,proto3" json:"shadow_enabled,omitempty"`
+}
+
+func (x *CorsPolicy) Reset() {
+	*x = CorsPolicy{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_config_route_v3_route_components_proto_msgTypes[5]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *CorsPolicy) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*CorsPolicy) ProtoMessage() {}
+
+func (x *CorsPolicy) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_config_route_v3_route_components_proto_msgTypes[5]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use CorsPolicy.ProtoReflect.Descriptor instead.
+func (*CorsPolicy) Descriptor() ([]byte, []int) {
+	return file_envoy_config_route_v3_route_components_proto_rawDescGZIP(), []int{5}
+}
+
+func (x *CorsPolicy) GetAllowOriginStringMatch() []*v32.StringMatcher {
+	if x != nil {
+		return x.AllowOriginStringMatch
+	}
+	return nil
+}
+
+func (x *CorsPolicy) GetAllowMethods() string {
+	if x != nil {
+		return x.AllowMethods
+	}
+	return ""
+}
+
+func (x *CorsPolicy) GetAllowHeaders() string {
+	if x != nil {
+		return x.AllowHeaders
+	}
+	return ""
+}
+
+func (x *CorsPolicy) GetExposeHeaders() string {
+	if x != nil {
+		return x.ExposeHeaders
+	}
+	return ""
+}
+
+func (x *CorsPolicy) GetMaxAge() string {
+	if x != nil {
+		return x.MaxAge
+	}
+	return ""
+}
+
+func (x *CorsPolicy) GetAllowCredentials() *wrappers.BoolValue {
+	if x != nil {
+		return x.AllowCredentials
+	}
+	return nil
+}
+
+func (m *CorsPolicy) GetEnabledSpecifier() isCorsPolicy_EnabledSpecifier {
+	if m != nil {
+		return m.EnabledSpecifier
+	}
+	return nil
+}
+
+func (x *CorsPolicy) GetFilterEnabled() *v31.RuntimeFractionalPercent {
+	if x, ok := x.GetEnabledSpecifier().(*CorsPolicy_FilterEnabled); ok {
+		return x.FilterEnabled
+	}
+	return nil
+}
+
+func (x *CorsPolicy) GetShadowEnabled() *v31.RuntimeFractionalPercent {
+	if x != nil {
+		return x.ShadowEnabled
+	}
+	return nil
+}
+
+type isCorsPolicy_EnabledSpecifier interface {
+	isCorsPolicy_EnabledSpecifier()
+}
+
+type CorsPolicy_FilterEnabled struct {
+	// Specifies the % of requests for which the CORS filter is enabled.
+	//
+	// If neither ``enabled``, ``filter_enabled``, nor ``shadow_enabled`` are specified, the CORS
+	// filter will be enabled for 100% of the requests.
+	//
+	// If :ref:`runtime_key <envoy_v3_api_field_config.core.v3.RuntimeFractionalPercent.runtime_key>` is
+	// specified, Envoy will lookup the runtime key to get the percentage of requests to filter.
+	FilterEnabled *v31.RuntimeFractionalPercent `protobuf:"bytes,9,opt,name=filter_enabled,json=filterEnabled,proto3,oneof"`
+}
+
+func (*CorsPolicy_FilterEnabled) isCorsPolicy_EnabledSpecifier() {}
+
+// [#next-free-field: 38]
+type RouteAction struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// Types that are assignable to ClusterSpecifier:
+	//	*RouteAction_Cluster
+	//	*RouteAction_ClusterHeader
+	//	*RouteAction_WeightedClusters
+	//	*RouteAction_ClusterSpecifierPlugin
+	ClusterSpecifier isRouteAction_ClusterSpecifier `protobuf_oneof:"cluster_specifier"`
+	// The HTTP status code to use when configured cluster is not found.
+	// The default response code is 503 Service Unavailable.
+	ClusterNotFoundResponseCode RouteAction_ClusterNotFoundResponseCode `protobuf:"varint,20,opt,name=cluster_not_found_response_code,json=clusterNotFoundResponseCode,proto3,enum=envoy.config.route.v3.RouteAction_ClusterNotFoundResponseCode" json:"cluster_not_found_response_code,omitempty"`
+	// Optional endpoint metadata match criteria used by the subset load balancer. Only endpoints
+	// in the upstream cluster with metadata matching what's set in this field will be considered
+	// for load balancing. If using :ref:`weighted_clusters
+	// <envoy_v3_api_field_config.route.v3.RouteAction.weighted_clusters>`, metadata will be merged, with values
+	// provided there taking precedence. The filter name should be specified as *envoy.lb*.
+	MetadataMatch *v31.Metadata `protobuf:"bytes,4,opt,name=metadata_match,json=metadataMatch,proto3" json:"metadata_match,omitempty"`
+	// Indicates that during forwarding, the matched prefix (or path) should be
+	// swapped with this value. This option allows application URLs to be rooted
+	// at a different path from those exposed at the reverse proxy layer. The router filter will
+	// place the original path before rewrite into the :ref:`x-envoy-original-path
+	// <config_http_filters_router_x-envoy-original-path>` header.
+	//
+	// Only one of *prefix_rewrite* or
+	// :ref:`regex_rewrite <envoy_v3_api_field_config.route.v3.RouteAction.regex_rewrite>`
+	// may be specified.
+	//
+	// .. attention::
+	//
+	//   Pay careful attention to the use of trailing slashes in the
+	//   :ref:`route's match <envoy_v3_api_field_config.route.v3.Route.match>` prefix value.
+	//   Stripping a prefix from a path requires multiple Routes to handle all cases. For example,
+	//   rewriting */prefix* to */* and */prefix/etc* to */etc* cannot be done in a single
+	//   :ref:`Route <envoy_v3_api_msg_config.route.v3.Route>`, as shown by the below config entries:
+	//
+	//   .. code-block:: yaml
+	//
+	//     - match:
+	//         prefix: "/prefix/"
+	//       route:
+	//         prefix_rewrite: "/"
+	//     - match:
+	//         prefix: "/prefix"
+	//       route:
+	//         prefix_rewrite: "/"
+	//
+	//   Having above entries in the config, requests to */prefix* will be stripped to */*, while
+	//   requests to */prefix/etc* will be stripped to */etc*.
+	PrefixRewrite string `protobuf:"bytes,5,opt,name=prefix_rewrite,json=prefixRewrite,proto3" json:"prefix_rewrite,omitempty"`
+	// Indicates that during forwarding, portions of the path that match the
+	// pattern should be rewritten, even allowing the substitution of capture
+	// groups from the pattern into the new path as specified by the rewrite
+	// substitution string. This is useful to allow application paths to be
+	// rewritten in a way that is aware of segments with variable content like
+	// identifiers. The router filter will place the original path as it was
+	// before the rewrite into the :ref:`x-envoy-original-path
+	// <config_http_filters_router_x-envoy-original-path>` header.
+	//
+	// Only one of :ref:`prefix_rewrite <envoy_v3_api_field_config.route.v3.RouteAction.prefix_rewrite>`
+	// or *regex_rewrite* may be specified.
+	//
+	// Examples using Google's `RE2 <https://github.com/google/re2>`_ engine:
+	//
+	// * The path pattern ``^/service/([^/]+)(/.*)$`` paired with a substitution
+	//   string of ``\2/instance/\1`` would transform ``/service/foo/v1/api``
+	//   into ``/v1/api/instance/foo``.
+	//
+	// * The pattern ``one`` paired with a substitution string of ``two`` would
+	//   transform ``/xxx/one/yyy/one/zzz`` into ``/xxx/two/yyy/two/zzz``.
+	//
+	// * The pattern ``^(.*?)one(.*)$`` paired with a substitution string of
+	//   ``\1two\2`` would replace only the first occurrence of ``one``,
+	//   transforming path ``/xxx/one/yyy/one/zzz`` into ``/xxx/two/yyy/one/zzz``.
+	//
+	// * The pattern ``(?i)/xxx/`` paired with a substitution string of ``/yyy/``
+	//   would do a case-insensitive match and transform path ``/aaa/XxX/bbb`` to
+	//   ``/aaa/yyy/bbb``.
+	RegexRewrite *v32.RegexMatchAndSubstitute `protobuf:"bytes,32,opt,name=regex_rewrite,json=regexRewrite,proto3" json:"regex_rewrite,omitempty"`
+	// Types that are assignable to HostRewriteSpecifier:
+	//	*RouteAction_HostRewriteLiteral
+	//	*RouteAction_AutoHostRewrite
+	//	*RouteAction_HostRewriteHeader
+	//	*RouteAction_HostRewritePathRegex
+	HostRewriteSpecifier isRouteAction_HostRewriteSpecifier `protobuf_oneof:"host_rewrite_specifier"`
+	// Specifies the upstream timeout for the route. If not specified, the default is 15s. This
+	// spans between the point at which the entire downstream request (i.e. end-of-stream) has been
+	// processed and when the upstream response has been completely processed. A value of 0 will
+	// disable the route's timeout.
+	//
+	// .. note::
+	//
+	//   This timeout includes all retries. See also
+	//   :ref:`config_http_filters_router_x-envoy-upstream-rq-timeout-ms`,
+	//   :ref:`config_http_filters_router_x-envoy-upstream-rq-per-try-timeout-ms`, and the
+	//   :ref:`retry overview <arch_overview_http_routing_retry>`.
+	Timeout *duration.Duration `protobuf:"bytes,8,opt,name=timeout,proto3" json:"timeout,omitempty"`
+	// Specifies the idle timeout for the route. If not specified, there is no per-route idle timeout,
+	// although the connection manager wide :ref:`stream_idle_timeout
+	// <envoy_v3_api_field_extensions.filters.network.http_connection_manager.v3.HttpConnectionManager.stream_idle_timeout>`
+	// will still apply. A value of 0 will completely disable the route's idle timeout, even if a
+	// connection manager stream idle timeout is configured.
+	//
+	// The idle timeout is distinct to :ref:`timeout
+	// <envoy_v3_api_field_config.route.v3.RouteAction.timeout>`, which provides an upper bound
+	// on the upstream response time; :ref:`idle_timeout
+	// <envoy_v3_api_field_config.route.v3.RouteAction.idle_timeout>` instead bounds the amount
+	// of time the request's stream may be idle.
+	//
+	// After header decoding, the idle timeout will apply on downstream and
+	// upstream request events. Each time an encode/decode event for headers or
+	// data is processed for the stream, the timer will be reset. If the timeout
+	// fires, the stream is terminated with a 408 Request Timeout error code if no
+	// upstream response header has been received, otherwise a stream reset
+	// occurs.
+	//
+	// If the :ref:`overload action <config_overload_manager_overload_actions>` "envoy.overload_actions.reduce_timeouts"
+	// is configured, this timeout is scaled according to the value for
+	// :ref:`HTTP_DOWNSTREAM_STREAM_IDLE <envoy_v3_api_enum_value_config.overload.v3.ScaleTimersOverloadActionConfig.TimerType.HTTP_DOWNSTREAM_STREAM_IDLE>`.
+	IdleTimeout *duration.Duration `protobuf:"bytes,24,opt,name=idle_timeout,json=idleTimeout,proto3" json:"idle_timeout,omitempty"`
+	// Indicates that the route has a retry policy. Note that if this is set,
+	// it'll take precedence over the virtual host level retry policy entirely
+	// (e.g.: policies are not merged, most internal one becomes the enforced policy).
+	RetryPolicy *RetryPolicy `protobuf:"bytes,9,opt,name=retry_policy,json=retryPolicy,proto3" json:"retry_policy,omitempty"`
+	// [#not-implemented-hide:]
+	// Specifies the configuration for retry policy extension. Note that if this is set, it'll take
+	// precedence over the virtual host level retry policy entirely (e.g.: policies are not merged,
+	// most internal one becomes the enforced policy). :ref:`Retry policy <envoy_v3_api_field_config.route.v3.VirtualHost.retry_policy>`
+	// should not be set if this field is used.
+	RetryPolicyTypedConfig *any.Any `protobuf:"bytes,33,opt,name=retry_policy_typed_config,json=retryPolicyTypedConfig,proto3" json:"retry_policy_typed_config,omitempty"`
+	// Indicates that the route has request mirroring policies.
+	RequestMirrorPolicies []*RouteAction_RequestMirrorPolicy `protobuf:"bytes,30,rep,name=request_mirror_policies,json=requestMirrorPolicies,proto3" json:"request_mirror_policies,omitempty"`
+	// Optionally specifies the :ref:`routing priority <arch_overview_http_routing_priority>`.
+	Priority v31.RoutingPriority `protobuf:"varint,11,opt,name=priority,proto3,enum=envoy.config.core.v3.RoutingPriority" json:"priority,omitempty"`
+	// Specifies a set of rate limit configurations that could be applied to the
+	// route.
+	RateLimits []*RateLimit `protobuf:"bytes,13,rep,name=rate_limits,json=rateLimits,proto3" json:"rate_limits,omitempty"`
+	// Specifies if the rate limit filter should include the virtual host rate
+	// limits. By default, if the route configured rate limits, the virtual host
+	// :ref:`rate_limits <envoy_v3_api_field_config.route.v3.VirtualHost.rate_limits>` are not applied to the
+	// request.
+	//
+	// This field is deprecated. Please use :ref:`vh_rate_limits <envoy_v3_api_field_extensions.filters.http.ratelimit.v3.RateLimitPerRoute.vh_rate_limits>`
+	//
+	// Deprecated: Do not use.
+	IncludeVhRateLimits *wrappers.BoolValue `protobuf:"bytes,14,opt,name=include_vh_rate_limits,json=includeVhRateLimits,proto3" json:"include_vh_rate_limits,omitempty"`
+	// Specifies a list of hash policies to use for ring hash load balancing. Each
+	// hash policy is evaluated individually and the combined result is used to
+	// route the request. The method of combination is deterministic such that
+	// identical lists of hash policies will produce the same hash. Since a hash
+	// policy examines specific parts of a request, it can fail to produce a hash
+	// (i.e. if the hashed header is not present). If (and only if) all configured
+	// hash policies fail to generate a hash, no hash will be produced for
+	// the route. In this case, the behavior is the same as if no hash policies
+	// were specified (i.e. the ring hash load balancer will choose a random
+	// backend). If a hash policy has the "terminal" attribute set to true, and
+	// there is already a hash generated, the hash is returned immediately,
+	// ignoring the rest of the hash policy list.
+	HashPolicy []*RouteAction_HashPolicy `protobuf:"bytes,15,rep,name=hash_policy,json=hashPolicy,proto3" json:"hash_policy,omitempty"`
+	// Indicates that the route has a CORS policy.
+	Cors *CorsPolicy `protobuf:"bytes,17,opt,name=cors,proto3" json:"cors,omitempty"`
+	// Deprecated by :ref:`grpc_timeout_header_max <envoy_v3_api_field_config.route.v3.RouteAction.MaxStreamDuration.grpc_timeout_header_max>`
+	// If present, and the request is a gRPC request, use the
+	// `grpc-timeout header <https://github.com/grpc/grpc/blob/master/doc/PROTOCOL-HTTP2.md>`_,
+	// or its default value (infinity) instead of
+	// :ref:`timeout <envoy_v3_api_field_config.route.v3.RouteAction.timeout>`, but limit the applied timeout
+	// to the maximum value specified here. If configured as 0, the maximum allowed timeout for
+	// gRPC requests is infinity. If not configured at all, the `grpc-timeout` header is not used
+	// and gRPC requests time out like any other requests using
+	// :ref:`timeout <envoy_v3_api_field_config.route.v3.RouteAction.timeout>` or its default.
+	// This can be used to prevent unexpected upstream request timeouts due to potentially long
+	// time gaps between gRPC request and response in gRPC streaming mode.
+	//
+	// .. note::
+	//
+	//    If a timeout is specified using :ref:`config_http_filters_router_x-envoy-upstream-rq-timeout-ms`, it takes
+	//    precedence over `grpc-timeout header <https://github.com/grpc/grpc/blob/master/doc/PROTOCOL-HTTP2.md>`_, when
+	//    both are present. See also
+	//    :ref:`config_http_filters_router_x-envoy-upstream-rq-timeout-ms`,
+	//    :ref:`config_http_filters_router_x-envoy-upstream-rq-per-try-timeout-ms`, and the
+	//    :ref:`retry overview <arch_overview_http_routing_retry>`.
+	//
+	// Deprecated: Do not use.
+	MaxGrpcTimeout *duration.Duration `protobuf:"bytes,23,opt,name=max_grpc_timeout,json=maxGrpcTimeout,proto3" json:"max_grpc_timeout,omitempty"`
+	// Deprecated by :ref:`grpc_timeout_header_offset <envoy_v3_api_field_config.route.v3.RouteAction.MaxStreamDuration.grpc_timeout_header_offset>`.
+	// If present, Envoy will adjust the timeout provided by the `grpc-timeout` header by subtracting
+	// the provided duration from the header. This is useful in allowing Envoy to set its global
+	// timeout to be less than that of the deadline imposed by the calling client, which makes it more
+	// likely that Envoy will handle the timeout instead of having the call canceled by the client.
+	// The offset will only be applied if the provided grpc_timeout is greater than the offset. This
+	// ensures that the offset will only ever decrease the timeout and never set it to 0 (meaning
+	// infinity).
+	//
+	// Deprecated: Do not use.
+	GrpcTimeoutOffset *duration.Duration           `protobuf:"bytes,28,opt,name=grpc_timeout_offset,json=grpcTimeoutOffset,proto3" json:"grpc_timeout_offset,omitempty"`
+	UpgradeConfigs    []*RouteAction_UpgradeConfig `protobuf:"bytes,25,rep,name=upgrade_configs,json=upgradeConfigs,proto3" json:"upgrade_configs,omitempty"`
+	// If present, Envoy will try to follow an upstream redirect response instead of proxying the
+	// response back to the downstream. An upstream redirect response is defined
+	// by :ref:`redirect_response_codes
+	// <envoy_v3_api_field_config.route.v3.InternalRedirectPolicy.redirect_response_codes>`.
+	InternalRedirectPolicy *InternalRedirectPolicy `protobuf:"bytes,34,opt,name=internal_redirect_policy,json=internalRedirectPolicy,proto3" json:"internal_redirect_policy,omitempty"`
+	// Deprecated: Do not use.
+	InternalRedirectAction RouteAction_InternalRedirectAction `protobuf:"varint,26,opt,name=internal_redirect_action,json=internalRedirectAction,proto3,enum=envoy.config.route.v3.RouteAction_InternalRedirectAction" json:"internal_redirect_action,omitempty"`
+	// An internal redirect is handled, iff the number of previous internal redirects that a
+	// downstream request has encountered is lower than this value, and
+	// :ref:`internal_redirect_action <envoy_v3_api_field_config.route.v3.RouteAction.internal_redirect_action>`
+	// is set to :ref:`HANDLE_INTERNAL_REDIRECT
+	// <envoy_v3_api_enum_value_config.route.v3.RouteAction.InternalRedirectAction.HANDLE_INTERNAL_REDIRECT>`
+	// In the case where a downstream request is bounced among multiple routes by internal redirect,
+	// the first route that hits this threshold, or has
+	// :ref:`internal_redirect_action <envoy_v3_api_field_config.route.v3.RouteAction.internal_redirect_action>`
+	// set to
+	// :ref:`PASS_THROUGH_INTERNAL_REDIRECT
+	// <envoy_v3_api_enum_value_config.route.v3.RouteAction.InternalRedirectAction.PASS_THROUGH_INTERNAL_REDIRECT>`
+	// will pass the redirect back to downstream.
+	//
+	// If not specified, at most one redirect will be followed.
+	//
+	// Deprecated: Do not use.
+	MaxInternalRedirects *wrappers.UInt32Value `protobuf:"bytes,31,opt,name=max_internal_redirects,json=maxInternalRedirects,proto3" json:"max_internal_redirects,omitempty"`
+	// Indicates that the route has a hedge policy. Note that if this is set,
+	// it'll take precedence over the virtual host level hedge policy entirely
+	// (e.g.: policies are not merged, most internal one becomes the enforced policy).
+	HedgePolicy *HedgePolicy `protobuf:"bytes,27,opt,name=hedge_policy,json=hedgePolicy,proto3" json:"hedge_policy,omitempty"`
+	// Specifies the maximum stream duration for this route.
+	MaxStreamDuration *RouteAction_MaxStreamDuration `protobuf:"bytes,36,opt,name=max_stream_duration,json=maxStreamDuration,proto3" json:"max_stream_duration,omitempty"`
+}
+
+func (x *RouteAction) Reset() {
+	*x = RouteAction{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_config_route_v3_route_components_proto_msgTypes[6]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *RouteAction) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*RouteAction) ProtoMessage() {}
+
+func (x *RouteAction) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_config_route_v3_route_components_proto_msgTypes[6]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use RouteAction.ProtoReflect.Descriptor instead.
+func (*RouteAction) Descriptor() ([]byte, []int) {
+	return file_envoy_config_route_v3_route_components_proto_rawDescGZIP(), []int{6}
+}
+
+func (m *RouteAction) GetClusterSpecifier() isRouteAction_ClusterSpecifier {
+	if m != nil {
+		return m.ClusterSpecifier
+	}
+	return nil
+}
+
+func (x *RouteAction) GetCluster() string {
+	if x, ok := x.GetClusterSpecifier().(*RouteAction_Cluster); ok {
+		return x.Cluster
+	}
+	return ""
+}
+
+func (x *RouteAction) GetClusterHeader() string {
+	if x, ok := x.GetClusterSpecifier().(*RouteAction_ClusterHeader); ok {
+		return x.ClusterHeader
+	}
+	return ""
+}
+
+func (x *RouteAction) GetWeightedClusters() *WeightedCluster {
+	if x, ok := x.GetClusterSpecifier().(*RouteAction_WeightedClusters); ok {
+		return x.WeightedClusters
+	}
+	return nil
+}
+
+func (x *RouteAction) GetClusterSpecifierPlugin() string {
+	if x, ok := x.GetClusterSpecifier().(*RouteAction_ClusterSpecifierPlugin); ok {
+		return x.ClusterSpecifierPlugin
+	}
+	return ""
+}
+
+func (x *RouteAction) GetClusterNotFoundResponseCode() RouteAction_ClusterNotFoundResponseCode {
+	if x != nil {
+		return x.ClusterNotFoundResponseCode
+	}
+	return RouteAction_SERVICE_UNAVAILABLE
+}
+
+func (x *RouteAction) GetMetadataMatch() *v31.Metadata {
+	if x != nil {
+		return x.MetadataMatch
+	}
+	return nil
+}
+
+func (x *RouteAction) GetPrefixRewrite() string {
+	if x != nil {
+		return x.PrefixRewrite
+	}
+	return ""
+}
+
+func (x *RouteAction) GetRegexRewrite() *v32.RegexMatchAndSubstitute {
+	if x != nil {
+		return x.RegexRewrite
+	}
+	return nil
+}
+
+func (m *RouteAction) GetHostRewriteSpecifier() isRouteAction_HostRewriteSpecifier {
+	if m != nil {
+		return m.HostRewriteSpecifier
+	}
+	return nil
+}
+
+func (x *RouteAction) GetHostRewriteLiteral() string {
+	if x, ok := x.GetHostRewriteSpecifier().(*RouteAction_HostRewriteLiteral); ok {
+		return x.HostRewriteLiteral
+	}
+	return ""
+}
+
+func (x *RouteAction) GetAutoHostRewrite() *wrappers.BoolValue {
+	if x, ok := x.GetHostRewriteSpecifier().(*RouteAction_AutoHostRewrite); ok {
+		return x.AutoHostRewrite
+	}
+	return nil
+}
+
+func (x *RouteAction) GetHostRewriteHeader() string {
+	if x, ok := x.GetHostRewriteSpecifier().(*RouteAction_HostRewriteHeader); ok {
+		return x.HostRewriteHeader
+	}
+	return ""
+}
+
+func (x *RouteAction) GetHostRewritePathRegex() *v32.RegexMatchAndSubstitute {
+	if x, ok := x.GetHostRewriteSpecifier().(*RouteAction_HostRewritePathRegex); ok {
+		return x.HostRewritePathRegex
+	}
+	return nil
+}
+
+func (x *RouteAction) GetTimeout() *duration.Duration {
+	if x != nil {
+		return x.Timeout
+	}
+	return nil
+}
+
+func (x *RouteAction) GetIdleTimeout() *duration.Duration {
+	if x != nil {
+		return x.IdleTimeout
+	}
+	return nil
+}
+
+func (x *RouteAction) GetRetryPolicy() *RetryPolicy {
+	if x != nil {
+		return x.RetryPolicy
+	}
+	return nil
+}
+
+func (x *RouteAction) GetRetryPolicyTypedConfig() *any.Any {
+	if x != nil {
+		return x.RetryPolicyTypedConfig
+	}
+	return nil
+}
+
+func (x *RouteAction) GetRequestMirrorPolicies() []*RouteAction_RequestMirrorPolicy {
+	if x != nil {
+		return x.RequestMirrorPolicies
+	}
+	return nil
+}
+
+func (x *RouteAction) GetPriority() v31.RoutingPriority {
+	if x != nil {
+		return x.Priority
+	}
+	return v31.RoutingPriority_DEFAULT
+}
+
+func (x *RouteAction) GetRateLimits() []*RateLimit {
+	if x != nil {
+		return x.RateLimits
+	}
+	return nil
+}
+
+// Deprecated: Do not use.
+func (x *RouteAction) GetIncludeVhRateLimits() *wrappers.BoolValue {
+	if x != nil {
+		return x.IncludeVhRateLimits
+	}
+	return nil
+}
+
+func (x *RouteAction) GetHashPolicy() []*RouteAction_HashPolicy {
+	if x != nil {
+		return x.HashPolicy
+	}
+	return nil
+}
+
+func (x *RouteAction) GetCors() *CorsPolicy {
+	if x != nil {
+		return x.Cors
+	}
+	return nil
+}
+
+// Deprecated: Do not use.
+func (x *RouteAction) GetMaxGrpcTimeout() *duration.Duration {
+	if x != nil {
+		return x.MaxGrpcTimeout
+	}
+	return nil
+}
+
+// Deprecated: Do not use.
+func (x *RouteAction) GetGrpcTimeoutOffset() *duration.Duration {
+	if x != nil {
+		return x.GrpcTimeoutOffset
+	}
+	return nil
+}
+
+func (x *RouteAction) GetUpgradeConfigs() []*RouteAction_UpgradeConfig {
+	if x != nil {
+		return x.UpgradeConfigs
+	}
+	return nil
+}
+
+func (x *RouteAction) GetInternalRedirectPolicy() *InternalRedirectPolicy {
+	if x != nil {
+		return x.InternalRedirectPolicy
+	}
+	return nil
+}
+
+// Deprecated: Do not use.
+func (x *RouteAction) GetInternalRedirectAction() RouteAction_InternalRedirectAction {
+	if x != nil {
+		return x.InternalRedirectAction
+	}
+	return RouteAction_PASS_THROUGH_INTERNAL_REDIRECT
+}
+
+// Deprecated: Do not use.
+func (x *RouteAction) GetMaxInternalRedirects() *wrappers.UInt32Value {
+	if x != nil {
+		return x.MaxInternalRedirects
+	}
+	return nil
+}
+
+func (x *RouteAction) GetHedgePolicy() *HedgePolicy {
+	if x != nil {
+		return x.HedgePolicy
+	}
+	return nil
+}
+
+func (x *RouteAction) GetMaxStreamDuration() *RouteAction_MaxStreamDuration {
+	if x != nil {
+		return x.MaxStreamDuration
+	}
+	return nil
+}
+
+type isRouteAction_ClusterSpecifier interface {
+	isRouteAction_ClusterSpecifier()
+}
+
+type RouteAction_Cluster struct {
+	// Indicates the upstream cluster to which the request should be routed
+	// to.
+	Cluster string `protobuf:"bytes,1,opt,name=cluster,proto3,oneof"`
+}
+
+type RouteAction_ClusterHeader struct {
+	// Envoy will determine the cluster to route to by reading the value of the
+	// HTTP header named by cluster_header from the request headers. If the
+	// header is not found or the referenced cluster does not exist, Envoy will
+	// return a 404 response.
+	//
+	// .. attention::
+	//
+	//   Internally, Envoy always uses the HTTP/2 *:authority* header to represent the HTTP/1
+	//   *Host* header. Thus, if attempting to match on *Host*, match on *:authority* instead.
+	//
+	// .. note::
+	//
+	//   If the header appears multiple times only the first value is used.
+	ClusterHeader string `protobuf:"bytes,2,opt,name=cluster_header,json=clusterHeader,proto3,oneof"`
+}
+
+type RouteAction_WeightedClusters struct {
+	// Multiple upstream clusters can be specified for a given route. The
+	// request is routed to one of the upstream clusters based on weights
+	// assigned to each cluster. See
+	// :ref:`traffic splitting <config_http_conn_man_route_table_traffic_splitting_split>`
+	// for additional documentation.
+	WeightedClusters *WeightedCluster `protobuf:"bytes,3,opt,name=weighted_clusters,json=weightedClusters,proto3,oneof"`
+}
+
+type RouteAction_ClusterSpecifierPlugin struct {
+	// [#not-implemented-hide:]
+	// Name of the cluster specifier plugin to use to determine the cluster for
+	// requests on this route. The plugin name must be defined in the associated
+	// :ref:`envoy_v3_api_field_config.route.v3.RouteConfiguration.cluster_specifier_plugins`
+	// in the
+	// :ref:`envoy_v3_api_field_config.core.v3.TypedExtensionConfig.name` field.
+	ClusterSpecifierPlugin string `protobuf:"bytes,37,opt,name=cluster_specifier_plugin,json=clusterSpecifierPlugin,proto3,oneof"`
+}
+
+func (*RouteAction_Cluster) isRouteAction_ClusterSpecifier() {}
+
+func (*RouteAction_ClusterHeader) isRouteAction_ClusterSpecifier() {}
+
+func (*RouteAction_WeightedClusters) isRouteAction_ClusterSpecifier() {}
+
+func (*RouteAction_ClusterSpecifierPlugin) isRouteAction_ClusterSpecifier() {}
+
+type isRouteAction_HostRewriteSpecifier interface {
+	isRouteAction_HostRewriteSpecifier()
+}
+
+type RouteAction_HostRewriteLiteral struct {
+	// Indicates that during forwarding, the host header will be swapped with
+	// this value.
+	HostRewriteLiteral string `protobuf:"bytes,6,opt,name=host_rewrite_literal,json=hostRewriteLiteral,proto3,oneof"`
+}
+
+type RouteAction_AutoHostRewrite struct {
+	// Indicates that during forwarding, the host header will be swapped with
+	// the hostname of the upstream host chosen by the cluster manager. This
+	// option is applicable only when the destination cluster for a route is of
+	// type *strict_dns* or *logical_dns*. Setting this to true with other cluster
+	// types has no effect.
+	AutoHostRewrite *wrappers.BoolValue `protobuf:"bytes,7,opt,name=auto_host_rewrite,json=autoHostRewrite,proto3,oneof"`
+}
+
+type RouteAction_HostRewriteHeader struct {
+	// Indicates that during forwarding, the host header will be swapped with the content of given
+	// downstream or :ref:`custom <config_http_conn_man_headers_custom_request_headers>` header.
+	// If header value is empty, host header is left intact.
+	//
+	// .. attention::
+	//
+	//   Pay attention to the potential security implications of using this option. Provided header
+	//   must come from trusted source.
+	//
+	// .. note::
+	//
+	//   If the header appears multiple times only the first value is used.
+	HostRewriteHeader string `protobuf:"bytes,29,opt,name=host_rewrite_header,json=hostRewriteHeader,proto3,oneof"`
+}
+
+type RouteAction_HostRewritePathRegex struct {
+	// Indicates that during forwarding, the host header will be swapped with
+	// the result of the regex substitution executed on path value with query and fragment removed.
+	// This is useful for transitioning variable content between path segment and subdomain.
+	//
+	// For example with the following config:
+	//
+	//   .. code-block:: yaml
+	//
+	//     host_rewrite_path_regex:
+	//       pattern:
+	//         google_re2: {}
+	//         regex: "^/(.+)/.+$"
+	//       substitution: \1
+	//
+	// Would rewrite the host header to `envoyproxy.io` given the path `/envoyproxy.io/some/path`.
+	HostRewritePathRegex *v32.RegexMatchAndSubstitute `protobuf:"bytes,35,opt,name=host_rewrite_path_regex,json=hostRewritePathRegex,proto3,oneof"`
+}
+
+func (*RouteAction_HostRewriteLiteral) isRouteAction_HostRewriteSpecifier() {}
+
+func (*RouteAction_AutoHostRewrite) isRouteAction_HostRewriteSpecifier() {}
+
+func (*RouteAction_HostRewriteHeader) isRouteAction_HostRewriteSpecifier() {}
+
+func (*RouteAction_HostRewritePathRegex) isRouteAction_HostRewriteSpecifier() {}
+
+// HTTP retry :ref:`architecture overview <arch_overview_http_routing_retry>`.
+// [#next-free-field: 14]
+type RetryPolicy struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// Specifies the conditions under which retry takes place. These are the same
+	// conditions documented for :ref:`config_http_filters_router_x-envoy-retry-on` and
+	// :ref:`config_http_filters_router_x-envoy-retry-grpc-on`.
+	RetryOn string `protobuf:"bytes,1,opt,name=retry_on,json=retryOn,proto3" json:"retry_on,omitempty"`
+	// Specifies the allowed number of retries. This parameter is optional and
+	// defaults to 1. These are the same conditions documented for
+	// :ref:`config_http_filters_router_x-envoy-max-retries`.
+	NumRetries *wrappers.UInt32Value `protobuf:"bytes,2,opt,name=num_retries,json=numRetries,proto3" json:"num_retries,omitempty"`
+	// Specifies a non-zero upstream timeout per retry attempt (including the initial attempt). This
+	// parameter is optional. The same conditions documented for
+	// :ref:`config_http_filters_router_x-envoy-upstream-rq-per-try-timeout-ms` apply.
+	//
+	// .. note::
+	//
+	//   If left unspecified, Envoy will use the global
+	//   :ref:`route timeout <envoy_v3_api_field_config.route.v3.RouteAction.timeout>` for the request.
+	//   Consequently, when using a :ref:`5xx <config_http_filters_router_x-envoy-retry-on>` based
+	//   retry policy, a request that times out will not be retried as the total timeout budget
+	//   would have been exhausted.
+	PerTryTimeout *duration.Duration `protobuf:"bytes,3,opt,name=per_try_timeout,json=perTryTimeout,proto3" json:"per_try_timeout,omitempty"`
+	// Specifies an upstream idle timeout per retry attempt (including the initial attempt). This
+	// parameter is optional and if absent there is no per try idle timeout. The semantics of the per
+	// try idle timeout are similar to the
+	// :ref:`route idle timeout <envoy_v3_api_field_config.route.v3.RouteAction.timeout>` and
+	// :ref:`stream idle timeout
+	// <envoy_v3_api_field_extensions.filters.network.http_connection_manager.v3.HttpConnectionManager.stream_idle_timeout>`
+	// both enforced by the HTTP connection manager. The difference is that this idle timeout
+	// is enforced by the router for each individual attempt and thus after all previous filters have
+	// run, as opposed to *before* all previous filters run for the other idle timeouts. This timeout
+	// is useful in cases in which total request timeout is bounded by a number of retries and a
+	// :ref:`per_try_timeout <envoy_v3_api_field_config.route.v3.RetryPolicy.per_try_timeout>`, but
+	// there is a desire to ensure each try is making incremental progress. Note also that similar
+	// to :ref:`per_try_timeout <envoy_v3_api_field_config.route.v3.RetryPolicy.per_try_timeout>`,
+	// this idle timeout does not start until after both the entire request has been received by the
+	// router *and* a connection pool connection has been obtained. Unlike
+	// :ref:`per_try_timeout <envoy_v3_api_field_config.route.v3.RetryPolicy.per_try_timeout>`,
+	// the idle timer continues once the response starts streaming back to the downstream client.
+	// This ensures that response data continues to make progress without using one of the HTTP
+	// connection manager idle timeouts.
+	PerTryIdleTimeout *duration.Duration `protobuf:"bytes,13,opt,name=per_try_idle_timeout,json=perTryIdleTimeout,proto3" json:"per_try_idle_timeout,omitempty"`
+	// Specifies an implementation of a RetryPriority which is used to determine the
+	// distribution of load across priorities used for retries. Refer to
+	// :ref:`retry plugin configuration <arch_overview_http_retry_plugins>` for more details.
+	RetryPriority *RetryPolicy_RetryPriority `protobuf:"bytes,4,opt,name=retry_priority,json=retryPriority,proto3" json:"retry_priority,omitempty"`
+	// Specifies a collection of RetryHostPredicates that will be consulted when selecting a host
+	// for retries. If any of the predicates reject the host, host selection will be reattempted.
+	// Refer to :ref:`retry plugin configuration <arch_overview_http_retry_plugins>` for more
+	// details.
+	RetryHostPredicate []*RetryPolicy_RetryHostPredicate `protobuf:"bytes,5,rep,name=retry_host_predicate,json=retryHostPredicate,proto3" json:"retry_host_predicate,omitempty"`
+	// Retry options predicates that will be applied prior to retrying a request. These predicates
+	// allow customizing request behavior between retries.
+	// [#comment: add [#extension-category: envoy.retry_options_predicates] when there are built-in extensions]
+	RetryOptionsPredicates []*v31.TypedExtensionConfig `protobuf:"bytes,12,rep,name=retry_options_predicates,json=retryOptionsPredicates,proto3" json:"retry_options_predicates,omitempty"`
+	// The maximum number of times host selection will be reattempted before giving up, at which
+	// point the host that was last selected will be routed to. If unspecified, this will default to
+	// retrying once.
+	HostSelectionRetryMaxAttempts int64 `protobuf:"varint,6,opt,name=host_selection_retry_max_attempts,json=hostSelectionRetryMaxAttempts,proto3" json:"host_selection_retry_max_attempts,omitempty"`
+	// HTTP status codes that should trigger a retry in addition to those specified by retry_on.
+	RetriableStatusCodes []uint32 `protobuf:"varint,7,rep,packed,name=retriable_status_codes,json=retriableStatusCodes,proto3" json:"retriable_status_codes,omitempty"`
+	// Specifies parameters that control exponential retry back off. This parameter is optional, in which case the
+	// default base interval is 25 milliseconds or, if set, the current value of the
+	// `upstream.base_retry_backoff_ms` runtime parameter. The default maximum interval is 10 times
+	// the base interval. The documentation for :ref:`config_http_filters_router_x-envoy-max-retries`
+	// describes Envoy's back-off algorithm.
+	RetryBackOff *RetryPolicy_RetryBackOff `protobuf:"bytes,8,opt,name=retry_back_off,json=retryBackOff,proto3" json:"retry_back_off,omitempty"`
+	// Specifies parameters that control a retry back-off strategy that is used
+	// when the request is rate limited by the upstream server. The server may
+	// return a response header like ``Retry-After`` or ``X-RateLimit-Reset`` to
+	// provide feedback to the client on how long to wait before retrying. If
+	// configured, this back-off strategy will be used instead of the
+	// default exponential back off strategy (configured using `retry_back_off`)
+	// whenever a response includes the matching headers.
+	RateLimitedRetryBackOff *RetryPolicy_RateLimitedRetryBackOff `protobuf:"bytes,11,opt,name=rate_limited_retry_back_off,json=rateLimitedRetryBackOff,proto3" json:"rate_limited_retry_back_off,omitempty"`
+	// HTTP response headers that trigger a retry if present in the response. A retry will be
+	// triggered if any of the header matches match the upstream response headers.
+	// The field is only consulted if 'retriable-headers' retry policy is active.
+	RetriableHeaders []*HeaderMatcher `protobuf:"bytes,9,rep,name=retriable_headers,json=retriableHeaders,proto3" json:"retriable_headers,omitempty"`
+	// HTTP headers which must be present in the request for retries to be attempted.
+	RetriableRequestHeaders []*HeaderMatcher `protobuf:"bytes,10,rep,name=retriable_request_headers,json=retriableRequestHeaders,proto3" json:"retriable_request_headers,omitempty"`
+}
+
+func (x *RetryPolicy) Reset() {
+	*x = RetryPolicy{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_config_route_v3_route_components_proto_msgTypes[7]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *RetryPolicy) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*RetryPolicy) ProtoMessage() {}
+
+func (x *RetryPolicy) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_config_route_v3_route_components_proto_msgTypes[7]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use RetryPolicy.ProtoReflect.Descriptor instead.
+func (*RetryPolicy) Descriptor() ([]byte, []int) {
+	return file_envoy_config_route_v3_route_components_proto_rawDescGZIP(), []int{7}
+}
+
+func (x *RetryPolicy) GetRetryOn() string {
+	if x != nil {
+		return x.RetryOn
+	}
+	return ""
+}
+
+func (x *RetryPolicy) GetNumRetries() *wrappers.UInt32Value {
+	if x != nil {
+		return x.NumRetries
+	}
+	return nil
+}
+
+func (x *RetryPolicy) GetPerTryTimeout() *duration.Duration {
+	if x != nil {
+		return x.PerTryTimeout
+	}
+	return nil
+}
+
+func (x *RetryPolicy) GetPerTryIdleTimeout() *duration.Duration {
+	if x != nil {
+		return x.PerTryIdleTimeout
+	}
+	return nil
+}
+
+func (x *RetryPolicy) GetRetryPriority() *RetryPolicy_RetryPriority {
+	if x != nil {
+		return x.RetryPriority
+	}
+	return nil
+}
+
+func (x *RetryPolicy) GetRetryHostPredicate() []*RetryPolicy_RetryHostPredicate {
+	if x != nil {
+		return x.RetryHostPredicate
+	}
+	return nil
+}
+
+func (x *RetryPolicy) GetRetryOptionsPredicates() []*v31.TypedExtensionConfig {
+	if x != nil {
+		return x.RetryOptionsPredicates
+	}
+	return nil
+}
+
+func (x *RetryPolicy) GetHostSelectionRetryMaxAttempts() int64 {
+	if x != nil {
+		return x.HostSelectionRetryMaxAttempts
+	}
+	return 0
+}
+
+func (x *RetryPolicy) GetRetriableStatusCodes() []uint32 {
+	if x != nil {
+		return x.RetriableStatusCodes
+	}
+	return nil
+}
+
+func (x *RetryPolicy) GetRetryBackOff() *RetryPolicy_RetryBackOff {
+	if x != nil {
+		return x.RetryBackOff
+	}
+	return nil
+}
+
+func (x *RetryPolicy) GetRateLimitedRetryBackOff() *RetryPolicy_RateLimitedRetryBackOff {
+	if x != nil {
+		return x.RateLimitedRetryBackOff
+	}
+	return nil
+}
+
+func (x *RetryPolicy) GetRetriableHeaders() []*HeaderMatcher {
+	if x != nil {
+		return x.RetriableHeaders
+	}
+	return nil
+}
+
+func (x *RetryPolicy) GetRetriableRequestHeaders() []*HeaderMatcher {
+	if x != nil {
+		return x.RetriableRequestHeaders
+	}
+	return nil
+}
+
+// HTTP request hedging :ref:`architecture overview <arch_overview_http_routing_hedging>`.
+type HedgePolicy struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// Specifies the number of initial requests that should be sent upstream.
+	// Must be at least 1.
+	// Defaults to 1.
+	// [#not-implemented-hide:]
+	InitialRequests *wrappers.UInt32Value `protobuf:"bytes,1,opt,name=initial_requests,json=initialRequests,proto3" json:"initial_requests,omitempty"`
+	// Specifies a probability that an additional upstream request should be sent
+	// on top of what is specified by initial_requests.
+	// Defaults to 0.
+	// [#not-implemented-hide:]
+	AdditionalRequestChance *v33.FractionalPercent `protobuf:"bytes,2,opt,name=additional_request_chance,json=additionalRequestChance,proto3" json:"additional_request_chance,omitempty"`
+	// Indicates that a hedged request should be sent when the per-try timeout is hit.
+	// This means that a retry will be issued without resetting the original request, leaving multiple upstream requests in flight.
+	// The first request to complete successfully will be the one returned to the caller.
+	//
+	// * At any time, a successful response (i.e. not triggering any of the retry-on conditions) would be returned to the client.
+	// * Before per-try timeout, an error response (per retry-on conditions) would be retried immediately or returned ot the client
+	//   if there are no more retries left.
+	// * After per-try timeout, an error response would be discarded, as a retry in the form of a hedged request is already in progress.
+	//
+	// Note: For this to have effect, you must have a :ref:`RetryPolicy <envoy_v3_api_msg_config.route.v3.RetryPolicy>` that retries at least
+	// one error code and specifies a maximum number of retries.
+	//
+	// Defaults to false.
+	HedgeOnPerTryTimeout bool `protobuf:"varint,3,opt,name=hedge_on_per_try_timeout,json=hedgeOnPerTryTimeout,proto3" json:"hedge_on_per_try_timeout,omitempty"`
+}
+
+func (x *HedgePolicy) Reset() {
+	*x = HedgePolicy{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_config_route_v3_route_components_proto_msgTypes[8]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *HedgePolicy) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*HedgePolicy) ProtoMessage() {}
+
+func (x *HedgePolicy) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_config_route_v3_route_components_proto_msgTypes[8]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use HedgePolicy.ProtoReflect.Descriptor instead.
+func (*HedgePolicy) Descriptor() ([]byte, []int) {
+	return file_envoy_config_route_v3_route_components_proto_rawDescGZIP(), []int{8}
+}
+
+func (x *HedgePolicy) GetInitialRequests() *wrappers.UInt32Value {
+	if x != nil {
+		return x.InitialRequests
+	}
+	return nil
+}
+
+func (x *HedgePolicy) GetAdditionalRequestChance() *v33.FractionalPercent {
+	if x != nil {
+		return x.AdditionalRequestChance
+	}
+	return nil
+}
+
+func (x *HedgePolicy) GetHedgeOnPerTryTimeout() bool {
+	if x != nil {
+		return x.HedgeOnPerTryTimeout
+	}
+	return false
+}
+
+// [#next-free-field: 10]
+type RedirectAction struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// When the scheme redirection take place, the following rules apply:
+	//  1. If the source URI scheme is `http` and the port is explicitly
+	//     set to `:80`, the port will be removed after the redirection
+	//  2. If the source URI scheme is `https` and the port is explicitly
+	//     set to `:443`, the port will be removed after the redirection
+	//
+	// Types that are assignable to SchemeRewriteSpecifier:
+	//	*RedirectAction_HttpsRedirect
+	//	*RedirectAction_SchemeRedirect
+	SchemeRewriteSpecifier isRedirectAction_SchemeRewriteSpecifier `protobuf_oneof:"scheme_rewrite_specifier"`
+	// The host portion of the URL will be swapped with this value.
+	HostRedirect string `protobuf:"bytes,1,opt,name=host_redirect,json=hostRedirect,proto3" json:"host_redirect,omitempty"`
+	// The port value of the URL will be swapped with this value.
+	PortRedirect uint32 `protobuf:"varint,8,opt,name=port_redirect,json=portRedirect,proto3" json:"port_redirect,omitempty"`
+	// Types that are assignable to PathRewriteSpecifier:
+	//	*RedirectAction_PathRedirect
+	//	*RedirectAction_PrefixRewrite
+	//	*RedirectAction_RegexRewrite
+	PathRewriteSpecifier isRedirectAction_PathRewriteSpecifier `protobuf_oneof:"path_rewrite_specifier"`
+	// The HTTP status code to use in the redirect response. The default response
+	// code is MOVED_PERMANENTLY (301).
+	ResponseCode RedirectAction_RedirectResponseCode `protobuf:"varint,3,opt,name=response_code,json=responseCode,proto3,enum=envoy.config.route.v3.RedirectAction_RedirectResponseCode" json:"response_code,omitempty"`
+	// Indicates that during redirection, the query portion of the URL will
+	// be removed. Default value is false.
+	StripQuery bool `protobuf:"varint,6,opt,name=strip_query,json=stripQuery,proto3" json:"strip_query,omitempty"`
+}
+
+func (x *RedirectAction) Reset() {
+	*x = RedirectAction{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_config_route_v3_route_components_proto_msgTypes[9]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *RedirectAction) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*RedirectAction) ProtoMessage() {}
+
+func (x *RedirectAction) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_config_route_v3_route_components_proto_msgTypes[9]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use RedirectAction.ProtoReflect.Descriptor instead.
+func (*RedirectAction) Descriptor() ([]byte, []int) {
+	return file_envoy_config_route_v3_route_components_proto_rawDescGZIP(), []int{9}
+}
+
+func (m *RedirectAction) GetSchemeRewriteSpecifier() isRedirectAction_SchemeRewriteSpecifier {
+	if m != nil {
+		return m.SchemeRewriteSpecifier
+	}
+	return nil
+}
+
+func (x *RedirectAction) GetHttpsRedirect() bool {
+	if x, ok := x.GetSchemeRewriteSpecifier().(*RedirectAction_HttpsRedirect); ok {
+		return x.HttpsRedirect
+	}
+	return false
+}
+
+func (x *RedirectAction) GetSchemeRedirect() string {
+	if x, ok := x.GetSchemeRewriteSpecifier().(*RedirectAction_SchemeRedirect); ok {
+		return x.SchemeRedirect
+	}
+	return ""
+}
+
+func (x *RedirectAction) GetHostRedirect() string {
+	if x != nil {
+		return x.HostRedirect
+	}
+	return ""
+}
+
+func (x *RedirectAction) GetPortRedirect() uint32 {
+	if x != nil {
+		return x.PortRedirect
+	}
+	return 0
+}
+
+func (m *RedirectAction) GetPathRewriteSpecifier() isRedirectAction_PathRewriteSpecifier {
+	if m != nil {
+		return m.PathRewriteSpecifier
+	}
+	return nil
+}
+
+func (x *RedirectAction) GetPathRedirect() string {
+	if x, ok := x.GetPathRewriteSpecifier().(*RedirectAction_PathRedirect); ok {
+		return x.PathRedirect
+	}
+	return ""
+}
+
+func (x *RedirectAction) GetPrefixRewrite() string {
+	if x, ok := x.GetPathRewriteSpecifier().(*RedirectAction_PrefixRewrite); ok {
+		return x.PrefixRewrite
+	}
+	return ""
+}
+
+func (x *RedirectAction) GetRegexRewrite() *v32.RegexMatchAndSubstitute {
+	if x, ok := x.GetPathRewriteSpecifier().(*RedirectAction_RegexRewrite); ok {
+		return x.RegexRewrite
+	}
+	return nil
+}
+
+func (x *RedirectAction) GetResponseCode() RedirectAction_RedirectResponseCode {
+	if x != nil {
+		return x.ResponseCode
+	}
+	return RedirectAction_MOVED_PERMANENTLY
+}
+
+func (x *RedirectAction) GetStripQuery() bool {
+	if x != nil {
+		return x.StripQuery
+	}
+	return false
+}
+
+type isRedirectAction_SchemeRewriteSpecifier interface {
+	isRedirectAction_SchemeRewriteSpecifier()
+}
+
+type RedirectAction_HttpsRedirect struct {
+	// The scheme portion of the URL will be swapped with "https".
+	HttpsRedirect bool `protobuf:"varint,4,opt,name=https_redirect,json=httpsRedirect,proto3,oneof"`
+}
+
+type RedirectAction_SchemeRedirect struct {
+	// The scheme portion of the URL will be swapped with this value.
+	SchemeRedirect string `protobuf:"bytes,7,opt,name=scheme_redirect,json=schemeRedirect,proto3,oneof"`
+}
+
+func (*RedirectAction_HttpsRedirect) isRedirectAction_SchemeRewriteSpecifier() {}
+
+func (*RedirectAction_SchemeRedirect) isRedirectAction_SchemeRewriteSpecifier() {}
+
+type isRedirectAction_PathRewriteSpecifier interface {
+	isRedirectAction_PathRewriteSpecifier()
+}
+
+type RedirectAction_PathRedirect struct {
+	// The path portion of the URL will be swapped with this value.
+	// Please note that query string in path_redirect will override the
+	// request's query string and will not be stripped.
+	//
+	// For example, let's say we have the following routes:
+	//
+	// - match: { path: "/old-path-1" }
+	//   redirect: { path_redirect: "/new-path-1" }
+	// - match: { path: "/old-path-2" }
+	//   redirect: { path_redirect: "/new-path-2", strip-query: "true" }
+	// - match: { path: "/old-path-3" }
+	//   redirect: { path_redirect: "/new-path-3?foo=1", strip_query: "true" }
+	//
+	// 1. if request uri is "/old-path-1?bar=1", users will be redirected to "/new-path-1?bar=1"
+	// 2. if request uri is "/old-path-2?bar=1", users will be redirected to "/new-path-2"
+	// 3. if request uri is "/old-path-3?bar=1", users will be redirected to "/new-path-3?foo=1"
+	PathRedirect string `protobuf:"bytes,2,opt,name=path_redirect,json=pathRedirect,proto3,oneof"`
+}
+
+type RedirectAction_PrefixRewrite struct {
+	// Indicates that during redirection, the matched prefix (or path)
+	// should be swapped with this value. This option allows redirect URLs be dynamically created
+	// based on the request.
+	//
+	// .. attention::
+	//
+	//   Pay attention to the use of trailing slashes as mentioned in
+	//   :ref:`RouteAction's prefix_rewrite <envoy_v3_api_field_config.route.v3.RouteAction.prefix_rewrite>`.
+	PrefixRewrite string `protobuf:"bytes,5,opt,name=prefix_rewrite,json=prefixRewrite,proto3,oneof"`
+}
+
+type RedirectAction_RegexRewrite struct {
+	// Indicates that during redirect, portions of the path that match the
+	// pattern should be rewritten, even allowing the substitution of capture
+	// groups from the pattern into the new path as specified by the rewrite
+	// substitution string. This is useful to allow application paths to be
+	// rewritten in a way that is aware of segments with variable content like
+	// identifiers.
+	//
+	// Examples using Google's `RE2 <https://github.com/google/re2>`_ engine:
+	//
+	// * The path pattern ``^/service/([^/]+)(/.*)$`` paired with a substitution
+	//   string of ``\2/instance/\1`` would transform ``/service/foo/v1/api``
+	//   into ``/v1/api/instance/foo``.
+	//
+	// * The pattern ``one`` paired with a substitution string of ``two`` would
+	//   transform ``/xxx/one/yyy/one/zzz`` into ``/xxx/two/yyy/two/zzz``.
+	//
+	// * The pattern ``^(.*?)one(.*)$`` paired with a substitution string of
+	//   ``\1two\2`` would replace only the first occurrence of ``one``,
+	//   transforming path ``/xxx/one/yyy/one/zzz`` into ``/xxx/two/yyy/one/zzz``.
+	//
+	// * The pattern ``(?i)/xxx/`` paired with a substitution string of ``/yyy/``
+	//   would do a case-insensitive match and transform path ``/aaa/XxX/bbb`` to
+	//   ``/aaa/yyy/bbb``.
+	RegexRewrite *v32.RegexMatchAndSubstitute `protobuf:"bytes,9,opt,name=regex_rewrite,json=regexRewrite,proto3,oneof"`
+}
+
+func (*RedirectAction_PathRedirect) isRedirectAction_PathRewriteSpecifier() {}
+
+func (*RedirectAction_PrefixRewrite) isRedirectAction_PathRewriteSpecifier() {}
+
+func (*RedirectAction_RegexRewrite) isRedirectAction_PathRewriteSpecifier() {}
+
+type DirectResponseAction struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// Specifies the HTTP response status to be returned.
+	Status uint32 `protobuf:"varint,1,opt,name=status,proto3" json:"status,omitempty"`
+	// Specifies the content of the response body. If this setting is omitted,
+	// no body is included in the generated response.
+	//
+	// .. note::
+	//
+	//   Headers can be specified using *response_headers_to_add* in the enclosing
+	//   :ref:`envoy_v3_api_msg_config.route.v3.Route`, :ref:`envoy_v3_api_msg_config.route.v3.RouteConfiguration` or
+	//   :ref:`envoy_v3_api_msg_config.route.v3.VirtualHost`.
+	Body *v31.DataSource `protobuf:"bytes,2,opt,name=body,proto3" json:"body,omitempty"`
+}
+
+func (x *DirectResponseAction) Reset() {
+	*x = DirectResponseAction{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_config_route_v3_route_components_proto_msgTypes[10]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *DirectResponseAction) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*DirectResponseAction) ProtoMessage() {}
+
+func (x *DirectResponseAction) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_config_route_v3_route_components_proto_msgTypes[10]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use DirectResponseAction.ProtoReflect.Descriptor instead.
+func (*DirectResponseAction) Descriptor() ([]byte, []int) {
+	return file_envoy_config_route_v3_route_components_proto_rawDescGZIP(), []int{10}
+}
+
+func (x *DirectResponseAction) GetStatus() uint32 {
+	if x != nil {
+		return x.Status
+	}
+	return 0
+}
+
+func (x *DirectResponseAction) GetBody() *v31.DataSource {
+	if x != nil {
+		return x.Body
+	}
+	return nil
+}
+
+// [#not-implemented-hide:]
+type NonForwardingAction struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+}
+
+func (x *NonForwardingAction) Reset() {
+	*x = NonForwardingAction{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_config_route_v3_route_components_proto_msgTypes[11]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *NonForwardingAction) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*NonForwardingAction) ProtoMessage() {}
+
+func (x *NonForwardingAction) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_config_route_v3_route_components_proto_msgTypes[11]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use NonForwardingAction.ProtoReflect.Descriptor instead.
+func (*NonForwardingAction) Descriptor() ([]byte, []int) {
+	return file_envoy_config_route_v3_route_components_proto_rawDescGZIP(), []int{11}
+}
+
+type Decorator struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// The operation name associated with the request matched to this route. If tracing is
+	// enabled, this information will be used as the span name reported for this request.
+	//
+	// .. note::
+	//
+	//   For ingress (inbound) requests, or egress (outbound) responses, this value may be overridden
+	//   by the :ref:`x-envoy-decorator-operation
+	//   <config_http_filters_router_x-envoy-decorator-operation>` header.
+	Operation string `protobuf:"bytes,1,opt,name=operation,proto3" json:"operation,omitempty"`
+	// Whether the decorated details should be propagated to the other party. The default is true.
+	Propagate *wrappers.BoolValue `protobuf:"bytes,2,opt,name=propagate,proto3" json:"propagate,omitempty"`
+}
+
+func (x *Decorator) Reset() {
+	*x = Decorator{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_config_route_v3_route_components_proto_msgTypes[12]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *Decorator) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*Decorator) ProtoMessage() {}
+
+func (x *Decorator) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_config_route_v3_route_components_proto_msgTypes[12]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use Decorator.ProtoReflect.Descriptor instead.
+func (*Decorator) Descriptor() ([]byte, []int) {
+	return file_envoy_config_route_v3_route_components_proto_rawDescGZIP(), []int{12}
+}
+
+func (x *Decorator) GetOperation() string {
+	if x != nil {
+		return x.Operation
+	}
+	return ""
+}
+
+func (x *Decorator) GetPropagate() *wrappers.BoolValue {
+	if x != nil {
+		return x.Propagate
+	}
+	return nil
+}
+
+type Tracing struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// Target percentage of requests managed by this HTTP connection manager that will be force
+	// traced if the :ref:`x-client-trace-id <config_http_conn_man_headers_x-client-trace-id>`
+	// header is set. This field is a direct analog for the runtime variable
+	// 'tracing.client_sampling' in the :ref:`HTTP Connection Manager
+	// <config_http_conn_man_runtime>`.
+	// Default: 100%
+	ClientSampling *v33.FractionalPercent `protobuf:"bytes,1,opt,name=client_sampling,json=clientSampling,proto3" json:"client_sampling,omitempty"`
+	// Target percentage of requests managed by this HTTP connection manager that will be randomly
+	// selected for trace generation, if not requested by the client or not forced. This field is
+	// a direct analog for the runtime variable 'tracing.random_sampling' in the
+	// :ref:`HTTP Connection Manager <config_http_conn_man_runtime>`.
+	// Default: 100%
+	RandomSampling *v33.FractionalPercent `protobuf:"bytes,2,opt,name=random_sampling,json=randomSampling,proto3" json:"random_sampling,omitempty"`
+	// Target percentage of requests managed by this HTTP connection manager that will be traced
+	// after all other sampling checks have been applied (client-directed, force tracing, random
+	// sampling). This field functions as an upper limit on the total configured sampling rate. For
+	// instance, setting client_sampling to 100% but overall_sampling to 1% will result in only 1%
+	// of client requests with the appropriate headers to be force traced. This field is a direct
+	// analog for the runtime variable 'tracing.global_enabled' in the
+	// :ref:`HTTP Connection Manager <config_http_conn_man_runtime>`.
+	// Default: 100%
+	OverallSampling *v33.FractionalPercent `protobuf:"bytes,3,opt,name=overall_sampling,json=overallSampling,proto3" json:"overall_sampling,omitempty"`
+	// A list of custom tags with unique tag name to create tags for the active span.
+	// It will take effect after merging with the :ref:`corresponding configuration
+	// <envoy_v3_api_field_extensions.filters.network.http_connection_manager.v3.HttpConnectionManager.Tracing.custom_tags>`
+	// configured in the HTTP connection manager. If two tags with the same name are configured
+	// each in the HTTP connection manager and the route level, the one configured here takes
+	// priority.
+	CustomTags []*v34.CustomTag `protobuf:"bytes,4,rep,name=custom_tags,json=customTags,proto3" json:"custom_tags,omitempty"`
+}
+
+func (x *Tracing) Reset() {
+	*x = Tracing{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_config_route_v3_route_components_proto_msgTypes[13]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *Tracing) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*Tracing) ProtoMessage() {}
+
+func (x *Tracing) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_config_route_v3_route_components_proto_msgTypes[13]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use Tracing.ProtoReflect.Descriptor instead.
+func (*Tracing) Descriptor() ([]byte, []int) {
+	return file_envoy_config_route_v3_route_components_proto_rawDescGZIP(), []int{13}
+}
+
+func (x *Tracing) GetClientSampling() *v33.FractionalPercent {
+	if x != nil {
+		return x.ClientSampling
+	}
+	return nil
+}
+
+func (x *Tracing) GetRandomSampling() *v33.FractionalPercent {
+	if x != nil {
+		return x.RandomSampling
+	}
+	return nil
+}
+
+func (x *Tracing) GetOverallSampling() *v33.FractionalPercent {
+	if x != nil {
+		return x.OverallSampling
+	}
+	return nil
+}
+
+func (x *Tracing) GetCustomTags() []*v34.CustomTag {
+	if x != nil {
+		return x.CustomTags
+	}
+	return nil
+}
+
+// A virtual cluster is a way of specifying a regex matching rule against
+// certain important endpoints such that statistics are generated explicitly for
+// the matched requests. The reason this is useful is that when doing
+// prefix/path matching Envoy does not always know what the application
+// considers to be an endpoint. Thus, it’s impossible for Envoy to generically
+// emit per endpoint statistics. However, often systems have highly critical
+// endpoints that they wish to get “perfect” statistics on. Virtual cluster
+// statistics are perfect in the sense that they are emitted on the downstream
+// side such that they include network level failures.
+//
+// Documentation for :ref:`virtual cluster statistics <config_http_filters_router_vcluster_stats>`.
+//
+// .. note::
+//
+//    Virtual clusters are a useful tool, but we do not recommend setting up a virtual cluster for
+//    every application endpoint. This is both not easily maintainable and as well the matching and
+//    statistics output are not free.
+type VirtualCluster struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// Specifies a list of header matchers to use for matching requests. Each specified header must
+	// match. The pseudo-headers `:path` and `:method` can be used to match the request path and
+	// method, respectively.
+	Headers []*HeaderMatcher `protobuf:"bytes,4,rep,name=headers,proto3" json:"headers,omitempty"`
+	// Specifies the name of the virtual cluster. The virtual cluster name as well
+	// as the virtual host name are used when emitting statistics. The statistics are emitted by the
+	// router filter and are documented :ref:`here <config_http_filters_router_stats>`.
+	Name string `protobuf:"bytes,2,opt,name=name,proto3" json:"name,omitempty"`
+}
+
+func (x *VirtualCluster) Reset() {
+	*x = VirtualCluster{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_config_route_v3_route_components_proto_msgTypes[14]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *VirtualCluster) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*VirtualCluster) ProtoMessage() {}
+
+func (x *VirtualCluster) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_config_route_v3_route_components_proto_msgTypes[14]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use VirtualCluster.ProtoReflect.Descriptor instead.
+func (*VirtualCluster) Descriptor() ([]byte, []int) {
+	return file_envoy_config_route_v3_route_components_proto_rawDescGZIP(), []int{14}
+}
+
+func (x *VirtualCluster) GetHeaders() []*HeaderMatcher {
+	if x != nil {
+		return x.Headers
+	}
+	return nil
+}
+
+func (x *VirtualCluster) GetName() string {
+	if x != nil {
+		return x.Name
+	}
+	return ""
+}
+
+// Global rate limiting :ref:`architecture overview <arch_overview_global_rate_limit>`.
+// Also applies to Local rate limiting :ref:`using descriptors <config_http_filters_local_rate_limit_descriptors>`.
+type RateLimit struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// Refers to the stage set in the filter. The rate limit configuration only
+	// applies to filters with the same stage number. The default stage number is
+	// 0.
+	//
+	// .. note::
+	//
+	//   The filter supports a range of 0 - 10 inclusively for stage numbers.
+	Stage *wrappers.UInt32Value `protobuf:"bytes,1,opt,name=stage,proto3" json:"stage,omitempty"`
+	// The key to be set in runtime to disable this rate limit configuration.
+	DisableKey string `protobuf:"bytes,2,opt,name=disable_key,json=disableKey,proto3" json:"disable_key,omitempty"`
+	// A list of actions that are to be applied for this rate limit configuration.
+	// Order matters as the actions are processed sequentially and the descriptor
+	// is composed by appending descriptor entries in that sequence. If an action
+	// cannot append a descriptor entry, no descriptor is generated for the
+	// configuration. See :ref:`composing actions
+	// <config_http_filters_rate_limit_composing_actions>` for additional documentation.
+	Actions []*RateLimit_Action `protobuf:"bytes,3,rep,name=actions,proto3" json:"actions,omitempty"`
+	// An optional limit override to be appended to the descriptor produced by this
+	// rate limit configuration. If the override value is invalid or cannot be resolved
+	// from metadata, no override is provided. See :ref:`rate limit override
+	// <config_http_filters_rate_limit_rate_limit_override>` for more information.
+	Limit *RateLimit_Override `protobuf:"bytes,4,opt,name=limit,proto3" json:"limit,omitempty"`
+}
+
+func (x *RateLimit) Reset() {
+	*x = RateLimit{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_config_route_v3_route_components_proto_msgTypes[15]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *RateLimit) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*RateLimit) ProtoMessage() {}
+
+func (x *RateLimit) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_config_route_v3_route_components_proto_msgTypes[15]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use RateLimit.ProtoReflect.Descriptor instead.
+func (*RateLimit) Descriptor() ([]byte, []int) {
+	return file_envoy_config_route_v3_route_components_proto_rawDescGZIP(), []int{15}
+}
+
+func (x *RateLimit) GetStage() *wrappers.UInt32Value {
+	if x != nil {
+		return x.Stage
+	}
+	return nil
+}
+
+func (x *RateLimit) GetDisableKey() string {
+	if x != nil {
+		return x.DisableKey
+	}
+	return ""
+}
+
+func (x *RateLimit) GetActions() []*RateLimit_Action {
+	if x != nil {
+		return x.Actions
+	}
+	return nil
+}
+
+func (x *RateLimit) GetLimit() *RateLimit_Override {
+	if x != nil {
+		return x.Limit
+	}
+	return nil
+}
+
+// .. attention::
+//
+//   Internally, Envoy always uses the HTTP/2 *:authority* header to represent the HTTP/1 *Host*
+//   header. Thus, if attempting to match on *Host*, match on *:authority* instead.
+//
+// .. attention::
+//
+//   To route on HTTP method, use the special HTTP/2 *:method* header. This works for both
+//   HTTP/1 and HTTP/2 as Envoy normalizes headers. E.g.,
+//
+//   .. code-block:: json
+//
+//     {
+//       "name": ":method",
+//       "exact_match": "POST"
+//     }
+//
+// .. attention::
+//   In the absence of any header match specifier, match will default to :ref:`present_match
+//   <envoy_v3_api_field_config.route.v3.HeaderMatcher.present_match>`. i.e, a request that has the :ref:`name
+//   <envoy_v3_api_field_config.route.v3.HeaderMatcher.name>` header will match, regardless of the header's
+//   value.
+//
+//  [#next-major-version: HeaderMatcher should be refactored to use StringMatcher.]
+// [#next-free-field: 14]
+type HeaderMatcher struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// Specifies the name of the header in the request.
+	Name string `protobuf:"bytes,1,opt,name=name,proto3" json:"name,omitempty"`
+	// Specifies how the header match will be performed to route the request.
+	//
+	// Types that are assignable to HeaderMatchSpecifier:
+	//	*HeaderMatcher_ExactMatch
+	//	*HeaderMatcher_SafeRegexMatch
+	//	*HeaderMatcher_RangeMatch
+	//	*HeaderMatcher_PresentMatch
+	//	*HeaderMatcher_PrefixMatch
+	//	*HeaderMatcher_SuffixMatch
+	//	*HeaderMatcher_ContainsMatch
+	//	*HeaderMatcher_StringMatch
+	HeaderMatchSpecifier isHeaderMatcher_HeaderMatchSpecifier `protobuf_oneof:"header_match_specifier"`
+	// If specified, the match result will be inverted before checking. Defaults to false.
+	//
+	// Examples:
+	//
+	// * The regex ``\d{3}`` does not match the value *1234*, so it will match when inverted.
+	// * The range [-10,0) will match the value -1, so it will not match when inverted.
+	InvertMatch bool `protobuf:"varint,8,opt,name=invert_match,json=invertMatch,proto3" json:"invert_match,omitempty"`
+}
+
+func (x *HeaderMatcher) Reset() {
+	*x = HeaderMatcher{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_config_route_v3_route_components_proto_msgTypes[16]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *HeaderMatcher) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*HeaderMatcher) ProtoMessage() {}
+
+func (x *HeaderMatcher) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_config_route_v3_route_components_proto_msgTypes[16]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use HeaderMatcher.ProtoReflect.Descriptor instead.
+func (*HeaderMatcher) Descriptor() ([]byte, []int) {
+	return file_envoy_config_route_v3_route_components_proto_rawDescGZIP(), []int{16}
+}
+
+func (x *HeaderMatcher) GetName() string {
+	if x != nil {
+		return x.Name
+	}
+	return ""
+}
+
+func (m *HeaderMatcher) GetHeaderMatchSpecifier() isHeaderMatcher_HeaderMatchSpecifier {
+	if m != nil {
+		return m.HeaderMatchSpecifier
+	}
+	return nil
+}
+
+// Deprecated: Do not use.
+func (x *HeaderMatcher) GetExactMatch() string {
+	if x, ok := x.GetHeaderMatchSpecifier().(*HeaderMatcher_ExactMatch); ok {
+		return x.ExactMatch
+	}
+	return ""
+}
+
+// Deprecated: Do not use.
+func (x *HeaderMatcher) GetSafeRegexMatch() *v32.RegexMatcher {
+	if x, ok := x.GetHeaderMatchSpecifier().(*HeaderMatcher_SafeRegexMatch); ok {
+		return x.SafeRegexMatch
+	}
+	return nil
+}
+
+func (x *HeaderMatcher) GetRangeMatch() *v33.Int64Range {
+	if x, ok := x.GetHeaderMatchSpecifier().(*HeaderMatcher_RangeMatch); ok {
+		return x.RangeMatch
+	}
+	return nil
+}
+
+func (x *HeaderMatcher) GetPresentMatch() bool {
+	if x, ok := x.GetHeaderMatchSpecifier().(*HeaderMatcher_PresentMatch); ok {
+		return x.PresentMatch
+	}
+	return false
+}
+
+// Deprecated: Do not use.
+func (x *HeaderMatcher) GetPrefixMatch() string {
+	if x, ok := x.GetHeaderMatchSpecifier().(*HeaderMatcher_PrefixMatch); ok {
+		return x.PrefixMatch
+	}
+	return ""
+}
+
+// Deprecated: Do not use.
+func (x *HeaderMatcher) GetSuffixMatch() string {
+	if x, ok := x.GetHeaderMatchSpecifier().(*HeaderMatcher_SuffixMatch); ok {
+		return x.SuffixMatch
+	}
+	return ""
+}
+
+// Deprecated: Do not use.
+func (x *HeaderMatcher) GetContainsMatch() string {
+	if x, ok := x.GetHeaderMatchSpecifier().(*HeaderMatcher_ContainsMatch); ok {
+		return x.ContainsMatch
+	}
+	return ""
+}
+
+func (x *HeaderMatcher) GetStringMatch() *v32.StringMatcher {
+	if x, ok := x.GetHeaderMatchSpecifier().(*HeaderMatcher_StringMatch); ok {
+		return x.StringMatch
+	}
+	return nil
+}
+
+func (x *HeaderMatcher) GetInvertMatch() bool {
+	if x != nil {
+		return x.InvertMatch
+	}
+	return false
+}
+
+type isHeaderMatcher_HeaderMatchSpecifier interface {
+	isHeaderMatcher_HeaderMatchSpecifier()
+}
+
+type HeaderMatcher_ExactMatch struct {
+	// If specified, header match will be performed based on the value of the header.
+	// This field is deprecated. Please use :ref:`string_match <envoy_v3_api_field_config.route.v3.HeaderMatcher.string_match>`.
+	//
+	// Deprecated: Do not use.
+	ExactMatch string `protobuf:"bytes,4,opt,name=exact_match,json=exactMatch,proto3,oneof"`
+}
+
+type HeaderMatcher_SafeRegexMatch struct {
+	// If specified, this regex string is a regular expression rule which implies the entire request
+	// header value must match the regex. The rule will not match if only a subsequence of the
+	// request header value matches the regex.
+	// This field is deprecated. Please use :ref:`string_match <envoy_v3_api_field_config.route.v3.HeaderMatcher.string_match>`.
+	//
+	// Deprecated: Do not use.
+	SafeRegexMatch *v32.RegexMatcher `protobuf:"bytes,11,opt,name=safe_regex_match,json=safeRegexMatch,proto3,oneof"`
+}
+
+type HeaderMatcher_RangeMatch struct {
+	// If specified, header match will be performed based on range.
+	// The rule will match if the request header value is within this range.
+	// The entire request header value must represent an integer in base 10 notation: consisting of
+	// an optional plus or minus sign followed by a sequence of digits. The rule will not match if
+	// the header value does not represent an integer. Match will fail for empty values, floating
+	// point numbers or if only a subsequence of the header value is an integer.
+	//
+	// Examples:
+	//
+	// * For range [-10,0), route will match for header value -1, but not for 0, "somestring", 10.9,
+	//   "-1somestring"
+	RangeMatch *v33.Int64Range `protobuf:"bytes,6,opt,name=range_match,json=rangeMatch,proto3,oneof"`
+}
+
+type HeaderMatcher_PresentMatch struct {
+	// If specified as true, header match will be performed based on whether the header is in the
+	// request. If specified as false, header match will be performed based on whether the header is absent.
+	PresentMatch bool `protobuf:"varint,7,opt,name=present_match,json=presentMatch,proto3,oneof"`
+}
+
+type HeaderMatcher_PrefixMatch struct {
+	// If specified, header match will be performed based on the prefix of the header value.
+	// Note: empty prefix is not allowed, please use present_match instead.
+	// This field is deprecated. Please use :ref:`string_match <envoy_v3_api_field_config.route.v3.HeaderMatcher.string_match>`.
+	//
+	// Examples:
+	//
+	// * The prefix *abcd* matches the value *abcdxyz*, but not for *abcxyz*.
+	//
+	// Deprecated: Do not use.
+	PrefixMatch string `protobuf:"bytes,9,opt,name=prefix_match,json=prefixMatch,proto3,oneof"`
+}
+
+type HeaderMatcher_SuffixMatch struct {
+	// If specified, header match will be performed based on the suffix of the header value.
+	// Note: empty suffix is not allowed, please use present_match instead.
+	// This field is deprecated. Please use :ref:`string_match <envoy_v3_api_field_config.route.v3.HeaderMatcher.string_match>`.
+	//
+	// Examples:
+	//
+	// * The suffix *abcd* matches the value *xyzabcd*, but not for *xyzbcd*.
+	//
+	// Deprecated: Do not use.
+	SuffixMatch string `protobuf:"bytes,10,opt,name=suffix_match,json=suffixMatch,proto3,oneof"`
+}
+
+type HeaderMatcher_ContainsMatch struct {
+	// If specified, header match will be performed based on whether the header value contains
+	// the given value or not.
+	// Note: empty contains match is not allowed, please use present_match instead.
+	// This field is deprecated. Please use :ref:`string_match <envoy_v3_api_field_config.route.v3.HeaderMatcher.string_match>`.
+	//
+	// Examples:
+	//
+	// * The value *abcd* matches the value *xyzabcdpqr*, but not for *xyzbcdpqr*.
+	//
+	// Deprecated: Do not use.
+	ContainsMatch string `protobuf:"bytes,12,opt,name=contains_match,json=containsMatch,proto3,oneof"`
+}
+
+type HeaderMatcher_StringMatch struct {
+	// If specified, header match will be performed based on the string match of the header value.
+	StringMatch *v32.StringMatcher `protobuf:"bytes,13,opt,name=string_match,json=stringMatch,proto3,oneof"`
+}
+
+func (*HeaderMatcher_ExactMatch) isHeaderMatcher_HeaderMatchSpecifier() {}
+
+func (*HeaderMatcher_SafeRegexMatch) isHeaderMatcher_HeaderMatchSpecifier() {}
+
+func (*HeaderMatcher_RangeMatch) isHeaderMatcher_HeaderMatchSpecifier() {}
+
+func (*HeaderMatcher_PresentMatch) isHeaderMatcher_HeaderMatchSpecifier() {}
+
+func (*HeaderMatcher_PrefixMatch) isHeaderMatcher_HeaderMatchSpecifier() {}
+
+func (*HeaderMatcher_SuffixMatch) isHeaderMatcher_HeaderMatchSpecifier() {}
+
+func (*HeaderMatcher_ContainsMatch) isHeaderMatcher_HeaderMatchSpecifier() {}
+
+func (*HeaderMatcher_StringMatch) isHeaderMatcher_HeaderMatchSpecifier() {}
+
+// Query parameter matching treats the query string of a request's :path header
+// as an ampersand-separated list of keys and/or key=value elements.
+// [#next-free-field: 7]
+type QueryParameterMatcher struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// Specifies the name of a key that must be present in the requested
+	// *path*'s query string.
+	Name string `protobuf:"bytes,1,opt,name=name,proto3" json:"name,omitempty"`
+	// Types that are assignable to QueryParameterMatchSpecifier:
+	//	*QueryParameterMatcher_StringMatch
+	//	*QueryParameterMatcher_PresentMatch
+	QueryParameterMatchSpecifier isQueryParameterMatcher_QueryParameterMatchSpecifier `protobuf_oneof:"query_parameter_match_specifier"`
+}
+
+func (x *QueryParameterMatcher) Reset() {
+	*x = QueryParameterMatcher{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_config_route_v3_route_components_proto_msgTypes[17]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *QueryParameterMatcher) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*QueryParameterMatcher) ProtoMessage() {}
+
+func (x *QueryParameterMatcher) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_config_route_v3_route_components_proto_msgTypes[17]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use QueryParameterMatcher.ProtoReflect.Descriptor instead.
+func (*QueryParameterMatcher) Descriptor() ([]byte, []int) {
+	return file_envoy_config_route_v3_route_components_proto_rawDescGZIP(), []int{17}
+}
+
+func (x *QueryParameterMatcher) GetName() string {
+	if x != nil {
+		return x.Name
+	}
+	return ""
+}
+
+func (m *QueryParameterMatcher) GetQueryParameterMatchSpecifier() isQueryParameterMatcher_QueryParameterMatchSpecifier {
+	if m != nil {
+		return m.QueryParameterMatchSpecifier
+	}
+	return nil
+}
+
+func (x *QueryParameterMatcher) GetStringMatch() *v32.StringMatcher {
+	if x, ok := x.GetQueryParameterMatchSpecifier().(*QueryParameterMatcher_StringMatch); ok {
+		return x.StringMatch
+	}
+	return nil
+}
+
+func (x *QueryParameterMatcher) GetPresentMatch() bool {
+	if x, ok := x.GetQueryParameterMatchSpecifier().(*QueryParameterMatcher_PresentMatch); ok {
+		return x.PresentMatch
+	}
+	return false
+}
+
+type isQueryParameterMatcher_QueryParameterMatchSpecifier interface {
+	isQueryParameterMatcher_QueryParameterMatchSpecifier()
+}
+
+type QueryParameterMatcher_StringMatch struct {
+	// Specifies whether a query parameter value should match against a string.
+	StringMatch *v32.StringMatcher `protobuf:"bytes,5,opt,name=string_match,json=stringMatch,proto3,oneof"`
+}
+
+type QueryParameterMatcher_PresentMatch struct {
+	// Specifies whether a query parameter should be present.
+	PresentMatch bool `protobuf:"varint,6,opt,name=present_match,json=presentMatch,proto3,oneof"`
+}
+
+func (*QueryParameterMatcher_StringMatch) isQueryParameterMatcher_QueryParameterMatchSpecifier() {}
+
+func (*QueryParameterMatcher_PresentMatch) isQueryParameterMatcher_QueryParameterMatchSpecifier() {}
+
+// HTTP Internal Redirect :ref:`architecture overview <arch_overview_internal_redirects>`.
+type InternalRedirectPolicy struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// An internal redirect is not handled, unless the number of previous internal redirects that a
+	// downstream request has encountered is lower than this value.
+	// In the case where a downstream request is bounced among multiple routes by internal redirect,
+	// the first route that hits this threshold, or does not set :ref:`internal_redirect_policy
+	// <envoy_v3_api_field_config.route.v3.RouteAction.internal_redirect_policy>`
+	// will pass the redirect back to downstream.
+	//
+	// If not specified, at most one redirect will be followed.
+	MaxInternalRedirects *wrappers.UInt32Value `protobuf:"bytes,1,opt,name=max_internal_redirects,json=maxInternalRedirects,proto3" json:"max_internal_redirects,omitempty"`
+	// Defines what upstream response codes are allowed to trigger internal redirect. If unspecified,
+	// only 302 will be treated as internal redirect.
+	// Only 301, 302, 303, 307 and 308 are valid values. Any other codes will be ignored.
+	RedirectResponseCodes []uint32 `protobuf:"varint,2,rep,packed,name=redirect_response_codes,json=redirectResponseCodes,proto3" json:"redirect_response_codes,omitempty"`
+	// Specifies a list of predicates that are queried when an upstream response is deemed
+	// to trigger an internal redirect by all other criteria. Any predicate in the list can reject
+	// the redirect, causing the response to be proxied to downstream.
+	// [#extension-category: envoy.internal_redirect_predicates]
+	Predicates []*v31.TypedExtensionConfig `protobuf:"bytes,3,rep,name=predicates,proto3" json:"predicates,omitempty"`
+	// Allow internal redirect to follow a target URI with a different scheme than the value of
+	// x-forwarded-proto. The default is false.
+	AllowCrossSchemeRedirect bool `protobuf:"varint,4,opt,name=allow_cross_scheme_redirect,json=allowCrossSchemeRedirect,proto3" json:"allow_cross_scheme_redirect,omitempty"`
+}
+
+func (x *InternalRedirectPolicy) Reset() {
+	*x = InternalRedirectPolicy{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_config_route_v3_route_components_proto_msgTypes[18]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *InternalRedirectPolicy) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*InternalRedirectPolicy) ProtoMessage() {}
+
+func (x *InternalRedirectPolicy) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_config_route_v3_route_components_proto_msgTypes[18]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use InternalRedirectPolicy.ProtoReflect.Descriptor instead.
+func (*InternalRedirectPolicy) Descriptor() ([]byte, []int) {
+	return file_envoy_config_route_v3_route_components_proto_rawDescGZIP(), []int{18}
+}
+
+func (x *InternalRedirectPolicy) GetMaxInternalRedirects() *wrappers.UInt32Value {
+	if x != nil {
+		return x.MaxInternalRedirects
+	}
+	return nil
+}
+
+func (x *InternalRedirectPolicy) GetRedirectResponseCodes() []uint32 {
+	if x != nil {
+		return x.RedirectResponseCodes
+	}
+	return nil
+}
+
+func (x *InternalRedirectPolicy) GetPredicates() []*v31.TypedExtensionConfig {
+	if x != nil {
+		return x.Predicates
+	}
+	return nil
+}
+
+func (x *InternalRedirectPolicy) GetAllowCrossSchemeRedirect() bool {
+	if x != nil {
+		return x.AllowCrossSchemeRedirect
+	}
+	return false
+}
+
+// A simple wrapper for an HTTP filter config. This is intended to be used as a wrapper for the
+// map value in
+// :ref:`VirtualHost.typed_per_filter_config<envoy_v3_api_field_config.route.v3.VirtualHost.typed_per_filter_config>`,
+// :ref:`Route.typed_per_filter_config<envoy_v3_api_field_config.route.v3.Route.typed_per_filter_config>`,
+// or :ref:`WeightedCluster.ClusterWeight.typed_per_filter_config<envoy_v3_api_field_config.route.v3.WeightedCluster.ClusterWeight.typed_per_filter_config>`
+// to add additional flags to the filter.
+// [#not-implemented-hide:]
+type FilterConfig struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// The filter config.
+	Config *any.Any `protobuf:"bytes,1,opt,name=config,proto3" json:"config,omitempty"`
+	// If true, the filter is optional, meaning that if the client does
+	// not support the specified filter, it may ignore the map entry rather
+	// than rejecting the config.
+	IsOptional bool `protobuf:"varint,2,opt,name=is_optional,json=isOptional,proto3" json:"is_optional,omitempty"`
+}
+
+func (x *FilterConfig) Reset() {
+	*x = FilterConfig{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_config_route_v3_route_components_proto_msgTypes[19]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *FilterConfig) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*FilterConfig) ProtoMessage() {}
+
+func (x *FilterConfig) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_config_route_v3_route_components_proto_msgTypes[19]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use FilterConfig.ProtoReflect.Descriptor instead.
+func (*FilterConfig) Descriptor() ([]byte, []int) {
+	return file_envoy_config_route_v3_route_components_proto_rawDescGZIP(), []int{19}
+}
+
+func (x *FilterConfig) GetConfig() *any.Any {
+	if x != nil {
+		return x.Config
+	}
+	return nil
+}
+
+func (x *FilterConfig) GetIsOptional() bool {
+	if x != nil {
+		return x.IsOptional
+	}
+	return false
+}
+
+// [#next-free-field: 13]
+type WeightedCluster_ClusterWeight struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// Only one of *name* and *cluster_header* may be specified.
+	// [#next-major-version: Need to add back the validation rule: (validate.rules).string = {min_len: 1}]
+	// Name of the upstream cluster. The cluster must exist in the
+	// :ref:`cluster manager configuration <config_cluster_manager>`.
+	Name string `protobuf:"bytes,1,opt,name=name,proto3" json:"name,omitempty"`
+	// Only one of *name* and *cluster_header* may be specified.
+	// [#next-major-version: Need to add back the validation rule: (validate.rules).string = {min_len: 1 }]
+	// Envoy will determine the cluster to route to by reading the value of the
+	// HTTP header named by cluster_header from the request headers. If the
+	// header is not found or the referenced cluster does not exist, Envoy will
+	// return a 404 response.
+	//
+	// .. attention::
+	//
+	//   Internally, Envoy always uses the HTTP/2 *:authority* header to represent the HTTP/1
+	//   *Host* header. Thus, if attempting to match on *Host*, match on *:authority* instead.
+	//
+	// .. note::
+	//
+	//   If the header appears multiple times only the first value is used.
+	ClusterHeader string `protobuf:"bytes,12,opt,name=cluster_header,json=clusterHeader,proto3" json:"cluster_header,omitempty"`
+	// An integer between 0 and :ref:`total_weight
+	// <envoy_v3_api_field_config.route.v3.WeightedCluster.total_weight>`. When a request matches the route,
+	// the choice of an upstream cluster is determined by its weight. The sum of weights across all
+	// entries in the clusters array must add up to the total_weight, which defaults to 100.
+	Weight *wrappers.UInt32Value `protobuf:"bytes,2,opt,name=weight,proto3" json:"weight,omitempty"`
+	// Optional endpoint metadata match criteria used by the subset load balancer. Only endpoints in
+	// the upstream cluster with metadata matching what is set in this field will be considered for
+	// load balancing. Note that this will be merged with what's provided in
+	// :ref:`RouteAction.metadata_match <envoy_v3_api_field_config.route.v3.RouteAction.metadata_match>`, with
+	// values here taking precedence. The filter name should be specified as *envoy.lb*.
+	MetadataMatch *v31.Metadata `protobuf:"bytes,3,opt,name=metadata_match,json=metadataMatch,proto3" json:"metadata_match,omitempty"`
+	// Specifies a list of headers to be added to requests when this cluster is selected
+	// through the enclosing :ref:`envoy_v3_api_msg_config.route.v3.RouteAction`.
+	// Headers specified at this level are applied before headers from the enclosing
+	// :ref:`envoy_v3_api_msg_config.route.v3.Route`, :ref:`envoy_v3_api_msg_config.route.v3.VirtualHost`, and
+	// :ref:`envoy_v3_api_msg_config.route.v3.RouteConfiguration`. For more information, including details on
+	// header value syntax, see the documentation on :ref:`custom request headers
+	// <config_http_conn_man_headers_custom_request_headers>`.
+	RequestHeadersToAdd []*v31.HeaderValueOption `protobuf:"bytes,4,rep,name=request_headers_to_add,json=requestHeadersToAdd,proto3" json:"request_headers_to_add,omitempty"`
+	// Specifies a list of HTTP headers that should be removed from each request when
+	// this cluster is selected through the enclosing :ref:`envoy_v3_api_msg_config.route.v3.RouteAction`.
+	RequestHeadersToRemove []string `protobuf:"bytes,9,rep,name=request_headers_to_remove,json=requestHeadersToRemove,proto3" json:"request_headers_to_remove,omitempty"`
+	// Specifies a list of headers to be added to responses when this cluster is selected
+	// through the enclosing :ref:`envoy_v3_api_msg_config.route.v3.RouteAction`.
+	// Headers specified at this level are applied before headers from the enclosing
+	// :ref:`envoy_v3_api_msg_config.route.v3.Route`, :ref:`envoy_v3_api_msg_config.route.v3.VirtualHost`, and
+	// :ref:`envoy_v3_api_msg_config.route.v3.RouteConfiguration`. For more information, including details on
+	// header value syntax, see the documentation on :ref:`custom request headers
+	// <config_http_conn_man_headers_custom_request_headers>`.
+	ResponseHeadersToAdd []*v31.HeaderValueOption `protobuf:"bytes,5,rep,name=response_headers_to_add,json=responseHeadersToAdd,proto3" json:"response_headers_to_add,omitempty"`
+	// Specifies a list of headers to be removed from responses when this cluster is selected
+	// through the enclosing :ref:`envoy_v3_api_msg_config.route.v3.RouteAction`.
+	ResponseHeadersToRemove []string `protobuf:"bytes,6,rep,name=response_headers_to_remove,json=responseHeadersToRemove,proto3" json:"response_headers_to_remove,omitempty"`
+	// The per_filter_config field can be used to provide weighted cluster-specific
+	// configurations for filters. The key should match the filter name, such as
+	// *envoy.filters.http.buffer* for the HTTP buffer filter. Use of this field is filter
+	// specific; see the :ref:`HTTP filter documentation <config_http_filters>`
+	// for if and how it is utilized.
+	// [#comment: An entry's value may be wrapped in a
+	// :ref:`FilterConfig<envoy_v3_api_msg_config.route.v3.FilterConfig>`
+	// message to specify additional options.]
+	TypedPerFilterConfig map[string]*any.Any `protobuf:"bytes,10,rep,name=typed_per_filter_config,json=typedPerFilterConfig,proto3" json:"typed_per_filter_config,omitempty" protobuf_key:"bytes,1,opt,name=key,proto3" protobuf_val:"bytes,2,opt,name=value,proto3"`
+	// Types that are assignable to HostRewriteSpecifier:
+	//	*WeightedCluster_ClusterWeight_HostRewriteLiteral
+	HostRewriteSpecifier isWeightedCluster_ClusterWeight_HostRewriteSpecifier `protobuf_oneof:"host_rewrite_specifier"`
+}
+
+func (x *WeightedCluster_ClusterWeight) Reset() {
+	*x = WeightedCluster_ClusterWeight{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_config_route_v3_route_components_proto_msgTypes[22]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *WeightedCluster_ClusterWeight) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*WeightedCluster_ClusterWeight) ProtoMessage() {}
+
+func (x *WeightedCluster_ClusterWeight) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_config_route_v3_route_components_proto_msgTypes[22]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use WeightedCluster_ClusterWeight.ProtoReflect.Descriptor instead.
+func (*WeightedCluster_ClusterWeight) Descriptor() ([]byte, []int) {
+	return file_envoy_config_route_v3_route_components_proto_rawDescGZIP(), []int{3, 0}
+}
+
+func (x *WeightedCluster_ClusterWeight) GetName() string {
+	if x != nil {
+		return x.Name
+	}
+	return ""
+}
+
+func (x *WeightedCluster_ClusterWeight) GetClusterHeader() string {
+	if x != nil {
+		return x.ClusterHeader
+	}
+	return ""
+}
+
+func (x *WeightedCluster_ClusterWeight) GetWeight() *wrappers.UInt32Value {
+	if x != nil {
+		return x.Weight
+	}
+	return nil
+}
+
+func (x *WeightedCluster_ClusterWeight) GetMetadataMatch() *v31.Metadata {
+	if x != nil {
+		return x.MetadataMatch
+	}
+	return nil
+}
+
+func (x *WeightedCluster_ClusterWeight) GetRequestHeadersToAdd() []*v31.HeaderValueOption {
+	if x != nil {
+		return x.RequestHeadersToAdd
+	}
+	return nil
+}
+
+func (x *WeightedCluster_ClusterWeight) GetRequestHeadersToRemove() []string {
+	if x != nil {
+		return x.RequestHeadersToRemove
+	}
+	return nil
+}
+
+func (x *WeightedCluster_ClusterWeight) GetResponseHeadersToAdd() []*v31.HeaderValueOption {
+	if x != nil {
+		return x.ResponseHeadersToAdd
+	}
+	return nil
+}
+
+func (x *WeightedCluster_ClusterWeight) GetResponseHeadersToRemove() []string {
+	if x != nil {
+		return x.ResponseHeadersToRemove
+	}
+	return nil
+}
+
+func (x *WeightedCluster_ClusterWeight) GetTypedPerFilterConfig() map[string]*any.Any {
+	if x != nil {
+		return x.TypedPerFilterConfig
+	}
+	return nil
+}
+
+func (m *WeightedCluster_ClusterWeight) GetHostRewriteSpecifier() isWeightedCluster_ClusterWeight_HostRewriteSpecifier {
+	if m != nil {
+		return m.HostRewriteSpecifier
+	}
+	return nil
+}
+
+func (x *WeightedCluster_ClusterWeight) GetHostRewriteLiteral() string {
+	if x, ok := x.GetHostRewriteSpecifier().(*WeightedCluster_ClusterWeight_HostRewriteLiteral); ok {
+		return x.HostRewriteLiteral
+	}
+	return ""
+}
+
+type isWeightedCluster_ClusterWeight_HostRewriteSpecifier interface {
+	isWeightedCluster_ClusterWeight_HostRewriteSpecifier()
+}
+
+type WeightedCluster_ClusterWeight_HostRewriteLiteral struct {
+	// Indicates that during forwarding, the host header will be swapped with
+	// this value.
+	HostRewriteLiteral string `protobuf:"bytes,11,opt,name=host_rewrite_literal,json=hostRewriteLiteral,proto3,oneof"`
+}
+
+func (*WeightedCluster_ClusterWeight_HostRewriteLiteral) isWeightedCluster_ClusterWeight_HostRewriteSpecifier() {
+}
+
+type RouteMatch_GrpcRouteMatchOptions struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+}
+
+func (x *RouteMatch_GrpcRouteMatchOptions) Reset() {
+	*x = RouteMatch_GrpcRouteMatchOptions{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_config_route_v3_route_components_proto_msgTypes[24]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *RouteMatch_GrpcRouteMatchOptions) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*RouteMatch_GrpcRouteMatchOptions) ProtoMessage() {}
+
+func (x *RouteMatch_GrpcRouteMatchOptions) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_config_route_v3_route_components_proto_msgTypes[24]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use RouteMatch_GrpcRouteMatchOptions.ProtoReflect.Descriptor instead.
+func (*RouteMatch_GrpcRouteMatchOptions) Descriptor() ([]byte, []int) {
+	return file_envoy_config_route_v3_route_components_proto_rawDescGZIP(), []int{4, 0}
+}
+
+type RouteMatch_TlsContextMatchOptions struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// If specified, the route will match against whether or not a certificate is presented.
+	// If not specified, certificate presentation status (true or false) will not be considered when route matching.
+	Presented *wrappers.BoolValue `protobuf:"bytes,1,opt,name=presented,proto3" json:"presented,omitempty"`
+	// If specified, the route will match against whether or not a certificate is validated.
+	// If not specified, certificate validation status (true or false) will not be considered when route matching.
+	Validated *wrappers.BoolValue `protobuf:"bytes,2,opt,name=validated,proto3" json:"validated,omitempty"`
+}
+
+func (x *RouteMatch_TlsContextMatchOptions) Reset() {
+	*x = RouteMatch_TlsContextMatchOptions{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_config_route_v3_route_components_proto_msgTypes[25]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *RouteMatch_TlsContextMatchOptions) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*RouteMatch_TlsContextMatchOptions) ProtoMessage() {}
+
+func (x *RouteMatch_TlsContextMatchOptions) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_config_route_v3_route_components_proto_msgTypes[25]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use RouteMatch_TlsContextMatchOptions.ProtoReflect.Descriptor instead.
+func (*RouteMatch_TlsContextMatchOptions) Descriptor() ([]byte, []int) {
+	return file_envoy_config_route_v3_route_components_proto_rawDescGZIP(), []int{4, 1}
+}
+
+func (x *RouteMatch_TlsContextMatchOptions) GetPresented() *wrappers.BoolValue {
+	if x != nil {
+		return x.Presented
+	}
+	return nil
+}
+
+func (x *RouteMatch_TlsContextMatchOptions) GetValidated() *wrappers.BoolValue {
+	if x != nil {
+		return x.Validated
+	}
+	return nil
+}
+
+// An extensible message for matching CONNECT requests.
+type RouteMatch_ConnectMatcher struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+}
+
+func (x *RouteMatch_ConnectMatcher) Reset() {
+	*x = RouteMatch_ConnectMatcher{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_config_route_v3_route_components_proto_msgTypes[26]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *RouteMatch_ConnectMatcher) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*RouteMatch_ConnectMatcher) ProtoMessage() {}
+
+func (x *RouteMatch_ConnectMatcher) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_config_route_v3_route_components_proto_msgTypes[26]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use RouteMatch_ConnectMatcher.ProtoReflect.Descriptor instead.
+func (*RouteMatch_ConnectMatcher) Descriptor() ([]byte, []int) {
+	return file_envoy_config_route_v3_route_components_proto_rawDescGZIP(), []int{4, 2}
+}
+
+// The router is capable of shadowing traffic from one cluster to another. The current
+// implementation is "fire and forget," meaning Envoy will not wait for the shadow cluster to
+// respond before returning the response from the primary cluster. All normal statistics are
+// collected for the shadow cluster making this feature useful for testing.
+//
+// During shadowing, the host/authority header is altered such that *-shadow* is appended. This is
+// useful for logging. For example, *cluster1* becomes *cluster1-shadow*.
+//
+// .. note::
+//
+//   Shadowing will not be triggered if the primary cluster does not exist.
+type RouteAction_RequestMirrorPolicy struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// Specifies the cluster that requests will be mirrored to. The cluster must
+	// exist in the cluster manager configuration.
+	Cluster string `protobuf:"bytes,1,opt,name=cluster,proto3" json:"cluster,omitempty"`
+	// If not specified, all requests to the target cluster will be mirrored.
+	//
+	// If specified, this field takes precedence over the `runtime_key` field and requests must also
+	// fall under the percentage of matches indicated by this field.
+	//
+	// For some fraction N/D, a random number in the range [0,D) is selected. If the
+	// number is <= the value of the numerator N, or if the key is not present, the default
+	// value, the request will be mirrored.
+	RuntimeFraction *v31.RuntimeFractionalPercent `protobuf:"bytes,3,opt,name=runtime_fraction,json=runtimeFraction,proto3" json:"runtime_fraction,omitempty"`
+	// Determines if the trace span should be sampled. Defaults to true.
+	TraceSampled *wrappers.BoolValue `protobuf:"bytes,4,opt,name=trace_sampled,json=traceSampled,proto3" json:"trace_sampled,omitempty"`
+}
+
+func (x *RouteAction_RequestMirrorPolicy) Reset() {
+	*x = RouteAction_RequestMirrorPolicy{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_config_route_v3_route_components_proto_msgTypes[27]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *RouteAction_RequestMirrorPolicy) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*RouteAction_RequestMirrorPolicy) ProtoMessage() {}
+
+func (x *RouteAction_RequestMirrorPolicy) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_config_route_v3_route_components_proto_msgTypes[27]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use RouteAction_RequestMirrorPolicy.ProtoReflect.Descriptor instead.
+func (*RouteAction_RequestMirrorPolicy) Descriptor() ([]byte, []int) {
+	return file_envoy_config_route_v3_route_components_proto_rawDescGZIP(), []int{6, 0}
+}
+
+func (x *RouteAction_RequestMirrorPolicy) GetCluster() string {
+	if x != nil {
+		return x.Cluster
+	}
+	return ""
+}
+
+func (x *RouteAction_RequestMirrorPolicy) GetRuntimeFraction() *v31.RuntimeFractionalPercent {
+	if x != nil {
+		return x.RuntimeFraction
+	}
+	return nil
+}
+
+func (x *RouteAction_RequestMirrorPolicy) GetTraceSampled() *wrappers.BoolValue {
+	if x != nil {
+		return x.TraceSampled
+	}
+	return nil
+}
+
+// Specifies the route's hashing policy if the upstream cluster uses a hashing :ref:`load balancer
+// <arch_overview_load_balancing_types>`.
+// [#next-free-field: 7]
+type RouteAction_HashPolicy struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// Types that are assignable to PolicySpecifier:
+	//	*RouteAction_HashPolicy_Header_
+	//	*RouteAction_HashPolicy_Cookie_
+	//	*RouteAction_HashPolicy_ConnectionProperties_
+	//	*RouteAction_HashPolicy_QueryParameter_
+	//	*RouteAction_HashPolicy_FilterState_
+	PolicySpecifier isRouteAction_HashPolicy_PolicySpecifier `protobuf_oneof:"policy_specifier"`
+	// The flag that short-circuits the hash computing. This field provides a
+	// 'fallback' style of configuration: "if a terminal policy doesn't work,
+	// fallback to rest of the policy list", it saves time when the terminal
+	// policy works.
+	//
+	// If true, and there is already a hash computed, ignore rest of the
+	// list of hash polices.
+	// For example, if the following hash methods are configured:
+	//
+	//  ========= ========
+	//  specifier terminal
+	//  ========= ========
+	//  Header A  true
+	//  Header B  false
+	//  Header C  false
+	//  ========= ========
+	//
+	// The generateHash process ends if policy "header A" generates a hash, as
+	// it's a terminal policy.
+	Terminal bool `protobuf:"varint,4,opt,name=terminal,proto3" json:"terminal,omitempty"`
+}
+
+func (x *RouteAction_HashPolicy) Reset() {
+	*x = RouteAction_HashPolicy{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_config_route_v3_route_components_proto_msgTypes[28]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *RouteAction_HashPolicy) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*RouteAction_HashPolicy) ProtoMessage() {}
+
+func (x *RouteAction_HashPolicy) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_config_route_v3_route_components_proto_msgTypes[28]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use RouteAction_HashPolicy.ProtoReflect.Descriptor instead.
+func (*RouteAction_HashPolicy) Descriptor() ([]byte, []int) {
+	return file_envoy_config_route_v3_route_components_proto_rawDescGZIP(), []int{6, 1}
+}
+
+func (m *RouteAction_HashPolicy) GetPolicySpecifier() isRouteAction_HashPolicy_PolicySpecifier {
+	if m != nil {
+		return m.PolicySpecifier
+	}
+	return nil
+}
+
+func (x *RouteAction_HashPolicy) GetHeader() *RouteAction_HashPolicy_Header {
+	if x, ok := x.GetPolicySpecifier().(*RouteAction_HashPolicy_Header_); ok {
+		return x.Header
+	}
+	return nil
+}
+
+func (x *RouteAction_HashPolicy) GetCookie() *RouteAction_HashPolicy_Cookie {
+	if x, ok := x.GetPolicySpecifier().(*RouteAction_HashPolicy_Cookie_); ok {
+		return x.Cookie
+	}
+	return nil
+}
+
+func (x *RouteAction_HashPolicy) GetConnectionProperties() *RouteAction_HashPolicy_ConnectionProperties {
+	if x, ok := x.GetPolicySpecifier().(*RouteAction_HashPolicy_ConnectionProperties_); ok {
+		return x.ConnectionProperties
+	}
+	return nil
+}
+
+func (x *RouteAction_HashPolicy) GetQueryParameter() *RouteAction_HashPolicy_QueryParameter {
+	if x, ok := x.GetPolicySpecifier().(*RouteAction_HashPolicy_QueryParameter_); ok {
+		return x.QueryParameter
+	}
+	return nil
+}
+
+func (x *RouteAction_HashPolicy) GetFilterState() *RouteAction_HashPolicy_FilterState {
+	if x, ok := x.GetPolicySpecifier().(*RouteAction_HashPolicy_FilterState_); ok {
+		return x.FilterState
+	}
+	return nil
+}
+
+func (x *RouteAction_HashPolicy) GetTerminal() bool {
+	if x != nil {
+		return x.Terminal
+	}
+	return false
+}
+
+type isRouteAction_HashPolicy_PolicySpecifier interface {
+	isRouteAction_HashPolicy_PolicySpecifier()
+}
+
+type RouteAction_HashPolicy_Header_ struct {
+	// Header hash policy.
+	Header *RouteAction_HashPolicy_Header `protobuf:"bytes,1,opt,name=header,proto3,oneof"`
+}
+
+type RouteAction_HashPolicy_Cookie_ struct {
+	// Cookie hash policy.
+	Cookie *RouteAction_HashPolicy_Cookie `protobuf:"bytes,2,opt,name=cookie,proto3,oneof"`
+}
+
+type RouteAction_HashPolicy_ConnectionProperties_ struct {
+	// Connection properties hash policy.
+	ConnectionProperties *RouteAction_HashPolicy_ConnectionProperties `protobuf:"bytes,3,opt,name=connection_properties,json=connectionProperties,proto3,oneof"`
+}
+
+type RouteAction_HashPolicy_QueryParameter_ struct {
+	// Query parameter hash policy.
+	QueryParameter *RouteAction_HashPolicy_QueryParameter `protobuf:"bytes,5,opt,name=query_parameter,json=queryParameter,proto3,oneof"`
+}
+
+type RouteAction_HashPolicy_FilterState_ struct {
+	// Filter state hash policy.
+	FilterState *RouteAction_HashPolicy_FilterState `protobuf:"bytes,6,opt,name=filter_state,json=filterState,proto3,oneof"`
+}
+
+func (*RouteAction_HashPolicy_Header_) isRouteAction_HashPolicy_PolicySpecifier() {}
+
+func (*RouteAction_HashPolicy_Cookie_) isRouteAction_HashPolicy_PolicySpecifier() {}
+
+func (*RouteAction_HashPolicy_ConnectionProperties_) isRouteAction_HashPolicy_PolicySpecifier() {}
+
+func (*RouteAction_HashPolicy_QueryParameter_) isRouteAction_HashPolicy_PolicySpecifier() {}
+
+func (*RouteAction_HashPolicy_FilterState_) isRouteAction_HashPolicy_PolicySpecifier() {}
+
+// Allows enabling and disabling upgrades on a per-route basis.
+// This overrides any enabled/disabled upgrade filter chain specified in the
+// HttpConnectionManager
+// :ref:`upgrade_configs
+// <envoy_v3_api_field_extensions.filters.network.http_connection_manager.v3.HttpConnectionManager.upgrade_configs>`
+// but does not affect any custom filter chain specified there.
+type RouteAction_UpgradeConfig struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// The case-insensitive name of this upgrade, e.g. "websocket".
+	// For each upgrade type present in upgrade_configs, requests with
+	// Upgrade: [upgrade_type] will be proxied upstream.
+	UpgradeType string `protobuf:"bytes,1,opt,name=upgrade_type,json=upgradeType,proto3" json:"upgrade_type,omitempty"`
+	// Determines if upgrades are available on this route. Defaults to true.
+	Enabled *wrappers.BoolValue `protobuf:"bytes,2,opt,name=enabled,proto3" json:"enabled,omitempty"`
+	// Configuration for sending data upstream as a raw data payload. This is used for
+	// CONNECT requests, when forwarding CONNECT payload as raw TCP.
+	// Note that CONNECT support is currently considered alpha in Envoy.
+	// [#comment: TODO(htuch): Replace the above comment with an alpha tag.]
+	ConnectConfig *RouteAction_UpgradeConfig_ConnectConfig `protobuf:"bytes,3,opt,name=connect_config,json=connectConfig,proto3" json:"connect_config,omitempty"`
+}
+
+func (x *RouteAction_UpgradeConfig) Reset() {
+	*x = RouteAction_UpgradeConfig{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_config_route_v3_route_components_proto_msgTypes[29]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *RouteAction_UpgradeConfig) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*RouteAction_UpgradeConfig) ProtoMessage() {}
+
+func (x *RouteAction_UpgradeConfig) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_config_route_v3_route_components_proto_msgTypes[29]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use RouteAction_UpgradeConfig.ProtoReflect.Descriptor instead.
+func (*RouteAction_UpgradeConfig) Descriptor() ([]byte, []int) {
+	return file_envoy_config_route_v3_route_components_proto_rawDescGZIP(), []int{6, 2}
+}
+
+func (x *RouteAction_UpgradeConfig) GetUpgradeType() string {
+	if x != nil {
+		return x.UpgradeType
+	}
+	return ""
+}
+
+func (x *RouteAction_UpgradeConfig) GetEnabled() *wrappers.BoolValue {
+	if x != nil {
+		return x.Enabled
+	}
+	return nil
+}
+
+func (x *RouteAction_UpgradeConfig) GetConnectConfig() *RouteAction_UpgradeConfig_ConnectConfig {
+	if x != nil {
+		return x.ConnectConfig
+	}
+	return nil
+}
+
+type RouteAction_MaxStreamDuration struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// Specifies the maximum duration allowed for streams on the route. If not specified, the value
+	// from the :ref:`max_stream_duration
+	// <envoy_v3_api_field_config.core.v3.HttpProtocolOptions.max_stream_duration>` field in
+	// :ref:`HttpConnectionManager.common_http_protocol_options
+	// <envoy_v3_api_field_extensions.filters.network.http_connection_manager.v3.HttpConnectionManager.common_http_protocol_options>`
+	// is used. If this field is set explicitly to zero, any
+	// HttpConnectionManager max_stream_duration timeout will be disabled for
+	// this route.
+	MaxStreamDuration *duration.Duration `protobuf:"bytes,1,opt,name=max_stream_duration,json=maxStreamDuration,proto3" json:"max_stream_duration,omitempty"`
+	// If present, and the request contains a `grpc-timeout header
+	// <https://github.com/grpc/grpc/blob/master/doc/PROTOCOL-HTTP2.md>`_, use that value as the
+	// *max_stream_duration*, but limit the applied timeout to the maximum value specified here.
+	// If set to 0, the `grpc-timeout` header is used without modification.
+	GrpcTimeoutHeaderMax *duration.Duration `protobuf:"bytes,2,opt,name=grpc_timeout_header_max,json=grpcTimeoutHeaderMax,proto3" json:"grpc_timeout_header_max,omitempty"`
+	// If present, Envoy will adjust the timeout provided by the `grpc-timeout` header by
+	// subtracting the provided duration from the header. This is useful for allowing Envoy to set
+	// its global timeout to be less than that of the deadline imposed by the calling client, which
+	// makes it more likely that Envoy will handle the timeout instead of having the call canceled
+	// by the client. If, after applying the offset, the resulting timeout is zero or negative,
+	// the stream will timeout immediately.
+	GrpcTimeoutHeaderOffset *duration.Duration `protobuf:"bytes,3,opt,name=grpc_timeout_header_offset,json=grpcTimeoutHeaderOffset,proto3" json:"grpc_timeout_header_offset,omitempty"`
+}
+
+func (x *RouteAction_MaxStreamDuration) Reset() {
+	*x = RouteAction_MaxStreamDuration{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_config_route_v3_route_components_proto_msgTypes[30]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *RouteAction_MaxStreamDuration) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*RouteAction_MaxStreamDuration) ProtoMessage() {}
+
+func (x *RouteAction_MaxStreamDuration) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_config_route_v3_route_components_proto_msgTypes[30]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use RouteAction_MaxStreamDuration.ProtoReflect.Descriptor instead.
+func (*RouteAction_MaxStreamDuration) Descriptor() ([]byte, []int) {
+	return file_envoy_config_route_v3_route_components_proto_rawDescGZIP(), []int{6, 3}
+}
+
+func (x *RouteAction_MaxStreamDuration) GetMaxStreamDuration() *duration.Duration {
+	if x != nil {
+		return x.MaxStreamDuration
+	}
+	return nil
+}
+
+func (x *RouteAction_MaxStreamDuration) GetGrpcTimeoutHeaderMax() *duration.Duration {
+	if x != nil {
+		return x.GrpcTimeoutHeaderMax
+	}
+	return nil
+}
+
+func (x *RouteAction_MaxStreamDuration) GetGrpcTimeoutHeaderOffset() *duration.Duration {
+	if x != nil {
+		return x.GrpcTimeoutHeaderOffset
+	}
+	return nil
+}
+
+type RouteAction_HashPolicy_Header struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// The name of the request header that will be used to obtain the hash
+	// key. If the request header is not present, no hash will be produced.
+	HeaderName string `protobuf:"bytes,1,opt,name=header_name,json=headerName,proto3" json:"header_name,omitempty"`
+	// If specified, the request header value will be rewritten and used
+	// to produce the hash key.
+	RegexRewrite *v32.RegexMatchAndSubstitute `protobuf:"bytes,2,opt,name=regex_rewrite,json=regexRewrite,proto3" json:"regex_rewrite,omitempty"`
+}
+
+func (x *RouteAction_HashPolicy_Header) Reset() {
+	*x = RouteAction_HashPolicy_Header{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_config_route_v3_route_components_proto_msgTypes[31]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *RouteAction_HashPolicy_Header) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*RouteAction_HashPolicy_Header) ProtoMessage() {}
+
+func (x *RouteAction_HashPolicy_Header) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_config_route_v3_route_components_proto_msgTypes[31]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use RouteAction_HashPolicy_Header.ProtoReflect.Descriptor instead.
+func (*RouteAction_HashPolicy_Header) Descriptor() ([]byte, []int) {
+	return file_envoy_config_route_v3_route_components_proto_rawDescGZIP(), []int{6, 1, 0}
+}
+
+func (x *RouteAction_HashPolicy_Header) GetHeaderName() string {
+	if x != nil {
+		return x.HeaderName
+	}
+	return ""
+}
+
+func (x *RouteAction_HashPolicy_Header) GetRegexRewrite() *v32.RegexMatchAndSubstitute {
+	if x != nil {
+		return x.RegexRewrite
+	}
+	return nil
+}
+
+// Envoy supports two types of cookie affinity:
+//
+// 1. Passive. Envoy takes a cookie that's present in the cookies header and
+//    hashes on its value.
+//
+// 2. Generated. Envoy generates and sets a cookie with an expiration (TTL)
+//    on the first request from the client in its response to the client,
+//    based on the endpoint the request gets sent to. The client then
+//    presents this on the next and all subsequent requests. The hash of
+//    this is sufficient to ensure these requests get sent to the same
+//    endpoint. The cookie is generated by hashing the source and
+//    destination ports and addresses so that multiple independent HTTP2
+//    streams on the same connection will independently receive the same
+//    cookie, even if they arrive at the Envoy simultaneously.
+type RouteAction_HashPolicy_Cookie struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// The name of the cookie that will be used to obtain the hash key. If the
+	// cookie is not present and ttl below is not set, no hash will be
+	// produced.
+	Name string `protobuf:"bytes,1,opt,name=name,proto3" json:"name,omitempty"`
+	// If specified, a cookie with the TTL will be generated if the cookie is
+	// not present. If the TTL is present and zero, the generated cookie will
+	// be a session cookie.
+	Ttl *duration.Duration `protobuf:"bytes,2,opt,name=ttl,proto3" json:"ttl,omitempty"`
+	// The name of the path for the cookie. If no path is specified here, no path
+	// will be set for the cookie.
+	Path string `protobuf:"bytes,3,opt,name=path,proto3" json:"path,omitempty"`
+}
+
+func (x *RouteAction_HashPolicy_Cookie) Reset() {
+	*x = RouteAction_HashPolicy_Cookie{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_config_route_v3_route_components_proto_msgTypes[32]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *RouteAction_HashPolicy_Cookie) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*RouteAction_HashPolicy_Cookie) ProtoMessage() {}
+
+func (x *RouteAction_HashPolicy_Cookie) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_config_route_v3_route_components_proto_msgTypes[32]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use RouteAction_HashPolicy_Cookie.ProtoReflect.Descriptor instead.
+func (*RouteAction_HashPolicy_Cookie) Descriptor() ([]byte, []int) {
+	return file_envoy_config_route_v3_route_components_proto_rawDescGZIP(), []int{6, 1, 1}
+}
+
+func (x *RouteAction_HashPolicy_Cookie) GetName() string {
+	if x != nil {
+		return x.Name
+	}
+	return ""
+}
+
+func (x *RouteAction_HashPolicy_Cookie) GetTtl() *duration.Duration {
+	if x != nil {
+		return x.Ttl
+	}
+	return nil
+}
+
+func (x *RouteAction_HashPolicy_Cookie) GetPath() string {
+	if x != nil {
+		return x.Path
+	}
+	return ""
+}
+
+type RouteAction_HashPolicy_ConnectionProperties struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// Hash on source IP address.
+	SourceIp bool `protobuf:"varint,1,opt,name=source_ip,json=sourceIp,proto3" json:"source_ip,omitempty"`
+}
+
+func (x *RouteAction_HashPolicy_ConnectionProperties) Reset() {
+	*x = RouteAction_HashPolicy_ConnectionProperties{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_config_route_v3_route_components_proto_msgTypes[33]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *RouteAction_HashPolicy_ConnectionProperties) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*RouteAction_HashPolicy_ConnectionProperties) ProtoMessage() {}
+
+func (x *RouteAction_HashPolicy_ConnectionProperties) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_config_route_v3_route_components_proto_msgTypes[33]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use RouteAction_HashPolicy_ConnectionProperties.ProtoReflect.Descriptor instead.
+func (*RouteAction_HashPolicy_ConnectionProperties) Descriptor() ([]byte, []int) {
+	return file_envoy_config_route_v3_route_components_proto_rawDescGZIP(), []int{6, 1, 2}
+}
+
+func (x *RouteAction_HashPolicy_ConnectionProperties) GetSourceIp() bool {
+	if x != nil {
+		return x.SourceIp
+	}
+	return false
+}
+
+type RouteAction_HashPolicy_QueryParameter struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// The name of the URL query parameter that will be used to obtain the hash
+	// key. If the parameter is not present, no hash will be produced. Query
+	// parameter names are case-sensitive.
+	Name string `protobuf:"bytes,1,opt,name=name,proto3" json:"name,omitempty"`
+}
+
+func (x *RouteAction_HashPolicy_QueryParameter) Reset() {
+	*x = RouteAction_HashPolicy_QueryParameter{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_config_route_v3_route_components_proto_msgTypes[34]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *RouteAction_HashPolicy_QueryParameter) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*RouteAction_HashPolicy_QueryParameter) ProtoMessage() {}
+
+func (x *RouteAction_HashPolicy_QueryParameter) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_config_route_v3_route_components_proto_msgTypes[34]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use RouteAction_HashPolicy_QueryParameter.ProtoReflect.Descriptor instead.
+func (*RouteAction_HashPolicy_QueryParameter) Descriptor() ([]byte, []int) {
+	return file_envoy_config_route_v3_route_components_proto_rawDescGZIP(), []int{6, 1, 3}
+}
+
+func (x *RouteAction_HashPolicy_QueryParameter) GetName() string {
+	if x != nil {
+		return x.Name
+	}
+	return ""
+}
+
+type RouteAction_HashPolicy_FilterState struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// The name of the Object in the per-request filterState, which is an
+	// Envoy::Hashable object. If there is no data associated with the key,
+	// or the stored object is not Envoy::Hashable, no hash will be produced.
+	Key string `protobuf:"bytes,1,opt,name=key,proto3" json:"key,omitempty"`
+}
+
+func (x *RouteAction_HashPolicy_FilterState) Reset() {
+	*x = RouteAction_HashPolicy_FilterState{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_config_route_v3_route_components_proto_msgTypes[35]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *RouteAction_HashPolicy_FilterState) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*RouteAction_HashPolicy_FilterState) ProtoMessage() {}
+
+func (x *RouteAction_HashPolicy_FilterState) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_config_route_v3_route_components_proto_msgTypes[35]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use RouteAction_HashPolicy_FilterState.ProtoReflect.Descriptor instead.
+func (*RouteAction_HashPolicy_FilterState) Descriptor() ([]byte, []int) {
+	return file_envoy_config_route_v3_route_components_proto_rawDescGZIP(), []int{6, 1, 4}
+}
+
+func (x *RouteAction_HashPolicy_FilterState) GetKey() string {
+	if x != nil {
+		return x.Key
+	}
+	return ""
+}
+
+// Configuration for sending data upstream as a raw data payload. This is used for
+// CONNECT or POST requests, when forwarding request payload as raw TCP.
+type RouteAction_UpgradeConfig_ConnectConfig struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// If present, the proxy protocol header will be prepended to the CONNECT payload sent upstream.
+	ProxyProtocolConfig *v31.ProxyProtocolConfig `protobuf:"bytes,1,opt,name=proxy_protocol_config,json=proxyProtocolConfig,proto3" json:"proxy_protocol_config,omitempty"`
+	// If set, the route will also allow forwarding POST payload as raw TCP.
+	AllowPost bool `protobuf:"varint,2,opt,name=allow_post,json=allowPost,proto3" json:"allow_post,omitempty"`
+}
+
+func (x *RouteAction_UpgradeConfig_ConnectConfig) Reset() {
+	*x = RouteAction_UpgradeConfig_ConnectConfig{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_config_route_v3_route_components_proto_msgTypes[36]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *RouteAction_UpgradeConfig_ConnectConfig) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*RouteAction_UpgradeConfig_ConnectConfig) ProtoMessage() {}
+
+func (x *RouteAction_UpgradeConfig_ConnectConfig) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_config_route_v3_route_components_proto_msgTypes[36]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use RouteAction_UpgradeConfig_ConnectConfig.ProtoReflect.Descriptor instead.
+func (*RouteAction_UpgradeConfig_ConnectConfig) Descriptor() ([]byte, []int) {
+	return file_envoy_config_route_v3_route_components_proto_rawDescGZIP(), []int{6, 2, 0}
+}
+
+func (x *RouteAction_UpgradeConfig_ConnectConfig) GetProxyProtocolConfig() *v31.ProxyProtocolConfig {
+	if x != nil {
+		return x.ProxyProtocolConfig
+	}
+	return nil
+}
+
+func (x *RouteAction_UpgradeConfig_ConnectConfig) GetAllowPost() bool {
+	if x != nil {
+		return x.AllowPost
+	}
+	return false
+}
+
+type RetryPolicy_RetryPriority struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	Name string `protobuf:"bytes,1,opt,name=name,proto3" json:"name,omitempty"`
+	// [#extension-category: envoy.retry_priorities]
+	//
+	// Types that are assignable to ConfigType:
+	//	*RetryPolicy_RetryPriority_TypedConfig
+	ConfigType isRetryPolicy_RetryPriority_ConfigType `protobuf_oneof:"config_type"`
+}
+
+func (x *RetryPolicy_RetryPriority) Reset() {
+	*x = RetryPolicy_RetryPriority{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_config_route_v3_route_components_proto_msgTypes[37]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *RetryPolicy_RetryPriority) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*RetryPolicy_RetryPriority) ProtoMessage() {}
+
+func (x *RetryPolicy_RetryPriority) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_config_route_v3_route_components_proto_msgTypes[37]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use RetryPolicy_RetryPriority.ProtoReflect.Descriptor instead.
+func (*RetryPolicy_RetryPriority) Descriptor() ([]byte, []int) {
+	return file_envoy_config_route_v3_route_components_proto_rawDescGZIP(), []int{7, 0}
+}
+
+func (x *RetryPolicy_RetryPriority) GetName() string {
+	if x != nil {
+		return x.Name
+	}
+	return ""
+}
+
+func (m *RetryPolicy_RetryPriority) GetConfigType() isRetryPolicy_RetryPriority_ConfigType {
+	if m != nil {
+		return m.ConfigType
+	}
+	return nil
+}
+
+func (x *RetryPolicy_RetryPriority) GetTypedConfig() *any.Any {
+	if x, ok := x.GetConfigType().(*RetryPolicy_RetryPriority_TypedConfig); ok {
+		return x.TypedConfig
+	}
+	return nil
+}
+
+type isRetryPolicy_RetryPriority_ConfigType interface {
+	isRetryPolicy_RetryPriority_ConfigType()
+}
+
+type RetryPolicy_RetryPriority_TypedConfig struct {
+	TypedConfig *any.Any `protobuf:"bytes,3,opt,name=typed_config,json=typedConfig,proto3,oneof"`
+}
+
+func (*RetryPolicy_RetryPriority_TypedConfig) isRetryPolicy_RetryPriority_ConfigType() {}
+
+type RetryPolicy_RetryHostPredicate struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	Name string `protobuf:"bytes,1,opt,name=name,proto3" json:"name,omitempty"`
+	// [#extension-category: envoy.retry_host_predicates]
+	//
+	// Types that are assignable to ConfigType:
+	//	*RetryPolicy_RetryHostPredicate_TypedConfig
+	ConfigType isRetryPolicy_RetryHostPredicate_ConfigType `protobuf_oneof:"config_type"`
+}
+
+func (x *RetryPolicy_RetryHostPredicate) Reset() {
+	*x = RetryPolicy_RetryHostPredicate{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_config_route_v3_route_components_proto_msgTypes[38]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *RetryPolicy_RetryHostPredicate) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*RetryPolicy_RetryHostPredicate) ProtoMessage() {}
+
+func (x *RetryPolicy_RetryHostPredicate) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_config_route_v3_route_components_proto_msgTypes[38]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use RetryPolicy_RetryHostPredicate.ProtoReflect.Descriptor instead.
+func (*RetryPolicy_RetryHostPredicate) Descriptor() ([]byte, []int) {
+	return file_envoy_config_route_v3_route_components_proto_rawDescGZIP(), []int{7, 1}
+}
+
+func (x *RetryPolicy_RetryHostPredicate) GetName() string {
+	if x != nil {
+		return x.Name
+	}
+	return ""
+}
+
+func (m *RetryPolicy_RetryHostPredicate) GetConfigType() isRetryPolicy_RetryHostPredicate_ConfigType {
+	if m != nil {
+		return m.ConfigType
+	}
+	return nil
+}
+
+func (x *RetryPolicy_RetryHostPredicate) GetTypedConfig() *any.Any {
+	if x, ok := x.GetConfigType().(*RetryPolicy_RetryHostPredicate_TypedConfig); ok {
+		return x.TypedConfig
+	}
+	return nil
+}
+
+type isRetryPolicy_RetryHostPredicate_ConfigType interface {
+	isRetryPolicy_RetryHostPredicate_ConfigType()
+}
+
+type RetryPolicy_RetryHostPredicate_TypedConfig struct {
+	TypedConfig *any.Any `protobuf:"bytes,3,opt,name=typed_config,json=typedConfig,proto3,oneof"`
+}
+
+func (*RetryPolicy_RetryHostPredicate_TypedConfig) isRetryPolicy_RetryHostPredicate_ConfigType() {}
+
+type RetryPolicy_RetryBackOff struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// Specifies the base interval between retries. This parameter is required and must be greater
+	// than zero. Values less than 1 ms are rounded up to 1 ms.
+	// See :ref:`config_http_filters_router_x-envoy-max-retries` for a discussion of Envoy's
+	// back-off algorithm.
+	BaseInterval *duration.Duration `protobuf:"bytes,1,opt,name=base_interval,json=baseInterval,proto3" json:"base_interval,omitempty"`
+	// Specifies the maximum interval between retries. This parameter is optional, but must be
+	// greater than or equal to the `base_interval` if set. The default is 10 times the
+	// `base_interval`. See :ref:`config_http_filters_router_x-envoy-max-retries` for a discussion
+	// of Envoy's back-off algorithm.
+	MaxInterval *duration.Duration `protobuf:"bytes,2,opt,name=max_interval,json=maxInterval,proto3" json:"max_interval,omitempty"`
+}
+
+func (x *RetryPolicy_RetryBackOff) Reset() {
+	*x = RetryPolicy_RetryBackOff{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_config_route_v3_route_components_proto_msgTypes[39]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *RetryPolicy_RetryBackOff) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*RetryPolicy_RetryBackOff) ProtoMessage() {}
+
+func (x *RetryPolicy_RetryBackOff) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_config_route_v3_route_components_proto_msgTypes[39]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use RetryPolicy_RetryBackOff.ProtoReflect.Descriptor instead.
+func (*RetryPolicy_RetryBackOff) Descriptor() ([]byte, []int) {
+	return file_envoy_config_route_v3_route_components_proto_rawDescGZIP(), []int{7, 2}
+}
+
+func (x *RetryPolicy_RetryBackOff) GetBaseInterval() *duration.Duration {
+	if x != nil {
+		return x.BaseInterval
+	}
+	return nil
+}
+
+func (x *RetryPolicy_RetryBackOff) GetMaxInterval() *duration.Duration {
+	if x != nil {
+		return x.MaxInterval
+	}
+	return nil
+}
+
+type RetryPolicy_ResetHeader struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// The name of the reset header.
+	//
+	// .. note::
+	//
+	//   If the header appears multiple times only the first value is used.
+	Name string `protobuf:"bytes,1,opt,name=name,proto3" json:"name,omitempty"`
+	// The format of the reset header.
+	Format RetryPolicy_ResetHeaderFormat `protobuf:"varint,2,opt,name=format,proto3,enum=envoy.config.route.v3.RetryPolicy_ResetHeaderFormat" json:"format,omitempty"`
+}
+
+func (x *RetryPolicy_ResetHeader) Reset() {
+	*x = RetryPolicy_ResetHeader{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_config_route_v3_route_components_proto_msgTypes[40]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *RetryPolicy_ResetHeader) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*RetryPolicy_ResetHeader) ProtoMessage() {}
+
+func (x *RetryPolicy_ResetHeader) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_config_route_v3_route_components_proto_msgTypes[40]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use RetryPolicy_ResetHeader.ProtoReflect.Descriptor instead.
+func (*RetryPolicy_ResetHeader) Descriptor() ([]byte, []int) {
+	return file_envoy_config_route_v3_route_components_proto_rawDescGZIP(), []int{7, 3}
+}
+
+func (x *RetryPolicy_ResetHeader) GetName() string {
+	if x != nil {
+		return x.Name
+	}
+	return ""
+}
+
+func (x *RetryPolicy_ResetHeader) GetFormat() RetryPolicy_ResetHeaderFormat {
+	if x != nil {
+		return x.Format
+	}
+	return RetryPolicy_SECONDS
+}
+
+// A retry back-off strategy that applies when the upstream server rate limits
+// the request.
+//
+// Given this configuration:
+//
+// .. code-block:: yaml
+//
+//   rate_limited_retry_back_off:
+//     reset_headers:
+//     - name: Retry-After
+//       format: SECONDS
+//     - name: X-RateLimit-Reset
+//       format: UNIX_TIMESTAMP
+//     max_interval: "300s"
+//
+// The following algorithm will apply:
+//
+//  1. If the response contains the header ``Retry-After`` its value must be on
+//     the form ``120`` (an integer that represents the number of seconds to
+//     wait before retrying). If so, this value is used as the back-off interval.
+//  2. Otherwise, if the response contains the header ``X-RateLimit-Reset`` its
+//     value must be on the form ``1595320702`` (an integer that represents the
+//     point in time at which to retry, as a Unix timestamp in seconds). If so,
+//     the current time is subtracted from this value and the result is used as
+//     the back-off interval.
+//  3. Otherwise, Envoy will use the default
+//     :ref:`exponential back-off <envoy_v3_api_field_config.route.v3.RetryPolicy.retry_back_off>`
+//     strategy.
+//
+// No matter which format is used, if the resulting back-off interval exceeds
+// ``max_interval`` it is discarded and the next header in ``reset_headers``
+// is tried. If a request timeout is configured for the route it will further
+// limit how long the request will be allowed to run.
+//
+// To prevent many clients retrying at the same point in time jitter is added
+// to the back-off interval, so the resulting interval is decided by taking:
+// ``random(interval, interval * 1.5)``.
+//
+// .. attention::
+//
+//   Configuring ``rate_limited_retry_back_off`` will not by itself cause a request
+//   to be retried. You will still need to configure the right retry policy to match
+//   the responses from the upstream server.
+type RetryPolicy_RateLimitedRetryBackOff struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// Specifies the reset headers (like ``Retry-After`` or ``X-RateLimit-Reset``)
+	// to match against the response. Headers are tried in order, and matched case
+	// insensitive. The first header to be parsed successfully is used. If no headers
+	// match the default exponential back-off is used instead.
+	ResetHeaders []*RetryPolicy_ResetHeader `protobuf:"bytes,1,rep,name=reset_headers,json=resetHeaders,proto3" json:"reset_headers,omitempty"`
+	// Specifies the maximum back off interval that Envoy will allow. If a reset
+	// header contains an interval longer than this then it will be discarded and
+	// the next header will be tried. Defaults to 300 seconds.
+	MaxInterval *duration.Duration `protobuf:"bytes,2,opt,name=max_interval,json=maxInterval,proto3" json:"max_interval,omitempty"`
+}
+
+func (x *RetryPolicy_RateLimitedRetryBackOff) Reset() {
+	*x = RetryPolicy_RateLimitedRetryBackOff{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_config_route_v3_route_components_proto_msgTypes[41]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *RetryPolicy_RateLimitedRetryBackOff) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*RetryPolicy_RateLimitedRetryBackOff) ProtoMessage() {}
+
+func (x *RetryPolicy_RateLimitedRetryBackOff) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_config_route_v3_route_components_proto_msgTypes[41]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use RetryPolicy_RateLimitedRetryBackOff.ProtoReflect.Descriptor instead.
+func (*RetryPolicy_RateLimitedRetryBackOff) Descriptor() ([]byte, []int) {
+	return file_envoy_config_route_v3_route_components_proto_rawDescGZIP(), []int{7, 4}
+}
+
+func (x *RetryPolicy_RateLimitedRetryBackOff) GetResetHeaders() []*RetryPolicy_ResetHeader {
+	if x != nil {
+		return x.ResetHeaders
+	}
+	return nil
+}
+
+func (x *RetryPolicy_RateLimitedRetryBackOff) GetMaxInterval() *duration.Duration {
+	if x != nil {
+		return x.MaxInterval
+	}
+	return nil
+}
+
+// [#next-free-field: 10]
+type RateLimit_Action struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// Types that are assignable to ActionSpecifier:
+	//	*RateLimit_Action_SourceCluster_
+	//	*RateLimit_Action_DestinationCluster_
+	//	*RateLimit_Action_RequestHeaders_
+	//	*RateLimit_Action_RemoteAddress_
+	//	*RateLimit_Action_GenericKey_
+	//	*RateLimit_Action_HeaderValueMatch_
+	//	*RateLimit_Action_DynamicMetadata
+	//	*RateLimit_Action_Metadata
+	//	*RateLimit_Action_Extension
+	ActionSpecifier isRateLimit_Action_ActionSpecifier `protobuf_oneof:"action_specifier"`
+}
+
+func (x *RateLimit_Action) Reset() {
+	*x = RateLimit_Action{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_config_route_v3_route_components_proto_msgTypes[42]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *RateLimit_Action) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*RateLimit_Action) ProtoMessage() {}
+
+func (x *RateLimit_Action) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_config_route_v3_route_components_proto_msgTypes[42]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use RateLimit_Action.ProtoReflect.Descriptor instead.
+func (*RateLimit_Action) Descriptor() ([]byte, []int) {
+	return file_envoy_config_route_v3_route_components_proto_rawDescGZIP(), []int{15, 0}
+}
+
+func (m *RateLimit_Action) GetActionSpecifier() isRateLimit_Action_ActionSpecifier {
+	if m != nil {
+		return m.ActionSpecifier
+	}
+	return nil
+}
+
+func (x *RateLimit_Action) GetSourceCluster() *RateLimit_Action_SourceCluster {
+	if x, ok := x.GetActionSpecifier().(*RateLimit_Action_SourceCluster_); ok {
+		return x.SourceCluster
+	}
+	return nil
+}
+
+func (x *RateLimit_Action) GetDestinationCluster() *RateLimit_Action_DestinationCluster {
+	if x, ok := x.GetActionSpecifier().(*RateLimit_Action_DestinationCluster_); ok {
+		return x.DestinationCluster
+	}
+	return nil
+}
+
+func (x *RateLimit_Action) GetRequestHeaders() *RateLimit_Action_RequestHeaders {
+	if x, ok := x.GetActionSpecifier().(*RateLimit_Action_RequestHeaders_); ok {
+		return x.RequestHeaders
+	}
+	return nil
+}
+
+func (x *RateLimit_Action) GetRemoteAddress() *RateLimit_Action_RemoteAddress {
+	if x, ok := x.GetActionSpecifier().(*RateLimit_Action_RemoteAddress_); ok {
+		return x.RemoteAddress
+	}
+	return nil
+}
+
+func (x *RateLimit_Action) GetGenericKey() *RateLimit_Action_GenericKey {
+	if x, ok := x.GetActionSpecifier().(*RateLimit_Action_GenericKey_); ok {
+		return x.GenericKey
+	}
+	return nil
+}
+
+func (x *RateLimit_Action) GetHeaderValueMatch() *RateLimit_Action_HeaderValueMatch {
+	if x, ok := x.GetActionSpecifier().(*RateLimit_Action_HeaderValueMatch_); ok {
+		return x.HeaderValueMatch
+	}
+	return nil
+}
+
+// Deprecated: Do not use.
+func (x *RateLimit_Action) GetDynamicMetadata() *RateLimit_Action_DynamicMetaData {
+	if x, ok := x.GetActionSpecifier().(*RateLimit_Action_DynamicMetadata); ok {
+		return x.DynamicMetadata
+	}
+	return nil
+}
+
+func (x *RateLimit_Action) GetMetadata() *RateLimit_Action_MetaData {
+	if x, ok := x.GetActionSpecifier().(*RateLimit_Action_Metadata); ok {
+		return x.Metadata
+	}
+	return nil
+}
+
+func (x *RateLimit_Action) GetExtension() *v31.TypedExtensionConfig {
+	if x, ok := x.GetActionSpecifier().(*RateLimit_Action_Extension); ok {
+		return x.Extension
+	}
+	return nil
+}
+
+type isRateLimit_Action_ActionSpecifier interface {
+	isRateLimit_Action_ActionSpecifier()
+}
+
+type RateLimit_Action_SourceCluster_ struct {
+	// Rate limit on source cluster.
+	SourceCluster *RateLimit_Action_SourceCluster `protobuf:"bytes,1,opt,name=source_cluster,json=sourceCluster,proto3,oneof"`
+}
+
+type RateLimit_Action_DestinationCluster_ struct {
+	// Rate limit on destination cluster.
+	DestinationCluster *RateLimit_Action_DestinationCluster `protobuf:"bytes,2,opt,name=destination_cluster,json=destinationCluster,proto3,oneof"`
+}
+
+type RateLimit_Action_RequestHeaders_ struct {
+	// Rate limit on request headers.
+	RequestHeaders *RateLimit_Action_RequestHeaders `protobuf:"bytes,3,opt,name=request_headers,json=requestHeaders,proto3,oneof"`
+}
+
+type RateLimit_Action_RemoteAddress_ struct {
+	// Rate limit on remote address.
+	RemoteAddress *RateLimit_Action_RemoteAddress `protobuf:"bytes,4,opt,name=remote_address,json=remoteAddress,proto3,oneof"`
+}
+
+type RateLimit_Action_GenericKey_ struct {
+	// Rate limit on a generic key.
+	GenericKey *RateLimit_Action_GenericKey `protobuf:"bytes,5,opt,name=generic_key,json=genericKey,proto3,oneof"`
+}
+
+type RateLimit_Action_HeaderValueMatch_ struct {
+	// Rate limit on the existence of request headers.
+	HeaderValueMatch *RateLimit_Action_HeaderValueMatch `protobuf:"bytes,6,opt,name=header_value_match,json=headerValueMatch,proto3,oneof"`
+}
+
+type RateLimit_Action_DynamicMetadata struct {
+	// Rate limit on dynamic metadata.
+	//
+	// .. attention::
+	//   This field has been deprecated in favor of the :ref:`metadata <envoy_v3_api_field_config.route.v3.RateLimit.Action.metadata>` field
+	//
+	// Deprecated: Do not use.
+	DynamicMetadata *RateLimit_Action_DynamicMetaData `protobuf:"bytes,7,opt,name=dynamic_metadata,json=dynamicMetadata,proto3,oneof"`
+}
+
+type RateLimit_Action_Metadata struct {
+	// Rate limit on metadata.
+	Metadata *RateLimit_Action_MetaData `protobuf:"bytes,8,opt,name=metadata,proto3,oneof"`
+}
+
+type RateLimit_Action_Extension struct {
+	// Rate limit descriptor extension. See the rate limit descriptor extensions documentation.
+	// [#extension-category: envoy.rate_limit_descriptors]
+	Extension *v31.TypedExtensionConfig `protobuf:"bytes,9,opt,name=extension,proto3,oneof"`
+}
+
+func (*RateLimit_Action_SourceCluster_) isRateLimit_Action_ActionSpecifier() {}
+
+func (*RateLimit_Action_DestinationCluster_) isRateLimit_Action_ActionSpecifier() {}
+
+func (*RateLimit_Action_RequestHeaders_) isRateLimit_Action_ActionSpecifier() {}
+
+func (*RateLimit_Action_RemoteAddress_) isRateLimit_Action_ActionSpecifier() {}
+
+func (*RateLimit_Action_GenericKey_) isRateLimit_Action_ActionSpecifier() {}
+
+func (*RateLimit_Action_HeaderValueMatch_) isRateLimit_Action_ActionSpecifier() {}
+
+func (*RateLimit_Action_DynamicMetadata) isRateLimit_Action_ActionSpecifier() {}
+
+func (*RateLimit_Action_Metadata) isRateLimit_Action_ActionSpecifier() {}
+
+func (*RateLimit_Action_Extension) isRateLimit_Action_ActionSpecifier() {}
+
+type RateLimit_Override struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// Types that are assignable to OverrideSpecifier:
+	//	*RateLimit_Override_DynamicMetadata_
+	OverrideSpecifier isRateLimit_Override_OverrideSpecifier `protobuf_oneof:"override_specifier"`
+}
+
+func (x *RateLimit_Override) Reset() {
+	*x = RateLimit_Override{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_config_route_v3_route_components_proto_msgTypes[43]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *RateLimit_Override) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*RateLimit_Override) ProtoMessage() {}
+
+func (x *RateLimit_Override) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_config_route_v3_route_components_proto_msgTypes[43]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use RateLimit_Override.ProtoReflect.Descriptor instead.
+func (*RateLimit_Override) Descriptor() ([]byte, []int) {
+	return file_envoy_config_route_v3_route_components_proto_rawDescGZIP(), []int{15, 1}
+}
+
+func (m *RateLimit_Override) GetOverrideSpecifier() isRateLimit_Override_OverrideSpecifier {
+	if m != nil {
+		return m.OverrideSpecifier
+	}
+	return nil
+}
+
+func (x *RateLimit_Override) GetDynamicMetadata() *RateLimit_Override_DynamicMetadata {
+	if x, ok := x.GetOverrideSpecifier().(*RateLimit_Override_DynamicMetadata_); ok {
+		return x.DynamicMetadata
+	}
+	return nil
+}
+
+type isRateLimit_Override_OverrideSpecifier interface {
+	isRateLimit_Override_OverrideSpecifier()
+}
+
+type RateLimit_Override_DynamicMetadata_ struct {
+	// Limit override from dynamic metadata.
+	DynamicMetadata *RateLimit_Override_DynamicMetadata `protobuf:"bytes,1,opt,name=dynamic_metadata,json=dynamicMetadata,proto3,oneof"`
+}
+
+func (*RateLimit_Override_DynamicMetadata_) isRateLimit_Override_OverrideSpecifier() {}
+
+// The following descriptor entry is appended to the descriptor:
+//
+// .. code-block:: cpp
+//
+//   ("source_cluster", "<local service cluster>")
+//
+// <local service cluster> is derived from the :option:`--service-cluster` option.
+type RateLimit_Action_SourceCluster struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+}
+
+func (x *RateLimit_Action_SourceCluster) Reset() {
+	*x = RateLimit_Action_SourceCluster{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_config_route_v3_route_components_proto_msgTypes[44]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *RateLimit_Action_SourceCluster) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*RateLimit_Action_SourceCluster) ProtoMessage() {}
+
+func (x *RateLimit_Action_SourceCluster) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_config_route_v3_route_components_proto_msgTypes[44]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use RateLimit_Action_SourceCluster.ProtoReflect.Descriptor instead.
+func (*RateLimit_Action_SourceCluster) Descriptor() ([]byte, []int) {
+	return file_envoy_config_route_v3_route_components_proto_rawDescGZIP(), []int{15, 0, 0}
+}
+
+// The following descriptor entry is appended to the descriptor:
+//
+// .. code-block:: cpp
+//
+//   ("destination_cluster", "<routed target cluster>")
+//
+// Once a request matches against a route table rule, a routed cluster is determined by one of
+// the following :ref:`route table configuration <envoy_v3_api_msg_config.route.v3.RouteConfiguration>`
+// settings:
+//
+// * :ref:`cluster <envoy_v3_api_field_config.route.v3.RouteAction.cluster>` indicates the upstream cluster
+//   to route to.
+// * :ref:`weighted_clusters <envoy_v3_api_field_config.route.v3.RouteAction.weighted_clusters>`
+//   chooses a cluster randomly from a set of clusters with attributed weight.
+// * :ref:`cluster_header <envoy_v3_api_field_config.route.v3.RouteAction.cluster_header>` indicates which
+//   header in the request contains the target cluster.
+type RateLimit_Action_DestinationCluster struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+}
+
+func (x *RateLimit_Action_DestinationCluster) Reset() {
+	*x = RateLimit_Action_DestinationCluster{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_config_route_v3_route_components_proto_msgTypes[45]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *RateLimit_Action_DestinationCluster) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*RateLimit_Action_DestinationCluster) ProtoMessage() {}
+
+func (x *RateLimit_Action_DestinationCluster) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_config_route_v3_route_components_proto_msgTypes[45]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use RateLimit_Action_DestinationCluster.ProtoReflect.Descriptor instead.
+func (*RateLimit_Action_DestinationCluster) Descriptor() ([]byte, []int) {
+	return file_envoy_config_route_v3_route_components_proto_rawDescGZIP(), []int{15, 0, 1}
+}
+
+// The following descriptor entry is appended when a header contains a key that matches the
+// *header_name*:
+//
+// .. code-block:: cpp
+//
+//   ("<descriptor_key>", "<header_value_queried_from_header>")
+type RateLimit_Action_RequestHeaders struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// The header name to be queried from the request headers. The header’s
+	// value is used to populate the value of the descriptor entry for the
+	// descriptor_key.
+	HeaderName string `protobuf:"bytes,1,opt,name=header_name,json=headerName,proto3" json:"header_name,omitempty"`
+	// The key to use in the descriptor entry.
+	DescriptorKey string `protobuf:"bytes,2,opt,name=descriptor_key,json=descriptorKey,proto3" json:"descriptor_key,omitempty"`
+	// If set to true, Envoy skips the descriptor while calling rate limiting service
+	// when header is not present in the request. By default it skips calling the
+	// rate limiting service if this header is not present in the request.
+	SkipIfAbsent bool `protobuf:"varint,3,opt,name=skip_if_absent,json=skipIfAbsent,proto3" json:"skip_if_absent,omitempty"`
+}
+
+func (x *RateLimit_Action_RequestHeaders) Reset() {
+	*x = RateLimit_Action_RequestHeaders{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_config_route_v3_route_components_proto_msgTypes[46]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *RateLimit_Action_RequestHeaders) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*RateLimit_Action_RequestHeaders) ProtoMessage() {}
+
+func (x *RateLimit_Action_RequestHeaders) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_config_route_v3_route_components_proto_msgTypes[46]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use RateLimit_Action_RequestHeaders.ProtoReflect.Descriptor instead.
+func (*RateLimit_Action_RequestHeaders) Descriptor() ([]byte, []int) {
+	return file_envoy_config_route_v3_route_components_proto_rawDescGZIP(), []int{15, 0, 2}
+}
+
+func (x *RateLimit_Action_RequestHeaders) GetHeaderName() string {
+	if x != nil {
+		return x.HeaderName
+	}
+	return ""
+}
+
+func (x *RateLimit_Action_RequestHeaders) GetDescriptorKey() string {
+	if x != nil {
+		return x.DescriptorKey
+	}
+	return ""
+}
+
+func (x *RateLimit_Action_RequestHeaders) GetSkipIfAbsent() bool {
+	if x != nil {
+		return x.SkipIfAbsent
+	}
+	return false
+}
+
+// The following descriptor entry is appended to the descriptor and is populated using the
+// trusted address from :ref:`x-forwarded-for <config_http_conn_man_headers_x-forwarded-for>`:
+//
+// .. code-block:: cpp
+//
+//   ("remote_address", "<trusted address from x-forwarded-for>")
+type RateLimit_Action_RemoteAddress struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+}
+
+func (x *RateLimit_Action_RemoteAddress) Reset() {
+	*x = RateLimit_Action_RemoteAddress{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_config_route_v3_route_components_proto_msgTypes[47]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *RateLimit_Action_RemoteAddress) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*RateLimit_Action_RemoteAddress) ProtoMessage() {}
+
+func (x *RateLimit_Action_RemoteAddress) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_config_route_v3_route_components_proto_msgTypes[47]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use RateLimit_Action_RemoteAddress.ProtoReflect.Descriptor instead.
+func (*RateLimit_Action_RemoteAddress) Descriptor() ([]byte, []int) {
+	return file_envoy_config_route_v3_route_components_proto_rawDescGZIP(), []int{15, 0, 3}
+}
+
+// The following descriptor entry is appended to the descriptor:
+//
+// .. code-block:: cpp
+//
+//   ("generic_key", "<descriptor_value>")
+type RateLimit_Action_GenericKey struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// The value to use in the descriptor entry.
+	DescriptorValue string `protobuf:"bytes,1,opt,name=descriptor_value,json=descriptorValue,proto3" json:"descriptor_value,omitempty"`
+	// An optional key to use in the descriptor entry. If not set it defaults
+	// to 'generic_key' as the descriptor key.
+	DescriptorKey string `protobuf:"bytes,2,opt,name=descriptor_key,json=descriptorKey,proto3" json:"descriptor_key,omitempty"`
+}
+
+func (x *RateLimit_Action_GenericKey) Reset() {
+	*x = RateLimit_Action_GenericKey{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_config_route_v3_route_components_proto_msgTypes[48]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *RateLimit_Action_GenericKey) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*RateLimit_Action_GenericKey) ProtoMessage() {}
+
+func (x *RateLimit_Action_GenericKey) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_config_route_v3_route_components_proto_msgTypes[48]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use RateLimit_Action_GenericKey.ProtoReflect.Descriptor instead.
+func (*RateLimit_Action_GenericKey) Descriptor() ([]byte, []int) {
+	return file_envoy_config_route_v3_route_components_proto_rawDescGZIP(), []int{15, 0, 4}
+}
+
+func (x *RateLimit_Action_GenericKey) GetDescriptorValue() string {
+	if x != nil {
+		return x.DescriptorValue
+	}
+	return ""
+}
+
+func (x *RateLimit_Action_GenericKey) GetDescriptorKey() string {
+	if x != nil {
+		return x.DescriptorKey
+	}
+	return ""
+}
+
+// The following descriptor entry is appended to the descriptor:
+//
+// .. code-block:: cpp
+//
+//   ("header_match", "<descriptor_value>")
+type RateLimit_Action_HeaderValueMatch struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// The value to use in the descriptor entry.
+	DescriptorValue string `protobuf:"bytes,1,opt,name=descriptor_value,json=descriptorValue,proto3" json:"descriptor_value,omitempty"`
+	// If set to true, the action will append a descriptor entry when the
+	// request matches the headers. If set to false, the action will append a
+	// descriptor entry when the request does not match the headers. The
+	// default value is true.
+	ExpectMatch *wrappers.BoolValue `protobuf:"bytes,2,opt,name=expect_match,json=expectMatch,proto3" json:"expect_match,omitempty"`
+	// Specifies a set of headers that the rate limit action should match
+	// on. The action will check the request’s headers against all the
+	// specified headers in the config. A match will happen if all the
+	// headers in the config are present in the request with the same values
+	// (or based on presence if the value field is not in the config).
+	Headers []*HeaderMatcher `protobuf:"bytes,3,rep,name=headers,proto3" json:"headers,omitempty"`
+}
+
+func (x *RateLimit_Action_HeaderValueMatch) Reset() {
+	*x = RateLimit_Action_HeaderValueMatch{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_config_route_v3_route_components_proto_msgTypes[49]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *RateLimit_Action_HeaderValueMatch) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*RateLimit_Action_HeaderValueMatch) ProtoMessage() {}
+
+func (x *RateLimit_Action_HeaderValueMatch) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_config_route_v3_route_components_proto_msgTypes[49]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use RateLimit_Action_HeaderValueMatch.ProtoReflect.Descriptor instead.
+func (*RateLimit_Action_HeaderValueMatch) Descriptor() ([]byte, []int) {
+	return file_envoy_config_route_v3_route_components_proto_rawDescGZIP(), []int{15, 0, 5}
+}
+
+func (x *RateLimit_Action_HeaderValueMatch) GetDescriptorValue() string {
+	if x != nil {
+		return x.DescriptorValue
+	}
+	return ""
+}
+
+func (x *RateLimit_Action_HeaderValueMatch) GetExpectMatch() *wrappers.BoolValue {
+	if x != nil {
+		return x.ExpectMatch
+	}
+	return nil
+}
+
+func (x *RateLimit_Action_HeaderValueMatch) GetHeaders() []*HeaderMatcher {
+	if x != nil {
+		return x.Headers
+	}
+	return nil
+}
+
+// The following descriptor entry is appended when the
+// :ref:`dynamic metadata <well_known_dynamic_metadata>` contains a key value:
+//
+// .. code-block:: cpp
+//
+//   ("<descriptor_key>", "<value_queried_from_dynamic_metadata>")
+//
+// .. attention::
+//   This action has been deprecated in favor of the :ref:`metadata <envoy_v3_api_msg_config.route.v3.RateLimit.Action.MetaData>` action
+type RateLimit_Action_DynamicMetaData struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// The key to use in the descriptor entry.
+	DescriptorKey string `protobuf:"bytes,1,opt,name=descriptor_key,json=descriptorKey,proto3" json:"descriptor_key,omitempty"`
+	// Metadata struct that defines the key and path to retrieve the string value. A match will
+	// only happen if the value in the dynamic metadata is of type string.
+	MetadataKey *v35.MetadataKey `protobuf:"bytes,2,opt,name=metadata_key,json=metadataKey,proto3" json:"metadata_key,omitempty"`
+	// An optional value to use if *metadata_key* is empty. If not set and
+	// no value is present under the metadata_key then no descriptor is generated.
+	DefaultValue string `protobuf:"bytes,3,opt,name=default_value,json=defaultValue,proto3" json:"default_value,omitempty"`
+}
+
+func (x *RateLimit_Action_DynamicMetaData) Reset() {
+	*x = RateLimit_Action_DynamicMetaData{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_config_route_v3_route_components_proto_msgTypes[50]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *RateLimit_Action_DynamicMetaData) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*RateLimit_Action_DynamicMetaData) ProtoMessage() {}
+
+func (x *RateLimit_Action_DynamicMetaData) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_config_route_v3_route_components_proto_msgTypes[50]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use RateLimit_Action_DynamicMetaData.ProtoReflect.Descriptor instead.
+func (*RateLimit_Action_DynamicMetaData) Descriptor() ([]byte, []int) {
+	return file_envoy_config_route_v3_route_components_proto_rawDescGZIP(), []int{15, 0, 6}
+}
+
+func (x *RateLimit_Action_DynamicMetaData) GetDescriptorKey() string {
+	if x != nil {
+		return x.DescriptorKey
+	}
+	return ""
+}
+
+func (x *RateLimit_Action_DynamicMetaData) GetMetadataKey() *v35.MetadataKey {
+	if x != nil {
+		return x.MetadataKey
+	}
+	return nil
+}
+
+func (x *RateLimit_Action_DynamicMetaData) GetDefaultValue() string {
+	if x != nil {
+		return x.DefaultValue
+	}
+	return ""
+}
+
+// The following descriptor entry is appended when the metadata contains a key value:
+//
+// .. code-block:: cpp
+//
+//   ("<descriptor_key>", "<value_queried_from_metadata>")
+type RateLimit_Action_MetaData struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// The key to use in the descriptor entry.
+	DescriptorKey string `protobuf:"bytes,1,opt,name=descriptor_key,json=descriptorKey,proto3" json:"descriptor_key,omitempty"`
+	// Metadata struct that defines the key and path to retrieve the string value. A match will
+	// only happen if the value in the metadata is of type string.
+	MetadataKey *v35.MetadataKey `protobuf:"bytes,2,opt,name=metadata_key,json=metadataKey,proto3" json:"metadata_key,omitempty"`
+	// An optional value to use if *metadata_key* is empty. If not set and
+	// no value is present under the metadata_key then no descriptor is generated.
+	DefaultValue string `protobuf:"bytes,3,opt,name=default_value,json=defaultValue,proto3" json:"default_value,omitempty"`
+	// Source of metadata
+	Source RateLimit_Action_MetaData_Source `protobuf:"varint,4,opt,name=source,proto3,enum=envoy.config.route.v3.RateLimit_Action_MetaData_Source" json:"source,omitempty"`
+}
+
+func (x *RateLimit_Action_MetaData) Reset() {
+	*x = RateLimit_Action_MetaData{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_config_route_v3_route_components_proto_msgTypes[51]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *RateLimit_Action_MetaData) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*RateLimit_Action_MetaData) ProtoMessage() {}
+
+func (x *RateLimit_Action_MetaData) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_config_route_v3_route_components_proto_msgTypes[51]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use RateLimit_Action_MetaData.ProtoReflect.Descriptor instead.
+func (*RateLimit_Action_MetaData) Descriptor() ([]byte, []int) {
+	return file_envoy_config_route_v3_route_components_proto_rawDescGZIP(), []int{15, 0, 7}
+}
+
+func (x *RateLimit_Action_MetaData) GetDescriptorKey() string {
+	if x != nil {
+		return x.DescriptorKey
+	}
+	return ""
+}
+
+func (x *RateLimit_Action_MetaData) GetMetadataKey() *v35.MetadataKey {
+	if x != nil {
+		return x.MetadataKey
+	}
+	return nil
+}
+
+func (x *RateLimit_Action_MetaData) GetDefaultValue() string {
+	if x != nil {
+		return x.DefaultValue
+	}
+	return ""
+}
+
+func (x *RateLimit_Action_MetaData) GetSource() RateLimit_Action_MetaData_Source {
+	if x != nil {
+		return x.Source
+	}
+	return RateLimit_Action_MetaData_DYNAMIC
+}
+
+// Fetches the override from the dynamic metadata.
+type RateLimit_Override_DynamicMetadata struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// Metadata struct that defines the key and path to retrieve the struct value.
+	// The value must be a struct containing an integer "requests_per_unit" property
+	// and a "unit" property with a value parseable to :ref:`RateLimitUnit
+	// enum <envoy_v3_api_enum_type.v3.RateLimitUnit>`
+	MetadataKey *v35.MetadataKey `protobuf:"bytes,1,opt,name=metadata_key,json=metadataKey,proto3" json:"metadata_key,omitempty"`
+}
+
+func (x *RateLimit_Override_DynamicMetadata) Reset() {
+	*x = RateLimit_Override_DynamicMetadata{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_config_route_v3_route_components_proto_msgTypes[52]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *RateLimit_Override_DynamicMetadata) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*RateLimit_Override_DynamicMetadata) ProtoMessage() {}
+
+func (x *RateLimit_Override_DynamicMetadata) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_config_route_v3_route_components_proto_msgTypes[52]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use RateLimit_Override_DynamicMetadata.ProtoReflect.Descriptor instead.
+func (*RateLimit_Override_DynamicMetadata) Descriptor() ([]byte, []int) {
+	return file_envoy_config_route_v3_route_components_proto_rawDescGZIP(), []int{15, 1, 0}
+}
+
+func (x *RateLimit_Override_DynamicMetadata) GetMetadataKey() *v35.MetadataKey {
+	if x != nil {
+		return x.MetadataKey
+	}
+	return nil
+}
+
+var File_envoy_config_route_v3_route_components_proto protoreflect.FileDescriptor
+
+var file_envoy_config_route_v3_route_components_proto_rawDesc = []byte{
+	0x0a, 0x2c, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2f, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2f, 0x72,
+	0x6f, 0x75, 0x74, 0x65, 0x2f, 0x76, 0x33, 0x2f, 0x72, 0x6f, 0x75, 0x74, 0x65, 0x5f, 0x63, 0x6f,
+	0x6d, 0x70, 0x6f, 0x6e, 0x65, 0x6e, 0x74, 0x73, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x12, 0x15,
+	0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x72, 0x6f, 0x75,
+	0x74, 0x65, 0x2e, 0x76, 0x33, 0x1a, 0x1f, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2f, 0x63, 0x6f, 0x6e,
+	0x66, 0x69, 0x67, 0x2f, 0x63, 0x6f, 0x72, 0x65, 0x2f, 0x76, 0x33, 0x2f, 0x62, 0x61, 0x73, 0x65,
+	0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x24, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2f, 0x63, 0x6f,
+	0x6e, 0x66, 0x69, 0x67, 0x2f, 0x63, 0x6f, 0x72, 0x65, 0x2f, 0x76, 0x33, 0x2f, 0x65, 0x78, 0x74,
+	0x65, 0x6e, 0x73, 0x69, 0x6f, 0x6e, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x29, 0x65, 0x6e,
+	0x76, 0x6f, 0x79, 0x2f, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2f, 0x63, 0x6f, 0x72, 0x65, 0x2f,
+	0x76, 0x33, 0x2f, 0x70, 0x72, 0x6f, 0x78, 0x79, 0x5f, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x63, 0x6f,
+	0x6c, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x24, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2f, 0x74,
+	0x79, 0x70, 0x65, 0x2f, 0x6d, 0x61, 0x74, 0x63, 0x68, 0x65, 0x72, 0x2f, 0x76, 0x33, 0x2f, 0x6d,
+	0x65, 0x74, 0x61, 0x64, 0x61, 0x74, 0x61, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x21, 0x65,
+	0x6e, 0x76, 0x6f, 0x79, 0x2f, 0x74, 0x79, 0x70, 0x65, 0x2f, 0x6d, 0x61, 0x74, 0x63, 0x68, 0x65,
+	0x72, 0x2f, 0x76, 0x33, 0x2f, 0x72, 0x65, 0x67, 0x65, 0x78, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f,
+	0x1a, 0x22, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2f, 0x74, 0x79, 0x70, 0x65, 0x2f, 0x6d, 0x61, 0x74,
+	0x63, 0x68, 0x65, 0x72, 0x2f, 0x76, 0x33, 0x2f, 0x73, 0x74, 0x72, 0x69, 0x6e, 0x67, 0x2e, 0x70,
+	0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x25, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2f, 0x74, 0x79, 0x70, 0x65,
+	0x2f, 0x6d, 0x65, 0x74, 0x61, 0x64, 0x61, 0x74, 0x61, 0x2f, 0x76, 0x33, 0x2f, 0x6d, 0x65, 0x74,
+	0x61, 0x64, 0x61, 0x74, 0x61, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x26, 0x65, 0x6e, 0x76,
+	0x6f, 0x79, 0x2f, 0x74, 0x79, 0x70, 0x65, 0x2f, 0x74, 0x72, 0x61, 0x63, 0x69, 0x6e, 0x67, 0x2f,
+	0x76, 0x33, 0x2f, 0x63, 0x75, 0x73, 0x74, 0x6f, 0x6d, 0x5f, 0x74, 0x61, 0x67, 0x2e, 0x70, 0x72,
+	0x6f, 0x74, 0x6f, 0x1a, 0x1b, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2f, 0x74, 0x79, 0x70, 0x65, 0x2f,
+	0x76, 0x33, 0x2f, 0x70, 0x65, 0x72, 0x63, 0x65, 0x6e, 0x74, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f,
+	0x1a, 0x19, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2f, 0x74, 0x79, 0x70, 0x65, 0x2f, 0x76, 0x33, 0x2f,
+	0x72, 0x61, 0x6e, 0x67, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x19, 0x67, 0x6f, 0x6f,
+	0x67, 0x6c, 0x65, 0x2f, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2f, 0x61, 0x6e, 0x79,
+	0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x1e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2f, 0x70,
+	0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2f, 0x64, 0x75, 0x72, 0x61, 0x74, 0x69, 0x6f, 0x6e,
+	0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x1e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2f, 0x70,
+	0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2f, 0x77, 0x72, 0x61, 0x70, 0x70, 0x65, 0x72, 0x73,
+	0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x1f, 0x78, 0x64, 0x73, 0x2f, 0x61, 0x6e, 0x6e, 0x6f,
+	0x74, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x2f, 0x76, 0x33, 0x2f, 0x73, 0x74, 0x61, 0x74, 0x75,
+	0x73, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x21, 0x78, 0x64, 0x73, 0x2f, 0x74, 0x79, 0x70,
+	0x65, 0x2f, 0x6d, 0x61, 0x74, 0x63, 0x68, 0x65, 0x72, 0x2f, 0x76, 0x33, 0x2f, 0x6d, 0x61, 0x74,
+	0x63, 0x68, 0x65, 0x72, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x23, 0x65, 0x6e, 0x76, 0x6f,
+	0x79, 0x2f, 0x61, 0x6e, 0x6e, 0x6f, 0x74, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x2f, 0x64, 0x65,
+	0x70, 0x72, 0x65, 0x63, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a,
+	0x1e, 0x75, 0x64, 0x70, 0x61, 0x2f, 0x61, 0x6e, 0x6e, 0x6f, 0x74, 0x61, 0x74, 0x69, 0x6f, 0x6e,
+	0x73, 0x2f, 0x6d, 0x69, 0x67, 0x72, 0x61, 0x74, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a,
+	0x1d, 0x75, 0x64, 0x70, 0x61, 0x2f, 0x61, 0x6e, 0x6e, 0x6f, 0x74, 0x61, 0x74, 0x69, 0x6f, 0x6e,
+	0x73, 0x2f, 0x73, 0x74, 0x61, 0x74, 0x75, 0x73, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x21,
+	0x75, 0x64, 0x70, 0x61, 0x2f, 0x61, 0x6e, 0x6e, 0x6f, 0x74, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x73,
+	0x2f, 0x76, 0x65, 0x72, 0x73, 0x69, 0x6f, 0x6e, 0x69, 0x6e, 0x67, 0x2e, 0x70, 0x72, 0x6f, 0x74,
+	0x6f, 0x1a, 0x17, 0x76, 0x61, 0x6c, 0x69, 0x64, 0x61, 0x74, 0x65, 0x2f, 0x76, 0x61, 0x6c, 0x69,
+	0x64, 0x61, 0x74, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x22, 0x96, 0x0d, 0x0a, 0x0b, 0x56,
+	0x69, 0x72, 0x74, 0x75, 0x61, 0x6c, 0x48, 0x6f, 0x73, 0x74, 0x12, 0x1b, 0x0a, 0x04, 0x6e, 0x61,
+	0x6d, 0x65, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x42, 0x07, 0xfa, 0x42, 0x04, 0x72, 0x02, 0x10,
+	0x01, 0x52, 0x04, 0x6e, 0x61, 0x6d, 0x65, 0x12, 0x2c, 0x0a, 0x07, 0x64, 0x6f, 0x6d, 0x61, 0x69,
+	0x6e, 0x73, 0x18, 0x02, 0x20, 0x03, 0x28, 0x09, 0x42, 0x12, 0xfa, 0x42, 0x0f, 0x92, 0x01, 0x0c,
+	0x08, 0x01, 0x22, 0x08, 0x72, 0x06, 0xc0, 0x01, 0x02, 0xc8, 0x01, 0x00, 0x52, 0x07, 0x64, 0x6f,
+	0x6d, 0x61, 0x69, 0x6e, 0x73, 0x12, 0x34, 0x0a, 0x06, 0x72, 0x6f, 0x75, 0x74, 0x65, 0x73, 0x18,
+	0x03, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x1c, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f,
+	0x6e, 0x66, 0x69, 0x67, 0x2e, 0x72, 0x6f, 0x75, 0x74, 0x65, 0x2e, 0x76, 0x33, 0x2e, 0x52, 0x6f,
+	0x75, 0x74, 0x65, 0x52, 0x06, 0x72, 0x6f, 0x75, 0x74, 0x65, 0x73, 0x12, 0x40, 0x0a, 0x07, 0x6d,
+	0x61, 0x74, 0x63, 0x68, 0x65, 0x72, 0x18, 0x15, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1c, 0x2e, 0x78,
+	0x64, 0x73, 0x2e, 0x74, 0x79, 0x70, 0x65, 0x2e, 0x6d, 0x61, 0x74, 0x63, 0x68, 0x65, 0x72, 0x2e,
+	0x76, 0x33, 0x2e, 0x4d, 0x61, 0x74, 0x63, 0x68, 0x65, 0x72, 0x42, 0x08, 0xd2, 0xc6, 0xa4, 0xe1,
+	0x06, 0x02, 0x08, 0x01, 0x52, 0x07, 0x6d, 0x61, 0x74, 0x63, 0x68, 0x65, 0x72, 0x12, 0x60, 0x0a,
+	0x0b, 0x72, 0x65, 0x71, 0x75, 0x69, 0x72, 0x65, 0x5f, 0x74, 0x6c, 0x73, 0x18, 0x04, 0x20, 0x01,
+	0x28, 0x0e, 0x32, 0x35, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69,
+	0x67, 0x2e, 0x72, 0x6f, 0x75, 0x74, 0x65, 0x2e, 0x76, 0x33, 0x2e, 0x56, 0x69, 0x72, 0x74, 0x75,
+	0x61, 0x6c, 0x48, 0x6f, 0x73, 0x74, 0x2e, 0x54, 0x6c, 0x73, 0x52, 0x65, 0x71, 0x75, 0x69, 0x72,
+	0x65, 0x6d, 0x65, 0x6e, 0x74, 0x54, 0x79, 0x70, 0x65, 0x42, 0x08, 0xfa, 0x42, 0x05, 0x82, 0x01,
+	0x02, 0x10, 0x01, 0x52, 0x0a, 0x72, 0x65, 0x71, 0x75, 0x69, 0x72, 0x65, 0x54, 0x6c, 0x73, 0x12,
+	0x50, 0x0a, 0x10, 0x76, 0x69, 0x72, 0x74, 0x75, 0x61, 0x6c, 0x5f, 0x63, 0x6c, 0x75, 0x73, 0x74,
+	0x65, 0x72, 0x73, 0x18, 0x05, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x25, 0x2e, 0x65, 0x6e, 0x76, 0x6f,
+	0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x72, 0x6f, 0x75, 0x74, 0x65, 0x2e, 0x76,
+	0x33, 0x2e, 0x56, 0x69, 0x72, 0x74, 0x75, 0x61, 0x6c, 0x43, 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72,
+	0x52, 0x0f, 0x76, 0x69, 0x72, 0x74, 0x75, 0x61, 0x6c, 0x43, 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72,
+	0x73, 0x12, 0x41, 0x0a, 0x0b, 0x72, 0x61, 0x74, 0x65, 0x5f, 0x6c, 0x69, 0x6d, 0x69, 0x74, 0x73,
+	0x18, 0x06, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x20, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63,
+	0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x72, 0x6f, 0x75, 0x74, 0x65, 0x2e, 0x76, 0x33, 0x2e, 0x52,
+	0x61, 0x74, 0x65, 0x4c, 0x69, 0x6d, 0x69, 0x74, 0x52, 0x0a, 0x72, 0x61, 0x74, 0x65, 0x4c, 0x69,
+	0x6d, 0x69, 0x74, 0x73, 0x12, 0x67, 0x0a, 0x16, 0x72, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x5f,
+	0x68, 0x65, 0x61, 0x64, 0x65, 0x72, 0x73, 0x5f, 0x74, 0x6f, 0x5f, 0x61, 0x64, 0x64, 0x18, 0x07,
+	0x20, 0x03, 0x28, 0x0b, 0x32, 0x27, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e,
+	0x66, 0x69, 0x67, 0x2e, 0x63, 0x6f, 0x72, 0x65, 0x2e, 0x76, 0x33, 0x2e, 0x48, 0x65, 0x61, 0x64,
+	0x65, 0x72, 0x56, 0x61, 0x6c, 0x75, 0x65, 0x4f, 0x70, 0x74, 0x69, 0x6f, 0x6e, 0x42, 0x09, 0xfa,
+	0x42, 0x06, 0x92, 0x01, 0x03, 0x10, 0xe8, 0x07, 0x52, 0x13, 0x72, 0x65, 0x71, 0x75, 0x65, 0x73,
+	0x74, 0x48, 0x65, 0x61, 0x64, 0x65, 0x72, 0x73, 0x54, 0x6f, 0x41, 0x64, 0x64, 0x12, 0x4d, 0x0a,
+	0x19, 0x72, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x5f, 0x68, 0x65, 0x61, 0x64, 0x65, 0x72, 0x73,
+	0x5f, 0x74, 0x6f, 0x5f, 0x72, 0x65, 0x6d, 0x6f, 0x76, 0x65, 0x18, 0x0d, 0x20, 0x03, 0x28, 0x09,
+	0x42, 0x12, 0xfa, 0x42, 0x0f, 0x92, 0x01, 0x0c, 0x22, 0x0a, 0x72, 0x08, 0x10, 0x01, 0xc0, 0x01,
+	0x01, 0xc8, 0x01, 0x00, 0x52, 0x16, 0x72, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x48, 0x65, 0x61,
+	0x64, 0x65, 0x72, 0x73, 0x54, 0x6f, 0x52, 0x65, 0x6d, 0x6f, 0x76, 0x65, 0x12, 0x69, 0x0a, 0x17,
+	0x72, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x5f, 0x68, 0x65, 0x61, 0x64, 0x65, 0x72, 0x73,
+	0x5f, 0x74, 0x6f, 0x5f, 0x61, 0x64, 0x64, 0x18, 0x0a, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x27, 0x2e,
+	0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x63, 0x6f, 0x72,
+	0x65, 0x2e, 0x76, 0x33, 0x2e, 0x48, 0x65, 0x61, 0x64, 0x65, 0x72, 0x56, 0x61, 0x6c, 0x75, 0x65,
+	0x4f, 0x70, 0x74, 0x69, 0x6f, 0x6e, 0x42, 0x09, 0xfa, 0x42, 0x06, 0x92, 0x01, 0x03, 0x10, 0xe8,
+	0x07, 0x52, 0x14, 0x72, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x48, 0x65, 0x61, 0x64, 0x65,
+	0x72, 0x73, 0x54, 0x6f, 0x41, 0x64, 0x64, 0x12, 0x4f, 0x0a, 0x1a, 0x72, 0x65, 0x73, 0x70, 0x6f,
+	0x6e, 0x73, 0x65, 0x5f, 0x68, 0x65, 0x61, 0x64, 0x65, 0x72, 0x73, 0x5f, 0x74, 0x6f, 0x5f, 0x72,
+	0x65, 0x6d, 0x6f, 0x76, 0x65, 0x18, 0x0b, 0x20, 0x03, 0x28, 0x09, 0x42, 0x12, 0xfa, 0x42, 0x0f,
+	0x92, 0x01, 0x0c, 0x22, 0x0a, 0x72, 0x08, 0x10, 0x01, 0xc0, 0x01, 0x01, 0xc8, 0x01, 0x00, 0x52,
+	0x17, 0x72, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x48, 0x65, 0x61, 0x64, 0x65, 0x72, 0x73,
+	0x54, 0x6f, 0x52, 0x65, 0x6d, 0x6f, 0x76, 0x65, 0x12, 0x35, 0x0a, 0x04, 0x63, 0x6f, 0x72, 0x73,
+	0x18, 0x08, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x21, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63,
+	0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x72, 0x6f, 0x75, 0x74, 0x65, 0x2e, 0x76, 0x33, 0x2e, 0x43,
+	0x6f, 0x72, 0x73, 0x50, 0x6f, 0x6c, 0x69, 0x63, 0x79, 0x52, 0x04, 0x63, 0x6f, 0x72, 0x73, 0x12,
+	0x73, 0x0a, 0x17, 0x74, 0x79, 0x70, 0x65, 0x64, 0x5f, 0x70, 0x65, 0x72, 0x5f, 0x66, 0x69, 0x6c,
+	0x74, 0x65, 0x72, 0x5f, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x18, 0x0f, 0x20, 0x03, 0x28, 0x0b,
+	0x32, 0x3c, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e,
+	0x72, 0x6f, 0x75, 0x74, 0x65, 0x2e, 0x76, 0x33, 0x2e, 0x56, 0x69, 0x72, 0x74, 0x75, 0x61, 0x6c,
+	0x48, 0x6f, 0x73, 0x74, 0x2e, 0x54, 0x79, 0x70, 0x65, 0x64, 0x50, 0x65, 0x72, 0x46, 0x69, 0x6c,
+	0x74, 0x65, 0x72, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x45, 0x6e, 0x74, 0x72, 0x79, 0x52, 0x14,
+	0x74, 0x79, 0x70, 0x65, 0x64, 0x50, 0x65, 0x72, 0x46, 0x69, 0x6c, 0x74, 0x65, 0x72, 0x43, 0x6f,
+	0x6e, 0x66, 0x69, 0x67, 0x12, 0x41, 0x0a, 0x1d, 0x69, 0x6e, 0x63, 0x6c, 0x75, 0x64, 0x65, 0x5f,
+	0x72, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x5f, 0x61, 0x74, 0x74, 0x65, 0x6d, 0x70, 0x74, 0x5f,
+	0x63, 0x6f, 0x75, 0x6e, 0x74, 0x18, 0x0e, 0x20, 0x01, 0x28, 0x08, 0x52, 0x1a, 0x69, 0x6e, 0x63,
+	0x6c, 0x75, 0x64, 0x65, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x41, 0x74, 0x74, 0x65, 0x6d,
+	0x70, 0x74, 0x43, 0x6f, 0x75, 0x6e, 0x74, 0x12, 0x48, 0x0a, 0x21, 0x69, 0x6e, 0x63, 0x6c, 0x75,
+	0x64, 0x65, 0x5f, 0x61, 0x74, 0x74, 0x65, 0x6d, 0x70, 0x74, 0x5f, 0x63, 0x6f, 0x75, 0x6e, 0x74,
+	0x5f, 0x69, 0x6e, 0x5f, 0x72, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x18, 0x13, 0x20, 0x01,
+	0x28, 0x08, 0x52, 0x1d, 0x69, 0x6e, 0x63, 0x6c, 0x75, 0x64, 0x65, 0x41, 0x74, 0x74, 0x65, 0x6d,
+	0x70, 0x74, 0x43, 0x6f, 0x75, 0x6e, 0x74, 0x49, 0x6e, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73,
+	0x65, 0x12, 0x45, 0x0a, 0x0c, 0x72, 0x65, 0x74, 0x72, 0x79, 0x5f, 0x70, 0x6f, 0x6c, 0x69, 0x63,
+	0x79, 0x18, 0x10, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x22, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e,
+	0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x72, 0x6f, 0x75, 0x74, 0x65, 0x2e, 0x76, 0x33, 0x2e,
+	0x52, 0x65, 0x74, 0x72, 0x79, 0x50, 0x6f, 0x6c, 0x69, 0x63, 0x79, 0x52, 0x0b, 0x72, 0x65, 0x74,
+	0x72, 0x79, 0x50, 0x6f, 0x6c, 0x69, 0x63, 0x79, 0x12, 0x4f, 0x0a, 0x19, 0x72, 0x65, 0x74, 0x72,
+	0x79, 0x5f, 0x70, 0x6f, 0x6c, 0x69, 0x63, 0x79, 0x5f, 0x74, 0x79, 0x70, 0x65, 0x64, 0x5f, 0x63,
+	0x6f, 0x6e, 0x66, 0x69, 0x67, 0x18, 0x14, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x14, 0x2e, 0x67, 0x6f,
+	0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x41, 0x6e,
+	0x79, 0x52, 0x16, 0x72, 0x65, 0x74, 0x72, 0x79, 0x50, 0x6f, 0x6c, 0x69, 0x63, 0x79, 0x54, 0x79,
+	0x70, 0x65, 0x64, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x12, 0x45, 0x0a, 0x0c, 0x68, 0x65, 0x64,
+	0x67, 0x65, 0x5f, 0x70, 0x6f, 0x6c, 0x69, 0x63, 0x79, 0x18, 0x11, 0x20, 0x01, 0x28, 0x0b, 0x32,
+	0x22, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x72,
+	0x6f, 0x75, 0x74, 0x65, 0x2e, 0x76, 0x33, 0x2e, 0x48, 0x65, 0x64, 0x67, 0x65, 0x50, 0x6f, 0x6c,
+	0x69, 0x63, 0x79, 0x52, 0x0b, 0x68, 0x65, 0x64, 0x67, 0x65, 0x50, 0x6f, 0x6c, 0x69, 0x63, 0x79,
+	0x12, 0x60, 0x0a, 0x1e, 0x70, 0x65, 0x72, 0x5f, 0x72, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x5f,
+	0x62, 0x75, 0x66, 0x66, 0x65, 0x72, 0x5f, 0x6c, 0x69, 0x6d, 0x69, 0x74, 0x5f, 0x62, 0x79, 0x74,
+	0x65, 0x73, 0x18, 0x12, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1c, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c,
+	0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x55, 0x49, 0x6e, 0x74, 0x33,
+	0x32, 0x56, 0x61, 0x6c, 0x75, 0x65, 0x52, 0x1a, 0x70, 0x65, 0x72, 0x52, 0x65, 0x71, 0x75, 0x65,
+	0x73, 0x74, 0x42, 0x75, 0x66, 0x66, 0x65, 0x72, 0x4c, 0x69, 0x6d, 0x69, 0x74, 0x42, 0x79, 0x74,
+	0x65, 0x73, 0x1a, 0x5d, 0x0a, 0x19, 0x54, 0x79, 0x70, 0x65, 0x64, 0x50, 0x65, 0x72, 0x46, 0x69,
+	0x6c, 0x74, 0x65, 0x72, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x45, 0x6e, 0x74, 0x72, 0x79, 0x12,
+	0x10, 0x0a, 0x03, 0x6b, 0x65, 0x79, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x03, 0x6b, 0x65,
+	0x79, 0x12, 0x2a, 0x0a, 0x05, 0x76, 0x61, 0x6c, 0x75, 0x65, 0x18, 0x02, 0x20, 0x01, 0x28, 0x0b,
+	0x32, 0x14, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62,
+	0x75, 0x66, 0x2e, 0x41, 0x6e, 0x79, 0x52, 0x05, 0x76, 0x61, 0x6c, 0x75, 0x65, 0x3a, 0x02, 0x38,
+	0x01, 0x22, 0x3a, 0x0a, 0x12, 0x54, 0x6c, 0x73, 0x52, 0x65, 0x71, 0x75, 0x69, 0x72, 0x65, 0x6d,
+	0x65, 0x6e, 0x74, 0x54, 0x79, 0x70, 0x65, 0x12, 0x08, 0x0a, 0x04, 0x4e, 0x4f, 0x4e, 0x45, 0x10,
+	0x00, 0x12, 0x11, 0x0a, 0x0d, 0x45, 0x58, 0x54, 0x45, 0x52, 0x4e, 0x41, 0x4c, 0x5f, 0x4f, 0x4e,
+	0x4c, 0x59, 0x10, 0x01, 0x12, 0x07, 0x0a, 0x03, 0x41, 0x4c, 0x4c, 0x10, 0x02, 0x3a, 0x25, 0x9a,
+	0xc5, 0x88, 0x1e, 0x20, 0x0a, 0x1e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61, 0x70, 0x69, 0x2e,
+	0x76, 0x32, 0x2e, 0x72, 0x6f, 0x75, 0x74, 0x65, 0x2e, 0x56, 0x69, 0x72, 0x74, 0x75, 0x61, 0x6c,
+	0x48, 0x6f, 0x73, 0x74, 0x4a, 0x04, 0x08, 0x09, 0x10, 0x0a, 0x4a, 0x04, 0x08, 0x0c, 0x10, 0x0d,
+	0x52, 0x11, 0x70, 0x65, 0x72, 0x5f, 0x66, 0x69, 0x6c, 0x74, 0x65, 0x72, 0x5f, 0x63, 0x6f, 0x6e,
+	0x66, 0x69, 0x67, 0x22, 0x64, 0x0a, 0x0c, 0x46, 0x69, 0x6c, 0x74, 0x65, 0x72, 0x41, 0x63, 0x74,
+	0x69, 0x6f, 0x6e, 0x12, 0x2c, 0x0a, 0x06, 0x61, 0x63, 0x74, 0x69, 0x6f, 0x6e, 0x18, 0x01, 0x20,
+	0x01, 0x28, 0x0b, 0x32, 0x14, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f,
+	0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x41, 0x6e, 0x79, 0x52, 0x06, 0x61, 0x63, 0x74, 0x69, 0x6f,
+	0x6e, 0x3a, 0x26, 0x9a, 0xc5, 0x88, 0x1e, 0x21, 0x0a, 0x1f, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e,
+	0x61, 0x70, 0x69, 0x2e, 0x76, 0x32, 0x2e, 0x72, 0x6f, 0x75, 0x74, 0x65, 0x2e, 0x46, 0x69, 0x6c,
+	0x74, 0x65, 0x72, 0x41, 0x63, 0x74, 0x69, 0x6f, 0x6e, 0x22, 0x8e, 0x0b, 0x0a, 0x05, 0x52, 0x6f,
+	0x75, 0x74, 0x65, 0x12, 0x12, 0x0a, 0x04, 0x6e, 0x61, 0x6d, 0x65, 0x18, 0x0e, 0x20, 0x01, 0x28,
+	0x09, 0x52, 0x04, 0x6e, 0x61, 0x6d, 0x65, 0x12, 0x41, 0x0a, 0x05, 0x6d, 0x61, 0x74, 0x63, 0x68,
+	0x18, 0x01, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x21, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63,
+	0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x72, 0x6f, 0x75, 0x74, 0x65, 0x2e, 0x76, 0x33, 0x2e, 0x52,
+	0x6f, 0x75, 0x74, 0x65, 0x4d, 0x61, 0x74, 0x63, 0x68, 0x42, 0x08, 0xfa, 0x42, 0x05, 0x8a, 0x01,
+	0x02, 0x10, 0x01, 0x52, 0x05, 0x6d, 0x61, 0x74, 0x63, 0x68, 0x12, 0x3a, 0x0a, 0x05, 0x72, 0x6f,
+	0x75, 0x74, 0x65, 0x18, 0x02, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x22, 0x2e, 0x65, 0x6e, 0x76, 0x6f,
+	0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x72, 0x6f, 0x75, 0x74, 0x65, 0x2e, 0x76,
+	0x33, 0x2e, 0x52, 0x6f, 0x75, 0x74, 0x65, 0x41, 0x63, 0x74, 0x69, 0x6f, 0x6e, 0x48, 0x00, 0x52,
+	0x05, 0x72, 0x6f, 0x75, 0x74, 0x65, 0x12, 0x43, 0x0a, 0x08, 0x72, 0x65, 0x64, 0x69, 0x72, 0x65,
+	0x63, 0x74, 0x18, 0x03, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x25, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79,
+	0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x72, 0x6f, 0x75, 0x74, 0x65, 0x2e, 0x76, 0x33,
+	0x2e, 0x52, 0x65, 0x64, 0x69, 0x72, 0x65, 0x63, 0x74, 0x41, 0x63, 0x74, 0x69, 0x6f, 0x6e, 0x48,
+	0x00, 0x52, 0x08, 0x72, 0x65, 0x64, 0x69, 0x72, 0x65, 0x63, 0x74, 0x12, 0x56, 0x0a, 0x0f, 0x64,
+	0x69, 0x72, 0x65, 0x63, 0x74, 0x5f, 0x72, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x18, 0x07,
+	0x20, 0x01, 0x28, 0x0b, 0x32, 0x2b, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e,
+	0x66, 0x69, 0x67, 0x2e, 0x72, 0x6f, 0x75, 0x74, 0x65, 0x2e, 0x76, 0x33, 0x2e, 0x44, 0x69, 0x72,
+	0x65, 0x63, 0x74, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x41, 0x63, 0x74, 0x69, 0x6f,
+	0x6e, 0x48, 0x00, 0x52, 0x0e, 0x64, 0x69, 0x72, 0x65, 0x63, 0x74, 0x52, 0x65, 0x73, 0x70, 0x6f,
+	0x6e, 0x73, 0x65, 0x12, 0x4a, 0x0a, 0x0d, 0x66, 0x69, 0x6c, 0x74, 0x65, 0x72, 0x5f, 0x61, 0x63,
+	0x74, 0x69, 0x6f, 0x6e, 0x18, 0x11, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x23, 0x2e, 0x65, 0x6e, 0x76,
+	0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x72, 0x6f, 0x75, 0x74, 0x65, 0x2e,
+	0x76, 0x33, 0x2e, 0x46, 0x69, 0x6c, 0x74, 0x65, 0x72, 0x41, 0x63, 0x74, 0x69, 0x6f, 0x6e, 0x48,
+	0x00, 0x52, 0x0c, 0x66, 0x69, 0x6c, 0x74, 0x65, 0x72, 0x41, 0x63, 0x74, 0x69, 0x6f, 0x6e, 0x12,
+	0x60, 0x0a, 0x15, 0x6e, 0x6f, 0x6e, 0x5f, 0x66, 0x6f, 0x72, 0x77, 0x61, 0x72, 0x64, 0x69, 0x6e,
+	0x67, 0x5f, 0x61, 0x63, 0x74, 0x69, 0x6f, 0x6e, 0x18, 0x12, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x2a,
+	0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x72, 0x6f,
+	0x75, 0x74, 0x65, 0x2e, 0x76, 0x33, 0x2e, 0x4e, 0x6f, 0x6e, 0x46, 0x6f, 0x72, 0x77, 0x61, 0x72,
+	0x64, 0x69, 0x6e, 0x67, 0x41, 0x63, 0x74, 0x69, 0x6f, 0x6e, 0x48, 0x00, 0x52, 0x13, 0x6e, 0x6f,
+	0x6e, 0x46, 0x6f, 0x72, 0x77, 0x61, 0x72, 0x64, 0x69, 0x6e, 0x67, 0x41, 0x63, 0x74, 0x69, 0x6f,
+	0x6e, 0x12, 0x3a, 0x0a, 0x08, 0x6d, 0x65, 0x74, 0x61, 0x64, 0x61, 0x74, 0x61, 0x18, 0x04, 0x20,
+	0x01, 0x28, 0x0b, 0x32, 0x1e, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66,
+	0x69, 0x67, 0x2e, 0x63, 0x6f, 0x72, 0x65, 0x2e, 0x76, 0x33, 0x2e, 0x4d, 0x65, 0x74, 0x61, 0x64,
+	0x61, 0x74, 0x61, 0x52, 0x08, 0x6d, 0x65, 0x74, 0x61, 0x64, 0x61, 0x74, 0x61, 0x12, 0x3e, 0x0a,
+	0x09, 0x64, 0x65, 0x63, 0x6f, 0x72, 0x61, 0x74, 0x6f, 0x72, 0x18, 0x05, 0x20, 0x01, 0x28, 0x0b,
+	0x32, 0x20, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e,
+	0x72, 0x6f, 0x75, 0x74, 0x65, 0x2e, 0x76, 0x33, 0x2e, 0x44, 0x65, 0x63, 0x6f, 0x72, 0x61, 0x74,
+	0x6f, 0x72, 0x52, 0x09, 0x64, 0x65, 0x63, 0x6f, 0x72, 0x61, 0x74, 0x6f, 0x72, 0x12, 0x6d, 0x0a,
+	0x17, 0x74, 0x79, 0x70, 0x65, 0x64, 0x5f, 0x70, 0x65, 0x72, 0x5f, 0x66, 0x69, 0x6c, 0x74, 0x65,
+	0x72, 0x5f, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x18, 0x0d, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x36,
+	0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x72, 0x6f,
+	0x75, 0x74, 0x65, 0x2e, 0x76, 0x33, 0x2e, 0x52, 0x6f, 0x75, 0x74, 0x65, 0x2e, 0x54, 0x79, 0x70,
+	0x65, 0x64, 0x50, 0x65, 0x72, 0x46, 0x69, 0x6c, 0x74, 0x65, 0x72, 0x43, 0x6f, 0x6e, 0x66, 0x69,
+	0x67, 0x45, 0x6e, 0x74, 0x72, 0x79, 0x52, 0x14, 0x74, 0x79, 0x70, 0x65, 0x64, 0x50, 0x65, 0x72,
+	0x46, 0x69, 0x6c, 0x74, 0x65, 0x72, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x12, 0x67, 0x0a, 0x16,
+	0x72, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x5f, 0x68, 0x65, 0x61, 0x64, 0x65, 0x72, 0x73, 0x5f,
+	0x74, 0x6f, 0x5f, 0x61, 0x64, 0x64, 0x18, 0x09, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x27, 0x2e, 0x65,
+	0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x63, 0x6f, 0x72, 0x65,
+	0x2e, 0x76, 0x33, 0x2e, 0x48, 0x65, 0x61, 0x64, 0x65, 0x72, 0x56, 0x61, 0x6c, 0x75, 0x65, 0x4f,
+	0x70, 0x74, 0x69, 0x6f, 0x6e, 0x42, 0x09, 0xfa, 0x42, 0x06, 0x92, 0x01, 0x03, 0x10, 0xe8, 0x07,
+	0x52, 0x13, 0x72, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x48, 0x65, 0x61, 0x64, 0x65, 0x72, 0x73,
+	0x54, 0x6f, 0x41, 0x64, 0x64, 0x12, 0x4d, 0x0a, 0x19, 0x72, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74,
+	0x5f, 0x68, 0x65, 0x61, 0x64, 0x65, 0x72, 0x73, 0x5f, 0x74, 0x6f, 0x5f, 0x72, 0x65, 0x6d, 0x6f,
+	0x76, 0x65, 0x18, 0x0c, 0x20, 0x03, 0x28, 0x09, 0x42, 0x12, 0xfa, 0x42, 0x0f, 0x92, 0x01, 0x0c,
+	0x22, 0x0a, 0x72, 0x08, 0x10, 0x01, 0xc0, 0x01, 0x01, 0xc8, 0x01, 0x00, 0x52, 0x16, 0x72, 0x65,
+	0x71, 0x75, 0x65, 0x73, 0x74, 0x48, 0x65, 0x61, 0x64, 0x65, 0x72, 0x73, 0x54, 0x6f, 0x52, 0x65,
+	0x6d, 0x6f, 0x76, 0x65, 0x12, 0x69, 0x0a, 0x17, 0x72, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65,
+	0x5f, 0x68, 0x65, 0x61, 0x64, 0x65, 0x72, 0x73, 0x5f, 0x74, 0x6f, 0x5f, 0x61, 0x64, 0x64, 0x18,
+	0x0a, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x27, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f,
+	0x6e, 0x66, 0x69, 0x67, 0x2e, 0x63, 0x6f, 0x72, 0x65, 0x2e, 0x76, 0x33, 0x2e, 0x48, 0x65, 0x61,
+	0x64, 0x65, 0x72, 0x56, 0x61, 0x6c, 0x75, 0x65, 0x4f, 0x70, 0x74, 0x69, 0x6f, 0x6e, 0x42, 0x09,
+	0xfa, 0x42, 0x06, 0x92, 0x01, 0x03, 0x10, 0xe8, 0x07, 0x52, 0x14, 0x72, 0x65, 0x73, 0x70, 0x6f,
+	0x6e, 0x73, 0x65, 0x48, 0x65, 0x61, 0x64, 0x65, 0x72, 0x73, 0x54, 0x6f, 0x41, 0x64, 0x64, 0x12,
+	0x4f, 0x0a, 0x1a, 0x72, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x5f, 0x68, 0x65, 0x61, 0x64,
+	0x65, 0x72, 0x73, 0x5f, 0x74, 0x6f, 0x5f, 0x72, 0x65, 0x6d, 0x6f, 0x76, 0x65, 0x18, 0x0b, 0x20,
+	0x03, 0x28, 0x09, 0x42, 0x12, 0xfa, 0x42, 0x0f, 0x92, 0x01, 0x0c, 0x22, 0x0a, 0x72, 0x08, 0x10,
+	0x01, 0xc0, 0x01, 0x01, 0xc8, 0x01, 0x00, 0x52, 0x17, 0x72, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73,
+	0x65, 0x48, 0x65, 0x61, 0x64, 0x65, 0x72, 0x73, 0x54, 0x6f, 0x52, 0x65, 0x6d, 0x6f, 0x76, 0x65,
+	0x12, 0x38, 0x0a, 0x07, 0x74, 0x72, 0x61, 0x63, 0x69, 0x6e, 0x67, 0x18, 0x0f, 0x20, 0x01, 0x28,
+	0x0b, 0x32, 0x1e, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67,
+	0x2e, 0x72, 0x6f, 0x75, 0x74, 0x65, 0x2e, 0x76, 0x33, 0x2e, 0x54, 0x72, 0x61, 0x63, 0x69, 0x6e,
+	0x67, 0x52, 0x07, 0x74, 0x72, 0x61, 0x63, 0x69, 0x6e, 0x67, 0x12, 0x60, 0x0a, 0x1e, 0x70, 0x65,
+	0x72, 0x5f, 0x72, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x5f, 0x62, 0x75, 0x66, 0x66, 0x65, 0x72,
+	0x5f, 0x6c, 0x69, 0x6d, 0x69, 0x74, 0x5f, 0x62, 0x79, 0x74, 0x65, 0x73, 0x18, 0x10, 0x20, 0x01,
+	0x28, 0x0b, 0x32, 0x1c, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74,
+	0x6f, 0x62, 0x75, 0x66, 0x2e, 0x55, 0x49, 0x6e, 0x74, 0x33, 0x32, 0x56, 0x61, 0x6c, 0x75, 0x65,
+	0x52, 0x1a, 0x70, 0x65, 0x72, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x42, 0x75, 0x66, 0x66,
+	0x65, 0x72, 0x4c, 0x69, 0x6d, 0x69, 0x74, 0x42, 0x79, 0x74, 0x65, 0x73, 0x1a, 0x5d, 0x0a, 0x19,
+	0x54, 0x79, 0x70, 0x65, 0x64, 0x50, 0x65, 0x72, 0x46, 0x69, 0x6c, 0x74, 0x65, 0x72, 0x43, 0x6f,
+	0x6e, 0x66, 0x69, 0x67, 0x45, 0x6e, 0x74, 0x72, 0x79, 0x12, 0x10, 0x0a, 0x03, 0x6b, 0x65, 0x79,
+	0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x03, 0x6b, 0x65, 0x79, 0x12, 0x2a, 0x0a, 0x05, 0x76,
+	0x61, 0x6c, 0x75, 0x65, 0x18, 0x02, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x14, 0x2e, 0x67, 0x6f, 0x6f,
+	0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x41, 0x6e, 0x79,
+	0x52, 0x05, 0x76, 0x61, 0x6c, 0x75, 0x65, 0x3a, 0x02, 0x38, 0x01, 0x3a, 0x1f, 0x9a, 0xc5, 0x88,
+	0x1e, 0x1a, 0x0a, 0x18, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x76, 0x32,
+	0x2e, 0x72, 0x6f, 0x75, 0x74, 0x65, 0x2e, 0x52, 0x6f, 0x75, 0x74, 0x65, 0x42, 0x0d, 0x0a, 0x06,
+	0x61, 0x63, 0x74, 0x69, 0x6f, 0x6e, 0x12, 0x03, 0xf8, 0x42, 0x01, 0x4a, 0x04, 0x08, 0x06, 0x10,
+	0x07, 0x4a, 0x04, 0x08, 0x08, 0x10, 0x09, 0x52, 0x11, 0x70, 0x65, 0x72, 0x5f, 0x66, 0x69, 0x6c,
+	0x74, 0x65, 0x72, 0x5f, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x22, 0xa5, 0x0a, 0x0a, 0x0f, 0x57,
+	0x65, 0x69, 0x67, 0x68, 0x74, 0x65, 0x64, 0x43, 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0x12, 0x5a,
+	0x0a, 0x08, 0x63, 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0x73, 0x18, 0x01, 0x20, 0x03, 0x28, 0x0b,
+	0x32, 0x34, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e,
+	0x72, 0x6f, 0x75, 0x74, 0x65, 0x2e, 0x76, 0x33, 0x2e, 0x57, 0x65, 0x69, 0x67, 0x68, 0x74, 0x65,
+	0x64, 0x43, 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0x2e, 0x43, 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72,
+	0x57, 0x65, 0x69, 0x67, 0x68, 0x74, 0x42, 0x08, 0xfa, 0x42, 0x05, 0x92, 0x01, 0x02, 0x08, 0x01,
+	0x52, 0x08, 0x63, 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0x73, 0x12, 0x48, 0x0a, 0x0c, 0x74, 0x6f,
+	0x74, 0x61, 0x6c, 0x5f, 0x77, 0x65, 0x69, 0x67, 0x68, 0x74, 0x18, 0x03, 0x20, 0x01, 0x28, 0x0b,
+	0x32, 0x1c, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62,
+	0x75, 0x66, 0x2e, 0x55, 0x49, 0x6e, 0x74, 0x33, 0x32, 0x56, 0x61, 0x6c, 0x75, 0x65, 0x42, 0x07,
+	0xfa, 0x42, 0x04, 0x2a, 0x02, 0x28, 0x01, 0x52, 0x0b, 0x74, 0x6f, 0x74, 0x61, 0x6c, 0x57, 0x65,
+	0x69, 0x67, 0x68, 0x74, 0x12, 0x2c, 0x0a, 0x12, 0x72, 0x75, 0x6e, 0x74, 0x69, 0x6d, 0x65, 0x5f,
+	0x6b, 0x65, 0x79, 0x5f, 0x70, 0x72, 0x65, 0x66, 0x69, 0x78, 0x18, 0x02, 0x20, 0x01, 0x28, 0x09,
+	0x52, 0x10, 0x72, 0x75, 0x6e, 0x74, 0x69, 0x6d, 0x65, 0x4b, 0x65, 0x79, 0x50, 0x72, 0x65, 0x66,
+	0x69, 0x78, 0x1a, 0x92, 0x08, 0x0a, 0x0d, 0x43, 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0x57, 0x65,
+	0x69, 0x67, 0x68, 0x74, 0x12, 0x2d, 0x0a, 0x04, 0x6e, 0x61, 0x6d, 0x65, 0x18, 0x01, 0x20, 0x01,
+	0x28, 0x09, 0x42, 0x19, 0xf2, 0x98, 0xfe, 0x8f, 0x05, 0x13, 0x12, 0x11, 0x63, 0x6c, 0x75, 0x73,
+	0x74, 0x65, 0x72, 0x5f, 0x73, 0x70, 0x65, 0x63, 0x69, 0x66, 0x69, 0x65, 0x72, 0x52, 0x04, 0x6e,
+	0x61, 0x6d, 0x65, 0x12, 0x4b, 0x0a, 0x0e, 0x63, 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0x5f, 0x68,
+	0x65, 0x61, 0x64, 0x65, 0x72, 0x18, 0x0c, 0x20, 0x01, 0x28, 0x09, 0x42, 0x24, 0xfa, 0x42, 0x08,
+	0x72, 0x06, 0xc0, 0x01, 0x01, 0xc8, 0x01, 0x00, 0xf2, 0x98, 0xfe, 0x8f, 0x05, 0x13, 0x12, 0x11,
+	0x63, 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0x5f, 0x73, 0x70, 0x65, 0x63, 0x69, 0x66, 0x69, 0x65,
+	0x72, 0x52, 0x0d, 0x63, 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0x48, 0x65, 0x61, 0x64, 0x65, 0x72,
+	0x12, 0x34, 0x0a, 0x06, 0x77, 0x65, 0x69, 0x67, 0x68, 0x74, 0x18, 0x02, 0x20, 0x01, 0x28, 0x0b,
+	0x32, 0x1c, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62,
+	0x75, 0x66, 0x2e, 0x55, 0x49, 0x6e, 0x74, 0x33, 0x32, 0x56, 0x61, 0x6c, 0x75, 0x65, 0x52, 0x06,
+	0x77, 0x65, 0x69, 0x67, 0x68, 0x74, 0x12, 0x45, 0x0a, 0x0e, 0x6d, 0x65, 0x74, 0x61, 0x64, 0x61,
+	0x74, 0x61, 0x5f, 0x6d, 0x61, 0x74, 0x63, 0x68, 0x18, 0x03, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1e,
+	0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x63, 0x6f,
+	0x72, 0x65, 0x2e, 0x76, 0x33, 0x2e, 0x4d, 0x65, 0x74, 0x61, 0x64, 0x61, 0x74, 0x61, 0x52, 0x0d,
+	0x6d, 0x65, 0x74, 0x61, 0x64, 0x61, 0x74, 0x61, 0x4d, 0x61, 0x74, 0x63, 0x68, 0x12, 0x67, 0x0a,
+	0x16, 0x72, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x5f, 0x68, 0x65, 0x61, 0x64, 0x65, 0x72, 0x73,
+	0x5f, 0x74, 0x6f, 0x5f, 0x61, 0x64, 0x64, 0x18, 0x04, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x27, 0x2e,
+	0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x63, 0x6f, 0x72,
+	0x65, 0x2e, 0x76, 0x33, 0x2e, 0x48, 0x65, 0x61, 0x64, 0x65, 0x72, 0x56, 0x61, 0x6c, 0x75, 0x65,
+	0x4f, 0x70, 0x74, 0x69, 0x6f, 0x6e, 0x42, 0x09, 0xfa, 0x42, 0x06, 0x92, 0x01, 0x03, 0x10, 0xe8,
+	0x07, 0x52, 0x13, 0x72, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x48, 0x65, 0x61, 0x64, 0x65, 0x72,
+	0x73, 0x54, 0x6f, 0x41, 0x64, 0x64, 0x12, 0x4b, 0x0a, 0x19, 0x72, 0x65, 0x71, 0x75, 0x65, 0x73,
+	0x74, 0x5f, 0x68, 0x65, 0x61, 0x64, 0x65, 0x72, 0x73, 0x5f, 0x74, 0x6f, 0x5f, 0x72, 0x65, 0x6d,
+	0x6f, 0x76, 0x65, 0x18, 0x09, 0x20, 0x03, 0x28, 0x09, 0x42, 0x10, 0xfa, 0x42, 0x0d, 0x92, 0x01,
+	0x0a, 0x22, 0x08, 0x72, 0x06, 0xc0, 0x01, 0x01, 0xc8, 0x01, 0x00, 0x52, 0x16, 0x72, 0x65, 0x71,
+	0x75, 0x65, 0x73, 0x74, 0x48, 0x65, 0x61, 0x64, 0x65, 0x72, 0x73, 0x54, 0x6f, 0x52, 0x65, 0x6d,
+	0x6f, 0x76, 0x65, 0x12, 0x69, 0x0a, 0x17, 0x72, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x5f,
+	0x68, 0x65, 0x61, 0x64, 0x65, 0x72, 0x73, 0x5f, 0x74, 0x6f, 0x5f, 0x61, 0x64, 0x64, 0x18, 0x05,
+	0x20, 0x03, 0x28, 0x0b, 0x32, 0x27, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e,
+	0x66, 0x69, 0x67, 0x2e, 0x63, 0x6f, 0x72, 0x65, 0x2e, 0x76, 0x33, 0x2e, 0x48, 0x65, 0x61, 0x64,
+	0x65, 0x72, 0x56, 0x61, 0x6c, 0x75, 0x65, 0x4f, 0x70, 0x74, 0x69, 0x6f, 0x6e, 0x42, 0x09, 0xfa,
+	0x42, 0x06, 0x92, 0x01, 0x03, 0x10, 0xe8, 0x07, 0x52, 0x14, 0x72, 0x65, 0x73, 0x70, 0x6f, 0x6e,
+	0x73, 0x65, 0x48, 0x65, 0x61, 0x64, 0x65, 0x72, 0x73, 0x54, 0x6f, 0x41, 0x64, 0x64, 0x12, 0x4d,
+	0x0a, 0x1a, 0x72, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x5f, 0x68, 0x65, 0x61, 0x64, 0x65,
+	0x72, 0x73, 0x5f, 0x74, 0x6f, 0x5f, 0x72, 0x65, 0x6d, 0x6f, 0x76, 0x65, 0x18, 0x06, 0x20, 0x03,
+	0x28, 0x09, 0x42, 0x10, 0xfa, 0x42, 0x0d, 0x92, 0x01, 0x0a, 0x22, 0x08, 0x72, 0x06, 0xc0, 0x01,
+	0x01, 0xc8, 0x01, 0x00, 0x52, 0x17, 0x72, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x48, 0x65,
+	0x61, 0x64, 0x65, 0x72, 0x73, 0x54, 0x6f, 0x52, 0x65, 0x6d, 0x6f, 0x76, 0x65, 0x12, 0x85, 0x01,
+	0x0a, 0x17, 0x74, 0x79, 0x70, 0x65, 0x64, 0x5f, 0x70, 0x65, 0x72, 0x5f, 0x66, 0x69, 0x6c, 0x74,
+	0x65, 0x72, 0x5f, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x18, 0x0a, 0x20, 0x03, 0x28, 0x0b, 0x32,
+	0x4e, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x72,
+	0x6f, 0x75, 0x74, 0x65, 0x2e, 0x76, 0x33, 0x2e, 0x57, 0x65, 0x69, 0x67, 0x68, 0x74, 0x65, 0x64,
+	0x43, 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0x2e, 0x43, 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0x57,
+	0x65, 0x69, 0x67, 0x68, 0x74, 0x2e, 0x54, 0x79, 0x70, 0x65, 0x64, 0x50, 0x65, 0x72, 0x46, 0x69,
+	0x6c, 0x74, 0x65, 0x72, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x45, 0x6e, 0x74, 0x72, 0x79, 0x52,
+	0x14, 0x74, 0x79, 0x70, 0x65, 0x64, 0x50, 0x65, 0x72, 0x46, 0x69, 0x6c, 0x74, 0x65, 0x72, 0x43,
+	0x6f, 0x6e, 0x66, 0x69, 0x67, 0x12, 0x3f, 0x0a, 0x14, 0x68, 0x6f, 0x73, 0x74, 0x5f, 0x72, 0x65,
+	0x77, 0x72, 0x69, 0x74, 0x65, 0x5f, 0x6c, 0x69, 0x74, 0x65, 0x72, 0x61, 0x6c, 0x18, 0x0b, 0x20,
+	0x01, 0x28, 0x09, 0x42, 0x0b, 0xfa, 0x42, 0x08, 0x72, 0x06, 0xc0, 0x01, 0x02, 0xc8, 0x01, 0x00,
+	0x48, 0x00, 0x52, 0x12, 0x68, 0x6f, 0x73, 0x74, 0x52, 0x65, 0x77, 0x72, 0x69, 0x74, 0x65, 0x4c,
+	0x69, 0x74, 0x65, 0x72, 0x61, 0x6c, 0x1a, 0x5d, 0x0a, 0x19, 0x54, 0x79, 0x70, 0x65, 0x64, 0x50,
+	0x65, 0x72, 0x46, 0x69, 0x6c, 0x74, 0x65, 0x72, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x45, 0x6e,
+	0x74, 0x72, 0x79, 0x12, 0x10, 0x0a, 0x03, 0x6b, 0x65, 0x79, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09,
+	0x52, 0x03, 0x6b, 0x65, 0x79, 0x12, 0x2a, 0x0a, 0x05, 0x76, 0x61, 0x6c, 0x75, 0x65, 0x18, 0x02,
+	0x20, 0x01, 0x28, 0x0b, 0x32, 0x14, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72,
+	0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x41, 0x6e, 0x79, 0x52, 0x05, 0x76, 0x61, 0x6c, 0x75,
+	0x65, 0x3a, 0x02, 0x38, 0x01, 0x3a, 0x37, 0x9a, 0xc5, 0x88, 0x1e, 0x32, 0x0a, 0x30, 0x65, 0x6e,
+	0x76, 0x6f, 0x79, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x76, 0x32, 0x2e, 0x72, 0x6f, 0x75, 0x74, 0x65,
+	0x2e, 0x57, 0x65, 0x69, 0x67, 0x68, 0x74, 0x65, 0x64, 0x43, 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72,
+	0x2e, 0x43, 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0x57, 0x65, 0x69, 0x67, 0x68, 0x74, 0x42, 0x18,
+	0x0a, 0x16, 0x68, 0x6f, 0x73, 0x74, 0x5f, 0x72, 0x65, 0x77, 0x72, 0x69, 0x74, 0x65, 0x5f, 0x73,
+	0x70, 0x65, 0x63, 0x69, 0x66, 0x69, 0x65, 0x72, 0x4a, 0x04, 0x08, 0x07, 0x10, 0x08, 0x4a, 0x04,
+	0x08, 0x08, 0x10, 0x09, 0x52, 0x11, 0x70, 0x65, 0x72, 0x5f, 0x66, 0x69, 0x6c, 0x74, 0x65, 0x72,
+	0x5f, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x3a, 0x29, 0x9a, 0xc5, 0x88, 0x1e, 0x24, 0x0a, 0x22,
+	0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x76, 0x32, 0x2e, 0x72, 0x6f, 0x75,
+	0x74, 0x65, 0x2e, 0x57, 0x65, 0x69, 0x67, 0x68, 0x74, 0x65, 0x64, 0x43, 0x6c, 0x75, 0x73, 0x74,
+	0x65, 0x72, 0x22, 0x9e, 0x09, 0x0a, 0x0a, 0x52, 0x6f, 0x75, 0x74, 0x65, 0x4d, 0x61, 0x74, 0x63,
+	0x68, 0x12, 0x18, 0x0a, 0x06, 0x70, 0x72, 0x65, 0x66, 0x69, 0x78, 0x18, 0x01, 0x20, 0x01, 0x28,
+	0x09, 0x48, 0x00, 0x52, 0x06, 0x70, 0x72, 0x65, 0x66, 0x69, 0x78, 0x12, 0x14, 0x0a, 0x04, 0x70,
+	0x61, 0x74, 0x68, 0x18, 0x02, 0x20, 0x01, 0x28, 0x09, 0x48, 0x00, 0x52, 0x04, 0x70, 0x61, 0x74,
+	0x68, 0x12, 0x4e, 0x0a, 0x0a, 0x73, 0x61, 0x66, 0x65, 0x5f, 0x72, 0x65, 0x67, 0x65, 0x78, 0x18,
+	0x0a, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x23, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x74, 0x79,
+	0x70, 0x65, 0x2e, 0x6d, 0x61, 0x74, 0x63, 0x68, 0x65, 0x72, 0x2e, 0x76, 0x33, 0x2e, 0x52, 0x65,
+	0x67, 0x65, 0x78, 0x4d, 0x61, 0x74, 0x63, 0x68, 0x65, 0x72, 0x42, 0x08, 0xfa, 0x42, 0x05, 0x8a,
+	0x01, 0x02, 0x10, 0x01, 0x48, 0x00, 0x52, 0x09, 0x73, 0x61, 0x66, 0x65, 0x52, 0x65, 0x67, 0x65,
+	0x78, 0x12, 0x5b, 0x0a, 0x0f, 0x63, 0x6f, 0x6e, 0x6e, 0x65, 0x63, 0x74, 0x5f, 0x6d, 0x61, 0x74,
+	0x63, 0x68, 0x65, 0x72, 0x18, 0x0c, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x30, 0x2e, 0x65, 0x6e, 0x76,
+	0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x72, 0x6f, 0x75, 0x74, 0x65, 0x2e,
+	0x76, 0x33, 0x2e, 0x52, 0x6f, 0x75, 0x74, 0x65, 0x4d, 0x61, 0x74, 0x63, 0x68, 0x2e, 0x43, 0x6f,
+	0x6e, 0x6e, 0x65, 0x63, 0x74, 0x4d, 0x61, 0x74, 0x63, 0x68, 0x65, 0x72, 0x48, 0x00, 0x52, 0x0e,
+	0x63, 0x6f, 0x6e, 0x6e, 0x65, 0x63, 0x74, 0x4d, 0x61, 0x74, 0x63, 0x68, 0x65, 0x72, 0x12, 0x41,
+	0x0a, 0x0e, 0x63, 0x61, 0x73, 0x65, 0x5f, 0x73, 0x65, 0x6e, 0x73, 0x69, 0x74, 0x69, 0x76, 0x65,
+	0x18, 0x04, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1a, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e,
+	0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x42, 0x6f, 0x6f, 0x6c, 0x56, 0x61, 0x6c,
+	0x75, 0x65, 0x52, 0x0d, 0x63, 0x61, 0x73, 0x65, 0x53, 0x65, 0x6e, 0x73, 0x69, 0x74, 0x69, 0x76,
+	0x65, 0x12, 0x59, 0x0a, 0x10, 0x72, 0x75, 0x6e, 0x74, 0x69, 0x6d, 0x65, 0x5f, 0x66, 0x72, 0x61,
+	0x63, 0x74, 0x69, 0x6f, 0x6e, 0x18, 0x09, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x2e, 0x2e, 0x65, 0x6e,
+	0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x63, 0x6f, 0x72, 0x65, 0x2e,
+	0x76, 0x33, 0x2e, 0x52, 0x75, 0x6e, 0x74, 0x69, 0x6d, 0x65, 0x46, 0x72, 0x61, 0x63, 0x74, 0x69,
+	0x6f, 0x6e, 0x61, 0x6c, 0x50, 0x65, 0x72, 0x63, 0x65, 0x6e, 0x74, 0x52, 0x0f, 0x72, 0x75, 0x6e,
+	0x74, 0x69, 0x6d, 0x65, 0x46, 0x72, 0x61, 0x63, 0x74, 0x69, 0x6f, 0x6e, 0x12, 0x3e, 0x0a, 0x07,
+	0x68, 0x65, 0x61, 0x64, 0x65, 0x72, 0x73, 0x18, 0x06, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x24, 0x2e,
+	0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x72, 0x6f, 0x75,
+	0x74, 0x65, 0x2e, 0x76, 0x33, 0x2e, 0x48, 0x65, 0x61, 0x64, 0x65, 0x72, 0x4d, 0x61, 0x74, 0x63,
+	0x68, 0x65, 0x72, 0x52, 0x07, 0x68, 0x65, 0x61, 0x64, 0x65, 0x72, 0x73, 0x12, 0x57, 0x0a, 0x10,
+	0x71, 0x75, 0x65, 0x72, 0x79, 0x5f, 0x70, 0x61, 0x72, 0x61, 0x6d, 0x65, 0x74, 0x65, 0x72, 0x73,
+	0x18, 0x07, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x2c, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63,
+	0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x72, 0x6f, 0x75, 0x74, 0x65, 0x2e, 0x76, 0x33, 0x2e, 0x51,
+	0x75, 0x65, 0x72, 0x79, 0x50, 0x61, 0x72, 0x61, 0x6d, 0x65, 0x74, 0x65, 0x72, 0x4d, 0x61, 0x74,
+	0x63, 0x68, 0x65, 0x72, 0x52, 0x0f, 0x71, 0x75, 0x65, 0x72, 0x79, 0x50, 0x61, 0x72, 0x61, 0x6d,
+	0x65, 0x74, 0x65, 0x72, 0x73, 0x12, 0x4b, 0x0a, 0x04, 0x67, 0x72, 0x70, 0x63, 0x18, 0x08, 0x20,
+	0x01, 0x28, 0x0b, 0x32, 0x37, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66,
+	0x69, 0x67, 0x2e, 0x72, 0x6f, 0x75, 0x74, 0x65, 0x2e, 0x76, 0x33, 0x2e, 0x52, 0x6f, 0x75, 0x74,
+	0x65, 0x4d, 0x61, 0x74, 0x63, 0x68, 0x2e, 0x47, 0x72, 0x70, 0x63, 0x52, 0x6f, 0x75, 0x74, 0x65,
+	0x4d, 0x61, 0x74, 0x63, 0x68, 0x4f, 0x70, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x52, 0x04, 0x67, 0x72,
+	0x70, 0x63, 0x12, 0x59, 0x0a, 0x0b, 0x74, 0x6c, 0x73, 0x5f, 0x63, 0x6f, 0x6e, 0x74, 0x65, 0x78,
+	0x74, 0x18, 0x0b, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x38, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e,
+	0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x72, 0x6f, 0x75, 0x74, 0x65, 0x2e, 0x76, 0x33, 0x2e,
+	0x52, 0x6f, 0x75, 0x74, 0x65, 0x4d, 0x61, 0x74, 0x63, 0x68, 0x2e, 0x54, 0x6c, 0x73, 0x43, 0x6f,
+	0x6e, 0x74, 0x65, 0x78, 0x74, 0x4d, 0x61, 0x74, 0x63, 0x68, 0x4f, 0x70, 0x74, 0x69, 0x6f, 0x6e,
+	0x73, 0x52, 0x0a, 0x74, 0x6c, 0x73, 0x43, 0x6f, 0x6e, 0x74, 0x65, 0x78, 0x74, 0x12, 0x51, 0x0a,
+	0x10, 0x64, 0x79, 0x6e, 0x61, 0x6d, 0x69, 0x63, 0x5f, 0x6d, 0x65, 0x74, 0x61, 0x64, 0x61, 0x74,
+	0x61, 0x18, 0x0d, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x26, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e,
+	0x74, 0x79, 0x70, 0x65, 0x2e, 0x6d, 0x61, 0x74, 0x63, 0x68, 0x65, 0x72, 0x2e, 0x76, 0x33, 0x2e,
+	0x4d, 0x65, 0x74, 0x61, 0x64, 0x61, 0x74, 0x61, 0x4d, 0x61, 0x74, 0x63, 0x68, 0x65, 0x72, 0x52,
+	0x0f, 0x64, 0x79, 0x6e, 0x61, 0x6d, 0x69, 0x63, 0x4d, 0x65, 0x74, 0x61, 0x64, 0x61, 0x74, 0x61,
+	0x1a, 0x53, 0x0a, 0x15, 0x47, 0x72, 0x70, 0x63, 0x52, 0x6f, 0x75, 0x74, 0x65, 0x4d, 0x61, 0x74,
+	0x63, 0x68, 0x4f, 0x70, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x3a, 0x3a, 0x9a, 0xc5, 0x88, 0x1e, 0x35,
+	0x0a, 0x33, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x76, 0x32, 0x2e, 0x72,
+	0x6f, 0x75, 0x74, 0x65, 0x2e, 0x52, 0x6f, 0x75, 0x74, 0x65, 0x4d, 0x61, 0x74, 0x63, 0x68, 0x2e,
+	0x47, 0x72, 0x70, 0x63, 0x52, 0x6f, 0x75, 0x74, 0x65, 0x4d, 0x61, 0x74, 0x63, 0x68, 0x4f, 0x70,
+	0x74, 0x69, 0x6f, 0x6e, 0x73, 0x1a, 0xc9, 0x01, 0x0a, 0x16, 0x54, 0x6c, 0x73, 0x43, 0x6f, 0x6e,
+	0x74, 0x65, 0x78, 0x74, 0x4d, 0x61, 0x74, 0x63, 0x68, 0x4f, 0x70, 0x74, 0x69, 0x6f, 0x6e, 0x73,
+	0x12, 0x38, 0x0a, 0x09, 0x70, 0x72, 0x65, 0x73, 0x65, 0x6e, 0x74, 0x65, 0x64, 0x18, 0x01, 0x20,
+	0x01, 0x28, 0x0b, 0x32, 0x1a, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f,
+	0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x42, 0x6f, 0x6f, 0x6c, 0x56, 0x61, 0x6c, 0x75, 0x65, 0x52,
+	0x09, 0x70, 0x72, 0x65, 0x73, 0x65, 0x6e, 0x74, 0x65, 0x64, 0x12, 0x38, 0x0a, 0x09, 0x76, 0x61,
+	0x6c, 0x69, 0x64, 0x61, 0x74, 0x65, 0x64, 0x18, 0x02, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1a, 0x2e,
+	0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e,
+	0x42, 0x6f, 0x6f, 0x6c, 0x56, 0x61, 0x6c, 0x75, 0x65, 0x52, 0x09, 0x76, 0x61, 0x6c, 0x69, 0x64,
+	0x61, 0x74, 0x65, 0x64, 0x3a, 0x3b, 0x9a, 0xc5, 0x88, 0x1e, 0x36, 0x0a, 0x34, 0x65, 0x6e, 0x76,
+	0x6f, 0x79, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x76, 0x32, 0x2e, 0x72, 0x6f, 0x75, 0x74, 0x65, 0x2e,
+	0x52, 0x6f, 0x75, 0x74, 0x65, 0x4d, 0x61, 0x74, 0x63, 0x68, 0x2e, 0x54, 0x6c, 0x73, 0x43, 0x6f,
+	0x6e, 0x74, 0x65, 0x78, 0x74, 0x4d, 0x61, 0x74, 0x63, 0x68, 0x4f, 0x70, 0x74, 0x69, 0x6f, 0x6e,
+	0x73, 0x1a, 0x10, 0x0a, 0x0e, 0x43, 0x6f, 0x6e, 0x6e, 0x65, 0x63, 0x74, 0x4d, 0x61, 0x74, 0x63,
+	0x68, 0x65, 0x72, 0x3a, 0x24, 0x9a, 0xc5, 0x88, 0x1e, 0x1f, 0x0a, 0x1d, 0x65, 0x6e, 0x76, 0x6f,
+	0x79, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x76, 0x32, 0x2e, 0x72, 0x6f, 0x75, 0x74, 0x65, 0x2e, 0x52,
+	0x6f, 0x75, 0x74, 0x65, 0x4d, 0x61, 0x74, 0x63, 0x68, 0x42, 0x15, 0x0a, 0x0e, 0x70, 0x61, 0x74,
+	0x68, 0x5f, 0x73, 0x70, 0x65, 0x63, 0x69, 0x66, 0x69, 0x65, 0x72, 0x12, 0x03, 0xf8, 0x42, 0x01,
+	0x4a, 0x04, 0x08, 0x05, 0x10, 0x06, 0x4a, 0x04, 0x08, 0x03, 0x10, 0x04, 0x52, 0x05, 0x72, 0x65,
+	0x67, 0x65, 0x78, 0x22, 0xe8, 0x04, 0x0a, 0x0a, 0x43, 0x6f, 0x72, 0x73, 0x50, 0x6f, 0x6c, 0x69,
+	0x63, 0x79, 0x12, 0x5f, 0x0a, 0x19, 0x61, 0x6c, 0x6c, 0x6f, 0x77, 0x5f, 0x6f, 0x72, 0x69, 0x67,
+	0x69, 0x6e, 0x5f, 0x73, 0x74, 0x72, 0x69, 0x6e, 0x67, 0x5f, 0x6d, 0x61, 0x74, 0x63, 0x68, 0x18,
+	0x0b, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x24, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x74, 0x79,
+	0x70, 0x65, 0x2e, 0x6d, 0x61, 0x74, 0x63, 0x68, 0x65, 0x72, 0x2e, 0x76, 0x33, 0x2e, 0x53, 0x74,
+	0x72, 0x69, 0x6e, 0x67, 0x4d, 0x61, 0x74, 0x63, 0x68, 0x65, 0x72, 0x52, 0x16, 0x61, 0x6c, 0x6c,
+	0x6f, 0x77, 0x4f, 0x72, 0x69, 0x67, 0x69, 0x6e, 0x53, 0x74, 0x72, 0x69, 0x6e, 0x67, 0x4d, 0x61,
+	0x74, 0x63, 0x68, 0x12, 0x23, 0x0a, 0x0d, 0x61, 0x6c, 0x6c, 0x6f, 0x77, 0x5f, 0x6d, 0x65, 0x74,
+	0x68, 0x6f, 0x64, 0x73, 0x18, 0x02, 0x20, 0x01, 0x28, 0x09, 0x52, 0x0c, 0x61, 0x6c, 0x6c, 0x6f,
+	0x77, 0x4d, 0x65, 0x74, 0x68, 0x6f, 0x64, 0x73, 0x12, 0x23, 0x0a, 0x0d, 0x61, 0x6c, 0x6c, 0x6f,
+	0x77, 0x5f, 0x68, 0x65, 0x61, 0x64, 0x65, 0x72, 0x73, 0x18, 0x03, 0x20, 0x01, 0x28, 0x09, 0x52,
+	0x0c, 0x61, 0x6c, 0x6c, 0x6f, 0x77, 0x48, 0x65, 0x61, 0x64, 0x65, 0x72, 0x73, 0x12, 0x25, 0x0a,
+	0x0e, 0x65, 0x78, 0x70, 0x6f, 0x73, 0x65, 0x5f, 0x68, 0x65, 0x61, 0x64, 0x65, 0x72, 0x73, 0x18,
+	0x04, 0x20, 0x01, 0x28, 0x09, 0x52, 0x0d, 0x65, 0x78, 0x70, 0x6f, 0x73, 0x65, 0x48, 0x65, 0x61,
+	0x64, 0x65, 0x72, 0x73, 0x12, 0x17, 0x0a, 0x07, 0x6d, 0x61, 0x78, 0x5f, 0x61, 0x67, 0x65, 0x18,
+	0x05, 0x20, 0x01, 0x28, 0x09, 0x52, 0x06, 0x6d, 0x61, 0x78, 0x41, 0x67, 0x65, 0x12, 0x47, 0x0a,
+	0x11, 0x61, 0x6c, 0x6c, 0x6f, 0x77, 0x5f, 0x63, 0x72, 0x65, 0x64, 0x65, 0x6e, 0x74, 0x69, 0x61,
+	0x6c, 0x73, 0x18, 0x06, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1a, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c,
+	0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x42, 0x6f, 0x6f, 0x6c, 0x56,
+	0x61, 0x6c, 0x75, 0x65, 0x52, 0x10, 0x61, 0x6c, 0x6c, 0x6f, 0x77, 0x43, 0x72, 0x65, 0x64, 0x65,
+	0x6e, 0x74, 0x69, 0x61, 0x6c, 0x73, 0x12, 0x57, 0x0a, 0x0e, 0x66, 0x69, 0x6c, 0x74, 0x65, 0x72,
+	0x5f, 0x65, 0x6e, 0x61, 0x62, 0x6c, 0x65, 0x64, 0x18, 0x09, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x2e,
+	0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x63, 0x6f,
+	0x72, 0x65, 0x2e, 0x76, 0x33, 0x2e, 0x52, 0x75, 0x6e, 0x74, 0x69, 0x6d, 0x65, 0x46, 0x72, 0x61,
+	0x63, 0x74, 0x69, 0x6f, 0x6e, 0x61, 0x6c, 0x50, 0x65, 0x72, 0x63, 0x65, 0x6e, 0x74, 0x48, 0x00,
+	0x52, 0x0d, 0x66, 0x69, 0x6c, 0x74, 0x65, 0x72, 0x45, 0x6e, 0x61, 0x62, 0x6c, 0x65, 0x64, 0x12,
+	0x55, 0x0a, 0x0e, 0x73, 0x68, 0x61, 0x64, 0x6f, 0x77, 0x5f, 0x65, 0x6e, 0x61, 0x62, 0x6c, 0x65,
+	0x64, 0x18, 0x0a, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x2e, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e,
+	0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x63, 0x6f, 0x72, 0x65, 0x2e, 0x76, 0x33, 0x2e, 0x52,
+	0x75, 0x6e, 0x74, 0x69, 0x6d, 0x65, 0x46, 0x72, 0x61, 0x63, 0x74, 0x69, 0x6f, 0x6e, 0x61, 0x6c,
+	0x50, 0x65, 0x72, 0x63, 0x65, 0x6e, 0x74, 0x52, 0x0d, 0x73, 0x68, 0x61, 0x64, 0x6f, 0x77, 0x45,
+	0x6e, 0x61, 0x62, 0x6c, 0x65, 0x64, 0x3a, 0x24, 0x9a, 0xc5, 0x88, 0x1e, 0x1f, 0x0a, 0x1d, 0x65,
+	0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x76, 0x32, 0x2e, 0x72, 0x6f, 0x75, 0x74,
+	0x65, 0x2e, 0x43, 0x6f, 0x72, 0x73, 0x50, 0x6f, 0x6c, 0x69, 0x63, 0x79, 0x42, 0x13, 0x0a, 0x11,
+	0x65, 0x6e, 0x61, 0x62, 0x6c, 0x65, 0x64, 0x5f, 0x73, 0x70, 0x65, 0x63, 0x69, 0x66, 0x69, 0x65,
+	0x72, 0x4a, 0x04, 0x08, 0x01, 0x10, 0x02, 0x4a, 0x04, 0x08, 0x08, 0x10, 0x09, 0x4a, 0x04, 0x08,
+	0x07, 0x10, 0x08, 0x52, 0x0c, 0x61, 0x6c, 0x6c, 0x6f, 0x77, 0x5f, 0x6f, 0x72, 0x69, 0x67, 0x69,
+	0x6e, 0x52, 0x12, 0x61, 0x6c, 0x6c, 0x6f, 0x77, 0x5f, 0x6f, 0x72, 0x69, 0x67, 0x69, 0x6e, 0x5f,
+	0x72, 0x65, 0x67, 0x65, 0x78, 0x52, 0x07, 0x65, 0x6e, 0x61, 0x62, 0x6c, 0x65, 0x64, 0x22, 0xb2,
+	0x27, 0x0a, 0x0b, 0x52, 0x6f, 0x75, 0x74, 0x65, 0x41, 0x63, 0x74, 0x69, 0x6f, 0x6e, 0x12, 0x23,
+	0x0a, 0x07, 0x63, 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x42,
+	0x07, 0xfa, 0x42, 0x04, 0x72, 0x02, 0x10, 0x01, 0x48, 0x00, 0x52, 0x07, 0x63, 0x6c, 0x75, 0x73,
+	0x74, 0x65, 0x72, 0x12, 0x36, 0x0a, 0x0e, 0x63, 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0x5f, 0x68,
+	0x65, 0x61, 0x64, 0x65, 0x72, 0x18, 0x02, 0x20, 0x01, 0x28, 0x09, 0x42, 0x0d, 0xfa, 0x42, 0x0a,
+	0x72, 0x08, 0x10, 0x01, 0xc0, 0x01, 0x01, 0xc8, 0x01, 0x00, 0x48, 0x00, 0x52, 0x0d, 0x63, 0x6c,
+	0x75, 0x73, 0x74, 0x65, 0x72, 0x48, 0x65, 0x61, 0x64, 0x65, 0x72, 0x12, 0x55, 0x0a, 0x11, 0x77,
+	0x65, 0x69, 0x67, 0x68, 0x74, 0x65, 0x64, 0x5f, 0x63, 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0x73,
+	0x18, 0x03, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x26, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63,
+	0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x72, 0x6f, 0x75, 0x74, 0x65, 0x2e, 0x76, 0x33, 0x2e, 0x57,
+	0x65, 0x69, 0x67, 0x68, 0x74, 0x65, 0x64, 0x43, 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0x48, 0x00,
+	0x52, 0x10, 0x77, 0x65, 0x69, 0x67, 0x68, 0x74, 0x65, 0x64, 0x43, 0x6c, 0x75, 0x73, 0x74, 0x65,
+	0x72, 0x73, 0x12, 0x3a, 0x0a, 0x18, 0x63, 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0x5f, 0x73, 0x70,
+	0x65, 0x63, 0x69, 0x66, 0x69, 0x65, 0x72, 0x5f, 0x70, 0x6c, 0x75, 0x67, 0x69, 0x6e, 0x18, 0x25,
+	0x20, 0x01, 0x28, 0x09, 0x48, 0x00, 0x52, 0x16, 0x63, 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0x53,
+	0x70, 0x65, 0x63, 0x69, 0x66, 0x69, 0x65, 0x72, 0x50, 0x6c, 0x75, 0x67, 0x69, 0x6e, 0x12, 0x8e,
+	0x01, 0x0a, 0x1f, 0x63, 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0x5f, 0x6e, 0x6f, 0x74, 0x5f, 0x66,
+	0x6f, 0x75, 0x6e, 0x64, 0x5f, 0x72, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x5f, 0x63, 0x6f,
+	0x64, 0x65, 0x18, 0x14, 0x20, 0x01, 0x28, 0x0e, 0x32, 0x3e, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79,
+	0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x72, 0x6f, 0x75, 0x74, 0x65, 0x2e, 0x76, 0x33,
+	0x2e, 0x52, 0x6f, 0x75, 0x74, 0x65, 0x41, 0x63, 0x74, 0x69, 0x6f, 0x6e, 0x2e, 0x43, 0x6c, 0x75,
+	0x73, 0x74, 0x65, 0x72, 0x4e, 0x6f, 0x74, 0x46, 0x6f, 0x75, 0x6e, 0x64, 0x52, 0x65, 0x73, 0x70,
+	0x6f, 0x6e, 0x73, 0x65, 0x43, 0x6f, 0x64, 0x65, 0x42, 0x08, 0xfa, 0x42, 0x05, 0x82, 0x01, 0x02,
+	0x10, 0x01, 0x52, 0x1b, 0x63, 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0x4e, 0x6f, 0x74, 0x46, 0x6f,
+	0x75, 0x6e, 0x64, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x43, 0x6f, 0x64, 0x65, 0x12,
+	0x45, 0x0a, 0x0e, 0x6d, 0x65, 0x74, 0x61, 0x64, 0x61, 0x74, 0x61, 0x5f, 0x6d, 0x61, 0x74, 0x63,
+	0x68, 0x18, 0x04, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1e, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e,
+	0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x63, 0x6f, 0x72, 0x65, 0x2e, 0x76, 0x33, 0x2e, 0x4d,
+	0x65, 0x74, 0x61, 0x64, 0x61, 0x74, 0x61, 0x52, 0x0d, 0x6d, 0x65, 0x74, 0x61, 0x64, 0x61, 0x74,
+	0x61, 0x4d, 0x61, 0x74, 0x63, 0x68, 0x12, 0x32, 0x0a, 0x0e, 0x70, 0x72, 0x65, 0x66, 0x69, 0x78,
+	0x5f, 0x72, 0x65, 0x77, 0x72, 0x69, 0x74, 0x65, 0x18, 0x05, 0x20, 0x01, 0x28, 0x09, 0x42, 0x0b,
+	0xfa, 0x42, 0x08, 0x72, 0x06, 0xc0, 0x01, 0x02, 0xc8, 0x01, 0x00, 0x52, 0x0d, 0x70, 0x72, 0x65,
+	0x66, 0x69, 0x78, 0x52, 0x65, 0x77, 0x72, 0x69, 0x74, 0x65, 0x12, 0x53, 0x0a, 0x0d, 0x72, 0x65,
+	0x67, 0x65, 0x78, 0x5f, 0x72, 0x65, 0x77, 0x72, 0x69, 0x74, 0x65, 0x18, 0x20, 0x20, 0x01, 0x28,
+	0x0b, 0x32, 0x2e, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x74, 0x79, 0x70, 0x65, 0x2e, 0x6d,
+	0x61, 0x74, 0x63, 0x68, 0x65, 0x72, 0x2e, 0x76, 0x33, 0x2e, 0x52, 0x65, 0x67, 0x65, 0x78, 0x4d,
+	0x61, 0x74, 0x63, 0x68, 0x41, 0x6e, 0x64, 0x53, 0x75, 0x62, 0x73, 0x74, 0x69, 0x74, 0x75, 0x74,
+	0x65, 0x52, 0x0c, 0x72, 0x65, 0x67, 0x65, 0x78, 0x52, 0x65, 0x77, 0x72, 0x69, 0x74, 0x65, 0x12,
+	0x3f, 0x0a, 0x14, 0x68, 0x6f, 0x73, 0x74, 0x5f, 0x72, 0x65, 0x77, 0x72, 0x69, 0x74, 0x65, 0x5f,
+	0x6c, 0x69, 0x74, 0x65, 0x72, 0x61, 0x6c, 0x18, 0x06, 0x20, 0x01, 0x28, 0x09, 0x42, 0x0b, 0xfa,
+	0x42, 0x08, 0x72, 0x06, 0xc0, 0x01, 0x02, 0xc8, 0x01, 0x00, 0x48, 0x01, 0x52, 0x12, 0x68, 0x6f,
+	0x73, 0x74, 0x52, 0x65, 0x77, 0x72, 0x69, 0x74, 0x65, 0x4c, 0x69, 0x74, 0x65, 0x72, 0x61, 0x6c,
+	0x12, 0x48, 0x0a, 0x11, 0x61, 0x75, 0x74, 0x6f, 0x5f, 0x68, 0x6f, 0x73, 0x74, 0x5f, 0x72, 0x65,
+	0x77, 0x72, 0x69, 0x74, 0x65, 0x18, 0x07, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1a, 0x2e, 0x67, 0x6f,
+	0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x42, 0x6f,
+	0x6f, 0x6c, 0x56, 0x61, 0x6c, 0x75, 0x65, 0x48, 0x01, 0x52, 0x0f, 0x61, 0x75, 0x74, 0x6f, 0x48,
+	0x6f, 0x73, 0x74, 0x52, 0x65, 0x77, 0x72, 0x69, 0x74, 0x65, 0x12, 0x3d, 0x0a, 0x13, 0x68, 0x6f,
+	0x73, 0x74, 0x5f, 0x72, 0x65, 0x77, 0x72, 0x69, 0x74, 0x65, 0x5f, 0x68, 0x65, 0x61, 0x64, 0x65,
+	0x72, 0x18, 0x1d, 0x20, 0x01, 0x28, 0x09, 0x42, 0x0b, 0xfa, 0x42, 0x08, 0x72, 0x06, 0xc0, 0x01,
+	0x01, 0xc8, 0x01, 0x00, 0x48, 0x01, 0x52, 0x11, 0x68, 0x6f, 0x73, 0x74, 0x52, 0x65, 0x77, 0x72,
+	0x69, 0x74, 0x65, 0x48, 0x65, 0x61, 0x64, 0x65, 0x72, 0x12, 0x67, 0x0a, 0x17, 0x68, 0x6f, 0x73,
+	0x74, 0x5f, 0x72, 0x65, 0x77, 0x72, 0x69, 0x74, 0x65, 0x5f, 0x70, 0x61, 0x74, 0x68, 0x5f, 0x72,
+	0x65, 0x67, 0x65, 0x78, 0x18, 0x23, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x2e, 0x2e, 0x65, 0x6e, 0x76,
+	0x6f, 0x79, 0x2e, 0x74, 0x79, 0x70, 0x65, 0x2e, 0x6d, 0x61, 0x74, 0x63, 0x68, 0x65, 0x72, 0x2e,
+	0x76, 0x33, 0x2e, 0x52, 0x65, 0x67, 0x65, 0x78, 0x4d, 0x61, 0x74, 0x63, 0x68, 0x41, 0x6e, 0x64,
+	0x53, 0x75, 0x62, 0x73, 0x74, 0x69, 0x74, 0x75, 0x74, 0x65, 0x48, 0x01, 0x52, 0x14, 0x68, 0x6f,
+	0x73, 0x74, 0x52, 0x65, 0x77, 0x72, 0x69, 0x74, 0x65, 0x50, 0x61, 0x74, 0x68, 0x52, 0x65, 0x67,
+	0x65, 0x78, 0x12, 0x33, 0x0a, 0x07, 0x74, 0x69, 0x6d, 0x65, 0x6f, 0x75, 0x74, 0x18, 0x08, 0x20,
+	0x01, 0x28, 0x0b, 0x32, 0x19, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f,
+	0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x44, 0x75, 0x72, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x52, 0x07,
+	0x74, 0x69, 0x6d, 0x65, 0x6f, 0x75, 0x74, 0x12, 0x3c, 0x0a, 0x0c, 0x69, 0x64, 0x6c, 0x65, 0x5f,
+	0x74, 0x69, 0x6d, 0x65, 0x6f, 0x75, 0x74, 0x18, 0x18, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x19, 0x2e,
+	0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e,
+	0x44, 0x75, 0x72, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x52, 0x0b, 0x69, 0x64, 0x6c, 0x65, 0x54, 0x69,
+	0x6d, 0x65, 0x6f, 0x75, 0x74, 0x12, 0x45, 0x0a, 0x0c, 0x72, 0x65, 0x74, 0x72, 0x79, 0x5f, 0x70,
+	0x6f, 0x6c, 0x69, 0x63, 0x79, 0x18, 0x09, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x22, 0x2e, 0x65, 0x6e,
+	0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x72, 0x6f, 0x75, 0x74, 0x65,
+	0x2e, 0x76, 0x33, 0x2e, 0x52, 0x65, 0x74, 0x72, 0x79, 0x50, 0x6f, 0x6c, 0x69, 0x63, 0x79, 0x52,
+	0x0b, 0x72, 0x65, 0x74, 0x72, 0x79, 0x50, 0x6f, 0x6c, 0x69, 0x63, 0x79, 0x12, 0x4f, 0x0a, 0x19,
+	0x72, 0x65, 0x74, 0x72, 0x79, 0x5f, 0x70, 0x6f, 0x6c, 0x69, 0x63, 0x79, 0x5f, 0x74, 0x79, 0x70,
+	0x65, 0x64, 0x5f, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x18, 0x21, 0x20, 0x01, 0x28, 0x0b, 0x32,
+	0x14, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75,
+	0x66, 0x2e, 0x41, 0x6e, 0x79, 0x52, 0x16, 0x72, 0x65, 0x74, 0x72, 0x79, 0x50, 0x6f, 0x6c, 0x69,
+	0x63, 0x79, 0x54, 0x79, 0x70, 0x65, 0x64, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x12, 0x6e, 0x0a,
+	0x17, 0x72, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x5f, 0x6d, 0x69, 0x72, 0x72, 0x6f, 0x72, 0x5f,
+	0x70, 0x6f, 0x6c, 0x69, 0x63, 0x69, 0x65, 0x73, 0x18, 0x1e, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x36,
+	0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x72, 0x6f,
+	0x75, 0x74, 0x65, 0x2e, 0x76, 0x33, 0x2e, 0x52, 0x6f, 0x75, 0x74, 0x65, 0x41, 0x63, 0x74, 0x69,
+	0x6f, 0x6e, 0x2e, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x4d, 0x69, 0x72, 0x72, 0x6f, 0x72,
+	0x50, 0x6f, 0x6c, 0x69, 0x63, 0x79, 0x52, 0x15, 0x72, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x4d,
+	0x69, 0x72, 0x72, 0x6f, 0x72, 0x50, 0x6f, 0x6c, 0x69, 0x63, 0x69, 0x65, 0x73, 0x12, 0x4b, 0x0a,
+	0x08, 0x70, 0x72, 0x69, 0x6f, 0x72, 0x69, 0x74, 0x79, 0x18, 0x0b, 0x20, 0x01, 0x28, 0x0e, 0x32,
+	0x25, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x63,
+	0x6f, 0x72, 0x65, 0x2e, 0x76, 0x33, 0x2e, 0x52, 0x6f, 0x75, 0x74, 0x69, 0x6e, 0x67, 0x50, 0x72,
+	0x69, 0x6f, 0x72, 0x69, 0x74, 0x79, 0x42, 0x08, 0xfa, 0x42, 0x05, 0x82, 0x01, 0x02, 0x10, 0x01,
+	0x52, 0x08, 0x70, 0x72, 0x69, 0x6f, 0x72, 0x69, 0x74, 0x79, 0x12, 0x41, 0x0a, 0x0b, 0x72, 0x61,
+	0x74, 0x65, 0x5f, 0x6c, 0x69, 0x6d, 0x69, 0x74, 0x73, 0x18, 0x0d, 0x20, 0x03, 0x28, 0x0b, 0x32,
+	0x20, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x72,
+	0x6f, 0x75, 0x74, 0x65, 0x2e, 0x76, 0x33, 0x2e, 0x52, 0x61, 0x74, 0x65, 0x4c, 0x69, 0x6d, 0x69,
+	0x74, 0x52, 0x0a, 0x72, 0x61, 0x74, 0x65, 0x4c, 0x69, 0x6d, 0x69, 0x74, 0x73, 0x12, 0x5c, 0x0a,
+	0x16, 0x69, 0x6e, 0x63, 0x6c, 0x75, 0x64, 0x65, 0x5f, 0x76, 0x68, 0x5f, 0x72, 0x61, 0x74, 0x65,
+	0x5f, 0x6c, 0x69, 0x6d, 0x69, 0x74, 0x73, 0x18, 0x0e, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1a, 0x2e,
+	0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e,
+	0x42, 0x6f, 0x6f, 0x6c, 0x56, 0x61, 0x6c, 0x75, 0x65, 0x42, 0x0b, 0x18, 0x01, 0x92, 0xc7, 0x86,
+	0xd8, 0x04, 0x03, 0x33, 0x2e, 0x30, 0x52, 0x13, 0x69, 0x6e, 0x63, 0x6c, 0x75, 0x64, 0x65, 0x56,
+	0x68, 0x52, 0x61, 0x74, 0x65, 0x4c, 0x69, 0x6d, 0x69, 0x74, 0x73, 0x12, 0x4e, 0x0a, 0x0b, 0x68,
+	0x61, 0x73, 0x68, 0x5f, 0x70, 0x6f, 0x6c, 0x69, 0x63, 0x79, 0x18, 0x0f, 0x20, 0x03, 0x28, 0x0b,
+	0x32, 0x2d, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e,
+	0x72, 0x6f, 0x75, 0x74, 0x65, 0x2e, 0x76, 0x33, 0x2e, 0x52, 0x6f, 0x75, 0x74, 0x65, 0x41, 0x63,
+	0x74, 0x69, 0x6f, 0x6e, 0x2e, 0x48, 0x61, 0x73, 0x68, 0x50, 0x6f, 0x6c, 0x69, 0x63, 0x79, 0x52,
+	0x0a, 0x68, 0x61, 0x73, 0x68, 0x50, 0x6f, 0x6c, 0x69, 0x63, 0x79, 0x12, 0x35, 0x0a, 0x04, 0x63,
+	0x6f, 0x72, 0x73, 0x18, 0x11, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x21, 0x2e, 0x65, 0x6e, 0x76, 0x6f,
+	0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x72, 0x6f, 0x75, 0x74, 0x65, 0x2e, 0x76,
+	0x33, 0x2e, 0x43, 0x6f, 0x72, 0x73, 0x50, 0x6f, 0x6c, 0x69, 0x63, 0x79, 0x52, 0x04, 0x63, 0x6f,
+	0x72, 0x73, 0x12, 0x50, 0x0a, 0x10, 0x6d, 0x61, 0x78, 0x5f, 0x67, 0x72, 0x70, 0x63, 0x5f, 0x74,
+	0x69, 0x6d, 0x65, 0x6f, 0x75, 0x74, 0x18, 0x17, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x19, 0x2e, 0x67,
+	0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x44,
+	0x75, 0x72, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x42, 0x0b, 0x18, 0x01, 0x92, 0xc7, 0x86, 0xd8, 0x04,
+	0x03, 0x33, 0x2e, 0x30, 0x52, 0x0e, 0x6d, 0x61, 0x78, 0x47, 0x72, 0x70, 0x63, 0x54, 0x69, 0x6d,
+	0x65, 0x6f, 0x75, 0x74, 0x12, 0x56, 0x0a, 0x13, 0x67, 0x72, 0x70, 0x63, 0x5f, 0x74, 0x69, 0x6d,
+	0x65, 0x6f, 0x75, 0x74, 0x5f, 0x6f, 0x66, 0x66, 0x73, 0x65, 0x74, 0x18, 0x1c, 0x20, 0x01, 0x28,
+	0x0b, 0x32, 0x19, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f,
+	0x62, 0x75, 0x66, 0x2e, 0x44, 0x75, 0x72, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x42, 0x0b, 0x18, 0x01,
+	0x92, 0xc7, 0x86, 0xd8, 0x04, 0x03, 0x33, 0x2e, 0x30, 0x52, 0x11, 0x67, 0x72, 0x70, 0x63, 0x54,
+	0x69, 0x6d, 0x65, 0x6f, 0x75, 0x74, 0x4f, 0x66, 0x66, 0x73, 0x65, 0x74, 0x12, 0x59, 0x0a, 0x0f,
+	0x75, 0x70, 0x67, 0x72, 0x61, 0x64, 0x65, 0x5f, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x73, 0x18,
+	0x19, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x30, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f,
+	0x6e, 0x66, 0x69, 0x67, 0x2e, 0x72, 0x6f, 0x75, 0x74, 0x65, 0x2e, 0x76, 0x33, 0x2e, 0x52, 0x6f,
+	0x75, 0x74, 0x65, 0x41, 0x63, 0x74, 0x69, 0x6f, 0x6e, 0x2e, 0x55, 0x70, 0x67, 0x72, 0x61, 0x64,
+	0x65, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x52, 0x0e, 0x75, 0x70, 0x67, 0x72, 0x61, 0x64, 0x65,
+	0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x73, 0x12, 0x67, 0x0a, 0x18, 0x69, 0x6e, 0x74, 0x65, 0x72,
+	0x6e, 0x61, 0x6c, 0x5f, 0x72, 0x65, 0x64, 0x69, 0x72, 0x65, 0x63, 0x74, 0x5f, 0x70, 0x6f, 0x6c,
+	0x69, 0x63, 0x79, 0x18, 0x22, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x2d, 0x2e, 0x65, 0x6e, 0x76, 0x6f,
+	0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x72, 0x6f, 0x75, 0x74, 0x65, 0x2e, 0x76,
+	0x33, 0x2e, 0x49, 0x6e, 0x74, 0x65, 0x72, 0x6e, 0x61, 0x6c, 0x52, 0x65, 0x64, 0x69, 0x72, 0x65,
+	0x63, 0x74, 0x50, 0x6f, 0x6c, 0x69, 0x63, 0x79, 0x52, 0x16, 0x69, 0x6e, 0x74, 0x65, 0x72, 0x6e,
+	0x61, 0x6c, 0x52, 0x65, 0x64, 0x69, 0x72, 0x65, 0x63, 0x74, 0x50, 0x6f, 0x6c, 0x69, 0x63, 0x79,
+	0x12, 0x80, 0x01, 0x0a, 0x18, 0x69, 0x6e, 0x74, 0x65, 0x72, 0x6e, 0x61, 0x6c, 0x5f, 0x72, 0x65,
+	0x64, 0x69, 0x72, 0x65, 0x63, 0x74, 0x5f, 0x61, 0x63, 0x74, 0x69, 0x6f, 0x6e, 0x18, 0x1a, 0x20,
+	0x01, 0x28, 0x0e, 0x32, 0x39, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66,
+	0x69, 0x67, 0x2e, 0x72, 0x6f, 0x75, 0x74, 0x65, 0x2e, 0x76, 0x33, 0x2e, 0x52, 0x6f, 0x75, 0x74,
+	0x65, 0x41, 0x63, 0x74, 0x69, 0x6f, 0x6e, 0x2e, 0x49, 0x6e, 0x74, 0x65, 0x72, 0x6e, 0x61, 0x6c,
+	0x52, 0x65, 0x64, 0x69, 0x72, 0x65, 0x63, 0x74, 0x41, 0x63, 0x74, 0x69, 0x6f, 0x6e, 0x42, 0x0b,
+	0x18, 0x01, 0x92, 0xc7, 0x86, 0xd8, 0x04, 0x03, 0x33, 0x2e, 0x30, 0x52, 0x16, 0x69, 0x6e, 0x74,
+	0x65, 0x72, 0x6e, 0x61, 0x6c, 0x52, 0x65, 0x64, 0x69, 0x72, 0x65, 0x63, 0x74, 0x41, 0x63, 0x74,
+	0x69, 0x6f, 0x6e, 0x12, 0x5f, 0x0a, 0x16, 0x6d, 0x61, 0x78, 0x5f, 0x69, 0x6e, 0x74, 0x65, 0x72,
+	0x6e, 0x61, 0x6c, 0x5f, 0x72, 0x65, 0x64, 0x69, 0x72, 0x65, 0x63, 0x74, 0x73, 0x18, 0x1f, 0x20,
+	0x01, 0x28, 0x0b, 0x32, 0x1c, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f,
+	0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x55, 0x49, 0x6e, 0x74, 0x33, 0x32, 0x56, 0x61, 0x6c, 0x75,
+	0x65, 0x42, 0x0b, 0x18, 0x01, 0x92, 0xc7, 0x86, 0xd8, 0x04, 0x03, 0x33, 0x2e, 0x30, 0x52, 0x14,
+	0x6d, 0x61, 0x78, 0x49, 0x6e, 0x74, 0x65, 0x72, 0x6e, 0x61, 0x6c, 0x52, 0x65, 0x64, 0x69, 0x72,
+	0x65, 0x63, 0x74, 0x73, 0x12, 0x45, 0x0a, 0x0c, 0x68, 0x65, 0x64, 0x67, 0x65, 0x5f, 0x70, 0x6f,
+	0x6c, 0x69, 0x63, 0x79, 0x18, 0x1b, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x22, 0x2e, 0x65, 0x6e, 0x76,
+	0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x72, 0x6f, 0x75, 0x74, 0x65, 0x2e,
+	0x76, 0x33, 0x2e, 0x48, 0x65, 0x64, 0x67, 0x65, 0x50, 0x6f, 0x6c, 0x69, 0x63, 0x79, 0x52, 0x0b,
+	0x68, 0x65, 0x64, 0x67, 0x65, 0x50, 0x6f, 0x6c, 0x69, 0x63, 0x79, 0x12, 0x64, 0x0a, 0x13, 0x6d,
+	0x61, 0x78, 0x5f, 0x73, 0x74, 0x72, 0x65, 0x61, 0x6d, 0x5f, 0x64, 0x75, 0x72, 0x61, 0x74, 0x69,
+	0x6f, 0x6e, 0x18, 0x24, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x34, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79,
+	0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x72, 0x6f, 0x75, 0x74, 0x65, 0x2e, 0x76, 0x33,
+	0x2e, 0x52, 0x6f, 0x75, 0x74, 0x65, 0x41, 0x63, 0x74, 0x69, 0x6f, 0x6e, 0x2e, 0x4d, 0x61, 0x78,
+	0x53, 0x74, 0x72, 0x65, 0x61, 0x6d, 0x44, 0x75, 0x72, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x52, 0x11,
+	0x6d, 0x61, 0x78, 0x53, 0x74, 0x72, 0x65, 0x61, 0x6d, 0x44, 0x75, 0x72, 0x61, 0x74, 0x69, 0x6f,
+	0x6e, 0x1a, 0xa2, 0x02, 0x0a, 0x13, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x4d, 0x69, 0x72,
+	0x72, 0x6f, 0x72, 0x50, 0x6f, 0x6c, 0x69, 0x63, 0x79, 0x12, 0x21, 0x0a, 0x07, 0x63, 0x6c, 0x75,
+	0x73, 0x74, 0x65, 0x72, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x42, 0x07, 0xfa, 0x42, 0x04, 0x72,
+	0x02, 0x10, 0x01, 0x52, 0x07, 0x63, 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0x12, 0x59, 0x0a, 0x10,
+	0x72, 0x75, 0x6e, 0x74, 0x69, 0x6d, 0x65, 0x5f, 0x66, 0x72, 0x61, 0x63, 0x74, 0x69, 0x6f, 0x6e,
+	0x18, 0x03, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x2e, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63,
+	0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x63, 0x6f, 0x72, 0x65, 0x2e, 0x76, 0x33, 0x2e, 0x52, 0x75,
+	0x6e, 0x74, 0x69, 0x6d, 0x65, 0x46, 0x72, 0x61, 0x63, 0x74, 0x69, 0x6f, 0x6e, 0x61, 0x6c, 0x50,
+	0x65, 0x72, 0x63, 0x65, 0x6e, 0x74, 0x52, 0x0f, 0x72, 0x75, 0x6e, 0x74, 0x69, 0x6d, 0x65, 0x46,
+	0x72, 0x61, 0x63, 0x74, 0x69, 0x6f, 0x6e, 0x12, 0x3f, 0x0a, 0x0d, 0x74, 0x72, 0x61, 0x63, 0x65,
+	0x5f, 0x73, 0x61, 0x6d, 0x70, 0x6c, 0x65, 0x64, 0x18, 0x04, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1a,
+	0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66,
+	0x2e, 0x42, 0x6f, 0x6f, 0x6c, 0x56, 0x61, 0x6c, 0x75, 0x65, 0x52, 0x0c, 0x74, 0x72, 0x61, 0x63,
+	0x65, 0x53, 0x61, 0x6d, 0x70, 0x6c, 0x65, 0x64, 0x3a, 0x39, 0x9a, 0xc5, 0x88, 0x1e, 0x34, 0x0a,
+	0x32, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x76, 0x32, 0x2e, 0x72, 0x6f,
+	0x75, 0x74, 0x65, 0x2e, 0x52, 0x6f, 0x75, 0x74, 0x65, 0x41, 0x63, 0x74, 0x69, 0x6f, 0x6e, 0x2e,
+	0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x4d, 0x69, 0x72, 0x72, 0x6f, 0x72, 0x50, 0x6f, 0x6c,
+	0x69, 0x63, 0x79, 0x4a, 0x04, 0x08, 0x02, 0x10, 0x03, 0x52, 0x0b, 0x72, 0x75, 0x6e, 0x74, 0x69,
+	0x6d, 0x65, 0x5f, 0x6b, 0x65, 0x79, 0x1a, 0x96, 0x0a, 0x0a, 0x0a, 0x48, 0x61, 0x73, 0x68, 0x50,
+	0x6f, 0x6c, 0x69, 0x63, 0x79, 0x12, 0x4e, 0x0a, 0x06, 0x68, 0x65, 0x61, 0x64, 0x65, 0x72, 0x18,
+	0x01, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x34, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f,
+	0x6e, 0x66, 0x69, 0x67, 0x2e, 0x72, 0x6f, 0x75, 0x74, 0x65, 0x2e, 0x76, 0x33, 0x2e, 0x52, 0x6f,
+	0x75, 0x74, 0x65, 0x41, 0x63, 0x74, 0x69, 0x6f, 0x6e, 0x2e, 0x48, 0x61, 0x73, 0x68, 0x50, 0x6f,
+	0x6c, 0x69, 0x63, 0x79, 0x2e, 0x48, 0x65, 0x61, 0x64, 0x65, 0x72, 0x48, 0x00, 0x52, 0x06, 0x68,
+	0x65, 0x61, 0x64, 0x65, 0x72, 0x12, 0x4e, 0x0a, 0x06, 0x63, 0x6f, 0x6f, 0x6b, 0x69, 0x65, 0x18,
+	0x02, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x34, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f,
+	0x6e, 0x66, 0x69, 0x67, 0x2e, 0x72, 0x6f, 0x75, 0x74, 0x65, 0x2e, 0x76, 0x33, 0x2e, 0x52, 0x6f,
+	0x75, 0x74, 0x65, 0x41, 0x63, 0x74, 0x69, 0x6f, 0x6e, 0x2e, 0x48, 0x61, 0x73, 0x68, 0x50, 0x6f,
+	0x6c, 0x69, 0x63, 0x79, 0x2e, 0x43, 0x6f, 0x6f, 0x6b, 0x69, 0x65, 0x48, 0x00, 0x52, 0x06, 0x63,
+	0x6f, 0x6f, 0x6b, 0x69, 0x65, 0x12, 0x79, 0x0a, 0x15, 0x63, 0x6f, 0x6e, 0x6e, 0x65, 0x63, 0x74,
+	0x69, 0x6f, 0x6e, 0x5f, 0x70, 0x72, 0x6f, 0x70, 0x65, 0x72, 0x74, 0x69, 0x65, 0x73, 0x18, 0x03,
+	0x20, 0x01, 0x28, 0x0b, 0x32, 0x42, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e,
+	0x66, 0x69, 0x67, 0x2e, 0x72, 0x6f, 0x75, 0x74, 0x65, 0x2e, 0x76, 0x33, 0x2e, 0x52, 0x6f, 0x75,
+	0x74, 0x65, 0x41, 0x63, 0x74, 0x69, 0x6f, 0x6e, 0x2e, 0x48, 0x61, 0x73, 0x68, 0x50, 0x6f, 0x6c,
+	0x69, 0x63, 0x79, 0x2e, 0x43, 0x6f, 0x6e, 0x6e, 0x65, 0x63, 0x74, 0x69, 0x6f, 0x6e, 0x50, 0x72,
+	0x6f, 0x70, 0x65, 0x72, 0x74, 0x69, 0x65, 0x73, 0x48, 0x00, 0x52, 0x14, 0x63, 0x6f, 0x6e, 0x6e,
+	0x65, 0x63, 0x74, 0x69, 0x6f, 0x6e, 0x50, 0x72, 0x6f, 0x70, 0x65, 0x72, 0x74, 0x69, 0x65, 0x73,
+	0x12, 0x67, 0x0a, 0x0f, 0x71, 0x75, 0x65, 0x72, 0x79, 0x5f, 0x70, 0x61, 0x72, 0x61, 0x6d, 0x65,
+	0x74, 0x65, 0x72, 0x18, 0x05, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x3c, 0x2e, 0x65, 0x6e, 0x76, 0x6f,
+	0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x72, 0x6f, 0x75, 0x74, 0x65, 0x2e, 0x76,
+	0x33, 0x2e, 0x52, 0x6f, 0x75, 0x74, 0x65, 0x41, 0x63, 0x74, 0x69, 0x6f, 0x6e, 0x2e, 0x48, 0x61,
+	0x73, 0x68, 0x50, 0x6f, 0x6c, 0x69, 0x63, 0x79, 0x2e, 0x51, 0x75, 0x65, 0x72, 0x79, 0x50, 0x61,
+	0x72, 0x61, 0x6d, 0x65, 0x74, 0x65, 0x72, 0x48, 0x00, 0x52, 0x0e, 0x71, 0x75, 0x65, 0x72, 0x79,
+	0x50, 0x61, 0x72, 0x61, 0x6d, 0x65, 0x74, 0x65, 0x72, 0x12, 0x5e, 0x0a, 0x0c, 0x66, 0x69, 0x6c,
+	0x74, 0x65, 0x72, 0x5f, 0x73, 0x74, 0x61, 0x74, 0x65, 0x18, 0x06, 0x20, 0x01, 0x28, 0x0b, 0x32,
+	0x39, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x72,
+	0x6f, 0x75, 0x74, 0x65, 0x2e, 0x76, 0x33, 0x2e, 0x52, 0x6f, 0x75, 0x74, 0x65, 0x41, 0x63, 0x74,
+	0x69, 0x6f, 0x6e, 0x2e, 0x48, 0x61, 0x73, 0x68, 0x50, 0x6f, 0x6c, 0x69, 0x63, 0x79, 0x2e, 0x46,
+	0x69, 0x6c, 0x74, 0x65, 0x72, 0x53, 0x74, 0x61, 0x74, 0x65, 0x48, 0x00, 0x52, 0x0b, 0x66, 0x69,
+	0x6c, 0x74, 0x65, 0x72, 0x53, 0x74, 0x61, 0x74, 0x65, 0x12, 0x1a, 0x0a, 0x08, 0x74, 0x65, 0x72,
+	0x6d, 0x69, 0x6e, 0x61, 0x6c, 0x18, 0x04, 0x20, 0x01, 0x28, 0x08, 0x52, 0x08, 0x74, 0x65, 0x72,
+	0x6d, 0x69, 0x6e, 0x61, 0x6c, 0x1a, 0xc6, 0x01, 0x0a, 0x06, 0x48, 0x65, 0x61, 0x64, 0x65, 0x72,
+	0x12, 0x2e, 0x0a, 0x0b, 0x68, 0x65, 0x61, 0x64, 0x65, 0x72, 0x5f, 0x6e, 0x61, 0x6d, 0x65, 0x18,
+	0x01, 0x20, 0x01, 0x28, 0x09, 0x42, 0x0d, 0xfa, 0x42, 0x0a, 0x72, 0x08, 0x10, 0x01, 0xc0, 0x01,
+	0x01, 0xc8, 0x01, 0x00, 0x52, 0x0a, 0x68, 0x65, 0x61, 0x64, 0x65, 0x72, 0x4e, 0x61, 0x6d, 0x65,
+	0x12, 0x53, 0x0a, 0x0d, 0x72, 0x65, 0x67, 0x65, 0x78, 0x5f, 0x72, 0x65, 0x77, 0x72, 0x69, 0x74,
+	0x65, 0x18, 0x02, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x2e, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e,
+	0x74, 0x79, 0x70, 0x65, 0x2e, 0x6d, 0x61, 0x74, 0x63, 0x68, 0x65, 0x72, 0x2e, 0x76, 0x33, 0x2e,
+	0x52, 0x65, 0x67, 0x65, 0x78, 0x4d, 0x61, 0x74, 0x63, 0x68, 0x41, 0x6e, 0x64, 0x53, 0x75, 0x62,
+	0x73, 0x74, 0x69, 0x74, 0x75, 0x74, 0x65, 0x52, 0x0c, 0x72, 0x65, 0x67, 0x65, 0x78, 0x52, 0x65,
+	0x77, 0x72, 0x69, 0x74, 0x65, 0x3a, 0x37, 0x9a, 0xc5, 0x88, 0x1e, 0x32, 0x0a, 0x30, 0x65, 0x6e,
+	0x76, 0x6f, 0x79, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x76, 0x32, 0x2e, 0x72, 0x6f, 0x75, 0x74, 0x65,
+	0x2e, 0x52, 0x6f, 0x75, 0x74, 0x65, 0x41, 0x63, 0x74, 0x69, 0x6f, 0x6e, 0x2e, 0x48, 0x61, 0x73,
+	0x68, 0x50, 0x6f, 0x6c, 0x69, 0x63, 0x79, 0x2e, 0x48, 0x65, 0x61, 0x64, 0x65, 0x72, 0x1a, 0x9f,
+	0x01, 0x0a, 0x06, 0x43, 0x6f, 0x6f, 0x6b, 0x69, 0x65, 0x12, 0x1b, 0x0a, 0x04, 0x6e, 0x61, 0x6d,
+	0x65, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x42, 0x07, 0xfa, 0x42, 0x04, 0x72, 0x02, 0x10, 0x01,
+	0x52, 0x04, 0x6e, 0x61, 0x6d, 0x65, 0x12, 0x2b, 0x0a, 0x03, 0x74, 0x74, 0x6c, 0x18, 0x02, 0x20,
+	0x01, 0x28, 0x0b, 0x32, 0x19, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f,
+	0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x44, 0x75, 0x72, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x52, 0x03,
+	0x74, 0x74, 0x6c, 0x12, 0x12, 0x0a, 0x04, 0x70, 0x61, 0x74, 0x68, 0x18, 0x03, 0x20, 0x01, 0x28,
+	0x09, 0x52, 0x04, 0x70, 0x61, 0x74, 0x68, 0x3a, 0x37, 0x9a, 0xc5, 0x88, 0x1e, 0x32, 0x0a, 0x30,
+	0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x76, 0x32, 0x2e, 0x72, 0x6f, 0x75,
+	0x74, 0x65, 0x2e, 0x52, 0x6f, 0x75, 0x74, 0x65, 0x41, 0x63, 0x74, 0x69, 0x6f, 0x6e, 0x2e, 0x48,
+	0x61, 0x73, 0x68, 0x50, 0x6f, 0x6c, 0x69, 0x63, 0x79, 0x2e, 0x43, 0x6f, 0x6f, 0x6b, 0x69, 0x65,
+	0x1a, 0x7a, 0x0a, 0x14, 0x43, 0x6f, 0x6e, 0x6e, 0x65, 0x63, 0x74, 0x69, 0x6f, 0x6e, 0x50, 0x72,
+	0x6f, 0x70, 0x65, 0x72, 0x74, 0x69, 0x65, 0x73, 0x12, 0x1b, 0x0a, 0x09, 0x73, 0x6f, 0x75, 0x72,
+	0x63, 0x65, 0x5f, 0x69, 0x70, 0x18, 0x01, 0x20, 0x01, 0x28, 0x08, 0x52, 0x08, 0x73, 0x6f, 0x75,
+	0x72, 0x63, 0x65, 0x49, 0x70, 0x3a, 0x45, 0x9a, 0xc5, 0x88, 0x1e, 0x40, 0x0a, 0x3e, 0x65, 0x6e,
+	0x76, 0x6f, 0x79, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x76, 0x32, 0x2e, 0x72, 0x6f, 0x75, 0x74, 0x65,
+	0x2e, 0x52, 0x6f, 0x75, 0x74, 0x65, 0x41, 0x63, 0x74, 0x69, 0x6f, 0x6e, 0x2e, 0x48, 0x61, 0x73,
+	0x68, 0x50, 0x6f, 0x6c, 0x69, 0x63, 0x79, 0x2e, 0x43, 0x6f, 0x6e, 0x6e, 0x65, 0x63, 0x74, 0x69,
+	0x6f, 0x6e, 0x50, 0x72, 0x6f, 0x70, 0x65, 0x72, 0x74, 0x69, 0x65, 0x73, 0x1a, 0x6e, 0x0a, 0x0e,
+	0x51, 0x75, 0x65, 0x72, 0x79, 0x50, 0x61, 0x72, 0x61, 0x6d, 0x65, 0x74, 0x65, 0x72, 0x12, 0x1b,
+	0x0a, 0x04, 0x6e, 0x61, 0x6d, 0x65, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x42, 0x07, 0xfa, 0x42,
+	0x04, 0x72, 0x02, 0x10, 0x01, 0x52, 0x04, 0x6e, 0x61, 0x6d, 0x65, 0x3a, 0x3f, 0x9a, 0xc5, 0x88,
+	0x1e, 0x3a, 0x0a, 0x38, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x76, 0x32,
+	0x2e, 0x72, 0x6f, 0x75, 0x74, 0x65, 0x2e, 0x52, 0x6f, 0x75, 0x74, 0x65, 0x41, 0x63, 0x74, 0x69,
+	0x6f, 0x6e, 0x2e, 0x48, 0x61, 0x73, 0x68, 0x50, 0x6f, 0x6c, 0x69, 0x63, 0x79, 0x2e, 0x51, 0x75,
+	0x65, 0x72, 0x79, 0x50, 0x61, 0x72, 0x61, 0x6d, 0x65, 0x74, 0x65, 0x72, 0x1a, 0x66, 0x0a, 0x0b,
+	0x46, 0x69, 0x6c, 0x74, 0x65, 0x72, 0x53, 0x74, 0x61, 0x74, 0x65, 0x12, 0x19, 0x0a, 0x03, 0x6b,
+	0x65, 0x79, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x42, 0x07, 0xfa, 0x42, 0x04, 0x72, 0x02, 0x10,
+	0x01, 0x52, 0x03, 0x6b, 0x65, 0x79, 0x3a, 0x3c, 0x9a, 0xc5, 0x88, 0x1e, 0x37, 0x0a, 0x35, 0x65,
+	0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x76, 0x32, 0x2e, 0x72, 0x6f, 0x75, 0x74,
+	0x65, 0x2e, 0x52, 0x6f, 0x75, 0x74, 0x65, 0x41, 0x63, 0x74, 0x69, 0x6f, 0x6e, 0x2e, 0x48, 0x61,
+	0x73, 0x68, 0x50, 0x6f, 0x6c, 0x69, 0x63, 0x79, 0x2e, 0x46, 0x69, 0x6c, 0x74, 0x65, 0x72, 0x53,
+	0x74, 0x61, 0x74, 0x65, 0x3a, 0x30, 0x9a, 0xc5, 0x88, 0x1e, 0x2b, 0x0a, 0x29, 0x65, 0x6e, 0x76,
+	0x6f, 0x79, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x76, 0x32, 0x2e, 0x72, 0x6f, 0x75, 0x74, 0x65, 0x2e,
+	0x52, 0x6f, 0x75, 0x74, 0x65, 0x41, 0x63, 0x74, 0x69, 0x6f, 0x6e, 0x2e, 0x48, 0x61, 0x73, 0x68,
+	0x50, 0x6f, 0x6c, 0x69, 0x63, 0x79, 0x42, 0x17, 0x0a, 0x10, 0x70, 0x6f, 0x6c, 0x69, 0x63, 0x79,
+	0x5f, 0x73, 0x70, 0x65, 0x63, 0x69, 0x66, 0x69, 0x65, 0x72, 0x12, 0x03, 0xf8, 0x42, 0x01, 0x1a,
+	0xa3, 0x03, 0x0a, 0x0d, 0x55, 0x70, 0x67, 0x72, 0x61, 0x64, 0x65, 0x43, 0x6f, 0x6e, 0x66, 0x69,
+	0x67, 0x12, 0x30, 0x0a, 0x0c, 0x75, 0x70, 0x67, 0x72, 0x61, 0x64, 0x65, 0x5f, 0x74, 0x79, 0x70,
+	0x65, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x42, 0x0d, 0xfa, 0x42, 0x0a, 0x72, 0x08, 0x10, 0x01,
+	0xc0, 0x01, 0x02, 0xc8, 0x01, 0x00, 0x52, 0x0b, 0x75, 0x70, 0x67, 0x72, 0x61, 0x64, 0x65, 0x54,
+	0x79, 0x70, 0x65, 0x12, 0x34, 0x0a, 0x07, 0x65, 0x6e, 0x61, 0x62, 0x6c, 0x65, 0x64, 0x18, 0x02,
+	0x20, 0x01, 0x28, 0x0b, 0x32, 0x1a, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72,
+	0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x42, 0x6f, 0x6f, 0x6c, 0x56, 0x61, 0x6c, 0x75, 0x65,
+	0x52, 0x07, 0x65, 0x6e, 0x61, 0x62, 0x6c, 0x65, 0x64, 0x12, 0x65, 0x0a, 0x0e, 0x63, 0x6f, 0x6e,
+	0x6e, 0x65, 0x63, 0x74, 0x5f, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x18, 0x03, 0x20, 0x01, 0x28,
+	0x0b, 0x32, 0x3e, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67,
+	0x2e, 0x72, 0x6f, 0x75, 0x74, 0x65, 0x2e, 0x76, 0x33, 0x2e, 0x52, 0x6f, 0x75, 0x74, 0x65, 0x41,
+	0x63, 0x74, 0x69, 0x6f, 0x6e, 0x2e, 0x55, 0x70, 0x67, 0x72, 0x61, 0x64, 0x65, 0x43, 0x6f, 0x6e,
+	0x66, 0x69, 0x67, 0x2e, 0x43, 0x6f, 0x6e, 0x6e, 0x65, 0x63, 0x74, 0x43, 0x6f, 0x6e, 0x66, 0x69,
+	0x67, 0x52, 0x0d, 0x63, 0x6f, 0x6e, 0x6e, 0x65, 0x63, 0x74, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67,
+	0x1a, 0x8d, 0x01, 0x0a, 0x0d, 0x43, 0x6f, 0x6e, 0x6e, 0x65, 0x63, 0x74, 0x43, 0x6f, 0x6e, 0x66,
+	0x69, 0x67, 0x12, 0x5d, 0x0a, 0x15, 0x70, 0x72, 0x6f, 0x78, 0x79, 0x5f, 0x70, 0x72, 0x6f, 0x74,
+	0x6f, 0x63, 0x6f, 0x6c, 0x5f, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x18, 0x01, 0x20, 0x01, 0x28,
+	0x0b, 0x32, 0x29, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67,
+	0x2e, 0x63, 0x6f, 0x72, 0x65, 0x2e, 0x76, 0x33, 0x2e, 0x50, 0x72, 0x6f, 0x78, 0x79, 0x50, 0x72,
+	0x6f, 0x74, 0x6f, 0x63, 0x6f, 0x6c, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x52, 0x13, 0x70, 0x72,
+	0x6f, 0x78, 0x79, 0x50, 0x72, 0x6f, 0x74, 0x6f, 0x63, 0x6f, 0x6c, 0x43, 0x6f, 0x6e, 0x66, 0x69,
+	0x67, 0x12, 0x1d, 0x0a, 0x0a, 0x61, 0x6c, 0x6c, 0x6f, 0x77, 0x5f, 0x70, 0x6f, 0x73, 0x74, 0x18,
+	0x02, 0x20, 0x01, 0x28, 0x08, 0x52, 0x09, 0x61, 0x6c, 0x6c, 0x6f, 0x77, 0x50, 0x6f, 0x73, 0x74,
+	0x3a, 0x33, 0x9a, 0xc5, 0x88, 0x1e, 0x2e, 0x0a, 0x2c, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61,
+	0x70, 0x69, 0x2e, 0x76, 0x32, 0x2e, 0x72, 0x6f, 0x75, 0x74, 0x65, 0x2e, 0x52, 0x6f, 0x75, 0x74,
+	0x65, 0x41, 0x63, 0x74, 0x69, 0x6f, 0x6e, 0x2e, 0x55, 0x70, 0x67, 0x72, 0x61, 0x64, 0x65, 0x43,
+	0x6f, 0x6e, 0x66, 0x69, 0x67, 0x1a, 0x88, 0x02, 0x0a, 0x11, 0x4d, 0x61, 0x78, 0x53, 0x74, 0x72,
+	0x65, 0x61, 0x6d, 0x44, 0x75, 0x72, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x12, 0x49, 0x0a, 0x13, 0x6d,
+	0x61, 0x78, 0x5f, 0x73, 0x74, 0x72, 0x65, 0x61, 0x6d, 0x5f, 0x64, 0x75, 0x72, 0x61, 0x74, 0x69,
+	0x6f, 0x6e, 0x18, 0x01, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x19, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c,
+	0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x44, 0x75, 0x72, 0x61, 0x74,
+	0x69, 0x6f, 0x6e, 0x52, 0x11, 0x6d, 0x61, 0x78, 0x53, 0x74, 0x72, 0x65, 0x61, 0x6d, 0x44, 0x75,
+	0x72, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x12, 0x50, 0x0a, 0x17, 0x67, 0x72, 0x70, 0x63, 0x5f, 0x74,
+	0x69, 0x6d, 0x65, 0x6f, 0x75, 0x74, 0x5f, 0x68, 0x65, 0x61, 0x64, 0x65, 0x72, 0x5f, 0x6d, 0x61,
+	0x78, 0x18, 0x02, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x19, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65,
+	0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x44, 0x75, 0x72, 0x61, 0x74, 0x69,
+	0x6f, 0x6e, 0x52, 0x14, 0x67, 0x72, 0x70, 0x63, 0x54, 0x69, 0x6d, 0x65, 0x6f, 0x75, 0x74, 0x48,
+	0x65, 0x61, 0x64, 0x65, 0x72, 0x4d, 0x61, 0x78, 0x12, 0x56, 0x0a, 0x1a, 0x67, 0x72, 0x70, 0x63,
+	0x5f, 0x74, 0x69, 0x6d, 0x65, 0x6f, 0x75, 0x74, 0x5f, 0x68, 0x65, 0x61, 0x64, 0x65, 0x72, 0x5f,
+	0x6f, 0x66, 0x66, 0x73, 0x65, 0x74, 0x18, 0x03, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x19, 0x2e, 0x67,
+	0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x44,
+	0x75, 0x72, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x52, 0x17, 0x67, 0x72, 0x70, 0x63, 0x54, 0x69, 0x6d,
+	0x65, 0x6f, 0x75, 0x74, 0x48, 0x65, 0x61, 0x64, 0x65, 0x72, 0x4f, 0x66, 0x66, 0x73, 0x65, 0x74,
+	0x22, 0x45, 0x0a, 0x1b, 0x43, 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0x4e, 0x6f, 0x74, 0x46, 0x6f,
+	0x75, 0x6e, 0x64, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x43, 0x6f, 0x64, 0x65, 0x12,
+	0x17, 0x0a, 0x13, 0x53, 0x45, 0x52, 0x56, 0x49, 0x43, 0x45, 0x5f, 0x55, 0x4e, 0x41, 0x56, 0x41,
+	0x49, 0x4c, 0x41, 0x42, 0x4c, 0x45, 0x10, 0x00, 0x12, 0x0d, 0x0a, 0x09, 0x4e, 0x4f, 0x54, 0x5f,
+	0x46, 0x4f, 0x55, 0x4e, 0x44, 0x10, 0x01, 0x22, 0x5e, 0x0a, 0x16, 0x49, 0x6e, 0x74, 0x65, 0x72,
+	0x6e, 0x61, 0x6c, 0x52, 0x65, 0x64, 0x69, 0x72, 0x65, 0x63, 0x74, 0x41, 0x63, 0x74, 0x69, 0x6f,
+	0x6e, 0x12, 0x22, 0x0a, 0x1e, 0x50, 0x41, 0x53, 0x53, 0x5f, 0x54, 0x48, 0x52, 0x4f, 0x55, 0x47,
+	0x48, 0x5f, 0x49, 0x4e, 0x54, 0x45, 0x52, 0x4e, 0x41, 0x4c, 0x5f, 0x52, 0x45, 0x44, 0x49, 0x52,
+	0x45, 0x43, 0x54, 0x10, 0x00, 0x12, 0x1c, 0x0a, 0x18, 0x48, 0x41, 0x4e, 0x44, 0x4c, 0x45, 0x5f,
+	0x49, 0x4e, 0x54, 0x45, 0x52, 0x4e, 0x41, 0x4c, 0x5f, 0x52, 0x45, 0x44, 0x49, 0x52, 0x45, 0x43,
+	0x54, 0x10, 0x01, 0x1a, 0x02, 0x18, 0x01, 0x3a, 0x25, 0x9a, 0xc5, 0x88, 0x1e, 0x20, 0x0a, 0x1e,
+	0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x76, 0x32, 0x2e, 0x72, 0x6f, 0x75,
+	0x74, 0x65, 0x2e, 0x52, 0x6f, 0x75, 0x74, 0x65, 0x41, 0x63, 0x74, 0x69, 0x6f, 0x6e, 0x42, 0x18,
+	0x0a, 0x11, 0x63, 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0x5f, 0x73, 0x70, 0x65, 0x63, 0x69, 0x66,
+	0x69, 0x65, 0x72, 0x12, 0x03, 0xf8, 0x42, 0x01, 0x42, 0x18, 0x0a, 0x16, 0x68, 0x6f, 0x73, 0x74,
+	0x5f, 0x72, 0x65, 0x77, 0x72, 0x69, 0x74, 0x65, 0x5f, 0x73, 0x70, 0x65, 0x63, 0x69, 0x66, 0x69,
+	0x65, 0x72, 0x4a, 0x04, 0x08, 0x0c, 0x10, 0x0d, 0x4a, 0x04, 0x08, 0x12, 0x10, 0x13, 0x4a, 0x04,
+	0x08, 0x13, 0x10, 0x14, 0x4a, 0x04, 0x08, 0x10, 0x10, 0x11, 0x4a, 0x04, 0x08, 0x16, 0x10, 0x17,
+	0x4a, 0x04, 0x08, 0x15, 0x10, 0x16, 0x4a, 0x04, 0x08, 0x0a, 0x10, 0x0b, 0x52, 0x15, 0x72, 0x65,
+	0x71, 0x75, 0x65, 0x73, 0x74, 0x5f, 0x6d, 0x69, 0x72, 0x72, 0x6f, 0x72, 0x5f, 0x70, 0x6f, 0x6c,
+	0x69, 0x63, 0x79, 0x22, 0xbf, 0x10, 0x0a, 0x0b, 0x52, 0x65, 0x74, 0x72, 0x79, 0x50, 0x6f, 0x6c,
+	0x69, 0x63, 0x79, 0x12, 0x19, 0x0a, 0x08, 0x72, 0x65, 0x74, 0x72, 0x79, 0x5f, 0x6f, 0x6e, 0x18,
+	0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x07, 0x72, 0x65, 0x74, 0x72, 0x79, 0x4f, 0x6e, 0x12, 0x52,
+	0x0a, 0x0b, 0x6e, 0x75, 0x6d, 0x5f, 0x72, 0x65, 0x74, 0x72, 0x69, 0x65, 0x73, 0x18, 0x02, 0x20,
+	0x01, 0x28, 0x0b, 0x32, 0x1c, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f,
+	0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x55, 0x49, 0x6e, 0x74, 0x33, 0x32, 0x56, 0x61, 0x6c, 0x75,
+	0x65, 0x42, 0x13, 0xf2, 0x98, 0xfe, 0x8f, 0x05, 0x0d, 0x0a, 0x0b, 0x6d, 0x61, 0x78, 0x5f, 0x72,
+	0x65, 0x74, 0x72, 0x69, 0x65, 0x73, 0x52, 0x0a, 0x6e, 0x75, 0x6d, 0x52, 0x65, 0x74, 0x72, 0x69,
+	0x65, 0x73, 0x12, 0x41, 0x0a, 0x0f, 0x70, 0x65, 0x72, 0x5f, 0x74, 0x72, 0x79, 0x5f, 0x74, 0x69,
+	0x6d, 0x65, 0x6f, 0x75, 0x74, 0x18, 0x03, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x19, 0x2e, 0x67, 0x6f,
+	0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x44, 0x75,
+	0x72, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x52, 0x0d, 0x70, 0x65, 0x72, 0x54, 0x72, 0x79, 0x54, 0x69,
+	0x6d, 0x65, 0x6f, 0x75, 0x74, 0x12, 0x4a, 0x0a, 0x14, 0x70, 0x65, 0x72, 0x5f, 0x74, 0x72, 0x79,
+	0x5f, 0x69, 0x64, 0x6c, 0x65, 0x5f, 0x74, 0x69, 0x6d, 0x65, 0x6f, 0x75, 0x74, 0x18, 0x0d, 0x20,
+	0x01, 0x28, 0x0b, 0x32, 0x19, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f,
+	0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x44, 0x75, 0x72, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x52, 0x11,
+	0x70, 0x65, 0x72, 0x54, 0x72, 0x79, 0x49, 0x64, 0x6c, 0x65, 0x54, 0x69, 0x6d, 0x65, 0x6f, 0x75,
+	0x74, 0x12, 0x57, 0x0a, 0x0e, 0x72, 0x65, 0x74, 0x72, 0x79, 0x5f, 0x70, 0x72, 0x69, 0x6f, 0x72,
+	0x69, 0x74, 0x79, 0x18, 0x04, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x30, 0x2e, 0x65, 0x6e, 0x76, 0x6f,
+	0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x72, 0x6f, 0x75, 0x74, 0x65, 0x2e, 0x76,
+	0x33, 0x2e, 0x52, 0x65, 0x74, 0x72, 0x79, 0x50, 0x6f, 0x6c, 0x69, 0x63, 0x79, 0x2e, 0x52, 0x65,
+	0x74, 0x72, 0x79, 0x50, 0x72, 0x69, 0x6f, 0x72, 0x69, 0x74, 0x79, 0x52, 0x0d, 0x72, 0x65, 0x74,
+	0x72, 0x79, 0x50, 0x72, 0x69, 0x6f, 0x72, 0x69, 0x74, 0x79, 0x12, 0x67, 0x0a, 0x14, 0x72, 0x65,
+	0x74, 0x72, 0x79, 0x5f, 0x68, 0x6f, 0x73, 0x74, 0x5f, 0x70, 0x72, 0x65, 0x64, 0x69, 0x63, 0x61,
+	0x74, 0x65, 0x18, 0x05, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x35, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79,
+	0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x72, 0x6f, 0x75, 0x74, 0x65, 0x2e, 0x76, 0x33,
+	0x2e, 0x52, 0x65, 0x74, 0x72, 0x79, 0x50, 0x6f, 0x6c, 0x69, 0x63, 0x79, 0x2e, 0x52, 0x65, 0x74,
+	0x72, 0x79, 0x48, 0x6f, 0x73, 0x74, 0x50, 0x72, 0x65, 0x64, 0x69, 0x63, 0x61, 0x74, 0x65, 0x52,
+	0x12, 0x72, 0x65, 0x74, 0x72, 0x79, 0x48, 0x6f, 0x73, 0x74, 0x50, 0x72, 0x65, 0x64, 0x69, 0x63,
+	0x61, 0x74, 0x65, 0x12, 0x64, 0x0a, 0x18, 0x72, 0x65, 0x74, 0x72, 0x79, 0x5f, 0x6f, 0x70, 0x74,
+	0x69, 0x6f, 0x6e, 0x73, 0x5f, 0x70, 0x72, 0x65, 0x64, 0x69, 0x63, 0x61, 0x74, 0x65, 0x73, 0x18,
+	0x0c, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x2a, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f,
+	0x6e, 0x66, 0x69, 0x67, 0x2e, 0x63, 0x6f, 0x72, 0x65, 0x2e, 0x76, 0x33, 0x2e, 0x54, 0x79, 0x70,
+	0x65, 0x64, 0x45, 0x78, 0x74, 0x65, 0x6e, 0x73, 0x69, 0x6f, 0x6e, 0x43, 0x6f, 0x6e, 0x66, 0x69,
+	0x67, 0x52, 0x16, 0x72, 0x65, 0x74, 0x72, 0x79, 0x4f, 0x70, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x50,
+	0x72, 0x65, 0x64, 0x69, 0x63, 0x61, 0x74, 0x65, 0x73, 0x12, 0x48, 0x0a, 0x21, 0x68, 0x6f, 0x73,
+	0x74, 0x5f, 0x73, 0x65, 0x6c, 0x65, 0x63, 0x74, 0x69, 0x6f, 0x6e, 0x5f, 0x72, 0x65, 0x74, 0x72,
+	0x79, 0x5f, 0x6d, 0x61, 0x78, 0x5f, 0x61, 0x74, 0x74, 0x65, 0x6d, 0x70, 0x74, 0x73, 0x18, 0x06,
+	0x20, 0x01, 0x28, 0x03, 0x52, 0x1d, 0x68, 0x6f, 0x73, 0x74, 0x53, 0x65, 0x6c, 0x65, 0x63, 0x74,
+	0x69, 0x6f, 0x6e, 0x52, 0x65, 0x74, 0x72, 0x79, 0x4d, 0x61, 0x78, 0x41, 0x74, 0x74, 0x65, 0x6d,
+	0x70, 0x74, 0x73, 0x12, 0x34, 0x0a, 0x16, 0x72, 0x65, 0x74, 0x72, 0x69, 0x61, 0x62, 0x6c, 0x65,
+	0x5f, 0x73, 0x74, 0x61, 0x74, 0x75, 0x73, 0x5f, 0x63, 0x6f, 0x64, 0x65, 0x73, 0x18, 0x07, 0x20,
+	0x03, 0x28, 0x0d, 0x52, 0x14, 0x72, 0x65, 0x74, 0x72, 0x69, 0x61, 0x62, 0x6c, 0x65, 0x53, 0x74,
+	0x61, 0x74, 0x75, 0x73, 0x43, 0x6f, 0x64, 0x65, 0x73, 0x12, 0x55, 0x0a, 0x0e, 0x72, 0x65, 0x74,
+	0x72, 0x79, 0x5f, 0x62, 0x61, 0x63, 0x6b, 0x5f, 0x6f, 0x66, 0x66, 0x18, 0x08, 0x20, 0x01, 0x28,
+	0x0b, 0x32, 0x2f, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67,
+	0x2e, 0x72, 0x6f, 0x75, 0x74, 0x65, 0x2e, 0x76, 0x33, 0x2e, 0x52, 0x65, 0x74, 0x72, 0x79, 0x50,
+	0x6f, 0x6c, 0x69, 0x63, 0x79, 0x2e, 0x52, 0x65, 0x74, 0x72, 0x79, 0x42, 0x61, 0x63, 0x6b, 0x4f,
+	0x66, 0x66, 0x52, 0x0c, 0x72, 0x65, 0x74, 0x72, 0x79, 0x42, 0x61, 0x63, 0x6b, 0x4f, 0x66, 0x66,
+	0x12, 0x78, 0x0a, 0x1b, 0x72, 0x61, 0x74, 0x65, 0x5f, 0x6c, 0x69, 0x6d, 0x69, 0x74, 0x65, 0x64,
+	0x5f, 0x72, 0x65, 0x74, 0x72, 0x79, 0x5f, 0x62, 0x61, 0x63, 0x6b, 0x5f, 0x6f, 0x66, 0x66, 0x18,
+	0x0b, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x3a, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f,
+	0x6e, 0x66, 0x69, 0x67, 0x2e, 0x72, 0x6f, 0x75, 0x74, 0x65, 0x2e, 0x76, 0x33, 0x2e, 0x52, 0x65,
+	0x74, 0x72, 0x79, 0x50, 0x6f, 0x6c, 0x69, 0x63, 0x79, 0x2e, 0x52, 0x61, 0x74, 0x65, 0x4c, 0x69,
+	0x6d, 0x69, 0x74, 0x65, 0x64, 0x52, 0x65, 0x74, 0x72, 0x79, 0x42, 0x61, 0x63, 0x6b, 0x4f, 0x66,
+	0x66, 0x52, 0x17, 0x72, 0x61, 0x74, 0x65, 0x4c, 0x69, 0x6d, 0x69, 0x74, 0x65, 0x64, 0x52, 0x65,
+	0x74, 0x72, 0x79, 0x42, 0x61, 0x63, 0x6b, 0x4f, 0x66, 0x66, 0x12, 0x51, 0x0a, 0x11, 0x72, 0x65,
+	0x74, 0x72, 0x69, 0x61, 0x62, 0x6c, 0x65, 0x5f, 0x68, 0x65, 0x61, 0x64, 0x65, 0x72, 0x73, 0x18,
+	0x09, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x24, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f,
+	0x6e, 0x66, 0x69, 0x67, 0x2e, 0x72, 0x6f, 0x75, 0x74, 0x65, 0x2e, 0x76, 0x33, 0x2e, 0x48, 0x65,
+	0x61, 0x64, 0x65, 0x72, 0x4d, 0x61, 0x74, 0x63, 0x68, 0x65, 0x72, 0x52, 0x10, 0x72, 0x65, 0x74,
+	0x72, 0x69, 0x61, 0x62, 0x6c, 0x65, 0x48, 0x65, 0x61, 0x64, 0x65, 0x72, 0x73, 0x12, 0x60, 0x0a,
+	0x19, 0x72, 0x65, 0x74, 0x72, 0x69, 0x61, 0x62, 0x6c, 0x65, 0x5f, 0x72, 0x65, 0x71, 0x75, 0x65,
+	0x73, 0x74, 0x5f, 0x68, 0x65, 0x61, 0x64, 0x65, 0x72, 0x73, 0x18, 0x0a, 0x20, 0x03, 0x28, 0x0b,
+	0x32, 0x24, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e,
+	0x72, 0x6f, 0x75, 0x74, 0x65, 0x2e, 0x76, 0x33, 0x2e, 0x48, 0x65, 0x61, 0x64, 0x65, 0x72, 0x4d,
+	0x61, 0x74, 0x63, 0x68, 0x65, 0x72, 0x52, 0x17, 0x72, 0x65, 0x74, 0x72, 0x69, 0x61, 0x62, 0x6c,
+	0x65, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x48, 0x65, 0x61, 0x64, 0x65, 0x72, 0x73, 0x1a,
+	0xb9, 0x01, 0x0a, 0x0d, 0x52, 0x65, 0x74, 0x72, 0x79, 0x50, 0x72, 0x69, 0x6f, 0x72, 0x69, 0x74,
+	0x79, 0x12, 0x1b, 0x0a, 0x04, 0x6e, 0x61, 0x6d, 0x65, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x42,
+	0x07, 0xfa, 0x42, 0x04, 0x72, 0x02, 0x10, 0x01, 0x52, 0x04, 0x6e, 0x61, 0x6d, 0x65, 0x12, 0x39,
+	0x0a, 0x0c, 0x74, 0x79, 0x70, 0x65, 0x64, 0x5f, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x18, 0x03,
+	0x20, 0x01, 0x28, 0x0b, 0x32, 0x14, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72,
+	0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x41, 0x6e, 0x79, 0x48, 0x00, 0x52, 0x0b, 0x74, 0x79,
+	0x70, 0x65, 0x64, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x3a, 0x33, 0x9a, 0xc5, 0x88, 0x1e, 0x2e,
+	0x0a, 0x2c, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x76, 0x32, 0x2e, 0x72,
+	0x6f, 0x75, 0x74, 0x65, 0x2e, 0x52, 0x65, 0x74, 0x72, 0x79, 0x50, 0x6f, 0x6c, 0x69, 0x63, 0x79,
+	0x2e, 0x52, 0x65, 0x74, 0x72, 0x79, 0x50, 0x72, 0x69, 0x6f, 0x72, 0x69, 0x74, 0x79, 0x42, 0x0d,
+	0x0a, 0x0b, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x5f, 0x74, 0x79, 0x70, 0x65, 0x4a, 0x04, 0x08,
+	0x02, 0x10, 0x03, 0x52, 0x06, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x1a, 0xc3, 0x01, 0x0a, 0x12,
+	0x52, 0x65, 0x74, 0x72, 0x79, 0x48, 0x6f, 0x73, 0x74, 0x50, 0x72, 0x65, 0x64, 0x69, 0x63, 0x61,
+	0x74, 0x65, 0x12, 0x1b, 0x0a, 0x04, 0x6e, 0x61, 0x6d, 0x65, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09,
+	0x42, 0x07, 0xfa, 0x42, 0x04, 0x72, 0x02, 0x10, 0x01, 0x52, 0x04, 0x6e, 0x61, 0x6d, 0x65, 0x12,
+	0x39, 0x0a, 0x0c, 0x74, 0x79, 0x70, 0x65, 0x64, 0x5f, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x18,
+	0x03, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x14, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70,
+	0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x41, 0x6e, 0x79, 0x48, 0x00, 0x52, 0x0b, 0x74,
+	0x79, 0x70, 0x65, 0x64, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x3a, 0x38, 0x9a, 0xc5, 0x88, 0x1e,
+	0x33, 0x0a, 0x31, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x76, 0x32, 0x2e,
+	0x72, 0x6f, 0x75, 0x74, 0x65, 0x2e, 0x52, 0x65, 0x74, 0x72, 0x79, 0x50, 0x6f, 0x6c, 0x69, 0x63,
+	0x79, 0x2e, 0x52, 0x65, 0x74, 0x72, 0x79, 0x48, 0x6f, 0x73, 0x74, 0x50, 0x72, 0x65, 0x64, 0x69,
+	0x63, 0x61, 0x74, 0x65, 0x42, 0x0d, 0x0a, 0x0b, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x5f, 0x74,
+	0x79, 0x70, 0x65, 0x4a, 0x04, 0x08, 0x02, 0x10, 0x03, 0x52, 0x06, 0x63, 0x6f, 0x6e, 0x66, 0x69,
+	0x67, 0x1a, 0xd6, 0x01, 0x0a, 0x0c, 0x52, 0x65, 0x74, 0x72, 0x79, 0x42, 0x61, 0x63, 0x6b, 0x4f,
+	0x66, 0x66, 0x12, 0x4a, 0x0a, 0x0d, 0x62, 0x61, 0x73, 0x65, 0x5f, 0x69, 0x6e, 0x74, 0x65, 0x72,
+	0x76, 0x61, 0x6c, 0x18, 0x01, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x19, 0x2e, 0x67, 0x6f, 0x6f, 0x67,
+	0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x44, 0x75, 0x72, 0x61,
+	0x74, 0x69, 0x6f, 0x6e, 0x42, 0x0a, 0xfa, 0x42, 0x07, 0xaa, 0x01, 0x04, 0x08, 0x01, 0x2a, 0x00,
+	0x52, 0x0c, 0x62, 0x61, 0x73, 0x65, 0x49, 0x6e, 0x74, 0x65, 0x72, 0x76, 0x61, 0x6c, 0x12, 0x46,
+	0x0a, 0x0c, 0x6d, 0x61, 0x78, 0x5f, 0x69, 0x6e, 0x74, 0x65, 0x72, 0x76, 0x61, 0x6c, 0x18, 0x02,
+	0x20, 0x01, 0x28, 0x0b, 0x32, 0x19, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72,
+	0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x44, 0x75, 0x72, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x42,
+	0x08, 0xfa, 0x42, 0x05, 0xaa, 0x01, 0x02, 0x2a, 0x00, 0x52, 0x0b, 0x6d, 0x61, 0x78, 0x49, 0x6e,
+	0x74, 0x65, 0x72, 0x76, 0x61, 0x6c, 0x3a, 0x32, 0x9a, 0xc5, 0x88, 0x1e, 0x2d, 0x0a, 0x2b, 0x65,
+	0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x76, 0x32, 0x2e, 0x72, 0x6f, 0x75, 0x74,
+	0x65, 0x2e, 0x52, 0x65, 0x74, 0x72, 0x79, 0x50, 0x6f, 0x6c, 0x69, 0x63, 0x79, 0x2e, 0x52, 0x65,
+	0x74, 0x72, 0x79, 0x42, 0x61, 0x63, 0x6b, 0x4f, 0x66, 0x66, 0x1a, 0x88, 0x01, 0x0a, 0x0b, 0x52,
+	0x65, 0x73, 0x65, 0x74, 0x48, 0x65, 0x61, 0x64, 0x65, 0x72, 0x12, 0x21, 0x0a, 0x04, 0x6e, 0x61,
+	0x6d, 0x65, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x42, 0x0d, 0xfa, 0x42, 0x0a, 0x72, 0x08, 0x10,
+	0x01, 0xc0, 0x01, 0x01, 0xc8, 0x01, 0x00, 0x52, 0x04, 0x6e, 0x61, 0x6d, 0x65, 0x12, 0x56, 0x0a,
+	0x06, 0x66, 0x6f, 0x72, 0x6d, 0x61, 0x74, 0x18, 0x02, 0x20, 0x01, 0x28, 0x0e, 0x32, 0x34, 0x2e,
+	0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x72, 0x6f, 0x75,
+	0x74, 0x65, 0x2e, 0x76, 0x33, 0x2e, 0x52, 0x65, 0x74, 0x72, 0x79, 0x50, 0x6f, 0x6c, 0x69, 0x63,
+	0x79, 0x2e, 0x52, 0x65, 0x73, 0x65, 0x74, 0x48, 0x65, 0x61, 0x64, 0x65, 0x72, 0x46, 0x6f, 0x72,
+	0x6d, 0x61, 0x74, 0x42, 0x08, 0xfa, 0x42, 0x05, 0x82, 0x01, 0x02, 0x10, 0x01, 0x52, 0x06, 0x66,
+	0x6f, 0x72, 0x6d, 0x61, 0x74, 0x1a, 0xc0, 0x01, 0x0a, 0x17, 0x52, 0x61, 0x74, 0x65, 0x4c, 0x69,
+	0x6d, 0x69, 0x74, 0x65, 0x64, 0x52, 0x65, 0x74, 0x72, 0x79, 0x42, 0x61, 0x63, 0x6b, 0x4f, 0x66,
+	0x66, 0x12, 0x5d, 0x0a, 0x0d, 0x72, 0x65, 0x73, 0x65, 0x74, 0x5f, 0x68, 0x65, 0x61, 0x64, 0x65,
+	0x72, 0x73, 0x18, 0x01, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x2e, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79,
+	0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x72, 0x6f, 0x75, 0x74, 0x65, 0x2e, 0x76, 0x33,
+	0x2e, 0x52, 0x65, 0x74, 0x72, 0x79, 0x50, 0x6f, 0x6c, 0x69, 0x63, 0x79, 0x2e, 0x52, 0x65, 0x73,
+	0x65, 0x74, 0x48, 0x65, 0x61, 0x64, 0x65, 0x72, 0x42, 0x08, 0xfa, 0x42, 0x05, 0x92, 0x01, 0x02,
+	0x08, 0x01, 0x52, 0x0c, 0x72, 0x65, 0x73, 0x65, 0x74, 0x48, 0x65, 0x61, 0x64, 0x65, 0x72, 0x73,
+	0x12, 0x46, 0x0a, 0x0c, 0x6d, 0x61, 0x78, 0x5f, 0x69, 0x6e, 0x74, 0x65, 0x72, 0x76, 0x61, 0x6c,
+	0x18, 0x02, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x19, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e,
+	0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x44, 0x75, 0x72, 0x61, 0x74, 0x69, 0x6f,
+	0x6e, 0x42, 0x08, 0xfa, 0x42, 0x05, 0xaa, 0x01, 0x02, 0x2a, 0x00, 0x52, 0x0b, 0x6d, 0x61, 0x78,
+	0x49, 0x6e, 0x74, 0x65, 0x72, 0x76, 0x61, 0x6c, 0x22, 0x34, 0x0a, 0x11, 0x52, 0x65, 0x73, 0x65,
+	0x74, 0x48, 0x65, 0x61, 0x64, 0x65, 0x72, 0x46, 0x6f, 0x72, 0x6d, 0x61, 0x74, 0x12, 0x0b, 0x0a,
+	0x07, 0x53, 0x45, 0x43, 0x4f, 0x4e, 0x44, 0x53, 0x10, 0x00, 0x12, 0x12, 0x0a, 0x0e, 0x55, 0x4e,
+	0x49, 0x58, 0x5f, 0x54, 0x49, 0x4d, 0x45, 0x53, 0x54, 0x41, 0x4d, 0x50, 0x10, 0x01, 0x3a, 0x25,
+	0x9a, 0xc5, 0x88, 0x1e, 0x20, 0x0a, 0x1e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61, 0x70, 0x69,
+	0x2e, 0x76, 0x32, 0x2e, 0x72, 0x6f, 0x75, 0x74, 0x65, 0x2e, 0x52, 0x65, 0x74, 0x72, 0x79, 0x50,
+	0x6f, 0x6c, 0x69, 0x63, 0x79, 0x22, 0x9c, 0x02, 0x0a, 0x0b, 0x48, 0x65, 0x64, 0x67, 0x65, 0x50,
+	0x6f, 0x6c, 0x69, 0x63, 0x79, 0x12, 0x50, 0x0a, 0x10, 0x69, 0x6e, 0x69, 0x74, 0x69, 0x61, 0x6c,
+	0x5f, 0x72, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x73, 0x18, 0x01, 0x20, 0x01, 0x28, 0x0b, 0x32,
+	0x1c, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75,
+	0x66, 0x2e, 0x55, 0x49, 0x6e, 0x74, 0x33, 0x32, 0x56, 0x61, 0x6c, 0x75, 0x65, 0x42, 0x07, 0xfa,
+	0x42, 0x04, 0x2a, 0x02, 0x28, 0x01, 0x52, 0x0f, 0x69, 0x6e, 0x69, 0x74, 0x69, 0x61, 0x6c, 0x52,
+	0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x73, 0x12, 0x5c, 0x0a, 0x19, 0x61, 0x64, 0x64, 0x69, 0x74,
+	0x69, 0x6f, 0x6e, 0x61, 0x6c, 0x5f, 0x72, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x5f, 0x63, 0x68,
+	0x61, 0x6e, 0x63, 0x65, 0x18, 0x02, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x20, 0x2e, 0x65, 0x6e, 0x76,
+	0x6f, 0x79, 0x2e, 0x74, 0x79, 0x70, 0x65, 0x2e, 0x76, 0x33, 0x2e, 0x46, 0x72, 0x61, 0x63, 0x74,
+	0x69, 0x6f, 0x6e, 0x61, 0x6c, 0x50, 0x65, 0x72, 0x63, 0x65, 0x6e, 0x74, 0x52, 0x17, 0x61, 0x64,
+	0x64, 0x69, 0x74, 0x69, 0x6f, 0x6e, 0x61, 0x6c, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x43,
+	0x68, 0x61, 0x6e, 0x63, 0x65, 0x12, 0x36, 0x0a, 0x18, 0x68, 0x65, 0x64, 0x67, 0x65, 0x5f, 0x6f,
+	0x6e, 0x5f, 0x70, 0x65, 0x72, 0x5f, 0x74, 0x72, 0x79, 0x5f, 0x74, 0x69, 0x6d, 0x65, 0x6f, 0x75,
+	0x74, 0x18, 0x03, 0x20, 0x01, 0x28, 0x08, 0x52, 0x14, 0x68, 0x65, 0x64, 0x67, 0x65, 0x4f, 0x6e,
+	0x50, 0x65, 0x72, 0x54, 0x72, 0x79, 0x54, 0x69, 0x6d, 0x65, 0x6f, 0x75, 0x74, 0x3a, 0x25, 0x9a,
+	0xc5, 0x88, 0x1e, 0x20, 0x0a, 0x1e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61, 0x70, 0x69, 0x2e,
+	0x76, 0x32, 0x2e, 0x72, 0x6f, 0x75, 0x74, 0x65, 0x2e, 0x48, 0x65, 0x64, 0x67, 0x65, 0x50, 0x6f,
+	0x6c, 0x69, 0x63, 0x79, 0x22, 0xe1, 0x05, 0x0a, 0x0e, 0x52, 0x65, 0x64, 0x69, 0x72, 0x65, 0x63,
+	0x74, 0x41, 0x63, 0x74, 0x69, 0x6f, 0x6e, 0x12, 0x27, 0x0a, 0x0e, 0x68, 0x74, 0x74, 0x70, 0x73,
+	0x5f, 0x72, 0x65, 0x64, 0x69, 0x72, 0x65, 0x63, 0x74, 0x18, 0x04, 0x20, 0x01, 0x28, 0x08, 0x48,
+	0x00, 0x52, 0x0d, 0x68, 0x74, 0x74, 0x70, 0x73, 0x52, 0x65, 0x64, 0x69, 0x72, 0x65, 0x63, 0x74,
+	0x12, 0x29, 0x0a, 0x0f, 0x73, 0x63, 0x68, 0x65, 0x6d, 0x65, 0x5f, 0x72, 0x65, 0x64, 0x69, 0x72,
+	0x65, 0x63, 0x74, 0x18, 0x07, 0x20, 0x01, 0x28, 0x09, 0x48, 0x00, 0x52, 0x0e, 0x73, 0x63, 0x68,
+	0x65, 0x6d, 0x65, 0x52, 0x65, 0x64, 0x69, 0x72, 0x65, 0x63, 0x74, 0x12, 0x30, 0x0a, 0x0d, 0x68,
+	0x6f, 0x73, 0x74, 0x5f, 0x72, 0x65, 0x64, 0x69, 0x72, 0x65, 0x63, 0x74, 0x18, 0x01, 0x20, 0x01,
+	0x28, 0x09, 0x42, 0x0b, 0xfa, 0x42, 0x08, 0x72, 0x06, 0xc0, 0x01, 0x02, 0xc8, 0x01, 0x00, 0x52,
+	0x0c, 0x68, 0x6f, 0x73, 0x74, 0x52, 0x65, 0x64, 0x69, 0x72, 0x65, 0x63, 0x74, 0x12, 0x23, 0x0a,
+	0x0d, 0x70, 0x6f, 0x72, 0x74, 0x5f, 0x72, 0x65, 0x64, 0x69, 0x72, 0x65, 0x63, 0x74, 0x18, 0x08,
+	0x20, 0x01, 0x28, 0x0d, 0x52, 0x0c, 0x70, 0x6f, 0x72, 0x74, 0x52, 0x65, 0x64, 0x69, 0x72, 0x65,
+	0x63, 0x74, 0x12, 0x32, 0x0a, 0x0d, 0x70, 0x61, 0x74, 0x68, 0x5f, 0x72, 0x65, 0x64, 0x69, 0x72,
+	0x65, 0x63, 0x74, 0x18, 0x02, 0x20, 0x01, 0x28, 0x09, 0x42, 0x0b, 0xfa, 0x42, 0x08, 0x72, 0x06,
+	0xc0, 0x01, 0x02, 0xc8, 0x01, 0x00, 0x48, 0x01, 0x52, 0x0c, 0x70, 0x61, 0x74, 0x68, 0x52, 0x65,
+	0x64, 0x69, 0x72, 0x65, 0x63, 0x74, 0x12, 0x34, 0x0a, 0x0e, 0x70, 0x72, 0x65, 0x66, 0x69, 0x78,
+	0x5f, 0x72, 0x65, 0x77, 0x72, 0x69, 0x74, 0x65, 0x18, 0x05, 0x20, 0x01, 0x28, 0x09, 0x42, 0x0b,
+	0xfa, 0x42, 0x08, 0x72, 0x06, 0xc0, 0x01, 0x02, 0xc8, 0x01, 0x00, 0x48, 0x01, 0x52, 0x0d, 0x70,
+	0x72, 0x65, 0x66, 0x69, 0x78, 0x52, 0x65, 0x77, 0x72, 0x69, 0x74, 0x65, 0x12, 0x55, 0x0a, 0x0d,
+	0x72, 0x65, 0x67, 0x65, 0x78, 0x5f, 0x72, 0x65, 0x77, 0x72, 0x69, 0x74, 0x65, 0x18, 0x09, 0x20,
+	0x01, 0x28, 0x0b, 0x32, 0x2e, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x74, 0x79, 0x70, 0x65,
+	0x2e, 0x6d, 0x61, 0x74, 0x63, 0x68, 0x65, 0x72, 0x2e, 0x76, 0x33, 0x2e, 0x52, 0x65, 0x67, 0x65,
+	0x78, 0x4d, 0x61, 0x74, 0x63, 0x68, 0x41, 0x6e, 0x64, 0x53, 0x75, 0x62, 0x73, 0x74, 0x69, 0x74,
+	0x75, 0x74, 0x65, 0x48, 0x01, 0x52, 0x0c, 0x72, 0x65, 0x67, 0x65, 0x78, 0x52, 0x65, 0x77, 0x72,
+	0x69, 0x74, 0x65, 0x12, 0x69, 0x0a, 0x0d, 0x72, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x5f,
+	0x63, 0x6f, 0x64, 0x65, 0x18, 0x03, 0x20, 0x01, 0x28, 0x0e, 0x32, 0x3a, 0x2e, 0x65, 0x6e, 0x76,
+	0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x72, 0x6f, 0x75, 0x74, 0x65, 0x2e,
+	0x76, 0x33, 0x2e, 0x52, 0x65, 0x64, 0x69, 0x72, 0x65, 0x63, 0x74, 0x41, 0x63, 0x74, 0x69, 0x6f,
+	0x6e, 0x2e, 0x52, 0x65, 0x64, 0x69, 0x72, 0x65, 0x63, 0x74, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e,
+	0x73, 0x65, 0x43, 0x6f, 0x64, 0x65, 0x42, 0x08, 0xfa, 0x42, 0x05, 0x82, 0x01, 0x02, 0x10, 0x01,
+	0x52, 0x0c, 0x72, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x43, 0x6f, 0x64, 0x65, 0x12, 0x1f,
+	0x0a, 0x0b, 0x73, 0x74, 0x72, 0x69, 0x70, 0x5f, 0x71, 0x75, 0x65, 0x72, 0x79, 0x18, 0x06, 0x20,
+	0x01, 0x28, 0x08, 0x52, 0x0a, 0x73, 0x74, 0x72, 0x69, 0x70, 0x51, 0x75, 0x65, 0x72, 0x79, 0x22,
+	0x77, 0x0a, 0x14, 0x52, 0x65, 0x64, 0x69, 0x72, 0x65, 0x63, 0x74, 0x52, 0x65, 0x73, 0x70, 0x6f,
+	0x6e, 0x73, 0x65, 0x43, 0x6f, 0x64, 0x65, 0x12, 0x15, 0x0a, 0x11, 0x4d, 0x4f, 0x56, 0x45, 0x44,
+	0x5f, 0x50, 0x45, 0x52, 0x4d, 0x41, 0x4e, 0x45, 0x4e, 0x54, 0x4c, 0x59, 0x10, 0x00, 0x12, 0x09,
+	0x0a, 0x05, 0x46, 0x4f, 0x55, 0x4e, 0x44, 0x10, 0x01, 0x12, 0x0d, 0x0a, 0x09, 0x53, 0x45, 0x45,
+	0x5f, 0x4f, 0x54, 0x48, 0x45, 0x52, 0x10, 0x02, 0x12, 0x16, 0x0a, 0x12, 0x54, 0x45, 0x4d, 0x50,
+	0x4f, 0x52, 0x41, 0x52, 0x59, 0x5f, 0x52, 0x45, 0x44, 0x49, 0x52, 0x45, 0x43, 0x54, 0x10, 0x03,
+	0x12, 0x16, 0x0a, 0x12, 0x50, 0x45, 0x52, 0x4d, 0x41, 0x4e, 0x45, 0x4e, 0x54, 0x5f, 0x52, 0x45,
+	0x44, 0x49, 0x52, 0x45, 0x43, 0x54, 0x10, 0x04, 0x3a, 0x28, 0x9a, 0xc5, 0x88, 0x1e, 0x23, 0x0a,
+	0x21, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x76, 0x32, 0x2e, 0x72, 0x6f,
+	0x75, 0x74, 0x65, 0x2e, 0x52, 0x65, 0x64, 0x69, 0x72, 0x65, 0x63, 0x74, 0x41, 0x63, 0x74, 0x69,
+	0x6f, 0x6e, 0x42, 0x1a, 0x0a, 0x18, 0x73, 0x63, 0x68, 0x65, 0x6d, 0x65, 0x5f, 0x72, 0x65, 0x77,
+	0x72, 0x69, 0x74, 0x65, 0x5f, 0x73, 0x70, 0x65, 0x63, 0x69, 0x66, 0x69, 0x65, 0x72, 0x42, 0x18,
+	0x0a, 0x16, 0x70, 0x61, 0x74, 0x68, 0x5f, 0x72, 0x65, 0x77, 0x72, 0x69, 0x74, 0x65, 0x5f, 0x73,
+	0x70, 0x65, 0x63, 0x69, 0x66, 0x69, 0x65, 0x72, 0x22, 0xa0, 0x01, 0x0a, 0x14, 0x44, 0x69, 0x72,
+	0x65, 0x63, 0x74, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x41, 0x63, 0x74, 0x69, 0x6f,
+	0x6e, 0x12, 0x22, 0x0a, 0x06, 0x73, 0x74, 0x61, 0x74, 0x75, 0x73, 0x18, 0x01, 0x20, 0x01, 0x28,
+	0x0d, 0x42, 0x0a, 0xfa, 0x42, 0x07, 0x2a, 0x05, 0x10, 0xd8, 0x04, 0x28, 0x64, 0x52, 0x06, 0x73,
+	0x74, 0x61, 0x74, 0x75, 0x73, 0x12, 0x34, 0x0a, 0x04, 0x62, 0x6f, 0x64, 0x79, 0x18, 0x02, 0x20,
+	0x01, 0x28, 0x0b, 0x32, 0x20, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66,
+	0x69, 0x67, 0x2e, 0x63, 0x6f, 0x72, 0x65, 0x2e, 0x76, 0x33, 0x2e, 0x44, 0x61, 0x74, 0x61, 0x53,
+	0x6f, 0x75, 0x72, 0x63, 0x65, 0x52, 0x04, 0x62, 0x6f, 0x64, 0x79, 0x3a, 0x2e, 0x9a, 0xc5, 0x88,
+	0x1e, 0x29, 0x0a, 0x27, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x76, 0x32,
+	0x2e, 0x72, 0x6f, 0x75, 0x74, 0x65, 0x2e, 0x44, 0x69, 0x72, 0x65, 0x63, 0x74, 0x52, 0x65, 0x73,
+	0x70, 0x6f, 0x6e, 0x73, 0x65, 0x41, 0x63, 0x74, 0x69, 0x6f, 0x6e, 0x22, 0x15, 0x0a, 0x13, 0x4e,
+	0x6f, 0x6e, 0x46, 0x6f, 0x72, 0x77, 0x61, 0x72, 0x64, 0x69, 0x6e, 0x67, 0x41, 0x63, 0x74, 0x69,
+	0x6f, 0x6e, 0x22, 0x91, 0x01, 0x0a, 0x09, 0x44, 0x65, 0x63, 0x6f, 0x72, 0x61, 0x74, 0x6f, 0x72,
+	0x12, 0x25, 0x0a, 0x09, 0x6f, 0x70, 0x65, 0x72, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x18, 0x01, 0x20,
+	0x01, 0x28, 0x09, 0x42, 0x07, 0xfa, 0x42, 0x04, 0x72, 0x02, 0x10, 0x01, 0x52, 0x09, 0x6f, 0x70,
+	0x65, 0x72, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x12, 0x38, 0x0a, 0x09, 0x70, 0x72, 0x6f, 0x70, 0x61,
+	0x67, 0x61, 0x74, 0x65, 0x18, 0x02, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1a, 0x2e, 0x67, 0x6f, 0x6f,
+	0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x42, 0x6f, 0x6f,
+	0x6c, 0x56, 0x61, 0x6c, 0x75, 0x65, 0x52, 0x09, 0x70, 0x72, 0x6f, 0x70, 0x61, 0x67, 0x61, 0x74,
+	0x65, 0x3a, 0x23, 0x9a, 0xc5, 0x88, 0x1e, 0x1e, 0x0a, 0x1c, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e,
+	0x61, 0x70, 0x69, 0x2e, 0x76, 0x32, 0x2e, 0x72, 0x6f, 0x75, 0x74, 0x65, 0x2e, 0x44, 0x65, 0x63,
+	0x6f, 0x72, 0x61, 0x74, 0x6f, 0x72, 0x22, 0xd2, 0x02, 0x0a, 0x07, 0x54, 0x72, 0x61, 0x63, 0x69,
+	0x6e, 0x67, 0x12, 0x49, 0x0a, 0x0f, 0x63, 0x6c, 0x69, 0x65, 0x6e, 0x74, 0x5f, 0x73, 0x61, 0x6d,
+	0x70, 0x6c, 0x69, 0x6e, 0x67, 0x18, 0x01, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x20, 0x2e, 0x65, 0x6e,
+	0x76, 0x6f, 0x79, 0x2e, 0x74, 0x79, 0x70, 0x65, 0x2e, 0x76, 0x33, 0x2e, 0x46, 0x72, 0x61, 0x63,
+	0x74, 0x69, 0x6f, 0x6e, 0x61, 0x6c, 0x50, 0x65, 0x72, 0x63, 0x65, 0x6e, 0x74, 0x52, 0x0e, 0x63,
+	0x6c, 0x69, 0x65, 0x6e, 0x74, 0x53, 0x61, 0x6d, 0x70, 0x6c, 0x69, 0x6e, 0x67, 0x12, 0x49, 0x0a,
+	0x0f, 0x72, 0x61, 0x6e, 0x64, 0x6f, 0x6d, 0x5f, 0x73, 0x61, 0x6d, 0x70, 0x6c, 0x69, 0x6e, 0x67,
+	0x18, 0x02, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x20, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x74,
+	0x79, 0x70, 0x65, 0x2e, 0x76, 0x33, 0x2e, 0x46, 0x72, 0x61, 0x63, 0x74, 0x69, 0x6f, 0x6e, 0x61,
+	0x6c, 0x50, 0x65, 0x72, 0x63, 0x65, 0x6e, 0x74, 0x52, 0x0e, 0x72, 0x61, 0x6e, 0x64, 0x6f, 0x6d,
+	0x53, 0x61, 0x6d, 0x70, 0x6c, 0x69, 0x6e, 0x67, 0x12, 0x4b, 0x0a, 0x10, 0x6f, 0x76, 0x65, 0x72,
+	0x61, 0x6c, 0x6c, 0x5f, 0x73, 0x61, 0x6d, 0x70, 0x6c, 0x69, 0x6e, 0x67, 0x18, 0x03, 0x20, 0x01,
+	0x28, 0x0b, 0x32, 0x20, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x74, 0x79, 0x70, 0x65, 0x2e,
+	0x76, 0x33, 0x2e, 0x46, 0x72, 0x61, 0x63, 0x74, 0x69, 0x6f, 0x6e, 0x61, 0x6c, 0x50, 0x65, 0x72,
+	0x63, 0x65, 0x6e, 0x74, 0x52, 0x0f, 0x6f, 0x76, 0x65, 0x72, 0x61, 0x6c, 0x6c, 0x53, 0x61, 0x6d,
+	0x70, 0x6c, 0x69, 0x6e, 0x67, 0x12, 0x41, 0x0a, 0x0b, 0x63, 0x75, 0x73, 0x74, 0x6f, 0x6d, 0x5f,
+	0x74, 0x61, 0x67, 0x73, 0x18, 0x04, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x20, 0x2e, 0x65, 0x6e, 0x76,
+	0x6f, 0x79, 0x2e, 0x74, 0x79, 0x70, 0x65, 0x2e, 0x74, 0x72, 0x61, 0x63, 0x69, 0x6e, 0x67, 0x2e,
+	0x76, 0x33, 0x2e, 0x43, 0x75, 0x73, 0x74, 0x6f, 0x6d, 0x54, 0x61, 0x67, 0x52, 0x0a, 0x63, 0x75,
+	0x73, 0x74, 0x6f, 0x6d, 0x54, 0x61, 0x67, 0x73, 0x3a, 0x21, 0x9a, 0xc5, 0x88, 0x1e, 0x1c, 0x0a,
+	0x1a, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x76, 0x32, 0x2e, 0x72, 0x6f,
+	0x75, 0x74, 0x65, 0x2e, 0x54, 0x72, 0x61, 0x63, 0x69, 0x6e, 0x67, 0x22, 0xb4, 0x01, 0x0a, 0x0e,
+	0x56, 0x69, 0x72, 0x74, 0x75, 0x61, 0x6c, 0x43, 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0x12, 0x3e,
+	0x0a, 0x07, 0x68, 0x65, 0x61, 0x64, 0x65, 0x72, 0x73, 0x18, 0x04, 0x20, 0x03, 0x28, 0x0b, 0x32,
+	0x24, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x72,
+	0x6f, 0x75, 0x74, 0x65, 0x2e, 0x76, 0x33, 0x2e, 0x48, 0x65, 0x61, 0x64, 0x65, 0x72, 0x4d, 0x61,
+	0x74, 0x63, 0x68, 0x65, 0x72, 0x52, 0x07, 0x68, 0x65, 0x61, 0x64, 0x65, 0x72, 0x73, 0x12, 0x1b,
+	0x0a, 0x04, 0x6e, 0x61, 0x6d, 0x65, 0x18, 0x02, 0x20, 0x01, 0x28, 0x09, 0x42, 0x07, 0xfa, 0x42,
+	0x04, 0x72, 0x02, 0x10, 0x01, 0x52, 0x04, 0x6e, 0x61, 0x6d, 0x65, 0x3a, 0x28, 0x9a, 0xc5, 0x88,
+	0x1e, 0x23, 0x0a, 0x21, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x76, 0x32,
+	0x2e, 0x72, 0x6f, 0x75, 0x74, 0x65, 0x2e, 0x56, 0x69, 0x72, 0x74, 0x75, 0x61, 0x6c, 0x43, 0x6c,
+	0x75, 0x73, 0x74, 0x65, 0x72, 0x4a, 0x04, 0x08, 0x01, 0x10, 0x02, 0x4a, 0x04, 0x08, 0x03, 0x10,
+	0x04, 0x52, 0x07, 0x70, 0x61, 0x74, 0x74, 0x65, 0x72, 0x6e, 0x52, 0x06, 0x6d, 0x65, 0x74, 0x68,
+	0x6f, 0x64, 0x22, 0xaa, 0x16, 0x0a, 0x09, 0x52, 0x61, 0x74, 0x65, 0x4c, 0x69, 0x6d, 0x69, 0x74,
+	0x12, 0x3b, 0x0a, 0x05, 0x73, 0x74, 0x61, 0x67, 0x65, 0x18, 0x01, 0x20, 0x01, 0x28, 0x0b, 0x32,
+	0x1c, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75,
+	0x66, 0x2e, 0x55, 0x49, 0x6e, 0x74, 0x33, 0x32, 0x56, 0x61, 0x6c, 0x75, 0x65, 0x42, 0x07, 0xfa,
+	0x42, 0x04, 0x2a, 0x02, 0x18, 0x0a, 0x52, 0x05, 0x73, 0x74, 0x61, 0x67, 0x65, 0x12, 0x1f, 0x0a,
+	0x0b, 0x64, 0x69, 0x73, 0x61, 0x62, 0x6c, 0x65, 0x5f, 0x6b, 0x65, 0x79, 0x18, 0x02, 0x20, 0x01,
+	0x28, 0x09, 0x52, 0x0a, 0x64, 0x69, 0x73, 0x61, 0x62, 0x6c, 0x65, 0x4b, 0x65, 0x79, 0x12, 0x4b,
+	0x0a, 0x07, 0x61, 0x63, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x18, 0x03, 0x20, 0x03, 0x28, 0x0b, 0x32,
+	0x27, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x72,
+	0x6f, 0x75, 0x74, 0x65, 0x2e, 0x76, 0x33, 0x2e, 0x52, 0x61, 0x74, 0x65, 0x4c, 0x69, 0x6d, 0x69,
+	0x74, 0x2e, 0x41, 0x63, 0x74, 0x69, 0x6f, 0x6e, 0x42, 0x08, 0xfa, 0x42, 0x05, 0x92, 0x01, 0x02,
+	0x08, 0x01, 0x52, 0x07, 0x61, 0x63, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x12, 0x3f, 0x0a, 0x05, 0x6c,
+	0x69, 0x6d, 0x69, 0x74, 0x18, 0x04, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x29, 0x2e, 0x65, 0x6e, 0x76,
+	0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x72, 0x6f, 0x75, 0x74, 0x65, 0x2e,
+	0x76, 0x33, 0x2e, 0x52, 0x61, 0x74, 0x65, 0x4c, 0x69, 0x6d, 0x69, 0x74, 0x2e, 0x4f, 0x76, 0x65,
+	0x72, 0x72, 0x69, 0x64, 0x65, 0x52, 0x05, 0x6c, 0x69, 0x6d, 0x69, 0x74, 0x1a, 0x96, 0x12, 0x0a,
+	0x06, 0x41, 0x63, 0x74, 0x69, 0x6f, 0x6e, 0x12, 0x5e, 0x0a, 0x0e, 0x73, 0x6f, 0x75, 0x72, 0x63,
+	0x65, 0x5f, 0x63, 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0x18, 0x01, 0x20, 0x01, 0x28, 0x0b, 0x32,
+	0x35, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x72,
+	0x6f, 0x75, 0x74, 0x65, 0x2e, 0x76, 0x33, 0x2e, 0x52, 0x61, 0x74, 0x65, 0x4c, 0x69, 0x6d, 0x69,
+	0x74, 0x2e, 0x41, 0x63, 0x74, 0x69, 0x6f, 0x6e, 0x2e, 0x53, 0x6f, 0x75, 0x72, 0x63, 0x65, 0x43,
+	0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0x48, 0x00, 0x52, 0x0d, 0x73, 0x6f, 0x75, 0x72, 0x63, 0x65,
+	0x43, 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0x12, 0x6d, 0x0a, 0x13, 0x64, 0x65, 0x73, 0x74, 0x69,
+	0x6e, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x5f, 0x63, 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0x18, 0x02,
+	0x20, 0x01, 0x28, 0x0b, 0x32, 0x3a, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e,
+	0x66, 0x69, 0x67, 0x2e, 0x72, 0x6f, 0x75, 0x74, 0x65, 0x2e, 0x76, 0x33, 0x2e, 0x52, 0x61, 0x74,
+	0x65, 0x4c, 0x69, 0x6d, 0x69, 0x74, 0x2e, 0x41, 0x63, 0x74, 0x69, 0x6f, 0x6e, 0x2e, 0x44, 0x65,
+	0x73, 0x74, 0x69, 0x6e, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x43, 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72,
+	0x48, 0x00, 0x52, 0x12, 0x64, 0x65, 0x73, 0x74, 0x69, 0x6e, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x43,
+	0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0x12, 0x61, 0x0a, 0x0f, 0x72, 0x65, 0x71, 0x75, 0x65, 0x73,
+	0x74, 0x5f, 0x68, 0x65, 0x61, 0x64, 0x65, 0x72, 0x73, 0x18, 0x03, 0x20, 0x01, 0x28, 0x0b, 0x32,
+	0x36, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x72,
+	0x6f, 0x75, 0x74, 0x65, 0x2e, 0x76, 0x33, 0x2e, 0x52, 0x61, 0x74, 0x65, 0x4c, 0x69, 0x6d, 0x69,
+	0x74, 0x2e, 0x41, 0x63, 0x74, 0x69, 0x6f, 0x6e, 0x2e, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74,
+	0x48, 0x65, 0x61, 0x64, 0x65, 0x72, 0x73, 0x48, 0x00, 0x52, 0x0e, 0x72, 0x65, 0x71, 0x75, 0x65,
+	0x73, 0x74, 0x48, 0x65, 0x61, 0x64, 0x65, 0x72, 0x73, 0x12, 0x5e, 0x0a, 0x0e, 0x72, 0x65, 0x6d,
+	0x6f, 0x74, 0x65, 0x5f, 0x61, 0x64, 0x64, 0x72, 0x65, 0x73, 0x73, 0x18, 0x04, 0x20, 0x01, 0x28,
+	0x0b, 0x32, 0x35, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67,
+	0x2e, 0x72, 0x6f, 0x75, 0x74, 0x65, 0x2e, 0x76, 0x33, 0x2e, 0x52, 0x61, 0x74, 0x65, 0x4c, 0x69,
+	0x6d, 0x69, 0x74, 0x2e, 0x41, 0x63, 0x74, 0x69, 0x6f, 0x6e, 0x2e, 0x52, 0x65, 0x6d, 0x6f, 0x74,
+	0x65, 0x41, 0x64, 0x64, 0x72, 0x65, 0x73, 0x73, 0x48, 0x00, 0x52, 0x0d, 0x72, 0x65, 0x6d, 0x6f,
+	0x74, 0x65, 0x41, 0x64, 0x64, 0x72, 0x65, 0x73, 0x73, 0x12, 0x55, 0x0a, 0x0b, 0x67, 0x65, 0x6e,
+	0x65, 0x72, 0x69, 0x63, 0x5f, 0x6b, 0x65, 0x79, 0x18, 0x05, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x32,
+	0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x72, 0x6f,
+	0x75, 0x74, 0x65, 0x2e, 0x76, 0x33, 0x2e, 0x52, 0x61, 0x74, 0x65, 0x4c, 0x69, 0x6d, 0x69, 0x74,
+	0x2e, 0x41, 0x63, 0x74, 0x69, 0x6f, 0x6e, 0x2e, 0x47, 0x65, 0x6e, 0x65, 0x72, 0x69, 0x63, 0x4b,
+	0x65, 0x79, 0x48, 0x00, 0x52, 0x0a, 0x67, 0x65, 0x6e, 0x65, 0x72, 0x69, 0x63, 0x4b, 0x65, 0x79,
+	0x12, 0x68, 0x0a, 0x12, 0x68, 0x65, 0x61, 0x64, 0x65, 0x72, 0x5f, 0x76, 0x61, 0x6c, 0x75, 0x65,
+	0x5f, 0x6d, 0x61, 0x74, 0x63, 0x68, 0x18, 0x06, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x38, 0x2e, 0x65,
+	0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x72, 0x6f, 0x75, 0x74,
+	0x65, 0x2e, 0x76, 0x33, 0x2e, 0x52, 0x61, 0x74, 0x65, 0x4c, 0x69, 0x6d, 0x69, 0x74, 0x2e, 0x41,
+	0x63, 0x74, 0x69, 0x6f, 0x6e, 0x2e, 0x48, 0x65, 0x61, 0x64, 0x65, 0x72, 0x56, 0x61, 0x6c, 0x75,
+	0x65, 0x4d, 0x61, 0x74, 0x63, 0x68, 0x48, 0x00, 0x52, 0x10, 0x68, 0x65, 0x61, 0x64, 0x65, 0x72,
+	0x56, 0x61, 0x6c, 0x75, 0x65, 0x4d, 0x61, 0x74, 0x63, 0x68, 0x12, 0x77, 0x0a, 0x10, 0x64, 0x79,
+	0x6e, 0x61, 0x6d, 0x69, 0x63, 0x5f, 0x6d, 0x65, 0x74, 0x61, 0x64, 0x61, 0x74, 0x61, 0x18, 0x07,
+	0x20, 0x01, 0x28, 0x0b, 0x32, 0x37, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e,
+	0x66, 0x69, 0x67, 0x2e, 0x72, 0x6f, 0x75, 0x74, 0x65, 0x2e, 0x76, 0x33, 0x2e, 0x52, 0x61, 0x74,
+	0x65, 0x4c, 0x69, 0x6d, 0x69, 0x74, 0x2e, 0x41, 0x63, 0x74, 0x69, 0x6f, 0x6e, 0x2e, 0x44, 0x79,
+	0x6e, 0x61, 0x6d, 0x69, 0x63, 0x4d, 0x65, 0x74, 0x61, 0x44, 0x61, 0x74, 0x61, 0x42, 0x11, 0x18,
+	0x01, 0x92, 0xc7, 0x86, 0xd8, 0x04, 0x03, 0x33, 0x2e, 0x30, 0xb8, 0xee, 0xf2, 0xd2, 0x05, 0x01,
+	0x48, 0x00, 0x52, 0x0f, 0x64, 0x79, 0x6e, 0x61, 0x6d, 0x69, 0x63, 0x4d, 0x65, 0x74, 0x61, 0x64,
+	0x61, 0x74, 0x61, 0x12, 0x4e, 0x0a, 0x08, 0x6d, 0x65, 0x74, 0x61, 0x64, 0x61, 0x74, 0x61, 0x18,
+	0x08, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x30, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f,
+	0x6e, 0x66, 0x69, 0x67, 0x2e, 0x72, 0x6f, 0x75, 0x74, 0x65, 0x2e, 0x76, 0x33, 0x2e, 0x52, 0x61,
+	0x74, 0x65, 0x4c, 0x69, 0x6d, 0x69, 0x74, 0x2e, 0x41, 0x63, 0x74, 0x69, 0x6f, 0x6e, 0x2e, 0x4d,
+	0x65, 0x74, 0x61, 0x44, 0x61, 0x74, 0x61, 0x48, 0x00, 0x52, 0x08, 0x6d, 0x65, 0x74, 0x61, 0x64,
+	0x61, 0x74, 0x61, 0x12, 0x4a, 0x0a, 0x09, 0x65, 0x78, 0x74, 0x65, 0x6e, 0x73, 0x69, 0x6f, 0x6e,
+	0x18, 0x09, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x2a, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63,
+	0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x63, 0x6f, 0x72, 0x65, 0x2e, 0x76, 0x33, 0x2e, 0x54, 0x79,
+	0x70, 0x65, 0x64, 0x45, 0x78, 0x74, 0x65, 0x6e, 0x73, 0x69, 0x6f, 0x6e, 0x43, 0x6f, 0x6e, 0x66,
+	0x69, 0x67, 0x48, 0x00, 0x52, 0x09, 0x65, 0x78, 0x74, 0x65, 0x6e, 0x73, 0x69, 0x6f, 0x6e, 0x1a,
+	0x49, 0x0a, 0x0d, 0x53, 0x6f, 0x75, 0x72, 0x63, 0x65, 0x43, 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72,
+	0x3a, 0x38, 0x9a, 0xc5, 0x88, 0x1e, 0x33, 0x0a, 0x31, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61,
+	0x70, 0x69, 0x2e, 0x76, 0x32, 0x2e, 0x72, 0x6f, 0x75, 0x74, 0x65, 0x2e, 0x52, 0x61, 0x74, 0x65,
+	0x4c, 0x69, 0x6d, 0x69, 0x74, 0x2e, 0x41, 0x63, 0x74, 0x69, 0x6f, 0x6e, 0x2e, 0x53, 0x6f, 0x75,
+	0x72, 0x63, 0x65, 0x43, 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0x1a, 0x53, 0x0a, 0x12, 0x44, 0x65,
+	0x73, 0x74, 0x69, 0x6e, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x43, 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72,
+	0x3a, 0x3d, 0x9a, 0xc5, 0x88, 0x1e, 0x38, 0x0a, 0x36, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61,
+	0x70, 0x69, 0x2e, 0x76, 0x32, 0x2e, 0x72, 0x6f, 0x75, 0x74, 0x65, 0x2e, 0x52, 0x61, 0x74, 0x65,
+	0x4c, 0x69, 0x6d, 0x69, 0x74, 0x2e, 0x41, 0x63, 0x74, 0x69, 0x6f, 0x6e, 0x2e, 0x44, 0x65, 0x73,
+	0x74, 0x69, 0x6e, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x43, 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0x1a,
+	0xd1, 0x01, 0x0a, 0x0e, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x48, 0x65, 0x61, 0x64, 0x65,
+	0x72, 0x73, 0x12, 0x2e, 0x0a, 0x0b, 0x68, 0x65, 0x61, 0x64, 0x65, 0x72, 0x5f, 0x6e, 0x61, 0x6d,
+	0x65, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x42, 0x0d, 0xfa, 0x42, 0x0a, 0x72, 0x08, 0x10, 0x01,
+	0xc0, 0x01, 0x01, 0xc8, 0x01, 0x00, 0x52, 0x0a, 0x68, 0x65, 0x61, 0x64, 0x65, 0x72, 0x4e, 0x61,
+	0x6d, 0x65, 0x12, 0x2e, 0x0a, 0x0e, 0x64, 0x65, 0x73, 0x63, 0x72, 0x69, 0x70, 0x74, 0x6f, 0x72,
+	0x5f, 0x6b, 0x65, 0x79, 0x18, 0x02, 0x20, 0x01, 0x28, 0x09, 0x42, 0x07, 0xfa, 0x42, 0x04, 0x72,
+	0x02, 0x10, 0x01, 0x52, 0x0d, 0x64, 0x65, 0x73, 0x63, 0x72, 0x69, 0x70, 0x74, 0x6f, 0x72, 0x4b,
+	0x65, 0x79, 0x12, 0x24, 0x0a, 0x0e, 0x73, 0x6b, 0x69, 0x70, 0x5f, 0x69, 0x66, 0x5f, 0x61, 0x62,
+	0x73, 0x65, 0x6e, 0x74, 0x18, 0x03, 0x20, 0x01, 0x28, 0x08, 0x52, 0x0c, 0x73, 0x6b, 0x69, 0x70,
+	0x49, 0x66, 0x41, 0x62, 0x73, 0x65, 0x6e, 0x74, 0x3a, 0x39, 0x9a, 0xc5, 0x88, 0x1e, 0x34, 0x0a,
+	0x32, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x76, 0x32, 0x2e, 0x72, 0x6f,
+	0x75, 0x74, 0x65, 0x2e, 0x52, 0x61, 0x74, 0x65, 0x4c, 0x69, 0x6d, 0x69, 0x74, 0x2e, 0x41, 0x63,
+	0x74, 0x69, 0x6f, 0x6e, 0x2e, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x48, 0x65, 0x61, 0x64,
+	0x65, 0x72, 0x73, 0x1a, 0x49, 0x0a, 0x0d, 0x52, 0x65, 0x6d, 0x6f, 0x74, 0x65, 0x41, 0x64, 0x64,
+	0x72, 0x65, 0x73, 0x73, 0x3a, 0x38, 0x9a, 0xc5, 0x88, 0x1e, 0x33, 0x0a, 0x31, 0x65, 0x6e, 0x76,
+	0x6f, 0x79, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x76, 0x32, 0x2e, 0x72, 0x6f, 0x75, 0x74, 0x65, 0x2e,
+	0x52, 0x61, 0x74, 0x65, 0x4c, 0x69, 0x6d, 0x69, 0x74, 0x2e, 0x41, 0x63, 0x74, 0x69, 0x6f, 0x6e,
+	0x2e, 0x52, 0x65, 0x6d, 0x6f, 0x74, 0x65, 0x41, 0x64, 0x64, 0x72, 0x65, 0x73, 0x73, 0x1a, 0x9e,
+	0x01, 0x0a, 0x0a, 0x47, 0x65, 0x6e, 0x65, 0x72, 0x69, 0x63, 0x4b, 0x65, 0x79, 0x12, 0x32, 0x0a,
+	0x10, 0x64, 0x65, 0x73, 0x63, 0x72, 0x69, 0x70, 0x74, 0x6f, 0x72, 0x5f, 0x76, 0x61, 0x6c, 0x75,
+	0x65, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x42, 0x07, 0xfa, 0x42, 0x04, 0x72, 0x02, 0x10, 0x01,
+	0x52, 0x0f, 0x64, 0x65, 0x73, 0x63, 0x72, 0x69, 0x70, 0x74, 0x6f, 0x72, 0x56, 0x61, 0x6c, 0x75,
+	0x65, 0x12, 0x25, 0x0a, 0x0e, 0x64, 0x65, 0x73, 0x63, 0x72, 0x69, 0x70, 0x74, 0x6f, 0x72, 0x5f,
+	0x6b, 0x65, 0x79, 0x18, 0x02, 0x20, 0x01, 0x28, 0x09, 0x52, 0x0d, 0x64, 0x65, 0x73, 0x63, 0x72,
+	0x69, 0x70, 0x74, 0x6f, 0x72, 0x4b, 0x65, 0x79, 0x3a, 0x35, 0x9a, 0xc5, 0x88, 0x1e, 0x30, 0x0a,
+	0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x76, 0x32, 0x2e, 0x72, 0x6f,
+	0x75, 0x74, 0x65, 0x2e, 0x52, 0x61, 0x74, 0x65, 0x4c, 0x69, 0x6d, 0x69, 0x74, 0x2e, 0x41, 0x63,
+	0x74, 0x69, 0x6f, 0x6e, 0x2e, 0x47, 0x65, 0x6e, 0x65, 0x72, 0x69, 0x63, 0x4b, 0x65, 0x79, 0x1a,
+	0x8c, 0x02, 0x0a, 0x10, 0x48, 0x65, 0x61, 0x64, 0x65, 0x72, 0x56, 0x61, 0x6c, 0x75, 0x65, 0x4d,
+	0x61, 0x74, 0x63, 0x68, 0x12, 0x32, 0x0a, 0x10, 0x64, 0x65, 0x73, 0x63, 0x72, 0x69, 0x70, 0x74,
+	0x6f, 0x72, 0x5f, 0x76, 0x61, 0x6c, 0x75, 0x65, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x42, 0x07,
+	0xfa, 0x42, 0x04, 0x72, 0x02, 0x10, 0x01, 0x52, 0x0f, 0x64, 0x65, 0x73, 0x63, 0x72, 0x69, 0x70,
+	0x74, 0x6f, 0x72, 0x56, 0x61, 0x6c, 0x75, 0x65, 0x12, 0x3d, 0x0a, 0x0c, 0x65, 0x78, 0x70, 0x65,
+	0x63, 0x74, 0x5f, 0x6d, 0x61, 0x74, 0x63, 0x68, 0x18, 0x02, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1a,
+	0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66,
+	0x2e, 0x42, 0x6f, 0x6f, 0x6c, 0x56, 0x61, 0x6c, 0x75, 0x65, 0x52, 0x0b, 0x65, 0x78, 0x70, 0x65,
+	0x63, 0x74, 0x4d, 0x61, 0x74, 0x63, 0x68, 0x12, 0x48, 0x0a, 0x07, 0x68, 0x65, 0x61, 0x64, 0x65,
+	0x72, 0x73, 0x18, 0x03, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x24, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79,
+	0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x72, 0x6f, 0x75, 0x74, 0x65, 0x2e, 0x76, 0x33,
+	0x2e, 0x48, 0x65, 0x61, 0x64, 0x65, 0x72, 0x4d, 0x61, 0x74, 0x63, 0x68, 0x65, 0x72, 0x42, 0x08,
+	0xfa, 0x42, 0x05, 0x92, 0x01, 0x02, 0x08, 0x01, 0x52, 0x07, 0x68, 0x65, 0x61, 0x64, 0x65, 0x72,
+	0x73, 0x3a, 0x3b, 0x9a, 0xc5, 0x88, 0x1e, 0x36, 0x0a, 0x34, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e,
+	0x61, 0x70, 0x69, 0x2e, 0x76, 0x32, 0x2e, 0x72, 0x6f, 0x75, 0x74, 0x65, 0x2e, 0x52, 0x61, 0x74,
+	0x65, 0x4c, 0x69, 0x6d, 0x69, 0x74, 0x2e, 0x41, 0x63, 0x74, 0x69, 0x6f, 0x6e, 0x2e, 0x48, 0x65,
+	0x61, 0x64, 0x65, 0x72, 0x56, 0x61, 0x6c, 0x75, 0x65, 0x4d, 0x61, 0x74, 0x63, 0x68, 0x1a, 0xb8,
+	0x01, 0x0a, 0x0f, 0x44, 0x79, 0x6e, 0x61, 0x6d, 0x69, 0x63, 0x4d, 0x65, 0x74, 0x61, 0x44, 0x61,
+	0x74, 0x61, 0x12, 0x2e, 0x0a, 0x0e, 0x64, 0x65, 0x73, 0x63, 0x72, 0x69, 0x70, 0x74, 0x6f, 0x72,
+	0x5f, 0x6b, 0x65, 0x79, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x42, 0x07, 0xfa, 0x42, 0x04, 0x72,
+	0x02, 0x10, 0x01, 0x52, 0x0d, 0x64, 0x65, 0x73, 0x63, 0x72, 0x69, 0x70, 0x74, 0x6f, 0x72, 0x4b,
+	0x65, 0x79, 0x12, 0x50, 0x0a, 0x0c, 0x6d, 0x65, 0x74, 0x61, 0x64, 0x61, 0x74, 0x61, 0x5f, 0x6b,
+	0x65, 0x79, 0x18, 0x02, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x23, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79,
+	0x2e, 0x74, 0x79, 0x70, 0x65, 0x2e, 0x6d, 0x65, 0x74, 0x61, 0x64, 0x61, 0x74, 0x61, 0x2e, 0x76,
+	0x33, 0x2e, 0x4d, 0x65, 0x74, 0x61, 0x64, 0x61, 0x74, 0x61, 0x4b, 0x65, 0x79, 0x42, 0x08, 0xfa,
+	0x42, 0x05, 0x8a, 0x01, 0x02, 0x10, 0x01, 0x52, 0x0b, 0x6d, 0x65, 0x74, 0x61, 0x64, 0x61, 0x74,
+	0x61, 0x4b, 0x65, 0x79, 0x12, 0x23, 0x0a, 0x0d, 0x64, 0x65, 0x66, 0x61, 0x75, 0x6c, 0x74, 0x5f,
+	0x76, 0x61, 0x6c, 0x75, 0x65, 0x18, 0x03, 0x20, 0x01, 0x28, 0x09, 0x52, 0x0c, 0x64, 0x65, 0x66,
+	0x61, 0x75, 0x6c, 0x74, 0x56, 0x61, 0x6c, 0x75, 0x65, 0x1a, 0xb4, 0x02, 0x0a, 0x08, 0x4d, 0x65,
+	0x74, 0x61, 0x44, 0x61, 0x74, 0x61, 0x12, 0x2e, 0x0a, 0x0e, 0x64, 0x65, 0x73, 0x63, 0x72, 0x69,
+	0x70, 0x74, 0x6f, 0x72, 0x5f, 0x6b, 0x65, 0x79, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x42, 0x07,
+	0xfa, 0x42, 0x04, 0x72, 0x02, 0x10, 0x01, 0x52, 0x0d, 0x64, 0x65, 0x73, 0x63, 0x72, 0x69, 0x70,
+	0x74, 0x6f, 0x72, 0x4b, 0x65, 0x79, 0x12, 0x50, 0x0a, 0x0c, 0x6d, 0x65, 0x74, 0x61, 0x64, 0x61,
+	0x74, 0x61, 0x5f, 0x6b, 0x65, 0x79, 0x18, 0x02, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x23, 0x2e, 0x65,
+	0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x74, 0x79, 0x70, 0x65, 0x2e, 0x6d, 0x65, 0x74, 0x61, 0x64, 0x61,
+	0x74, 0x61, 0x2e, 0x76, 0x33, 0x2e, 0x4d, 0x65, 0x74, 0x61, 0x64, 0x61, 0x74, 0x61, 0x4b, 0x65,
+	0x79, 0x42, 0x08, 0xfa, 0x42, 0x05, 0x8a, 0x01, 0x02, 0x10, 0x01, 0x52, 0x0b, 0x6d, 0x65, 0x74,
+	0x61, 0x64, 0x61, 0x74, 0x61, 0x4b, 0x65, 0x79, 0x12, 0x23, 0x0a, 0x0d, 0x64, 0x65, 0x66, 0x61,
+	0x75, 0x6c, 0x74, 0x5f, 0x76, 0x61, 0x6c, 0x75, 0x65, 0x18, 0x03, 0x20, 0x01, 0x28, 0x09, 0x52,
+	0x0c, 0x64, 0x65, 0x66, 0x61, 0x75, 0x6c, 0x74, 0x56, 0x61, 0x6c, 0x75, 0x65, 0x12, 0x59, 0x0a,
+	0x06, 0x73, 0x6f, 0x75, 0x72, 0x63, 0x65, 0x18, 0x04, 0x20, 0x01, 0x28, 0x0e, 0x32, 0x37, 0x2e,
+	0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x72, 0x6f, 0x75,
+	0x74, 0x65, 0x2e, 0x76, 0x33, 0x2e, 0x52, 0x61, 0x74, 0x65, 0x4c, 0x69, 0x6d, 0x69, 0x74, 0x2e,
+	0x41, 0x63, 0x74, 0x69, 0x6f, 0x6e, 0x2e, 0x4d, 0x65, 0x74, 0x61, 0x44, 0x61, 0x74, 0x61, 0x2e,
+	0x53, 0x6f, 0x75, 0x72, 0x63, 0x65, 0x42, 0x08, 0xfa, 0x42, 0x05, 0x82, 0x01, 0x02, 0x10, 0x01,
+	0x52, 0x06, 0x73, 0x6f, 0x75, 0x72, 0x63, 0x65, 0x22, 0x26, 0x0a, 0x06, 0x53, 0x6f, 0x75, 0x72,
+	0x63, 0x65, 0x12, 0x0b, 0x0a, 0x07, 0x44, 0x59, 0x4e, 0x41, 0x4d, 0x49, 0x43, 0x10, 0x00, 0x12,
+	0x0f, 0x0a, 0x0b, 0x52, 0x4f, 0x55, 0x54, 0x45, 0x5f, 0x45, 0x4e, 0x54, 0x52, 0x59, 0x10, 0x01,
+	0x3a, 0x2a, 0x9a, 0xc5, 0x88, 0x1e, 0x25, 0x0a, 0x23, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61,
+	0x70, 0x69, 0x2e, 0x76, 0x32, 0x2e, 0x72, 0x6f, 0x75, 0x74, 0x65, 0x2e, 0x52, 0x61, 0x74, 0x65,
+	0x4c, 0x69, 0x6d, 0x69, 0x74, 0x2e, 0x41, 0x63, 0x74, 0x69, 0x6f, 0x6e, 0x42, 0x17, 0x0a, 0x10,
+	0x61, 0x63, 0x74, 0x69, 0x6f, 0x6e, 0x5f, 0x73, 0x70, 0x65, 0x63, 0x69, 0x66, 0x69, 0x65, 0x72,
+	0x12, 0x03, 0xf8, 0x42, 0x01, 0x1a, 0xf2, 0x01, 0x0a, 0x08, 0x4f, 0x76, 0x65, 0x72, 0x72, 0x69,
+	0x64, 0x65, 0x12, 0x66, 0x0a, 0x10, 0x64, 0x79, 0x6e, 0x61, 0x6d, 0x69, 0x63, 0x5f, 0x6d, 0x65,
+	0x74, 0x61, 0x64, 0x61, 0x74, 0x61, 0x18, 0x01, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x39, 0x2e, 0x65,
+	0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x72, 0x6f, 0x75, 0x74,
+	0x65, 0x2e, 0x76, 0x33, 0x2e, 0x52, 0x61, 0x74, 0x65, 0x4c, 0x69, 0x6d, 0x69, 0x74, 0x2e, 0x4f,
+	0x76, 0x65, 0x72, 0x72, 0x69, 0x64, 0x65, 0x2e, 0x44, 0x79, 0x6e, 0x61, 0x6d, 0x69, 0x63, 0x4d,
+	0x65, 0x74, 0x61, 0x64, 0x61, 0x74, 0x61, 0x48, 0x00, 0x52, 0x0f, 0x64, 0x79, 0x6e, 0x61, 0x6d,
+	0x69, 0x63, 0x4d, 0x65, 0x74, 0x61, 0x64, 0x61, 0x74, 0x61, 0x1a, 0x63, 0x0a, 0x0f, 0x44, 0x79,
+	0x6e, 0x61, 0x6d, 0x69, 0x63, 0x4d, 0x65, 0x74, 0x61, 0x64, 0x61, 0x74, 0x61, 0x12, 0x50, 0x0a,
+	0x0c, 0x6d, 0x65, 0x74, 0x61, 0x64, 0x61, 0x74, 0x61, 0x5f, 0x6b, 0x65, 0x79, 0x18, 0x01, 0x20,
+	0x01, 0x28, 0x0b, 0x32, 0x23, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x74, 0x79, 0x70, 0x65,
+	0x2e, 0x6d, 0x65, 0x74, 0x61, 0x64, 0x61, 0x74, 0x61, 0x2e, 0x76, 0x33, 0x2e, 0x4d, 0x65, 0x74,
+	0x61, 0x64, 0x61, 0x74, 0x61, 0x4b, 0x65, 0x79, 0x42, 0x08, 0xfa, 0x42, 0x05, 0x8a, 0x01, 0x02,
+	0x10, 0x01, 0x52, 0x0b, 0x6d, 0x65, 0x74, 0x61, 0x64, 0x61, 0x74, 0x61, 0x4b, 0x65, 0x79, 0x42,
+	0x19, 0x0a, 0x12, 0x6f, 0x76, 0x65, 0x72, 0x72, 0x69, 0x64, 0x65, 0x5f, 0x73, 0x70, 0x65, 0x63,
+	0x69, 0x66, 0x69, 0x65, 0x72, 0x12, 0x03, 0xf8, 0x42, 0x01, 0x3a, 0x23, 0x9a, 0xc5, 0x88, 0x1e,
+	0x1e, 0x0a, 0x1c, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x76, 0x32, 0x2e,
+	0x72, 0x6f, 0x75, 0x74, 0x65, 0x2e, 0x52, 0x61, 0x74, 0x65, 0x4c, 0x69, 0x6d, 0x69, 0x74, 0x22,
+	0xa4, 0x05, 0x0a, 0x0d, 0x48, 0x65, 0x61, 0x64, 0x65, 0x72, 0x4d, 0x61, 0x74, 0x63, 0x68, 0x65,
+	0x72, 0x12, 0x21, 0x0a, 0x04, 0x6e, 0x61, 0x6d, 0x65, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x42,
+	0x0d, 0xfa, 0x42, 0x0a, 0x72, 0x08, 0x10, 0x01, 0xc0, 0x01, 0x01, 0xc8, 0x01, 0x00, 0x52, 0x04,
+	0x6e, 0x61, 0x6d, 0x65, 0x12, 0x2e, 0x0a, 0x0b, 0x65, 0x78, 0x61, 0x63, 0x74, 0x5f, 0x6d, 0x61,
+	0x74, 0x63, 0x68, 0x18, 0x04, 0x20, 0x01, 0x28, 0x09, 0x42, 0x0b, 0x18, 0x01, 0x92, 0xc7, 0x86,
+	0xd8, 0x04, 0x03, 0x33, 0x2e, 0x30, 0x48, 0x00, 0x52, 0x0a, 0x65, 0x78, 0x61, 0x63, 0x74, 0x4d,
+	0x61, 0x74, 0x63, 0x68, 0x12, 0x5c, 0x0a, 0x10, 0x73, 0x61, 0x66, 0x65, 0x5f, 0x72, 0x65, 0x67,
+	0x65, 0x78, 0x5f, 0x6d, 0x61, 0x74, 0x63, 0x68, 0x18, 0x0b, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x23,
+	0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x74, 0x79, 0x70, 0x65, 0x2e, 0x6d, 0x61, 0x74, 0x63,
+	0x68, 0x65, 0x72, 0x2e, 0x76, 0x33, 0x2e, 0x52, 0x65, 0x67, 0x65, 0x78, 0x4d, 0x61, 0x74, 0x63,
+	0x68, 0x65, 0x72, 0x42, 0x0b, 0x18, 0x01, 0x92, 0xc7, 0x86, 0xd8, 0x04, 0x03, 0x33, 0x2e, 0x30,
+	0x48, 0x00, 0x52, 0x0e, 0x73, 0x61, 0x66, 0x65, 0x52, 0x65, 0x67, 0x65, 0x78, 0x4d, 0x61, 0x74,
+	0x63, 0x68, 0x12, 0x3c, 0x0a, 0x0b, 0x72, 0x61, 0x6e, 0x67, 0x65, 0x5f, 0x6d, 0x61, 0x74, 0x63,
+	0x68, 0x18, 0x06, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x19, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e,
+	0x74, 0x79, 0x70, 0x65, 0x2e, 0x76, 0x33, 0x2e, 0x49, 0x6e, 0x74, 0x36, 0x34, 0x52, 0x61, 0x6e,
+	0x67, 0x65, 0x48, 0x00, 0x52, 0x0a, 0x72, 0x61, 0x6e, 0x67, 0x65, 0x4d, 0x61, 0x74, 0x63, 0x68,
+	0x12, 0x25, 0x0a, 0x0d, 0x70, 0x72, 0x65, 0x73, 0x65, 0x6e, 0x74, 0x5f, 0x6d, 0x61, 0x74, 0x63,
+	0x68, 0x18, 0x07, 0x20, 0x01, 0x28, 0x08, 0x48, 0x00, 0x52, 0x0c, 0x70, 0x72, 0x65, 0x73, 0x65,
+	0x6e, 0x74, 0x4d, 0x61, 0x74, 0x63, 0x68, 0x12, 0x37, 0x0a, 0x0c, 0x70, 0x72, 0x65, 0x66, 0x69,
+	0x78, 0x5f, 0x6d, 0x61, 0x74, 0x63, 0x68, 0x18, 0x09, 0x20, 0x01, 0x28, 0x09, 0x42, 0x12, 0x18,
+	0x01, 0xfa, 0x42, 0x04, 0x72, 0x02, 0x10, 0x01, 0x92, 0xc7, 0x86, 0xd8, 0x04, 0x03, 0x33, 0x2e,
+	0x30, 0x48, 0x00, 0x52, 0x0b, 0x70, 0x72, 0x65, 0x66, 0x69, 0x78, 0x4d, 0x61, 0x74, 0x63, 0x68,
+	0x12, 0x37, 0x0a, 0x0c, 0x73, 0x75, 0x66, 0x66, 0x69, 0x78, 0x5f, 0x6d, 0x61, 0x74, 0x63, 0x68,
+	0x18, 0x0a, 0x20, 0x01, 0x28, 0x09, 0x42, 0x12, 0x18, 0x01, 0xfa, 0x42, 0x04, 0x72, 0x02, 0x10,
+	0x01, 0x92, 0xc7, 0x86, 0xd8, 0x04, 0x03, 0x33, 0x2e, 0x30, 0x48, 0x00, 0x52, 0x0b, 0x73, 0x75,
+	0x66, 0x66, 0x69, 0x78, 0x4d, 0x61, 0x74, 0x63, 0x68, 0x12, 0x3b, 0x0a, 0x0e, 0x63, 0x6f, 0x6e,
+	0x74, 0x61, 0x69, 0x6e, 0x73, 0x5f, 0x6d, 0x61, 0x74, 0x63, 0x68, 0x18, 0x0c, 0x20, 0x01, 0x28,
+	0x09, 0x42, 0x12, 0x18, 0x01, 0xfa, 0x42, 0x04, 0x72, 0x02, 0x10, 0x01, 0x92, 0xc7, 0x86, 0xd8,
+	0x04, 0x03, 0x33, 0x2e, 0x30, 0x48, 0x00, 0x52, 0x0d, 0x63, 0x6f, 0x6e, 0x74, 0x61, 0x69, 0x6e,
+	0x73, 0x4d, 0x61, 0x74, 0x63, 0x68, 0x12, 0x49, 0x0a, 0x0c, 0x73, 0x74, 0x72, 0x69, 0x6e, 0x67,
+	0x5f, 0x6d, 0x61, 0x74, 0x63, 0x68, 0x18, 0x0d, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x24, 0x2e, 0x65,
+	0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x74, 0x79, 0x70, 0x65, 0x2e, 0x6d, 0x61, 0x74, 0x63, 0x68, 0x65,
+	0x72, 0x2e, 0x76, 0x33, 0x2e, 0x53, 0x74, 0x72, 0x69, 0x6e, 0x67, 0x4d, 0x61, 0x74, 0x63, 0x68,
+	0x65, 0x72, 0x48, 0x00, 0x52, 0x0b, 0x73, 0x74, 0x72, 0x69, 0x6e, 0x67, 0x4d, 0x61, 0x74, 0x63,
+	0x68, 0x12, 0x21, 0x0a, 0x0c, 0x69, 0x6e, 0x76, 0x65, 0x72, 0x74, 0x5f, 0x6d, 0x61, 0x74, 0x63,
+	0x68, 0x18, 0x08, 0x20, 0x01, 0x28, 0x08, 0x52, 0x0b, 0x69, 0x6e, 0x76, 0x65, 0x72, 0x74, 0x4d,
+	0x61, 0x74, 0x63, 0x68, 0x3a, 0x27, 0x9a, 0xc5, 0x88, 0x1e, 0x22, 0x0a, 0x20, 0x65, 0x6e, 0x76,
+	0x6f, 0x79, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x76, 0x32, 0x2e, 0x72, 0x6f, 0x75, 0x74, 0x65, 0x2e,
+	0x48, 0x65, 0x61, 0x64, 0x65, 0x72, 0x4d, 0x61, 0x74, 0x63, 0x68, 0x65, 0x72, 0x42, 0x18, 0x0a,
+	0x16, 0x68, 0x65, 0x61, 0x64, 0x65, 0x72, 0x5f, 0x6d, 0x61, 0x74, 0x63, 0x68, 0x5f, 0x73, 0x70,
+	0x65, 0x63, 0x69, 0x66, 0x69, 0x65, 0x72, 0x4a, 0x04, 0x08, 0x02, 0x10, 0x03, 0x4a, 0x04, 0x08,
+	0x03, 0x10, 0x04, 0x4a, 0x04, 0x08, 0x05, 0x10, 0x06, 0x52, 0x0b, 0x72, 0x65, 0x67, 0x65, 0x78,
+	0x5f, 0x6d, 0x61, 0x74, 0x63, 0x68, 0x22, 0xa1, 0x02, 0x0a, 0x15, 0x51, 0x75, 0x65, 0x72, 0x79,
+	0x50, 0x61, 0x72, 0x61, 0x6d, 0x65, 0x74, 0x65, 0x72, 0x4d, 0x61, 0x74, 0x63, 0x68, 0x65, 0x72,
+	0x12, 0x1e, 0x0a, 0x04, 0x6e, 0x61, 0x6d, 0x65, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x42, 0x0a,
+	0xfa, 0x42, 0x07, 0x72, 0x05, 0x10, 0x01, 0x28, 0x80, 0x08, 0x52, 0x04, 0x6e, 0x61, 0x6d, 0x65,
+	0x12, 0x53, 0x0a, 0x0c, 0x73, 0x74, 0x72, 0x69, 0x6e, 0x67, 0x5f, 0x6d, 0x61, 0x74, 0x63, 0x68,
+	0x18, 0x05, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x24, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x74,
+	0x79, 0x70, 0x65, 0x2e, 0x6d, 0x61, 0x74, 0x63, 0x68, 0x65, 0x72, 0x2e, 0x76, 0x33, 0x2e, 0x53,
+	0x74, 0x72, 0x69, 0x6e, 0x67, 0x4d, 0x61, 0x74, 0x63, 0x68, 0x65, 0x72, 0x42, 0x08, 0xfa, 0x42,
+	0x05, 0x8a, 0x01, 0x02, 0x10, 0x01, 0x48, 0x00, 0x52, 0x0b, 0x73, 0x74, 0x72, 0x69, 0x6e, 0x67,
+	0x4d, 0x61, 0x74, 0x63, 0x68, 0x12, 0x25, 0x0a, 0x0d, 0x70, 0x72, 0x65, 0x73, 0x65, 0x6e, 0x74,
+	0x5f, 0x6d, 0x61, 0x74, 0x63, 0x68, 0x18, 0x06, 0x20, 0x01, 0x28, 0x08, 0x48, 0x00, 0x52, 0x0c,
+	0x70, 0x72, 0x65, 0x73, 0x65, 0x6e, 0x74, 0x4d, 0x61, 0x74, 0x63, 0x68, 0x3a, 0x2f, 0x9a, 0xc5,
+	0x88, 0x1e, 0x2a, 0x0a, 0x28, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x76,
+	0x32, 0x2e, 0x72, 0x6f, 0x75, 0x74, 0x65, 0x2e, 0x51, 0x75, 0x65, 0x72, 0x79, 0x50, 0x61, 0x72,
+	0x61, 0x6d, 0x65, 0x74, 0x65, 0x72, 0x4d, 0x61, 0x74, 0x63, 0x68, 0x65, 0x72, 0x42, 0x21, 0x0a,
+	0x1f, 0x71, 0x75, 0x65, 0x72, 0x79, 0x5f, 0x70, 0x61, 0x72, 0x61, 0x6d, 0x65, 0x74, 0x65, 0x72,
+	0x5f, 0x6d, 0x61, 0x74, 0x63, 0x68, 0x5f, 0x73, 0x70, 0x65, 0x63, 0x69, 0x66, 0x69, 0x65, 0x72,
+	0x4a, 0x04, 0x08, 0x03, 0x10, 0x04, 0x4a, 0x04, 0x08, 0x04, 0x10, 0x05, 0x52, 0x05, 0x76, 0x61,
+	0x6c, 0x75, 0x65, 0x52, 0x05, 0x72, 0x65, 0x67, 0x65, 0x78, 0x22, 0xb9, 0x02, 0x0a, 0x16, 0x49,
+	0x6e, 0x74, 0x65, 0x72, 0x6e, 0x61, 0x6c, 0x52, 0x65, 0x64, 0x69, 0x72, 0x65, 0x63, 0x74, 0x50,
+	0x6f, 0x6c, 0x69, 0x63, 0x79, 0x12, 0x52, 0x0a, 0x16, 0x6d, 0x61, 0x78, 0x5f, 0x69, 0x6e, 0x74,
+	0x65, 0x72, 0x6e, 0x61, 0x6c, 0x5f, 0x72, 0x65, 0x64, 0x69, 0x72, 0x65, 0x63, 0x74, 0x73, 0x18,
+	0x01, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1c, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70,
+	0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x55, 0x49, 0x6e, 0x74, 0x33, 0x32, 0x56, 0x61,
+	0x6c, 0x75, 0x65, 0x52, 0x14, 0x6d, 0x61, 0x78, 0x49, 0x6e, 0x74, 0x65, 0x72, 0x6e, 0x61, 0x6c,
+	0x52, 0x65, 0x64, 0x69, 0x72, 0x65, 0x63, 0x74, 0x73, 0x12, 0x40, 0x0a, 0x17, 0x72, 0x65, 0x64,
+	0x69, 0x72, 0x65, 0x63, 0x74, 0x5f, 0x72, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x5f, 0x63,
+	0x6f, 0x64, 0x65, 0x73, 0x18, 0x02, 0x20, 0x03, 0x28, 0x0d, 0x42, 0x08, 0xfa, 0x42, 0x05, 0x92,
+	0x01, 0x02, 0x10, 0x05, 0x52, 0x15, 0x72, 0x65, 0x64, 0x69, 0x72, 0x65, 0x63, 0x74, 0x52, 0x65,
+	0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x43, 0x6f, 0x64, 0x65, 0x73, 0x12, 0x4a, 0x0a, 0x0a, 0x70,
+	0x72, 0x65, 0x64, 0x69, 0x63, 0x61, 0x74, 0x65, 0x73, 0x18, 0x03, 0x20, 0x03, 0x28, 0x0b, 0x32,
+	0x2a, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x63,
+	0x6f, 0x72, 0x65, 0x2e, 0x76, 0x33, 0x2e, 0x54, 0x79, 0x70, 0x65, 0x64, 0x45, 0x78, 0x74, 0x65,
+	0x6e, 0x73, 0x69, 0x6f, 0x6e, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x52, 0x0a, 0x70, 0x72, 0x65,
+	0x64, 0x69, 0x63, 0x61, 0x74, 0x65, 0x73, 0x12, 0x3d, 0x0a, 0x1b, 0x61, 0x6c, 0x6c, 0x6f, 0x77,
+	0x5f, 0x63, 0x72, 0x6f, 0x73, 0x73, 0x5f, 0x73, 0x63, 0x68, 0x65, 0x6d, 0x65, 0x5f, 0x72, 0x65,
+	0x64, 0x69, 0x72, 0x65, 0x63, 0x74, 0x18, 0x04, 0x20, 0x01, 0x28, 0x08, 0x52, 0x18, 0x61, 0x6c,
+	0x6c, 0x6f, 0x77, 0x43, 0x72, 0x6f, 0x73, 0x73, 0x53, 0x63, 0x68, 0x65, 0x6d, 0x65, 0x52, 0x65,
+	0x64, 0x69, 0x72, 0x65, 0x63, 0x74, 0x22, 0x5d, 0x0a, 0x0c, 0x46, 0x69, 0x6c, 0x74, 0x65, 0x72,
+	0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x12, 0x2c, 0x0a, 0x06, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67,
+	0x18, 0x01, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x14, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e,
+	0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x41, 0x6e, 0x79, 0x52, 0x06, 0x63, 0x6f,
+	0x6e, 0x66, 0x69, 0x67, 0x12, 0x1f, 0x0a, 0x0b, 0x69, 0x73, 0x5f, 0x6f, 0x70, 0x74, 0x69, 0x6f,
+	0x6e, 0x61, 0x6c, 0x18, 0x02, 0x20, 0x01, 0x28, 0x08, 0x52, 0x0a, 0x69, 0x73, 0x4f, 0x70, 0x74,
+	0x69, 0x6f, 0x6e, 0x61, 0x6c, 0x42, 0x45, 0x0a, 0x23, 0x69, 0x6f, 0x2e, 0x65, 0x6e, 0x76, 0x6f,
+	0x79, 0x70, 0x72, 0x6f, 0x78, 0x79, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e,
+	0x66, 0x69, 0x67, 0x2e, 0x72, 0x6f, 0x75, 0x74, 0x65, 0x2e, 0x76, 0x33, 0x42, 0x14, 0x52, 0x6f,
+	0x75, 0x74, 0x65, 0x43, 0x6f, 0x6d, 0x70, 0x6f, 0x6e, 0x65, 0x6e, 0x74, 0x73, 0x50, 0x72, 0x6f,
+	0x74, 0x6f, 0x50, 0x01, 0xba, 0x80, 0xc8, 0xd1, 0x06, 0x02, 0x10, 0x02, 0x62, 0x06, 0x70, 0x72,
+	0x6f, 0x74, 0x6f, 0x33,
+}
+
+var (
+	file_envoy_config_route_v3_route_components_proto_rawDescOnce sync.Once
+	file_envoy_config_route_v3_route_components_proto_rawDescData = file_envoy_config_route_v3_route_components_proto_rawDesc
+)
+
+func file_envoy_config_route_v3_route_components_proto_rawDescGZIP() []byte {
+	file_envoy_config_route_v3_route_components_proto_rawDescOnce.Do(func() {
+		file_envoy_config_route_v3_route_components_proto_rawDescData = protoimpl.X.CompressGZIP(file_envoy_config_route_v3_route_components_proto_rawDescData)
+	})
+	return file_envoy_config_route_v3_route_components_proto_rawDescData
+}
+
+var file_envoy_config_route_v3_route_components_proto_enumTypes = make([]protoimpl.EnumInfo, 6)
+var file_envoy_config_route_v3_route_components_proto_msgTypes = make([]protoimpl.MessageInfo, 53)
+var file_envoy_config_route_v3_route_components_proto_goTypes = []interface{}{
+	(VirtualHost_TlsRequirementType)(0),                 // 0: envoy.config.route.v3.VirtualHost.TlsRequirementType
+	(RouteAction_ClusterNotFoundResponseCode)(0),        // 1: envoy.config.route.v3.RouteAction.ClusterNotFoundResponseCode
+	(RouteAction_InternalRedirectAction)(0),             // 2: envoy.config.route.v3.RouteAction.InternalRedirectAction
+	(RetryPolicy_ResetHeaderFormat)(0),                  // 3: envoy.config.route.v3.RetryPolicy.ResetHeaderFormat
+	(RedirectAction_RedirectResponseCode)(0),            // 4: envoy.config.route.v3.RedirectAction.RedirectResponseCode
+	(RateLimit_Action_MetaData_Source)(0),               // 5: envoy.config.route.v3.RateLimit.Action.MetaData.Source
+	(*VirtualHost)(nil),                                 // 6: envoy.config.route.v3.VirtualHost
+	(*FilterAction)(nil),                                // 7: envoy.config.route.v3.FilterAction
+	(*Route)(nil),                                       // 8: envoy.config.route.v3.Route
+	(*WeightedCluster)(nil),                             // 9: envoy.config.route.v3.WeightedCluster
+	(*RouteMatch)(nil),                                  // 10: envoy.config.route.v3.RouteMatch
+	(*CorsPolicy)(nil),                                  // 11: envoy.config.route.v3.CorsPolicy
+	(*RouteAction)(nil),                                 // 12: envoy.config.route.v3.RouteAction
+	(*RetryPolicy)(nil),                                 // 13: envoy.config.route.v3.RetryPolicy
+	(*HedgePolicy)(nil),                                 // 14: envoy.config.route.v3.HedgePolicy
+	(*RedirectAction)(nil),                              // 15: envoy.config.route.v3.RedirectAction
+	(*DirectResponseAction)(nil),                        // 16: envoy.config.route.v3.DirectResponseAction
+	(*NonForwardingAction)(nil),                         // 17: envoy.config.route.v3.NonForwardingAction
+	(*Decorator)(nil),                                   // 18: envoy.config.route.v3.Decorator
+	(*Tracing)(nil),                                     // 19: envoy.config.route.v3.Tracing
+	(*VirtualCluster)(nil),                              // 20: envoy.config.route.v3.VirtualCluster
+	(*RateLimit)(nil),                                   // 21: envoy.config.route.v3.RateLimit
+	(*HeaderMatcher)(nil),                               // 22: envoy.config.route.v3.HeaderMatcher
+	(*QueryParameterMatcher)(nil),                       // 23: envoy.config.route.v3.QueryParameterMatcher
+	(*InternalRedirectPolicy)(nil),                      // 24: envoy.config.route.v3.InternalRedirectPolicy
+	(*FilterConfig)(nil),                                // 25: envoy.config.route.v3.FilterConfig
+	nil,                                                 // 26: envoy.config.route.v3.VirtualHost.TypedPerFilterConfigEntry
+	nil,                                                 // 27: envoy.config.route.v3.Route.TypedPerFilterConfigEntry
+	(*WeightedCluster_ClusterWeight)(nil),               // 28: envoy.config.route.v3.WeightedCluster.ClusterWeight
+	nil,                                                 // 29: envoy.config.route.v3.WeightedCluster.ClusterWeight.TypedPerFilterConfigEntry
+	(*RouteMatch_GrpcRouteMatchOptions)(nil),            // 30: envoy.config.route.v3.RouteMatch.GrpcRouteMatchOptions
+	(*RouteMatch_TlsContextMatchOptions)(nil),           // 31: envoy.config.route.v3.RouteMatch.TlsContextMatchOptions
+	(*RouteMatch_ConnectMatcher)(nil),                   // 32: envoy.config.route.v3.RouteMatch.ConnectMatcher
+	(*RouteAction_RequestMirrorPolicy)(nil),             // 33: envoy.config.route.v3.RouteAction.RequestMirrorPolicy
+	(*RouteAction_HashPolicy)(nil),                      // 34: envoy.config.route.v3.RouteAction.HashPolicy
+	(*RouteAction_UpgradeConfig)(nil),                   // 35: envoy.config.route.v3.RouteAction.UpgradeConfig
+	(*RouteAction_MaxStreamDuration)(nil),               // 36: envoy.config.route.v3.RouteAction.MaxStreamDuration
+	(*RouteAction_HashPolicy_Header)(nil),               // 37: envoy.config.route.v3.RouteAction.HashPolicy.Header
+	(*RouteAction_HashPolicy_Cookie)(nil),               // 38: envoy.config.route.v3.RouteAction.HashPolicy.Cookie
+	(*RouteAction_HashPolicy_ConnectionProperties)(nil), // 39: envoy.config.route.v3.RouteAction.HashPolicy.ConnectionProperties
+	(*RouteAction_HashPolicy_QueryParameter)(nil),       // 40: envoy.config.route.v3.RouteAction.HashPolicy.QueryParameter
+	(*RouteAction_HashPolicy_FilterState)(nil),          // 41: envoy.config.route.v3.RouteAction.HashPolicy.FilterState
+	(*RouteAction_UpgradeConfig_ConnectConfig)(nil),     // 42: envoy.config.route.v3.RouteAction.UpgradeConfig.ConnectConfig
+	(*RetryPolicy_RetryPriority)(nil),                   // 43: envoy.config.route.v3.RetryPolicy.RetryPriority
+	(*RetryPolicy_RetryHostPredicate)(nil),              // 44: envoy.config.route.v3.RetryPolicy.RetryHostPredicate
+	(*RetryPolicy_RetryBackOff)(nil),                    // 45: envoy.config.route.v3.RetryPolicy.RetryBackOff
+	(*RetryPolicy_ResetHeader)(nil),                     // 46: envoy.config.route.v3.RetryPolicy.ResetHeader
+	(*RetryPolicy_RateLimitedRetryBackOff)(nil),         // 47: envoy.config.route.v3.RetryPolicy.RateLimitedRetryBackOff
+	(*RateLimit_Action)(nil),                            // 48: envoy.config.route.v3.RateLimit.Action
+	(*RateLimit_Override)(nil),                          // 49: envoy.config.route.v3.RateLimit.Override
+	(*RateLimit_Action_SourceCluster)(nil),              // 50: envoy.config.route.v3.RateLimit.Action.SourceCluster
+	(*RateLimit_Action_DestinationCluster)(nil),         // 51: envoy.config.route.v3.RateLimit.Action.DestinationCluster
+	(*RateLimit_Action_RequestHeaders)(nil),             // 52: envoy.config.route.v3.RateLimit.Action.RequestHeaders
+	(*RateLimit_Action_RemoteAddress)(nil),              // 53: envoy.config.route.v3.RateLimit.Action.RemoteAddress
+	(*RateLimit_Action_GenericKey)(nil),                 // 54: envoy.config.route.v3.RateLimit.Action.GenericKey
+	(*RateLimit_Action_HeaderValueMatch)(nil),           // 55: envoy.config.route.v3.RateLimit.Action.HeaderValueMatch
+	(*RateLimit_Action_DynamicMetaData)(nil),            // 56: envoy.config.route.v3.RateLimit.Action.DynamicMetaData
+	(*RateLimit_Action_MetaData)(nil),                   // 57: envoy.config.route.v3.RateLimit.Action.MetaData
+	(*RateLimit_Override_DynamicMetadata)(nil),          // 58: envoy.config.route.v3.RateLimit.Override.DynamicMetadata
+	(*v3.Matcher)(nil),                                  // 59: xds.type.matcher.v3.Matcher
+	(*v31.HeaderValueOption)(nil),                       // 60: envoy.config.core.v3.HeaderValueOption
+	(*any.Any)(nil),                                     // 61: google.protobuf.Any
+	(*wrappers.UInt32Value)(nil),                        // 62: google.protobuf.UInt32Value
+	(*v31.Metadata)(nil),                                // 63: envoy.config.core.v3.Metadata
+	(*v32.RegexMatcher)(nil),                            // 64: envoy.type.matcher.v3.RegexMatcher
+	(*wrappers.BoolValue)(nil),                          // 65: google.protobuf.BoolValue
+	(*v31.RuntimeFractionalPercent)(nil),                // 66: envoy.config.core.v3.RuntimeFractionalPercent
+	(*v32.MetadataMatcher)(nil),                         // 67: envoy.type.matcher.v3.MetadataMatcher
+	(*v32.StringMatcher)(nil),                           // 68: envoy.type.matcher.v3.StringMatcher
+	(*v32.RegexMatchAndSubstitute)(nil),                 // 69: envoy.type.matcher.v3.RegexMatchAndSubstitute
+	(*duration.Duration)(nil),                           // 70: google.protobuf.Duration
+	(v31.RoutingPriority)(0),                            // 71: envoy.config.core.v3.RoutingPriority
+	(*v31.TypedExtensionConfig)(nil),                    // 72: envoy.config.core.v3.TypedExtensionConfig
+	(*v33.FractionalPercent)(nil),                       // 73: envoy.type.v3.FractionalPercent
+	(*v31.DataSource)(nil),                              // 74: envoy.config.core.v3.DataSource
+	(*v34.CustomTag)(nil),                               // 75: envoy.type.tracing.v3.CustomTag
+	(*v33.Int64Range)(nil),                              // 76: envoy.type.v3.Int64Range
+	(*v31.ProxyProtocolConfig)(nil),                     // 77: envoy.config.core.v3.ProxyProtocolConfig
+	(*v35.MetadataKey)(nil),                             // 78: envoy.type.metadata.v3.MetadataKey
+}
+var file_envoy_config_route_v3_route_components_proto_depIdxs = []int32{
+	8,   // 0: envoy.config.route.v3.VirtualHost.routes:type_name -> envoy.config.route.v3.Route
+	59,  // 1: envoy.config.route.v3.VirtualHost.matcher:type_name -> xds.type.matcher.v3.Matcher
+	0,   // 2: envoy.config.route.v3.VirtualHost.require_tls:type_name -> envoy.config.route.v3.VirtualHost.TlsRequirementType
+	20,  // 3: envoy.config.route.v3.VirtualHost.virtual_clusters:type_name -> envoy.config.route.v3.VirtualCluster
+	21,  // 4: envoy.config.route.v3.VirtualHost.rate_limits:type_name -> envoy.config.route.v3.RateLimit
+	60,  // 5: envoy.config.route.v3.VirtualHost.request_headers_to_add:type_name -> envoy.config.core.v3.HeaderValueOption
+	60,  // 6: envoy.config.route.v3.VirtualHost.response_headers_to_add:type_name -> envoy.config.core.v3.HeaderValueOption
+	11,  // 7: envoy.config.route.v3.VirtualHost.cors:type_name -> envoy.config.route.v3.CorsPolicy
+	26,  // 8: envoy.config.route.v3.VirtualHost.typed_per_filter_config:type_name -> envoy.config.route.v3.VirtualHost.TypedPerFilterConfigEntry
+	13,  // 9: envoy.config.route.v3.VirtualHost.retry_policy:type_name -> envoy.config.route.v3.RetryPolicy
+	61,  // 10: envoy.config.route.v3.VirtualHost.retry_policy_typed_config:type_name -> google.protobuf.Any
+	14,  // 11: envoy.config.route.v3.VirtualHost.hedge_policy:type_name -> envoy.config.route.v3.HedgePolicy
+	62,  // 12: envoy.config.route.v3.VirtualHost.per_request_buffer_limit_bytes:type_name -> google.protobuf.UInt32Value
+	61,  // 13: envoy.config.route.v3.FilterAction.action:type_name -> google.protobuf.Any
+	10,  // 14: envoy.config.route.v3.Route.match:type_name -> envoy.config.route.v3.RouteMatch
+	12,  // 15: envoy.config.route.v3.Route.route:type_name -> envoy.config.route.v3.RouteAction
+	15,  // 16: envoy.config.route.v3.Route.redirect:type_name -> envoy.config.route.v3.RedirectAction
+	16,  // 17: envoy.config.route.v3.Route.direct_response:type_name -> envoy.config.route.v3.DirectResponseAction
+	7,   // 18: envoy.config.route.v3.Route.filter_action:type_name -> envoy.config.route.v3.FilterAction
+	17,  // 19: envoy.config.route.v3.Route.non_forwarding_action:type_name -> envoy.config.route.v3.NonForwardingAction
+	63,  // 20: envoy.config.route.v3.Route.metadata:type_name -> envoy.config.core.v3.Metadata
+	18,  // 21: envoy.config.route.v3.Route.decorator:type_name -> envoy.config.route.v3.Decorator
+	27,  // 22: envoy.config.route.v3.Route.typed_per_filter_config:type_name -> envoy.config.route.v3.Route.TypedPerFilterConfigEntry
+	60,  // 23: envoy.config.route.v3.Route.request_headers_to_add:type_name -> envoy.config.core.v3.HeaderValueOption
+	60,  // 24: envoy.config.route.v3.Route.response_headers_to_add:type_name -> envoy.config.core.v3.HeaderValueOption
+	19,  // 25: envoy.config.route.v3.Route.tracing:type_name -> envoy.config.route.v3.Tracing
+	62,  // 26: envoy.config.route.v3.Route.per_request_buffer_limit_bytes:type_name -> google.protobuf.UInt32Value
+	28,  // 27: envoy.config.route.v3.WeightedCluster.clusters:type_name -> envoy.config.route.v3.WeightedCluster.ClusterWeight
+	62,  // 28: envoy.config.route.v3.WeightedCluster.total_weight:type_name -> google.protobuf.UInt32Value
+	64,  // 29: envoy.config.route.v3.RouteMatch.safe_regex:type_name -> envoy.type.matcher.v3.RegexMatcher
+	32,  // 30: envoy.config.route.v3.RouteMatch.connect_matcher:type_name -> envoy.config.route.v3.RouteMatch.ConnectMatcher
+	65,  // 31: envoy.config.route.v3.RouteMatch.case_sensitive:type_name -> google.protobuf.BoolValue
+	66,  // 32: envoy.config.route.v3.RouteMatch.runtime_fraction:type_name -> envoy.config.core.v3.RuntimeFractionalPercent
+	22,  // 33: envoy.config.route.v3.RouteMatch.headers:type_name -> envoy.config.route.v3.HeaderMatcher
+	23,  // 34: envoy.config.route.v3.RouteMatch.query_parameters:type_name -> envoy.config.route.v3.QueryParameterMatcher
+	30,  // 35: envoy.config.route.v3.RouteMatch.grpc:type_name -> envoy.config.route.v3.RouteMatch.GrpcRouteMatchOptions
+	31,  // 36: envoy.config.route.v3.RouteMatch.tls_context:type_name -> envoy.config.route.v3.RouteMatch.TlsContextMatchOptions
+	67,  // 37: envoy.config.route.v3.RouteMatch.dynamic_metadata:type_name -> envoy.type.matcher.v3.MetadataMatcher
+	68,  // 38: envoy.config.route.v3.CorsPolicy.allow_origin_string_match:type_name -> envoy.type.matcher.v3.StringMatcher
+	65,  // 39: envoy.config.route.v3.CorsPolicy.allow_credentials:type_name -> google.protobuf.BoolValue
+	66,  // 40: envoy.config.route.v3.CorsPolicy.filter_enabled:type_name -> envoy.config.core.v3.RuntimeFractionalPercent
+	66,  // 41: envoy.config.route.v3.CorsPolicy.shadow_enabled:type_name -> envoy.config.core.v3.RuntimeFractionalPercent
+	9,   // 42: envoy.config.route.v3.RouteAction.weighted_clusters:type_name -> envoy.config.route.v3.WeightedCluster
+	1,   // 43: envoy.config.route.v3.RouteAction.cluster_not_found_response_code:type_name -> envoy.config.route.v3.RouteAction.ClusterNotFoundResponseCode
+	63,  // 44: envoy.config.route.v3.RouteAction.metadata_match:type_name -> envoy.config.core.v3.Metadata
+	69,  // 45: envoy.config.route.v3.RouteAction.regex_rewrite:type_name -> envoy.type.matcher.v3.RegexMatchAndSubstitute
+	65,  // 46: envoy.config.route.v3.RouteAction.auto_host_rewrite:type_name -> google.protobuf.BoolValue
+	69,  // 47: envoy.config.route.v3.RouteAction.host_rewrite_path_regex:type_name -> envoy.type.matcher.v3.RegexMatchAndSubstitute
+	70,  // 48: envoy.config.route.v3.RouteAction.timeout:type_name -> google.protobuf.Duration
+	70,  // 49: envoy.config.route.v3.RouteAction.idle_timeout:type_name -> google.protobuf.Duration
+	13,  // 50: envoy.config.route.v3.RouteAction.retry_policy:type_name -> envoy.config.route.v3.RetryPolicy
+	61,  // 51: envoy.config.route.v3.RouteAction.retry_policy_typed_config:type_name -> google.protobuf.Any
+	33,  // 52: envoy.config.route.v3.RouteAction.request_mirror_policies:type_name -> envoy.config.route.v3.RouteAction.RequestMirrorPolicy
+	71,  // 53: envoy.config.route.v3.RouteAction.priority:type_name -> envoy.config.core.v3.RoutingPriority
+	21,  // 54: envoy.config.route.v3.RouteAction.rate_limits:type_name -> envoy.config.route.v3.RateLimit
+	65,  // 55: envoy.config.route.v3.RouteAction.include_vh_rate_limits:type_name -> google.protobuf.BoolValue
+	34,  // 56: envoy.config.route.v3.RouteAction.hash_policy:type_name -> envoy.config.route.v3.RouteAction.HashPolicy
+	11,  // 57: envoy.config.route.v3.RouteAction.cors:type_name -> envoy.config.route.v3.CorsPolicy
+	70,  // 58: envoy.config.route.v3.RouteAction.max_grpc_timeout:type_name -> google.protobuf.Duration
+	70,  // 59: envoy.config.route.v3.RouteAction.grpc_timeout_offset:type_name -> google.protobuf.Duration
+	35,  // 60: envoy.config.route.v3.RouteAction.upgrade_configs:type_name -> envoy.config.route.v3.RouteAction.UpgradeConfig
+	24,  // 61: envoy.config.route.v3.RouteAction.internal_redirect_policy:type_name -> envoy.config.route.v3.InternalRedirectPolicy
+	2,   // 62: envoy.config.route.v3.RouteAction.internal_redirect_action:type_name -> envoy.config.route.v3.RouteAction.InternalRedirectAction
+	62,  // 63: envoy.config.route.v3.RouteAction.max_internal_redirects:type_name -> google.protobuf.UInt32Value
+	14,  // 64: envoy.config.route.v3.RouteAction.hedge_policy:type_name -> envoy.config.route.v3.HedgePolicy
+	36,  // 65: envoy.config.route.v3.RouteAction.max_stream_duration:type_name -> envoy.config.route.v3.RouteAction.MaxStreamDuration
+	62,  // 66: envoy.config.route.v3.RetryPolicy.num_retries:type_name -> google.protobuf.UInt32Value
+	70,  // 67: envoy.config.route.v3.RetryPolicy.per_try_timeout:type_name -> google.protobuf.Duration
+	70,  // 68: envoy.config.route.v3.RetryPolicy.per_try_idle_timeout:type_name -> google.protobuf.Duration
+	43,  // 69: envoy.config.route.v3.RetryPolicy.retry_priority:type_name -> envoy.config.route.v3.RetryPolicy.RetryPriority
+	44,  // 70: envoy.config.route.v3.RetryPolicy.retry_host_predicate:type_name -> envoy.config.route.v3.RetryPolicy.RetryHostPredicate
+	72,  // 71: envoy.config.route.v3.RetryPolicy.retry_options_predicates:type_name -> envoy.config.core.v3.TypedExtensionConfig
+	45,  // 72: envoy.config.route.v3.RetryPolicy.retry_back_off:type_name -> envoy.config.route.v3.RetryPolicy.RetryBackOff
+	47,  // 73: envoy.config.route.v3.RetryPolicy.rate_limited_retry_back_off:type_name -> envoy.config.route.v3.RetryPolicy.RateLimitedRetryBackOff
+	22,  // 74: envoy.config.route.v3.RetryPolicy.retriable_headers:type_name -> envoy.config.route.v3.HeaderMatcher
+	22,  // 75: envoy.config.route.v3.RetryPolicy.retriable_request_headers:type_name -> envoy.config.route.v3.HeaderMatcher
+	62,  // 76: envoy.config.route.v3.HedgePolicy.initial_requests:type_name -> google.protobuf.UInt32Value
+	73,  // 77: envoy.config.route.v3.HedgePolicy.additional_request_chance:type_name -> envoy.type.v3.FractionalPercent
+	69,  // 78: envoy.config.route.v3.RedirectAction.regex_rewrite:type_name -> envoy.type.matcher.v3.RegexMatchAndSubstitute
+	4,   // 79: envoy.config.route.v3.RedirectAction.response_code:type_name -> envoy.config.route.v3.RedirectAction.RedirectResponseCode
+	74,  // 80: envoy.config.route.v3.DirectResponseAction.body:type_name -> envoy.config.core.v3.DataSource
+	65,  // 81: envoy.config.route.v3.Decorator.propagate:type_name -> google.protobuf.BoolValue
+	73,  // 82: envoy.config.route.v3.Tracing.client_sampling:type_name -> envoy.type.v3.FractionalPercent
+	73,  // 83: envoy.config.route.v3.Tracing.random_sampling:type_name -> envoy.type.v3.FractionalPercent
+	73,  // 84: envoy.config.route.v3.Tracing.overall_sampling:type_name -> envoy.type.v3.FractionalPercent
+	75,  // 85: envoy.config.route.v3.Tracing.custom_tags:type_name -> envoy.type.tracing.v3.CustomTag
+	22,  // 86: envoy.config.route.v3.VirtualCluster.headers:type_name -> envoy.config.route.v3.HeaderMatcher
+	62,  // 87: envoy.config.route.v3.RateLimit.stage:type_name -> google.protobuf.UInt32Value
+	48,  // 88: envoy.config.route.v3.RateLimit.actions:type_name -> envoy.config.route.v3.RateLimit.Action
+	49,  // 89: envoy.config.route.v3.RateLimit.limit:type_name -> envoy.config.route.v3.RateLimit.Override
+	64,  // 90: envoy.config.route.v3.HeaderMatcher.safe_regex_match:type_name -> envoy.type.matcher.v3.RegexMatcher
+	76,  // 91: envoy.config.route.v3.HeaderMatcher.range_match:type_name -> envoy.type.v3.Int64Range
+	68,  // 92: envoy.config.route.v3.HeaderMatcher.string_match:type_name -> envoy.type.matcher.v3.StringMatcher
+	68,  // 93: envoy.config.route.v3.QueryParameterMatcher.string_match:type_name -> envoy.type.matcher.v3.StringMatcher
+	62,  // 94: envoy.config.route.v3.InternalRedirectPolicy.max_internal_redirects:type_name -> google.protobuf.UInt32Value
+	72,  // 95: envoy.config.route.v3.InternalRedirectPolicy.predicates:type_name -> envoy.config.core.v3.TypedExtensionConfig
+	61,  // 96: envoy.config.route.v3.FilterConfig.config:type_name -> google.protobuf.Any
+	61,  // 97: envoy.config.route.v3.VirtualHost.TypedPerFilterConfigEntry.value:type_name -> google.protobuf.Any
+	61,  // 98: envoy.config.route.v3.Route.TypedPerFilterConfigEntry.value:type_name -> google.protobuf.Any
+	62,  // 99: envoy.config.route.v3.WeightedCluster.ClusterWeight.weight:type_name -> google.protobuf.UInt32Value
+	63,  // 100: envoy.config.route.v3.WeightedCluster.ClusterWeight.metadata_match:type_name -> envoy.config.core.v3.Metadata
+	60,  // 101: envoy.config.route.v3.WeightedCluster.ClusterWeight.request_headers_to_add:type_name -> envoy.config.core.v3.HeaderValueOption
+	60,  // 102: envoy.config.route.v3.WeightedCluster.ClusterWeight.response_headers_to_add:type_name -> envoy.config.core.v3.HeaderValueOption
+	29,  // 103: envoy.config.route.v3.WeightedCluster.ClusterWeight.typed_per_filter_config:type_name -> envoy.config.route.v3.WeightedCluster.ClusterWeight.TypedPerFilterConfigEntry
+	61,  // 104: envoy.config.route.v3.WeightedCluster.ClusterWeight.TypedPerFilterConfigEntry.value:type_name -> google.protobuf.Any
+	65,  // 105: envoy.config.route.v3.RouteMatch.TlsContextMatchOptions.presented:type_name -> google.protobuf.BoolValue
+	65,  // 106: envoy.config.route.v3.RouteMatch.TlsContextMatchOptions.validated:type_name -> google.protobuf.BoolValue
+	66,  // 107: envoy.config.route.v3.RouteAction.RequestMirrorPolicy.runtime_fraction:type_name -> envoy.config.core.v3.RuntimeFractionalPercent
+	65,  // 108: envoy.config.route.v3.RouteAction.RequestMirrorPolicy.trace_sampled:type_name -> google.protobuf.BoolValue
+	37,  // 109: envoy.config.route.v3.RouteAction.HashPolicy.header:type_name -> envoy.config.route.v3.RouteAction.HashPolicy.Header
+	38,  // 110: envoy.config.route.v3.RouteAction.HashPolicy.cookie:type_name -> envoy.config.route.v3.RouteAction.HashPolicy.Cookie
+	39,  // 111: envoy.config.route.v3.RouteAction.HashPolicy.connection_properties:type_name -> envoy.config.route.v3.RouteAction.HashPolicy.ConnectionProperties
+	40,  // 112: envoy.config.route.v3.RouteAction.HashPolicy.query_parameter:type_name -> envoy.config.route.v3.RouteAction.HashPolicy.QueryParameter
+	41,  // 113: envoy.config.route.v3.RouteAction.HashPolicy.filter_state:type_name -> envoy.config.route.v3.RouteAction.HashPolicy.FilterState
+	65,  // 114: envoy.config.route.v3.RouteAction.UpgradeConfig.enabled:type_name -> google.protobuf.BoolValue
+	42,  // 115: envoy.config.route.v3.RouteAction.UpgradeConfig.connect_config:type_name -> envoy.config.route.v3.RouteAction.UpgradeConfig.ConnectConfig
+	70,  // 116: envoy.config.route.v3.RouteAction.MaxStreamDuration.max_stream_duration:type_name -> google.protobuf.Duration
+	70,  // 117: envoy.config.route.v3.RouteAction.MaxStreamDuration.grpc_timeout_header_max:type_name -> google.protobuf.Duration
+	70,  // 118: envoy.config.route.v3.RouteAction.MaxStreamDuration.grpc_timeout_header_offset:type_name -> google.protobuf.Duration
+	69,  // 119: envoy.config.route.v3.RouteAction.HashPolicy.Header.regex_rewrite:type_name -> envoy.type.matcher.v3.RegexMatchAndSubstitute
+	70,  // 120: envoy.config.route.v3.RouteAction.HashPolicy.Cookie.ttl:type_name -> google.protobuf.Duration
+	77,  // 121: envoy.config.route.v3.RouteAction.UpgradeConfig.ConnectConfig.proxy_protocol_config:type_name -> envoy.config.core.v3.ProxyProtocolConfig
+	61,  // 122: envoy.config.route.v3.RetryPolicy.RetryPriority.typed_config:type_name -> google.protobuf.Any
+	61,  // 123: envoy.config.route.v3.RetryPolicy.RetryHostPredicate.typed_config:type_name -> google.protobuf.Any
+	70,  // 124: envoy.config.route.v3.RetryPolicy.RetryBackOff.base_interval:type_name -> google.protobuf.Duration
+	70,  // 125: envoy.config.route.v3.RetryPolicy.RetryBackOff.max_interval:type_name -> google.protobuf.Duration
+	3,   // 126: envoy.config.route.v3.RetryPolicy.ResetHeader.format:type_name -> envoy.config.route.v3.RetryPolicy.ResetHeaderFormat
+	46,  // 127: envoy.config.route.v3.RetryPolicy.RateLimitedRetryBackOff.reset_headers:type_name -> envoy.config.route.v3.RetryPolicy.ResetHeader
+	70,  // 128: envoy.config.route.v3.RetryPolicy.RateLimitedRetryBackOff.max_interval:type_name -> google.protobuf.Duration
+	50,  // 129: envoy.config.route.v3.RateLimit.Action.source_cluster:type_name -> envoy.config.route.v3.RateLimit.Action.SourceCluster
+	51,  // 130: envoy.config.route.v3.RateLimit.Action.destination_cluster:type_name -> envoy.config.route.v3.RateLimit.Action.DestinationCluster
+	52,  // 131: envoy.config.route.v3.RateLimit.Action.request_headers:type_name -> envoy.config.route.v3.RateLimit.Action.RequestHeaders
+	53,  // 132: envoy.config.route.v3.RateLimit.Action.remote_address:type_name -> envoy.config.route.v3.RateLimit.Action.RemoteAddress
+	54,  // 133: envoy.config.route.v3.RateLimit.Action.generic_key:type_name -> envoy.config.route.v3.RateLimit.Action.GenericKey
+	55,  // 134: envoy.config.route.v3.RateLimit.Action.header_value_match:type_name -> envoy.config.route.v3.RateLimit.Action.HeaderValueMatch
+	56,  // 135: envoy.config.route.v3.RateLimit.Action.dynamic_metadata:type_name -> envoy.config.route.v3.RateLimit.Action.DynamicMetaData
+	57,  // 136: envoy.config.route.v3.RateLimit.Action.metadata:type_name -> envoy.config.route.v3.RateLimit.Action.MetaData
+	72,  // 137: envoy.config.route.v3.RateLimit.Action.extension:type_name -> envoy.config.core.v3.TypedExtensionConfig
+	58,  // 138: envoy.config.route.v3.RateLimit.Override.dynamic_metadata:type_name -> envoy.config.route.v3.RateLimit.Override.DynamicMetadata
+	65,  // 139: envoy.config.route.v3.RateLimit.Action.HeaderValueMatch.expect_match:type_name -> google.protobuf.BoolValue
+	22,  // 140: envoy.config.route.v3.RateLimit.Action.HeaderValueMatch.headers:type_name -> envoy.config.route.v3.HeaderMatcher
+	78,  // 141: envoy.config.route.v3.RateLimit.Action.DynamicMetaData.metadata_key:type_name -> envoy.type.metadata.v3.MetadataKey
+	78,  // 142: envoy.config.route.v3.RateLimit.Action.MetaData.metadata_key:type_name -> envoy.type.metadata.v3.MetadataKey
+	5,   // 143: envoy.config.route.v3.RateLimit.Action.MetaData.source:type_name -> envoy.config.route.v3.RateLimit.Action.MetaData.Source
+	78,  // 144: envoy.config.route.v3.RateLimit.Override.DynamicMetadata.metadata_key:type_name -> envoy.type.metadata.v3.MetadataKey
+	145, // [145:145] is the sub-list for method output_type
+	145, // [145:145] is the sub-list for method input_type
+	145, // [145:145] is the sub-list for extension type_name
+	145, // [145:145] is the sub-list for extension extendee
+	0,   // [0:145] is the sub-list for field type_name
+}
+
+func init() { file_envoy_config_route_v3_route_components_proto_init() }
+func file_envoy_config_route_v3_route_components_proto_init() {
+	if File_envoy_config_route_v3_route_components_proto != nil {
+		return
+	}
+	if !protoimpl.UnsafeEnabled {
+		file_envoy_config_route_v3_route_components_proto_msgTypes[0].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*VirtualHost); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_config_route_v3_route_components_proto_msgTypes[1].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*FilterAction); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_config_route_v3_route_components_proto_msgTypes[2].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*Route); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_config_route_v3_route_components_proto_msgTypes[3].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*WeightedCluster); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_config_route_v3_route_components_proto_msgTypes[4].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*RouteMatch); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_config_route_v3_route_components_proto_msgTypes[5].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*CorsPolicy); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_config_route_v3_route_components_proto_msgTypes[6].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*RouteAction); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_config_route_v3_route_components_proto_msgTypes[7].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*RetryPolicy); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_config_route_v3_route_components_proto_msgTypes[8].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*HedgePolicy); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_config_route_v3_route_components_proto_msgTypes[9].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*RedirectAction); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_config_route_v3_route_components_proto_msgTypes[10].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*DirectResponseAction); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_config_route_v3_route_components_proto_msgTypes[11].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*NonForwardingAction); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_config_route_v3_route_components_proto_msgTypes[12].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*Decorator); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_config_route_v3_route_components_proto_msgTypes[13].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*Tracing); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_config_route_v3_route_components_proto_msgTypes[14].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*VirtualCluster); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_config_route_v3_route_components_proto_msgTypes[15].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*RateLimit); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_config_route_v3_route_components_proto_msgTypes[16].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*HeaderMatcher); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_config_route_v3_route_components_proto_msgTypes[17].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*QueryParameterMatcher); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_config_route_v3_route_components_proto_msgTypes[18].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*InternalRedirectPolicy); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_config_route_v3_route_components_proto_msgTypes[19].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*FilterConfig); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_config_route_v3_route_components_proto_msgTypes[22].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*WeightedCluster_ClusterWeight); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_config_route_v3_route_components_proto_msgTypes[24].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*RouteMatch_GrpcRouteMatchOptions); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_config_route_v3_route_components_proto_msgTypes[25].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*RouteMatch_TlsContextMatchOptions); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_config_route_v3_route_components_proto_msgTypes[26].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*RouteMatch_ConnectMatcher); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_config_route_v3_route_components_proto_msgTypes[27].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*RouteAction_RequestMirrorPolicy); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_config_route_v3_route_components_proto_msgTypes[28].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*RouteAction_HashPolicy); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_config_route_v3_route_components_proto_msgTypes[29].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*RouteAction_UpgradeConfig); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_config_route_v3_route_components_proto_msgTypes[30].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*RouteAction_MaxStreamDuration); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_config_route_v3_route_components_proto_msgTypes[31].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*RouteAction_HashPolicy_Header); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_config_route_v3_route_components_proto_msgTypes[32].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*RouteAction_HashPolicy_Cookie); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_config_route_v3_route_components_proto_msgTypes[33].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*RouteAction_HashPolicy_ConnectionProperties); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_config_route_v3_route_components_proto_msgTypes[34].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*RouteAction_HashPolicy_QueryParameter); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_config_route_v3_route_components_proto_msgTypes[35].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*RouteAction_HashPolicy_FilterState); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_config_route_v3_route_components_proto_msgTypes[36].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*RouteAction_UpgradeConfig_ConnectConfig); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_config_route_v3_route_components_proto_msgTypes[37].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*RetryPolicy_RetryPriority); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_config_route_v3_route_components_proto_msgTypes[38].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*RetryPolicy_RetryHostPredicate); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_config_route_v3_route_components_proto_msgTypes[39].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*RetryPolicy_RetryBackOff); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_config_route_v3_route_components_proto_msgTypes[40].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*RetryPolicy_ResetHeader); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_config_route_v3_route_components_proto_msgTypes[41].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*RetryPolicy_RateLimitedRetryBackOff); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_config_route_v3_route_components_proto_msgTypes[42].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*RateLimit_Action); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_config_route_v3_route_components_proto_msgTypes[43].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*RateLimit_Override); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_config_route_v3_route_components_proto_msgTypes[44].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*RateLimit_Action_SourceCluster); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_config_route_v3_route_components_proto_msgTypes[45].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*RateLimit_Action_DestinationCluster); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_config_route_v3_route_components_proto_msgTypes[46].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*RateLimit_Action_RequestHeaders); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_config_route_v3_route_components_proto_msgTypes[47].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*RateLimit_Action_RemoteAddress); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_config_route_v3_route_components_proto_msgTypes[48].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*RateLimit_Action_GenericKey); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_config_route_v3_route_components_proto_msgTypes[49].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*RateLimit_Action_HeaderValueMatch); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_config_route_v3_route_components_proto_msgTypes[50].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*RateLimit_Action_DynamicMetaData); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_config_route_v3_route_components_proto_msgTypes[51].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*RateLimit_Action_MetaData); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_config_route_v3_route_components_proto_msgTypes[52].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*RateLimit_Override_DynamicMetadata); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+	}
+	file_envoy_config_route_v3_route_components_proto_msgTypes[2].OneofWrappers = []interface{}{
+		(*Route_Route)(nil),
+		(*Route_Redirect)(nil),
+		(*Route_DirectResponse)(nil),
+		(*Route_FilterAction)(nil),
+		(*Route_NonForwardingAction)(nil),
+	}
+	file_envoy_config_route_v3_route_components_proto_msgTypes[4].OneofWrappers = []interface{}{
+		(*RouteMatch_Prefix)(nil),
+		(*RouteMatch_Path)(nil),
+		(*RouteMatch_SafeRegex)(nil),
+		(*RouteMatch_ConnectMatcher_)(nil),
+	}
+	file_envoy_config_route_v3_route_components_proto_msgTypes[5].OneofWrappers = []interface{}{
+		(*CorsPolicy_FilterEnabled)(nil),
+	}
+	file_envoy_config_route_v3_route_components_proto_msgTypes[6].OneofWrappers = []interface{}{
+		(*RouteAction_Cluster)(nil),
+		(*RouteAction_ClusterHeader)(nil),
+		(*RouteAction_WeightedClusters)(nil),
+		(*RouteAction_ClusterSpecifierPlugin)(nil),
+		(*RouteAction_HostRewriteLiteral)(nil),
+		(*RouteAction_AutoHostRewrite)(nil),
+		(*RouteAction_HostRewriteHeader)(nil),
+		(*RouteAction_HostRewritePathRegex)(nil),
+	}
+	file_envoy_config_route_v3_route_components_proto_msgTypes[9].OneofWrappers = []interface{}{
+		(*RedirectAction_HttpsRedirect)(nil),
+		(*RedirectAction_SchemeRedirect)(nil),
+		(*RedirectAction_PathRedirect)(nil),
+		(*RedirectAction_PrefixRewrite)(nil),
+		(*RedirectAction_RegexRewrite)(nil),
+	}
+	file_envoy_config_route_v3_route_components_proto_msgTypes[16].OneofWrappers = []interface{}{
+		(*HeaderMatcher_ExactMatch)(nil),
+		(*HeaderMatcher_SafeRegexMatch)(nil),
+		(*HeaderMatcher_RangeMatch)(nil),
+		(*HeaderMatcher_PresentMatch)(nil),
+		(*HeaderMatcher_PrefixMatch)(nil),
+		(*HeaderMatcher_SuffixMatch)(nil),
+		(*HeaderMatcher_ContainsMatch)(nil),
+		(*HeaderMatcher_StringMatch)(nil),
+	}
+	file_envoy_config_route_v3_route_components_proto_msgTypes[17].OneofWrappers = []interface{}{
+		(*QueryParameterMatcher_StringMatch)(nil),
+		(*QueryParameterMatcher_PresentMatch)(nil),
+	}
+	file_envoy_config_route_v3_route_components_proto_msgTypes[22].OneofWrappers = []interface{}{
+		(*WeightedCluster_ClusterWeight_HostRewriteLiteral)(nil),
+	}
+	file_envoy_config_route_v3_route_components_proto_msgTypes[28].OneofWrappers = []interface{}{
+		(*RouteAction_HashPolicy_Header_)(nil),
+		(*RouteAction_HashPolicy_Cookie_)(nil),
+		(*RouteAction_HashPolicy_ConnectionProperties_)(nil),
+		(*RouteAction_HashPolicy_QueryParameter_)(nil),
+		(*RouteAction_HashPolicy_FilterState_)(nil),
+	}
+	file_envoy_config_route_v3_route_components_proto_msgTypes[37].OneofWrappers = []interface{}{
+		(*RetryPolicy_RetryPriority_TypedConfig)(nil),
+	}
+	file_envoy_config_route_v3_route_components_proto_msgTypes[38].OneofWrappers = []interface{}{
+		(*RetryPolicy_RetryHostPredicate_TypedConfig)(nil),
+	}
+	file_envoy_config_route_v3_route_components_proto_msgTypes[42].OneofWrappers = []interface{}{
+		(*RateLimit_Action_SourceCluster_)(nil),
+		(*RateLimit_Action_DestinationCluster_)(nil),
+		(*RateLimit_Action_RequestHeaders_)(nil),
+		(*RateLimit_Action_RemoteAddress_)(nil),
+		(*RateLimit_Action_GenericKey_)(nil),
+		(*RateLimit_Action_HeaderValueMatch_)(nil),
+		(*RateLimit_Action_DynamicMetadata)(nil),
+		(*RateLimit_Action_Metadata)(nil),
+		(*RateLimit_Action_Extension)(nil),
+	}
+	file_envoy_config_route_v3_route_components_proto_msgTypes[43].OneofWrappers = []interface{}{
+		(*RateLimit_Override_DynamicMetadata_)(nil),
+	}
+	type x struct{}
+	out := protoimpl.TypeBuilder{
+		File: protoimpl.DescBuilder{
+			GoPackagePath: reflect.TypeOf(x{}).PkgPath(),
+			RawDescriptor: file_envoy_config_route_v3_route_components_proto_rawDesc,
+			NumEnums:      6,
+			NumMessages:   53,
+			NumExtensions: 0,
+			NumServices:   0,
+		},
+		GoTypes:           file_envoy_config_route_v3_route_components_proto_goTypes,
+		DependencyIndexes: file_envoy_config_route_v3_route_components_proto_depIdxs,
+		EnumInfos:         file_envoy_config_route_v3_route_components_proto_enumTypes,
+		MessageInfos:      file_envoy_config_route_v3_route_components_proto_msgTypes,
+	}.Build()
+	File_envoy_config_route_v3_route_components_proto = out.File
+	file_envoy_config_route_v3_route_components_proto_rawDesc = nil
+	file_envoy_config_route_v3_route_components_proto_goTypes = nil
+	file_envoy_config_route_v3_route_components_proto_depIdxs = nil
+}
diff --git a/vendor/github.com/envoyproxy/go-control-plane/envoy/config/route/v3/route_components.pb.validate.go b/vendor/github.com/envoyproxy/go-control-plane/envoy/config/route/v3/route_components.pb.validate.go
new file mode 100644
index 00000000000..d8dc5078d04
--- /dev/null
+++ b/vendor/github.com/envoyproxy/go-control-plane/envoy/config/route/v3/route_components.pb.validate.go
@@ -0,0 +1,10362 @@
+// Code generated by protoc-gen-validate. DO NOT EDIT.
+// source: envoy/config/route/v3/route_components.proto
+
+package envoy_config_route_v3
+
+import (
+	"bytes"
+	"errors"
+	"fmt"
+	"net"
+	"net/mail"
+	"net/url"
+	"regexp"
+	"sort"
+	"strings"
+	"time"
+	"unicode/utf8"
+
+	"google.golang.org/protobuf/types/known/anypb"
+
+	v3 "github.com/envoyproxy/go-control-plane/envoy/config/core/v3"
+)
+
+// ensure the imports are used
+var (
+	_ = bytes.MinRead
+	_ = errors.New("")
+	_ = fmt.Print
+	_ = utf8.UTFMax
+	_ = (*regexp.Regexp)(nil)
+	_ = (*strings.Reader)(nil)
+	_ = net.IPv4len
+	_ = time.Duration(0)
+	_ = (*url.URL)(nil)
+	_ = (*mail.Address)(nil)
+	_ = anypb.Any{}
+	_ = sort.Sort
+
+	_ = v3.RoutingPriority(0)
+)
+
+// Validate checks the field values on VirtualHost with the rules defined in
+// the proto definition for this message. If any rules are violated, the first
+// error encountered is returned, or nil if there are no violations.
+func (m *VirtualHost) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on VirtualHost with the rules defined in
+// the proto definition for this message. If any rules are violated, the
+// result is a list of violation errors wrapped in VirtualHostMultiError, or
+// nil if none found.
+func (m *VirtualHost) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *VirtualHost) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	if utf8.RuneCountInString(m.GetName()) < 1 {
+		err := VirtualHostValidationError{
+			field:  "Name",
+			reason: "value length must be at least 1 runes",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+	}
+
+	if len(m.GetDomains()) < 1 {
+		err := VirtualHostValidationError{
+			field:  "Domains",
+			reason: "value must contain at least 1 item(s)",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+	}
+
+	for idx, item := range m.GetDomains() {
+		_, _ = idx, item
+
+		if !_VirtualHost_Domains_Pattern.MatchString(item) {
+			err := VirtualHostValidationError{
+				field:  fmt.Sprintf("Domains[%v]", idx),
+				reason: "value does not match regex pattern \"^[^\\x00\\n\\r]*$\"",
+			}
+			if !all {
+				return err
+			}
+			errors = append(errors, err)
+		}
+
+	}
+
+	for idx, item := range m.GetRoutes() {
+		_, _ = idx, item
+
+		if all {
+			switch v := interface{}(item).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, VirtualHostValidationError{
+						field:  fmt.Sprintf("Routes[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, VirtualHostValidationError{
+						field:  fmt.Sprintf("Routes[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(item).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return VirtualHostValidationError{
+					field:  fmt.Sprintf("Routes[%v]", idx),
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	}
+
+	if all {
+		switch v := interface{}(m.GetMatcher()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, VirtualHostValidationError{
+					field:  "Matcher",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, VirtualHostValidationError{
+					field:  "Matcher",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetMatcher()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return VirtualHostValidationError{
+				field:  "Matcher",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if _, ok := VirtualHost_TlsRequirementType_name[int32(m.GetRequireTls())]; !ok {
+		err := VirtualHostValidationError{
+			field:  "RequireTls",
+			reason: "value must be one of the defined enum values",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+	}
+
+	for idx, item := range m.GetVirtualClusters() {
+		_, _ = idx, item
+
+		if all {
+			switch v := interface{}(item).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, VirtualHostValidationError{
+						field:  fmt.Sprintf("VirtualClusters[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, VirtualHostValidationError{
+						field:  fmt.Sprintf("VirtualClusters[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(item).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return VirtualHostValidationError{
+					field:  fmt.Sprintf("VirtualClusters[%v]", idx),
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	}
+
+	for idx, item := range m.GetRateLimits() {
+		_, _ = idx, item
+
+		if all {
+			switch v := interface{}(item).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, VirtualHostValidationError{
+						field:  fmt.Sprintf("RateLimits[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, VirtualHostValidationError{
+						field:  fmt.Sprintf("RateLimits[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(item).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return VirtualHostValidationError{
+					field:  fmt.Sprintf("RateLimits[%v]", idx),
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	}
+
+	if len(m.GetRequestHeadersToAdd()) > 1000 {
+		err := VirtualHostValidationError{
+			field:  "RequestHeadersToAdd",
+			reason: "value must contain no more than 1000 item(s)",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+	}
+
+	for idx, item := range m.GetRequestHeadersToAdd() {
+		_, _ = idx, item
+
+		if all {
+			switch v := interface{}(item).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, VirtualHostValidationError{
+						field:  fmt.Sprintf("RequestHeadersToAdd[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, VirtualHostValidationError{
+						field:  fmt.Sprintf("RequestHeadersToAdd[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(item).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return VirtualHostValidationError{
+					field:  fmt.Sprintf("RequestHeadersToAdd[%v]", idx),
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	}
+
+	for idx, item := range m.GetRequestHeadersToRemove() {
+		_, _ = idx, item
+
+		if utf8.RuneCountInString(item) < 1 {
+			err := VirtualHostValidationError{
+				field:  fmt.Sprintf("RequestHeadersToRemove[%v]", idx),
+				reason: "value length must be at least 1 runes",
+			}
+			if !all {
+				return err
+			}
+			errors = append(errors, err)
+		}
+
+		if !_VirtualHost_RequestHeadersToRemove_Pattern.MatchString(item) {
+			err := VirtualHostValidationError{
+				field:  fmt.Sprintf("RequestHeadersToRemove[%v]", idx),
+				reason: "value does not match regex pattern \"^[^\\x00\\n\\r]*$\"",
+			}
+			if !all {
+				return err
+			}
+			errors = append(errors, err)
+		}
+
+	}
+
+	if len(m.GetResponseHeadersToAdd()) > 1000 {
+		err := VirtualHostValidationError{
+			field:  "ResponseHeadersToAdd",
+			reason: "value must contain no more than 1000 item(s)",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+	}
+
+	for idx, item := range m.GetResponseHeadersToAdd() {
+		_, _ = idx, item
+
+		if all {
+			switch v := interface{}(item).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, VirtualHostValidationError{
+						field:  fmt.Sprintf("ResponseHeadersToAdd[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, VirtualHostValidationError{
+						field:  fmt.Sprintf("ResponseHeadersToAdd[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(item).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return VirtualHostValidationError{
+					field:  fmt.Sprintf("ResponseHeadersToAdd[%v]", idx),
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	}
+
+	for idx, item := range m.GetResponseHeadersToRemove() {
+		_, _ = idx, item
+
+		if utf8.RuneCountInString(item) < 1 {
+			err := VirtualHostValidationError{
+				field:  fmt.Sprintf("ResponseHeadersToRemove[%v]", idx),
+				reason: "value length must be at least 1 runes",
+			}
+			if !all {
+				return err
+			}
+			errors = append(errors, err)
+		}
+
+		if !_VirtualHost_ResponseHeadersToRemove_Pattern.MatchString(item) {
+			err := VirtualHostValidationError{
+				field:  fmt.Sprintf("ResponseHeadersToRemove[%v]", idx),
+				reason: "value does not match regex pattern \"^[^\\x00\\n\\r]*$\"",
+			}
+			if !all {
+				return err
+			}
+			errors = append(errors, err)
+		}
+
+	}
+
+	if all {
+		switch v := interface{}(m.GetCors()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, VirtualHostValidationError{
+					field:  "Cors",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, VirtualHostValidationError{
+					field:  "Cors",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetCors()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return VirtualHostValidationError{
+				field:  "Cors",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	{
+		sorted_keys := make([]string, len(m.GetTypedPerFilterConfig()))
+		i := 0
+		for key := range m.GetTypedPerFilterConfig() {
+			sorted_keys[i] = key
+			i++
+		}
+		sort.Slice(sorted_keys, func(i, j int) bool { return sorted_keys[i] < sorted_keys[j] })
+		for _, key := range sorted_keys {
+			val := m.GetTypedPerFilterConfig()[key]
+			_ = val
+
+			// no validation rules for TypedPerFilterConfig[key]
+
+			if all {
+				switch v := interface{}(val).(type) {
+				case interface{ ValidateAll() error }:
+					if err := v.ValidateAll(); err != nil {
+						errors = append(errors, VirtualHostValidationError{
+							field:  fmt.Sprintf("TypedPerFilterConfig[%v]", key),
+							reason: "embedded message failed validation",
+							cause:  err,
+						})
+					}
+				case interface{ Validate() error }:
+					if err := v.Validate(); err != nil {
+						errors = append(errors, VirtualHostValidationError{
+							field:  fmt.Sprintf("TypedPerFilterConfig[%v]", key),
+							reason: "embedded message failed validation",
+							cause:  err,
+						})
+					}
+				}
+			} else if v, ok := interface{}(val).(interface{ Validate() error }); ok {
+				if err := v.Validate(); err != nil {
+					return VirtualHostValidationError{
+						field:  fmt.Sprintf("TypedPerFilterConfig[%v]", key),
+						reason: "embedded message failed validation",
+						cause:  err,
+					}
+				}
+			}
+
+		}
+	}
+
+	// no validation rules for IncludeRequestAttemptCount
+
+	// no validation rules for IncludeAttemptCountInResponse
+
+	if all {
+		switch v := interface{}(m.GetRetryPolicy()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, VirtualHostValidationError{
+					field:  "RetryPolicy",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, VirtualHostValidationError{
+					field:  "RetryPolicy",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetRetryPolicy()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return VirtualHostValidationError{
+				field:  "RetryPolicy",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if all {
+		switch v := interface{}(m.GetRetryPolicyTypedConfig()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, VirtualHostValidationError{
+					field:  "RetryPolicyTypedConfig",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, VirtualHostValidationError{
+					field:  "RetryPolicyTypedConfig",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetRetryPolicyTypedConfig()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return VirtualHostValidationError{
+				field:  "RetryPolicyTypedConfig",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if all {
+		switch v := interface{}(m.GetHedgePolicy()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, VirtualHostValidationError{
+					field:  "HedgePolicy",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, VirtualHostValidationError{
+					field:  "HedgePolicy",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetHedgePolicy()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return VirtualHostValidationError{
+				field:  "HedgePolicy",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if all {
+		switch v := interface{}(m.GetPerRequestBufferLimitBytes()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, VirtualHostValidationError{
+					field:  "PerRequestBufferLimitBytes",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, VirtualHostValidationError{
+					field:  "PerRequestBufferLimitBytes",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetPerRequestBufferLimitBytes()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return VirtualHostValidationError{
+				field:  "PerRequestBufferLimitBytes",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if len(errors) > 0 {
+		return VirtualHostMultiError(errors)
+	}
+	return nil
+}
+
+// VirtualHostMultiError is an error wrapping multiple validation errors
+// returned by VirtualHost.ValidateAll() if the designated constraints aren't met.
+type VirtualHostMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m VirtualHostMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m VirtualHostMultiError) AllErrors() []error { return m }
+
+// VirtualHostValidationError is the validation error returned by
+// VirtualHost.Validate if the designated constraints aren't met.
+type VirtualHostValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e VirtualHostValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e VirtualHostValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e VirtualHostValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e VirtualHostValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e VirtualHostValidationError) ErrorName() string { return "VirtualHostValidationError" }
+
+// Error satisfies the builtin error interface
+func (e VirtualHostValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sVirtualHost.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = VirtualHostValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = VirtualHostValidationError{}
+
+var _VirtualHost_Domains_Pattern = regexp.MustCompile("^[^\x00\n\r]*$")
+
+var _VirtualHost_RequestHeadersToRemove_Pattern = regexp.MustCompile("^[^\x00\n\r]*$")
+
+var _VirtualHost_ResponseHeadersToRemove_Pattern = regexp.MustCompile("^[^\x00\n\r]*$")
+
+// Validate checks the field values on FilterAction with the rules defined in
+// the proto definition for this message. If any rules are violated, the first
+// error encountered is returned, or nil if there are no violations.
+func (m *FilterAction) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on FilterAction with the rules defined
+// in the proto definition for this message. If any rules are violated, the
+// result is a list of violation errors wrapped in FilterActionMultiError, or
+// nil if none found.
+func (m *FilterAction) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *FilterAction) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	if all {
+		switch v := interface{}(m.GetAction()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, FilterActionValidationError{
+					field:  "Action",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, FilterActionValidationError{
+					field:  "Action",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetAction()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return FilterActionValidationError{
+				field:  "Action",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if len(errors) > 0 {
+		return FilterActionMultiError(errors)
+	}
+	return nil
+}
+
+// FilterActionMultiError is an error wrapping multiple validation errors
+// returned by FilterAction.ValidateAll() if the designated constraints aren't met.
+type FilterActionMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m FilterActionMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m FilterActionMultiError) AllErrors() []error { return m }
+
+// FilterActionValidationError is the validation error returned by
+// FilterAction.Validate if the designated constraints aren't met.
+type FilterActionValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e FilterActionValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e FilterActionValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e FilterActionValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e FilterActionValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e FilterActionValidationError) ErrorName() string { return "FilterActionValidationError" }
+
+// Error satisfies the builtin error interface
+func (e FilterActionValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sFilterAction.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = FilterActionValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = FilterActionValidationError{}
+
+// Validate checks the field values on Route with the rules defined in the
+// proto definition for this message. If any rules are violated, the first
+// error encountered is returned, or nil if there are no violations.
+func (m *Route) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on Route with the rules defined in the
+// proto definition for this message. If any rules are violated, the result is
+// a list of violation errors wrapped in RouteMultiError, or nil if none found.
+func (m *Route) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *Route) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	// no validation rules for Name
+
+	if m.GetMatch() == nil {
+		err := RouteValidationError{
+			field:  "Match",
+			reason: "value is required",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+	}
+
+	if all {
+		switch v := interface{}(m.GetMatch()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, RouteValidationError{
+					field:  "Match",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, RouteValidationError{
+					field:  "Match",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetMatch()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return RouteValidationError{
+				field:  "Match",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if all {
+		switch v := interface{}(m.GetMetadata()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, RouteValidationError{
+					field:  "Metadata",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, RouteValidationError{
+					field:  "Metadata",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetMetadata()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return RouteValidationError{
+				field:  "Metadata",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if all {
+		switch v := interface{}(m.GetDecorator()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, RouteValidationError{
+					field:  "Decorator",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, RouteValidationError{
+					field:  "Decorator",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetDecorator()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return RouteValidationError{
+				field:  "Decorator",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	{
+		sorted_keys := make([]string, len(m.GetTypedPerFilterConfig()))
+		i := 0
+		for key := range m.GetTypedPerFilterConfig() {
+			sorted_keys[i] = key
+			i++
+		}
+		sort.Slice(sorted_keys, func(i, j int) bool { return sorted_keys[i] < sorted_keys[j] })
+		for _, key := range sorted_keys {
+			val := m.GetTypedPerFilterConfig()[key]
+			_ = val
+
+			// no validation rules for TypedPerFilterConfig[key]
+
+			if all {
+				switch v := interface{}(val).(type) {
+				case interface{ ValidateAll() error }:
+					if err := v.ValidateAll(); err != nil {
+						errors = append(errors, RouteValidationError{
+							field:  fmt.Sprintf("TypedPerFilterConfig[%v]", key),
+							reason: "embedded message failed validation",
+							cause:  err,
+						})
+					}
+				case interface{ Validate() error }:
+					if err := v.Validate(); err != nil {
+						errors = append(errors, RouteValidationError{
+							field:  fmt.Sprintf("TypedPerFilterConfig[%v]", key),
+							reason: "embedded message failed validation",
+							cause:  err,
+						})
+					}
+				}
+			} else if v, ok := interface{}(val).(interface{ Validate() error }); ok {
+				if err := v.Validate(); err != nil {
+					return RouteValidationError{
+						field:  fmt.Sprintf("TypedPerFilterConfig[%v]", key),
+						reason: "embedded message failed validation",
+						cause:  err,
+					}
+				}
+			}
+
+		}
+	}
+
+	if len(m.GetRequestHeadersToAdd()) > 1000 {
+		err := RouteValidationError{
+			field:  "RequestHeadersToAdd",
+			reason: "value must contain no more than 1000 item(s)",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+	}
+
+	for idx, item := range m.GetRequestHeadersToAdd() {
+		_, _ = idx, item
+
+		if all {
+			switch v := interface{}(item).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, RouteValidationError{
+						field:  fmt.Sprintf("RequestHeadersToAdd[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, RouteValidationError{
+						field:  fmt.Sprintf("RequestHeadersToAdd[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(item).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return RouteValidationError{
+					field:  fmt.Sprintf("RequestHeadersToAdd[%v]", idx),
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	}
+
+	for idx, item := range m.GetRequestHeadersToRemove() {
+		_, _ = idx, item
+
+		if utf8.RuneCountInString(item) < 1 {
+			err := RouteValidationError{
+				field:  fmt.Sprintf("RequestHeadersToRemove[%v]", idx),
+				reason: "value length must be at least 1 runes",
+			}
+			if !all {
+				return err
+			}
+			errors = append(errors, err)
+		}
+
+		if !_Route_RequestHeadersToRemove_Pattern.MatchString(item) {
+			err := RouteValidationError{
+				field:  fmt.Sprintf("RequestHeadersToRemove[%v]", idx),
+				reason: "value does not match regex pattern \"^[^\\x00\\n\\r]*$\"",
+			}
+			if !all {
+				return err
+			}
+			errors = append(errors, err)
+		}
+
+	}
+
+	if len(m.GetResponseHeadersToAdd()) > 1000 {
+		err := RouteValidationError{
+			field:  "ResponseHeadersToAdd",
+			reason: "value must contain no more than 1000 item(s)",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+	}
+
+	for idx, item := range m.GetResponseHeadersToAdd() {
+		_, _ = idx, item
+
+		if all {
+			switch v := interface{}(item).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, RouteValidationError{
+						field:  fmt.Sprintf("ResponseHeadersToAdd[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, RouteValidationError{
+						field:  fmt.Sprintf("ResponseHeadersToAdd[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(item).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return RouteValidationError{
+					field:  fmt.Sprintf("ResponseHeadersToAdd[%v]", idx),
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	}
+
+	for idx, item := range m.GetResponseHeadersToRemove() {
+		_, _ = idx, item
+
+		if utf8.RuneCountInString(item) < 1 {
+			err := RouteValidationError{
+				field:  fmt.Sprintf("ResponseHeadersToRemove[%v]", idx),
+				reason: "value length must be at least 1 runes",
+			}
+			if !all {
+				return err
+			}
+			errors = append(errors, err)
+		}
+
+		if !_Route_ResponseHeadersToRemove_Pattern.MatchString(item) {
+			err := RouteValidationError{
+				field:  fmt.Sprintf("ResponseHeadersToRemove[%v]", idx),
+				reason: "value does not match regex pattern \"^[^\\x00\\n\\r]*$\"",
+			}
+			if !all {
+				return err
+			}
+			errors = append(errors, err)
+		}
+
+	}
+
+	if all {
+		switch v := interface{}(m.GetTracing()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, RouteValidationError{
+					field:  "Tracing",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, RouteValidationError{
+					field:  "Tracing",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetTracing()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return RouteValidationError{
+				field:  "Tracing",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if all {
+		switch v := interface{}(m.GetPerRequestBufferLimitBytes()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, RouteValidationError{
+					field:  "PerRequestBufferLimitBytes",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, RouteValidationError{
+					field:  "PerRequestBufferLimitBytes",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetPerRequestBufferLimitBytes()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return RouteValidationError{
+				field:  "PerRequestBufferLimitBytes",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	switch m.Action.(type) {
+
+	case *Route_Route:
+
+		if all {
+			switch v := interface{}(m.GetRoute()).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, RouteValidationError{
+						field:  "Route",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, RouteValidationError{
+						field:  "Route",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(m.GetRoute()).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return RouteValidationError{
+					field:  "Route",
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	case *Route_Redirect:
+
+		if all {
+			switch v := interface{}(m.GetRedirect()).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, RouteValidationError{
+						field:  "Redirect",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, RouteValidationError{
+						field:  "Redirect",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(m.GetRedirect()).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return RouteValidationError{
+					field:  "Redirect",
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	case *Route_DirectResponse:
+
+		if all {
+			switch v := interface{}(m.GetDirectResponse()).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, RouteValidationError{
+						field:  "DirectResponse",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, RouteValidationError{
+						field:  "DirectResponse",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(m.GetDirectResponse()).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return RouteValidationError{
+					field:  "DirectResponse",
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	case *Route_FilterAction:
+
+		if all {
+			switch v := interface{}(m.GetFilterAction()).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, RouteValidationError{
+						field:  "FilterAction",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, RouteValidationError{
+						field:  "FilterAction",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(m.GetFilterAction()).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return RouteValidationError{
+					field:  "FilterAction",
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	case *Route_NonForwardingAction:
+
+		if all {
+			switch v := interface{}(m.GetNonForwardingAction()).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, RouteValidationError{
+						field:  "NonForwardingAction",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, RouteValidationError{
+						field:  "NonForwardingAction",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(m.GetNonForwardingAction()).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return RouteValidationError{
+					field:  "NonForwardingAction",
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	default:
+		err := RouteValidationError{
+			field:  "Action",
+			reason: "value is required",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+
+	}
+
+	if len(errors) > 0 {
+		return RouteMultiError(errors)
+	}
+	return nil
+}
+
+// RouteMultiError is an error wrapping multiple validation errors returned by
+// Route.ValidateAll() if the designated constraints aren't met.
+type RouteMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m RouteMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m RouteMultiError) AllErrors() []error { return m }
+
+// RouteValidationError is the validation error returned by Route.Validate if
+// the designated constraints aren't met.
+type RouteValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e RouteValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e RouteValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e RouteValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e RouteValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e RouteValidationError) ErrorName() string { return "RouteValidationError" }
+
+// Error satisfies the builtin error interface
+func (e RouteValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sRoute.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = RouteValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = RouteValidationError{}
+
+var _Route_RequestHeadersToRemove_Pattern = regexp.MustCompile("^[^\x00\n\r]*$")
+
+var _Route_ResponseHeadersToRemove_Pattern = regexp.MustCompile("^[^\x00\n\r]*$")
+
+// Validate checks the field values on WeightedCluster with the rules defined
+// in the proto definition for this message. If any rules are violated, the
+// first error encountered is returned, or nil if there are no violations.
+func (m *WeightedCluster) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on WeightedCluster with the rules
+// defined in the proto definition for this message. If any rules are
+// violated, the result is a list of violation errors wrapped in
+// WeightedClusterMultiError, or nil if none found.
+func (m *WeightedCluster) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *WeightedCluster) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	if len(m.GetClusters()) < 1 {
+		err := WeightedClusterValidationError{
+			field:  "Clusters",
+			reason: "value must contain at least 1 item(s)",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+	}
+
+	for idx, item := range m.GetClusters() {
+		_, _ = idx, item
+
+		if all {
+			switch v := interface{}(item).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, WeightedClusterValidationError{
+						field:  fmt.Sprintf("Clusters[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, WeightedClusterValidationError{
+						field:  fmt.Sprintf("Clusters[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(item).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return WeightedClusterValidationError{
+					field:  fmt.Sprintf("Clusters[%v]", idx),
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	}
+
+	if wrapper := m.GetTotalWeight(); wrapper != nil {
+
+		if wrapper.GetValue() < 1 {
+			err := WeightedClusterValidationError{
+				field:  "TotalWeight",
+				reason: "value must be greater than or equal to 1",
+			}
+			if !all {
+				return err
+			}
+			errors = append(errors, err)
+		}
+
+	}
+
+	// no validation rules for RuntimeKeyPrefix
+
+	if len(errors) > 0 {
+		return WeightedClusterMultiError(errors)
+	}
+	return nil
+}
+
+// WeightedClusterMultiError is an error wrapping multiple validation errors
+// returned by WeightedCluster.ValidateAll() if the designated constraints
+// aren't met.
+type WeightedClusterMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m WeightedClusterMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m WeightedClusterMultiError) AllErrors() []error { return m }
+
+// WeightedClusterValidationError is the validation error returned by
+// WeightedCluster.Validate if the designated constraints aren't met.
+type WeightedClusterValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e WeightedClusterValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e WeightedClusterValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e WeightedClusterValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e WeightedClusterValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e WeightedClusterValidationError) ErrorName() string { return "WeightedClusterValidationError" }
+
+// Error satisfies the builtin error interface
+func (e WeightedClusterValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sWeightedCluster.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = WeightedClusterValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = WeightedClusterValidationError{}
+
+// Validate checks the field values on RouteMatch with the rules defined in the
+// proto definition for this message. If any rules are violated, the first
+// error encountered is returned, or nil if there are no violations.
+func (m *RouteMatch) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on RouteMatch with the rules defined in
+// the proto definition for this message. If any rules are violated, the
+// result is a list of violation errors wrapped in RouteMatchMultiError, or
+// nil if none found.
+func (m *RouteMatch) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *RouteMatch) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	if all {
+		switch v := interface{}(m.GetCaseSensitive()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, RouteMatchValidationError{
+					field:  "CaseSensitive",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, RouteMatchValidationError{
+					field:  "CaseSensitive",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetCaseSensitive()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return RouteMatchValidationError{
+				field:  "CaseSensitive",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if all {
+		switch v := interface{}(m.GetRuntimeFraction()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, RouteMatchValidationError{
+					field:  "RuntimeFraction",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, RouteMatchValidationError{
+					field:  "RuntimeFraction",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetRuntimeFraction()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return RouteMatchValidationError{
+				field:  "RuntimeFraction",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	for idx, item := range m.GetHeaders() {
+		_, _ = idx, item
+
+		if all {
+			switch v := interface{}(item).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, RouteMatchValidationError{
+						field:  fmt.Sprintf("Headers[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, RouteMatchValidationError{
+						field:  fmt.Sprintf("Headers[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(item).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return RouteMatchValidationError{
+					field:  fmt.Sprintf("Headers[%v]", idx),
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	}
+
+	for idx, item := range m.GetQueryParameters() {
+		_, _ = idx, item
+
+		if all {
+			switch v := interface{}(item).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, RouteMatchValidationError{
+						field:  fmt.Sprintf("QueryParameters[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, RouteMatchValidationError{
+						field:  fmt.Sprintf("QueryParameters[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(item).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return RouteMatchValidationError{
+					field:  fmt.Sprintf("QueryParameters[%v]", idx),
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	}
+
+	if all {
+		switch v := interface{}(m.GetGrpc()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, RouteMatchValidationError{
+					field:  "Grpc",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, RouteMatchValidationError{
+					field:  "Grpc",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetGrpc()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return RouteMatchValidationError{
+				field:  "Grpc",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if all {
+		switch v := interface{}(m.GetTlsContext()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, RouteMatchValidationError{
+					field:  "TlsContext",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, RouteMatchValidationError{
+					field:  "TlsContext",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetTlsContext()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return RouteMatchValidationError{
+				field:  "TlsContext",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	for idx, item := range m.GetDynamicMetadata() {
+		_, _ = idx, item
+
+		if all {
+			switch v := interface{}(item).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, RouteMatchValidationError{
+						field:  fmt.Sprintf("DynamicMetadata[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, RouteMatchValidationError{
+						field:  fmt.Sprintf("DynamicMetadata[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(item).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return RouteMatchValidationError{
+					field:  fmt.Sprintf("DynamicMetadata[%v]", idx),
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	}
+
+	switch m.PathSpecifier.(type) {
+
+	case *RouteMatch_Prefix:
+		// no validation rules for Prefix
+
+	case *RouteMatch_Path:
+		// no validation rules for Path
+
+	case *RouteMatch_SafeRegex:
+
+		if m.GetSafeRegex() == nil {
+			err := RouteMatchValidationError{
+				field:  "SafeRegex",
+				reason: "value is required",
+			}
+			if !all {
+				return err
+			}
+			errors = append(errors, err)
+		}
+
+		if all {
+			switch v := interface{}(m.GetSafeRegex()).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, RouteMatchValidationError{
+						field:  "SafeRegex",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, RouteMatchValidationError{
+						field:  "SafeRegex",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(m.GetSafeRegex()).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return RouteMatchValidationError{
+					field:  "SafeRegex",
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	case *RouteMatch_ConnectMatcher_:
+
+		if all {
+			switch v := interface{}(m.GetConnectMatcher()).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, RouteMatchValidationError{
+						field:  "ConnectMatcher",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, RouteMatchValidationError{
+						field:  "ConnectMatcher",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(m.GetConnectMatcher()).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return RouteMatchValidationError{
+					field:  "ConnectMatcher",
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	default:
+		err := RouteMatchValidationError{
+			field:  "PathSpecifier",
+			reason: "value is required",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+
+	}
+
+	if len(errors) > 0 {
+		return RouteMatchMultiError(errors)
+	}
+	return nil
+}
+
+// RouteMatchMultiError is an error wrapping multiple validation errors
+// returned by RouteMatch.ValidateAll() if the designated constraints aren't met.
+type RouteMatchMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m RouteMatchMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m RouteMatchMultiError) AllErrors() []error { return m }
+
+// RouteMatchValidationError is the validation error returned by
+// RouteMatch.Validate if the designated constraints aren't met.
+type RouteMatchValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e RouteMatchValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e RouteMatchValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e RouteMatchValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e RouteMatchValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e RouteMatchValidationError) ErrorName() string { return "RouteMatchValidationError" }
+
+// Error satisfies the builtin error interface
+func (e RouteMatchValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sRouteMatch.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = RouteMatchValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = RouteMatchValidationError{}
+
+// Validate checks the field values on CorsPolicy with the rules defined in the
+// proto definition for this message. If any rules are violated, the first
+// error encountered is returned, or nil if there are no violations.
+func (m *CorsPolicy) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on CorsPolicy with the rules defined in
+// the proto definition for this message. If any rules are violated, the
+// result is a list of violation errors wrapped in CorsPolicyMultiError, or
+// nil if none found.
+func (m *CorsPolicy) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *CorsPolicy) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	for idx, item := range m.GetAllowOriginStringMatch() {
+		_, _ = idx, item
+
+		if all {
+			switch v := interface{}(item).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, CorsPolicyValidationError{
+						field:  fmt.Sprintf("AllowOriginStringMatch[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, CorsPolicyValidationError{
+						field:  fmt.Sprintf("AllowOriginStringMatch[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(item).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return CorsPolicyValidationError{
+					field:  fmt.Sprintf("AllowOriginStringMatch[%v]", idx),
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	}
+
+	// no validation rules for AllowMethods
+
+	// no validation rules for AllowHeaders
+
+	// no validation rules for ExposeHeaders
+
+	// no validation rules for MaxAge
+
+	if all {
+		switch v := interface{}(m.GetAllowCredentials()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, CorsPolicyValidationError{
+					field:  "AllowCredentials",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, CorsPolicyValidationError{
+					field:  "AllowCredentials",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetAllowCredentials()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return CorsPolicyValidationError{
+				field:  "AllowCredentials",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if all {
+		switch v := interface{}(m.GetShadowEnabled()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, CorsPolicyValidationError{
+					field:  "ShadowEnabled",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, CorsPolicyValidationError{
+					field:  "ShadowEnabled",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetShadowEnabled()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return CorsPolicyValidationError{
+				field:  "ShadowEnabled",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	switch m.EnabledSpecifier.(type) {
+
+	case *CorsPolicy_FilterEnabled:
+
+		if all {
+			switch v := interface{}(m.GetFilterEnabled()).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, CorsPolicyValidationError{
+						field:  "FilterEnabled",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, CorsPolicyValidationError{
+						field:  "FilterEnabled",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(m.GetFilterEnabled()).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return CorsPolicyValidationError{
+					field:  "FilterEnabled",
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	}
+
+	if len(errors) > 0 {
+		return CorsPolicyMultiError(errors)
+	}
+	return nil
+}
+
+// CorsPolicyMultiError is an error wrapping multiple validation errors
+// returned by CorsPolicy.ValidateAll() if the designated constraints aren't met.
+type CorsPolicyMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m CorsPolicyMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m CorsPolicyMultiError) AllErrors() []error { return m }
+
+// CorsPolicyValidationError is the validation error returned by
+// CorsPolicy.Validate if the designated constraints aren't met.
+type CorsPolicyValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e CorsPolicyValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e CorsPolicyValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e CorsPolicyValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e CorsPolicyValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e CorsPolicyValidationError) ErrorName() string { return "CorsPolicyValidationError" }
+
+// Error satisfies the builtin error interface
+func (e CorsPolicyValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sCorsPolicy.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = CorsPolicyValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = CorsPolicyValidationError{}
+
+// Validate checks the field values on RouteAction with the rules defined in
+// the proto definition for this message. If any rules are violated, the first
+// error encountered is returned, or nil if there are no violations.
+func (m *RouteAction) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on RouteAction with the rules defined in
+// the proto definition for this message. If any rules are violated, the
+// result is a list of violation errors wrapped in RouteActionMultiError, or
+// nil if none found.
+func (m *RouteAction) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *RouteAction) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	if _, ok := RouteAction_ClusterNotFoundResponseCode_name[int32(m.GetClusterNotFoundResponseCode())]; !ok {
+		err := RouteActionValidationError{
+			field:  "ClusterNotFoundResponseCode",
+			reason: "value must be one of the defined enum values",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+	}
+
+	if all {
+		switch v := interface{}(m.GetMetadataMatch()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, RouteActionValidationError{
+					field:  "MetadataMatch",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, RouteActionValidationError{
+					field:  "MetadataMatch",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetMetadataMatch()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return RouteActionValidationError{
+				field:  "MetadataMatch",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if !_RouteAction_PrefixRewrite_Pattern.MatchString(m.GetPrefixRewrite()) {
+		err := RouteActionValidationError{
+			field:  "PrefixRewrite",
+			reason: "value does not match regex pattern \"^[^\\x00\\n\\r]*$\"",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+	}
+
+	if all {
+		switch v := interface{}(m.GetRegexRewrite()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, RouteActionValidationError{
+					field:  "RegexRewrite",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, RouteActionValidationError{
+					field:  "RegexRewrite",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetRegexRewrite()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return RouteActionValidationError{
+				field:  "RegexRewrite",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if all {
+		switch v := interface{}(m.GetTimeout()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, RouteActionValidationError{
+					field:  "Timeout",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, RouteActionValidationError{
+					field:  "Timeout",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetTimeout()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return RouteActionValidationError{
+				field:  "Timeout",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if all {
+		switch v := interface{}(m.GetIdleTimeout()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, RouteActionValidationError{
+					field:  "IdleTimeout",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, RouteActionValidationError{
+					field:  "IdleTimeout",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetIdleTimeout()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return RouteActionValidationError{
+				field:  "IdleTimeout",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if all {
+		switch v := interface{}(m.GetRetryPolicy()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, RouteActionValidationError{
+					field:  "RetryPolicy",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, RouteActionValidationError{
+					field:  "RetryPolicy",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetRetryPolicy()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return RouteActionValidationError{
+				field:  "RetryPolicy",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if all {
+		switch v := interface{}(m.GetRetryPolicyTypedConfig()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, RouteActionValidationError{
+					field:  "RetryPolicyTypedConfig",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, RouteActionValidationError{
+					field:  "RetryPolicyTypedConfig",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetRetryPolicyTypedConfig()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return RouteActionValidationError{
+				field:  "RetryPolicyTypedConfig",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	for idx, item := range m.GetRequestMirrorPolicies() {
+		_, _ = idx, item
+
+		if all {
+			switch v := interface{}(item).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, RouteActionValidationError{
+						field:  fmt.Sprintf("RequestMirrorPolicies[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, RouteActionValidationError{
+						field:  fmt.Sprintf("RequestMirrorPolicies[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(item).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return RouteActionValidationError{
+					field:  fmt.Sprintf("RequestMirrorPolicies[%v]", idx),
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	}
+
+	if _, ok := v3.RoutingPriority_name[int32(m.GetPriority())]; !ok {
+		err := RouteActionValidationError{
+			field:  "Priority",
+			reason: "value must be one of the defined enum values",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+	}
+
+	for idx, item := range m.GetRateLimits() {
+		_, _ = idx, item
+
+		if all {
+			switch v := interface{}(item).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, RouteActionValidationError{
+						field:  fmt.Sprintf("RateLimits[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, RouteActionValidationError{
+						field:  fmt.Sprintf("RateLimits[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(item).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return RouteActionValidationError{
+					field:  fmt.Sprintf("RateLimits[%v]", idx),
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	}
+
+	if all {
+		switch v := interface{}(m.GetIncludeVhRateLimits()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, RouteActionValidationError{
+					field:  "IncludeVhRateLimits",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, RouteActionValidationError{
+					field:  "IncludeVhRateLimits",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetIncludeVhRateLimits()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return RouteActionValidationError{
+				field:  "IncludeVhRateLimits",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	for idx, item := range m.GetHashPolicy() {
+		_, _ = idx, item
+
+		if all {
+			switch v := interface{}(item).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, RouteActionValidationError{
+						field:  fmt.Sprintf("HashPolicy[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, RouteActionValidationError{
+						field:  fmt.Sprintf("HashPolicy[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(item).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return RouteActionValidationError{
+					field:  fmt.Sprintf("HashPolicy[%v]", idx),
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	}
+
+	if all {
+		switch v := interface{}(m.GetCors()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, RouteActionValidationError{
+					field:  "Cors",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, RouteActionValidationError{
+					field:  "Cors",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetCors()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return RouteActionValidationError{
+				field:  "Cors",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if all {
+		switch v := interface{}(m.GetMaxGrpcTimeout()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, RouteActionValidationError{
+					field:  "MaxGrpcTimeout",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, RouteActionValidationError{
+					field:  "MaxGrpcTimeout",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetMaxGrpcTimeout()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return RouteActionValidationError{
+				field:  "MaxGrpcTimeout",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if all {
+		switch v := interface{}(m.GetGrpcTimeoutOffset()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, RouteActionValidationError{
+					field:  "GrpcTimeoutOffset",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, RouteActionValidationError{
+					field:  "GrpcTimeoutOffset",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetGrpcTimeoutOffset()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return RouteActionValidationError{
+				field:  "GrpcTimeoutOffset",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	for idx, item := range m.GetUpgradeConfigs() {
+		_, _ = idx, item
+
+		if all {
+			switch v := interface{}(item).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, RouteActionValidationError{
+						field:  fmt.Sprintf("UpgradeConfigs[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, RouteActionValidationError{
+						field:  fmt.Sprintf("UpgradeConfigs[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(item).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return RouteActionValidationError{
+					field:  fmt.Sprintf("UpgradeConfigs[%v]", idx),
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	}
+
+	if all {
+		switch v := interface{}(m.GetInternalRedirectPolicy()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, RouteActionValidationError{
+					field:  "InternalRedirectPolicy",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, RouteActionValidationError{
+					field:  "InternalRedirectPolicy",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetInternalRedirectPolicy()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return RouteActionValidationError{
+				field:  "InternalRedirectPolicy",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	// no validation rules for InternalRedirectAction
+
+	if all {
+		switch v := interface{}(m.GetMaxInternalRedirects()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, RouteActionValidationError{
+					field:  "MaxInternalRedirects",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, RouteActionValidationError{
+					field:  "MaxInternalRedirects",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetMaxInternalRedirects()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return RouteActionValidationError{
+				field:  "MaxInternalRedirects",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if all {
+		switch v := interface{}(m.GetHedgePolicy()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, RouteActionValidationError{
+					field:  "HedgePolicy",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, RouteActionValidationError{
+					field:  "HedgePolicy",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetHedgePolicy()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return RouteActionValidationError{
+				field:  "HedgePolicy",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if all {
+		switch v := interface{}(m.GetMaxStreamDuration()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, RouteActionValidationError{
+					field:  "MaxStreamDuration",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, RouteActionValidationError{
+					field:  "MaxStreamDuration",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetMaxStreamDuration()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return RouteActionValidationError{
+				field:  "MaxStreamDuration",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	switch m.ClusterSpecifier.(type) {
+
+	case *RouteAction_Cluster:
+
+		if utf8.RuneCountInString(m.GetCluster()) < 1 {
+			err := RouteActionValidationError{
+				field:  "Cluster",
+				reason: "value length must be at least 1 runes",
+			}
+			if !all {
+				return err
+			}
+			errors = append(errors, err)
+		}
+
+	case *RouteAction_ClusterHeader:
+
+		if utf8.RuneCountInString(m.GetClusterHeader()) < 1 {
+			err := RouteActionValidationError{
+				field:  "ClusterHeader",
+				reason: "value length must be at least 1 runes",
+			}
+			if !all {
+				return err
+			}
+			errors = append(errors, err)
+		}
+
+		if !_RouteAction_ClusterHeader_Pattern.MatchString(m.GetClusterHeader()) {
+			err := RouteActionValidationError{
+				field:  "ClusterHeader",
+				reason: "value does not match regex pattern \"^[^\\x00\\n\\r]*$\"",
+			}
+			if !all {
+				return err
+			}
+			errors = append(errors, err)
+		}
+
+	case *RouteAction_WeightedClusters:
+
+		if all {
+			switch v := interface{}(m.GetWeightedClusters()).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, RouteActionValidationError{
+						field:  "WeightedClusters",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, RouteActionValidationError{
+						field:  "WeightedClusters",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(m.GetWeightedClusters()).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return RouteActionValidationError{
+					field:  "WeightedClusters",
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	case *RouteAction_ClusterSpecifierPlugin:
+		// no validation rules for ClusterSpecifierPlugin
+
+	default:
+		err := RouteActionValidationError{
+			field:  "ClusterSpecifier",
+			reason: "value is required",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+
+	}
+
+	switch m.HostRewriteSpecifier.(type) {
+
+	case *RouteAction_HostRewriteLiteral:
+
+		if !_RouteAction_HostRewriteLiteral_Pattern.MatchString(m.GetHostRewriteLiteral()) {
+			err := RouteActionValidationError{
+				field:  "HostRewriteLiteral",
+				reason: "value does not match regex pattern \"^[^\\x00\\n\\r]*$\"",
+			}
+			if !all {
+				return err
+			}
+			errors = append(errors, err)
+		}
+
+	case *RouteAction_AutoHostRewrite:
+
+		if all {
+			switch v := interface{}(m.GetAutoHostRewrite()).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, RouteActionValidationError{
+						field:  "AutoHostRewrite",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, RouteActionValidationError{
+						field:  "AutoHostRewrite",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(m.GetAutoHostRewrite()).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return RouteActionValidationError{
+					field:  "AutoHostRewrite",
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	case *RouteAction_HostRewriteHeader:
+
+		if !_RouteAction_HostRewriteHeader_Pattern.MatchString(m.GetHostRewriteHeader()) {
+			err := RouteActionValidationError{
+				field:  "HostRewriteHeader",
+				reason: "value does not match regex pattern \"^[^\\x00\\n\\r]*$\"",
+			}
+			if !all {
+				return err
+			}
+			errors = append(errors, err)
+		}
+
+	case *RouteAction_HostRewritePathRegex:
+
+		if all {
+			switch v := interface{}(m.GetHostRewritePathRegex()).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, RouteActionValidationError{
+						field:  "HostRewritePathRegex",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, RouteActionValidationError{
+						field:  "HostRewritePathRegex",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(m.GetHostRewritePathRegex()).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return RouteActionValidationError{
+					field:  "HostRewritePathRegex",
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	}
+
+	if len(errors) > 0 {
+		return RouteActionMultiError(errors)
+	}
+	return nil
+}
+
+// RouteActionMultiError is an error wrapping multiple validation errors
+// returned by RouteAction.ValidateAll() if the designated constraints aren't met.
+type RouteActionMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m RouteActionMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m RouteActionMultiError) AllErrors() []error { return m }
+
+// RouteActionValidationError is the validation error returned by
+// RouteAction.Validate if the designated constraints aren't met.
+type RouteActionValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e RouteActionValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e RouteActionValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e RouteActionValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e RouteActionValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e RouteActionValidationError) ErrorName() string { return "RouteActionValidationError" }
+
+// Error satisfies the builtin error interface
+func (e RouteActionValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sRouteAction.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = RouteActionValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = RouteActionValidationError{}
+
+var _RouteAction_ClusterHeader_Pattern = regexp.MustCompile("^[^\x00\n\r]*$")
+
+var _RouteAction_PrefixRewrite_Pattern = regexp.MustCompile("^[^\x00\n\r]*$")
+
+var _RouteAction_HostRewriteLiteral_Pattern = regexp.MustCompile("^[^\x00\n\r]*$")
+
+var _RouteAction_HostRewriteHeader_Pattern = regexp.MustCompile("^[^\x00\n\r]*$")
+
+// Validate checks the field values on RetryPolicy with the rules defined in
+// the proto definition for this message. If any rules are violated, the first
+// error encountered is returned, or nil if there are no violations.
+func (m *RetryPolicy) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on RetryPolicy with the rules defined in
+// the proto definition for this message. If any rules are violated, the
+// result is a list of violation errors wrapped in RetryPolicyMultiError, or
+// nil if none found.
+func (m *RetryPolicy) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *RetryPolicy) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	// no validation rules for RetryOn
+
+	if all {
+		switch v := interface{}(m.GetNumRetries()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, RetryPolicyValidationError{
+					field:  "NumRetries",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, RetryPolicyValidationError{
+					field:  "NumRetries",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetNumRetries()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return RetryPolicyValidationError{
+				field:  "NumRetries",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if all {
+		switch v := interface{}(m.GetPerTryTimeout()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, RetryPolicyValidationError{
+					field:  "PerTryTimeout",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, RetryPolicyValidationError{
+					field:  "PerTryTimeout",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetPerTryTimeout()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return RetryPolicyValidationError{
+				field:  "PerTryTimeout",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if all {
+		switch v := interface{}(m.GetPerTryIdleTimeout()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, RetryPolicyValidationError{
+					field:  "PerTryIdleTimeout",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, RetryPolicyValidationError{
+					field:  "PerTryIdleTimeout",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetPerTryIdleTimeout()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return RetryPolicyValidationError{
+				field:  "PerTryIdleTimeout",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if all {
+		switch v := interface{}(m.GetRetryPriority()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, RetryPolicyValidationError{
+					field:  "RetryPriority",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, RetryPolicyValidationError{
+					field:  "RetryPriority",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetRetryPriority()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return RetryPolicyValidationError{
+				field:  "RetryPriority",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	for idx, item := range m.GetRetryHostPredicate() {
+		_, _ = idx, item
+
+		if all {
+			switch v := interface{}(item).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, RetryPolicyValidationError{
+						field:  fmt.Sprintf("RetryHostPredicate[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, RetryPolicyValidationError{
+						field:  fmt.Sprintf("RetryHostPredicate[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(item).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return RetryPolicyValidationError{
+					field:  fmt.Sprintf("RetryHostPredicate[%v]", idx),
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	}
+
+	for idx, item := range m.GetRetryOptionsPredicates() {
+		_, _ = idx, item
+
+		if all {
+			switch v := interface{}(item).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, RetryPolicyValidationError{
+						field:  fmt.Sprintf("RetryOptionsPredicates[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, RetryPolicyValidationError{
+						field:  fmt.Sprintf("RetryOptionsPredicates[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(item).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return RetryPolicyValidationError{
+					field:  fmt.Sprintf("RetryOptionsPredicates[%v]", idx),
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	}
+
+	// no validation rules for HostSelectionRetryMaxAttempts
+
+	if all {
+		switch v := interface{}(m.GetRetryBackOff()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, RetryPolicyValidationError{
+					field:  "RetryBackOff",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, RetryPolicyValidationError{
+					field:  "RetryBackOff",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetRetryBackOff()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return RetryPolicyValidationError{
+				field:  "RetryBackOff",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if all {
+		switch v := interface{}(m.GetRateLimitedRetryBackOff()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, RetryPolicyValidationError{
+					field:  "RateLimitedRetryBackOff",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, RetryPolicyValidationError{
+					field:  "RateLimitedRetryBackOff",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetRateLimitedRetryBackOff()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return RetryPolicyValidationError{
+				field:  "RateLimitedRetryBackOff",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	for idx, item := range m.GetRetriableHeaders() {
+		_, _ = idx, item
+
+		if all {
+			switch v := interface{}(item).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, RetryPolicyValidationError{
+						field:  fmt.Sprintf("RetriableHeaders[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, RetryPolicyValidationError{
+						field:  fmt.Sprintf("RetriableHeaders[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(item).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return RetryPolicyValidationError{
+					field:  fmt.Sprintf("RetriableHeaders[%v]", idx),
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	}
+
+	for idx, item := range m.GetRetriableRequestHeaders() {
+		_, _ = idx, item
+
+		if all {
+			switch v := interface{}(item).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, RetryPolicyValidationError{
+						field:  fmt.Sprintf("RetriableRequestHeaders[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, RetryPolicyValidationError{
+						field:  fmt.Sprintf("RetriableRequestHeaders[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(item).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return RetryPolicyValidationError{
+					field:  fmt.Sprintf("RetriableRequestHeaders[%v]", idx),
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	}
+
+	if len(errors) > 0 {
+		return RetryPolicyMultiError(errors)
+	}
+	return nil
+}
+
+// RetryPolicyMultiError is an error wrapping multiple validation errors
+// returned by RetryPolicy.ValidateAll() if the designated constraints aren't met.
+type RetryPolicyMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m RetryPolicyMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m RetryPolicyMultiError) AllErrors() []error { return m }
+
+// RetryPolicyValidationError is the validation error returned by
+// RetryPolicy.Validate if the designated constraints aren't met.
+type RetryPolicyValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e RetryPolicyValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e RetryPolicyValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e RetryPolicyValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e RetryPolicyValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e RetryPolicyValidationError) ErrorName() string { return "RetryPolicyValidationError" }
+
+// Error satisfies the builtin error interface
+func (e RetryPolicyValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sRetryPolicy.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = RetryPolicyValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = RetryPolicyValidationError{}
+
+// Validate checks the field values on HedgePolicy with the rules defined in
+// the proto definition for this message. If any rules are violated, the first
+// error encountered is returned, or nil if there are no violations.
+func (m *HedgePolicy) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on HedgePolicy with the rules defined in
+// the proto definition for this message. If any rules are violated, the
+// result is a list of violation errors wrapped in HedgePolicyMultiError, or
+// nil if none found.
+func (m *HedgePolicy) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *HedgePolicy) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	if wrapper := m.GetInitialRequests(); wrapper != nil {
+
+		if wrapper.GetValue() < 1 {
+			err := HedgePolicyValidationError{
+				field:  "InitialRequests",
+				reason: "value must be greater than or equal to 1",
+			}
+			if !all {
+				return err
+			}
+			errors = append(errors, err)
+		}
+
+	}
+
+	if all {
+		switch v := interface{}(m.GetAdditionalRequestChance()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, HedgePolicyValidationError{
+					field:  "AdditionalRequestChance",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, HedgePolicyValidationError{
+					field:  "AdditionalRequestChance",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetAdditionalRequestChance()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return HedgePolicyValidationError{
+				field:  "AdditionalRequestChance",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	// no validation rules for HedgeOnPerTryTimeout
+
+	if len(errors) > 0 {
+		return HedgePolicyMultiError(errors)
+	}
+	return nil
+}
+
+// HedgePolicyMultiError is an error wrapping multiple validation errors
+// returned by HedgePolicy.ValidateAll() if the designated constraints aren't met.
+type HedgePolicyMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m HedgePolicyMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m HedgePolicyMultiError) AllErrors() []error { return m }
+
+// HedgePolicyValidationError is the validation error returned by
+// HedgePolicy.Validate if the designated constraints aren't met.
+type HedgePolicyValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e HedgePolicyValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e HedgePolicyValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e HedgePolicyValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e HedgePolicyValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e HedgePolicyValidationError) ErrorName() string { return "HedgePolicyValidationError" }
+
+// Error satisfies the builtin error interface
+func (e HedgePolicyValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sHedgePolicy.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = HedgePolicyValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = HedgePolicyValidationError{}
+
+// Validate checks the field values on RedirectAction with the rules defined in
+// the proto definition for this message. If any rules are violated, the first
+// error encountered is returned, or nil if there are no violations.
+func (m *RedirectAction) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on RedirectAction with the rules defined
+// in the proto definition for this message. If any rules are violated, the
+// result is a list of violation errors wrapped in RedirectActionMultiError,
+// or nil if none found.
+func (m *RedirectAction) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *RedirectAction) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	if !_RedirectAction_HostRedirect_Pattern.MatchString(m.GetHostRedirect()) {
+		err := RedirectActionValidationError{
+			field:  "HostRedirect",
+			reason: "value does not match regex pattern \"^[^\\x00\\n\\r]*$\"",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+	}
+
+	// no validation rules for PortRedirect
+
+	if _, ok := RedirectAction_RedirectResponseCode_name[int32(m.GetResponseCode())]; !ok {
+		err := RedirectActionValidationError{
+			field:  "ResponseCode",
+			reason: "value must be one of the defined enum values",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+	}
+
+	// no validation rules for StripQuery
+
+	switch m.SchemeRewriteSpecifier.(type) {
+
+	case *RedirectAction_HttpsRedirect:
+		// no validation rules for HttpsRedirect
+
+	case *RedirectAction_SchemeRedirect:
+		// no validation rules for SchemeRedirect
+
+	}
+
+	switch m.PathRewriteSpecifier.(type) {
+
+	case *RedirectAction_PathRedirect:
+
+		if !_RedirectAction_PathRedirect_Pattern.MatchString(m.GetPathRedirect()) {
+			err := RedirectActionValidationError{
+				field:  "PathRedirect",
+				reason: "value does not match regex pattern \"^[^\\x00\\n\\r]*$\"",
+			}
+			if !all {
+				return err
+			}
+			errors = append(errors, err)
+		}
+
+	case *RedirectAction_PrefixRewrite:
+
+		if !_RedirectAction_PrefixRewrite_Pattern.MatchString(m.GetPrefixRewrite()) {
+			err := RedirectActionValidationError{
+				field:  "PrefixRewrite",
+				reason: "value does not match regex pattern \"^[^\\x00\\n\\r]*$\"",
+			}
+			if !all {
+				return err
+			}
+			errors = append(errors, err)
+		}
+
+	case *RedirectAction_RegexRewrite:
+
+		if all {
+			switch v := interface{}(m.GetRegexRewrite()).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, RedirectActionValidationError{
+						field:  "RegexRewrite",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, RedirectActionValidationError{
+						field:  "RegexRewrite",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(m.GetRegexRewrite()).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return RedirectActionValidationError{
+					field:  "RegexRewrite",
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	}
+
+	if len(errors) > 0 {
+		return RedirectActionMultiError(errors)
+	}
+	return nil
+}
+
+// RedirectActionMultiError is an error wrapping multiple validation errors
+// returned by RedirectAction.ValidateAll() if the designated constraints
+// aren't met.
+type RedirectActionMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m RedirectActionMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m RedirectActionMultiError) AllErrors() []error { return m }
+
+// RedirectActionValidationError is the validation error returned by
+// RedirectAction.Validate if the designated constraints aren't met.
+type RedirectActionValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e RedirectActionValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e RedirectActionValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e RedirectActionValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e RedirectActionValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e RedirectActionValidationError) ErrorName() string { return "RedirectActionValidationError" }
+
+// Error satisfies the builtin error interface
+func (e RedirectActionValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sRedirectAction.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = RedirectActionValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = RedirectActionValidationError{}
+
+var _RedirectAction_HostRedirect_Pattern = regexp.MustCompile("^[^\x00\n\r]*$")
+
+var _RedirectAction_PathRedirect_Pattern = regexp.MustCompile("^[^\x00\n\r]*$")
+
+var _RedirectAction_PrefixRewrite_Pattern = regexp.MustCompile("^[^\x00\n\r]*$")
+
+// Validate checks the field values on DirectResponseAction with the rules
+// defined in the proto definition for this message. If any rules are
+// violated, the first error encountered is returned, or nil if there are no violations.
+func (m *DirectResponseAction) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on DirectResponseAction with the rules
+// defined in the proto definition for this message. If any rules are
+// violated, the result is a list of violation errors wrapped in
+// DirectResponseActionMultiError, or nil if none found.
+func (m *DirectResponseAction) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *DirectResponseAction) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	if val := m.GetStatus(); val < 100 || val >= 600 {
+		err := DirectResponseActionValidationError{
+			field:  "Status",
+			reason: "value must be inside range [100, 600)",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+	}
+
+	if all {
+		switch v := interface{}(m.GetBody()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, DirectResponseActionValidationError{
+					field:  "Body",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, DirectResponseActionValidationError{
+					field:  "Body",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetBody()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return DirectResponseActionValidationError{
+				field:  "Body",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if len(errors) > 0 {
+		return DirectResponseActionMultiError(errors)
+	}
+	return nil
+}
+
+// DirectResponseActionMultiError is an error wrapping multiple validation
+// errors returned by DirectResponseAction.ValidateAll() if the designated
+// constraints aren't met.
+type DirectResponseActionMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m DirectResponseActionMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m DirectResponseActionMultiError) AllErrors() []error { return m }
+
+// DirectResponseActionValidationError is the validation error returned by
+// DirectResponseAction.Validate if the designated constraints aren't met.
+type DirectResponseActionValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e DirectResponseActionValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e DirectResponseActionValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e DirectResponseActionValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e DirectResponseActionValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e DirectResponseActionValidationError) ErrorName() string {
+	return "DirectResponseActionValidationError"
+}
+
+// Error satisfies the builtin error interface
+func (e DirectResponseActionValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sDirectResponseAction.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = DirectResponseActionValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = DirectResponseActionValidationError{}
+
+// Validate checks the field values on NonForwardingAction with the rules
+// defined in the proto definition for this message. If any rules are
+// violated, the first error encountered is returned, or nil if there are no violations.
+func (m *NonForwardingAction) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on NonForwardingAction with the rules
+// defined in the proto definition for this message. If any rules are
+// violated, the result is a list of violation errors wrapped in
+// NonForwardingActionMultiError, or nil if none found.
+func (m *NonForwardingAction) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *NonForwardingAction) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	if len(errors) > 0 {
+		return NonForwardingActionMultiError(errors)
+	}
+	return nil
+}
+
+// NonForwardingActionMultiError is an error wrapping multiple validation
+// errors returned by NonForwardingAction.ValidateAll() if the designated
+// constraints aren't met.
+type NonForwardingActionMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m NonForwardingActionMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m NonForwardingActionMultiError) AllErrors() []error { return m }
+
+// NonForwardingActionValidationError is the validation error returned by
+// NonForwardingAction.Validate if the designated constraints aren't met.
+type NonForwardingActionValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e NonForwardingActionValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e NonForwardingActionValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e NonForwardingActionValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e NonForwardingActionValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e NonForwardingActionValidationError) ErrorName() string {
+	return "NonForwardingActionValidationError"
+}
+
+// Error satisfies the builtin error interface
+func (e NonForwardingActionValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sNonForwardingAction.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = NonForwardingActionValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = NonForwardingActionValidationError{}
+
+// Validate checks the field values on Decorator with the rules defined in the
+// proto definition for this message. If any rules are violated, the first
+// error encountered is returned, or nil if there are no violations.
+func (m *Decorator) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on Decorator with the rules defined in
+// the proto definition for this message. If any rules are violated, the
+// result is a list of violation errors wrapped in DecoratorMultiError, or nil
+// if none found.
+func (m *Decorator) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *Decorator) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	if utf8.RuneCountInString(m.GetOperation()) < 1 {
+		err := DecoratorValidationError{
+			field:  "Operation",
+			reason: "value length must be at least 1 runes",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+	}
+
+	if all {
+		switch v := interface{}(m.GetPropagate()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, DecoratorValidationError{
+					field:  "Propagate",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, DecoratorValidationError{
+					field:  "Propagate",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetPropagate()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return DecoratorValidationError{
+				field:  "Propagate",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if len(errors) > 0 {
+		return DecoratorMultiError(errors)
+	}
+	return nil
+}
+
+// DecoratorMultiError is an error wrapping multiple validation errors returned
+// by Decorator.ValidateAll() if the designated constraints aren't met.
+type DecoratorMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m DecoratorMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m DecoratorMultiError) AllErrors() []error { return m }
+
+// DecoratorValidationError is the validation error returned by
+// Decorator.Validate if the designated constraints aren't met.
+type DecoratorValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e DecoratorValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e DecoratorValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e DecoratorValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e DecoratorValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e DecoratorValidationError) ErrorName() string { return "DecoratorValidationError" }
+
+// Error satisfies the builtin error interface
+func (e DecoratorValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sDecorator.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = DecoratorValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = DecoratorValidationError{}
+
+// Validate checks the field values on Tracing with the rules defined in the
+// proto definition for this message. If any rules are violated, the first
+// error encountered is returned, or nil if there are no violations.
+func (m *Tracing) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on Tracing with the rules defined in the
+// proto definition for this message. If any rules are violated, the result is
+// a list of violation errors wrapped in TracingMultiError, or nil if none found.
+func (m *Tracing) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *Tracing) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	if all {
+		switch v := interface{}(m.GetClientSampling()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, TracingValidationError{
+					field:  "ClientSampling",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, TracingValidationError{
+					field:  "ClientSampling",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetClientSampling()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return TracingValidationError{
+				field:  "ClientSampling",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if all {
+		switch v := interface{}(m.GetRandomSampling()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, TracingValidationError{
+					field:  "RandomSampling",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, TracingValidationError{
+					field:  "RandomSampling",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetRandomSampling()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return TracingValidationError{
+				field:  "RandomSampling",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if all {
+		switch v := interface{}(m.GetOverallSampling()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, TracingValidationError{
+					field:  "OverallSampling",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, TracingValidationError{
+					field:  "OverallSampling",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetOverallSampling()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return TracingValidationError{
+				field:  "OverallSampling",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	for idx, item := range m.GetCustomTags() {
+		_, _ = idx, item
+
+		if all {
+			switch v := interface{}(item).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, TracingValidationError{
+						field:  fmt.Sprintf("CustomTags[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, TracingValidationError{
+						field:  fmt.Sprintf("CustomTags[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(item).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return TracingValidationError{
+					field:  fmt.Sprintf("CustomTags[%v]", idx),
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	}
+
+	if len(errors) > 0 {
+		return TracingMultiError(errors)
+	}
+	return nil
+}
+
+// TracingMultiError is an error wrapping multiple validation errors returned
+// by Tracing.ValidateAll() if the designated constraints aren't met.
+type TracingMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m TracingMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m TracingMultiError) AllErrors() []error { return m }
+
+// TracingValidationError is the validation error returned by Tracing.Validate
+// if the designated constraints aren't met.
+type TracingValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e TracingValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e TracingValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e TracingValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e TracingValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e TracingValidationError) ErrorName() string { return "TracingValidationError" }
+
+// Error satisfies the builtin error interface
+func (e TracingValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sTracing.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = TracingValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = TracingValidationError{}
+
+// Validate checks the field values on VirtualCluster with the rules defined in
+// the proto definition for this message. If any rules are violated, the first
+// error encountered is returned, or nil if there are no violations.
+func (m *VirtualCluster) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on VirtualCluster with the rules defined
+// in the proto definition for this message. If any rules are violated, the
+// result is a list of violation errors wrapped in VirtualClusterMultiError,
+// or nil if none found.
+func (m *VirtualCluster) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *VirtualCluster) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	for idx, item := range m.GetHeaders() {
+		_, _ = idx, item
+
+		if all {
+			switch v := interface{}(item).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, VirtualClusterValidationError{
+						field:  fmt.Sprintf("Headers[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, VirtualClusterValidationError{
+						field:  fmt.Sprintf("Headers[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(item).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return VirtualClusterValidationError{
+					field:  fmt.Sprintf("Headers[%v]", idx),
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	}
+
+	if utf8.RuneCountInString(m.GetName()) < 1 {
+		err := VirtualClusterValidationError{
+			field:  "Name",
+			reason: "value length must be at least 1 runes",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+	}
+
+	if len(errors) > 0 {
+		return VirtualClusterMultiError(errors)
+	}
+	return nil
+}
+
+// VirtualClusterMultiError is an error wrapping multiple validation errors
+// returned by VirtualCluster.ValidateAll() if the designated constraints
+// aren't met.
+type VirtualClusterMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m VirtualClusterMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m VirtualClusterMultiError) AllErrors() []error { return m }
+
+// VirtualClusterValidationError is the validation error returned by
+// VirtualCluster.Validate if the designated constraints aren't met.
+type VirtualClusterValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e VirtualClusterValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e VirtualClusterValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e VirtualClusterValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e VirtualClusterValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e VirtualClusterValidationError) ErrorName() string { return "VirtualClusterValidationError" }
+
+// Error satisfies the builtin error interface
+func (e VirtualClusterValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sVirtualCluster.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = VirtualClusterValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = VirtualClusterValidationError{}
+
+// Validate checks the field values on RateLimit with the rules defined in the
+// proto definition for this message. If any rules are violated, the first
+// error encountered is returned, or nil if there are no violations.
+func (m *RateLimit) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on RateLimit with the rules defined in
+// the proto definition for this message. If any rules are violated, the
+// result is a list of violation errors wrapped in RateLimitMultiError, or nil
+// if none found.
+func (m *RateLimit) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *RateLimit) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	if wrapper := m.GetStage(); wrapper != nil {
+
+		if wrapper.GetValue() > 10 {
+			err := RateLimitValidationError{
+				field:  "Stage",
+				reason: "value must be less than or equal to 10",
+			}
+			if !all {
+				return err
+			}
+			errors = append(errors, err)
+		}
+
+	}
+
+	// no validation rules for DisableKey
+
+	if len(m.GetActions()) < 1 {
+		err := RateLimitValidationError{
+			field:  "Actions",
+			reason: "value must contain at least 1 item(s)",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+	}
+
+	for idx, item := range m.GetActions() {
+		_, _ = idx, item
+
+		if all {
+			switch v := interface{}(item).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, RateLimitValidationError{
+						field:  fmt.Sprintf("Actions[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, RateLimitValidationError{
+						field:  fmt.Sprintf("Actions[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(item).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return RateLimitValidationError{
+					field:  fmt.Sprintf("Actions[%v]", idx),
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	}
+
+	if all {
+		switch v := interface{}(m.GetLimit()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, RateLimitValidationError{
+					field:  "Limit",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, RateLimitValidationError{
+					field:  "Limit",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetLimit()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return RateLimitValidationError{
+				field:  "Limit",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if len(errors) > 0 {
+		return RateLimitMultiError(errors)
+	}
+	return nil
+}
+
+// RateLimitMultiError is an error wrapping multiple validation errors returned
+// by RateLimit.ValidateAll() if the designated constraints aren't met.
+type RateLimitMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m RateLimitMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m RateLimitMultiError) AllErrors() []error { return m }
+
+// RateLimitValidationError is the validation error returned by
+// RateLimit.Validate if the designated constraints aren't met.
+type RateLimitValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e RateLimitValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e RateLimitValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e RateLimitValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e RateLimitValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e RateLimitValidationError) ErrorName() string { return "RateLimitValidationError" }
+
+// Error satisfies the builtin error interface
+func (e RateLimitValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sRateLimit.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = RateLimitValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = RateLimitValidationError{}
+
+// Validate checks the field values on HeaderMatcher with the rules defined in
+// the proto definition for this message. If any rules are violated, the first
+// error encountered is returned, or nil if there are no violations.
+func (m *HeaderMatcher) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on HeaderMatcher with the rules defined
+// in the proto definition for this message. If any rules are violated, the
+// result is a list of violation errors wrapped in HeaderMatcherMultiError, or
+// nil if none found.
+func (m *HeaderMatcher) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *HeaderMatcher) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	if utf8.RuneCountInString(m.GetName()) < 1 {
+		err := HeaderMatcherValidationError{
+			field:  "Name",
+			reason: "value length must be at least 1 runes",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+	}
+
+	if !_HeaderMatcher_Name_Pattern.MatchString(m.GetName()) {
+		err := HeaderMatcherValidationError{
+			field:  "Name",
+			reason: "value does not match regex pattern \"^[^\\x00\\n\\r]*$\"",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+	}
+
+	// no validation rules for InvertMatch
+
+	switch m.HeaderMatchSpecifier.(type) {
+
+	case *HeaderMatcher_ExactMatch:
+		// no validation rules for ExactMatch
+
+	case *HeaderMatcher_SafeRegexMatch:
+
+		if all {
+			switch v := interface{}(m.GetSafeRegexMatch()).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, HeaderMatcherValidationError{
+						field:  "SafeRegexMatch",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, HeaderMatcherValidationError{
+						field:  "SafeRegexMatch",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(m.GetSafeRegexMatch()).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return HeaderMatcherValidationError{
+					field:  "SafeRegexMatch",
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	case *HeaderMatcher_RangeMatch:
+
+		if all {
+			switch v := interface{}(m.GetRangeMatch()).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, HeaderMatcherValidationError{
+						field:  "RangeMatch",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, HeaderMatcherValidationError{
+						field:  "RangeMatch",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(m.GetRangeMatch()).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return HeaderMatcherValidationError{
+					field:  "RangeMatch",
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	case *HeaderMatcher_PresentMatch:
+		// no validation rules for PresentMatch
+
+	case *HeaderMatcher_PrefixMatch:
+
+		if utf8.RuneCountInString(m.GetPrefixMatch()) < 1 {
+			err := HeaderMatcherValidationError{
+				field:  "PrefixMatch",
+				reason: "value length must be at least 1 runes",
+			}
+			if !all {
+				return err
+			}
+			errors = append(errors, err)
+		}
+
+	case *HeaderMatcher_SuffixMatch:
+
+		if utf8.RuneCountInString(m.GetSuffixMatch()) < 1 {
+			err := HeaderMatcherValidationError{
+				field:  "SuffixMatch",
+				reason: "value length must be at least 1 runes",
+			}
+			if !all {
+				return err
+			}
+			errors = append(errors, err)
+		}
+
+	case *HeaderMatcher_ContainsMatch:
+
+		if utf8.RuneCountInString(m.GetContainsMatch()) < 1 {
+			err := HeaderMatcherValidationError{
+				field:  "ContainsMatch",
+				reason: "value length must be at least 1 runes",
+			}
+			if !all {
+				return err
+			}
+			errors = append(errors, err)
+		}
+
+	case *HeaderMatcher_StringMatch:
+
+		if all {
+			switch v := interface{}(m.GetStringMatch()).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, HeaderMatcherValidationError{
+						field:  "StringMatch",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, HeaderMatcherValidationError{
+						field:  "StringMatch",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(m.GetStringMatch()).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return HeaderMatcherValidationError{
+					field:  "StringMatch",
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	}
+
+	if len(errors) > 0 {
+		return HeaderMatcherMultiError(errors)
+	}
+	return nil
+}
+
+// HeaderMatcherMultiError is an error wrapping multiple validation errors
+// returned by HeaderMatcher.ValidateAll() if the designated constraints
+// aren't met.
+type HeaderMatcherMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m HeaderMatcherMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m HeaderMatcherMultiError) AllErrors() []error { return m }
+
+// HeaderMatcherValidationError is the validation error returned by
+// HeaderMatcher.Validate if the designated constraints aren't met.
+type HeaderMatcherValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e HeaderMatcherValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e HeaderMatcherValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e HeaderMatcherValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e HeaderMatcherValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e HeaderMatcherValidationError) ErrorName() string { return "HeaderMatcherValidationError" }
+
+// Error satisfies the builtin error interface
+func (e HeaderMatcherValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sHeaderMatcher.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = HeaderMatcherValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = HeaderMatcherValidationError{}
+
+var _HeaderMatcher_Name_Pattern = regexp.MustCompile("^[^\x00\n\r]*$")
+
+// Validate checks the field values on QueryParameterMatcher with the rules
+// defined in the proto definition for this message. If any rules are
+// violated, the first error encountered is returned, or nil if there are no violations.
+func (m *QueryParameterMatcher) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on QueryParameterMatcher with the rules
+// defined in the proto definition for this message. If any rules are
+// violated, the result is a list of violation errors wrapped in
+// QueryParameterMatcherMultiError, or nil if none found.
+func (m *QueryParameterMatcher) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *QueryParameterMatcher) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	if utf8.RuneCountInString(m.GetName()) < 1 {
+		err := QueryParameterMatcherValidationError{
+			field:  "Name",
+			reason: "value length must be at least 1 runes",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+	}
+
+	if len(m.GetName()) > 1024 {
+		err := QueryParameterMatcherValidationError{
+			field:  "Name",
+			reason: "value length must be at most 1024 bytes",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+	}
+
+	switch m.QueryParameterMatchSpecifier.(type) {
+
+	case *QueryParameterMatcher_StringMatch:
+
+		if m.GetStringMatch() == nil {
+			err := QueryParameterMatcherValidationError{
+				field:  "StringMatch",
+				reason: "value is required",
+			}
+			if !all {
+				return err
+			}
+			errors = append(errors, err)
+		}
+
+		if all {
+			switch v := interface{}(m.GetStringMatch()).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, QueryParameterMatcherValidationError{
+						field:  "StringMatch",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, QueryParameterMatcherValidationError{
+						field:  "StringMatch",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(m.GetStringMatch()).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return QueryParameterMatcherValidationError{
+					field:  "StringMatch",
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	case *QueryParameterMatcher_PresentMatch:
+		// no validation rules for PresentMatch
+
+	}
+
+	if len(errors) > 0 {
+		return QueryParameterMatcherMultiError(errors)
+	}
+	return nil
+}
+
+// QueryParameterMatcherMultiError is an error wrapping multiple validation
+// errors returned by QueryParameterMatcher.ValidateAll() if the designated
+// constraints aren't met.
+type QueryParameterMatcherMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m QueryParameterMatcherMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m QueryParameterMatcherMultiError) AllErrors() []error { return m }
+
+// QueryParameterMatcherValidationError is the validation error returned by
+// QueryParameterMatcher.Validate if the designated constraints aren't met.
+type QueryParameterMatcherValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e QueryParameterMatcherValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e QueryParameterMatcherValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e QueryParameterMatcherValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e QueryParameterMatcherValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e QueryParameterMatcherValidationError) ErrorName() string {
+	return "QueryParameterMatcherValidationError"
+}
+
+// Error satisfies the builtin error interface
+func (e QueryParameterMatcherValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sQueryParameterMatcher.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = QueryParameterMatcherValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = QueryParameterMatcherValidationError{}
+
+// Validate checks the field values on InternalRedirectPolicy with the rules
+// defined in the proto definition for this message. If any rules are
+// violated, the first error encountered is returned, or nil if there are no violations.
+func (m *InternalRedirectPolicy) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on InternalRedirectPolicy with the rules
+// defined in the proto definition for this message. If any rules are
+// violated, the result is a list of violation errors wrapped in
+// InternalRedirectPolicyMultiError, or nil if none found.
+func (m *InternalRedirectPolicy) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *InternalRedirectPolicy) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	if all {
+		switch v := interface{}(m.GetMaxInternalRedirects()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, InternalRedirectPolicyValidationError{
+					field:  "MaxInternalRedirects",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, InternalRedirectPolicyValidationError{
+					field:  "MaxInternalRedirects",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetMaxInternalRedirects()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return InternalRedirectPolicyValidationError{
+				field:  "MaxInternalRedirects",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if len(m.GetRedirectResponseCodes()) > 5 {
+		err := InternalRedirectPolicyValidationError{
+			field:  "RedirectResponseCodes",
+			reason: "value must contain no more than 5 item(s)",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+	}
+
+	for idx, item := range m.GetPredicates() {
+		_, _ = idx, item
+
+		if all {
+			switch v := interface{}(item).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, InternalRedirectPolicyValidationError{
+						field:  fmt.Sprintf("Predicates[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, InternalRedirectPolicyValidationError{
+						field:  fmt.Sprintf("Predicates[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(item).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return InternalRedirectPolicyValidationError{
+					field:  fmt.Sprintf("Predicates[%v]", idx),
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	}
+
+	// no validation rules for AllowCrossSchemeRedirect
+
+	if len(errors) > 0 {
+		return InternalRedirectPolicyMultiError(errors)
+	}
+	return nil
+}
+
+// InternalRedirectPolicyMultiError is an error wrapping multiple validation
+// errors returned by InternalRedirectPolicy.ValidateAll() if the designated
+// constraints aren't met.
+type InternalRedirectPolicyMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m InternalRedirectPolicyMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m InternalRedirectPolicyMultiError) AllErrors() []error { return m }
+
+// InternalRedirectPolicyValidationError is the validation error returned by
+// InternalRedirectPolicy.Validate if the designated constraints aren't met.
+type InternalRedirectPolicyValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e InternalRedirectPolicyValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e InternalRedirectPolicyValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e InternalRedirectPolicyValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e InternalRedirectPolicyValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e InternalRedirectPolicyValidationError) ErrorName() string {
+	return "InternalRedirectPolicyValidationError"
+}
+
+// Error satisfies the builtin error interface
+func (e InternalRedirectPolicyValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sInternalRedirectPolicy.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = InternalRedirectPolicyValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = InternalRedirectPolicyValidationError{}
+
+// Validate checks the field values on FilterConfig with the rules defined in
+// the proto definition for this message. If any rules are violated, the first
+// error encountered is returned, or nil if there are no violations.
+func (m *FilterConfig) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on FilterConfig with the rules defined
+// in the proto definition for this message. If any rules are violated, the
+// result is a list of violation errors wrapped in FilterConfigMultiError, or
+// nil if none found.
+func (m *FilterConfig) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *FilterConfig) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	if all {
+		switch v := interface{}(m.GetConfig()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, FilterConfigValidationError{
+					field:  "Config",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, FilterConfigValidationError{
+					field:  "Config",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetConfig()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return FilterConfigValidationError{
+				field:  "Config",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	// no validation rules for IsOptional
+
+	if len(errors) > 0 {
+		return FilterConfigMultiError(errors)
+	}
+	return nil
+}
+
+// FilterConfigMultiError is an error wrapping multiple validation errors
+// returned by FilterConfig.ValidateAll() if the designated constraints aren't met.
+type FilterConfigMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m FilterConfigMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m FilterConfigMultiError) AllErrors() []error { return m }
+
+// FilterConfigValidationError is the validation error returned by
+// FilterConfig.Validate if the designated constraints aren't met.
+type FilterConfigValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e FilterConfigValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e FilterConfigValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e FilterConfigValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e FilterConfigValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e FilterConfigValidationError) ErrorName() string { return "FilterConfigValidationError" }
+
+// Error satisfies the builtin error interface
+func (e FilterConfigValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sFilterConfig.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = FilterConfigValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = FilterConfigValidationError{}
+
+// Validate checks the field values on WeightedCluster_ClusterWeight with the
+// rules defined in the proto definition for this message. If any rules are
+// violated, the first error encountered is returned, or nil if there are no violations.
+func (m *WeightedCluster_ClusterWeight) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on WeightedCluster_ClusterWeight with
+// the rules defined in the proto definition for this message. If any rules
+// are violated, the result is a list of violation errors wrapped in
+// WeightedCluster_ClusterWeightMultiError, or nil if none found.
+func (m *WeightedCluster_ClusterWeight) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *WeightedCluster_ClusterWeight) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	// no validation rules for Name
+
+	if !_WeightedCluster_ClusterWeight_ClusterHeader_Pattern.MatchString(m.GetClusterHeader()) {
+		err := WeightedCluster_ClusterWeightValidationError{
+			field:  "ClusterHeader",
+			reason: "value does not match regex pattern \"^[^\\x00\\n\\r]*$\"",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+	}
+
+	if all {
+		switch v := interface{}(m.GetWeight()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, WeightedCluster_ClusterWeightValidationError{
+					field:  "Weight",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, WeightedCluster_ClusterWeightValidationError{
+					field:  "Weight",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetWeight()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return WeightedCluster_ClusterWeightValidationError{
+				field:  "Weight",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if all {
+		switch v := interface{}(m.GetMetadataMatch()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, WeightedCluster_ClusterWeightValidationError{
+					field:  "MetadataMatch",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, WeightedCluster_ClusterWeightValidationError{
+					field:  "MetadataMatch",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetMetadataMatch()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return WeightedCluster_ClusterWeightValidationError{
+				field:  "MetadataMatch",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if len(m.GetRequestHeadersToAdd()) > 1000 {
+		err := WeightedCluster_ClusterWeightValidationError{
+			field:  "RequestHeadersToAdd",
+			reason: "value must contain no more than 1000 item(s)",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+	}
+
+	for idx, item := range m.GetRequestHeadersToAdd() {
+		_, _ = idx, item
+
+		if all {
+			switch v := interface{}(item).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, WeightedCluster_ClusterWeightValidationError{
+						field:  fmt.Sprintf("RequestHeadersToAdd[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, WeightedCluster_ClusterWeightValidationError{
+						field:  fmt.Sprintf("RequestHeadersToAdd[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(item).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return WeightedCluster_ClusterWeightValidationError{
+					field:  fmt.Sprintf("RequestHeadersToAdd[%v]", idx),
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	}
+
+	for idx, item := range m.GetRequestHeadersToRemove() {
+		_, _ = idx, item
+
+		if !_WeightedCluster_ClusterWeight_RequestHeadersToRemove_Pattern.MatchString(item) {
+			err := WeightedCluster_ClusterWeightValidationError{
+				field:  fmt.Sprintf("RequestHeadersToRemove[%v]", idx),
+				reason: "value does not match regex pattern \"^[^\\x00\\n\\r]*$\"",
+			}
+			if !all {
+				return err
+			}
+			errors = append(errors, err)
+		}
+
+	}
+
+	if len(m.GetResponseHeadersToAdd()) > 1000 {
+		err := WeightedCluster_ClusterWeightValidationError{
+			field:  "ResponseHeadersToAdd",
+			reason: "value must contain no more than 1000 item(s)",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+	}
+
+	for idx, item := range m.GetResponseHeadersToAdd() {
+		_, _ = idx, item
+
+		if all {
+			switch v := interface{}(item).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, WeightedCluster_ClusterWeightValidationError{
+						field:  fmt.Sprintf("ResponseHeadersToAdd[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, WeightedCluster_ClusterWeightValidationError{
+						field:  fmt.Sprintf("ResponseHeadersToAdd[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(item).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return WeightedCluster_ClusterWeightValidationError{
+					field:  fmt.Sprintf("ResponseHeadersToAdd[%v]", idx),
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	}
+
+	for idx, item := range m.GetResponseHeadersToRemove() {
+		_, _ = idx, item
+
+		if !_WeightedCluster_ClusterWeight_ResponseHeadersToRemove_Pattern.MatchString(item) {
+			err := WeightedCluster_ClusterWeightValidationError{
+				field:  fmt.Sprintf("ResponseHeadersToRemove[%v]", idx),
+				reason: "value does not match regex pattern \"^[^\\x00\\n\\r]*$\"",
+			}
+			if !all {
+				return err
+			}
+			errors = append(errors, err)
+		}
+
+	}
+
+	{
+		sorted_keys := make([]string, len(m.GetTypedPerFilterConfig()))
+		i := 0
+		for key := range m.GetTypedPerFilterConfig() {
+			sorted_keys[i] = key
+			i++
+		}
+		sort.Slice(sorted_keys, func(i, j int) bool { return sorted_keys[i] < sorted_keys[j] })
+		for _, key := range sorted_keys {
+			val := m.GetTypedPerFilterConfig()[key]
+			_ = val
+
+			// no validation rules for TypedPerFilterConfig[key]
+
+			if all {
+				switch v := interface{}(val).(type) {
+				case interface{ ValidateAll() error }:
+					if err := v.ValidateAll(); err != nil {
+						errors = append(errors, WeightedCluster_ClusterWeightValidationError{
+							field:  fmt.Sprintf("TypedPerFilterConfig[%v]", key),
+							reason: "embedded message failed validation",
+							cause:  err,
+						})
+					}
+				case interface{ Validate() error }:
+					if err := v.Validate(); err != nil {
+						errors = append(errors, WeightedCluster_ClusterWeightValidationError{
+							field:  fmt.Sprintf("TypedPerFilterConfig[%v]", key),
+							reason: "embedded message failed validation",
+							cause:  err,
+						})
+					}
+				}
+			} else if v, ok := interface{}(val).(interface{ Validate() error }); ok {
+				if err := v.Validate(); err != nil {
+					return WeightedCluster_ClusterWeightValidationError{
+						field:  fmt.Sprintf("TypedPerFilterConfig[%v]", key),
+						reason: "embedded message failed validation",
+						cause:  err,
+					}
+				}
+			}
+
+		}
+	}
+
+	switch m.HostRewriteSpecifier.(type) {
+
+	case *WeightedCluster_ClusterWeight_HostRewriteLiteral:
+
+		if !_WeightedCluster_ClusterWeight_HostRewriteLiteral_Pattern.MatchString(m.GetHostRewriteLiteral()) {
+			err := WeightedCluster_ClusterWeightValidationError{
+				field:  "HostRewriteLiteral",
+				reason: "value does not match regex pattern \"^[^\\x00\\n\\r]*$\"",
+			}
+			if !all {
+				return err
+			}
+			errors = append(errors, err)
+		}
+
+	}
+
+	if len(errors) > 0 {
+		return WeightedCluster_ClusterWeightMultiError(errors)
+	}
+	return nil
+}
+
+// WeightedCluster_ClusterWeightMultiError is an error wrapping multiple
+// validation errors returned by WeightedCluster_ClusterWeight.ValidateAll()
+// if the designated constraints aren't met.
+type WeightedCluster_ClusterWeightMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m WeightedCluster_ClusterWeightMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m WeightedCluster_ClusterWeightMultiError) AllErrors() []error { return m }
+
+// WeightedCluster_ClusterWeightValidationError is the validation error
+// returned by WeightedCluster_ClusterWeight.Validate if the designated
+// constraints aren't met.
+type WeightedCluster_ClusterWeightValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e WeightedCluster_ClusterWeightValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e WeightedCluster_ClusterWeightValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e WeightedCluster_ClusterWeightValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e WeightedCluster_ClusterWeightValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e WeightedCluster_ClusterWeightValidationError) ErrorName() string {
+	return "WeightedCluster_ClusterWeightValidationError"
+}
+
+// Error satisfies the builtin error interface
+func (e WeightedCluster_ClusterWeightValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sWeightedCluster_ClusterWeight.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = WeightedCluster_ClusterWeightValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = WeightedCluster_ClusterWeightValidationError{}
+
+var _WeightedCluster_ClusterWeight_ClusterHeader_Pattern = regexp.MustCompile("^[^\x00\n\r]*$")
+
+var _WeightedCluster_ClusterWeight_RequestHeadersToRemove_Pattern = regexp.MustCompile("^[^\x00\n\r]*$")
+
+var _WeightedCluster_ClusterWeight_ResponseHeadersToRemove_Pattern = regexp.MustCompile("^[^\x00\n\r]*$")
+
+var _WeightedCluster_ClusterWeight_HostRewriteLiteral_Pattern = regexp.MustCompile("^[^\x00\n\r]*$")
+
+// Validate checks the field values on RouteMatch_GrpcRouteMatchOptions with
+// the rules defined in the proto definition for this message. If any rules
+// are violated, the first error encountered is returned, or nil if there are
+// no violations.
+func (m *RouteMatch_GrpcRouteMatchOptions) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on RouteMatch_GrpcRouteMatchOptions with
+// the rules defined in the proto definition for this message. If any rules
+// are violated, the result is a list of violation errors wrapped in
+// RouteMatch_GrpcRouteMatchOptionsMultiError, or nil if none found.
+func (m *RouteMatch_GrpcRouteMatchOptions) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *RouteMatch_GrpcRouteMatchOptions) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	if len(errors) > 0 {
+		return RouteMatch_GrpcRouteMatchOptionsMultiError(errors)
+	}
+	return nil
+}
+
+// RouteMatch_GrpcRouteMatchOptionsMultiError is an error wrapping multiple
+// validation errors returned by
+// RouteMatch_GrpcRouteMatchOptions.ValidateAll() if the designated
+// constraints aren't met.
+type RouteMatch_GrpcRouteMatchOptionsMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m RouteMatch_GrpcRouteMatchOptionsMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m RouteMatch_GrpcRouteMatchOptionsMultiError) AllErrors() []error { return m }
+
+// RouteMatch_GrpcRouteMatchOptionsValidationError is the validation error
+// returned by RouteMatch_GrpcRouteMatchOptions.Validate if the designated
+// constraints aren't met.
+type RouteMatch_GrpcRouteMatchOptionsValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e RouteMatch_GrpcRouteMatchOptionsValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e RouteMatch_GrpcRouteMatchOptionsValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e RouteMatch_GrpcRouteMatchOptionsValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e RouteMatch_GrpcRouteMatchOptionsValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e RouteMatch_GrpcRouteMatchOptionsValidationError) ErrorName() string {
+	return "RouteMatch_GrpcRouteMatchOptionsValidationError"
+}
+
+// Error satisfies the builtin error interface
+func (e RouteMatch_GrpcRouteMatchOptionsValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sRouteMatch_GrpcRouteMatchOptions.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = RouteMatch_GrpcRouteMatchOptionsValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = RouteMatch_GrpcRouteMatchOptionsValidationError{}
+
+// Validate checks the field values on RouteMatch_TlsContextMatchOptions with
+// the rules defined in the proto definition for this message. If any rules
+// are violated, the first error encountered is returned, or nil if there are
+// no violations.
+func (m *RouteMatch_TlsContextMatchOptions) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on RouteMatch_TlsContextMatchOptions
+// with the rules defined in the proto definition for this message. If any
+// rules are violated, the result is a list of violation errors wrapped in
+// RouteMatch_TlsContextMatchOptionsMultiError, or nil if none found.
+func (m *RouteMatch_TlsContextMatchOptions) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *RouteMatch_TlsContextMatchOptions) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	if all {
+		switch v := interface{}(m.GetPresented()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, RouteMatch_TlsContextMatchOptionsValidationError{
+					field:  "Presented",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, RouteMatch_TlsContextMatchOptionsValidationError{
+					field:  "Presented",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetPresented()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return RouteMatch_TlsContextMatchOptionsValidationError{
+				field:  "Presented",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if all {
+		switch v := interface{}(m.GetValidated()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, RouteMatch_TlsContextMatchOptionsValidationError{
+					field:  "Validated",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, RouteMatch_TlsContextMatchOptionsValidationError{
+					field:  "Validated",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetValidated()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return RouteMatch_TlsContextMatchOptionsValidationError{
+				field:  "Validated",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if len(errors) > 0 {
+		return RouteMatch_TlsContextMatchOptionsMultiError(errors)
+	}
+	return nil
+}
+
+// RouteMatch_TlsContextMatchOptionsMultiError is an error wrapping multiple
+// validation errors returned by
+// RouteMatch_TlsContextMatchOptions.ValidateAll() if the designated
+// constraints aren't met.
+type RouteMatch_TlsContextMatchOptionsMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m RouteMatch_TlsContextMatchOptionsMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m RouteMatch_TlsContextMatchOptionsMultiError) AllErrors() []error { return m }
+
+// RouteMatch_TlsContextMatchOptionsValidationError is the validation error
+// returned by RouteMatch_TlsContextMatchOptions.Validate if the designated
+// constraints aren't met.
+type RouteMatch_TlsContextMatchOptionsValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e RouteMatch_TlsContextMatchOptionsValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e RouteMatch_TlsContextMatchOptionsValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e RouteMatch_TlsContextMatchOptionsValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e RouteMatch_TlsContextMatchOptionsValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e RouteMatch_TlsContextMatchOptionsValidationError) ErrorName() string {
+	return "RouteMatch_TlsContextMatchOptionsValidationError"
+}
+
+// Error satisfies the builtin error interface
+func (e RouteMatch_TlsContextMatchOptionsValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sRouteMatch_TlsContextMatchOptions.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = RouteMatch_TlsContextMatchOptionsValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = RouteMatch_TlsContextMatchOptionsValidationError{}
+
+// Validate checks the field values on RouteMatch_ConnectMatcher with the rules
+// defined in the proto definition for this message. If any rules are
+// violated, the first error encountered is returned, or nil if there are no violations.
+func (m *RouteMatch_ConnectMatcher) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on RouteMatch_ConnectMatcher with the
+// rules defined in the proto definition for this message. If any rules are
+// violated, the result is a list of violation errors wrapped in
+// RouteMatch_ConnectMatcherMultiError, or nil if none found.
+func (m *RouteMatch_ConnectMatcher) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *RouteMatch_ConnectMatcher) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	if len(errors) > 0 {
+		return RouteMatch_ConnectMatcherMultiError(errors)
+	}
+	return nil
+}
+
+// RouteMatch_ConnectMatcherMultiError is an error wrapping multiple validation
+// errors returned by RouteMatch_ConnectMatcher.ValidateAll() if the
+// designated constraints aren't met.
+type RouteMatch_ConnectMatcherMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m RouteMatch_ConnectMatcherMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m RouteMatch_ConnectMatcherMultiError) AllErrors() []error { return m }
+
+// RouteMatch_ConnectMatcherValidationError is the validation error returned by
+// RouteMatch_ConnectMatcher.Validate if the designated constraints aren't met.
+type RouteMatch_ConnectMatcherValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e RouteMatch_ConnectMatcherValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e RouteMatch_ConnectMatcherValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e RouteMatch_ConnectMatcherValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e RouteMatch_ConnectMatcherValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e RouteMatch_ConnectMatcherValidationError) ErrorName() string {
+	return "RouteMatch_ConnectMatcherValidationError"
+}
+
+// Error satisfies the builtin error interface
+func (e RouteMatch_ConnectMatcherValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sRouteMatch_ConnectMatcher.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = RouteMatch_ConnectMatcherValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = RouteMatch_ConnectMatcherValidationError{}
+
+// Validate checks the field values on RouteAction_RequestMirrorPolicy with the
+// rules defined in the proto definition for this message. If any rules are
+// violated, the first error encountered is returned, or nil if there are no violations.
+func (m *RouteAction_RequestMirrorPolicy) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on RouteAction_RequestMirrorPolicy with
+// the rules defined in the proto definition for this message. If any rules
+// are violated, the result is a list of violation errors wrapped in
+// RouteAction_RequestMirrorPolicyMultiError, or nil if none found.
+func (m *RouteAction_RequestMirrorPolicy) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *RouteAction_RequestMirrorPolicy) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	if utf8.RuneCountInString(m.GetCluster()) < 1 {
+		err := RouteAction_RequestMirrorPolicyValidationError{
+			field:  "Cluster",
+			reason: "value length must be at least 1 runes",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+	}
+
+	if all {
+		switch v := interface{}(m.GetRuntimeFraction()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, RouteAction_RequestMirrorPolicyValidationError{
+					field:  "RuntimeFraction",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, RouteAction_RequestMirrorPolicyValidationError{
+					field:  "RuntimeFraction",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetRuntimeFraction()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return RouteAction_RequestMirrorPolicyValidationError{
+				field:  "RuntimeFraction",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if all {
+		switch v := interface{}(m.GetTraceSampled()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, RouteAction_RequestMirrorPolicyValidationError{
+					field:  "TraceSampled",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, RouteAction_RequestMirrorPolicyValidationError{
+					field:  "TraceSampled",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetTraceSampled()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return RouteAction_RequestMirrorPolicyValidationError{
+				field:  "TraceSampled",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if len(errors) > 0 {
+		return RouteAction_RequestMirrorPolicyMultiError(errors)
+	}
+	return nil
+}
+
+// RouteAction_RequestMirrorPolicyMultiError is an error wrapping multiple
+// validation errors returned by RouteAction_RequestMirrorPolicy.ValidateAll()
+// if the designated constraints aren't met.
+type RouteAction_RequestMirrorPolicyMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m RouteAction_RequestMirrorPolicyMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m RouteAction_RequestMirrorPolicyMultiError) AllErrors() []error { return m }
+
+// RouteAction_RequestMirrorPolicyValidationError is the validation error
+// returned by RouteAction_RequestMirrorPolicy.Validate if the designated
+// constraints aren't met.
+type RouteAction_RequestMirrorPolicyValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e RouteAction_RequestMirrorPolicyValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e RouteAction_RequestMirrorPolicyValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e RouteAction_RequestMirrorPolicyValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e RouteAction_RequestMirrorPolicyValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e RouteAction_RequestMirrorPolicyValidationError) ErrorName() string {
+	return "RouteAction_RequestMirrorPolicyValidationError"
+}
+
+// Error satisfies the builtin error interface
+func (e RouteAction_RequestMirrorPolicyValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sRouteAction_RequestMirrorPolicy.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = RouteAction_RequestMirrorPolicyValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = RouteAction_RequestMirrorPolicyValidationError{}
+
+// Validate checks the field values on RouteAction_HashPolicy with the rules
+// defined in the proto definition for this message. If any rules are
+// violated, the first error encountered is returned, or nil if there are no violations.
+func (m *RouteAction_HashPolicy) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on RouteAction_HashPolicy with the rules
+// defined in the proto definition for this message. If any rules are
+// violated, the result is a list of violation errors wrapped in
+// RouteAction_HashPolicyMultiError, or nil if none found.
+func (m *RouteAction_HashPolicy) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *RouteAction_HashPolicy) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	// no validation rules for Terminal
+
+	switch m.PolicySpecifier.(type) {
+
+	case *RouteAction_HashPolicy_Header_:
+
+		if all {
+			switch v := interface{}(m.GetHeader()).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, RouteAction_HashPolicyValidationError{
+						field:  "Header",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, RouteAction_HashPolicyValidationError{
+						field:  "Header",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(m.GetHeader()).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return RouteAction_HashPolicyValidationError{
+					field:  "Header",
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	case *RouteAction_HashPolicy_Cookie_:
+
+		if all {
+			switch v := interface{}(m.GetCookie()).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, RouteAction_HashPolicyValidationError{
+						field:  "Cookie",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, RouteAction_HashPolicyValidationError{
+						field:  "Cookie",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(m.GetCookie()).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return RouteAction_HashPolicyValidationError{
+					field:  "Cookie",
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	case *RouteAction_HashPolicy_ConnectionProperties_:
+
+		if all {
+			switch v := interface{}(m.GetConnectionProperties()).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, RouteAction_HashPolicyValidationError{
+						field:  "ConnectionProperties",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, RouteAction_HashPolicyValidationError{
+						field:  "ConnectionProperties",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(m.GetConnectionProperties()).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return RouteAction_HashPolicyValidationError{
+					field:  "ConnectionProperties",
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	case *RouteAction_HashPolicy_QueryParameter_:
+
+		if all {
+			switch v := interface{}(m.GetQueryParameter()).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, RouteAction_HashPolicyValidationError{
+						field:  "QueryParameter",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, RouteAction_HashPolicyValidationError{
+						field:  "QueryParameter",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(m.GetQueryParameter()).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return RouteAction_HashPolicyValidationError{
+					field:  "QueryParameter",
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	case *RouteAction_HashPolicy_FilterState_:
+
+		if all {
+			switch v := interface{}(m.GetFilterState()).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, RouteAction_HashPolicyValidationError{
+						field:  "FilterState",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, RouteAction_HashPolicyValidationError{
+						field:  "FilterState",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(m.GetFilterState()).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return RouteAction_HashPolicyValidationError{
+					field:  "FilterState",
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	default:
+		err := RouteAction_HashPolicyValidationError{
+			field:  "PolicySpecifier",
+			reason: "value is required",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+
+	}
+
+	if len(errors) > 0 {
+		return RouteAction_HashPolicyMultiError(errors)
+	}
+	return nil
+}
+
+// RouteAction_HashPolicyMultiError is an error wrapping multiple validation
+// errors returned by RouteAction_HashPolicy.ValidateAll() if the designated
+// constraints aren't met.
+type RouteAction_HashPolicyMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m RouteAction_HashPolicyMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m RouteAction_HashPolicyMultiError) AllErrors() []error { return m }
+
+// RouteAction_HashPolicyValidationError is the validation error returned by
+// RouteAction_HashPolicy.Validate if the designated constraints aren't met.
+type RouteAction_HashPolicyValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e RouteAction_HashPolicyValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e RouteAction_HashPolicyValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e RouteAction_HashPolicyValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e RouteAction_HashPolicyValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e RouteAction_HashPolicyValidationError) ErrorName() string {
+	return "RouteAction_HashPolicyValidationError"
+}
+
+// Error satisfies the builtin error interface
+func (e RouteAction_HashPolicyValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sRouteAction_HashPolicy.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = RouteAction_HashPolicyValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = RouteAction_HashPolicyValidationError{}
+
+// Validate checks the field values on RouteAction_UpgradeConfig with the rules
+// defined in the proto definition for this message. If any rules are
+// violated, the first error encountered is returned, or nil if there are no violations.
+func (m *RouteAction_UpgradeConfig) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on RouteAction_UpgradeConfig with the
+// rules defined in the proto definition for this message. If any rules are
+// violated, the result is a list of violation errors wrapped in
+// RouteAction_UpgradeConfigMultiError, or nil if none found.
+func (m *RouteAction_UpgradeConfig) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *RouteAction_UpgradeConfig) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	if utf8.RuneCountInString(m.GetUpgradeType()) < 1 {
+		err := RouteAction_UpgradeConfigValidationError{
+			field:  "UpgradeType",
+			reason: "value length must be at least 1 runes",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+	}
+
+	if !_RouteAction_UpgradeConfig_UpgradeType_Pattern.MatchString(m.GetUpgradeType()) {
+		err := RouteAction_UpgradeConfigValidationError{
+			field:  "UpgradeType",
+			reason: "value does not match regex pattern \"^[^\\x00\\n\\r]*$\"",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+	}
+
+	if all {
+		switch v := interface{}(m.GetEnabled()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, RouteAction_UpgradeConfigValidationError{
+					field:  "Enabled",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, RouteAction_UpgradeConfigValidationError{
+					field:  "Enabled",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetEnabled()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return RouteAction_UpgradeConfigValidationError{
+				field:  "Enabled",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if all {
+		switch v := interface{}(m.GetConnectConfig()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, RouteAction_UpgradeConfigValidationError{
+					field:  "ConnectConfig",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, RouteAction_UpgradeConfigValidationError{
+					field:  "ConnectConfig",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetConnectConfig()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return RouteAction_UpgradeConfigValidationError{
+				field:  "ConnectConfig",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if len(errors) > 0 {
+		return RouteAction_UpgradeConfigMultiError(errors)
+	}
+	return nil
+}
+
+// RouteAction_UpgradeConfigMultiError is an error wrapping multiple validation
+// errors returned by RouteAction_UpgradeConfig.ValidateAll() if the
+// designated constraints aren't met.
+type RouteAction_UpgradeConfigMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m RouteAction_UpgradeConfigMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m RouteAction_UpgradeConfigMultiError) AllErrors() []error { return m }
+
+// RouteAction_UpgradeConfigValidationError is the validation error returned by
+// RouteAction_UpgradeConfig.Validate if the designated constraints aren't met.
+type RouteAction_UpgradeConfigValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e RouteAction_UpgradeConfigValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e RouteAction_UpgradeConfigValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e RouteAction_UpgradeConfigValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e RouteAction_UpgradeConfigValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e RouteAction_UpgradeConfigValidationError) ErrorName() string {
+	return "RouteAction_UpgradeConfigValidationError"
+}
+
+// Error satisfies the builtin error interface
+func (e RouteAction_UpgradeConfigValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sRouteAction_UpgradeConfig.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = RouteAction_UpgradeConfigValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = RouteAction_UpgradeConfigValidationError{}
+
+var _RouteAction_UpgradeConfig_UpgradeType_Pattern = regexp.MustCompile("^[^\x00\n\r]*$")
+
+// Validate checks the field values on RouteAction_MaxStreamDuration with the
+// rules defined in the proto definition for this message. If any rules are
+// violated, the first error encountered is returned, or nil if there are no violations.
+func (m *RouteAction_MaxStreamDuration) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on RouteAction_MaxStreamDuration with
+// the rules defined in the proto definition for this message. If any rules
+// are violated, the result is a list of violation errors wrapped in
+// RouteAction_MaxStreamDurationMultiError, or nil if none found.
+func (m *RouteAction_MaxStreamDuration) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *RouteAction_MaxStreamDuration) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	if all {
+		switch v := interface{}(m.GetMaxStreamDuration()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, RouteAction_MaxStreamDurationValidationError{
+					field:  "MaxStreamDuration",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, RouteAction_MaxStreamDurationValidationError{
+					field:  "MaxStreamDuration",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetMaxStreamDuration()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return RouteAction_MaxStreamDurationValidationError{
+				field:  "MaxStreamDuration",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if all {
+		switch v := interface{}(m.GetGrpcTimeoutHeaderMax()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, RouteAction_MaxStreamDurationValidationError{
+					field:  "GrpcTimeoutHeaderMax",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, RouteAction_MaxStreamDurationValidationError{
+					field:  "GrpcTimeoutHeaderMax",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetGrpcTimeoutHeaderMax()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return RouteAction_MaxStreamDurationValidationError{
+				field:  "GrpcTimeoutHeaderMax",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if all {
+		switch v := interface{}(m.GetGrpcTimeoutHeaderOffset()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, RouteAction_MaxStreamDurationValidationError{
+					field:  "GrpcTimeoutHeaderOffset",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, RouteAction_MaxStreamDurationValidationError{
+					field:  "GrpcTimeoutHeaderOffset",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetGrpcTimeoutHeaderOffset()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return RouteAction_MaxStreamDurationValidationError{
+				field:  "GrpcTimeoutHeaderOffset",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if len(errors) > 0 {
+		return RouteAction_MaxStreamDurationMultiError(errors)
+	}
+	return nil
+}
+
+// RouteAction_MaxStreamDurationMultiError is an error wrapping multiple
+// validation errors returned by RouteAction_MaxStreamDuration.ValidateAll()
+// if the designated constraints aren't met.
+type RouteAction_MaxStreamDurationMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m RouteAction_MaxStreamDurationMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m RouteAction_MaxStreamDurationMultiError) AllErrors() []error { return m }
+
+// RouteAction_MaxStreamDurationValidationError is the validation error
+// returned by RouteAction_MaxStreamDuration.Validate if the designated
+// constraints aren't met.
+type RouteAction_MaxStreamDurationValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e RouteAction_MaxStreamDurationValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e RouteAction_MaxStreamDurationValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e RouteAction_MaxStreamDurationValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e RouteAction_MaxStreamDurationValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e RouteAction_MaxStreamDurationValidationError) ErrorName() string {
+	return "RouteAction_MaxStreamDurationValidationError"
+}
+
+// Error satisfies the builtin error interface
+func (e RouteAction_MaxStreamDurationValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sRouteAction_MaxStreamDuration.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = RouteAction_MaxStreamDurationValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = RouteAction_MaxStreamDurationValidationError{}
+
+// Validate checks the field values on RouteAction_HashPolicy_Header with the
+// rules defined in the proto definition for this message. If any rules are
+// violated, the first error encountered is returned, or nil if there are no violations.
+func (m *RouteAction_HashPolicy_Header) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on RouteAction_HashPolicy_Header with
+// the rules defined in the proto definition for this message. If any rules
+// are violated, the result is a list of violation errors wrapped in
+// RouteAction_HashPolicy_HeaderMultiError, or nil if none found.
+func (m *RouteAction_HashPolicy_Header) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *RouteAction_HashPolicy_Header) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	if utf8.RuneCountInString(m.GetHeaderName()) < 1 {
+		err := RouteAction_HashPolicy_HeaderValidationError{
+			field:  "HeaderName",
+			reason: "value length must be at least 1 runes",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+	}
+
+	if !_RouteAction_HashPolicy_Header_HeaderName_Pattern.MatchString(m.GetHeaderName()) {
+		err := RouteAction_HashPolicy_HeaderValidationError{
+			field:  "HeaderName",
+			reason: "value does not match regex pattern \"^[^\\x00\\n\\r]*$\"",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+	}
+
+	if all {
+		switch v := interface{}(m.GetRegexRewrite()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, RouteAction_HashPolicy_HeaderValidationError{
+					field:  "RegexRewrite",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, RouteAction_HashPolicy_HeaderValidationError{
+					field:  "RegexRewrite",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetRegexRewrite()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return RouteAction_HashPolicy_HeaderValidationError{
+				field:  "RegexRewrite",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if len(errors) > 0 {
+		return RouteAction_HashPolicy_HeaderMultiError(errors)
+	}
+	return nil
+}
+
+// RouteAction_HashPolicy_HeaderMultiError is an error wrapping multiple
+// validation errors returned by RouteAction_HashPolicy_Header.ValidateAll()
+// if the designated constraints aren't met.
+type RouteAction_HashPolicy_HeaderMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m RouteAction_HashPolicy_HeaderMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m RouteAction_HashPolicy_HeaderMultiError) AllErrors() []error { return m }
+
+// RouteAction_HashPolicy_HeaderValidationError is the validation error
+// returned by RouteAction_HashPolicy_Header.Validate if the designated
+// constraints aren't met.
+type RouteAction_HashPolicy_HeaderValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e RouteAction_HashPolicy_HeaderValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e RouteAction_HashPolicy_HeaderValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e RouteAction_HashPolicy_HeaderValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e RouteAction_HashPolicy_HeaderValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e RouteAction_HashPolicy_HeaderValidationError) ErrorName() string {
+	return "RouteAction_HashPolicy_HeaderValidationError"
+}
+
+// Error satisfies the builtin error interface
+func (e RouteAction_HashPolicy_HeaderValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sRouteAction_HashPolicy_Header.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = RouteAction_HashPolicy_HeaderValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = RouteAction_HashPolicy_HeaderValidationError{}
+
+var _RouteAction_HashPolicy_Header_HeaderName_Pattern = regexp.MustCompile("^[^\x00\n\r]*$")
+
+// Validate checks the field values on RouteAction_HashPolicy_Cookie with the
+// rules defined in the proto definition for this message. If any rules are
+// violated, the first error encountered is returned, or nil if there are no violations.
+func (m *RouteAction_HashPolicy_Cookie) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on RouteAction_HashPolicy_Cookie with
+// the rules defined in the proto definition for this message. If any rules
+// are violated, the result is a list of violation errors wrapped in
+// RouteAction_HashPolicy_CookieMultiError, or nil if none found.
+func (m *RouteAction_HashPolicy_Cookie) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *RouteAction_HashPolicy_Cookie) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	if utf8.RuneCountInString(m.GetName()) < 1 {
+		err := RouteAction_HashPolicy_CookieValidationError{
+			field:  "Name",
+			reason: "value length must be at least 1 runes",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+	}
+
+	if all {
+		switch v := interface{}(m.GetTtl()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, RouteAction_HashPolicy_CookieValidationError{
+					field:  "Ttl",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, RouteAction_HashPolicy_CookieValidationError{
+					field:  "Ttl",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetTtl()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return RouteAction_HashPolicy_CookieValidationError{
+				field:  "Ttl",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	// no validation rules for Path
+
+	if len(errors) > 0 {
+		return RouteAction_HashPolicy_CookieMultiError(errors)
+	}
+	return nil
+}
+
+// RouteAction_HashPolicy_CookieMultiError is an error wrapping multiple
+// validation errors returned by RouteAction_HashPolicy_Cookie.ValidateAll()
+// if the designated constraints aren't met.
+type RouteAction_HashPolicy_CookieMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m RouteAction_HashPolicy_CookieMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m RouteAction_HashPolicy_CookieMultiError) AllErrors() []error { return m }
+
+// RouteAction_HashPolicy_CookieValidationError is the validation error
+// returned by RouteAction_HashPolicy_Cookie.Validate if the designated
+// constraints aren't met.
+type RouteAction_HashPolicy_CookieValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e RouteAction_HashPolicy_CookieValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e RouteAction_HashPolicy_CookieValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e RouteAction_HashPolicy_CookieValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e RouteAction_HashPolicy_CookieValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e RouteAction_HashPolicy_CookieValidationError) ErrorName() string {
+	return "RouteAction_HashPolicy_CookieValidationError"
+}
+
+// Error satisfies the builtin error interface
+func (e RouteAction_HashPolicy_CookieValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sRouteAction_HashPolicy_Cookie.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = RouteAction_HashPolicy_CookieValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = RouteAction_HashPolicy_CookieValidationError{}
+
+// Validate checks the field values on
+// RouteAction_HashPolicy_ConnectionProperties with the rules defined in the
+// proto definition for this message. If any rules are violated, the first
+// error encountered is returned, or nil if there are no violations.
+func (m *RouteAction_HashPolicy_ConnectionProperties) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on
+// RouteAction_HashPolicy_ConnectionProperties with the rules defined in the
+// proto definition for this message. If any rules are violated, the result is
+// a list of violation errors wrapped in
+// RouteAction_HashPolicy_ConnectionPropertiesMultiError, or nil if none found.
+func (m *RouteAction_HashPolicy_ConnectionProperties) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *RouteAction_HashPolicy_ConnectionProperties) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	// no validation rules for SourceIp
+
+	if len(errors) > 0 {
+		return RouteAction_HashPolicy_ConnectionPropertiesMultiError(errors)
+	}
+	return nil
+}
+
+// RouteAction_HashPolicy_ConnectionPropertiesMultiError is an error wrapping
+// multiple validation errors returned by
+// RouteAction_HashPolicy_ConnectionProperties.ValidateAll() if the designated
+// constraints aren't met.
+type RouteAction_HashPolicy_ConnectionPropertiesMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m RouteAction_HashPolicy_ConnectionPropertiesMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m RouteAction_HashPolicy_ConnectionPropertiesMultiError) AllErrors() []error { return m }
+
+// RouteAction_HashPolicy_ConnectionPropertiesValidationError is the validation
+// error returned by RouteAction_HashPolicy_ConnectionProperties.Validate if
+// the designated constraints aren't met.
+type RouteAction_HashPolicy_ConnectionPropertiesValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e RouteAction_HashPolicy_ConnectionPropertiesValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e RouteAction_HashPolicy_ConnectionPropertiesValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e RouteAction_HashPolicy_ConnectionPropertiesValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e RouteAction_HashPolicy_ConnectionPropertiesValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e RouteAction_HashPolicy_ConnectionPropertiesValidationError) ErrorName() string {
+	return "RouteAction_HashPolicy_ConnectionPropertiesValidationError"
+}
+
+// Error satisfies the builtin error interface
+func (e RouteAction_HashPolicy_ConnectionPropertiesValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sRouteAction_HashPolicy_ConnectionProperties.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = RouteAction_HashPolicy_ConnectionPropertiesValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = RouteAction_HashPolicy_ConnectionPropertiesValidationError{}
+
+// Validate checks the field values on RouteAction_HashPolicy_QueryParameter
+// with the rules defined in the proto definition for this message. If any
+// rules are violated, the first error encountered is returned, or nil if
+// there are no violations.
+func (m *RouteAction_HashPolicy_QueryParameter) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on RouteAction_HashPolicy_QueryParameter
+// with the rules defined in the proto definition for this message. If any
+// rules are violated, the result is a list of violation errors wrapped in
+// RouteAction_HashPolicy_QueryParameterMultiError, or nil if none found.
+func (m *RouteAction_HashPolicy_QueryParameter) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *RouteAction_HashPolicy_QueryParameter) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	if utf8.RuneCountInString(m.GetName()) < 1 {
+		err := RouteAction_HashPolicy_QueryParameterValidationError{
+			field:  "Name",
+			reason: "value length must be at least 1 runes",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+	}
+
+	if len(errors) > 0 {
+		return RouteAction_HashPolicy_QueryParameterMultiError(errors)
+	}
+	return nil
+}
+
+// RouteAction_HashPolicy_QueryParameterMultiError is an error wrapping
+// multiple validation errors returned by
+// RouteAction_HashPolicy_QueryParameter.ValidateAll() if the designated
+// constraints aren't met.
+type RouteAction_HashPolicy_QueryParameterMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m RouteAction_HashPolicy_QueryParameterMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m RouteAction_HashPolicy_QueryParameterMultiError) AllErrors() []error { return m }
+
+// RouteAction_HashPolicy_QueryParameterValidationError is the validation error
+// returned by RouteAction_HashPolicy_QueryParameter.Validate if the
+// designated constraints aren't met.
+type RouteAction_HashPolicy_QueryParameterValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e RouteAction_HashPolicy_QueryParameterValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e RouteAction_HashPolicy_QueryParameterValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e RouteAction_HashPolicy_QueryParameterValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e RouteAction_HashPolicy_QueryParameterValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e RouteAction_HashPolicy_QueryParameterValidationError) ErrorName() string {
+	return "RouteAction_HashPolicy_QueryParameterValidationError"
+}
+
+// Error satisfies the builtin error interface
+func (e RouteAction_HashPolicy_QueryParameterValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sRouteAction_HashPolicy_QueryParameter.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = RouteAction_HashPolicy_QueryParameterValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = RouteAction_HashPolicy_QueryParameterValidationError{}
+
+// Validate checks the field values on RouteAction_HashPolicy_FilterState with
+// the rules defined in the proto definition for this message. If any rules
+// are violated, the first error encountered is returned, or nil if there are
+// no violations.
+func (m *RouteAction_HashPolicy_FilterState) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on RouteAction_HashPolicy_FilterState
+// with the rules defined in the proto definition for this message. If any
+// rules are violated, the result is a list of violation errors wrapped in
+// RouteAction_HashPolicy_FilterStateMultiError, or nil if none found.
+func (m *RouteAction_HashPolicy_FilterState) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *RouteAction_HashPolicy_FilterState) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	if utf8.RuneCountInString(m.GetKey()) < 1 {
+		err := RouteAction_HashPolicy_FilterStateValidationError{
+			field:  "Key",
+			reason: "value length must be at least 1 runes",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+	}
+
+	if len(errors) > 0 {
+		return RouteAction_HashPolicy_FilterStateMultiError(errors)
+	}
+	return nil
+}
+
+// RouteAction_HashPolicy_FilterStateMultiError is an error wrapping multiple
+// validation errors returned by
+// RouteAction_HashPolicy_FilterState.ValidateAll() if the designated
+// constraints aren't met.
+type RouteAction_HashPolicy_FilterStateMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m RouteAction_HashPolicy_FilterStateMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m RouteAction_HashPolicy_FilterStateMultiError) AllErrors() []error { return m }
+
+// RouteAction_HashPolicy_FilterStateValidationError is the validation error
+// returned by RouteAction_HashPolicy_FilterState.Validate if the designated
+// constraints aren't met.
+type RouteAction_HashPolicy_FilterStateValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e RouteAction_HashPolicy_FilterStateValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e RouteAction_HashPolicy_FilterStateValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e RouteAction_HashPolicy_FilterStateValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e RouteAction_HashPolicy_FilterStateValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e RouteAction_HashPolicy_FilterStateValidationError) ErrorName() string {
+	return "RouteAction_HashPolicy_FilterStateValidationError"
+}
+
+// Error satisfies the builtin error interface
+func (e RouteAction_HashPolicy_FilterStateValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sRouteAction_HashPolicy_FilterState.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = RouteAction_HashPolicy_FilterStateValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = RouteAction_HashPolicy_FilterStateValidationError{}
+
+// Validate checks the field values on RouteAction_UpgradeConfig_ConnectConfig
+// with the rules defined in the proto definition for this message. If any
+// rules are violated, the first error encountered is returned, or nil if
+// there are no violations.
+func (m *RouteAction_UpgradeConfig_ConnectConfig) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on
+// RouteAction_UpgradeConfig_ConnectConfig with the rules defined in the proto
+// definition for this message. If any rules are violated, the result is a
+// list of violation errors wrapped in
+// RouteAction_UpgradeConfig_ConnectConfigMultiError, or nil if none found.
+func (m *RouteAction_UpgradeConfig_ConnectConfig) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *RouteAction_UpgradeConfig_ConnectConfig) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	if all {
+		switch v := interface{}(m.GetProxyProtocolConfig()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, RouteAction_UpgradeConfig_ConnectConfigValidationError{
+					field:  "ProxyProtocolConfig",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, RouteAction_UpgradeConfig_ConnectConfigValidationError{
+					field:  "ProxyProtocolConfig",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetProxyProtocolConfig()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return RouteAction_UpgradeConfig_ConnectConfigValidationError{
+				field:  "ProxyProtocolConfig",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	// no validation rules for AllowPost
+
+	if len(errors) > 0 {
+		return RouteAction_UpgradeConfig_ConnectConfigMultiError(errors)
+	}
+	return nil
+}
+
+// RouteAction_UpgradeConfig_ConnectConfigMultiError is an error wrapping
+// multiple validation errors returned by
+// RouteAction_UpgradeConfig_ConnectConfig.ValidateAll() if the designated
+// constraints aren't met.
+type RouteAction_UpgradeConfig_ConnectConfigMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m RouteAction_UpgradeConfig_ConnectConfigMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m RouteAction_UpgradeConfig_ConnectConfigMultiError) AllErrors() []error { return m }
+
+// RouteAction_UpgradeConfig_ConnectConfigValidationError is the validation
+// error returned by RouteAction_UpgradeConfig_ConnectConfig.Validate if the
+// designated constraints aren't met.
+type RouteAction_UpgradeConfig_ConnectConfigValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e RouteAction_UpgradeConfig_ConnectConfigValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e RouteAction_UpgradeConfig_ConnectConfigValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e RouteAction_UpgradeConfig_ConnectConfigValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e RouteAction_UpgradeConfig_ConnectConfigValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e RouteAction_UpgradeConfig_ConnectConfigValidationError) ErrorName() string {
+	return "RouteAction_UpgradeConfig_ConnectConfigValidationError"
+}
+
+// Error satisfies the builtin error interface
+func (e RouteAction_UpgradeConfig_ConnectConfigValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sRouteAction_UpgradeConfig_ConnectConfig.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = RouteAction_UpgradeConfig_ConnectConfigValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = RouteAction_UpgradeConfig_ConnectConfigValidationError{}
+
+// Validate checks the field values on RetryPolicy_RetryPriority with the rules
+// defined in the proto definition for this message. If any rules are
+// violated, the first error encountered is returned, or nil if there are no violations.
+func (m *RetryPolicy_RetryPriority) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on RetryPolicy_RetryPriority with the
+// rules defined in the proto definition for this message. If any rules are
+// violated, the result is a list of violation errors wrapped in
+// RetryPolicy_RetryPriorityMultiError, or nil if none found.
+func (m *RetryPolicy_RetryPriority) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *RetryPolicy_RetryPriority) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	if utf8.RuneCountInString(m.GetName()) < 1 {
+		err := RetryPolicy_RetryPriorityValidationError{
+			field:  "Name",
+			reason: "value length must be at least 1 runes",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+	}
+
+	switch m.ConfigType.(type) {
+
+	case *RetryPolicy_RetryPriority_TypedConfig:
+
+		if all {
+			switch v := interface{}(m.GetTypedConfig()).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, RetryPolicy_RetryPriorityValidationError{
+						field:  "TypedConfig",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, RetryPolicy_RetryPriorityValidationError{
+						field:  "TypedConfig",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(m.GetTypedConfig()).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return RetryPolicy_RetryPriorityValidationError{
+					field:  "TypedConfig",
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	}
+
+	if len(errors) > 0 {
+		return RetryPolicy_RetryPriorityMultiError(errors)
+	}
+	return nil
+}
+
+// RetryPolicy_RetryPriorityMultiError is an error wrapping multiple validation
+// errors returned by RetryPolicy_RetryPriority.ValidateAll() if the
+// designated constraints aren't met.
+type RetryPolicy_RetryPriorityMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m RetryPolicy_RetryPriorityMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m RetryPolicy_RetryPriorityMultiError) AllErrors() []error { return m }
+
+// RetryPolicy_RetryPriorityValidationError is the validation error returned by
+// RetryPolicy_RetryPriority.Validate if the designated constraints aren't met.
+type RetryPolicy_RetryPriorityValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e RetryPolicy_RetryPriorityValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e RetryPolicy_RetryPriorityValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e RetryPolicy_RetryPriorityValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e RetryPolicy_RetryPriorityValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e RetryPolicy_RetryPriorityValidationError) ErrorName() string {
+	return "RetryPolicy_RetryPriorityValidationError"
+}
+
+// Error satisfies the builtin error interface
+func (e RetryPolicy_RetryPriorityValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sRetryPolicy_RetryPriority.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = RetryPolicy_RetryPriorityValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = RetryPolicy_RetryPriorityValidationError{}
+
+// Validate checks the field values on RetryPolicy_RetryHostPredicate with the
+// rules defined in the proto definition for this message. If any rules are
+// violated, the first error encountered is returned, or nil if there are no violations.
+func (m *RetryPolicy_RetryHostPredicate) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on RetryPolicy_RetryHostPredicate with
+// the rules defined in the proto definition for this message. If any rules
+// are violated, the result is a list of violation errors wrapped in
+// RetryPolicy_RetryHostPredicateMultiError, or nil if none found.
+func (m *RetryPolicy_RetryHostPredicate) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *RetryPolicy_RetryHostPredicate) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	if utf8.RuneCountInString(m.GetName()) < 1 {
+		err := RetryPolicy_RetryHostPredicateValidationError{
+			field:  "Name",
+			reason: "value length must be at least 1 runes",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+	}
+
+	switch m.ConfigType.(type) {
+
+	case *RetryPolicy_RetryHostPredicate_TypedConfig:
+
+		if all {
+			switch v := interface{}(m.GetTypedConfig()).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, RetryPolicy_RetryHostPredicateValidationError{
+						field:  "TypedConfig",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, RetryPolicy_RetryHostPredicateValidationError{
+						field:  "TypedConfig",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(m.GetTypedConfig()).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return RetryPolicy_RetryHostPredicateValidationError{
+					field:  "TypedConfig",
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	}
+
+	if len(errors) > 0 {
+		return RetryPolicy_RetryHostPredicateMultiError(errors)
+	}
+	return nil
+}
+
+// RetryPolicy_RetryHostPredicateMultiError is an error wrapping multiple
+// validation errors returned by RetryPolicy_RetryHostPredicate.ValidateAll()
+// if the designated constraints aren't met.
+type RetryPolicy_RetryHostPredicateMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m RetryPolicy_RetryHostPredicateMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m RetryPolicy_RetryHostPredicateMultiError) AllErrors() []error { return m }
+
+// RetryPolicy_RetryHostPredicateValidationError is the validation error
+// returned by RetryPolicy_RetryHostPredicate.Validate if the designated
+// constraints aren't met.
+type RetryPolicy_RetryHostPredicateValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e RetryPolicy_RetryHostPredicateValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e RetryPolicy_RetryHostPredicateValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e RetryPolicy_RetryHostPredicateValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e RetryPolicy_RetryHostPredicateValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e RetryPolicy_RetryHostPredicateValidationError) ErrorName() string {
+	return "RetryPolicy_RetryHostPredicateValidationError"
+}
+
+// Error satisfies the builtin error interface
+func (e RetryPolicy_RetryHostPredicateValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sRetryPolicy_RetryHostPredicate.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = RetryPolicy_RetryHostPredicateValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = RetryPolicy_RetryHostPredicateValidationError{}
+
+// Validate checks the field values on RetryPolicy_RetryBackOff with the rules
+// defined in the proto definition for this message. If any rules are
+// violated, the first error encountered is returned, or nil if there are no violations.
+func (m *RetryPolicy_RetryBackOff) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on RetryPolicy_RetryBackOff with the
+// rules defined in the proto definition for this message. If any rules are
+// violated, the result is a list of violation errors wrapped in
+// RetryPolicy_RetryBackOffMultiError, or nil if none found.
+func (m *RetryPolicy_RetryBackOff) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *RetryPolicy_RetryBackOff) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	if m.GetBaseInterval() == nil {
+		err := RetryPolicy_RetryBackOffValidationError{
+			field:  "BaseInterval",
+			reason: "value is required",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+	}
+
+	if d := m.GetBaseInterval(); d != nil {
+		dur, err := d.AsDuration(), d.CheckValid()
+		if err != nil {
+			err = RetryPolicy_RetryBackOffValidationError{
+				field:  "BaseInterval",
+				reason: "value is not a valid duration",
+				cause:  err,
+			}
+			if !all {
+				return err
+			}
+			errors = append(errors, err)
+		} else {
+
+			gt := time.Duration(0*time.Second + 0*time.Nanosecond)
+
+			if dur <= gt {
+				err := RetryPolicy_RetryBackOffValidationError{
+					field:  "BaseInterval",
+					reason: "value must be greater than 0s",
+				}
+				if !all {
+					return err
+				}
+				errors = append(errors, err)
+			}
+
+		}
+	}
+
+	if d := m.GetMaxInterval(); d != nil {
+		dur, err := d.AsDuration(), d.CheckValid()
+		if err != nil {
+			err = RetryPolicy_RetryBackOffValidationError{
+				field:  "MaxInterval",
+				reason: "value is not a valid duration",
+				cause:  err,
+			}
+			if !all {
+				return err
+			}
+			errors = append(errors, err)
+		} else {
+
+			gt := time.Duration(0*time.Second + 0*time.Nanosecond)
+
+			if dur <= gt {
+				err := RetryPolicy_RetryBackOffValidationError{
+					field:  "MaxInterval",
+					reason: "value must be greater than 0s",
+				}
+				if !all {
+					return err
+				}
+				errors = append(errors, err)
+			}
+
+		}
+	}
+
+	if len(errors) > 0 {
+		return RetryPolicy_RetryBackOffMultiError(errors)
+	}
+	return nil
+}
+
+// RetryPolicy_RetryBackOffMultiError is an error wrapping multiple validation
+// errors returned by RetryPolicy_RetryBackOff.ValidateAll() if the designated
+// constraints aren't met.
+type RetryPolicy_RetryBackOffMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m RetryPolicy_RetryBackOffMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m RetryPolicy_RetryBackOffMultiError) AllErrors() []error { return m }
+
+// RetryPolicy_RetryBackOffValidationError is the validation error returned by
+// RetryPolicy_RetryBackOff.Validate if the designated constraints aren't met.
+type RetryPolicy_RetryBackOffValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e RetryPolicy_RetryBackOffValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e RetryPolicy_RetryBackOffValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e RetryPolicy_RetryBackOffValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e RetryPolicy_RetryBackOffValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e RetryPolicy_RetryBackOffValidationError) ErrorName() string {
+	return "RetryPolicy_RetryBackOffValidationError"
+}
+
+// Error satisfies the builtin error interface
+func (e RetryPolicy_RetryBackOffValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sRetryPolicy_RetryBackOff.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = RetryPolicy_RetryBackOffValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = RetryPolicy_RetryBackOffValidationError{}
+
+// Validate checks the field values on RetryPolicy_ResetHeader with the rules
+// defined in the proto definition for this message. If any rules are
+// violated, the first error encountered is returned, or nil if there are no violations.
+func (m *RetryPolicy_ResetHeader) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on RetryPolicy_ResetHeader with the
+// rules defined in the proto definition for this message. If any rules are
+// violated, the result is a list of violation errors wrapped in
+// RetryPolicy_ResetHeaderMultiError, or nil if none found.
+func (m *RetryPolicy_ResetHeader) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *RetryPolicy_ResetHeader) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	if utf8.RuneCountInString(m.GetName()) < 1 {
+		err := RetryPolicy_ResetHeaderValidationError{
+			field:  "Name",
+			reason: "value length must be at least 1 runes",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+	}
+
+	if !_RetryPolicy_ResetHeader_Name_Pattern.MatchString(m.GetName()) {
+		err := RetryPolicy_ResetHeaderValidationError{
+			field:  "Name",
+			reason: "value does not match regex pattern \"^[^\\x00\\n\\r]*$\"",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+	}
+
+	if _, ok := RetryPolicy_ResetHeaderFormat_name[int32(m.GetFormat())]; !ok {
+		err := RetryPolicy_ResetHeaderValidationError{
+			field:  "Format",
+			reason: "value must be one of the defined enum values",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+	}
+
+	if len(errors) > 0 {
+		return RetryPolicy_ResetHeaderMultiError(errors)
+	}
+	return nil
+}
+
+// RetryPolicy_ResetHeaderMultiError is an error wrapping multiple validation
+// errors returned by RetryPolicy_ResetHeader.ValidateAll() if the designated
+// constraints aren't met.
+type RetryPolicy_ResetHeaderMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m RetryPolicy_ResetHeaderMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m RetryPolicy_ResetHeaderMultiError) AllErrors() []error { return m }
+
+// RetryPolicy_ResetHeaderValidationError is the validation error returned by
+// RetryPolicy_ResetHeader.Validate if the designated constraints aren't met.
+type RetryPolicy_ResetHeaderValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e RetryPolicy_ResetHeaderValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e RetryPolicy_ResetHeaderValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e RetryPolicy_ResetHeaderValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e RetryPolicy_ResetHeaderValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e RetryPolicy_ResetHeaderValidationError) ErrorName() string {
+	return "RetryPolicy_ResetHeaderValidationError"
+}
+
+// Error satisfies the builtin error interface
+func (e RetryPolicy_ResetHeaderValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sRetryPolicy_ResetHeader.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = RetryPolicy_ResetHeaderValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = RetryPolicy_ResetHeaderValidationError{}
+
+var _RetryPolicy_ResetHeader_Name_Pattern = regexp.MustCompile("^[^\x00\n\r]*$")
+
+// Validate checks the field values on RetryPolicy_RateLimitedRetryBackOff with
+// the rules defined in the proto definition for this message. If any rules
+// are violated, the first error encountered is returned, or nil if there are
+// no violations.
+func (m *RetryPolicy_RateLimitedRetryBackOff) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on RetryPolicy_RateLimitedRetryBackOff
+// with the rules defined in the proto definition for this message. If any
+// rules are violated, the result is a list of violation errors wrapped in
+// RetryPolicy_RateLimitedRetryBackOffMultiError, or nil if none found.
+func (m *RetryPolicy_RateLimitedRetryBackOff) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *RetryPolicy_RateLimitedRetryBackOff) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	if len(m.GetResetHeaders()) < 1 {
+		err := RetryPolicy_RateLimitedRetryBackOffValidationError{
+			field:  "ResetHeaders",
+			reason: "value must contain at least 1 item(s)",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+	}
+
+	for idx, item := range m.GetResetHeaders() {
+		_, _ = idx, item
+
+		if all {
+			switch v := interface{}(item).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, RetryPolicy_RateLimitedRetryBackOffValidationError{
+						field:  fmt.Sprintf("ResetHeaders[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, RetryPolicy_RateLimitedRetryBackOffValidationError{
+						field:  fmt.Sprintf("ResetHeaders[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(item).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return RetryPolicy_RateLimitedRetryBackOffValidationError{
+					field:  fmt.Sprintf("ResetHeaders[%v]", idx),
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	}
+
+	if d := m.GetMaxInterval(); d != nil {
+		dur, err := d.AsDuration(), d.CheckValid()
+		if err != nil {
+			err = RetryPolicy_RateLimitedRetryBackOffValidationError{
+				field:  "MaxInterval",
+				reason: "value is not a valid duration",
+				cause:  err,
+			}
+			if !all {
+				return err
+			}
+			errors = append(errors, err)
+		} else {
+
+			gt := time.Duration(0*time.Second + 0*time.Nanosecond)
+
+			if dur <= gt {
+				err := RetryPolicy_RateLimitedRetryBackOffValidationError{
+					field:  "MaxInterval",
+					reason: "value must be greater than 0s",
+				}
+				if !all {
+					return err
+				}
+				errors = append(errors, err)
+			}
+
+		}
+	}
+
+	if len(errors) > 0 {
+		return RetryPolicy_RateLimitedRetryBackOffMultiError(errors)
+	}
+	return nil
+}
+
+// RetryPolicy_RateLimitedRetryBackOffMultiError is an error wrapping multiple
+// validation errors returned by
+// RetryPolicy_RateLimitedRetryBackOff.ValidateAll() if the designated
+// constraints aren't met.
+type RetryPolicy_RateLimitedRetryBackOffMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m RetryPolicy_RateLimitedRetryBackOffMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m RetryPolicy_RateLimitedRetryBackOffMultiError) AllErrors() []error { return m }
+
+// RetryPolicy_RateLimitedRetryBackOffValidationError is the validation error
+// returned by RetryPolicy_RateLimitedRetryBackOff.Validate if the designated
+// constraints aren't met.
+type RetryPolicy_RateLimitedRetryBackOffValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e RetryPolicy_RateLimitedRetryBackOffValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e RetryPolicy_RateLimitedRetryBackOffValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e RetryPolicy_RateLimitedRetryBackOffValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e RetryPolicy_RateLimitedRetryBackOffValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e RetryPolicy_RateLimitedRetryBackOffValidationError) ErrorName() string {
+	return "RetryPolicy_RateLimitedRetryBackOffValidationError"
+}
+
+// Error satisfies the builtin error interface
+func (e RetryPolicy_RateLimitedRetryBackOffValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sRetryPolicy_RateLimitedRetryBackOff.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = RetryPolicy_RateLimitedRetryBackOffValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = RetryPolicy_RateLimitedRetryBackOffValidationError{}
+
+// Validate checks the field values on RateLimit_Action with the rules defined
+// in the proto definition for this message. If any rules are violated, the
+// first error encountered is returned, or nil if there are no violations.
+func (m *RateLimit_Action) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on RateLimit_Action with the rules
+// defined in the proto definition for this message. If any rules are
+// violated, the result is a list of violation errors wrapped in
+// RateLimit_ActionMultiError, or nil if none found.
+func (m *RateLimit_Action) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *RateLimit_Action) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	switch m.ActionSpecifier.(type) {
+
+	case *RateLimit_Action_SourceCluster_:
+
+		if all {
+			switch v := interface{}(m.GetSourceCluster()).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, RateLimit_ActionValidationError{
+						field:  "SourceCluster",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, RateLimit_ActionValidationError{
+						field:  "SourceCluster",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(m.GetSourceCluster()).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return RateLimit_ActionValidationError{
+					field:  "SourceCluster",
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	case *RateLimit_Action_DestinationCluster_:
+
+		if all {
+			switch v := interface{}(m.GetDestinationCluster()).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, RateLimit_ActionValidationError{
+						field:  "DestinationCluster",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, RateLimit_ActionValidationError{
+						field:  "DestinationCluster",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(m.GetDestinationCluster()).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return RateLimit_ActionValidationError{
+					field:  "DestinationCluster",
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	case *RateLimit_Action_RequestHeaders_:
+
+		if all {
+			switch v := interface{}(m.GetRequestHeaders()).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, RateLimit_ActionValidationError{
+						field:  "RequestHeaders",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, RateLimit_ActionValidationError{
+						field:  "RequestHeaders",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(m.GetRequestHeaders()).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return RateLimit_ActionValidationError{
+					field:  "RequestHeaders",
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	case *RateLimit_Action_RemoteAddress_:
+
+		if all {
+			switch v := interface{}(m.GetRemoteAddress()).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, RateLimit_ActionValidationError{
+						field:  "RemoteAddress",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, RateLimit_ActionValidationError{
+						field:  "RemoteAddress",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(m.GetRemoteAddress()).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return RateLimit_ActionValidationError{
+					field:  "RemoteAddress",
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	case *RateLimit_Action_GenericKey_:
+
+		if all {
+			switch v := interface{}(m.GetGenericKey()).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, RateLimit_ActionValidationError{
+						field:  "GenericKey",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, RateLimit_ActionValidationError{
+						field:  "GenericKey",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(m.GetGenericKey()).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return RateLimit_ActionValidationError{
+					field:  "GenericKey",
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	case *RateLimit_Action_HeaderValueMatch_:
+
+		if all {
+			switch v := interface{}(m.GetHeaderValueMatch()).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, RateLimit_ActionValidationError{
+						field:  "HeaderValueMatch",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, RateLimit_ActionValidationError{
+						field:  "HeaderValueMatch",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(m.GetHeaderValueMatch()).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return RateLimit_ActionValidationError{
+					field:  "HeaderValueMatch",
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	case *RateLimit_Action_DynamicMetadata:
+
+		if all {
+			switch v := interface{}(m.GetDynamicMetadata()).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, RateLimit_ActionValidationError{
+						field:  "DynamicMetadata",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, RateLimit_ActionValidationError{
+						field:  "DynamicMetadata",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(m.GetDynamicMetadata()).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return RateLimit_ActionValidationError{
+					field:  "DynamicMetadata",
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	case *RateLimit_Action_Metadata:
+
+		if all {
+			switch v := interface{}(m.GetMetadata()).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, RateLimit_ActionValidationError{
+						field:  "Metadata",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, RateLimit_ActionValidationError{
+						field:  "Metadata",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(m.GetMetadata()).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return RateLimit_ActionValidationError{
+					field:  "Metadata",
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	case *RateLimit_Action_Extension:
+
+		if all {
+			switch v := interface{}(m.GetExtension()).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, RateLimit_ActionValidationError{
+						field:  "Extension",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, RateLimit_ActionValidationError{
+						field:  "Extension",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(m.GetExtension()).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return RateLimit_ActionValidationError{
+					field:  "Extension",
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	default:
+		err := RateLimit_ActionValidationError{
+			field:  "ActionSpecifier",
+			reason: "value is required",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+
+	}
+
+	if len(errors) > 0 {
+		return RateLimit_ActionMultiError(errors)
+	}
+	return nil
+}
+
+// RateLimit_ActionMultiError is an error wrapping multiple validation errors
+// returned by RateLimit_Action.ValidateAll() if the designated constraints
+// aren't met.
+type RateLimit_ActionMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m RateLimit_ActionMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m RateLimit_ActionMultiError) AllErrors() []error { return m }
+
+// RateLimit_ActionValidationError is the validation error returned by
+// RateLimit_Action.Validate if the designated constraints aren't met.
+type RateLimit_ActionValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e RateLimit_ActionValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e RateLimit_ActionValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e RateLimit_ActionValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e RateLimit_ActionValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e RateLimit_ActionValidationError) ErrorName() string { return "RateLimit_ActionValidationError" }
+
+// Error satisfies the builtin error interface
+func (e RateLimit_ActionValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sRateLimit_Action.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = RateLimit_ActionValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = RateLimit_ActionValidationError{}
+
+// Validate checks the field values on RateLimit_Override with the rules
+// defined in the proto definition for this message. If any rules are
+// violated, the first error encountered is returned, or nil if there are no violations.
+func (m *RateLimit_Override) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on RateLimit_Override with the rules
+// defined in the proto definition for this message. If any rules are
+// violated, the result is a list of violation errors wrapped in
+// RateLimit_OverrideMultiError, or nil if none found.
+func (m *RateLimit_Override) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *RateLimit_Override) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	switch m.OverrideSpecifier.(type) {
+
+	case *RateLimit_Override_DynamicMetadata_:
+
+		if all {
+			switch v := interface{}(m.GetDynamicMetadata()).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, RateLimit_OverrideValidationError{
+						field:  "DynamicMetadata",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, RateLimit_OverrideValidationError{
+						field:  "DynamicMetadata",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(m.GetDynamicMetadata()).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return RateLimit_OverrideValidationError{
+					field:  "DynamicMetadata",
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	default:
+		err := RateLimit_OverrideValidationError{
+			field:  "OverrideSpecifier",
+			reason: "value is required",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+
+	}
+
+	if len(errors) > 0 {
+		return RateLimit_OverrideMultiError(errors)
+	}
+	return nil
+}
+
+// RateLimit_OverrideMultiError is an error wrapping multiple validation errors
+// returned by RateLimit_Override.ValidateAll() if the designated constraints
+// aren't met.
+type RateLimit_OverrideMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m RateLimit_OverrideMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m RateLimit_OverrideMultiError) AllErrors() []error { return m }
+
+// RateLimit_OverrideValidationError is the validation error returned by
+// RateLimit_Override.Validate if the designated constraints aren't met.
+type RateLimit_OverrideValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e RateLimit_OverrideValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e RateLimit_OverrideValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e RateLimit_OverrideValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e RateLimit_OverrideValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e RateLimit_OverrideValidationError) ErrorName() string {
+	return "RateLimit_OverrideValidationError"
+}
+
+// Error satisfies the builtin error interface
+func (e RateLimit_OverrideValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sRateLimit_Override.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = RateLimit_OverrideValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = RateLimit_OverrideValidationError{}
+
+// Validate checks the field values on RateLimit_Action_SourceCluster with the
+// rules defined in the proto definition for this message. If any rules are
+// violated, the first error encountered is returned, or nil if there are no violations.
+func (m *RateLimit_Action_SourceCluster) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on RateLimit_Action_SourceCluster with
+// the rules defined in the proto definition for this message. If any rules
+// are violated, the result is a list of violation errors wrapped in
+// RateLimit_Action_SourceClusterMultiError, or nil if none found.
+func (m *RateLimit_Action_SourceCluster) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *RateLimit_Action_SourceCluster) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	if len(errors) > 0 {
+		return RateLimit_Action_SourceClusterMultiError(errors)
+	}
+	return nil
+}
+
+// RateLimit_Action_SourceClusterMultiError is an error wrapping multiple
+// validation errors returned by RateLimit_Action_SourceCluster.ValidateAll()
+// if the designated constraints aren't met.
+type RateLimit_Action_SourceClusterMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m RateLimit_Action_SourceClusterMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m RateLimit_Action_SourceClusterMultiError) AllErrors() []error { return m }
+
+// RateLimit_Action_SourceClusterValidationError is the validation error
+// returned by RateLimit_Action_SourceCluster.Validate if the designated
+// constraints aren't met.
+type RateLimit_Action_SourceClusterValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e RateLimit_Action_SourceClusterValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e RateLimit_Action_SourceClusterValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e RateLimit_Action_SourceClusterValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e RateLimit_Action_SourceClusterValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e RateLimit_Action_SourceClusterValidationError) ErrorName() string {
+	return "RateLimit_Action_SourceClusterValidationError"
+}
+
+// Error satisfies the builtin error interface
+func (e RateLimit_Action_SourceClusterValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sRateLimit_Action_SourceCluster.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = RateLimit_Action_SourceClusterValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = RateLimit_Action_SourceClusterValidationError{}
+
+// Validate checks the field values on RateLimit_Action_DestinationCluster with
+// the rules defined in the proto definition for this message. If any rules
+// are violated, the first error encountered is returned, or nil if there are
+// no violations.
+func (m *RateLimit_Action_DestinationCluster) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on RateLimit_Action_DestinationCluster
+// with the rules defined in the proto definition for this message. If any
+// rules are violated, the result is a list of violation errors wrapped in
+// RateLimit_Action_DestinationClusterMultiError, or nil if none found.
+func (m *RateLimit_Action_DestinationCluster) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *RateLimit_Action_DestinationCluster) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	if len(errors) > 0 {
+		return RateLimit_Action_DestinationClusterMultiError(errors)
+	}
+	return nil
+}
+
+// RateLimit_Action_DestinationClusterMultiError is an error wrapping multiple
+// validation errors returned by
+// RateLimit_Action_DestinationCluster.ValidateAll() if the designated
+// constraints aren't met.
+type RateLimit_Action_DestinationClusterMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m RateLimit_Action_DestinationClusterMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m RateLimit_Action_DestinationClusterMultiError) AllErrors() []error { return m }
+
+// RateLimit_Action_DestinationClusterValidationError is the validation error
+// returned by RateLimit_Action_DestinationCluster.Validate if the designated
+// constraints aren't met.
+type RateLimit_Action_DestinationClusterValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e RateLimit_Action_DestinationClusterValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e RateLimit_Action_DestinationClusterValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e RateLimit_Action_DestinationClusterValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e RateLimit_Action_DestinationClusterValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e RateLimit_Action_DestinationClusterValidationError) ErrorName() string {
+	return "RateLimit_Action_DestinationClusterValidationError"
+}
+
+// Error satisfies the builtin error interface
+func (e RateLimit_Action_DestinationClusterValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sRateLimit_Action_DestinationCluster.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = RateLimit_Action_DestinationClusterValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = RateLimit_Action_DestinationClusterValidationError{}
+
+// Validate checks the field values on RateLimit_Action_RequestHeaders with the
+// rules defined in the proto definition for this message. If any rules are
+// violated, the first error encountered is returned, or nil if there are no violations.
+func (m *RateLimit_Action_RequestHeaders) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on RateLimit_Action_RequestHeaders with
+// the rules defined in the proto definition for this message. If any rules
+// are violated, the result is a list of violation errors wrapped in
+// RateLimit_Action_RequestHeadersMultiError, or nil if none found.
+func (m *RateLimit_Action_RequestHeaders) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *RateLimit_Action_RequestHeaders) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	if utf8.RuneCountInString(m.GetHeaderName()) < 1 {
+		err := RateLimit_Action_RequestHeadersValidationError{
+			field:  "HeaderName",
+			reason: "value length must be at least 1 runes",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+	}
+
+	if !_RateLimit_Action_RequestHeaders_HeaderName_Pattern.MatchString(m.GetHeaderName()) {
+		err := RateLimit_Action_RequestHeadersValidationError{
+			field:  "HeaderName",
+			reason: "value does not match regex pattern \"^[^\\x00\\n\\r]*$\"",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+	}
+
+	if utf8.RuneCountInString(m.GetDescriptorKey()) < 1 {
+		err := RateLimit_Action_RequestHeadersValidationError{
+			field:  "DescriptorKey",
+			reason: "value length must be at least 1 runes",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+	}
+
+	// no validation rules for SkipIfAbsent
+
+	if len(errors) > 0 {
+		return RateLimit_Action_RequestHeadersMultiError(errors)
+	}
+	return nil
+}
+
+// RateLimit_Action_RequestHeadersMultiError is an error wrapping multiple
+// validation errors returned by RateLimit_Action_RequestHeaders.ValidateAll()
+// if the designated constraints aren't met.
+type RateLimit_Action_RequestHeadersMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m RateLimit_Action_RequestHeadersMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m RateLimit_Action_RequestHeadersMultiError) AllErrors() []error { return m }
+
+// RateLimit_Action_RequestHeadersValidationError is the validation error
+// returned by RateLimit_Action_RequestHeaders.Validate if the designated
+// constraints aren't met.
+type RateLimit_Action_RequestHeadersValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e RateLimit_Action_RequestHeadersValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e RateLimit_Action_RequestHeadersValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e RateLimit_Action_RequestHeadersValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e RateLimit_Action_RequestHeadersValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e RateLimit_Action_RequestHeadersValidationError) ErrorName() string {
+	return "RateLimit_Action_RequestHeadersValidationError"
+}
+
+// Error satisfies the builtin error interface
+func (e RateLimit_Action_RequestHeadersValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sRateLimit_Action_RequestHeaders.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = RateLimit_Action_RequestHeadersValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = RateLimit_Action_RequestHeadersValidationError{}
+
+var _RateLimit_Action_RequestHeaders_HeaderName_Pattern = regexp.MustCompile("^[^\x00\n\r]*$")
+
+// Validate checks the field values on RateLimit_Action_RemoteAddress with the
+// rules defined in the proto definition for this message. If any rules are
+// violated, the first error encountered is returned, or nil if there are no violations.
+func (m *RateLimit_Action_RemoteAddress) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on RateLimit_Action_RemoteAddress with
+// the rules defined in the proto definition for this message. If any rules
+// are violated, the result is a list of violation errors wrapped in
+// RateLimit_Action_RemoteAddressMultiError, or nil if none found.
+func (m *RateLimit_Action_RemoteAddress) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *RateLimit_Action_RemoteAddress) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	if len(errors) > 0 {
+		return RateLimit_Action_RemoteAddressMultiError(errors)
+	}
+	return nil
+}
+
+// RateLimit_Action_RemoteAddressMultiError is an error wrapping multiple
+// validation errors returned by RateLimit_Action_RemoteAddress.ValidateAll()
+// if the designated constraints aren't met.
+type RateLimit_Action_RemoteAddressMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m RateLimit_Action_RemoteAddressMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m RateLimit_Action_RemoteAddressMultiError) AllErrors() []error { return m }
+
+// RateLimit_Action_RemoteAddressValidationError is the validation error
+// returned by RateLimit_Action_RemoteAddress.Validate if the designated
+// constraints aren't met.
+type RateLimit_Action_RemoteAddressValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e RateLimit_Action_RemoteAddressValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e RateLimit_Action_RemoteAddressValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e RateLimit_Action_RemoteAddressValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e RateLimit_Action_RemoteAddressValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e RateLimit_Action_RemoteAddressValidationError) ErrorName() string {
+	return "RateLimit_Action_RemoteAddressValidationError"
+}
+
+// Error satisfies the builtin error interface
+func (e RateLimit_Action_RemoteAddressValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sRateLimit_Action_RemoteAddress.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = RateLimit_Action_RemoteAddressValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = RateLimit_Action_RemoteAddressValidationError{}
+
+// Validate checks the field values on RateLimit_Action_GenericKey with the
+// rules defined in the proto definition for this message. If any rules are
+// violated, the first error encountered is returned, or nil if there are no violations.
+func (m *RateLimit_Action_GenericKey) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on RateLimit_Action_GenericKey with the
+// rules defined in the proto definition for this message. If any rules are
+// violated, the result is a list of violation errors wrapped in
+// RateLimit_Action_GenericKeyMultiError, or nil if none found.
+func (m *RateLimit_Action_GenericKey) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *RateLimit_Action_GenericKey) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	if utf8.RuneCountInString(m.GetDescriptorValue()) < 1 {
+		err := RateLimit_Action_GenericKeyValidationError{
+			field:  "DescriptorValue",
+			reason: "value length must be at least 1 runes",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+	}
+
+	// no validation rules for DescriptorKey
+
+	if len(errors) > 0 {
+		return RateLimit_Action_GenericKeyMultiError(errors)
+	}
+	return nil
+}
+
+// RateLimit_Action_GenericKeyMultiError is an error wrapping multiple
+// validation errors returned by RateLimit_Action_GenericKey.ValidateAll() if
+// the designated constraints aren't met.
+type RateLimit_Action_GenericKeyMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m RateLimit_Action_GenericKeyMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m RateLimit_Action_GenericKeyMultiError) AllErrors() []error { return m }
+
+// RateLimit_Action_GenericKeyValidationError is the validation error returned
+// by RateLimit_Action_GenericKey.Validate if the designated constraints
+// aren't met.
+type RateLimit_Action_GenericKeyValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e RateLimit_Action_GenericKeyValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e RateLimit_Action_GenericKeyValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e RateLimit_Action_GenericKeyValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e RateLimit_Action_GenericKeyValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e RateLimit_Action_GenericKeyValidationError) ErrorName() string {
+	return "RateLimit_Action_GenericKeyValidationError"
+}
+
+// Error satisfies the builtin error interface
+func (e RateLimit_Action_GenericKeyValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sRateLimit_Action_GenericKey.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = RateLimit_Action_GenericKeyValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = RateLimit_Action_GenericKeyValidationError{}
+
+// Validate checks the field values on RateLimit_Action_HeaderValueMatch with
+// the rules defined in the proto definition for this message. If any rules
+// are violated, the first error encountered is returned, or nil if there are
+// no violations.
+func (m *RateLimit_Action_HeaderValueMatch) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on RateLimit_Action_HeaderValueMatch
+// with the rules defined in the proto definition for this message. If any
+// rules are violated, the result is a list of violation errors wrapped in
+// RateLimit_Action_HeaderValueMatchMultiError, or nil if none found.
+func (m *RateLimit_Action_HeaderValueMatch) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *RateLimit_Action_HeaderValueMatch) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	if utf8.RuneCountInString(m.GetDescriptorValue()) < 1 {
+		err := RateLimit_Action_HeaderValueMatchValidationError{
+			field:  "DescriptorValue",
+			reason: "value length must be at least 1 runes",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+	}
+
+	if all {
+		switch v := interface{}(m.GetExpectMatch()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, RateLimit_Action_HeaderValueMatchValidationError{
+					field:  "ExpectMatch",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, RateLimit_Action_HeaderValueMatchValidationError{
+					field:  "ExpectMatch",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetExpectMatch()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return RateLimit_Action_HeaderValueMatchValidationError{
+				field:  "ExpectMatch",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if len(m.GetHeaders()) < 1 {
+		err := RateLimit_Action_HeaderValueMatchValidationError{
+			field:  "Headers",
+			reason: "value must contain at least 1 item(s)",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+	}
+
+	for idx, item := range m.GetHeaders() {
+		_, _ = idx, item
+
+		if all {
+			switch v := interface{}(item).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, RateLimit_Action_HeaderValueMatchValidationError{
+						field:  fmt.Sprintf("Headers[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, RateLimit_Action_HeaderValueMatchValidationError{
+						field:  fmt.Sprintf("Headers[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(item).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return RateLimit_Action_HeaderValueMatchValidationError{
+					field:  fmt.Sprintf("Headers[%v]", idx),
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	}
+
+	if len(errors) > 0 {
+		return RateLimit_Action_HeaderValueMatchMultiError(errors)
+	}
+	return nil
+}
+
+// RateLimit_Action_HeaderValueMatchMultiError is an error wrapping multiple
+// validation errors returned by
+// RateLimit_Action_HeaderValueMatch.ValidateAll() if the designated
+// constraints aren't met.
+type RateLimit_Action_HeaderValueMatchMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m RateLimit_Action_HeaderValueMatchMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m RateLimit_Action_HeaderValueMatchMultiError) AllErrors() []error { return m }
+
+// RateLimit_Action_HeaderValueMatchValidationError is the validation error
+// returned by RateLimit_Action_HeaderValueMatch.Validate if the designated
+// constraints aren't met.
+type RateLimit_Action_HeaderValueMatchValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e RateLimit_Action_HeaderValueMatchValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e RateLimit_Action_HeaderValueMatchValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e RateLimit_Action_HeaderValueMatchValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e RateLimit_Action_HeaderValueMatchValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e RateLimit_Action_HeaderValueMatchValidationError) ErrorName() string {
+	return "RateLimit_Action_HeaderValueMatchValidationError"
+}
+
+// Error satisfies the builtin error interface
+func (e RateLimit_Action_HeaderValueMatchValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sRateLimit_Action_HeaderValueMatch.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = RateLimit_Action_HeaderValueMatchValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = RateLimit_Action_HeaderValueMatchValidationError{}
+
+// Validate checks the field values on RateLimit_Action_DynamicMetaData with
+// the rules defined in the proto definition for this message. If any rules
+// are violated, the first error encountered is returned, or nil if there are
+// no violations.
+func (m *RateLimit_Action_DynamicMetaData) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on RateLimit_Action_DynamicMetaData with
+// the rules defined in the proto definition for this message. If any rules
+// are violated, the result is a list of violation errors wrapped in
+// RateLimit_Action_DynamicMetaDataMultiError, or nil if none found.
+func (m *RateLimit_Action_DynamicMetaData) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *RateLimit_Action_DynamicMetaData) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	if utf8.RuneCountInString(m.GetDescriptorKey()) < 1 {
+		err := RateLimit_Action_DynamicMetaDataValidationError{
+			field:  "DescriptorKey",
+			reason: "value length must be at least 1 runes",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+	}
+
+	if m.GetMetadataKey() == nil {
+		err := RateLimit_Action_DynamicMetaDataValidationError{
+			field:  "MetadataKey",
+			reason: "value is required",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+	}
+
+	if all {
+		switch v := interface{}(m.GetMetadataKey()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, RateLimit_Action_DynamicMetaDataValidationError{
+					field:  "MetadataKey",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, RateLimit_Action_DynamicMetaDataValidationError{
+					field:  "MetadataKey",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetMetadataKey()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return RateLimit_Action_DynamicMetaDataValidationError{
+				field:  "MetadataKey",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	// no validation rules for DefaultValue
+
+	if len(errors) > 0 {
+		return RateLimit_Action_DynamicMetaDataMultiError(errors)
+	}
+	return nil
+}
+
+// RateLimit_Action_DynamicMetaDataMultiError is an error wrapping multiple
+// validation errors returned by
+// RateLimit_Action_DynamicMetaData.ValidateAll() if the designated
+// constraints aren't met.
+type RateLimit_Action_DynamicMetaDataMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m RateLimit_Action_DynamicMetaDataMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m RateLimit_Action_DynamicMetaDataMultiError) AllErrors() []error { return m }
+
+// RateLimit_Action_DynamicMetaDataValidationError is the validation error
+// returned by RateLimit_Action_DynamicMetaData.Validate if the designated
+// constraints aren't met.
+type RateLimit_Action_DynamicMetaDataValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e RateLimit_Action_DynamicMetaDataValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e RateLimit_Action_DynamicMetaDataValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e RateLimit_Action_DynamicMetaDataValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e RateLimit_Action_DynamicMetaDataValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e RateLimit_Action_DynamicMetaDataValidationError) ErrorName() string {
+	return "RateLimit_Action_DynamicMetaDataValidationError"
+}
+
+// Error satisfies the builtin error interface
+func (e RateLimit_Action_DynamicMetaDataValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sRateLimit_Action_DynamicMetaData.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = RateLimit_Action_DynamicMetaDataValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = RateLimit_Action_DynamicMetaDataValidationError{}
+
+// Validate checks the field values on RateLimit_Action_MetaData with the rules
+// defined in the proto definition for this message. If any rules are
+// violated, the first error encountered is returned, or nil if there are no violations.
+func (m *RateLimit_Action_MetaData) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on RateLimit_Action_MetaData with the
+// rules defined in the proto definition for this message. If any rules are
+// violated, the result is a list of violation errors wrapped in
+// RateLimit_Action_MetaDataMultiError, or nil if none found.
+func (m *RateLimit_Action_MetaData) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *RateLimit_Action_MetaData) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	if utf8.RuneCountInString(m.GetDescriptorKey()) < 1 {
+		err := RateLimit_Action_MetaDataValidationError{
+			field:  "DescriptorKey",
+			reason: "value length must be at least 1 runes",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+	}
+
+	if m.GetMetadataKey() == nil {
+		err := RateLimit_Action_MetaDataValidationError{
+			field:  "MetadataKey",
+			reason: "value is required",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+	}
+
+	if all {
+		switch v := interface{}(m.GetMetadataKey()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, RateLimit_Action_MetaDataValidationError{
+					field:  "MetadataKey",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, RateLimit_Action_MetaDataValidationError{
+					field:  "MetadataKey",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetMetadataKey()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return RateLimit_Action_MetaDataValidationError{
+				field:  "MetadataKey",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	// no validation rules for DefaultValue
+
+	if _, ok := RateLimit_Action_MetaData_Source_name[int32(m.GetSource())]; !ok {
+		err := RateLimit_Action_MetaDataValidationError{
+			field:  "Source",
+			reason: "value must be one of the defined enum values",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+	}
+
+	if len(errors) > 0 {
+		return RateLimit_Action_MetaDataMultiError(errors)
+	}
+	return nil
+}
+
+// RateLimit_Action_MetaDataMultiError is an error wrapping multiple validation
+// errors returned by RateLimit_Action_MetaData.ValidateAll() if the
+// designated constraints aren't met.
+type RateLimit_Action_MetaDataMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m RateLimit_Action_MetaDataMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m RateLimit_Action_MetaDataMultiError) AllErrors() []error { return m }
+
+// RateLimit_Action_MetaDataValidationError is the validation error returned by
+// RateLimit_Action_MetaData.Validate if the designated constraints aren't met.
+type RateLimit_Action_MetaDataValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e RateLimit_Action_MetaDataValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e RateLimit_Action_MetaDataValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e RateLimit_Action_MetaDataValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e RateLimit_Action_MetaDataValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e RateLimit_Action_MetaDataValidationError) ErrorName() string {
+	return "RateLimit_Action_MetaDataValidationError"
+}
+
+// Error satisfies the builtin error interface
+func (e RateLimit_Action_MetaDataValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sRateLimit_Action_MetaData.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = RateLimit_Action_MetaDataValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = RateLimit_Action_MetaDataValidationError{}
+
+// Validate checks the field values on RateLimit_Override_DynamicMetadata with
+// the rules defined in the proto definition for this message. If any rules
+// are violated, the first error encountered is returned, or nil if there are
+// no violations.
+func (m *RateLimit_Override_DynamicMetadata) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on RateLimit_Override_DynamicMetadata
+// with the rules defined in the proto definition for this message. If any
+// rules are violated, the result is a list of violation errors wrapped in
+// RateLimit_Override_DynamicMetadataMultiError, or nil if none found.
+func (m *RateLimit_Override_DynamicMetadata) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *RateLimit_Override_DynamicMetadata) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	if m.GetMetadataKey() == nil {
+		err := RateLimit_Override_DynamicMetadataValidationError{
+			field:  "MetadataKey",
+			reason: "value is required",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+	}
+
+	if all {
+		switch v := interface{}(m.GetMetadataKey()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, RateLimit_Override_DynamicMetadataValidationError{
+					field:  "MetadataKey",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, RateLimit_Override_DynamicMetadataValidationError{
+					field:  "MetadataKey",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetMetadataKey()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return RateLimit_Override_DynamicMetadataValidationError{
+				field:  "MetadataKey",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if len(errors) > 0 {
+		return RateLimit_Override_DynamicMetadataMultiError(errors)
+	}
+	return nil
+}
+
+// RateLimit_Override_DynamicMetadataMultiError is an error wrapping multiple
+// validation errors returned by
+// RateLimit_Override_DynamicMetadata.ValidateAll() if the designated
+// constraints aren't met.
+type RateLimit_Override_DynamicMetadataMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m RateLimit_Override_DynamicMetadataMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m RateLimit_Override_DynamicMetadataMultiError) AllErrors() []error { return m }
+
+// RateLimit_Override_DynamicMetadataValidationError is the validation error
+// returned by RateLimit_Override_DynamicMetadata.Validate if the designated
+// constraints aren't met.
+type RateLimit_Override_DynamicMetadataValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e RateLimit_Override_DynamicMetadataValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e RateLimit_Override_DynamicMetadataValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e RateLimit_Override_DynamicMetadataValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e RateLimit_Override_DynamicMetadataValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e RateLimit_Override_DynamicMetadataValidationError) ErrorName() string {
+	return "RateLimit_Override_DynamicMetadataValidationError"
+}
+
+// Error satisfies the builtin error interface
+func (e RateLimit_Override_DynamicMetadataValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sRateLimit_Override_DynamicMetadata.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = RateLimit_Override_DynamicMetadataValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = RateLimit_Override_DynamicMetadataValidationError{}
diff --git a/vendor/github.com/envoyproxy/go-control-plane/envoy/config/route/v3/scoped_route.pb.go b/vendor/github.com/envoyproxy/go-control-plane/envoy/config/route/v3/scoped_route.pb.go
new file mode 100644
index 00000000000..4a665bd94d2
--- /dev/null
+++ b/vendor/github.com/envoyproxy/go-control-plane/envoy/config/route/v3/scoped_route.pb.go
@@ -0,0 +1,464 @@
+// Code generated by protoc-gen-go. DO NOT EDIT.
+// versions:
+// 	protoc-gen-go v1.25.0
+// 	protoc        v3.19.1
+// source: envoy/config/route/v3/scoped_route.proto
+
+package envoy_config_route_v3
+
+import (
+	_ "github.com/cncf/xds/go/udpa/annotations"
+	_ "github.com/envoyproxy/protoc-gen-validate/validate"
+	proto "github.com/golang/protobuf/proto"
+	protoreflect "google.golang.org/protobuf/reflect/protoreflect"
+	protoimpl "google.golang.org/protobuf/runtime/protoimpl"
+	reflect "reflect"
+	sync "sync"
+)
+
+const (
+	// Verify that this generated code is sufficiently up-to-date.
+	_ = protoimpl.EnforceVersion(20 - protoimpl.MinVersion)
+	// Verify that runtime/protoimpl is sufficiently up-to-date.
+	_ = protoimpl.EnforceVersion(protoimpl.MaxVersion - 20)
+)
+
+// This is a compile-time assertion that a sufficiently up-to-date version
+// of the legacy proto package is being used.
+const _ = proto.ProtoPackageIsVersion4
+
+// Specifies a routing scope, which associates a
+// :ref:`Key<envoy_v3_api_msg_config.route.v3.ScopedRouteConfiguration.Key>` to a
+// :ref:`envoy_v3_api_msg_config.route.v3.RouteConfiguration`.
+// The :ref:`envoy_v3_api_msg_config.route.v3.RouteConfiguration` can be obtained dynamically
+// via RDS (:ref:`route_configuration_name<envoy_v3_api_field_config.route.v3.ScopedRouteConfiguration.route_configuration_name>`)
+// or specified inline (:ref:`route_configuration<envoy_v3_api_field_config.route.v3.ScopedRouteConfiguration.route_configuration>`).
+//
+// The HTTP connection manager builds up a table consisting of these Key to
+// RouteConfiguration mappings, and looks up the RouteConfiguration to use per
+// request according to the algorithm specified in the
+// :ref:`scope_key_builder<envoy_v3_api_field_extensions.filters.network.http_connection_manager.v3.ScopedRoutes.scope_key_builder>`
+// assigned to the HttpConnectionManager.
+//
+// For example, with the following configurations (in YAML):
+//
+// HttpConnectionManager config:
+//
+// .. code::
+//
+//   ...
+//   scoped_routes:
+//     name: foo-scoped-routes
+//     scope_key_builder:
+//       fragments:
+//         - header_value_extractor:
+//             name: X-Route-Selector
+//             element_separator: ,
+//             element:
+//               separator: =
+//               key: vip
+//
+// ScopedRouteConfiguration resources (specified statically via
+// :ref:`scoped_route_configurations_list<envoy_v3_api_field_extensions.filters.network.http_connection_manager.v3.ScopedRoutes.scoped_route_configurations_list>`
+// or obtained dynamically via SRDS):
+//
+// .. code::
+//
+//  (1)
+//   name: route-scope1
+//   route_configuration_name: route-config1
+//   key:
+//      fragments:
+//        - string_key: 172.10.10.20
+//
+//  (2)
+//   name: route-scope2
+//   route_configuration_name: route-config2
+//   key:
+//     fragments:
+//       - string_key: 172.20.20.30
+//
+// A request from a client such as:
+//
+// .. code::
+//
+//     GET / HTTP/1.1
+//     Host: foo.com
+//     X-Route-Selector: vip=172.10.10.20
+//
+// would result in the routing table defined by the `route-config1`
+// RouteConfiguration being assigned to the HTTP request/stream.
+//
+// [#next-free-field: 6]
+type ScopedRouteConfiguration struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// Whether the RouteConfiguration should be loaded on demand.
+	OnDemand bool `protobuf:"varint,4,opt,name=on_demand,json=onDemand,proto3" json:"on_demand,omitempty"`
+	// The name assigned to the routing scope.
+	Name string `protobuf:"bytes,1,opt,name=name,proto3" json:"name,omitempty"`
+	// The resource name to use for a :ref:`envoy_v3_api_msg_service.discovery.v3.DiscoveryRequest` to an
+	// RDS server to fetch the :ref:`envoy_v3_api_msg_config.route.v3.RouteConfiguration` associated
+	// with this scope.
+	RouteConfigurationName string `protobuf:"bytes,2,opt,name=route_configuration_name,json=routeConfigurationName,proto3" json:"route_configuration_name,omitempty"`
+	// The :ref:`envoy_v3_api_msg_config.route.v3.RouteConfiguration` associated with the scope.
+	RouteConfiguration *RouteConfiguration `protobuf:"bytes,5,opt,name=route_configuration,json=routeConfiguration,proto3" json:"route_configuration,omitempty"`
+	// The key to match against.
+	Key *ScopedRouteConfiguration_Key `protobuf:"bytes,3,opt,name=key,proto3" json:"key,omitempty"`
+}
+
+func (x *ScopedRouteConfiguration) Reset() {
+	*x = ScopedRouteConfiguration{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_config_route_v3_scoped_route_proto_msgTypes[0]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *ScopedRouteConfiguration) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*ScopedRouteConfiguration) ProtoMessage() {}
+
+func (x *ScopedRouteConfiguration) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_config_route_v3_scoped_route_proto_msgTypes[0]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use ScopedRouteConfiguration.ProtoReflect.Descriptor instead.
+func (*ScopedRouteConfiguration) Descriptor() ([]byte, []int) {
+	return file_envoy_config_route_v3_scoped_route_proto_rawDescGZIP(), []int{0}
+}
+
+func (x *ScopedRouteConfiguration) GetOnDemand() bool {
+	if x != nil {
+		return x.OnDemand
+	}
+	return false
+}
+
+func (x *ScopedRouteConfiguration) GetName() string {
+	if x != nil {
+		return x.Name
+	}
+	return ""
+}
+
+func (x *ScopedRouteConfiguration) GetRouteConfigurationName() string {
+	if x != nil {
+		return x.RouteConfigurationName
+	}
+	return ""
+}
+
+func (x *ScopedRouteConfiguration) GetRouteConfiguration() *RouteConfiguration {
+	if x != nil {
+		return x.RouteConfiguration
+	}
+	return nil
+}
+
+func (x *ScopedRouteConfiguration) GetKey() *ScopedRouteConfiguration_Key {
+	if x != nil {
+		return x.Key
+	}
+	return nil
+}
+
+// Specifies a key which is matched against the output of the
+// :ref:`scope_key_builder<envoy_v3_api_field_extensions.filters.network.http_connection_manager.v3.ScopedRoutes.scope_key_builder>`
+// specified in the HttpConnectionManager. The matching is done per HTTP
+// request and is dependent on the order of the fragments contained in the
+// Key.
+type ScopedRouteConfiguration_Key struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// The ordered set of fragments to match against. The order must match the
+	// fragments in the corresponding
+	// :ref:`scope_key_builder<envoy_v3_api_field_extensions.filters.network.http_connection_manager.v3.ScopedRoutes.scope_key_builder>`.
+	Fragments []*ScopedRouteConfiguration_Key_Fragment `protobuf:"bytes,1,rep,name=fragments,proto3" json:"fragments,omitempty"`
+}
+
+func (x *ScopedRouteConfiguration_Key) Reset() {
+	*x = ScopedRouteConfiguration_Key{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_config_route_v3_scoped_route_proto_msgTypes[1]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *ScopedRouteConfiguration_Key) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*ScopedRouteConfiguration_Key) ProtoMessage() {}
+
+func (x *ScopedRouteConfiguration_Key) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_config_route_v3_scoped_route_proto_msgTypes[1]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use ScopedRouteConfiguration_Key.ProtoReflect.Descriptor instead.
+func (*ScopedRouteConfiguration_Key) Descriptor() ([]byte, []int) {
+	return file_envoy_config_route_v3_scoped_route_proto_rawDescGZIP(), []int{0, 0}
+}
+
+func (x *ScopedRouteConfiguration_Key) GetFragments() []*ScopedRouteConfiguration_Key_Fragment {
+	if x != nil {
+		return x.Fragments
+	}
+	return nil
+}
+
+type ScopedRouteConfiguration_Key_Fragment struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// Types that are assignable to Type:
+	//	*ScopedRouteConfiguration_Key_Fragment_StringKey
+	Type isScopedRouteConfiguration_Key_Fragment_Type `protobuf_oneof:"type"`
+}
+
+func (x *ScopedRouteConfiguration_Key_Fragment) Reset() {
+	*x = ScopedRouteConfiguration_Key_Fragment{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_config_route_v3_scoped_route_proto_msgTypes[2]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *ScopedRouteConfiguration_Key_Fragment) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*ScopedRouteConfiguration_Key_Fragment) ProtoMessage() {}
+
+func (x *ScopedRouteConfiguration_Key_Fragment) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_config_route_v3_scoped_route_proto_msgTypes[2]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use ScopedRouteConfiguration_Key_Fragment.ProtoReflect.Descriptor instead.
+func (*ScopedRouteConfiguration_Key_Fragment) Descriptor() ([]byte, []int) {
+	return file_envoy_config_route_v3_scoped_route_proto_rawDescGZIP(), []int{0, 0, 0}
+}
+
+func (m *ScopedRouteConfiguration_Key_Fragment) GetType() isScopedRouteConfiguration_Key_Fragment_Type {
+	if m != nil {
+		return m.Type
+	}
+	return nil
+}
+
+func (x *ScopedRouteConfiguration_Key_Fragment) GetStringKey() string {
+	if x, ok := x.GetType().(*ScopedRouteConfiguration_Key_Fragment_StringKey); ok {
+		return x.StringKey
+	}
+	return ""
+}
+
+type isScopedRouteConfiguration_Key_Fragment_Type interface {
+	isScopedRouteConfiguration_Key_Fragment_Type()
+}
+
+type ScopedRouteConfiguration_Key_Fragment_StringKey struct {
+	// A string to match against.
+	StringKey string `protobuf:"bytes,1,opt,name=string_key,json=stringKey,proto3,oneof"`
+}
+
+func (*ScopedRouteConfiguration_Key_Fragment_StringKey) isScopedRouteConfiguration_Key_Fragment_Type() {
+}
+
+var File_envoy_config_route_v3_scoped_route_proto protoreflect.FileDescriptor
+
+var file_envoy_config_route_v3_scoped_route_proto_rawDesc = []byte{
+	0x0a, 0x28, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2f, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2f, 0x72,
+	0x6f, 0x75, 0x74, 0x65, 0x2f, 0x76, 0x33, 0x2f, 0x73, 0x63, 0x6f, 0x70, 0x65, 0x64, 0x5f, 0x72,
+	0x6f, 0x75, 0x74, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x12, 0x15, 0x65, 0x6e, 0x76, 0x6f,
+	0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x72, 0x6f, 0x75, 0x74, 0x65, 0x2e, 0x76,
+	0x33, 0x1a, 0x21, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2f, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2f,
+	0x72, 0x6f, 0x75, 0x74, 0x65, 0x2f, 0x76, 0x33, 0x2f, 0x72, 0x6f, 0x75, 0x74, 0x65, 0x2e, 0x70,
+	0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x1e, 0x75, 0x64, 0x70, 0x61, 0x2f, 0x61, 0x6e, 0x6e, 0x6f, 0x74,
+	0x61, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x2f, 0x6d, 0x69, 0x67, 0x72, 0x61, 0x74, 0x65, 0x2e, 0x70,
+	0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x1d, 0x75, 0x64, 0x70, 0x61, 0x2f, 0x61, 0x6e, 0x6e, 0x6f, 0x74,
+	0x61, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x2f, 0x73, 0x74, 0x61, 0x74, 0x75, 0x73, 0x2e, 0x70, 0x72,
+	0x6f, 0x74, 0x6f, 0x1a, 0x21, 0x75, 0x64, 0x70, 0x61, 0x2f, 0x61, 0x6e, 0x6e, 0x6f, 0x74, 0x61,
+	0x74, 0x69, 0x6f, 0x6e, 0x73, 0x2f, 0x76, 0x65, 0x72, 0x73, 0x69, 0x6f, 0x6e, 0x69, 0x6e, 0x67,
+	0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x17, 0x76, 0x61, 0x6c, 0x69, 0x64, 0x61, 0x74, 0x65,
+	0x2f, 0x76, 0x61, 0x6c, 0x69, 0x64, 0x61, 0x74, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x22,
+	0xaa, 0x05, 0x0a, 0x18, 0x53, 0x63, 0x6f, 0x70, 0x65, 0x64, 0x52, 0x6f, 0x75, 0x74, 0x65, 0x43,
+	0x6f, 0x6e, 0x66, 0x69, 0x67, 0x75, 0x72, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x12, 0x1b, 0x0a, 0x09,
+	0x6f, 0x6e, 0x5f, 0x64, 0x65, 0x6d, 0x61, 0x6e, 0x64, 0x18, 0x04, 0x20, 0x01, 0x28, 0x08, 0x52,
+	0x08, 0x6f, 0x6e, 0x44, 0x65, 0x6d, 0x61, 0x6e, 0x64, 0x12, 0x1b, 0x0a, 0x04, 0x6e, 0x61, 0x6d,
+	0x65, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x42, 0x07, 0xfa, 0x42, 0x04, 0x72, 0x02, 0x10, 0x01,
+	0x52, 0x04, 0x6e, 0x61, 0x6d, 0x65, 0x12, 0x4e, 0x0a, 0x18, 0x72, 0x6f, 0x75, 0x74, 0x65, 0x5f,
+	0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x75, 0x72, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x5f, 0x6e, 0x61,
+	0x6d, 0x65, 0x18, 0x02, 0x20, 0x01, 0x28, 0x09, 0x42, 0x14, 0xf2, 0x98, 0xfe, 0x8f, 0x05, 0x0e,
+	0x12, 0x0c, 0x72, 0x6f, 0x75, 0x74, 0x65, 0x5f, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x52, 0x16,
+	0x72, 0x6f, 0x75, 0x74, 0x65, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x75, 0x72, 0x61, 0x74, 0x69,
+	0x6f, 0x6e, 0x4e, 0x61, 0x6d, 0x65, 0x12, 0x70, 0x0a, 0x13, 0x72, 0x6f, 0x75, 0x74, 0x65, 0x5f,
+	0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x75, 0x72, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x18, 0x05, 0x20,
+	0x01, 0x28, 0x0b, 0x32, 0x29, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66,
+	0x69, 0x67, 0x2e, 0x72, 0x6f, 0x75, 0x74, 0x65, 0x2e, 0x76, 0x33, 0x2e, 0x52, 0x6f, 0x75, 0x74,
+	0x65, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x75, 0x72, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x42, 0x14,
+	0xf2, 0x98, 0xfe, 0x8f, 0x05, 0x0e, 0x12, 0x0c, 0x72, 0x6f, 0x75, 0x74, 0x65, 0x5f, 0x63, 0x6f,
+	0x6e, 0x66, 0x69, 0x67, 0x52, 0x12, 0x72, 0x6f, 0x75, 0x74, 0x65, 0x43, 0x6f, 0x6e, 0x66, 0x69,
+	0x67, 0x75, 0x72, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x12, 0x4f, 0x0a, 0x03, 0x6b, 0x65, 0x79, 0x18,
+	0x03, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x33, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f,
+	0x6e, 0x66, 0x69, 0x67, 0x2e, 0x72, 0x6f, 0x75, 0x74, 0x65, 0x2e, 0x76, 0x33, 0x2e, 0x53, 0x63,
+	0x6f, 0x70, 0x65, 0x64, 0x52, 0x6f, 0x75, 0x74, 0x65, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x75,
+	0x72, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x2e, 0x4b, 0x65, 0x79, 0x42, 0x08, 0xfa, 0x42, 0x05, 0x8a,
+	0x01, 0x02, 0x10, 0x01, 0x52, 0x03, 0x6b, 0x65, 0x79, 0x1a, 0x92, 0x02, 0x0a, 0x03, 0x4b, 0x65,
+	0x79, 0x12, 0x64, 0x0a, 0x09, 0x66, 0x72, 0x61, 0x67, 0x6d, 0x65, 0x6e, 0x74, 0x73, 0x18, 0x01,
+	0x20, 0x03, 0x28, 0x0b, 0x32, 0x3c, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e,
+	0x66, 0x69, 0x67, 0x2e, 0x72, 0x6f, 0x75, 0x74, 0x65, 0x2e, 0x76, 0x33, 0x2e, 0x53, 0x63, 0x6f,
+	0x70, 0x65, 0x64, 0x52, 0x6f, 0x75, 0x74, 0x65, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x75, 0x72,
+	0x61, 0x74, 0x69, 0x6f, 0x6e, 0x2e, 0x4b, 0x65, 0x79, 0x2e, 0x46, 0x72, 0x61, 0x67, 0x6d, 0x65,
+	0x6e, 0x74, 0x42, 0x08, 0xfa, 0x42, 0x05, 0x92, 0x01, 0x02, 0x08, 0x01, 0x52, 0x09, 0x66, 0x72,
+	0x61, 0x67, 0x6d, 0x65, 0x6e, 0x74, 0x73, 0x1a, 0x73, 0x0a, 0x08, 0x46, 0x72, 0x61, 0x67, 0x6d,
+	0x65, 0x6e, 0x74, 0x12, 0x1f, 0x0a, 0x0a, 0x73, 0x74, 0x72, 0x69, 0x6e, 0x67, 0x5f, 0x6b, 0x65,
+	0x79, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x48, 0x00, 0x52, 0x09, 0x73, 0x74, 0x72, 0x69, 0x6e,
+	0x67, 0x4b, 0x65, 0x79, 0x3a, 0x39, 0x9a, 0xc5, 0x88, 0x1e, 0x34, 0x0a, 0x32, 0x65, 0x6e, 0x76,
+	0x6f, 0x79, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x76, 0x32, 0x2e, 0x53, 0x63, 0x6f, 0x70, 0x65, 0x64,
+	0x52, 0x6f, 0x75, 0x74, 0x65, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x75, 0x72, 0x61, 0x74, 0x69,
+	0x6f, 0x6e, 0x2e, 0x4b, 0x65, 0x79, 0x2e, 0x46, 0x72, 0x61, 0x67, 0x6d, 0x65, 0x6e, 0x74, 0x42,
+	0x0b, 0x0a, 0x04, 0x74, 0x79, 0x70, 0x65, 0x12, 0x03, 0xf8, 0x42, 0x01, 0x3a, 0x30, 0x9a, 0xc5,
+	0x88, 0x1e, 0x2b, 0x0a, 0x29, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x76,
+	0x32, 0x2e, 0x53, 0x63, 0x6f, 0x70, 0x65, 0x64, 0x52, 0x6f, 0x75, 0x74, 0x65, 0x43, 0x6f, 0x6e,
+	0x66, 0x69, 0x67, 0x75, 0x72, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x2e, 0x4b, 0x65, 0x79, 0x3a, 0x2c,
+	0x9a, 0xc5, 0x88, 0x1e, 0x27, 0x0a, 0x25, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61, 0x70, 0x69,
+	0x2e, 0x76, 0x32, 0x2e, 0x53, 0x63, 0x6f, 0x70, 0x65, 0x64, 0x52, 0x6f, 0x75, 0x74, 0x65, 0x43,
+	0x6f, 0x6e, 0x66, 0x69, 0x67, 0x75, 0x72, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x42, 0x41, 0x0a, 0x23,
+	0x69, 0x6f, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x70, 0x72, 0x6f, 0x78, 0x79, 0x2e, 0x65, 0x6e,
+	0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x72, 0x6f, 0x75, 0x74, 0x65,
+	0x2e, 0x76, 0x33, 0x42, 0x10, 0x53, 0x63, 0x6f, 0x70, 0x65, 0x64, 0x52, 0x6f, 0x75, 0x74, 0x65,
+	0x50, 0x72, 0x6f, 0x74, 0x6f, 0x50, 0x01, 0xba, 0x80, 0xc8, 0xd1, 0x06, 0x02, 0x10, 0x02, 0x62,
+	0x06, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x33,
+}
+
+var (
+	file_envoy_config_route_v3_scoped_route_proto_rawDescOnce sync.Once
+	file_envoy_config_route_v3_scoped_route_proto_rawDescData = file_envoy_config_route_v3_scoped_route_proto_rawDesc
+)
+
+func file_envoy_config_route_v3_scoped_route_proto_rawDescGZIP() []byte {
+	file_envoy_config_route_v3_scoped_route_proto_rawDescOnce.Do(func() {
+		file_envoy_config_route_v3_scoped_route_proto_rawDescData = protoimpl.X.CompressGZIP(file_envoy_config_route_v3_scoped_route_proto_rawDescData)
+	})
+	return file_envoy_config_route_v3_scoped_route_proto_rawDescData
+}
+
+var file_envoy_config_route_v3_scoped_route_proto_msgTypes = make([]protoimpl.MessageInfo, 3)
+var file_envoy_config_route_v3_scoped_route_proto_goTypes = []interface{}{
+	(*ScopedRouteConfiguration)(nil),              // 0: envoy.config.route.v3.ScopedRouteConfiguration
+	(*ScopedRouteConfiguration_Key)(nil),          // 1: envoy.config.route.v3.ScopedRouteConfiguration.Key
+	(*ScopedRouteConfiguration_Key_Fragment)(nil), // 2: envoy.config.route.v3.ScopedRouteConfiguration.Key.Fragment
+	(*RouteConfiguration)(nil),                    // 3: envoy.config.route.v3.RouteConfiguration
+}
+var file_envoy_config_route_v3_scoped_route_proto_depIdxs = []int32{
+	3, // 0: envoy.config.route.v3.ScopedRouteConfiguration.route_configuration:type_name -> envoy.config.route.v3.RouteConfiguration
+	1, // 1: envoy.config.route.v3.ScopedRouteConfiguration.key:type_name -> envoy.config.route.v3.ScopedRouteConfiguration.Key
+	2, // 2: envoy.config.route.v3.ScopedRouteConfiguration.Key.fragments:type_name -> envoy.config.route.v3.ScopedRouteConfiguration.Key.Fragment
+	3, // [3:3] is the sub-list for method output_type
+	3, // [3:3] is the sub-list for method input_type
+	3, // [3:3] is the sub-list for extension type_name
+	3, // [3:3] is the sub-list for extension extendee
+	0, // [0:3] is the sub-list for field type_name
+}
+
+func init() { file_envoy_config_route_v3_scoped_route_proto_init() }
+func file_envoy_config_route_v3_scoped_route_proto_init() {
+	if File_envoy_config_route_v3_scoped_route_proto != nil {
+		return
+	}
+	file_envoy_config_route_v3_route_proto_init()
+	if !protoimpl.UnsafeEnabled {
+		file_envoy_config_route_v3_scoped_route_proto_msgTypes[0].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*ScopedRouteConfiguration); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_config_route_v3_scoped_route_proto_msgTypes[1].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*ScopedRouteConfiguration_Key); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_config_route_v3_scoped_route_proto_msgTypes[2].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*ScopedRouteConfiguration_Key_Fragment); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+	}
+	file_envoy_config_route_v3_scoped_route_proto_msgTypes[2].OneofWrappers = []interface{}{
+		(*ScopedRouteConfiguration_Key_Fragment_StringKey)(nil),
+	}
+	type x struct{}
+	out := protoimpl.TypeBuilder{
+		File: protoimpl.DescBuilder{
+			GoPackagePath: reflect.TypeOf(x{}).PkgPath(),
+			RawDescriptor: file_envoy_config_route_v3_scoped_route_proto_rawDesc,
+			NumEnums:      0,
+			NumMessages:   3,
+			NumExtensions: 0,
+			NumServices:   0,
+		},
+		GoTypes:           file_envoy_config_route_v3_scoped_route_proto_goTypes,
+		DependencyIndexes: file_envoy_config_route_v3_scoped_route_proto_depIdxs,
+		MessageInfos:      file_envoy_config_route_v3_scoped_route_proto_msgTypes,
+	}.Build()
+	File_envoy_config_route_v3_scoped_route_proto = out.File
+	file_envoy_config_route_v3_scoped_route_proto_rawDesc = nil
+	file_envoy_config_route_v3_scoped_route_proto_goTypes = nil
+	file_envoy_config_route_v3_scoped_route_proto_depIdxs = nil
+}
diff --git a/vendor/github.com/envoyproxy/go-control-plane/envoy/config/route/v3/scoped_route.pb.validate.go b/vendor/github.com/envoyproxy/go-control-plane/envoy/config/route/v3/scoped_route.pb.validate.go
new file mode 100644
index 00000000000..d13c310a184
--- /dev/null
+++ b/vendor/github.com/envoyproxy/go-control-plane/envoy/config/route/v3/scoped_route.pb.validate.go
@@ -0,0 +1,489 @@
+// Code generated by protoc-gen-validate. DO NOT EDIT.
+// source: envoy/config/route/v3/scoped_route.proto
+
+package envoy_config_route_v3
+
+import (
+	"bytes"
+	"errors"
+	"fmt"
+	"net"
+	"net/mail"
+	"net/url"
+	"regexp"
+	"sort"
+	"strings"
+	"time"
+	"unicode/utf8"
+
+	"google.golang.org/protobuf/types/known/anypb"
+)
+
+// ensure the imports are used
+var (
+	_ = bytes.MinRead
+	_ = errors.New("")
+	_ = fmt.Print
+	_ = utf8.UTFMax
+	_ = (*regexp.Regexp)(nil)
+	_ = (*strings.Reader)(nil)
+	_ = net.IPv4len
+	_ = time.Duration(0)
+	_ = (*url.URL)(nil)
+	_ = (*mail.Address)(nil)
+	_ = anypb.Any{}
+	_ = sort.Sort
+)
+
+// Validate checks the field values on ScopedRouteConfiguration with the rules
+// defined in the proto definition for this message. If any rules are
+// violated, the first error encountered is returned, or nil if there are no violations.
+func (m *ScopedRouteConfiguration) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on ScopedRouteConfiguration with the
+// rules defined in the proto definition for this message. If any rules are
+// violated, the result is a list of violation errors wrapped in
+// ScopedRouteConfigurationMultiError, or nil if none found.
+func (m *ScopedRouteConfiguration) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *ScopedRouteConfiguration) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	// no validation rules for OnDemand
+
+	if utf8.RuneCountInString(m.GetName()) < 1 {
+		err := ScopedRouteConfigurationValidationError{
+			field:  "Name",
+			reason: "value length must be at least 1 runes",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+	}
+
+	// no validation rules for RouteConfigurationName
+
+	if all {
+		switch v := interface{}(m.GetRouteConfiguration()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, ScopedRouteConfigurationValidationError{
+					field:  "RouteConfiguration",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, ScopedRouteConfigurationValidationError{
+					field:  "RouteConfiguration",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetRouteConfiguration()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return ScopedRouteConfigurationValidationError{
+				field:  "RouteConfiguration",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if m.GetKey() == nil {
+		err := ScopedRouteConfigurationValidationError{
+			field:  "Key",
+			reason: "value is required",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+	}
+
+	if all {
+		switch v := interface{}(m.GetKey()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, ScopedRouteConfigurationValidationError{
+					field:  "Key",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, ScopedRouteConfigurationValidationError{
+					field:  "Key",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetKey()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return ScopedRouteConfigurationValidationError{
+				field:  "Key",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if len(errors) > 0 {
+		return ScopedRouteConfigurationMultiError(errors)
+	}
+	return nil
+}
+
+// ScopedRouteConfigurationMultiError is an error wrapping multiple validation
+// errors returned by ScopedRouteConfiguration.ValidateAll() if the designated
+// constraints aren't met.
+type ScopedRouteConfigurationMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m ScopedRouteConfigurationMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m ScopedRouteConfigurationMultiError) AllErrors() []error { return m }
+
+// ScopedRouteConfigurationValidationError is the validation error returned by
+// ScopedRouteConfiguration.Validate if the designated constraints aren't met.
+type ScopedRouteConfigurationValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e ScopedRouteConfigurationValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e ScopedRouteConfigurationValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e ScopedRouteConfigurationValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e ScopedRouteConfigurationValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e ScopedRouteConfigurationValidationError) ErrorName() string {
+	return "ScopedRouteConfigurationValidationError"
+}
+
+// Error satisfies the builtin error interface
+func (e ScopedRouteConfigurationValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sScopedRouteConfiguration.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = ScopedRouteConfigurationValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = ScopedRouteConfigurationValidationError{}
+
+// Validate checks the field values on ScopedRouteConfiguration_Key with the
+// rules defined in the proto definition for this message. If any rules are
+// violated, the first error encountered is returned, or nil if there are no violations.
+func (m *ScopedRouteConfiguration_Key) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on ScopedRouteConfiguration_Key with the
+// rules defined in the proto definition for this message. If any rules are
+// violated, the result is a list of violation errors wrapped in
+// ScopedRouteConfiguration_KeyMultiError, or nil if none found.
+func (m *ScopedRouteConfiguration_Key) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *ScopedRouteConfiguration_Key) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	if len(m.GetFragments()) < 1 {
+		err := ScopedRouteConfiguration_KeyValidationError{
+			field:  "Fragments",
+			reason: "value must contain at least 1 item(s)",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+	}
+
+	for idx, item := range m.GetFragments() {
+		_, _ = idx, item
+
+		if all {
+			switch v := interface{}(item).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, ScopedRouteConfiguration_KeyValidationError{
+						field:  fmt.Sprintf("Fragments[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, ScopedRouteConfiguration_KeyValidationError{
+						field:  fmt.Sprintf("Fragments[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(item).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return ScopedRouteConfiguration_KeyValidationError{
+					field:  fmt.Sprintf("Fragments[%v]", idx),
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	}
+
+	if len(errors) > 0 {
+		return ScopedRouteConfiguration_KeyMultiError(errors)
+	}
+	return nil
+}
+
+// ScopedRouteConfiguration_KeyMultiError is an error wrapping multiple
+// validation errors returned by ScopedRouteConfiguration_Key.ValidateAll() if
+// the designated constraints aren't met.
+type ScopedRouteConfiguration_KeyMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m ScopedRouteConfiguration_KeyMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m ScopedRouteConfiguration_KeyMultiError) AllErrors() []error { return m }
+
+// ScopedRouteConfiguration_KeyValidationError is the validation error returned
+// by ScopedRouteConfiguration_Key.Validate if the designated constraints
+// aren't met.
+type ScopedRouteConfiguration_KeyValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e ScopedRouteConfiguration_KeyValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e ScopedRouteConfiguration_KeyValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e ScopedRouteConfiguration_KeyValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e ScopedRouteConfiguration_KeyValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e ScopedRouteConfiguration_KeyValidationError) ErrorName() string {
+	return "ScopedRouteConfiguration_KeyValidationError"
+}
+
+// Error satisfies the builtin error interface
+func (e ScopedRouteConfiguration_KeyValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sScopedRouteConfiguration_Key.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = ScopedRouteConfiguration_KeyValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = ScopedRouteConfiguration_KeyValidationError{}
+
+// Validate checks the field values on ScopedRouteConfiguration_Key_Fragment
+// with the rules defined in the proto definition for this message. If any
+// rules are violated, the first error encountered is returned, or nil if
+// there are no violations.
+func (m *ScopedRouteConfiguration_Key_Fragment) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on ScopedRouteConfiguration_Key_Fragment
+// with the rules defined in the proto definition for this message. If any
+// rules are violated, the result is a list of violation errors wrapped in
+// ScopedRouteConfiguration_Key_FragmentMultiError, or nil if none found.
+func (m *ScopedRouteConfiguration_Key_Fragment) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *ScopedRouteConfiguration_Key_Fragment) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	switch m.Type.(type) {
+
+	case *ScopedRouteConfiguration_Key_Fragment_StringKey:
+		// no validation rules for StringKey
+
+	default:
+		err := ScopedRouteConfiguration_Key_FragmentValidationError{
+			field:  "Type",
+			reason: "value is required",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+
+	}
+
+	if len(errors) > 0 {
+		return ScopedRouteConfiguration_Key_FragmentMultiError(errors)
+	}
+	return nil
+}
+
+// ScopedRouteConfiguration_Key_FragmentMultiError is an error wrapping
+// multiple validation errors returned by
+// ScopedRouteConfiguration_Key_Fragment.ValidateAll() if the designated
+// constraints aren't met.
+type ScopedRouteConfiguration_Key_FragmentMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m ScopedRouteConfiguration_Key_FragmentMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m ScopedRouteConfiguration_Key_FragmentMultiError) AllErrors() []error { return m }
+
+// ScopedRouteConfiguration_Key_FragmentValidationError is the validation error
+// returned by ScopedRouteConfiguration_Key_Fragment.Validate if the
+// designated constraints aren't met.
+type ScopedRouteConfiguration_Key_FragmentValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e ScopedRouteConfiguration_Key_FragmentValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e ScopedRouteConfiguration_Key_FragmentValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e ScopedRouteConfiguration_Key_FragmentValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e ScopedRouteConfiguration_Key_FragmentValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e ScopedRouteConfiguration_Key_FragmentValidationError) ErrorName() string {
+	return "ScopedRouteConfiguration_Key_FragmentValidationError"
+}
+
+// Error satisfies the builtin error interface
+func (e ScopedRouteConfiguration_Key_FragmentValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sScopedRouteConfiguration_Key_Fragment.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = ScopedRouteConfiguration_Key_FragmentValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = ScopedRouteConfiguration_Key_FragmentValidationError{}
diff --git a/vendor/github.com/envoyproxy/go-control-plane/envoy/config/tap/v3/common.pb.go b/vendor/github.com/envoyproxy/go-control-plane/envoy/config/tap/v3/common.pb.go
new file mode 100644
index 00000000000..6270a113ccd
--- /dev/null
+++ b/vendor/github.com/envoyproxy/go-control-plane/envoy/config/tap/v3/common.pb.go
@@ -0,0 +1,1493 @@
+// Code generated by protoc-gen-go. DO NOT EDIT.
+// versions:
+// 	protoc-gen-go v1.25.0
+// 	protoc        v3.19.1
+// source: envoy/config/tap/v3/common.proto
+
+package envoy_config_tap_v3
+
+import (
+	_ "github.com/cncf/xds/go/udpa/annotations"
+	_ "github.com/envoyproxy/go-control-plane/envoy/annotations"
+	v3 "github.com/envoyproxy/go-control-plane/envoy/config/common/matcher/v3"
+	v31 "github.com/envoyproxy/go-control-plane/envoy/config/core/v3"
+	v32 "github.com/envoyproxy/go-control-plane/envoy/config/route/v3"
+	_ "github.com/envoyproxy/protoc-gen-validate/validate"
+	proto "github.com/golang/protobuf/proto"
+	wrappers "github.com/golang/protobuf/ptypes/wrappers"
+	protoreflect "google.golang.org/protobuf/reflect/protoreflect"
+	protoimpl "google.golang.org/protobuf/runtime/protoimpl"
+	reflect "reflect"
+	sync "sync"
+)
+
+const (
+	// Verify that this generated code is sufficiently up-to-date.
+	_ = protoimpl.EnforceVersion(20 - protoimpl.MinVersion)
+	// Verify that runtime/protoimpl is sufficiently up-to-date.
+	_ = protoimpl.EnforceVersion(protoimpl.MaxVersion - 20)
+)
+
+// This is a compile-time assertion that a sufficiently up-to-date version
+// of the legacy proto package is being used.
+const _ = proto.ProtoPackageIsVersion4
+
+// Output format. All output is in the form of one or more :ref:`TraceWrapper
+// <envoy_v3_api_msg_data.tap.v3.TraceWrapper>` messages. This enumeration indicates
+// how those messages are written. Note that not all sinks support all output formats. See
+// individual sink documentation for more information.
+type OutputSink_Format int32
+
+const (
+	// Each message will be written as JSON. Any :ref:`body <envoy_v3_api_msg_data.tap.v3.Body>`
+	// data will be present in the :ref:`as_bytes
+	// <envoy_v3_api_field_data.tap.v3.Body.as_bytes>` field. This means that body data will be
+	// base64 encoded as per the `proto3 JSON mappings
+	// <https://developers.google.com/protocol-buffers/docs/proto3#json>`_.
+	OutputSink_JSON_BODY_AS_BYTES OutputSink_Format = 0
+	// Each message will be written as JSON. Any :ref:`body <envoy_v3_api_msg_data.tap.v3.Body>`
+	// data will be present in the :ref:`as_string
+	// <envoy_v3_api_field_data.tap.v3.Body.as_string>` field. This means that body data will be
+	// string encoded as per the `proto3 JSON mappings
+	// <https://developers.google.com/protocol-buffers/docs/proto3#json>`_. This format type is
+	// useful when it is known that that body is human readable (e.g., JSON over HTTP) and the
+	// user wishes to view it directly without being forced to base64 decode the body.
+	OutputSink_JSON_BODY_AS_STRING OutputSink_Format = 1
+	// Binary proto format. Note that binary proto is not self-delimiting. If a sink writes
+	// multiple binary messages without any length information the data stream will not be
+	// useful. However, for certain sinks that are self-delimiting (e.g., one message per file)
+	// this output format makes consumption simpler.
+	OutputSink_PROTO_BINARY OutputSink_Format = 2
+	// Messages are written as a sequence tuples, where each tuple is the message length encoded
+	// as a `protobuf 32-bit varint
+	// <https://developers.google.com/protocol-buffers/docs/reference/cpp/google.protobuf.io.coded_stream>`_
+	// followed by the binary message. The messages can be read back using the language specific
+	// protobuf coded stream implementation to obtain the message length and the message.
+	OutputSink_PROTO_BINARY_LENGTH_DELIMITED OutputSink_Format = 3
+	// Text proto format.
+	OutputSink_PROTO_TEXT OutputSink_Format = 4
+)
+
+// Enum value maps for OutputSink_Format.
+var (
+	OutputSink_Format_name = map[int32]string{
+		0: "JSON_BODY_AS_BYTES",
+		1: "JSON_BODY_AS_STRING",
+		2: "PROTO_BINARY",
+		3: "PROTO_BINARY_LENGTH_DELIMITED",
+		4: "PROTO_TEXT",
+	}
+	OutputSink_Format_value = map[string]int32{
+		"JSON_BODY_AS_BYTES":            0,
+		"JSON_BODY_AS_STRING":           1,
+		"PROTO_BINARY":                  2,
+		"PROTO_BINARY_LENGTH_DELIMITED": 3,
+		"PROTO_TEXT":                    4,
+	}
+)
+
+func (x OutputSink_Format) Enum() *OutputSink_Format {
+	p := new(OutputSink_Format)
+	*p = x
+	return p
+}
+
+func (x OutputSink_Format) String() string {
+	return protoimpl.X.EnumStringOf(x.Descriptor(), protoreflect.EnumNumber(x))
+}
+
+func (OutputSink_Format) Descriptor() protoreflect.EnumDescriptor {
+	return file_envoy_config_tap_v3_common_proto_enumTypes[0].Descriptor()
+}
+
+func (OutputSink_Format) Type() protoreflect.EnumType {
+	return &file_envoy_config_tap_v3_common_proto_enumTypes[0]
+}
+
+func (x OutputSink_Format) Number() protoreflect.EnumNumber {
+	return protoreflect.EnumNumber(x)
+}
+
+// Deprecated: Use OutputSink_Format.Descriptor instead.
+func (OutputSink_Format) EnumDescriptor() ([]byte, []int) {
+	return file_envoy_config_tap_v3_common_proto_rawDescGZIP(), []int{5, 0}
+}
+
+// Tap configuration.
+type TapConfig struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// The match configuration. If the configuration matches the data source being tapped, a tap will
+	// occur, with the result written to the configured output.
+	// Exactly one of :ref:`match <envoy_v3_api_field_config.tap.v3.TapConfig.match>` and
+	// :ref:`match_config <envoy_v3_api_field_config.tap.v3.TapConfig.match_config>` must be set. If both
+	// are set, the :ref:`match <envoy_v3_api_field_config.tap.v3.TapConfig.match>` will be used.
+	//
+	// Deprecated: Do not use.
+	MatchConfig *MatchPredicate `protobuf:"bytes,1,opt,name=match_config,json=matchConfig,proto3" json:"match_config,omitempty"`
+	// The match configuration. If the configuration matches the data source being tapped, a tap will
+	// occur, with the result written to the configured output.
+	// Exactly one of :ref:`match <envoy_v3_api_field_config.tap.v3.TapConfig.match>` and
+	// :ref:`match_config <envoy_v3_api_field_config.tap.v3.TapConfig.match_config>` must be set. If both
+	// are set, the :ref:`match <envoy_v3_api_field_config.tap.v3.TapConfig.match>` will be used.
+	Match *v3.MatchPredicate `protobuf:"bytes,4,opt,name=match,proto3" json:"match,omitempty"`
+	// The tap output configuration. If a match configuration matches a data source being tapped,
+	// a tap will occur and the data will be written to the configured output.
+	OutputConfig *OutputConfig `protobuf:"bytes,2,opt,name=output_config,json=outputConfig,proto3" json:"output_config,omitempty"`
+	// [#not-implemented-hide:] Specify if Tap matching is enabled. The % of requests\connections for
+	// which the tap matching is enabled. When not enabled, the request\connection will not be
+	// recorded.
+	//
+	// .. note::
+	//
+	//   This field defaults to 100/:ref:`HUNDRED
+	//   <envoy_v3_api_enum_type.v3.FractionalPercent.DenominatorType>`.
+	TapEnabled *v31.RuntimeFractionalPercent `protobuf:"bytes,3,opt,name=tap_enabled,json=tapEnabled,proto3" json:"tap_enabled,omitempty"`
+}
+
+func (x *TapConfig) Reset() {
+	*x = TapConfig{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_config_tap_v3_common_proto_msgTypes[0]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *TapConfig) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*TapConfig) ProtoMessage() {}
+
+func (x *TapConfig) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_config_tap_v3_common_proto_msgTypes[0]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use TapConfig.ProtoReflect.Descriptor instead.
+func (*TapConfig) Descriptor() ([]byte, []int) {
+	return file_envoy_config_tap_v3_common_proto_rawDescGZIP(), []int{0}
+}
+
+// Deprecated: Do not use.
+func (x *TapConfig) GetMatchConfig() *MatchPredicate {
+	if x != nil {
+		return x.MatchConfig
+	}
+	return nil
+}
+
+func (x *TapConfig) GetMatch() *v3.MatchPredicate {
+	if x != nil {
+		return x.Match
+	}
+	return nil
+}
+
+func (x *TapConfig) GetOutputConfig() *OutputConfig {
+	if x != nil {
+		return x.OutputConfig
+	}
+	return nil
+}
+
+func (x *TapConfig) GetTapEnabled() *v31.RuntimeFractionalPercent {
+	if x != nil {
+		return x.TapEnabled
+	}
+	return nil
+}
+
+// Tap match configuration. This is a recursive structure which allows complex nested match
+// configurations to be built using various logical operators.
+// [#next-free-field: 11]
+type MatchPredicate struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// Types that are assignable to Rule:
+	//	*MatchPredicate_OrMatch
+	//	*MatchPredicate_AndMatch
+	//	*MatchPredicate_NotMatch
+	//	*MatchPredicate_AnyMatch
+	//	*MatchPredicate_HttpRequestHeadersMatch
+	//	*MatchPredicate_HttpRequestTrailersMatch
+	//	*MatchPredicate_HttpResponseHeadersMatch
+	//	*MatchPredicate_HttpResponseTrailersMatch
+	//	*MatchPredicate_HttpRequestGenericBodyMatch
+	//	*MatchPredicate_HttpResponseGenericBodyMatch
+	Rule isMatchPredicate_Rule `protobuf_oneof:"rule"`
+}
+
+func (x *MatchPredicate) Reset() {
+	*x = MatchPredicate{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_config_tap_v3_common_proto_msgTypes[1]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *MatchPredicate) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*MatchPredicate) ProtoMessage() {}
+
+func (x *MatchPredicate) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_config_tap_v3_common_proto_msgTypes[1]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use MatchPredicate.ProtoReflect.Descriptor instead.
+func (*MatchPredicate) Descriptor() ([]byte, []int) {
+	return file_envoy_config_tap_v3_common_proto_rawDescGZIP(), []int{1}
+}
+
+func (m *MatchPredicate) GetRule() isMatchPredicate_Rule {
+	if m != nil {
+		return m.Rule
+	}
+	return nil
+}
+
+func (x *MatchPredicate) GetOrMatch() *MatchPredicate_MatchSet {
+	if x, ok := x.GetRule().(*MatchPredicate_OrMatch); ok {
+		return x.OrMatch
+	}
+	return nil
+}
+
+func (x *MatchPredicate) GetAndMatch() *MatchPredicate_MatchSet {
+	if x, ok := x.GetRule().(*MatchPredicate_AndMatch); ok {
+		return x.AndMatch
+	}
+	return nil
+}
+
+func (x *MatchPredicate) GetNotMatch() *MatchPredicate {
+	if x, ok := x.GetRule().(*MatchPredicate_NotMatch); ok {
+		return x.NotMatch
+	}
+	return nil
+}
+
+func (x *MatchPredicate) GetAnyMatch() bool {
+	if x, ok := x.GetRule().(*MatchPredicate_AnyMatch); ok {
+		return x.AnyMatch
+	}
+	return false
+}
+
+func (x *MatchPredicate) GetHttpRequestHeadersMatch() *HttpHeadersMatch {
+	if x, ok := x.GetRule().(*MatchPredicate_HttpRequestHeadersMatch); ok {
+		return x.HttpRequestHeadersMatch
+	}
+	return nil
+}
+
+func (x *MatchPredicate) GetHttpRequestTrailersMatch() *HttpHeadersMatch {
+	if x, ok := x.GetRule().(*MatchPredicate_HttpRequestTrailersMatch); ok {
+		return x.HttpRequestTrailersMatch
+	}
+	return nil
+}
+
+func (x *MatchPredicate) GetHttpResponseHeadersMatch() *HttpHeadersMatch {
+	if x, ok := x.GetRule().(*MatchPredicate_HttpResponseHeadersMatch); ok {
+		return x.HttpResponseHeadersMatch
+	}
+	return nil
+}
+
+func (x *MatchPredicate) GetHttpResponseTrailersMatch() *HttpHeadersMatch {
+	if x, ok := x.GetRule().(*MatchPredicate_HttpResponseTrailersMatch); ok {
+		return x.HttpResponseTrailersMatch
+	}
+	return nil
+}
+
+func (x *MatchPredicate) GetHttpRequestGenericBodyMatch() *HttpGenericBodyMatch {
+	if x, ok := x.GetRule().(*MatchPredicate_HttpRequestGenericBodyMatch); ok {
+		return x.HttpRequestGenericBodyMatch
+	}
+	return nil
+}
+
+func (x *MatchPredicate) GetHttpResponseGenericBodyMatch() *HttpGenericBodyMatch {
+	if x, ok := x.GetRule().(*MatchPredicate_HttpResponseGenericBodyMatch); ok {
+		return x.HttpResponseGenericBodyMatch
+	}
+	return nil
+}
+
+type isMatchPredicate_Rule interface {
+	isMatchPredicate_Rule()
+}
+
+type MatchPredicate_OrMatch struct {
+	// A set that describes a logical OR. If any member of the set matches, the match configuration
+	// matches.
+	OrMatch *MatchPredicate_MatchSet `protobuf:"bytes,1,opt,name=or_match,json=orMatch,proto3,oneof"`
+}
+
+type MatchPredicate_AndMatch struct {
+	// A set that describes a logical AND. If all members of the set match, the match configuration
+	// matches.
+	AndMatch *MatchPredicate_MatchSet `protobuf:"bytes,2,opt,name=and_match,json=andMatch,proto3,oneof"`
+}
+
+type MatchPredicate_NotMatch struct {
+	// A negation match. The match configuration will match if the negated match condition matches.
+	NotMatch *MatchPredicate `protobuf:"bytes,3,opt,name=not_match,json=notMatch,proto3,oneof"`
+}
+
+type MatchPredicate_AnyMatch struct {
+	// The match configuration will always match.
+	AnyMatch bool `protobuf:"varint,4,opt,name=any_match,json=anyMatch,proto3,oneof"`
+}
+
+type MatchPredicate_HttpRequestHeadersMatch struct {
+	// HTTP request headers match configuration.
+	HttpRequestHeadersMatch *HttpHeadersMatch `protobuf:"bytes,5,opt,name=http_request_headers_match,json=httpRequestHeadersMatch,proto3,oneof"`
+}
+
+type MatchPredicate_HttpRequestTrailersMatch struct {
+	// HTTP request trailers match configuration.
+	HttpRequestTrailersMatch *HttpHeadersMatch `protobuf:"bytes,6,opt,name=http_request_trailers_match,json=httpRequestTrailersMatch,proto3,oneof"`
+}
+
+type MatchPredicate_HttpResponseHeadersMatch struct {
+	// HTTP response headers match configuration.
+	HttpResponseHeadersMatch *HttpHeadersMatch `protobuf:"bytes,7,opt,name=http_response_headers_match,json=httpResponseHeadersMatch,proto3,oneof"`
+}
+
+type MatchPredicate_HttpResponseTrailersMatch struct {
+	// HTTP response trailers match configuration.
+	HttpResponseTrailersMatch *HttpHeadersMatch `protobuf:"bytes,8,opt,name=http_response_trailers_match,json=httpResponseTrailersMatch,proto3,oneof"`
+}
+
+type MatchPredicate_HttpRequestGenericBodyMatch struct {
+	// HTTP request generic body match configuration.
+	HttpRequestGenericBodyMatch *HttpGenericBodyMatch `protobuf:"bytes,9,opt,name=http_request_generic_body_match,json=httpRequestGenericBodyMatch,proto3,oneof"`
+}
+
+type MatchPredicate_HttpResponseGenericBodyMatch struct {
+	// HTTP response generic body match configuration.
+	HttpResponseGenericBodyMatch *HttpGenericBodyMatch `protobuf:"bytes,10,opt,name=http_response_generic_body_match,json=httpResponseGenericBodyMatch,proto3,oneof"`
+}
+
+func (*MatchPredicate_OrMatch) isMatchPredicate_Rule() {}
+
+func (*MatchPredicate_AndMatch) isMatchPredicate_Rule() {}
+
+func (*MatchPredicate_NotMatch) isMatchPredicate_Rule() {}
+
+func (*MatchPredicate_AnyMatch) isMatchPredicate_Rule() {}
+
+func (*MatchPredicate_HttpRequestHeadersMatch) isMatchPredicate_Rule() {}
+
+func (*MatchPredicate_HttpRequestTrailersMatch) isMatchPredicate_Rule() {}
+
+func (*MatchPredicate_HttpResponseHeadersMatch) isMatchPredicate_Rule() {}
+
+func (*MatchPredicate_HttpResponseTrailersMatch) isMatchPredicate_Rule() {}
+
+func (*MatchPredicate_HttpRequestGenericBodyMatch) isMatchPredicate_Rule() {}
+
+func (*MatchPredicate_HttpResponseGenericBodyMatch) isMatchPredicate_Rule() {}
+
+// HTTP headers match configuration.
+type HttpHeadersMatch struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// HTTP headers to match.
+	Headers []*v32.HeaderMatcher `protobuf:"bytes,1,rep,name=headers,proto3" json:"headers,omitempty"`
+}
+
+func (x *HttpHeadersMatch) Reset() {
+	*x = HttpHeadersMatch{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_config_tap_v3_common_proto_msgTypes[2]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *HttpHeadersMatch) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*HttpHeadersMatch) ProtoMessage() {}
+
+func (x *HttpHeadersMatch) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_config_tap_v3_common_proto_msgTypes[2]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use HttpHeadersMatch.ProtoReflect.Descriptor instead.
+func (*HttpHeadersMatch) Descriptor() ([]byte, []int) {
+	return file_envoy_config_tap_v3_common_proto_rawDescGZIP(), []int{2}
+}
+
+func (x *HttpHeadersMatch) GetHeaders() []*v32.HeaderMatcher {
+	if x != nil {
+		return x.Headers
+	}
+	return nil
+}
+
+// HTTP generic body match configuration.
+// List of text strings and hex strings to be located in HTTP body.
+// All specified strings must be found in the HTTP body for positive match.
+// The search may be limited to specified number of bytes from the body start.
+//
+// .. attention::
+//
+//   Searching for patterns in HTTP body is potentially cpu intensive. For each specified pattern, http body is scanned byte by byte to find a match.
+//   If multiple patterns are specified, the process is repeated for each pattern. If location of a pattern is known, ``bytes_limit`` should be specified
+//   to scan only part of the http body.
+type HttpGenericBodyMatch struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// Limits search to specified number of bytes - default zero (no limit - match entire captured buffer).
+	BytesLimit uint32 `protobuf:"varint,1,opt,name=bytes_limit,json=bytesLimit,proto3" json:"bytes_limit,omitempty"`
+	// List of patterns to match.
+	Patterns []*HttpGenericBodyMatch_GenericTextMatch `protobuf:"bytes,2,rep,name=patterns,proto3" json:"patterns,omitempty"`
+}
+
+func (x *HttpGenericBodyMatch) Reset() {
+	*x = HttpGenericBodyMatch{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_config_tap_v3_common_proto_msgTypes[3]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *HttpGenericBodyMatch) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*HttpGenericBodyMatch) ProtoMessage() {}
+
+func (x *HttpGenericBodyMatch) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_config_tap_v3_common_proto_msgTypes[3]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use HttpGenericBodyMatch.ProtoReflect.Descriptor instead.
+func (*HttpGenericBodyMatch) Descriptor() ([]byte, []int) {
+	return file_envoy_config_tap_v3_common_proto_rawDescGZIP(), []int{3}
+}
+
+func (x *HttpGenericBodyMatch) GetBytesLimit() uint32 {
+	if x != nil {
+		return x.BytesLimit
+	}
+	return 0
+}
+
+func (x *HttpGenericBodyMatch) GetPatterns() []*HttpGenericBodyMatch_GenericTextMatch {
+	if x != nil {
+		return x.Patterns
+	}
+	return nil
+}
+
+// Tap output configuration.
+type OutputConfig struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// Output sinks for tap data. Currently a single sink is allowed in the list. Once multiple
+	// sink types are supported this constraint will be relaxed.
+	Sinks []*OutputSink `protobuf:"bytes,1,rep,name=sinks,proto3" json:"sinks,omitempty"`
+	// For buffered tapping, the maximum amount of received body that will be buffered prior to
+	// truncation. If truncation occurs, the :ref:`truncated
+	// <envoy_v3_api_field_data.tap.v3.Body.truncated>` field will be set. If not specified, the
+	// default is 1KiB.
+	MaxBufferedRxBytes *wrappers.UInt32Value `protobuf:"bytes,2,opt,name=max_buffered_rx_bytes,json=maxBufferedRxBytes,proto3" json:"max_buffered_rx_bytes,omitempty"`
+	// For buffered tapping, the maximum amount of transmitted body that will be buffered prior to
+	// truncation. If truncation occurs, the :ref:`truncated
+	// <envoy_v3_api_field_data.tap.v3.Body.truncated>` field will be set. If not specified, the
+	// default is 1KiB.
+	MaxBufferedTxBytes *wrappers.UInt32Value `protobuf:"bytes,3,opt,name=max_buffered_tx_bytes,json=maxBufferedTxBytes,proto3" json:"max_buffered_tx_bytes,omitempty"`
+	// Indicates whether taps produce a single buffered message per tap, or multiple streamed
+	// messages per tap in the emitted :ref:`TraceWrapper
+	// <envoy_v3_api_msg_data.tap.v3.TraceWrapper>` messages. Note that streamed tapping does not
+	// mean that no buffering takes place. Buffering may be required if data is processed before a
+	// match can be determined. See the HTTP tap filter :ref:`streaming
+	// <config_http_filters_tap_streaming>` documentation for more information.
+	Streaming bool `protobuf:"varint,4,opt,name=streaming,proto3" json:"streaming,omitempty"`
+}
+
+func (x *OutputConfig) Reset() {
+	*x = OutputConfig{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_config_tap_v3_common_proto_msgTypes[4]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *OutputConfig) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*OutputConfig) ProtoMessage() {}
+
+func (x *OutputConfig) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_config_tap_v3_common_proto_msgTypes[4]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use OutputConfig.ProtoReflect.Descriptor instead.
+func (*OutputConfig) Descriptor() ([]byte, []int) {
+	return file_envoy_config_tap_v3_common_proto_rawDescGZIP(), []int{4}
+}
+
+func (x *OutputConfig) GetSinks() []*OutputSink {
+	if x != nil {
+		return x.Sinks
+	}
+	return nil
+}
+
+func (x *OutputConfig) GetMaxBufferedRxBytes() *wrappers.UInt32Value {
+	if x != nil {
+		return x.MaxBufferedRxBytes
+	}
+	return nil
+}
+
+func (x *OutputConfig) GetMaxBufferedTxBytes() *wrappers.UInt32Value {
+	if x != nil {
+		return x.MaxBufferedTxBytes
+	}
+	return nil
+}
+
+func (x *OutputConfig) GetStreaming() bool {
+	if x != nil {
+		return x.Streaming
+	}
+	return false
+}
+
+// Tap output sink configuration.
+type OutputSink struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// Sink output format.
+	Format OutputSink_Format `protobuf:"varint,1,opt,name=format,proto3,enum=envoy.config.tap.v3.OutputSink_Format" json:"format,omitempty"`
+	// Types that are assignable to OutputSinkType:
+	//	*OutputSink_StreamingAdmin
+	//	*OutputSink_FilePerTap
+	//	*OutputSink_StreamingGrpc
+	OutputSinkType isOutputSink_OutputSinkType `protobuf_oneof:"output_sink_type"`
+}
+
+func (x *OutputSink) Reset() {
+	*x = OutputSink{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_config_tap_v3_common_proto_msgTypes[5]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *OutputSink) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*OutputSink) ProtoMessage() {}
+
+func (x *OutputSink) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_config_tap_v3_common_proto_msgTypes[5]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use OutputSink.ProtoReflect.Descriptor instead.
+func (*OutputSink) Descriptor() ([]byte, []int) {
+	return file_envoy_config_tap_v3_common_proto_rawDescGZIP(), []int{5}
+}
+
+func (x *OutputSink) GetFormat() OutputSink_Format {
+	if x != nil {
+		return x.Format
+	}
+	return OutputSink_JSON_BODY_AS_BYTES
+}
+
+func (m *OutputSink) GetOutputSinkType() isOutputSink_OutputSinkType {
+	if m != nil {
+		return m.OutputSinkType
+	}
+	return nil
+}
+
+func (x *OutputSink) GetStreamingAdmin() *StreamingAdminSink {
+	if x, ok := x.GetOutputSinkType().(*OutputSink_StreamingAdmin); ok {
+		return x.StreamingAdmin
+	}
+	return nil
+}
+
+func (x *OutputSink) GetFilePerTap() *FilePerTapSink {
+	if x, ok := x.GetOutputSinkType().(*OutputSink_FilePerTap); ok {
+		return x.FilePerTap
+	}
+	return nil
+}
+
+func (x *OutputSink) GetStreamingGrpc() *StreamingGrpcSink {
+	if x, ok := x.GetOutputSinkType().(*OutputSink_StreamingGrpc); ok {
+		return x.StreamingGrpc
+	}
+	return nil
+}
+
+type isOutputSink_OutputSinkType interface {
+	isOutputSink_OutputSinkType()
+}
+
+type OutputSink_StreamingAdmin struct {
+	// Tap output will be streamed out the :http:post:`/tap` admin endpoint.
+	//
+	// .. attention::
+	//
+	//   It is only allowed to specify the streaming admin output sink if the tap is being
+	//   configured from the :http:post:`/tap` admin endpoint. Thus, if an extension has
+	//   been configured to receive tap configuration from some other source (e.g., static
+	//   file, XDS, etc.) configuring the streaming admin output type will fail.
+	StreamingAdmin *StreamingAdminSink `protobuf:"bytes,2,opt,name=streaming_admin,json=streamingAdmin,proto3,oneof"`
+}
+
+type OutputSink_FilePerTap struct {
+	// Tap output will be written to a file per tap sink.
+	FilePerTap *FilePerTapSink `protobuf:"bytes,3,opt,name=file_per_tap,json=filePerTap,proto3,oneof"`
+}
+
+type OutputSink_StreamingGrpc struct {
+	// [#not-implemented-hide:]
+	// GrpcService to stream data to. The format argument must be PROTO_BINARY.
+	// [#comment: TODO(samflattery): remove cleanup in uber_per_filter.cc once implemented]
+	StreamingGrpc *StreamingGrpcSink `protobuf:"bytes,4,opt,name=streaming_grpc,json=streamingGrpc,proto3,oneof"`
+}
+
+func (*OutputSink_StreamingAdmin) isOutputSink_OutputSinkType() {}
+
+func (*OutputSink_FilePerTap) isOutputSink_OutputSinkType() {}
+
+func (*OutputSink_StreamingGrpc) isOutputSink_OutputSinkType() {}
+
+// Streaming admin sink configuration.
+type StreamingAdminSink struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+}
+
+func (x *StreamingAdminSink) Reset() {
+	*x = StreamingAdminSink{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_config_tap_v3_common_proto_msgTypes[6]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *StreamingAdminSink) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*StreamingAdminSink) ProtoMessage() {}
+
+func (x *StreamingAdminSink) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_config_tap_v3_common_proto_msgTypes[6]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use StreamingAdminSink.ProtoReflect.Descriptor instead.
+func (*StreamingAdminSink) Descriptor() ([]byte, []int) {
+	return file_envoy_config_tap_v3_common_proto_rawDescGZIP(), []int{6}
+}
+
+// The file per tap sink outputs a discrete file for every tapped stream.
+type FilePerTapSink struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// Path prefix. The output file will be of the form <path_prefix>_<id>.pb, where <id> is an
+	// identifier distinguishing the recorded trace for stream instances (the Envoy
+	// connection ID, HTTP stream ID, etc.).
+	PathPrefix string `protobuf:"bytes,1,opt,name=path_prefix,json=pathPrefix,proto3" json:"path_prefix,omitempty"`
+}
+
+func (x *FilePerTapSink) Reset() {
+	*x = FilePerTapSink{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_config_tap_v3_common_proto_msgTypes[7]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *FilePerTapSink) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*FilePerTapSink) ProtoMessage() {}
+
+func (x *FilePerTapSink) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_config_tap_v3_common_proto_msgTypes[7]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use FilePerTapSink.ProtoReflect.Descriptor instead.
+func (*FilePerTapSink) Descriptor() ([]byte, []int) {
+	return file_envoy_config_tap_v3_common_proto_rawDescGZIP(), []int{7}
+}
+
+func (x *FilePerTapSink) GetPathPrefix() string {
+	if x != nil {
+		return x.PathPrefix
+	}
+	return ""
+}
+
+// [#not-implemented-hide:] Streaming gRPC sink configuration sends the taps to an external gRPC
+// server.
+type StreamingGrpcSink struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// Opaque identifier, that will be sent back to the streaming grpc server.
+	TapId string `protobuf:"bytes,1,opt,name=tap_id,json=tapId,proto3" json:"tap_id,omitempty"`
+	// The gRPC server that hosts the Tap Sink Service.
+	GrpcService *v31.GrpcService `protobuf:"bytes,2,opt,name=grpc_service,json=grpcService,proto3" json:"grpc_service,omitempty"`
+}
+
+func (x *StreamingGrpcSink) Reset() {
+	*x = StreamingGrpcSink{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_config_tap_v3_common_proto_msgTypes[8]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *StreamingGrpcSink) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*StreamingGrpcSink) ProtoMessage() {}
+
+func (x *StreamingGrpcSink) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_config_tap_v3_common_proto_msgTypes[8]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use StreamingGrpcSink.ProtoReflect.Descriptor instead.
+func (*StreamingGrpcSink) Descriptor() ([]byte, []int) {
+	return file_envoy_config_tap_v3_common_proto_rawDescGZIP(), []int{8}
+}
+
+func (x *StreamingGrpcSink) GetTapId() string {
+	if x != nil {
+		return x.TapId
+	}
+	return ""
+}
+
+func (x *StreamingGrpcSink) GetGrpcService() *v31.GrpcService {
+	if x != nil {
+		return x.GrpcService
+	}
+	return nil
+}
+
+// A set of match configurations used for logical operations.
+type MatchPredicate_MatchSet struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// The list of rules that make up the set.
+	Rules []*MatchPredicate `protobuf:"bytes,1,rep,name=rules,proto3" json:"rules,omitempty"`
+}
+
+func (x *MatchPredicate_MatchSet) Reset() {
+	*x = MatchPredicate_MatchSet{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_config_tap_v3_common_proto_msgTypes[9]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *MatchPredicate_MatchSet) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*MatchPredicate_MatchSet) ProtoMessage() {}
+
+func (x *MatchPredicate_MatchSet) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_config_tap_v3_common_proto_msgTypes[9]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use MatchPredicate_MatchSet.ProtoReflect.Descriptor instead.
+func (*MatchPredicate_MatchSet) Descriptor() ([]byte, []int) {
+	return file_envoy_config_tap_v3_common_proto_rawDescGZIP(), []int{1, 0}
+}
+
+func (x *MatchPredicate_MatchSet) GetRules() []*MatchPredicate {
+	if x != nil {
+		return x.Rules
+	}
+	return nil
+}
+
+type HttpGenericBodyMatch_GenericTextMatch struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// Types that are assignable to Rule:
+	//	*HttpGenericBodyMatch_GenericTextMatch_StringMatch
+	//	*HttpGenericBodyMatch_GenericTextMatch_BinaryMatch
+	Rule isHttpGenericBodyMatch_GenericTextMatch_Rule `protobuf_oneof:"rule"`
+}
+
+func (x *HttpGenericBodyMatch_GenericTextMatch) Reset() {
+	*x = HttpGenericBodyMatch_GenericTextMatch{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_config_tap_v3_common_proto_msgTypes[10]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *HttpGenericBodyMatch_GenericTextMatch) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*HttpGenericBodyMatch_GenericTextMatch) ProtoMessage() {}
+
+func (x *HttpGenericBodyMatch_GenericTextMatch) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_config_tap_v3_common_proto_msgTypes[10]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use HttpGenericBodyMatch_GenericTextMatch.ProtoReflect.Descriptor instead.
+func (*HttpGenericBodyMatch_GenericTextMatch) Descriptor() ([]byte, []int) {
+	return file_envoy_config_tap_v3_common_proto_rawDescGZIP(), []int{3, 0}
+}
+
+func (m *HttpGenericBodyMatch_GenericTextMatch) GetRule() isHttpGenericBodyMatch_GenericTextMatch_Rule {
+	if m != nil {
+		return m.Rule
+	}
+	return nil
+}
+
+func (x *HttpGenericBodyMatch_GenericTextMatch) GetStringMatch() string {
+	if x, ok := x.GetRule().(*HttpGenericBodyMatch_GenericTextMatch_StringMatch); ok {
+		return x.StringMatch
+	}
+	return ""
+}
+
+func (x *HttpGenericBodyMatch_GenericTextMatch) GetBinaryMatch() []byte {
+	if x, ok := x.GetRule().(*HttpGenericBodyMatch_GenericTextMatch_BinaryMatch); ok {
+		return x.BinaryMatch
+	}
+	return nil
+}
+
+type isHttpGenericBodyMatch_GenericTextMatch_Rule interface {
+	isHttpGenericBodyMatch_GenericTextMatch_Rule()
+}
+
+type HttpGenericBodyMatch_GenericTextMatch_StringMatch struct {
+	// Text string to be located in HTTP body.
+	StringMatch string `protobuf:"bytes,1,opt,name=string_match,json=stringMatch,proto3,oneof"`
+}
+
+type HttpGenericBodyMatch_GenericTextMatch_BinaryMatch struct {
+	// Sequence of bytes to be located in HTTP body.
+	BinaryMatch []byte `protobuf:"bytes,2,opt,name=binary_match,json=binaryMatch,proto3,oneof"`
+}
+
+func (*HttpGenericBodyMatch_GenericTextMatch_StringMatch) isHttpGenericBodyMatch_GenericTextMatch_Rule() {
+}
+
+func (*HttpGenericBodyMatch_GenericTextMatch_BinaryMatch) isHttpGenericBodyMatch_GenericTextMatch_Rule() {
+}
+
+var File_envoy_config_tap_v3_common_proto protoreflect.FileDescriptor
+
+var file_envoy_config_tap_v3_common_proto_rawDesc = []byte{
+	0x0a, 0x20, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2f, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2f, 0x74,
+	0x61, 0x70, 0x2f, 0x76, 0x33, 0x2f, 0x63, 0x6f, 0x6d, 0x6d, 0x6f, 0x6e, 0x2e, 0x70, 0x72, 0x6f,
+	0x74, 0x6f, 0x12, 0x13, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67,
+	0x2e, 0x74, 0x61, 0x70, 0x2e, 0x76, 0x33, 0x1a, 0x2c, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2f, 0x63,
+	0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2f, 0x63, 0x6f, 0x6d, 0x6d, 0x6f, 0x6e, 0x2f, 0x6d, 0x61, 0x74,
+	0x63, 0x68, 0x65, 0x72, 0x2f, 0x76, 0x33, 0x2f, 0x6d, 0x61, 0x74, 0x63, 0x68, 0x65, 0x72, 0x2e,
+	0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x1f, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2f, 0x63, 0x6f, 0x6e,
+	0x66, 0x69, 0x67, 0x2f, 0x63, 0x6f, 0x72, 0x65, 0x2f, 0x76, 0x33, 0x2f, 0x62, 0x61, 0x73, 0x65,
+	0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x27, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2f, 0x63, 0x6f,
+	0x6e, 0x66, 0x69, 0x67, 0x2f, 0x63, 0x6f, 0x72, 0x65, 0x2f, 0x76, 0x33, 0x2f, 0x67, 0x72, 0x70,
+	0x63, 0x5f, 0x73, 0x65, 0x72, 0x76, 0x69, 0x63, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a,
+	0x2c, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2f, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2f, 0x72, 0x6f,
+	0x75, 0x74, 0x65, 0x2f, 0x76, 0x33, 0x2f, 0x72, 0x6f, 0x75, 0x74, 0x65, 0x5f, 0x63, 0x6f, 0x6d,
+	0x70, 0x6f, 0x6e, 0x65, 0x6e, 0x74, 0x73, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x1e, 0x67,
+	0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2f, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2f, 0x77,
+	0x72, 0x61, 0x70, 0x70, 0x65, 0x72, 0x73, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x23, 0x65,
+	0x6e, 0x76, 0x6f, 0x79, 0x2f, 0x61, 0x6e, 0x6e, 0x6f, 0x74, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x73,
+	0x2f, 0x64, 0x65, 0x70, 0x72, 0x65, 0x63, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x2e, 0x70, 0x72, 0x6f,
+	0x74, 0x6f, 0x1a, 0x1d, 0x75, 0x64, 0x70, 0x61, 0x2f, 0x61, 0x6e, 0x6e, 0x6f, 0x74, 0x61, 0x74,
+	0x69, 0x6f, 0x6e, 0x73, 0x2f, 0x73, 0x74, 0x61, 0x74, 0x75, 0x73, 0x2e, 0x70, 0x72, 0x6f, 0x74,
+	0x6f, 0x1a, 0x21, 0x75, 0x64, 0x70, 0x61, 0x2f, 0x61, 0x6e, 0x6e, 0x6f, 0x74, 0x61, 0x74, 0x69,
+	0x6f, 0x6e, 0x73, 0x2f, 0x76, 0x65, 0x72, 0x73, 0x69, 0x6f, 0x6e, 0x69, 0x6e, 0x67, 0x2e, 0x70,
+	0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x17, 0x76, 0x61, 0x6c, 0x69, 0x64, 0x61, 0x74, 0x65, 0x2f, 0x76,
+	0x61, 0x6c, 0x69, 0x64, 0x61, 0x74, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x22, 0xf5, 0x02,
+	0x0a, 0x09, 0x54, 0x61, 0x70, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x12, 0x53, 0x0a, 0x0c, 0x6d,
+	0x61, 0x74, 0x63, 0x68, 0x5f, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x18, 0x01, 0x20, 0x01, 0x28,
+	0x0b, 0x32, 0x23, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67,
+	0x2e, 0x74, 0x61, 0x70, 0x2e, 0x76, 0x33, 0x2e, 0x4d, 0x61, 0x74, 0x63, 0x68, 0x50, 0x72, 0x65,
+	0x64, 0x69, 0x63, 0x61, 0x74, 0x65, 0x42, 0x0b, 0x18, 0x01, 0x92, 0xc7, 0x86, 0xd8, 0x04, 0x03,
+	0x33, 0x2e, 0x30, 0x52, 0x0b, 0x6d, 0x61, 0x74, 0x63, 0x68, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67,
+	0x12, 0x44, 0x0a, 0x05, 0x6d, 0x61, 0x74, 0x63, 0x68, 0x18, 0x04, 0x20, 0x01, 0x28, 0x0b, 0x32,
+	0x2e, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x63,
+	0x6f, 0x6d, 0x6d, 0x6f, 0x6e, 0x2e, 0x6d, 0x61, 0x74, 0x63, 0x68, 0x65, 0x72, 0x2e, 0x76, 0x33,
+	0x2e, 0x4d, 0x61, 0x74, 0x63, 0x68, 0x50, 0x72, 0x65, 0x64, 0x69, 0x63, 0x61, 0x74, 0x65, 0x52,
+	0x05, 0x6d, 0x61, 0x74, 0x63, 0x68, 0x12, 0x50, 0x0a, 0x0d, 0x6f, 0x75, 0x74, 0x70, 0x75, 0x74,
+	0x5f, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x18, 0x02, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x21, 0x2e,
+	0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x74, 0x61, 0x70,
+	0x2e, 0x76, 0x33, 0x2e, 0x4f, 0x75, 0x74, 0x70, 0x75, 0x74, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67,
+	0x42, 0x08, 0xfa, 0x42, 0x05, 0x8a, 0x01, 0x02, 0x10, 0x01, 0x52, 0x0c, 0x6f, 0x75, 0x74, 0x70,
+	0x75, 0x74, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x12, 0x4f, 0x0a, 0x0b, 0x74, 0x61, 0x70, 0x5f,
+	0x65, 0x6e, 0x61, 0x62, 0x6c, 0x65, 0x64, 0x18, 0x03, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x2e, 0x2e,
+	0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x63, 0x6f, 0x72,
+	0x65, 0x2e, 0x76, 0x33, 0x2e, 0x52, 0x75, 0x6e, 0x74, 0x69, 0x6d, 0x65, 0x46, 0x72, 0x61, 0x63,
+	0x74, 0x69, 0x6f, 0x6e, 0x61, 0x6c, 0x50, 0x65, 0x72, 0x63, 0x65, 0x6e, 0x74, 0x52, 0x0a, 0x74,
+	0x61, 0x70, 0x45, 0x6e, 0x61, 0x62, 0x6c, 0x65, 0x64, 0x3a, 0x2a, 0x9a, 0xc5, 0x88, 0x1e, 0x25,
+	0x0a, 0x23, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x73, 0x65, 0x72, 0x76, 0x69, 0x63, 0x65, 0x2e,
+	0x74, 0x61, 0x70, 0x2e, 0x76, 0x32, 0x61, 0x6c, 0x70, 0x68, 0x61, 0x2e, 0x54, 0x61, 0x70, 0x43,
+	0x6f, 0x6e, 0x66, 0x69, 0x67, 0x22, 0xe6, 0x08, 0x0a, 0x0e, 0x4d, 0x61, 0x74, 0x63, 0x68, 0x50,
+	0x72, 0x65, 0x64, 0x69, 0x63, 0x61, 0x74, 0x65, 0x12, 0x49, 0x0a, 0x08, 0x6f, 0x72, 0x5f, 0x6d,
+	0x61, 0x74, 0x63, 0x68, 0x18, 0x01, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x2c, 0x2e, 0x65, 0x6e, 0x76,
+	0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x74, 0x61, 0x70, 0x2e, 0x76, 0x33,
+	0x2e, 0x4d, 0x61, 0x74, 0x63, 0x68, 0x50, 0x72, 0x65, 0x64, 0x69, 0x63, 0x61, 0x74, 0x65, 0x2e,
+	0x4d, 0x61, 0x74, 0x63, 0x68, 0x53, 0x65, 0x74, 0x48, 0x00, 0x52, 0x07, 0x6f, 0x72, 0x4d, 0x61,
+	0x74, 0x63, 0x68, 0x12, 0x4b, 0x0a, 0x09, 0x61, 0x6e, 0x64, 0x5f, 0x6d, 0x61, 0x74, 0x63, 0x68,
+	0x18, 0x02, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x2c, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63,
+	0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x74, 0x61, 0x70, 0x2e, 0x76, 0x33, 0x2e, 0x4d, 0x61, 0x74,
+	0x63, 0x68, 0x50, 0x72, 0x65, 0x64, 0x69, 0x63, 0x61, 0x74, 0x65, 0x2e, 0x4d, 0x61, 0x74, 0x63,
+	0x68, 0x53, 0x65, 0x74, 0x48, 0x00, 0x52, 0x08, 0x61, 0x6e, 0x64, 0x4d, 0x61, 0x74, 0x63, 0x68,
+	0x12, 0x42, 0x0a, 0x09, 0x6e, 0x6f, 0x74, 0x5f, 0x6d, 0x61, 0x74, 0x63, 0x68, 0x18, 0x03, 0x20,
+	0x01, 0x28, 0x0b, 0x32, 0x23, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66,
+	0x69, 0x67, 0x2e, 0x74, 0x61, 0x70, 0x2e, 0x76, 0x33, 0x2e, 0x4d, 0x61, 0x74, 0x63, 0x68, 0x50,
+	0x72, 0x65, 0x64, 0x69, 0x63, 0x61, 0x74, 0x65, 0x48, 0x00, 0x52, 0x08, 0x6e, 0x6f, 0x74, 0x4d,
+	0x61, 0x74, 0x63, 0x68, 0x12, 0x26, 0x0a, 0x09, 0x61, 0x6e, 0x79, 0x5f, 0x6d, 0x61, 0x74, 0x63,
+	0x68, 0x18, 0x04, 0x20, 0x01, 0x28, 0x08, 0x42, 0x07, 0xfa, 0x42, 0x04, 0x6a, 0x02, 0x08, 0x01,
+	0x48, 0x00, 0x52, 0x08, 0x61, 0x6e, 0x79, 0x4d, 0x61, 0x74, 0x63, 0x68, 0x12, 0x64, 0x0a, 0x1a,
+	0x68, 0x74, 0x74, 0x70, 0x5f, 0x72, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x5f, 0x68, 0x65, 0x61,
+	0x64, 0x65, 0x72, 0x73, 0x5f, 0x6d, 0x61, 0x74, 0x63, 0x68, 0x18, 0x05, 0x20, 0x01, 0x28, 0x0b,
+	0x32, 0x25, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e,
+	0x74, 0x61, 0x70, 0x2e, 0x76, 0x33, 0x2e, 0x48, 0x74, 0x74, 0x70, 0x48, 0x65, 0x61, 0x64, 0x65,
+	0x72, 0x73, 0x4d, 0x61, 0x74, 0x63, 0x68, 0x48, 0x00, 0x52, 0x17, 0x68, 0x74, 0x74, 0x70, 0x52,
+	0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x48, 0x65, 0x61, 0x64, 0x65, 0x72, 0x73, 0x4d, 0x61, 0x74,
+	0x63, 0x68, 0x12, 0x66, 0x0a, 0x1b, 0x68, 0x74, 0x74, 0x70, 0x5f, 0x72, 0x65, 0x71, 0x75, 0x65,
+	0x73, 0x74, 0x5f, 0x74, 0x72, 0x61, 0x69, 0x6c, 0x65, 0x72, 0x73, 0x5f, 0x6d, 0x61, 0x74, 0x63,
+	0x68, 0x18, 0x06, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x25, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e,
+	0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x74, 0x61, 0x70, 0x2e, 0x76, 0x33, 0x2e, 0x48, 0x74,
+	0x74, 0x70, 0x48, 0x65, 0x61, 0x64, 0x65, 0x72, 0x73, 0x4d, 0x61, 0x74, 0x63, 0x68, 0x48, 0x00,
+	0x52, 0x18, 0x68, 0x74, 0x74, 0x70, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x54, 0x72, 0x61,
+	0x69, 0x6c, 0x65, 0x72, 0x73, 0x4d, 0x61, 0x74, 0x63, 0x68, 0x12, 0x66, 0x0a, 0x1b, 0x68, 0x74,
+	0x74, 0x70, 0x5f, 0x72, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x5f, 0x68, 0x65, 0x61, 0x64,
+	0x65, 0x72, 0x73, 0x5f, 0x6d, 0x61, 0x74, 0x63, 0x68, 0x18, 0x07, 0x20, 0x01, 0x28, 0x0b, 0x32,
+	0x25, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x74,
+	0x61, 0x70, 0x2e, 0x76, 0x33, 0x2e, 0x48, 0x74, 0x74, 0x70, 0x48, 0x65, 0x61, 0x64, 0x65, 0x72,
+	0x73, 0x4d, 0x61, 0x74, 0x63, 0x68, 0x48, 0x00, 0x52, 0x18, 0x68, 0x74, 0x74, 0x70, 0x52, 0x65,
+	0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x48, 0x65, 0x61, 0x64, 0x65, 0x72, 0x73, 0x4d, 0x61, 0x74,
+	0x63, 0x68, 0x12, 0x68, 0x0a, 0x1c, 0x68, 0x74, 0x74, 0x70, 0x5f, 0x72, 0x65, 0x73, 0x70, 0x6f,
+	0x6e, 0x73, 0x65, 0x5f, 0x74, 0x72, 0x61, 0x69, 0x6c, 0x65, 0x72, 0x73, 0x5f, 0x6d, 0x61, 0x74,
+	0x63, 0x68, 0x18, 0x08, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x25, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79,
+	0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x74, 0x61, 0x70, 0x2e, 0x76, 0x33, 0x2e, 0x48,
+	0x74, 0x74, 0x70, 0x48, 0x65, 0x61, 0x64, 0x65, 0x72, 0x73, 0x4d, 0x61, 0x74, 0x63, 0x68, 0x48,
+	0x00, 0x52, 0x19, 0x68, 0x74, 0x74, 0x70, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x54,
+	0x72, 0x61, 0x69, 0x6c, 0x65, 0x72, 0x73, 0x4d, 0x61, 0x74, 0x63, 0x68, 0x12, 0x71, 0x0a, 0x1f,
+	0x68, 0x74, 0x74, 0x70, 0x5f, 0x72, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x5f, 0x67, 0x65, 0x6e,
+	0x65, 0x72, 0x69, 0x63, 0x5f, 0x62, 0x6f, 0x64, 0x79, 0x5f, 0x6d, 0x61, 0x74, 0x63, 0x68, 0x18,
+	0x09, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x29, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f,
+	0x6e, 0x66, 0x69, 0x67, 0x2e, 0x74, 0x61, 0x70, 0x2e, 0x76, 0x33, 0x2e, 0x48, 0x74, 0x74, 0x70,
+	0x47, 0x65, 0x6e, 0x65, 0x72, 0x69, 0x63, 0x42, 0x6f, 0x64, 0x79, 0x4d, 0x61, 0x74, 0x63, 0x68,
+	0x48, 0x00, 0x52, 0x1b, 0x68, 0x74, 0x74, 0x70, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x47,
+	0x65, 0x6e, 0x65, 0x72, 0x69, 0x63, 0x42, 0x6f, 0x64, 0x79, 0x4d, 0x61, 0x74, 0x63, 0x68, 0x12,
+	0x73, 0x0a, 0x20, 0x68, 0x74, 0x74, 0x70, 0x5f, 0x72, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65,
+	0x5f, 0x67, 0x65, 0x6e, 0x65, 0x72, 0x69, 0x63, 0x5f, 0x62, 0x6f, 0x64, 0x79, 0x5f, 0x6d, 0x61,
+	0x74, 0x63, 0x68, 0x18, 0x0a, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x29, 0x2e, 0x65, 0x6e, 0x76, 0x6f,
+	0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x74, 0x61, 0x70, 0x2e, 0x76, 0x33, 0x2e,
+	0x48, 0x74, 0x74, 0x70, 0x47, 0x65, 0x6e, 0x65, 0x72, 0x69, 0x63, 0x42, 0x6f, 0x64, 0x79, 0x4d,
+	0x61, 0x74, 0x63, 0x68, 0x48, 0x00, 0x52, 0x1c, 0x68, 0x74, 0x74, 0x70, 0x52, 0x65, 0x73, 0x70,
+	0x6f, 0x6e, 0x73, 0x65, 0x47, 0x65, 0x6e, 0x65, 0x72, 0x69, 0x63, 0x42, 0x6f, 0x64, 0x79, 0x4d,
+	0x61, 0x74, 0x63, 0x68, 0x1a, 0x89, 0x01, 0x0a, 0x08, 0x4d, 0x61, 0x74, 0x63, 0x68, 0x53, 0x65,
+	0x74, 0x12, 0x43, 0x0a, 0x05, 0x72, 0x75, 0x6c, 0x65, 0x73, 0x18, 0x01, 0x20, 0x03, 0x28, 0x0b,
+	0x32, 0x23, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e,
+	0x74, 0x61, 0x70, 0x2e, 0x76, 0x33, 0x2e, 0x4d, 0x61, 0x74, 0x63, 0x68, 0x50, 0x72, 0x65, 0x64,
+	0x69, 0x63, 0x61, 0x74, 0x65, 0x42, 0x08, 0xfa, 0x42, 0x05, 0x92, 0x01, 0x02, 0x08, 0x02, 0x52,
+	0x05, 0x72, 0x75, 0x6c, 0x65, 0x73, 0x3a, 0x38, 0x9a, 0xc5, 0x88, 0x1e, 0x33, 0x0a, 0x31, 0x65,
+	0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x73, 0x65, 0x72, 0x76, 0x69, 0x63, 0x65, 0x2e, 0x74, 0x61, 0x70,
+	0x2e, 0x76, 0x32, 0x61, 0x6c, 0x70, 0x68, 0x61, 0x2e, 0x4d, 0x61, 0x74, 0x63, 0x68, 0x50, 0x72,
+	0x65, 0x64, 0x69, 0x63, 0x61, 0x74, 0x65, 0x2e, 0x4d, 0x61, 0x74, 0x63, 0x68, 0x53, 0x65, 0x74,
+	0x3a, 0x2f, 0x9a, 0xc5, 0x88, 0x1e, 0x2a, 0x0a, 0x28, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x73,
+	0x65, 0x72, 0x76, 0x69, 0x63, 0x65, 0x2e, 0x74, 0x61, 0x70, 0x2e, 0x76, 0x32, 0x61, 0x6c, 0x70,
+	0x68, 0x61, 0x2e, 0x4d, 0x61, 0x74, 0x63, 0x68, 0x50, 0x72, 0x65, 0x64, 0x69, 0x63, 0x61, 0x74,
+	0x65, 0x42, 0x0b, 0x0a, 0x04, 0x72, 0x75, 0x6c, 0x65, 0x12, 0x03, 0xf8, 0x42, 0x01, 0x22, 0x85,
+	0x01, 0x0a, 0x10, 0x48, 0x74, 0x74, 0x70, 0x48, 0x65, 0x61, 0x64, 0x65, 0x72, 0x73, 0x4d, 0x61,
+	0x74, 0x63, 0x68, 0x12, 0x3e, 0x0a, 0x07, 0x68, 0x65, 0x61, 0x64, 0x65, 0x72, 0x73, 0x18, 0x01,
+	0x20, 0x03, 0x28, 0x0b, 0x32, 0x24, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e,
+	0x66, 0x69, 0x67, 0x2e, 0x72, 0x6f, 0x75, 0x74, 0x65, 0x2e, 0x76, 0x33, 0x2e, 0x48, 0x65, 0x61,
+	0x64, 0x65, 0x72, 0x4d, 0x61, 0x74, 0x63, 0x68, 0x65, 0x72, 0x52, 0x07, 0x68, 0x65, 0x61, 0x64,
+	0x65, 0x72, 0x73, 0x3a, 0x31, 0x9a, 0xc5, 0x88, 0x1e, 0x2c, 0x0a, 0x2a, 0x65, 0x6e, 0x76, 0x6f,
+	0x79, 0x2e, 0x73, 0x65, 0x72, 0x76, 0x69, 0x63, 0x65, 0x2e, 0x74, 0x61, 0x70, 0x2e, 0x76, 0x32,
+	0x61, 0x6c, 0x70, 0x68, 0x61, 0x2e, 0x48, 0x74, 0x74, 0x70, 0x48, 0x65, 0x61, 0x64, 0x65, 0x72,
+	0x73, 0x4d, 0x61, 0x74, 0x63, 0x68, 0x22, 0x96, 0x02, 0x0a, 0x14, 0x48, 0x74, 0x74, 0x70, 0x47,
+	0x65, 0x6e, 0x65, 0x72, 0x69, 0x63, 0x42, 0x6f, 0x64, 0x79, 0x4d, 0x61, 0x74, 0x63, 0x68, 0x12,
+	0x1f, 0x0a, 0x0b, 0x62, 0x79, 0x74, 0x65, 0x73, 0x5f, 0x6c, 0x69, 0x6d, 0x69, 0x74, 0x18, 0x01,
+	0x20, 0x01, 0x28, 0x0d, 0x52, 0x0a, 0x62, 0x79, 0x74, 0x65, 0x73, 0x4c, 0x69, 0x6d, 0x69, 0x74,
+	0x12, 0x60, 0x0a, 0x08, 0x70, 0x61, 0x74, 0x74, 0x65, 0x72, 0x6e, 0x73, 0x18, 0x02, 0x20, 0x03,
+	0x28, 0x0b, 0x32, 0x3a, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69,
+	0x67, 0x2e, 0x74, 0x61, 0x70, 0x2e, 0x76, 0x33, 0x2e, 0x48, 0x74, 0x74, 0x70, 0x47, 0x65, 0x6e,
+	0x65, 0x72, 0x69, 0x63, 0x42, 0x6f, 0x64, 0x79, 0x4d, 0x61, 0x74, 0x63, 0x68, 0x2e, 0x47, 0x65,
+	0x6e, 0x65, 0x72, 0x69, 0x63, 0x54, 0x65, 0x78, 0x74, 0x4d, 0x61, 0x74, 0x63, 0x68, 0x42, 0x08,
+	0xfa, 0x42, 0x05, 0x92, 0x01, 0x02, 0x08, 0x01, 0x52, 0x08, 0x70, 0x61, 0x74, 0x74, 0x65, 0x72,
+	0x6e, 0x73, 0x1a, 0x7b, 0x0a, 0x10, 0x47, 0x65, 0x6e, 0x65, 0x72, 0x69, 0x63, 0x54, 0x65, 0x78,
+	0x74, 0x4d, 0x61, 0x74, 0x63, 0x68, 0x12, 0x2c, 0x0a, 0x0c, 0x73, 0x74, 0x72, 0x69, 0x6e, 0x67,
+	0x5f, 0x6d, 0x61, 0x74, 0x63, 0x68, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x42, 0x07, 0xfa, 0x42,
+	0x04, 0x72, 0x02, 0x10, 0x01, 0x48, 0x00, 0x52, 0x0b, 0x73, 0x74, 0x72, 0x69, 0x6e, 0x67, 0x4d,
+	0x61, 0x74, 0x63, 0x68, 0x12, 0x2c, 0x0a, 0x0c, 0x62, 0x69, 0x6e, 0x61, 0x72, 0x79, 0x5f, 0x6d,
+	0x61, 0x74, 0x63, 0x68, 0x18, 0x02, 0x20, 0x01, 0x28, 0x0c, 0x42, 0x07, 0xfa, 0x42, 0x04, 0x7a,
+	0x02, 0x10, 0x01, 0x48, 0x00, 0x52, 0x0b, 0x62, 0x69, 0x6e, 0x61, 0x72, 0x79, 0x4d, 0x61, 0x74,
+	0x63, 0x68, 0x42, 0x0b, 0x0a, 0x04, 0x72, 0x75, 0x6c, 0x65, 0x12, 0x03, 0xf8, 0x42, 0x01, 0x22,
+	0xc0, 0x02, 0x0a, 0x0c, 0x4f, 0x75, 0x74, 0x70, 0x75, 0x74, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67,
+	0x12, 0x41, 0x0a, 0x05, 0x73, 0x69, 0x6e, 0x6b, 0x73, 0x18, 0x01, 0x20, 0x03, 0x28, 0x0b, 0x32,
+	0x1f, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x74,
+	0x61, 0x70, 0x2e, 0x76, 0x33, 0x2e, 0x4f, 0x75, 0x74, 0x70, 0x75, 0x74, 0x53, 0x69, 0x6e, 0x6b,
+	0x42, 0x0a, 0xfa, 0x42, 0x07, 0x92, 0x01, 0x04, 0x08, 0x01, 0x10, 0x01, 0x52, 0x05, 0x73, 0x69,
+	0x6e, 0x6b, 0x73, 0x12, 0x4f, 0x0a, 0x15, 0x6d, 0x61, 0x78, 0x5f, 0x62, 0x75, 0x66, 0x66, 0x65,
+	0x72, 0x65, 0x64, 0x5f, 0x72, 0x78, 0x5f, 0x62, 0x79, 0x74, 0x65, 0x73, 0x18, 0x02, 0x20, 0x01,
+	0x28, 0x0b, 0x32, 0x1c, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74,
+	0x6f, 0x62, 0x75, 0x66, 0x2e, 0x55, 0x49, 0x6e, 0x74, 0x33, 0x32, 0x56, 0x61, 0x6c, 0x75, 0x65,
+	0x52, 0x12, 0x6d, 0x61, 0x78, 0x42, 0x75, 0x66, 0x66, 0x65, 0x72, 0x65, 0x64, 0x52, 0x78, 0x42,
+	0x79, 0x74, 0x65, 0x73, 0x12, 0x4f, 0x0a, 0x15, 0x6d, 0x61, 0x78, 0x5f, 0x62, 0x75, 0x66, 0x66,
+	0x65, 0x72, 0x65, 0x64, 0x5f, 0x74, 0x78, 0x5f, 0x62, 0x79, 0x74, 0x65, 0x73, 0x18, 0x03, 0x20,
+	0x01, 0x28, 0x0b, 0x32, 0x1c, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f,
+	0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x55, 0x49, 0x6e, 0x74, 0x33, 0x32, 0x56, 0x61, 0x6c, 0x75,
+	0x65, 0x52, 0x12, 0x6d, 0x61, 0x78, 0x42, 0x75, 0x66, 0x66, 0x65, 0x72, 0x65, 0x64, 0x54, 0x78,
+	0x42, 0x79, 0x74, 0x65, 0x73, 0x12, 0x1c, 0x0a, 0x09, 0x73, 0x74, 0x72, 0x65, 0x61, 0x6d, 0x69,
+	0x6e, 0x67, 0x18, 0x04, 0x20, 0x01, 0x28, 0x08, 0x52, 0x09, 0x73, 0x74, 0x72, 0x65, 0x61, 0x6d,
+	0x69, 0x6e, 0x67, 0x3a, 0x2d, 0x9a, 0xc5, 0x88, 0x1e, 0x28, 0x0a, 0x26, 0x65, 0x6e, 0x76, 0x6f,
+	0x79, 0x2e, 0x73, 0x65, 0x72, 0x76, 0x69, 0x63, 0x65, 0x2e, 0x74, 0x61, 0x70, 0x2e, 0x76, 0x32,
+	0x61, 0x6c, 0x70, 0x68, 0x61, 0x2e, 0x4f, 0x75, 0x74, 0x70, 0x75, 0x74, 0x43, 0x6f, 0x6e, 0x66,
+	0x69, 0x67, 0x22, 0x8a, 0x04, 0x0a, 0x0a, 0x4f, 0x75, 0x74, 0x70, 0x75, 0x74, 0x53, 0x69, 0x6e,
+	0x6b, 0x12, 0x48, 0x0a, 0x06, 0x66, 0x6f, 0x72, 0x6d, 0x61, 0x74, 0x18, 0x01, 0x20, 0x01, 0x28,
+	0x0e, 0x32, 0x26, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67,
+	0x2e, 0x74, 0x61, 0x70, 0x2e, 0x76, 0x33, 0x2e, 0x4f, 0x75, 0x74, 0x70, 0x75, 0x74, 0x53, 0x69,
+	0x6e, 0x6b, 0x2e, 0x46, 0x6f, 0x72, 0x6d, 0x61, 0x74, 0x42, 0x08, 0xfa, 0x42, 0x05, 0x82, 0x01,
+	0x02, 0x10, 0x01, 0x52, 0x06, 0x66, 0x6f, 0x72, 0x6d, 0x61, 0x74, 0x12, 0x52, 0x0a, 0x0f, 0x73,
+	0x74, 0x72, 0x65, 0x61, 0x6d, 0x69, 0x6e, 0x67, 0x5f, 0x61, 0x64, 0x6d, 0x69, 0x6e, 0x18, 0x02,
+	0x20, 0x01, 0x28, 0x0b, 0x32, 0x27, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e,
+	0x66, 0x69, 0x67, 0x2e, 0x74, 0x61, 0x70, 0x2e, 0x76, 0x33, 0x2e, 0x53, 0x74, 0x72, 0x65, 0x61,
+	0x6d, 0x69, 0x6e, 0x67, 0x41, 0x64, 0x6d, 0x69, 0x6e, 0x53, 0x69, 0x6e, 0x6b, 0x48, 0x00, 0x52,
+	0x0e, 0x73, 0x74, 0x72, 0x65, 0x61, 0x6d, 0x69, 0x6e, 0x67, 0x41, 0x64, 0x6d, 0x69, 0x6e, 0x12,
+	0x47, 0x0a, 0x0c, 0x66, 0x69, 0x6c, 0x65, 0x5f, 0x70, 0x65, 0x72, 0x5f, 0x74, 0x61, 0x70, 0x18,
+	0x03, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x23, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f,
+	0x6e, 0x66, 0x69, 0x67, 0x2e, 0x74, 0x61, 0x70, 0x2e, 0x76, 0x33, 0x2e, 0x46, 0x69, 0x6c, 0x65,
+	0x50, 0x65, 0x72, 0x54, 0x61, 0x70, 0x53, 0x69, 0x6e, 0x6b, 0x48, 0x00, 0x52, 0x0a, 0x66, 0x69,
+	0x6c, 0x65, 0x50, 0x65, 0x72, 0x54, 0x61, 0x70, 0x12, 0x4f, 0x0a, 0x0e, 0x73, 0x74, 0x72, 0x65,
+	0x61, 0x6d, 0x69, 0x6e, 0x67, 0x5f, 0x67, 0x72, 0x70, 0x63, 0x18, 0x04, 0x20, 0x01, 0x28, 0x0b,
+	0x32, 0x26, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e,
+	0x74, 0x61, 0x70, 0x2e, 0x76, 0x33, 0x2e, 0x53, 0x74, 0x72, 0x65, 0x61, 0x6d, 0x69, 0x6e, 0x67,
+	0x47, 0x72, 0x70, 0x63, 0x53, 0x69, 0x6e, 0x6b, 0x48, 0x00, 0x52, 0x0d, 0x73, 0x74, 0x72, 0x65,
+	0x61, 0x6d, 0x69, 0x6e, 0x67, 0x47, 0x72, 0x70, 0x63, 0x22, 0x7e, 0x0a, 0x06, 0x46, 0x6f, 0x72,
+	0x6d, 0x61, 0x74, 0x12, 0x16, 0x0a, 0x12, 0x4a, 0x53, 0x4f, 0x4e, 0x5f, 0x42, 0x4f, 0x44, 0x59,
+	0x5f, 0x41, 0x53, 0x5f, 0x42, 0x59, 0x54, 0x45, 0x53, 0x10, 0x00, 0x12, 0x17, 0x0a, 0x13, 0x4a,
+	0x53, 0x4f, 0x4e, 0x5f, 0x42, 0x4f, 0x44, 0x59, 0x5f, 0x41, 0x53, 0x5f, 0x53, 0x54, 0x52, 0x49,
+	0x4e, 0x47, 0x10, 0x01, 0x12, 0x10, 0x0a, 0x0c, 0x50, 0x52, 0x4f, 0x54, 0x4f, 0x5f, 0x42, 0x49,
+	0x4e, 0x41, 0x52, 0x59, 0x10, 0x02, 0x12, 0x21, 0x0a, 0x1d, 0x50, 0x52, 0x4f, 0x54, 0x4f, 0x5f,
+	0x42, 0x49, 0x4e, 0x41, 0x52, 0x59, 0x5f, 0x4c, 0x45, 0x4e, 0x47, 0x54, 0x48, 0x5f, 0x44, 0x45,
+	0x4c, 0x49, 0x4d, 0x49, 0x54, 0x45, 0x44, 0x10, 0x03, 0x12, 0x0e, 0x0a, 0x0a, 0x50, 0x52, 0x4f,
+	0x54, 0x4f, 0x5f, 0x54, 0x45, 0x58, 0x54, 0x10, 0x04, 0x3a, 0x2b, 0x9a, 0xc5, 0x88, 0x1e, 0x26,
+	0x0a, 0x24, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x73, 0x65, 0x72, 0x76, 0x69, 0x63, 0x65, 0x2e,
+	0x74, 0x61, 0x70, 0x2e, 0x76, 0x32, 0x61, 0x6c, 0x70, 0x68, 0x61, 0x2e, 0x4f, 0x75, 0x74, 0x70,
+	0x75, 0x74, 0x53, 0x69, 0x6e, 0x6b, 0x42, 0x17, 0x0a, 0x10, 0x6f, 0x75, 0x74, 0x70, 0x75, 0x74,
+	0x5f, 0x73, 0x69, 0x6e, 0x6b, 0x5f, 0x74, 0x79, 0x70, 0x65, 0x12, 0x03, 0xf8, 0x42, 0x01, 0x22,
+	0x49, 0x0a, 0x12, 0x53, 0x74, 0x72, 0x65, 0x61, 0x6d, 0x69, 0x6e, 0x67, 0x41, 0x64, 0x6d, 0x69,
+	0x6e, 0x53, 0x69, 0x6e, 0x6b, 0x3a, 0x33, 0x9a, 0xc5, 0x88, 0x1e, 0x2e, 0x0a, 0x2c, 0x65, 0x6e,
+	0x76, 0x6f, 0x79, 0x2e, 0x73, 0x65, 0x72, 0x76, 0x69, 0x63, 0x65, 0x2e, 0x74, 0x61, 0x70, 0x2e,
+	0x76, 0x32, 0x61, 0x6c, 0x70, 0x68, 0x61, 0x2e, 0x53, 0x74, 0x72, 0x65, 0x61, 0x6d, 0x69, 0x6e,
+	0x67, 0x41, 0x64, 0x6d, 0x69, 0x6e, 0x53, 0x69, 0x6e, 0x6b, 0x22, 0x6b, 0x0a, 0x0e, 0x46, 0x69,
+	0x6c, 0x65, 0x50, 0x65, 0x72, 0x54, 0x61, 0x70, 0x53, 0x69, 0x6e, 0x6b, 0x12, 0x28, 0x0a, 0x0b,
+	0x70, 0x61, 0x74, 0x68, 0x5f, 0x70, 0x72, 0x65, 0x66, 0x69, 0x78, 0x18, 0x01, 0x20, 0x01, 0x28,
+	0x09, 0x42, 0x07, 0xfa, 0x42, 0x04, 0x72, 0x02, 0x10, 0x01, 0x52, 0x0a, 0x70, 0x61, 0x74, 0x68,
+	0x50, 0x72, 0x65, 0x66, 0x69, 0x78, 0x3a, 0x2f, 0x9a, 0xc5, 0x88, 0x1e, 0x2a, 0x0a, 0x28, 0x65,
+	0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x73, 0x65, 0x72, 0x76, 0x69, 0x63, 0x65, 0x2e, 0x74, 0x61, 0x70,
+	0x2e, 0x76, 0x32, 0x61, 0x6c, 0x70, 0x68, 0x61, 0x2e, 0x46, 0x69, 0x6c, 0x65, 0x50, 0x65, 0x72,
+	0x54, 0x61, 0x70, 0x53, 0x69, 0x6e, 0x6b, 0x22, 0xae, 0x01, 0x0a, 0x11, 0x53, 0x74, 0x72, 0x65,
+	0x61, 0x6d, 0x69, 0x6e, 0x67, 0x47, 0x72, 0x70, 0x63, 0x53, 0x69, 0x6e, 0x6b, 0x12, 0x15, 0x0a,
+	0x06, 0x74, 0x61, 0x70, 0x5f, 0x69, 0x64, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x05, 0x74,
+	0x61, 0x70, 0x49, 0x64, 0x12, 0x4e, 0x0a, 0x0c, 0x67, 0x72, 0x70, 0x63, 0x5f, 0x73, 0x65, 0x72,
+	0x76, 0x69, 0x63, 0x65, 0x18, 0x02, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x21, 0x2e, 0x65, 0x6e, 0x76,
+	0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x63, 0x6f, 0x72, 0x65, 0x2e, 0x76,
+	0x33, 0x2e, 0x47, 0x72, 0x70, 0x63, 0x53, 0x65, 0x72, 0x76, 0x69, 0x63, 0x65, 0x42, 0x08, 0xfa,
+	0x42, 0x05, 0x8a, 0x01, 0x02, 0x10, 0x01, 0x52, 0x0b, 0x67, 0x72, 0x70, 0x63, 0x53, 0x65, 0x72,
+	0x76, 0x69, 0x63, 0x65, 0x3a, 0x32, 0x9a, 0xc5, 0x88, 0x1e, 0x2d, 0x0a, 0x2b, 0x65, 0x6e, 0x76,
+	0x6f, 0x79, 0x2e, 0x73, 0x65, 0x72, 0x76, 0x69, 0x63, 0x65, 0x2e, 0x74, 0x61, 0x70, 0x2e, 0x76,
+	0x32, 0x61, 0x6c, 0x70, 0x68, 0x61, 0x2e, 0x53, 0x74, 0x72, 0x65, 0x61, 0x6d, 0x69, 0x6e, 0x67,
+	0x47, 0x72, 0x70, 0x63, 0x53, 0x69, 0x6e, 0x6b, 0x42, 0x3a, 0x0a, 0x21, 0x69, 0x6f, 0x2e, 0x65,
+	0x6e, 0x76, 0x6f, 0x79, 0x70, 0x72, 0x6f, 0x78, 0x79, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e,
+	0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x74, 0x61, 0x70, 0x2e, 0x76, 0x33, 0x42, 0x0b, 0x43,
+	0x6f, 0x6d, 0x6d, 0x6f, 0x6e, 0x50, 0x72, 0x6f, 0x74, 0x6f, 0x50, 0x01, 0xba, 0x80, 0xc8, 0xd1,
+	0x06, 0x02, 0x10, 0x02, 0x62, 0x06, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x33,
+}
+
+var (
+	file_envoy_config_tap_v3_common_proto_rawDescOnce sync.Once
+	file_envoy_config_tap_v3_common_proto_rawDescData = file_envoy_config_tap_v3_common_proto_rawDesc
+)
+
+func file_envoy_config_tap_v3_common_proto_rawDescGZIP() []byte {
+	file_envoy_config_tap_v3_common_proto_rawDescOnce.Do(func() {
+		file_envoy_config_tap_v3_common_proto_rawDescData = protoimpl.X.CompressGZIP(file_envoy_config_tap_v3_common_proto_rawDescData)
+	})
+	return file_envoy_config_tap_v3_common_proto_rawDescData
+}
+
+var file_envoy_config_tap_v3_common_proto_enumTypes = make([]protoimpl.EnumInfo, 1)
+var file_envoy_config_tap_v3_common_proto_msgTypes = make([]protoimpl.MessageInfo, 11)
+var file_envoy_config_tap_v3_common_proto_goTypes = []interface{}{
+	(OutputSink_Format)(0),                        // 0: envoy.config.tap.v3.OutputSink.Format
+	(*TapConfig)(nil),                             // 1: envoy.config.tap.v3.TapConfig
+	(*MatchPredicate)(nil),                        // 2: envoy.config.tap.v3.MatchPredicate
+	(*HttpHeadersMatch)(nil),                      // 3: envoy.config.tap.v3.HttpHeadersMatch
+	(*HttpGenericBodyMatch)(nil),                  // 4: envoy.config.tap.v3.HttpGenericBodyMatch
+	(*OutputConfig)(nil),                          // 5: envoy.config.tap.v3.OutputConfig
+	(*OutputSink)(nil),                            // 6: envoy.config.tap.v3.OutputSink
+	(*StreamingAdminSink)(nil),                    // 7: envoy.config.tap.v3.StreamingAdminSink
+	(*FilePerTapSink)(nil),                        // 8: envoy.config.tap.v3.FilePerTapSink
+	(*StreamingGrpcSink)(nil),                     // 9: envoy.config.tap.v3.StreamingGrpcSink
+	(*MatchPredicate_MatchSet)(nil),               // 10: envoy.config.tap.v3.MatchPredicate.MatchSet
+	(*HttpGenericBodyMatch_GenericTextMatch)(nil), // 11: envoy.config.tap.v3.HttpGenericBodyMatch.GenericTextMatch
+	(*v3.MatchPredicate)(nil),                     // 12: envoy.config.common.matcher.v3.MatchPredicate
+	(*v31.RuntimeFractionalPercent)(nil),          // 13: envoy.config.core.v3.RuntimeFractionalPercent
+	(*v32.HeaderMatcher)(nil),                     // 14: envoy.config.route.v3.HeaderMatcher
+	(*wrappers.UInt32Value)(nil),                  // 15: google.protobuf.UInt32Value
+	(*v31.GrpcService)(nil),                       // 16: envoy.config.core.v3.GrpcService
+}
+var file_envoy_config_tap_v3_common_proto_depIdxs = []int32{
+	2,  // 0: envoy.config.tap.v3.TapConfig.match_config:type_name -> envoy.config.tap.v3.MatchPredicate
+	12, // 1: envoy.config.tap.v3.TapConfig.match:type_name -> envoy.config.common.matcher.v3.MatchPredicate
+	5,  // 2: envoy.config.tap.v3.TapConfig.output_config:type_name -> envoy.config.tap.v3.OutputConfig
+	13, // 3: envoy.config.tap.v3.TapConfig.tap_enabled:type_name -> envoy.config.core.v3.RuntimeFractionalPercent
+	10, // 4: envoy.config.tap.v3.MatchPredicate.or_match:type_name -> envoy.config.tap.v3.MatchPredicate.MatchSet
+	10, // 5: envoy.config.tap.v3.MatchPredicate.and_match:type_name -> envoy.config.tap.v3.MatchPredicate.MatchSet
+	2,  // 6: envoy.config.tap.v3.MatchPredicate.not_match:type_name -> envoy.config.tap.v3.MatchPredicate
+	3,  // 7: envoy.config.tap.v3.MatchPredicate.http_request_headers_match:type_name -> envoy.config.tap.v3.HttpHeadersMatch
+	3,  // 8: envoy.config.tap.v3.MatchPredicate.http_request_trailers_match:type_name -> envoy.config.tap.v3.HttpHeadersMatch
+	3,  // 9: envoy.config.tap.v3.MatchPredicate.http_response_headers_match:type_name -> envoy.config.tap.v3.HttpHeadersMatch
+	3,  // 10: envoy.config.tap.v3.MatchPredicate.http_response_trailers_match:type_name -> envoy.config.tap.v3.HttpHeadersMatch
+	4,  // 11: envoy.config.tap.v3.MatchPredicate.http_request_generic_body_match:type_name -> envoy.config.tap.v3.HttpGenericBodyMatch
+	4,  // 12: envoy.config.tap.v3.MatchPredicate.http_response_generic_body_match:type_name -> envoy.config.tap.v3.HttpGenericBodyMatch
+	14, // 13: envoy.config.tap.v3.HttpHeadersMatch.headers:type_name -> envoy.config.route.v3.HeaderMatcher
+	11, // 14: envoy.config.tap.v3.HttpGenericBodyMatch.patterns:type_name -> envoy.config.tap.v3.HttpGenericBodyMatch.GenericTextMatch
+	6,  // 15: envoy.config.tap.v3.OutputConfig.sinks:type_name -> envoy.config.tap.v3.OutputSink
+	15, // 16: envoy.config.tap.v3.OutputConfig.max_buffered_rx_bytes:type_name -> google.protobuf.UInt32Value
+	15, // 17: envoy.config.tap.v3.OutputConfig.max_buffered_tx_bytes:type_name -> google.protobuf.UInt32Value
+	0,  // 18: envoy.config.tap.v3.OutputSink.format:type_name -> envoy.config.tap.v3.OutputSink.Format
+	7,  // 19: envoy.config.tap.v3.OutputSink.streaming_admin:type_name -> envoy.config.tap.v3.StreamingAdminSink
+	8,  // 20: envoy.config.tap.v3.OutputSink.file_per_tap:type_name -> envoy.config.tap.v3.FilePerTapSink
+	9,  // 21: envoy.config.tap.v3.OutputSink.streaming_grpc:type_name -> envoy.config.tap.v3.StreamingGrpcSink
+	16, // 22: envoy.config.tap.v3.StreamingGrpcSink.grpc_service:type_name -> envoy.config.core.v3.GrpcService
+	2,  // 23: envoy.config.tap.v3.MatchPredicate.MatchSet.rules:type_name -> envoy.config.tap.v3.MatchPredicate
+	24, // [24:24] is the sub-list for method output_type
+	24, // [24:24] is the sub-list for method input_type
+	24, // [24:24] is the sub-list for extension type_name
+	24, // [24:24] is the sub-list for extension extendee
+	0,  // [0:24] is the sub-list for field type_name
+}
+
+func init() { file_envoy_config_tap_v3_common_proto_init() }
+func file_envoy_config_tap_v3_common_proto_init() {
+	if File_envoy_config_tap_v3_common_proto != nil {
+		return
+	}
+	if !protoimpl.UnsafeEnabled {
+		file_envoy_config_tap_v3_common_proto_msgTypes[0].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*TapConfig); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_config_tap_v3_common_proto_msgTypes[1].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*MatchPredicate); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_config_tap_v3_common_proto_msgTypes[2].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*HttpHeadersMatch); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_config_tap_v3_common_proto_msgTypes[3].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*HttpGenericBodyMatch); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_config_tap_v3_common_proto_msgTypes[4].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*OutputConfig); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_config_tap_v3_common_proto_msgTypes[5].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*OutputSink); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_config_tap_v3_common_proto_msgTypes[6].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*StreamingAdminSink); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_config_tap_v3_common_proto_msgTypes[7].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*FilePerTapSink); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_config_tap_v3_common_proto_msgTypes[8].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*StreamingGrpcSink); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_config_tap_v3_common_proto_msgTypes[9].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*MatchPredicate_MatchSet); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_config_tap_v3_common_proto_msgTypes[10].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*HttpGenericBodyMatch_GenericTextMatch); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+	}
+	file_envoy_config_tap_v3_common_proto_msgTypes[1].OneofWrappers = []interface{}{
+		(*MatchPredicate_OrMatch)(nil),
+		(*MatchPredicate_AndMatch)(nil),
+		(*MatchPredicate_NotMatch)(nil),
+		(*MatchPredicate_AnyMatch)(nil),
+		(*MatchPredicate_HttpRequestHeadersMatch)(nil),
+		(*MatchPredicate_HttpRequestTrailersMatch)(nil),
+		(*MatchPredicate_HttpResponseHeadersMatch)(nil),
+		(*MatchPredicate_HttpResponseTrailersMatch)(nil),
+		(*MatchPredicate_HttpRequestGenericBodyMatch)(nil),
+		(*MatchPredicate_HttpResponseGenericBodyMatch)(nil),
+	}
+	file_envoy_config_tap_v3_common_proto_msgTypes[5].OneofWrappers = []interface{}{
+		(*OutputSink_StreamingAdmin)(nil),
+		(*OutputSink_FilePerTap)(nil),
+		(*OutputSink_StreamingGrpc)(nil),
+	}
+	file_envoy_config_tap_v3_common_proto_msgTypes[10].OneofWrappers = []interface{}{
+		(*HttpGenericBodyMatch_GenericTextMatch_StringMatch)(nil),
+		(*HttpGenericBodyMatch_GenericTextMatch_BinaryMatch)(nil),
+	}
+	type x struct{}
+	out := protoimpl.TypeBuilder{
+		File: protoimpl.DescBuilder{
+			GoPackagePath: reflect.TypeOf(x{}).PkgPath(),
+			RawDescriptor: file_envoy_config_tap_v3_common_proto_rawDesc,
+			NumEnums:      1,
+			NumMessages:   11,
+			NumExtensions: 0,
+			NumServices:   0,
+		},
+		GoTypes:           file_envoy_config_tap_v3_common_proto_goTypes,
+		DependencyIndexes: file_envoy_config_tap_v3_common_proto_depIdxs,
+		EnumInfos:         file_envoy_config_tap_v3_common_proto_enumTypes,
+		MessageInfos:      file_envoy_config_tap_v3_common_proto_msgTypes,
+	}.Build()
+	File_envoy_config_tap_v3_common_proto = out.File
+	file_envoy_config_tap_v3_common_proto_rawDesc = nil
+	file_envoy_config_tap_v3_common_proto_goTypes = nil
+	file_envoy_config_tap_v3_common_proto_depIdxs = nil
+}
diff --git a/vendor/github.com/envoyproxy/go-control-plane/envoy/config/tap/v3/common.pb.validate.go b/vendor/github.com/envoyproxy/go-control-plane/envoy/config/tap/v3/common.pb.validate.go
new file mode 100644
index 00000000000..b9cc469a7d3
--- /dev/null
+++ b/vendor/github.com/envoyproxy/go-control-plane/envoy/config/tap/v3/common.pb.validate.go
@@ -0,0 +1,2010 @@
+// Code generated by protoc-gen-validate. DO NOT EDIT.
+// source: envoy/config/tap/v3/common.proto
+
+package envoy_config_tap_v3
+
+import (
+	"bytes"
+	"errors"
+	"fmt"
+	"net"
+	"net/mail"
+	"net/url"
+	"regexp"
+	"sort"
+	"strings"
+	"time"
+	"unicode/utf8"
+
+	"google.golang.org/protobuf/types/known/anypb"
+)
+
+// ensure the imports are used
+var (
+	_ = bytes.MinRead
+	_ = errors.New("")
+	_ = fmt.Print
+	_ = utf8.UTFMax
+	_ = (*regexp.Regexp)(nil)
+	_ = (*strings.Reader)(nil)
+	_ = net.IPv4len
+	_ = time.Duration(0)
+	_ = (*url.URL)(nil)
+	_ = (*mail.Address)(nil)
+	_ = anypb.Any{}
+	_ = sort.Sort
+)
+
+// Validate checks the field values on TapConfig with the rules defined in the
+// proto definition for this message. If any rules are violated, the first
+// error encountered is returned, or nil if there are no violations.
+func (m *TapConfig) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on TapConfig with the rules defined in
+// the proto definition for this message. If any rules are violated, the
+// result is a list of violation errors wrapped in TapConfigMultiError, or nil
+// if none found.
+func (m *TapConfig) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *TapConfig) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	if all {
+		switch v := interface{}(m.GetMatchConfig()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, TapConfigValidationError{
+					field:  "MatchConfig",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, TapConfigValidationError{
+					field:  "MatchConfig",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetMatchConfig()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return TapConfigValidationError{
+				field:  "MatchConfig",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if all {
+		switch v := interface{}(m.GetMatch()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, TapConfigValidationError{
+					field:  "Match",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, TapConfigValidationError{
+					field:  "Match",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetMatch()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return TapConfigValidationError{
+				field:  "Match",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if m.GetOutputConfig() == nil {
+		err := TapConfigValidationError{
+			field:  "OutputConfig",
+			reason: "value is required",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+	}
+
+	if all {
+		switch v := interface{}(m.GetOutputConfig()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, TapConfigValidationError{
+					field:  "OutputConfig",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, TapConfigValidationError{
+					field:  "OutputConfig",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetOutputConfig()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return TapConfigValidationError{
+				field:  "OutputConfig",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if all {
+		switch v := interface{}(m.GetTapEnabled()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, TapConfigValidationError{
+					field:  "TapEnabled",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, TapConfigValidationError{
+					field:  "TapEnabled",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetTapEnabled()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return TapConfigValidationError{
+				field:  "TapEnabled",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if len(errors) > 0 {
+		return TapConfigMultiError(errors)
+	}
+	return nil
+}
+
+// TapConfigMultiError is an error wrapping multiple validation errors returned
+// by TapConfig.ValidateAll() if the designated constraints aren't met.
+type TapConfigMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m TapConfigMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m TapConfigMultiError) AllErrors() []error { return m }
+
+// TapConfigValidationError is the validation error returned by
+// TapConfig.Validate if the designated constraints aren't met.
+type TapConfigValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e TapConfigValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e TapConfigValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e TapConfigValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e TapConfigValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e TapConfigValidationError) ErrorName() string { return "TapConfigValidationError" }
+
+// Error satisfies the builtin error interface
+func (e TapConfigValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sTapConfig.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = TapConfigValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = TapConfigValidationError{}
+
+// Validate checks the field values on MatchPredicate with the rules defined in
+// the proto definition for this message. If any rules are violated, the first
+// error encountered is returned, or nil if there are no violations.
+func (m *MatchPredicate) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on MatchPredicate with the rules defined
+// in the proto definition for this message. If any rules are violated, the
+// result is a list of violation errors wrapped in MatchPredicateMultiError,
+// or nil if none found.
+func (m *MatchPredicate) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *MatchPredicate) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	switch m.Rule.(type) {
+
+	case *MatchPredicate_OrMatch:
+
+		if all {
+			switch v := interface{}(m.GetOrMatch()).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, MatchPredicateValidationError{
+						field:  "OrMatch",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, MatchPredicateValidationError{
+						field:  "OrMatch",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(m.GetOrMatch()).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return MatchPredicateValidationError{
+					field:  "OrMatch",
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	case *MatchPredicate_AndMatch:
+
+		if all {
+			switch v := interface{}(m.GetAndMatch()).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, MatchPredicateValidationError{
+						field:  "AndMatch",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, MatchPredicateValidationError{
+						field:  "AndMatch",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(m.GetAndMatch()).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return MatchPredicateValidationError{
+					field:  "AndMatch",
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	case *MatchPredicate_NotMatch:
+
+		if all {
+			switch v := interface{}(m.GetNotMatch()).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, MatchPredicateValidationError{
+						field:  "NotMatch",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, MatchPredicateValidationError{
+						field:  "NotMatch",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(m.GetNotMatch()).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return MatchPredicateValidationError{
+					field:  "NotMatch",
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	case *MatchPredicate_AnyMatch:
+
+		if m.GetAnyMatch() != true {
+			err := MatchPredicateValidationError{
+				field:  "AnyMatch",
+				reason: "value must equal true",
+			}
+			if !all {
+				return err
+			}
+			errors = append(errors, err)
+		}
+
+	case *MatchPredicate_HttpRequestHeadersMatch:
+
+		if all {
+			switch v := interface{}(m.GetHttpRequestHeadersMatch()).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, MatchPredicateValidationError{
+						field:  "HttpRequestHeadersMatch",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, MatchPredicateValidationError{
+						field:  "HttpRequestHeadersMatch",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(m.GetHttpRequestHeadersMatch()).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return MatchPredicateValidationError{
+					field:  "HttpRequestHeadersMatch",
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	case *MatchPredicate_HttpRequestTrailersMatch:
+
+		if all {
+			switch v := interface{}(m.GetHttpRequestTrailersMatch()).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, MatchPredicateValidationError{
+						field:  "HttpRequestTrailersMatch",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, MatchPredicateValidationError{
+						field:  "HttpRequestTrailersMatch",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(m.GetHttpRequestTrailersMatch()).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return MatchPredicateValidationError{
+					field:  "HttpRequestTrailersMatch",
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	case *MatchPredicate_HttpResponseHeadersMatch:
+
+		if all {
+			switch v := interface{}(m.GetHttpResponseHeadersMatch()).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, MatchPredicateValidationError{
+						field:  "HttpResponseHeadersMatch",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, MatchPredicateValidationError{
+						field:  "HttpResponseHeadersMatch",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(m.GetHttpResponseHeadersMatch()).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return MatchPredicateValidationError{
+					field:  "HttpResponseHeadersMatch",
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	case *MatchPredicate_HttpResponseTrailersMatch:
+
+		if all {
+			switch v := interface{}(m.GetHttpResponseTrailersMatch()).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, MatchPredicateValidationError{
+						field:  "HttpResponseTrailersMatch",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, MatchPredicateValidationError{
+						field:  "HttpResponseTrailersMatch",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(m.GetHttpResponseTrailersMatch()).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return MatchPredicateValidationError{
+					field:  "HttpResponseTrailersMatch",
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	case *MatchPredicate_HttpRequestGenericBodyMatch:
+
+		if all {
+			switch v := interface{}(m.GetHttpRequestGenericBodyMatch()).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, MatchPredicateValidationError{
+						field:  "HttpRequestGenericBodyMatch",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, MatchPredicateValidationError{
+						field:  "HttpRequestGenericBodyMatch",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(m.GetHttpRequestGenericBodyMatch()).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return MatchPredicateValidationError{
+					field:  "HttpRequestGenericBodyMatch",
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	case *MatchPredicate_HttpResponseGenericBodyMatch:
+
+		if all {
+			switch v := interface{}(m.GetHttpResponseGenericBodyMatch()).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, MatchPredicateValidationError{
+						field:  "HttpResponseGenericBodyMatch",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, MatchPredicateValidationError{
+						field:  "HttpResponseGenericBodyMatch",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(m.GetHttpResponseGenericBodyMatch()).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return MatchPredicateValidationError{
+					field:  "HttpResponseGenericBodyMatch",
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	default:
+		err := MatchPredicateValidationError{
+			field:  "Rule",
+			reason: "value is required",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+
+	}
+
+	if len(errors) > 0 {
+		return MatchPredicateMultiError(errors)
+	}
+	return nil
+}
+
+// MatchPredicateMultiError is an error wrapping multiple validation errors
+// returned by MatchPredicate.ValidateAll() if the designated constraints
+// aren't met.
+type MatchPredicateMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m MatchPredicateMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m MatchPredicateMultiError) AllErrors() []error { return m }
+
+// MatchPredicateValidationError is the validation error returned by
+// MatchPredicate.Validate if the designated constraints aren't met.
+type MatchPredicateValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e MatchPredicateValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e MatchPredicateValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e MatchPredicateValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e MatchPredicateValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e MatchPredicateValidationError) ErrorName() string { return "MatchPredicateValidationError" }
+
+// Error satisfies the builtin error interface
+func (e MatchPredicateValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sMatchPredicate.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = MatchPredicateValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = MatchPredicateValidationError{}
+
+// Validate checks the field values on HttpHeadersMatch with the rules defined
+// in the proto definition for this message. If any rules are violated, the
+// first error encountered is returned, or nil if there are no violations.
+func (m *HttpHeadersMatch) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on HttpHeadersMatch with the rules
+// defined in the proto definition for this message. If any rules are
+// violated, the result is a list of violation errors wrapped in
+// HttpHeadersMatchMultiError, or nil if none found.
+func (m *HttpHeadersMatch) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *HttpHeadersMatch) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	for idx, item := range m.GetHeaders() {
+		_, _ = idx, item
+
+		if all {
+			switch v := interface{}(item).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, HttpHeadersMatchValidationError{
+						field:  fmt.Sprintf("Headers[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, HttpHeadersMatchValidationError{
+						field:  fmt.Sprintf("Headers[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(item).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return HttpHeadersMatchValidationError{
+					field:  fmt.Sprintf("Headers[%v]", idx),
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	}
+
+	if len(errors) > 0 {
+		return HttpHeadersMatchMultiError(errors)
+	}
+	return nil
+}
+
+// HttpHeadersMatchMultiError is an error wrapping multiple validation errors
+// returned by HttpHeadersMatch.ValidateAll() if the designated constraints
+// aren't met.
+type HttpHeadersMatchMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m HttpHeadersMatchMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m HttpHeadersMatchMultiError) AllErrors() []error { return m }
+
+// HttpHeadersMatchValidationError is the validation error returned by
+// HttpHeadersMatch.Validate if the designated constraints aren't met.
+type HttpHeadersMatchValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e HttpHeadersMatchValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e HttpHeadersMatchValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e HttpHeadersMatchValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e HttpHeadersMatchValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e HttpHeadersMatchValidationError) ErrorName() string { return "HttpHeadersMatchValidationError" }
+
+// Error satisfies the builtin error interface
+func (e HttpHeadersMatchValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sHttpHeadersMatch.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = HttpHeadersMatchValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = HttpHeadersMatchValidationError{}
+
+// Validate checks the field values on HttpGenericBodyMatch with the rules
+// defined in the proto definition for this message. If any rules are
+// violated, the first error encountered is returned, or nil if there are no violations.
+func (m *HttpGenericBodyMatch) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on HttpGenericBodyMatch with the rules
+// defined in the proto definition for this message. If any rules are
+// violated, the result is a list of violation errors wrapped in
+// HttpGenericBodyMatchMultiError, or nil if none found.
+func (m *HttpGenericBodyMatch) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *HttpGenericBodyMatch) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	// no validation rules for BytesLimit
+
+	if len(m.GetPatterns()) < 1 {
+		err := HttpGenericBodyMatchValidationError{
+			field:  "Patterns",
+			reason: "value must contain at least 1 item(s)",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+	}
+
+	for idx, item := range m.GetPatterns() {
+		_, _ = idx, item
+
+		if all {
+			switch v := interface{}(item).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, HttpGenericBodyMatchValidationError{
+						field:  fmt.Sprintf("Patterns[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, HttpGenericBodyMatchValidationError{
+						field:  fmt.Sprintf("Patterns[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(item).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return HttpGenericBodyMatchValidationError{
+					field:  fmt.Sprintf("Patterns[%v]", idx),
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	}
+
+	if len(errors) > 0 {
+		return HttpGenericBodyMatchMultiError(errors)
+	}
+	return nil
+}
+
+// HttpGenericBodyMatchMultiError is an error wrapping multiple validation
+// errors returned by HttpGenericBodyMatch.ValidateAll() if the designated
+// constraints aren't met.
+type HttpGenericBodyMatchMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m HttpGenericBodyMatchMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m HttpGenericBodyMatchMultiError) AllErrors() []error { return m }
+
+// HttpGenericBodyMatchValidationError is the validation error returned by
+// HttpGenericBodyMatch.Validate if the designated constraints aren't met.
+type HttpGenericBodyMatchValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e HttpGenericBodyMatchValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e HttpGenericBodyMatchValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e HttpGenericBodyMatchValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e HttpGenericBodyMatchValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e HttpGenericBodyMatchValidationError) ErrorName() string {
+	return "HttpGenericBodyMatchValidationError"
+}
+
+// Error satisfies the builtin error interface
+func (e HttpGenericBodyMatchValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sHttpGenericBodyMatch.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = HttpGenericBodyMatchValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = HttpGenericBodyMatchValidationError{}
+
+// Validate checks the field values on OutputConfig with the rules defined in
+// the proto definition for this message. If any rules are violated, the first
+// error encountered is returned, or nil if there are no violations.
+func (m *OutputConfig) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on OutputConfig with the rules defined
+// in the proto definition for this message. If any rules are violated, the
+// result is a list of violation errors wrapped in OutputConfigMultiError, or
+// nil if none found.
+func (m *OutputConfig) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *OutputConfig) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	if len(m.GetSinks()) != 1 {
+		err := OutputConfigValidationError{
+			field:  "Sinks",
+			reason: "value must contain exactly 1 item(s)",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+	}
+
+	for idx, item := range m.GetSinks() {
+		_, _ = idx, item
+
+		if all {
+			switch v := interface{}(item).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, OutputConfigValidationError{
+						field:  fmt.Sprintf("Sinks[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, OutputConfigValidationError{
+						field:  fmt.Sprintf("Sinks[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(item).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return OutputConfigValidationError{
+					field:  fmt.Sprintf("Sinks[%v]", idx),
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	}
+
+	if all {
+		switch v := interface{}(m.GetMaxBufferedRxBytes()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, OutputConfigValidationError{
+					field:  "MaxBufferedRxBytes",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, OutputConfigValidationError{
+					field:  "MaxBufferedRxBytes",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetMaxBufferedRxBytes()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return OutputConfigValidationError{
+				field:  "MaxBufferedRxBytes",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if all {
+		switch v := interface{}(m.GetMaxBufferedTxBytes()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, OutputConfigValidationError{
+					field:  "MaxBufferedTxBytes",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, OutputConfigValidationError{
+					field:  "MaxBufferedTxBytes",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetMaxBufferedTxBytes()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return OutputConfigValidationError{
+				field:  "MaxBufferedTxBytes",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	// no validation rules for Streaming
+
+	if len(errors) > 0 {
+		return OutputConfigMultiError(errors)
+	}
+	return nil
+}
+
+// OutputConfigMultiError is an error wrapping multiple validation errors
+// returned by OutputConfig.ValidateAll() if the designated constraints aren't met.
+type OutputConfigMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m OutputConfigMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m OutputConfigMultiError) AllErrors() []error { return m }
+
+// OutputConfigValidationError is the validation error returned by
+// OutputConfig.Validate if the designated constraints aren't met.
+type OutputConfigValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e OutputConfigValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e OutputConfigValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e OutputConfigValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e OutputConfigValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e OutputConfigValidationError) ErrorName() string { return "OutputConfigValidationError" }
+
+// Error satisfies the builtin error interface
+func (e OutputConfigValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sOutputConfig.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = OutputConfigValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = OutputConfigValidationError{}
+
+// Validate checks the field values on OutputSink with the rules defined in the
+// proto definition for this message. If any rules are violated, the first
+// error encountered is returned, or nil if there are no violations.
+func (m *OutputSink) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on OutputSink with the rules defined in
+// the proto definition for this message. If any rules are violated, the
+// result is a list of violation errors wrapped in OutputSinkMultiError, or
+// nil if none found.
+func (m *OutputSink) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *OutputSink) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	if _, ok := OutputSink_Format_name[int32(m.GetFormat())]; !ok {
+		err := OutputSinkValidationError{
+			field:  "Format",
+			reason: "value must be one of the defined enum values",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+	}
+
+	switch m.OutputSinkType.(type) {
+
+	case *OutputSink_StreamingAdmin:
+
+		if all {
+			switch v := interface{}(m.GetStreamingAdmin()).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, OutputSinkValidationError{
+						field:  "StreamingAdmin",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, OutputSinkValidationError{
+						field:  "StreamingAdmin",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(m.GetStreamingAdmin()).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return OutputSinkValidationError{
+					field:  "StreamingAdmin",
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	case *OutputSink_FilePerTap:
+
+		if all {
+			switch v := interface{}(m.GetFilePerTap()).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, OutputSinkValidationError{
+						field:  "FilePerTap",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, OutputSinkValidationError{
+						field:  "FilePerTap",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(m.GetFilePerTap()).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return OutputSinkValidationError{
+					field:  "FilePerTap",
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	case *OutputSink_StreamingGrpc:
+
+		if all {
+			switch v := interface{}(m.GetStreamingGrpc()).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, OutputSinkValidationError{
+						field:  "StreamingGrpc",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, OutputSinkValidationError{
+						field:  "StreamingGrpc",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(m.GetStreamingGrpc()).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return OutputSinkValidationError{
+					field:  "StreamingGrpc",
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	default:
+		err := OutputSinkValidationError{
+			field:  "OutputSinkType",
+			reason: "value is required",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+
+	}
+
+	if len(errors) > 0 {
+		return OutputSinkMultiError(errors)
+	}
+	return nil
+}
+
+// OutputSinkMultiError is an error wrapping multiple validation errors
+// returned by OutputSink.ValidateAll() if the designated constraints aren't met.
+type OutputSinkMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m OutputSinkMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m OutputSinkMultiError) AllErrors() []error { return m }
+
+// OutputSinkValidationError is the validation error returned by
+// OutputSink.Validate if the designated constraints aren't met.
+type OutputSinkValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e OutputSinkValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e OutputSinkValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e OutputSinkValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e OutputSinkValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e OutputSinkValidationError) ErrorName() string { return "OutputSinkValidationError" }
+
+// Error satisfies the builtin error interface
+func (e OutputSinkValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sOutputSink.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = OutputSinkValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = OutputSinkValidationError{}
+
+// Validate checks the field values on StreamingAdminSink with the rules
+// defined in the proto definition for this message. If any rules are
+// violated, the first error encountered is returned, or nil if there are no violations.
+func (m *StreamingAdminSink) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on StreamingAdminSink with the rules
+// defined in the proto definition for this message. If any rules are
+// violated, the result is a list of violation errors wrapped in
+// StreamingAdminSinkMultiError, or nil if none found.
+func (m *StreamingAdminSink) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *StreamingAdminSink) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	if len(errors) > 0 {
+		return StreamingAdminSinkMultiError(errors)
+	}
+	return nil
+}
+
+// StreamingAdminSinkMultiError is an error wrapping multiple validation errors
+// returned by StreamingAdminSink.ValidateAll() if the designated constraints
+// aren't met.
+type StreamingAdminSinkMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m StreamingAdminSinkMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m StreamingAdminSinkMultiError) AllErrors() []error { return m }
+
+// StreamingAdminSinkValidationError is the validation error returned by
+// StreamingAdminSink.Validate if the designated constraints aren't met.
+type StreamingAdminSinkValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e StreamingAdminSinkValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e StreamingAdminSinkValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e StreamingAdminSinkValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e StreamingAdminSinkValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e StreamingAdminSinkValidationError) ErrorName() string {
+	return "StreamingAdminSinkValidationError"
+}
+
+// Error satisfies the builtin error interface
+func (e StreamingAdminSinkValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sStreamingAdminSink.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = StreamingAdminSinkValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = StreamingAdminSinkValidationError{}
+
+// Validate checks the field values on FilePerTapSink with the rules defined in
+// the proto definition for this message. If any rules are violated, the first
+// error encountered is returned, or nil if there are no violations.
+func (m *FilePerTapSink) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on FilePerTapSink with the rules defined
+// in the proto definition for this message. If any rules are violated, the
+// result is a list of violation errors wrapped in FilePerTapSinkMultiError,
+// or nil if none found.
+func (m *FilePerTapSink) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *FilePerTapSink) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	if utf8.RuneCountInString(m.GetPathPrefix()) < 1 {
+		err := FilePerTapSinkValidationError{
+			field:  "PathPrefix",
+			reason: "value length must be at least 1 runes",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+	}
+
+	if len(errors) > 0 {
+		return FilePerTapSinkMultiError(errors)
+	}
+	return nil
+}
+
+// FilePerTapSinkMultiError is an error wrapping multiple validation errors
+// returned by FilePerTapSink.ValidateAll() if the designated constraints
+// aren't met.
+type FilePerTapSinkMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m FilePerTapSinkMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m FilePerTapSinkMultiError) AllErrors() []error { return m }
+
+// FilePerTapSinkValidationError is the validation error returned by
+// FilePerTapSink.Validate if the designated constraints aren't met.
+type FilePerTapSinkValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e FilePerTapSinkValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e FilePerTapSinkValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e FilePerTapSinkValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e FilePerTapSinkValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e FilePerTapSinkValidationError) ErrorName() string { return "FilePerTapSinkValidationError" }
+
+// Error satisfies the builtin error interface
+func (e FilePerTapSinkValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sFilePerTapSink.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = FilePerTapSinkValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = FilePerTapSinkValidationError{}
+
+// Validate checks the field values on StreamingGrpcSink with the rules defined
+// in the proto definition for this message. If any rules are violated, the
+// first error encountered is returned, or nil if there are no violations.
+func (m *StreamingGrpcSink) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on StreamingGrpcSink with the rules
+// defined in the proto definition for this message. If any rules are
+// violated, the result is a list of violation errors wrapped in
+// StreamingGrpcSinkMultiError, or nil if none found.
+func (m *StreamingGrpcSink) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *StreamingGrpcSink) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	// no validation rules for TapId
+
+	if m.GetGrpcService() == nil {
+		err := StreamingGrpcSinkValidationError{
+			field:  "GrpcService",
+			reason: "value is required",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+	}
+
+	if all {
+		switch v := interface{}(m.GetGrpcService()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, StreamingGrpcSinkValidationError{
+					field:  "GrpcService",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, StreamingGrpcSinkValidationError{
+					field:  "GrpcService",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetGrpcService()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return StreamingGrpcSinkValidationError{
+				field:  "GrpcService",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if len(errors) > 0 {
+		return StreamingGrpcSinkMultiError(errors)
+	}
+	return nil
+}
+
+// StreamingGrpcSinkMultiError is an error wrapping multiple validation errors
+// returned by StreamingGrpcSink.ValidateAll() if the designated constraints
+// aren't met.
+type StreamingGrpcSinkMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m StreamingGrpcSinkMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m StreamingGrpcSinkMultiError) AllErrors() []error { return m }
+
+// StreamingGrpcSinkValidationError is the validation error returned by
+// StreamingGrpcSink.Validate if the designated constraints aren't met.
+type StreamingGrpcSinkValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e StreamingGrpcSinkValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e StreamingGrpcSinkValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e StreamingGrpcSinkValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e StreamingGrpcSinkValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e StreamingGrpcSinkValidationError) ErrorName() string {
+	return "StreamingGrpcSinkValidationError"
+}
+
+// Error satisfies the builtin error interface
+func (e StreamingGrpcSinkValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sStreamingGrpcSink.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = StreamingGrpcSinkValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = StreamingGrpcSinkValidationError{}
+
+// Validate checks the field values on MatchPredicate_MatchSet with the rules
+// defined in the proto definition for this message. If any rules are
+// violated, the first error encountered is returned, or nil if there are no violations.
+func (m *MatchPredicate_MatchSet) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on MatchPredicate_MatchSet with the
+// rules defined in the proto definition for this message. If any rules are
+// violated, the result is a list of violation errors wrapped in
+// MatchPredicate_MatchSetMultiError, or nil if none found.
+func (m *MatchPredicate_MatchSet) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *MatchPredicate_MatchSet) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	if len(m.GetRules()) < 2 {
+		err := MatchPredicate_MatchSetValidationError{
+			field:  "Rules",
+			reason: "value must contain at least 2 item(s)",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+	}
+
+	for idx, item := range m.GetRules() {
+		_, _ = idx, item
+
+		if all {
+			switch v := interface{}(item).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, MatchPredicate_MatchSetValidationError{
+						field:  fmt.Sprintf("Rules[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, MatchPredicate_MatchSetValidationError{
+						field:  fmt.Sprintf("Rules[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(item).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return MatchPredicate_MatchSetValidationError{
+					field:  fmt.Sprintf("Rules[%v]", idx),
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	}
+
+	if len(errors) > 0 {
+		return MatchPredicate_MatchSetMultiError(errors)
+	}
+	return nil
+}
+
+// MatchPredicate_MatchSetMultiError is an error wrapping multiple validation
+// errors returned by MatchPredicate_MatchSet.ValidateAll() if the designated
+// constraints aren't met.
+type MatchPredicate_MatchSetMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m MatchPredicate_MatchSetMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m MatchPredicate_MatchSetMultiError) AllErrors() []error { return m }
+
+// MatchPredicate_MatchSetValidationError is the validation error returned by
+// MatchPredicate_MatchSet.Validate if the designated constraints aren't met.
+type MatchPredicate_MatchSetValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e MatchPredicate_MatchSetValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e MatchPredicate_MatchSetValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e MatchPredicate_MatchSetValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e MatchPredicate_MatchSetValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e MatchPredicate_MatchSetValidationError) ErrorName() string {
+	return "MatchPredicate_MatchSetValidationError"
+}
+
+// Error satisfies the builtin error interface
+func (e MatchPredicate_MatchSetValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sMatchPredicate_MatchSet.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = MatchPredicate_MatchSetValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = MatchPredicate_MatchSetValidationError{}
+
+// Validate checks the field values on HttpGenericBodyMatch_GenericTextMatch
+// with the rules defined in the proto definition for this message. If any
+// rules are violated, the first error encountered is returned, or nil if
+// there are no violations.
+func (m *HttpGenericBodyMatch_GenericTextMatch) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on HttpGenericBodyMatch_GenericTextMatch
+// with the rules defined in the proto definition for this message. If any
+// rules are violated, the result is a list of violation errors wrapped in
+// HttpGenericBodyMatch_GenericTextMatchMultiError, or nil if none found.
+func (m *HttpGenericBodyMatch_GenericTextMatch) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *HttpGenericBodyMatch_GenericTextMatch) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	switch m.Rule.(type) {
+
+	case *HttpGenericBodyMatch_GenericTextMatch_StringMatch:
+
+		if utf8.RuneCountInString(m.GetStringMatch()) < 1 {
+			err := HttpGenericBodyMatch_GenericTextMatchValidationError{
+				field:  "StringMatch",
+				reason: "value length must be at least 1 runes",
+			}
+			if !all {
+				return err
+			}
+			errors = append(errors, err)
+		}
+
+	case *HttpGenericBodyMatch_GenericTextMatch_BinaryMatch:
+
+		if len(m.GetBinaryMatch()) < 1 {
+			err := HttpGenericBodyMatch_GenericTextMatchValidationError{
+				field:  "BinaryMatch",
+				reason: "value length must be at least 1 bytes",
+			}
+			if !all {
+				return err
+			}
+			errors = append(errors, err)
+		}
+
+	default:
+		err := HttpGenericBodyMatch_GenericTextMatchValidationError{
+			field:  "Rule",
+			reason: "value is required",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+
+	}
+
+	if len(errors) > 0 {
+		return HttpGenericBodyMatch_GenericTextMatchMultiError(errors)
+	}
+	return nil
+}
+
+// HttpGenericBodyMatch_GenericTextMatchMultiError is an error wrapping
+// multiple validation errors returned by
+// HttpGenericBodyMatch_GenericTextMatch.ValidateAll() if the designated
+// constraints aren't met.
+type HttpGenericBodyMatch_GenericTextMatchMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m HttpGenericBodyMatch_GenericTextMatchMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m HttpGenericBodyMatch_GenericTextMatchMultiError) AllErrors() []error { return m }
+
+// HttpGenericBodyMatch_GenericTextMatchValidationError is the validation error
+// returned by HttpGenericBodyMatch_GenericTextMatch.Validate if the
+// designated constraints aren't met.
+type HttpGenericBodyMatch_GenericTextMatchValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e HttpGenericBodyMatch_GenericTextMatchValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e HttpGenericBodyMatch_GenericTextMatchValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e HttpGenericBodyMatch_GenericTextMatchValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e HttpGenericBodyMatch_GenericTextMatchValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e HttpGenericBodyMatch_GenericTextMatchValidationError) ErrorName() string {
+	return "HttpGenericBodyMatch_GenericTextMatchValidationError"
+}
+
+// Error satisfies the builtin error interface
+func (e HttpGenericBodyMatch_GenericTextMatchValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sHttpGenericBodyMatch_GenericTextMatch.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = HttpGenericBodyMatch_GenericTextMatchValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = HttpGenericBodyMatch_GenericTextMatchValidationError{}
diff --git a/vendor/github.com/envoyproxy/go-control-plane/envoy/config/trace/v3/datadog.pb.go b/vendor/github.com/envoyproxy/go-control-plane/envoy/config/trace/v3/datadog.pb.go
new file mode 100644
index 00000000000..5471eb0d841
--- /dev/null
+++ b/vendor/github.com/envoyproxy/go-control-plane/envoy/config/trace/v3/datadog.pb.go
@@ -0,0 +1,184 @@
+// Code generated by protoc-gen-go. DO NOT EDIT.
+// versions:
+// 	protoc-gen-go v1.25.0
+// 	protoc        v3.19.1
+// source: envoy/config/trace/v3/datadog.proto
+
+package envoy_config_trace_v3
+
+import (
+	_ "github.com/cncf/xds/go/udpa/annotations"
+	_ "github.com/envoyproxy/protoc-gen-validate/validate"
+	proto "github.com/golang/protobuf/proto"
+	protoreflect "google.golang.org/protobuf/reflect/protoreflect"
+	protoimpl "google.golang.org/protobuf/runtime/protoimpl"
+	reflect "reflect"
+	sync "sync"
+)
+
+const (
+	// Verify that this generated code is sufficiently up-to-date.
+	_ = protoimpl.EnforceVersion(20 - protoimpl.MinVersion)
+	// Verify that runtime/protoimpl is sufficiently up-to-date.
+	_ = protoimpl.EnforceVersion(protoimpl.MaxVersion - 20)
+)
+
+// This is a compile-time assertion that a sufficiently up-to-date version
+// of the legacy proto package is being used.
+const _ = proto.ProtoPackageIsVersion4
+
+// Configuration for the Datadog tracer.
+// [#extension: envoy.tracers.datadog]
+type DatadogConfig struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// The cluster to use for submitting traces to the Datadog agent.
+	CollectorCluster string `protobuf:"bytes,1,opt,name=collector_cluster,json=collectorCluster,proto3" json:"collector_cluster,omitempty"`
+	// The name used for the service when traces are generated by envoy.
+	ServiceName string `protobuf:"bytes,2,opt,name=service_name,json=serviceName,proto3" json:"service_name,omitempty"`
+}
+
+func (x *DatadogConfig) Reset() {
+	*x = DatadogConfig{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_config_trace_v3_datadog_proto_msgTypes[0]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *DatadogConfig) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*DatadogConfig) ProtoMessage() {}
+
+func (x *DatadogConfig) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_config_trace_v3_datadog_proto_msgTypes[0]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use DatadogConfig.ProtoReflect.Descriptor instead.
+func (*DatadogConfig) Descriptor() ([]byte, []int) {
+	return file_envoy_config_trace_v3_datadog_proto_rawDescGZIP(), []int{0}
+}
+
+func (x *DatadogConfig) GetCollectorCluster() string {
+	if x != nil {
+		return x.CollectorCluster
+	}
+	return ""
+}
+
+func (x *DatadogConfig) GetServiceName() string {
+	if x != nil {
+		return x.ServiceName
+	}
+	return ""
+}
+
+var File_envoy_config_trace_v3_datadog_proto protoreflect.FileDescriptor
+
+var file_envoy_config_trace_v3_datadog_proto_rawDesc = []byte{
+	0x0a, 0x23, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2f, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2f, 0x74,
+	0x72, 0x61, 0x63, 0x65, 0x2f, 0x76, 0x33, 0x2f, 0x64, 0x61, 0x74, 0x61, 0x64, 0x6f, 0x67, 0x2e,
+	0x70, 0x72, 0x6f, 0x74, 0x6f, 0x12, 0x15, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e,
+	0x66, 0x69, 0x67, 0x2e, 0x74, 0x72, 0x61, 0x63, 0x65, 0x2e, 0x76, 0x33, 0x1a, 0x1e, 0x75, 0x64,
+	0x70, 0x61, 0x2f, 0x61, 0x6e, 0x6e, 0x6f, 0x74, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x2f, 0x6d,
+	0x69, 0x67, 0x72, 0x61, 0x74, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x1d, 0x75, 0x64,
+	0x70, 0x61, 0x2f, 0x61, 0x6e, 0x6e, 0x6f, 0x74, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x2f, 0x73,
+	0x74, 0x61, 0x74, 0x75, 0x73, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x21, 0x75, 0x64, 0x70,
+	0x61, 0x2f, 0x61, 0x6e, 0x6e, 0x6f, 0x74, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x2f, 0x76, 0x65,
+	0x72, 0x73, 0x69, 0x6f, 0x6e, 0x69, 0x6e, 0x67, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x17,
+	0x76, 0x61, 0x6c, 0x69, 0x64, 0x61, 0x74, 0x65, 0x2f, 0x76, 0x61, 0x6c, 0x69, 0x64, 0x61, 0x74,
+	0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x22, 0x9d, 0x01, 0x0a, 0x0d, 0x44, 0x61, 0x74, 0x61,
+	0x64, 0x6f, 0x67, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x12, 0x34, 0x0a, 0x11, 0x63, 0x6f, 0x6c,
+	0x6c, 0x65, 0x63, 0x74, 0x6f, 0x72, 0x5f, 0x63, 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0x18, 0x01,
+	0x20, 0x01, 0x28, 0x09, 0x42, 0x07, 0xfa, 0x42, 0x04, 0x72, 0x02, 0x10, 0x01, 0x52, 0x10, 0x63,
+	0x6f, 0x6c, 0x6c, 0x65, 0x63, 0x74, 0x6f, 0x72, 0x43, 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0x12,
+	0x2a, 0x0a, 0x0c, 0x73, 0x65, 0x72, 0x76, 0x69, 0x63, 0x65, 0x5f, 0x6e, 0x61, 0x6d, 0x65, 0x18,
+	0x02, 0x20, 0x01, 0x28, 0x09, 0x42, 0x07, 0xfa, 0x42, 0x04, 0x72, 0x02, 0x10, 0x01, 0x52, 0x0b,
+	0x73, 0x65, 0x72, 0x76, 0x69, 0x63, 0x65, 0x4e, 0x61, 0x6d, 0x65, 0x3a, 0x2a, 0x9a, 0xc5, 0x88,
+	0x1e, 0x25, 0x0a, 0x23, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67,
+	0x2e, 0x74, 0x72, 0x61, 0x63, 0x65, 0x2e, 0x76, 0x32, 0x2e, 0x44, 0x61, 0x74, 0x61, 0x64, 0x6f,
+	0x67, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x42, 0x6d, 0x0a, 0x23, 0x69, 0x6f, 0x2e, 0x65, 0x6e,
+	0x76, 0x6f, 0x79, 0x70, 0x72, 0x6f, 0x78, 0x79, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63,
+	0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x74, 0x72, 0x61, 0x63, 0x65, 0x2e, 0x76, 0x33, 0x42, 0x0c,
+	0x44, 0x61, 0x74, 0x61, 0x64, 0x6f, 0x67, 0x50, 0x72, 0x6f, 0x74, 0x6f, 0x50, 0x01, 0xf2, 0x98,
+	0xfe, 0x8f, 0x05, 0x2a, 0x12, 0x28, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x65, 0x78, 0x74, 0x65,
+	0x6e, 0x73, 0x69, 0x6f, 0x6e, 0x73, 0x2e, 0x74, 0x72, 0x61, 0x63, 0x65, 0x72, 0x73, 0x2e, 0x64,
+	0x61, 0x74, 0x61, 0x64, 0x6f, 0x67, 0x2e, 0x76, 0x34, 0x61, 0x6c, 0x70, 0x68, 0x61, 0xba, 0x80,
+	0xc8, 0xd1, 0x06, 0x02, 0x10, 0x02, 0x62, 0x06, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x33,
+}
+
+var (
+	file_envoy_config_trace_v3_datadog_proto_rawDescOnce sync.Once
+	file_envoy_config_trace_v3_datadog_proto_rawDescData = file_envoy_config_trace_v3_datadog_proto_rawDesc
+)
+
+func file_envoy_config_trace_v3_datadog_proto_rawDescGZIP() []byte {
+	file_envoy_config_trace_v3_datadog_proto_rawDescOnce.Do(func() {
+		file_envoy_config_trace_v3_datadog_proto_rawDescData = protoimpl.X.CompressGZIP(file_envoy_config_trace_v3_datadog_proto_rawDescData)
+	})
+	return file_envoy_config_trace_v3_datadog_proto_rawDescData
+}
+
+var file_envoy_config_trace_v3_datadog_proto_msgTypes = make([]protoimpl.MessageInfo, 1)
+var file_envoy_config_trace_v3_datadog_proto_goTypes = []interface{}{
+	(*DatadogConfig)(nil), // 0: envoy.config.trace.v3.DatadogConfig
+}
+var file_envoy_config_trace_v3_datadog_proto_depIdxs = []int32{
+	0, // [0:0] is the sub-list for method output_type
+	0, // [0:0] is the sub-list for method input_type
+	0, // [0:0] is the sub-list for extension type_name
+	0, // [0:0] is the sub-list for extension extendee
+	0, // [0:0] is the sub-list for field type_name
+}
+
+func init() { file_envoy_config_trace_v3_datadog_proto_init() }
+func file_envoy_config_trace_v3_datadog_proto_init() {
+	if File_envoy_config_trace_v3_datadog_proto != nil {
+		return
+	}
+	if !protoimpl.UnsafeEnabled {
+		file_envoy_config_trace_v3_datadog_proto_msgTypes[0].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*DatadogConfig); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+	}
+	type x struct{}
+	out := protoimpl.TypeBuilder{
+		File: protoimpl.DescBuilder{
+			GoPackagePath: reflect.TypeOf(x{}).PkgPath(),
+			RawDescriptor: file_envoy_config_trace_v3_datadog_proto_rawDesc,
+			NumEnums:      0,
+			NumMessages:   1,
+			NumExtensions: 0,
+			NumServices:   0,
+		},
+		GoTypes:           file_envoy_config_trace_v3_datadog_proto_goTypes,
+		DependencyIndexes: file_envoy_config_trace_v3_datadog_proto_depIdxs,
+		MessageInfos:      file_envoy_config_trace_v3_datadog_proto_msgTypes,
+	}.Build()
+	File_envoy_config_trace_v3_datadog_proto = out.File
+	file_envoy_config_trace_v3_datadog_proto_rawDesc = nil
+	file_envoy_config_trace_v3_datadog_proto_goTypes = nil
+	file_envoy_config_trace_v3_datadog_proto_depIdxs = nil
+}
diff --git a/vendor/github.com/envoyproxy/go-control-plane/envoy/config/trace/v3/datadog.pb.validate.go b/vendor/github.com/envoyproxy/go-control-plane/envoy/config/trace/v3/datadog.pb.validate.go
new file mode 100644
index 00000000000..c592d2c87c6
--- /dev/null
+++ b/vendor/github.com/envoyproxy/go-control-plane/envoy/config/trace/v3/datadog.pb.validate.go
@@ -0,0 +1,157 @@
+// Code generated by protoc-gen-validate. DO NOT EDIT.
+// source: envoy/config/trace/v3/datadog.proto
+
+package envoy_config_trace_v3
+
+import (
+	"bytes"
+	"errors"
+	"fmt"
+	"net"
+	"net/mail"
+	"net/url"
+	"regexp"
+	"sort"
+	"strings"
+	"time"
+	"unicode/utf8"
+
+	"google.golang.org/protobuf/types/known/anypb"
+)
+
+// ensure the imports are used
+var (
+	_ = bytes.MinRead
+	_ = errors.New("")
+	_ = fmt.Print
+	_ = utf8.UTFMax
+	_ = (*regexp.Regexp)(nil)
+	_ = (*strings.Reader)(nil)
+	_ = net.IPv4len
+	_ = time.Duration(0)
+	_ = (*url.URL)(nil)
+	_ = (*mail.Address)(nil)
+	_ = anypb.Any{}
+	_ = sort.Sort
+)
+
+// Validate checks the field values on DatadogConfig with the rules defined in
+// the proto definition for this message. If any rules are violated, the first
+// error encountered is returned, or nil if there are no violations.
+func (m *DatadogConfig) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on DatadogConfig with the rules defined
+// in the proto definition for this message. If any rules are violated, the
+// result is a list of violation errors wrapped in DatadogConfigMultiError, or
+// nil if none found.
+func (m *DatadogConfig) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *DatadogConfig) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	if utf8.RuneCountInString(m.GetCollectorCluster()) < 1 {
+		err := DatadogConfigValidationError{
+			field:  "CollectorCluster",
+			reason: "value length must be at least 1 runes",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+	}
+
+	if utf8.RuneCountInString(m.GetServiceName()) < 1 {
+		err := DatadogConfigValidationError{
+			field:  "ServiceName",
+			reason: "value length must be at least 1 runes",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+	}
+
+	if len(errors) > 0 {
+		return DatadogConfigMultiError(errors)
+	}
+	return nil
+}
+
+// DatadogConfigMultiError is an error wrapping multiple validation errors
+// returned by DatadogConfig.ValidateAll() if the designated constraints
+// aren't met.
+type DatadogConfigMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m DatadogConfigMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m DatadogConfigMultiError) AllErrors() []error { return m }
+
+// DatadogConfigValidationError is the validation error returned by
+// DatadogConfig.Validate if the designated constraints aren't met.
+type DatadogConfigValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e DatadogConfigValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e DatadogConfigValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e DatadogConfigValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e DatadogConfigValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e DatadogConfigValidationError) ErrorName() string { return "DatadogConfigValidationError" }
+
+// Error satisfies the builtin error interface
+func (e DatadogConfigValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sDatadogConfig.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = DatadogConfigValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = DatadogConfigValidationError{}
diff --git a/vendor/github.com/envoyproxy/go-control-plane/envoy/config/trace/v3/dynamic_ot.pb.go b/vendor/github.com/envoyproxy/go-control-plane/envoy/config/trace/v3/dynamic_ot.pb.go
new file mode 100644
index 00000000000..563864a316e
--- /dev/null
+++ b/vendor/github.com/envoyproxy/go-control-plane/envoy/config/trace/v3/dynamic_ot.pb.go
@@ -0,0 +1,193 @@
+// Code generated by protoc-gen-go. DO NOT EDIT.
+// versions:
+// 	protoc-gen-go v1.25.0
+// 	protoc        v3.19.1
+// source: envoy/config/trace/v3/dynamic_ot.proto
+
+package envoy_config_trace_v3
+
+import (
+	_ "github.com/cncf/xds/go/udpa/annotations"
+	_ "github.com/envoyproxy/protoc-gen-validate/validate"
+	proto "github.com/golang/protobuf/proto"
+	_struct "github.com/golang/protobuf/ptypes/struct"
+	protoreflect "google.golang.org/protobuf/reflect/protoreflect"
+	protoimpl "google.golang.org/protobuf/runtime/protoimpl"
+	reflect "reflect"
+	sync "sync"
+)
+
+const (
+	// Verify that this generated code is sufficiently up-to-date.
+	_ = protoimpl.EnforceVersion(20 - protoimpl.MinVersion)
+	// Verify that runtime/protoimpl is sufficiently up-to-date.
+	_ = protoimpl.EnforceVersion(protoimpl.MaxVersion - 20)
+)
+
+// This is a compile-time assertion that a sufficiently up-to-date version
+// of the legacy proto package is being used.
+const _ = proto.ProtoPackageIsVersion4
+
+// DynamicOtConfig is used to dynamically load a tracer from a shared library
+// that implements the `OpenTracing dynamic loading API
+// <https://github.com/opentracing/opentracing-cpp>`_.
+// [#extension: envoy.tracers.dynamic_ot]
+type DynamicOtConfig struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// Dynamic library implementing the `OpenTracing API
+	// <https://github.com/opentracing/opentracing-cpp>`_.
+	Library string `protobuf:"bytes,1,opt,name=library,proto3" json:"library,omitempty"`
+	// The configuration to use when creating a tracer from the given dynamic
+	// library.
+	Config *_struct.Struct `protobuf:"bytes,2,opt,name=config,proto3" json:"config,omitempty"`
+}
+
+func (x *DynamicOtConfig) Reset() {
+	*x = DynamicOtConfig{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_config_trace_v3_dynamic_ot_proto_msgTypes[0]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *DynamicOtConfig) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*DynamicOtConfig) ProtoMessage() {}
+
+func (x *DynamicOtConfig) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_config_trace_v3_dynamic_ot_proto_msgTypes[0]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use DynamicOtConfig.ProtoReflect.Descriptor instead.
+func (*DynamicOtConfig) Descriptor() ([]byte, []int) {
+	return file_envoy_config_trace_v3_dynamic_ot_proto_rawDescGZIP(), []int{0}
+}
+
+func (x *DynamicOtConfig) GetLibrary() string {
+	if x != nil {
+		return x.Library
+	}
+	return ""
+}
+
+func (x *DynamicOtConfig) GetConfig() *_struct.Struct {
+	if x != nil {
+		return x.Config
+	}
+	return nil
+}
+
+var File_envoy_config_trace_v3_dynamic_ot_proto protoreflect.FileDescriptor
+
+var file_envoy_config_trace_v3_dynamic_ot_proto_rawDesc = []byte{
+	0x0a, 0x26, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2f, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2f, 0x74,
+	0x72, 0x61, 0x63, 0x65, 0x2f, 0x76, 0x33, 0x2f, 0x64, 0x79, 0x6e, 0x61, 0x6d, 0x69, 0x63, 0x5f,
+	0x6f, 0x74, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x12, 0x15, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e,
+	0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x74, 0x72, 0x61, 0x63, 0x65, 0x2e, 0x76, 0x33, 0x1a,
+	0x1c, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2f, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66,
+	0x2f, 0x73, 0x74, 0x72, 0x75, 0x63, 0x74, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x1e, 0x75,
+	0x64, 0x70, 0x61, 0x2f, 0x61, 0x6e, 0x6e, 0x6f, 0x74, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x2f,
+	0x6d, 0x69, 0x67, 0x72, 0x61, 0x74, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x1d, 0x75,
+	0x64, 0x70, 0x61, 0x2f, 0x61, 0x6e, 0x6e, 0x6f, 0x74, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x2f,
+	0x73, 0x74, 0x61, 0x74, 0x75, 0x73, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x21, 0x75, 0x64,
+	0x70, 0x61, 0x2f, 0x61, 0x6e, 0x6e, 0x6f, 0x74, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x2f, 0x76,
+	0x65, 0x72, 0x73, 0x69, 0x6f, 0x6e, 0x69, 0x6e, 0x67, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a,
+	0x17, 0x76, 0x61, 0x6c, 0x69, 0x64, 0x61, 0x74, 0x65, 0x2f, 0x76, 0x61, 0x6c, 0x69, 0x64, 0x61,
+	0x74, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x22, 0x93, 0x01, 0x0a, 0x0f, 0x44, 0x79, 0x6e,
+	0x61, 0x6d, 0x69, 0x63, 0x4f, 0x74, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x12, 0x21, 0x0a, 0x07,
+	0x6c, 0x69, 0x62, 0x72, 0x61, 0x72, 0x79, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x42, 0x07, 0xfa,
+	0x42, 0x04, 0x72, 0x02, 0x10, 0x01, 0x52, 0x07, 0x6c, 0x69, 0x62, 0x72, 0x61, 0x72, 0x79, 0x12,
+	0x2f, 0x0a, 0x06, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x18, 0x02, 0x20, 0x01, 0x28, 0x0b, 0x32,
+	0x17, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75,
+	0x66, 0x2e, 0x53, 0x74, 0x72, 0x75, 0x63, 0x74, 0x52, 0x06, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67,
+	0x3a, 0x2c, 0x9a, 0xc5, 0x88, 0x1e, 0x27, 0x0a, 0x25, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63,
+	0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x74, 0x72, 0x61, 0x63, 0x65, 0x2e, 0x76, 0x32, 0x2e, 0x44,
+	0x79, 0x6e, 0x61, 0x6d, 0x69, 0x63, 0x4f, 0x74, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x42, 0x72,
+	0x0a, 0x23, 0x69, 0x6f, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x70, 0x72, 0x6f, 0x78, 0x79, 0x2e,
+	0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x74, 0x72, 0x61,
+	0x63, 0x65, 0x2e, 0x76, 0x33, 0x42, 0x0e, 0x44, 0x79, 0x6e, 0x61, 0x6d, 0x69, 0x63, 0x4f, 0x74,
+	0x50, 0x72, 0x6f, 0x74, 0x6f, 0x50, 0x01, 0xf2, 0x98, 0xfe, 0x8f, 0x05, 0x2d, 0x12, 0x2b, 0x65,
+	0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x65, 0x78, 0x74, 0x65, 0x6e, 0x73, 0x69, 0x6f, 0x6e, 0x73, 0x2e,
+	0x74, 0x72, 0x61, 0x63, 0x65, 0x72, 0x73, 0x2e, 0x64, 0x79, 0x6e, 0x61, 0x6d, 0x69, 0x63, 0x5f,
+	0x6f, 0x74, 0x2e, 0x76, 0x34, 0x61, 0x6c, 0x70, 0x68, 0x61, 0xba, 0x80, 0xc8, 0xd1, 0x06, 0x02,
+	0x10, 0x02, 0x62, 0x06, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x33,
+}
+
+var (
+	file_envoy_config_trace_v3_dynamic_ot_proto_rawDescOnce sync.Once
+	file_envoy_config_trace_v3_dynamic_ot_proto_rawDescData = file_envoy_config_trace_v3_dynamic_ot_proto_rawDesc
+)
+
+func file_envoy_config_trace_v3_dynamic_ot_proto_rawDescGZIP() []byte {
+	file_envoy_config_trace_v3_dynamic_ot_proto_rawDescOnce.Do(func() {
+		file_envoy_config_trace_v3_dynamic_ot_proto_rawDescData = protoimpl.X.CompressGZIP(file_envoy_config_trace_v3_dynamic_ot_proto_rawDescData)
+	})
+	return file_envoy_config_trace_v3_dynamic_ot_proto_rawDescData
+}
+
+var file_envoy_config_trace_v3_dynamic_ot_proto_msgTypes = make([]protoimpl.MessageInfo, 1)
+var file_envoy_config_trace_v3_dynamic_ot_proto_goTypes = []interface{}{
+	(*DynamicOtConfig)(nil), // 0: envoy.config.trace.v3.DynamicOtConfig
+	(*_struct.Struct)(nil),  // 1: google.protobuf.Struct
+}
+var file_envoy_config_trace_v3_dynamic_ot_proto_depIdxs = []int32{
+	1, // 0: envoy.config.trace.v3.DynamicOtConfig.config:type_name -> google.protobuf.Struct
+	1, // [1:1] is the sub-list for method output_type
+	1, // [1:1] is the sub-list for method input_type
+	1, // [1:1] is the sub-list for extension type_name
+	1, // [1:1] is the sub-list for extension extendee
+	0, // [0:1] is the sub-list for field type_name
+}
+
+func init() { file_envoy_config_trace_v3_dynamic_ot_proto_init() }
+func file_envoy_config_trace_v3_dynamic_ot_proto_init() {
+	if File_envoy_config_trace_v3_dynamic_ot_proto != nil {
+		return
+	}
+	if !protoimpl.UnsafeEnabled {
+		file_envoy_config_trace_v3_dynamic_ot_proto_msgTypes[0].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*DynamicOtConfig); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+	}
+	type x struct{}
+	out := protoimpl.TypeBuilder{
+		File: protoimpl.DescBuilder{
+			GoPackagePath: reflect.TypeOf(x{}).PkgPath(),
+			RawDescriptor: file_envoy_config_trace_v3_dynamic_ot_proto_rawDesc,
+			NumEnums:      0,
+			NumMessages:   1,
+			NumExtensions: 0,
+			NumServices:   0,
+		},
+		GoTypes:           file_envoy_config_trace_v3_dynamic_ot_proto_goTypes,
+		DependencyIndexes: file_envoy_config_trace_v3_dynamic_ot_proto_depIdxs,
+		MessageInfos:      file_envoy_config_trace_v3_dynamic_ot_proto_msgTypes,
+	}.Build()
+	File_envoy_config_trace_v3_dynamic_ot_proto = out.File
+	file_envoy_config_trace_v3_dynamic_ot_proto_rawDesc = nil
+	file_envoy_config_trace_v3_dynamic_ot_proto_goTypes = nil
+	file_envoy_config_trace_v3_dynamic_ot_proto_depIdxs = nil
+}
diff --git a/vendor/github.com/envoyproxy/go-control-plane/envoy/config/trace/v3/dynamic_ot.pb.validate.go b/vendor/github.com/envoyproxy/go-control-plane/envoy/config/trace/v3/dynamic_ot.pb.validate.go
new file mode 100644
index 00000000000..51f2b464e17
--- /dev/null
+++ b/vendor/github.com/envoyproxy/go-control-plane/envoy/config/trace/v3/dynamic_ot.pb.validate.go
@@ -0,0 +1,175 @@
+// Code generated by protoc-gen-validate. DO NOT EDIT.
+// source: envoy/config/trace/v3/dynamic_ot.proto
+
+package envoy_config_trace_v3
+
+import (
+	"bytes"
+	"errors"
+	"fmt"
+	"net"
+	"net/mail"
+	"net/url"
+	"regexp"
+	"sort"
+	"strings"
+	"time"
+	"unicode/utf8"
+
+	"google.golang.org/protobuf/types/known/anypb"
+)
+
+// ensure the imports are used
+var (
+	_ = bytes.MinRead
+	_ = errors.New("")
+	_ = fmt.Print
+	_ = utf8.UTFMax
+	_ = (*regexp.Regexp)(nil)
+	_ = (*strings.Reader)(nil)
+	_ = net.IPv4len
+	_ = time.Duration(0)
+	_ = (*url.URL)(nil)
+	_ = (*mail.Address)(nil)
+	_ = anypb.Any{}
+	_ = sort.Sort
+)
+
+// Validate checks the field values on DynamicOtConfig with the rules defined
+// in the proto definition for this message. If any rules are violated, the
+// first error encountered is returned, or nil if there are no violations.
+func (m *DynamicOtConfig) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on DynamicOtConfig with the rules
+// defined in the proto definition for this message. If any rules are
+// violated, the result is a list of violation errors wrapped in
+// DynamicOtConfigMultiError, or nil if none found.
+func (m *DynamicOtConfig) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *DynamicOtConfig) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	if utf8.RuneCountInString(m.GetLibrary()) < 1 {
+		err := DynamicOtConfigValidationError{
+			field:  "Library",
+			reason: "value length must be at least 1 runes",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+	}
+
+	if all {
+		switch v := interface{}(m.GetConfig()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, DynamicOtConfigValidationError{
+					field:  "Config",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, DynamicOtConfigValidationError{
+					field:  "Config",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetConfig()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return DynamicOtConfigValidationError{
+				field:  "Config",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if len(errors) > 0 {
+		return DynamicOtConfigMultiError(errors)
+	}
+	return nil
+}
+
+// DynamicOtConfigMultiError is an error wrapping multiple validation errors
+// returned by DynamicOtConfig.ValidateAll() if the designated constraints
+// aren't met.
+type DynamicOtConfigMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m DynamicOtConfigMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m DynamicOtConfigMultiError) AllErrors() []error { return m }
+
+// DynamicOtConfigValidationError is the validation error returned by
+// DynamicOtConfig.Validate if the designated constraints aren't met.
+type DynamicOtConfigValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e DynamicOtConfigValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e DynamicOtConfigValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e DynamicOtConfigValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e DynamicOtConfigValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e DynamicOtConfigValidationError) ErrorName() string { return "DynamicOtConfigValidationError" }
+
+// Error satisfies the builtin error interface
+func (e DynamicOtConfigValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sDynamicOtConfig.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = DynamicOtConfigValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = DynamicOtConfigValidationError{}
diff --git a/vendor/github.com/envoyproxy/go-control-plane/envoy/config/trace/v3/http_tracer.pb.go b/vendor/github.com/envoyproxy/go-control-plane/envoy/config/trace/v3/http_tracer.pb.go
new file mode 100644
index 00000000000..18124d22262
--- /dev/null
+++ b/vendor/github.com/envoyproxy/go-control-plane/envoy/config/trace/v3/http_tracer.pb.go
@@ -0,0 +1,293 @@
+// Code generated by protoc-gen-go. DO NOT EDIT.
+// versions:
+// 	protoc-gen-go v1.25.0
+// 	protoc        v3.19.1
+// source: envoy/config/trace/v3/http_tracer.proto
+
+package envoy_config_trace_v3
+
+import (
+	_ "github.com/cncf/xds/go/udpa/annotations"
+	_ "github.com/envoyproxy/protoc-gen-validate/validate"
+	proto "github.com/golang/protobuf/proto"
+	any "github.com/golang/protobuf/ptypes/any"
+	protoreflect "google.golang.org/protobuf/reflect/protoreflect"
+	protoimpl "google.golang.org/protobuf/runtime/protoimpl"
+	reflect "reflect"
+	sync "sync"
+)
+
+const (
+	// Verify that this generated code is sufficiently up-to-date.
+	_ = protoimpl.EnforceVersion(20 - protoimpl.MinVersion)
+	// Verify that runtime/protoimpl is sufficiently up-to-date.
+	_ = protoimpl.EnforceVersion(protoimpl.MaxVersion - 20)
+)
+
+// This is a compile-time assertion that a sufficiently up-to-date version
+// of the legacy proto package is being used.
+const _ = proto.ProtoPackageIsVersion4
+
+// The tracing configuration specifies settings for an HTTP tracer provider used by Envoy.
+//
+// Envoy may support other tracers in the future, but right now the HTTP tracer is the only one
+// supported.
+//
+// .. attention::
+//
+//   Use of this message type has been deprecated in favor of direct use of
+//   :ref:`Tracing.Http <envoy_v3_api_msg_config.trace.v3.Tracing.Http>`.
+type Tracing struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// Provides configuration for the HTTP tracer.
+	Http *Tracing_Http `protobuf:"bytes,1,opt,name=http,proto3" json:"http,omitempty"`
+}
+
+func (x *Tracing) Reset() {
+	*x = Tracing{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_config_trace_v3_http_tracer_proto_msgTypes[0]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *Tracing) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*Tracing) ProtoMessage() {}
+
+func (x *Tracing) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_config_trace_v3_http_tracer_proto_msgTypes[0]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use Tracing.ProtoReflect.Descriptor instead.
+func (*Tracing) Descriptor() ([]byte, []int) {
+	return file_envoy_config_trace_v3_http_tracer_proto_rawDescGZIP(), []int{0}
+}
+
+func (x *Tracing) GetHttp() *Tracing_Http {
+	if x != nil {
+		return x.Http
+	}
+	return nil
+}
+
+// Configuration for an HTTP tracer provider used by Envoy.
+//
+// The configuration is defined by the
+// :ref:`HttpConnectionManager.Tracing <envoy_v3_api_msg_extensions.filters.network.http_connection_manager.v3.HttpConnectionManager.Tracing>`
+// :ref:`provider <envoy_v3_api_field_extensions.filters.network.http_connection_manager.v3.HttpConnectionManager.Tracing.provider>`
+// field.
+type Tracing_Http struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// The name of the HTTP trace driver to instantiate. The name must match a
+	// supported HTTP trace driver.
+	// See the :ref:`extensions listed in typed_config below <extension_category_envoy.tracers>` for the default list of the HTTP trace driver.
+	Name string `protobuf:"bytes,1,opt,name=name,proto3" json:"name,omitempty"`
+	// Trace driver specific configuration which must be set according to the driver being instantiated.
+	// [#extension-category: envoy.tracers]
+	//
+	// Types that are assignable to ConfigType:
+	//	*Tracing_Http_TypedConfig
+	ConfigType isTracing_Http_ConfigType `protobuf_oneof:"config_type"`
+}
+
+func (x *Tracing_Http) Reset() {
+	*x = Tracing_Http{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_config_trace_v3_http_tracer_proto_msgTypes[1]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *Tracing_Http) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*Tracing_Http) ProtoMessage() {}
+
+func (x *Tracing_Http) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_config_trace_v3_http_tracer_proto_msgTypes[1]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use Tracing_Http.ProtoReflect.Descriptor instead.
+func (*Tracing_Http) Descriptor() ([]byte, []int) {
+	return file_envoy_config_trace_v3_http_tracer_proto_rawDescGZIP(), []int{0, 0}
+}
+
+func (x *Tracing_Http) GetName() string {
+	if x != nil {
+		return x.Name
+	}
+	return ""
+}
+
+func (m *Tracing_Http) GetConfigType() isTracing_Http_ConfigType {
+	if m != nil {
+		return m.ConfigType
+	}
+	return nil
+}
+
+func (x *Tracing_Http) GetTypedConfig() *any.Any {
+	if x, ok := x.GetConfigType().(*Tracing_Http_TypedConfig); ok {
+		return x.TypedConfig
+	}
+	return nil
+}
+
+type isTracing_Http_ConfigType interface {
+	isTracing_Http_ConfigType()
+}
+
+type Tracing_Http_TypedConfig struct {
+	TypedConfig *any.Any `protobuf:"bytes,3,opt,name=typed_config,json=typedConfig,proto3,oneof"`
+}
+
+func (*Tracing_Http_TypedConfig) isTracing_Http_ConfigType() {}
+
+var File_envoy_config_trace_v3_http_tracer_proto protoreflect.FileDescriptor
+
+var file_envoy_config_trace_v3_http_tracer_proto_rawDesc = []byte{
+	0x0a, 0x27, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2f, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2f, 0x74,
+	0x72, 0x61, 0x63, 0x65, 0x2f, 0x76, 0x33, 0x2f, 0x68, 0x74, 0x74, 0x70, 0x5f, 0x74, 0x72, 0x61,
+	0x63, 0x65, 0x72, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x12, 0x15, 0x65, 0x6e, 0x76, 0x6f, 0x79,
+	0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x74, 0x72, 0x61, 0x63, 0x65, 0x2e, 0x76, 0x33,
+	0x1a, 0x19, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2f, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75,
+	0x66, 0x2f, 0x61, 0x6e, 0x79, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x1d, 0x75, 0x64, 0x70,
+	0x61, 0x2f, 0x61, 0x6e, 0x6e, 0x6f, 0x74, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x2f, 0x73, 0x74,
+	0x61, 0x74, 0x75, 0x73, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x21, 0x75, 0x64, 0x70, 0x61,
+	0x2f, 0x61, 0x6e, 0x6e, 0x6f, 0x74, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x2f, 0x76, 0x65, 0x72,
+	0x73, 0x69, 0x6f, 0x6e, 0x69, 0x6e, 0x67, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x17, 0x76,
+	0x61, 0x6c, 0x69, 0x64, 0x61, 0x74, 0x65, 0x2f, 0x76, 0x61, 0x6c, 0x69, 0x64, 0x61, 0x74, 0x65,
+	0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x22, 0x91, 0x02, 0x0a, 0x07, 0x54, 0x72, 0x61, 0x63, 0x69,
+	0x6e, 0x67, 0x12, 0x37, 0x0a, 0x04, 0x68, 0x74, 0x74, 0x70, 0x18, 0x01, 0x20, 0x01, 0x28, 0x0b,
+	0x32, 0x23, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e,
+	0x74, 0x72, 0x61, 0x63, 0x65, 0x2e, 0x76, 0x33, 0x2e, 0x54, 0x72, 0x61, 0x63, 0x69, 0x6e, 0x67,
+	0x2e, 0x48, 0x74, 0x74, 0x70, 0x52, 0x04, 0x68, 0x74, 0x74, 0x70, 0x1a, 0xa6, 0x01, 0x0a, 0x04,
+	0x48, 0x74, 0x74, 0x70, 0x12, 0x1b, 0x0a, 0x04, 0x6e, 0x61, 0x6d, 0x65, 0x18, 0x01, 0x20, 0x01,
+	0x28, 0x09, 0x42, 0x07, 0xfa, 0x42, 0x04, 0x72, 0x02, 0x10, 0x01, 0x52, 0x04, 0x6e, 0x61, 0x6d,
+	0x65, 0x12, 0x39, 0x0a, 0x0c, 0x74, 0x79, 0x70, 0x65, 0x64, 0x5f, 0x63, 0x6f, 0x6e, 0x66, 0x69,
+	0x67, 0x18, 0x03, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x14, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65,
+	0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x41, 0x6e, 0x79, 0x48, 0x00, 0x52,
+	0x0b, 0x74, 0x79, 0x70, 0x65, 0x64, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x3a, 0x29, 0x9a, 0xc5,
+	0x88, 0x1e, 0x24, 0x0a, 0x22, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69,
+	0x67, 0x2e, 0x74, 0x72, 0x61, 0x63, 0x65, 0x2e, 0x76, 0x32, 0x2e, 0x54, 0x72, 0x61, 0x63, 0x69,
+	0x6e, 0x67, 0x2e, 0x48, 0x74, 0x74, 0x70, 0x42, 0x0d, 0x0a, 0x0b, 0x63, 0x6f, 0x6e, 0x66, 0x69,
+	0x67, 0x5f, 0x74, 0x79, 0x70, 0x65, 0x4a, 0x04, 0x08, 0x02, 0x10, 0x03, 0x52, 0x06, 0x63, 0x6f,
+	0x6e, 0x66, 0x69, 0x67, 0x3a, 0x24, 0x9a, 0xc5, 0x88, 0x1e, 0x1f, 0x0a, 0x1d, 0x65, 0x6e, 0x76,
+	0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x74, 0x72, 0x61, 0x63, 0x65, 0x2e,
+	0x76, 0x32, 0x2e, 0x54, 0x72, 0x61, 0x63, 0x69, 0x6e, 0x67, 0x42, 0x40, 0x0a, 0x23, 0x69, 0x6f,
+	0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x70, 0x72, 0x6f, 0x78, 0x79, 0x2e, 0x65, 0x6e, 0x76, 0x6f,
+	0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x74, 0x72, 0x61, 0x63, 0x65, 0x2e, 0x76,
+	0x33, 0x42, 0x0f, 0x48, 0x74, 0x74, 0x70, 0x54, 0x72, 0x61, 0x63, 0x65, 0x72, 0x50, 0x72, 0x6f,
+	0x74, 0x6f, 0x50, 0x01, 0xba, 0x80, 0xc8, 0xd1, 0x06, 0x02, 0x10, 0x02, 0x62, 0x06, 0x70, 0x72,
+	0x6f, 0x74, 0x6f, 0x33,
+}
+
+var (
+	file_envoy_config_trace_v3_http_tracer_proto_rawDescOnce sync.Once
+	file_envoy_config_trace_v3_http_tracer_proto_rawDescData = file_envoy_config_trace_v3_http_tracer_proto_rawDesc
+)
+
+func file_envoy_config_trace_v3_http_tracer_proto_rawDescGZIP() []byte {
+	file_envoy_config_trace_v3_http_tracer_proto_rawDescOnce.Do(func() {
+		file_envoy_config_trace_v3_http_tracer_proto_rawDescData = protoimpl.X.CompressGZIP(file_envoy_config_trace_v3_http_tracer_proto_rawDescData)
+	})
+	return file_envoy_config_trace_v3_http_tracer_proto_rawDescData
+}
+
+var file_envoy_config_trace_v3_http_tracer_proto_msgTypes = make([]protoimpl.MessageInfo, 2)
+var file_envoy_config_trace_v3_http_tracer_proto_goTypes = []interface{}{
+	(*Tracing)(nil),      // 0: envoy.config.trace.v3.Tracing
+	(*Tracing_Http)(nil), // 1: envoy.config.trace.v3.Tracing.Http
+	(*any.Any)(nil),      // 2: google.protobuf.Any
+}
+var file_envoy_config_trace_v3_http_tracer_proto_depIdxs = []int32{
+	1, // 0: envoy.config.trace.v3.Tracing.http:type_name -> envoy.config.trace.v3.Tracing.Http
+	2, // 1: envoy.config.trace.v3.Tracing.Http.typed_config:type_name -> google.protobuf.Any
+	2, // [2:2] is the sub-list for method output_type
+	2, // [2:2] is the sub-list for method input_type
+	2, // [2:2] is the sub-list for extension type_name
+	2, // [2:2] is the sub-list for extension extendee
+	0, // [0:2] is the sub-list for field type_name
+}
+
+func init() { file_envoy_config_trace_v3_http_tracer_proto_init() }
+func file_envoy_config_trace_v3_http_tracer_proto_init() {
+	if File_envoy_config_trace_v3_http_tracer_proto != nil {
+		return
+	}
+	if !protoimpl.UnsafeEnabled {
+		file_envoy_config_trace_v3_http_tracer_proto_msgTypes[0].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*Tracing); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_config_trace_v3_http_tracer_proto_msgTypes[1].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*Tracing_Http); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+	}
+	file_envoy_config_trace_v3_http_tracer_proto_msgTypes[1].OneofWrappers = []interface{}{
+		(*Tracing_Http_TypedConfig)(nil),
+	}
+	type x struct{}
+	out := protoimpl.TypeBuilder{
+		File: protoimpl.DescBuilder{
+			GoPackagePath: reflect.TypeOf(x{}).PkgPath(),
+			RawDescriptor: file_envoy_config_trace_v3_http_tracer_proto_rawDesc,
+			NumEnums:      0,
+			NumMessages:   2,
+			NumExtensions: 0,
+			NumServices:   0,
+		},
+		GoTypes:           file_envoy_config_trace_v3_http_tracer_proto_goTypes,
+		DependencyIndexes: file_envoy_config_trace_v3_http_tracer_proto_depIdxs,
+		MessageInfos:      file_envoy_config_trace_v3_http_tracer_proto_msgTypes,
+	}.Build()
+	File_envoy_config_trace_v3_http_tracer_proto = out.File
+	file_envoy_config_trace_v3_http_tracer_proto_rawDesc = nil
+	file_envoy_config_trace_v3_http_tracer_proto_goTypes = nil
+	file_envoy_config_trace_v3_http_tracer_proto_depIdxs = nil
+}
diff --git a/vendor/github.com/envoyproxy/go-control-plane/envoy/config/trace/v3/http_tracer.pb.validate.go b/vendor/github.com/envoyproxy/go-control-plane/envoy/config/trace/v3/http_tracer.pb.validate.go
new file mode 100644
index 00000000000..1a80ef13b21
--- /dev/null
+++ b/vendor/github.com/envoyproxy/go-control-plane/envoy/config/trace/v3/http_tracer.pb.validate.go
@@ -0,0 +1,306 @@
+// Code generated by protoc-gen-validate. DO NOT EDIT.
+// source: envoy/config/trace/v3/http_tracer.proto
+
+package envoy_config_trace_v3
+
+import (
+	"bytes"
+	"errors"
+	"fmt"
+	"net"
+	"net/mail"
+	"net/url"
+	"regexp"
+	"sort"
+	"strings"
+	"time"
+	"unicode/utf8"
+
+	"google.golang.org/protobuf/types/known/anypb"
+)
+
+// ensure the imports are used
+var (
+	_ = bytes.MinRead
+	_ = errors.New("")
+	_ = fmt.Print
+	_ = utf8.UTFMax
+	_ = (*regexp.Regexp)(nil)
+	_ = (*strings.Reader)(nil)
+	_ = net.IPv4len
+	_ = time.Duration(0)
+	_ = (*url.URL)(nil)
+	_ = (*mail.Address)(nil)
+	_ = anypb.Any{}
+	_ = sort.Sort
+)
+
+// Validate checks the field values on Tracing with the rules defined in the
+// proto definition for this message. If any rules are violated, the first
+// error encountered is returned, or nil if there are no violations.
+func (m *Tracing) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on Tracing with the rules defined in the
+// proto definition for this message. If any rules are violated, the result is
+// a list of violation errors wrapped in TracingMultiError, or nil if none found.
+func (m *Tracing) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *Tracing) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	if all {
+		switch v := interface{}(m.GetHttp()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, TracingValidationError{
+					field:  "Http",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, TracingValidationError{
+					field:  "Http",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetHttp()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return TracingValidationError{
+				field:  "Http",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if len(errors) > 0 {
+		return TracingMultiError(errors)
+	}
+	return nil
+}
+
+// TracingMultiError is an error wrapping multiple validation errors returned
+// by Tracing.ValidateAll() if the designated constraints aren't met.
+type TracingMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m TracingMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m TracingMultiError) AllErrors() []error { return m }
+
+// TracingValidationError is the validation error returned by Tracing.Validate
+// if the designated constraints aren't met.
+type TracingValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e TracingValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e TracingValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e TracingValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e TracingValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e TracingValidationError) ErrorName() string { return "TracingValidationError" }
+
+// Error satisfies the builtin error interface
+func (e TracingValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sTracing.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = TracingValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = TracingValidationError{}
+
+// Validate checks the field values on Tracing_Http with the rules defined in
+// the proto definition for this message. If any rules are violated, the first
+// error encountered is returned, or nil if there are no violations.
+func (m *Tracing_Http) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on Tracing_Http with the rules defined
+// in the proto definition for this message. If any rules are violated, the
+// result is a list of violation errors wrapped in Tracing_HttpMultiError, or
+// nil if none found.
+func (m *Tracing_Http) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *Tracing_Http) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	if utf8.RuneCountInString(m.GetName()) < 1 {
+		err := Tracing_HttpValidationError{
+			field:  "Name",
+			reason: "value length must be at least 1 runes",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+	}
+
+	switch m.ConfigType.(type) {
+
+	case *Tracing_Http_TypedConfig:
+
+		if all {
+			switch v := interface{}(m.GetTypedConfig()).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, Tracing_HttpValidationError{
+						field:  "TypedConfig",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, Tracing_HttpValidationError{
+						field:  "TypedConfig",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(m.GetTypedConfig()).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return Tracing_HttpValidationError{
+					field:  "TypedConfig",
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	}
+
+	if len(errors) > 0 {
+		return Tracing_HttpMultiError(errors)
+	}
+	return nil
+}
+
+// Tracing_HttpMultiError is an error wrapping multiple validation errors
+// returned by Tracing_Http.ValidateAll() if the designated constraints aren't met.
+type Tracing_HttpMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m Tracing_HttpMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m Tracing_HttpMultiError) AllErrors() []error { return m }
+
+// Tracing_HttpValidationError is the validation error returned by
+// Tracing_Http.Validate if the designated constraints aren't met.
+type Tracing_HttpValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e Tracing_HttpValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e Tracing_HttpValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e Tracing_HttpValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e Tracing_HttpValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e Tracing_HttpValidationError) ErrorName() string { return "Tracing_HttpValidationError" }
+
+// Error satisfies the builtin error interface
+func (e Tracing_HttpValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sTracing_Http.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = Tracing_HttpValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = Tracing_HttpValidationError{}
diff --git a/vendor/github.com/envoyproxy/go-control-plane/envoy/config/trace/v3/lightstep.pb.go b/vendor/github.com/envoyproxy/go-control-plane/envoy/config/trace/v3/lightstep.pb.go
new file mode 100644
index 00000000000..b5acd9e976e
--- /dev/null
+++ b/vendor/github.com/envoyproxy/go-control-plane/envoy/config/trace/v3/lightstep.pb.go
@@ -0,0 +1,293 @@
+// Code generated by protoc-gen-go. DO NOT EDIT.
+// versions:
+// 	protoc-gen-go v1.25.0
+// 	protoc        v3.19.1
+// source: envoy/config/trace/v3/lightstep.proto
+
+package envoy_config_trace_v3
+
+import (
+	_ "github.com/cncf/xds/go/udpa/annotations"
+	_ "github.com/envoyproxy/go-control-plane/envoy/annotations"
+	v3 "github.com/envoyproxy/go-control-plane/envoy/config/core/v3"
+	_ "github.com/envoyproxy/protoc-gen-validate/validate"
+	proto "github.com/golang/protobuf/proto"
+	protoreflect "google.golang.org/protobuf/reflect/protoreflect"
+	protoimpl "google.golang.org/protobuf/runtime/protoimpl"
+	reflect "reflect"
+	sync "sync"
+)
+
+const (
+	// Verify that this generated code is sufficiently up-to-date.
+	_ = protoimpl.EnforceVersion(20 - protoimpl.MinVersion)
+	// Verify that runtime/protoimpl is sufficiently up-to-date.
+	_ = protoimpl.EnforceVersion(protoimpl.MaxVersion - 20)
+)
+
+// This is a compile-time assertion that a sufficiently up-to-date version
+// of the legacy proto package is being used.
+const _ = proto.ProtoPackageIsVersion4
+
+// Available propagation modes
+type LightstepConfig_PropagationMode int32
+
+const (
+	// Propagate trace context in the single header x-ot-span-context.
+	LightstepConfig_ENVOY LightstepConfig_PropagationMode = 0
+	// Propagate trace context using LightStep's native format.
+	LightstepConfig_LIGHTSTEP LightstepConfig_PropagationMode = 1
+	// Propagate trace context using the b3 format.
+	LightstepConfig_B3 LightstepConfig_PropagationMode = 2
+	// Propagation trace context using the w3 trace-context standard.
+	LightstepConfig_TRACE_CONTEXT LightstepConfig_PropagationMode = 3
+)
+
+// Enum value maps for LightstepConfig_PropagationMode.
+var (
+	LightstepConfig_PropagationMode_name = map[int32]string{
+		0: "ENVOY",
+		1: "LIGHTSTEP",
+		2: "B3",
+		3: "TRACE_CONTEXT",
+	}
+	LightstepConfig_PropagationMode_value = map[string]int32{
+		"ENVOY":         0,
+		"LIGHTSTEP":     1,
+		"B3":            2,
+		"TRACE_CONTEXT": 3,
+	}
+)
+
+func (x LightstepConfig_PropagationMode) Enum() *LightstepConfig_PropagationMode {
+	p := new(LightstepConfig_PropagationMode)
+	*p = x
+	return p
+}
+
+func (x LightstepConfig_PropagationMode) String() string {
+	return protoimpl.X.EnumStringOf(x.Descriptor(), protoreflect.EnumNumber(x))
+}
+
+func (LightstepConfig_PropagationMode) Descriptor() protoreflect.EnumDescriptor {
+	return file_envoy_config_trace_v3_lightstep_proto_enumTypes[0].Descriptor()
+}
+
+func (LightstepConfig_PropagationMode) Type() protoreflect.EnumType {
+	return &file_envoy_config_trace_v3_lightstep_proto_enumTypes[0]
+}
+
+func (x LightstepConfig_PropagationMode) Number() protoreflect.EnumNumber {
+	return protoreflect.EnumNumber(x)
+}
+
+// Deprecated: Use LightstepConfig_PropagationMode.Descriptor instead.
+func (LightstepConfig_PropagationMode) EnumDescriptor() ([]byte, []int) {
+	return file_envoy_config_trace_v3_lightstep_proto_rawDescGZIP(), []int{0, 0}
+}
+
+// Configuration for the LightStep tracer.
+// [#extension: envoy.tracers.lightstep]
+type LightstepConfig struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// The cluster manager cluster that hosts the LightStep collectors.
+	CollectorCluster string `protobuf:"bytes,1,opt,name=collector_cluster,json=collectorCluster,proto3" json:"collector_cluster,omitempty"`
+	// File containing the access token to the `LightStep
+	// <https://lightstep.com/>`_ API.
+	//
+	// Deprecated: Do not use.
+	AccessTokenFile string `protobuf:"bytes,2,opt,name=access_token_file,json=accessTokenFile,proto3" json:"access_token_file,omitempty"`
+	// Access token to the `LightStep <https://lightstep.com/>`_ API.
+	AccessToken *v3.DataSource `protobuf:"bytes,4,opt,name=access_token,json=accessToken,proto3" json:"access_token,omitempty"`
+	// Propagation modes to use by LightStep's tracer.
+	PropagationModes []LightstepConfig_PropagationMode `protobuf:"varint,3,rep,packed,name=propagation_modes,json=propagationModes,proto3,enum=envoy.config.trace.v3.LightstepConfig_PropagationMode" json:"propagation_modes,omitempty"`
+}
+
+func (x *LightstepConfig) Reset() {
+	*x = LightstepConfig{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_config_trace_v3_lightstep_proto_msgTypes[0]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *LightstepConfig) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*LightstepConfig) ProtoMessage() {}
+
+func (x *LightstepConfig) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_config_trace_v3_lightstep_proto_msgTypes[0]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use LightstepConfig.ProtoReflect.Descriptor instead.
+func (*LightstepConfig) Descriptor() ([]byte, []int) {
+	return file_envoy_config_trace_v3_lightstep_proto_rawDescGZIP(), []int{0}
+}
+
+func (x *LightstepConfig) GetCollectorCluster() string {
+	if x != nil {
+		return x.CollectorCluster
+	}
+	return ""
+}
+
+// Deprecated: Do not use.
+func (x *LightstepConfig) GetAccessTokenFile() string {
+	if x != nil {
+		return x.AccessTokenFile
+	}
+	return ""
+}
+
+func (x *LightstepConfig) GetAccessToken() *v3.DataSource {
+	if x != nil {
+		return x.AccessToken
+	}
+	return nil
+}
+
+func (x *LightstepConfig) GetPropagationModes() []LightstepConfig_PropagationMode {
+	if x != nil {
+		return x.PropagationModes
+	}
+	return nil
+}
+
+var File_envoy_config_trace_v3_lightstep_proto protoreflect.FileDescriptor
+
+var file_envoy_config_trace_v3_lightstep_proto_rawDesc = []byte{
+	0x0a, 0x25, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2f, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2f, 0x74,
+	0x72, 0x61, 0x63, 0x65, 0x2f, 0x76, 0x33, 0x2f, 0x6c, 0x69, 0x67, 0x68, 0x74, 0x73, 0x74, 0x65,
+	0x70, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x12, 0x15, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63,
+	0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x74, 0x72, 0x61, 0x63, 0x65, 0x2e, 0x76, 0x33, 0x1a, 0x1f,
+	0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2f, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2f, 0x63, 0x6f, 0x72,
+	0x65, 0x2f, 0x76, 0x33, 0x2f, 0x62, 0x61, 0x73, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a,
+	0x23, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2f, 0x61, 0x6e, 0x6e, 0x6f, 0x74, 0x61, 0x74, 0x69, 0x6f,
+	0x6e, 0x73, 0x2f, 0x64, 0x65, 0x70, 0x72, 0x65, 0x63, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x2e, 0x70,
+	0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x1e, 0x75, 0x64, 0x70, 0x61, 0x2f, 0x61, 0x6e, 0x6e, 0x6f, 0x74,
+	0x61, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x2f, 0x6d, 0x69, 0x67, 0x72, 0x61, 0x74, 0x65, 0x2e, 0x70,
+	0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x1d, 0x75, 0x64, 0x70, 0x61, 0x2f, 0x61, 0x6e, 0x6e, 0x6f, 0x74,
+	0x61, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x2f, 0x73, 0x74, 0x61, 0x74, 0x75, 0x73, 0x2e, 0x70, 0x72,
+	0x6f, 0x74, 0x6f, 0x1a, 0x21, 0x75, 0x64, 0x70, 0x61, 0x2f, 0x61, 0x6e, 0x6e, 0x6f, 0x74, 0x61,
+	0x74, 0x69, 0x6f, 0x6e, 0x73, 0x2f, 0x76, 0x65, 0x72, 0x73, 0x69, 0x6f, 0x6e, 0x69, 0x6e, 0x67,
+	0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x17, 0x76, 0x61, 0x6c, 0x69, 0x64, 0x61, 0x74, 0x65,
+	0x2f, 0x76, 0x61, 0x6c, 0x69, 0x64, 0x61, 0x74, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x22,
+	0xaf, 0x03, 0x0a, 0x0f, 0x4c, 0x69, 0x67, 0x68, 0x74, 0x73, 0x74, 0x65, 0x70, 0x43, 0x6f, 0x6e,
+	0x66, 0x69, 0x67, 0x12, 0x34, 0x0a, 0x11, 0x63, 0x6f, 0x6c, 0x6c, 0x65, 0x63, 0x74, 0x6f, 0x72,
+	0x5f, 0x63, 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x42, 0x07,
+	0xfa, 0x42, 0x04, 0x72, 0x02, 0x10, 0x01, 0x52, 0x10, 0x63, 0x6f, 0x6c, 0x6c, 0x65, 0x63, 0x74,
+	0x6f, 0x72, 0x43, 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0x12, 0x37, 0x0a, 0x11, 0x61, 0x63, 0x63,
+	0x65, 0x73, 0x73, 0x5f, 0x74, 0x6f, 0x6b, 0x65, 0x6e, 0x5f, 0x66, 0x69, 0x6c, 0x65, 0x18, 0x02,
+	0x20, 0x01, 0x28, 0x09, 0x42, 0x0b, 0x18, 0x01, 0x92, 0xc7, 0x86, 0xd8, 0x04, 0x03, 0x33, 0x2e,
+	0x30, 0x52, 0x0f, 0x61, 0x63, 0x63, 0x65, 0x73, 0x73, 0x54, 0x6f, 0x6b, 0x65, 0x6e, 0x46, 0x69,
+	0x6c, 0x65, 0x12, 0x43, 0x0a, 0x0c, 0x61, 0x63, 0x63, 0x65, 0x73, 0x73, 0x5f, 0x74, 0x6f, 0x6b,
+	0x65, 0x6e, 0x18, 0x04, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x20, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79,
+	0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x63, 0x6f, 0x72, 0x65, 0x2e, 0x76, 0x33, 0x2e,
+	0x44, 0x61, 0x74, 0x61, 0x53, 0x6f, 0x75, 0x72, 0x63, 0x65, 0x52, 0x0b, 0x61, 0x63, 0x63, 0x65,
+	0x73, 0x73, 0x54, 0x6f, 0x6b, 0x65, 0x6e, 0x12, 0x72, 0x0a, 0x11, 0x70, 0x72, 0x6f, 0x70, 0x61,
+	0x67, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x5f, 0x6d, 0x6f, 0x64, 0x65, 0x73, 0x18, 0x03, 0x20, 0x03,
+	0x28, 0x0e, 0x32, 0x36, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69,
+	0x67, 0x2e, 0x74, 0x72, 0x61, 0x63, 0x65, 0x2e, 0x76, 0x33, 0x2e, 0x4c, 0x69, 0x67, 0x68, 0x74,
+	0x73, 0x74, 0x65, 0x70, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x50, 0x72, 0x6f, 0x70, 0x61,
+	0x67, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x4d, 0x6f, 0x64, 0x65, 0x42, 0x0d, 0xfa, 0x42, 0x0a, 0x92,
+	0x01, 0x07, 0x22, 0x05, 0x82, 0x01, 0x02, 0x10, 0x01, 0x52, 0x10, 0x70, 0x72, 0x6f, 0x70, 0x61,
+	0x67, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x4d, 0x6f, 0x64, 0x65, 0x73, 0x22, 0x46, 0x0a, 0x0f, 0x50,
+	0x72, 0x6f, 0x70, 0x61, 0x67, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x4d, 0x6f, 0x64, 0x65, 0x12, 0x09,
+	0x0a, 0x05, 0x45, 0x4e, 0x56, 0x4f, 0x59, 0x10, 0x00, 0x12, 0x0d, 0x0a, 0x09, 0x4c, 0x49, 0x47,
+	0x48, 0x54, 0x53, 0x54, 0x45, 0x50, 0x10, 0x01, 0x12, 0x06, 0x0a, 0x02, 0x42, 0x33, 0x10, 0x02,
+	0x12, 0x11, 0x0a, 0x0d, 0x54, 0x52, 0x41, 0x43, 0x45, 0x5f, 0x43, 0x4f, 0x4e, 0x54, 0x45, 0x58,
+	0x54, 0x10, 0x03, 0x3a, 0x2c, 0x9a, 0xc5, 0x88, 0x1e, 0x27, 0x0a, 0x25, 0x65, 0x6e, 0x76, 0x6f,
+	0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x74, 0x72, 0x61, 0x63, 0x65, 0x2e, 0x76,
+	0x32, 0x2e, 0x4c, 0x69, 0x67, 0x68, 0x74, 0x73, 0x74, 0x65, 0x70, 0x43, 0x6f, 0x6e, 0x66, 0x69,
+	0x67, 0x42, 0x71, 0x0a, 0x23, 0x69, 0x6f, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x70, 0x72, 0x6f,
+	0x78, 0x79, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e,
+	0x74, 0x72, 0x61, 0x63, 0x65, 0x2e, 0x76, 0x33, 0x42, 0x0e, 0x4c, 0x69, 0x67, 0x68, 0x74, 0x73,
+	0x74, 0x65, 0x70, 0x50, 0x72, 0x6f, 0x74, 0x6f, 0x50, 0x01, 0xf2, 0x98, 0xfe, 0x8f, 0x05, 0x2c,
+	0x12, 0x2a, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x65, 0x78, 0x74, 0x65, 0x6e, 0x73, 0x69, 0x6f,
+	0x6e, 0x73, 0x2e, 0x74, 0x72, 0x61, 0x63, 0x65, 0x72, 0x73, 0x2e, 0x6c, 0x69, 0x67, 0x68, 0x74,
+	0x73, 0x74, 0x65, 0x70, 0x2e, 0x76, 0x34, 0x61, 0x6c, 0x70, 0x68, 0x61, 0xba, 0x80, 0xc8, 0xd1,
+	0x06, 0x02, 0x10, 0x02, 0x62, 0x06, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x33,
+}
+
+var (
+	file_envoy_config_trace_v3_lightstep_proto_rawDescOnce sync.Once
+	file_envoy_config_trace_v3_lightstep_proto_rawDescData = file_envoy_config_trace_v3_lightstep_proto_rawDesc
+)
+
+func file_envoy_config_trace_v3_lightstep_proto_rawDescGZIP() []byte {
+	file_envoy_config_trace_v3_lightstep_proto_rawDescOnce.Do(func() {
+		file_envoy_config_trace_v3_lightstep_proto_rawDescData = protoimpl.X.CompressGZIP(file_envoy_config_trace_v3_lightstep_proto_rawDescData)
+	})
+	return file_envoy_config_trace_v3_lightstep_proto_rawDescData
+}
+
+var file_envoy_config_trace_v3_lightstep_proto_enumTypes = make([]protoimpl.EnumInfo, 1)
+var file_envoy_config_trace_v3_lightstep_proto_msgTypes = make([]protoimpl.MessageInfo, 1)
+var file_envoy_config_trace_v3_lightstep_proto_goTypes = []interface{}{
+	(LightstepConfig_PropagationMode)(0), // 0: envoy.config.trace.v3.LightstepConfig.PropagationMode
+	(*LightstepConfig)(nil),              // 1: envoy.config.trace.v3.LightstepConfig
+	(*v3.DataSource)(nil),                // 2: envoy.config.core.v3.DataSource
+}
+var file_envoy_config_trace_v3_lightstep_proto_depIdxs = []int32{
+	2, // 0: envoy.config.trace.v3.LightstepConfig.access_token:type_name -> envoy.config.core.v3.DataSource
+	0, // 1: envoy.config.trace.v3.LightstepConfig.propagation_modes:type_name -> envoy.config.trace.v3.LightstepConfig.PropagationMode
+	2, // [2:2] is the sub-list for method output_type
+	2, // [2:2] is the sub-list for method input_type
+	2, // [2:2] is the sub-list for extension type_name
+	2, // [2:2] is the sub-list for extension extendee
+	0, // [0:2] is the sub-list for field type_name
+}
+
+func init() { file_envoy_config_trace_v3_lightstep_proto_init() }
+func file_envoy_config_trace_v3_lightstep_proto_init() {
+	if File_envoy_config_trace_v3_lightstep_proto != nil {
+		return
+	}
+	if !protoimpl.UnsafeEnabled {
+		file_envoy_config_trace_v3_lightstep_proto_msgTypes[0].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*LightstepConfig); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+	}
+	type x struct{}
+	out := protoimpl.TypeBuilder{
+		File: protoimpl.DescBuilder{
+			GoPackagePath: reflect.TypeOf(x{}).PkgPath(),
+			RawDescriptor: file_envoy_config_trace_v3_lightstep_proto_rawDesc,
+			NumEnums:      1,
+			NumMessages:   1,
+			NumExtensions: 0,
+			NumServices:   0,
+		},
+		GoTypes:           file_envoy_config_trace_v3_lightstep_proto_goTypes,
+		DependencyIndexes: file_envoy_config_trace_v3_lightstep_proto_depIdxs,
+		EnumInfos:         file_envoy_config_trace_v3_lightstep_proto_enumTypes,
+		MessageInfos:      file_envoy_config_trace_v3_lightstep_proto_msgTypes,
+	}.Build()
+	File_envoy_config_trace_v3_lightstep_proto = out.File
+	file_envoy_config_trace_v3_lightstep_proto_rawDesc = nil
+	file_envoy_config_trace_v3_lightstep_proto_goTypes = nil
+	file_envoy_config_trace_v3_lightstep_proto_depIdxs = nil
+}
diff --git a/vendor/github.com/envoyproxy/go-control-plane/envoy/config/trace/v3/lightstep.pb.validate.go b/vendor/github.com/envoyproxy/go-control-plane/envoy/config/trace/v3/lightstep.pb.validate.go
new file mode 100644
index 00000000000..eff6a43dc02
--- /dev/null
+++ b/vendor/github.com/envoyproxy/go-control-plane/envoy/config/trace/v3/lightstep.pb.validate.go
@@ -0,0 +1,193 @@
+// Code generated by protoc-gen-validate. DO NOT EDIT.
+// source: envoy/config/trace/v3/lightstep.proto
+
+package envoy_config_trace_v3
+
+import (
+	"bytes"
+	"errors"
+	"fmt"
+	"net"
+	"net/mail"
+	"net/url"
+	"regexp"
+	"sort"
+	"strings"
+	"time"
+	"unicode/utf8"
+
+	"google.golang.org/protobuf/types/known/anypb"
+)
+
+// ensure the imports are used
+var (
+	_ = bytes.MinRead
+	_ = errors.New("")
+	_ = fmt.Print
+	_ = utf8.UTFMax
+	_ = (*regexp.Regexp)(nil)
+	_ = (*strings.Reader)(nil)
+	_ = net.IPv4len
+	_ = time.Duration(0)
+	_ = (*url.URL)(nil)
+	_ = (*mail.Address)(nil)
+	_ = anypb.Any{}
+	_ = sort.Sort
+)
+
+// Validate checks the field values on LightstepConfig with the rules defined
+// in the proto definition for this message. If any rules are violated, the
+// first error encountered is returned, or nil if there are no violations.
+func (m *LightstepConfig) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on LightstepConfig with the rules
+// defined in the proto definition for this message. If any rules are
+// violated, the result is a list of violation errors wrapped in
+// LightstepConfigMultiError, or nil if none found.
+func (m *LightstepConfig) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *LightstepConfig) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	if utf8.RuneCountInString(m.GetCollectorCluster()) < 1 {
+		err := LightstepConfigValidationError{
+			field:  "CollectorCluster",
+			reason: "value length must be at least 1 runes",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+	}
+
+	// no validation rules for AccessTokenFile
+
+	if all {
+		switch v := interface{}(m.GetAccessToken()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, LightstepConfigValidationError{
+					field:  "AccessToken",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, LightstepConfigValidationError{
+					field:  "AccessToken",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetAccessToken()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return LightstepConfigValidationError{
+				field:  "AccessToken",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	for idx, item := range m.GetPropagationModes() {
+		_, _ = idx, item
+
+		if _, ok := LightstepConfig_PropagationMode_name[int32(item)]; !ok {
+			err := LightstepConfigValidationError{
+				field:  fmt.Sprintf("PropagationModes[%v]", idx),
+				reason: "value must be one of the defined enum values",
+			}
+			if !all {
+				return err
+			}
+			errors = append(errors, err)
+		}
+
+	}
+
+	if len(errors) > 0 {
+		return LightstepConfigMultiError(errors)
+	}
+	return nil
+}
+
+// LightstepConfigMultiError is an error wrapping multiple validation errors
+// returned by LightstepConfig.ValidateAll() if the designated constraints
+// aren't met.
+type LightstepConfigMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m LightstepConfigMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m LightstepConfigMultiError) AllErrors() []error { return m }
+
+// LightstepConfigValidationError is the validation error returned by
+// LightstepConfig.Validate if the designated constraints aren't met.
+type LightstepConfigValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e LightstepConfigValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e LightstepConfigValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e LightstepConfigValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e LightstepConfigValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e LightstepConfigValidationError) ErrorName() string { return "LightstepConfigValidationError" }
+
+// Error satisfies the builtin error interface
+func (e LightstepConfigValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sLightstepConfig.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = LightstepConfigValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = LightstepConfigValidationError{}
diff --git a/vendor/github.com/envoyproxy/go-control-plane/envoy/config/trace/v3/opencensus.pb.go b/vendor/github.com/envoyproxy/go-control-plane/envoy/config/trace/v3/opencensus.pb.go
new file mode 100644
index 00000000000..22a6c6e2f12
--- /dev/null
+++ b/vendor/github.com/envoyproxy/go-control-plane/envoy/config/trace/v3/opencensus.pb.go
@@ -0,0 +1,442 @@
+// Code generated by protoc-gen-go. DO NOT EDIT.
+// versions:
+// 	protoc-gen-go v1.25.0
+// 	protoc        v3.19.1
+// source: envoy/config/trace/v3/opencensus.proto
+
+package envoy_config_trace_v3
+
+import (
+	v1 "github.com/census-instrumentation/opencensus-proto/gen-go/trace/v1"
+	_ "github.com/cncf/xds/go/udpa/annotations"
+	_ "github.com/envoyproxy/go-control-plane/envoy/annotations"
+	v3 "github.com/envoyproxy/go-control-plane/envoy/config/core/v3"
+	proto "github.com/golang/protobuf/proto"
+	protoreflect "google.golang.org/protobuf/reflect/protoreflect"
+	protoimpl "google.golang.org/protobuf/runtime/protoimpl"
+	reflect "reflect"
+	sync "sync"
+)
+
+const (
+	// Verify that this generated code is sufficiently up-to-date.
+	_ = protoimpl.EnforceVersion(20 - protoimpl.MinVersion)
+	// Verify that runtime/protoimpl is sufficiently up-to-date.
+	_ = protoimpl.EnforceVersion(protoimpl.MaxVersion - 20)
+)
+
+// This is a compile-time assertion that a sufficiently up-to-date version
+// of the legacy proto package is being used.
+const _ = proto.ProtoPackageIsVersion4
+
+type OpenCensusConfig_TraceContext int32
+
+const (
+	// No-op default, no trace context is utilized.
+	OpenCensusConfig_NONE OpenCensusConfig_TraceContext = 0
+	// W3C Trace-Context format "traceparent:" header.
+	OpenCensusConfig_TRACE_CONTEXT OpenCensusConfig_TraceContext = 1
+	// Binary "grpc-trace-bin:" header.
+	OpenCensusConfig_GRPC_TRACE_BIN OpenCensusConfig_TraceContext = 2
+	// "X-Cloud-Trace-Context:" header.
+	OpenCensusConfig_CLOUD_TRACE_CONTEXT OpenCensusConfig_TraceContext = 3
+	// X-B3-* headers.
+	OpenCensusConfig_B3 OpenCensusConfig_TraceContext = 4
+)
+
+// Enum value maps for OpenCensusConfig_TraceContext.
+var (
+	OpenCensusConfig_TraceContext_name = map[int32]string{
+		0: "NONE",
+		1: "TRACE_CONTEXT",
+		2: "GRPC_TRACE_BIN",
+		3: "CLOUD_TRACE_CONTEXT",
+		4: "B3",
+	}
+	OpenCensusConfig_TraceContext_value = map[string]int32{
+		"NONE":                0,
+		"TRACE_CONTEXT":       1,
+		"GRPC_TRACE_BIN":      2,
+		"CLOUD_TRACE_CONTEXT": 3,
+		"B3":                  4,
+	}
+)
+
+func (x OpenCensusConfig_TraceContext) Enum() *OpenCensusConfig_TraceContext {
+	p := new(OpenCensusConfig_TraceContext)
+	*p = x
+	return p
+}
+
+func (x OpenCensusConfig_TraceContext) String() string {
+	return protoimpl.X.EnumStringOf(x.Descriptor(), protoreflect.EnumNumber(x))
+}
+
+func (OpenCensusConfig_TraceContext) Descriptor() protoreflect.EnumDescriptor {
+	return file_envoy_config_trace_v3_opencensus_proto_enumTypes[0].Descriptor()
+}
+
+func (OpenCensusConfig_TraceContext) Type() protoreflect.EnumType {
+	return &file_envoy_config_trace_v3_opencensus_proto_enumTypes[0]
+}
+
+func (x OpenCensusConfig_TraceContext) Number() protoreflect.EnumNumber {
+	return protoreflect.EnumNumber(x)
+}
+
+// Deprecated: Use OpenCensusConfig_TraceContext.Descriptor instead.
+func (OpenCensusConfig_TraceContext) EnumDescriptor() ([]byte, []int) {
+	return file_envoy_config_trace_v3_opencensus_proto_rawDescGZIP(), []int{0, 0}
+}
+
+// Configuration for the OpenCensus tracer.
+// [#next-free-field: 15]
+// [#extension: envoy.tracers.opencensus]
+type OpenCensusConfig struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// Configures tracing, e.g. the sampler, max number of annotations, etc.
+	TraceConfig *v1.TraceConfig `protobuf:"bytes,1,opt,name=trace_config,json=traceConfig,proto3" json:"trace_config,omitempty"`
+	// Enables the stdout exporter if set to true. This is intended for debugging
+	// purposes.
+	StdoutExporterEnabled bool `protobuf:"varint,2,opt,name=stdout_exporter_enabled,json=stdoutExporterEnabled,proto3" json:"stdout_exporter_enabled,omitempty"`
+	// Enables the Stackdriver exporter if set to true. The project_id must also
+	// be set.
+	StackdriverExporterEnabled bool `protobuf:"varint,3,opt,name=stackdriver_exporter_enabled,json=stackdriverExporterEnabled,proto3" json:"stackdriver_exporter_enabled,omitempty"`
+	// The Cloud project_id to use for Stackdriver tracing.
+	StackdriverProjectId string `protobuf:"bytes,4,opt,name=stackdriver_project_id,json=stackdriverProjectId,proto3" json:"stackdriver_project_id,omitempty"`
+	// (optional) By default, the Stackdriver exporter will connect to production
+	// Stackdriver. If stackdriver_address is non-empty, it will instead connect
+	// to this address, which is in the gRPC format:
+	// https://github.com/grpc/grpc/blob/master/doc/naming.md
+	StackdriverAddress string `protobuf:"bytes,10,opt,name=stackdriver_address,json=stackdriverAddress,proto3" json:"stackdriver_address,omitempty"`
+	// (optional) The gRPC server that hosts Stackdriver tracing service. Only
+	// Google gRPC is supported. If :ref:`target_uri <envoy_v3_api_field_config.core.v3.GrpcService.GoogleGrpc.target_uri>`
+	// is not provided, the default production Stackdriver address will be used.
+	StackdriverGrpcService *v3.GrpcService `protobuf:"bytes,13,opt,name=stackdriver_grpc_service,json=stackdriverGrpcService,proto3" json:"stackdriver_grpc_service,omitempty"`
+	// Enables the Zipkin exporter if set to true. The url and service name must
+	// also be set. This is deprecated, prefer to use Envoy's :ref:`native Zipkin
+	// tracer <envoy_v3_api_msg_config.trace.v3.ZipkinConfig>`.
+	//
+	// Deprecated: Do not use.
+	ZipkinExporterEnabled bool `protobuf:"varint,5,opt,name=zipkin_exporter_enabled,json=zipkinExporterEnabled,proto3" json:"zipkin_exporter_enabled,omitempty"`
+	// The URL to Zipkin, e.g. "http://127.0.0.1:9411/api/v2/spans". This is
+	// deprecated, prefer to use Envoy's :ref:`native Zipkin tracer
+	// <envoy_v3_api_msg_config.trace.v3.ZipkinConfig>`.
+	//
+	// Deprecated: Do not use.
+	ZipkinUrl string `protobuf:"bytes,6,opt,name=zipkin_url,json=zipkinUrl,proto3" json:"zipkin_url,omitempty"`
+	// Enables the OpenCensus Agent exporter if set to true. The ocagent_address or
+	// ocagent_grpc_service must also be set.
+	OcagentExporterEnabled bool `protobuf:"varint,11,opt,name=ocagent_exporter_enabled,json=ocagentExporterEnabled,proto3" json:"ocagent_exporter_enabled,omitempty"`
+	// The address of the OpenCensus Agent, if its exporter is enabled, in gRPC
+	// format: https://github.com/grpc/grpc/blob/master/doc/naming.md
+	// [#comment:TODO: deprecate this field]
+	OcagentAddress string `protobuf:"bytes,12,opt,name=ocagent_address,json=ocagentAddress,proto3" json:"ocagent_address,omitempty"`
+	// (optional) The gRPC server hosted by the OpenCensus Agent. Only Google gRPC is supported.
+	// This is only used if the ocagent_address is left empty.
+	OcagentGrpcService *v3.GrpcService `protobuf:"bytes,14,opt,name=ocagent_grpc_service,json=ocagentGrpcService,proto3" json:"ocagent_grpc_service,omitempty"`
+	// List of incoming trace context headers we will accept. First one found
+	// wins.
+	IncomingTraceContext []OpenCensusConfig_TraceContext `protobuf:"varint,8,rep,packed,name=incoming_trace_context,json=incomingTraceContext,proto3,enum=envoy.config.trace.v3.OpenCensusConfig_TraceContext" json:"incoming_trace_context,omitempty"`
+	// List of outgoing trace context headers we will produce.
+	OutgoingTraceContext []OpenCensusConfig_TraceContext `protobuf:"varint,9,rep,packed,name=outgoing_trace_context,json=outgoingTraceContext,proto3,enum=envoy.config.trace.v3.OpenCensusConfig_TraceContext" json:"outgoing_trace_context,omitempty"`
+}
+
+func (x *OpenCensusConfig) Reset() {
+	*x = OpenCensusConfig{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_config_trace_v3_opencensus_proto_msgTypes[0]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *OpenCensusConfig) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*OpenCensusConfig) ProtoMessage() {}
+
+func (x *OpenCensusConfig) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_config_trace_v3_opencensus_proto_msgTypes[0]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use OpenCensusConfig.ProtoReflect.Descriptor instead.
+func (*OpenCensusConfig) Descriptor() ([]byte, []int) {
+	return file_envoy_config_trace_v3_opencensus_proto_rawDescGZIP(), []int{0}
+}
+
+func (x *OpenCensusConfig) GetTraceConfig() *v1.TraceConfig {
+	if x != nil {
+		return x.TraceConfig
+	}
+	return nil
+}
+
+func (x *OpenCensusConfig) GetStdoutExporterEnabled() bool {
+	if x != nil {
+		return x.StdoutExporterEnabled
+	}
+	return false
+}
+
+func (x *OpenCensusConfig) GetStackdriverExporterEnabled() bool {
+	if x != nil {
+		return x.StackdriverExporterEnabled
+	}
+	return false
+}
+
+func (x *OpenCensusConfig) GetStackdriverProjectId() string {
+	if x != nil {
+		return x.StackdriverProjectId
+	}
+	return ""
+}
+
+func (x *OpenCensusConfig) GetStackdriverAddress() string {
+	if x != nil {
+		return x.StackdriverAddress
+	}
+	return ""
+}
+
+func (x *OpenCensusConfig) GetStackdriverGrpcService() *v3.GrpcService {
+	if x != nil {
+		return x.StackdriverGrpcService
+	}
+	return nil
+}
+
+// Deprecated: Do not use.
+func (x *OpenCensusConfig) GetZipkinExporterEnabled() bool {
+	if x != nil {
+		return x.ZipkinExporterEnabled
+	}
+	return false
+}
+
+// Deprecated: Do not use.
+func (x *OpenCensusConfig) GetZipkinUrl() string {
+	if x != nil {
+		return x.ZipkinUrl
+	}
+	return ""
+}
+
+func (x *OpenCensusConfig) GetOcagentExporterEnabled() bool {
+	if x != nil {
+		return x.OcagentExporterEnabled
+	}
+	return false
+}
+
+func (x *OpenCensusConfig) GetOcagentAddress() string {
+	if x != nil {
+		return x.OcagentAddress
+	}
+	return ""
+}
+
+func (x *OpenCensusConfig) GetOcagentGrpcService() *v3.GrpcService {
+	if x != nil {
+		return x.OcagentGrpcService
+	}
+	return nil
+}
+
+func (x *OpenCensusConfig) GetIncomingTraceContext() []OpenCensusConfig_TraceContext {
+	if x != nil {
+		return x.IncomingTraceContext
+	}
+	return nil
+}
+
+func (x *OpenCensusConfig) GetOutgoingTraceContext() []OpenCensusConfig_TraceContext {
+	if x != nil {
+		return x.OutgoingTraceContext
+	}
+	return nil
+}
+
+var File_envoy_config_trace_v3_opencensus_proto protoreflect.FileDescriptor
+
+var file_envoy_config_trace_v3_opencensus_proto_rawDesc = []byte{
+	0x0a, 0x26, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2f, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2f, 0x74,
+	0x72, 0x61, 0x63, 0x65, 0x2f, 0x76, 0x33, 0x2f, 0x6f, 0x70, 0x65, 0x6e, 0x63, 0x65, 0x6e, 0x73,
+	0x75, 0x73, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x12, 0x15, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e,
+	0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x74, 0x72, 0x61, 0x63, 0x65, 0x2e, 0x76, 0x33, 0x1a,
+	0x27, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2f, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2f, 0x63, 0x6f,
+	0x72, 0x65, 0x2f, 0x76, 0x33, 0x2f, 0x67, 0x72, 0x70, 0x63, 0x5f, 0x73, 0x65, 0x72, 0x76, 0x69,
+	0x63, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x2c, 0x6f, 0x70, 0x65, 0x6e, 0x63, 0x65,
+	0x6e, 0x73, 0x75, 0x73, 0x2f, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x2f, 0x74, 0x72, 0x61, 0x63, 0x65,
+	0x2f, 0x76, 0x31, 0x2f, 0x74, 0x72, 0x61, 0x63, 0x65, 0x5f, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67,
+	0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x23, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2f, 0x61, 0x6e,
+	0x6e, 0x6f, 0x74, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x2f, 0x64, 0x65, 0x70, 0x72, 0x65, 0x63,
+	0x61, 0x74, 0x69, 0x6f, 0x6e, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x1e, 0x75, 0x64, 0x70,
+	0x61, 0x2f, 0x61, 0x6e, 0x6e, 0x6f, 0x74, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x2f, 0x6d, 0x69,
+	0x67, 0x72, 0x61, 0x74, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x1d, 0x75, 0x64, 0x70,
+	0x61, 0x2f, 0x61, 0x6e, 0x6e, 0x6f, 0x74, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x2f, 0x73, 0x74,
+	0x61, 0x74, 0x75, 0x73, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x21, 0x75, 0x64, 0x70, 0x61,
+	0x2f, 0x61, 0x6e, 0x6e, 0x6f, 0x74, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x2f, 0x76, 0x65, 0x72,
+	0x73, 0x69, 0x6f, 0x6e, 0x69, 0x6e, 0x67, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x22, 0xb3, 0x08,
+	0x0a, 0x10, 0x4f, 0x70, 0x65, 0x6e, 0x43, 0x65, 0x6e, 0x73, 0x75, 0x73, 0x43, 0x6f, 0x6e, 0x66,
+	0x69, 0x67, 0x12, 0x49, 0x0a, 0x0c, 0x74, 0x72, 0x61, 0x63, 0x65, 0x5f, 0x63, 0x6f, 0x6e, 0x66,
+	0x69, 0x67, 0x18, 0x01, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x26, 0x2e, 0x6f, 0x70, 0x65, 0x6e, 0x63,
+	0x65, 0x6e, 0x73, 0x75, 0x73, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x2e, 0x74, 0x72, 0x61, 0x63,
+	0x65, 0x2e, 0x76, 0x31, 0x2e, 0x54, 0x72, 0x61, 0x63, 0x65, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67,
+	0x52, 0x0b, 0x74, 0x72, 0x61, 0x63, 0x65, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x12, 0x36, 0x0a,
+	0x17, 0x73, 0x74, 0x64, 0x6f, 0x75, 0x74, 0x5f, 0x65, 0x78, 0x70, 0x6f, 0x72, 0x74, 0x65, 0x72,
+	0x5f, 0x65, 0x6e, 0x61, 0x62, 0x6c, 0x65, 0x64, 0x18, 0x02, 0x20, 0x01, 0x28, 0x08, 0x52, 0x15,
+	0x73, 0x74, 0x64, 0x6f, 0x75, 0x74, 0x45, 0x78, 0x70, 0x6f, 0x72, 0x74, 0x65, 0x72, 0x45, 0x6e,
+	0x61, 0x62, 0x6c, 0x65, 0x64, 0x12, 0x40, 0x0a, 0x1c, 0x73, 0x74, 0x61, 0x63, 0x6b, 0x64, 0x72,
+	0x69, 0x76, 0x65, 0x72, 0x5f, 0x65, 0x78, 0x70, 0x6f, 0x72, 0x74, 0x65, 0x72, 0x5f, 0x65, 0x6e,
+	0x61, 0x62, 0x6c, 0x65, 0x64, 0x18, 0x03, 0x20, 0x01, 0x28, 0x08, 0x52, 0x1a, 0x73, 0x74, 0x61,
+	0x63, 0x6b, 0x64, 0x72, 0x69, 0x76, 0x65, 0x72, 0x45, 0x78, 0x70, 0x6f, 0x72, 0x74, 0x65, 0x72,
+	0x45, 0x6e, 0x61, 0x62, 0x6c, 0x65, 0x64, 0x12, 0x34, 0x0a, 0x16, 0x73, 0x74, 0x61, 0x63, 0x6b,
+	0x64, 0x72, 0x69, 0x76, 0x65, 0x72, 0x5f, 0x70, 0x72, 0x6f, 0x6a, 0x65, 0x63, 0x74, 0x5f, 0x69,
+	0x64, 0x18, 0x04, 0x20, 0x01, 0x28, 0x09, 0x52, 0x14, 0x73, 0x74, 0x61, 0x63, 0x6b, 0x64, 0x72,
+	0x69, 0x76, 0x65, 0x72, 0x50, 0x72, 0x6f, 0x6a, 0x65, 0x63, 0x74, 0x49, 0x64, 0x12, 0x2f, 0x0a,
+	0x13, 0x73, 0x74, 0x61, 0x63, 0x6b, 0x64, 0x72, 0x69, 0x76, 0x65, 0x72, 0x5f, 0x61, 0x64, 0x64,
+	0x72, 0x65, 0x73, 0x73, 0x18, 0x0a, 0x20, 0x01, 0x28, 0x09, 0x52, 0x12, 0x73, 0x74, 0x61, 0x63,
+	0x6b, 0x64, 0x72, 0x69, 0x76, 0x65, 0x72, 0x41, 0x64, 0x64, 0x72, 0x65, 0x73, 0x73, 0x12, 0x5b,
+	0x0a, 0x18, 0x73, 0x74, 0x61, 0x63, 0x6b, 0x64, 0x72, 0x69, 0x76, 0x65, 0x72, 0x5f, 0x67, 0x72,
+	0x70, 0x63, 0x5f, 0x73, 0x65, 0x72, 0x76, 0x69, 0x63, 0x65, 0x18, 0x0d, 0x20, 0x01, 0x28, 0x0b,
+	0x32, 0x21, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e,
+	0x63, 0x6f, 0x72, 0x65, 0x2e, 0x76, 0x33, 0x2e, 0x47, 0x72, 0x70, 0x63, 0x53, 0x65, 0x72, 0x76,
+	0x69, 0x63, 0x65, 0x52, 0x16, 0x73, 0x74, 0x61, 0x63, 0x6b, 0x64, 0x72, 0x69, 0x76, 0x65, 0x72,
+	0x47, 0x72, 0x70, 0x63, 0x53, 0x65, 0x72, 0x76, 0x69, 0x63, 0x65, 0x12, 0x43, 0x0a, 0x17, 0x7a,
+	0x69, 0x70, 0x6b, 0x69, 0x6e, 0x5f, 0x65, 0x78, 0x70, 0x6f, 0x72, 0x74, 0x65, 0x72, 0x5f, 0x65,
+	0x6e, 0x61, 0x62, 0x6c, 0x65, 0x64, 0x18, 0x05, 0x20, 0x01, 0x28, 0x08, 0x42, 0x0b, 0x18, 0x01,
+	0x92, 0xc7, 0x86, 0xd8, 0x04, 0x03, 0x33, 0x2e, 0x30, 0x52, 0x15, 0x7a, 0x69, 0x70, 0x6b, 0x69,
+	0x6e, 0x45, 0x78, 0x70, 0x6f, 0x72, 0x74, 0x65, 0x72, 0x45, 0x6e, 0x61, 0x62, 0x6c, 0x65, 0x64,
+	0x12, 0x2a, 0x0a, 0x0a, 0x7a, 0x69, 0x70, 0x6b, 0x69, 0x6e, 0x5f, 0x75, 0x72, 0x6c, 0x18, 0x06,
+	0x20, 0x01, 0x28, 0x09, 0x42, 0x0b, 0x18, 0x01, 0x92, 0xc7, 0x86, 0xd8, 0x04, 0x03, 0x33, 0x2e,
+	0x30, 0x52, 0x09, 0x7a, 0x69, 0x70, 0x6b, 0x69, 0x6e, 0x55, 0x72, 0x6c, 0x12, 0x38, 0x0a, 0x18,
+	0x6f, 0x63, 0x61, 0x67, 0x65, 0x6e, 0x74, 0x5f, 0x65, 0x78, 0x70, 0x6f, 0x72, 0x74, 0x65, 0x72,
+	0x5f, 0x65, 0x6e, 0x61, 0x62, 0x6c, 0x65, 0x64, 0x18, 0x0b, 0x20, 0x01, 0x28, 0x08, 0x52, 0x16,
+	0x6f, 0x63, 0x61, 0x67, 0x65, 0x6e, 0x74, 0x45, 0x78, 0x70, 0x6f, 0x72, 0x74, 0x65, 0x72, 0x45,
+	0x6e, 0x61, 0x62, 0x6c, 0x65, 0x64, 0x12, 0x27, 0x0a, 0x0f, 0x6f, 0x63, 0x61, 0x67, 0x65, 0x6e,
+	0x74, 0x5f, 0x61, 0x64, 0x64, 0x72, 0x65, 0x73, 0x73, 0x18, 0x0c, 0x20, 0x01, 0x28, 0x09, 0x52,
+	0x0e, 0x6f, 0x63, 0x61, 0x67, 0x65, 0x6e, 0x74, 0x41, 0x64, 0x64, 0x72, 0x65, 0x73, 0x73, 0x12,
+	0x53, 0x0a, 0x14, 0x6f, 0x63, 0x61, 0x67, 0x65, 0x6e, 0x74, 0x5f, 0x67, 0x72, 0x70, 0x63, 0x5f,
+	0x73, 0x65, 0x72, 0x76, 0x69, 0x63, 0x65, 0x18, 0x0e, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x21, 0x2e,
+	0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x63, 0x6f, 0x72,
+	0x65, 0x2e, 0x76, 0x33, 0x2e, 0x47, 0x72, 0x70, 0x63, 0x53, 0x65, 0x72, 0x76, 0x69, 0x63, 0x65,
+	0x52, 0x12, 0x6f, 0x63, 0x61, 0x67, 0x65, 0x6e, 0x74, 0x47, 0x72, 0x70, 0x63, 0x53, 0x65, 0x72,
+	0x76, 0x69, 0x63, 0x65, 0x12, 0x6a, 0x0a, 0x16, 0x69, 0x6e, 0x63, 0x6f, 0x6d, 0x69, 0x6e, 0x67,
+	0x5f, 0x74, 0x72, 0x61, 0x63, 0x65, 0x5f, 0x63, 0x6f, 0x6e, 0x74, 0x65, 0x78, 0x74, 0x18, 0x08,
+	0x20, 0x03, 0x28, 0x0e, 0x32, 0x34, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e,
+	0x66, 0x69, 0x67, 0x2e, 0x74, 0x72, 0x61, 0x63, 0x65, 0x2e, 0x76, 0x33, 0x2e, 0x4f, 0x70, 0x65,
+	0x6e, 0x43, 0x65, 0x6e, 0x73, 0x75, 0x73, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x54, 0x72,
+	0x61, 0x63, 0x65, 0x43, 0x6f, 0x6e, 0x74, 0x65, 0x78, 0x74, 0x52, 0x14, 0x69, 0x6e, 0x63, 0x6f,
+	0x6d, 0x69, 0x6e, 0x67, 0x54, 0x72, 0x61, 0x63, 0x65, 0x43, 0x6f, 0x6e, 0x74, 0x65, 0x78, 0x74,
+	0x12, 0x6a, 0x0a, 0x16, 0x6f, 0x75, 0x74, 0x67, 0x6f, 0x69, 0x6e, 0x67, 0x5f, 0x74, 0x72, 0x61,
+	0x63, 0x65, 0x5f, 0x63, 0x6f, 0x6e, 0x74, 0x65, 0x78, 0x74, 0x18, 0x09, 0x20, 0x03, 0x28, 0x0e,
+	0x32, 0x34, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e,
+	0x74, 0x72, 0x61, 0x63, 0x65, 0x2e, 0x76, 0x33, 0x2e, 0x4f, 0x70, 0x65, 0x6e, 0x43, 0x65, 0x6e,
+	0x73, 0x75, 0x73, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x54, 0x72, 0x61, 0x63, 0x65, 0x43,
+	0x6f, 0x6e, 0x74, 0x65, 0x78, 0x74, 0x52, 0x14, 0x6f, 0x75, 0x74, 0x67, 0x6f, 0x69, 0x6e, 0x67,
+	0x54, 0x72, 0x61, 0x63, 0x65, 0x43, 0x6f, 0x6e, 0x74, 0x65, 0x78, 0x74, 0x22, 0x60, 0x0a, 0x0c,
+	0x54, 0x72, 0x61, 0x63, 0x65, 0x43, 0x6f, 0x6e, 0x74, 0x65, 0x78, 0x74, 0x12, 0x08, 0x0a, 0x04,
+	0x4e, 0x4f, 0x4e, 0x45, 0x10, 0x00, 0x12, 0x11, 0x0a, 0x0d, 0x54, 0x52, 0x41, 0x43, 0x45, 0x5f,
+	0x43, 0x4f, 0x4e, 0x54, 0x45, 0x58, 0x54, 0x10, 0x01, 0x12, 0x12, 0x0a, 0x0e, 0x47, 0x52, 0x50,
+	0x43, 0x5f, 0x54, 0x52, 0x41, 0x43, 0x45, 0x5f, 0x42, 0x49, 0x4e, 0x10, 0x02, 0x12, 0x17, 0x0a,
+	0x13, 0x43, 0x4c, 0x4f, 0x55, 0x44, 0x5f, 0x54, 0x52, 0x41, 0x43, 0x45, 0x5f, 0x43, 0x4f, 0x4e,
+	0x54, 0x45, 0x58, 0x54, 0x10, 0x03, 0x12, 0x06, 0x0a, 0x02, 0x42, 0x33, 0x10, 0x04, 0x3a, 0x2d,
+	0x9a, 0xc5, 0x88, 0x1e, 0x28, 0x0a, 0x26, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e,
+	0x66, 0x69, 0x67, 0x2e, 0x74, 0x72, 0x61, 0x63, 0x65, 0x2e, 0x76, 0x32, 0x2e, 0x4f, 0x70, 0x65,
+	0x6e, 0x43, 0x65, 0x6e, 0x73, 0x75, 0x73, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x4a, 0x04, 0x08,
+	0x07, 0x10, 0x08, 0x42, 0x73, 0x0a, 0x23, 0x69, 0x6f, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x70,
+	0x72, 0x6f, 0x78, 0x79, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69,
+	0x67, 0x2e, 0x74, 0x72, 0x61, 0x63, 0x65, 0x2e, 0x76, 0x33, 0x42, 0x0f, 0x4f, 0x70, 0x65, 0x6e,
+	0x63, 0x65, 0x6e, 0x73, 0x75, 0x73, 0x50, 0x72, 0x6f, 0x74, 0x6f, 0x50, 0x01, 0xf2, 0x98, 0xfe,
+	0x8f, 0x05, 0x2d, 0x12, 0x2b, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x65, 0x78, 0x74, 0x65, 0x6e,
+	0x73, 0x69, 0x6f, 0x6e, 0x73, 0x2e, 0x74, 0x72, 0x61, 0x63, 0x65, 0x72, 0x73, 0x2e, 0x6f, 0x70,
+	0x65, 0x6e, 0x63, 0x65, 0x6e, 0x73, 0x75, 0x73, 0x2e, 0x76, 0x34, 0x61, 0x6c, 0x70, 0x68, 0x61,
+	0xba, 0x80, 0xc8, 0xd1, 0x06, 0x02, 0x10, 0x02, 0x62, 0x06, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x33,
+}
+
+var (
+	file_envoy_config_trace_v3_opencensus_proto_rawDescOnce sync.Once
+	file_envoy_config_trace_v3_opencensus_proto_rawDescData = file_envoy_config_trace_v3_opencensus_proto_rawDesc
+)
+
+func file_envoy_config_trace_v3_opencensus_proto_rawDescGZIP() []byte {
+	file_envoy_config_trace_v3_opencensus_proto_rawDescOnce.Do(func() {
+		file_envoy_config_trace_v3_opencensus_proto_rawDescData = protoimpl.X.CompressGZIP(file_envoy_config_trace_v3_opencensus_proto_rawDescData)
+	})
+	return file_envoy_config_trace_v3_opencensus_proto_rawDescData
+}
+
+var file_envoy_config_trace_v3_opencensus_proto_enumTypes = make([]protoimpl.EnumInfo, 1)
+var file_envoy_config_trace_v3_opencensus_proto_msgTypes = make([]protoimpl.MessageInfo, 1)
+var file_envoy_config_trace_v3_opencensus_proto_goTypes = []interface{}{
+	(OpenCensusConfig_TraceContext)(0), // 0: envoy.config.trace.v3.OpenCensusConfig.TraceContext
+	(*OpenCensusConfig)(nil),           // 1: envoy.config.trace.v3.OpenCensusConfig
+	(*v1.TraceConfig)(nil),             // 2: opencensus.proto.trace.v1.TraceConfig
+	(*v3.GrpcService)(nil),             // 3: envoy.config.core.v3.GrpcService
+}
+var file_envoy_config_trace_v3_opencensus_proto_depIdxs = []int32{
+	2, // 0: envoy.config.trace.v3.OpenCensusConfig.trace_config:type_name -> opencensus.proto.trace.v1.TraceConfig
+	3, // 1: envoy.config.trace.v3.OpenCensusConfig.stackdriver_grpc_service:type_name -> envoy.config.core.v3.GrpcService
+	3, // 2: envoy.config.trace.v3.OpenCensusConfig.ocagent_grpc_service:type_name -> envoy.config.core.v3.GrpcService
+	0, // 3: envoy.config.trace.v3.OpenCensusConfig.incoming_trace_context:type_name -> envoy.config.trace.v3.OpenCensusConfig.TraceContext
+	0, // 4: envoy.config.trace.v3.OpenCensusConfig.outgoing_trace_context:type_name -> envoy.config.trace.v3.OpenCensusConfig.TraceContext
+	5, // [5:5] is the sub-list for method output_type
+	5, // [5:5] is the sub-list for method input_type
+	5, // [5:5] is the sub-list for extension type_name
+	5, // [5:5] is the sub-list for extension extendee
+	0, // [0:5] is the sub-list for field type_name
+}
+
+func init() { file_envoy_config_trace_v3_opencensus_proto_init() }
+func file_envoy_config_trace_v3_opencensus_proto_init() {
+	if File_envoy_config_trace_v3_opencensus_proto != nil {
+		return
+	}
+	if !protoimpl.UnsafeEnabled {
+		file_envoy_config_trace_v3_opencensus_proto_msgTypes[0].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*OpenCensusConfig); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+	}
+	type x struct{}
+	out := protoimpl.TypeBuilder{
+		File: protoimpl.DescBuilder{
+			GoPackagePath: reflect.TypeOf(x{}).PkgPath(),
+			RawDescriptor: file_envoy_config_trace_v3_opencensus_proto_rawDesc,
+			NumEnums:      1,
+			NumMessages:   1,
+			NumExtensions: 0,
+			NumServices:   0,
+		},
+		GoTypes:           file_envoy_config_trace_v3_opencensus_proto_goTypes,
+		DependencyIndexes: file_envoy_config_trace_v3_opencensus_proto_depIdxs,
+		EnumInfos:         file_envoy_config_trace_v3_opencensus_proto_enumTypes,
+		MessageInfos:      file_envoy_config_trace_v3_opencensus_proto_msgTypes,
+	}.Build()
+	File_envoy_config_trace_v3_opencensus_proto = out.File
+	file_envoy_config_trace_v3_opencensus_proto_rawDesc = nil
+	file_envoy_config_trace_v3_opencensus_proto_goTypes = nil
+	file_envoy_config_trace_v3_opencensus_proto_depIdxs = nil
+}
diff --git a/vendor/github.com/envoyproxy/go-control-plane/envoy/config/trace/v3/opencensus.pb.validate.go b/vendor/github.com/envoyproxy/go-control-plane/envoy/config/trace/v3/opencensus.pb.validate.go
new file mode 100644
index 00000000000..3fede57ba75
--- /dev/null
+++ b/vendor/github.com/envoyproxy/go-control-plane/envoy/config/trace/v3/opencensus.pb.validate.go
@@ -0,0 +1,238 @@
+// Code generated by protoc-gen-validate. DO NOT EDIT.
+// source: envoy/config/trace/v3/opencensus.proto
+
+package envoy_config_trace_v3
+
+import (
+	"bytes"
+	"errors"
+	"fmt"
+	"net"
+	"net/mail"
+	"net/url"
+	"regexp"
+	"sort"
+	"strings"
+	"time"
+	"unicode/utf8"
+
+	"google.golang.org/protobuf/types/known/anypb"
+)
+
+// ensure the imports are used
+var (
+	_ = bytes.MinRead
+	_ = errors.New("")
+	_ = fmt.Print
+	_ = utf8.UTFMax
+	_ = (*regexp.Regexp)(nil)
+	_ = (*strings.Reader)(nil)
+	_ = net.IPv4len
+	_ = time.Duration(0)
+	_ = (*url.URL)(nil)
+	_ = (*mail.Address)(nil)
+	_ = anypb.Any{}
+	_ = sort.Sort
+)
+
+// Validate checks the field values on OpenCensusConfig with the rules defined
+// in the proto definition for this message. If any rules are violated, the
+// first error encountered is returned, or nil if there are no violations.
+func (m *OpenCensusConfig) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on OpenCensusConfig with the rules
+// defined in the proto definition for this message. If any rules are
+// violated, the result is a list of violation errors wrapped in
+// OpenCensusConfigMultiError, or nil if none found.
+func (m *OpenCensusConfig) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *OpenCensusConfig) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	if all {
+		switch v := interface{}(m.GetTraceConfig()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, OpenCensusConfigValidationError{
+					field:  "TraceConfig",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, OpenCensusConfigValidationError{
+					field:  "TraceConfig",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetTraceConfig()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return OpenCensusConfigValidationError{
+				field:  "TraceConfig",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	// no validation rules for StdoutExporterEnabled
+
+	// no validation rules for StackdriverExporterEnabled
+
+	// no validation rules for StackdriverProjectId
+
+	// no validation rules for StackdriverAddress
+
+	if all {
+		switch v := interface{}(m.GetStackdriverGrpcService()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, OpenCensusConfigValidationError{
+					field:  "StackdriverGrpcService",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, OpenCensusConfigValidationError{
+					field:  "StackdriverGrpcService",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetStackdriverGrpcService()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return OpenCensusConfigValidationError{
+				field:  "StackdriverGrpcService",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	// no validation rules for ZipkinExporterEnabled
+
+	// no validation rules for ZipkinUrl
+
+	// no validation rules for OcagentExporterEnabled
+
+	// no validation rules for OcagentAddress
+
+	if all {
+		switch v := interface{}(m.GetOcagentGrpcService()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, OpenCensusConfigValidationError{
+					field:  "OcagentGrpcService",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, OpenCensusConfigValidationError{
+					field:  "OcagentGrpcService",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetOcagentGrpcService()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return OpenCensusConfigValidationError{
+				field:  "OcagentGrpcService",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if len(errors) > 0 {
+		return OpenCensusConfigMultiError(errors)
+	}
+	return nil
+}
+
+// OpenCensusConfigMultiError is an error wrapping multiple validation errors
+// returned by OpenCensusConfig.ValidateAll() if the designated constraints
+// aren't met.
+type OpenCensusConfigMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m OpenCensusConfigMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m OpenCensusConfigMultiError) AllErrors() []error { return m }
+
+// OpenCensusConfigValidationError is the validation error returned by
+// OpenCensusConfig.Validate if the designated constraints aren't met.
+type OpenCensusConfigValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e OpenCensusConfigValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e OpenCensusConfigValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e OpenCensusConfigValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e OpenCensusConfigValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e OpenCensusConfigValidationError) ErrorName() string { return "OpenCensusConfigValidationError" }
+
+// Error satisfies the builtin error interface
+func (e OpenCensusConfigValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sOpenCensusConfig.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = OpenCensusConfigValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = OpenCensusConfigValidationError{}
diff --git a/vendor/github.com/envoyproxy/go-control-plane/envoy/config/trace/v3/service.pb.go b/vendor/github.com/envoyproxy/go-control-plane/envoy/config/trace/v3/service.pb.go
new file mode 100644
index 00000000000..e1563b31145
--- /dev/null
+++ b/vendor/github.com/envoyproxy/go-control-plane/envoy/config/trace/v3/service.pb.go
@@ -0,0 +1,174 @@
+// Code generated by protoc-gen-go. DO NOT EDIT.
+// versions:
+// 	protoc-gen-go v1.25.0
+// 	protoc        v3.19.1
+// source: envoy/config/trace/v3/service.proto
+
+package envoy_config_trace_v3
+
+import (
+	_ "github.com/cncf/xds/go/udpa/annotations"
+	v3 "github.com/envoyproxy/go-control-plane/envoy/config/core/v3"
+	_ "github.com/envoyproxy/protoc-gen-validate/validate"
+	proto "github.com/golang/protobuf/proto"
+	protoreflect "google.golang.org/protobuf/reflect/protoreflect"
+	protoimpl "google.golang.org/protobuf/runtime/protoimpl"
+	reflect "reflect"
+	sync "sync"
+)
+
+const (
+	// Verify that this generated code is sufficiently up-to-date.
+	_ = protoimpl.EnforceVersion(20 - protoimpl.MinVersion)
+	// Verify that runtime/protoimpl is sufficiently up-to-date.
+	_ = protoimpl.EnforceVersion(protoimpl.MaxVersion - 20)
+)
+
+// This is a compile-time assertion that a sufficiently up-to-date version
+// of the legacy proto package is being used.
+const _ = proto.ProtoPackageIsVersion4
+
+// Configuration structure.
+type TraceServiceConfig struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// The upstream gRPC cluster that hosts the metrics service.
+	GrpcService *v3.GrpcService `protobuf:"bytes,1,opt,name=grpc_service,json=grpcService,proto3" json:"grpc_service,omitempty"`
+}
+
+func (x *TraceServiceConfig) Reset() {
+	*x = TraceServiceConfig{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_config_trace_v3_service_proto_msgTypes[0]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *TraceServiceConfig) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*TraceServiceConfig) ProtoMessage() {}
+
+func (x *TraceServiceConfig) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_config_trace_v3_service_proto_msgTypes[0]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use TraceServiceConfig.ProtoReflect.Descriptor instead.
+func (*TraceServiceConfig) Descriptor() ([]byte, []int) {
+	return file_envoy_config_trace_v3_service_proto_rawDescGZIP(), []int{0}
+}
+
+func (x *TraceServiceConfig) GetGrpcService() *v3.GrpcService {
+	if x != nil {
+		return x.GrpcService
+	}
+	return nil
+}
+
+var File_envoy_config_trace_v3_service_proto protoreflect.FileDescriptor
+
+var file_envoy_config_trace_v3_service_proto_rawDesc = []byte{
+	0x0a, 0x23, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2f, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2f, 0x74,
+	0x72, 0x61, 0x63, 0x65, 0x2f, 0x76, 0x33, 0x2f, 0x73, 0x65, 0x72, 0x76, 0x69, 0x63, 0x65, 0x2e,
+	0x70, 0x72, 0x6f, 0x74, 0x6f, 0x12, 0x15, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e,
+	0x66, 0x69, 0x67, 0x2e, 0x74, 0x72, 0x61, 0x63, 0x65, 0x2e, 0x76, 0x33, 0x1a, 0x27, 0x65, 0x6e,
+	0x76, 0x6f, 0x79, 0x2f, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2f, 0x63, 0x6f, 0x72, 0x65, 0x2f,
+	0x76, 0x33, 0x2f, 0x67, 0x72, 0x70, 0x63, 0x5f, 0x73, 0x65, 0x72, 0x76, 0x69, 0x63, 0x65, 0x2e,
+	0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x1d, 0x75, 0x64, 0x70, 0x61, 0x2f, 0x61, 0x6e, 0x6e, 0x6f,
+	0x74, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x2f, 0x73, 0x74, 0x61, 0x74, 0x75, 0x73, 0x2e, 0x70,
+	0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x21, 0x75, 0x64, 0x70, 0x61, 0x2f, 0x61, 0x6e, 0x6e, 0x6f, 0x74,
+	0x61, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x2f, 0x76, 0x65, 0x72, 0x73, 0x69, 0x6f, 0x6e, 0x69, 0x6e,
+	0x67, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x17, 0x76, 0x61, 0x6c, 0x69, 0x64, 0x61, 0x74,
+	0x65, 0x2f, 0x76, 0x61, 0x6c, 0x69, 0x64, 0x61, 0x74, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f,
+	0x22, 0x95, 0x01, 0x0a, 0x12, 0x54, 0x72, 0x61, 0x63, 0x65, 0x53, 0x65, 0x72, 0x76, 0x69, 0x63,
+	0x65, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x12, 0x4e, 0x0a, 0x0c, 0x67, 0x72, 0x70, 0x63, 0x5f,
+	0x73, 0x65, 0x72, 0x76, 0x69, 0x63, 0x65, 0x18, 0x01, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x21, 0x2e,
+	0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x63, 0x6f, 0x72,
+	0x65, 0x2e, 0x76, 0x33, 0x2e, 0x47, 0x72, 0x70, 0x63, 0x53, 0x65, 0x72, 0x76, 0x69, 0x63, 0x65,
+	0x42, 0x08, 0xfa, 0x42, 0x05, 0x8a, 0x01, 0x02, 0x10, 0x01, 0x52, 0x0b, 0x67, 0x72, 0x70, 0x63,
+	0x53, 0x65, 0x72, 0x76, 0x69, 0x63, 0x65, 0x3a, 0x2f, 0x9a, 0xc5, 0x88, 0x1e, 0x2a, 0x0a, 0x28,
+	0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x74, 0x72, 0x61,
+	0x63, 0x65, 0x2e, 0x76, 0x32, 0x2e, 0x54, 0x72, 0x61, 0x63, 0x65, 0x53, 0x65, 0x72, 0x76, 0x69,
+	0x63, 0x65, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x42, 0x3d, 0x0a, 0x23, 0x69, 0x6f, 0x2e, 0x65,
+	0x6e, 0x76, 0x6f, 0x79, 0x70, 0x72, 0x6f, 0x78, 0x79, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e,
+	0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x74, 0x72, 0x61, 0x63, 0x65, 0x2e, 0x76, 0x33, 0x42,
+	0x0c, 0x53, 0x65, 0x72, 0x76, 0x69, 0x63, 0x65, 0x50, 0x72, 0x6f, 0x74, 0x6f, 0x50, 0x01, 0xba,
+	0x80, 0xc8, 0xd1, 0x06, 0x02, 0x10, 0x02, 0x62, 0x06, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x33,
+}
+
+var (
+	file_envoy_config_trace_v3_service_proto_rawDescOnce sync.Once
+	file_envoy_config_trace_v3_service_proto_rawDescData = file_envoy_config_trace_v3_service_proto_rawDesc
+)
+
+func file_envoy_config_trace_v3_service_proto_rawDescGZIP() []byte {
+	file_envoy_config_trace_v3_service_proto_rawDescOnce.Do(func() {
+		file_envoy_config_trace_v3_service_proto_rawDescData = protoimpl.X.CompressGZIP(file_envoy_config_trace_v3_service_proto_rawDescData)
+	})
+	return file_envoy_config_trace_v3_service_proto_rawDescData
+}
+
+var file_envoy_config_trace_v3_service_proto_msgTypes = make([]protoimpl.MessageInfo, 1)
+var file_envoy_config_trace_v3_service_proto_goTypes = []interface{}{
+	(*TraceServiceConfig)(nil), // 0: envoy.config.trace.v3.TraceServiceConfig
+	(*v3.GrpcService)(nil),     // 1: envoy.config.core.v3.GrpcService
+}
+var file_envoy_config_trace_v3_service_proto_depIdxs = []int32{
+	1, // 0: envoy.config.trace.v3.TraceServiceConfig.grpc_service:type_name -> envoy.config.core.v3.GrpcService
+	1, // [1:1] is the sub-list for method output_type
+	1, // [1:1] is the sub-list for method input_type
+	1, // [1:1] is the sub-list for extension type_name
+	1, // [1:1] is the sub-list for extension extendee
+	0, // [0:1] is the sub-list for field type_name
+}
+
+func init() { file_envoy_config_trace_v3_service_proto_init() }
+func file_envoy_config_trace_v3_service_proto_init() {
+	if File_envoy_config_trace_v3_service_proto != nil {
+		return
+	}
+	if !protoimpl.UnsafeEnabled {
+		file_envoy_config_trace_v3_service_proto_msgTypes[0].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*TraceServiceConfig); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+	}
+	type x struct{}
+	out := protoimpl.TypeBuilder{
+		File: protoimpl.DescBuilder{
+			GoPackagePath: reflect.TypeOf(x{}).PkgPath(),
+			RawDescriptor: file_envoy_config_trace_v3_service_proto_rawDesc,
+			NumEnums:      0,
+			NumMessages:   1,
+			NumExtensions: 0,
+			NumServices:   0,
+		},
+		GoTypes:           file_envoy_config_trace_v3_service_proto_goTypes,
+		DependencyIndexes: file_envoy_config_trace_v3_service_proto_depIdxs,
+		MessageInfos:      file_envoy_config_trace_v3_service_proto_msgTypes,
+	}.Build()
+	File_envoy_config_trace_v3_service_proto = out.File
+	file_envoy_config_trace_v3_service_proto_rawDesc = nil
+	file_envoy_config_trace_v3_service_proto_goTypes = nil
+	file_envoy_config_trace_v3_service_proto_depIdxs = nil
+}
diff --git a/vendor/github.com/envoyproxy/go-control-plane/envoy/config/trace/v3/service.pb.validate.go b/vendor/github.com/envoyproxy/go-control-plane/envoy/config/trace/v3/service.pb.validate.go
new file mode 100644
index 00000000000..b5edc3620fd
--- /dev/null
+++ b/vendor/github.com/envoyproxy/go-control-plane/envoy/config/trace/v3/service.pb.validate.go
@@ -0,0 +1,177 @@
+// Code generated by protoc-gen-validate. DO NOT EDIT.
+// source: envoy/config/trace/v3/service.proto
+
+package envoy_config_trace_v3
+
+import (
+	"bytes"
+	"errors"
+	"fmt"
+	"net"
+	"net/mail"
+	"net/url"
+	"regexp"
+	"sort"
+	"strings"
+	"time"
+	"unicode/utf8"
+
+	"google.golang.org/protobuf/types/known/anypb"
+)
+
+// ensure the imports are used
+var (
+	_ = bytes.MinRead
+	_ = errors.New("")
+	_ = fmt.Print
+	_ = utf8.UTFMax
+	_ = (*regexp.Regexp)(nil)
+	_ = (*strings.Reader)(nil)
+	_ = net.IPv4len
+	_ = time.Duration(0)
+	_ = (*url.URL)(nil)
+	_ = (*mail.Address)(nil)
+	_ = anypb.Any{}
+	_ = sort.Sort
+)
+
+// Validate checks the field values on TraceServiceConfig with the rules
+// defined in the proto definition for this message. If any rules are
+// violated, the first error encountered is returned, or nil if there are no violations.
+func (m *TraceServiceConfig) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on TraceServiceConfig with the rules
+// defined in the proto definition for this message. If any rules are
+// violated, the result is a list of violation errors wrapped in
+// TraceServiceConfigMultiError, or nil if none found.
+func (m *TraceServiceConfig) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *TraceServiceConfig) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	if m.GetGrpcService() == nil {
+		err := TraceServiceConfigValidationError{
+			field:  "GrpcService",
+			reason: "value is required",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+	}
+
+	if all {
+		switch v := interface{}(m.GetGrpcService()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, TraceServiceConfigValidationError{
+					field:  "GrpcService",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, TraceServiceConfigValidationError{
+					field:  "GrpcService",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetGrpcService()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return TraceServiceConfigValidationError{
+				field:  "GrpcService",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if len(errors) > 0 {
+		return TraceServiceConfigMultiError(errors)
+	}
+	return nil
+}
+
+// TraceServiceConfigMultiError is an error wrapping multiple validation errors
+// returned by TraceServiceConfig.ValidateAll() if the designated constraints
+// aren't met.
+type TraceServiceConfigMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m TraceServiceConfigMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m TraceServiceConfigMultiError) AllErrors() []error { return m }
+
+// TraceServiceConfigValidationError is the validation error returned by
+// TraceServiceConfig.Validate if the designated constraints aren't met.
+type TraceServiceConfigValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e TraceServiceConfigValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e TraceServiceConfigValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e TraceServiceConfigValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e TraceServiceConfigValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e TraceServiceConfigValidationError) ErrorName() string {
+	return "TraceServiceConfigValidationError"
+}
+
+// Error satisfies the builtin error interface
+func (e TraceServiceConfigValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sTraceServiceConfig.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = TraceServiceConfigValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = TraceServiceConfigValidationError{}
diff --git a/vendor/github.com/envoyproxy/go-control-plane/envoy/config/trace/v3/skywalking.pb.go b/vendor/github.com/envoyproxy/go-control-plane/envoy/config/trace/v3/skywalking.pb.go
new file mode 100644
index 00000000000..aa5941a5821
--- /dev/null
+++ b/vendor/github.com/envoyproxy/go-control-plane/envoy/config/trace/v3/skywalking.pb.go
@@ -0,0 +1,341 @@
+// Code generated by protoc-gen-go. DO NOT EDIT.
+// versions:
+// 	protoc-gen-go v1.25.0
+// 	protoc        v3.19.1
+// source: envoy/config/trace/v3/skywalking.proto
+
+package envoy_config_trace_v3
+
+import (
+	_ "github.com/cncf/xds/go/udpa/annotations"
+	v3 "github.com/envoyproxy/go-control-plane/envoy/config/core/v3"
+	_ "github.com/envoyproxy/protoc-gen-validate/validate"
+	proto "github.com/golang/protobuf/proto"
+	wrappers "github.com/golang/protobuf/ptypes/wrappers"
+	protoreflect "google.golang.org/protobuf/reflect/protoreflect"
+	protoimpl "google.golang.org/protobuf/runtime/protoimpl"
+	reflect "reflect"
+	sync "sync"
+)
+
+const (
+	// Verify that this generated code is sufficiently up-to-date.
+	_ = protoimpl.EnforceVersion(20 - protoimpl.MinVersion)
+	// Verify that runtime/protoimpl is sufficiently up-to-date.
+	_ = protoimpl.EnforceVersion(protoimpl.MaxVersion - 20)
+)
+
+// This is a compile-time assertion that a sufficiently up-to-date version
+// of the legacy proto package is being used.
+const _ = proto.ProtoPackageIsVersion4
+
+// Configuration for the SkyWalking tracer. Please note that if SkyWalking tracer is used as the
+// provider of http tracer, then
+// :ref:`start_child_span <envoy_v3_api_field_extensions.filters.http.router.v3.Router.start_child_span>`
+// in the router must be set to true to get the correct topology and tracing data. Moreover, SkyWalking
+// Tracer does not support SkyWalking extension header (``sw8-x``) temporarily.
+// [#extension: envoy.tracers.skywalking]
+type SkyWalkingConfig struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// SkyWalking collector service.
+	GrpcService  *v3.GrpcService `protobuf:"bytes,1,opt,name=grpc_service,json=grpcService,proto3" json:"grpc_service,omitempty"`
+	ClientConfig *ClientConfig   `protobuf:"bytes,2,opt,name=client_config,json=clientConfig,proto3" json:"client_config,omitempty"`
+}
+
+func (x *SkyWalkingConfig) Reset() {
+	*x = SkyWalkingConfig{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_config_trace_v3_skywalking_proto_msgTypes[0]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *SkyWalkingConfig) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*SkyWalkingConfig) ProtoMessage() {}
+
+func (x *SkyWalkingConfig) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_config_trace_v3_skywalking_proto_msgTypes[0]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use SkyWalkingConfig.ProtoReflect.Descriptor instead.
+func (*SkyWalkingConfig) Descriptor() ([]byte, []int) {
+	return file_envoy_config_trace_v3_skywalking_proto_rawDescGZIP(), []int{0}
+}
+
+func (x *SkyWalkingConfig) GetGrpcService() *v3.GrpcService {
+	if x != nil {
+		return x.GrpcService
+	}
+	return nil
+}
+
+func (x *SkyWalkingConfig) GetClientConfig() *ClientConfig {
+	if x != nil {
+		return x.ClientConfig
+	}
+	return nil
+}
+
+// Client config for SkyWalking tracer.
+type ClientConfig struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// Service name for SkyWalking tracer. If this field is empty, then local service cluster name
+	// that configured by :ref:`Bootstrap node <envoy_v3_api_field_config.bootstrap.v3.Bootstrap.node>`
+	// message's :ref:`cluster <envoy_v3_api_field_config.core.v3.Node.cluster>` field or command line
+	// option :option:`--service-cluster` will be used. If both this field and local service cluster
+	// name are empty, ``EnvoyProxy`` is used as the service name by default.
+	ServiceName string `protobuf:"bytes,1,opt,name=service_name,json=serviceName,proto3" json:"service_name,omitempty"`
+	// Service instance name for SkyWalking tracer. If this field is empty, then local service node
+	// that configured by :ref:`Bootstrap node <envoy_v3_api_field_config.bootstrap.v3.Bootstrap.node>`
+	// message's :ref:`id <envoy_v3_api_field_config.core.v3.Node.id>` field or command line  option
+	// :option:`--service-node` will be used. If both this field and local service node are empty,
+	// ``EnvoyProxy`` is used as the instance name by default.
+	InstanceName string `protobuf:"bytes,2,opt,name=instance_name,json=instanceName,proto3" json:"instance_name,omitempty"`
+	// Authentication token config for SkyWalking. SkyWalking can use token authentication to secure
+	// that monitoring application data can be trusted. In current version, Token is considered as a
+	// simple string.
+	// [#comment:TODO(wbpcode): Get backend token through the SDS API.]
+	//
+	// Types that are assignable to BackendTokenSpecifier:
+	//	*ClientConfig_BackendToken
+	BackendTokenSpecifier isClientConfig_BackendTokenSpecifier `protobuf_oneof:"backend_token_specifier"`
+	// Envoy caches the segment in memory when the SkyWalking backend service is temporarily unavailable.
+	// This field specifies the maximum number of segments that can be cached. If not specified, the
+	// default is 1024.
+	MaxCacheSize *wrappers.UInt32Value `protobuf:"bytes,4,opt,name=max_cache_size,json=maxCacheSize,proto3" json:"max_cache_size,omitempty"`
+}
+
+func (x *ClientConfig) Reset() {
+	*x = ClientConfig{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_config_trace_v3_skywalking_proto_msgTypes[1]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *ClientConfig) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*ClientConfig) ProtoMessage() {}
+
+func (x *ClientConfig) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_config_trace_v3_skywalking_proto_msgTypes[1]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use ClientConfig.ProtoReflect.Descriptor instead.
+func (*ClientConfig) Descriptor() ([]byte, []int) {
+	return file_envoy_config_trace_v3_skywalking_proto_rawDescGZIP(), []int{1}
+}
+
+func (x *ClientConfig) GetServiceName() string {
+	if x != nil {
+		return x.ServiceName
+	}
+	return ""
+}
+
+func (x *ClientConfig) GetInstanceName() string {
+	if x != nil {
+		return x.InstanceName
+	}
+	return ""
+}
+
+func (m *ClientConfig) GetBackendTokenSpecifier() isClientConfig_BackendTokenSpecifier {
+	if m != nil {
+		return m.BackendTokenSpecifier
+	}
+	return nil
+}
+
+func (x *ClientConfig) GetBackendToken() string {
+	if x, ok := x.GetBackendTokenSpecifier().(*ClientConfig_BackendToken); ok {
+		return x.BackendToken
+	}
+	return ""
+}
+
+func (x *ClientConfig) GetMaxCacheSize() *wrappers.UInt32Value {
+	if x != nil {
+		return x.MaxCacheSize
+	}
+	return nil
+}
+
+type isClientConfig_BackendTokenSpecifier interface {
+	isClientConfig_BackendTokenSpecifier()
+}
+
+type ClientConfig_BackendToken struct {
+	// Inline authentication token string.
+	BackendToken string `protobuf:"bytes,3,opt,name=backend_token,json=backendToken,proto3,oneof"`
+}
+
+func (*ClientConfig_BackendToken) isClientConfig_BackendTokenSpecifier() {}
+
+var File_envoy_config_trace_v3_skywalking_proto protoreflect.FileDescriptor
+
+var file_envoy_config_trace_v3_skywalking_proto_rawDesc = []byte{
+	0x0a, 0x26, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2f, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2f, 0x74,
+	0x72, 0x61, 0x63, 0x65, 0x2f, 0x76, 0x33, 0x2f, 0x73, 0x6b, 0x79, 0x77, 0x61, 0x6c, 0x6b, 0x69,
+	0x6e, 0x67, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x12, 0x15, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e,
+	0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x74, 0x72, 0x61, 0x63, 0x65, 0x2e, 0x76, 0x33, 0x1a,
+	0x27, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2f, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2f, 0x63, 0x6f,
+	0x72, 0x65, 0x2f, 0x76, 0x33, 0x2f, 0x67, 0x72, 0x70, 0x63, 0x5f, 0x73, 0x65, 0x72, 0x76, 0x69,
+	0x63, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x1e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65,
+	0x2f, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2f, 0x77, 0x72, 0x61, 0x70, 0x70, 0x65,
+	0x72, 0x73, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x1e, 0x75, 0x64, 0x70, 0x61, 0x2f, 0x61,
+	0x6e, 0x6e, 0x6f, 0x74, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x2f, 0x6d, 0x69, 0x67, 0x72, 0x61,
+	0x74, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x20, 0x75, 0x64, 0x70, 0x61, 0x2f, 0x61,
+	0x6e, 0x6e, 0x6f, 0x74, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x2f, 0x73, 0x65, 0x6e, 0x73, 0x69,
+	0x74, 0x69, 0x76, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x1d, 0x75, 0x64, 0x70, 0x61,
+	0x2f, 0x61, 0x6e, 0x6e, 0x6f, 0x74, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x2f, 0x73, 0x74, 0x61,
+	0x74, 0x75, 0x73, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x17, 0x76, 0x61, 0x6c, 0x69, 0x64,
+	0x61, 0x74, 0x65, 0x2f, 0x76, 0x61, 0x6c, 0x69, 0x64, 0x61, 0x74, 0x65, 0x2e, 0x70, 0x72, 0x6f,
+	0x74, 0x6f, 0x22, 0xac, 0x01, 0x0a, 0x10, 0x53, 0x6b, 0x79, 0x57, 0x61, 0x6c, 0x6b, 0x69, 0x6e,
+	0x67, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x12, 0x4e, 0x0a, 0x0c, 0x67, 0x72, 0x70, 0x63, 0x5f,
+	0x73, 0x65, 0x72, 0x76, 0x69, 0x63, 0x65, 0x18, 0x01, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x21, 0x2e,
+	0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x63, 0x6f, 0x72,
+	0x65, 0x2e, 0x76, 0x33, 0x2e, 0x47, 0x72, 0x70, 0x63, 0x53, 0x65, 0x72, 0x76, 0x69, 0x63, 0x65,
+	0x42, 0x08, 0xfa, 0x42, 0x05, 0x8a, 0x01, 0x02, 0x10, 0x01, 0x52, 0x0b, 0x67, 0x72, 0x70, 0x63,
+	0x53, 0x65, 0x72, 0x76, 0x69, 0x63, 0x65, 0x12, 0x48, 0x0a, 0x0d, 0x63, 0x6c, 0x69, 0x65, 0x6e,
+	0x74, 0x5f, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x18, 0x02, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x23,
+	0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x74, 0x72,
+	0x61, 0x63, 0x65, 0x2e, 0x76, 0x33, 0x2e, 0x43, 0x6c, 0x69, 0x65, 0x6e, 0x74, 0x43, 0x6f, 0x6e,
+	0x66, 0x69, 0x67, 0x52, 0x0c, 0x63, 0x6c, 0x69, 0x65, 0x6e, 0x74, 0x43, 0x6f, 0x6e, 0x66, 0x69,
+	0x67, 0x22, 0xe4, 0x01, 0x0a, 0x0c, 0x43, 0x6c, 0x69, 0x65, 0x6e, 0x74, 0x43, 0x6f, 0x6e, 0x66,
+	0x69, 0x67, 0x12, 0x21, 0x0a, 0x0c, 0x73, 0x65, 0x72, 0x76, 0x69, 0x63, 0x65, 0x5f, 0x6e, 0x61,
+	0x6d, 0x65, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x0b, 0x73, 0x65, 0x72, 0x76, 0x69, 0x63,
+	0x65, 0x4e, 0x61, 0x6d, 0x65, 0x12, 0x23, 0x0a, 0x0d, 0x69, 0x6e, 0x73, 0x74, 0x61, 0x6e, 0x63,
+	0x65, 0x5f, 0x6e, 0x61, 0x6d, 0x65, 0x18, 0x02, 0x20, 0x01, 0x28, 0x09, 0x52, 0x0c, 0x69, 0x6e,
+	0x73, 0x74, 0x61, 0x6e, 0x63, 0x65, 0x4e, 0x61, 0x6d, 0x65, 0x12, 0x2d, 0x0a, 0x0d, 0x62, 0x61,
+	0x63, 0x6b, 0x65, 0x6e, 0x64, 0x5f, 0x74, 0x6f, 0x6b, 0x65, 0x6e, 0x18, 0x03, 0x20, 0x01, 0x28,
+	0x09, 0x42, 0x06, 0xb8, 0xb7, 0x8b, 0xa4, 0x02, 0x01, 0x48, 0x00, 0x52, 0x0c, 0x62, 0x61, 0x63,
+	0x6b, 0x65, 0x6e, 0x64, 0x54, 0x6f, 0x6b, 0x65, 0x6e, 0x12, 0x42, 0x0a, 0x0e, 0x6d, 0x61, 0x78,
+	0x5f, 0x63, 0x61, 0x63, 0x68, 0x65, 0x5f, 0x73, 0x69, 0x7a, 0x65, 0x18, 0x04, 0x20, 0x01, 0x28,
+	0x0b, 0x32, 0x1c, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f,
+	0x62, 0x75, 0x66, 0x2e, 0x55, 0x49, 0x6e, 0x74, 0x33, 0x32, 0x56, 0x61, 0x6c, 0x75, 0x65, 0x52,
+	0x0c, 0x6d, 0x61, 0x78, 0x43, 0x61, 0x63, 0x68, 0x65, 0x53, 0x69, 0x7a, 0x65, 0x42, 0x19, 0x0a,
+	0x17, 0x62, 0x61, 0x63, 0x6b, 0x65, 0x6e, 0x64, 0x5f, 0x74, 0x6f, 0x6b, 0x65, 0x6e, 0x5f, 0x73,
+	0x70, 0x65, 0x63, 0x69, 0x66, 0x69, 0x65, 0x72, 0x42, 0x73, 0x0a, 0x23, 0x69, 0x6f, 0x2e, 0x65,
+	0x6e, 0x76, 0x6f, 0x79, 0x70, 0x72, 0x6f, 0x78, 0x79, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e,
+	0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x74, 0x72, 0x61, 0x63, 0x65, 0x2e, 0x76, 0x33, 0x42,
+	0x0f, 0x53, 0x6b, 0x79, 0x77, 0x61, 0x6c, 0x6b, 0x69, 0x6e, 0x67, 0x50, 0x72, 0x6f, 0x74, 0x6f,
+	0x50, 0x01, 0xf2, 0x98, 0xfe, 0x8f, 0x05, 0x2d, 0x12, 0x2b, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e,
+	0x65, 0x78, 0x74, 0x65, 0x6e, 0x73, 0x69, 0x6f, 0x6e, 0x73, 0x2e, 0x74, 0x72, 0x61, 0x63, 0x65,
+	0x72, 0x73, 0x2e, 0x73, 0x6b, 0x79, 0x77, 0x61, 0x6c, 0x6b, 0x69, 0x6e, 0x67, 0x2e, 0x76, 0x34,
+	0x61, 0x6c, 0x70, 0x68, 0x61, 0xba, 0x80, 0xc8, 0xd1, 0x06, 0x02, 0x10, 0x02, 0x62, 0x06, 0x70,
+	0x72, 0x6f, 0x74, 0x6f, 0x33,
+}
+
+var (
+	file_envoy_config_trace_v3_skywalking_proto_rawDescOnce sync.Once
+	file_envoy_config_trace_v3_skywalking_proto_rawDescData = file_envoy_config_trace_v3_skywalking_proto_rawDesc
+)
+
+func file_envoy_config_trace_v3_skywalking_proto_rawDescGZIP() []byte {
+	file_envoy_config_trace_v3_skywalking_proto_rawDescOnce.Do(func() {
+		file_envoy_config_trace_v3_skywalking_proto_rawDescData = protoimpl.X.CompressGZIP(file_envoy_config_trace_v3_skywalking_proto_rawDescData)
+	})
+	return file_envoy_config_trace_v3_skywalking_proto_rawDescData
+}
+
+var file_envoy_config_trace_v3_skywalking_proto_msgTypes = make([]protoimpl.MessageInfo, 2)
+var file_envoy_config_trace_v3_skywalking_proto_goTypes = []interface{}{
+	(*SkyWalkingConfig)(nil),     // 0: envoy.config.trace.v3.SkyWalkingConfig
+	(*ClientConfig)(nil),         // 1: envoy.config.trace.v3.ClientConfig
+	(*v3.GrpcService)(nil),       // 2: envoy.config.core.v3.GrpcService
+	(*wrappers.UInt32Value)(nil), // 3: google.protobuf.UInt32Value
+}
+var file_envoy_config_trace_v3_skywalking_proto_depIdxs = []int32{
+	2, // 0: envoy.config.trace.v3.SkyWalkingConfig.grpc_service:type_name -> envoy.config.core.v3.GrpcService
+	1, // 1: envoy.config.trace.v3.SkyWalkingConfig.client_config:type_name -> envoy.config.trace.v3.ClientConfig
+	3, // 2: envoy.config.trace.v3.ClientConfig.max_cache_size:type_name -> google.protobuf.UInt32Value
+	3, // [3:3] is the sub-list for method output_type
+	3, // [3:3] is the sub-list for method input_type
+	3, // [3:3] is the sub-list for extension type_name
+	3, // [3:3] is the sub-list for extension extendee
+	0, // [0:3] is the sub-list for field type_name
+}
+
+func init() { file_envoy_config_trace_v3_skywalking_proto_init() }
+func file_envoy_config_trace_v3_skywalking_proto_init() {
+	if File_envoy_config_trace_v3_skywalking_proto != nil {
+		return
+	}
+	if !protoimpl.UnsafeEnabled {
+		file_envoy_config_trace_v3_skywalking_proto_msgTypes[0].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*SkyWalkingConfig); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_config_trace_v3_skywalking_proto_msgTypes[1].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*ClientConfig); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+	}
+	file_envoy_config_trace_v3_skywalking_proto_msgTypes[1].OneofWrappers = []interface{}{
+		(*ClientConfig_BackendToken)(nil),
+	}
+	type x struct{}
+	out := protoimpl.TypeBuilder{
+		File: protoimpl.DescBuilder{
+			GoPackagePath: reflect.TypeOf(x{}).PkgPath(),
+			RawDescriptor: file_envoy_config_trace_v3_skywalking_proto_rawDesc,
+			NumEnums:      0,
+			NumMessages:   2,
+			NumExtensions: 0,
+			NumServices:   0,
+		},
+		GoTypes:           file_envoy_config_trace_v3_skywalking_proto_goTypes,
+		DependencyIndexes: file_envoy_config_trace_v3_skywalking_proto_depIdxs,
+		MessageInfos:      file_envoy_config_trace_v3_skywalking_proto_msgTypes,
+	}.Build()
+	File_envoy_config_trace_v3_skywalking_proto = out.File
+	file_envoy_config_trace_v3_skywalking_proto_rawDesc = nil
+	file_envoy_config_trace_v3_skywalking_proto_goTypes = nil
+	file_envoy_config_trace_v3_skywalking_proto_depIdxs = nil
+}
diff --git a/vendor/github.com/envoyproxy/go-control-plane/envoy/config/trace/v3/skywalking.pb.validate.go b/vendor/github.com/envoyproxy/go-control-plane/envoy/config/trace/v3/skywalking.pb.validate.go
new file mode 100644
index 00000000000..74d30ebe634
--- /dev/null
+++ b/vendor/github.com/envoyproxy/go-control-plane/envoy/config/trace/v3/skywalking.pb.validate.go
@@ -0,0 +1,342 @@
+// Code generated by protoc-gen-validate. DO NOT EDIT.
+// source: envoy/config/trace/v3/skywalking.proto
+
+package envoy_config_trace_v3
+
+import (
+	"bytes"
+	"errors"
+	"fmt"
+	"net"
+	"net/mail"
+	"net/url"
+	"regexp"
+	"sort"
+	"strings"
+	"time"
+	"unicode/utf8"
+
+	"google.golang.org/protobuf/types/known/anypb"
+)
+
+// ensure the imports are used
+var (
+	_ = bytes.MinRead
+	_ = errors.New("")
+	_ = fmt.Print
+	_ = utf8.UTFMax
+	_ = (*regexp.Regexp)(nil)
+	_ = (*strings.Reader)(nil)
+	_ = net.IPv4len
+	_ = time.Duration(0)
+	_ = (*url.URL)(nil)
+	_ = (*mail.Address)(nil)
+	_ = anypb.Any{}
+	_ = sort.Sort
+)
+
+// Validate checks the field values on SkyWalkingConfig with the rules defined
+// in the proto definition for this message. If any rules are violated, the
+// first error encountered is returned, or nil if there are no violations.
+func (m *SkyWalkingConfig) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on SkyWalkingConfig with the rules
+// defined in the proto definition for this message. If any rules are
+// violated, the result is a list of violation errors wrapped in
+// SkyWalkingConfigMultiError, or nil if none found.
+func (m *SkyWalkingConfig) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *SkyWalkingConfig) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	if m.GetGrpcService() == nil {
+		err := SkyWalkingConfigValidationError{
+			field:  "GrpcService",
+			reason: "value is required",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+	}
+
+	if all {
+		switch v := interface{}(m.GetGrpcService()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, SkyWalkingConfigValidationError{
+					field:  "GrpcService",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, SkyWalkingConfigValidationError{
+					field:  "GrpcService",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetGrpcService()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return SkyWalkingConfigValidationError{
+				field:  "GrpcService",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if all {
+		switch v := interface{}(m.GetClientConfig()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, SkyWalkingConfigValidationError{
+					field:  "ClientConfig",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, SkyWalkingConfigValidationError{
+					field:  "ClientConfig",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetClientConfig()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return SkyWalkingConfigValidationError{
+				field:  "ClientConfig",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if len(errors) > 0 {
+		return SkyWalkingConfigMultiError(errors)
+	}
+	return nil
+}
+
+// SkyWalkingConfigMultiError is an error wrapping multiple validation errors
+// returned by SkyWalkingConfig.ValidateAll() if the designated constraints
+// aren't met.
+type SkyWalkingConfigMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m SkyWalkingConfigMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m SkyWalkingConfigMultiError) AllErrors() []error { return m }
+
+// SkyWalkingConfigValidationError is the validation error returned by
+// SkyWalkingConfig.Validate if the designated constraints aren't met.
+type SkyWalkingConfigValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e SkyWalkingConfigValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e SkyWalkingConfigValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e SkyWalkingConfigValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e SkyWalkingConfigValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e SkyWalkingConfigValidationError) ErrorName() string { return "SkyWalkingConfigValidationError" }
+
+// Error satisfies the builtin error interface
+func (e SkyWalkingConfigValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sSkyWalkingConfig.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = SkyWalkingConfigValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = SkyWalkingConfigValidationError{}
+
+// Validate checks the field values on ClientConfig with the rules defined in
+// the proto definition for this message. If any rules are violated, the first
+// error encountered is returned, or nil if there are no violations.
+func (m *ClientConfig) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on ClientConfig with the rules defined
+// in the proto definition for this message. If any rules are violated, the
+// result is a list of violation errors wrapped in ClientConfigMultiError, or
+// nil if none found.
+func (m *ClientConfig) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *ClientConfig) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	// no validation rules for ServiceName
+
+	// no validation rules for InstanceName
+
+	if all {
+		switch v := interface{}(m.GetMaxCacheSize()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, ClientConfigValidationError{
+					field:  "MaxCacheSize",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, ClientConfigValidationError{
+					field:  "MaxCacheSize",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetMaxCacheSize()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return ClientConfigValidationError{
+				field:  "MaxCacheSize",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	switch m.BackendTokenSpecifier.(type) {
+
+	case *ClientConfig_BackendToken:
+		// no validation rules for BackendToken
+
+	}
+
+	if len(errors) > 0 {
+		return ClientConfigMultiError(errors)
+	}
+	return nil
+}
+
+// ClientConfigMultiError is an error wrapping multiple validation errors
+// returned by ClientConfig.ValidateAll() if the designated constraints aren't met.
+type ClientConfigMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m ClientConfigMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m ClientConfigMultiError) AllErrors() []error { return m }
+
+// ClientConfigValidationError is the validation error returned by
+// ClientConfig.Validate if the designated constraints aren't met.
+type ClientConfigValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e ClientConfigValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e ClientConfigValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e ClientConfigValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e ClientConfigValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e ClientConfigValidationError) ErrorName() string { return "ClientConfigValidationError" }
+
+// Error satisfies the builtin error interface
+func (e ClientConfigValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sClientConfig.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = ClientConfigValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = ClientConfigValidationError{}
diff --git a/vendor/github.com/envoyproxy/go-control-plane/envoy/config/trace/v3/trace.pb.go b/vendor/github.com/envoyproxy/go-control-plane/envoy/config/trace/v3/trace.pb.go
new file mode 100644
index 00000000000..6b269c3f25e
--- /dev/null
+++ b/vendor/github.com/envoyproxy/go-control-plane/envoy/config/trace/v3/trace.pb.go
@@ -0,0 +1,96 @@
+// Code generated by protoc-gen-go. DO NOT EDIT.
+// versions:
+// 	protoc-gen-go v1.25.0
+// 	protoc        v3.19.1
+// source: envoy/config/trace/v3/trace.proto
+
+package envoy_config_trace_v3
+
+import (
+	proto "github.com/golang/protobuf/proto"
+	protoreflect "google.golang.org/protobuf/reflect/protoreflect"
+	protoimpl "google.golang.org/protobuf/runtime/protoimpl"
+	reflect "reflect"
+)
+
+const (
+	// Verify that this generated code is sufficiently up-to-date.
+	_ = protoimpl.EnforceVersion(20 - protoimpl.MinVersion)
+	// Verify that runtime/protoimpl is sufficiently up-to-date.
+	_ = protoimpl.EnforceVersion(protoimpl.MaxVersion - 20)
+)
+
+// This is a compile-time assertion that a sufficiently up-to-date version
+// of the legacy proto package is being used.
+const _ = proto.ProtoPackageIsVersion4
+
+var File_envoy_config_trace_v3_trace_proto protoreflect.FileDescriptor
+
+var file_envoy_config_trace_v3_trace_proto_rawDesc = []byte{
+	0x0a, 0x21, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2f, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2f, 0x74,
+	0x72, 0x61, 0x63, 0x65, 0x2f, 0x76, 0x33, 0x2f, 0x74, 0x72, 0x61, 0x63, 0x65, 0x2e, 0x70, 0x72,
+	0x6f, 0x74, 0x6f, 0x12, 0x15, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69,
+	0x67, 0x2e, 0x74, 0x72, 0x61, 0x63, 0x65, 0x2e, 0x76, 0x33, 0x1a, 0x23, 0x65, 0x6e, 0x76, 0x6f,
+	0x79, 0x2f, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2f, 0x74, 0x72, 0x61, 0x63, 0x65, 0x2f, 0x76,
+	0x33, 0x2f, 0x64, 0x61, 0x74, 0x61, 0x64, 0x6f, 0x67, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a,
+	0x26, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2f, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2f, 0x74, 0x72,
+	0x61, 0x63, 0x65, 0x2f, 0x76, 0x33, 0x2f, 0x64, 0x79, 0x6e, 0x61, 0x6d, 0x69, 0x63, 0x5f, 0x6f,
+	0x74, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x27, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2f, 0x63,
+	0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2f, 0x74, 0x72, 0x61, 0x63, 0x65, 0x2f, 0x76, 0x33, 0x2f, 0x68,
+	0x74, 0x74, 0x70, 0x5f, 0x74, 0x72, 0x61, 0x63, 0x65, 0x72, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f,
+	0x1a, 0x25, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2f, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2f, 0x74,
+	0x72, 0x61, 0x63, 0x65, 0x2f, 0x76, 0x33, 0x2f, 0x6c, 0x69, 0x67, 0x68, 0x74, 0x73, 0x74, 0x65,
+	0x70, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x26, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2f, 0x63,
+	0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2f, 0x74, 0x72, 0x61, 0x63, 0x65, 0x2f, 0x76, 0x33, 0x2f, 0x6f,
+	0x70, 0x65, 0x6e, 0x63, 0x65, 0x6e, 0x73, 0x75, 0x73, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a,
+	0x23, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2f, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2f, 0x74, 0x72,
+	0x61, 0x63, 0x65, 0x2f, 0x76, 0x33, 0x2f, 0x73, 0x65, 0x72, 0x76, 0x69, 0x63, 0x65, 0x2e, 0x70,
+	0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x22, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2f, 0x63, 0x6f, 0x6e, 0x66,
+	0x69, 0x67, 0x2f, 0x74, 0x72, 0x61, 0x63, 0x65, 0x2f, 0x76, 0x33, 0x2f, 0x7a, 0x69, 0x70, 0x6b,
+	0x69, 0x6e, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x42, 0x33, 0x0a, 0x23, 0x69, 0x6f, 0x2e, 0x65,
+	0x6e, 0x76, 0x6f, 0x79, 0x70, 0x72, 0x6f, 0x78, 0x79, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e,
+	0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x74, 0x72, 0x61, 0x63, 0x65, 0x2e, 0x76, 0x33, 0x42,
+	0x0a, 0x54, 0x72, 0x61, 0x63, 0x65, 0x50, 0x72, 0x6f, 0x74, 0x6f, 0x50, 0x01, 0x50, 0x00, 0x50,
+	0x01, 0x50, 0x02, 0x50, 0x03, 0x50, 0x04, 0x50, 0x05, 0x50, 0x06, 0x62, 0x06, 0x70, 0x72, 0x6f,
+	0x74, 0x6f, 0x33,
+}
+
+var file_envoy_config_trace_v3_trace_proto_goTypes = []interface{}{}
+var file_envoy_config_trace_v3_trace_proto_depIdxs = []int32{
+	0, // [0:0] is the sub-list for method output_type
+	0, // [0:0] is the sub-list for method input_type
+	0, // [0:0] is the sub-list for extension type_name
+	0, // [0:0] is the sub-list for extension extendee
+	0, // [0:0] is the sub-list for field type_name
+}
+
+func init() { file_envoy_config_trace_v3_trace_proto_init() }
+func file_envoy_config_trace_v3_trace_proto_init() {
+	if File_envoy_config_trace_v3_trace_proto != nil {
+		return
+	}
+	file_envoy_config_trace_v3_datadog_proto_init()
+	file_envoy_config_trace_v3_dynamic_ot_proto_init()
+	file_envoy_config_trace_v3_http_tracer_proto_init()
+	file_envoy_config_trace_v3_lightstep_proto_init()
+	file_envoy_config_trace_v3_opencensus_proto_init()
+	file_envoy_config_trace_v3_service_proto_init()
+	file_envoy_config_trace_v3_zipkin_proto_init()
+	type x struct{}
+	out := protoimpl.TypeBuilder{
+		File: protoimpl.DescBuilder{
+			GoPackagePath: reflect.TypeOf(x{}).PkgPath(),
+			RawDescriptor: file_envoy_config_trace_v3_trace_proto_rawDesc,
+			NumEnums:      0,
+			NumMessages:   0,
+			NumExtensions: 0,
+			NumServices:   0,
+		},
+		GoTypes:           file_envoy_config_trace_v3_trace_proto_goTypes,
+		DependencyIndexes: file_envoy_config_trace_v3_trace_proto_depIdxs,
+	}.Build()
+	File_envoy_config_trace_v3_trace_proto = out.File
+	file_envoy_config_trace_v3_trace_proto_rawDesc = nil
+	file_envoy_config_trace_v3_trace_proto_goTypes = nil
+	file_envoy_config_trace_v3_trace_proto_depIdxs = nil
+}
diff --git a/vendor/github.com/envoyproxy/go-control-plane/envoy/config/trace/v3/trace.pb.validate.go b/vendor/github.com/envoyproxy/go-control-plane/envoy/config/trace/v3/trace.pb.validate.go
new file mode 100644
index 00000000000..2bb78561c94
--- /dev/null
+++ b/vendor/github.com/envoyproxy/go-control-plane/envoy/config/trace/v3/trace.pb.validate.go
@@ -0,0 +1,36 @@
+// Code generated by protoc-gen-validate. DO NOT EDIT.
+// source: envoy/config/trace/v3/trace.proto
+
+package envoy_config_trace_v3
+
+import (
+	"bytes"
+	"errors"
+	"fmt"
+	"net"
+	"net/mail"
+	"net/url"
+	"regexp"
+	"sort"
+	"strings"
+	"time"
+	"unicode/utf8"
+
+	"google.golang.org/protobuf/types/known/anypb"
+)
+
+// ensure the imports are used
+var (
+	_ = bytes.MinRead
+	_ = errors.New("")
+	_ = fmt.Print
+	_ = utf8.UTFMax
+	_ = (*regexp.Regexp)(nil)
+	_ = (*strings.Reader)(nil)
+	_ = net.IPv4len
+	_ = time.Duration(0)
+	_ = (*url.URL)(nil)
+	_ = (*mail.Address)(nil)
+	_ = anypb.Any{}
+	_ = sort.Sort
+)
diff --git a/vendor/github.com/envoyproxy/go-control-plane/envoy/config/trace/v3/xray.pb.go b/vendor/github.com/envoyproxy/go-control-plane/envoy/config/trace/v3/xray.pb.go
new file mode 100644
index 00000000000..230ba0f975a
--- /dev/null
+++ b/vendor/github.com/envoyproxy/go-control-plane/envoy/config/trace/v3/xray.pb.go
@@ -0,0 +1,311 @@
+// Code generated by protoc-gen-go. DO NOT EDIT.
+// versions:
+// 	protoc-gen-go v1.25.0
+// 	protoc        v3.19.1
+// source: envoy/config/trace/v3/xray.proto
+
+package envoy_config_trace_v3
+
+import (
+	_ "github.com/cncf/xds/go/udpa/annotations"
+	v3 "github.com/envoyproxy/go-control-plane/envoy/config/core/v3"
+	_ "github.com/envoyproxy/protoc-gen-validate/validate"
+	proto "github.com/golang/protobuf/proto"
+	_struct "github.com/golang/protobuf/ptypes/struct"
+	protoreflect "google.golang.org/protobuf/reflect/protoreflect"
+	protoimpl "google.golang.org/protobuf/runtime/protoimpl"
+	reflect "reflect"
+	sync "sync"
+)
+
+const (
+	// Verify that this generated code is sufficiently up-to-date.
+	_ = protoimpl.EnforceVersion(20 - protoimpl.MinVersion)
+	// Verify that runtime/protoimpl is sufficiently up-to-date.
+	_ = protoimpl.EnforceVersion(protoimpl.MaxVersion - 20)
+)
+
+// This is a compile-time assertion that a sufficiently up-to-date version
+// of the legacy proto package is being used.
+const _ = proto.ProtoPackageIsVersion4
+
+// [#extension: envoy.tracers.xray]
+type XRayConfig struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// The UDP endpoint of the X-Ray Daemon where the spans will be sent.
+	// If this value is not set, the default value of 127.0.0.1:2000 will be used.
+	DaemonEndpoint *v3.SocketAddress `protobuf:"bytes,1,opt,name=daemon_endpoint,json=daemonEndpoint,proto3" json:"daemon_endpoint,omitempty"`
+	// The name of the X-Ray segment.
+	SegmentName string `protobuf:"bytes,2,opt,name=segment_name,json=segmentName,proto3" json:"segment_name,omitempty"`
+	// The location of a local custom sampling rules JSON file.
+	// For an example of the sampling rules see:
+	// `X-Ray SDK documentation
+	// <https://docs.aws.amazon.com/xray/latest/devguide/xray-sdk-go-configuration.html#xray-sdk-go-configuration-sampling>`_
+	SamplingRuleManifest *v3.DataSource `protobuf:"bytes,3,opt,name=sampling_rule_manifest,json=samplingRuleManifest,proto3" json:"sampling_rule_manifest,omitempty"`
+	// Optional custom fields to be added to each trace segment.
+	// see: `X-Ray Segment Document documentation
+	// <https://docs.aws.amazon.com/xray/latest/devguide/xray-api-segmentdocuments.html>`__
+	SegmentFields *XRayConfig_SegmentFields `protobuf:"bytes,4,opt,name=segment_fields,json=segmentFields,proto3" json:"segment_fields,omitempty"`
+}
+
+func (x *XRayConfig) Reset() {
+	*x = XRayConfig{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_config_trace_v3_xray_proto_msgTypes[0]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *XRayConfig) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*XRayConfig) ProtoMessage() {}
+
+func (x *XRayConfig) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_config_trace_v3_xray_proto_msgTypes[0]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use XRayConfig.ProtoReflect.Descriptor instead.
+func (*XRayConfig) Descriptor() ([]byte, []int) {
+	return file_envoy_config_trace_v3_xray_proto_rawDescGZIP(), []int{0}
+}
+
+func (x *XRayConfig) GetDaemonEndpoint() *v3.SocketAddress {
+	if x != nil {
+		return x.DaemonEndpoint
+	}
+	return nil
+}
+
+func (x *XRayConfig) GetSegmentName() string {
+	if x != nil {
+		return x.SegmentName
+	}
+	return ""
+}
+
+func (x *XRayConfig) GetSamplingRuleManifest() *v3.DataSource {
+	if x != nil {
+		return x.SamplingRuleManifest
+	}
+	return nil
+}
+
+func (x *XRayConfig) GetSegmentFields() *XRayConfig_SegmentFields {
+	if x != nil {
+		return x.SegmentFields
+	}
+	return nil
+}
+
+type XRayConfig_SegmentFields struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// The type of AWS resource, e.g. "AWS::AppMesh::Proxy".
+	Origin string `protobuf:"bytes,1,opt,name=origin,proto3" json:"origin,omitempty"`
+	// AWS resource metadata dictionary.
+	// See: `X-Ray Segment Document documentation <https://docs.aws.amazon.com/xray/latest/devguide/xray-api-segmentdocuments.html#api-segmentdocuments-aws>`__
+	Aws *_struct.Struct `protobuf:"bytes,2,opt,name=aws,proto3" json:"aws,omitempty"`
+}
+
+func (x *XRayConfig_SegmentFields) Reset() {
+	*x = XRayConfig_SegmentFields{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_config_trace_v3_xray_proto_msgTypes[1]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *XRayConfig_SegmentFields) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*XRayConfig_SegmentFields) ProtoMessage() {}
+
+func (x *XRayConfig_SegmentFields) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_config_trace_v3_xray_proto_msgTypes[1]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use XRayConfig_SegmentFields.ProtoReflect.Descriptor instead.
+func (*XRayConfig_SegmentFields) Descriptor() ([]byte, []int) {
+	return file_envoy_config_trace_v3_xray_proto_rawDescGZIP(), []int{0, 0}
+}
+
+func (x *XRayConfig_SegmentFields) GetOrigin() string {
+	if x != nil {
+		return x.Origin
+	}
+	return ""
+}
+
+func (x *XRayConfig_SegmentFields) GetAws() *_struct.Struct {
+	if x != nil {
+		return x.Aws
+	}
+	return nil
+}
+
+var File_envoy_config_trace_v3_xray_proto protoreflect.FileDescriptor
+
+var file_envoy_config_trace_v3_xray_proto_rawDesc = []byte{
+	0x0a, 0x20, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2f, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2f, 0x74,
+	0x72, 0x61, 0x63, 0x65, 0x2f, 0x76, 0x33, 0x2f, 0x78, 0x72, 0x61, 0x79, 0x2e, 0x70, 0x72, 0x6f,
+	0x74, 0x6f, 0x12, 0x15, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67,
+	0x2e, 0x74, 0x72, 0x61, 0x63, 0x65, 0x2e, 0x76, 0x33, 0x1a, 0x22, 0x65, 0x6e, 0x76, 0x6f, 0x79,
+	0x2f, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2f, 0x63, 0x6f, 0x72, 0x65, 0x2f, 0x76, 0x33, 0x2f,
+	0x61, 0x64, 0x64, 0x72, 0x65, 0x73, 0x73, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x1f, 0x65,
+	0x6e, 0x76, 0x6f, 0x79, 0x2f, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2f, 0x63, 0x6f, 0x72, 0x65,
+	0x2f, 0x76, 0x33, 0x2f, 0x62, 0x61, 0x73, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x1c,
+	0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2f, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2f,
+	0x73, 0x74, 0x72, 0x75, 0x63, 0x74, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x1e, 0x75, 0x64,
+	0x70, 0x61, 0x2f, 0x61, 0x6e, 0x6e, 0x6f, 0x74, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x2f, 0x6d,
+	0x69, 0x67, 0x72, 0x61, 0x74, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x1d, 0x75, 0x64,
+	0x70, 0x61, 0x2f, 0x61, 0x6e, 0x6e, 0x6f, 0x74, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x2f, 0x73,
+	0x74, 0x61, 0x74, 0x75, 0x73, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x21, 0x75, 0x64, 0x70,
+	0x61, 0x2f, 0x61, 0x6e, 0x6e, 0x6f, 0x74, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x2f, 0x76, 0x65,
+	0x72, 0x73, 0x69, 0x6f, 0x6e, 0x69, 0x6e, 0x67, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x17,
+	0x76, 0x61, 0x6c, 0x69, 0x64, 0x61, 0x74, 0x65, 0x2f, 0x76, 0x61, 0x6c, 0x69, 0x64, 0x61, 0x74,
+	0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x22, 0xb8, 0x03, 0x0a, 0x0a, 0x58, 0x52, 0x61, 0x79,
+	0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x12, 0x4c, 0x0a, 0x0f, 0x64, 0x61, 0x65, 0x6d, 0x6f, 0x6e,
+	0x5f, 0x65, 0x6e, 0x64, 0x70, 0x6f, 0x69, 0x6e, 0x74, 0x18, 0x01, 0x20, 0x01, 0x28, 0x0b, 0x32,
+	0x23, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x63,
+	0x6f, 0x72, 0x65, 0x2e, 0x76, 0x33, 0x2e, 0x53, 0x6f, 0x63, 0x6b, 0x65, 0x74, 0x41, 0x64, 0x64,
+	0x72, 0x65, 0x73, 0x73, 0x52, 0x0e, 0x64, 0x61, 0x65, 0x6d, 0x6f, 0x6e, 0x45, 0x6e, 0x64, 0x70,
+	0x6f, 0x69, 0x6e, 0x74, 0x12, 0x2a, 0x0a, 0x0c, 0x73, 0x65, 0x67, 0x6d, 0x65, 0x6e, 0x74, 0x5f,
+	0x6e, 0x61, 0x6d, 0x65, 0x18, 0x02, 0x20, 0x01, 0x28, 0x09, 0x42, 0x07, 0xfa, 0x42, 0x04, 0x72,
+	0x02, 0x10, 0x01, 0x52, 0x0b, 0x73, 0x65, 0x67, 0x6d, 0x65, 0x6e, 0x74, 0x4e, 0x61, 0x6d, 0x65,
+	0x12, 0x56, 0x0a, 0x16, 0x73, 0x61, 0x6d, 0x70, 0x6c, 0x69, 0x6e, 0x67, 0x5f, 0x72, 0x75, 0x6c,
+	0x65, 0x5f, 0x6d, 0x61, 0x6e, 0x69, 0x66, 0x65, 0x73, 0x74, 0x18, 0x03, 0x20, 0x01, 0x28, 0x0b,
+	0x32, 0x20, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e,
+	0x63, 0x6f, 0x72, 0x65, 0x2e, 0x76, 0x33, 0x2e, 0x44, 0x61, 0x74, 0x61, 0x53, 0x6f, 0x75, 0x72,
+	0x63, 0x65, 0x52, 0x14, 0x73, 0x61, 0x6d, 0x70, 0x6c, 0x69, 0x6e, 0x67, 0x52, 0x75, 0x6c, 0x65,
+	0x4d, 0x61, 0x6e, 0x69, 0x66, 0x65, 0x73, 0x74, 0x12, 0x56, 0x0a, 0x0e, 0x73, 0x65, 0x67, 0x6d,
+	0x65, 0x6e, 0x74, 0x5f, 0x66, 0x69, 0x65, 0x6c, 0x64, 0x73, 0x18, 0x04, 0x20, 0x01, 0x28, 0x0b,
+	0x32, 0x2f, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e,
+	0x74, 0x72, 0x61, 0x63, 0x65, 0x2e, 0x76, 0x33, 0x2e, 0x58, 0x52, 0x61, 0x79, 0x43, 0x6f, 0x6e,
+	0x66, 0x69, 0x67, 0x2e, 0x53, 0x65, 0x67, 0x6d, 0x65, 0x6e, 0x74, 0x46, 0x69, 0x65, 0x6c, 0x64,
+	0x73, 0x52, 0x0d, 0x73, 0x65, 0x67, 0x6d, 0x65, 0x6e, 0x74, 0x46, 0x69, 0x65, 0x6c, 0x64, 0x73,
+	0x1a, 0x52, 0x0a, 0x0d, 0x53, 0x65, 0x67, 0x6d, 0x65, 0x6e, 0x74, 0x46, 0x69, 0x65, 0x6c, 0x64,
+	0x73, 0x12, 0x16, 0x0a, 0x06, 0x6f, 0x72, 0x69, 0x67, 0x69, 0x6e, 0x18, 0x01, 0x20, 0x01, 0x28,
+	0x09, 0x52, 0x06, 0x6f, 0x72, 0x69, 0x67, 0x69, 0x6e, 0x12, 0x29, 0x0a, 0x03, 0x61, 0x77, 0x73,
+	0x18, 0x02, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x17, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e,
+	0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x53, 0x74, 0x72, 0x75, 0x63, 0x74, 0x52,
+	0x03, 0x61, 0x77, 0x73, 0x3a, 0x2c, 0x9a, 0xc5, 0x88, 0x1e, 0x27, 0x0a, 0x25, 0x65, 0x6e, 0x76,
+	0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x74, 0x72, 0x61, 0x63, 0x65, 0x2e,
+	0x76, 0x32, 0x61, 0x6c, 0x70, 0x68, 0x61, 0x2e, 0x58, 0x52, 0x61, 0x79, 0x43, 0x6f, 0x6e, 0x66,
+	0x69, 0x67, 0x42, 0x67, 0x0a, 0x23, 0x69, 0x6f, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x70, 0x72,
+	0x6f, 0x78, 0x79, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67,
+	0x2e, 0x74, 0x72, 0x61, 0x63, 0x65, 0x2e, 0x76, 0x33, 0x42, 0x09, 0x58, 0x72, 0x61, 0x79, 0x50,
+	0x72, 0x6f, 0x74, 0x6f, 0x50, 0x01, 0xf2, 0x98, 0xfe, 0x8f, 0x05, 0x27, 0x12, 0x25, 0x65, 0x6e,
+	0x76, 0x6f, 0x79, 0x2e, 0x65, 0x78, 0x74, 0x65, 0x6e, 0x73, 0x69, 0x6f, 0x6e, 0x73, 0x2e, 0x74,
+	0x72, 0x61, 0x63, 0x65, 0x72, 0x73, 0x2e, 0x78, 0x72, 0x61, 0x79, 0x2e, 0x76, 0x34, 0x61, 0x6c,
+	0x70, 0x68, 0x61, 0xba, 0x80, 0xc8, 0xd1, 0x06, 0x02, 0x10, 0x02, 0x62, 0x06, 0x70, 0x72, 0x6f,
+	0x74, 0x6f, 0x33,
+}
+
+var (
+	file_envoy_config_trace_v3_xray_proto_rawDescOnce sync.Once
+	file_envoy_config_trace_v3_xray_proto_rawDescData = file_envoy_config_trace_v3_xray_proto_rawDesc
+)
+
+func file_envoy_config_trace_v3_xray_proto_rawDescGZIP() []byte {
+	file_envoy_config_trace_v3_xray_proto_rawDescOnce.Do(func() {
+		file_envoy_config_trace_v3_xray_proto_rawDescData = protoimpl.X.CompressGZIP(file_envoy_config_trace_v3_xray_proto_rawDescData)
+	})
+	return file_envoy_config_trace_v3_xray_proto_rawDescData
+}
+
+var file_envoy_config_trace_v3_xray_proto_msgTypes = make([]protoimpl.MessageInfo, 2)
+var file_envoy_config_trace_v3_xray_proto_goTypes = []interface{}{
+	(*XRayConfig)(nil),               // 0: envoy.config.trace.v3.XRayConfig
+	(*XRayConfig_SegmentFields)(nil), // 1: envoy.config.trace.v3.XRayConfig.SegmentFields
+	(*v3.SocketAddress)(nil),         // 2: envoy.config.core.v3.SocketAddress
+	(*v3.DataSource)(nil),            // 3: envoy.config.core.v3.DataSource
+	(*_struct.Struct)(nil),           // 4: google.protobuf.Struct
+}
+var file_envoy_config_trace_v3_xray_proto_depIdxs = []int32{
+	2, // 0: envoy.config.trace.v3.XRayConfig.daemon_endpoint:type_name -> envoy.config.core.v3.SocketAddress
+	3, // 1: envoy.config.trace.v3.XRayConfig.sampling_rule_manifest:type_name -> envoy.config.core.v3.DataSource
+	1, // 2: envoy.config.trace.v3.XRayConfig.segment_fields:type_name -> envoy.config.trace.v3.XRayConfig.SegmentFields
+	4, // 3: envoy.config.trace.v3.XRayConfig.SegmentFields.aws:type_name -> google.protobuf.Struct
+	4, // [4:4] is the sub-list for method output_type
+	4, // [4:4] is the sub-list for method input_type
+	4, // [4:4] is the sub-list for extension type_name
+	4, // [4:4] is the sub-list for extension extendee
+	0, // [0:4] is the sub-list for field type_name
+}
+
+func init() { file_envoy_config_trace_v3_xray_proto_init() }
+func file_envoy_config_trace_v3_xray_proto_init() {
+	if File_envoy_config_trace_v3_xray_proto != nil {
+		return
+	}
+	if !protoimpl.UnsafeEnabled {
+		file_envoy_config_trace_v3_xray_proto_msgTypes[0].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*XRayConfig); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_config_trace_v3_xray_proto_msgTypes[1].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*XRayConfig_SegmentFields); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+	}
+	type x struct{}
+	out := protoimpl.TypeBuilder{
+		File: protoimpl.DescBuilder{
+			GoPackagePath: reflect.TypeOf(x{}).PkgPath(),
+			RawDescriptor: file_envoy_config_trace_v3_xray_proto_rawDesc,
+			NumEnums:      0,
+			NumMessages:   2,
+			NumExtensions: 0,
+			NumServices:   0,
+		},
+		GoTypes:           file_envoy_config_trace_v3_xray_proto_goTypes,
+		DependencyIndexes: file_envoy_config_trace_v3_xray_proto_depIdxs,
+		MessageInfos:      file_envoy_config_trace_v3_xray_proto_msgTypes,
+	}.Build()
+	File_envoy_config_trace_v3_xray_proto = out.File
+	file_envoy_config_trace_v3_xray_proto_rawDesc = nil
+	file_envoy_config_trace_v3_xray_proto_goTypes = nil
+	file_envoy_config_trace_v3_xray_proto_depIdxs = nil
+}
diff --git a/vendor/github.com/envoyproxy/go-control-plane/envoy/config/trace/v3/xray.pb.validate.go b/vendor/github.com/envoyproxy/go-control-plane/envoy/config/trace/v3/xray.pb.validate.go
new file mode 100644
index 00000000000..227cc7d81b0
--- /dev/null
+++ b/vendor/github.com/envoyproxy/go-control-plane/envoy/config/trace/v3/xray.pb.validate.go
@@ -0,0 +1,364 @@
+// Code generated by protoc-gen-validate. DO NOT EDIT.
+// source: envoy/config/trace/v3/xray.proto
+
+package envoy_config_trace_v3
+
+import (
+	"bytes"
+	"errors"
+	"fmt"
+	"net"
+	"net/mail"
+	"net/url"
+	"regexp"
+	"sort"
+	"strings"
+	"time"
+	"unicode/utf8"
+
+	"google.golang.org/protobuf/types/known/anypb"
+)
+
+// ensure the imports are used
+var (
+	_ = bytes.MinRead
+	_ = errors.New("")
+	_ = fmt.Print
+	_ = utf8.UTFMax
+	_ = (*regexp.Regexp)(nil)
+	_ = (*strings.Reader)(nil)
+	_ = net.IPv4len
+	_ = time.Duration(0)
+	_ = (*url.URL)(nil)
+	_ = (*mail.Address)(nil)
+	_ = anypb.Any{}
+	_ = sort.Sort
+)
+
+// Validate checks the field values on XRayConfig with the rules defined in the
+// proto definition for this message. If any rules are violated, the first
+// error encountered is returned, or nil if there are no violations.
+func (m *XRayConfig) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on XRayConfig with the rules defined in
+// the proto definition for this message. If any rules are violated, the
+// result is a list of violation errors wrapped in XRayConfigMultiError, or
+// nil if none found.
+func (m *XRayConfig) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *XRayConfig) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	if all {
+		switch v := interface{}(m.GetDaemonEndpoint()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, XRayConfigValidationError{
+					field:  "DaemonEndpoint",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, XRayConfigValidationError{
+					field:  "DaemonEndpoint",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetDaemonEndpoint()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return XRayConfigValidationError{
+				field:  "DaemonEndpoint",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if utf8.RuneCountInString(m.GetSegmentName()) < 1 {
+		err := XRayConfigValidationError{
+			field:  "SegmentName",
+			reason: "value length must be at least 1 runes",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+	}
+
+	if all {
+		switch v := interface{}(m.GetSamplingRuleManifest()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, XRayConfigValidationError{
+					field:  "SamplingRuleManifest",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, XRayConfigValidationError{
+					field:  "SamplingRuleManifest",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetSamplingRuleManifest()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return XRayConfigValidationError{
+				field:  "SamplingRuleManifest",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if all {
+		switch v := interface{}(m.GetSegmentFields()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, XRayConfigValidationError{
+					field:  "SegmentFields",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, XRayConfigValidationError{
+					field:  "SegmentFields",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetSegmentFields()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return XRayConfigValidationError{
+				field:  "SegmentFields",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if len(errors) > 0 {
+		return XRayConfigMultiError(errors)
+	}
+	return nil
+}
+
+// XRayConfigMultiError is an error wrapping multiple validation errors
+// returned by XRayConfig.ValidateAll() if the designated constraints aren't met.
+type XRayConfigMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m XRayConfigMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m XRayConfigMultiError) AllErrors() []error { return m }
+
+// XRayConfigValidationError is the validation error returned by
+// XRayConfig.Validate if the designated constraints aren't met.
+type XRayConfigValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e XRayConfigValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e XRayConfigValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e XRayConfigValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e XRayConfigValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e XRayConfigValidationError) ErrorName() string { return "XRayConfigValidationError" }
+
+// Error satisfies the builtin error interface
+func (e XRayConfigValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sXRayConfig.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = XRayConfigValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = XRayConfigValidationError{}
+
+// Validate checks the field values on XRayConfig_SegmentFields with the rules
+// defined in the proto definition for this message. If any rules are
+// violated, the first error encountered is returned, or nil if there are no violations.
+func (m *XRayConfig_SegmentFields) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on XRayConfig_SegmentFields with the
+// rules defined in the proto definition for this message. If any rules are
+// violated, the result is a list of violation errors wrapped in
+// XRayConfig_SegmentFieldsMultiError, or nil if none found.
+func (m *XRayConfig_SegmentFields) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *XRayConfig_SegmentFields) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	// no validation rules for Origin
+
+	if all {
+		switch v := interface{}(m.GetAws()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, XRayConfig_SegmentFieldsValidationError{
+					field:  "Aws",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, XRayConfig_SegmentFieldsValidationError{
+					field:  "Aws",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetAws()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return XRayConfig_SegmentFieldsValidationError{
+				field:  "Aws",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if len(errors) > 0 {
+		return XRayConfig_SegmentFieldsMultiError(errors)
+	}
+	return nil
+}
+
+// XRayConfig_SegmentFieldsMultiError is an error wrapping multiple validation
+// errors returned by XRayConfig_SegmentFields.ValidateAll() if the designated
+// constraints aren't met.
+type XRayConfig_SegmentFieldsMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m XRayConfig_SegmentFieldsMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m XRayConfig_SegmentFieldsMultiError) AllErrors() []error { return m }
+
+// XRayConfig_SegmentFieldsValidationError is the validation error returned by
+// XRayConfig_SegmentFields.Validate if the designated constraints aren't met.
+type XRayConfig_SegmentFieldsValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e XRayConfig_SegmentFieldsValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e XRayConfig_SegmentFieldsValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e XRayConfig_SegmentFieldsValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e XRayConfig_SegmentFieldsValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e XRayConfig_SegmentFieldsValidationError) ErrorName() string {
+	return "XRayConfig_SegmentFieldsValidationError"
+}
+
+// Error satisfies the builtin error interface
+func (e XRayConfig_SegmentFieldsValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sXRayConfig_SegmentFields.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = XRayConfig_SegmentFieldsValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = XRayConfig_SegmentFieldsValidationError{}
diff --git a/vendor/github.com/envoyproxy/go-control-plane/envoy/config/trace/v3/zipkin.pb.go b/vendor/github.com/envoyproxy/go-control-plane/envoy/config/trace/v3/zipkin.pb.go
new file mode 100644
index 00000000000..194bb951371
--- /dev/null
+++ b/vendor/github.com/envoyproxy/go-control-plane/envoy/config/trace/v3/zipkin.pb.go
@@ -0,0 +1,329 @@
+// Code generated by protoc-gen-go. DO NOT EDIT.
+// versions:
+// 	protoc-gen-go v1.25.0
+// 	protoc        v3.19.1
+// source: envoy/config/trace/v3/zipkin.proto
+
+package envoy_config_trace_v3
+
+import (
+	_ "github.com/cncf/xds/go/udpa/annotations"
+	_ "github.com/envoyproxy/go-control-plane/envoy/annotations"
+	_ "github.com/envoyproxy/protoc-gen-validate/validate"
+	proto "github.com/golang/protobuf/proto"
+	wrappers "github.com/golang/protobuf/ptypes/wrappers"
+	protoreflect "google.golang.org/protobuf/reflect/protoreflect"
+	protoimpl "google.golang.org/protobuf/runtime/protoimpl"
+	reflect "reflect"
+	sync "sync"
+)
+
+const (
+	// Verify that this generated code is sufficiently up-to-date.
+	_ = protoimpl.EnforceVersion(20 - protoimpl.MinVersion)
+	// Verify that runtime/protoimpl is sufficiently up-to-date.
+	_ = protoimpl.EnforceVersion(protoimpl.MaxVersion - 20)
+)
+
+// This is a compile-time assertion that a sufficiently up-to-date version
+// of the legacy proto package is being used.
+const _ = proto.ProtoPackageIsVersion4
+
+// Available Zipkin collector endpoint versions.
+type ZipkinConfig_CollectorEndpointVersion int32
+
+const (
+	// Zipkin API v1, JSON over HTTP.
+	// [#comment: The default implementation of Zipkin client before this field is added was only v1
+	// and the way user configure this was by not explicitly specifying the version. Consequently,
+	// before this is added, the corresponding Zipkin collector expected to receive v1 payload.
+	// Hence the motivation of adding HTTP_JSON_V1 as the default is to avoid a breaking change when
+	// user upgrading Envoy with this change. Furthermore, we also immediately deprecate this field,
+	// since in Zipkin realm this v1 version is considered to be not preferable anymore.]
+	//
+	// Deprecated: Do not use.
+	ZipkinConfig_DEPRECATED_AND_UNAVAILABLE_DO_NOT_USE ZipkinConfig_CollectorEndpointVersion = 0
+	// Zipkin API v2, JSON over HTTP.
+	ZipkinConfig_HTTP_JSON ZipkinConfig_CollectorEndpointVersion = 1
+	// Zipkin API v2, protobuf over HTTP.
+	ZipkinConfig_HTTP_PROTO ZipkinConfig_CollectorEndpointVersion = 2
+	// [#not-implemented-hide:]
+	ZipkinConfig_GRPC ZipkinConfig_CollectorEndpointVersion = 3
+)
+
+// Enum value maps for ZipkinConfig_CollectorEndpointVersion.
+var (
+	ZipkinConfig_CollectorEndpointVersion_name = map[int32]string{
+		0: "DEPRECATED_AND_UNAVAILABLE_DO_NOT_USE",
+		1: "HTTP_JSON",
+		2: "HTTP_PROTO",
+		3: "GRPC",
+	}
+	ZipkinConfig_CollectorEndpointVersion_value = map[string]int32{
+		"DEPRECATED_AND_UNAVAILABLE_DO_NOT_USE": 0,
+		"HTTP_JSON":                             1,
+		"HTTP_PROTO":                            2,
+		"GRPC":                                  3,
+	}
+)
+
+func (x ZipkinConfig_CollectorEndpointVersion) Enum() *ZipkinConfig_CollectorEndpointVersion {
+	p := new(ZipkinConfig_CollectorEndpointVersion)
+	*p = x
+	return p
+}
+
+func (x ZipkinConfig_CollectorEndpointVersion) String() string {
+	return protoimpl.X.EnumStringOf(x.Descriptor(), protoreflect.EnumNumber(x))
+}
+
+func (ZipkinConfig_CollectorEndpointVersion) Descriptor() protoreflect.EnumDescriptor {
+	return file_envoy_config_trace_v3_zipkin_proto_enumTypes[0].Descriptor()
+}
+
+func (ZipkinConfig_CollectorEndpointVersion) Type() protoreflect.EnumType {
+	return &file_envoy_config_trace_v3_zipkin_proto_enumTypes[0]
+}
+
+func (x ZipkinConfig_CollectorEndpointVersion) Number() protoreflect.EnumNumber {
+	return protoreflect.EnumNumber(x)
+}
+
+// Deprecated: Use ZipkinConfig_CollectorEndpointVersion.Descriptor instead.
+func (ZipkinConfig_CollectorEndpointVersion) EnumDescriptor() ([]byte, []int) {
+	return file_envoy_config_trace_v3_zipkin_proto_rawDescGZIP(), []int{0, 0}
+}
+
+// Configuration for the Zipkin tracer.
+// [#extension: envoy.tracers.zipkin]
+// [#next-free-field: 7]
+type ZipkinConfig struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// The cluster manager cluster that hosts the Zipkin collectors.
+	CollectorCluster string `protobuf:"bytes,1,opt,name=collector_cluster,json=collectorCluster,proto3" json:"collector_cluster,omitempty"`
+	// The API endpoint of the Zipkin service where the spans will be sent. When
+	// using a standard Zipkin installation.
+	CollectorEndpoint string `protobuf:"bytes,2,opt,name=collector_endpoint,json=collectorEndpoint,proto3" json:"collector_endpoint,omitempty"`
+	// Determines whether a 128bit trace id will be used when creating a new
+	// trace instance. The default value is false, which will result in a 64 bit trace id being used.
+	TraceId_128Bit bool `protobuf:"varint,3,opt,name=trace_id_128bit,json=traceId128bit,proto3" json:"trace_id_128bit,omitempty"`
+	// Determines whether client and server spans will share the same span context.
+	// The default value is true.
+	SharedSpanContext *wrappers.BoolValue `protobuf:"bytes,4,opt,name=shared_span_context,json=sharedSpanContext,proto3" json:"shared_span_context,omitempty"`
+	// Determines the selected collector endpoint version.
+	CollectorEndpointVersion ZipkinConfig_CollectorEndpointVersion `protobuf:"varint,5,opt,name=collector_endpoint_version,json=collectorEndpointVersion,proto3,enum=envoy.config.trace.v3.ZipkinConfig_CollectorEndpointVersion" json:"collector_endpoint_version,omitempty"`
+	// Optional hostname to use when sending spans to the collector_cluster. Useful for collectors
+	// that require a specific hostname. Defaults to :ref:`collector_cluster <envoy_v3_api_field_config.trace.v3.ZipkinConfig.collector_cluster>` above.
+	CollectorHostname string `protobuf:"bytes,6,opt,name=collector_hostname,json=collectorHostname,proto3" json:"collector_hostname,omitempty"`
+}
+
+func (x *ZipkinConfig) Reset() {
+	*x = ZipkinConfig{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_config_trace_v3_zipkin_proto_msgTypes[0]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *ZipkinConfig) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*ZipkinConfig) ProtoMessage() {}
+
+func (x *ZipkinConfig) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_config_trace_v3_zipkin_proto_msgTypes[0]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use ZipkinConfig.ProtoReflect.Descriptor instead.
+func (*ZipkinConfig) Descriptor() ([]byte, []int) {
+	return file_envoy_config_trace_v3_zipkin_proto_rawDescGZIP(), []int{0}
+}
+
+func (x *ZipkinConfig) GetCollectorCluster() string {
+	if x != nil {
+		return x.CollectorCluster
+	}
+	return ""
+}
+
+func (x *ZipkinConfig) GetCollectorEndpoint() string {
+	if x != nil {
+		return x.CollectorEndpoint
+	}
+	return ""
+}
+
+func (x *ZipkinConfig) GetTraceId_128Bit() bool {
+	if x != nil {
+		return x.TraceId_128Bit
+	}
+	return false
+}
+
+func (x *ZipkinConfig) GetSharedSpanContext() *wrappers.BoolValue {
+	if x != nil {
+		return x.SharedSpanContext
+	}
+	return nil
+}
+
+func (x *ZipkinConfig) GetCollectorEndpointVersion() ZipkinConfig_CollectorEndpointVersion {
+	if x != nil {
+		return x.CollectorEndpointVersion
+	}
+	return ZipkinConfig_DEPRECATED_AND_UNAVAILABLE_DO_NOT_USE
+}
+
+func (x *ZipkinConfig) GetCollectorHostname() string {
+	if x != nil {
+		return x.CollectorHostname
+	}
+	return ""
+}
+
+var File_envoy_config_trace_v3_zipkin_proto protoreflect.FileDescriptor
+
+var file_envoy_config_trace_v3_zipkin_proto_rawDesc = []byte{
+	0x0a, 0x22, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2f, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2f, 0x74,
+	0x72, 0x61, 0x63, 0x65, 0x2f, 0x76, 0x33, 0x2f, 0x7a, 0x69, 0x70, 0x6b, 0x69, 0x6e, 0x2e, 0x70,
+	0x72, 0x6f, 0x74, 0x6f, 0x12, 0x15, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66,
+	0x69, 0x67, 0x2e, 0x74, 0x72, 0x61, 0x63, 0x65, 0x2e, 0x76, 0x33, 0x1a, 0x1e, 0x67, 0x6f, 0x6f,
+	0x67, 0x6c, 0x65, 0x2f, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2f, 0x77, 0x72, 0x61,
+	0x70, 0x70, 0x65, 0x72, 0x73, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x23, 0x65, 0x6e, 0x76,
+	0x6f, 0x79, 0x2f, 0x61, 0x6e, 0x6e, 0x6f, 0x74, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x2f, 0x64,
+	0x65, 0x70, 0x72, 0x65, 0x63, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f,
+	0x1a, 0x1e, 0x75, 0x64, 0x70, 0x61, 0x2f, 0x61, 0x6e, 0x6e, 0x6f, 0x74, 0x61, 0x74, 0x69, 0x6f,
+	0x6e, 0x73, 0x2f, 0x6d, 0x69, 0x67, 0x72, 0x61, 0x74, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f,
+	0x1a, 0x1d, 0x75, 0x64, 0x70, 0x61, 0x2f, 0x61, 0x6e, 0x6e, 0x6f, 0x74, 0x61, 0x74, 0x69, 0x6f,
+	0x6e, 0x73, 0x2f, 0x73, 0x74, 0x61, 0x74, 0x75, 0x73, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a,
+	0x21, 0x75, 0x64, 0x70, 0x61, 0x2f, 0x61, 0x6e, 0x6e, 0x6f, 0x74, 0x61, 0x74, 0x69, 0x6f, 0x6e,
+	0x73, 0x2f, 0x76, 0x65, 0x72, 0x73, 0x69, 0x6f, 0x6e, 0x69, 0x6e, 0x67, 0x2e, 0x70, 0x72, 0x6f,
+	0x74, 0x6f, 0x1a, 0x17, 0x76, 0x61, 0x6c, 0x69, 0x64, 0x61, 0x74, 0x65, 0x2f, 0x76, 0x61, 0x6c,
+	0x69, 0x64, 0x61, 0x74, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x22, 0xc0, 0x04, 0x0a, 0x0c,
+	0x5a, 0x69, 0x70, 0x6b, 0x69, 0x6e, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x12, 0x34, 0x0a, 0x11,
+	0x63, 0x6f, 0x6c, 0x6c, 0x65, 0x63, 0x74, 0x6f, 0x72, 0x5f, 0x63, 0x6c, 0x75, 0x73, 0x74, 0x65,
+	0x72, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x42, 0x07, 0xfa, 0x42, 0x04, 0x72, 0x02, 0x10, 0x01,
+	0x52, 0x10, 0x63, 0x6f, 0x6c, 0x6c, 0x65, 0x63, 0x74, 0x6f, 0x72, 0x43, 0x6c, 0x75, 0x73, 0x74,
+	0x65, 0x72, 0x12, 0x36, 0x0a, 0x12, 0x63, 0x6f, 0x6c, 0x6c, 0x65, 0x63, 0x74, 0x6f, 0x72, 0x5f,
+	0x65, 0x6e, 0x64, 0x70, 0x6f, 0x69, 0x6e, 0x74, 0x18, 0x02, 0x20, 0x01, 0x28, 0x09, 0x42, 0x07,
+	0xfa, 0x42, 0x04, 0x72, 0x02, 0x10, 0x01, 0x52, 0x11, 0x63, 0x6f, 0x6c, 0x6c, 0x65, 0x63, 0x74,
+	0x6f, 0x72, 0x45, 0x6e, 0x64, 0x70, 0x6f, 0x69, 0x6e, 0x74, 0x12, 0x26, 0x0a, 0x0f, 0x74, 0x72,
+	0x61, 0x63, 0x65, 0x5f, 0x69, 0x64, 0x5f, 0x31, 0x32, 0x38, 0x62, 0x69, 0x74, 0x18, 0x03, 0x20,
+	0x01, 0x28, 0x08, 0x52, 0x0d, 0x74, 0x72, 0x61, 0x63, 0x65, 0x49, 0x64, 0x31, 0x32, 0x38, 0x62,
+	0x69, 0x74, 0x12, 0x4a, 0x0a, 0x13, 0x73, 0x68, 0x61, 0x72, 0x65, 0x64, 0x5f, 0x73, 0x70, 0x61,
+	0x6e, 0x5f, 0x63, 0x6f, 0x6e, 0x74, 0x65, 0x78, 0x74, 0x18, 0x04, 0x20, 0x01, 0x28, 0x0b, 0x32,
+	0x1a, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75,
+	0x66, 0x2e, 0x42, 0x6f, 0x6f, 0x6c, 0x56, 0x61, 0x6c, 0x75, 0x65, 0x52, 0x11, 0x73, 0x68, 0x61,
+	0x72, 0x65, 0x64, 0x53, 0x70, 0x61, 0x6e, 0x43, 0x6f, 0x6e, 0x74, 0x65, 0x78, 0x74, 0x12, 0x7a,
+	0x0a, 0x1a, 0x63, 0x6f, 0x6c, 0x6c, 0x65, 0x63, 0x74, 0x6f, 0x72, 0x5f, 0x65, 0x6e, 0x64, 0x70,
+	0x6f, 0x69, 0x6e, 0x74, 0x5f, 0x76, 0x65, 0x72, 0x73, 0x69, 0x6f, 0x6e, 0x18, 0x05, 0x20, 0x01,
+	0x28, 0x0e, 0x32, 0x3c, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69,
+	0x67, 0x2e, 0x74, 0x72, 0x61, 0x63, 0x65, 0x2e, 0x76, 0x33, 0x2e, 0x5a, 0x69, 0x70, 0x6b, 0x69,
+	0x6e, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x43, 0x6f, 0x6c, 0x6c, 0x65, 0x63, 0x74, 0x6f,
+	0x72, 0x45, 0x6e, 0x64, 0x70, 0x6f, 0x69, 0x6e, 0x74, 0x56, 0x65, 0x72, 0x73, 0x69, 0x6f, 0x6e,
+	0x52, 0x18, 0x63, 0x6f, 0x6c, 0x6c, 0x65, 0x63, 0x74, 0x6f, 0x72, 0x45, 0x6e, 0x64, 0x70, 0x6f,
+	0x69, 0x6e, 0x74, 0x56, 0x65, 0x72, 0x73, 0x69, 0x6f, 0x6e, 0x12, 0x2d, 0x0a, 0x12, 0x63, 0x6f,
+	0x6c, 0x6c, 0x65, 0x63, 0x74, 0x6f, 0x72, 0x5f, 0x68, 0x6f, 0x73, 0x74, 0x6e, 0x61, 0x6d, 0x65,
+	0x18, 0x06, 0x20, 0x01, 0x28, 0x09, 0x52, 0x11, 0x63, 0x6f, 0x6c, 0x6c, 0x65, 0x63, 0x74, 0x6f,
+	0x72, 0x48, 0x6f, 0x73, 0x74, 0x6e, 0x61, 0x6d, 0x65, 0x22, 0x78, 0x0a, 0x18, 0x43, 0x6f, 0x6c,
+	0x6c, 0x65, 0x63, 0x74, 0x6f, 0x72, 0x45, 0x6e, 0x64, 0x70, 0x6f, 0x69, 0x6e, 0x74, 0x56, 0x65,
+	0x72, 0x73, 0x69, 0x6f, 0x6e, 0x12, 0x33, 0x0a, 0x25, 0x44, 0x45, 0x50, 0x52, 0x45, 0x43, 0x41,
+	0x54, 0x45, 0x44, 0x5f, 0x41, 0x4e, 0x44, 0x5f, 0x55, 0x4e, 0x41, 0x56, 0x41, 0x49, 0x4c, 0x41,
+	0x42, 0x4c, 0x45, 0x5f, 0x44, 0x4f, 0x5f, 0x4e, 0x4f, 0x54, 0x5f, 0x55, 0x53, 0x45, 0x10, 0x00,
+	0x1a, 0x08, 0x08, 0x01, 0xa8, 0xf7, 0xb4, 0x8b, 0x02, 0x01, 0x12, 0x0d, 0x0a, 0x09, 0x48, 0x54,
+	0x54, 0x50, 0x5f, 0x4a, 0x53, 0x4f, 0x4e, 0x10, 0x01, 0x12, 0x0e, 0x0a, 0x0a, 0x48, 0x54, 0x54,
+	0x50, 0x5f, 0x50, 0x52, 0x4f, 0x54, 0x4f, 0x10, 0x02, 0x12, 0x08, 0x0a, 0x04, 0x47, 0x52, 0x50,
+	0x43, 0x10, 0x03, 0x3a, 0x29, 0x9a, 0xc5, 0x88, 0x1e, 0x24, 0x0a, 0x22, 0x65, 0x6e, 0x76, 0x6f,
+	0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x74, 0x72, 0x61, 0x63, 0x65, 0x2e, 0x76,
+	0x32, 0x2e, 0x5a, 0x69, 0x70, 0x6b, 0x69, 0x6e, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x42, 0x6b,
+	0x0a, 0x23, 0x69, 0x6f, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x70, 0x72, 0x6f, 0x78, 0x79, 0x2e,
+	0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x74, 0x72, 0x61,
+	0x63, 0x65, 0x2e, 0x76, 0x33, 0x42, 0x0b, 0x5a, 0x69, 0x70, 0x6b, 0x69, 0x6e, 0x50, 0x72, 0x6f,
+	0x74, 0x6f, 0x50, 0x01, 0xf2, 0x98, 0xfe, 0x8f, 0x05, 0x29, 0x12, 0x27, 0x65, 0x6e, 0x76, 0x6f,
+	0x79, 0x2e, 0x65, 0x78, 0x74, 0x65, 0x6e, 0x73, 0x69, 0x6f, 0x6e, 0x73, 0x2e, 0x74, 0x72, 0x61,
+	0x63, 0x65, 0x72, 0x73, 0x2e, 0x7a, 0x69, 0x70, 0x6b, 0x69, 0x6e, 0x2e, 0x76, 0x34, 0x61, 0x6c,
+	0x70, 0x68, 0x61, 0xba, 0x80, 0xc8, 0xd1, 0x06, 0x02, 0x10, 0x02, 0x62, 0x06, 0x70, 0x72, 0x6f,
+	0x74, 0x6f, 0x33,
+}
+
+var (
+	file_envoy_config_trace_v3_zipkin_proto_rawDescOnce sync.Once
+	file_envoy_config_trace_v3_zipkin_proto_rawDescData = file_envoy_config_trace_v3_zipkin_proto_rawDesc
+)
+
+func file_envoy_config_trace_v3_zipkin_proto_rawDescGZIP() []byte {
+	file_envoy_config_trace_v3_zipkin_proto_rawDescOnce.Do(func() {
+		file_envoy_config_trace_v3_zipkin_proto_rawDescData = protoimpl.X.CompressGZIP(file_envoy_config_trace_v3_zipkin_proto_rawDescData)
+	})
+	return file_envoy_config_trace_v3_zipkin_proto_rawDescData
+}
+
+var file_envoy_config_trace_v3_zipkin_proto_enumTypes = make([]protoimpl.EnumInfo, 1)
+var file_envoy_config_trace_v3_zipkin_proto_msgTypes = make([]protoimpl.MessageInfo, 1)
+var file_envoy_config_trace_v3_zipkin_proto_goTypes = []interface{}{
+	(ZipkinConfig_CollectorEndpointVersion)(0), // 0: envoy.config.trace.v3.ZipkinConfig.CollectorEndpointVersion
+	(*ZipkinConfig)(nil),                       // 1: envoy.config.trace.v3.ZipkinConfig
+	(*wrappers.BoolValue)(nil),                 // 2: google.protobuf.BoolValue
+}
+var file_envoy_config_trace_v3_zipkin_proto_depIdxs = []int32{
+	2, // 0: envoy.config.trace.v3.ZipkinConfig.shared_span_context:type_name -> google.protobuf.BoolValue
+	0, // 1: envoy.config.trace.v3.ZipkinConfig.collector_endpoint_version:type_name -> envoy.config.trace.v3.ZipkinConfig.CollectorEndpointVersion
+	2, // [2:2] is the sub-list for method output_type
+	2, // [2:2] is the sub-list for method input_type
+	2, // [2:2] is the sub-list for extension type_name
+	2, // [2:2] is the sub-list for extension extendee
+	0, // [0:2] is the sub-list for field type_name
+}
+
+func init() { file_envoy_config_trace_v3_zipkin_proto_init() }
+func file_envoy_config_trace_v3_zipkin_proto_init() {
+	if File_envoy_config_trace_v3_zipkin_proto != nil {
+		return
+	}
+	if !protoimpl.UnsafeEnabled {
+		file_envoy_config_trace_v3_zipkin_proto_msgTypes[0].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*ZipkinConfig); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+	}
+	type x struct{}
+	out := protoimpl.TypeBuilder{
+		File: protoimpl.DescBuilder{
+			GoPackagePath: reflect.TypeOf(x{}).PkgPath(),
+			RawDescriptor: file_envoy_config_trace_v3_zipkin_proto_rawDesc,
+			NumEnums:      1,
+			NumMessages:   1,
+			NumExtensions: 0,
+			NumServices:   0,
+		},
+		GoTypes:           file_envoy_config_trace_v3_zipkin_proto_goTypes,
+		DependencyIndexes: file_envoy_config_trace_v3_zipkin_proto_depIdxs,
+		EnumInfos:         file_envoy_config_trace_v3_zipkin_proto_enumTypes,
+		MessageInfos:      file_envoy_config_trace_v3_zipkin_proto_msgTypes,
+	}.Build()
+	File_envoy_config_trace_v3_zipkin_proto = out.File
+	file_envoy_config_trace_v3_zipkin_proto_rawDesc = nil
+	file_envoy_config_trace_v3_zipkin_proto_goTypes = nil
+	file_envoy_config_trace_v3_zipkin_proto_depIdxs = nil
+}
diff --git a/vendor/github.com/envoyproxy/go-control-plane/envoy/config/trace/v3/zipkin.pb.validate.go b/vendor/github.com/envoyproxy/go-control-plane/envoy/config/trace/v3/zipkin.pb.validate.go
new file mode 100644
index 00000000000..1c7c9eef7f9
--- /dev/null
+++ b/vendor/github.com/envoyproxy/go-control-plane/envoy/config/trace/v3/zipkin.pb.validate.go
@@ -0,0 +1,191 @@
+// Code generated by protoc-gen-validate. DO NOT EDIT.
+// source: envoy/config/trace/v3/zipkin.proto
+
+package envoy_config_trace_v3
+
+import (
+	"bytes"
+	"errors"
+	"fmt"
+	"net"
+	"net/mail"
+	"net/url"
+	"regexp"
+	"sort"
+	"strings"
+	"time"
+	"unicode/utf8"
+
+	"google.golang.org/protobuf/types/known/anypb"
+)
+
+// ensure the imports are used
+var (
+	_ = bytes.MinRead
+	_ = errors.New("")
+	_ = fmt.Print
+	_ = utf8.UTFMax
+	_ = (*regexp.Regexp)(nil)
+	_ = (*strings.Reader)(nil)
+	_ = net.IPv4len
+	_ = time.Duration(0)
+	_ = (*url.URL)(nil)
+	_ = (*mail.Address)(nil)
+	_ = anypb.Any{}
+	_ = sort.Sort
+)
+
+// Validate checks the field values on ZipkinConfig with the rules defined in
+// the proto definition for this message. If any rules are violated, the first
+// error encountered is returned, or nil if there are no violations.
+func (m *ZipkinConfig) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on ZipkinConfig with the rules defined
+// in the proto definition for this message. If any rules are violated, the
+// result is a list of violation errors wrapped in ZipkinConfigMultiError, or
+// nil if none found.
+func (m *ZipkinConfig) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *ZipkinConfig) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	if utf8.RuneCountInString(m.GetCollectorCluster()) < 1 {
+		err := ZipkinConfigValidationError{
+			field:  "CollectorCluster",
+			reason: "value length must be at least 1 runes",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+	}
+
+	if utf8.RuneCountInString(m.GetCollectorEndpoint()) < 1 {
+		err := ZipkinConfigValidationError{
+			field:  "CollectorEndpoint",
+			reason: "value length must be at least 1 runes",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+	}
+
+	// no validation rules for TraceId_128Bit
+
+	if all {
+		switch v := interface{}(m.GetSharedSpanContext()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, ZipkinConfigValidationError{
+					field:  "SharedSpanContext",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, ZipkinConfigValidationError{
+					field:  "SharedSpanContext",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetSharedSpanContext()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return ZipkinConfigValidationError{
+				field:  "SharedSpanContext",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	// no validation rules for CollectorEndpointVersion
+
+	// no validation rules for CollectorHostname
+
+	if len(errors) > 0 {
+		return ZipkinConfigMultiError(errors)
+	}
+	return nil
+}
+
+// ZipkinConfigMultiError is an error wrapping multiple validation errors
+// returned by ZipkinConfig.ValidateAll() if the designated constraints aren't met.
+type ZipkinConfigMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m ZipkinConfigMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m ZipkinConfigMultiError) AllErrors() []error { return m }
+
+// ZipkinConfigValidationError is the validation error returned by
+// ZipkinConfig.Validate if the designated constraints aren't met.
+type ZipkinConfigValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e ZipkinConfigValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e ZipkinConfigValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e ZipkinConfigValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e ZipkinConfigValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e ZipkinConfigValidationError) ErrorName() string { return "ZipkinConfigValidationError" }
+
+// Error satisfies the builtin error interface
+func (e ZipkinConfigValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sZipkinConfig.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = ZipkinConfigValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = ZipkinConfigValidationError{}
diff --git a/vendor/github.com/envoyproxy/go-control-plane/envoy/extensions/clusters/aggregate/v3/cluster.pb.go b/vendor/github.com/envoyproxy/go-control-plane/envoy/extensions/clusters/aggregate/v3/cluster.pb.go
new file mode 100644
index 00000000000..6b5358e2499
--- /dev/null
+++ b/vendor/github.com/envoyproxy/go-control-plane/envoy/extensions/clusters/aggregate/v3/cluster.pb.go
@@ -0,0 +1,173 @@
+// Code generated by protoc-gen-go. DO NOT EDIT.
+// versions:
+// 	protoc-gen-go v1.25.0
+// 	protoc        v3.19.1
+// source: envoy/extensions/clusters/aggregate/v3/cluster.proto
+
+package envoy_extensions_clusters_aggregate_v3
+
+import (
+	_ "github.com/cncf/xds/go/udpa/annotations"
+	_ "github.com/envoyproxy/protoc-gen-validate/validate"
+	proto "github.com/golang/protobuf/proto"
+	protoreflect "google.golang.org/protobuf/reflect/protoreflect"
+	protoimpl "google.golang.org/protobuf/runtime/protoimpl"
+	reflect "reflect"
+	sync "sync"
+)
+
+const (
+	// Verify that this generated code is sufficiently up-to-date.
+	_ = protoimpl.EnforceVersion(20 - protoimpl.MinVersion)
+	// Verify that runtime/protoimpl is sufficiently up-to-date.
+	_ = protoimpl.EnforceVersion(protoimpl.MaxVersion - 20)
+)
+
+// This is a compile-time assertion that a sufficiently up-to-date version
+// of the legacy proto package is being used.
+const _ = proto.ProtoPackageIsVersion4
+
+// Configuration for the aggregate cluster. See the :ref:`architecture overview
+// <arch_overview_aggregate_cluster>` for more information.
+// [#extension: envoy.clusters.aggregate]
+type ClusterConfig struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// Load balancing clusters in aggregate cluster. Clusters are prioritized based on the order they
+	// appear in this list.
+	Clusters []string `protobuf:"bytes,1,rep,name=clusters,proto3" json:"clusters,omitempty"`
+}
+
+func (x *ClusterConfig) Reset() {
+	*x = ClusterConfig{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_extensions_clusters_aggregate_v3_cluster_proto_msgTypes[0]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *ClusterConfig) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*ClusterConfig) ProtoMessage() {}
+
+func (x *ClusterConfig) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_extensions_clusters_aggregate_v3_cluster_proto_msgTypes[0]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use ClusterConfig.ProtoReflect.Descriptor instead.
+func (*ClusterConfig) Descriptor() ([]byte, []int) {
+	return file_envoy_extensions_clusters_aggregate_v3_cluster_proto_rawDescGZIP(), []int{0}
+}
+
+func (x *ClusterConfig) GetClusters() []string {
+	if x != nil {
+		return x.Clusters
+	}
+	return nil
+}
+
+var File_envoy_extensions_clusters_aggregate_v3_cluster_proto protoreflect.FileDescriptor
+
+var file_envoy_extensions_clusters_aggregate_v3_cluster_proto_rawDesc = []byte{
+	0x0a, 0x34, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2f, 0x65, 0x78, 0x74, 0x65, 0x6e, 0x73, 0x69, 0x6f,
+	0x6e, 0x73, 0x2f, 0x63, 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0x73, 0x2f, 0x61, 0x67, 0x67, 0x72,
+	0x65, 0x67, 0x61, 0x74, 0x65, 0x2f, 0x76, 0x33, 0x2f, 0x63, 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72,
+	0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x12, 0x26, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x65, 0x78,
+	0x74, 0x65, 0x6e, 0x73, 0x69, 0x6f, 0x6e, 0x73, 0x2e, 0x63, 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72,
+	0x73, 0x2e, 0x61, 0x67, 0x67, 0x72, 0x65, 0x67, 0x61, 0x74, 0x65, 0x2e, 0x76, 0x33, 0x1a, 0x1d,
+	0x75, 0x64, 0x70, 0x61, 0x2f, 0x61, 0x6e, 0x6e, 0x6f, 0x74, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x73,
+	0x2f, 0x73, 0x74, 0x61, 0x74, 0x75, 0x73, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x21, 0x75,
+	0x64, 0x70, 0x61, 0x2f, 0x61, 0x6e, 0x6e, 0x6f, 0x74, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x2f,
+	0x76, 0x65, 0x72, 0x73, 0x69, 0x6f, 0x6e, 0x69, 0x6e, 0x67, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f,
+	0x1a, 0x17, 0x76, 0x61, 0x6c, 0x69, 0x64, 0x61, 0x74, 0x65, 0x2f, 0x76, 0x61, 0x6c, 0x69, 0x64,
+	0x61, 0x74, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x22, 0x72, 0x0a, 0x0d, 0x43, 0x6c, 0x75,
+	0x73, 0x74, 0x65, 0x72, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x12, 0x24, 0x0a, 0x08, 0x63, 0x6c,
+	0x75, 0x73, 0x74, 0x65, 0x72, 0x73, 0x18, 0x01, 0x20, 0x03, 0x28, 0x09, 0x42, 0x08, 0xfa, 0x42,
+	0x05, 0x92, 0x01, 0x02, 0x08, 0x01, 0x52, 0x08, 0x63, 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0x73,
+	0x3a, 0x3b, 0x9a, 0xc5, 0x88, 0x1e, 0x36, 0x0a, 0x34, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63,
+	0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x63, 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0x2e, 0x61, 0x67,
+	0x67, 0x72, 0x65, 0x67, 0x61, 0x74, 0x65, 0x2e, 0x76, 0x32, 0x61, 0x6c, 0x70, 0x68, 0x61, 0x2e,
+	0x43, 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x42, 0x4e, 0x0a,
+	0x34, 0x69, 0x6f, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x70, 0x72, 0x6f, 0x78, 0x79, 0x2e, 0x65,
+	0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x65, 0x78, 0x74, 0x65, 0x6e, 0x73, 0x69, 0x6f, 0x6e, 0x73, 0x2e,
+	0x63, 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0x73, 0x2e, 0x61, 0x67, 0x67, 0x72, 0x65, 0x67, 0x61,
+	0x74, 0x65, 0x2e, 0x76, 0x33, 0x42, 0x0c, 0x43, 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0x50, 0x72,
+	0x6f, 0x74, 0x6f, 0x50, 0x01, 0xba, 0x80, 0xc8, 0xd1, 0x06, 0x02, 0x10, 0x02, 0x62, 0x06, 0x70,
+	0x72, 0x6f, 0x74, 0x6f, 0x33,
+}
+
+var (
+	file_envoy_extensions_clusters_aggregate_v3_cluster_proto_rawDescOnce sync.Once
+	file_envoy_extensions_clusters_aggregate_v3_cluster_proto_rawDescData = file_envoy_extensions_clusters_aggregate_v3_cluster_proto_rawDesc
+)
+
+func file_envoy_extensions_clusters_aggregate_v3_cluster_proto_rawDescGZIP() []byte {
+	file_envoy_extensions_clusters_aggregate_v3_cluster_proto_rawDescOnce.Do(func() {
+		file_envoy_extensions_clusters_aggregate_v3_cluster_proto_rawDescData = protoimpl.X.CompressGZIP(file_envoy_extensions_clusters_aggregate_v3_cluster_proto_rawDescData)
+	})
+	return file_envoy_extensions_clusters_aggregate_v3_cluster_proto_rawDescData
+}
+
+var file_envoy_extensions_clusters_aggregate_v3_cluster_proto_msgTypes = make([]protoimpl.MessageInfo, 1)
+var file_envoy_extensions_clusters_aggregate_v3_cluster_proto_goTypes = []interface{}{
+	(*ClusterConfig)(nil), // 0: envoy.extensions.clusters.aggregate.v3.ClusterConfig
+}
+var file_envoy_extensions_clusters_aggregate_v3_cluster_proto_depIdxs = []int32{
+	0, // [0:0] is the sub-list for method output_type
+	0, // [0:0] is the sub-list for method input_type
+	0, // [0:0] is the sub-list for extension type_name
+	0, // [0:0] is the sub-list for extension extendee
+	0, // [0:0] is the sub-list for field type_name
+}
+
+func init() { file_envoy_extensions_clusters_aggregate_v3_cluster_proto_init() }
+func file_envoy_extensions_clusters_aggregate_v3_cluster_proto_init() {
+	if File_envoy_extensions_clusters_aggregate_v3_cluster_proto != nil {
+		return
+	}
+	if !protoimpl.UnsafeEnabled {
+		file_envoy_extensions_clusters_aggregate_v3_cluster_proto_msgTypes[0].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*ClusterConfig); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+	}
+	type x struct{}
+	out := protoimpl.TypeBuilder{
+		File: protoimpl.DescBuilder{
+			GoPackagePath: reflect.TypeOf(x{}).PkgPath(),
+			RawDescriptor: file_envoy_extensions_clusters_aggregate_v3_cluster_proto_rawDesc,
+			NumEnums:      0,
+			NumMessages:   1,
+			NumExtensions: 0,
+			NumServices:   0,
+		},
+		GoTypes:           file_envoy_extensions_clusters_aggregate_v3_cluster_proto_goTypes,
+		DependencyIndexes: file_envoy_extensions_clusters_aggregate_v3_cluster_proto_depIdxs,
+		MessageInfos:      file_envoy_extensions_clusters_aggregate_v3_cluster_proto_msgTypes,
+	}.Build()
+	File_envoy_extensions_clusters_aggregate_v3_cluster_proto = out.File
+	file_envoy_extensions_clusters_aggregate_v3_cluster_proto_rawDesc = nil
+	file_envoy_extensions_clusters_aggregate_v3_cluster_proto_goTypes = nil
+	file_envoy_extensions_clusters_aggregate_v3_cluster_proto_depIdxs = nil
+}
diff --git a/vendor/github.com/envoyproxy/go-control-plane/envoy/extensions/clusters/aggregate/v3/cluster.pb.validate.go b/vendor/github.com/envoyproxy/go-control-plane/envoy/extensions/clusters/aggregate/v3/cluster.pb.validate.go
new file mode 100644
index 00000000000..46121f1bd69
--- /dev/null
+++ b/vendor/github.com/envoyproxy/go-control-plane/envoy/extensions/clusters/aggregate/v3/cluster.pb.validate.go
@@ -0,0 +1,146 @@
+// Code generated by protoc-gen-validate. DO NOT EDIT.
+// source: envoy/extensions/clusters/aggregate/v3/cluster.proto
+
+package envoy_extensions_clusters_aggregate_v3
+
+import (
+	"bytes"
+	"errors"
+	"fmt"
+	"net"
+	"net/mail"
+	"net/url"
+	"regexp"
+	"sort"
+	"strings"
+	"time"
+	"unicode/utf8"
+
+	"google.golang.org/protobuf/types/known/anypb"
+)
+
+// ensure the imports are used
+var (
+	_ = bytes.MinRead
+	_ = errors.New("")
+	_ = fmt.Print
+	_ = utf8.UTFMax
+	_ = (*regexp.Regexp)(nil)
+	_ = (*strings.Reader)(nil)
+	_ = net.IPv4len
+	_ = time.Duration(0)
+	_ = (*url.URL)(nil)
+	_ = (*mail.Address)(nil)
+	_ = anypb.Any{}
+	_ = sort.Sort
+)
+
+// Validate checks the field values on ClusterConfig with the rules defined in
+// the proto definition for this message. If any rules are violated, the first
+// error encountered is returned, or nil if there are no violations.
+func (m *ClusterConfig) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on ClusterConfig with the rules defined
+// in the proto definition for this message. If any rules are violated, the
+// result is a list of violation errors wrapped in ClusterConfigMultiError, or
+// nil if none found.
+func (m *ClusterConfig) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *ClusterConfig) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	if len(m.GetClusters()) < 1 {
+		err := ClusterConfigValidationError{
+			field:  "Clusters",
+			reason: "value must contain at least 1 item(s)",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+	}
+
+	if len(errors) > 0 {
+		return ClusterConfigMultiError(errors)
+	}
+	return nil
+}
+
+// ClusterConfigMultiError is an error wrapping multiple validation errors
+// returned by ClusterConfig.ValidateAll() if the designated constraints
+// aren't met.
+type ClusterConfigMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m ClusterConfigMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m ClusterConfigMultiError) AllErrors() []error { return m }
+
+// ClusterConfigValidationError is the validation error returned by
+// ClusterConfig.Validate if the designated constraints aren't met.
+type ClusterConfigValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e ClusterConfigValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e ClusterConfigValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e ClusterConfigValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e ClusterConfigValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e ClusterConfigValidationError) ErrorName() string { return "ClusterConfigValidationError" }
+
+// Error satisfies the builtin error interface
+func (e ClusterConfigValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sClusterConfig.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = ClusterConfigValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = ClusterConfigValidationError{}
diff --git a/vendor/github.com/envoyproxy/go-control-plane/envoy/extensions/filters/common/fault/v3/fault.pb.go b/vendor/github.com/envoyproxy/go-control-plane/envoy/extensions/filters/common/fault/v3/fault.pb.go
new file mode 100644
index 00000000000..439ee5fda1a
--- /dev/null
+++ b/vendor/github.com/envoyproxy/go-control-plane/envoy/extensions/filters/common/fault/v3/fault.pb.go
@@ -0,0 +1,619 @@
+// Code generated by protoc-gen-go. DO NOT EDIT.
+// versions:
+// 	protoc-gen-go v1.25.0
+// 	protoc        v3.19.1
+// source: envoy/extensions/filters/common/fault/v3/fault.proto
+
+package envoy_extensions_filters_common_fault_v3
+
+import (
+	_ "github.com/cncf/xds/go/udpa/annotations"
+	v3 "github.com/envoyproxy/go-control-plane/envoy/type/v3"
+	_ "github.com/envoyproxy/protoc-gen-validate/validate"
+	proto "github.com/golang/protobuf/proto"
+	duration "github.com/golang/protobuf/ptypes/duration"
+	protoreflect "google.golang.org/protobuf/reflect/protoreflect"
+	protoimpl "google.golang.org/protobuf/runtime/protoimpl"
+	reflect "reflect"
+	sync "sync"
+)
+
+const (
+	// Verify that this generated code is sufficiently up-to-date.
+	_ = protoimpl.EnforceVersion(20 - protoimpl.MinVersion)
+	// Verify that runtime/protoimpl is sufficiently up-to-date.
+	_ = protoimpl.EnforceVersion(protoimpl.MaxVersion - 20)
+)
+
+// This is a compile-time assertion that a sufficiently up-to-date version
+// of the legacy proto package is being used.
+const _ = proto.ProtoPackageIsVersion4
+
+type FaultDelay_FaultDelayType int32
+
+const (
+	// Unused and deprecated.
+	FaultDelay_FIXED FaultDelay_FaultDelayType = 0
+)
+
+// Enum value maps for FaultDelay_FaultDelayType.
+var (
+	FaultDelay_FaultDelayType_name = map[int32]string{
+		0: "FIXED",
+	}
+	FaultDelay_FaultDelayType_value = map[string]int32{
+		"FIXED": 0,
+	}
+)
+
+func (x FaultDelay_FaultDelayType) Enum() *FaultDelay_FaultDelayType {
+	p := new(FaultDelay_FaultDelayType)
+	*p = x
+	return p
+}
+
+func (x FaultDelay_FaultDelayType) String() string {
+	return protoimpl.X.EnumStringOf(x.Descriptor(), protoreflect.EnumNumber(x))
+}
+
+func (FaultDelay_FaultDelayType) Descriptor() protoreflect.EnumDescriptor {
+	return file_envoy_extensions_filters_common_fault_v3_fault_proto_enumTypes[0].Descriptor()
+}
+
+func (FaultDelay_FaultDelayType) Type() protoreflect.EnumType {
+	return &file_envoy_extensions_filters_common_fault_v3_fault_proto_enumTypes[0]
+}
+
+func (x FaultDelay_FaultDelayType) Number() protoreflect.EnumNumber {
+	return protoreflect.EnumNumber(x)
+}
+
+// Deprecated: Use FaultDelay_FaultDelayType.Descriptor instead.
+func (FaultDelay_FaultDelayType) EnumDescriptor() ([]byte, []int) {
+	return file_envoy_extensions_filters_common_fault_v3_fault_proto_rawDescGZIP(), []int{0, 0}
+}
+
+// Delay specification is used to inject latency into the
+// HTTP/Mongo operation.
+// [#next-free-field: 6]
+type FaultDelay struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// Types that are assignable to FaultDelaySecifier:
+	//	*FaultDelay_FixedDelay
+	//	*FaultDelay_HeaderDelay_
+	FaultDelaySecifier isFaultDelay_FaultDelaySecifier `protobuf_oneof:"fault_delay_secifier"`
+	// The percentage of operations/connections/requests on which the delay will be injected.
+	Percentage *v3.FractionalPercent `protobuf:"bytes,4,opt,name=percentage,proto3" json:"percentage,omitempty"`
+}
+
+func (x *FaultDelay) Reset() {
+	*x = FaultDelay{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_extensions_filters_common_fault_v3_fault_proto_msgTypes[0]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *FaultDelay) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*FaultDelay) ProtoMessage() {}
+
+func (x *FaultDelay) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_extensions_filters_common_fault_v3_fault_proto_msgTypes[0]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use FaultDelay.ProtoReflect.Descriptor instead.
+func (*FaultDelay) Descriptor() ([]byte, []int) {
+	return file_envoy_extensions_filters_common_fault_v3_fault_proto_rawDescGZIP(), []int{0}
+}
+
+func (m *FaultDelay) GetFaultDelaySecifier() isFaultDelay_FaultDelaySecifier {
+	if m != nil {
+		return m.FaultDelaySecifier
+	}
+	return nil
+}
+
+func (x *FaultDelay) GetFixedDelay() *duration.Duration {
+	if x, ok := x.GetFaultDelaySecifier().(*FaultDelay_FixedDelay); ok {
+		return x.FixedDelay
+	}
+	return nil
+}
+
+func (x *FaultDelay) GetHeaderDelay() *FaultDelay_HeaderDelay {
+	if x, ok := x.GetFaultDelaySecifier().(*FaultDelay_HeaderDelay_); ok {
+		return x.HeaderDelay
+	}
+	return nil
+}
+
+func (x *FaultDelay) GetPercentage() *v3.FractionalPercent {
+	if x != nil {
+		return x.Percentage
+	}
+	return nil
+}
+
+type isFaultDelay_FaultDelaySecifier interface {
+	isFaultDelay_FaultDelaySecifier()
+}
+
+type FaultDelay_FixedDelay struct {
+	// Add a fixed delay before forwarding the operation upstream. See
+	// https://developers.google.com/protocol-buffers/docs/proto3#json for
+	// the JSON/YAML Duration mapping. For HTTP/Mongo, the specified
+	// delay will be injected before a new request/operation.
+	// This is required if type is FIXED.
+	FixedDelay *duration.Duration `protobuf:"bytes,3,opt,name=fixed_delay,json=fixedDelay,proto3,oneof"`
+}
+
+type FaultDelay_HeaderDelay_ struct {
+	// Fault delays are controlled via an HTTP header (if applicable).
+	HeaderDelay *FaultDelay_HeaderDelay `protobuf:"bytes,5,opt,name=header_delay,json=headerDelay,proto3,oneof"`
+}
+
+func (*FaultDelay_FixedDelay) isFaultDelay_FaultDelaySecifier() {}
+
+func (*FaultDelay_HeaderDelay_) isFaultDelay_FaultDelaySecifier() {}
+
+// Describes a rate limit to be applied.
+type FaultRateLimit struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// Types that are assignable to LimitType:
+	//	*FaultRateLimit_FixedLimit_
+	//	*FaultRateLimit_HeaderLimit_
+	LimitType isFaultRateLimit_LimitType `protobuf_oneof:"limit_type"`
+	// The percentage of operations/connections/requests on which the rate limit will be injected.
+	Percentage *v3.FractionalPercent `protobuf:"bytes,2,opt,name=percentage,proto3" json:"percentage,omitempty"`
+}
+
+func (x *FaultRateLimit) Reset() {
+	*x = FaultRateLimit{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_extensions_filters_common_fault_v3_fault_proto_msgTypes[1]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *FaultRateLimit) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*FaultRateLimit) ProtoMessage() {}
+
+func (x *FaultRateLimit) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_extensions_filters_common_fault_v3_fault_proto_msgTypes[1]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use FaultRateLimit.ProtoReflect.Descriptor instead.
+func (*FaultRateLimit) Descriptor() ([]byte, []int) {
+	return file_envoy_extensions_filters_common_fault_v3_fault_proto_rawDescGZIP(), []int{1}
+}
+
+func (m *FaultRateLimit) GetLimitType() isFaultRateLimit_LimitType {
+	if m != nil {
+		return m.LimitType
+	}
+	return nil
+}
+
+func (x *FaultRateLimit) GetFixedLimit() *FaultRateLimit_FixedLimit {
+	if x, ok := x.GetLimitType().(*FaultRateLimit_FixedLimit_); ok {
+		return x.FixedLimit
+	}
+	return nil
+}
+
+func (x *FaultRateLimit) GetHeaderLimit() *FaultRateLimit_HeaderLimit {
+	if x, ok := x.GetLimitType().(*FaultRateLimit_HeaderLimit_); ok {
+		return x.HeaderLimit
+	}
+	return nil
+}
+
+func (x *FaultRateLimit) GetPercentage() *v3.FractionalPercent {
+	if x != nil {
+		return x.Percentage
+	}
+	return nil
+}
+
+type isFaultRateLimit_LimitType interface {
+	isFaultRateLimit_LimitType()
+}
+
+type FaultRateLimit_FixedLimit_ struct {
+	// A fixed rate limit.
+	FixedLimit *FaultRateLimit_FixedLimit `protobuf:"bytes,1,opt,name=fixed_limit,json=fixedLimit,proto3,oneof"`
+}
+
+type FaultRateLimit_HeaderLimit_ struct {
+	// Rate limits are controlled via an HTTP header (if applicable).
+	HeaderLimit *FaultRateLimit_HeaderLimit `protobuf:"bytes,3,opt,name=header_limit,json=headerLimit,proto3,oneof"`
+}
+
+func (*FaultRateLimit_FixedLimit_) isFaultRateLimit_LimitType() {}
+
+func (*FaultRateLimit_HeaderLimit_) isFaultRateLimit_LimitType() {}
+
+// Fault delays are controlled via an HTTP header (if applicable). See the
+// :ref:`HTTP fault filter <config_http_filters_fault_injection_http_header>` documentation for
+// more information.
+type FaultDelay_HeaderDelay struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+}
+
+func (x *FaultDelay_HeaderDelay) Reset() {
+	*x = FaultDelay_HeaderDelay{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_extensions_filters_common_fault_v3_fault_proto_msgTypes[2]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *FaultDelay_HeaderDelay) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*FaultDelay_HeaderDelay) ProtoMessage() {}
+
+func (x *FaultDelay_HeaderDelay) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_extensions_filters_common_fault_v3_fault_proto_msgTypes[2]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use FaultDelay_HeaderDelay.ProtoReflect.Descriptor instead.
+func (*FaultDelay_HeaderDelay) Descriptor() ([]byte, []int) {
+	return file_envoy_extensions_filters_common_fault_v3_fault_proto_rawDescGZIP(), []int{0, 0}
+}
+
+// Describes a fixed/constant rate limit.
+type FaultRateLimit_FixedLimit struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// The limit supplied in KiB/s.
+	LimitKbps uint64 `protobuf:"varint,1,opt,name=limit_kbps,json=limitKbps,proto3" json:"limit_kbps,omitempty"`
+}
+
+func (x *FaultRateLimit_FixedLimit) Reset() {
+	*x = FaultRateLimit_FixedLimit{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_extensions_filters_common_fault_v3_fault_proto_msgTypes[3]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *FaultRateLimit_FixedLimit) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*FaultRateLimit_FixedLimit) ProtoMessage() {}
+
+func (x *FaultRateLimit_FixedLimit) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_extensions_filters_common_fault_v3_fault_proto_msgTypes[3]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use FaultRateLimit_FixedLimit.ProtoReflect.Descriptor instead.
+func (*FaultRateLimit_FixedLimit) Descriptor() ([]byte, []int) {
+	return file_envoy_extensions_filters_common_fault_v3_fault_proto_rawDescGZIP(), []int{1, 0}
+}
+
+func (x *FaultRateLimit_FixedLimit) GetLimitKbps() uint64 {
+	if x != nil {
+		return x.LimitKbps
+	}
+	return 0
+}
+
+// Rate limits are controlled via an HTTP header (if applicable). See the
+// :ref:`HTTP fault filter <config_http_filters_fault_injection_http_header>` documentation for
+// more information.
+type FaultRateLimit_HeaderLimit struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+}
+
+func (x *FaultRateLimit_HeaderLimit) Reset() {
+	*x = FaultRateLimit_HeaderLimit{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_extensions_filters_common_fault_v3_fault_proto_msgTypes[4]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *FaultRateLimit_HeaderLimit) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*FaultRateLimit_HeaderLimit) ProtoMessage() {}
+
+func (x *FaultRateLimit_HeaderLimit) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_extensions_filters_common_fault_v3_fault_proto_msgTypes[4]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use FaultRateLimit_HeaderLimit.ProtoReflect.Descriptor instead.
+func (*FaultRateLimit_HeaderLimit) Descriptor() ([]byte, []int) {
+	return file_envoy_extensions_filters_common_fault_v3_fault_proto_rawDescGZIP(), []int{1, 1}
+}
+
+var File_envoy_extensions_filters_common_fault_v3_fault_proto protoreflect.FileDescriptor
+
+var file_envoy_extensions_filters_common_fault_v3_fault_proto_rawDesc = []byte{
+	0x0a, 0x34, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2f, 0x65, 0x78, 0x74, 0x65, 0x6e, 0x73, 0x69, 0x6f,
+	0x6e, 0x73, 0x2f, 0x66, 0x69, 0x6c, 0x74, 0x65, 0x72, 0x73, 0x2f, 0x63, 0x6f, 0x6d, 0x6d, 0x6f,
+	0x6e, 0x2f, 0x66, 0x61, 0x75, 0x6c, 0x74, 0x2f, 0x76, 0x33, 0x2f, 0x66, 0x61, 0x75, 0x6c, 0x74,
+	0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x12, 0x28, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x65, 0x78,
+	0x74, 0x65, 0x6e, 0x73, 0x69, 0x6f, 0x6e, 0x73, 0x2e, 0x66, 0x69, 0x6c, 0x74, 0x65, 0x72, 0x73,
+	0x2e, 0x63, 0x6f, 0x6d, 0x6d, 0x6f, 0x6e, 0x2e, 0x66, 0x61, 0x75, 0x6c, 0x74, 0x2e, 0x76, 0x33,
+	0x1a, 0x1b, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2f, 0x74, 0x79, 0x70, 0x65, 0x2f, 0x76, 0x33, 0x2f,
+	0x70, 0x65, 0x72, 0x63, 0x65, 0x6e, 0x74, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x1e, 0x67,
+	0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2f, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2f, 0x64,
+	0x75, 0x72, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x1d, 0x75,
+	0x64, 0x70, 0x61, 0x2f, 0x61, 0x6e, 0x6e, 0x6f, 0x74, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x2f,
+	0x73, 0x74, 0x61, 0x74, 0x75, 0x73, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x21, 0x75, 0x64,
+	0x70, 0x61, 0x2f, 0x61, 0x6e, 0x6e, 0x6f, 0x74, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x2f, 0x76,
+	0x65, 0x72, 0x73, 0x69, 0x6f, 0x6e, 0x69, 0x6e, 0x67, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a,
+	0x17, 0x76, 0x61, 0x6c, 0x69, 0x64, 0x61, 0x74, 0x65, 0x2f, 0x76, 0x61, 0x6c, 0x69, 0x64, 0x61,
+	0x74, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x22, 0xc4, 0x03, 0x0a, 0x0a, 0x46, 0x61, 0x75,
+	0x6c, 0x74, 0x44, 0x65, 0x6c, 0x61, 0x79, 0x12, 0x46, 0x0a, 0x0b, 0x66, 0x69, 0x78, 0x65, 0x64,
+	0x5f, 0x64, 0x65, 0x6c, 0x61, 0x79, 0x18, 0x03, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x19, 0x2e, 0x67,
+	0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x44,
+	0x75, 0x72, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x42, 0x08, 0xfa, 0x42, 0x05, 0xaa, 0x01, 0x02, 0x2a,
+	0x00, 0x48, 0x00, 0x52, 0x0a, 0x66, 0x69, 0x78, 0x65, 0x64, 0x44, 0x65, 0x6c, 0x61, 0x79, 0x12,
+	0x65, 0x0a, 0x0c, 0x68, 0x65, 0x61, 0x64, 0x65, 0x72, 0x5f, 0x64, 0x65, 0x6c, 0x61, 0x79, 0x18,
+	0x05, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x40, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x65, 0x78,
+	0x74, 0x65, 0x6e, 0x73, 0x69, 0x6f, 0x6e, 0x73, 0x2e, 0x66, 0x69, 0x6c, 0x74, 0x65, 0x72, 0x73,
+	0x2e, 0x63, 0x6f, 0x6d, 0x6d, 0x6f, 0x6e, 0x2e, 0x66, 0x61, 0x75, 0x6c, 0x74, 0x2e, 0x76, 0x33,
+	0x2e, 0x46, 0x61, 0x75, 0x6c, 0x74, 0x44, 0x65, 0x6c, 0x61, 0x79, 0x2e, 0x48, 0x65, 0x61, 0x64,
+	0x65, 0x72, 0x44, 0x65, 0x6c, 0x61, 0x79, 0x48, 0x00, 0x52, 0x0b, 0x68, 0x65, 0x61, 0x64, 0x65,
+	0x72, 0x44, 0x65, 0x6c, 0x61, 0x79, 0x12, 0x40, 0x0a, 0x0a, 0x70, 0x65, 0x72, 0x63, 0x65, 0x6e,
+	0x74, 0x61, 0x67, 0x65, 0x18, 0x04, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x20, 0x2e, 0x65, 0x6e, 0x76,
+	0x6f, 0x79, 0x2e, 0x74, 0x79, 0x70, 0x65, 0x2e, 0x76, 0x33, 0x2e, 0x46, 0x72, 0x61, 0x63, 0x74,
+	0x69, 0x6f, 0x6e, 0x61, 0x6c, 0x50, 0x65, 0x72, 0x63, 0x65, 0x6e, 0x74, 0x52, 0x0a, 0x70, 0x65,
+	0x72, 0x63, 0x65, 0x6e, 0x74, 0x61, 0x67, 0x65, 0x1a, 0x49, 0x0a, 0x0b, 0x48, 0x65, 0x61, 0x64,
+	0x65, 0x72, 0x44, 0x65, 0x6c, 0x61, 0x79, 0x3a, 0x3a, 0x9a, 0xc5, 0x88, 0x1e, 0x35, 0x0a, 0x33,
+	0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x66, 0x69, 0x6c,
+	0x74, 0x65, 0x72, 0x2e, 0x66, 0x61, 0x75, 0x6c, 0x74, 0x2e, 0x76, 0x32, 0x2e, 0x46, 0x61, 0x75,
+	0x6c, 0x74, 0x44, 0x65, 0x6c, 0x61, 0x79, 0x2e, 0x48, 0x65, 0x61, 0x64, 0x65, 0x72, 0x44, 0x65,
+	0x6c, 0x61, 0x79, 0x22, 0x1b, 0x0a, 0x0e, 0x46, 0x61, 0x75, 0x6c, 0x74, 0x44, 0x65, 0x6c, 0x61,
+	0x79, 0x54, 0x79, 0x70, 0x65, 0x12, 0x09, 0x0a, 0x05, 0x46, 0x49, 0x58, 0x45, 0x44, 0x10, 0x00,
+	0x3a, 0x2e, 0x9a, 0xc5, 0x88, 0x1e, 0x29, 0x0a, 0x27, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63,
+	0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x66, 0x69, 0x6c, 0x74, 0x65, 0x72, 0x2e, 0x66, 0x61, 0x75,
+	0x6c, 0x74, 0x2e, 0x76, 0x32, 0x2e, 0x46, 0x61, 0x75, 0x6c, 0x74, 0x44, 0x65, 0x6c, 0x61, 0x79,
+	0x42, 0x1b, 0x0a, 0x14, 0x66, 0x61, 0x75, 0x6c, 0x74, 0x5f, 0x64, 0x65, 0x6c, 0x61, 0x79, 0x5f,
+	0x73, 0x65, 0x63, 0x69, 0x66, 0x69, 0x65, 0x72, 0x12, 0x03, 0xf8, 0x42, 0x01, 0x4a, 0x04, 0x08,
+	0x02, 0x10, 0x03, 0x4a, 0x04, 0x08, 0x01, 0x10, 0x02, 0x52, 0x04, 0x74, 0x79, 0x70, 0x65, 0x22,
+	0xb0, 0x04, 0x0a, 0x0e, 0x46, 0x61, 0x75, 0x6c, 0x74, 0x52, 0x61, 0x74, 0x65, 0x4c, 0x69, 0x6d,
+	0x69, 0x74, 0x12, 0x66, 0x0a, 0x0b, 0x66, 0x69, 0x78, 0x65, 0x64, 0x5f, 0x6c, 0x69, 0x6d, 0x69,
+	0x74, 0x18, 0x01, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x43, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e,
+	0x65, 0x78, 0x74, 0x65, 0x6e, 0x73, 0x69, 0x6f, 0x6e, 0x73, 0x2e, 0x66, 0x69, 0x6c, 0x74, 0x65,
+	0x72, 0x73, 0x2e, 0x63, 0x6f, 0x6d, 0x6d, 0x6f, 0x6e, 0x2e, 0x66, 0x61, 0x75, 0x6c, 0x74, 0x2e,
+	0x76, 0x33, 0x2e, 0x46, 0x61, 0x75, 0x6c, 0x74, 0x52, 0x61, 0x74, 0x65, 0x4c, 0x69, 0x6d, 0x69,
+	0x74, 0x2e, 0x46, 0x69, 0x78, 0x65, 0x64, 0x4c, 0x69, 0x6d, 0x69, 0x74, 0x48, 0x00, 0x52, 0x0a,
+	0x66, 0x69, 0x78, 0x65, 0x64, 0x4c, 0x69, 0x6d, 0x69, 0x74, 0x12, 0x69, 0x0a, 0x0c, 0x68, 0x65,
+	0x61, 0x64, 0x65, 0x72, 0x5f, 0x6c, 0x69, 0x6d, 0x69, 0x74, 0x18, 0x03, 0x20, 0x01, 0x28, 0x0b,
+	0x32, 0x44, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x65, 0x78, 0x74, 0x65, 0x6e, 0x73, 0x69,
+	0x6f, 0x6e, 0x73, 0x2e, 0x66, 0x69, 0x6c, 0x74, 0x65, 0x72, 0x73, 0x2e, 0x63, 0x6f, 0x6d, 0x6d,
+	0x6f, 0x6e, 0x2e, 0x66, 0x61, 0x75, 0x6c, 0x74, 0x2e, 0x76, 0x33, 0x2e, 0x46, 0x61, 0x75, 0x6c,
+	0x74, 0x52, 0x61, 0x74, 0x65, 0x4c, 0x69, 0x6d, 0x69, 0x74, 0x2e, 0x48, 0x65, 0x61, 0x64, 0x65,
+	0x72, 0x4c, 0x69, 0x6d, 0x69, 0x74, 0x48, 0x00, 0x52, 0x0b, 0x68, 0x65, 0x61, 0x64, 0x65, 0x72,
+	0x4c, 0x69, 0x6d, 0x69, 0x74, 0x12, 0x40, 0x0a, 0x0a, 0x70, 0x65, 0x72, 0x63, 0x65, 0x6e, 0x74,
+	0x61, 0x67, 0x65, 0x18, 0x02, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x20, 0x2e, 0x65, 0x6e, 0x76, 0x6f,
+	0x79, 0x2e, 0x74, 0x79, 0x70, 0x65, 0x2e, 0x76, 0x33, 0x2e, 0x46, 0x72, 0x61, 0x63, 0x74, 0x69,
+	0x6f, 0x6e, 0x61, 0x6c, 0x50, 0x65, 0x72, 0x63, 0x65, 0x6e, 0x74, 0x52, 0x0a, 0x70, 0x65, 0x72,
+	0x63, 0x65, 0x6e, 0x74, 0x61, 0x67, 0x65, 0x1a, 0x73, 0x0a, 0x0a, 0x46, 0x69, 0x78, 0x65, 0x64,
+	0x4c, 0x69, 0x6d, 0x69, 0x74, 0x12, 0x26, 0x0a, 0x0a, 0x6c, 0x69, 0x6d, 0x69, 0x74, 0x5f, 0x6b,
+	0x62, 0x70, 0x73, 0x18, 0x01, 0x20, 0x01, 0x28, 0x04, 0x42, 0x07, 0xfa, 0x42, 0x04, 0x32, 0x02,
+	0x28, 0x01, 0x52, 0x09, 0x6c, 0x69, 0x6d, 0x69, 0x74, 0x4b, 0x62, 0x70, 0x73, 0x3a, 0x3d, 0x9a,
+	0xc5, 0x88, 0x1e, 0x38, 0x0a, 0x36, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66,
+	0x69, 0x67, 0x2e, 0x66, 0x69, 0x6c, 0x74, 0x65, 0x72, 0x2e, 0x66, 0x61, 0x75, 0x6c, 0x74, 0x2e,
+	0x76, 0x32, 0x2e, 0x46, 0x61, 0x75, 0x6c, 0x74, 0x52, 0x61, 0x74, 0x65, 0x4c, 0x69, 0x6d, 0x69,
+	0x74, 0x2e, 0x46, 0x69, 0x78, 0x65, 0x64, 0x4c, 0x69, 0x6d, 0x69, 0x74, 0x1a, 0x4d, 0x0a, 0x0b,
+	0x48, 0x65, 0x61, 0x64, 0x65, 0x72, 0x4c, 0x69, 0x6d, 0x69, 0x74, 0x3a, 0x3e, 0x9a, 0xc5, 0x88,
+	0x1e, 0x39, 0x0a, 0x37, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67,
+	0x2e, 0x66, 0x69, 0x6c, 0x74, 0x65, 0x72, 0x2e, 0x66, 0x61, 0x75, 0x6c, 0x74, 0x2e, 0x76, 0x32,
+	0x2e, 0x46, 0x61, 0x75, 0x6c, 0x74, 0x52, 0x61, 0x74, 0x65, 0x4c, 0x69, 0x6d, 0x69, 0x74, 0x2e,
+	0x48, 0x65, 0x61, 0x64, 0x65, 0x72, 0x4c, 0x69, 0x6d, 0x69, 0x74, 0x3a, 0x32, 0x9a, 0xc5, 0x88,
+	0x1e, 0x2d, 0x0a, 0x2b, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67,
+	0x2e, 0x66, 0x69, 0x6c, 0x74, 0x65, 0x72, 0x2e, 0x66, 0x61, 0x75, 0x6c, 0x74, 0x2e, 0x76, 0x32,
+	0x2e, 0x46, 0x61, 0x75, 0x6c, 0x74, 0x52, 0x61, 0x74, 0x65, 0x4c, 0x69, 0x6d, 0x69, 0x74, 0x42,
+	0x11, 0x0a, 0x0a, 0x6c, 0x69, 0x6d, 0x69, 0x74, 0x5f, 0x74, 0x79, 0x70, 0x65, 0x12, 0x03, 0xf8,
+	0x42, 0x01, 0x42, 0x4e, 0x0a, 0x36, 0x69, 0x6f, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x70, 0x72,
+	0x6f, 0x78, 0x79, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x65, 0x78, 0x74, 0x65, 0x6e, 0x73,
+	0x69, 0x6f, 0x6e, 0x73, 0x2e, 0x66, 0x69, 0x6c, 0x74, 0x65, 0x72, 0x73, 0x2e, 0x63, 0x6f, 0x6d,
+	0x6d, 0x6f, 0x6e, 0x2e, 0x66, 0x61, 0x75, 0x6c, 0x74, 0x2e, 0x76, 0x33, 0x42, 0x0a, 0x46, 0x61,
+	0x75, 0x6c, 0x74, 0x50, 0x72, 0x6f, 0x74, 0x6f, 0x50, 0x01, 0xba, 0x80, 0xc8, 0xd1, 0x06, 0x02,
+	0x10, 0x02, 0x62, 0x06, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x33,
+}
+
+var (
+	file_envoy_extensions_filters_common_fault_v3_fault_proto_rawDescOnce sync.Once
+	file_envoy_extensions_filters_common_fault_v3_fault_proto_rawDescData = file_envoy_extensions_filters_common_fault_v3_fault_proto_rawDesc
+)
+
+func file_envoy_extensions_filters_common_fault_v3_fault_proto_rawDescGZIP() []byte {
+	file_envoy_extensions_filters_common_fault_v3_fault_proto_rawDescOnce.Do(func() {
+		file_envoy_extensions_filters_common_fault_v3_fault_proto_rawDescData = protoimpl.X.CompressGZIP(file_envoy_extensions_filters_common_fault_v3_fault_proto_rawDescData)
+	})
+	return file_envoy_extensions_filters_common_fault_v3_fault_proto_rawDescData
+}
+
+var file_envoy_extensions_filters_common_fault_v3_fault_proto_enumTypes = make([]protoimpl.EnumInfo, 1)
+var file_envoy_extensions_filters_common_fault_v3_fault_proto_msgTypes = make([]protoimpl.MessageInfo, 5)
+var file_envoy_extensions_filters_common_fault_v3_fault_proto_goTypes = []interface{}{
+	(FaultDelay_FaultDelayType)(0),     // 0: envoy.extensions.filters.common.fault.v3.FaultDelay.FaultDelayType
+	(*FaultDelay)(nil),                 // 1: envoy.extensions.filters.common.fault.v3.FaultDelay
+	(*FaultRateLimit)(nil),             // 2: envoy.extensions.filters.common.fault.v3.FaultRateLimit
+	(*FaultDelay_HeaderDelay)(nil),     // 3: envoy.extensions.filters.common.fault.v3.FaultDelay.HeaderDelay
+	(*FaultRateLimit_FixedLimit)(nil),  // 4: envoy.extensions.filters.common.fault.v3.FaultRateLimit.FixedLimit
+	(*FaultRateLimit_HeaderLimit)(nil), // 5: envoy.extensions.filters.common.fault.v3.FaultRateLimit.HeaderLimit
+	(*duration.Duration)(nil),          // 6: google.protobuf.Duration
+	(*v3.FractionalPercent)(nil),       // 7: envoy.type.v3.FractionalPercent
+}
+var file_envoy_extensions_filters_common_fault_v3_fault_proto_depIdxs = []int32{
+	6, // 0: envoy.extensions.filters.common.fault.v3.FaultDelay.fixed_delay:type_name -> google.protobuf.Duration
+	3, // 1: envoy.extensions.filters.common.fault.v3.FaultDelay.header_delay:type_name -> envoy.extensions.filters.common.fault.v3.FaultDelay.HeaderDelay
+	7, // 2: envoy.extensions.filters.common.fault.v3.FaultDelay.percentage:type_name -> envoy.type.v3.FractionalPercent
+	4, // 3: envoy.extensions.filters.common.fault.v3.FaultRateLimit.fixed_limit:type_name -> envoy.extensions.filters.common.fault.v3.FaultRateLimit.FixedLimit
+	5, // 4: envoy.extensions.filters.common.fault.v3.FaultRateLimit.header_limit:type_name -> envoy.extensions.filters.common.fault.v3.FaultRateLimit.HeaderLimit
+	7, // 5: envoy.extensions.filters.common.fault.v3.FaultRateLimit.percentage:type_name -> envoy.type.v3.FractionalPercent
+	6, // [6:6] is the sub-list for method output_type
+	6, // [6:6] is the sub-list for method input_type
+	6, // [6:6] is the sub-list for extension type_name
+	6, // [6:6] is the sub-list for extension extendee
+	0, // [0:6] is the sub-list for field type_name
+}
+
+func init() { file_envoy_extensions_filters_common_fault_v3_fault_proto_init() }
+func file_envoy_extensions_filters_common_fault_v3_fault_proto_init() {
+	if File_envoy_extensions_filters_common_fault_v3_fault_proto != nil {
+		return
+	}
+	if !protoimpl.UnsafeEnabled {
+		file_envoy_extensions_filters_common_fault_v3_fault_proto_msgTypes[0].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*FaultDelay); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_extensions_filters_common_fault_v3_fault_proto_msgTypes[1].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*FaultRateLimit); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_extensions_filters_common_fault_v3_fault_proto_msgTypes[2].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*FaultDelay_HeaderDelay); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_extensions_filters_common_fault_v3_fault_proto_msgTypes[3].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*FaultRateLimit_FixedLimit); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_extensions_filters_common_fault_v3_fault_proto_msgTypes[4].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*FaultRateLimit_HeaderLimit); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+	}
+	file_envoy_extensions_filters_common_fault_v3_fault_proto_msgTypes[0].OneofWrappers = []interface{}{
+		(*FaultDelay_FixedDelay)(nil),
+		(*FaultDelay_HeaderDelay_)(nil),
+	}
+	file_envoy_extensions_filters_common_fault_v3_fault_proto_msgTypes[1].OneofWrappers = []interface{}{
+		(*FaultRateLimit_FixedLimit_)(nil),
+		(*FaultRateLimit_HeaderLimit_)(nil),
+	}
+	type x struct{}
+	out := protoimpl.TypeBuilder{
+		File: protoimpl.DescBuilder{
+			GoPackagePath: reflect.TypeOf(x{}).PkgPath(),
+			RawDescriptor: file_envoy_extensions_filters_common_fault_v3_fault_proto_rawDesc,
+			NumEnums:      1,
+			NumMessages:   5,
+			NumExtensions: 0,
+			NumServices:   0,
+		},
+		GoTypes:           file_envoy_extensions_filters_common_fault_v3_fault_proto_goTypes,
+		DependencyIndexes: file_envoy_extensions_filters_common_fault_v3_fault_proto_depIdxs,
+		EnumInfos:         file_envoy_extensions_filters_common_fault_v3_fault_proto_enumTypes,
+		MessageInfos:      file_envoy_extensions_filters_common_fault_v3_fault_proto_msgTypes,
+	}.Build()
+	File_envoy_extensions_filters_common_fault_v3_fault_proto = out.File
+	file_envoy_extensions_filters_common_fault_v3_fault_proto_rawDesc = nil
+	file_envoy_extensions_filters_common_fault_v3_fault_proto_goTypes = nil
+	file_envoy_extensions_filters_common_fault_v3_fault_proto_depIdxs = nil
+}
diff --git a/vendor/github.com/envoyproxy/go-control-plane/envoy/extensions/filters/common/fault/v3/fault.pb.validate.go b/vendor/github.com/envoyproxy/go-control-plane/envoy/extensions/filters/common/fault/v3/fault.pb.validate.go
new file mode 100644
index 00000000000..12dc3a773f8
--- /dev/null
+++ b/vendor/github.com/envoyproxy/go-control-plane/envoy/extensions/filters/common/fault/v3/fault.pb.validate.go
@@ -0,0 +1,758 @@
+// Code generated by protoc-gen-validate. DO NOT EDIT.
+// source: envoy/extensions/filters/common/fault/v3/fault.proto
+
+package envoy_extensions_filters_common_fault_v3
+
+import (
+	"bytes"
+	"errors"
+	"fmt"
+	"net"
+	"net/mail"
+	"net/url"
+	"regexp"
+	"sort"
+	"strings"
+	"time"
+	"unicode/utf8"
+
+	"google.golang.org/protobuf/types/known/anypb"
+)
+
+// ensure the imports are used
+var (
+	_ = bytes.MinRead
+	_ = errors.New("")
+	_ = fmt.Print
+	_ = utf8.UTFMax
+	_ = (*regexp.Regexp)(nil)
+	_ = (*strings.Reader)(nil)
+	_ = net.IPv4len
+	_ = time.Duration(0)
+	_ = (*url.URL)(nil)
+	_ = (*mail.Address)(nil)
+	_ = anypb.Any{}
+	_ = sort.Sort
+)
+
+// Validate checks the field values on FaultDelay with the rules defined in the
+// proto definition for this message. If any rules are violated, the first
+// error encountered is returned, or nil if there are no violations.
+func (m *FaultDelay) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on FaultDelay with the rules defined in
+// the proto definition for this message. If any rules are violated, the
+// result is a list of violation errors wrapped in FaultDelayMultiError, or
+// nil if none found.
+func (m *FaultDelay) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *FaultDelay) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	if all {
+		switch v := interface{}(m.GetPercentage()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, FaultDelayValidationError{
+					field:  "Percentage",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, FaultDelayValidationError{
+					field:  "Percentage",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetPercentage()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return FaultDelayValidationError{
+				field:  "Percentage",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	switch m.FaultDelaySecifier.(type) {
+
+	case *FaultDelay_FixedDelay:
+
+		if d := m.GetFixedDelay(); d != nil {
+			dur, err := d.AsDuration(), d.CheckValid()
+			if err != nil {
+				err = FaultDelayValidationError{
+					field:  "FixedDelay",
+					reason: "value is not a valid duration",
+					cause:  err,
+				}
+				if !all {
+					return err
+				}
+				errors = append(errors, err)
+			} else {
+
+				gt := time.Duration(0*time.Second + 0*time.Nanosecond)
+
+				if dur <= gt {
+					err := FaultDelayValidationError{
+						field:  "FixedDelay",
+						reason: "value must be greater than 0s",
+					}
+					if !all {
+						return err
+					}
+					errors = append(errors, err)
+				}
+
+			}
+		}
+
+	case *FaultDelay_HeaderDelay_:
+
+		if all {
+			switch v := interface{}(m.GetHeaderDelay()).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, FaultDelayValidationError{
+						field:  "HeaderDelay",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, FaultDelayValidationError{
+						field:  "HeaderDelay",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(m.GetHeaderDelay()).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return FaultDelayValidationError{
+					field:  "HeaderDelay",
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	default:
+		err := FaultDelayValidationError{
+			field:  "FaultDelaySecifier",
+			reason: "value is required",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+
+	}
+
+	if len(errors) > 0 {
+		return FaultDelayMultiError(errors)
+	}
+	return nil
+}
+
+// FaultDelayMultiError is an error wrapping multiple validation errors
+// returned by FaultDelay.ValidateAll() if the designated constraints aren't met.
+type FaultDelayMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m FaultDelayMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m FaultDelayMultiError) AllErrors() []error { return m }
+
+// FaultDelayValidationError is the validation error returned by
+// FaultDelay.Validate if the designated constraints aren't met.
+type FaultDelayValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e FaultDelayValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e FaultDelayValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e FaultDelayValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e FaultDelayValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e FaultDelayValidationError) ErrorName() string { return "FaultDelayValidationError" }
+
+// Error satisfies the builtin error interface
+func (e FaultDelayValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sFaultDelay.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = FaultDelayValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = FaultDelayValidationError{}
+
+// Validate checks the field values on FaultRateLimit with the rules defined in
+// the proto definition for this message. If any rules are violated, the first
+// error encountered is returned, or nil if there are no violations.
+func (m *FaultRateLimit) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on FaultRateLimit with the rules defined
+// in the proto definition for this message. If any rules are violated, the
+// result is a list of violation errors wrapped in FaultRateLimitMultiError,
+// or nil if none found.
+func (m *FaultRateLimit) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *FaultRateLimit) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	if all {
+		switch v := interface{}(m.GetPercentage()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, FaultRateLimitValidationError{
+					field:  "Percentage",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, FaultRateLimitValidationError{
+					field:  "Percentage",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetPercentage()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return FaultRateLimitValidationError{
+				field:  "Percentage",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	switch m.LimitType.(type) {
+
+	case *FaultRateLimit_FixedLimit_:
+
+		if all {
+			switch v := interface{}(m.GetFixedLimit()).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, FaultRateLimitValidationError{
+						field:  "FixedLimit",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, FaultRateLimitValidationError{
+						field:  "FixedLimit",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(m.GetFixedLimit()).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return FaultRateLimitValidationError{
+					field:  "FixedLimit",
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	case *FaultRateLimit_HeaderLimit_:
+
+		if all {
+			switch v := interface{}(m.GetHeaderLimit()).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, FaultRateLimitValidationError{
+						field:  "HeaderLimit",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, FaultRateLimitValidationError{
+						field:  "HeaderLimit",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(m.GetHeaderLimit()).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return FaultRateLimitValidationError{
+					field:  "HeaderLimit",
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	default:
+		err := FaultRateLimitValidationError{
+			field:  "LimitType",
+			reason: "value is required",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+
+	}
+
+	if len(errors) > 0 {
+		return FaultRateLimitMultiError(errors)
+	}
+	return nil
+}
+
+// FaultRateLimitMultiError is an error wrapping multiple validation errors
+// returned by FaultRateLimit.ValidateAll() if the designated constraints
+// aren't met.
+type FaultRateLimitMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m FaultRateLimitMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m FaultRateLimitMultiError) AllErrors() []error { return m }
+
+// FaultRateLimitValidationError is the validation error returned by
+// FaultRateLimit.Validate if the designated constraints aren't met.
+type FaultRateLimitValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e FaultRateLimitValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e FaultRateLimitValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e FaultRateLimitValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e FaultRateLimitValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e FaultRateLimitValidationError) ErrorName() string { return "FaultRateLimitValidationError" }
+
+// Error satisfies the builtin error interface
+func (e FaultRateLimitValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sFaultRateLimit.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = FaultRateLimitValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = FaultRateLimitValidationError{}
+
+// Validate checks the field values on FaultDelay_HeaderDelay with the rules
+// defined in the proto definition for this message. If any rules are
+// violated, the first error encountered is returned, or nil if there are no violations.
+func (m *FaultDelay_HeaderDelay) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on FaultDelay_HeaderDelay with the rules
+// defined in the proto definition for this message. If any rules are
+// violated, the result is a list of violation errors wrapped in
+// FaultDelay_HeaderDelayMultiError, or nil if none found.
+func (m *FaultDelay_HeaderDelay) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *FaultDelay_HeaderDelay) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	if len(errors) > 0 {
+		return FaultDelay_HeaderDelayMultiError(errors)
+	}
+	return nil
+}
+
+// FaultDelay_HeaderDelayMultiError is an error wrapping multiple validation
+// errors returned by FaultDelay_HeaderDelay.ValidateAll() if the designated
+// constraints aren't met.
+type FaultDelay_HeaderDelayMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m FaultDelay_HeaderDelayMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m FaultDelay_HeaderDelayMultiError) AllErrors() []error { return m }
+
+// FaultDelay_HeaderDelayValidationError is the validation error returned by
+// FaultDelay_HeaderDelay.Validate if the designated constraints aren't met.
+type FaultDelay_HeaderDelayValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e FaultDelay_HeaderDelayValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e FaultDelay_HeaderDelayValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e FaultDelay_HeaderDelayValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e FaultDelay_HeaderDelayValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e FaultDelay_HeaderDelayValidationError) ErrorName() string {
+	return "FaultDelay_HeaderDelayValidationError"
+}
+
+// Error satisfies the builtin error interface
+func (e FaultDelay_HeaderDelayValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sFaultDelay_HeaderDelay.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = FaultDelay_HeaderDelayValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = FaultDelay_HeaderDelayValidationError{}
+
+// Validate checks the field values on FaultRateLimit_FixedLimit with the rules
+// defined in the proto definition for this message. If any rules are
+// violated, the first error encountered is returned, or nil if there are no violations.
+func (m *FaultRateLimit_FixedLimit) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on FaultRateLimit_FixedLimit with the
+// rules defined in the proto definition for this message. If any rules are
+// violated, the result is a list of violation errors wrapped in
+// FaultRateLimit_FixedLimitMultiError, or nil if none found.
+func (m *FaultRateLimit_FixedLimit) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *FaultRateLimit_FixedLimit) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	if m.GetLimitKbps() < 1 {
+		err := FaultRateLimit_FixedLimitValidationError{
+			field:  "LimitKbps",
+			reason: "value must be greater than or equal to 1",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+	}
+
+	if len(errors) > 0 {
+		return FaultRateLimit_FixedLimitMultiError(errors)
+	}
+	return nil
+}
+
+// FaultRateLimit_FixedLimitMultiError is an error wrapping multiple validation
+// errors returned by FaultRateLimit_FixedLimit.ValidateAll() if the
+// designated constraints aren't met.
+type FaultRateLimit_FixedLimitMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m FaultRateLimit_FixedLimitMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m FaultRateLimit_FixedLimitMultiError) AllErrors() []error { return m }
+
+// FaultRateLimit_FixedLimitValidationError is the validation error returned by
+// FaultRateLimit_FixedLimit.Validate if the designated constraints aren't met.
+type FaultRateLimit_FixedLimitValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e FaultRateLimit_FixedLimitValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e FaultRateLimit_FixedLimitValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e FaultRateLimit_FixedLimitValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e FaultRateLimit_FixedLimitValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e FaultRateLimit_FixedLimitValidationError) ErrorName() string {
+	return "FaultRateLimit_FixedLimitValidationError"
+}
+
+// Error satisfies the builtin error interface
+func (e FaultRateLimit_FixedLimitValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sFaultRateLimit_FixedLimit.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = FaultRateLimit_FixedLimitValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = FaultRateLimit_FixedLimitValidationError{}
+
+// Validate checks the field values on FaultRateLimit_HeaderLimit with the
+// rules defined in the proto definition for this message. If any rules are
+// violated, the first error encountered is returned, or nil if there are no violations.
+func (m *FaultRateLimit_HeaderLimit) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on FaultRateLimit_HeaderLimit with the
+// rules defined in the proto definition for this message. If any rules are
+// violated, the result is a list of violation errors wrapped in
+// FaultRateLimit_HeaderLimitMultiError, or nil if none found.
+func (m *FaultRateLimit_HeaderLimit) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *FaultRateLimit_HeaderLimit) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	if len(errors) > 0 {
+		return FaultRateLimit_HeaderLimitMultiError(errors)
+	}
+	return nil
+}
+
+// FaultRateLimit_HeaderLimitMultiError is an error wrapping multiple
+// validation errors returned by FaultRateLimit_HeaderLimit.ValidateAll() if
+// the designated constraints aren't met.
+type FaultRateLimit_HeaderLimitMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m FaultRateLimit_HeaderLimitMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m FaultRateLimit_HeaderLimitMultiError) AllErrors() []error { return m }
+
+// FaultRateLimit_HeaderLimitValidationError is the validation error returned
+// by FaultRateLimit_HeaderLimit.Validate if the designated constraints aren't met.
+type FaultRateLimit_HeaderLimitValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e FaultRateLimit_HeaderLimitValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e FaultRateLimit_HeaderLimitValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e FaultRateLimit_HeaderLimitValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e FaultRateLimit_HeaderLimitValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e FaultRateLimit_HeaderLimitValidationError) ErrorName() string {
+	return "FaultRateLimit_HeaderLimitValidationError"
+}
+
+// Error satisfies the builtin error interface
+func (e FaultRateLimit_HeaderLimitValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sFaultRateLimit_HeaderLimit.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = FaultRateLimit_HeaderLimitValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = FaultRateLimit_HeaderLimitValidationError{}
diff --git a/vendor/github.com/envoyproxy/go-control-plane/envoy/extensions/filters/http/fault/v3/fault.pb.go b/vendor/github.com/envoyproxy/go-control-plane/envoy/extensions/filters/http/fault/v3/fault.pb.go
new file mode 100644
index 00000000000..4cc4b240a6c
--- /dev/null
+++ b/vendor/github.com/envoyproxy/go-control-plane/envoy/extensions/filters/http/fault/v3/fault.pb.go
@@ -0,0 +1,629 @@
+// Code generated by protoc-gen-go. DO NOT EDIT.
+// versions:
+// 	protoc-gen-go v1.25.0
+// 	protoc        v3.19.1
+// source: envoy/extensions/filters/http/fault/v3/fault.proto
+
+package envoy_extensions_filters_http_fault_v3
+
+import (
+	_ "github.com/cncf/xds/go/udpa/annotations"
+	v32 "github.com/envoyproxy/go-control-plane/envoy/config/route/v3"
+	v31 "github.com/envoyproxy/go-control-plane/envoy/extensions/filters/common/fault/v3"
+	v3 "github.com/envoyproxy/go-control-plane/envoy/type/v3"
+	_ "github.com/envoyproxy/protoc-gen-validate/validate"
+	proto "github.com/golang/protobuf/proto"
+	wrappers "github.com/golang/protobuf/ptypes/wrappers"
+	protoreflect "google.golang.org/protobuf/reflect/protoreflect"
+	protoimpl "google.golang.org/protobuf/runtime/protoimpl"
+	reflect "reflect"
+	sync "sync"
+)
+
+const (
+	// Verify that this generated code is sufficiently up-to-date.
+	_ = protoimpl.EnforceVersion(20 - protoimpl.MinVersion)
+	// Verify that runtime/protoimpl is sufficiently up-to-date.
+	_ = protoimpl.EnforceVersion(protoimpl.MaxVersion - 20)
+)
+
+// This is a compile-time assertion that a sufficiently up-to-date version
+// of the legacy proto package is being used.
+const _ = proto.ProtoPackageIsVersion4
+
+// [#next-free-field: 6]
+type FaultAbort struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// Types that are assignable to ErrorType:
+	//	*FaultAbort_HttpStatus
+	//	*FaultAbort_GrpcStatus
+	//	*FaultAbort_HeaderAbort_
+	ErrorType isFaultAbort_ErrorType `protobuf_oneof:"error_type"`
+	// The percentage of requests/operations/connections that will be aborted with the error code
+	// provided.
+	Percentage *v3.FractionalPercent `protobuf:"bytes,3,opt,name=percentage,proto3" json:"percentage,omitempty"`
+}
+
+func (x *FaultAbort) Reset() {
+	*x = FaultAbort{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_extensions_filters_http_fault_v3_fault_proto_msgTypes[0]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *FaultAbort) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*FaultAbort) ProtoMessage() {}
+
+func (x *FaultAbort) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_extensions_filters_http_fault_v3_fault_proto_msgTypes[0]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use FaultAbort.ProtoReflect.Descriptor instead.
+func (*FaultAbort) Descriptor() ([]byte, []int) {
+	return file_envoy_extensions_filters_http_fault_v3_fault_proto_rawDescGZIP(), []int{0}
+}
+
+func (m *FaultAbort) GetErrorType() isFaultAbort_ErrorType {
+	if m != nil {
+		return m.ErrorType
+	}
+	return nil
+}
+
+func (x *FaultAbort) GetHttpStatus() uint32 {
+	if x, ok := x.GetErrorType().(*FaultAbort_HttpStatus); ok {
+		return x.HttpStatus
+	}
+	return 0
+}
+
+func (x *FaultAbort) GetGrpcStatus() uint32 {
+	if x, ok := x.GetErrorType().(*FaultAbort_GrpcStatus); ok {
+		return x.GrpcStatus
+	}
+	return 0
+}
+
+func (x *FaultAbort) GetHeaderAbort() *FaultAbort_HeaderAbort {
+	if x, ok := x.GetErrorType().(*FaultAbort_HeaderAbort_); ok {
+		return x.HeaderAbort
+	}
+	return nil
+}
+
+func (x *FaultAbort) GetPercentage() *v3.FractionalPercent {
+	if x != nil {
+		return x.Percentage
+	}
+	return nil
+}
+
+type isFaultAbort_ErrorType interface {
+	isFaultAbort_ErrorType()
+}
+
+type FaultAbort_HttpStatus struct {
+	// HTTP status code to use to abort the HTTP request.
+	HttpStatus uint32 `protobuf:"varint,2,opt,name=http_status,json=httpStatus,proto3,oneof"`
+}
+
+type FaultAbort_GrpcStatus struct {
+	// gRPC status code to use to abort the gRPC request.
+	GrpcStatus uint32 `protobuf:"varint,5,opt,name=grpc_status,json=grpcStatus,proto3,oneof"`
+}
+
+type FaultAbort_HeaderAbort_ struct {
+	// Fault aborts are controlled via an HTTP header (if applicable).
+	HeaderAbort *FaultAbort_HeaderAbort `protobuf:"bytes,4,opt,name=header_abort,json=headerAbort,proto3,oneof"`
+}
+
+func (*FaultAbort_HttpStatus) isFaultAbort_ErrorType() {}
+
+func (*FaultAbort_GrpcStatus) isFaultAbort_ErrorType() {}
+
+func (*FaultAbort_HeaderAbort_) isFaultAbort_ErrorType() {}
+
+// [#next-free-field: 16]
+type HTTPFault struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// If specified, the filter will inject delays based on the values in the
+	// object.
+	Delay *v31.FaultDelay `protobuf:"bytes,1,opt,name=delay,proto3" json:"delay,omitempty"`
+	// If specified, the filter will abort requests based on the values in
+	// the object. At least *abort* or *delay* must be specified.
+	Abort *FaultAbort `protobuf:"bytes,2,opt,name=abort,proto3" json:"abort,omitempty"`
+	// Specifies the name of the (destination) upstream cluster that the
+	// filter should match on. Fault injection will be restricted to requests
+	// bound to the specific upstream cluster.
+	UpstreamCluster string `protobuf:"bytes,3,opt,name=upstream_cluster,json=upstreamCluster,proto3" json:"upstream_cluster,omitempty"`
+	// Specifies a set of headers that the filter should match on. The fault
+	// injection filter can be applied selectively to requests that match a set of
+	// headers specified in the fault filter config. The chances of actual fault
+	// injection further depend on the value of the :ref:`percentage
+	// <envoy_v3_api_field_extensions.filters.http.fault.v3.FaultAbort.percentage>` field.
+	// The filter will check the request's headers against all the specified
+	// headers in the filter config. A match will happen if all the headers in the
+	// config are present in the request with the same values (or based on
+	// presence if the *value* field is not in the config).
+	Headers []*v32.HeaderMatcher `protobuf:"bytes,4,rep,name=headers,proto3" json:"headers,omitempty"`
+	// Faults are injected for the specified list of downstream hosts. If this
+	// setting is not set, faults are injected for all downstream nodes.
+	// Downstream node name is taken from :ref:`the HTTP
+	// x-envoy-downstream-service-node
+	// <config_http_conn_man_headers_downstream-service-node>` header and compared
+	// against downstream_nodes list.
+	DownstreamNodes []string `protobuf:"bytes,5,rep,name=downstream_nodes,json=downstreamNodes,proto3" json:"downstream_nodes,omitempty"`
+	// The maximum number of faults that can be active at a single time via the configured fault
+	// filter. Note that because this setting can be overridden at the route level, it's possible
+	// for the number of active faults to be greater than this value (if injected via a different
+	// route). If not specified, defaults to unlimited. This setting can be overridden via
+	// `runtime <config_http_filters_fault_injection_runtime>` and any faults that are not injected
+	// due to overflow will be indicated via the `faults_overflow
+	// <config_http_filters_fault_injection_stats>` stat.
+	//
+	// .. attention::
+	//   Like other :ref:`circuit breakers <arch_overview_circuit_break>` in Envoy, this is a fuzzy
+	//   limit. It's possible for the number of active faults to rise slightly above the configured
+	//   amount due to the implementation details.
+	MaxActiveFaults *wrappers.UInt32Value `protobuf:"bytes,6,opt,name=max_active_faults,json=maxActiveFaults,proto3" json:"max_active_faults,omitempty"`
+	// The response rate limit to be applied to the response body of the stream. When configured,
+	// the percentage can be overridden by the :ref:`fault.http.rate_limit.response_percent
+	// <config_http_filters_fault_injection_runtime>` runtime key.
+	//
+	// .. attention::
+	//  This is a per-stream limit versus a connection level limit. This means that concurrent streams
+	//  will each get an independent limit.
+	ResponseRateLimit *v31.FaultRateLimit `protobuf:"bytes,7,opt,name=response_rate_limit,json=responseRateLimit,proto3" json:"response_rate_limit,omitempty"`
+	// The runtime key to override the :ref:`default <config_http_filters_fault_injection_runtime>`
+	// runtime. The default is: fault.http.delay.fixed_delay_percent
+	DelayPercentRuntime string `protobuf:"bytes,8,opt,name=delay_percent_runtime,json=delayPercentRuntime,proto3" json:"delay_percent_runtime,omitempty"`
+	// The runtime key to override the :ref:`default <config_http_filters_fault_injection_runtime>`
+	// runtime. The default is: fault.http.abort.abort_percent
+	AbortPercentRuntime string `protobuf:"bytes,9,opt,name=abort_percent_runtime,json=abortPercentRuntime,proto3" json:"abort_percent_runtime,omitempty"`
+	// The runtime key to override the :ref:`default <config_http_filters_fault_injection_runtime>`
+	// runtime. The default is: fault.http.delay.fixed_duration_ms
+	DelayDurationRuntime string `protobuf:"bytes,10,opt,name=delay_duration_runtime,json=delayDurationRuntime,proto3" json:"delay_duration_runtime,omitempty"`
+	// The runtime key to override the :ref:`default <config_http_filters_fault_injection_runtime>`
+	// runtime. The default is: fault.http.abort.http_status
+	AbortHttpStatusRuntime string `protobuf:"bytes,11,opt,name=abort_http_status_runtime,json=abortHttpStatusRuntime,proto3" json:"abort_http_status_runtime,omitempty"`
+	// The runtime key to override the :ref:`default <config_http_filters_fault_injection_runtime>`
+	// runtime. The default is: fault.http.max_active_faults
+	MaxActiveFaultsRuntime string `protobuf:"bytes,12,opt,name=max_active_faults_runtime,json=maxActiveFaultsRuntime,proto3" json:"max_active_faults_runtime,omitempty"`
+	// The runtime key to override the :ref:`default <config_http_filters_fault_injection_runtime>`
+	// runtime. The default is: fault.http.rate_limit.response_percent
+	ResponseRateLimitPercentRuntime string `protobuf:"bytes,13,opt,name=response_rate_limit_percent_runtime,json=responseRateLimitPercentRuntime,proto3" json:"response_rate_limit_percent_runtime,omitempty"`
+	// The runtime key to override the :ref:`default <config_http_filters_fault_injection_runtime>`
+	// runtime. The default is: fault.http.abort.grpc_status
+	AbortGrpcStatusRuntime string `protobuf:"bytes,14,opt,name=abort_grpc_status_runtime,json=abortGrpcStatusRuntime,proto3" json:"abort_grpc_status_runtime,omitempty"`
+	// To control whether stats storage is allocated dynamically for each downstream server.
+	// If set to true, "x-envoy-downstream-service-cluster" field of header will be ignored by this filter.
+	// If set to false, dynamic stats storage will be allocated for the downstream cluster name.
+	// Default value is false.
+	DisableDownstreamClusterStats bool `protobuf:"varint,15,opt,name=disable_downstream_cluster_stats,json=disableDownstreamClusterStats,proto3" json:"disable_downstream_cluster_stats,omitempty"`
+}
+
+func (x *HTTPFault) Reset() {
+	*x = HTTPFault{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_extensions_filters_http_fault_v3_fault_proto_msgTypes[1]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *HTTPFault) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*HTTPFault) ProtoMessage() {}
+
+func (x *HTTPFault) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_extensions_filters_http_fault_v3_fault_proto_msgTypes[1]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use HTTPFault.ProtoReflect.Descriptor instead.
+func (*HTTPFault) Descriptor() ([]byte, []int) {
+	return file_envoy_extensions_filters_http_fault_v3_fault_proto_rawDescGZIP(), []int{1}
+}
+
+func (x *HTTPFault) GetDelay() *v31.FaultDelay {
+	if x != nil {
+		return x.Delay
+	}
+	return nil
+}
+
+func (x *HTTPFault) GetAbort() *FaultAbort {
+	if x != nil {
+		return x.Abort
+	}
+	return nil
+}
+
+func (x *HTTPFault) GetUpstreamCluster() string {
+	if x != nil {
+		return x.UpstreamCluster
+	}
+	return ""
+}
+
+func (x *HTTPFault) GetHeaders() []*v32.HeaderMatcher {
+	if x != nil {
+		return x.Headers
+	}
+	return nil
+}
+
+func (x *HTTPFault) GetDownstreamNodes() []string {
+	if x != nil {
+		return x.DownstreamNodes
+	}
+	return nil
+}
+
+func (x *HTTPFault) GetMaxActiveFaults() *wrappers.UInt32Value {
+	if x != nil {
+		return x.MaxActiveFaults
+	}
+	return nil
+}
+
+func (x *HTTPFault) GetResponseRateLimit() *v31.FaultRateLimit {
+	if x != nil {
+		return x.ResponseRateLimit
+	}
+	return nil
+}
+
+func (x *HTTPFault) GetDelayPercentRuntime() string {
+	if x != nil {
+		return x.DelayPercentRuntime
+	}
+	return ""
+}
+
+func (x *HTTPFault) GetAbortPercentRuntime() string {
+	if x != nil {
+		return x.AbortPercentRuntime
+	}
+	return ""
+}
+
+func (x *HTTPFault) GetDelayDurationRuntime() string {
+	if x != nil {
+		return x.DelayDurationRuntime
+	}
+	return ""
+}
+
+func (x *HTTPFault) GetAbortHttpStatusRuntime() string {
+	if x != nil {
+		return x.AbortHttpStatusRuntime
+	}
+	return ""
+}
+
+func (x *HTTPFault) GetMaxActiveFaultsRuntime() string {
+	if x != nil {
+		return x.MaxActiveFaultsRuntime
+	}
+	return ""
+}
+
+func (x *HTTPFault) GetResponseRateLimitPercentRuntime() string {
+	if x != nil {
+		return x.ResponseRateLimitPercentRuntime
+	}
+	return ""
+}
+
+func (x *HTTPFault) GetAbortGrpcStatusRuntime() string {
+	if x != nil {
+		return x.AbortGrpcStatusRuntime
+	}
+	return ""
+}
+
+func (x *HTTPFault) GetDisableDownstreamClusterStats() bool {
+	if x != nil {
+		return x.DisableDownstreamClusterStats
+	}
+	return false
+}
+
+// Fault aborts are controlled via an HTTP header (if applicable). See the
+// :ref:`HTTP fault filter <config_http_filters_fault_injection_http_header>` documentation for
+// more information.
+type FaultAbort_HeaderAbort struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+}
+
+func (x *FaultAbort_HeaderAbort) Reset() {
+	*x = FaultAbort_HeaderAbort{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_extensions_filters_http_fault_v3_fault_proto_msgTypes[2]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *FaultAbort_HeaderAbort) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*FaultAbort_HeaderAbort) ProtoMessage() {}
+
+func (x *FaultAbort_HeaderAbort) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_extensions_filters_http_fault_v3_fault_proto_msgTypes[2]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use FaultAbort_HeaderAbort.ProtoReflect.Descriptor instead.
+func (*FaultAbort_HeaderAbort) Descriptor() ([]byte, []int) {
+	return file_envoy_extensions_filters_http_fault_v3_fault_proto_rawDescGZIP(), []int{0, 0}
+}
+
+var File_envoy_extensions_filters_http_fault_v3_fault_proto protoreflect.FileDescriptor
+
+var file_envoy_extensions_filters_http_fault_v3_fault_proto_rawDesc = []byte{
+	0x0a, 0x32, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2f, 0x65, 0x78, 0x74, 0x65, 0x6e, 0x73, 0x69, 0x6f,
+	0x6e, 0x73, 0x2f, 0x66, 0x69, 0x6c, 0x74, 0x65, 0x72, 0x73, 0x2f, 0x68, 0x74, 0x74, 0x70, 0x2f,
+	0x66, 0x61, 0x75, 0x6c, 0x74, 0x2f, 0x76, 0x33, 0x2f, 0x66, 0x61, 0x75, 0x6c, 0x74, 0x2e, 0x70,
+	0x72, 0x6f, 0x74, 0x6f, 0x12, 0x26, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x65, 0x78, 0x74, 0x65,
+	0x6e, 0x73, 0x69, 0x6f, 0x6e, 0x73, 0x2e, 0x66, 0x69, 0x6c, 0x74, 0x65, 0x72, 0x73, 0x2e, 0x68,
+	0x74, 0x74, 0x70, 0x2e, 0x66, 0x61, 0x75, 0x6c, 0x74, 0x2e, 0x76, 0x33, 0x1a, 0x2c, 0x65, 0x6e,
+	0x76, 0x6f, 0x79, 0x2f, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2f, 0x72, 0x6f, 0x75, 0x74, 0x65,
+	0x2f, 0x76, 0x33, 0x2f, 0x72, 0x6f, 0x75, 0x74, 0x65, 0x5f, 0x63, 0x6f, 0x6d, 0x70, 0x6f, 0x6e,
+	0x65, 0x6e, 0x74, 0x73, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x34, 0x65, 0x6e, 0x76, 0x6f,
+	0x79, 0x2f, 0x65, 0x78, 0x74, 0x65, 0x6e, 0x73, 0x69, 0x6f, 0x6e, 0x73, 0x2f, 0x66, 0x69, 0x6c,
+	0x74, 0x65, 0x72, 0x73, 0x2f, 0x63, 0x6f, 0x6d, 0x6d, 0x6f, 0x6e, 0x2f, 0x66, 0x61, 0x75, 0x6c,
+	0x74, 0x2f, 0x76, 0x33, 0x2f, 0x66, 0x61, 0x75, 0x6c, 0x74, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f,
+	0x1a, 0x1b, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2f, 0x74, 0x79, 0x70, 0x65, 0x2f, 0x76, 0x33, 0x2f,
+	0x70, 0x65, 0x72, 0x63, 0x65, 0x6e, 0x74, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x1e, 0x67,
+	0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2f, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2f, 0x77,
+	0x72, 0x61, 0x70, 0x70, 0x65, 0x72, 0x73, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x1d, 0x75,
+	0x64, 0x70, 0x61, 0x2f, 0x61, 0x6e, 0x6e, 0x6f, 0x74, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x2f,
+	0x73, 0x74, 0x61, 0x74, 0x75, 0x73, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x21, 0x75, 0x64,
+	0x70, 0x61, 0x2f, 0x61, 0x6e, 0x6e, 0x6f, 0x74, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x2f, 0x76,
+	0x65, 0x72, 0x73, 0x69, 0x6f, 0x6e, 0x69, 0x6e, 0x67, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a,
+	0x17, 0x76, 0x61, 0x6c, 0x69, 0x64, 0x61, 0x74, 0x65, 0x2f, 0x76, 0x61, 0x6c, 0x69, 0x64, 0x61,
+	0x74, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x22, 0xa4, 0x03, 0x0a, 0x0a, 0x46, 0x61, 0x75,
+	0x6c, 0x74, 0x41, 0x62, 0x6f, 0x72, 0x74, 0x12, 0x2e, 0x0a, 0x0b, 0x68, 0x74, 0x74, 0x70, 0x5f,
+	0x73, 0x74, 0x61, 0x74, 0x75, 0x73, 0x18, 0x02, 0x20, 0x01, 0x28, 0x0d, 0x42, 0x0b, 0xfa, 0x42,
+	0x08, 0x2a, 0x06, 0x10, 0xd8, 0x04, 0x28, 0xc8, 0x01, 0x48, 0x00, 0x52, 0x0a, 0x68, 0x74, 0x74,
+	0x70, 0x53, 0x74, 0x61, 0x74, 0x75, 0x73, 0x12, 0x21, 0x0a, 0x0b, 0x67, 0x72, 0x70, 0x63, 0x5f,
+	0x73, 0x74, 0x61, 0x74, 0x75, 0x73, 0x18, 0x05, 0x20, 0x01, 0x28, 0x0d, 0x48, 0x00, 0x52, 0x0a,
+	0x67, 0x72, 0x70, 0x63, 0x53, 0x74, 0x61, 0x74, 0x75, 0x73, 0x12, 0x63, 0x0a, 0x0c, 0x68, 0x65,
+	0x61, 0x64, 0x65, 0x72, 0x5f, 0x61, 0x62, 0x6f, 0x72, 0x74, 0x18, 0x04, 0x20, 0x01, 0x28, 0x0b,
+	0x32, 0x3e, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x65, 0x78, 0x74, 0x65, 0x6e, 0x73, 0x69,
+	0x6f, 0x6e, 0x73, 0x2e, 0x66, 0x69, 0x6c, 0x74, 0x65, 0x72, 0x73, 0x2e, 0x68, 0x74, 0x74, 0x70,
+	0x2e, 0x66, 0x61, 0x75, 0x6c, 0x74, 0x2e, 0x76, 0x33, 0x2e, 0x46, 0x61, 0x75, 0x6c, 0x74, 0x41,
+	0x62, 0x6f, 0x72, 0x74, 0x2e, 0x48, 0x65, 0x61, 0x64, 0x65, 0x72, 0x41, 0x62, 0x6f, 0x72, 0x74,
+	0x48, 0x00, 0x52, 0x0b, 0x68, 0x65, 0x61, 0x64, 0x65, 0x72, 0x41, 0x62, 0x6f, 0x72, 0x74, 0x12,
+	0x40, 0x0a, 0x0a, 0x70, 0x65, 0x72, 0x63, 0x65, 0x6e, 0x74, 0x61, 0x67, 0x65, 0x18, 0x03, 0x20,
+	0x01, 0x28, 0x0b, 0x32, 0x20, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x74, 0x79, 0x70, 0x65,
+	0x2e, 0x76, 0x33, 0x2e, 0x46, 0x72, 0x61, 0x63, 0x74, 0x69, 0x6f, 0x6e, 0x61, 0x6c, 0x50, 0x65,
+	0x72, 0x63, 0x65, 0x6e, 0x74, 0x52, 0x0a, 0x70, 0x65, 0x72, 0x63, 0x65, 0x6e, 0x74, 0x61, 0x67,
+	0x65, 0x1a, 0x4e, 0x0a, 0x0b, 0x48, 0x65, 0x61, 0x64, 0x65, 0x72, 0x41, 0x62, 0x6f, 0x72, 0x74,
+	0x3a, 0x3f, 0x9a, 0xc5, 0x88, 0x1e, 0x3a, 0x0a, 0x38, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63,
+	0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x66, 0x69, 0x6c, 0x74, 0x65, 0x72, 0x2e, 0x68, 0x74, 0x74,
+	0x70, 0x2e, 0x66, 0x61, 0x75, 0x6c, 0x74, 0x2e, 0x76, 0x32, 0x2e, 0x46, 0x61, 0x75, 0x6c, 0x74,
+	0x41, 0x62, 0x6f, 0x72, 0x74, 0x2e, 0x48, 0x65, 0x61, 0x64, 0x65, 0x72, 0x41, 0x62, 0x6f, 0x72,
+	0x74, 0x3a, 0x33, 0x9a, 0xc5, 0x88, 0x1e, 0x2e, 0x0a, 0x2c, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e,
+	0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x66, 0x69, 0x6c, 0x74, 0x65, 0x72, 0x2e, 0x68, 0x74,
+	0x74, 0x70, 0x2e, 0x66, 0x61, 0x75, 0x6c, 0x74, 0x2e, 0x76, 0x32, 0x2e, 0x46, 0x61, 0x75, 0x6c,
+	0x74, 0x41, 0x62, 0x6f, 0x72, 0x74, 0x42, 0x11, 0x0a, 0x0a, 0x65, 0x72, 0x72, 0x6f, 0x72, 0x5f,
+	0x74, 0x79, 0x70, 0x65, 0x12, 0x03, 0xf8, 0x42, 0x01, 0x4a, 0x04, 0x08, 0x01, 0x10, 0x02, 0x22,
+	0x85, 0x08, 0x0a, 0x09, 0x48, 0x54, 0x54, 0x50, 0x46, 0x61, 0x75, 0x6c, 0x74, 0x12, 0x4a, 0x0a,
+	0x05, 0x64, 0x65, 0x6c, 0x61, 0x79, 0x18, 0x01, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x34, 0x2e, 0x65,
+	0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x65, 0x78, 0x74, 0x65, 0x6e, 0x73, 0x69, 0x6f, 0x6e, 0x73, 0x2e,
+	0x66, 0x69, 0x6c, 0x74, 0x65, 0x72, 0x73, 0x2e, 0x63, 0x6f, 0x6d, 0x6d, 0x6f, 0x6e, 0x2e, 0x66,
+	0x61, 0x75, 0x6c, 0x74, 0x2e, 0x76, 0x33, 0x2e, 0x46, 0x61, 0x75, 0x6c, 0x74, 0x44, 0x65, 0x6c,
+	0x61, 0x79, 0x52, 0x05, 0x64, 0x65, 0x6c, 0x61, 0x79, 0x12, 0x48, 0x0a, 0x05, 0x61, 0x62, 0x6f,
+	0x72, 0x74, 0x18, 0x02, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x32, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79,
+	0x2e, 0x65, 0x78, 0x74, 0x65, 0x6e, 0x73, 0x69, 0x6f, 0x6e, 0x73, 0x2e, 0x66, 0x69, 0x6c, 0x74,
+	0x65, 0x72, 0x73, 0x2e, 0x68, 0x74, 0x74, 0x70, 0x2e, 0x66, 0x61, 0x75, 0x6c, 0x74, 0x2e, 0x76,
+	0x33, 0x2e, 0x46, 0x61, 0x75, 0x6c, 0x74, 0x41, 0x62, 0x6f, 0x72, 0x74, 0x52, 0x05, 0x61, 0x62,
+	0x6f, 0x72, 0x74, 0x12, 0x29, 0x0a, 0x10, 0x75, 0x70, 0x73, 0x74, 0x72, 0x65, 0x61, 0x6d, 0x5f,
+	0x63, 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0x18, 0x03, 0x20, 0x01, 0x28, 0x09, 0x52, 0x0f, 0x75,
+	0x70, 0x73, 0x74, 0x72, 0x65, 0x61, 0x6d, 0x43, 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0x12, 0x3e,
+	0x0a, 0x07, 0x68, 0x65, 0x61, 0x64, 0x65, 0x72, 0x73, 0x18, 0x04, 0x20, 0x03, 0x28, 0x0b, 0x32,
+	0x24, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x72,
+	0x6f, 0x75, 0x74, 0x65, 0x2e, 0x76, 0x33, 0x2e, 0x48, 0x65, 0x61, 0x64, 0x65, 0x72, 0x4d, 0x61,
+	0x74, 0x63, 0x68, 0x65, 0x72, 0x52, 0x07, 0x68, 0x65, 0x61, 0x64, 0x65, 0x72, 0x73, 0x12, 0x29,
+	0x0a, 0x10, 0x64, 0x6f, 0x77, 0x6e, 0x73, 0x74, 0x72, 0x65, 0x61, 0x6d, 0x5f, 0x6e, 0x6f, 0x64,
+	0x65, 0x73, 0x18, 0x05, 0x20, 0x03, 0x28, 0x09, 0x52, 0x0f, 0x64, 0x6f, 0x77, 0x6e, 0x73, 0x74,
+	0x72, 0x65, 0x61, 0x6d, 0x4e, 0x6f, 0x64, 0x65, 0x73, 0x12, 0x48, 0x0a, 0x11, 0x6d, 0x61, 0x78,
+	0x5f, 0x61, 0x63, 0x74, 0x69, 0x76, 0x65, 0x5f, 0x66, 0x61, 0x75, 0x6c, 0x74, 0x73, 0x18, 0x06,
+	0x20, 0x01, 0x28, 0x0b, 0x32, 0x1c, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72,
+	0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x55, 0x49, 0x6e, 0x74, 0x33, 0x32, 0x56, 0x61, 0x6c,
+	0x75, 0x65, 0x52, 0x0f, 0x6d, 0x61, 0x78, 0x41, 0x63, 0x74, 0x69, 0x76, 0x65, 0x46, 0x61, 0x75,
+	0x6c, 0x74, 0x73, 0x12, 0x68, 0x0a, 0x13, 0x72, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x5f,
+	0x72, 0x61, 0x74, 0x65, 0x5f, 0x6c, 0x69, 0x6d, 0x69, 0x74, 0x18, 0x07, 0x20, 0x01, 0x28, 0x0b,
+	0x32, 0x38, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x65, 0x78, 0x74, 0x65, 0x6e, 0x73, 0x69,
+	0x6f, 0x6e, 0x73, 0x2e, 0x66, 0x69, 0x6c, 0x74, 0x65, 0x72, 0x73, 0x2e, 0x63, 0x6f, 0x6d, 0x6d,
+	0x6f, 0x6e, 0x2e, 0x66, 0x61, 0x75, 0x6c, 0x74, 0x2e, 0x76, 0x33, 0x2e, 0x46, 0x61, 0x75, 0x6c,
+	0x74, 0x52, 0x61, 0x74, 0x65, 0x4c, 0x69, 0x6d, 0x69, 0x74, 0x52, 0x11, 0x72, 0x65, 0x73, 0x70,
+	0x6f, 0x6e, 0x73, 0x65, 0x52, 0x61, 0x74, 0x65, 0x4c, 0x69, 0x6d, 0x69, 0x74, 0x12, 0x32, 0x0a,
+	0x15, 0x64, 0x65, 0x6c, 0x61, 0x79, 0x5f, 0x70, 0x65, 0x72, 0x63, 0x65, 0x6e, 0x74, 0x5f, 0x72,
+	0x75, 0x6e, 0x74, 0x69, 0x6d, 0x65, 0x18, 0x08, 0x20, 0x01, 0x28, 0x09, 0x52, 0x13, 0x64, 0x65,
+	0x6c, 0x61, 0x79, 0x50, 0x65, 0x72, 0x63, 0x65, 0x6e, 0x74, 0x52, 0x75, 0x6e, 0x74, 0x69, 0x6d,
+	0x65, 0x12, 0x32, 0x0a, 0x15, 0x61, 0x62, 0x6f, 0x72, 0x74, 0x5f, 0x70, 0x65, 0x72, 0x63, 0x65,
+	0x6e, 0x74, 0x5f, 0x72, 0x75, 0x6e, 0x74, 0x69, 0x6d, 0x65, 0x18, 0x09, 0x20, 0x01, 0x28, 0x09,
+	0x52, 0x13, 0x61, 0x62, 0x6f, 0x72, 0x74, 0x50, 0x65, 0x72, 0x63, 0x65, 0x6e, 0x74, 0x52, 0x75,
+	0x6e, 0x74, 0x69, 0x6d, 0x65, 0x12, 0x34, 0x0a, 0x16, 0x64, 0x65, 0x6c, 0x61, 0x79, 0x5f, 0x64,
+	0x75, 0x72, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x5f, 0x72, 0x75, 0x6e, 0x74, 0x69, 0x6d, 0x65, 0x18,
+	0x0a, 0x20, 0x01, 0x28, 0x09, 0x52, 0x14, 0x64, 0x65, 0x6c, 0x61, 0x79, 0x44, 0x75, 0x72, 0x61,
+	0x74, 0x69, 0x6f, 0x6e, 0x52, 0x75, 0x6e, 0x74, 0x69, 0x6d, 0x65, 0x12, 0x39, 0x0a, 0x19, 0x61,
+	0x62, 0x6f, 0x72, 0x74, 0x5f, 0x68, 0x74, 0x74, 0x70, 0x5f, 0x73, 0x74, 0x61, 0x74, 0x75, 0x73,
+	0x5f, 0x72, 0x75, 0x6e, 0x74, 0x69, 0x6d, 0x65, 0x18, 0x0b, 0x20, 0x01, 0x28, 0x09, 0x52, 0x16,
+	0x61, 0x62, 0x6f, 0x72, 0x74, 0x48, 0x74, 0x74, 0x70, 0x53, 0x74, 0x61, 0x74, 0x75, 0x73, 0x52,
+	0x75, 0x6e, 0x74, 0x69, 0x6d, 0x65, 0x12, 0x39, 0x0a, 0x19, 0x6d, 0x61, 0x78, 0x5f, 0x61, 0x63,
+	0x74, 0x69, 0x76, 0x65, 0x5f, 0x66, 0x61, 0x75, 0x6c, 0x74, 0x73, 0x5f, 0x72, 0x75, 0x6e, 0x74,
+	0x69, 0x6d, 0x65, 0x18, 0x0c, 0x20, 0x01, 0x28, 0x09, 0x52, 0x16, 0x6d, 0x61, 0x78, 0x41, 0x63,
+	0x74, 0x69, 0x76, 0x65, 0x46, 0x61, 0x75, 0x6c, 0x74, 0x73, 0x52, 0x75, 0x6e, 0x74, 0x69, 0x6d,
+	0x65, 0x12, 0x4c, 0x0a, 0x23, 0x72, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x5f, 0x72, 0x61,
+	0x74, 0x65, 0x5f, 0x6c, 0x69, 0x6d, 0x69, 0x74, 0x5f, 0x70, 0x65, 0x72, 0x63, 0x65, 0x6e, 0x74,
+	0x5f, 0x72, 0x75, 0x6e, 0x74, 0x69, 0x6d, 0x65, 0x18, 0x0d, 0x20, 0x01, 0x28, 0x09, 0x52, 0x1f,
+	0x72, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x52, 0x61, 0x74, 0x65, 0x4c, 0x69, 0x6d, 0x69,
+	0x74, 0x50, 0x65, 0x72, 0x63, 0x65, 0x6e, 0x74, 0x52, 0x75, 0x6e, 0x74, 0x69, 0x6d, 0x65, 0x12,
+	0x39, 0x0a, 0x19, 0x61, 0x62, 0x6f, 0x72, 0x74, 0x5f, 0x67, 0x72, 0x70, 0x63, 0x5f, 0x73, 0x74,
+	0x61, 0x74, 0x75, 0x73, 0x5f, 0x72, 0x75, 0x6e, 0x74, 0x69, 0x6d, 0x65, 0x18, 0x0e, 0x20, 0x01,
+	0x28, 0x09, 0x52, 0x16, 0x61, 0x62, 0x6f, 0x72, 0x74, 0x47, 0x72, 0x70, 0x63, 0x53, 0x74, 0x61,
+	0x74, 0x75, 0x73, 0x52, 0x75, 0x6e, 0x74, 0x69, 0x6d, 0x65, 0x12, 0x47, 0x0a, 0x20, 0x64, 0x69,
+	0x73, 0x61, 0x62, 0x6c, 0x65, 0x5f, 0x64, 0x6f, 0x77, 0x6e, 0x73, 0x74, 0x72, 0x65, 0x61, 0x6d,
+	0x5f, 0x63, 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0x5f, 0x73, 0x74, 0x61, 0x74, 0x73, 0x18, 0x0f,
+	0x20, 0x01, 0x28, 0x08, 0x52, 0x1d, 0x64, 0x69, 0x73, 0x61, 0x62, 0x6c, 0x65, 0x44, 0x6f, 0x77,
+	0x6e, 0x73, 0x74, 0x72, 0x65, 0x61, 0x6d, 0x43, 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0x53, 0x74,
+	0x61, 0x74, 0x73, 0x3a, 0x32, 0x9a, 0xc5, 0x88, 0x1e, 0x2d, 0x0a, 0x2b, 0x65, 0x6e, 0x76, 0x6f,
+	0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x66, 0x69, 0x6c, 0x74, 0x65, 0x72, 0x2e,
+	0x68, 0x74, 0x74, 0x70, 0x2e, 0x66, 0x61, 0x75, 0x6c, 0x74, 0x2e, 0x76, 0x32, 0x2e, 0x48, 0x54,
+	0x54, 0x50, 0x46, 0x61, 0x75, 0x6c, 0x74, 0x42, 0x4c, 0x0a, 0x34, 0x69, 0x6f, 0x2e, 0x65, 0x6e,
+	0x76, 0x6f, 0x79, 0x70, 0x72, 0x6f, 0x78, 0x79, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x65,
+	0x78, 0x74, 0x65, 0x6e, 0x73, 0x69, 0x6f, 0x6e, 0x73, 0x2e, 0x66, 0x69, 0x6c, 0x74, 0x65, 0x72,
+	0x73, 0x2e, 0x68, 0x74, 0x74, 0x70, 0x2e, 0x66, 0x61, 0x75, 0x6c, 0x74, 0x2e, 0x76, 0x33, 0x42,
+	0x0a, 0x46, 0x61, 0x75, 0x6c, 0x74, 0x50, 0x72, 0x6f, 0x74, 0x6f, 0x50, 0x01, 0xba, 0x80, 0xc8,
+	0xd1, 0x06, 0x02, 0x10, 0x02, 0x62, 0x06, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x33,
+}
+
+var (
+	file_envoy_extensions_filters_http_fault_v3_fault_proto_rawDescOnce sync.Once
+	file_envoy_extensions_filters_http_fault_v3_fault_proto_rawDescData = file_envoy_extensions_filters_http_fault_v3_fault_proto_rawDesc
+)
+
+func file_envoy_extensions_filters_http_fault_v3_fault_proto_rawDescGZIP() []byte {
+	file_envoy_extensions_filters_http_fault_v3_fault_proto_rawDescOnce.Do(func() {
+		file_envoy_extensions_filters_http_fault_v3_fault_proto_rawDescData = protoimpl.X.CompressGZIP(file_envoy_extensions_filters_http_fault_v3_fault_proto_rawDescData)
+	})
+	return file_envoy_extensions_filters_http_fault_v3_fault_proto_rawDescData
+}
+
+var file_envoy_extensions_filters_http_fault_v3_fault_proto_msgTypes = make([]protoimpl.MessageInfo, 3)
+var file_envoy_extensions_filters_http_fault_v3_fault_proto_goTypes = []interface{}{
+	(*FaultAbort)(nil),             // 0: envoy.extensions.filters.http.fault.v3.FaultAbort
+	(*HTTPFault)(nil),              // 1: envoy.extensions.filters.http.fault.v3.HTTPFault
+	(*FaultAbort_HeaderAbort)(nil), // 2: envoy.extensions.filters.http.fault.v3.FaultAbort.HeaderAbort
+	(*v3.FractionalPercent)(nil),   // 3: envoy.type.v3.FractionalPercent
+	(*v31.FaultDelay)(nil),         // 4: envoy.extensions.filters.common.fault.v3.FaultDelay
+	(*v32.HeaderMatcher)(nil),      // 5: envoy.config.route.v3.HeaderMatcher
+	(*wrappers.UInt32Value)(nil),   // 6: google.protobuf.UInt32Value
+	(*v31.FaultRateLimit)(nil),     // 7: envoy.extensions.filters.common.fault.v3.FaultRateLimit
+}
+var file_envoy_extensions_filters_http_fault_v3_fault_proto_depIdxs = []int32{
+	2, // 0: envoy.extensions.filters.http.fault.v3.FaultAbort.header_abort:type_name -> envoy.extensions.filters.http.fault.v3.FaultAbort.HeaderAbort
+	3, // 1: envoy.extensions.filters.http.fault.v3.FaultAbort.percentage:type_name -> envoy.type.v3.FractionalPercent
+	4, // 2: envoy.extensions.filters.http.fault.v3.HTTPFault.delay:type_name -> envoy.extensions.filters.common.fault.v3.FaultDelay
+	0, // 3: envoy.extensions.filters.http.fault.v3.HTTPFault.abort:type_name -> envoy.extensions.filters.http.fault.v3.FaultAbort
+	5, // 4: envoy.extensions.filters.http.fault.v3.HTTPFault.headers:type_name -> envoy.config.route.v3.HeaderMatcher
+	6, // 5: envoy.extensions.filters.http.fault.v3.HTTPFault.max_active_faults:type_name -> google.protobuf.UInt32Value
+	7, // 6: envoy.extensions.filters.http.fault.v3.HTTPFault.response_rate_limit:type_name -> envoy.extensions.filters.common.fault.v3.FaultRateLimit
+	7, // [7:7] is the sub-list for method output_type
+	7, // [7:7] is the sub-list for method input_type
+	7, // [7:7] is the sub-list for extension type_name
+	7, // [7:7] is the sub-list for extension extendee
+	0, // [0:7] is the sub-list for field type_name
+}
+
+func init() { file_envoy_extensions_filters_http_fault_v3_fault_proto_init() }
+func file_envoy_extensions_filters_http_fault_v3_fault_proto_init() {
+	if File_envoy_extensions_filters_http_fault_v3_fault_proto != nil {
+		return
+	}
+	if !protoimpl.UnsafeEnabled {
+		file_envoy_extensions_filters_http_fault_v3_fault_proto_msgTypes[0].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*FaultAbort); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_extensions_filters_http_fault_v3_fault_proto_msgTypes[1].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*HTTPFault); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_extensions_filters_http_fault_v3_fault_proto_msgTypes[2].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*FaultAbort_HeaderAbort); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+	}
+	file_envoy_extensions_filters_http_fault_v3_fault_proto_msgTypes[0].OneofWrappers = []interface{}{
+		(*FaultAbort_HttpStatus)(nil),
+		(*FaultAbort_GrpcStatus)(nil),
+		(*FaultAbort_HeaderAbort_)(nil),
+	}
+	type x struct{}
+	out := protoimpl.TypeBuilder{
+		File: protoimpl.DescBuilder{
+			GoPackagePath: reflect.TypeOf(x{}).PkgPath(),
+			RawDescriptor: file_envoy_extensions_filters_http_fault_v3_fault_proto_rawDesc,
+			NumEnums:      0,
+			NumMessages:   3,
+			NumExtensions: 0,
+			NumServices:   0,
+		},
+		GoTypes:           file_envoy_extensions_filters_http_fault_v3_fault_proto_goTypes,
+		DependencyIndexes: file_envoy_extensions_filters_http_fault_v3_fault_proto_depIdxs,
+		MessageInfos:      file_envoy_extensions_filters_http_fault_v3_fault_proto_msgTypes,
+	}.Build()
+	File_envoy_extensions_filters_http_fault_v3_fault_proto = out.File
+	file_envoy_extensions_filters_http_fault_v3_fault_proto_rawDesc = nil
+	file_envoy_extensions_filters_http_fault_v3_fault_proto_goTypes = nil
+	file_envoy_extensions_filters_http_fault_v3_fault_proto_depIdxs = nil
+}
diff --git a/vendor/github.com/envoyproxy/go-control-plane/envoy/extensions/filters/http/fault/v3/fault.pb.validate.go b/vendor/github.com/envoyproxy/go-control-plane/envoy/extensions/filters/http/fault/v3/fault.pb.validate.go
new file mode 100644
index 00000000000..073c6ddf070
--- /dev/null
+++ b/vendor/github.com/envoyproxy/go-control-plane/envoy/extensions/filters/http/fault/v3/fault.pb.validate.go
@@ -0,0 +1,591 @@
+// Code generated by protoc-gen-validate. DO NOT EDIT.
+// source: envoy/extensions/filters/http/fault/v3/fault.proto
+
+package envoy_extensions_filters_http_fault_v3
+
+import (
+	"bytes"
+	"errors"
+	"fmt"
+	"net"
+	"net/mail"
+	"net/url"
+	"regexp"
+	"sort"
+	"strings"
+	"time"
+	"unicode/utf8"
+
+	"google.golang.org/protobuf/types/known/anypb"
+)
+
+// ensure the imports are used
+var (
+	_ = bytes.MinRead
+	_ = errors.New("")
+	_ = fmt.Print
+	_ = utf8.UTFMax
+	_ = (*regexp.Regexp)(nil)
+	_ = (*strings.Reader)(nil)
+	_ = net.IPv4len
+	_ = time.Duration(0)
+	_ = (*url.URL)(nil)
+	_ = (*mail.Address)(nil)
+	_ = anypb.Any{}
+	_ = sort.Sort
+)
+
+// Validate checks the field values on FaultAbort with the rules defined in the
+// proto definition for this message. If any rules are violated, the first
+// error encountered is returned, or nil if there are no violations.
+func (m *FaultAbort) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on FaultAbort with the rules defined in
+// the proto definition for this message. If any rules are violated, the
+// result is a list of violation errors wrapped in FaultAbortMultiError, or
+// nil if none found.
+func (m *FaultAbort) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *FaultAbort) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	if all {
+		switch v := interface{}(m.GetPercentage()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, FaultAbortValidationError{
+					field:  "Percentage",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, FaultAbortValidationError{
+					field:  "Percentage",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetPercentage()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return FaultAbortValidationError{
+				field:  "Percentage",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	switch m.ErrorType.(type) {
+
+	case *FaultAbort_HttpStatus:
+
+		if val := m.GetHttpStatus(); val < 200 || val >= 600 {
+			err := FaultAbortValidationError{
+				field:  "HttpStatus",
+				reason: "value must be inside range [200, 600)",
+			}
+			if !all {
+				return err
+			}
+			errors = append(errors, err)
+		}
+
+	case *FaultAbort_GrpcStatus:
+		// no validation rules for GrpcStatus
+
+	case *FaultAbort_HeaderAbort_:
+
+		if all {
+			switch v := interface{}(m.GetHeaderAbort()).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, FaultAbortValidationError{
+						field:  "HeaderAbort",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, FaultAbortValidationError{
+						field:  "HeaderAbort",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(m.GetHeaderAbort()).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return FaultAbortValidationError{
+					field:  "HeaderAbort",
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	default:
+		err := FaultAbortValidationError{
+			field:  "ErrorType",
+			reason: "value is required",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+
+	}
+
+	if len(errors) > 0 {
+		return FaultAbortMultiError(errors)
+	}
+	return nil
+}
+
+// FaultAbortMultiError is an error wrapping multiple validation errors
+// returned by FaultAbort.ValidateAll() if the designated constraints aren't met.
+type FaultAbortMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m FaultAbortMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m FaultAbortMultiError) AllErrors() []error { return m }
+
+// FaultAbortValidationError is the validation error returned by
+// FaultAbort.Validate if the designated constraints aren't met.
+type FaultAbortValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e FaultAbortValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e FaultAbortValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e FaultAbortValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e FaultAbortValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e FaultAbortValidationError) ErrorName() string { return "FaultAbortValidationError" }
+
+// Error satisfies the builtin error interface
+func (e FaultAbortValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sFaultAbort.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = FaultAbortValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = FaultAbortValidationError{}
+
+// Validate checks the field values on HTTPFault with the rules defined in the
+// proto definition for this message. If any rules are violated, the first
+// error encountered is returned, or nil if there are no violations.
+func (m *HTTPFault) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on HTTPFault with the rules defined in
+// the proto definition for this message. If any rules are violated, the
+// result is a list of violation errors wrapped in HTTPFaultMultiError, or nil
+// if none found.
+func (m *HTTPFault) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *HTTPFault) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	if all {
+		switch v := interface{}(m.GetDelay()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, HTTPFaultValidationError{
+					field:  "Delay",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, HTTPFaultValidationError{
+					field:  "Delay",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetDelay()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return HTTPFaultValidationError{
+				field:  "Delay",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if all {
+		switch v := interface{}(m.GetAbort()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, HTTPFaultValidationError{
+					field:  "Abort",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, HTTPFaultValidationError{
+					field:  "Abort",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetAbort()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return HTTPFaultValidationError{
+				field:  "Abort",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	// no validation rules for UpstreamCluster
+
+	for idx, item := range m.GetHeaders() {
+		_, _ = idx, item
+
+		if all {
+			switch v := interface{}(item).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, HTTPFaultValidationError{
+						field:  fmt.Sprintf("Headers[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, HTTPFaultValidationError{
+						field:  fmt.Sprintf("Headers[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(item).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return HTTPFaultValidationError{
+					field:  fmt.Sprintf("Headers[%v]", idx),
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	}
+
+	if all {
+		switch v := interface{}(m.GetMaxActiveFaults()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, HTTPFaultValidationError{
+					field:  "MaxActiveFaults",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, HTTPFaultValidationError{
+					field:  "MaxActiveFaults",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetMaxActiveFaults()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return HTTPFaultValidationError{
+				field:  "MaxActiveFaults",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if all {
+		switch v := interface{}(m.GetResponseRateLimit()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, HTTPFaultValidationError{
+					field:  "ResponseRateLimit",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, HTTPFaultValidationError{
+					field:  "ResponseRateLimit",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetResponseRateLimit()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return HTTPFaultValidationError{
+				field:  "ResponseRateLimit",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	// no validation rules for DelayPercentRuntime
+
+	// no validation rules for AbortPercentRuntime
+
+	// no validation rules for DelayDurationRuntime
+
+	// no validation rules for AbortHttpStatusRuntime
+
+	// no validation rules for MaxActiveFaultsRuntime
+
+	// no validation rules for ResponseRateLimitPercentRuntime
+
+	// no validation rules for AbortGrpcStatusRuntime
+
+	// no validation rules for DisableDownstreamClusterStats
+
+	if len(errors) > 0 {
+		return HTTPFaultMultiError(errors)
+	}
+	return nil
+}
+
+// HTTPFaultMultiError is an error wrapping multiple validation errors returned
+// by HTTPFault.ValidateAll() if the designated constraints aren't met.
+type HTTPFaultMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m HTTPFaultMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m HTTPFaultMultiError) AllErrors() []error { return m }
+
+// HTTPFaultValidationError is the validation error returned by
+// HTTPFault.Validate if the designated constraints aren't met.
+type HTTPFaultValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e HTTPFaultValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e HTTPFaultValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e HTTPFaultValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e HTTPFaultValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e HTTPFaultValidationError) ErrorName() string { return "HTTPFaultValidationError" }
+
+// Error satisfies the builtin error interface
+func (e HTTPFaultValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sHTTPFault.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = HTTPFaultValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = HTTPFaultValidationError{}
+
+// Validate checks the field values on FaultAbort_HeaderAbort with the rules
+// defined in the proto definition for this message. If any rules are
+// violated, the first error encountered is returned, or nil if there are no violations.
+func (m *FaultAbort_HeaderAbort) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on FaultAbort_HeaderAbort with the rules
+// defined in the proto definition for this message. If any rules are
+// violated, the result is a list of violation errors wrapped in
+// FaultAbort_HeaderAbortMultiError, or nil if none found.
+func (m *FaultAbort_HeaderAbort) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *FaultAbort_HeaderAbort) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	if len(errors) > 0 {
+		return FaultAbort_HeaderAbortMultiError(errors)
+	}
+	return nil
+}
+
+// FaultAbort_HeaderAbortMultiError is an error wrapping multiple validation
+// errors returned by FaultAbort_HeaderAbort.ValidateAll() if the designated
+// constraints aren't met.
+type FaultAbort_HeaderAbortMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m FaultAbort_HeaderAbortMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m FaultAbort_HeaderAbortMultiError) AllErrors() []error { return m }
+
+// FaultAbort_HeaderAbortValidationError is the validation error returned by
+// FaultAbort_HeaderAbort.Validate if the designated constraints aren't met.
+type FaultAbort_HeaderAbortValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e FaultAbort_HeaderAbortValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e FaultAbort_HeaderAbortValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e FaultAbort_HeaderAbortValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e FaultAbort_HeaderAbortValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e FaultAbort_HeaderAbortValidationError) ErrorName() string {
+	return "FaultAbort_HeaderAbortValidationError"
+}
+
+// Error satisfies the builtin error interface
+func (e FaultAbort_HeaderAbortValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sFaultAbort_HeaderAbort.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = FaultAbort_HeaderAbortValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = FaultAbort_HeaderAbortValidationError{}
diff --git a/vendor/github.com/envoyproxy/go-control-plane/envoy/extensions/filters/http/router/v3/router.pb.go b/vendor/github.com/envoyproxy/go-control-plane/envoy/extensions/filters/http/router/v3/router.pb.go
new file mode 100644
index 00000000000..5d51b48c62d
--- /dev/null
+++ b/vendor/github.com/envoyproxy/go-control-plane/envoy/extensions/filters/http/router/v3/router.pb.go
@@ -0,0 +1,302 @@
+// Code generated by protoc-gen-go. DO NOT EDIT.
+// versions:
+// 	protoc-gen-go v1.25.0
+// 	protoc        v3.19.1
+// source: envoy/extensions/filters/http/router/v3/router.proto
+
+package envoy_extensions_filters_http_router_v3
+
+import (
+	_ "github.com/cncf/xds/go/udpa/annotations"
+	v3 "github.com/envoyproxy/go-control-plane/envoy/config/accesslog/v3"
+	_ "github.com/envoyproxy/protoc-gen-validate/validate"
+	proto "github.com/golang/protobuf/proto"
+	wrappers "github.com/golang/protobuf/ptypes/wrappers"
+	protoreflect "google.golang.org/protobuf/reflect/protoreflect"
+	protoimpl "google.golang.org/protobuf/runtime/protoimpl"
+	reflect "reflect"
+	sync "sync"
+)
+
+const (
+	// Verify that this generated code is sufficiently up-to-date.
+	_ = protoimpl.EnforceVersion(20 - protoimpl.MinVersion)
+	// Verify that runtime/protoimpl is sufficiently up-to-date.
+	_ = protoimpl.EnforceVersion(protoimpl.MaxVersion - 20)
+)
+
+// This is a compile-time assertion that a sufficiently up-to-date version
+// of the legacy proto package is being used.
+const _ = proto.ProtoPackageIsVersion4
+
+// [#next-free-field: 8]
+type Router struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// Whether the router generates dynamic cluster statistics. Defaults to
+	// true. Can be disabled in high performance scenarios.
+	DynamicStats *wrappers.BoolValue `protobuf:"bytes,1,opt,name=dynamic_stats,json=dynamicStats,proto3" json:"dynamic_stats,omitempty"`
+	// Whether to start a child span for egress routed calls. This can be
+	// useful in scenarios where other filters (auth, ratelimit, etc.) make
+	// outbound calls and have child spans rooted at the same ingress
+	// parent. Defaults to false.
+	StartChildSpan bool `protobuf:"varint,2,opt,name=start_child_span,json=startChildSpan,proto3" json:"start_child_span,omitempty"`
+	// Configuration for HTTP upstream logs emitted by the router. Upstream logs
+	// are configured in the same way as access logs, but each log entry represents
+	// an upstream request. Presuming retries are configured, multiple upstream
+	// requests may be made for each downstream (inbound) request.
+	UpstreamLog []*v3.AccessLog `protobuf:"bytes,3,rep,name=upstream_log,json=upstreamLog,proto3" json:"upstream_log,omitempty"`
+	// Do not add any additional *x-envoy-* headers to requests or responses. This
+	// only affects the :ref:`router filter generated *x-envoy-* headers
+	// <config_http_filters_router_headers_set>`, other Envoy filters and the HTTP
+	// connection manager may continue to set *x-envoy-* headers.
+	SuppressEnvoyHeaders bool `protobuf:"varint,4,opt,name=suppress_envoy_headers,json=suppressEnvoyHeaders,proto3" json:"suppress_envoy_headers,omitempty"`
+	// Specifies a list of HTTP headers to strictly validate. Envoy will reject a
+	// request and respond with HTTP status 400 if the request contains an invalid
+	// value for any of the headers listed in this field. Strict header checking
+	// is only supported for the following headers:
+	//
+	// Value must be a ','-delimited list (i.e. no spaces) of supported retry
+	// policy values:
+	//
+	// * :ref:`config_http_filters_router_x-envoy-retry-grpc-on`
+	// * :ref:`config_http_filters_router_x-envoy-retry-on`
+	//
+	// Value must be an integer:
+	//
+	// * :ref:`config_http_filters_router_x-envoy-max-retries`
+	// * :ref:`config_http_filters_router_x-envoy-upstream-rq-timeout-ms`
+	// * :ref:`config_http_filters_router_x-envoy-upstream-rq-per-try-timeout-ms`
+	StrictCheckHeaders []string `protobuf:"bytes,5,rep,name=strict_check_headers,json=strictCheckHeaders,proto3" json:"strict_check_headers,omitempty"`
+	// If not set, ingress Envoy will ignore
+	// :ref:`config_http_filters_router_x-envoy-expected-rq-timeout-ms` header, populated by egress
+	// Envoy, when deriving timeout for upstream cluster.
+	RespectExpectedRqTimeout bool `protobuf:"varint,6,opt,name=respect_expected_rq_timeout,json=respectExpectedRqTimeout,proto3" json:"respect_expected_rq_timeout,omitempty"`
+	// If set, Envoy will avoid incrementing HTTP failure code stats
+	// on gRPC requests. This includes the individual status code value
+	// (e.g. upstream_rq_504) and group stats (e.g. upstream_rq_5xx).
+	// This field is useful if interested in relying only on the gRPC
+	// stats filter to define success and failure metrics for gRPC requests
+	// as not all failed gRPC requests charge HTTP status code metrics. See
+	// :ref:`gRPC stats filter<config_http_filters_grpc_stats>` documentation
+	// for more details.
+	SuppressGrpcRequestFailureCodeStats bool `protobuf:"varint,7,opt,name=suppress_grpc_request_failure_code_stats,json=suppressGrpcRequestFailureCodeStats,proto3" json:"suppress_grpc_request_failure_code_stats,omitempty"`
+}
+
+func (x *Router) Reset() {
+	*x = Router{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_extensions_filters_http_router_v3_router_proto_msgTypes[0]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *Router) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*Router) ProtoMessage() {}
+
+func (x *Router) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_extensions_filters_http_router_v3_router_proto_msgTypes[0]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use Router.ProtoReflect.Descriptor instead.
+func (*Router) Descriptor() ([]byte, []int) {
+	return file_envoy_extensions_filters_http_router_v3_router_proto_rawDescGZIP(), []int{0}
+}
+
+func (x *Router) GetDynamicStats() *wrappers.BoolValue {
+	if x != nil {
+		return x.DynamicStats
+	}
+	return nil
+}
+
+func (x *Router) GetStartChildSpan() bool {
+	if x != nil {
+		return x.StartChildSpan
+	}
+	return false
+}
+
+func (x *Router) GetUpstreamLog() []*v3.AccessLog {
+	if x != nil {
+		return x.UpstreamLog
+	}
+	return nil
+}
+
+func (x *Router) GetSuppressEnvoyHeaders() bool {
+	if x != nil {
+		return x.SuppressEnvoyHeaders
+	}
+	return false
+}
+
+func (x *Router) GetStrictCheckHeaders() []string {
+	if x != nil {
+		return x.StrictCheckHeaders
+	}
+	return nil
+}
+
+func (x *Router) GetRespectExpectedRqTimeout() bool {
+	if x != nil {
+		return x.RespectExpectedRqTimeout
+	}
+	return false
+}
+
+func (x *Router) GetSuppressGrpcRequestFailureCodeStats() bool {
+	if x != nil {
+		return x.SuppressGrpcRequestFailureCodeStats
+	}
+	return false
+}
+
+var File_envoy_extensions_filters_http_router_v3_router_proto protoreflect.FileDescriptor
+
+var file_envoy_extensions_filters_http_router_v3_router_proto_rawDesc = []byte{
+	0x0a, 0x34, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2f, 0x65, 0x78, 0x74, 0x65, 0x6e, 0x73, 0x69, 0x6f,
+	0x6e, 0x73, 0x2f, 0x66, 0x69, 0x6c, 0x74, 0x65, 0x72, 0x73, 0x2f, 0x68, 0x74, 0x74, 0x70, 0x2f,
+	0x72, 0x6f, 0x75, 0x74, 0x65, 0x72, 0x2f, 0x76, 0x33, 0x2f, 0x72, 0x6f, 0x75, 0x74, 0x65, 0x72,
+	0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x12, 0x27, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x65, 0x78,
+	0x74, 0x65, 0x6e, 0x73, 0x69, 0x6f, 0x6e, 0x73, 0x2e, 0x66, 0x69, 0x6c, 0x74, 0x65, 0x72, 0x73,
+	0x2e, 0x68, 0x74, 0x74, 0x70, 0x2e, 0x72, 0x6f, 0x75, 0x74, 0x65, 0x72, 0x2e, 0x76, 0x33, 0x1a,
+	0x29, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2f, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2f, 0x61, 0x63,
+	0x63, 0x65, 0x73, 0x73, 0x6c, 0x6f, 0x67, 0x2f, 0x76, 0x33, 0x2f, 0x61, 0x63, 0x63, 0x65, 0x73,
+	0x73, 0x6c, 0x6f, 0x67, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x1e, 0x67, 0x6f, 0x6f, 0x67,
+	0x6c, 0x65, 0x2f, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2f, 0x77, 0x72, 0x61, 0x70,
+	0x70, 0x65, 0x72, 0x73, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x1d, 0x75, 0x64, 0x70, 0x61,
+	0x2f, 0x61, 0x6e, 0x6e, 0x6f, 0x74, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x2f, 0x73, 0x74, 0x61,
+	0x74, 0x75, 0x73, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x21, 0x75, 0x64, 0x70, 0x61, 0x2f,
+	0x61, 0x6e, 0x6e, 0x6f, 0x74, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x2f, 0x76, 0x65, 0x72, 0x73,
+	0x69, 0x6f, 0x6e, 0x69, 0x6e, 0x67, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x17, 0x76, 0x61,
+	0x6c, 0x69, 0x64, 0x61, 0x74, 0x65, 0x2f, 0x76, 0x61, 0x6c, 0x69, 0x64, 0x61, 0x74, 0x65, 0x2e,
+	0x70, 0x72, 0x6f, 0x74, 0x6f, 0x22, 0x84, 0x05, 0x0a, 0x06, 0x52, 0x6f, 0x75, 0x74, 0x65, 0x72,
+	0x12, 0x3f, 0x0a, 0x0d, 0x64, 0x79, 0x6e, 0x61, 0x6d, 0x69, 0x63, 0x5f, 0x73, 0x74, 0x61, 0x74,
+	0x73, 0x18, 0x01, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1a, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65,
+	0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x42, 0x6f, 0x6f, 0x6c, 0x56, 0x61,
+	0x6c, 0x75, 0x65, 0x52, 0x0c, 0x64, 0x79, 0x6e, 0x61, 0x6d, 0x69, 0x63, 0x53, 0x74, 0x61, 0x74,
+	0x73, 0x12, 0x28, 0x0a, 0x10, 0x73, 0x74, 0x61, 0x72, 0x74, 0x5f, 0x63, 0x68, 0x69, 0x6c, 0x64,
+	0x5f, 0x73, 0x70, 0x61, 0x6e, 0x18, 0x02, 0x20, 0x01, 0x28, 0x08, 0x52, 0x0e, 0x73, 0x74, 0x61,
+	0x72, 0x74, 0x43, 0x68, 0x69, 0x6c, 0x64, 0x53, 0x70, 0x61, 0x6e, 0x12, 0x47, 0x0a, 0x0c, 0x75,
+	0x70, 0x73, 0x74, 0x72, 0x65, 0x61, 0x6d, 0x5f, 0x6c, 0x6f, 0x67, 0x18, 0x03, 0x20, 0x03, 0x28,
+	0x0b, 0x32, 0x24, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67,
+	0x2e, 0x61, 0x63, 0x63, 0x65, 0x73, 0x73, 0x6c, 0x6f, 0x67, 0x2e, 0x76, 0x33, 0x2e, 0x41, 0x63,
+	0x63, 0x65, 0x73, 0x73, 0x4c, 0x6f, 0x67, 0x52, 0x0b, 0x75, 0x70, 0x73, 0x74, 0x72, 0x65, 0x61,
+	0x6d, 0x4c, 0x6f, 0x67, 0x12, 0x34, 0x0a, 0x16, 0x73, 0x75, 0x70, 0x70, 0x72, 0x65, 0x73, 0x73,
+	0x5f, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x5f, 0x68, 0x65, 0x61, 0x64, 0x65, 0x72, 0x73, 0x18, 0x04,
+	0x20, 0x01, 0x28, 0x08, 0x52, 0x14, 0x73, 0x75, 0x70, 0x70, 0x72, 0x65, 0x73, 0x73, 0x45, 0x6e,
+	0x76, 0x6f, 0x79, 0x48, 0x65, 0x61, 0x64, 0x65, 0x72, 0x73, 0x12, 0xc7, 0x01, 0x0a, 0x14, 0x73,
+	0x74, 0x72, 0x69, 0x63, 0x74, 0x5f, 0x63, 0x68, 0x65, 0x63, 0x6b, 0x5f, 0x68, 0x65, 0x61, 0x64,
+	0x65, 0x72, 0x73, 0x18, 0x05, 0x20, 0x03, 0x28, 0x09, 0x42, 0x94, 0x01, 0xfa, 0x42, 0x90, 0x01,
+	0x92, 0x01, 0x8c, 0x01, 0x22, 0x89, 0x01, 0x72, 0x86, 0x01, 0x52, 0x1e, 0x78, 0x2d, 0x65, 0x6e,
+	0x76, 0x6f, 0x79, 0x2d, 0x75, 0x70, 0x73, 0x74, 0x72, 0x65, 0x61, 0x6d, 0x2d, 0x72, 0x71, 0x2d,
+	0x74, 0x69, 0x6d, 0x65, 0x6f, 0x75, 0x74, 0x2d, 0x6d, 0x73, 0x52, 0x26, 0x78, 0x2d, 0x65, 0x6e,
+	0x76, 0x6f, 0x79, 0x2d, 0x75, 0x70, 0x73, 0x74, 0x72, 0x65, 0x61, 0x6d, 0x2d, 0x72, 0x71, 0x2d,
+	0x70, 0x65, 0x72, 0x2d, 0x74, 0x72, 0x79, 0x2d, 0x74, 0x69, 0x6d, 0x65, 0x6f, 0x75, 0x74, 0x2d,
+	0x6d, 0x73, 0x52, 0x13, 0x78, 0x2d, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2d, 0x6d, 0x61, 0x78, 0x2d,
+	0x72, 0x65, 0x74, 0x72, 0x69, 0x65, 0x73, 0x52, 0x15, 0x78, 0x2d, 0x65, 0x6e, 0x76, 0x6f, 0x79,
+	0x2d, 0x72, 0x65, 0x74, 0x72, 0x79, 0x2d, 0x67, 0x72, 0x70, 0x63, 0x2d, 0x6f, 0x6e, 0x52, 0x10,
+	0x78, 0x2d, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2d, 0x72, 0x65, 0x74, 0x72, 0x79, 0x2d, 0x6f, 0x6e,
+	0x52, 0x12, 0x73, 0x74, 0x72, 0x69, 0x63, 0x74, 0x43, 0x68, 0x65, 0x63, 0x6b, 0x48, 0x65, 0x61,
+	0x64, 0x65, 0x72, 0x73, 0x12, 0x3d, 0x0a, 0x1b, 0x72, 0x65, 0x73, 0x70, 0x65, 0x63, 0x74, 0x5f,
+	0x65, 0x78, 0x70, 0x65, 0x63, 0x74, 0x65, 0x64, 0x5f, 0x72, 0x71, 0x5f, 0x74, 0x69, 0x6d, 0x65,
+	0x6f, 0x75, 0x74, 0x18, 0x06, 0x20, 0x01, 0x28, 0x08, 0x52, 0x18, 0x72, 0x65, 0x73, 0x70, 0x65,
+	0x63, 0x74, 0x45, 0x78, 0x70, 0x65, 0x63, 0x74, 0x65, 0x64, 0x52, 0x71, 0x54, 0x69, 0x6d, 0x65,
+	0x6f, 0x75, 0x74, 0x12, 0x55, 0x0a, 0x28, 0x73, 0x75, 0x70, 0x70, 0x72, 0x65, 0x73, 0x73, 0x5f,
+	0x67, 0x72, 0x70, 0x63, 0x5f, 0x72, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x5f, 0x66, 0x61, 0x69,
+	0x6c, 0x75, 0x72, 0x65, 0x5f, 0x63, 0x6f, 0x64, 0x65, 0x5f, 0x73, 0x74, 0x61, 0x74, 0x73, 0x18,
+	0x07, 0x20, 0x01, 0x28, 0x08, 0x52, 0x23, 0x73, 0x75, 0x70, 0x70, 0x72, 0x65, 0x73, 0x73, 0x47,
+	0x72, 0x70, 0x63, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x46, 0x61, 0x69, 0x6c, 0x75, 0x72,
+	0x65, 0x43, 0x6f, 0x64, 0x65, 0x53, 0x74, 0x61, 0x74, 0x73, 0x3a, 0x30, 0x9a, 0xc5, 0x88, 0x1e,
+	0x2b, 0x0a, 0x29, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e,
+	0x66, 0x69, 0x6c, 0x74, 0x65, 0x72, 0x2e, 0x68, 0x74, 0x74, 0x70, 0x2e, 0x72, 0x6f, 0x75, 0x74,
+	0x65, 0x72, 0x2e, 0x76, 0x32, 0x2e, 0x52, 0x6f, 0x75, 0x74, 0x65, 0x72, 0x42, 0x4e, 0x0a, 0x35,
+	0x69, 0x6f, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x70, 0x72, 0x6f, 0x78, 0x79, 0x2e, 0x65, 0x6e,
+	0x76, 0x6f, 0x79, 0x2e, 0x65, 0x78, 0x74, 0x65, 0x6e, 0x73, 0x69, 0x6f, 0x6e, 0x73, 0x2e, 0x66,
+	0x69, 0x6c, 0x74, 0x65, 0x72, 0x73, 0x2e, 0x68, 0x74, 0x74, 0x70, 0x2e, 0x72, 0x6f, 0x75, 0x74,
+	0x65, 0x72, 0x2e, 0x76, 0x33, 0x42, 0x0b, 0x52, 0x6f, 0x75, 0x74, 0x65, 0x72, 0x50, 0x72, 0x6f,
+	0x74, 0x6f, 0x50, 0x01, 0xba, 0x80, 0xc8, 0xd1, 0x06, 0x02, 0x10, 0x02, 0x62, 0x06, 0x70, 0x72,
+	0x6f, 0x74, 0x6f, 0x33,
+}
+
+var (
+	file_envoy_extensions_filters_http_router_v3_router_proto_rawDescOnce sync.Once
+	file_envoy_extensions_filters_http_router_v3_router_proto_rawDescData = file_envoy_extensions_filters_http_router_v3_router_proto_rawDesc
+)
+
+func file_envoy_extensions_filters_http_router_v3_router_proto_rawDescGZIP() []byte {
+	file_envoy_extensions_filters_http_router_v3_router_proto_rawDescOnce.Do(func() {
+		file_envoy_extensions_filters_http_router_v3_router_proto_rawDescData = protoimpl.X.CompressGZIP(file_envoy_extensions_filters_http_router_v3_router_proto_rawDescData)
+	})
+	return file_envoy_extensions_filters_http_router_v3_router_proto_rawDescData
+}
+
+var file_envoy_extensions_filters_http_router_v3_router_proto_msgTypes = make([]protoimpl.MessageInfo, 1)
+var file_envoy_extensions_filters_http_router_v3_router_proto_goTypes = []interface{}{
+	(*Router)(nil),             // 0: envoy.extensions.filters.http.router.v3.Router
+	(*wrappers.BoolValue)(nil), // 1: google.protobuf.BoolValue
+	(*v3.AccessLog)(nil),       // 2: envoy.config.accesslog.v3.AccessLog
+}
+var file_envoy_extensions_filters_http_router_v3_router_proto_depIdxs = []int32{
+	1, // 0: envoy.extensions.filters.http.router.v3.Router.dynamic_stats:type_name -> google.protobuf.BoolValue
+	2, // 1: envoy.extensions.filters.http.router.v3.Router.upstream_log:type_name -> envoy.config.accesslog.v3.AccessLog
+	2, // [2:2] is the sub-list for method output_type
+	2, // [2:2] is the sub-list for method input_type
+	2, // [2:2] is the sub-list for extension type_name
+	2, // [2:2] is the sub-list for extension extendee
+	0, // [0:2] is the sub-list for field type_name
+}
+
+func init() { file_envoy_extensions_filters_http_router_v3_router_proto_init() }
+func file_envoy_extensions_filters_http_router_v3_router_proto_init() {
+	if File_envoy_extensions_filters_http_router_v3_router_proto != nil {
+		return
+	}
+	if !protoimpl.UnsafeEnabled {
+		file_envoy_extensions_filters_http_router_v3_router_proto_msgTypes[0].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*Router); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+	}
+	type x struct{}
+	out := protoimpl.TypeBuilder{
+		File: protoimpl.DescBuilder{
+			GoPackagePath: reflect.TypeOf(x{}).PkgPath(),
+			RawDescriptor: file_envoy_extensions_filters_http_router_v3_router_proto_rawDesc,
+			NumEnums:      0,
+			NumMessages:   1,
+			NumExtensions: 0,
+			NumServices:   0,
+		},
+		GoTypes:           file_envoy_extensions_filters_http_router_v3_router_proto_goTypes,
+		DependencyIndexes: file_envoy_extensions_filters_http_router_v3_router_proto_depIdxs,
+		MessageInfos:      file_envoy_extensions_filters_http_router_v3_router_proto_msgTypes,
+	}.Build()
+	File_envoy_extensions_filters_http_router_v3_router_proto = out.File
+	file_envoy_extensions_filters_http_router_v3_router_proto_rawDesc = nil
+	file_envoy_extensions_filters_http_router_v3_router_proto_goTypes = nil
+	file_envoy_extensions_filters_http_router_v3_router_proto_depIdxs = nil
+}
diff --git a/vendor/github.com/envoyproxy/go-control-plane/envoy/extensions/filters/http/router/v3/router.pb.validate.go b/vendor/github.com/envoyproxy/go-control-plane/envoy/extensions/filters/http/router/v3/router.pb.validate.go
new file mode 100644
index 00000000000..28550f527c7
--- /dev/null
+++ b/vendor/github.com/envoyproxy/go-control-plane/envoy/extensions/filters/http/router/v3/router.pb.validate.go
@@ -0,0 +1,228 @@
+// Code generated by protoc-gen-validate. DO NOT EDIT.
+// source: envoy/extensions/filters/http/router/v3/router.proto
+
+package envoy_extensions_filters_http_router_v3
+
+import (
+	"bytes"
+	"errors"
+	"fmt"
+	"net"
+	"net/mail"
+	"net/url"
+	"regexp"
+	"sort"
+	"strings"
+	"time"
+	"unicode/utf8"
+
+	"google.golang.org/protobuf/types/known/anypb"
+)
+
+// ensure the imports are used
+var (
+	_ = bytes.MinRead
+	_ = errors.New("")
+	_ = fmt.Print
+	_ = utf8.UTFMax
+	_ = (*regexp.Regexp)(nil)
+	_ = (*strings.Reader)(nil)
+	_ = net.IPv4len
+	_ = time.Duration(0)
+	_ = (*url.URL)(nil)
+	_ = (*mail.Address)(nil)
+	_ = anypb.Any{}
+	_ = sort.Sort
+)
+
+// Validate checks the field values on Router with the rules defined in the
+// proto definition for this message. If any rules are violated, the first
+// error encountered is returned, or nil if there are no violations.
+func (m *Router) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on Router with the rules defined in the
+// proto definition for this message. If any rules are violated, the result is
+// a list of violation errors wrapped in RouterMultiError, or nil if none found.
+func (m *Router) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *Router) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	if all {
+		switch v := interface{}(m.GetDynamicStats()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, RouterValidationError{
+					field:  "DynamicStats",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, RouterValidationError{
+					field:  "DynamicStats",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetDynamicStats()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return RouterValidationError{
+				field:  "DynamicStats",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	// no validation rules for StartChildSpan
+
+	for idx, item := range m.GetUpstreamLog() {
+		_, _ = idx, item
+
+		if all {
+			switch v := interface{}(item).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, RouterValidationError{
+						field:  fmt.Sprintf("UpstreamLog[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, RouterValidationError{
+						field:  fmt.Sprintf("UpstreamLog[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(item).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return RouterValidationError{
+					field:  fmt.Sprintf("UpstreamLog[%v]", idx),
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	}
+
+	// no validation rules for SuppressEnvoyHeaders
+
+	for idx, item := range m.GetStrictCheckHeaders() {
+		_, _ = idx, item
+
+		if _, ok := _Router_StrictCheckHeaders_InLookup[item]; !ok {
+			err := RouterValidationError{
+				field:  fmt.Sprintf("StrictCheckHeaders[%v]", idx),
+				reason: "value must be in list [x-envoy-upstream-rq-timeout-ms x-envoy-upstream-rq-per-try-timeout-ms x-envoy-max-retries x-envoy-retry-grpc-on x-envoy-retry-on]",
+			}
+			if !all {
+				return err
+			}
+			errors = append(errors, err)
+		}
+
+	}
+
+	// no validation rules for RespectExpectedRqTimeout
+
+	// no validation rules for SuppressGrpcRequestFailureCodeStats
+
+	if len(errors) > 0 {
+		return RouterMultiError(errors)
+	}
+	return nil
+}
+
+// RouterMultiError is an error wrapping multiple validation errors returned by
+// Router.ValidateAll() if the designated constraints aren't met.
+type RouterMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m RouterMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m RouterMultiError) AllErrors() []error { return m }
+
+// RouterValidationError is the validation error returned by Router.Validate if
+// the designated constraints aren't met.
+type RouterValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e RouterValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e RouterValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e RouterValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e RouterValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e RouterValidationError) ErrorName() string { return "RouterValidationError" }
+
+// Error satisfies the builtin error interface
+func (e RouterValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sRouter.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = RouterValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = RouterValidationError{}
+
+var _Router_StrictCheckHeaders_InLookup = map[string]struct{}{
+	"x-envoy-upstream-rq-timeout-ms":         {},
+	"x-envoy-upstream-rq-per-try-timeout-ms": {},
+	"x-envoy-max-retries":                    {},
+	"x-envoy-retry-grpc-on":                  {},
+	"x-envoy-retry-on":                       {},
+}
diff --git a/vendor/github.com/envoyproxy/go-control-plane/envoy/extensions/filters/network/http_connection_manager/v3/http_connection_manager.pb.go b/vendor/github.com/envoyproxy/go-control-plane/envoy/extensions/filters/network/http_connection_manager/v3/http_connection_manager.pb.go
new file mode 100644
index 00000000000..71ed36044b9
--- /dev/null
+++ b/vendor/github.com/envoyproxy/go-control-plane/envoy/extensions/filters/network/http_connection_manager/v3/http_connection_manager.pb.go
@@ -0,0 +1,3679 @@
+// Code generated by protoc-gen-go. DO NOT EDIT.
+// versions:
+// 	protoc-gen-go v1.25.0
+// 	protoc        v3.19.1
+// source: envoy/extensions/filters/network/http_connection_manager/v3/http_connection_manager.proto
+
+package envoy_extensions_filters_network_http_connection_manager_v3
+
+import (
+	_ "github.com/cncf/xds/go/udpa/annotations"
+	v31 "github.com/envoyproxy/go-control-plane/envoy/config/accesslog/v3"
+	v3 "github.com/envoyproxy/go-control-plane/envoy/config/core/v3"
+	v32 "github.com/envoyproxy/go-control-plane/envoy/config/route/v3"
+	v35 "github.com/envoyproxy/go-control-plane/envoy/config/trace/v3"
+	v36 "github.com/envoyproxy/go-control-plane/envoy/type/http/v3"
+	v34 "github.com/envoyproxy/go-control-plane/envoy/type/tracing/v3"
+	v33 "github.com/envoyproxy/go-control-plane/envoy/type/v3"
+	_ "github.com/envoyproxy/protoc-gen-validate/validate"
+	proto "github.com/golang/protobuf/proto"
+	any "github.com/golang/protobuf/ptypes/any"
+	duration "github.com/golang/protobuf/ptypes/duration"
+	wrappers "github.com/golang/protobuf/ptypes/wrappers"
+	protoreflect "google.golang.org/protobuf/reflect/protoreflect"
+	protoimpl "google.golang.org/protobuf/runtime/protoimpl"
+	reflect "reflect"
+	sync "sync"
+)
+
+const (
+	// Verify that this generated code is sufficiently up-to-date.
+	_ = protoimpl.EnforceVersion(20 - protoimpl.MinVersion)
+	// Verify that runtime/protoimpl is sufficiently up-to-date.
+	_ = protoimpl.EnforceVersion(protoimpl.MaxVersion - 20)
+)
+
+// This is a compile-time assertion that a sufficiently up-to-date version
+// of the legacy proto package is being used.
+const _ = proto.ProtoPackageIsVersion4
+
+type HttpConnectionManager_CodecType int32
+
+const (
+	// For every new connection, the connection manager will determine which
+	// codec to use. This mode supports both ALPN for TLS listeners as well as
+	// protocol inference for plaintext listeners. If ALPN data is available, it
+	// is preferred, otherwise protocol inference is used. In almost all cases,
+	// this is the right option to choose for this setting.
+	HttpConnectionManager_AUTO HttpConnectionManager_CodecType = 0
+	// The connection manager will assume that the client is speaking HTTP/1.1.
+	HttpConnectionManager_HTTP1 HttpConnectionManager_CodecType = 1
+	// The connection manager will assume that the client is speaking HTTP/2
+	// (Envoy does not require HTTP/2 to take place over TLS or to use ALPN.
+	// Prior knowledge is allowed).
+	HttpConnectionManager_HTTP2 HttpConnectionManager_CodecType = 2
+	// [#not-implemented-hide:] QUIC implementation is not production ready yet. Use this enum with
+	// caution to prevent accidental execution of QUIC code. I.e. `!= HTTP2` is no longer sufficient
+	// to distinguish HTTP1 and HTTP2 traffic.
+	HttpConnectionManager_HTTP3 HttpConnectionManager_CodecType = 3
+)
+
+// Enum value maps for HttpConnectionManager_CodecType.
+var (
+	HttpConnectionManager_CodecType_name = map[int32]string{
+		0: "AUTO",
+		1: "HTTP1",
+		2: "HTTP2",
+		3: "HTTP3",
+	}
+	HttpConnectionManager_CodecType_value = map[string]int32{
+		"AUTO":  0,
+		"HTTP1": 1,
+		"HTTP2": 2,
+		"HTTP3": 3,
+	}
+)
+
+func (x HttpConnectionManager_CodecType) Enum() *HttpConnectionManager_CodecType {
+	p := new(HttpConnectionManager_CodecType)
+	*p = x
+	return p
+}
+
+func (x HttpConnectionManager_CodecType) String() string {
+	return protoimpl.X.EnumStringOf(x.Descriptor(), protoreflect.EnumNumber(x))
+}
+
+func (HttpConnectionManager_CodecType) Descriptor() protoreflect.EnumDescriptor {
+	return file_envoy_extensions_filters_network_http_connection_manager_v3_http_connection_manager_proto_enumTypes[0].Descriptor()
+}
+
+func (HttpConnectionManager_CodecType) Type() protoreflect.EnumType {
+	return &file_envoy_extensions_filters_network_http_connection_manager_v3_http_connection_manager_proto_enumTypes[0]
+}
+
+func (x HttpConnectionManager_CodecType) Number() protoreflect.EnumNumber {
+	return protoreflect.EnumNumber(x)
+}
+
+// Deprecated: Use HttpConnectionManager_CodecType.Descriptor instead.
+func (HttpConnectionManager_CodecType) EnumDescriptor() ([]byte, []int) {
+	return file_envoy_extensions_filters_network_http_connection_manager_v3_http_connection_manager_proto_rawDescGZIP(), []int{0, 0}
+}
+
+type HttpConnectionManager_ServerHeaderTransformation int32
+
+const (
+	// Overwrite any Server header with the contents of server_name.
+	HttpConnectionManager_OVERWRITE HttpConnectionManager_ServerHeaderTransformation = 0
+	// If no Server header is present, append Server server_name
+	// If a Server header is present, pass it through.
+	HttpConnectionManager_APPEND_IF_ABSENT HttpConnectionManager_ServerHeaderTransformation = 1
+	// Pass through the value of the server header, and do not append a header
+	// if none is present.
+	HttpConnectionManager_PASS_THROUGH HttpConnectionManager_ServerHeaderTransformation = 2
+)
+
+// Enum value maps for HttpConnectionManager_ServerHeaderTransformation.
+var (
+	HttpConnectionManager_ServerHeaderTransformation_name = map[int32]string{
+		0: "OVERWRITE",
+		1: "APPEND_IF_ABSENT",
+		2: "PASS_THROUGH",
+	}
+	HttpConnectionManager_ServerHeaderTransformation_value = map[string]int32{
+		"OVERWRITE":        0,
+		"APPEND_IF_ABSENT": 1,
+		"PASS_THROUGH":     2,
+	}
+)
+
+func (x HttpConnectionManager_ServerHeaderTransformation) Enum() *HttpConnectionManager_ServerHeaderTransformation {
+	p := new(HttpConnectionManager_ServerHeaderTransformation)
+	*p = x
+	return p
+}
+
+func (x HttpConnectionManager_ServerHeaderTransformation) String() string {
+	return protoimpl.X.EnumStringOf(x.Descriptor(), protoreflect.EnumNumber(x))
+}
+
+func (HttpConnectionManager_ServerHeaderTransformation) Descriptor() protoreflect.EnumDescriptor {
+	return file_envoy_extensions_filters_network_http_connection_manager_v3_http_connection_manager_proto_enumTypes[1].Descriptor()
+}
+
+func (HttpConnectionManager_ServerHeaderTransformation) Type() protoreflect.EnumType {
+	return &file_envoy_extensions_filters_network_http_connection_manager_v3_http_connection_manager_proto_enumTypes[1]
+}
+
+func (x HttpConnectionManager_ServerHeaderTransformation) Number() protoreflect.EnumNumber {
+	return protoreflect.EnumNumber(x)
+}
+
+// Deprecated: Use HttpConnectionManager_ServerHeaderTransformation.Descriptor instead.
+func (HttpConnectionManager_ServerHeaderTransformation) EnumDescriptor() ([]byte, []int) {
+	return file_envoy_extensions_filters_network_http_connection_manager_v3_http_connection_manager_proto_rawDescGZIP(), []int{0, 1}
+}
+
+// How to handle the :ref:`config_http_conn_man_headers_x-forwarded-client-cert` (XFCC) HTTP
+// header.
+type HttpConnectionManager_ForwardClientCertDetails int32
+
+const (
+	// Do not send the XFCC header to the next hop. This is the default value.
+	HttpConnectionManager_SANITIZE HttpConnectionManager_ForwardClientCertDetails = 0
+	// When the client connection is mTLS (Mutual TLS), forward the XFCC header
+	// in the request.
+	HttpConnectionManager_FORWARD_ONLY HttpConnectionManager_ForwardClientCertDetails = 1
+	// When the client connection is mTLS, append the client certificate
+	// information to the request’s XFCC header and forward it.
+	HttpConnectionManager_APPEND_FORWARD HttpConnectionManager_ForwardClientCertDetails = 2
+	// When the client connection is mTLS, reset the XFCC header with the client
+	// certificate information and send it to the next hop.
+	HttpConnectionManager_SANITIZE_SET HttpConnectionManager_ForwardClientCertDetails = 3
+	// Always forward the XFCC header in the request, regardless of whether the
+	// client connection is mTLS.
+	HttpConnectionManager_ALWAYS_FORWARD_ONLY HttpConnectionManager_ForwardClientCertDetails = 4
+)
+
+// Enum value maps for HttpConnectionManager_ForwardClientCertDetails.
+var (
+	HttpConnectionManager_ForwardClientCertDetails_name = map[int32]string{
+		0: "SANITIZE",
+		1: "FORWARD_ONLY",
+		2: "APPEND_FORWARD",
+		3: "SANITIZE_SET",
+		4: "ALWAYS_FORWARD_ONLY",
+	}
+	HttpConnectionManager_ForwardClientCertDetails_value = map[string]int32{
+		"SANITIZE":            0,
+		"FORWARD_ONLY":        1,
+		"APPEND_FORWARD":      2,
+		"SANITIZE_SET":        3,
+		"ALWAYS_FORWARD_ONLY": 4,
+	}
+)
+
+func (x HttpConnectionManager_ForwardClientCertDetails) Enum() *HttpConnectionManager_ForwardClientCertDetails {
+	p := new(HttpConnectionManager_ForwardClientCertDetails)
+	*p = x
+	return p
+}
+
+func (x HttpConnectionManager_ForwardClientCertDetails) String() string {
+	return protoimpl.X.EnumStringOf(x.Descriptor(), protoreflect.EnumNumber(x))
+}
+
+func (HttpConnectionManager_ForwardClientCertDetails) Descriptor() protoreflect.EnumDescriptor {
+	return file_envoy_extensions_filters_network_http_connection_manager_v3_http_connection_manager_proto_enumTypes[2].Descriptor()
+}
+
+func (HttpConnectionManager_ForwardClientCertDetails) Type() protoreflect.EnumType {
+	return &file_envoy_extensions_filters_network_http_connection_manager_v3_http_connection_manager_proto_enumTypes[2]
+}
+
+func (x HttpConnectionManager_ForwardClientCertDetails) Number() protoreflect.EnumNumber {
+	return protoreflect.EnumNumber(x)
+}
+
+// Deprecated: Use HttpConnectionManager_ForwardClientCertDetails.Descriptor instead.
+func (HttpConnectionManager_ForwardClientCertDetails) EnumDescriptor() ([]byte, []int) {
+	return file_envoy_extensions_filters_network_http_connection_manager_v3_http_connection_manager_proto_rawDescGZIP(), []int{0, 2}
+}
+
+// Determines the action for request that contain %2F, %2f, %5C or %5c sequences in the URI path.
+// This operation occurs before URL normalization and the merge slashes transformations if they were enabled.
+type HttpConnectionManager_PathWithEscapedSlashesAction int32
+
+const (
+	// Default behavior specific to implementation (i.e. Envoy) of this configuration option.
+	// Envoy, by default, takes the KEEP_UNCHANGED action.
+	// NOTE: the implementation may change the default behavior at-will.
+	HttpConnectionManager_IMPLEMENTATION_SPECIFIC_DEFAULT HttpConnectionManager_PathWithEscapedSlashesAction = 0
+	// Keep escaped slashes.
+	HttpConnectionManager_KEEP_UNCHANGED HttpConnectionManager_PathWithEscapedSlashesAction = 1
+	// Reject client request with the 400 status. gRPC requests will be rejected with the INTERNAL (13) error code.
+	// The "httpN.downstream_rq_failed_path_normalization" counter is incremented for each rejected request.
+	HttpConnectionManager_REJECT_REQUEST HttpConnectionManager_PathWithEscapedSlashesAction = 2
+	// Unescape %2F and %5C sequences and redirect request to the new path if these sequences were present.
+	// Redirect occurs after path normalization and merge slashes transformations if they were configured.
+	// NOTE: gRPC requests will be rejected with the INTERNAL (13) error code.
+	// This option minimizes possibility of path confusion exploits by forcing request with unescaped slashes to
+	// traverse all parties: downstream client, intermediate proxies, Envoy and upstream server.
+	// The "httpN.downstream_rq_redirected_with_normalized_path" counter is incremented for each
+	// redirected request.
+	HttpConnectionManager_UNESCAPE_AND_REDIRECT HttpConnectionManager_PathWithEscapedSlashesAction = 3
+	// Unescape %2F and %5C sequences.
+	// Note: this option should not be enabled if intermediaries perform path based access control as
+	// it may lead to path confusion vulnerabilities.
+	HttpConnectionManager_UNESCAPE_AND_FORWARD HttpConnectionManager_PathWithEscapedSlashesAction = 4
+)
+
+// Enum value maps for HttpConnectionManager_PathWithEscapedSlashesAction.
+var (
+	HttpConnectionManager_PathWithEscapedSlashesAction_name = map[int32]string{
+		0: "IMPLEMENTATION_SPECIFIC_DEFAULT",
+		1: "KEEP_UNCHANGED",
+		2: "REJECT_REQUEST",
+		3: "UNESCAPE_AND_REDIRECT",
+		4: "UNESCAPE_AND_FORWARD",
+	}
+	HttpConnectionManager_PathWithEscapedSlashesAction_value = map[string]int32{
+		"IMPLEMENTATION_SPECIFIC_DEFAULT": 0,
+		"KEEP_UNCHANGED":                  1,
+		"REJECT_REQUEST":                  2,
+		"UNESCAPE_AND_REDIRECT":           3,
+		"UNESCAPE_AND_FORWARD":            4,
+	}
+)
+
+func (x HttpConnectionManager_PathWithEscapedSlashesAction) Enum() *HttpConnectionManager_PathWithEscapedSlashesAction {
+	p := new(HttpConnectionManager_PathWithEscapedSlashesAction)
+	*p = x
+	return p
+}
+
+func (x HttpConnectionManager_PathWithEscapedSlashesAction) String() string {
+	return protoimpl.X.EnumStringOf(x.Descriptor(), protoreflect.EnumNumber(x))
+}
+
+func (HttpConnectionManager_PathWithEscapedSlashesAction) Descriptor() protoreflect.EnumDescriptor {
+	return file_envoy_extensions_filters_network_http_connection_manager_v3_http_connection_manager_proto_enumTypes[3].Descriptor()
+}
+
+func (HttpConnectionManager_PathWithEscapedSlashesAction) Type() protoreflect.EnumType {
+	return &file_envoy_extensions_filters_network_http_connection_manager_v3_http_connection_manager_proto_enumTypes[3]
+}
+
+func (x HttpConnectionManager_PathWithEscapedSlashesAction) Number() protoreflect.EnumNumber {
+	return protoreflect.EnumNumber(x)
+}
+
+// Deprecated: Use HttpConnectionManager_PathWithEscapedSlashesAction.Descriptor instead.
+func (HttpConnectionManager_PathWithEscapedSlashesAction) EnumDescriptor() ([]byte, []int) {
+	return file_envoy_extensions_filters_network_http_connection_manager_v3_http_connection_manager_proto_rawDescGZIP(), []int{0, 3}
+}
+
+type HttpConnectionManager_Tracing_OperationName int32
+
+const (
+	// The HTTP listener is used for ingress/incoming requests.
+	HttpConnectionManager_Tracing_INGRESS HttpConnectionManager_Tracing_OperationName = 0
+	// The HTTP listener is used for egress/outgoing requests.
+	HttpConnectionManager_Tracing_EGRESS HttpConnectionManager_Tracing_OperationName = 1
+)
+
+// Enum value maps for HttpConnectionManager_Tracing_OperationName.
+var (
+	HttpConnectionManager_Tracing_OperationName_name = map[int32]string{
+		0: "INGRESS",
+		1: "EGRESS",
+	}
+	HttpConnectionManager_Tracing_OperationName_value = map[string]int32{
+		"INGRESS": 0,
+		"EGRESS":  1,
+	}
+)
+
+func (x HttpConnectionManager_Tracing_OperationName) Enum() *HttpConnectionManager_Tracing_OperationName {
+	p := new(HttpConnectionManager_Tracing_OperationName)
+	*p = x
+	return p
+}
+
+func (x HttpConnectionManager_Tracing_OperationName) String() string {
+	return protoimpl.X.EnumStringOf(x.Descriptor(), protoreflect.EnumNumber(x))
+}
+
+func (HttpConnectionManager_Tracing_OperationName) Descriptor() protoreflect.EnumDescriptor {
+	return file_envoy_extensions_filters_network_http_connection_manager_v3_http_connection_manager_proto_enumTypes[4].Descriptor()
+}
+
+func (HttpConnectionManager_Tracing_OperationName) Type() protoreflect.EnumType {
+	return &file_envoy_extensions_filters_network_http_connection_manager_v3_http_connection_manager_proto_enumTypes[4]
+}
+
+func (x HttpConnectionManager_Tracing_OperationName) Number() protoreflect.EnumNumber {
+	return protoreflect.EnumNumber(x)
+}
+
+// Deprecated: Use HttpConnectionManager_Tracing_OperationName.Descriptor instead.
+func (HttpConnectionManager_Tracing_OperationName) EnumDescriptor() ([]byte, []int) {
+	return file_envoy_extensions_filters_network_http_connection_manager_v3_http_connection_manager_proto_rawDescGZIP(), []int{0, 0, 0}
+}
+
+// [#next-free-field: 49]
+type HttpConnectionManager struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// Supplies the type of codec that the connection manager should use.
+	CodecType HttpConnectionManager_CodecType `protobuf:"varint,1,opt,name=codec_type,json=codecType,proto3,enum=envoy.extensions.filters.network.http_connection_manager.v3.HttpConnectionManager_CodecType" json:"codec_type,omitempty"`
+	// The human readable prefix to use when emitting statistics for the
+	// connection manager. See the :ref:`statistics documentation <config_http_conn_man_stats>` for
+	// more information.
+	StatPrefix string `protobuf:"bytes,2,opt,name=stat_prefix,json=statPrefix,proto3" json:"stat_prefix,omitempty"`
+	// Types that are assignable to RouteSpecifier:
+	//	*HttpConnectionManager_Rds
+	//	*HttpConnectionManager_RouteConfig
+	//	*HttpConnectionManager_ScopedRoutes
+	RouteSpecifier isHttpConnectionManager_RouteSpecifier `protobuf_oneof:"route_specifier"`
+	// A list of individual HTTP filters that make up the filter chain for
+	// requests made to the connection manager. :ref:`Order matters <arch_overview_http_filters_ordering>`
+	// as the filters are processed sequentially as request events happen.
+	HttpFilters []*HttpFilter `protobuf:"bytes,5,rep,name=http_filters,json=httpFilters,proto3" json:"http_filters,omitempty"`
+	// Whether the connection manager manipulates the :ref:`config_http_conn_man_headers_user-agent`
+	// and :ref:`config_http_conn_man_headers_downstream-service-cluster` headers. See the linked
+	// documentation for more information. Defaults to false.
+	AddUserAgent *wrappers.BoolValue `protobuf:"bytes,6,opt,name=add_user_agent,json=addUserAgent,proto3" json:"add_user_agent,omitempty"`
+	// Presence of the object defines whether the connection manager
+	// emits :ref:`tracing <arch_overview_tracing>` data to the :ref:`configured tracing provider
+	// <envoy_v3_api_msg_config.trace.v3.Tracing>`.
+	Tracing *HttpConnectionManager_Tracing `protobuf:"bytes,7,opt,name=tracing,proto3" json:"tracing,omitempty"`
+	// Additional settings for HTTP requests handled by the connection manager. These will be
+	// applicable to both HTTP1 and HTTP2 requests.
+	CommonHttpProtocolOptions *v3.HttpProtocolOptions `protobuf:"bytes,35,opt,name=common_http_protocol_options,json=commonHttpProtocolOptions,proto3" json:"common_http_protocol_options,omitempty"`
+	// Additional HTTP/1 settings that are passed to the HTTP/1 codec.
+	HttpProtocolOptions *v3.Http1ProtocolOptions `protobuf:"bytes,8,opt,name=http_protocol_options,json=httpProtocolOptions,proto3" json:"http_protocol_options,omitempty"`
+	// Additional HTTP/2 settings that are passed directly to the HTTP/2 codec.
+	Http2ProtocolOptions *v3.Http2ProtocolOptions `protobuf:"bytes,9,opt,name=http2_protocol_options,json=http2ProtocolOptions,proto3" json:"http2_protocol_options,omitempty"`
+	// Additional HTTP/3 settings that are passed directly to the HTTP/3 codec.
+	// [#not-implemented-hide:]
+	Http3ProtocolOptions *v3.Http3ProtocolOptions `protobuf:"bytes,44,opt,name=http3_protocol_options,json=http3ProtocolOptions,proto3" json:"http3_protocol_options,omitempty"`
+	// An optional override that the connection manager will write to the server
+	// header in responses. If not set, the default is *envoy*.
+	ServerName string `protobuf:"bytes,10,opt,name=server_name,json=serverName,proto3" json:"server_name,omitempty"`
+	// Defines the action to be applied to the Server header on the response path.
+	// By default, Envoy will overwrite the header with the value specified in
+	// server_name.
+	ServerHeaderTransformation HttpConnectionManager_ServerHeaderTransformation `protobuf:"varint,34,opt,name=server_header_transformation,json=serverHeaderTransformation,proto3,enum=envoy.extensions.filters.network.http_connection_manager.v3.HttpConnectionManager_ServerHeaderTransformation" json:"server_header_transformation,omitempty"`
+	// Allows for explicit transformation of the :scheme header on the request path.
+	// If not set, Envoy's default :ref:`scheme  <config_http_conn_man_headers_scheme>`
+	// handling applies.
+	SchemeHeaderTransformation *v3.SchemeHeaderTransformation `protobuf:"bytes,48,opt,name=scheme_header_transformation,json=schemeHeaderTransformation,proto3" json:"scheme_header_transformation,omitempty"`
+	// The maximum request headers size for incoming connections.
+	// If unconfigured, the default max request headers allowed is 60 KiB.
+	// Requests that exceed this limit will receive a 431 response.
+	MaxRequestHeadersKb *wrappers.UInt32Value `protobuf:"bytes,29,opt,name=max_request_headers_kb,json=maxRequestHeadersKb,proto3" json:"max_request_headers_kb,omitempty"`
+	// The stream idle timeout for connections managed by the connection manager.
+	// If not specified, this defaults to 5 minutes. The default value was selected
+	// so as not to interfere with any smaller configured timeouts that may have
+	// existed in configurations prior to the introduction of this feature, while
+	// introducing robustness to TCP connections that terminate without a FIN.
+	//
+	// This idle timeout applies to new streams and is overridable by the
+	// :ref:`route-level idle_timeout
+	// <envoy_v3_api_field_config.route.v3.RouteAction.idle_timeout>`. Even on a stream in
+	// which the override applies, prior to receipt of the initial request
+	// headers, the :ref:`stream_idle_timeout
+	// <envoy_v3_api_field_extensions.filters.network.http_connection_manager.v3.HttpConnectionManager.stream_idle_timeout>`
+	// applies. Each time an encode/decode event for headers or data is processed
+	// for the stream, the timer will be reset. If the timeout fires, the stream
+	// is terminated with a 408 Request Timeout error code if no upstream response
+	// header has been received, otherwise a stream reset occurs.
+	//
+	// This timeout also specifies the amount of time that Envoy will wait for the peer to open enough
+	// window to write any remaining stream data once the entirety of stream data (local end stream is
+	// true) has been buffered pending available window. In other words, this timeout defends against
+	// a peer that does not release enough window to completely write the stream, even though all
+	// data has been proxied within available flow control windows. If the timeout is hit in this
+	// case, the :ref:`tx_flush_timeout <config_http_conn_man_stats_per_codec>` counter will be
+	// incremented. Note that :ref:`max_stream_duration
+	// <envoy_v3_api_field_config.core.v3.HttpProtocolOptions.max_stream_duration>` does not apply to
+	// this corner case.
+	//
+	// If the :ref:`overload action <config_overload_manager_overload_actions>` "envoy.overload_actions.reduce_timeouts"
+	// is configured, this timeout is scaled according to the value for
+	// :ref:`HTTP_DOWNSTREAM_STREAM_IDLE <envoy_v3_api_enum_value_config.overload.v3.ScaleTimersOverloadActionConfig.TimerType.HTTP_DOWNSTREAM_STREAM_IDLE>`.
+	//
+	// Note that it is possible to idle timeout even if the wire traffic for a stream is non-idle, due
+	// to the granularity of events presented to the connection manager. For example, while receiving
+	// very large request headers, it may be the case that there is traffic regularly arriving on the
+	// wire while the connection manage is only able to observe the end-of-headers event, hence the
+	// stream may still idle timeout.
+	//
+	// A value of 0 will completely disable the connection manager stream idle
+	// timeout, although per-route idle timeout overrides will continue to apply.
+	StreamIdleTimeout *duration.Duration `protobuf:"bytes,24,opt,name=stream_idle_timeout,json=streamIdleTimeout,proto3" json:"stream_idle_timeout,omitempty"`
+	// The amount of time that Envoy will wait for the entire request to be received.
+	// The timer is activated when the request is initiated, and is disarmed when the last byte of the
+	// request is sent upstream (i.e. all decoding filters have processed the request), OR when the
+	// response is initiated. If not specified or set to 0, this timeout is disabled.
+	RequestTimeout *duration.Duration `protobuf:"bytes,28,opt,name=request_timeout,json=requestTimeout,proto3" json:"request_timeout,omitempty"`
+	// The amount of time that Envoy will wait for the request headers to be received. The timer is
+	// activated when the first byte of the headers is received, and is disarmed when the last byte of
+	// the headers has been received. If not specified or set to 0, this timeout is disabled.
+	RequestHeadersTimeout *duration.Duration `protobuf:"bytes,41,opt,name=request_headers_timeout,json=requestHeadersTimeout,proto3" json:"request_headers_timeout,omitempty"`
+	// The time that Envoy will wait between sending an HTTP/2 “shutdown
+	// notification” (GOAWAY frame with max stream ID) and a final GOAWAY frame.
+	// This is used so that Envoy provides a grace period for new streams that
+	// race with the final GOAWAY frame. During this grace period, Envoy will
+	// continue to accept new streams. After the grace period, a final GOAWAY
+	// frame is sent and Envoy will start refusing new streams. Draining occurs
+	// both when a connection hits the idle timeout or during general server
+	// draining. The default grace period is 5000 milliseconds (5 seconds) if this
+	// option is not specified.
+	DrainTimeout *duration.Duration `protobuf:"bytes,12,opt,name=drain_timeout,json=drainTimeout,proto3" json:"drain_timeout,omitempty"`
+	// The delayed close timeout is for downstream connections managed by the HTTP connection manager.
+	// It is defined as a grace period after connection close processing has been locally initiated
+	// during which Envoy will wait for the peer to close (i.e., a TCP FIN/RST is received by Envoy
+	// from the downstream connection) prior to Envoy closing the socket associated with that
+	// connection.
+	// NOTE: This timeout is enforced even when the socket associated with the downstream connection
+	// is pending a flush of the write buffer. However, any progress made writing data to the socket
+	// will restart the timer associated with this timeout. This means that the total grace period for
+	// a socket in this state will be
+	// <total_time_waiting_for_write_buffer_flushes>+<delayed_close_timeout>.
+	//
+	// Delaying Envoy's connection close and giving the peer the opportunity to initiate the close
+	// sequence mitigates a race condition that exists when downstream clients do not drain/process
+	// data in a connection's receive buffer after a remote close has been detected via a socket
+	// write(). This race leads to such clients failing to process the response code sent by Envoy,
+	// which could result in erroneous downstream processing.
+	//
+	// If the timeout triggers, Envoy will close the connection's socket.
+	//
+	// The default timeout is 1000 ms if this option is not specified.
+	//
+	// .. NOTE::
+	//    To be useful in avoiding the race condition described above, this timeout must be set
+	//    to *at least* <max round trip time expected between clients and Envoy>+<100ms to account for
+	//    a reasonable "worst" case processing time for a full iteration of Envoy's event loop>.
+	//
+	// .. WARNING::
+	//    A value of 0 will completely disable delayed close processing. When disabled, the downstream
+	//    connection's socket will be closed immediately after the write flush is completed or will
+	//    never close if the write flush does not complete.
+	DelayedCloseTimeout *duration.Duration `protobuf:"bytes,26,opt,name=delayed_close_timeout,json=delayedCloseTimeout,proto3" json:"delayed_close_timeout,omitempty"`
+	// Configuration for :ref:`HTTP access logs <arch_overview_access_logs>`
+	// emitted by the connection manager.
+	AccessLog []*v31.AccessLog `protobuf:"bytes,13,rep,name=access_log,json=accessLog,proto3" json:"access_log,omitempty"`
+	// If set to true, the connection manager will use the real remote address
+	// of the client connection when determining internal versus external origin and manipulating
+	// various headers. If set to false or absent, the connection manager will use the
+	// :ref:`config_http_conn_man_headers_x-forwarded-for` HTTP header. See the documentation for
+	// :ref:`config_http_conn_man_headers_x-forwarded-for`,
+	// :ref:`config_http_conn_man_headers_x-envoy-internal`, and
+	// :ref:`config_http_conn_man_headers_x-envoy-external-address` for more information.
+	UseRemoteAddress *wrappers.BoolValue `protobuf:"bytes,14,opt,name=use_remote_address,json=useRemoteAddress,proto3" json:"use_remote_address,omitempty"`
+	// The number of additional ingress proxy hops from the right side of the
+	// :ref:`config_http_conn_man_headers_x-forwarded-for` HTTP header to trust when
+	// determining the origin client's IP address. The default is zero if this option
+	// is not specified. See the documentation for
+	// :ref:`config_http_conn_man_headers_x-forwarded-for` for more information.
+	XffNumTrustedHops uint32 `protobuf:"varint,19,opt,name=xff_num_trusted_hops,json=xffNumTrustedHops,proto3" json:"xff_num_trusted_hops,omitempty"`
+	// The configuration for the original IP detection extensions.
+	//
+	// When configured the extensions will be called along with the request headers
+	// and information about the downstream connection, such as the directly connected address.
+	// Each extension will then use these parameters to decide the request's effective remote address.
+	// If an extension fails to detect the original IP address and isn't configured to reject
+	// the request, the HCM will try the remaining extensions until one succeeds or rejects
+	// the request. If the request isn't rejected nor any extension succeeds, the HCM will
+	// fallback to using the remote address.
+	//
+	// .. WARNING::
+	//    Extensions cannot be used in conjunction with :ref:`use_remote_address
+	//    <envoy_v3_api_field_extensions.filters.network.http_connection_manager.v3.HttpConnectionManager.use_remote_address>`
+	//    nor :ref:`xff_num_trusted_hops
+	//    <envoy_v3_api_field_extensions.filters.network.http_connection_manager.v3.HttpConnectionManager.xff_num_trusted_hops>`.
+	//
+	// [#extension-category: envoy.http.original_ip_detection]
+	OriginalIpDetectionExtensions []*v3.TypedExtensionConfig `protobuf:"bytes,46,rep,name=original_ip_detection_extensions,json=originalIpDetectionExtensions,proto3" json:"original_ip_detection_extensions,omitempty"`
+	// Configures what network addresses are considered internal for stats and header sanitation
+	// purposes. If unspecified, only RFC1918 IP addresses will be considered internal.
+	// See the documentation for :ref:`config_http_conn_man_headers_x-envoy-internal` for more
+	// information about internal/external addresses.
+	InternalAddressConfig *HttpConnectionManager_InternalAddressConfig `protobuf:"bytes,25,opt,name=internal_address_config,json=internalAddressConfig,proto3" json:"internal_address_config,omitempty"`
+	// If set, Envoy will not append the remote address to the
+	// :ref:`config_http_conn_man_headers_x-forwarded-for` HTTP header. This may be used in
+	// conjunction with HTTP filters that explicitly manipulate XFF after the HTTP connection manager
+	// has mutated the request headers. While :ref:`use_remote_address
+	// <envoy_v3_api_field_extensions.filters.network.http_connection_manager.v3.HttpConnectionManager.use_remote_address>`
+	// will also suppress XFF addition, it has consequences for logging and other
+	// Envoy uses of the remote address, so *skip_xff_append* should be used
+	// when only an elision of XFF addition is intended.
+	SkipXffAppend bool `protobuf:"varint,21,opt,name=skip_xff_append,json=skipXffAppend,proto3" json:"skip_xff_append,omitempty"`
+	// Via header value to append to request and response headers. If this is
+	// empty, no via header will be appended.
+	Via string `protobuf:"bytes,22,opt,name=via,proto3" json:"via,omitempty"`
+	// Whether the connection manager will generate the :ref:`x-request-id
+	// <config_http_conn_man_headers_x-request-id>` header if it does not exist. This defaults to
+	// true. Generating a random UUID4 is expensive so in high throughput scenarios where this feature
+	// is not desired it can be disabled.
+	GenerateRequestId *wrappers.BoolValue `protobuf:"bytes,15,opt,name=generate_request_id,json=generateRequestId,proto3" json:"generate_request_id,omitempty"`
+	// Whether the connection manager will keep the :ref:`x-request-id
+	// <config_http_conn_man_headers_x-request-id>` header if passed for a request that is edge
+	// (Edge request is the request from external clients to front Envoy) and not reset it, which
+	// is the current Envoy behaviour. This defaults to false.
+	PreserveExternalRequestId bool `protobuf:"varint,32,opt,name=preserve_external_request_id,json=preserveExternalRequestId,proto3" json:"preserve_external_request_id,omitempty"`
+	// If set, Envoy will always set :ref:`x-request-id <config_http_conn_man_headers_x-request-id>` header in response.
+	// If this is false or not set, the request ID is returned in responses only if tracing is forced using
+	// :ref:`x-envoy-force-trace <config_http_conn_man_headers_x-envoy-force-trace>` header.
+	AlwaysSetRequestIdInResponse bool `protobuf:"varint,37,opt,name=always_set_request_id_in_response,json=alwaysSetRequestIdInResponse,proto3" json:"always_set_request_id_in_response,omitempty"`
+	// How to handle the :ref:`config_http_conn_man_headers_x-forwarded-client-cert` (XFCC) HTTP
+	// header.
+	ForwardClientCertDetails HttpConnectionManager_ForwardClientCertDetails `protobuf:"varint,16,opt,name=forward_client_cert_details,json=forwardClientCertDetails,proto3,enum=envoy.extensions.filters.network.http_connection_manager.v3.HttpConnectionManager_ForwardClientCertDetails" json:"forward_client_cert_details,omitempty"`
+	// This field is valid only when :ref:`forward_client_cert_details
+	// <envoy_v3_api_field_extensions.filters.network.http_connection_manager.v3.HttpConnectionManager.forward_client_cert_details>`
+	// is APPEND_FORWARD or SANITIZE_SET and the client connection is mTLS. It specifies the fields in
+	// the client certificate to be forwarded. Note that in the
+	// :ref:`config_http_conn_man_headers_x-forwarded-client-cert` header, *Hash* is always set, and
+	// *By* is always set when the client certificate presents the URI type Subject Alternative Name
+	// value.
+	SetCurrentClientCertDetails *HttpConnectionManager_SetCurrentClientCertDetails `protobuf:"bytes,17,opt,name=set_current_client_cert_details,json=setCurrentClientCertDetails,proto3" json:"set_current_client_cert_details,omitempty"`
+	// If proxy_100_continue is true, Envoy will proxy incoming "Expect:
+	// 100-continue" headers upstream, and forward "100 Continue" responses
+	// downstream. If this is false or not set, Envoy will instead strip the
+	// "Expect: 100-continue" header, and send a "100 Continue" response itself.
+	Proxy_100Continue bool `protobuf:"varint,18,opt,name=proxy_100_continue,json=proxy100Continue,proto3" json:"proxy_100_continue,omitempty"`
+	// If
+	// :ref:`use_remote_address
+	// <envoy_v3_api_field_extensions.filters.network.http_connection_manager.v3.HttpConnectionManager.use_remote_address>`
+	// is true and represent_ipv4_remote_address_as_ipv4_mapped_ipv6 is true and the remote address is
+	// an IPv4 address, the address will be mapped to IPv6 before it is appended to *x-forwarded-for*.
+	// This is useful for testing compatibility of upstream services that parse the header value. For
+	// example, 50.0.0.1 is represented as ::FFFF:50.0.0.1. See `IPv4-Mapped IPv6 Addresses
+	// <https://tools.ietf.org/html/rfc4291#section-2.5.5.2>`_ for details. This will also affect the
+	// :ref:`config_http_conn_man_headers_x-envoy-external-address` header. See
+	// :ref:`http_connection_manager.represent_ipv4_remote_address_as_ipv4_mapped_ipv6
+	// <config_http_conn_man_runtime_represent_ipv4_remote_address_as_ipv4_mapped_ipv6>` for runtime
+	// control.
+	// [#not-implemented-hide:]
+	RepresentIpv4RemoteAddressAsIpv4MappedIpv6 bool                                   `protobuf:"varint,20,opt,name=represent_ipv4_remote_address_as_ipv4_mapped_ipv6,json=representIpv4RemoteAddressAsIpv4MappedIpv6,proto3" json:"represent_ipv4_remote_address_as_ipv4_mapped_ipv6,omitempty"`
+	UpgradeConfigs                             []*HttpConnectionManager_UpgradeConfig `protobuf:"bytes,23,rep,name=upgrade_configs,json=upgradeConfigs,proto3" json:"upgrade_configs,omitempty"`
+	// Should paths be normalized according to RFC 3986 before any processing of
+	// requests by HTTP filters or routing? This affects the upstream *:path* header
+	// as well. For paths that fail this check, Envoy will respond with 400 to
+	// paths that are malformed. This defaults to false currently but will default
+	// true in the future. When not specified, this value may be overridden by the
+	// runtime variable
+	// :ref:`http_connection_manager.normalize_path<config_http_conn_man_runtime_normalize_path>`.
+	// See `Normalization and Comparison <https://tools.ietf.org/html/rfc3986#section-6>`_
+	// for details of normalization.
+	// Note that Envoy does not perform
+	// `case normalization <https://tools.ietf.org/html/rfc3986#section-6.2.2.1>`_
+	NormalizePath *wrappers.BoolValue `protobuf:"bytes,30,opt,name=normalize_path,json=normalizePath,proto3" json:"normalize_path,omitempty"`
+	// Determines if adjacent slashes in the path are merged into one before any processing of
+	// requests by HTTP filters or routing. This affects the upstream *:path* header as well. Without
+	// setting this option, incoming requests with path `//dir///file` will not match against route
+	// with `prefix` match set to `/dir`. Defaults to `false`. Note that slash merging is not part of
+	// `HTTP spec <https://tools.ietf.org/html/rfc3986>`_ and is provided for convenience.
+	MergeSlashes bool `protobuf:"varint,33,opt,name=merge_slashes,json=mergeSlashes,proto3" json:"merge_slashes,omitempty"`
+	// Action to take when request URL path contains escaped slash sequences (%2F, %2f, %5C and %5c).
+	// The default value can be overridden by the :ref:`http_connection_manager.path_with_escaped_slashes_action<config_http_conn_man_runtime_path_with_escaped_slashes_action>`
+	// runtime variable.
+	// The :ref:`http_connection_manager.path_with_escaped_slashes_action_sampling<config_http_conn_man_runtime_path_with_escaped_slashes_action_enabled>` runtime
+	// variable can be used to apply the action to a portion of all requests.
+	PathWithEscapedSlashesAction HttpConnectionManager_PathWithEscapedSlashesAction `protobuf:"varint,45,opt,name=path_with_escaped_slashes_action,json=pathWithEscapedSlashesAction,proto3,enum=envoy.extensions.filters.network.http_connection_manager.v3.HttpConnectionManager_PathWithEscapedSlashesAction" json:"path_with_escaped_slashes_action,omitempty"`
+	// The configuration of the request ID extension. This includes operations such as
+	// generation, validation, and associated tracing operations. If empty, the
+	// :ref:`UuidRequestIdConfig <envoy_v3_api_msg_extensions.request_id.uuid.v3.UuidRequestIdConfig>`
+	// default extension is used with default parameters. See the documentation for that extension
+	// for details on what it does. Customizing the configuration for the default extension can be
+	// achieved by configuring it explicitly here. For example, to disable trace reason packing,
+	// the following configuration can be used:
+	//
+	// .. validated-code-block:: yaml
+	//   :type-name: envoy.extensions.filters.network.http_connection_manager.v3.RequestIDExtension
+	//
+	//   typed_config:
+	//     "@type": type.googleapis.com/envoy.extensions.request_id.uuid.v3.UuidRequestIdConfig
+	//     pack_trace_reason: false
+	//
+	// [#extension-category: envoy.request_id]
+	RequestIdExtension *RequestIDExtension `protobuf:"bytes,36,opt,name=request_id_extension,json=requestIdExtension,proto3" json:"request_id_extension,omitempty"`
+	// The configuration to customize local reply returned by Envoy. It can customize status code,
+	// body text and response content type. If not specified, status code and text body are hard
+	// coded in Envoy, the response content type is plain text.
+	LocalReplyConfig *LocalReplyConfig `protobuf:"bytes,38,opt,name=local_reply_config,json=localReplyConfig,proto3" json:"local_reply_config,omitempty"`
+	// Determines if the port part should be removed from host/authority header before any processing
+	// of request by HTTP filters or routing. The port would be removed only if it is equal to the :ref:`listener's<envoy_v3_api_field_config.listener.v3.Listener.address>`
+	// local port. This affects the upstream host header unless the method is
+	// CONNECT in which case if no filter adds a port the original port will be restored before headers are
+	// sent upstream.
+	// Without setting this option, incoming requests with host `example:443` will not match against
+	// route with :ref:`domains<envoy_v3_api_field_config.route.v3.VirtualHost.domains>` match set to `example`. Defaults to `false`. Note that port removal is not part
+	// of `HTTP spec <https://tools.ietf.org/html/rfc3986>`_ and is provided for convenience.
+	// Only one of `strip_matching_host_port` or `strip_any_host_port` can be set.
+	StripMatchingHostPort bool `protobuf:"varint,39,opt,name=strip_matching_host_port,json=stripMatchingHostPort,proto3" json:"strip_matching_host_port,omitempty"`
+	// Types that are assignable to StripPortMode:
+	//	*HttpConnectionManager_StripAnyHostPort
+	StripPortMode isHttpConnectionManager_StripPortMode `protobuf_oneof:"strip_port_mode"`
+	// Governs Envoy's behavior when receiving invalid HTTP from downstream.
+	// If this option is false (default), Envoy will err on the conservative side handling HTTP
+	// errors, terminating both HTTP/1.1 and HTTP/2 connections when receiving an invalid request.
+	// If this option is set to true, Envoy will be more permissive, only resetting the invalid
+	// stream in the case of HTTP/2 and leaving the connection open where possible (if the entire
+	// request is read for HTTP/1.1)
+	// In general this should be true for deployments receiving trusted traffic (L2 Envoys,
+	// company-internal mesh) and false when receiving untrusted traffic (edge deployments).
+	//
+	// If different behaviors for invalid_http_message for HTTP/1 and HTTP/2 are
+	// desired, one should use the new HTTP/1 option :ref:`override_stream_error_on_invalid_http_message
+	// <envoy_v3_api_field_config.core.v3.Http1ProtocolOptions.override_stream_error_on_invalid_http_message>` or the new HTTP/2 option
+	// :ref:`override_stream_error_on_invalid_http_message
+	// <envoy_v3_api_field_config.core.v3.Http2ProtocolOptions.override_stream_error_on_invalid_http_message>`
+	// *not* the deprecated but similarly named :ref:`stream_error_on_invalid_http_messaging
+	// <envoy_v3_api_field_config.core.v3.Http2ProtocolOptions.stream_error_on_invalid_http_messaging>`
+	StreamErrorOnInvalidHttpMessage *wrappers.BoolValue `protobuf:"bytes,40,opt,name=stream_error_on_invalid_http_message,json=streamErrorOnInvalidHttpMessage,proto3" json:"stream_error_on_invalid_http_message,omitempty"`
+	// [#not-implemented-hide:] Path normalization configuration. This includes
+	// configurations for transformations (e.g. RFC 3986 normalization or merge
+	// adjacent slashes) and the policy to apply them. The policy determines
+	// whether transformations affect the forwarded *:path* header. RFC 3986 path
+	// normalization is enabled by default and the default policy is that the
+	// normalized header will be forwarded. See :ref:`PathNormalizationOptions
+	// <envoy_v3_api_msg_extensions.filters.network.http_connection_manager.v3.PathNormalizationOptions>`
+	// for details.
+	PathNormalizationOptions *HttpConnectionManager_PathNormalizationOptions `protobuf:"bytes,43,opt,name=path_normalization_options,json=pathNormalizationOptions,proto3" json:"path_normalization_options,omitempty"`
+	// Determines if trailing dot of the host should be removed from host/authority header before any
+	// processing of request by HTTP filters or routing.
+	// This affects the upstream host header.
+	// Without setting this option, incoming requests with host `example.com.` will not match against
+	// route with :ref:`domains<envoy_v3_api_field_config.route.v3.VirtualHost.domains>` match set to `example.com`. Defaults to `false`.
+	// When the incoming request contains a host/authority header that includes a port number,
+	// setting this option will strip a trailing dot, if present, from the host section,
+	// leaving the port as is (e.g. host value `example.com.:443` will be updated to `example.com:443`).
+	StripTrailingHostDot bool `protobuf:"varint,47,opt,name=strip_trailing_host_dot,json=stripTrailingHostDot,proto3" json:"strip_trailing_host_dot,omitempty"`
+}
+
+func (x *HttpConnectionManager) Reset() {
+	*x = HttpConnectionManager{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_extensions_filters_network_http_connection_manager_v3_http_connection_manager_proto_msgTypes[0]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *HttpConnectionManager) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*HttpConnectionManager) ProtoMessage() {}
+
+func (x *HttpConnectionManager) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_extensions_filters_network_http_connection_manager_v3_http_connection_manager_proto_msgTypes[0]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use HttpConnectionManager.ProtoReflect.Descriptor instead.
+func (*HttpConnectionManager) Descriptor() ([]byte, []int) {
+	return file_envoy_extensions_filters_network_http_connection_manager_v3_http_connection_manager_proto_rawDescGZIP(), []int{0}
+}
+
+func (x *HttpConnectionManager) GetCodecType() HttpConnectionManager_CodecType {
+	if x != nil {
+		return x.CodecType
+	}
+	return HttpConnectionManager_AUTO
+}
+
+func (x *HttpConnectionManager) GetStatPrefix() string {
+	if x != nil {
+		return x.StatPrefix
+	}
+	return ""
+}
+
+func (m *HttpConnectionManager) GetRouteSpecifier() isHttpConnectionManager_RouteSpecifier {
+	if m != nil {
+		return m.RouteSpecifier
+	}
+	return nil
+}
+
+func (x *HttpConnectionManager) GetRds() *Rds {
+	if x, ok := x.GetRouteSpecifier().(*HttpConnectionManager_Rds); ok {
+		return x.Rds
+	}
+	return nil
+}
+
+func (x *HttpConnectionManager) GetRouteConfig() *v32.RouteConfiguration {
+	if x, ok := x.GetRouteSpecifier().(*HttpConnectionManager_RouteConfig); ok {
+		return x.RouteConfig
+	}
+	return nil
+}
+
+func (x *HttpConnectionManager) GetScopedRoutes() *ScopedRoutes {
+	if x, ok := x.GetRouteSpecifier().(*HttpConnectionManager_ScopedRoutes); ok {
+		return x.ScopedRoutes
+	}
+	return nil
+}
+
+func (x *HttpConnectionManager) GetHttpFilters() []*HttpFilter {
+	if x != nil {
+		return x.HttpFilters
+	}
+	return nil
+}
+
+func (x *HttpConnectionManager) GetAddUserAgent() *wrappers.BoolValue {
+	if x != nil {
+		return x.AddUserAgent
+	}
+	return nil
+}
+
+func (x *HttpConnectionManager) GetTracing() *HttpConnectionManager_Tracing {
+	if x != nil {
+		return x.Tracing
+	}
+	return nil
+}
+
+func (x *HttpConnectionManager) GetCommonHttpProtocolOptions() *v3.HttpProtocolOptions {
+	if x != nil {
+		return x.CommonHttpProtocolOptions
+	}
+	return nil
+}
+
+func (x *HttpConnectionManager) GetHttpProtocolOptions() *v3.Http1ProtocolOptions {
+	if x != nil {
+		return x.HttpProtocolOptions
+	}
+	return nil
+}
+
+func (x *HttpConnectionManager) GetHttp2ProtocolOptions() *v3.Http2ProtocolOptions {
+	if x != nil {
+		return x.Http2ProtocolOptions
+	}
+	return nil
+}
+
+func (x *HttpConnectionManager) GetHttp3ProtocolOptions() *v3.Http3ProtocolOptions {
+	if x != nil {
+		return x.Http3ProtocolOptions
+	}
+	return nil
+}
+
+func (x *HttpConnectionManager) GetServerName() string {
+	if x != nil {
+		return x.ServerName
+	}
+	return ""
+}
+
+func (x *HttpConnectionManager) GetServerHeaderTransformation() HttpConnectionManager_ServerHeaderTransformation {
+	if x != nil {
+		return x.ServerHeaderTransformation
+	}
+	return HttpConnectionManager_OVERWRITE
+}
+
+func (x *HttpConnectionManager) GetSchemeHeaderTransformation() *v3.SchemeHeaderTransformation {
+	if x != nil {
+		return x.SchemeHeaderTransformation
+	}
+	return nil
+}
+
+func (x *HttpConnectionManager) GetMaxRequestHeadersKb() *wrappers.UInt32Value {
+	if x != nil {
+		return x.MaxRequestHeadersKb
+	}
+	return nil
+}
+
+func (x *HttpConnectionManager) GetStreamIdleTimeout() *duration.Duration {
+	if x != nil {
+		return x.StreamIdleTimeout
+	}
+	return nil
+}
+
+func (x *HttpConnectionManager) GetRequestTimeout() *duration.Duration {
+	if x != nil {
+		return x.RequestTimeout
+	}
+	return nil
+}
+
+func (x *HttpConnectionManager) GetRequestHeadersTimeout() *duration.Duration {
+	if x != nil {
+		return x.RequestHeadersTimeout
+	}
+	return nil
+}
+
+func (x *HttpConnectionManager) GetDrainTimeout() *duration.Duration {
+	if x != nil {
+		return x.DrainTimeout
+	}
+	return nil
+}
+
+func (x *HttpConnectionManager) GetDelayedCloseTimeout() *duration.Duration {
+	if x != nil {
+		return x.DelayedCloseTimeout
+	}
+	return nil
+}
+
+func (x *HttpConnectionManager) GetAccessLog() []*v31.AccessLog {
+	if x != nil {
+		return x.AccessLog
+	}
+	return nil
+}
+
+func (x *HttpConnectionManager) GetUseRemoteAddress() *wrappers.BoolValue {
+	if x != nil {
+		return x.UseRemoteAddress
+	}
+	return nil
+}
+
+func (x *HttpConnectionManager) GetXffNumTrustedHops() uint32 {
+	if x != nil {
+		return x.XffNumTrustedHops
+	}
+	return 0
+}
+
+func (x *HttpConnectionManager) GetOriginalIpDetectionExtensions() []*v3.TypedExtensionConfig {
+	if x != nil {
+		return x.OriginalIpDetectionExtensions
+	}
+	return nil
+}
+
+func (x *HttpConnectionManager) GetInternalAddressConfig() *HttpConnectionManager_InternalAddressConfig {
+	if x != nil {
+		return x.InternalAddressConfig
+	}
+	return nil
+}
+
+func (x *HttpConnectionManager) GetSkipXffAppend() bool {
+	if x != nil {
+		return x.SkipXffAppend
+	}
+	return false
+}
+
+func (x *HttpConnectionManager) GetVia() string {
+	if x != nil {
+		return x.Via
+	}
+	return ""
+}
+
+func (x *HttpConnectionManager) GetGenerateRequestId() *wrappers.BoolValue {
+	if x != nil {
+		return x.GenerateRequestId
+	}
+	return nil
+}
+
+func (x *HttpConnectionManager) GetPreserveExternalRequestId() bool {
+	if x != nil {
+		return x.PreserveExternalRequestId
+	}
+	return false
+}
+
+func (x *HttpConnectionManager) GetAlwaysSetRequestIdInResponse() bool {
+	if x != nil {
+		return x.AlwaysSetRequestIdInResponse
+	}
+	return false
+}
+
+func (x *HttpConnectionManager) GetForwardClientCertDetails() HttpConnectionManager_ForwardClientCertDetails {
+	if x != nil {
+		return x.ForwardClientCertDetails
+	}
+	return HttpConnectionManager_SANITIZE
+}
+
+func (x *HttpConnectionManager) GetSetCurrentClientCertDetails() *HttpConnectionManager_SetCurrentClientCertDetails {
+	if x != nil {
+		return x.SetCurrentClientCertDetails
+	}
+	return nil
+}
+
+func (x *HttpConnectionManager) GetProxy_100Continue() bool {
+	if x != nil {
+		return x.Proxy_100Continue
+	}
+	return false
+}
+
+func (x *HttpConnectionManager) GetRepresentIpv4RemoteAddressAsIpv4MappedIpv6() bool {
+	if x != nil {
+		return x.RepresentIpv4RemoteAddressAsIpv4MappedIpv6
+	}
+	return false
+}
+
+func (x *HttpConnectionManager) GetUpgradeConfigs() []*HttpConnectionManager_UpgradeConfig {
+	if x != nil {
+		return x.UpgradeConfigs
+	}
+	return nil
+}
+
+func (x *HttpConnectionManager) GetNormalizePath() *wrappers.BoolValue {
+	if x != nil {
+		return x.NormalizePath
+	}
+	return nil
+}
+
+func (x *HttpConnectionManager) GetMergeSlashes() bool {
+	if x != nil {
+		return x.MergeSlashes
+	}
+	return false
+}
+
+func (x *HttpConnectionManager) GetPathWithEscapedSlashesAction() HttpConnectionManager_PathWithEscapedSlashesAction {
+	if x != nil {
+		return x.PathWithEscapedSlashesAction
+	}
+	return HttpConnectionManager_IMPLEMENTATION_SPECIFIC_DEFAULT
+}
+
+func (x *HttpConnectionManager) GetRequestIdExtension() *RequestIDExtension {
+	if x != nil {
+		return x.RequestIdExtension
+	}
+	return nil
+}
+
+func (x *HttpConnectionManager) GetLocalReplyConfig() *LocalReplyConfig {
+	if x != nil {
+		return x.LocalReplyConfig
+	}
+	return nil
+}
+
+func (x *HttpConnectionManager) GetStripMatchingHostPort() bool {
+	if x != nil {
+		return x.StripMatchingHostPort
+	}
+	return false
+}
+
+func (m *HttpConnectionManager) GetStripPortMode() isHttpConnectionManager_StripPortMode {
+	if m != nil {
+		return m.StripPortMode
+	}
+	return nil
+}
+
+func (x *HttpConnectionManager) GetStripAnyHostPort() bool {
+	if x, ok := x.GetStripPortMode().(*HttpConnectionManager_StripAnyHostPort); ok {
+		return x.StripAnyHostPort
+	}
+	return false
+}
+
+func (x *HttpConnectionManager) GetStreamErrorOnInvalidHttpMessage() *wrappers.BoolValue {
+	if x != nil {
+		return x.StreamErrorOnInvalidHttpMessage
+	}
+	return nil
+}
+
+func (x *HttpConnectionManager) GetPathNormalizationOptions() *HttpConnectionManager_PathNormalizationOptions {
+	if x != nil {
+		return x.PathNormalizationOptions
+	}
+	return nil
+}
+
+func (x *HttpConnectionManager) GetStripTrailingHostDot() bool {
+	if x != nil {
+		return x.StripTrailingHostDot
+	}
+	return false
+}
+
+type isHttpConnectionManager_RouteSpecifier interface {
+	isHttpConnectionManager_RouteSpecifier()
+}
+
+type HttpConnectionManager_Rds struct {
+	// The connection manager’s route table will be dynamically loaded via the RDS API.
+	Rds *Rds `protobuf:"bytes,3,opt,name=rds,proto3,oneof"`
+}
+
+type HttpConnectionManager_RouteConfig struct {
+	// The route table for the connection manager is static and is specified in this property.
+	RouteConfig *v32.RouteConfiguration `protobuf:"bytes,4,opt,name=route_config,json=routeConfig,proto3,oneof"`
+}
+
+type HttpConnectionManager_ScopedRoutes struct {
+	// A route table will be dynamically assigned to each request based on request attributes
+	// (e.g., the value of a header). The "routing scopes" (i.e., route tables) and "scope keys" are
+	// specified in this message.
+	ScopedRoutes *ScopedRoutes `protobuf:"bytes,31,opt,name=scoped_routes,json=scopedRoutes,proto3,oneof"`
+}
+
+func (*HttpConnectionManager_Rds) isHttpConnectionManager_RouteSpecifier() {}
+
+func (*HttpConnectionManager_RouteConfig) isHttpConnectionManager_RouteSpecifier() {}
+
+func (*HttpConnectionManager_ScopedRoutes) isHttpConnectionManager_RouteSpecifier() {}
+
+type isHttpConnectionManager_StripPortMode interface {
+	isHttpConnectionManager_StripPortMode()
+}
+
+type HttpConnectionManager_StripAnyHostPort struct {
+	// Determines if the port part should be removed from host/authority header before any processing
+	// of request by HTTP filters or routing.
+	// This affects the upstream host header unless the method is CONNECT in
+	// which case if no filter adds a port the original port will be restored before headers are sent upstream.
+	// Without setting this option, incoming requests with host `example:443` will not match against
+	// route with :ref:`domains<envoy_v3_api_field_config.route.v3.VirtualHost.domains>` match set to `example`. Defaults to `false`. Note that port removal is not part
+	// of `HTTP spec <https://tools.ietf.org/html/rfc3986>`_ and is provided for convenience.
+	// Only one of `strip_matching_host_port` or `strip_any_host_port` can be set.
+	StripAnyHostPort bool `protobuf:"varint,42,opt,name=strip_any_host_port,json=stripAnyHostPort,proto3,oneof"`
+}
+
+func (*HttpConnectionManager_StripAnyHostPort) isHttpConnectionManager_StripPortMode() {}
+
+// The configuration to customize local reply returned by Envoy.
+type LocalReplyConfig struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// Configuration of list of mappers which allows to filter and change local response.
+	// The mappers will be checked by the specified order until one is matched.
+	Mappers []*ResponseMapper `protobuf:"bytes,1,rep,name=mappers,proto3" json:"mappers,omitempty"`
+	// The configuration to form response body from the :ref:`command operators <config_access_log_command_operators>`
+	// and to specify response content type as one of: plain/text or application/json.
+	//
+	// Example one: "plain/text" ``body_format``.
+	//
+	// .. validated-code-block:: yaml
+	//   :type-name: envoy.config.core.v3.SubstitutionFormatString
+	//
+	//   text_format: "%LOCAL_REPLY_BODY%:%RESPONSE_CODE%:path=%REQ(:path)%\n"
+	//
+	// The following response body in "plain/text" format will be generated for a request with
+	// local reply body of "upstream connection error", response_code=503 and path=/foo.
+	//
+	// .. code-block:: text
+	//
+	//   upstream connect error:503:path=/foo
+	//
+	// Example two: "application/json" ``body_format``.
+	//
+	// .. validated-code-block:: yaml
+	//   :type-name: envoy.config.core.v3.SubstitutionFormatString
+	//
+	//   json_format:
+	//     status: "%RESPONSE_CODE%"
+	//     message: "%LOCAL_REPLY_BODY%"
+	//     path: "%REQ(:path)%"
+	//
+	// The following response body in "application/json" format would be generated for a request with
+	// local reply body of "upstream connection error", response_code=503 and path=/foo.
+	//
+	// .. code-block:: json
+	//
+	//  {
+	//    "status": 503,
+	//    "message": "upstream connection error",
+	//    "path": "/foo"
+	//  }
+	//
+	BodyFormat *v3.SubstitutionFormatString `protobuf:"bytes,2,opt,name=body_format,json=bodyFormat,proto3" json:"body_format,omitempty"`
+}
+
+func (x *LocalReplyConfig) Reset() {
+	*x = LocalReplyConfig{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_extensions_filters_network_http_connection_manager_v3_http_connection_manager_proto_msgTypes[1]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *LocalReplyConfig) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*LocalReplyConfig) ProtoMessage() {}
+
+func (x *LocalReplyConfig) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_extensions_filters_network_http_connection_manager_v3_http_connection_manager_proto_msgTypes[1]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use LocalReplyConfig.ProtoReflect.Descriptor instead.
+func (*LocalReplyConfig) Descriptor() ([]byte, []int) {
+	return file_envoy_extensions_filters_network_http_connection_manager_v3_http_connection_manager_proto_rawDescGZIP(), []int{1}
+}
+
+func (x *LocalReplyConfig) GetMappers() []*ResponseMapper {
+	if x != nil {
+		return x.Mappers
+	}
+	return nil
+}
+
+func (x *LocalReplyConfig) GetBodyFormat() *v3.SubstitutionFormatString {
+	if x != nil {
+		return x.BodyFormat
+	}
+	return nil
+}
+
+// The configuration to filter and change local response.
+// [#next-free-field: 6]
+type ResponseMapper struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// Filter to determine if this mapper should apply.
+	Filter *v31.AccessLogFilter `protobuf:"bytes,1,opt,name=filter,proto3" json:"filter,omitempty"`
+	// The new response status code if specified.
+	StatusCode *wrappers.UInt32Value `protobuf:"bytes,2,opt,name=status_code,json=statusCode,proto3" json:"status_code,omitempty"`
+	// The new local reply body text if specified. It will be used in the `%LOCAL_REPLY_BODY%`
+	// command operator in the `body_format`.
+	Body *v3.DataSource `protobuf:"bytes,3,opt,name=body,proto3" json:"body,omitempty"`
+	// A per mapper `body_format` to override the :ref:`body_format <envoy_v3_api_field_extensions.filters.network.http_connection_manager.v3.LocalReplyConfig.body_format>`.
+	// It will be used when this mapper is matched.
+	BodyFormatOverride *v3.SubstitutionFormatString `protobuf:"bytes,4,opt,name=body_format_override,json=bodyFormatOverride,proto3" json:"body_format_override,omitempty"`
+	// HTTP headers to add to a local reply. This allows the response mapper to append, to add
+	// or to override headers of any local reply before it is sent to a downstream client.
+	HeadersToAdd []*v3.HeaderValueOption `protobuf:"bytes,5,rep,name=headers_to_add,json=headersToAdd,proto3" json:"headers_to_add,omitempty"`
+}
+
+func (x *ResponseMapper) Reset() {
+	*x = ResponseMapper{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_extensions_filters_network_http_connection_manager_v3_http_connection_manager_proto_msgTypes[2]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *ResponseMapper) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*ResponseMapper) ProtoMessage() {}
+
+func (x *ResponseMapper) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_extensions_filters_network_http_connection_manager_v3_http_connection_manager_proto_msgTypes[2]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use ResponseMapper.ProtoReflect.Descriptor instead.
+func (*ResponseMapper) Descriptor() ([]byte, []int) {
+	return file_envoy_extensions_filters_network_http_connection_manager_v3_http_connection_manager_proto_rawDescGZIP(), []int{2}
+}
+
+func (x *ResponseMapper) GetFilter() *v31.AccessLogFilter {
+	if x != nil {
+		return x.Filter
+	}
+	return nil
+}
+
+func (x *ResponseMapper) GetStatusCode() *wrappers.UInt32Value {
+	if x != nil {
+		return x.StatusCode
+	}
+	return nil
+}
+
+func (x *ResponseMapper) GetBody() *v3.DataSource {
+	if x != nil {
+		return x.Body
+	}
+	return nil
+}
+
+func (x *ResponseMapper) GetBodyFormatOverride() *v3.SubstitutionFormatString {
+	if x != nil {
+		return x.BodyFormatOverride
+	}
+	return nil
+}
+
+func (x *ResponseMapper) GetHeadersToAdd() []*v3.HeaderValueOption {
+	if x != nil {
+		return x.HeadersToAdd
+	}
+	return nil
+}
+
+type Rds struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// Configuration source specifier for RDS.
+	ConfigSource *v3.ConfigSource `protobuf:"bytes,1,opt,name=config_source,json=configSource,proto3" json:"config_source,omitempty"`
+	// The name of the route configuration. This name will be passed to the RDS
+	// API. This allows an Envoy configuration with multiple HTTP listeners (and
+	// associated HTTP connection manager filters) to use different route
+	// configurations.
+	RouteConfigName string `protobuf:"bytes,2,opt,name=route_config_name,json=routeConfigName,proto3" json:"route_config_name,omitempty"`
+}
+
+func (x *Rds) Reset() {
+	*x = Rds{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_extensions_filters_network_http_connection_manager_v3_http_connection_manager_proto_msgTypes[3]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *Rds) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*Rds) ProtoMessage() {}
+
+func (x *Rds) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_extensions_filters_network_http_connection_manager_v3_http_connection_manager_proto_msgTypes[3]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use Rds.ProtoReflect.Descriptor instead.
+func (*Rds) Descriptor() ([]byte, []int) {
+	return file_envoy_extensions_filters_network_http_connection_manager_v3_http_connection_manager_proto_rawDescGZIP(), []int{3}
+}
+
+func (x *Rds) GetConfigSource() *v3.ConfigSource {
+	if x != nil {
+		return x.ConfigSource
+	}
+	return nil
+}
+
+func (x *Rds) GetRouteConfigName() string {
+	if x != nil {
+		return x.RouteConfigName
+	}
+	return ""
+}
+
+// This message is used to work around the limitations with 'oneof' and repeated fields.
+type ScopedRouteConfigurationsList struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	ScopedRouteConfigurations []*v32.ScopedRouteConfiguration `protobuf:"bytes,1,rep,name=scoped_route_configurations,json=scopedRouteConfigurations,proto3" json:"scoped_route_configurations,omitempty"`
+}
+
+func (x *ScopedRouteConfigurationsList) Reset() {
+	*x = ScopedRouteConfigurationsList{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_extensions_filters_network_http_connection_manager_v3_http_connection_manager_proto_msgTypes[4]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *ScopedRouteConfigurationsList) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*ScopedRouteConfigurationsList) ProtoMessage() {}
+
+func (x *ScopedRouteConfigurationsList) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_extensions_filters_network_http_connection_manager_v3_http_connection_manager_proto_msgTypes[4]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use ScopedRouteConfigurationsList.ProtoReflect.Descriptor instead.
+func (*ScopedRouteConfigurationsList) Descriptor() ([]byte, []int) {
+	return file_envoy_extensions_filters_network_http_connection_manager_v3_http_connection_manager_proto_rawDescGZIP(), []int{4}
+}
+
+func (x *ScopedRouteConfigurationsList) GetScopedRouteConfigurations() []*v32.ScopedRouteConfiguration {
+	if x != nil {
+		return x.ScopedRouteConfigurations
+	}
+	return nil
+}
+
+// [#next-free-field: 6]
+type ScopedRoutes struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// The name assigned to the scoped routing configuration.
+	Name string `protobuf:"bytes,1,opt,name=name,proto3" json:"name,omitempty"`
+	// The algorithm to use for constructing a scope key for each request.
+	ScopeKeyBuilder *ScopedRoutes_ScopeKeyBuilder `protobuf:"bytes,2,opt,name=scope_key_builder,json=scopeKeyBuilder,proto3" json:"scope_key_builder,omitempty"`
+	// Configuration source specifier for RDS.
+	// This config source is used to subscribe to RouteConfiguration resources specified in
+	// ScopedRouteConfiguration messages.
+	RdsConfigSource *v3.ConfigSource `protobuf:"bytes,3,opt,name=rds_config_source,json=rdsConfigSource,proto3" json:"rds_config_source,omitempty"`
+	// Types that are assignable to ConfigSpecifier:
+	//	*ScopedRoutes_ScopedRouteConfigurationsList
+	//	*ScopedRoutes_ScopedRds
+	ConfigSpecifier isScopedRoutes_ConfigSpecifier `protobuf_oneof:"config_specifier"`
+}
+
+func (x *ScopedRoutes) Reset() {
+	*x = ScopedRoutes{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_extensions_filters_network_http_connection_manager_v3_http_connection_manager_proto_msgTypes[5]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *ScopedRoutes) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*ScopedRoutes) ProtoMessage() {}
+
+func (x *ScopedRoutes) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_extensions_filters_network_http_connection_manager_v3_http_connection_manager_proto_msgTypes[5]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use ScopedRoutes.ProtoReflect.Descriptor instead.
+func (*ScopedRoutes) Descriptor() ([]byte, []int) {
+	return file_envoy_extensions_filters_network_http_connection_manager_v3_http_connection_manager_proto_rawDescGZIP(), []int{5}
+}
+
+func (x *ScopedRoutes) GetName() string {
+	if x != nil {
+		return x.Name
+	}
+	return ""
+}
+
+func (x *ScopedRoutes) GetScopeKeyBuilder() *ScopedRoutes_ScopeKeyBuilder {
+	if x != nil {
+		return x.ScopeKeyBuilder
+	}
+	return nil
+}
+
+func (x *ScopedRoutes) GetRdsConfigSource() *v3.ConfigSource {
+	if x != nil {
+		return x.RdsConfigSource
+	}
+	return nil
+}
+
+func (m *ScopedRoutes) GetConfigSpecifier() isScopedRoutes_ConfigSpecifier {
+	if m != nil {
+		return m.ConfigSpecifier
+	}
+	return nil
+}
+
+func (x *ScopedRoutes) GetScopedRouteConfigurationsList() *ScopedRouteConfigurationsList {
+	if x, ok := x.GetConfigSpecifier().(*ScopedRoutes_ScopedRouteConfigurationsList); ok {
+		return x.ScopedRouteConfigurationsList
+	}
+	return nil
+}
+
+func (x *ScopedRoutes) GetScopedRds() *ScopedRds {
+	if x, ok := x.GetConfigSpecifier().(*ScopedRoutes_ScopedRds); ok {
+		return x.ScopedRds
+	}
+	return nil
+}
+
+type isScopedRoutes_ConfigSpecifier interface {
+	isScopedRoutes_ConfigSpecifier()
+}
+
+type ScopedRoutes_ScopedRouteConfigurationsList struct {
+	// The set of routing scopes corresponding to the HCM. A scope is assigned to a request by
+	// matching a key constructed from the request's attributes according to the algorithm specified
+	// by the
+	// :ref:`ScopeKeyBuilder<envoy_v3_api_msg_extensions.filters.network.http_connection_manager.v3.ScopedRoutes.ScopeKeyBuilder>`
+	// in this message.
+	ScopedRouteConfigurationsList *ScopedRouteConfigurationsList `protobuf:"bytes,4,opt,name=scoped_route_configurations_list,json=scopedRouteConfigurationsList,proto3,oneof"`
+}
+
+type ScopedRoutes_ScopedRds struct {
+	// The set of routing scopes associated with the HCM will be dynamically loaded via the SRDS
+	// API. A scope is assigned to a request by matching a key constructed from the request's
+	// attributes according to the algorithm specified by the
+	// :ref:`ScopeKeyBuilder<envoy_v3_api_msg_extensions.filters.network.http_connection_manager.v3.ScopedRoutes.ScopeKeyBuilder>`
+	// in this message.
+	ScopedRds *ScopedRds `protobuf:"bytes,5,opt,name=scoped_rds,json=scopedRds,proto3,oneof"`
+}
+
+func (*ScopedRoutes_ScopedRouteConfigurationsList) isScopedRoutes_ConfigSpecifier() {}
+
+func (*ScopedRoutes_ScopedRds) isScopedRoutes_ConfigSpecifier() {}
+
+type ScopedRds struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// Configuration source specifier for scoped RDS.
+	ScopedRdsConfigSource *v3.ConfigSource `protobuf:"bytes,1,opt,name=scoped_rds_config_source,json=scopedRdsConfigSource,proto3" json:"scoped_rds_config_source,omitempty"`
+	// xdstp:// resource locator for scoped RDS collection.
+	// [#not-implemented-hide:]
+	SrdsResourcesLocator string `protobuf:"bytes,2,opt,name=srds_resources_locator,json=srdsResourcesLocator,proto3" json:"srds_resources_locator,omitempty"`
+}
+
+func (x *ScopedRds) Reset() {
+	*x = ScopedRds{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_extensions_filters_network_http_connection_manager_v3_http_connection_manager_proto_msgTypes[6]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *ScopedRds) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*ScopedRds) ProtoMessage() {}
+
+func (x *ScopedRds) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_extensions_filters_network_http_connection_manager_v3_http_connection_manager_proto_msgTypes[6]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use ScopedRds.ProtoReflect.Descriptor instead.
+func (*ScopedRds) Descriptor() ([]byte, []int) {
+	return file_envoy_extensions_filters_network_http_connection_manager_v3_http_connection_manager_proto_rawDescGZIP(), []int{6}
+}
+
+func (x *ScopedRds) GetScopedRdsConfigSource() *v3.ConfigSource {
+	if x != nil {
+		return x.ScopedRdsConfigSource
+	}
+	return nil
+}
+
+func (x *ScopedRds) GetSrdsResourcesLocator() string {
+	if x != nil {
+		return x.SrdsResourcesLocator
+	}
+	return ""
+}
+
+// [#next-free-field: 7]
+type HttpFilter struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// The name of the filter configuration. The name is used as a fallback to
+	// select an extension if the type of the configuration proto is not
+	// sufficient. It also serves as a resource name in ExtensionConfigDS.
+	Name string `protobuf:"bytes,1,opt,name=name,proto3" json:"name,omitempty"`
+	// Types that are assignable to ConfigType:
+	//	*HttpFilter_TypedConfig
+	//	*HttpFilter_ConfigDiscovery
+	ConfigType isHttpFilter_ConfigType `protobuf_oneof:"config_type"`
+	// If true, clients that do not support this filter may ignore the
+	// filter but otherwise accept the config.
+	// Otherwise, clients that do not support this filter must reject the config.
+	// This is also same with typed per filter config.
+	IsOptional bool `protobuf:"varint,6,opt,name=is_optional,json=isOptional,proto3" json:"is_optional,omitempty"`
+}
+
+func (x *HttpFilter) Reset() {
+	*x = HttpFilter{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_extensions_filters_network_http_connection_manager_v3_http_connection_manager_proto_msgTypes[7]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *HttpFilter) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*HttpFilter) ProtoMessage() {}
+
+func (x *HttpFilter) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_extensions_filters_network_http_connection_manager_v3_http_connection_manager_proto_msgTypes[7]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use HttpFilter.ProtoReflect.Descriptor instead.
+func (*HttpFilter) Descriptor() ([]byte, []int) {
+	return file_envoy_extensions_filters_network_http_connection_manager_v3_http_connection_manager_proto_rawDescGZIP(), []int{7}
+}
+
+func (x *HttpFilter) GetName() string {
+	if x != nil {
+		return x.Name
+	}
+	return ""
+}
+
+func (m *HttpFilter) GetConfigType() isHttpFilter_ConfigType {
+	if m != nil {
+		return m.ConfigType
+	}
+	return nil
+}
+
+func (x *HttpFilter) GetTypedConfig() *any.Any {
+	if x, ok := x.GetConfigType().(*HttpFilter_TypedConfig); ok {
+		return x.TypedConfig
+	}
+	return nil
+}
+
+func (x *HttpFilter) GetConfigDiscovery() *v3.ExtensionConfigSource {
+	if x, ok := x.GetConfigType().(*HttpFilter_ConfigDiscovery); ok {
+		return x.ConfigDiscovery
+	}
+	return nil
+}
+
+func (x *HttpFilter) GetIsOptional() bool {
+	if x != nil {
+		return x.IsOptional
+	}
+	return false
+}
+
+type isHttpFilter_ConfigType interface {
+	isHttpFilter_ConfigType()
+}
+
+type HttpFilter_TypedConfig struct {
+	// Filter specific configuration which depends on the filter being instantiated. See the supported
+	// filters for further documentation.
+	//
+	// To support configuring a :ref:`match tree <arch_overview_matching_api>`, use an
+	// :ref:`ExtensionWithMatcher <envoy_v3_api_msg_extensions.common.matching.v3.ExtensionWithMatcher>`
+	// with the desired HTTP filter.
+	// [#extension-category: envoy.filters.http]
+	TypedConfig *any.Any `protobuf:"bytes,4,opt,name=typed_config,json=typedConfig,proto3,oneof"`
+}
+
+type HttpFilter_ConfigDiscovery struct {
+	// Configuration source specifier for an extension configuration discovery service.
+	// In case of a failure and without the default configuration, the HTTP listener responds with code 500.
+	// Extension configs delivered through this mechanism are not expected to require warming (see https://github.com/envoyproxy/envoy/issues/12061).
+	//
+	// To support configuring a :ref:`match tree <arch_overview_matching_api>`, use an
+	// :ref:`ExtensionWithMatcher <envoy_v3_api_msg_extensions.common.matching.v3.ExtensionWithMatcher>`
+	// with the desired HTTP filter. This works for both the default filter configuration as well
+	// as for filters provided via the API.
+	ConfigDiscovery *v3.ExtensionConfigSource `protobuf:"bytes,5,opt,name=config_discovery,json=configDiscovery,proto3,oneof"`
+}
+
+func (*HttpFilter_TypedConfig) isHttpFilter_ConfigType() {}
+
+func (*HttpFilter_ConfigDiscovery) isHttpFilter_ConfigType() {}
+
+type RequestIDExtension struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// Request ID extension specific configuration.
+	TypedConfig *any.Any `protobuf:"bytes,1,opt,name=typed_config,json=typedConfig,proto3" json:"typed_config,omitempty"`
+}
+
+func (x *RequestIDExtension) Reset() {
+	*x = RequestIDExtension{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_extensions_filters_network_http_connection_manager_v3_http_connection_manager_proto_msgTypes[8]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *RequestIDExtension) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*RequestIDExtension) ProtoMessage() {}
+
+func (x *RequestIDExtension) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_extensions_filters_network_http_connection_manager_v3_http_connection_manager_proto_msgTypes[8]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use RequestIDExtension.ProtoReflect.Descriptor instead.
+func (*RequestIDExtension) Descriptor() ([]byte, []int) {
+	return file_envoy_extensions_filters_network_http_connection_manager_v3_http_connection_manager_proto_rawDescGZIP(), []int{8}
+}
+
+func (x *RequestIDExtension) GetTypedConfig() *any.Any {
+	if x != nil {
+		return x.TypedConfig
+	}
+	return nil
+}
+
+// [#protodoc-title: Envoy Mobile HTTP connection manager]
+// HTTP connection manager for use in Envoy mobile.
+// [#extension: envoy.filters.network.envoy_mobile_http_connection_manager]
+type EnvoyMobileHttpConnectionManager struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// The configuration for the underlying HttpConnectionManager which will be
+	// instantiated for Envoy mobile.
+	Config *HttpConnectionManager `protobuf:"bytes,1,opt,name=config,proto3" json:"config,omitempty"`
+}
+
+func (x *EnvoyMobileHttpConnectionManager) Reset() {
+	*x = EnvoyMobileHttpConnectionManager{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_extensions_filters_network_http_connection_manager_v3_http_connection_manager_proto_msgTypes[9]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *EnvoyMobileHttpConnectionManager) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*EnvoyMobileHttpConnectionManager) ProtoMessage() {}
+
+func (x *EnvoyMobileHttpConnectionManager) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_extensions_filters_network_http_connection_manager_v3_http_connection_manager_proto_msgTypes[9]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use EnvoyMobileHttpConnectionManager.ProtoReflect.Descriptor instead.
+func (*EnvoyMobileHttpConnectionManager) Descriptor() ([]byte, []int) {
+	return file_envoy_extensions_filters_network_http_connection_manager_v3_http_connection_manager_proto_rawDescGZIP(), []int{9}
+}
+
+func (x *EnvoyMobileHttpConnectionManager) GetConfig() *HttpConnectionManager {
+	if x != nil {
+		return x.Config
+	}
+	return nil
+}
+
+// [#next-free-field: 10]
+type HttpConnectionManager_Tracing struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// Target percentage of requests managed by this HTTP connection manager that will be force
+	// traced if the :ref:`x-client-trace-id <config_http_conn_man_headers_x-client-trace-id>`
+	// header is set. This field is a direct analog for the runtime variable
+	// 'tracing.client_sampling' in the :ref:`HTTP Connection Manager
+	// <config_http_conn_man_runtime>`.
+	// Default: 100%
+	ClientSampling *v33.Percent `protobuf:"bytes,3,opt,name=client_sampling,json=clientSampling,proto3" json:"client_sampling,omitempty"`
+	// Target percentage of requests managed by this HTTP connection manager that will be randomly
+	// selected for trace generation, if not requested by the client or not forced. This field is
+	// a direct analog for the runtime variable 'tracing.random_sampling' in the
+	// :ref:`HTTP Connection Manager <config_http_conn_man_runtime>`.
+	// Default: 100%
+	RandomSampling *v33.Percent `protobuf:"bytes,4,opt,name=random_sampling,json=randomSampling,proto3" json:"random_sampling,omitempty"`
+	// Target percentage of requests managed by this HTTP connection manager that will be traced
+	// after all other sampling checks have been applied (client-directed, force tracing, random
+	// sampling). This field functions as an upper limit on the total configured sampling rate. For
+	// instance, setting client_sampling to 100% but overall_sampling to 1% will result in only 1%
+	// of client requests with the appropriate headers to be force traced. This field is a direct
+	// analog for the runtime variable 'tracing.global_enabled' in the
+	// :ref:`HTTP Connection Manager <config_http_conn_man_runtime>`.
+	// Default: 100%
+	OverallSampling *v33.Percent `protobuf:"bytes,5,opt,name=overall_sampling,json=overallSampling,proto3" json:"overall_sampling,omitempty"`
+	// Whether to annotate spans with additional data. If true, spans will include logs for stream
+	// events.
+	Verbose bool `protobuf:"varint,6,opt,name=verbose,proto3" json:"verbose,omitempty"`
+	// Maximum length of the request path to extract and include in the HttpUrl tag. Used to
+	// truncate lengthy request paths to meet the needs of a tracing backend.
+	// Default: 256
+	MaxPathTagLength *wrappers.UInt32Value `protobuf:"bytes,7,opt,name=max_path_tag_length,json=maxPathTagLength,proto3" json:"max_path_tag_length,omitempty"`
+	// A list of custom tags with unique tag name to create tags for the active span.
+	CustomTags []*v34.CustomTag `protobuf:"bytes,8,rep,name=custom_tags,json=customTags,proto3" json:"custom_tags,omitempty"`
+	// Configuration for an external tracing provider.
+	// If not specified, no tracing will be performed.
+	//
+	// .. attention::
+	//   Please be aware that *envoy.tracers.opencensus* provider can only be configured once
+	//   in Envoy lifetime.
+	//   Any attempts to reconfigure it or to use different configurations for different HCM filters
+	//   will be rejected.
+	//   Such a constraint is inherent to OpenCensus itself. It cannot be overcome without changes
+	//   on OpenCensus side.
+	Provider *v35.Tracing_Http `protobuf:"bytes,9,opt,name=provider,proto3" json:"provider,omitempty"`
+}
+
+func (x *HttpConnectionManager_Tracing) Reset() {
+	*x = HttpConnectionManager_Tracing{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_extensions_filters_network_http_connection_manager_v3_http_connection_manager_proto_msgTypes[10]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *HttpConnectionManager_Tracing) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*HttpConnectionManager_Tracing) ProtoMessage() {}
+
+func (x *HttpConnectionManager_Tracing) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_extensions_filters_network_http_connection_manager_v3_http_connection_manager_proto_msgTypes[10]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use HttpConnectionManager_Tracing.ProtoReflect.Descriptor instead.
+func (*HttpConnectionManager_Tracing) Descriptor() ([]byte, []int) {
+	return file_envoy_extensions_filters_network_http_connection_manager_v3_http_connection_manager_proto_rawDescGZIP(), []int{0, 0}
+}
+
+func (x *HttpConnectionManager_Tracing) GetClientSampling() *v33.Percent {
+	if x != nil {
+		return x.ClientSampling
+	}
+	return nil
+}
+
+func (x *HttpConnectionManager_Tracing) GetRandomSampling() *v33.Percent {
+	if x != nil {
+		return x.RandomSampling
+	}
+	return nil
+}
+
+func (x *HttpConnectionManager_Tracing) GetOverallSampling() *v33.Percent {
+	if x != nil {
+		return x.OverallSampling
+	}
+	return nil
+}
+
+func (x *HttpConnectionManager_Tracing) GetVerbose() bool {
+	if x != nil {
+		return x.Verbose
+	}
+	return false
+}
+
+func (x *HttpConnectionManager_Tracing) GetMaxPathTagLength() *wrappers.UInt32Value {
+	if x != nil {
+		return x.MaxPathTagLength
+	}
+	return nil
+}
+
+func (x *HttpConnectionManager_Tracing) GetCustomTags() []*v34.CustomTag {
+	if x != nil {
+		return x.CustomTags
+	}
+	return nil
+}
+
+func (x *HttpConnectionManager_Tracing) GetProvider() *v35.Tracing_Http {
+	if x != nil {
+		return x.Provider
+	}
+	return nil
+}
+
+type HttpConnectionManager_InternalAddressConfig struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// Whether unix socket addresses should be considered internal.
+	UnixSockets bool `protobuf:"varint,1,opt,name=unix_sockets,json=unixSockets,proto3" json:"unix_sockets,omitempty"`
+}
+
+func (x *HttpConnectionManager_InternalAddressConfig) Reset() {
+	*x = HttpConnectionManager_InternalAddressConfig{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_extensions_filters_network_http_connection_manager_v3_http_connection_manager_proto_msgTypes[11]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *HttpConnectionManager_InternalAddressConfig) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*HttpConnectionManager_InternalAddressConfig) ProtoMessage() {}
+
+func (x *HttpConnectionManager_InternalAddressConfig) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_extensions_filters_network_http_connection_manager_v3_http_connection_manager_proto_msgTypes[11]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use HttpConnectionManager_InternalAddressConfig.ProtoReflect.Descriptor instead.
+func (*HttpConnectionManager_InternalAddressConfig) Descriptor() ([]byte, []int) {
+	return file_envoy_extensions_filters_network_http_connection_manager_v3_http_connection_manager_proto_rawDescGZIP(), []int{0, 1}
+}
+
+func (x *HttpConnectionManager_InternalAddressConfig) GetUnixSockets() bool {
+	if x != nil {
+		return x.UnixSockets
+	}
+	return false
+}
+
+// [#next-free-field: 7]
+type HttpConnectionManager_SetCurrentClientCertDetails struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// Whether to forward the subject of the client cert. Defaults to false.
+	Subject *wrappers.BoolValue `protobuf:"bytes,1,opt,name=subject,proto3" json:"subject,omitempty"`
+	// Whether to forward the entire client cert in URL encoded PEM format. This will appear in the
+	// XFCC header comma separated from other values with the value Cert="PEM".
+	// Defaults to false.
+	Cert bool `protobuf:"varint,3,opt,name=cert,proto3" json:"cert,omitempty"`
+	// Whether to forward the entire client cert chain (including the leaf cert) in URL encoded PEM
+	// format. This will appear in the XFCC header comma separated from other values with the value
+	// Chain="PEM".
+	// Defaults to false.
+	Chain bool `protobuf:"varint,6,opt,name=chain,proto3" json:"chain,omitempty"`
+	// Whether to forward the DNS type Subject Alternative Names of the client cert.
+	// Defaults to false.
+	Dns bool `protobuf:"varint,4,opt,name=dns,proto3" json:"dns,omitempty"`
+	// Whether to forward the URI type Subject Alternative Name of the client cert. Defaults to
+	// false.
+	Uri bool `protobuf:"varint,5,opt,name=uri,proto3" json:"uri,omitempty"`
+}
+
+func (x *HttpConnectionManager_SetCurrentClientCertDetails) Reset() {
+	*x = HttpConnectionManager_SetCurrentClientCertDetails{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_extensions_filters_network_http_connection_manager_v3_http_connection_manager_proto_msgTypes[12]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *HttpConnectionManager_SetCurrentClientCertDetails) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*HttpConnectionManager_SetCurrentClientCertDetails) ProtoMessage() {}
+
+func (x *HttpConnectionManager_SetCurrentClientCertDetails) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_extensions_filters_network_http_connection_manager_v3_http_connection_manager_proto_msgTypes[12]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use HttpConnectionManager_SetCurrentClientCertDetails.ProtoReflect.Descriptor instead.
+func (*HttpConnectionManager_SetCurrentClientCertDetails) Descriptor() ([]byte, []int) {
+	return file_envoy_extensions_filters_network_http_connection_manager_v3_http_connection_manager_proto_rawDescGZIP(), []int{0, 2}
+}
+
+func (x *HttpConnectionManager_SetCurrentClientCertDetails) GetSubject() *wrappers.BoolValue {
+	if x != nil {
+		return x.Subject
+	}
+	return nil
+}
+
+func (x *HttpConnectionManager_SetCurrentClientCertDetails) GetCert() bool {
+	if x != nil {
+		return x.Cert
+	}
+	return false
+}
+
+func (x *HttpConnectionManager_SetCurrentClientCertDetails) GetChain() bool {
+	if x != nil {
+		return x.Chain
+	}
+	return false
+}
+
+func (x *HttpConnectionManager_SetCurrentClientCertDetails) GetDns() bool {
+	if x != nil {
+		return x.Dns
+	}
+	return false
+}
+
+func (x *HttpConnectionManager_SetCurrentClientCertDetails) GetUri() bool {
+	if x != nil {
+		return x.Uri
+	}
+	return false
+}
+
+// The configuration for HTTP upgrades.
+// For each upgrade type desired, an UpgradeConfig must be added.
+//
+// .. warning::
+//
+//    The current implementation of upgrade headers does not handle
+//    multi-valued upgrade headers. Support for multi-valued headers may be
+//    added in the future if needed.
+//
+// .. warning::
+//    The current implementation of upgrade headers does not work with HTTP/2
+//    upstreams.
+type HttpConnectionManager_UpgradeConfig struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// The case-insensitive name of this upgrade, e.g. "websocket".
+	// For each upgrade type present in upgrade_configs, requests with
+	// Upgrade: [upgrade_type]
+	// will be proxied upstream.
+	UpgradeType string `protobuf:"bytes,1,opt,name=upgrade_type,json=upgradeType,proto3" json:"upgrade_type,omitempty"`
+	// If present, this represents the filter chain which will be created for
+	// this type of upgrade. If no filters are present, the filter chain for
+	// HTTP connections will be used for this upgrade type.
+	Filters []*HttpFilter `protobuf:"bytes,2,rep,name=filters,proto3" json:"filters,omitempty"`
+	// Determines if upgrades are enabled or disabled by default. Defaults to true.
+	// This can be overridden on a per-route basis with :ref:`cluster
+	// <envoy_v3_api_field_config.route.v3.RouteAction.upgrade_configs>` as documented in the
+	// :ref:`upgrade documentation <arch_overview_upgrades>`.
+	Enabled *wrappers.BoolValue `protobuf:"bytes,3,opt,name=enabled,proto3" json:"enabled,omitempty"`
+}
+
+func (x *HttpConnectionManager_UpgradeConfig) Reset() {
+	*x = HttpConnectionManager_UpgradeConfig{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_extensions_filters_network_http_connection_manager_v3_http_connection_manager_proto_msgTypes[13]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *HttpConnectionManager_UpgradeConfig) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*HttpConnectionManager_UpgradeConfig) ProtoMessage() {}
+
+func (x *HttpConnectionManager_UpgradeConfig) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_extensions_filters_network_http_connection_manager_v3_http_connection_manager_proto_msgTypes[13]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use HttpConnectionManager_UpgradeConfig.ProtoReflect.Descriptor instead.
+func (*HttpConnectionManager_UpgradeConfig) Descriptor() ([]byte, []int) {
+	return file_envoy_extensions_filters_network_http_connection_manager_v3_http_connection_manager_proto_rawDescGZIP(), []int{0, 3}
+}
+
+func (x *HttpConnectionManager_UpgradeConfig) GetUpgradeType() string {
+	if x != nil {
+		return x.UpgradeType
+	}
+	return ""
+}
+
+func (x *HttpConnectionManager_UpgradeConfig) GetFilters() []*HttpFilter {
+	if x != nil {
+		return x.Filters
+	}
+	return nil
+}
+
+func (x *HttpConnectionManager_UpgradeConfig) GetEnabled() *wrappers.BoolValue {
+	if x != nil {
+		return x.Enabled
+	}
+	return nil
+}
+
+// [#not-implemented-hide:] Transformations that apply to path headers. Transformations are applied
+// before any processing of requests by HTTP filters, routing, and matching. Only the normalized
+// path will be visible internally if a transformation is enabled. Any path rewrites that the
+// router performs (e.g. :ref:`regex_rewrite
+// <envoy_v3_api_field_config.route.v3.RouteAction.regex_rewrite>` or :ref:`prefix_rewrite
+// <envoy_v3_api_field_config.route.v3.RouteAction.prefix_rewrite>`) will apply to the *:path* header
+// destined for the upstream.
+//
+// Note: access logging and tracing will show the original *:path* header.
+type HttpConnectionManager_PathNormalizationOptions struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// [#not-implemented-hide:] Normalization applies internally before any processing of requests by
+	// HTTP filters, routing, and matching *and* will affect the forwarded *:path* header. Defaults
+	// to :ref:`NormalizePathRFC3986
+	// <envoy_v3_api_msg_type.http.v3.PathTransformation.Operation.NormalizePathRFC3986>`. When not
+	// specified, this value may be overridden by the runtime variable
+	// :ref:`http_connection_manager.normalize_path<config_http_conn_man_runtime_normalize_path>`.
+	// Envoy will respond with 400 to paths that are malformed (e.g. for paths that fail RFC 3986
+	// normalization due to disallowed characters.)
+	ForwardingTransformation *v36.PathTransformation `protobuf:"bytes,1,opt,name=forwarding_transformation,json=forwardingTransformation,proto3" json:"forwarding_transformation,omitempty"`
+	// [#not-implemented-hide:] Normalization only applies internally before any processing of
+	// requests by HTTP filters, routing, and matching. These will be applied after full
+	// transformation is applied. The *:path* header before this transformation will be restored in
+	// the router filter and sent upstream unless it was mutated by a filter. Defaults to no
+	// transformations.
+	// Multiple actions can be applied in the same Transformation, forming a sequential
+	// pipeline. The transformations will be performed in the order that they appear. Envoy will
+	// respond with 400 to paths that are malformed (e.g. for paths that fail RFC 3986
+	// normalization due to disallowed characters.)
+	HttpFilterTransformation *v36.PathTransformation `protobuf:"bytes,2,opt,name=http_filter_transformation,json=httpFilterTransformation,proto3" json:"http_filter_transformation,omitempty"`
+}
+
+func (x *HttpConnectionManager_PathNormalizationOptions) Reset() {
+	*x = HttpConnectionManager_PathNormalizationOptions{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_extensions_filters_network_http_connection_manager_v3_http_connection_manager_proto_msgTypes[14]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *HttpConnectionManager_PathNormalizationOptions) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*HttpConnectionManager_PathNormalizationOptions) ProtoMessage() {}
+
+func (x *HttpConnectionManager_PathNormalizationOptions) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_extensions_filters_network_http_connection_manager_v3_http_connection_manager_proto_msgTypes[14]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use HttpConnectionManager_PathNormalizationOptions.ProtoReflect.Descriptor instead.
+func (*HttpConnectionManager_PathNormalizationOptions) Descriptor() ([]byte, []int) {
+	return file_envoy_extensions_filters_network_http_connection_manager_v3_http_connection_manager_proto_rawDescGZIP(), []int{0, 4}
+}
+
+func (x *HttpConnectionManager_PathNormalizationOptions) GetForwardingTransformation() *v36.PathTransformation {
+	if x != nil {
+		return x.ForwardingTransformation
+	}
+	return nil
+}
+
+func (x *HttpConnectionManager_PathNormalizationOptions) GetHttpFilterTransformation() *v36.PathTransformation {
+	if x != nil {
+		return x.HttpFilterTransformation
+	}
+	return nil
+}
+
+// Specifies the mechanism for constructing "scope keys" based on HTTP request attributes. These
+// keys are matched against a set of :ref:`Key<envoy_v3_api_msg_config.route.v3.ScopedRouteConfiguration.Key>`
+// objects assembled from :ref:`ScopedRouteConfiguration<envoy_v3_api_msg_config.route.v3.ScopedRouteConfiguration>`
+// messages distributed via SRDS (the Scoped Route Discovery Service) or assigned statically via
+// :ref:`scoped_route_configurations_list<envoy_v3_api_field_extensions.filters.network.http_connection_manager.v3.ScopedRoutes.scoped_route_configurations_list>`.
+//
+// Upon receiving a request's headers, the Router will build a key using the algorithm specified
+// by this message. This key will be used to look up the routing table (i.e., the
+// :ref:`RouteConfiguration<envoy_v3_api_msg_config.route.v3.RouteConfiguration>`) to use for the request.
+type ScopedRoutes_ScopeKeyBuilder struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// The final(built) scope key consists of the ordered union of these fragments, which are compared in order with the
+	// fragments of a :ref:`ScopedRouteConfiguration<envoy_v3_api_msg_config.route.v3.ScopedRouteConfiguration>`.
+	// A missing fragment during comparison will make the key invalid, i.e., the computed key doesn't match any key.
+	Fragments []*ScopedRoutes_ScopeKeyBuilder_FragmentBuilder `protobuf:"bytes,1,rep,name=fragments,proto3" json:"fragments,omitempty"`
+}
+
+func (x *ScopedRoutes_ScopeKeyBuilder) Reset() {
+	*x = ScopedRoutes_ScopeKeyBuilder{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_extensions_filters_network_http_connection_manager_v3_http_connection_manager_proto_msgTypes[15]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *ScopedRoutes_ScopeKeyBuilder) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*ScopedRoutes_ScopeKeyBuilder) ProtoMessage() {}
+
+func (x *ScopedRoutes_ScopeKeyBuilder) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_extensions_filters_network_http_connection_manager_v3_http_connection_manager_proto_msgTypes[15]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use ScopedRoutes_ScopeKeyBuilder.ProtoReflect.Descriptor instead.
+func (*ScopedRoutes_ScopeKeyBuilder) Descriptor() ([]byte, []int) {
+	return file_envoy_extensions_filters_network_http_connection_manager_v3_http_connection_manager_proto_rawDescGZIP(), []int{5, 0}
+}
+
+func (x *ScopedRoutes_ScopeKeyBuilder) GetFragments() []*ScopedRoutes_ScopeKeyBuilder_FragmentBuilder {
+	if x != nil {
+		return x.Fragments
+	}
+	return nil
+}
+
+// Specifies the mechanism for constructing key fragments which are composed into scope keys.
+type ScopedRoutes_ScopeKeyBuilder_FragmentBuilder struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// Types that are assignable to Type:
+	//	*ScopedRoutes_ScopeKeyBuilder_FragmentBuilder_HeaderValueExtractor_
+	Type isScopedRoutes_ScopeKeyBuilder_FragmentBuilder_Type `protobuf_oneof:"type"`
+}
+
+func (x *ScopedRoutes_ScopeKeyBuilder_FragmentBuilder) Reset() {
+	*x = ScopedRoutes_ScopeKeyBuilder_FragmentBuilder{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_extensions_filters_network_http_connection_manager_v3_http_connection_manager_proto_msgTypes[16]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *ScopedRoutes_ScopeKeyBuilder_FragmentBuilder) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*ScopedRoutes_ScopeKeyBuilder_FragmentBuilder) ProtoMessage() {}
+
+func (x *ScopedRoutes_ScopeKeyBuilder_FragmentBuilder) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_extensions_filters_network_http_connection_manager_v3_http_connection_manager_proto_msgTypes[16]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use ScopedRoutes_ScopeKeyBuilder_FragmentBuilder.ProtoReflect.Descriptor instead.
+func (*ScopedRoutes_ScopeKeyBuilder_FragmentBuilder) Descriptor() ([]byte, []int) {
+	return file_envoy_extensions_filters_network_http_connection_manager_v3_http_connection_manager_proto_rawDescGZIP(), []int{5, 0, 0}
+}
+
+func (m *ScopedRoutes_ScopeKeyBuilder_FragmentBuilder) GetType() isScopedRoutes_ScopeKeyBuilder_FragmentBuilder_Type {
+	if m != nil {
+		return m.Type
+	}
+	return nil
+}
+
+func (x *ScopedRoutes_ScopeKeyBuilder_FragmentBuilder) GetHeaderValueExtractor() *ScopedRoutes_ScopeKeyBuilder_FragmentBuilder_HeaderValueExtractor {
+	if x, ok := x.GetType().(*ScopedRoutes_ScopeKeyBuilder_FragmentBuilder_HeaderValueExtractor_); ok {
+		return x.HeaderValueExtractor
+	}
+	return nil
+}
+
+type isScopedRoutes_ScopeKeyBuilder_FragmentBuilder_Type interface {
+	isScopedRoutes_ScopeKeyBuilder_FragmentBuilder_Type()
+}
+
+type ScopedRoutes_ScopeKeyBuilder_FragmentBuilder_HeaderValueExtractor_ struct {
+	// Specifies how a header field's value should be extracted.
+	HeaderValueExtractor *ScopedRoutes_ScopeKeyBuilder_FragmentBuilder_HeaderValueExtractor `protobuf:"bytes,1,opt,name=header_value_extractor,json=headerValueExtractor,proto3,oneof"`
+}
+
+func (*ScopedRoutes_ScopeKeyBuilder_FragmentBuilder_HeaderValueExtractor_) isScopedRoutes_ScopeKeyBuilder_FragmentBuilder_Type() {
+}
+
+// Specifies how the value of a header should be extracted.
+// The following example maps the structure of a header to the fields in this message.
+//
+// .. code::
+//
+//              <0> <1>   <-- index
+//    X-Header: a=b;c=d
+//    |         || |
+//    |         || \----> <element_separator>
+//    |         ||
+//    |         |\----> <element.separator>
+//    |         |
+//    |         \----> <element.key>
+//    |
+//    \----> <name>
+//
+//    Each 'a=b' key-value pair constitutes an 'element' of the header field.
+type ScopedRoutes_ScopeKeyBuilder_FragmentBuilder_HeaderValueExtractor struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// The name of the header field to extract the value from.
+	//
+	// .. note::
+	//
+	//   If the header appears multiple times only the first value is used.
+	Name string `protobuf:"bytes,1,opt,name=name,proto3" json:"name,omitempty"`
+	// The element separator (e.g., ';' separates 'a;b;c;d').
+	// Default: empty string. This causes the entirety of the header field to be extracted.
+	// If this field is set to an empty string and 'index' is used in the oneof below, 'index'
+	// must be set to 0.
+	ElementSeparator string `protobuf:"bytes,2,opt,name=element_separator,json=elementSeparator,proto3" json:"element_separator,omitempty"`
+	// Types that are assignable to ExtractType:
+	//	*ScopedRoutes_ScopeKeyBuilder_FragmentBuilder_HeaderValueExtractor_Index
+	//	*ScopedRoutes_ScopeKeyBuilder_FragmentBuilder_HeaderValueExtractor_Element
+	ExtractType isScopedRoutes_ScopeKeyBuilder_FragmentBuilder_HeaderValueExtractor_ExtractType `protobuf_oneof:"extract_type"`
+}
+
+func (x *ScopedRoutes_ScopeKeyBuilder_FragmentBuilder_HeaderValueExtractor) Reset() {
+	*x = ScopedRoutes_ScopeKeyBuilder_FragmentBuilder_HeaderValueExtractor{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_extensions_filters_network_http_connection_manager_v3_http_connection_manager_proto_msgTypes[17]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *ScopedRoutes_ScopeKeyBuilder_FragmentBuilder_HeaderValueExtractor) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*ScopedRoutes_ScopeKeyBuilder_FragmentBuilder_HeaderValueExtractor) ProtoMessage() {}
+
+func (x *ScopedRoutes_ScopeKeyBuilder_FragmentBuilder_HeaderValueExtractor) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_extensions_filters_network_http_connection_manager_v3_http_connection_manager_proto_msgTypes[17]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use ScopedRoutes_ScopeKeyBuilder_FragmentBuilder_HeaderValueExtractor.ProtoReflect.Descriptor instead.
+func (*ScopedRoutes_ScopeKeyBuilder_FragmentBuilder_HeaderValueExtractor) Descriptor() ([]byte, []int) {
+	return file_envoy_extensions_filters_network_http_connection_manager_v3_http_connection_manager_proto_rawDescGZIP(), []int{5, 0, 0, 0}
+}
+
+func (x *ScopedRoutes_ScopeKeyBuilder_FragmentBuilder_HeaderValueExtractor) GetName() string {
+	if x != nil {
+		return x.Name
+	}
+	return ""
+}
+
+func (x *ScopedRoutes_ScopeKeyBuilder_FragmentBuilder_HeaderValueExtractor) GetElementSeparator() string {
+	if x != nil {
+		return x.ElementSeparator
+	}
+	return ""
+}
+
+func (m *ScopedRoutes_ScopeKeyBuilder_FragmentBuilder_HeaderValueExtractor) GetExtractType() isScopedRoutes_ScopeKeyBuilder_FragmentBuilder_HeaderValueExtractor_ExtractType {
+	if m != nil {
+		return m.ExtractType
+	}
+	return nil
+}
+
+func (x *ScopedRoutes_ScopeKeyBuilder_FragmentBuilder_HeaderValueExtractor) GetIndex() uint32 {
+	if x, ok := x.GetExtractType().(*ScopedRoutes_ScopeKeyBuilder_FragmentBuilder_HeaderValueExtractor_Index); ok {
+		return x.Index
+	}
+	return 0
+}
+
+func (x *ScopedRoutes_ScopeKeyBuilder_FragmentBuilder_HeaderValueExtractor) GetElement() *ScopedRoutes_ScopeKeyBuilder_FragmentBuilder_HeaderValueExtractor_KvElement {
+	if x, ok := x.GetExtractType().(*ScopedRoutes_ScopeKeyBuilder_FragmentBuilder_HeaderValueExtractor_Element); ok {
+		return x.Element
+	}
+	return nil
+}
+
+type isScopedRoutes_ScopeKeyBuilder_FragmentBuilder_HeaderValueExtractor_ExtractType interface {
+	isScopedRoutes_ScopeKeyBuilder_FragmentBuilder_HeaderValueExtractor_ExtractType()
+}
+
+type ScopedRoutes_ScopeKeyBuilder_FragmentBuilder_HeaderValueExtractor_Index struct {
+	// Specifies the zero based index of the element to extract.
+	// Note Envoy concatenates multiple values of the same header key into a comma separated
+	// string, the splitting always happens after the concatenation.
+	Index uint32 `protobuf:"varint,3,opt,name=index,proto3,oneof"`
+}
+
+type ScopedRoutes_ScopeKeyBuilder_FragmentBuilder_HeaderValueExtractor_Element struct {
+	// Specifies the key value pair to extract the value from.
+	Element *ScopedRoutes_ScopeKeyBuilder_FragmentBuilder_HeaderValueExtractor_KvElement `protobuf:"bytes,4,opt,name=element,proto3,oneof"`
+}
+
+func (*ScopedRoutes_ScopeKeyBuilder_FragmentBuilder_HeaderValueExtractor_Index) isScopedRoutes_ScopeKeyBuilder_FragmentBuilder_HeaderValueExtractor_ExtractType() {
+}
+
+func (*ScopedRoutes_ScopeKeyBuilder_FragmentBuilder_HeaderValueExtractor_Element) isScopedRoutes_ScopeKeyBuilder_FragmentBuilder_HeaderValueExtractor_ExtractType() {
+}
+
+// Specifies a header field's key value pair to match on.
+type ScopedRoutes_ScopeKeyBuilder_FragmentBuilder_HeaderValueExtractor_KvElement struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// The separator between key and value (e.g., '=' separates 'k=v;...').
+	// If an element is an empty string, the element is ignored.
+	// If an element contains no separator, the whole element is parsed as key and the
+	// fragment value is an empty string.
+	// If there are multiple values for a matched key, the first value is returned.
+	Separator string `protobuf:"bytes,1,opt,name=separator,proto3" json:"separator,omitempty"`
+	// The key to match on.
+	Key string `protobuf:"bytes,2,opt,name=key,proto3" json:"key,omitempty"`
+}
+
+func (x *ScopedRoutes_ScopeKeyBuilder_FragmentBuilder_HeaderValueExtractor_KvElement) Reset() {
+	*x = ScopedRoutes_ScopeKeyBuilder_FragmentBuilder_HeaderValueExtractor_KvElement{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_extensions_filters_network_http_connection_manager_v3_http_connection_manager_proto_msgTypes[18]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *ScopedRoutes_ScopeKeyBuilder_FragmentBuilder_HeaderValueExtractor_KvElement) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*ScopedRoutes_ScopeKeyBuilder_FragmentBuilder_HeaderValueExtractor_KvElement) ProtoMessage() {}
+
+func (x *ScopedRoutes_ScopeKeyBuilder_FragmentBuilder_HeaderValueExtractor_KvElement) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_extensions_filters_network_http_connection_manager_v3_http_connection_manager_proto_msgTypes[18]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use ScopedRoutes_ScopeKeyBuilder_FragmentBuilder_HeaderValueExtractor_KvElement.ProtoReflect.Descriptor instead.
+func (*ScopedRoutes_ScopeKeyBuilder_FragmentBuilder_HeaderValueExtractor_KvElement) Descriptor() ([]byte, []int) {
+	return file_envoy_extensions_filters_network_http_connection_manager_v3_http_connection_manager_proto_rawDescGZIP(), []int{5, 0, 0, 0, 0}
+}
+
+func (x *ScopedRoutes_ScopeKeyBuilder_FragmentBuilder_HeaderValueExtractor_KvElement) GetSeparator() string {
+	if x != nil {
+		return x.Separator
+	}
+	return ""
+}
+
+func (x *ScopedRoutes_ScopeKeyBuilder_FragmentBuilder_HeaderValueExtractor_KvElement) GetKey() string {
+	if x != nil {
+		return x.Key
+	}
+	return ""
+}
+
+var File_envoy_extensions_filters_network_http_connection_manager_v3_http_connection_manager_proto protoreflect.FileDescriptor
+
+var file_envoy_extensions_filters_network_http_connection_manager_v3_http_connection_manager_proto_rawDesc = []byte{
+	0x0a, 0x59, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2f, 0x65, 0x78, 0x74, 0x65, 0x6e, 0x73, 0x69, 0x6f,
+	0x6e, 0x73, 0x2f, 0x66, 0x69, 0x6c, 0x74, 0x65, 0x72, 0x73, 0x2f, 0x6e, 0x65, 0x74, 0x77, 0x6f,
+	0x72, 0x6b, 0x2f, 0x68, 0x74, 0x74, 0x70, 0x5f, 0x63, 0x6f, 0x6e, 0x6e, 0x65, 0x63, 0x74, 0x69,
+	0x6f, 0x6e, 0x5f, 0x6d, 0x61, 0x6e, 0x61, 0x67, 0x65, 0x72, 0x2f, 0x76, 0x33, 0x2f, 0x68, 0x74,
+	0x74, 0x70, 0x5f, 0x63, 0x6f, 0x6e, 0x6e, 0x65, 0x63, 0x74, 0x69, 0x6f, 0x6e, 0x5f, 0x6d, 0x61,
+	0x6e, 0x61, 0x67, 0x65, 0x72, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x12, 0x3b, 0x65, 0x6e, 0x76,
+	0x6f, 0x79, 0x2e, 0x65, 0x78, 0x74, 0x65, 0x6e, 0x73, 0x69, 0x6f, 0x6e, 0x73, 0x2e, 0x66, 0x69,
+	0x6c, 0x74, 0x65, 0x72, 0x73, 0x2e, 0x6e, 0x65, 0x74, 0x77, 0x6f, 0x72, 0x6b, 0x2e, 0x68, 0x74,
+	0x74, 0x70, 0x5f, 0x63, 0x6f, 0x6e, 0x6e, 0x65, 0x63, 0x74, 0x69, 0x6f, 0x6e, 0x5f, 0x6d, 0x61,
+	0x6e, 0x61, 0x67, 0x65, 0x72, 0x2e, 0x76, 0x33, 0x1a, 0x29, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2f,
+	0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2f, 0x61, 0x63, 0x63, 0x65, 0x73, 0x73, 0x6c, 0x6f, 0x67,
+	0x2f, 0x76, 0x33, 0x2f, 0x61, 0x63, 0x63, 0x65, 0x73, 0x73, 0x6c, 0x6f, 0x67, 0x2e, 0x70, 0x72,
+	0x6f, 0x74, 0x6f, 0x1a, 0x1f, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2f, 0x63, 0x6f, 0x6e, 0x66, 0x69,
+	0x67, 0x2f, 0x63, 0x6f, 0x72, 0x65, 0x2f, 0x76, 0x33, 0x2f, 0x62, 0x61, 0x73, 0x65, 0x2e, 0x70,
+	0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x28, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2f, 0x63, 0x6f, 0x6e, 0x66,
+	0x69, 0x67, 0x2f, 0x63, 0x6f, 0x72, 0x65, 0x2f, 0x76, 0x33, 0x2f, 0x63, 0x6f, 0x6e, 0x66, 0x69,
+	0x67, 0x5f, 0x73, 0x6f, 0x75, 0x72, 0x63, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x24,
+	0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2f, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2f, 0x63, 0x6f, 0x72,
+	0x65, 0x2f, 0x76, 0x33, 0x2f, 0x65, 0x78, 0x74, 0x65, 0x6e, 0x73, 0x69, 0x6f, 0x6e, 0x2e, 0x70,
+	0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x23, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2f, 0x63, 0x6f, 0x6e, 0x66,
+	0x69, 0x67, 0x2f, 0x63, 0x6f, 0x72, 0x65, 0x2f, 0x76, 0x33, 0x2f, 0x70, 0x72, 0x6f, 0x74, 0x6f,
+	0x63, 0x6f, 0x6c, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x35, 0x65, 0x6e, 0x76, 0x6f, 0x79,
+	0x2f, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2f, 0x63, 0x6f, 0x72, 0x65, 0x2f, 0x76, 0x33, 0x2f,
+	0x73, 0x75, 0x62, 0x73, 0x74, 0x69, 0x74, 0x75, 0x74, 0x69, 0x6f, 0x6e, 0x5f, 0x66, 0x6f, 0x72,
+	0x6d, 0x61, 0x74, 0x5f, 0x73, 0x74, 0x72, 0x69, 0x6e, 0x67, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f,
+	0x1a, 0x21, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2f, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2f, 0x72,
+	0x6f, 0x75, 0x74, 0x65, 0x2f, 0x76, 0x33, 0x2f, 0x72, 0x6f, 0x75, 0x74, 0x65, 0x2e, 0x70, 0x72,
+	0x6f, 0x74, 0x6f, 0x1a, 0x28, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2f, 0x63, 0x6f, 0x6e, 0x66, 0x69,
+	0x67, 0x2f, 0x72, 0x6f, 0x75, 0x74, 0x65, 0x2f, 0x76, 0x33, 0x2f, 0x73, 0x63, 0x6f, 0x70, 0x65,
+	0x64, 0x5f, 0x72, 0x6f, 0x75, 0x74, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x27, 0x65,
+	0x6e, 0x76, 0x6f, 0x79, 0x2f, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2f, 0x74, 0x72, 0x61, 0x63,
+	0x65, 0x2f, 0x76, 0x33, 0x2f, 0x68, 0x74, 0x74, 0x70, 0x5f, 0x74, 0x72, 0x61, 0x63, 0x65, 0x72,
+	0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x2c, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2f, 0x74, 0x79,
+	0x70, 0x65, 0x2f, 0x68, 0x74, 0x74, 0x70, 0x2f, 0x76, 0x33, 0x2f, 0x70, 0x61, 0x74, 0x68, 0x5f,
+	0x74, 0x72, 0x61, 0x6e, 0x73, 0x66, 0x6f, 0x72, 0x6d, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x2e, 0x70,
+	0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x26, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2f, 0x74, 0x79, 0x70, 0x65,
+	0x2f, 0x74, 0x72, 0x61, 0x63, 0x69, 0x6e, 0x67, 0x2f, 0x76, 0x33, 0x2f, 0x63, 0x75, 0x73, 0x74,
+	0x6f, 0x6d, 0x5f, 0x74, 0x61, 0x67, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x1b, 0x65, 0x6e,
+	0x76, 0x6f, 0x79, 0x2f, 0x74, 0x79, 0x70, 0x65, 0x2f, 0x76, 0x33, 0x2f, 0x70, 0x65, 0x72, 0x63,
+	0x65, 0x6e, 0x74, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x19, 0x67, 0x6f, 0x6f, 0x67, 0x6c,
+	0x65, 0x2f, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2f, 0x61, 0x6e, 0x79, 0x2e, 0x70,
+	0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x1e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2f, 0x70, 0x72, 0x6f,
+	0x74, 0x6f, 0x62, 0x75, 0x66, 0x2f, 0x64, 0x75, 0x72, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x2e, 0x70,
+	0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x1e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2f, 0x70, 0x72, 0x6f,
+	0x74, 0x6f, 0x62, 0x75, 0x66, 0x2f, 0x77, 0x72, 0x61, 0x70, 0x70, 0x65, 0x72, 0x73, 0x2e, 0x70,
+	0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x1e, 0x75, 0x64, 0x70, 0x61, 0x2f, 0x61, 0x6e, 0x6e, 0x6f, 0x74,
+	0x61, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x2f, 0x6d, 0x69, 0x67, 0x72, 0x61, 0x74, 0x65, 0x2e, 0x70,
+	0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x1f, 0x75, 0x64, 0x70, 0x61, 0x2f, 0x61, 0x6e, 0x6e, 0x6f, 0x74,
+	0x61, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x2f, 0x73, 0x65, 0x63, 0x75, 0x72, 0x69, 0x74, 0x79, 0x2e,
+	0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x1d, 0x75, 0x64, 0x70, 0x61, 0x2f, 0x61, 0x6e, 0x6e, 0x6f,
+	0x74, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x2f, 0x73, 0x74, 0x61, 0x74, 0x75, 0x73, 0x2e, 0x70,
+	0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x21, 0x75, 0x64, 0x70, 0x61, 0x2f, 0x61, 0x6e, 0x6e, 0x6f, 0x74,
+	0x61, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x2f, 0x76, 0x65, 0x72, 0x73, 0x69, 0x6f, 0x6e, 0x69, 0x6e,
+	0x67, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x17, 0x76, 0x61, 0x6c, 0x69, 0x64, 0x61, 0x74,
+	0x65, 0x2f, 0x76, 0x61, 0x6c, 0x69, 0x64, 0x61, 0x74, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f,
+	0x22, 0x93, 0x34, 0x0a, 0x15, 0x48, 0x74, 0x74, 0x70, 0x43, 0x6f, 0x6e, 0x6e, 0x65, 0x63, 0x74,
+	0x69, 0x6f, 0x6e, 0x4d, 0x61, 0x6e, 0x61, 0x67, 0x65, 0x72, 0x12, 0x85, 0x01, 0x0a, 0x0a, 0x63,
+	0x6f, 0x64, 0x65, 0x63, 0x5f, 0x74, 0x79, 0x70, 0x65, 0x18, 0x01, 0x20, 0x01, 0x28, 0x0e, 0x32,
+	0x5c, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x65, 0x78, 0x74, 0x65, 0x6e, 0x73, 0x69, 0x6f,
+	0x6e, 0x73, 0x2e, 0x66, 0x69, 0x6c, 0x74, 0x65, 0x72, 0x73, 0x2e, 0x6e, 0x65, 0x74, 0x77, 0x6f,
+	0x72, 0x6b, 0x2e, 0x68, 0x74, 0x74, 0x70, 0x5f, 0x63, 0x6f, 0x6e, 0x6e, 0x65, 0x63, 0x74, 0x69,
+	0x6f, 0x6e, 0x5f, 0x6d, 0x61, 0x6e, 0x61, 0x67, 0x65, 0x72, 0x2e, 0x76, 0x33, 0x2e, 0x48, 0x74,
+	0x74, 0x70, 0x43, 0x6f, 0x6e, 0x6e, 0x65, 0x63, 0x74, 0x69, 0x6f, 0x6e, 0x4d, 0x61, 0x6e, 0x61,
+	0x67, 0x65, 0x72, 0x2e, 0x43, 0x6f, 0x64, 0x65, 0x63, 0x54, 0x79, 0x70, 0x65, 0x42, 0x08, 0xfa,
+	0x42, 0x05, 0x82, 0x01, 0x02, 0x10, 0x01, 0x52, 0x09, 0x63, 0x6f, 0x64, 0x65, 0x63, 0x54, 0x79,
+	0x70, 0x65, 0x12, 0x28, 0x0a, 0x0b, 0x73, 0x74, 0x61, 0x74, 0x5f, 0x70, 0x72, 0x65, 0x66, 0x69,
+	0x78, 0x18, 0x02, 0x20, 0x01, 0x28, 0x09, 0x42, 0x07, 0xfa, 0x42, 0x04, 0x72, 0x02, 0x10, 0x01,
+	0x52, 0x0a, 0x73, 0x74, 0x61, 0x74, 0x50, 0x72, 0x65, 0x66, 0x69, 0x78, 0x12, 0x54, 0x0a, 0x03,
+	0x72, 0x64, 0x73, 0x18, 0x03, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x40, 0x2e, 0x65, 0x6e, 0x76, 0x6f,
+	0x79, 0x2e, 0x65, 0x78, 0x74, 0x65, 0x6e, 0x73, 0x69, 0x6f, 0x6e, 0x73, 0x2e, 0x66, 0x69, 0x6c,
+	0x74, 0x65, 0x72, 0x73, 0x2e, 0x6e, 0x65, 0x74, 0x77, 0x6f, 0x72, 0x6b, 0x2e, 0x68, 0x74, 0x74,
+	0x70, 0x5f, 0x63, 0x6f, 0x6e, 0x6e, 0x65, 0x63, 0x74, 0x69, 0x6f, 0x6e, 0x5f, 0x6d, 0x61, 0x6e,
+	0x61, 0x67, 0x65, 0x72, 0x2e, 0x76, 0x33, 0x2e, 0x52, 0x64, 0x73, 0x48, 0x00, 0x52, 0x03, 0x72,
+	0x64, 0x73, 0x12, 0x4e, 0x0a, 0x0c, 0x72, 0x6f, 0x75, 0x74, 0x65, 0x5f, 0x63, 0x6f, 0x6e, 0x66,
+	0x69, 0x67, 0x18, 0x04, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x29, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79,
+	0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x72, 0x6f, 0x75, 0x74, 0x65, 0x2e, 0x76, 0x33,
+	0x2e, 0x52, 0x6f, 0x75, 0x74, 0x65, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x75, 0x72, 0x61, 0x74,
+	0x69, 0x6f, 0x6e, 0x48, 0x00, 0x52, 0x0b, 0x72, 0x6f, 0x75, 0x74, 0x65, 0x43, 0x6f, 0x6e, 0x66,
+	0x69, 0x67, 0x12, 0x70, 0x0a, 0x0d, 0x73, 0x63, 0x6f, 0x70, 0x65, 0x64, 0x5f, 0x72, 0x6f, 0x75,
+	0x74, 0x65, 0x73, 0x18, 0x1f, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x49, 0x2e, 0x65, 0x6e, 0x76, 0x6f,
+	0x79, 0x2e, 0x65, 0x78, 0x74, 0x65, 0x6e, 0x73, 0x69, 0x6f, 0x6e, 0x73, 0x2e, 0x66, 0x69, 0x6c,
+	0x74, 0x65, 0x72, 0x73, 0x2e, 0x6e, 0x65, 0x74, 0x77, 0x6f, 0x72, 0x6b, 0x2e, 0x68, 0x74, 0x74,
+	0x70, 0x5f, 0x63, 0x6f, 0x6e, 0x6e, 0x65, 0x63, 0x74, 0x69, 0x6f, 0x6e, 0x5f, 0x6d, 0x61, 0x6e,
+	0x61, 0x67, 0x65, 0x72, 0x2e, 0x76, 0x33, 0x2e, 0x53, 0x63, 0x6f, 0x70, 0x65, 0x64, 0x52, 0x6f,
+	0x75, 0x74, 0x65, 0x73, 0x48, 0x00, 0x52, 0x0c, 0x73, 0x63, 0x6f, 0x70, 0x65, 0x64, 0x52, 0x6f,
+	0x75, 0x74, 0x65, 0x73, 0x12, 0x6a, 0x0a, 0x0c, 0x68, 0x74, 0x74, 0x70, 0x5f, 0x66, 0x69, 0x6c,
+	0x74, 0x65, 0x72, 0x73, 0x18, 0x05, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x47, 0x2e, 0x65, 0x6e, 0x76,
+	0x6f, 0x79, 0x2e, 0x65, 0x78, 0x74, 0x65, 0x6e, 0x73, 0x69, 0x6f, 0x6e, 0x73, 0x2e, 0x66, 0x69,
+	0x6c, 0x74, 0x65, 0x72, 0x73, 0x2e, 0x6e, 0x65, 0x74, 0x77, 0x6f, 0x72, 0x6b, 0x2e, 0x68, 0x74,
+	0x74, 0x70, 0x5f, 0x63, 0x6f, 0x6e, 0x6e, 0x65, 0x63, 0x74, 0x69, 0x6f, 0x6e, 0x5f, 0x6d, 0x61,
+	0x6e, 0x61, 0x67, 0x65, 0x72, 0x2e, 0x76, 0x33, 0x2e, 0x48, 0x74, 0x74, 0x70, 0x46, 0x69, 0x6c,
+	0x74, 0x65, 0x72, 0x52, 0x0b, 0x68, 0x74, 0x74, 0x70, 0x46, 0x69, 0x6c, 0x74, 0x65, 0x72, 0x73,
+	0x12, 0x40, 0x0a, 0x0e, 0x61, 0x64, 0x64, 0x5f, 0x75, 0x73, 0x65, 0x72, 0x5f, 0x61, 0x67, 0x65,
+	0x6e, 0x74, 0x18, 0x06, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1a, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c,
+	0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x42, 0x6f, 0x6f, 0x6c, 0x56,
+	0x61, 0x6c, 0x75, 0x65, 0x52, 0x0c, 0x61, 0x64, 0x64, 0x55, 0x73, 0x65, 0x72, 0x41, 0x67, 0x65,
+	0x6e, 0x74, 0x12, 0x74, 0x0a, 0x07, 0x74, 0x72, 0x61, 0x63, 0x69, 0x6e, 0x67, 0x18, 0x07, 0x20,
+	0x01, 0x28, 0x0b, 0x32, 0x5a, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x65, 0x78, 0x74, 0x65,
+	0x6e, 0x73, 0x69, 0x6f, 0x6e, 0x73, 0x2e, 0x66, 0x69, 0x6c, 0x74, 0x65, 0x72, 0x73, 0x2e, 0x6e,
+	0x65, 0x74, 0x77, 0x6f, 0x72, 0x6b, 0x2e, 0x68, 0x74, 0x74, 0x70, 0x5f, 0x63, 0x6f, 0x6e, 0x6e,
+	0x65, 0x63, 0x74, 0x69, 0x6f, 0x6e, 0x5f, 0x6d, 0x61, 0x6e, 0x61, 0x67, 0x65, 0x72, 0x2e, 0x76,
+	0x33, 0x2e, 0x48, 0x74, 0x74, 0x70, 0x43, 0x6f, 0x6e, 0x6e, 0x65, 0x63, 0x74, 0x69, 0x6f, 0x6e,
+	0x4d, 0x61, 0x6e, 0x61, 0x67, 0x65, 0x72, 0x2e, 0x54, 0x72, 0x61, 0x63, 0x69, 0x6e, 0x67, 0x52,
+	0x07, 0x74, 0x72, 0x61, 0x63, 0x69, 0x6e, 0x67, 0x12, 0x73, 0x0a, 0x1c, 0x63, 0x6f, 0x6d, 0x6d,
+	0x6f, 0x6e, 0x5f, 0x68, 0x74, 0x74, 0x70, 0x5f, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x63, 0x6f, 0x6c,
+	0x5f, 0x6f, 0x70, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x18, 0x23, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x29,
+	0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x63, 0x6f,
+	0x72, 0x65, 0x2e, 0x76, 0x33, 0x2e, 0x48, 0x74, 0x74, 0x70, 0x50, 0x72, 0x6f, 0x74, 0x6f, 0x63,
+	0x6f, 0x6c, 0x4f, 0x70, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x42, 0x07, 0x8a, 0x93, 0xb7, 0x2a, 0x02,
+	0x08, 0x01, 0x52, 0x19, 0x63, 0x6f, 0x6d, 0x6d, 0x6f, 0x6e, 0x48, 0x74, 0x74, 0x70, 0x50, 0x72,
+	0x6f, 0x74, 0x6f, 0x63, 0x6f, 0x6c, 0x4f, 0x70, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x12, 0x5e, 0x0a,
+	0x15, 0x68, 0x74, 0x74, 0x70, 0x5f, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x63, 0x6f, 0x6c, 0x5f, 0x6f,
+	0x70, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x18, 0x08, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x2a, 0x2e, 0x65,
+	0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x63, 0x6f, 0x72, 0x65,
+	0x2e, 0x76, 0x33, 0x2e, 0x48, 0x74, 0x74, 0x70, 0x31, 0x50, 0x72, 0x6f, 0x74, 0x6f, 0x63, 0x6f,
+	0x6c, 0x4f, 0x70, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x52, 0x13, 0x68, 0x74, 0x74, 0x70, 0x50, 0x72,
+	0x6f, 0x74, 0x6f, 0x63, 0x6f, 0x6c, 0x4f, 0x70, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x12, 0x69, 0x0a,
+	0x16, 0x68, 0x74, 0x74, 0x70, 0x32, 0x5f, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x63, 0x6f, 0x6c, 0x5f,
+	0x6f, 0x70, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x18, 0x09, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x2a, 0x2e,
+	0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x63, 0x6f, 0x72,
+	0x65, 0x2e, 0x76, 0x33, 0x2e, 0x48, 0x74, 0x74, 0x70, 0x32, 0x50, 0x72, 0x6f, 0x74, 0x6f, 0x63,
+	0x6f, 0x6c, 0x4f, 0x70, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x42, 0x07, 0x8a, 0x93, 0xb7, 0x2a, 0x02,
+	0x08, 0x01, 0x52, 0x14, 0x68, 0x74, 0x74, 0x70, 0x32, 0x50, 0x72, 0x6f, 0x74, 0x6f, 0x63, 0x6f,
+	0x6c, 0x4f, 0x70, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x12, 0x60, 0x0a, 0x16, 0x68, 0x74, 0x74, 0x70,
+	0x33, 0x5f, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x63, 0x6f, 0x6c, 0x5f, 0x6f, 0x70, 0x74, 0x69, 0x6f,
+	0x6e, 0x73, 0x18, 0x2c, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x2a, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79,
+	0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x63, 0x6f, 0x72, 0x65, 0x2e, 0x76, 0x33, 0x2e,
+	0x48, 0x74, 0x74, 0x70, 0x33, 0x50, 0x72, 0x6f, 0x74, 0x6f, 0x63, 0x6f, 0x6c, 0x4f, 0x70, 0x74,
+	0x69, 0x6f, 0x6e, 0x73, 0x52, 0x14, 0x68, 0x74, 0x74, 0x70, 0x33, 0x50, 0x72, 0x6f, 0x74, 0x6f,
+	0x63, 0x6f, 0x6c, 0x4f, 0x70, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x12, 0x2c, 0x0a, 0x0b, 0x73, 0x65,
+	0x72, 0x76, 0x65, 0x72, 0x5f, 0x6e, 0x61, 0x6d, 0x65, 0x18, 0x0a, 0x20, 0x01, 0x28, 0x09, 0x42,
+	0x0b, 0xfa, 0x42, 0x08, 0x72, 0x06, 0xc0, 0x01, 0x02, 0xc8, 0x01, 0x00, 0x52, 0x0a, 0x73, 0x65,
+	0x72, 0x76, 0x65, 0x72, 0x4e, 0x61, 0x6d, 0x65, 0x12, 0xb9, 0x01, 0x0a, 0x1c, 0x73, 0x65, 0x72,
+	0x76, 0x65, 0x72, 0x5f, 0x68, 0x65, 0x61, 0x64, 0x65, 0x72, 0x5f, 0x74, 0x72, 0x61, 0x6e, 0x73,
+	0x66, 0x6f, 0x72, 0x6d, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x18, 0x22, 0x20, 0x01, 0x28, 0x0e, 0x32,
+	0x6d, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x65, 0x78, 0x74, 0x65, 0x6e, 0x73, 0x69, 0x6f,
+	0x6e, 0x73, 0x2e, 0x66, 0x69, 0x6c, 0x74, 0x65, 0x72, 0x73, 0x2e, 0x6e, 0x65, 0x74, 0x77, 0x6f,
+	0x72, 0x6b, 0x2e, 0x68, 0x74, 0x74, 0x70, 0x5f, 0x63, 0x6f, 0x6e, 0x6e, 0x65, 0x63, 0x74, 0x69,
+	0x6f, 0x6e, 0x5f, 0x6d, 0x61, 0x6e, 0x61, 0x67, 0x65, 0x72, 0x2e, 0x76, 0x33, 0x2e, 0x48, 0x74,
+	0x74, 0x70, 0x43, 0x6f, 0x6e, 0x6e, 0x65, 0x63, 0x74, 0x69, 0x6f, 0x6e, 0x4d, 0x61, 0x6e, 0x61,
+	0x67, 0x65, 0x72, 0x2e, 0x53, 0x65, 0x72, 0x76, 0x65, 0x72, 0x48, 0x65, 0x61, 0x64, 0x65, 0x72,
+	0x54, 0x72, 0x61, 0x6e, 0x73, 0x66, 0x6f, 0x72, 0x6d, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x42, 0x08,
+	0xfa, 0x42, 0x05, 0x82, 0x01, 0x02, 0x10, 0x01, 0x52, 0x1a, 0x73, 0x65, 0x72, 0x76, 0x65, 0x72,
+	0x48, 0x65, 0x61, 0x64, 0x65, 0x72, 0x54, 0x72, 0x61, 0x6e, 0x73, 0x66, 0x6f, 0x72, 0x6d, 0x61,
+	0x74, 0x69, 0x6f, 0x6e, 0x12, 0x72, 0x0a, 0x1c, 0x73, 0x63, 0x68, 0x65, 0x6d, 0x65, 0x5f, 0x68,
+	0x65, 0x61, 0x64, 0x65, 0x72, 0x5f, 0x74, 0x72, 0x61, 0x6e, 0x73, 0x66, 0x6f, 0x72, 0x6d, 0x61,
+	0x74, 0x69, 0x6f, 0x6e, 0x18, 0x30, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x30, 0x2e, 0x65, 0x6e, 0x76,
+	0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x63, 0x6f, 0x72, 0x65, 0x2e, 0x76,
+	0x33, 0x2e, 0x53, 0x63, 0x68, 0x65, 0x6d, 0x65, 0x48, 0x65, 0x61, 0x64, 0x65, 0x72, 0x54, 0x72,
+	0x61, 0x6e, 0x73, 0x66, 0x6f, 0x72, 0x6d, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x52, 0x1a, 0x73, 0x63,
+	0x68, 0x65, 0x6d, 0x65, 0x48, 0x65, 0x61, 0x64, 0x65, 0x72, 0x54, 0x72, 0x61, 0x6e, 0x73, 0x66,
+	0x6f, 0x72, 0x6d, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x12, 0x5d, 0x0a, 0x16, 0x6d, 0x61, 0x78, 0x5f,
+	0x72, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x5f, 0x68, 0x65, 0x61, 0x64, 0x65, 0x72, 0x73, 0x5f,
+	0x6b, 0x62, 0x18, 0x1d, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1c, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c,
+	0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x55, 0x49, 0x6e, 0x74, 0x33,
+	0x32, 0x56, 0x61, 0x6c, 0x75, 0x65, 0x42, 0x0a, 0xfa, 0x42, 0x07, 0x2a, 0x05, 0x18, 0x80, 0x40,
+	0x20, 0x00, 0x52, 0x13, 0x6d, 0x61, 0x78, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x48, 0x65,
+	0x61, 0x64, 0x65, 0x72, 0x73, 0x4b, 0x62, 0x12, 0x52, 0x0a, 0x13, 0x73, 0x74, 0x72, 0x65, 0x61,
+	0x6d, 0x5f, 0x69, 0x64, 0x6c, 0x65, 0x5f, 0x74, 0x69, 0x6d, 0x65, 0x6f, 0x75, 0x74, 0x18, 0x18,
+	0x20, 0x01, 0x28, 0x0b, 0x32, 0x19, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72,
+	0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x44, 0x75, 0x72, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x42,
+	0x07, 0x8a, 0x93, 0xb7, 0x2a, 0x02, 0x08, 0x01, 0x52, 0x11, 0x73, 0x74, 0x72, 0x65, 0x61, 0x6d,
+	0x49, 0x64, 0x6c, 0x65, 0x54, 0x69, 0x6d, 0x65, 0x6f, 0x75, 0x74, 0x12, 0x4b, 0x0a, 0x0f, 0x72,
+	0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x5f, 0x74, 0x69, 0x6d, 0x65, 0x6f, 0x75, 0x74, 0x18, 0x1c,
+	0x20, 0x01, 0x28, 0x0b, 0x32, 0x19, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72,
+	0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x44, 0x75, 0x72, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x42,
+	0x07, 0x8a, 0x93, 0xb7, 0x2a, 0x02, 0x08, 0x01, 0x52, 0x0e, 0x72, 0x65, 0x71, 0x75, 0x65, 0x73,
+	0x74, 0x54, 0x69, 0x6d, 0x65, 0x6f, 0x75, 0x74, 0x12, 0x62, 0x0a, 0x17, 0x72, 0x65, 0x71, 0x75,
+	0x65, 0x73, 0x74, 0x5f, 0x68, 0x65, 0x61, 0x64, 0x65, 0x72, 0x73, 0x5f, 0x74, 0x69, 0x6d, 0x65,
+	0x6f, 0x75, 0x74, 0x18, 0x29, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x19, 0x2e, 0x67, 0x6f, 0x6f, 0x67,
+	0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x44, 0x75, 0x72, 0x61,
+	0x74, 0x69, 0x6f, 0x6e, 0x42, 0x0f, 0xfa, 0x42, 0x05, 0xaa, 0x01, 0x02, 0x32, 0x00, 0x8a, 0x93,
+	0xb7, 0x2a, 0x02, 0x08, 0x01, 0x52, 0x15, 0x72, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x48, 0x65,
+	0x61, 0x64, 0x65, 0x72, 0x73, 0x54, 0x69, 0x6d, 0x65, 0x6f, 0x75, 0x74, 0x12, 0x3e, 0x0a, 0x0d,
+	0x64, 0x72, 0x61, 0x69, 0x6e, 0x5f, 0x74, 0x69, 0x6d, 0x65, 0x6f, 0x75, 0x74, 0x18, 0x0c, 0x20,
+	0x01, 0x28, 0x0b, 0x32, 0x19, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f,
+	0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x44, 0x75, 0x72, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x52, 0x0c,
+	0x64, 0x72, 0x61, 0x69, 0x6e, 0x54, 0x69, 0x6d, 0x65, 0x6f, 0x75, 0x74, 0x12, 0x4d, 0x0a, 0x15,
+	0x64, 0x65, 0x6c, 0x61, 0x79, 0x65, 0x64, 0x5f, 0x63, 0x6c, 0x6f, 0x73, 0x65, 0x5f, 0x74, 0x69,
+	0x6d, 0x65, 0x6f, 0x75, 0x74, 0x18, 0x1a, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x19, 0x2e, 0x67, 0x6f,
+	0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x44, 0x75,
+	0x72, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x52, 0x13, 0x64, 0x65, 0x6c, 0x61, 0x79, 0x65, 0x64, 0x43,
+	0x6c, 0x6f, 0x73, 0x65, 0x54, 0x69, 0x6d, 0x65, 0x6f, 0x75, 0x74, 0x12, 0x43, 0x0a, 0x0a, 0x61,
+	0x63, 0x63, 0x65, 0x73, 0x73, 0x5f, 0x6c, 0x6f, 0x67, 0x18, 0x0d, 0x20, 0x03, 0x28, 0x0b, 0x32,
+	0x24, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x61,
+	0x63, 0x63, 0x65, 0x73, 0x73, 0x6c, 0x6f, 0x67, 0x2e, 0x76, 0x33, 0x2e, 0x41, 0x63, 0x63, 0x65,
+	0x73, 0x73, 0x4c, 0x6f, 0x67, 0x52, 0x09, 0x61, 0x63, 0x63, 0x65, 0x73, 0x73, 0x4c, 0x6f, 0x67,
+	0x12, 0x51, 0x0a, 0x12, 0x75, 0x73, 0x65, 0x5f, 0x72, 0x65, 0x6d, 0x6f, 0x74, 0x65, 0x5f, 0x61,
+	0x64, 0x64, 0x72, 0x65, 0x73, 0x73, 0x18, 0x0e, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1a, 0x2e, 0x67,
+	0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x42,
+	0x6f, 0x6f, 0x6c, 0x56, 0x61, 0x6c, 0x75, 0x65, 0x42, 0x07, 0x8a, 0x93, 0xb7, 0x2a, 0x02, 0x08,
+	0x01, 0x52, 0x10, 0x75, 0x73, 0x65, 0x52, 0x65, 0x6d, 0x6f, 0x74, 0x65, 0x41, 0x64, 0x64, 0x72,
+	0x65, 0x73, 0x73, 0x12, 0x2f, 0x0a, 0x14, 0x78, 0x66, 0x66, 0x5f, 0x6e, 0x75, 0x6d, 0x5f, 0x74,
+	0x72, 0x75, 0x73, 0x74, 0x65, 0x64, 0x5f, 0x68, 0x6f, 0x70, 0x73, 0x18, 0x13, 0x20, 0x01, 0x28,
+	0x0d, 0x52, 0x11, 0x78, 0x66, 0x66, 0x4e, 0x75, 0x6d, 0x54, 0x72, 0x75, 0x73, 0x74, 0x65, 0x64,
+	0x48, 0x6f, 0x70, 0x73, 0x12, 0x73, 0x0a, 0x20, 0x6f, 0x72, 0x69, 0x67, 0x69, 0x6e, 0x61, 0x6c,
+	0x5f, 0x69, 0x70, 0x5f, 0x64, 0x65, 0x74, 0x65, 0x63, 0x74, 0x69, 0x6f, 0x6e, 0x5f, 0x65, 0x78,
+	0x74, 0x65, 0x6e, 0x73, 0x69, 0x6f, 0x6e, 0x73, 0x18, 0x2e, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x2a,
+	0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x63, 0x6f,
+	0x72, 0x65, 0x2e, 0x76, 0x33, 0x2e, 0x54, 0x79, 0x70, 0x65, 0x64, 0x45, 0x78, 0x74, 0x65, 0x6e,
+	0x73, 0x69, 0x6f, 0x6e, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x52, 0x1d, 0x6f, 0x72, 0x69, 0x67,
+	0x69, 0x6e, 0x61, 0x6c, 0x49, 0x70, 0x44, 0x65, 0x74, 0x65, 0x63, 0x74, 0x69, 0x6f, 0x6e, 0x45,
+	0x78, 0x74, 0x65, 0x6e, 0x73, 0x69, 0x6f, 0x6e, 0x73, 0x12, 0xa0, 0x01, 0x0a, 0x17, 0x69, 0x6e,
+	0x74, 0x65, 0x72, 0x6e, 0x61, 0x6c, 0x5f, 0x61, 0x64, 0x64, 0x72, 0x65, 0x73, 0x73, 0x5f, 0x63,
+	0x6f, 0x6e, 0x66, 0x69, 0x67, 0x18, 0x19, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x68, 0x2e, 0x65, 0x6e,
+	0x76, 0x6f, 0x79, 0x2e, 0x65, 0x78, 0x74, 0x65, 0x6e, 0x73, 0x69, 0x6f, 0x6e, 0x73, 0x2e, 0x66,
+	0x69, 0x6c, 0x74, 0x65, 0x72, 0x73, 0x2e, 0x6e, 0x65, 0x74, 0x77, 0x6f, 0x72, 0x6b, 0x2e, 0x68,
+	0x74, 0x74, 0x70, 0x5f, 0x63, 0x6f, 0x6e, 0x6e, 0x65, 0x63, 0x74, 0x69, 0x6f, 0x6e, 0x5f, 0x6d,
+	0x61, 0x6e, 0x61, 0x67, 0x65, 0x72, 0x2e, 0x76, 0x33, 0x2e, 0x48, 0x74, 0x74, 0x70, 0x43, 0x6f,
+	0x6e, 0x6e, 0x65, 0x63, 0x74, 0x69, 0x6f, 0x6e, 0x4d, 0x61, 0x6e, 0x61, 0x67, 0x65, 0x72, 0x2e,
+	0x49, 0x6e, 0x74, 0x65, 0x72, 0x6e, 0x61, 0x6c, 0x41, 0x64, 0x64, 0x72, 0x65, 0x73, 0x73, 0x43,
+	0x6f, 0x6e, 0x66, 0x69, 0x67, 0x52, 0x15, 0x69, 0x6e, 0x74, 0x65, 0x72, 0x6e, 0x61, 0x6c, 0x41,
+	0x64, 0x64, 0x72, 0x65, 0x73, 0x73, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x12, 0x26, 0x0a, 0x0f,
+	0x73, 0x6b, 0x69, 0x70, 0x5f, 0x78, 0x66, 0x66, 0x5f, 0x61, 0x70, 0x70, 0x65, 0x6e, 0x64, 0x18,
+	0x15, 0x20, 0x01, 0x28, 0x08, 0x52, 0x0d, 0x73, 0x6b, 0x69, 0x70, 0x58, 0x66, 0x66, 0x41, 0x70,
+	0x70, 0x65, 0x6e, 0x64, 0x12, 0x1d, 0x0a, 0x03, 0x76, 0x69, 0x61, 0x18, 0x16, 0x20, 0x01, 0x28,
+	0x09, 0x42, 0x0b, 0xfa, 0x42, 0x08, 0x72, 0x06, 0xc0, 0x01, 0x02, 0xc8, 0x01, 0x00, 0x52, 0x03,
+	0x76, 0x69, 0x61, 0x12, 0x4a, 0x0a, 0x13, 0x67, 0x65, 0x6e, 0x65, 0x72, 0x61, 0x74, 0x65, 0x5f,
+	0x72, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x5f, 0x69, 0x64, 0x18, 0x0f, 0x20, 0x01, 0x28, 0x0b,
+	0x32, 0x1a, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62,
+	0x75, 0x66, 0x2e, 0x42, 0x6f, 0x6f, 0x6c, 0x56, 0x61, 0x6c, 0x75, 0x65, 0x52, 0x11, 0x67, 0x65,
+	0x6e, 0x65, 0x72, 0x61, 0x74, 0x65, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x49, 0x64, 0x12,
+	0x3f, 0x0a, 0x1c, 0x70, 0x72, 0x65, 0x73, 0x65, 0x72, 0x76, 0x65, 0x5f, 0x65, 0x78, 0x74, 0x65,
+	0x72, 0x6e, 0x61, 0x6c, 0x5f, 0x72, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x5f, 0x69, 0x64, 0x18,
+	0x20, 0x20, 0x01, 0x28, 0x08, 0x52, 0x19, 0x70, 0x72, 0x65, 0x73, 0x65, 0x72, 0x76, 0x65, 0x45,
+	0x78, 0x74, 0x65, 0x72, 0x6e, 0x61, 0x6c, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x49, 0x64,
+	0x12, 0x47, 0x0a, 0x21, 0x61, 0x6c, 0x77, 0x61, 0x79, 0x73, 0x5f, 0x73, 0x65, 0x74, 0x5f, 0x72,
+	0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x5f, 0x69, 0x64, 0x5f, 0x69, 0x6e, 0x5f, 0x72, 0x65, 0x73,
+	0x70, 0x6f, 0x6e, 0x73, 0x65, 0x18, 0x25, 0x20, 0x01, 0x28, 0x08, 0x52, 0x1c, 0x61, 0x6c, 0x77,
+	0x61, 0x79, 0x73, 0x53, 0x65, 0x74, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x49, 0x64, 0x49,
+	0x6e, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x12, 0xb4, 0x01, 0x0a, 0x1b, 0x66, 0x6f,
+	0x72, 0x77, 0x61, 0x72, 0x64, 0x5f, 0x63, 0x6c, 0x69, 0x65, 0x6e, 0x74, 0x5f, 0x63, 0x65, 0x72,
+	0x74, 0x5f, 0x64, 0x65, 0x74, 0x61, 0x69, 0x6c, 0x73, 0x18, 0x10, 0x20, 0x01, 0x28, 0x0e, 0x32,
+	0x6b, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x65, 0x78, 0x74, 0x65, 0x6e, 0x73, 0x69, 0x6f,
+	0x6e, 0x73, 0x2e, 0x66, 0x69, 0x6c, 0x74, 0x65, 0x72, 0x73, 0x2e, 0x6e, 0x65, 0x74, 0x77, 0x6f,
+	0x72, 0x6b, 0x2e, 0x68, 0x74, 0x74, 0x70, 0x5f, 0x63, 0x6f, 0x6e, 0x6e, 0x65, 0x63, 0x74, 0x69,
+	0x6f, 0x6e, 0x5f, 0x6d, 0x61, 0x6e, 0x61, 0x67, 0x65, 0x72, 0x2e, 0x76, 0x33, 0x2e, 0x48, 0x74,
+	0x74, 0x70, 0x43, 0x6f, 0x6e, 0x6e, 0x65, 0x63, 0x74, 0x69, 0x6f, 0x6e, 0x4d, 0x61, 0x6e, 0x61,
+	0x67, 0x65, 0x72, 0x2e, 0x46, 0x6f, 0x72, 0x77, 0x61, 0x72, 0x64, 0x43, 0x6c, 0x69, 0x65, 0x6e,
+	0x74, 0x43, 0x65, 0x72, 0x74, 0x44, 0x65, 0x74, 0x61, 0x69, 0x6c, 0x73, 0x42, 0x08, 0xfa, 0x42,
+	0x05, 0x82, 0x01, 0x02, 0x10, 0x01, 0x52, 0x18, 0x66, 0x6f, 0x72, 0x77, 0x61, 0x72, 0x64, 0x43,
+	0x6c, 0x69, 0x65, 0x6e, 0x74, 0x43, 0x65, 0x72, 0x74, 0x44, 0x65, 0x74, 0x61, 0x69, 0x6c, 0x73,
+	0x12, 0xb4, 0x01, 0x0a, 0x1f, 0x73, 0x65, 0x74, 0x5f, 0x63, 0x75, 0x72, 0x72, 0x65, 0x6e, 0x74,
+	0x5f, 0x63, 0x6c, 0x69, 0x65, 0x6e, 0x74, 0x5f, 0x63, 0x65, 0x72, 0x74, 0x5f, 0x64, 0x65, 0x74,
+	0x61, 0x69, 0x6c, 0x73, 0x18, 0x11, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x6e, 0x2e, 0x65, 0x6e, 0x76,
+	0x6f, 0x79, 0x2e, 0x65, 0x78, 0x74, 0x65, 0x6e, 0x73, 0x69, 0x6f, 0x6e, 0x73, 0x2e, 0x66, 0x69,
+	0x6c, 0x74, 0x65, 0x72, 0x73, 0x2e, 0x6e, 0x65, 0x74, 0x77, 0x6f, 0x72, 0x6b, 0x2e, 0x68, 0x74,
+	0x74, 0x70, 0x5f, 0x63, 0x6f, 0x6e, 0x6e, 0x65, 0x63, 0x74, 0x69, 0x6f, 0x6e, 0x5f, 0x6d, 0x61,
+	0x6e, 0x61, 0x67, 0x65, 0x72, 0x2e, 0x76, 0x33, 0x2e, 0x48, 0x74, 0x74, 0x70, 0x43, 0x6f, 0x6e,
+	0x6e, 0x65, 0x63, 0x74, 0x69, 0x6f, 0x6e, 0x4d, 0x61, 0x6e, 0x61, 0x67, 0x65, 0x72, 0x2e, 0x53,
+	0x65, 0x74, 0x43, 0x75, 0x72, 0x72, 0x65, 0x6e, 0x74, 0x43, 0x6c, 0x69, 0x65, 0x6e, 0x74, 0x43,
+	0x65, 0x72, 0x74, 0x44, 0x65, 0x74, 0x61, 0x69, 0x6c, 0x73, 0x52, 0x1b, 0x73, 0x65, 0x74, 0x43,
+	0x75, 0x72, 0x72, 0x65, 0x6e, 0x74, 0x43, 0x6c, 0x69, 0x65, 0x6e, 0x74, 0x43, 0x65, 0x72, 0x74,
+	0x44, 0x65, 0x74, 0x61, 0x69, 0x6c, 0x73, 0x12, 0x2c, 0x0a, 0x12, 0x70, 0x72, 0x6f, 0x78, 0x79,
+	0x5f, 0x31, 0x30, 0x30, 0x5f, 0x63, 0x6f, 0x6e, 0x74, 0x69, 0x6e, 0x75, 0x65, 0x18, 0x12, 0x20,
+	0x01, 0x28, 0x08, 0x52, 0x10, 0x70, 0x72, 0x6f, 0x78, 0x79, 0x31, 0x30, 0x30, 0x43, 0x6f, 0x6e,
+	0x74, 0x69, 0x6e, 0x75, 0x65, 0x12, 0x65, 0x0a, 0x31, 0x72, 0x65, 0x70, 0x72, 0x65, 0x73, 0x65,
+	0x6e, 0x74, 0x5f, 0x69, 0x70, 0x76, 0x34, 0x5f, 0x72, 0x65, 0x6d, 0x6f, 0x74, 0x65, 0x5f, 0x61,
+	0x64, 0x64, 0x72, 0x65, 0x73, 0x73, 0x5f, 0x61, 0x73, 0x5f, 0x69, 0x70, 0x76, 0x34, 0x5f, 0x6d,
+	0x61, 0x70, 0x70, 0x65, 0x64, 0x5f, 0x69, 0x70, 0x76, 0x36, 0x18, 0x14, 0x20, 0x01, 0x28, 0x08,
+	0x52, 0x2a, 0x72, 0x65, 0x70, 0x72, 0x65, 0x73, 0x65, 0x6e, 0x74, 0x49, 0x70, 0x76, 0x34, 0x52,
+	0x65, 0x6d, 0x6f, 0x74, 0x65, 0x41, 0x64, 0x64, 0x72, 0x65, 0x73, 0x73, 0x41, 0x73, 0x49, 0x70,
+	0x76, 0x34, 0x4d, 0x61, 0x70, 0x70, 0x65, 0x64, 0x49, 0x70, 0x76, 0x36, 0x12, 0x89, 0x01, 0x0a,
+	0x0f, 0x75, 0x70, 0x67, 0x72, 0x61, 0x64, 0x65, 0x5f, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x73,
+	0x18, 0x17, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x60, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x65,
+	0x78, 0x74, 0x65, 0x6e, 0x73, 0x69, 0x6f, 0x6e, 0x73, 0x2e, 0x66, 0x69, 0x6c, 0x74, 0x65, 0x72,
+	0x73, 0x2e, 0x6e, 0x65, 0x74, 0x77, 0x6f, 0x72, 0x6b, 0x2e, 0x68, 0x74, 0x74, 0x70, 0x5f, 0x63,
+	0x6f, 0x6e, 0x6e, 0x65, 0x63, 0x74, 0x69, 0x6f, 0x6e, 0x5f, 0x6d, 0x61, 0x6e, 0x61, 0x67, 0x65,
+	0x72, 0x2e, 0x76, 0x33, 0x2e, 0x48, 0x74, 0x74, 0x70, 0x43, 0x6f, 0x6e, 0x6e, 0x65, 0x63, 0x74,
+	0x69, 0x6f, 0x6e, 0x4d, 0x61, 0x6e, 0x61, 0x67, 0x65, 0x72, 0x2e, 0x55, 0x70, 0x67, 0x72, 0x61,
+	0x64, 0x65, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x52, 0x0e, 0x75, 0x70, 0x67, 0x72, 0x61, 0x64,
+	0x65, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x73, 0x12, 0x41, 0x0a, 0x0e, 0x6e, 0x6f, 0x72, 0x6d,
+	0x61, 0x6c, 0x69, 0x7a, 0x65, 0x5f, 0x70, 0x61, 0x74, 0x68, 0x18, 0x1e, 0x20, 0x01, 0x28, 0x0b,
+	0x32, 0x1a, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62,
+	0x75, 0x66, 0x2e, 0x42, 0x6f, 0x6f, 0x6c, 0x56, 0x61, 0x6c, 0x75, 0x65, 0x52, 0x0d, 0x6e, 0x6f,
+	0x72, 0x6d, 0x61, 0x6c, 0x69, 0x7a, 0x65, 0x50, 0x61, 0x74, 0x68, 0x12, 0x23, 0x0a, 0x0d, 0x6d,
+	0x65, 0x72, 0x67, 0x65, 0x5f, 0x73, 0x6c, 0x61, 0x73, 0x68, 0x65, 0x73, 0x18, 0x21, 0x20, 0x01,
+	0x28, 0x08, 0x52, 0x0c, 0x6d, 0x65, 0x72, 0x67, 0x65, 0x53, 0x6c, 0x61, 0x73, 0x68, 0x65, 0x73,
+	0x12, 0xb7, 0x01, 0x0a, 0x20, 0x70, 0x61, 0x74, 0x68, 0x5f, 0x77, 0x69, 0x74, 0x68, 0x5f, 0x65,
+	0x73, 0x63, 0x61, 0x70, 0x65, 0x64, 0x5f, 0x73, 0x6c, 0x61, 0x73, 0x68, 0x65, 0x73, 0x5f, 0x61,
+	0x63, 0x74, 0x69, 0x6f, 0x6e, 0x18, 0x2d, 0x20, 0x01, 0x28, 0x0e, 0x32, 0x6f, 0x2e, 0x65, 0x6e,
+	0x76, 0x6f, 0x79, 0x2e, 0x65, 0x78, 0x74, 0x65, 0x6e, 0x73, 0x69, 0x6f, 0x6e, 0x73, 0x2e, 0x66,
+	0x69, 0x6c, 0x74, 0x65, 0x72, 0x73, 0x2e, 0x6e, 0x65, 0x74, 0x77, 0x6f, 0x72, 0x6b, 0x2e, 0x68,
+	0x74, 0x74, 0x70, 0x5f, 0x63, 0x6f, 0x6e, 0x6e, 0x65, 0x63, 0x74, 0x69, 0x6f, 0x6e, 0x5f, 0x6d,
+	0x61, 0x6e, 0x61, 0x67, 0x65, 0x72, 0x2e, 0x76, 0x33, 0x2e, 0x48, 0x74, 0x74, 0x70, 0x43, 0x6f,
+	0x6e, 0x6e, 0x65, 0x63, 0x74, 0x69, 0x6f, 0x6e, 0x4d, 0x61, 0x6e, 0x61, 0x67, 0x65, 0x72, 0x2e,
+	0x50, 0x61, 0x74, 0x68, 0x57, 0x69, 0x74, 0x68, 0x45, 0x73, 0x63, 0x61, 0x70, 0x65, 0x64, 0x53,
+	0x6c, 0x61, 0x73, 0x68, 0x65, 0x73, 0x41, 0x63, 0x74, 0x69, 0x6f, 0x6e, 0x52, 0x1c, 0x70, 0x61,
+	0x74, 0x68, 0x57, 0x69, 0x74, 0x68, 0x45, 0x73, 0x63, 0x61, 0x70, 0x65, 0x64, 0x53, 0x6c, 0x61,
+	0x73, 0x68, 0x65, 0x73, 0x41, 0x63, 0x74, 0x69, 0x6f, 0x6e, 0x12, 0x81, 0x01, 0x0a, 0x14, 0x72,
+	0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x5f, 0x69, 0x64, 0x5f, 0x65, 0x78, 0x74, 0x65, 0x6e, 0x73,
+	0x69, 0x6f, 0x6e, 0x18, 0x24, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x4f, 0x2e, 0x65, 0x6e, 0x76, 0x6f,
+	0x79, 0x2e, 0x65, 0x78, 0x74, 0x65, 0x6e, 0x73, 0x69, 0x6f, 0x6e, 0x73, 0x2e, 0x66, 0x69, 0x6c,
+	0x74, 0x65, 0x72, 0x73, 0x2e, 0x6e, 0x65, 0x74, 0x77, 0x6f, 0x72, 0x6b, 0x2e, 0x68, 0x74, 0x74,
+	0x70, 0x5f, 0x63, 0x6f, 0x6e, 0x6e, 0x65, 0x63, 0x74, 0x69, 0x6f, 0x6e, 0x5f, 0x6d, 0x61, 0x6e,
+	0x61, 0x67, 0x65, 0x72, 0x2e, 0x76, 0x33, 0x2e, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x49,
+	0x44, 0x45, 0x78, 0x74, 0x65, 0x6e, 0x73, 0x69, 0x6f, 0x6e, 0x52, 0x12, 0x72, 0x65, 0x71, 0x75,
+	0x65, 0x73, 0x74, 0x49, 0x64, 0x45, 0x78, 0x74, 0x65, 0x6e, 0x73, 0x69, 0x6f, 0x6e, 0x12, 0x7b,
+	0x0a, 0x12, 0x6c, 0x6f, 0x63, 0x61, 0x6c, 0x5f, 0x72, 0x65, 0x70, 0x6c, 0x79, 0x5f, 0x63, 0x6f,
+	0x6e, 0x66, 0x69, 0x67, 0x18, 0x26, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x4d, 0x2e, 0x65, 0x6e, 0x76,
+	0x6f, 0x79, 0x2e, 0x65, 0x78, 0x74, 0x65, 0x6e, 0x73, 0x69, 0x6f, 0x6e, 0x73, 0x2e, 0x66, 0x69,
+	0x6c, 0x74, 0x65, 0x72, 0x73, 0x2e, 0x6e, 0x65, 0x74, 0x77, 0x6f, 0x72, 0x6b, 0x2e, 0x68, 0x74,
+	0x74, 0x70, 0x5f, 0x63, 0x6f, 0x6e, 0x6e, 0x65, 0x63, 0x74, 0x69, 0x6f, 0x6e, 0x5f, 0x6d, 0x61,
+	0x6e, 0x61, 0x67, 0x65, 0x72, 0x2e, 0x76, 0x33, 0x2e, 0x4c, 0x6f, 0x63, 0x61, 0x6c, 0x52, 0x65,
+	0x70, 0x6c, 0x79, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x52, 0x10, 0x6c, 0x6f, 0x63, 0x61, 0x6c,
+	0x52, 0x65, 0x70, 0x6c, 0x79, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x12, 0x50, 0x0a, 0x18, 0x73,
+	0x74, 0x72, 0x69, 0x70, 0x5f, 0x6d, 0x61, 0x74, 0x63, 0x68, 0x69, 0x6e, 0x67, 0x5f, 0x68, 0x6f,
+	0x73, 0x74, 0x5f, 0x70, 0x6f, 0x72, 0x74, 0x18, 0x27, 0x20, 0x01, 0x28, 0x08, 0x42, 0x17, 0xf2,
+	0x98, 0xfe, 0x8f, 0x05, 0x11, 0x12, 0x0f, 0x73, 0x74, 0x72, 0x69, 0x70, 0x5f, 0x70, 0x6f, 0x72,
+	0x74, 0x5f, 0x6d, 0x6f, 0x64, 0x65, 0x52, 0x15, 0x73, 0x74, 0x72, 0x69, 0x70, 0x4d, 0x61, 0x74,
+	0x63, 0x68, 0x69, 0x6e, 0x67, 0x48, 0x6f, 0x73, 0x74, 0x50, 0x6f, 0x72, 0x74, 0x12, 0x2f, 0x0a,
+	0x13, 0x73, 0x74, 0x72, 0x69, 0x70, 0x5f, 0x61, 0x6e, 0x79, 0x5f, 0x68, 0x6f, 0x73, 0x74, 0x5f,
+	0x70, 0x6f, 0x72, 0x74, 0x18, 0x2a, 0x20, 0x01, 0x28, 0x08, 0x48, 0x01, 0x52, 0x10, 0x73, 0x74,
+	0x72, 0x69, 0x70, 0x41, 0x6e, 0x79, 0x48, 0x6f, 0x73, 0x74, 0x50, 0x6f, 0x72, 0x74, 0x12, 0x69,
+	0x0a, 0x24, 0x73, 0x74, 0x72, 0x65, 0x61, 0x6d, 0x5f, 0x65, 0x72, 0x72, 0x6f, 0x72, 0x5f, 0x6f,
+	0x6e, 0x5f, 0x69, 0x6e, 0x76, 0x61, 0x6c, 0x69, 0x64, 0x5f, 0x68, 0x74, 0x74, 0x70, 0x5f, 0x6d,
+	0x65, 0x73, 0x73, 0x61, 0x67, 0x65, 0x18, 0x28, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1a, 0x2e, 0x67,
+	0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x42,
+	0x6f, 0x6f, 0x6c, 0x56, 0x61, 0x6c, 0x75, 0x65, 0x52, 0x1f, 0x73, 0x74, 0x72, 0x65, 0x61, 0x6d,
+	0x45, 0x72, 0x72, 0x6f, 0x72, 0x4f, 0x6e, 0x49, 0x6e, 0x76, 0x61, 0x6c, 0x69, 0x64, 0x48, 0x74,
+	0x74, 0x70, 0x4d, 0x65, 0x73, 0x73, 0x61, 0x67, 0x65, 0x12, 0xa9, 0x01, 0x0a, 0x1a, 0x70, 0x61,
+	0x74, 0x68, 0x5f, 0x6e, 0x6f, 0x72, 0x6d, 0x61, 0x6c, 0x69, 0x7a, 0x61, 0x74, 0x69, 0x6f, 0x6e,
+	0x5f, 0x6f, 0x70, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x18, 0x2b, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x6b,
+	0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x65, 0x78, 0x74, 0x65, 0x6e, 0x73, 0x69, 0x6f, 0x6e,
+	0x73, 0x2e, 0x66, 0x69, 0x6c, 0x74, 0x65, 0x72, 0x73, 0x2e, 0x6e, 0x65, 0x74, 0x77, 0x6f, 0x72,
+	0x6b, 0x2e, 0x68, 0x74, 0x74, 0x70, 0x5f, 0x63, 0x6f, 0x6e, 0x6e, 0x65, 0x63, 0x74, 0x69, 0x6f,
+	0x6e, 0x5f, 0x6d, 0x61, 0x6e, 0x61, 0x67, 0x65, 0x72, 0x2e, 0x76, 0x33, 0x2e, 0x48, 0x74, 0x74,
+	0x70, 0x43, 0x6f, 0x6e, 0x6e, 0x65, 0x63, 0x74, 0x69, 0x6f, 0x6e, 0x4d, 0x61, 0x6e, 0x61, 0x67,
+	0x65, 0x72, 0x2e, 0x50, 0x61, 0x74, 0x68, 0x4e, 0x6f, 0x72, 0x6d, 0x61, 0x6c, 0x69, 0x7a, 0x61,
+	0x74, 0x69, 0x6f, 0x6e, 0x4f, 0x70, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x52, 0x18, 0x70, 0x61, 0x74,
+	0x68, 0x4e, 0x6f, 0x72, 0x6d, 0x61, 0x6c, 0x69, 0x7a, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x4f, 0x70,
+	0x74, 0x69, 0x6f, 0x6e, 0x73, 0x12, 0x35, 0x0a, 0x17, 0x73, 0x74, 0x72, 0x69, 0x70, 0x5f, 0x74,
+	0x72, 0x61, 0x69, 0x6c, 0x69, 0x6e, 0x67, 0x5f, 0x68, 0x6f, 0x73, 0x74, 0x5f, 0x64, 0x6f, 0x74,
+	0x18, 0x2f, 0x20, 0x01, 0x28, 0x08, 0x52, 0x14, 0x73, 0x74, 0x72, 0x69, 0x70, 0x54, 0x72, 0x61,
+	0x69, 0x6c, 0x69, 0x6e, 0x67, 0x48, 0x6f, 0x73, 0x74, 0x44, 0x6f, 0x74, 0x1a, 0xf6, 0x04, 0x0a,
+	0x07, 0x54, 0x72, 0x61, 0x63, 0x69, 0x6e, 0x67, 0x12, 0x3f, 0x0a, 0x0f, 0x63, 0x6c, 0x69, 0x65,
+	0x6e, 0x74, 0x5f, 0x73, 0x61, 0x6d, 0x70, 0x6c, 0x69, 0x6e, 0x67, 0x18, 0x03, 0x20, 0x01, 0x28,
+	0x0b, 0x32, 0x16, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x74, 0x79, 0x70, 0x65, 0x2e, 0x76,
+	0x33, 0x2e, 0x50, 0x65, 0x72, 0x63, 0x65, 0x6e, 0x74, 0x52, 0x0e, 0x63, 0x6c, 0x69, 0x65, 0x6e,
+	0x74, 0x53, 0x61, 0x6d, 0x70, 0x6c, 0x69, 0x6e, 0x67, 0x12, 0x3f, 0x0a, 0x0f, 0x72, 0x61, 0x6e,
+	0x64, 0x6f, 0x6d, 0x5f, 0x73, 0x61, 0x6d, 0x70, 0x6c, 0x69, 0x6e, 0x67, 0x18, 0x04, 0x20, 0x01,
+	0x28, 0x0b, 0x32, 0x16, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x74, 0x79, 0x70, 0x65, 0x2e,
+	0x76, 0x33, 0x2e, 0x50, 0x65, 0x72, 0x63, 0x65, 0x6e, 0x74, 0x52, 0x0e, 0x72, 0x61, 0x6e, 0x64,
+	0x6f, 0x6d, 0x53, 0x61, 0x6d, 0x70, 0x6c, 0x69, 0x6e, 0x67, 0x12, 0x41, 0x0a, 0x10, 0x6f, 0x76,
+	0x65, 0x72, 0x61, 0x6c, 0x6c, 0x5f, 0x73, 0x61, 0x6d, 0x70, 0x6c, 0x69, 0x6e, 0x67, 0x18, 0x05,
+	0x20, 0x01, 0x28, 0x0b, 0x32, 0x16, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x74, 0x79, 0x70,
+	0x65, 0x2e, 0x76, 0x33, 0x2e, 0x50, 0x65, 0x72, 0x63, 0x65, 0x6e, 0x74, 0x52, 0x0f, 0x6f, 0x76,
+	0x65, 0x72, 0x61, 0x6c, 0x6c, 0x53, 0x61, 0x6d, 0x70, 0x6c, 0x69, 0x6e, 0x67, 0x12, 0x18, 0x0a,
+	0x07, 0x76, 0x65, 0x72, 0x62, 0x6f, 0x73, 0x65, 0x18, 0x06, 0x20, 0x01, 0x28, 0x08, 0x52, 0x07,
+	0x76, 0x65, 0x72, 0x62, 0x6f, 0x73, 0x65, 0x12, 0x4b, 0x0a, 0x13, 0x6d, 0x61, 0x78, 0x5f, 0x70,
+	0x61, 0x74, 0x68, 0x5f, 0x74, 0x61, 0x67, 0x5f, 0x6c, 0x65, 0x6e, 0x67, 0x74, 0x68, 0x18, 0x07,
+	0x20, 0x01, 0x28, 0x0b, 0x32, 0x1c, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72,
+	0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x55, 0x49, 0x6e, 0x74, 0x33, 0x32, 0x56, 0x61, 0x6c,
+	0x75, 0x65, 0x52, 0x10, 0x6d, 0x61, 0x78, 0x50, 0x61, 0x74, 0x68, 0x54, 0x61, 0x67, 0x4c, 0x65,
+	0x6e, 0x67, 0x74, 0x68, 0x12, 0x41, 0x0a, 0x0b, 0x63, 0x75, 0x73, 0x74, 0x6f, 0x6d, 0x5f, 0x74,
+	0x61, 0x67, 0x73, 0x18, 0x08, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x20, 0x2e, 0x65, 0x6e, 0x76, 0x6f,
+	0x79, 0x2e, 0x74, 0x79, 0x70, 0x65, 0x2e, 0x74, 0x72, 0x61, 0x63, 0x69, 0x6e, 0x67, 0x2e, 0x76,
+	0x33, 0x2e, 0x43, 0x75, 0x73, 0x74, 0x6f, 0x6d, 0x54, 0x61, 0x67, 0x52, 0x0a, 0x63, 0x75, 0x73,
+	0x74, 0x6f, 0x6d, 0x54, 0x61, 0x67, 0x73, 0x12, 0x3f, 0x0a, 0x08, 0x70, 0x72, 0x6f, 0x76, 0x69,
+	0x64, 0x65, 0x72, 0x18, 0x09, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x23, 0x2e, 0x65, 0x6e, 0x76, 0x6f,
+	0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x74, 0x72, 0x61, 0x63, 0x65, 0x2e, 0x76,
+	0x33, 0x2e, 0x54, 0x72, 0x61, 0x63, 0x69, 0x6e, 0x67, 0x2e, 0x48, 0x74, 0x74, 0x70, 0x52, 0x08,
+	0x70, 0x72, 0x6f, 0x76, 0x69, 0x64, 0x65, 0x72, 0x22, 0x28, 0x0a, 0x0d, 0x4f, 0x70, 0x65, 0x72,
+	0x61, 0x74, 0x69, 0x6f, 0x6e, 0x4e, 0x61, 0x6d, 0x65, 0x12, 0x0b, 0x0a, 0x07, 0x49, 0x4e, 0x47,
+	0x52, 0x45, 0x53, 0x53, 0x10, 0x00, 0x12, 0x0a, 0x0a, 0x06, 0x45, 0x47, 0x52, 0x45, 0x53, 0x53,
+	0x10, 0x01, 0x3a, 0x5b, 0x9a, 0xc5, 0x88, 0x1e, 0x56, 0x0a, 0x54, 0x65, 0x6e, 0x76, 0x6f, 0x79,
+	0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x66, 0x69, 0x6c, 0x74, 0x65, 0x72, 0x2e, 0x6e,
+	0x65, 0x74, 0x77, 0x6f, 0x72, 0x6b, 0x2e, 0x68, 0x74, 0x74, 0x70, 0x5f, 0x63, 0x6f, 0x6e, 0x6e,
+	0x65, 0x63, 0x74, 0x69, 0x6f, 0x6e, 0x5f, 0x6d, 0x61, 0x6e, 0x61, 0x67, 0x65, 0x72, 0x2e, 0x76,
+	0x32, 0x2e, 0x48, 0x74, 0x74, 0x70, 0x43, 0x6f, 0x6e, 0x6e, 0x65, 0x63, 0x74, 0x69, 0x6f, 0x6e,
+	0x4d, 0x61, 0x6e, 0x61, 0x67, 0x65, 0x72, 0x2e, 0x54, 0x72, 0x61, 0x63, 0x69, 0x6e, 0x67, 0x4a,
+	0x04, 0x08, 0x01, 0x10, 0x02, 0x4a, 0x04, 0x08, 0x02, 0x10, 0x03, 0x52, 0x0e, 0x6f, 0x70, 0x65,
+	0x72, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x5f, 0x6e, 0x61, 0x6d, 0x65, 0x52, 0x18, 0x72, 0x65, 0x71,
+	0x75, 0x65, 0x73, 0x74, 0x5f, 0x68, 0x65, 0x61, 0x64, 0x65, 0x72, 0x73, 0x5f, 0x66, 0x6f, 0x72,
+	0x5f, 0x74, 0x61, 0x67, 0x73, 0x1a, 0xa5, 0x01, 0x0a, 0x15, 0x49, 0x6e, 0x74, 0x65, 0x72, 0x6e,
+	0x61, 0x6c, 0x41, 0x64, 0x64, 0x72, 0x65, 0x73, 0x73, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x12,
+	0x21, 0x0a, 0x0c, 0x75, 0x6e, 0x69, 0x78, 0x5f, 0x73, 0x6f, 0x63, 0x6b, 0x65, 0x74, 0x73, 0x18,
+	0x01, 0x20, 0x01, 0x28, 0x08, 0x52, 0x0b, 0x75, 0x6e, 0x69, 0x78, 0x53, 0x6f, 0x63, 0x6b, 0x65,
+	0x74, 0x73, 0x3a, 0x69, 0x9a, 0xc5, 0x88, 0x1e, 0x64, 0x0a, 0x62, 0x65, 0x6e, 0x76, 0x6f, 0x79,
+	0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x66, 0x69, 0x6c, 0x74, 0x65, 0x72, 0x2e, 0x6e,
+	0x65, 0x74, 0x77, 0x6f, 0x72, 0x6b, 0x2e, 0x68, 0x74, 0x74, 0x70, 0x5f, 0x63, 0x6f, 0x6e, 0x6e,
+	0x65, 0x63, 0x74, 0x69, 0x6f, 0x6e, 0x5f, 0x6d, 0x61, 0x6e, 0x61, 0x67, 0x65, 0x72, 0x2e, 0x76,
+	0x32, 0x2e, 0x48, 0x74, 0x74, 0x70, 0x43, 0x6f, 0x6e, 0x6e, 0x65, 0x63, 0x74, 0x69, 0x6f, 0x6e,
+	0x4d, 0x61, 0x6e, 0x61, 0x67, 0x65, 0x72, 0x2e, 0x49, 0x6e, 0x74, 0x65, 0x72, 0x6e, 0x61, 0x6c,
+	0x41, 0x64, 0x64, 0x72, 0x65, 0x73, 0x73, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x1a, 0x98, 0x02,
+	0x0a, 0x1b, 0x53, 0x65, 0x74, 0x43, 0x75, 0x72, 0x72, 0x65, 0x6e, 0x74, 0x43, 0x6c, 0x69, 0x65,
+	0x6e, 0x74, 0x43, 0x65, 0x72, 0x74, 0x44, 0x65, 0x74, 0x61, 0x69, 0x6c, 0x73, 0x12, 0x34, 0x0a,
+	0x07, 0x73, 0x75, 0x62, 0x6a, 0x65, 0x63, 0x74, 0x18, 0x01, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1a,
+	0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66,
+	0x2e, 0x42, 0x6f, 0x6f, 0x6c, 0x56, 0x61, 0x6c, 0x75, 0x65, 0x52, 0x07, 0x73, 0x75, 0x62, 0x6a,
+	0x65, 0x63, 0x74, 0x12, 0x12, 0x0a, 0x04, 0x63, 0x65, 0x72, 0x74, 0x18, 0x03, 0x20, 0x01, 0x28,
+	0x08, 0x52, 0x04, 0x63, 0x65, 0x72, 0x74, 0x12, 0x14, 0x0a, 0x05, 0x63, 0x68, 0x61, 0x69, 0x6e,
+	0x18, 0x06, 0x20, 0x01, 0x28, 0x08, 0x52, 0x05, 0x63, 0x68, 0x61, 0x69, 0x6e, 0x12, 0x10, 0x0a,
+	0x03, 0x64, 0x6e, 0x73, 0x18, 0x04, 0x20, 0x01, 0x28, 0x08, 0x52, 0x03, 0x64, 0x6e, 0x73, 0x12,
+	0x10, 0x0a, 0x03, 0x75, 0x72, 0x69, 0x18, 0x05, 0x20, 0x01, 0x28, 0x08, 0x52, 0x03, 0x75, 0x72,
+	0x69, 0x3a, 0x6f, 0x9a, 0xc5, 0x88, 0x1e, 0x6a, 0x0a, 0x68, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e,
+	0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x66, 0x69, 0x6c, 0x74, 0x65, 0x72, 0x2e, 0x6e, 0x65,
+	0x74, 0x77, 0x6f, 0x72, 0x6b, 0x2e, 0x68, 0x74, 0x74, 0x70, 0x5f, 0x63, 0x6f, 0x6e, 0x6e, 0x65,
+	0x63, 0x74, 0x69, 0x6f, 0x6e, 0x5f, 0x6d, 0x61, 0x6e, 0x61, 0x67, 0x65, 0x72, 0x2e, 0x76, 0x32,
+	0x2e, 0x48, 0x74, 0x74, 0x70, 0x43, 0x6f, 0x6e, 0x6e, 0x65, 0x63, 0x74, 0x69, 0x6f, 0x6e, 0x4d,
+	0x61, 0x6e, 0x61, 0x67, 0x65, 0x72, 0x2e, 0x53, 0x65, 0x74, 0x43, 0x75, 0x72, 0x72, 0x65, 0x6e,
+	0x74, 0x43, 0x6c, 0x69, 0x65, 0x6e, 0x74, 0x43, 0x65, 0x72, 0x74, 0x44, 0x65, 0x74, 0x61, 0x69,
+	0x6c, 0x73, 0x4a, 0x04, 0x08, 0x02, 0x10, 0x03, 0x1a, 0xae, 0x02, 0x0a, 0x0d, 0x55, 0x70, 0x67,
+	0x72, 0x61, 0x64, 0x65, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x12, 0x21, 0x0a, 0x0c, 0x75, 0x70,
+	0x67, 0x72, 0x61, 0x64, 0x65, 0x5f, 0x74, 0x79, 0x70, 0x65, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09,
+	0x52, 0x0b, 0x75, 0x70, 0x67, 0x72, 0x61, 0x64, 0x65, 0x54, 0x79, 0x70, 0x65, 0x12, 0x61, 0x0a,
+	0x07, 0x66, 0x69, 0x6c, 0x74, 0x65, 0x72, 0x73, 0x18, 0x02, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x47,
+	0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x65, 0x78, 0x74, 0x65, 0x6e, 0x73, 0x69, 0x6f, 0x6e,
+	0x73, 0x2e, 0x66, 0x69, 0x6c, 0x74, 0x65, 0x72, 0x73, 0x2e, 0x6e, 0x65, 0x74, 0x77, 0x6f, 0x72,
+	0x6b, 0x2e, 0x68, 0x74, 0x74, 0x70, 0x5f, 0x63, 0x6f, 0x6e, 0x6e, 0x65, 0x63, 0x74, 0x69, 0x6f,
+	0x6e, 0x5f, 0x6d, 0x61, 0x6e, 0x61, 0x67, 0x65, 0x72, 0x2e, 0x76, 0x33, 0x2e, 0x48, 0x74, 0x74,
+	0x70, 0x46, 0x69, 0x6c, 0x74, 0x65, 0x72, 0x52, 0x07, 0x66, 0x69, 0x6c, 0x74, 0x65, 0x72, 0x73,
+	0x12, 0x34, 0x0a, 0x07, 0x65, 0x6e, 0x61, 0x62, 0x6c, 0x65, 0x64, 0x18, 0x03, 0x20, 0x01, 0x28,
+	0x0b, 0x32, 0x1a, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f,
+	0x62, 0x75, 0x66, 0x2e, 0x42, 0x6f, 0x6f, 0x6c, 0x56, 0x61, 0x6c, 0x75, 0x65, 0x52, 0x07, 0x65,
+	0x6e, 0x61, 0x62, 0x6c, 0x65, 0x64, 0x3a, 0x61, 0x9a, 0xc5, 0x88, 0x1e, 0x5c, 0x0a, 0x5a, 0x65,
+	0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x66, 0x69, 0x6c, 0x74,
+	0x65, 0x72, 0x2e, 0x6e, 0x65, 0x74, 0x77, 0x6f, 0x72, 0x6b, 0x2e, 0x68, 0x74, 0x74, 0x70, 0x5f,
+	0x63, 0x6f, 0x6e, 0x6e, 0x65, 0x63, 0x74, 0x69, 0x6f, 0x6e, 0x5f, 0x6d, 0x61, 0x6e, 0x61, 0x67,
+	0x65, 0x72, 0x2e, 0x76, 0x32, 0x2e, 0x48, 0x74, 0x74, 0x70, 0x43, 0x6f, 0x6e, 0x6e, 0x65, 0x63,
+	0x74, 0x69, 0x6f, 0x6e, 0x4d, 0x61, 0x6e, 0x61, 0x67, 0x65, 0x72, 0x2e, 0x55, 0x70, 0x67, 0x72,
+	0x61, 0x64, 0x65, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x1a, 0xe5, 0x01, 0x0a, 0x18, 0x50, 0x61,
+	0x74, 0x68, 0x4e, 0x6f, 0x72, 0x6d, 0x61, 0x6c, 0x69, 0x7a, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x4f,
+	0x70, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x12, 0x63, 0x0a, 0x19, 0x66, 0x6f, 0x72, 0x77, 0x61, 0x72,
+	0x64, 0x69, 0x6e, 0x67, 0x5f, 0x74, 0x72, 0x61, 0x6e, 0x73, 0x66, 0x6f, 0x72, 0x6d, 0x61, 0x74,
+	0x69, 0x6f, 0x6e, 0x18, 0x01, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x26, 0x2e, 0x65, 0x6e, 0x76, 0x6f,
+	0x79, 0x2e, 0x74, 0x79, 0x70, 0x65, 0x2e, 0x68, 0x74, 0x74, 0x70, 0x2e, 0x76, 0x33, 0x2e, 0x50,
+	0x61, 0x74, 0x68, 0x54, 0x72, 0x61, 0x6e, 0x73, 0x66, 0x6f, 0x72, 0x6d, 0x61, 0x74, 0x69, 0x6f,
+	0x6e, 0x52, 0x18, 0x66, 0x6f, 0x72, 0x77, 0x61, 0x72, 0x64, 0x69, 0x6e, 0x67, 0x54, 0x72, 0x61,
+	0x6e, 0x73, 0x66, 0x6f, 0x72, 0x6d, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x12, 0x64, 0x0a, 0x1a, 0x68,
+	0x74, 0x74, 0x70, 0x5f, 0x66, 0x69, 0x6c, 0x74, 0x65, 0x72, 0x5f, 0x74, 0x72, 0x61, 0x6e, 0x73,
+	0x66, 0x6f, 0x72, 0x6d, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x18, 0x02, 0x20, 0x01, 0x28, 0x0b, 0x32,
+	0x26, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x74, 0x79, 0x70, 0x65, 0x2e, 0x68, 0x74, 0x74,
+	0x70, 0x2e, 0x76, 0x33, 0x2e, 0x50, 0x61, 0x74, 0x68, 0x54, 0x72, 0x61, 0x6e, 0x73, 0x66, 0x6f,
+	0x72, 0x6d, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x52, 0x18, 0x68, 0x74, 0x74, 0x70, 0x46, 0x69, 0x6c,
+	0x74, 0x65, 0x72, 0x54, 0x72, 0x61, 0x6e, 0x73, 0x66, 0x6f, 0x72, 0x6d, 0x61, 0x74, 0x69, 0x6f,
+	0x6e, 0x22, 0x36, 0x0a, 0x09, 0x43, 0x6f, 0x64, 0x65, 0x63, 0x54, 0x79, 0x70, 0x65, 0x12, 0x08,
+	0x0a, 0x04, 0x41, 0x55, 0x54, 0x4f, 0x10, 0x00, 0x12, 0x09, 0x0a, 0x05, 0x48, 0x54, 0x54, 0x50,
+	0x31, 0x10, 0x01, 0x12, 0x09, 0x0a, 0x05, 0x48, 0x54, 0x54, 0x50, 0x32, 0x10, 0x02, 0x12, 0x09,
+	0x0a, 0x05, 0x48, 0x54, 0x54, 0x50, 0x33, 0x10, 0x03, 0x22, 0x53, 0x0a, 0x1a, 0x53, 0x65, 0x72,
+	0x76, 0x65, 0x72, 0x48, 0x65, 0x61, 0x64, 0x65, 0x72, 0x54, 0x72, 0x61, 0x6e, 0x73, 0x66, 0x6f,
+	0x72, 0x6d, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x12, 0x0d, 0x0a, 0x09, 0x4f, 0x56, 0x45, 0x52, 0x57,
+	0x52, 0x49, 0x54, 0x45, 0x10, 0x00, 0x12, 0x14, 0x0a, 0x10, 0x41, 0x50, 0x50, 0x45, 0x4e, 0x44,
+	0x5f, 0x49, 0x46, 0x5f, 0x41, 0x42, 0x53, 0x45, 0x4e, 0x54, 0x10, 0x01, 0x12, 0x10, 0x0a, 0x0c,
+	0x50, 0x41, 0x53, 0x53, 0x5f, 0x54, 0x48, 0x52, 0x4f, 0x55, 0x47, 0x48, 0x10, 0x02, 0x22, 0x79,
+	0x0a, 0x18, 0x46, 0x6f, 0x72, 0x77, 0x61, 0x72, 0x64, 0x43, 0x6c, 0x69, 0x65, 0x6e, 0x74, 0x43,
+	0x65, 0x72, 0x74, 0x44, 0x65, 0x74, 0x61, 0x69, 0x6c, 0x73, 0x12, 0x0c, 0x0a, 0x08, 0x53, 0x41,
+	0x4e, 0x49, 0x54, 0x49, 0x5a, 0x45, 0x10, 0x00, 0x12, 0x10, 0x0a, 0x0c, 0x46, 0x4f, 0x52, 0x57,
+	0x41, 0x52, 0x44, 0x5f, 0x4f, 0x4e, 0x4c, 0x59, 0x10, 0x01, 0x12, 0x12, 0x0a, 0x0e, 0x41, 0x50,
+	0x50, 0x45, 0x4e, 0x44, 0x5f, 0x46, 0x4f, 0x52, 0x57, 0x41, 0x52, 0x44, 0x10, 0x02, 0x12, 0x10,
+	0x0a, 0x0c, 0x53, 0x41, 0x4e, 0x49, 0x54, 0x49, 0x5a, 0x45, 0x5f, 0x53, 0x45, 0x54, 0x10, 0x03,
+	0x12, 0x17, 0x0a, 0x13, 0x41, 0x4c, 0x57, 0x41, 0x59, 0x53, 0x5f, 0x46, 0x4f, 0x52, 0x57, 0x41,
+	0x52, 0x44, 0x5f, 0x4f, 0x4e, 0x4c, 0x59, 0x10, 0x04, 0x22, 0xa0, 0x01, 0x0a, 0x1c, 0x50, 0x61,
+	0x74, 0x68, 0x57, 0x69, 0x74, 0x68, 0x45, 0x73, 0x63, 0x61, 0x70, 0x65, 0x64, 0x53, 0x6c, 0x61,
+	0x73, 0x68, 0x65, 0x73, 0x41, 0x63, 0x74, 0x69, 0x6f, 0x6e, 0x12, 0x23, 0x0a, 0x1f, 0x49, 0x4d,
+	0x50, 0x4c, 0x45, 0x4d, 0x45, 0x4e, 0x54, 0x41, 0x54, 0x49, 0x4f, 0x4e, 0x5f, 0x53, 0x50, 0x45,
+	0x43, 0x49, 0x46, 0x49, 0x43, 0x5f, 0x44, 0x45, 0x46, 0x41, 0x55, 0x4c, 0x54, 0x10, 0x00, 0x12,
+	0x12, 0x0a, 0x0e, 0x4b, 0x45, 0x45, 0x50, 0x5f, 0x55, 0x4e, 0x43, 0x48, 0x41, 0x4e, 0x47, 0x45,
+	0x44, 0x10, 0x01, 0x12, 0x12, 0x0a, 0x0e, 0x52, 0x45, 0x4a, 0x45, 0x43, 0x54, 0x5f, 0x52, 0x45,
+	0x51, 0x55, 0x45, 0x53, 0x54, 0x10, 0x02, 0x12, 0x19, 0x0a, 0x15, 0x55, 0x4e, 0x45, 0x53, 0x43,
+	0x41, 0x50, 0x45, 0x5f, 0x41, 0x4e, 0x44, 0x5f, 0x52, 0x45, 0x44, 0x49, 0x52, 0x45, 0x43, 0x54,
+	0x10, 0x03, 0x12, 0x18, 0x0a, 0x14, 0x55, 0x4e, 0x45, 0x53, 0x43, 0x41, 0x50, 0x45, 0x5f, 0x41,
+	0x4e, 0x44, 0x5f, 0x46, 0x4f, 0x52, 0x57, 0x41, 0x52, 0x44, 0x10, 0x04, 0x3a, 0x53, 0x9a, 0xc5,
+	0x88, 0x1e, 0x4e, 0x0a, 0x4c, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69,
+	0x67, 0x2e, 0x66, 0x69, 0x6c, 0x74, 0x65, 0x72, 0x2e, 0x6e, 0x65, 0x74, 0x77, 0x6f, 0x72, 0x6b,
+	0x2e, 0x68, 0x74, 0x74, 0x70, 0x5f, 0x63, 0x6f, 0x6e, 0x6e, 0x65, 0x63, 0x74, 0x69, 0x6f, 0x6e,
+	0x5f, 0x6d, 0x61, 0x6e, 0x61, 0x67, 0x65, 0x72, 0x2e, 0x76, 0x32, 0x2e, 0x48, 0x74, 0x74, 0x70,
+	0x43, 0x6f, 0x6e, 0x6e, 0x65, 0x63, 0x74, 0x69, 0x6f, 0x6e, 0x4d, 0x61, 0x6e, 0x61, 0x67, 0x65,
+	0x72, 0x42, 0x16, 0x0a, 0x0f, 0x72, 0x6f, 0x75, 0x74, 0x65, 0x5f, 0x73, 0x70, 0x65, 0x63, 0x69,
+	0x66, 0x69, 0x65, 0x72, 0x12, 0x03, 0xf8, 0x42, 0x01, 0x42, 0x11, 0x0a, 0x0f, 0x73, 0x74, 0x72,
+	0x69, 0x70, 0x5f, 0x70, 0x6f, 0x72, 0x74, 0x5f, 0x6d, 0x6f, 0x64, 0x65, 0x4a, 0x04, 0x08, 0x1b,
+	0x10, 0x1c, 0x4a, 0x04, 0x08, 0x0b, 0x10, 0x0c, 0x52, 0x0c, 0x69, 0x64, 0x6c, 0x65, 0x5f, 0x74,
+	0x69, 0x6d, 0x65, 0x6f, 0x75, 0x74, 0x22, 0xca, 0x01, 0x0a, 0x10, 0x4c, 0x6f, 0x63, 0x61, 0x6c,
+	0x52, 0x65, 0x70, 0x6c, 0x79, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x12, 0x65, 0x0a, 0x07, 0x6d,
+	0x61, 0x70, 0x70, 0x65, 0x72, 0x73, 0x18, 0x01, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x4b, 0x2e, 0x65,
+	0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x65, 0x78, 0x74, 0x65, 0x6e, 0x73, 0x69, 0x6f, 0x6e, 0x73, 0x2e,
+	0x66, 0x69, 0x6c, 0x74, 0x65, 0x72, 0x73, 0x2e, 0x6e, 0x65, 0x74, 0x77, 0x6f, 0x72, 0x6b, 0x2e,
+	0x68, 0x74, 0x74, 0x70, 0x5f, 0x63, 0x6f, 0x6e, 0x6e, 0x65, 0x63, 0x74, 0x69, 0x6f, 0x6e, 0x5f,
+	0x6d, 0x61, 0x6e, 0x61, 0x67, 0x65, 0x72, 0x2e, 0x76, 0x33, 0x2e, 0x52, 0x65, 0x73, 0x70, 0x6f,
+	0x6e, 0x73, 0x65, 0x4d, 0x61, 0x70, 0x70, 0x65, 0x72, 0x52, 0x07, 0x6d, 0x61, 0x70, 0x70, 0x65,
+	0x72, 0x73, 0x12, 0x4f, 0x0a, 0x0b, 0x62, 0x6f, 0x64, 0x79, 0x5f, 0x66, 0x6f, 0x72, 0x6d, 0x61,
+	0x74, 0x18, 0x02, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x2e, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e,
+	0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x63, 0x6f, 0x72, 0x65, 0x2e, 0x76, 0x33, 0x2e, 0x53,
+	0x75, 0x62, 0x73, 0x74, 0x69, 0x74, 0x75, 0x74, 0x69, 0x6f, 0x6e, 0x46, 0x6f, 0x72, 0x6d, 0x61,
+	0x74, 0x53, 0x74, 0x72, 0x69, 0x6e, 0x67, 0x52, 0x0a, 0x62, 0x6f, 0x64, 0x79, 0x46, 0x6f, 0x72,
+	0x6d, 0x61, 0x74, 0x22, 0x9c, 0x03, 0x0a, 0x0e, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65,
+	0x4d, 0x61, 0x70, 0x70, 0x65, 0x72, 0x12, 0x4c, 0x0a, 0x06, 0x66, 0x69, 0x6c, 0x74, 0x65, 0x72,
+	0x18, 0x01, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x2a, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63,
+	0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x61, 0x63, 0x63, 0x65, 0x73, 0x73, 0x6c, 0x6f, 0x67, 0x2e,
+	0x76, 0x33, 0x2e, 0x41, 0x63, 0x63, 0x65, 0x73, 0x73, 0x4c, 0x6f, 0x67, 0x46, 0x69, 0x6c, 0x74,
+	0x65, 0x72, 0x42, 0x08, 0xfa, 0x42, 0x05, 0x8a, 0x01, 0x02, 0x10, 0x01, 0x52, 0x06, 0x66, 0x69,
+	0x6c, 0x74, 0x65, 0x72, 0x12, 0x4a, 0x0a, 0x0b, 0x73, 0x74, 0x61, 0x74, 0x75, 0x73, 0x5f, 0x63,
+	0x6f, 0x64, 0x65, 0x18, 0x02, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1c, 0x2e, 0x67, 0x6f, 0x6f, 0x67,
+	0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x55, 0x49, 0x6e, 0x74,
+	0x33, 0x32, 0x56, 0x61, 0x6c, 0x75, 0x65, 0x42, 0x0b, 0xfa, 0x42, 0x08, 0x2a, 0x06, 0x10, 0xd8,
+	0x04, 0x28, 0xc8, 0x01, 0x52, 0x0a, 0x73, 0x74, 0x61, 0x74, 0x75, 0x73, 0x43, 0x6f, 0x64, 0x65,
+	0x12, 0x34, 0x0a, 0x04, 0x62, 0x6f, 0x64, 0x79, 0x18, 0x03, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x20,
+	0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x63, 0x6f,
+	0x72, 0x65, 0x2e, 0x76, 0x33, 0x2e, 0x44, 0x61, 0x74, 0x61, 0x53, 0x6f, 0x75, 0x72, 0x63, 0x65,
+	0x52, 0x04, 0x62, 0x6f, 0x64, 0x79, 0x12, 0x60, 0x0a, 0x14, 0x62, 0x6f, 0x64, 0x79, 0x5f, 0x66,
+	0x6f, 0x72, 0x6d, 0x61, 0x74, 0x5f, 0x6f, 0x76, 0x65, 0x72, 0x72, 0x69, 0x64, 0x65, 0x18, 0x04,
+	0x20, 0x01, 0x28, 0x0b, 0x32, 0x2e, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e,
+	0x66, 0x69, 0x67, 0x2e, 0x63, 0x6f, 0x72, 0x65, 0x2e, 0x76, 0x33, 0x2e, 0x53, 0x75, 0x62, 0x73,
+	0x74, 0x69, 0x74, 0x75, 0x74, 0x69, 0x6f, 0x6e, 0x46, 0x6f, 0x72, 0x6d, 0x61, 0x74, 0x53, 0x74,
+	0x72, 0x69, 0x6e, 0x67, 0x52, 0x12, 0x62, 0x6f, 0x64, 0x79, 0x46, 0x6f, 0x72, 0x6d, 0x61, 0x74,
+	0x4f, 0x76, 0x65, 0x72, 0x72, 0x69, 0x64, 0x65, 0x12, 0x58, 0x0a, 0x0e, 0x68, 0x65, 0x61, 0x64,
+	0x65, 0x72, 0x73, 0x5f, 0x74, 0x6f, 0x5f, 0x61, 0x64, 0x64, 0x18, 0x05, 0x20, 0x03, 0x28, 0x0b,
+	0x32, 0x27, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e,
+	0x63, 0x6f, 0x72, 0x65, 0x2e, 0x76, 0x33, 0x2e, 0x48, 0x65, 0x61, 0x64, 0x65, 0x72, 0x56, 0x61,
+	0x6c, 0x75, 0x65, 0x4f, 0x70, 0x74, 0x69, 0x6f, 0x6e, 0x42, 0x09, 0xfa, 0x42, 0x06, 0x92, 0x01,
+	0x03, 0x10, 0xe8, 0x07, 0x52, 0x0c, 0x68, 0x65, 0x61, 0x64, 0x65, 0x72, 0x73, 0x54, 0x6f, 0x41,
+	0x64, 0x64, 0x22, 0xc7, 0x01, 0x0a, 0x03, 0x52, 0x64, 0x73, 0x12, 0x51, 0x0a, 0x0d, 0x63, 0x6f,
+	0x6e, 0x66, 0x69, 0x67, 0x5f, 0x73, 0x6f, 0x75, 0x72, 0x63, 0x65, 0x18, 0x01, 0x20, 0x01, 0x28,
+	0x0b, 0x32, 0x22, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67,
+	0x2e, 0x63, 0x6f, 0x72, 0x65, 0x2e, 0x76, 0x33, 0x2e, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x53,
+	0x6f, 0x75, 0x72, 0x63, 0x65, 0x42, 0x08, 0xfa, 0x42, 0x05, 0x8a, 0x01, 0x02, 0x10, 0x01, 0x52,
+	0x0c, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x53, 0x6f, 0x75, 0x72, 0x63, 0x65, 0x12, 0x2a, 0x0a,
+	0x11, 0x72, 0x6f, 0x75, 0x74, 0x65, 0x5f, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x5f, 0x6e, 0x61,
+	0x6d, 0x65, 0x18, 0x02, 0x20, 0x01, 0x28, 0x09, 0x52, 0x0f, 0x72, 0x6f, 0x75, 0x74, 0x65, 0x43,
+	0x6f, 0x6e, 0x66, 0x69, 0x67, 0x4e, 0x61, 0x6d, 0x65, 0x3a, 0x41, 0x9a, 0xc5, 0x88, 0x1e, 0x3c,
+	0x0a, 0x3a, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x66,
+	0x69, 0x6c, 0x74, 0x65, 0x72, 0x2e, 0x6e, 0x65, 0x74, 0x77, 0x6f, 0x72, 0x6b, 0x2e, 0x68, 0x74,
+	0x74, 0x70, 0x5f, 0x63, 0x6f, 0x6e, 0x6e, 0x65, 0x63, 0x74, 0x69, 0x6f, 0x6e, 0x5f, 0x6d, 0x61,
+	0x6e, 0x61, 0x67, 0x65, 0x72, 0x2e, 0x76, 0x32, 0x2e, 0x52, 0x64, 0x73, 0x22, 0xf7, 0x01, 0x0a,
+	0x1d, 0x53, 0x63, 0x6f, 0x70, 0x65, 0x64, 0x52, 0x6f, 0x75, 0x74, 0x65, 0x43, 0x6f, 0x6e, 0x66,
+	0x69, 0x67, 0x75, 0x72, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x4c, 0x69, 0x73, 0x74, 0x12, 0x79,
+	0x0a, 0x1b, 0x73, 0x63, 0x6f, 0x70, 0x65, 0x64, 0x5f, 0x72, 0x6f, 0x75, 0x74, 0x65, 0x5f, 0x63,
+	0x6f, 0x6e, 0x66, 0x69, 0x67, 0x75, 0x72, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x18, 0x01, 0x20,
+	0x03, 0x28, 0x0b, 0x32, 0x2f, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66,
+	0x69, 0x67, 0x2e, 0x72, 0x6f, 0x75, 0x74, 0x65, 0x2e, 0x76, 0x33, 0x2e, 0x53, 0x63, 0x6f, 0x70,
+	0x65, 0x64, 0x52, 0x6f, 0x75, 0x74, 0x65, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x75, 0x72, 0x61,
+	0x74, 0x69, 0x6f, 0x6e, 0x42, 0x08, 0xfa, 0x42, 0x05, 0x92, 0x01, 0x02, 0x08, 0x01, 0x52, 0x19,
+	0x73, 0x63, 0x6f, 0x70, 0x65, 0x64, 0x52, 0x6f, 0x75, 0x74, 0x65, 0x43, 0x6f, 0x6e, 0x66, 0x69,
+	0x67, 0x75, 0x72, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x3a, 0x5b, 0x9a, 0xc5, 0x88, 0x1e, 0x56,
+	0x0a, 0x54, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x66,
+	0x69, 0x6c, 0x74, 0x65, 0x72, 0x2e, 0x6e, 0x65, 0x74, 0x77, 0x6f, 0x72, 0x6b, 0x2e, 0x68, 0x74,
+	0x74, 0x70, 0x5f, 0x63, 0x6f, 0x6e, 0x6e, 0x65, 0x63, 0x74, 0x69, 0x6f, 0x6e, 0x5f, 0x6d, 0x61,
+	0x6e, 0x61, 0x67, 0x65, 0x72, 0x2e, 0x76, 0x32, 0x2e, 0x53, 0x63, 0x6f, 0x70, 0x65, 0x64, 0x52,
+	0x6f, 0x75, 0x74, 0x65, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x75, 0x72, 0x61, 0x74, 0x69, 0x6f,
+	0x6e, 0x73, 0x4c, 0x69, 0x73, 0x74, 0x22, 0xdf, 0x0e, 0x0a, 0x0c, 0x53, 0x63, 0x6f, 0x70, 0x65,
+	0x64, 0x52, 0x6f, 0x75, 0x74, 0x65, 0x73, 0x12, 0x1b, 0x0a, 0x04, 0x6e, 0x61, 0x6d, 0x65, 0x18,
+	0x01, 0x20, 0x01, 0x28, 0x09, 0x42, 0x07, 0xfa, 0x42, 0x04, 0x72, 0x02, 0x10, 0x01, 0x52, 0x04,
+	0x6e, 0x61, 0x6d, 0x65, 0x12, 0x8f, 0x01, 0x0a, 0x11, 0x73, 0x63, 0x6f, 0x70, 0x65, 0x5f, 0x6b,
+	0x65, 0x79, 0x5f, 0x62, 0x75, 0x69, 0x6c, 0x64, 0x65, 0x72, 0x18, 0x02, 0x20, 0x01, 0x28, 0x0b,
+	0x32, 0x59, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x65, 0x78, 0x74, 0x65, 0x6e, 0x73, 0x69,
+	0x6f, 0x6e, 0x73, 0x2e, 0x66, 0x69, 0x6c, 0x74, 0x65, 0x72, 0x73, 0x2e, 0x6e, 0x65, 0x74, 0x77,
+	0x6f, 0x72, 0x6b, 0x2e, 0x68, 0x74, 0x74, 0x70, 0x5f, 0x63, 0x6f, 0x6e, 0x6e, 0x65, 0x63, 0x74,
+	0x69, 0x6f, 0x6e, 0x5f, 0x6d, 0x61, 0x6e, 0x61, 0x67, 0x65, 0x72, 0x2e, 0x76, 0x33, 0x2e, 0x53,
+	0x63, 0x6f, 0x70, 0x65, 0x64, 0x52, 0x6f, 0x75, 0x74, 0x65, 0x73, 0x2e, 0x53, 0x63, 0x6f, 0x70,
+	0x65, 0x4b, 0x65, 0x79, 0x42, 0x75, 0x69, 0x6c, 0x64, 0x65, 0x72, 0x42, 0x08, 0xfa, 0x42, 0x05,
+	0x8a, 0x01, 0x02, 0x10, 0x01, 0x52, 0x0f, 0x73, 0x63, 0x6f, 0x70, 0x65, 0x4b, 0x65, 0x79, 0x42,
+	0x75, 0x69, 0x6c, 0x64, 0x65, 0x72, 0x12, 0x4e, 0x0a, 0x11, 0x72, 0x64, 0x73, 0x5f, 0x63, 0x6f,
+	0x6e, 0x66, 0x69, 0x67, 0x5f, 0x73, 0x6f, 0x75, 0x72, 0x63, 0x65, 0x18, 0x03, 0x20, 0x01, 0x28,
+	0x0b, 0x32, 0x22, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67,
+	0x2e, 0x63, 0x6f, 0x72, 0x65, 0x2e, 0x76, 0x33, 0x2e, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x53,
+	0x6f, 0x75, 0x72, 0x63, 0x65, 0x52, 0x0f, 0x72, 0x64, 0x73, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67,
+	0x53, 0x6f, 0x75, 0x72, 0x63, 0x65, 0x12, 0xa5, 0x01, 0x0a, 0x20, 0x73, 0x63, 0x6f, 0x70, 0x65,
+	0x64, 0x5f, 0x72, 0x6f, 0x75, 0x74, 0x65, 0x5f, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x75, 0x72,
+	0x61, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x5f, 0x6c, 0x69, 0x73, 0x74, 0x18, 0x04, 0x20, 0x01, 0x28,
+	0x0b, 0x32, 0x5a, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x65, 0x78, 0x74, 0x65, 0x6e, 0x73,
+	0x69, 0x6f, 0x6e, 0x73, 0x2e, 0x66, 0x69, 0x6c, 0x74, 0x65, 0x72, 0x73, 0x2e, 0x6e, 0x65, 0x74,
+	0x77, 0x6f, 0x72, 0x6b, 0x2e, 0x68, 0x74, 0x74, 0x70, 0x5f, 0x63, 0x6f, 0x6e, 0x6e, 0x65, 0x63,
+	0x74, 0x69, 0x6f, 0x6e, 0x5f, 0x6d, 0x61, 0x6e, 0x61, 0x67, 0x65, 0x72, 0x2e, 0x76, 0x33, 0x2e,
+	0x53, 0x63, 0x6f, 0x70, 0x65, 0x64, 0x52, 0x6f, 0x75, 0x74, 0x65, 0x43, 0x6f, 0x6e, 0x66, 0x69,
+	0x67, 0x75, 0x72, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x4c, 0x69, 0x73, 0x74, 0x48, 0x00, 0x52,
+	0x1d, 0x73, 0x63, 0x6f, 0x70, 0x65, 0x64, 0x52, 0x6f, 0x75, 0x74, 0x65, 0x43, 0x6f, 0x6e, 0x66,
+	0x69, 0x67, 0x75, 0x72, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x4c, 0x69, 0x73, 0x74, 0x12, 0x67,
+	0x0a, 0x0a, 0x73, 0x63, 0x6f, 0x70, 0x65, 0x64, 0x5f, 0x72, 0x64, 0x73, 0x18, 0x05, 0x20, 0x01,
+	0x28, 0x0b, 0x32, 0x46, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x65, 0x78, 0x74, 0x65, 0x6e,
+	0x73, 0x69, 0x6f, 0x6e, 0x73, 0x2e, 0x66, 0x69, 0x6c, 0x74, 0x65, 0x72, 0x73, 0x2e, 0x6e, 0x65,
+	0x74, 0x77, 0x6f, 0x72, 0x6b, 0x2e, 0x68, 0x74, 0x74, 0x70, 0x5f, 0x63, 0x6f, 0x6e, 0x6e, 0x65,
+	0x63, 0x74, 0x69, 0x6f, 0x6e, 0x5f, 0x6d, 0x61, 0x6e, 0x61, 0x67, 0x65, 0x72, 0x2e, 0x76, 0x33,
+	0x2e, 0x53, 0x63, 0x6f, 0x70, 0x65, 0x64, 0x52, 0x64, 0x73, 0x48, 0x00, 0x52, 0x09, 0x73, 0x63,
+	0x6f, 0x70, 0x65, 0x64, 0x52, 0x64, 0x73, 0x1a, 0xd9, 0x09, 0x0a, 0x0f, 0x53, 0x63, 0x6f, 0x70,
+	0x65, 0x4b, 0x65, 0x79, 0x42, 0x75, 0x69, 0x6c, 0x64, 0x65, 0x72, 0x12, 0x91, 0x01, 0x0a, 0x09,
+	0x66, 0x72, 0x61, 0x67, 0x6d, 0x65, 0x6e, 0x74, 0x73, 0x18, 0x01, 0x20, 0x03, 0x28, 0x0b, 0x32,
+	0x69, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x65, 0x78, 0x74, 0x65, 0x6e, 0x73, 0x69, 0x6f,
+	0x6e, 0x73, 0x2e, 0x66, 0x69, 0x6c, 0x74, 0x65, 0x72, 0x73, 0x2e, 0x6e, 0x65, 0x74, 0x77, 0x6f,
+	0x72, 0x6b, 0x2e, 0x68, 0x74, 0x74, 0x70, 0x5f, 0x63, 0x6f, 0x6e, 0x6e, 0x65, 0x63, 0x74, 0x69,
+	0x6f, 0x6e, 0x5f, 0x6d, 0x61, 0x6e, 0x61, 0x67, 0x65, 0x72, 0x2e, 0x76, 0x33, 0x2e, 0x53, 0x63,
+	0x6f, 0x70, 0x65, 0x64, 0x52, 0x6f, 0x75, 0x74, 0x65, 0x73, 0x2e, 0x53, 0x63, 0x6f, 0x70, 0x65,
+	0x4b, 0x65, 0x79, 0x42, 0x75, 0x69, 0x6c, 0x64, 0x65, 0x72, 0x2e, 0x46, 0x72, 0x61, 0x67, 0x6d,
+	0x65, 0x6e, 0x74, 0x42, 0x75, 0x69, 0x6c, 0x64, 0x65, 0x72, 0x42, 0x08, 0xfa, 0x42, 0x05, 0x92,
+	0x01, 0x02, 0x08, 0x01, 0x52, 0x09, 0x66, 0x72, 0x61, 0x67, 0x6d, 0x65, 0x6e, 0x74, 0x73, 0x1a,
+	0xd5, 0x07, 0x0a, 0x0f, 0x46, 0x72, 0x61, 0x67, 0x6d, 0x65, 0x6e, 0x74, 0x42, 0x75, 0x69, 0x6c,
+	0x64, 0x65, 0x72, 0x12, 0xb6, 0x01, 0x0a, 0x16, 0x68, 0x65, 0x61, 0x64, 0x65, 0x72, 0x5f, 0x76,
+	0x61, 0x6c, 0x75, 0x65, 0x5f, 0x65, 0x78, 0x74, 0x72, 0x61, 0x63, 0x74, 0x6f, 0x72, 0x18, 0x01,
+	0x20, 0x01, 0x28, 0x0b, 0x32, 0x7e, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x65, 0x78, 0x74,
+	0x65, 0x6e, 0x73, 0x69, 0x6f, 0x6e, 0x73, 0x2e, 0x66, 0x69, 0x6c, 0x74, 0x65, 0x72, 0x73, 0x2e,
+	0x6e, 0x65, 0x74, 0x77, 0x6f, 0x72, 0x6b, 0x2e, 0x68, 0x74, 0x74, 0x70, 0x5f, 0x63, 0x6f, 0x6e,
+	0x6e, 0x65, 0x63, 0x74, 0x69, 0x6f, 0x6e, 0x5f, 0x6d, 0x61, 0x6e, 0x61, 0x67, 0x65, 0x72, 0x2e,
+	0x76, 0x33, 0x2e, 0x53, 0x63, 0x6f, 0x70, 0x65, 0x64, 0x52, 0x6f, 0x75, 0x74, 0x65, 0x73, 0x2e,
+	0x53, 0x63, 0x6f, 0x70, 0x65, 0x4b, 0x65, 0x79, 0x42, 0x75, 0x69, 0x6c, 0x64, 0x65, 0x72, 0x2e,
+	0x46, 0x72, 0x61, 0x67, 0x6d, 0x65, 0x6e, 0x74, 0x42, 0x75, 0x69, 0x6c, 0x64, 0x65, 0x72, 0x2e,
+	0x48, 0x65, 0x61, 0x64, 0x65, 0x72, 0x56, 0x61, 0x6c, 0x75, 0x65, 0x45, 0x78, 0x74, 0x72, 0x61,
+	0x63, 0x74, 0x6f, 0x72, 0x48, 0x00, 0x52, 0x14, 0x68, 0x65, 0x61, 0x64, 0x65, 0x72, 0x56, 0x61,
+	0x6c, 0x75, 0x65, 0x45, 0x78, 0x74, 0x72, 0x61, 0x63, 0x74, 0x6f, 0x72, 0x1a, 0x8f, 0x05, 0x0a,
+	0x14, 0x48, 0x65, 0x61, 0x64, 0x65, 0x72, 0x56, 0x61, 0x6c, 0x75, 0x65, 0x45, 0x78, 0x74, 0x72,
+	0x61, 0x63, 0x74, 0x6f, 0x72, 0x12, 0x1b, 0x0a, 0x04, 0x6e, 0x61, 0x6d, 0x65, 0x18, 0x01, 0x20,
+	0x01, 0x28, 0x09, 0x42, 0x07, 0xfa, 0x42, 0x04, 0x72, 0x02, 0x10, 0x01, 0x52, 0x04, 0x6e, 0x61,
+	0x6d, 0x65, 0x12, 0x2b, 0x0a, 0x11, 0x65, 0x6c, 0x65, 0x6d, 0x65, 0x6e, 0x74, 0x5f, 0x73, 0x65,
+	0x70, 0x61, 0x72, 0x61, 0x74, 0x6f, 0x72, 0x18, 0x02, 0x20, 0x01, 0x28, 0x09, 0x52, 0x10, 0x65,
+	0x6c, 0x65, 0x6d, 0x65, 0x6e, 0x74, 0x53, 0x65, 0x70, 0x61, 0x72, 0x61, 0x74, 0x6f, 0x72, 0x12,
+	0x16, 0x0a, 0x05, 0x69, 0x6e, 0x64, 0x65, 0x78, 0x18, 0x03, 0x20, 0x01, 0x28, 0x0d, 0x48, 0x00,
+	0x52, 0x05, 0x69, 0x6e, 0x64, 0x65, 0x78, 0x12, 0xa5, 0x01, 0x0a, 0x07, 0x65, 0x6c, 0x65, 0x6d,
+	0x65, 0x6e, 0x74, 0x18, 0x04, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x88, 0x01, 0x2e, 0x65, 0x6e, 0x76,
+	0x6f, 0x79, 0x2e, 0x65, 0x78, 0x74, 0x65, 0x6e, 0x73, 0x69, 0x6f, 0x6e, 0x73, 0x2e, 0x66, 0x69,
+	0x6c, 0x74, 0x65, 0x72, 0x73, 0x2e, 0x6e, 0x65, 0x74, 0x77, 0x6f, 0x72, 0x6b, 0x2e, 0x68, 0x74,
+	0x74, 0x70, 0x5f, 0x63, 0x6f, 0x6e, 0x6e, 0x65, 0x63, 0x74, 0x69, 0x6f, 0x6e, 0x5f, 0x6d, 0x61,
+	0x6e, 0x61, 0x67, 0x65, 0x72, 0x2e, 0x76, 0x33, 0x2e, 0x53, 0x63, 0x6f, 0x70, 0x65, 0x64, 0x52,
+	0x6f, 0x75, 0x74, 0x65, 0x73, 0x2e, 0x53, 0x63, 0x6f, 0x70, 0x65, 0x4b, 0x65, 0x79, 0x42, 0x75,
+	0x69, 0x6c, 0x64, 0x65, 0x72, 0x2e, 0x46, 0x72, 0x61, 0x67, 0x6d, 0x65, 0x6e, 0x74, 0x42, 0x75,
+	0x69, 0x6c, 0x64, 0x65, 0x72, 0x2e, 0x48, 0x65, 0x61, 0x64, 0x65, 0x72, 0x56, 0x61, 0x6c, 0x75,
+	0x65, 0x45, 0x78, 0x74, 0x72, 0x61, 0x63, 0x74, 0x6f, 0x72, 0x2e, 0x4b, 0x76, 0x45, 0x6c, 0x65,
+	0x6d, 0x65, 0x6e, 0x74, 0x48, 0x00, 0x52, 0x07, 0x65, 0x6c, 0x65, 0x6d, 0x65, 0x6e, 0x74, 0x1a,
+	0xdb, 0x01, 0x0a, 0x09, 0x4b, 0x76, 0x45, 0x6c, 0x65, 0x6d, 0x65, 0x6e, 0x74, 0x12, 0x25, 0x0a,
+	0x09, 0x73, 0x65, 0x70, 0x61, 0x72, 0x61, 0x74, 0x6f, 0x72, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09,
+	0x42, 0x07, 0xfa, 0x42, 0x04, 0x72, 0x02, 0x10, 0x01, 0x52, 0x09, 0x73, 0x65, 0x70, 0x61, 0x72,
+	0x61, 0x74, 0x6f, 0x72, 0x12, 0x19, 0x0a, 0x03, 0x6b, 0x65, 0x79, 0x18, 0x02, 0x20, 0x01, 0x28,
+	0x09, 0x42, 0x07, 0xfa, 0x42, 0x04, 0x72, 0x02, 0x10, 0x01, 0x52, 0x03, 0x6b, 0x65, 0x79, 0x3a,
+	0x8b, 0x01, 0x9a, 0xc5, 0x88, 0x1e, 0x85, 0x01, 0x0a, 0x82, 0x01, 0x65, 0x6e, 0x76, 0x6f, 0x79,
+	0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x66, 0x69, 0x6c, 0x74, 0x65, 0x72, 0x2e, 0x6e,
+	0x65, 0x74, 0x77, 0x6f, 0x72, 0x6b, 0x2e, 0x68, 0x74, 0x74, 0x70, 0x5f, 0x63, 0x6f, 0x6e, 0x6e,
+	0x65, 0x63, 0x74, 0x69, 0x6f, 0x6e, 0x5f, 0x6d, 0x61, 0x6e, 0x61, 0x67, 0x65, 0x72, 0x2e, 0x76,
+	0x32, 0x2e, 0x53, 0x63, 0x6f, 0x70, 0x65, 0x64, 0x52, 0x6f, 0x75, 0x74, 0x65, 0x73, 0x2e, 0x53,
+	0x63, 0x6f, 0x70, 0x65, 0x4b, 0x65, 0x79, 0x42, 0x75, 0x69, 0x6c, 0x64, 0x65, 0x72, 0x2e, 0x46,
+	0x72, 0x61, 0x67, 0x6d, 0x65, 0x6e, 0x74, 0x42, 0x75, 0x69, 0x6c, 0x64, 0x65, 0x72, 0x2e, 0x48,
+	0x65, 0x61, 0x64, 0x65, 0x72, 0x56, 0x61, 0x6c, 0x75, 0x65, 0x45, 0x78, 0x74, 0x72, 0x61, 0x63,
+	0x74, 0x6f, 0x72, 0x2e, 0x4b, 0x76, 0x45, 0x6c, 0x65, 0x6d, 0x65, 0x6e, 0x74, 0x3a, 0x7f, 0x9a,
+	0xc5, 0x88, 0x1e, 0x7a, 0x0a, 0x78, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66,
+	0x69, 0x67, 0x2e, 0x66, 0x69, 0x6c, 0x74, 0x65, 0x72, 0x2e, 0x6e, 0x65, 0x74, 0x77, 0x6f, 0x72,
+	0x6b, 0x2e, 0x68, 0x74, 0x74, 0x70, 0x5f, 0x63, 0x6f, 0x6e, 0x6e, 0x65, 0x63, 0x74, 0x69, 0x6f,
+	0x6e, 0x5f, 0x6d, 0x61, 0x6e, 0x61, 0x67, 0x65, 0x72, 0x2e, 0x76, 0x32, 0x2e, 0x53, 0x63, 0x6f,
+	0x70, 0x65, 0x64, 0x52, 0x6f, 0x75, 0x74, 0x65, 0x73, 0x2e, 0x53, 0x63, 0x6f, 0x70, 0x65, 0x4b,
+	0x65, 0x79, 0x42, 0x75, 0x69, 0x6c, 0x64, 0x65, 0x72, 0x2e, 0x46, 0x72, 0x61, 0x67, 0x6d, 0x65,
+	0x6e, 0x74, 0x42, 0x75, 0x69, 0x6c, 0x64, 0x65, 0x72, 0x2e, 0x48, 0x65, 0x61, 0x64, 0x65, 0x72,
+	0x56, 0x61, 0x6c, 0x75, 0x65, 0x45, 0x78, 0x74, 0x72, 0x61, 0x63, 0x74, 0x6f, 0x72, 0x42, 0x0e,
+	0x0a, 0x0c, 0x65, 0x78, 0x74, 0x72, 0x61, 0x63, 0x74, 0x5f, 0x74, 0x79, 0x70, 0x65, 0x3a, 0x6a,
+	0x9a, 0xc5, 0x88, 0x1e, 0x65, 0x0a, 0x63, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e,
+	0x66, 0x69, 0x67, 0x2e, 0x66, 0x69, 0x6c, 0x74, 0x65, 0x72, 0x2e, 0x6e, 0x65, 0x74, 0x77, 0x6f,
+	0x72, 0x6b, 0x2e, 0x68, 0x74, 0x74, 0x70, 0x5f, 0x63, 0x6f, 0x6e, 0x6e, 0x65, 0x63, 0x74, 0x69,
+	0x6f, 0x6e, 0x5f, 0x6d, 0x61, 0x6e, 0x61, 0x67, 0x65, 0x72, 0x2e, 0x76, 0x32, 0x2e, 0x53, 0x63,
+	0x6f, 0x70, 0x65, 0x64, 0x52, 0x6f, 0x75, 0x74, 0x65, 0x73, 0x2e, 0x53, 0x63, 0x6f, 0x70, 0x65,
+	0x4b, 0x65, 0x79, 0x42, 0x75, 0x69, 0x6c, 0x64, 0x65, 0x72, 0x2e, 0x46, 0x72, 0x61, 0x67, 0x6d,
+	0x65, 0x6e, 0x74, 0x42, 0x75, 0x69, 0x6c, 0x64, 0x65, 0x72, 0x42, 0x0b, 0x0a, 0x04, 0x74, 0x79,
+	0x70, 0x65, 0x12, 0x03, 0xf8, 0x42, 0x01, 0x3a, 0x5a, 0x9a, 0xc5, 0x88, 0x1e, 0x55, 0x0a, 0x53,
+	0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x66, 0x69, 0x6c,
+	0x74, 0x65, 0x72, 0x2e, 0x6e, 0x65, 0x74, 0x77, 0x6f, 0x72, 0x6b, 0x2e, 0x68, 0x74, 0x74, 0x70,
+	0x5f, 0x63, 0x6f, 0x6e, 0x6e, 0x65, 0x63, 0x74, 0x69, 0x6f, 0x6e, 0x5f, 0x6d, 0x61, 0x6e, 0x61,
+	0x67, 0x65, 0x72, 0x2e, 0x76, 0x32, 0x2e, 0x53, 0x63, 0x6f, 0x70, 0x65, 0x64, 0x52, 0x6f, 0x75,
+	0x74, 0x65, 0x73, 0x2e, 0x53, 0x63, 0x6f, 0x70, 0x65, 0x4b, 0x65, 0x79, 0x42, 0x75, 0x69, 0x6c,
+	0x64, 0x65, 0x72, 0x3a, 0x4a, 0x9a, 0xc5, 0x88, 0x1e, 0x45, 0x0a, 0x43, 0x65, 0x6e, 0x76, 0x6f,
+	0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x66, 0x69, 0x6c, 0x74, 0x65, 0x72, 0x2e,
+	0x6e, 0x65, 0x74, 0x77, 0x6f, 0x72, 0x6b, 0x2e, 0x68, 0x74, 0x74, 0x70, 0x5f, 0x63, 0x6f, 0x6e,
+	0x6e, 0x65, 0x63, 0x74, 0x69, 0x6f, 0x6e, 0x5f, 0x6d, 0x61, 0x6e, 0x61, 0x67, 0x65, 0x72, 0x2e,
+	0x76, 0x32, 0x2e, 0x53, 0x63, 0x6f, 0x70, 0x65, 0x64, 0x52, 0x6f, 0x75, 0x74, 0x65, 0x73, 0x42,
+	0x17, 0x0a, 0x10, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x5f, 0x73, 0x70, 0x65, 0x63, 0x69, 0x66,
+	0x69, 0x65, 0x72, 0x12, 0x03, 0xf8, 0x42, 0x01, 0x22, 0xf1, 0x01, 0x0a, 0x09, 0x53, 0x63, 0x6f,
+	0x70, 0x65, 0x64, 0x52, 0x64, 0x73, 0x12, 0x65, 0x0a, 0x18, 0x73, 0x63, 0x6f, 0x70, 0x65, 0x64,
+	0x5f, 0x72, 0x64, 0x73, 0x5f, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x5f, 0x73, 0x6f, 0x75, 0x72,
+	0x63, 0x65, 0x18, 0x01, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x22, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79,
+	0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x63, 0x6f, 0x72, 0x65, 0x2e, 0x76, 0x33, 0x2e,
+	0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x53, 0x6f, 0x75, 0x72, 0x63, 0x65, 0x42, 0x08, 0xfa, 0x42,
+	0x05, 0x8a, 0x01, 0x02, 0x10, 0x01, 0x52, 0x15, 0x73, 0x63, 0x6f, 0x70, 0x65, 0x64, 0x52, 0x64,
+	0x73, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x53, 0x6f, 0x75, 0x72, 0x63, 0x65, 0x12, 0x34, 0x0a,
+	0x16, 0x73, 0x72, 0x64, 0x73, 0x5f, 0x72, 0x65, 0x73, 0x6f, 0x75, 0x72, 0x63, 0x65, 0x73, 0x5f,
+	0x6c, 0x6f, 0x63, 0x61, 0x74, 0x6f, 0x72, 0x18, 0x02, 0x20, 0x01, 0x28, 0x09, 0x52, 0x14, 0x73,
+	0x72, 0x64, 0x73, 0x52, 0x65, 0x73, 0x6f, 0x75, 0x72, 0x63, 0x65, 0x73, 0x4c, 0x6f, 0x63, 0x61,
+	0x74, 0x6f, 0x72, 0x3a, 0x47, 0x9a, 0xc5, 0x88, 0x1e, 0x42, 0x0a, 0x40, 0x65, 0x6e, 0x76, 0x6f,
+	0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x66, 0x69, 0x6c, 0x74, 0x65, 0x72, 0x2e,
+	0x6e, 0x65, 0x74, 0x77, 0x6f, 0x72, 0x6b, 0x2e, 0x68, 0x74, 0x74, 0x70, 0x5f, 0x63, 0x6f, 0x6e,
+	0x6e, 0x65, 0x63, 0x74, 0x69, 0x6f, 0x6e, 0x5f, 0x6d, 0x61, 0x6e, 0x61, 0x67, 0x65, 0x72, 0x2e,
+	0x76, 0x32, 0x2e, 0x53, 0x63, 0x6f, 0x70, 0x65, 0x64, 0x52, 0x64, 0x73, 0x22, 0xcc, 0x02, 0x0a,
+	0x0a, 0x48, 0x74, 0x74, 0x70, 0x46, 0x69, 0x6c, 0x74, 0x65, 0x72, 0x12, 0x1b, 0x0a, 0x04, 0x6e,
+	0x61, 0x6d, 0x65, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x42, 0x07, 0xfa, 0x42, 0x04, 0x72, 0x02,
+	0x10, 0x01, 0x52, 0x04, 0x6e, 0x61, 0x6d, 0x65, 0x12, 0x39, 0x0a, 0x0c, 0x74, 0x79, 0x70, 0x65,
+	0x64, 0x5f, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x18, 0x04, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x14,
+	0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66,
+	0x2e, 0x41, 0x6e, 0x79, 0x48, 0x00, 0x52, 0x0b, 0x74, 0x79, 0x70, 0x65, 0x64, 0x43, 0x6f, 0x6e,
+	0x66, 0x69, 0x67, 0x12, 0x58, 0x0a, 0x10, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x5f, 0x64, 0x69,
+	0x73, 0x63, 0x6f, 0x76, 0x65, 0x72, 0x79, 0x18, 0x05, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x2b, 0x2e,
+	0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x63, 0x6f, 0x72,
+	0x65, 0x2e, 0x76, 0x33, 0x2e, 0x45, 0x78, 0x74, 0x65, 0x6e, 0x73, 0x69, 0x6f, 0x6e, 0x43, 0x6f,
+	0x6e, 0x66, 0x69, 0x67, 0x53, 0x6f, 0x75, 0x72, 0x63, 0x65, 0x48, 0x00, 0x52, 0x0f, 0x63, 0x6f,
+	0x6e, 0x66, 0x69, 0x67, 0x44, 0x69, 0x73, 0x63, 0x6f, 0x76, 0x65, 0x72, 0x79, 0x12, 0x1f, 0x0a,
+	0x0b, 0x69, 0x73, 0x5f, 0x6f, 0x70, 0x74, 0x69, 0x6f, 0x6e, 0x61, 0x6c, 0x18, 0x06, 0x20, 0x01,
+	0x28, 0x08, 0x52, 0x0a, 0x69, 0x73, 0x4f, 0x70, 0x74, 0x69, 0x6f, 0x6e, 0x61, 0x6c, 0x3a, 0x48,
+	0x9a, 0xc5, 0x88, 0x1e, 0x43, 0x0a, 0x41, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e,
+	0x66, 0x69, 0x67, 0x2e, 0x66, 0x69, 0x6c, 0x74, 0x65, 0x72, 0x2e, 0x6e, 0x65, 0x74, 0x77, 0x6f,
+	0x72, 0x6b, 0x2e, 0x68, 0x74, 0x74, 0x70, 0x5f, 0x63, 0x6f, 0x6e, 0x6e, 0x65, 0x63, 0x74, 0x69,
+	0x6f, 0x6e, 0x5f, 0x6d, 0x61, 0x6e, 0x61, 0x67, 0x65, 0x72, 0x2e, 0x76, 0x32, 0x2e, 0x48, 0x74,
+	0x74, 0x70, 0x46, 0x69, 0x6c, 0x74, 0x65, 0x72, 0x42, 0x0d, 0x0a, 0x0b, 0x63, 0x6f, 0x6e, 0x66,
+	0x69, 0x67, 0x5f, 0x74, 0x79, 0x70, 0x65, 0x4a, 0x04, 0x08, 0x03, 0x10, 0x04, 0x4a, 0x04, 0x08,
+	0x02, 0x10, 0x03, 0x52, 0x06, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x22, 0x9f, 0x01, 0x0a, 0x12,
+	0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x49, 0x44, 0x45, 0x78, 0x74, 0x65, 0x6e, 0x73, 0x69,
+	0x6f, 0x6e, 0x12, 0x37, 0x0a, 0x0c, 0x74, 0x79, 0x70, 0x65, 0x64, 0x5f, 0x63, 0x6f, 0x6e, 0x66,
+	0x69, 0x67, 0x18, 0x01, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x14, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c,
+	0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x41, 0x6e, 0x79, 0x52, 0x0b,
+	0x74, 0x79, 0x70, 0x65, 0x64, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x3a, 0x50, 0x9a, 0xc5, 0x88,
+	0x1e, 0x4b, 0x0a, 0x49, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67,
+	0x2e, 0x66, 0x69, 0x6c, 0x74, 0x65, 0x72, 0x2e, 0x6e, 0x65, 0x74, 0x77, 0x6f, 0x72, 0x6b, 0x2e,
+	0x68, 0x74, 0x74, 0x70, 0x5f, 0x63, 0x6f, 0x6e, 0x6e, 0x65, 0x63, 0x74, 0x69, 0x6f, 0x6e, 0x5f,
+	0x6d, 0x61, 0x6e, 0x61, 0x67, 0x65, 0x72, 0x2e, 0x76, 0x32, 0x2e, 0x52, 0x65, 0x71, 0x75, 0x65,
+	0x73, 0x74, 0x49, 0x44, 0x45, 0x78, 0x74, 0x65, 0x6e, 0x73, 0x69, 0x6f, 0x6e, 0x22, 0x8e, 0x01,
+	0x0a, 0x20, 0x45, 0x6e, 0x76, 0x6f, 0x79, 0x4d, 0x6f, 0x62, 0x69, 0x6c, 0x65, 0x48, 0x74, 0x74,
+	0x70, 0x43, 0x6f, 0x6e, 0x6e, 0x65, 0x63, 0x74, 0x69, 0x6f, 0x6e, 0x4d, 0x61, 0x6e, 0x61, 0x67,
+	0x65, 0x72, 0x12, 0x6a, 0x0a, 0x06, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x18, 0x01, 0x20, 0x01,
+	0x28, 0x0b, 0x32, 0x52, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x65, 0x78, 0x74, 0x65, 0x6e,
+	0x73, 0x69, 0x6f, 0x6e, 0x73, 0x2e, 0x66, 0x69, 0x6c, 0x74, 0x65, 0x72, 0x73, 0x2e, 0x6e, 0x65,
+	0x74, 0x77, 0x6f, 0x72, 0x6b, 0x2e, 0x68, 0x74, 0x74, 0x70, 0x5f, 0x63, 0x6f, 0x6e, 0x6e, 0x65,
+	0x63, 0x74, 0x69, 0x6f, 0x6e, 0x5f, 0x6d, 0x61, 0x6e, 0x61, 0x67, 0x65, 0x72, 0x2e, 0x76, 0x33,
+	0x2e, 0x48, 0x74, 0x74, 0x70, 0x43, 0x6f, 0x6e, 0x6e, 0x65, 0x63, 0x74, 0x69, 0x6f, 0x6e, 0x4d,
+	0x61, 0x6e, 0x61, 0x67, 0x65, 0x72, 0x52, 0x06, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x42, 0x71,
+	0x0a, 0x49, 0x69, 0x6f, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x70, 0x72, 0x6f, 0x78, 0x79, 0x2e,
+	0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x65, 0x78, 0x74, 0x65, 0x6e, 0x73, 0x69, 0x6f, 0x6e, 0x73,
+	0x2e, 0x66, 0x69, 0x6c, 0x74, 0x65, 0x72, 0x73, 0x2e, 0x6e, 0x65, 0x74, 0x77, 0x6f, 0x72, 0x6b,
+	0x2e, 0x68, 0x74, 0x74, 0x70, 0x5f, 0x63, 0x6f, 0x6e, 0x6e, 0x65, 0x63, 0x74, 0x69, 0x6f, 0x6e,
+	0x5f, 0x6d, 0x61, 0x6e, 0x61, 0x67, 0x65, 0x72, 0x2e, 0x76, 0x33, 0x42, 0x1a, 0x48, 0x74, 0x74,
+	0x70, 0x43, 0x6f, 0x6e, 0x6e, 0x65, 0x63, 0x74, 0x69, 0x6f, 0x6e, 0x4d, 0x61, 0x6e, 0x61, 0x67,
+	0x65, 0x72, 0x50, 0x72, 0x6f, 0x74, 0x6f, 0x50, 0x01, 0xba, 0x80, 0xc8, 0xd1, 0x06, 0x02, 0x10,
+	0x02, 0x62, 0x06, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x33,
+}
+
+var (
+	file_envoy_extensions_filters_network_http_connection_manager_v3_http_connection_manager_proto_rawDescOnce sync.Once
+	file_envoy_extensions_filters_network_http_connection_manager_v3_http_connection_manager_proto_rawDescData = file_envoy_extensions_filters_network_http_connection_manager_v3_http_connection_manager_proto_rawDesc
+)
+
+func file_envoy_extensions_filters_network_http_connection_manager_v3_http_connection_manager_proto_rawDescGZIP() []byte {
+	file_envoy_extensions_filters_network_http_connection_manager_v3_http_connection_manager_proto_rawDescOnce.Do(func() {
+		file_envoy_extensions_filters_network_http_connection_manager_v3_http_connection_manager_proto_rawDescData = protoimpl.X.CompressGZIP(file_envoy_extensions_filters_network_http_connection_manager_v3_http_connection_manager_proto_rawDescData)
+	})
+	return file_envoy_extensions_filters_network_http_connection_manager_v3_http_connection_manager_proto_rawDescData
+}
+
+var file_envoy_extensions_filters_network_http_connection_manager_v3_http_connection_manager_proto_enumTypes = make([]protoimpl.EnumInfo, 5)
+var file_envoy_extensions_filters_network_http_connection_manager_v3_http_connection_manager_proto_msgTypes = make([]protoimpl.MessageInfo, 19)
+var file_envoy_extensions_filters_network_http_connection_manager_v3_http_connection_manager_proto_goTypes = []interface{}{
+	(HttpConnectionManager_CodecType)(0),                                                // 0: envoy.extensions.filters.network.http_connection_manager.v3.HttpConnectionManager.CodecType
+	(HttpConnectionManager_ServerHeaderTransformation)(0),                               // 1: envoy.extensions.filters.network.http_connection_manager.v3.HttpConnectionManager.ServerHeaderTransformation
+	(HttpConnectionManager_ForwardClientCertDetails)(0),                                 // 2: envoy.extensions.filters.network.http_connection_manager.v3.HttpConnectionManager.ForwardClientCertDetails
+	(HttpConnectionManager_PathWithEscapedSlashesAction)(0),                             // 3: envoy.extensions.filters.network.http_connection_manager.v3.HttpConnectionManager.PathWithEscapedSlashesAction
+	(HttpConnectionManager_Tracing_OperationName)(0),                                    // 4: envoy.extensions.filters.network.http_connection_manager.v3.HttpConnectionManager.Tracing.OperationName
+	(*HttpConnectionManager)(nil),                                                       // 5: envoy.extensions.filters.network.http_connection_manager.v3.HttpConnectionManager
+	(*LocalReplyConfig)(nil),                                                            // 6: envoy.extensions.filters.network.http_connection_manager.v3.LocalReplyConfig
+	(*ResponseMapper)(nil),                                                              // 7: envoy.extensions.filters.network.http_connection_manager.v3.ResponseMapper
+	(*Rds)(nil),                                                                         // 8: envoy.extensions.filters.network.http_connection_manager.v3.Rds
+	(*ScopedRouteConfigurationsList)(nil),                                               // 9: envoy.extensions.filters.network.http_connection_manager.v3.ScopedRouteConfigurationsList
+	(*ScopedRoutes)(nil),                                                                // 10: envoy.extensions.filters.network.http_connection_manager.v3.ScopedRoutes
+	(*ScopedRds)(nil),                                                                   // 11: envoy.extensions.filters.network.http_connection_manager.v3.ScopedRds
+	(*HttpFilter)(nil),                                                                  // 12: envoy.extensions.filters.network.http_connection_manager.v3.HttpFilter
+	(*RequestIDExtension)(nil),                                                          // 13: envoy.extensions.filters.network.http_connection_manager.v3.RequestIDExtension
+	(*EnvoyMobileHttpConnectionManager)(nil),                                            // 14: envoy.extensions.filters.network.http_connection_manager.v3.EnvoyMobileHttpConnectionManager
+	(*HttpConnectionManager_Tracing)(nil),                                               // 15: envoy.extensions.filters.network.http_connection_manager.v3.HttpConnectionManager.Tracing
+	(*HttpConnectionManager_InternalAddressConfig)(nil),                                 // 16: envoy.extensions.filters.network.http_connection_manager.v3.HttpConnectionManager.InternalAddressConfig
+	(*HttpConnectionManager_SetCurrentClientCertDetails)(nil),                           // 17: envoy.extensions.filters.network.http_connection_manager.v3.HttpConnectionManager.SetCurrentClientCertDetails
+	(*HttpConnectionManager_UpgradeConfig)(nil),                                         // 18: envoy.extensions.filters.network.http_connection_manager.v3.HttpConnectionManager.UpgradeConfig
+	(*HttpConnectionManager_PathNormalizationOptions)(nil),                              // 19: envoy.extensions.filters.network.http_connection_manager.v3.HttpConnectionManager.PathNormalizationOptions
+	(*ScopedRoutes_ScopeKeyBuilder)(nil),                                                // 20: envoy.extensions.filters.network.http_connection_manager.v3.ScopedRoutes.ScopeKeyBuilder
+	(*ScopedRoutes_ScopeKeyBuilder_FragmentBuilder)(nil),                                // 21: envoy.extensions.filters.network.http_connection_manager.v3.ScopedRoutes.ScopeKeyBuilder.FragmentBuilder
+	(*ScopedRoutes_ScopeKeyBuilder_FragmentBuilder_HeaderValueExtractor)(nil),           // 22: envoy.extensions.filters.network.http_connection_manager.v3.ScopedRoutes.ScopeKeyBuilder.FragmentBuilder.HeaderValueExtractor
+	(*ScopedRoutes_ScopeKeyBuilder_FragmentBuilder_HeaderValueExtractor_KvElement)(nil), // 23: envoy.extensions.filters.network.http_connection_manager.v3.ScopedRoutes.ScopeKeyBuilder.FragmentBuilder.HeaderValueExtractor.KvElement
+	(*v32.RouteConfiguration)(nil),                                                      // 24: envoy.config.route.v3.RouteConfiguration
+	(*wrappers.BoolValue)(nil),                                                          // 25: google.protobuf.BoolValue
+	(*v3.HttpProtocolOptions)(nil),                                                      // 26: envoy.config.core.v3.HttpProtocolOptions
+	(*v3.Http1ProtocolOptions)(nil),                                                     // 27: envoy.config.core.v3.Http1ProtocolOptions
+	(*v3.Http2ProtocolOptions)(nil),                                                     // 28: envoy.config.core.v3.Http2ProtocolOptions
+	(*v3.Http3ProtocolOptions)(nil),                                                     // 29: envoy.config.core.v3.Http3ProtocolOptions
+	(*v3.SchemeHeaderTransformation)(nil),                                               // 30: envoy.config.core.v3.SchemeHeaderTransformation
+	(*wrappers.UInt32Value)(nil),                                                        // 31: google.protobuf.UInt32Value
+	(*duration.Duration)(nil),                                                           // 32: google.protobuf.Duration
+	(*v31.AccessLog)(nil),                                                               // 33: envoy.config.accesslog.v3.AccessLog
+	(*v3.TypedExtensionConfig)(nil),                                                     // 34: envoy.config.core.v3.TypedExtensionConfig
+	(*v3.SubstitutionFormatString)(nil),                                                 // 35: envoy.config.core.v3.SubstitutionFormatString
+	(*v31.AccessLogFilter)(nil),                                                         // 36: envoy.config.accesslog.v3.AccessLogFilter
+	(*v3.DataSource)(nil),                                                               // 37: envoy.config.core.v3.DataSource
+	(*v3.HeaderValueOption)(nil),                                                        // 38: envoy.config.core.v3.HeaderValueOption
+	(*v3.ConfigSource)(nil),                                                             // 39: envoy.config.core.v3.ConfigSource
+	(*v32.ScopedRouteConfiguration)(nil),                                                // 40: envoy.config.route.v3.ScopedRouteConfiguration
+	(*any.Any)(nil),                                                                     // 41: google.protobuf.Any
+	(*v3.ExtensionConfigSource)(nil),                                                    // 42: envoy.config.core.v3.ExtensionConfigSource
+	(*v33.Percent)(nil),                                                                 // 43: envoy.type.v3.Percent
+	(*v34.CustomTag)(nil),                                                               // 44: envoy.type.tracing.v3.CustomTag
+	(*v35.Tracing_Http)(nil),                                                            // 45: envoy.config.trace.v3.Tracing.Http
+	(*v36.PathTransformation)(nil),                                                      // 46: envoy.type.http.v3.PathTransformation
+}
+var file_envoy_extensions_filters_network_http_connection_manager_v3_http_connection_manager_proto_depIdxs = []int32{
+	0,  // 0: envoy.extensions.filters.network.http_connection_manager.v3.HttpConnectionManager.codec_type:type_name -> envoy.extensions.filters.network.http_connection_manager.v3.HttpConnectionManager.CodecType
+	8,  // 1: envoy.extensions.filters.network.http_connection_manager.v3.HttpConnectionManager.rds:type_name -> envoy.extensions.filters.network.http_connection_manager.v3.Rds
+	24, // 2: envoy.extensions.filters.network.http_connection_manager.v3.HttpConnectionManager.route_config:type_name -> envoy.config.route.v3.RouteConfiguration
+	10, // 3: envoy.extensions.filters.network.http_connection_manager.v3.HttpConnectionManager.scoped_routes:type_name -> envoy.extensions.filters.network.http_connection_manager.v3.ScopedRoutes
+	12, // 4: envoy.extensions.filters.network.http_connection_manager.v3.HttpConnectionManager.http_filters:type_name -> envoy.extensions.filters.network.http_connection_manager.v3.HttpFilter
+	25, // 5: envoy.extensions.filters.network.http_connection_manager.v3.HttpConnectionManager.add_user_agent:type_name -> google.protobuf.BoolValue
+	15, // 6: envoy.extensions.filters.network.http_connection_manager.v3.HttpConnectionManager.tracing:type_name -> envoy.extensions.filters.network.http_connection_manager.v3.HttpConnectionManager.Tracing
+	26, // 7: envoy.extensions.filters.network.http_connection_manager.v3.HttpConnectionManager.common_http_protocol_options:type_name -> envoy.config.core.v3.HttpProtocolOptions
+	27, // 8: envoy.extensions.filters.network.http_connection_manager.v3.HttpConnectionManager.http_protocol_options:type_name -> envoy.config.core.v3.Http1ProtocolOptions
+	28, // 9: envoy.extensions.filters.network.http_connection_manager.v3.HttpConnectionManager.http2_protocol_options:type_name -> envoy.config.core.v3.Http2ProtocolOptions
+	29, // 10: envoy.extensions.filters.network.http_connection_manager.v3.HttpConnectionManager.http3_protocol_options:type_name -> envoy.config.core.v3.Http3ProtocolOptions
+	1,  // 11: envoy.extensions.filters.network.http_connection_manager.v3.HttpConnectionManager.server_header_transformation:type_name -> envoy.extensions.filters.network.http_connection_manager.v3.HttpConnectionManager.ServerHeaderTransformation
+	30, // 12: envoy.extensions.filters.network.http_connection_manager.v3.HttpConnectionManager.scheme_header_transformation:type_name -> envoy.config.core.v3.SchemeHeaderTransformation
+	31, // 13: envoy.extensions.filters.network.http_connection_manager.v3.HttpConnectionManager.max_request_headers_kb:type_name -> google.protobuf.UInt32Value
+	32, // 14: envoy.extensions.filters.network.http_connection_manager.v3.HttpConnectionManager.stream_idle_timeout:type_name -> google.protobuf.Duration
+	32, // 15: envoy.extensions.filters.network.http_connection_manager.v3.HttpConnectionManager.request_timeout:type_name -> google.protobuf.Duration
+	32, // 16: envoy.extensions.filters.network.http_connection_manager.v3.HttpConnectionManager.request_headers_timeout:type_name -> google.protobuf.Duration
+	32, // 17: envoy.extensions.filters.network.http_connection_manager.v3.HttpConnectionManager.drain_timeout:type_name -> google.protobuf.Duration
+	32, // 18: envoy.extensions.filters.network.http_connection_manager.v3.HttpConnectionManager.delayed_close_timeout:type_name -> google.protobuf.Duration
+	33, // 19: envoy.extensions.filters.network.http_connection_manager.v3.HttpConnectionManager.access_log:type_name -> envoy.config.accesslog.v3.AccessLog
+	25, // 20: envoy.extensions.filters.network.http_connection_manager.v3.HttpConnectionManager.use_remote_address:type_name -> google.protobuf.BoolValue
+	34, // 21: envoy.extensions.filters.network.http_connection_manager.v3.HttpConnectionManager.original_ip_detection_extensions:type_name -> envoy.config.core.v3.TypedExtensionConfig
+	16, // 22: envoy.extensions.filters.network.http_connection_manager.v3.HttpConnectionManager.internal_address_config:type_name -> envoy.extensions.filters.network.http_connection_manager.v3.HttpConnectionManager.InternalAddressConfig
+	25, // 23: envoy.extensions.filters.network.http_connection_manager.v3.HttpConnectionManager.generate_request_id:type_name -> google.protobuf.BoolValue
+	2,  // 24: envoy.extensions.filters.network.http_connection_manager.v3.HttpConnectionManager.forward_client_cert_details:type_name -> envoy.extensions.filters.network.http_connection_manager.v3.HttpConnectionManager.ForwardClientCertDetails
+	17, // 25: envoy.extensions.filters.network.http_connection_manager.v3.HttpConnectionManager.set_current_client_cert_details:type_name -> envoy.extensions.filters.network.http_connection_manager.v3.HttpConnectionManager.SetCurrentClientCertDetails
+	18, // 26: envoy.extensions.filters.network.http_connection_manager.v3.HttpConnectionManager.upgrade_configs:type_name -> envoy.extensions.filters.network.http_connection_manager.v3.HttpConnectionManager.UpgradeConfig
+	25, // 27: envoy.extensions.filters.network.http_connection_manager.v3.HttpConnectionManager.normalize_path:type_name -> google.protobuf.BoolValue
+	3,  // 28: envoy.extensions.filters.network.http_connection_manager.v3.HttpConnectionManager.path_with_escaped_slashes_action:type_name -> envoy.extensions.filters.network.http_connection_manager.v3.HttpConnectionManager.PathWithEscapedSlashesAction
+	13, // 29: envoy.extensions.filters.network.http_connection_manager.v3.HttpConnectionManager.request_id_extension:type_name -> envoy.extensions.filters.network.http_connection_manager.v3.RequestIDExtension
+	6,  // 30: envoy.extensions.filters.network.http_connection_manager.v3.HttpConnectionManager.local_reply_config:type_name -> envoy.extensions.filters.network.http_connection_manager.v3.LocalReplyConfig
+	25, // 31: envoy.extensions.filters.network.http_connection_manager.v3.HttpConnectionManager.stream_error_on_invalid_http_message:type_name -> google.protobuf.BoolValue
+	19, // 32: envoy.extensions.filters.network.http_connection_manager.v3.HttpConnectionManager.path_normalization_options:type_name -> envoy.extensions.filters.network.http_connection_manager.v3.HttpConnectionManager.PathNormalizationOptions
+	7,  // 33: envoy.extensions.filters.network.http_connection_manager.v3.LocalReplyConfig.mappers:type_name -> envoy.extensions.filters.network.http_connection_manager.v3.ResponseMapper
+	35, // 34: envoy.extensions.filters.network.http_connection_manager.v3.LocalReplyConfig.body_format:type_name -> envoy.config.core.v3.SubstitutionFormatString
+	36, // 35: envoy.extensions.filters.network.http_connection_manager.v3.ResponseMapper.filter:type_name -> envoy.config.accesslog.v3.AccessLogFilter
+	31, // 36: envoy.extensions.filters.network.http_connection_manager.v3.ResponseMapper.status_code:type_name -> google.protobuf.UInt32Value
+	37, // 37: envoy.extensions.filters.network.http_connection_manager.v3.ResponseMapper.body:type_name -> envoy.config.core.v3.DataSource
+	35, // 38: envoy.extensions.filters.network.http_connection_manager.v3.ResponseMapper.body_format_override:type_name -> envoy.config.core.v3.SubstitutionFormatString
+	38, // 39: envoy.extensions.filters.network.http_connection_manager.v3.ResponseMapper.headers_to_add:type_name -> envoy.config.core.v3.HeaderValueOption
+	39, // 40: envoy.extensions.filters.network.http_connection_manager.v3.Rds.config_source:type_name -> envoy.config.core.v3.ConfigSource
+	40, // 41: envoy.extensions.filters.network.http_connection_manager.v3.ScopedRouteConfigurationsList.scoped_route_configurations:type_name -> envoy.config.route.v3.ScopedRouteConfiguration
+	20, // 42: envoy.extensions.filters.network.http_connection_manager.v3.ScopedRoutes.scope_key_builder:type_name -> envoy.extensions.filters.network.http_connection_manager.v3.ScopedRoutes.ScopeKeyBuilder
+	39, // 43: envoy.extensions.filters.network.http_connection_manager.v3.ScopedRoutes.rds_config_source:type_name -> envoy.config.core.v3.ConfigSource
+	9,  // 44: envoy.extensions.filters.network.http_connection_manager.v3.ScopedRoutes.scoped_route_configurations_list:type_name -> envoy.extensions.filters.network.http_connection_manager.v3.ScopedRouteConfigurationsList
+	11, // 45: envoy.extensions.filters.network.http_connection_manager.v3.ScopedRoutes.scoped_rds:type_name -> envoy.extensions.filters.network.http_connection_manager.v3.ScopedRds
+	39, // 46: envoy.extensions.filters.network.http_connection_manager.v3.ScopedRds.scoped_rds_config_source:type_name -> envoy.config.core.v3.ConfigSource
+	41, // 47: envoy.extensions.filters.network.http_connection_manager.v3.HttpFilter.typed_config:type_name -> google.protobuf.Any
+	42, // 48: envoy.extensions.filters.network.http_connection_manager.v3.HttpFilter.config_discovery:type_name -> envoy.config.core.v3.ExtensionConfigSource
+	41, // 49: envoy.extensions.filters.network.http_connection_manager.v3.RequestIDExtension.typed_config:type_name -> google.protobuf.Any
+	5,  // 50: envoy.extensions.filters.network.http_connection_manager.v3.EnvoyMobileHttpConnectionManager.config:type_name -> envoy.extensions.filters.network.http_connection_manager.v3.HttpConnectionManager
+	43, // 51: envoy.extensions.filters.network.http_connection_manager.v3.HttpConnectionManager.Tracing.client_sampling:type_name -> envoy.type.v3.Percent
+	43, // 52: envoy.extensions.filters.network.http_connection_manager.v3.HttpConnectionManager.Tracing.random_sampling:type_name -> envoy.type.v3.Percent
+	43, // 53: envoy.extensions.filters.network.http_connection_manager.v3.HttpConnectionManager.Tracing.overall_sampling:type_name -> envoy.type.v3.Percent
+	31, // 54: envoy.extensions.filters.network.http_connection_manager.v3.HttpConnectionManager.Tracing.max_path_tag_length:type_name -> google.protobuf.UInt32Value
+	44, // 55: envoy.extensions.filters.network.http_connection_manager.v3.HttpConnectionManager.Tracing.custom_tags:type_name -> envoy.type.tracing.v3.CustomTag
+	45, // 56: envoy.extensions.filters.network.http_connection_manager.v3.HttpConnectionManager.Tracing.provider:type_name -> envoy.config.trace.v3.Tracing.Http
+	25, // 57: envoy.extensions.filters.network.http_connection_manager.v3.HttpConnectionManager.SetCurrentClientCertDetails.subject:type_name -> google.protobuf.BoolValue
+	12, // 58: envoy.extensions.filters.network.http_connection_manager.v3.HttpConnectionManager.UpgradeConfig.filters:type_name -> envoy.extensions.filters.network.http_connection_manager.v3.HttpFilter
+	25, // 59: envoy.extensions.filters.network.http_connection_manager.v3.HttpConnectionManager.UpgradeConfig.enabled:type_name -> google.protobuf.BoolValue
+	46, // 60: envoy.extensions.filters.network.http_connection_manager.v3.HttpConnectionManager.PathNormalizationOptions.forwarding_transformation:type_name -> envoy.type.http.v3.PathTransformation
+	46, // 61: envoy.extensions.filters.network.http_connection_manager.v3.HttpConnectionManager.PathNormalizationOptions.http_filter_transformation:type_name -> envoy.type.http.v3.PathTransformation
+	21, // 62: envoy.extensions.filters.network.http_connection_manager.v3.ScopedRoutes.ScopeKeyBuilder.fragments:type_name -> envoy.extensions.filters.network.http_connection_manager.v3.ScopedRoutes.ScopeKeyBuilder.FragmentBuilder
+	22, // 63: envoy.extensions.filters.network.http_connection_manager.v3.ScopedRoutes.ScopeKeyBuilder.FragmentBuilder.header_value_extractor:type_name -> envoy.extensions.filters.network.http_connection_manager.v3.ScopedRoutes.ScopeKeyBuilder.FragmentBuilder.HeaderValueExtractor
+	23, // 64: envoy.extensions.filters.network.http_connection_manager.v3.ScopedRoutes.ScopeKeyBuilder.FragmentBuilder.HeaderValueExtractor.element:type_name -> envoy.extensions.filters.network.http_connection_manager.v3.ScopedRoutes.ScopeKeyBuilder.FragmentBuilder.HeaderValueExtractor.KvElement
+	65, // [65:65] is the sub-list for method output_type
+	65, // [65:65] is the sub-list for method input_type
+	65, // [65:65] is the sub-list for extension type_name
+	65, // [65:65] is the sub-list for extension extendee
+	0,  // [0:65] is the sub-list for field type_name
+}
+
+func init() {
+	file_envoy_extensions_filters_network_http_connection_manager_v3_http_connection_manager_proto_init()
+}
+func file_envoy_extensions_filters_network_http_connection_manager_v3_http_connection_manager_proto_init() {
+	if File_envoy_extensions_filters_network_http_connection_manager_v3_http_connection_manager_proto != nil {
+		return
+	}
+	if !protoimpl.UnsafeEnabled {
+		file_envoy_extensions_filters_network_http_connection_manager_v3_http_connection_manager_proto_msgTypes[0].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*HttpConnectionManager); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_extensions_filters_network_http_connection_manager_v3_http_connection_manager_proto_msgTypes[1].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*LocalReplyConfig); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_extensions_filters_network_http_connection_manager_v3_http_connection_manager_proto_msgTypes[2].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*ResponseMapper); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_extensions_filters_network_http_connection_manager_v3_http_connection_manager_proto_msgTypes[3].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*Rds); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_extensions_filters_network_http_connection_manager_v3_http_connection_manager_proto_msgTypes[4].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*ScopedRouteConfigurationsList); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_extensions_filters_network_http_connection_manager_v3_http_connection_manager_proto_msgTypes[5].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*ScopedRoutes); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_extensions_filters_network_http_connection_manager_v3_http_connection_manager_proto_msgTypes[6].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*ScopedRds); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_extensions_filters_network_http_connection_manager_v3_http_connection_manager_proto_msgTypes[7].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*HttpFilter); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_extensions_filters_network_http_connection_manager_v3_http_connection_manager_proto_msgTypes[8].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*RequestIDExtension); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_extensions_filters_network_http_connection_manager_v3_http_connection_manager_proto_msgTypes[9].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*EnvoyMobileHttpConnectionManager); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_extensions_filters_network_http_connection_manager_v3_http_connection_manager_proto_msgTypes[10].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*HttpConnectionManager_Tracing); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_extensions_filters_network_http_connection_manager_v3_http_connection_manager_proto_msgTypes[11].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*HttpConnectionManager_InternalAddressConfig); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_extensions_filters_network_http_connection_manager_v3_http_connection_manager_proto_msgTypes[12].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*HttpConnectionManager_SetCurrentClientCertDetails); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_extensions_filters_network_http_connection_manager_v3_http_connection_manager_proto_msgTypes[13].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*HttpConnectionManager_UpgradeConfig); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_extensions_filters_network_http_connection_manager_v3_http_connection_manager_proto_msgTypes[14].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*HttpConnectionManager_PathNormalizationOptions); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_extensions_filters_network_http_connection_manager_v3_http_connection_manager_proto_msgTypes[15].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*ScopedRoutes_ScopeKeyBuilder); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_extensions_filters_network_http_connection_manager_v3_http_connection_manager_proto_msgTypes[16].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*ScopedRoutes_ScopeKeyBuilder_FragmentBuilder); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_extensions_filters_network_http_connection_manager_v3_http_connection_manager_proto_msgTypes[17].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*ScopedRoutes_ScopeKeyBuilder_FragmentBuilder_HeaderValueExtractor); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_extensions_filters_network_http_connection_manager_v3_http_connection_manager_proto_msgTypes[18].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*ScopedRoutes_ScopeKeyBuilder_FragmentBuilder_HeaderValueExtractor_KvElement); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+	}
+	file_envoy_extensions_filters_network_http_connection_manager_v3_http_connection_manager_proto_msgTypes[0].OneofWrappers = []interface{}{
+		(*HttpConnectionManager_Rds)(nil),
+		(*HttpConnectionManager_RouteConfig)(nil),
+		(*HttpConnectionManager_ScopedRoutes)(nil),
+		(*HttpConnectionManager_StripAnyHostPort)(nil),
+	}
+	file_envoy_extensions_filters_network_http_connection_manager_v3_http_connection_manager_proto_msgTypes[5].OneofWrappers = []interface{}{
+		(*ScopedRoutes_ScopedRouteConfigurationsList)(nil),
+		(*ScopedRoutes_ScopedRds)(nil),
+	}
+	file_envoy_extensions_filters_network_http_connection_manager_v3_http_connection_manager_proto_msgTypes[7].OneofWrappers = []interface{}{
+		(*HttpFilter_TypedConfig)(nil),
+		(*HttpFilter_ConfigDiscovery)(nil),
+	}
+	file_envoy_extensions_filters_network_http_connection_manager_v3_http_connection_manager_proto_msgTypes[16].OneofWrappers = []interface{}{
+		(*ScopedRoutes_ScopeKeyBuilder_FragmentBuilder_HeaderValueExtractor_)(nil),
+	}
+	file_envoy_extensions_filters_network_http_connection_manager_v3_http_connection_manager_proto_msgTypes[17].OneofWrappers = []interface{}{
+		(*ScopedRoutes_ScopeKeyBuilder_FragmentBuilder_HeaderValueExtractor_Index)(nil),
+		(*ScopedRoutes_ScopeKeyBuilder_FragmentBuilder_HeaderValueExtractor_Element)(nil),
+	}
+	type x struct{}
+	out := protoimpl.TypeBuilder{
+		File: protoimpl.DescBuilder{
+			GoPackagePath: reflect.TypeOf(x{}).PkgPath(),
+			RawDescriptor: file_envoy_extensions_filters_network_http_connection_manager_v3_http_connection_manager_proto_rawDesc,
+			NumEnums:      5,
+			NumMessages:   19,
+			NumExtensions: 0,
+			NumServices:   0,
+		},
+		GoTypes:           file_envoy_extensions_filters_network_http_connection_manager_v3_http_connection_manager_proto_goTypes,
+		DependencyIndexes: file_envoy_extensions_filters_network_http_connection_manager_v3_http_connection_manager_proto_depIdxs,
+		EnumInfos:         file_envoy_extensions_filters_network_http_connection_manager_v3_http_connection_manager_proto_enumTypes,
+		MessageInfos:      file_envoy_extensions_filters_network_http_connection_manager_v3_http_connection_manager_proto_msgTypes,
+	}.Build()
+	File_envoy_extensions_filters_network_http_connection_manager_v3_http_connection_manager_proto = out.File
+	file_envoy_extensions_filters_network_http_connection_manager_v3_http_connection_manager_proto_rawDesc = nil
+	file_envoy_extensions_filters_network_http_connection_manager_v3_http_connection_manager_proto_goTypes = nil
+	file_envoy_extensions_filters_network_http_connection_manager_v3_http_connection_manager_proto_depIdxs = nil
+}
diff --git a/vendor/github.com/envoyproxy/go-control-plane/envoy/extensions/filters/network/http_connection_manager/v3/http_connection_manager.pb.validate.go b/vendor/github.com/envoyproxy/go-control-plane/envoy/extensions/filters/network/http_connection_manager/v3/http_connection_manager.pb.validate.go
new file mode 100644
index 00000000000..e35341a8f84
--- /dev/null
+++ b/vendor/github.com/envoyproxy/go-control-plane/envoy/extensions/filters/network/http_connection_manager/v3/http_connection_manager.pb.validate.go
@@ -0,0 +1,4121 @@
+// Code generated by protoc-gen-validate. DO NOT EDIT.
+// source: envoy/extensions/filters/network/http_connection_manager/v3/http_connection_manager.proto
+
+package envoy_extensions_filters_network_http_connection_manager_v3
+
+import (
+	"bytes"
+	"errors"
+	"fmt"
+	"net"
+	"net/mail"
+	"net/url"
+	"regexp"
+	"sort"
+	"strings"
+	"time"
+	"unicode/utf8"
+
+	"google.golang.org/protobuf/types/known/anypb"
+)
+
+// ensure the imports are used
+var (
+	_ = bytes.MinRead
+	_ = errors.New("")
+	_ = fmt.Print
+	_ = utf8.UTFMax
+	_ = (*regexp.Regexp)(nil)
+	_ = (*strings.Reader)(nil)
+	_ = net.IPv4len
+	_ = time.Duration(0)
+	_ = (*url.URL)(nil)
+	_ = (*mail.Address)(nil)
+	_ = anypb.Any{}
+	_ = sort.Sort
+)
+
+// Validate checks the field values on HttpConnectionManager with the rules
+// defined in the proto definition for this message. If any rules are
+// violated, the first error encountered is returned, or nil if there are no violations.
+func (m *HttpConnectionManager) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on HttpConnectionManager with the rules
+// defined in the proto definition for this message. If any rules are
+// violated, the result is a list of violation errors wrapped in
+// HttpConnectionManagerMultiError, or nil if none found.
+func (m *HttpConnectionManager) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *HttpConnectionManager) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	if _, ok := HttpConnectionManager_CodecType_name[int32(m.GetCodecType())]; !ok {
+		err := HttpConnectionManagerValidationError{
+			field:  "CodecType",
+			reason: "value must be one of the defined enum values",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+	}
+
+	if utf8.RuneCountInString(m.GetStatPrefix()) < 1 {
+		err := HttpConnectionManagerValidationError{
+			field:  "StatPrefix",
+			reason: "value length must be at least 1 runes",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+	}
+
+	for idx, item := range m.GetHttpFilters() {
+		_, _ = idx, item
+
+		if all {
+			switch v := interface{}(item).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, HttpConnectionManagerValidationError{
+						field:  fmt.Sprintf("HttpFilters[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, HttpConnectionManagerValidationError{
+						field:  fmt.Sprintf("HttpFilters[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(item).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return HttpConnectionManagerValidationError{
+					field:  fmt.Sprintf("HttpFilters[%v]", idx),
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	}
+
+	if all {
+		switch v := interface{}(m.GetAddUserAgent()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, HttpConnectionManagerValidationError{
+					field:  "AddUserAgent",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, HttpConnectionManagerValidationError{
+					field:  "AddUserAgent",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetAddUserAgent()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return HttpConnectionManagerValidationError{
+				field:  "AddUserAgent",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if all {
+		switch v := interface{}(m.GetTracing()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, HttpConnectionManagerValidationError{
+					field:  "Tracing",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, HttpConnectionManagerValidationError{
+					field:  "Tracing",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetTracing()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return HttpConnectionManagerValidationError{
+				field:  "Tracing",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if all {
+		switch v := interface{}(m.GetCommonHttpProtocolOptions()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, HttpConnectionManagerValidationError{
+					field:  "CommonHttpProtocolOptions",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, HttpConnectionManagerValidationError{
+					field:  "CommonHttpProtocolOptions",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetCommonHttpProtocolOptions()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return HttpConnectionManagerValidationError{
+				field:  "CommonHttpProtocolOptions",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if all {
+		switch v := interface{}(m.GetHttpProtocolOptions()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, HttpConnectionManagerValidationError{
+					field:  "HttpProtocolOptions",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, HttpConnectionManagerValidationError{
+					field:  "HttpProtocolOptions",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetHttpProtocolOptions()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return HttpConnectionManagerValidationError{
+				field:  "HttpProtocolOptions",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if all {
+		switch v := interface{}(m.GetHttp2ProtocolOptions()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, HttpConnectionManagerValidationError{
+					field:  "Http2ProtocolOptions",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, HttpConnectionManagerValidationError{
+					field:  "Http2ProtocolOptions",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetHttp2ProtocolOptions()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return HttpConnectionManagerValidationError{
+				field:  "Http2ProtocolOptions",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if all {
+		switch v := interface{}(m.GetHttp3ProtocolOptions()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, HttpConnectionManagerValidationError{
+					field:  "Http3ProtocolOptions",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, HttpConnectionManagerValidationError{
+					field:  "Http3ProtocolOptions",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetHttp3ProtocolOptions()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return HttpConnectionManagerValidationError{
+				field:  "Http3ProtocolOptions",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if !_HttpConnectionManager_ServerName_Pattern.MatchString(m.GetServerName()) {
+		err := HttpConnectionManagerValidationError{
+			field:  "ServerName",
+			reason: "value does not match regex pattern \"^[^\\x00\\n\\r]*$\"",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+	}
+
+	if _, ok := HttpConnectionManager_ServerHeaderTransformation_name[int32(m.GetServerHeaderTransformation())]; !ok {
+		err := HttpConnectionManagerValidationError{
+			field:  "ServerHeaderTransformation",
+			reason: "value must be one of the defined enum values",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+	}
+
+	if all {
+		switch v := interface{}(m.GetSchemeHeaderTransformation()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, HttpConnectionManagerValidationError{
+					field:  "SchemeHeaderTransformation",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, HttpConnectionManagerValidationError{
+					field:  "SchemeHeaderTransformation",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetSchemeHeaderTransformation()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return HttpConnectionManagerValidationError{
+				field:  "SchemeHeaderTransformation",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if wrapper := m.GetMaxRequestHeadersKb(); wrapper != nil {
+
+		if val := wrapper.GetValue(); val <= 0 || val > 8192 {
+			err := HttpConnectionManagerValidationError{
+				field:  "MaxRequestHeadersKb",
+				reason: "value must be inside range (0, 8192]",
+			}
+			if !all {
+				return err
+			}
+			errors = append(errors, err)
+		}
+
+	}
+
+	if all {
+		switch v := interface{}(m.GetStreamIdleTimeout()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, HttpConnectionManagerValidationError{
+					field:  "StreamIdleTimeout",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, HttpConnectionManagerValidationError{
+					field:  "StreamIdleTimeout",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetStreamIdleTimeout()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return HttpConnectionManagerValidationError{
+				field:  "StreamIdleTimeout",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if all {
+		switch v := interface{}(m.GetRequestTimeout()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, HttpConnectionManagerValidationError{
+					field:  "RequestTimeout",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, HttpConnectionManagerValidationError{
+					field:  "RequestTimeout",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetRequestTimeout()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return HttpConnectionManagerValidationError{
+				field:  "RequestTimeout",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if d := m.GetRequestHeadersTimeout(); d != nil {
+		dur, err := d.AsDuration(), d.CheckValid()
+		if err != nil {
+			err = HttpConnectionManagerValidationError{
+				field:  "RequestHeadersTimeout",
+				reason: "value is not a valid duration",
+				cause:  err,
+			}
+			if !all {
+				return err
+			}
+			errors = append(errors, err)
+		} else {
+
+			gte := time.Duration(0*time.Second + 0*time.Nanosecond)
+
+			if dur < gte {
+				err := HttpConnectionManagerValidationError{
+					field:  "RequestHeadersTimeout",
+					reason: "value must be greater than or equal to 0s",
+				}
+				if !all {
+					return err
+				}
+				errors = append(errors, err)
+			}
+
+		}
+	}
+
+	if all {
+		switch v := interface{}(m.GetDrainTimeout()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, HttpConnectionManagerValidationError{
+					field:  "DrainTimeout",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, HttpConnectionManagerValidationError{
+					field:  "DrainTimeout",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetDrainTimeout()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return HttpConnectionManagerValidationError{
+				field:  "DrainTimeout",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if all {
+		switch v := interface{}(m.GetDelayedCloseTimeout()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, HttpConnectionManagerValidationError{
+					field:  "DelayedCloseTimeout",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, HttpConnectionManagerValidationError{
+					field:  "DelayedCloseTimeout",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetDelayedCloseTimeout()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return HttpConnectionManagerValidationError{
+				field:  "DelayedCloseTimeout",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	for idx, item := range m.GetAccessLog() {
+		_, _ = idx, item
+
+		if all {
+			switch v := interface{}(item).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, HttpConnectionManagerValidationError{
+						field:  fmt.Sprintf("AccessLog[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, HttpConnectionManagerValidationError{
+						field:  fmt.Sprintf("AccessLog[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(item).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return HttpConnectionManagerValidationError{
+					field:  fmt.Sprintf("AccessLog[%v]", idx),
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	}
+
+	if all {
+		switch v := interface{}(m.GetUseRemoteAddress()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, HttpConnectionManagerValidationError{
+					field:  "UseRemoteAddress",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, HttpConnectionManagerValidationError{
+					field:  "UseRemoteAddress",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetUseRemoteAddress()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return HttpConnectionManagerValidationError{
+				field:  "UseRemoteAddress",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	// no validation rules for XffNumTrustedHops
+
+	for idx, item := range m.GetOriginalIpDetectionExtensions() {
+		_, _ = idx, item
+
+		if all {
+			switch v := interface{}(item).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, HttpConnectionManagerValidationError{
+						field:  fmt.Sprintf("OriginalIpDetectionExtensions[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, HttpConnectionManagerValidationError{
+						field:  fmt.Sprintf("OriginalIpDetectionExtensions[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(item).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return HttpConnectionManagerValidationError{
+					field:  fmt.Sprintf("OriginalIpDetectionExtensions[%v]", idx),
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	}
+
+	if all {
+		switch v := interface{}(m.GetInternalAddressConfig()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, HttpConnectionManagerValidationError{
+					field:  "InternalAddressConfig",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, HttpConnectionManagerValidationError{
+					field:  "InternalAddressConfig",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetInternalAddressConfig()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return HttpConnectionManagerValidationError{
+				field:  "InternalAddressConfig",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	// no validation rules for SkipXffAppend
+
+	if !_HttpConnectionManager_Via_Pattern.MatchString(m.GetVia()) {
+		err := HttpConnectionManagerValidationError{
+			field:  "Via",
+			reason: "value does not match regex pattern \"^[^\\x00\\n\\r]*$\"",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+	}
+
+	if all {
+		switch v := interface{}(m.GetGenerateRequestId()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, HttpConnectionManagerValidationError{
+					field:  "GenerateRequestId",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, HttpConnectionManagerValidationError{
+					field:  "GenerateRequestId",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetGenerateRequestId()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return HttpConnectionManagerValidationError{
+				field:  "GenerateRequestId",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	// no validation rules for PreserveExternalRequestId
+
+	// no validation rules for AlwaysSetRequestIdInResponse
+
+	if _, ok := HttpConnectionManager_ForwardClientCertDetails_name[int32(m.GetForwardClientCertDetails())]; !ok {
+		err := HttpConnectionManagerValidationError{
+			field:  "ForwardClientCertDetails",
+			reason: "value must be one of the defined enum values",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+	}
+
+	if all {
+		switch v := interface{}(m.GetSetCurrentClientCertDetails()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, HttpConnectionManagerValidationError{
+					field:  "SetCurrentClientCertDetails",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, HttpConnectionManagerValidationError{
+					field:  "SetCurrentClientCertDetails",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetSetCurrentClientCertDetails()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return HttpConnectionManagerValidationError{
+				field:  "SetCurrentClientCertDetails",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	// no validation rules for Proxy_100Continue
+
+	// no validation rules for RepresentIpv4RemoteAddressAsIpv4MappedIpv6
+
+	for idx, item := range m.GetUpgradeConfigs() {
+		_, _ = idx, item
+
+		if all {
+			switch v := interface{}(item).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, HttpConnectionManagerValidationError{
+						field:  fmt.Sprintf("UpgradeConfigs[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, HttpConnectionManagerValidationError{
+						field:  fmt.Sprintf("UpgradeConfigs[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(item).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return HttpConnectionManagerValidationError{
+					field:  fmt.Sprintf("UpgradeConfigs[%v]", idx),
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	}
+
+	if all {
+		switch v := interface{}(m.GetNormalizePath()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, HttpConnectionManagerValidationError{
+					field:  "NormalizePath",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, HttpConnectionManagerValidationError{
+					field:  "NormalizePath",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetNormalizePath()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return HttpConnectionManagerValidationError{
+				field:  "NormalizePath",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	// no validation rules for MergeSlashes
+
+	// no validation rules for PathWithEscapedSlashesAction
+
+	if all {
+		switch v := interface{}(m.GetRequestIdExtension()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, HttpConnectionManagerValidationError{
+					field:  "RequestIdExtension",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, HttpConnectionManagerValidationError{
+					field:  "RequestIdExtension",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetRequestIdExtension()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return HttpConnectionManagerValidationError{
+				field:  "RequestIdExtension",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if all {
+		switch v := interface{}(m.GetLocalReplyConfig()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, HttpConnectionManagerValidationError{
+					field:  "LocalReplyConfig",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, HttpConnectionManagerValidationError{
+					field:  "LocalReplyConfig",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetLocalReplyConfig()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return HttpConnectionManagerValidationError{
+				field:  "LocalReplyConfig",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	// no validation rules for StripMatchingHostPort
+
+	if all {
+		switch v := interface{}(m.GetStreamErrorOnInvalidHttpMessage()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, HttpConnectionManagerValidationError{
+					field:  "StreamErrorOnInvalidHttpMessage",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, HttpConnectionManagerValidationError{
+					field:  "StreamErrorOnInvalidHttpMessage",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetStreamErrorOnInvalidHttpMessage()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return HttpConnectionManagerValidationError{
+				field:  "StreamErrorOnInvalidHttpMessage",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if all {
+		switch v := interface{}(m.GetPathNormalizationOptions()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, HttpConnectionManagerValidationError{
+					field:  "PathNormalizationOptions",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, HttpConnectionManagerValidationError{
+					field:  "PathNormalizationOptions",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetPathNormalizationOptions()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return HttpConnectionManagerValidationError{
+				field:  "PathNormalizationOptions",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	// no validation rules for StripTrailingHostDot
+
+	switch m.RouteSpecifier.(type) {
+
+	case *HttpConnectionManager_Rds:
+
+		if all {
+			switch v := interface{}(m.GetRds()).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, HttpConnectionManagerValidationError{
+						field:  "Rds",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, HttpConnectionManagerValidationError{
+						field:  "Rds",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(m.GetRds()).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return HttpConnectionManagerValidationError{
+					field:  "Rds",
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	case *HttpConnectionManager_RouteConfig:
+
+		if all {
+			switch v := interface{}(m.GetRouteConfig()).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, HttpConnectionManagerValidationError{
+						field:  "RouteConfig",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, HttpConnectionManagerValidationError{
+						field:  "RouteConfig",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(m.GetRouteConfig()).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return HttpConnectionManagerValidationError{
+					field:  "RouteConfig",
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	case *HttpConnectionManager_ScopedRoutes:
+
+		if all {
+			switch v := interface{}(m.GetScopedRoutes()).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, HttpConnectionManagerValidationError{
+						field:  "ScopedRoutes",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, HttpConnectionManagerValidationError{
+						field:  "ScopedRoutes",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(m.GetScopedRoutes()).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return HttpConnectionManagerValidationError{
+					field:  "ScopedRoutes",
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	default:
+		err := HttpConnectionManagerValidationError{
+			field:  "RouteSpecifier",
+			reason: "value is required",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+
+	}
+
+	switch m.StripPortMode.(type) {
+
+	case *HttpConnectionManager_StripAnyHostPort:
+		// no validation rules for StripAnyHostPort
+
+	}
+
+	if len(errors) > 0 {
+		return HttpConnectionManagerMultiError(errors)
+	}
+	return nil
+}
+
+// HttpConnectionManagerMultiError is an error wrapping multiple validation
+// errors returned by HttpConnectionManager.ValidateAll() if the designated
+// constraints aren't met.
+type HttpConnectionManagerMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m HttpConnectionManagerMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m HttpConnectionManagerMultiError) AllErrors() []error { return m }
+
+// HttpConnectionManagerValidationError is the validation error returned by
+// HttpConnectionManager.Validate if the designated constraints aren't met.
+type HttpConnectionManagerValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e HttpConnectionManagerValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e HttpConnectionManagerValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e HttpConnectionManagerValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e HttpConnectionManagerValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e HttpConnectionManagerValidationError) ErrorName() string {
+	return "HttpConnectionManagerValidationError"
+}
+
+// Error satisfies the builtin error interface
+func (e HttpConnectionManagerValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sHttpConnectionManager.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = HttpConnectionManagerValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = HttpConnectionManagerValidationError{}
+
+var _HttpConnectionManager_ServerName_Pattern = regexp.MustCompile("^[^\x00\n\r]*$")
+
+var _HttpConnectionManager_Via_Pattern = regexp.MustCompile("^[^\x00\n\r]*$")
+
+// Validate checks the field values on LocalReplyConfig with the rules defined
+// in the proto definition for this message. If any rules are violated, the
+// first error encountered is returned, or nil if there are no violations.
+func (m *LocalReplyConfig) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on LocalReplyConfig with the rules
+// defined in the proto definition for this message. If any rules are
+// violated, the result is a list of violation errors wrapped in
+// LocalReplyConfigMultiError, or nil if none found.
+func (m *LocalReplyConfig) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *LocalReplyConfig) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	for idx, item := range m.GetMappers() {
+		_, _ = idx, item
+
+		if all {
+			switch v := interface{}(item).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, LocalReplyConfigValidationError{
+						field:  fmt.Sprintf("Mappers[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, LocalReplyConfigValidationError{
+						field:  fmt.Sprintf("Mappers[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(item).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return LocalReplyConfigValidationError{
+					field:  fmt.Sprintf("Mappers[%v]", idx),
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	}
+
+	if all {
+		switch v := interface{}(m.GetBodyFormat()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, LocalReplyConfigValidationError{
+					field:  "BodyFormat",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, LocalReplyConfigValidationError{
+					field:  "BodyFormat",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetBodyFormat()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return LocalReplyConfigValidationError{
+				field:  "BodyFormat",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if len(errors) > 0 {
+		return LocalReplyConfigMultiError(errors)
+	}
+	return nil
+}
+
+// LocalReplyConfigMultiError is an error wrapping multiple validation errors
+// returned by LocalReplyConfig.ValidateAll() if the designated constraints
+// aren't met.
+type LocalReplyConfigMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m LocalReplyConfigMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m LocalReplyConfigMultiError) AllErrors() []error { return m }
+
+// LocalReplyConfigValidationError is the validation error returned by
+// LocalReplyConfig.Validate if the designated constraints aren't met.
+type LocalReplyConfigValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e LocalReplyConfigValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e LocalReplyConfigValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e LocalReplyConfigValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e LocalReplyConfigValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e LocalReplyConfigValidationError) ErrorName() string { return "LocalReplyConfigValidationError" }
+
+// Error satisfies the builtin error interface
+func (e LocalReplyConfigValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sLocalReplyConfig.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = LocalReplyConfigValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = LocalReplyConfigValidationError{}
+
+// Validate checks the field values on ResponseMapper with the rules defined in
+// the proto definition for this message. If any rules are violated, the first
+// error encountered is returned, or nil if there are no violations.
+func (m *ResponseMapper) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on ResponseMapper with the rules defined
+// in the proto definition for this message. If any rules are violated, the
+// result is a list of violation errors wrapped in ResponseMapperMultiError,
+// or nil if none found.
+func (m *ResponseMapper) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *ResponseMapper) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	if m.GetFilter() == nil {
+		err := ResponseMapperValidationError{
+			field:  "Filter",
+			reason: "value is required",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+	}
+
+	if all {
+		switch v := interface{}(m.GetFilter()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, ResponseMapperValidationError{
+					field:  "Filter",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, ResponseMapperValidationError{
+					field:  "Filter",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetFilter()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return ResponseMapperValidationError{
+				field:  "Filter",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if wrapper := m.GetStatusCode(); wrapper != nil {
+
+		if val := wrapper.GetValue(); val < 200 || val >= 600 {
+			err := ResponseMapperValidationError{
+				field:  "StatusCode",
+				reason: "value must be inside range [200, 600)",
+			}
+			if !all {
+				return err
+			}
+			errors = append(errors, err)
+		}
+
+	}
+
+	if all {
+		switch v := interface{}(m.GetBody()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, ResponseMapperValidationError{
+					field:  "Body",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, ResponseMapperValidationError{
+					field:  "Body",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetBody()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return ResponseMapperValidationError{
+				field:  "Body",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if all {
+		switch v := interface{}(m.GetBodyFormatOverride()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, ResponseMapperValidationError{
+					field:  "BodyFormatOverride",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, ResponseMapperValidationError{
+					field:  "BodyFormatOverride",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetBodyFormatOverride()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return ResponseMapperValidationError{
+				field:  "BodyFormatOverride",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if len(m.GetHeadersToAdd()) > 1000 {
+		err := ResponseMapperValidationError{
+			field:  "HeadersToAdd",
+			reason: "value must contain no more than 1000 item(s)",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+	}
+
+	for idx, item := range m.GetHeadersToAdd() {
+		_, _ = idx, item
+
+		if all {
+			switch v := interface{}(item).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, ResponseMapperValidationError{
+						field:  fmt.Sprintf("HeadersToAdd[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, ResponseMapperValidationError{
+						field:  fmt.Sprintf("HeadersToAdd[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(item).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return ResponseMapperValidationError{
+					field:  fmt.Sprintf("HeadersToAdd[%v]", idx),
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	}
+
+	if len(errors) > 0 {
+		return ResponseMapperMultiError(errors)
+	}
+	return nil
+}
+
+// ResponseMapperMultiError is an error wrapping multiple validation errors
+// returned by ResponseMapper.ValidateAll() if the designated constraints
+// aren't met.
+type ResponseMapperMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m ResponseMapperMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m ResponseMapperMultiError) AllErrors() []error { return m }
+
+// ResponseMapperValidationError is the validation error returned by
+// ResponseMapper.Validate if the designated constraints aren't met.
+type ResponseMapperValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e ResponseMapperValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e ResponseMapperValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e ResponseMapperValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e ResponseMapperValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e ResponseMapperValidationError) ErrorName() string { return "ResponseMapperValidationError" }
+
+// Error satisfies the builtin error interface
+func (e ResponseMapperValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sResponseMapper.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = ResponseMapperValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = ResponseMapperValidationError{}
+
+// Validate checks the field values on Rds with the rules defined in the proto
+// definition for this message. If any rules are violated, the first error
+// encountered is returned, or nil if there are no violations.
+func (m *Rds) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on Rds with the rules defined in the
+// proto definition for this message. If any rules are violated, the result is
+// a list of violation errors wrapped in RdsMultiError, or nil if none found.
+func (m *Rds) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *Rds) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	if m.GetConfigSource() == nil {
+		err := RdsValidationError{
+			field:  "ConfigSource",
+			reason: "value is required",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+	}
+
+	if all {
+		switch v := interface{}(m.GetConfigSource()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, RdsValidationError{
+					field:  "ConfigSource",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, RdsValidationError{
+					field:  "ConfigSource",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetConfigSource()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return RdsValidationError{
+				field:  "ConfigSource",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	// no validation rules for RouteConfigName
+
+	if len(errors) > 0 {
+		return RdsMultiError(errors)
+	}
+	return nil
+}
+
+// RdsMultiError is an error wrapping multiple validation errors returned by
+// Rds.ValidateAll() if the designated constraints aren't met.
+type RdsMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m RdsMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m RdsMultiError) AllErrors() []error { return m }
+
+// RdsValidationError is the validation error returned by Rds.Validate if the
+// designated constraints aren't met.
+type RdsValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e RdsValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e RdsValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e RdsValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e RdsValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e RdsValidationError) ErrorName() string { return "RdsValidationError" }
+
+// Error satisfies the builtin error interface
+func (e RdsValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sRds.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = RdsValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = RdsValidationError{}
+
+// Validate checks the field values on ScopedRouteConfigurationsList with the
+// rules defined in the proto definition for this message. If any rules are
+// violated, the first error encountered is returned, or nil if there are no violations.
+func (m *ScopedRouteConfigurationsList) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on ScopedRouteConfigurationsList with
+// the rules defined in the proto definition for this message. If any rules
+// are violated, the result is a list of violation errors wrapped in
+// ScopedRouteConfigurationsListMultiError, or nil if none found.
+func (m *ScopedRouteConfigurationsList) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *ScopedRouteConfigurationsList) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	if len(m.GetScopedRouteConfigurations()) < 1 {
+		err := ScopedRouteConfigurationsListValidationError{
+			field:  "ScopedRouteConfigurations",
+			reason: "value must contain at least 1 item(s)",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+	}
+
+	for idx, item := range m.GetScopedRouteConfigurations() {
+		_, _ = idx, item
+
+		if all {
+			switch v := interface{}(item).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, ScopedRouteConfigurationsListValidationError{
+						field:  fmt.Sprintf("ScopedRouteConfigurations[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, ScopedRouteConfigurationsListValidationError{
+						field:  fmt.Sprintf("ScopedRouteConfigurations[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(item).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return ScopedRouteConfigurationsListValidationError{
+					field:  fmt.Sprintf("ScopedRouteConfigurations[%v]", idx),
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	}
+
+	if len(errors) > 0 {
+		return ScopedRouteConfigurationsListMultiError(errors)
+	}
+	return nil
+}
+
+// ScopedRouteConfigurationsListMultiError is an error wrapping multiple
+// validation errors returned by ScopedRouteConfigurationsList.ValidateAll()
+// if the designated constraints aren't met.
+type ScopedRouteConfigurationsListMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m ScopedRouteConfigurationsListMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m ScopedRouteConfigurationsListMultiError) AllErrors() []error { return m }
+
+// ScopedRouteConfigurationsListValidationError is the validation error
+// returned by ScopedRouteConfigurationsList.Validate if the designated
+// constraints aren't met.
+type ScopedRouteConfigurationsListValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e ScopedRouteConfigurationsListValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e ScopedRouteConfigurationsListValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e ScopedRouteConfigurationsListValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e ScopedRouteConfigurationsListValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e ScopedRouteConfigurationsListValidationError) ErrorName() string {
+	return "ScopedRouteConfigurationsListValidationError"
+}
+
+// Error satisfies the builtin error interface
+func (e ScopedRouteConfigurationsListValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sScopedRouteConfigurationsList.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = ScopedRouteConfigurationsListValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = ScopedRouteConfigurationsListValidationError{}
+
+// Validate checks the field values on ScopedRoutes with the rules defined in
+// the proto definition for this message. If any rules are violated, the first
+// error encountered is returned, or nil if there are no violations.
+func (m *ScopedRoutes) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on ScopedRoutes with the rules defined
+// in the proto definition for this message. If any rules are violated, the
+// result is a list of violation errors wrapped in ScopedRoutesMultiError, or
+// nil if none found.
+func (m *ScopedRoutes) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *ScopedRoutes) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	if utf8.RuneCountInString(m.GetName()) < 1 {
+		err := ScopedRoutesValidationError{
+			field:  "Name",
+			reason: "value length must be at least 1 runes",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+	}
+
+	if m.GetScopeKeyBuilder() == nil {
+		err := ScopedRoutesValidationError{
+			field:  "ScopeKeyBuilder",
+			reason: "value is required",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+	}
+
+	if all {
+		switch v := interface{}(m.GetScopeKeyBuilder()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, ScopedRoutesValidationError{
+					field:  "ScopeKeyBuilder",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, ScopedRoutesValidationError{
+					field:  "ScopeKeyBuilder",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetScopeKeyBuilder()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return ScopedRoutesValidationError{
+				field:  "ScopeKeyBuilder",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if all {
+		switch v := interface{}(m.GetRdsConfigSource()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, ScopedRoutesValidationError{
+					field:  "RdsConfigSource",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, ScopedRoutesValidationError{
+					field:  "RdsConfigSource",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetRdsConfigSource()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return ScopedRoutesValidationError{
+				field:  "RdsConfigSource",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	switch m.ConfigSpecifier.(type) {
+
+	case *ScopedRoutes_ScopedRouteConfigurationsList:
+
+		if all {
+			switch v := interface{}(m.GetScopedRouteConfigurationsList()).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, ScopedRoutesValidationError{
+						field:  "ScopedRouteConfigurationsList",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, ScopedRoutesValidationError{
+						field:  "ScopedRouteConfigurationsList",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(m.GetScopedRouteConfigurationsList()).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return ScopedRoutesValidationError{
+					field:  "ScopedRouteConfigurationsList",
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	case *ScopedRoutes_ScopedRds:
+
+		if all {
+			switch v := interface{}(m.GetScopedRds()).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, ScopedRoutesValidationError{
+						field:  "ScopedRds",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, ScopedRoutesValidationError{
+						field:  "ScopedRds",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(m.GetScopedRds()).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return ScopedRoutesValidationError{
+					field:  "ScopedRds",
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	default:
+		err := ScopedRoutesValidationError{
+			field:  "ConfigSpecifier",
+			reason: "value is required",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+
+	}
+
+	if len(errors) > 0 {
+		return ScopedRoutesMultiError(errors)
+	}
+	return nil
+}
+
+// ScopedRoutesMultiError is an error wrapping multiple validation errors
+// returned by ScopedRoutes.ValidateAll() if the designated constraints aren't met.
+type ScopedRoutesMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m ScopedRoutesMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m ScopedRoutesMultiError) AllErrors() []error { return m }
+
+// ScopedRoutesValidationError is the validation error returned by
+// ScopedRoutes.Validate if the designated constraints aren't met.
+type ScopedRoutesValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e ScopedRoutesValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e ScopedRoutesValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e ScopedRoutesValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e ScopedRoutesValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e ScopedRoutesValidationError) ErrorName() string { return "ScopedRoutesValidationError" }
+
+// Error satisfies the builtin error interface
+func (e ScopedRoutesValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sScopedRoutes.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = ScopedRoutesValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = ScopedRoutesValidationError{}
+
+// Validate checks the field values on ScopedRds with the rules defined in the
+// proto definition for this message. If any rules are violated, the first
+// error encountered is returned, or nil if there are no violations.
+func (m *ScopedRds) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on ScopedRds with the rules defined in
+// the proto definition for this message. If any rules are violated, the
+// result is a list of violation errors wrapped in ScopedRdsMultiError, or nil
+// if none found.
+func (m *ScopedRds) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *ScopedRds) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	if m.GetScopedRdsConfigSource() == nil {
+		err := ScopedRdsValidationError{
+			field:  "ScopedRdsConfigSource",
+			reason: "value is required",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+	}
+
+	if all {
+		switch v := interface{}(m.GetScopedRdsConfigSource()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, ScopedRdsValidationError{
+					field:  "ScopedRdsConfigSource",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, ScopedRdsValidationError{
+					field:  "ScopedRdsConfigSource",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetScopedRdsConfigSource()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return ScopedRdsValidationError{
+				field:  "ScopedRdsConfigSource",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	// no validation rules for SrdsResourcesLocator
+
+	if len(errors) > 0 {
+		return ScopedRdsMultiError(errors)
+	}
+	return nil
+}
+
+// ScopedRdsMultiError is an error wrapping multiple validation errors returned
+// by ScopedRds.ValidateAll() if the designated constraints aren't met.
+type ScopedRdsMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m ScopedRdsMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m ScopedRdsMultiError) AllErrors() []error { return m }
+
+// ScopedRdsValidationError is the validation error returned by
+// ScopedRds.Validate if the designated constraints aren't met.
+type ScopedRdsValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e ScopedRdsValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e ScopedRdsValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e ScopedRdsValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e ScopedRdsValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e ScopedRdsValidationError) ErrorName() string { return "ScopedRdsValidationError" }
+
+// Error satisfies the builtin error interface
+func (e ScopedRdsValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sScopedRds.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = ScopedRdsValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = ScopedRdsValidationError{}
+
+// Validate checks the field values on HttpFilter with the rules defined in the
+// proto definition for this message. If any rules are violated, the first
+// error encountered is returned, or nil if there are no violations.
+func (m *HttpFilter) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on HttpFilter with the rules defined in
+// the proto definition for this message. If any rules are violated, the
+// result is a list of violation errors wrapped in HttpFilterMultiError, or
+// nil if none found.
+func (m *HttpFilter) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *HttpFilter) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	if utf8.RuneCountInString(m.GetName()) < 1 {
+		err := HttpFilterValidationError{
+			field:  "Name",
+			reason: "value length must be at least 1 runes",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+	}
+
+	// no validation rules for IsOptional
+
+	switch m.ConfigType.(type) {
+
+	case *HttpFilter_TypedConfig:
+
+		if all {
+			switch v := interface{}(m.GetTypedConfig()).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, HttpFilterValidationError{
+						field:  "TypedConfig",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, HttpFilterValidationError{
+						field:  "TypedConfig",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(m.GetTypedConfig()).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return HttpFilterValidationError{
+					field:  "TypedConfig",
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	case *HttpFilter_ConfigDiscovery:
+
+		if all {
+			switch v := interface{}(m.GetConfigDiscovery()).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, HttpFilterValidationError{
+						field:  "ConfigDiscovery",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, HttpFilterValidationError{
+						field:  "ConfigDiscovery",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(m.GetConfigDiscovery()).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return HttpFilterValidationError{
+					field:  "ConfigDiscovery",
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	}
+
+	if len(errors) > 0 {
+		return HttpFilterMultiError(errors)
+	}
+	return nil
+}
+
+// HttpFilterMultiError is an error wrapping multiple validation errors
+// returned by HttpFilter.ValidateAll() if the designated constraints aren't met.
+type HttpFilterMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m HttpFilterMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m HttpFilterMultiError) AllErrors() []error { return m }
+
+// HttpFilterValidationError is the validation error returned by
+// HttpFilter.Validate if the designated constraints aren't met.
+type HttpFilterValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e HttpFilterValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e HttpFilterValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e HttpFilterValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e HttpFilterValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e HttpFilterValidationError) ErrorName() string { return "HttpFilterValidationError" }
+
+// Error satisfies the builtin error interface
+func (e HttpFilterValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sHttpFilter.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = HttpFilterValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = HttpFilterValidationError{}
+
+// Validate checks the field values on RequestIDExtension with the rules
+// defined in the proto definition for this message. If any rules are
+// violated, the first error encountered is returned, or nil if there are no violations.
+func (m *RequestIDExtension) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on RequestIDExtension with the rules
+// defined in the proto definition for this message. If any rules are
+// violated, the result is a list of violation errors wrapped in
+// RequestIDExtensionMultiError, or nil if none found.
+func (m *RequestIDExtension) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *RequestIDExtension) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	if all {
+		switch v := interface{}(m.GetTypedConfig()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, RequestIDExtensionValidationError{
+					field:  "TypedConfig",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, RequestIDExtensionValidationError{
+					field:  "TypedConfig",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetTypedConfig()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return RequestIDExtensionValidationError{
+				field:  "TypedConfig",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if len(errors) > 0 {
+		return RequestIDExtensionMultiError(errors)
+	}
+	return nil
+}
+
+// RequestIDExtensionMultiError is an error wrapping multiple validation errors
+// returned by RequestIDExtension.ValidateAll() if the designated constraints
+// aren't met.
+type RequestIDExtensionMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m RequestIDExtensionMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m RequestIDExtensionMultiError) AllErrors() []error { return m }
+
+// RequestIDExtensionValidationError is the validation error returned by
+// RequestIDExtension.Validate if the designated constraints aren't met.
+type RequestIDExtensionValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e RequestIDExtensionValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e RequestIDExtensionValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e RequestIDExtensionValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e RequestIDExtensionValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e RequestIDExtensionValidationError) ErrorName() string {
+	return "RequestIDExtensionValidationError"
+}
+
+// Error satisfies the builtin error interface
+func (e RequestIDExtensionValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sRequestIDExtension.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = RequestIDExtensionValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = RequestIDExtensionValidationError{}
+
+// Validate checks the field values on EnvoyMobileHttpConnectionManager with
+// the rules defined in the proto definition for this message. If any rules
+// are violated, the first error encountered is returned, or nil if there are
+// no violations.
+func (m *EnvoyMobileHttpConnectionManager) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on EnvoyMobileHttpConnectionManager with
+// the rules defined in the proto definition for this message. If any rules
+// are violated, the result is a list of violation errors wrapped in
+// EnvoyMobileHttpConnectionManagerMultiError, or nil if none found.
+func (m *EnvoyMobileHttpConnectionManager) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *EnvoyMobileHttpConnectionManager) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	if all {
+		switch v := interface{}(m.GetConfig()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, EnvoyMobileHttpConnectionManagerValidationError{
+					field:  "Config",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, EnvoyMobileHttpConnectionManagerValidationError{
+					field:  "Config",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetConfig()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return EnvoyMobileHttpConnectionManagerValidationError{
+				field:  "Config",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if len(errors) > 0 {
+		return EnvoyMobileHttpConnectionManagerMultiError(errors)
+	}
+	return nil
+}
+
+// EnvoyMobileHttpConnectionManagerMultiError is an error wrapping multiple
+// validation errors returned by
+// EnvoyMobileHttpConnectionManager.ValidateAll() if the designated
+// constraints aren't met.
+type EnvoyMobileHttpConnectionManagerMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m EnvoyMobileHttpConnectionManagerMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m EnvoyMobileHttpConnectionManagerMultiError) AllErrors() []error { return m }
+
+// EnvoyMobileHttpConnectionManagerValidationError is the validation error
+// returned by EnvoyMobileHttpConnectionManager.Validate if the designated
+// constraints aren't met.
+type EnvoyMobileHttpConnectionManagerValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e EnvoyMobileHttpConnectionManagerValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e EnvoyMobileHttpConnectionManagerValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e EnvoyMobileHttpConnectionManagerValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e EnvoyMobileHttpConnectionManagerValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e EnvoyMobileHttpConnectionManagerValidationError) ErrorName() string {
+	return "EnvoyMobileHttpConnectionManagerValidationError"
+}
+
+// Error satisfies the builtin error interface
+func (e EnvoyMobileHttpConnectionManagerValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sEnvoyMobileHttpConnectionManager.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = EnvoyMobileHttpConnectionManagerValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = EnvoyMobileHttpConnectionManagerValidationError{}
+
+// Validate checks the field values on HttpConnectionManager_Tracing with the
+// rules defined in the proto definition for this message. If any rules are
+// violated, the first error encountered is returned, or nil if there are no violations.
+func (m *HttpConnectionManager_Tracing) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on HttpConnectionManager_Tracing with
+// the rules defined in the proto definition for this message. If any rules
+// are violated, the result is a list of violation errors wrapped in
+// HttpConnectionManager_TracingMultiError, or nil if none found.
+func (m *HttpConnectionManager_Tracing) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *HttpConnectionManager_Tracing) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	if all {
+		switch v := interface{}(m.GetClientSampling()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, HttpConnectionManager_TracingValidationError{
+					field:  "ClientSampling",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, HttpConnectionManager_TracingValidationError{
+					field:  "ClientSampling",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetClientSampling()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return HttpConnectionManager_TracingValidationError{
+				field:  "ClientSampling",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if all {
+		switch v := interface{}(m.GetRandomSampling()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, HttpConnectionManager_TracingValidationError{
+					field:  "RandomSampling",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, HttpConnectionManager_TracingValidationError{
+					field:  "RandomSampling",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetRandomSampling()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return HttpConnectionManager_TracingValidationError{
+				field:  "RandomSampling",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if all {
+		switch v := interface{}(m.GetOverallSampling()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, HttpConnectionManager_TracingValidationError{
+					field:  "OverallSampling",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, HttpConnectionManager_TracingValidationError{
+					field:  "OverallSampling",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetOverallSampling()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return HttpConnectionManager_TracingValidationError{
+				field:  "OverallSampling",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	// no validation rules for Verbose
+
+	if all {
+		switch v := interface{}(m.GetMaxPathTagLength()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, HttpConnectionManager_TracingValidationError{
+					field:  "MaxPathTagLength",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, HttpConnectionManager_TracingValidationError{
+					field:  "MaxPathTagLength",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetMaxPathTagLength()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return HttpConnectionManager_TracingValidationError{
+				field:  "MaxPathTagLength",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	for idx, item := range m.GetCustomTags() {
+		_, _ = idx, item
+
+		if all {
+			switch v := interface{}(item).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, HttpConnectionManager_TracingValidationError{
+						field:  fmt.Sprintf("CustomTags[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, HttpConnectionManager_TracingValidationError{
+						field:  fmt.Sprintf("CustomTags[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(item).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return HttpConnectionManager_TracingValidationError{
+					field:  fmt.Sprintf("CustomTags[%v]", idx),
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	}
+
+	if all {
+		switch v := interface{}(m.GetProvider()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, HttpConnectionManager_TracingValidationError{
+					field:  "Provider",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, HttpConnectionManager_TracingValidationError{
+					field:  "Provider",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetProvider()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return HttpConnectionManager_TracingValidationError{
+				field:  "Provider",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if len(errors) > 0 {
+		return HttpConnectionManager_TracingMultiError(errors)
+	}
+	return nil
+}
+
+// HttpConnectionManager_TracingMultiError is an error wrapping multiple
+// validation errors returned by HttpConnectionManager_Tracing.ValidateAll()
+// if the designated constraints aren't met.
+type HttpConnectionManager_TracingMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m HttpConnectionManager_TracingMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m HttpConnectionManager_TracingMultiError) AllErrors() []error { return m }
+
+// HttpConnectionManager_TracingValidationError is the validation error
+// returned by HttpConnectionManager_Tracing.Validate if the designated
+// constraints aren't met.
+type HttpConnectionManager_TracingValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e HttpConnectionManager_TracingValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e HttpConnectionManager_TracingValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e HttpConnectionManager_TracingValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e HttpConnectionManager_TracingValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e HttpConnectionManager_TracingValidationError) ErrorName() string {
+	return "HttpConnectionManager_TracingValidationError"
+}
+
+// Error satisfies the builtin error interface
+func (e HttpConnectionManager_TracingValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sHttpConnectionManager_Tracing.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = HttpConnectionManager_TracingValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = HttpConnectionManager_TracingValidationError{}
+
+// Validate checks the field values on
+// HttpConnectionManager_InternalAddressConfig with the rules defined in the
+// proto definition for this message. If any rules are violated, the first
+// error encountered is returned, or nil if there are no violations.
+func (m *HttpConnectionManager_InternalAddressConfig) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on
+// HttpConnectionManager_InternalAddressConfig with the rules defined in the
+// proto definition for this message. If any rules are violated, the result is
+// a list of violation errors wrapped in
+// HttpConnectionManager_InternalAddressConfigMultiError, or nil if none found.
+func (m *HttpConnectionManager_InternalAddressConfig) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *HttpConnectionManager_InternalAddressConfig) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	// no validation rules for UnixSockets
+
+	if len(errors) > 0 {
+		return HttpConnectionManager_InternalAddressConfigMultiError(errors)
+	}
+	return nil
+}
+
+// HttpConnectionManager_InternalAddressConfigMultiError is an error wrapping
+// multiple validation errors returned by
+// HttpConnectionManager_InternalAddressConfig.ValidateAll() if the designated
+// constraints aren't met.
+type HttpConnectionManager_InternalAddressConfigMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m HttpConnectionManager_InternalAddressConfigMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m HttpConnectionManager_InternalAddressConfigMultiError) AllErrors() []error { return m }
+
+// HttpConnectionManager_InternalAddressConfigValidationError is the validation
+// error returned by HttpConnectionManager_InternalAddressConfig.Validate if
+// the designated constraints aren't met.
+type HttpConnectionManager_InternalAddressConfigValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e HttpConnectionManager_InternalAddressConfigValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e HttpConnectionManager_InternalAddressConfigValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e HttpConnectionManager_InternalAddressConfigValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e HttpConnectionManager_InternalAddressConfigValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e HttpConnectionManager_InternalAddressConfigValidationError) ErrorName() string {
+	return "HttpConnectionManager_InternalAddressConfigValidationError"
+}
+
+// Error satisfies the builtin error interface
+func (e HttpConnectionManager_InternalAddressConfigValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sHttpConnectionManager_InternalAddressConfig.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = HttpConnectionManager_InternalAddressConfigValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = HttpConnectionManager_InternalAddressConfigValidationError{}
+
+// Validate checks the field values on
+// HttpConnectionManager_SetCurrentClientCertDetails with the rules defined in
+// the proto definition for this message. If any rules are violated, the first
+// error encountered is returned, or nil if there are no violations.
+func (m *HttpConnectionManager_SetCurrentClientCertDetails) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on
+// HttpConnectionManager_SetCurrentClientCertDetails with the rules defined in
+// the proto definition for this message. If any rules are violated, the
+// result is a list of violation errors wrapped in
+// HttpConnectionManager_SetCurrentClientCertDetailsMultiError, or nil if none found.
+func (m *HttpConnectionManager_SetCurrentClientCertDetails) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *HttpConnectionManager_SetCurrentClientCertDetails) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	if all {
+		switch v := interface{}(m.GetSubject()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, HttpConnectionManager_SetCurrentClientCertDetailsValidationError{
+					field:  "Subject",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, HttpConnectionManager_SetCurrentClientCertDetailsValidationError{
+					field:  "Subject",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetSubject()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return HttpConnectionManager_SetCurrentClientCertDetailsValidationError{
+				field:  "Subject",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	// no validation rules for Cert
+
+	// no validation rules for Chain
+
+	// no validation rules for Dns
+
+	// no validation rules for Uri
+
+	if len(errors) > 0 {
+		return HttpConnectionManager_SetCurrentClientCertDetailsMultiError(errors)
+	}
+	return nil
+}
+
+// HttpConnectionManager_SetCurrentClientCertDetailsMultiError is an error
+// wrapping multiple validation errors returned by
+// HttpConnectionManager_SetCurrentClientCertDetails.ValidateAll() if the
+// designated constraints aren't met.
+type HttpConnectionManager_SetCurrentClientCertDetailsMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m HttpConnectionManager_SetCurrentClientCertDetailsMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m HttpConnectionManager_SetCurrentClientCertDetailsMultiError) AllErrors() []error { return m }
+
+// HttpConnectionManager_SetCurrentClientCertDetailsValidationError is the
+// validation error returned by
+// HttpConnectionManager_SetCurrentClientCertDetails.Validate if the
+// designated constraints aren't met.
+type HttpConnectionManager_SetCurrentClientCertDetailsValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e HttpConnectionManager_SetCurrentClientCertDetailsValidationError) Field() string {
+	return e.field
+}
+
+// Reason function returns reason value.
+func (e HttpConnectionManager_SetCurrentClientCertDetailsValidationError) Reason() string {
+	return e.reason
+}
+
+// Cause function returns cause value.
+func (e HttpConnectionManager_SetCurrentClientCertDetailsValidationError) Cause() error {
+	return e.cause
+}
+
+// Key function returns key value.
+func (e HttpConnectionManager_SetCurrentClientCertDetailsValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e HttpConnectionManager_SetCurrentClientCertDetailsValidationError) ErrorName() string {
+	return "HttpConnectionManager_SetCurrentClientCertDetailsValidationError"
+}
+
+// Error satisfies the builtin error interface
+func (e HttpConnectionManager_SetCurrentClientCertDetailsValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sHttpConnectionManager_SetCurrentClientCertDetails.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = HttpConnectionManager_SetCurrentClientCertDetailsValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = HttpConnectionManager_SetCurrentClientCertDetailsValidationError{}
+
+// Validate checks the field values on HttpConnectionManager_UpgradeConfig with
+// the rules defined in the proto definition for this message. If any rules
+// are violated, the first error encountered is returned, or nil if there are
+// no violations.
+func (m *HttpConnectionManager_UpgradeConfig) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on HttpConnectionManager_UpgradeConfig
+// with the rules defined in the proto definition for this message. If any
+// rules are violated, the result is a list of violation errors wrapped in
+// HttpConnectionManager_UpgradeConfigMultiError, or nil if none found.
+func (m *HttpConnectionManager_UpgradeConfig) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *HttpConnectionManager_UpgradeConfig) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	// no validation rules for UpgradeType
+
+	for idx, item := range m.GetFilters() {
+		_, _ = idx, item
+
+		if all {
+			switch v := interface{}(item).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, HttpConnectionManager_UpgradeConfigValidationError{
+						field:  fmt.Sprintf("Filters[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, HttpConnectionManager_UpgradeConfigValidationError{
+						field:  fmt.Sprintf("Filters[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(item).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return HttpConnectionManager_UpgradeConfigValidationError{
+					field:  fmt.Sprintf("Filters[%v]", idx),
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	}
+
+	if all {
+		switch v := interface{}(m.GetEnabled()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, HttpConnectionManager_UpgradeConfigValidationError{
+					field:  "Enabled",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, HttpConnectionManager_UpgradeConfigValidationError{
+					field:  "Enabled",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetEnabled()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return HttpConnectionManager_UpgradeConfigValidationError{
+				field:  "Enabled",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if len(errors) > 0 {
+		return HttpConnectionManager_UpgradeConfigMultiError(errors)
+	}
+	return nil
+}
+
+// HttpConnectionManager_UpgradeConfigMultiError is an error wrapping multiple
+// validation errors returned by
+// HttpConnectionManager_UpgradeConfig.ValidateAll() if the designated
+// constraints aren't met.
+type HttpConnectionManager_UpgradeConfigMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m HttpConnectionManager_UpgradeConfigMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m HttpConnectionManager_UpgradeConfigMultiError) AllErrors() []error { return m }
+
+// HttpConnectionManager_UpgradeConfigValidationError is the validation error
+// returned by HttpConnectionManager_UpgradeConfig.Validate if the designated
+// constraints aren't met.
+type HttpConnectionManager_UpgradeConfigValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e HttpConnectionManager_UpgradeConfigValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e HttpConnectionManager_UpgradeConfigValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e HttpConnectionManager_UpgradeConfigValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e HttpConnectionManager_UpgradeConfigValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e HttpConnectionManager_UpgradeConfigValidationError) ErrorName() string {
+	return "HttpConnectionManager_UpgradeConfigValidationError"
+}
+
+// Error satisfies the builtin error interface
+func (e HttpConnectionManager_UpgradeConfigValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sHttpConnectionManager_UpgradeConfig.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = HttpConnectionManager_UpgradeConfigValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = HttpConnectionManager_UpgradeConfigValidationError{}
+
+// Validate checks the field values on
+// HttpConnectionManager_PathNormalizationOptions with the rules defined in
+// the proto definition for this message. If any rules are violated, the first
+// error encountered is returned, or nil if there are no violations.
+func (m *HttpConnectionManager_PathNormalizationOptions) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on
+// HttpConnectionManager_PathNormalizationOptions with the rules defined in
+// the proto definition for this message. If any rules are violated, the
+// result is a list of violation errors wrapped in
+// HttpConnectionManager_PathNormalizationOptionsMultiError, or nil if none found.
+func (m *HttpConnectionManager_PathNormalizationOptions) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *HttpConnectionManager_PathNormalizationOptions) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	if all {
+		switch v := interface{}(m.GetForwardingTransformation()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, HttpConnectionManager_PathNormalizationOptionsValidationError{
+					field:  "ForwardingTransformation",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, HttpConnectionManager_PathNormalizationOptionsValidationError{
+					field:  "ForwardingTransformation",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetForwardingTransformation()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return HttpConnectionManager_PathNormalizationOptionsValidationError{
+				field:  "ForwardingTransformation",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if all {
+		switch v := interface{}(m.GetHttpFilterTransformation()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, HttpConnectionManager_PathNormalizationOptionsValidationError{
+					field:  "HttpFilterTransformation",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, HttpConnectionManager_PathNormalizationOptionsValidationError{
+					field:  "HttpFilterTransformation",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetHttpFilterTransformation()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return HttpConnectionManager_PathNormalizationOptionsValidationError{
+				field:  "HttpFilterTransformation",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if len(errors) > 0 {
+		return HttpConnectionManager_PathNormalizationOptionsMultiError(errors)
+	}
+	return nil
+}
+
+// HttpConnectionManager_PathNormalizationOptionsMultiError is an error
+// wrapping multiple validation errors returned by
+// HttpConnectionManager_PathNormalizationOptions.ValidateAll() if the
+// designated constraints aren't met.
+type HttpConnectionManager_PathNormalizationOptionsMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m HttpConnectionManager_PathNormalizationOptionsMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m HttpConnectionManager_PathNormalizationOptionsMultiError) AllErrors() []error { return m }
+
+// HttpConnectionManager_PathNormalizationOptionsValidationError is the
+// validation error returned by
+// HttpConnectionManager_PathNormalizationOptions.Validate if the designated
+// constraints aren't met.
+type HttpConnectionManager_PathNormalizationOptionsValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e HttpConnectionManager_PathNormalizationOptionsValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e HttpConnectionManager_PathNormalizationOptionsValidationError) Reason() string {
+	return e.reason
+}
+
+// Cause function returns cause value.
+func (e HttpConnectionManager_PathNormalizationOptionsValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e HttpConnectionManager_PathNormalizationOptionsValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e HttpConnectionManager_PathNormalizationOptionsValidationError) ErrorName() string {
+	return "HttpConnectionManager_PathNormalizationOptionsValidationError"
+}
+
+// Error satisfies the builtin error interface
+func (e HttpConnectionManager_PathNormalizationOptionsValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sHttpConnectionManager_PathNormalizationOptions.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = HttpConnectionManager_PathNormalizationOptionsValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = HttpConnectionManager_PathNormalizationOptionsValidationError{}
+
+// Validate checks the field values on ScopedRoutes_ScopeKeyBuilder with the
+// rules defined in the proto definition for this message. If any rules are
+// violated, the first error encountered is returned, or nil if there are no violations.
+func (m *ScopedRoutes_ScopeKeyBuilder) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on ScopedRoutes_ScopeKeyBuilder with the
+// rules defined in the proto definition for this message. If any rules are
+// violated, the result is a list of violation errors wrapped in
+// ScopedRoutes_ScopeKeyBuilderMultiError, or nil if none found.
+func (m *ScopedRoutes_ScopeKeyBuilder) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *ScopedRoutes_ScopeKeyBuilder) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	if len(m.GetFragments()) < 1 {
+		err := ScopedRoutes_ScopeKeyBuilderValidationError{
+			field:  "Fragments",
+			reason: "value must contain at least 1 item(s)",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+	}
+
+	for idx, item := range m.GetFragments() {
+		_, _ = idx, item
+
+		if all {
+			switch v := interface{}(item).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, ScopedRoutes_ScopeKeyBuilderValidationError{
+						field:  fmt.Sprintf("Fragments[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, ScopedRoutes_ScopeKeyBuilderValidationError{
+						field:  fmt.Sprintf("Fragments[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(item).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return ScopedRoutes_ScopeKeyBuilderValidationError{
+					field:  fmt.Sprintf("Fragments[%v]", idx),
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	}
+
+	if len(errors) > 0 {
+		return ScopedRoutes_ScopeKeyBuilderMultiError(errors)
+	}
+	return nil
+}
+
+// ScopedRoutes_ScopeKeyBuilderMultiError is an error wrapping multiple
+// validation errors returned by ScopedRoutes_ScopeKeyBuilder.ValidateAll() if
+// the designated constraints aren't met.
+type ScopedRoutes_ScopeKeyBuilderMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m ScopedRoutes_ScopeKeyBuilderMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m ScopedRoutes_ScopeKeyBuilderMultiError) AllErrors() []error { return m }
+
+// ScopedRoutes_ScopeKeyBuilderValidationError is the validation error returned
+// by ScopedRoutes_ScopeKeyBuilder.Validate if the designated constraints
+// aren't met.
+type ScopedRoutes_ScopeKeyBuilderValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e ScopedRoutes_ScopeKeyBuilderValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e ScopedRoutes_ScopeKeyBuilderValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e ScopedRoutes_ScopeKeyBuilderValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e ScopedRoutes_ScopeKeyBuilderValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e ScopedRoutes_ScopeKeyBuilderValidationError) ErrorName() string {
+	return "ScopedRoutes_ScopeKeyBuilderValidationError"
+}
+
+// Error satisfies the builtin error interface
+func (e ScopedRoutes_ScopeKeyBuilderValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sScopedRoutes_ScopeKeyBuilder.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = ScopedRoutes_ScopeKeyBuilderValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = ScopedRoutes_ScopeKeyBuilderValidationError{}
+
+// Validate checks the field values on
+// ScopedRoutes_ScopeKeyBuilder_FragmentBuilder with the rules defined in the
+// proto definition for this message. If any rules are violated, the first
+// error encountered is returned, or nil if there are no violations.
+func (m *ScopedRoutes_ScopeKeyBuilder_FragmentBuilder) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on
+// ScopedRoutes_ScopeKeyBuilder_FragmentBuilder with the rules defined in the
+// proto definition for this message. If any rules are violated, the result is
+// a list of violation errors wrapped in
+// ScopedRoutes_ScopeKeyBuilder_FragmentBuilderMultiError, or nil if none found.
+func (m *ScopedRoutes_ScopeKeyBuilder_FragmentBuilder) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *ScopedRoutes_ScopeKeyBuilder_FragmentBuilder) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	switch m.Type.(type) {
+
+	case *ScopedRoutes_ScopeKeyBuilder_FragmentBuilder_HeaderValueExtractor_:
+
+		if all {
+			switch v := interface{}(m.GetHeaderValueExtractor()).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, ScopedRoutes_ScopeKeyBuilder_FragmentBuilderValidationError{
+						field:  "HeaderValueExtractor",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, ScopedRoutes_ScopeKeyBuilder_FragmentBuilderValidationError{
+						field:  "HeaderValueExtractor",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(m.GetHeaderValueExtractor()).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return ScopedRoutes_ScopeKeyBuilder_FragmentBuilderValidationError{
+					field:  "HeaderValueExtractor",
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	default:
+		err := ScopedRoutes_ScopeKeyBuilder_FragmentBuilderValidationError{
+			field:  "Type",
+			reason: "value is required",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+
+	}
+
+	if len(errors) > 0 {
+		return ScopedRoutes_ScopeKeyBuilder_FragmentBuilderMultiError(errors)
+	}
+	return nil
+}
+
+// ScopedRoutes_ScopeKeyBuilder_FragmentBuilderMultiError is an error wrapping
+// multiple validation errors returned by
+// ScopedRoutes_ScopeKeyBuilder_FragmentBuilder.ValidateAll() if the
+// designated constraints aren't met.
+type ScopedRoutes_ScopeKeyBuilder_FragmentBuilderMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m ScopedRoutes_ScopeKeyBuilder_FragmentBuilderMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m ScopedRoutes_ScopeKeyBuilder_FragmentBuilderMultiError) AllErrors() []error { return m }
+
+// ScopedRoutes_ScopeKeyBuilder_FragmentBuilderValidationError is the
+// validation error returned by
+// ScopedRoutes_ScopeKeyBuilder_FragmentBuilder.Validate if the designated
+// constraints aren't met.
+type ScopedRoutes_ScopeKeyBuilder_FragmentBuilderValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e ScopedRoutes_ScopeKeyBuilder_FragmentBuilderValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e ScopedRoutes_ScopeKeyBuilder_FragmentBuilderValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e ScopedRoutes_ScopeKeyBuilder_FragmentBuilderValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e ScopedRoutes_ScopeKeyBuilder_FragmentBuilderValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e ScopedRoutes_ScopeKeyBuilder_FragmentBuilderValidationError) ErrorName() string {
+	return "ScopedRoutes_ScopeKeyBuilder_FragmentBuilderValidationError"
+}
+
+// Error satisfies the builtin error interface
+func (e ScopedRoutes_ScopeKeyBuilder_FragmentBuilderValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sScopedRoutes_ScopeKeyBuilder_FragmentBuilder.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = ScopedRoutes_ScopeKeyBuilder_FragmentBuilderValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = ScopedRoutes_ScopeKeyBuilder_FragmentBuilderValidationError{}
+
+// Validate checks the field values on
+// ScopedRoutes_ScopeKeyBuilder_FragmentBuilder_HeaderValueExtractor with the
+// rules defined in the proto definition for this message. If any rules are
+// violated, the first error encountered is returned, or nil if there are no violations.
+func (m *ScopedRoutes_ScopeKeyBuilder_FragmentBuilder_HeaderValueExtractor) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on
+// ScopedRoutes_ScopeKeyBuilder_FragmentBuilder_HeaderValueExtractor with the
+// rules defined in the proto definition for this message. If any rules are
+// violated, the result is a list of violation errors wrapped in
+// ScopedRoutes_ScopeKeyBuilder_FragmentBuilder_HeaderValueExtractorMultiError,
+// or nil if none found.
+func (m *ScopedRoutes_ScopeKeyBuilder_FragmentBuilder_HeaderValueExtractor) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *ScopedRoutes_ScopeKeyBuilder_FragmentBuilder_HeaderValueExtractor) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	if utf8.RuneCountInString(m.GetName()) < 1 {
+		err := ScopedRoutes_ScopeKeyBuilder_FragmentBuilder_HeaderValueExtractorValidationError{
+			field:  "Name",
+			reason: "value length must be at least 1 runes",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+	}
+
+	// no validation rules for ElementSeparator
+
+	switch m.ExtractType.(type) {
+
+	case *ScopedRoutes_ScopeKeyBuilder_FragmentBuilder_HeaderValueExtractor_Index:
+		// no validation rules for Index
+
+	case *ScopedRoutes_ScopeKeyBuilder_FragmentBuilder_HeaderValueExtractor_Element:
+
+		if all {
+			switch v := interface{}(m.GetElement()).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, ScopedRoutes_ScopeKeyBuilder_FragmentBuilder_HeaderValueExtractorValidationError{
+						field:  "Element",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, ScopedRoutes_ScopeKeyBuilder_FragmentBuilder_HeaderValueExtractorValidationError{
+						field:  "Element",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(m.GetElement()).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return ScopedRoutes_ScopeKeyBuilder_FragmentBuilder_HeaderValueExtractorValidationError{
+					field:  "Element",
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	}
+
+	if len(errors) > 0 {
+		return ScopedRoutes_ScopeKeyBuilder_FragmentBuilder_HeaderValueExtractorMultiError(errors)
+	}
+	return nil
+}
+
+// ScopedRoutes_ScopeKeyBuilder_FragmentBuilder_HeaderValueExtractorMultiError
+// is an error wrapping multiple validation errors returned by
+// ScopedRoutes_ScopeKeyBuilder_FragmentBuilder_HeaderValueExtractor.ValidateAll()
+// if the designated constraints aren't met.
+type ScopedRoutes_ScopeKeyBuilder_FragmentBuilder_HeaderValueExtractorMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m ScopedRoutes_ScopeKeyBuilder_FragmentBuilder_HeaderValueExtractorMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m ScopedRoutes_ScopeKeyBuilder_FragmentBuilder_HeaderValueExtractorMultiError) AllErrors() []error {
+	return m
+}
+
+// ScopedRoutes_ScopeKeyBuilder_FragmentBuilder_HeaderValueExtractorValidationError
+// is the validation error returned by
+// ScopedRoutes_ScopeKeyBuilder_FragmentBuilder_HeaderValueExtractor.Validate
+// if the designated constraints aren't met.
+type ScopedRoutes_ScopeKeyBuilder_FragmentBuilder_HeaderValueExtractorValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e ScopedRoutes_ScopeKeyBuilder_FragmentBuilder_HeaderValueExtractorValidationError) Field() string {
+	return e.field
+}
+
+// Reason function returns reason value.
+func (e ScopedRoutes_ScopeKeyBuilder_FragmentBuilder_HeaderValueExtractorValidationError) Reason() string {
+	return e.reason
+}
+
+// Cause function returns cause value.
+func (e ScopedRoutes_ScopeKeyBuilder_FragmentBuilder_HeaderValueExtractorValidationError) Cause() error {
+	return e.cause
+}
+
+// Key function returns key value.
+func (e ScopedRoutes_ScopeKeyBuilder_FragmentBuilder_HeaderValueExtractorValidationError) Key() bool {
+	return e.key
+}
+
+// ErrorName returns error name.
+func (e ScopedRoutes_ScopeKeyBuilder_FragmentBuilder_HeaderValueExtractorValidationError) ErrorName() string {
+	return "ScopedRoutes_ScopeKeyBuilder_FragmentBuilder_HeaderValueExtractorValidationError"
+}
+
+// Error satisfies the builtin error interface
+func (e ScopedRoutes_ScopeKeyBuilder_FragmentBuilder_HeaderValueExtractorValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sScopedRoutes_ScopeKeyBuilder_FragmentBuilder_HeaderValueExtractor.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = ScopedRoutes_ScopeKeyBuilder_FragmentBuilder_HeaderValueExtractorValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = ScopedRoutes_ScopeKeyBuilder_FragmentBuilder_HeaderValueExtractorValidationError{}
+
+// Validate checks the field values on
+// ScopedRoutes_ScopeKeyBuilder_FragmentBuilder_HeaderValueExtractor_KvElement
+// with the rules defined in the proto definition for this message. If any
+// rules are violated, the first error encountered is returned, or nil if
+// there are no violations.
+func (m *ScopedRoutes_ScopeKeyBuilder_FragmentBuilder_HeaderValueExtractor_KvElement) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on
+// ScopedRoutes_ScopeKeyBuilder_FragmentBuilder_HeaderValueExtractor_KvElement
+// with the rules defined in the proto definition for this message. If any
+// rules are violated, the result is a list of violation errors wrapped in
+// ScopedRoutes_ScopeKeyBuilder_FragmentBuilder_HeaderValueExtractor_KvElementMultiError,
+// or nil if none found.
+func (m *ScopedRoutes_ScopeKeyBuilder_FragmentBuilder_HeaderValueExtractor_KvElement) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *ScopedRoutes_ScopeKeyBuilder_FragmentBuilder_HeaderValueExtractor_KvElement) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	if utf8.RuneCountInString(m.GetSeparator()) < 1 {
+		err := ScopedRoutes_ScopeKeyBuilder_FragmentBuilder_HeaderValueExtractor_KvElementValidationError{
+			field:  "Separator",
+			reason: "value length must be at least 1 runes",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+	}
+
+	if utf8.RuneCountInString(m.GetKey()) < 1 {
+		err := ScopedRoutes_ScopeKeyBuilder_FragmentBuilder_HeaderValueExtractor_KvElementValidationError{
+			field:  "Key",
+			reason: "value length must be at least 1 runes",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+	}
+
+	if len(errors) > 0 {
+		return ScopedRoutes_ScopeKeyBuilder_FragmentBuilder_HeaderValueExtractor_KvElementMultiError(errors)
+	}
+	return nil
+}
+
+// ScopedRoutes_ScopeKeyBuilder_FragmentBuilder_HeaderValueExtractor_KvElementMultiError
+// is an error wrapping multiple validation errors returned by
+// ScopedRoutes_ScopeKeyBuilder_FragmentBuilder_HeaderValueExtractor_KvElement.ValidateAll()
+// if the designated constraints aren't met.
+type ScopedRoutes_ScopeKeyBuilder_FragmentBuilder_HeaderValueExtractor_KvElementMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m ScopedRoutes_ScopeKeyBuilder_FragmentBuilder_HeaderValueExtractor_KvElementMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m ScopedRoutes_ScopeKeyBuilder_FragmentBuilder_HeaderValueExtractor_KvElementMultiError) AllErrors() []error {
+	return m
+}
+
+// ScopedRoutes_ScopeKeyBuilder_FragmentBuilder_HeaderValueExtractor_KvElementValidationError
+// is the validation error returned by
+// ScopedRoutes_ScopeKeyBuilder_FragmentBuilder_HeaderValueExtractor_KvElement.Validate
+// if the designated constraints aren't met.
+type ScopedRoutes_ScopeKeyBuilder_FragmentBuilder_HeaderValueExtractor_KvElementValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e ScopedRoutes_ScopeKeyBuilder_FragmentBuilder_HeaderValueExtractor_KvElementValidationError) Field() string {
+	return e.field
+}
+
+// Reason function returns reason value.
+func (e ScopedRoutes_ScopeKeyBuilder_FragmentBuilder_HeaderValueExtractor_KvElementValidationError) Reason() string {
+	return e.reason
+}
+
+// Cause function returns cause value.
+func (e ScopedRoutes_ScopeKeyBuilder_FragmentBuilder_HeaderValueExtractor_KvElementValidationError) Cause() error {
+	return e.cause
+}
+
+// Key function returns key value.
+func (e ScopedRoutes_ScopeKeyBuilder_FragmentBuilder_HeaderValueExtractor_KvElementValidationError) Key() bool {
+	return e.key
+}
+
+// ErrorName returns error name.
+func (e ScopedRoutes_ScopeKeyBuilder_FragmentBuilder_HeaderValueExtractor_KvElementValidationError) ErrorName() string {
+	return "ScopedRoutes_ScopeKeyBuilder_FragmentBuilder_HeaderValueExtractor_KvElementValidationError"
+}
+
+// Error satisfies the builtin error interface
+func (e ScopedRoutes_ScopeKeyBuilder_FragmentBuilder_HeaderValueExtractor_KvElementValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sScopedRoutes_ScopeKeyBuilder_FragmentBuilder_HeaderValueExtractor_KvElement.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = ScopedRoutes_ScopeKeyBuilder_FragmentBuilder_HeaderValueExtractor_KvElementValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = ScopedRoutes_ScopeKeyBuilder_FragmentBuilder_HeaderValueExtractor_KvElementValidationError{}
diff --git a/vendor/github.com/envoyproxy/go-control-plane/envoy/extensions/transport_sockets/tls/v3/cert.pb.go b/vendor/github.com/envoyproxy/go-control-plane/envoy/extensions/transport_sockets/tls/v3/cert.pb.go
new file mode 100644
index 00000000000..e9dc58df0b1
--- /dev/null
+++ b/vendor/github.com/envoyproxy/go-control-plane/envoy/extensions/transport_sockets/tls/v3/cert.pb.go
@@ -0,0 +1,88 @@
+// Code generated by protoc-gen-go. DO NOT EDIT.
+// versions:
+// 	protoc-gen-go v1.25.0
+// 	protoc        v3.19.1
+// source: envoy/extensions/transport_sockets/tls/v3/cert.proto
+
+package envoy_extensions_transport_sockets_tls_v3
+
+import (
+	proto "github.com/golang/protobuf/proto"
+	protoreflect "google.golang.org/protobuf/reflect/protoreflect"
+	protoimpl "google.golang.org/protobuf/runtime/protoimpl"
+	reflect "reflect"
+)
+
+const (
+	// Verify that this generated code is sufficiently up-to-date.
+	_ = protoimpl.EnforceVersion(20 - protoimpl.MinVersion)
+	// Verify that runtime/protoimpl is sufficiently up-to-date.
+	_ = protoimpl.EnforceVersion(protoimpl.MaxVersion - 20)
+)
+
+// This is a compile-time assertion that a sufficiently up-to-date version
+// of the legacy proto package is being used.
+const _ = proto.ProtoPackageIsVersion4
+
+var File_envoy_extensions_transport_sockets_tls_v3_cert_proto protoreflect.FileDescriptor
+
+var file_envoy_extensions_transport_sockets_tls_v3_cert_proto_rawDesc = []byte{
+	0x0a, 0x34, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2f, 0x65, 0x78, 0x74, 0x65, 0x6e, 0x73, 0x69, 0x6f,
+	0x6e, 0x73, 0x2f, 0x74, 0x72, 0x61, 0x6e, 0x73, 0x70, 0x6f, 0x72, 0x74, 0x5f, 0x73, 0x6f, 0x63,
+	0x6b, 0x65, 0x74, 0x73, 0x2f, 0x74, 0x6c, 0x73, 0x2f, 0x76, 0x33, 0x2f, 0x63, 0x65, 0x72, 0x74,
+	0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x12, 0x29, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x65, 0x78,
+	0x74, 0x65, 0x6e, 0x73, 0x69, 0x6f, 0x6e, 0x73, 0x2e, 0x74, 0x72, 0x61, 0x6e, 0x73, 0x70, 0x6f,
+	0x72, 0x74, 0x5f, 0x73, 0x6f, 0x63, 0x6b, 0x65, 0x74, 0x73, 0x2e, 0x74, 0x6c, 0x73, 0x2e, 0x76,
+	0x33, 0x1a, 0x36, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2f, 0x65, 0x78, 0x74, 0x65, 0x6e, 0x73, 0x69,
+	0x6f, 0x6e, 0x73, 0x2f, 0x74, 0x72, 0x61, 0x6e, 0x73, 0x70, 0x6f, 0x72, 0x74, 0x5f, 0x73, 0x6f,
+	0x63, 0x6b, 0x65, 0x74, 0x73, 0x2f, 0x74, 0x6c, 0x73, 0x2f, 0x76, 0x33, 0x2f, 0x63, 0x6f, 0x6d,
+	0x6d, 0x6f, 0x6e, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x36, 0x65, 0x6e, 0x76, 0x6f, 0x79,
+	0x2f, 0x65, 0x78, 0x74, 0x65, 0x6e, 0x73, 0x69, 0x6f, 0x6e, 0x73, 0x2f, 0x74, 0x72, 0x61, 0x6e,
+	0x73, 0x70, 0x6f, 0x72, 0x74, 0x5f, 0x73, 0x6f, 0x63, 0x6b, 0x65, 0x74, 0x73, 0x2f, 0x74, 0x6c,
+	0x73, 0x2f, 0x76, 0x33, 0x2f, 0x73, 0x65, 0x63, 0x72, 0x65, 0x74, 0x2e, 0x70, 0x72, 0x6f, 0x74,
+	0x6f, 0x1a, 0x33, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2f, 0x65, 0x78, 0x74, 0x65, 0x6e, 0x73, 0x69,
+	0x6f, 0x6e, 0x73, 0x2f, 0x74, 0x72, 0x61, 0x6e, 0x73, 0x70, 0x6f, 0x72, 0x74, 0x5f, 0x73, 0x6f,
+	0x63, 0x6b, 0x65, 0x74, 0x73, 0x2f, 0x74, 0x6c, 0x73, 0x2f, 0x76, 0x33, 0x2f, 0x74, 0x6c, 0x73,
+	0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x42, 0x46, 0x0a, 0x37, 0x69, 0x6f, 0x2e, 0x65, 0x6e, 0x76,
+	0x6f, 0x79, 0x70, 0x72, 0x6f, 0x78, 0x79, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x65, 0x78,
+	0x74, 0x65, 0x6e, 0x73, 0x69, 0x6f, 0x6e, 0x73, 0x2e, 0x74, 0x72, 0x61, 0x6e, 0x73, 0x70, 0x6f,
+	0x72, 0x74, 0x5f, 0x73, 0x6f, 0x63, 0x6b, 0x65, 0x74, 0x73, 0x2e, 0x74, 0x6c, 0x73, 0x2e, 0x76,
+	0x33, 0x42, 0x09, 0x43, 0x65, 0x72, 0x74, 0x50, 0x72, 0x6f, 0x74, 0x6f, 0x50, 0x01, 0x50, 0x00,
+	0x50, 0x01, 0x50, 0x02, 0x62, 0x06, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x33,
+}
+
+var file_envoy_extensions_transport_sockets_tls_v3_cert_proto_goTypes = []interface{}{}
+var file_envoy_extensions_transport_sockets_tls_v3_cert_proto_depIdxs = []int32{
+	0, // [0:0] is the sub-list for method output_type
+	0, // [0:0] is the sub-list for method input_type
+	0, // [0:0] is the sub-list for extension type_name
+	0, // [0:0] is the sub-list for extension extendee
+	0, // [0:0] is the sub-list for field type_name
+}
+
+func init() { file_envoy_extensions_transport_sockets_tls_v3_cert_proto_init() }
+func file_envoy_extensions_transport_sockets_tls_v3_cert_proto_init() {
+	if File_envoy_extensions_transport_sockets_tls_v3_cert_proto != nil {
+		return
+	}
+	file_envoy_extensions_transport_sockets_tls_v3_common_proto_init()
+	file_envoy_extensions_transport_sockets_tls_v3_secret_proto_init()
+	file_envoy_extensions_transport_sockets_tls_v3_tls_proto_init()
+	type x struct{}
+	out := protoimpl.TypeBuilder{
+		File: protoimpl.DescBuilder{
+			GoPackagePath: reflect.TypeOf(x{}).PkgPath(),
+			RawDescriptor: file_envoy_extensions_transport_sockets_tls_v3_cert_proto_rawDesc,
+			NumEnums:      0,
+			NumMessages:   0,
+			NumExtensions: 0,
+			NumServices:   0,
+		},
+		GoTypes:           file_envoy_extensions_transport_sockets_tls_v3_cert_proto_goTypes,
+		DependencyIndexes: file_envoy_extensions_transport_sockets_tls_v3_cert_proto_depIdxs,
+	}.Build()
+	File_envoy_extensions_transport_sockets_tls_v3_cert_proto = out.File
+	file_envoy_extensions_transport_sockets_tls_v3_cert_proto_rawDesc = nil
+	file_envoy_extensions_transport_sockets_tls_v3_cert_proto_goTypes = nil
+	file_envoy_extensions_transport_sockets_tls_v3_cert_proto_depIdxs = nil
+}
diff --git a/vendor/github.com/envoyproxy/go-control-plane/envoy/extensions/transport_sockets/tls/v3/cert.pb.validate.go b/vendor/github.com/envoyproxy/go-control-plane/envoy/extensions/transport_sockets/tls/v3/cert.pb.validate.go
new file mode 100644
index 00000000000..d2ff4f38411
--- /dev/null
+++ b/vendor/github.com/envoyproxy/go-control-plane/envoy/extensions/transport_sockets/tls/v3/cert.pb.validate.go
@@ -0,0 +1,36 @@
+// Code generated by protoc-gen-validate. DO NOT EDIT.
+// source: envoy/extensions/transport_sockets/tls/v3/cert.proto
+
+package envoy_extensions_transport_sockets_tls_v3
+
+import (
+	"bytes"
+	"errors"
+	"fmt"
+	"net"
+	"net/mail"
+	"net/url"
+	"regexp"
+	"sort"
+	"strings"
+	"time"
+	"unicode/utf8"
+
+	"google.golang.org/protobuf/types/known/anypb"
+)
+
+// ensure the imports are used
+var (
+	_ = bytes.MinRead
+	_ = errors.New("")
+	_ = fmt.Print
+	_ = utf8.UTFMax
+	_ = (*regexp.Regexp)(nil)
+	_ = (*strings.Reader)(nil)
+	_ = net.IPv4len
+	_ = time.Duration(0)
+	_ = (*url.URL)(nil)
+	_ = (*mail.Address)(nil)
+	_ = anypb.Any{}
+	_ = sort.Sort
+)
diff --git a/vendor/github.com/envoyproxy/go-control-plane/envoy/extensions/transport_sockets/tls/v3/common.pb.go b/vendor/github.com/envoyproxy/go-control-plane/envoy/extensions/transport_sockets/tls/v3/common.pb.go
new file mode 100644
index 00000000000..b9915941c21
--- /dev/null
+++ b/vendor/github.com/envoyproxy/go-control-plane/envoy/extensions/transport_sockets/tls/v3/common.pb.go
@@ -0,0 +1,1326 @@
+// Code generated by protoc-gen-go. DO NOT EDIT.
+// versions:
+// 	protoc-gen-go v1.25.0
+// 	protoc        v3.19.1
+// source: envoy/extensions/transport_sockets/tls/v3/common.proto
+
+package envoy_extensions_transport_sockets_tls_v3
+
+import (
+	_ "github.com/cncf/xds/go/udpa/annotations"
+	v3 "github.com/envoyproxy/go-control-plane/envoy/config/core/v3"
+	v31 "github.com/envoyproxy/go-control-plane/envoy/type/matcher/v3"
+	_ "github.com/envoyproxy/protoc-gen-validate/validate"
+	proto "github.com/golang/protobuf/proto"
+	any "github.com/golang/protobuf/ptypes/any"
+	wrappers "github.com/golang/protobuf/ptypes/wrappers"
+	protoreflect "google.golang.org/protobuf/reflect/protoreflect"
+	protoimpl "google.golang.org/protobuf/runtime/protoimpl"
+	reflect "reflect"
+	sync "sync"
+)
+
+const (
+	// Verify that this generated code is sufficiently up-to-date.
+	_ = protoimpl.EnforceVersion(20 - protoimpl.MinVersion)
+	// Verify that runtime/protoimpl is sufficiently up-to-date.
+	_ = protoimpl.EnforceVersion(protoimpl.MaxVersion - 20)
+)
+
+// This is a compile-time assertion that a sufficiently up-to-date version
+// of the legacy proto package is being used.
+const _ = proto.ProtoPackageIsVersion4
+
+type TlsParameters_TlsProtocol int32
+
+const (
+	// Envoy will choose the optimal TLS version.
+	TlsParameters_TLS_AUTO TlsParameters_TlsProtocol = 0
+	// TLS 1.0
+	TlsParameters_TLSv1_0 TlsParameters_TlsProtocol = 1
+	// TLS 1.1
+	TlsParameters_TLSv1_1 TlsParameters_TlsProtocol = 2
+	// TLS 1.2
+	TlsParameters_TLSv1_2 TlsParameters_TlsProtocol = 3
+	// TLS 1.3
+	TlsParameters_TLSv1_3 TlsParameters_TlsProtocol = 4
+)
+
+// Enum value maps for TlsParameters_TlsProtocol.
+var (
+	TlsParameters_TlsProtocol_name = map[int32]string{
+		0: "TLS_AUTO",
+		1: "TLSv1_0",
+		2: "TLSv1_1",
+		3: "TLSv1_2",
+		4: "TLSv1_3",
+	}
+	TlsParameters_TlsProtocol_value = map[string]int32{
+		"TLS_AUTO": 0,
+		"TLSv1_0":  1,
+		"TLSv1_1":  2,
+		"TLSv1_2":  3,
+		"TLSv1_3":  4,
+	}
+)
+
+func (x TlsParameters_TlsProtocol) Enum() *TlsParameters_TlsProtocol {
+	p := new(TlsParameters_TlsProtocol)
+	*p = x
+	return p
+}
+
+func (x TlsParameters_TlsProtocol) String() string {
+	return protoimpl.X.EnumStringOf(x.Descriptor(), protoreflect.EnumNumber(x))
+}
+
+func (TlsParameters_TlsProtocol) Descriptor() protoreflect.EnumDescriptor {
+	return file_envoy_extensions_transport_sockets_tls_v3_common_proto_enumTypes[0].Descriptor()
+}
+
+func (TlsParameters_TlsProtocol) Type() protoreflect.EnumType {
+	return &file_envoy_extensions_transport_sockets_tls_v3_common_proto_enumTypes[0]
+}
+
+func (x TlsParameters_TlsProtocol) Number() protoreflect.EnumNumber {
+	return protoreflect.EnumNumber(x)
+}
+
+// Deprecated: Use TlsParameters_TlsProtocol.Descriptor instead.
+func (TlsParameters_TlsProtocol) EnumDescriptor() ([]byte, []int) {
+	return file_envoy_extensions_transport_sockets_tls_v3_common_proto_rawDescGZIP(), []int{0, 0}
+}
+
+// Peer certificate verification mode.
+type CertificateValidationContext_TrustChainVerification int32
+
+const (
+	// Perform default certificate verification (e.g., against CA / verification lists)
+	CertificateValidationContext_VERIFY_TRUST_CHAIN CertificateValidationContext_TrustChainVerification = 0
+	// Connections where the certificate fails verification will be permitted.
+	// For HTTP connections, the result of certificate verification can be used in route matching. (
+	// see :ref:`validated <envoy_v3_api_field_config.route.v3.RouteMatch.TlsContextMatchOptions.validated>` ).
+	CertificateValidationContext_ACCEPT_UNTRUSTED CertificateValidationContext_TrustChainVerification = 1
+)
+
+// Enum value maps for CertificateValidationContext_TrustChainVerification.
+var (
+	CertificateValidationContext_TrustChainVerification_name = map[int32]string{
+		0: "VERIFY_TRUST_CHAIN",
+		1: "ACCEPT_UNTRUSTED",
+	}
+	CertificateValidationContext_TrustChainVerification_value = map[string]int32{
+		"VERIFY_TRUST_CHAIN": 0,
+		"ACCEPT_UNTRUSTED":   1,
+	}
+)
+
+func (x CertificateValidationContext_TrustChainVerification) Enum() *CertificateValidationContext_TrustChainVerification {
+	p := new(CertificateValidationContext_TrustChainVerification)
+	*p = x
+	return p
+}
+
+func (x CertificateValidationContext_TrustChainVerification) String() string {
+	return protoimpl.X.EnumStringOf(x.Descriptor(), protoreflect.EnumNumber(x))
+}
+
+func (CertificateValidationContext_TrustChainVerification) Descriptor() protoreflect.EnumDescriptor {
+	return file_envoy_extensions_transport_sockets_tls_v3_common_proto_enumTypes[1].Descriptor()
+}
+
+func (CertificateValidationContext_TrustChainVerification) Type() protoreflect.EnumType {
+	return &file_envoy_extensions_transport_sockets_tls_v3_common_proto_enumTypes[1]
+}
+
+func (x CertificateValidationContext_TrustChainVerification) Number() protoreflect.EnumNumber {
+	return protoreflect.EnumNumber(x)
+}
+
+// Deprecated: Use CertificateValidationContext_TrustChainVerification.Descriptor instead.
+func (CertificateValidationContext_TrustChainVerification) EnumDescriptor() ([]byte, []int) {
+	return file_envoy_extensions_transport_sockets_tls_v3_common_proto_rawDescGZIP(), []int{5, 0}
+}
+
+type TlsParameters struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// Minimum TLS protocol version. By default, it's ``TLSv1_2`` for clients and ``TLSv1_0`` for
+	// servers.
+	TlsMinimumProtocolVersion TlsParameters_TlsProtocol `protobuf:"varint,1,opt,name=tls_minimum_protocol_version,json=tlsMinimumProtocolVersion,proto3,enum=envoy.extensions.transport_sockets.tls.v3.TlsParameters_TlsProtocol" json:"tls_minimum_protocol_version,omitempty"`
+	// Maximum TLS protocol version. By default, it's ``TLSv1_2`` for clients and ``TLSv1_3`` for
+	// servers.
+	TlsMaximumProtocolVersion TlsParameters_TlsProtocol `protobuf:"varint,2,opt,name=tls_maximum_protocol_version,json=tlsMaximumProtocolVersion,proto3,enum=envoy.extensions.transport_sockets.tls.v3.TlsParameters_TlsProtocol" json:"tls_maximum_protocol_version,omitempty"`
+	// If specified, the TLS listener will only support the specified `cipher list
+	// <https://commondatastorage.googleapis.com/chromium-boringssl-docs/ssl.h.html#Cipher-suite-configuration>`_
+	// when negotiating TLS 1.0-1.2 (this setting has no effect when negotiating TLS 1.3).
+	//
+	// If not specified, a default list will be used. Defaults are different for server (downstream) and
+	// client (upstream) TLS configurations.
+	//
+	// In non-FIPS builds, the default server cipher list is:
+	//
+	// .. code-block:: none
+	//
+	//   [ECDHE-ECDSA-AES128-GCM-SHA256|ECDHE-ECDSA-CHACHA20-POLY1305]
+	//   [ECDHE-RSA-AES128-GCM-SHA256|ECDHE-RSA-CHACHA20-POLY1305]
+	//   ECDHE-ECDSA-AES128-SHA
+	//   ECDHE-RSA-AES128-SHA
+	//   AES128-GCM-SHA256
+	//   AES128-SHA
+	//   ECDHE-ECDSA-AES256-GCM-SHA384
+	//   ECDHE-RSA-AES256-GCM-SHA384
+	//   ECDHE-ECDSA-AES256-SHA
+	//   ECDHE-RSA-AES256-SHA
+	//   AES256-GCM-SHA384
+	//   AES256-SHA
+	//
+	// In builds using :ref:`BoringSSL FIPS <arch_overview_ssl_fips>`, the default server cipher list is:
+	//
+	// .. code-block:: none
+	//
+	//   ECDHE-ECDSA-AES128-GCM-SHA256
+	//   ECDHE-RSA-AES128-GCM-SHA256
+	//   ECDHE-ECDSA-AES128-SHA
+	//   ECDHE-RSA-AES128-SHA
+	//   AES128-GCM-SHA256
+	//   AES128-SHA
+	//   ECDHE-ECDSA-AES256-GCM-SHA384
+	//   ECDHE-RSA-AES256-GCM-SHA384
+	//   ECDHE-ECDSA-AES256-SHA
+	//   ECDHE-RSA-AES256-SHA
+	//   AES256-GCM-SHA384
+	//   AES256-SHA
+	//
+	// In non-FIPS builds, the default client cipher list is:
+	//
+	// .. code-block:: none
+	//
+	//   [ECDHE-ECDSA-AES128-GCM-SHA256|ECDHE-ECDSA-CHACHA20-POLY1305]
+	//   [ECDHE-RSA-AES128-GCM-SHA256|ECDHE-RSA-CHACHA20-POLY1305]
+	//   ECDHE-ECDSA-AES256-GCM-SHA384
+	//   ECDHE-RSA-AES256-GCM-SHA384
+	//
+	// In builds using :ref:`BoringSSL FIPS <arch_overview_ssl_fips>`, the default client cipher list is:
+	//
+	// .. code-block:: none
+	//
+	//   ECDHE-ECDSA-AES128-GCM-SHA256
+	//   ECDHE-RSA-AES128-GCM-SHA256
+	//   ECDHE-ECDSA-AES256-GCM-SHA384
+	//   ECDHE-RSA-AES256-GCM-SHA384
+	CipherSuites []string `protobuf:"bytes,3,rep,name=cipher_suites,json=cipherSuites,proto3" json:"cipher_suites,omitempty"`
+	// If specified, the TLS connection will only support the specified ECDH
+	// curves. If not specified, the default curves will be used.
+	//
+	// In non-FIPS builds, the default curves are:
+	//
+	// .. code-block:: none
+	//
+	//   X25519
+	//   P-256
+	//
+	// In builds using :ref:`BoringSSL FIPS <arch_overview_ssl_fips>`, the default curve is:
+	//
+	// .. code-block:: none
+	//
+	//   P-256
+	EcdhCurves []string `protobuf:"bytes,4,rep,name=ecdh_curves,json=ecdhCurves,proto3" json:"ecdh_curves,omitempty"`
+}
+
+func (x *TlsParameters) Reset() {
+	*x = TlsParameters{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_extensions_transport_sockets_tls_v3_common_proto_msgTypes[0]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *TlsParameters) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*TlsParameters) ProtoMessage() {}
+
+func (x *TlsParameters) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_extensions_transport_sockets_tls_v3_common_proto_msgTypes[0]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use TlsParameters.ProtoReflect.Descriptor instead.
+func (*TlsParameters) Descriptor() ([]byte, []int) {
+	return file_envoy_extensions_transport_sockets_tls_v3_common_proto_rawDescGZIP(), []int{0}
+}
+
+func (x *TlsParameters) GetTlsMinimumProtocolVersion() TlsParameters_TlsProtocol {
+	if x != nil {
+		return x.TlsMinimumProtocolVersion
+	}
+	return TlsParameters_TLS_AUTO
+}
+
+func (x *TlsParameters) GetTlsMaximumProtocolVersion() TlsParameters_TlsProtocol {
+	if x != nil {
+		return x.TlsMaximumProtocolVersion
+	}
+	return TlsParameters_TLS_AUTO
+}
+
+func (x *TlsParameters) GetCipherSuites() []string {
+	if x != nil {
+		return x.CipherSuites
+	}
+	return nil
+}
+
+func (x *TlsParameters) GetEcdhCurves() []string {
+	if x != nil {
+		return x.EcdhCurves
+	}
+	return nil
+}
+
+// BoringSSL private key method configuration. The private key methods are used for external
+// (potentially asynchronous) signing and decryption operations. Some use cases for private key
+// methods would be TPM support and TLS acceleration.
+type PrivateKeyProvider struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// Private key method provider name. The name must match a
+	// supported private key method provider type.
+	ProviderName string `protobuf:"bytes,1,opt,name=provider_name,json=providerName,proto3" json:"provider_name,omitempty"`
+	// Private key method provider specific configuration.
+	//
+	// Types that are assignable to ConfigType:
+	//	*PrivateKeyProvider_TypedConfig
+	ConfigType isPrivateKeyProvider_ConfigType `protobuf_oneof:"config_type"`
+}
+
+func (x *PrivateKeyProvider) Reset() {
+	*x = PrivateKeyProvider{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_extensions_transport_sockets_tls_v3_common_proto_msgTypes[1]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *PrivateKeyProvider) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*PrivateKeyProvider) ProtoMessage() {}
+
+func (x *PrivateKeyProvider) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_extensions_transport_sockets_tls_v3_common_proto_msgTypes[1]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use PrivateKeyProvider.ProtoReflect.Descriptor instead.
+func (*PrivateKeyProvider) Descriptor() ([]byte, []int) {
+	return file_envoy_extensions_transport_sockets_tls_v3_common_proto_rawDescGZIP(), []int{1}
+}
+
+func (x *PrivateKeyProvider) GetProviderName() string {
+	if x != nil {
+		return x.ProviderName
+	}
+	return ""
+}
+
+func (m *PrivateKeyProvider) GetConfigType() isPrivateKeyProvider_ConfigType {
+	if m != nil {
+		return m.ConfigType
+	}
+	return nil
+}
+
+func (x *PrivateKeyProvider) GetTypedConfig() *any.Any {
+	if x, ok := x.GetConfigType().(*PrivateKeyProvider_TypedConfig); ok {
+		return x.TypedConfig
+	}
+	return nil
+}
+
+type isPrivateKeyProvider_ConfigType interface {
+	isPrivateKeyProvider_ConfigType()
+}
+
+type PrivateKeyProvider_TypedConfig struct {
+	TypedConfig *any.Any `protobuf:"bytes,3,opt,name=typed_config,json=typedConfig,proto3,oneof"`
+}
+
+func (*PrivateKeyProvider_TypedConfig) isPrivateKeyProvider_ConfigType() {}
+
+// [#next-free-field: 9]
+type TlsCertificate struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// The TLS certificate chain.
+	//
+	// If *certificate_chain* is a filesystem path, a watch will be added to the
+	// parent directory for any file moves to support rotation. This currently
+	// only applies to dynamic secrets, when the *TlsCertificate* is delivered via
+	// SDS.
+	CertificateChain *v3.DataSource `protobuf:"bytes,1,opt,name=certificate_chain,json=certificateChain,proto3" json:"certificate_chain,omitempty"`
+	// The TLS private key.
+	//
+	// If *private_key* is a filesystem path, a watch will be added to the parent
+	// directory for any file moves to support rotation. This currently only
+	// applies to dynamic secrets, when the *TlsCertificate* is delivered via SDS.
+	PrivateKey *v3.DataSource `protobuf:"bytes,2,opt,name=private_key,json=privateKey,proto3" json:"private_key,omitempty"`
+	// `Pkcs12` data containing TLS certificate, chain, and private key.
+	//
+	// If *pkcs12* is a filesystem path, the file will be read, but no watch will
+	// be added to the parent directory, since *pkcs12* isn't used by SDS.
+	// This field is mutually exclusive with *certificate_chain*, *private_key* and *private_key_provider*.
+	// This can't be marked as ``oneof`` due to API compatibility reasons. Setting
+	// both :ref:`private_key <envoy_v3_api_field_extensions.transport_sockets.tls.v3.TlsCertificate.private_key>`,
+	// :ref:`certificate_chain <envoy_v3_api_field_extensions.transport_sockets.tls.v3.TlsCertificate.certificate_chain>`,
+	// or :ref:`private_key_provider <envoy_v3_api_field_extensions.transport_sockets.tls.v3.TlsCertificate.private_key_provider>`
+	// and :ref:`pkcs12 <envoy_v3_api_field_extensions.transport_sockets.tls.v3.TlsCertificate.pkcs12>`
+	// fields will result in an error. Use :ref:`password
+	// <envoy_v3_api_field_extensions.transport_sockets.tls.v3.TlsCertificate.password>`
+	// to specify the password to unprotect the `PKCS12` data, if necessary.
+	Pkcs12 *v3.DataSource `protobuf:"bytes,8,opt,name=pkcs12,proto3" json:"pkcs12,omitempty"`
+	// If specified, updates of file-based *certificate_chain* and *private_key*
+	// sources will be triggered by this watch. The certificate/key pair will be
+	// read together and validated for atomic read consistency (i.e. no
+	// intervening modification occurred between cert/key read, verified by file
+	// hash comparisons). This allows explicit control over the path watched, by
+	// default the parent directories of the filesystem paths in
+	// *certificate_chain* and *private_key* are watched if this field is not
+	// specified. This only applies when a *TlsCertificate* is delivered by SDS
+	// with references to filesystem paths. See the :ref:`SDS key rotation
+	// <sds_key_rotation>` documentation for further details.
+	WatchedDirectory *v3.WatchedDirectory `protobuf:"bytes,7,opt,name=watched_directory,json=watchedDirectory,proto3" json:"watched_directory,omitempty"`
+	// BoringSSL private key method provider. This is an alternative to :ref:`private_key
+	// <envoy_v3_api_field_extensions.transport_sockets.tls.v3.TlsCertificate.private_key>` field. This can't be
+	// marked as ``oneof`` due to API compatibility reasons. Setting both :ref:`private_key
+	// <envoy_v3_api_field_extensions.transport_sockets.tls.v3.TlsCertificate.private_key>` and
+	// :ref:`private_key_provider
+	// <envoy_v3_api_field_extensions.transport_sockets.tls.v3.TlsCertificate.private_key_provider>` fields will result in an
+	// error.
+	PrivateKeyProvider *PrivateKeyProvider `protobuf:"bytes,6,opt,name=private_key_provider,json=privateKeyProvider,proto3" json:"private_key_provider,omitempty"`
+	// The password to decrypt the TLS private key. If this field is not set, it is assumed that the
+	// TLS private key is not password encrypted.
+	Password *v3.DataSource `protobuf:"bytes,3,opt,name=password,proto3" json:"password,omitempty"`
+	// The OCSP response to be stapled with this certificate during the handshake.
+	// The response must be DER-encoded and may only be  provided via ``filename`` or
+	// ``inline_bytes``. The response may pertain to only one certificate.
+	OcspStaple *v3.DataSource `protobuf:"bytes,4,opt,name=ocsp_staple,json=ocspStaple,proto3" json:"ocsp_staple,omitempty"`
+	// [#not-implemented-hide:]
+	SignedCertificateTimestamp []*v3.DataSource `protobuf:"bytes,5,rep,name=signed_certificate_timestamp,json=signedCertificateTimestamp,proto3" json:"signed_certificate_timestamp,omitempty"`
+}
+
+func (x *TlsCertificate) Reset() {
+	*x = TlsCertificate{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_extensions_transport_sockets_tls_v3_common_proto_msgTypes[2]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *TlsCertificate) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*TlsCertificate) ProtoMessage() {}
+
+func (x *TlsCertificate) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_extensions_transport_sockets_tls_v3_common_proto_msgTypes[2]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use TlsCertificate.ProtoReflect.Descriptor instead.
+func (*TlsCertificate) Descriptor() ([]byte, []int) {
+	return file_envoy_extensions_transport_sockets_tls_v3_common_proto_rawDescGZIP(), []int{2}
+}
+
+func (x *TlsCertificate) GetCertificateChain() *v3.DataSource {
+	if x != nil {
+		return x.CertificateChain
+	}
+	return nil
+}
+
+func (x *TlsCertificate) GetPrivateKey() *v3.DataSource {
+	if x != nil {
+		return x.PrivateKey
+	}
+	return nil
+}
+
+func (x *TlsCertificate) GetPkcs12() *v3.DataSource {
+	if x != nil {
+		return x.Pkcs12
+	}
+	return nil
+}
+
+func (x *TlsCertificate) GetWatchedDirectory() *v3.WatchedDirectory {
+	if x != nil {
+		return x.WatchedDirectory
+	}
+	return nil
+}
+
+func (x *TlsCertificate) GetPrivateKeyProvider() *PrivateKeyProvider {
+	if x != nil {
+		return x.PrivateKeyProvider
+	}
+	return nil
+}
+
+func (x *TlsCertificate) GetPassword() *v3.DataSource {
+	if x != nil {
+		return x.Password
+	}
+	return nil
+}
+
+func (x *TlsCertificate) GetOcspStaple() *v3.DataSource {
+	if x != nil {
+		return x.OcspStaple
+	}
+	return nil
+}
+
+func (x *TlsCertificate) GetSignedCertificateTimestamp() []*v3.DataSource {
+	if x != nil {
+		return x.SignedCertificateTimestamp
+	}
+	return nil
+}
+
+type TlsSessionTicketKeys struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// Keys for encrypting and decrypting TLS session tickets. The
+	// first key in the array contains the key to encrypt all new sessions created by this context.
+	// All keys are candidates for decrypting received tickets. This allows for easy rotation of keys
+	// by, for example, putting the new key first, and the previous key second.
+	//
+	// If :ref:`session_ticket_keys <envoy_v3_api_field_extensions.transport_sockets.tls.v3.DownstreamTlsContext.session_ticket_keys>`
+	// is not specified, the TLS library will still support resuming sessions via tickets, but it will
+	// use an internally-generated and managed key, so sessions cannot be resumed across hot restarts
+	// or on different hosts.
+	//
+	// Each key must contain exactly 80 bytes of cryptographically-secure random data. For
+	// example, the output of ``openssl rand 80``.
+	//
+	// .. attention::
+	//
+	//   Using this feature has serious security considerations and risks. Improper handling of keys
+	//   may result in loss of secrecy in connections, even if ciphers supporting perfect forward
+	//   secrecy are used. See https://www.imperialviolet.org/2013/06/27/botchingpfs.html for some
+	//   discussion. To minimize the risk, you must:
+	//
+	//   * Keep the session ticket keys at least as secure as your TLS certificate private keys
+	//   * Rotate session ticket keys at least daily, and preferably hourly
+	//   * Always generate keys using a cryptographically-secure random data source
+	Keys []*v3.DataSource `protobuf:"bytes,1,rep,name=keys,proto3" json:"keys,omitempty"`
+}
+
+func (x *TlsSessionTicketKeys) Reset() {
+	*x = TlsSessionTicketKeys{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_extensions_transport_sockets_tls_v3_common_proto_msgTypes[3]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *TlsSessionTicketKeys) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*TlsSessionTicketKeys) ProtoMessage() {}
+
+func (x *TlsSessionTicketKeys) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_extensions_transport_sockets_tls_v3_common_proto_msgTypes[3]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use TlsSessionTicketKeys.ProtoReflect.Descriptor instead.
+func (*TlsSessionTicketKeys) Descriptor() ([]byte, []int) {
+	return file_envoy_extensions_transport_sockets_tls_v3_common_proto_rawDescGZIP(), []int{3}
+}
+
+func (x *TlsSessionTicketKeys) GetKeys() []*v3.DataSource {
+	if x != nil {
+		return x.Keys
+	}
+	return nil
+}
+
+// Indicates a certificate to be obtained from a named CertificateProvider plugin instance.
+// The plugin instances are defined in the client's bootstrap file.
+// The plugin allows certificates to be fetched/refreshed over the network asynchronously with
+// respect to the TLS handshake.
+// [#not-implemented-hide:]
+type CertificateProviderPluginInstance struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// Provider instance name. If not present, defaults to "default".
+	//
+	// Instance names should generally be defined not in terms of the underlying provider
+	// implementation (e.g., "file_watcher") but rather in terms of the function of the
+	// certificates (e.g., "foo_deployment_identity").
+	InstanceName string `protobuf:"bytes,1,opt,name=instance_name,json=instanceName,proto3" json:"instance_name,omitempty"`
+	// Opaque name used to specify certificate instances or types. For example, "ROOTCA" to specify
+	// a root-certificate (validation context) or "example.com" to specify a certificate for a
+	// particular domain. Not all provider instances will actually use this field, so the value
+	// defaults to the empty string.
+	CertificateName string `protobuf:"bytes,2,opt,name=certificate_name,json=certificateName,proto3" json:"certificate_name,omitempty"`
+}
+
+func (x *CertificateProviderPluginInstance) Reset() {
+	*x = CertificateProviderPluginInstance{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_extensions_transport_sockets_tls_v3_common_proto_msgTypes[4]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *CertificateProviderPluginInstance) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*CertificateProviderPluginInstance) ProtoMessage() {}
+
+func (x *CertificateProviderPluginInstance) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_extensions_transport_sockets_tls_v3_common_proto_msgTypes[4]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use CertificateProviderPluginInstance.ProtoReflect.Descriptor instead.
+func (*CertificateProviderPluginInstance) Descriptor() ([]byte, []int) {
+	return file_envoy_extensions_transport_sockets_tls_v3_common_proto_rawDescGZIP(), []int{4}
+}
+
+func (x *CertificateProviderPluginInstance) GetInstanceName() string {
+	if x != nil {
+		return x.InstanceName
+	}
+	return ""
+}
+
+func (x *CertificateProviderPluginInstance) GetCertificateName() string {
+	if x != nil {
+		return x.CertificateName
+	}
+	return ""
+}
+
+// [#next-free-field: 15]
+type CertificateValidationContext struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// TLS certificate data containing certificate authority certificates to use in verifying
+	// a presented peer certificate (e.g. server certificate for clusters or client certificate
+	// for listeners). If not specified and a peer certificate is presented it will not be
+	// verified. By default, a client certificate is optional, unless one of the additional
+	// options (:ref:`require_client_certificate
+	// <envoy_v3_api_field_extensions.transport_sockets.tls.v3.DownstreamTlsContext.require_client_certificate>`,
+	// :ref:`verify_certificate_spki
+	// <envoy_v3_api_field_extensions.transport_sockets.tls.v3.CertificateValidationContext.verify_certificate_spki>`,
+	// :ref:`verify_certificate_hash
+	// <envoy_v3_api_field_extensions.transport_sockets.tls.v3.CertificateValidationContext.verify_certificate_hash>`, or
+	// :ref:`match_subject_alt_names
+	// <envoy_v3_api_field_extensions.transport_sockets.tls.v3.CertificateValidationContext.match_subject_alt_names>`) is also
+	// specified.
+	//
+	// It can optionally contain certificate revocation lists, in which case Envoy will verify
+	// that the presented peer certificate has not been revoked by one of the included CRLs. Note
+	// that if a CRL is provided for any certificate authority in a trust chain, a CRL must be
+	// provided for all certificate authorities in that chain. Failure to do so will result in
+	// verification failure for both revoked and unrevoked certificates from that chain.
+	// The behavior of requiring all certificates to contain CRLs if any do can be altered by
+	// setting :ref:`only_verify_leaf_cert_crl <envoy_v3_api_field_extensions.transport_sockets.tls.v3.CertificateValidationContext.only_verify_leaf_cert_crl>`
+	// true. If set to true, only the final certificate in the chain undergoes CRL verification.
+	//
+	// See :ref:`the TLS overview <arch_overview_ssl_enabling_verification>` for a list of common
+	// system CA locations.
+	//
+	// If *trusted_ca* is a filesystem path, a watch will be added to the parent
+	// directory for any file moves to support rotation. This currently only
+	// applies to dynamic secrets, when the *CertificateValidationContext* is
+	// delivered via SDS.
+	//
+	// Only one of *trusted_ca* and *ca_certificate_provider_instance* may be specified.
+	//
+	// [#next-major-version: This field and watched_directory below should ideally be moved into a
+	// separate sub-message, since there's no point in specifying the latter field without this one.]
+	TrustedCa *v3.DataSource `protobuf:"bytes,1,opt,name=trusted_ca,json=trustedCa,proto3" json:"trusted_ca,omitempty"`
+	// Certificate provider instance for fetching TLS certificates.
+	//
+	// Only one of *trusted_ca* and *ca_certificate_provider_instance* may be specified.
+	// [#not-implemented-hide:]
+	CaCertificateProviderInstance *CertificateProviderPluginInstance `protobuf:"bytes,13,opt,name=ca_certificate_provider_instance,json=caCertificateProviderInstance,proto3" json:"ca_certificate_provider_instance,omitempty"`
+	// If specified, updates of a file-based *trusted_ca* source will be triggered
+	// by this watch. This allows explicit control over the path watched, by
+	// default the parent directory of the filesystem path in *trusted_ca* is
+	// watched if this field is not specified. This only applies when a
+	// *CertificateValidationContext* is delivered by SDS with references to
+	// filesystem paths. See the :ref:`SDS key rotation <sds_key_rotation>`
+	// documentation for further details.
+	WatchedDirectory *v3.WatchedDirectory `protobuf:"bytes,11,opt,name=watched_directory,json=watchedDirectory,proto3" json:"watched_directory,omitempty"`
+	// An optional list of base64-encoded SHA-256 hashes. If specified, Envoy will verify that the
+	// SHA-256 of the DER-encoded Subject Public Key Information (SPKI) of the presented certificate
+	// matches one of the specified values.
+	//
+	// A base64-encoded SHA-256 of the Subject Public Key Information (SPKI) of the certificate
+	// can be generated with the following command:
+	//
+	// .. code-block:: bash
+	//
+	//   $ openssl x509 -in path/to/client.crt -noout -pubkey
+	//     | openssl pkey -pubin -outform DER
+	//     | openssl dgst -sha256 -binary
+	//     | openssl enc -base64
+	//   NvqYIYSbgK2vCJpQhObf77vv+bQWtc5ek5RIOwPiC9A=
+	//
+	// This is the format used in HTTP Public Key Pinning.
+	//
+	// When both:
+	// :ref:`verify_certificate_hash
+	// <envoy_v3_api_field_extensions.transport_sockets.tls.v3.CertificateValidationContext.verify_certificate_hash>` and
+	// :ref:`verify_certificate_spki
+	// <envoy_v3_api_field_extensions.transport_sockets.tls.v3.CertificateValidationContext.verify_certificate_spki>` are specified,
+	// a hash matching value from either of the lists will result in the certificate being accepted.
+	//
+	// .. attention::
+	//
+	//   This option is preferred over :ref:`verify_certificate_hash
+	//   <envoy_v3_api_field_extensions.transport_sockets.tls.v3.CertificateValidationContext.verify_certificate_hash>`,
+	//   because SPKI is tied to a private key, so it doesn't change when the certificate
+	//   is renewed using the same private key.
+	VerifyCertificateSpki []string `protobuf:"bytes,3,rep,name=verify_certificate_spki,json=verifyCertificateSpki,proto3" json:"verify_certificate_spki,omitempty"`
+	// An optional list of hex-encoded SHA-256 hashes. If specified, Envoy will verify that
+	// the SHA-256 of the DER-encoded presented certificate matches one of the specified values.
+	//
+	// A hex-encoded SHA-256 of the certificate can be generated with the following command:
+	//
+	// .. code-block:: bash
+	//
+	//   $ openssl x509 -in path/to/client.crt -outform DER | openssl dgst -sha256 | cut -d" " -f2
+	//   df6ff72fe9116521268f6f2dd4966f51df479883fe7037b39f75916ac3049d1a
+	//
+	// A long hex-encoded and colon-separated SHA-256 (a.k.a. "fingerprint") of the certificate
+	// can be generated with the following command:
+	//
+	// .. code-block:: bash
+	//
+	//   $ openssl x509 -in path/to/client.crt -noout -fingerprint -sha256 | cut -d"=" -f2
+	//   DF:6F:F7:2F:E9:11:65:21:26:8F:6F:2D:D4:96:6F:51:DF:47:98:83:FE:70:37:B3:9F:75:91:6A:C3:04:9D:1A
+	//
+	// Both of those formats are acceptable.
+	//
+	// When both:
+	// :ref:`verify_certificate_hash
+	// <envoy_v3_api_field_extensions.transport_sockets.tls.v3.CertificateValidationContext.verify_certificate_hash>` and
+	// :ref:`verify_certificate_spki
+	// <envoy_v3_api_field_extensions.transport_sockets.tls.v3.CertificateValidationContext.verify_certificate_spki>` are specified,
+	// a hash matching value from either of the lists will result in the certificate being accepted.
+	VerifyCertificateHash []string `protobuf:"bytes,2,rep,name=verify_certificate_hash,json=verifyCertificateHash,proto3" json:"verify_certificate_hash,omitempty"`
+	// An optional list of Subject Alternative name matchers. If specified, Envoy will verify that the
+	// Subject Alternative Name of the presented certificate matches one of the specified matchers.
+	//
+	// When a certificate has wildcard DNS SAN entries, to match a specific client, it should be
+	// configured with exact match type in the :ref:`string matcher <envoy_v3_api_msg_type.matcher.v3.StringMatcher>`.
+	// For example if the certificate has "\*.example.com" as DNS SAN entry, to allow only "api.example.com",
+	// it should be configured as shown below.
+	//
+	// .. code-block:: yaml
+	//
+	//  match_subject_alt_names:
+	//    exact: "api.example.com"
+	//
+	// .. attention::
+	//
+	//   Subject Alternative Names are easily spoofable and verifying only them is insecure,
+	//   therefore this option must be used together with :ref:`trusted_ca
+	//   <envoy_v3_api_field_extensions.transport_sockets.tls.v3.CertificateValidationContext.trusted_ca>`.
+	MatchSubjectAltNames []*v31.StringMatcher `protobuf:"bytes,9,rep,name=match_subject_alt_names,json=matchSubjectAltNames,proto3" json:"match_subject_alt_names,omitempty"`
+	// [#not-implemented-hide:] Must present signed certificate time-stamp.
+	RequireSignedCertificateTimestamp *wrappers.BoolValue `protobuf:"bytes,6,opt,name=require_signed_certificate_timestamp,json=requireSignedCertificateTimestamp,proto3" json:"require_signed_certificate_timestamp,omitempty"`
+	// An optional `certificate revocation list
+	// <https://en.wikipedia.org/wiki/Certificate_revocation_list>`_
+	// (in PEM format). If specified, Envoy will verify that the presented peer
+	// certificate has not been revoked by this CRL. If this DataSource contains
+	// multiple CRLs, all of them will be used. Note that if a CRL is provided
+	// for any certificate authority in a trust chain, a CRL must be provided
+	// for all certificate authorities in that chain. Failure to do so will
+	// result in verification failure for both revoked and unrevoked certificates
+	// from that chain. This default behavior can be altered by setting
+	// :ref:`only_verify_leaf_cert_crl <envoy_v3_api_field_extensions.transport_sockets.tls.v3.CertificateValidationContext.only_verify_leaf_cert_crl>` to
+	// true.
+	Crl *v3.DataSource `protobuf:"bytes,7,opt,name=crl,proto3" json:"crl,omitempty"`
+	// If specified, Envoy will not reject expired certificates.
+	AllowExpiredCertificate bool `protobuf:"varint,8,opt,name=allow_expired_certificate,json=allowExpiredCertificate,proto3" json:"allow_expired_certificate,omitempty"`
+	// Certificate trust chain verification mode.
+	TrustChainVerification CertificateValidationContext_TrustChainVerification `protobuf:"varint,10,opt,name=trust_chain_verification,json=trustChainVerification,proto3,enum=envoy.extensions.transport_sockets.tls.v3.CertificateValidationContext_TrustChainVerification" json:"trust_chain_verification,omitempty"`
+	// The configuration of an extension specific certificate validator.
+	// If specified, all validation is done by the specified validator,
+	// and the behavior of all other validation settings is defined by the specified validator (and may be entirely ignored, unused, and unvalidated).
+	// Refer to the documentation for the specified validator. If you do not want a custom validation algorithm, do not set this field.
+	// [#extension-category: envoy.tls.cert_validator]
+	CustomValidatorConfig *v3.TypedExtensionConfig `protobuf:"bytes,12,opt,name=custom_validator_config,json=customValidatorConfig,proto3" json:"custom_validator_config,omitempty"`
+	// If this option is set to true, only the certificate at the end of the
+	// certificate chain will be subject to validation by :ref:`CRL <envoy_v3_api_field_extensions.transport_sockets.tls.v3.CertificateValidationContext.crl>`.
+	OnlyVerifyLeafCertCrl bool `protobuf:"varint,14,opt,name=only_verify_leaf_cert_crl,json=onlyVerifyLeafCertCrl,proto3" json:"only_verify_leaf_cert_crl,omitempty"`
+}
+
+func (x *CertificateValidationContext) Reset() {
+	*x = CertificateValidationContext{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_extensions_transport_sockets_tls_v3_common_proto_msgTypes[5]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *CertificateValidationContext) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*CertificateValidationContext) ProtoMessage() {}
+
+func (x *CertificateValidationContext) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_extensions_transport_sockets_tls_v3_common_proto_msgTypes[5]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use CertificateValidationContext.ProtoReflect.Descriptor instead.
+func (*CertificateValidationContext) Descriptor() ([]byte, []int) {
+	return file_envoy_extensions_transport_sockets_tls_v3_common_proto_rawDescGZIP(), []int{5}
+}
+
+func (x *CertificateValidationContext) GetTrustedCa() *v3.DataSource {
+	if x != nil {
+		return x.TrustedCa
+	}
+	return nil
+}
+
+func (x *CertificateValidationContext) GetCaCertificateProviderInstance() *CertificateProviderPluginInstance {
+	if x != nil {
+		return x.CaCertificateProviderInstance
+	}
+	return nil
+}
+
+func (x *CertificateValidationContext) GetWatchedDirectory() *v3.WatchedDirectory {
+	if x != nil {
+		return x.WatchedDirectory
+	}
+	return nil
+}
+
+func (x *CertificateValidationContext) GetVerifyCertificateSpki() []string {
+	if x != nil {
+		return x.VerifyCertificateSpki
+	}
+	return nil
+}
+
+func (x *CertificateValidationContext) GetVerifyCertificateHash() []string {
+	if x != nil {
+		return x.VerifyCertificateHash
+	}
+	return nil
+}
+
+func (x *CertificateValidationContext) GetMatchSubjectAltNames() []*v31.StringMatcher {
+	if x != nil {
+		return x.MatchSubjectAltNames
+	}
+	return nil
+}
+
+func (x *CertificateValidationContext) GetRequireSignedCertificateTimestamp() *wrappers.BoolValue {
+	if x != nil {
+		return x.RequireSignedCertificateTimestamp
+	}
+	return nil
+}
+
+func (x *CertificateValidationContext) GetCrl() *v3.DataSource {
+	if x != nil {
+		return x.Crl
+	}
+	return nil
+}
+
+func (x *CertificateValidationContext) GetAllowExpiredCertificate() bool {
+	if x != nil {
+		return x.AllowExpiredCertificate
+	}
+	return false
+}
+
+func (x *CertificateValidationContext) GetTrustChainVerification() CertificateValidationContext_TrustChainVerification {
+	if x != nil {
+		return x.TrustChainVerification
+	}
+	return CertificateValidationContext_VERIFY_TRUST_CHAIN
+}
+
+func (x *CertificateValidationContext) GetCustomValidatorConfig() *v3.TypedExtensionConfig {
+	if x != nil {
+		return x.CustomValidatorConfig
+	}
+	return nil
+}
+
+func (x *CertificateValidationContext) GetOnlyVerifyLeafCertCrl() bool {
+	if x != nil {
+		return x.OnlyVerifyLeafCertCrl
+	}
+	return false
+}
+
+var File_envoy_extensions_transport_sockets_tls_v3_common_proto protoreflect.FileDescriptor
+
+var file_envoy_extensions_transport_sockets_tls_v3_common_proto_rawDesc = []byte{
+	0x0a, 0x36, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2f, 0x65, 0x78, 0x74, 0x65, 0x6e, 0x73, 0x69, 0x6f,
+	0x6e, 0x73, 0x2f, 0x74, 0x72, 0x61, 0x6e, 0x73, 0x70, 0x6f, 0x72, 0x74, 0x5f, 0x73, 0x6f, 0x63,
+	0x6b, 0x65, 0x74, 0x73, 0x2f, 0x74, 0x6c, 0x73, 0x2f, 0x76, 0x33, 0x2f, 0x63, 0x6f, 0x6d, 0x6d,
+	0x6f, 0x6e, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x12, 0x29, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e,
+	0x65, 0x78, 0x74, 0x65, 0x6e, 0x73, 0x69, 0x6f, 0x6e, 0x73, 0x2e, 0x74, 0x72, 0x61, 0x6e, 0x73,
+	0x70, 0x6f, 0x72, 0x74, 0x5f, 0x73, 0x6f, 0x63, 0x6b, 0x65, 0x74, 0x73, 0x2e, 0x74, 0x6c, 0x73,
+	0x2e, 0x76, 0x33, 0x1a, 0x1f, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2f, 0x63, 0x6f, 0x6e, 0x66, 0x69,
+	0x67, 0x2f, 0x63, 0x6f, 0x72, 0x65, 0x2f, 0x76, 0x33, 0x2f, 0x62, 0x61, 0x73, 0x65, 0x2e, 0x70,
+	0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x24, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2f, 0x63, 0x6f, 0x6e, 0x66,
+	0x69, 0x67, 0x2f, 0x63, 0x6f, 0x72, 0x65, 0x2f, 0x76, 0x33, 0x2f, 0x65, 0x78, 0x74, 0x65, 0x6e,
+	0x73, 0x69, 0x6f, 0x6e, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x22, 0x65, 0x6e, 0x76, 0x6f,
+	0x79, 0x2f, 0x74, 0x79, 0x70, 0x65, 0x2f, 0x6d, 0x61, 0x74, 0x63, 0x68, 0x65, 0x72, 0x2f, 0x76,
+	0x33, 0x2f, 0x73, 0x74, 0x72, 0x69, 0x6e, 0x67, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x19,
+	0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2f, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2f,
+	0x61, 0x6e, 0x79, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x1e, 0x67, 0x6f, 0x6f, 0x67, 0x6c,
+	0x65, 0x2f, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2f, 0x77, 0x72, 0x61, 0x70, 0x70,
+	0x65, 0x72, 0x73, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x1e, 0x75, 0x64, 0x70, 0x61, 0x2f,
+	0x61, 0x6e, 0x6e, 0x6f, 0x74, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x2f, 0x6d, 0x69, 0x67, 0x72,
+	0x61, 0x74, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x20, 0x75, 0x64, 0x70, 0x61, 0x2f,
+	0x61, 0x6e, 0x6e, 0x6f, 0x74, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x2f, 0x73, 0x65, 0x6e, 0x73,
+	0x69, 0x74, 0x69, 0x76, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x1d, 0x75, 0x64, 0x70,
+	0x61, 0x2f, 0x61, 0x6e, 0x6e, 0x6f, 0x74, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x2f, 0x73, 0x74,
+	0x61, 0x74, 0x75, 0x73, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x21, 0x75, 0x64, 0x70, 0x61,
+	0x2f, 0x61, 0x6e, 0x6e, 0x6f, 0x74, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x2f, 0x76, 0x65, 0x72,
+	0x73, 0x69, 0x6f, 0x6e, 0x69, 0x6e, 0x67, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x17, 0x76,
+	0x61, 0x6c, 0x69, 0x64, 0x61, 0x74, 0x65, 0x2f, 0x76, 0x61, 0x6c, 0x69, 0x64, 0x61, 0x74, 0x65,
+	0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x22, 0xf2, 0x03, 0x0a, 0x0d, 0x54, 0x6c, 0x73, 0x50, 0x61,
+	0x72, 0x61, 0x6d, 0x65, 0x74, 0x65, 0x72, 0x73, 0x12, 0x8f, 0x01, 0x0a, 0x1c, 0x74, 0x6c, 0x73,
+	0x5f, 0x6d, 0x69, 0x6e, 0x69, 0x6d, 0x75, 0x6d, 0x5f, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x63, 0x6f,
+	0x6c, 0x5f, 0x76, 0x65, 0x72, 0x73, 0x69, 0x6f, 0x6e, 0x18, 0x01, 0x20, 0x01, 0x28, 0x0e, 0x32,
+	0x44, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x65, 0x78, 0x74, 0x65, 0x6e, 0x73, 0x69, 0x6f,
+	0x6e, 0x73, 0x2e, 0x74, 0x72, 0x61, 0x6e, 0x73, 0x70, 0x6f, 0x72, 0x74, 0x5f, 0x73, 0x6f, 0x63,
+	0x6b, 0x65, 0x74, 0x73, 0x2e, 0x74, 0x6c, 0x73, 0x2e, 0x76, 0x33, 0x2e, 0x54, 0x6c, 0x73, 0x50,
+	0x61, 0x72, 0x61, 0x6d, 0x65, 0x74, 0x65, 0x72, 0x73, 0x2e, 0x54, 0x6c, 0x73, 0x50, 0x72, 0x6f,
+	0x74, 0x6f, 0x63, 0x6f, 0x6c, 0x42, 0x08, 0xfa, 0x42, 0x05, 0x82, 0x01, 0x02, 0x10, 0x01, 0x52,
+	0x19, 0x74, 0x6c, 0x73, 0x4d, 0x69, 0x6e, 0x69, 0x6d, 0x75, 0x6d, 0x50, 0x72, 0x6f, 0x74, 0x6f,
+	0x63, 0x6f, 0x6c, 0x56, 0x65, 0x72, 0x73, 0x69, 0x6f, 0x6e, 0x12, 0x8f, 0x01, 0x0a, 0x1c, 0x74,
+	0x6c, 0x73, 0x5f, 0x6d, 0x61, 0x78, 0x69, 0x6d, 0x75, 0x6d, 0x5f, 0x70, 0x72, 0x6f, 0x74, 0x6f,
+	0x63, 0x6f, 0x6c, 0x5f, 0x76, 0x65, 0x72, 0x73, 0x69, 0x6f, 0x6e, 0x18, 0x02, 0x20, 0x01, 0x28,
+	0x0e, 0x32, 0x44, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x65, 0x78, 0x74, 0x65, 0x6e, 0x73,
+	0x69, 0x6f, 0x6e, 0x73, 0x2e, 0x74, 0x72, 0x61, 0x6e, 0x73, 0x70, 0x6f, 0x72, 0x74, 0x5f, 0x73,
+	0x6f, 0x63, 0x6b, 0x65, 0x74, 0x73, 0x2e, 0x74, 0x6c, 0x73, 0x2e, 0x76, 0x33, 0x2e, 0x54, 0x6c,
+	0x73, 0x50, 0x61, 0x72, 0x61, 0x6d, 0x65, 0x74, 0x65, 0x72, 0x73, 0x2e, 0x54, 0x6c, 0x73, 0x50,
+	0x72, 0x6f, 0x74, 0x6f, 0x63, 0x6f, 0x6c, 0x42, 0x08, 0xfa, 0x42, 0x05, 0x82, 0x01, 0x02, 0x10,
+	0x01, 0x52, 0x19, 0x74, 0x6c, 0x73, 0x4d, 0x61, 0x78, 0x69, 0x6d, 0x75, 0x6d, 0x50, 0x72, 0x6f,
+	0x74, 0x6f, 0x63, 0x6f, 0x6c, 0x56, 0x65, 0x72, 0x73, 0x69, 0x6f, 0x6e, 0x12, 0x23, 0x0a, 0x0d,
+	0x63, 0x69, 0x70, 0x68, 0x65, 0x72, 0x5f, 0x73, 0x75, 0x69, 0x74, 0x65, 0x73, 0x18, 0x03, 0x20,
+	0x03, 0x28, 0x09, 0x52, 0x0c, 0x63, 0x69, 0x70, 0x68, 0x65, 0x72, 0x53, 0x75, 0x69, 0x74, 0x65,
+	0x73, 0x12, 0x1f, 0x0a, 0x0b, 0x65, 0x63, 0x64, 0x68, 0x5f, 0x63, 0x75, 0x72, 0x76, 0x65, 0x73,
+	0x18, 0x04, 0x20, 0x03, 0x28, 0x09, 0x52, 0x0a, 0x65, 0x63, 0x64, 0x68, 0x43, 0x75, 0x72, 0x76,
+	0x65, 0x73, 0x22, 0x4f, 0x0a, 0x0b, 0x54, 0x6c, 0x73, 0x50, 0x72, 0x6f, 0x74, 0x6f, 0x63, 0x6f,
+	0x6c, 0x12, 0x0c, 0x0a, 0x08, 0x54, 0x4c, 0x53, 0x5f, 0x41, 0x55, 0x54, 0x4f, 0x10, 0x00, 0x12,
+	0x0b, 0x0a, 0x07, 0x54, 0x4c, 0x53, 0x76, 0x31, 0x5f, 0x30, 0x10, 0x01, 0x12, 0x0b, 0x0a, 0x07,
+	0x54, 0x4c, 0x53, 0x76, 0x31, 0x5f, 0x31, 0x10, 0x02, 0x12, 0x0b, 0x0a, 0x07, 0x54, 0x4c, 0x53,
+	0x76, 0x31, 0x5f, 0x32, 0x10, 0x03, 0x12, 0x0b, 0x0a, 0x07, 0x54, 0x4c, 0x53, 0x76, 0x31, 0x5f,
+	0x33, 0x10, 0x04, 0x3a, 0x26, 0x9a, 0xc5, 0x88, 0x1e, 0x21, 0x0a, 0x1f, 0x65, 0x6e, 0x76, 0x6f,
+	0x79, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x76, 0x32, 0x2e, 0x61, 0x75, 0x74, 0x68, 0x2e, 0x54, 0x6c,
+	0x73, 0x50, 0x61, 0x72, 0x61, 0x6d, 0x65, 0x74, 0x65, 0x72, 0x73, 0x22, 0xcf, 0x01, 0x0a, 0x12,
+	0x50, 0x72, 0x69, 0x76, 0x61, 0x74, 0x65, 0x4b, 0x65, 0x79, 0x50, 0x72, 0x6f, 0x76, 0x69, 0x64,
+	0x65, 0x72, 0x12, 0x2c, 0x0a, 0x0d, 0x70, 0x72, 0x6f, 0x76, 0x69, 0x64, 0x65, 0x72, 0x5f, 0x6e,
+	0x61, 0x6d, 0x65, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x42, 0x07, 0xfa, 0x42, 0x04, 0x72, 0x02,
+	0x10, 0x01, 0x52, 0x0c, 0x70, 0x72, 0x6f, 0x76, 0x69, 0x64, 0x65, 0x72, 0x4e, 0x61, 0x6d, 0x65,
+	0x12, 0x41, 0x0a, 0x0c, 0x74, 0x79, 0x70, 0x65, 0x64, 0x5f, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67,
+	0x18, 0x03, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x14, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e,
+	0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x41, 0x6e, 0x79, 0x42, 0x06, 0xb8, 0xb7,
+	0x8b, 0xa4, 0x02, 0x01, 0x48, 0x00, 0x52, 0x0b, 0x74, 0x79, 0x70, 0x65, 0x64, 0x43, 0x6f, 0x6e,
+	0x66, 0x69, 0x67, 0x3a, 0x2b, 0x9a, 0xc5, 0x88, 0x1e, 0x26, 0x0a, 0x24, 0x65, 0x6e, 0x76, 0x6f,
+	0x79, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x76, 0x32, 0x2e, 0x61, 0x75, 0x74, 0x68, 0x2e, 0x50, 0x72,
+	0x69, 0x76, 0x61, 0x74, 0x65, 0x4b, 0x65, 0x79, 0x50, 0x72, 0x6f, 0x76, 0x69, 0x64, 0x65, 0x72,
+	0x42, 0x0d, 0x0a, 0x0b, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x5f, 0x74, 0x79, 0x70, 0x65, 0x4a,
+	0x04, 0x08, 0x02, 0x10, 0x03, 0x52, 0x06, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x22, 0xc8, 0x05,
+	0x0a, 0x0e, 0x54, 0x6c, 0x73, 0x43, 0x65, 0x72, 0x74, 0x69, 0x66, 0x69, 0x63, 0x61, 0x74, 0x65,
+	0x12, 0x4d, 0x0a, 0x11, 0x63, 0x65, 0x72, 0x74, 0x69, 0x66, 0x69, 0x63, 0x61, 0x74, 0x65, 0x5f,
+	0x63, 0x68, 0x61, 0x69, 0x6e, 0x18, 0x01, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x20, 0x2e, 0x65, 0x6e,
+	0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x63, 0x6f, 0x72, 0x65, 0x2e,
+	0x76, 0x33, 0x2e, 0x44, 0x61, 0x74, 0x61, 0x53, 0x6f, 0x75, 0x72, 0x63, 0x65, 0x52, 0x10, 0x63,
+	0x65, 0x72, 0x74, 0x69, 0x66, 0x69, 0x63, 0x61, 0x74, 0x65, 0x43, 0x68, 0x61, 0x69, 0x6e, 0x12,
+	0x49, 0x0a, 0x0b, 0x70, 0x72, 0x69, 0x76, 0x61, 0x74, 0x65, 0x5f, 0x6b, 0x65, 0x79, 0x18, 0x02,
+	0x20, 0x01, 0x28, 0x0b, 0x32, 0x20, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e,
+	0x66, 0x69, 0x67, 0x2e, 0x63, 0x6f, 0x72, 0x65, 0x2e, 0x76, 0x33, 0x2e, 0x44, 0x61, 0x74, 0x61,
+	0x53, 0x6f, 0x75, 0x72, 0x63, 0x65, 0x42, 0x06, 0xb8, 0xb7, 0x8b, 0xa4, 0x02, 0x01, 0x52, 0x0a,
+	0x70, 0x72, 0x69, 0x76, 0x61, 0x74, 0x65, 0x4b, 0x65, 0x79, 0x12, 0x40, 0x0a, 0x06, 0x70, 0x6b,
+	0x63, 0x73, 0x31, 0x32, 0x18, 0x08, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x20, 0x2e, 0x65, 0x6e, 0x76,
+	0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x63, 0x6f, 0x72, 0x65, 0x2e, 0x76,
+	0x33, 0x2e, 0x44, 0x61, 0x74, 0x61, 0x53, 0x6f, 0x75, 0x72, 0x63, 0x65, 0x42, 0x06, 0xb8, 0xb7,
+	0x8b, 0xa4, 0x02, 0x01, 0x52, 0x06, 0x70, 0x6b, 0x63, 0x73, 0x31, 0x32, 0x12, 0x53, 0x0a, 0x11,
+	0x77, 0x61, 0x74, 0x63, 0x68, 0x65, 0x64, 0x5f, 0x64, 0x69, 0x72, 0x65, 0x63, 0x74, 0x6f, 0x72,
+	0x79, 0x18, 0x07, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x26, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e,
+	0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x63, 0x6f, 0x72, 0x65, 0x2e, 0x76, 0x33, 0x2e, 0x57,
+	0x61, 0x74, 0x63, 0x68, 0x65, 0x64, 0x44, 0x69, 0x72, 0x65, 0x63, 0x74, 0x6f, 0x72, 0x79, 0x52,
+	0x10, 0x77, 0x61, 0x74, 0x63, 0x68, 0x65, 0x64, 0x44, 0x69, 0x72, 0x65, 0x63, 0x74, 0x6f, 0x72,
+	0x79, 0x12, 0x6f, 0x0a, 0x14, 0x70, 0x72, 0x69, 0x76, 0x61, 0x74, 0x65, 0x5f, 0x6b, 0x65, 0x79,
+	0x5f, 0x70, 0x72, 0x6f, 0x76, 0x69, 0x64, 0x65, 0x72, 0x18, 0x06, 0x20, 0x01, 0x28, 0x0b, 0x32,
+	0x3d, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x65, 0x78, 0x74, 0x65, 0x6e, 0x73, 0x69, 0x6f,
+	0x6e, 0x73, 0x2e, 0x74, 0x72, 0x61, 0x6e, 0x73, 0x70, 0x6f, 0x72, 0x74, 0x5f, 0x73, 0x6f, 0x63,
+	0x6b, 0x65, 0x74, 0x73, 0x2e, 0x74, 0x6c, 0x73, 0x2e, 0x76, 0x33, 0x2e, 0x50, 0x72, 0x69, 0x76,
+	0x61, 0x74, 0x65, 0x4b, 0x65, 0x79, 0x50, 0x72, 0x6f, 0x76, 0x69, 0x64, 0x65, 0x72, 0x52, 0x12,
+	0x70, 0x72, 0x69, 0x76, 0x61, 0x74, 0x65, 0x4b, 0x65, 0x79, 0x50, 0x72, 0x6f, 0x76, 0x69, 0x64,
+	0x65, 0x72, 0x12, 0x44, 0x0a, 0x08, 0x70, 0x61, 0x73, 0x73, 0x77, 0x6f, 0x72, 0x64, 0x18, 0x03,
+	0x20, 0x01, 0x28, 0x0b, 0x32, 0x20, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e,
+	0x66, 0x69, 0x67, 0x2e, 0x63, 0x6f, 0x72, 0x65, 0x2e, 0x76, 0x33, 0x2e, 0x44, 0x61, 0x74, 0x61,
+	0x53, 0x6f, 0x75, 0x72, 0x63, 0x65, 0x42, 0x06, 0xb8, 0xb7, 0x8b, 0xa4, 0x02, 0x01, 0x52, 0x08,
+	0x70, 0x61, 0x73, 0x73, 0x77, 0x6f, 0x72, 0x64, 0x12, 0x41, 0x0a, 0x0b, 0x6f, 0x63, 0x73, 0x70,
+	0x5f, 0x73, 0x74, 0x61, 0x70, 0x6c, 0x65, 0x18, 0x04, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x20, 0x2e,
+	0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x63, 0x6f, 0x72,
+	0x65, 0x2e, 0x76, 0x33, 0x2e, 0x44, 0x61, 0x74, 0x61, 0x53, 0x6f, 0x75, 0x72, 0x63, 0x65, 0x52,
+	0x0a, 0x6f, 0x63, 0x73, 0x70, 0x53, 0x74, 0x61, 0x70, 0x6c, 0x65, 0x12, 0x62, 0x0a, 0x1c, 0x73,
+	0x69, 0x67, 0x6e, 0x65, 0x64, 0x5f, 0x63, 0x65, 0x72, 0x74, 0x69, 0x66, 0x69, 0x63, 0x61, 0x74,
+	0x65, 0x5f, 0x74, 0x69, 0x6d, 0x65, 0x73, 0x74, 0x61, 0x6d, 0x70, 0x18, 0x05, 0x20, 0x03, 0x28,
+	0x0b, 0x32, 0x20, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67,
+	0x2e, 0x63, 0x6f, 0x72, 0x65, 0x2e, 0x76, 0x33, 0x2e, 0x44, 0x61, 0x74, 0x61, 0x53, 0x6f, 0x75,
+	0x72, 0x63, 0x65, 0x52, 0x1a, 0x73, 0x69, 0x67, 0x6e, 0x65, 0x64, 0x43, 0x65, 0x72, 0x74, 0x69,
+	0x66, 0x69, 0x63, 0x61, 0x74, 0x65, 0x54, 0x69, 0x6d, 0x65, 0x73, 0x74, 0x61, 0x6d, 0x70, 0x3a,
+	0x27, 0x9a, 0xc5, 0x88, 0x1e, 0x22, 0x0a, 0x20, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61, 0x70,
+	0x69, 0x2e, 0x76, 0x32, 0x2e, 0x61, 0x75, 0x74, 0x68, 0x2e, 0x54, 0x6c, 0x73, 0x43, 0x65, 0x72,
+	0x74, 0x69, 0x66, 0x69, 0x63, 0x61, 0x74, 0x65, 0x22, 0x8b, 0x01, 0x0a, 0x14, 0x54, 0x6c, 0x73,
+	0x53, 0x65, 0x73, 0x73, 0x69, 0x6f, 0x6e, 0x54, 0x69, 0x63, 0x6b, 0x65, 0x74, 0x4b, 0x65, 0x79,
+	0x73, 0x12, 0x44, 0x0a, 0x04, 0x6b, 0x65, 0x79, 0x73, 0x18, 0x01, 0x20, 0x03, 0x28, 0x0b, 0x32,
+	0x20, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x63,
+	0x6f, 0x72, 0x65, 0x2e, 0x76, 0x33, 0x2e, 0x44, 0x61, 0x74, 0x61, 0x53, 0x6f, 0x75, 0x72, 0x63,
+	0x65, 0x42, 0x0e, 0xfa, 0x42, 0x05, 0x92, 0x01, 0x02, 0x08, 0x01, 0xb8, 0xb7, 0x8b, 0xa4, 0x02,
+	0x01, 0x52, 0x04, 0x6b, 0x65, 0x79, 0x73, 0x3a, 0x2d, 0x9a, 0xc5, 0x88, 0x1e, 0x28, 0x0a, 0x26,
+	0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x76, 0x32, 0x2e, 0x61, 0x75, 0x74,
+	0x68, 0x2e, 0x54, 0x6c, 0x73, 0x53, 0x65, 0x73, 0x73, 0x69, 0x6f, 0x6e, 0x54, 0x69, 0x63, 0x6b,
+	0x65, 0x74, 0x4b, 0x65, 0x79, 0x73, 0x22, 0x73, 0x0a, 0x21, 0x43, 0x65, 0x72, 0x74, 0x69, 0x66,
+	0x69, 0x63, 0x61, 0x74, 0x65, 0x50, 0x72, 0x6f, 0x76, 0x69, 0x64, 0x65, 0x72, 0x50, 0x6c, 0x75,
+	0x67, 0x69, 0x6e, 0x49, 0x6e, 0x73, 0x74, 0x61, 0x6e, 0x63, 0x65, 0x12, 0x23, 0x0a, 0x0d, 0x69,
+	0x6e, 0x73, 0x74, 0x61, 0x6e, 0x63, 0x65, 0x5f, 0x6e, 0x61, 0x6d, 0x65, 0x18, 0x01, 0x20, 0x01,
+	0x28, 0x09, 0x52, 0x0c, 0x69, 0x6e, 0x73, 0x74, 0x61, 0x6e, 0x63, 0x65, 0x4e, 0x61, 0x6d, 0x65,
+	0x12, 0x29, 0x0a, 0x10, 0x63, 0x65, 0x72, 0x74, 0x69, 0x66, 0x69, 0x63, 0x61, 0x74, 0x65, 0x5f,
+	0x6e, 0x61, 0x6d, 0x65, 0x18, 0x02, 0x20, 0x01, 0x28, 0x09, 0x52, 0x0f, 0x63, 0x65, 0x72, 0x74,
+	0x69, 0x66, 0x69, 0x63, 0x61, 0x74, 0x65, 0x4e, 0x61, 0x6d, 0x65, 0x22, 0xad, 0x0a, 0x0a, 0x1c,
+	0x43, 0x65, 0x72, 0x74, 0x69, 0x66, 0x69, 0x63, 0x61, 0x74, 0x65, 0x56, 0x61, 0x6c, 0x69, 0x64,
+	0x61, 0x74, 0x69, 0x6f, 0x6e, 0x43, 0x6f, 0x6e, 0x74, 0x65, 0x78, 0x74, 0x12, 0x57, 0x0a, 0x0a,
+	0x74, 0x72, 0x75, 0x73, 0x74, 0x65, 0x64, 0x5f, 0x63, 0x61, 0x18, 0x01, 0x20, 0x01, 0x28, 0x0b,
+	0x32, 0x20, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e,
+	0x63, 0x6f, 0x72, 0x65, 0x2e, 0x76, 0x33, 0x2e, 0x44, 0x61, 0x74, 0x61, 0x53, 0x6f, 0x75, 0x72,
+	0x63, 0x65, 0x42, 0x16, 0xf2, 0x98, 0xfe, 0x8f, 0x05, 0x10, 0x12, 0x0e, 0x63, 0x61, 0x5f, 0x63,
+	0x65, 0x72, 0x74, 0x5f, 0x73, 0x6f, 0x75, 0x72, 0x63, 0x65, 0x52, 0x09, 0x74, 0x72, 0x75, 0x73,
+	0x74, 0x65, 0x64, 0x43, 0x61, 0x12, 0xad, 0x01, 0x0a, 0x20, 0x63, 0x61, 0x5f, 0x63, 0x65, 0x72,
+	0x74, 0x69, 0x66, 0x69, 0x63, 0x61, 0x74, 0x65, 0x5f, 0x70, 0x72, 0x6f, 0x76, 0x69, 0x64, 0x65,
+	0x72, 0x5f, 0x69, 0x6e, 0x73, 0x74, 0x61, 0x6e, 0x63, 0x65, 0x18, 0x0d, 0x20, 0x01, 0x28, 0x0b,
+	0x32, 0x4c, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x65, 0x78, 0x74, 0x65, 0x6e, 0x73, 0x69,
+	0x6f, 0x6e, 0x73, 0x2e, 0x74, 0x72, 0x61, 0x6e, 0x73, 0x70, 0x6f, 0x72, 0x74, 0x5f, 0x73, 0x6f,
+	0x63, 0x6b, 0x65, 0x74, 0x73, 0x2e, 0x74, 0x6c, 0x73, 0x2e, 0x76, 0x33, 0x2e, 0x43, 0x65, 0x72,
+	0x74, 0x69, 0x66, 0x69, 0x63, 0x61, 0x74, 0x65, 0x50, 0x72, 0x6f, 0x76, 0x69, 0x64, 0x65, 0x72,
+	0x50, 0x6c, 0x75, 0x67, 0x69, 0x6e, 0x49, 0x6e, 0x73, 0x74, 0x61, 0x6e, 0x63, 0x65, 0x42, 0x16,
+	0xf2, 0x98, 0xfe, 0x8f, 0x05, 0x10, 0x12, 0x0e, 0x63, 0x61, 0x5f, 0x63, 0x65, 0x72, 0x74, 0x5f,
+	0x73, 0x6f, 0x75, 0x72, 0x63, 0x65, 0x52, 0x1d, 0x63, 0x61, 0x43, 0x65, 0x72, 0x74, 0x69, 0x66,
+	0x69, 0x63, 0x61, 0x74, 0x65, 0x50, 0x72, 0x6f, 0x76, 0x69, 0x64, 0x65, 0x72, 0x49, 0x6e, 0x73,
+	0x74, 0x61, 0x6e, 0x63, 0x65, 0x12, 0x53, 0x0a, 0x11, 0x77, 0x61, 0x74, 0x63, 0x68, 0x65, 0x64,
+	0x5f, 0x64, 0x69, 0x72, 0x65, 0x63, 0x74, 0x6f, 0x72, 0x79, 0x18, 0x0b, 0x20, 0x01, 0x28, 0x0b,
+	0x32, 0x26, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e,
+	0x63, 0x6f, 0x72, 0x65, 0x2e, 0x76, 0x33, 0x2e, 0x57, 0x61, 0x74, 0x63, 0x68, 0x65, 0x64, 0x44,
+	0x69, 0x72, 0x65, 0x63, 0x74, 0x6f, 0x72, 0x79, 0x52, 0x10, 0x77, 0x61, 0x74, 0x63, 0x68, 0x65,
+	0x64, 0x44, 0x69, 0x72, 0x65, 0x63, 0x74, 0x6f, 0x72, 0x79, 0x12, 0x46, 0x0a, 0x17, 0x76, 0x65,
+	0x72, 0x69, 0x66, 0x79, 0x5f, 0x63, 0x65, 0x72, 0x74, 0x69, 0x66, 0x69, 0x63, 0x61, 0x74, 0x65,
+	0x5f, 0x73, 0x70, 0x6b, 0x69, 0x18, 0x03, 0x20, 0x03, 0x28, 0x09, 0x42, 0x0e, 0xfa, 0x42, 0x0b,
+	0x92, 0x01, 0x08, 0x22, 0x06, 0x72, 0x04, 0x10, 0x2c, 0x28, 0x2c, 0x52, 0x15, 0x76, 0x65, 0x72,
+	0x69, 0x66, 0x79, 0x43, 0x65, 0x72, 0x74, 0x69, 0x66, 0x69, 0x63, 0x61, 0x74, 0x65, 0x53, 0x70,
+	0x6b, 0x69, 0x12, 0x46, 0x0a, 0x17, 0x76, 0x65, 0x72, 0x69, 0x66, 0x79, 0x5f, 0x63, 0x65, 0x72,
+	0x74, 0x69, 0x66, 0x69, 0x63, 0x61, 0x74, 0x65, 0x5f, 0x68, 0x61, 0x73, 0x68, 0x18, 0x02, 0x20,
+	0x03, 0x28, 0x09, 0x42, 0x0e, 0xfa, 0x42, 0x0b, 0x92, 0x01, 0x08, 0x22, 0x06, 0x72, 0x04, 0x10,
+	0x40, 0x28, 0x5f, 0x52, 0x15, 0x76, 0x65, 0x72, 0x69, 0x66, 0x79, 0x43, 0x65, 0x72, 0x74, 0x69,
+	0x66, 0x69, 0x63, 0x61, 0x74, 0x65, 0x48, 0x61, 0x73, 0x68, 0x12, 0x5b, 0x0a, 0x17, 0x6d, 0x61,
+	0x74, 0x63, 0x68, 0x5f, 0x73, 0x75, 0x62, 0x6a, 0x65, 0x63, 0x74, 0x5f, 0x61, 0x6c, 0x74, 0x5f,
+	0x6e, 0x61, 0x6d, 0x65, 0x73, 0x18, 0x09, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x24, 0x2e, 0x65, 0x6e,
+	0x76, 0x6f, 0x79, 0x2e, 0x74, 0x79, 0x70, 0x65, 0x2e, 0x6d, 0x61, 0x74, 0x63, 0x68, 0x65, 0x72,
+	0x2e, 0x76, 0x33, 0x2e, 0x53, 0x74, 0x72, 0x69, 0x6e, 0x67, 0x4d, 0x61, 0x74, 0x63, 0x68, 0x65,
+	0x72, 0x52, 0x14, 0x6d, 0x61, 0x74, 0x63, 0x68, 0x53, 0x75, 0x62, 0x6a, 0x65, 0x63, 0x74, 0x41,
+	0x6c, 0x74, 0x4e, 0x61, 0x6d, 0x65, 0x73, 0x12, 0x6b, 0x0a, 0x24, 0x72, 0x65, 0x71, 0x75, 0x69,
+	0x72, 0x65, 0x5f, 0x73, 0x69, 0x67, 0x6e, 0x65, 0x64, 0x5f, 0x63, 0x65, 0x72, 0x74, 0x69, 0x66,
+	0x69, 0x63, 0x61, 0x74, 0x65, 0x5f, 0x74, 0x69, 0x6d, 0x65, 0x73, 0x74, 0x61, 0x6d, 0x70, 0x18,
+	0x06, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1a, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70,
+	0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x42, 0x6f, 0x6f, 0x6c, 0x56, 0x61, 0x6c, 0x75,
+	0x65, 0x52, 0x21, 0x72, 0x65, 0x71, 0x75, 0x69, 0x72, 0x65, 0x53, 0x69, 0x67, 0x6e, 0x65, 0x64,
+	0x43, 0x65, 0x72, 0x74, 0x69, 0x66, 0x69, 0x63, 0x61, 0x74, 0x65, 0x54, 0x69, 0x6d, 0x65, 0x73,
+	0x74, 0x61, 0x6d, 0x70, 0x12, 0x32, 0x0a, 0x03, 0x63, 0x72, 0x6c, 0x18, 0x07, 0x20, 0x01, 0x28,
+	0x0b, 0x32, 0x20, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67,
+	0x2e, 0x63, 0x6f, 0x72, 0x65, 0x2e, 0x76, 0x33, 0x2e, 0x44, 0x61, 0x74, 0x61, 0x53, 0x6f, 0x75,
+	0x72, 0x63, 0x65, 0x52, 0x03, 0x63, 0x72, 0x6c, 0x12, 0x3a, 0x0a, 0x19, 0x61, 0x6c, 0x6c, 0x6f,
+	0x77, 0x5f, 0x65, 0x78, 0x70, 0x69, 0x72, 0x65, 0x64, 0x5f, 0x63, 0x65, 0x72, 0x74, 0x69, 0x66,
+	0x69, 0x63, 0x61, 0x74, 0x65, 0x18, 0x08, 0x20, 0x01, 0x28, 0x08, 0x52, 0x17, 0x61, 0x6c, 0x6c,
+	0x6f, 0x77, 0x45, 0x78, 0x70, 0x69, 0x72, 0x65, 0x64, 0x43, 0x65, 0x72, 0x74, 0x69, 0x66, 0x69,
+	0x63, 0x61, 0x74, 0x65, 0x12, 0xa2, 0x01, 0x0a, 0x18, 0x74, 0x72, 0x75, 0x73, 0x74, 0x5f, 0x63,
+	0x68, 0x61, 0x69, 0x6e, 0x5f, 0x76, 0x65, 0x72, 0x69, 0x66, 0x69, 0x63, 0x61, 0x74, 0x69, 0x6f,
+	0x6e, 0x18, 0x0a, 0x20, 0x01, 0x28, 0x0e, 0x32, 0x5e, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e,
+	0x65, 0x78, 0x74, 0x65, 0x6e, 0x73, 0x69, 0x6f, 0x6e, 0x73, 0x2e, 0x74, 0x72, 0x61, 0x6e, 0x73,
+	0x70, 0x6f, 0x72, 0x74, 0x5f, 0x73, 0x6f, 0x63, 0x6b, 0x65, 0x74, 0x73, 0x2e, 0x74, 0x6c, 0x73,
+	0x2e, 0x76, 0x33, 0x2e, 0x43, 0x65, 0x72, 0x74, 0x69, 0x66, 0x69, 0x63, 0x61, 0x74, 0x65, 0x56,
+	0x61, 0x6c, 0x69, 0x64, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x43, 0x6f, 0x6e, 0x74, 0x65, 0x78, 0x74,
+	0x2e, 0x54, 0x72, 0x75, 0x73, 0x74, 0x43, 0x68, 0x61, 0x69, 0x6e, 0x56, 0x65, 0x72, 0x69, 0x66,
+	0x69, 0x63, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x42, 0x08, 0xfa, 0x42, 0x05, 0x82, 0x01, 0x02, 0x10,
+	0x01, 0x52, 0x16, 0x74, 0x72, 0x75, 0x73, 0x74, 0x43, 0x68, 0x61, 0x69, 0x6e, 0x56, 0x65, 0x72,
+	0x69, 0x66, 0x69, 0x63, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x12, 0x62, 0x0a, 0x17, 0x63, 0x75, 0x73,
+	0x74, 0x6f, 0x6d, 0x5f, 0x76, 0x61, 0x6c, 0x69, 0x64, 0x61, 0x74, 0x6f, 0x72, 0x5f, 0x63, 0x6f,
+	0x6e, 0x66, 0x69, 0x67, 0x18, 0x0c, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x2a, 0x2e, 0x65, 0x6e, 0x76,
+	0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x63, 0x6f, 0x72, 0x65, 0x2e, 0x76,
+	0x33, 0x2e, 0x54, 0x79, 0x70, 0x65, 0x64, 0x45, 0x78, 0x74, 0x65, 0x6e, 0x73, 0x69, 0x6f, 0x6e,
+	0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x52, 0x15, 0x63, 0x75, 0x73, 0x74, 0x6f, 0x6d, 0x56, 0x61,
+	0x6c, 0x69, 0x64, 0x61, 0x74, 0x6f, 0x72, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x12, 0x38, 0x0a,
+	0x19, 0x6f, 0x6e, 0x6c, 0x79, 0x5f, 0x76, 0x65, 0x72, 0x69, 0x66, 0x79, 0x5f, 0x6c, 0x65, 0x61,
+	0x66, 0x5f, 0x63, 0x65, 0x72, 0x74, 0x5f, 0x63, 0x72, 0x6c, 0x18, 0x0e, 0x20, 0x01, 0x28, 0x08,
+	0x52, 0x15, 0x6f, 0x6e, 0x6c, 0x79, 0x56, 0x65, 0x72, 0x69, 0x66, 0x79, 0x4c, 0x65, 0x61, 0x66,
+	0x43, 0x65, 0x72, 0x74, 0x43, 0x72, 0x6c, 0x22, 0x46, 0x0a, 0x16, 0x54, 0x72, 0x75, 0x73, 0x74,
+	0x43, 0x68, 0x61, 0x69, 0x6e, 0x56, 0x65, 0x72, 0x69, 0x66, 0x69, 0x63, 0x61, 0x74, 0x69, 0x6f,
+	0x6e, 0x12, 0x16, 0x0a, 0x12, 0x56, 0x45, 0x52, 0x49, 0x46, 0x59, 0x5f, 0x54, 0x52, 0x55, 0x53,
+	0x54, 0x5f, 0x43, 0x48, 0x41, 0x49, 0x4e, 0x10, 0x00, 0x12, 0x14, 0x0a, 0x10, 0x41, 0x43, 0x43,
+	0x45, 0x50, 0x54, 0x5f, 0x55, 0x4e, 0x54, 0x52, 0x55, 0x53, 0x54, 0x45, 0x44, 0x10, 0x01, 0x3a,
+	0x35, 0x9a, 0xc5, 0x88, 0x1e, 0x30, 0x0a, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61, 0x70,
+	0x69, 0x2e, 0x76, 0x32, 0x2e, 0x61, 0x75, 0x74, 0x68, 0x2e, 0x43, 0x65, 0x72, 0x74, 0x69, 0x66,
+	0x69, 0x63, 0x61, 0x74, 0x65, 0x56, 0x61, 0x6c, 0x69, 0x64, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x43,
+	0x6f, 0x6e, 0x74, 0x65, 0x78, 0x74, 0x4a, 0x04, 0x08, 0x04, 0x10, 0x05, 0x4a, 0x04, 0x08, 0x05,
+	0x10, 0x06, 0x52, 0x17, 0x76, 0x65, 0x72, 0x69, 0x66, 0x79, 0x5f, 0x73, 0x75, 0x62, 0x6a, 0x65,
+	0x63, 0x74, 0x5f, 0x61, 0x6c, 0x74, 0x5f, 0x6e, 0x61, 0x6d, 0x65, 0x42, 0x50, 0x0a, 0x37, 0x69,
+	0x6f, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x70, 0x72, 0x6f, 0x78, 0x79, 0x2e, 0x65, 0x6e, 0x76,
+	0x6f, 0x79, 0x2e, 0x65, 0x78, 0x74, 0x65, 0x6e, 0x73, 0x69, 0x6f, 0x6e, 0x73, 0x2e, 0x74, 0x72,
+	0x61, 0x6e, 0x73, 0x70, 0x6f, 0x72, 0x74, 0x5f, 0x73, 0x6f, 0x63, 0x6b, 0x65, 0x74, 0x73, 0x2e,
+	0x74, 0x6c, 0x73, 0x2e, 0x76, 0x33, 0x42, 0x0b, 0x43, 0x6f, 0x6d, 0x6d, 0x6f, 0x6e, 0x50, 0x72,
+	0x6f, 0x74, 0x6f, 0x50, 0x01, 0xba, 0x80, 0xc8, 0xd1, 0x06, 0x02, 0x10, 0x02, 0x62, 0x06, 0x70,
+	0x72, 0x6f, 0x74, 0x6f, 0x33,
+}
+
+var (
+	file_envoy_extensions_transport_sockets_tls_v3_common_proto_rawDescOnce sync.Once
+	file_envoy_extensions_transport_sockets_tls_v3_common_proto_rawDescData = file_envoy_extensions_transport_sockets_tls_v3_common_proto_rawDesc
+)
+
+func file_envoy_extensions_transport_sockets_tls_v3_common_proto_rawDescGZIP() []byte {
+	file_envoy_extensions_transport_sockets_tls_v3_common_proto_rawDescOnce.Do(func() {
+		file_envoy_extensions_transport_sockets_tls_v3_common_proto_rawDescData = protoimpl.X.CompressGZIP(file_envoy_extensions_transport_sockets_tls_v3_common_proto_rawDescData)
+	})
+	return file_envoy_extensions_transport_sockets_tls_v3_common_proto_rawDescData
+}
+
+var file_envoy_extensions_transport_sockets_tls_v3_common_proto_enumTypes = make([]protoimpl.EnumInfo, 2)
+var file_envoy_extensions_transport_sockets_tls_v3_common_proto_msgTypes = make([]protoimpl.MessageInfo, 6)
+var file_envoy_extensions_transport_sockets_tls_v3_common_proto_goTypes = []interface{}{
+	(TlsParameters_TlsProtocol)(0),                           // 0: envoy.extensions.transport_sockets.tls.v3.TlsParameters.TlsProtocol
+	(CertificateValidationContext_TrustChainVerification)(0), // 1: envoy.extensions.transport_sockets.tls.v3.CertificateValidationContext.TrustChainVerification
+	(*TlsParameters)(nil),                                    // 2: envoy.extensions.transport_sockets.tls.v3.TlsParameters
+	(*PrivateKeyProvider)(nil),                               // 3: envoy.extensions.transport_sockets.tls.v3.PrivateKeyProvider
+	(*TlsCertificate)(nil),                                   // 4: envoy.extensions.transport_sockets.tls.v3.TlsCertificate
+	(*TlsSessionTicketKeys)(nil),                             // 5: envoy.extensions.transport_sockets.tls.v3.TlsSessionTicketKeys
+	(*CertificateProviderPluginInstance)(nil),                // 6: envoy.extensions.transport_sockets.tls.v3.CertificateProviderPluginInstance
+	(*CertificateValidationContext)(nil),                     // 7: envoy.extensions.transport_sockets.tls.v3.CertificateValidationContext
+	(*any.Any)(nil),                                          // 8: google.protobuf.Any
+	(*v3.DataSource)(nil),                                    // 9: envoy.config.core.v3.DataSource
+	(*v3.WatchedDirectory)(nil),                              // 10: envoy.config.core.v3.WatchedDirectory
+	(*v31.StringMatcher)(nil),                                // 11: envoy.type.matcher.v3.StringMatcher
+	(*wrappers.BoolValue)(nil),                               // 12: google.protobuf.BoolValue
+	(*v3.TypedExtensionConfig)(nil),                          // 13: envoy.config.core.v3.TypedExtensionConfig
+}
+var file_envoy_extensions_transport_sockets_tls_v3_common_proto_depIdxs = []int32{
+	0,  // 0: envoy.extensions.transport_sockets.tls.v3.TlsParameters.tls_minimum_protocol_version:type_name -> envoy.extensions.transport_sockets.tls.v3.TlsParameters.TlsProtocol
+	0,  // 1: envoy.extensions.transport_sockets.tls.v3.TlsParameters.tls_maximum_protocol_version:type_name -> envoy.extensions.transport_sockets.tls.v3.TlsParameters.TlsProtocol
+	8,  // 2: envoy.extensions.transport_sockets.tls.v3.PrivateKeyProvider.typed_config:type_name -> google.protobuf.Any
+	9,  // 3: envoy.extensions.transport_sockets.tls.v3.TlsCertificate.certificate_chain:type_name -> envoy.config.core.v3.DataSource
+	9,  // 4: envoy.extensions.transport_sockets.tls.v3.TlsCertificate.private_key:type_name -> envoy.config.core.v3.DataSource
+	9,  // 5: envoy.extensions.transport_sockets.tls.v3.TlsCertificate.pkcs12:type_name -> envoy.config.core.v3.DataSource
+	10, // 6: envoy.extensions.transport_sockets.tls.v3.TlsCertificate.watched_directory:type_name -> envoy.config.core.v3.WatchedDirectory
+	3,  // 7: envoy.extensions.transport_sockets.tls.v3.TlsCertificate.private_key_provider:type_name -> envoy.extensions.transport_sockets.tls.v3.PrivateKeyProvider
+	9,  // 8: envoy.extensions.transport_sockets.tls.v3.TlsCertificate.password:type_name -> envoy.config.core.v3.DataSource
+	9,  // 9: envoy.extensions.transport_sockets.tls.v3.TlsCertificate.ocsp_staple:type_name -> envoy.config.core.v3.DataSource
+	9,  // 10: envoy.extensions.transport_sockets.tls.v3.TlsCertificate.signed_certificate_timestamp:type_name -> envoy.config.core.v3.DataSource
+	9,  // 11: envoy.extensions.transport_sockets.tls.v3.TlsSessionTicketKeys.keys:type_name -> envoy.config.core.v3.DataSource
+	9,  // 12: envoy.extensions.transport_sockets.tls.v3.CertificateValidationContext.trusted_ca:type_name -> envoy.config.core.v3.DataSource
+	6,  // 13: envoy.extensions.transport_sockets.tls.v3.CertificateValidationContext.ca_certificate_provider_instance:type_name -> envoy.extensions.transport_sockets.tls.v3.CertificateProviderPluginInstance
+	10, // 14: envoy.extensions.transport_sockets.tls.v3.CertificateValidationContext.watched_directory:type_name -> envoy.config.core.v3.WatchedDirectory
+	11, // 15: envoy.extensions.transport_sockets.tls.v3.CertificateValidationContext.match_subject_alt_names:type_name -> envoy.type.matcher.v3.StringMatcher
+	12, // 16: envoy.extensions.transport_sockets.tls.v3.CertificateValidationContext.require_signed_certificate_timestamp:type_name -> google.protobuf.BoolValue
+	9,  // 17: envoy.extensions.transport_sockets.tls.v3.CertificateValidationContext.crl:type_name -> envoy.config.core.v3.DataSource
+	1,  // 18: envoy.extensions.transport_sockets.tls.v3.CertificateValidationContext.trust_chain_verification:type_name -> envoy.extensions.transport_sockets.tls.v3.CertificateValidationContext.TrustChainVerification
+	13, // 19: envoy.extensions.transport_sockets.tls.v3.CertificateValidationContext.custom_validator_config:type_name -> envoy.config.core.v3.TypedExtensionConfig
+	20, // [20:20] is the sub-list for method output_type
+	20, // [20:20] is the sub-list for method input_type
+	20, // [20:20] is the sub-list for extension type_name
+	20, // [20:20] is the sub-list for extension extendee
+	0,  // [0:20] is the sub-list for field type_name
+}
+
+func init() { file_envoy_extensions_transport_sockets_tls_v3_common_proto_init() }
+func file_envoy_extensions_transport_sockets_tls_v3_common_proto_init() {
+	if File_envoy_extensions_transport_sockets_tls_v3_common_proto != nil {
+		return
+	}
+	if !protoimpl.UnsafeEnabled {
+		file_envoy_extensions_transport_sockets_tls_v3_common_proto_msgTypes[0].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*TlsParameters); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_extensions_transport_sockets_tls_v3_common_proto_msgTypes[1].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*PrivateKeyProvider); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_extensions_transport_sockets_tls_v3_common_proto_msgTypes[2].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*TlsCertificate); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_extensions_transport_sockets_tls_v3_common_proto_msgTypes[3].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*TlsSessionTicketKeys); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_extensions_transport_sockets_tls_v3_common_proto_msgTypes[4].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*CertificateProviderPluginInstance); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_extensions_transport_sockets_tls_v3_common_proto_msgTypes[5].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*CertificateValidationContext); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+	}
+	file_envoy_extensions_transport_sockets_tls_v3_common_proto_msgTypes[1].OneofWrappers = []interface{}{
+		(*PrivateKeyProvider_TypedConfig)(nil),
+	}
+	type x struct{}
+	out := protoimpl.TypeBuilder{
+		File: protoimpl.DescBuilder{
+			GoPackagePath: reflect.TypeOf(x{}).PkgPath(),
+			RawDescriptor: file_envoy_extensions_transport_sockets_tls_v3_common_proto_rawDesc,
+			NumEnums:      2,
+			NumMessages:   6,
+			NumExtensions: 0,
+			NumServices:   0,
+		},
+		GoTypes:           file_envoy_extensions_transport_sockets_tls_v3_common_proto_goTypes,
+		DependencyIndexes: file_envoy_extensions_transport_sockets_tls_v3_common_proto_depIdxs,
+		EnumInfos:         file_envoy_extensions_transport_sockets_tls_v3_common_proto_enumTypes,
+		MessageInfos:      file_envoy_extensions_transport_sockets_tls_v3_common_proto_msgTypes,
+	}.Build()
+	File_envoy_extensions_transport_sockets_tls_v3_common_proto = out.File
+	file_envoy_extensions_transport_sockets_tls_v3_common_proto_rawDesc = nil
+	file_envoy_extensions_transport_sockets_tls_v3_common_proto_goTypes = nil
+	file_envoy_extensions_transport_sockets_tls_v3_common_proto_depIdxs = nil
+}
diff --git a/vendor/github.com/envoyproxy/go-control-plane/envoy/extensions/transport_sockets/tls/v3/common.pb.validate.go b/vendor/github.com/envoyproxy/go-control-plane/envoy/extensions/transport_sockets/tls/v3/common.pb.validate.go
new file mode 100644
index 00000000000..c22edf61aa4
--- /dev/null
+++ b/vendor/github.com/envoyproxy/go-control-plane/envoy/extensions/transport_sockets/tls/v3/common.pb.validate.go
@@ -0,0 +1,1273 @@
+// Code generated by protoc-gen-validate. DO NOT EDIT.
+// source: envoy/extensions/transport_sockets/tls/v3/common.proto
+
+package envoy_extensions_transport_sockets_tls_v3
+
+import (
+	"bytes"
+	"errors"
+	"fmt"
+	"net"
+	"net/mail"
+	"net/url"
+	"regexp"
+	"sort"
+	"strings"
+	"time"
+	"unicode/utf8"
+
+	"google.golang.org/protobuf/types/known/anypb"
+)
+
+// ensure the imports are used
+var (
+	_ = bytes.MinRead
+	_ = errors.New("")
+	_ = fmt.Print
+	_ = utf8.UTFMax
+	_ = (*regexp.Regexp)(nil)
+	_ = (*strings.Reader)(nil)
+	_ = net.IPv4len
+	_ = time.Duration(0)
+	_ = (*url.URL)(nil)
+	_ = (*mail.Address)(nil)
+	_ = anypb.Any{}
+	_ = sort.Sort
+)
+
+// Validate checks the field values on TlsParameters with the rules defined in
+// the proto definition for this message. If any rules are violated, the first
+// error encountered is returned, or nil if there are no violations.
+func (m *TlsParameters) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on TlsParameters with the rules defined
+// in the proto definition for this message. If any rules are violated, the
+// result is a list of violation errors wrapped in TlsParametersMultiError, or
+// nil if none found.
+func (m *TlsParameters) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *TlsParameters) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	if _, ok := TlsParameters_TlsProtocol_name[int32(m.GetTlsMinimumProtocolVersion())]; !ok {
+		err := TlsParametersValidationError{
+			field:  "TlsMinimumProtocolVersion",
+			reason: "value must be one of the defined enum values",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+	}
+
+	if _, ok := TlsParameters_TlsProtocol_name[int32(m.GetTlsMaximumProtocolVersion())]; !ok {
+		err := TlsParametersValidationError{
+			field:  "TlsMaximumProtocolVersion",
+			reason: "value must be one of the defined enum values",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+	}
+
+	if len(errors) > 0 {
+		return TlsParametersMultiError(errors)
+	}
+	return nil
+}
+
+// TlsParametersMultiError is an error wrapping multiple validation errors
+// returned by TlsParameters.ValidateAll() if the designated constraints
+// aren't met.
+type TlsParametersMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m TlsParametersMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m TlsParametersMultiError) AllErrors() []error { return m }
+
+// TlsParametersValidationError is the validation error returned by
+// TlsParameters.Validate if the designated constraints aren't met.
+type TlsParametersValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e TlsParametersValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e TlsParametersValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e TlsParametersValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e TlsParametersValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e TlsParametersValidationError) ErrorName() string { return "TlsParametersValidationError" }
+
+// Error satisfies the builtin error interface
+func (e TlsParametersValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sTlsParameters.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = TlsParametersValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = TlsParametersValidationError{}
+
+// Validate checks the field values on PrivateKeyProvider with the rules
+// defined in the proto definition for this message. If any rules are
+// violated, the first error encountered is returned, or nil if there are no violations.
+func (m *PrivateKeyProvider) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on PrivateKeyProvider with the rules
+// defined in the proto definition for this message. If any rules are
+// violated, the result is a list of violation errors wrapped in
+// PrivateKeyProviderMultiError, or nil if none found.
+func (m *PrivateKeyProvider) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *PrivateKeyProvider) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	if utf8.RuneCountInString(m.GetProviderName()) < 1 {
+		err := PrivateKeyProviderValidationError{
+			field:  "ProviderName",
+			reason: "value length must be at least 1 runes",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+	}
+
+	switch m.ConfigType.(type) {
+
+	case *PrivateKeyProvider_TypedConfig:
+
+		if all {
+			switch v := interface{}(m.GetTypedConfig()).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, PrivateKeyProviderValidationError{
+						field:  "TypedConfig",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, PrivateKeyProviderValidationError{
+						field:  "TypedConfig",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(m.GetTypedConfig()).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return PrivateKeyProviderValidationError{
+					field:  "TypedConfig",
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	}
+
+	if len(errors) > 0 {
+		return PrivateKeyProviderMultiError(errors)
+	}
+	return nil
+}
+
+// PrivateKeyProviderMultiError is an error wrapping multiple validation errors
+// returned by PrivateKeyProvider.ValidateAll() if the designated constraints
+// aren't met.
+type PrivateKeyProviderMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m PrivateKeyProviderMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m PrivateKeyProviderMultiError) AllErrors() []error { return m }
+
+// PrivateKeyProviderValidationError is the validation error returned by
+// PrivateKeyProvider.Validate if the designated constraints aren't met.
+type PrivateKeyProviderValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e PrivateKeyProviderValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e PrivateKeyProviderValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e PrivateKeyProviderValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e PrivateKeyProviderValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e PrivateKeyProviderValidationError) ErrorName() string {
+	return "PrivateKeyProviderValidationError"
+}
+
+// Error satisfies the builtin error interface
+func (e PrivateKeyProviderValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sPrivateKeyProvider.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = PrivateKeyProviderValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = PrivateKeyProviderValidationError{}
+
+// Validate checks the field values on TlsCertificate with the rules defined in
+// the proto definition for this message. If any rules are violated, the first
+// error encountered is returned, or nil if there are no violations.
+func (m *TlsCertificate) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on TlsCertificate with the rules defined
+// in the proto definition for this message. If any rules are violated, the
+// result is a list of violation errors wrapped in TlsCertificateMultiError,
+// or nil if none found.
+func (m *TlsCertificate) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *TlsCertificate) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	if all {
+		switch v := interface{}(m.GetCertificateChain()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, TlsCertificateValidationError{
+					field:  "CertificateChain",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, TlsCertificateValidationError{
+					field:  "CertificateChain",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetCertificateChain()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return TlsCertificateValidationError{
+				field:  "CertificateChain",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if all {
+		switch v := interface{}(m.GetPrivateKey()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, TlsCertificateValidationError{
+					field:  "PrivateKey",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, TlsCertificateValidationError{
+					field:  "PrivateKey",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetPrivateKey()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return TlsCertificateValidationError{
+				field:  "PrivateKey",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if all {
+		switch v := interface{}(m.GetPkcs12()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, TlsCertificateValidationError{
+					field:  "Pkcs12",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, TlsCertificateValidationError{
+					field:  "Pkcs12",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetPkcs12()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return TlsCertificateValidationError{
+				field:  "Pkcs12",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if all {
+		switch v := interface{}(m.GetWatchedDirectory()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, TlsCertificateValidationError{
+					field:  "WatchedDirectory",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, TlsCertificateValidationError{
+					field:  "WatchedDirectory",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetWatchedDirectory()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return TlsCertificateValidationError{
+				field:  "WatchedDirectory",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if all {
+		switch v := interface{}(m.GetPrivateKeyProvider()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, TlsCertificateValidationError{
+					field:  "PrivateKeyProvider",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, TlsCertificateValidationError{
+					field:  "PrivateKeyProvider",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetPrivateKeyProvider()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return TlsCertificateValidationError{
+				field:  "PrivateKeyProvider",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if all {
+		switch v := interface{}(m.GetPassword()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, TlsCertificateValidationError{
+					field:  "Password",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, TlsCertificateValidationError{
+					field:  "Password",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetPassword()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return TlsCertificateValidationError{
+				field:  "Password",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if all {
+		switch v := interface{}(m.GetOcspStaple()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, TlsCertificateValidationError{
+					field:  "OcspStaple",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, TlsCertificateValidationError{
+					field:  "OcspStaple",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetOcspStaple()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return TlsCertificateValidationError{
+				field:  "OcspStaple",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	for idx, item := range m.GetSignedCertificateTimestamp() {
+		_, _ = idx, item
+
+		if all {
+			switch v := interface{}(item).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, TlsCertificateValidationError{
+						field:  fmt.Sprintf("SignedCertificateTimestamp[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, TlsCertificateValidationError{
+						field:  fmt.Sprintf("SignedCertificateTimestamp[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(item).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return TlsCertificateValidationError{
+					field:  fmt.Sprintf("SignedCertificateTimestamp[%v]", idx),
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	}
+
+	if len(errors) > 0 {
+		return TlsCertificateMultiError(errors)
+	}
+	return nil
+}
+
+// TlsCertificateMultiError is an error wrapping multiple validation errors
+// returned by TlsCertificate.ValidateAll() if the designated constraints
+// aren't met.
+type TlsCertificateMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m TlsCertificateMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m TlsCertificateMultiError) AllErrors() []error { return m }
+
+// TlsCertificateValidationError is the validation error returned by
+// TlsCertificate.Validate if the designated constraints aren't met.
+type TlsCertificateValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e TlsCertificateValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e TlsCertificateValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e TlsCertificateValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e TlsCertificateValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e TlsCertificateValidationError) ErrorName() string { return "TlsCertificateValidationError" }
+
+// Error satisfies the builtin error interface
+func (e TlsCertificateValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sTlsCertificate.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = TlsCertificateValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = TlsCertificateValidationError{}
+
+// Validate checks the field values on TlsSessionTicketKeys with the rules
+// defined in the proto definition for this message. If any rules are
+// violated, the first error encountered is returned, or nil if there are no violations.
+func (m *TlsSessionTicketKeys) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on TlsSessionTicketKeys with the rules
+// defined in the proto definition for this message. If any rules are
+// violated, the result is a list of violation errors wrapped in
+// TlsSessionTicketKeysMultiError, or nil if none found.
+func (m *TlsSessionTicketKeys) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *TlsSessionTicketKeys) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	if len(m.GetKeys()) < 1 {
+		err := TlsSessionTicketKeysValidationError{
+			field:  "Keys",
+			reason: "value must contain at least 1 item(s)",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+	}
+
+	for idx, item := range m.GetKeys() {
+		_, _ = idx, item
+
+		if all {
+			switch v := interface{}(item).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, TlsSessionTicketKeysValidationError{
+						field:  fmt.Sprintf("Keys[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, TlsSessionTicketKeysValidationError{
+						field:  fmt.Sprintf("Keys[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(item).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return TlsSessionTicketKeysValidationError{
+					field:  fmt.Sprintf("Keys[%v]", idx),
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	}
+
+	if len(errors) > 0 {
+		return TlsSessionTicketKeysMultiError(errors)
+	}
+	return nil
+}
+
+// TlsSessionTicketKeysMultiError is an error wrapping multiple validation
+// errors returned by TlsSessionTicketKeys.ValidateAll() if the designated
+// constraints aren't met.
+type TlsSessionTicketKeysMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m TlsSessionTicketKeysMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m TlsSessionTicketKeysMultiError) AllErrors() []error { return m }
+
+// TlsSessionTicketKeysValidationError is the validation error returned by
+// TlsSessionTicketKeys.Validate if the designated constraints aren't met.
+type TlsSessionTicketKeysValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e TlsSessionTicketKeysValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e TlsSessionTicketKeysValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e TlsSessionTicketKeysValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e TlsSessionTicketKeysValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e TlsSessionTicketKeysValidationError) ErrorName() string {
+	return "TlsSessionTicketKeysValidationError"
+}
+
+// Error satisfies the builtin error interface
+func (e TlsSessionTicketKeysValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sTlsSessionTicketKeys.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = TlsSessionTicketKeysValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = TlsSessionTicketKeysValidationError{}
+
+// Validate checks the field values on CertificateProviderPluginInstance with
+// the rules defined in the proto definition for this message. If any rules
+// are violated, the first error encountered is returned, or nil if there are
+// no violations.
+func (m *CertificateProviderPluginInstance) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on CertificateProviderPluginInstance
+// with the rules defined in the proto definition for this message. If any
+// rules are violated, the result is a list of violation errors wrapped in
+// CertificateProviderPluginInstanceMultiError, or nil if none found.
+func (m *CertificateProviderPluginInstance) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *CertificateProviderPluginInstance) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	// no validation rules for InstanceName
+
+	// no validation rules for CertificateName
+
+	if len(errors) > 0 {
+		return CertificateProviderPluginInstanceMultiError(errors)
+	}
+	return nil
+}
+
+// CertificateProviderPluginInstanceMultiError is an error wrapping multiple
+// validation errors returned by
+// CertificateProviderPluginInstance.ValidateAll() if the designated
+// constraints aren't met.
+type CertificateProviderPluginInstanceMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m CertificateProviderPluginInstanceMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m CertificateProviderPluginInstanceMultiError) AllErrors() []error { return m }
+
+// CertificateProviderPluginInstanceValidationError is the validation error
+// returned by CertificateProviderPluginInstance.Validate if the designated
+// constraints aren't met.
+type CertificateProviderPluginInstanceValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e CertificateProviderPluginInstanceValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e CertificateProviderPluginInstanceValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e CertificateProviderPluginInstanceValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e CertificateProviderPluginInstanceValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e CertificateProviderPluginInstanceValidationError) ErrorName() string {
+	return "CertificateProviderPluginInstanceValidationError"
+}
+
+// Error satisfies the builtin error interface
+func (e CertificateProviderPluginInstanceValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sCertificateProviderPluginInstance.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = CertificateProviderPluginInstanceValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = CertificateProviderPluginInstanceValidationError{}
+
+// Validate checks the field values on CertificateValidationContext with the
+// rules defined in the proto definition for this message. If any rules are
+// violated, the first error encountered is returned, or nil if there are no violations.
+func (m *CertificateValidationContext) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on CertificateValidationContext with the
+// rules defined in the proto definition for this message. If any rules are
+// violated, the result is a list of violation errors wrapped in
+// CertificateValidationContextMultiError, or nil if none found.
+func (m *CertificateValidationContext) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *CertificateValidationContext) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	if all {
+		switch v := interface{}(m.GetTrustedCa()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, CertificateValidationContextValidationError{
+					field:  "TrustedCa",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, CertificateValidationContextValidationError{
+					field:  "TrustedCa",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetTrustedCa()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return CertificateValidationContextValidationError{
+				field:  "TrustedCa",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if all {
+		switch v := interface{}(m.GetCaCertificateProviderInstance()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, CertificateValidationContextValidationError{
+					field:  "CaCertificateProviderInstance",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, CertificateValidationContextValidationError{
+					field:  "CaCertificateProviderInstance",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetCaCertificateProviderInstance()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return CertificateValidationContextValidationError{
+				field:  "CaCertificateProviderInstance",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if all {
+		switch v := interface{}(m.GetWatchedDirectory()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, CertificateValidationContextValidationError{
+					field:  "WatchedDirectory",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, CertificateValidationContextValidationError{
+					field:  "WatchedDirectory",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetWatchedDirectory()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return CertificateValidationContextValidationError{
+				field:  "WatchedDirectory",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	for idx, item := range m.GetVerifyCertificateSpki() {
+		_, _ = idx, item
+
+		if utf8.RuneCountInString(item) < 44 {
+			err := CertificateValidationContextValidationError{
+				field:  fmt.Sprintf("VerifyCertificateSpki[%v]", idx),
+				reason: "value length must be at least 44 runes",
+			}
+			if !all {
+				return err
+			}
+			errors = append(errors, err)
+		}
+
+		if len(item) > 44 {
+			err := CertificateValidationContextValidationError{
+				field:  fmt.Sprintf("VerifyCertificateSpki[%v]", idx),
+				reason: "value length must be at most 44 bytes",
+			}
+			if !all {
+				return err
+			}
+			errors = append(errors, err)
+		}
+
+	}
+
+	for idx, item := range m.GetVerifyCertificateHash() {
+		_, _ = idx, item
+
+		if utf8.RuneCountInString(item) < 64 {
+			err := CertificateValidationContextValidationError{
+				field:  fmt.Sprintf("VerifyCertificateHash[%v]", idx),
+				reason: "value length must be at least 64 runes",
+			}
+			if !all {
+				return err
+			}
+			errors = append(errors, err)
+		}
+
+		if len(item) > 95 {
+			err := CertificateValidationContextValidationError{
+				field:  fmt.Sprintf("VerifyCertificateHash[%v]", idx),
+				reason: "value length must be at most 95 bytes",
+			}
+			if !all {
+				return err
+			}
+			errors = append(errors, err)
+		}
+
+	}
+
+	for idx, item := range m.GetMatchSubjectAltNames() {
+		_, _ = idx, item
+
+		if all {
+			switch v := interface{}(item).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, CertificateValidationContextValidationError{
+						field:  fmt.Sprintf("MatchSubjectAltNames[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, CertificateValidationContextValidationError{
+						field:  fmt.Sprintf("MatchSubjectAltNames[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(item).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return CertificateValidationContextValidationError{
+					field:  fmt.Sprintf("MatchSubjectAltNames[%v]", idx),
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	}
+
+	if all {
+		switch v := interface{}(m.GetRequireSignedCertificateTimestamp()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, CertificateValidationContextValidationError{
+					field:  "RequireSignedCertificateTimestamp",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, CertificateValidationContextValidationError{
+					field:  "RequireSignedCertificateTimestamp",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetRequireSignedCertificateTimestamp()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return CertificateValidationContextValidationError{
+				field:  "RequireSignedCertificateTimestamp",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if all {
+		switch v := interface{}(m.GetCrl()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, CertificateValidationContextValidationError{
+					field:  "Crl",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, CertificateValidationContextValidationError{
+					field:  "Crl",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetCrl()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return CertificateValidationContextValidationError{
+				field:  "Crl",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	// no validation rules for AllowExpiredCertificate
+
+	if _, ok := CertificateValidationContext_TrustChainVerification_name[int32(m.GetTrustChainVerification())]; !ok {
+		err := CertificateValidationContextValidationError{
+			field:  "TrustChainVerification",
+			reason: "value must be one of the defined enum values",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+	}
+
+	if all {
+		switch v := interface{}(m.GetCustomValidatorConfig()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, CertificateValidationContextValidationError{
+					field:  "CustomValidatorConfig",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, CertificateValidationContextValidationError{
+					field:  "CustomValidatorConfig",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetCustomValidatorConfig()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return CertificateValidationContextValidationError{
+				field:  "CustomValidatorConfig",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	// no validation rules for OnlyVerifyLeafCertCrl
+
+	if len(errors) > 0 {
+		return CertificateValidationContextMultiError(errors)
+	}
+	return nil
+}
+
+// CertificateValidationContextMultiError is an error wrapping multiple
+// validation errors returned by CertificateValidationContext.ValidateAll() if
+// the designated constraints aren't met.
+type CertificateValidationContextMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m CertificateValidationContextMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m CertificateValidationContextMultiError) AllErrors() []error { return m }
+
+// CertificateValidationContextValidationError is the validation error returned
+// by CertificateValidationContext.Validate if the designated constraints
+// aren't met.
+type CertificateValidationContextValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e CertificateValidationContextValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e CertificateValidationContextValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e CertificateValidationContextValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e CertificateValidationContextValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e CertificateValidationContextValidationError) ErrorName() string {
+	return "CertificateValidationContextValidationError"
+}
+
+// Error satisfies the builtin error interface
+func (e CertificateValidationContextValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sCertificateValidationContext.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = CertificateValidationContextValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = CertificateValidationContextValidationError{}
diff --git a/vendor/github.com/envoyproxy/go-control-plane/envoy/extensions/transport_sockets/tls/v3/secret.pb.go b/vendor/github.com/envoyproxy/go-control-plane/envoy/extensions/transport_sockets/tls/v3/secret.pb.go
new file mode 100644
index 00000000000..127e833453c
--- /dev/null
+++ b/vendor/github.com/envoyproxy/go-control-plane/envoy/extensions/transport_sockets/tls/v3/secret.pb.go
@@ -0,0 +1,443 @@
+// Code generated by protoc-gen-go. DO NOT EDIT.
+// versions:
+// 	protoc-gen-go v1.25.0
+// 	protoc        v3.19.1
+// source: envoy/extensions/transport_sockets/tls/v3/secret.proto
+
+package envoy_extensions_transport_sockets_tls_v3
+
+import (
+	_ "github.com/cncf/xds/go/udpa/annotations"
+	v3 "github.com/envoyproxy/go-control-plane/envoy/config/core/v3"
+	_ "github.com/envoyproxy/protoc-gen-validate/validate"
+	proto "github.com/golang/protobuf/proto"
+	protoreflect "google.golang.org/protobuf/reflect/protoreflect"
+	protoimpl "google.golang.org/protobuf/runtime/protoimpl"
+	reflect "reflect"
+	sync "sync"
+)
+
+const (
+	// Verify that this generated code is sufficiently up-to-date.
+	_ = protoimpl.EnforceVersion(20 - protoimpl.MinVersion)
+	// Verify that runtime/protoimpl is sufficiently up-to-date.
+	_ = protoimpl.EnforceVersion(protoimpl.MaxVersion - 20)
+)
+
+// This is a compile-time assertion that a sufficiently up-to-date version
+// of the legacy proto package is being used.
+const _ = proto.ProtoPackageIsVersion4
+
+type GenericSecret struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// Secret of generic type and is available to filters.
+	Secret *v3.DataSource `protobuf:"bytes,1,opt,name=secret,proto3" json:"secret,omitempty"`
+}
+
+func (x *GenericSecret) Reset() {
+	*x = GenericSecret{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_extensions_transport_sockets_tls_v3_secret_proto_msgTypes[0]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *GenericSecret) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*GenericSecret) ProtoMessage() {}
+
+func (x *GenericSecret) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_extensions_transport_sockets_tls_v3_secret_proto_msgTypes[0]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use GenericSecret.ProtoReflect.Descriptor instead.
+func (*GenericSecret) Descriptor() ([]byte, []int) {
+	return file_envoy_extensions_transport_sockets_tls_v3_secret_proto_rawDescGZIP(), []int{0}
+}
+
+func (x *GenericSecret) GetSecret() *v3.DataSource {
+	if x != nil {
+		return x.Secret
+	}
+	return nil
+}
+
+type SdsSecretConfig struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// Name by which the secret can be uniquely referred to. When both name and config are specified,
+	// then secret can be fetched and/or reloaded via SDS. When only name is specified, then secret
+	// will be loaded from static resources.
+	Name      string           `protobuf:"bytes,1,opt,name=name,proto3" json:"name,omitempty"`
+	SdsConfig *v3.ConfigSource `protobuf:"bytes,2,opt,name=sds_config,json=sdsConfig,proto3" json:"sds_config,omitempty"`
+}
+
+func (x *SdsSecretConfig) Reset() {
+	*x = SdsSecretConfig{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_extensions_transport_sockets_tls_v3_secret_proto_msgTypes[1]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *SdsSecretConfig) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*SdsSecretConfig) ProtoMessage() {}
+
+func (x *SdsSecretConfig) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_extensions_transport_sockets_tls_v3_secret_proto_msgTypes[1]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use SdsSecretConfig.ProtoReflect.Descriptor instead.
+func (*SdsSecretConfig) Descriptor() ([]byte, []int) {
+	return file_envoy_extensions_transport_sockets_tls_v3_secret_proto_rawDescGZIP(), []int{1}
+}
+
+func (x *SdsSecretConfig) GetName() string {
+	if x != nil {
+		return x.Name
+	}
+	return ""
+}
+
+func (x *SdsSecretConfig) GetSdsConfig() *v3.ConfigSource {
+	if x != nil {
+		return x.SdsConfig
+	}
+	return nil
+}
+
+// [#next-free-field: 6]
+type Secret struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// Name (FQDN, UUID, SPKI, SHA256, etc.) by which the secret can be uniquely referred to.
+	Name string `protobuf:"bytes,1,opt,name=name,proto3" json:"name,omitempty"`
+	// Types that are assignable to Type:
+	//	*Secret_TlsCertificate
+	//	*Secret_SessionTicketKeys
+	//	*Secret_ValidationContext
+	//	*Secret_GenericSecret
+	Type isSecret_Type `protobuf_oneof:"type"`
+}
+
+func (x *Secret) Reset() {
+	*x = Secret{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_extensions_transport_sockets_tls_v3_secret_proto_msgTypes[2]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *Secret) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*Secret) ProtoMessage() {}
+
+func (x *Secret) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_extensions_transport_sockets_tls_v3_secret_proto_msgTypes[2]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use Secret.ProtoReflect.Descriptor instead.
+func (*Secret) Descriptor() ([]byte, []int) {
+	return file_envoy_extensions_transport_sockets_tls_v3_secret_proto_rawDescGZIP(), []int{2}
+}
+
+func (x *Secret) GetName() string {
+	if x != nil {
+		return x.Name
+	}
+	return ""
+}
+
+func (m *Secret) GetType() isSecret_Type {
+	if m != nil {
+		return m.Type
+	}
+	return nil
+}
+
+func (x *Secret) GetTlsCertificate() *TlsCertificate {
+	if x, ok := x.GetType().(*Secret_TlsCertificate); ok {
+		return x.TlsCertificate
+	}
+	return nil
+}
+
+func (x *Secret) GetSessionTicketKeys() *TlsSessionTicketKeys {
+	if x, ok := x.GetType().(*Secret_SessionTicketKeys); ok {
+		return x.SessionTicketKeys
+	}
+	return nil
+}
+
+func (x *Secret) GetValidationContext() *CertificateValidationContext {
+	if x, ok := x.GetType().(*Secret_ValidationContext); ok {
+		return x.ValidationContext
+	}
+	return nil
+}
+
+func (x *Secret) GetGenericSecret() *GenericSecret {
+	if x, ok := x.GetType().(*Secret_GenericSecret); ok {
+		return x.GenericSecret
+	}
+	return nil
+}
+
+type isSecret_Type interface {
+	isSecret_Type()
+}
+
+type Secret_TlsCertificate struct {
+	TlsCertificate *TlsCertificate `protobuf:"bytes,2,opt,name=tls_certificate,json=tlsCertificate,proto3,oneof"`
+}
+
+type Secret_SessionTicketKeys struct {
+	SessionTicketKeys *TlsSessionTicketKeys `protobuf:"bytes,3,opt,name=session_ticket_keys,json=sessionTicketKeys,proto3,oneof"`
+}
+
+type Secret_ValidationContext struct {
+	ValidationContext *CertificateValidationContext `protobuf:"bytes,4,opt,name=validation_context,json=validationContext,proto3,oneof"`
+}
+
+type Secret_GenericSecret struct {
+	GenericSecret *GenericSecret `protobuf:"bytes,5,opt,name=generic_secret,json=genericSecret,proto3,oneof"`
+}
+
+func (*Secret_TlsCertificate) isSecret_Type() {}
+
+func (*Secret_SessionTicketKeys) isSecret_Type() {}
+
+func (*Secret_ValidationContext) isSecret_Type() {}
+
+func (*Secret_GenericSecret) isSecret_Type() {}
+
+var File_envoy_extensions_transport_sockets_tls_v3_secret_proto protoreflect.FileDescriptor
+
+var file_envoy_extensions_transport_sockets_tls_v3_secret_proto_rawDesc = []byte{
+	0x0a, 0x36, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2f, 0x65, 0x78, 0x74, 0x65, 0x6e, 0x73, 0x69, 0x6f,
+	0x6e, 0x73, 0x2f, 0x74, 0x72, 0x61, 0x6e, 0x73, 0x70, 0x6f, 0x72, 0x74, 0x5f, 0x73, 0x6f, 0x63,
+	0x6b, 0x65, 0x74, 0x73, 0x2f, 0x74, 0x6c, 0x73, 0x2f, 0x76, 0x33, 0x2f, 0x73, 0x65, 0x63, 0x72,
+	0x65, 0x74, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x12, 0x29, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e,
+	0x65, 0x78, 0x74, 0x65, 0x6e, 0x73, 0x69, 0x6f, 0x6e, 0x73, 0x2e, 0x74, 0x72, 0x61, 0x6e, 0x73,
+	0x70, 0x6f, 0x72, 0x74, 0x5f, 0x73, 0x6f, 0x63, 0x6b, 0x65, 0x74, 0x73, 0x2e, 0x74, 0x6c, 0x73,
+	0x2e, 0x76, 0x33, 0x1a, 0x1f, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2f, 0x63, 0x6f, 0x6e, 0x66, 0x69,
+	0x67, 0x2f, 0x63, 0x6f, 0x72, 0x65, 0x2f, 0x76, 0x33, 0x2f, 0x62, 0x61, 0x73, 0x65, 0x2e, 0x70,
+	0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x28, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2f, 0x63, 0x6f, 0x6e, 0x66,
+	0x69, 0x67, 0x2f, 0x63, 0x6f, 0x72, 0x65, 0x2f, 0x76, 0x33, 0x2f, 0x63, 0x6f, 0x6e, 0x66, 0x69,
+	0x67, 0x5f, 0x73, 0x6f, 0x75, 0x72, 0x63, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x36,
+	0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2f, 0x65, 0x78, 0x74, 0x65, 0x6e, 0x73, 0x69, 0x6f, 0x6e, 0x73,
+	0x2f, 0x74, 0x72, 0x61, 0x6e, 0x73, 0x70, 0x6f, 0x72, 0x74, 0x5f, 0x73, 0x6f, 0x63, 0x6b, 0x65,
+	0x74, 0x73, 0x2f, 0x74, 0x6c, 0x73, 0x2f, 0x76, 0x33, 0x2f, 0x63, 0x6f, 0x6d, 0x6d, 0x6f, 0x6e,
+	0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x20, 0x75, 0x64, 0x70, 0x61, 0x2f, 0x61, 0x6e, 0x6e,
+	0x6f, 0x74, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x2f, 0x73, 0x65, 0x6e, 0x73, 0x69, 0x74, 0x69,
+	0x76, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x1d, 0x75, 0x64, 0x70, 0x61, 0x2f, 0x61,
+	0x6e, 0x6e, 0x6f, 0x74, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x2f, 0x73, 0x74, 0x61, 0x74, 0x75,
+	0x73, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x21, 0x75, 0x64, 0x70, 0x61, 0x2f, 0x61, 0x6e,
+	0x6e, 0x6f, 0x74, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x2f, 0x76, 0x65, 0x72, 0x73, 0x69, 0x6f,
+	0x6e, 0x69, 0x6e, 0x67, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x17, 0x76, 0x61, 0x6c, 0x69,
+	0x64, 0x61, 0x74, 0x65, 0x2f, 0x76, 0x61, 0x6c, 0x69, 0x64, 0x61, 0x74, 0x65, 0x2e, 0x70, 0x72,
+	0x6f, 0x74, 0x6f, 0x22, 0x79, 0x0a, 0x0d, 0x47, 0x65, 0x6e, 0x65, 0x72, 0x69, 0x63, 0x53, 0x65,
+	0x63, 0x72, 0x65, 0x74, 0x12, 0x40, 0x0a, 0x06, 0x73, 0x65, 0x63, 0x72, 0x65, 0x74, 0x18, 0x01,
+	0x20, 0x01, 0x28, 0x0b, 0x32, 0x20, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e,
+	0x66, 0x69, 0x67, 0x2e, 0x63, 0x6f, 0x72, 0x65, 0x2e, 0x76, 0x33, 0x2e, 0x44, 0x61, 0x74, 0x61,
+	0x53, 0x6f, 0x75, 0x72, 0x63, 0x65, 0x42, 0x06, 0xb8, 0xb7, 0x8b, 0xa4, 0x02, 0x01, 0x52, 0x06,
+	0x73, 0x65, 0x63, 0x72, 0x65, 0x74, 0x3a, 0x26, 0x9a, 0xc5, 0x88, 0x1e, 0x21, 0x0a, 0x1f, 0x65,
+	0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x76, 0x32, 0x2e, 0x61, 0x75, 0x74, 0x68,
+	0x2e, 0x47, 0x65, 0x6e, 0x65, 0x72, 0x69, 0x63, 0x53, 0x65, 0x63, 0x72, 0x65, 0x74, 0x22, 0x9b,
+	0x01, 0x0a, 0x0f, 0x53, 0x64, 0x73, 0x53, 0x65, 0x63, 0x72, 0x65, 0x74, 0x43, 0x6f, 0x6e, 0x66,
+	0x69, 0x67, 0x12, 0x1b, 0x0a, 0x04, 0x6e, 0x61, 0x6d, 0x65, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09,
+	0x42, 0x07, 0xfa, 0x42, 0x04, 0x72, 0x02, 0x10, 0x01, 0x52, 0x04, 0x6e, 0x61, 0x6d, 0x65, 0x12,
+	0x41, 0x0a, 0x0a, 0x73, 0x64, 0x73, 0x5f, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x18, 0x02, 0x20,
+	0x01, 0x28, 0x0b, 0x32, 0x22, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66,
+	0x69, 0x67, 0x2e, 0x63, 0x6f, 0x72, 0x65, 0x2e, 0x76, 0x33, 0x2e, 0x43, 0x6f, 0x6e, 0x66, 0x69,
+	0x67, 0x53, 0x6f, 0x75, 0x72, 0x63, 0x65, 0x52, 0x09, 0x73, 0x64, 0x73, 0x43, 0x6f, 0x6e, 0x66,
+	0x69, 0x67, 0x3a, 0x28, 0x9a, 0xc5, 0x88, 0x1e, 0x23, 0x0a, 0x21, 0x65, 0x6e, 0x76, 0x6f, 0x79,
+	0x2e, 0x61, 0x70, 0x69, 0x2e, 0x76, 0x32, 0x2e, 0x61, 0x75, 0x74, 0x68, 0x2e, 0x53, 0x64, 0x73,
+	0x53, 0x65, 0x63, 0x72, 0x65, 0x74, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x22, 0xfb, 0x03, 0x0a,
+	0x06, 0x53, 0x65, 0x63, 0x72, 0x65, 0x74, 0x12, 0x12, 0x0a, 0x04, 0x6e, 0x61, 0x6d, 0x65, 0x18,
+	0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x04, 0x6e, 0x61, 0x6d, 0x65, 0x12, 0x64, 0x0a, 0x0f, 0x74,
+	0x6c, 0x73, 0x5f, 0x63, 0x65, 0x72, 0x74, 0x69, 0x66, 0x69, 0x63, 0x61, 0x74, 0x65, 0x18, 0x02,
+	0x20, 0x01, 0x28, 0x0b, 0x32, 0x39, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x65, 0x78, 0x74,
+	0x65, 0x6e, 0x73, 0x69, 0x6f, 0x6e, 0x73, 0x2e, 0x74, 0x72, 0x61, 0x6e, 0x73, 0x70, 0x6f, 0x72,
+	0x74, 0x5f, 0x73, 0x6f, 0x63, 0x6b, 0x65, 0x74, 0x73, 0x2e, 0x74, 0x6c, 0x73, 0x2e, 0x76, 0x33,
+	0x2e, 0x54, 0x6c, 0x73, 0x43, 0x65, 0x72, 0x74, 0x69, 0x66, 0x69, 0x63, 0x61, 0x74, 0x65, 0x48,
+	0x00, 0x52, 0x0e, 0x74, 0x6c, 0x73, 0x43, 0x65, 0x72, 0x74, 0x69, 0x66, 0x69, 0x63, 0x61, 0x74,
+	0x65, 0x12, 0x71, 0x0a, 0x13, 0x73, 0x65, 0x73, 0x73, 0x69, 0x6f, 0x6e, 0x5f, 0x74, 0x69, 0x63,
+	0x6b, 0x65, 0x74, 0x5f, 0x6b, 0x65, 0x79, 0x73, 0x18, 0x03, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x3f,
+	0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x65, 0x78, 0x74, 0x65, 0x6e, 0x73, 0x69, 0x6f, 0x6e,
+	0x73, 0x2e, 0x74, 0x72, 0x61, 0x6e, 0x73, 0x70, 0x6f, 0x72, 0x74, 0x5f, 0x73, 0x6f, 0x63, 0x6b,
+	0x65, 0x74, 0x73, 0x2e, 0x74, 0x6c, 0x73, 0x2e, 0x76, 0x33, 0x2e, 0x54, 0x6c, 0x73, 0x53, 0x65,
+	0x73, 0x73, 0x69, 0x6f, 0x6e, 0x54, 0x69, 0x63, 0x6b, 0x65, 0x74, 0x4b, 0x65, 0x79, 0x73, 0x48,
+	0x00, 0x52, 0x11, 0x73, 0x65, 0x73, 0x73, 0x69, 0x6f, 0x6e, 0x54, 0x69, 0x63, 0x6b, 0x65, 0x74,
+	0x4b, 0x65, 0x79, 0x73, 0x12, 0x78, 0x0a, 0x12, 0x76, 0x61, 0x6c, 0x69, 0x64, 0x61, 0x74, 0x69,
+	0x6f, 0x6e, 0x5f, 0x63, 0x6f, 0x6e, 0x74, 0x65, 0x78, 0x74, 0x18, 0x04, 0x20, 0x01, 0x28, 0x0b,
+	0x32, 0x47, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x65, 0x78, 0x74, 0x65, 0x6e, 0x73, 0x69,
+	0x6f, 0x6e, 0x73, 0x2e, 0x74, 0x72, 0x61, 0x6e, 0x73, 0x70, 0x6f, 0x72, 0x74, 0x5f, 0x73, 0x6f,
+	0x63, 0x6b, 0x65, 0x74, 0x73, 0x2e, 0x74, 0x6c, 0x73, 0x2e, 0x76, 0x33, 0x2e, 0x43, 0x65, 0x72,
+	0x74, 0x69, 0x66, 0x69, 0x63, 0x61, 0x74, 0x65, 0x56, 0x61, 0x6c, 0x69, 0x64, 0x61, 0x74, 0x69,
+	0x6f, 0x6e, 0x43, 0x6f, 0x6e, 0x74, 0x65, 0x78, 0x74, 0x48, 0x00, 0x52, 0x11, 0x76, 0x61, 0x6c,
+	0x69, 0x64, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x43, 0x6f, 0x6e, 0x74, 0x65, 0x78, 0x74, 0x12, 0x61,
+	0x0a, 0x0e, 0x67, 0x65, 0x6e, 0x65, 0x72, 0x69, 0x63, 0x5f, 0x73, 0x65, 0x63, 0x72, 0x65, 0x74,
+	0x18, 0x05, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x38, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x65,
+	0x78, 0x74, 0x65, 0x6e, 0x73, 0x69, 0x6f, 0x6e, 0x73, 0x2e, 0x74, 0x72, 0x61, 0x6e, 0x73, 0x70,
+	0x6f, 0x72, 0x74, 0x5f, 0x73, 0x6f, 0x63, 0x6b, 0x65, 0x74, 0x73, 0x2e, 0x74, 0x6c, 0x73, 0x2e,
+	0x76, 0x33, 0x2e, 0x47, 0x65, 0x6e, 0x65, 0x72, 0x69, 0x63, 0x53, 0x65, 0x63, 0x72, 0x65, 0x74,
+	0x48, 0x00, 0x52, 0x0d, 0x67, 0x65, 0x6e, 0x65, 0x72, 0x69, 0x63, 0x53, 0x65, 0x63, 0x72, 0x65,
+	0x74, 0x3a, 0x1f, 0x9a, 0xc5, 0x88, 0x1e, 0x1a, 0x0a, 0x18, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e,
+	0x61, 0x70, 0x69, 0x2e, 0x76, 0x32, 0x2e, 0x61, 0x75, 0x74, 0x68, 0x2e, 0x53, 0x65, 0x63, 0x72,
+	0x65, 0x74, 0x42, 0x06, 0x0a, 0x04, 0x74, 0x79, 0x70, 0x65, 0x42, 0x50, 0x0a, 0x37, 0x69, 0x6f,
+	0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x70, 0x72, 0x6f, 0x78, 0x79, 0x2e, 0x65, 0x6e, 0x76, 0x6f,
+	0x79, 0x2e, 0x65, 0x78, 0x74, 0x65, 0x6e, 0x73, 0x69, 0x6f, 0x6e, 0x73, 0x2e, 0x74, 0x72, 0x61,
+	0x6e, 0x73, 0x70, 0x6f, 0x72, 0x74, 0x5f, 0x73, 0x6f, 0x63, 0x6b, 0x65, 0x74, 0x73, 0x2e, 0x74,
+	0x6c, 0x73, 0x2e, 0x76, 0x33, 0x42, 0x0b, 0x53, 0x65, 0x63, 0x72, 0x65, 0x74, 0x50, 0x72, 0x6f,
+	0x74, 0x6f, 0x50, 0x01, 0xba, 0x80, 0xc8, 0xd1, 0x06, 0x02, 0x10, 0x02, 0x62, 0x06, 0x70, 0x72,
+	0x6f, 0x74, 0x6f, 0x33,
+}
+
+var (
+	file_envoy_extensions_transport_sockets_tls_v3_secret_proto_rawDescOnce sync.Once
+	file_envoy_extensions_transport_sockets_tls_v3_secret_proto_rawDescData = file_envoy_extensions_transport_sockets_tls_v3_secret_proto_rawDesc
+)
+
+func file_envoy_extensions_transport_sockets_tls_v3_secret_proto_rawDescGZIP() []byte {
+	file_envoy_extensions_transport_sockets_tls_v3_secret_proto_rawDescOnce.Do(func() {
+		file_envoy_extensions_transport_sockets_tls_v3_secret_proto_rawDescData = protoimpl.X.CompressGZIP(file_envoy_extensions_transport_sockets_tls_v3_secret_proto_rawDescData)
+	})
+	return file_envoy_extensions_transport_sockets_tls_v3_secret_proto_rawDescData
+}
+
+var file_envoy_extensions_transport_sockets_tls_v3_secret_proto_msgTypes = make([]protoimpl.MessageInfo, 3)
+var file_envoy_extensions_transport_sockets_tls_v3_secret_proto_goTypes = []interface{}{
+	(*GenericSecret)(nil),                // 0: envoy.extensions.transport_sockets.tls.v3.GenericSecret
+	(*SdsSecretConfig)(nil),              // 1: envoy.extensions.transport_sockets.tls.v3.SdsSecretConfig
+	(*Secret)(nil),                       // 2: envoy.extensions.transport_sockets.tls.v3.Secret
+	(*v3.DataSource)(nil),                // 3: envoy.config.core.v3.DataSource
+	(*v3.ConfigSource)(nil),              // 4: envoy.config.core.v3.ConfigSource
+	(*TlsCertificate)(nil),               // 5: envoy.extensions.transport_sockets.tls.v3.TlsCertificate
+	(*TlsSessionTicketKeys)(nil),         // 6: envoy.extensions.transport_sockets.tls.v3.TlsSessionTicketKeys
+	(*CertificateValidationContext)(nil), // 7: envoy.extensions.transport_sockets.tls.v3.CertificateValidationContext
+}
+var file_envoy_extensions_transport_sockets_tls_v3_secret_proto_depIdxs = []int32{
+	3, // 0: envoy.extensions.transport_sockets.tls.v3.GenericSecret.secret:type_name -> envoy.config.core.v3.DataSource
+	4, // 1: envoy.extensions.transport_sockets.tls.v3.SdsSecretConfig.sds_config:type_name -> envoy.config.core.v3.ConfigSource
+	5, // 2: envoy.extensions.transport_sockets.tls.v3.Secret.tls_certificate:type_name -> envoy.extensions.transport_sockets.tls.v3.TlsCertificate
+	6, // 3: envoy.extensions.transport_sockets.tls.v3.Secret.session_ticket_keys:type_name -> envoy.extensions.transport_sockets.tls.v3.TlsSessionTicketKeys
+	7, // 4: envoy.extensions.transport_sockets.tls.v3.Secret.validation_context:type_name -> envoy.extensions.transport_sockets.tls.v3.CertificateValidationContext
+	0, // 5: envoy.extensions.transport_sockets.tls.v3.Secret.generic_secret:type_name -> envoy.extensions.transport_sockets.tls.v3.GenericSecret
+	6, // [6:6] is the sub-list for method output_type
+	6, // [6:6] is the sub-list for method input_type
+	6, // [6:6] is the sub-list for extension type_name
+	6, // [6:6] is the sub-list for extension extendee
+	0, // [0:6] is the sub-list for field type_name
+}
+
+func init() { file_envoy_extensions_transport_sockets_tls_v3_secret_proto_init() }
+func file_envoy_extensions_transport_sockets_tls_v3_secret_proto_init() {
+	if File_envoy_extensions_transport_sockets_tls_v3_secret_proto != nil {
+		return
+	}
+	file_envoy_extensions_transport_sockets_tls_v3_common_proto_init()
+	if !protoimpl.UnsafeEnabled {
+		file_envoy_extensions_transport_sockets_tls_v3_secret_proto_msgTypes[0].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*GenericSecret); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_extensions_transport_sockets_tls_v3_secret_proto_msgTypes[1].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*SdsSecretConfig); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_extensions_transport_sockets_tls_v3_secret_proto_msgTypes[2].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*Secret); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+	}
+	file_envoy_extensions_transport_sockets_tls_v3_secret_proto_msgTypes[2].OneofWrappers = []interface{}{
+		(*Secret_TlsCertificate)(nil),
+		(*Secret_SessionTicketKeys)(nil),
+		(*Secret_ValidationContext)(nil),
+		(*Secret_GenericSecret)(nil),
+	}
+	type x struct{}
+	out := protoimpl.TypeBuilder{
+		File: protoimpl.DescBuilder{
+			GoPackagePath: reflect.TypeOf(x{}).PkgPath(),
+			RawDescriptor: file_envoy_extensions_transport_sockets_tls_v3_secret_proto_rawDesc,
+			NumEnums:      0,
+			NumMessages:   3,
+			NumExtensions: 0,
+			NumServices:   0,
+		},
+		GoTypes:           file_envoy_extensions_transport_sockets_tls_v3_secret_proto_goTypes,
+		DependencyIndexes: file_envoy_extensions_transport_sockets_tls_v3_secret_proto_depIdxs,
+		MessageInfos:      file_envoy_extensions_transport_sockets_tls_v3_secret_proto_msgTypes,
+	}.Build()
+	File_envoy_extensions_transport_sockets_tls_v3_secret_proto = out.File
+	file_envoy_extensions_transport_sockets_tls_v3_secret_proto_rawDesc = nil
+	file_envoy_extensions_transport_sockets_tls_v3_secret_proto_goTypes = nil
+	file_envoy_extensions_transport_sockets_tls_v3_secret_proto_depIdxs = nil
+}
diff --git a/vendor/github.com/envoyproxy/go-control-plane/envoy/extensions/transport_sockets/tls/v3/secret.pb.validate.go b/vendor/github.com/envoyproxy/go-control-plane/envoy/extensions/transport_sockets/tls/v3/secret.pb.validate.go
new file mode 100644
index 00000000000..3ca4d4ead1b
--- /dev/null
+++ b/vendor/github.com/envoyproxy/go-control-plane/envoy/extensions/transport_sockets/tls/v3/secret.pb.validate.go
@@ -0,0 +1,530 @@
+// Code generated by protoc-gen-validate. DO NOT EDIT.
+// source: envoy/extensions/transport_sockets/tls/v3/secret.proto
+
+package envoy_extensions_transport_sockets_tls_v3
+
+import (
+	"bytes"
+	"errors"
+	"fmt"
+	"net"
+	"net/mail"
+	"net/url"
+	"regexp"
+	"sort"
+	"strings"
+	"time"
+	"unicode/utf8"
+
+	"google.golang.org/protobuf/types/known/anypb"
+)
+
+// ensure the imports are used
+var (
+	_ = bytes.MinRead
+	_ = errors.New("")
+	_ = fmt.Print
+	_ = utf8.UTFMax
+	_ = (*regexp.Regexp)(nil)
+	_ = (*strings.Reader)(nil)
+	_ = net.IPv4len
+	_ = time.Duration(0)
+	_ = (*url.URL)(nil)
+	_ = (*mail.Address)(nil)
+	_ = anypb.Any{}
+	_ = sort.Sort
+)
+
+// Validate checks the field values on GenericSecret with the rules defined in
+// the proto definition for this message. If any rules are violated, the first
+// error encountered is returned, or nil if there are no violations.
+func (m *GenericSecret) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on GenericSecret with the rules defined
+// in the proto definition for this message. If any rules are violated, the
+// result is a list of violation errors wrapped in GenericSecretMultiError, or
+// nil if none found.
+func (m *GenericSecret) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *GenericSecret) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	if all {
+		switch v := interface{}(m.GetSecret()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, GenericSecretValidationError{
+					field:  "Secret",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, GenericSecretValidationError{
+					field:  "Secret",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetSecret()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return GenericSecretValidationError{
+				field:  "Secret",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if len(errors) > 0 {
+		return GenericSecretMultiError(errors)
+	}
+	return nil
+}
+
+// GenericSecretMultiError is an error wrapping multiple validation errors
+// returned by GenericSecret.ValidateAll() if the designated constraints
+// aren't met.
+type GenericSecretMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m GenericSecretMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m GenericSecretMultiError) AllErrors() []error { return m }
+
+// GenericSecretValidationError is the validation error returned by
+// GenericSecret.Validate if the designated constraints aren't met.
+type GenericSecretValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e GenericSecretValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e GenericSecretValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e GenericSecretValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e GenericSecretValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e GenericSecretValidationError) ErrorName() string { return "GenericSecretValidationError" }
+
+// Error satisfies the builtin error interface
+func (e GenericSecretValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sGenericSecret.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = GenericSecretValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = GenericSecretValidationError{}
+
+// Validate checks the field values on SdsSecretConfig with the rules defined
+// in the proto definition for this message. If any rules are violated, the
+// first error encountered is returned, or nil if there are no violations.
+func (m *SdsSecretConfig) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on SdsSecretConfig with the rules
+// defined in the proto definition for this message. If any rules are
+// violated, the result is a list of violation errors wrapped in
+// SdsSecretConfigMultiError, or nil if none found.
+func (m *SdsSecretConfig) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *SdsSecretConfig) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	if utf8.RuneCountInString(m.GetName()) < 1 {
+		err := SdsSecretConfigValidationError{
+			field:  "Name",
+			reason: "value length must be at least 1 runes",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+	}
+
+	if all {
+		switch v := interface{}(m.GetSdsConfig()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, SdsSecretConfigValidationError{
+					field:  "SdsConfig",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, SdsSecretConfigValidationError{
+					field:  "SdsConfig",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetSdsConfig()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return SdsSecretConfigValidationError{
+				field:  "SdsConfig",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if len(errors) > 0 {
+		return SdsSecretConfigMultiError(errors)
+	}
+	return nil
+}
+
+// SdsSecretConfigMultiError is an error wrapping multiple validation errors
+// returned by SdsSecretConfig.ValidateAll() if the designated constraints
+// aren't met.
+type SdsSecretConfigMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m SdsSecretConfigMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m SdsSecretConfigMultiError) AllErrors() []error { return m }
+
+// SdsSecretConfigValidationError is the validation error returned by
+// SdsSecretConfig.Validate if the designated constraints aren't met.
+type SdsSecretConfigValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e SdsSecretConfigValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e SdsSecretConfigValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e SdsSecretConfigValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e SdsSecretConfigValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e SdsSecretConfigValidationError) ErrorName() string { return "SdsSecretConfigValidationError" }
+
+// Error satisfies the builtin error interface
+func (e SdsSecretConfigValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sSdsSecretConfig.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = SdsSecretConfigValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = SdsSecretConfigValidationError{}
+
+// Validate checks the field values on Secret with the rules defined in the
+// proto definition for this message. If any rules are violated, the first
+// error encountered is returned, or nil if there are no violations.
+func (m *Secret) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on Secret with the rules defined in the
+// proto definition for this message. If any rules are violated, the result is
+// a list of violation errors wrapped in SecretMultiError, or nil if none found.
+func (m *Secret) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *Secret) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	// no validation rules for Name
+
+	switch m.Type.(type) {
+
+	case *Secret_TlsCertificate:
+
+		if all {
+			switch v := interface{}(m.GetTlsCertificate()).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, SecretValidationError{
+						field:  "TlsCertificate",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, SecretValidationError{
+						field:  "TlsCertificate",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(m.GetTlsCertificate()).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return SecretValidationError{
+					field:  "TlsCertificate",
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	case *Secret_SessionTicketKeys:
+
+		if all {
+			switch v := interface{}(m.GetSessionTicketKeys()).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, SecretValidationError{
+						field:  "SessionTicketKeys",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, SecretValidationError{
+						field:  "SessionTicketKeys",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(m.GetSessionTicketKeys()).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return SecretValidationError{
+					field:  "SessionTicketKeys",
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	case *Secret_ValidationContext:
+
+		if all {
+			switch v := interface{}(m.GetValidationContext()).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, SecretValidationError{
+						field:  "ValidationContext",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, SecretValidationError{
+						field:  "ValidationContext",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(m.GetValidationContext()).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return SecretValidationError{
+					field:  "ValidationContext",
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	case *Secret_GenericSecret:
+
+		if all {
+			switch v := interface{}(m.GetGenericSecret()).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, SecretValidationError{
+						field:  "GenericSecret",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, SecretValidationError{
+						field:  "GenericSecret",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(m.GetGenericSecret()).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return SecretValidationError{
+					field:  "GenericSecret",
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	}
+
+	if len(errors) > 0 {
+		return SecretMultiError(errors)
+	}
+	return nil
+}
+
+// SecretMultiError is an error wrapping multiple validation errors returned by
+// Secret.ValidateAll() if the designated constraints aren't met.
+type SecretMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m SecretMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m SecretMultiError) AllErrors() []error { return m }
+
+// SecretValidationError is the validation error returned by Secret.Validate if
+// the designated constraints aren't met.
+type SecretValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e SecretValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e SecretValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e SecretValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e SecretValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e SecretValidationError) ErrorName() string { return "SecretValidationError" }
+
+// Error satisfies the builtin error interface
+func (e SecretValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sSecret.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = SecretValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = SecretValidationError{}
diff --git a/vendor/github.com/envoyproxy/go-control-plane/envoy/extensions/transport_sockets/tls/v3/tls.pb.go b/vendor/github.com/envoyproxy/go-control-plane/envoy/extensions/transport_sockets/tls/v3/tls.pb.go
new file mode 100644
index 00000000000..c565d8de32b
--- /dev/null
+++ b/vendor/github.com/envoyproxy/go-control-plane/envoy/extensions/transport_sockets/tls/v3/tls.pb.go
@@ -0,0 +1,1347 @@
+// Code generated by protoc-gen-go. DO NOT EDIT.
+// versions:
+// 	protoc-gen-go v1.25.0
+// 	protoc        v3.19.1
+// source: envoy/extensions/transport_sockets/tls/v3/tls.proto
+
+package envoy_extensions_transport_sockets_tls_v3
+
+import (
+	_ "github.com/cncf/xds/go/udpa/annotations"
+	_ "github.com/envoyproxy/go-control-plane/envoy/annotations"
+	v3 "github.com/envoyproxy/go-control-plane/envoy/config/core/v3"
+	_ "github.com/envoyproxy/protoc-gen-validate/validate"
+	proto "github.com/golang/protobuf/proto"
+	duration "github.com/golang/protobuf/ptypes/duration"
+	wrappers "github.com/golang/protobuf/ptypes/wrappers"
+	protoreflect "google.golang.org/protobuf/reflect/protoreflect"
+	protoimpl "google.golang.org/protobuf/runtime/protoimpl"
+	reflect "reflect"
+	sync "sync"
+)
+
+const (
+	// Verify that this generated code is sufficiently up-to-date.
+	_ = protoimpl.EnforceVersion(20 - protoimpl.MinVersion)
+	// Verify that runtime/protoimpl is sufficiently up-to-date.
+	_ = protoimpl.EnforceVersion(protoimpl.MaxVersion - 20)
+)
+
+// This is a compile-time assertion that a sufficiently up-to-date version
+// of the legacy proto package is being used.
+const _ = proto.ProtoPackageIsVersion4
+
+type DownstreamTlsContext_OcspStaplePolicy int32
+
+const (
+	// OCSP responses are optional. If an OCSP response is absent
+	// or expired, the associated certificate will be used for
+	// connections without an OCSP staple.
+	DownstreamTlsContext_LENIENT_STAPLING DownstreamTlsContext_OcspStaplePolicy = 0
+	// OCSP responses are optional. If an OCSP response is absent,
+	// the associated certificate will be used without an
+	// OCSP staple. If a response is provided but is expired,
+	// the associated certificate will not be used for
+	// subsequent connections. If no suitable certificate is found,
+	// the connection is rejected.
+	DownstreamTlsContext_STRICT_STAPLING DownstreamTlsContext_OcspStaplePolicy = 1
+	// OCSP responses are required. Configuration will fail if
+	// a certificate is provided without an OCSP response. If a
+	// response expires, the associated certificate will not be
+	// used connections. If no suitable certificate is found, the
+	// connection is rejected.
+	DownstreamTlsContext_MUST_STAPLE DownstreamTlsContext_OcspStaplePolicy = 2
+)
+
+// Enum value maps for DownstreamTlsContext_OcspStaplePolicy.
+var (
+	DownstreamTlsContext_OcspStaplePolicy_name = map[int32]string{
+		0: "LENIENT_STAPLING",
+		1: "STRICT_STAPLING",
+		2: "MUST_STAPLE",
+	}
+	DownstreamTlsContext_OcspStaplePolicy_value = map[string]int32{
+		"LENIENT_STAPLING": 0,
+		"STRICT_STAPLING":  1,
+		"MUST_STAPLE":      2,
+	}
+)
+
+func (x DownstreamTlsContext_OcspStaplePolicy) Enum() *DownstreamTlsContext_OcspStaplePolicy {
+	p := new(DownstreamTlsContext_OcspStaplePolicy)
+	*p = x
+	return p
+}
+
+func (x DownstreamTlsContext_OcspStaplePolicy) String() string {
+	return protoimpl.X.EnumStringOf(x.Descriptor(), protoreflect.EnumNumber(x))
+}
+
+func (DownstreamTlsContext_OcspStaplePolicy) Descriptor() protoreflect.EnumDescriptor {
+	return file_envoy_extensions_transport_sockets_tls_v3_tls_proto_enumTypes[0].Descriptor()
+}
+
+func (DownstreamTlsContext_OcspStaplePolicy) Type() protoreflect.EnumType {
+	return &file_envoy_extensions_transport_sockets_tls_v3_tls_proto_enumTypes[0]
+}
+
+func (x DownstreamTlsContext_OcspStaplePolicy) Number() protoreflect.EnumNumber {
+	return protoreflect.EnumNumber(x)
+}
+
+// Deprecated: Use DownstreamTlsContext_OcspStaplePolicy.Descriptor instead.
+func (DownstreamTlsContext_OcspStaplePolicy) EnumDescriptor() ([]byte, []int) {
+	return file_envoy_extensions_transport_sockets_tls_v3_tls_proto_rawDescGZIP(), []int{1, 0}
+}
+
+type UpstreamTlsContext struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// Common TLS context settings.
+	//
+	// .. attention::
+	//
+	//   Server certificate verification is not enabled by default. Configure
+	//   :ref:`trusted_ca<envoy_v3_api_field_extensions.transport_sockets.tls.v3.CertificateValidationContext.trusted_ca>` to enable
+	//   verification.
+	CommonTlsContext *CommonTlsContext `protobuf:"bytes,1,opt,name=common_tls_context,json=commonTlsContext,proto3" json:"common_tls_context,omitempty"`
+	// SNI string to use when creating TLS backend connections.
+	Sni string `protobuf:"bytes,2,opt,name=sni,proto3" json:"sni,omitempty"`
+	// If true, server-initiated TLS renegotiation will be allowed.
+	//
+	// .. attention::
+	//
+	//   TLS renegotiation is considered insecure and shouldn't be used unless absolutely necessary.
+	AllowRenegotiation bool `protobuf:"varint,3,opt,name=allow_renegotiation,json=allowRenegotiation,proto3" json:"allow_renegotiation,omitempty"`
+	// Maximum number of session keys (Pre-Shared Keys for TLSv1.3+, Session IDs and Session Tickets
+	// for TLSv1.2 and older) to store for the purpose of session resumption.
+	//
+	// Defaults to 1, setting this to 0 disables session resumption.
+	MaxSessionKeys *wrappers.UInt32Value `protobuf:"bytes,4,opt,name=max_session_keys,json=maxSessionKeys,proto3" json:"max_session_keys,omitempty"`
+}
+
+func (x *UpstreamTlsContext) Reset() {
+	*x = UpstreamTlsContext{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_extensions_transport_sockets_tls_v3_tls_proto_msgTypes[0]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *UpstreamTlsContext) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*UpstreamTlsContext) ProtoMessage() {}
+
+func (x *UpstreamTlsContext) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_extensions_transport_sockets_tls_v3_tls_proto_msgTypes[0]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use UpstreamTlsContext.ProtoReflect.Descriptor instead.
+func (*UpstreamTlsContext) Descriptor() ([]byte, []int) {
+	return file_envoy_extensions_transport_sockets_tls_v3_tls_proto_rawDescGZIP(), []int{0}
+}
+
+func (x *UpstreamTlsContext) GetCommonTlsContext() *CommonTlsContext {
+	if x != nil {
+		return x.CommonTlsContext
+	}
+	return nil
+}
+
+func (x *UpstreamTlsContext) GetSni() string {
+	if x != nil {
+		return x.Sni
+	}
+	return ""
+}
+
+func (x *UpstreamTlsContext) GetAllowRenegotiation() bool {
+	if x != nil {
+		return x.AllowRenegotiation
+	}
+	return false
+}
+
+func (x *UpstreamTlsContext) GetMaxSessionKeys() *wrappers.UInt32Value {
+	if x != nil {
+		return x.MaxSessionKeys
+	}
+	return nil
+}
+
+// [#next-free-field: 9]
+type DownstreamTlsContext struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// Common TLS context settings.
+	CommonTlsContext *CommonTlsContext `protobuf:"bytes,1,opt,name=common_tls_context,json=commonTlsContext,proto3" json:"common_tls_context,omitempty"`
+	// If specified, Envoy will reject connections without a valid client
+	// certificate.
+	RequireClientCertificate *wrappers.BoolValue `protobuf:"bytes,2,opt,name=require_client_certificate,json=requireClientCertificate,proto3" json:"require_client_certificate,omitempty"`
+	// If specified, Envoy will reject connections without a valid and matching SNI.
+	// [#not-implemented-hide:]
+	RequireSni *wrappers.BoolValue `protobuf:"bytes,3,opt,name=require_sni,json=requireSni,proto3" json:"require_sni,omitempty"`
+	// Types that are assignable to SessionTicketKeysType:
+	//	*DownstreamTlsContext_SessionTicketKeys
+	//	*DownstreamTlsContext_SessionTicketKeysSdsSecretConfig
+	//	*DownstreamTlsContext_DisableStatelessSessionResumption
+	SessionTicketKeysType isDownstreamTlsContext_SessionTicketKeysType `protobuf_oneof:"session_ticket_keys_type"`
+	// If specified, ``session_timeout`` will change the maximum lifetime (in seconds) of the TLS session.
+	// Currently this value is used as a hint for the `TLS session ticket lifetime (for TLSv1.2) <https://tools.ietf.org/html/rfc5077#section-5.6>`_.
+	// Only seconds can be specified (fractional seconds are ignored).
+	SessionTimeout *duration.Duration `protobuf:"bytes,6,opt,name=session_timeout,json=sessionTimeout,proto3" json:"session_timeout,omitempty"`
+	// Config for whether to use certificates if they do not have
+	// an accompanying OCSP response or if the response expires at runtime.
+	// Defaults to LENIENT_STAPLING
+	OcspStaplePolicy DownstreamTlsContext_OcspStaplePolicy `protobuf:"varint,8,opt,name=ocsp_staple_policy,json=ocspStaplePolicy,proto3,enum=envoy.extensions.transport_sockets.tls.v3.DownstreamTlsContext_OcspStaplePolicy" json:"ocsp_staple_policy,omitempty"`
+}
+
+func (x *DownstreamTlsContext) Reset() {
+	*x = DownstreamTlsContext{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_extensions_transport_sockets_tls_v3_tls_proto_msgTypes[1]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *DownstreamTlsContext) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*DownstreamTlsContext) ProtoMessage() {}
+
+func (x *DownstreamTlsContext) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_extensions_transport_sockets_tls_v3_tls_proto_msgTypes[1]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use DownstreamTlsContext.ProtoReflect.Descriptor instead.
+func (*DownstreamTlsContext) Descriptor() ([]byte, []int) {
+	return file_envoy_extensions_transport_sockets_tls_v3_tls_proto_rawDescGZIP(), []int{1}
+}
+
+func (x *DownstreamTlsContext) GetCommonTlsContext() *CommonTlsContext {
+	if x != nil {
+		return x.CommonTlsContext
+	}
+	return nil
+}
+
+func (x *DownstreamTlsContext) GetRequireClientCertificate() *wrappers.BoolValue {
+	if x != nil {
+		return x.RequireClientCertificate
+	}
+	return nil
+}
+
+func (x *DownstreamTlsContext) GetRequireSni() *wrappers.BoolValue {
+	if x != nil {
+		return x.RequireSni
+	}
+	return nil
+}
+
+func (m *DownstreamTlsContext) GetSessionTicketKeysType() isDownstreamTlsContext_SessionTicketKeysType {
+	if m != nil {
+		return m.SessionTicketKeysType
+	}
+	return nil
+}
+
+func (x *DownstreamTlsContext) GetSessionTicketKeys() *TlsSessionTicketKeys {
+	if x, ok := x.GetSessionTicketKeysType().(*DownstreamTlsContext_SessionTicketKeys); ok {
+		return x.SessionTicketKeys
+	}
+	return nil
+}
+
+func (x *DownstreamTlsContext) GetSessionTicketKeysSdsSecretConfig() *SdsSecretConfig {
+	if x, ok := x.GetSessionTicketKeysType().(*DownstreamTlsContext_SessionTicketKeysSdsSecretConfig); ok {
+		return x.SessionTicketKeysSdsSecretConfig
+	}
+	return nil
+}
+
+func (x *DownstreamTlsContext) GetDisableStatelessSessionResumption() bool {
+	if x, ok := x.GetSessionTicketKeysType().(*DownstreamTlsContext_DisableStatelessSessionResumption); ok {
+		return x.DisableStatelessSessionResumption
+	}
+	return false
+}
+
+func (x *DownstreamTlsContext) GetSessionTimeout() *duration.Duration {
+	if x != nil {
+		return x.SessionTimeout
+	}
+	return nil
+}
+
+func (x *DownstreamTlsContext) GetOcspStaplePolicy() DownstreamTlsContext_OcspStaplePolicy {
+	if x != nil {
+		return x.OcspStaplePolicy
+	}
+	return DownstreamTlsContext_LENIENT_STAPLING
+}
+
+type isDownstreamTlsContext_SessionTicketKeysType interface {
+	isDownstreamTlsContext_SessionTicketKeysType()
+}
+
+type DownstreamTlsContext_SessionTicketKeys struct {
+	// TLS session ticket key settings.
+	SessionTicketKeys *TlsSessionTicketKeys `protobuf:"bytes,4,opt,name=session_ticket_keys,json=sessionTicketKeys,proto3,oneof"`
+}
+
+type DownstreamTlsContext_SessionTicketKeysSdsSecretConfig struct {
+	// Config for fetching TLS session ticket keys via SDS API.
+	SessionTicketKeysSdsSecretConfig *SdsSecretConfig `protobuf:"bytes,5,opt,name=session_ticket_keys_sds_secret_config,json=sessionTicketKeysSdsSecretConfig,proto3,oneof"`
+}
+
+type DownstreamTlsContext_DisableStatelessSessionResumption struct {
+	// Config for controlling stateless TLS session resumption: setting this to true will cause the TLS
+	// server to not issue TLS session tickets for the purposes of stateless TLS session resumption.
+	// If set to false, the TLS server will issue TLS session tickets and encrypt/decrypt them using
+	// the keys specified through either :ref:`session_ticket_keys <envoy_v3_api_field_extensions.transport_sockets.tls.v3.DownstreamTlsContext.session_ticket_keys>`
+	// or :ref:`session_ticket_keys_sds_secret_config <envoy_v3_api_field_extensions.transport_sockets.tls.v3.DownstreamTlsContext.session_ticket_keys_sds_secret_config>`.
+	// If this config is set to false and no keys are explicitly configured, the TLS server will issue
+	// TLS session tickets and encrypt/decrypt them using an internally-generated and managed key, with the
+	// implication that sessions cannot be resumed across hot restarts or on different hosts.
+	DisableStatelessSessionResumption bool `protobuf:"varint,7,opt,name=disable_stateless_session_resumption,json=disableStatelessSessionResumption,proto3,oneof"`
+}
+
+func (*DownstreamTlsContext_SessionTicketKeys) isDownstreamTlsContext_SessionTicketKeysType() {}
+
+func (*DownstreamTlsContext_SessionTicketKeysSdsSecretConfig) isDownstreamTlsContext_SessionTicketKeysType() {
+}
+
+func (*DownstreamTlsContext_DisableStatelessSessionResumption) isDownstreamTlsContext_SessionTicketKeysType() {
+}
+
+// TLS context shared by both client and server TLS contexts.
+// [#next-free-field: 15]
+type CommonTlsContext struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// TLS protocol versions, cipher suites etc.
+	TlsParams *TlsParameters `protobuf:"bytes,1,opt,name=tls_params,json=tlsParams,proto3" json:"tls_params,omitempty"`
+	// :ref:`Multiple TLS certificates <arch_overview_ssl_cert_select>` can be associated with the
+	// same context to allow both RSA and ECDSA certificates.
+	//
+	// Only a single TLS certificate is supported in client contexts. In server contexts, the first
+	// RSA certificate is used for clients that only support RSA and the first ECDSA certificate is
+	// used for clients that support ECDSA.
+	//
+	// Only one of *tls_certificates*, *tls_certificate_sds_secret_configs*,
+	// and *tls_certificate_provider_instance* may be used.
+	// [#next-major-version: These mutually exclusive fields should ideally be in a oneof, but it's
+	// not legal to put a repeated field in a oneof. In the next major version, we should rework
+	// this to avoid this problem.]
+	TlsCertificates []*TlsCertificate `protobuf:"bytes,2,rep,name=tls_certificates,json=tlsCertificates,proto3" json:"tls_certificates,omitempty"`
+	// Configs for fetching TLS certificates via SDS API. Note SDS API allows certificates to be
+	// fetched/refreshed over the network asynchronously with respect to the TLS handshake.
+	//
+	// The same number and types of certificates as :ref:`tls_certificates <envoy_v3_api_field_extensions.transport_sockets.tls.v3.CommonTlsContext.tls_certificates>`
+	// are valid in the the certificates fetched through this setting.
+	//
+	// Only one of *tls_certificates*, *tls_certificate_sds_secret_configs*,
+	// and *tls_certificate_provider_instance* may be used.
+	// [#next-major-version: These mutually exclusive fields should ideally be in a oneof, but it's
+	// not legal to put a repeated field in a oneof. In the next major version, we should rework
+	// this to avoid this problem.]
+	TlsCertificateSdsSecretConfigs []*SdsSecretConfig `protobuf:"bytes,6,rep,name=tls_certificate_sds_secret_configs,json=tlsCertificateSdsSecretConfigs,proto3" json:"tls_certificate_sds_secret_configs,omitempty"`
+	// Certificate provider instance for fetching TLS certs.
+	//
+	// Only one of *tls_certificates*, *tls_certificate_sds_secret_configs*,
+	// and *tls_certificate_provider_instance* may be used.
+	// [#not-implemented-hide:]
+	TlsCertificateProviderInstance *CertificateProviderPluginInstance `protobuf:"bytes,14,opt,name=tls_certificate_provider_instance,json=tlsCertificateProviderInstance,proto3" json:"tls_certificate_provider_instance,omitempty"`
+	// Certificate provider for fetching TLS certificates.
+	// [#not-implemented-hide:]
+	//
+	// Deprecated: Do not use.
+	TlsCertificateCertificateProvider *CommonTlsContext_CertificateProvider `protobuf:"bytes,9,opt,name=tls_certificate_certificate_provider,json=tlsCertificateCertificateProvider,proto3" json:"tls_certificate_certificate_provider,omitempty"`
+	// Certificate provider instance for fetching TLS certificates.
+	// [#not-implemented-hide:]
+	//
+	// Deprecated: Do not use.
+	TlsCertificateCertificateProviderInstance *CommonTlsContext_CertificateProviderInstance `protobuf:"bytes,11,opt,name=tls_certificate_certificate_provider_instance,json=tlsCertificateCertificateProviderInstance,proto3" json:"tls_certificate_certificate_provider_instance,omitempty"`
+	// Types that are assignable to ValidationContextType:
+	//	*CommonTlsContext_ValidationContext
+	//	*CommonTlsContext_ValidationContextSdsSecretConfig
+	//	*CommonTlsContext_CombinedValidationContext
+	//	*CommonTlsContext_ValidationContextCertificateProvider
+	//	*CommonTlsContext_ValidationContextCertificateProviderInstance
+	ValidationContextType isCommonTlsContext_ValidationContextType `protobuf_oneof:"validation_context_type"`
+	// Supplies the list of ALPN protocols that the listener should expose. In
+	// practice this is likely to be set to one of two values (see the
+	// :ref:`codec_type
+	// <envoy_v3_api_field_extensions.filters.network.http_connection_manager.v3.HttpConnectionManager.codec_type>`
+	// parameter in the HTTP connection manager for more information):
+	//
+	// * "h2,http/1.1" If the listener is going to support both HTTP/2 and HTTP/1.1.
+	// * "http/1.1" If the listener is only going to support HTTP/1.1.
+	//
+	// There is no default for this parameter. If empty, Envoy will not expose ALPN.
+	AlpnProtocols []string `protobuf:"bytes,4,rep,name=alpn_protocols,json=alpnProtocols,proto3" json:"alpn_protocols,omitempty"`
+	// Custom TLS handshaker. If empty, defaults to native TLS handshaking
+	// behavior.
+	CustomHandshaker *v3.TypedExtensionConfig `protobuf:"bytes,13,opt,name=custom_handshaker,json=customHandshaker,proto3" json:"custom_handshaker,omitempty"`
+}
+
+func (x *CommonTlsContext) Reset() {
+	*x = CommonTlsContext{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_extensions_transport_sockets_tls_v3_tls_proto_msgTypes[2]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *CommonTlsContext) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*CommonTlsContext) ProtoMessage() {}
+
+func (x *CommonTlsContext) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_extensions_transport_sockets_tls_v3_tls_proto_msgTypes[2]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use CommonTlsContext.ProtoReflect.Descriptor instead.
+func (*CommonTlsContext) Descriptor() ([]byte, []int) {
+	return file_envoy_extensions_transport_sockets_tls_v3_tls_proto_rawDescGZIP(), []int{2}
+}
+
+func (x *CommonTlsContext) GetTlsParams() *TlsParameters {
+	if x != nil {
+		return x.TlsParams
+	}
+	return nil
+}
+
+func (x *CommonTlsContext) GetTlsCertificates() []*TlsCertificate {
+	if x != nil {
+		return x.TlsCertificates
+	}
+	return nil
+}
+
+func (x *CommonTlsContext) GetTlsCertificateSdsSecretConfigs() []*SdsSecretConfig {
+	if x != nil {
+		return x.TlsCertificateSdsSecretConfigs
+	}
+	return nil
+}
+
+func (x *CommonTlsContext) GetTlsCertificateProviderInstance() *CertificateProviderPluginInstance {
+	if x != nil {
+		return x.TlsCertificateProviderInstance
+	}
+	return nil
+}
+
+// Deprecated: Do not use.
+func (x *CommonTlsContext) GetTlsCertificateCertificateProvider() *CommonTlsContext_CertificateProvider {
+	if x != nil {
+		return x.TlsCertificateCertificateProvider
+	}
+	return nil
+}
+
+// Deprecated: Do not use.
+func (x *CommonTlsContext) GetTlsCertificateCertificateProviderInstance() *CommonTlsContext_CertificateProviderInstance {
+	if x != nil {
+		return x.TlsCertificateCertificateProviderInstance
+	}
+	return nil
+}
+
+func (m *CommonTlsContext) GetValidationContextType() isCommonTlsContext_ValidationContextType {
+	if m != nil {
+		return m.ValidationContextType
+	}
+	return nil
+}
+
+func (x *CommonTlsContext) GetValidationContext() *CertificateValidationContext {
+	if x, ok := x.GetValidationContextType().(*CommonTlsContext_ValidationContext); ok {
+		return x.ValidationContext
+	}
+	return nil
+}
+
+func (x *CommonTlsContext) GetValidationContextSdsSecretConfig() *SdsSecretConfig {
+	if x, ok := x.GetValidationContextType().(*CommonTlsContext_ValidationContextSdsSecretConfig); ok {
+		return x.ValidationContextSdsSecretConfig
+	}
+	return nil
+}
+
+func (x *CommonTlsContext) GetCombinedValidationContext() *CommonTlsContext_CombinedCertificateValidationContext {
+	if x, ok := x.GetValidationContextType().(*CommonTlsContext_CombinedValidationContext); ok {
+		return x.CombinedValidationContext
+	}
+	return nil
+}
+
+// Deprecated: Do not use.
+func (x *CommonTlsContext) GetValidationContextCertificateProvider() *CommonTlsContext_CertificateProvider {
+	if x, ok := x.GetValidationContextType().(*CommonTlsContext_ValidationContextCertificateProvider); ok {
+		return x.ValidationContextCertificateProvider
+	}
+	return nil
+}
+
+// Deprecated: Do not use.
+func (x *CommonTlsContext) GetValidationContextCertificateProviderInstance() *CommonTlsContext_CertificateProviderInstance {
+	if x, ok := x.GetValidationContextType().(*CommonTlsContext_ValidationContextCertificateProviderInstance); ok {
+		return x.ValidationContextCertificateProviderInstance
+	}
+	return nil
+}
+
+func (x *CommonTlsContext) GetAlpnProtocols() []string {
+	if x != nil {
+		return x.AlpnProtocols
+	}
+	return nil
+}
+
+func (x *CommonTlsContext) GetCustomHandshaker() *v3.TypedExtensionConfig {
+	if x != nil {
+		return x.CustomHandshaker
+	}
+	return nil
+}
+
+type isCommonTlsContext_ValidationContextType interface {
+	isCommonTlsContext_ValidationContextType()
+}
+
+type CommonTlsContext_ValidationContext struct {
+	// How to validate peer certificates.
+	ValidationContext *CertificateValidationContext `protobuf:"bytes,3,opt,name=validation_context,json=validationContext,proto3,oneof"`
+}
+
+type CommonTlsContext_ValidationContextSdsSecretConfig struct {
+	// Config for fetching validation context via SDS API. Note SDS API allows certificates to be
+	// fetched/refreshed over the network asynchronously with respect to the TLS handshake.
+	ValidationContextSdsSecretConfig *SdsSecretConfig `protobuf:"bytes,7,opt,name=validation_context_sds_secret_config,json=validationContextSdsSecretConfig,proto3,oneof"`
+}
+
+type CommonTlsContext_CombinedValidationContext struct {
+	// Combined certificate validation context holds a default CertificateValidationContext
+	// and SDS config. When SDS server returns dynamic CertificateValidationContext, both dynamic
+	// and default CertificateValidationContext are merged into a new CertificateValidationContext
+	// for validation. This merge is done by Message::MergeFrom(), so dynamic
+	// CertificateValidationContext overwrites singular fields in default
+	// CertificateValidationContext, and concatenates repeated fields to default
+	// CertificateValidationContext, and logical OR is applied to boolean fields.
+	CombinedValidationContext *CommonTlsContext_CombinedCertificateValidationContext `protobuf:"bytes,8,opt,name=combined_validation_context,json=combinedValidationContext,proto3,oneof"`
+}
+
+type CommonTlsContext_ValidationContextCertificateProvider struct {
+	// Certificate provider for fetching validation context.
+	// [#not-implemented-hide:]
+	//
+	// Deprecated: Do not use.
+	ValidationContextCertificateProvider *CommonTlsContext_CertificateProvider `protobuf:"bytes,10,opt,name=validation_context_certificate_provider,json=validationContextCertificateProvider,proto3,oneof"`
+}
+
+type CommonTlsContext_ValidationContextCertificateProviderInstance struct {
+	// Certificate provider instance for fetching validation context.
+	// [#not-implemented-hide:]
+	//
+	// Deprecated: Do not use.
+	ValidationContextCertificateProviderInstance *CommonTlsContext_CertificateProviderInstance `protobuf:"bytes,12,opt,name=validation_context_certificate_provider_instance,json=validationContextCertificateProviderInstance,proto3,oneof"`
+}
+
+func (*CommonTlsContext_ValidationContext) isCommonTlsContext_ValidationContextType() {}
+
+func (*CommonTlsContext_ValidationContextSdsSecretConfig) isCommonTlsContext_ValidationContextType() {
+}
+
+func (*CommonTlsContext_CombinedValidationContext) isCommonTlsContext_ValidationContextType() {}
+
+func (*CommonTlsContext_ValidationContextCertificateProvider) isCommonTlsContext_ValidationContextType() {
+}
+
+func (*CommonTlsContext_ValidationContextCertificateProviderInstance) isCommonTlsContext_ValidationContextType() {
+}
+
+// Config for Certificate provider to get certificates. This provider should allow certificates to be
+// fetched/refreshed over the network asynchronously with respect to the TLS handshake.
+//
+// DEPRECATED: This message is not currently used, but if we ever do need it, we will want to
+// move it out of CommonTlsContext and into common.proto, similar to the existing
+// CertificateProviderPluginInstance message.
+//
+// [#not-implemented-hide:]
+type CommonTlsContext_CertificateProvider struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// opaque name used to specify certificate instances or types. For example, "ROOTCA" to specify
+	// a root-certificate (validation context) or "TLS" to specify a new tls-certificate.
+	Name string `protobuf:"bytes,1,opt,name=name,proto3" json:"name,omitempty"`
+	// Provider specific config.
+	// Note: an implementation is expected to dedup multiple instances of the same config
+	// to maintain a single certificate-provider instance. The sharing can happen, for
+	// example, among multiple clusters or between the tls_certificate and validation_context
+	// certificate providers of a cluster.
+	// This config could be supplied inline or (in future) a named xDS resource.
+	//
+	// Types that are assignable to Config:
+	//	*CommonTlsContext_CertificateProvider_TypedConfig
+	Config isCommonTlsContext_CertificateProvider_Config `protobuf_oneof:"config"`
+}
+
+func (x *CommonTlsContext_CertificateProvider) Reset() {
+	*x = CommonTlsContext_CertificateProvider{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_extensions_transport_sockets_tls_v3_tls_proto_msgTypes[3]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *CommonTlsContext_CertificateProvider) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*CommonTlsContext_CertificateProvider) ProtoMessage() {}
+
+func (x *CommonTlsContext_CertificateProvider) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_extensions_transport_sockets_tls_v3_tls_proto_msgTypes[3]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use CommonTlsContext_CertificateProvider.ProtoReflect.Descriptor instead.
+func (*CommonTlsContext_CertificateProvider) Descriptor() ([]byte, []int) {
+	return file_envoy_extensions_transport_sockets_tls_v3_tls_proto_rawDescGZIP(), []int{2, 0}
+}
+
+func (x *CommonTlsContext_CertificateProvider) GetName() string {
+	if x != nil {
+		return x.Name
+	}
+	return ""
+}
+
+func (m *CommonTlsContext_CertificateProvider) GetConfig() isCommonTlsContext_CertificateProvider_Config {
+	if m != nil {
+		return m.Config
+	}
+	return nil
+}
+
+func (x *CommonTlsContext_CertificateProvider) GetTypedConfig() *v3.TypedExtensionConfig {
+	if x, ok := x.GetConfig().(*CommonTlsContext_CertificateProvider_TypedConfig); ok {
+		return x.TypedConfig
+	}
+	return nil
+}
+
+type isCommonTlsContext_CertificateProvider_Config interface {
+	isCommonTlsContext_CertificateProvider_Config()
+}
+
+type CommonTlsContext_CertificateProvider_TypedConfig struct {
+	TypedConfig *v3.TypedExtensionConfig `protobuf:"bytes,2,opt,name=typed_config,json=typedConfig,proto3,oneof"`
+}
+
+func (*CommonTlsContext_CertificateProvider_TypedConfig) isCommonTlsContext_CertificateProvider_Config() {
+}
+
+// Similar to CertificateProvider above, but allows the provider instances to be configured on
+// the client side instead of being sent from the control plane.
+//
+// DEPRECATED: This message was moved outside of CommonTlsContext
+// and now lives in common.proto.
+//
+// [#not-implemented-hide:]
+type CommonTlsContext_CertificateProviderInstance struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// Provider instance name. This name must be defined in the client's configuration (e.g., a
+	// bootstrap file) to correspond to a provider instance (i.e., the same data in the typed_config
+	// field that would be sent in the CertificateProvider message if the config was sent by the
+	// control plane). If not present, defaults to "default".
+	//
+	// Instance names should generally be defined not in terms of the underlying provider
+	// implementation (e.g., "file_watcher") but rather in terms of the function of the
+	// certificates (e.g., "foo_deployment_identity").
+	InstanceName string `protobuf:"bytes,1,opt,name=instance_name,json=instanceName,proto3" json:"instance_name,omitempty"`
+	// Opaque name used to specify certificate instances or types. For example, "ROOTCA" to specify
+	// a root-certificate (validation context) or "example.com" to specify a certificate for a
+	// particular domain. Not all provider instances will actually use this field, so the value
+	// defaults to the empty string.
+	CertificateName string `protobuf:"bytes,2,opt,name=certificate_name,json=certificateName,proto3" json:"certificate_name,omitempty"`
+}
+
+func (x *CommonTlsContext_CertificateProviderInstance) Reset() {
+	*x = CommonTlsContext_CertificateProviderInstance{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_extensions_transport_sockets_tls_v3_tls_proto_msgTypes[4]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *CommonTlsContext_CertificateProviderInstance) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*CommonTlsContext_CertificateProviderInstance) ProtoMessage() {}
+
+func (x *CommonTlsContext_CertificateProviderInstance) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_extensions_transport_sockets_tls_v3_tls_proto_msgTypes[4]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use CommonTlsContext_CertificateProviderInstance.ProtoReflect.Descriptor instead.
+func (*CommonTlsContext_CertificateProviderInstance) Descriptor() ([]byte, []int) {
+	return file_envoy_extensions_transport_sockets_tls_v3_tls_proto_rawDescGZIP(), []int{2, 1}
+}
+
+func (x *CommonTlsContext_CertificateProviderInstance) GetInstanceName() string {
+	if x != nil {
+		return x.InstanceName
+	}
+	return ""
+}
+
+func (x *CommonTlsContext_CertificateProviderInstance) GetCertificateName() string {
+	if x != nil {
+		return x.CertificateName
+	}
+	return ""
+}
+
+type CommonTlsContext_CombinedCertificateValidationContext struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// How to validate peer certificates.
+	DefaultValidationContext *CertificateValidationContext `protobuf:"bytes,1,opt,name=default_validation_context,json=defaultValidationContext,proto3" json:"default_validation_context,omitempty"`
+	// Config for fetching validation context via SDS API. Note SDS API allows certificates to be
+	// fetched/refreshed over the network asynchronously with respect to the TLS handshake.
+	ValidationContextSdsSecretConfig *SdsSecretConfig `protobuf:"bytes,2,opt,name=validation_context_sds_secret_config,json=validationContextSdsSecretConfig,proto3" json:"validation_context_sds_secret_config,omitempty"`
+	// Certificate provider for fetching CA certs. This will populate the
+	// *default_validation_context.trusted_ca* field.
+	// [#not-implemented-hide:]
+	//
+	// Deprecated: Do not use.
+	ValidationContextCertificateProvider *CommonTlsContext_CertificateProvider `protobuf:"bytes,3,opt,name=validation_context_certificate_provider,json=validationContextCertificateProvider,proto3" json:"validation_context_certificate_provider,omitempty"`
+	// Certificate provider instance for fetching CA certs. This will populate the
+	// *default_validation_context.trusted_ca* field.
+	// [#not-implemented-hide:]
+	//
+	// Deprecated: Do not use.
+	ValidationContextCertificateProviderInstance *CommonTlsContext_CertificateProviderInstance `protobuf:"bytes,4,opt,name=validation_context_certificate_provider_instance,json=validationContextCertificateProviderInstance,proto3" json:"validation_context_certificate_provider_instance,omitempty"`
+}
+
+func (x *CommonTlsContext_CombinedCertificateValidationContext) Reset() {
+	*x = CommonTlsContext_CombinedCertificateValidationContext{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_extensions_transport_sockets_tls_v3_tls_proto_msgTypes[5]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *CommonTlsContext_CombinedCertificateValidationContext) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*CommonTlsContext_CombinedCertificateValidationContext) ProtoMessage() {}
+
+func (x *CommonTlsContext_CombinedCertificateValidationContext) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_extensions_transport_sockets_tls_v3_tls_proto_msgTypes[5]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use CommonTlsContext_CombinedCertificateValidationContext.ProtoReflect.Descriptor instead.
+func (*CommonTlsContext_CombinedCertificateValidationContext) Descriptor() ([]byte, []int) {
+	return file_envoy_extensions_transport_sockets_tls_v3_tls_proto_rawDescGZIP(), []int{2, 2}
+}
+
+func (x *CommonTlsContext_CombinedCertificateValidationContext) GetDefaultValidationContext() *CertificateValidationContext {
+	if x != nil {
+		return x.DefaultValidationContext
+	}
+	return nil
+}
+
+func (x *CommonTlsContext_CombinedCertificateValidationContext) GetValidationContextSdsSecretConfig() *SdsSecretConfig {
+	if x != nil {
+		return x.ValidationContextSdsSecretConfig
+	}
+	return nil
+}
+
+// Deprecated: Do not use.
+func (x *CommonTlsContext_CombinedCertificateValidationContext) GetValidationContextCertificateProvider() *CommonTlsContext_CertificateProvider {
+	if x != nil {
+		return x.ValidationContextCertificateProvider
+	}
+	return nil
+}
+
+// Deprecated: Do not use.
+func (x *CommonTlsContext_CombinedCertificateValidationContext) GetValidationContextCertificateProviderInstance() *CommonTlsContext_CertificateProviderInstance {
+	if x != nil {
+		return x.ValidationContextCertificateProviderInstance
+	}
+	return nil
+}
+
+var File_envoy_extensions_transport_sockets_tls_v3_tls_proto protoreflect.FileDescriptor
+
+var file_envoy_extensions_transport_sockets_tls_v3_tls_proto_rawDesc = []byte{
+	0x0a, 0x33, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2f, 0x65, 0x78, 0x74, 0x65, 0x6e, 0x73, 0x69, 0x6f,
+	0x6e, 0x73, 0x2f, 0x74, 0x72, 0x61, 0x6e, 0x73, 0x70, 0x6f, 0x72, 0x74, 0x5f, 0x73, 0x6f, 0x63,
+	0x6b, 0x65, 0x74, 0x73, 0x2f, 0x74, 0x6c, 0x73, 0x2f, 0x76, 0x33, 0x2f, 0x74, 0x6c, 0x73, 0x2e,
+	0x70, 0x72, 0x6f, 0x74, 0x6f, 0x12, 0x29, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x65, 0x78, 0x74,
+	0x65, 0x6e, 0x73, 0x69, 0x6f, 0x6e, 0x73, 0x2e, 0x74, 0x72, 0x61, 0x6e, 0x73, 0x70, 0x6f, 0x72,
+	0x74, 0x5f, 0x73, 0x6f, 0x63, 0x6b, 0x65, 0x74, 0x73, 0x2e, 0x74, 0x6c, 0x73, 0x2e, 0x76, 0x33,
+	0x1a, 0x24, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2f, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2f, 0x63,
+	0x6f, 0x72, 0x65, 0x2f, 0x76, 0x33, 0x2f, 0x65, 0x78, 0x74, 0x65, 0x6e, 0x73, 0x69, 0x6f, 0x6e,
+	0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x36, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2f, 0x65, 0x78,
+	0x74, 0x65, 0x6e, 0x73, 0x69, 0x6f, 0x6e, 0x73, 0x2f, 0x74, 0x72, 0x61, 0x6e, 0x73, 0x70, 0x6f,
+	0x72, 0x74, 0x5f, 0x73, 0x6f, 0x63, 0x6b, 0x65, 0x74, 0x73, 0x2f, 0x74, 0x6c, 0x73, 0x2f, 0x76,
+	0x33, 0x2f, 0x63, 0x6f, 0x6d, 0x6d, 0x6f, 0x6e, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x36,
+	0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2f, 0x65, 0x78, 0x74, 0x65, 0x6e, 0x73, 0x69, 0x6f, 0x6e, 0x73,
+	0x2f, 0x74, 0x72, 0x61, 0x6e, 0x73, 0x70, 0x6f, 0x72, 0x74, 0x5f, 0x73, 0x6f, 0x63, 0x6b, 0x65,
+	0x74, 0x73, 0x2f, 0x74, 0x6c, 0x73, 0x2f, 0x76, 0x33, 0x2f, 0x73, 0x65, 0x63, 0x72, 0x65, 0x74,
+	0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x1e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2f, 0x70,
+	0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2f, 0x64, 0x75, 0x72, 0x61, 0x74, 0x69, 0x6f, 0x6e,
+	0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x1e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2f, 0x70,
+	0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2f, 0x77, 0x72, 0x61, 0x70, 0x70, 0x65, 0x72, 0x73,
+	0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x23, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2f, 0x61, 0x6e,
+	0x6e, 0x6f, 0x74, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x2f, 0x64, 0x65, 0x70, 0x72, 0x65, 0x63,
+	0x61, 0x74, 0x69, 0x6f, 0x6e, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x1d, 0x75, 0x64, 0x70,
+	0x61, 0x2f, 0x61, 0x6e, 0x6e, 0x6f, 0x74, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x2f, 0x73, 0x74,
+	0x61, 0x74, 0x75, 0x73, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x21, 0x75, 0x64, 0x70, 0x61,
+	0x2f, 0x61, 0x6e, 0x6e, 0x6f, 0x74, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x2f, 0x76, 0x65, 0x72,
+	0x73, 0x69, 0x6f, 0x6e, 0x69, 0x6e, 0x67, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x17, 0x76,
+	0x61, 0x6c, 0x69, 0x64, 0x61, 0x74, 0x65, 0x2f, 0x76, 0x61, 0x6c, 0x69, 0x64, 0x61, 0x74, 0x65,
+	0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x22, 0xc1, 0x02, 0x0a, 0x12, 0x55, 0x70, 0x73, 0x74, 0x72,
+	0x65, 0x61, 0x6d, 0x54, 0x6c, 0x73, 0x43, 0x6f, 0x6e, 0x74, 0x65, 0x78, 0x74, 0x12, 0x69, 0x0a,
+	0x12, 0x63, 0x6f, 0x6d, 0x6d, 0x6f, 0x6e, 0x5f, 0x74, 0x6c, 0x73, 0x5f, 0x63, 0x6f, 0x6e, 0x74,
+	0x65, 0x78, 0x74, 0x18, 0x01, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x3b, 0x2e, 0x65, 0x6e, 0x76, 0x6f,
+	0x79, 0x2e, 0x65, 0x78, 0x74, 0x65, 0x6e, 0x73, 0x69, 0x6f, 0x6e, 0x73, 0x2e, 0x74, 0x72, 0x61,
+	0x6e, 0x73, 0x70, 0x6f, 0x72, 0x74, 0x5f, 0x73, 0x6f, 0x63, 0x6b, 0x65, 0x74, 0x73, 0x2e, 0x74,
+	0x6c, 0x73, 0x2e, 0x76, 0x33, 0x2e, 0x43, 0x6f, 0x6d, 0x6d, 0x6f, 0x6e, 0x54, 0x6c, 0x73, 0x43,
+	0x6f, 0x6e, 0x74, 0x65, 0x78, 0x74, 0x52, 0x10, 0x63, 0x6f, 0x6d, 0x6d, 0x6f, 0x6e, 0x54, 0x6c,
+	0x73, 0x43, 0x6f, 0x6e, 0x74, 0x65, 0x78, 0x74, 0x12, 0x1a, 0x0a, 0x03, 0x73, 0x6e, 0x69, 0x18,
+	0x02, 0x20, 0x01, 0x28, 0x09, 0x42, 0x08, 0xfa, 0x42, 0x05, 0x72, 0x03, 0x28, 0xff, 0x01, 0x52,
+	0x03, 0x73, 0x6e, 0x69, 0x12, 0x2f, 0x0a, 0x13, 0x61, 0x6c, 0x6c, 0x6f, 0x77, 0x5f, 0x72, 0x65,
+	0x6e, 0x65, 0x67, 0x6f, 0x74, 0x69, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x18, 0x03, 0x20, 0x01, 0x28,
+	0x08, 0x52, 0x12, 0x61, 0x6c, 0x6c, 0x6f, 0x77, 0x52, 0x65, 0x6e, 0x65, 0x67, 0x6f, 0x74, 0x69,
+	0x61, 0x74, 0x69, 0x6f, 0x6e, 0x12, 0x46, 0x0a, 0x10, 0x6d, 0x61, 0x78, 0x5f, 0x73, 0x65, 0x73,
+	0x73, 0x69, 0x6f, 0x6e, 0x5f, 0x6b, 0x65, 0x79, 0x73, 0x18, 0x04, 0x20, 0x01, 0x28, 0x0b, 0x32,
+	0x1c, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75,
+	0x66, 0x2e, 0x55, 0x49, 0x6e, 0x74, 0x33, 0x32, 0x56, 0x61, 0x6c, 0x75, 0x65, 0x52, 0x0e, 0x6d,
+	0x61, 0x78, 0x53, 0x65, 0x73, 0x73, 0x69, 0x6f, 0x6e, 0x4b, 0x65, 0x79, 0x73, 0x3a, 0x2b, 0x9a,
+	0xc5, 0x88, 0x1e, 0x26, 0x0a, 0x24, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61, 0x70, 0x69, 0x2e,
+	0x76, 0x32, 0x2e, 0x61, 0x75, 0x74, 0x68, 0x2e, 0x55, 0x70, 0x73, 0x74, 0x72, 0x65, 0x61, 0x6d,
+	0x54, 0x6c, 0x73, 0x43, 0x6f, 0x6e, 0x74, 0x65, 0x78, 0x74, 0x22, 0xea, 0x07, 0x0a, 0x14, 0x44,
+	0x6f, 0x77, 0x6e, 0x73, 0x74, 0x72, 0x65, 0x61, 0x6d, 0x54, 0x6c, 0x73, 0x43, 0x6f, 0x6e, 0x74,
+	0x65, 0x78, 0x74, 0x12, 0x69, 0x0a, 0x12, 0x63, 0x6f, 0x6d, 0x6d, 0x6f, 0x6e, 0x5f, 0x74, 0x6c,
+	0x73, 0x5f, 0x63, 0x6f, 0x6e, 0x74, 0x65, 0x78, 0x74, 0x18, 0x01, 0x20, 0x01, 0x28, 0x0b, 0x32,
+	0x3b, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x65, 0x78, 0x74, 0x65, 0x6e, 0x73, 0x69, 0x6f,
+	0x6e, 0x73, 0x2e, 0x74, 0x72, 0x61, 0x6e, 0x73, 0x70, 0x6f, 0x72, 0x74, 0x5f, 0x73, 0x6f, 0x63,
+	0x6b, 0x65, 0x74, 0x73, 0x2e, 0x74, 0x6c, 0x73, 0x2e, 0x76, 0x33, 0x2e, 0x43, 0x6f, 0x6d, 0x6d,
+	0x6f, 0x6e, 0x54, 0x6c, 0x73, 0x43, 0x6f, 0x6e, 0x74, 0x65, 0x78, 0x74, 0x52, 0x10, 0x63, 0x6f,
+	0x6d, 0x6d, 0x6f, 0x6e, 0x54, 0x6c, 0x73, 0x43, 0x6f, 0x6e, 0x74, 0x65, 0x78, 0x74, 0x12, 0x58,
+	0x0a, 0x1a, 0x72, 0x65, 0x71, 0x75, 0x69, 0x72, 0x65, 0x5f, 0x63, 0x6c, 0x69, 0x65, 0x6e, 0x74,
+	0x5f, 0x63, 0x65, 0x72, 0x74, 0x69, 0x66, 0x69, 0x63, 0x61, 0x74, 0x65, 0x18, 0x02, 0x20, 0x01,
+	0x28, 0x0b, 0x32, 0x1a, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74,
+	0x6f, 0x62, 0x75, 0x66, 0x2e, 0x42, 0x6f, 0x6f, 0x6c, 0x56, 0x61, 0x6c, 0x75, 0x65, 0x52, 0x18,
+	0x72, 0x65, 0x71, 0x75, 0x69, 0x72, 0x65, 0x43, 0x6c, 0x69, 0x65, 0x6e, 0x74, 0x43, 0x65, 0x72,
+	0x74, 0x69, 0x66, 0x69, 0x63, 0x61, 0x74, 0x65, 0x12, 0x3b, 0x0a, 0x0b, 0x72, 0x65, 0x71, 0x75,
+	0x69, 0x72, 0x65, 0x5f, 0x73, 0x6e, 0x69, 0x18, 0x03, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1a, 0x2e,
+	0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e,
+	0x42, 0x6f, 0x6f, 0x6c, 0x56, 0x61, 0x6c, 0x75, 0x65, 0x52, 0x0a, 0x72, 0x65, 0x71, 0x75, 0x69,
+	0x72, 0x65, 0x53, 0x6e, 0x69, 0x12, 0x71, 0x0a, 0x13, 0x73, 0x65, 0x73, 0x73, 0x69, 0x6f, 0x6e,
+	0x5f, 0x74, 0x69, 0x63, 0x6b, 0x65, 0x74, 0x5f, 0x6b, 0x65, 0x79, 0x73, 0x18, 0x04, 0x20, 0x01,
+	0x28, 0x0b, 0x32, 0x3f, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x65, 0x78, 0x74, 0x65, 0x6e,
+	0x73, 0x69, 0x6f, 0x6e, 0x73, 0x2e, 0x74, 0x72, 0x61, 0x6e, 0x73, 0x70, 0x6f, 0x72, 0x74, 0x5f,
+	0x73, 0x6f, 0x63, 0x6b, 0x65, 0x74, 0x73, 0x2e, 0x74, 0x6c, 0x73, 0x2e, 0x76, 0x33, 0x2e, 0x54,
+	0x6c, 0x73, 0x53, 0x65, 0x73, 0x73, 0x69, 0x6f, 0x6e, 0x54, 0x69, 0x63, 0x6b, 0x65, 0x74, 0x4b,
+	0x65, 0x79, 0x73, 0x48, 0x00, 0x52, 0x11, 0x73, 0x65, 0x73, 0x73, 0x69, 0x6f, 0x6e, 0x54, 0x69,
+	0x63, 0x6b, 0x65, 0x74, 0x4b, 0x65, 0x79, 0x73, 0x12, 0x8d, 0x01, 0x0a, 0x25, 0x73, 0x65, 0x73,
+	0x73, 0x69, 0x6f, 0x6e, 0x5f, 0x74, 0x69, 0x63, 0x6b, 0x65, 0x74, 0x5f, 0x6b, 0x65, 0x79, 0x73,
+	0x5f, 0x73, 0x64, 0x73, 0x5f, 0x73, 0x65, 0x63, 0x72, 0x65, 0x74, 0x5f, 0x63, 0x6f, 0x6e, 0x66,
+	0x69, 0x67, 0x18, 0x05, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x3a, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79,
+	0x2e, 0x65, 0x78, 0x74, 0x65, 0x6e, 0x73, 0x69, 0x6f, 0x6e, 0x73, 0x2e, 0x74, 0x72, 0x61, 0x6e,
+	0x73, 0x70, 0x6f, 0x72, 0x74, 0x5f, 0x73, 0x6f, 0x63, 0x6b, 0x65, 0x74, 0x73, 0x2e, 0x74, 0x6c,
+	0x73, 0x2e, 0x76, 0x33, 0x2e, 0x53, 0x64, 0x73, 0x53, 0x65, 0x63, 0x72, 0x65, 0x74, 0x43, 0x6f,
+	0x6e, 0x66, 0x69, 0x67, 0x48, 0x00, 0x52, 0x20, 0x73, 0x65, 0x73, 0x73, 0x69, 0x6f, 0x6e, 0x54,
+	0x69, 0x63, 0x6b, 0x65, 0x74, 0x4b, 0x65, 0x79, 0x73, 0x53, 0x64, 0x73, 0x53, 0x65, 0x63, 0x72,
+	0x65, 0x74, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x12, 0x51, 0x0a, 0x24, 0x64, 0x69, 0x73, 0x61,
+	0x62, 0x6c, 0x65, 0x5f, 0x73, 0x74, 0x61, 0x74, 0x65, 0x6c, 0x65, 0x73, 0x73, 0x5f, 0x73, 0x65,
+	0x73, 0x73, 0x69, 0x6f, 0x6e, 0x5f, 0x72, 0x65, 0x73, 0x75, 0x6d, 0x70, 0x74, 0x69, 0x6f, 0x6e,
+	0x18, 0x07, 0x20, 0x01, 0x28, 0x08, 0x48, 0x00, 0x52, 0x21, 0x64, 0x69, 0x73, 0x61, 0x62, 0x6c,
+	0x65, 0x53, 0x74, 0x61, 0x74, 0x65, 0x6c, 0x65, 0x73, 0x73, 0x53, 0x65, 0x73, 0x73, 0x69, 0x6f,
+	0x6e, 0x52, 0x65, 0x73, 0x75, 0x6d, 0x70, 0x74, 0x69, 0x6f, 0x6e, 0x12, 0x54, 0x0a, 0x0f, 0x73,
+	0x65, 0x73, 0x73, 0x69, 0x6f, 0x6e, 0x5f, 0x74, 0x69, 0x6d, 0x65, 0x6f, 0x75, 0x74, 0x18, 0x06,
+	0x20, 0x01, 0x28, 0x0b, 0x32, 0x19, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72,
+	0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x44, 0x75, 0x72, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x42,
+	0x10, 0xfa, 0x42, 0x0d, 0xaa, 0x01, 0x0a, 0x1a, 0x06, 0x08, 0x80, 0x80, 0x80, 0x80, 0x10, 0x32,
+	0x00, 0x52, 0x0e, 0x73, 0x65, 0x73, 0x73, 0x69, 0x6f, 0x6e, 0x54, 0x69, 0x6d, 0x65, 0x6f, 0x75,
+	0x74, 0x12, 0x88, 0x01, 0x0a, 0x12, 0x6f, 0x63, 0x73, 0x70, 0x5f, 0x73, 0x74, 0x61, 0x70, 0x6c,
+	0x65, 0x5f, 0x70, 0x6f, 0x6c, 0x69, 0x63, 0x79, 0x18, 0x08, 0x20, 0x01, 0x28, 0x0e, 0x32, 0x50,
+	0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x65, 0x78, 0x74, 0x65, 0x6e, 0x73, 0x69, 0x6f, 0x6e,
+	0x73, 0x2e, 0x74, 0x72, 0x61, 0x6e, 0x73, 0x70, 0x6f, 0x72, 0x74, 0x5f, 0x73, 0x6f, 0x63, 0x6b,
+	0x65, 0x74, 0x73, 0x2e, 0x74, 0x6c, 0x73, 0x2e, 0x76, 0x33, 0x2e, 0x44, 0x6f, 0x77, 0x6e, 0x73,
+	0x74, 0x72, 0x65, 0x61, 0x6d, 0x54, 0x6c, 0x73, 0x43, 0x6f, 0x6e, 0x74, 0x65, 0x78, 0x74, 0x2e,
+	0x4f, 0x63, 0x73, 0x70, 0x53, 0x74, 0x61, 0x70, 0x6c, 0x65, 0x50, 0x6f, 0x6c, 0x69, 0x63, 0x79,
+	0x42, 0x08, 0xfa, 0x42, 0x05, 0x82, 0x01, 0x02, 0x10, 0x01, 0x52, 0x10, 0x6f, 0x63, 0x73, 0x70,
+	0x53, 0x74, 0x61, 0x70, 0x6c, 0x65, 0x50, 0x6f, 0x6c, 0x69, 0x63, 0x79, 0x22, 0x4e, 0x0a, 0x10,
+	0x4f, 0x63, 0x73, 0x70, 0x53, 0x74, 0x61, 0x70, 0x6c, 0x65, 0x50, 0x6f, 0x6c, 0x69, 0x63, 0x79,
+	0x12, 0x14, 0x0a, 0x10, 0x4c, 0x45, 0x4e, 0x49, 0x45, 0x4e, 0x54, 0x5f, 0x53, 0x54, 0x41, 0x50,
+	0x4c, 0x49, 0x4e, 0x47, 0x10, 0x00, 0x12, 0x13, 0x0a, 0x0f, 0x53, 0x54, 0x52, 0x49, 0x43, 0x54,
+	0x5f, 0x53, 0x54, 0x41, 0x50, 0x4c, 0x49, 0x4e, 0x47, 0x10, 0x01, 0x12, 0x0f, 0x0a, 0x0b, 0x4d,
+	0x55, 0x53, 0x54, 0x5f, 0x53, 0x54, 0x41, 0x50, 0x4c, 0x45, 0x10, 0x02, 0x3a, 0x2d, 0x9a, 0xc5,
+	0x88, 0x1e, 0x28, 0x0a, 0x26, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x76,
+	0x32, 0x2e, 0x61, 0x75, 0x74, 0x68, 0x2e, 0x44, 0x6f, 0x77, 0x6e, 0x73, 0x74, 0x72, 0x65, 0x61,
+	0x6d, 0x54, 0x6c, 0x73, 0x43, 0x6f, 0x6e, 0x74, 0x65, 0x78, 0x74, 0x42, 0x1a, 0x0a, 0x18, 0x73,
+	0x65, 0x73, 0x73, 0x69, 0x6f, 0x6e, 0x5f, 0x74, 0x69, 0x63, 0x6b, 0x65, 0x74, 0x5f, 0x6b, 0x65,
+	0x79, 0x73, 0x5f, 0x74, 0x79, 0x70, 0x65, 0x22, 0xa5, 0x17, 0x0a, 0x10, 0x43, 0x6f, 0x6d, 0x6d,
+	0x6f, 0x6e, 0x54, 0x6c, 0x73, 0x43, 0x6f, 0x6e, 0x74, 0x65, 0x78, 0x74, 0x12, 0x57, 0x0a, 0x0a,
+	0x74, 0x6c, 0x73, 0x5f, 0x70, 0x61, 0x72, 0x61, 0x6d, 0x73, 0x18, 0x01, 0x20, 0x01, 0x28, 0x0b,
+	0x32, 0x38, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x65, 0x78, 0x74, 0x65, 0x6e, 0x73, 0x69,
+	0x6f, 0x6e, 0x73, 0x2e, 0x74, 0x72, 0x61, 0x6e, 0x73, 0x70, 0x6f, 0x72, 0x74, 0x5f, 0x73, 0x6f,
+	0x63, 0x6b, 0x65, 0x74, 0x73, 0x2e, 0x74, 0x6c, 0x73, 0x2e, 0x76, 0x33, 0x2e, 0x54, 0x6c, 0x73,
+	0x50, 0x61, 0x72, 0x61, 0x6d, 0x65, 0x74, 0x65, 0x72, 0x73, 0x52, 0x09, 0x74, 0x6c, 0x73, 0x50,
+	0x61, 0x72, 0x61, 0x6d, 0x73, 0x12, 0x64, 0x0a, 0x10, 0x74, 0x6c, 0x73, 0x5f, 0x63, 0x65, 0x72,
+	0x74, 0x69, 0x66, 0x69, 0x63, 0x61, 0x74, 0x65, 0x73, 0x18, 0x02, 0x20, 0x03, 0x28, 0x0b, 0x32,
+	0x39, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x65, 0x78, 0x74, 0x65, 0x6e, 0x73, 0x69, 0x6f,
+	0x6e, 0x73, 0x2e, 0x74, 0x72, 0x61, 0x6e, 0x73, 0x70, 0x6f, 0x72, 0x74, 0x5f, 0x73, 0x6f, 0x63,
+	0x6b, 0x65, 0x74, 0x73, 0x2e, 0x74, 0x6c, 0x73, 0x2e, 0x76, 0x33, 0x2e, 0x54, 0x6c, 0x73, 0x43,
+	0x65, 0x72, 0x74, 0x69, 0x66, 0x69, 0x63, 0x61, 0x74, 0x65, 0x52, 0x0f, 0x74, 0x6c, 0x73, 0x43,
+	0x65, 0x72, 0x74, 0x69, 0x66, 0x69, 0x63, 0x61, 0x74, 0x65, 0x73, 0x12, 0x90, 0x01, 0x0a, 0x22,
+	0x74, 0x6c, 0x73, 0x5f, 0x63, 0x65, 0x72, 0x74, 0x69, 0x66, 0x69, 0x63, 0x61, 0x74, 0x65, 0x5f,
+	0x73, 0x64, 0x73, 0x5f, 0x73, 0x65, 0x63, 0x72, 0x65, 0x74, 0x5f, 0x63, 0x6f, 0x6e, 0x66, 0x69,
+	0x67, 0x73, 0x18, 0x06, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x3a, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79,
+	0x2e, 0x65, 0x78, 0x74, 0x65, 0x6e, 0x73, 0x69, 0x6f, 0x6e, 0x73, 0x2e, 0x74, 0x72, 0x61, 0x6e,
+	0x73, 0x70, 0x6f, 0x72, 0x74, 0x5f, 0x73, 0x6f, 0x63, 0x6b, 0x65, 0x74, 0x73, 0x2e, 0x74, 0x6c,
+	0x73, 0x2e, 0x76, 0x33, 0x2e, 0x53, 0x64, 0x73, 0x53, 0x65, 0x63, 0x72, 0x65, 0x74, 0x43, 0x6f,
+	0x6e, 0x66, 0x69, 0x67, 0x42, 0x08, 0xfa, 0x42, 0x05, 0x92, 0x01, 0x02, 0x10, 0x02, 0x52, 0x1e,
+	0x74, 0x6c, 0x73, 0x43, 0x65, 0x72, 0x74, 0x69, 0x66, 0x69, 0x63, 0x61, 0x74, 0x65, 0x53, 0x64,
+	0x73, 0x53, 0x65, 0x63, 0x72, 0x65, 0x74, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x73, 0x12, 0x97,
+	0x01, 0x0a, 0x21, 0x74, 0x6c, 0x73, 0x5f, 0x63, 0x65, 0x72, 0x74, 0x69, 0x66, 0x69, 0x63, 0x61,
+	0x74, 0x65, 0x5f, 0x70, 0x72, 0x6f, 0x76, 0x69, 0x64, 0x65, 0x72, 0x5f, 0x69, 0x6e, 0x73, 0x74,
+	0x61, 0x6e, 0x63, 0x65, 0x18, 0x0e, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x4c, 0x2e, 0x65, 0x6e, 0x76,
+	0x6f, 0x79, 0x2e, 0x65, 0x78, 0x74, 0x65, 0x6e, 0x73, 0x69, 0x6f, 0x6e, 0x73, 0x2e, 0x74, 0x72,
+	0x61, 0x6e, 0x73, 0x70, 0x6f, 0x72, 0x74, 0x5f, 0x73, 0x6f, 0x63, 0x6b, 0x65, 0x74, 0x73, 0x2e,
+	0x74, 0x6c, 0x73, 0x2e, 0x76, 0x33, 0x2e, 0x43, 0x65, 0x72, 0x74, 0x69, 0x66, 0x69, 0x63, 0x61,
+	0x74, 0x65, 0x50, 0x72, 0x6f, 0x76, 0x69, 0x64, 0x65, 0x72, 0x50, 0x6c, 0x75, 0x67, 0x69, 0x6e,
+	0x49, 0x6e, 0x73, 0x74, 0x61, 0x6e, 0x63, 0x65, 0x52, 0x1e, 0x74, 0x6c, 0x73, 0x43, 0x65, 0x72,
+	0x74, 0x69, 0x66, 0x69, 0x63, 0x61, 0x74, 0x65, 0x50, 0x72, 0x6f, 0x76, 0x69, 0x64, 0x65, 0x72,
+	0x49, 0x6e, 0x73, 0x74, 0x61, 0x6e, 0x63, 0x65, 0x12, 0xad, 0x01, 0x0a, 0x24, 0x74, 0x6c, 0x73,
+	0x5f, 0x63, 0x65, 0x72, 0x74, 0x69, 0x66, 0x69, 0x63, 0x61, 0x74, 0x65, 0x5f, 0x63, 0x65, 0x72,
+	0x74, 0x69, 0x66, 0x69, 0x63, 0x61, 0x74, 0x65, 0x5f, 0x70, 0x72, 0x6f, 0x76, 0x69, 0x64, 0x65,
+	0x72, 0x18, 0x09, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x4f, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e,
+	0x65, 0x78, 0x74, 0x65, 0x6e, 0x73, 0x69, 0x6f, 0x6e, 0x73, 0x2e, 0x74, 0x72, 0x61, 0x6e, 0x73,
+	0x70, 0x6f, 0x72, 0x74, 0x5f, 0x73, 0x6f, 0x63, 0x6b, 0x65, 0x74, 0x73, 0x2e, 0x74, 0x6c, 0x73,
+	0x2e, 0x76, 0x33, 0x2e, 0x43, 0x6f, 0x6d, 0x6d, 0x6f, 0x6e, 0x54, 0x6c, 0x73, 0x43, 0x6f, 0x6e,
+	0x74, 0x65, 0x78, 0x74, 0x2e, 0x43, 0x65, 0x72, 0x74, 0x69, 0x66, 0x69, 0x63, 0x61, 0x74, 0x65,
+	0x50, 0x72, 0x6f, 0x76, 0x69, 0x64, 0x65, 0x72, 0x42, 0x0b, 0x18, 0x01, 0x92, 0xc7, 0x86, 0xd8,
+	0x04, 0x03, 0x33, 0x2e, 0x30, 0x52, 0x21, 0x74, 0x6c, 0x73, 0x43, 0x65, 0x72, 0x74, 0x69, 0x66,
+	0x69, 0x63, 0x61, 0x74, 0x65, 0x43, 0x65, 0x72, 0x74, 0x69, 0x66, 0x69, 0x63, 0x61, 0x74, 0x65,
+	0x50, 0x72, 0x6f, 0x76, 0x69, 0x64, 0x65, 0x72, 0x12, 0xc6, 0x01, 0x0a, 0x2d, 0x74, 0x6c, 0x73,
+	0x5f, 0x63, 0x65, 0x72, 0x74, 0x69, 0x66, 0x69, 0x63, 0x61, 0x74, 0x65, 0x5f, 0x63, 0x65, 0x72,
+	0x74, 0x69, 0x66, 0x69, 0x63, 0x61, 0x74, 0x65, 0x5f, 0x70, 0x72, 0x6f, 0x76, 0x69, 0x64, 0x65,
+	0x72, 0x5f, 0x69, 0x6e, 0x73, 0x74, 0x61, 0x6e, 0x63, 0x65, 0x18, 0x0b, 0x20, 0x01, 0x28, 0x0b,
+	0x32, 0x57, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x65, 0x78, 0x74, 0x65, 0x6e, 0x73, 0x69,
+	0x6f, 0x6e, 0x73, 0x2e, 0x74, 0x72, 0x61, 0x6e, 0x73, 0x70, 0x6f, 0x72, 0x74, 0x5f, 0x73, 0x6f,
+	0x63, 0x6b, 0x65, 0x74, 0x73, 0x2e, 0x74, 0x6c, 0x73, 0x2e, 0x76, 0x33, 0x2e, 0x43, 0x6f, 0x6d,
+	0x6d, 0x6f, 0x6e, 0x54, 0x6c, 0x73, 0x43, 0x6f, 0x6e, 0x74, 0x65, 0x78, 0x74, 0x2e, 0x43, 0x65,
+	0x72, 0x74, 0x69, 0x66, 0x69, 0x63, 0x61, 0x74, 0x65, 0x50, 0x72, 0x6f, 0x76, 0x69, 0x64, 0x65,
+	0x72, 0x49, 0x6e, 0x73, 0x74, 0x61, 0x6e, 0x63, 0x65, 0x42, 0x0b, 0x18, 0x01, 0x92, 0xc7, 0x86,
+	0xd8, 0x04, 0x03, 0x33, 0x2e, 0x30, 0x52, 0x29, 0x74, 0x6c, 0x73, 0x43, 0x65, 0x72, 0x74, 0x69,
+	0x66, 0x69, 0x63, 0x61, 0x74, 0x65, 0x43, 0x65, 0x72, 0x74, 0x69, 0x66, 0x69, 0x63, 0x61, 0x74,
+	0x65, 0x50, 0x72, 0x6f, 0x76, 0x69, 0x64, 0x65, 0x72, 0x49, 0x6e, 0x73, 0x74, 0x61, 0x6e, 0x63,
+	0x65, 0x12, 0x78, 0x0a, 0x12, 0x76, 0x61, 0x6c, 0x69, 0x64, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x5f,
+	0x63, 0x6f, 0x6e, 0x74, 0x65, 0x78, 0x74, 0x18, 0x03, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x47, 0x2e,
+	0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x65, 0x78, 0x74, 0x65, 0x6e, 0x73, 0x69, 0x6f, 0x6e, 0x73,
+	0x2e, 0x74, 0x72, 0x61, 0x6e, 0x73, 0x70, 0x6f, 0x72, 0x74, 0x5f, 0x73, 0x6f, 0x63, 0x6b, 0x65,
+	0x74, 0x73, 0x2e, 0x74, 0x6c, 0x73, 0x2e, 0x76, 0x33, 0x2e, 0x43, 0x65, 0x72, 0x74, 0x69, 0x66,
+	0x69, 0x63, 0x61, 0x74, 0x65, 0x56, 0x61, 0x6c, 0x69, 0x64, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x43,
+	0x6f, 0x6e, 0x74, 0x65, 0x78, 0x74, 0x48, 0x00, 0x52, 0x11, 0x76, 0x61, 0x6c, 0x69, 0x64, 0x61,
+	0x74, 0x69, 0x6f, 0x6e, 0x43, 0x6f, 0x6e, 0x74, 0x65, 0x78, 0x74, 0x12, 0x8c, 0x01, 0x0a, 0x24,
+	0x76, 0x61, 0x6c, 0x69, 0x64, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x5f, 0x63, 0x6f, 0x6e, 0x74, 0x65,
+	0x78, 0x74, 0x5f, 0x73, 0x64, 0x73, 0x5f, 0x73, 0x65, 0x63, 0x72, 0x65, 0x74, 0x5f, 0x63, 0x6f,
+	0x6e, 0x66, 0x69, 0x67, 0x18, 0x07, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x3a, 0x2e, 0x65, 0x6e, 0x76,
+	0x6f, 0x79, 0x2e, 0x65, 0x78, 0x74, 0x65, 0x6e, 0x73, 0x69, 0x6f, 0x6e, 0x73, 0x2e, 0x74, 0x72,
+	0x61, 0x6e, 0x73, 0x70, 0x6f, 0x72, 0x74, 0x5f, 0x73, 0x6f, 0x63, 0x6b, 0x65, 0x74, 0x73, 0x2e,
+	0x74, 0x6c, 0x73, 0x2e, 0x76, 0x33, 0x2e, 0x53, 0x64, 0x73, 0x53, 0x65, 0x63, 0x72, 0x65, 0x74,
+	0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x48, 0x00, 0x52, 0x20, 0x76, 0x61, 0x6c, 0x69, 0x64, 0x61,
+	0x74, 0x69, 0x6f, 0x6e, 0x43, 0x6f, 0x6e, 0x74, 0x65, 0x78, 0x74, 0x53, 0x64, 0x73, 0x53, 0x65,
+	0x63, 0x72, 0x65, 0x74, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x12, 0xa2, 0x01, 0x0a, 0x1b, 0x63,
+	0x6f, 0x6d, 0x62, 0x69, 0x6e, 0x65, 0x64, 0x5f, 0x76, 0x61, 0x6c, 0x69, 0x64, 0x61, 0x74, 0x69,
+	0x6f, 0x6e, 0x5f, 0x63, 0x6f, 0x6e, 0x74, 0x65, 0x78, 0x74, 0x18, 0x08, 0x20, 0x01, 0x28, 0x0b,
+	0x32, 0x60, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x65, 0x78, 0x74, 0x65, 0x6e, 0x73, 0x69,
+	0x6f, 0x6e, 0x73, 0x2e, 0x74, 0x72, 0x61, 0x6e, 0x73, 0x70, 0x6f, 0x72, 0x74, 0x5f, 0x73, 0x6f,
+	0x63, 0x6b, 0x65, 0x74, 0x73, 0x2e, 0x74, 0x6c, 0x73, 0x2e, 0x76, 0x33, 0x2e, 0x43, 0x6f, 0x6d,
+	0x6d, 0x6f, 0x6e, 0x54, 0x6c, 0x73, 0x43, 0x6f, 0x6e, 0x74, 0x65, 0x78, 0x74, 0x2e, 0x43, 0x6f,
+	0x6d, 0x62, 0x69, 0x6e, 0x65, 0x64, 0x43, 0x65, 0x72, 0x74, 0x69, 0x66, 0x69, 0x63, 0x61, 0x74,
+	0x65, 0x56, 0x61, 0x6c, 0x69, 0x64, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x43, 0x6f, 0x6e, 0x74, 0x65,
+	0x78, 0x74, 0x48, 0x00, 0x52, 0x19, 0x63, 0x6f, 0x6d, 0x62, 0x69, 0x6e, 0x65, 0x64, 0x56, 0x61,
+	0x6c, 0x69, 0x64, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x43, 0x6f, 0x6e, 0x74, 0x65, 0x78, 0x74, 0x12,
+	0xb5, 0x01, 0x0a, 0x27, 0x76, 0x61, 0x6c, 0x69, 0x64, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x5f, 0x63,
+	0x6f, 0x6e, 0x74, 0x65, 0x78, 0x74, 0x5f, 0x63, 0x65, 0x72, 0x74, 0x69, 0x66, 0x69, 0x63, 0x61,
+	0x74, 0x65, 0x5f, 0x70, 0x72, 0x6f, 0x76, 0x69, 0x64, 0x65, 0x72, 0x18, 0x0a, 0x20, 0x01, 0x28,
+	0x0b, 0x32, 0x4f, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x65, 0x78, 0x74, 0x65, 0x6e, 0x73,
+	0x69, 0x6f, 0x6e, 0x73, 0x2e, 0x74, 0x72, 0x61, 0x6e, 0x73, 0x70, 0x6f, 0x72, 0x74, 0x5f, 0x73,
+	0x6f, 0x63, 0x6b, 0x65, 0x74, 0x73, 0x2e, 0x74, 0x6c, 0x73, 0x2e, 0x76, 0x33, 0x2e, 0x43, 0x6f,
+	0x6d, 0x6d, 0x6f, 0x6e, 0x54, 0x6c, 0x73, 0x43, 0x6f, 0x6e, 0x74, 0x65, 0x78, 0x74, 0x2e, 0x43,
+	0x65, 0x72, 0x74, 0x69, 0x66, 0x69, 0x63, 0x61, 0x74, 0x65, 0x50, 0x72, 0x6f, 0x76, 0x69, 0x64,
+	0x65, 0x72, 0x42, 0x0b, 0x18, 0x01, 0x92, 0xc7, 0x86, 0xd8, 0x04, 0x03, 0x33, 0x2e, 0x30, 0x48,
+	0x00, 0x52, 0x24, 0x76, 0x61, 0x6c, 0x69, 0x64, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x43, 0x6f, 0x6e,
+	0x74, 0x65, 0x78, 0x74, 0x43, 0x65, 0x72, 0x74, 0x69, 0x66, 0x69, 0x63, 0x61, 0x74, 0x65, 0x50,
+	0x72, 0x6f, 0x76, 0x69, 0x64, 0x65, 0x72, 0x12, 0xce, 0x01, 0x0a, 0x30, 0x76, 0x61, 0x6c, 0x69,
+	0x64, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x5f, 0x63, 0x6f, 0x6e, 0x74, 0x65, 0x78, 0x74, 0x5f, 0x63,
+	0x65, 0x72, 0x74, 0x69, 0x66, 0x69, 0x63, 0x61, 0x74, 0x65, 0x5f, 0x70, 0x72, 0x6f, 0x76, 0x69,
+	0x64, 0x65, 0x72, 0x5f, 0x69, 0x6e, 0x73, 0x74, 0x61, 0x6e, 0x63, 0x65, 0x18, 0x0c, 0x20, 0x01,
+	0x28, 0x0b, 0x32, 0x57, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x65, 0x78, 0x74, 0x65, 0x6e,
+	0x73, 0x69, 0x6f, 0x6e, 0x73, 0x2e, 0x74, 0x72, 0x61, 0x6e, 0x73, 0x70, 0x6f, 0x72, 0x74, 0x5f,
+	0x73, 0x6f, 0x63, 0x6b, 0x65, 0x74, 0x73, 0x2e, 0x74, 0x6c, 0x73, 0x2e, 0x76, 0x33, 0x2e, 0x43,
+	0x6f, 0x6d, 0x6d, 0x6f, 0x6e, 0x54, 0x6c, 0x73, 0x43, 0x6f, 0x6e, 0x74, 0x65, 0x78, 0x74, 0x2e,
+	0x43, 0x65, 0x72, 0x74, 0x69, 0x66, 0x69, 0x63, 0x61, 0x74, 0x65, 0x50, 0x72, 0x6f, 0x76, 0x69,
+	0x64, 0x65, 0x72, 0x49, 0x6e, 0x73, 0x74, 0x61, 0x6e, 0x63, 0x65, 0x42, 0x0b, 0x18, 0x01, 0x92,
+	0xc7, 0x86, 0xd8, 0x04, 0x03, 0x33, 0x2e, 0x30, 0x48, 0x00, 0x52, 0x2c, 0x76, 0x61, 0x6c, 0x69,
+	0x64, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x43, 0x6f, 0x6e, 0x74, 0x65, 0x78, 0x74, 0x43, 0x65, 0x72,
+	0x74, 0x69, 0x66, 0x69, 0x63, 0x61, 0x74, 0x65, 0x50, 0x72, 0x6f, 0x76, 0x69, 0x64, 0x65, 0x72,
+	0x49, 0x6e, 0x73, 0x74, 0x61, 0x6e, 0x63, 0x65, 0x12, 0x25, 0x0a, 0x0e, 0x61, 0x6c, 0x70, 0x6e,
+	0x5f, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x63, 0x6f, 0x6c, 0x73, 0x18, 0x04, 0x20, 0x03, 0x28, 0x09,
+	0x52, 0x0d, 0x61, 0x6c, 0x70, 0x6e, 0x50, 0x72, 0x6f, 0x74, 0x6f, 0x63, 0x6f, 0x6c, 0x73, 0x12,
+	0x57, 0x0a, 0x11, 0x63, 0x75, 0x73, 0x74, 0x6f, 0x6d, 0x5f, 0x68, 0x61, 0x6e, 0x64, 0x73, 0x68,
+	0x61, 0x6b, 0x65, 0x72, 0x18, 0x0d, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x2a, 0x2e, 0x65, 0x6e, 0x76,
+	0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x63, 0x6f, 0x72, 0x65, 0x2e, 0x76,
+	0x33, 0x2e, 0x54, 0x79, 0x70, 0x65, 0x64, 0x45, 0x78, 0x74, 0x65, 0x6e, 0x73, 0x69, 0x6f, 0x6e,
+	0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x52, 0x10, 0x63, 0x75, 0x73, 0x74, 0x6f, 0x6d, 0x48, 0x61,
+	0x6e, 0x64, 0x73, 0x68, 0x61, 0x6b, 0x65, 0x72, 0x1a, 0x92, 0x01, 0x0a, 0x13, 0x43, 0x65, 0x72,
+	0x74, 0x69, 0x66, 0x69, 0x63, 0x61, 0x74, 0x65, 0x50, 0x72, 0x6f, 0x76, 0x69, 0x64, 0x65, 0x72,
+	0x12, 0x1b, 0x0a, 0x04, 0x6e, 0x61, 0x6d, 0x65, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x42, 0x07,
+	0xfa, 0x42, 0x04, 0x72, 0x02, 0x10, 0x01, 0x52, 0x04, 0x6e, 0x61, 0x6d, 0x65, 0x12, 0x4f, 0x0a,
+	0x0c, 0x74, 0x79, 0x70, 0x65, 0x64, 0x5f, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x18, 0x02, 0x20,
+	0x01, 0x28, 0x0b, 0x32, 0x2a, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66,
+	0x69, 0x67, 0x2e, 0x63, 0x6f, 0x72, 0x65, 0x2e, 0x76, 0x33, 0x2e, 0x54, 0x79, 0x70, 0x65, 0x64,
+	0x45, 0x78, 0x74, 0x65, 0x6e, 0x73, 0x69, 0x6f, 0x6e, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x48,
+	0x00, 0x52, 0x0b, 0x74, 0x79, 0x70, 0x65, 0x64, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x42, 0x0d,
+	0x0a, 0x06, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x12, 0x03, 0xf8, 0x42, 0x01, 0x1a, 0x6d, 0x0a,
+	0x1b, 0x43, 0x65, 0x72, 0x74, 0x69, 0x66, 0x69, 0x63, 0x61, 0x74, 0x65, 0x50, 0x72, 0x6f, 0x76,
+	0x69, 0x64, 0x65, 0x72, 0x49, 0x6e, 0x73, 0x74, 0x61, 0x6e, 0x63, 0x65, 0x12, 0x23, 0x0a, 0x0d,
+	0x69, 0x6e, 0x73, 0x74, 0x61, 0x6e, 0x63, 0x65, 0x5f, 0x6e, 0x61, 0x6d, 0x65, 0x18, 0x01, 0x20,
+	0x01, 0x28, 0x09, 0x52, 0x0c, 0x69, 0x6e, 0x73, 0x74, 0x61, 0x6e, 0x63, 0x65, 0x4e, 0x61, 0x6d,
+	0x65, 0x12, 0x29, 0x0a, 0x10, 0x63, 0x65, 0x72, 0x74, 0x69, 0x66, 0x69, 0x63, 0x61, 0x74, 0x65,
+	0x5f, 0x6e, 0x61, 0x6d, 0x65, 0x18, 0x02, 0x20, 0x01, 0x28, 0x09, 0x52, 0x0f, 0x63, 0x65, 0x72,
+	0x74, 0x69, 0x66, 0x69, 0x63, 0x61, 0x74, 0x65, 0x4e, 0x61, 0x6d, 0x65, 0x1a, 0xa4, 0x06, 0x0a,
+	0x24, 0x43, 0x6f, 0x6d, 0x62, 0x69, 0x6e, 0x65, 0x64, 0x43, 0x65, 0x72, 0x74, 0x69, 0x66, 0x69,
+	0x63, 0x61, 0x74, 0x65, 0x56, 0x61, 0x6c, 0x69, 0x64, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x43, 0x6f,
+	0x6e, 0x74, 0x65, 0x78, 0x74, 0x12, 0x8f, 0x01, 0x0a, 0x1a, 0x64, 0x65, 0x66, 0x61, 0x75, 0x6c,
+	0x74, 0x5f, 0x76, 0x61, 0x6c, 0x69, 0x64, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x5f, 0x63, 0x6f, 0x6e,
+	0x74, 0x65, 0x78, 0x74, 0x18, 0x01, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x47, 0x2e, 0x65, 0x6e, 0x76,
+	0x6f, 0x79, 0x2e, 0x65, 0x78, 0x74, 0x65, 0x6e, 0x73, 0x69, 0x6f, 0x6e, 0x73, 0x2e, 0x74, 0x72,
+	0x61, 0x6e, 0x73, 0x70, 0x6f, 0x72, 0x74, 0x5f, 0x73, 0x6f, 0x63, 0x6b, 0x65, 0x74, 0x73, 0x2e,
+	0x74, 0x6c, 0x73, 0x2e, 0x76, 0x33, 0x2e, 0x43, 0x65, 0x72, 0x74, 0x69, 0x66, 0x69, 0x63, 0x61,
+	0x74, 0x65, 0x56, 0x61, 0x6c, 0x69, 0x64, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x43, 0x6f, 0x6e, 0x74,
+	0x65, 0x78, 0x74, 0x42, 0x08, 0xfa, 0x42, 0x05, 0x8a, 0x01, 0x02, 0x10, 0x01, 0x52, 0x18, 0x64,
+	0x65, 0x66, 0x61, 0x75, 0x6c, 0x74, 0x56, 0x61, 0x6c, 0x69, 0x64, 0x61, 0x74, 0x69, 0x6f, 0x6e,
+	0x43, 0x6f, 0x6e, 0x74, 0x65, 0x78, 0x74, 0x12, 0x94, 0x01, 0x0a, 0x24, 0x76, 0x61, 0x6c, 0x69,
+	0x64, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x5f, 0x63, 0x6f, 0x6e, 0x74, 0x65, 0x78, 0x74, 0x5f, 0x73,
+	0x64, 0x73, 0x5f, 0x73, 0x65, 0x63, 0x72, 0x65, 0x74, 0x5f, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67,
+	0x18, 0x02, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x3a, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x65,
+	0x78, 0x74, 0x65, 0x6e, 0x73, 0x69, 0x6f, 0x6e, 0x73, 0x2e, 0x74, 0x72, 0x61, 0x6e, 0x73, 0x70,
+	0x6f, 0x72, 0x74, 0x5f, 0x73, 0x6f, 0x63, 0x6b, 0x65, 0x74, 0x73, 0x2e, 0x74, 0x6c, 0x73, 0x2e,
+	0x76, 0x33, 0x2e, 0x53, 0x64, 0x73, 0x53, 0x65, 0x63, 0x72, 0x65, 0x74, 0x43, 0x6f, 0x6e, 0x66,
+	0x69, 0x67, 0x42, 0x08, 0xfa, 0x42, 0x05, 0x8a, 0x01, 0x02, 0x10, 0x01, 0x52, 0x20, 0x76, 0x61,
+	0x6c, 0x69, 0x64, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x43, 0x6f, 0x6e, 0x74, 0x65, 0x78, 0x74, 0x53,
+	0x64, 0x73, 0x53, 0x65, 0x63, 0x72, 0x65, 0x74, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x12, 0xb3,
+	0x01, 0x0a, 0x27, 0x76, 0x61, 0x6c, 0x69, 0x64, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x5f, 0x63, 0x6f,
+	0x6e, 0x74, 0x65, 0x78, 0x74, 0x5f, 0x63, 0x65, 0x72, 0x74, 0x69, 0x66, 0x69, 0x63, 0x61, 0x74,
+	0x65, 0x5f, 0x70, 0x72, 0x6f, 0x76, 0x69, 0x64, 0x65, 0x72, 0x18, 0x03, 0x20, 0x01, 0x28, 0x0b,
+	0x32, 0x4f, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x65, 0x78, 0x74, 0x65, 0x6e, 0x73, 0x69,
+	0x6f, 0x6e, 0x73, 0x2e, 0x74, 0x72, 0x61, 0x6e, 0x73, 0x70, 0x6f, 0x72, 0x74, 0x5f, 0x73, 0x6f,
+	0x63, 0x6b, 0x65, 0x74, 0x73, 0x2e, 0x74, 0x6c, 0x73, 0x2e, 0x76, 0x33, 0x2e, 0x43, 0x6f, 0x6d,
+	0x6d, 0x6f, 0x6e, 0x54, 0x6c, 0x73, 0x43, 0x6f, 0x6e, 0x74, 0x65, 0x78, 0x74, 0x2e, 0x43, 0x65,
+	0x72, 0x74, 0x69, 0x66, 0x69, 0x63, 0x61, 0x74, 0x65, 0x50, 0x72, 0x6f, 0x76, 0x69, 0x64, 0x65,
+	0x72, 0x42, 0x0b, 0x18, 0x01, 0x92, 0xc7, 0x86, 0xd8, 0x04, 0x03, 0x33, 0x2e, 0x30, 0x52, 0x24,
+	0x76, 0x61, 0x6c, 0x69, 0x64, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x43, 0x6f, 0x6e, 0x74, 0x65, 0x78,
+	0x74, 0x43, 0x65, 0x72, 0x74, 0x69, 0x66, 0x69, 0x63, 0x61, 0x74, 0x65, 0x50, 0x72, 0x6f, 0x76,
+	0x69, 0x64, 0x65, 0x72, 0x12, 0xcc, 0x01, 0x0a, 0x30, 0x76, 0x61, 0x6c, 0x69, 0x64, 0x61, 0x74,
+	0x69, 0x6f, 0x6e, 0x5f, 0x63, 0x6f, 0x6e, 0x74, 0x65, 0x78, 0x74, 0x5f, 0x63, 0x65, 0x72, 0x74,
+	0x69, 0x66, 0x69, 0x63, 0x61, 0x74, 0x65, 0x5f, 0x70, 0x72, 0x6f, 0x76, 0x69, 0x64, 0x65, 0x72,
+	0x5f, 0x69, 0x6e, 0x73, 0x74, 0x61, 0x6e, 0x63, 0x65, 0x18, 0x04, 0x20, 0x01, 0x28, 0x0b, 0x32,
+	0x57, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x65, 0x78, 0x74, 0x65, 0x6e, 0x73, 0x69, 0x6f,
+	0x6e, 0x73, 0x2e, 0x74, 0x72, 0x61, 0x6e, 0x73, 0x70, 0x6f, 0x72, 0x74, 0x5f, 0x73, 0x6f, 0x63,
+	0x6b, 0x65, 0x74, 0x73, 0x2e, 0x74, 0x6c, 0x73, 0x2e, 0x76, 0x33, 0x2e, 0x43, 0x6f, 0x6d, 0x6d,
+	0x6f, 0x6e, 0x54, 0x6c, 0x73, 0x43, 0x6f, 0x6e, 0x74, 0x65, 0x78, 0x74, 0x2e, 0x43, 0x65, 0x72,
+	0x74, 0x69, 0x66, 0x69, 0x63, 0x61, 0x74, 0x65, 0x50, 0x72, 0x6f, 0x76, 0x69, 0x64, 0x65, 0x72,
+	0x49, 0x6e, 0x73, 0x74, 0x61, 0x6e, 0x63, 0x65, 0x42, 0x0b, 0x18, 0x01, 0x92, 0xc7, 0x86, 0xd8,
+	0x04, 0x03, 0x33, 0x2e, 0x30, 0x52, 0x2c, 0x76, 0x61, 0x6c, 0x69, 0x64, 0x61, 0x74, 0x69, 0x6f,
+	0x6e, 0x43, 0x6f, 0x6e, 0x74, 0x65, 0x78, 0x74, 0x43, 0x65, 0x72, 0x74, 0x69, 0x66, 0x69, 0x63,
+	0x61, 0x74, 0x65, 0x50, 0x72, 0x6f, 0x76, 0x69, 0x64, 0x65, 0x72, 0x49, 0x6e, 0x73, 0x74, 0x61,
+	0x6e, 0x63, 0x65, 0x3a, 0x4e, 0x9a, 0xc5, 0x88, 0x1e, 0x49, 0x0a, 0x47, 0x65, 0x6e, 0x76, 0x6f,
+	0x79, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x76, 0x32, 0x2e, 0x61, 0x75, 0x74, 0x68, 0x2e, 0x43, 0x6f,
+	0x6d, 0x6d, 0x6f, 0x6e, 0x54, 0x6c, 0x73, 0x43, 0x6f, 0x6e, 0x74, 0x65, 0x78, 0x74, 0x2e, 0x43,
+	0x6f, 0x6d, 0x62, 0x69, 0x6e, 0x65, 0x64, 0x43, 0x65, 0x72, 0x74, 0x69, 0x66, 0x69, 0x63, 0x61,
+	0x74, 0x65, 0x56, 0x61, 0x6c, 0x69, 0x64, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x43, 0x6f, 0x6e, 0x74,
+	0x65, 0x78, 0x74, 0x3a, 0x29, 0x9a, 0xc5, 0x88, 0x1e, 0x24, 0x0a, 0x22, 0x65, 0x6e, 0x76, 0x6f,
+	0x79, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x76, 0x32, 0x2e, 0x61, 0x75, 0x74, 0x68, 0x2e, 0x43, 0x6f,
+	0x6d, 0x6d, 0x6f, 0x6e, 0x54, 0x6c, 0x73, 0x43, 0x6f, 0x6e, 0x74, 0x65, 0x78, 0x74, 0x42, 0x19,
+	0x0a, 0x17, 0x76, 0x61, 0x6c, 0x69, 0x64, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x5f, 0x63, 0x6f, 0x6e,
+	0x74, 0x65, 0x78, 0x74, 0x5f, 0x74, 0x79, 0x70, 0x65, 0x4a, 0x04, 0x08, 0x05, 0x10, 0x06, 0x42,
+	0x4d, 0x0a, 0x37, 0x69, 0x6f, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x70, 0x72, 0x6f, 0x78, 0x79,
+	0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x65, 0x78, 0x74, 0x65, 0x6e, 0x73, 0x69, 0x6f, 0x6e,
+	0x73, 0x2e, 0x74, 0x72, 0x61, 0x6e, 0x73, 0x70, 0x6f, 0x72, 0x74, 0x5f, 0x73, 0x6f, 0x63, 0x6b,
+	0x65, 0x74, 0x73, 0x2e, 0x74, 0x6c, 0x73, 0x2e, 0x76, 0x33, 0x42, 0x08, 0x54, 0x6c, 0x73, 0x50,
+	0x72, 0x6f, 0x74, 0x6f, 0x50, 0x01, 0xba, 0x80, 0xc8, 0xd1, 0x06, 0x02, 0x10, 0x02, 0x62, 0x06,
+	0x70, 0x72, 0x6f, 0x74, 0x6f, 0x33,
+}
+
+var (
+	file_envoy_extensions_transport_sockets_tls_v3_tls_proto_rawDescOnce sync.Once
+	file_envoy_extensions_transport_sockets_tls_v3_tls_proto_rawDescData = file_envoy_extensions_transport_sockets_tls_v3_tls_proto_rawDesc
+)
+
+func file_envoy_extensions_transport_sockets_tls_v3_tls_proto_rawDescGZIP() []byte {
+	file_envoy_extensions_transport_sockets_tls_v3_tls_proto_rawDescOnce.Do(func() {
+		file_envoy_extensions_transport_sockets_tls_v3_tls_proto_rawDescData = protoimpl.X.CompressGZIP(file_envoy_extensions_transport_sockets_tls_v3_tls_proto_rawDescData)
+	})
+	return file_envoy_extensions_transport_sockets_tls_v3_tls_proto_rawDescData
+}
+
+var file_envoy_extensions_transport_sockets_tls_v3_tls_proto_enumTypes = make([]protoimpl.EnumInfo, 1)
+var file_envoy_extensions_transport_sockets_tls_v3_tls_proto_msgTypes = make([]protoimpl.MessageInfo, 6)
+var file_envoy_extensions_transport_sockets_tls_v3_tls_proto_goTypes = []interface{}{
+	(DownstreamTlsContext_OcspStaplePolicy)(0),                    // 0: envoy.extensions.transport_sockets.tls.v3.DownstreamTlsContext.OcspStaplePolicy
+	(*UpstreamTlsContext)(nil),                                    // 1: envoy.extensions.transport_sockets.tls.v3.UpstreamTlsContext
+	(*DownstreamTlsContext)(nil),                                  // 2: envoy.extensions.transport_sockets.tls.v3.DownstreamTlsContext
+	(*CommonTlsContext)(nil),                                      // 3: envoy.extensions.transport_sockets.tls.v3.CommonTlsContext
+	(*CommonTlsContext_CertificateProvider)(nil),                  // 4: envoy.extensions.transport_sockets.tls.v3.CommonTlsContext.CertificateProvider
+	(*CommonTlsContext_CertificateProviderInstance)(nil),          // 5: envoy.extensions.transport_sockets.tls.v3.CommonTlsContext.CertificateProviderInstance
+	(*CommonTlsContext_CombinedCertificateValidationContext)(nil), // 6: envoy.extensions.transport_sockets.tls.v3.CommonTlsContext.CombinedCertificateValidationContext
+	(*wrappers.UInt32Value)(nil),                                  // 7: google.protobuf.UInt32Value
+	(*wrappers.BoolValue)(nil),                                    // 8: google.protobuf.BoolValue
+	(*TlsSessionTicketKeys)(nil),                                  // 9: envoy.extensions.transport_sockets.tls.v3.TlsSessionTicketKeys
+	(*SdsSecretConfig)(nil),                                       // 10: envoy.extensions.transport_sockets.tls.v3.SdsSecretConfig
+	(*duration.Duration)(nil),                                     // 11: google.protobuf.Duration
+	(*TlsParameters)(nil),                                         // 12: envoy.extensions.transport_sockets.tls.v3.TlsParameters
+	(*TlsCertificate)(nil),                                        // 13: envoy.extensions.transport_sockets.tls.v3.TlsCertificate
+	(*CertificateProviderPluginInstance)(nil),                     // 14: envoy.extensions.transport_sockets.tls.v3.CertificateProviderPluginInstance
+	(*CertificateValidationContext)(nil),                          // 15: envoy.extensions.transport_sockets.tls.v3.CertificateValidationContext
+	(*v3.TypedExtensionConfig)(nil),                               // 16: envoy.config.core.v3.TypedExtensionConfig
+}
+var file_envoy_extensions_transport_sockets_tls_v3_tls_proto_depIdxs = []int32{
+	3,  // 0: envoy.extensions.transport_sockets.tls.v3.UpstreamTlsContext.common_tls_context:type_name -> envoy.extensions.transport_sockets.tls.v3.CommonTlsContext
+	7,  // 1: envoy.extensions.transport_sockets.tls.v3.UpstreamTlsContext.max_session_keys:type_name -> google.protobuf.UInt32Value
+	3,  // 2: envoy.extensions.transport_sockets.tls.v3.DownstreamTlsContext.common_tls_context:type_name -> envoy.extensions.transport_sockets.tls.v3.CommonTlsContext
+	8,  // 3: envoy.extensions.transport_sockets.tls.v3.DownstreamTlsContext.require_client_certificate:type_name -> google.protobuf.BoolValue
+	8,  // 4: envoy.extensions.transport_sockets.tls.v3.DownstreamTlsContext.require_sni:type_name -> google.protobuf.BoolValue
+	9,  // 5: envoy.extensions.transport_sockets.tls.v3.DownstreamTlsContext.session_ticket_keys:type_name -> envoy.extensions.transport_sockets.tls.v3.TlsSessionTicketKeys
+	10, // 6: envoy.extensions.transport_sockets.tls.v3.DownstreamTlsContext.session_ticket_keys_sds_secret_config:type_name -> envoy.extensions.transport_sockets.tls.v3.SdsSecretConfig
+	11, // 7: envoy.extensions.transport_sockets.tls.v3.DownstreamTlsContext.session_timeout:type_name -> google.protobuf.Duration
+	0,  // 8: envoy.extensions.transport_sockets.tls.v3.DownstreamTlsContext.ocsp_staple_policy:type_name -> envoy.extensions.transport_sockets.tls.v3.DownstreamTlsContext.OcspStaplePolicy
+	12, // 9: envoy.extensions.transport_sockets.tls.v3.CommonTlsContext.tls_params:type_name -> envoy.extensions.transport_sockets.tls.v3.TlsParameters
+	13, // 10: envoy.extensions.transport_sockets.tls.v3.CommonTlsContext.tls_certificates:type_name -> envoy.extensions.transport_sockets.tls.v3.TlsCertificate
+	10, // 11: envoy.extensions.transport_sockets.tls.v3.CommonTlsContext.tls_certificate_sds_secret_configs:type_name -> envoy.extensions.transport_sockets.tls.v3.SdsSecretConfig
+	14, // 12: envoy.extensions.transport_sockets.tls.v3.CommonTlsContext.tls_certificate_provider_instance:type_name -> envoy.extensions.transport_sockets.tls.v3.CertificateProviderPluginInstance
+	4,  // 13: envoy.extensions.transport_sockets.tls.v3.CommonTlsContext.tls_certificate_certificate_provider:type_name -> envoy.extensions.transport_sockets.tls.v3.CommonTlsContext.CertificateProvider
+	5,  // 14: envoy.extensions.transport_sockets.tls.v3.CommonTlsContext.tls_certificate_certificate_provider_instance:type_name -> envoy.extensions.transport_sockets.tls.v3.CommonTlsContext.CertificateProviderInstance
+	15, // 15: envoy.extensions.transport_sockets.tls.v3.CommonTlsContext.validation_context:type_name -> envoy.extensions.transport_sockets.tls.v3.CertificateValidationContext
+	10, // 16: envoy.extensions.transport_sockets.tls.v3.CommonTlsContext.validation_context_sds_secret_config:type_name -> envoy.extensions.transport_sockets.tls.v3.SdsSecretConfig
+	6,  // 17: envoy.extensions.transport_sockets.tls.v3.CommonTlsContext.combined_validation_context:type_name -> envoy.extensions.transport_sockets.tls.v3.CommonTlsContext.CombinedCertificateValidationContext
+	4,  // 18: envoy.extensions.transport_sockets.tls.v3.CommonTlsContext.validation_context_certificate_provider:type_name -> envoy.extensions.transport_sockets.tls.v3.CommonTlsContext.CertificateProvider
+	5,  // 19: envoy.extensions.transport_sockets.tls.v3.CommonTlsContext.validation_context_certificate_provider_instance:type_name -> envoy.extensions.transport_sockets.tls.v3.CommonTlsContext.CertificateProviderInstance
+	16, // 20: envoy.extensions.transport_sockets.tls.v3.CommonTlsContext.custom_handshaker:type_name -> envoy.config.core.v3.TypedExtensionConfig
+	16, // 21: envoy.extensions.transport_sockets.tls.v3.CommonTlsContext.CertificateProvider.typed_config:type_name -> envoy.config.core.v3.TypedExtensionConfig
+	15, // 22: envoy.extensions.transport_sockets.tls.v3.CommonTlsContext.CombinedCertificateValidationContext.default_validation_context:type_name -> envoy.extensions.transport_sockets.tls.v3.CertificateValidationContext
+	10, // 23: envoy.extensions.transport_sockets.tls.v3.CommonTlsContext.CombinedCertificateValidationContext.validation_context_sds_secret_config:type_name -> envoy.extensions.transport_sockets.tls.v3.SdsSecretConfig
+	4,  // 24: envoy.extensions.transport_sockets.tls.v3.CommonTlsContext.CombinedCertificateValidationContext.validation_context_certificate_provider:type_name -> envoy.extensions.transport_sockets.tls.v3.CommonTlsContext.CertificateProvider
+	5,  // 25: envoy.extensions.transport_sockets.tls.v3.CommonTlsContext.CombinedCertificateValidationContext.validation_context_certificate_provider_instance:type_name -> envoy.extensions.transport_sockets.tls.v3.CommonTlsContext.CertificateProviderInstance
+	26, // [26:26] is the sub-list for method output_type
+	26, // [26:26] is the sub-list for method input_type
+	26, // [26:26] is the sub-list for extension type_name
+	26, // [26:26] is the sub-list for extension extendee
+	0,  // [0:26] is the sub-list for field type_name
+}
+
+func init() { file_envoy_extensions_transport_sockets_tls_v3_tls_proto_init() }
+func file_envoy_extensions_transport_sockets_tls_v3_tls_proto_init() {
+	if File_envoy_extensions_transport_sockets_tls_v3_tls_proto != nil {
+		return
+	}
+	file_envoy_extensions_transport_sockets_tls_v3_common_proto_init()
+	file_envoy_extensions_transport_sockets_tls_v3_secret_proto_init()
+	if !protoimpl.UnsafeEnabled {
+		file_envoy_extensions_transport_sockets_tls_v3_tls_proto_msgTypes[0].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*UpstreamTlsContext); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_extensions_transport_sockets_tls_v3_tls_proto_msgTypes[1].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*DownstreamTlsContext); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_extensions_transport_sockets_tls_v3_tls_proto_msgTypes[2].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*CommonTlsContext); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_extensions_transport_sockets_tls_v3_tls_proto_msgTypes[3].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*CommonTlsContext_CertificateProvider); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_extensions_transport_sockets_tls_v3_tls_proto_msgTypes[4].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*CommonTlsContext_CertificateProviderInstance); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_extensions_transport_sockets_tls_v3_tls_proto_msgTypes[5].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*CommonTlsContext_CombinedCertificateValidationContext); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+	}
+	file_envoy_extensions_transport_sockets_tls_v3_tls_proto_msgTypes[1].OneofWrappers = []interface{}{
+		(*DownstreamTlsContext_SessionTicketKeys)(nil),
+		(*DownstreamTlsContext_SessionTicketKeysSdsSecretConfig)(nil),
+		(*DownstreamTlsContext_DisableStatelessSessionResumption)(nil),
+	}
+	file_envoy_extensions_transport_sockets_tls_v3_tls_proto_msgTypes[2].OneofWrappers = []interface{}{
+		(*CommonTlsContext_ValidationContext)(nil),
+		(*CommonTlsContext_ValidationContextSdsSecretConfig)(nil),
+		(*CommonTlsContext_CombinedValidationContext)(nil),
+		(*CommonTlsContext_ValidationContextCertificateProvider)(nil),
+		(*CommonTlsContext_ValidationContextCertificateProviderInstance)(nil),
+	}
+	file_envoy_extensions_transport_sockets_tls_v3_tls_proto_msgTypes[3].OneofWrappers = []interface{}{
+		(*CommonTlsContext_CertificateProvider_TypedConfig)(nil),
+	}
+	type x struct{}
+	out := protoimpl.TypeBuilder{
+		File: protoimpl.DescBuilder{
+			GoPackagePath: reflect.TypeOf(x{}).PkgPath(),
+			RawDescriptor: file_envoy_extensions_transport_sockets_tls_v3_tls_proto_rawDesc,
+			NumEnums:      1,
+			NumMessages:   6,
+			NumExtensions: 0,
+			NumServices:   0,
+		},
+		GoTypes:           file_envoy_extensions_transport_sockets_tls_v3_tls_proto_goTypes,
+		DependencyIndexes: file_envoy_extensions_transport_sockets_tls_v3_tls_proto_depIdxs,
+		EnumInfos:         file_envoy_extensions_transport_sockets_tls_v3_tls_proto_enumTypes,
+		MessageInfos:      file_envoy_extensions_transport_sockets_tls_v3_tls_proto_msgTypes,
+	}.Build()
+	File_envoy_extensions_transport_sockets_tls_v3_tls_proto = out.File
+	file_envoy_extensions_transport_sockets_tls_v3_tls_proto_rawDesc = nil
+	file_envoy_extensions_transport_sockets_tls_v3_tls_proto_goTypes = nil
+	file_envoy_extensions_transport_sockets_tls_v3_tls_proto_depIdxs = nil
+}
diff --git a/vendor/github.com/envoyproxy/go-control-plane/envoy/extensions/transport_sockets/tls/v3/tls.pb.validate.go b/vendor/github.com/envoyproxy/go-control-plane/envoy/extensions/transport_sockets/tls/v3/tls.pb.validate.go
new file mode 100644
index 00000000000..549185a5759
--- /dev/null
+++ b/vendor/github.com/envoyproxy/go-control-plane/envoy/extensions/transport_sockets/tls/v3/tls.pb.validate.go
@@ -0,0 +1,1514 @@
+// Code generated by protoc-gen-validate. DO NOT EDIT.
+// source: envoy/extensions/transport_sockets/tls/v3/tls.proto
+
+package envoy_extensions_transport_sockets_tls_v3
+
+import (
+	"bytes"
+	"errors"
+	"fmt"
+	"net"
+	"net/mail"
+	"net/url"
+	"regexp"
+	"sort"
+	"strings"
+	"time"
+	"unicode/utf8"
+
+	"google.golang.org/protobuf/types/known/anypb"
+)
+
+// ensure the imports are used
+var (
+	_ = bytes.MinRead
+	_ = errors.New("")
+	_ = fmt.Print
+	_ = utf8.UTFMax
+	_ = (*regexp.Regexp)(nil)
+	_ = (*strings.Reader)(nil)
+	_ = net.IPv4len
+	_ = time.Duration(0)
+	_ = (*url.URL)(nil)
+	_ = (*mail.Address)(nil)
+	_ = anypb.Any{}
+	_ = sort.Sort
+)
+
+// Validate checks the field values on UpstreamTlsContext with the rules
+// defined in the proto definition for this message. If any rules are
+// violated, the first error encountered is returned, or nil if there are no violations.
+func (m *UpstreamTlsContext) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on UpstreamTlsContext with the rules
+// defined in the proto definition for this message. If any rules are
+// violated, the result is a list of violation errors wrapped in
+// UpstreamTlsContextMultiError, or nil if none found.
+func (m *UpstreamTlsContext) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *UpstreamTlsContext) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	if all {
+		switch v := interface{}(m.GetCommonTlsContext()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, UpstreamTlsContextValidationError{
+					field:  "CommonTlsContext",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, UpstreamTlsContextValidationError{
+					field:  "CommonTlsContext",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetCommonTlsContext()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return UpstreamTlsContextValidationError{
+				field:  "CommonTlsContext",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if len(m.GetSni()) > 255 {
+		err := UpstreamTlsContextValidationError{
+			field:  "Sni",
+			reason: "value length must be at most 255 bytes",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+	}
+
+	// no validation rules for AllowRenegotiation
+
+	if all {
+		switch v := interface{}(m.GetMaxSessionKeys()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, UpstreamTlsContextValidationError{
+					field:  "MaxSessionKeys",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, UpstreamTlsContextValidationError{
+					field:  "MaxSessionKeys",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetMaxSessionKeys()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return UpstreamTlsContextValidationError{
+				field:  "MaxSessionKeys",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if len(errors) > 0 {
+		return UpstreamTlsContextMultiError(errors)
+	}
+	return nil
+}
+
+// UpstreamTlsContextMultiError is an error wrapping multiple validation errors
+// returned by UpstreamTlsContext.ValidateAll() if the designated constraints
+// aren't met.
+type UpstreamTlsContextMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m UpstreamTlsContextMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m UpstreamTlsContextMultiError) AllErrors() []error { return m }
+
+// UpstreamTlsContextValidationError is the validation error returned by
+// UpstreamTlsContext.Validate if the designated constraints aren't met.
+type UpstreamTlsContextValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e UpstreamTlsContextValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e UpstreamTlsContextValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e UpstreamTlsContextValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e UpstreamTlsContextValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e UpstreamTlsContextValidationError) ErrorName() string {
+	return "UpstreamTlsContextValidationError"
+}
+
+// Error satisfies the builtin error interface
+func (e UpstreamTlsContextValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sUpstreamTlsContext.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = UpstreamTlsContextValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = UpstreamTlsContextValidationError{}
+
+// Validate checks the field values on DownstreamTlsContext with the rules
+// defined in the proto definition for this message. If any rules are
+// violated, the first error encountered is returned, or nil if there are no violations.
+func (m *DownstreamTlsContext) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on DownstreamTlsContext with the rules
+// defined in the proto definition for this message. If any rules are
+// violated, the result is a list of violation errors wrapped in
+// DownstreamTlsContextMultiError, or nil if none found.
+func (m *DownstreamTlsContext) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *DownstreamTlsContext) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	if all {
+		switch v := interface{}(m.GetCommonTlsContext()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, DownstreamTlsContextValidationError{
+					field:  "CommonTlsContext",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, DownstreamTlsContextValidationError{
+					field:  "CommonTlsContext",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetCommonTlsContext()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return DownstreamTlsContextValidationError{
+				field:  "CommonTlsContext",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if all {
+		switch v := interface{}(m.GetRequireClientCertificate()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, DownstreamTlsContextValidationError{
+					field:  "RequireClientCertificate",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, DownstreamTlsContextValidationError{
+					field:  "RequireClientCertificate",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetRequireClientCertificate()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return DownstreamTlsContextValidationError{
+				field:  "RequireClientCertificate",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if all {
+		switch v := interface{}(m.GetRequireSni()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, DownstreamTlsContextValidationError{
+					field:  "RequireSni",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, DownstreamTlsContextValidationError{
+					field:  "RequireSni",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetRequireSni()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return DownstreamTlsContextValidationError{
+				field:  "RequireSni",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if d := m.GetSessionTimeout(); d != nil {
+		dur, err := d.AsDuration(), d.CheckValid()
+		if err != nil {
+			err = DownstreamTlsContextValidationError{
+				field:  "SessionTimeout",
+				reason: "value is not a valid duration",
+				cause:  err,
+			}
+			if !all {
+				return err
+			}
+			errors = append(errors, err)
+		} else {
+
+			lt := time.Duration(4294967296*time.Second + 0*time.Nanosecond)
+			gte := time.Duration(0*time.Second + 0*time.Nanosecond)
+
+			if dur < gte || dur >= lt {
+				err := DownstreamTlsContextValidationError{
+					field:  "SessionTimeout",
+					reason: "value must be inside range [0s, 1193046h28m16s)",
+				}
+				if !all {
+					return err
+				}
+				errors = append(errors, err)
+			}
+
+		}
+	}
+
+	if _, ok := DownstreamTlsContext_OcspStaplePolicy_name[int32(m.GetOcspStaplePolicy())]; !ok {
+		err := DownstreamTlsContextValidationError{
+			field:  "OcspStaplePolicy",
+			reason: "value must be one of the defined enum values",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+	}
+
+	switch m.SessionTicketKeysType.(type) {
+
+	case *DownstreamTlsContext_SessionTicketKeys:
+
+		if all {
+			switch v := interface{}(m.GetSessionTicketKeys()).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, DownstreamTlsContextValidationError{
+						field:  "SessionTicketKeys",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, DownstreamTlsContextValidationError{
+						field:  "SessionTicketKeys",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(m.GetSessionTicketKeys()).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return DownstreamTlsContextValidationError{
+					field:  "SessionTicketKeys",
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	case *DownstreamTlsContext_SessionTicketKeysSdsSecretConfig:
+
+		if all {
+			switch v := interface{}(m.GetSessionTicketKeysSdsSecretConfig()).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, DownstreamTlsContextValidationError{
+						field:  "SessionTicketKeysSdsSecretConfig",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, DownstreamTlsContextValidationError{
+						field:  "SessionTicketKeysSdsSecretConfig",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(m.GetSessionTicketKeysSdsSecretConfig()).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return DownstreamTlsContextValidationError{
+					field:  "SessionTicketKeysSdsSecretConfig",
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	case *DownstreamTlsContext_DisableStatelessSessionResumption:
+		// no validation rules for DisableStatelessSessionResumption
+
+	}
+
+	if len(errors) > 0 {
+		return DownstreamTlsContextMultiError(errors)
+	}
+	return nil
+}
+
+// DownstreamTlsContextMultiError is an error wrapping multiple validation
+// errors returned by DownstreamTlsContext.ValidateAll() if the designated
+// constraints aren't met.
+type DownstreamTlsContextMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m DownstreamTlsContextMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m DownstreamTlsContextMultiError) AllErrors() []error { return m }
+
+// DownstreamTlsContextValidationError is the validation error returned by
+// DownstreamTlsContext.Validate if the designated constraints aren't met.
+type DownstreamTlsContextValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e DownstreamTlsContextValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e DownstreamTlsContextValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e DownstreamTlsContextValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e DownstreamTlsContextValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e DownstreamTlsContextValidationError) ErrorName() string {
+	return "DownstreamTlsContextValidationError"
+}
+
+// Error satisfies the builtin error interface
+func (e DownstreamTlsContextValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sDownstreamTlsContext.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = DownstreamTlsContextValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = DownstreamTlsContextValidationError{}
+
+// Validate checks the field values on CommonTlsContext with the rules defined
+// in the proto definition for this message. If any rules are violated, the
+// first error encountered is returned, or nil if there are no violations.
+func (m *CommonTlsContext) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on CommonTlsContext with the rules
+// defined in the proto definition for this message. If any rules are
+// violated, the result is a list of violation errors wrapped in
+// CommonTlsContextMultiError, or nil if none found.
+func (m *CommonTlsContext) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *CommonTlsContext) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	if all {
+		switch v := interface{}(m.GetTlsParams()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, CommonTlsContextValidationError{
+					field:  "TlsParams",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, CommonTlsContextValidationError{
+					field:  "TlsParams",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetTlsParams()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return CommonTlsContextValidationError{
+				field:  "TlsParams",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	for idx, item := range m.GetTlsCertificates() {
+		_, _ = idx, item
+
+		if all {
+			switch v := interface{}(item).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, CommonTlsContextValidationError{
+						field:  fmt.Sprintf("TlsCertificates[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, CommonTlsContextValidationError{
+						field:  fmt.Sprintf("TlsCertificates[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(item).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return CommonTlsContextValidationError{
+					field:  fmt.Sprintf("TlsCertificates[%v]", idx),
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	}
+
+	if len(m.GetTlsCertificateSdsSecretConfigs()) > 2 {
+		err := CommonTlsContextValidationError{
+			field:  "TlsCertificateSdsSecretConfigs",
+			reason: "value must contain no more than 2 item(s)",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+	}
+
+	for idx, item := range m.GetTlsCertificateSdsSecretConfigs() {
+		_, _ = idx, item
+
+		if all {
+			switch v := interface{}(item).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, CommonTlsContextValidationError{
+						field:  fmt.Sprintf("TlsCertificateSdsSecretConfigs[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, CommonTlsContextValidationError{
+						field:  fmt.Sprintf("TlsCertificateSdsSecretConfigs[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(item).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return CommonTlsContextValidationError{
+					field:  fmt.Sprintf("TlsCertificateSdsSecretConfigs[%v]", idx),
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	}
+
+	if all {
+		switch v := interface{}(m.GetTlsCertificateProviderInstance()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, CommonTlsContextValidationError{
+					field:  "TlsCertificateProviderInstance",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, CommonTlsContextValidationError{
+					field:  "TlsCertificateProviderInstance",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetTlsCertificateProviderInstance()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return CommonTlsContextValidationError{
+				field:  "TlsCertificateProviderInstance",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if all {
+		switch v := interface{}(m.GetTlsCertificateCertificateProvider()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, CommonTlsContextValidationError{
+					field:  "TlsCertificateCertificateProvider",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, CommonTlsContextValidationError{
+					field:  "TlsCertificateCertificateProvider",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetTlsCertificateCertificateProvider()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return CommonTlsContextValidationError{
+				field:  "TlsCertificateCertificateProvider",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if all {
+		switch v := interface{}(m.GetTlsCertificateCertificateProviderInstance()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, CommonTlsContextValidationError{
+					field:  "TlsCertificateCertificateProviderInstance",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, CommonTlsContextValidationError{
+					field:  "TlsCertificateCertificateProviderInstance",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetTlsCertificateCertificateProviderInstance()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return CommonTlsContextValidationError{
+				field:  "TlsCertificateCertificateProviderInstance",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if all {
+		switch v := interface{}(m.GetCustomHandshaker()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, CommonTlsContextValidationError{
+					field:  "CustomHandshaker",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, CommonTlsContextValidationError{
+					field:  "CustomHandshaker",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetCustomHandshaker()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return CommonTlsContextValidationError{
+				field:  "CustomHandshaker",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	switch m.ValidationContextType.(type) {
+
+	case *CommonTlsContext_ValidationContext:
+
+		if all {
+			switch v := interface{}(m.GetValidationContext()).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, CommonTlsContextValidationError{
+						field:  "ValidationContext",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, CommonTlsContextValidationError{
+						field:  "ValidationContext",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(m.GetValidationContext()).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return CommonTlsContextValidationError{
+					field:  "ValidationContext",
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	case *CommonTlsContext_ValidationContextSdsSecretConfig:
+
+		if all {
+			switch v := interface{}(m.GetValidationContextSdsSecretConfig()).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, CommonTlsContextValidationError{
+						field:  "ValidationContextSdsSecretConfig",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, CommonTlsContextValidationError{
+						field:  "ValidationContextSdsSecretConfig",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(m.GetValidationContextSdsSecretConfig()).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return CommonTlsContextValidationError{
+					field:  "ValidationContextSdsSecretConfig",
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	case *CommonTlsContext_CombinedValidationContext:
+
+		if all {
+			switch v := interface{}(m.GetCombinedValidationContext()).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, CommonTlsContextValidationError{
+						field:  "CombinedValidationContext",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, CommonTlsContextValidationError{
+						field:  "CombinedValidationContext",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(m.GetCombinedValidationContext()).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return CommonTlsContextValidationError{
+					field:  "CombinedValidationContext",
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	case *CommonTlsContext_ValidationContextCertificateProvider:
+
+		if all {
+			switch v := interface{}(m.GetValidationContextCertificateProvider()).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, CommonTlsContextValidationError{
+						field:  "ValidationContextCertificateProvider",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, CommonTlsContextValidationError{
+						field:  "ValidationContextCertificateProvider",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(m.GetValidationContextCertificateProvider()).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return CommonTlsContextValidationError{
+					field:  "ValidationContextCertificateProvider",
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	case *CommonTlsContext_ValidationContextCertificateProviderInstance:
+
+		if all {
+			switch v := interface{}(m.GetValidationContextCertificateProviderInstance()).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, CommonTlsContextValidationError{
+						field:  "ValidationContextCertificateProviderInstance",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, CommonTlsContextValidationError{
+						field:  "ValidationContextCertificateProviderInstance",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(m.GetValidationContextCertificateProviderInstance()).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return CommonTlsContextValidationError{
+					field:  "ValidationContextCertificateProviderInstance",
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	}
+
+	if len(errors) > 0 {
+		return CommonTlsContextMultiError(errors)
+	}
+	return nil
+}
+
+// CommonTlsContextMultiError is an error wrapping multiple validation errors
+// returned by CommonTlsContext.ValidateAll() if the designated constraints
+// aren't met.
+type CommonTlsContextMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m CommonTlsContextMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m CommonTlsContextMultiError) AllErrors() []error { return m }
+
+// CommonTlsContextValidationError is the validation error returned by
+// CommonTlsContext.Validate if the designated constraints aren't met.
+type CommonTlsContextValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e CommonTlsContextValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e CommonTlsContextValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e CommonTlsContextValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e CommonTlsContextValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e CommonTlsContextValidationError) ErrorName() string { return "CommonTlsContextValidationError" }
+
+// Error satisfies the builtin error interface
+func (e CommonTlsContextValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sCommonTlsContext.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = CommonTlsContextValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = CommonTlsContextValidationError{}
+
+// Validate checks the field values on CommonTlsContext_CertificateProvider
+// with the rules defined in the proto definition for this message. If any
+// rules are violated, the first error encountered is returned, or nil if
+// there are no violations.
+func (m *CommonTlsContext_CertificateProvider) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on CommonTlsContext_CertificateProvider
+// with the rules defined in the proto definition for this message. If any
+// rules are violated, the result is a list of violation errors wrapped in
+// CommonTlsContext_CertificateProviderMultiError, or nil if none found.
+func (m *CommonTlsContext_CertificateProvider) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *CommonTlsContext_CertificateProvider) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	if utf8.RuneCountInString(m.GetName()) < 1 {
+		err := CommonTlsContext_CertificateProviderValidationError{
+			field:  "Name",
+			reason: "value length must be at least 1 runes",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+	}
+
+	switch m.Config.(type) {
+
+	case *CommonTlsContext_CertificateProvider_TypedConfig:
+
+		if all {
+			switch v := interface{}(m.GetTypedConfig()).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, CommonTlsContext_CertificateProviderValidationError{
+						field:  "TypedConfig",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, CommonTlsContext_CertificateProviderValidationError{
+						field:  "TypedConfig",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(m.GetTypedConfig()).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return CommonTlsContext_CertificateProviderValidationError{
+					field:  "TypedConfig",
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	default:
+		err := CommonTlsContext_CertificateProviderValidationError{
+			field:  "Config",
+			reason: "value is required",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+
+	}
+
+	if len(errors) > 0 {
+		return CommonTlsContext_CertificateProviderMultiError(errors)
+	}
+	return nil
+}
+
+// CommonTlsContext_CertificateProviderMultiError is an error wrapping multiple
+// validation errors returned by
+// CommonTlsContext_CertificateProvider.ValidateAll() if the designated
+// constraints aren't met.
+type CommonTlsContext_CertificateProviderMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m CommonTlsContext_CertificateProviderMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m CommonTlsContext_CertificateProviderMultiError) AllErrors() []error { return m }
+
+// CommonTlsContext_CertificateProviderValidationError is the validation error
+// returned by CommonTlsContext_CertificateProvider.Validate if the designated
+// constraints aren't met.
+type CommonTlsContext_CertificateProviderValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e CommonTlsContext_CertificateProviderValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e CommonTlsContext_CertificateProviderValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e CommonTlsContext_CertificateProviderValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e CommonTlsContext_CertificateProviderValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e CommonTlsContext_CertificateProviderValidationError) ErrorName() string {
+	return "CommonTlsContext_CertificateProviderValidationError"
+}
+
+// Error satisfies the builtin error interface
+func (e CommonTlsContext_CertificateProviderValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sCommonTlsContext_CertificateProvider.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = CommonTlsContext_CertificateProviderValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = CommonTlsContext_CertificateProviderValidationError{}
+
+// Validate checks the field values on
+// CommonTlsContext_CertificateProviderInstance with the rules defined in the
+// proto definition for this message. If any rules are violated, the first
+// error encountered is returned, or nil if there are no violations.
+func (m *CommonTlsContext_CertificateProviderInstance) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on
+// CommonTlsContext_CertificateProviderInstance with the rules defined in the
+// proto definition for this message. If any rules are violated, the result is
+// a list of violation errors wrapped in
+// CommonTlsContext_CertificateProviderInstanceMultiError, or nil if none found.
+func (m *CommonTlsContext_CertificateProviderInstance) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *CommonTlsContext_CertificateProviderInstance) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	// no validation rules for InstanceName
+
+	// no validation rules for CertificateName
+
+	if len(errors) > 0 {
+		return CommonTlsContext_CertificateProviderInstanceMultiError(errors)
+	}
+	return nil
+}
+
+// CommonTlsContext_CertificateProviderInstanceMultiError is an error wrapping
+// multiple validation errors returned by
+// CommonTlsContext_CertificateProviderInstance.ValidateAll() if the
+// designated constraints aren't met.
+type CommonTlsContext_CertificateProviderInstanceMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m CommonTlsContext_CertificateProviderInstanceMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m CommonTlsContext_CertificateProviderInstanceMultiError) AllErrors() []error { return m }
+
+// CommonTlsContext_CertificateProviderInstanceValidationError is the
+// validation error returned by
+// CommonTlsContext_CertificateProviderInstance.Validate if the designated
+// constraints aren't met.
+type CommonTlsContext_CertificateProviderInstanceValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e CommonTlsContext_CertificateProviderInstanceValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e CommonTlsContext_CertificateProviderInstanceValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e CommonTlsContext_CertificateProviderInstanceValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e CommonTlsContext_CertificateProviderInstanceValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e CommonTlsContext_CertificateProviderInstanceValidationError) ErrorName() string {
+	return "CommonTlsContext_CertificateProviderInstanceValidationError"
+}
+
+// Error satisfies the builtin error interface
+func (e CommonTlsContext_CertificateProviderInstanceValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sCommonTlsContext_CertificateProviderInstance.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = CommonTlsContext_CertificateProviderInstanceValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = CommonTlsContext_CertificateProviderInstanceValidationError{}
+
+// Validate checks the field values on
+// CommonTlsContext_CombinedCertificateValidationContext with the rules
+// defined in the proto definition for this message. If any rules are
+// violated, the first error encountered is returned, or nil if there are no violations.
+func (m *CommonTlsContext_CombinedCertificateValidationContext) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on
+// CommonTlsContext_CombinedCertificateValidationContext with the rules
+// defined in the proto definition for this message. If any rules are
+// violated, the result is a list of violation errors wrapped in
+// CommonTlsContext_CombinedCertificateValidationContextMultiError, or nil if
+// none found.
+func (m *CommonTlsContext_CombinedCertificateValidationContext) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *CommonTlsContext_CombinedCertificateValidationContext) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	if m.GetDefaultValidationContext() == nil {
+		err := CommonTlsContext_CombinedCertificateValidationContextValidationError{
+			field:  "DefaultValidationContext",
+			reason: "value is required",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+	}
+
+	if all {
+		switch v := interface{}(m.GetDefaultValidationContext()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, CommonTlsContext_CombinedCertificateValidationContextValidationError{
+					field:  "DefaultValidationContext",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, CommonTlsContext_CombinedCertificateValidationContextValidationError{
+					field:  "DefaultValidationContext",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetDefaultValidationContext()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return CommonTlsContext_CombinedCertificateValidationContextValidationError{
+				field:  "DefaultValidationContext",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if m.GetValidationContextSdsSecretConfig() == nil {
+		err := CommonTlsContext_CombinedCertificateValidationContextValidationError{
+			field:  "ValidationContextSdsSecretConfig",
+			reason: "value is required",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+	}
+
+	if all {
+		switch v := interface{}(m.GetValidationContextSdsSecretConfig()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, CommonTlsContext_CombinedCertificateValidationContextValidationError{
+					field:  "ValidationContextSdsSecretConfig",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, CommonTlsContext_CombinedCertificateValidationContextValidationError{
+					field:  "ValidationContextSdsSecretConfig",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetValidationContextSdsSecretConfig()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return CommonTlsContext_CombinedCertificateValidationContextValidationError{
+				field:  "ValidationContextSdsSecretConfig",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if all {
+		switch v := interface{}(m.GetValidationContextCertificateProvider()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, CommonTlsContext_CombinedCertificateValidationContextValidationError{
+					field:  "ValidationContextCertificateProvider",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, CommonTlsContext_CombinedCertificateValidationContextValidationError{
+					field:  "ValidationContextCertificateProvider",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetValidationContextCertificateProvider()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return CommonTlsContext_CombinedCertificateValidationContextValidationError{
+				field:  "ValidationContextCertificateProvider",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if all {
+		switch v := interface{}(m.GetValidationContextCertificateProviderInstance()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, CommonTlsContext_CombinedCertificateValidationContextValidationError{
+					field:  "ValidationContextCertificateProviderInstance",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, CommonTlsContext_CombinedCertificateValidationContextValidationError{
+					field:  "ValidationContextCertificateProviderInstance",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetValidationContextCertificateProviderInstance()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return CommonTlsContext_CombinedCertificateValidationContextValidationError{
+				field:  "ValidationContextCertificateProviderInstance",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if len(errors) > 0 {
+		return CommonTlsContext_CombinedCertificateValidationContextMultiError(errors)
+	}
+	return nil
+}
+
+// CommonTlsContext_CombinedCertificateValidationContextMultiError is an error
+// wrapping multiple validation errors returned by
+// CommonTlsContext_CombinedCertificateValidationContext.ValidateAll() if the
+// designated constraints aren't met.
+type CommonTlsContext_CombinedCertificateValidationContextMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m CommonTlsContext_CombinedCertificateValidationContextMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m CommonTlsContext_CombinedCertificateValidationContextMultiError) AllErrors() []error {
+	return m
+}
+
+// CommonTlsContext_CombinedCertificateValidationContextValidationError is the
+// validation error returned by
+// CommonTlsContext_CombinedCertificateValidationContext.Validate if the
+// designated constraints aren't met.
+type CommonTlsContext_CombinedCertificateValidationContextValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e CommonTlsContext_CombinedCertificateValidationContextValidationError) Field() string {
+	return e.field
+}
+
+// Reason function returns reason value.
+func (e CommonTlsContext_CombinedCertificateValidationContextValidationError) Reason() string {
+	return e.reason
+}
+
+// Cause function returns cause value.
+func (e CommonTlsContext_CombinedCertificateValidationContextValidationError) Cause() error {
+	return e.cause
+}
+
+// Key function returns key value.
+func (e CommonTlsContext_CombinedCertificateValidationContextValidationError) Key() bool {
+	return e.key
+}
+
+// ErrorName returns error name.
+func (e CommonTlsContext_CombinedCertificateValidationContextValidationError) ErrorName() string {
+	return "CommonTlsContext_CombinedCertificateValidationContextValidationError"
+}
+
+// Error satisfies the builtin error interface
+func (e CommonTlsContext_CombinedCertificateValidationContextValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sCommonTlsContext_CombinedCertificateValidationContext.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = CommonTlsContext_CombinedCertificateValidationContextValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = CommonTlsContext_CombinedCertificateValidationContextValidationError{}
diff --git a/vendor/github.com/envoyproxy/go-control-plane/envoy/extensions/transport_sockets/tls/v3/tls_spiffe_validator_config.pb.go b/vendor/github.com/envoyproxy/go-control-plane/envoy/extensions/transport_sockets/tls/v3/tls_spiffe_validator_config.pb.go
new file mode 100644
index 00000000000..5d12723cf2a
--- /dev/null
+++ b/vendor/github.com/envoyproxy/go-control-plane/envoy/extensions/transport_sockets/tls/v3/tls_spiffe_validator_config.pb.go
@@ -0,0 +1,285 @@
+// Code generated by protoc-gen-go. DO NOT EDIT.
+// versions:
+// 	protoc-gen-go v1.25.0
+// 	protoc        v3.19.1
+// source: envoy/extensions/transport_sockets/tls/v3/tls_spiffe_validator_config.proto
+
+package envoy_extensions_transport_sockets_tls_v3
+
+import (
+	_ "github.com/cncf/xds/go/udpa/annotations"
+	v3 "github.com/envoyproxy/go-control-plane/envoy/config/core/v3"
+	_ "github.com/envoyproxy/protoc-gen-validate/validate"
+	proto "github.com/golang/protobuf/proto"
+	protoreflect "google.golang.org/protobuf/reflect/protoreflect"
+	protoimpl "google.golang.org/protobuf/runtime/protoimpl"
+	reflect "reflect"
+	sync "sync"
+)
+
+const (
+	// Verify that this generated code is sufficiently up-to-date.
+	_ = protoimpl.EnforceVersion(20 - protoimpl.MinVersion)
+	// Verify that runtime/protoimpl is sufficiently up-to-date.
+	_ = protoimpl.EnforceVersion(protoimpl.MaxVersion - 20)
+)
+
+// This is a compile-time assertion that a sufficiently up-to-date version
+// of the legacy proto package is being used.
+const _ = proto.ProtoPackageIsVersion4
+
+// Configuration specific to the `SPIFFE <https://github.com/spiffe/spiffe>`_ certificate validator.
+//
+// Example:
+//
+// .. validated-code-block:: yaml
+//   :type-name: envoy.extensions.transport_sockets.tls.v3.CertificateValidationContext
+//
+//   custom_validator_config:
+//     name: envoy.tls.cert_validator.spiffe
+//     typed_config:
+//       "@type": type.googleapis.com/envoy.extensions.transport_sockets.tls.v3.SPIFFECertValidatorConfig
+//       trust_domains:
+//       - name: foo.com
+//         trust_bundle:
+//           filename: "foo.pem"
+//       - name: envoy.com
+//         trust_bundle:
+//           filename: "envoy.pem"
+//
+// In this example, a presented peer certificate whose SAN matches `spiffe//foo.com/**` is validated against
+// the "foo.pem" x.509 certificate. All the trust bundles are isolated from each other, so no trust domain can mint
+// a SVID belonging to another trust domain. That means, in this example, a SVID signed by `envoy.com`'s CA with `spiffe//foo.com/**`
+// SAN would be rejected since Envoy selects the trust bundle according to the presented SAN before validate the certificate.
+//
+// Note that SPIFFE validator inherits and uses the following options from :ref:`CertificateValidationContext <envoy_v3_api_msg_extensions.transport_sockets.tls.v3.CertificateValidationContext>`.
+//
+// - :ref:`allow_expired_certificate <envoy_v3_api_field_extensions.transport_sockets.tls.v3.CertificateValidationContext.allow_expired_certificate>` to allow expired certificates.
+// - :ref:`match_subject_alt_names <envoy_v3_api_field_extensions.transport_sockets.tls.v3.CertificateValidationContext.match_subject_alt_names>` to match **URI** SAN of certificates. Unlike the default validator, SPIFFE validator only matches **URI** SAN (which equals to SVID in SPIFFE terminology) and ignore other SAN types.
+//
+type SPIFFECertValidatorConfig struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// This field specifies trust domains used for validating incoming X.509-SVID(s).
+	TrustDomains []*SPIFFECertValidatorConfig_TrustDomain `protobuf:"bytes,1,rep,name=trust_domains,json=trustDomains,proto3" json:"trust_domains,omitempty"`
+}
+
+func (x *SPIFFECertValidatorConfig) Reset() {
+	*x = SPIFFECertValidatorConfig{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_extensions_transport_sockets_tls_v3_tls_spiffe_validator_config_proto_msgTypes[0]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *SPIFFECertValidatorConfig) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*SPIFFECertValidatorConfig) ProtoMessage() {}
+
+func (x *SPIFFECertValidatorConfig) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_extensions_transport_sockets_tls_v3_tls_spiffe_validator_config_proto_msgTypes[0]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use SPIFFECertValidatorConfig.ProtoReflect.Descriptor instead.
+func (*SPIFFECertValidatorConfig) Descriptor() ([]byte, []int) {
+	return file_envoy_extensions_transport_sockets_tls_v3_tls_spiffe_validator_config_proto_rawDescGZIP(), []int{0}
+}
+
+func (x *SPIFFECertValidatorConfig) GetTrustDomains() []*SPIFFECertValidatorConfig_TrustDomain {
+	if x != nil {
+		return x.TrustDomains
+	}
+	return nil
+}
+
+type SPIFFECertValidatorConfig_TrustDomain struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// Name of the trust domain, `example.com`, `foo.bar.gov` for example.
+	// Note that this must *not* have "spiffe://" prefix.
+	Name string `protobuf:"bytes,1,opt,name=name,proto3" json:"name,omitempty"`
+	// Specify a data source holding x.509 trust bundle used for validating incoming SVID(s) in this trust domain.
+	TrustBundle *v3.DataSource `protobuf:"bytes,2,opt,name=trust_bundle,json=trustBundle,proto3" json:"trust_bundle,omitempty"`
+}
+
+func (x *SPIFFECertValidatorConfig_TrustDomain) Reset() {
+	*x = SPIFFECertValidatorConfig_TrustDomain{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_extensions_transport_sockets_tls_v3_tls_spiffe_validator_config_proto_msgTypes[1]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *SPIFFECertValidatorConfig_TrustDomain) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*SPIFFECertValidatorConfig_TrustDomain) ProtoMessage() {}
+
+func (x *SPIFFECertValidatorConfig_TrustDomain) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_extensions_transport_sockets_tls_v3_tls_spiffe_validator_config_proto_msgTypes[1]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use SPIFFECertValidatorConfig_TrustDomain.ProtoReflect.Descriptor instead.
+func (*SPIFFECertValidatorConfig_TrustDomain) Descriptor() ([]byte, []int) {
+	return file_envoy_extensions_transport_sockets_tls_v3_tls_spiffe_validator_config_proto_rawDescGZIP(), []int{0, 0}
+}
+
+func (x *SPIFFECertValidatorConfig_TrustDomain) GetName() string {
+	if x != nil {
+		return x.Name
+	}
+	return ""
+}
+
+func (x *SPIFFECertValidatorConfig_TrustDomain) GetTrustBundle() *v3.DataSource {
+	if x != nil {
+		return x.TrustBundle
+	}
+	return nil
+}
+
+var File_envoy_extensions_transport_sockets_tls_v3_tls_spiffe_validator_config_proto protoreflect.FileDescriptor
+
+var file_envoy_extensions_transport_sockets_tls_v3_tls_spiffe_validator_config_proto_rawDesc = []byte{
+	0x0a, 0x4b, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2f, 0x65, 0x78, 0x74, 0x65, 0x6e, 0x73, 0x69, 0x6f,
+	0x6e, 0x73, 0x2f, 0x74, 0x72, 0x61, 0x6e, 0x73, 0x70, 0x6f, 0x72, 0x74, 0x5f, 0x73, 0x6f, 0x63,
+	0x6b, 0x65, 0x74, 0x73, 0x2f, 0x74, 0x6c, 0x73, 0x2f, 0x76, 0x33, 0x2f, 0x74, 0x6c, 0x73, 0x5f,
+	0x73, 0x70, 0x69, 0x66, 0x66, 0x65, 0x5f, 0x76, 0x61, 0x6c, 0x69, 0x64, 0x61, 0x74, 0x6f, 0x72,
+	0x5f, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x12, 0x29, 0x65,
+	0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x65, 0x78, 0x74, 0x65, 0x6e, 0x73, 0x69, 0x6f, 0x6e, 0x73, 0x2e,
+	0x74, 0x72, 0x61, 0x6e, 0x73, 0x70, 0x6f, 0x72, 0x74, 0x5f, 0x73, 0x6f, 0x63, 0x6b, 0x65, 0x74,
+	0x73, 0x2e, 0x74, 0x6c, 0x73, 0x2e, 0x76, 0x33, 0x1a, 0x1f, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2f,
+	0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2f, 0x63, 0x6f, 0x72, 0x65, 0x2f, 0x76, 0x33, 0x2f, 0x62,
+	0x61, 0x73, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x1d, 0x75, 0x64, 0x70, 0x61, 0x2f,
+	0x61, 0x6e, 0x6e, 0x6f, 0x74, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x2f, 0x73, 0x74, 0x61, 0x74,
+	0x75, 0x73, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x17, 0x76, 0x61, 0x6c, 0x69, 0x64, 0x61,
+	0x74, 0x65, 0x2f, 0x76, 0x61, 0x6c, 0x69, 0x64, 0x61, 0x74, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74,
+	0x6f, 0x22, 0x8d, 0x02, 0x0a, 0x19, 0x53, 0x50, 0x49, 0x46, 0x46, 0x45, 0x43, 0x65, 0x72, 0x74,
+	0x56, 0x61, 0x6c, 0x69, 0x64, 0x61, 0x74, 0x6f, 0x72, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x12,
+	0x7f, 0x0a, 0x0d, 0x74, 0x72, 0x75, 0x73, 0x74, 0x5f, 0x64, 0x6f, 0x6d, 0x61, 0x69, 0x6e, 0x73,
+	0x18, 0x01, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x50, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x65,
+	0x78, 0x74, 0x65, 0x6e, 0x73, 0x69, 0x6f, 0x6e, 0x73, 0x2e, 0x74, 0x72, 0x61, 0x6e, 0x73, 0x70,
+	0x6f, 0x72, 0x74, 0x5f, 0x73, 0x6f, 0x63, 0x6b, 0x65, 0x74, 0x73, 0x2e, 0x74, 0x6c, 0x73, 0x2e,
+	0x76, 0x33, 0x2e, 0x53, 0x50, 0x49, 0x46, 0x46, 0x45, 0x43, 0x65, 0x72, 0x74, 0x56, 0x61, 0x6c,
+	0x69, 0x64, 0x61, 0x74, 0x6f, 0x72, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x54, 0x72, 0x75,
+	0x73, 0x74, 0x44, 0x6f, 0x6d, 0x61, 0x69, 0x6e, 0x42, 0x08, 0xfa, 0x42, 0x05, 0x92, 0x01, 0x02,
+	0x08, 0x01, 0x52, 0x0c, 0x74, 0x72, 0x75, 0x73, 0x74, 0x44, 0x6f, 0x6d, 0x61, 0x69, 0x6e, 0x73,
+	0x1a, 0x6f, 0x0a, 0x0b, 0x54, 0x72, 0x75, 0x73, 0x74, 0x44, 0x6f, 0x6d, 0x61, 0x69, 0x6e, 0x12,
+	0x1b, 0x0a, 0x04, 0x6e, 0x61, 0x6d, 0x65, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x42, 0x07, 0xfa,
+	0x42, 0x04, 0x72, 0x02, 0x10, 0x01, 0x52, 0x04, 0x6e, 0x61, 0x6d, 0x65, 0x12, 0x43, 0x0a, 0x0c,
+	0x74, 0x72, 0x75, 0x73, 0x74, 0x5f, 0x62, 0x75, 0x6e, 0x64, 0x6c, 0x65, 0x18, 0x02, 0x20, 0x01,
+	0x28, 0x0b, 0x32, 0x20, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69,
+	0x67, 0x2e, 0x63, 0x6f, 0x72, 0x65, 0x2e, 0x76, 0x33, 0x2e, 0x44, 0x61, 0x74, 0x61, 0x53, 0x6f,
+	0x75, 0x72, 0x63, 0x65, 0x52, 0x0b, 0x74, 0x72, 0x75, 0x73, 0x74, 0x42, 0x75, 0x6e, 0x64, 0x6c,
+	0x65, 0x42, 0x62, 0x0a, 0x37, 0x69, 0x6f, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x70, 0x72, 0x6f,
+	0x78, 0x79, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x65, 0x78, 0x74, 0x65, 0x6e, 0x73, 0x69,
+	0x6f, 0x6e, 0x73, 0x2e, 0x74, 0x72, 0x61, 0x6e, 0x73, 0x70, 0x6f, 0x72, 0x74, 0x5f, 0x73, 0x6f,
+	0x63, 0x6b, 0x65, 0x74, 0x73, 0x2e, 0x74, 0x6c, 0x73, 0x2e, 0x76, 0x33, 0x42, 0x1d, 0x54, 0x6c,
+	0x73, 0x53, 0x70, 0x69, 0x66, 0x66, 0x65, 0x56, 0x61, 0x6c, 0x69, 0x64, 0x61, 0x74, 0x6f, 0x72,
+	0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x50, 0x72, 0x6f, 0x74, 0x6f, 0x50, 0x01, 0xba, 0x80, 0xc8,
+	0xd1, 0x06, 0x02, 0x10, 0x02, 0x62, 0x06, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x33,
+}
+
+var (
+	file_envoy_extensions_transport_sockets_tls_v3_tls_spiffe_validator_config_proto_rawDescOnce sync.Once
+	file_envoy_extensions_transport_sockets_tls_v3_tls_spiffe_validator_config_proto_rawDescData = file_envoy_extensions_transport_sockets_tls_v3_tls_spiffe_validator_config_proto_rawDesc
+)
+
+func file_envoy_extensions_transport_sockets_tls_v3_tls_spiffe_validator_config_proto_rawDescGZIP() []byte {
+	file_envoy_extensions_transport_sockets_tls_v3_tls_spiffe_validator_config_proto_rawDescOnce.Do(func() {
+		file_envoy_extensions_transport_sockets_tls_v3_tls_spiffe_validator_config_proto_rawDescData = protoimpl.X.CompressGZIP(file_envoy_extensions_transport_sockets_tls_v3_tls_spiffe_validator_config_proto_rawDescData)
+	})
+	return file_envoy_extensions_transport_sockets_tls_v3_tls_spiffe_validator_config_proto_rawDescData
+}
+
+var file_envoy_extensions_transport_sockets_tls_v3_tls_spiffe_validator_config_proto_msgTypes = make([]protoimpl.MessageInfo, 2)
+var file_envoy_extensions_transport_sockets_tls_v3_tls_spiffe_validator_config_proto_goTypes = []interface{}{
+	(*SPIFFECertValidatorConfig)(nil),             // 0: envoy.extensions.transport_sockets.tls.v3.SPIFFECertValidatorConfig
+	(*SPIFFECertValidatorConfig_TrustDomain)(nil), // 1: envoy.extensions.transport_sockets.tls.v3.SPIFFECertValidatorConfig.TrustDomain
+	(*v3.DataSource)(nil),                         // 2: envoy.config.core.v3.DataSource
+}
+var file_envoy_extensions_transport_sockets_tls_v3_tls_spiffe_validator_config_proto_depIdxs = []int32{
+	1, // 0: envoy.extensions.transport_sockets.tls.v3.SPIFFECertValidatorConfig.trust_domains:type_name -> envoy.extensions.transport_sockets.tls.v3.SPIFFECertValidatorConfig.TrustDomain
+	2, // 1: envoy.extensions.transport_sockets.tls.v3.SPIFFECertValidatorConfig.TrustDomain.trust_bundle:type_name -> envoy.config.core.v3.DataSource
+	2, // [2:2] is the sub-list for method output_type
+	2, // [2:2] is the sub-list for method input_type
+	2, // [2:2] is the sub-list for extension type_name
+	2, // [2:2] is the sub-list for extension extendee
+	0, // [0:2] is the sub-list for field type_name
+}
+
+func init() { file_envoy_extensions_transport_sockets_tls_v3_tls_spiffe_validator_config_proto_init() }
+func file_envoy_extensions_transport_sockets_tls_v3_tls_spiffe_validator_config_proto_init() {
+	if File_envoy_extensions_transport_sockets_tls_v3_tls_spiffe_validator_config_proto != nil {
+		return
+	}
+	if !protoimpl.UnsafeEnabled {
+		file_envoy_extensions_transport_sockets_tls_v3_tls_spiffe_validator_config_proto_msgTypes[0].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*SPIFFECertValidatorConfig); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_extensions_transport_sockets_tls_v3_tls_spiffe_validator_config_proto_msgTypes[1].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*SPIFFECertValidatorConfig_TrustDomain); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+	}
+	type x struct{}
+	out := protoimpl.TypeBuilder{
+		File: protoimpl.DescBuilder{
+			GoPackagePath: reflect.TypeOf(x{}).PkgPath(),
+			RawDescriptor: file_envoy_extensions_transport_sockets_tls_v3_tls_spiffe_validator_config_proto_rawDesc,
+			NumEnums:      0,
+			NumMessages:   2,
+			NumExtensions: 0,
+			NumServices:   0,
+		},
+		GoTypes:           file_envoy_extensions_transport_sockets_tls_v3_tls_spiffe_validator_config_proto_goTypes,
+		DependencyIndexes: file_envoy_extensions_transport_sockets_tls_v3_tls_spiffe_validator_config_proto_depIdxs,
+		MessageInfos:      file_envoy_extensions_transport_sockets_tls_v3_tls_spiffe_validator_config_proto_msgTypes,
+	}.Build()
+	File_envoy_extensions_transport_sockets_tls_v3_tls_spiffe_validator_config_proto = out.File
+	file_envoy_extensions_transport_sockets_tls_v3_tls_spiffe_validator_config_proto_rawDesc = nil
+	file_envoy_extensions_transport_sockets_tls_v3_tls_spiffe_validator_config_proto_goTypes = nil
+	file_envoy_extensions_transport_sockets_tls_v3_tls_spiffe_validator_config_proto_depIdxs = nil
+}
diff --git a/vendor/github.com/envoyproxy/go-control-plane/envoy/extensions/transport_sockets/tls/v3/tls_spiffe_validator_config.pb.validate.go b/vendor/github.com/envoyproxy/go-control-plane/envoy/extensions/transport_sockets/tls/v3/tls_spiffe_validator_config.pb.validate.go
new file mode 100644
index 00000000000..d7d1fa99204
--- /dev/null
+++ b/vendor/github.com/envoyproxy/go-control-plane/envoy/extensions/transport_sockets/tls/v3/tls_spiffe_validator_config.pb.validate.go
@@ -0,0 +1,326 @@
+// Code generated by protoc-gen-validate. DO NOT EDIT.
+// source: envoy/extensions/transport_sockets/tls/v3/tls_spiffe_validator_config.proto
+
+package envoy_extensions_transport_sockets_tls_v3
+
+import (
+	"bytes"
+	"errors"
+	"fmt"
+	"net"
+	"net/mail"
+	"net/url"
+	"regexp"
+	"sort"
+	"strings"
+	"time"
+	"unicode/utf8"
+
+	"google.golang.org/protobuf/types/known/anypb"
+)
+
+// ensure the imports are used
+var (
+	_ = bytes.MinRead
+	_ = errors.New("")
+	_ = fmt.Print
+	_ = utf8.UTFMax
+	_ = (*regexp.Regexp)(nil)
+	_ = (*strings.Reader)(nil)
+	_ = net.IPv4len
+	_ = time.Duration(0)
+	_ = (*url.URL)(nil)
+	_ = (*mail.Address)(nil)
+	_ = anypb.Any{}
+	_ = sort.Sort
+)
+
+// Validate checks the field values on SPIFFECertValidatorConfig with the rules
+// defined in the proto definition for this message. If any rules are
+// violated, the first error encountered is returned, or nil if there are no violations.
+func (m *SPIFFECertValidatorConfig) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on SPIFFECertValidatorConfig with the
+// rules defined in the proto definition for this message. If any rules are
+// violated, the result is a list of violation errors wrapped in
+// SPIFFECertValidatorConfigMultiError, or nil if none found.
+func (m *SPIFFECertValidatorConfig) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *SPIFFECertValidatorConfig) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	if len(m.GetTrustDomains()) < 1 {
+		err := SPIFFECertValidatorConfigValidationError{
+			field:  "TrustDomains",
+			reason: "value must contain at least 1 item(s)",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+	}
+
+	for idx, item := range m.GetTrustDomains() {
+		_, _ = idx, item
+
+		if all {
+			switch v := interface{}(item).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, SPIFFECertValidatorConfigValidationError{
+						field:  fmt.Sprintf("TrustDomains[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, SPIFFECertValidatorConfigValidationError{
+						field:  fmt.Sprintf("TrustDomains[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(item).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return SPIFFECertValidatorConfigValidationError{
+					field:  fmt.Sprintf("TrustDomains[%v]", idx),
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	}
+
+	if len(errors) > 0 {
+		return SPIFFECertValidatorConfigMultiError(errors)
+	}
+	return nil
+}
+
+// SPIFFECertValidatorConfigMultiError is an error wrapping multiple validation
+// errors returned by SPIFFECertValidatorConfig.ValidateAll() if the
+// designated constraints aren't met.
+type SPIFFECertValidatorConfigMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m SPIFFECertValidatorConfigMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m SPIFFECertValidatorConfigMultiError) AllErrors() []error { return m }
+
+// SPIFFECertValidatorConfigValidationError is the validation error returned by
+// SPIFFECertValidatorConfig.Validate if the designated constraints aren't met.
+type SPIFFECertValidatorConfigValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e SPIFFECertValidatorConfigValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e SPIFFECertValidatorConfigValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e SPIFFECertValidatorConfigValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e SPIFFECertValidatorConfigValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e SPIFFECertValidatorConfigValidationError) ErrorName() string {
+	return "SPIFFECertValidatorConfigValidationError"
+}
+
+// Error satisfies the builtin error interface
+func (e SPIFFECertValidatorConfigValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sSPIFFECertValidatorConfig.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = SPIFFECertValidatorConfigValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = SPIFFECertValidatorConfigValidationError{}
+
+// Validate checks the field values on SPIFFECertValidatorConfig_TrustDomain
+// with the rules defined in the proto definition for this message. If any
+// rules are violated, the first error encountered is returned, or nil if
+// there are no violations.
+func (m *SPIFFECertValidatorConfig_TrustDomain) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on SPIFFECertValidatorConfig_TrustDomain
+// with the rules defined in the proto definition for this message. If any
+// rules are violated, the result is a list of violation errors wrapped in
+// SPIFFECertValidatorConfig_TrustDomainMultiError, or nil if none found.
+func (m *SPIFFECertValidatorConfig_TrustDomain) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *SPIFFECertValidatorConfig_TrustDomain) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	if utf8.RuneCountInString(m.GetName()) < 1 {
+		err := SPIFFECertValidatorConfig_TrustDomainValidationError{
+			field:  "Name",
+			reason: "value length must be at least 1 runes",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+	}
+
+	if all {
+		switch v := interface{}(m.GetTrustBundle()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, SPIFFECertValidatorConfig_TrustDomainValidationError{
+					field:  "TrustBundle",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, SPIFFECertValidatorConfig_TrustDomainValidationError{
+					field:  "TrustBundle",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetTrustBundle()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return SPIFFECertValidatorConfig_TrustDomainValidationError{
+				field:  "TrustBundle",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if len(errors) > 0 {
+		return SPIFFECertValidatorConfig_TrustDomainMultiError(errors)
+	}
+	return nil
+}
+
+// SPIFFECertValidatorConfig_TrustDomainMultiError is an error wrapping
+// multiple validation errors returned by
+// SPIFFECertValidatorConfig_TrustDomain.ValidateAll() if the designated
+// constraints aren't met.
+type SPIFFECertValidatorConfig_TrustDomainMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m SPIFFECertValidatorConfig_TrustDomainMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m SPIFFECertValidatorConfig_TrustDomainMultiError) AllErrors() []error { return m }
+
+// SPIFFECertValidatorConfig_TrustDomainValidationError is the validation error
+// returned by SPIFFECertValidatorConfig_TrustDomain.Validate if the
+// designated constraints aren't met.
+type SPIFFECertValidatorConfig_TrustDomainValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e SPIFFECertValidatorConfig_TrustDomainValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e SPIFFECertValidatorConfig_TrustDomainValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e SPIFFECertValidatorConfig_TrustDomainValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e SPIFFECertValidatorConfig_TrustDomainValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e SPIFFECertValidatorConfig_TrustDomainValidationError) ErrorName() string {
+	return "SPIFFECertValidatorConfig_TrustDomainValidationError"
+}
+
+// Error satisfies the builtin error interface
+func (e SPIFFECertValidatorConfig_TrustDomainValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sSPIFFECertValidatorConfig_TrustDomain.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = SPIFFECertValidatorConfig_TrustDomainValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = SPIFFECertValidatorConfig_TrustDomainValidationError{}
diff --git a/vendor/github.com/envoyproxy/go-control-plane/envoy/service/discovery/v2/ads.pb.go b/vendor/github.com/envoyproxy/go-control-plane/envoy/service/discovery/v2/ads.pb.go
new file mode 100644
index 00000000000..f3d05ad9a46
--- /dev/null
+++ b/vendor/github.com/envoyproxy/go-control-plane/envoy/service/discovery/v2/ads.pb.go
@@ -0,0 +1,359 @@
+// Code generated by protoc-gen-go. DO NOT EDIT.
+// versions:
+// 	protoc-gen-go v1.25.0
+// 	protoc        v3.19.1
+// source: envoy/service/discovery/v2/ads.proto
+
+package envoy_service_discovery_v2
+
+import (
+	context "context"
+	_ "github.com/cncf/xds/go/udpa/annotations"
+	v2 "github.com/envoyproxy/go-control-plane/envoy/api/v2"
+	proto "github.com/golang/protobuf/proto"
+	grpc "google.golang.org/grpc"
+	codes "google.golang.org/grpc/codes"
+	status "google.golang.org/grpc/status"
+	protoreflect "google.golang.org/protobuf/reflect/protoreflect"
+	protoimpl "google.golang.org/protobuf/runtime/protoimpl"
+	reflect "reflect"
+	sync "sync"
+)
+
+const (
+	// Verify that this generated code is sufficiently up-to-date.
+	_ = protoimpl.EnforceVersion(20 - protoimpl.MinVersion)
+	// Verify that runtime/protoimpl is sufficiently up-to-date.
+	_ = protoimpl.EnforceVersion(protoimpl.MaxVersion - 20)
+)
+
+// This is a compile-time assertion that a sufficiently up-to-date version
+// of the legacy proto package is being used.
+const _ = proto.ProtoPackageIsVersion4
+
+// [#not-implemented-hide:] Not configuration. Workaround c++ protobuf issue with importing
+// services: https://github.com/google/protobuf/issues/4221
+type AdsDummy struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+}
+
+func (x *AdsDummy) Reset() {
+	*x = AdsDummy{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_service_discovery_v2_ads_proto_msgTypes[0]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *AdsDummy) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*AdsDummy) ProtoMessage() {}
+
+func (x *AdsDummy) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_service_discovery_v2_ads_proto_msgTypes[0]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use AdsDummy.ProtoReflect.Descriptor instead.
+func (*AdsDummy) Descriptor() ([]byte, []int) {
+	return file_envoy_service_discovery_v2_ads_proto_rawDescGZIP(), []int{0}
+}
+
+var File_envoy_service_discovery_v2_ads_proto protoreflect.FileDescriptor
+
+var file_envoy_service_discovery_v2_ads_proto_rawDesc = []byte{
+	0x0a, 0x24, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2f, 0x73, 0x65, 0x72, 0x76, 0x69, 0x63, 0x65, 0x2f,
+	0x64, 0x69, 0x73, 0x63, 0x6f, 0x76, 0x65, 0x72, 0x79, 0x2f, 0x76, 0x32, 0x2f, 0x61, 0x64, 0x73,
+	0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x12, 0x1a, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x73, 0x65,
+	0x72, 0x76, 0x69, 0x63, 0x65, 0x2e, 0x64, 0x69, 0x73, 0x63, 0x6f, 0x76, 0x65, 0x72, 0x79, 0x2e,
+	0x76, 0x32, 0x1a, 0x1c, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2f, 0x61, 0x70, 0x69, 0x2f, 0x76, 0x32,
+	0x2f, 0x64, 0x69, 0x73, 0x63, 0x6f, 0x76, 0x65, 0x72, 0x79, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f,
+	0x1a, 0x1d, 0x75, 0x64, 0x70, 0x61, 0x2f, 0x61, 0x6e, 0x6e, 0x6f, 0x74, 0x61, 0x74, 0x69, 0x6f,
+	0x6e, 0x73, 0x2f, 0x73, 0x74, 0x61, 0x74, 0x75, 0x73, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x22,
+	0x0a, 0x0a, 0x08, 0x41, 0x64, 0x73, 0x44, 0x75, 0x6d, 0x6d, 0x79, 0x32, 0xed, 0x01, 0x0a, 0x1a,
+	0x41, 0x67, 0x67, 0x72, 0x65, 0x67, 0x61, 0x74, 0x65, 0x64, 0x44, 0x69, 0x73, 0x63, 0x6f, 0x76,
+	0x65, 0x72, 0x79, 0x53, 0x65, 0x72, 0x76, 0x69, 0x63, 0x65, 0x12, 0x62, 0x0a, 0x19, 0x53, 0x74,
+	0x72, 0x65, 0x61, 0x6d, 0x41, 0x67, 0x67, 0x72, 0x65, 0x67, 0x61, 0x74, 0x65, 0x64, 0x52, 0x65,
+	0x73, 0x6f, 0x75, 0x72, 0x63, 0x65, 0x73, 0x12, 0x1e, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e,
+	0x61, 0x70, 0x69, 0x2e, 0x76, 0x32, 0x2e, 0x44, 0x69, 0x73, 0x63, 0x6f, 0x76, 0x65, 0x72, 0x79,
+	0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, 0x1f, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e,
+	0x61, 0x70, 0x69, 0x2e, 0x76, 0x32, 0x2e, 0x44, 0x69, 0x73, 0x63, 0x6f, 0x76, 0x65, 0x72, 0x79,
+	0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x22, 0x00, 0x28, 0x01, 0x30, 0x01, 0x12, 0x6b,
+	0x0a, 0x18, 0x44, 0x65, 0x6c, 0x74, 0x61, 0x41, 0x67, 0x67, 0x72, 0x65, 0x67, 0x61, 0x74, 0x65,
+	0x64, 0x52, 0x65, 0x73, 0x6f, 0x75, 0x72, 0x63, 0x65, 0x73, 0x12, 0x23, 0x2e, 0x65, 0x6e, 0x76,
+	0x6f, 0x79, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x76, 0x32, 0x2e, 0x44, 0x65, 0x6c, 0x74, 0x61, 0x44,
+	0x69, 0x73, 0x63, 0x6f, 0x76, 0x65, 0x72, 0x79, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a,
+	0x24, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x76, 0x32, 0x2e, 0x44,
+	0x65, 0x6c, 0x74, 0x61, 0x44, 0x69, 0x73, 0x63, 0x6f, 0x76, 0x65, 0x72, 0x79, 0x52, 0x65, 0x73,
+	0x70, 0x6f, 0x6e, 0x73, 0x65, 0x22, 0x00, 0x28, 0x01, 0x30, 0x01, 0x42, 0x41, 0x0a, 0x28, 0x69,
+	0x6f, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x70, 0x72, 0x6f, 0x78, 0x79, 0x2e, 0x65, 0x6e, 0x76,
+	0x6f, 0x79, 0x2e, 0x73, 0x65, 0x72, 0x76, 0x69, 0x63, 0x65, 0x2e, 0x64, 0x69, 0x73, 0x63, 0x6f,
+	0x76, 0x65, 0x72, 0x79, 0x2e, 0x76, 0x32, 0x42, 0x08, 0x41, 0x64, 0x73, 0x50, 0x72, 0x6f, 0x74,
+	0x6f, 0x50, 0x01, 0x88, 0x01, 0x01, 0xba, 0x80, 0xc8, 0xd1, 0x06, 0x02, 0x10, 0x01, 0x62, 0x06,
+	0x70, 0x72, 0x6f, 0x74, 0x6f, 0x33,
+}
+
+var (
+	file_envoy_service_discovery_v2_ads_proto_rawDescOnce sync.Once
+	file_envoy_service_discovery_v2_ads_proto_rawDescData = file_envoy_service_discovery_v2_ads_proto_rawDesc
+)
+
+func file_envoy_service_discovery_v2_ads_proto_rawDescGZIP() []byte {
+	file_envoy_service_discovery_v2_ads_proto_rawDescOnce.Do(func() {
+		file_envoy_service_discovery_v2_ads_proto_rawDescData = protoimpl.X.CompressGZIP(file_envoy_service_discovery_v2_ads_proto_rawDescData)
+	})
+	return file_envoy_service_discovery_v2_ads_proto_rawDescData
+}
+
+var file_envoy_service_discovery_v2_ads_proto_msgTypes = make([]protoimpl.MessageInfo, 1)
+var file_envoy_service_discovery_v2_ads_proto_goTypes = []interface{}{
+	(*AdsDummy)(nil),                  // 0: envoy.service.discovery.v2.AdsDummy
+	(*v2.DiscoveryRequest)(nil),       // 1: envoy.api.v2.DiscoveryRequest
+	(*v2.DeltaDiscoveryRequest)(nil),  // 2: envoy.api.v2.DeltaDiscoveryRequest
+	(*v2.DiscoveryResponse)(nil),      // 3: envoy.api.v2.DiscoveryResponse
+	(*v2.DeltaDiscoveryResponse)(nil), // 4: envoy.api.v2.DeltaDiscoveryResponse
+}
+var file_envoy_service_discovery_v2_ads_proto_depIdxs = []int32{
+	1, // 0: envoy.service.discovery.v2.AggregatedDiscoveryService.StreamAggregatedResources:input_type -> envoy.api.v2.DiscoveryRequest
+	2, // 1: envoy.service.discovery.v2.AggregatedDiscoveryService.DeltaAggregatedResources:input_type -> envoy.api.v2.DeltaDiscoveryRequest
+	3, // 2: envoy.service.discovery.v2.AggregatedDiscoveryService.StreamAggregatedResources:output_type -> envoy.api.v2.DiscoveryResponse
+	4, // 3: envoy.service.discovery.v2.AggregatedDiscoveryService.DeltaAggregatedResources:output_type -> envoy.api.v2.DeltaDiscoveryResponse
+	2, // [2:4] is the sub-list for method output_type
+	0, // [0:2] is the sub-list for method input_type
+	0, // [0:0] is the sub-list for extension type_name
+	0, // [0:0] is the sub-list for extension extendee
+	0, // [0:0] is the sub-list for field type_name
+}
+
+func init() { file_envoy_service_discovery_v2_ads_proto_init() }
+func file_envoy_service_discovery_v2_ads_proto_init() {
+	if File_envoy_service_discovery_v2_ads_proto != nil {
+		return
+	}
+	if !protoimpl.UnsafeEnabled {
+		file_envoy_service_discovery_v2_ads_proto_msgTypes[0].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*AdsDummy); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+	}
+	type x struct{}
+	out := protoimpl.TypeBuilder{
+		File: protoimpl.DescBuilder{
+			GoPackagePath: reflect.TypeOf(x{}).PkgPath(),
+			RawDescriptor: file_envoy_service_discovery_v2_ads_proto_rawDesc,
+			NumEnums:      0,
+			NumMessages:   1,
+			NumExtensions: 0,
+			NumServices:   1,
+		},
+		GoTypes:           file_envoy_service_discovery_v2_ads_proto_goTypes,
+		DependencyIndexes: file_envoy_service_discovery_v2_ads_proto_depIdxs,
+		MessageInfos:      file_envoy_service_discovery_v2_ads_proto_msgTypes,
+	}.Build()
+	File_envoy_service_discovery_v2_ads_proto = out.File
+	file_envoy_service_discovery_v2_ads_proto_rawDesc = nil
+	file_envoy_service_discovery_v2_ads_proto_goTypes = nil
+	file_envoy_service_discovery_v2_ads_proto_depIdxs = nil
+}
+
+// Reference imports to suppress errors if they are not otherwise used.
+var _ context.Context
+var _ grpc.ClientConnInterface
+
+// This is a compile-time assertion to ensure that this generated file
+// is compatible with the grpc package it is being compiled against.
+const _ = grpc.SupportPackageIsVersion6
+
+// AggregatedDiscoveryServiceClient is the client API for AggregatedDiscoveryService service.
+//
+// For semantics around ctx use and closing/ending streaming RPCs, please refer to https://godoc.org/google.golang.org/grpc#ClientConn.NewStream.
+type AggregatedDiscoveryServiceClient interface {
+	// This is a gRPC-only API.
+	StreamAggregatedResources(ctx context.Context, opts ...grpc.CallOption) (AggregatedDiscoveryService_StreamAggregatedResourcesClient, error)
+	DeltaAggregatedResources(ctx context.Context, opts ...grpc.CallOption) (AggregatedDiscoveryService_DeltaAggregatedResourcesClient, error)
+}
+
+type aggregatedDiscoveryServiceClient struct {
+	cc grpc.ClientConnInterface
+}
+
+func NewAggregatedDiscoveryServiceClient(cc grpc.ClientConnInterface) AggregatedDiscoveryServiceClient {
+	return &aggregatedDiscoveryServiceClient{cc}
+}
+
+func (c *aggregatedDiscoveryServiceClient) StreamAggregatedResources(ctx context.Context, opts ...grpc.CallOption) (AggregatedDiscoveryService_StreamAggregatedResourcesClient, error) {
+	stream, err := c.cc.NewStream(ctx, &_AggregatedDiscoveryService_serviceDesc.Streams[0], "/envoy.service.discovery.v2.AggregatedDiscoveryService/StreamAggregatedResources", opts...)
+	if err != nil {
+		return nil, err
+	}
+	x := &aggregatedDiscoveryServiceStreamAggregatedResourcesClient{stream}
+	return x, nil
+}
+
+type AggregatedDiscoveryService_StreamAggregatedResourcesClient interface {
+	Send(*v2.DiscoveryRequest) error
+	Recv() (*v2.DiscoveryResponse, error)
+	grpc.ClientStream
+}
+
+type aggregatedDiscoveryServiceStreamAggregatedResourcesClient struct {
+	grpc.ClientStream
+}
+
+func (x *aggregatedDiscoveryServiceStreamAggregatedResourcesClient) Send(m *v2.DiscoveryRequest) error {
+	return x.ClientStream.SendMsg(m)
+}
+
+func (x *aggregatedDiscoveryServiceStreamAggregatedResourcesClient) Recv() (*v2.DiscoveryResponse, error) {
+	m := new(v2.DiscoveryResponse)
+	if err := x.ClientStream.RecvMsg(m); err != nil {
+		return nil, err
+	}
+	return m, nil
+}
+
+func (c *aggregatedDiscoveryServiceClient) DeltaAggregatedResources(ctx context.Context, opts ...grpc.CallOption) (AggregatedDiscoveryService_DeltaAggregatedResourcesClient, error) {
+	stream, err := c.cc.NewStream(ctx, &_AggregatedDiscoveryService_serviceDesc.Streams[1], "/envoy.service.discovery.v2.AggregatedDiscoveryService/DeltaAggregatedResources", opts...)
+	if err != nil {
+		return nil, err
+	}
+	x := &aggregatedDiscoveryServiceDeltaAggregatedResourcesClient{stream}
+	return x, nil
+}
+
+type AggregatedDiscoveryService_DeltaAggregatedResourcesClient interface {
+	Send(*v2.DeltaDiscoveryRequest) error
+	Recv() (*v2.DeltaDiscoveryResponse, error)
+	grpc.ClientStream
+}
+
+type aggregatedDiscoveryServiceDeltaAggregatedResourcesClient struct {
+	grpc.ClientStream
+}
+
+func (x *aggregatedDiscoveryServiceDeltaAggregatedResourcesClient) Send(m *v2.DeltaDiscoveryRequest) error {
+	return x.ClientStream.SendMsg(m)
+}
+
+func (x *aggregatedDiscoveryServiceDeltaAggregatedResourcesClient) Recv() (*v2.DeltaDiscoveryResponse, error) {
+	m := new(v2.DeltaDiscoveryResponse)
+	if err := x.ClientStream.RecvMsg(m); err != nil {
+		return nil, err
+	}
+	return m, nil
+}
+
+// AggregatedDiscoveryServiceServer is the server API for AggregatedDiscoveryService service.
+type AggregatedDiscoveryServiceServer interface {
+	// This is a gRPC-only API.
+	StreamAggregatedResources(AggregatedDiscoveryService_StreamAggregatedResourcesServer) error
+	DeltaAggregatedResources(AggregatedDiscoveryService_DeltaAggregatedResourcesServer) error
+}
+
+// UnimplementedAggregatedDiscoveryServiceServer can be embedded to have forward compatible implementations.
+type UnimplementedAggregatedDiscoveryServiceServer struct {
+}
+
+func (*UnimplementedAggregatedDiscoveryServiceServer) StreamAggregatedResources(AggregatedDiscoveryService_StreamAggregatedResourcesServer) error {
+	return status.Errorf(codes.Unimplemented, "method StreamAggregatedResources not implemented")
+}
+func (*UnimplementedAggregatedDiscoveryServiceServer) DeltaAggregatedResources(AggregatedDiscoveryService_DeltaAggregatedResourcesServer) error {
+	return status.Errorf(codes.Unimplemented, "method DeltaAggregatedResources not implemented")
+}
+
+func RegisterAggregatedDiscoveryServiceServer(s *grpc.Server, srv AggregatedDiscoveryServiceServer) {
+	s.RegisterService(&_AggregatedDiscoveryService_serviceDesc, srv)
+}
+
+func _AggregatedDiscoveryService_StreamAggregatedResources_Handler(srv interface{}, stream grpc.ServerStream) error {
+	return srv.(AggregatedDiscoveryServiceServer).StreamAggregatedResources(&aggregatedDiscoveryServiceStreamAggregatedResourcesServer{stream})
+}
+
+type AggregatedDiscoveryService_StreamAggregatedResourcesServer interface {
+	Send(*v2.DiscoveryResponse) error
+	Recv() (*v2.DiscoveryRequest, error)
+	grpc.ServerStream
+}
+
+type aggregatedDiscoveryServiceStreamAggregatedResourcesServer struct {
+	grpc.ServerStream
+}
+
+func (x *aggregatedDiscoveryServiceStreamAggregatedResourcesServer) Send(m *v2.DiscoveryResponse) error {
+	return x.ServerStream.SendMsg(m)
+}
+
+func (x *aggregatedDiscoveryServiceStreamAggregatedResourcesServer) Recv() (*v2.DiscoveryRequest, error) {
+	m := new(v2.DiscoveryRequest)
+	if err := x.ServerStream.RecvMsg(m); err != nil {
+		return nil, err
+	}
+	return m, nil
+}
+
+func _AggregatedDiscoveryService_DeltaAggregatedResources_Handler(srv interface{}, stream grpc.ServerStream) error {
+	return srv.(AggregatedDiscoveryServiceServer).DeltaAggregatedResources(&aggregatedDiscoveryServiceDeltaAggregatedResourcesServer{stream})
+}
+
+type AggregatedDiscoveryService_DeltaAggregatedResourcesServer interface {
+	Send(*v2.DeltaDiscoveryResponse) error
+	Recv() (*v2.DeltaDiscoveryRequest, error)
+	grpc.ServerStream
+}
+
+type aggregatedDiscoveryServiceDeltaAggregatedResourcesServer struct {
+	grpc.ServerStream
+}
+
+func (x *aggregatedDiscoveryServiceDeltaAggregatedResourcesServer) Send(m *v2.DeltaDiscoveryResponse) error {
+	return x.ServerStream.SendMsg(m)
+}
+
+func (x *aggregatedDiscoveryServiceDeltaAggregatedResourcesServer) Recv() (*v2.DeltaDiscoveryRequest, error) {
+	m := new(v2.DeltaDiscoveryRequest)
+	if err := x.ServerStream.RecvMsg(m); err != nil {
+		return nil, err
+	}
+	return m, nil
+}
+
+var _AggregatedDiscoveryService_serviceDesc = grpc.ServiceDesc{
+	ServiceName: "envoy.service.discovery.v2.AggregatedDiscoveryService",
+	HandlerType: (*AggregatedDiscoveryServiceServer)(nil),
+	Methods:     []grpc.MethodDesc{},
+	Streams: []grpc.StreamDesc{
+		{
+			StreamName:    "StreamAggregatedResources",
+			Handler:       _AggregatedDiscoveryService_StreamAggregatedResources_Handler,
+			ServerStreams: true,
+			ClientStreams: true,
+		},
+		{
+			StreamName:    "DeltaAggregatedResources",
+			Handler:       _AggregatedDiscoveryService_DeltaAggregatedResources_Handler,
+			ServerStreams: true,
+			ClientStreams: true,
+		},
+	},
+	Metadata: "envoy/service/discovery/v2/ads.proto",
+}
diff --git a/vendor/github.com/envoyproxy/go-control-plane/envoy/service/discovery/v2/ads.pb.validate.go b/vendor/github.com/envoyproxy/go-control-plane/envoy/service/discovery/v2/ads.pb.validate.go
new file mode 100644
index 00000000000..654e0354e56
--- /dev/null
+++ b/vendor/github.com/envoyproxy/go-control-plane/envoy/service/discovery/v2/ads.pb.validate.go
@@ -0,0 +1,134 @@
+// Code generated by protoc-gen-validate. DO NOT EDIT.
+// source: envoy/service/discovery/v2/ads.proto
+
+package envoy_service_discovery_v2
+
+import (
+	"bytes"
+	"errors"
+	"fmt"
+	"net"
+	"net/mail"
+	"net/url"
+	"regexp"
+	"sort"
+	"strings"
+	"time"
+	"unicode/utf8"
+
+	"google.golang.org/protobuf/types/known/anypb"
+)
+
+// ensure the imports are used
+var (
+	_ = bytes.MinRead
+	_ = errors.New("")
+	_ = fmt.Print
+	_ = utf8.UTFMax
+	_ = (*regexp.Regexp)(nil)
+	_ = (*strings.Reader)(nil)
+	_ = net.IPv4len
+	_ = time.Duration(0)
+	_ = (*url.URL)(nil)
+	_ = (*mail.Address)(nil)
+	_ = anypb.Any{}
+	_ = sort.Sort
+)
+
+// Validate checks the field values on AdsDummy with the rules defined in the
+// proto definition for this message. If any rules are violated, the first
+// error encountered is returned, or nil if there are no violations.
+func (m *AdsDummy) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on AdsDummy with the rules defined in
+// the proto definition for this message. If any rules are violated, the
+// result is a list of violation errors wrapped in AdsDummyMultiError, or nil
+// if none found.
+func (m *AdsDummy) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *AdsDummy) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	if len(errors) > 0 {
+		return AdsDummyMultiError(errors)
+	}
+	return nil
+}
+
+// AdsDummyMultiError is an error wrapping multiple validation errors returned
+// by AdsDummy.ValidateAll() if the designated constraints aren't met.
+type AdsDummyMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m AdsDummyMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m AdsDummyMultiError) AllErrors() []error { return m }
+
+// AdsDummyValidationError is the validation error returned by
+// AdsDummy.Validate if the designated constraints aren't met.
+type AdsDummyValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e AdsDummyValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e AdsDummyValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e AdsDummyValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e AdsDummyValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e AdsDummyValidationError) ErrorName() string { return "AdsDummyValidationError" }
+
+// Error satisfies the builtin error interface
+func (e AdsDummyValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sAdsDummy.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = AdsDummyValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = AdsDummyValidationError{}
diff --git a/vendor/github.com/envoyproxy/go-control-plane/envoy/service/discovery/v2/hds.pb.go b/vendor/github.com/envoyproxy/go-control-plane/envoy/service/discovery/v2/hds.pb.go
new file mode 100644
index 00000000000..54a217f88dc
--- /dev/null
+++ b/vendor/github.com/envoyproxy/go-control-plane/envoy/service/discovery/v2/hds.pb.go
@@ -0,0 +1,1100 @@
+// Code generated by protoc-gen-go. DO NOT EDIT.
+// versions:
+// 	protoc-gen-go v1.25.0
+// 	protoc        v3.19.1
+// source: envoy/service/discovery/v2/hds.proto
+
+package envoy_service_discovery_v2
+
+import (
+	context "context"
+	_ "github.com/cncf/xds/go/udpa/annotations"
+	core "github.com/envoyproxy/go-control-plane/envoy/api/v2/core"
+	endpoint "github.com/envoyproxy/go-control-plane/envoy/api/v2/endpoint"
+	proto "github.com/golang/protobuf/proto"
+	duration "github.com/golang/protobuf/ptypes/duration"
+	_ "google.golang.org/genproto/googleapis/api/annotations"
+	grpc "google.golang.org/grpc"
+	codes "google.golang.org/grpc/codes"
+	status "google.golang.org/grpc/status"
+	protoreflect "google.golang.org/protobuf/reflect/protoreflect"
+	protoimpl "google.golang.org/protobuf/runtime/protoimpl"
+	reflect "reflect"
+	sync "sync"
+)
+
+const (
+	// Verify that this generated code is sufficiently up-to-date.
+	_ = protoimpl.EnforceVersion(20 - protoimpl.MinVersion)
+	// Verify that runtime/protoimpl is sufficiently up-to-date.
+	_ = protoimpl.EnforceVersion(protoimpl.MaxVersion - 20)
+)
+
+// This is a compile-time assertion that a sufficiently up-to-date version
+// of the legacy proto package is being used.
+const _ = proto.ProtoPackageIsVersion4
+
+// Different Envoy instances may have different capabilities (e.g. Redis)
+// and/or have ports enabled for different protocols.
+type Capability_Protocol int32
+
+const (
+	Capability_HTTP  Capability_Protocol = 0
+	Capability_TCP   Capability_Protocol = 1
+	Capability_REDIS Capability_Protocol = 2
+)
+
+// Enum value maps for Capability_Protocol.
+var (
+	Capability_Protocol_name = map[int32]string{
+		0: "HTTP",
+		1: "TCP",
+		2: "REDIS",
+	}
+	Capability_Protocol_value = map[string]int32{
+		"HTTP":  0,
+		"TCP":   1,
+		"REDIS": 2,
+	}
+)
+
+func (x Capability_Protocol) Enum() *Capability_Protocol {
+	p := new(Capability_Protocol)
+	*p = x
+	return p
+}
+
+func (x Capability_Protocol) String() string {
+	return protoimpl.X.EnumStringOf(x.Descriptor(), protoreflect.EnumNumber(x))
+}
+
+func (Capability_Protocol) Descriptor() protoreflect.EnumDescriptor {
+	return file_envoy_service_discovery_v2_hds_proto_enumTypes[0].Descriptor()
+}
+
+func (Capability_Protocol) Type() protoreflect.EnumType {
+	return &file_envoy_service_discovery_v2_hds_proto_enumTypes[0]
+}
+
+func (x Capability_Protocol) Number() protoreflect.EnumNumber {
+	return protoreflect.EnumNumber(x)
+}
+
+// Deprecated: Use Capability_Protocol.Descriptor instead.
+func (Capability_Protocol) EnumDescriptor() ([]byte, []int) {
+	return file_envoy_service_discovery_v2_hds_proto_rawDescGZIP(), []int{0, 0}
+}
+
+// Defines supported protocols etc, so the management server can assign proper
+// endpoints to healthcheck.
+type Capability struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	HealthCheckProtocols []Capability_Protocol `protobuf:"varint,1,rep,packed,name=health_check_protocols,json=healthCheckProtocols,proto3,enum=envoy.service.discovery.v2.Capability_Protocol" json:"health_check_protocols,omitempty"`
+}
+
+func (x *Capability) Reset() {
+	*x = Capability{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_service_discovery_v2_hds_proto_msgTypes[0]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *Capability) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*Capability) ProtoMessage() {}
+
+func (x *Capability) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_service_discovery_v2_hds_proto_msgTypes[0]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use Capability.ProtoReflect.Descriptor instead.
+func (*Capability) Descriptor() ([]byte, []int) {
+	return file_envoy_service_discovery_v2_hds_proto_rawDescGZIP(), []int{0}
+}
+
+func (x *Capability) GetHealthCheckProtocols() []Capability_Protocol {
+	if x != nil {
+		return x.HealthCheckProtocols
+	}
+	return nil
+}
+
+type HealthCheckRequest struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	Node       *core.Node  `protobuf:"bytes,1,opt,name=node,proto3" json:"node,omitempty"`
+	Capability *Capability `protobuf:"bytes,2,opt,name=capability,proto3" json:"capability,omitempty"`
+}
+
+func (x *HealthCheckRequest) Reset() {
+	*x = HealthCheckRequest{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_service_discovery_v2_hds_proto_msgTypes[1]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *HealthCheckRequest) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*HealthCheckRequest) ProtoMessage() {}
+
+func (x *HealthCheckRequest) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_service_discovery_v2_hds_proto_msgTypes[1]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use HealthCheckRequest.ProtoReflect.Descriptor instead.
+func (*HealthCheckRequest) Descriptor() ([]byte, []int) {
+	return file_envoy_service_discovery_v2_hds_proto_rawDescGZIP(), []int{1}
+}
+
+func (x *HealthCheckRequest) GetNode() *core.Node {
+	if x != nil {
+		return x.Node
+	}
+	return nil
+}
+
+func (x *HealthCheckRequest) GetCapability() *Capability {
+	if x != nil {
+		return x.Capability
+	}
+	return nil
+}
+
+type EndpointHealth struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	Endpoint     *endpoint.Endpoint `protobuf:"bytes,1,opt,name=endpoint,proto3" json:"endpoint,omitempty"`
+	HealthStatus core.HealthStatus  `protobuf:"varint,2,opt,name=health_status,json=healthStatus,proto3,enum=envoy.api.v2.core.HealthStatus" json:"health_status,omitempty"`
+}
+
+func (x *EndpointHealth) Reset() {
+	*x = EndpointHealth{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_service_discovery_v2_hds_proto_msgTypes[2]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *EndpointHealth) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*EndpointHealth) ProtoMessage() {}
+
+func (x *EndpointHealth) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_service_discovery_v2_hds_proto_msgTypes[2]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use EndpointHealth.ProtoReflect.Descriptor instead.
+func (*EndpointHealth) Descriptor() ([]byte, []int) {
+	return file_envoy_service_discovery_v2_hds_proto_rawDescGZIP(), []int{2}
+}
+
+func (x *EndpointHealth) GetEndpoint() *endpoint.Endpoint {
+	if x != nil {
+		return x.Endpoint
+	}
+	return nil
+}
+
+func (x *EndpointHealth) GetHealthStatus() core.HealthStatus {
+	if x != nil {
+		return x.HealthStatus
+	}
+	return core.HealthStatus_UNKNOWN
+}
+
+type EndpointHealthResponse struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	EndpointsHealth []*EndpointHealth `protobuf:"bytes,1,rep,name=endpoints_health,json=endpointsHealth,proto3" json:"endpoints_health,omitempty"`
+}
+
+func (x *EndpointHealthResponse) Reset() {
+	*x = EndpointHealthResponse{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_service_discovery_v2_hds_proto_msgTypes[3]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *EndpointHealthResponse) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*EndpointHealthResponse) ProtoMessage() {}
+
+func (x *EndpointHealthResponse) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_service_discovery_v2_hds_proto_msgTypes[3]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use EndpointHealthResponse.ProtoReflect.Descriptor instead.
+func (*EndpointHealthResponse) Descriptor() ([]byte, []int) {
+	return file_envoy_service_discovery_v2_hds_proto_rawDescGZIP(), []int{3}
+}
+
+func (x *EndpointHealthResponse) GetEndpointsHealth() []*EndpointHealth {
+	if x != nil {
+		return x.EndpointsHealth
+	}
+	return nil
+}
+
+type HealthCheckRequestOrEndpointHealthResponse struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// Types that are assignable to RequestType:
+	//	*HealthCheckRequestOrEndpointHealthResponse_HealthCheckRequest
+	//	*HealthCheckRequestOrEndpointHealthResponse_EndpointHealthResponse
+	RequestType isHealthCheckRequestOrEndpointHealthResponse_RequestType `protobuf_oneof:"request_type"`
+}
+
+func (x *HealthCheckRequestOrEndpointHealthResponse) Reset() {
+	*x = HealthCheckRequestOrEndpointHealthResponse{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_service_discovery_v2_hds_proto_msgTypes[4]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *HealthCheckRequestOrEndpointHealthResponse) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*HealthCheckRequestOrEndpointHealthResponse) ProtoMessage() {}
+
+func (x *HealthCheckRequestOrEndpointHealthResponse) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_service_discovery_v2_hds_proto_msgTypes[4]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use HealthCheckRequestOrEndpointHealthResponse.ProtoReflect.Descriptor instead.
+func (*HealthCheckRequestOrEndpointHealthResponse) Descriptor() ([]byte, []int) {
+	return file_envoy_service_discovery_v2_hds_proto_rawDescGZIP(), []int{4}
+}
+
+func (m *HealthCheckRequestOrEndpointHealthResponse) GetRequestType() isHealthCheckRequestOrEndpointHealthResponse_RequestType {
+	if m != nil {
+		return m.RequestType
+	}
+	return nil
+}
+
+func (x *HealthCheckRequestOrEndpointHealthResponse) GetHealthCheckRequest() *HealthCheckRequest {
+	if x, ok := x.GetRequestType().(*HealthCheckRequestOrEndpointHealthResponse_HealthCheckRequest); ok {
+		return x.HealthCheckRequest
+	}
+	return nil
+}
+
+func (x *HealthCheckRequestOrEndpointHealthResponse) GetEndpointHealthResponse() *EndpointHealthResponse {
+	if x, ok := x.GetRequestType().(*HealthCheckRequestOrEndpointHealthResponse_EndpointHealthResponse); ok {
+		return x.EndpointHealthResponse
+	}
+	return nil
+}
+
+type isHealthCheckRequestOrEndpointHealthResponse_RequestType interface {
+	isHealthCheckRequestOrEndpointHealthResponse_RequestType()
+}
+
+type HealthCheckRequestOrEndpointHealthResponse_HealthCheckRequest struct {
+	HealthCheckRequest *HealthCheckRequest `protobuf:"bytes,1,opt,name=health_check_request,json=healthCheckRequest,proto3,oneof"`
+}
+
+type HealthCheckRequestOrEndpointHealthResponse_EndpointHealthResponse struct {
+	EndpointHealthResponse *EndpointHealthResponse `protobuf:"bytes,2,opt,name=endpoint_health_response,json=endpointHealthResponse,proto3,oneof"`
+}
+
+func (*HealthCheckRequestOrEndpointHealthResponse_HealthCheckRequest) isHealthCheckRequestOrEndpointHealthResponse_RequestType() {
+}
+
+func (*HealthCheckRequestOrEndpointHealthResponse_EndpointHealthResponse) isHealthCheckRequestOrEndpointHealthResponse_RequestType() {
+}
+
+type LocalityEndpoints struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	Locality  *core.Locality       `protobuf:"bytes,1,opt,name=locality,proto3" json:"locality,omitempty"`
+	Endpoints []*endpoint.Endpoint `protobuf:"bytes,2,rep,name=endpoints,proto3" json:"endpoints,omitempty"`
+}
+
+func (x *LocalityEndpoints) Reset() {
+	*x = LocalityEndpoints{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_service_discovery_v2_hds_proto_msgTypes[5]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *LocalityEndpoints) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*LocalityEndpoints) ProtoMessage() {}
+
+func (x *LocalityEndpoints) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_service_discovery_v2_hds_proto_msgTypes[5]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use LocalityEndpoints.ProtoReflect.Descriptor instead.
+func (*LocalityEndpoints) Descriptor() ([]byte, []int) {
+	return file_envoy_service_discovery_v2_hds_proto_rawDescGZIP(), []int{5}
+}
+
+func (x *LocalityEndpoints) GetLocality() *core.Locality {
+	if x != nil {
+		return x.Locality
+	}
+	return nil
+}
+
+func (x *LocalityEndpoints) GetEndpoints() []*endpoint.Endpoint {
+	if x != nil {
+		return x.Endpoints
+	}
+	return nil
+}
+
+// The cluster name and locality is provided to Envoy for the endpoints that it
+// health checks to support statistics reporting, logging and debugging by the
+// Envoy instance (outside of HDS). For maximum usefulness, it should match the
+// same cluster structure as that provided by EDS.
+type ClusterHealthCheck struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	ClusterName       string               `protobuf:"bytes,1,opt,name=cluster_name,json=clusterName,proto3" json:"cluster_name,omitempty"`
+	HealthChecks      []*core.HealthCheck  `protobuf:"bytes,2,rep,name=health_checks,json=healthChecks,proto3" json:"health_checks,omitempty"`
+	LocalityEndpoints []*LocalityEndpoints `protobuf:"bytes,3,rep,name=locality_endpoints,json=localityEndpoints,proto3" json:"locality_endpoints,omitempty"`
+}
+
+func (x *ClusterHealthCheck) Reset() {
+	*x = ClusterHealthCheck{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_service_discovery_v2_hds_proto_msgTypes[6]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *ClusterHealthCheck) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*ClusterHealthCheck) ProtoMessage() {}
+
+func (x *ClusterHealthCheck) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_service_discovery_v2_hds_proto_msgTypes[6]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use ClusterHealthCheck.ProtoReflect.Descriptor instead.
+func (*ClusterHealthCheck) Descriptor() ([]byte, []int) {
+	return file_envoy_service_discovery_v2_hds_proto_rawDescGZIP(), []int{6}
+}
+
+func (x *ClusterHealthCheck) GetClusterName() string {
+	if x != nil {
+		return x.ClusterName
+	}
+	return ""
+}
+
+func (x *ClusterHealthCheck) GetHealthChecks() []*core.HealthCheck {
+	if x != nil {
+		return x.HealthChecks
+	}
+	return nil
+}
+
+func (x *ClusterHealthCheck) GetLocalityEndpoints() []*LocalityEndpoints {
+	if x != nil {
+		return x.LocalityEndpoints
+	}
+	return nil
+}
+
+type HealthCheckSpecifier struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	ClusterHealthChecks []*ClusterHealthCheck `protobuf:"bytes,1,rep,name=cluster_health_checks,json=clusterHealthChecks,proto3" json:"cluster_health_checks,omitempty"`
+	// The default is 1 second.
+	Interval *duration.Duration `protobuf:"bytes,2,opt,name=interval,proto3" json:"interval,omitempty"`
+}
+
+func (x *HealthCheckSpecifier) Reset() {
+	*x = HealthCheckSpecifier{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_service_discovery_v2_hds_proto_msgTypes[7]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *HealthCheckSpecifier) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*HealthCheckSpecifier) ProtoMessage() {}
+
+func (x *HealthCheckSpecifier) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_service_discovery_v2_hds_proto_msgTypes[7]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use HealthCheckSpecifier.ProtoReflect.Descriptor instead.
+func (*HealthCheckSpecifier) Descriptor() ([]byte, []int) {
+	return file_envoy_service_discovery_v2_hds_proto_rawDescGZIP(), []int{7}
+}
+
+func (x *HealthCheckSpecifier) GetClusterHealthChecks() []*ClusterHealthCheck {
+	if x != nil {
+		return x.ClusterHealthChecks
+	}
+	return nil
+}
+
+func (x *HealthCheckSpecifier) GetInterval() *duration.Duration {
+	if x != nil {
+		return x.Interval
+	}
+	return nil
+}
+
+var File_envoy_service_discovery_v2_hds_proto protoreflect.FileDescriptor
+
+var file_envoy_service_discovery_v2_hds_proto_rawDesc = []byte{
+	0x0a, 0x24, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2f, 0x73, 0x65, 0x72, 0x76, 0x69, 0x63, 0x65, 0x2f,
+	0x64, 0x69, 0x73, 0x63, 0x6f, 0x76, 0x65, 0x72, 0x79, 0x2f, 0x76, 0x32, 0x2f, 0x68, 0x64, 0x73,
+	0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x12, 0x1a, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x73, 0x65,
+	0x72, 0x76, 0x69, 0x63, 0x65, 0x2e, 0x64, 0x69, 0x73, 0x63, 0x6f, 0x76, 0x65, 0x72, 0x79, 0x2e,
+	0x76, 0x32, 0x1a, 0x1c, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2f, 0x61, 0x70, 0x69, 0x2f, 0x76, 0x32,
+	0x2f, 0x63, 0x6f, 0x72, 0x65, 0x2f, 0x62, 0x61, 0x73, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f,
+	0x1a, 0x24, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2f, 0x61, 0x70, 0x69, 0x2f, 0x76, 0x32, 0x2f, 0x63,
+	0x6f, 0x72, 0x65, 0x2f, 0x68, 0x65, 0x61, 0x6c, 0x74, 0x68, 0x5f, 0x63, 0x68, 0x65, 0x63, 0x6b,
+	0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x2f, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2f, 0x61, 0x70,
+	0x69, 0x2f, 0x76, 0x32, 0x2f, 0x65, 0x6e, 0x64, 0x70, 0x6f, 0x69, 0x6e, 0x74, 0x2f, 0x65, 0x6e,
+	0x64, 0x70, 0x6f, 0x69, 0x6e, 0x74, 0x5f, 0x63, 0x6f, 0x6d, 0x70, 0x6f, 0x6e, 0x65, 0x6e, 0x74,
+	0x73, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x1c, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2f,
+	0x61, 0x70, 0x69, 0x2f, 0x61, 0x6e, 0x6e, 0x6f, 0x74, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x2e,
+	0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x1e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2f, 0x70, 0x72,
+	0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2f, 0x64, 0x75, 0x72, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x2e,
+	0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x1e, 0x75, 0x64, 0x70, 0x61, 0x2f, 0x61, 0x6e, 0x6e, 0x6f,
+	0x74, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x2f, 0x6d, 0x69, 0x67, 0x72, 0x61, 0x74, 0x65, 0x2e,
+	0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x1d, 0x75, 0x64, 0x70, 0x61, 0x2f, 0x61, 0x6e, 0x6e, 0x6f,
+	0x74, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x2f, 0x73, 0x74, 0x61, 0x74, 0x75, 0x73, 0x2e, 0x70,
+	0x72, 0x6f, 0x74, 0x6f, 0x22, 0x9d, 0x01, 0x0a, 0x0a, 0x43, 0x61, 0x70, 0x61, 0x62, 0x69, 0x6c,
+	0x69, 0x74, 0x79, 0x12, 0x65, 0x0a, 0x16, 0x68, 0x65, 0x61, 0x6c, 0x74, 0x68, 0x5f, 0x63, 0x68,
+	0x65, 0x63, 0x6b, 0x5f, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x63, 0x6f, 0x6c, 0x73, 0x18, 0x01, 0x20,
+	0x03, 0x28, 0x0e, 0x32, 0x2f, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x73, 0x65, 0x72, 0x76,
+	0x69, 0x63, 0x65, 0x2e, 0x64, 0x69, 0x73, 0x63, 0x6f, 0x76, 0x65, 0x72, 0x79, 0x2e, 0x76, 0x32,
+	0x2e, 0x43, 0x61, 0x70, 0x61, 0x62, 0x69, 0x6c, 0x69, 0x74, 0x79, 0x2e, 0x50, 0x72, 0x6f, 0x74,
+	0x6f, 0x63, 0x6f, 0x6c, 0x52, 0x14, 0x68, 0x65, 0x61, 0x6c, 0x74, 0x68, 0x43, 0x68, 0x65, 0x63,
+	0x6b, 0x50, 0x72, 0x6f, 0x74, 0x6f, 0x63, 0x6f, 0x6c, 0x73, 0x22, 0x28, 0x0a, 0x08, 0x50, 0x72,
+	0x6f, 0x74, 0x6f, 0x63, 0x6f, 0x6c, 0x12, 0x08, 0x0a, 0x04, 0x48, 0x54, 0x54, 0x50, 0x10, 0x00,
+	0x12, 0x07, 0x0a, 0x03, 0x54, 0x43, 0x50, 0x10, 0x01, 0x12, 0x09, 0x0a, 0x05, 0x52, 0x45, 0x44,
+	0x49, 0x53, 0x10, 0x02, 0x22, 0x89, 0x01, 0x0a, 0x12, 0x48, 0x65, 0x61, 0x6c, 0x74, 0x68, 0x43,
+	0x68, 0x65, 0x63, 0x6b, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x12, 0x2b, 0x0a, 0x04, 0x6e,
+	0x6f, 0x64, 0x65, 0x18, 0x01, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x17, 0x2e, 0x65, 0x6e, 0x76, 0x6f,
+	0x79, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x76, 0x32, 0x2e, 0x63, 0x6f, 0x72, 0x65, 0x2e, 0x4e, 0x6f,
+	0x64, 0x65, 0x52, 0x04, 0x6e, 0x6f, 0x64, 0x65, 0x12, 0x46, 0x0a, 0x0a, 0x63, 0x61, 0x70, 0x61,
+	0x62, 0x69, 0x6c, 0x69, 0x74, 0x79, 0x18, 0x02, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x26, 0x2e, 0x65,
+	0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x73, 0x65, 0x72, 0x76, 0x69, 0x63, 0x65, 0x2e, 0x64, 0x69, 0x73,
+	0x63, 0x6f, 0x76, 0x65, 0x72, 0x79, 0x2e, 0x76, 0x32, 0x2e, 0x43, 0x61, 0x70, 0x61, 0x62, 0x69,
+	0x6c, 0x69, 0x74, 0x79, 0x52, 0x0a, 0x63, 0x61, 0x70, 0x61, 0x62, 0x69, 0x6c, 0x69, 0x74, 0x79,
+	0x22, 0x93, 0x01, 0x0a, 0x0e, 0x45, 0x6e, 0x64, 0x70, 0x6f, 0x69, 0x6e, 0x74, 0x48, 0x65, 0x61,
+	0x6c, 0x74, 0x68, 0x12, 0x3b, 0x0a, 0x08, 0x65, 0x6e, 0x64, 0x70, 0x6f, 0x69, 0x6e, 0x74, 0x18,
+	0x01, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1f, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61, 0x70,
+	0x69, 0x2e, 0x76, 0x32, 0x2e, 0x65, 0x6e, 0x64, 0x70, 0x6f, 0x69, 0x6e, 0x74, 0x2e, 0x45, 0x6e,
+	0x64, 0x70, 0x6f, 0x69, 0x6e, 0x74, 0x52, 0x08, 0x65, 0x6e, 0x64, 0x70, 0x6f, 0x69, 0x6e, 0x74,
+	0x12, 0x44, 0x0a, 0x0d, 0x68, 0x65, 0x61, 0x6c, 0x74, 0x68, 0x5f, 0x73, 0x74, 0x61, 0x74, 0x75,
+	0x73, 0x18, 0x02, 0x20, 0x01, 0x28, 0x0e, 0x32, 0x1f, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e,
+	0x61, 0x70, 0x69, 0x2e, 0x76, 0x32, 0x2e, 0x63, 0x6f, 0x72, 0x65, 0x2e, 0x48, 0x65, 0x61, 0x6c,
+	0x74, 0x68, 0x53, 0x74, 0x61, 0x74, 0x75, 0x73, 0x52, 0x0c, 0x68, 0x65, 0x61, 0x6c, 0x74, 0x68,
+	0x53, 0x74, 0x61, 0x74, 0x75, 0x73, 0x22, 0x6f, 0x0a, 0x16, 0x45, 0x6e, 0x64, 0x70, 0x6f, 0x69,
+	0x6e, 0x74, 0x48, 0x65, 0x61, 0x6c, 0x74, 0x68, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65,
+	0x12, 0x55, 0x0a, 0x10, 0x65, 0x6e, 0x64, 0x70, 0x6f, 0x69, 0x6e, 0x74, 0x73, 0x5f, 0x68, 0x65,
+	0x61, 0x6c, 0x74, 0x68, 0x18, 0x01, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x2a, 0x2e, 0x65, 0x6e, 0x76,
+	0x6f, 0x79, 0x2e, 0x73, 0x65, 0x72, 0x76, 0x69, 0x63, 0x65, 0x2e, 0x64, 0x69, 0x73, 0x63, 0x6f,
+	0x76, 0x65, 0x72, 0x79, 0x2e, 0x76, 0x32, 0x2e, 0x45, 0x6e, 0x64, 0x70, 0x6f, 0x69, 0x6e, 0x74,
+	0x48, 0x65, 0x61, 0x6c, 0x74, 0x68, 0x52, 0x0f, 0x65, 0x6e, 0x64, 0x70, 0x6f, 0x69, 0x6e, 0x74,
+	0x73, 0x48, 0x65, 0x61, 0x6c, 0x74, 0x68, 0x22, 0x90, 0x02, 0x0a, 0x2a, 0x48, 0x65, 0x61, 0x6c,
+	0x74, 0x68, 0x43, 0x68, 0x65, 0x63, 0x6b, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x4f, 0x72,
+	0x45, 0x6e, 0x64, 0x70, 0x6f, 0x69, 0x6e, 0x74, 0x48, 0x65, 0x61, 0x6c, 0x74, 0x68, 0x52, 0x65,
+	0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x12, 0x62, 0x0a, 0x14, 0x68, 0x65, 0x61, 0x6c, 0x74, 0x68,
+	0x5f, 0x63, 0x68, 0x65, 0x63, 0x6b, 0x5f, 0x72, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x18, 0x01,
+	0x20, 0x01, 0x28, 0x0b, 0x32, 0x2e, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x73, 0x65, 0x72,
+	0x76, 0x69, 0x63, 0x65, 0x2e, 0x64, 0x69, 0x73, 0x63, 0x6f, 0x76, 0x65, 0x72, 0x79, 0x2e, 0x76,
+	0x32, 0x2e, 0x48, 0x65, 0x61, 0x6c, 0x74, 0x68, 0x43, 0x68, 0x65, 0x63, 0x6b, 0x52, 0x65, 0x71,
+	0x75, 0x65, 0x73, 0x74, 0x48, 0x00, 0x52, 0x12, 0x68, 0x65, 0x61, 0x6c, 0x74, 0x68, 0x43, 0x68,
+	0x65, 0x63, 0x6b, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x12, 0x6e, 0x0a, 0x18, 0x65, 0x6e,
+	0x64, 0x70, 0x6f, 0x69, 0x6e, 0x74, 0x5f, 0x68, 0x65, 0x61, 0x6c, 0x74, 0x68, 0x5f, 0x72, 0x65,
+	0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x18, 0x02, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x32, 0x2e, 0x65,
+	0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x73, 0x65, 0x72, 0x76, 0x69, 0x63, 0x65, 0x2e, 0x64, 0x69, 0x73,
+	0x63, 0x6f, 0x76, 0x65, 0x72, 0x79, 0x2e, 0x76, 0x32, 0x2e, 0x45, 0x6e, 0x64, 0x70, 0x6f, 0x69,
+	0x6e, 0x74, 0x48, 0x65, 0x61, 0x6c, 0x74, 0x68, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65,
+	0x48, 0x00, 0x52, 0x16, 0x65, 0x6e, 0x64, 0x70, 0x6f, 0x69, 0x6e, 0x74, 0x48, 0x65, 0x61, 0x6c,
+	0x74, 0x68, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x42, 0x0e, 0x0a, 0x0c, 0x72, 0x65,
+	0x71, 0x75, 0x65, 0x73, 0x74, 0x5f, 0x74, 0x79, 0x70, 0x65, 0x22, 0x8b, 0x01, 0x0a, 0x11, 0x4c,
+	0x6f, 0x63, 0x61, 0x6c, 0x69, 0x74, 0x79, 0x45, 0x6e, 0x64, 0x70, 0x6f, 0x69, 0x6e, 0x74, 0x73,
+	0x12, 0x37, 0x0a, 0x08, 0x6c, 0x6f, 0x63, 0x61, 0x6c, 0x69, 0x74, 0x79, 0x18, 0x01, 0x20, 0x01,
+	0x28, 0x0b, 0x32, 0x1b, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x76,
+	0x32, 0x2e, 0x63, 0x6f, 0x72, 0x65, 0x2e, 0x4c, 0x6f, 0x63, 0x61, 0x6c, 0x69, 0x74, 0x79, 0x52,
+	0x08, 0x6c, 0x6f, 0x63, 0x61, 0x6c, 0x69, 0x74, 0x79, 0x12, 0x3d, 0x0a, 0x09, 0x65, 0x6e, 0x64,
+	0x70, 0x6f, 0x69, 0x6e, 0x74, 0x73, 0x18, 0x02, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x1f, 0x2e, 0x65,
+	0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x76, 0x32, 0x2e, 0x65, 0x6e, 0x64, 0x70,
+	0x6f, 0x69, 0x6e, 0x74, 0x2e, 0x45, 0x6e, 0x64, 0x70, 0x6f, 0x69, 0x6e, 0x74, 0x52, 0x09, 0x65,
+	0x6e, 0x64, 0x70, 0x6f, 0x69, 0x6e, 0x74, 0x73, 0x22, 0xda, 0x01, 0x0a, 0x12, 0x43, 0x6c, 0x75,
+	0x73, 0x74, 0x65, 0x72, 0x48, 0x65, 0x61, 0x6c, 0x74, 0x68, 0x43, 0x68, 0x65, 0x63, 0x6b, 0x12,
+	0x21, 0x0a, 0x0c, 0x63, 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0x5f, 0x6e, 0x61, 0x6d, 0x65, 0x18,
+	0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x0b, 0x63, 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0x4e, 0x61,
+	0x6d, 0x65, 0x12, 0x43, 0x0a, 0x0d, 0x68, 0x65, 0x61, 0x6c, 0x74, 0x68, 0x5f, 0x63, 0x68, 0x65,
+	0x63, 0x6b, 0x73, 0x18, 0x02, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x1e, 0x2e, 0x65, 0x6e, 0x76, 0x6f,
+	0x79, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x76, 0x32, 0x2e, 0x63, 0x6f, 0x72, 0x65, 0x2e, 0x48, 0x65,
+	0x61, 0x6c, 0x74, 0x68, 0x43, 0x68, 0x65, 0x63, 0x6b, 0x52, 0x0c, 0x68, 0x65, 0x61, 0x6c, 0x74,
+	0x68, 0x43, 0x68, 0x65, 0x63, 0x6b, 0x73, 0x12, 0x5c, 0x0a, 0x12, 0x6c, 0x6f, 0x63, 0x61, 0x6c,
+	0x69, 0x74, 0x79, 0x5f, 0x65, 0x6e, 0x64, 0x70, 0x6f, 0x69, 0x6e, 0x74, 0x73, 0x18, 0x03, 0x20,
+	0x03, 0x28, 0x0b, 0x32, 0x2d, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x73, 0x65, 0x72, 0x76,
+	0x69, 0x63, 0x65, 0x2e, 0x64, 0x69, 0x73, 0x63, 0x6f, 0x76, 0x65, 0x72, 0x79, 0x2e, 0x76, 0x32,
+	0x2e, 0x4c, 0x6f, 0x63, 0x61, 0x6c, 0x69, 0x74, 0x79, 0x45, 0x6e, 0x64, 0x70, 0x6f, 0x69, 0x6e,
+	0x74, 0x73, 0x52, 0x11, 0x6c, 0x6f, 0x63, 0x61, 0x6c, 0x69, 0x74, 0x79, 0x45, 0x6e, 0x64, 0x70,
+	0x6f, 0x69, 0x6e, 0x74, 0x73, 0x22, 0xb1, 0x01, 0x0a, 0x14, 0x48, 0x65, 0x61, 0x6c, 0x74, 0x68,
+	0x43, 0x68, 0x65, 0x63, 0x6b, 0x53, 0x70, 0x65, 0x63, 0x69, 0x66, 0x69, 0x65, 0x72, 0x12, 0x62,
+	0x0a, 0x15, 0x63, 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0x5f, 0x68, 0x65, 0x61, 0x6c, 0x74, 0x68,
+	0x5f, 0x63, 0x68, 0x65, 0x63, 0x6b, 0x73, 0x18, 0x01, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x2e, 0x2e,
+	0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x73, 0x65, 0x72, 0x76, 0x69, 0x63, 0x65, 0x2e, 0x64, 0x69,
+	0x73, 0x63, 0x6f, 0x76, 0x65, 0x72, 0x79, 0x2e, 0x76, 0x32, 0x2e, 0x43, 0x6c, 0x75, 0x73, 0x74,
+	0x65, 0x72, 0x48, 0x65, 0x61, 0x6c, 0x74, 0x68, 0x43, 0x68, 0x65, 0x63, 0x6b, 0x52, 0x13, 0x63,
+	0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0x48, 0x65, 0x61, 0x6c, 0x74, 0x68, 0x43, 0x68, 0x65, 0x63,
+	0x6b, 0x73, 0x12, 0x35, 0x0a, 0x08, 0x69, 0x6e, 0x74, 0x65, 0x72, 0x76, 0x61, 0x6c, 0x18, 0x02,
+	0x20, 0x01, 0x28, 0x0b, 0x32, 0x19, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72,
+	0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x44, 0x75, 0x72, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x52,
+	0x08, 0x69, 0x6e, 0x74, 0x65, 0x72, 0x76, 0x61, 0x6c, 0x32, 0xea, 0x02, 0x0a, 0x16, 0x48, 0x65,
+	0x61, 0x6c, 0x74, 0x68, 0x44, 0x69, 0x73, 0x63, 0x6f, 0x76, 0x65, 0x72, 0x79, 0x53, 0x65, 0x72,
+	0x76, 0x69, 0x63, 0x65, 0x12, 0x93, 0x01, 0x0a, 0x11, 0x53, 0x74, 0x72, 0x65, 0x61, 0x6d, 0x48,
+	0x65, 0x61, 0x6c, 0x74, 0x68, 0x43, 0x68, 0x65, 0x63, 0x6b, 0x12, 0x46, 0x2e, 0x65, 0x6e, 0x76,
+	0x6f, 0x79, 0x2e, 0x73, 0x65, 0x72, 0x76, 0x69, 0x63, 0x65, 0x2e, 0x64, 0x69, 0x73, 0x63, 0x6f,
+	0x76, 0x65, 0x72, 0x79, 0x2e, 0x76, 0x32, 0x2e, 0x48, 0x65, 0x61, 0x6c, 0x74, 0x68, 0x43, 0x68,
+	0x65, 0x63, 0x6b, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x4f, 0x72, 0x45, 0x6e, 0x64, 0x70,
+	0x6f, 0x69, 0x6e, 0x74, 0x48, 0x65, 0x61, 0x6c, 0x74, 0x68, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e,
+	0x73, 0x65, 0x1a, 0x30, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x73, 0x65, 0x72, 0x76, 0x69,
+	0x63, 0x65, 0x2e, 0x64, 0x69, 0x73, 0x63, 0x6f, 0x76, 0x65, 0x72, 0x79, 0x2e, 0x76, 0x32, 0x2e,
+	0x48, 0x65, 0x61, 0x6c, 0x74, 0x68, 0x43, 0x68, 0x65, 0x63, 0x6b, 0x53, 0x70, 0x65, 0x63, 0x69,
+	0x66, 0x69, 0x65, 0x72, 0x22, 0x00, 0x28, 0x01, 0x30, 0x01, 0x12, 0xb9, 0x01, 0x0a, 0x10, 0x46,
+	0x65, 0x74, 0x63, 0x68, 0x48, 0x65, 0x61, 0x6c, 0x74, 0x68, 0x43, 0x68, 0x65, 0x63, 0x6b, 0x12,
+	0x46, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x73, 0x65, 0x72, 0x76, 0x69, 0x63, 0x65, 0x2e,
+	0x64, 0x69, 0x73, 0x63, 0x6f, 0x76, 0x65, 0x72, 0x79, 0x2e, 0x76, 0x32, 0x2e, 0x48, 0x65, 0x61,
+	0x6c, 0x74, 0x68, 0x43, 0x68, 0x65, 0x63, 0x6b, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x4f,
+	0x72, 0x45, 0x6e, 0x64, 0x70, 0x6f, 0x69, 0x6e, 0x74, 0x48, 0x65, 0x61, 0x6c, 0x74, 0x68, 0x52,
+	0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x1a, 0x30, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e,
+	0x73, 0x65, 0x72, 0x76, 0x69, 0x63, 0x65, 0x2e, 0x64, 0x69, 0x73, 0x63, 0x6f, 0x76, 0x65, 0x72,
+	0x79, 0x2e, 0x76, 0x32, 0x2e, 0x48, 0x65, 0x61, 0x6c, 0x74, 0x68, 0x43, 0x68, 0x65, 0x63, 0x6b,
+	0x53, 0x70, 0x65, 0x63, 0x69, 0x66, 0x69, 0x65, 0x72, 0x22, 0x2b, 0x82, 0xd3, 0xe4, 0x93, 0x02,
+	0x1c, 0x22, 0x1a, 0x2f, 0x76, 0x32, 0x2f, 0x64, 0x69, 0x73, 0x63, 0x6f, 0x76, 0x65, 0x72, 0x79,
+	0x3a, 0x68, 0x65, 0x61, 0x6c, 0x74, 0x68, 0x5f, 0x63, 0x68, 0x65, 0x63, 0x6b, 0x82, 0xd3, 0xe4,
+	0x93, 0x02, 0x03, 0x3a, 0x01, 0x2a, 0x42, 0x60, 0x0a, 0x28, 0x69, 0x6f, 0x2e, 0x65, 0x6e, 0x76,
+	0x6f, 0x79, 0x70, 0x72, 0x6f, 0x78, 0x79, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x73, 0x65,
+	0x72, 0x76, 0x69, 0x63, 0x65, 0x2e, 0x64, 0x69, 0x73, 0x63, 0x6f, 0x76, 0x65, 0x72, 0x79, 0x2e,
+	0x76, 0x32, 0x42, 0x08, 0x48, 0x64, 0x73, 0x50, 0x72, 0x6f, 0x74, 0x6f, 0x50, 0x01, 0x88, 0x01,
+	0x01, 0xf2, 0x98, 0xfe, 0x8f, 0x05, 0x19, 0x12, 0x17, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x73,
+	0x65, 0x72, 0x76, 0x69, 0x63, 0x65, 0x2e, 0x68, 0x65, 0x61, 0x6c, 0x74, 0x68, 0x2e, 0x76, 0x33,
+	0xba, 0x80, 0xc8, 0xd1, 0x06, 0x02, 0x10, 0x01, 0x62, 0x06, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x33,
+}
+
+var (
+	file_envoy_service_discovery_v2_hds_proto_rawDescOnce sync.Once
+	file_envoy_service_discovery_v2_hds_proto_rawDescData = file_envoy_service_discovery_v2_hds_proto_rawDesc
+)
+
+func file_envoy_service_discovery_v2_hds_proto_rawDescGZIP() []byte {
+	file_envoy_service_discovery_v2_hds_proto_rawDescOnce.Do(func() {
+		file_envoy_service_discovery_v2_hds_proto_rawDescData = protoimpl.X.CompressGZIP(file_envoy_service_discovery_v2_hds_proto_rawDescData)
+	})
+	return file_envoy_service_discovery_v2_hds_proto_rawDescData
+}
+
+var file_envoy_service_discovery_v2_hds_proto_enumTypes = make([]protoimpl.EnumInfo, 1)
+var file_envoy_service_discovery_v2_hds_proto_msgTypes = make([]protoimpl.MessageInfo, 8)
+var file_envoy_service_discovery_v2_hds_proto_goTypes = []interface{}{
+	(Capability_Protocol)(0),                           // 0: envoy.service.discovery.v2.Capability.Protocol
+	(*Capability)(nil),                                 // 1: envoy.service.discovery.v2.Capability
+	(*HealthCheckRequest)(nil),                         // 2: envoy.service.discovery.v2.HealthCheckRequest
+	(*EndpointHealth)(nil),                             // 3: envoy.service.discovery.v2.EndpointHealth
+	(*EndpointHealthResponse)(nil),                     // 4: envoy.service.discovery.v2.EndpointHealthResponse
+	(*HealthCheckRequestOrEndpointHealthResponse)(nil), // 5: envoy.service.discovery.v2.HealthCheckRequestOrEndpointHealthResponse
+	(*LocalityEndpoints)(nil),                          // 6: envoy.service.discovery.v2.LocalityEndpoints
+	(*ClusterHealthCheck)(nil),                         // 7: envoy.service.discovery.v2.ClusterHealthCheck
+	(*HealthCheckSpecifier)(nil),                       // 8: envoy.service.discovery.v2.HealthCheckSpecifier
+	(*core.Node)(nil),                                  // 9: envoy.api.v2.core.Node
+	(*endpoint.Endpoint)(nil),                          // 10: envoy.api.v2.endpoint.Endpoint
+	(core.HealthStatus)(0),                             // 11: envoy.api.v2.core.HealthStatus
+	(*core.Locality)(nil),                              // 12: envoy.api.v2.core.Locality
+	(*core.HealthCheck)(nil),                           // 13: envoy.api.v2.core.HealthCheck
+	(*duration.Duration)(nil),                          // 14: google.protobuf.Duration
+}
+var file_envoy_service_discovery_v2_hds_proto_depIdxs = []int32{
+	0,  // 0: envoy.service.discovery.v2.Capability.health_check_protocols:type_name -> envoy.service.discovery.v2.Capability.Protocol
+	9,  // 1: envoy.service.discovery.v2.HealthCheckRequest.node:type_name -> envoy.api.v2.core.Node
+	1,  // 2: envoy.service.discovery.v2.HealthCheckRequest.capability:type_name -> envoy.service.discovery.v2.Capability
+	10, // 3: envoy.service.discovery.v2.EndpointHealth.endpoint:type_name -> envoy.api.v2.endpoint.Endpoint
+	11, // 4: envoy.service.discovery.v2.EndpointHealth.health_status:type_name -> envoy.api.v2.core.HealthStatus
+	3,  // 5: envoy.service.discovery.v2.EndpointHealthResponse.endpoints_health:type_name -> envoy.service.discovery.v2.EndpointHealth
+	2,  // 6: envoy.service.discovery.v2.HealthCheckRequestOrEndpointHealthResponse.health_check_request:type_name -> envoy.service.discovery.v2.HealthCheckRequest
+	4,  // 7: envoy.service.discovery.v2.HealthCheckRequestOrEndpointHealthResponse.endpoint_health_response:type_name -> envoy.service.discovery.v2.EndpointHealthResponse
+	12, // 8: envoy.service.discovery.v2.LocalityEndpoints.locality:type_name -> envoy.api.v2.core.Locality
+	10, // 9: envoy.service.discovery.v2.LocalityEndpoints.endpoints:type_name -> envoy.api.v2.endpoint.Endpoint
+	13, // 10: envoy.service.discovery.v2.ClusterHealthCheck.health_checks:type_name -> envoy.api.v2.core.HealthCheck
+	6,  // 11: envoy.service.discovery.v2.ClusterHealthCheck.locality_endpoints:type_name -> envoy.service.discovery.v2.LocalityEndpoints
+	7,  // 12: envoy.service.discovery.v2.HealthCheckSpecifier.cluster_health_checks:type_name -> envoy.service.discovery.v2.ClusterHealthCheck
+	14, // 13: envoy.service.discovery.v2.HealthCheckSpecifier.interval:type_name -> google.protobuf.Duration
+	5,  // 14: envoy.service.discovery.v2.HealthDiscoveryService.StreamHealthCheck:input_type -> envoy.service.discovery.v2.HealthCheckRequestOrEndpointHealthResponse
+	5,  // 15: envoy.service.discovery.v2.HealthDiscoveryService.FetchHealthCheck:input_type -> envoy.service.discovery.v2.HealthCheckRequestOrEndpointHealthResponse
+	8,  // 16: envoy.service.discovery.v2.HealthDiscoveryService.StreamHealthCheck:output_type -> envoy.service.discovery.v2.HealthCheckSpecifier
+	8,  // 17: envoy.service.discovery.v2.HealthDiscoveryService.FetchHealthCheck:output_type -> envoy.service.discovery.v2.HealthCheckSpecifier
+	16, // [16:18] is the sub-list for method output_type
+	14, // [14:16] is the sub-list for method input_type
+	14, // [14:14] is the sub-list for extension type_name
+	14, // [14:14] is the sub-list for extension extendee
+	0,  // [0:14] is the sub-list for field type_name
+}
+
+func init() { file_envoy_service_discovery_v2_hds_proto_init() }
+func file_envoy_service_discovery_v2_hds_proto_init() {
+	if File_envoy_service_discovery_v2_hds_proto != nil {
+		return
+	}
+	if !protoimpl.UnsafeEnabled {
+		file_envoy_service_discovery_v2_hds_proto_msgTypes[0].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*Capability); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_service_discovery_v2_hds_proto_msgTypes[1].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*HealthCheckRequest); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_service_discovery_v2_hds_proto_msgTypes[2].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*EndpointHealth); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_service_discovery_v2_hds_proto_msgTypes[3].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*EndpointHealthResponse); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_service_discovery_v2_hds_proto_msgTypes[4].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*HealthCheckRequestOrEndpointHealthResponse); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_service_discovery_v2_hds_proto_msgTypes[5].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*LocalityEndpoints); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_service_discovery_v2_hds_proto_msgTypes[6].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*ClusterHealthCheck); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_service_discovery_v2_hds_proto_msgTypes[7].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*HealthCheckSpecifier); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+	}
+	file_envoy_service_discovery_v2_hds_proto_msgTypes[4].OneofWrappers = []interface{}{
+		(*HealthCheckRequestOrEndpointHealthResponse_HealthCheckRequest)(nil),
+		(*HealthCheckRequestOrEndpointHealthResponse_EndpointHealthResponse)(nil),
+	}
+	type x struct{}
+	out := protoimpl.TypeBuilder{
+		File: protoimpl.DescBuilder{
+			GoPackagePath: reflect.TypeOf(x{}).PkgPath(),
+			RawDescriptor: file_envoy_service_discovery_v2_hds_proto_rawDesc,
+			NumEnums:      1,
+			NumMessages:   8,
+			NumExtensions: 0,
+			NumServices:   1,
+		},
+		GoTypes:           file_envoy_service_discovery_v2_hds_proto_goTypes,
+		DependencyIndexes: file_envoy_service_discovery_v2_hds_proto_depIdxs,
+		EnumInfos:         file_envoy_service_discovery_v2_hds_proto_enumTypes,
+		MessageInfos:      file_envoy_service_discovery_v2_hds_proto_msgTypes,
+	}.Build()
+	File_envoy_service_discovery_v2_hds_proto = out.File
+	file_envoy_service_discovery_v2_hds_proto_rawDesc = nil
+	file_envoy_service_discovery_v2_hds_proto_goTypes = nil
+	file_envoy_service_discovery_v2_hds_proto_depIdxs = nil
+}
+
+// Reference imports to suppress errors if they are not otherwise used.
+var _ context.Context
+var _ grpc.ClientConnInterface
+
+// This is a compile-time assertion to ensure that this generated file
+// is compatible with the grpc package it is being compiled against.
+const _ = grpc.SupportPackageIsVersion6
+
+// HealthDiscoveryServiceClient is the client API for HealthDiscoveryService service.
+//
+// For semantics around ctx use and closing/ending streaming RPCs, please refer to https://godoc.org/google.golang.org/grpc#ClientConn.NewStream.
+type HealthDiscoveryServiceClient interface {
+	// 1. Envoy starts up and if its can_healthcheck option in the static
+	//    bootstrap config is enabled, sends HealthCheckRequest to the management
+	//    server. It supplies its capabilities (which protocol it can health check
+	//    with, what zone it resides in, etc.).
+	// 2. In response to (1), the management server designates this Envoy as a
+	//    healthchecker to health check a subset of all upstream hosts for a given
+	//    cluster (for example upstream Host 1 and Host 2). It streams
+	//    HealthCheckSpecifier messages with cluster related configuration for all
+	//    clusters this Envoy is designated to health check. Subsequent
+	//    HealthCheckSpecifier message will be sent on changes to:
+	//    a. Endpoints to health checks
+	//    b. Per cluster configuration change
+	// 3. Envoy creates a health probe based on the HealthCheck config and sends
+	//    it to endpoint(ip:port) of Host 1 and 2. Based on the HealthCheck
+	//    configuration Envoy waits upon the arrival of the probe response and
+	//    looks at the content of the response to decide whether the endpoint is
+	//    healthy or not. If a response hasn't been received within the timeout
+	//    interval, the endpoint health status is considered TIMEOUT.
+	// 4. Envoy reports results back in an EndpointHealthResponse message.
+	//    Envoy streams responses as often as the interval configured by the
+	//    management server in HealthCheckSpecifier.
+	// 5. The management Server collects health statuses for all endpoints in the
+	//    cluster (for all clusters) and uses this information to construct
+	//    EndpointDiscoveryResponse messages.
+	// 6. Once Envoy has a list of upstream endpoints to send traffic to, it load
+	//    balances traffic to them without additional health checking. It may
+	//    use inline healthcheck (i.e. consider endpoint UNHEALTHY if connection
+	//    failed to a particular endpoint to account for health status propagation
+	//    delay between HDS and EDS).
+	// By default, can_healthcheck is true. If can_healthcheck is false, Cluster
+	// configuration may not contain HealthCheck message.
+	// TODO(htuch): How is can_healthcheck communicated to CDS to ensure the above
+	// invariant?
+	// TODO(htuch): Add @amb67's diagram.
+	StreamHealthCheck(ctx context.Context, opts ...grpc.CallOption) (HealthDiscoveryService_StreamHealthCheckClient, error)
+	// TODO(htuch): Unlike the gRPC version, there is no stream-based binding of
+	// request/response. Should we add an identifier to the HealthCheckSpecifier
+	// to bind with the response?
+	FetchHealthCheck(ctx context.Context, in *HealthCheckRequestOrEndpointHealthResponse, opts ...grpc.CallOption) (*HealthCheckSpecifier, error)
+}
+
+type healthDiscoveryServiceClient struct {
+	cc grpc.ClientConnInterface
+}
+
+func NewHealthDiscoveryServiceClient(cc grpc.ClientConnInterface) HealthDiscoveryServiceClient {
+	return &healthDiscoveryServiceClient{cc}
+}
+
+func (c *healthDiscoveryServiceClient) StreamHealthCheck(ctx context.Context, opts ...grpc.CallOption) (HealthDiscoveryService_StreamHealthCheckClient, error) {
+	stream, err := c.cc.NewStream(ctx, &_HealthDiscoveryService_serviceDesc.Streams[0], "/envoy.service.discovery.v2.HealthDiscoveryService/StreamHealthCheck", opts...)
+	if err != nil {
+		return nil, err
+	}
+	x := &healthDiscoveryServiceStreamHealthCheckClient{stream}
+	return x, nil
+}
+
+type HealthDiscoveryService_StreamHealthCheckClient interface {
+	Send(*HealthCheckRequestOrEndpointHealthResponse) error
+	Recv() (*HealthCheckSpecifier, error)
+	grpc.ClientStream
+}
+
+type healthDiscoveryServiceStreamHealthCheckClient struct {
+	grpc.ClientStream
+}
+
+func (x *healthDiscoveryServiceStreamHealthCheckClient) Send(m *HealthCheckRequestOrEndpointHealthResponse) error {
+	return x.ClientStream.SendMsg(m)
+}
+
+func (x *healthDiscoveryServiceStreamHealthCheckClient) Recv() (*HealthCheckSpecifier, error) {
+	m := new(HealthCheckSpecifier)
+	if err := x.ClientStream.RecvMsg(m); err != nil {
+		return nil, err
+	}
+	return m, nil
+}
+
+func (c *healthDiscoveryServiceClient) FetchHealthCheck(ctx context.Context, in *HealthCheckRequestOrEndpointHealthResponse, opts ...grpc.CallOption) (*HealthCheckSpecifier, error) {
+	out := new(HealthCheckSpecifier)
+	err := c.cc.Invoke(ctx, "/envoy.service.discovery.v2.HealthDiscoveryService/FetchHealthCheck", in, out, opts...)
+	if err != nil {
+		return nil, err
+	}
+	return out, nil
+}
+
+// HealthDiscoveryServiceServer is the server API for HealthDiscoveryService service.
+type HealthDiscoveryServiceServer interface {
+	// 1. Envoy starts up and if its can_healthcheck option in the static
+	//    bootstrap config is enabled, sends HealthCheckRequest to the management
+	//    server. It supplies its capabilities (which protocol it can health check
+	//    with, what zone it resides in, etc.).
+	// 2. In response to (1), the management server designates this Envoy as a
+	//    healthchecker to health check a subset of all upstream hosts for a given
+	//    cluster (for example upstream Host 1 and Host 2). It streams
+	//    HealthCheckSpecifier messages with cluster related configuration for all
+	//    clusters this Envoy is designated to health check. Subsequent
+	//    HealthCheckSpecifier message will be sent on changes to:
+	//    a. Endpoints to health checks
+	//    b. Per cluster configuration change
+	// 3. Envoy creates a health probe based on the HealthCheck config and sends
+	//    it to endpoint(ip:port) of Host 1 and 2. Based on the HealthCheck
+	//    configuration Envoy waits upon the arrival of the probe response and
+	//    looks at the content of the response to decide whether the endpoint is
+	//    healthy or not. If a response hasn't been received within the timeout
+	//    interval, the endpoint health status is considered TIMEOUT.
+	// 4. Envoy reports results back in an EndpointHealthResponse message.
+	//    Envoy streams responses as often as the interval configured by the
+	//    management server in HealthCheckSpecifier.
+	// 5. The management Server collects health statuses for all endpoints in the
+	//    cluster (for all clusters) and uses this information to construct
+	//    EndpointDiscoveryResponse messages.
+	// 6. Once Envoy has a list of upstream endpoints to send traffic to, it load
+	//    balances traffic to them without additional health checking. It may
+	//    use inline healthcheck (i.e. consider endpoint UNHEALTHY if connection
+	//    failed to a particular endpoint to account for health status propagation
+	//    delay between HDS and EDS).
+	// By default, can_healthcheck is true. If can_healthcheck is false, Cluster
+	// configuration may not contain HealthCheck message.
+	// TODO(htuch): How is can_healthcheck communicated to CDS to ensure the above
+	// invariant?
+	// TODO(htuch): Add @amb67's diagram.
+	StreamHealthCheck(HealthDiscoveryService_StreamHealthCheckServer) error
+	// TODO(htuch): Unlike the gRPC version, there is no stream-based binding of
+	// request/response. Should we add an identifier to the HealthCheckSpecifier
+	// to bind with the response?
+	FetchHealthCheck(context.Context, *HealthCheckRequestOrEndpointHealthResponse) (*HealthCheckSpecifier, error)
+}
+
+// UnimplementedHealthDiscoveryServiceServer can be embedded to have forward compatible implementations.
+type UnimplementedHealthDiscoveryServiceServer struct {
+}
+
+func (*UnimplementedHealthDiscoveryServiceServer) StreamHealthCheck(HealthDiscoveryService_StreamHealthCheckServer) error {
+	return status.Errorf(codes.Unimplemented, "method StreamHealthCheck not implemented")
+}
+func (*UnimplementedHealthDiscoveryServiceServer) FetchHealthCheck(context.Context, *HealthCheckRequestOrEndpointHealthResponse) (*HealthCheckSpecifier, error) {
+	return nil, status.Errorf(codes.Unimplemented, "method FetchHealthCheck not implemented")
+}
+
+func RegisterHealthDiscoveryServiceServer(s *grpc.Server, srv HealthDiscoveryServiceServer) {
+	s.RegisterService(&_HealthDiscoveryService_serviceDesc, srv)
+}
+
+func _HealthDiscoveryService_StreamHealthCheck_Handler(srv interface{}, stream grpc.ServerStream) error {
+	return srv.(HealthDiscoveryServiceServer).StreamHealthCheck(&healthDiscoveryServiceStreamHealthCheckServer{stream})
+}
+
+type HealthDiscoveryService_StreamHealthCheckServer interface {
+	Send(*HealthCheckSpecifier) error
+	Recv() (*HealthCheckRequestOrEndpointHealthResponse, error)
+	grpc.ServerStream
+}
+
+type healthDiscoveryServiceStreamHealthCheckServer struct {
+	grpc.ServerStream
+}
+
+func (x *healthDiscoveryServiceStreamHealthCheckServer) Send(m *HealthCheckSpecifier) error {
+	return x.ServerStream.SendMsg(m)
+}
+
+func (x *healthDiscoveryServiceStreamHealthCheckServer) Recv() (*HealthCheckRequestOrEndpointHealthResponse, error) {
+	m := new(HealthCheckRequestOrEndpointHealthResponse)
+	if err := x.ServerStream.RecvMsg(m); err != nil {
+		return nil, err
+	}
+	return m, nil
+}
+
+func _HealthDiscoveryService_FetchHealthCheck_Handler(srv interface{}, ctx context.Context, dec func(interface{}) error, interceptor grpc.UnaryServerInterceptor) (interface{}, error) {
+	in := new(HealthCheckRequestOrEndpointHealthResponse)
+	if err := dec(in); err != nil {
+		return nil, err
+	}
+	if interceptor == nil {
+		return srv.(HealthDiscoveryServiceServer).FetchHealthCheck(ctx, in)
+	}
+	info := &grpc.UnaryServerInfo{
+		Server:     srv,
+		FullMethod: "/envoy.service.discovery.v2.HealthDiscoveryService/FetchHealthCheck",
+	}
+	handler := func(ctx context.Context, req interface{}) (interface{}, error) {
+		return srv.(HealthDiscoveryServiceServer).FetchHealthCheck(ctx, req.(*HealthCheckRequestOrEndpointHealthResponse))
+	}
+	return interceptor(ctx, in, info, handler)
+}
+
+var _HealthDiscoveryService_serviceDesc = grpc.ServiceDesc{
+	ServiceName: "envoy.service.discovery.v2.HealthDiscoveryService",
+	HandlerType: (*HealthDiscoveryServiceServer)(nil),
+	Methods: []grpc.MethodDesc{
+		{
+			MethodName: "FetchHealthCheck",
+			Handler:    _HealthDiscoveryService_FetchHealthCheck_Handler,
+		},
+	},
+	Streams: []grpc.StreamDesc{
+		{
+			StreamName:    "StreamHealthCheck",
+			Handler:       _HealthDiscoveryService_StreamHealthCheck_Handler,
+			ServerStreams: true,
+			ClientStreams: true,
+		},
+	},
+	Metadata: "envoy/service/discovery/v2/hds.proto",
+}
diff --git a/vendor/github.com/envoyproxy/go-control-plane/envoy/service/discovery/v2/hds.pb.validate.go b/vendor/github.com/envoyproxy/go-control-plane/envoy/service/discovery/v2/hds.pb.validate.go
new file mode 100644
index 00000000000..46fc85ee29f
--- /dev/null
+++ b/vendor/github.com/envoyproxy/go-control-plane/envoy/service/discovery/v2/hds.pb.validate.go
@@ -0,0 +1,1232 @@
+// Code generated by protoc-gen-validate. DO NOT EDIT.
+// source: envoy/service/discovery/v2/hds.proto
+
+package envoy_service_discovery_v2
+
+import (
+	"bytes"
+	"errors"
+	"fmt"
+	"net"
+	"net/mail"
+	"net/url"
+	"regexp"
+	"sort"
+	"strings"
+	"time"
+	"unicode/utf8"
+
+	"google.golang.org/protobuf/types/known/anypb"
+
+	core "github.com/envoyproxy/go-control-plane/envoy/api/v2/core"
+)
+
+// ensure the imports are used
+var (
+	_ = bytes.MinRead
+	_ = errors.New("")
+	_ = fmt.Print
+	_ = utf8.UTFMax
+	_ = (*regexp.Regexp)(nil)
+	_ = (*strings.Reader)(nil)
+	_ = net.IPv4len
+	_ = time.Duration(0)
+	_ = (*url.URL)(nil)
+	_ = (*mail.Address)(nil)
+	_ = anypb.Any{}
+	_ = sort.Sort
+
+	_ = core.HealthStatus(0)
+)
+
+// Validate checks the field values on Capability with the rules defined in the
+// proto definition for this message. If any rules are violated, the first
+// error encountered is returned, or nil if there are no violations.
+func (m *Capability) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on Capability with the rules defined in
+// the proto definition for this message. If any rules are violated, the
+// result is a list of violation errors wrapped in CapabilityMultiError, or
+// nil if none found.
+func (m *Capability) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *Capability) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	if len(errors) > 0 {
+		return CapabilityMultiError(errors)
+	}
+	return nil
+}
+
+// CapabilityMultiError is an error wrapping multiple validation errors
+// returned by Capability.ValidateAll() if the designated constraints aren't met.
+type CapabilityMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m CapabilityMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m CapabilityMultiError) AllErrors() []error { return m }
+
+// CapabilityValidationError is the validation error returned by
+// Capability.Validate if the designated constraints aren't met.
+type CapabilityValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e CapabilityValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e CapabilityValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e CapabilityValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e CapabilityValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e CapabilityValidationError) ErrorName() string { return "CapabilityValidationError" }
+
+// Error satisfies the builtin error interface
+func (e CapabilityValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sCapability.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = CapabilityValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = CapabilityValidationError{}
+
+// Validate checks the field values on HealthCheckRequest with the rules
+// defined in the proto definition for this message. If any rules are
+// violated, the first error encountered is returned, or nil if there are no violations.
+func (m *HealthCheckRequest) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on HealthCheckRequest with the rules
+// defined in the proto definition for this message. If any rules are
+// violated, the result is a list of violation errors wrapped in
+// HealthCheckRequestMultiError, or nil if none found.
+func (m *HealthCheckRequest) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *HealthCheckRequest) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	if all {
+		switch v := interface{}(m.GetNode()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, HealthCheckRequestValidationError{
+					field:  "Node",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, HealthCheckRequestValidationError{
+					field:  "Node",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetNode()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return HealthCheckRequestValidationError{
+				field:  "Node",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if all {
+		switch v := interface{}(m.GetCapability()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, HealthCheckRequestValidationError{
+					field:  "Capability",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, HealthCheckRequestValidationError{
+					field:  "Capability",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetCapability()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return HealthCheckRequestValidationError{
+				field:  "Capability",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if len(errors) > 0 {
+		return HealthCheckRequestMultiError(errors)
+	}
+	return nil
+}
+
+// HealthCheckRequestMultiError is an error wrapping multiple validation errors
+// returned by HealthCheckRequest.ValidateAll() if the designated constraints
+// aren't met.
+type HealthCheckRequestMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m HealthCheckRequestMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m HealthCheckRequestMultiError) AllErrors() []error { return m }
+
+// HealthCheckRequestValidationError is the validation error returned by
+// HealthCheckRequest.Validate if the designated constraints aren't met.
+type HealthCheckRequestValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e HealthCheckRequestValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e HealthCheckRequestValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e HealthCheckRequestValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e HealthCheckRequestValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e HealthCheckRequestValidationError) ErrorName() string {
+	return "HealthCheckRequestValidationError"
+}
+
+// Error satisfies the builtin error interface
+func (e HealthCheckRequestValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sHealthCheckRequest.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = HealthCheckRequestValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = HealthCheckRequestValidationError{}
+
+// Validate checks the field values on EndpointHealth with the rules defined in
+// the proto definition for this message. If any rules are violated, the first
+// error encountered is returned, or nil if there are no violations.
+func (m *EndpointHealth) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on EndpointHealth with the rules defined
+// in the proto definition for this message. If any rules are violated, the
+// result is a list of violation errors wrapped in EndpointHealthMultiError,
+// or nil if none found.
+func (m *EndpointHealth) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *EndpointHealth) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	if all {
+		switch v := interface{}(m.GetEndpoint()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, EndpointHealthValidationError{
+					field:  "Endpoint",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, EndpointHealthValidationError{
+					field:  "Endpoint",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetEndpoint()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return EndpointHealthValidationError{
+				field:  "Endpoint",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	// no validation rules for HealthStatus
+
+	if len(errors) > 0 {
+		return EndpointHealthMultiError(errors)
+	}
+	return nil
+}
+
+// EndpointHealthMultiError is an error wrapping multiple validation errors
+// returned by EndpointHealth.ValidateAll() if the designated constraints
+// aren't met.
+type EndpointHealthMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m EndpointHealthMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m EndpointHealthMultiError) AllErrors() []error { return m }
+
+// EndpointHealthValidationError is the validation error returned by
+// EndpointHealth.Validate if the designated constraints aren't met.
+type EndpointHealthValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e EndpointHealthValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e EndpointHealthValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e EndpointHealthValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e EndpointHealthValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e EndpointHealthValidationError) ErrorName() string { return "EndpointHealthValidationError" }
+
+// Error satisfies the builtin error interface
+func (e EndpointHealthValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sEndpointHealth.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = EndpointHealthValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = EndpointHealthValidationError{}
+
+// Validate checks the field values on EndpointHealthResponse with the rules
+// defined in the proto definition for this message. If any rules are
+// violated, the first error encountered is returned, or nil if there are no violations.
+func (m *EndpointHealthResponse) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on EndpointHealthResponse with the rules
+// defined in the proto definition for this message. If any rules are
+// violated, the result is a list of violation errors wrapped in
+// EndpointHealthResponseMultiError, or nil if none found.
+func (m *EndpointHealthResponse) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *EndpointHealthResponse) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	for idx, item := range m.GetEndpointsHealth() {
+		_, _ = idx, item
+
+		if all {
+			switch v := interface{}(item).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, EndpointHealthResponseValidationError{
+						field:  fmt.Sprintf("EndpointsHealth[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, EndpointHealthResponseValidationError{
+						field:  fmt.Sprintf("EndpointsHealth[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(item).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return EndpointHealthResponseValidationError{
+					field:  fmt.Sprintf("EndpointsHealth[%v]", idx),
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	}
+
+	if len(errors) > 0 {
+		return EndpointHealthResponseMultiError(errors)
+	}
+	return nil
+}
+
+// EndpointHealthResponseMultiError is an error wrapping multiple validation
+// errors returned by EndpointHealthResponse.ValidateAll() if the designated
+// constraints aren't met.
+type EndpointHealthResponseMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m EndpointHealthResponseMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m EndpointHealthResponseMultiError) AllErrors() []error { return m }
+
+// EndpointHealthResponseValidationError is the validation error returned by
+// EndpointHealthResponse.Validate if the designated constraints aren't met.
+type EndpointHealthResponseValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e EndpointHealthResponseValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e EndpointHealthResponseValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e EndpointHealthResponseValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e EndpointHealthResponseValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e EndpointHealthResponseValidationError) ErrorName() string {
+	return "EndpointHealthResponseValidationError"
+}
+
+// Error satisfies the builtin error interface
+func (e EndpointHealthResponseValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sEndpointHealthResponse.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = EndpointHealthResponseValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = EndpointHealthResponseValidationError{}
+
+// Validate checks the field values on
+// HealthCheckRequestOrEndpointHealthResponse with the rules defined in the
+// proto definition for this message. If any rules are violated, the first
+// error encountered is returned, or nil if there are no violations.
+func (m *HealthCheckRequestOrEndpointHealthResponse) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on
+// HealthCheckRequestOrEndpointHealthResponse with the rules defined in the
+// proto definition for this message. If any rules are violated, the result is
+// a list of violation errors wrapped in
+// HealthCheckRequestOrEndpointHealthResponseMultiError, or nil if none found.
+func (m *HealthCheckRequestOrEndpointHealthResponse) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *HealthCheckRequestOrEndpointHealthResponse) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	switch m.RequestType.(type) {
+
+	case *HealthCheckRequestOrEndpointHealthResponse_HealthCheckRequest:
+
+		if all {
+			switch v := interface{}(m.GetHealthCheckRequest()).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, HealthCheckRequestOrEndpointHealthResponseValidationError{
+						field:  "HealthCheckRequest",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, HealthCheckRequestOrEndpointHealthResponseValidationError{
+						field:  "HealthCheckRequest",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(m.GetHealthCheckRequest()).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return HealthCheckRequestOrEndpointHealthResponseValidationError{
+					field:  "HealthCheckRequest",
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	case *HealthCheckRequestOrEndpointHealthResponse_EndpointHealthResponse:
+
+		if all {
+			switch v := interface{}(m.GetEndpointHealthResponse()).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, HealthCheckRequestOrEndpointHealthResponseValidationError{
+						field:  "EndpointHealthResponse",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, HealthCheckRequestOrEndpointHealthResponseValidationError{
+						field:  "EndpointHealthResponse",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(m.GetEndpointHealthResponse()).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return HealthCheckRequestOrEndpointHealthResponseValidationError{
+					field:  "EndpointHealthResponse",
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	}
+
+	if len(errors) > 0 {
+		return HealthCheckRequestOrEndpointHealthResponseMultiError(errors)
+	}
+	return nil
+}
+
+// HealthCheckRequestOrEndpointHealthResponseMultiError is an error wrapping
+// multiple validation errors returned by
+// HealthCheckRequestOrEndpointHealthResponse.ValidateAll() if the designated
+// constraints aren't met.
+type HealthCheckRequestOrEndpointHealthResponseMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m HealthCheckRequestOrEndpointHealthResponseMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m HealthCheckRequestOrEndpointHealthResponseMultiError) AllErrors() []error { return m }
+
+// HealthCheckRequestOrEndpointHealthResponseValidationError is the validation
+// error returned by HealthCheckRequestOrEndpointHealthResponse.Validate if
+// the designated constraints aren't met.
+type HealthCheckRequestOrEndpointHealthResponseValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e HealthCheckRequestOrEndpointHealthResponseValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e HealthCheckRequestOrEndpointHealthResponseValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e HealthCheckRequestOrEndpointHealthResponseValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e HealthCheckRequestOrEndpointHealthResponseValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e HealthCheckRequestOrEndpointHealthResponseValidationError) ErrorName() string {
+	return "HealthCheckRequestOrEndpointHealthResponseValidationError"
+}
+
+// Error satisfies the builtin error interface
+func (e HealthCheckRequestOrEndpointHealthResponseValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sHealthCheckRequestOrEndpointHealthResponse.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = HealthCheckRequestOrEndpointHealthResponseValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = HealthCheckRequestOrEndpointHealthResponseValidationError{}
+
+// Validate checks the field values on LocalityEndpoints with the rules defined
+// in the proto definition for this message. If any rules are violated, the
+// first error encountered is returned, or nil if there are no violations.
+func (m *LocalityEndpoints) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on LocalityEndpoints with the rules
+// defined in the proto definition for this message. If any rules are
+// violated, the result is a list of violation errors wrapped in
+// LocalityEndpointsMultiError, or nil if none found.
+func (m *LocalityEndpoints) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *LocalityEndpoints) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	if all {
+		switch v := interface{}(m.GetLocality()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, LocalityEndpointsValidationError{
+					field:  "Locality",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, LocalityEndpointsValidationError{
+					field:  "Locality",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetLocality()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return LocalityEndpointsValidationError{
+				field:  "Locality",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	for idx, item := range m.GetEndpoints() {
+		_, _ = idx, item
+
+		if all {
+			switch v := interface{}(item).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, LocalityEndpointsValidationError{
+						field:  fmt.Sprintf("Endpoints[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, LocalityEndpointsValidationError{
+						field:  fmt.Sprintf("Endpoints[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(item).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return LocalityEndpointsValidationError{
+					field:  fmt.Sprintf("Endpoints[%v]", idx),
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	}
+
+	if len(errors) > 0 {
+		return LocalityEndpointsMultiError(errors)
+	}
+	return nil
+}
+
+// LocalityEndpointsMultiError is an error wrapping multiple validation errors
+// returned by LocalityEndpoints.ValidateAll() if the designated constraints
+// aren't met.
+type LocalityEndpointsMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m LocalityEndpointsMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m LocalityEndpointsMultiError) AllErrors() []error { return m }
+
+// LocalityEndpointsValidationError is the validation error returned by
+// LocalityEndpoints.Validate if the designated constraints aren't met.
+type LocalityEndpointsValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e LocalityEndpointsValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e LocalityEndpointsValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e LocalityEndpointsValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e LocalityEndpointsValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e LocalityEndpointsValidationError) ErrorName() string {
+	return "LocalityEndpointsValidationError"
+}
+
+// Error satisfies the builtin error interface
+func (e LocalityEndpointsValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sLocalityEndpoints.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = LocalityEndpointsValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = LocalityEndpointsValidationError{}
+
+// Validate checks the field values on ClusterHealthCheck with the rules
+// defined in the proto definition for this message. If any rules are
+// violated, the first error encountered is returned, or nil if there are no violations.
+func (m *ClusterHealthCheck) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on ClusterHealthCheck with the rules
+// defined in the proto definition for this message. If any rules are
+// violated, the result is a list of violation errors wrapped in
+// ClusterHealthCheckMultiError, or nil if none found.
+func (m *ClusterHealthCheck) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *ClusterHealthCheck) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	// no validation rules for ClusterName
+
+	for idx, item := range m.GetHealthChecks() {
+		_, _ = idx, item
+
+		if all {
+			switch v := interface{}(item).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, ClusterHealthCheckValidationError{
+						field:  fmt.Sprintf("HealthChecks[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, ClusterHealthCheckValidationError{
+						field:  fmt.Sprintf("HealthChecks[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(item).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return ClusterHealthCheckValidationError{
+					field:  fmt.Sprintf("HealthChecks[%v]", idx),
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	}
+
+	for idx, item := range m.GetLocalityEndpoints() {
+		_, _ = idx, item
+
+		if all {
+			switch v := interface{}(item).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, ClusterHealthCheckValidationError{
+						field:  fmt.Sprintf("LocalityEndpoints[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, ClusterHealthCheckValidationError{
+						field:  fmt.Sprintf("LocalityEndpoints[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(item).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return ClusterHealthCheckValidationError{
+					field:  fmt.Sprintf("LocalityEndpoints[%v]", idx),
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	}
+
+	if len(errors) > 0 {
+		return ClusterHealthCheckMultiError(errors)
+	}
+	return nil
+}
+
+// ClusterHealthCheckMultiError is an error wrapping multiple validation errors
+// returned by ClusterHealthCheck.ValidateAll() if the designated constraints
+// aren't met.
+type ClusterHealthCheckMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m ClusterHealthCheckMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m ClusterHealthCheckMultiError) AllErrors() []error { return m }
+
+// ClusterHealthCheckValidationError is the validation error returned by
+// ClusterHealthCheck.Validate if the designated constraints aren't met.
+type ClusterHealthCheckValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e ClusterHealthCheckValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e ClusterHealthCheckValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e ClusterHealthCheckValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e ClusterHealthCheckValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e ClusterHealthCheckValidationError) ErrorName() string {
+	return "ClusterHealthCheckValidationError"
+}
+
+// Error satisfies the builtin error interface
+func (e ClusterHealthCheckValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sClusterHealthCheck.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = ClusterHealthCheckValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = ClusterHealthCheckValidationError{}
+
+// Validate checks the field values on HealthCheckSpecifier with the rules
+// defined in the proto definition for this message. If any rules are
+// violated, the first error encountered is returned, or nil if there are no violations.
+func (m *HealthCheckSpecifier) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on HealthCheckSpecifier with the rules
+// defined in the proto definition for this message. If any rules are
+// violated, the result is a list of violation errors wrapped in
+// HealthCheckSpecifierMultiError, or nil if none found.
+func (m *HealthCheckSpecifier) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *HealthCheckSpecifier) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	for idx, item := range m.GetClusterHealthChecks() {
+		_, _ = idx, item
+
+		if all {
+			switch v := interface{}(item).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, HealthCheckSpecifierValidationError{
+						field:  fmt.Sprintf("ClusterHealthChecks[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, HealthCheckSpecifierValidationError{
+						field:  fmt.Sprintf("ClusterHealthChecks[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(item).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return HealthCheckSpecifierValidationError{
+					field:  fmt.Sprintf("ClusterHealthChecks[%v]", idx),
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	}
+
+	if all {
+		switch v := interface{}(m.GetInterval()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, HealthCheckSpecifierValidationError{
+					field:  "Interval",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, HealthCheckSpecifierValidationError{
+					field:  "Interval",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetInterval()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return HealthCheckSpecifierValidationError{
+				field:  "Interval",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if len(errors) > 0 {
+		return HealthCheckSpecifierMultiError(errors)
+	}
+	return nil
+}
+
+// HealthCheckSpecifierMultiError is an error wrapping multiple validation
+// errors returned by HealthCheckSpecifier.ValidateAll() if the designated
+// constraints aren't met.
+type HealthCheckSpecifierMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m HealthCheckSpecifierMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m HealthCheckSpecifierMultiError) AllErrors() []error { return m }
+
+// HealthCheckSpecifierValidationError is the validation error returned by
+// HealthCheckSpecifier.Validate if the designated constraints aren't met.
+type HealthCheckSpecifierValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e HealthCheckSpecifierValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e HealthCheckSpecifierValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e HealthCheckSpecifierValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e HealthCheckSpecifierValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e HealthCheckSpecifierValidationError) ErrorName() string {
+	return "HealthCheckSpecifierValidationError"
+}
+
+// Error satisfies the builtin error interface
+func (e HealthCheckSpecifierValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sHealthCheckSpecifier.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = HealthCheckSpecifierValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = HealthCheckSpecifierValidationError{}
diff --git a/vendor/github.com/envoyproxy/go-control-plane/envoy/service/discovery/v2/rtds.pb.go b/vendor/github.com/envoyproxy/go-control-plane/envoy/service/discovery/v2/rtds.pb.go
new file mode 100644
index 00000000000..e875a22e2b7
--- /dev/null
+++ b/vendor/github.com/envoyproxy/go-control-plane/envoy/service/discovery/v2/rtds.pb.go
@@ -0,0 +1,499 @@
+// Code generated by protoc-gen-go. DO NOT EDIT.
+// versions:
+// 	protoc-gen-go v1.25.0
+// 	protoc        v3.19.1
+// source: envoy/service/discovery/v2/rtds.proto
+
+package envoy_service_discovery_v2
+
+import (
+	context "context"
+	_ "github.com/cncf/xds/go/udpa/annotations"
+	_ "github.com/envoyproxy/go-control-plane/envoy/annotations"
+	v2 "github.com/envoyproxy/go-control-plane/envoy/api/v2"
+	_ "github.com/envoyproxy/protoc-gen-validate/validate"
+	proto "github.com/golang/protobuf/proto"
+	_struct "github.com/golang/protobuf/ptypes/struct"
+	_ "google.golang.org/genproto/googleapis/api/annotations"
+	grpc "google.golang.org/grpc"
+	codes "google.golang.org/grpc/codes"
+	status "google.golang.org/grpc/status"
+	protoreflect "google.golang.org/protobuf/reflect/protoreflect"
+	protoimpl "google.golang.org/protobuf/runtime/protoimpl"
+	reflect "reflect"
+	sync "sync"
+)
+
+const (
+	// Verify that this generated code is sufficiently up-to-date.
+	_ = protoimpl.EnforceVersion(20 - protoimpl.MinVersion)
+	// Verify that runtime/protoimpl is sufficiently up-to-date.
+	_ = protoimpl.EnforceVersion(protoimpl.MaxVersion - 20)
+)
+
+// This is a compile-time assertion that a sufficiently up-to-date version
+// of the legacy proto package is being used.
+const _ = proto.ProtoPackageIsVersion4
+
+// [#not-implemented-hide:] Not configuration. Workaround c++ protobuf issue with importing
+// services: https://github.com/google/protobuf/issues/4221
+type RtdsDummy struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+}
+
+func (x *RtdsDummy) Reset() {
+	*x = RtdsDummy{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_service_discovery_v2_rtds_proto_msgTypes[0]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *RtdsDummy) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*RtdsDummy) ProtoMessage() {}
+
+func (x *RtdsDummy) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_service_discovery_v2_rtds_proto_msgTypes[0]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use RtdsDummy.ProtoReflect.Descriptor instead.
+func (*RtdsDummy) Descriptor() ([]byte, []int) {
+	return file_envoy_service_discovery_v2_rtds_proto_rawDescGZIP(), []int{0}
+}
+
+// RTDS resource type. This describes a layer in the runtime virtual filesystem.
+type Runtime struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// Runtime resource name. This makes the Runtime a self-describing xDS
+	// resource.
+	Name  string          `protobuf:"bytes,1,opt,name=name,proto3" json:"name,omitempty"`
+	Layer *_struct.Struct `protobuf:"bytes,2,opt,name=layer,proto3" json:"layer,omitempty"`
+}
+
+func (x *Runtime) Reset() {
+	*x = Runtime{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_service_discovery_v2_rtds_proto_msgTypes[1]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *Runtime) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*Runtime) ProtoMessage() {}
+
+func (x *Runtime) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_service_discovery_v2_rtds_proto_msgTypes[1]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use Runtime.ProtoReflect.Descriptor instead.
+func (*Runtime) Descriptor() ([]byte, []int) {
+	return file_envoy_service_discovery_v2_rtds_proto_rawDescGZIP(), []int{1}
+}
+
+func (x *Runtime) GetName() string {
+	if x != nil {
+		return x.Name
+	}
+	return ""
+}
+
+func (x *Runtime) GetLayer() *_struct.Struct {
+	if x != nil {
+		return x.Layer
+	}
+	return nil
+}
+
+var File_envoy_service_discovery_v2_rtds_proto protoreflect.FileDescriptor
+
+var file_envoy_service_discovery_v2_rtds_proto_rawDesc = []byte{
+	0x0a, 0x25, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2f, 0x73, 0x65, 0x72, 0x76, 0x69, 0x63, 0x65, 0x2f,
+	0x64, 0x69, 0x73, 0x63, 0x6f, 0x76, 0x65, 0x72, 0x79, 0x2f, 0x76, 0x32, 0x2f, 0x72, 0x74, 0x64,
+	0x73, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x12, 0x1a, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x73,
+	0x65, 0x72, 0x76, 0x69, 0x63, 0x65, 0x2e, 0x64, 0x69, 0x73, 0x63, 0x6f, 0x76, 0x65, 0x72, 0x79,
+	0x2e, 0x76, 0x32, 0x1a, 0x1c, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2f, 0x61, 0x70, 0x69, 0x2f, 0x76,
+	0x32, 0x2f, 0x64, 0x69, 0x73, 0x63, 0x6f, 0x76, 0x65, 0x72, 0x79, 0x2e, 0x70, 0x72, 0x6f, 0x74,
+	0x6f, 0x1a, 0x1c, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2f, 0x61, 0x70, 0x69, 0x2f, 0x61, 0x6e,
+	0x6e, 0x6f, 0x74, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a,
+	0x1c, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2f, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66,
+	0x2f, 0x73, 0x74, 0x72, 0x75, 0x63, 0x74, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x20, 0x65,
+	0x6e, 0x76, 0x6f, 0x79, 0x2f, 0x61, 0x6e, 0x6e, 0x6f, 0x74, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x73,
+	0x2f, 0x72, 0x65, 0x73, 0x6f, 0x75, 0x72, 0x63, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a,
+	0x1e, 0x75, 0x64, 0x70, 0x61, 0x2f, 0x61, 0x6e, 0x6e, 0x6f, 0x74, 0x61, 0x74, 0x69, 0x6f, 0x6e,
+	0x73, 0x2f, 0x6d, 0x69, 0x67, 0x72, 0x61, 0x74, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a,
+	0x1d, 0x75, 0x64, 0x70, 0x61, 0x2f, 0x61, 0x6e, 0x6e, 0x6f, 0x74, 0x61, 0x74, 0x69, 0x6f, 0x6e,
+	0x73, 0x2f, 0x73, 0x74, 0x61, 0x74, 0x75, 0x73, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x17,
+	0x76, 0x61, 0x6c, 0x69, 0x64, 0x61, 0x74, 0x65, 0x2f, 0x76, 0x61, 0x6c, 0x69, 0x64, 0x61, 0x74,
+	0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x22, 0x0b, 0x0a, 0x09, 0x52, 0x74, 0x64, 0x73, 0x44,
+	0x75, 0x6d, 0x6d, 0x79, 0x22, 0x55, 0x0a, 0x07, 0x52, 0x75, 0x6e, 0x74, 0x69, 0x6d, 0x65, 0x12,
+	0x1b, 0x0a, 0x04, 0x6e, 0x61, 0x6d, 0x65, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x42, 0x07, 0xfa,
+	0x42, 0x04, 0x72, 0x02, 0x20, 0x01, 0x52, 0x04, 0x6e, 0x61, 0x6d, 0x65, 0x12, 0x2d, 0x0a, 0x05,
+	0x6c, 0x61, 0x79, 0x65, 0x72, 0x18, 0x02, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x17, 0x2e, 0x67, 0x6f,
+	0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x53, 0x74,
+	0x72, 0x75, 0x63, 0x74, 0x52, 0x05, 0x6c, 0x61, 0x79, 0x65, 0x72, 0x32, 0xf7, 0x02, 0x0a, 0x17,
+	0x52, 0x75, 0x6e, 0x74, 0x69, 0x6d, 0x65, 0x44, 0x69, 0x73, 0x63, 0x6f, 0x76, 0x65, 0x72, 0x79,
+	0x53, 0x65, 0x72, 0x76, 0x69, 0x63, 0x65, 0x12, 0x56, 0x0a, 0x0d, 0x53, 0x74, 0x72, 0x65, 0x61,
+	0x6d, 0x52, 0x75, 0x6e, 0x74, 0x69, 0x6d, 0x65, 0x12, 0x1e, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79,
+	0x2e, 0x61, 0x70, 0x69, 0x2e, 0x76, 0x32, 0x2e, 0x44, 0x69, 0x73, 0x63, 0x6f, 0x76, 0x65, 0x72,
+	0x79, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, 0x1f, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79,
+	0x2e, 0x61, 0x70, 0x69, 0x2e, 0x76, 0x32, 0x2e, 0x44, 0x69, 0x73, 0x63, 0x6f, 0x76, 0x65, 0x72,
+	0x79, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x22, 0x00, 0x28, 0x01, 0x30, 0x01, 0x12,
+	0x5f, 0x0a, 0x0c, 0x44, 0x65, 0x6c, 0x74, 0x61, 0x52, 0x75, 0x6e, 0x74, 0x69, 0x6d, 0x65, 0x12,
+	0x23, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x76, 0x32, 0x2e, 0x44,
+	0x65, 0x6c, 0x74, 0x61, 0x44, 0x69, 0x73, 0x63, 0x6f, 0x76, 0x65, 0x72, 0x79, 0x52, 0x65, 0x71,
+	0x75, 0x65, 0x73, 0x74, 0x1a, 0x24, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61, 0x70, 0x69,
+	0x2e, 0x76, 0x32, 0x2e, 0x44, 0x65, 0x6c, 0x74, 0x61, 0x44, 0x69, 0x73, 0x63, 0x6f, 0x76, 0x65,
+	0x72, 0x79, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x22, 0x00, 0x28, 0x01, 0x30, 0x01,
+	0x12, 0x77, 0x0a, 0x0c, 0x46, 0x65, 0x74, 0x63, 0x68, 0x52, 0x75, 0x6e, 0x74, 0x69, 0x6d, 0x65,
+	0x12, 0x1e, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x76, 0x32, 0x2e,
+	0x44, 0x69, 0x73, 0x63, 0x6f, 0x76, 0x65, 0x72, 0x79, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74,
+	0x1a, 0x1f, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x76, 0x32, 0x2e,
+	0x44, 0x69, 0x73, 0x63, 0x6f, 0x76, 0x65, 0x72, 0x79, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73,
+	0x65, 0x22, 0x26, 0x82, 0xd3, 0xe4, 0x93, 0x02, 0x17, 0x22, 0x15, 0x2f, 0x76, 0x32, 0x2f, 0x64,
+	0x69, 0x73, 0x63, 0x6f, 0x76, 0x65, 0x72, 0x79, 0x3a, 0x72, 0x75, 0x6e, 0x74, 0x69, 0x6d, 0x65,
+	0x82, 0xd3, 0xe4, 0x93, 0x02, 0x03, 0x3a, 0x01, 0x2a, 0x1a, 0x2a, 0x8a, 0xa4, 0x96, 0xf3, 0x07,
+	0x24, 0x0a, 0x22, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x73, 0x65, 0x72, 0x76, 0x69, 0x63, 0x65,
+	0x2e, 0x64, 0x69, 0x73, 0x63, 0x6f, 0x76, 0x65, 0x72, 0x79, 0x2e, 0x76, 0x32, 0x2e, 0x52, 0x75,
+	0x6e, 0x74, 0x69, 0x6d, 0x65, 0x42, 0x62, 0x0a, 0x28, 0x69, 0x6f, 0x2e, 0x65, 0x6e, 0x76, 0x6f,
+	0x79, 0x70, 0x72, 0x6f, 0x78, 0x79, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x73, 0x65, 0x72,
+	0x76, 0x69, 0x63, 0x65, 0x2e, 0x64, 0x69, 0x73, 0x63, 0x6f, 0x76, 0x65, 0x72, 0x79, 0x2e, 0x76,
+	0x32, 0x42, 0x09, 0x52, 0x74, 0x64, 0x73, 0x50, 0x72, 0x6f, 0x74, 0x6f, 0x50, 0x01, 0x88, 0x01,
+	0x01, 0xf2, 0x98, 0xfe, 0x8f, 0x05, 0x1a, 0x12, 0x18, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x73,
+	0x65, 0x72, 0x76, 0x69, 0x63, 0x65, 0x2e, 0x72, 0x75, 0x6e, 0x74, 0x69, 0x6d, 0x65, 0x2e, 0x76,
+	0x33, 0xba, 0x80, 0xc8, 0xd1, 0x06, 0x02, 0x10, 0x01, 0x62, 0x06, 0x70, 0x72, 0x6f, 0x74, 0x6f,
+	0x33,
+}
+
+var (
+	file_envoy_service_discovery_v2_rtds_proto_rawDescOnce sync.Once
+	file_envoy_service_discovery_v2_rtds_proto_rawDescData = file_envoy_service_discovery_v2_rtds_proto_rawDesc
+)
+
+func file_envoy_service_discovery_v2_rtds_proto_rawDescGZIP() []byte {
+	file_envoy_service_discovery_v2_rtds_proto_rawDescOnce.Do(func() {
+		file_envoy_service_discovery_v2_rtds_proto_rawDescData = protoimpl.X.CompressGZIP(file_envoy_service_discovery_v2_rtds_proto_rawDescData)
+	})
+	return file_envoy_service_discovery_v2_rtds_proto_rawDescData
+}
+
+var file_envoy_service_discovery_v2_rtds_proto_msgTypes = make([]protoimpl.MessageInfo, 2)
+var file_envoy_service_discovery_v2_rtds_proto_goTypes = []interface{}{
+	(*RtdsDummy)(nil),                 // 0: envoy.service.discovery.v2.RtdsDummy
+	(*Runtime)(nil),                   // 1: envoy.service.discovery.v2.Runtime
+	(*_struct.Struct)(nil),            // 2: google.protobuf.Struct
+	(*v2.DiscoveryRequest)(nil),       // 3: envoy.api.v2.DiscoveryRequest
+	(*v2.DeltaDiscoveryRequest)(nil),  // 4: envoy.api.v2.DeltaDiscoveryRequest
+	(*v2.DiscoveryResponse)(nil),      // 5: envoy.api.v2.DiscoveryResponse
+	(*v2.DeltaDiscoveryResponse)(nil), // 6: envoy.api.v2.DeltaDiscoveryResponse
+}
+var file_envoy_service_discovery_v2_rtds_proto_depIdxs = []int32{
+	2, // 0: envoy.service.discovery.v2.Runtime.layer:type_name -> google.protobuf.Struct
+	3, // 1: envoy.service.discovery.v2.RuntimeDiscoveryService.StreamRuntime:input_type -> envoy.api.v2.DiscoveryRequest
+	4, // 2: envoy.service.discovery.v2.RuntimeDiscoveryService.DeltaRuntime:input_type -> envoy.api.v2.DeltaDiscoveryRequest
+	3, // 3: envoy.service.discovery.v2.RuntimeDiscoveryService.FetchRuntime:input_type -> envoy.api.v2.DiscoveryRequest
+	5, // 4: envoy.service.discovery.v2.RuntimeDiscoveryService.StreamRuntime:output_type -> envoy.api.v2.DiscoveryResponse
+	6, // 5: envoy.service.discovery.v2.RuntimeDiscoveryService.DeltaRuntime:output_type -> envoy.api.v2.DeltaDiscoveryResponse
+	5, // 6: envoy.service.discovery.v2.RuntimeDiscoveryService.FetchRuntime:output_type -> envoy.api.v2.DiscoveryResponse
+	4, // [4:7] is the sub-list for method output_type
+	1, // [1:4] is the sub-list for method input_type
+	1, // [1:1] is the sub-list for extension type_name
+	1, // [1:1] is the sub-list for extension extendee
+	0, // [0:1] is the sub-list for field type_name
+}
+
+func init() { file_envoy_service_discovery_v2_rtds_proto_init() }
+func file_envoy_service_discovery_v2_rtds_proto_init() {
+	if File_envoy_service_discovery_v2_rtds_proto != nil {
+		return
+	}
+	if !protoimpl.UnsafeEnabled {
+		file_envoy_service_discovery_v2_rtds_proto_msgTypes[0].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*RtdsDummy); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_service_discovery_v2_rtds_proto_msgTypes[1].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*Runtime); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+	}
+	type x struct{}
+	out := protoimpl.TypeBuilder{
+		File: protoimpl.DescBuilder{
+			GoPackagePath: reflect.TypeOf(x{}).PkgPath(),
+			RawDescriptor: file_envoy_service_discovery_v2_rtds_proto_rawDesc,
+			NumEnums:      0,
+			NumMessages:   2,
+			NumExtensions: 0,
+			NumServices:   1,
+		},
+		GoTypes:           file_envoy_service_discovery_v2_rtds_proto_goTypes,
+		DependencyIndexes: file_envoy_service_discovery_v2_rtds_proto_depIdxs,
+		MessageInfos:      file_envoy_service_discovery_v2_rtds_proto_msgTypes,
+	}.Build()
+	File_envoy_service_discovery_v2_rtds_proto = out.File
+	file_envoy_service_discovery_v2_rtds_proto_rawDesc = nil
+	file_envoy_service_discovery_v2_rtds_proto_goTypes = nil
+	file_envoy_service_discovery_v2_rtds_proto_depIdxs = nil
+}
+
+// Reference imports to suppress errors if they are not otherwise used.
+var _ context.Context
+var _ grpc.ClientConnInterface
+
+// This is a compile-time assertion to ensure that this generated file
+// is compatible with the grpc package it is being compiled against.
+const _ = grpc.SupportPackageIsVersion6
+
+// RuntimeDiscoveryServiceClient is the client API for RuntimeDiscoveryService service.
+//
+// For semantics around ctx use and closing/ending streaming RPCs, please refer to https://godoc.org/google.golang.org/grpc#ClientConn.NewStream.
+type RuntimeDiscoveryServiceClient interface {
+	StreamRuntime(ctx context.Context, opts ...grpc.CallOption) (RuntimeDiscoveryService_StreamRuntimeClient, error)
+	DeltaRuntime(ctx context.Context, opts ...grpc.CallOption) (RuntimeDiscoveryService_DeltaRuntimeClient, error)
+	FetchRuntime(ctx context.Context, in *v2.DiscoveryRequest, opts ...grpc.CallOption) (*v2.DiscoveryResponse, error)
+}
+
+type runtimeDiscoveryServiceClient struct {
+	cc grpc.ClientConnInterface
+}
+
+func NewRuntimeDiscoveryServiceClient(cc grpc.ClientConnInterface) RuntimeDiscoveryServiceClient {
+	return &runtimeDiscoveryServiceClient{cc}
+}
+
+func (c *runtimeDiscoveryServiceClient) StreamRuntime(ctx context.Context, opts ...grpc.CallOption) (RuntimeDiscoveryService_StreamRuntimeClient, error) {
+	stream, err := c.cc.NewStream(ctx, &_RuntimeDiscoveryService_serviceDesc.Streams[0], "/envoy.service.discovery.v2.RuntimeDiscoveryService/StreamRuntime", opts...)
+	if err != nil {
+		return nil, err
+	}
+	x := &runtimeDiscoveryServiceStreamRuntimeClient{stream}
+	return x, nil
+}
+
+type RuntimeDiscoveryService_StreamRuntimeClient interface {
+	Send(*v2.DiscoveryRequest) error
+	Recv() (*v2.DiscoveryResponse, error)
+	grpc.ClientStream
+}
+
+type runtimeDiscoveryServiceStreamRuntimeClient struct {
+	grpc.ClientStream
+}
+
+func (x *runtimeDiscoveryServiceStreamRuntimeClient) Send(m *v2.DiscoveryRequest) error {
+	return x.ClientStream.SendMsg(m)
+}
+
+func (x *runtimeDiscoveryServiceStreamRuntimeClient) Recv() (*v2.DiscoveryResponse, error) {
+	m := new(v2.DiscoveryResponse)
+	if err := x.ClientStream.RecvMsg(m); err != nil {
+		return nil, err
+	}
+	return m, nil
+}
+
+func (c *runtimeDiscoveryServiceClient) DeltaRuntime(ctx context.Context, opts ...grpc.CallOption) (RuntimeDiscoveryService_DeltaRuntimeClient, error) {
+	stream, err := c.cc.NewStream(ctx, &_RuntimeDiscoveryService_serviceDesc.Streams[1], "/envoy.service.discovery.v2.RuntimeDiscoveryService/DeltaRuntime", opts...)
+	if err != nil {
+		return nil, err
+	}
+	x := &runtimeDiscoveryServiceDeltaRuntimeClient{stream}
+	return x, nil
+}
+
+type RuntimeDiscoveryService_DeltaRuntimeClient interface {
+	Send(*v2.DeltaDiscoveryRequest) error
+	Recv() (*v2.DeltaDiscoveryResponse, error)
+	grpc.ClientStream
+}
+
+type runtimeDiscoveryServiceDeltaRuntimeClient struct {
+	grpc.ClientStream
+}
+
+func (x *runtimeDiscoveryServiceDeltaRuntimeClient) Send(m *v2.DeltaDiscoveryRequest) error {
+	return x.ClientStream.SendMsg(m)
+}
+
+func (x *runtimeDiscoveryServiceDeltaRuntimeClient) Recv() (*v2.DeltaDiscoveryResponse, error) {
+	m := new(v2.DeltaDiscoveryResponse)
+	if err := x.ClientStream.RecvMsg(m); err != nil {
+		return nil, err
+	}
+	return m, nil
+}
+
+func (c *runtimeDiscoveryServiceClient) FetchRuntime(ctx context.Context, in *v2.DiscoveryRequest, opts ...grpc.CallOption) (*v2.DiscoveryResponse, error) {
+	out := new(v2.DiscoveryResponse)
+	err := c.cc.Invoke(ctx, "/envoy.service.discovery.v2.RuntimeDiscoveryService/FetchRuntime", in, out, opts...)
+	if err != nil {
+		return nil, err
+	}
+	return out, nil
+}
+
+// RuntimeDiscoveryServiceServer is the server API for RuntimeDiscoveryService service.
+type RuntimeDiscoveryServiceServer interface {
+	StreamRuntime(RuntimeDiscoveryService_StreamRuntimeServer) error
+	DeltaRuntime(RuntimeDiscoveryService_DeltaRuntimeServer) error
+	FetchRuntime(context.Context, *v2.DiscoveryRequest) (*v2.DiscoveryResponse, error)
+}
+
+// UnimplementedRuntimeDiscoveryServiceServer can be embedded to have forward compatible implementations.
+type UnimplementedRuntimeDiscoveryServiceServer struct {
+}
+
+func (*UnimplementedRuntimeDiscoveryServiceServer) StreamRuntime(RuntimeDiscoveryService_StreamRuntimeServer) error {
+	return status.Errorf(codes.Unimplemented, "method StreamRuntime not implemented")
+}
+func (*UnimplementedRuntimeDiscoveryServiceServer) DeltaRuntime(RuntimeDiscoveryService_DeltaRuntimeServer) error {
+	return status.Errorf(codes.Unimplemented, "method DeltaRuntime not implemented")
+}
+func (*UnimplementedRuntimeDiscoveryServiceServer) FetchRuntime(context.Context, *v2.DiscoveryRequest) (*v2.DiscoveryResponse, error) {
+	return nil, status.Errorf(codes.Unimplemented, "method FetchRuntime not implemented")
+}
+
+func RegisterRuntimeDiscoveryServiceServer(s *grpc.Server, srv RuntimeDiscoveryServiceServer) {
+	s.RegisterService(&_RuntimeDiscoveryService_serviceDesc, srv)
+}
+
+func _RuntimeDiscoveryService_StreamRuntime_Handler(srv interface{}, stream grpc.ServerStream) error {
+	return srv.(RuntimeDiscoveryServiceServer).StreamRuntime(&runtimeDiscoveryServiceStreamRuntimeServer{stream})
+}
+
+type RuntimeDiscoveryService_StreamRuntimeServer interface {
+	Send(*v2.DiscoveryResponse) error
+	Recv() (*v2.DiscoveryRequest, error)
+	grpc.ServerStream
+}
+
+type runtimeDiscoveryServiceStreamRuntimeServer struct {
+	grpc.ServerStream
+}
+
+func (x *runtimeDiscoveryServiceStreamRuntimeServer) Send(m *v2.DiscoveryResponse) error {
+	return x.ServerStream.SendMsg(m)
+}
+
+func (x *runtimeDiscoveryServiceStreamRuntimeServer) Recv() (*v2.DiscoveryRequest, error) {
+	m := new(v2.DiscoveryRequest)
+	if err := x.ServerStream.RecvMsg(m); err != nil {
+		return nil, err
+	}
+	return m, nil
+}
+
+func _RuntimeDiscoveryService_DeltaRuntime_Handler(srv interface{}, stream grpc.ServerStream) error {
+	return srv.(RuntimeDiscoveryServiceServer).DeltaRuntime(&runtimeDiscoveryServiceDeltaRuntimeServer{stream})
+}
+
+type RuntimeDiscoveryService_DeltaRuntimeServer interface {
+	Send(*v2.DeltaDiscoveryResponse) error
+	Recv() (*v2.DeltaDiscoveryRequest, error)
+	grpc.ServerStream
+}
+
+type runtimeDiscoveryServiceDeltaRuntimeServer struct {
+	grpc.ServerStream
+}
+
+func (x *runtimeDiscoveryServiceDeltaRuntimeServer) Send(m *v2.DeltaDiscoveryResponse) error {
+	return x.ServerStream.SendMsg(m)
+}
+
+func (x *runtimeDiscoveryServiceDeltaRuntimeServer) Recv() (*v2.DeltaDiscoveryRequest, error) {
+	m := new(v2.DeltaDiscoveryRequest)
+	if err := x.ServerStream.RecvMsg(m); err != nil {
+		return nil, err
+	}
+	return m, nil
+}
+
+func _RuntimeDiscoveryService_FetchRuntime_Handler(srv interface{}, ctx context.Context, dec func(interface{}) error, interceptor grpc.UnaryServerInterceptor) (interface{}, error) {
+	in := new(v2.DiscoveryRequest)
+	if err := dec(in); err != nil {
+		return nil, err
+	}
+	if interceptor == nil {
+		return srv.(RuntimeDiscoveryServiceServer).FetchRuntime(ctx, in)
+	}
+	info := &grpc.UnaryServerInfo{
+		Server:     srv,
+		FullMethod: "/envoy.service.discovery.v2.RuntimeDiscoveryService/FetchRuntime",
+	}
+	handler := func(ctx context.Context, req interface{}) (interface{}, error) {
+		return srv.(RuntimeDiscoveryServiceServer).FetchRuntime(ctx, req.(*v2.DiscoveryRequest))
+	}
+	return interceptor(ctx, in, info, handler)
+}
+
+var _RuntimeDiscoveryService_serviceDesc = grpc.ServiceDesc{
+	ServiceName: "envoy.service.discovery.v2.RuntimeDiscoveryService",
+	HandlerType: (*RuntimeDiscoveryServiceServer)(nil),
+	Methods: []grpc.MethodDesc{
+		{
+			MethodName: "FetchRuntime",
+			Handler:    _RuntimeDiscoveryService_FetchRuntime_Handler,
+		},
+	},
+	Streams: []grpc.StreamDesc{
+		{
+			StreamName:    "StreamRuntime",
+			Handler:       _RuntimeDiscoveryService_StreamRuntime_Handler,
+			ServerStreams: true,
+			ClientStreams: true,
+		},
+		{
+			StreamName:    "DeltaRuntime",
+			Handler:       _RuntimeDiscoveryService_DeltaRuntime_Handler,
+			ServerStreams: true,
+			ClientStreams: true,
+		},
+	},
+	Metadata: "envoy/service/discovery/v2/rtds.proto",
+}
diff --git a/vendor/github.com/envoyproxy/go-control-plane/envoy/service/discovery/v2/rtds.pb.validate.go b/vendor/github.com/envoyproxy/go-control-plane/envoy/service/discovery/v2/rtds.pb.validate.go
new file mode 100644
index 00000000000..a444b93785a
--- /dev/null
+++ b/vendor/github.com/envoyproxy/go-control-plane/envoy/service/discovery/v2/rtds.pb.validate.go
@@ -0,0 +1,271 @@
+// Code generated by protoc-gen-validate. DO NOT EDIT.
+// source: envoy/service/discovery/v2/rtds.proto
+
+package envoy_service_discovery_v2
+
+import (
+	"bytes"
+	"errors"
+	"fmt"
+	"net"
+	"net/mail"
+	"net/url"
+	"regexp"
+	"sort"
+	"strings"
+	"time"
+	"unicode/utf8"
+
+	"google.golang.org/protobuf/types/known/anypb"
+)
+
+// ensure the imports are used
+var (
+	_ = bytes.MinRead
+	_ = errors.New("")
+	_ = fmt.Print
+	_ = utf8.UTFMax
+	_ = (*regexp.Regexp)(nil)
+	_ = (*strings.Reader)(nil)
+	_ = net.IPv4len
+	_ = time.Duration(0)
+	_ = (*url.URL)(nil)
+	_ = (*mail.Address)(nil)
+	_ = anypb.Any{}
+	_ = sort.Sort
+)
+
+// Validate checks the field values on RtdsDummy with the rules defined in the
+// proto definition for this message. If any rules are violated, the first
+// error encountered is returned, or nil if there are no violations.
+func (m *RtdsDummy) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on RtdsDummy with the rules defined in
+// the proto definition for this message. If any rules are violated, the
+// result is a list of violation errors wrapped in RtdsDummyMultiError, or nil
+// if none found.
+func (m *RtdsDummy) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *RtdsDummy) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	if len(errors) > 0 {
+		return RtdsDummyMultiError(errors)
+	}
+	return nil
+}
+
+// RtdsDummyMultiError is an error wrapping multiple validation errors returned
+// by RtdsDummy.ValidateAll() if the designated constraints aren't met.
+type RtdsDummyMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m RtdsDummyMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m RtdsDummyMultiError) AllErrors() []error { return m }
+
+// RtdsDummyValidationError is the validation error returned by
+// RtdsDummy.Validate if the designated constraints aren't met.
+type RtdsDummyValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e RtdsDummyValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e RtdsDummyValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e RtdsDummyValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e RtdsDummyValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e RtdsDummyValidationError) ErrorName() string { return "RtdsDummyValidationError" }
+
+// Error satisfies the builtin error interface
+func (e RtdsDummyValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sRtdsDummy.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = RtdsDummyValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = RtdsDummyValidationError{}
+
+// Validate checks the field values on Runtime with the rules defined in the
+// proto definition for this message. If any rules are violated, the first
+// error encountered is returned, or nil if there are no violations.
+func (m *Runtime) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on Runtime with the rules defined in the
+// proto definition for this message. If any rules are violated, the result is
+// a list of violation errors wrapped in RuntimeMultiError, or nil if none found.
+func (m *Runtime) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *Runtime) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	if len(m.GetName()) < 1 {
+		err := RuntimeValidationError{
+			field:  "Name",
+			reason: "value length must be at least 1 bytes",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+	}
+
+	if all {
+		switch v := interface{}(m.GetLayer()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, RuntimeValidationError{
+					field:  "Layer",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, RuntimeValidationError{
+					field:  "Layer",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetLayer()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return RuntimeValidationError{
+				field:  "Layer",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if len(errors) > 0 {
+		return RuntimeMultiError(errors)
+	}
+	return nil
+}
+
+// RuntimeMultiError is an error wrapping multiple validation errors returned
+// by Runtime.ValidateAll() if the designated constraints aren't met.
+type RuntimeMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m RuntimeMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m RuntimeMultiError) AllErrors() []error { return m }
+
+// RuntimeValidationError is the validation error returned by Runtime.Validate
+// if the designated constraints aren't met.
+type RuntimeValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e RuntimeValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e RuntimeValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e RuntimeValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e RuntimeValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e RuntimeValidationError) ErrorName() string { return "RuntimeValidationError" }
+
+// Error satisfies the builtin error interface
+func (e RuntimeValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sRuntime.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = RuntimeValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = RuntimeValidationError{}
diff --git a/vendor/github.com/envoyproxy/go-control-plane/envoy/service/discovery/v2/sds.pb.go b/vendor/github.com/envoyproxy/go-control-plane/envoy/service/discovery/v2/sds.pb.go
new file mode 100644
index 00000000000..80e7d1a7632
--- /dev/null
+++ b/vendor/github.com/envoyproxy/go-control-plane/envoy/service/discovery/v2/sds.pb.go
@@ -0,0 +1,414 @@
+// Code generated by protoc-gen-go. DO NOT EDIT.
+// versions:
+// 	protoc-gen-go v1.25.0
+// 	protoc        v3.19.1
+// source: envoy/service/discovery/v2/sds.proto
+
+package envoy_service_discovery_v2
+
+import (
+	context "context"
+	_ "github.com/cncf/xds/go/udpa/annotations"
+	_ "github.com/envoyproxy/go-control-plane/envoy/annotations"
+	v2 "github.com/envoyproxy/go-control-plane/envoy/api/v2"
+	proto "github.com/golang/protobuf/proto"
+	_ "google.golang.org/genproto/googleapis/api/annotations"
+	grpc "google.golang.org/grpc"
+	codes "google.golang.org/grpc/codes"
+	status "google.golang.org/grpc/status"
+	protoreflect "google.golang.org/protobuf/reflect/protoreflect"
+	protoimpl "google.golang.org/protobuf/runtime/protoimpl"
+	reflect "reflect"
+	sync "sync"
+)
+
+const (
+	// Verify that this generated code is sufficiently up-to-date.
+	_ = protoimpl.EnforceVersion(20 - protoimpl.MinVersion)
+	// Verify that runtime/protoimpl is sufficiently up-to-date.
+	_ = protoimpl.EnforceVersion(protoimpl.MaxVersion - 20)
+)
+
+// This is a compile-time assertion that a sufficiently up-to-date version
+// of the legacy proto package is being used.
+const _ = proto.ProtoPackageIsVersion4
+
+// [#not-implemented-hide:] Not configuration. Workaround c++ protobuf issue with importing
+// services: https://github.com/google/protobuf/issues/4221
+type SdsDummy struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+}
+
+func (x *SdsDummy) Reset() {
+	*x = SdsDummy{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_service_discovery_v2_sds_proto_msgTypes[0]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *SdsDummy) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*SdsDummy) ProtoMessage() {}
+
+func (x *SdsDummy) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_service_discovery_v2_sds_proto_msgTypes[0]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use SdsDummy.ProtoReflect.Descriptor instead.
+func (*SdsDummy) Descriptor() ([]byte, []int) {
+	return file_envoy_service_discovery_v2_sds_proto_rawDescGZIP(), []int{0}
+}
+
+var File_envoy_service_discovery_v2_sds_proto protoreflect.FileDescriptor
+
+var file_envoy_service_discovery_v2_sds_proto_rawDesc = []byte{
+	0x0a, 0x24, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2f, 0x73, 0x65, 0x72, 0x76, 0x69, 0x63, 0x65, 0x2f,
+	0x64, 0x69, 0x73, 0x63, 0x6f, 0x76, 0x65, 0x72, 0x79, 0x2f, 0x76, 0x32, 0x2f, 0x73, 0x64, 0x73,
+	0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x12, 0x1a, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x73, 0x65,
+	0x72, 0x76, 0x69, 0x63, 0x65, 0x2e, 0x64, 0x69, 0x73, 0x63, 0x6f, 0x76, 0x65, 0x72, 0x79, 0x2e,
+	0x76, 0x32, 0x1a, 0x1c, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2f, 0x61, 0x70, 0x69, 0x2f, 0x76, 0x32,
+	0x2f, 0x64, 0x69, 0x73, 0x63, 0x6f, 0x76, 0x65, 0x72, 0x79, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f,
+	0x1a, 0x1c, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2f, 0x61, 0x70, 0x69, 0x2f, 0x61, 0x6e, 0x6e,
+	0x6f, 0x74, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x20,
+	0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2f, 0x61, 0x6e, 0x6e, 0x6f, 0x74, 0x61, 0x74, 0x69, 0x6f, 0x6e,
+	0x73, 0x2f, 0x72, 0x65, 0x73, 0x6f, 0x75, 0x72, 0x63, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f,
+	0x1a, 0x1e, 0x75, 0x64, 0x70, 0x61, 0x2f, 0x61, 0x6e, 0x6e, 0x6f, 0x74, 0x61, 0x74, 0x69, 0x6f,
+	0x6e, 0x73, 0x2f, 0x6d, 0x69, 0x67, 0x72, 0x61, 0x74, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f,
+	0x1a, 0x1d, 0x75, 0x64, 0x70, 0x61, 0x2f, 0x61, 0x6e, 0x6e, 0x6f, 0x74, 0x61, 0x74, 0x69, 0x6f,
+	0x6e, 0x73, 0x2f, 0x73, 0x74, 0x61, 0x74, 0x75, 0x73, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x22,
+	0x0a, 0x0a, 0x08, 0x53, 0x64, 0x73, 0x44, 0x75, 0x6d, 0x6d, 0x79, 0x32, 0xec, 0x02, 0x0a, 0x16,
+	0x53, 0x65, 0x63, 0x72, 0x65, 0x74, 0x44, 0x69, 0x73, 0x63, 0x6f, 0x76, 0x65, 0x72, 0x79, 0x53,
+	0x65, 0x72, 0x76, 0x69, 0x63, 0x65, 0x12, 0x5f, 0x0a, 0x0c, 0x44, 0x65, 0x6c, 0x74, 0x61, 0x53,
+	0x65, 0x63, 0x72, 0x65, 0x74, 0x73, 0x12, 0x23, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61,
+	0x70, 0x69, 0x2e, 0x76, 0x32, 0x2e, 0x44, 0x65, 0x6c, 0x74, 0x61, 0x44, 0x69, 0x73, 0x63, 0x6f,
+	0x76, 0x65, 0x72, 0x79, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, 0x24, 0x2e, 0x65, 0x6e,
+	0x76, 0x6f, 0x79, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x76, 0x32, 0x2e, 0x44, 0x65, 0x6c, 0x74, 0x61,
+	0x44, 0x69, 0x73, 0x63, 0x6f, 0x76, 0x65, 0x72, 0x79, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73,
+	0x65, 0x22, 0x00, 0x28, 0x01, 0x30, 0x01, 0x12, 0x56, 0x0a, 0x0d, 0x53, 0x74, 0x72, 0x65, 0x61,
+	0x6d, 0x53, 0x65, 0x63, 0x72, 0x65, 0x74, 0x73, 0x12, 0x1e, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79,
+	0x2e, 0x61, 0x70, 0x69, 0x2e, 0x76, 0x32, 0x2e, 0x44, 0x69, 0x73, 0x63, 0x6f, 0x76, 0x65, 0x72,
+	0x79, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, 0x1f, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79,
+	0x2e, 0x61, 0x70, 0x69, 0x2e, 0x76, 0x32, 0x2e, 0x44, 0x69, 0x73, 0x63, 0x6f, 0x76, 0x65, 0x72,
+	0x79, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x22, 0x00, 0x28, 0x01, 0x30, 0x01, 0x12,
+	0x77, 0x0a, 0x0c, 0x46, 0x65, 0x74, 0x63, 0x68, 0x53, 0x65, 0x63, 0x72, 0x65, 0x74, 0x73, 0x12,
+	0x1e, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x76, 0x32, 0x2e, 0x44,
+	0x69, 0x73, 0x63, 0x6f, 0x76, 0x65, 0x72, 0x79, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a,
+	0x1f, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x76, 0x32, 0x2e, 0x44,
+	0x69, 0x73, 0x63, 0x6f, 0x76, 0x65, 0x72, 0x79, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65,
+	0x22, 0x26, 0x82, 0xd3, 0xe4, 0x93, 0x02, 0x17, 0x22, 0x15, 0x2f, 0x76, 0x32, 0x2f, 0x64, 0x69,
+	0x73, 0x63, 0x6f, 0x76, 0x65, 0x72, 0x79, 0x3a, 0x73, 0x65, 0x63, 0x72, 0x65, 0x74, 0x73, 0x82,
+	0xd3, 0xe4, 0x93, 0x02, 0x03, 0x3a, 0x01, 0x2a, 0x1a, 0x20, 0x8a, 0xa4, 0x96, 0xf3, 0x07, 0x1a,
+	0x0a, 0x18, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x76, 0x32, 0x2e, 0x61,
+	0x75, 0x74, 0x68, 0x2e, 0x53, 0x65, 0x63, 0x72, 0x65, 0x74, 0x42, 0x60, 0x0a, 0x28, 0x69, 0x6f,
+	0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x70, 0x72, 0x6f, 0x78, 0x79, 0x2e, 0x65, 0x6e, 0x76, 0x6f,
+	0x79, 0x2e, 0x73, 0x65, 0x72, 0x76, 0x69, 0x63, 0x65, 0x2e, 0x64, 0x69, 0x73, 0x63, 0x6f, 0x76,
+	0x65, 0x72, 0x79, 0x2e, 0x76, 0x32, 0x42, 0x08, 0x53, 0x64, 0x73, 0x50, 0x72, 0x6f, 0x74, 0x6f,
+	0x50, 0x01, 0x88, 0x01, 0x01, 0xf2, 0x98, 0xfe, 0x8f, 0x05, 0x19, 0x12, 0x17, 0x65, 0x6e, 0x76,
+	0x6f, 0x79, 0x2e, 0x73, 0x65, 0x72, 0x76, 0x69, 0x63, 0x65, 0x2e, 0x73, 0x65, 0x63, 0x72, 0x65,
+	0x74, 0x2e, 0x76, 0x33, 0xba, 0x80, 0xc8, 0xd1, 0x06, 0x02, 0x10, 0x01, 0x62, 0x06, 0x70, 0x72,
+	0x6f, 0x74, 0x6f, 0x33,
+}
+
+var (
+	file_envoy_service_discovery_v2_sds_proto_rawDescOnce sync.Once
+	file_envoy_service_discovery_v2_sds_proto_rawDescData = file_envoy_service_discovery_v2_sds_proto_rawDesc
+)
+
+func file_envoy_service_discovery_v2_sds_proto_rawDescGZIP() []byte {
+	file_envoy_service_discovery_v2_sds_proto_rawDescOnce.Do(func() {
+		file_envoy_service_discovery_v2_sds_proto_rawDescData = protoimpl.X.CompressGZIP(file_envoy_service_discovery_v2_sds_proto_rawDescData)
+	})
+	return file_envoy_service_discovery_v2_sds_proto_rawDescData
+}
+
+var file_envoy_service_discovery_v2_sds_proto_msgTypes = make([]protoimpl.MessageInfo, 1)
+var file_envoy_service_discovery_v2_sds_proto_goTypes = []interface{}{
+	(*SdsDummy)(nil),                  // 0: envoy.service.discovery.v2.SdsDummy
+	(*v2.DeltaDiscoveryRequest)(nil),  // 1: envoy.api.v2.DeltaDiscoveryRequest
+	(*v2.DiscoveryRequest)(nil),       // 2: envoy.api.v2.DiscoveryRequest
+	(*v2.DeltaDiscoveryResponse)(nil), // 3: envoy.api.v2.DeltaDiscoveryResponse
+	(*v2.DiscoveryResponse)(nil),      // 4: envoy.api.v2.DiscoveryResponse
+}
+var file_envoy_service_discovery_v2_sds_proto_depIdxs = []int32{
+	1, // 0: envoy.service.discovery.v2.SecretDiscoveryService.DeltaSecrets:input_type -> envoy.api.v2.DeltaDiscoveryRequest
+	2, // 1: envoy.service.discovery.v2.SecretDiscoveryService.StreamSecrets:input_type -> envoy.api.v2.DiscoveryRequest
+	2, // 2: envoy.service.discovery.v2.SecretDiscoveryService.FetchSecrets:input_type -> envoy.api.v2.DiscoveryRequest
+	3, // 3: envoy.service.discovery.v2.SecretDiscoveryService.DeltaSecrets:output_type -> envoy.api.v2.DeltaDiscoveryResponse
+	4, // 4: envoy.service.discovery.v2.SecretDiscoveryService.StreamSecrets:output_type -> envoy.api.v2.DiscoveryResponse
+	4, // 5: envoy.service.discovery.v2.SecretDiscoveryService.FetchSecrets:output_type -> envoy.api.v2.DiscoveryResponse
+	3, // [3:6] is the sub-list for method output_type
+	0, // [0:3] is the sub-list for method input_type
+	0, // [0:0] is the sub-list for extension type_name
+	0, // [0:0] is the sub-list for extension extendee
+	0, // [0:0] is the sub-list for field type_name
+}
+
+func init() { file_envoy_service_discovery_v2_sds_proto_init() }
+func file_envoy_service_discovery_v2_sds_proto_init() {
+	if File_envoy_service_discovery_v2_sds_proto != nil {
+		return
+	}
+	if !protoimpl.UnsafeEnabled {
+		file_envoy_service_discovery_v2_sds_proto_msgTypes[0].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*SdsDummy); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+	}
+	type x struct{}
+	out := protoimpl.TypeBuilder{
+		File: protoimpl.DescBuilder{
+			GoPackagePath: reflect.TypeOf(x{}).PkgPath(),
+			RawDescriptor: file_envoy_service_discovery_v2_sds_proto_rawDesc,
+			NumEnums:      0,
+			NumMessages:   1,
+			NumExtensions: 0,
+			NumServices:   1,
+		},
+		GoTypes:           file_envoy_service_discovery_v2_sds_proto_goTypes,
+		DependencyIndexes: file_envoy_service_discovery_v2_sds_proto_depIdxs,
+		MessageInfos:      file_envoy_service_discovery_v2_sds_proto_msgTypes,
+	}.Build()
+	File_envoy_service_discovery_v2_sds_proto = out.File
+	file_envoy_service_discovery_v2_sds_proto_rawDesc = nil
+	file_envoy_service_discovery_v2_sds_proto_goTypes = nil
+	file_envoy_service_discovery_v2_sds_proto_depIdxs = nil
+}
+
+// Reference imports to suppress errors if they are not otherwise used.
+var _ context.Context
+var _ grpc.ClientConnInterface
+
+// This is a compile-time assertion to ensure that this generated file
+// is compatible with the grpc package it is being compiled against.
+const _ = grpc.SupportPackageIsVersion6
+
+// SecretDiscoveryServiceClient is the client API for SecretDiscoveryService service.
+//
+// For semantics around ctx use and closing/ending streaming RPCs, please refer to https://godoc.org/google.golang.org/grpc#ClientConn.NewStream.
+type SecretDiscoveryServiceClient interface {
+	DeltaSecrets(ctx context.Context, opts ...grpc.CallOption) (SecretDiscoveryService_DeltaSecretsClient, error)
+	StreamSecrets(ctx context.Context, opts ...grpc.CallOption) (SecretDiscoveryService_StreamSecretsClient, error)
+	FetchSecrets(ctx context.Context, in *v2.DiscoveryRequest, opts ...grpc.CallOption) (*v2.DiscoveryResponse, error)
+}
+
+type secretDiscoveryServiceClient struct {
+	cc grpc.ClientConnInterface
+}
+
+func NewSecretDiscoveryServiceClient(cc grpc.ClientConnInterface) SecretDiscoveryServiceClient {
+	return &secretDiscoveryServiceClient{cc}
+}
+
+func (c *secretDiscoveryServiceClient) DeltaSecrets(ctx context.Context, opts ...grpc.CallOption) (SecretDiscoveryService_DeltaSecretsClient, error) {
+	stream, err := c.cc.NewStream(ctx, &_SecretDiscoveryService_serviceDesc.Streams[0], "/envoy.service.discovery.v2.SecretDiscoveryService/DeltaSecrets", opts...)
+	if err != nil {
+		return nil, err
+	}
+	x := &secretDiscoveryServiceDeltaSecretsClient{stream}
+	return x, nil
+}
+
+type SecretDiscoveryService_DeltaSecretsClient interface {
+	Send(*v2.DeltaDiscoveryRequest) error
+	Recv() (*v2.DeltaDiscoveryResponse, error)
+	grpc.ClientStream
+}
+
+type secretDiscoveryServiceDeltaSecretsClient struct {
+	grpc.ClientStream
+}
+
+func (x *secretDiscoveryServiceDeltaSecretsClient) Send(m *v2.DeltaDiscoveryRequest) error {
+	return x.ClientStream.SendMsg(m)
+}
+
+func (x *secretDiscoveryServiceDeltaSecretsClient) Recv() (*v2.DeltaDiscoveryResponse, error) {
+	m := new(v2.DeltaDiscoveryResponse)
+	if err := x.ClientStream.RecvMsg(m); err != nil {
+		return nil, err
+	}
+	return m, nil
+}
+
+func (c *secretDiscoveryServiceClient) StreamSecrets(ctx context.Context, opts ...grpc.CallOption) (SecretDiscoveryService_StreamSecretsClient, error) {
+	stream, err := c.cc.NewStream(ctx, &_SecretDiscoveryService_serviceDesc.Streams[1], "/envoy.service.discovery.v2.SecretDiscoveryService/StreamSecrets", opts...)
+	if err != nil {
+		return nil, err
+	}
+	x := &secretDiscoveryServiceStreamSecretsClient{stream}
+	return x, nil
+}
+
+type SecretDiscoveryService_StreamSecretsClient interface {
+	Send(*v2.DiscoveryRequest) error
+	Recv() (*v2.DiscoveryResponse, error)
+	grpc.ClientStream
+}
+
+type secretDiscoveryServiceStreamSecretsClient struct {
+	grpc.ClientStream
+}
+
+func (x *secretDiscoveryServiceStreamSecretsClient) Send(m *v2.DiscoveryRequest) error {
+	return x.ClientStream.SendMsg(m)
+}
+
+func (x *secretDiscoveryServiceStreamSecretsClient) Recv() (*v2.DiscoveryResponse, error) {
+	m := new(v2.DiscoveryResponse)
+	if err := x.ClientStream.RecvMsg(m); err != nil {
+		return nil, err
+	}
+	return m, nil
+}
+
+func (c *secretDiscoveryServiceClient) FetchSecrets(ctx context.Context, in *v2.DiscoveryRequest, opts ...grpc.CallOption) (*v2.DiscoveryResponse, error) {
+	out := new(v2.DiscoveryResponse)
+	err := c.cc.Invoke(ctx, "/envoy.service.discovery.v2.SecretDiscoveryService/FetchSecrets", in, out, opts...)
+	if err != nil {
+		return nil, err
+	}
+	return out, nil
+}
+
+// SecretDiscoveryServiceServer is the server API for SecretDiscoveryService service.
+type SecretDiscoveryServiceServer interface {
+	DeltaSecrets(SecretDiscoveryService_DeltaSecretsServer) error
+	StreamSecrets(SecretDiscoveryService_StreamSecretsServer) error
+	FetchSecrets(context.Context, *v2.DiscoveryRequest) (*v2.DiscoveryResponse, error)
+}
+
+// UnimplementedSecretDiscoveryServiceServer can be embedded to have forward compatible implementations.
+type UnimplementedSecretDiscoveryServiceServer struct {
+}
+
+func (*UnimplementedSecretDiscoveryServiceServer) DeltaSecrets(SecretDiscoveryService_DeltaSecretsServer) error {
+	return status.Errorf(codes.Unimplemented, "method DeltaSecrets not implemented")
+}
+func (*UnimplementedSecretDiscoveryServiceServer) StreamSecrets(SecretDiscoveryService_StreamSecretsServer) error {
+	return status.Errorf(codes.Unimplemented, "method StreamSecrets not implemented")
+}
+func (*UnimplementedSecretDiscoveryServiceServer) FetchSecrets(context.Context, *v2.DiscoveryRequest) (*v2.DiscoveryResponse, error) {
+	return nil, status.Errorf(codes.Unimplemented, "method FetchSecrets not implemented")
+}
+
+func RegisterSecretDiscoveryServiceServer(s *grpc.Server, srv SecretDiscoveryServiceServer) {
+	s.RegisterService(&_SecretDiscoveryService_serviceDesc, srv)
+}
+
+func _SecretDiscoveryService_DeltaSecrets_Handler(srv interface{}, stream grpc.ServerStream) error {
+	return srv.(SecretDiscoveryServiceServer).DeltaSecrets(&secretDiscoveryServiceDeltaSecretsServer{stream})
+}
+
+type SecretDiscoveryService_DeltaSecretsServer interface {
+	Send(*v2.DeltaDiscoveryResponse) error
+	Recv() (*v2.DeltaDiscoveryRequest, error)
+	grpc.ServerStream
+}
+
+type secretDiscoveryServiceDeltaSecretsServer struct {
+	grpc.ServerStream
+}
+
+func (x *secretDiscoveryServiceDeltaSecretsServer) Send(m *v2.DeltaDiscoveryResponse) error {
+	return x.ServerStream.SendMsg(m)
+}
+
+func (x *secretDiscoveryServiceDeltaSecretsServer) Recv() (*v2.DeltaDiscoveryRequest, error) {
+	m := new(v2.DeltaDiscoveryRequest)
+	if err := x.ServerStream.RecvMsg(m); err != nil {
+		return nil, err
+	}
+	return m, nil
+}
+
+func _SecretDiscoveryService_StreamSecrets_Handler(srv interface{}, stream grpc.ServerStream) error {
+	return srv.(SecretDiscoveryServiceServer).StreamSecrets(&secretDiscoveryServiceStreamSecretsServer{stream})
+}
+
+type SecretDiscoveryService_StreamSecretsServer interface {
+	Send(*v2.DiscoveryResponse) error
+	Recv() (*v2.DiscoveryRequest, error)
+	grpc.ServerStream
+}
+
+type secretDiscoveryServiceStreamSecretsServer struct {
+	grpc.ServerStream
+}
+
+func (x *secretDiscoveryServiceStreamSecretsServer) Send(m *v2.DiscoveryResponse) error {
+	return x.ServerStream.SendMsg(m)
+}
+
+func (x *secretDiscoveryServiceStreamSecretsServer) Recv() (*v2.DiscoveryRequest, error) {
+	m := new(v2.DiscoveryRequest)
+	if err := x.ServerStream.RecvMsg(m); err != nil {
+		return nil, err
+	}
+	return m, nil
+}
+
+func _SecretDiscoveryService_FetchSecrets_Handler(srv interface{}, ctx context.Context, dec func(interface{}) error, interceptor grpc.UnaryServerInterceptor) (interface{}, error) {
+	in := new(v2.DiscoveryRequest)
+	if err := dec(in); err != nil {
+		return nil, err
+	}
+	if interceptor == nil {
+		return srv.(SecretDiscoveryServiceServer).FetchSecrets(ctx, in)
+	}
+	info := &grpc.UnaryServerInfo{
+		Server:     srv,
+		FullMethod: "/envoy.service.discovery.v2.SecretDiscoveryService/FetchSecrets",
+	}
+	handler := func(ctx context.Context, req interface{}) (interface{}, error) {
+		return srv.(SecretDiscoveryServiceServer).FetchSecrets(ctx, req.(*v2.DiscoveryRequest))
+	}
+	return interceptor(ctx, in, info, handler)
+}
+
+var _SecretDiscoveryService_serviceDesc = grpc.ServiceDesc{
+	ServiceName: "envoy.service.discovery.v2.SecretDiscoveryService",
+	HandlerType: (*SecretDiscoveryServiceServer)(nil),
+	Methods: []grpc.MethodDesc{
+		{
+			MethodName: "FetchSecrets",
+			Handler:    _SecretDiscoveryService_FetchSecrets_Handler,
+		},
+	},
+	Streams: []grpc.StreamDesc{
+		{
+			StreamName:    "DeltaSecrets",
+			Handler:       _SecretDiscoveryService_DeltaSecrets_Handler,
+			ServerStreams: true,
+			ClientStreams: true,
+		},
+		{
+			StreamName:    "StreamSecrets",
+			Handler:       _SecretDiscoveryService_StreamSecrets_Handler,
+			ServerStreams: true,
+			ClientStreams: true,
+		},
+	},
+	Metadata: "envoy/service/discovery/v2/sds.proto",
+}
diff --git a/vendor/github.com/envoyproxy/go-control-plane/envoy/service/discovery/v2/sds.pb.validate.go b/vendor/github.com/envoyproxy/go-control-plane/envoy/service/discovery/v2/sds.pb.validate.go
new file mode 100644
index 00000000000..a23865de0f6
--- /dev/null
+++ b/vendor/github.com/envoyproxy/go-control-plane/envoy/service/discovery/v2/sds.pb.validate.go
@@ -0,0 +1,134 @@
+// Code generated by protoc-gen-validate. DO NOT EDIT.
+// source: envoy/service/discovery/v2/sds.proto
+
+package envoy_service_discovery_v2
+
+import (
+	"bytes"
+	"errors"
+	"fmt"
+	"net"
+	"net/mail"
+	"net/url"
+	"regexp"
+	"sort"
+	"strings"
+	"time"
+	"unicode/utf8"
+
+	"google.golang.org/protobuf/types/known/anypb"
+)
+
+// ensure the imports are used
+var (
+	_ = bytes.MinRead
+	_ = errors.New("")
+	_ = fmt.Print
+	_ = utf8.UTFMax
+	_ = (*regexp.Regexp)(nil)
+	_ = (*strings.Reader)(nil)
+	_ = net.IPv4len
+	_ = time.Duration(0)
+	_ = (*url.URL)(nil)
+	_ = (*mail.Address)(nil)
+	_ = anypb.Any{}
+	_ = sort.Sort
+)
+
+// Validate checks the field values on SdsDummy with the rules defined in the
+// proto definition for this message. If any rules are violated, the first
+// error encountered is returned, or nil if there are no violations.
+func (m *SdsDummy) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on SdsDummy with the rules defined in
+// the proto definition for this message. If any rules are violated, the
+// result is a list of violation errors wrapped in SdsDummyMultiError, or nil
+// if none found.
+func (m *SdsDummy) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *SdsDummy) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	if len(errors) > 0 {
+		return SdsDummyMultiError(errors)
+	}
+	return nil
+}
+
+// SdsDummyMultiError is an error wrapping multiple validation errors returned
+// by SdsDummy.ValidateAll() if the designated constraints aren't met.
+type SdsDummyMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m SdsDummyMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m SdsDummyMultiError) AllErrors() []error { return m }
+
+// SdsDummyValidationError is the validation error returned by
+// SdsDummy.Validate if the designated constraints aren't met.
+type SdsDummyValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e SdsDummyValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e SdsDummyValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e SdsDummyValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e SdsDummyValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e SdsDummyValidationError) ErrorName() string { return "SdsDummyValidationError" }
+
+// Error satisfies the builtin error interface
+func (e SdsDummyValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sSdsDummy.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = SdsDummyValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = SdsDummyValidationError{}
diff --git a/vendor/github.com/envoyproxy/go-control-plane/envoy/service/discovery/v3/ads.pb.go b/vendor/github.com/envoyproxy/go-control-plane/envoy/service/discovery/v3/ads.pb.go
new file mode 100644
index 00000000000..e8bade0a27e
--- /dev/null
+++ b/vendor/github.com/envoyproxy/go-control-plane/envoy/service/discovery/v3/ads.pb.go
@@ -0,0 +1,368 @@
+// Code generated by protoc-gen-go. DO NOT EDIT.
+// versions:
+// 	protoc-gen-go v1.25.0
+// 	protoc        v3.19.1
+// source: envoy/service/discovery/v3/ads.proto
+
+package envoy_service_discovery_v3
+
+import (
+	context "context"
+	_ "github.com/cncf/xds/go/udpa/annotations"
+	proto "github.com/golang/protobuf/proto"
+	grpc "google.golang.org/grpc"
+	codes "google.golang.org/grpc/codes"
+	status "google.golang.org/grpc/status"
+	protoreflect "google.golang.org/protobuf/reflect/protoreflect"
+	protoimpl "google.golang.org/protobuf/runtime/protoimpl"
+	reflect "reflect"
+	sync "sync"
+)
+
+const (
+	// Verify that this generated code is sufficiently up-to-date.
+	_ = protoimpl.EnforceVersion(20 - protoimpl.MinVersion)
+	// Verify that runtime/protoimpl is sufficiently up-to-date.
+	_ = protoimpl.EnforceVersion(protoimpl.MaxVersion - 20)
+)
+
+// This is a compile-time assertion that a sufficiently up-to-date version
+// of the legacy proto package is being used.
+const _ = proto.ProtoPackageIsVersion4
+
+// [#not-implemented-hide:] Not configuration. Workaround c++ protobuf issue with importing
+// services: https://github.com/google/protobuf/issues/4221
+type AdsDummy struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+}
+
+func (x *AdsDummy) Reset() {
+	*x = AdsDummy{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_service_discovery_v3_ads_proto_msgTypes[0]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *AdsDummy) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*AdsDummy) ProtoMessage() {}
+
+func (x *AdsDummy) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_service_discovery_v3_ads_proto_msgTypes[0]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use AdsDummy.ProtoReflect.Descriptor instead.
+func (*AdsDummy) Descriptor() ([]byte, []int) {
+	return file_envoy_service_discovery_v3_ads_proto_rawDescGZIP(), []int{0}
+}
+
+var File_envoy_service_discovery_v3_ads_proto protoreflect.FileDescriptor
+
+var file_envoy_service_discovery_v3_ads_proto_rawDesc = []byte{
+	0x0a, 0x24, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2f, 0x73, 0x65, 0x72, 0x76, 0x69, 0x63, 0x65, 0x2f,
+	0x64, 0x69, 0x73, 0x63, 0x6f, 0x76, 0x65, 0x72, 0x79, 0x2f, 0x76, 0x33, 0x2f, 0x61, 0x64, 0x73,
+	0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x12, 0x1a, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x73, 0x65,
+	0x72, 0x76, 0x69, 0x63, 0x65, 0x2e, 0x64, 0x69, 0x73, 0x63, 0x6f, 0x76, 0x65, 0x72, 0x79, 0x2e,
+	0x76, 0x33, 0x1a, 0x2a, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2f, 0x73, 0x65, 0x72, 0x76, 0x69, 0x63,
+	0x65, 0x2f, 0x64, 0x69, 0x73, 0x63, 0x6f, 0x76, 0x65, 0x72, 0x79, 0x2f, 0x76, 0x33, 0x2f, 0x64,
+	0x69, 0x73, 0x63, 0x6f, 0x76, 0x65, 0x72, 0x79, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x1d,
+	0x75, 0x64, 0x70, 0x61, 0x2f, 0x61, 0x6e, 0x6e, 0x6f, 0x74, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x73,
+	0x2f, 0x73, 0x74, 0x61, 0x74, 0x75, 0x73, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x21, 0x75,
+	0x64, 0x70, 0x61, 0x2f, 0x61, 0x6e, 0x6e, 0x6f, 0x74, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x2f,
+	0x76, 0x65, 0x72, 0x73, 0x69, 0x6f, 0x6e, 0x69, 0x6e, 0x67, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f,
+	0x22, 0x36, 0x0a, 0x08, 0x41, 0x64, 0x73, 0x44, 0x75, 0x6d, 0x6d, 0x79, 0x3a, 0x2a, 0x9a, 0xc5,
+	0x88, 0x1e, 0x25, 0x0a, 0x23, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x73, 0x65, 0x72, 0x76, 0x69,
+	0x63, 0x65, 0x2e, 0x64, 0x69, 0x73, 0x63, 0x6f, 0x76, 0x65, 0x72, 0x79, 0x2e, 0x76, 0x32, 0x2e,
+	0x41, 0x64, 0x73, 0x44, 0x75, 0x6d, 0x6d, 0x79, 0x32, 0xa6, 0x02, 0x0a, 0x1a, 0x41, 0x67, 0x67,
+	0x72, 0x65, 0x67, 0x61, 0x74, 0x65, 0x64, 0x44, 0x69, 0x73, 0x63, 0x6f, 0x76, 0x65, 0x72, 0x79,
+	0x53, 0x65, 0x72, 0x76, 0x69, 0x63, 0x65, 0x12, 0x7e, 0x0a, 0x19, 0x53, 0x74, 0x72, 0x65, 0x61,
+	0x6d, 0x41, 0x67, 0x67, 0x72, 0x65, 0x67, 0x61, 0x74, 0x65, 0x64, 0x52, 0x65, 0x73, 0x6f, 0x75,
+	0x72, 0x63, 0x65, 0x73, 0x12, 0x2c, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x73, 0x65, 0x72,
+	0x76, 0x69, 0x63, 0x65, 0x2e, 0x64, 0x69, 0x73, 0x63, 0x6f, 0x76, 0x65, 0x72, 0x79, 0x2e, 0x76,
+	0x33, 0x2e, 0x44, 0x69, 0x73, 0x63, 0x6f, 0x76, 0x65, 0x72, 0x79, 0x52, 0x65, 0x71, 0x75, 0x65,
+	0x73, 0x74, 0x1a, 0x2d, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x73, 0x65, 0x72, 0x76, 0x69,
+	0x63, 0x65, 0x2e, 0x64, 0x69, 0x73, 0x63, 0x6f, 0x76, 0x65, 0x72, 0x79, 0x2e, 0x76, 0x33, 0x2e,
+	0x44, 0x69, 0x73, 0x63, 0x6f, 0x76, 0x65, 0x72, 0x79, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73,
+	0x65, 0x22, 0x00, 0x28, 0x01, 0x30, 0x01, 0x12, 0x87, 0x01, 0x0a, 0x18, 0x44, 0x65, 0x6c, 0x74,
+	0x61, 0x41, 0x67, 0x67, 0x72, 0x65, 0x67, 0x61, 0x74, 0x65, 0x64, 0x52, 0x65, 0x73, 0x6f, 0x75,
+	0x72, 0x63, 0x65, 0x73, 0x12, 0x31, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x73, 0x65, 0x72,
+	0x76, 0x69, 0x63, 0x65, 0x2e, 0x64, 0x69, 0x73, 0x63, 0x6f, 0x76, 0x65, 0x72, 0x79, 0x2e, 0x76,
+	0x33, 0x2e, 0x44, 0x65, 0x6c, 0x74, 0x61, 0x44, 0x69, 0x73, 0x63, 0x6f, 0x76, 0x65, 0x72, 0x79,
+	0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, 0x32, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e,
+	0x73, 0x65, 0x72, 0x76, 0x69, 0x63, 0x65, 0x2e, 0x64, 0x69, 0x73, 0x63, 0x6f, 0x76, 0x65, 0x72,
+	0x79, 0x2e, 0x76, 0x33, 0x2e, 0x44, 0x65, 0x6c, 0x74, 0x61, 0x44, 0x69, 0x73, 0x63, 0x6f, 0x76,
+	0x65, 0x72, 0x79, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x22, 0x00, 0x28, 0x01, 0x30,
+	0x01, 0x42, 0x41, 0x0a, 0x28, 0x69, 0x6f, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x70, 0x72, 0x6f,
+	0x78, 0x79, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x73, 0x65, 0x72, 0x76, 0x69, 0x63, 0x65,
+	0x2e, 0x64, 0x69, 0x73, 0x63, 0x6f, 0x76, 0x65, 0x72, 0x79, 0x2e, 0x76, 0x33, 0x42, 0x08, 0x41,
+	0x64, 0x73, 0x50, 0x72, 0x6f, 0x74, 0x6f, 0x50, 0x01, 0x88, 0x01, 0x01, 0xba, 0x80, 0xc8, 0xd1,
+	0x06, 0x02, 0x10, 0x02, 0x62, 0x06, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x33,
+}
+
+var (
+	file_envoy_service_discovery_v3_ads_proto_rawDescOnce sync.Once
+	file_envoy_service_discovery_v3_ads_proto_rawDescData = file_envoy_service_discovery_v3_ads_proto_rawDesc
+)
+
+func file_envoy_service_discovery_v3_ads_proto_rawDescGZIP() []byte {
+	file_envoy_service_discovery_v3_ads_proto_rawDescOnce.Do(func() {
+		file_envoy_service_discovery_v3_ads_proto_rawDescData = protoimpl.X.CompressGZIP(file_envoy_service_discovery_v3_ads_proto_rawDescData)
+	})
+	return file_envoy_service_discovery_v3_ads_proto_rawDescData
+}
+
+var file_envoy_service_discovery_v3_ads_proto_msgTypes = make([]protoimpl.MessageInfo, 1)
+var file_envoy_service_discovery_v3_ads_proto_goTypes = []interface{}{
+	(*AdsDummy)(nil),               // 0: envoy.service.discovery.v3.AdsDummy
+	(*DiscoveryRequest)(nil),       // 1: envoy.service.discovery.v3.DiscoveryRequest
+	(*DeltaDiscoveryRequest)(nil),  // 2: envoy.service.discovery.v3.DeltaDiscoveryRequest
+	(*DiscoveryResponse)(nil),      // 3: envoy.service.discovery.v3.DiscoveryResponse
+	(*DeltaDiscoveryResponse)(nil), // 4: envoy.service.discovery.v3.DeltaDiscoveryResponse
+}
+var file_envoy_service_discovery_v3_ads_proto_depIdxs = []int32{
+	1, // 0: envoy.service.discovery.v3.AggregatedDiscoveryService.StreamAggregatedResources:input_type -> envoy.service.discovery.v3.DiscoveryRequest
+	2, // 1: envoy.service.discovery.v3.AggregatedDiscoveryService.DeltaAggregatedResources:input_type -> envoy.service.discovery.v3.DeltaDiscoveryRequest
+	3, // 2: envoy.service.discovery.v3.AggregatedDiscoveryService.StreamAggregatedResources:output_type -> envoy.service.discovery.v3.DiscoveryResponse
+	4, // 3: envoy.service.discovery.v3.AggregatedDiscoveryService.DeltaAggregatedResources:output_type -> envoy.service.discovery.v3.DeltaDiscoveryResponse
+	2, // [2:4] is the sub-list for method output_type
+	0, // [0:2] is the sub-list for method input_type
+	0, // [0:0] is the sub-list for extension type_name
+	0, // [0:0] is the sub-list for extension extendee
+	0, // [0:0] is the sub-list for field type_name
+}
+
+func init() { file_envoy_service_discovery_v3_ads_proto_init() }
+func file_envoy_service_discovery_v3_ads_proto_init() {
+	if File_envoy_service_discovery_v3_ads_proto != nil {
+		return
+	}
+	file_envoy_service_discovery_v3_discovery_proto_init()
+	if !protoimpl.UnsafeEnabled {
+		file_envoy_service_discovery_v3_ads_proto_msgTypes[0].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*AdsDummy); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+	}
+	type x struct{}
+	out := protoimpl.TypeBuilder{
+		File: protoimpl.DescBuilder{
+			GoPackagePath: reflect.TypeOf(x{}).PkgPath(),
+			RawDescriptor: file_envoy_service_discovery_v3_ads_proto_rawDesc,
+			NumEnums:      0,
+			NumMessages:   1,
+			NumExtensions: 0,
+			NumServices:   1,
+		},
+		GoTypes:           file_envoy_service_discovery_v3_ads_proto_goTypes,
+		DependencyIndexes: file_envoy_service_discovery_v3_ads_proto_depIdxs,
+		MessageInfos:      file_envoy_service_discovery_v3_ads_proto_msgTypes,
+	}.Build()
+	File_envoy_service_discovery_v3_ads_proto = out.File
+	file_envoy_service_discovery_v3_ads_proto_rawDesc = nil
+	file_envoy_service_discovery_v3_ads_proto_goTypes = nil
+	file_envoy_service_discovery_v3_ads_proto_depIdxs = nil
+}
+
+// Reference imports to suppress errors if they are not otherwise used.
+var _ context.Context
+var _ grpc.ClientConnInterface
+
+// This is a compile-time assertion to ensure that this generated file
+// is compatible with the grpc package it is being compiled against.
+const _ = grpc.SupportPackageIsVersion6
+
+// AggregatedDiscoveryServiceClient is the client API for AggregatedDiscoveryService service.
+//
+// For semantics around ctx use and closing/ending streaming RPCs, please refer to https://godoc.org/google.golang.org/grpc#ClientConn.NewStream.
+type AggregatedDiscoveryServiceClient interface {
+	// This is a gRPC-only API.
+	StreamAggregatedResources(ctx context.Context, opts ...grpc.CallOption) (AggregatedDiscoveryService_StreamAggregatedResourcesClient, error)
+	DeltaAggregatedResources(ctx context.Context, opts ...grpc.CallOption) (AggregatedDiscoveryService_DeltaAggregatedResourcesClient, error)
+}
+
+type aggregatedDiscoveryServiceClient struct {
+	cc grpc.ClientConnInterface
+}
+
+func NewAggregatedDiscoveryServiceClient(cc grpc.ClientConnInterface) AggregatedDiscoveryServiceClient {
+	return &aggregatedDiscoveryServiceClient{cc}
+}
+
+func (c *aggregatedDiscoveryServiceClient) StreamAggregatedResources(ctx context.Context, opts ...grpc.CallOption) (AggregatedDiscoveryService_StreamAggregatedResourcesClient, error) {
+	stream, err := c.cc.NewStream(ctx, &_AggregatedDiscoveryService_serviceDesc.Streams[0], "/envoy.service.discovery.v3.AggregatedDiscoveryService/StreamAggregatedResources", opts...)
+	if err != nil {
+		return nil, err
+	}
+	x := &aggregatedDiscoveryServiceStreamAggregatedResourcesClient{stream}
+	return x, nil
+}
+
+type AggregatedDiscoveryService_StreamAggregatedResourcesClient interface {
+	Send(*DiscoveryRequest) error
+	Recv() (*DiscoveryResponse, error)
+	grpc.ClientStream
+}
+
+type aggregatedDiscoveryServiceStreamAggregatedResourcesClient struct {
+	grpc.ClientStream
+}
+
+func (x *aggregatedDiscoveryServiceStreamAggregatedResourcesClient) Send(m *DiscoveryRequest) error {
+	return x.ClientStream.SendMsg(m)
+}
+
+func (x *aggregatedDiscoveryServiceStreamAggregatedResourcesClient) Recv() (*DiscoveryResponse, error) {
+	m := new(DiscoveryResponse)
+	if err := x.ClientStream.RecvMsg(m); err != nil {
+		return nil, err
+	}
+	return m, nil
+}
+
+func (c *aggregatedDiscoveryServiceClient) DeltaAggregatedResources(ctx context.Context, opts ...grpc.CallOption) (AggregatedDiscoveryService_DeltaAggregatedResourcesClient, error) {
+	stream, err := c.cc.NewStream(ctx, &_AggregatedDiscoveryService_serviceDesc.Streams[1], "/envoy.service.discovery.v3.AggregatedDiscoveryService/DeltaAggregatedResources", opts...)
+	if err != nil {
+		return nil, err
+	}
+	x := &aggregatedDiscoveryServiceDeltaAggregatedResourcesClient{stream}
+	return x, nil
+}
+
+type AggregatedDiscoveryService_DeltaAggregatedResourcesClient interface {
+	Send(*DeltaDiscoveryRequest) error
+	Recv() (*DeltaDiscoveryResponse, error)
+	grpc.ClientStream
+}
+
+type aggregatedDiscoveryServiceDeltaAggregatedResourcesClient struct {
+	grpc.ClientStream
+}
+
+func (x *aggregatedDiscoveryServiceDeltaAggregatedResourcesClient) Send(m *DeltaDiscoveryRequest) error {
+	return x.ClientStream.SendMsg(m)
+}
+
+func (x *aggregatedDiscoveryServiceDeltaAggregatedResourcesClient) Recv() (*DeltaDiscoveryResponse, error) {
+	m := new(DeltaDiscoveryResponse)
+	if err := x.ClientStream.RecvMsg(m); err != nil {
+		return nil, err
+	}
+	return m, nil
+}
+
+// AggregatedDiscoveryServiceServer is the server API for AggregatedDiscoveryService service.
+type AggregatedDiscoveryServiceServer interface {
+	// This is a gRPC-only API.
+	StreamAggregatedResources(AggregatedDiscoveryService_StreamAggregatedResourcesServer) error
+	DeltaAggregatedResources(AggregatedDiscoveryService_DeltaAggregatedResourcesServer) error
+}
+
+// UnimplementedAggregatedDiscoveryServiceServer can be embedded to have forward compatible implementations.
+type UnimplementedAggregatedDiscoveryServiceServer struct {
+}
+
+func (*UnimplementedAggregatedDiscoveryServiceServer) StreamAggregatedResources(AggregatedDiscoveryService_StreamAggregatedResourcesServer) error {
+	return status.Errorf(codes.Unimplemented, "method StreamAggregatedResources not implemented")
+}
+func (*UnimplementedAggregatedDiscoveryServiceServer) DeltaAggregatedResources(AggregatedDiscoveryService_DeltaAggregatedResourcesServer) error {
+	return status.Errorf(codes.Unimplemented, "method DeltaAggregatedResources not implemented")
+}
+
+func RegisterAggregatedDiscoveryServiceServer(s *grpc.Server, srv AggregatedDiscoveryServiceServer) {
+	s.RegisterService(&_AggregatedDiscoveryService_serviceDesc, srv)
+}
+
+func _AggregatedDiscoveryService_StreamAggregatedResources_Handler(srv interface{}, stream grpc.ServerStream) error {
+	return srv.(AggregatedDiscoveryServiceServer).StreamAggregatedResources(&aggregatedDiscoveryServiceStreamAggregatedResourcesServer{stream})
+}
+
+type AggregatedDiscoveryService_StreamAggregatedResourcesServer interface {
+	Send(*DiscoveryResponse) error
+	Recv() (*DiscoveryRequest, error)
+	grpc.ServerStream
+}
+
+type aggregatedDiscoveryServiceStreamAggregatedResourcesServer struct {
+	grpc.ServerStream
+}
+
+func (x *aggregatedDiscoveryServiceStreamAggregatedResourcesServer) Send(m *DiscoveryResponse) error {
+	return x.ServerStream.SendMsg(m)
+}
+
+func (x *aggregatedDiscoveryServiceStreamAggregatedResourcesServer) Recv() (*DiscoveryRequest, error) {
+	m := new(DiscoveryRequest)
+	if err := x.ServerStream.RecvMsg(m); err != nil {
+		return nil, err
+	}
+	return m, nil
+}
+
+func _AggregatedDiscoveryService_DeltaAggregatedResources_Handler(srv interface{}, stream grpc.ServerStream) error {
+	return srv.(AggregatedDiscoveryServiceServer).DeltaAggregatedResources(&aggregatedDiscoveryServiceDeltaAggregatedResourcesServer{stream})
+}
+
+type AggregatedDiscoveryService_DeltaAggregatedResourcesServer interface {
+	Send(*DeltaDiscoveryResponse) error
+	Recv() (*DeltaDiscoveryRequest, error)
+	grpc.ServerStream
+}
+
+type aggregatedDiscoveryServiceDeltaAggregatedResourcesServer struct {
+	grpc.ServerStream
+}
+
+func (x *aggregatedDiscoveryServiceDeltaAggregatedResourcesServer) Send(m *DeltaDiscoveryResponse) error {
+	return x.ServerStream.SendMsg(m)
+}
+
+func (x *aggregatedDiscoveryServiceDeltaAggregatedResourcesServer) Recv() (*DeltaDiscoveryRequest, error) {
+	m := new(DeltaDiscoveryRequest)
+	if err := x.ServerStream.RecvMsg(m); err != nil {
+		return nil, err
+	}
+	return m, nil
+}
+
+var _AggregatedDiscoveryService_serviceDesc = grpc.ServiceDesc{
+	ServiceName: "envoy.service.discovery.v3.AggregatedDiscoveryService",
+	HandlerType: (*AggregatedDiscoveryServiceServer)(nil),
+	Methods:     []grpc.MethodDesc{},
+	Streams: []grpc.StreamDesc{
+		{
+			StreamName:    "StreamAggregatedResources",
+			Handler:       _AggregatedDiscoveryService_StreamAggregatedResources_Handler,
+			ServerStreams: true,
+			ClientStreams: true,
+		},
+		{
+			StreamName:    "DeltaAggregatedResources",
+			Handler:       _AggregatedDiscoveryService_DeltaAggregatedResources_Handler,
+			ServerStreams: true,
+			ClientStreams: true,
+		},
+	},
+	Metadata: "envoy/service/discovery/v3/ads.proto",
+}
diff --git a/vendor/github.com/envoyproxy/go-control-plane/envoy/service/discovery/v3/ads.pb.validate.go b/vendor/github.com/envoyproxy/go-control-plane/envoy/service/discovery/v3/ads.pb.validate.go
new file mode 100644
index 00000000000..3e8b9209207
--- /dev/null
+++ b/vendor/github.com/envoyproxy/go-control-plane/envoy/service/discovery/v3/ads.pb.validate.go
@@ -0,0 +1,134 @@
+// Code generated by protoc-gen-validate. DO NOT EDIT.
+// source: envoy/service/discovery/v3/ads.proto
+
+package envoy_service_discovery_v3
+
+import (
+	"bytes"
+	"errors"
+	"fmt"
+	"net"
+	"net/mail"
+	"net/url"
+	"regexp"
+	"sort"
+	"strings"
+	"time"
+	"unicode/utf8"
+
+	"google.golang.org/protobuf/types/known/anypb"
+)
+
+// ensure the imports are used
+var (
+	_ = bytes.MinRead
+	_ = errors.New("")
+	_ = fmt.Print
+	_ = utf8.UTFMax
+	_ = (*regexp.Regexp)(nil)
+	_ = (*strings.Reader)(nil)
+	_ = net.IPv4len
+	_ = time.Duration(0)
+	_ = (*url.URL)(nil)
+	_ = (*mail.Address)(nil)
+	_ = anypb.Any{}
+	_ = sort.Sort
+)
+
+// Validate checks the field values on AdsDummy with the rules defined in the
+// proto definition for this message. If any rules are violated, the first
+// error encountered is returned, or nil if there are no violations.
+func (m *AdsDummy) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on AdsDummy with the rules defined in
+// the proto definition for this message. If any rules are violated, the
+// result is a list of violation errors wrapped in AdsDummyMultiError, or nil
+// if none found.
+func (m *AdsDummy) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *AdsDummy) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	if len(errors) > 0 {
+		return AdsDummyMultiError(errors)
+	}
+	return nil
+}
+
+// AdsDummyMultiError is an error wrapping multiple validation errors returned
+// by AdsDummy.ValidateAll() if the designated constraints aren't met.
+type AdsDummyMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m AdsDummyMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m AdsDummyMultiError) AllErrors() []error { return m }
+
+// AdsDummyValidationError is the validation error returned by
+// AdsDummy.Validate if the designated constraints aren't met.
+type AdsDummyValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e AdsDummyValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e AdsDummyValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e AdsDummyValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e AdsDummyValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e AdsDummyValidationError) ErrorName() string { return "AdsDummyValidationError" }
+
+// Error satisfies the builtin error interface
+func (e AdsDummyValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sAdsDummy.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = AdsDummyValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = AdsDummyValidationError{}
diff --git a/vendor/github.com/envoyproxy/go-control-plane/envoy/service/discovery/v3/discovery.pb.go b/vendor/github.com/envoyproxy/go-control-plane/envoy/service/discovery/v3/discovery.pb.go
new file mode 100644
index 00000000000..b2cfe8dd648
--- /dev/null
+++ b/vendor/github.com/envoyproxy/go-control-plane/envoy/service/discovery/v3/discovery.pb.go
@@ -0,0 +1,981 @@
+// Code generated by protoc-gen-go. DO NOT EDIT.
+// versions:
+// 	protoc-gen-go v1.25.0
+// 	protoc        v3.19.1
+// source: envoy/service/discovery/v3/discovery.proto
+
+package envoy_service_discovery_v3
+
+import (
+	_ "github.com/cncf/xds/go/udpa/annotations"
+	v3 "github.com/envoyproxy/go-control-plane/envoy/config/core/v3"
+	proto "github.com/golang/protobuf/proto"
+	any "github.com/golang/protobuf/ptypes/any"
+	duration "github.com/golang/protobuf/ptypes/duration"
+	status "google.golang.org/genproto/googleapis/rpc/status"
+	protoreflect "google.golang.org/protobuf/reflect/protoreflect"
+	protoimpl "google.golang.org/protobuf/runtime/protoimpl"
+	reflect "reflect"
+	sync "sync"
+)
+
+const (
+	// Verify that this generated code is sufficiently up-to-date.
+	_ = protoimpl.EnforceVersion(20 - protoimpl.MinVersion)
+	// Verify that runtime/protoimpl is sufficiently up-to-date.
+	_ = protoimpl.EnforceVersion(protoimpl.MaxVersion - 20)
+)
+
+// This is a compile-time assertion that a sufficiently up-to-date version
+// of the legacy proto package is being used.
+const _ = proto.ProtoPackageIsVersion4
+
+// A DiscoveryRequest requests a set of versioned resources of the same type for
+// a given Envoy node on some API.
+// [#next-free-field: 7]
+type DiscoveryRequest struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// The version_info provided in the request messages will be the version_info
+	// received with the most recent successfully processed response or empty on
+	// the first request. It is expected that no new request is sent after a
+	// response is received until the Envoy instance is ready to ACK/NACK the new
+	// configuration. ACK/NACK takes place by returning the new API config version
+	// as applied or the previous API config version respectively. Each type_url
+	// (see below) has an independent version associated with it.
+	VersionInfo string `protobuf:"bytes,1,opt,name=version_info,json=versionInfo,proto3" json:"version_info,omitempty"`
+	// The node making the request.
+	Node *v3.Node `protobuf:"bytes,2,opt,name=node,proto3" json:"node,omitempty"`
+	// List of resources to subscribe to, e.g. list of cluster names or a route
+	// configuration name. If this is empty, all resources for the API are
+	// returned. LDS/CDS may have empty resource_names, which will cause all
+	// resources for the Envoy instance to be returned. The LDS and CDS responses
+	// will then imply a number of resources that need to be fetched via EDS/RDS,
+	// which will be explicitly enumerated in resource_names.
+	ResourceNames []string `protobuf:"bytes,3,rep,name=resource_names,json=resourceNames,proto3" json:"resource_names,omitempty"`
+	// Type of the resource that is being requested, e.g.
+	// "type.googleapis.com/envoy.api.v2.ClusterLoadAssignment". This is implicit
+	// in requests made via singleton xDS APIs such as CDS, LDS, etc. but is
+	// required for ADS.
+	TypeUrl string `protobuf:"bytes,4,opt,name=type_url,json=typeUrl,proto3" json:"type_url,omitempty"`
+	// nonce corresponding to DiscoveryResponse being ACK/NACKed. See above
+	// discussion on version_info and the DiscoveryResponse nonce comment. This
+	// may be empty only if 1) this is a non-persistent-stream xDS such as HTTP,
+	// or 2) the client has not yet accepted an update in this xDS stream (unlike
+	// delta, where it is populated only for new explicit ACKs).
+	ResponseNonce string `protobuf:"bytes,5,opt,name=response_nonce,json=responseNonce,proto3" json:"response_nonce,omitempty"`
+	// This is populated when the previous :ref:`DiscoveryResponse <envoy_v3_api_msg_service.discovery.v3.DiscoveryResponse>`
+	// failed to update configuration. The *message* field in *error_details* provides the Envoy
+	// internal exception related to the failure. It is only intended for consumption during manual
+	// debugging, the string provided is not guaranteed to be stable across Envoy versions.
+	ErrorDetail *status.Status `protobuf:"bytes,6,opt,name=error_detail,json=errorDetail,proto3" json:"error_detail,omitempty"`
+}
+
+func (x *DiscoveryRequest) Reset() {
+	*x = DiscoveryRequest{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_service_discovery_v3_discovery_proto_msgTypes[0]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *DiscoveryRequest) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*DiscoveryRequest) ProtoMessage() {}
+
+func (x *DiscoveryRequest) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_service_discovery_v3_discovery_proto_msgTypes[0]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use DiscoveryRequest.ProtoReflect.Descriptor instead.
+func (*DiscoveryRequest) Descriptor() ([]byte, []int) {
+	return file_envoy_service_discovery_v3_discovery_proto_rawDescGZIP(), []int{0}
+}
+
+func (x *DiscoveryRequest) GetVersionInfo() string {
+	if x != nil {
+		return x.VersionInfo
+	}
+	return ""
+}
+
+func (x *DiscoveryRequest) GetNode() *v3.Node {
+	if x != nil {
+		return x.Node
+	}
+	return nil
+}
+
+func (x *DiscoveryRequest) GetResourceNames() []string {
+	if x != nil {
+		return x.ResourceNames
+	}
+	return nil
+}
+
+func (x *DiscoveryRequest) GetTypeUrl() string {
+	if x != nil {
+		return x.TypeUrl
+	}
+	return ""
+}
+
+func (x *DiscoveryRequest) GetResponseNonce() string {
+	if x != nil {
+		return x.ResponseNonce
+	}
+	return ""
+}
+
+func (x *DiscoveryRequest) GetErrorDetail() *status.Status {
+	if x != nil {
+		return x.ErrorDetail
+	}
+	return nil
+}
+
+// [#next-free-field: 7]
+type DiscoveryResponse struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// The version of the response data.
+	VersionInfo string `protobuf:"bytes,1,opt,name=version_info,json=versionInfo,proto3" json:"version_info,omitempty"`
+	// The response resources. These resources are typed and depend on the API being called.
+	Resources []*any.Any `protobuf:"bytes,2,rep,name=resources,proto3" json:"resources,omitempty"`
+	// [#not-implemented-hide:]
+	// Canary is used to support two Envoy command line flags:
+	//
+	// * --terminate-on-canary-transition-failure. When set, Envoy is able to
+	//   terminate if it detects that configuration is stuck at canary. Consider
+	//   this example sequence of updates:
+	//   - Management server applies a canary config successfully.
+	//   - Management server rolls back to a production config.
+	//   - Envoy rejects the new production config.
+	//   Since there is no sensible way to continue receiving configuration
+	//   updates, Envoy will then terminate and apply production config from a
+	//   clean slate.
+	// * --dry-run-canary. When set, a canary response will never be applied, only
+	//   validated via a dry run.
+	Canary bool `protobuf:"varint,3,opt,name=canary,proto3" json:"canary,omitempty"`
+	// Type URL for resources. Identifies the xDS API when muxing over ADS.
+	// Must be consistent with the type_url in the 'resources' repeated Any (if non-empty).
+	TypeUrl string `protobuf:"bytes,4,opt,name=type_url,json=typeUrl,proto3" json:"type_url,omitempty"`
+	// For gRPC based subscriptions, the nonce provides a way to explicitly ack a
+	// specific DiscoveryResponse in a following DiscoveryRequest. Additional
+	// messages may have been sent by Envoy to the management server for the
+	// previous version on the stream prior to this DiscoveryResponse, that were
+	// unprocessed at response send time. The nonce allows the management server
+	// to ignore any further DiscoveryRequests for the previous version until a
+	// DiscoveryRequest bearing the nonce. The nonce is optional and is not
+	// required for non-stream based xDS implementations.
+	Nonce string `protobuf:"bytes,5,opt,name=nonce,proto3" json:"nonce,omitempty"`
+	// The control plane instance that sent the response.
+	ControlPlane *v3.ControlPlane `protobuf:"bytes,6,opt,name=control_plane,json=controlPlane,proto3" json:"control_plane,omitempty"`
+}
+
+func (x *DiscoveryResponse) Reset() {
+	*x = DiscoveryResponse{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_service_discovery_v3_discovery_proto_msgTypes[1]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *DiscoveryResponse) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*DiscoveryResponse) ProtoMessage() {}
+
+func (x *DiscoveryResponse) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_service_discovery_v3_discovery_proto_msgTypes[1]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use DiscoveryResponse.ProtoReflect.Descriptor instead.
+func (*DiscoveryResponse) Descriptor() ([]byte, []int) {
+	return file_envoy_service_discovery_v3_discovery_proto_rawDescGZIP(), []int{1}
+}
+
+func (x *DiscoveryResponse) GetVersionInfo() string {
+	if x != nil {
+		return x.VersionInfo
+	}
+	return ""
+}
+
+func (x *DiscoveryResponse) GetResources() []*any.Any {
+	if x != nil {
+		return x.Resources
+	}
+	return nil
+}
+
+func (x *DiscoveryResponse) GetCanary() bool {
+	if x != nil {
+		return x.Canary
+	}
+	return false
+}
+
+func (x *DiscoveryResponse) GetTypeUrl() string {
+	if x != nil {
+		return x.TypeUrl
+	}
+	return ""
+}
+
+func (x *DiscoveryResponse) GetNonce() string {
+	if x != nil {
+		return x.Nonce
+	}
+	return ""
+}
+
+func (x *DiscoveryResponse) GetControlPlane() *v3.ControlPlane {
+	if x != nil {
+		return x.ControlPlane
+	}
+	return nil
+}
+
+// DeltaDiscoveryRequest and DeltaDiscoveryResponse are used in a new gRPC
+// endpoint for Delta xDS.
+//
+// With Delta xDS, the DeltaDiscoveryResponses do not need to include a full
+// snapshot of the tracked resources. Instead, DeltaDiscoveryResponses are a
+// diff to the state of a xDS client.
+// In Delta XDS there are per-resource versions, which allow tracking state at
+// the resource granularity.
+// An xDS Delta session is always in the context of a gRPC bidirectional
+// stream. This allows the xDS server to keep track of the state of xDS clients
+// connected to it.
+//
+// In Delta xDS the nonce field is required and used to pair
+// DeltaDiscoveryResponse to a DeltaDiscoveryRequest ACK or NACK.
+// Optionally, a response message level system_version_info is present for
+// debugging purposes only.
+//
+// DeltaDiscoveryRequest plays two independent roles. Any DeltaDiscoveryRequest
+// can be either or both of: [1] informing the server of what resources the
+// client has gained/lost interest in (using resource_names_subscribe and
+// resource_names_unsubscribe), or [2] (N)ACKing an earlier resource update from
+// the server (using response_nonce, with presence of error_detail making it a NACK).
+// Additionally, the first message (for a given type_url) of a reconnected gRPC stream
+// has a third role: informing the server of the resources (and their versions)
+// that the client already possesses, using the initial_resource_versions field.
+//
+// As with state-of-the-world, when multiple resource types are multiplexed (ADS),
+// all requests/acknowledgments/updates are logically walled off by type_url:
+// a Cluster ACK exists in a completely separate world from a prior Route NACK.
+// In particular, initial_resource_versions being sent at the "start" of every
+// gRPC stream actually entails a message for each type_url, each with its own
+// initial_resource_versions.
+// [#next-free-field: 8]
+type DeltaDiscoveryRequest struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// The node making the request.
+	Node *v3.Node `protobuf:"bytes,1,opt,name=node,proto3" json:"node,omitempty"`
+	// Type of the resource that is being requested, e.g.
+	// "type.googleapis.com/envoy.api.v2.ClusterLoadAssignment". This does not need to be set if
+	// resources are only referenced via *xds_resource_subscribe* and
+	// *xds_resources_unsubscribe*.
+	TypeUrl string `protobuf:"bytes,2,opt,name=type_url,json=typeUrl,proto3" json:"type_url,omitempty"`
+	// DeltaDiscoveryRequests allow the client to add or remove individual
+	// resources to the set of tracked resources in the context of a stream.
+	// All resource names in the resource_names_subscribe list are added to the
+	// set of tracked resources and all resource names in the resource_names_unsubscribe
+	// list are removed from the set of tracked resources.
+	//
+	// *Unlike* state-of-the-world xDS, an empty resource_names_subscribe or
+	// resource_names_unsubscribe list simply means that no resources are to be
+	// added or removed to the resource list.
+	// *Like* state-of-the-world xDS, the server must send updates for all tracked
+	// resources, but can also send updates for resources the client has not subscribed to.
+	//
+	// NOTE: the server must respond with all resources listed in resource_names_subscribe,
+	// even if it believes the client has the most recent version of them. The reason:
+	// the client may have dropped them, but then regained interest before it had a chance
+	// to send the unsubscribe message. See DeltaSubscriptionStateTest.RemoveThenAdd.
+	//
+	// These two fields can be set in any DeltaDiscoveryRequest, including ACKs
+	// and initial_resource_versions.
+	//
+	// A list of Resource names to add to the list of tracked resources.
+	ResourceNamesSubscribe []string `protobuf:"bytes,3,rep,name=resource_names_subscribe,json=resourceNamesSubscribe,proto3" json:"resource_names_subscribe,omitempty"`
+	// A list of Resource names to remove from the list of tracked resources.
+	ResourceNamesUnsubscribe []string `protobuf:"bytes,4,rep,name=resource_names_unsubscribe,json=resourceNamesUnsubscribe,proto3" json:"resource_names_unsubscribe,omitempty"`
+	// Informs the server of the versions of the resources the xDS client knows of, to enable the
+	// client to continue the same logical xDS session even in the face of gRPC stream reconnection.
+	// It will not be populated: [1] in the very first stream of a session, since the client will
+	// not yet have any resources,  [2] in any message after the first in a stream (for a given
+	// type_url), since the server will already be correctly tracking the client's state.
+	// (In ADS, the first message *of each type_url* of a reconnected stream populates this map.)
+	// The map's keys are names of xDS resources known to the xDS client.
+	// The map's values are opaque resource versions.
+	InitialResourceVersions map[string]string `protobuf:"bytes,5,rep,name=initial_resource_versions,json=initialResourceVersions,proto3" json:"initial_resource_versions,omitempty" protobuf_key:"bytes,1,opt,name=key,proto3" protobuf_val:"bytes,2,opt,name=value,proto3"`
+	// When the DeltaDiscoveryRequest is a ACK or NACK message in response
+	// to a previous DeltaDiscoveryResponse, the response_nonce must be the
+	// nonce in the DeltaDiscoveryResponse.
+	// Otherwise (unlike in DiscoveryRequest) response_nonce must be omitted.
+	ResponseNonce string `protobuf:"bytes,6,opt,name=response_nonce,json=responseNonce,proto3" json:"response_nonce,omitempty"`
+	// This is populated when the previous :ref:`DiscoveryResponse <envoy_v3_api_msg_service.discovery.v3.DiscoveryResponse>`
+	// failed to update configuration. The *message* field in *error_details*
+	// provides the Envoy internal exception related to the failure.
+	ErrorDetail *status.Status `protobuf:"bytes,7,opt,name=error_detail,json=errorDetail,proto3" json:"error_detail,omitempty"`
+}
+
+func (x *DeltaDiscoveryRequest) Reset() {
+	*x = DeltaDiscoveryRequest{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_service_discovery_v3_discovery_proto_msgTypes[2]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *DeltaDiscoveryRequest) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*DeltaDiscoveryRequest) ProtoMessage() {}
+
+func (x *DeltaDiscoveryRequest) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_service_discovery_v3_discovery_proto_msgTypes[2]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use DeltaDiscoveryRequest.ProtoReflect.Descriptor instead.
+func (*DeltaDiscoveryRequest) Descriptor() ([]byte, []int) {
+	return file_envoy_service_discovery_v3_discovery_proto_rawDescGZIP(), []int{2}
+}
+
+func (x *DeltaDiscoveryRequest) GetNode() *v3.Node {
+	if x != nil {
+		return x.Node
+	}
+	return nil
+}
+
+func (x *DeltaDiscoveryRequest) GetTypeUrl() string {
+	if x != nil {
+		return x.TypeUrl
+	}
+	return ""
+}
+
+func (x *DeltaDiscoveryRequest) GetResourceNamesSubscribe() []string {
+	if x != nil {
+		return x.ResourceNamesSubscribe
+	}
+	return nil
+}
+
+func (x *DeltaDiscoveryRequest) GetResourceNamesUnsubscribe() []string {
+	if x != nil {
+		return x.ResourceNamesUnsubscribe
+	}
+	return nil
+}
+
+func (x *DeltaDiscoveryRequest) GetInitialResourceVersions() map[string]string {
+	if x != nil {
+		return x.InitialResourceVersions
+	}
+	return nil
+}
+
+func (x *DeltaDiscoveryRequest) GetResponseNonce() string {
+	if x != nil {
+		return x.ResponseNonce
+	}
+	return ""
+}
+
+func (x *DeltaDiscoveryRequest) GetErrorDetail() *status.Status {
+	if x != nil {
+		return x.ErrorDetail
+	}
+	return nil
+}
+
+// [#next-free-field: 8]
+type DeltaDiscoveryResponse struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// The version of the response data (used for debugging).
+	SystemVersionInfo string `protobuf:"bytes,1,opt,name=system_version_info,json=systemVersionInfo,proto3" json:"system_version_info,omitempty"`
+	// The response resources. These are typed resources, whose types must match
+	// the type_url field.
+	Resources []*Resource `protobuf:"bytes,2,rep,name=resources,proto3" json:"resources,omitempty"`
+	// Type URL for resources. Identifies the xDS API when muxing over ADS.
+	// Must be consistent with the type_url in the Any within 'resources' if 'resources' is non-empty.
+	TypeUrl string `protobuf:"bytes,4,opt,name=type_url,json=typeUrl,proto3" json:"type_url,omitempty"`
+	// Resources names of resources that have be deleted and to be removed from the xDS Client.
+	// Removed resources for missing resources can be ignored.
+	RemovedResources []string `protobuf:"bytes,6,rep,name=removed_resources,json=removedResources,proto3" json:"removed_resources,omitempty"`
+	// The nonce provides a way for DeltaDiscoveryRequests to uniquely
+	// reference a DeltaDiscoveryResponse when (N)ACKing. The nonce is required.
+	Nonce string `protobuf:"bytes,5,opt,name=nonce,proto3" json:"nonce,omitempty"`
+	// [#not-implemented-hide:]
+	// The control plane instance that sent the response.
+	ControlPlane *v3.ControlPlane `protobuf:"bytes,7,opt,name=control_plane,json=controlPlane,proto3" json:"control_plane,omitempty"`
+}
+
+func (x *DeltaDiscoveryResponse) Reset() {
+	*x = DeltaDiscoveryResponse{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_service_discovery_v3_discovery_proto_msgTypes[3]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *DeltaDiscoveryResponse) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*DeltaDiscoveryResponse) ProtoMessage() {}
+
+func (x *DeltaDiscoveryResponse) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_service_discovery_v3_discovery_proto_msgTypes[3]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use DeltaDiscoveryResponse.ProtoReflect.Descriptor instead.
+func (*DeltaDiscoveryResponse) Descriptor() ([]byte, []int) {
+	return file_envoy_service_discovery_v3_discovery_proto_rawDescGZIP(), []int{3}
+}
+
+func (x *DeltaDiscoveryResponse) GetSystemVersionInfo() string {
+	if x != nil {
+		return x.SystemVersionInfo
+	}
+	return ""
+}
+
+func (x *DeltaDiscoveryResponse) GetResources() []*Resource {
+	if x != nil {
+		return x.Resources
+	}
+	return nil
+}
+
+func (x *DeltaDiscoveryResponse) GetTypeUrl() string {
+	if x != nil {
+		return x.TypeUrl
+	}
+	return ""
+}
+
+func (x *DeltaDiscoveryResponse) GetRemovedResources() []string {
+	if x != nil {
+		return x.RemovedResources
+	}
+	return nil
+}
+
+func (x *DeltaDiscoveryResponse) GetNonce() string {
+	if x != nil {
+		return x.Nonce
+	}
+	return ""
+}
+
+func (x *DeltaDiscoveryResponse) GetControlPlane() *v3.ControlPlane {
+	if x != nil {
+		return x.ControlPlane
+	}
+	return nil
+}
+
+// [#next-free-field: 8]
+type Resource struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// The resource's name, to distinguish it from others of the same type of resource.
+	Name string `protobuf:"bytes,3,opt,name=name,proto3" json:"name,omitempty"`
+	// The aliases are a list of other names that this resource can go by.
+	Aliases []string `protobuf:"bytes,4,rep,name=aliases,proto3" json:"aliases,omitempty"`
+	// The resource level version. It allows xDS to track the state of individual
+	// resources.
+	Version string `protobuf:"bytes,1,opt,name=version,proto3" json:"version,omitempty"`
+	// The resource being tracked.
+	Resource *any.Any `protobuf:"bytes,2,opt,name=resource,proto3" json:"resource,omitempty"`
+	// Time-to-live value for the resource. For each resource, a timer is started. The timer is
+	// reset each time the resource is received with a new TTL. If the resource is received with
+	// no TTL set, the timer is removed for the resource. Upon expiration of the timer, the
+	// configuration for the resource will be removed.
+	//
+	// The TTL can be refreshed or changed by sending a response that doesn't change the resource
+	// version. In this case the resource field does not need to be populated, which allows for
+	// light-weight "heartbeat" updates to keep a resource with a TTL alive.
+	//
+	// The TTL feature is meant to support configurations that should be removed in the event of
+	// a management server failure. For example, the feature may be used for fault injection
+	// testing where the fault injection should be terminated in the event that Envoy loses contact
+	// with the management server.
+	Ttl *duration.Duration `protobuf:"bytes,6,opt,name=ttl,proto3" json:"ttl,omitempty"`
+	// Cache control properties for the resource.
+	// [#not-implemented-hide:]
+	CacheControl *Resource_CacheControl `protobuf:"bytes,7,opt,name=cache_control,json=cacheControl,proto3" json:"cache_control,omitempty"`
+}
+
+func (x *Resource) Reset() {
+	*x = Resource{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_service_discovery_v3_discovery_proto_msgTypes[4]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *Resource) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*Resource) ProtoMessage() {}
+
+func (x *Resource) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_service_discovery_v3_discovery_proto_msgTypes[4]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use Resource.ProtoReflect.Descriptor instead.
+func (*Resource) Descriptor() ([]byte, []int) {
+	return file_envoy_service_discovery_v3_discovery_proto_rawDescGZIP(), []int{4}
+}
+
+func (x *Resource) GetName() string {
+	if x != nil {
+		return x.Name
+	}
+	return ""
+}
+
+func (x *Resource) GetAliases() []string {
+	if x != nil {
+		return x.Aliases
+	}
+	return nil
+}
+
+func (x *Resource) GetVersion() string {
+	if x != nil {
+		return x.Version
+	}
+	return ""
+}
+
+func (x *Resource) GetResource() *any.Any {
+	if x != nil {
+		return x.Resource
+	}
+	return nil
+}
+
+func (x *Resource) GetTtl() *duration.Duration {
+	if x != nil {
+		return x.Ttl
+	}
+	return nil
+}
+
+func (x *Resource) GetCacheControl() *Resource_CacheControl {
+	if x != nil {
+		return x.CacheControl
+	}
+	return nil
+}
+
+// Cache control properties for the resource.
+// [#not-implemented-hide:]
+type Resource_CacheControl struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// If true, xDS proxies may not cache this resource.
+	// Note that this does not apply to clients other than xDS proxies, which must cache resources
+	// for their own use, regardless of the value of this field.
+	DoNotCache bool `protobuf:"varint,1,opt,name=do_not_cache,json=doNotCache,proto3" json:"do_not_cache,omitempty"`
+}
+
+func (x *Resource_CacheControl) Reset() {
+	*x = Resource_CacheControl{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_service_discovery_v3_discovery_proto_msgTypes[6]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *Resource_CacheControl) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*Resource_CacheControl) ProtoMessage() {}
+
+func (x *Resource_CacheControl) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_service_discovery_v3_discovery_proto_msgTypes[6]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use Resource_CacheControl.ProtoReflect.Descriptor instead.
+func (*Resource_CacheControl) Descriptor() ([]byte, []int) {
+	return file_envoy_service_discovery_v3_discovery_proto_rawDescGZIP(), []int{4, 0}
+}
+
+func (x *Resource_CacheControl) GetDoNotCache() bool {
+	if x != nil {
+		return x.DoNotCache
+	}
+	return false
+}
+
+var File_envoy_service_discovery_v3_discovery_proto protoreflect.FileDescriptor
+
+var file_envoy_service_discovery_v3_discovery_proto_rawDesc = []byte{
+	0x0a, 0x2a, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2f, 0x73, 0x65, 0x72, 0x76, 0x69, 0x63, 0x65, 0x2f,
+	0x64, 0x69, 0x73, 0x63, 0x6f, 0x76, 0x65, 0x72, 0x79, 0x2f, 0x76, 0x33, 0x2f, 0x64, 0x69, 0x73,
+	0x63, 0x6f, 0x76, 0x65, 0x72, 0x79, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x12, 0x1a, 0x65, 0x6e,
+	0x76, 0x6f, 0x79, 0x2e, 0x73, 0x65, 0x72, 0x76, 0x69, 0x63, 0x65, 0x2e, 0x64, 0x69, 0x73, 0x63,
+	0x6f, 0x76, 0x65, 0x72, 0x79, 0x2e, 0x76, 0x33, 0x1a, 0x1f, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2f,
+	0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2f, 0x63, 0x6f, 0x72, 0x65, 0x2f, 0x76, 0x33, 0x2f, 0x62,
+	0x61, 0x73, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x19, 0x67, 0x6f, 0x6f, 0x67, 0x6c,
+	0x65, 0x2f, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2f, 0x61, 0x6e, 0x79, 0x2e, 0x70,
+	0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x1e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2f, 0x70, 0x72, 0x6f,
+	0x74, 0x6f, 0x62, 0x75, 0x66, 0x2f, 0x64, 0x75, 0x72, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x2e, 0x70,
+	0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x17, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2f, 0x72, 0x70, 0x63,
+	0x2f, 0x73, 0x74, 0x61, 0x74, 0x75, 0x73, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x1d, 0x75,
+	0x64, 0x70, 0x61, 0x2f, 0x61, 0x6e, 0x6e, 0x6f, 0x74, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x2f,
+	0x73, 0x74, 0x61, 0x74, 0x75, 0x73, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x21, 0x75, 0x64,
+	0x70, 0x61, 0x2f, 0x61, 0x6e, 0x6e, 0x6f, 0x74, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x2f, 0x76,
+	0x65, 0x72, 0x73, 0x69, 0x6f, 0x6e, 0x69, 0x6e, 0x67, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x22,
+	0xab, 0x02, 0x0a, 0x10, 0x44, 0x69, 0x73, 0x63, 0x6f, 0x76, 0x65, 0x72, 0x79, 0x52, 0x65, 0x71,
+	0x75, 0x65, 0x73, 0x74, 0x12, 0x21, 0x0a, 0x0c, 0x76, 0x65, 0x72, 0x73, 0x69, 0x6f, 0x6e, 0x5f,
+	0x69, 0x6e, 0x66, 0x6f, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x0b, 0x76, 0x65, 0x72, 0x73,
+	0x69, 0x6f, 0x6e, 0x49, 0x6e, 0x66, 0x6f, 0x12, 0x2e, 0x0a, 0x04, 0x6e, 0x6f, 0x64, 0x65, 0x18,
+	0x02, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1a, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f,
+	0x6e, 0x66, 0x69, 0x67, 0x2e, 0x63, 0x6f, 0x72, 0x65, 0x2e, 0x76, 0x33, 0x2e, 0x4e, 0x6f, 0x64,
+	0x65, 0x52, 0x04, 0x6e, 0x6f, 0x64, 0x65, 0x12, 0x25, 0x0a, 0x0e, 0x72, 0x65, 0x73, 0x6f, 0x75,
+	0x72, 0x63, 0x65, 0x5f, 0x6e, 0x61, 0x6d, 0x65, 0x73, 0x18, 0x03, 0x20, 0x03, 0x28, 0x09, 0x52,
+	0x0d, 0x72, 0x65, 0x73, 0x6f, 0x75, 0x72, 0x63, 0x65, 0x4e, 0x61, 0x6d, 0x65, 0x73, 0x12, 0x19,
+	0x0a, 0x08, 0x74, 0x79, 0x70, 0x65, 0x5f, 0x75, 0x72, 0x6c, 0x18, 0x04, 0x20, 0x01, 0x28, 0x09,
+	0x52, 0x07, 0x74, 0x79, 0x70, 0x65, 0x55, 0x72, 0x6c, 0x12, 0x25, 0x0a, 0x0e, 0x72, 0x65, 0x73,
+	0x70, 0x6f, 0x6e, 0x73, 0x65, 0x5f, 0x6e, 0x6f, 0x6e, 0x63, 0x65, 0x18, 0x05, 0x20, 0x01, 0x28,
+	0x09, 0x52, 0x0d, 0x72, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x4e, 0x6f, 0x6e, 0x63, 0x65,
+	0x12, 0x35, 0x0a, 0x0c, 0x65, 0x72, 0x72, 0x6f, 0x72, 0x5f, 0x64, 0x65, 0x74, 0x61, 0x69, 0x6c,
+	0x18, 0x06, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x12, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e,
+	0x72, 0x70, 0x63, 0x2e, 0x53, 0x74, 0x61, 0x74, 0x75, 0x73, 0x52, 0x0b, 0x65, 0x72, 0x72, 0x6f,
+	0x72, 0x44, 0x65, 0x74, 0x61, 0x69, 0x6c, 0x3a, 0x24, 0x9a, 0xc5, 0x88, 0x1e, 0x1f, 0x0a, 0x1d,
+	0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x76, 0x32, 0x2e, 0x44, 0x69, 0x73,
+	0x63, 0x6f, 0x76, 0x65, 0x72, 0x79, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x22, 0xa3, 0x02,
+	0x0a, 0x11, 0x44, 0x69, 0x73, 0x63, 0x6f, 0x76, 0x65, 0x72, 0x79, 0x52, 0x65, 0x73, 0x70, 0x6f,
+	0x6e, 0x73, 0x65, 0x12, 0x21, 0x0a, 0x0c, 0x76, 0x65, 0x72, 0x73, 0x69, 0x6f, 0x6e, 0x5f, 0x69,
+	0x6e, 0x66, 0x6f, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x0b, 0x76, 0x65, 0x72, 0x73, 0x69,
+	0x6f, 0x6e, 0x49, 0x6e, 0x66, 0x6f, 0x12, 0x32, 0x0a, 0x09, 0x72, 0x65, 0x73, 0x6f, 0x75, 0x72,
+	0x63, 0x65, 0x73, 0x18, 0x02, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x14, 0x2e, 0x67, 0x6f, 0x6f, 0x67,
+	0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x41, 0x6e, 0x79, 0x52,
+	0x09, 0x72, 0x65, 0x73, 0x6f, 0x75, 0x72, 0x63, 0x65, 0x73, 0x12, 0x16, 0x0a, 0x06, 0x63, 0x61,
+	0x6e, 0x61, 0x72, 0x79, 0x18, 0x03, 0x20, 0x01, 0x28, 0x08, 0x52, 0x06, 0x63, 0x61, 0x6e, 0x61,
+	0x72, 0x79, 0x12, 0x19, 0x0a, 0x08, 0x74, 0x79, 0x70, 0x65, 0x5f, 0x75, 0x72, 0x6c, 0x18, 0x04,
+	0x20, 0x01, 0x28, 0x09, 0x52, 0x07, 0x74, 0x79, 0x70, 0x65, 0x55, 0x72, 0x6c, 0x12, 0x14, 0x0a,
+	0x05, 0x6e, 0x6f, 0x6e, 0x63, 0x65, 0x18, 0x05, 0x20, 0x01, 0x28, 0x09, 0x52, 0x05, 0x6e, 0x6f,
+	0x6e, 0x63, 0x65, 0x12, 0x47, 0x0a, 0x0d, 0x63, 0x6f, 0x6e, 0x74, 0x72, 0x6f, 0x6c, 0x5f, 0x70,
+	0x6c, 0x61, 0x6e, 0x65, 0x18, 0x06, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x22, 0x2e, 0x65, 0x6e, 0x76,
+	0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x63, 0x6f, 0x72, 0x65, 0x2e, 0x76,
+	0x33, 0x2e, 0x43, 0x6f, 0x6e, 0x74, 0x72, 0x6f, 0x6c, 0x50, 0x6c, 0x61, 0x6e, 0x65, 0x52, 0x0c,
+	0x63, 0x6f, 0x6e, 0x74, 0x72, 0x6f, 0x6c, 0x50, 0x6c, 0x61, 0x6e, 0x65, 0x3a, 0x25, 0x9a, 0xc5,
+	0x88, 0x1e, 0x20, 0x0a, 0x1e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x76,
+	0x32, 0x2e, 0x44, 0x69, 0x73, 0x63, 0x6f, 0x76, 0x65, 0x72, 0x79, 0x52, 0x65, 0x73, 0x70, 0x6f,
+	0x6e, 0x73, 0x65, 0x22, 0xbc, 0x04, 0x0a, 0x15, 0x44, 0x65, 0x6c, 0x74, 0x61, 0x44, 0x69, 0x73,
+	0x63, 0x6f, 0x76, 0x65, 0x72, 0x79, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x12, 0x2e, 0x0a,
+	0x04, 0x6e, 0x6f, 0x64, 0x65, 0x18, 0x01, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1a, 0x2e, 0x65, 0x6e,
+	0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x63, 0x6f, 0x72, 0x65, 0x2e,
+	0x76, 0x33, 0x2e, 0x4e, 0x6f, 0x64, 0x65, 0x52, 0x04, 0x6e, 0x6f, 0x64, 0x65, 0x12, 0x19, 0x0a,
+	0x08, 0x74, 0x79, 0x70, 0x65, 0x5f, 0x75, 0x72, 0x6c, 0x18, 0x02, 0x20, 0x01, 0x28, 0x09, 0x52,
+	0x07, 0x74, 0x79, 0x70, 0x65, 0x55, 0x72, 0x6c, 0x12, 0x38, 0x0a, 0x18, 0x72, 0x65, 0x73, 0x6f,
+	0x75, 0x72, 0x63, 0x65, 0x5f, 0x6e, 0x61, 0x6d, 0x65, 0x73, 0x5f, 0x73, 0x75, 0x62, 0x73, 0x63,
+	0x72, 0x69, 0x62, 0x65, 0x18, 0x03, 0x20, 0x03, 0x28, 0x09, 0x52, 0x16, 0x72, 0x65, 0x73, 0x6f,
+	0x75, 0x72, 0x63, 0x65, 0x4e, 0x61, 0x6d, 0x65, 0x73, 0x53, 0x75, 0x62, 0x73, 0x63, 0x72, 0x69,
+	0x62, 0x65, 0x12, 0x3c, 0x0a, 0x1a, 0x72, 0x65, 0x73, 0x6f, 0x75, 0x72, 0x63, 0x65, 0x5f, 0x6e,
+	0x61, 0x6d, 0x65, 0x73, 0x5f, 0x75, 0x6e, 0x73, 0x75, 0x62, 0x73, 0x63, 0x72, 0x69, 0x62, 0x65,
+	0x18, 0x04, 0x20, 0x03, 0x28, 0x09, 0x52, 0x18, 0x72, 0x65, 0x73, 0x6f, 0x75, 0x72, 0x63, 0x65,
+	0x4e, 0x61, 0x6d, 0x65, 0x73, 0x55, 0x6e, 0x73, 0x75, 0x62, 0x73, 0x63, 0x72, 0x69, 0x62, 0x65,
+	0x12, 0x8a, 0x01, 0x0a, 0x19, 0x69, 0x6e, 0x69, 0x74, 0x69, 0x61, 0x6c, 0x5f, 0x72, 0x65, 0x73,
+	0x6f, 0x75, 0x72, 0x63, 0x65, 0x5f, 0x76, 0x65, 0x72, 0x73, 0x69, 0x6f, 0x6e, 0x73, 0x18, 0x05,
+	0x20, 0x03, 0x28, 0x0b, 0x32, 0x4e, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x73, 0x65, 0x72,
+	0x76, 0x69, 0x63, 0x65, 0x2e, 0x64, 0x69, 0x73, 0x63, 0x6f, 0x76, 0x65, 0x72, 0x79, 0x2e, 0x76,
+	0x33, 0x2e, 0x44, 0x65, 0x6c, 0x74, 0x61, 0x44, 0x69, 0x73, 0x63, 0x6f, 0x76, 0x65, 0x72, 0x79,
+	0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x2e, 0x49, 0x6e, 0x69, 0x74, 0x69, 0x61, 0x6c, 0x52,
+	0x65, 0x73, 0x6f, 0x75, 0x72, 0x63, 0x65, 0x56, 0x65, 0x72, 0x73, 0x69, 0x6f, 0x6e, 0x73, 0x45,
+	0x6e, 0x74, 0x72, 0x79, 0x52, 0x17, 0x69, 0x6e, 0x69, 0x74, 0x69, 0x61, 0x6c, 0x52, 0x65, 0x73,
+	0x6f, 0x75, 0x72, 0x63, 0x65, 0x56, 0x65, 0x72, 0x73, 0x69, 0x6f, 0x6e, 0x73, 0x12, 0x25, 0x0a,
+	0x0e, 0x72, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x5f, 0x6e, 0x6f, 0x6e, 0x63, 0x65, 0x18,
+	0x06, 0x20, 0x01, 0x28, 0x09, 0x52, 0x0d, 0x72, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x4e,
+	0x6f, 0x6e, 0x63, 0x65, 0x12, 0x35, 0x0a, 0x0c, 0x65, 0x72, 0x72, 0x6f, 0x72, 0x5f, 0x64, 0x65,
+	0x74, 0x61, 0x69, 0x6c, 0x18, 0x07, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x12, 0x2e, 0x67, 0x6f, 0x6f,
+	0x67, 0x6c, 0x65, 0x2e, 0x72, 0x70, 0x63, 0x2e, 0x53, 0x74, 0x61, 0x74, 0x75, 0x73, 0x52, 0x0b,
+	0x65, 0x72, 0x72, 0x6f, 0x72, 0x44, 0x65, 0x74, 0x61, 0x69, 0x6c, 0x1a, 0x4a, 0x0a, 0x1c, 0x49,
+	0x6e, 0x69, 0x74, 0x69, 0x61, 0x6c, 0x52, 0x65, 0x73, 0x6f, 0x75, 0x72, 0x63, 0x65, 0x56, 0x65,
+	0x72, 0x73, 0x69, 0x6f, 0x6e, 0x73, 0x45, 0x6e, 0x74, 0x72, 0x79, 0x12, 0x10, 0x0a, 0x03, 0x6b,
+	0x65, 0x79, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x03, 0x6b, 0x65, 0x79, 0x12, 0x14, 0x0a,
+	0x05, 0x76, 0x61, 0x6c, 0x75, 0x65, 0x18, 0x02, 0x20, 0x01, 0x28, 0x09, 0x52, 0x05, 0x76, 0x61,
+	0x6c, 0x75, 0x65, 0x3a, 0x02, 0x38, 0x01, 0x3a, 0x29, 0x9a, 0xc5, 0x88, 0x1e, 0x24, 0x0a, 0x22,
+	0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x76, 0x32, 0x2e, 0x44, 0x65, 0x6c,
+	0x74, 0x61, 0x44, 0x69, 0x73, 0x63, 0x6f, 0x76, 0x65, 0x72, 0x79, 0x52, 0x65, 0x71, 0x75, 0x65,
+	0x73, 0x74, 0x22, 0xdf, 0x02, 0x0a, 0x16, 0x44, 0x65, 0x6c, 0x74, 0x61, 0x44, 0x69, 0x73, 0x63,
+	0x6f, 0x76, 0x65, 0x72, 0x79, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x12, 0x2e, 0x0a,
+	0x13, 0x73, 0x79, 0x73, 0x74, 0x65, 0x6d, 0x5f, 0x76, 0x65, 0x72, 0x73, 0x69, 0x6f, 0x6e, 0x5f,
+	0x69, 0x6e, 0x66, 0x6f, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x11, 0x73, 0x79, 0x73, 0x74,
+	0x65, 0x6d, 0x56, 0x65, 0x72, 0x73, 0x69, 0x6f, 0x6e, 0x49, 0x6e, 0x66, 0x6f, 0x12, 0x42, 0x0a,
+	0x09, 0x72, 0x65, 0x73, 0x6f, 0x75, 0x72, 0x63, 0x65, 0x73, 0x18, 0x02, 0x20, 0x03, 0x28, 0x0b,
+	0x32, 0x24, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x73, 0x65, 0x72, 0x76, 0x69, 0x63, 0x65,
+	0x2e, 0x64, 0x69, 0x73, 0x63, 0x6f, 0x76, 0x65, 0x72, 0x79, 0x2e, 0x76, 0x33, 0x2e, 0x52, 0x65,
+	0x73, 0x6f, 0x75, 0x72, 0x63, 0x65, 0x52, 0x09, 0x72, 0x65, 0x73, 0x6f, 0x75, 0x72, 0x63, 0x65,
+	0x73, 0x12, 0x19, 0x0a, 0x08, 0x74, 0x79, 0x70, 0x65, 0x5f, 0x75, 0x72, 0x6c, 0x18, 0x04, 0x20,
+	0x01, 0x28, 0x09, 0x52, 0x07, 0x74, 0x79, 0x70, 0x65, 0x55, 0x72, 0x6c, 0x12, 0x2b, 0x0a, 0x11,
+	0x72, 0x65, 0x6d, 0x6f, 0x76, 0x65, 0x64, 0x5f, 0x72, 0x65, 0x73, 0x6f, 0x75, 0x72, 0x63, 0x65,
+	0x73, 0x18, 0x06, 0x20, 0x03, 0x28, 0x09, 0x52, 0x10, 0x72, 0x65, 0x6d, 0x6f, 0x76, 0x65, 0x64,
+	0x52, 0x65, 0x73, 0x6f, 0x75, 0x72, 0x63, 0x65, 0x73, 0x12, 0x14, 0x0a, 0x05, 0x6e, 0x6f, 0x6e,
+	0x63, 0x65, 0x18, 0x05, 0x20, 0x01, 0x28, 0x09, 0x52, 0x05, 0x6e, 0x6f, 0x6e, 0x63, 0x65, 0x12,
+	0x47, 0x0a, 0x0d, 0x63, 0x6f, 0x6e, 0x74, 0x72, 0x6f, 0x6c, 0x5f, 0x70, 0x6c, 0x61, 0x6e, 0x65,
+	0x18, 0x07, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x22, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63,
+	0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x63, 0x6f, 0x72, 0x65, 0x2e, 0x76, 0x33, 0x2e, 0x43, 0x6f,
+	0x6e, 0x74, 0x72, 0x6f, 0x6c, 0x50, 0x6c, 0x61, 0x6e, 0x65, 0x52, 0x0c, 0x63, 0x6f, 0x6e, 0x74,
+	0x72, 0x6f, 0x6c, 0x50, 0x6c, 0x61, 0x6e, 0x65, 0x3a, 0x2a, 0x9a, 0xc5, 0x88, 0x1e, 0x25, 0x0a,
+	0x23, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x76, 0x32, 0x2e, 0x44, 0x65,
+	0x6c, 0x74, 0x61, 0x44, 0x69, 0x73, 0x63, 0x6f, 0x76, 0x65, 0x72, 0x79, 0x52, 0x65, 0x73, 0x70,
+	0x6f, 0x6e, 0x73, 0x65, 0x22, 0xd9, 0x02, 0x0a, 0x08, 0x52, 0x65, 0x73, 0x6f, 0x75, 0x72, 0x63,
+	0x65, 0x12, 0x12, 0x0a, 0x04, 0x6e, 0x61, 0x6d, 0x65, 0x18, 0x03, 0x20, 0x01, 0x28, 0x09, 0x52,
+	0x04, 0x6e, 0x61, 0x6d, 0x65, 0x12, 0x18, 0x0a, 0x07, 0x61, 0x6c, 0x69, 0x61, 0x73, 0x65, 0x73,
+	0x18, 0x04, 0x20, 0x03, 0x28, 0x09, 0x52, 0x07, 0x61, 0x6c, 0x69, 0x61, 0x73, 0x65, 0x73, 0x12,
+	0x18, 0x0a, 0x07, 0x76, 0x65, 0x72, 0x73, 0x69, 0x6f, 0x6e, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09,
+	0x52, 0x07, 0x76, 0x65, 0x72, 0x73, 0x69, 0x6f, 0x6e, 0x12, 0x30, 0x0a, 0x08, 0x72, 0x65, 0x73,
+	0x6f, 0x75, 0x72, 0x63, 0x65, 0x18, 0x02, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x14, 0x2e, 0x67, 0x6f,
+	0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x41, 0x6e,
+	0x79, 0x52, 0x08, 0x72, 0x65, 0x73, 0x6f, 0x75, 0x72, 0x63, 0x65, 0x12, 0x2b, 0x0a, 0x03, 0x74,
+	0x74, 0x6c, 0x18, 0x06, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x19, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c,
+	0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x44, 0x75, 0x72, 0x61, 0x74,
+	0x69, 0x6f, 0x6e, 0x52, 0x03, 0x74, 0x74, 0x6c, 0x12, 0x56, 0x0a, 0x0d, 0x63, 0x61, 0x63, 0x68,
+	0x65, 0x5f, 0x63, 0x6f, 0x6e, 0x74, 0x72, 0x6f, 0x6c, 0x18, 0x07, 0x20, 0x01, 0x28, 0x0b, 0x32,
+	0x31, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x73, 0x65, 0x72, 0x76, 0x69, 0x63, 0x65, 0x2e,
+	0x64, 0x69, 0x73, 0x63, 0x6f, 0x76, 0x65, 0x72, 0x79, 0x2e, 0x76, 0x33, 0x2e, 0x52, 0x65, 0x73,
+	0x6f, 0x75, 0x72, 0x63, 0x65, 0x2e, 0x43, 0x61, 0x63, 0x68, 0x65, 0x43, 0x6f, 0x6e, 0x74, 0x72,
+	0x6f, 0x6c, 0x52, 0x0c, 0x63, 0x61, 0x63, 0x68, 0x65, 0x43, 0x6f, 0x6e, 0x74, 0x72, 0x6f, 0x6c,
+	0x1a, 0x30, 0x0a, 0x0c, 0x43, 0x61, 0x63, 0x68, 0x65, 0x43, 0x6f, 0x6e, 0x74, 0x72, 0x6f, 0x6c,
+	0x12, 0x20, 0x0a, 0x0c, 0x64, 0x6f, 0x5f, 0x6e, 0x6f, 0x74, 0x5f, 0x63, 0x61, 0x63, 0x68, 0x65,
+	0x18, 0x01, 0x20, 0x01, 0x28, 0x08, 0x52, 0x0a, 0x64, 0x6f, 0x4e, 0x6f, 0x74, 0x43, 0x61, 0x63,
+	0x68, 0x65, 0x3a, 0x1c, 0x9a, 0xc5, 0x88, 0x1e, 0x17, 0x0a, 0x15, 0x65, 0x6e, 0x76, 0x6f, 0x79,
+	0x2e, 0x61, 0x70, 0x69, 0x2e, 0x76, 0x32, 0x2e, 0x52, 0x65, 0x73, 0x6f, 0x75, 0x72, 0x63, 0x65,
+	0x42, 0x44, 0x0a, 0x28, 0x69, 0x6f, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x70, 0x72, 0x6f, 0x78,
+	0x79, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x73, 0x65, 0x72, 0x76, 0x69, 0x63, 0x65, 0x2e,
+	0x64, 0x69, 0x73, 0x63, 0x6f, 0x76, 0x65, 0x72, 0x79, 0x2e, 0x76, 0x33, 0x42, 0x0e, 0x44, 0x69,
+	0x73, 0x63, 0x6f, 0x76, 0x65, 0x72, 0x79, 0x50, 0x72, 0x6f, 0x74, 0x6f, 0x50, 0x01, 0xba, 0x80,
+	0xc8, 0xd1, 0x06, 0x02, 0x10, 0x02, 0x62, 0x06, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x33,
+}
+
+var (
+	file_envoy_service_discovery_v3_discovery_proto_rawDescOnce sync.Once
+	file_envoy_service_discovery_v3_discovery_proto_rawDescData = file_envoy_service_discovery_v3_discovery_proto_rawDesc
+)
+
+func file_envoy_service_discovery_v3_discovery_proto_rawDescGZIP() []byte {
+	file_envoy_service_discovery_v3_discovery_proto_rawDescOnce.Do(func() {
+		file_envoy_service_discovery_v3_discovery_proto_rawDescData = protoimpl.X.CompressGZIP(file_envoy_service_discovery_v3_discovery_proto_rawDescData)
+	})
+	return file_envoy_service_discovery_v3_discovery_proto_rawDescData
+}
+
+var file_envoy_service_discovery_v3_discovery_proto_msgTypes = make([]protoimpl.MessageInfo, 7)
+var file_envoy_service_discovery_v3_discovery_proto_goTypes = []interface{}{
+	(*DiscoveryRequest)(nil),       // 0: envoy.service.discovery.v3.DiscoveryRequest
+	(*DiscoveryResponse)(nil),      // 1: envoy.service.discovery.v3.DiscoveryResponse
+	(*DeltaDiscoveryRequest)(nil),  // 2: envoy.service.discovery.v3.DeltaDiscoveryRequest
+	(*DeltaDiscoveryResponse)(nil), // 3: envoy.service.discovery.v3.DeltaDiscoveryResponse
+	(*Resource)(nil),               // 4: envoy.service.discovery.v3.Resource
+	nil,                            // 5: envoy.service.discovery.v3.DeltaDiscoveryRequest.InitialResourceVersionsEntry
+	(*Resource_CacheControl)(nil),  // 6: envoy.service.discovery.v3.Resource.CacheControl
+	(*v3.Node)(nil),                // 7: envoy.config.core.v3.Node
+	(*status.Status)(nil),          // 8: google.rpc.Status
+	(*any.Any)(nil),                // 9: google.protobuf.Any
+	(*v3.ControlPlane)(nil),        // 10: envoy.config.core.v3.ControlPlane
+	(*duration.Duration)(nil),      // 11: google.protobuf.Duration
+}
+var file_envoy_service_discovery_v3_discovery_proto_depIdxs = []int32{
+	7,  // 0: envoy.service.discovery.v3.DiscoveryRequest.node:type_name -> envoy.config.core.v3.Node
+	8,  // 1: envoy.service.discovery.v3.DiscoveryRequest.error_detail:type_name -> google.rpc.Status
+	9,  // 2: envoy.service.discovery.v3.DiscoveryResponse.resources:type_name -> google.protobuf.Any
+	10, // 3: envoy.service.discovery.v3.DiscoveryResponse.control_plane:type_name -> envoy.config.core.v3.ControlPlane
+	7,  // 4: envoy.service.discovery.v3.DeltaDiscoveryRequest.node:type_name -> envoy.config.core.v3.Node
+	5,  // 5: envoy.service.discovery.v3.DeltaDiscoveryRequest.initial_resource_versions:type_name -> envoy.service.discovery.v3.DeltaDiscoveryRequest.InitialResourceVersionsEntry
+	8,  // 6: envoy.service.discovery.v3.DeltaDiscoveryRequest.error_detail:type_name -> google.rpc.Status
+	4,  // 7: envoy.service.discovery.v3.DeltaDiscoveryResponse.resources:type_name -> envoy.service.discovery.v3.Resource
+	10, // 8: envoy.service.discovery.v3.DeltaDiscoveryResponse.control_plane:type_name -> envoy.config.core.v3.ControlPlane
+	9,  // 9: envoy.service.discovery.v3.Resource.resource:type_name -> google.protobuf.Any
+	11, // 10: envoy.service.discovery.v3.Resource.ttl:type_name -> google.protobuf.Duration
+	6,  // 11: envoy.service.discovery.v3.Resource.cache_control:type_name -> envoy.service.discovery.v3.Resource.CacheControl
+	12, // [12:12] is the sub-list for method output_type
+	12, // [12:12] is the sub-list for method input_type
+	12, // [12:12] is the sub-list for extension type_name
+	12, // [12:12] is the sub-list for extension extendee
+	0,  // [0:12] is the sub-list for field type_name
+}
+
+func init() { file_envoy_service_discovery_v3_discovery_proto_init() }
+func file_envoy_service_discovery_v3_discovery_proto_init() {
+	if File_envoy_service_discovery_v3_discovery_proto != nil {
+		return
+	}
+	if !protoimpl.UnsafeEnabled {
+		file_envoy_service_discovery_v3_discovery_proto_msgTypes[0].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*DiscoveryRequest); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_service_discovery_v3_discovery_proto_msgTypes[1].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*DiscoveryResponse); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_service_discovery_v3_discovery_proto_msgTypes[2].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*DeltaDiscoveryRequest); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_service_discovery_v3_discovery_proto_msgTypes[3].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*DeltaDiscoveryResponse); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_service_discovery_v3_discovery_proto_msgTypes[4].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*Resource); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_service_discovery_v3_discovery_proto_msgTypes[6].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*Resource_CacheControl); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+	}
+	type x struct{}
+	out := protoimpl.TypeBuilder{
+		File: protoimpl.DescBuilder{
+			GoPackagePath: reflect.TypeOf(x{}).PkgPath(),
+			RawDescriptor: file_envoy_service_discovery_v3_discovery_proto_rawDesc,
+			NumEnums:      0,
+			NumMessages:   7,
+			NumExtensions: 0,
+			NumServices:   0,
+		},
+		GoTypes:           file_envoy_service_discovery_v3_discovery_proto_goTypes,
+		DependencyIndexes: file_envoy_service_discovery_v3_discovery_proto_depIdxs,
+		MessageInfos:      file_envoy_service_discovery_v3_discovery_proto_msgTypes,
+	}.Build()
+	File_envoy_service_discovery_v3_discovery_proto = out.File
+	file_envoy_service_discovery_v3_discovery_proto_rawDesc = nil
+	file_envoy_service_discovery_v3_discovery_proto_goTypes = nil
+	file_envoy_service_discovery_v3_discovery_proto_depIdxs = nil
+}
diff --git a/vendor/github.com/envoyproxy/go-control-plane/envoy/service/discovery/v3/discovery.pb.validate.go b/vendor/github.com/envoyproxy/go-control-plane/envoy/service/discovery/v3/discovery.pb.validate.go
new file mode 100644
index 00000000000..ec359a966c1
--- /dev/null
+++ b/vendor/github.com/envoyproxy/go-control-plane/envoy/service/discovery/v3/discovery.pb.validate.go
@@ -0,0 +1,998 @@
+// Code generated by protoc-gen-validate. DO NOT EDIT.
+// source: envoy/service/discovery/v3/discovery.proto
+
+package envoy_service_discovery_v3
+
+import (
+	"bytes"
+	"errors"
+	"fmt"
+	"net"
+	"net/mail"
+	"net/url"
+	"regexp"
+	"sort"
+	"strings"
+	"time"
+	"unicode/utf8"
+
+	"google.golang.org/protobuf/types/known/anypb"
+)
+
+// ensure the imports are used
+var (
+	_ = bytes.MinRead
+	_ = errors.New("")
+	_ = fmt.Print
+	_ = utf8.UTFMax
+	_ = (*regexp.Regexp)(nil)
+	_ = (*strings.Reader)(nil)
+	_ = net.IPv4len
+	_ = time.Duration(0)
+	_ = (*url.URL)(nil)
+	_ = (*mail.Address)(nil)
+	_ = anypb.Any{}
+	_ = sort.Sort
+)
+
+// Validate checks the field values on DiscoveryRequest with the rules defined
+// in the proto definition for this message. If any rules are violated, the
+// first error encountered is returned, or nil if there are no violations.
+func (m *DiscoveryRequest) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on DiscoveryRequest with the rules
+// defined in the proto definition for this message. If any rules are
+// violated, the result is a list of violation errors wrapped in
+// DiscoveryRequestMultiError, or nil if none found.
+func (m *DiscoveryRequest) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *DiscoveryRequest) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	// no validation rules for VersionInfo
+
+	if all {
+		switch v := interface{}(m.GetNode()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, DiscoveryRequestValidationError{
+					field:  "Node",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, DiscoveryRequestValidationError{
+					field:  "Node",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetNode()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return DiscoveryRequestValidationError{
+				field:  "Node",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	// no validation rules for TypeUrl
+
+	// no validation rules for ResponseNonce
+
+	if all {
+		switch v := interface{}(m.GetErrorDetail()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, DiscoveryRequestValidationError{
+					field:  "ErrorDetail",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, DiscoveryRequestValidationError{
+					field:  "ErrorDetail",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetErrorDetail()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return DiscoveryRequestValidationError{
+				field:  "ErrorDetail",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if len(errors) > 0 {
+		return DiscoveryRequestMultiError(errors)
+	}
+	return nil
+}
+
+// DiscoveryRequestMultiError is an error wrapping multiple validation errors
+// returned by DiscoveryRequest.ValidateAll() if the designated constraints
+// aren't met.
+type DiscoveryRequestMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m DiscoveryRequestMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m DiscoveryRequestMultiError) AllErrors() []error { return m }
+
+// DiscoveryRequestValidationError is the validation error returned by
+// DiscoveryRequest.Validate if the designated constraints aren't met.
+type DiscoveryRequestValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e DiscoveryRequestValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e DiscoveryRequestValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e DiscoveryRequestValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e DiscoveryRequestValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e DiscoveryRequestValidationError) ErrorName() string { return "DiscoveryRequestValidationError" }
+
+// Error satisfies the builtin error interface
+func (e DiscoveryRequestValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sDiscoveryRequest.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = DiscoveryRequestValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = DiscoveryRequestValidationError{}
+
+// Validate checks the field values on DiscoveryResponse with the rules defined
+// in the proto definition for this message. If any rules are violated, the
+// first error encountered is returned, or nil if there are no violations.
+func (m *DiscoveryResponse) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on DiscoveryResponse with the rules
+// defined in the proto definition for this message. If any rules are
+// violated, the result is a list of violation errors wrapped in
+// DiscoveryResponseMultiError, or nil if none found.
+func (m *DiscoveryResponse) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *DiscoveryResponse) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	// no validation rules for VersionInfo
+
+	for idx, item := range m.GetResources() {
+		_, _ = idx, item
+
+		if all {
+			switch v := interface{}(item).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, DiscoveryResponseValidationError{
+						field:  fmt.Sprintf("Resources[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, DiscoveryResponseValidationError{
+						field:  fmt.Sprintf("Resources[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(item).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return DiscoveryResponseValidationError{
+					field:  fmt.Sprintf("Resources[%v]", idx),
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	}
+
+	// no validation rules for Canary
+
+	// no validation rules for TypeUrl
+
+	// no validation rules for Nonce
+
+	if all {
+		switch v := interface{}(m.GetControlPlane()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, DiscoveryResponseValidationError{
+					field:  "ControlPlane",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, DiscoveryResponseValidationError{
+					field:  "ControlPlane",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetControlPlane()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return DiscoveryResponseValidationError{
+				field:  "ControlPlane",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if len(errors) > 0 {
+		return DiscoveryResponseMultiError(errors)
+	}
+	return nil
+}
+
+// DiscoveryResponseMultiError is an error wrapping multiple validation errors
+// returned by DiscoveryResponse.ValidateAll() if the designated constraints
+// aren't met.
+type DiscoveryResponseMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m DiscoveryResponseMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m DiscoveryResponseMultiError) AllErrors() []error { return m }
+
+// DiscoveryResponseValidationError is the validation error returned by
+// DiscoveryResponse.Validate if the designated constraints aren't met.
+type DiscoveryResponseValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e DiscoveryResponseValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e DiscoveryResponseValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e DiscoveryResponseValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e DiscoveryResponseValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e DiscoveryResponseValidationError) ErrorName() string {
+	return "DiscoveryResponseValidationError"
+}
+
+// Error satisfies the builtin error interface
+func (e DiscoveryResponseValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sDiscoveryResponse.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = DiscoveryResponseValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = DiscoveryResponseValidationError{}
+
+// Validate checks the field values on DeltaDiscoveryRequest with the rules
+// defined in the proto definition for this message. If any rules are
+// violated, the first error encountered is returned, or nil if there are no violations.
+func (m *DeltaDiscoveryRequest) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on DeltaDiscoveryRequest with the rules
+// defined in the proto definition for this message. If any rules are
+// violated, the result is a list of violation errors wrapped in
+// DeltaDiscoveryRequestMultiError, or nil if none found.
+func (m *DeltaDiscoveryRequest) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *DeltaDiscoveryRequest) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	if all {
+		switch v := interface{}(m.GetNode()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, DeltaDiscoveryRequestValidationError{
+					field:  "Node",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, DeltaDiscoveryRequestValidationError{
+					field:  "Node",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetNode()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return DeltaDiscoveryRequestValidationError{
+				field:  "Node",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	// no validation rules for TypeUrl
+
+	// no validation rules for InitialResourceVersions
+
+	// no validation rules for ResponseNonce
+
+	if all {
+		switch v := interface{}(m.GetErrorDetail()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, DeltaDiscoveryRequestValidationError{
+					field:  "ErrorDetail",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, DeltaDiscoveryRequestValidationError{
+					field:  "ErrorDetail",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetErrorDetail()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return DeltaDiscoveryRequestValidationError{
+				field:  "ErrorDetail",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if len(errors) > 0 {
+		return DeltaDiscoveryRequestMultiError(errors)
+	}
+	return nil
+}
+
+// DeltaDiscoveryRequestMultiError is an error wrapping multiple validation
+// errors returned by DeltaDiscoveryRequest.ValidateAll() if the designated
+// constraints aren't met.
+type DeltaDiscoveryRequestMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m DeltaDiscoveryRequestMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m DeltaDiscoveryRequestMultiError) AllErrors() []error { return m }
+
+// DeltaDiscoveryRequestValidationError is the validation error returned by
+// DeltaDiscoveryRequest.Validate if the designated constraints aren't met.
+type DeltaDiscoveryRequestValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e DeltaDiscoveryRequestValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e DeltaDiscoveryRequestValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e DeltaDiscoveryRequestValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e DeltaDiscoveryRequestValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e DeltaDiscoveryRequestValidationError) ErrorName() string {
+	return "DeltaDiscoveryRequestValidationError"
+}
+
+// Error satisfies the builtin error interface
+func (e DeltaDiscoveryRequestValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sDeltaDiscoveryRequest.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = DeltaDiscoveryRequestValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = DeltaDiscoveryRequestValidationError{}
+
+// Validate checks the field values on DeltaDiscoveryResponse with the rules
+// defined in the proto definition for this message. If any rules are
+// violated, the first error encountered is returned, or nil if there are no violations.
+func (m *DeltaDiscoveryResponse) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on DeltaDiscoveryResponse with the rules
+// defined in the proto definition for this message. If any rules are
+// violated, the result is a list of violation errors wrapped in
+// DeltaDiscoveryResponseMultiError, or nil if none found.
+func (m *DeltaDiscoveryResponse) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *DeltaDiscoveryResponse) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	// no validation rules for SystemVersionInfo
+
+	for idx, item := range m.GetResources() {
+		_, _ = idx, item
+
+		if all {
+			switch v := interface{}(item).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, DeltaDiscoveryResponseValidationError{
+						field:  fmt.Sprintf("Resources[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, DeltaDiscoveryResponseValidationError{
+						field:  fmt.Sprintf("Resources[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(item).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return DeltaDiscoveryResponseValidationError{
+					field:  fmt.Sprintf("Resources[%v]", idx),
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	}
+
+	// no validation rules for TypeUrl
+
+	// no validation rules for Nonce
+
+	if all {
+		switch v := interface{}(m.GetControlPlane()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, DeltaDiscoveryResponseValidationError{
+					field:  "ControlPlane",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, DeltaDiscoveryResponseValidationError{
+					field:  "ControlPlane",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetControlPlane()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return DeltaDiscoveryResponseValidationError{
+				field:  "ControlPlane",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if len(errors) > 0 {
+		return DeltaDiscoveryResponseMultiError(errors)
+	}
+	return nil
+}
+
+// DeltaDiscoveryResponseMultiError is an error wrapping multiple validation
+// errors returned by DeltaDiscoveryResponse.ValidateAll() if the designated
+// constraints aren't met.
+type DeltaDiscoveryResponseMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m DeltaDiscoveryResponseMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m DeltaDiscoveryResponseMultiError) AllErrors() []error { return m }
+
+// DeltaDiscoveryResponseValidationError is the validation error returned by
+// DeltaDiscoveryResponse.Validate if the designated constraints aren't met.
+type DeltaDiscoveryResponseValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e DeltaDiscoveryResponseValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e DeltaDiscoveryResponseValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e DeltaDiscoveryResponseValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e DeltaDiscoveryResponseValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e DeltaDiscoveryResponseValidationError) ErrorName() string {
+	return "DeltaDiscoveryResponseValidationError"
+}
+
+// Error satisfies the builtin error interface
+func (e DeltaDiscoveryResponseValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sDeltaDiscoveryResponse.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = DeltaDiscoveryResponseValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = DeltaDiscoveryResponseValidationError{}
+
+// Validate checks the field values on Resource with the rules defined in the
+// proto definition for this message. If any rules are violated, the first
+// error encountered is returned, or nil if there are no violations.
+func (m *Resource) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on Resource with the rules defined in
+// the proto definition for this message. If any rules are violated, the
+// result is a list of violation errors wrapped in ResourceMultiError, or nil
+// if none found.
+func (m *Resource) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *Resource) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	// no validation rules for Name
+
+	// no validation rules for Version
+
+	if all {
+		switch v := interface{}(m.GetResource()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, ResourceValidationError{
+					field:  "Resource",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, ResourceValidationError{
+					field:  "Resource",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetResource()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return ResourceValidationError{
+				field:  "Resource",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if all {
+		switch v := interface{}(m.GetTtl()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, ResourceValidationError{
+					field:  "Ttl",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, ResourceValidationError{
+					field:  "Ttl",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetTtl()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return ResourceValidationError{
+				field:  "Ttl",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if all {
+		switch v := interface{}(m.GetCacheControl()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, ResourceValidationError{
+					field:  "CacheControl",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, ResourceValidationError{
+					field:  "CacheControl",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetCacheControl()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return ResourceValidationError{
+				field:  "CacheControl",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if len(errors) > 0 {
+		return ResourceMultiError(errors)
+	}
+	return nil
+}
+
+// ResourceMultiError is an error wrapping multiple validation errors returned
+// by Resource.ValidateAll() if the designated constraints aren't met.
+type ResourceMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m ResourceMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m ResourceMultiError) AllErrors() []error { return m }
+
+// ResourceValidationError is the validation error returned by
+// Resource.Validate if the designated constraints aren't met.
+type ResourceValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e ResourceValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e ResourceValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e ResourceValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e ResourceValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e ResourceValidationError) ErrorName() string { return "ResourceValidationError" }
+
+// Error satisfies the builtin error interface
+func (e ResourceValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sResource.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = ResourceValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = ResourceValidationError{}
+
+// Validate checks the field values on Resource_CacheControl with the rules
+// defined in the proto definition for this message. If any rules are
+// violated, the first error encountered is returned, or nil if there are no violations.
+func (m *Resource_CacheControl) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on Resource_CacheControl with the rules
+// defined in the proto definition for this message. If any rules are
+// violated, the result is a list of violation errors wrapped in
+// Resource_CacheControlMultiError, or nil if none found.
+func (m *Resource_CacheControl) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *Resource_CacheControl) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	// no validation rules for DoNotCache
+
+	if len(errors) > 0 {
+		return Resource_CacheControlMultiError(errors)
+	}
+	return nil
+}
+
+// Resource_CacheControlMultiError is an error wrapping multiple validation
+// errors returned by Resource_CacheControl.ValidateAll() if the designated
+// constraints aren't met.
+type Resource_CacheControlMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m Resource_CacheControlMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m Resource_CacheControlMultiError) AllErrors() []error { return m }
+
+// Resource_CacheControlValidationError is the validation error returned by
+// Resource_CacheControl.Validate if the designated constraints aren't met.
+type Resource_CacheControlValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e Resource_CacheControlValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e Resource_CacheControlValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e Resource_CacheControlValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e Resource_CacheControlValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e Resource_CacheControlValidationError) ErrorName() string {
+	return "Resource_CacheControlValidationError"
+}
+
+// Error satisfies the builtin error interface
+func (e Resource_CacheControlValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sResource_CacheControl.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = Resource_CacheControlValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = Resource_CacheControlValidationError{}
diff --git a/vendor/github.com/envoyproxy/go-control-plane/envoy/service/load_stats/v2/lrs.pb.go b/vendor/github.com/envoyproxy/go-control-plane/envoy/service/load_stats/v2/lrs.pb.go
new file mode 100644
index 00000000000..7e0518b5227
--- /dev/null
+++ b/vendor/github.com/envoyproxy/go-control-plane/envoy/service/load_stats/v2/lrs.pb.go
@@ -0,0 +1,489 @@
+// Code generated by protoc-gen-go. DO NOT EDIT.
+// versions:
+// 	protoc-gen-go v1.25.0
+// 	protoc        v3.19.1
+// source: envoy/service/load_stats/v2/lrs.proto
+
+package envoy_service_load_stats_v2
+
+import (
+	context "context"
+	_ "github.com/cncf/xds/go/udpa/annotations"
+	core "github.com/envoyproxy/go-control-plane/envoy/api/v2/core"
+	endpoint "github.com/envoyproxy/go-control-plane/envoy/api/v2/endpoint"
+	proto "github.com/golang/protobuf/proto"
+	duration "github.com/golang/protobuf/ptypes/duration"
+	grpc "google.golang.org/grpc"
+	codes "google.golang.org/grpc/codes"
+	status "google.golang.org/grpc/status"
+	protoreflect "google.golang.org/protobuf/reflect/protoreflect"
+	protoimpl "google.golang.org/protobuf/runtime/protoimpl"
+	reflect "reflect"
+	sync "sync"
+)
+
+const (
+	// Verify that this generated code is sufficiently up-to-date.
+	_ = protoimpl.EnforceVersion(20 - protoimpl.MinVersion)
+	// Verify that runtime/protoimpl is sufficiently up-to-date.
+	_ = protoimpl.EnforceVersion(protoimpl.MaxVersion - 20)
+)
+
+// This is a compile-time assertion that a sufficiently up-to-date version
+// of the legacy proto package is being used.
+const _ = proto.ProtoPackageIsVersion4
+
+// A load report Envoy sends to the management server.
+// [#not-implemented-hide:] Not configuration. TBD how to doc proto APIs.
+type LoadStatsRequest struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// Node identifier for Envoy instance.
+	Node *core.Node `protobuf:"bytes,1,opt,name=node,proto3" json:"node,omitempty"`
+	// A list of load stats to report.
+	ClusterStats []*endpoint.ClusterStats `protobuf:"bytes,2,rep,name=cluster_stats,json=clusterStats,proto3" json:"cluster_stats,omitempty"`
+}
+
+func (x *LoadStatsRequest) Reset() {
+	*x = LoadStatsRequest{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_service_load_stats_v2_lrs_proto_msgTypes[0]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *LoadStatsRequest) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*LoadStatsRequest) ProtoMessage() {}
+
+func (x *LoadStatsRequest) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_service_load_stats_v2_lrs_proto_msgTypes[0]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use LoadStatsRequest.ProtoReflect.Descriptor instead.
+func (*LoadStatsRequest) Descriptor() ([]byte, []int) {
+	return file_envoy_service_load_stats_v2_lrs_proto_rawDescGZIP(), []int{0}
+}
+
+func (x *LoadStatsRequest) GetNode() *core.Node {
+	if x != nil {
+		return x.Node
+	}
+	return nil
+}
+
+func (x *LoadStatsRequest) GetClusterStats() []*endpoint.ClusterStats {
+	if x != nil {
+		return x.ClusterStats
+	}
+	return nil
+}
+
+// The management server sends envoy a LoadStatsResponse with all clusters it
+// is interested in learning load stats about.
+// [#not-implemented-hide:] Not configuration. TBD how to doc proto APIs.
+type LoadStatsResponse struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// Clusters to report stats for.
+	// Not populated if *send_all_clusters* is true.
+	Clusters []string `protobuf:"bytes,1,rep,name=clusters,proto3" json:"clusters,omitempty"`
+	// If true, the client should send all clusters it knows about.
+	// Only clients that advertise the "envoy.lrs.supports_send_all_clusters" capability in their
+	// :ref:`client_features<envoy_api_field_core.Node.client_features>` field will honor this field.
+	SendAllClusters bool `protobuf:"varint,4,opt,name=send_all_clusters,json=sendAllClusters,proto3" json:"send_all_clusters,omitempty"`
+	// The minimum interval of time to collect stats over. This is only a minimum for two reasons:
+	// 1. There may be some delay from when the timer fires until stats sampling occurs.
+	// 2. For clusters that were already feature in the previous *LoadStatsResponse*, any traffic
+	//    that is observed in between the corresponding previous *LoadStatsRequest* and this
+	//    *LoadStatsResponse* will also be accumulated and billed to the cluster. This avoids a period
+	//    of inobservability that might otherwise exists between the messages. New clusters are not
+	//    subject to this consideration.
+	LoadReportingInterval *duration.Duration `protobuf:"bytes,2,opt,name=load_reporting_interval,json=loadReportingInterval,proto3" json:"load_reporting_interval,omitempty"`
+	// Set to *true* if the management server supports endpoint granularity
+	// report.
+	ReportEndpointGranularity bool `protobuf:"varint,3,opt,name=report_endpoint_granularity,json=reportEndpointGranularity,proto3" json:"report_endpoint_granularity,omitempty"`
+}
+
+func (x *LoadStatsResponse) Reset() {
+	*x = LoadStatsResponse{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_service_load_stats_v2_lrs_proto_msgTypes[1]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *LoadStatsResponse) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*LoadStatsResponse) ProtoMessage() {}
+
+func (x *LoadStatsResponse) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_service_load_stats_v2_lrs_proto_msgTypes[1]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use LoadStatsResponse.ProtoReflect.Descriptor instead.
+func (*LoadStatsResponse) Descriptor() ([]byte, []int) {
+	return file_envoy_service_load_stats_v2_lrs_proto_rawDescGZIP(), []int{1}
+}
+
+func (x *LoadStatsResponse) GetClusters() []string {
+	if x != nil {
+		return x.Clusters
+	}
+	return nil
+}
+
+func (x *LoadStatsResponse) GetSendAllClusters() bool {
+	if x != nil {
+		return x.SendAllClusters
+	}
+	return false
+}
+
+func (x *LoadStatsResponse) GetLoadReportingInterval() *duration.Duration {
+	if x != nil {
+		return x.LoadReportingInterval
+	}
+	return nil
+}
+
+func (x *LoadStatsResponse) GetReportEndpointGranularity() bool {
+	if x != nil {
+		return x.ReportEndpointGranularity
+	}
+	return false
+}
+
+var File_envoy_service_load_stats_v2_lrs_proto protoreflect.FileDescriptor
+
+var file_envoy_service_load_stats_v2_lrs_proto_rawDesc = []byte{
+	0x0a, 0x25, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2f, 0x73, 0x65, 0x72, 0x76, 0x69, 0x63, 0x65, 0x2f,
+	0x6c, 0x6f, 0x61, 0x64, 0x5f, 0x73, 0x74, 0x61, 0x74, 0x73, 0x2f, 0x76, 0x32, 0x2f, 0x6c, 0x72,
+	0x73, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x12, 0x1b, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x73,
+	0x65, 0x72, 0x76, 0x69, 0x63, 0x65, 0x2e, 0x6c, 0x6f, 0x61, 0x64, 0x5f, 0x73, 0x74, 0x61, 0x74,
+	0x73, 0x2e, 0x76, 0x32, 0x1a, 0x1c, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2f, 0x61, 0x70, 0x69, 0x2f,
+	0x76, 0x32, 0x2f, 0x63, 0x6f, 0x72, 0x65, 0x2f, 0x62, 0x61, 0x73, 0x65, 0x2e, 0x70, 0x72, 0x6f,
+	0x74, 0x6f, 0x1a, 0x27, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2f, 0x61, 0x70, 0x69, 0x2f, 0x76, 0x32,
+	0x2f, 0x65, 0x6e, 0x64, 0x70, 0x6f, 0x69, 0x6e, 0x74, 0x2f, 0x6c, 0x6f, 0x61, 0x64, 0x5f, 0x72,
+	0x65, 0x70, 0x6f, 0x72, 0x74, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x1e, 0x67, 0x6f, 0x6f,
+	0x67, 0x6c, 0x65, 0x2f, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2f, 0x64, 0x75, 0x72,
+	0x61, 0x74, 0x69, 0x6f, 0x6e, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x1d, 0x75, 0x64, 0x70,
+	0x61, 0x2f, 0x61, 0x6e, 0x6e, 0x6f, 0x74, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x2f, 0x73, 0x74,
+	0x61, 0x74, 0x75, 0x73, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x22, 0x89, 0x01, 0x0a, 0x10, 0x4c,
+	0x6f, 0x61, 0x64, 0x53, 0x74, 0x61, 0x74, 0x73, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x12,
+	0x2b, 0x0a, 0x04, 0x6e, 0x6f, 0x64, 0x65, 0x18, 0x01, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x17, 0x2e,
+	0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x76, 0x32, 0x2e, 0x63, 0x6f, 0x72,
+	0x65, 0x2e, 0x4e, 0x6f, 0x64, 0x65, 0x52, 0x04, 0x6e, 0x6f, 0x64, 0x65, 0x12, 0x48, 0x0a, 0x0d,
+	0x63, 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0x5f, 0x73, 0x74, 0x61, 0x74, 0x73, 0x18, 0x02, 0x20,
+	0x03, 0x28, 0x0b, 0x32, 0x23, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61, 0x70, 0x69, 0x2e,
+	0x76, 0x32, 0x2e, 0x65, 0x6e, 0x64, 0x70, 0x6f, 0x69, 0x6e, 0x74, 0x2e, 0x43, 0x6c, 0x75, 0x73,
+	0x74, 0x65, 0x72, 0x53, 0x74, 0x61, 0x74, 0x73, 0x52, 0x0c, 0x63, 0x6c, 0x75, 0x73, 0x74, 0x65,
+	0x72, 0x53, 0x74, 0x61, 0x74, 0x73, 0x22, 0xee, 0x01, 0x0a, 0x11, 0x4c, 0x6f, 0x61, 0x64, 0x53,
+	0x74, 0x61, 0x74, 0x73, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x12, 0x1a, 0x0a, 0x08,
+	0x63, 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0x73, 0x18, 0x01, 0x20, 0x03, 0x28, 0x09, 0x52, 0x08,
+	0x63, 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0x73, 0x12, 0x2a, 0x0a, 0x11, 0x73, 0x65, 0x6e, 0x64,
+	0x5f, 0x61, 0x6c, 0x6c, 0x5f, 0x63, 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0x73, 0x18, 0x04, 0x20,
+	0x01, 0x28, 0x08, 0x52, 0x0f, 0x73, 0x65, 0x6e, 0x64, 0x41, 0x6c, 0x6c, 0x43, 0x6c, 0x75, 0x73,
+	0x74, 0x65, 0x72, 0x73, 0x12, 0x51, 0x0a, 0x17, 0x6c, 0x6f, 0x61, 0x64, 0x5f, 0x72, 0x65, 0x70,
+	0x6f, 0x72, 0x74, 0x69, 0x6e, 0x67, 0x5f, 0x69, 0x6e, 0x74, 0x65, 0x72, 0x76, 0x61, 0x6c, 0x18,
+	0x02, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x19, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70,
+	0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x44, 0x75, 0x72, 0x61, 0x74, 0x69, 0x6f, 0x6e,
+	0x52, 0x15, 0x6c, 0x6f, 0x61, 0x64, 0x52, 0x65, 0x70, 0x6f, 0x72, 0x74, 0x69, 0x6e, 0x67, 0x49,
+	0x6e, 0x74, 0x65, 0x72, 0x76, 0x61, 0x6c, 0x12, 0x3e, 0x0a, 0x1b, 0x72, 0x65, 0x70, 0x6f, 0x72,
+	0x74, 0x5f, 0x65, 0x6e, 0x64, 0x70, 0x6f, 0x69, 0x6e, 0x74, 0x5f, 0x67, 0x72, 0x61, 0x6e, 0x75,
+	0x6c, 0x61, 0x72, 0x69, 0x74, 0x79, 0x18, 0x03, 0x20, 0x01, 0x28, 0x08, 0x52, 0x19, 0x72, 0x65,
+	0x70, 0x6f, 0x72, 0x74, 0x45, 0x6e, 0x64, 0x70, 0x6f, 0x69, 0x6e, 0x74, 0x47, 0x72, 0x61, 0x6e,
+	0x75, 0x6c, 0x61, 0x72, 0x69, 0x74, 0x79, 0x32, 0x8e, 0x01, 0x0a, 0x14, 0x4c, 0x6f, 0x61, 0x64,
+	0x52, 0x65, 0x70, 0x6f, 0x72, 0x74, 0x69, 0x6e, 0x67, 0x53, 0x65, 0x72, 0x76, 0x69, 0x63, 0x65,
+	0x12, 0x76, 0x0a, 0x0f, 0x53, 0x74, 0x72, 0x65, 0x61, 0x6d, 0x4c, 0x6f, 0x61, 0x64, 0x53, 0x74,
+	0x61, 0x74, 0x73, 0x12, 0x2d, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x73, 0x65, 0x72, 0x76,
+	0x69, 0x63, 0x65, 0x2e, 0x6c, 0x6f, 0x61, 0x64, 0x5f, 0x73, 0x74, 0x61, 0x74, 0x73, 0x2e, 0x76,
+	0x32, 0x2e, 0x4c, 0x6f, 0x61, 0x64, 0x53, 0x74, 0x61, 0x74, 0x73, 0x52, 0x65, 0x71, 0x75, 0x65,
+	0x73, 0x74, 0x1a, 0x2e, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x73, 0x65, 0x72, 0x76, 0x69,
+	0x63, 0x65, 0x2e, 0x6c, 0x6f, 0x61, 0x64, 0x5f, 0x73, 0x74, 0x61, 0x74, 0x73, 0x2e, 0x76, 0x32,
+	0x2e, 0x4c, 0x6f, 0x61, 0x64, 0x53, 0x74, 0x61, 0x74, 0x73, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e,
+	0x73, 0x65, 0x22, 0x00, 0x28, 0x01, 0x30, 0x01, 0x42, 0x42, 0x0a, 0x29, 0x69, 0x6f, 0x2e, 0x65,
+	0x6e, 0x76, 0x6f, 0x79, 0x70, 0x72, 0x6f, 0x78, 0x79, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e,
+	0x73, 0x65, 0x72, 0x76, 0x69, 0x63, 0x65, 0x2e, 0x6c, 0x6f, 0x61, 0x64, 0x5f, 0x73, 0x74, 0x61,
+	0x74, 0x73, 0x2e, 0x76, 0x32, 0x42, 0x08, 0x4c, 0x72, 0x73, 0x50, 0x72, 0x6f, 0x74, 0x6f, 0x50,
+	0x01, 0x88, 0x01, 0x01, 0xba, 0x80, 0xc8, 0xd1, 0x06, 0x02, 0x10, 0x01, 0x62, 0x06, 0x70, 0x72,
+	0x6f, 0x74, 0x6f, 0x33,
+}
+
+var (
+	file_envoy_service_load_stats_v2_lrs_proto_rawDescOnce sync.Once
+	file_envoy_service_load_stats_v2_lrs_proto_rawDescData = file_envoy_service_load_stats_v2_lrs_proto_rawDesc
+)
+
+func file_envoy_service_load_stats_v2_lrs_proto_rawDescGZIP() []byte {
+	file_envoy_service_load_stats_v2_lrs_proto_rawDescOnce.Do(func() {
+		file_envoy_service_load_stats_v2_lrs_proto_rawDescData = protoimpl.X.CompressGZIP(file_envoy_service_load_stats_v2_lrs_proto_rawDescData)
+	})
+	return file_envoy_service_load_stats_v2_lrs_proto_rawDescData
+}
+
+var file_envoy_service_load_stats_v2_lrs_proto_msgTypes = make([]protoimpl.MessageInfo, 2)
+var file_envoy_service_load_stats_v2_lrs_proto_goTypes = []interface{}{
+	(*LoadStatsRequest)(nil),      // 0: envoy.service.load_stats.v2.LoadStatsRequest
+	(*LoadStatsResponse)(nil),     // 1: envoy.service.load_stats.v2.LoadStatsResponse
+	(*core.Node)(nil),             // 2: envoy.api.v2.core.Node
+	(*endpoint.ClusterStats)(nil), // 3: envoy.api.v2.endpoint.ClusterStats
+	(*duration.Duration)(nil),     // 4: google.protobuf.Duration
+}
+var file_envoy_service_load_stats_v2_lrs_proto_depIdxs = []int32{
+	2, // 0: envoy.service.load_stats.v2.LoadStatsRequest.node:type_name -> envoy.api.v2.core.Node
+	3, // 1: envoy.service.load_stats.v2.LoadStatsRequest.cluster_stats:type_name -> envoy.api.v2.endpoint.ClusterStats
+	4, // 2: envoy.service.load_stats.v2.LoadStatsResponse.load_reporting_interval:type_name -> google.protobuf.Duration
+	0, // 3: envoy.service.load_stats.v2.LoadReportingService.StreamLoadStats:input_type -> envoy.service.load_stats.v2.LoadStatsRequest
+	1, // 4: envoy.service.load_stats.v2.LoadReportingService.StreamLoadStats:output_type -> envoy.service.load_stats.v2.LoadStatsResponse
+	4, // [4:5] is the sub-list for method output_type
+	3, // [3:4] is the sub-list for method input_type
+	3, // [3:3] is the sub-list for extension type_name
+	3, // [3:3] is the sub-list for extension extendee
+	0, // [0:3] is the sub-list for field type_name
+}
+
+func init() { file_envoy_service_load_stats_v2_lrs_proto_init() }
+func file_envoy_service_load_stats_v2_lrs_proto_init() {
+	if File_envoy_service_load_stats_v2_lrs_proto != nil {
+		return
+	}
+	if !protoimpl.UnsafeEnabled {
+		file_envoy_service_load_stats_v2_lrs_proto_msgTypes[0].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*LoadStatsRequest); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_service_load_stats_v2_lrs_proto_msgTypes[1].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*LoadStatsResponse); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+	}
+	type x struct{}
+	out := protoimpl.TypeBuilder{
+		File: protoimpl.DescBuilder{
+			GoPackagePath: reflect.TypeOf(x{}).PkgPath(),
+			RawDescriptor: file_envoy_service_load_stats_v2_lrs_proto_rawDesc,
+			NumEnums:      0,
+			NumMessages:   2,
+			NumExtensions: 0,
+			NumServices:   1,
+		},
+		GoTypes:           file_envoy_service_load_stats_v2_lrs_proto_goTypes,
+		DependencyIndexes: file_envoy_service_load_stats_v2_lrs_proto_depIdxs,
+		MessageInfos:      file_envoy_service_load_stats_v2_lrs_proto_msgTypes,
+	}.Build()
+	File_envoy_service_load_stats_v2_lrs_proto = out.File
+	file_envoy_service_load_stats_v2_lrs_proto_rawDesc = nil
+	file_envoy_service_load_stats_v2_lrs_proto_goTypes = nil
+	file_envoy_service_load_stats_v2_lrs_proto_depIdxs = nil
+}
+
+// Reference imports to suppress errors if they are not otherwise used.
+var _ context.Context
+var _ grpc.ClientConnInterface
+
+// This is a compile-time assertion to ensure that this generated file
+// is compatible with the grpc package it is being compiled against.
+const _ = grpc.SupportPackageIsVersion6
+
+// LoadReportingServiceClient is the client API for LoadReportingService service.
+//
+// For semantics around ctx use and closing/ending streaming RPCs, please refer to https://godoc.org/google.golang.org/grpc#ClientConn.NewStream.
+type LoadReportingServiceClient interface {
+	// Advanced API to allow for multi-dimensional load balancing by remote
+	// server. For receiving LB assignments, the steps are:
+	// 1, The management server is configured with per cluster/zone/load metric
+	//    capacity configuration. The capacity configuration definition is
+	//    outside of the scope of this document.
+	// 2. Envoy issues a standard {Stream,Fetch}Endpoints request for the clusters
+	//    to balance.
+	//
+	// Independently, Envoy will initiate a StreamLoadStats bidi stream with a
+	// management server:
+	// 1. Once a connection establishes, the management server publishes a
+	//    LoadStatsResponse for all clusters it is interested in learning load
+	//    stats about.
+	// 2. For each cluster, Envoy load balances incoming traffic to upstream hosts
+	//    based on per-zone weights and/or per-instance weights (if specified)
+	//    based on intra-zone LbPolicy. This information comes from the above
+	//    {Stream,Fetch}Endpoints.
+	// 3. When upstream hosts reply, they optionally add header <define header
+	//    name> with ASCII representation of EndpointLoadMetricStats.
+	// 4. Envoy aggregates load reports over the period of time given to it in
+	//    LoadStatsResponse.load_reporting_interval. This includes aggregation
+	//    stats Envoy maintains by itself (total_requests, rpc_errors etc.) as
+	//    well as load metrics from upstream hosts.
+	// 5. When the timer of load_reporting_interval expires, Envoy sends new
+	//    LoadStatsRequest filled with load reports for each cluster.
+	// 6. The management server uses the load reports from all reported Envoys
+	//    from around the world, computes global assignment and prepares traffic
+	//    assignment destined for each zone Envoys are located in. Goto 2.
+	StreamLoadStats(ctx context.Context, opts ...grpc.CallOption) (LoadReportingService_StreamLoadStatsClient, error)
+}
+
+type loadReportingServiceClient struct {
+	cc grpc.ClientConnInterface
+}
+
+func NewLoadReportingServiceClient(cc grpc.ClientConnInterface) LoadReportingServiceClient {
+	return &loadReportingServiceClient{cc}
+}
+
+func (c *loadReportingServiceClient) StreamLoadStats(ctx context.Context, opts ...grpc.CallOption) (LoadReportingService_StreamLoadStatsClient, error) {
+	stream, err := c.cc.NewStream(ctx, &_LoadReportingService_serviceDesc.Streams[0], "/envoy.service.load_stats.v2.LoadReportingService/StreamLoadStats", opts...)
+	if err != nil {
+		return nil, err
+	}
+	x := &loadReportingServiceStreamLoadStatsClient{stream}
+	return x, nil
+}
+
+type LoadReportingService_StreamLoadStatsClient interface {
+	Send(*LoadStatsRequest) error
+	Recv() (*LoadStatsResponse, error)
+	grpc.ClientStream
+}
+
+type loadReportingServiceStreamLoadStatsClient struct {
+	grpc.ClientStream
+}
+
+func (x *loadReportingServiceStreamLoadStatsClient) Send(m *LoadStatsRequest) error {
+	return x.ClientStream.SendMsg(m)
+}
+
+func (x *loadReportingServiceStreamLoadStatsClient) Recv() (*LoadStatsResponse, error) {
+	m := new(LoadStatsResponse)
+	if err := x.ClientStream.RecvMsg(m); err != nil {
+		return nil, err
+	}
+	return m, nil
+}
+
+// LoadReportingServiceServer is the server API for LoadReportingService service.
+type LoadReportingServiceServer interface {
+	// Advanced API to allow for multi-dimensional load balancing by remote
+	// server. For receiving LB assignments, the steps are:
+	// 1, The management server is configured with per cluster/zone/load metric
+	//    capacity configuration. The capacity configuration definition is
+	//    outside of the scope of this document.
+	// 2. Envoy issues a standard {Stream,Fetch}Endpoints request for the clusters
+	//    to balance.
+	//
+	// Independently, Envoy will initiate a StreamLoadStats bidi stream with a
+	// management server:
+	// 1. Once a connection establishes, the management server publishes a
+	//    LoadStatsResponse for all clusters it is interested in learning load
+	//    stats about.
+	// 2. For each cluster, Envoy load balances incoming traffic to upstream hosts
+	//    based on per-zone weights and/or per-instance weights (if specified)
+	//    based on intra-zone LbPolicy. This information comes from the above
+	//    {Stream,Fetch}Endpoints.
+	// 3. When upstream hosts reply, they optionally add header <define header
+	//    name> with ASCII representation of EndpointLoadMetricStats.
+	// 4. Envoy aggregates load reports over the period of time given to it in
+	//    LoadStatsResponse.load_reporting_interval. This includes aggregation
+	//    stats Envoy maintains by itself (total_requests, rpc_errors etc.) as
+	//    well as load metrics from upstream hosts.
+	// 5. When the timer of load_reporting_interval expires, Envoy sends new
+	//    LoadStatsRequest filled with load reports for each cluster.
+	// 6. The management server uses the load reports from all reported Envoys
+	//    from around the world, computes global assignment and prepares traffic
+	//    assignment destined for each zone Envoys are located in. Goto 2.
+	StreamLoadStats(LoadReportingService_StreamLoadStatsServer) error
+}
+
+// UnimplementedLoadReportingServiceServer can be embedded to have forward compatible implementations.
+type UnimplementedLoadReportingServiceServer struct {
+}
+
+func (*UnimplementedLoadReportingServiceServer) StreamLoadStats(LoadReportingService_StreamLoadStatsServer) error {
+	return status.Errorf(codes.Unimplemented, "method StreamLoadStats not implemented")
+}
+
+func RegisterLoadReportingServiceServer(s *grpc.Server, srv LoadReportingServiceServer) {
+	s.RegisterService(&_LoadReportingService_serviceDesc, srv)
+}
+
+func _LoadReportingService_StreamLoadStats_Handler(srv interface{}, stream grpc.ServerStream) error {
+	return srv.(LoadReportingServiceServer).StreamLoadStats(&loadReportingServiceStreamLoadStatsServer{stream})
+}
+
+type LoadReportingService_StreamLoadStatsServer interface {
+	Send(*LoadStatsResponse) error
+	Recv() (*LoadStatsRequest, error)
+	grpc.ServerStream
+}
+
+type loadReportingServiceStreamLoadStatsServer struct {
+	grpc.ServerStream
+}
+
+func (x *loadReportingServiceStreamLoadStatsServer) Send(m *LoadStatsResponse) error {
+	return x.ServerStream.SendMsg(m)
+}
+
+func (x *loadReportingServiceStreamLoadStatsServer) Recv() (*LoadStatsRequest, error) {
+	m := new(LoadStatsRequest)
+	if err := x.ServerStream.RecvMsg(m); err != nil {
+		return nil, err
+	}
+	return m, nil
+}
+
+var _LoadReportingService_serviceDesc = grpc.ServiceDesc{
+	ServiceName: "envoy.service.load_stats.v2.LoadReportingService",
+	HandlerType: (*LoadReportingServiceServer)(nil),
+	Methods:     []grpc.MethodDesc{},
+	Streams: []grpc.StreamDesc{
+		{
+			StreamName:    "StreamLoadStats",
+			Handler:       _LoadReportingService_StreamLoadStats_Handler,
+			ServerStreams: true,
+			ClientStreams: true,
+		},
+	},
+	Metadata: "envoy/service/load_stats/v2/lrs.proto",
+}
diff --git a/vendor/github.com/envoyproxy/go-control-plane/envoy/service/load_stats/v2/lrs.pb.validate.go b/vendor/github.com/envoyproxy/go-control-plane/envoy/service/load_stats/v2/lrs.pb.validate.go
new file mode 100644
index 00000000000..3baa5107561
--- /dev/null
+++ b/vendor/github.com/envoyproxy/go-control-plane/envoy/service/load_stats/v2/lrs.pb.validate.go
@@ -0,0 +1,332 @@
+// Code generated by protoc-gen-validate. DO NOT EDIT.
+// source: envoy/service/load_stats/v2/lrs.proto
+
+package envoy_service_load_stats_v2
+
+import (
+	"bytes"
+	"errors"
+	"fmt"
+	"net"
+	"net/mail"
+	"net/url"
+	"regexp"
+	"sort"
+	"strings"
+	"time"
+	"unicode/utf8"
+
+	"google.golang.org/protobuf/types/known/anypb"
+)
+
+// ensure the imports are used
+var (
+	_ = bytes.MinRead
+	_ = errors.New("")
+	_ = fmt.Print
+	_ = utf8.UTFMax
+	_ = (*regexp.Regexp)(nil)
+	_ = (*strings.Reader)(nil)
+	_ = net.IPv4len
+	_ = time.Duration(0)
+	_ = (*url.URL)(nil)
+	_ = (*mail.Address)(nil)
+	_ = anypb.Any{}
+	_ = sort.Sort
+)
+
+// Validate checks the field values on LoadStatsRequest with the rules defined
+// in the proto definition for this message. If any rules are violated, the
+// first error encountered is returned, or nil if there are no violations.
+func (m *LoadStatsRequest) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on LoadStatsRequest with the rules
+// defined in the proto definition for this message. If any rules are
+// violated, the result is a list of violation errors wrapped in
+// LoadStatsRequestMultiError, or nil if none found.
+func (m *LoadStatsRequest) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *LoadStatsRequest) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	if all {
+		switch v := interface{}(m.GetNode()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, LoadStatsRequestValidationError{
+					field:  "Node",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, LoadStatsRequestValidationError{
+					field:  "Node",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetNode()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return LoadStatsRequestValidationError{
+				field:  "Node",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	for idx, item := range m.GetClusterStats() {
+		_, _ = idx, item
+
+		if all {
+			switch v := interface{}(item).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, LoadStatsRequestValidationError{
+						field:  fmt.Sprintf("ClusterStats[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, LoadStatsRequestValidationError{
+						field:  fmt.Sprintf("ClusterStats[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(item).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return LoadStatsRequestValidationError{
+					field:  fmt.Sprintf("ClusterStats[%v]", idx),
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	}
+
+	if len(errors) > 0 {
+		return LoadStatsRequestMultiError(errors)
+	}
+	return nil
+}
+
+// LoadStatsRequestMultiError is an error wrapping multiple validation errors
+// returned by LoadStatsRequest.ValidateAll() if the designated constraints
+// aren't met.
+type LoadStatsRequestMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m LoadStatsRequestMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m LoadStatsRequestMultiError) AllErrors() []error { return m }
+
+// LoadStatsRequestValidationError is the validation error returned by
+// LoadStatsRequest.Validate if the designated constraints aren't met.
+type LoadStatsRequestValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e LoadStatsRequestValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e LoadStatsRequestValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e LoadStatsRequestValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e LoadStatsRequestValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e LoadStatsRequestValidationError) ErrorName() string { return "LoadStatsRequestValidationError" }
+
+// Error satisfies the builtin error interface
+func (e LoadStatsRequestValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sLoadStatsRequest.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = LoadStatsRequestValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = LoadStatsRequestValidationError{}
+
+// Validate checks the field values on LoadStatsResponse with the rules defined
+// in the proto definition for this message. If any rules are violated, the
+// first error encountered is returned, or nil if there are no violations.
+func (m *LoadStatsResponse) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on LoadStatsResponse with the rules
+// defined in the proto definition for this message. If any rules are
+// violated, the result is a list of violation errors wrapped in
+// LoadStatsResponseMultiError, or nil if none found.
+func (m *LoadStatsResponse) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *LoadStatsResponse) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	// no validation rules for SendAllClusters
+
+	if all {
+		switch v := interface{}(m.GetLoadReportingInterval()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, LoadStatsResponseValidationError{
+					field:  "LoadReportingInterval",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, LoadStatsResponseValidationError{
+					field:  "LoadReportingInterval",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetLoadReportingInterval()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return LoadStatsResponseValidationError{
+				field:  "LoadReportingInterval",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	// no validation rules for ReportEndpointGranularity
+
+	if len(errors) > 0 {
+		return LoadStatsResponseMultiError(errors)
+	}
+	return nil
+}
+
+// LoadStatsResponseMultiError is an error wrapping multiple validation errors
+// returned by LoadStatsResponse.ValidateAll() if the designated constraints
+// aren't met.
+type LoadStatsResponseMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m LoadStatsResponseMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m LoadStatsResponseMultiError) AllErrors() []error { return m }
+
+// LoadStatsResponseValidationError is the validation error returned by
+// LoadStatsResponse.Validate if the designated constraints aren't met.
+type LoadStatsResponseValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e LoadStatsResponseValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e LoadStatsResponseValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e LoadStatsResponseValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e LoadStatsResponseValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e LoadStatsResponseValidationError) ErrorName() string {
+	return "LoadStatsResponseValidationError"
+}
+
+// Error satisfies the builtin error interface
+func (e LoadStatsResponseValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sLoadStatsResponse.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = LoadStatsResponseValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = LoadStatsResponseValidationError{}
diff --git a/vendor/github.com/envoyproxy/go-control-plane/envoy/service/load_stats/v3/lrs.pb.go b/vendor/github.com/envoyproxy/go-control-plane/envoy/service/load_stats/v3/lrs.pb.go
new file mode 100644
index 00000000000..d646ff0fa04
--- /dev/null
+++ b/vendor/github.com/envoyproxy/go-control-plane/envoy/service/load_stats/v3/lrs.pb.go
@@ -0,0 +1,497 @@
+// Code generated by protoc-gen-go. DO NOT EDIT.
+// versions:
+// 	protoc-gen-go v1.25.0
+// 	protoc        v3.19.1
+// source: envoy/service/load_stats/v3/lrs.proto
+
+package envoy_service_load_stats_v3
+
+import (
+	context "context"
+	_ "github.com/cncf/xds/go/udpa/annotations"
+	v3 "github.com/envoyproxy/go-control-plane/envoy/config/core/v3"
+	v31 "github.com/envoyproxy/go-control-plane/envoy/config/endpoint/v3"
+	proto "github.com/golang/protobuf/proto"
+	duration "github.com/golang/protobuf/ptypes/duration"
+	grpc "google.golang.org/grpc"
+	codes "google.golang.org/grpc/codes"
+	status "google.golang.org/grpc/status"
+	protoreflect "google.golang.org/protobuf/reflect/protoreflect"
+	protoimpl "google.golang.org/protobuf/runtime/protoimpl"
+	reflect "reflect"
+	sync "sync"
+)
+
+const (
+	// Verify that this generated code is sufficiently up-to-date.
+	_ = protoimpl.EnforceVersion(20 - protoimpl.MinVersion)
+	// Verify that runtime/protoimpl is sufficiently up-to-date.
+	_ = protoimpl.EnforceVersion(protoimpl.MaxVersion - 20)
+)
+
+// This is a compile-time assertion that a sufficiently up-to-date version
+// of the legacy proto package is being used.
+const _ = proto.ProtoPackageIsVersion4
+
+// A load report Envoy sends to the management server.
+type LoadStatsRequest struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// Node identifier for Envoy instance.
+	Node *v3.Node `protobuf:"bytes,1,opt,name=node,proto3" json:"node,omitempty"`
+	// A list of load stats to report.
+	ClusterStats []*v31.ClusterStats `protobuf:"bytes,2,rep,name=cluster_stats,json=clusterStats,proto3" json:"cluster_stats,omitempty"`
+}
+
+func (x *LoadStatsRequest) Reset() {
+	*x = LoadStatsRequest{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_service_load_stats_v3_lrs_proto_msgTypes[0]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *LoadStatsRequest) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*LoadStatsRequest) ProtoMessage() {}
+
+func (x *LoadStatsRequest) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_service_load_stats_v3_lrs_proto_msgTypes[0]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use LoadStatsRequest.ProtoReflect.Descriptor instead.
+func (*LoadStatsRequest) Descriptor() ([]byte, []int) {
+	return file_envoy_service_load_stats_v3_lrs_proto_rawDescGZIP(), []int{0}
+}
+
+func (x *LoadStatsRequest) GetNode() *v3.Node {
+	if x != nil {
+		return x.Node
+	}
+	return nil
+}
+
+func (x *LoadStatsRequest) GetClusterStats() []*v31.ClusterStats {
+	if x != nil {
+		return x.ClusterStats
+	}
+	return nil
+}
+
+// The management server sends envoy a LoadStatsResponse with all clusters it
+// is interested in learning load stats about.
+type LoadStatsResponse struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// Clusters to report stats for.
+	// Not populated if *send_all_clusters* is true.
+	Clusters []string `protobuf:"bytes,1,rep,name=clusters,proto3" json:"clusters,omitempty"`
+	// If true, the client should send all clusters it knows about.
+	// Only clients that advertise the "envoy.lrs.supports_send_all_clusters" capability in their
+	// :ref:`client_features<envoy_v3_api_field_config.core.v3.Node.client_features>` field will honor this field.
+	SendAllClusters bool `protobuf:"varint,4,opt,name=send_all_clusters,json=sendAllClusters,proto3" json:"send_all_clusters,omitempty"`
+	// The minimum interval of time to collect stats over. This is only a minimum for two reasons:
+	//
+	// 1. There may be some delay from when the timer fires until stats sampling occurs.
+	// 2. For clusters that were already feature in the previous *LoadStatsResponse*, any traffic
+	//    that is observed in between the corresponding previous *LoadStatsRequest* and this
+	//    *LoadStatsResponse* will also be accumulated and billed to the cluster. This avoids a period
+	//    of inobservability that might otherwise exists between the messages. New clusters are not
+	//    subject to this consideration.
+	LoadReportingInterval *duration.Duration `protobuf:"bytes,2,opt,name=load_reporting_interval,json=loadReportingInterval,proto3" json:"load_reporting_interval,omitempty"`
+	// Set to *true* if the management server supports endpoint granularity
+	// report.
+	ReportEndpointGranularity bool `protobuf:"varint,3,opt,name=report_endpoint_granularity,json=reportEndpointGranularity,proto3" json:"report_endpoint_granularity,omitempty"`
+}
+
+func (x *LoadStatsResponse) Reset() {
+	*x = LoadStatsResponse{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_service_load_stats_v3_lrs_proto_msgTypes[1]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *LoadStatsResponse) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*LoadStatsResponse) ProtoMessage() {}
+
+func (x *LoadStatsResponse) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_service_load_stats_v3_lrs_proto_msgTypes[1]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use LoadStatsResponse.ProtoReflect.Descriptor instead.
+func (*LoadStatsResponse) Descriptor() ([]byte, []int) {
+	return file_envoy_service_load_stats_v3_lrs_proto_rawDescGZIP(), []int{1}
+}
+
+func (x *LoadStatsResponse) GetClusters() []string {
+	if x != nil {
+		return x.Clusters
+	}
+	return nil
+}
+
+func (x *LoadStatsResponse) GetSendAllClusters() bool {
+	if x != nil {
+		return x.SendAllClusters
+	}
+	return false
+}
+
+func (x *LoadStatsResponse) GetLoadReportingInterval() *duration.Duration {
+	if x != nil {
+		return x.LoadReportingInterval
+	}
+	return nil
+}
+
+func (x *LoadStatsResponse) GetReportEndpointGranularity() bool {
+	if x != nil {
+		return x.ReportEndpointGranularity
+	}
+	return false
+}
+
+var File_envoy_service_load_stats_v3_lrs_proto protoreflect.FileDescriptor
+
+var file_envoy_service_load_stats_v3_lrs_proto_rawDesc = []byte{
+	0x0a, 0x25, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2f, 0x73, 0x65, 0x72, 0x76, 0x69, 0x63, 0x65, 0x2f,
+	0x6c, 0x6f, 0x61, 0x64, 0x5f, 0x73, 0x74, 0x61, 0x74, 0x73, 0x2f, 0x76, 0x33, 0x2f, 0x6c, 0x72,
+	0x73, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x12, 0x1b, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x73,
+	0x65, 0x72, 0x76, 0x69, 0x63, 0x65, 0x2e, 0x6c, 0x6f, 0x61, 0x64, 0x5f, 0x73, 0x74, 0x61, 0x74,
+	0x73, 0x2e, 0x76, 0x33, 0x1a, 0x1f, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2f, 0x63, 0x6f, 0x6e, 0x66,
+	0x69, 0x67, 0x2f, 0x63, 0x6f, 0x72, 0x65, 0x2f, 0x76, 0x33, 0x2f, 0x62, 0x61, 0x73, 0x65, 0x2e,
+	0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x2a, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2f, 0x63, 0x6f, 0x6e,
+	0x66, 0x69, 0x67, 0x2f, 0x65, 0x6e, 0x64, 0x70, 0x6f, 0x69, 0x6e, 0x74, 0x2f, 0x76, 0x33, 0x2f,
+	0x6c, 0x6f, 0x61, 0x64, 0x5f, 0x72, 0x65, 0x70, 0x6f, 0x72, 0x74, 0x2e, 0x70, 0x72, 0x6f, 0x74,
+	0x6f, 0x1a, 0x1e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2f, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62,
+	0x75, 0x66, 0x2f, 0x64, 0x75, 0x72, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x2e, 0x70, 0x72, 0x6f, 0x74,
+	0x6f, 0x1a, 0x1d, 0x75, 0x64, 0x70, 0x61, 0x2f, 0x61, 0x6e, 0x6e, 0x6f, 0x74, 0x61, 0x74, 0x69,
+	0x6f, 0x6e, 0x73, 0x2f, 0x73, 0x74, 0x61, 0x74, 0x75, 0x73, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f,
+	0x1a, 0x21, 0x75, 0x64, 0x70, 0x61, 0x2f, 0x61, 0x6e, 0x6e, 0x6f, 0x74, 0x61, 0x74, 0x69, 0x6f,
+	0x6e, 0x73, 0x2f, 0x76, 0x65, 0x72, 0x73, 0x69, 0x6f, 0x6e, 0x69, 0x6e, 0x67, 0x2e, 0x70, 0x72,
+	0x6f, 0x74, 0x6f, 0x22, 0xc4, 0x01, 0x0a, 0x10, 0x4c, 0x6f, 0x61, 0x64, 0x53, 0x74, 0x61, 0x74,
+	0x73, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x12, 0x2e, 0x0a, 0x04, 0x6e, 0x6f, 0x64, 0x65,
+	0x18, 0x01, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1a, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63,
+	0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x63, 0x6f, 0x72, 0x65, 0x2e, 0x76, 0x33, 0x2e, 0x4e, 0x6f,
+	0x64, 0x65, 0x52, 0x04, 0x6e, 0x6f, 0x64, 0x65, 0x12, 0x4b, 0x0a, 0x0d, 0x63, 0x6c, 0x75, 0x73,
+	0x74, 0x65, 0x72, 0x5f, 0x73, 0x74, 0x61, 0x74, 0x73, 0x18, 0x02, 0x20, 0x03, 0x28, 0x0b, 0x32,
+	0x26, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x65,
+	0x6e, 0x64, 0x70, 0x6f, 0x69, 0x6e, 0x74, 0x2e, 0x76, 0x33, 0x2e, 0x43, 0x6c, 0x75, 0x73, 0x74,
+	0x65, 0x72, 0x53, 0x74, 0x61, 0x74, 0x73, 0x52, 0x0c, 0x63, 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72,
+	0x53, 0x74, 0x61, 0x74, 0x73, 0x3a, 0x33, 0x9a, 0xc5, 0x88, 0x1e, 0x2e, 0x0a, 0x2c, 0x65, 0x6e,
+	0x76, 0x6f, 0x79, 0x2e, 0x73, 0x65, 0x72, 0x76, 0x69, 0x63, 0x65, 0x2e, 0x6c, 0x6f, 0x61, 0x64,
+	0x5f, 0x73, 0x74, 0x61, 0x74, 0x73, 0x2e, 0x76, 0x32, 0x2e, 0x4c, 0x6f, 0x61, 0x64, 0x53, 0x74,
+	0x61, 0x74, 0x73, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x22, 0xa4, 0x02, 0x0a, 0x11, 0x4c,
+	0x6f, 0x61, 0x64, 0x53, 0x74, 0x61, 0x74, 0x73, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65,
+	0x12, 0x1a, 0x0a, 0x08, 0x63, 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0x73, 0x18, 0x01, 0x20, 0x03,
+	0x28, 0x09, 0x52, 0x08, 0x63, 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0x73, 0x12, 0x2a, 0x0a, 0x11,
+	0x73, 0x65, 0x6e, 0x64, 0x5f, 0x61, 0x6c, 0x6c, 0x5f, 0x63, 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72,
+	0x73, 0x18, 0x04, 0x20, 0x01, 0x28, 0x08, 0x52, 0x0f, 0x73, 0x65, 0x6e, 0x64, 0x41, 0x6c, 0x6c,
+	0x43, 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0x73, 0x12, 0x51, 0x0a, 0x17, 0x6c, 0x6f, 0x61, 0x64,
+	0x5f, 0x72, 0x65, 0x70, 0x6f, 0x72, 0x74, 0x69, 0x6e, 0x67, 0x5f, 0x69, 0x6e, 0x74, 0x65, 0x72,
+	0x76, 0x61, 0x6c, 0x18, 0x02, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x19, 0x2e, 0x67, 0x6f, 0x6f, 0x67,
+	0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x44, 0x75, 0x72, 0x61,
+	0x74, 0x69, 0x6f, 0x6e, 0x52, 0x15, 0x6c, 0x6f, 0x61, 0x64, 0x52, 0x65, 0x70, 0x6f, 0x72, 0x74,
+	0x69, 0x6e, 0x67, 0x49, 0x6e, 0x74, 0x65, 0x72, 0x76, 0x61, 0x6c, 0x12, 0x3e, 0x0a, 0x1b, 0x72,
+	0x65, 0x70, 0x6f, 0x72, 0x74, 0x5f, 0x65, 0x6e, 0x64, 0x70, 0x6f, 0x69, 0x6e, 0x74, 0x5f, 0x67,
+	0x72, 0x61, 0x6e, 0x75, 0x6c, 0x61, 0x72, 0x69, 0x74, 0x79, 0x18, 0x03, 0x20, 0x01, 0x28, 0x08,
+	0x52, 0x19, 0x72, 0x65, 0x70, 0x6f, 0x72, 0x74, 0x45, 0x6e, 0x64, 0x70, 0x6f, 0x69, 0x6e, 0x74,
+	0x47, 0x72, 0x61, 0x6e, 0x75, 0x6c, 0x61, 0x72, 0x69, 0x74, 0x79, 0x3a, 0x34, 0x9a, 0xc5, 0x88,
+	0x1e, 0x2f, 0x0a, 0x2d, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x73, 0x65, 0x72, 0x76, 0x69, 0x63,
+	0x65, 0x2e, 0x6c, 0x6f, 0x61, 0x64, 0x5f, 0x73, 0x74, 0x61, 0x74, 0x73, 0x2e, 0x76, 0x32, 0x2e,
+	0x4c, 0x6f, 0x61, 0x64, 0x53, 0x74, 0x61, 0x74, 0x73, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73,
+	0x65, 0x32, 0x8e, 0x01, 0x0a, 0x14, 0x4c, 0x6f, 0x61, 0x64, 0x52, 0x65, 0x70, 0x6f, 0x72, 0x74,
+	0x69, 0x6e, 0x67, 0x53, 0x65, 0x72, 0x76, 0x69, 0x63, 0x65, 0x12, 0x76, 0x0a, 0x0f, 0x53, 0x74,
+	0x72, 0x65, 0x61, 0x6d, 0x4c, 0x6f, 0x61, 0x64, 0x53, 0x74, 0x61, 0x74, 0x73, 0x12, 0x2d, 0x2e,
+	0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x73, 0x65, 0x72, 0x76, 0x69, 0x63, 0x65, 0x2e, 0x6c, 0x6f,
+	0x61, 0x64, 0x5f, 0x73, 0x74, 0x61, 0x74, 0x73, 0x2e, 0x76, 0x33, 0x2e, 0x4c, 0x6f, 0x61, 0x64,
+	0x53, 0x74, 0x61, 0x74, 0x73, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, 0x2e, 0x2e, 0x65,
+	0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x73, 0x65, 0x72, 0x76, 0x69, 0x63, 0x65, 0x2e, 0x6c, 0x6f, 0x61,
+	0x64, 0x5f, 0x73, 0x74, 0x61, 0x74, 0x73, 0x2e, 0x76, 0x33, 0x2e, 0x4c, 0x6f, 0x61, 0x64, 0x53,
+	0x74, 0x61, 0x74, 0x73, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x22, 0x00, 0x28, 0x01,
+	0x30, 0x01, 0x42, 0x42, 0x0a, 0x29, 0x69, 0x6f, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x70, 0x72,
+	0x6f, 0x78, 0x79, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x73, 0x65, 0x72, 0x76, 0x69, 0x63,
+	0x65, 0x2e, 0x6c, 0x6f, 0x61, 0x64, 0x5f, 0x73, 0x74, 0x61, 0x74, 0x73, 0x2e, 0x76, 0x33, 0x42,
+	0x08, 0x4c, 0x72, 0x73, 0x50, 0x72, 0x6f, 0x74, 0x6f, 0x50, 0x01, 0x88, 0x01, 0x01, 0xba, 0x80,
+	0xc8, 0xd1, 0x06, 0x02, 0x10, 0x02, 0x62, 0x06, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x33,
+}
+
+var (
+	file_envoy_service_load_stats_v3_lrs_proto_rawDescOnce sync.Once
+	file_envoy_service_load_stats_v3_lrs_proto_rawDescData = file_envoy_service_load_stats_v3_lrs_proto_rawDesc
+)
+
+func file_envoy_service_load_stats_v3_lrs_proto_rawDescGZIP() []byte {
+	file_envoy_service_load_stats_v3_lrs_proto_rawDescOnce.Do(func() {
+		file_envoy_service_load_stats_v3_lrs_proto_rawDescData = protoimpl.X.CompressGZIP(file_envoy_service_load_stats_v3_lrs_proto_rawDescData)
+	})
+	return file_envoy_service_load_stats_v3_lrs_proto_rawDescData
+}
+
+var file_envoy_service_load_stats_v3_lrs_proto_msgTypes = make([]protoimpl.MessageInfo, 2)
+var file_envoy_service_load_stats_v3_lrs_proto_goTypes = []interface{}{
+	(*LoadStatsRequest)(nil),  // 0: envoy.service.load_stats.v3.LoadStatsRequest
+	(*LoadStatsResponse)(nil), // 1: envoy.service.load_stats.v3.LoadStatsResponse
+	(*v3.Node)(nil),           // 2: envoy.config.core.v3.Node
+	(*v31.ClusterStats)(nil),  // 3: envoy.config.endpoint.v3.ClusterStats
+	(*duration.Duration)(nil), // 4: google.protobuf.Duration
+}
+var file_envoy_service_load_stats_v3_lrs_proto_depIdxs = []int32{
+	2, // 0: envoy.service.load_stats.v3.LoadStatsRequest.node:type_name -> envoy.config.core.v3.Node
+	3, // 1: envoy.service.load_stats.v3.LoadStatsRequest.cluster_stats:type_name -> envoy.config.endpoint.v3.ClusterStats
+	4, // 2: envoy.service.load_stats.v3.LoadStatsResponse.load_reporting_interval:type_name -> google.protobuf.Duration
+	0, // 3: envoy.service.load_stats.v3.LoadReportingService.StreamLoadStats:input_type -> envoy.service.load_stats.v3.LoadStatsRequest
+	1, // 4: envoy.service.load_stats.v3.LoadReportingService.StreamLoadStats:output_type -> envoy.service.load_stats.v3.LoadStatsResponse
+	4, // [4:5] is the sub-list for method output_type
+	3, // [3:4] is the sub-list for method input_type
+	3, // [3:3] is the sub-list for extension type_name
+	3, // [3:3] is the sub-list for extension extendee
+	0, // [0:3] is the sub-list for field type_name
+}
+
+func init() { file_envoy_service_load_stats_v3_lrs_proto_init() }
+func file_envoy_service_load_stats_v3_lrs_proto_init() {
+	if File_envoy_service_load_stats_v3_lrs_proto != nil {
+		return
+	}
+	if !protoimpl.UnsafeEnabled {
+		file_envoy_service_load_stats_v3_lrs_proto_msgTypes[0].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*LoadStatsRequest); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_service_load_stats_v3_lrs_proto_msgTypes[1].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*LoadStatsResponse); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+	}
+	type x struct{}
+	out := protoimpl.TypeBuilder{
+		File: protoimpl.DescBuilder{
+			GoPackagePath: reflect.TypeOf(x{}).PkgPath(),
+			RawDescriptor: file_envoy_service_load_stats_v3_lrs_proto_rawDesc,
+			NumEnums:      0,
+			NumMessages:   2,
+			NumExtensions: 0,
+			NumServices:   1,
+		},
+		GoTypes:           file_envoy_service_load_stats_v3_lrs_proto_goTypes,
+		DependencyIndexes: file_envoy_service_load_stats_v3_lrs_proto_depIdxs,
+		MessageInfos:      file_envoy_service_load_stats_v3_lrs_proto_msgTypes,
+	}.Build()
+	File_envoy_service_load_stats_v3_lrs_proto = out.File
+	file_envoy_service_load_stats_v3_lrs_proto_rawDesc = nil
+	file_envoy_service_load_stats_v3_lrs_proto_goTypes = nil
+	file_envoy_service_load_stats_v3_lrs_proto_depIdxs = nil
+}
+
+// Reference imports to suppress errors if they are not otherwise used.
+var _ context.Context
+var _ grpc.ClientConnInterface
+
+// This is a compile-time assertion to ensure that this generated file
+// is compatible with the grpc package it is being compiled against.
+const _ = grpc.SupportPackageIsVersion6
+
+// LoadReportingServiceClient is the client API for LoadReportingService service.
+//
+// For semantics around ctx use and closing/ending streaming RPCs, please refer to https://godoc.org/google.golang.org/grpc#ClientConn.NewStream.
+type LoadReportingServiceClient interface {
+	// Advanced API to allow for multi-dimensional load balancing by remote
+	// server. For receiving LB assignments, the steps are:
+	// 1, The management server is configured with per cluster/zone/load metric
+	//    capacity configuration. The capacity configuration definition is
+	//    outside of the scope of this document.
+	// 2. Envoy issues a standard {Stream,Fetch}Endpoints request for the clusters
+	//    to balance.
+	//
+	// Independently, Envoy will initiate a StreamLoadStats bidi stream with a
+	// management server:
+	// 1. Once a connection establishes, the management server publishes a
+	//    LoadStatsResponse for all clusters it is interested in learning load
+	//    stats about.
+	// 2. For each cluster, Envoy load balances incoming traffic to upstream hosts
+	//    based on per-zone weights and/or per-instance weights (if specified)
+	//    based on intra-zone LbPolicy. This information comes from the above
+	//    {Stream,Fetch}Endpoints.
+	// 3. When upstream hosts reply, they optionally add header <define header
+	//    name> with ASCII representation of EndpointLoadMetricStats.
+	// 4. Envoy aggregates load reports over the period of time given to it in
+	//    LoadStatsResponse.load_reporting_interval. This includes aggregation
+	//    stats Envoy maintains by itself (total_requests, rpc_errors etc.) as
+	//    well as load metrics from upstream hosts.
+	// 5. When the timer of load_reporting_interval expires, Envoy sends new
+	//    LoadStatsRequest filled with load reports for each cluster.
+	// 6. The management server uses the load reports from all reported Envoys
+	//    from around the world, computes global assignment and prepares traffic
+	//    assignment destined for each zone Envoys are located in. Goto 2.
+	StreamLoadStats(ctx context.Context, opts ...grpc.CallOption) (LoadReportingService_StreamLoadStatsClient, error)
+}
+
+type loadReportingServiceClient struct {
+	cc grpc.ClientConnInterface
+}
+
+func NewLoadReportingServiceClient(cc grpc.ClientConnInterface) LoadReportingServiceClient {
+	return &loadReportingServiceClient{cc}
+}
+
+func (c *loadReportingServiceClient) StreamLoadStats(ctx context.Context, opts ...grpc.CallOption) (LoadReportingService_StreamLoadStatsClient, error) {
+	stream, err := c.cc.NewStream(ctx, &_LoadReportingService_serviceDesc.Streams[0], "/envoy.service.load_stats.v3.LoadReportingService/StreamLoadStats", opts...)
+	if err != nil {
+		return nil, err
+	}
+	x := &loadReportingServiceStreamLoadStatsClient{stream}
+	return x, nil
+}
+
+type LoadReportingService_StreamLoadStatsClient interface {
+	Send(*LoadStatsRequest) error
+	Recv() (*LoadStatsResponse, error)
+	grpc.ClientStream
+}
+
+type loadReportingServiceStreamLoadStatsClient struct {
+	grpc.ClientStream
+}
+
+func (x *loadReportingServiceStreamLoadStatsClient) Send(m *LoadStatsRequest) error {
+	return x.ClientStream.SendMsg(m)
+}
+
+func (x *loadReportingServiceStreamLoadStatsClient) Recv() (*LoadStatsResponse, error) {
+	m := new(LoadStatsResponse)
+	if err := x.ClientStream.RecvMsg(m); err != nil {
+		return nil, err
+	}
+	return m, nil
+}
+
+// LoadReportingServiceServer is the server API for LoadReportingService service.
+type LoadReportingServiceServer interface {
+	// Advanced API to allow for multi-dimensional load balancing by remote
+	// server. For receiving LB assignments, the steps are:
+	// 1, The management server is configured with per cluster/zone/load metric
+	//    capacity configuration. The capacity configuration definition is
+	//    outside of the scope of this document.
+	// 2. Envoy issues a standard {Stream,Fetch}Endpoints request for the clusters
+	//    to balance.
+	//
+	// Independently, Envoy will initiate a StreamLoadStats bidi stream with a
+	// management server:
+	// 1. Once a connection establishes, the management server publishes a
+	//    LoadStatsResponse for all clusters it is interested in learning load
+	//    stats about.
+	// 2. For each cluster, Envoy load balances incoming traffic to upstream hosts
+	//    based on per-zone weights and/or per-instance weights (if specified)
+	//    based on intra-zone LbPolicy. This information comes from the above
+	//    {Stream,Fetch}Endpoints.
+	// 3. When upstream hosts reply, they optionally add header <define header
+	//    name> with ASCII representation of EndpointLoadMetricStats.
+	// 4. Envoy aggregates load reports over the period of time given to it in
+	//    LoadStatsResponse.load_reporting_interval. This includes aggregation
+	//    stats Envoy maintains by itself (total_requests, rpc_errors etc.) as
+	//    well as load metrics from upstream hosts.
+	// 5. When the timer of load_reporting_interval expires, Envoy sends new
+	//    LoadStatsRequest filled with load reports for each cluster.
+	// 6. The management server uses the load reports from all reported Envoys
+	//    from around the world, computes global assignment and prepares traffic
+	//    assignment destined for each zone Envoys are located in. Goto 2.
+	StreamLoadStats(LoadReportingService_StreamLoadStatsServer) error
+}
+
+// UnimplementedLoadReportingServiceServer can be embedded to have forward compatible implementations.
+type UnimplementedLoadReportingServiceServer struct {
+}
+
+func (*UnimplementedLoadReportingServiceServer) StreamLoadStats(LoadReportingService_StreamLoadStatsServer) error {
+	return status.Errorf(codes.Unimplemented, "method StreamLoadStats not implemented")
+}
+
+func RegisterLoadReportingServiceServer(s *grpc.Server, srv LoadReportingServiceServer) {
+	s.RegisterService(&_LoadReportingService_serviceDesc, srv)
+}
+
+func _LoadReportingService_StreamLoadStats_Handler(srv interface{}, stream grpc.ServerStream) error {
+	return srv.(LoadReportingServiceServer).StreamLoadStats(&loadReportingServiceStreamLoadStatsServer{stream})
+}
+
+type LoadReportingService_StreamLoadStatsServer interface {
+	Send(*LoadStatsResponse) error
+	Recv() (*LoadStatsRequest, error)
+	grpc.ServerStream
+}
+
+type loadReportingServiceStreamLoadStatsServer struct {
+	grpc.ServerStream
+}
+
+func (x *loadReportingServiceStreamLoadStatsServer) Send(m *LoadStatsResponse) error {
+	return x.ServerStream.SendMsg(m)
+}
+
+func (x *loadReportingServiceStreamLoadStatsServer) Recv() (*LoadStatsRequest, error) {
+	m := new(LoadStatsRequest)
+	if err := x.ServerStream.RecvMsg(m); err != nil {
+		return nil, err
+	}
+	return m, nil
+}
+
+var _LoadReportingService_serviceDesc = grpc.ServiceDesc{
+	ServiceName: "envoy.service.load_stats.v3.LoadReportingService",
+	HandlerType: (*LoadReportingServiceServer)(nil),
+	Methods:     []grpc.MethodDesc{},
+	Streams: []grpc.StreamDesc{
+		{
+			StreamName:    "StreamLoadStats",
+			Handler:       _LoadReportingService_StreamLoadStats_Handler,
+			ServerStreams: true,
+			ClientStreams: true,
+		},
+	},
+	Metadata: "envoy/service/load_stats/v3/lrs.proto",
+}
diff --git a/vendor/github.com/envoyproxy/go-control-plane/envoy/service/load_stats/v3/lrs.pb.validate.go b/vendor/github.com/envoyproxy/go-control-plane/envoy/service/load_stats/v3/lrs.pb.validate.go
new file mode 100644
index 00000000000..c560146f241
--- /dev/null
+++ b/vendor/github.com/envoyproxy/go-control-plane/envoy/service/load_stats/v3/lrs.pb.validate.go
@@ -0,0 +1,332 @@
+// Code generated by protoc-gen-validate. DO NOT EDIT.
+// source: envoy/service/load_stats/v3/lrs.proto
+
+package envoy_service_load_stats_v3
+
+import (
+	"bytes"
+	"errors"
+	"fmt"
+	"net"
+	"net/mail"
+	"net/url"
+	"regexp"
+	"sort"
+	"strings"
+	"time"
+	"unicode/utf8"
+
+	"google.golang.org/protobuf/types/known/anypb"
+)
+
+// ensure the imports are used
+var (
+	_ = bytes.MinRead
+	_ = errors.New("")
+	_ = fmt.Print
+	_ = utf8.UTFMax
+	_ = (*regexp.Regexp)(nil)
+	_ = (*strings.Reader)(nil)
+	_ = net.IPv4len
+	_ = time.Duration(0)
+	_ = (*url.URL)(nil)
+	_ = (*mail.Address)(nil)
+	_ = anypb.Any{}
+	_ = sort.Sort
+)
+
+// Validate checks the field values on LoadStatsRequest with the rules defined
+// in the proto definition for this message. If any rules are violated, the
+// first error encountered is returned, or nil if there are no violations.
+func (m *LoadStatsRequest) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on LoadStatsRequest with the rules
+// defined in the proto definition for this message. If any rules are
+// violated, the result is a list of violation errors wrapped in
+// LoadStatsRequestMultiError, or nil if none found.
+func (m *LoadStatsRequest) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *LoadStatsRequest) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	if all {
+		switch v := interface{}(m.GetNode()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, LoadStatsRequestValidationError{
+					field:  "Node",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, LoadStatsRequestValidationError{
+					field:  "Node",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetNode()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return LoadStatsRequestValidationError{
+				field:  "Node",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	for idx, item := range m.GetClusterStats() {
+		_, _ = idx, item
+
+		if all {
+			switch v := interface{}(item).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, LoadStatsRequestValidationError{
+						field:  fmt.Sprintf("ClusterStats[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, LoadStatsRequestValidationError{
+						field:  fmt.Sprintf("ClusterStats[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(item).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return LoadStatsRequestValidationError{
+					field:  fmt.Sprintf("ClusterStats[%v]", idx),
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	}
+
+	if len(errors) > 0 {
+		return LoadStatsRequestMultiError(errors)
+	}
+	return nil
+}
+
+// LoadStatsRequestMultiError is an error wrapping multiple validation errors
+// returned by LoadStatsRequest.ValidateAll() if the designated constraints
+// aren't met.
+type LoadStatsRequestMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m LoadStatsRequestMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m LoadStatsRequestMultiError) AllErrors() []error { return m }
+
+// LoadStatsRequestValidationError is the validation error returned by
+// LoadStatsRequest.Validate if the designated constraints aren't met.
+type LoadStatsRequestValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e LoadStatsRequestValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e LoadStatsRequestValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e LoadStatsRequestValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e LoadStatsRequestValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e LoadStatsRequestValidationError) ErrorName() string { return "LoadStatsRequestValidationError" }
+
+// Error satisfies the builtin error interface
+func (e LoadStatsRequestValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sLoadStatsRequest.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = LoadStatsRequestValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = LoadStatsRequestValidationError{}
+
+// Validate checks the field values on LoadStatsResponse with the rules defined
+// in the proto definition for this message. If any rules are violated, the
+// first error encountered is returned, or nil if there are no violations.
+func (m *LoadStatsResponse) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on LoadStatsResponse with the rules
+// defined in the proto definition for this message. If any rules are
+// violated, the result is a list of violation errors wrapped in
+// LoadStatsResponseMultiError, or nil if none found.
+func (m *LoadStatsResponse) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *LoadStatsResponse) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	// no validation rules for SendAllClusters
+
+	if all {
+		switch v := interface{}(m.GetLoadReportingInterval()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, LoadStatsResponseValidationError{
+					field:  "LoadReportingInterval",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, LoadStatsResponseValidationError{
+					field:  "LoadReportingInterval",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetLoadReportingInterval()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return LoadStatsResponseValidationError{
+				field:  "LoadReportingInterval",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	// no validation rules for ReportEndpointGranularity
+
+	if len(errors) > 0 {
+		return LoadStatsResponseMultiError(errors)
+	}
+	return nil
+}
+
+// LoadStatsResponseMultiError is an error wrapping multiple validation errors
+// returned by LoadStatsResponse.ValidateAll() if the designated constraints
+// aren't met.
+type LoadStatsResponseMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m LoadStatsResponseMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m LoadStatsResponseMultiError) AllErrors() []error { return m }
+
+// LoadStatsResponseValidationError is the validation error returned by
+// LoadStatsResponse.Validate if the designated constraints aren't met.
+type LoadStatsResponseValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e LoadStatsResponseValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e LoadStatsResponseValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e LoadStatsResponseValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e LoadStatsResponseValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e LoadStatsResponseValidationError) ErrorName() string {
+	return "LoadStatsResponseValidationError"
+}
+
+// Error satisfies the builtin error interface
+func (e LoadStatsResponseValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sLoadStatsResponse.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = LoadStatsResponseValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = LoadStatsResponseValidationError{}
diff --git a/vendor/github.com/envoyproxy/go-control-plane/envoy/service/status/v3/csds.pb.go b/vendor/github.com/envoyproxy/go-control-plane/envoy/service/status/v3/csds.pb.go
new file mode 100644
index 00000000000..7e7091998ce
--- /dev/null
+++ b/vendor/github.com/envoyproxy/go-control-plane/envoy/service/status/v3/csds.pb.go
@@ -0,0 +1,1109 @@
+// Code generated by protoc-gen-go. DO NOT EDIT.
+// versions:
+// 	protoc-gen-go v1.25.0
+// 	protoc        v3.19.1
+// source: envoy/service/status/v3/csds.proto
+
+package envoy_service_status_v3
+
+import (
+	context "context"
+	_ "github.com/cncf/xds/go/udpa/annotations"
+	v32 "github.com/envoyproxy/go-control-plane/envoy/admin/v3"
+	_ "github.com/envoyproxy/go-control-plane/envoy/annotations"
+	v31 "github.com/envoyproxy/go-control-plane/envoy/config/core/v3"
+	v3 "github.com/envoyproxy/go-control-plane/envoy/type/matcher/v3"
+	proto "github.com/golang/protobuf/proto"
+	any "github.com/golang/protobuf/ptypes/any"
+	timestamp "github.com/golang/protobuf/ptypes/timestamp"
+	_ "google.golang.org/genproto/googleapis/api/annotations"
+	grpc "google.golang.org/grpc"
+	codes "google.golang.org/grpc/codes"
+	status "google.golang.org/grpc/status"
+	protoreflect "google.golang.org/protobuf/reflect/protoreflect"
+	protoimpl "google.golang.org/protobuf/runtime/protoimpl"
+	reflect "reflect"
+	sync "sync"
+)
+
+const (
+	// Verify that this generated code is sufficiently up-to-date.
+	_ = protoimpl.EnforceVersion(20 - protoimpl.MinVersion)
+	// Verify that runtime/protoimpl is sufficiently up-to-date.
+	_ = protoimpl.EnforceVersion(protoimpl.MaxVersion - 20)
+)
+
+// This is a compile-time assertion that a sufficiently up-to-date version
+// of the legacy proto package is being used.
+const _ = proto.ProtoPackageIsVersion4
+
+// Status of a config from a management server view.
+type ConfigStatus int32
+
+const (
+	// Status info is not available/unknown.
+	ConfigStatus_UNKNOWN ConfigStatus = 0
+	// Management server has sent the config to client and received ACK.
+	ConfigStatus_SYNCED ConfigStatus = 1
+	// Config is not sent.
+	ConfigStatus_NOT_SENT ConfigStatus = 2
+	// Management server has sent the config to client but hasn’t received
+	// ACK/NACK.
+	ConfigStatus_STALE ConfigStatus = 3
+	// Management server has sent the config to client but received NACK. The
+	// attached config dump will be the latest config (the rejected one), since
+	// it is the persisted version in the management server.
+	ConfigStatus_ERROR ConfigStatus = 4
+)
+
+// Enum value maps for ConfigStatus.
+var (
+	ConfigStatus_name = map[int32]string{
+		0: "UNKNOWN",
+		1: "SYNCED",
+		2: "NOT_SENT",
+		3: "STALE",
+		4: "ERROR",
+	}
+	ConfigStatus_value = map[string]int32{
+		"UNKNOWN":  0,
+		"SYNCED":   1,
+		"NOT_SENT": 2,
+		"STALE":    3,
+		"ERROR":    4,
+	}
+)
+
+func (x ConfigStatus) Enum() *ConfigStatus {
+	p := new(ConfigStatus)
+	*p = x
+	return p
+}
+
+func (x ConfigStatus) String() string {
+	return protoimpl.X.EnumStringOf(x.Descriptor(), protoreflect.EnumNumber(x))
+}
+
+func (ConfigStatus) Descriptor() protoreflect.EnumDescriptor {
+	return file_envoy_service_status_v3_csds_proto_enumTypes[0].Descriptor()
+}
+
+func (ConfigStatus) Type() protoreflect.EnumType {
+	return &file_envoy_service_status_v3_csds_proto_enumTypes[0]
+}
+
+func (x ConfigStatus) Number() protoreflect.EnumNumber {
+	return protoreflect.EnumNumber(x)
+}
+
+// Deprecated: Use ConfigStatus.Descriptor instead.
+func (ConfigStatus) EnumDescriptor() ([]byte, []int) {
+	return file_envoy_service_status_v3_csds_proto_rawDescGZIP(), []int{0}
+}
+
+// Config status from a client-side view.
+type ClientConfigStatus int32
+
+const (
+	// Config status is not available/unknown.
+	ClientConfigStatus_CLIENT_UNKNOWN ClientConfigStatus = 0
+	// Client requested the config but hasn't received any config from management
+	// server yet.
+	ClientConfigStatus_CLIENT_REQUESTED ClientConfigStatus = 1
+	// Client received the config and replied with ACK.
+	ClientConfigStatus_CLIENT_ACKED ClientConfigStatus = 2
+	// Client received the config and replied with NACK. Notably, the attached
+	// config dump is not the NACKed version, but the most recent accepted one. If
+	// no config is accepted yet, the attached config dump will be empty.
+	ClientConfigStatus_CLIENT_NACKED ClientConfigStatus = 3
+)
+
+// Enum value maps for ClientConfigStatus.
+var (
+	ClientConfigStatus_name = map[int32]string{
+		0: "CLIENT_UNKNOWN",
+		1: "CLIENT_REQUESTED",
+		2: "CLIENT_ACKED",
+		3: "CLIENT_NACKED",
+	}
+	ClientConfigStatus_value = map[string]int32{
+		"CLIENT_UNKNOWN":   0,
+		"CLIENT_REQUESTED": 1,
+		"CLIENT_ACKED":     2,
+		"CLIENT_NACKED":    3,
+	}
+)
+
+func (x ClientConfigStatus) Enum() *ClientConfigStatus {
+	p := new(ClientConfigStatus)
+	*p = x
+	return p
+}
+
+func (x ClientConfigStatus) String() string {
+	return protoimpl.X.EnumStringOf(x.Descriptor(), protoreflect.EnumNumber(x))
+}
+
+func (ClientConfigStatus) Descriptor() protoreflect.EnumDescriptor {
+	return file_envoy_service_status_v3_csds_proto_enumTypes[1].Descriptor()
+}
+
+func (ClientConfigStatus) Type() protoreflect.EnumType {
+	return &file_envoy_service_status_v3_csds_proto_enumTypes[1]
+}
+
+func (x ClientConfigStatus) Number() protoreflect.EnumNumber {
+	return protoreflect.EnumNumber(x)
+}
+
+// Deprecated: Use ClientConfigStatus.Descriptor instead.
+func (ClientConfigStatus) EnumDescriptor() ([]byte, []int) {
+	return file_envoy_service_status_v3_csds_proto_rawDescGZIP(), []int{1}
+}
+
+// Request for client status of clients identified by a list of NodeMatchers.
+type ClientStatusRequest struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// Management server can use these match criteria to identify clients.
+	// The match follows OR semantics.
+	NodeMatchers []*v3.NodeMatcher `protobuf:"bytes,1,rep,name=node_matchers,json=nodeMatchers,proto3" json:"node_matchers,omitempty"`
+	// The node making the csds request.
+	Node *v31.Node `protobuf:"bytes,2,opt,name=node,proto3" json:"node,omitempty"`
+}
+
+func (x *ClientStatusRequest) Reset() {
+	*x = ClientStatusRequest{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_service_status_v3_csds_proto_msgTypes[0]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *ClientStatusRequest) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*ClientStatusRequest) ProtoMessage() {}
+
+func (x *ClientStatusRequest) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_service_status_v3_csds_proto_msgTypes[0]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use ClientStatusRequest.ProtoReflect.Descriptor instead.
+func (*ClientStatusRequest) Descriptor() ([]byte, []int) {
+	return file_envoy_service_status_v3_csds_proto_rawDescGZIP(), []int{0}
+}
+
+func (x *ClientStatusRequest) GetNodeMatchers() []*v3.NodeMatcher {
+	if x != nil {
+		return x.NodeMatchers
+	}
+	return nil
+}
+
+func (x *ClientStatusRequest) GetNode() *v31.Node {
+	if x != nil {
+		return x.Node
+	}
+	return nil
+}
+
+// Detailed config (per xDS) with status.
+// [#next-free-field: 8]
+type PerXdsConfig struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// Config status generated by management servers. Will not be present if the
+	// CSDS server is an xDS client.
+	Status ConfigStatus `protobuf:"varint,1,opt,name=status,proto3,enum=envoy.service.status.v3.ConfigStatus" json:"status,omitempty"`
+	// Client config status is populated by xDS clients. Will not be present if
+	// the CSDS server is an xDS server. No matter what the client config status
+	// is, xDS clients should always dump the most recent accepted xDS config.
+	//
+	// .. attention::
+	//   This field is deprecated. Use :ref:`ClientResourceStatus
+	//   <envoy_v3_api_enum_admin.v3.ClientResourceStatus>` for per-resource
+	//   config status instead.
+	//
+	// Deprecated: Do not use.
+	ClientStatus ClientConfigStatus `protobuf:"varint,7,opt,name=client_status,json=clientStatus,proto3,enum=envoy.service.status.v3.ClientConfigStatus" json:"client_status,omitempty"`
+	// Types that are assignable to PerXdsConfig:
+	//	*PerXdsConfig_ListenerConfig
+	//	*PerXdsConfig_ClusterConfig
+	//	*PerXdsConfig_RouteConfig
+	//	*PerXdsConfig_ScopedRouteConfig
+	//	*PerXdsConfig_EndpointConfig
+	PerXdsConfig isPerXdsConfig_PerXdsConfig `protobuf_oneof:"per_xds_config"`
+}
+
+func (x *PerXdsConfig) Reset() {
+	*x = PerXdsConfig{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_service_status_v3_csds_proto_msgTypes[1]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *PerXdsConfig) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*PerXdsConfig) ProtoMessage() {}
+
+func (x *PerXdsConfig) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_service_status_v3_csds_proto_msgTypes[1]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use PerXdsConfig.ProtoReflect.Descriptor instead.
+func (*PerXdsConfig) Descriptor() ([]byte, []int) {
+	return file_envoy_service_status_v3_csds_proto_rawDescGZIP(), []int{1}
+}
+
+func (x *PerXdsConfig) GetStatus() ConfigStatus {
+	if x != nil {
+		return x.Status
+	}
+	return ConfigStatus_UNKNOWN
+}
+
+// Deprecated: Do not use.
+func (x *PerXdsConfig) GetClientStatus() ClientConfigStatus {
+	if x != nil {
+		return x.ClientStatus
+	}
+	return ClientConfigStatus_CLIENT_UNKNOWN
+}
+
+func (m *PerXdsConfig) GetPerXdsConfig() isPerXdsConfig_PerXdsConfig {
+	if m != nil {
+		return m.PerXdsConfig
+	}
+	return nil
+}
+
+func (x *PerXdsConfig) GetListenerConfig() *v32.ListenersConfigDump {
+	if x, ok := x.GetPerXdsConfig().(*PerXdsConfig_ListenerConfig); ok {
+		return x.ListenerConfig
+	}
+	return nil
+}
+
+func (x *PerXdsConfig) GetClusterConfig() *v32.ClustersConfigDump {
+	if x, ok := x.GetPerXdsConfig().(*PerXdsConfig_ClusterConfig); ok {
+		return x.ClusterConfig
+	}
+	return nil
+}
+
+func (x *PerXdsConfig) GetRouteConfig() *v32.RoutesConfigDump {
+	if x, ok := x.GetPerXdsConfig().(*PerXdsConfig_RouteConfig); ok {
+		return x.RouteConfig
+	}
+	return nil
+}
+
+func (x *PerXdsConfig) GetScopedRouteConfig() *v32.ScopedRoutesConfigDump {
+	if x, ok := x.GetPerXdsConfig().(*PerXdsConfig_ScopedRouteConfig); ok {
+		return x.ScopedRouteConfig
+	}
+	return nil
+}
+
+func (x *PerXdsConfig) GetEndpointConfig() *v32.EndpointsConfigDump {
+	if x, ok := x.GetPerXdsConfig().(*PerXdsConfig_EndpointConfig); ok {
+		return x.EndpointConfig
+	}
+	return nil
+}
+
+type isPerXdsConfig_PerXdsConfig interface {
+	isPerXdsConfig_PerXdsConfig()
+}
+
+type PerXdsConfig_ListenerConfig struct {
+	ListenerConfig *v32.ListenersConfigDump `protobuf:"bytes,2,opt,name=listener_config,json=listenerConfig,proto3,oneof"`
+}
+
+type PerXdsConfig_ClusterConfig struct {
+	ClusterConfig *v32.ClustersConfigDump `protobuf:"bytes,3,opt,name=cluster_config,json=clusterConfig,proto3,oneof"`
+}
+
+type PerXdsConfig_RouteConfig struct {
+	RouteConfig *v32.RoutesConfigDump `protobuf:"bytes,4,opt,name=route_config,json=routeConfig,proto3,oneof"`
+}
+
+type PerXdsConfig_ScopedRouteConfig struct {
+	ScopedRouteConfig *v32.ScopedRoutesConfigDump `protobuf:"bytes,5,opt,name=scoped_route_config,json=scopedRouteConfig,proto3,oneof"`
+}
+
+type PerXdsConfig_EndpointConfig struct {
+	EndpointConfig *v32.EndpointsConfigDump `protobuf:"bytes,6,opt,name=endpoint_config,json=endpointConfig,proto3,oneof"`
+}
+
+func (*PerXdsConfig_ListenerConfig) isPerXdsConfig_PerXdsConfig() {}
+
+func (*PerXdsConfig_ClusterConfig) isPerXdsConfig_PerXdsConfig() {}
+
+func (*PerXdsConfig_RouteConfig) isPerXdsConfig_PerXdsConfig() {}
+
+func (*PerXdsConfig_ScopedRouteConfig) isPerXdsConfig_PerXdsConfig() {}
+
+func (*PerXdsConfig_EndpointConfig) isPerXdsConfig_PerXdsConfig() {}
+
+// All xds configs for a particular client.
+type ClientConfig struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// Node for a particular client.
+	Node *v31.Node `protobuf:"bytes,1,opt,name=node,proto3" json:"node,omitempty"`
+	// This field is deprecated in favor of generic_xds_configs which is
+	// much simpler and uniform in structure.
+	//
+	// Deprecated: Do not use.
+	XdsConfig []*PerXdsConfig `protobuf:"bytes,2,rep,name=xds_config,json=xdsConfig,proto3" json:"xds_config,omitempty"`
+	// Represents generic xDS config and the exact config structure depends on
+	// the type URL (like Cluster if it is CDS)
+	GenericXdsConfigs []*ClientConfig_GenericXdsConfig `protobuf:"bytes,3,rep,name=generic_xds_configs,json=genericXdsConfigs,proto3" json:"generic_xds_configs,omitempty"`
+}
+
+func (x *ClientConfig) Reset() {
+	*x = ClientConfig{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_service_status_v3_csds_proto_msgTypes[2]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *ClientConfig) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*ClientConfig) ProtoMessage() {}
+
+func (x *ClientConfig) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_service_status_v3_csds_proto_msgTypes[2]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use ClientConfig.ProtoReflect.Descriptor instead.
+func (*ClientConfig) Descriptor() ([]byte, []int) {
+	return file_envoy_service_status_v3_csds_proto_rawDescGZIP(), []int{2}
+}
+
+func (x *ClientConfig) GetNode() *v31.Node {
+	if x != nil {
+		return x.Node
+	}
+	return nil
+}
+
+// Deprecated: Do not use.
+func (x *ClientConfig) GetXdsConfig() []*PerXdsConfig {
+	if x != nil {
+		return x.XdsConfig
+	}
+	return nil
+}
+
+func (x *ClientConfig) GetGenericXdsConfigs() []*ClientConfig_GenericXdsConfig {
+	if x != nil {
+		return x.GenericXdsConfigs
+	}
+	return nil
+}
+
+type ClientStatusResponse struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// Client configs for the clients specified in the ClientStatusRequest.
+	Config []*ClientConfig `protobuf:"bytes,1,rep,name=config,proto3" json:"config,omitempty"`
+}
+
+func (x *ClientStatusResponse) Reset() {
+	*x = ClientStatusResponse{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_service_status_v3_csds_proto_msgTypes[3]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *ClientStatusResponse) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*ClientStatusResponse) ProtoMessage() {}
+
+func (x *ClientStatusResponse) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_service_status_v3_csds_proto_msgTypes[3]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use ClientStatusResponse.ProtoReflect.Descriptor instead.
+func (*ClientStatusResponse) Descriptor() ([]byte, []int) {
+	return file_envoy_service_status_v3_csds_proto_rawDescGZIP(), []int{3}
+}
+
+func (x *ClientStatusResponse) GetConfig() []*ClientConfig {
+	if x != nil {
+		return x.Config
+	}
+	return nil
+}
+
+// GenericXdsConfig is used to specify the config status and the dump
+// of any xDS resource identified by their type URL. It is the generalized
+// version of the now deprecated ListenersConfigDump, ClustersConfigDump etc
+// [#next-free-field: 10]
+type ClientConfig_GenericXdsConfig struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// Type_url represents the fully qualified name of xDS resource type
+	// like envoy.v3.Cluster, envoy.v3.ClusterLoadAssignment etc.
+	TypeUrl string `protobuf:"bytes,1,opt,name=type_url,json=typeUrl,proto3" json:"type_url,omitempty"`
+	// Name of the xDS resource
+	Name string `protobuf:"bytes,2,opt,name=name,proto3" json:"name,omitempty"`
+	// This is the :ref:`version_info <envoy_v3_api_field_service.discovery.v3.DiscoveryResponse.version_info>`
+	// in the last processed xDS discovery response. If there are only
+	// static bootstrap listeners, this field will be ""
+	VersionInfo string `protobuf:"bytes,3,opt,name=version_info,json=versionInfo,proto3" json:"version_info,omitempty"`
+	// The xDS resource config. Actual content depends on the type
+	XdsConfig *any.Any `protobuf:"bytes,4,opt,name=xds_config,json=xdsConfig,proto3" json:"xds_config,omitempty"`
+	// Timestamp when the xDS resource was last updated
+	LastUpdated *timestamp.Timestamp `protobuf:"bytes,5,opt,name=last_updated,json=lastUpdated,proto3" json:"last_updated,omitempty"`
+	// Per xDS resource config status. It is generated by management servers.
+	// It will not be present if the CSDS server is an xDS client.
+	ConfigStatus ConfigStatus `protobuf:"varint,6,opt,name=config_status,json=configStatus,proto3,enum=envoy.service.status.v3.ConfigStatus" json:"config_status,omitempty"`
+	// Per xDS resource status from the view of a xDS client
+	ClientStatus v32.ClientResourceStatus `protobuf:"varint,7,opt,name=client_status,json=clientStatus,proto3,enum=envoy.admin.v3.ClientResourceStatus" json:"client_status,omitempty"`
+	// Set if the last update failed, cleared after the next successful
+	// update. The *error_state* field contains the rejected version of
+	// this particular resource along with the reason and timestamp. For
+	// successfully updated or acknowledged resource, this field should
+	// be empty.
+	// [#not-implemented-hide:]
+	ErrorState *v32.UpdateFailureState `protobuf:"bytes,8,opt,name=error_state,json=errorState,proto3" json:"error_state,omitempty"`
+	// Is static resource is true if it is specified in the config supplied
+	// through the file at the startup.
+	IsStaticResource bool `protobuf:"varint,9,opt,name=is_static_resource,json=isStaticResource,proto3" json:"is_static_resource,omitempty"`
+}
+
+func (x *ClientConfig_GenericXdsConfig) Reset() {
+	*x = ClientConfig_GenericXdsConfig{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_service_status_v3_csds_proto_msgTypes[4]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *ClientConfig_GenericXdsConfig) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*ClientConfig_GenericXdsConfig) ProtoMessage() {}
+
+func (x *ClientConfig_GenericXdsConfig) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_service_status_v3_csds_proto_msgTypes[4]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use ClientConfig_GenericXdsConfig.ProtoReflect.Descriptor instead.
+func (*ClientConfig_GenericXdsConfig) Descriptor() ([]byte, []int) {
+	return file_envoy_service_status_v3_csds_proto_rawDescGZIP(), []int{2, 0}
+}
+
+func (x *ClientConfig_GenericXdsConfig) GetTypeUrl() string {
+	if x != nil {
+		return x.TypeUrl
+	}
+	return ""
+}
+
+func (x *ClientConfig_GenericXdsConfig) GetName() string {
+	if x != nil {
+		return x.Name
+	}
+	return ""
+}
+
+func (x *ClientConfig_GenericXdsConfig) GetVersionInfo() string {
+	if x != nil {
+		return x.VersionInfo
+	}
+	return ""
+}
+
+func (x *ClientConfig_GenericXdsConfig) GetXdsConfig() *any.Any {
+	if x != nil {
+		return x.XdsConfig
+	}
+	return nil
+}
+
+func (x *ClientConfig_GenericXdsConfig) GetLastUpdated() *timestamp.Timestamp {
+	if x != nil {
+		return x.LastUpdated
+	}
+	return nil
+}
+
+func (x *ClientConfig_GenericXdsConfig) GetConfigStatus() ConfigStatus {
+	if x != nil {
+		return x.ConfigStatus
+	}
+	return ConfigStatus_UNKNOWN
+}
+
+func (x *ClientConfig_GenericXdsConfig) GetClientStatus() v32.ClientResourceStatus {
+	if x != nil {
+		return x.ClientStatus
+	}
+	return v32.ClientResourceStatus_UNKNOWN
+}
+
+func (x *ClientConfig_GenericXdsConfig) GetErrorState() *v32.UpdateFailureState {
+	if x != nil {
+		return x.ErrorState
+	}
+	return nil
+}
+
+func (x *ClientConfig_GenericXdsConfig) GetIsStaticResource() bool {
+	if x != nil {
+		return x.IsStaticResource
+	}
+	return false
+}
+
+var File_envoy_service_status_v3_csds_proto protoreflect.FileDescriptor
+
+var file_envoy_service_status_v3_csds_proto_rawDesc = []byte{
+	0x0a, 0x22, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2f, 0x73, 0x65, 0x72, 0x76, 0x69, 0x63, 0x65, 0x2f,
+	0x73, 0x74, 0x61, 0x74, 0x75, 0x73, 0x2f, 0x76, 0x33, 0x2f, 0x63, 0x73, 0x64, 0x73, 0x2e, 0x70,
+	0x72, 0x6f, 0x74, 0x6f, 0x12, 0x17, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x73, 0x65, 0x72, 0x76,
+	0x69, 0x63, 0x65, 0x2e, 0x73, 0x74, 0x61, 0x74, 0x75, 0x73, 0x2e, 0x76, 0x33, 0x1a, 0x20, 0x65,
+	0x6e, 0x76, 0x6f, 0x79, 0x2f, 0x61, 0x64, 0x6d, 0x69, 0x6e, 0x2f, 0x76, 0x33, 0x2f, 0x63, 0x6f,
+	0x6e, 0x66, 0x69, 0x67, 0x5f, 0x64, 0x75, 0x6d, 0x70, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a,
+	0x1f, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2f, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2f, 0x63, 0x6f,
+	0x72, 0x65, 0x2f, 0x76, 0x33, 0x2f, 0x62, 0x61, 0x73, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f,
+	0x1a, 0x20, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2f, 0x74, 0x79, 0x70, 0x65, 0x2f, 0x6d, 0x61, 0x74,
+	0x63, 0x68, 0x65, 0x72, 0x2f, 0x76, 0x33, 0x2f, 0x6e, 0x6f, 0x64, 0x65, 0x2e, 0x70, 0x72, 0x6f,
+	0x74, 0x6f, 0x1a, 0x1c, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2f, 0x61, 0x70, 0x69, 0x2f, 0x61,
+	0x6e, 0x6e, 0x6f, 0x74, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f,
+	0x1a, 0x19, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2f, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75,
+	0x66, 0x2f, 0x61, 0x6e, 0x79, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x1f, 0x67, 0x6f, 0x6f,
+	0x67, 0x6c, 0x65, 0x2f, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2f, 0x74, 0x69, 0x6d,
+	0x65, 0x73, 0x74, 0x61, 0x6d, 0x70, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x23, 0x65, 0x6e,
+	0x76, 0x6f, 0x79, 0x2f, 0x61, 0x6e, 0x6e, 0x6f, 0x74, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x2f,
+	0x64, 0x65, 0x70, 0x72, 0x65, 0x63, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x2e, 0x70, 0x72, 0x6f, 0x74,
+	0x6f, 0x1a, 0x1d, 0x75, 0x64, 0x70, 0x61, 0x2f, 0x61, 0x6e, 0x6e, 0x6f, 0x74, 0x61, 0x74, 0x69,
+	0x6f, 0x6e, 0x73, 0x2f, 0x73, 0x74, 0x61, 0x74, 0x75, 0x73, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f,
+	0x1a, 0x21, 0x75, 0x64, 0x70, 0x61, 0x2f, 0x61, 0x6e, 0x6e, 0x6f, 0x74, 0x61, 0x74, 0x69, 0x6f,
+	0x6e, 0x73, 0x2f, 0x76, 0x65, 0x72, 0x73, 0x69, 0x6f, 0x6e, 0x69, 0x6e, 0x67, 0x2e, 0x70, 0x72,
+	0x6f, 0x74, 0x6f, 0x22, 0xc2, 0x01, 0x0a, 0x13, 0x43, 0x6c, 0x69, 0x65, 0x6e, 0x74, 0x53, 0x74,
+	0x61, 0x74, 0x75, 0x73, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x12, 0x47, 0x0a, 0x0d, 0x6e,
+	0x6f, 0x64, 0x65, 0x5f, 0x6d, 0x61, 0x74, 0x63, 0x68, 0x65, 0x72, 0x73, 0x18, 0x01, 0x20, 0x03,
+	0x28, 0x0b, 0x32, 0x22, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x74, 0x79, 0x70, 0x65, 0x2e,
+	0x6d, 0x61, 0x74, 0x63, 0x68, 0x65, 0x72, 0x2e, 0x76, 0x33, 0x2e, 0x4e, 0x6f, 0x64, 0x65, 0x4d,
+	0x61, 0x74, 0x63, 0x68, 0x65, 0x72, 0x52, 0x0c, 0x6e, 0x6f, 0x64, 0x65, 0x4d, 0x61, 0x74, 0x63,
+	0x68, 0x65, 0x72, 0x73, 0x12, 0x2e, 0x0a, 0x04, 0x6e, 0x6f, 0x64, 0x65, 0x18, 0x02, 0x20, 0x01,
+	0x28, 0x0b, 0x32, 0x1a, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69,
+	0x67, 0x2e, 0x63, 0x6f, 0x72, 0x65, 0x2e, 0x76, 0x33, 0x2e, 0x4e, 0x6f, 0x64, 0x65, 0x52, 0x04,
+	0x6e, 0x6f, 0x64, 0x65, 0x3a, 0x32, 0x9a, 0xc5, 0x88, 0x1e, 0x2d, 0x0a, 0x2b, 0x65, 0x6e, 0x76,
+	0x6f, 0x79, 0x2e, 0x73, 0x65, 0x72, 0x76, 0x69, 0x63, 0x65, 0x2e, 0x73, 0x74, 0x61, 0x74, 0x75,
+	0x73, 0x2e, 0x76, 0x32, 0x2e, 0x43, 0x6c, 0x69, 0x65, 0x6e, 0x74, 0x53, 0x74, 0x61, 0x74, 0x75,
+	0x73, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x22, 0xf9, 0x04, 0x0a, 0x0c, 0x50, 0x65, 0x72,
+	0x58, 0x64, 0x73, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x12, 0x3d, 0x0a, 0x06, 0x73, 0x74, 0x61,
+	0x74, 0x75, 0x73, 0x18, 0x01, 0x20, 0x01, 0x28, 0x0e, 0x32, 0x25, 0x2e, 0x65, 0x6e, 0x76, 0x6f,
+	0x79, 0x2e, 0x73, 0x65, 0x72, 0x76, 0x69, 0x63, 0x65, 0x2e, 0x73, 0x74, 0x61, 0x74, 0x75, 0x73,
+	0x2e, 0x76, 0x33, 0x2e, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x53, 0x74, 0x61, 0x74, 0x75, 0x73,
+	0x52, 0x06, 0x73, 0x74, 0x61, 0x74, 0x75, 0x73, 0x12, 0x5d, 0x0a, 0x0d, 0x63, 0x6c, 0x69, 0x65,
+	0x6e, 0x74, 0x5f, 0x73, 0x74, 0x61, 0x74, 0x75, 0x73, 0x18, 0x07, 0x20, 0x01, 0x28, 0x0e, 0x32,
+	0x2b, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x73, 0x65, 0x72, 0x76, 0x69, 0x63, 0x65, 0x2e,
+	0x73, 0x74, 0x61, 0x74, 0x75, 0x73, 0x2e, 0x76, 0x33, 0x2e, 0x43, 0x6c, 0x69, 0x65, 0x6e, 0x74,
+	0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x53, 0x74, 0x61, 0x74, 0x75, 0x73, 0x42, 0x0b, 0x18, 0x01,
+	0x92, 0xc7, 0x86, 0xd8, 0x04, 0x03, 0x33, 0x2e, 0x30, 0x52, 0x0c, 0x63, 0x6c, 0x69, 0x65, 0x6e,
+	0x74, 0x53, 0x74, 0x61, 0x74, 0x75, 0x73, 0x12, 0x4e, 0x0a, 0x0f, 0x6c, 0x69, 0x73, 0x74, 0x65,
+	0x6e, 0x65, 0x72, 0x5f, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x18, 0x02, 0x20, 0x01, 0x28, 0x0b,
+	0x32, 0x23, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61, 0x64, 0x6d, 0x69, 0x6e, 0x2e, 0x76,
+	0x33, 0x2e, 0x4c, 0x69, 0x73, 0x74, 0x65, 0x6e, 0x65, 0x72, 0x73, 0x43, 0x6f, 0x6e, 0x66, 0x69,
+	0x67, 0x44, 0x75, 0x6d, 0x70, 0x48, 0x00, 0x52, 0x0e, 0x6c, 0x69, 0x73, 0x74, 0x65, 0x6e, 0x65,
+	0x72, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x12, 0x4b, 0x0a, 0x0e, 0x63, 0x6c, 0x75, 0x73, 0x74,
+	0x65, 0x72, 0x5f, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x18, 0x03, 0x20, 0x01, 0x28, 0x0b, 0x32,
+	0x22, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61, 0x64, 0x6d, 0x69, 0x6e, 0x2e, 0x76, 0x33,
+	0x2e, 0x43, 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0x73, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x44,
+	0x75, 0x6d, 0x70, 0x48, 0x00, 0x52, 0x0d, 0x63, 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0x43, 0x6f,
+	0x6e, 0x66, 0x69, 0x67, 0x12, 0x45, 0x0a, 0x0c, 0x72, 0x6f, 0x75, 0x74, 0x65, 0x5f, 0x63, 0x6f,
+	0x6e, 0x66, 0x69, 0x67, 0x18, 0x04, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x20, 0x2e, 0x65, 0x6e, 0x76,
+	0x6f, 0x79, 0x2e, 0x61, 0x64, 0x6d, 0x69, 0x6e, 0x2e, 0x76, 0x33, 0x2e, 0x52, 0x6f, 0x75, 0x74,
+	0x65, 0x73, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x44, 0x75, 0x6d, 0x70, 0x48, 0x00, 0x52, 0x0b,
+	0x72, 0x6f, 0x75, 0x74, 0x65, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x12, 0x58, 0x0a, 0x13, 0x73,
+	0x63, 0x6f, 0x70, 0x65, 0x64, 0x5f, 0x72, 0x6f, 0x75, 0x74, 0x65, 0x5f, 0x63, 0x6f, 0x6e, 0x66,
+	0x69, 0x67, 0x18, 0x05, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x26, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79,
+	0x2e, 0x61, 0x64, 0x6d, 0x69, 0x6e, 0x2e, 0x76, 0x33, 0x2e, 0x53, 0x63, 0x6f, 0x70, 0x65, 0x64,
+	0x52, 0x6f, 0x75, 0x74, 0x65, 0x73, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x44, 0x75, 0x6d, 0x70,
+	0x48, 0x00, 0x52, 0x11, 0x73, 0x63, 0x6f, 0x70, 0x65, 0x64, 0x52, 0x6f, 0x75, 0x74, 0x65, 0x43,
+	0x6f, 0x6e, 0x66, 0x69, 0x67, 0x12, 0x4e, 0x0a, 0x0f, 0x65, 0x6e, 0x64, 0x70, 0x6f, 0x69, 0x6e,
+	0x74, 0x5f, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x18, 0x06, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x23,
+	0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61, 0x64, 0x6d, 0x69, 0x6e, 0x2e, 0x76, 0x33, 0x2e,
+	0x45, 0x6e, 0x64, 0x70, 0x6f, 0x69, 0x6e, 0x74, 0x73, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x44,
+	0x75, 0x6d, 0x70, 0x48, 0x00, 0x52, 0x0e, 0x65, 0x6e, 0x64, 0x70, 0x6f, 0x69, 0x6e, 0x74, 0x43,
+	0x6f, 0x6e, 0x66, 0x69, 0x67, 0x3a, 0x2b, 0x9a, 0xc5, 0x88, 0x1e, 0x26, 0x0a, 0x24, 0x65, 0x6e,
+	0x76, 0x6f, 0x79, 0x2e, 0x73, 0x65, 0x72, 0x76, 0x69, 0x63, 0x65, 0x2e, 0x73, 0x74, 0x61, 0x74,
+	0x75, 0x73, 0x2e, 0x76, 0x32, 0x2e, 0x50, 0x65, 0x72, 0x58, 0x64, 0x73, 0x43, 0x6f, 0x6e, 0x66,
+	0x69, 0x67, 0x42, 0x10, 0x0a, 0x0e, 0x70, 0x65, 0x72, 0x5f, 0x78, 0x64, 0x73, 0x5f, 0x63, 0x6f,
+	0x6e, 0x66, 0x69, 0x67, 0x22, 0x8b, 0x06, 0x0a, 0x0c, 0x43, 0x6c, 0x69, 0x65, 0x6e, 0x74, 0x43,
+	0x6f, 0x6e, 0x66, 0x69, 0x67, 0x12, 0x2e, 0x0a, 0x04, 0x6e, 0x6f, 0x64, 0x65, 0x18, 0x01, 0x20,
+	0x01, 0x28, 0x0b, 0x32, 0x1a, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66,
+	0x69, 0x67, 0x2e, 0x63, 0x6f, 0x72, 0x65, 0x2e, 0x76, 0x33, 0x2e, 0x4e, 0x6f, 0x64, 0x65, 0x52,
+	0x04, 0x6e, 0x6f, 0x64, 0x65, 0x12, 0x51, 0x0a, 0x0a, 0x78, 0x64, 0x73, 0x5f, 0x63, 0x6f, 0x6e,
+	0x66, 0x69, 0x67, 0x18, 0x02, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x25, 0x2e, 0x65, 0x6e, 0x76, 0x6f,
+	0x79, 0x2e, 0x73, 0x65, 0x72, 0x76, 0x69, 0x63, 0x65, 0x2e, 0x73, 0x74, 0x61, 0x74, 0x75, 0x73,
+	0x2e, 0x76, 0x33, 0x2e, 0x50, 0x65, 0x72, 0x58, 0x64, 0x73, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67,
+	0x42, 0x0b, 0x18, 0x01, 0x92, 0xc7, 0x86, 0xd8, 0x04, 0x03, 0x33, 0x2e, 0x30, 0x52, 0x09, 0x78,
+	0x64, 0x73, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x12, 0x66, 0x0a, 0x13, 0x67, 0x65, 0x6e, 0x65,
+	0x72, 0x69, 0x63, 0x5f, 0x78, 0x64, 0x73, 0x5f, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x73, 0x18,
+	0x03, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x36, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x73, 0x65,
+	0x72, 0x76, 0x69, 0x63, 0x65, 0x2e, 0x73, 0x74, 0x61, 0x74, 0x75, 0x73, 0x2e, 0x76, 0x33, 0x2e,
+	0x43, 0x6c, 0x69, 0x65, 0x6e, 0x74, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x47, 0x65, 0x6e,
+	0x65, 0x72, 0x69, 0x63, 0x58, 0x64, 0x73, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x52, 0x11, 0x67,
+	0x65, 0x6e, 0x65, 0x72, 0x69, 0x63, 0x58, 0x64, 0x73, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x73,
+	0x1a, 0xe2, 0x03, 0x0a, 0x10, 0x47, 0x65, 0x6e, 0x65, 0x72, 0x69, 0x63, 0x58, 0x64, 0x73, 0x43,
+	0x6f, 0x6e, 0x66, 0x69, 0x67, 0x12, 0x19, 0x0a, 0x08, 0x74, 0x79, 0x70, 0x65, 0x5f, 0x75, 0x72,
+	0x6c, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x07, 0x74, 0x79, 0x70, 0x65, 0x55, 0x72, 0x6c,
+	0x12, 0x12, 0x0a, 0x04, 0x6e, 0x61, 0x6d, 0x65, 0x18, 0x02, 0x20, 0x01, 0x28, 0x09, 0x52, 0x04,
+	0x6e, 0x61, 0x6d, 0x65, 0x12, 0x21, 0x0a, 0x0c, 0x76, 0x65, 0x72, 0x73, 0x69, 0x6f, 0x6e, 0x5f,
+	0x69, 0x6e, 0x66, 0x6f, 0x18, 0x03, 0x20, 0x01, 0x28, 0x09, 0x52, 0x0b, 0x76, 0x65, 0x72, 0x73,
+	0x69, 0x6f, 0x6e, 0x49, 0x6e, 0x66, 0x6f, 0x12, 0x33, 0x0a, 0x0a, 0x78, 0x64, 0x73, 0x5f, 0x63,
+	0x6f, 0x6e, 0x66, 0x69, 0x67, 0x18, 0x04, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x14, 0x2e, 0x67, 0x6f,
+	0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x41, 0x6e,
+	0x79, 0x52, 0x09, 0x78, 0x64, 0x73, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x12, 0x3d, 0x0a, 0x0c,
+	0x6c, 0x61, 0x73, 0x74, 0x5f, 0x75, 0x70, 0x64, 0x61, 0x74, 0x65, 0x64, 0x18, 0x05, 0x20, 0x01,
+	0x28, 0x0b, 0x32, 0x1a, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74,
+	0x6f, 0x62, 0x75, 0x66, 0x2e, 0x54, 0x69, 0x6d, 0x65, 0x73, 0x74, 0x61, 0x6d, 0x70, 0x52, 0x0b,
+	0x6c, 0x61, 0x73, 0x74, 0x55, 0x70, 0x64, 0x61, 0x74, 0x65, 0x64, 0x12, 0x4a, 0x0a, 0x0d, 0x63,
+	0x6f, 0x6e, 0x66, 0x69, 0x67, 0x5f, 0x73, 0x74, 0x61, 0x74, 0x75, 0x73, 0x18, 0x06, 0x20, 0x01,
+	0x28, 0x0e, 0x32, 0x25, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x73, 0x65, 0x72, 0x76, 0x69,
+	0x63, 0x65, 0x2e, 0x73, 0x74, 0x61, 0x74, 0x75, 0x73, 0x2e, 0x76, 0x33, 0x2e, 0x43, 0x6f, 0x6e,
+	0x66, 0x69, 0x67, 0x53, 0x74, 0x61, 0x74, 0x75, 0x73, 0x52, 0x0c, 0x63, 0x6f, 0x6e, 0x66, 0x69,
+	0x67, 0x53, 0x74, 0x61, 0x74, 0x75, 0x73, 0x12, 0x49, 0x0a, 0x0d, 0x63, 0x6c, 0x69, 0x65, 0x6e,
+	0x74, 0x5f, 0x73, 0x74, 0x61, 0x74, 0x75, 0x73, 0x18, 0x07, 0x20, 0x01, 0x28, 0x0e, 0x32, 0x24,
+	0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61, 0x64, 0x6d, 0x69, 0x6e, 0x2e, 0x76, 0x33, 0x2e,
+	0x43, 0x6c, 0x69, 0x65, 0x6e, 0x74, 0x52, 0x65, 0x73, 0x6f, 0x75, 0x72, 0x63, 0x65, 0x53, 0x74,
+	0x61, 0x74, 0x75, 0x73, 0x52, 0x0c, 0x63, 0x6c, 0x69, 0x65, 0x6e, 0x74, 0x53, 0x74, 0x61, 0x74,
+	0x75, 0x73, 0x12, 0x43, 0x0a, 0x0b, 0x65, 0x72, 0x72, 0x6f, 0x72, 0x5f, 0x73, 0x74, 0x61, 0x74,
+	0x65, 0x18, 0x08, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x22, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e,
+	0x61, 0x64, 0x6d, 0x69, 0x6e, 0x2e, 0x76, 0x33, 0x2e, 0x55, 0x70, 0x64, 0x61, 0x74, 0x65, 0x46,
+	0x61, 0x69, 0x6c, 0x75, 0x72, 0x65, 0x53, 0x74, 0x61, 0x74, 0x65, 0x52, 0x0a, 0x65, 0x72, 0x72,
+	0x6f, 0x72, 0x53, 0x74, 0x61, 0x74, 0x65, 0x12, 0x2c, 0x0a, 0x12, 0x69, 0x73, 0x5f, 0x73, 0x74,
+	0x61, 0x74, 0x69, 0x63, 0x5f, 0x72, 0x65, 0x73, 0x6f, 0x75, 0x72, 0x63, 0x65, 0x18, 0x09, 0x20,
+	0x01, 0x28, 0x08, 0x52, 0x10, 0x69, 0x73, 0x53, 0x74, 0x61, 0x74, 0x69, 0x63, 0x52, 0x65, 0x73,
+	0x6f, 0x75, 0x72, 0x63, 0x65, 0x3a, 0x2b, 0x9a, 0xc5, 0x88, 0x1e, 0x26, 0x0a, 0x24, 0x65, 0x6e,
+	0x76, 0x6f, 0x79, 0x2e, 0x73, 0x65, 0x72, 0x76, 0x69, 0x63, 0x65, 0x2e, 0x73, 0x74, 0x61, 0x74,
+	0x75, 0x73, 0x2e, 0x76, 0x32, 0x2e, 0x43, 0x6c, 0x69, 0x65, 0x6e, 0x74, 0x43, 0x6f, 0x6e, 0x66,
+	0x69, 0x67, 0x22, 0x8a, 0x01, 0x0a, 0x14, 0x43, 0x6c, 0x69, 0x65, 0x6e, 0x74, 0x53, 0x74, 0x61,
+	0x74, 0x75, 0x73, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x12, 0x3d, 0x0a, 0x06, 0x63,
+	0x6f, 0x6e, 0x66, 0x69, 0x67, 0x18, 0x01, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x25, 0x2e, 0x65, 0x6e,
+	0x76, 0x6f, 0x79, 0x2e, 0x73, 0x65, 0x72, 0x76, 0x69, 0x63, 0x65, 0x2e, 0x73, 0x74, 0x61, 0x74,
+	0x75, 0x73, 0x2e, 0x76, 0x33, 0x2e, 0x43, 0x6c, 0x69, 0x65, 0x6e, 0x74, 0x43, 0x6f, 0x6e, 0x66,
+	0x69, 0x67, 0x52, 0x06, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x3a, 0x33, 0x9a, 0xc5, 0x88, 0x1e,
+	0x2e, 0x0a, 0x2c, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x73, 0x65, 0x72, 0x76, 0x69, 0x63, 0x65,
+	0x2e, 0x73, 0x74, 0x61, 0x74, 0x75, 0x73, 0x2e, 0x76, 0x32, 0x2e, 0x43, 0x6c, 0x69, 0x65, 0x6e,
+	0x74, 0x53, 0x74, 0x61, 0x74, 0x75, 0x73, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x2a,
+	0x4b, 0x0a, 0x0c, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x53, 0x74, 0x61, 0x74, 0x75, 0x73, 0x12,
+	0x0b, 0x0a, 0x07, 0x55, 0x4e, 0x4b, 0x4e, 0x4f, 0x57, 0x4e, 0x10, 0x00, 0x12, 0x0a, 0x0a, 0x06,
+	0x53, 0x59, 0x4e, 0x43, 0x45, 0x44, 0x10, 0x01, 0x12, 0x0c, 0x0a, 0x08, 0x4e, 0x4f, 0x54, 0x5f,
+	0x53, 0x45, 0x4e, 0x54, 0x10, 0x02, 0x12, 0x09, 0x0a, 0x05, 0x53, 0x54, 0x41, 0x4c, 0x45, 0x10,
+	0x03, 0x12, 0x09, 0x0a, 0x05, 0x45, 0x52, 0x52, 0x4f, 0x52, 0x10, 0x04, 0x2a, 0x63, 0x0a, 0x12,
+	0x43, 0x6c, 0x69, 0x65, 0x6e, 0x74, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x53, 0x74, 0x61, 0x74,
+	0x75, 0x73, 0x12, 0x12, 0x0a, 0x0e, 0x43, 0x4c, 0x49, 0x45, 0x4e, 0x54, 0x5f, 0x55, 0x4e, 0x4b,
+	0x4e, 0x4f, 0x57, 0x4e, 0x10, 0x00, 0x12, 0x14, 0x0a, 0x10, 0x43, 0x4c, 0x49, 0x45, 0x4e, 0x54,
+	0x5f, 0x52, 0x45, 0x51, 0x55, 0x45, 0x53, 0x54, 0x45, 0x44, 0x10, 0x01, 0x12, 0x10, 0x0a, 0x0c,
+	0x43, 0x4c, 0x49, 0x45, 0x4e, 0x54, 0x5f, 0x41, 0x43, 0x4b, 0x45, 0x44, 0x10, 0x02, 0x12, 0x11,
+	0x0a, 0x0d, 0x43, 0x4c, 0x49, 0x45, 0x4e, 0x54, 0x5f, 0x4e, 0x41, 0x43, 0x4b, 0x45, 0x44, 0x10,
+	0x03, 0x32, 0xb8, 0x02, 0x0a, 0x1c, 0x43, 0x6c, 0x69, 0x65, 0x6e, 0x74, 0x53, 0x74, 0x61, 0x74,
+	0x75, 0x73, 0x44, 0x69, 0x73, 0x63, 0x6f, 0x76, 0x65, 0x72, 0x79, 0x53, 0x65, 0x72, 0x76, 0x69,
+	0x63, 0x65, 0x12, 0x77, 0x0a, 0x12, 0x53, 0x74, 0x72, 0x65, 0x61, 0x6d, 0x43, 0x6c, 0x69, 0x65,
+	0x6e, 0x74, 0x53, 0x74, 0x61, 0x74, 0x75, 0x73, 0x12, 0x2c, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79,
+	0x2e, 0x73, 0x65, 0x72, 0x76, 0x69, 0x63, 0x65, 0x2e, 0x73, 0x74, 0x61, 0x74, 0x75, 0x73, 0x2e,
+	0x76, 0x33, 0x2e, 0x43, 0x6c, 0x69, 0x65, 0x6e, 0x74, 0x53, 0x74, 0x61, 0x74, 0x75, 0x73, 0x52,
+	0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, 0x2d, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x73,
+	0x65, 0x72, 0x76, 0x69, 0x63, 0x65, 0x2e, 0x73, 0x74, 0x61, 0x74, 0x75, 0x73, 0x2e, 0x76, 0x33,
+	0x2e, 0x43, 0x6c, 0x69, 0x65, 0x6e, 0x74, 0x53, 0x74, 0x61, 0x74, 0x75, 0x73, 0x52, 0x65, 0x73,
+	0x70, 0x6f, 0x6e, 0x73, 0x65, 0x22, 0x00, 0x28, 0x01, 0x30, 0x01, 0x12, 0x9e, 0x01, 0x0a, 0x11,
+	0x46, 0x65, 0x74, 0x63, 0x68, 0x43, 0x6c, 0x69, 0x65, 0x6e, 0x74, 0x53, 0x74, 0x61, 0x74, 0x75,
+	0x73, 0x12, 0x2c, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x73, 0x65, 0x72, 0x76, 0x69, 0x63,
+	0x65, 0x2e, 0x73, 0x74, 0x61, 0x74, 0x75, 0x73, 0x2e, 0x76, 0x33, 0x2e, 0x43, 0x6c, 0x69, 0x65,
+	0x6e, 0x74, 0x53, 0x74, 0x61, 0x74, 0x75, 0x73, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a,
+	0x2d, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x73, 0x65, 0x72, 0x76, 0x69, 0x63, 0x65, 0x2e,
+	0x73, 0x74, 0x61, 0x74, 0x75, 0x73, 0x2e, 0x76, 0x33, 0x2e, 0x43, 0x6c, 0x69, 0x65, 0x6e, 0x74,
+	0x53, 0x74, 0x61, 0x74, 0x75, 0x73, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x22, 0x2c,
+	0x82, 0xd3, 0xe4, 0x93, 0x02, 0x1d, 0x22, 0x1b, 0x2f, 0x76, 0x33, 0x2f, 0x64, 0x69, 0x73, 0x63,
+	0x6f, 0x76, 0x65, 0x72, 0x79, 0x3a, 0x63, 0x6c, 0x69, 0x65, 0x6e, 0x74, 0x5f, 0x73, 0x74, 0x61,
+	0x74, 0x75, 0x73, 0x82, 0xd3, 0xe4, 0x93, 0x02, 0x03, 0x3a, 0x01, 0x2a, 0x42, 0x3f, 0x0a, 0x25,
+	0x69, 0x6f, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x70, 0x72, 0x6f, 0x78, 0x79, 0x2e, 0x65, 0x6e,
+	0x76, 0x6f, 0x79, 0x2e, 0x73, 0x65, 0x72, 0x76, 0x69, 0x63, 0x65, 0x2e, 0x73, 0x74, 0x61, 0x74,
+	0x75, 0x73, 0x2e, 0x76, 0x33, 0x42, 0x09, 0x43, 0x73, 0x64, 0x73, 0x50, 0x72, 0x6f, 0x74, 0x6f,
+	0x50, 0x01, 0x88, 0x01, 0x01, 0xba, 0x80, 0xc8, 0xd1, 0x06, 0x02, 0x10, 0x02, 0x62, 0x06, 0x70,
+	0x72, 0x6f, 0x74, 0x6f, 0x33,
+}
+
+var (
+	file_envoy_service_status_v3_csds_proto_rawDescOnce sync.Once
+	file_envoy_service_status_v3_csds_proto_rawDescData = file_envoy_service_status_v3_csds_proto_rawDesc
+)
+
+func file_envoy_service_status_v3_csds_proto_rawDescGZIP() []byte {
+	file_envoy_service_status_v3_csds_proto_rawDescOnce.Do(func() {
+		file_envoy_service_status_v3_csds_proto_rawDescData = protoimpl.X.CompressGZIP(file_envoy_service_status_v3_csds_proto_rawDescData)
+	})
+	return file_envoy_service_status_v3_csds_proto_rawDescData
+}
+
+var file_envoy_service_status_v3_csds_proto_enumTypes = make([]protoimpl.EnumInfo, 2)
+var file_envoy_service_status_v3_csds_proto_msgTypes = make([]protoimpl.MessageInfo, 5)
+var file_envoy_service_status_v3_csds_proto_goTypes = []interface{}{
+	(ConfigStatus)(0),                     // 0: envoy.service.status.v3.ConfigStatus
+	(ClientConfigStatus)(0),               // 1: envoy.service.status.v3.ClientConfigStatus
+	(*ClientStatusRequest)(nil),           // 2: envoy.service.status.v3.ClientStatusRequest
+	(*PerXdsConfig)(nil),                  // 3: envoy.service.status.v3.PerXdsConfig
+	(*ClientConfig)(nil),                  // 4: envoy.service.status.v3.ClientConfig
+	(*ClientStatusResponse)(nil),          // 5: envoy.service.status.v3.ClientStatusResponse
+	(*ClientConfig_GenericXdsConfig)(nil), // 6: envoy.service.status.v3.ClientConfig.GenericXdsConfig
+	(*v3.NodeMatcher)(nil),                // 7: envoy.type.matcher.v3.NodeMatcher
+	(*v31.Node)(nil),                      // 8: envoy.config.core.v3.Node
+	(*v32.ListenersConfigDump)(nil),       // 9: envoy.admin.v3.ListenersConfigDump
+	(*v32.ClustersConfigDump)(nil),        // 10: envoy.admin.v3.ClustersConfigDump
+	(*v32.RoutesConfigDump)(nil),          // 11: envoy.admin.v3.RoutesConfigDump
+	(*v32.ScopedRoutesConfigDump)(nil),    // 12: envoy.admin.v3.ScopedRoutesConfigDump
+	(*v32.EndpointsConfigDump)(nil),       // 13: envoy.admin.v3.EndpointsConfigDump
+	(*any.Any)(nil),                       // 14: google.protobuf.Any
+	(*timestamp.Timestamp)(nil),           // 15: google.protobuf.Timestamp
+	(v32.ClientResourceStatus)(0),         // 16: envoy.admin.v3.ClientResourceStatus
+	(*v32.UpdateFailureState)(nil),        // 17: envoy.admin.v3.UpdateFailureState
+}
+var file_envoy_service_status_v3_csds_proto_depIdxs = []int32{
+	7,  // 0: envoy.service.status.v3.ClientStatusRequest.node_matchers:type_name -> envoy.type.matcher.v3.NodeMatcher
+	8,  // 1: envoy.service.status.v3.ClientStatusRequest.node:type_name -> envoy.config.core.v3.Node
+	0,  // 2: envoy.service.status.v3.PerXdsConfig.status:type_name -> envoy.service.status.v3.ConfigStatus
+	1,  // 3: envoy.service.status.v3.PerXdsConfig.client_status:type_name -> envoy.service.status.v3.ClientConfigStatus
+	9,  // 4: envoy.service.status.v3.PerXdsConfig.listener_config:type_name -> envoy.admin.v3.ListenersConfigDump
+	10, // 5: envoy.service.status.v3.PerXdsConfig.cluster_config:type_name -> envoy.admin.v3.ClustersConfigDump
+	11, // 6: envoy.service.status.v3.PerXdsConfig.route_config:type_name -> envoy.admin.v3.RoutesConfigDump
+	12, // 7: envoy.service.status.v3.PerXdsConfig.scoped_route_config:type_name -> envoy.admin.v3.ScopedRoutesConfigDump
+	13, // 8: envoy.service.status.v3.PerXdsConfig.endpoint_config:type_name -> envoy.admin.v3.EndpointsConfigDump
+	8,  // 9: envoy.service.status.v3.ClientConfig.node:type_name -> envoy.config.core.v3.Node
+	3,  // 10: envoy.service.status.v3.ClientConfig.xds_config:type_name -> envoy.service.status.v3.PerXdsConfig
+	6,  // 11: envoy.service.status.v3.ClientConfig.generic_xds_configs:type_name -> envoy.service.status.v3.ClientConfig.GenericXdsConfig
+	4,  // 12: envoy.service.status.v3.ClientStatusResponse.config:type_name -> envoy.service.status.v3.ClientConfig
+	14, // 13: envoy.service.status.v3.ClientConfig.GenericXdsConfig.xds_config:type_name -> google.protobuf.Any
+	15, // 14: envoy.service.status.v3.ClientConfig.GenericXdsConfig.last_updated:type_name -> google.protobuf.Timestamp
+	0,  // 15: envoy.service.status.v3.ClientConfig.GenericXdsConfig.config_status:type_name -> envoy.service.status.v3.ConfigStatus
+	16, // 16: envoy.service.status.v3.ClientConfig.GenericXdsConfig.client_status:type_name -> envoy.admin.v3.ClientResourceStatus
+	17, // 17: envoy.service.status.v3.ClientConfig.GenericXdsConfig.error_state:type_name -> envoy.admin.v3.UpdateFailureState
+	2,  // 18: envoy.service.status.v3.ClientStatusDiscoveryService.StreamClientStatus:input_type -> envoy.service.status.v3.ClientStatusRequest
+	2,  // 19: envoy.service.status.v3.ClientStatusDiscoveryService.FetchClientStatus:input_type -> envoy.service.status.v3.ClientStatusRequest
+	5,  // 20: envoy.service.status.v3.ClientStatusDiscoveryService.StreamClientStatus:output_type -> envoy.service.status.v3.ClientStatusResponse
+	5,  // 21: envoy.service.status.v3.ClientStatusDiscoveryService.FetchClientStatus:output_type -> envoy.service.status.v3.ClientStatusResponse
+	20, // [20:22] is the sub-list for method output_type
+	18, // [18:20] is the sub-list for method input_type
+	18, // [18:18] is the sub-list for extension type_name
+	18, // [18:18] is the sub-list for extension extendee
+	0,  // [0:18] is the sub-list for field type_name
+}
+
+func init() { file_envoy_service_status_v3_csds_proto_init() }
+func file_envoy_service_status_v3_csds_proto_init() {
+	if File_envoy_service_status_v3_csds_proto != nil {
+		return
+	}
+	if !protoimpl.UnsafeEnabled {
+		file_envoy_service_status_v3_csds_proto_msgTypes[0].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*ClientStatusRequest); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_service_status_v3_csds_proto_msgTypes[1].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*PerXdsConfig); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_service_status_v3_csds_proto_msgTypes[2].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*ClientConfig); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_service_status_v3_csds_proto_msgTypes[3].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*ClientStatusResponse); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_service_status_v3_csds_proto_msgTypes[4].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*ClientConfig_GenericXdsConfig); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+	}
+	file_envoy_service_status_v3_csds_proto_msgTypes[1].OneofWrappers = []interface{}{
+		(*PerXdsConfig_ListenerConfig)(nil),
+		(*PerXdsConfig_ClusterConfig)(nil),
+		(*PerXdsConfig_RouteConfig)(nil),
+		(*PerXdsConfig_ScopedRouteConfig)(nil),
+		(*PerXdsConfig_EndpointConfig)(nil),
+	}
+	type x struct{}
+	out := protoimpl.TypeBuilder{
+		File: protoimpl.DescBuilder{
+			GoPackagePath: reflect.TypeOf(x{}).PkgPath(),
+			RawDescriptor: file_envoy_service_status_v3_csds_proto_rawDesc,
+			NumEnums:      2,
+			NumMessages:   5,
+			NumExtensions: 0,
+			NumServices:   1,
+		},
+		GoTypes:           file_envoy_service_status_v3_csds_proto_goTypes,
+		DependencyIndexes: file_envoy_service_status_v3_csds_proto_depIdxs,
+		EnumInfos:         file_envoy_service_status_v3_csds_proto_enumTypes,
+		MessageInfos:      file_envoy_service_status_v3_csds_proto_msgTypes,
+	}.Build()
+	File_envoy_service_status_v3_csds_proto = out.File
+	file_envoy_service_status_v3_csds_proto_rawDesc = nil
+	file_envoy_service_status_v3_csds_proto_goTypes = nil
+	file_envoy_service_status_v3_csds_proto_depIdxs = nil
+}
+
+// Reference imports to suppress errors if they are not otherwise used.
+var _ context.Context
+var _ grpc.ClientConnInterface
+
+// This is a compile-time assertion to ensure that this generated file
+// is compatible with the grpc package it is being compiled against.
+const _ = grpc.SupportPackageIsVersion6
+
+// ClientStatusDiscoveryServiceClient is the client API for ClientStatusDiscoveryService service.
+//
+// For semantics around ctx use and closing/ending streaming RPCs, please refer to https://godoc.org/google.golang.org/grpc#ClientConn.NewStream.
+type ClientStatusDiscoveryServiceClient interface {
+	StreamClientStatus(ctx context.Context, opts ...grpc.CallOption) (ClientStatusDiscoveryService_StreamClientStatusClient, error)
+	FetchClientStatus(ctx context.Context, in *ClientStatusRequest, opts ...grpc.CallOption) (*ClientStatusResponse, error)
+}
+
+type clientStatusDiscoveryServiceClient struct {
+	cc grpc.ClientConnInterface
+}
+
+func NewClientStatusDiscoveryServiceClient(cc grpc.ClientConnInterface) ClientStatusDiscoveryServiceClient {
+	return &clientStatusDiscoveryServiceClient{cc}
+}
+
+func (c *clientStatusDiscoveryServiceClient) StreamClientStatus(ctx context.Context, opts ...grpc.CallOption) (ClientStatusDiscoveryService_StreamClientStatusClient, error) {
+	stream, err := c.cc.NewStream(ctx, &_ClientStatusDiscoveryService_serviceDesc.Streams[0], "/envoy.service.status.v3.ClientStatusDiscoveryService/StreamClientStatus", opts...)
+	if err != nil {
+		return nil, err
+	}
+	x := &clientStatusDiscoveryServiceStreamClientStatusClient{stream}
+	return x, nil
+}
+
+type ClientStatusDiscoveryService_StreamClientStatusClient interface {
+	Send(*ClientStatusRequest) error
+	Recv() (*ClientStatusResponse, error)
+	grpc.ClientStream
+}
+
+type clientStatusDiscoveryServiceStreamClientStatusClient struct {
+	grpc.ClientStream
+}
+
+func (x *clientStatusDiscoveryServiceStreamClientStatusClient) Send(m *ClientStatusRequest) error {
+	return x.ClientStream.SendMsg(m)
+}
+
+func (x *clientStatusDiscoveryServiceStreamClientStatusClient) Recv() (*ClientStatusResponse, error) {
+	m := new(ClientStatusResponse)
+	if err := x.ClientStream.RecvMsg(m); err != nil {
+		return nil, err
+	}
+	return m, nil
+}
+
+func (c *clientStatusDiscoveryServiceClient) FetchClientStatus(ctx context.Context, in *ClientStatusRequest, opts ...grpc.CallOption) (*ClientStatusResponse, error) {
+	out := new(ClientStatusResponse)
+	err := c.cc.Invoke(ctx, "/envoy.service.status.v3.ClientStatusDiscoveryService/FetchClientStatus", in, out, opts...)
+	if err != nil {
+		return nil, err
+	}
+	return out, nil
+}
+
+// ClientStatusDiscoveryServiceServer is the server API for ClientStatusDiscoveryService service.
+type ClientStatusDiscoveryServiceServer interface {
+	StreamClientStatus(ClientStatusDiscoveryService_StreamClientStatusServer) error
+	FetchClientStatus(context.Context, *ClientStatusRequest) (*ClientStatusResponse, error)
+}
+
+// UnimplementedClientStatusDiscoveryServiceServer can be embedded to have forward compatible implementations.
+type UnimplementedClientStatusDiscoveryServiceServer struct {
+}
+
+func (*UnimplementedClientStatusDiscoveryServiceServer) StreamClientStatus(ClientStatusDiscoveryService_StreamClientStatusServer) error {
+	return status.Errorf(codes.Unimplemented, "method StreamClientStatus not implemented")
+}
+func (*UnimplementedClientStatusDiscoveryServiceServer) FetchClientStatus(context.Context, *ClientStatusRequest) (*ClientStatusResponse, error) {
+	return nil, status.Errorf(codes.Unimplemented, "method FetchClientStatus not implemented")
+}
+
+func RegisterClientStatusDiscoveryServiceServer(s *grpc.Server, srv ClientStatusDiscoveryServiceServer) {
+	s.RegisterService(&_ClientStatusDiscoveryService_serviceDesc, srv)
+}
+
+func _ClientStatusDiscoveryService_StreamClientStatus_Handler(srv interface{}, stream grpc.ServerStream) error {
+	return srv.(ClientStatusDiscoveryServiceServer).StreamClientStatus(&clientStatusDiscoveryServiceStreamClientStatusServer{stream})
+}
+
+type ClientStatusDiscoveryService_StreamClientStatusServer interface {
+	Send(*ClientStatusResponse) error
+	Recv() (*ClientStatusRequest, error)
+	grpc.ServerStream
+}
+
+type clientStatusDiscoveryServiceStreamClientStatusServer struct {
+	grpc.ServerStream
+}
+
+func (x *clientStatusDiscoveryServiceStreamClientStatusServer) Send(m *ClientStatusResponse) error {
+	return x.ServerStream.SendMsg(m)
+}
+
+func (x *clientStatusDiscoveryServiceStreamClientStatusServer) Recv() (*ClientStatusRequest, error) {
+	m := new(ClientStatusRequest)
+	if err := x.ServerStream.RecvMsg(m); err != nil {
+		return nil, err
+	}
+	return m, nil
+}
+
+func _ClientStatusDiscoveryService_FetchClientStatus_Handler(srv interface{}, ctx context.Context, dec func(interface{}) error, interceptor grpc.UnaryServerInterceptor) (interface{}, error) {
+	in := new(ClientStatusRequest)
+	if err := dec(in); err != nil {
+		return nil, err
+	}
+	if interceptor == nil {
+		return srv.(ClientStatusDiscoveryServiceServer).FetchClientStatus(ctx, in)
+	}
+	info := &grpc.UnaryServerInfo{
+		Server:     srv,
+		FullMethod: "/envoy.service.status.v3.ClientStatusDiscoveryService/FetchClientStatus",
+	}
+	handler := func(ctx context.Context, req interface{}) (interface{}, error) {
+		return srv.(ClientStatusDiscoveryServiceServer).FetchClientStatus(ctx, req.(*ClientStatusRequest))
+	}
+	return interceptor(ctx, in, info, handler)
+}
+
+var _ClientStatusDiscoveryService_serviceDesc = grpc.ServiceDesc{
+	ServiceName: "envoy.service.status.v3.ClientStatusDiscoveryService",
+	HandlerType: (*ClientStatusDiscoveryServiceServer)(nil),
+	Methods: []grpc.MethodDesc{
+		{
+			MethodName: "FetchClientStatus",
+			Handler:    _ClientStatusDiscoveryService_FetchClientStatus_Handler,
+		},
+	},
+	Streams: []grpc.StreamDesc{
+		{
+			StreamName:    "StreamClientStatus",
+			Handler:       _ClientStatusDiscoveryService_StreamClientStatus_Handler,
+			ServerStreams: true,
+			ClientStreams: true,
+		},
+	},
+	Metadata: "envoy/service/status/v3/csds.proto",
+}
diff --git a/vendor/github.com/envoyproxy/go-control-plane/envoy/service/status/v3/csds.pb.validate.go b/vendor/github.com/envoyproxy/go-control-plane/envoy/service/status/v3/csds.pb.validate.go
new file mode 100644
index 00000000000..85d5efbf339
--- /dev/null
+++ b/vendor/github.com/envoyproxy/go-control-plane/envoy/service/status/v3/csds.pb.validate.go
@@ -0,0 +1,996 @@
+// Code generated by protoc-gen-validate. DO NOT EDIT.
+// source: envoy/service/status/v3/csds.proto
+
+package envoy_service_status_v3
+
+import (
+	"bytes"
+	"errors"
+	"fmt"
+	"net"
+	"net/mail"
+	"net/url"
+	"regexp"
+	"sort"
+	"strings"
+	"time"
+	"unicode/utf8"
+
+	"google.golang.org/protobuf/types/known/anypb"
+
+	v3 "github.com/envoyproxy/go-control-plane/envoy/admin/v3"
+)
+
+// ensure the imports are used
+var (
+	_ = bytes.MinRead
+	_ = errors.New("")
+	_ = fmt.Print
+	_ = utf8.UTFMax
+	_ = (*regexp.Regexp)(nil)
+	_ = (*strings.Reader)(nil)
+	_ = net.IPv4len
+	_ = time.Duration(0)
+	_ = (*url.URL)(nil)
+	_ = (*mail.Address)(nil)
+	_ = anypb.Any{}
+	_ = sort.Sort
+
+	_ = v3.ClientResourceStatus(0)
+)
+
+// Validate checks the field values on ClientStatusRequest with the rules
+// defined in the proto definition for this message. If any rules are
+// violated, the first error encountered is returned, or nil if there are no violations.
+func (m *ClientStatusRequest) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on ClientStatusRequest with the rules
+// defined in the proto definition for this message. If any rules are
+// violated, the result is a list of violation errors wrapped in
+// ClientStatusRequestMultiError, or nil if none found.
+func (m *ClientStatusRequest) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *ClientStatusRequest) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	for idx, item := range m.GetNodeMatchers() {
+		_, _ = idx, item
+
+		if all {
+			switch v := interface{}(item).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, ClientStatusRequestValidationError{
+						field:  fmt.Sprintf("NodeMatchers[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, ClientStatusRequestValidationError{
+						field:  fmt.Sprintf("NodeMatchers[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(item).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return ClientStatusRequestValidationError{
+					field:  fmt.Sprintf("NodeMatchers[%v]", idx),
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	}
+
+	if all {
+		switch v := interface{}(m.GetNode()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, ClientStatusRequestValidationError{
+					field:  "Node",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, ClientStatusRequestValidationError{
+					field:  "Node",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetNode()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return ClientStatusRequestValidationError{
+				field:  "Node",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if len(errors) > 0 {
+		return ClientStatusRequestMultiError(errors)
+	}
+	return nil
+}
+
+// ClientStatusRequestMultiError is an error wrapping multiple validation
+// errors returned by ClientStatusRequest.ValidateAll() if the designated
+// constraints aren't met.
+type ClientStatusRequestMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m ClientStatusRequestMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m ClientStatusRequestMultiError) AllErrors() []error { return m }
+
+// ClientStatusRequestValidationError is the validation error returned by
+// ClientStatusRequest.Validate if the designated constraints aren't met.
+type ClientStatusRequestValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e ClientStatusRequestValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e ClientStatusRequestValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e ClientStatusRequestValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e ClientStatusRequestValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e ClientStatusRequestValidationError) ErrorName() string {
+	return "ClientStatusRequestValidationError"
+}
+
+// Error satisfies the builtin error interface
+func (e ClientStatusRequestValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sClientStatusRequest.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = ClientStatusRequestValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = ClientStatusRequestValidationError{}
+
+// Validate checks the field values on PerXdsConfig with the rules defined in
+// the proto definition for this message. If any rules are violated, the first
+// error encountered is returned, or nil if there are no violations.
+func (m *PerXdsConfig) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on PerXdsConfig with the rules defined
+// in the proto definition for this message. If any rules are violated, the
+// result is a list of violation errors wrapped in PerXdsConfigMultiError, or
+// nil if none found.
+func (m *PerXdsConfig) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *PerXdsConfig) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	// no validation rules for Status
+
+	// no validation rules for ClientStatus
+
+	switch m.PerXdsConfig.(type) {
+
+	case *PerXdsConfig_ListenerConfig:
+
+		if all {
+			switch v := interface{}(m.GetListenerConfig()).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, PerXdsConfigValidationError{
+						field:  "ListenerConfig",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, PerXdsConfigValidationError{
+						field:  "ListenerConfig",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(m.GetListenerConfig()).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return PerXdsConfigValidationError{
+					field:  "ListenerConfig",
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	case *PerXdsConfig_ClusterConfig:
+
+		if all {
+			switch v := interface{}(m.GetClusterConfig()).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, PerXdsConfigValidationError{
+						field:  "ClusterConfig",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, PerXdsConfigValidationError{
+						field:  "ClusterConfig",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(m.GetClusterConfig()).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return PerXdsConfigValidationError{
+					field:  "ClusterConfig",
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	case *PerXdsConfig_RouteConfig:
+
+		if all {
+			switch v := interface{}(m.GetRouteConfig()).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, PerXdsConfigValidationError{
+						field:  "RouteConfig",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, PerXdsConfigValidationError{
+						field:  "RouteConfig",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(m.GetRouteConfig()).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return PerXdsConfigValidationError{
+					field:  "RouteConfig",
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	case *PerXdsConfig_ScopedRouteConfig:
+
+		if all {
+			switch v := interface{}(m.GetScopedRouteConfig()).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, PerXdsConfigValidationError{
+						field:  "ScopedRouteConfig",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, PerXdsConfigValidationError{
+						field:  "ScopedRouteConfig",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(m.GetScopedRouteConfig()).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return PerXdsConfigValidationError{
+					field:  "ScopedRouteConfig",
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	case *PerXdsConfig_EndpointConfig:
+
+		if all {
+			switch v := interface{}(m.GetEndpointConfig()).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, PerXdsConfigValidationError{
+						field:  "EndpointConfig",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, PerXdsConfigValidationError{
+						field:  "EndpointConfig",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(m.GetEndpointConfig()).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return PerXdsConfigValidationError{
+					field:  "EndpointConfig",
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	}
+
+	if len(errors) > 0 {
+		return PerXdsConfigMultiError(errors)
+	}
+	return nil
+}
+
+// PerXdsConfigMultiError is an error wrapping multiple validation errors
+// returned by PerXdsConfig.ValidateAll() if the designated constraints aren't met.
+type PerXdsConfigMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m PerXdsConfigMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m PerXdsConfigMultiError) AllErrors() []error { return m }
+
+// PerXdsConfigValidationError is the validation error returned by
+// PerXdsConfig.Validate if the designated constraints aren't met.
+type PerXdsConfigValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e PerXdsConfigValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e PerXdsConfigValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e PerXdsConfigValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e PerXdsConfigValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e PerXdsConfigValidationError) ErrorName() string { return "PerXdsConfigValidationError" }
+
+// Error satisfies the builtin error interface
+func (e PerXdsConfigValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sPerXdsConfig.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = PerXdsConfigValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = PerXdsConfigValidationError{}
+
+// Validate checks the field values on ClientConfig with the rules defined in
+// the proto definition for this message. If any rules are violated, the first
+// error encountered is returned, or nil if there are no violations.
+func (m *ClientConfig) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on ClientConfig with the rules defined
+// in the proto definition for this message. If any rules are violated, the
+// result is a list of violation errors wrapped in ClientConfigMultiError, or
+// nil if none found.
+func (m *ClientConfig) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *ClientConfig) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	if all {
+		switch v := interface{}(m.GetNode()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, ClientConfigValidationError{
+					field:  "Node",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, ClientConfigValidationError{
+					field:  "Node",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetNode()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return ClientConfigValidationError{
+				field:  "Node",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	for idx, item := range m.GetXdsConfig() {
+		_, _ = idx, item
+
+		if all {
+			switch v := interface{}(item).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, ClientConfigValidationError{
+						field:  fmt.Sprintf("XdsConfig[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, ClientConfigValidationError{
+						field:  fmt.Sprintf("XdsConfig[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(item).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return ClientConfigValidationError{
+					field:  fmt.Sprintf("XdsConfig[%v]", idx),
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	}
+
+	for idx, item := range m.GetGenericXdsConfigs() {
+		_, _ = idx, item
+
+		if all {
+			switch v := interface{}(item).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, ClientConfigValidationError{
+						field:  fmt.Sprintf("GenericXdsConfigs[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, ClientConfigValidationError{
+						field:  fmt.Sprintf("GenericXdsConfigs[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(item).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return ClientConfigValidationError{
+					field:  fmt.Sprintf("GenericXdsConfigs[%v]", idx),
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	}
+
+	if len(errors) > 0 {
+		return ClientConfigMultiError(errors)
+	}
+	return nil
+}
+
+// ClientConfigMultiError is an error wrapping multiple validation errors
+// returned by ClientConfig.ValidateAll() if the designated constraints aren't met.
+type ClientConfigMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m ClientConfigMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m ClientConfigMultiError) AllErrors() []error { return m }
+
+// ClientConfigValidationError is the validation error returned by
+// ClientConfig.Validate if the designated constraints aren't met.
+type ClientConfigValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e ClientConfigValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e ClientConfigValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e ClientConfigValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e ClientConfigValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e ClientConfigValidationError) ErrorName() string { return "ClientConfigValidationError" }
+
+// Error satisfies the builtin error interface
+func (e ClientConfigValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sClientConfig.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = ClientConfigValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = ClientConfigValidationError{}
+
+// Validate checks the field values on ClientStatusResponse with the rules
+// defined in the proto definition for this message. If any rules are
+// violated, the first error encountered is returned, or nil if there are no violations.
+func (m *ClientStatusResponse) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on ClientStatusResponse with the rules
+// defined in the proto definition for this message. If any rules are
+// violated, the result is a list of violation errors wrapped in
+// ClientStatusResponseMultiError, or nil if none found.
+func (m *ClientStatusResponse) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *ClientStatusResponse) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	for idx, item := range m.GetConfig() {
+		_, _ = idx, item
+
+		if all {
+			switch v := interface{}(item).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, ClientStatusResponseValidationError{
+						field:  fmt.Sprintf("Config[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, ClientStatusResponseValidationError{
+						field:  fmt.Sprintf("Config[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(item).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return ClientStatusResponseValidationError{
+					field:  fmt.Sprintf("Config[%v]", idx),
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	}
+
+	if len(errors) > 0 {
+		return ClientStatusResponseMultiError(errors)
+	}
+	return nil
+}
+
+// ClientStatusResponseMultiError is an error wrapping multiple validation
+// errors returned by ClientStatusResponse.ValidateAll() if the designated
+// constraints aren't met.
+type ClientStatusResponseMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m ClientStatusResponseMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m ClientStatusResponseMultiError) AllErrors() []error { return m }
+
+// ClientStatusResponseValidationError is the validation error returned by
+// ClientStatusResponse.Validate if the designated constraints aren't met.
+type ClientStatusResponseValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e ClientStatusResponseValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e ClientStatusResponseValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e ClientStatusResponseValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e ClientStatusResponseValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e ClientStatusResponseValidationError) ErrorName() string {
+	return "ClientStatusResponseValidationError"
+}
+
+// Error satisfies the builtin error interface
+func (e ClientStatusResponseValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sClientStatusResponse.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = ClientStatusResponseValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = ClientStatusResponseValidationError{}
+
+// Validate checks the field values on ClientConfig_GenericXdsConfig with the
+// rules defined in the proto definition for this message. If any rules are
+// violated, the first error encountered is returned, or nil if there are no violations.
+func (m *ClientConfig_GenericXdsConfig) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on ClientConfig_GenericXdsConfig with
+// the rules defined in the proto definition for this message. If any rules
+// are violated, the result is a list of violation errors wrapped in
+// ClientConfig_GenericXdsConfigMultiError, or nil if none found.
+func (m *ClientConfig_GenericXdsConfig) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *ClientConfig_GenericXdsConfig) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	// no validation rules for TypeUrl
+
+	// no validation rules for Name
+
+	// no validation rules for VersionInfo
+
+	if all {
+		switch v := interface{}(m.GetXdsConfig()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, ClientConfig_GenericXdsConfigValidationError{
+					field:  "XdsConfig",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, ClientConfig_GenericXdsConfigValidationError{
+					field:  "XdsConfig",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetXdsConfig()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return ClientConfig_GenericXdsConfigValidationError{
+				field:  "XdsConfig",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if all {
+		switch v := interface{}(m.GetLastUpdated()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, ClientConfig_GenericXdsConfigValidationError{
+					field:  "LastUpdated",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, ClientConfig_GenericXdsConfigValidationError{
+					field:  "LastUpdated",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetLastUpdated()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return ClientConfig_GenericXdsConfigValidationError{
+				field:  "LastUpdated",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	// no validation rules for ConfigStatus
+
+	// no validation rules for ClientStatus
+
+	if all {
+		switch v := interface{}(m.GetErrorState()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, ClientConfig_GenericXdsConfigValidationError{
+					field:  "ErrorState",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, ClientConfig_GenericXdsConfigValidationError{
+					field:  "ErrorState",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetErrorState()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return ClientConfig_GenericXdsConfigValidationError{
+				field:  "ErrorState",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	// no validation rules for IsStaticResource
+
+	if len(errors) > 0 {
+		return ClientConfig_GenericXdsConfigMultiError(errors)
+	}
+	return nil
+}
+
+// ClientConfig_GenericXdsConfigMultiError is an error wrapping multiple
+// validation errors returned by ClientConfig_GenericXdsConfig.ValidateAll()
+// if the designated constraints aren't met.
+type ClientConfig_GenericXdsConfigMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m ClientConfig_GenericXdsConfigMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m ClientConfig_GenericXdsConfigMultiError) AllErrors() []error { return m }
+
+// ClientConfig_GenericXdsConfigValidationError is the validation error
+// returned by ClientConfig_GenericXdsConfig.Validate if the designated
+// constraints aren't met.
+type ClientConfig_GenericXdsConfigValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e ClientConfig_GenericXdsConfigValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e ClientConfig_GenericXdsConfigValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e ClientConfig_GenericXdsConfigValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e ClientConfig_GenericXdsConfigValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e ClientConfig_GenericXdsConfigValidationError) ErrorName() string {
+	return "ClientConfig_GenericXdsConfigValidationError"
+}
+
+// Error satisfies the builtin error interface
+func (e ClientConfig_GenericXdsConfigValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sClientConfig_GenericXdsConfig.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = ClientConfig_GenericXdsConfigValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = ClientConfig_GenericXdsConfigValidationError{}
diff --git a/vendor/github.com/envoyproxy/go-control-plane/envoy/type/hash_policy.pb.go b/vendor/github.com/envoyproxy/go-control-plane/envoy/type/hash_policy.pb.go
new file mode 100644
index 00000000000..dc73cb991be
--- /dev/null
+++ b/vendor/github.com/envoyproxy/go-control-plane/envoy/type/hash_policy.pb.go
@@ -0,0 +1,238 @@
+// Code generated by protoc-gen-go. DO NOT EDIT.
+// versions:
+// 	protoc-gen-go v1.25.0
+// 	protoc        v3.19.1
+// source: envoy/type/hash_policy.proto
+
+package envoy_type
+
+import (
+	_ "github.com/cncf/xds/go/udpa/annotations"
+	_ "github.com/envoyproxy/protoc-gen-validate/validate"
+	proto "github.com/golang/protobuf/proto"
+	protoreflect "google.golang.org/protobuf/reflect/protoreflect"
+	protoimpl "google.golang.org/protobuf/runtime/protoimpl"
+	reflect "reflect"
+	sync "sync"
+)
+
+const (
+	// Verify that this generated code is sufficiently up-to-date.
+	_ = protoimpl.EnforceVersion(20 - protoimpl.MinVersion)
+	// Verify that runtime/protoimpl is sufficiently up-to-date.
+	_ = protoimpl.EnforceVersion(protoimpl.MaxVersion - 20)
+)
+
+// This is a compile-time assertion that a sufficiently up-to-date version
+// of the legacy proto package is being used.
+const _ = proto.ProtoPackageIsVersion4
+
+// Specifies the hash policy
+type HashPolicy struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// Types that are assignable to PolicySpecifier:
+	//	*HashPolicy_SourceIp_
+	PolicySpecifier isHashPolicy_PolicySpecifier `protobuf_oneof:"policy_specifier"`
+}
+
+func (x *HashPolicy) Reset() {
+	*x = HashPolicy{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_type_hash_policy_proto_msgTypes[0]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *HashPolicy) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*HashPolicy) ProtoMessage() {}
+
+func (x *HashPolicy) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_type_hash_policy_proto_msgTypes[0]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use HashPolicy.ProtoReflect.Descriptor instead.
+func (*HashPolicy) Descriptor() ([]byte, []int) {
+	return file_envoy_type_hash_policy_proto_rawDescGZIP(), []int{0}
+}
+
+func (m *HashPolicy) GetPolicySpecifier() isHashPolicy_PolicySpecifier {
+	if m != nil {
+		return m.PolicySpecifier
+	}
+	return nil
+}
+
+func (x *HashPolicy) GetSourceIp() *HashPolicy_SourceIp {
+	if x, ok := x.GetPolicySpecifier().(*HashPolicy_SourceIp_); ok {
+		return x.SourceIp
+	}
+	return nil
+}
+
+type isHashPolicy_PolicySpecifier interface {
+	isHashPolicy_PolicySpecifier()
+}
+
+type HashPolicy_SourceIp_ struct {
+	SourceIp *HashPolicy_SourceIp `protobuf:"bytes,1,opt,name=source_ip,json=sourceIp,proto3,oneof"`
+}
+
+func (*HashPolicy_SourceIp_) isHashPolicy_PolicySpecifier() {}
+
+// The source IP will be used to compute the hash used by hash-based load balancing
+// algorithms.
+type HashPolicy_SourceIp struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+}
+
+func (x *HashPolicy_SourceIp) Reset() {
+	*x = HashPolicy_SourceIp{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_type_hash_policy_proto_msgTypes[1]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *HashPolicy_SourceIp) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*HashPolicy_SourceIp) ProtoMessage() {}
+
+func (x *HashPolicy_SourceIp) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_type_hash_policy_proto_msgTypes[1]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use HashPolicy_SourceIp.ProtoReflect.Descriptor instead.
+func (*HashPolicy_SourceIp) Descriptor() ([]byte, []int) {
+	return file_envoy_type_hash_policy_proto_rawDescGZIP(), []int{0, 0}
+}
+
+var File_envoy_type_hash_policy_proto protoreflect.FileDescriptor
+
+var file_envoy_type_hash_policy_proto_rawDesc = []byte{
+	0x0a, 0x1c, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2f, 0x74, 0x79, 0x70, 0x65, 0x2f, 0x68, 0x61, 0x73,
+	0x68, 0x5f, 0x70, 0x6f, 0x6c, 0x69, 0x63, 0x79, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x12, 0x0a,
+	0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x74, 0x79, 0x70, 0x65, 0x1a, 0x1d, 0x75, 0x64, 0x70, 0x61,
+	0x2f, 0x61, 0x6e, 0x6e, 0x6f, 0x74, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x2f, 0x73, 0x74, 0x61,
+	0x74, 0x75, 0x73, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x17, 0x76, 0x61, 0x6c, 0x69, 0x64,
+	0x61, 0x74, 0x65, 0x2f, 0x76, 0x61, 0x6c, 0x69, 0x64, 0x61, 0x74, 0x65, 0x2e, 0x70, 0x72, 0x6f,
+	0x74, 0x6f, 0x22, 0x71, 0x0a, 0x0a, 0x48, 0x61, 0x73, 0x68, 0x50, 0x6f, 0x6c, 0x69, 0x63, 0x79,
+	0x12, 0x3e, 0x0a, 0x09, 0x73, 0x6f, 0x75, 0x72, 0x63, 0x65, 0x5f, 0x69, 0x70, 0x18, 0x01, 0x20,
+	0x01, 0x28, 0x0b, 0x32, 0x1f, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x74, 0x79, 0x70, 0x65,
+	0x2e, 0x48, 0x61, 0x73, 0x68, 0x50, 0x6f, 0x6c, 0x69, 0x63, 0x79, 0x2e, 0x53, 0x6f, 0x75, 0x72,
+	0x63, 0x65, 0x49, 0x70, 0x48, 0x00, 0x52, 0x08, 0x73, 0x6f, 0x75, 0x72, 0x63, 0x65, 0x49, 0x70,
+	0x1a, 0x0a, 0x0a, 0x08, 0x53, 0x6f, 0x75, 0x72, 0x63, 0x65, 0x49, 0x70, 0x42, 0x17, 0x0a, 0x10,
+	0x70, 0x6f, 0x6c, 0x69, 0x63, 0x79, 0x5f, 0x73, 0x70, 0x65, 0x63, 0x69, 0x66, 0x69, 0x65, 0x72,
+	0x12, 0x03, 0xf8, 0x42, 0x01, 0x42, 0x35, 0x0a, 0x18, 0x69, 0x6f, 0x2e, 0x65, 0x6e, 0x76, 0x6f,
+	0x79, 0x70, 0x72, 0x6f, 0x78, 0x79, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x74, 0x79, 0x70,
+	0x65, 0x42, 0x0f, 0x48, 0x61, 0x73, 0x68, 0x50, 0x6f, 0x6c, 0x69, 0x63, 0x79, 0x50, 0x72, 0x6f,
+	0x74, 0x6f, 0x50, 0x01, 0xba, 0x80, 0xc8, 0xd1, 0x06, 0x02, 0x10, 0x01, 0x62, 0x06, 0x70, 0x72,
+	0x6f, 0x74, 0x6f, 0x33,
+}
+
+var (
+	file_envoy_type_hash_policy_proto_rawDescOnce sync.Once
+	file_envoy_type_hash_policy_proto_rawDescData = file_envoy_type_hash_policy_proto_rawDesc
+)
+
+func file_envoy_type_hash_policy_proto_rawDescGZIP() []byte {
+	file_envoy_type_hash_policy_proto_rawDescOnce.Do(func() {
+		file_envoy_type_hash_policy_proto_rawDescData = protoimpl.X.CompressGZIP(file_envoy_type_hash_policy_proto_rawDescData)
+	})
+	return file_envoy_type_hash_policy_proto_rawDescData
+}
+
+var file_envoy_type_hash_policy_proto_msgTypes = make([]protoimpl.MessageInfo, 2)
+var file_envoy_type_hash_policy_proto_goTypes = []interface{}{
+	(*HashPolicy)(nil),          // 0: envoy.type.HashPolicy
+	(*HashPolicy_SourceIp)(nil), // 1: envoy.type.HashPolicy.SourceIp
+}
+var file_envoy_type_hash_policy_proto_depIdxs = []int32{
+	1, // 0: envoy.type.HashPolicy.source_ip:type_name -> envoy.type.HashPolicy.SourceIp
+	1, // [1:1] is the sub-list for method output_type
+	1, // [1:1] is the sub-list for method input_type
+	1, // [1:1] is the sub-list for extension type_name
+	1, // [1:1] is the sub-list for extension extendee
+	0, // [0:1] is the sub-list for field type_name
+}
+
+func init() { file_envoy_type_hash_policy_proto_init() }
+func file_envoy_type_hash_policy_proto_init() {
+	if File_envoy_type_hash_policy_proto != nil {
+		return
+	}
+	if !protoimpl.UnsafeEnabled {
+		file_envoy_type_hash_policy_proto_msgTypes[0].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*HashPolicy); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_type_hash_policy_proto_msgTypes[1].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*HashPolicy_SourceIp); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+	}
+	file_envoy_type_hash_policy_proto_msgTypes[0].OneofWrappers = []interface{}{
+		(*HashPolicy_SourceIp_)(nil),
+	}
+	type x struct{}
+	out := protoimpl.TypeBuilder{
+		File: protoimpl.DescBuilder{
+			GoPackagePath: reflect.TypeOf(x{}).PkgPath(),
+			RawDescriptor: file_envoy_type_hash_policy_proto_rawDesc,
+			NumEnums:      0,
+			NumMessages:   2,
+			NumExtensions: 0,
+			NumServices:   0,
+		},
+		GoTypes:           file_envoy_type_hash_policy_proto_goTypes,
+		DependencyIndexes: file_envoy_type_hash_policy_proto_depIdxs,
+		MessageInfos:      file_envoy_type_hash_policy_proto_msgTypes,
+	}.Build()
+	File_envoy_type_hash_policy_proto = out.File
+	file_envoy_type_hash_policy_proto_rawDesc = nil
+	file_envoy_type_hash_policy_proto_goTypes = nil
+	file_envoy_type_hash_policy_proto_depIdxs = nil
+}
diff --git a/vendor/github.com/envoyproxy/go-control-plane/envoy/type/hash_policy.pb.validate.go b/vendor/github.com/envoyproxy/go-control-plane/envoy/type/hash_policy.pb.validate.go
new file mode 100644
index 00000000000..fff9b904ca7
--- /dev/null
+++ b/vendor/github.com/envoyproxy/go-control-plane/envoy/type/hash_policy.pb.validate.go
@@ -0,0 +1,280 @@
+// Code generated by protoc-gen-validate. DO NOT EDIT.
+// source: envoy/type/hash_policy.proto
+
+package envoy_type
+
+import (
+	"bytes"
+	"errors"
+	"fmt"
+	"net"
+	"net/mail"
+	"net/url"
+	"regexp"
+	"sort"
+	"strings"
+	"time"
+	"unicode/utf8"
+
+	"google.golang.org/protobuf/types/known/anypb"
+)
+
+// ensure the imports are used
+var (
+	_ = bytes.MinRead
+	_ = errors.New("")
+	_ = fmt.Print
+	_ = utf8.UTFMax
+	_ = (*regexp.Regexp)(nil)
+	_ = (*strings.Reader)(nil)
+	_ = net.IPv4len
+	_ = time.Duration(0)
+	_ = (*url.URL)(nil)
+	_ = (*mail.Address)(nil)
+	_ = anypb.Any{}
+	_ = sort.Sort
+)
+
+// Validate checks the field values on HashPolicy with the rules defined in the
+// proto definition for this message. If any rules are violated, the first
+// error encountered is returned, or nil if there are no violations.
+func (m *HashPolicy) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on HashPolicy with the rules defined in
+// the proto definition for this message. If any rules are violated, the
+// result is a list of violation errors wrapped in HashPolicyMultiError, or
+// nil if none found.
+func (m *HashPolicy) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *HashPolicy) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	switch m.PolicySpecifier.(type) {
+
+	case *HashPolicy_SourceIp_:
+
+		if all {
+			switch v := interface{}(m.GetSourceIp()).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, HashPolicyValidationError{
+						field:  "SourceIp",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, HashPolicyValidationError{
+						field:  "SourceIp",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(m.GetSourceIp()).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return HashPolicyValidationError{
+					field:  "SourceIp",
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	default:
+		err := HashPolicyValidationError{
+			field:  "PolicySpecifier",
+			reason: "value is required",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+
+	}
+
+	if len(errors) > 0 {
+		return HashPolicyMultiError(errors)
+	}
+	return nil
+}
+
+// HashPolicyMultiError is an error wrapping multiple validation errors
+// returned by HashPolicy.ValidateAll() if the designated constraints aren't met.
+type HashPolicyMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m HashPolicyMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m HashPolicyMultiError) AllErrors() []error { return m }
+
+// HashPolicyValidationError is the validation error returned by
+// HashPolicy.Validate if the designated constraints aren't met.
+type HashPolicyValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e HashPolicyValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e HashPolicyValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e HashPolicyValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e HashPolicyValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e HashPolicyValidationError) ErrorName() string { return "HashPolicyValidationError" }
+
+// Error satisfies the builtin error interface
+func (e HashPolicyValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sHashPolicy.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = HashPolicyValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = HashPolicyValidationError{}
+
+// Validate checks the field values on HashPolicy_SourceIp with the rules
+// defined in the proto definition for this message. If any rules are
+// violated, the first error encountered is returned, or nil if there are no violations.
+func (m *HashPolicy_SourceIp) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on HashPolicy_SourceIp with the rules
+// defined in the proto definition for this message. If any rules are
+// violated, the result is a list of violation errors wrapped in
+// HashPolicy_SourceIpMultiError, or nil if none found.
+func (m *HashPolicy_SourceIp) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *HashPolicy_SourceIp) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	if len(errors) > 0 {
+		return HashPolicy_SourceIpMultiError(errors)
+	}
+	return nil
+}
+
+// HashPolicy_SourceIpMultiError is an error wrapping multiple validation
+// errors returned by HashPolicy_SourceIp.ValidateAll() if the designated
+// constraints aren't met.
+type HashPolicy_SourceIpMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m HashPolicy_SourceIpMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m HashPolicy_SourceIpMultiError) AllErrors() []error { return m }
+
+// HashPolicy_SourceIpValidationError is the validation error returned by
+// HashPolicy_SourceIp.Validate if the designated constraints aren't met.
+type HashPolicy_SourceIpValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e HashPolicy_SourceIpValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e HashPolicy_SourceIpValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e HashPolicy_SourceIpValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e HashPolicy_SourceIpValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e HashPolicy_SourceIpValidationError) ErrorName() string {
+	return "HashPolicy_SourceIpValidationError"
+}
+
+// Error satisfies the builtin error interface
+func (e HashPolicy_SourceIpValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sHashPolicy_SourceIp.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = HashPolicy_SourceIpValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = HashPolicy_SourceIpValidationError{}
diff --git a/vendor/github.com/envoyproxy/go-control-plane/envoy/type/http.pb.go b/vendor/github.com/envoyproxy/go-control-plane/envoy/type/http.pb.go
new file mode 100644
index 00000000000..875367ed833
--- /dev/null
+++ b/vendor/github.com/envoyproxy/go-control-plane/envoy/type/http.pb.go
@@ -0,0 +1,144 @@
+// Code generated by protoc-gen-go. DO NOT EDIT.
+// versions:
+// 	protoc-gen-go v1.25.0
+// 	protoc        v3.19.1
+// source: envoy/type/http.proto
+
+package envoy_type
+
+import (
+	_ "github.com/cncf/xds/go/udpa/annotations"
+	proto "github.com/golang/protobuf/proto"
+	protoreflect "google.golang.org/protobuf/reflect/protoreflect"
+	protoimpl "google.golang.org/protobuf/runtime/protoimpl"
+	reflect "reflect"
+	sync "sync"
+)
+
+const (
+	// Verify that this generated code is sufficiently up-to-date.
+	_ = protoimpl.EnforceVersion(20 - protoimpl.MinVersion)
+	// Verify that runtime/protoimpl is sufficiently up-to-date.
+	_ = protoimpl.EnforceVersion(protoimpl.MaxVersion - 20)
+)
+
+// This is a compile-time assertion that a sufficiently up-to-date version
+// of the legacy proto package is being used.
+const _ = proto.ProtoPackageIsVersion4
+
+type CodecClientType int32
+
+const (
+	CodecClientType_HTTP1 CodecClientType = 0
+	CodecClientType_HTTP2 CodecClientType = 1
+	// [#not-implemented-hide:] QUIC implementation is not production ready yet. Use this enum with
+	// caution to prevent accidental execution of QUIC code. I.e. `!= HTTP2` is no longer sufficient
+	// to distinguish HTTP1 and HTTP2 traffic.
+	CodecClientType_HTTP3 CodecClientType = 2
+)
+
+// Enum value maps for CodecClientType.
+var (
+	CodecClientType_name = map[int32]string{
+		0: "HTTP1",
+		1: "HTTP2",
+		2: "HTTP3",
+	}
+	CodecClientType_value = map[string]int32{
+		"HTTP1": 0,
+		"HTTP2": 1,
+		"HTTP3": 2,
+	}
+)
+
+func (x CodecClientType) Enum() *CodecClientType {
+	p := new(CodecClientType)
+	*p = x
+	return p
+}
+
+func (x CodecClientType) String() string {
+	return protoimpl.X.EnumStringOf(x.Descriptor(), protoreflect.EnumNumber(x))
+}
+
+func (CodecClientType) Descriptor() protoreflect.EnumDescriptor {
+	return file_envoy_type_http_proto_enumTypes[0].Descriptor()
+}
+
+func (CodecClientType) Type() protoreflect.EnumType {
+	return &file_envoy_type_http_proto_enumTypes[0]
+}
+
+func (x CodecClientType) Number() protoreflect.EnumNumber {
+	return protoreflect.EnumNumber(x)
+}
+
+// Deprecated: Use CodecClientType.Descriptor instead.
+func (CodecClientType) EnumDescriptor() ([]byte, []int) {
+	return file_envoy_type_http_proto_rawDescGZIP(), []int{0}
+}
+
+var File_envoy_type_http_proto protoreflect.FileDescriptor
+
+var file_envoy_type_http_proto_rawDesc = []byte{
+	0x0a, 0x15, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2f, 0x74, 0x79, 0x70, 0x65, 0x2f, 0x68, 0x74, 0x74,
+	0x70, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x12, 0x0a, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x74,
+	0x79, 0x70, 0x65, 0x1a, 0x1d, 0x75, 0x64, 0x70, 0x61, 0x2f, 0x61, 0x6e, 0x6e, 0x6f, 0x74, 0x61,
+	0x74, 0x69, 0x6f, 0x6e, 0x73, 0x2f, 0x73, 0x74, 0x61, 0x74, 0x75, 0x73, 0x2e, 0x70, 0x72, 0x6f,
+	0x74, 0x6f, 0x2a, 0x32, 0x0a, 0x0f, 0x43, 0x6f, 0x64, 0x65, 0x63, 0x43, 0x6c, 0x69, 0x65, 0x6e,
+	0x74, 0x54, 0x79, 0x70, 0x65, 0x12, 0x09, 0x0a, 0x05, 0x48, 0x54, 0x54, 0x50, 0x31, 0x10, 0x00,
+	0x12, 0x09, 0x0a, 0x05, 0x48, 0x54, 0x54, 0x50, 0x32, 0x10, 0x01, 0x12, 0x09, 0x0a, 0x05, 0x48,
+	0x54, 0x54, 0x50, 0x33, 0x10, 0x02, 0x42, 0x2f, 0x0a, 0x18, 0x69, 0x6f, 0x2e, 0x65, 0x6e, 0x76,
+	0x6f, 0x79, 0x70, 0x72, 0x6f, 0x78, 0x79, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x74, 0x79,
+	0x70, 0x65, 0x42, 0x09, 0x48, 0x74, 0x74, 0x70, 0x50, 0x72, 0x6f, 0x74, 0x6f, 0x50, 0x01, 0xba,
+	0x80, 0xc8, 0xd1, 0x06, 0x02, 0x10, 0x01, 0x62, 0x06, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x33,
+}
+
+var (
+	file_envoy_type_http_proto_rawDescOnce sync.Once
+	file_envoy_type_http_proto_rawDescData = file_envoy_type_http_proto_rawDesc
+)
+
+func file_envoy_type_http_proto_rawDescGZIP() []byte {
+	file_envoy_type_http_proto_rawDescOnce.Do(func() {
+		file_envoy_type_http_proto_rawDescData = protoimpl.X.CompressGZIP(file_envoy_type_http_proto_rawDescData)
+	})
+	return file_envoy_type_http_proto_rawDescData
+}
+
+var file_envoy_type_http_proto_enumTypes = make([]protoimpl.EnumInfo, 1)
+var file_envoy_type_http_proto_goTypes = []interface{}{
+	(CodecClientType)(0), // 0: envoy.type.CodecClientType
+}
+var file_envoy_type_http_proto_depIdxs = []int32{
+	0, // [0:0] is the sub-list for method output_type
+	0, // [0:0] is the sub-list for method input_type
+	0, // [0:0] is the sub-list for extension type_name
+	0, // [0:0] is the sub-list for extension extendee
+	0, // [0:0] is the sub-list for field type_name
+}
+
+func init() { file_envoy_type_http_proto_init() }
+func file_envoy_type_http_proto_init() {
+	if File_envoy_type_http_proto != nil {
+		return
+	}
+	type x struct{}
+	out := protoimpl.TypeBuilder{
+		File: protoimpl.DescBuilder{
+			GoPackagePath: reflect.TypeOf(x{}).PkgPath(),
+			RawDescriptor: file_envoy_type_http_proto_rawDesc,
+			NumEnums:      1,
+			NumMessages:   0,
+			NumExtensions: 0,
+			NumServices:   0,
+		},
+		GoTypes:           file_envoy_type_http_proto_goTypes,
+		DependencyIndexes: file_envoy_type_http_proto_depIdxs,
+		EnumInfos:         file_envoy_type_http_proto_enumTypes,
+	}.Build()
+	File_envoy_type_http_proto = out.File
+	file_envoy_type_http_proto_rawDesc = nil
+	file_envoy_type_http_proto_goTypes = nil
+	file_envoy_type_http_proto_depIdxs = nil
+}
diff --git a/vendor/github.com/envoyproxy/go-control-plane/envoy/type/http.pb.validate.go b/vendor/github.com/envoyproxy/go-control-plane/envoy/type/http.pb.validate.go
new file mode 100644
index 00000000000..701ae405f93
--- /dev/null
+++ b/vendor/github.com/envoyproxy/go-control-plane/envoy/type/http.pb.validate.go
@@ -0,0 +1,36 @@
+// Code generated by protoc-gen-validate. DO NOT EDIT.
+// source: envoy/type/http.proto
+
+package envoy_type
+
+import (
+	"bytes"
+	"errors"
+	"fmt"
+	"net"
+	"net/mail"
+	"net/url"
+	"regexp"
+	"sort"
+	"strings"
+	"time"
+	"unicode/utf8"
+
+	"google.golang.org/protobuf/types/known/anypb"
+)
+
+// ensure the imports are used
+var (
+	_ = bytes.MinRead
+	_ = errors.New("")
+	_ = fmt.Print
+	_ = utf8.UTFMax
+	_ = (*regexp.Regexp)(nil)
+	_ = (*strings.Reader)(nil)
+	_ = net.IPv4len
+	_ = time.Duration(0)
+	_ = (*url.URL)(nil)
+	_ = (*mail.Address)(nil)
+	_ = anypb.Any{}
+	_ = sort.Sort
+)
diff --git a/vendor/github.com/envoyproxy/go-control-plane/envoy/type/http/v3/path_transformation.pb.go b/vendor/github.com/envoyproxy/go-control-plane/envoy/type/http/v3/path_transformation.pb.go
new file mode 100644
index 00000000000..c000d333b7e
--- /dev/null
+++ b/vendor/github.com/envoyproxy/go-control-plane/envoy/type/http/v3/path_transformation.pb.go
@@ -0,0 +1,403 @@
+// Code generated by protoc-gen-go. DO NOT EDIT.
+// versions:
+// 	protoc-gen-go v1.25.0
+// 	protoc        v3.19.1
+// source: envoy/type/http/v3/path_transformation.proto
+
+package envoy_type_http_v3
+
+import (
+	_ "github.com/cncf/xds/go/udpa/annotations"
+	_ "github.com/envoyproxy/protoc-gen-validate/validate"
+	proto "github.com/golang/protobuf/proto"
+	protoreflect "google.golang.org/protobuf/reflect/protoreflect"
+	protoimpl "google.golang.org/protobuf/runtime/protoimpl"
+	reflect "reflect"
+	sync "sync"
+)
+
+const (
+	// Verify that this generated code is sufficiently up-to-date.
+	_ = protoimpl.EnforceVersion(20 - protoimpl.MinVersion)
+	// Verify that runtime/protoimpl is sufficiently up-to-date.
+	_ = protoimpl.EnforceVersion(protoimpl.MaxVersion - 20)
+)
+
+// This is a compile-time assertion that a sufficiently up-to-date version
+// of the legacy proto package is being used.
+const _ = proto.ProtoPackageIsVersion4
+
+type PathTransformation struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// A list of operations to apply. Transformations will be performed in the order that they appear.
+	Operations []*PathTransformation_Operation `protobuf:"bytes,1,rep,name=operations,proto3" json:"operations,omitempty"`
+}
+
+func (x *PathTransformation) Reset() {
+	*x = PathTransformation{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_type_http_v3_path_transformation_proto_msgTypes[0]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *PathTransformation) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*PathTransformation) ProtoMessage() {}
+
+func (x *PathTransformation) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_type_http_v3_path_transformation_proto_msgTypes[0]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use PathTransformation.ProtoReflect.Descriptor instead.
+func (*PathTransformation) Descriptor() ([]byte, []int) {
+	return file_envoy_type_http_v3_path_transformation_proto_rawDescGZIP(), []int{0}
+}
+
+func (x *PathTransformation) GetOperations() []*PathTransformation_Operation {
+	if x != nil {
+		return x.Operations
+	}
+	return nil
+}
+
+// A type of operation to alter text.
+type PathTransformation_Operation struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// Types that are assignable to OperationSpecifier:
+	//	*PathTransformation_Operation_NormalizePathRfc_3986
+	//	*PathTransformation_Operation_MergeSlashes_
+	OperationSpecifier isPathTransformation_Operation_OperationSpecifier `protobuf_oneof:"operation_specifier"`
+}
+
+func (x *PathTransformation_Operation) Reset() {
+	*x = PathTransformation_Operation{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_type_http_v3_path_transformation_proto_msgTypes[1]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *PathTransformation_Operation) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*PathTransformation_Operation) ProtoMessage() {}
+
+func (x *PathTransformation_Operation) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_type_http_v3_path_transformation_proto_msgTypes[1]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use PathTransformation_Operation.ProtoReflect.Descriptor instead.
+func (*PathTransformation_Operation) Descriptor() ([]byte, []int) {
+	return file_envoy_type_http_v3_path_transformation_proto_rawDescGZIP(), []int{0, 0}
+}
+
+func (m *PathTransformation_Operation) GetOperationSpecifier() isPathTransformation_Operation_OperationSpecifier {
+	if m != nil {
+		return m.OperationSpecifier
+	}
+	return nil
+}
+
+func (x *PathTransformation_Operation) GetNormalizePathRfc_3986() *PathTransformation_Operation_NormalizePathRFC3986 {
+	if x, ok := x.GetOperationSpecifier().(*PathTransformation_Operation_NormalizePathRfc_3986); ok {
+		return x.NormalizePathRfc_3986
+	}
+	return nil
+}
+
+func (x *PathTransformation_Operation) GetMergeSlashes() *PathTransformation_Operation_MergeSlashes {
+	if x, ok := x.GetOperationSpecifier().(*PathTransformation_Operation_MergeSlashes_); ok {
+		return x.MergeSlashes
+	}
+	return nil
+}
+
+type isPathTransformation_Operation_OperationSpecifier interface {
+	isPathTransformation_Operation_OperationSpecifier()
+}
+
+type PathTransformation_Operation_NormalizePathRfc_3986 struct {
+	// Enable path normalization per RFC 3986.
+	NormalizePathRfc_3986 *PathTransformation_Operation_NormalizePathRFC3986 `protobuf:"bytes,2,opt,name=normalize_path_rfc_3986,json=normalizePathRfc3986,proto3,oneof"`
+}
+
+type PathTransformation_Operation_MergeSlashes_ struct {
+	// Enable merging adjacent slashes.
+	MergeSlashes *PathTransformation_Operation_MergeSlashes `protobuf:"bytes,3,opt,name=merge_slashes,json=mergeSlashes,proto3,oneof"`
+}
+
+func (*PathTransformation_Operation_NormalizePathRfc_3986) isPathTransformation_Operation_OperationSpecifier() {
+}
+
+func (*PathTransformation_Operation_MergeSlashes_) isPathTransformation_Operation_OperationSpecifier() {
+}
+
+// Should text be normalized according to RFC 3986? This typically is used for path headers
+// before any processing of requests by HTTP filters or routing. This applies percent-encoded
+// normalization and path segment normalization. Fails on characters disallowed in URLs
+// (e.g. NULLs). See `Normalization and Comparison
+// <https://tools.ietf.org/html/rfc3986#section-6>`_ for details of normalization. Note that
+// this options does not perform `case normalization
+// <https://tools.ietf.org/html/rfc3986#section-6.2.2.1>`_
+type PathTransformation_Operation_NormalizePathRFC3986 struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+}
+
+func (x *PathTransformation_Operation_NormalizePathRFC3986) Reset() {
+	*x = PathTransformation_Operation_NormalizePathRFC3986{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_type_http_v3_path_transformation_proto_msgTypes[2]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *PathTransformation_Operation_NormalizePathRFC3986) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*PathTransformation_Operation_NormalizePathRFC3986) ProtoMessage() {}
+
+func (x *PathTransformation_Operation_NormalizePathRFC3986) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_type_http_v3_path_transformation_proto_msgTypes[2]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use PathTransformation_Operation_NormalizePathRFC3986.ProtoReflect.Descriptor instead.
+func (*PathTransformation_Operation_NormalizePathRFC3986) Descriptor() ([]byte, []int) {
+	return file_envoy_type_http_v3_path_transformation_proto_rawDescGZIP(), []int{0, 0, 0}
+}
+
+// Determines if adjacent slashes are merged into one. A common use case is for a request path
+// header. Using this option in `:ref: PathNormalizationOptions
+// <envoy_v3_api_msg_extensions.filters.network.http_connection_manager.v3.HttpConnectionManager.PathNormalizationOptions>`
+// will allow incoming requests with path `//dir///file` to match against route with `prefix`
+// match set to `/dir`. When using for header transformations, note that slash merging is not
+// part of `HTTP spec <https://tools.ietf.org/html/rfc3986>`_ and is provided for convenience.
+type PathTransformation_Operation_MergeSlashes struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+}
+
+func (x *PathTransformation_Operation_MergeSlashes) Reset() {
+	*x = PathTransformation_Operation_MergeSlashes{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_type_http_v3_path_transformation_proto_msgTypes[3]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *PathTransformation_Operation_MergeSlashes) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*PathTransformation_Operation_MergeSlashes) ProtoMessage() {}
+
+func (x *PathTransformation_Operation_MergeSlashes) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_type_http_v3_path_transformation_proto_msgTypes[3]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use PathTransformation_Operation_MergeSlashes.ProtoReflect.Descriptor instead.
+func (*PathTransformation_Operation_MergeSlashes) Descriptor() ([]byte, []int) {
+	return file_envoy_type_http_v3_path_transformation_proto_rawDescGZIP(), []int{0, 0, 1}
+}
+
+var File_envoy_type_http_v3_path_transformation_proto protoreflect.FileDescriptor
+
+var file_envoy_type_http_v3_path_transformation_proto_rawDesc = []byte{
+	0x0a, 0x2c, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2f, 0x74, 0x79, 0x70, 0x65, 0x2f, 0x68, 0x74, 0x74,
+	0x70, 0x2f, 0x76, 0x33, 0x2f, 0x70, 0x61, 0x74, 0x68, 0x5f, 0x74, 0x72, 0x61, 0x6e, 0x73, 0x66,
+	0x6f, 0x72, 0x6d, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x12, 0x12,
+	0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x74, 0x79, 0x70, 0x65, 0x2e, 0x68, 0x74, 0x74, 0x70, 0x2e,
+	0x76, 0x33, 0x1a, 0x1d, 0x75, 0x64, 0x70, 0x61, 0x2f, 0x61, 0x6e, 0x6e, 0x6f, 0x74, 0x61, 0x74,
+	0x69, 0x6f, 0x6e, 0x73, 0x2f, 0x73, 0x74, 0x61, 0x74, 0x75, 0x73, 0x2e, 0x70, 0x72, 0x6f, 0x74,
+	0x6f, 0x1a, 0x17, 0x76, 0x61, 0x6c, 0x69, 0x64, 0x61, 0x74, 0x65, 0x2f, 0x76, 0x61, 0x6c, 0x69,
+	0x64, 0x61, 0x74, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x22, 0x9e, 0x03, 0x0a, 0x12, 0x50,
+	0x61, 0x74, 0x68, 0x54, 0x72, 0x61, 0x6e, 0x73, 0x66, 0x6f, 0x72, 0x6d, 0x61, 0x74, 0x69, 0x6f,
+	0x6e, 0x12, 0x50, 0x0a, 0x0a, 0x6f, 0x70, 0x65, 0x72, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x18,
+	0x01, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x30, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x74, 0x79,
+	0x70, 0x65, 0x2e, 0x68, 0x74, 0x74, 0x70, 0x2e, 0x76, 0x33, 0x2e, 0x50, 0x61, 0x74, 0x68, 0x54,
+	0x72, 0x61, 0x6e, 0x73, 0x66, 0x6f, 0x72, 0x6d, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x2e, 0x4f, 0x70,
+	0x65, 0x72, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x52, 0x0a, 0x6f, 0x70, 0x65, 0x72, 0x61, 0x74, 0x69,
+	0x6f, 0x6e, 0x73, 0x1a, 0xb5, 0x02, 0x0a, 0x09, 0x4f, 0x70, 0x65, 0x72, 0x61, 0x74, 0x69, 0x6f,
+	0x6e, 0x12, 0x7e, 0x0a, 0x17, 0x6e, 0x6f, 0x72, 0x6d, 0x61, 0x6c, 0x69, 0x7a, 0x65, 0x5f, 0x70,
+	0x61, 0x74, 0x68, 0x5f, 0x72, 0x66, 0x63, 0x5f, 0x33, 0x39, 0x38, 0x36, 0x18, 0x02, 0x20, 0x01,
+	0x28, 0x0b, 0x32, 0x45, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x74, 0x79, 0x70, 0x65, 0x2e,
+	0x68, 0x74, 0x74, 0x70, 0x2e, 0x76, 0x33, 0x2e, 0x50, 0x61, 0x74, 0x68, 0x54, 0x72, 0x61, 0x6e,
+	0x73, 0x66, 0x6f, 0x72, 0x6d, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x2e, 0x4f, 0x70, 0x65, 0x72, 0x61,
+	0x74, 0x69, 0x6f, 0x6e, 0x2e, 0x4e, 0x6f, 0x72, 0x6d, 0x61, 0x6c, 0x69, 0x7a, 0x65, 0x50, 0x61,
+	0x74, 0x68, 0x52, 0x46, 0x43, 0x33, 0x39, 0x38, 0x36, 0x48, 0x00, 0x52, 0x14, 0x6e, 0x6f, 0x72,
+	0x6d, 0x61, 0x6c, 0x69, 0x7a, 0x65, 0x50, 0x61, 0x74, 0x68, 0x52, 0x66, 0x63, 0x33, 0x39, 0x38,
+	0x36, 0x12, 0x64, 0x0a, 0x0d, 0x6d, 0x65, 0x72, 0x67, 0x65, 0x5f, 0x73, 0x6c, 0x61, 0x73, 0x68,
+	0x65, 0x73, 0x18, 0x03, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x3d, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79,
+	0x2e, 0x74, 0x79, 0x70, 0x65, 0x2e, 0x68, 0x74, 0x74, 0x70, 0x2e, 0x76, 0x33, 0x2e, 0x50, 0x61,
+	0x74, 0x68, 0x54, 0x72, 0x61, 0x6e, 0x73, 0x66, 0x6f, 0x72, 0x6d, 0x61, 0x74, 0x69, 0x6f, 0x6e,
+	0x2e, 0x4f, 0x70, 0x65, 0x72, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x2e, 0x4d, 0x65, 0x72, 0x67, 0x65,
+	0x53, 0x6c, 0x61, 0x73, 0x68, 0x65, 0x73, 0x48, 0x00, 0x52, 0x0c, 0x6d, 0x65, 0x72, 0x67, 0x65,
+	0x53, 0x6c, 0x61, 0x73, 0x68, 0x65, 0x73, 0x1a, 0x16, 0x0a, 0x14, 0x4e, 0x6f, 0x72, 0x6d, 0x61,
+	0x6c, 0x69, 0x7a, 0x65, 0x50, 0x61, 0x74, 0x68, 0x52, 0x46, 0x43, 0x33, 0x39, 0x38, 0x36, 0x1a,
+	0x0e, 0x0a, 0x0c, 0x4d, 0x65, 0x72, 0x67, 0x65, 0x53, 0x6c, 0x61, 0x73, 0x68, 0x65, 0x73, 0x42,
+	0x1a, 0x0a, 0x13, 0x6f, 0x70, 0x65, 0x72, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x5f, 0x73, 0x70, 0x65,
+	0x63, 0x69, 0x66, 0x69, 0x65, 0x72, 0x12, 0x03, 0xf8, 0x42, 0x01, 0x42, 0x45, 0x0a, 0x20, 0x69,
+	0x6f, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x70, 0x72, 0x6f, 0x78, 0x79, 0x2e, 0x65, 0x6e, 0x76,
+	0x6f, 0x79, 0x2e, 0x74, 0x79, 0x70, 0x65, 0x2e, 0x68, 0x74, 0x74, 0x70, 0x2e, 0x76, 0x33, 0x42,
+	0x17, 0x50, 0x61, 0x74, 0x68, 0x54, 0x72, 0x61, 0x6e, 0x73, 0x66, 0x6f, 0x72, 0x6d, 0x61, 0x74,
+	0x69, 0x6f, 0x6e, 0x50, 0x72, 0x6f, 0x74, 0x6f, 0x50, 0x01, 0xba, 0x80, 0xc8, 0xd1, 0x06, 0x02,
+	0x10, 0x02, 0x62, 0x06, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x33,
+}
+
+var (
+	file_envoy_type_http_v3_path_transformation_proto_rawDescOnce sync.Once
+	file_envoy_type_http_v3_path_transformation_proto_rawDescData = file_envoy_type_http_v3_path_transformation_proto_rawDesc
+)
+
+func file_envoy_type_http_v3_path_transformation_proto_rawDescGZIP() []byte {
+	file_envoy_type_http_v3_path_transformation_proto_rawDescOnce.Do(func() {
+		file_envoy_type_http_v3_path_transformation_proto_rawDescData = protoimpl.X.CompressGZIP(file_envoy_type_http_v3_path_transformation_proto_rawDescData)
+	})
+	return file_envoy_type_http_v3_path_transformation_proto_rawDescData
+}
+
+var file_envoy_type_http_v3_path_transformation_proto_msgTypes = make([]protoimpl.MessageInfo, 4)
+var file_envoy_type_http_v3_path_transformation_proto_goTypes = []interface{}{
+	(*PathTransformation)(nil),                                // 0: envoy.type.http.v3.PathTransformation
+	(*PathTransformation_Operation)(nil),                      // 1: envoy.type.http.v3.PathTransformation.Operation
+	(*PathTransformation_Operation_NormalizePathRFC3986)(nil), // 2: envoy.type.http.v3.PathTransformation.Operation.NormalizePathRFC3986
+	(*PathTransformation_Operation_MergeSlashes)(nil),         // 3: envoy.type.http.v3.PathTransformation.Operation.MergeSlashes
+}
+var file_envoy_type_http_v3_path_transformation_proto_depIdxs = []int32{
+	1, // 0: envoy.type.http.v3.PathTransformation.operations:type_name -> envoy.type.http.v3.PathTransformation.Operation
+	2, // 1: envoy.type.http.v3.PathTransformation.Operation.normalize_path_rfc_3986:type_name -> envoy.type.http.v3.PathTransformation.Operation.NormalizePathRFC3986
+	3, // 2: envoy.type.http.v3.PathTransformation.Operation.merge_slashes:type_name -> envoy.type.http.v3.PathTransformation.Operation.MergeSlashes
+	3, // [3:3] is the sub-list for method output_type
+	3, // [3:3] is the sub-list for method input_type
+	3, // [3:3] is the sub-list for extension type_name
+	3, // [3:3] is the sub-list for extension extendee
+	0, // [0:3] is the sub-list for field type_name
+}
+
+func init() { file_envoy_type_http_v3_path_transformation_proto_init() }
+func file_envoy_type_http_v3_path_transformation_proto_init() {
+	if File_envoy_type_http_v3_path_transformation_proto != nil {
+		return
+	}
+	if !protoimpl.UnsafeEnabled {
+		file_envoy_type_http_v3_path_transformation_proto_msgTypes[0].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*PathTransformation); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_type_http_v3_path_transformation_proto_msgTypes[1].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*PathTransformation_Operation); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_type_http_v3_path_transformation_proto_msgTypes[2].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*PathTransformation_Operation_NormalizePathRFC3986); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_type_http_v3_path_transformation_proto_msgTypes[3].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*PathTransformation_Operation_MergeSlashes); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+	}
+	file_envoy_type_http_v3_path_transformation_proto_msgTypes[1].OneofWrappers = []interface{}{
+		(*PathTransformation_Operation_NormalizePathRfc_3986)(nil),
+		(*PathTransformation_Operation_MergeSlashes_)(nil),
+	}
+	type x struct{}
+	out := protoimpl.TypeBuilder{
+		File: protoimpl.DescBuilder{
+			GoPackagePath: reflect.TypeOf(x{}).PkgPath(),
+			RawDescriptor: file_envoy_type_http_v3_path_transformation_proto_rawDesc,
+			NumEnums:      0,
+			NumMessages:   4,
+			NumExtensions: 0,
+			NumServices:   0,
+		},
+		GoTypes:           file_envoy_type_http_v3_path_transformation_proto_goTypes,
+		DependencyIndexes: file_envoy_type_http_v3_path_transformation_proto_depIdxs,
+		MessageInfos:      file_envoy_type_http_v3_path_transformation_proto_msgTypes,
+	}.Build()
+	File_envoy_type_http_v3_path_transformation_proto = out.File
+	file_envoy_type_http_v3_path_transformation_proto_rawDesc = nil
+	file_envoy_type_http_v3_path_transformation_proto_goTypes = nil
+	file_envoy_type_http_v3_path_transformation_proto_depIdxs = nil
+}
diff --git a/vendor/github.com/envoyproxy/go-control-plane/envoy/type/http/v3/path_transformation.pb.validate.go b/vendor/github.com/envoyproxy/go-control-plane/envoy/type/http/v3/path_transformation.pb.validate.go
new file mode 100644
index 00000000000..78ec27bf92d
--- /dev/null
+++ b/vendor/github.com/envoyproxy/go-control-plane/envoy/type/http/v3/path_transformation.pb.validate.go
@@ -0,0 +1,566 @@
+// Code generated by protoc-gen-validate. DO NOT EDIT.
+// source: envoy/type/http/v3/path_transformation.proto
+
+package envoy_type_http_v3
+
+import (
+	"bytes"
+	"errors"
+	"fmt"
+	"net"
+	"net/mail"
+	"net/url"
+	"regexp"
+	"sort"
+	"strings"
+	"time"
+	"unicode/utf8"
+
+	"google.golang.org/protobuf/types/known/anypb"
+)
+
+// ensure the imports are used
+var (
+	_ = bytes.MinRead
+	_ = errors.New("")
+	_ = fmt.Print
+	_ = utf8.UTFMax
+	_ = (*regexp.Regexp)(nil)
+	_ = (*strings.Reader)(nil)
+	_ = net.IPv4len
+	_ = time.Duration(0)
+	_ = (*url.URL)(nil)
+	_ = (*mail.Address)(nil)
+	_ = anypb.Any{}
+	_ = sort.Sort
+)
+
+// Validate checks the field values on PathTransformation with the rules
+// defined in the proto definition for this message. If any rules are
+// violated, the first error encountered is returned, or nil if there are no violations.
+func (m *PathTransformation) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on PathTransformation with the rules
+// defined in the proto definition for this message. If any rules are
+// violated, the result is a list of violation errors wrapped in
+// PathTransformationMultiError, or nil if none found.
+func (m *PathTransformation) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *PathTransformation) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	for idx, item := range m.GetOperations() {
+		_, _ = idx, item
+
+		if all {
+			switch v := interface{}(item).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, PathTransformationValidationError{
+						field:  fmt.Sprintf("Operations[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, PathTransformationValidationError{
+						field:  fmt.Sprintf("Operations[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(item).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return PathTransformationValidationError{
+					field:  fmt.Sprintf("Operations[%v]", idx),
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	}
+
+	if len(errors) > 0 {
+		return PathTransformationMultiError(errors)
+	}
+	return nil
+}
+
+// PathTransformationMultiError is an error wrapping multiple validation errors
+// returned by PathTransformation.ValidateAll() if the designated constraints
+// aren't met.
+type PathTransformationMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m PathTransformationMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m PathTransformationMultiError) AllErrors() []error { return m }
+
+// PathTransformationValidationError is the validation error returned by
+// PathTransformation.Validate if the designated constraints aren't met.
+type PathTransformationValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e PathTransformationValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e PathTransformationValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e PathTransformationValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e PathTransformationValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e PathTransformationValidationError) ErrorName() string {
+	return "PathTransformationValidationError"
+}
+
+// Error satisfies the builtin error interface
+func (e PathTransformationValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sPathTransformation.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = PathTransformationValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = PathTransformationValidationError{}
+
+// Validate checks the field values on PathTransformation_Operation with the
+// rules defined in the proto definition for this message. If any rules are
+// violated, the first error encountered is returned, or nil if there are no violations.
+func (m *PathTransformation_Operation) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on PathTransformation_Operation with the
+// rules defined in the proto definition for this message. If any rules are
+// violated, the result is a list of violation errors wrapped in
+// PathTransformation_OperationMultiError, or nil if none found.
+func (m *PathTransformation_Operation) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *PathTransformation_Operation) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	switch m.OperationSpecifier.(type) {
+
+	case *PathTransformation_Operation_NormalizePathRfc_3986:
+
+		if all {
+			switch v := interface{}(m.GetNormalizePathRfc_3986()).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, PathTransformation_OperationValidationError{
+						field:  "NormalizePathRfc_3986",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, PathTransformation_OperationValidationError{
+						field:  "NormalizePathRfc_3986",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(m.GetNormalizePathRfc_3986()).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return PathTransformation_OperationValidationError{
+					field:  "NormalizePathRfc_3986",
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	case *PathTransformation_Operation_MergeSlashes_:
+
+		if all {
+			switch v := interface{}(m.GetMergeSlashes()).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, PathTransformation_OperationValidationError{
+						field:  "MergeSlashes",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, PathTransformation_OperationValidationError{
+						field:  "MergeSlashes",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(m.GetMergeSlashes()).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return PathTransformation_OperationValidationError{
+					field:  "MergeSlashes",
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	default:
+		err := PathTransformation_OperationValidationError{
+			field:  "OperationSpecifier",
+			reason: "value is required",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+
+	}
+
+	if len(errors) > 0 {
+		return PathTransformation_OperationMultiError(errors)
+	}
+	return nil
+}
+
+// PathTransformation_OperationMultiError is an error wrapping multiple
+// validation errors returned by PathTransformation_Operation.ValidateAll() if
+// the designated constraints aren't met.
+type PathTransformation_OperationMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m PathTransformation_OperationMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m PathTransformation_OperationMultiError) AllErrors() []error { return m }
+
+// PathTransformation_OperationValidationError is the validation error returned
+// by PathTransformation_Operation.Validate if the designated constraints
+// aren't met.
+type PathTransformation_OperationValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e PathTransformation_OperationValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e PathTransformation_OperationValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e PathTransformation_OperationValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e PathTransformation_OperationValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e PathTransformation_OperationValidationError) ErrorName() string {
+	return "PathTransformation_OperationValidationError"
+}
+
+// Error satisfies the builtin error interface
+func (e PathTransformation_OperationValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sPathTransformation_Operation.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = PathTransformation_OperationValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = PathTransformation_OperationValidationError{}
+
+// Validate checks the field values on
+// PathTransformation_Operation_NormalizePathRFC3986 with the rules defined in
+// the proto definition for this message. If any rules are violated, the first
+// error encountered is returned, or nil if there are no violations.
+func (m *PathTransformation_Operation_NormalizePathRFC3986) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on
+// PathTransformation_Operation_NormalizePathRFC3986 with the rules defined in
+// the proto definition for this message. If any rules are violated, the
+// result is a list of violation errors wrapped in
+// PathTransformation_Operation_NormalizePathRFC3986MultiError, or nil if none found.
+func (m *PathTransformation_Operation_NormalizePathRFC3986) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *PathTransformation_Operation_NormalizePathRFC3986) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	if len(errors) > 0 {
+		return PathTransformation_Operation_NormalizePathRFC3986MultiError(errors)
+	}
+	return nil
+}
+
+// PathTransformation_Operation_NormalizePathRFC3986MultiError is an error
+// wrapping multiple validation errors returned by
+// PathTransformation_Operation_NormalizePathRFC3986.ValidateAll() if the
+// designated constraints aren't met.
+type PathTransformation_Operation_NormalizePathRFC3986MultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m PathTransformation_Operation_NormalizePathRFC3986MultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m PathTransformation_Operation_NormalizePathRFC3986MultiError) AllErrors() []error { return m }
+
+// PathTransformation_Operation_NormalizePathRFC3986ValidationError is the
+// validation error returned by
+// PathTransformation_Operation_NormalizePathRFC3986.Validate if the
+// designated constraints aren't met.
+type PathTransformation_Operation_NormalizePathRFC3986ValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e PathTransformation_Operation_NormalizePathRFC3986ValidationError) Field() string {
+	return e.field
+}
+
+// Reason function returns reason value.
+func (e PathTransformation_Operation_NormalizePathRFC3986ValidationError) Reason() string {
+	return e.reason
+}
+
+// Cause function returns cause value.
+func (e PathTransformation_Operation_NormalizePathRFC3986ValidationError) Cause() error {
+	return e.cause
+}
+
+// Key function returns key value.
+func (e PathTransformation_Operation_NormalizePathRFC3986ValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e PathTransformation_Operation_NormalizePathRFC3986ValidationError) ErrorName() string {
+	return "PathTransformation_Operation_NormalizePathRFC3986ValidationError"
+}
+
+// Error satisfies the builtin error interface
+func (e PathTransformation_Operation_NormalizePathRFC3986ValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sPathTransformation_Operation_NormalizePathRFC3986.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = PathTransformation_Operation_NormalizePathRFC3986ValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = PathTransformation_Operation_NormalizePathRFC3986ValidationError{}
+
+// Validate checks the field values on
+// PathTransformation_Operation_MergeSlashes with the rules defined in the
+// proto definition for this message. If any rules are violated, the first
+// error encountered is returned, or nil if there are no violations.
+func (m *PathTransformation_Operation_MergeSlashes) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on
+// PathTransformation_Operation_MergeSlashes with the rules defined in the
+// proto definition for this message. If any rules are violated, the result is
+// a list of violation errors wrapped in
+// PathTransformation_Operation_MergeSlashesMultiError, or nil if none found.
+func (m *PathTransformation_Operation_MergeSlashes) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *PathTransformation_Operation_MergeSlashes) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	if len(errors) > 0 {
+		return PathTransformation_Operation_MergeSlashesMultiError(errors)
+	}
+	return nil
+}
+
+// PathTransformation_Operation_MergeSlashesMultiError is an error wrapping
+// multiple validation errors returned by
+// PathTransformation_Operation_MergeSlashes.ValidateAll() if the designated
+// constraints aren't met.
+type PathTransformation_Operation_MergeSlashesMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m PathTransformation_Operation_MergeSlashesMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m PathTransformation_Operation_MergeSlashesMultiError) AllErrors() []error { return m }
+
+// PathTransformation_Operation_MergeSlashesValidationError is the validation
+// error returned by PathTransformation_Operation_MergeSlashes.Validate if the
+// designated constraints aren't met.
+type PathTransformation_Operation_MergeSlashesValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e PathTransformation_Operation_MergeSlashesValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e PathTransformation_Operation_MergeSlashesValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e PathTransformation_Operation_MergeSlashesValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e PathTransformation_Operation_MergeSlashesValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e PathTransformation_Operation_MergeSlashesValidationError) ErrorName() string {
+	return "PathTransformation_Operation_MergeSlashesValidationError"
+}
+
+// Error satisfies the builtin error interface
+func (e PathTransformation_Operation_MergeSlashesValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sPathTransformation_Operation_MergeSlashes.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = PathTransformation_Operation_MergeSlashesValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = PathTransformation_Operation_MergeSlashesValidationError{}
diff --git a/vendor/github.com/envoyproxy/go-control-plane/envoy/type/http_status.pb.go b/vendor/github.com/envoyproxy/go-control-plane/envoy/type/http_status.pb.go
new file mode 100644
index 00000000000..41af08ed3da
--- /dev/null
+++ b/vendor/github.com/envoyproxy/go-control-plane/envoy/type/http_status.pb.go
@@ -0,0 +1,454 @@
+// Code generated by protoc-gen-go. DO NOT EDIT.
+// versions:
+// 	protoc-gen-go v1.25.0
+// 	protoc        v3.19.1
+// source: envoy/type/http_status.proto
+
+package envoy_type
+
+import (
+	_ "github.com/cncf/xds/go/udpa/annotations"
+	_ "github.com/envoyproxy/protoc-gen-validate/validate"
+	proto "github.com/golang/protobuf/proto"
+	protoreflect "google.golang.org/protobuf/reflect/protoreflect"
+	protoimpl "google.golang.org/protobuf/runtime/protoimpl"
+	reflect "reflect"
+	sync "sync"
+)
+
+const (
+	// Verify that this generated code is sufficiently up-to-date.
+	_ = protoimpl.EnforceVersion(20 - protoimpl.MinVersion)
+	// Verify that runtime/protoimpl is sufficiently up-to-date.
+	_ = protoimpl.EnforceVersion(protoimpl.MaxVersion - 20)
+)
+
+// This is a compile-time assertion that a sufficiently up-to-date version
+// of the legacy proto package is being used.
+const _ = proto.ProtoPackageIsVersion4
+
+// HTTP response codes supported in Envoy.
+// For more details: https://www.iana.org/assignments/http-status-codes/http-status-codes.xhtml
+type StatusCode int32
+
+const (
+	// Empty - This code not part of the HTTP status code specification, but it is needed for proto
+	// `enum` type.
+	StatusCode_Empty                         StatusCode = 0
+	StatusCode_Continue                      StatusCode = 100
+	StatusCode_OK                            StatusCode = 200
+	StatusCode_Created                       StatusCode = 201
+	StatusCode_Accepted                      StatusCode = 202
+	StatusCode_NonAuthoritativeInformation   StatusCode = 203
+	StatusCode_NoContent                     StatusCode = 204
+	StatusCode_ResetContent                  StatusCode = 205
+	StatusCode_PartialContent                StatusCode = 206
+	StatusCode_MultiStatus                   StatusCode = 207
+	StatusCode_AlreadyReported               StatusCode = 208
+	StatusCode_IMUsed                        StatusCode = 226
+	StatusCode_MultipleChoices               StatusCode = 300
+	StatusCode_MovedPermanently              StatusCode = 301
+	StatusCode_Found                         StatusCode = 302
+	StatusCode_SeeOther                      StatusCode = 303
+	StatusCode_NotModified                   StatusCode = 304
+	StatusCode_UseProxy                      StatusCode = 305
+	StatusCode_TemporaryRedirect             StatusCode = 307
+	StatusCode_PermanentRedirect             StatusCode = 308
+	StatusCode_BadRequest                    StatusCode = 400
+	StatusCode_Unauthorized                  StatusCode = 401
+	StatusCode_PaymentRequired               StatusCode = 402
+	StatusCode_Forbidden                     StatusCode = 403
+	StatusCode_NotFound                      StatusCode = 404
+	StatusCode_MethodNotAllowed              StatusCode = 405
+	StatusCode_NotAcceptable                 StatusCode = 406
+	StatusCode_ProxyAuthenticationRequired   StatusCode = 407
+	StatusCode_RequestTimeout                StatusCode = 408
+	StatusCode_Conflict                      StatusCode = 409
+	StatusCode_Gone                          StatusCode = 410
+	StatusCode_LengthRequired                StatusCode = 411
+	StatusCode_PreconditionFailed            StatusCode = 412
+	StatusCode_PayloadTooLarge               StatusCode = 413
+	StatusCode_URITooLong                    StatusCode = 414
+	StatusCode_UnsupportedMediaType          StatusCode = 415
+	StatusCode_RangeNotSatisfiable           StatusCode = 416
+	StatusCode_ExpectationFailed             StatusCode = 417
+	StatusCode_MisdirectedRequest            StatusCode = 421
+	StatusCode_UnprocessableEntity           StatusCode = 422
+	StatusCode_Locked                        StatusCode = 423
+	StatusCode_FailedDependency              StatusCode = 424
+	StatusCode_UpgradeRequired               StatusCode = 426
+	StatusCode_PreconditionRequired          StatusCode = 428
+	StatusCode_TooManyRequests               StatusCode = 429
+	StatusCode_RequestHeaderFieldsTooLarge   StatusCode = 431
+	StatusCode_InternalServerError           StatusCode = 500
+	StatusCode_NotImplemented                StatusCode = 501
+	StatusCode_BadGateway                    StatusCode = 502
+	StatusCode_ServiceUnavailable            StatusCode = 503
+	StatusCode_GatewayTimeout                StatusCode = 504
+	StatusCode_HTTPVersionNotSupported       StatusCode = 505
+	StatusCode_VariantAlsoNegotiates         StatusCode = 506
+	StatusCode_InsufficientStorage           StatusCode = 507
+	StatusCode_LoopDetected                  StatusCode = 508
+	StatusCode_NotExtended                   StatusCode = 510
+	StatusCode_NetworkAuthenticationRequired StatusCode = 511
+)
+
+// Enum value maps for StatusCode.
+var (
+	StatusCode_name = map[int32]string{
+		0:   "Empty",
+		100: "Continue",
+		200: "OK",
+		201: "Created",
+		202: "Accepted",
+		203: "NonAuthoritativeInformation",
+		204: "NoContent",
+		205: "ResetContent",
+		206: "PartialContent",
+		207: "MultiStatus",
+		208: "AlreadyReported",
+		226: "IMUsed",
+		300: "MultipleChoices",
+		301: "MovedPermanently",
+		302: "Found",
+		303: "SeeOther",
+		304: "NotModified",
+		305: "UseProxy",
+		307: "TemporaryRedirect",
+		308: "PermanentRedirect",
+		400: "BadRequest",
+		401: "Unauthorized",
+		402: "PaymentRequired",
+		403: "Forbidden",
+		404: "NotFound",
+		405: "MethodNotAllowed",
+		406: "NotAcceptable",
+		407: "ProxyAuthenticationRequired",
+		408: "RequestTimeout",
+		409: "Conflict",
+		410: "Gone",
+		411: "LengthRequired",
+		412: "PreconditionFailed",
+		413: "PayloadTooLarge",
+		414: "URITooLong",
+		415: "UnsupportedMediaType",
+		416: "RangeNotSatisfiable",
+		417: "ExpectationFailed",
+		421: "MisdirectedRequest",
+		422: "UnprocessableEntity",
+		423: "Locked",
+		424: "FailedDependency",
+		426: "UpgradeRequired",
+		428: "PreconditionRequired",
+		429: "TooManyRequests",
+		431: "RequestHeaderFieldsTooLarge",
+		500: "InternalServerError",
+		501: "NotImplemented",
+		502: "BadGateway",
+		503: "ServiceUnavailable",
+		504: "GatewayTimeout",
+		505: "HTTPVersionNotSupported",
+		506: "VariantAlsoNegotiates",
+		507: "InsufficientStorage",
+		508: "LoopDetected",
+		510: "NotExtended",
+		511: "NetworkAuthenticationRequired",
+	}
+	StatusCode_value = map[string]int32{
+		"Empty":                         0,
+		"Continue":                      100,
+		"OK":                            200,
+		"Created":                       201,
+		"Accepted":                      202,
+		"NonAuthoritativeInformation":   203,
+		"NoContent":                     204,
+		"ResetContent":                  205,
+		"PartialContent":                206,
+		"MultiStatus":                   207,
+		"AlreadyReported":               208,
+		"IMUsed":                        226,
+		"MultipleChoices":               300,
+		"MovedPermanently":              301,
+		"Found":                         302,
+		"SeeOther":                      303,
+		"NotModified":                   304,
+		"UseProxy":                      305,
+		"TemporaryRedirect":             307,
+		"PermanentRedirect":             308,
+		"BadRequest":                    400,
+		"Unauthorized":                  401,
+		"PaymentRequired":               402,
+		"Forbidden":                     403,
+		"NotFound":                      404,
+		"MethodNotAllowed":              405,
+		"NotAcceptable":                 406,
+		"ProxyAuthenticationRequired":   407,
+		"RequestTimeout":                408,
+		"Conflict":                      409,
+		"Gone":                          410,
+		"LengthRequired":                411,
+		"PreconditionFailed":            412,
+		"PayloadTooLarge":               413,
+		"URITooLong":                    414,
+		"UnsupportedMediaType":          415,
+		"RangeNotSatisfiable":           416,
+		"ExpectationFailed":             417,
+		"MisdirectedRequest":            421,
+		"UnprocessableEntity":           422,
+		"Locked":                        423,
+		"FailedDependency":              424,
+		"UpgradeRequired":               426,
+		"PreconditionRequired":          428,
+		"TooManyRequests":               429,
+		"RequestHeaderFieldsTooLarge":   431,
+		"InternalServerError":           500,
+		"NotImplemented":                501,
+		"BadGateway":                    502,
+		"ServiceUnavailable":            503,
+		"GatewayTimeout":                504,
+		"HTTPVersionNotSupported":       505,
+		"VariantAlsoNegotiates":         506,
+		"InsufficientStorage":           507,
+		"LoopDetected":                  508,
+		"NotExtended":                   510,
+		"NetworkAuthenticationRequired": 511,
+	}
+)
+
+func (x StatusCode) Enum() *StatusCode {
+	p := new(StatusCode)
+	*p = x
+	return p
+}
+
+func (x StatusCode) String() string {
+	return protoimpl.X.EnumStringOf(x.Descriptor(), protoreflect.EnumNumber(x))
+}
+
+func (StatusCode) Descriptor() protoreflect.EnumDescriptor {
+	return file_envoy_type_http_status_proto_enumTypes[0].Descriptor()
+}
+
+func (StatusCode) Type() protoreflect.EnumType {
+	return &file_envoy_type_http_status_proto_enumTypes[0]
+}
+
+func (x StatusCode) Number() protoreflect.EnumNumber {
+	return protoreflect.EnumNumber(x)
+}
+
+// Deprecated: Use StatusCode.Descriptor instead.
+func (StatusCode) EnumDescriptor() ([]byte, []int) {
+	return file_envoy_type_http_status_proto_rawDescGZIP(), []int{0}
+}
+
+// HTTP status.
+type HttpStatus struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// Supplies HTTP response code.
+	Code StatusCode `protobuf:"varint,1,opt,name=code,proto3,enum=envoy.type.StatusCode" json:"code,omitempty"`
+}
+
+func (x *HttpStatus) Reset() {
+	*x = HttpStatus{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_type_http_status_proto_msgTypes[0]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *HttpStatus) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*HttpStatus) ProtoMessage() {}
+
+func (x *HttpStatus) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_type_http_status_proto_msgTypes[0]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use HttpStatus.ProtoReflect.Descriptor instead.
+func (*HttpStatus) Descriptor() ([]byte, []int) {
+	return file_envoy_type_http_status_proto_rawDescGZIP(), []int{0}
+}
+
+func (x *HttpStatus) GetCode() StatusCode {
+	if x != nil {
+		return x.Code
+	}
+	return StatusCode_Empty
+}
+
+var File_envoy_type_http_status_proto protoreflect.FileDescriptor
+
+var file_envoy_type_http_status_proto_rawDesc = []byte{
+	0x0a, 0x1c, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2f, 0x74, 0x79, 0x70, 0x65, 0x2f, 0x68, 0x74, 0x74,
+	0x70, 0x5f, 0x73, 0x74, 0x61, 0x74, 0x75, 0x73, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x12, 0x0a,
+	0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x74, 0x79, 0x70, 0x65, 0x1a, 0x1d, 0x75, 0x64, 0x70, 0x61,
+	0x2f, 0x61, 0x6e, 0x6e, 0x6f, 0x74, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x2f, 0x73, 0x74, 0x61,
+	0x74, 0x75, 0x73, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x17, 0x76, 0x61, 0x6c, 0x69, 0x64,
+	0x61, 0x74, 0x65, 0x2f, 0x76, 0x61, 0x6c, 0x69, 0x64, 0x61, 0x74, 0x65, 0x2e, 0x70, 0x72, 0x6f,
+	0x74, 0x6f, 0x22, 0x44, 0x0a, 0x0a, 0x48, 0x74, 0x74, 0x70, 0x53, 0x74, 0x61, 0x74, 0x75, 0x73,
+	0x12, 0x36, 0x0a, 0x04, 0x63, 0x6f, 0x64, 0x65, 0x18, 0x01, 0x20, 0x01, 0x28, 0x0e, 0x32, 0x16,
+	0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x74, 0x79, 0x70, 0x65, 0x2e, 0x53, 0x74, 0x61, 0x74,
+	0x75, 0x73, 0x43, 0x6f, 0x64, 0x65, 0x42, 0x0a, 0xfa, 0x42, 0x07, 0x82, 0x01, 0x04, 0x10, 0x01,
+	0x20, 0x00, 0x52, 0x04, 0x63, 0x6f, 0x64, 0x65, 0x2a, 0xb5, 0x09, 0x0a, 0x0a, 0x53, 0x74, 0x61,
+	0x74, 0x75, 0x73, 0x43, 0x6f, 0x64, 0x65, 0x12, 0x09, 0x0a, 0x05, 0x45, 0x6d, 0x70, 0x74, 0x79,
+	0x10, 0x00, 0x12, 0x0c, 0x0a, 0x08, 0x43, 0x6f, 0x6e, 0x74, 0x69, 0x6e, 0x75, 0x65, 0x10, 0x64,
+	0x12, 0x07, 0x0a, 0x02, 0x4f, 0x4b, 0x10, 0xc8, 0x01, 0x12, 0x0c, 0x0a, 0x07, 0x43, 0x72, 0x65,
+	0x61, 0x74, 0x65, 0x64, 0x10, 0xc9, 0x01, 0x12, 0x0d, 0x0a, 0x08, 0x41, 0x63, 0x63, 0x65, 0x70,
+	0x74, 0x65, 0x64, 0x10, 0xca, 0x01, 0x12, 0x20, 0x0a, 0x1b, 0x4e, 0x6f, 0x6e, 0x41, 0x75, 0x74,
+	0x68, 0x6f, 0x72, 0x69, 0x74, 0x61, 0x74, 0x69, 0x76, 0x65, 0x49, 0x6e, 0x66, 0x6f, 0x72, 0x6d,
+	0x61, 0x74, 0x69, 0x6f, 0x6e, 0x10, 0xcb, 0x01, 0x12, 0x0e, 0x0a, 0x09, 0x4e, 0x6f, 0x43, 0x6f,
+	0x6e, 0x74, 0x65, 0x6e, 0x74, 0x10, 0xcc, 0x01, 0x12, 0x11, 0x0a, 0x0c, 0x52, 0x65, 0x73, 0x65,
+	0x74, 0x43, 0x6f, 0x6e, 0x74, 0x65, 0x6e, 0x74, 0x10, 0xcd, 0x01, 0x12, 0x13, 0x0a, 0x0e, 0x50,
+	0x61, 0x72, 0x74, 0x69, 0x61, 0x6c, 0x43, 0x6f, 0x6e, 0x74, 0x65, 0x6e, 0x74, 0x10, 0xce, 0x01,
+	0x12, 0x10, 0x0a, 0x0b, 0x4d, 0x75, 0x6c, 0x74, 0x69, 0x53, 0x74, 0x61, 0x74, 0x75, 0x73, 0x10,
+	0xcf, 0x01, 0x12, 0x14, 0x0a, 0x0f, 0x41, 0x6c, 0x72, 0x65, 0x61, 0x64, 0x79, 0x52, 0x65, 0x70,
+	0x6f, 0x72, 0x74, 0x65, 0x64, 0x10, 0xd0, 0x01, 0x12, 0x0b, 0x0a, 0x06, 0x49, 0x4d, 0x55, 0x73,
+	0x65, 0x64, 0x10, 0xe2, 0x01, 0x12, 0x14, 0x0a, 0x0f, 0x4d, 0x75, 0x6c, 0x74, 0x69, 0x70, 0x6c,
+	0x65, 0x43, 0x68, 0x6f, 0x69, 0x63, 0x65, 0x73, 0x10, 0xac, 0x02, 0x12, 0x15, 0x0a, 0x10, 0x4d,
+	0x6f, 0x76, 0x65, 0x64, 0x50, 0x65, 0x72, 0x6d, 0x61, 0x6e, 0x65, 0x6e, 0x74, 0x6c, 0x79, 0x10,
+	0xad, 0x02, 0x12, 0x0a, 0x0a, 0x05, 0x46, 0x6f, 0x75, 0x6e, 0x64, 0x10, 0xae, 0x02, 0x12, 0x0d,
+	0x0a, 0x08, 0x53, 0x65, 0x65, 0x4f, 0x74, 0x68, 0x65, 0x72, 0x10, 0xaf, 0x02, 0x12, 0x10, 0x0a,
+	0x0b, 0x4e, 0x6f, 0x74, 0x4d, 0x6f, 0x64, 0x69, 0x66, 0x69, 0x65, 0x64, 0x10, 0xb0, 0x02, 0x12,
+	0x0d, 0x0a, 0x08, 0x55, 0x73, 0x65, 0x50, 0x72, 0x6f, 0x78, 0x79, 0x10, 0xb1, 0x02, 0x12, 0x16,
+	0x0a, 0x11, 0x54, 0x65, 0x6d, 0x70, 0x6f, 0x72, 0x61, 0x72, 0x79, 0x52, 0x65, 0x64, 0x69, 0x72,
+	0x65, 0x63, 0x74, 0x10, 0xb3, 0x02, 0x12, 0x16, 0x0a, 0x11, 0x50, 0x65, 0x72, 0x6d, 0x61, 0x6e,
+	0x65, 0x6e, 0x74, 0x52, 0x65, 0x64, 0x69, 0x72, 0x65, 0x63, 0x74, 0x10, 0xb4, 0x02, 0x12, 0x0f,
+	0x0a, 0x0a, 0x42, 0x61, 0x64, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x10, 0x90, 0x03, 0x12,
+	0x11, 0x0a, 0x0c, 0x55, 0x6e, 0x61, 0x75, 0x74, 0x68, 0x6f, 0x72, 0x69, 0x7a, 0x65, 0x64, 0x10,
+	0x91, 0x03, 0x12, 0x14, 0x0a, 0x0f, 0x50, 0x61, 0x79, 0x6d, 0x65, 0x6e, 0x74, 0x52, 0x65, 0x71,
+	0x75, 0x69, 0x72, 0x65, 0x64, 0x10, 0x92, 0x03, 0x12, 0x0e, 0x0a, 0x09, 0x46, 0x6f, 0x72, 0x62,
+	0x69, 0x64, 0x64, 0x65, 0x6e, 0x10, 0x93, 0x03, 0x12, 0x0d, 0x0a, 0x08, 0x4e, 0x6f, 0x74, 0x46,
+	0x6f, 0x75, 0x6e, 0x64, 0x10, 0x94, 0x03, 0x12, 0x15, 0x0a, 0x10, 0x4d, 0x65, 0x74, 0x68, 0x6f,
+	0x64, 0x4e, 0x6f, 0x74, 0x41, 0x6c, 0x6c, 0x6f, 0x77, 0x65, 0x64, 0x10, 0x95, 0x03, 0x12, 0x12,
+	0x0a, 0x0d, 0x4e, 0x6f, 0x74, 0x41, 0x63, 0x63, 0x65, 0x70, 0x74, 0x61, 0x62, 0x6c, 0x65, 0x10,
+	0x96, 0x03, 0x12, 0x20, 0x0a, 0x1b, 0x50, 0x72, 0x6f, 0x78, 0x79, 0x41, 0x75, 0x74, 0x68, 0x65,
+	0x6e, 0x74, 0x69, 0x63, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x52, 0x65, 0x71, 0x75, 0x69, 0x72, 0x65,
+	0x64, 0x10, 0x97, 0x03, 0x12, 0x13, 0x0a, 0x0e, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x54,
+	0x69, 0x6d, 0x65, 0x6f, 0x75, 0x74, 0x10, 0x98, 0x03, 0x12, 0x0d, 0x0a, 0x08, 0x43, 0x6f, 0x6e,
+	0x66, 0x6c, 0x69, 0x63, 0x74, 0x10, 0x99, 0x03, 0x12, 0x09, 0x0a, 0x04, 0x47, 0x6f, 0x6e, 0x65,
+	0x10, 0x9a, 0x03, 0x12, 0x13, 0x0a, 0x0e, 0x4c, 0x65, 0x6e, 0x67, 0x74, 0x68, 0x52, 0x65, 0x71,
+	0x75, 0x69, 0x72, 0x65, 0x64, 0x10, 0x9b, 0x03, 0x12, 0x17, 0x0a, 0x12, 0x50, 0x72, 0x65, 0x63,
+	0x6f, 0x6e, 0x64, 0x69, 0x74, 0x69, 0x6f, 0x6e, 0x46, 0x61, 0x69, 0x6c, 0x65, 0x64, 0x10, 0x9c,
+	0x03, 0x12, 0x14, 0x0a, 0x0f, 0x50, 0x61, 0x79, 0x6c, 0x6f, 0x61, 0x64, 0x54, 0x6f, 0x6f, 0x4c,
+	0x61, 0x72, 0x67, 0x65, 0x10, 0x9d, 0x03, 0x12, 0x0f, 0x0a, 0x0a, 0x55, 0x52, 0x49, 0x54, 0x6f,
+	0x6f, 0x4c, 0x6f, 0x6e, 0x67, 0x10, 0x9e, 0x03, 0x12, 0x19, 0x0a, 0x14, 0x55, 0x6e, 0x73, 0x75,
+	0x70, 0x70, 0x6f, 0x72, 0x74, 0x65, 0x64, 0x4d, 0x65, 0x64, 0x69, 0x61, 0x54, 0x79, 0x70, 0x65,
+	0x10, 0x9f, 0x03, 0x12, 0x18, 0x0a, 0x13, 0x52, 0x61, 0x6e, 0x67, 0x65, 0x4e, 0x6f, 0x74, 0x53,
+	0x61, 0x74, 0x69, 0x73, 0x66, 0x69, 0x61, 0x62, 0x6c, 0x65, 0x10, 0xa0, 0x03, 0x12, 0x16, 0x0a,
+	0x11, 0x45, 0x78, 0x70, 0x65, 0x63, 0x74, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x46, 0x61, 0x69, 0x6c,
+	0x65, 0x64, 0x10, 0xa1, 0x03, 0x12, 0x17, 0x0a, 0x12, 0x4d, 0x69, 0x73, 0x64, 0x69, 0x72, 0x65,
+	0x63, 0x74, 0x65, 0x64, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x10, 0xa5, 0x03, 0x12, 0x18,
+	0x0a, 0x13, 0x55, 0x6e, 0x70, 0x72, 0x6f, 0x63, 0x65, 0x73, 0x73, 0x61, 0x62, 0x6c, 0x65, 0x45,
+	0x6e, 0x74, 0x69, 0x74, 0x79, 0x10, 0xa6, 0x03, 0x12, 0x0b, 0x0a, 0x06, 0x4c, 0x6f, 0x63, 0x6b,
+	0x65, 0x64, 0x10, 0xa7, 0x03, 0x12, 0x15, 0x0a, 0x10, 0x46, 0x61, 0x69, 0x6c, 0x65, 0x64, 0x44,
+	0x65, 0x70, 0x65, 0x6e, 0x64, 0x65, 0x6e, 0x63, 0x79, 0x10, 0xa8, 0x03, 0x12, 0x14, 0x0a, 0x0f,
+	0x55, 0x70, 0x67, 0x72, 0x61, 0x64, 0x65, 0x52, 0x65, 0x71, 0x75, 0x69, 0x72, 0x65, 0x64, 0x10,
+	0xaa, 0x03, 0x12, 0x19, 0x0a, 0x14, 0x50, 0x72, 0x65, 0x63, 0x6f, 0x6e, 0x64, 0x69, 0x74, 0x69,
+	0x6f, 0x6e, 0x52, 0x65, 0x71, 0x75, 0x69, 0x72, 0x65, 0x64, 0x10, 0xac, 0x03, 0x12, 0x14, 0x0a,
+	0x0f, 0x54, 0x6f, 0x6f, 0x4d, 0x61, 0x6e, 0x79, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x73,
+	0x10, 0xad, 0x03, 0x12, 0x20, 0x0a, 0x1b, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x48, 0x65,
+	0x61, 0x64, 0x65, 0x72, 0x46, 0x69, 0x65, 0x6c, 0x64, 0x73, 0x54, 0x6f, 0x6f, 0x4c, 0x61, 0x72,
+	0x67, 0x65, 0x10, 0xaf, 0x03, 0x12, 0x18, 0x0a, 0x13, 0x49, 0x6e, 0x74, 0x65, 0x72, 0x6e, 0x61,
+	0x6c, 0x53, 0x65, 0x72, 0x76, 0x65, 0x72, 0x45, 0x72, 0x72, 0x6f, 0x72, 0x10, 0xf4, 0x03, 0x12,
+	0x13, 0x0a, 0x0e, 0x4e, 0x6f, 0x74, 0x49, 0x6d, 0x70, 0x6c, 0x65, 0x6d, 0x65, 0x6e, 0x74, 0x65,
+	0x64, 0x10, 0xf5, 0x03, 0x12, 0x0f, 0x0a, 0x0a, 0x42, 0x61, 0x64, 0x47, 0x61, 0x74, 0x65, 0x77,
+	0x61, 0x79, 0x10, 0xf6, 0x03, 0x12, 0x17, 0x0a, 0x12, 0x53, 0x65, 0x72, 0x76, 0x69, 0x63, 0x65,
+	0x55, 0x6e, 0x61, 0x76, 0x61, 0x69, 0x6c, 0x61, 0x62, 0x6c, 0x65, 0x10, 0xf7, 0x03, 0x12, 0x13,
+	0x0a, 0x0e, 0x47, 0x61, 0x74, 0x65, 0x77, 0x61, 0x79, 0x54, 0x69, 0x6d, 0x65, 0x6f, 0x75, 0x74,
+	0x10, 0xf8, 0x03, 0x12, 0x1c, 0x0a, 0x17, 0x48, 0x54, 0x54, 0x50, 0x56, 0x65, 0x72, 0x73, 0x69,
+	0x6f, 0x6e, 0x4e, 0x6f, 0x74, 0x53, 0x75, 0x70, 0x70, 0x6f, 0x72, 0x74, 0x65, 0x64, 0x10, 0xf9,
+	0x03, 0x12, 0x1a, 0x0a, 0x15, 0x56, 0x61, 0x72, 0x69, 0x61, 0x6e, 0x74, 0x41, 0x6c, 0x73, 0x6f,
+	0x4e, 0x65, 0x67, 0x6f, 0x74, 0x69, 0x61, 0x74, 0x65, 0x73, 0x10, 0xfa, 0x03, 0x12, 0x18, 0x0a,
+	0x13, 0x49, 0x6e, 0x73, 0x75, 0x66, 0x66, 0x69, 0x63, 0x69, 0x65, 0x6e, 0x74, 0x53, 0x74, 0x6f,
+	0x72, 0x61, 0x67, 0x65, 0x10, 0xfb, 0x03, 0x12, 0x11, 0x0a, 0x0c, 0x4c, 0x6f, 0x6f, 0x70, 0x44,
+	0x65, 0x74, 0x65, 0x63, 0x74, 0x65, 0x64, 0x10, 0xfc, 0x03, 0x12, 0x10, 0x0a, 0x0b, 0x4e, 0x6f,
+	0x74, 0x45, 0x78, 0x74, 0x65, 0x6e, 0x64, 0x65, 0x64, 0x10, 0xfe, 0x03, 0x12, 0x22, 0x0a, 0x1d,
+	0x4e, 0x65, 0x74, 0x77, 0x6f, 0x72, 0x6b, 0x41, 0x75, 0x74, 0x68, 0x65, 0x6e, 0x74, 0x69, 0x63,
+	0x61, 0x74, 0x69, 0x6f, 0x6e, 0x52, 0x65, 0x71, 0x75, 0x69, 0x72, 0x65, 0x64, 0x10, 0xff, 0x03,
+	0x42, 0x35, 0x0a, 0x18, 0x69, 0x6f, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x70, 0x72, 0x6f, 0x78,
+	0x79, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x74, 0x79, 0x70, 0x65, 0x42, 0x0f, 0x48, 0x74,
+	0x74, 0x70, 0x53, 0x74, 0x61, 0x74, 0x75, 0x73, 0x50, 0x72, 0x6f, 0x74, 0x6f, 0x50, 0x01, 0xba,
+	0x80, 0xc8, 0xd1, 0x06, 0x02, 0x10, 0x01, 0x62, 0x06, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x33,
+}
+
+var (
+	file_envoy_type_http_status_proto_rawDescOnce sync.Once
+	file_envoy_type_http_status_proto_rawDescData = file_envoy_type_http_status_proto_rawDesc
+)
+
+func file_envoy_type_http_status_proto_rawDescGZIP() []byte {
+	file_envoy_type_http_status_proto_rawDescOnce.Do(func() {
+		file_envoy_type_http_status_proto_rawDescData = protoimpl.X.CompressGZIP(file_envoy_type_http_status_proto_rawDescData)
+	})
+	return file_envoy_type_http_status_proto_rawDescData
+}
+
+var file_envoy_type_http_status_proto_enumTypes = make([]protoimpl.EnumInfo, 1)
+var file_envoy_type_http_status_proto_msgTypes = make([]protoimpl.MessageInfo, 1)
+var file_envoy_type_http_status_proto_goTypes = []interface{}{
+	(StatusCode)(0),    // 0: envoy.type.StatusCode
+	(*HttpStatus)(nil), // 1: envoy.type.HttpStatus
+}
+var file_envoy_type_http_status_proto_depIdxs = []int32{
+	0, // 0: envoy.type.HttpStatus.code:type_name -> envoy.type.StatusCode
+	1, // [1:1] is the sub-list for method output_type
+	1, // [1:1] is the sub-list for method input_type
+	1, // [1:1] is the sub-list for extension type_name
+	1, // [1:1] is the sub-list for extension extendee
+	0, // [0:1] is the sub-list for field type_name
+}
+
+func init() { file_envoy_type_http_status_proto_init() }
+func file_envoy_type_http_status_proto_init() {
+	if File_envoy_type_http_status_proto != nil {
+		return
+	}
+	if !protoimpl.UnsafeEnabled {
+		file_envoy_type_http_status_proto_msgTypes[0].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*HttpStatus); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+	}
+	type x struct{}
+	out := protoimpl.TypeBuilder{
+		File: protoimpl.DescBuilder{
+			GoPackagePath: reflect.TypeOf(x{}).PkgPath(),
+			RawDescriptor: file_envoy_type_http_status_proto_rawDesc,
+			NumEnums:      1,
+			NumMessages:   1,
+			NumExtensions: 0,
+			NumServices:   0,
+		},
+		GoTypes:           file_envoy_type_http_status_proto_goTypes,
+		DependencyIndexes: file_envoy_type_http_status_proto_depIdxs,
+		EnumInfos:         file_envoy_type_http_status_proto_enumTypes,
+		MessageInfos:      file_envoy_type_http_status_proto_msgTypes,
+	}.Build()
+	File_envoy_type_http_status_proto = out.File
+	file_envoy_type_http_status_proto_rawDesc = nil
+	file_envoy_type_http_status_proto_goTypes = nil
+	file_envoy_type_http_status_proto_depIdxs = nil
+}
diff --git a/vendor/github.com/envoyproxy/go-control-plane/envoy/type/http_status.pb.validate.go b/vendor/github.com/envoyproxy/go-control-plane/envoy/type/http_status.pb.validate.go
new file mode 100644
index 00000000000..8cca707dca7
--- /dev/null
+++ b/vendor/github.com/envoyproxy/go-control-plane/envoy/type/http_status.pb.validate.go
@@ -0,0 +1,160 @@
+// Code generated by protoc-gen-validate. DO NOT EDIT.
+// source: envoy/type/http_status.proto
+
+package envoy_type
+
+import (
+	"bytes"
+	"errors"
+	"fmt"
+	"net"
+	"net/mail"
+	"net/url"
+	"regexp"
+	"sort"
+	"strings"
+	"time"
+	"unicode/utf8"
+
+	"google.golang.org/protobuf/types/known/anypb"
+)
+
+// ensure the imports are used
+var (
+	_ = bytes.MinRead
+	_ = errors.New("")
+	_ = fmt.Print
+	_ = utf8.UTFMax
+	_ = (*regexp.Regexp)(nil)
+	_ = (*strings.Reader)(nil)
+	_ = net.IPv4len
+	_ = time.Duration(0)
+	_ = (*url.URL)(nil)
+	_ = (*mail.Address)(nil)
+	_ = anypb.Any{}
+	_ = sort.Sort
+)
+
+// Validate checks the field values on HttpStatus with the rules defined in the
+// proto definition for this message. If any rules are violated, the first
+// error encountered is returned, or nil if there are no violations.
+func (m *HttpStatus) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on HttpStatus with the rules defined in
+// the proto definition for this message. If any rules are violated, the
+// result is a list of violation errors wrapped in HttpStatusMultiError, or
+// nil if none found.
+func (m *HttpStatus) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *HttpStatus) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	if _, ok := _HttpStatus_Code_NotInLookup[m.GetCode()]; ok {
+		err := HttpStatusValidationError{
+			field:  "Code",
+			reason: "value must not be in list [0]",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+	}
+
+	if _, ok := StatusCode_name[int32(m.GetCode())]; !ok {
+		err := HttpStatusValidationError{
+			field:  "Code",
+			reason: "value must be one of the defined enum values",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+	}
+
+	if len(errors) > 0 {
+		return HttpStatusMultiError(errors)
+	}
+	return nil
+}
+
+// HttpStatusMultiError is an error wrapping multiple validation errors
+// returned by HttpStatus.ValidateAll() if the designated constraints aren't met.
+type HttpStatusMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m HttpStatusMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m HttpStatusMultiError) AllErrors() []error { return m }
+
+// HttpStatusValidationError is the validation error returned by
+// HttpStatus.Validate if the designated constraints aren't met.
+type HttpStatusValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e HttpStatusValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e HttpStatusValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e HttpStatusValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e HttpStatusValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e HttpStatusValidationError) ErrorName() string { return "HttpStatusValidationError" }
+
+// Error satisfies the builtin error interface
+func (e HttpStatusValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sHttpStatus.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = HttpStatusValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = HttpStatusValidationError{}
+
+var _HttpStatus_Code_NotInLookup = map[StatusCode]struct{}{
+	0: {},
+}
diff --git a/vendor/github.com/envoyproxy/go-control-plane/envoy/type/matcher/metadata.pb.go b/vendor/github.com/envoyproxy/go-control-plane/envoy/type/matcher/metadata.pb.go
new file mode 100644
index 00000000000..173bbad1489
--- /dev/null
+++ b/vendor/github.com/envoyproxy/go-control-plane/envoy/type/matcher/metadata.pb.go
@@ -0,0 +1,283 @@
+// Code generated by protoc-gen-go. DO NOT EDIT.
+// versions:
+// 	protoc-gen-go v1.25.0
+// 	protoc        v3.19.1
+// source: envoy/type/matcher/metadata.proto
+
+package envoy_type_matcher
+
+import (
+	_ "github.com/cncf/xds/go/udpa/annotations"
+	_ "github.com/envoyproxy/protoc-gen-validate/validate"
+	proto "github.com/golang/protobuf/proto"
+	protoreflect "google.golang.org/protobuf/reflect/protoreflect"
+	protoimpl "google.golang.org/protobuf/runtime/protoimpl"
+	reflect "reflect"
+	sync "sync"
+)
+
+const (
+	// Verify that this generated code is sufficiently up-to-date.
+	_ = protoimpl.EnforceVersion(20 - protoimpl.MinVersion)
+	// Verify that runtime/protoimpl is sufficiently up-to-date.
+	_ = protoimpl.EnforceVersion(protoimpl.MaxVersion - 20)
+)
+
+// This is a compile-time assertion that a sufficiently up-to-date version
+// of the legacy proto package is being used.
+const _ = proto.ProtoPackageIsVersion4
+
+// [#next-major-version: MetadataMatcher should use StructMatcher]
+type MetadataMatcher struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// The filter name to retrieve the Struct from the Metadata.
+	Filter string `protobuf:"bytes,1,opt,name=filter,proto3" json:"filter,omitempty"`
+	// The path to retrieve the Value from the Struct.
+	Path []*MetadataMatcher_PathSegment `protobuf:"bytes,2,rep,name=path,proto3" json:"path,omitempty"`
+	// The MetadataMatcher is matched if the value retrieved by path is matched to this value.
+	Value *ValueMatcher `protobuf:"bytes,3,opt,name=value,proto3" json:"value,omitempty"`
+}
+
+func (x *MetadataMatcher) Reset() {
+	*x = MetadataMatcher{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_type_matcher_metadata_proto_msgTypes[0]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *MetadataMatcher) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*MetadataMatcher) ProtoMessage() {}
+
+func (x *MetadataMatcher) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_type_matcher_metadata_proto_msgTypes[0]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use MetadataMatcher.ProtoReflect.Descriptor instead.
+func (*MetadataMatcher) Descriptor() ([]byte, []int) {
+	return file_envoy_type_matcher_metadata_proto_rawDescGZIP(), []int{0}
+}
+
+func (x *MetadataMatcher) GetFilter() string {
+	if x != nil {
+		return x.Filter
+	}
+	return ""
+}
+
+func (x *MetadataMatcher) GetPath() []*MetadataMatcher_PathSegment {
+	if x != nil {
+		return x.Path
+	}
+	return nil
+}
+
+func (x *MetadataMatcher) GetValue() *ValueMatcher {
+	if x != nil {
+		return x.Value
+	}
+	return nil
+}
+
+// Specifies the segment in a path to retrieve value from Metadata.
+// Note: Currently it's not supported to retrieve a value from a list in Metadata. This means that
+// if the segment key refers to a list, it has to be the last segment in a path.
+type MetadataMatcher_PathSegment struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// Types that are assignable to Segment:
+	//	*MetadataMatcher_PathSegment_Key
+	Segment isMetadataMatcher_PathSegment_Segment `protobuf_oneof:"segment"`
+}
+
+func (x *MetadataMatcher_PathSegment) Reset() {
+	*x = MetadataMatcher_PathSegment{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_type_matcher_metadata_proto_msgTypes[1]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *MetadataMatcher_PathSegment) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*MetadataMatcher_PathSegment) ProtoMessage() {}
+
+func (x *MetadataMatcher_PathSegment) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_type_matcher_metadata_proto_msgTypes[1]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use MetadataMatcher_PathSegment.ProtoReflect.Descriptor instead.
+func (*MetadataMatcher_PathSegment) Descriptor() ([]byte, []int) {
+	return file_envoy_type_matcher_metadata_proto_rawDescGZIP(), []int{0, 0}
+}
+
+func (m *MetadataMatcher_PathSegment) GetSegment() isMetadataMatcher_PathSegment_Segment {
+	if m != nil {
+		return m.Segment
+	}
+	return nil
+}
+
+func (x *MetadataMatcher_PathSegment) GetKey() string {
+	if x, ok := x.GetSegment().(*MetadataMatcher_PathSegment_Key); ok {
+		return x.Key
+	}
+	return ""
+}
+
+type isMetadataMatcher_PathSegment_Segment interface {
+	isMetadataMatcher_PathSegment_Segment()
+}
+
+type MetadataMatcher_PathSegment_Key struct {
+	// If specified, use the key to retrieve the value in a Struct.
+	Key string `protobuf:"bytes,1,opt,name=key,proto3,oneof"`
+}
+
+func (*MetadataMatcher_PathSegment_Key) isMetadataMatcher_PathSegment_Segment() {}
+
+var File_envoy_type_matcher_metadata_proto protoreflect.FileDescriptor
+
+var file_envoy_type_matcher_metadata_proto_rawDesc = []byte{
+	0x0a, 0x21, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2f, 0x74, 0x79, 0x70, 0x65, 0x2f, 0x6d, 0x61, 0x74,
+	0x63, 0x68, 0x65, 0x72, 0x2f, 0x6d, 0x65, 0x74, 0x61, 0x64, 0x61, 0x74, 0x61, 0x2e, 0x70, 0x72,
+	0x6f, 0x74, 0x6f, 0x12, 0x12, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x74, 0x79, 0x70, 0x65, 0x2e,
+	0x6d, 0x61, 0x74, 0x63, 0x68, 0x65, 0x72, 0x1a, 0x1e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2f, 0x74,
+	0x79, 0x70, 0x65, 0x2f, 0x6d, 0x61, 0x74, 0x63, 0x68, 0x65, 0x72, 0x2f, 0x76, 0x61, 0x6c, 0x75,
+	0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x1d, 0x75, 0x64, 0x70, 0x61, 0x2f, 0x61, 0x6e,
+	0x6e, 0x6f, 0x74, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x2f, 0x73, 0x74, 0x61, 0x74, 0x75, 0x73,
+	0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x17, 0x76, 0x61, 0x6c, 0x69, 0x64, 0x61, 0x74, 0x65,
+	0x2f, 0x76, 0x61, 0x6c, 0x69, 0x64, 0x61, 0x74, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x22,
+	0xff, 0x01, 0x0a, 0x0f, 0x4d, 0x65, 0x74, 0x61, 0x64, 0x61, 0x74, 0x61, 0x4d, 0x61, 0x74, 0x63,
+	0x68, 0x65, 0x72, 0x12, 0x1f, 0x0a, 0x06, 0x66, 0x69, 0x6c, 0x74, 0x65, 0x72, 0x18, 0x01, 0x20,
+	0x01, 0x28, 0x09, 0x42, 0x07, 0xfa, 0x42, 0x04, 0x72, 0x02, 0x10, 0x01, 0x52, 0x06, 0x66, 0x69,
+	0x6c, 0x74, 0x65, 0x72, 0x12, 0x4d, 0x0a, 0x04, 0x70, 0x61, 0x74, 0x68, 0x18, 0x02, 0x20, 0x03,
+	0x28, 0x0b, 0x32, 0x2f, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x74, 0x79, 0x70, 0x65, 0x2e,
+	0x6d, 0x61, 0x74, 0x63, 0x68, 0x65, 0x72, 0x2e, 0x4d, 0x65, 0x74, 0x61, 0x64, 0x61, 0x74, 0x61,
+	0x4d, 0x61, 0x74, 0x63, 0x68, 0x65, 0x72, 0x2e, 0x50, 0x61, 0x74, 0x68, 0x53, 0x65, 0x67, 0x6d,
+	0x65, 0x6e, 0x74, 0x42, 0x08, 0xfa, 0x42, 0x05, 0x92, 0x01, 0x02, 0x08, 0x01, 0x52, 0x04, 0x70,
+	0x61, 0x74, 0x68, 0x12, 0x40, 0x0a, 0x05, 0x76, 0x61, 0x6c, 0x75, 0x65, 0x18, 0x03, 0x20, 0x01,
+	0x28, 0x0b, 0x32, 0x20, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x74, 0x79, 0x70, 0x65, 0x2e,
+	0x6d, 0x61, 0x74, 0x63, 0x68, 0x65, 0x72, 0x2e, 0x56, 0x61, 0x6c, 0x75, 0x65, 0x4d, 0x61, 0x74,
+	0x63, 0x68, 0x65, 0x72, 0x42, 0x08, 0xfa, 0x42, 0x05, 0x8a, 0x01, 0x02, 0x10, 0x01, 0x52, 0x05,
+	0x76, 0x61, 0x6c, 0x75, 0x65, 0x1a, 0x3a, 0x0a, 0x0b, 0x50, 0x61, 0x74, 0x68, 0x53, 0x65, 0x67,
+	0x6d, 0x65, 0x6e, 0x74, 0x12, 0x1b, 0x0a, 0x03, 0x6b, 0x65, 0x79, 0x18, 0x01, 0x20, 0x01, 0x28,
+	0x09, 0x42, 0x07, 0xfa, 0x42, 0x04, 0x72, 0x02, 0x10, 0x01, 0x48, 0x00, 0x52, 0x03, 0x6b, 0x65,
+	0x79, 0x42, 0x0e, 0x0a, 0x07, 0x73, 0x65, 0x67, 0x6d, 0x65, 0x6e, 0x74, 0x12, 0x03, 0xf8, 0x42,
+	0x01, 0x42, 0x3b, 0x0a, 0x20, 0x69, 0x6f, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x70, 0x72, 0x6f,
+	0x78, 0x79, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x74, 0x79, 0x70, 0x65, 0x2e, 0x6d, 0x61,
+	0x74, 0x63, 0x68, 0x65, 0x72, 0x42, 0x0d, 0x4d, 0x65, 0x74, 0x61, 0x64, 0x61, 0x74, 0x61, 0x50,
+	0x72, 0x6f, 0x74, 0x6f, 0x50, 0x01, 0xba, 0x80, 0xc8, 0xd1, 0x06, 0x02, 0x10, 0x01, 0x62, 0x06,
+	0x70, 0x72, 0x6f, 0x74, 0x6f, 0x33,
+}
+
+var (
+	file_envoy_type_matcher_metadata_proto_rawDescOnce sync.Once
+	file_envoy_type_matcher_metadata_proto_rawDescData = file_envoy_type_matcher_metadata_proto_rawDesc
+)
+
+func file_envoy_type_matcher_metadata_proto_rawDescGZIP() []byte {
+	file_envoy_type_matcher_metadata_proto_rawDescOnce.Do(func() {
+		file_envoy_type_matcher_metadata_proto_rawDescData = protoimpl.X.CompressGZIP(file_envoy_type_matcher_metadata_proto_rawDescData)
+	})
+	return file_envoy_type_matcher_metadata_proto_rawDescData
+}
+
+var file_envoy_type_matcher_metadata_proto_msgTypes = make([]protoimpl.MessageInfo, 2)
+var file_envoy_type_matcher_metadata_proto_goTypes = []interface{}{
+	(*MetadataMatcher)(nil),             // 0: envoy.type.matcher.MetadataMatcher
+	(*MetadataMatcher_PathSegment)(nil), // 1: envoy.type.matcher.MetadataMatcher.PathSegment
+	(*ValueMatcher)(nil),                // 2: envoy.type.matcher.ValueMatcher
+}
+var file_envoy_type_matcher_metadata_proto_depIdxs = []int32{
+	1, // 0: envoy.type.matcher.MetadataMatcher.path:type_name -> envoy.type.matcher.MetadataMatcher.PathSegment
+	2, // 1: envoy.type.matcher.MetadataMatcher.value:type_name -> envoy.type.matcher.ValueMatcher
+	2, // [2:2] is the sub-list for method output_type
+	2, // [2:2] is the sub-list for method input_type
+	2, // [2:2] is the sub-list for extension type_name
+	2, // [2:2] is the sub-list for extension extendee
+	0, // [0:2] is the sub-list for field type_name
+}
+
+func init() { file_envoy_type_matcher_metadata_proto_init() }
+func file_envoy_type_matcher_metadata_proto_init() {
+	if File_envoy_type_matcher_metadata_proto != nil {
+		return
+	}
+	file_envoy_type_matcher_value_proto_init()
+	if !protoimpl.UnsafeEnabled {
+		file_envoy_type_matcher_metadata_proto_msgTypes[0].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*MetadataMatcher); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_type_matcher_metadata_proto_msgTypes[1].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*MetadataMatcher_PathSegment); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+	}
+	file_envoy_type_matcher_metadata_proto_msgTypes[1].OneofWrappers = []interface{}{
+		(*MetadataMatcher_PathSegment_Key)(nil),
+	}
+	type x struct{}
+	out := protoimpl.TypeBuilder{
+		File: protoimpl.DescBuilder{
+			GoPackagePath: reflect.TypeOf(x{}).PkgPath(),
+			RawDescriptor: file_envoy_type_matcher_metadata_proto_rawDesc,
+			NumEnums:      0,
+			NumMessages:   2,
+			NumExtensions: 0,
+			NumServices:   0,
+		},
+		GoTypes:           file_envoy_type_matcher_metadata_proto_goTypes,
+		DependencyIndexes: file_envoy_type_matcher_metadata_proto_depIdxs,
+		MessageInfos:      file_envoy_type_matcher_metadata_proto_msgTypes,
+	}.Build()
+	File_envoy_type_matcher_metadata_proto = out.File
+	file_envoy_type_matcher_metadata_proto_rawDesc = nil
+	file_envoy_type_matcher_metadata_proto_goTypes = nil
+	file_envoy_type_matcher_metadata_proto_depIdxs = nil
+}
diff --git a/vendor/github.com/envoyproxy/go-control-plane/envoy/type/matcher/metadata.pb.validate.go b/vendor/github.com/envoyproxy/go-control-plane/envoy/type/matcher/metadata.pb.validate.go
new file mode 100644
index 00000000000..c8fd5488075
--- /dev/null
+++ b/vendor/github.com/envoyproxy/go-control-plane/envoy/type/matcher/metadata.pb.validate.go
@@ -0,0 +1,360 @@
+// Code generated by protoc-gen-validate. DO NOT EDIT.
+// source: envoy/type/matcher/metadata.proto
+
+package envoy_type_matcher
+
+import (
+	"bytes"
+	"errors"
+	"fmt"
+	"net"
+	"net/mail"
+	"net/url"
+	"regexp"
+	"sort"
+	"strings"
+	"time"
+	"unicode/utf8"
+
+	"google.golang.org/protobuf/types/known/anypb"
+)
+
+// ensure the imports are used
+var (
+	_ = bytes.MinRead
+	_ = errors.New("")
+	_ = fmt.Print
+	_ = utf8.UTFMax
+	_ = (*regexp.Regexp)(nil)
+	_ = (*strings.Reader)(nil)
+	_ = net.IPv4len
+	_ = time.Duration(0)
+	_ = (*url.URL)(nil)
+	_ = (*mail.Address)(nil)
+	_ = anypb.Any{}
+	_ = sort.Sort
+)
+
+// Validate checks the field values on MetadataMatcher with the rules defined
+// in the proto definition for this message. If any rules are violated, the
+// first error encountered is returned, or nil if there are no violations.
+func (m *MetadataMatcher) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on MetadataMatcher with the rules
+// defined in the proto definition for this message. If any rules are
+// violated, the result is a list of violation errors wrapped in
+// MetadataMatcherMultiError, or nil if none found.
+func (m *MetadataMatcher) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *MetadataMatcher) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	if utf8.RuneCountInString(m.GetFilter()) < 1 {
+		err := MetadataMatcherValidationError{
+			field:  "Filter",
+			reason: "value length must be at least 1 runes",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+	}
+
+	if len(m.GetPath()) < 1 {
+		err := MetadataMatcherValidationError{
+			field:  "Path",
+			reason: "value must contain at least 1 item(s)",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+	}
+
+	for idx, item := range m.GetPath() {
+		_, _ = idx, item
+
+		if all {
+			switch v := interface{}(item).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, MetadataMatcherValidationError{
+						field:  fmt.Sprintf("Path[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, MetadataMatcherValidationError{
+						field:  fmt.Sprintf("Path[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(item).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return MetadataMatcherValidationError{
+					field:  fmt.Sprintf("Path[%v]", idx),
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	}
+
+	if m.GetValue() == nil {
+		err := MetadataMatcherValidationError{
+			field:  "Value",
+			reason: "value is required",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+	}
+
+	if all {
+		switch v := interface{}(m.GetValue()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, MetadataMatcherValidationError{
+					field:  "Value",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, MetadataMatcherValidationError{
+					field:  "Value",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetValue()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return MetadataMatcherValidationError{
+				field:  "Value",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if len(errors) > 0 {
+		return MetadataMatcherMultiError(errors)
+	}
+	return nil
+}
+
+// MetadataMatcherMultiError is an error wrapping multiple validation errors
+// returned by MetadataMatcher.ValidateAll() if the designated constraints
+// aren't met.
+type MetadataMatcherMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m MetadataMatcherMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m MetadataMatcherMultiError) AllErrors() []error { return m }
+
+// MetadataMatcherValidationError is the validation error returned by
+// MetadataMatcher.Validate if the designated constraints aren't met.
+type MetadataMatcherValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e MetadataMatcherValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e MetadataMatcherValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e MetadataMatcherValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e MetadataMatcherValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e MetadataMatcherValidationError) ErrorName() string { return "MetadataMatcherValidationError" }
+
+// Error satisfies the builtin error interface
+func (e MetadataMatcherValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sMetadataMatcher.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = MetadataMatcherValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = MetadataMatcherValidationError{}
+
+// Validate checks the field values on MetadataMatcher_PathSegment with the
+// rules defined in the proto definition for this message. If any rules are
+// violated, the first error encountered is returned, or nil if there are no violations.
+func (m *MetadataMatcher_PathSegment) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on MetadataMatcher_PathSegment with the
+// rules defined in the proto definition for this message. If any rules are
+// violated, the result is a list of violation errors wrapped in
+// MetadataMatcher_PathSegmentMultiError, or nil if none found.
+func (m *MetadataMatcher_PathSegment) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *MetadataMatcher_PathSegment) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	switch m.Segment.(type) {
+
+	case *MetadataMatcher_PathSegment_Key:
+
+		if utf8.RuneCountInString(m.GetKey()) < 1 {
+			err := MetadataMatcher_PathSegmentValidationError{
+				field:  "Key",
+				reason: "value length must be at least 1 runes",
+			}
+			if !all {
+				return err
+			}
+			errors = append(errors, err)
+		}
+
+	default:
+		err := MetadataMatcher_PathSegmentValidationError{
+			field:  "Segment",
+			reason: "value is required",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+
+	}
+
+	if len(errors) > 0 {
+		return MetadataMatcher_PathSegmentMultiError(errors)
+	}
+	return nil
+}
+
+// MetadataMatcher_PathSegmentMultiError is an error wrapping multiple
+// validation errors returned by MetadataMatcher_PathSegment.ValidateAll() if
+// the designated constraints aren't met.
+type MetadataMatcher_PathSegmentMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m MetadataMatcher_PathSegmentMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m MetadataMatcher_PathSegmentMultiError) AllErrors() []error { return m }
+
+// MetadataMatcher_PathSegmentValidationError is the validation error returned
+// by MetadataMatcher_PathSegment.Validate if the designated constraints
+// aren't met.
+type MetadataMatcher_PathSegmentValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e MetadataMatcher_PathSegmentValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e MetadataMatcher_PathSegmentValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e MetadataMatcher_PathSegmentValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e MetadataMatcher_PathSegmentValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e MetadataMatcher_PathSegmentValidationError) ErrorName() string {
+	return "MetadataMatcher_PathSegmentValidationError"
+}
+
+// Error satisfies the builtin error interface
+func (e MetadataMatcher_PathSegmentValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sMetadataMatcher_PathSegment.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = MetadataMatcher_PathSegmentValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = MetadataMatcher_PathSegmentValidationError{}
diff --git a/vendor/github.com/envoyproxy/go-control-plane/envoy/type/matcher/node.pb.go b/vendor/github.com/envoyproxy/go-control-plane/envoy/type/matcher/node.pb.go
new file mode 100644
index 00000000000..4a07b162326
--- /dev/null
+++ b/vendor/github.com/envoyproxy/go-control-plane/envoy/type/matcher/node.pb.go
@@ -0,0 +1,183 @@
+// Code generated by protoc-gen-go. DO NOT EDIT.
+// versions:
+// 	protoc-gen-go v1.25.0
+// 	protoc        v3.19.1
+// source: envoy/type/matcher/node.proto
+
+package envoy_type_matcher
+
+import (
+	_ "github.com/cncf/xds/go/udpa/annotations"
+	proto "github.com/golang/protobuf/proto"
+	protoreflect "google.golang.org/protobuf/reflect/protoreflect"
+	protoimpl "google.golang.org/protobuf/runtime/protoimpl"
+	reflect "reflect"
+	sync "sync"
+)
+
+const (
+	// Verify that this generated code is sufficiently up-to-date.
+	_ = protoimpl.EnforceVersion(20 - protoimpl.MinVersion)
+	// Verify that runtime/protoimpl is sufficiently up-to-date.
+	_ = protoimpl.EnforceVersion(protoimpl.MaxVersion - 20)
+)
+
+// This is a compile-time assertion that a sufficiently up-to-date version
+// of the legacy proto package is being used.
+const _ = proto.ProtoPackageIsVersion4
+
+// Specifies the way to match a Node.
+// The match follows AND semantics.
+type NodeMatcher struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// Specifies match criteria on the node id.
+	NodeId *StringMatcher `protobuf:"bytes,1,opt,name=node_id,json=nodeId,proto3" json:"node_id,omitempty"`
+	// Specifies match criteria on the node metadata.
+	NodeMetadatas []*StructMatcher `protobuf:"bytes,2,rep,name=node_metadatas,json=nodeMetadatas,proto3" json:"node_metadatas,omitempty"`
+}
+
+func (x *NodeMatcher) Reset() {
+	*x = NodeMatcher{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_type_matcher_node_proto_msgTypes[0]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *NodeMatcher) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*NodeMatcher) ProtoMessage() {}
+
+func (x *NodeMatcher) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_type_matcher_node_proto_msgTypes[0]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use NodeMatcher.ProtoReflect.Descriptor instead.
+func (*NodeMatcher) Descriptor() ([]byte, []int) {
+	return file_envoy_type_matcher_node_proto_rawDescGZIP(), []int{0}
+}
+
+func (x *NodeMatcher) GetNodeId() *StringMatcher {
+	if x != nil {
+		return x.NodeId
+	}
+	return nil
+}
+
+func (x *NodeMatcher) GetNodeMetadatas() []*StructMatcher {
+	if x != nil {
+		return x.NodeMetadatas
+	}
+	return nil
+}
+
+var File_envoy_type_matcher_node_proto protoreflect.FileDescriptor
+
+var file_envoy_type_matcher_node_proto_rawDesc = []byte{
+	0x0a, 0x1d, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2f, 0x74, 0x79, 0x70, 0x65, 0x2f, 0x6d, 0x61, 0x74,
+	0x63, 0x68, 0x65, 0x72, 0x2f, 0x6e, 0x6f, 0x64, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x12,
+	0x12, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x74, 0x79, 0x70, 0x65, 0x2e, 0x6d, 0x61, 0x74, 0x63,
+	0x68, 0x65, 0x72, 0x1a, 0x1f, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2f, 0x74, 0x79, 0x70, 0x65, 0x2f,
+	0x6d, 0x61, 0x74, 0x63, 0x68, 0x65, 0x72, 0x2f, 0x73, 0x74, 0x72, 0x69, 0x6e, 0x67, 0x2e, 0x70,
+	0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x1f, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2f, 0x74, 0x79, 0x70, 0x65,
+	0x2f, 0x6d, 0x61, 0x74, 0x63, 0x68, 0x65, 0x72, 0x2f, 0x73, 0x74, 0x72, 0x75, 0x63, 0x74, 0x2e,
+	0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x1d, 0x75, 0x64, 0x70, 0x61, 0x2f, 0x61, 0x6e, 0x6e, 0x6f,
+	0x74, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x2f, 0x73, 0x74, 0x61, 0x74, 0x75, 0x73, 0x2e, 0x70,
+	0x72, 0x6f, 0x74, 0x6f, 0x22, 0x93, 0x01, 0x0a, 0x0b, 0x4e, 0x6f, 0x64, 0x65, 0x4d, 0x61, 0x74,
+	0x63, 0x68, 0x65, 0x72, 0x12, 0x3a, 0x0a, 0x07, 0x6e, 0x6f, 0x64, 0x65, 0x5f, 0x69, 0x64, 0x18,
+	0x01, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x21, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x74, 0x79,
+	0x70, 0x65, 0x2e, 0x6d, 0x61, 0x74, 0x63, 0x68, 0x65, 0x72, 0x2e, 0x53, 0x74, 0x72, 0x69, 0x6e,
+	0x67, 0x4d, 0x61, 0x74, 0x63, 0x68, 0x65, 0x72, 0x52, 0x06, 0x6e, 0x6f, 0x64, 0x65, 0x49, 0x64,
+	0x12, 0x48, 0x0a, 0x0e, 0x6e, 0x6f, 0x64, 0x65, 0x5f, 0x6d, 0x65, 0x74, 0x61, 0x64, 0x61, 0x74,
+	0x61, 0x73, 0x18, 0x02, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x21, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79,
+	0x2e, 0x74, 0x79, 0x70, 0x65, 0x2e, 0x6d, 0x61, 0x74, 0x63, 0x68, 0x65, 0x72, 0x2e, 0x53, 0x74,
+	0x72, 0x75, 0x63, 0x74, 0x4d, 0x61, 0x74, 0x63, 0x68, 0x65, 0x72, 0x52, 0x0d, 0x6e, 0x6f, 0x64,
+	0x65, 0x4d, 0x65, 0x74, 0x61, 0x64, 0x61, 0x74, 0x61, 0x73, 0x42, 0x37, 0x0a, 0x20, 0x69, 0x6f,
+	0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x70, 0x72, 0x6f, 0x78, 0x79, 0x2e, 0x65, 0x6e, 0x76, 0x6f,
+	0x79, 0x2e, 0x74, 0x79, 0x70, 0x65, 0x2e, 0x6d, 0x61, 0x74, 0x63, 0x68, 0x65, 0x72, 0x42, 0x09,
+	0x4e, 0x6f, 0x64, 0x65, 0x50, 0x72, 0x6f, 0x74, 0x6f, 0x50, 0x01, 0xba, 0x80, 0xc8, 0xd1, 0x06,
+	0x02, 0x10, 0x01, 0x62, 0x06, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x33,
+}
+
+var (
+	file_envoy_type_matcher_node_proto_rawDescOnce sync.Once
+	file_envoy_type_matcher_node_proto_rawDescData = file_envoy_type_matcher_node_proto_rawDesc
+)
+
+func file_envoy_type_matcher_node_proto_rawDescGZIP() []byte {
+	file_envoy_type_matcher_node_proto_rawDescOnce.Do(func() {
+		file_envoy_type_matcher_node_proto_rawDescData = protoimpl.X.CompressGZIP(file_envoy_type_matcher_node_proto_rawDescData)
+	})
+	return file_envoy_type_matcher_node_proto_rawDescData
+}
+
+var file_envoy_type_matcher_node_proto_msgTypes = make([]protoimpl.MessageInfo, 1)
+var file_envoy_type_matcher_node_proto_goTypes = []interface{}{
+	(*NodeMatcher)(nil),   // 0: envoy.type.matcher.NodeMatcher
+	(*StringMatcher)(nil), // 1: envoy.type.matcher.StringMatcher
+	(*StructMatcher)(nil), // 2: envoy.type.matcher.StructMatcher
+}
+var file_envoy_type_matcher_node_proto_depIdxs = []int32{
+	1, // 0: envoy.type.matcher.NodeMatcher.node_id:type_name -> envoy.type.matcher.StringMatcher
+	2, // 1: envoy.type.matcher.NodeMatcher.node_metadatas:type_name -> envoy.type.matcher.StructMatcher
+	2, // [2:2] is the sub-list for method output_type
+	2, // [2:2] is the sub-list for method input_type
+	2, // [2:2] is the sub-list for extension type_name
+	2, // [2:2] is the sub-list for extension extendee
+	0, // [0:2] is the sub-list for field type_name
+}
+
+func init() { file_envoy_type_matcher_node_proto_init() }
+func file_envoy_type_matcher_node_proto_init() {
+	if File_envoy_type_matcher_node_proto != nil {
+		return
+	}
+	file_envoy_type_matcher_string_proto_init()
+	file_envoy_type_matcher_struct_proto_init()
+	if !protoimpl.UnsafeEnabled {
+		file_envoy_type_matcher_node_proto_msgTypes[0].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*NodeMatcher); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+	}
+	type x struct{}
+	out := protoimpl.TypeBuilder{
+		File: protoimpl.DescBuilder{
+			GoPackagePath: reflect.TypeOf(x{}).PkgPath(),
+			RawDescriptor: file_envoy_type_matcher_node_proto_rawDesc,
+			NumEnums:      0,
+			NumMessages:   1,
+			NumExtensions: 0,
+			NumServices:   0,
+		},
+		GoTypes:           file_envoy_type_matcher_node_proto_goTypes,
+		DependencyIndexes: file_envoy_type_matcher_node_proto_depIdxs,
+		MessageInfos:      file_envoy_type_matcher_node_proto_msgTypes,
+	}.Build()
+	File_envoy_type_matcher_node_proto = out.File
+	file_envoy_type_matcher_node_proto_rawDesc = nil
+	file_envoy_type_matcher_node_proto_goTypes = nil
+	file_envoy_type_matcher_node_proto_depIdxs = nil
+}
diff --git a/vendor/github.com/envoyproxy/go-control-plane/envoy/type/matcher/node.pb.validate.go b/vendor/github.com/envoyproxy/go-control-plane/envoy/type/matcher/node.pb.validate.go
new file mode 100644
index 00000000000..24f38cad5c2
--- /dev/null
+++ b/vendor/github.com/envoyproxy/go-control-plane/envoy/type/matcher/node.pb.validate.go
@@ -0,0 +1,197 @@
+// Code generated by protoc-gen-validate. DO NOT EDIT.
+// source: envoy/type/matcher/node.proto
+
+package envoy_type_matcher
+
+import (
+	"bytes"
+	"errors"
+	"fmt"
+	"net"
+	"net/mail"
+	"net/url"
+	"regexp"
+	"sort"
+	"strings"
+	"time"
+	"unicode/utf8"
+
+	"google.golang.org/protobuf/types/known/anypb"
+)
+
+// ensure the imports are used
+var (
+	_ = bytes.MinRead
+	_ = errors.New("")
+	_ = fmt.Print
+	_ = utf8.UTFMax
+	_ = (*regexp.Regexp)(nil)
+	_ = (*strings.Reader)(nil)
+	_ = net.IPv4len
+	_ = time.Duration(0)
+	_ = (*url.URL)(nil)
+	_ = (*mail.Address)(nil)
+	_ = anypb.Any{}
+	_ = sort.Sort
+)
+
+// Validate checks the field values on NodeMatcher with the rules defined in
+// the proto definition for this message. If any rules are violated, the first
+// error encountered is returned, or nil if there are no violations.
+func (m *NodeMatcher) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on NodeMatcher with the rules defined in
+// the proto definition for this message. If any rules are violated, the
+// result is a list of violation errors wrapped in NodeMatcherMultiError, or
+// nil if none found.
+func (m *NodeMatcher) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *NodeMatcher) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	if all {
+		switch v := interface{}(m.GetNodeId()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, NodeMatcherValidationError{
+					field:  "NodeId",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, NodeMatcherValidationError{
+					field:  "NodeId",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetNodeId()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return NodeMatcherValidationError{
+				field:  "NodeId",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	for idx, item := range m.GetNodeMetadatas() {
+		_, _ = idx, item
+
+		if all {
+			switch v := interface{}(item).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, NodeMatcherValidationError{
+						field:  fmt.Sprintf("NodeMetadatas[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, NodeMatcherValidationError{
+						field:  fmt.Sprintf("NodeMetadatas[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(item).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return NodeMatcherValidationError{
+					field:  fmt.Sprintf("NodeMetadatas[%v]", idx),
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	}
+
+	if len(errors) > 0 {
+		return NodeMatcherMultiError(errors)
+	}
+	return nil
+}
+
+// NodeMatcherMultiError is an error wrapping multiple validation errors
+// returned by NodeMatcher.ValidateAll() if the designated constraints aren't met.
+type NodeMatcherMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m NodeMatcherMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m NodeMatcherMultiError) AllErrors() []error { return m }
+
+// NodeMatcherValidationError is the validation error returned by
+// NodeMatcher.Validate if the designated constraints aren't met.
+type NodeMatcherValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e NodeMatcherValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e NodeMatcherValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e NodeMatcherValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e NodeMatcherValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e NodeMatcherValidationError) ErrorName() string { return "NodeMatcherValidationError" }
+
+// Error satisfies the builtin error interface
+func (e NodeMatcherValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sNodeMatcher.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = NodeMatcherValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = NodeMatcherValidationError{}
diff --git a/vendor/github.com/envoyproxy/go-control-plane/envoy/type/matcher/number.pb.go b/vendor/github.com/envoyproxy/go-control-plane/envoy/type/matcher/number.pb.go
new file mode 100644
index 00000000000..bb172cfb275
--- /dev/null
+++ b/vendor/github.com/envoyproxy/go-control-plane/envoy/type/matcher/number.pb.go
@@ -0,0 +1,207 @@
+// Code generated by protoc-gen-go. DO NOT EDIT.
+// versions:
+// 	protoc-gen-go v1.25.0
+// 	protoc        v3.19.1
+// source: envoy/type/matcher/number.proto
+
+package envoy_type_matcher
+
+import (
+	_ "github.com/cncf/xds/go/udpa/annotations"
+	_type "github.com/envoyproxy/go-control-plane/envoy/type"
+	_ "github.com/envoyproxy/protoc-gen-validate/validate"
+	proto "github.com/golang/protobuf/proto"
+	protoreflect "google.golang.org/protobuf/reflect/protoreflect"
+	protoimpl "google.golang.org/protobuf/runtime/protoimpl"
+	reflect "reflect"
+	sync "sync"
+)
+
+const (
+	// Verify that this generated code is sufficiently up-to-date.
+	_ = protoimpl.EnforceVersion(20 - protoimpl.MinVersion)
+	// Verify that runtime/protoimpl is sufficiently up-to-date.
+	_ = protoimpl.EnforceVersion(protoimpl.MaxVersion - 20)
+)
+
+// This is a compile-time assertion that a sufficiently up-to-date version
+// of the legacy proto package is being used.
+const _ = proto.ProtoPackageIsVersion4
+
+// Specifies the way to match a double value.
+type DoubleMatcher struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// Types that are assignable to MatchPattern:
+	//	*DoubleMatcher_Range
+	//	*DoubleMatcher_Exact
+	MatchPattern isDoubleMatcher_MatchPattern `protobuf_oneof:"match_pattern"`
+}
+
+func (x *DoubleMatcher) Reset() {
+	*x = DoubleMatcher{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_type_matcher_number_proto_msgTypes[0]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *DoubleMatcher) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*DoubleMatcher) ProtoMessage() {}
+
+func (x *DoubleMatcher) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_type_matcher_number_proto_msgTypes[0]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use DoubleMatcher.ProtoReflect.Descriptor instead.
+func (*DoubleMatcher) Descriptor() ([]byte, []int) {
+	return file_envoy_type_matcher_number_proto_rawDescGZIP(), []int{0}
+}
+
+func (m *DoubleMatcher) GetMatchPattern() isDoubleMatcher_MatchPattern {
+	if m != nil {
+		return m.MatchPattern
+	}
+	return nil
+}
+
+func (x *DoubleMatcher) GetRange() *_type.DoubleRange {
+	if x, ok := x.GetMatchPattern().(*DoubleMatcher_Range); ok {
+		return x.Range
+	}
+	return nil
+}
+
+func (x *DoubleMatcher) GetExact() float64 {
+	if x, ok := x.GetMatchPattern().(*DoubleMatcher_Exact); ok {
+		return x.Exact
+	}
+	return 0
+}
+
+type isDoubleMatcher_MatchPattern interface {
+	isDoubleMatcher_MatchPattern()
+}
+
+type DoubleMatcher_Range struct {
+	// If specified, the input double value must be in the range specified here.
+	// Note: The range is using half-open interval semantics [start, end).
+	Range *_type.DoubleRange `protobuf:"bytes,1,opt,name=range,proto3,oneof"`
+}
+
+type DoubleMatcher_Exact struct {
+	// If specified, the input double value must be equal to the value specified here.
+	Exact float64 `protobuf:"fixed64,2,opt,name=exact,proto3,oneof"`
+}
+
+func (*DoubleMatcher_Range) isDoubleMatcher_MatchPattern() {}
+
+func (*DoubleMatcher_Exact) isDoubleMatcher_MatchPattern() {}
+
+var File_envoy_type_matcher_number_proto protoreflect.FileDescriptor
+
+var file_envoy_type_matcher_number_proto_rawDesc = []byte{
+	0x0a, 0x1f, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2f, 0x74, 0x79, 0x70, 0x65, 0x2f, 0x6d, 0x61, 0x74,
+	0x63, 0x68, 0x65, 0x72, 0x2f, 0x6e, 0x75, 0x6d, 0x62, 0x65, 0x72, 0x2e, 0x70, 0x72, 0x6f, 0x74,
+	0x6f, 0x12, 0x12, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x74, 0x79, 0x70, 0x65, 0x2e, 0x6d, 0x61,
+	0x74, 0x63, 0x68, 0x65, 0x72, 0x1a, 0x16, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2f, 0x74, 0x79, 0x70,
+	0x65, 0x2f, 0x72, 0x61, 0x6e, 0x67, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x1d, 0x75,
+	0x64, 0x70, 0x61, 0x2f, 0x61, 0x6e, 0x6e, 0x6f, 0x74, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x2f,
+	0x73, 0x74, 0x61, 0x74, 0x75, 0x73, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x17, 0x76, 0x61,
+	0x6c, 0x69, 0x64, 0x61, 0x74, 0x65, 0x2f, 0x76, 0x61, 0x6c, 0x69, 0x64, 0x61, 0x74, 0x65, 0x2e,
+	0x70, 0x72, 0x6f, 0x74, 0x6f, 0x22, 0x6e, 0x0a, 0x0d, 0x44, 0x6f, 0x75, 0x62, 0x6c, 0x65, 0x4d,
+	0x61, 0x74, 0x63, 0x68, 0x65, 0x72, 0x12, 0x2f, 0x0a, 0x05, 0x72, 0x61, 0x6e, 0x67, 0x65, 0x18,
+	0x01, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x17, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x74, 0x79,
+	0x70, 0x65, 0x2e, 0x44, 0x6f, 0x75, 0x62, 0x6c, 0x65, 0x52, 0x61, 0x6e, 0x67, 0x65, 0x48, 0x00,
+	0x52, 0x05, 0x72, 0x61, 0x6e, 0x67, 0x65, 0x12, 0x16, 0x0a, 0x05, 0x65, 0x78, 0x61, 0x63, 0x74,
+	0x18, 0x02, 0x20, 0x01, 0x28, 0x01, 0x48, 0x00, 0x52, 0x05, 0x65, 0x78, 0x61, 0x63, 0x74, 0x42,
+	0x14, 0x0a, 0x0d, 0x6d, 0x61, 0x74, 0x63, 0x68, 0x5f, 0x70, 0x61, 0x74, 0x74, 0x65, 0x72, 0x6e,
+	0x12, 0x03, 0xf8, 0x42, 0x01, 0x42, 0x39, 0x0a, 0x20, 0x69, 0x6f, 0x2e, 0x65, 0x6e, 0x76, 0x6f,
+	0x79, 0x70, 0x72, 0x6f, 0x78, 0x79, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x74, 0x79, 0x70,
+	0x65, 0x2e, 0x6d, 0x61, 0x74, 0x63, 0x68, 0x65, 0x72, 0x42, 0x0b, 0x4e, 0x75, 0x6d, 0x62, 0x65,
+	0x72, 0x50, 0x72, 0x6f, 0x74, 0x6f, 0x50, 0x01, 0xba, 0x80, 0xc8, 0xd1, 0x06, 0x02, 0x10, 0x01,
+	0x62, 0x06, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x33,
+}
+
+var (
+	file_envoy_type_matcher_number_proto_rawDescOnce sync.Once
+	file_envoy_type_matcher_number_proto_rawDescData = file_envoy_type_matcher_number_proto_rawDesc
+)
+
+func file_envoy_type_matcher_number_proto_rawDescGZIP() []byte {
+	file_envoy_type_matcher_number_proto_rawDescOnce.Do(func() {
+		file_envoy_type_matcher_number_proto_rawDescData = protoimpl.X.CompressGZIP(file_envoy_type_matcher_number_proto_rawDescData)
+	})
+	return file_envoy_type_matcher_number_proto_rawDescData
+}
+
+var file_envoy_type_matcher_number_proto_msgTypes = make([]protoimpl.MessageInfo, 1)
+var file_envoy_type_matcher_number_proto_goTypes = []interface{}{
+	(*DoubleMatcher)(nil),     // 0: envoy.type.matcher.DoubleMatcher
+	(*_type.DoubleRange)(nil), // 1: envoy.type.DoubleRange
+}
+var file_envoy_type_matcher_number_proto_depIdxs = []int32{
+	1, // 0: envoy.type.matcher.DoubleMatcher.range:type_name -> envoy.type.DoubleRange
+	1, // [1:1] is the sub-list for method output_type
+	1, // [1:1] is the sub-list for method input_type
+	1, // [1:1] is the sub-list for extension type_name
+	1, // [1:1] is the sub-list for extension extendee
+	0, // [0:1] is the sub-list for field type_name
+}
+
+func init() { file_envoy_type_matcher_number_proto_init() }
+func file_envoy_type_matcher_number_proto_init() {
+	if File_envoy_type_matcher_number_proto != nil {
+		return
+	}
+	if !protoimpl.UnsafeEnabled {
+		file_envoy_type_matcher_number_proto_msgTypes[0].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*DoubleMatcher); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+	}
+	file_envoy_type_matcher_number_proto_msgTypes[0].OneofWrappers = []interface{}{
+		(*DoubleMatcher_Range)(nil),
+		(*DoubleMatcher_Exact)(nil),
+	}
+	type x struct{}
+	out := protoimpl.TypeBuilder{
+		File: protoimpl.DescBuilder{
+			GoPackagePath: reflect.TypeOf(x{}).PkgPath(),
+			RawDescriptor: file_envoy_type_matcher_number_proto_rawDesc,
+			NumEnums:      0,
+			NumMessages:   1,
+			NumExtensions: 0,
+			NumServices:   0,
+		},
+		GoTypes:           file_envoy_type_matcher_number_proto_goTypes,
+		DependencyIndexes: file_envoy_type_matcher_number_proto_depIdxs,
+		MessageInfos:      file_envoy_type_matcher_number_proto_msgTypes,
+	}.Build()
+	File_envoy_type_matcher_number_proto = out.File
+	file_envoy_type_matcher_number_proto_rawDesc = nil
+	file_envoy_type_matcher_number_proto_goTypes = nil
+	file_envoy_type_matcher_number_proto_depIdxs = nil
+}
diff --git a/vendor/github.com/envoyproxy/go-control-plane/envoy/type/matcher/number.pb.validate.go b/vendor/github.com/envoyproxy/go-control-plane/envoy/type/matcher/number.pb.validate.go
new file mode 100644
index 00000000000..104f33e4764
--- /dev/null
+++ b/vendor/github.com/envoyproxy/go-control-plane/envoy/type/matcher/number.pb.validate.go
@@ -0,0 +1,183 @@
+// Code generated by protoc-gen-validate. DO NOT EDIT.
+// source: envoy/type/matcher/number.proto
+
+package envoy_type_matcher
+
+import (
+	"bytes"
+	"errors"
+	"fmt"
+	"net"
+	"net/mail"
+	"net/url"
+	"regexp"
+	"sort"
+	"strings"
+	"time"
+	"unicode/utf8"
+
+	"google.golang.org/protobuf/types/known/anypb"
+)
+
+// ensure the imports are used
+var (
+	_ = bytes.MinRead
+	_ = errors.New("")
+	_ = fmt.Print
+	_ = utf8.UTFMax
+	_ = (*regexp.Regexp)(nil)
+	_ = (*strings.Reader)(nil)
+	_ = net.IPv4len
+	_ = time.Duration(0)
+	_ = (*url.URL)(nil)
+	_ = (*mail.Address)(nil)
+	_ = anypb.Any{}
+	_ = sort.Sort
+)
+
+// Validate checks the field values on DoubleMatcher with the rules defined in
+// the proto definition for this message. If any rules are violated, the first
+// error encountered is returned, or nil if there are no violations.
+func (m *DoubleMatcher) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on DoubleMatcher with the rules defined
+// in the proto definition for this message. If any rules are violated, the
+// result is a list of violation errors wrapped in DoubleMatcherMultiError, or
+// nil if none found.
+func (m *DoubleMatcher) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *DoubleMatcher) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	switch m.MatchPattern.(type) {
+
+	case *DoubleMatcher_Range:
+
+		if all {
+			switch v := interface{}(m.GetRange()).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, DoubleMatcherValidationError{
+						field:  "Range",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, DoubleMatcherValidationError{
+						field:  "Range",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(m.GetRange()).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return DoubleMatcherValidationError{
+					field:  "Range",
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	case *DoubleMatcher_Exact:
+		// no validation rules for Exact
+
+	default:
+		err := DoubleMatcherValidationError{
+			field:  "MatchPattern",
+			reason: "value is required",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+
+	}
+
+	if len(errors) > 0 {
+		return DoubleMatcherMultiError(errors)
+	}
+	return nil
+}
+
+// DoubleMatcherMultiError is an error wrapping multiple validation errors
+// returned by DoubleMatcher.ValidateAll() if the designated constraints
+// aren't met.
+type DoubleMatcherMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m DoubleMatcherMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m DoubleMatcherMultiError) AllErrors() []error { return m }
+
+// DoubleMatcherValidationError is the validation error returned by
+// DoubleMatcher.Validate if the designated constraints aren't met.
+type DoubleMatcherValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e DoubleMatcherValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e DoubleMatcherValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e DoubleMatcherValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e DoubleMatcherValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e DoubleMatcherValidationError) ErrorName() string { return "DoubleMatcherValidationError" }
+
+// Error satisfies the builtin error interface
+func (e DoubleMatcherValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sDoubleMatcher.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = DoubleMatcherValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = DoubleMatcherValidationError{}
diff --git a/vendor/github.com/envoyproxy/go-control-plane/envoy/type/matcher/path.pb.go b/vendor/github.com/envoyproxy/go-control-plane/envoy/type/matcher/path.pb.go
new file mode 100644
index 00000000000..065b05505fe
--- /dev/null
+++ b/vendor/github.com/envoyproxy/go-control-plane/envoy/type/matcher/path.pb.go
@@ -0,0 +1,191 @@
+// Code generated by protoc-gen-go. DO NOT EDIT.
+// versions:
+// 	protoc-gen-go v1.25.0
+// 	protoc        v3.19.1
+// source: envoy/type/matcher/path.proto
+
+package envoy_type_matcher
+
+import (
+	_ "github.com/cncf/xds/go/udpa/annotations"
+	_ "github.com/envoyproxy/protoc-gen-validate/validate"
+	proto "github.com/golang/protobuf/proto"
+	protoreflect "google.golang.org/protobuf/reflect/protoreflect"
+	protoimpl "google.golang.org/protobuf/runtime/protoimpl"
+	reflect "reflect"
+	sync "sync"
+)
+
+const (
+	// Verify that this generated code is sufficiently up-to-date.
+	_ = protoimpl.EnforceVersion(20 - protoimpl.MinVersion)
+	// Verify that runtime/protoimpl is sufficiently up-to-date.
+	_ = protoimpl.EnforceVersion(protoimpl.MaxVersion - 20)
+)
+
+// This is a compile-time assertion that a sufficiently up-to-date version
+// of the legacy proto package is being used.
+const _ = proto.ProtoPackageIsVersion4
+
+// Specifies the way to match a path on HTTP request.
+type PathMatcher struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// Types that are assignable to Rule:
+	//	*PathMatcher_Path
+	Rule isPathMatcher_Rule `protobuf_oneof:"rule"`
+}
+
+func (x *PathMatcher) Reset() {
+	*x = PathMatcher{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_type_matcher_path_proto_msgTypes[0]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *PathMatcher) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*PathMatcher) ProtoMessage() {}
+
+func (x *PathMatcher) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_type_matcher_path_proto_msgTypes[0]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use PathMatcher.ProtoReflect.Descriptor instead.
+func (*PathMatcher) Descriptor() ([]byte, []int) {
+	return file_envoy_type_matcher_path_proto_rawDescGZIP(), []int{0}
+}
+
+func (m *PathMatcher) GetRule() isPathMatcher_Rule {
+	if m != nil {
+		return m.Rule
+	}
+	return nil
+}
+
+func (x *PathMatcher) GetPath() *StringMatcher {
+	if x, ok := x.GetRule().(*PathMatcher_Path); ok {
+		return x.Path
+	}
+	return nil
+}
+
+type isPathMatcher_Rule interface {
+	isPathMatcher_Rule()
+}
+
+type PathMatcher_Path struct {
+	// The `path` must match the URL path portion of the :path header. The query and fragment
+	// string (if present) are removed in the URL path portion.
+	// For example, the path */data* will match the *:path* header */data#fragment?param=value*.
+	Path *StringMatcher `protobuf:"bytes,1,opt,name=path,proto3,oneof"`
+}
+
+func (*PathMatcher_Path) isPathMatcher_Rule() {}
+
+var File_envoy_type_matcher_path_proto protoreflect.FileDescriptor
+
+var file_envoy_type_matcher_path_proto_rawDesc = []byte{
+	0x0a, 0x1d, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2f, 0x74, 0x79, 0x70, 0x65, 0x2f, 0x6d, 0x61, 0x74,
+	0x63, 0x68, 0x65, 0x72, 0x2f, 0x70, 0x61, 0x74, 0x68, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x12,
+	0x12, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x74, 0x79, 0x70, 0x65, 0x2e, 0x6d, 0x61, 0x74, 0x63,
+	0x68, 0x65, 0x72, 0x1a, 0x1f, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2f, 0x74, 0x79, 0x70, 0x65, 0x2f,
+	0x6d, 0x61, 0x74, 0x63, 0x68, 0x65, 0x72, 0x2f, 0x73, 0x74, 0x72, 0x69, 0x6e, 0x67, 0x2e, 0x70,
+	0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x1d, 0x75, 0x64, 0x70, 0x61, 0x2f, 0x61, 0x6e, 0x6e, 0x6f, 0x74,
+	0x61, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x2f, 0x73, 0x74, 0x61, 0x74, 0x75, 0x73, 0x2e, 0x70, 0x72,
+	0x6f, 0x74, 0x6f, 0x1a, 0x17, 0x76, 0x61, 0x6c, 0x69, 0x64, 0x61, 0x74, 0x65, 0x2f, 0x76, 0x61,
+	0x6c, 0x69, 0x64, 0x61, 0x74, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x22, 0x5d, 0x0a, 0x0b,
+	0x50, 0x61, 0x74, 0x68, 0x4d, 0x61, 0x74, 0x63, 0x68, 0x65, 0x72, 0x12, 0x41, 0x0a, 0x04, 0x70,
+	0x61, 0x74, 0x68, 0x18, 0x01, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x21, 0x2e, 0x65, 0x6e, 0x76, 0x6f,
+	0x79, 0x2e, 0x74, 0x79, 0x70, 0x65, 0x2e, 0x6d, 0x61, 0x74, 0x63, 0x68, 0x65, 0x72, 0x2e, 0x53,
+	0x74, 0x72, 0x69, 0x6e, 0x67, 0x4d, 0x61, 0x74, 0x63, 0x68, 0x65, 0x72, 0x42, 0x08, 0xfa, 0x42,
+	0x05, 0x8a, 0x01, 0x02, 0x10, 0x01, 0x48, 0x00, 0x52, 0x04, 0x70, 0x61, 0x74, 0x68, 0x42, 0x0b,
+	0x0a, 0x04, 0x72, 0x75, 0x6c, 0x65, 0x12, 0x03, 0xf8, 0x42, 0x01, 0x42, 0x37, 0x0a, 0x20, 0x69,
+	0x6f, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x70, 0x72, 0x6f, 0x78, 0x79, 0x2e, 0x65, 0x6e, 0x76,
+	0x6f, 0x79, 0x2e, 0x74, 0x79, 0x70, 0x65, 0x2e, 0x6d, 0x61, 0x74, 0x63, 0x68, 0x65, 0x72, 0x42,
+	0x09, 0x50, 0x61, 0x74, 0x68, 0x50, 0x72, 0x6f, 0x74, 0x6f, 0x50, 0x01, 0xba, 0x80, 0xc8, 0xd1,
+	0x06, 0x02, 0x10, 0x01, 0x62, 0x06, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x33,
+}
+
+var (
+	file_envoy_type_matcher_path_proto_rawDescOnce sync.Once
+	file_envoy_type_matcher_path_proto_rawDescData = file_envoy_type_matcher_path_proto_rawDesc
+)
+
+func file_envoy_type_matcher_path_proto_rawDescGZIP() []byte {
+	file_envoy_type_matcher_path_proto_rawDescOnce.Do(func() {
+		file_envoy_type_matcher_path_proto_rawDescData = protoimpl.X.CompressGZIP(file_envoy_type_matcher_path_proto_rawDescData)
+	})
+	return file_envoy_type_matcher_path_proto_rawDescData
+}
+
+var file_envoy_type_matcher_path_proto_msgTypes = make([]protoimpl.MessageInfo, 1)
+var file_envoy_type_matcher_path_proto_goTypes = []interface{}{
+	(*PathMatcher)(nil),   // 0: envoy.type.matcher.PathMatcher
+	(*StringMatcher)(nil), // 1: envoy.type.matcher.StringMatcher
+}
+var file_envoy_type_matcher_path_proto_depIdxs = []int32{
+	1, // 0: envoy.type.matcher.PathMatcher.path:type_name -> envoy.type.matcher.StringMatcher
+	1, // [1:1] is the sub-list for method output_type
+	1, // [1:1] is the sub-list for method input_type
+	1, // [1:1] is the sub-list for extension type_name
+	1, // [1:1] is the sub-list for extension extendee
+	0, // [0:1] is the sub-list for field type_name
+}
+
+func init() { file_envoy_type_matcher_path_proto_init() }
+func file_envoy_type_matcher_path_proto_init() {
+	if File_envoy_type_matcher_path_proto != nil {
+		return
+	}
+	file_envoy_type_matcher_string_proto_init()
+	if !protoimpl.UnsafeEnabled {
+		file_envoy_type_matcher_path_proto_msgTypes[0].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*PathMatcher); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+	}
+	file_envoy_type_matcher_path_proto_msgTypes[0].OneofWrappers = []interface{}{
+		(*PathMatcher_Path)(nil),
+	}
+	type x struct{}
+	out := protoimpl.TypeBuilder{
+		File: protoimpl.DescBuilder{
+			GoPackagePath: reflect.TypeOf(x{}).PkgPath(),
+			RawDescriptor: file_envoy_type_matcher_path_proto_rawDesc,
+			NumEnums:      0,
+			NumMessages:   1,
+			NumExtensions: 0,
+			NumServices:   0,
+		},
+		GoTypes:           file_envoy_type_matcher_path_proto_goTypes,
+		DependencyIndexes: file_envoy_type_matcher_path_proto_depIdxs,
+		MessageInfos:      file_envoy_type_matcher_path_proto_msgTypes,
+	}.Build()
+	File_envoy_type_matcher_path_proto = out.File
+	file_envoy_type_matcher_path_proto_rawDesc = nil
+	file_envoy_type_matcher_path_proto_goTypes = nil
+	file_envoy_type_matcher_path_proto_depIdxs = nil
+}
diff --git a/vendor/github.com/envoyproxy/go-control-plane/envoy/type/matcher/path.pb.validate.go b/vendor/github.com/envoyproxy/go-control-plane/envoy/type/matcher/path.pb.validate.go
new file mode 100644
index 00000000000..f9eda357384
--- /dev/null
+++ b/vendor/github.com/envoyproxy/go-control-plane/envoy/type/matcher/path.pb.validate.go
@@ -0,0 +1,190 @@
+// Code generated by protoc-gen-validate. DO NOT EDIT.
+// source: envoy/type/matcher/path.proto
+
+package envoy_type_matcher
+
+import (
+	"bytes"
+	"errors"
+	"fmt"
+	"net"
+	"net/mail"
+	"net/url"
+	"regexp"
+	"sort"
+	"strings"
+	"time"
+	"unicode/utf8"
+
+	"google.golang.org/protobuf/types/known/anypb"
+)
+
+// ensure the imports are used
+var (
+	_ = bytes.MinRead
+	_ = errors.New("")
+	_ = fmt.Print
+	_ = utf8.UTFMax
+	_ = (*regexp.Regexp)(nil)
+	_ = (*strings.Reader)(nil)
+	_ = net.IPv4len
+	_ = time.Duration(0)
+	_ = (*url.URL)(nil)
+	_ = (*mail.Address)(nil)
+	_ = anypb.Any{}
+	_ = sort.Sort
+)
+
+// Validate checks the field values on PathMatcher with the rules defined in
+// the proto definition for this message. If any rules are violated, the first
+// error encountered is returned, or nil if there are no violations.
+func (m *PathMatcher) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on PathMatcher with the rules defined in
+// the proto definition for this message. If any rules are violated, the
+// result is a list of violation errors wrapped in PathMatcherMultiError, or
+// nil if none found.
+func (m *PathMatcher) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *PathMatcher) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	switch m.Rule.(type) {
+
+	case *PathMatcher_Path:
+
+		if m.GetPath() == nil {
+			err := PathMatcherValidationError{
+				field:  "Path",
+				reason: "value is required",
+			}
+			if !all {
+				return err
+			}
+			errors = append(errors, err)
+		}
+
+		if all {
+			switch v := interface{}(m.GetPath()).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, PathMatcherValidationError{
+						field:  "Path",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, PathMatcherValidationError{
+						field:  "Path",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(m.GetPath()).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return PathMatcherValidationError{
+					field:  "Path",
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	default:
+		err := PathMatcherValidationError{
+			field:  "Rule",
+			reason: "value is required",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+
+	}
+
+	if len(errors) > 0 {
+		return PathMatcherMultiError(errors)
+	}
+	return nil
+}
+
+// PathMatcherMultiError is an error wrapping multiple validation errors
+// returned by PathMatcher.ValidateAll() if the designated constraints aren't met.
+type PathMatcherMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m PathMatcherMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m PathMatcherMultiError) AllErrors() []error { return m }
+
+// PathMatcherValidationError is the validation error returned by
+// PathMatcher.Validate if the designated constraints aren't met.
+type PathMatcherValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e PathMatcherValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e PathMatcherValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e PathMatcherValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e PathMatcherValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e PathMatcherValidationError) ErrorName() string { return "PathMatcherValidationError" }
+
+// Error satisfies the builtin error interface
+func (e PathMatcherValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sPathMatcher.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = PathMatcherValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = PathMatcherValidationError{}
diff --git a/vendor/github.com/envoyproxy/go-control-plane/envoy/type/matcher/regex.pb.go b/vendor/github.com/envoyproxy/go-control-plane/envoy/type/matcher/regex.pb.go
new file mode 100644
index 00000000000..9cee409f174
--- /dev/null
+++ b/vendor/github.com/envoyproxy/go-control-plane/envoy/type/matcher/regex.pb.go
@@ -0,0 +1,388 @@
+// Code generated by protoc-gen-go. DO NOT EDIT.
+// versions:
+// 	protoc-gen-go v1.25.0
+// 	protoc        v3.19.1
+// source: envoy/type/matcher/regex.proto
+
+package envoy_type_matcher
+
+import (
+	_ "github.com/cncf/xds/go/udpa/annotations"
+	_ "github.com/envoyproxy/protoc-gen-validate/validate"
+	proto "github.com/golang/protobuf/proto"
+	wrappers "github.com/golang/protobuf/ptypes/wrappers"
+	protoreflect "google.golang.org/protobuf/reflect/protoreflect"
+	protoimpl "google.golang.org/protobuf/runtime/protoimpl"
+	reflect "reflect"
+	sync "sync"
+)
+
+const (
+	// Verify that this generated code is sufficiently up-to-date.
+	_ = protoimpl.EnforceVersion(20 - protoimpl.MinVersion)
+	// Verify that runtime/protoimpl is sufficiently up-to-date.
+	_ = protoimpl.EnforceVersion(protoimpl.MaxVersion - 20)
+)
+
+// This is a compile-time assertion that a sufficiently up-to-date version
+// of the legacy proto package is being used.
+const _ = proto.ProtoPackageIsVersion4
+
+// A regex matcher designed for safety when used with untrusted input.
+type RegexMatcher struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// Types that are assignable to EngineType:
+	//	*RegexMatcher_GoogleRe2
+	EngineType isRegexMatcher_EngineType `protobuf_oneof:"engine_type"`
+	// The regex match string. The string must be supported by the configured engine.
+	Regex string `protobuf:"bytes,2,opt,name=regex,proto3" json:"regex,omitempty"`
+}
+
+func (x *RegexMatcher) Reset() {
+	*x = RegexMatcher{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_type_matcher_regex_proto_msgTypes[0]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *RegexMatcher) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*RegexMatcher) ProtoMessage() {}
+
+func (x *RegexMatcher) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_type_matcher_regex_proto_msgTypes[0]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use RegexMatcher.ProtoReflect.Descriptor instead.
+func (*RegexMatcher) Descriptor() ([]byte, []int) {
+	return file_envoy_type_matcher_regex_proto_rawDescGZIP(), []int{0}
+}
+
+func (m *RegexMatcher) GetEngineType() isRegexMatcher_EngineType {
+	if m != nil {
+		return m.EngineType
+	}
+	return nil
+}
+
+func (x *RegexMatcher) GetGoogleRe2() *RegexMatcher_GoogleRE2 {
+	if x, ok := x.GetEngineType().(*RegexMatcher_GoogleRe2); ok {
+		return x.GoogleRe2
+	}
+	return nil
+}
+
+func (x *RegexMatcher) GetRegex() string {
+	if x != nil {
+		return x.Regex
+	}
+	return ""
+}
+
+type isRegexMatcher_EngineType interface {
+	isRegexMatcher_EngineType()
+}
+
+type RegexMatcher_GoogleRe2 struct {
+	// Google's RE2 regex engine.
+	GoogleRe2 *RegexMatcher_GoogleRE2 `protobuf:"bytes,1,opt,name=google_re2,json=googleRe2,proto3,oneof"`
+}
+
+func (*RegexMatcher_GoogleRe2) isRegexMatcher_EngineType() {}
+
+// Describes how to match a string and then produce a new string using a regular
+// expression and a substitution string.
+type RegexMatchAndSubstitute struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// The regular expression used to find portions of a string (hereafter called
+	// the "subject string") that should be replaced. When a new string is
+	// produced during the substitution operation, the new string is initially
+	// the same as the subject string, but then all matches in the subject string
+	// are replaced by the substitution string. If replacing all matches isn't
+	// desired, regular expression anchors can be used to ensure a single match,
+	// so as to replace just one occurrence of a pattern. Capture groups can be
+	// used in the pattern to extract portions of the subject string, and then
+	// referenced in the substitution string.
+	Pattern *RegexMatcher `protobuf:"bytes,1,opt,name=pattern,proto3" json:"pattern,omitempty"`
+	// The string that should be substituted into matching portions of the
+	// subject string during a substitution operation to produce a new string.
+	// Capture groups in the pattern can be referenced in the substitution
+	// string. Note, however, that the syntax for referring to capture groups is
+	// defined by the chosen regular expression engine. Google's `RE2
+	// <https://github.com/google/re2>`_ regular expression engine uses a
+	// backslash followed by the capture group number to denote a numbered
+	// capture group. E.g., ``\1`` refers to capture group 1, and ``\2`` refers
+	// to capture group 2.
+	Substitution string `protobuf:"bytes,2,opt,name=substitution,proto3" json:"substitution,omitempty"`
+}
+
+func (x *RegexMatchAndSubstitute) Reset() {
+	*x = RegexMatchAndSubstitute{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_type_matcher_regex_proto_msgTypes[1]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *RegexMatchAndSubstitute) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*RegexMatchAndSubstitute) ProtoMessage() {}
+
+func (x *RegexMatchAndSubstitute) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_type_matcher_regex_proto_msgTypes[1]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use RegexMatchAndSubstitute.ProtoReflect.Descriptor instead.
+func (*RegexMatchAndSubstitute) Descriptor() ([]byte, []int) {
+	return file_envoy_type_matcher_regex_proto_rawDescGZIP(), []int{1}
+}
+
+func (x *RegexMatchAndSubstitute) GetPattern() *RegexMatcher {
+	if x != nil {
+		return x.Pattern
+	}
+	return nil
+}
+
+func (x *RegexMatchAndSubstitute) GetSubstitution() string {
+	if x != nil {
+		return x.Substitution
+	}
+	return ""
+}
+
+// Google's `RE2 <https://github.com/google/re2>`_ regex engine. The regex string must adhere to
+// the documented `syntax <https://github.com/google/re2/wiki/Syntax>`_. The engine is designed
+// to complete execution in linear time as well as limit the amount of memory used.
+//
+// Envoy supports program size checking via runtime. The runtime keys `re2.max_program_size.error_level`
+// and `re2.max_program_size.warn_level` can be set to integers as the maximum program size or
+// complexity that a compiled regex can have before an exception is thrown or a warning is
+// logged, respectively. `re2.max_program_size.error_level` defaults to 100, and
+// `re2.max_program_size.warn_level` has no default if unset (will not check/log a warning).
+//
+// Envoy emits two stats for tracking the program size of regexes: the histogram `re2.program_size`,
+// which records the program size, and the counter `re2.exceeded_warn_level`, which is incremented
+// each time the program size exceeds the warn level threshold.
+type RegexMatcher_GoogleRE2 struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// This field controls the RE2 "program size" which is a rough estimate of how complex a
+	// compiled regex is to evaluate. A regex that has a program size greater than the configured
+	// value will fail to compile. In this case, the configured max program size can be increased
+	// or the regex can be simplified. If not specified, the default is 100.
+	//
+	// This field is deprecated; regexp validation should be performed on the management server
+	// instead of being done by each individual client.
+	//
+	// Deprecated: Do not use.
+	MaxProgramSize *wrappers.UInt32Value `protobuf:"bytes,1,opt,name=max_program_size,json=maxProgramSize,proto3" json:"max_program_size,omitempty"`
+}
+
+func (x *RegexMatcher_GoogleRE2) Reset() {
+	*x = RegexMatcher_GoogleRE2{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_type_matcher_regex_proto_msgTypes[2]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *RegexMatcher_GoogleRE2) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*RegexMatcher_GoogleRE2) ProtoMessage() {}
+
+func (x *RegexMatcher_GoogleRE2) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_type_matcher_regex_proto_msgTypes[2]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use RegexMatcher_GoogleRE2.ProtoReflect.Descriptor instead.
+func (*RegexMatcher_GoogleRE2) Descriptor() ([]byte, []int) {
+	return file_envoy_type_matcher_regex_proto_rawDescGZIP(), []int{0, 0}
+}
+
+// Deprecated: Do not use.
+func (x *RegexMatcher_GoogleRE2) GetMaxProgramSize() *wrappers.UInt32Value {
+	if x != nil {
+		return x.MaxProgramSize
+	}
+	return nil
+}
+
+var File_envoy_type_matcher_regex_proto protoreflect.FileDescriptor
+
+var file_envoy_type_matcher_regex_proto_rawDesc = []byte{
+	0x0a, 0x1e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2f, 0x74, 0x79, 0x70, 0x65, 0x2f, 0x6d, 0x61, 0x74,
+	0x63, 0x68, 0x65, 0x72, 0x2f, 0x72, 0x65, 0x67, 0x65, 0x78, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f,
+	0x12, 0x12, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x74, 0x79, 0x70, 0x65, 0x2e, 0x6d, 0x61, 0x74,
+	0x63, 0x68, 0x65, 0x72, 0x1a, 0x1e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2f, 0x70, 0x72, 0x6f,
+	0x74, 0x6f, 0x62, 0x75, 0x66, 0x2f, 0x77, 0x72, 0x61, 0x70, 0x70, 0x65, 0x72, 0x73, 0x2e, 0x70,
+	0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x1d, 0x75, 0x64, 0x70, 0x61, 0x2f, 0x61, 0x6e, 0x6e, 0x6f, 0x74,
+	0x61, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x2f, 0x73, 0x74, 0x61, 0x74, 0x75, 0x73, 0x2e, 0x70, 0x72,
+	0x6f, 0x74, 0x6f, 0x1a, 0x17, 0x76, 0x61, 0x6c, 0x69, 0x64, 0x61, 0x74, 0x65, 0x2f, 0x76, 0x61,
+	0x6c, 0x69, 0x64, 0x61, 0x74, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x22, 0xf1, 0x01, 0x0a,
+	0x0c, 0x52, 0x65, 0x67, 0x65, 0x78, 0x4d, 0x61, 0x74, 0x63, 0x68, 0x65, 0x72, 0x12, 0x55, 0x0a,
+	0x0a, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x5f, 0x72, 0x65, 0x32, 0x18, 0x01, 0x20, 0x01, 0x28,
+	0x0b, 0x32, 0x2a, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x74, 0x79, 0x70, 0x65, 0x2e, 0x6d,
+	0x61, 0x74, 0x63, 0x68, 0x65, 0x72, 0x2e, 0x52, 0x65, 0x67, 0x65, 0x78, 0x4d, 0x61, 0x74, 0x63,
+	0x68, 0x65, 0x72, 0x2e, 0x47, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x52, 0x45, 0x32, 0x42, 0x08, 0xfa,
+	0x42, 0x05, 0x8a, 0x01, 0x02, 0x10, 0x01, 0x48, 0x00, 0x52, 0x09, 0x67, 0x6f, 0x6f, 0x67, 0x6c,
+	0x65, 0x52, 0x65, 0x32, 0x12, 0x1d, 0x0a, 0x05, 0x72, 0x65, 0x67, 0x65, 0x78, 0x18, 0x02, 0x20,
+	0x01, 0x28, 0x09, 0x42, 0x07, 0xfa, 0x42, 0x04, 0x72, 0x02, 0x10, 0x01, 0x52, 0x05, 0x72, 0x65,
+	0x67, 0x65, 0x78, 0x1a, 0x57, 0x0a, 0x09, 0x47, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x52, 0x45, 0x32,
+	0x12, 0x4a, 0x0a, 0x10, 0x6d, 0x61, 0x78, 0x5f, 0x70, 0x72, 0x6f, 0x67, 0x72, 0x61, 0x6d, 0x5f,
+	0x73, 0x69, 0x7a, 0x65, 0x18, 0x01, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1c, 0x2e, 0x67, 0x6f, 0x6f,
+	0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x55, 0x49, 0x6e,
+	0x74, 0x33, 0x32, 0x56, 0x61, 0x6c, 0x75, 0x65, 0x42, 0x02, 0x18, 0x01, 0x52, 0x0e, 0x6d, 0x61,
+	0x78, 0x50, 0x72, 0x6f, 0x67, 0x72, 0x61, 0x6d, 0x53, 0x69, 0x7a, 0x65, 0x42, 0x12, 0x0a, 0x0b,
+	0x65, 0x6e, 0x67, 0x69, 0x6e, 0x65, 0x5f, 0x74, 0x79, 0x70, 0x65, 0x12, 0x03, 0xf8, 0x42, 0x01,
+	0x22, 0x79, 0x0a, 0x17, 0x52, 0x65, 0x67, 0x65, 0x78, 0x4d, 0x61, 0x74, 0x63, 0x68, 0x41, 0x6e,
+	0x64, 0x53, 0x75, 0x62, 0x73, 0x74, 0x69, 0x74, 0x75, 0x74, 0x65, 0x12, 0x3a, 0x0a, 0x07, 0x70,
+	0x61, 0x74, 0x74, 0x65, 0x72, 0x6e, 0x18, 0x01, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x20, 0x2e, 0x65,
+	0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x74, 0x79, 0x70, 0x65, 0x2e, 0x6d, 0x61, 0x74, 0x63, 0x68, 0x65,
+	0x72, 0x2e, 0x52, 0x65, 0x67, 0x65, 0x78, 0x4d, 0x61, 0x74, 0x63, 0x68, 0x65, 0x72, 0x52, 0x07,
+	0x70, 0x61, 0x74, 0x74, 0x65, 0x72, 0x6e, 0x12, 0x22, 0x0a, 0x0c, 0x73, 0x75, 0x62, 0x73, 0x74,
+	0x69, 0x74, 0x75, 0x74, 0x69, 0x6f, 0x6e, 0x18, 0x02, 0x20, 0x01, 0x28, 0x09, 0x52, 0x0c, 0x73,
+	0x75, 0x62, 0x73, 0x74, 0x69, 0x74, 0x75, 0x74, 0x69, 0x6f, 0x6e, 0x42, 0x38, 0x0a, 0x20, 0x69,
+	0x6f, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x70, 0x72, 0x6f, 0x78, 0x79, 0x2e, 0x65, 0x6e, 0x76,
+	0x6f, 0x79, 0x2e, 0x74, 0x79, 0x70, 0x65, 0x2e, 0x6d, 0x61, 0x74, 0x63, 0x68, 0x65, 0x72, 0x42,
+	0x0a, 0x52, 0x65, 0x67, 0x65, 0x78, 0x50, 0x72, 0x6f, 0x74, 0x6f, 0x50, 0x01, 0xba, 0x80, 0xc8,
+	0xd1, 0x06, 0x02, 0x10, 0x01, 0x62, 0x06, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x33,
+}
+
+var (
+	file_envoy_type_matcher_regex_proto_rawDescOnce sync.Once
+	file_envoy_type_matcher_regex_proto_rawDescData = file_envoy_type_matcher_regex_proto_rawDesc
+)
+
+func file_envoy_type_matcher_regex_proto_rawDescGZIP() []byte {
+	file_envoy_type_matcher_regex_proto_rawDescOnce.Do(func() {
+		file_envoy_type_matcher_regex_proto_rawDescData = protoimpl.X.CompressGZIP(file_envoy_type_matcher_regex_proto_rawDescData)
+	})
+	return file_envoy_type_matcher_regex_proto_rawDescData
+}
+
+var file_envoy_type_matcher_regex_proto_msgTypes = make([]protoimpl.MessageInfo, 3)
+var file_envoy_type_matcher_regex_proto_goTypes = []interface{}{
+	(*RegexMatcher)(nil),            // 0: envoy.type.matcher.RegexMatcher
+	(*RegexMatchAndSubstitute)(nil), // 1: envoy.type.matcher.RegexMatchAndSubstitute
+	(*RegexMatcher_GoogleRE2)(nil),  // 2: envoy.type.matcher.RegexMatcher.GoogleRE2
+	(*wrappers.UInt32Value)(nil),    // 3: google.protobuf.UInt32Value
+}
+var file_envoy_type_matcher_regex_proto_depIdxs = []int32{
+	2, // 0: envoy.type.matcher.RegexMatcher.google_re2:type_name -> envoy.type.matcher.RegexMatcher.GoogleRE2
+	0, // 1: envoy.type.matcher.RegexMatchAndSubstitute.pattern:type_name -> envoy.type.matcher.RegexMatcher
+	3, // 2: envoy.type.matcher.RegexMatcher.GoogleRE2.max_program_size:type_name -> google.protobuf.UInt32Value
+	3, // [3:3] is the sub-list for method output_type
+	3, // [3:3] is the sub-list for method input_type
+	3, // [3:3] is the sub-list for extension type_name
+	3, // [3:3] is the sub-list for extension extendee
+	0, // [0:3] is the sub-list for field type_name
+}
+
+func init() { file_envoy_type_matcher_regex_proto_init() }
+func file_envoy_type_matcher_regex_proto_init() {
+	if File_envoy_type_matcher_regex_proto != nil {
+		return
+	}
+	if !protoimpl.UnsafeEnabled {
+		file_envoy_type_matcher_regex_proto_msgTypes[0].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*RegexMatcher); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_type_matcher_regex_proto_msgTypes[1].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*RegexMatchAndSubstitute); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_type_matcher_regex_proto_msgTypes[2].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*RegexMatcher_GoogleRE2); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+	}
+	file_envoy_type_matcher_regex_proto_msgTypes[0].OneofWrappers = []interface{}{
+		(*RegexMatcher_GoogleRe2)(nil),
+	}
+	type x struct{}
+	out := protoimpl.TypeBuilder{
+		File: protoimpl.DescBuilder{
+			GoPackagePath: reflect.TypeOf(x{}).PkgPath(),
+			RawDescriptor: file_envoy_type_matcher_regex_proto_rawDesc,
+			NumEnums:      0,
+			NumMessages:   3,
+			NumExtensions: 0,
+			NumServices:   0,
+		},
+		GoTypes:           file_envoy_type_matcher_regex_proto_goTypes,
+		DependencyIndexes: file_envoy_type_matcher_regex_proto_depIdxs,
+		MessageInfos:      file_envoy_type_matcher_regex_proto_msgTypes,
+	}.Build()
+	File_envoy_type_matcher_regex_proto = out.File
+	file_envoy_type_matcher_regex_proto_rawDesc = nil
+	file_envoy_type_matcher_regex_proto_goTypes = nil
+	file_envoy_type_matcher_regex_proto_depIdxs = nil
+}
diff --git a/vendor/github.com/envoyproxy/go-control-plane/envoy/type/matcher/regex.pb.validate.go b/vendor/github.com/envoyproxy/go-control-plane/envoy/type/matcher/regex.pb.validate.go
new file mode 100644
index 00000000000..414c7003cd7
--- /dev/null
+++ b/vendor/github.com/envoyproxy/go-control-plane/envoy/type/matcher/regex.pb.validate.go
@@ -0,0 +1,463 @@
+// Code generated by protoc-gen-validate. DO NOT EDIT.
+// source: envoy/type/matcher/regex.proto
+
+package envoy_type_matcher
+
+import (
+	"bytes"
+	"errors"
+	"fmt"
+	"net"
+	"net/mail"
+	"net/url"
+	"regexp"
+	"sort"
+	"strings"
+	"time"
+	"unicode/utf8"
+
+	"google.golang.org/protobuf/types/known/anypb"
+)
+
+// ensure the imports are used
+var (
+	_ = bytes.MinRead
+	_ = errors.New("")
+	_ = fmt.Print
+	_ = utf8.UTFMax
+	_ = (*regexp.Regexp)(nil)
+	_ = (*strings.Reader)(nil)
+	_ = net.IPv4len
+	_ = time.Duration(0)
+	_ = (*url.URL)(nil)
+	_ = (*mail.Address)(nil)
+	_ = anypb.Any{}
+	_ = sort.Sort
+)
+
+// Validate checks the field values on RegexMatcher with the rules defined in
+// the proto definition for this message. If any rules are violated, the first
+// error encountered is returned, or nil if there are no violations.
+func (m *RegexMatcher) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on RegexMatcher with the rules defined
+// in the proto definition for this message. If any rules are violated, the
+// result is a list of violation errors wrapped in RegexMatcherMultiError, or
+// nil if none found.
+func (m *RegexMatcher) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *RegexMatcher) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	if utf8.RuneCountInString(m.GetRegex()) < 1 {
+		err := RegexMatcherValidationError{
+			field:  "Regex",
+			reason: "value length must be at least 1 runes",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+	}
+
+	switch m.EngineType.(type) {
+
+	case *RegexMatcher_GoogleRe2:
+
+		if m.GetGoogleRe2() == nil {
+			err := RegexMatcherValidationError{
+				field:  "GoogleRe2",
+				reason: "value is required",
+			}
+			if !all {
+				return err
+			}
+			errors = append(errors, err)
+		}
+
+		if all {
+			switch v := interface{}(m.GetGoogleRe2()).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, RegexMatcherValidationError{
+						field:  "GoogleRe2",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, RegexMatcherValidationError{
+						field:  "GoogleRe2",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(m.GetGoogleRe2()).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return RegexMatcherValidationError{
+					field:  "GoogleRe2",
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	default:
+		err := RegexMatcherValidationError{
+			field:  "EngineType",
+			reason: "value is required",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+
+	}
+
+	if len(errors) > 0 {
+		return RegexMatcherMultiError(errors)
+	}
+	return nil
+}
+
+// RegexMatcherMultiError is an error wrapping multiple validation errors
+// returned by RegexMatcher.ValidateAll() if the designated constraints aren't met.
+type RegexMatcherMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m RegexMatcherMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m RegexMatcherMultiError) AllErrors() []error { return m }
+
+// RegexMatcherValidationError is the validation error returned by
+// RegexMatcher.Validate if the designated constraints aren't met.
+type RegexMatcherValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e RegexMatcherValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e RegexMatcherValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e RegexMatcherValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e RegexMatcherValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e RegexMatcherValidationError) ErrorName() string { return "RegexMatcherValidationError" }
+
+// Error satisfies the builtin error interface
+func (e RegexMatcherValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sRegexMatcher.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = RegexMatcherValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = RegexMatcherValidationError{}
+
+// Validate checks the field values on RegexMatchAndSubstitute with the rules
+// defined in the proto definition for this message. If any rules are
+// violated, the first error encountered is returned, or nil if there are no violations.
+func (m *RegexMatchAndSubstitute) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on RegexMatchAndSubstitute with the
+// rules defined in the proto definition for this message. If any rules are
+// violated, the result is a list of violation errors wrapped in
+// RegexMatchAndSubstituteMultiError, or nil if none found.
+func (m *RegexMatchAndSubstitute) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *RegexMatchAndSubstitute) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	if all {
+		switch v := interface{}(m.GetPattern()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, RegexMatchAndSubstituteValidationError{
+					field:  "Pattern",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, RegexMatchAndSubstituteValidationError{
+					field:  "Pattern",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetPattern()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return RegexMatchAndSubstituteValidationError{
+				field:  "Pattern",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	// no validation rules for Substitution
+
+	if len(errors) > 0 {
+		return RegexMatchAndSubstituteMultiError(errors)
+	}
+	return nil
+}
+
+// RegexMatchAndSubstituteMultiError is an error wrapping multiple validation
+// errors returned by RegexMatchAndSubstitute.ValidateAll() if the designated
+// constraints aren't met.
+type RegexMatchAndSubstituteMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m RegexMatchAndSubstituteMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m RegexMatchAndSubstituteMultiError) AllErrors() []error { return m }
+
+// RegexMatchAndSubstituteValidationError is the validation error returned by
+// RegexMatchAndSubstitute.Validate if the designated constraints aren't met.
+type RegexMatchAndSubstituteValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e RegexMatchAndSubstituteValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e RegexMatchAndSubstituteValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e RegexMatchAndSubstituteValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e RegexMatchAndSubstituteValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e RegexMatchAndSubstituteValidationError) ErrorName() string {
+	return "RegexMatchAndSubstituteValidationError"
+}
+
+// Error satisfies the builtin error interface
+func (e RegexMatchAndSubstituteValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sRegexMatchAndSubstitute.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = RegexMatchAndSubstituteValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = RegexMatchAndSubstituteValidationError{}
+
+// Validate checks the field values on RegexMatcher_GoogleRE2 with the rules
+// defined in the proto definition for this message. If any rules are
+// violated, the first error encountered is returned, or nil if there are no violations.
+func (m *RegexMatcher_GoogleRE2) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on RegexMatcher_GoogleRE2 with the rules
+// defined in the proto definition for this message. If any rules are
+// violated, the result is a list of violation errors wrapped in
+// RegexMatcher_GoogleRE2MultiError, or nil if none found.
+func (m *RegexMatcher_GoogleRE2) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *RegexMatcher_GoogleRE2) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	if all {
+		switch v := interface{}(m.GetMaxProgramSize()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, RegexMatcher_GoogleRE2ValidationError{
+					field:  "MaxProgramSize",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, RegexMatcher_GoogleRE2ValidationError{
+					field:  "MaxProgramSize",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetMaxProgramSize()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return RegexMatcher_GoogleRE2ValidationError{
+				field:  "MaxProgramSize",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if len(errors) > 0 {
+		return RegexMatcher_GoogleRE2MultiError(errors)
+	}
+	return nil
+}
+
+// RegexMatcher_GoogleRE2MultiError is an error wrapping multiple validation
+// errors returned by RegexMatcher_GoogleRE2.ValidateAll() if the designated
+// constraints aren't met.
+type RegexMatcher_GoogleRE2MultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m RegexMatcher_GoogleRE2MultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m RegexMatcher_GoogleRE2MultiError) AllErrors() []error { return m }
+
+// RegexMatcher_GoogleRE2ValidationError is the validation error returned by
+// RegexMatcher_GoogleRE2.Validate if the designated constraints aren't met.
+type RegexMatcher_GoogleRE2ValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e RegexMatcher_GoogleRE2ValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e RegexMatcher_GoogleRE2ValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e RegexMatcher_GoogleRE2ValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e RegexMatcher_GoogleRE2ValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e RegexMatcher_GoogleRE2ValidationError) ErrorName() string {
+	return "RegexMatcher_GoogleRE2ValidationError"
+}
+
+// Error satisfies the builtin error interface
+func (e RegexMatcher_GoogleRE2ValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sRegexMatcher_GoogleRE2.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = RegexMatcher_GoogleRE2ValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = RegexMatcher_GoogleRE2ValidationError{}
diff --git a/vendor/github.com/envoyproxy/go-control-plane/envoy/type/matcher/string.pb.go b/vendor/github.com/envoyproxy/go-control-plane/envoy/type/matcher/string.pb.go
new file mode 100644
index 00000000000..6c6227be533
--- /dev/null
+++ b/vendor/github.com/envoyproxy/go-control-plane/envoy/type/matcher/string.pb.go
@@ -0,0 +1,378 @@
+// Code generated by protoc-gen-go. DO NOT EDIT.
+// versions:
+// 	protoc-gen-go v1.25.0
+// 	protoc        v3.19.1
+// source: envoy/type/matcher/string.proto
+
+package envoy_type_matcher
+
+import (
+	_ "github.com/cncf/xds/go/udpa/annotations"
+	_ "github.com/envoyproxy/go-control-plane/envoy/annotations"
+	_ "github.com/envoyproxy/protoc-gen-validate/validate"
+	proto "github.com/golang/protobuf/proto"
+	protoreflect "google.golang.org/protobuf/reflect/protoreflect"
+	protoimpl "google.golang.org/protobuf/runtime/protoimpl"
+	reflect "reflect"
+	sync "sync"
+)
+
+const (
+	// Verify that this generated code is sufficiently up-to-date.
+	_ = protoimpl.EnforceVersion(20 - protoimpl.MinVersion)
+	// Verify that runtime/protoimpl is sufficiently up-to-date.
+	_ = protoimpl.EnforceVersion(protoimpl.MaxVersion - 20)
+)
+
+// This is a compile-time assertion that a sufficiently up-to-date version
+// of the legacy proto package is being used.
+const _ = proto.ProtoPackageIsVersion4
+
+// Specifies the way to match a string.
+// [#next-free-field: 7]
+type StringMatcher struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// Types that are assignable to MatchPattern:
+	//	*StringMatcher_Exact
+	//	*StringMatcher_Prefix
+	//	*StringMatcher_Suffix
+	//	*StringMatcher_Regex
+	//	*StringMatcher_SafeRegex
+	MatchPattern isStringMatcher_MatchPattern `protobuf_oneof:"match_pattern"`
+	// If true, indicates the exact/prefix/suffix matching should be case insensitive. This has no
+	// effect for the safe_regex match.
+	// For example, the matcher *data* will match both input string *Data* and *data* if set to true.
+	IgnoreCase bool `protobuf:"varint,6,opt,name=ignore_case,json=ignoreCase,proto3" json:"ignore_case,omitempty"`
+}
+
+func (x *StringMatcher) Reset() {
+	*x = StringMatcher{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_type_matcher_string_proto_msgTypes[0]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *StringMatcher) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*StringMatcher) ProtoMessage() {}
+
+func (x *StringMatcher) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_type_matcher_string_proto_msgTypes[0]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use StringMatcher.ProtoReflect.Descriptor instead.
+func (*StringMatcher) Descriptor() ([]byte, []int) {
+	return file_envoy_type_matcher_string_proto_rawDescGZIP(), []int{0}
+}
+
+func (m *StringMatcher) GetMatchPattern() isStringMatcher_MatchPattern {
+	if m != nil {
+		return m.MatchPattern
+	}
+	return nil
+}
+
+func (x *StringMatcher) GetExact() string {
+	if x, ok := x.GetMatchPattern().(*StringMatcher_Exact); ok {
+		return x.Exact
+	}
+	return ""
+}
+
+func (x *StringMatcher) GetPrefix() string {
+	if x, ok := x.GetMatchPattern().(*StringMatcher_Prefix); ok {
+		return x.Prefix
+	}
+	return ""
+}
+
+func (x *StringMatcher) GetSuffix() string {
+	if x, ok := x.GetMatchPattern().(*StringMatcher_Suffix); ok {
+		return x.Suffix
+	}
+	return ""
+}
+
+// Deprecated: Do not use.
+func (x *StringMatcher) GetRegex() string {
+	if x, ok := x.GetMatchPattern().(*StringMatcher_Regex); ok {
+		return x.Regex
+	}
+	return ""
+}
+
+func (x *StringMatcher) GetSafeRegex() *RegexMatcher {
+	if x, ok := x.GetMatchPattern().(*StringMatcher_SafeRegex); ok {
+		return x.SafeRegex
+	}
+	return nil
+}
+
+func (x *StringMatcher) GetIgnoreCase() bool {
+	if x != nil {
+		return x.IgnoreCase
+	}
+	return false
+}
+
+type isStringMatcher_MatchPattern interface {
+	isStringMatcher_MatchPattern()
+}
+
+type StringMatcher_Exact struct {
+	// The input string must match exactly the string specified here.
+	//
+	// Examples:
+	//
+	// * *abc* only matches the value *abc*.
+	Exact string `protobuf:"bytes,1,opt,name=exact,proto3,oneof"`
+}
+
+type StringMatcher_Prefix struct {
+	// The input string must have the prefix specified here.
+	// Note: empty prefix is not allowed, please use regex instead.
+	//
+	// Examples:
+	//
+	// * *abc* matches the value *abc.xyz*
+	Prefix string `protobuf:"bytes,2,opt,name=prefix,proto3,oneof"`
+}
+
+type StringMatcher_Suffix struct {
+	// The input string must have the suffix specified here.
+	// Note: empty prefix is not allowed, please use regex instead.
+	//
+	// Examples:
+	//
+	// * *abc* matches the value *xyz.abc*
+	Suffix string `protobuf:"bytes,3,opt,name=suffix,proto3,oneof"`
+}
+
+type StringMatcher_Regex struct {
+	// The input string must match the regular expression specified here.
+	// The regex grammar is defined `here
+	// <https://en.cppreference.com/w/cpp/regex/ecmascript>`_.
+	//
+	// Examples:
+	//
+	// * The regex ``\d{3}`` matches the value *123*
+	// * The regex ``\d{3}`` does not match the value *1234*
+	// * The regex ``\d{3}`` does not match the value *123.456*
+	//
+	// .. attention::
+	//   This field has been deprecated in favor of `safe_regex` as it is not safe for use with
+	//   untrusted input in all cases.
+	//
+	// Deprecated: Do not use.
+	Regex string `protobuf:"bytes,4,opt,name=regex,proto3,oneof"`
+}
+
+type StringMatcher_SafeRegex struct {
+	// The input string must match the regular expression specified here.
+	SafeRegex *RegexMatcher `protobuf:"bytes,5,opt,name=safe_regex,json=safeRegex,proto3,oneof"`
+}
+
+func (*StringMatcher_Exact) isStringMatcher_MatchPattern() {}
+
+func (*StringMatcher_Prefix) isStringMatcher_MatchPattern() {}
+
+func (*StringMatcher_Suffix) isStringMatcher_MatchPattern() {}
+
+func (*StringMatcher_Regex) isStringMatcher_MatchPattern() {}
+
+func (*StringMatcher_SafeRegex) isStringMatcher_MatchPattern() {}
+
+// Specifies a list of ways to match a string.
+type ListStringMatcher struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	Patterns []*StringMatcher `protobuf:"bytes,1,rep,name=patterns,proto3" json:"patterns,omitempty"`
+}
+
+func (x *ListStringMatcher) Reset() {
+	*x = ListStringMatcher{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_type_matcher_string_proto_msgTypes[1]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *ListStringMatcher) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*ListStringMatcher) ProtoMessage() {}
+
+func (x *ListStringMatcher) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_type_matcher_string_proto_msgTypes[1]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use ListStringMatcher.ProtoReflect.Descriptor instead.
+func (*ListStringMatcher) Descriptor() ([]byte, []int) {
+	return file_envoy_type_matcher_string_proto_rawDescGZIP(), []int{1}
+}
+
+func (x *ListStringMatcher) GetPatterns() []*StringMatcher {
+	if x != nil {
+		return x.Patterns
+	}
+	return nil
+}
+
+var File_envoy_type_matcher_string_proto protoreflect.FileDescriptor
+
+var file_envoy_type_matcher_string_proto_rawDesc = []byte{
+	0x0a, 0x1f, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2f, 0x74, 0x79, 0x70, 0x65, 0x2f, 0x6d, 0x61, 0x74,
+	0x63, 0x68, 0x65, 0x72, 0x2f, 0x73, 0x74, 0x72, 0x69, 0x6e, 0x67, 0x2e, 0x70, 0x72, 0x6f, 0x74,
+	0x6f, 0x12, 0x12, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x74, 0x79, 0x70, 0x65, 0x2e, 0x6d, 0x61,
+	0x74, 0x63, 0x68, 0x65, 0x72, 0x1a, 0x1e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2f, 0x74, 0x79, 0x70,
+	0x65, 0x2f, 0x6d, 0x61, 0x74, 0x63, 0x68, 0x65, 0x72, 0x2f, 0x72, 0x65, 0x67, 0x65, 0x78, 0x2e,
+	0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x23, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2f, 0x61, 0x6e, 0x6e,
+	0x6f, 0x74, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x2f, 0x64, 0x65, 0x70, 0x72, 0x65, 0x63, 0x61,
+	0x74, 0x69, 0x6f, 0x6e, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x1d, 0x75, 0x64, 0x70, 0x61,
+	0x2f, 0x61, 0x6e, 0x6e, 0x6f, 0x74, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x2f, 0x73, 0x74, 0x61,
+	0x74, 0x75, 0x73, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x17, 0x76, 0x61, 0x6c, 0x69, 0x64,
+	0x61, 0x74, 0x65, 0x2f, 0x76, 0x61, 0x6c, 0x69, 0x64, 0x61, 0x74, 0x65, 0x2e, 0x70, 0x72, 0x6f,
+	0x74, 0x6f, 0x22, 0x9b, 0x02, 0x0a, 0x0d, 0x53, 0x74, 0x72, 0x69, 0x6e, 0x67, 0x4d, 0x61, 0x74,
+	0x63, 0x68, 0x65, 0x72, 0x12, 0x16, 0x0a, 0x05, 0x65, 0x78, 0x61, 0x63, 0x74, 0x18, 0x01, 0x20,
+	0x01, 0x28, 0x09, 0x48, 0x00, 0x52, 0x05, 0x65, 0x78, 0x61, 0x63, 0x74, 0x12, 0x21, 0x0a, 0x06,
+	0x70, 0x72, 0x65, 0x66, 0x69, 0x78, 0x18, 0x02, 0x20, 0x01, 0x28, 0x09, 0x42, 0x07, 0xfa, 0x42,
+	0x04, 0x72, 0x02, 0x10, 0x01, 0x48, 0x00, 0x52, 0x06, 0x70, 0x72, 0x65, 0x66, 0x69, 0x78, 0x12,
+	0x21, 0x0a, 0x06, 0x73, 0x75, 0x66, 0x66, 0x69, 0x78, 0x18, 0x03, 0x20, 0x01, 0x28, 0x09, 0x42,
+	0x07, 0xfa, 0x42, 0x04, 0x72, 0x02, 0x10, 0x01, 0x48, 0x00, 0x52, 0x06, 0x73, 0x75, 0x66, 0x66,
+	0x69, 0x78, 0x12, 0x28, 0x0a, 0x05, 0x72, 0x65, 0x67, 0x65, 0x78, 0x18, 0x04, 0x20, 0x01, 0x28,
+	0x09, 0x42, 0x10, 0x18, 0x01, 0xfa, 0x42, 0x05, 0x72, 0x03, 0x28, 0x80, 0x08, 0xb8, 0xee, 0xf2,
+	0xd2, 0x05, 0x01, 0x48, 0x00, 0x52, 0x05, 0x72, 0x65, 0x67, 0x65, 0x78, 0x12, 0x4b, 0x0a, 0x0a,
+	0x73, 0x61, 0x66, 0x65, 0x5f, 0x72, 0x65, 0x67, 0x65, 0x78, 0x18, 0x05, 0x20, 0x01, 0x28, 0x0b,
+	0x32, 0x20, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x74, 0x79, 0x70, 0x65, 0x2e, 0x6d, 0x61,
+	0x74, 0x63, 0x68, 0x65, 0x72, 0x2e, 0x52, 0x65, 0x67, 0x65, 0x78, 0x4d, 0x61, 0x74, 0x63, 0x68,
+	0x65, 0x72, 0x42, 0x08, 0xfa, 0x42, 0x05, 0x8a, 0x01, 0x02, 0x10, 0x01, 0x48, 0x00, 0x52, 0x09,
+	0x73, 0x61, 0x66, 0x65, 0x52, 0x65, 0x67, 0x65, 0x78, 0x12, 0x1f, 0x0a, 0x0b, 0x69, 0x67, 0x6e,
+	0x6f, 0x72, 0x65, 0x5f, 0x63, 0x61, 0x73, 0x65, 0x18, 0x06, 0x20, 0x01, 0x28, 0x08, 0x52, 0x0a,
+	0x69, 0x67, 0x6e, 0x6f, 0x72, 0x65, 0x43, 0x61, 0x73, 0x65, 0x42, 0x14, 0x0a, 0x0d, 0x6d, 0x61,
+	0x74, 0x63, 0x68, 0x5f, 0x70, 0x61, 0x74, 0x74, 0x65, 0x72, 0x6e, 0x12, 0x03, 0xf8, 0x42, 0x01,
+	0x22, 0x5c, 0x0a, 0x11, 0x4c, 0x69, 0x73, 0x74, 0x53, 0x74, 0x72, 0x69, 0x6e, 0x67, 0x4d, 0x61,
+	0x74, 0x63, 0x68, 0x65, 0x72, 0x12, 0x47, 0x0a, 0x08, 0x70, 0x61, 0x74, 0x74, 0x65, 0x72, 0x6e,
+	0x73, 0x18, 0x01, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x21, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e,
+	0x74, 0x79, 0x70, 0x65, 0x2e, 0x6d, 0x61, 0x74, 0x63, 0x68, 0x65, 0x72, 0x2e, 0x53, 0x74, 0x72,
+	0x69, 0x6e, 0x67, 0x4d, 0x61, 0x74, 0x63, 0x68, 0x65, 0x72, 0x42, 0x08, 0xfa, 0x42, 0x05, 0x92,
+	0x01, 0x02, 0x08, 0x01, 0x52, 0x08, 0x70, 0x61, 0x74, 0x74, 0x65, 0x72, 0x6e, 0x73, 0x42, 0x39,
+	0x0a, 0x20, 0x69, 0x6f, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x70, 0x72, 0x6f, 0x78, 0x79, 0x2e,
+	0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x74, 0x79, 0x70, 0x65, 0x2e, 0x6d, 0x61, 0x74, 0x63, 0x68,
+	0x65, 0x72, 0x42, 0x0b, 0x53, 0x74, 0x72, 0x69, 0x6e, 0x67, 0x50, 0x72, 0x6f, 0x74, 0x6f, 0x50,
+	0x01, 0xba, 0x80, 0xc8, 0xd1, 0x06, 0x02, 0x10, 0x01, 0x62, 0x06, 0x70, 0x72, 0x6f, 0x74, 0x6f,
+	0x33,
+}
+
+var (
+	file_envoy_type_matcher_string_proto_rawDescOnce sync.Once
+	file_envoy_type_matcher_string_proto_rawDescData = file_envoy_type_matcher_string_proto_rawDesc
+)
+
+func file_envoy_type_matcher_string_proto_rawDescGZIP() []byte {
+	file_envoy_type_matcher_string_proto_rawDescOnce.Do(func() {
+		file_envoy_type_matcher_string_proto_rawDescData = protoimpl.X.CompressGZIP(file_envoy_type_matcher_string_proto_rawDescData)
+	})
+	return file_envoy_type_matcher_string_proto_rawDescData
+}
+
+var file_envoy_type_matcher_string_proto_msgTypes = make([]protoimpl.MessageInfo, 2)
+var file_envoy_type_matcher_string_proto_goTypes = []interface{}{
+	(*StringMatcher)(nil),     // 0: envoy.type.matcher.StringMatcher
+	(*ListStringMatcher)(nil), // 1: envoy.type.matcher.ListStringMatcher
+	(*RegexMatcher)(nil),      // 2: envoy.type.matcher.RegexMatcher
+}
+var file_envoy_type_matcher_string_proto_depIdxs = []int32{
+	2, // 0: envoy.type.matcher.StringMatcher.safe_regex:type_name -> envoy.type.matcher.RegexMatcher
+	0, // 1: envoy.type.matcher.ListStringMatcher.patterns:type_name -> envoy.type.matcher.StringMatcher
+	2, // [2:2] is the sub-list for method output_type
+	2, // [2:2] is the sub-list for method input_type
+	2, // [2:2] is the sub-list for extension type_name
+	2, // [2:2] is the sub-list for extension extendee
+	0, // [0:2] is the sub-list for field type_name
+}
+
+func init() { file_envoy_type_matcher_string_proto_init() }
+func file_envoy_type_matcher_string_proto_init() {
+	if File_envoy_type_matcher_string_proto != nil {
+		return
+	}
+	file_envoy_type_matcher_regex_proto_init()
+	if !protoimpl.UnsafeEnabled {
+		file_envoy_type_matcher_string_proto_msgTypes[0].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*StringMatcher); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_type_matcher_string_proto_msgTypes[1].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*ListStringMatcher); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+	}
+	file_envoy_type_matcher_string_proto_msgTypes[0].OneofWrappers = []interface{}{
+		(*StringMatcher_Exact)(nil),
+		(*StringMatcher_Prefix)(nil),
+		(*StringMatcher_Suffix)(nil),
+		(*StringMatcher_Regex)(nil),
+		(*StringMatcher_SafeRegex)(nil),
+	}
+	type x struct{}
+	out := protoimpl.TypeBuilder{
+		File: protoimpl.DescBuilder{
+			GoPackagePath: reflect.TypeOf(x{}).PkgPath(),
+			RawDescriptor: file_envoy_type_matcher_string_proto_rawDesc,
+			NumEnums:      0,
+			NumMessages:   2,
+			NumExtensions: 0,
+			NumServices:   0,
+		},
+		GoTypes:           file_envoy_type_matcher_string_proto_goTypes,
+		DependencyIndexes: file_envoy_type_matcher_string_proto_depIdxs,
+		MessageInfos:      file_envoy_type_matcher_string_proto_msgTypes,
+	}.Build()
+	File_envoy_type_matcher_string_proto = out.File
+	file_envoy_type_matcher_string_proto_rawDesc = nil
+	file_envoy_type_matcher_string_proto_goTypes = nil
+	file_envoy_type_matcher_string_proto_depIdxs = nil
+}
diff --git a/vendor/github.com/envoyproxy/go-control-plane/envoy/type/matcher/string.pb.validate.go b/vendor/github.com/envoyproxy/go-control-plane/envoy/type/matcher/string.pb.validate.go
new file mode 100644
index 00000000000..ad11f6fdef5
--- /dev/null
+++ b/vendor/github.com/envoyproxy/go-control-plane/envoy/type/matcher/string.pb.validate.go
@@ -0,0 +1,381 @@
+// Code generated by protoc-gen-validate. DO NOT EDIT.
+// source: envoy/type/matcher/string.proto
+
+package envoy_type_matcher
+
+import (
+	"bytes"
+	"errors"
+	"fmt"
+	"net"
+	"net/mail"
+	"net/url"
+	"regexp"
+	"sort"
+	"strings"
+	"time"
+	"unicode/utf8"
+
+	"google.golang.org/protobuf/types/known/anypb"
+)
+
+// ensure the imports are used
+var (
+	_ = bytes.MinRead
+	_ = errors.New("")
+	_ = fmt.Print
+	_ = utf8.UTFMax
+	_ = (*regexp.Regexp)(nil)
+	_ = (*strings.Reader)(nil)
+	_ = net.IPv4len
+	_ = time.Duration(0)
+	_ = (*url.URL)(nil)
+	_ = (*mail.Address)(nil)
+	_ = anypb.Any{}
+	_ = sort.Sort
+)
+
+// Validate checks the field values on StringMatcher with the rules defined in
+// the proto definition for this message. If any rules are violated, the first
+// error encountered is returned, or nil if there are no violations.
+func (m *StringMatcher) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on StringMatcher with the rules defined
+// in the proto definition for this message. If any rules are violated, the
+// result is a list of violation errors wrapped in StringMatcherMultiError, or
+// nil if none found.
+func (m *StringMatcher) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *StringMatcher) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	// no validation rules for IgnoreCase
+
+	switch m.MatchPattern.(type) {
+
+	case *StringMatcher_Exact:
+		// no validation rules for Exact
+
+	case *StringMatcher_Prefix:
+
+		if utf8.RuneCountInString(m.GetPrefix()) < 1 {
+			err := StringMatcherValidationError{
+				field:  "Prefix",
+				reason: "value length must be at least 1 runes",
+			}
+			if !all {
+				return err
+			}
+			errors = append(errors, err)
+		}
+
+	case *StringMatcher_Suffix:
+
+		if utf8.RuneCountInString(m.GetSuffix()) < 1 {
+			err := StringMatcherValidationError{
+				field:  "Suffix",
+				reason: "value length must be at least 1 runes",
+			}
+			if !all {
+				return err
+			}
+			errors = append(errors, err)
+		}
+
+	case *StringMatcher_Regex:
+
+		if len(m.GetRegex()) > 1024 {
+			err := StringMatcherValidationError{
+				field:  "Regex",
+				reason: "value length must be at most 1024 bytes",
+			}
+			if !all {
+				return err
+			}
+			errors = append(errors, err)
+		}
+
+	case *StringMatcher_SafeRegex:
+
+		if m.GetSafeRegex() == nil {
+			err := StringMatcherValidationError{
+				field:  "SafeRegex",
+				reason: "value is required",
+			}
+			if !all {
+				return err
+			}
+			errors = append(errors, err)
+		}
+
+		if all {
+			switch v := interface{}(m.GetSafeRegex()).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, StringMatcherValidationError{
+						field:  "SafeRegex",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, StringMatcherValidationError{
+						field:  "SafeRegex",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(m.GetSafeRegex()).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return StringMatcherValidationError{
+					field:  "SafeRegex",
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	default:
+		err := StringMatcherValidationError{
+			field:  "MatchPattern",
+			reason: "value is required",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+
+	}
+
+	if len(errors) > 0 {
+		return StringMatcherMultiError(errors)
+	}
+	return nil
+}
+
+// StringMatcherMultiError is an error wrapping multiple validation errors
+// returned by StringMatcher.ValidateAll() if the designated constraints
+// aren't met.
+type StringMatcherMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m StringMatcherMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m StringMatcherMultiError) AllErrors() []error { return m }
+
+// StringMatcherValidationError is the validation error returned by
+// StringMatcher.Validate if the designated constraints aren't met.
+type StringMatcherValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e StringMatcherValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e StringMatcherValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e StringMatcherValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e StringMatcherValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e StringMatcherValidationError) ErrorName() string { return "StringMatcherValidationError" }
+
+// Error satisfies the builtin error interface
+func (e StringMatcherValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sStringMatcher.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = StringMatcherValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = StringMatcherValidationError{}
+
+// Validate checks the field values on ListStringMatcher with the rules defined
+// in the proto definition for this message. If any rules are violated, the
+// first error encountered is returned, or nil if there are no violations.
+func (m *ListStringMatcher) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on ListStringMatcher with the rules
+// defined in the proto definition for this message. If any rules are
+// violated, the result is a list of violation errors wrapped in
+// ListStringMatcherMultiError, or nil if none found.
+func (m *ListStringMatcher) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *ListStringMatcher) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	if len(m.GetPatterns()) < 1 {
+		err := ListStringMatcherValidationError{
+			field:  "Patterns",
+			reason: "value must contain at least 1 item(s)",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+	}
+
+	for idx, item := range m.GetPatterns() {
+		_, _ = idx, item
+
+		if all {
+			switch v := interface{}(item).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, ListStringMatcherValidationError{
+						field:  fmt.Sprintf("Patterns[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, ListStringMatcherValidationError{
+						field:  fmt.Sprintf("Patterns[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(item).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return ListStringMatcherValidationError{
+					field:  fmt.Sprintf("Patterns[%v]", idx),
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	}
+
+	if len(errors) > 0 {
+		return ListStringMatcherMultiError(errors)
+	}
+	return nil
+}
+
+// ListStringMatcherMultiError is an error wrapping multiple validation errors
+// returned by ListStringMatcher.ValidateAll() if the designated constraints
+// aren't met.
+type ListStringMatcherMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m ListStringMatcherMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m ListStringMatcherMultiError) AllErrors() []error { return m }
+
+// ListStringMatcherValidationError is the validation error returned by
+// ListStringMatcher.Validate if the designated constraints aren't met.
+type ListStringMatcherValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e ListStringMatcherValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e ListStringMatcherValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e ListStringMatcherValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e ListStringMatcherValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e ListStringMatcherValidationError) ErrorName() string {
+	return "ListStringMatcherValidationError"
+}
+
+// Error satisfies the builtin error interface
+func (e ListStringMatcherValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sListStringMatcher.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = ListStringMatcherValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = ListStringMatcherValidationError{}
diff --git a/vendor/github.com/envoyproxy/go-control-plane/envoy/type/matcher/struct.pb.go b/vendor/github.com/envoyproxy/go-control-plane/envoy/type/matcher/struct.pb.go
new file mode 100644
index 00000000000..43de65dcb78
--- /dev/null
+++ b/vendor/github.com/envoyproxy/go-control-plane/envoy/type/matcher/struct.pb.go
@@ -0,0 +1,319 @@
+// Code generated by protoc-gen-go. DO NOT EDIT.
+// versions:
+// 	protoc-gen-go v1.25.0
+// 	protoc        v3.19.1
+// source: envoy/type/matcher/struct.proto
+
+package envoy_type_matcher
+
+import (
+	_ "github.com/cncf/xds/go/udpa/annotations"
+	_ "github.com/envoyproxy/protoc-gen-validate/validate"
+	proto "github.com/golang/protobuf/proto"
+	protoreflect "google.golang.org/protobuf/reflect/protoreflect"
+	protoimpl "google.golang.org/protobuf/runtime/protoimpl"
+	reflect "reflect"
+	sync "sync"
+)
+
+const (
+	// Verify that this generated code is sufficiently up-to-date.
+	_ = protoimpl.EnforceVersion(20 - protoimpl.MinVersion)
+	// Verify that runtime/protoimpl is sufficiently up-to-date.
+	_ = protoimpl.EnforceVersion(protoimpl.MaxVersion - 20)
+)
+
+// This is a compile-time assertion that a sufficiently up-to-date version
+// of the legacy proto package is being used.
+const _ = proto.ProtoPackageIsVersion4
+
+// StructMatcher provides a general interface to check if a given value is matched in
+// google.protobuf.Struct. It uses `path` to retrieve the value
+// from the struct and then check if it's matched to the specified value.
+//
+// For example, for the following Struct:
+//
+// .. code-block:: yaml
+//
+//        fields:
+//          a:
+//            struct_value:
+//              fields:
+//                b:
+//                  struct_value:
+//                    fields:
+//                      c:
+//                        string_value: pro
+//                t:
+//                  list_value:
+//                    values:
+//                      - string_value: m
+//                      - string_value: n
+//
+// The following MetadataMatcher is matched as the path [a, b, c] will retrieve a string value "pro"
+// from the Metadata which is matched to the specified prefix match.
+//
+// .. code-block:: yaml
+//
+//    path:
+//    - key: a
+//    - key: b
+//    - key: c
+//    value:
+//      string_match:
+//        prefix: pr
+//
+// The following StructMatcher is matched as the code will match one of the string values in the
+// list at the path [a, t].
+//
+// .. code-block:: yaml
+//
+//    path:
+//    - key: a
+//    - key: t
+//    value:
+//      list_match:
+//        one_of:
+//          string_match:
+//            exact: m
+//
+// An example use of StructMatcher is to match metadata in envoy.v*.core.Node.
+type StructMatcher struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// The path to retrieve the Value from the Struct.
+	Path []*StructMatcher_PathSegment `protobuf:"bytes,2,rep,name=path,proto3" json:"path,omitempty"`
+	// The StructMatcher is matched if the value retrieved by path is matched to this value.
+	Value *ValueMatcher `protobuf:"bytes,3,opt,name=value,proto3" json:"value,omitempty"`
+}
+
+func (x *StructMatcher) Reset() {
+	*x = StructMatcher{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_type_matcher_struct_proto_msgTypes[0]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *StructMatcher) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*StructMatcher) ProtoMessage() {}
+
+func (x *StructMatcher) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_type_matcher_struct_proto_msgTypes[0]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use StructMatcher.ProtoReflect.Descriptor instead.
+func (*StructMatcher) Descriptor() ([]byte, []int) {
+	return file_envoy_type_matcher_struct_proto_rawDescGZIP(), []int{0}
+}
+
+func (x *StructMatcher) GetPath() []*StructMatcher_PathSegment {
+	if x != nil {
+		return x.Path
+	}
+	return nil
+}
+
+func (x *StructMatcher) GetValue() *ValueMatcher {
+	if x != nil {
+		return x.Value
+	}
+	return nil
+}
+
+// Specifies the segment in a path to retrieve value from Struct.
+type StructMatcher_PathSegment struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// Types that are assignable to Segment:
+	//	*StructMatcher_PathSegment_Key
+	Segment isStructMatcher_PathSegment_Segment `protobuf_oneof:"segment"`
+}
+
+func (x *StructMatcher_PathSegment) Reset() {
+	*x = StructMatcher_PathSegment{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_type_matcher_struct_proto_msgTypes[1]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *StructMatcher_PathSegment) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*StructMatcher_PathSegment) ProtoMessage() {}
+
+func (x *StructMatcher_PathSegment) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_type_matcher_struct_proto_msgTypes[1]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use StructMatcher_PathSegment.ProtoReflect.Descriptor instead.
+func (*StructMatcher_PathSegment) Descriptor() ([]byte, []int) {
+	return file_envoy_type_matcher_struct_proto_rawDescGZIP(), []int{0, 0}
+}
+
+func (m *StructMatcher_PathSegment) GetSegment() isStructMatcher_PathSegment_Segment {
+	if m != nil {
+		return m.Segment
+	}
+	return nil
+}
+
+func (x *StructMatcher_PathSegment) GetKey() string {
+	if x, ok := x.GetSegment().(*StructMatcher_PathSegment_Key); ok {
+		return x.Key
+	}
+	return ""
+}
+
+type isStructMatcher_PathSegment_Segment interface {
+	isStructMatcher_PathSegment_Segment()
+}
+
+type StructMatcher_PathSegment_Key struct {
+	// If specified, use the key to retrieve the value in a Struct.
+	Key string `protobuf:"bytes,1,opt,name=key,proto3,oneof"`
+}
+
+func (*StructMatcher_PathSegment_Key) isStructMatcher_PathSegment_Segment() {}
+
+var File_envoy_type_matcher_struct_proto protoreflect.FileDescriptor
+
+var file_envoy_type_matcher_struct_proto_rawDesc = []byte{
+	0x0a, 0x1f, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2f, 0x74, 0x79, 0x70, 0x65, 0x2f, 0x6d, 0x61, 0x74,
+	0x63, 0x68, 0x65, 0x72, 0x2f, 0x73, 0x74, 0x72, 0x75, 0x63, 0x74, 0x2e, 0x70, 0x72, 0x6f, 0x74,
+	0x6f, 0x12, 0x12, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x74, 0x79, 0x70, 0x65, 0x2e, 0x6d, 0x61,
+	0x74, 0x63, 0x68, 0x65, 0x72, 0x1a, 0x1e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2f, 0x74, 0x79, 0x70,
+	0x65, 0x2f, 0x6d, 0x61, 0x74, 0x63, 0x68, 0x65, 0x72, 0x2f, 0x76, 0x61, 0x6c, 0x75, 0x65, 0x2e,
+	0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x1d, 0x75, 0x64, 0x70, 0x61, 0x2f, 0x61, 0x6e, 0x6e, 0x6f,
+	0x74, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x2f, 0x73, 0x74, 0x61, 0x74, 0x75, 0x73, 0x2e, 0x70,
+	0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x17, 0x76, 0x61, 0x6c, 0x69, 0x64, 0x61, 0x74, 0x65, 0x2f, 0x76,
+	0x61, 0x6c, 0x69, 0x64, 0x61, 0x74, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x22, 0xda, 0x01,
+	0x0a, 0x0d, 0x53, 0x74, 0x72, 0x75, 0x63, 0x74, 0x4d, 0x61, 0x74, 0x63, 0x68, 0x65, 0x72, 0x12,
+	0x4b, 0x0a, 0x04, 0x70, 0x61, 0x74, 0x68, 0x18, 0x02, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x2d, 0x2e,
+	0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x74, 0x79, 0x70, 0x65, 0x2e, 0x6d, 0x61, 0x74, 0x63, 0x68,
+	0x65, 0x72, 0x2e, 0x53, 0x74, 0x72, 0x75, 0x63, 0x74, 0x4d, 0x61, 0x74, 0x63, 0x68, 0x65, 0x72,
+	0x2e, 0x50, 0x61, 0x74, 0x68, 0x53, 0x65, 0x67, 0x6d, 0x65, 0x6e, 0x74, 0x42, 0x08, 0xfa, 0x42,
+	0x05, 0x92, 0x01, 0x02, 0x08, 0x01, 0x52, 0x04, 0x70, 0x61, 0x74, 0x68, 0x12, 0x40, 0x0a, 0x05,
+	0x76, 0x61, 0x6c, 0x75, 0x65, 0x18, 0x03, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x20, 0x2e, 0x65, 0x6e,
+	0x76, 0x6f, 0x79, 0x2e, 0x74, 0x79, 0x70, 0x65, 0x2e, 0x6d, 0x61, 0x74, 0x63, 0x68, 0x65, 0x72,
+	0x2e, 0x56, 0x61, 0x6c, 0x75, 0x65, 0x4d, 0x61, 0x74, 0x63, 0x68, 0x65, 0x72, 0x42, 0x08, 0xfa,
+	0x42, 0x05, 0x8a, 0x01, 0x02, 0x10, 0x01, 0x52, 0x05, 0x76, 0x61, 0x6c, 0x75, 0x65, 0x1a, 0x3a,
+	0x0a, 0x0b, 0x50, 0x61, 0x74, 0x68, 0x53, 0x65, 0x67, 0x6d, 0x65, 0x6e, 0x74, 0x12, 0x1b, 0x0a,
+	0x03, 0x6b, 0x65, 0x79, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x42, 0x07, 0xfa, 0x42, 0x04, 0x72,
+	0x02, 0x10, 0x01, 0x48, 0x00, 0x52, 0x03, 0x6b, 0x65, 0x79, 0x42, 0x0e, 0x0a, 0x07, 0x73, 0x65,
+	0x67, 0x6d, 0x65, 0x6e, 0x74, 0x12, 0x03, 0xf8, 0x42, 0x01, 0x42, 0x39, 0x0a, 0x20, 0x69, 0x6f,
+	0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x70, 0x72, 0x6f, 0x78, 0x79, 0x2e, 0x65, 0x6e, 0x76, 0x6f,
+	0x79, 0x2e, 0x74, 0x79, 0x70, 0x65, 0x2e, 0x6d, 0x61, 0x74, 0x63, 0x68, 0x65, 0x72, 0x42, 0x0b,
+	0x53, 0x74, 0x72, 0x75, 0x63, 0x74, 0x50, 0x72, 0x6f, 0x74, 0x6f, 0x50, 0x01, 0xba, 0x80, 0xc8,
+	0xd1, 0x06, 0x02, 0x10, 0x01, 0x62, 0x06, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x33,
+}
+
+var (
+	file_envoy_type_matcher_struct_proto_rawDescOnce sync.Once
+	file_envoy_type_matcher_struct_proto_rawDescData = file_envoy_type_matcher_struct_proto_rawDesc
+)
+
+func file_envoy_type_matcher_struct_proto_rawDescGZIP() []byte {
+	file_envoy_type_matcher_struct_proto_rawDescOnce.Do(func() {
+		file_envoy_type_matcher_struct_proto_rawDescData = protoimpl.X.CompressGZIP(file_envoy_type_matcher_struct_proto_rawDescData)
+	})
+	return file_envoy_type_matcher_struct_proto_rawDescData
+}
+
+var file_envoy_type_matcher_struct_proto_msgTypes = make([]protoimpl.MessageInfo, 2)
+var file_envoy_type_matcher_struct_proto_goTypes = []interface{}{
+	(*StructMatcher)(nil),             // 0: envoy.type.matcher.StructMatcher
+	(*StructMatcher_PathSegment)(nil), // 1: envoy.type.matcher.StructMatcher.PathSegment
+	(*ValueMatcher)(nil),              // 2: envoy.type.matcher.ValueMatcher
+}
+var file_envoy_type_matcher_struct_proto_depIdxs = []int32{
+	1, // 0: envoy.type.matcher.StructMatcher.path:type_name -> envoy.type.matcher.StructMatcher.PathSegment
+	2, // 1: envoy.type.matcher.StructMatcher.value:type_name -> envoy.type.matcher.ValueMatcher
+	2, // [2:2] is the sub-list for method output_type
+	2, // [2:2] is the sub-list for method input_type
+	2, // [2:2] is the sub-list for extension type_name
+	2, // [2:2] is the sub-list for extension extendee
+	0, // [0:2] is the sub-list for field type_name
+}
+
+func init() { file_envoy_type_matcher_struct_proto_init() }
+func file_envoy_type_matcher_struct_proto_init() {
+	if File_envoy_type_matcher_struct_proto != nil {
+		return
+	}
+	file_envoy_type_matcher_value_proto_init()
+	if !protoimpl.UnsafeEnabled {
+		file_envoy_type_matcher_struct_proto_msgTypes[0].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*StructMatcher); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_type_matcher_struct_proto_msgTypes[1].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*StructMatcher_PathSegment); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+	}
+	file_envoy_type_matcher_struct_proto_msgTypes[1].OneofWrappers = []interface{}{
+		(*StructMatcher_PathSegment_Key)(nil),
+	}
+	type x struct{}
+	out := protoimpl.TypeBuilder{
+		File: protoimpl.DescBuilder{
+			GoPackagePath: reflect.TypeOf(x{}).PkgPath(),
+			RawDescriptor: file_envoy_type_matcher_struct_proto_rawDesc,
+			NumEnums:      0,
+			NumMessages:   2,
+			NumExtensions: 0,
+			NumServices:   0,
+		},
+		GoTypes:           file_envoy_type_matcher_struct_proto_goTypes,
+		DependencyIndexes: file_envoy_type_matcher_struct_proto_depIdxs,
+		MessageInfos:      file_envoy_type_matcher_struct_proto_msgTypes,
+	}.Build()
+	File_envoy_type_matcher_struct_proto = out.File
+	file_envoy_type_matcher_struct_proto_rawDesc = nil
+	file_envoy_type_matcher_struct_proto_goTypes = nil
+	file_envoy_type_matcher_struct_proto_depIdxs = nil
+}
diff --git a/vendor/github.com/envoyproxy/go-control-plane/envoy/type/matcher/struct.pb.validate.go b/vendor/github.com/envoyproxy/go-control-plane/envoy/type/matcher/struct.pb.validate.go
new file mode 100644
index 00000000000..5e3d52b8abc
--- /dev/null
+++ b/vendor/github.com/envoyproxy/go-control-plane/envoy/type/matcher/struct.pb.validate.go
@@ -0,0 +1,348 @@
+// Code generated by protoc-gen-validate. DO NOT EDIT.
+// source: envoy/type/matcher/struct.proto
+
+package envoy_type_matcher
+
+import (
+	"bytes"
+	"errors"
+	"fmt"
+	"net"
+	"net/mail"
+	"net/url"
+	"regexp"
+	"sort"
+	"strings"
+	"time"
+	"unicode/utf8"
+
+	"google.golang.org/protobuf/types/known/anypb"
+)
+
+// ensure the imports are used
+var (
+	_ = bytes.MinRead
+	_ = errors.New("")
+	_ = fmt.Print
+	_ = utf8.UTFMax
+	_ = (*regexp.Regexp)(nil)
+	_ = (*strings.Reader)(nil)
+	_ = net.IPv4len
+	_ = time.Duration(0)
+	_ = (*url.URL)(nil)
+	_ = (*mail.Address)(nil)
+	_ = anypb.Any{}
+	_ = sort.Sort
+)
+
+// Validate checks the field values on StructMatcher with the rules defined in
+// the proto definition for this message. If any rules are violated, the first
+// error encountered is returned, or nil if there are no violations.
+func (m *StructMatcher) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on StructMatcher with the rules defined
+// in the proto definition for this message. If any rules are violated, the
+// result is a list of violation errors wrapped in StructMatcherMultiError, or
+// nil if none found.
+func (m *StructMatcher) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *StructMatcher) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	if len(m.GetPath()) < 1 {
+		err := StructMatcherValidationError{
+			field:  "Path",
+			reason: "value must contain at least 1 item(s)",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+	}
+
+	for idx, item := range m.GetPath() {
+		_, _ = idx, item
+
+		if all {
+			switch v := interface{}(item).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, StructMatcherValidationError{
+						field:  fmt.Sprintf("Path[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, StructMatcherValidationError{
+						field:  fmt.Sprintf("Path[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(item).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return StructMatcherValidationError{
+					field:  fmt.Sprintf("Path[%v]", idx),
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	}
+
+	if m.GetValue() == nil {
+		err := StructMatcherValidationError{
+			field:  "Value",
+			reason: "value is required",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+	}
+
+	if all {
+		switch v := interface{}(m.GetValue()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, StructMatcherValidationError{
+					field:  "Value",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, StructMatcherValidationError{
+					field:  "Value",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetValue()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return StructMatcherValidationError{
+				field:  "Value",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if len(errors) > 0 {
+		return StructMatcherMultiError(errors)
+	}
+	return nil
+}
+
+// StructMatcherMultiError is an error wrapping multiple validation errors
+// returned by StructMatcher.ValidateAll() if the designated constraints
+// aren't met.
+type StructMatcherMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m StructMatcherMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m StructMatcherMultiError) AllErrors() []error { return m }
+
+// StructMatcherValidationError is the validation error returned by
+// StructMatcher.Validate if the designated constraints aren't met.
+type StructMatcherValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e StructMatcherValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e StructMatcherValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e StructMatcherValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e StructMatcherValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e StructMatcherValidationError) ErrorName() string { return "StructMatcherValidationError" }
+
+// Error satisfies the builtin error interface
+func (e StructMatcherValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sStructMatcher.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = StructMatcherValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = StructMatcherValidationError{}
+
+// Validate checks the field values on StructMatcher_PathSegment with the rules
+// defined in the proto definition for this message. If any rules are
+// violated, the first error encountered is returned, or nil if there are no violations.
+func (m *StructMatcher_PathSegment) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on StructMatcher_PathSegment with the
+// rules defined in the proto definition for this message. If any rules are
+// violated, the result is a list of violation errors wrapped in
+// StructMatcher_PathSegmentMultiError, or nil if none found.
+func (m *StructMatcher_PathSegment) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *StructMatcher_PathSegment) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	switch m.Segment.(type) {
+
+	case *StructMatcher_PathSegment_Key:
+
+		if utf8.RuneCountInString(m.GetKey()) < 1 {
+			err := StructMatcher_PathSegmentValidationError{
+				field:  "Key",
+				reason: "value length must be at least 1 runes",
+			}
+			if !all {
+				return err
+			}
+			errors = append(errors, err)
+		}
+
+	default:
+		err := StructMatcher_PathSegmentValidationError{
+			field:  "Segment",
+			reason: "value is required",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+
+	}
+
+	if len(errors) > 0 {
+		return StructMatcher_PathSegmentMultiError(errors)
+	}
+	return nil
+}
+
+// StructMatcher_PathSegmentMultiError is an error wrapping multiple validation
+// errors returned by StructMatcher_PathSegment.ValidateAll() if the
+// designated constraints aren't met.
+type StructMatcher_PathSegmentMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m StructMatcher_PathSegmentMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m StructMatcher_PathSegmentMultiError) AllErrors() []error { return m }
+
+// StructMatcher_PathSegmentValidationError is the validation error returned by
+// StructMatcher_PathSegment.Validate if the designated constraints aren't met.
+type StructMatcher_PathSegmentValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e StructMatcher_PathSegmentValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e StructMatcher_PathSegmentValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e StructMatcher_PathSegmentValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e StructMatcher_PathSegmentValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e StructMatcher_PathSegmentValidationError) ErrorName() string {
+	return "StructMatcher_PathSegmentValidationError"
+}
+
+// Error satisfies the builtin error interface
+func (e StructMatcher_PathSegmentValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sStructMatcher_PathSegment.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = StructMatcher_PathSegmentValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = StructMatcher_PathSegmentValidationError{}
diff --git a/vendor/github.com/envoyproxy/go-control-plane/envoy/type/matcher/v3/http_inputs.pb.go b/vendor/github.com/envoyproxy/go-control-plane/envoy/type/matcher/v3/http_inputs.pb.go
new file mode 100644
index 00000000000..6ba9c09a4bf
--- /dev/null
+++ b/vendor/github.com/envoyproxy/go-control-plane/envoy/type/matcher/v3/http_inputs.pb.go
@@ -0,0 +1,379 @@
+// Code generated by protoc-gen-go. DO NOT EDIT.
+// versions:
+// 	protoc-gen-go v1.25.0
+// 	protoc        v3.19.1
+// source: envoy/type/matcher/v3/http_inputs.proto
+
+package envoy_type_matcher_v3
+
+import (
+	_ "github.com/cncf/xds/go/udpa/annotations"
+	_ "github.com/envoyproxy/protoc-gen-validate/validate"
+	proto "github.com/golang/protobuf/proto"
+	protoreflect "google.golang.org/protobuf/reflect/protoreflect"
+	protoimpl "google.golang.org/protobuf/runtime/protoimpl"
+	reflect "reflect"
+	sync "sync"
+)
+
+const (
+	// Verify that this generated code is sufficiently up-to-date.
+	_ = protoimpl.EnforceVersion(20 - protoimpl.MinVersion)
+	// Verify that runtime/protoimpl is sufficiently up-to-date.
+	_ = protoimpl.EnforceVersion(protoimpl.MaxVersion - 20)
+)
+
+// This is a compile-time assertion that a sufficiently up-to-date version
+// of the legacy proto package is being used.
+const _ = proto.ProtoPackageIsVersion4
+
+// Match input indicates that matching should be done on a specific request header.
+// The resulting input string will be all headers for the given key joined by a comma,
+// e.g. if the request contains two 'foo' headers with value 'bar' and 'baz', the input
+// string will be 'bar,baz'.
+// [#comment:TODO(snowp): Link to unified matching docs.]
+type HttpRequestHeaderMatchInput struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// The request header to match on.
+	HeaderName string `protobuf:"bytes,1,opt,name=header_name,json=headerName,proto3" json:"header_name,omitempty"`
+}
+
+func (x *HttpRequestHeaderMatchInput) Reset() {
+	*x = HttpRequestHeaderMatchInput{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_type_matcher_v3_http_inputs_proto_msgTypes[0]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *HttpRequestHeaderMatchInput) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*HttpRequestHeaderMatchInput) ProtoMessage() {}
+
+func (x *HttpRequestHeaderMatchInput) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_type_matcher_v3_http_inputs_proto_msgTypes[0]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use HttpRequestHeaderMatchInput.ProtoReflect.Descriptor instead.
+func (*HttpRequestHeaderMatchInput) Descriptor() ([]byte, []int) {
+	return file_envoy_type_matcher_v3_http_inputs_proto_rawDescGZIP(), []int{0}
+}
+
+func (x *HttpRequestHeaderMatchInput) GetHeaderName() string {
+	if x != nil {
+		return x.HeaderName
+	}
+	return ""
+}
+
+// Match input indicates that matching should be done on a specific request trailer.
+// The resulting input string will be all headers for the given key joined by a comma,
+// e.g. if the request contains two 'foo' headers with value 'bar' and 'baz', the input
+// string will be 'bar,baz'.
+// [#comment:TODO(snowp): Link to unified matching docs.]
+type HttpRequestTrailerMatchInput struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// The request trailer to match on.
+	HeaderName string `protobuf:"bytes,1,opt,name=header_name,json=headerName,proto3" json:"header_name,omitempty"`
+}
+
+func (x *HttpRequestTrailerMatchInput) Reset() {
+	*x = HttpRequestTrailerMatchInput{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_type_matcher_v3_http_inputs_proto_msgTypes[1]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *HttpRequestTrailerMatchInput) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*HttpRequestTrailerMatchInput) ProtoMessage() {}
+
+func (x *HttpRequestTrailerMatchInput) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_type_matcher_v3_http_inputs_proto_msgTypes[1]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use HttpRequestTrailerMatchInput.ProtoReflect.Descriptor instead.
+func (*HttpRequestTrailerMatchInput) Descriptor() ([]byte, []int) {
+	return file_envoy_type_matcher_v3_http_inputs_proto_rawDescGZIP(), []int{1}
+}
+
+func (x *HttpRequestTrailerMatchInput) GetHeaderName() string {
+	if x != nil {
+		return x.HeaderName
+	}
+	return ""
+}
+
+// Match input indicating that matching should be done on a specific response header.
+// The resulting input string will be all headers for the given key joined by a comma,
+// e.g. if the response contains two 'foo' headers with value 'bar' and 'baz', the input
+// string will be 'bar,baz'.
+// [#comment:TODO(snowp): Link to unified matching docs.]
+type HttpResponseHeaderMatchInput struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// The response header to match on.
+	HeaderName string `protobuf:"bytes,1,opt,name=header_name,json=headerName,proto3" json:"header_name,omitempty"`
+}
+
+func (x *HttpResponseHeaderMatchInput) Reset() {
+	*x = HttpResponseHeaderMatchInput{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_type_matcher_v3_http_inputs_proto_msgTypes[2]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *HttpResponseHeaderMatchInput) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*HttpResponseHeaderMatchInput) ProtoMessage() {}
+
+func (x *HttpResponseHeaderMatchInput) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_type_matcher_v3_http_inputs_proto_msgTypes[2]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use HttpResponseHeaderMatchInput.ProtoReflect.Descriptor instead.
+func (*HttpResponseHeaderMatchInput) Descriptor() ([]byte, []int) {
+	return file_envoy_type_matcher_v3_http_inputs_proto_rawDescGZIP(), []int{2}
+}
+
+func (x *HttpResponseHeaderMatchInput) GetHeaderName() string {
+	if x != nil {
+		return x.HeaderName
+	}
+	return ""
+}
+
+// Match input indicates that matching should be done on a specific response trailer.
+// The resulting input string will be all headers for the given key joined by a comma,
+// e.g. if the request contains two 'foo' headers with value 'bar' and 'baz', the input
+// string will be 'bar,baz'.
+// [#comment:TODO(snowp): Link to unified matching docs.]
+type HttpResponseTrailerMatchInput struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// The response trailer to match on.
+	HeaderName string `protobuf:"bytes,1,opt,name=header_name,json=headerName,proto3" json:"header_name,omitempty"`
+}
+
+func (x *HttpResponseTrailerMatchInput) Reset() {
+	*x = HttpResponseTrailerMatchInput{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_type_matcher_v3_http_inputs_proto_msgTypes[3]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *HttpResponseTrailerMatchInput) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*HttpResponseTrailerMatchInput) ProtoMessage() {}
+
+func (x *HttpResponseTrailerMatchInput) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_type_matcher_v3_http_inputs_proto_msgTypes[3]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use HttpResponseTrailerMatchInput.ProtoReflect.Descriptor instead.
+func (*HttpResponseTrailerMatchInput) Descriptor() ([]byte, []int) {
+	return file_envoy_type_matcher_v3_http_inputs_proto_rawDescGZIP(), []int{3}
+}
+
+func (x *HttpResponseTrailerMatchInput) GetHeaderName() string {
+	if x != nil {
+		return x.HeaderName
+	}
+	return ""
+}
+
+var File_envoy_type_matcher_v3_http_inputs_proto protoreflect.FileDescriptor
+
+var file_envoy_type_matcher_v3_http_inputs_proto_rawDesc = []byte{
+	0x0a, 0x27, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2f, 0x74, 0x79, 0x70, 0x65, 0x2f, 0x6d, 0x61, 0x74,
+	0x63, 0x68, 0x65, 0x72, 0x2f, 0x76, 0x33, 0x2f, 0x68, 0x74, 0x74, 0x70, 0x5f, 0x69, 0x6e, 0x70,
+	0x75, 0x74, 0x73, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x12, 0x15, 0x65, 0x6e, 0x76, 0x6f, 0x79,
+	0x2e, 0x74, 0x79, 0x70, 0x65, 0x2e, 0x6d, 0x61, 0x74, 0x63, 0x68, 0x65, 0x72, 0x2e, 0x76, 0x33,
+	0x1a, 0x1d, 0x75, 0x64, 0x70, 0x61, 0x2f, 0x61, 0x6e, 0x6e, 0x6f, 0x74, 0x61, 0x74, 0x69, 0x6f,
+	0x6e, 0x73, 0x2f, 0x73, 0x74, 0x61, 0x74, 0x75, 0x73, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a,
+	0x17, 0x76, 0x61, 0x6c, 0x69, 0x64, 0x61, 0x74, 0x65, 0x2f, 0x76, 0x61, 0x6c, 0x69, 0x64, 0x61,
+	0x74, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x22, 0x4b, 0x0a, 0x1b, 0x48, 0x74, 0x74, 0x70,
+	0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x48, 0x65, 0x61, 0x64, 0x65, 0x72, 0x4d, 0x61, 0x74,
+	0x63, 0x68, 0x49, 0x6e, 0x70, 0x75, 0x74, 0x12, 0x2c, 0x0a, 0x0b, 0x68, 0x65, 0x61, 0x64, 0x65,
+	0x72, 0x5f, 0x6e, 0x61, 0x6d, 0x65, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x42, 0x0b, 0xfa, 0x42,
+	0x08, 0x72, 0x06, 0xc0, 0x01, 0x01, 0xc8, 0x01, 0x00, 0x52, 0x0a, 0x68, 0x65, 0x61, 0x64, 0x65,
+	0x72, 0x4e, 0x61, 0x6d, 0x65, 0x22, 0x4c, 0x0a, 0x1c, 0x48, 0x74, 0x74, 0x70, 0x52, 0x65, 0x71,
+	0x75, 0x65, 0x73, 0x74, 0x54, 0x72, 0x61, 0x69, 0x6c, 0x65, 0x72, 0x4d, 0x61, 0x74, 0x63, 0x68,
+	0x49, 0x6e, 0x70, 0x75, 0x74, 0x12, 0x2c, 0x0a, 0x0b, 0x68, 0x65, 0x61, 0x64, 0x65, 0x72, 0x5f,
+	0x6e, 0x61, 0x6d, 0x65, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x42, 0x0b, 0xfa, 0x42, 0x08, 0x72,
+	0x06, 0xc0, 0x01, 0x01, 0xc8, 0x01, 0x00, 0x52, 0x0a, 0x68, 0x65, 0x61, 0x64, 0x65, 0x72, 0x4e,
+	0x61, 0x6d, 0x65, 0x22, 0x4c, 0x0a, 0x1c, 0x48, 0x74, 0x74, 0x70, 0x52, 0x65, 0x73, 0x70, 0x6f,
+	0x6e, 0x73, 0x65, 0x48, 0x65, 0x61, 0x64, 0x65, 0x72, 0x4d, 0x61, 0x74, 0x63, 0x68, 0x49, 0x6e,
+	0x70, 0x75, 0x74, 0x12, 0x2c, 0x0a, 0x0b, 0x68, 0x65, 0x61, 0x64, 0x65, 0x72, 0x5f, 0x6e, 0x61,
+	0x6d, 0x65, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x42, 0x0b, 0xfa, 0x42, 0x08, 0x72, 0x06, 0xc0,
+	0x01, 0x01, 0xc8, 0x01, 0x00, 0x52, 0x0a, 0x68, 0x65, 0x61, 0x64, 0x65, 0x72, 0x4e, 0x61, 0x6d,
+	0x65, 0x22, 0x4d, 0x0a, 0x1d, 0x48, 0x74, 0x74, 0x70, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73,
+	0x65, 0x54, 0x72, 0x61, 0x69, 0x6c, 0x65, 0x72, 0x4d, 0x61, 0x74, 0x63, 0x68, 0x49, 0x6e, 0x70,
+	0x75, 0x74, 0x12, 0x2c, 0x0a, 0x0b, 0x68, 0x65, 0x61, 0x64, 0x65, 0x72, 0x5f, 0x6e, 0x61, 0x6d,
+	0x65, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x42, 0x0b, 0xfa, 0x42, 0x08, 0x72, 0x06, 0xc0, 0x01,
+	0x01, 0xc8, 0x01, 0x00, 0x52, 0x0a, 0x68, 0x65, 0x61, 0x64, 0x65, 0x72, 0x4e, 0x61, 0x6d, 0x65,
+	0x42, 0x40, 0x0a, 0x23, 0x69, 0x6f, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x70, 0x72, 0x6f, 0x78,
+	0x79, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x74, 0x79, 0x70, 0x65, 0x2e, 0x6d, 0x61, 0x74,
+	0x63, 0x68, 0x65, 0x72, 0x2e, 0x76, 0x33, 0x42, 0x0f, 0x48, 0x74, 0x74, 0x70, 0x49, 0x6e, 0x70,
+	0x75, 0x74, 0x73, 0x50, 0x72, 0x6f, 0x74, 0x6f, 0x50, 0x01, 0xba, 0x80, 0xc8, 0xd1, 0x06, 0x02,
+	0x10, 0x02, 0x62, 0x06, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x33,
+}
+
+var (
+	file_envoy_type_matcher_v3_http_inputs_proto_rawDescOnce sync.Once
+	file_envoy_type_matcher_v3_http_inputs_proto_rawDescData = file_envoy_type_matcher_v3_http_inputs_proto_rawDesc
+)
+
+func file_envoy_type_matcher_v3_http_inputs_proto_rawDescGZIP() []byte {
+	file_envoy_type_matcher_v3_http_inputs_proto_rawDescOnce.Do(func() {
+		file_envoy_type_matcher_v3_http_inputs_proto_rawDescData = protoimpl.X.CompressGZIP(file_envoy_type_matcher_v3_http_inputs_proto_rawDescData)
+	})
+	return file_envoy_type_matcher_v3_http_inputs_proto_rawDescData
+}
+
+var file_envoy_type_matcher_v3_http_inputs_proto_msgTypes = make([]protoimpl.MessageInfo, 4)
+var file_envoy_type_matcher_v3_http_inputs_proto_goTypes = []interface{}{
+	(*HttpRequestHeaderMatchInput)(nil),   // 0: envoy.type.matcher.v3.HttpRequestHeaderMatchInput
+	(*HttpRequestTrailerMatchInput)(nil),  // 1: envoy.type.matcher.v3.HttpRequestTrailerMatchInput
+	(*HttpResponseHeaderMatchInput)(nil),  // 2: envoy.type.matcher.v3.HttpResponseHeaderMatchInput
+	(*HttpResponseTrailerMatchInput)(nil), // 3: envoy.type.matcher.v3.HttpResponseTrailerMatchInput
+}
+var file_envoy_type_matcher_v3_http_inputs_proto_depIdxs = []int32{
+	0, // [0:0] is the sub-list for method output_type
+	0, // [0:0] is the sub-list for method input_type
+	0, // [0:0] is the sub-list for extension type_name
+	0, // [0:0] is the sub-list for extension extendee
+	0, // [0:0] is the sub-list for field type_name
+}
+
+func init() { file_envoy_type_matcher_v3_http_inputs_proto_init() }
+func file_envoy_type_matcher_v3_http_inputs_proto_init() {
+	if File_envoy_type_matcher_v3_http_inputs_proto != nil {
+		return
+	}
+	if !protoimpl.UnsafeEnabled {
+		file_envoy_type_matcher_v3_http_inputs_proto_msgTypes[0].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*HttpRequestHeaderMatchInput); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_type_matcher_v3_http_inputs_proto_msgTypes[1].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*HttpRequestTrailerMatchInput); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_type_matcher_v3_http_inputs_proto_msgTypes[2].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*HttpResponseHeaderMatchInput); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_type_matcher_v3_http_inputs_proto_msgTypes[3].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*HttpResponseTrailerMatchInput); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+	}
+	type x struct{}
+	out := protoimpl.TypeBuilder{
+		File: protoimpl.DescBuilder{
+			GoPackagePath: reflect.TypeOf(x{}).PkgPath(),
+			RawDescriptor: file_envoy_type_matcher_v3_http_inputs_proto_rawDesc,
+			NumEnums:      0,
+			NumMessages:   4,
+			NumExtensions: 0,
+			NumServices:   0,
+		},
+		GoTypes:           file_envoy_type_matcher_v3_http_inputs_proto_goTypes,
+		DependencyIndexes: file_envoy_type_matcher_v3_http_inputs_proto_depIdxs,
+		MessageInfos:      file_envoy_type_matcher_v3_http_inputs_proto_msgTypes,
+	}.Build()
+	File_envoy_type_matcher_v3_http_inputs_proto = out.File
+	file_envoy_type_matcher_v3_http_inputs_proto_rawDesc = nil
+	file_envoy_type_matcher_v3_http_inputs_proto_goTypes = nil
+	file_envoy_type_matcher_v3_http_inputs_proto_depIdxs = nil
+}
diff --git a/vendor/github.com/envoyproxy/go-control-plane/envoy/type/matcher/v3/http_inputs.pb.validate.go b/vendor/github.com/envoyproxy/go-control-plane/envoy/type/matcher/v3/http_inputs.pb.validate.go
new file mode 100644
index 00000000000..495db61b65f
--- /dev/null
+++ b/vendor/github.com/envoyproxy/go-control-plane/envoy/type/matcher/v3/http_inputs.pb.validate.go
@@ -0,0 +1,496 @@
+// Code generated by protoc-gen-validate. DO NOT EDIT.
+// source: envoy/type/matcher/v3/http_inputs.proto
+
+package envoy_type_matcher_v3
+
+import (
+	"bytes"
+	"errors"
+	"fmt"
+	"net"
+	"net/mail"
+	"net/url"
+	"regexp"
+	"sort"
+	"strings"
+	"time"
+	"unicode/utf8"
+
+	"google.golang.org/protobuf/types/known/anypb"
+)
+
+// ensure the imports are used
+var (
+	_ = bytes.MinRead
+	_ = errors.New("")
+	_ = fmt.Print
+	_ = utf8.UTFMax
+	_ = (*regexp.Regexp)(nil)
+	_ = (*strings.Reader)(nil)
+	_ = net.IPv4len
+	_ = time.Duration(0)
+	_ = (*url.URL)(nil)
+	_ = (*mail.Address)(nil)
+	_ = anypb.Any{}
+	_ = sort.Sort
+)
+
+// Validate checks the field values on HttpRequestHeaderMatchInput with the
+// rules defined in the proto definition for this message. If any rules are
+// violated, the first error encountered is returned, or nil if there are no violations.
+func (m *HttpRequestHeaderMatchInput) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on HttpRequestHeaderMatchInput with the
+// rules defined in the proto definition for this message. If any rules are
+// violated, the result is a list of violation errors wrapped in
+// HttpRequestHeaderMatchInputMultiError, or nil if none found.
+func (m *HttpRequestHeaderMatchInput) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *HttpRequestHeaderMatchInput) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	if !_HttpRequestHeaderMatchInput_HeaderName_Pattern.MatchString(m.GetHeaderName()) {
+		err := HttpRequestHeaderMatchInputValidationError{
+			field:  "HeaderName",
+			reason: "value does not match regex pattern \"^[^\\x00\\n\\r]*$\"",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+	}
+
+	if len(errors) > 0 {
+		return HttpRequestHeaderMatchInputMultiError(errors)
+	}
+	return nil
+}
+
+// HttpRequestHeaderMatchInputMultiError is an error wrapping multiple
+// validation errors returned by HttpRequestHeaderMatchInput.ValidateAll() if
+// the designated constraints aren't met.
+type HttpRequestHeaderMatchInputMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m HttpRequestHeaderMatchInputMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m HttpRequestHeaderMatchInputMultiError) AllErrors() []error { return m }
+
+// HttpRequestHeaderMatchInputValidationError is the validation error returned
+// by HttpRequestHeaderMatchInput.Validate if the designated constraints
+// aren't met.
+type HttpRequestHeaderMatchInputValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e HttpRequestHeaderMatchInputValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e HttpRequestHeaderMatchInputValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e HttpRequestHeaderMatchInputValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e HttpRequestHeaderMatchInputValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e HttpRequestHeaderMatchInputValidationError) ErrorName() string {
+	return "HttpRequestHeaderMatchInputValidationError"
+}
+
+// Error satisfies the builtin error interface
+func (e HttpRequestHeaderMatchInputValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sHttpRequestHeaderMatchInput.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = HttpRequestHeaderMatchInputValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = HttpRequestHeaderMatchInputValidationError{}
+
+var _HttpRequestHeaderMatchInput_HeaderName_Pattern = regexp.MustCompile("^[^\x00\n\r]*$")
+
+// Validate checks the field values on HttpRequestTrailerMatchInput with the
+// rules defined in the proto definition for this message. If any rules are
+// violated, the first error encountered is returned, or nil if there are no violations.
+func (m *HttpRequestTrailerMatchInput) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on HttpRequestTrailerMatchInput with the
+// rules defined in the proto definition for this message. If any rules are
+// violated, the result is a list of violation errors wrapped in
+// HttpRequestTrailerMatchInputMultiError, or nil if none found.
+func (m *HttpRequestTrailerMatchInput) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *HttpRequestTrailerMatchInput) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	if !_HttpRequestTrailerMatchInput_HeaderName_Pattern.MatchString(m.GetHeaderName()) {
+		err := HttpRequestTrailerMatchInputValidationError{
+			field:  "HeaderName",
+			reason: "value does not match regex pattern \"^[^\\x00\\n\\r]*$\"",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+	}
+
+	if len(errors) > 0 {
+		return HttpRequestTrailerMatchInputMultiError(errors)
+	}
+	return nil
+}
+
+// HttpRequestTrailerMatchInputMultiError is an error wrapping multiple
+// validation errors returned by HttpRequestTrailerMatchInput.ValidateAll() if
+// the designated constraints aren't met.
+type HttpRequestTrailerMatchInputMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m HttpRequestTrailerMatchInputMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m HttpRequestTrailerMatchInputMultiError) AllErrors() []error { return m }
+
+// HttpRequestTrailerMatchInputValidationError is the validation error returned
+// by HttpRequestTrailerMatchInput.Validate if the designated constraints
+// aren't met.
+type HttpRequestTrailerMatchInputValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e HttpRequestTrailerMatchInputValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e HttpRequestTrailerMatchInputValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e HttpRequestTrailerMatchInputValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e HttpRequestTrailerMatchInputValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e HttpRequestTrailerMatchInputValidationError) ErrorName() string {
+	return "HttpRequestTrailerMatchInputValidationError"
+}
+
+// Error satisfies the builtin error interface
+func (e HttpRequestTrailerMatchInputValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sHttpRequestTrailerMatchInput.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = HttpRequestTrailerMatchInputValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = HttpRequestTrailerMatchInputValidationError{}
+
+var _HttpRequestTrailerMatchInput_HeaderName_Pattern = regexp.MustCompile("^[^\x00\n\r]*$")
+
+// Validate checks the field values on HttpResponseHeaderMatchInput with the
+// rules defined in the proto definition for this message. If any rules are
+// violated, the first error encountered is returned, or nil if there are no violations.
+func (m *HttpResponseHeaderMatchInput) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on HttpResponseHeaderMatchInput with the
+// rules defined in the proto definition for this message. If any rules are
+// violated, the result is a list of violation errors wrapped in
+// HttpResponseHeaderMatchInputMultiError, or nil if none found.
+func (m *HttpResponseHeaderMatchInput) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *HttpResponseHeaderMatchInput) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	if !_HttpResponseHeaderMatchInput_HeaderName_Pattern.MatchString(m.GetHeaderName()) {
+		err := HttpResponseHeaderMatchInputValidationError{
+			field:  "HeaderName",
+			reason: "value does not match regex pattern \"^[^\\x00\\n\\r]*$\"",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+	}
+
+	if len(errors) > 0 {
+		return HttpResponseHeaderMatchInputMultiError(errors)
+	}
+	return nil
+}
+
+// HttpResponseHeaderMatchInputMultiError is an error wrapping multiple
+// validation errors returned by HttpResponseHeaderMatchInput.ValidateAll() if
+// the designated constraints aren't met.
+type HttpResponseHeaderMatchInputMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m HttpResponseHeaderMatchInputMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m HttpResponseHeaderMatchInputMultiError) AllErrors() []error { return m }
+
+// HttpResponseHeaderMatchInputValidationError is the validation error returned
+// by HttpResponseHeaderMatchInput.Validate if the designated constraints
+// aren't met.
+type HttpResponseHeaderMatchInputValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e HttpResponseHeaderMatchInputValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e HttpResponseHeaderMatchInputValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e HttpResponseHeaderMatchInputValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e HttpResponseHeaderMatchInputValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e HttpResponseHeaderMatchInputValidationError) ErrorName() string {
+	return "HttpResponseHeaderMatchInputValidationError"
+}
+
+// Error satisfies the builtin error interface
+func (e HttpResponseHeaderMatchInputValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sHttpResponseHeaderMatchInput.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = HttpResponseHeaderMatchInputValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = HttpResponseHeaderMatchInputValidationError{}
+
+var _HttpResponseHeaderMatchInput_HeaderName_Pattern = regexp.MustCompile("^[^\x00\n\r]*$")
+
+// Validate checks the field values on HttpResponseTrailerMatchInput with the
+// rules defined in the proto definition for this message. If any rules are
+// violated, the first error encountered is returned, or nil if there are no violations.
+func (m *HttpResponseTrailerMatchInput) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on HttpResponseTrailerMatchInput with
+// the rules defined in the proto definition for this message. If any rules
+// are violated, the result is a list of violation errors wrapped in
+// HttpResponseTrailerMatchInputMultiError, or nil if none found.
+func (m *HttpResponseTrailerMatchInput) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *HttpResponseTrailerMatchInput) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	if !_HttpResponseTrailerMatchInput_HeaderName_Pattern.MatchString(m.GetHeaderName()) {
+		err := HttpResponseTrailerMatchInputValidationError{
+			field:  "HeaderName",
+			reason: "value does not match regex pattern \"^[^\\x00\\n\\r]*$\"",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+	}
+
+	if len(errors) > 0 {
+		return HttpResponseTrailerMatchInputMultiError(errors)
+	}
+	return nil
+}
+
+// HttpResponseTrailerMatchInputMultiError is an error wrapping multiple
+// validation errors returned by HttpResponseTrailerMatchInput.ValidateAll()
+// if the designated constraints aren't met.
+type HttpResponseTrailerMatchInputMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m HttpResponseTrailerMatchInputMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m HttpResponseTrailerMatchInputMultiError) AllErrors() []error { return m }
+
+// HttpResponseTrailerMatchInputValidationError is the validation error
+// returned by HttpResponseTrailerMatchInput.Validate if the designated
+// constraints aren't met.
+type HttpResponseTrailerMatchInputValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e HttpResponseTrailerMatchInputValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e HttpResponseTrailerMatchInputValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e HttpResponseTrailerMatchInputValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e HttpResponseTrailerMatchInputValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e HttpResponseTrailerMatchInputValidationError) ErrorName() string {
+	return "HttpResponseTrailerMatchInputValidationError"
+}
+
+// Error satisfies the builtin error interface
+func (e HttpResponseTrailerMatchInputValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sHttpResponseTrailerMatchInput.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = HttpResponseTrailerMatchInputValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = HttpResponseTrailerMatchInputValidationError{}
+
+var _HttpResponseTrailerMatchInput_HeaderName_Pattern = regexp.MustCompile("^[^\x00\n\r]*$")
diff --git a/vendor/github.com/envoyproxy/go-control-plane/envoy/type/matcher/v3/metadata.pb.go b/vendor/github.com/envoyproxy/go-control-plane/envoy/type/matcher/v3/metadata.pb.go
new file mode 100644
index 00000000000..666fbb251ec
--- /dev/null
+++ b/vendor/github.com/envoyproxy/go-control-plane/envoy/type/matcher/v3/metadata.pb.go
@@ -0,0 +1,303 @@
+// Code generated by protoc-gen-go. DO NOT EDIT.
+// versions:
+// 	protoc-gen-go v1.25.0
+// 	protoc        v3.19.1
+// source: envoy/type/matcher/v3/metadata.proto
+
+package envoy_type_matcher_v3
+
+import (
+	_ "github.com/cncf/xds/go/udpa/annotations"
+	_ "github.com/envoyproxy/protoc-gen-validate/validate"
+	proto "github.com/golang/protobuf/proto"
+	protoreflect "google.golang.org/protobuf/reflect/protoreflect"
+	protoimpl "google.golang.org/protobuf/runtime/protoimpl"
+	reflect "reflect"
+	sync "sync"
+)
+
+const (
+	// Verify that this generated code is sufficiently up-to-date.
+	_ = protoimpl.EnforceVersion(20 - protoimpl.MinVersion)
+	// Verify that runtime/protoimpl is sufficiently up-to-date.
+	_ = protoimpl.EnforceVersion(protoimpl.MaxVersion - 20)
+)
+
+// This is a compile-time assertion that a sufficiently up-to-date version
+// of the legacy proto package is being used.
+const _ = proto.ProtoPackageIsVersion4
+
+// [#next-major-version: MetadataMatcher should use StructMatcher]
+type MetadataMatcher struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// The filter name to retrieve the Struct from the Metadata.
+	Filter string `protobuf:"bytes,1,opt,name=filter,proto3" json:"filter,omitempty"`
+	// The path to retrieve the Value from the Struct.
+	Path []*MetadataMatcher_PathSegment `protobuf:"bytes,2,rep,name=path,proto3" json:"path,omitempty"`
+	// The MetadataMatcher is matched if the value retrieved by path is matched to this value.
+	Value *ValueMatcher `protobuf:"bytes,3,opt,name=value,proto3" json:"value,omitempty"`
+	// If true, the match result will be inverted.
+	Invert bool `protobuf:"varint,4,opt,name=invert,proto3" json:"invert,omitempty"`
+}
+
+func (x *MetadataMatcher) Reset() {
+	*x = MetadataMatcher{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_type_matcher_v3_metadata_proto_msgTypes[0]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *MetadataMatcher) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*MetadataMatcher) ProtoMessage() {}
+
+func (x *MetadataMatcher) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_type_matcher_v3_metadata_proto_msgTypes[0]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use MetadataMatcher.ProtoReflect.Descriptor instead.
+func (*MetadataMatcher) Descriptor() ([]byte, []int) {
+	return file_envoy_type_matcher_v3_metadata_proto_rawDescGZIP(), []int{0}
+}
+
+func (x *MetadataMatcher) GetFilter() string {
+	if x != nil {
+		return x.Filter
+	}
+	return ""
+}
+
+func (x *MetadataMatcher) GetPath() []*MetadataMatcher_PathSegment {
+	if x != nil {
+		return x.Path
+	}
+	return nil
+}
+
+func (x *MetadataMatcher) GetValue() *ValueMatcher {
+	if x != nil {
+		return x.Value
+	}
+	return nil
+}
+
+func (x *MetadataMatcher) GetInvert() bool {
+	if x != nil {
+		return x.Invert
+	}
+	return false
+}
+
+// Specifies the segment in a path to retrieve value from Metadata.
+// Note: Currently it's not supported to retrieve a value from a list in Metadata. This means that
+// if the segment key refers to a list, it has to be the last segment in a path.
+type MetadataMatcher_PathSegment struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// Types that are assignable to Segment:
+	//	*MetadataMatcher_PathSegment_Key
+	Segment isMetadataMatcher_PathSegment_Segment `protobuf_oneof:"segment"`
+}
+
+func (x *MetadataMatcher_PathSegment) Reset() {
+	*x = MetadataMatcher_PathSegment{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_type_matcher_v3_metadata_proto_msgTypes[1]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *MetadataMatcher_PathSegment) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*MetadataMatcher_PathSegment) ProtoMessage() {}
+
+func (x *MetadataMatcher_PathSegment) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_type_matcher_v3_metadata_proto_msgTypes[1]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use MetadataMatcher_PathSegment.ProtoReflect.Descriptor instead.
+func (*MetadataMatcher_PathSegment) Descriptor() ([]byte, []int) {
+	return file_envoy_type_matcher_v3_metadata_proto_rawDescGZIP(), []int{0, 0}
+}
+
+func (m *MetadataMatcher_PathSegment) GetSegment() isMetadataMatcher_PathSegment_Segment {
+	if m != nil {
+		return m.Segment
+	}
+	return nil
+}
+
+func (x *MetadataMatcher_PathSegment) GetKey() string {
+	if x, ok := x.GetSegment().(*MetadataMatcher_PathSegment_Key); ok {
+		return x.Key
+	}
+	return ""
+}
+
+type isMetadataMatcher_PathSegment_Segment interface {
+	isMetadataMatcher_PathSegment_Segment()
+}
+
+type MetadataMatcher_PathSegment_Key struct {
+	// If specified, use the key to retrieve the value in a Struct.
+	Key string `protobuf:"bytes,1,opt,name=key,proto3,oneof"`
+}
+
+func (*MetadataMatcher_PathSegment_Key) isMetadataMatcher_PathSegment_Segment() {}
+
+var File_envoy_type_matcher_v3_metadata_proto protoreflect.FileDescriptor
+
+var file_envoy_type_matcher_v3_metadata_proto_rawDesc = []byte{
+	0x0a, 0x24, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2f, 0x74, 0x79, 0x70, 0x65, 0x2f, 0x6d, 0x61, 0x74,
+	0x63, 0x68, 0x65, 0x72, 0x2f, 0x76, 0x33, 0x2f, 0x6d, 0x65, 0x74, 0x61, 0x64, 0x61, 0x74, 0x61,
+	0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x12, 0x15, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x74, 0x79,
+	0x70, 0x65, 0x2e, 0x6d, 0x61, 0x74, 0x63, 0x68, 0x65, 0x72, 0x2e, 0x76, 0x33, 0x1a, 0x21, 0x65,
+	0x6e, 0x76, 0x6f, 0x79, 0x2f, 0x74, 0x79, 0x70, 0x65, 0x2f, 0x6d, 0x61, 0x74, 0x63, 0x68, 0x65,
+	0x72, 0x2f, 0x76, 0x33, 0x2f, 0x76, 0x61, 0x6c, 0x75, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f,
+	0x1a, 0x1d, 0x75, 0x64, 0x70, 0x61, 0x2f, 0x61, 0x6e, 0x6e, 0x6f, 0x74, 0x61, 0x74, 0x69, 0x6f,
+	0x6e, 0x73, 0x2f, 0x73, 0x74, 0x61, 0x74, 0x75, 0x73, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a,
+	0x21, 0x75, 0x64, 0x70, 0x61, 0x2f, 0x61, 0x6e, 0x6e, 0x6f, 0x74, 0x61, 0x74, 0x69, 0x6f, 0x6e,
+	0x73, 0x2f, 0x76, 0x65, 0x72, 0x73, 0x69, 0x6f, 0x6e, 0x69, 0x6e, 0x67, 0x2e, 0x70, 0x72, 0x6f,
+	0x74, 0x6f, 0x1a, 0x17, 0x76, 0x61, 0x6c, 0x69, 0x64, 0x61, 0x74, 0x65, 0x2f, 0x76, 0x61, 0x6c,
+	0x69, 0x64, 0x61, 0x74, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x22, 0xff, 0x02, 0x0a, 0x0f,
+	0x4d, 0x65, 0x74, 0x61, 0x64, 0x61, 0x74, 0x61, 0x4d, 0x61, 0x74, 0x63, 0x68, 0x65, 0x72, 0x12,
+	0x1f, 0x0a, 0x06, 0x66, 0x69, 0x6c, 0x74, 0x65, 0x72, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x42,
+	0x07, 0xfa, 0x42, 0x04, 0x72, 0x02, 0x10, 0x01, 0x52, 0x06, 0x66, 0x69, 0x6c, 0x74, 0x65, 0x72,
+	0x12, 0x50, 0x0a, 0x04, 0x70, 0x61, 0x74, 0x68, 0x18, 0x02, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x32,
+	0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x74, 0x79, 0x70, 0x65, 0x2e, 0x6d, 0x61, 0x74, 0x63,
+	0x68, 0x65, 0x72, 0x2e, 0x76, 0x33, 0x2e, 0x4d, 0x65, 0x74, 0x61, 0x64, 0x61, 0x74, 0x61, 0x4d,
+	0x61, 0x74, 0x63, 0x68, 0x65, 0x72, 0x2e, 0x50, 0x61, 0x74, 0x68, 0x53, 0x65, 0x67, 0x6d, 0x65,
+	0x6e, 0x74, 0x42, 0x08, 0xfa, 0x42, 0x05, 0x92, 0x01, 0x02, 0x08, 0x01, 0x52, 0x04, 0x70, 0x61,
+	0x74, 0x68, 0x12, 0x43, 0x0a, 0x05, 0x76, 0x61, 0x6c, 0x75, 0x65, 0x18, 0x03, 0x20, 0x01, 0x28,
+	0x0b, 0x32, 0x23, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x74, 0x79, 0x70, 0x65, 0x2e, 0x6d,
+	0x61, 0x74, 0x63, 0x68, 0x65, 0x72, 0x2e, 0x76, 0x33, 0x2e, 0x56, 0x61, 0x6c, 0x75, 0x65, 0x4d,
+	0x61, 0x74, 0x63, 0x68, 0x65, 0x72, 0x42, 0x08, 0xfa, 0x42, 0x05, 0x8a, 0x01, 0x02, 0x10, 0x01,
+	0x52, 0x05, 0x76, 0x61, 0x6c, 0x75, 0x65, 0x12, 0x16, 0x0a, 0x06, 0x69, 0x6e, 0x76, 0x65, 0x72,
+	0x74, 0x18, 0x04, 0x20, 0x01, 0x28, 0x08, 0x52, 0x06, 0x69, 0x6e, 0x76, 0x65, 0x72, 0x74, 0x1a,
+	0x71, 0x0a, 0x0b, 0x50, 0x61, 0x74, 0x68, 0x53, 0x65, 0x67, 0x6d, 0x65, 0x6e, 0x74, 0x12, 0x1b,
+	0x0a, 0x03, 0x6b, 0x65, 0x79, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x42, 0x07, 0xfa, 0x42, 0x04,
+	0x72, 0x02, 0x10, 0x01, 0x48, 0x00, 0x52, 0x03, 0x6b, 0x65, 0x79, 0x3a, 0x35, 0x9a, 0xc5, 0x88,
+	0x1e, 0x30, 0x0a, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x74, 0x79, 0x70, 0x65, 0x2e, 0x6d,
+	0x61, 0x74, 0x63, 0x68, 0x65, 0x72, 0x2e, 0x4d, 0x65, 0x74, 0x61, 0x64, 0x61, 0x74, 0x61, 0x4d,
+	0x61, 0x74, 0x63, 0x68, 0x65, 0x72, 0x2e, 0x50, 0x61, 0x74, 0x68, 0x53, 0x65, 0x67, 0x6d, 0x65,
+	0x6e, 0x74, 0x42, 0x0e, 0x0a, 0x07, 0x73, 0x65, 0x67, 0x6d, 0x65, 0x6e, 0x74, 0x12, 0x03, 0xf8,
+	0x42, 0x01, 0x3a, 0x29, 0x9a, 0xc5, 0x88, 0x1e, 0x24, 0x0a, 0x22, 0x65, 0x6e, 0x76, 0x6f, 0x79,
+	0x2e, 0x74, 0x79, 0x70, 0x65, 0x2e, 0x6d, 0x61, 0x74, 0x63, 0x68, 0x65, 0x72, 0x2e, 0x4d, 0x65,
+	0x74, 0x61, 0x64, 0x61, 0x74, 0x61, 0x4d, 0x61, 0x74, 0x63, 0x68, 0x65, 0x72, 0x42, 0x3e, 0x0a,
+	0x23, 0x69, 0x6f, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x70, 0x72, 0x6f, 0x78, 0x79, 0x2e, 0x65,
+	0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x74, 0x79, 0x70, 0x65, 0x2e, 0x6d, 0x61, 0x74, 0x63, 0x68, 0x65,
+	0x72, 0x2e, 0x76, 0x33, 0x42, 0x0d, 0x4d, 0x65, 0x74, 0x61, 0x64, 0x61, 0x74, 0x61, 0x50, 0x72,
+	0x6f, 0x74, 0x6f, 0x50, 0x01, 0xba, 0x80, 0xc8, 0xd1, 0x06, 0x02, 0x10, 0x02, 0x62, 0x06, 0x70,
+	0x72, 0x6f, 0x74, 0x6f, 0x33,
+}
+
+var (
+	file_envoy_type_matcher_v3_metadata_proto_rawDescOnce sync.Once
+	file_envoy_type_matcher_v3_metadata_proto_rawDescData = file_envoy_type_matcher_v3_metadata_proto_rawDesc
+)
+
+func file_envoy_type_matcher_v3_metadata_proto_rawDescGZIP() []byte {
+	file_envoy_type_matcher_v3_metadata_proto_rawDescOnce.Do(func() {
+		file_envoy_type_matcher_v3_metadata_proto_rawDescData = protoimpl.X.CompressGZIP(file_envoy_type_matcher_v3_metadata_proto_rawDescData)
+	})
+	return file_envoy_type_matcher_v3_metadata_proto_rawDescData
+}
+
+var file_envoy_type_matcher_v3_metadata_proto_msgTypes = make([]protoimpl.MessageInfo, 2)
+var file_envoy_type_matcher_v3_metadata_proto_goTypes = []interface{}{
+	(*MetadataMatcher)(nil),             // 0: envoy.type.matcher.v3.MetadataMatcher
+	(*MetadataMatcher_PathSegment)(nil), // 1: envoy.type.matcher.v3.MetadataMatcher.PathSegment
+	(*ValueMatcher)(nil),                // 2: envoy.type.matcher.v3.ValueMatcher
+}
+var file_envoy_type_matcher_v3_metadata_proto_depIdxs = []int32{
+	1, // 0: envoy.type.matcher.v3.MetadataMatcher.path:type_name -> envoy.type.matcher.v3.MetadataMatcher.PathSegment
+	2, // 1: envoy.type.matcher.v3.MetadataMatcher.value:type_name -> envoy.type.matcher.v3.ValueMatcher
+	2, // [2:2] is the sub-list for method output_type
+	2, // [2:2] is the sub-list for method input_type
+	2, // [2:2] is the sub-list for extension type_name
+	2, // [2:2] is the sub-list for extension extendee
+	0, // [0:2] is the sub-list for field type_name
+}
+
+func init() { file_envoy_type_matcher_v3_metadata_proto_init() }
+func file_envoy_type_matcher_v3_metadata_proto_init() {
+	if File_envoy_type_matcher_v3_metadata_proto != nil {
+		return
+	}
+	file_envoy_type_matcher_v3_value_proto_init()
+	if !protoimpl.UnsafeEnabled {
+		file_envoy_type_matcher_v3_metadata_proto_msgTypes[0].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*MetadataMatcher); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_type_matcher_v3_metadata_proto_msgTypes[1].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*MetadataMatcher_PathSegment); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+	}
+	file_envoy_type_matcher_v3_metadata_proto_msgTypes[1].OneofWrappers = []interface{}{
+		(*MetadataMatcher_PathSegment_Key)(nil),
+	}
+	type x struct{}
+	out := protoimpl.TypeBuilder{
+		File: protoimpl.DescBuilder{
+			GoPackagePath: reflect.TypeOf(x{}).PkgPath(),
+			RawDescriptor: file_envoy_type_matcher_v3_metadata_proto_rawDesc,
+			NumEnums:      0,
+			NumMessages:   2,
+			NumExtensions: 0,
+			NumServices:   0,
+		},
+		GoTypes:           file_envoy_type_matcher_v3_metadata_proto_goTypes,
+		DependencyIndexes: file_envoy_type_matcher_v3_metadata_proto_depIdxs,
+		MessageInfos:      file_envoy_type_matcher_v3_metadata_proto_msgTypes,
+	}.Build()
+	File_envoy_type_matcher_v3_metadata_proto = out.File
+	file_envoy_type_matcher_v3_metadata_proto_rawDesc = nil
+	file_envoy_type_matcher_v3_metadata_proto_goTypes = nil
+	file_envoy_type_matcher_v3_metadata_proto_depIdxs = nil
+}
diff --git a/vendor/github.com/envoyproxy/go-control-plane/envoy/type/matcher/v3/metadata.pb.validate.go b/vendor/github.com/envoyproxy/go-control-plane/envoy/type/matcher/v3/metadata.pb.validate.go
new file mode 100644
index 00000000000..0e74b633b71
--- /dev/null
+++ b/vendor/github.com/envoyproxy/go-control-plane/envoy/type/matcher/v3/metadata.pb.validate.go
@@ -0,0 +1,362 @@
+// Code generated by protoc-gen-validate. DO NOT EDIT.
+// source: envoy/type/matcher/v3/metadata.proto
+
+package envoy_type_matcher_v3
+
+import (
+	"bytes"
+	"errors"
+	"fmt"
+	"net"
+	"net/mail"
+	"net/url"
+	"regexp"
+	"sort"
+	"strings"
+	"time"
+	"unicode/utf8"
+
+	"google.golang.org/protobuf/types/known/anypb"
+)
+
+// ensure the imports are used
+var (
+	_ = bytes.MinRead
+	_ = errors.New("")
+	_ = fmt.Print
+	_ = utf8.UTFMax
+	_ = (*regexp.Regexp)(nil)
+	_ = (*strings.Reader)(nil)
+	_ = net.IPv4len
+	_ = time.Duration(0)
+	_ = (*url.URL)(nil)
+	_ = (*mail.Address)(nil)
+	_ = anypb.Any{}
+	_ = sort.Sort
+)
+
+// Validate checks the field values on MetadataMatcher with the rules defined
+// in the proto definition for this message. If any rules are violated, the
+// first error encountered is returned, or nil if there are no violations.
+func (m *MetadataMatcher) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on MetadataMatcher with the rules
+// defined in the proto definition for this message. If any rules are
+// violated, the result is a list of violation errors wrapped in
+// MetadataMatcherMultiError, or nil if none found.
+func (m *MetadataMatcher) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *MetadataMatcher) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	if utf8.RuneCountInString(m.GetFilter()) < 1 {
+		err := MetadataMatcherValidationError{
+			field:  "Filter",
+			reason: "value length must be at least 1 runes",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+	}
+
+	if len(m.GetPath()) < 1 {
+		err := MetadataMatcherValidationError{
+			field:  "Path",
+			reason: "value must contain at least 1 item(s)",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+	}
+
+	for idx, item := range m.GetPath() {
+		_, _ = idx, item
+
+		if all {
+			switch v := interface{}(item).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, MetadataMatcherValidationError{
+						field:  fmt.Sprintf("Path[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, MetadataMatcherValidationError{
+						field:  fmt.Sprintf("Path[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(item).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return MetadataMatcherValidationError{
+					field:  fmt.Sprintf("Path[%v]", idx),
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	}
+
+	if m.GetValue() == nil {
+		err := MetadataMatcherValidationError{
+			field:  "Value",
+			reason: "value is required",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+	}
+
+	if all {
+		switch v := interface{}(m.GetValue()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, MetadataMatcherValidationError{
+					field:  "Value",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, MetadataMatcherValidationError{
+					field:  "Value",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetValue()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return MetadataMatcherValidationError{
+				field:  "Value",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	// no validation rules for Invert
+
+	if len(errors) > 0 {
+		return MetadataMatcherMultiError(errors)
+	}
+	return nil
+}
+
+// MetadataMatcherMultiError is an error wrapping multiple validation errors
+// returned by MetadataMatcher.ValidateAll() if the designated constraints
+// aren't met.
+type MetadataMatcherMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m MetadataMatcherMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m MetadataMatcherMultiError) AllErrors() []error { return m }
+
+// MetadataMatcherValidationError is the validation error returned by
+// MetadataMatcher.Validate if the designated constraints aren't met.
+type MetadataMatcherValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e MetadataMatcherValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e MetadataMatcherValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e MetadataMatcherValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e MetadataMatcherValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e MetadataMatcherValidationError) ErrorName() string { return "MetadataMatcherValidationError" }
+
+// Error satisfies the builtin error interface
+func (e MetadataMatcherValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sMetadataMatcher.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = MetadataMatcherValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = MetadataMatcherValidationError{}
+
+// Validate checks the field values on MetadataMatcher_PathSegment with the
+// rules defined in the proto definition for this message. If any rules are
+// violated, the first error encountered is returned, or nil if there are no violations.
+func (m *MetadataMatcher_PathSegment) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on MetadataMatcher_PathSegment with the
+// rules defined in the proto definition for this message. If any rules are
+// violated, the result is a list of violation errors wrapped in
+// MetadataMatcher_PathSegmentMultiError, or nil if none found.
+func (m *MetadataMatcher_PathSegment) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *MetadataMatcher_PathSegment) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	switch m.Segment.(type) {
+
+	case *MetadataMatcher_PathSegment_Key:
+
+		if utf8.RuneCountInString(m.GetKey()) < 1 {
+			err := MetadataMatcher_PathSegmentValidationError{
+				field:  "Key",
+				reason: "value length must be at least 1 runes",
+			}
+			if !all {
+				return err
+			}
+			errors = append(errors, err)
+		}
+
+	default:
+		err := MetadataMatcher_PathSegmentValidationError{
+			field:  "Segment",
+			reason: "value is required",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+
+	}
+
+	if len(errors) > 0 {
+		return MetadataMatcher_PathSegmentMultiError(errors)
+	}
+	return nil
+}
+
+// MetadataMatcher_PathSegmentMultiError is an error wrapping multiple
+// validation errors returned by MetadataMatcher_PathSegment.ValidateAll() if
+// the designated constraints aren't met.
+type MetadataMatcher_PathSegmentMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m MetadataMatcher_PathSegmentMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m MetadataMatcher_PathSegmentMultiError) AllErrors() []error { return m }
+
+// MetadataMatcher_PathSegmentValidationError is the validation error returned
+// by MetadataMatcher_PathSegment.Validate if the designated constraints
+// aren't met.
+type MetadataMatcher_PathSegmentValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e MetadataMatcher_PathSegmentValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e MetadataMatcher_PathSegmentValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e MetadataMatcher_PathSegmentValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e MetadataMatcher_PathSegmentValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e MetadataMatcher_PathSegmentValidationError) ErrorName() string {
+	return "MetadataMatcher_PathSegmentValidationError"
+}
+
+// Error satisfies the builtin error interface
+func (e MetadataMatcher_PathSegmentValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sMetadataMatcher_PathSegment.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = MetadataMatcher_PathSegmentValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = MetadataMatcher_PathSegmentValidationError{}
diff --git a/vendor/github.com/envoyproxy/go-control-plane/envoy/type/matcher/v3/node.pb.go b/vendor/github.com/envoyproxy/go-control-plane/envoy/type/matcher/v3/node.pb.go
new file mode 100644
index 00000000000..ae92631debd
--- /dev/null
+++ b/vendor/github.com/envoyproxy/go-control-plane/envoy/type/matcher/v3/node.pb.go
@@ -0,0 +1,189 @@
+// Code generated by protoc-gen-go. DO NOT EDIT.
+// versions:
+// 	protoc-gen-go v1.25.0
+// 	protoc        v3.19.1
+// source: envoy/type/matcher/v3/node.proto
+
+package envoy_type_matcher_v3
+
+import (
+	_ "github.com/cncf/xds/go/udpa/annotations"
+	proto "github.com/golang/protobuf/proto"
+	protoreflect "google.golang.org/protobuf/reflect/protoreflect"
+	protoimpl "google.golang.org/protobuf/runtime/protoimpl"
+	reflect "reflect"
+	sync "sync"
+)
+
+const (
+	// Verify that this generated code is sufficiently up-to-date.
+	_ = protoimpl.EnforceVersion(20 - protoimpl.MinVersion)
+	// Verify that runtime/protoimpl is sufficiently up-to-date.
+	_ = protoimpl.EnforceVersion(protoimpl.MaxVersion - 20)
+)
+
+// This is a compile-time assertion that a sufficiently up-to-date version
+// of the legacy proto package is being used.
+const _ = proto.ProtoPackageIsVersion4
+
+// Specifies the way to match a Node.
+// The match follows AND semantics.
+type NodeMatcher struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// Specifies match criteria on the node id.
+	NodeId *StringMatcher `protobuf:"bytes,1,opt,name=node_id,json=nodeId,proto3" json:"node_id,omitempty"`
+	// Specifies match criteria on the node metadata.
+	NodeMetadatas []*StructMatcher `protobuf:"bytes,2,rep,name=node_metadatas,json=nodeMetadatas,proto3" json:"node_metadatas,omitempty"`
+}
+
+func (x *NodeMatcher) Reset() {
+	*x = NodeMatcher{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_type_matcher_v3_node_proto_msgTypes[0]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *NodeMatcher) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*NodeMatcher) ProtoMessage() {}
+
+func (x *NodeMatcher) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_type_matcher_v3_node_proto_msgTypes[0]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use NodeMatcher.ProtoReflect.Descriptor instead.
+func (*NodeMatcher) Descriptor() ([]byte, []int) {
+	return file_envoy_type_matcher_v3_node_proto_rawDescGZIP(), []int{0}
+}
+
+func (x *NodeMatcher) GetNodeId() *StringMatcher {
+	if x != nil {
+		return x.NodeId
+	}
+	return nil
+}
+
+func (x *NodeMatcher) GetNodeMetadatas() []*StructMatcher {
+	if x != nil {
+		return x.NodeMetadatas
+	}
+	return nil
+}
+
+var File_envoy_type_matcher_v3_node_proto protoreflect.FileDescriptor
+
+var file_envoy_type_matcher_v3_node_proto_rawDesc = []byte{
+	0x0a, 0x20, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2f, 0x74, 0x79, 0x70, 0x65, 0x2f, 0x6d, 0x61, 0x74,
+	0x63, 0x68, 0x65, 0x72, 0x2f, 0x76, 0x33, 0x2f, 0x6e, 0x6f, 0x64, 0x65, 0x2e, 0x70, 0x72, 0x6f,
+	0x74, 0x6f, 0x12, 0x15, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x74, 0x79, 0x70, 0x65, 0x2e, 0x6d,
+	0x61, 0x74, 0x63, 0x68, 0x65, 0x72, 0x2e, 0x76, 0x33, 0x1a, 0x22, 0x65, 0x6e, 0x76, 0x6f, 0x79,
+	0x2f, 0x74, 0x79, 0x70, 0x65, 0x2f, 0x6d, 0x61, 0x74, 0x63, 0x68, 0x65, 0x72, 0x2f, 0x76, 0x33,
+	0x2f, 0x73, 0x74, 0x72, 0x69, 0x6e, 0x67, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x22, 0x65,
+	0x6e, 0x76, 0x6f, 0x79, 0x2f, 0x74, 0x79, 0x70, 0x65, 0x2f, 0x6d, 0x61, 0x74, 0x63, 0x68, 0x65,
+	0x72, 0x2f, 0x76, 0x33, 0x2f, 0x73, 0x74, 0x72, 0x75, 0x63, 0x74, 0x2e, 0x70, 0x72, 0x6f, 0x74,
+	0x6f, 0x1a, 0x1d, 0x75, 0x64, 0x70, 0x61, 0x2f, 0x61, 0x6e, 0x6e, 0x6f, 0x74, 0x61, 0x74, 0x69,
+	0x6f, 0x6e, 0x73, 0x2f, 0x73, 0x74, 0x61, 0x74, 0x75, 0x73, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f,
+	0x1a, 0x21, 0x75, 0x64, 0x70, 0x61, 0x2f, 0x61, 0x6e, 0x6e, 0x6f, 0x74, 0x61, 0x74, 0x69, 0x6f,
+	0x6e, 0x73, 0x2f, 0x76, 0x65, 0x72, 0x73, 0x69, 0x6f, 0x6e, 0x69, 0x6e, 0x67, 0x2e, 0x70, 0x72,
+	0x6f, 0x74, 0x6f, 0x22, 0xc0, 0x01, 0x0a, 0x0b, 0x4e, 0x6f, 0x64, 0x65, 0x4d, 0x61, 0x74, 0x63,
+	0x68, 0x65, 0x72, 0x12, 0x3d, 0x0a, 0x07, 0x6e, 0x6f, 0x64, 0x65, 0x5f, 0x69, 0x64, 0x18, 0x01,
+	0x20, 0x01, 0x28, 0x0b, 0x32, 0x24, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x74, 0x79, 0x70,
+	0x65, 0x2e, 0x6d, 0x61, 0x74, 0x63, 0x68, 0x65, 0x72, 0x2e, 0x76, 0x33, 0x2e, 0x53, 0x74, 0x72,
+	0x69, 0x6e, 0x67, 0x4d, 0x61, 0x74, 0x63, 0x68, 0x65, 0x72, 0x52, 0x06, 0x6e, 0x6f, 0x64, 0x65,
+	0x49, 0x64, 0x12, 0x4b, 0x0a, 0x0e, 0x6e, 0x6f, 0x64, 0x65, 0x5f, 0x6d, 0x65, 0x74, 0x61, 0x64,
+	0x61, 0x74, 0x61, 0x73, 0x18, 0x02, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x24, 0x2e, 0x65, 0x6e, 0x76,
+	0x6f, 0x79, 0x2e, 0x74, 0x79, 0x70, 0x65, 0x2e, 0x6d, 0x61, 0x74, 0x63, 0x68, 0x65, 0x72, 0x2e,
+	0x76, 0x33, 0x2e, 0x53, 0x74, 0x72, 0x75, 0x63, 0x74, 0x4d, 0x61, 0x74, 0x63, 0x68, 0x65, 0x72,
+	0x52, 0x0d, 0x6e, 0x6f, 0x64, 0x65, 0x4d, 0x65, 0x74, 0x61, 0x64, 0x61, 0x74, 0x61, 0x73, 0x3a,
+	0x25, 0x9a, 0xc5, 0x88, 0x1e, 0x20, 0x0a, 0x1e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x74, 0x79,
+	0x70, 0x65, 0x2e, 0x6d, 0x61, 0x74, 0x63, 0x68, 0x65, 0x72, 0x2e, 0x4e, 0x6f, 0x64, 0x65, 0x4d,
+	0x61, 0x74, 0x63, 0x68, 0x65, 0x72, 0x42, 0x3a, 0x0a, 0x23, 0x69, 0x6f, 0x2e, 0x65, 0x6e, 0x76,
+	0x6f, 0x79, 0x70, 0x72, 0x6f, 0x78, 0x79, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x74, 0x79,
+	0x70, 0x65, 0x2e, 0x6d, 0x61, 0x74, 0x63, 0x68, 0x65, 0x72, 0x2e, 0x76, 0x33, 0x42, 0x09, 0x4e,
+	0x6f, 0x64, 0x65, 0x50, 0x72, 0x6f, 0x74, 0x6f, 0x50, 0x01, 0xba, 0x80, 0xc8, 0xd1, 0x06, 0x02,
+	0x10, 0x02, 0x62, 0x06, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x33,
+}
+
+var (
+	file_envoy_type_matcher_v3_node_proto_rawDescOnce sync.Once
+	file_envoy_type_matcher_v3_node_proto_rawDescData = file_envoy_type_matcher_v3_node_proto_rawDesc
+)
+
+func file_envoy_type_matcher_v3_node_proto_rawDescGZIP() []byte {
+	file_envoy_type_matcher_v3_node_proto_rawDescOnce.Do(func() {
+		file_envoy_type_matcher_v3_node_proto_rawDescData = protoimpl.X.CompressGZIP(file_envoy_type_matcher_v3_node_proto_rawDescData)
+	})
+	return file_envoy_type_matcher_v3_node_proto_rawDescData
+}
+
+var file_envoy_type_matcher_v3_node_proto_msgTypes = make([]protoimpl.MessageInfo, 1)
+var file_envoy_type_matcher_v3_node_proto_goTypes = []interface{}{
+	(*NodeMatcher)(nil),   // 0: envoy.type.matcher.v3.NodeMatcher
+	(*StringMatcher)(nil), // 1: envoy.type.matcher.v3.StringMatcher
+	(*StructMatcher)(nil), // 2: envoy.type.matcher.v3.StructMatcher
+}
+var file_envoy_type_matcher_v3_node_proto_depIdxs = []int32{
+	1, // 0: envoy.type.matcher.v3.NodeMatcher.node_id:type_name -> envoy.type.matcher.v3.StringMatcher
+	2, // 1: envoy.type.matcher.v3.NodeMatcher.node_metadatas:type_name -> envoy.type.matcher.v3.StructMatcher
+	2, // [2:2] is the sub-list for method output_type
+	2, // [2:2] is the sub-list for method input_type
+	2, // [2:2] is the sub-list for extension type_name
+	2, // [2:2] is the sub-list for extension extendee
+	0, // [0:2] is the sub-list for field type_name
+}
+
+func init() { file_envoy_type_matcher_v3_node_proto_init() }
+func file_envoy_type_matcher_v3_node_proto_init() {
+	if File_envoy_type_matcher_v3_node_proto != nil {
+		return
+	}
+	file_envoy_type_matcher_v3_string_proto_init()
+	file_envoy_type_matcher_v3_struct_proto_init()
+	if !protoimpl.UnsafeEnabled {
+		file_envoy_type_matcher_v3_node_proto_msgTypes[0].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*NodeMatcher); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+	}
+	type x struct{}
+	out := protoimpl.TypeBuilder{
+		File: protoimpl.DescBuilder{
+			GoPackagePath: reflect.TypeOf(x{}).PkgPath(),
+			RawDescriptor: file_envoy_type_matcher_v3_node_proto_rawDesc,
+			NumEnums:      0,
+			NumMessages:   1,
+			NumExtensions: 0,
+			NumServices:   0,
+		},
+		GoTypes:           file_envoy_type_matcher_v3_node_proto_goTypes,
+		DependencyIndexes: file_envoy_type_matcher_v3_node_proto_depIdxs,
+		MessageInfos:      file_envoy_type_matcher_v3_node_proto_msgTypes,
+	}.Build()
+	File_envoy_type_matcher_v3_node_proto = out.File
+	file_envoy_type_matcher_v3_node_proto_rawDesc = nil
+	file_envoy_type_matcher_v3_node_proto_goTypes = nil
+	file_envoy_type_matcher_v3_node_proto_depIdxs = nil
+}
diff --git a/vendor/github.com/envoyproxy/go-control-plane/envoy/type/matcher/v3/node.pb.validate.go b/vendor/github.com/envoyproxy/go-control-plane/envoy/type/matcher/v3/node.pb.validate.go
new file mode 100644
index 00000000000..024dc126981
--- /dev/null
+++ b/vendor/github.com/envoyproxy/go-control-plane/envoy/type/matcher/v3/node.pb.validate.go
@@ -0,0 +1,197 @@
+// Code generated by protoc-gen-validate. DO NOT EDIT.
+// source: envoy/type/matcher/v3/node.proto
+
+package envoy_type_matcher_v3
+
+import (
+	"bytes"
+	"errors"
+	"fmt"
+	"net"
+	"net/mail"
+	"net/url"
+	"regexp"
+	"sort"
+	"strings"
+	"time"
+	"unicode/utf8"
+
+	"google.golang.org/protobuf/types/known/anypb"
+)
+
+// ensure the imports are used
+var (
+	_ = bytes.MinRead
+	_ = errors.New("")
+	_ = fmt.Print
+	_ = utf8.UTFMax
+	_ = (*regexp.Regexp)(nil)
+	_ = (*strings.Reader)(nil)
+	_ = net.IPv4len
+	_ = time.Duration(0)
+	_ = (*url.URL)(nil)
+	_ = (*mail.Address)(nil)
+	_ = anypb.Any{}
+	_ = sort.Sort
+)
+
+// Validate checks the field values on NodeMatcher with the rules defined in
+// the proto definition for this message. If any rules are violated, the first
+// error encountered is returned, or nil if there are no violations.
+func (m *NodeMatcher) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on NodeMatcher with the rules defined in
+// the proto definition for this message. If any rules are violated, the
+// result is a list of violation errors wrapped in NodeMatcherMultiError, or
+// nil if none found.
+func (m *NodeMatcher) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *NodeMatcher) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	if all {
+		switch v := interface{}(m.GetNodeId()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, NodeMatcherValidationError{
+					field:  "NodeId",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, NodeMatcherValidationError{
+					field:  "NodeId",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetNodeId()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return NodeMatcherValidationError{
+				field:  "NodeId",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	for idx, item := range m.GetNodeMetadatas() {
+		_, _ = idx, item
+
+		if all {
+			switch v := interface{}(item).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, NodeMatcherValidationError{
+						field:  fmt.Sprintf("NodeMetadatas[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, NodeMatcherValidationError{
+						field:  fmt.Sprintf("NodeMetadatas[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(item).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return NodeMatcherValidationError{
+					field:  fmt.Sprintf("NodeMetadatas[%v]", idx),
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	}
+
+	if len(errors) > 0 {
+		return NodeMatcherMultiError(errors)
+	}
+	return nil
+}
+
+// NodeMatcherMultiError is an error wrapping multiple validation errors
+// returned by NodeMatcher.ValidateAll() if the designated constraints aren't met.
+type NodeMatcherMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m NodeMatcherMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m NodeMatcherMultiError) AllErrors() []error { return m }
+
+// NodeMatcherValidationError is the validation error returned by
+// NodeMatcher.Validate if the designated constraints aren't met.
+type NodeMatcherValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e NodeMatcherValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e NodeMatcherValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e NodeMatcherValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e NodeMatcherValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e NodeMatcherValidationError) ErrorName() string { return "NodeMatcherValidationError" }
+
+// Error satisfies the builtin error interface
+func (e NodeMatcherValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sNodeMatcher.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = NodeMatcherValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = NodeMatcherValidationError{}
diff --git a/vendor/github.com/envoyproxy/go-control-plane/envoy/type/matcher/v3/number.pb.go b/vendor/github.com/envoyproxy/go-control-plane/envoy/type/matcher/v3/number.pb.go
new file mode 100644
index 00000000000..19f608d8d10
--- /dev/null
+++ b/vendor/github.com/envoyproxy/go-control-plane/envoy/type/matcher/v3/number.pb.go
@@ -0,0 +1,213 @@
+// Code generated by protoc-gen-go. DO NOT EDIT.
+// versions:
+// 	protoc-gen-go v1.25.0
+// 	protoc        v3.19.1
+// source: envoy/type/matcher/v3/number.proto
+
+package envoy_type_matcher_v3
+
+import (
+	_ "github.com/cncf/xds/go/udpa/annotations"
+	v3 "github.com/envoyproxy/go-control-plane/envoy/type/v3"
+	_ "github.com/envoyproxy/protoc-gen-validate/validate"
+	proto "github.com/golang/protobuf/proto"
+	protoreflect "google.golang.org/protobuf/reflect/protoreflect"
+	protoimpl "google.golang.org/protobuf/runtime/protoimpl"
+	reflect "reflect"
+	sync "sync"
+)
+
+const (
+	// Verify that this generated code is sufficiently up-to-date.
+	_ = protoimpl.EnforceVersion(20 - protoimpl.MinVersion)
+	// Verify that runtime/protoimpl is sufficiently up-to-date.
+	_ = protoimpl.EnforceVersion(protoimpl.MaxVersion - 20)
+)
+
+// This is a compile-time assertion that a sufficiently up-to-date version
+// of the legacy proto package is being used.
+const _ = proto.ProtoPackageIsVersion4
+
+// Specifies the way to match a double value.
+type DoubleMatcher struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// Types that are assignable to MatchPattern:
+	//	*DoubleMatcher_Range
+	//	*DoubleMatcher_Exact
+	MatchPattern isDoubleMatcher_MatchPattern `protobuf_oneof:"match_pattern"`
+}
+
+func (x *DoubleMatcher) Reset() {
+	*x = DoubleMatcher{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_type_matcher_v3_number_proto_msgTypes[0]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *DoubleMatcher) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*DoubleMatcher) ProtoMessage() {}
+
+func (x *DoubleMatcher) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_type_matcher_v3_number_proto_msgTypes[0]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use DoubleMatcher.ProtoReflect.Descriptor instead.
+func (*DoubleMatcher) Descriptor() ([]byte, []int) {
+	return file_envoy_type_matcher_v3_number_proto_rawDescGZIP(), []int{0}
+}
+
+func (m *DoubleMatcher) GetMatchPattern() isDoubleMatcher_MatchPattern {
+	if m != nil {
+		return m.MatchPattern
+	}
+	return nil
+}
+
+func (x *DoubleMatcher) GetRange() *v3.DoubleRange {
+	if x, ok := x.GetMatchPattern().(*DoubleMatcher_Range); ok {
+		return x.Range
+	}
+	return nil
+}
+
+func (x *DoubleMatcher) GetExact() float64 {
+	if x, ok := x.GetMatchPattern().(*DoubleMatcher_Exact); ok {
+		return x.Exact
+	}
+	return 0
+}
+
+type isDoubleMatcher_MatchPattern interface {
+	isDoubleMatcher_MatchPattern()
+}
+
+type DoubleMatcher_Range struct {
+	// If specified, the input double value must be in the range specified here.
+	// Note: The range is using half-open interval semantics [start, end).
+	Range *v3.DoubleRange `protobuf:"bytes,1,opt,name=range,proto3,oneof"`
+}
+
+type DoubleMatcher_Exact struct {
+	// If specified, the input double value must be equal to the value specified here.
+	Exact float64 `protobuf:"fixed64,2,opt,name=exact,proto3,oneof"`
+}
+
+func (*DoubleMatcher_Range) isDoubleMatcher_MatchPattern() {}
+
+func (*DoubleMatcher_Exact) isDoubleMatcher_MatchPattern() {}
+
+var File_envoy_type_matcher_v3_number_proto protoreflect.FileDescriptor
+
+var file_envoy_type_matcher_v3_number_proto_rawDesc = []byte{
+	0x0a, 0x22, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2f, 0x74, 0x79, 0x70, 0x65, 0x2f, 0x6d, 0x61, 0x74,
+	0x63, 0x68, 0x65, 0x72, 0x2f, 0x76, 0x33, 0x2f, 0x6e, 0x75, 0x6d, 0x62, 0x65, 0x72, 0x2e, 0x70,
+	0x72, 0x6f, 0x74, 0x6f, 0x12, 0x15, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x74, 0x79, 0x70, 0x65,
+	0x2e, 0x6d, 0x61, 0x74, 0x63, 0x68, 0x65, 0x72, 0x2e, 0x76, 0x33, 0x1a, 0x19, 0x65, 0x6e, 0x76,
+	0x6f, 0x79, 0x2f, 0x74, 0x79, 0x70, 0x65, 0x2f, 0x76, 0x33, 0x2f, 0x72, 0x61, 0x6e, 0x67, 0x65,
+	0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x1d, 0x75, 0x64, 0x70, 0x61, 0x2f, 0x61, 0x6e, 0x6e,
+	0x6f, 0x74, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x2f, 0x73, 0x74, 0x61, 0x74, 0x75, 0x73, 0x2e,
+	0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x21, 0x75, 0x64, 0x70, 0x61, 0x2f, 0x61, 0x6e, 0x6e, 0x6f,
+	0x74, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x2f, 0x76, 0x65, 0x72, 0x73, 0x69, 0x6f, 0x6e, 0x69,
+	0x6e, 0x67, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x17, 0x76, 0x61, 0x6c, 0x69, 0x64, 0x61,
+	0x74, 0x65, 0x2f, 0x76, 0x61, 0x6c, 0x69, 0x64, 0x61, 0x74, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74,
+	0x6f, 0x22, 0x9a, 0x01, 0x0a, 0x0d, 0x44, 0x6f, 0x75, 0x62, 0x6c, 0x65, 0x4d, 0x61, 0x74, 0x63,
+	0x68, 0x65, 0x72, 0x12, 0x32, 0x0a, 0x05, 0x72, 0x61, 0x6e, 0x67, 0x65, 0x18, 0x01, 0x20, 0x01,
+	0x28, 0x0b, 0x32, 0x1a, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x74, 0x79, 0x70, 0x65, 0x2e,
+	0x76, 0x33, 0x2e, 0x44, 0x6f, 0x75, 0x62, 0x6c, 0x65, 0x52, 0x61, 0x6e, 0x67, 0x65, 0x48, 0x00,
+	0x52, 0x05, 0x72, 0x61, 0x6e, 0x67, 0x65, 0x12, 0x16, 0x0a, 0x05, 0x65, 0x78, 0x61, 0x63, 0x74,
+	0x18, 0x02, 0x20, 0x01, 0x28, 0x01, 0x48, 0x00, 0x52, 0x05, 0x65, 0x78, 0x61, 0x63, 0x74, 0x3a,
+	0x27, 0x9a, 0xc5, 0x88, 0x1e, 0x22, 0x0a, 0x20, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x74, 0x79,
+	0x70, 0x65, 0x2e, 0x6d, 0x61, 0x74, 0x63, 0x68, 0x65, 0x72, 0x2e, 0x44, 0x6f, 0x75, 0x62, 0x6c,
+	0x65, 0x4d, 0x61, 0x74, 0x63, 0x68, 0x65, 0x72, 0x42, 0x14, 0x0a, 0x0d, 0x6d, 0x61, 0x74, 0x63,
+	0x68, 0x5f, 0x70, 0x61, 0x74, 0x74, 0x65, 0x72, 0x6e, 0x12, 0x03, 0xf8, 0x42, 0x01, 0x42, 0x3c,
+	0x0a, 0x23, 0x69, 0x6f, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x70, 0x72, 0x6f, 0x78, 0x79, 0x2e,
+	0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x74, 0x79, 0x70, 0x65, 0x2e, 0x6d, 0x61, 0x74, 0x63, 0x68,
+	0x65, 0x72, 0x2e, 0x76, 0x33, 0x42, 0x0b, 0x4e, 0x75, 0x6d, 0x62, 0x65, 0x72, 0x50, 0x72, 0x6f,
+	0x74, 0x6f, 0x50, 0x01, 0xba, 0x80, 0xc8, 0xd1, 0x06, 0x02, 0x10, 0x02, 0x62, 0x06, 0x70, 0x72,
+	0x6f, 0x74, 0x6f, 0x33,
+}
+
+var (
+	file_envoy_type_matcher_v3_number_proto_rawDescOnce sync.Once
+	file_envoy_type_matcher_v3_number_proto_rawDescData = file_envoy_type_matcher_v3_number_proto_rawDesc
+)
+
+func file_envoy_type_matcher_v3_number_proto_rawDescGZIP() []byte {
+	file_envoy_type_matcher_v3_number_proto_rawDescOnce.Do(func() {
+		file_envoy_type_matcher_v3_number_proto_rawDescData = protoimpl.X.CompressGZIP(file_envoy_type_matcher_v3_number_proto_rawDescData)
+	})
+	return file_envoy_type_matcher_v3_number_proto_rawDescData
+}
+
+var file_envoy_type_matcher_v3_number_proto_msgTypes = make([]protoimpl.MessageInfo, 1)
+var file_envoy_type_matcher_v3_number_proto_goTypes = []interface{}{
+	(*DoubleMatcher)(nil),  // 0: envoy.type.matcher.v3.DoubleMatcher
+	(*v3.DoubleRange)(nil), // 1: envoy.type.v3.DoubleRange
+}
+var file_envoy_type_matcher_v3_number_proto_depIdxs = []int32{
+	1, // 0: envoy.type.matcher.v3.DoubleMatcher.range:type_name -> envoy.type.v3.DoubleRange
+	1, // [1:1] is the sub-list for method output_type
+	1, // [1:1] is the sub-list for method input_type
+	1, // [1:1] is the sub-list for extension type_name
+	1, // [1:1] is the sub-list for extension extendee
+	0, // [0:1] is the sub-list for field type_name
+}
+
+func init() { file_envoy_type_matcher_v3_number_proto_init() }
+func file_envoy_type_matcher_v3_number_proto_init() {
+	if File_envoy_type_matcher_v3_number_proto != nil {
+		return
+	}
+	if !protoimpl.UnsafeEnabled {
+		file_envoy_type_matcher_v3_number_proto_msgTypes[0].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*DoubleMatcher); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+	}
+	file_envoy_type_matcher_v3_number_proto_msgTypes[0].OneofWrappers = []interface{}{
+		(*DoubleMatcher_Range)(nil),
+		(*DoubleMatcher_Exact)(nil),
+	}
+	type x struct{}
+	out := protoimpl.TypeBuilder{
+		File: protoimpl.DescBuilder{
+			GoPackagePath: reflect.TypeOf(x{}).PkgPath(),
+			RawDescriptor: file_envoy_type_matcher_v3_number_proto_rawDesc,
+			NumEnums:      0,
+			NumMessages:   1,
+			NumExtensions: 0,
+			NumServices:   0,
+		},
+		GoTypes:           file_envoy_type_matcher_v3_number_proto_goTypes,
+		DependencyIndexes: file_envoy_type_matcher_v3_number_proto_depIdxs,
+		MessageInfos:      file_envoy_type_matcher_v3_number_proto_msgTypes,
+	}.Build()
+	File_envoy_type_matcher_v3_number_proto = out.File
+	file_envoy_type_matcher_v3_number_proto_rawDesc = nil
+	file_envoy_type_matcher_v3_number_proto_goTypes = nil
+	file_envoy_type_matcher_v3_number_proto_depIdxs = nil
+}
diff --git a/vendor/github.com/envoyproxy/go-control-plane/envoy/type/matcher/v3/number.pb.validate.go b/vendor/github.com/envoyproxy/go-control-plane/envoy/type/matcher/v3/number.pb.validate.go
new file mode 100644
index 00000000000..4a27d763c5c
--- /dev/null
+++ b/vendor/github.com/envoyproxy/go-control-plane/envoy/type/matcher/v3/number.pb.validate.go
@@ -0,0 +1,183 @@
+// Code generated by protoc-gen-validate. DO NOT EDIT.
+// source: envoy/type/matcher/v3/number.proto
+
+package envoy_type_matcher_v3
+
+import (
+	"bytes"
+	"errors"
+	"fmt"
+	"net"
+	"net/mail"
+	"net/url"
+	"regexp"
+	"sort"
+	"strings"
+	"time"
+	"unicode/utf8"
+
+	"google.golang.org/protobuf/types/known/anypb"
+)
+
+// ensure the imports are used
+var (
+	_ = bytes.MinRead
+	_ = errors.New("")
+	_ = fmt.Print
+	_ = utf8.UTFMax
+	_ = (*regexp.Regexp)(nil)
+	_ = (*strings.Reader)(nil)
+	_ = net.IPv4len
+	_ = time.Duration(0)
+	_ = (*url.URL)(nil)
+	_ = (*mail.Address)(nil)
+	_ = anypb.Any{}
+	_ = sort.Sort
+)
+
+// Validate checks the field values on DoubleMatcher with the rules defined in
+// the proto definition for this message. If any rules are violated, the first
+// error encountered is returned, or nil if there are no violations.
+func (m *DoubleMatcher) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on DoubleMatcher with the rules defined
+// in the proto definition for this message. If any rules are violated, the
+// result is a list of violation errors wrapped in DoubleMatcherMultiError, or
+// nil if none found.
+func (m *DoubleMatcher) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *DoubleMatcher) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	switch m.MatchPattern.(type) {
+
+	case *DoubleMatcher_Range:
+
+		if all {
+			switch v := interface{}(m.GetRange()).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, DoubleMatcherValidationError{
+						field:  "Range",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, DoubleMatcherValidationError{
+						field:  "Range",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(m.GetRange()).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return DoubleMatcherValidationError{
+					field:  "Range",
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	case *DoubleMatcher_Exact:
+		// no validation rules for Exact
+
+	default:
+		err := DoubleMatcherValidationError{
+			field:  "MatchPattern",
+			reason: "value is required",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+
+	}
+
+	if len(errors) > 0 {
+		return DoubleMatcherMultiError(errors)
+	}
+	return nil
+}
+
+// DoubleMatcherMultiError is an error wrapping multiple validation errors
+// returned by DoubleMatcher.ValidateAll() if the designated constraints
+// aren't met.
+type DoubleMatcherMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m DoubleMatcherMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m DoubleMatcherMultiError) AllErrors() []error { return m }
+
+// DoubleMatcherValidationError is the validation error returned by
+// DoubleMatcher.Validate if the designated constraints aren't met.
+type DoubleMatcherValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e DoubleMatcherValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e DoubleMatcherValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e DoubleMatcherValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e DoubleMatcherValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e DoubleMatcherValidationError) ErrorName() string { return "DoubleMatcherValidationError" }
+
+// Error satisfies the builtin error interface
+func (e DoubleMatcherValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sDoubleMatcher.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = DoubleMatcherValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = DoubleMatcherValidationError{}
diff --git a/vendor/github.com/envoyproxy/go-control-plane/envoy/type/matcher/v3/path.pb.go b/vendor/github.com/envoyproxy/go-control-plane/envoy/type/matcher/v3/path.pb.go
new file mode 100644
index 00000000000..68c225b1611
--- /dev/null
+++ b/vendor/github.com/envoyproxy/go-control-plane/envoy/type/matcher/v3/path.pb.go
@@ -0,0 +1,197 @@
+// Code generated by protoc-gen-go. DO NOT EDIT.
+// versions:
+// 	protoc-gen-go v1.25.0
+// 	protoc        v3.19.1
+// source: envoy/type/matcher/v3/path.proto
+
+package envoy_type_matcher_v3
+
+import (
+	_ "github.com/cncf/xds/go/udpa/annotations"
+	_ "github.com/envoyproxy/protoc-gen-validate/validate"
+	proto "github.com/golang/protobuf/proto"
+	protoreflect "google.golang.org/protobuf/reflect/protoreflect"
+	protoimpl "google.golang.org/protobuf/runtime/protoimpl"
+	reflect "reflect"
+	sync "sync"
+)
+
+const (
+	// Verify that this generated code is sufficiently up-to-date.
+	_ = protoimpl.EnforceVersion(20 - protoimpl.MinVersion)
+	// Verify that runtime/protoimpl is sufficiently up-to-date.
+	_ = protoimpl.EnforceVersion(protoimpl.MaxVersion - 20)
+)
+
+// This is a compile-time assertion that a sufficiently up-to-date version
+// of the legacy proto package is being used.
+const _ = proto.ProtoPackageIsVersion4
+
+// Specifies the way to match a path on HTTP request.
+type PathMatcher struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// Types that are assignable to Rule:
+	//	*PathMatcher_Path
+	Rule isPathMatcher_Rule `protobuf_oneof:"rule"`
+}
+
+func (x *PathMatcher) Reset() {
+	*x = PathMatcher{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_type_matcher_v3_path_proto_msgTypes[0]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *PathMatcher) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*PathMatcher) ProtoMessage() {}
+
+func (x *PathMatcher) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_type_matcher_v3_path_proto_msgTypes[0]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use PathMatcher.ProtoReflect.Descriptor instead.
+func (*PathMatcher) Descriptor() ([]byte, []int) {
+	return file_envoy_type_matcher_v3_path_proto_rawDescGZIP(), []int{0}
+}
+
+func (m *PathMatcher) GetRule() isPathMatcher_Rule {
+	if m != nil {
+		return m.Rule
+	}
+	return nil
+}
+
+func (x *PathMatcher) GetPath() *StringMatcher {
+	if x, ok := x.GetRule().(*PathMatcher_Path); ok {
+		return x.Path
+	}
+	return nil
+}
+
+type isPathMatcher_Rule interface {
+	isPathMatcher_Rule()
+}
+
+type PathMatcher_Path struct {
+	// The `path` must match the URL path portion of the :path header. The query and fragment
+	// string (if present) are removed in the URL path portion.
+	// For example, the path */data* will match the *:path* header */data#fragment?param=value*.
+	Path *StringMatcher `protobuf:"bytes,1,opt,name=path,proto3,oneof"`
+}
+
+func (*PathMatcher_Path) isPathMatcher_Rule() {}
+
+var File_envoy_type_matcher_v3_path_proto protoreflect.FileDescriptor
+
+var file_envoy_type_matcher_v3_path_proto_rawDesc = []byte{
+	0x0a, 0x20, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2f, 0x74, 0x79, 0x70, 0x65, 0x2f, 0x6d, 0x61, 0x74,
+	0x63, 0x68, 0x65, 0x72, 0x2f, 0x76, 0x33, 0x2f, 0x70, 0x61, 0x74, 0x68, 0x2e, 0x70, 0x72, 0x6f,
+	0x74, 0x6f, 0x12, 0x15, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x74, 0x79, 0x70, 0x65, 0x2e, 0x6d,
+	0x61, 0x74, 0x63, 0x68, 0x65, 0x72, 0x2e, 0x76, 0x33, 0x1a, 0x22, 0x65, 0x6e, 0x76, 0x6f, 0x79,
+	0x2f, 0x74, 0x79, 0x70, 0x65, 0x2f, 0x6d, 0x61, 0x74, 0x63, 0x68, 0x65, 0x72, 0x2f, 0x76, 0x33,
+	0x2f, 0x73, 0x74, 0x72, 0x69, 0x6e, 0x67, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x1d, 0x75,
+	0x64, 0x70, 0x61, 0x2f, 0x61, 0x6e, 0x6e, 0x6f, 0x74, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x2f,
+	0x73, 0x74, 0x61, 0x74, 0x75, 0x73, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x21, 0x75, 0x64,
+	0x70, 0x61, 0x2f, 0x61, 0x6e, 0x6e, 0x6f, 0x74, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x2f, 0x76,
+	0x65, 0x72, 0x73, 0x69, 0x6f, 0x6e, 0x69, 0x6e, 0x67, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a,
+	0x17, 0x76, 0x61, 0x6c, 0x69, 0x64, 0x61, 0x74, 0x65, 0x2f, 0x76, 0x61, 0x6c, 0x69, 0x64, 0x61,
+	0x74, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x22, 0x87, 0x01, 0x0a, 0x0b, 0x50, 0x61, 0x74,
+	0x68, 0x4d, 0x61, 0x74, 0x63, 0x68, 0x65, 0x72, 0x12, 0x44, 0x0a, 0x04, 0x70, 0x61, 0x74, 0x68,
+	0x18, 0x01, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x24, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x74,
+	0x79, 0x70, 0x65, 0x2e, 0x6d, 0x61, 0x74, 0x63, 0x68, 0x65, 0x72, 0x2e, 0x76, 0x33, 0x2e, 0x53,
+	0x74, 0x72, 0x69, 0x6e, 0x67, 0x4d, 0x61, 0x74, 0x63, 0x68, 0x65, 0x72, 0x42, 0x08, 0xfa, 0x42,
+	0x05, 0x8a, 0x01, 0x02, 0x10, 0x01, 0x48, 0x00, 0x52, 0x04, 0x70, 0x61, 0x74, 0x68, 0x3a, 0x25,
+	0x9a, 0xc5, 0x88, 0x1e, 0x20, 0x0a, 0x1e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x74, 0x79, 0x70,
+	0x65, 0x2e, 0x6d, 0x61, 0x74, 0x63, 0x68, 0x65, 0x72, 0x2e, 0x50, 0x61, 0x74, 0x68, 0x4d, 0x61,
+	0x74, 0x63, 0x68, 0x65, 0x72, 0x42, 0x0b, 0x0a, 0x04, 0x72, 0x75, 0x6c, 0x65, 0x12, 0x03, 0xf8,
+	0x42, 0x01, 0x42, 0x3a, 0x0a, 0x23, 0x69, 0x6f, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x70, 0x72,
+	0x6f, 0x78, 0x79, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x74, 0x79, 0x70, 0x65, 0x2e, 0x6d,
+	0x61, 0x74, 0x63, 0x68, 0x65, 0x72, 0x2e, 0x76, 0x33, 0x42, 0x09, 0x50, 0x61, 0x74, 0x68, 0x50,
+	0x72, 0x6f, 0x74, 0x6f, 0x50, 0x01, 0xba, 0x80, 0xc8, 0xd1, 0x06, 0x02, 0x10, 0x02, 0x62, 0x06,
+	0x70, 0x72, 0x6f, 0x74, 0x6f, 0x33,
+}
+
+var (
+	file_envoy_type_matcher_v3_path_proto_rawDescOnce sync.Once
+	file_envoy_type_matcher_v3_path_proto_rawDescData = file_envoy_type_matcher_v3_path_proto_rawDesc
+)
+
+func file_envoy_type_matcher_v3_path_proto_rawDescGZIP() []byte {
+	file_envoy_type_matcher_v3_path_proto_rawDescOnce.Do(func() {
+		file_envoy_type_matcher_v3_path_proto_rawDescData = protoimpl.X.CompressGZIP(file_envoy_type_matcher_v3_path_proto_rawDescData)
+	})
+	return file_envoy_type_matcher_v3_path_proto_rawDescData
+}
+
+var file_envoy_type_matcher_v3_path_proto_msgTypes = make([]protoimpl.MessageInfo, 1)
+var file_envoy_type_matcher_v3_path_proto_goTypes = []interface{}{
+	(*PathMatcher)(nil),   // 0: envoy.type.matcher.v3.PathMatcher
+	(*StringMatcher)(nil), // 1: envoy.type.matcher.v3.StringMatcher
+}
+var file_envoy_type_matcher_v3_path_proto_depIdxs = []int32{
+	1, // 0: envoy.type.matcher.v3.PathMatcher.path:type_name -> envoy.type.matcher.v3.StringMatcher
+	1, // [1:1] is the sub-list for method output_type
+	1, // [1:1] is the sub-list for method input_type
+	1, // [1:1] is the sub-list for extension type_name
+	1, // [1:1] is the sub-list for extension extendee
+	0, // [0:1] is the sub-list for field type_name
+}
+
+func init() { file_envoy_type_matcher_v3_path_proto_init() }
+func file_envoy_type_matcher_v3_path_proto_init() {
+	if File_envoy_type_matcher_v3_path_proto != nil {
+		return
+	}
+	file_envoy_type_matcher_v3_string_proto_init()
+	if !protoimpl.UnsafeEnabled {
+		file_envoy_type_matcher_v3_path_proto_msgTypes[0].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*PathMatcher); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+	}
+	file_envoy_type_matcher_v3_path_proto_msgTypes[0].OneofWrappers = []interface{}{
+		(*PathMatcher_Path)(nil),
+	}
+	type x struct{}
+	out := protoimpl.TypeBuilder{
+		File: protoimpl.DescBuilder{
+			GoPackagePath: reflect.TypeOf(x{}).PkgPath(),
+			RawDescriptor: file_envoy_type_matcher_v3_path_proto_rawDesc,
+			NumEnums:      0,
+			NumMessages:   1,
+			NumExtensions: 0,
+			NumServices:   0,
+		},
+		GoTypes:           file_envoy_type_matcher_v3_path_proto_goTypes,
+		DependencyIndexes: file_envoy_type_matcher_v3_path_proto_depIdxs,
+		MessageInfos:      file_envoy_type_matcher_v3_path_proto_msgTypes,
+	}.Build()
+	File_envoy_type_matcher_v3_path_proto = out.File
+	file_envoy_type_matcher_v3_path_proto_rawDesc = nil
+	file_envoy_type_matcher_v3_path_proto_goTypes = nil
+	file_envoy_type_matcher_v3_path_proto_depIdxs = nil
+}
diff --git a/vendor/github.com/envoyproxy/go-control-plane/envoy/type/matcher/v3/path.pb.validate.go b/vendor/github.com/envoyproxy/go-control-plane/envoy/type/matcher/v3/path.pb.validate.go
new file mode 100644
index 00000000000..6deb1a6acc1
--- /dev/null
+++ b/vendor/github.com/envoyproxy/go-control-plane/envoy/type/matcher/v3/path.pb.validate.go
@@ -0,0 +1,190 @@
+// Code generated by protoc-gen-validate. DO NOT EDIT.
+// source: envoy/type/matcher/v3/path.proto
+
+package envoy_type_matcher_v3
+
+import (
+	"bytes"
+	"errors"
+	"fmt"
+	"net"
+	"net/mail"
+	"net/url"
+	"regexp"
+	"sort"
+	"strings"
+	"time"
+	"unicode/utf8"
+
+	"google.golang.org/protobuf/types/known/anypb"
+)
+
+// ensure the imports are used
+var (
+	_ = bytes.MinRead
+	_ = errors.New("")
+	_ = fmt.Print
+	_ = utf8.UTFMax
+	_ = (*regexp.Regexp)(nil)
+	_ = (*strings.Reader)(nil)
+	_ = net.IPv4len
+	_ = time.Duration(0)
+	_ = (*url.URL)(nil)
+	_ = (*mail.Address)(nil)
+	_ = anypb.Any{}
+	_ = sort.Sort
+)
+
+// Validate checks the field values on PathMatcher with the rules defined in
+// the proto definition for this message. If any rules are violated, the first
+// error encountered is returned, or nil if there are no violations.
+func (m *PathMatcher) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on PathMatcher with the rules defined in
+// the proto definition for this message. If any rules are violated, the
+// result is a list of violation errors wrapped in PathMatcherMultiError, or
+// nil if none found.
+func (m *PathMatcher) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *PathMatcher) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	switch m.Rule.(type) {
+
+	case *PathMatcher_Path:
+
+		if m.GetPath() == nil {
+			err := PathMatcherValidationError{
+				field:  "Path",
+				reason: "value is required",
+			}
+			if !all {
+				return err
+			}
+			errors = append(errors, err)
+		}
+
+		if all {
+			switch v := interface{}(m.GetPath()).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, PathMatcherValidationError{
+						field:  "Path",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, PathMatcherValidationError{
+						field:  "Path",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(m.GetPath()).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return PathMatcherValidationError{
+					field:  "Path",
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	default:
+		err := PathMatcherValidationError{
+			field:  "Rule",
+			reason: "value is required",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+
+	}
+
+	if len(errors) > 0 {
+		return PathMatcherMultiError(errors)
+	}
+	return nil
+}
+
+// PathMatcherMultiError is an error wrapping multiple validation errors
+// returned by PathMatcher.ValidateAll() if the designated constraints aren't met.
+type PathMatcherMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m PathMatcherMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m PathMatcherMultiError) AllErrors() []error { return m }
+
+// PathMatcherValidationError is the validation error returned by
+// PathMatcher.Validate if the designated constraints aren't met.
+type PathMatcherValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e PathMatcherValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e PathMatcherValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e PathMatcherValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e PathMatcherValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e PathMatcherValidationError) ErrorName() string { return "PathMatcherValidationError" }
+
+// Error satisfies the builtin error interface
+func (e PathMatcherValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sPathMatcher.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = PathMatcherValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = PathMatcherValidationError{}
diff --git a/vendor/github.com/envoyproxy/go-control-plane/envoy/type/matcher/v3/regex.pb.go b/vendor/github.com/envoyproxy/go-control-plane/envoy/type/matcher/v3/regex.pb.go
new file mode 100644
index 00000000000..109af5ab9ba
--- /dev/null
+++ b/vendor/github.com/envoyproxy/go-control-plane/envoy/type/matcher/v3/regex.pb.go
@@ -0,0 +1,405 @@
+// Code generated by protoc-gen-go. DO NOT EDIT.
+// versions:
+// 	protoc-gen-go v1.25.0
+// 	protoc        v3.19.1
+// source: envoy/type/matcher/v3/regex.proto
+
+package envoy_type_matcher_v3
+
+import (
+	_ "github.com/cncf/xds/go/udpa/annotations"
+	_ "github.com/envoyproxy/go-control-plane/envoy/annotations"
+	_ "github.com/envoyproxy/protoc-gen-validate/validate"
+	proto "github.com/golang/protobuf/proto"
+	wrappers "github.com/golang/protobuf/ptypes/wrappers"
+	protoreflect "google.golang.org/protobuf/reflect/protoreflect"
+	protoimpl "google.golang.org/protobuf/runtime/protoimpl"
+	reflect "reflect"
+	sync "sync"
+)
+
+const (
+	// Verify that this generated code is sufficiently up-to-date.
+	_ = protoimpl.EnforceVersion(20 - protoimpl.MinVersion)
+	// Verify that runtime/protoimpl is sufficiently up-to-date.
+	_ = protoimpl.EnforceVersion(protoimpl.MaxVersion - 20)
+)
+
+// This is a compile-time assertion that a sufficiently up-to-date version
+// of the legacy proto package is being used.
+const _ = proto.ProtoPackageIsVersion4
+
+// A regex matcher designed for safety when used with untrusted input.
+type RegexMatcher struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// Types that are assignable to EngineType:
+	//	*RegexMatcher_GoogleRe2
+	EngineType isRegexMatcher_EngineType `protobuf_oneof:"engine_type"`
+	// The regex match string. The string must be supported by the configured engine.
+	Regex string `protobuf:"bytes,2,opt,name=regex,proto3" json:"regex,omitempty"`
+}
+
+func (x *RegexMatcher) Reset() {
+	*x = RegexMatcher{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_type_matcher_v3_regex_proto_msgTypes[0]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *RegexMatcher) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*RegexMatcher) ProtoMessage() {}
+
+func (x *RegexMatcher) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_type_matcher_v3_regex_proto_msgTypes[0]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use RegexMatcher.ProtoReflect.Descriptor instead.
+func (*RegexMatcher) Descriptor() ([]byte, []int) {
+	return file_envoy_type_matcher_v3_regex_proto_rawDescGZIP(), []int{0}
+}
+
+func (m *RegexMatcher) GetEngineType() isRegexMatcher_EngineType {
+	if m != nil {
+		return m.EngineType
+	}
+	return nil
+}
+
+func (x *RegexMatcher) GetGoogleRe2() *RegexMatcher_GoogleRE2 {
+	if x, ok := x.GetEngineType().(*RegexMatcher_GoogleRe2); ok {
+		return x.GoogleRe2
+	}
+	return nil
+}
+
+func (x *RegexMatcher) GetRegex() string {
+	if x != nil {
+		return x.Regex
+	}
+	return ""
+}
+
+type isRegexMatcher_EngineType interface {
+	isRegexMatcher_EngineType()
+}
+
+type RegexMatcher_GoogleRe2 struct {
+	// Google's RE2 regex engine.
+	GoogleRe2 *RegexMatcher_GoogleRE2 `protobuf:"bytes,1,opt,name=google_re2,json=googleRe2,proto3,oneof"`
+}
+
+func (*RegexMatcher_GoogleRe2) isRegexMatcher_EngineType() {}
+
+// Describes how to match a string and then produce a new string using a regular
+// expression and a substitution string.
+type RegexMatchAndSubstitute struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// The regular expression used to find portions of a string (hereafter called
+	// the "subject string") that should be replaced. When a new string is
+	// produced during the substitution operation, the new string is initially
+	// the same as the subject string, but then all matches in the subject string
+	// are replaced by the substitution string. If replacing all matches isn't
+	// desired, regular expression anchors can be used to ensure a single match,
+	// so as to replace just one occurrence of a pattern. Capture groups can be
+	// used in the pattern to extract portions of the subject string, and then
+	// referenced in the substitution string.
+	Pattern *RegexMatcher `protobuf:"bytes,1,opt,name=pattern,proto3" json:"pattern,omitempty"`
+	// The string that should be substituted into matching portions of the
+	// subject string during a substitution operation to produce a new string.
+	// Capture groups in the pattern can be referenced in the substitution
+	// string. Note, however, that the syntax for referring to capture groups is
+	// defined by the chosen regular expression engine. Google's `RE2
+	// <https://github.com/google/re2>`_ regular expression engine uses a
+	// backslash followed by the capture group number to denote a numbered
+	// capture group. E.g., ``\1`` refers to capture group 1, and ``\2`` refers
+	// to capture group 2.
+	Substitution string `protobuf:"bytes,2,opt,name=substitution,proto3" json:"substitution,omitempty"`
+}
+
+func (x *RegexMatchAndSubstitute) Reset() {
+	*x = RegexMatchAndSubstitute{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_type_matcher_v3_regex_proto_msgTypes[1]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *RegexMatchAndSubstitute) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*RegexMatchAndSubstitute) ProtoMessage() {}
+
+func (x *RegexMatchAndSubstitute) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_type_matcher_v3_regex_proto_msgTypes[1]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use RegexMatchAndSubstitute.ProtoReflect.Descriptor instead.
+func (*RegexMatchAndSubstitute) Descriptor() ([]byte, []int) {
+	return file_envoy_type_matcher_v3_regex_proto_rawDescGZIP(), []int{1}
+}
+
+func (x *RegexMatchAndSubstitute) GetPattern() *RegexMatcher {
+	if x != nil {
+		return x.Pattern
+	}
+	return nil
+}
+
+func (x *RegexMatchAndSubstitute) GetSubstitution() string {
+	if x != nil {
+		return x.Substitution
+	}
+	return ""
+}
+
+// Google's `RE2 <https://github.com/google/re2>`_ regex engine. The regex string must adhere to
+// the documented `syntax <https://github.com/google/re2/wiki/Syntax>`_. The engine is designed
+// to complete execution in linear time as well as limit the amount of memory used.
+//
+// Envoy supports program size checking via runtime. The runtime keys `re2.max_program_size.error_level`
+// and `re2.max_program_size.warn_level` can be set to integers as the maximum program size or
+// complexity that a compiled regex can have before an exception is thrown or a warning is
+// logged, respectively. `re2.max_program_size.error_level` defaults to 100, and
+// `re2.max_program_size.warn_level` has no default if unset (will not check/log a warning).
+//
+// Envoy emits two stats for tracking the program size of regexes: the histogram `re2.program_size`,
+// which records the program size, and the counter `re2.exceeded_warn_level`, which is incremented
+// each time the program size exceeds the warn level threshold.
+type RegexMatcher_GoogleRE2 struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// This field controls the RE2 "program size" which is a rough estimate of how complex a
+	// compiled regex is to evaluate. A regex that has a program size greater than the configured
+	// value will fail to compile. In this case, the configured max program size can be increased
+	// or the regex can be simplified. If not specified, the default is 100.
+	//
+	// This field is deprecated; regexp validation should be performed on the management server
+	// instead of being done by each individual client.
+	//
+	// Deprecated: Do not use.
+	MaxProgramSize *wrappers.UInt32Value `protobuf:"bytes,1,opt,name=max_program_size,json=maxProgramSize,proto3" json:"max_program_size,omitempty"`
+}
+
+func (x *RegexMatcher_GoogleRE2) Reset() {
+	*x = RegexMatcher_GoogleRE2{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_type_matcher_v3_regex_proto_msgTypes[2]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *RegexMatcher_GoogleRE2) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*RegexMatcher_GoogleRE2) ProtoMessage() {}
+
+func (x *RegexMatcher_GoogleRE2) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_type_matcher_v3_regex_proto_msgTypes[2]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use RegexMatcher_GoogleRE2.ProtoReflect.Descriptor instead.
+func (*RegexMatcher_GoogleRE2) Descriptor() ([]byte, []int) {
+	return file_envoy_type_matcher_v3_regex_proto_rawDescGZIP(), []int{0, 0}
+}
+
+// Deprecated: Do not use.
+func (x *RegexMatcher_GoogleRE2) GetMaxProgramSize() *wrappers.UInt32Value {
+	if x != nil {
+		return x.MaxProgramSize
+	}
+	return nil
+}
+
+var File_envoy_type_matcher_v3_regex_proto protoreflect.FileDescriptor
+
+var file_envoy_type_matcher_v3_regex_proto_rawDesc = []byte{
+	0x0a, 0x21, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2f, 0x74, 0x79, 0x70, 0x65, 0x2f, 0x6d, 0x61, 0x74,
+	0x63, 0x68, 0x65, 0x72, 0x2f, 0x76, 0x33, 0x2f, 0x72, 0x65, 0x67, 0x65, 0x78, 0x2e, 0x70, 0x72,
+	0x6f, 0x74, 0x6f, 0x12, 0x15, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x74, 0x79, 0x70, 0x65, 0x2e,
+	0x6d, 0x61, 0x74, 0x63, 0x68, 0x65, 0x72, 0x2e, 0x76, 0x33, 0x1a, 0x1e, 0x67, 0x6f, 0x6f, 0x67,
+	0x6c, 0x65, 0x2f, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2f, 0x77, 0x72, 0x61, 0x70,
+	0x70, 0x65, 0x72, 0x73, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x23, 0x65, 0x6e, 0x76, 0x6f,
+	0x79, 0x2f, 0x61, 0x6e, 0x6e, 0x6f, 0x74, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x2f, 0x64, 0x65,
+	0x70, 0x72, 0x65, 0x63, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a,
+	0x1d, 0x75, 0x64, 0x70, 0x61, 0x2f, 0x61, 0x6e, 0x6e, 0x6f, 0x74, 0x61, 0x74, 0x69, 0x6f, 0x6e,
+	0x73, 0x2f, 0x73, 0x74, 0x61, 0x74, 0x75, 0x73, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x21,
+	0x75, 0x64, 0x70, 0x61, 0x2f, 0x61, 0x6e, 0x6e, 0x6f, 0x74, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x73,
+	0x2f, 0x76, 0x65, 0x72, 0x73, 0x69, 0x6f, 0x6e, 0x69, 0x6e, 0x67, 0x2e, 0x70, 0x72, 0x6f, 0x74,
+	0x6f, 0x1a, 0x17, 0x76, 0x61, 0x6c, 0x69, 0x64, 0x61, 0x74, 0x65, 0x2f, 0x76, 0x61, 0x6c, 0x69,
+	0x64, 0x61, 0x74, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x22, 0xd8, 0x02, 0x0a, 0x0c, 0x52,
+	0x65, 0x67, 0x65, 0x78, 0x4d, 0x61, 0x74, 0x63, 0x68, 0x65, 0x72, 0x12, 0x58, 0x0a, 0x0a, 0x67,
+	0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x5f, 0x72, 0x65, 0x32, 0x18, 0x01, 0x20, 0x01, 0x28, 0x0b, 0x32,
+	0x2d, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x74, 0x79, 0x70, 0x65, 0x2e, 0x6d, 0x61, 0x74,
+	0x63, 0x68, 0x65, 0x72, 0x2e, 0x76, 0x33, 0x2e, 0x52, 0x65, 0x67, 0x65, 0x78, 0x4d, 0x61, 0x74,
+	0x63, 0x68, 0x65, 0x72, 0x2e, 0x47, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x52, 0x45, 0x32, 0x42, 0x08,
+	0xfa, 0x42, 0x05, 0x8a, 0x01, 0x02, 0x10, 0x01, 0x48, 0x00, 0x52, 0x09, 0x67, 0x6f, 0x6f, 0x67,
+	0x6c, 0x65, 0x52, 0x65, 0x32, 0x12, 0x1d, 0x0a, 0x05, 0x72, 0x65, 0x67, 0x65, 0x78, 0x18, 0x02,
+	0x20, 0x01, 0x28, 0x09, 0x42, 0x07, 0xfa, 0x42, 0x04, 0x72, 0x02, 0x10, 0x01, 0x52, 0x05, 0x72,
+	0x65, 0x67, 0x65, 0x78, 0x1a, 0x92, 0x01, 0x0a, 0x09, 0x47, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x52,
+	0x45, 0x32, 0x12, 0x53, 0x0a, 0x10, 0x6d, 0x61, 0x78, 0x5f, 0x70, 0x72, 0x6f, 0x67, 0x72, 0x61,
+	0x6d, 0x5f, 0x73, 0x69, 0x7a, 0x65, 0x18, 0x01, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1c, 0x2e, 0x67,
+	0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x55,
+	0x49, 0x6e, 0x74, 0x33, 0x32, 0x56, 0x61, 0x6c, 0x75, 0x65, 0x42, 0x0b, 0x18, 0x01, 0x92, 0xc7,
+	0x86, 0xd8, 0x04, 0x03, 0x33, 0x2e, 0x30, 0x52, 0x0e, 0x6d, 0x61, 0x78, 0x50, 0x72, 0x6f, 0x67,
+	0x72, 0x61, 0x6d, 0x53, 0x69, 0x7a, 0x65, 0x3a, 0x30, 0x9a, 0xc5, 0x88, 0x1e, 0x2b, 0x0a, 0x29,
+	0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x74, 0x79, 0x70, 0x65, 0x2e, 0x6d, 0x61, 0x74, 0x63, 0x68,
+	0x65, 0x72, 0x2e, 0x52, 0x65, 0x67, 0x65, 0x78, 0x4d, 0x61, 0x74, 0x63, 0x68, 0x65, 0x72, 0x2e,
+	0x47, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x52, 0x45, 0x32, 0x3a, 0x26, 0x9a, 0xc5, 0x88, 0x1e, 0x21,
+	0x0a, 0x1f, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x74, 0x79, 0x70, 0x65, 0x2e, 0x6d, 0x61, 0x74,
+	0x63, 0x68, 0x65, 0x72, 0x2e, 0x52, 0x65, 0x67, 0x65, 0x78, 0x4d, 0x61, 0x74, 0x63, 0x68, 0x65,
+	0x72, 0x42, 0x12, 0x0a, 0x0b, 0x65, 0x6e, 0x67, 0x69, 0x6e, 0x65, 0x5f, 0x74, 0x79, 0x70, 0x65,
+	0x12, 0x03, 0xf8, 0x42, 0x01, 0x22, 0xb9, 0x01, 0x0a, 0x17, 0x52, 0x65, 0x67, 0x65, 0x78, 0x4d,
+	0x61, 0x74, 0x63, 0x68, 0x41, 0x6e, 0x64, 0x53, 0x75, 0x62, 0x73, 0x74, 0x69, 0x74, 0x75, 0x74,
+	0x65, 0x12, 0x47, 0x0a, 0x07, 0x70, 0x61, 0x74, 0x74, 0x65, 0x72, 0x6e, 0x18, 0x01, 0x20, 0x01,
+	0x28, 0x0b, 0x32, 0x23, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x74, 0x79, 0x70, 0x65, 0x2e,
+	0x6d, 0x61, 0x74, 0x63, 0x68, 0x65, 0x72, 0x2e, 0x76, 0x33, 0x2e, 0x52, 0x65, 0x67, 0x65, 0x78,
+	0x4d, 0x61, 0x74, 0x63, 0x68, 0x65, 0x72, 0x42, 0x08, 0xfa, 0x42, 0x05, 0x8a, 0x01, 0x02, 0x10,
+	0x01, 0x52, 0x07, 0x70, 0x61, 0x74, 0x74, 0x65, 0x72, 0x6e, 0x12, 0x22, 0x0a, 0x0c, 0x73, 0x75,
+	0x62, 0x73, 0x74, 0x69, 0x74, 0x75, 0x74, 0x69, 0x6f, 0x6e, 0x18, 0x02, 0x20, 0x01, 0x28, 0x09,
+	0x52, 0x0c, 0x73, 0x75, 0x62, 0x73, 0x74, 0x69, 0x74, 0x75, 0x74, 0x69, 0x6f, 0x6e, 0x3a, 0x31,
+	0x9a, 0xc5, 0x88, 0x1e, 0x2c, 0x0a, 0x2a, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x74, 0x79, 0x70,
+	0x65, 0x2e, 0x6d, 0x61, 0x74, 0x63, 0x68, 0x65, 0x72, 0x2e, 0x52, 0x65, 0x67, 0x65, 0x78, 0x4d,
+	0x61, 0x74, 0x63, 0x68, 0x41, 0x6e, 0x64, 0x53, 0x75, 0x62, 0x73, 0x74, 0x69, 0x74, 0x75, 0x74,
+	0x65, 0x42, 0x3b, 0x0a, 0x23, 0x69, 0x6f, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x70, 0x72, 0x6f,
+	0x78, 0x79, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x74, 0x79, 0x70, 0x65, 0x2e, 0x6d, 0x61,
+	0x74, 0x63, 0x68, 0x65, 0x72, 0x2e, 0x76, 0x33, 0x42, 0x0a, 0x52, 0x65, 0x67, 0x65, 0x78, 0x50,
+	0x72, 0x6f, 0x74, 0x6f, 0x50, 0x01, 0xba, 0x80, 0xc8, 0xd1, 0x06, 0x02, 0x10, 0x02, 0x62, 0x06,
+	0x70, 0x72, 0x6f, 0x74, 0x6f, 0x33,
+}
+
+var (
+	file_envoy_type_matcher_v3_regex_proto_rawDescOnce sync.Once
+	file_envoy_type_matcher_v3_regex_proto_rawDescData = file_envoy_type_matcher_v3_regex_proto_rawDesc
+)
+
+func file_envoy_type_matcher_v3_regex_proto_rawDescGZIP() []byte {
+	file_envoy_type_matcher_v3_regex_proto_rawDescOnce.Do(func() {
+		file_envoy_type_matcher_v3_regex_proto_rawDescData = protoimpl.X.CompressGZIP(file_envoy_type_matcher_v3_regex_proto_rawDescData)
+	})
+	return file_envoy_type_matcher_v3_regex_proto_rawDescData
+}
+
+var file_envoy_type_matcher_v3_regex_proto_msgTypes = make([]protoimpl.MessageInfo, 3)
+var file_envoy_type_matcher_v3_regex_proto_goTypes = []interface{}{
+	(*RegexMatcher)(nil),            // 0: envoy.type.matcher.v3.RegexMatcher
+	(*RegexMatchAndSubstitute)(nil), // 1: envoy.type.matcher.v3.RegexMatchAndSubstitute
+	(*RegexMatcher_GoogleRE2)(nil),  // 2: envoy.type.matcher.v3.RegexMatcher.GoogleRE2
+	(*wrappers.UInt32Value)(nil),    // 3: google.protobuf.UInt32Value
+}
+var file_envoy_type_matcher_v3_regex_proto_depIdxs = []int32{
+	2, // 0: envoy.type.matcher.v3.RegexMatcher.google_re2:type_name -> envoy.type.matcher.v3.RegexMatcher.GoogleRE2
+	0, // 1: envoy.type.matcher.v3.RegexMatchAndSubstitute.pattern:type_name -> envoy.type.matcher.v3.RegexMatcher
+	3, // 2: envoy.type.matcher.v3.RegexMatcher.GoogleRE2.max_program_size:type_name -> google.protobuf.UInt32Value
+	3, // [3:3] is the sub-list for method output_type
+	3, // [3:3] is the sub-list for method input_type
+	3, // [3:3] is the sub-list for extension type_name
+	3, // [3:3] is the sub-list for extension extendee
+	0, // [0:3] is the sub-list for field type_name
+}
+
+func init() { file_envoy_type_matcher_v3_regex_proto_init() }
+func file_envoy_type_matcher_v3_regex_proto_init() {
+	if File_envoy_type_matcher_v3_regex_proto != nil {
+		return
+	}
+	if !protoimpl.UnsafeEnabled {
+		file_envoy_type_matcher_v3_regex_proto_msgTypes[0].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*RegexMatcher); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_type_matcher_v3_regex_proto_msgTypes[1].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*RegexMatchAndSubstitute); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_type_matcher_v3_regex_proto_msgTypes[2].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*RegexMatcher_GoogleRE2); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+	}
+	file_envoy_type_matcher_v3_regex_proto_msgTypes[0].OneofWrappers = []interface{}{
+		(*RegexMatcher_GoogleRe2)(nil),
+	}
+	type x struct{}
+	out := protoimpl.TypeBuilder{
+		File: protoimpl.DescBuilder{
+			GoPackagePath: reflect.TypeOf(x{}).PkgPath(),
+			RawDescriptor: file_envoy_type_matcher_v3_regex_proto_rawDesc,
+			NumEnums:      0,
+			NumMessages:   3,
+			NumExtensions: 0,
+			NumServices:   0,
+		},
+		GoTypes:           file_envoy_type_matcher_v3_regex_proto_goTypes,
+		DependencyIndexes: file_envoy_type_matcher_v3_regex_proto_depIdxs,
+		MessageInfos:      file_envoy_type_matcher_v3_regex_proto_msgTypes,
+	}.Build()
+	File_envoy_type_matcher_v3_regex_proto = out.File
+	file_envoy_type_matcher_v3_regex_proto_rawDesc = nil
+	file_envoy_type_matcher_v3_regex_proto_goTypes = nil
+	file_envoy_type_matcher_v3_regex_proto_depIdxs = nil
+}
diff --git a/vendor/github.com/envoyproxy/go-control-plane/envoy/type/matcher/v3/regex.pb.validate.go b/vendor/github.com/envoyproxy/go-control-plane/envoy/type/matcher/v3/regex.pb.validate.go
new file mode 100644
index 00000000000..d7d54333ac2
--- /dev/null
+++ b/vendor/github.com/envoyproxy/go-control-plane/envoy/type/matcher/v3/regex.pb.validate.go
@@ -0,0 +1,474 @@
+// Code generated by protoc-gen-validate. DO NOT EDIT.
+// source: envoy/type/matcher/v3/regex.proto
+
+package envoy_type_matcher_v3
+
+import (
+	"bytes"
+	"errors"
+	"fmt"
+	"net"
+	"net/mail"
+	"net/url"
+	"regexp"
+	"sort"
+	"strings"
+	"time"
+	"unicode/utf8"
+
+	"google.golang.org/protobuf/types/known/anypb"
+)
+
+// ensure the imports are used
+var (
+	_ = bytes.MinRead
+	_ = errors.New("")
+	_ = fmt.Print
+	_ = utf8.UTFMax
+	_ = (*regexp.Regexp)(nil)
+	_ = (*strings.Reader)(nil)
+	_ = net.IPv4len
+	_ = time.Duration(0)
+	_ = (*url.URL)(nil)
+	_ = (*mail.Address)(nil)
+	_ = anypb.Any{}
+	_ = sort.Sort
+)
+
+// Validate checks the field values on RegexMatcher with the rules defined in
+// the proto definition for this message. If any rules are violated, the first
+// error encountered is returned, or nil if there are no violations.
+func (m *RegexMatcher) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on RegexMatcher with the rules defined
+// in the proto definition for this message. If any rules are violated, the
+// result is a list of violation errors wrapped in RegexMatcherMultiError, or
+// nil if none found.
+func (m *RegexMatcher) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *RegexMatcher) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	if utf8.RuneCountInString(m.GetRegex()) < 1 {
+		err := RegexMatcherValidationError{
+			field:  "Regex",
+			reason: "value length must be at least 1 runes",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+	}
+
+	switch m.EngineType.(type) {
+
+	case *RegexMatcher_GoogleRe2:
+
+		if m.GetGoogleRe2() == nil {
+			err := RegexMatcherValidationError{
+				field:  "GoogleRe2",
+				reason: "value is required",
+			}
+			if !all {
+				return err
+			}
+			errors = append(errors, err)
+		}
+
+		if all {
+			switch v := interface{}(m.GetGoogleRe2()).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, RegexMatcherValidationError{
+						field:  "GoogleRe2",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, RegexMatcherValidationError{
+						field:  "GoogleRe2",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(m.GetGoogleRe2()).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return RegexMatcherValidationError{
+					field:  "GoogleRe2",
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	default:
+		err := RegexMatcherValidationError{
+			field:  "EngineType",
+			reason: "value is required",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+
+	}
+
+	if len(errors) > 0 {
+		return RegexMatcherMultiError(errors)
+	}
+	return nil
+}
+
+// RegexMatcherMultiError is an error wrapping multiple validation errors
+// returned by RegexMatcher.ValidateAll() if the designated constraints aren't met.
+type RegexMatcherMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m RegexMatcherMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m RegexMatcherMultiError) AllErrors() []error { return m }
+
+// RegexMatcherValidationError is the validation error returned by
+// RegexMatcher.Validate if the designated constraints aren't met.
+type RegexMatcherValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e RegexMatcherValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e RegexMatcherValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e RegexMatcherValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e RegexMatcherValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e RegexMatcherValidationError) ErrorName() string { return "RegexMatcherValidationError" }
+
+// Error satisfies the builtin error interface
+func (e RegexMatcherValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sRegexMatcher.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = RegexMatcherValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = RegexMatcherValidationError{}
+
+// Validate checks the field values on RegexMatchAndSubstitute with the rules
+// defined in the proto definition for this message. If any rules are
+// violated, the first error encountered is returned, or nil if there are no violations.
+func (m *RegexMatchAndSubstitute) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on RegexMatchAndSubstitute with the
+// rules defined in the proto definition for this message. If any rules are
+// violated, the result is a list of violation errors wrapped in
+// RegexMatchAndSubstituteMultiError, or nil if none found.
+func (m *RegexMatchAndSubstitute) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *RegexMatchAndSubstitute) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	if m.GetPattern() == nil {
+		err := RegexMatchAndSubstituteValidationError{
+			field:  "Pattern",
+			reason: "value is required",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+	}
+
+	if all {
+		switch v := interface{}(m.GetPattern()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, RegexMatchAndSubstituteValidationError{
+					field:  "Pattern",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, RegexMatchAndSubstituteValidationError{
+					field:  "Pattern",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetPattern()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return RegexMatchAndSubstituteValidationError{
+				field:  "Pattern",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	// no validation rules for Substitution
+
+	if len(errors) > 0 {
+		return RegexMatchAndSubstituteMultiError(errors)
+	}
+	return nil
+}
+
+// RegexMatchAndSubstituteMultiError is an error wrapping multiple validation
+// errors returned by RegexMatchAndSubstitute.ValidateAll() if the designated
+// constraints aren't met.
+type RegexMatchAndSubstituteMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m RegexMatchAndSubstituteMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m RegexMatchAndSubstituteMultiError) AllErrors() []error { return m }
+
+// RegexMatchAndSubstituteValidationError is the validation error returned by
+// RegexMatchAndSubstitute.Validate if the designated constraints aren't met.
+type RegexMatchAndSubstituteValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e RegexMatchAndSubstituteValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e RegexMatchAndSubstituteValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e RegexMatchAndSubstituteValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e RegexMatchAndSubstituteValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e RegexMatchAndSubstituteValidationError) ErrorName() string {
+	return "RegexMatchAndSubstituteValidationError"
+}
+
+// Error satisfies the builtin error interface
+func (e RegexMatchAndSubstituteValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sRegexMatchAndSubstitute.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = RegexMatchAndSubstituteValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = RegexMatchAndSubstituteValidationError{}
+
+// Validate checks the field values on RegexMatcher_GoogleRE2 with the rules
+// defined in the proto definition for this message. If any rules are
+// violated, the first error encountered is returned, or nil if there are no violations.
+func (m *RegexMatcher_GoogleRE2) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on RegexMatcher_GoogleRE2 with the rules
+// defined in the proto definition for this message. If any rules are
+// violated, the result is a list of violation errors wrapped in
+// RegexMatcher_GoogleRE2MultiError, or nil if none found.
+func (m *RegexMatcher_GoogleRE2) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *RegexMatcher_GoogleRE2) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	if all {
+		switch v := interface{}(m.GetMaxProgramSize()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, RegexMatcher_GoogleRE2ValidationError{
+					field:  "MaxProgramSize",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, RegexMatcher_GoogleRE2ValidationError{
+					field:  "MaxProgramSize",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetMaxProgramSize()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return RegexMatcher_GoogleRE2ValidationError{
+				field:  "MaxProgramSize",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if len(errors) > 0 {
+		return RegexMatcher_GoogleRE2MultiError(errors)
+	}
+	return nil
+}
+
+// RegexMatcher_GoogleRE2MultiError is an error wrapping multiple validation
+// errors returned by RegexMatcher_GoogleRE2.ValidateAll() if the designated
+// constraints aren't met.
+type RegexMatcher_GoogleRE2MultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m RegexMatcher_GoogleRE2MultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m RegexMatcher_GoogleRE2MultiError) AllErrors() []error { return m }
+
+// RegexMatcher_GoogleRE2ValidationError is the validation error returned by
+// RegexMatcher_GoogleRE2.Validate if the designated constraints aren't met.
+type RegexMatcher_GoogleRE2ValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e RegexMatcher_GoogleRE2ValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e RegexMatcher_GoogleRE2ValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e RegexMatcher_GoogleRE2ValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e RegexMatcher_GoogleRE2ValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e RegexMatcher_GoogleRE2ValidationError) ErrorName() string {
+	return "RegexMatcher_GoogleRE2ValidationError"
+}
+
+// Error satisfies the builtin error interface
+func (e RegexMatcher_GoogleRE2ValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sRegexMatcher_GoogleRE2.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = RegexMatcher_GoogleRE2ValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = RegexMatcher_GoogleRE2ValidationError{}
diff --git a/vendor/github.com/envoyproxy/go-control-plane/envoy/type/matcher/v3/string.pb.go b/vendor/github.com/envoyproxy/go-control-plane/envoy/type/matcher/v3/string.pb.go
new file mode 100644
index 00000000000..50c4f1989ad
--- /dev/null
+++ b/vendor/github.com/envoyproxy/go-control-plane/envoy/type/matcher/v3/string.pb.go
@@ -0,0 +1,374 @@
+// Code generated by protoc-gen-go. DO NOT EDIT.
+// versions:
+// 	protoc-gen-go v1.25.0
+// 	protoc        v3.19.1
+// source: envoy/type/matcher/v3/string.proto
+
+package envoy_type_matcher_v3
+
+import (
+	_ "github.com/cncf/xds/go/udpa/annotations"
+	_ "github.com/envoyproxy/protoc-gen-validate/validate"
+	proto "github.com/golang/protobuf/proto"
+	protoreflect "google.golang.org/protobuf/reflect/protoreflect"
+	protoimpl "google.golang.org/protobuf/runtime/protoimpl"
+	reflect "reflect"
+	sync "sync"
+)
+
+const (
+	// Verify that this generated code is sufficiently up-to-date.
+	_ = protoimpl.EnforceVersion(20 - protoimpl.MinVersion)
+	// Verify that runtime/protoimpl is sufficiently up-to-date.
+	_ = protoimpl.EnforceVersion(protoimpl.MaxVersion - 20)
+)
+
+// This is a compile-time assertion that a sufficiently up-to-date version
+// of the legacy proto package is being used.
+const _ = proto.ProtoPackageIsVersion4
+
+// Specifies the way to match a string.
+// [#next-free-field: 8]
+type StringMatcher struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// Types that are assignable to MatchPattern:
+	//	*StringMatcher_Exact
+	//	*StringMatcher_Prefix
+	//	*StringMatcher_Suffix
+	//	*StringMatcher_SafeRegex
+	//	*StringMatcher_Contains
+	MatchPattern isStringMatcher_MatchPattern `protobuf_oneof:"match_pattern"`
+	// If true, indicates the exact/prefix/suffix/contains matching should be case insensitive. This
+	// has no effect for the safe_regex match.
+	// For example, the matcher *data* will match both input string *Data* and *data* if set to true.
+	IgnoreCase bool `protobuf:"varint,6,opt,name=ignore_case,json=ignoreCase,proto3" json:"ignore_case,omitempty"`
+}
+
+func (x *StringMatcher) Reset() {
+	*x = StringMatcher{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_type_matcher_v3_string_proto_msgTypes[0]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *StringMatcher) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*StringMatcher) ProtoMessage() {}
+
+func (x *StringMatcher) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_type_matcher_v3_string_proto_msgTypes[0]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use StringMatcher.ProtoReflect.Descriptor instead.
+func (*StringMatcher) Descriptor() ([]byte, []int) {
+	return file_envoy_type_matcher_v3_string_proto_rawDescGZIP(), []int{0}
+}
+
+func (m *StringMatcher) GetMatchPattern() isStringMatcher_MatchPattern {
+	if m != nil {
+		return m.MatchPattern
+	}
+	return nil
+}
+
+func (x *StringMatcher) GetExact() string {
+	if x, ok := x.GetMatchPattern().(*StringMatcher_Exact); ok {
+		return x.Exact
+	}
+	return ""
+}
+
+func (x *StringMatcher) GetPrefix() string {
+	if x, ok := x.GetMatchPattern().(*StringMatcher_Prefix); ok {
+		return x.Prefix
+	}
+	return ""
+}
+
+func (x *StringMatcher) GetSuffix() string {
+	if x, ok := x.GetMatchPattern().(*StringMatcher_Suffix); ok {
+		return x.Suffix
+	}
+	return ""
+}
+
+func (x *StringMatcher) GetSafeRegex() *RegexMatcher {
+	if x, ok := x.GetMatchPattern().(*StringMatcher_SafeRegex); ok {
+		return x.SafeRegex
+	}
+	return nil
+}
+
+func (x *StringMatcher) GetContains() string {
+	if x, ok := x.GetMatchPattern().(*StringMatcher_Contains); ok {
+		return x.Contains
+	}
+	return ""
+}
+
+func (x *StringMatcher) GetIgnoreCase() bool {
+	if x != nil {
+		return x.IgnoreCase
+	}
+	return false
+}
+
+type isStringMatcher_MatchPattern interface {
+	isStringMatcher_MatchPattern()
+}
+
+type StringMatcher_Exact struct {
+	// The input string must match exactly the string specified here.
+	//
+	// Examples:
+	//
+	// * *abc* only matches the value *abc*.
+	Exact string `protobuf:"bytes,1,opt,name=exact,proto3,oneof"`
+}
+
+type StringMatcher_Prefix struct {
+	// The input string must have the prefix specified here.
+	// Note: empty prefix is not allowed, please use regex instead.
+	//
+	// Examples:
+	//
+	// * *abc* matches the value *abc.xyz*
+	Prefix string `protobuf:"bytes,2,opt,name=prefix,proto3,oneof"`
+}
+
+type StringMatcher_Suffix struct {
+	// The input string must have the suffix specified here.
+	// Note: empty prefix is not allowed, please use regex instead.
+	//
+	// Examples:
+	//
+	// * *abc* matches the value *xyz.abc*
+	Suffix string `protobuf:"bytes,3,opt,name=suffix,proto3,oneof"`
+}
+
+type StringMatcher_SafeRegex struct {
+	// The input string must match the regular expression specified here.
+	SafeRegex *RegexMatcher `protobuf:"bytes,5,opt,name=safe_regex,json=safeRegex,proto3,oneof"`
+}
+
+type StringMatcher_Contains struct {
+	// The input string must have the substring specified here.
+	// Note: empty contains match is not allowed, please use regex instead.
+	//
+	// Examples:
+	//
+	// * *abc* matches the value *xyz.abc.def*
+	Contains string `protobuf:"bytes,7,opt,name=contains,proto3,oneof"`
+}
+
+func (*StringMatcher_Exact) isStringMatcher_MatchPattern() {}
+
+func (*StringMatcher_Prefix) isStringMatcher_MatchPattern() {}
+
+func (*StringMatcher_Suffix) isStringMatcher_MatchPattern() {}
+
+func (*StringMatcher_SafeRegex) isStringMatcher_MatchPattern() {}
+
+func (*StringMatcher_Contains) isStringMatcher_MatchPattern() {}
+
+// Specifies a list of ways to match a string.
+type ListStringMatcher struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	Patterns []*StringMatcher `protobuf:"bytes,1,rep,name=patterns,proto3" json:"patterns,omitempty"`
+}
+
+func (x *ListStringMatcher) Reset() {
+	*x = ListStringMatcher{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_type_matcher_v3_string_proto_msgTypes[1]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *ListStringMatcher) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*ListStringMatcher) ProtoMessage() {}
+
+func (x *ListStringMatcher) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_type_matcher_v3_string_proto_msgTypes[1]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use ListStringMatcher.ProtoReflect.Descriptor instead.
+func (*ListStringMatcher) Descriptor() ([]byte, []int) {
+	return file_envoy_type_matcher_v3_string_proto_rawDescGZIP(), []int{1}
+}
+
+func (x *ListStringMatcher) GetPatterns() []*StringMatcher {
+	if x != nil {
+		return x.Patterns
+	}
+	return nil
+}
+
+var File_envoy_type_matcher_v3_string_proto protoreflect.FileDescriptor
+
+var file_envoy_type_matcher_v3_string_proto_rawDesc = []byte{
+	0x0a, 0x22, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2f, 0x74, 0x79, 0x70, 0x65, 0x2f, 0x6d, 0x61, 0x74,
+	0x63, 0x68, 0x65, 0x72, 0x2f, 0x76, 0x33, 0x2f, 0x73, 0x74, 0x72, 0x69, 0x6e, 0x67, 0x2e, 0x70,
+	0x72, 0x6f, 0x74, 0x6f, 0x12, 0x15, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x74, 0x79, 0x70, 0x65,
+	0x2e, 0x6d, 0x61, 0x74, 0x63, 0x68, 0x65, 0x72, 0x2e, 0x76, 0x33, 0x1a, 0x21, 0x65, 0x6e, 0x76,
+	0x6f, 0x79, 0x2f, 0x74, 0x79, 0x70, 0x65, 0x2f, 0x6d, 0x61, 0x74, 0x63, 0x68, 0x65, 0x72, 0x2f,
+	0x76, 0x33, 0x2f, 0x72, 0x65, 0x67, 0x65, 0x78, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x1d,
+	0x75, 0x64, 0x70, 0x61, 0x2f, 0x61, 0x6e, 0x6e, 0x6f, 0x74, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x73,
+	0x2f, 0x73, 0x74, 0x61, 0x74, 0x75, 0x73, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x21, 0x75,
+	0x64, 0x70, 0x61, 0x2f, 0x61, 0x6e, 0x6e, 0x6f, 0x74, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x2f,
+	0x76, 0x65, 0x72, 0x73, 0x69, 0x6f, 0x6e, 0x69, 0x6e, 0x67, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f,
+	0x1a, 0x17, 0x76, 0x61, 0x6c, 0x69, 0x64, 0x61, 0x74, 0x65, 0x2f, 0x76, 0x61, 0x6c, 0x69, 0x64,
+	0x61, 0x74, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x22, 0xd1, 0x02, 0x0a, 0x0d, 0x53, 0x74,
+	0x72, 0x69, 0x6e, 0x67, 0x4d, 0x61, 0x74, 0x63, 0x68, 0x65, 0x72, 0x12, 0x16, 0x0a, 0x05, 0x65,
+	0x78, 0x61, 0x63, 0x74, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x48, 0x00, 0x52, 0x05, 0x65, 0x78,
+	0x61, 0x63, 0x74, 0x12, 0x21, 0x0a, 0x06, 0x70, 0x72, 0x65, 0x66, 0x69, 0x78, 0x18, 0x02, 0x20,
+	0x01, 0x28, 0x09, 0x42, 0x07, 0xfa, 0x42, 0x04, 0x72, 0x02, 0x10, 0x01, 0x48, 0x00, 0x52, 0x06,
+	0x70, 0x72, 0x65, 0x66, 0x69, 0x78, 0x12, 0x21, 0x0a, 0x06, 0x73, 0x75, 0x66, 0x66, 0x69, 0x78,
+	0x18, 0x03, 0x20, 0x01, 0x28, 0x09, 0x42, 0x07, 0xfa, 0x42, 0x04, 0x72, 0x02, 0x10, 0x01, 0x48,
+	0x00, 0x52, 0x06, 0x73, 0x75, 0x66, 0x66, 0x69, 0x78, 0x12, 0x4e, 0x0a, 0x0a, 0x73, 0x61, 0x66,
+	0x65, 0x5f, 0x72, 0x65, 0x67, 0x65, 0x78, 0x18, 0x05, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x23, 0x2e,
+	0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x74, 0x79, 0x70, 0x65, 0x2e, 0x6d, 0x61, 0x74, 0x63, 0x68,
+	0x65, 0x72, 0x2e, 0x76, 0x33, 0x2e, 0x52, 0x65, 0x67, 0x65, 0x78, 0x4d, 0x61, 0x74, 0x63, 0x68,
+	0x65, 0x72, 0x42, 0x08, 0xfa, 0x42, 0x05, 0x8a, 0x01, 0x02, 0x10, 0x01, 0x48, 0x00, 0x52, 0x09,
+	0x73, 0x61, 0x66, 0x65, 0x52, 0x65, 0x67, 0x65, 0x78, 0x12, 0x25, 0x0a, 0x08, 0x63, 0x6f, 0x6e,
+	0x74, 0x61, 0x69, 0x6e, 0x73, 0x18, 0x07, 0x20, 0x01, 0x28, 0x09, 0x42, 0x07, 0xfa, 0x42, 0x04,
+	0x72, 0x02, 0x10, 0x01, 0x48, 0x00, 0x52, 0x08, 0x63, 0x6f, 0x6e, 0x74, 0x61, 0x69, 0x6e, 0x73,
+	0x12, 0x1f, 0x0a, 0x0b, 0x69, 0x67, 0x6e, 0x6f, 0x72, 0x65, 0x5f, 0x63, 0x61, 0x73, 0x65, 0x18,
+	0x06, 0x20, 0x01, 0x28, 0x08, 0x52, 0x0a, 0x69, 0x67, 0x6e, 0x6f, 0x72, 0x65, 0x43, 0x61, 0x73,
+	0x65, 0x3a, 0x27, 0x9a, 0xc5, 0x88, 0x1e, 0x22, 0x0a, 0x20, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e,
+	0x74, 0x79, 0x70, 0x65, 0x2e, 0x6d, 0x61, 0x74, 0x63, 0x68, 0x65, 0x72, 0x2e, 0x53, 0x74, 0x72,
+	0x69, 0x6e, 0x67, 0x4d, 0x61, 0x74, 0x63, 0x68, 0x65, 0x72, 0x42, 0x14, 0x0a, 0x0d, 0x6d, 0x61,
+	0x74, 0x63, 0x68, 0x5f, 0x70, 0x61, 0x74, 0x74, 0x65, 0x72, 0x6e, 0x12, 0x03, 0xf8, 0x42, 0x01,
+	0x4a, 0x04, 0x08, 0x04, 0x10, 0x05, 0x52, 0x05, 0x72, 0x65, 0x67, 0x65, 0x78, 0x22, 0x8c, 0x01,
+	0x0a, 0x11, 0x4c, 0x69, 0x73, 0x74, 0x53, 0x74, 0x72, 0x69, 0x6e, 0x67, 0x4d, 0x61, 0x74, 0x63,
+	0x68, 0x65, 0x72, 0x12, 0x4a, 0x0a, 0x08, 0x70, 0x61, 0x74, 0x74, 0x65, 0x72, 0x6e, 0x73, 0x18,
+	0x01, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x24, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x74, 0x79,
+	0x70, 0x65, 0x2e, 0x6d, 0x61, 0x74, 0x63, 0x68, 0x65, 0x72, 0x2e, 0x76, 0x33, 0x2e, 0x53, 0x74,
+	0x72, 0x69, 0x6e, 0x67, 0x4d, 0x61, 0x74, 0x63, 0x68, 0x65, 0x72, 0x42, 0x08, 0xfa, 0x42, 0x05,
+	0x92, 0x01, 0x02, 0x08, 0x01, 0x52, 0x08, 0x70, 0x61, 0x74, 0x74, 0x65, 0x72, 0x6e, 0x73, 0x3a,
+	0x2b, 0x9a, 0xc5, 0x88, 0x1e, 0x26, 0x0a, 0x24, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x74, 0x79,
+	0x70, 0x65, 0x2e, 0x6d, 0x61, 0x74, 0x63, 0x68, 0x65, 0x72, 0x2e, 0x4c, 0x69, 0x73, 0x74, 0x53,
+	0x74, 0x72, 0x69, 0x6e, 0x67, 0x4d, 0x61, 0x74, 0x63, 0x68, 0x65, 0x72, 0x42, 0x3c, 0x0a, 0x23,
+	0x69, 0x6f, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x70, 0x72, 0x6f, 0x78, 0x79, 0x2e, 0x65, 0x6e,
+	0x76, 0x6f, 0x79, 0x2e, 0x74, 0x79, 0x70, 0x65, 0x2e, 0x6d, 0x61, 0x74, 0x63, 0x68, 0x65, 0x72,
+	0x2e, 0x76, 0x33, 0x42, 0x0b, 0x53, 0x74, 0x72, 0x69, 0x6e, 0x67, 0x50, 0x72, 0x6f, 0x74, 0x6f,
+	0x50, 0x01, 0xba, 0x80, 0xc8, 0xd1, 0x06, 0x02, 0x10, 0x02, 0x62, 0x06, 0x70, 0x72, 0x6f, 0x74,
+	0x6f, 0x33,
+}
+
+var (
+	file_envoy_type_matcher_v3_string_proto_rawDescOnce sync.Once
+	file_envoy_type_matcher_v3_string_proto_rawDescData = file_envoy_type_matcher_v3_string_proto_rawDesc
+)
+
+func file_envoy_type_matcher_v3_string_proto_rawDescGZIP() []byte {
+	file_envoy_type_matcher_v3_string_proto_rawDescOnce.Do(func() {
+		file_envoy_type_matcher_v3_string_proto_rawDescData = protoimpl.X.CompressGZIP(file_envoy_type_matcher_v3_string_proto_rawDescData)
+	})
+	return file_envoy_type_matcher_v3_string_proto_rawDescData
+}
+
+var file_envoy_type_matcher_v3_string_proto_msgTypes = make([]protoimpl.MessageInfo, 2)
+var file_envoy_type_matcher_v3_string_proto_goTypes = []interface{}{
+	(*StringMatcher)(nil),     // 0: envoy.type.matcher.v3.StringMatcher
+	(*ListStringMatcher)(nil), // 1: envoy.type.matcher.v3.ListStringMatcher
+	(*RegexMatcher)(nil),      // 2: envoy.type.matcher.v3.RegexMatcher
+}
+var file_envoy_type_matcher_v3_string_proto_depIdxs = []int32{
+	2, // 0: envoy.type.matcher.v3.StringMatcher.safe_regex:type_name -> envoy.type.matcher.v3.RegexMatcher
+	0, // 1: envoy.type.matcher.v3.ListStringMatcher.patterns:type_name -> envoy.type.matcher.v3.StringMatcher
+	2, // [2:2] is the sub-list for method output_type
+	2, // [2:2] is the sub-list for method input_type
+	2, // [2:2] is the sub-list for extension type_name
+	2, // [2:2] is the sub-list for extension extendee
+	0, // [0:2] is the sub-list for field type_name
+}
+
+func init() { file_envoy_type_matcher_v3_string_proto_init() }
+func file_envoy_type_matcher_v3_string_proto_init() {
+	if File_envoy_type_matcher_v3_string_proto != nil {
+		return
+	}
+	file_envoy_type_matcher_v3_regex_proto_init()
+	if !protoimpl.UnsafeEnabled {
+		file_envoy_type_matcher_v3_string_proto_msgTypes[0].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*StringMatcher); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_type_matcher_v3_string_proto_msgTypes[1].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*ListStringMatcher); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+	}
+	file_envoy_type_matcher_v3_string_proto_msgTypes[0].OneofWrappers = []interface{}{
+		(*StringMatcher_Exact)(nil),
+		(*StringMatcher_Prefix)(nil),
+		(*StringMatcher_Suffix)(nil),
+		(*StringMatcher_SafeRegex)(nil),
+		(*StringMatcher_Contains)(nil),
+	}
+	type x struct{}
+	out := protoimpl.TypeBuilder{
+		File: protoimpl.DescBuilder{
+			GoPackagePath: reflect.TypeOf(x{}).PkgPath(),
+			RawDescriptor: file_envoy_type_matcher_v3_string_proto_rawDesc,
+			NumEnums:      0,
+			NumMessages:   2,
+			NumExtensions: 0,
+			NumServices:   0,
+		},
+		GoTypes:           file_envoy_type_matcher_v3_string_proto_goTypes,
+		DependencyIndexes: file_envoy_type_matcher_v3_string_proto_depIdxs,
+		MessageInfos:      file_envoy_type_matcher_v3_string_proto_msgTypes,
+	}.Build()
+	File_envoy_type_matcher_v3_string_proto = out.File
+	file_envoy_type_matcher_v3_string_proto_rawDesc = nil
+	file_envoy_type_matcher_v3_string_proto_goTypes = nil
+	file_envoy_type_matcher_v3_string_proto_depIdxs = nil
+}
diff --git a/vendor/github.com/envoyproxy/go-control-plane/envoy/type/matcher/v3/string.pb.validate.go b/vendor/github.com/envoyproxy/go-control-plane/envoy/type/matcher/v3/string.pb.validate.go
new file mode 100644
index 00000000000..2d3d7f4ee2b
--- /dev/null
+++ b/vendor/github.com/envoyproxy/go-control-plane/envoy/type/matcher/v3/string.pb.validate.go
@@ -0,0 +1,381 @@
+// Code generated by protoc-gen-validate. DO NOT EDIT.
+// source: envoy/type/matcher/v3/string.proto
+
+package envoy_type_matcher_v3
+
+import (
+	"bytes"
+	"errors"
+	"fmt"
+	"net"
+	"net/mail"
+	"net/url"
+	"regexp"
+	"sort"
+	"strings"
+	"time"
+	"unicode/utf8"
+
+	"google.golang.org/protobuf/types/known/anypb"
+)
+
+// ensure the imports are used
+var (
+	_ = bytes.MinRead
+	_ = errors.New("")
+	_ = fmt.Print
+	_ = utf8.UTFMax
+	_ = (*regexp.Regexp)(nil)
+	_ = (*strings.Reader)(nil)
+	_ = net.IPv4len
+	_ = time.Duration(0)
+	_ = (*url.URL)(nil)
+	_ = (*mail.Address)(nil)
+	_ = anypb.Any{}
+	_ = sort.Sort
+)
+
+// Validate checks the field values on StringMatcher with the rules defined in
+// the proto definition for this message. If any rules are violated, the first
+// error encountered is returned, or nil if there are no violations.
+func (m *StringMatcher) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on StringMatcher with the rules defined
+// in the proto definition for this message. If any rules are violated, the
+// result is a list of violation errors wrapped in StringMatcherMultiError, or
+// nil if none found.
+func (m *StringMatcher) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *StringMatcher) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	// no validation rules for IgnoreCase
+
+	switch m.MatchPattern.(type) {
+
+	case *StringMatcher_Exact:
+		// no validation rules for Exact
+
+	case *StringMatcher_Prefix:
+
+		if utf8.RuneCountInString(m.GetPrefix()) < 1 {
+			err := StringMatcherValidationError{
+				field:  "Prefix",
+				reason: "value length must be at least 1 runes",
+			}
+			if !all {
+				return err
+			}
+			errors = append(errors, err)
+		}
+
+	case *StringMatcher_Suffix:
+
+		if utf8.RuneCountInString(m.GetSuffix()) < 1 {
+			err := StringMatcherValidationError{
+				field:  "Suffix",
+				reason: "value length must be at least 1 runes",
+			}
+			if !all {
+				return err
+			}
+			errors = append(errors, err)
+		}
+
+	case *StringMatcher_SafeRegex:
+
+		if m.GetSafeRegex() == nil {
+			err := StringMatcherValidationError{
+				field:  "SafeRegex",
+				reason: "value is required",
+			}
+			if !all {
+				return err
+			}
+			errors = append(errors, err)
+		}
+
+		if all {
+			switch v := interface{}(m.GetSafeRegex()).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, StringMatcherValidationError{
+						field:  "SafeRegex",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, StringMatcherValidationError{
+						field:  "SafeRegex",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(m.GetSafeRegex()).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return StringMatcherValidationError{
+					field:  "SafeRegex",
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	case *StringMatcher_Contains:
+
+		if utf8.RuneCountInString(m.GetContains()) < 1 {
+			err := StringMatcherValidationError{
+				field:  "Contains",
+				reason: "value length must be at least 1 runes",
+			}
+			if !all {
+				return err
+			}
+			errors = append(errors, err)
+		}
+
+	default:
+		err := StringMatcherValidationError{
+			field:  "MatchPattern",
+			reason: "value is required",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+
+	}
+
+	if len(errors) > 0 {
+		return StringMatcherMultiError(errors)
+	}
+	return nil
+}
+
+// StringMatcherMultiError is an error wrapping multiple validation errors
+// returned by StringMatcher.ValidateAll() if the designated constraints
+// aren't met.
+type StringMatcherMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m StringMatcherMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m StringMatcherMultiError) AllErrors() []error { return m }
+
+// StringMatcherValidationError is the validation error returned by
+// StringMatcher.Validate if the designated constraints aren't met.
+type StringMatcherValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e StringMatcherValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e StringMatcherValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e StringMatcherValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e StringMatcherValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e StringMatcherValidationError) ErrorName() string { return "StringMatcherValidationError" }
+
+// Error satisfies the builtin error interface
+func (e StringMatcherValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sStringMatcher.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = StringMatcherValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = StringMatcherValidationError{}
+
+// Validate checks the field values on ListStringMatcher with the rules defined
+// in the proto definition for this message. If any rules are violated, the
+// first error encountered is returned, or nil if there are no violations.
+func (m *ListStringMatcher) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on ListStringMatcher with the rules
+// defined in the proto definition for this message. If any rules are
+// violated, the result is a list of violation errors wrapped in
+// ListStringMatcherMultiError, or nil if none found.
+func (m *ListStringMatcher) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *ListStringMatcher) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	if len(m.GetPatterns()) < 1 {
+		err := ListStringMatcherValidationError{
+			field:  "Patterns",
+			reason: "value must contain at least 1 item(s)",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+	}
+
+	for idx, item := range m.GetPatterns() {
+		_, _ = idx, item
+
+		if all {
+			switch v := interface{}(item).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, ListStringMatcherValidationError{
+						field:  fmt.Sprintf("Patterns[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, ListStringMatcherValidationError{
+						field:  fmt.Sprintf("Patterns[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(item).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return ListStringMatcherValidationError{
+					field:  fmt.Sprintf("Patterns[%v]", idx),
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	}
+
+	if len(errors) > 0 {
+		return ListStringMatcherMultiError(errors)
+	}
+	return nil
+}
+
+// ListStringMatcherMultiError is an error wrapping multiple validation errors
+// returned by ListStringMatcher.ValidateAll() if the designated constraints
+// aren't met.
+type ListStringMatcherMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m ListStringMatcherMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m ListStringMatcherMultiError) AllErrors() []error { return m }
+
+// ListStringMatcherValidationError is the validation error returned by
+// ListStringMatcher.Validate if the designated constraints aren't met.
+type ListStringMatcherValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e ListStringMatcherValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e ListStringMatcherValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e ListStringMatcherValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e ListStringMatcherValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e ListStringMatcherValidationError) ErrorName() string {
+	return "ListStringMatcherValidationError"
+}
+
+// Error satisfies the builtin error interface
+func (e ListStringMatcherValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sListStringMatcher.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = ListStringMatcherValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = ListStringMatcherValidationError{}
diff --git a/vendor/github.com/envoyproxy/go-control-plane/envoy/type/matcher/v3/struct.pb.go b/vendor/github.com/envoyproxy/go-control-plane/envoy/type/matcher/v3/struct.pb.go
new file mode 100644
index 00000000000..01e08ed3f1d
--- /dev/null
+++ b/vendor/github.com/envoyproxy/go-control-plane/envoy/type/matcher/v3/struct.pb.go
@@ -0,0 +1,328 @@
+// Code generated by protoc-gen-go. DO NOT EDIT.
+// versions:
+// 	protoc-gen-go v1.25.0
+// 	protoc        v3.19.1
+// source: envoy/type/matcher/v3/struct.proto
+
+package envoy_type_matcher_v3
+
+import (
+	_ "github.com/cncf/xds/go/udpa/annotations"
+	_ "github.com/envoyproxy/protoc-gen-validate/validate"
+	proto "github.com/golang/protobuf/proto"
+	protoreflect "google.golang.org/protobuf/reflect/protoreflect"
+	protoimpl "google.golang.org/protobuf/runtime/protoimpl"
+	reflect "reflect"
+	sync "sync"
+)
+
+const (
+	// Verify that this generated code is sufficiently up-to-date.
+	_ = protoimpl.EnforceVersion(20 - protoimpl.MinVersion)
+	// Verify that runtime/protoimpl is sufficiently up-to-date.
+	_ = protoimpl.EnforceVersion(protoimpl.MaxVersion - 20)
+)
+
+// This is a compile-time assertion that a sufficiently up-to-date version
+// of the legacy proto package is being used.
+const _ = proto.ProtoPackageIsVersion4
+
+// StructMatcher provides a general interface to check if a given value is matched in
+// google.protobuf.Struct. It uses `path` to retrieve the value
+// from the struct and then check if it's matched to the specified value.
+//
+// For example, for the following Struct:
+//
+// .. code-block:: yaml
+//
+//        fields:
+//          a:
+//            struct_value:
+//              fields:
+//                b:
+//                  struct_value:
+//                    fields:
+//                      c:
+//                        string_value: pro
+//                t:
+//                  list_value:
+//                    values:
+//                      - string_value: m
+//                      - string_value: n
+//
+// The following MetadataMatcher is matched as the path [a, b, c] will retrieve a string value "pro"
+// from the Metadata which is matched to the specified prefix match.
+//
+// .. code-block:: yaml
+//
+//    path:
+//    - key: a
+//    - key: b
+//    - key: c
+//    value:
+//      string_match:
+//        prefix: pr
+//
+// The following StructMatcher is matched as the code will match one of the string values in the
+// list at the path [a, t].
+//
+// .. code-block:: yaml
+//
+//    path:
+//    - key: a
+//    - key: t
+//    value:
+//      list_match:
+//        one_of:
+//          string_match:
+//            exact: m
+//
+// An example use of StructMatcher is to match metadata in envoy.v*.core.Node.
+type StructMatcher struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// The path to retrieve the Value from the Struct.
+	Path []*StructMatcher_PathSegment `protobuf:"bytes,2,rep,name=path,proto3" json:"path,omitempty"`
+	// The StructMatcher is matched if the value retrieved by path is matched to this value.
+	Value *ValueMatcher `protobuf:"bytes,3,opt,name=value,proto3" json:"value,omitempty"`
+}
+
+func (x *StructMatcher) Reset() {
+	*x = StructMatcher{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_type_matcher_v3_struct_proto_msgTypes[0]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *StructMatcher) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*StructMatcher) ProtoMessage() {}
+
+func (x *StructMatcher) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_type_matcher_v3_struct_proto_msgTypes[0]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use StructMatcher.ProtoReflect.Descriptor instead.
+func (*StructMatcher) Descriptor() ([]byte, []int) {
+	return file_envoy_type_matcher_v3_struct_proto_rawDescGZIP(), []int{0}
+}
+
+func (x *StructMatcher) GetPath() []*StructMatcher_PathSegment {
+	if x != nil {
+		return x.Path
+	}
+	return nil
+}
+
+func (x *StructMatcher) GetValue() *ValueMatcher {
+	if x != nil {
+		return x.Value
+	}
+	return nil
+}
+
+// Specifies the segment in a path to retrieve value from Struct.
+type StructMatcher_PathSegment struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// Types that are assignable to Segment:
+	//	*StructMatcher_PathSegment_Key
+	Segment isStructMatcher_PathSegment_Segment `protobuf_oneof:"segment"`
+}
+
+func (x *StructMatcher_PathSegment) Reset() {
+	*x = StructMatcher_PathSegment{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_type_matcher_v3_struct_proto_msgTypes[1]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *StructMatcher_PathSegment) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*StructMatcher_PathSegment) ProtoMessage() {}
+
+func (x *StructMatcher_PathSegment) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_type_matcher_v3_struct_proto_msgTypes[1]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use StructMatcher_PathSegment.ProtoReflect.Descriptor instead.
+func (*StructMatcher_PathSegment) Descriptor() ([]byte, []int) {
+	return file_envoy_type_matcher_v3_struct_proto_rawDescGZIP(), []int{0, 0}
+}
+
+func (m *StructMatcher_PathSegment) GetSegment() isStructMatcher_PathSegment_Segment {
+	if m != nil {
+		return m.Segment
+	}
+	return nil
+}
+
+func (x *StructMatcher_PathSegment) GetKey() string {
+	if x, ok := x.GetSegment().(*StructMatcher_PathSegment_Key); ok {
+		return x.Key
+	}
+	return ""
+}
+
+type isStructMatcher_PathSegment_Segment interface {
+	isStructMatcher_PathSegment_Segment()
+}
+
+type StructMatcher_PathSegment_Key struct {
+	// If specified, use the key to retrieve the value in a Struct.
+	Key string `protobuf:"bytes,1,opt,name=key,proto3,oneof"`
+}
+
+func (*StructMatcher_PathSegment_Key) isStructMatcher_PathSegment_Segment() {}
+
+var File_envoy_type_matcher_v3_struct_proto protoreflect.FileDescriptor
+
+var file_envoy_type_matcher_v3_struct_proto_rawDesc = []byte{
+	0x0a, 0x22, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2f, 0x74, 0x79, 0x70, 0x65, 0x2f, 0x6d, 0x61, 0x74,
+	0x63, 0x68, 0x65, 0x72, 0x2f, 0x76, 0x33, 0x2f, 0x73, 0x74, 0x72, 0x75, 0x63, 0x74, 0x2e, 0x70,
+	0x72, 0x6f, 0x74, 0x6f, 0x12, 0x15, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x74, 0x79, 0x70, 0x65,
+	0x2e, 0x6d, 0x61, 0x74, 0x63, 0x68, 0x65, 0x72, 0x2e, 0x76, 0x33, 0x1a, 0x21, 0x65, 0x6e, 0x76,
+	0x6f, 0x79, 0x2f, 0x74, 0x79, 0x70, 0x65, 0x2f, 0x6d, 0x61, 0x74, 0x63, 0x68, 0x65, 0x72, 0x2f,
+	0x76, 0x33, 0x2f, 0x76, 0x61, 0x6c, 0x75, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x1d,
+	0x75, 0x64, 0x70, 0x61, 0x2f, 0x61, 0x6e, 0x6e, 0x6f, 0x74, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x73,
+	0x2f, 0x73, 0x74, 0x61, 0x74, 0x75, 0x73, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x21, 0x75,
+	0x64, 0x70, 0x61, 0x2f, 0x61, 0x6e, 0x6e, 0x6f, 0x74, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x2f,
+	0x76, 0x65, 0x72, 0x73, 0x69, 0x6f, 0x6e, 0x69, 0x6e, 0x67, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f,
+	0x1a, 0x17, 0x76, 0x61, 0x6c, 0x69, 0x64, 0x61, 0x74, 0x65, 0x2f, 0x76, 0x61, 0x6c, 0x69, 0x64,
+	0x61, 0x74, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x22, 0xbe, 0x02, 0x0a, 0x0d, 0x53, 0x74,
+	0x72, 0x75, 0x63, 0x74, 0x4d, 0x61, 0x74, 0x63, 0x68, 0x65, 0x72, 0x12, 0x4e, 0x0a, 0x04, 0x70,
+	0x61, 0x74, 0x68, 0x18, 0x02, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x30, 0x2e, 0x65, 0x6e, 0x76, 0x6f,
+	0x79, 0x2e, 0x74, 0x79, 0x70, 0x65, 0x2e, 0x6d, 0x61, 0x74, 0x63, 0x68, 0x65, 0x72, 0x2e, 0x76,
+	0x33, 0x2e, 0x53, 0x74, 0x72, 0x75, 0x63, 0x74, 0x4d, 0x61, 0x74, 0x63, 0x68, 0x65, 0x72, 0x2e,
+	0x50, 0x61, 0x74, 0x68, 0x53, 0x65, 0x67, 0x6d, 0x65, 0x6e, 0x74, 0x42, 0x08, 0xfa, 0x42, 0x05,
+	0x92, 0x01, 0x02, 0x08, 0x01, 0x52, 0x04, 0x70, 0x61, 0x74, 0x68, 0x12, 0x43, 0x0a, 0x05, 0x76,
+	0x61, 0x6c, 0x75, 0x65, 0x18, 0x03, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x23, 0x2e, 0x65, 0x6e, 0x76,
+	0x6f, 0x79, 0x2e, 0x74, 0x79, 0x70, 0x65, 0x2e, 0x6d, 0x61, 0x74, 0x63, 0x68, 0x65, 0x72, 0x2e,
+	0x76, 0x33, 0x2e, 0x56, 0x61, 0x6c, 0x75, 0x65, 0x4d, 0x61, 0x74, 0x63, 0x68, 0x65, 0x72, 0x42,
+	0x08, 0xfa, 0x42, 0x05, 0x8a, 0x01, 0x02, 0x10, 0x01, 0x52, 0x05, 0x76, 0x61, 0x6c, 0x75, 0x65,
+	0x1a, 0x6f, 0x0a, 0x0b, 0x50, 0x61, 0x74, 0x68, 0x53, 0x65, 0x67, 0x6d, 0x65, 0x6e, 0x74, 0x12,
+	0x1b, 0x0a, 0x03, 0x6b, 0x65, 0x79, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x42, 0x07, 0xfa, 0x42,
+	0x04, 0x72, 0x02, 0x10, 0x01, 0x48, 0x00, 0x52, 0x03, 0x6b, 0x65, 0x79, 0x3a, 0x33, 0x9a, 0xc5,
+	0x88, 0x1e, 0x2e, 0x0a, 0x2c, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x74, 0x79, 0x70, 0x65, 0x2e,
+	0x6d, 0x61, 0x74, 0x63, 0x68, 0x65, 0x72, 0x2e, 0x53, 0x74, 0x72, 0x75, 0x63, 0x74, 0x4d, 0x61,
+	0x74, 0x63, 0x68, 0x65, 0x72, 0x2e, 0x50, 0x61, 0x74, 0x68, 0x53, 0x65, 0x67, 0x6d, 0x65, 0x6e,
+	0x74, 0x42, 0x0e, 0x0a, 0x07, 0x73, 0x65, 0x67, 0x6d, 0x65, 0x6e, 0x74, 0x12, 0x03, 0xf8, 0x42,
+	0x01, 0x3a, 0x27, 0x9a, 0xc5, 0x88, 0x1e, 0x22, 0x0a, 0x20, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e,
+	0x74, 0x79, 0x70, 0x65, 0x2e, 0x6d, 0x61, 0x74, 0x63, 0x68, 0x65, 0x72, 0x2e, 0x53, 0x74, 0x72,
+	0x75, 0x63, 0x74, 0x4d, 0x61, 0x74, 0x63, 0x68, 0x65, 0x72, 0x42, 0x3c, 0x0a, 0x23, 0x69, 0x6f,
+	0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x70, 0x72, 0x6f, 0x78, 0x79, 0x2e, 0x65, 0x6e, 0x76, 0x6f,
+	0x79, 0x2e, 0x74, 0x79, 0x70, 0x65, 0x2e, 0x6d, 0x61, 0x74, 0x63, 0x68, 0x65, 0x72, 0x2e, 0x76,
+	0x33, 0x42, 0x0b, 0x53, 0x74, 0x72, 0x75, 0x63, 0x74, 0x50, 0x72, 0x6f, 0x74, 0x6f, 0x50, 0x01,
+	0xba, 0x80, 0xc8, 0xd1, 0x06, 0x02, 0x10, 0x02, 0x62, 0x06, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x33,
+}
+
+var (
+	file_envoy_type_matcher_v3_struct_proto_rawDescOnce sync.Once
+	file_envoy_type_matcher_v3_struct_proto_rawDescData = file_envoy_type_matcher_v3_struct_proto_rawDesc
+)
+
+func file_envoy_type_matcher_v3_struct_proto_rawDescGZIP() []byte {
+	file_envoy_type_matcher_v3_struct_proto_rawDescOnce.Do(func() {
+		file_envoy_type_matcher_v3_struct_proto_rawDescData = protoimpl.X.CompressGZIP(file_envoy_type_matcher_v3_struct_proto_rawDescData)
+	})
+	return file_envoy_type_matcher_v3_struct_proto_rawDescData
+}
+
+var file_envoy_type_matcher_v3_struct_proto_msgTypes = make([]protoimpl.MessageInfo, 2)
+var file_envoy_type_matcher_v3_struct_proto_goTypes = []interface{}{
+	(*StructMatcher)(nil),             // 0: envoy.type.matcher.v3.StructMatcher
+	(*StructMatcher_PathSegment)(nil), // 1: envoy.type.matcher.v3.StructMatcher.PathSegment
+	(*ValueMatcher)(nil),              // 2: envoy.type.matcher.v3.ValueMatcher
+}
+var file_envoy_type_matcher_v3_struct_proto_depIdxs = []int32{
+	1, // 0: envoy.type.matcher.v3.StructMatcher.path:type_name -> envoy.type.matcher.v3.StructMatcher.PathSegment
+	2, // 1: envoy.type.matcher.v3.StructMatcher.value:type_name -> envoy.type.matcher.v3.ValueMatcher
+	2, // [2:2] is the sub-list for method output_type
+	2, // [2:2] is the sub-list for method input_type
+	2, // [2:2] is the sub-list for extension type_name
+	2, // [2:2] is the sub-list for extension extendee
+	0, // [0:2] is the sub-list for field type_name
+}
+
+func init() { file_envoy_type_matcher_v3_struct_proto_init() }
+func file_envoy_type_matcher_v3_struct_proto_init() {
+	if File_envoy_type_matcher_v3_struct_proto != nil {
+		return
+	}
+	file_envoy_type_matcher_v3_value_proto_init()
+	if !protoimpl.UnsafeEnabled {
+		file_envoy_type_matcher_v3_struct_proto_msgTypes[0].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*StructMatcher); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_type_matcher_v3_struct_proto_msgTypes[1].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*StructMatcher_PathSegment); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+	}
+	file_envoy_type_matcher_v3_struct_proto_msgTypes[1].OneofWrappers = []interface{}{
+		(*StructMatcher_PathSegment_Key)(nil),
+	}
+	type x struct{}
+	out := protoimpl.TypeBuilder{
+		File: protoimpl.DescBuilder{
+			GoPackagePath: reflect.TypeOf(x{}).PkgPath(),
+			RawDescriptor: file_envoy_type_matcher_v3_struct_proto_rawDesc,
+			NumEnums:      0,
+			NumMessages:   2,
+			NumExtensions: 0,
+			NumServices:   0,
+		},
+		GoTypes:           file_envoy_type_matcher_v3_struct_proto_goTypes,
+		DependencyIndexes: file_envoy_type_matcher_v3_struct_proto_depIdxs,
+		MessageInfos:      file_envoy_type_matcher_v3_struct_proto_msgTypes,
+	}.Build()
+	File_envoy_type_matcher_v3_struct_proto = out.File
+	file_envoy_type_matcher_v3_struct_proto_rawDesc = nil
+	file_envoy_type_matcher_v3_struct_proto_goTypes = nil
+	file_envoy_type_matcher_v3_struct_proto_depIdxs = nil
+}
diff --git a/vendor/github.com/envoyproxy/go-control-plane/envoy/type/matcher/v3/struct.pb.validate.go b/vendor/github.com/envoyproxy/go-control-plane/envoy/type/matcher/v3/struct.pb.validate.go
new file mode 100644
index 00000000000..de745f867ed
--- /dev/null
+++ b/vendor/github.com/envoyproxy/go-control-plane/envoy/type/matcher/v3/struct.pb.validate.go
@@ -0,0 +1,348 @@
+// Code generated by protoc-gen-validate. DO NOT EDIT.
+// source: envoy/type/matcher/v3/struct.proto
+
+package envoy_type_matcher_v3
+
+import (
+	"bytes"
+	"errors"
+	"fmt"
+	"net"
+	"net/mail"
+	"net/url"
+	"regexp"
+	"sort"
+	"strings"
+	"time"
+	"unicode/utf8"
+
+	"google.golang.org/protobuf/types/known/anypb"
+)
+
+// ensure the imports are used
+var (
+	_ = bytes.MinRead
+	_ = errors.New("")
+	_ = fmt.Print
+	_ = utf8.UTFMax
+	_ = (*regexp.Regexp)(nil)
+	_ = (*strings.Reader)(nil)
+	_ = net.IPv4len
+	_ = time.Duration(0)
+	_ = (*url.URL)(nil)
+	_ = (*mail.Address)(nil)
+	_ = anypb.Any{}
+	_ = sort.Sort
+)
+
+// Validate checks the field values on StructMatcher with the rules defined in
+// the proto definition for this message. If any rules are violated, the first
+// error encountered is returned, or nil if there are no violations.
+func (m *StructMatcher) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on StructMatcher with the rules defined
+// in the proto definition for this message. If any rules are violated, the
+// result is a list of violation errors wrapped in StructMatcherMultiError, or
+// nil if none found.
+func (m *StructMatcher) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *StructMatcher) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	if len(m.GetPath()) < 1 {
+		err := StructMatcherValidationError{
+			field:  "Path",
+			reason: "value must contain at least 1 item(s)",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+	}
+
+	for idx, item := range m.GetPath() {
+		_, _ = idx, item
+
+		if all {
+			switch v := interface{}(item).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, StructMatcherValidationError{
+						field:  fmt.Sprintf("Path[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, StructMatcherValidationError{
+						field:  fmt.Sprintf("Path[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(item).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return StructMatcherValidationError{
+					field:  fmt.Sprintf("Path[%v]", idx),
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	}
+
+	if m.GetValue() == nil {
+		err := StructMatcherValidationError{
+			field:  "Value",
+			reason: "value is required",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+	}
+
+	if all {
+		switch v := interface{}(m.GetValue()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, StructMatcherValidationError{
+					field:  "Value",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, StructMatcherValidationError{
+					field:  "Value",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetValue()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return StructMatcherValidationError{
+				field:  "Value",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if len(errors) > 0 {
+		return StructMatcherMultiError(errors)
+	}
+	return nil
+}
+
+// StructMatcherMultiError is an error wrapping multiple validation errors
+// returned by StructMatcher.ValidateAll() if the designated constraints
+// aren't met.
+type StructMatcherMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m StructMatcherMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m StructMatcherMultiError) AllErrors() []error { return m }
+
+// StructMatcherValidationError is the validation error returned by
+// StructMatcher.Validate if the designated constraints aren't met.
+type StructMatcherValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e StructMatcherValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e StructMatcherValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e StructMatcherValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e StructMatcherValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e StructMatcherValidationError) ErrorName() string { return "StructMatcherValidationError" }
+
+// Error satisfies the builtin error interface
+func (e StructMatcherValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sStructMatcher.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = StructMatcherValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = StructMatcherValidationError{}
+
+// Validate checks the field values on StructMatcher_PathSegment with the rules
+// defined in the proto definition for this message. If any rules are
+// violated, the first error encountered is returned, or nil if there are no violations.
+func (m *StructMatcher_PathSegment) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on StructMatcher_PathSegment with the
+// rules defined in the proto definition for this message. If any rules are
+// violated, the result is a list of violation errors wrapped in
+// StructMatcher_PathSegmentMultiError, or nil if none found.
+func (m *StructMatcher_PathSegment) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *StructMatcher_PathSegment) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	switch m.Segment.(type) {
+
+	case *StructMatcher_PathSegment_Key:
+
+		if utf8.RuneCountInString(m.GetKey()) < 1 {
+			err := StructMatcher_PathSegmentValidationError{
+				field:  "Key",
+				reason: "value length must be at least 1 runes",
+			}
+			if !all {
+				return err
+			}
+			errors = append(errors, err)
+		}
+
+	default:
+		err := StructMatcher_PathSegmentValidationError{
+			field:  "Segment",
+			reason: "value is required",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+
+	}
+
+	if len(errors) > 0 {
+		return StructMatcher_PathSegmentMultiError(errors)
+	}
+	return nil
+}
+
+// StructMatcher_PathSegmentMultiError is an error wrapping multiple validation
+// errors returned by StructMatcher_PathSegment.ValidateAll() if the
+// designated constraints aren't met.
+type StructMatcher_PathSegmentMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m StructMatcher_PathSegmentMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m StructMatcher_PathSegmentMultiError) AllErrors() []error { return m }
+
+// StructMatcher_PathSegmentValidationError is the validation error returned by
+// StructMatcher_PathSegment.Validate if the designated constraints aren't met.
+type StructMatcher_PathSegmentValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e StructMatcher_PathSegmentValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e StructMatcher_PathSegmentValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e StructMatcher_PathSegmentValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e StructMatcher_PathSegmentValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e StructMatcher_PathSegmentValidationError) ErrorName() string {
+	return "StructMatcher_PathSegmentValidationError"
+}
+
+// Error satisfies the builtin error interface
+func (e StructMatcher_PathSegmentValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sStructMatcher_PathSegment.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = StructMatcher_PathSegmentValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = StructMatcher_PathSegmentValidationError{}
diff --git a/vendor/github.com/envoyproxy/go-control-plane/envoy/type/matcher/v3/value.pb.go b/vendor/github.com/envoyproxy/go-control-plane/envoy/type/matcher/v3/value.pb.go
new file mode 100644
index 00000000000..d214efb3a8f
--- /dev/null
+++ b/vendor/github.com/envoyproxy/go-control-plane/envoy/type/matcher/v3/value.pb.go
@@ -0,0 +1,461 @@
+// Code generated by protoc-gen-go. DO NOT EDIT.
+// versions:
+// 	protoc-gen-go v1.25.0
+// 	protoc        v3.19.1
+// source: envoy/type/matcher/v3/value.proto
+
+package envoy_type_matcher_v3
+
+import (
+	_ "github.com/cncf/xds/go/udpa/annotations"
+	_ "github.com/envoyproxy/protoc-gen-validate/validate"
+	proto "github.com/golang/protobuf/proto"
+	protoreflect "google.golang.org/protobuf/reflect/protoreflect"
+	protoimpl "google.golang.org/protobuf/runtime/protoimpl"
+	reflect "reflect"
+	sync "sync"
+)
+
+const (
+	// Verify that this generated code is sufficiently up-to-date.
+	_ = protoimpl.EnforceVersion(20 - protoimpl.MinVersion)
+	// Verify that runtime/protoimpl is sufficiently up-to-date.
+	_ = protoimpl.EnforceVersion(protoimpl.MaxVersion - 20)
+)
+
+// This is a compile-time assertion that a sufficiently up-to-date version
+// of the legacy proto package is being used.
+const _ = proto.ProtoPackageIsVersion4
+
+// Specifies the way to match a ProtobufWkt::Value. Primitive values and ListValue are supported.
+// StructValue is not supported and is always not matched.
+// [#next-free-field: 7]
+type ValueMatcher struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// Specifies how to match a value.
+	//
+	// Types that are assignable to MatchPattern:
+	//	*ValueMatcher_NullMatch_
+	//	*ValueMatcher_DoubleMatch
+	//	*ValueMatcher_StringMatch
+	//	*ValueMatcher_BoolMatch
+	//	*ValueMatcher_PresentMatch
+	//	*ValueMatcher_ListMatch
+	MatchPattern isValueMatcher_MatchPattern `protobuf_oneof:"match_pattern"`
+}
+
+func (x *ValueMatcher) Reset() {
+	*x = ValueMatcher{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_type_matcher_v3_value_proto_msgTypes[0]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *ValueMatcher) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*ValueMatcher) ProtoMessage() {}
+
+func (x *ValueMatcher) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_type_matcher_v3_value_proto_msgTypes[0]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use ValueMatcher.ProtoReflect.Descriptor instead.
+func (*ValueMatcher) Descriptor() ([]byte, []int) {
+	return file_envoy_type_matcher_v3_value_proto_rawDescGZIP(), []int{0}
+}
+
+func (m *ValueMatcher) GetMatchPattern() isValueMatcher_MatchPattern {
+	if m != nil {
+		return m.MatchPattern
+	}
+	return nil
+}
+
+func (x *ValueMatcher) GetNullMatch() *ValueMatcher_NullMatch {
+	if x, ok := x.GetMatchPattern().(*ValueMatcher_NullMatch_); ok {
+		return x.NullMatch
+	}
+	return nil
+}
+
+func (x *ValueMatcher) GetDoubleMatch() *DoubleMatcher {
+	if x, ok := x.GetMatchPattern().(*ValueMatcher_DoubleMatch); ok {
+		return x.DoubleMatch
+	}
+	return nil
+}
+
+func (x *ValueMatcher) GetStringMatch() *StringMatcher {
+	if x, ok := x.GetMatchPattern().(*ValueMatcher_StringMatch); ok {
+		return x.StringMatch
+	}
+	return nil
+}
+
+func (x *ValueMatcher) GetBoolMatch() bool {
+	if x, ok := x.GetMatchPattern().(*ValueMatcher_BoolMatch); ok {
+		return x.BoolMatch
+	}
+	return false
+}
+
+func (x *ValueMatcher) GetPresentMatch() bool {
+	if x, ok := x.GetMatchPattern().(*ValueMatcher_PresentMatch); ok {
+		return x.PresentMatch
+	}
+	return false
+}
+
+func (x *ValueMatcher) GetListMatch() *ListMatcher {
+	if x, ok := x.GetMatchPattern().(*ValueMatcher_ListMatch); ok {
+		return x.ListMatch
+	}
+	return nil
+}
+
+type isValueMatcher_MatchPattern interface {
+	isValueMatcher_MatchPattern()
+}
+
+type ValueMatcher_NullMatch_ struct {
+	// If specified, a match occurs if and only if the target value is a NullValue.
+	NullMatch *ValueMatcher_NullMatch `protobuf:"bytes,1,opt,name=null_match,json=nullMatch,proto3,oneof"`
+}
+
+type ValueMatcher_DoubleMatch struct {
+	// If specified, a match occurs if and only if the target value is a double value and is
+	// matched to this field.
+	DoubleMatch *DoubleMatcher `protobuf:"bytes,2,opt,name=double_match,json=doubleMatch,proto3,oneof"`
+}
+
+type ValueMatcher_StringMatch struct {
+	// If specified, a match occurs if and only if the target value is a string value and is
+	// matched to this field.
+	StringMatch *StringMatcher `protobuf:"bytes,3,opt,name=string_match,json=stringMatch,proto3,oneof"`
+}
+
+type ValueMatcher_BoolMatch struct {
+	// If specified, a match occurs if and only if the target value is a bool value and is equal
+	// to this field.
+	BoolMatch bool `protobuf:"varint,4,opt,name=bool_match,json=boolMatch,proto3,oneof"`
+}
+
+type ValueMatcher_PresentMatch struct {
+	// If specified, value match will be performed based on whether the path is referring to a
+	// valid primitive value in the metadata. If the path is referring to a non-primitive value,
+	// the result is always not matched.
+	PresentMatch bool `protobuf:"varint,5,opt,name=present_match,json=presentMatch,proto3,oneof"`
+}
+
+type ValueMatcher_ListMatch struct {
+	// If specified, a match occurs if and only if the target value is a list value and
+	// is matched to this field.
+	ListMatch *ListMatcher `protobuf:"bytes,6,opt,name=list_match,json=listMatch,proto3,oneof"`
+}
+
+func (*ValueMatcher_NullMatch_) isValueMatcher_MatchPattern() {}
+
+func (*ValueMatcher_DoubleMatch) isValueMatcher_MatchPattern() {}
+
+func (*ValueMatcher_StringMatch) isValueMatcher_MatchPattern() {}
+
+func (*ValueMatcher_BoolMatch) isValueMatcher_MatchPattern() {}
+
+func (*ValueMatcher_PresentMatch) isValueMatcher_MatchPattern() {}
+
+func (*ValueMatcher_ListMatch) isValueMatcher_MatchPattern() {}
+
+// Specifies the way to match a list value.
+type ListMatcher struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// Types that are assignable to MatchPattern:
+	//	*ListMatcher_OneOf
+	MatchPattern isListMatcher_MatchPattern `protobuf_oneof:"match_pattern"`
+}
+
+func (x *ListMatcher) Reset() {
+	*x = ListMatcher{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_type_matcher_v3_value_proto_msgTypes[1]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *ListMatcher) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*ListMatcher) ProtoMessage() {}
+
+func (x *ListMatcher) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_type_matcher_v3_value_proto_msgTypes[1]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use ListMatcher.ProtoReflect.Descriptor instead.
+func (*ListMatcher) Descriptor() ([]byte, []int) {
+	return file_envoy_type_matcher_v3_value_proto_rawDescGZIP(), []int{1}
+}
+
+func (m *ListMatcher) GetMatchPattern() isListMatcher_MatchPattern {
+	if m != nil {
+		return m.MatchPattern
+	}
+	return nil
+}
+
+func (x *ListMatcher) GetOneOf() *ValueMatcher {
+	if x, ok := x.GetMatchPattern().(*ListMatcher_OneOf); ok {
+		return x.OneOf
+	}
+	return nil
+}
+
+type isListMatcher_MatchPattern interface {
+	isListMatcher_MatchPattern()
+}
+
+type ListMatcher_OneOf struct {
+	// If specified, at least one of the values in the list must match the value specified.
+	OneOf *ValueMatcher `protobuf:"bytes,1,opt,name=one_of,json=oneOf,proto3,oneof"`
+}
+
+func (*ListMatcher_OneOf) isListMatcher_MatchPattern() {}
+
+// NullMatch is an empty message to specify a null value.
+type ValueMatcher_NullMatch struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+}
+
+func (x *ValueMatcher_NullMatch) Reset() {
+	*x = ValueMatcher_NullMatch{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_type_matcher_v3_value_proto_msgTypes[2]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *ValueMatcher_NullMatch) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*ValueMatcher_NullMatch) ProtoMessage() {}
+
+func (x *ValueMatcher_NullMatch) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_type_matcher_v3_value_proto_msgTypes[2]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use ValueMatcher_NullMatch.ProtoReflect.Descriptor instead.
+func (*ValueMatcher_NullMatch) Descriptor() ([]byte, []int) {
+	return file_envoy_type_matcher_v3_value_proto_rawDescGZIP(), []int{0, 0}
+}
+
+var File_envoy_type_matcher_v3_value_proto protoreflect.FileDescriptor
+
+var file_envoy_type_matcher_v3_value_proto_rawDesc = []byte{
+	0x0a, 0x21, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2f, 0x74, 0x79, 0x70, 0x65, 0x2f, 0x6d, 0x61, 0x74,
+	0x63, 0x68, 0x65, 0x72, 0x2f, 0x76, 0x33, 0x2f, 0x76, 0x61, 0x6c, 0x75, 0x65, 0x2e, 0x70, 0x72,
+	0x6f, 0x74, 0x6f, 0x12, 0x15, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x74, 0x79, 0x70, 0x65, 0x2e,
+	0x6d, 0x61, 0x74, 0x63, 0x68, 0x65, 0x72, 0x2e, 0x76, 0x33, 0x1a, 0x22, 0x65, 0x6e, 0x76, 0x6f,
+	0x79, 0x2f, 0x74, 0x79, 0x70, 0x65, 0x2f, 0x6d, 0x61, 0x74, 0x63, 0x68, 0x65, 0x72, 0x2f, 0x76,
+	0x33, 0x2f, 0x6e, 0x75, 0x6d, 0x62, 0x65, 0x72, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x22,
+	0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2f, 0x74, 0x79, 0x70, 0x65, 0x2f, 0x6d, 0x61, 0x74, 0x63, 0x68,
+	0x65, 0x72, 0x2f, 0x76, 0x33, 0x2f, 0x73, 0x74, 0x72, 0x69, 0x6e, 0x67, 0x2e, 0x70, 0x72, 0x6f,
+	0x74, 0x6f, 0x1a, 0x1d, 0x75, 0x64, 0x70, 0x61, 0x2f, 0x61, 0x6e, 0x6e, 0x6f, 0x74, 0x61, 0x74,
+	0x69, 0x6f, 0x6e, 0x73, 0x2f, 0x73, 0x74, 0x61, 0x74, 0x75, 0x73, 0x2e, 0x70, 0x72, 0x6f, 0x74,
+	0x6f, 0x1a, 0x21, 0x75, 0x64, 0x70, 0x61, 0x2f, 0x61, 0x6e, 0x6e, 0x6f, 0x74, 0x61, 0x74, 0x69,
+	0x6f, 0x6e, 0x73, 0x2f, 0x76, 0x65, 0x72, 0x73, 0x69, 0x6f, 0x6e, 0x69, 0x6e, 0x67, 0x2e, 0x70,
+	0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x17, 0x76, 0x61, 0x6c, 0x69, 0x64, 0x61, 0x74, 0x65, 0x2f, 0x76,
+	0x61, 0x6c, 0x69, 0x64, 0x61, 0x74, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x22, 0xfe, 0x03,
+	0x0a, 0x0c, 0x56, 0x61, 0x6c, 0x75, 0x65, 0x4d, 0x61, 0x74, 0x63, 0x68, 0x65, 0x72, 0x12, 0x4e,
+	0x0a, 0x0a, 0x6e, 0x75, 0x6c, 0x6c, 0x5f, 0x6d, 0x61, 0x74, 0x63, 0x68, 0x18, 0x01, 0x20, 0x01,
+	0x28, 0x0b, 0x32, 0x2d, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x74, 0x79, 0x70, 0x65, 0x2e,
+	0x6d, 0x61, 0x74, 0x63, 0x68, 0x65, 0x72, 0x2e, 0x76, 0x33, 0x2e, 0x56, 0x61, 0x6c, 0x75, 0x65,
+	0x4d, 0x61, 0x74, 0x63, 0x68, 0x65, 0x72, 0x2e, 0x4e, 0x75, 0x6c, 0x6c, 0x4d, 0x61, 0x74, 0x63,
+	0x68, 0x48, 0x00, 0x52, 0x09, 0x6e, 0x75, 0x6c, 0x6c, 0x4d, 0x61, 0x74, 0x63, 0x68, 0x12, 0x49,
+	0x0a, 0x0c, 0x64, 0x6f, 0x75, 0x62, 0x6c, 0x65, 0x5f, 0x6d, 0x61, 0x74, 0x63, 0x68, 0x18, 0x02,
+	0x20, 0x01, 0x28, 0x0b, 0x32, 0x24, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x74, 0x79, 0x70,
+	0x65, 0x2e, 0x6d, 0x61, 0x74, 0x63, 0x68, 0x65, 0x72, 0x2e, 0x76, 0x33, 0x2e, 0x44, 0x6f, 0x75,
+	0x62, 0x6c, 0x65, 0x4d, 0x61, 0x74, 0x63, 0x68, 0x65, 0x72, 0x48, 0x00, 0x52, 0x0b, 0x64, 0x6f,
+	0x75, 0x62, 0x6c, 0x65, 0x4d, 0x61, 0x74, 0x63, 0x68, 0x12, 0x49, 0x0a, 0x0c, 0x73, 0x74, 0x72,
+	0x69, 0x6e, 0x67, 0x5f, 0x6d, 0x61, 0x74, 0x63, 0x68, 0x18, 0x03, 0x20, 0x01, 0x28, 0x0b, 0x32,
+	0x24, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x74, 0x79, 0x70, 0x65, 0x2e, 0x6d, 0x61, 0x74,
+	0x63, 0x68, 0x65, 0x72, 0x2e, 0x76, 0x33, 0x2e, 0x53, 0x74, 0x72, 0x69, 0x6e, 0x67, 0x4d, 0x61,
+	0x74, 0x63, 0x68, 0x65, 0x72, 0x48, 0x00, 0x52, 0x0b, 0x73, 0x74, 0x72, 0x69, 0x6e, 0x67, 0x4d,
+	0x61, 0x74, 0x63, 0x68, 0x12, 0x1f, 0x0a, 0x0a, 0x62, 0x6f, 0x6f, 0x6c, 0x5f, 0x6d, 0x61, 0x74,
+	0x63, 0x68, 0x18, 0x04, 0x20, 0x01, 0x28, 0x08, 0x48, 0x00, 0x52, 0x09, 0x62, 0x6f, 0x6f, 0x6c,
+	0x4d, 0x61, 0x74, 0x63, 0x68, 0x12, 0x25, 0x0a, 0x0d, 0x70, 0x72, 0x65, 0x73, 0x65, 0x6e, 0x74,
+	0x5f, 0x6d, 0x61, 0x74, 0x63, 0x68, 0x18, 0x05, 0x20, 0x01, 0x28, 0x08, 0x48, 0x00, 0x52, 0x0c,
+	0x70, 0x72, 0x65, 0x73, 0x65, 0x6e, 0x74, 0x4d, 0x61, 0x74, 0x63, 0x68, 0x12, 0x43, 0x0a, 0x0a,
+	0x6c, 0x69, 0x73, 0x74, 0x5f, 0x6d, 0x61, 0x74, 0x63, 0x68, 0x18, 0x06, 0x20, 0x01, 0x28, 0x0b,
+	0x32, 0x22, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x74, 0x79, 0x70, 0x65, 0x2e, 0x6d, 0x61,
+	0x74, 0x63, 0x68, 0x65, 0x72, 0x2e, 0x76, 0x33, 0x2e, 0x4c, 0x69, 0x73, 0x74, 0x4d, 0x61, 0x74,
+	0x63, 0x68, 0x65, 0x72, 0x48, 0x00, 0x52, 0x09, 0x6c, 0x69, 0x73, 0x74, 0x4d, 0x61, 0x74, 0x63,
+	0x68, 0x1a, 0x3d, 0x0a, 0x09, 0x4e, 0x75, 0x6c, 0x6c, 0x4d, 0x61, 0x74, 0x63, 0x68, 0x3a, 0x30,
+	0x9a, 0xc5, 0x88, 0x1e, 0x2b, 0x0a, 0x29, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x74, 0x79, 0x70,
+	0x65, 0x2e, 0x6d, 0x61, 0x74, 0x63, 0x68, 0x65, 0x72, 0x2e, 0x56, 0x61, 0x6c, 0x75, 0x65, 0x4d,
+	0x61, 0x74, 0x63, 0x68, 0x65, 0x72, 0x2e, 0x4e, 0x75, 0x6c, 0x6c, 0x4d, 0x61, 0x74, 0x63, 0x68,
+	0x3a, 0x26, 0x9a, 0xc5, 0x88, 0x1e, 0x21, 0x0a, 0x1f, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x74,
+	0x79, 0x70, 0x65, 0x2e, 0x6d, 0x61, 0x74, 0x63, 0x68, 0x65, 0x72, 0x2e, 0x56, 0x61, 0x6c, 0x75,
+	0x65, 0x4d, 0x61, 0x74, 0x63, 0x68, 0x65, 0x72, 0x42, 0x14, 0x0a, 0x0d, 0x6d, 0x61, 0x74, 0x63,
+	0x68, 0x5f, 0x70, 0x61, 0x74, 0x74, 0x65, 0x72, 0x6e, 0x12, 0x03, 0xf8, 0x42, 0x01, 0x22, 0x88,
+	0x01, 0x0a, 0x0b, 0x4c, 0x69, 0x73, 0x74, 0x4d, 0x61, 0x74, 0x63, 0x68, 0x65, 0x72, 0x12, 0x3c,
+	0x0a, 0x06, 0x6f, 0x6e, 0x65, 0x5f, 0x6f, 0x66, 0x18, 0x01, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x23,
+	0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x74, 0x79, 0x70, 0x65, 0x2e, 0x6d, 0x61, 0x74, 0x63,
+	0x68, 0x65, 0x72, 0x2e, 0x76, 0x33, 0x2e, 0x56, 0x61, 0x6c, 0x75, 0x65, 0x4d, 0x61, 0x74, 0x63,
+	0x68, 0x65, 0x72, 0x48, 0x00, 0x52, 0x05, 0x6f, 0x6e, 0x65, 0x4f, 0x66, 0x3a, 0x25, 0x9a, 0xc5,
+	0x88, 0x1e, 0x20, 0x0a, 0x1e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x74, 0x79, 0x70, 0x65, 0x2e,
+	0x6d, 0x61, 0x74, 0x63, 0x68, 0x65, 0x72, 0x2e, 0x4c, 0x69, 0x73, 0x74, 0x4d, 0x61, 0x74, 0x63,
+	0x68, 0x65, 0x72, 0x42, 0x14, 0x0a, 0x0d, 0x6d, 0x61, 0x74, 0x63, 0x68, 0x5f, 0x70, 0x61, 0x74,
+	0x74, 0x65, 0x72, 0x6e, 0x12, 0x03, 0xf8, 0x42, 0x01, 0x42, 0x3b, 0x0a, 0x23, 0x69, 0x6f, 0x2e,
+	0x65, 0x6e, 0x76, 0x6f, 0x79, 0x70, 0x72, 0x6f, 0x78, 0x79, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79,
+	0x2e, 0x74, 0x79, 0x70, 0x65, 0x2e, 0x6d, 0x61, 0x74, 0x63, 0x68, 0x65, 0x72, 0x2e, 0x76, 0x33,
+	0x42, 0x0a, 0x56, 0x61, 0x6c, 0x75, 0x65, 0x50, 0x72, 0x6f, 0x74, 0x6f, 0x50, 0x01, 0xba, 0x80,
+	0xc8, 0xd1, 0x06, 0x02, 0x10, 0x02, 0x62, 0x06, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x33,
+}
+
+var (
+	file_envoy_type_matcher_v3_value_proto_rawDescOnce sync.Once
+	file_envoy_type_matcher_v3_value_proto_rawDescData = file_envoy_type_matcher_v3_value_proto_rawDesc
+)
+
+func file_envoy_type_matcher_v3_value_proto_rawDescGZIP() []byte {
+	file_envoy_type_matcher_v3_value_proto_rawDescOnce.Do(func() {
+		file_envoy_type_matcher_v3_value_proto_rawDescData = protoimpl.X.CompressGZIP(file_envoy_type_matcher_v3_value_proto_rawDescData)
+	})
+	return file_envoy_type_matcher_v3_value_proto_rawDescData
+}
+
+var file_envoy_type_matcher_v3_value_proto_msgTypes = make([]protoimpl.MessageInfo, 3)
+var file_envoy_type_matcher_v3_value_proto_goTypes = []interface{}{
+	(*ValueMatcher)(nil),           // 0: envoy.type.matcher.v3.ValueMatcher
+	(*ListMatcher)(nil),            // 1: envoy.type.matcher.v3.ListMatcher
+	(*ValueMatcher_NullMatch)(nil), // 2: envoy.type.matcher.v3.ValueMatcher.NullMatch
+	(*DoubleMatcher)(nil),          // 3: envoy.type.matcher.v3.DoubleMatcher
+	(*StringMatcher)(nil),          // 4: envoy.type.matcher.v3.StringMatcher
+}
+var file_envoy_type_matcher_v3_value_proto_depIdxs = []int32{
+	2, // 0: envoy.type.matcher.v3.ValueMatcher.null_match:type_name -> envoy.type.matcher.v3.ValueMatcher.NullMatch
+	3, // 1: envoy.type.matcher.v3.ValueMatcher.double_match:type_name -> envoy.type.matcher.v3.DoubleMatcher
+	4, // 2: envoy.type.matcher.v3.ValueMatcher.string_match:type_name -> envoy.type.matcher.v3.StringMatcher
+	1, // 3: envoy.type.matcher.v3.ValueMatcher.list_match:type_name -> envoy.type.matcher.v3.ListMatcher
+	0, // 4: envoy.type.matcher.v3.ListMatcher.one_of:type_name -> envoy.type.matcher.v3.ValueMatcher
+	5, // [5:5] is the sub-list for method output_type
+	5, // [5:5] is the sub-list for method input_type
+	5, // [5:5] is the sub-list for extension type_name
+	5, // [5:5] is the sub-list for extension extendee
+	0, // [0:5] is the sub-list for field type_name
+}
+
+func init() { file_envoy_type_matcher_v3_value_proto_init() }
+func file_envoy_type_matcher_v3_value_proto_init() {
+	if File_envoy_type_matcher_v3_value_proto != nil {
+		return
+	}
+	file_envoy_type_matcher_v3_number_proto_init()
+	file_envoy_type_matcher_v3_string_proto_init()
+	if !protoimpl.UnsafeEnabled {
+		file_envoy_type_matcher_v3_value_proto_msgTypes[0].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*ValueMatcher); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_type_matcher_v3_value_proto_msgTypes[1].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*ListMatcher); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_type_matcher_v3_value_proto_msgTypes[2].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*ValueMatcher_NullMatch); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+	}
+	file_envoy_type_matcher_v3_value_proto_msgTypes[0].OneofWrappers = []interface{}{
+		(*ValueMatcher_NullMatch_)(nil),
+		(*ValueMatcher_DoubleMatch)(nil),
+		(*ValueMatcher_StringMatch)(nil),
+		(*ValueMatcher_BoolMatch)(nil),
+		(*ValueMatcher_PresentMatch)(nil),
+		(*ValueMatcher_ListMatch)(nil),
+	}
+	file_envoy_type_matcher_v3_value_proto_msgTypes[1].OneofWrappers = []interface{}{
+		(*ListMatcher_OneOf)(nil),
+	}
+	type x struct{}
+	out := protoimpl.TypeBuilder{
+		File: protoimpl.DescBuilder{
+			GoPackagePath: reflect.TypeOf(x{}).PkgPath(),
+			RawDescriptor: file_envoy_type_matcher_v3_value_proto_rawDesc,
+			NumEnums:      0,
+			NumMessages:   3,
+			NumExtensions: 0,
+			NumServices:   0,
+		},
+		GoTypes:           file_envoy_type_matcher_v3_value_proto_goTypes,
+		DependencyIndexes: file_envoy_type_matcher_v3_value_proto_depIdxs,
+		MessageInfos:      file_envoy_type_matcher_v3_value_proto_msgTypes,
+	}.Build()
+	File_envoy_type_matcher_v3_value_proto = out.File
+	file_envoy_type_matcher_v3_value_proto_rawDesc = nil
+	file_envoy_type_matcher_v3_value_proto_goTypes = nil
+	file_envoy_type_matcher_v3_value_proto_depIdxs = nil
+}
diff --git a/vendor/github.com/envoyproxy/go-control-plane/envoy/type/matcher/v3/value.pb.validate.go b/vendor/github.com/envoyproxy/go-control-plane/envoy/type/matcher/v3/value.pb.validate.go
new file mode 100644
index 00000000000..beaafe98979
--- /dev/null
+++ b/vendor/github.com/envoyproxy/go-control-plane/envoy/type/matcher/v3/value.pb.validate.go
@@ -0,0 +1,522 @@
+// Code generated by protoc-gen-validate. DO NOT EDIT.
+// source: envoy/type/matcher/v3/value.proto
+
+package envoy_type_matcher_v3
+
+import (
+	"bytes"
+	"errors"
+	"fmt"
+	"net"
+	"net/mail"
+	"net/url"
+	"regexp"
+	"sort"
+	"strings"
+	"time"
+	"unicode/utf8"
+
+	"google.golang.org/protobuf/types/known/anypb"
+)
+
+// ensure the imports are used
+var (
+	_ = bytes.MinRead
+	_ = errors.New("")
+	_ = fmt.Print
+	_ = utf8.UTFMax
+	_ = (*regexp.Regexp)(nil)
+	_ = (*strings.Reader)(nil)
+	_ = net.IPv4len
+	_ = time.Duration(0)
+	_ = (*url.URL)(nil)
+	_ = (*mail.Address)(nil)
+	_ = anypb.Any{}
+	_ = sort.Sort
+)
+
+// Validate checks the field values on ValueMatcher with the rules defined in
+// the proto definition for this message. If any rules are violated, the first
+// error encountered is returned, or nil if there are no violations.
+func (m *ValueMatcher) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on ValueMatcher with the rules defined
+// in the proto definition for this message. If any rules are violated, the
+// result is a list of violation errors wrapped in ValueMatcherMultiError, or
+// nil if none found.
+func (m *ValueMatcher) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *ValueMatcher) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	switch m.MatchPattern.(type) {
+
+	case *ValueMatcher_NullMatch_:
+
+		if all {
+			switch v := interface{}(m.GetNullMatch()).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, ValueMatcherValidationError{
+						field:  "NullMatch",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, ValueMatcherValidationError{
+						field:  "NullMatch",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(m.GetNullMatch()).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return ValueMatcherValidationError{
+					field:  "NullMatch",
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	case *ValueMatcher_DoubleMatch:
+
+		if all {
+			switch v := interface{}(m.GetDoubleMatch()).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, ValueMatcherValidationError{
+						field:  "DoubleMatch",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, ValueMatcherValidationError{
+						field:  "DoubleMatch",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(m.GetDoubleMatch()).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return ValueMatcherValidationError{
+					field:  "DoubleMatch",
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	case *ValueMatcher_StringMatch:
+
+		if all {
+			switch v := interface{}(m.GetStringMatch()).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, ValueMatcherValidationError{
+						field:  "StringMatch",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, ValueMatcherValidationError{
+						field:  "StringMatch",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(m.GetStringMatch()).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return ValueMatcherValidationError{
+					field:  "StringMatch",
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	case *ValueMatcher_BoolMatch:
+		// no validation rules for BoolMatch
+
+	case *ValueMatcher_PresentMatch:
+		// no validation rules for PresentMatch
+
+	case *ValueMatcher_ListMatch:
+
+		if all {
+			switch v := interface{}(m.GetListMatch()).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, ValueMatcherValidationError{
+						field:  "ListMatch",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, ValueMatcherValidationError{
+						field:  "ListMatch",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(m.GetListMatch()).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return ValueMatcherValidationError{
+					field:  "ListMatch",
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	default:
+		err := ValueMatcherValidationError{
+			field:  "MatchPattern",
+			reason: "value is required",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+
+	}
+
+	if len(errors) > 0 {
+		return ValueMatcherMultiError(errors)
+	}
+	return nil
+}
+
+// ValueMatcherMultiError is an error wrapping multiple validation errors
+// returned by ValueMatcher.ValidateAll() if the designated constraints aren't met.
+type ValueMatcherMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m ValueMatcherMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m ValueMatcherMultiError) AllErrors() []error { return m }
+
+// ValueMatcherValidationError is the validation error returned by
+// ValueMatcher.Validate if the designated constraints aren't met.
+type ValueMatcherValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e ValueMatcherValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e ValueMatcherValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e ValueMatcherValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e ValueMatcherValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e ValueMatcherValidationError) ErrorName() string { return "ValueMatcherValidationError" }
+
+// Error satisfies the builtin error interface
+func (e ValueMatcherValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sValueMatcher.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = ValueMatcherValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = ValueMatcherValidationError{}
+
+// Validate checks the field values on ListMatcher with the rules defined in
+// the proto definition for this message. If any rules are violated, the first
+// error encountered is returned, or nil if there are no violations.
+func (m *ListMatcher) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on ListMatcher with the rules defined in
+// the proto definition for this message. If any rules are violated, the
+// result is a list of violation errors wrapped in ListMatcherMultiError, or
+// nil if none found.
+func (m *ListMatcher) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *ListMatcher) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	switch m.MatchPattern.(type) {
+
+	case *ListMatcher_OneOf:
+
+		if all {
+			switch v := interface{}(m.GetOneOf()).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, ListMatcherValidationError{
+						field:  "OneOf",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, ListMatcherValidationError{
+						field:  "OneOf",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(m.GetOneOf()).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return ListMatcherValidationError{
+					field:  "OneOf",
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	default:
+		err := ListMatcherValidationError{
+			field:  "MatchPattern",
+			reason: "value is required",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+
+	}
+
+	if len(errors) > 0 {
+		return ListMatcherMultiError(errors)
+	}
+	return nil
+}
+
+// ListMatcherMultiError is an error wrapping multiple validation errors
+// returned by ListMatcher.ValidateAll() if the designated constraints aren't met.
+type ListMatcherMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m ListMatcherMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m ListMatcherMultiError) AllErrors() []error { return m }
+
+// ListMatcherValidationError is the validation error returned by
+// ListMatcher.Validate if the designated constraints aren't met.
+type ListMatcherValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e ListMatcherValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e ListMatcherValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e ListMatcherValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e ListMatcherValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e ListMatcherValidationError) ErrorName() string { return "ListMatcherValidationError" }
+
+// Error satisfies the builtin error interface
+func (e ListMatcherValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sListMatcher.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = ListMatcherValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = ListMatcherValidationError{}
+
+// Validate checks the field values on ValueMatcher_NullMatch with the rules
+// defined in the proto definition for this message. If any rules are
+// violated, the first error encountered is returned, or nil if there are no violations.
+func (m *ValueMatcher_NullMatch) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on ValueMatcher_NullMatch with the rules
+// defined in the proto definition for this message. If any rules are
+// violated, the result is a list of violation errors wrapped in
+// ValueMatcher_NullMatchMultiError, or nil if none found.
+func (m *ValueMatcher_NullMatch) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *ValueMatcher_NullMatch) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	if len(errors) > 0 {
+		return ValueMatcher_NullMatchMultiError(errors)
+	}
+	return nil
+}
+
+// ValueMatcher_NullMatchMultiError is an error wrapping multiple validation
+// errors returned by ValueMatcher_NullMatch.ValidateAll() if the designated
+// constraints aren't met.
+type ValueMatcher_NullMatchMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m ValueMatcher_NullMatchMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m ValueMatcher_NullMatchMultiError) AllErrors() []error { return m }
+
+// ValueMatcher_NullMatchValidationError is the validation error returned by
+// ValueMatcher_NullMatch.Validate if the designated constraints aren't met.
+type ValueMatcher_NullMatchValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e ValueMatcher_NullMatchValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e ValueMatcher_NullMatchValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e ValueMatcher_NullMatchValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e ValueMatcher_NullMatchValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e ValueMatcher_NullMatchValidationError) ErrorName() string {
+	return "ValueMatcher_NullMatchValidationError"
+}
+
+// Error satisfies the builtin error interface
+func (e ValueMatcher_NullMatchValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sValueMatcher_NullMatch.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = ValueMatcher_NullMatchValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = ValueMatcher_NullMatchValidationError{}
diff --git a/vendor/github.com/envoyproxy/go-control-plane/envoy/type/matcher/value.pb.go b/vendor/github.com/envoyproxy/go-control-plane/envoy/type/matcher/value.pb.go
new file mode 100644
index 00000000000..b33a5a3e9b2
--- /dev/null
+++ b/vendor/github.com/envoyproxy/go-control-plane/envoy/type/matcher/value.pb.go
@@ -0,0 +1,449 @@
+// Code generated by protoc-gen-go. DO NOT EDIT.
+// versions:
+// 	protoc-gen-go v1.25.0
+// 	protoc        v3.19.1
+// source: envoy/type/matcher/value.proto
+
+package envoy_type_matcher
+
+import (
+	_ "github.com/cncf/xds/go/udpa/annotations"
+	_ "github.com/envoyproxy/protoc-gen-validate/validate"
+	proto "github.com/golang/protobuf/proto"
+	protoreflect "google.golang.org/protobuf/reflect/protoreflect"
+	protoimpl "google.golang.org/protobuf/runtime/protoimpl"
+	reflect "reflect"
+	sync "sync"
+)
+
+const (
+	// Verify that this generated code is sufficiently up-to-date.
+	_ = protoimpl.EnforceVersion(20 - protoimpl.MinVersion)
+	// Verify that runtime/protoimpl is sufficiently up-to-date.
+	_ = protoimpl.EnforceVersion(protoimpl.MaxVersion - 20)
+)
+
+// This is a compile-time assertion that a sufficiently up-to-date version
+// of the legacy proto package is being used.
+const _ = proto.ProtoPackageIsVersion4
+
+// Specifies the way to match a ProtobufWkt::Value. Primitive values and ListValue are supported.
+// StructValue is not supported and is always not matched.
+// [#next-free-field: 7]
+type ValueMatcher struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// Specifies how to match a value.
+	//
+	// Types that are assignable to MatchPattern:
+	//	*ValueMatcher_NullMatch_
+	//	*ValueMatcher_DoubleMatch
+	//	*ValueMatcher_StringMatch
+	//	*ValueMatcher_BoolMatch
+	//	*ValueMatcher_PresentMatch
+	//	*ValueMatcher_ListMatch
+	MatchPattern isValueMatcher_MatchPattern `protobuf_oneof:"match_pattern"`
+}
+
+func (x *ValueMatcher) Reset() {
+	*x = ValueMatcher{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_type_matcher_value_proto_msgTypes[0]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *ValueMatcher) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*ValueMatcher) ProtoMessage() {}
+
+func (x *ValueMatcher) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_type_matcher_value_proto_msgTypes[0]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use ValueMatcher.ProtoReflect.Descriptor instead.
+func (*ValueMatcher) Descriptor() ([]byte, []int) {
+	return file_envoy_type_matcher_value_proto_rawDescGZIP(), []int{0}
+}
+
+func (m *ValueMatcher) GetMatchPattern() isValueMatcher_MatchPattern {
+	if m != nil {
+		return m.MatchPattern
+	}
+	return nil
+}
+
+func (x *ValueMatcher) GetNullMatch() *ValueMatcher_NullMatch {
+	if x, ok := x.GetMatchPattern().(*ValueMatcher_NullMatch_); ok {
+		return x.NullMatch
+	}
+	return nil
+}
+
+func (x *ValueMatcher) GetDoubleMatch() *DoubleMatcher {
+	if x, ok := x.GetMatchPattern().(*ValueMatcher_DoubleMatch); ok {
+		return x.DoubleMatch
+	}
+	return nil
+}
+
+func (x *ValueMatcher) GetStringMatch() *StringMatcher {
+	if x, ok := x.GetMatchPattern().(*ValueMatcher_StringMatch); ok {
+		return x.StringMatch
+	}
+	return nil
+}
+
+func (x *ValueMatcher) GetBoolMatch() bool {
+	if x, ok := x.GetMatchPattern().(*ValueMatcher_BoolMatch); ok {
+		return x.BoolMatch
+	}
+	return false
+}
+
+func (x *ValueMatcher) GetPresentMatch() bool {
+	if x, ok := x.GetMatchPattern().(*ValueMatcher_PresentMatch); ok {
+		return x.PresentMatch
+	}
+	return false
+}
+
+func (x *ValueMatcher) GetListMatch() *ListMatcher {
+	if x, ok := x.GetMatchPattern().(*ValueMatcher_ListMatch); ok {
+		return x.ListMatch
+	}
+	return nil
+}
+
+type isValueMatcher_MatchPattern interface {
+	isValueMatcher_MatchPattern()
+}
+
+type ValueMatcher_NullMatch_ struct {
+	// If specified, a match occurs if and only if the target value is a NullValue.
+	NullMatch *ValueMatcher_NullMatch `protobuf:"bytes,1,opt,name=null_match,json=nullMatch,proto3,oneof"`
+}
+
+type ValueMatcher_DoubleMatch struct {
+	// If specified, a match occurs if and only if the target value is a double value and is
+	// matched to this field.
+	DoubleMatch *DoubleMatcher `protobuf:"bytes,2,opt,name=double_match,json=doubleMatch,proto3,oneof"`
+}
+
+type ValueMatcher_StringMatch struct {
+	// If specified, a match occurs if and only if the target value is a string value and is
+	// matched to this field.
+	StringMatch *StringMatcher `protobuf:"bytes,3,opt,name=string_match,json=stringMatch,proto3,oneof"`
+}
+
+type ValueMatcher_BoolMatch struct {
+	// If specified, a match occurs if and only if the target value is a bool value and is equal
+	// to this field.
+	BoolMatch bool `protobuf:"varint,4,opt,name=bool_match,json=boolMatch,proto3,oneof"`
+}
+
+type ValueMatcher_PresentMatch struct {
+	// If specified, value match will be performed based on whether the path is referring to a
+	// valid primitive value in the metadata. If the path is referring to a non-primitive value,
+	// the result is always not matched.
+	PresentMatch bool `protobuf:"varint,5,opt,name=present_match,json=presentMatch,proto3,oneof"`
+}
+
+type ValueMatcher_ListMatch struct {
+	// If specified, a match occurs if and only if the target value is a list value and
+	// is matched to this field.
+	ListMatch *ListMatcher `protobuf:"bytes,6,opt,name=list_match,json=listMatch,proto3,oneof"`
+}
+
+func (*ValueMatcher_NullMatch_) isValueMatcher_MatchPattern() {}
+
+func (*ValueMatcher_DoubleMatch) isValueMatcher_MatchPattern() {}
+
+func (*ValueMatcher_StringMatch) isValueMatcher_MatchPattern() {}
+
+func (*ValueMatcher_BoolMatch) isValueMatcher_MatchPattern() {}
+
+func (*ValueMatcher_PresentMatch) isValueMatcher_MatchPattern() {}
+
+func (*ValueMatcher_ListMatch) isValueMatcher_MatchPattern() {}
+
+// Specifies the way to match a list value.
+type ListMatcher struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// Types that are assignable to MatchPattern:
+	//	*ListMatcher_OneOf
+	MatchPattern isListMatcher_MatchPattern `protobuf_oneof:"match_pattern"`
+}
+
+func (x *ListMatcher) Reset() {
+	*x = ListMatcher{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_type_matcher_value_proto_msgTypes[1]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *ListMatcher) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*ListMatcher) ProtoMessage() {}
+
+func (x *ListMatcher) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_type_matcher_value_proto_msgTypes[1]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use ListMatcher.ProtoReflect.Descriptor instead.
+func (*ListMatcher) Descriptor() ([]byte, []int) {
+	return file_envoy_type_matcher_value_proto_rawDescGZIP(), []int{1}
+}
+
+func (m *ListMatcher) GetMatchPattern() isListMatcher_MatchPattern {
+	if m != nil {
+		return m.MatchPattern
+	}
+	return nil
+}
+
+func (x *ListMatcher) GetOneOf() *ValueMatcher {
+	if x, ok := x.GetMatchPattern().(*ListMatcher_OneOf); ok {
+		return x.OneOf
+	}
+	return nil
+}
+
+type isListMatcher_MatchPattern interface {
+	isListMatcher_MatchPattern()
+}
+
+type ListMatcher_OneOf struct {
+	// If specified, at least one of the values in the list must match the value specified.
+	OneOf *ValueMatcher `protobuf:"bytes,1,opt,name=one_of,json=oneOf,proto3,oneof"`
+}
+
+func (*ListMatcher_OneOf) isListMatcher_MatchPattern() {}
+
+// NullMatch is an empty message to specify a null value.
+type ValueMatcher_NullMatch struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+}
+
+func (x *ValueMatcher_NullMatch) Reset() {
+	*x = ValueMatcher_NullMatch{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_type_matcher_value_proto_msgTypes[2]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *ValueMatcher_NullMatch) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*ValueMatcher_NullMatch) ProtoMessage() {}
+
+func (x *ValueMatcher_NullMatch) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_type_matcher_value_proto_msgTypes[2]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use ValueMatcher_NullMatch.ProtoReflect.Descriptor instead.
+func (*ValueMatcher_NullMatch) Descriptor() ([]byte, []int) {
+	return file_envoy_type_matcher_value_proto_rawDescGZIP(), []int{0, 0}
+}
+
+var File_envoy_type_matcher_value_proto protoreflect.FileDescriptor
+
+var file_envoy_type_matcher_value_proto_rawDesc = []byte{
+	0x0a, 0x1e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2f, 0x74, 0x79, 0x70, 0x65, 0x2f, 0x6d, 0x61, 0x74,
+	0x63, 0x68, 0x65, 0x72, 0x2f, 0x76, 0x61, 0x6c, 0x75, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f,
+	0x12, 0x12, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x74, 0x79, 0x70, 0x65, 0x2e, 0x6d, 0x61, 0x74,
+	0x63, 0x68, 0x65, 0x72, 0x1a, 0x1f, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2f, 0x74, 0x79, 0x70, 0x65,
+	0x2f, 0x6d, 0x61, 0x74, 0x63, 0x68, 0x65, 0x72, 0x2f, 0x6e, 0x75, 0x6d, 0x62, 0x65, 0x72, 0x2e,
+	0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x1f, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2f, 0x74, 0x79, 0x70,
+	0x65, 0x2f, 0x6d, 0x61, 0x74, 0x63, 0x68, 0x65, 0x72, 0x2f, 0x73, 0x74, 0x72, 0x69, 0x6e, 0x67,
+	0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x1d, 0x75, 0x64, 0x70, 0x61, 0x2f, 0x61, 0x6e, 0x6e,
+	0x6f, 0x74, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x2f, 0x73, 0x74, 0x61, 0x74, 0x75, 0x73, 0x2e,
+	0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x17, 0x76, 0x61, 0x6c, 0x69, 0x64, 0x61, 0x74, 0x65, 0x2f,
+	0x76, 0x61, 0x6c, 0x69, 0x64, 0x61, 0x74, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x22, 0x98,
+	0x03, 0x0a, 0x0c, 0x56, 0x61, 0x6c, 0x75, 0x65, 0x4d, 0x61, 0x74, 0x63, 0x68, 0x65, 0x72, 0x12,
+	0x4b, 0x0a, 0x0a, 0x6e, 0x75, 0x6c, 0x6c, 0x5f, 0x6d, 0x61, 0x74, 0x63, 0x68, 0x18, 0x01, 0x20,
+	0x01, 0x28, 0x0b, 0x32, 0x2a, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x74, 0x79, 0x70, 0x65,
+	0x2e, 0x6d, 0x61, 0x74, 0x63, 0x68, 0x65, 0x72, 0x2e, 0x56, 0x61, 0x6c, 0x75, 0x65, 0x4d, 0x61,
+	0x74, 0x63, 0x68, 0x65, 0x72, 0x2e, 0x4e, 0x75, 0x6c, 0x6c, 0x4d, 0x61, 0x74, 0x63, 0x68, 0x48,
+	0x00, 0x52, 0x09, 0x6e, 0x75, 0x6c, 0x6c, 0x4d, 0x61, 0x74, 0x63, 0x68, 0x12, 0x46, 0x0a, 0x0c,
+	0x64, 0x6f, 0x75, 0x62, 0x6c, 0x65, 0x5f, 0x6d, 0x61, 0x74, 0x63, 0x68, 0x18, 0x02, 0x20, 0x01,
+	0x28, 0x0b, 0x32, 0x21, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x74, 0x79, 0x70, 0x65, 0x2e,
+	0x6d, 0x61, 0x74, 0x63, 0x68, 0x65, 0x72, 0x2e, 0x44, 0x6f, 0x75, 0x62, 0x6c, 0x65, 0x4d, 0x61,
+	0x74, 0x63, 0x68, 0x65, 0x72, 0x48, 0x00, 0x52, 0x0b, 0x64, 0x6f, 0x75, 0x62, 0x6c, 0x65, 0x4d,
+	0x61, 0x74, 0x63, 0x68, 0x12, 0x46, 0x0a, 0x0c, 0x73, 0x74, 0x72, 0x69, 0x6e, 0x67, 0x5f, 0x6d,
+	0x61, 0x74, 0x63, 0x68, 0x18, 0x03, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x21, 0x2e, 0x65, 0x6e, 0x76,
+	0x6f, 0x79, 0x2e, 0x74, 0x79, 0x70, 0x65, 0x2e, 0x6d, 0x61, 0x74, 0x63, 0x68, 0x65, 0x72, 0x2e,
+	0x53, 0x74, 0x72, 0x69, 0x6e, 0x67, 0x4d, 0x61, 0x74, 0x63, 0x68, 0x65, 0x72, 0x48, 0x00, 0x52,
+	0x0b, 0x73, 0x74, 0x72, 0x69, 0x6e, 0x67, 0x4d, 0x61, 0x74, 0x63, 0x68, 0x12, 0x1f, 0x0a, 0x0a,
+	0x62, 0x6f, 0x6f, 0x6c, 0x5f, 0x6d, 0x61, 0x74, 0x63, 0x68, 0x18, 0x04, 0x20, 0x01, 0x28, 0x08,
+	0x48, 0x00, 0x52, 0x09, 0x62, 0x6f, 0x6f, 0x6c, 0x4d, 0x61, 0x74, 0x63, 0x68, 0x12, 0x25, 0x0a,
+	0x0d, 0x70, 0x72, 0x65, 0x73, 0x65, 0x6e, 0x74, 0x5f, 0x6d, 0x61, 0x74, 0x63, 0x68, 0x18, 0x05,
+	0x20, 0x01, 0x28, 0x08, 0x48, 0x00, 0x52, 0x0c, 0x70, 0x72, 0x65, 0x73, 0x65, 0x6e, 0x74, 0x4d,
+	0x61, 0x74, 0x63, 0x68, 0x12, 0x40, 0x0a, 0x0a, 0x6c, 0x69, 0x73, 0x74, 0x5f, 0x6d, 0x61, 0x74,
+	0x63, 0x68, 0x18, 0x06, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1f, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79,
+	0x2e, 0x74, 0x79, 0x70, 0x65, 0x2e, 0x6d, 0x61, 0x74, 0x63, 0x68, 0x65, 0x72, 0x2e, 0x4c, 0x69,
+	0x73, 0x74, 0x4d, 0x61, 0x74, 0x63, 0x68, 0x65, 0x72, 0x48, 0x00, 0x52, 0x09, 0x6c, 0x69, 0x73,
+	0x74, 0x4d, 0x61, 0x74, 0x63, 0x68, 0x1a, 0x0b, 0x0a, 0x09, 0x4e, 0x75, 0x6c, 0x6c, 0x4d, 0x61,
+	0x74, 0x63, 0x68, 0x42, 0x14, 0x0a, 0x0d, 0x6d, 0x61, 0x74, 0x63, 0x68, 0x5f, 0x70, 0x61, 0x74,
+	0x74, 0x65, 0x72, 0x6e, 0x12, 0x03, 0xf8, 0x42, 0x01, 0x22, 0x5e, 0x0a, 0x0b, 0x4c, 0x69, 0x73,
+	0x74, 0x4d, 0x61, 0x74, 0x63, 0x68, 0x65, 0x72, 0x12, 0x39, 0x0a, 0x06, 0x6f, 0x6e, 0x65, 0x5f,
+	0x6f, 0x66, 0x18, 0x01, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x20, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79,
+	0x2e, 0x74, 0x79, 0x70, 0x65, 0x2e, 0x6d, 0x61, 0x74, 0x63, 0x68, 0x65, 0x72, 0x2e, 0x56, 0x61,
+	0x6c, 0x75, 0x65, 0x4d, 0x61, 0x74, 0x63, 0x68, 0x65, 0x72, 0x48, 0x00, 0x52, 0x05, 0x6f, 0x6e,
+	0x65, 0x4f, 0x66, 0x42, 0x14, 0x0a, 0x0d, 0x6d, 0x61, 0x74, 0x63, 0x68, 0x5f, 0x70, 0x61, 0x74,
+	0x74, 0x65, 0x72, 0x6e, 0x12, 0x03, 0xf8, 0x42, 0x01, 0x42, 0x38, 0x0a, 0x20, 0x69, 0x6f, 0x2e,
+	0x65, 0x6e, 0x76, 0x6f, 0x79, 0x70, 0x72, 0x6f, 0x78, 0x79, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79,
+	0x2e, 0x74, 0x79, 0x70, 0x65, 0x2e, 0x6d, 0x61, 0x74, 0x63, 0x68, 0x65, 0x72, 0x42, 0x0a, 0x56,
+	0x61, 0x6c, 0x75, 0x65, 0x50, 0x72, 0x6f, 0x74, 0x6f, 0x50, 0x01, 0xba, 0x80, 0xc8, 0xd1, 0x06,
+	0x02, 0x10, 0x01, 0x62, 0x06, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x33,
+}
+
+var (
+	file_envoy_type_matcher_value_proto_rawDescOnce sync.Once
+	file_envoy_type_matcher_value_proto_rawDescData = file_envoy_type_matcher_value_proto_rawDesc
+)
+
+func file_envoy_type_matcher_value_proto_rawDescGZIP() []byte {
+	file_envoy_type_matcher_value_proto_rawDescOnce.Do(func() {
+		file_envoy_type_matcher_value_proto_rawDescData = protoimpl.X.CompressGZIP(file_envoy_type_matcher_value_proto_rawDescData)
+	})
+	return file_envoy_type_matcher_value_proto_rawDescData
+}
+
+var file_envoy_type_matcher_value_proto_msgTypes = make([]protoimpl.MessageInfo, 3)
+var file_envoy_type_matcher_value_proto_goTypes = []interface{}{
+	(*ValueMatcher)(nil),           // 0: envoy.type.matcher.ValueMatcher
+	(*ListMatcher)(nil),            // 1: envoy.type.matcher.ListMatcher
+	(*ValueMatcher_NullMatch)(nil), // 2: envoy.type.matcher.ValueMatcher.NullMatch
+	(*DoubleMatcher)(nil),          // 3: envoy.type.matcher.DoubleMatcher
+	(*StringMatcher)(nil),          // 4: envoy.type.matcher.StringMatcher
+}
+var file_envoy_type_matcher_value_proto_depIdxs = []int32{
+	2, // 0: envoy.type.matcher.ValueMatcher.null_match:type_name -> envoy.type.matcher.ValueMatcher.NullMatch
+	3, // 1: envoy.type.matcher.ValueMatcher.double_match:type_name -> envoy.type.matcher.DoubleMatcher
+	4, // 2: envoy.type.matcher.ValueMatcher.string_match:type_name -> envoy.type.matcher.StringMatcher
+	1, // 3: envoy.type.matcher.ValueMatcher.list_match:type_name -> envoy.type.matcher.ListMatcher
+	0, // 4: envoy.type.matcher.ListMatcher.one_of:type_name -> envoy.type.matcher.ValueMatcher
+	5, // [5:5] is the sub-list for method output_type
+	5, // [5:5] is the sub-list for method input_type
+	5, // [5:5] is the sub-list for extension type_name
+	5, // [5:5] is the sub-list for extension extendee
+	0, // [0:5] is the sub-list for field type_name
+}
+
+func init() { file_envoy_type_matcher_value_proto_init() }
+func file_envoy_type_matcher_value_proto_init() {
+	if File_envoy_type_matcher_value_proto != nil {
+		return
+	}
+	file_envoy_type_matcher_number_proto_init()
+	file_envoy_type_matcher_string_proto_init()
+	if !protoimpl.UnsafeEnabled {
+		file_envoy_type_matcher_value_proto_msgTypes[0].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*ValueMatcher); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_type_matcher_value_proto_msgTypes[1].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*ListMatcher); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_type_matcher_value_proto_msgTypes[2].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*ValueMatcher_NullMatch); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+	}
+	file_envoy_type_matcher_value_proto_msgTypes[0].OneofWrappers = []interface{}{
+		(*ValueMatcher_NullMatch_)(nil),
+		(*ValueMatcher_DoubleMatch)(nil),
+		(*ValueMatcher_StringMatch)(nil),
+		(*ValueMatcher_BoolMatch)(nil),
+		(*ValueMatcher_PresentMatch)(nil),
+		(*ValueMatcher_ListMatch)(nil),
+	}
+	file_envoy_type_matcher_value_proto_msgTypes[1].OneofWrappers = []interface{}{
+		(*ListMatcher_OneOf)(nil),
+	}
+	type x struct{}
+	out := protoimpl.TypeBuilder{
+		File: protoimpl.DescBuilder{
+			GoPackagePath: reflect.TypeOf(x{}).PkgPath(),
+			RawDescriptor: file_envoy_type_matcher_value_proto_rawDesc,
+			NumEnums:      0,
+			NumMessages:   3,
+			NumExtensions: 0,
+			NumServices:   0,
+		},
+		GoTypes:           file_envoy_type_matcher_value_proto_goTypes,
+		DependencyIndexes: file_envoy_type_matcher_value_proto_depIdxs,
+		MessageInfos:      file_envoy_type_matcher_value_proto_msgTypes,
+	}.Build()
+	File_envoy_type_matcher_value_proto = out.File
+	file_envoy_type_matcher_value_proto_rawDesc = nil
+	file_envoy_type_matcher_value_proto_goTypes = nil
+	file_envoy_type_matcher_value_proto_depIdxs = nil
+}
diff --git a/vendor/github.com/envoyproxy/go-control-plane/envoy/type/matcher/value.pb.validate.go b/vendor/github.com/envoyproxy/go-control-plane/envoy/type/matcher/value.pb.validate.go
new file mode 100644
index 00000000000..c9034454e76
--- /dev/null
+++ b/vendor/github.com/envoyproxy/go-control-plane/envoy/type/matcher/value.pb.validate.go
@@ -0,0 +1,522 @@
+// Code generated by protoc-gen-validate. DO NOT EDIT.
+// source: envoy/type/matcher/value.proto
+
+package envoy_type_matcher
+
+import (
+	"bytes"
+	"errors"
+	"fmt"
+	"net"
+	"net/mail"
+	"net/url"
+	"regexp"
+	"sort"
+	"strings"
+	"time"
+	"unicode/utf8"
+
+	"google.golang.org/protobuf/types/known/anypb"
+)
+
+// ensure the imports are used
+var (
+	_ = bytes.MinRead
+	_ = errors.New("")
+	_ = fmt.Print
+	_ = utf8.UTFMax
+	_ = (*regexp.Regexp)(nil)
+	_ = (*strings.Reader)(nil)
+	_ = net.IPv4len
+	_ = time.Duration(0)
+	_ = (*url.URL)(nil)
+	_ = (*mail.Address)(nil)
+	_ = anypb.Any{}
+	_ = sort.Sort
+)
+
+// Validate checks the field values on ValueMatcher with the rules defined in
+// the proto definition for this message. If any rules are violated, the first
+// error encountered is returned, or nil if there are no violations.
+func (m *ValueMatcher) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on ValueMatcher with the rules defined
+// in the proto definition for this message. If any rules are violated, the
+// result is a list of violation errors wrapped in ValueMatcherMultiError, or
+// nil if none found.
+func (m *ValueMatcher) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *ValueMatcher) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	switch m.MatchPattern.(type) {
+
+	case *ValueMatcher_NullMatch_:
+
+		if all {
+			switch v := interface{}(m.GetNullMatch()).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, ValueMatcherValidationError{
+						field:  "NullMatch",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, ValueMatcherValidationError{
+						field:  "NullMatch",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(m.GetNullMatch()).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return ValueMatcherValidationError{
+					field:  "NullMatch",
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	case *ValueMatcher_DoubleMatch:
+
+		if all {
+			switch v := interface{}(m.GetDoubleMatch()).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, ValueMatcherValidationError{
+						field:  "DoubleMatch",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, ValueMatcherValidationError{
+						field:  "DoubleMatch",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(m.GetDoubleMatch()).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return ValueMatcherValidationError{
+					field:  "DoubleMatch",
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	case *ValueMatcher_StringMatch:
+
+		if all {
+			switch v := interface{}(m.GetStringMatch()).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, ValueMatcherValidationError{
+						field:  "StringMatch",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, ValueMatcherValidationError{
+						field:  "StringMatch",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(m.GetStringMatch()).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return ValueMatcherValidationError{
+					field:  "StringMatch",
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	case *ValueMatcher_BoolMatch:
+		// no validation rules for BoolMatch
+
+	case *ValueMatcher_PresentMatch:
+		// no validation rules for PresentMatch
+
+	case *ValueMatcher_ListMatch:
+
+		if all {
+			switch v := interface{}(m.GetListMatch()).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, ValueMatcherValidationError{
+						field:  "ListMatch",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, ValueMatcherValidationError{
+						field:  "ListMatch",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(m.GetListMatch()).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return ValueMatcherValidationError{
+					field:  "ListMatch",
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	default:
+		err := ValueMatcherValidationError{
+			field:  "MatchPattern",
+			reason: "value is required",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+
+	}
+
+	if len(errors) > 0 {
+		return ValueMatcherMultiError(errors)
+	}
+	return nil
+}
+
+// ValueMatcherMultiError is an error wrapping multiple validation errors
+// returned by ValueMatcher.ValidateAll() if the designated constraints aren't met.
+type ValueMatcherMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m ValueMatcherMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m ValueMatcherMultiError) AllErrors() []error { return m }
+
+// ValueMatcherValidationError is the validation error returned by
+// ValueMatcher.Validate if the designated constraints aren't met.
+type ValueMatcherValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e ValueMatcherValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e ValueMatcherValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e ValueMatcherValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e ValueMatcherValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e ValueMatcherValidationError) ErrorName() string { return "ValueMatcherValidationError" }
+
+// Error satisfies the builtin error interface
+func (e ValueMatcherValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sValueMatcher.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = ValueMatcherValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = ValueMatcherValidationError{}
+
+// Validate checks the field values on ListMatcher with the rules defined in
+// the proto definition for this message. If any rules are violated, the first
+// error encountered is returned, or nil if there are no violations.
+func (m *ListMatcher) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on ListMatcher with the rules defined in
+// the proto definition for this message. If any rules are violated, the
+// result is a list of violation errors wrapped in ListMatcherMultiError, or
+// nil if none found.
+func (m *ListMatcher) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *ListMatcher) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	switch m.MatchPattern.(type) {
+
+	case *ListMatcher_OneOf:
+
+		if all {
+			switch v := interface{}(m.GetOneOf()).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, ListMatcherValidationError{
+						field:  "OneOf",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, ListMatcherValidationError{
+						field:  "OneOf",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(m.GetOneOf()).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return ListMatcherValidationError{
+					field:  "OneOf",
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	default:
+		err := ListMatcherValidationError{
+			field:  "MatchPattern",
+			reason: "value is required",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+
+	}
+
+	if len(errors) > 0 {
+		return ListMatcherMultiError(errors)
+	}
+	return nil
+}
+
+// ListMatcherMultiError is an error wrapping multiple validation errors
+// returned by ListMatcher.ValidateAll() if the designated constraints aren't met.
+type ListMatcherMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m ListMatcherMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m ListMatcherMultiError) AllErrors() []error { return m }
+
+// ListMatcherValidationError is the validation error returned by
+// ListMatcher.Validate if the designated constraints aren't met.
+type ListMatcherValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e ListMatcherValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e ListMatcherValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e ListMatcherValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e ListMatcherValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e ListMatcherValidationError) ErrorName() string { return "ListMatcherValidationError" }
+
+// Error satisfies the builtin error interface
+func (e ListMatcherValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sListMatcher.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = ListMatcherValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = ListMatcherValidationError{}
+
+// Validate checks the field values on ValueMatcher_NullMatch with the rules
+// defined in the proto definition for this message. If any rules are
+// violated, the first error encountered is returned, or nil if there are no violations.
+func (m *ValueMatcher_NullMatch) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on ValueMatcher_NullMatch with the rules
+// defined in the proto definition for this message. If any rules are
+// violated, the result is a list of violation errors wrapped in
+// ValueMatcher_NullMatchMultiError, or nil if none found.
+func (m *ValueMatcher_NullMatch) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *ValueMatcher_NullMatch) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	if len(errors) > 0 {
+		return ValueMatcher_NullMatchMultiError(errors)
+	}
+	return nil
+}
+
+// ValueMatcher_NullMatchMultiError is an error wrapping multiple validation
+// errors returned by ValueMatcher_NullMatch.ValidateAll() if the designated
+// constraints aren't met.
+type ValueMatcher_NullMatchMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m ValueMatcher_NullMatchMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m ValueMatcher_NullMatchMultiError) AllErrors() []error { return m }
+
+// ValueMatcher_NullMatchValidationError is the validation error returned by
+// ValueMatcher_NullMatch.Validate if the designated constraints aren't met.
+type ValueMatcher_NullMatchValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e ValueMatcher_NullMatchValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e ValueMatcher_NullMatchValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e ValueMatcher_NullMatchValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e ValueMatcher_NullMatchValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e ValueMatcher_NullMatchValidationError) ErrorName() string {
+	return "ValueMatcher_NullMatchValidationError"
+}
+
+// Error satisfies the builtin error interface
+func (e ValueMatcher_NullMatchValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sValueMatcher_NullMatch.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = ValueMatcher_NullMatchValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = ValueMatcher_NullMatchValidationError{}
diff --git a/vendor/github.com/envoyproxy/go-control-plane/envoy/type/metadata/v2/metadata.pb.go b/vendor/github.com/envoyproxy/go-control-plane/envoy/type/metadata/v2/metadata.pb.go
new file mode 100644
index 00000000000..a22c14eed9e
--- /dev/null
+++ b/vendor/github.com/envoyproxy/go-control-plane/envoy/type/metadata/v2/metadata.pb.go
@@ -0,0 +1,663 @@
+// Code generated by protoc-gen-go. DO NOT EDIT.
+// versions:
+// 	protoc-gen-go v1.25.0
+// 	protoc        v3.19.1
+// source: envoy/type/metadata/v2/metadata.proto
+
+package envoy_type_metadata_v2
+
+import (
+	_ "github.com/cncf/xds/go/udpa/annotations"
+	_ "github.com/envoyproxy/protoc-gen-validate/validate"
+	proto "github.com/golang/protobuf/proto"
+	protoreflect "google.golang.org/protobuf/reflect/protoreflect"
+	protoimpl "google.golang.org/protobuf/runtime/protoimpl"
+	reflect "reflect"
+	sync "sync"
+)
+
+const (
+	// Verify that this generated code is sufficiently up-to-date.
+	_ = protoimpl.EnforceVersion(20 - protoimpl.MinVersion)
+	// Verify that runtime/protoimpl is sufficiently up-to-date.
+	_ = protoimpl.EnforceVersion(protoimpl.MaxVersion - 20)
+)
+
+// This is a compile-time assertion that a sufficiently up-to-date version
+// of the legacy proto package is being used.
+const _ = proto.ProtoPackageIsVersion4
+
+// MetadataKey provides a general interface using `key` and `path` to retrieve value from
+// :ref:`Metadata <envoy_api_msg_core.Metadata>`.
+//
+// For example, for the following Metadata:
+//
+// .. code-block:: yaml
+//
+//    filter_metadata:
+//      envoy.xxx:
+//        prop:
+//          foo: bar
+//          xyz:
+//            hello: envoy
+//
+// The following MetadataKey will retrieve a string value "bar" from the Metadata.
+//
+// .. code-block:: yaml
+//
+//    key: envoy.xxx
+//    path:
+//    - key: prop
+//    - key: foo
+//
+type MetadataKey struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// The key name of Metadata to retrieve the Struct from the metadata.
+	// Typically, it represents a builtin subsystem or custom extension.
+	Key string `protobuf:"bytes,1,opt,name=key,proto3" json:"key,omitempty"`
+	// The path to retrieve the Value from the Struct. It can be a prefix or a full path,
+	// e.g. ``[prop, xyz]`` for a struct or ``[prop, foo]`` for a string in the example,
+	// which depends on the particular scenario.
+	//
+	// Note: Due to that only the key type segment is supported, the path can not specify a list
+	// unless the list is the last segment.
+	Path []*MetadataKey_PathSegment `protobuf:"bytes,2,rep,name=path,proto3" json:"path,omitempty"`
+}
+
+func (x *MetadataKey) Reset() {
+	*x = MetadataKey{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_type_metadata_v2_metadata_proto_msgTypes[0]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *MetadataKey) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*MetadataKey) ProtoMessage() {}
+
+func (x *MetadataKey) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_type_metadata_v2_metadata_proto_msgTypes[0]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use MetadataKey.ProtoReflect.Descriptor instead.
+func (*MetadataKey) Descriptor() ([]byte, []int) {
+	return file_envoy_type_metadata_v2_metadata_proto_rawDescGZIP(), []int{0}
+}
+
+func (x *MetadataKey) GetKey() string {
+	if x != nil {
+		return x.Key
+	}
+	return ""
+}
+
+func (x *MetadataKey) GetPath() []*MetadataKey_PathSegment {
+	if x != nil {
+		return x.Path
+	}
+	return nil
+}
+
+// Describes what kind of metadata.
+type MetadataKind struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// Types that are assignable to Kind:
+	//	*MetadataKind_Request_
+	//	*MetadataKind_Route_
+	//	*MetadataKind_Cluster_
+	//	*MetadataKind_Host_
+	Kind isMetadataKind_Kind `protobuf_oneof:"kind"`
+}
+
+func (x *MetadataKind) Reset() {
+	*x = MetadataKind{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_type_metadata_v2_metadata_proto_msgTypes[1]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *MetadataKind) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*MetadataKind) ProtoMessage() {}
+
+func (x *MetadataKind) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_type_metadata_v2_metadata_proto_msgTypes[1]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use MetadataKind.ProtoReflect.Descriptor instead.
+func (*MetadataKind) Descriptor() ([]byte, []int) {
+	return file_envoy_type_metadata_v2_metadata_proto_rawDescGZIP(), []int{1}
+}
+
+func (m *MetadataKind) GetKind() isMetadataKind_Kind {
+	if m != nil {
+		return m.Kind
+	}
+	return nil
+}
+
+func (x *MetadataKind) GetRequest() *MetadataKind_Request {
+	if x, ok := x.GetKind().(*MetadataKind_Request_); ok {
+		return x.Request
+	}
+	return nil
+}
+
+func (x *MetadataKind) GetRoute() *MetadataKind_Route {
+	if x, ok := x.GetKind().(*MetadataKind_Route_); ok {
+		return x.Route
+	}
+	return nil
+}
+
+func (x *MetadataKind) GetCluster() *MetadataKind_Cluster {
+	if x, ok := x.GetKind().(*MetadataKind_Cluster_); ok {
+		return x.Cluster
+	}
+	return nil
+}
+
+func (x *MetadataKind) GetHost() *MetadataKind_Host {
+	if x, ok := x.GetKind().(*MetadataKind_Host_); ok {
+		return x.Host
+	}
+	return nil
+}
+
+type isMetadataKind_Kind interface {
+	isMetadataKind_Kind()
+}
+
+type MetadataKind_Request_ struct {
+	// Request kind of metadata.
+	Request *MetadataKind_Request `protobuf:"bytes,1,opt,name=request,proto3,oneof"`
+}
+
+type MetadataKind_Route_ struct {
+	// Route kind of metadata.
+	Route *MetadataKind_Route `protobuf:"bytes,2,opt,name=route,proto3,oneof"`
+}
+
+type MetadataKind_Cluster_ struct {
+	// Cluster kind of metadata.
+	Cluster *MetadataKind_Cluster `protobuf:"bytes,3,opt,name=cluster,proto3,oneof"`
+}
+
+type MetadataKind_Host_ struct {
+	// Host kind of metadata.
+	Host *MetadataKind_Host `protobuf:"bytes,4,opt,name=host,proto3,oneof"`
+}
+
+func (*MetadataKind_Request_) isMetadataKind_Kind() {}
+
+func (*MetadataKind_Route_) isMetadataKind_Kind() {}
+
+func (*MetadataKind_Cluster_) isMetadataKind_Kind() {}
+
+func (*MetadataKind_Host_) isMetadataKind_Kind() {}
+
+// Specifies the segment in a path to retrieve value from Metadata.
+// Currently it is only supported to specify the key, i.e. field name, as one segment of a path.
+type MetadataKey_PathSegment struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// Types that are assignable to Segment:
+	//	*MetadataKey_PathSegment_Key
+	Segment isMetadataKey_PathSegment_Segment `protobuf_oneof:"segment"`
+}
+
+func (x *MetadataKey_PathSegment) Reset() {
+	*x = MetadataKey_PathSegment{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_type_metadata_v2_metadata_proto_msgTypes[2]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *MetadataKey_PathSegment) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*MetadataKey_PathSegment) ProtoMessage() {}
+
+func (x *MetadataKey_PathSegment) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_type_metadata_v2_metadata_proto_msgTypes[2]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use MetadataKey_PathSegment.ProtoReflect.Descriptor instead.
+func (*MetadataKey_PathSegment) Descriptor() ([]byte, []int) {
+	return file_envoy_type_metadata_v2_metadata_proto_rawDescGZIP(), []int{0, 0}
+}
+
+func (m *MetadataKey_PathSegment) GetSegment() isMetadataKey_PathSegment_Segment {
+	if m != nil {
+		return m.Segment
+	}
+	return nil
+}
+
+func (x *MetadataKey_PathSegment) GetKey() string {
+	if x, ok := x.GetSegment().(*MetadataKey_PathSegment_Key); ok {
+		return x.Key
+	}
+	return ""
+}
+
+type isMetadataKey_PathSegment_Segment interface {
+	isMetadataKey_PathSegment_Segment()
+}
+
+type MetadataKey_PathSegment_Key struct {
+	// If specified, use the key to retrieve the value in a Struct.
+	Key string `protobuf:"bytes,1,opt,name=key,proto3,oneof"`
+}
+
+func (*MetadataKey_PathSegment_Key) isMetadataKey_PathSegment_Segment() {}
+
+// Represents dynamic metadata associated with the request.
+type MetadataKind_Request struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+}
+
+func (x *MetadataKind_Request) Reset() {
+	*x = MetadataKind_Request{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_type_metadata_v2_metadata_proto_msgTypes[3]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *MetadataKind_Request) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*MetadataKind_Request) ProtoMessage() {}
+
+func (x *MetadataKind_Request) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_type_metadata_v2_metadata_proto_msgTypes[3]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use MetadataKind_Request.ProtoReflect.Descriptor instead.
+func (*MetadataKind_Request) Descriptor() ([]byte, []int) {
+	return file_envoy_type_metadata_v2_metadata_proto_rawDescGZIP(), []int{1, 0}
+}
+
+// Represents metadata from :ref:`the route<envoy_api_field_route.Route.metadata>`.
+type MetadataKind_Route struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+}
+
+func (x *MetadataKind_Route) Reset() {
+	*x = MetadataKind_Route{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_type_metadata_v2_metadata_proto_msgTypes[4]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *MetadataKind_Route) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*MetadataKind_Route) ProtoMessage() {}
+
+func (x *MetadataKind_Route) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_type_metadata_v2_metadata_proto_msgTypes[4]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use MetadataKind_Route.ProtoReflect.Descriptor instead.
+func (*MetadataKind_Route) Descriptor() ([]byte, []int) {
+	return file_envoy_type_metadata_v2_metadata_proto_rawDescGZIP(), []int{1, 1}
+}
+
+// Represents metadata from :ref:`the upstream cluster<envoy_api_field_Cluster.metadata>`.
+type MetadataKind_Cluster struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+}
+
+func (x *MetadataKind_Cluster) Reset() {
+	*x = MetadataKind_Cluster{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_type_metadata_v2_metadata_proto_msgTypes[5]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *MetadataKind_Cluster) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*MetadataKind_Cluster) ProtoMessage() {}
+
+func (x *MetadataKind_Cluster) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_type_metadata_v2_metadata_proto_msgTypes[5]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use MetadataKind_Cluster.ProtoReflect.Descriptor instead.
+func (*MetadataKind_Cluster) Descriptor() ([]byte, []int) {
+	return file_envoy_type_metadata_v2_metadata_proto_rawDescGZIP(), []int{1, 2}
+}
+
+// Represents metadata from :ref:`the upstream
+// host<envoy_api_field_endpoint.LbEndpoint.metadata>`.
+type MetadataKind_Host struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+}
+
+func (x *MetadataKind_Host) Reset() {
+	*x = MetadataKind_Host{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_type_metadata_v2_metadata_proto_msgTypes[6]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *MetadataKind_Host) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*MetadataKind_Host) ProtoMessage() {}
+
+func (x *MetadataKind_Host) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_type_metadata_v2_metadata_proto_msgTypes[6]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use MetadataKind_Host.ProtoReflect.Descriptor instead.
+func (*MetadataKind_Host) Descriptor() ([]byte, []int) {
+	return file_envoy_type_metadata_v2_metadata_proto_rawDescGZIP(), []int{1, 3}
+}
+
+var File_envoy_type_metadata_v2_metadata_proto protoreflect.FileDescriptor
+
+var file_envoy_type_metadata_v2_metadata_proto_rawDesc = []byte{
+	0x0a, 0x25, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2f, 0x74, 0x79, 0x70, 0x65, 0x2f, 0x6d, 0x65, 0x74,
+	0x61, 0x64, 0x61, 0x74, 0x61, 0x2f, 0x76, 0x32, 0x2f, 0x6d, 0x65, 0x74, 0x61, 0x64, 0x61, 0x74,
+	0x61, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x12, 0x16, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x74,
+	0x79, 0x70, 0x65, 0x2e, 0x6d, 0x65, 0x74, 0x61, 0x64, 0x61, 0x74, 0x61, 0x2e, 0x76, 0x32, 0x1a,
+	0x1e, 0x75, 0x64, 0x70, 0x61, 0x2f, 0x61, 0x6e, 0x6e, 0x6f, 0x74, 0x61, 0x74, 0x69, 0x6f, 0x6e,
+	0x73, 0x2f, 0x6d, 0x69, 0x67, 0x72, 0x61, 0x74, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a,
+	0x1d, 0x75, 0x64, 0x70, 0x61, 0x2f, 0x61, 0x6e, 0x6e, 0x6f, 0x74, 0x61, 0x74, 0x69, 0x6f, 0x6e,
+	0x73, 0x2f, 0x73, 0x74, 0x61, 0x74, 0x75, 0x73, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x17,
+	0x76, 0x61, 0x6c, 0x69, 0x64, 0x61, 0x74, 0x65, 0x2f, 0x76, 0x61, 0x6c, 0x69, 0x64, 0x61, 0x74,
+	0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x22, 0xb3, 0x01, 0x0a, 0x0b, 0x4d, 0x65, 0x74, 0x61,
+	0x64, 0x61, 0x74, 0x61, 0x4b, 0x65, 0x79, 0x12, 0x19, 0x0a, 0x03, 0x6b, 0x65, 0x79, 0x18, 0x01,
+	0x20, 0x01, 0x28, 0x09, 0x42, 0x07, 0xfa, 0x42, 0x04, 0x72, 0x02, 0x20, 0x01, 0x52, 0x03, 0x6b,
+	0x65, 0x79, 0x12, 0x4d, 0x0a, 0x04, 0x70, 0x61, 0x74, 0x68, 0x18, 0x02, 0x20, 0x03, 0x28, 0x0b,
+	0x32, 0x2f, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x74, 0x79, 0x70, 0x65, 0x2e, 0x6d, 0x65,
+	0x74, 0x61, 0x64, 0x61, 0x74, 0x61, 0x2e, 0x76, 0x32, 0x2e, 0x4d, 0x65, 0x74, 0x61, 0x64, 0x61,
+	0x74, 0x61, 0x4b, 0x65, 0x79, 0x2e, 0x50, 0x61, 0x74, 0x68, 0x53, 0x65, 0x67, 0x6d, 0x65, 0x6e,
+	0x74, 0x42, 0x08, 0xfa, 0x42, 0x05, 0x92, 0x01, 0x02, 0x08, 0x01, 0x52, 0x04, 0x70, 0x61, 0x74,
+	0x68, 0x1a, 0x3a, 0x0a, 0x0b, 0x50, 0x61, 0x74, 0x68, 0x53, 0x65, 0x67, 0x6d, 0x65, 0x6e, 0x74,
+	0x12, 0x1b, 0x0a, 0x03, 0x6b, 0x65, 0x79, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x42, 0x07, 0xfa,
+	0x42, 0x04, 0x72, 0x02, 0x20, 0x01, 0x48, 0x00, 0x52, 0x03, 0x6b, 0x65, 0x79, 0x42, 0x0e, 0x0a,
+	0x07, 0x73, 0x65, 0x67, 0x6d, 0x65, 0x6e, 0x74, 0x12, 0x03, 0xf8, 0x42, 0x01, 0x22, 0xdb, 0x02,
+	0x0a, 0x0c, 0x4d, 0x65, 0x74, 0x61, 0x64, 0x61, 0x74, 0x61, 0x4b, 0x69, 0x6e, 0x64, 0x12, 0x48,
+	0x0a, 0x07, 0x72, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x18, 0x01, 0x20, 0x01, 0x28, 0x0b, 0x32,
+	0x2c, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x74, 0x79, 0x70, 0x65, 0x2e, 0x6d, 0x65, 0x74,
+	0x61, 0x64, 0x61, 0x74, 0x61, 0x2e, 0x76, 0x32, 0x2e, 0x4d, 0x65, 0x74, 0x61, 0x64, 0x61, 0x74,
+	0x61, 0x4b, 0x69, 0x6e, 0x64, 0x2e, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x48, 0x00, 0x52,
+	0x07, 0x72, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x12, 0x42, 0x0a, 0x05, 0x72, 0x6f, 0x75, 0x74,
+	0x65, 0x18, 0x02, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x2a, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e,
+	0x74, 0x79, 0x70, 0x65, 0x2e, 0x6d, 0x65, 0x74, 0x61, 0x64, 0x61, 0x74, 0x61, 0x2e, 0x76, 0x32,
+	0x2e, 0x4d, 0x65, 0x74, 0x61, 0x64, 0x61, 0x74, 0x61, 0x4b, 0x69, 0x6e, 0x64, 0x2e, 0x52, 0x6f,
+	0x75, 0x74, 0x65, 0x48, 0x00, 0x52, 0x05, 0x72, 0x6f, 0x75, 0x74, 0x65, 0x12, 0x48, 0x0a, 0x07,
+	0x63, 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0x18, 0x03, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x2c, 0x2e,
+	0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x74, 0x79, 0x70, 0x65, 0x2e, 0x6d, 0x65, 0x74, 0x61, 0x64,
+	0x61, 0x74, 0x61, 0x2e, 0x76, 0x32, 0x2e, 0x4d, 0x65, 0x74, 0x61, 0x64, 0x61, 0x74, 0x61, 0x4b,
+	0x69, 0x6e, 0x64, 0x2e, 0x43, 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0x48, 0x00, 0x52, 0x07, 0x63,
+	0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0x12, 0x3f, 0x0a, 0x04, 0x68, 0x6f, 0x73, 0x74, 0x18, 0x04,
+	0x20, 0x01, 0x28, 0x0b, 0x32, 0x29, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x74, 0x79, 0x70,
+	0x65, 0x2e, 0x6d, 0x65, 0x74, 0x61, 0x64, 0x61, 0x74, 0x61, 0x2e, 0x76, 0x32, 0x2e, 0x4d, 0x65,
+	0x74, 0x61, 0x64, 0x61, 0x74, 0x61, 0x4b, 0x69, 0x6e, 0x64, 0x2e, 0x48, 0x6f, 0x73, 0x74, 0x48,
+	0x00, 0x52, 0x04, 0x68, 0x6f, 0x73, 0x74, 0x1a, 0x09, 0x0a, 0x07, 0x52, 0x65, 0x71, 0x75, 0x65,
+	0x73, 0x74, 0x1a, 0x07, 0x0a, 0x05, 0x52, 0x6f, 0x75, 0x74, 0x65, 0x1a, 0x09, 0x0a, 0x07, 0x43,
+	0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0x1a, 0x06, 0x0a, 0x04, 0x48, 0x6f, 0x73, 0x74, 0x42, 0x0b,
+	0x0a, 0x04, 0x6b, 0x69, 0x6e, 0x64, 0x12, 0x03, 0xf8, 0x42, 0x01, 0x42, 0x5d, 0x0a, 0x24, 0x69,
+	0x6f, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x70, 0x72, 0x6f, 0x78, 0x79, 0x2e, 0x65, 0x6e, 0x76,
+	0x6f, 0x79, 0x2e, 0x74, 0x79, 0x70, 0x65, 0x2e, 0x6d, 0x65, 0x74, 0x61, 0x64, 0x61, 0x74, 0x61,
+	0x2e, 0x76, 0x32, 0x42, 0x0d, 0x4d, 0x65, 0x74, 0x61, 0x64, 0x61, 0x74, 0x61, 0x50, 0x72, 0x6f,
+	0x74, 0x6f, 0x50, 0x01, 0xf2, 0x98, 0xfe, 0x8f, 0x05, 0x18, 0x12, 0x16, 0x65, 0x6e, 0x76, 0x6f,
+	0x79, 0x2e, 0x74, 0x79, 0x70, 0x65, 0x2e, 0x6d, 0x65, 0x74, 0x61, 0x64, 0x61, 0x74, 0x61, 0x2e,
+	0x76, 0x33, 0xba, 0x80, 0xc8, 0xd1, 0x06, 0x02, 0x10, 0x01, 0x62, 0x06, 0x70, 0x72, 0x6f, 0x74,
+	0x6f, 0x33,
+}
+
+var (
+	file_envoy_type_metadata_v2_metadata_proto_rawDescOnce sync.Once
+	file_envoy_type_metadata_v2_metadata_proto_rawDescData = file_envoy_type_metadata_v2_metadata_proto_rawDesc
+)
+
+func file_envoy_type_metadata_v2_metadata_proto_rawDescGZIP() []byte {
+	file_envoy_type_metadata_v2_metadata_proto_rawDescOnce.Do(func() {
+		file_envoy_type_metadata_v2_metadata_proto_rawDescData = protoimpl.X.CompressGZIP(file_envoy_type_metadata_v2_metadata_proto_rawDescData)
+	})
+	return file_envoy_type_metadata_v2_metadata_proto_rawDescData
+}
+
+var file_envoy_type_metadata_v2_metadata_proto_msgTypes = make([]protoimpl.MessageInfo, 7)
+var file_envoy_type_metadata_v2_metadata_proto_goTypes = []interface{}{
+	(*MetadataKey)(nil),             // 0: envoy.type.metadata.v2.MetadataKey
+	(*MetadataKind)(nil),            // 1: envoy.type.metadata.v2.MetadataKind
+	(*MetadataKey_PathSegment)(nil), // 2: envoy.type.metadata.v2.MetadataKey.PathSegment
+	(*MetadataKind_Request)(nil),    // 3: envoy.type.metadata.v2.MetadataKind.Request
+	(*MetadataKind_Route)(nil),      // 4: envoy.type.metadata.v2.MetadataKind.Route
+	(*MetadataKind_Cluster)(nil),    // 5: envoy.type.metadata.v2.MetadataKind.Cluster
+	(*MetadataKind_Host)(nil),       // 6: envoy.type.metadata.v2.MetadataKind.Host
+}
+var file_envoy_type_metadata_v2_metadata_proto_depIdxs = []int32{
+	2, // 0: envoy.type.metadata.v2.MetadataKey.path:type_name -> envoy.type.metadata.v2.MetadataKey.PathSegment
+	3, // 1: envoy.type.metadata.v2.MetadataKind.request:type_name -> envoy.type.metadata.v2.MetadataKind.Request
+	4, // 2: envoy.type.metadata.v2.MetadataKind.route:type_name -> envoy.type.metadata.v2.MetadataKind.Route
+	5, // 3: envoy.type.metadata.v2.MetadataKind.cluster:type_name -> envoy.type.metadata.v2.MetadataKind.Cluster
+	6, // 4: envoy.type.metadata.v2.MetadataKind.host:type_name -> envoy.type.metadata.v2.MetadataKind.Host
+	5, // [5:5] is the sub-list for method output_type
+	5, // [5:5] is the sub-list for method input_type
+	5, // [5:5] is the sub-list for extension type_name
+	5, // [5:5] is the sub-list for extension extendee
+	0, // [0:5] is the sub-list for field type_name
+}
+
+func init() { file_envoy_type_metadata_v2_metadata_proto_init() }
+func file_envoy_type_metadata_v2_metadata_proto_init() {
+	if File_envoy_type_metadata_v2_metadata_proto != nil {
+		return
+	}
+	if !protoimpl.UnsafeEnabled {
+		file_envoy_type_metadata_v2_metadata_proto_msgTypes[0].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*MetadataKey); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_type_metadata_v2_metadata_proto_msgTypes[1].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*MetadataKind); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_type_metadata_v2_metadata_proto_msgTypes[2].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*MetadataKey_PathSegment); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_type_metadata_v2_metadata_proto_msgTypes[3].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*MetadataKind_Request); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_type_metadata_v2_metadata_proto_msgTypes[4].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*MetadataKind_Route); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_type_metadata_v2_metadata_proto_msgTypes[5].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*MetadataKind_Cluster); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_type_metadata_v2_metadata_proto_msgTypes[6].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*MetadataKind_Host); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+	}
+	file_envoy_type_metadata_v2_metadata_proto_msgTypes[1].OneofWrappers = []interface{}{
+		(*MetadataKind_Request_)(nil),
+		(*MetadataKind_Route_)(nil),
+		(*MetadataKind_Cluster_)(nil),
+		(*MetadataKind_Host_)(nil),
+	}
+	file_envoy_type_metadata_v2_metadata_proto_msgTypes[2].OneofWrappers = []interface{}{
+		(*MetadataKey_PathSegment_Key)(nil),
+	}
+	type x struct{}
+	out := protoimpl.TypeBuilder{
+		File: protoimpl.DescBuilder{
+			GoPackagePath: reflect.TypeOf(x{}).PkgPath(),
+			RawDescriptor: file_envoy_type_metadata_v2_metadata_proto_rawDesc,
+			NumEnums:      0,
+			NumMessages:   7,
+			NumExtensions: 0,
+			NumServices:   0,
+		},
+		GoTypes:           file_envoy_type_metadata_v2_metadata_proto_goTypes,
+		DependencyIndexes: file_envoy_type_metadata_v2_metadata_proto_depIdxs,
+		MessageInfos:      file_envoy_type_metadata_v2_metadata_proto_msgTypes,
+	}.Build()
+	File_envoy_type_metadata_v2_metadata_proto = out.File
+	file_envoy_type_metadata_v2_metadata_proto_rawDesc = nil
+	file_envoy_type_metadata_v2_metadata_proto_goTypes = nil
+	file_envoy_type_metadata_v2_metadata_proto_depIdxs = nil
+}
diff --git a/vendor/github.com/envoyproxy/go-control-plane/envoy/type/metadata/v2/metadata.pb.validate.go b/vendor/github.com/envoyproxy/go-control-plane/envoy/type/metadata/v2/metadata.pb.validate.go
new file mode 100644
index 00000000000..5570cc77761
--- /dev/null
+++ b/vendor/github.com/envoyproxy/go-control-plane/envoy/type/metadata/v2/metadata.pb.validate.go
@@ -0,0 +1,958 @@
+// Code generated by protoc-gen-validate. DO NOT EDIT.
+// source: envoy/type/metadata/v2/metadata.proto
+
+package envoy_type_metadata_v2
+
+import (
+	"bytes"
+	"errors"
+	"fmt"
+	"net"
+	"net/mail"
+	"net/url"
+	"regexp"
+	"sort"
+	"strings"
+	"time"
+	"unicode/utf8"
+
+	"google.golang.org/protobuf/types/known/anypb"
+)
+
+// ensure the imports are used
+var (
+	_ = bytes.MinRead
+	_ = errors.New("")
+	_ = fmt.Print
+	_ = utf8.UTFMax
+	_ = (*regexp.Regexp)(nil)
+	_ = (*strings.Reader)(nil)
+	_ = net.IPv4len
+	_ = time.Duration(0)
+	_ = (*url.URL)(nil)
+	_ = (*mail.Address)(nil)
+	_ = anypb.Any{}
+	_ = sort.Sort
+)
+
+// Validate checks the field values on MetadataKey with the rules defined in
+// the proto definition for this message. If any rules are violated, the first
+// error encountered is returned, or nil if there are no violations.
+func (m *MetadataKey) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on MetadataKey with the rules defined in
+// the proto definition for this message. If any rules are violated, the
+// result is a list of violation errors wrapped in MetadataKeyMultiError, or
+// nil if none found.
+func (m *MetadataKey) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *MetadataKey) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	if len(m.GetKey()) < 1 {
+		err := MetadataKeyValidationError{
+			field:  "Key",
+			reason: "value length must be at least 1 bytes",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+	}
+
+	if len(m.GetPath()) < 1 {
+		err := MetadataKeyValidationError{
+			field:  "Path",
+			reason: "value must contain at least 1 item(s)",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+	}
+
+	for idx, item := range m.GetPath() {
+		_, _ = idx, item
+
+		if all {
+			switch v := interface{}(item).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, MetadataKeyValidationError{
+						field:  fmt.Sprintf("Path[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, MetadataKeyValidationError{
+						field:  fmt.Sprintf("Path[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(item).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return MetadataKeyValidationError{
+					field:  fmt.Sprintf("Path[%v]", idx),
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	}
+
+	if len(errors) > 0 {
+		return MetadataKeyMultiError(errors)
+	}
+	return nil
+}
+
+// MetadataKeyMultiError is an error wrapping multiple validation errors
+// returned by MetadataKey.ValidateAll() if the designated constraints aren't met.
+type MetadataKeyMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m MetadataKeyMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m MetadataKeyMultiError) AllErrors() []error { return m }
+
+// MetadataKeyValidationError is the validation error returned by
+// MetadataKey.Validate if the designated constraints aren't met.
+type MetadataKeyValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e MetadataKeyValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e MetadataKeyValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e MetadataKeyValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e MetadataKeyValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e MetadataKeyValidationError) ErrorName() string { return "MetadataKeyValidationError" }
+
+// Error satisfies the builtin error interface
+func (e MetadataKeyValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sMetadataKey.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = MetadataKeyValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = MetadataKeyValidationError{}
+
+// Validate checks the field values on MetadataKind with the rules defined in
+// the proto definition for this message. If any rules are violated, the first
+// error encountered is returned, or nil if there are no violations.
+func (m *MetadataKind) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on MetadataKind with the rules defined
+// in the proto definition for this message. If any rules are violated, the
+// result is a list of violation errors wrapped in MetadataKindMultiError, or
+// nil if none found.
+func (m *MetadataKind) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *MetadataKind) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	switch m.Kind.(type) {
+
+	case *MetadataKind_Request_:
+
+		if all {
+			switch v := interface{}(m.GetRequest()).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, MetadataKindValidationError{
+						field:  "Request",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, MetadataKindValidationError{
+						field:  "Request",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(m.GetRequest()).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return MetadataKindValidationError{
+					field:  "Request",
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	case *MetadataKind_Route_:
+
+		if all {
+			switch v := interface{}(m.GetRoute()).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, MetadataKindValidationError{
+						field:  "Route",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, MetadataKindValidationError{
+						field:  "Route",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(m.GetRoute()).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return MetadataKindValidationError{
+					field:  "Route",
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	case *MetadataKind_Cluster_:
+
+		if all {
+			switch v := interface{}(m.GetCluster()).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, MetadataKindValidationError{
+						field:  "Cluster",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, MetadataKindValidationError{
+						field:  "Cluster",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(m.GetCluster()).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return MetadataKindValidationError{
+					field:  "Cluster",
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	case *MetadataKind_Host_:
+
+		if all {
+			switch v := interface{}(m.GetHost()).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, MetadataKindValidationError{
+						field:  "Host",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, MetadataKindValidationError{
+						field:  "Host",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(m.GetHost()).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return MetadataKindValidationError{
+					field:  "Host",
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	default:
+		err := MetadataKindValidationError{
+			field:  "Kind",
+			reason: "value is required",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+
+	}
+
+	if len(errors) > 0 {
+		return MetadataKindMultiError(errors)
+	}
+	return nil
+}
+
+// MetadataKindMultiError is an error wrapping multiple validation errors
+// returned by MetadataKind.ValidateAll() if the designated constraints aren't met.
+type MetadataKindMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m MetadataKindMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m MetadataKindMultiError) AllErrors() []error { return m }
+
+// MetadataKindValidationError is the validation error returned by
+// MetadataKind.Validate if the designated constraints aren't met.
+type MetadataKindValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e MetadataKindValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e MetadataKindValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e MetadataKindValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e MetadataKindValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e MetadataKindValidationError) ErrorName() string { return "MetadataKindValidationError" }
+
+// Error satisfies the builtin error interface
+func (e MetadataKindValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sMetadataKind.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = MetadataKindValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = MetadataKindValidationError{}
+
+// Validate checks the field values on MetadataKey_PathSegment with the rules
+// defined in the proto definition for this message. If any rules are
+// violated, the first error encountered is returned, or nil if there are no violations.
+func (m *MetadataKey_PathSegment) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on MetadataKey_PathSegment with the
+// rules defined in the proto definition for this message. If any rules are
+// violated, the result is a list of violation errors wrapped in
+// MetadataKey_PathSegmentMultiError, or nil if none found.
+func (m *MetadataKey_PathSegment) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *MetadataKey_PathSegment) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	switch m.Segment.(type) {
+
+	case *MetadataKey_PathSegment_Key:
+
+		if len(m.GetKey()) < 1 {
+			err := MetadataKey_PathSegmentValidationError{
+				field:  "Key",
+				reason: "value length must be at least 1 bytes",
+			}
+			if !all {
+				return err
+			}
+			errors = append(errors, err)
+		}
+
+	default:
+		err := MetadataKey_PathSegmentValidationError{
+			field:  "Segment",
+			reason: "value is required",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+
+	}
+
+	if len(errors) > 0 {
+		return MetadataKey_PathSegmentMultiError(errors)
+	}
+	return nil
+}
+
+// MetadataKey_PathSegmentMultiError is an error wrapping multiple validation
+// errors returned by MetadataKey_PathSegment.ValidateAll() if the designated
+// constraints aren't met.
+type MetadataKey_PathSegmentMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m MetadataKey_PathSegmentMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m MetadataKey_PathSegmentMultiError) AllErrors() []error { return m }
+
+// MetadataKey_PathSegmentValidationError is the validation error returned by
+// MetadataKey_PathSegment.Validate if the designated constraints aren't met.
+type MetadataKey_PathSegmentValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e MetadataKey_PathSegmentValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e MetadataKey_PathSegmentValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e MetadataKey_PathSegmentValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e MetadataKey_PathSegmentValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e MetadataKey_PathSegmentValidationError) ErrorName() string {
+	return "MetadataKey_PathSegmentValidationError"
+}
+
+// Error satisfies the builtin error interface
+func (e MetadataKey_PathSegmentValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sMetadataKey_PathSegment.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = MetadataKey_PathSegmentValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = MetadataKey_PathSegmentValidationError{}
+
+// Validate checks the field values on MetadataKind_Request with the rules
+// defined in the proto definition for this message. If any rules are
+// violated, the first error encountered is returned, or nil if there are no violations.
+func (m *MetadataKind_Request) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on MetadataKind_Request with the rules
+// defined in the proto definition for this message. If any rules are
+// violated, the result is a list of violation errors wrapped in
+// MetadataKind_RequestMultiError, or nil if none found.
+func (m *MetadataKind_Request) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *MetadataKind_Request) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	if len(errors) > 0 {
+		return MetadataKind_RequestMultiError(errors)
+	}
+	return nil
+}
+
+// MetadataKind_RequestMultiError is an error wrapping multiple validation
+// errors returned by MetadataKind_Request.ValidateAll() if the designated
+// constraints aren't met.
+type MetadataKind_RequestMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m MetadataKind_RequestMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m MetadataKind_RequestMultiError) AllErrors() []error { return m }
+
+// MetadataKind_RequestValidationError is the validation error returned by
+// MetadataKind_Request.Validate if the designated constraints aren't met.
+type MetadataKind_RequestValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e MetadataKind_RequestValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e MetadataKind_RequestValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e MetadataKind_RequestValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e MetadataKind_RequestValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e MetadataKind_RequestValidationError) ErrorName() string {
+	return "MetadataKind_RequestValidationError"
+}
+
+// Error satisfies the builtin error interface
+func (e MetadataKind_RequestValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sMetadataKind_Request.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = MetadataKind_RequestValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = MetadataKind_RequestValidationError{}
+
+// Validate checks the field values on MetadataKind_Route with the rules
+// defined in the proto definition for this message. If any rules are
+// violated, the first error encountered is returned, or nil if there are no violations.
+func (m *MetadataKind_Route) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on MetadataKind_Route with the rules
+// defined in the proto definition for this message. If any rules are
+// violated, the result is a list of violation errors wrapped in
+// MetadataKind_RouteMultiError, or nil if none found.
+func (m *MetadataKind_Route) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *MetadataKind_Route) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	if len(errors) > 0 {
+		return MetadataKind_RouteMultiError(errors)
+	}
+	return nil
+}
+
+// MetadataKind_RouteMultiError is an error wrapping multiple validation errors
+// returned by MetadataKind_Route.ValidateAll() if the designated constraints
+// aren't met.
+type MetadataKind_RouteMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m MetadataKind_RouteMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m MetadataKind_RouteMultiError) AllErrors() []error { return m }
+
+// MetadataKind_RouteValidationError is the validation error returned by
+// MetadataKind_Route.Validate if the designated constraints aren't met.
+type MetadataKind_RouteValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e MetadataKind_RouteValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e MetadataKind_RouteValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e MetadataKind_RouteValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e MetadataKind_RouteValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e MetadataKind_RouteValidationError) ErrorName() string {
+	return "MetadataKind_RouteValidationError"
+}
+
+// Error satisfies the builtin error interface
+func (e MetadataKind_RouteValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sMetadataKind_Route.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = MetadataKind_RouteValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = MetadataKind_RouteValidationError{}
+
+// Validate checks the field values on MetadataKind_Cluster with the rules
+// defined in the proto definition for this message. If any rules are
+// violated, the first error encountered is returned, or nil if there are no violations.
+func (m *MetadataKind_Cluster) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on MetadataKind_Cluster with the rules
+// defined in the proto definition for this message. If any rules are
+// violated, the result is a list of violation errors wrapped in
+// MetadataKind_ClusterMultiError, or nil if none found.
+func (m *MetadataKind_Cluster) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *MetadataKind_Cluster) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	if len(errors) > 0 {
+		return MetadataKind_ClusterMultiError(errors)
+	}
+	return nil
+}
+
+// MetadataKind_ClusterMultiError is an error wrapping multiple validation
+// errors returned by MetadataKind_Cluster.ValidateAll() if the designated
+// constraints aren't met.
+type MetadataKind_ClusterMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m MetadataKind_ClusterMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m MetadataKind_ClusterMultiError) AllErrors() []error { return m }
+
+// MetadataKind_ClusterValidationError is the validation error returned by
+// MetadataKind_Cluster.Validate if the designated constraints aren't met.
+type MetadataKind_ClusterValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e MetadataKind_ClusterValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e MetadataKind_ClusterValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e MetadataKind_ClusterValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e MetadataKind_ClusterValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e MetadataKind_ClusterValidationError) ErrorName() string {
+	return "MetadataKind_ClusterValidationError"
+}
+
+// Error satisfies the builtin error interface
+func (e MetadataKind_ClusterValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sMetadataKind_Cluster.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = MetadataKind_ClusterValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = MetadataKind_ClusterValidationError{}
+
+// Validate checks the field values on MetadataKind_Host with the rules defined
+// in the proto definition for this message. If any rules are violated, the
+// first error encountered is returned, or nil if there are no violations.
+func (m *MetadataKind_Host) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on MetadataKind_Host with the rules
+// defined in the proto definition for this message. If any rules are
+// violated, the result is a list of violation errors wrapped in
+// MetadataKind_HostMultiError, or nil if none found.
+func (m *MetadataKind_Host) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *MetadataKind_Host) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	if len(errors) > 0 {
+		return MetadataKind_HostMultiError(errors)
+	}
+	return nil
+}
+
+// MetadataKind_HostMultiError is an error wrapping multiple validation errors
+// returned by MetadataKind_Host.ValidateAll() if the designated constraints
+// aren't met.
+type MetadataKind_HostMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m MetadataKind_HostMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m MetadataKind_HostMultiError) AllErrors() []error { return m }
+
+// MetadataKind_HostValidationError is the validation error returned by
+// MetadataKind_Host.Validate if the designated constraints aren't met.
+type MetadataKind_HostValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e MetadataKind_HostValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e MetadataKind_HostValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e MetadataKind_HostValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e MetadataKind_HostValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e MetadataKind_HostValidationError) ErrorName() string {
+	return "MetadataKind_HostValidationError"
+}
+
+// Error satisfies the builtin error interface
+func (e MetadataKind_HostValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sMetadataKind_Host.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = MetadataKind_HostValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = MetadataKind_HostValidationError{}
diff --git a/vendor/github.com/envoyproxy/go-control-plane/envoy/type/metadata/v3/metadata.pb.go b/vendor/github.com/envoyproxy/go-control-plane/envoy/type/metadata/v3/metadata.pb.go
new file mode 100644
index 00000000000..cbc9421a08c
--- /dev/null
+++ b/vendor/github.com/envoyproxy/go-control-plane/envoy/type/metadata/v3/metadata.pb.go
@@ -0,0 +1,682 @@
+// Code generated by protoc-gen-go. DO NOT EDIT.
+// versions:
+// 	protoc-gen-go v1.25.0
+// 	protoc        v3.19.1
+// source: envoy/type/metadata/v3/metadata.proto
+
+package envoy_type_metadata_v3
+
+import (
+	_ "github.com/cncf/xds/go/udpa/annotations"
+	_ "github.com/envoyproxy/protoc-gen-validate/validate"
+	proto "github.com/golang/protobuf/proto"
+	protoreflect "google.golang.org/protobuf/reflect/protoreflect"
+	protoimpl "google.golang.org/protobuf/runtime/protoimpl"
+	reflect "reflect"
+	sync "sync"
+)
+
+const (
+	// Verify that this generated code is sufficiently up-to-date.
+	_ = protoimpl.EnforceVersion(20 - protoimpl.MinVersion)
+	// Verify that runtime/protoimpl is sufficiently up-to-date.
+	_ = protoimpl.EnforceVersion(protoimpl.MaxVersion - 20)
+)
+
+// This is a compile-time assertion that a sufficiently up-to-date version
+// of the legacy proto package is being used.
+const _ = proto.ProtoPackageIsVersion4
+
+// MetadataKey provides a general interface using `key` and `path` to retrieve value from
+// :ref:`Metadata <envoy_v3_api_msg_config.core.v3.Metadata>`.
+//
+// For example, for the following Metadata:
+//
+// .. code-block:: yaml
+//
+//    filter_metadata:
+//      envoy.xxx:
+//        prop:
+//          foo: bar
+//          xyz:
+//            hello: envoy
+//
+// The following MetadataKey will retrieve a string value "bar" from the Metadata.
+//
+// .. code-block:: yaml
+//
+//    key: envoy.xxx
+//    path:
+//    - key: prop
+//    - key: foo
+//
+type MetadataKey struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// The key name of Metadata to retrieve the Struct from the metadata.
+	// Typically, it represents a builtin subsystem or custom extension.
+	Key string `protobuf:"bytes,1,opt,name=key,proto3" json:"key,omitempty"`
+	// The path to retrieve the Value from the Struct. It can be a prefix or a full path,
+	// e.g. ``[prop, xyz]`` for a struct or ``[prop, foo]`` for a string in the example,
+	// which depends on the particular scenario.
+	//
+	// Note: Due to that only the key type segment is supported, the path can not specify a list
+	// unless the list is the last segment.
+	Path []*MetadataKey_PathSegment `protobuf:"bytes,2,rep,name=path,proto3" json:"path,omitempty"`
+}
+
+func (x *MetadataKey) Reset() {
+	*x = MetadataKey{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_type_metadata_v3_metadata_proto_msgTypes[0]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *MetadataKey) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*MetadataKey) ProtoMessage() {}
+
+func (x *MetadataKey) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_type_metadata_v3_metadata_proto_msgTypes[0]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use MetadataKey.ProtoReflect.Descriptor instead.
+func (*MetadataKey) Descriptor() ([]byte, []int) {
+	return file_envoy_type_metadata_v3_metadata_proto_rawDescGZIP(), []int{0}
+}
+
+func (x *MetadataKey) GetKey() string {
+	if x != nil {
+		return x.Key
+	}
+	return ""
+}
+
+func (x *MetadataKey) GetPath() []*MetadataKey_PathSegment {
+	if x != nil {
+		return x.Path
+	}
+	return nil
+}
+
+// Describes what kind of metadata.
+type MetadataKind struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// Types that are assignable to Kind:
+	//	*MetadataKind_Request_
+	//	*MetadataKind_Route_
+	//	*MetadataKind_Cluster_
+	//	*MetadataKind_Host_
+	Kind isMetadataKind_Kind `protobuf_oneof:"kind"`
+}
+
+func (x *MetadataKind) Reset() {
+	*x = MetadataKind{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_type_metadata_v3_metadata_proto_msgTypes[1]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *MetadataKind) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*MetadataKind) ProtoMessage() {}
+
+func (x *MetadataKind) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_type_metadata_v3_metadata_proto_msgTypes[1]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use MetadataKind.ProtoReflect.Descriptor instead.
+func (*MetadataKind) Descriptor() ([]byte, []int) {
+	return file_envoy_type_metadata_v3_metadata_proto_rawDescGZIP(), []int{1}
+}
+
+func (m *MetadataKind) GetKind() isMetadataKind_Kind {
+	if m != nil {
+		return m.Kind
+	}
+	return nil
+}
+
+func (x *MetadataKind) GetRequest() *MetadataKind_Request {
+	if x, ok := x.GetKind().(*MetadataKind_Request_); ok {
+		return x.Request
+	}
+	return nil
+}
+
+func (x *MetadataKind) GetRoute() *MetadataKind_Route {
+	if x, ok := x.GetKind().(*MetadataKind_Route_); ok {
+		return x.Route
+	}
+	return nil
+}
+
+func (x *MetadataKind) GetCluster() *MetadataKind_Cluster {
+	if x, ok := x.GetKind().(*MetadataKind_Cluster_); ok {
+		return x.Cluster
+	}
+	return nil
+}
+
+func (x *MetadataKind) GetHost() *MetadataKind_Host {
+	if x, ok := x.GetKind().(*MetadataKind_Host_); ok {
+		return x.Host
+	}
+	return nil
+}
+
+type isMetadataKind_Kind interface {
+	isMetadataKind_Kind()
+}
+
+type MetadataKind_Request_ struct {
+	// Request kind of metadata.
+	Request *MetadataKind_Request `protobuf:"bytes,1,opt,name=request,proto3,oneof"`
+}
+
+type MetadataKind_Route_ struct {
+	// Route kind of metadata.
+	Route *MetadataKind_Route `protobuf:"bytes,2,opt,name=route,proto3,oneof"`
+}
+
+type MetadataKind_Cluster_ struct {
+	// Cluster kind of metadata.
+	Cluster *MetadataKind_Cluster `protobuf:"bytes,3,opt,name=cluster,proto3,oneof"`
+}
+
+type MetadataKind_Host_ struct {
+	// Host kind of metadata.
+	Host *MetadataKind_Host `protobuf:"bytes,4,opt,name=host,proto3,oneof"`
+}
+
+func (*MetadataKind_Request_) isMetadataKind_Kind() {}
+
+func (*MetadataKind_Route_) isMetadataKind_Kind() {}
+
+func (*MetadataKind_Cluster_) isMetadataKind_Kind() {}
+
+func (*MetadataKind_Host_) isMetadataKind_Kind() {}
+
+// Specifies the segment in a path to retrieve value from Metadata.
+// Currently it is only supported to specify the key, i.e. field name, as one segment of a path.
+type MetadataKey_PathSegment struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// Types that are assignable to Segment:
+	//	*MetadataKey_PathSegment_Key
+	Segment isMetadataKey_PathSegment_Segment `protobuf_oneof:"segment"`
+}
+
+func (x *MetadataKey_PathSegment) Reset() {
+	*x = MetadataKey_PathSegment{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_type_metadata_v3_metadata_proto_msgTypes[2]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *MetadataKey_PathSegment) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*MetadataKey_PathSegment) ProtoMessage() {}
+
+func (x *MetadataKey_PathSegment) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_type_metadata_v3_metadata_proto_msgTypes[2]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use MetadataKey_PathSegment.ProtoReflect.Descriptor instead.
+func (*MetadataKey_PathSegment) Descriptor() ([]byte, []int) {
+	return file_envoy_type_metadata_v3_metadata_proto_rawDescGZIP(), []int{0, 0}
+}
+
+func (m *MetadataKey_PathSegment) GetSegment() isMetadataKey_PathSegment_Segment {
+	if m != nil {
+		return m.Segment
+	}
+	return nil
+}
+
+func (x *MetadataKey_PathSegment) GetKey() string {
+	if x, ok := x.GetSegment().(*MetadataKey_PathSegment_Key); ok {
+		return x.Key
+	}
+	return ""
+}
+
+type isMetadataKey_PathSegment_Segment interface {
+	isMetadataKey_PathSegment_Segment()
+}
+
+type MetadataKey_PathSegment_Key struct {
+	// If specified, use the key to retrieve the value in a Struct.
+	Key string `protobuf:"bytes,1,opt,name=key,proto3,oneof"`
+}
+
+func (*MetadataKey_PathSegment_Key) isMetadataKey_PathSegment_Segment() {}
+
+// Represents dynamic metadata associated with the request.
+type MetadataKind_Request struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+}
+
+func (x *MetadataKind_Request) Reset() {
+	*x = MetadataKind_Request{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_type_metadata_v3_metadata_proto_msgTypes[3]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *MetadataKind_Request) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*MetadataKind_Request) ProtoMessage() {}
+
+func (x *MetadataKind_Request) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_type_metadata_v3_metadata_proto_msgTypes[3]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use MetadataKind_Request.ProtoReflect.Descriptor instead.
+func (*MetadataKind_Request) Descriptor() ([]byte, []int) {
+	return file_envoy_type_metadata_v3_metadata_proto_rawDescGZIP(), []int{1, 0}
+}
+
+// Represents metadata from :ref:`the route<envoy_v3_api_field_config.route.v3.Route.metadata>`.
+type MetadataKind_Route struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+}
+
+func (x *MetadataKind_Route) Reset() {
+	*x = MetadataKind_Route{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_type_metadata_v3_metadata_proto_msgTypes[4]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *MetadataKind_Route) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*MetadataKind_Route) ProtoMessage() {}
+
+func (x *MetadataKind_Route) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_type_metadata_v3_metadata_proto_msgTypes[4]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use MetadataKind_Route.ProtoReflect.Descriptor instead.
+func (*MetadataKind_Route) Descriptor() ([]byte, []int) {
+	return file_envoy_type_metadata_v3_metadata_proto_rawDescGZIP(), []int{1, 1}
+}
+
+// Represents metadata from :ref:`the upstream cluster<envoy_v3_api_field_config.cluster.v3.Cluster.metadata>`.
+type MetadataKind_Cluster struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+}
+
+func (x *MetadataKind_Cluster) Reset() {
+	*x = MetadataKind_Cluster{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_type_metadata_v3_metadata_proto_msgTypes[5]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *MetadataKind_Cluster) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*MetadataKind_Cluster) ProtoMessage() {}
+
+func (x *MetadataKind_Cluster) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_type_metadata_v3_metadata_proto_msgTypes[5]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use MetadataKind_Cluster.ProtoReflect.Descriptor instead.
+func (*MetadataKind_Cluster) Descriptor() ([]byte, []int) {
+	return file_envoy_type_metadata_v3_metadata_proto_rawDescGZIP(), []int{1, 2}
+}
+
+// Represents metadata from :ref:`the upstream
+// host<envoy_v3_api_field_config.endpoint.v3.LbEndpoint.metadata>`.
+type MetadataKind_Host struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+}
+
+func (x *MetadataKind_Host) Reset() {
+	*x = MetadataKind_Host{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_type_metadata_v3_metadata_proto_msgTypes[6]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *MetadataKind_Host) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*MetadataKind_Host) ProtoMessage() {}
+
+func (x *MetadataKind_Host) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_type_metadata_v3_metadata_proto_msgTypes[6]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use MetadataKind_Host.ProtoReflect.Descriptor instead.
+func (*MetadataKind_Host) Descriptor() ([]byte, []int) {
+	return file_envoy_type_metadata_v3_metadata_proto_rawDescGZIP(), []int{1, 3}
+}
+
+var File_envoy_type_metadata_v3_metadata_proto protoreflect.FileDescriptor
+
+var file_envoy_type_metadata_v3_metadata_proto_rawDesc = []byte{
+	0x0a, 0x25, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2f, 0x74, 0x79, 0x70, 0x65, 0x2f, 0x6d, 0x65, 0x74,
+	0x61, 0x64, 0x61, 0x74, 0x61, 0x2f, 0x76, 0x33, 0x2f, 0x6d, 0x65, 0x74, 0x61, 0x64, 0x61, 0x74,
+	0x61, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x12, 0x16, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x74,
+	0x79, 0x70, 0x65, 0x2e, 0x6d, 0x65, 0x74, 0x61, 0x64, 0x61, 0x74, 0x61, 0x2e, 0x76, 0x33, 0x1a,
+	0x1d, 0x75, 0x64, 0x70, 0x61, 0x2f, 0x61, 0x6e, 0x6e, 0x6f, 0x74, 0x61, 0x74, 0x69, 0x6f, 0x6e,
+	0x73, 0x2f, 0x73, 0x74, 0x61, 0x74, 0x75, 0x73, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x21,
+	0x75, 0x64, 0x70, 0x61, 0x2f, 0x61, 0x6e, 0x6e, 0x6f, 0x74, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x73,
+	0x2f, 0x76, 0x65, 0x72, 0x73, 0x69, 0x6f, 0x6e, 0x69, 0x6e, 0x67, 0x2e, 0x70, 0x72, 0x6f, 0x74,
+	0x6f, 0x1a, 0x17, 0x76, 0x61, 0x6c, 0x69, 0x64, 0x61, 0x74, 0x65, 0x2f, 0x76, 0x61, 0x6c, 0x69,
+	0x64, 0x61, 0x74, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x22, 0x95, 0x02, 0x0a, 0x0b, 0x4d,
+	0x65, 0x74, 0x61, 0x64, 0x61, 0x74, 0x61, 0x4b, 0x65, 0x79, 0x12, 0x19, 0x0a, 0x03, 0x6b, 0x65,
+	0x79, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x42, 0x07, 0xfa, 0x42, 0x04, 0x72, 0x02, 0x10, 0x01,
+	0x52, 0x03, 0x6b, 0x65, 0x79, 0x12, 0x4d, 0x0a, 0x04, 0x70, 0x61, 0x74, 0x68, 0x18, 0x02, 0x20,
+	0x03, 0x28, 0x0b, 0x32, 0x2f, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x74, 0x79, 0x70, 0x65,
+	0x2e, 0x6d, 0x65, 0x74, 0x61, 0x64, 0x61, 0x74, 0x61, 0x2e, 0x76, 0x33, 0x2e, 0x4d, 0x65, 0x74,
+	0x61, 0x64, 0x61, 0x74, 0x61, 0x4b, 0x65, 0x79, 0x2e, 0x50, 0x61, 0x74, 0x68, 0x53, 0x65, 0x67,
+	0x6d, 0x65, 0x6e, 0x74, 0x42, 0x08, 0xfa, 0x42, 0x05, 0x92, 0x01, 0x02, 0x08, 0x01, 0x52, 0x04,
+	0x70, 0x61, 0x74, 0x68, 0x1a, 0x71, 0x0a, 0x0b, 0x50, 0x61, 0x74, 0x68, 0x53, 0x65, 0x67, 0x6d,
+	0x65, 0x6e, 0x74, 0x12, 0x1b, 0x0a, 0x03, 0x6b, 0x65, 0x79, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09,
+	0x42, 0x07, 0xfa, 0x42, 0x04, 0x72, 0x02, 0x10, 0x01, 0x48, 0x00, 0x52, 0x03, 0x6b, 0x65, 0x79,
+	0x3a, 0x35, 0x9a, 0xc5, 0x88, 0x1e, 0x30, 0x0a, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x74,
+	0x79, 0x70, 0x65, 0x2e, 0x6d, 0x65, 0x74, 0x61, 0x64, 0x61, 0x74, 0x61, 0x2e, 0x76, 0x32, 0x2e,
+	0x4d, 0x65, 0x74, 0x61, 0x64, 0x61, 0x74, 0x61, 0x4b, 0x65, 0x79, 0x2e, 0x50, 0x61, 0x74, 0x68,
+	0x53, 0x65, 0x67, 0x6d, 0x65, 0x6e, 0x74, 0x42, 0x0e, 0x0a, 0x07, 0x73, 0x65, 0x67, 0x6d, 0x65,
+	0x6e, 0x74, 0x12, 0x03, 0xf8, 0x42, 0x01, 0x3a, 0x29, 0x9a, 0xc5, 0x88, 0x1e, 0x24, 0x0a, 0x22,
+	0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x74, 0x79, 0x70, 0x65, 0x2e, 0x6d, 0x65, 0x74, 0x61, 0x64,
+	0x61, 0x74, 0x61, 0x2e, 0x76, 0x32, 0x2e, 0x4d, 0x65, 0x74, 0x61, 0x64, 0x61, 0x74, 0x61, 0x4b,
+	0x65, 0x79, 0x22, 0xd2, 0x04, 0x0a, 0x0c, 0x4d, 0x65, 0x74, 0x61, 0x64, 0x61, 0x74, 0x61, 0x4b,
+	0x69, 0x6e, 0x64, 0x12, 0x48, 0x0a, 0x07, 0x72, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x18, 0x01,
+	0x20, 0x01, 0x28, 0x0b, 0x32, 0x2c, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x74, 0x79, 0x70,
+	0x65, 0x2e, 0x6d, 0x65, 0x74, 0x61, 0x64, 0x61, 0x74, 0x61, 0x2e, 0x76, 0x33, 0x2e, 0x4d, 0x65,
+	0x74, 0x61, 0x64, 0x61, 0x74, 0x61, 0x4b, 0x69, 0x6e, 0x64, 0x2e, 0x52, 0x65, 0x71, 0x75, 0x65,
+	0x73, 0x74, 0x48, 0x00, 0x52, 0x07, 0x72, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x12, 0x42, 0x0a,
+	0x05, 0x72, 0x6f, 0x75, 0x74, 0x65, 0x18, 0x02, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x2a, 0x2e, 0x65,
+	0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x74, 0x79, 0x70, 0x65, 0x2e, 0x6d, 0x65, 0x74, 0x61, 0x64, 0x61,
+	0x74, 0x61, 0x2e, 0x76, 0x33, 0x2e, 0x4d, 0x65, 0x74, 0x61, 0x64, 0x61, 0x74, 0x61, 0x4b, 0x69,
+	0x6e, 0x64, 0x2e, 0x52, 0x6f, 0x75, 0x74, 0x65, 0x48, 0x00, 0x52, 0x05, 0x72, 0x6f, 0x75, 0x74,
+	0x65, 0x12, 0x48, 0x0a, 0x07, 0x63, 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0x18, 0x03, 0x20, 0x01,
+	0x28, 0x0b, 0x32, 0x2c, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x74, 0x79, 0x70, 0x65, 0x2e,
+	0x6d, 0x65, 0x74, 0x61, 0x64, 0x61, 0x74, 0x61, 0x2e, 0x76, 0x33, 0x2e, 0x4d, 0x65, 0x74, 0x61,
+	0x64, 0x61, 0x74, 0x61, 0x4b, 0x69, 0x6e, 0x64, 0x2e, 0x43, 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72,
+	0x48, 0x00, 0x52, 0x07, 0x63, 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0x12, 0x3f, 0x0a, 0x04, 0x68,
+	0x6f, 0x73, 0x74, 0x18, 0x04, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x29, 0x2e, 0x65, 0x6e, 0x76, 0x6f,
+	0x79, 0x2e, 0x74, 0x79, 0x70, 0x65, 0x2e, 0x6d, 0x65, 0x74, 0x61, 0x64, 0x61, 0x74, 0x61, 0x2e,
+	0x76, 0x33, 0x2e, 0x4d, 0x65, 0x74, 0x61, 0x64, 0x61, 0x74, 0x61, 0x4b, 0x69, 0x6e, 0x64, 0x2e,
+	0x48, 0x6f, 0x73, 0x74, 0x48, 0x00, 0x52, 0x04, 0x68, 0x6f, 0x73, 0x74, 0x1a, 0x3d, 0x0a, 0x07,
+	0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x3a, 0x32, 0x9a, 0xc5, 0x88, 0x1e, 0x2d, 0x0a, 0x2b,
+	0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x74, 0x79, 0x70, 0x65, 0x2e, 0x6d, 0x65, 0x74, 0x61, 0x64,
+	0x61, 0x74, 0x61, 0x2e, 0x76, 0x32, 0x2e, 0x4d, 0x65, 0x74, 0x61, 0x64, 0x61, 0x74, 0x61, 0x4b,
+	0x69, 0x6e, 0x64, 0x2e, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, 0x39, 0x0a, 0x05, 0x52,
+	0x6f, 0x75, 0x74, 0x65, 0x3a, 0x30, 0x9a, 0xc5, 0x88, 0x1e, 0x2b, 0x0a, 0x29, 0x65, 0x6e, 0x76,
+	0x6f, 0x79, 0x2e, 0x74, 0x79, 0x70, 0x65, 0x2e, 0x6d, 0x65, 0x74, 0x61, 0x64, 0x61, 0x74, 0x61,
+	0x2e, 0x76, 0x32, 0x2e, 0x4d, 0x65, 0x74, 0x61, 0x64, 0x61, 0x74, 0x61, 0x4b, 0x69, 0x6e, 0x64,
+	0x2e, 0x52, 0x6f, 0x75, 0x74, 0x65, 0x1a, 0x3d, 0x0a, 0x07, 0x43, 0x6c, 0x75, 0x73, 0x74, 0x65,
+	0x72, 0x3a, 0x32, 0x9a, 0xc5, 0x88, 0x1e, 0x2d, 0x0a, 0x2b, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e,
+	0x74, 0x79, 0x70, 0x65, 0x2e, 0x6d, 0x65, 0x74, 0x61, 0x64, 0x61, 0x74, 0x61, 0x2e, 0x76, 0x32,
+	0x2e, 0x4d, 0x65, 0x74, 0x61, 0x64, 0x61, 0x74, 0x61, 0x4b, 0x69, 0x6e, 0x64, 0x2e, 0x43, 0x6c,
+	0x75, 0x73, 0x74, 0x65, 0x72, 0x1a, 0x37, 0x0a, 0x04, 0x48, 0x6f, 0x73, 0x74, 0x3a, 0x2f, 0x9a,
+	0xc5, 0x88, 0x1e, 0x2a, 0x0a, 0x28, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x74, 0x79, 0x70, 0x65,
+	0x2e, 0x6d, 0x65, 0x74, 0x61, 0x64, 0x61, 0x74, 0x61, 0x2e, 0x76, 0x32, 0x2e, 0x4d, 0x65, 0x74,
+	0x61, 0x64, 0x61, 0x74, 0x61, 0x4b, 0x69, 0x6e, 0x64, 0x2e, 0x48, 0x6f, 0x73, 0x74, 0x3a, 0x2a,
+	0x9a, 0xc5, 0x88, 0x1e, 0x25, 0x0a, 0x23, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x74, 0x79, 0x70,
+	0x65, 0x2e, 0x6d, 0x65, 0x74, 0x61, 0x64, 0x61, 0x74, 0x61, 0x2e, 0x76, 0x32, 0x2e, 0x4d, 0x65,
+	0x74, 0x61, 0x64, 0x61, 0x74, 0x61, 0x4b, 0x69, 0x6e, 0x64, 0x42, 0x0b, 0x0a, 0x04, 0x6b, 0x69,
+	0x6e, 0x64, 0x12, 0x03, 0xf8, 0x42, 0x01, 0x42, 0x3f, 0x0a, 0x24, 0x69, 0x6f, 0x2e, 0x65, 0x6e,
+	0x76, 0x6f, 0x79, 0x70, 0x72, 0x6f, 0x78, 0x79, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x74,
+	0x79, 0x70, 0x65, 0x2e, 0x6d, 0x65, 0x74, 0x61, 0x64, 0x61, 0x74, 0x61, 0x2e, 0x76, 0x33, 0x42,
+	0x0d, 0x4d, 0x65, 0x74, 0x61, 0x64, 0x61, 0x74, 0x61, 0x50, 0x72, 0x6f, 0x74, 0x6f, 0x50, 0x01,
+	0xba, 0x80, 0xc8, 0xd1, 0x06, 0x02, 0x10, 0x02, 0x62, 0x06, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x33,
+}
+
+var (
+	file_envoy_type_metadata_v3_metadata_proto_rawDescOnce sync.Once
+	file_envoy_type_metadata_v3_metadata_proto_rawDescData = file_envoy_type_metadata_v3_metadata_proto_rawDesc
+)
+
+func file_envoy_type_metadata_v3_metadata_proto_rawDescGZIP() []byte {
+	file_envoy_type_metadata_v3_metadata_proto_rawDescOnce.Do(func() {
+		file_envoy_type_metadata_v3_metadata_proto_rawDescData = protoimpl.X.CompressGZIP(file_envoy_type_metadata_v3_metadata_proto_rawDescData)
+	})
+	return file_envoy_type_metadata_v3_metadata_proto_rawDescData
+}
+
+var file_envoy_type_metadata_v3_metadata_proto_msgTypes = make([]protoimpl.MessageInfo, 7)
+var file_envoy_type_metadata_v3_metadata_proto_goTypes = []interface{}{
+	(*MetadataKey)(nil),             // 0: envoy.type.metadata.v3.MetadataKey
+	(*MetadataKind)(nil),            // 1: envoy.type.metadata.v3.MetadataKind
+	(*MetadataKey_PathSegment)(nil), // 2: envoy.type.metadata.v3.MetadataKey.PathSegment
+	(*MetadataKind_Request)(nil),    // 3: envoy.type.metadata.v3.MetadataKind.Request
+	(*MetadataKind_Route)(nil),      // 4: envoy.type.metadata.v3.MetadataKind.Route
+	(*MetadataKind_Cluster)(nil),    // 5: envoy.type.metadata.v3.MetadataKind.Cluster
+	(*MetadataKind_Host)(nil),       // 6: envoy.type.metadata.v3.MetadataKind.Host
+}
+var file_envoy_type_metadata_v3_metadata_proto_depIdxs = []int32{
+	2, // 0: envoy.type.metadata.v3.MetadataKey.path:type_name -> envoy.type.metadata.v3.MetadataKey.PathSegment
+	3, // 1: envoy.type.metadata.v3.MetadataKind.request:type_name -> envoy.type.metadata.v3.MetadataKind.Request
+	4, // 2: envoy.type.metadata.v3.MetadataKind.route:type_name -> envoy.type.metadata.v3.MetadataKind.Route
+	5, // 3: envoy.type.metadata.v3.MetadataKind.cluster:type_name -> envoy.type.metadata.v3.MetadataKind.Cluster
+	6, // 4: envoy.type.metadata.v3.MetadataKind.host:type_name -> envoy.type.metadata.v3.MetadataKind.Host
+	5, // [5:5] is the sub-list for method output_type
+	5, // [5:5] is the sub-list for method input_type
+	5, // [5:5] is the sub-list for extension type_name
+	5, // [5:5] is the sub-list for extension extendee
+	0, // [0:5] is the sub-list for field type_name
+}
+
+func init() { file_envoy_type_metadata_v3_metadata_proto_init() }
+func file_envoy_type_metadata_v3_metadata_proto_init() {
+	if File_envoy_type_metadata_v3_metadata_proto != nil {
+		return
+	}
+	if !protoimpl.UnsafeEnabled {
+		file_envoy_type_metadata_v3_metadata_proto_msgTypes[0].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*MetadataKey); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_type_metadata_v3_metadata_proto_msgTypes[1].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*MetadataKind); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_type_metadata_v3_metadata_proto_msgTypes[2].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*MetadataKey_PathSegment); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_type_metadata_v3_metadata_proto_msgTypes[3].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*MetadataKind_Request); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_type_metadata_v3_metadata_proto_msgTypes[4].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*MetadataKind_Route); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_type_metadata_v3_metadata_proto_msgTypes[5].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*MetadataKind_Cluster); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_type_metadata_v3_metadata_proto_msgTypes[6].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*MetadataKind_Host); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+	}
+	file_envoy_type_metadata_v3_metadata_proto_msgTypes[1].OneofWrappers = []interface{}{
+		(*MetadataKind_Request_)(nil),
+		(*MetadataKind_Route_)(nil),
+		(*MetadataKind_Cluster_)(nil),
+		(*MetadataKind_Host_)(nil),
+	}
+	file_envoy_type_metadata_v3_metadata_proto_msgTypes[2].OneofWrappers = []interface{}{
+		(*MetadataKey_PathSegment_Key)(nil),
+	}
+	type x struct{}
+	out := protoimpl.TypeBuilder{
+		File: protoimpl.DescBuilder{
+			GoPackagePath: reflect.TypeOf(x{}).PkgPath(),
+			RawDescriptor: file_envoy_type_metadata_v3_metadata_proto_rawDesc,
+			NumEnums:      0,
+			NumMessages:   7,
+			NumExtensions: 0,
+			NumServices:   0,
+		},
+		GoTypes:           file_envoy_type_metadata_v3_metadata_proto_goTypes,
+		DependencyIndexes: file_envoy_type_metadata_v3_metadata_proto_depIdxs,
+		MessageInfos:      file_envoy_type_metadata_v3_metadata_proto_msgTypes,
+	}.Build()
+	File_envoy_type_metadata_v3_metadata_proto = out.File
+	file_envoy_type_metadata_v3_metadata_proto_rawDesc = nil
+	file_envoy_type_metadata_v3_metadata_proto_goTypes = nil
+	file_envoy_type_metadata_v3_metadata_proto_depIdxs = nil
+}
diff --git a/vendor/github.com/envoyproxy/go-control-plane/envoy/type/metadata/v3/metadata.pb.validate.go b/vendor/github.com/envoyproxy/go-control-plane/envoy/type/metadata/v3/metadata.pb.validate.go
new file mode 100644
index 00000000000..75f3c259035
--- /dev/null
+++ b/vendor/github.com/envoyproxy/go-control-plane/envoy/type/metadata/v3/metadata.pb.validate.go
@@ -0,0 +1,958 @@
+// Code generated by protoc-gen-validate. DO NOT EDIT.
+// source: envoy/type/metadata/v3/metadata.proto
+
+package envoy_type_metadata_v3
+
+import (
+	"bytes"
+	"errors"
+	"fmt"
+	"net"
+	"net/mail"
+	"net/url"
+	"regexp"
+	"sort"
+	"strings"
+	"time"
+	"unicode/utf8"
+
+	"google.golang.org/protobuf/types/known/anypb"
+)
+
+// ensure the imports are used
+var (
+	_ = bytes.MinRead
+	_ = errors.New("")
+	_ = fmt.Print
+	_ = utf8.UTFMax
+	_ = (*regexp.Regexp)(nil)
+	_ = (*strings.Reader)(nil)
+	_ = net.IPv4len
+	_ = time.Duration(0)
+	_ = (*url.URL)(nil)
+	_ = (*mail.Address)(nil)
+	_ = anypb.Any{}
+	_ = sort.Sort
+)
+
+// Validate checks the field values on MetadataKey with the rules defined in
+// the proto definition for this message. If any rules are violated, the first
+// error encountered is returned, or nil if there are no violations.
+func (m *MetadataKey) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on MetadataKey with the rules defined in
+// the proto definition for this message. If any rules are violated, the
+// result is a list of violation errors wrapped in MetadataKeyMultiError, or
+// nil if none found.
+func (m *MetadataKey) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *MetadataKey) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	if utf8.RuneCountInString(m.GetKey()) < 1 {
+		err := MetadataKeyValidationError{
+			field:  "Key",
+			reason: "value length must be at least 1 runes",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+	}
+
+	if len(m.GetPath()) < 1 {
+		err := MetadataKeyValidationError{
+			field:  "Path",
+			reason: "value must contain at least 1 item(s)",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+	}
+
+	for idx, item := range m.GetPath() {
+		_, _ = idx, item
+
+		if all {
+			switch v := interface{}(item).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, MetadataKeyValidationError{
+						field:  fmt.Sprintf("Path[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, MetadataKeyValidationError{
+						field:  fmt.Sprintf("Path[%v]", idx),
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(item).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return MetadataKeyValidationError{
+					field:  fmt.Sprintf("Path[%v]", idx),
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	}
+
+	if len(errors) > 0 {
+		return MetadataKeyMultiError(errors)
+	}
+	return nil
+}
+
+// MetadataKeyMultiError is an error wrapping multiple validation errors
+// returned by MetadataKey.ValidateAll() if the designated constraints aren't met.
+type MetadataKeyMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m MetadataKeyMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m MetadataKeyMultiError) AllErrors() []error { return m }
+
+// MetadataKeyValidationError is the validation error returned by
+// MetadataKey.Validate if the designated constraints aren't met.
+type MetadataKeyValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e MetadataKeyValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e MetadataKeyValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e MetadataKeyValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e MetadataKeyValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e MetadataKeyValidationError) ErrorName() string { return "MetadataKeyValidationError" }
+
+// Error satisfies the builtin error interface
+func (e MetadataKeyValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sMetadataKey.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = MetadataKeyValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = MetadataKeyValidationError{}
+
+// Validate checks the field values on MetadataKind with the rules defined in
+// the proto definition for this message. If any rules are violated, the first
+// error encountered is returned, or nil if there are no violations.
+func (m *MetadataKind) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on MetadataKind with the rules defined
+// in the proto definition for this message. If any rules are violated, the
+// result is a list of violation errors wrapped in MetadataKindMultiError, or
+// nil if none found.
+func (m *MetadataKind) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *MetadataKind) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	switch m.Kind.(type) {
+
+	case *MetadataKind_Request_:
+
+		if all {
+			switch v := interface{}(m.GetRequest()).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, MetadataKindValidationError{
+						field:  "Request",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, MetadataKindValidationError{
+						field:  "Request",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(m.GetRequest()).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return MetadataKindValidationError{
+					field:  "Request",
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	case *MetadataKind_Route_:
+
+		if all {
+			switch v := interface{}(m.GetRoute()).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, MetadataKindValidationError{
+						field:  "Route",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, MetadataKindValidationError{
+						field:  "Route",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(m.GetRoute()).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return MetadataKindValidationError{
+					field:  "Route",
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	case *MetadataKind_Cluster_:
+
+		if all {
+			switch v := interface{}(m.GetCluster()).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, MetadataKindValidationError{
+						field:  "Cluster",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, MetadataKindValidationError{
+						field:  "Cluster",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(m.GetCluster()).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return MetadataKindValidationError{
+					field:  "Cluster",
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	case *MetadataKind_Host_:
+
+		if all {
+			switch v := interface{}(m.GetHost()).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, MetadataKindValidationError{
+						field:  "Host",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, MetadataKindValidationError{
+						field:  "Host",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(m.GetHost()).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return MetadataKindValidationError{
+					field:  "Host",
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	default:
+		err := MetadataKindValidationError{
+			field:  "Kind",
+			reason: "value is required",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+
+	}
+
+	if len(errors) > 0 {
+		return MetadataKindMultiError(errors)
+	}
+	return nil
+}
+
+// MetadataKindMultiError is an error wrapping multiple validation errors
+// returned by MetadataKind.ValidateAll() if the designated constraints aren't met.
+type MetadataKindMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m MetadataKindMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m MetadataKindMultiError) AllErrors() []error { return m }
+
+// MetadataKindValidationError is the validation error returned by
+// MetadataKind.Validate if the designated constraints aren't met.
+type MetadataKindValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e MetadataKindValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e MetadataKindValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e MetadataKindValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e MetadataKindValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e MetadataKindValidationError) ErrorName() string { return "MetadataKindValidationError" }
+
+// Error satisfies the builtin error interface
+func (e MetadataKindValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sMetadataKind.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = MetadataKindValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = MetadataKindValidationError{}
+
+// Validate checks the field values on MetadataKey_PathSegment with the rules
+// defined in the proto definition for this message. If any rules are
+// violated, the first error encountered is returned, or nil if there are no violations.
+func (m *MetadataKey_PathSegment) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on MetadataKey_PathSegment with the
+// rules defined in the proto definition for this message. If any rules are
+// violated, the result is a list of violation errors wrapped in
+// MetadataKey_PathSegmentMultiError, or nil if none found.
+func (m *MetadataKey_PathSegment) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *MetadataKey_PathSegment) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	switch m.Segment.(type) {
+
+	case *MetadataKey_PathSegment_Key:
+
+		if utf8.RuneCountInString(m.GetKey()) < 1 {
+			err := MetadataKey_PathSegmentValidationError{
+				field:  "Key",
+				reason: "value length must be at least 1 runes",
+			}
+			if !all {
+				return err
+			}
+			errors = append(errors, err)
+		}
+
+	default:
+		err := MetadataKey_PathSegmentValidationError{
+			field:  "Segment",
+			reason: "value is required",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+
+	}
+
+	if len(errors) > 0 {
+		return MetadataKey_PathSegmentMultiError(errors)
+	}
+	return nil
+}
+
+// MetadataKey_PathSegmentMultiError is an error wrapping multiple validation
+// errors returned by MetadataKey_PathSegment.ValidateAll() if the designated
+// constraints aren't met.
+type MetadataKey_PathSegmentMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m MetadataKey_PathSegmentMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m MetadataKey_PathSegmentMultiError) AllErrors() []error { return m }
+
+// MetadataKey_PathSegmentValidationError is the validation error returned by
+// MetadataKey_PathSegment.Validate if the designated constraints aren't met.
+type MetadataKey_PathSegmentValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e MetadataKey_PathSegmentValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e MetadataKey_PathSegmentValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e MetadataKey_PathSegmentValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e MetadataKey_PathSegmentValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e MetadataKey_PathSegmentValidationError) ErrorName() string {
+	return "MetadataKey_PathSegmentValidationError"
+}
+
+// Error satisfies the builtin error interface
+func (e MetadataKey_PathSegmentValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sMetadataKey_PathSegment.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = MetadataKey_PathSegmentValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = MetadataKey_PathSegmentValidationError{}
+
+// Validate checks the field values on MetadataKind_Request with the rules
+// defined in the proto definition for this message. If any rules are
+// violated, the first error encountered is returned, or nil if there are no violations.
+func (m *MetadataKind_Request) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on MetadataKind_Request with the rules
+// defined in the proto definition for this message. If any rules are
+// violated, the result is a list of violation errors wrapped in
+// MetadataKind_RequestMultiError, or nil if none found.
+func (m *MetadataKind_Request) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *MetadataKind_Request) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	if len(errors) > 0 {
+		return MetadataKind_RequestMultiError(errors)
+	}
+	return nil
+}
+
+// MetadataKind_RequestMultiError is an error wrapping multiple validation
+// errors returned by MetadataKind_Request.ValidateAll() if the designated
+// constraints aren't met.
+type MetadataKind_RequestMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m MetadataKind_RequestMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m MetadataKind_RequestMultiError) AllErrors() []error { return m }
+
+// MetadataKind_RequestValidationError is the validation error returned by
+// MetadataKind_Request.Validate if the designated constraints aren't met.
+type MetadataKind_RequestValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e MetadataKind_RequestValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e MetadataKind_RequestValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e MetadataKind_RequestValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e MetadataKind_RequestValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e MetadataKind_RequestValidationError) ErrorName() string {
+	return "MetadataKind_RequestValidationError"
+}
+
+// Error satisfies the builtin error interface
+func (e MetadataKind_RequestValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sMetadataKind_Request.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = MetadataKind_RequestValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = MetadataKind_RequestValidationError{}
+
+// Validate checks the field values on MetadataKind_Route with the rules
+// defined in the proto definition for this message. If any rules are
+// violated, the first error encountered is returned, or nil if there are no violations.
+func (m *MetadataKind_Route) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on MetadataKind_Route with the rules
+// defined in the proto definition for this message. If any rules are
+// violated, the result is a list of violation errors wrapped in
+// MetadataKind_RouteMultiError, or nil if none found.
+func (m *MetadataKind_Route) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *MetadataKind_Route) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	if len(errors) > 0 {
+		return MetadataKind_RouteMultiError(errors)
+	}
+	return nil
+}
+
+// MetadataKind_RouteMultiError is an error wrapping multiple validation errors
+// returned by MetadataKind_Route.ValidateAll() if the designated constraints
+// aren't met.
+type MetadataKind_RouteMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m MetadataKind_RouteMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m MetadataKind_RouteMultiError) AllErrors() []error { return m }
+
+// MetadataKind_RouteValidationError is the validation error returned by
+// MetadataKind_Route.Validate if the designated constraints aren't met.
+type MetadataKind_RouteValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e MetadataKind_RouteValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e MetadataKind_RouteValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e MetadataKind_RouteValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e MetadataKind_RouteValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e MetadataKind_RouteValidationError) ErrorName() string {
+	return "MetadataKind_RouteValidationError"
+}
+
+// Error satisfies the builtin error interface
+func (e MetadataKind_RouteValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sMetadataKind_Route.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = MetadataKind_RouteValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = MetadataKind_RouteValidationError{}
+
+// Validate checks the field values on MetadataKind_Cluster with the rules
+// defined in the proto definition for this message. If any rules are
+// violated, the first error encountered is returned, or nil if there are no violations.
+func (m *MetadataKind_Cluster) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on MetadataKind_Cluster with the rules
+// defined in the proto definition for this message. If any rules are
+// violated, the result is a list of violation errors wrapped in
+// MetadataKind_ClusterMultiError, or nil if none found.
+func (m *MetadataKind_Cluster) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *MetadataKind_Cluster) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	if len(errors) > 0 {
+		return MetadataKind_ClusterMultiError(errors)
+	}
+	return nil
+}
+
+// MetadataKind_ClusterMultiError is an error wrapping multiple validation
+// errors returned by MetadataKind_Cluster.ValidateAll() if the designated
+// constraints aren't met.
+type MetadataKind_ClusterMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m MetadataKind_ClusterMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m MetadataKind_ClusterMultiError) AllErrors() []error { return m }
+
+// MetadataKind_ClusterValidationError is the validation error returned by
+// MetadataKind_Cluster.Validate if the designated constraints aren't met.
+type MetadataKind_ClusterValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e MetadataKind_ClusterValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e MetadataKind_ClusterValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e MetadataKind_ClusterValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e MetadataKind_ClusterValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e MetadataKind_ClusterValidationError) ErrorName() string {
+	return "MetadataKind_ClusterValidationError"
+}
+
+// Error satisfies the builtin error interface
+func (e MetadataKind_ClusterValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sMetadataKind_Cluster.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = MetadataKind_ClusterValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = MetadataKind_ClusterValidationError{}
+
+// Validate checks the field values on MetadataKind_Host with the rules defined
+// in the proto definition for this message. If any rules are violated, the
+// first error encountered is returned, or nil if there are no violations.
+func (m *MetadataKind_Host) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on MetadataKind_Host with the rules
+// defined in the proto definition for this message. If any rules are
+// violated, the result is a list of violation errors wrapped in
+// MetadataKind_HostMultiError, or nil if none found.
+func (m *MetadataKind_Host) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *MetadataKind_Host) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	if len(errors) > 0 {
+		return MetadataKind_HostMultiError(errors)
+	}
+	return nil
+}
+
+// MetadataKind_HostMultiError is an error wrapping multiple validation errors
+// returned by MetadataKind_Host.ValidateAll() if the designated constraints
+// aren't met.
+type MetadataKind_HostMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m MetadataKind_HostMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m MetadataKind_HostMultiError) AllErrors() []error { return m }
+
+// MetadataKind_HostValidationError is the validation error returned by
+// MetadataKind_Host.Validate if the designated constraints aren't met.
+type MetadataKind_HostValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e MetadataKind_HostValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e MetadataKind_HostValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e MetadataKind_HostValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e MetadataKind_HostValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e MetadataKind_HostValidationError) ErrorName() string {
+	return "MetadataKind_HostValidationError"
+}
+
+// Error satisfies the builtin error interface
+func (e MetadataKind_HostValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sMetadataKind_Host.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = MetadataKind_HostValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = MetadataKind_HostValidationError{}
diff --git a/vendor/github.com/envoyproxy/go-control-plane/envoy/type/percent.pb.go b/vendor/github.com/envoyproxy/go-control-plane/envoy/type/percent.pb.go
new file mode 100644
index 00000000000..c50dcbdd4ec
--- /dev/null
+++ b/vendor/github.com/envoyproxy/go-control-plane/envoy/type/percent.pb.go
@@ -0,0 +1,311 @@
+// Code generated by protoc-gen-go. DO NOT EDIT.
+// versions:
+// 	protoc-gen-go v1.25.0
+// 	protoc        v3.19.1
+// source: envoy/type/percent.proto
+
+package envoy_type
+
+import (
+	_ "github.com/cncf/xds/go/udpa/annotations"
+	_ "github.com/envoyproxy/protoc-gen-validate/validate"
+	proto "github.com/golang/protobuf/proto"
+	protoreflect "google.golang.org/protobuf/reflect/protoreflect"
+	protoimpl "google.golang.org/protobuf/runtime/protoimpl"
+	reflect "reflect"
+	sync "sync"
+)
+
+const (
+	// Verify that this generated code is sufficiently up-to-date.
+	_ = protoimpl.EnforceVersion(20 - protoimpl.MinVersion)
+	// Verify that runtime/protoimpl is sufficiently up-to-date.
+	_ = protoimpl.EnforceVersion(protoimpl.MaxVersion - 20)
+)
+
+// This is a compile-time assertion that a sufficiently up-to-date version
+// of the legacy proto package is being used.
+const _ = proto.ProtoPackageIsVersion4
+
+// Fraction percentages support several fixed denominator values.
+type FractionalPercent_DenominatorType int32
+
+const (
+	// 100.
+	//
+	// **Example**: 1/100 = 1%.
+	FractionalPercent_HUNDRED FractionalPercent_DenominatorType = 0
+	// 10,000.
+	//
+	// **Example**: 1/10000 = 0.01%.
+	FractionalPercent_TEN_THOUSAND FractionalPercent_DenominatorType = 1
+	// 1,000,000.
+	//
+	// **Example**: 1/1000000 = 0.0001%.
+	FractionalPercent_MILLION FractionalPercent_DenominatorType = 2
+)
+
+// Enum value maps for FractionalPercent_DenominatorType.
+var (
+	FractionalPercent_DenominatorType_name = map[int32]string{
+		0: "HUNDRED",
+		1: "TEN_THOUSAND",
+		2: "MILLION",
+	}
+	FractionalPercent_DenominatorType_value = map[string]int32{
+		"HUNDRED":      0,
+		"TEN_THOUSAND": 1,
+		"MILLION":      2,
+	}
+)
+
+func (x FractionalPercent_DenominatorType) Enum() *FractionalPercent_DenominatorType {
+	p := new(FractionalPercent_DenominatorType)
+	*p = x
+	return p
+}
+
+func (x FractionalPercent_DenominatorType) String() string {
+	return protoimpl.X.EnumStringOf(x.Descriptor(), protoreflect.EnumNumber(x))
+}
+
+func (FractionalPercent_DenominatorType) Descriptor() protoreflect.EnumDescriptor {
+	return file_envoy_type_percent_proto_enumTypes[0].Descriptor()
+}
+
+func (FractionalPercent_DenominatorType) Type() protoreflect.EnumType {
+	return &file_envoy_type_percent_proto_enumTypes[0]
+}
+
+func (x FractionalPercent_DenominatorType) Number() protoreflect.EnumNumber {
+	return protoreflect.EnumNumber(x)
+}
+
+// Deprecated: Use FractionalPercent_DenominatorType.Descriptor instead.
+func (FractionalPercent_DenominatorType) EnumDescriptor() ([]byte, []int) {
+	return file_envoy_type_percent_proto_rawDescGZIP(), []int{1, 0}
+}
+
+// Identifies a percentage, in the range [0.0, 100.0].
+type Percent struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	Value float64 `protobuf:"fixed64,1,opt,name=value,proto3" json:"value,omitempty"`
+}
+
+func (x *Percent) Reset() {
+	*x = Percent{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_type_percent_proto_msgTypes[0]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *Percent) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*Percent) ProtoMessage() {}
+
+func (x *Percent) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_type_percent_proto_msgTypes[0]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use Percent.ProtoReflect.Descriptor instead.
+func (*Percent) Descriptor() ([]byte, []int) {
+	return file_envoy_type_percent_proto_rawDescGZIP(), []int{0}
+}
+
+func (x *Percent) GetValue() float64 {
+	if x != nil {
+		return x.Value
+	}
+	return 0
+}
+
+// A fractional percentage is used in cases in which for performance reasons performing floating
+// point to integer conversions during randomness calculations is undesirable. The message includes
+// both a numerator and denominator that together determine the final fractional value.
+//
+// * **Example**: 1/100 = 1%.
+// * **Example**: 3/10000 = 0.03%.
+type FractionalPercent struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// Specifies the numerator. Defaults to 0.
+	Numerator uint32 `protobuf:"varint,1,opt,name=numerator,proto3" json:"numerator,omitempty"`
+	// Specifies the denominator. If the denominator specified is less than the numerator, the final
+	// fractional percentage is capped at 1 (100%).
+	Denominator FractionalPercent_DenominatorType `protobuf:"varint,2,opt,name=denominator,proto3,enum=envoy.type.FractionalPercent_DenominatorType" json:"denominator,omitempty"`
+}
+
+func (x *FractionalPercent) Reset() {
+	*x = FractionalPercent{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_type_percent_proto_msgTypes[1]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *FractionalPercent) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*FractionalPercent) ProtoMessage() {}
+
+func (x *FractionalPercent) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_type_percent_proto_msgTypes[1]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use FractionalPercent.ProtoReflect.Descriptor instead.
+func (*FractionalPercent) Descriptor() ([]byte, []int) {
+	return file_envoy_type_percent_proto_rawDescGZIP(), []int{1}
+}
+
+func (x *FractionalPercent) GetNumerator() uint32 {
+	if x != nil {
+		return x.Numerator
+	}
+	return 0
+}
+
+func (x *FractionalPercent) GetDenominator() FractionalPercent_DenominatorType {
+	if x != nil {
+		return x.Denominator
+	}
+	return FractionalPercent_HUNDRED
+}
+
+var File_envoy_type_percent_proto protoreflect.FileDescriptor
+
+var file_envoy_type_percent_proto_rawDesc = []byte{
+	0x0a, 0x18, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2f, 0x74, 0x79, 0x70, 0x65, 0x2f, 0x70, 0x65, 0x72,
+	0x63, 0x65, 0x6e, 0x74, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x12, 0x0a, 0x65, 0x6e, 0x76, 0x6f,
+	0x79, 0x2e, 0x74, 0x79, 0x70, 0x65, 0x1a, 0x1d, 0x75, 0x64, 0x70, 0x61, 0x2f, 0x61, 0x6e, 0x6e,
+	0x6f, 0x74, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x2f, 0x73, 0x74, 0x61, 0x74, 0x75, 0x73, 0x2e,
+	0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x17, 0x76, 0x61, 0x6c, 0x69, 0x64, 0x61, 0x74, 0x65, 0x2f,
+	0x76, 0x61, 0x6c, 0x69, 0x64, 0x61, 0x74, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x22, 0x38,
+	0x0a, 0x07, 0x50, 0x65, 0x72, 0x63, 0x65, 0x6e, 0x74, 0x12, 0x2d, 0x0a, 0x05, 0x76, 0x61, 0x6c,
+	0x75, 0x65, 0x18, 0x01, 0x20, 0x01, 0x28, 0x01, 0x42, 0x17, 0xfa, 0x42, 0x14, 0x12, 0x12, 0x19,
+	0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x59, 0x40, 0x29, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+	0x00, 0x52, 0x05, 0x76, 0x61, 0x6c, 0x75, 0x65, 0x22, 0xcb, 0x01, 0x0a, 0x11, 0x46, 0x72, 0x61,
+	0x63, 0x74, 0x69, 0x6f, 0x6e, 0x61, 0x6c, 0x50, 0x65, 0x72, 0x63, 0x65, 0x6e, 0x74, 0x12, 0x1c,
+	0x0a, 0x09, 0x6e, 0x75, 0x6d, 0x65, 0x72, 0x61, 0x74, 0x6f, 0x72, 0x18, 0x01, 0x20, 0x01, 0x28,
+	0x0d, 0x52, 0x09, 0x6e, 0x75, 0x6d, 0x65, 0x72, 0x61, 0x74, 0x6f, 0x72, 0x12, 0x59, 0x0a, 0x0b,
+	0x64, 0x65, 0x6e, 0x6f, 0x6d, 0x69, 0x6e, 0x61, 0x74, 0x6f, 0x72, 0x18, 0x02, 0x20, 0x01, 0x28,
+	0x0e, 0x32, 0x2d, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x74, 0x79, 0x70, 0x65, 0x2e, 0x46,
+	0x72, 0x61, 0x63, 0x74, 0x69, 0x6f, 0x6e, 0x61, 0x6c, 0x50, 0x65, 0x72, 0x63, 0x65, 0x6e, 0x74,
+	0x2e, 0x44, 0x65, 0x6e, 0x6f, 0x6d, 0x69, 0x6e, 0x61, 0x74, 0x6f, 0x72, 0x54, 0x79, 0x70, 0x65,
+	0x42, 0x08, 0xfa, 0x42, 0x05, 0x82, 0x01, 0x02, 0x10, 0x01, 0x52, 0x0b, 0x64, 0x65, 0x6e, 0x6f,
+	0x6d, 0x69, 0x6e, 0x61, 0x74, 0x6f, 0x72, 0x22, 0x3d, 0x0a, 0x0f, 0x44, 0x65, 0x6e, 0x6f, 0x6d,
+	0x69, 0x6e, 0x61, 0x74, 0x6f, 0x72, 0x54, 0x79, 0x70, 0x65, 0x12, 0x0b, 0x0a, 0x07, 0x48, 0x55,
+	0x4e, 0x44, 0x52, 0x45, 0x44, 0x10, 0x00, 0x12, 0x10, 0x0a, 0x0c, 0x54, 0x45, 0x4e, 0x5f, 0x54,
+	0x48, 0x4f, 0x55, 0x53, 0x41, 0x4e, 0x44, 0x10, 0x01, 0x12, 0x0b, 0x0a, 0x07, 0x4d, 0x49, 0x4c,
+	0x4c, 0x49, 0x4f, 0x4e, 0x10, 0x02, 0x42, 0x32, 0x0a, 0x18, 0x69, 0x6f, 0x2e, 0x65, 0x6e, 0x76,
+	0x6f, 0x79, 0x70, 0x72, 0x6f, 0x78, 0x79, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x74, 0x79,
+	0x70, 0x65, 0x42, 0x0c, 0x50, 0x65, 0x72, 0x63, 0x65, 0x6e, 0x74, 0x50, 0x72, 0x6f, 0x74, 0x6f,
+	0x50, 0x01, 0xba, 0x80, 0xc8, 0xd1, 0x06, 0x02, 0x10, 0x01, 0x62, 0x06, 0x70, 0x72, 0x6f, 0x74,
+	0x6f, 0x33,
+}
+
+var (
+	file_envoy_type_percent_proto_rawDescOnce sync.Once
+	file_envoy_type_percent_proto_rawDescData = file_envoy_type_percent_proto_rawDesc
+)
+
+func file_envoy_type_percent_proto_rawDescGZIP() []byte {
+	file_envoy_type_percent_proto_rawDescOnce.Do(func() {
+		file_envoy_type_percent_proto_rawDescData = protoimpl.X.CompressGZIP(file_envoy_type_percent_proto_rawDescData)
+	})
+	return file_envoy_type_percent_proto_rawDescData
+}
+
+var file_envoy_type_percent_proto_enumTypes = make([]protoimpl.EnumInfo, 1)
+var file_envoy_type_percent_proto_msgTypes = make([]protoimpl.MessageInfo, 2)
+var file_envoy_type_percent_proto_goTypes = []interface{}{
+	(FractionalPercent_DenominatorType)(0), // 0: envoy.type.FractionalPercent.DenominatorType
+	(*Percent)(nil),                        // 1: envoy.type.Percent
+	(*FractionalPercent)(nil),              // 2: envoy.type.FractionalPercent
+}
+var file_envoy_type_percent_proto_depIdxs = []int32{
+	0, // 0: envoy.type.FractionalPercent.denominator:type_name -> envoy.type.FractionalPercent.DenominatorType
+	1, // [1:1] is the sub-list for method output_type
+	1, // [1:1] is the sub-list for method input_type
+	1, // [1:1] is the sub-list for extension type_name
+	1, // [1:1] is the sub-list for extension extendee
+	0, // [0:1] is the sub-list for field type_name
+}
+
+func init() { file_envoy_type_percent_proto_init() }
+func file_envoy_type_percent_proto_init() {
+	if File_envoy_type_percent_proto != nil {
+		return
+	}
+	if !protoimpl.UnsafeEnabled {
+		file_envoy_type_percent_proto_msgTypes[0].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*Percent); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_type_percent_proto_msgTypes[1].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*FractionalPercent); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+	}
+	type x struct{}
+	out := protoimpl.TypeBuilder{
+		File: protoimpl.DescBuilder{
+			GoPackagePath: reflect.TypeOf(x{}).PkgPath(),
+			RawDescriptor: file_envoy_type_percent_proto_rawDesc,
+			NumEnums:      1,
+			NumMessages:   2,
+			NumExtensions: 0,
+			NumServices:   0,
+		},
+		GoTypes:           file_envoy_type_percent_proto_goTypes,
+		DependencyIndexes: file_envoy_type_percent_proto_depIdxs,
+		EnumInfos:         file_envoy_type_percent_proto_enumTypes,
+		MessageInfos:      file_envoy_type_percent_proto_msgTypes,
+	}.Build()
+	File_envoy_type_percent_proto = out.File
+	file_envoy_type_percent_proto_rawDesc = nil
+	file_envoy_type_percent_proto_goTypes = nil
+	file_envoy_type_percent_proto_depIdxs = nil
+}
diff --git a/vendor/github.com/envoyproxy/go-control-plane/envoy/type/percent.pb.validate.go b/vendor/github.com/envoyproxy/go-control-plane/envoy/type/percent.pb.validate.go
new file mode 100644
index 00000000000..ea4a5dc2f5e
--- /dev/null
+++ b/vendor/github.com/envoyproxy/go-control-plane/envoy/type/percent.pb.validate.go
@@ -0,0 +1,258 @@
+// Code generated by protoc-gen-validate. DO NOT EDIT.
+// source: envoy/type/percent.proto
+
+package envoy_type
+
+import (
+	"bytes"
+	"errors"
+	"fmt"
+	"net"
+	"net/mail"
+	"net/url"
+	"regexp"
+	"sort"
+	"strings"
+	"time"
+	"unicode/utf8"
+
+	"google.golang.org/protobuf/types/known/anypb"
+)
+
+// ensure the imports are used
+var (
+	_ = bytes.MinRead
+	_ = errors.New("")
+	_ = fmt.Print
+	_ = utf8.UTFMax
+	_ = (*regexp.Regexp)(nil)
+	_ = (*strings.Reader)(nil)
+	_ = net.IPv4len
+	_ = time.Duration(0)
+	_ = (*url.URL)(nil)
+	_ = (*mail.Address)(nil)
+	_ = anypb.Any{}
+	_ = sort.Sort
+)
+
+// Validate checks the field values on Percent with the rules defined in the
+// proto definition for this message. If any rules are violated, the first
+// error encountered is returned, or nil if there are no violations.
+func (m *Percent) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on Percent with the rules defined in the
+// proto definition for this message. If any rules are violated, the result is
+// a list of violation errors wrapped in PercentMultiError, or nil if none found.
+func (m *Percent) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *Percent) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	if val := m.GetValue(); val < 0 || val > 100 {
+		err := PercentValidationError{
+			field:  "Value",
+			reason: "value must be inside range [0, 100]",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+	}
+
+	if len(errors) > 0 {
+		return PercentMultiError(errors)
+	}
+	return nil
+}
+
+// PercentMultiError is an error wrapping multiple validation errors returned
+// by Percent.ValidateAll() if the designated constraints aren't met.
+type PercentMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m PercentMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m PercentMultiError) AllErrors() []error { return m }
+
+// PercentValidationError is the validation error returned by Percent.Validate
+// if the designated constraints aren't met.
+type PercentValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e PercentValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e PercentValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e PercentValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e PercentValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e PercentValidationError) ErrorName() string { return "PercentValidationError" }
+
+// Error satisfies the builtin error interface
+func (e PercentValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sPercent.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = PercentValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = PercentValidationError{}
+
+// Validate checks the field values on FractionalPercent with the rules defined
+// in the proto definition for this message. If any rules are violated, the
+// first error encountered is returned, or nil if there are no violations.
+func (m *FractionalPercent) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on FractionalPercent with the rules
+// defined in the proto definition for this message. If any rules are
+// violated, the result is a list of violation errors wrapped in
+// FractionalPercentMultiError, or nil if none found.
+func (m *FractionalPercent) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *FractionalPercent) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	// no validation rules for Numerator
+
+	if _, ok := FractionalPercent_DenominatorType_name[int32(m.GetDenominator())]; !ok {
+		err := FractionalPercentValidationError{
+			field:  "Denominator",
+			reason: "value must be one of the defined enum values",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+	}
+
+	if len(errors) > 0 {
+		return FractionalPercentMultiError(errors)
+	}
+	return nil
+}
+
+// FractionalPercentMultiError is an error wrapping multiple validation errors
+// returned by FractionalPercent.ValidateAll() if the designated constraints
+// aren't met.
+type FractionalPercentMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m FractionalPercentMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m FractionalPercentMultiError) AllErrors() []error { return m }
+
+// FractionalPercentValidationError is the validation error returned by
+// FractionalPercent.Validate if the designated constraints aren't met.
+type FractionalPercentValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e FractionalPercentValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e FractionalPercentValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e FractionalPercentValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e FractionalPercentValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e FractionalPercentValidationError) ErrorName() string {
+	return "FractionalPercentValidationError"
+}
+
+// Error satisfies the builtin error interface
+func (e FractionalPercentValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sFractionalPercent.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = FractionalPercentValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = FractionalPercentValidationError{}
diff --git a/vendor/github.com/envoyproxy/go-control-plane/envoy/type/range.pb.go b/vendor/github.com/envoyproxy/go-control-plane/envoy/type/range.pb.go
new file mode 100644
index 00000000000..45aeaccc348
--- /dev/null
+++ b/vendor/github.com/envoyproxy/go-control-plane/envoy/type/range.pb.go
@@ -0,0 +1,316 @@
+// Code generated by protoc-gen-go. DO NOT EDIT.
+// versions:
+// 	protoc-gen-go v1.25.0
+// 	protoc        v3.19.1
+// source: envoy/type/range.proto
+
+package envoy_type
+
+import (
+	_ "github.com/cncf/xds/go/udpa/annotations"
+	proto "github.com/golang/protobuf/proto"
+	protoreflect "google.golang.org/protobuf/reflect/protoreflect"
+	protoimpl "google.golang.org/protobuf/runtime/protoimpl"
+	reflect "reflect"
+	sync "sync"
+)
+
+const (
+	// Verify that this generated code is sufficiently up-to-date.
+	_ = protoimpl.EnforceVersion(20 - protoimpl.MinVersion)
+	// Verify that runtime/protoimpl is sufficiently up-to-date.
+	_ = protoimpl.EnforceVersion(protoimpl.MaxVersion - 20)
+)
+
+// This is a compile-time assertion that a sufficiently up-to-date version
+// of the legacy proto package is being used.
+const _ = proto.ProtoPackageIsVersion4
+
+// Specifies the int64 start and end of the range using half-open interval semantics [start,
+// end).
+type Int64Range struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// start of the range (inclusive)
+	Start int64 `protobuf:"varint,1,opt,name=start,proto3" json:"start,omitempty"`
+	// end of the range (exclusive)
+	End int64 `protobuf:"varint,2,opt,name=end,proto3" json:"end,omitempty"`
+}
+
+func (x *Int64Range) Reset() {
+	*x = Int64Range{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_type_range_proto_msgTypes[0]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *Int64Range) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*Int64Range) ProtoMessage() {}
+
+func (x *Int64Range) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_type_range_proto_msgTypes[0]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use Int64Range.ProtoReflect.Descriptor instead.
+func (*Int64Range) Descriptor() ([]byte, []int) {
+	return file_envoy_type_range_proto_rawDescGZIP(), []int{0}
+}
+
+func (x *Int64Range) GetStart() int64 {
+	if x != nil {
+		return x.Start
+	}
+	return 0
+}
+
+func (x *Int64Range) GetEnd() int64 {
+	if x != nil {
+		return x.End
+	}
+	return 0
+}
+
+// Specifies the int32 start and end of the range using half-open interval semantics [start,
+// end).
+type Int32Range struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// start of the range (inclusive)
+	Start int32 `protobuf:"varint,1,opt,name=start,proto3" json:"start,omitempty"`
+	// end of the range (exclusive)
+	End int32 `protobuf:"varint,2,opt,name=end,proto3" json:"end,omitempty"`
+}
+
+func (x *Int32Range) Reset() {
+	*x = Int32Range{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_type_range_proto_msgTypes[1]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *Int32Range) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*Int32Range) ProtoMessage() {}
+
+func (x *Int32Range) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_type_range_proto_msgTypes[1]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use Int32Range.ProtoReflect.Descriptor instead.
+func (*Int32Range) Descriptor() ([]byte, []int) {
+	return file_envoy_type_range_proto_rawDescGZIP(), []int{1}
+}
+
+func (x *Int32Range) GetStart() int32 {
+	if x != nil {
+		return x.Start
+	}
+	return 0
+}
+
+func (x *Int32Range) GetEnd() int32 {
+	if x != nil {
+		return x.End
+	}
+	return 0
+}
+
+// Specifies the double start and end of the range using half-open interval semantics [start,
+// end).
+type DoubleRange struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// start of the range (inclusive)
+	Start float64 `protobuf:"fixed64,1,opt,name=start,proto3" json:"start,omitempty"`
+	// end of the range (exclusive)
+	End float64 `protobuf:"fixed64,2,opt,name=end,proto3" json:"end,omitempty"`
+}
+
+func (x *DoubleRange) Reset() {
+	*x = DoubleRange{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_type_range_proto_msgTypes[2]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *DoubleRange) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*DoubleRange) ProtoMessage() {}
+
+func (x *DoubleRange) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_type_range_proto_msgTypes[2]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use DoubleRange.ProtoReflect.Descriptor instead.
+func (*DoubleRange) Descriptor() ([]byte, []int) {
+	return file_envoy_type_range_proto_rawDescGZIP(), []int{2}
+}
+
+func (x *DoubleRange) GetStart() float64 {
+	if x != nil {
+		return x.Start
+	}
+	return 0
+}
+
+func (x *DoubleRange) GetEnd() float64 {
+	if x != nil {
+		return x.End
+	}
+	return 0
+}
+
+var File_envoy_type_range_proto protoreflect.FileDescriptor
+
+var file_envoy_type_range_proto_rawDesc = []byte{
+	0x0a, 0x16, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2f, 0x74, 0x79, 0x70, 0x65, 0x2f, 0x72, 0x61, 0x6e,
+	0x67, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x12, 0x0a, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e,
+	0x74, 0x79, 0x70, 0x65, 0x1a, 0x1d, 0x75, 0x64, 0x70, 0x61, 0x2f, 0x61, 0x6e, 0x6e, 0x6f, 0x74,
+	0x61, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x2f, 0x73, 0x74, 0x61, 0x74, 0x75, 0x73, 0x2e, 0x70, 0x72,
+	0x6f, 0x74, 0x6f, 0x22, 0x34, 0x0a, 0x0a, 0x49, 0x6e, 0x74, 0x36, 0x34, 0x52, 0x61, 0x6e, 0x67,
+	0x65, 0x12, 0x14, 0x0a, 0x05, 0x73, 0x74, 0x61, 0x72, 0x74, 0x18, 0x01, 0x20, 0x01, 0x28, 0x03,
+	0x52, 0x05, 0x73, 0x74, 0x61, 0x72, 0x74, 0x12, 0x10, 0x0a, 0x03, 0x65, 0x6e, 0x64, 0x18, 0x02,
+	0x20, 0x01, 0x28, 0x03, 0x52, 0x03, 0x65, 0x6e, 0x64, 0x22, 0x34, 0x0a, 0x0a, 0x49, 0x6e, 0x74,
+	0x33, 0x32, 0x52, 0x61, 0x6e, 0x67, 0x65, 0x12, 0x14, 0x0a, 0x05, 0x73, 0x74, 0x61, 0x72, 0x74,
+	0x18, 0x01, 0x20, 0x01, 0x28, 0x05, 0x52, 0x05, 0x73, 0x74, 0x61, 0x72, 0x74, 0x12, 0x10, 0x0a,
+	0x03, 0x65, 0x6e, 0x64, 0x18, 0x02, 0x20, 0x01, 0x28, 0x05, 0x52, 0x03, 0x65, 0x6e, 0x64, 0x22,
+	0x35, 0x0a, 0x0b, 0x44, 0x6f, 0x75, 0x62, 0x6c, 0x65, 0x52, 0x61, 0x6e, 0x67, 0x65, 0x12, 0x14,
+	0x0a, 0x05, 0x73, 0x74, 0x61, 0x72, 0x74, 0x18, 0x01, 0x20, 0x01, 0x28, 0x01, 0x52, 0x05, 0x73,
+	0x74, 0x61, 0x72, 0x74, 0x12, 0x10, 0x0a, 0x03, 0x65, 0x6e, 0x64, 0x18, 0x02, 0x20, 0x01, 0x28,
+	0x01, 0x52, 0x03, 0x65, 0x6e, 0x64, 0x42, 0x30, 0x0a, 0x18, 0x69, 0x6f, 0x2e, 0x65, 0x6e, 0x76,
+	0x6f, 0x79, 0x70, 0x72, 0x6f, 0x78, 0x79, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x74, 0x79,
+	0x70, 0x65, 0x42, 0x0a, 0x52, 0x61, 0x6e, 0x67, 0x65, 0x50, 0x72, 0x6f, 0x74, 0x6f, 0x50, 0x01,
+	0xba, 0x80, 0xc8, 0xd1, 0x06, 0x02, 0x10, 0x01, 0x62, 0x06, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x33,
+}
+
+var (
+	file_envoy_type_range_proto_rawDescOnce sync.Once
+	file_envoy_type_range_proto_rawDescData = file_envoy_type_range_proto_rawDesc
+)
+
+func file_envoy_type_range_proto_rawDescGZIP() []byte {
+	file_envoy_type_range_proto_rawDescOnce.Do(func() {
+		file_envoy_type_range_proto_rawDescData = protoimpl.X.CompressGZIP(file_envoy_type_range_proto_rawDescData)
+	})
+	return file_envoy_type_range_proto_rawDescData
+}
+
+var file_envoy_type_range_proto_msgTypes = make([]protoimpl.MessageInfo, 3)
+var file_envoy_type_range_proto_goTypes = []interface{}{
+	(*Int64Range)(nil),  // 0: envoy.type.Int64Range
+	(*Int32Range)(nil),  // 1: envoy.type.Int32Range
+	(*DoubleRange)(nil), // 2: envoy.type.DoubleRange
+}
+var file_envoy_type_range_proto_depIdxs = []int32{
+	0, // [0:0] is the sub-list for method output_type
+	0, // [0:0] is the sub-list for method input_type
+	0, // [0:0] is the sub-list for extension type_name
+	0, // [0:0] is the sub-list for extension extendee
+	0, // [0:0] is the sub-list for field type_name
+}
+
+func init() { file_envoy_type_range_proto_init() }
+func file_envoy_type_range_proto_init() {
+	if File_envoy_type_range_proto != nil {
+		return
+	}
+	if !protoimpl.UnsafeEnabled {
+		file_envoy_type_range_proto_msgTypes[0].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*Int64Range); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_type_range_proto_msgTypes[1].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*Int32Range); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_type_range_proto_msgTypes[2].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*DoubleRange); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+	}
+	type x struct{}
+	out := protoimpl.TypeBuilder{
+		File: protoimpl.DescBuilder{
+			GoPackagePath: reflect.TypeOf(x{}).PkgPath(),
+			RawDescriptor: file_envoy_type_range_proto_rawDesc,
+			NumEnums:      0,
+			NumMessages:   3,
+			NumExtensions: 0,
+			NumServices:   0,
+		},
+		GoTypes:           file_envoy_type_range_proto_goTypes,
+		DependencyIndexes: file_envoy_type_range_proto_depIdxs,
+		MessageInfos:      file_envoy_type_range_proto_msgTypes,
+	}.Build()
+	File_envoy_type_range_proto = out.File
+	file_envoy_type_range_proto_rawDesc = nil
+	file_envoy_type_range_proto_goTypes = nil
+	file_envoy_type_range_proto_depIdxs = nil
+}
diff --git a/vendor/github.com/envoyproxy/go-control-plane/envoy/type/range.pb.validate.go b/vendor/github.com/envoyproxy/go-control-plane/envoy/type/range.pb.validate.go
new file mode 100644
index 00000000000..df4d67346c3
--- /dev/null
+++ b/vendor/github.com/envoyproxy/go-control-plane/envoy/type/range.pb.validate.go
@@ -0,0 +1,342 @@
+// Code generated by protoc-gen-validate. DO NOT EDIT.
+// source: envoy/type/range.proto
+
+package envoy_type
+
+import (
+	"bytes"
+	"errors"
+	"fmt"
+	"net"
+	"net/mail"
+	"net/url"
+	"regexp"
+	"sort"
+	"strings"
+	"time"
+	"unicode/utf8"
+
+	"google.golang.org/protobuf/types/known/anypb"
+)
+
+// ensure the imports are used
+var (
+	_ = bytes.MinRead
+	_ = errors.New("")
+	_ = fmt.Print
+	_ = utf8.UTFMax
+	_ = (*regexp.Regexp)(nil)
+	_ = (*strings.Reader)(nil)
+	_ = net.IPv4len
+	_ = time.Duration(0)
+	_ = (*url.URL)(nil)
+	_ = (*mail.Address)(nil)
+	_ = anypb.Any{}
+	_ = sort.Sort
+)
+
+// Validate checks the field values on Int64Range with the rules defined in the
+// proto definition for this message. If any rules are violated, the first
+// error encountered is returned, or nil if there are no violations.
+func (m *Int64Range) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on Int64Range with the rules defined in
+// the proto definition for this message. If any rules are violated, the
+// result is a list of violation errors wrapped in Int64RangeMultiError, or
+// nil if none found.
+func (m *Int64Range) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *Int64Range) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	// no validation rules for Start
+
+	// no validation rules for End
+
+	if len(errors) > 0 {
+		return Int64RangeMultiError(errors)
+	}
+	return nil
+}
+
+// Int64RangeMultiError is an error wrapping multiple validation errors
+// returned by Int64Range.ValidateAll() if the designated constraints aren't met.
+type Int64RangeMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m Int64RangeMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m Int64RangeMultiError) AllErrors() []error { return m }
+
+// Int64RangeValidationError is the validation error returned by
+// Int64Range.Validate if the designated constraints aren't met.
+type Int64RangeValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e Int64RangeValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e Int64RangeValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e Int64RangeValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e Int64RangeValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e Int64RangeValidationError) ErrorName() string { return "Int64RangeValidationError" }
+
+// Error satisfies the builtin error interface
+func (e Int64RangeValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sInt64Range.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = Int64RangeValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = Int64RangeValidationError{}
+
+// Validate checks the field values on Int32Range with the rules defined in the
+// proto definition for this message. If any rules are violated, the first
+// error encountered is returned, or nil if there are no violations.
+func (m *Int32Range) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on Int32Range with the rules defined in
+// the proto definition for this message. If any rules are violated, the
+// result is a list of violation errors wrapped in Int32RangeMultiError, or
+// nil if none found.
+func (m *Int32Range) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *Int32Range) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	// no validation rules for Start
+
+	// no validation rules for End
+
+	if len(errors) > 0 {
+		return Int32RangeMultiError(errors)
+	}
+	return nil
+}
+
+// Int32RangeMultiError is an error wrapping multiple validation errors
+// returned by Int32Range.ValidateAll() if the designated constraints aren't met.
+type Int32RangeMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m Int32RangeMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m Int32RangeMultiError) AllErrors() []error { return m }
+
+// Int32RangeValidationError is the validation error returned by
+// Int32Range.Validate if the designated constraints aren't met.
+type Int32RangeValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e Int32RangeValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e Int32RangeValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e Int32RangeValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e Int32RangeValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e Int32RangeValidationError) ErrorName() string { return "Int32RangeValidationError" }
+
+// Error satisfies the builtin error interface
+func (e Int32RangeValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sInt32Range.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = Int32RangeValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = Int32RangeValidationError{}
+
+// Validate checks the field values on DoubleRange with the rules defined in
+// the proto definition for this message. If any rules are violated, the first
+// error encountered is returned, or nil if there are no violations.
+func (m *DoubleRange) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on DoubleRange with the rules defined in
+// the proto definition for this message. If any rules are violated, the
+// result is a list of violation errors wrapped in DoubleRangeMultiError, or
+// nil if none found.
+func (m *DoubleRange) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *DoubleRange) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	// no validation rules for Start
+
+	// no validation rules for End
+
+	if len(errors) > 0 {
+		return DoubleRangeMultiError(errors)
+	}
+	return nil
+}
+
+// DoubleRangeMultiError is an error wrapping multiple validation errors
+// returned by DoubleRange.ValidateAll() if the designated constraints aren't met.
+type DoubleRangeMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m DoubleRangeMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m DoubleRangeMultiError) AllErrors() []error { return m }
+
+// DoubleRangeValidationError is the validation error returned by
+// DoubleRange.Validate if the designated constraints aren't met.
+type DoubleRangeValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e DoubleRangeValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e DoubleRangeValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e DoubleRangeValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e DoubleRangeValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e DoubleRangeValidationError) ErrorName() string { return "DoubleRangeValidationError" }
+
+// Error satisfies the builtin error interface
+func (e DoubleRangeValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sDoubleRange.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = DoubleRangeValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = DoubleRangeValidationError{}
diff --git a/vendor/github.com/envoyproxy/go-control-plane/envoy/type/semantic_version.pb.go b/vendor/github.com/envoyproxy/go-control-plane/envoy/type/semantic_version.pb.go
new file mode 100644
index 00000000000..04275a4f622
--- /dev/null
+++ b/vendor/github.com/envoyproxy/go-control-plane/envoy/type/semantic_version.pb.go
@@ -0,0 +1,178 @@
+// Code generated by protoc-gen-go. DO NOT EDIT.
+// versions:
+// 	protoc-gen-go v1.25.0
+// 	protoc        v3.19.1
+// source: envoy/type/semantic_version.proto
+
+package envoy_type
+
+import (
+	_ "github.com/cncf/xds/go/udpa/annotations"
+	proto "github.com/golang/protobuf/proto"
+	protoreflect "google.golang.org/protobuf/reflect/protoreflect"
+	protoimpl "google.golang.org/protobuf/runtime/protoimpl"
+	reflect "reflect"
+	sync "sync"
+)
+
+const (
+	// Verify that this generated code is sufficiently up-to-date.
+	_ = protoimpl.EnforceVersion(20 - protoimpl.MinVersion)
+	// Verify that runtime/protoimpl is sufficiently up-to-date.
+	_ = protoimpl.EnforceVersion(protoimpl.MaxVersion - 20)
+)
+
+// This is a compile-time assertion that a sufficiently up-to-date version
+// of the legacy proto package is being used.
+const _ = proto.ProtoPackageIsVersion4
+
+// Envoy uses SemVer (https://semver.org/). Major/minor versions indicate
+// expected behaviors and APIs, the patch version field is used only
+// for security fixes and can be generally ignored.
+type SemanticVersion struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	MajorNumber uint32 `protobuf:"varint,1,opt,name=major_number,json=majorNumber,proto3" json:"major_number,omitempty"`
+	MinorNumber uint32 `protobuf:"varint,2,opt,name=minor_number,json=minorNumber,proto3" json:"minor_number,omitempty"`
+	Patch       uint32 `protobuf:"varint,3,opt,name=patch,proto3" json:"patch,omitempty"`
+}
+
+func (x *SemanticVersion) Reset() {
+	*x = SemanticVersion{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_type_semantic_version_proto_msgTypes[0]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *SemanticVersion) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*SemanticVersion) ProtoMessage() {}
+
+func (x *SemanticVersion) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_type_semantic_version_proto_msgTypes[0]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use SemanticVersion.ProtoReflect.Descriptor instead.
+func (*SemanticVersion) Descriptor() ([]byte, []int) {
+	return file_envoy_type_semantic_version_proto_rawDescGZIP(), []int{0}
+}
+
+func (x *SemanticVersion) GetMajorNumber() uint32 {
+	if x != nil {
+		return x.MajorNumber
+	}
+	return 0
+}
+
+func (x *SemanticVersion) GetMinorNumber() uint32 {
+	if x != nil {
+		return x.MinorNumber
+	}
+	return 0
+}
+
+func (x *SemanticVersion) GetPatch() uint32 {
+	if x != nil {
+		return x.Patch
+	}
+	return 0
+}
+
+var File_envoy_type_semantic_version_proto protoreflect.FileDescriptor
+
+var file_envoy_type_semantic_version_proto_rawDesc = []byte{
+	0x0a, 0x21, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2f, 0x74, 0x79, 0x70, 0x65, 0x2f, 0x73, 0x65, 0x6d,
+	0x61, 0x6e, 0x74, 0x69, 0x63, 0x5f, 0x76, 0x65, 0x72, 0x73, 0x69, 0x6f, 0x6e, 0x2e, 0x70, 0x72,
+	0x6f, 0x74, 0x6f, 0x12, 0x0a, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x74, 0x79, 0x70, 0x65, 0x1a,
+	0x1d, 0x75, 0x64, 0x70, 0x61, 0x2f, 0x61, 0x6e, 0x6e, 0x6f, 0x74, 0x61, 0x74, 0x69, 0x6f, 0x6e,
+	0x73, 0x2f, 0x73, 0x74, 0x61, 0x74, 0x75, 0x73, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x22, 0x6d,
+	0x0a, 0x0f, 0x53, 0x65, 0x6d, 0x61, 0x6e, 0x74, 0x69, 0x63, 0x56, 0x65, 0x72, 0x73, 0x69, 0x6f,
+	0x6e, 0x12, 0x21, 0x0a, 0x0c, 0x6d, 0x61, 0x6a, 0x6f, 0x72, 0x5f, 0x6e, 0x75, 0x6d, 0x62, 0x65,
+	0x72, 0x18, 0x01, 0x20, 0x01, 0x28, 0x0d, 0x52, 0x0b, 0x6d, 0x61, 0x6a, 0x6f, 0x72, 0x4e, 0x75,
+	0x6d, 0x62, 0x65, 0x72, 0x12, 0x21, 0x0a, 0x0c, 0x6d, 0x69, 0x6e, 0x6f, 0x72, 0x5f, 0x6e, 0x75,
+	0x6d, 0x62, 0x65, 0x72, 0x18, 0x02, 0x20, 0x01, 0x28, 0x0d, 0x52, 0x0b, 0x6d, 0x69, 0x6e, 0x6f,
+	0x72, 0x4e, 0x75, 0x6d, 0x62, 0x65, 0x72, 0x12, 0x14, 0x0a, 0x05, 0x70, 0x61, 0x74, 0x63, 0x68,
+	0x18, 0x03, 0x20, 0x01, 0x28, 0x0d, 0x52, 0x05, 0x70, 0x61, 0x74, 0x63, 0x68, 0x42, 0x3a, 0x0a,
+	0x18, 0x69, 0x6f, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x70, 0x72, 0x6f, 0x78, 0x79, 0x2e, 0x65,
+	0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x74, 0x79, 0x70, 0x65, 0x42, 0x14, 0x53, 0x65, 0x6d, 0x61, 0x6e,
+	0x74, 0x69, 0x63, 0x56, 0x65, 0x72, 0x73, 0x69, 0x6f, 0x6e, 0x50, 0x72, 0x6f, 0x74, 0x6f, 0x50,
+	0x01, 0xba, 0x80, 0xc8, 0xd1, 0x06, 0x02, 0x10, 0x01, 0x62, 0x06, 0x70, 0x72, 0x6f, 0x74, 0x6f,
+	0x33,
+}
+
+var (
+	file_envoy_type_semantic_version_proto_rawDescOnce sync.Once
+	file_envoy_type_semantic_version_proto_rawDescData = file_envoy_type_semantic_version_proto_rawDesc
+)
+
+func file_envoy_type_semantic_version_proto_rawDescGZIP() []byte {
+	file_envoy_type_semantic_version_proto_rawDescOnce.Do(func() {
+		file_envoy_type_semantic_version_proto_rawDescData = protoimpl.X.CompressGZIP(file_envoy_type_semantic_version_proto_rawDescData)
+	})
+	return file_envoy_type_semantic_version_proto_rawDescData
+}
+
+var file_envoy_type_semantic_version_proto_msgTypes = make([]protoimpl.MessageInfo, 1)
+var file_envoy_type_semantic_version_proto_goTypes = []interface{}{
+	(*SemanticVersion)(nil), // 0: envoy.type.SemanticVersion
+}
+var file_envoy_type_semantic_version_proto_depIdxs = []int32{
+	0, // [0:0] is the sub-list for method output_type
+	0, // [0:0] is the sub-list for method input_type
+	0, // [0:0] is the sub-list for extension type_name
+	0, // [0:0] is the sub-list for extension extendee
+	0, // [0:0] is the sub-list for field type_name
+}
+
+func init() { file_envoy_type_semantic_version_proto_init() }
+func file_envoy_type_semantic_version_proto_init() {
+	if File_envoy_type_semantic_version_proto != nil {
+		return
+	}
+	if !protoimpl.UnsafeEnabled {
+		file_envoy_type_semantic_version_proto_msgTypes[0].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*SemanticVersion); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+	}
+	type x struct{}
+	out := protoimpl.TypeBuilder{
+		File: protoimpl.DescBuilder{
+			GoPackagePath: reflect.TypeOf(x{}).PkgPath(),
+			RawDescriptor: file_envoy_type_semantic_version_proto_rawDesc,
+			NumEnums:      0,
+			NumMessages:   1,
+			NumExtensions: 0,
+			NumServices:   0,
+		},
+		GoTypes:           file_envoy_type_semantic_version_proto_goTypes,
+		DependencyIndexes: file_envoy_type_semantic_version_proto_depIdxs,
+		MessageInfos:      file_envoy_type_semantic_version_proto_msgTypes,
+	}.Build()
+	File_envoy_type_semantic_version_proto = out.File
+	file_envoy_type_semantic_version_proto_rawDesc = nil
+	file_envoy_type_semantic_version_proto_goTypes = nil
+	file_envoy_type_semantic_version_proto_depIdxs = nil
+}
diff --git a/vendor/github.com/envoyproxy/go-control-plane/envoy/type/semantic_version.pb.validate.go b/vendor/github.com/envoyproxy/go-control-plane/envoy/type/semantic_version.pb.validate.go
new file mode 100644
index 00000000000..978d47b6339
--- /dev/null
+++ b/vendor/github.com/envoyproxy/go-control-plane/envoy/type/semantic_version.pb.validate.go
@@ -0,0 +1,141 @@
+// Code generated by protoc-gen-validate. DO NOT EDIT.
+// source: envoy/type/semantic_version.proto
+
+package envoy_type
+
+import (
+	"bytes"
+	"errors"
+	"fmt"
+	"net"
+	"net/mail"
+	"net/url"
+	"regexp"
+	"sort"
+	"strings"
+	"time"
+	"unicode/utf8"
+
+	"google.golang.org/protobuf/types/known/anypb"
+)
+
+// ensure the imports are used
+var (
+	_ = bytes.MinRead
+	_ = errors.New("")
+	_ = fmt.Print
+	_ = utf8.UTFMax
+	_ = (*regexp.Regexp)(nil)
+	_ = (*strings.Reader)(nil)
+	_ = net.IPv4len
+	_ = time.Duration(0)
+	_ = (*url.URL)(nil)
+	_ = (*mail.Address)(nil)
+	_ = anypb.Any{}
+	_ = sort.Sort
+)
+
+// Validate checks the field values on SemanticVersion with the rules defined
+// in the proto definition for this message. If any rules are violated, the
+// first error encountered is returned, or nil if there are no violations.
+func (m *SemanticVersion) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on SemanticVersion with the rules
+// defined in the proto definition for this message. If any rules are
+// violated, the result is a list of violation errors wrapped in
+// SemanticVersionMultiError, or nil if none found.
+func (m *SemanticVersion) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *SemanticVersion) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	// no validation rules for MajorNumber
+
+	// no validation rules for MinorNumber
+
+	// no validation rules for Patch
+
+	if len(errors) > 0 {
+		return SemanticVersionMultiError(errors)
+	}
+	return nil
+}
+
+// SemanticVersionMultiError is an error wrapping multiple validation errors
+// returned by SemanticVersion.ValidateAll() if the designated constraints
+// aren't met.
+type SemanticVersionMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m SemanticVersionMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m SemanticVersionMultiError) AllErrors() []error { return m }
+
+// SemanticVersionValidationError is the validation error returned by
+// SemanticVersion.Validate if the designated constraints aren't met.
+type SemanticVersionValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e SemanticVersionValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e SemanticVersionValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e SemanticVersionValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e SemanticVersionValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e SemanticVersionValidationError) ErrorName() string { return "SemanticVersionValidationError" }
+
+// Error satisfies the builtin error interface
+func (e SemanticVersionValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sSemanticVersion.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = SemanticVersionValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = SemanticVersionValidationError{}
diff --git a/vendor/github.com/envoyproxy/go-control-plane/envoy/type/token_bucket.pb.go b/vendor/github.com/envoyproxy/go-control-plane/envoy/type/token_bucket.pb.go
new file mode 100644
index 00000000000..88559d42bdc
--- /dev/null
+++ b/vendor/github.com/envoyproxy/go-control-plane/envoy/type/token_bucket.pb.go
@@ -0,0 +1,201 @@
+// Code generated by protoc-gen-go. DO NOT EDIT.
+// versions:
+// 	protoc-gen-go v1.25.0
+// 	protoc        v3.19.1
+// source: envoy/type/token_bucket.proto
+
+package envoy_type
+
+import (
+	_ "github.com/cncf/xds/go/udpa/annotations"
+	_ "github.com/envoyproxy/protoc-gen-validate/validate"
+	proto "github.com/golang/protobuf/proto"
+	duration "github.com/golang/protobuf/ptypes/duration"
+	wrappers "github.com/golang/protobuf/ptypes/wrappers"
+	protoreflect "google.golang.org/protobuf/reflect/protoreflect"
+	protoimpl "google.golang.org/protobuf/runtime/protoimpl"
+	reflect "reflect"
+	sync "sync"
+)
+
+const (
+	// Verify that this generated code is sufficiently up-to-date.
+	_ = protoimpl.EnforceVersion(20 - protoimpl.MinVersion)
+	// Verify that runtime/protoimpl is sufficiently up-to-date.
+	_ = protoimpl.EnforceVersion(protoimpl.MaxVersion - 20)
+)
+
+// This is a compile-time assertion that a sufficiently up-to-date version
+// of the legacy proto package is being used.
+const _ = proto.ProtoPackageIsVersion4
+
+// Configures a token bucket, typically used for rate limiting.
+type TokenBucket struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// The maximum tokens that the bucket can hold. This is also the number of tokens that the bucket
+	// initially contains.
+	MaxTokens uint32 `protobuf:"varint,1,opt,name=max_tokens,json=maxTokens,proto3" json:"max_tokens,omitempty"`
+	// The number of tokens added to the bucket during each fill interval. If not specified, defaults
+	// to a single token.
+	TokensPerFill *wrappers.UInt32Value `protobuf:"bytes,2,opt,name=tokens_per_fill,json=tokensPerFill,proto3" json:"tokens_per_fill,omitempty"`
+	// The fill interval that tokens are added to the bucket. During each fill interval
+	// `tokens_per_fill` are added to the bucket. The bucket will never contain more than
+	// `max_tokens` tokens.
+	FillInterval *duration.Duration `protobuf:"bytes,3,opt,name=fill_interval,json=fillInterval,proto3" json:"fill_interval,omitempty"`
+}
+
+func (x *TokenBucket) Reset() {
+	*x = TokenBucket{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_type_token_bucket_proto_msgTypes[0]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *TokenBucket) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*TokenBucket) ProtoMessage() {}
+
+func (x *TokenBucket) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_type_token_bucket_proto_msgTypes[0]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use TokenBucket.ProtoReflect.Descriptor instead.
+func (*TokenBucket) Descriptor() ([]byte, []int) {
+	return file_envoy_type_token_bucket_proto_rawDescGZIP(), []int{0}
+}
+
+func (x *TokenBucket) GetMaxTokens() uint32 {
+	if x != nil {
+		return x.MaxTokens
+	}
+	return 0
+}
+
+func (x *TokenBucket) GetTokensPerFill() *wrappers.UInt32Value {
+	if x != nil {
+		return x.TokensPerFill
+	}
+	return nil
+}
+
+func (x *TokenBucket) GetFillInterval() *duration.Duration {
+	if x != nil {
+		return x.FillInterval
+	}
+	return nil
+}
+
+var File_envoy_type_token_bucket_proto protoreflect.FileDescriptor
+
+var file_envoy_type_token_bucket_proto_rawDesc = []byte{
+	0x0a, 0x1d, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2f, 0x74, 0x79, 0x70, 0x65, 0x2f, 0x74, 0x6f, 0x6b,
+	0x65, 0x6e, 0x5f, 0x62, 0x75, 0x63, 0x6b, 0x65, 0x74, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x12,
+	0x0a, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x74, 0x79, 0x70, 0x65, 0x1a, 0x1e, 0x67, 0x6f, 0x6f,
+	0x67, 0x6c, 0x65, 0x2f, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2f, 0x64, 0x75, 0x72,
+	0x61, 0x74, 0x69, 0x6f, 0x6e, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x1e, 0x67, 0x6f, 0x6f,
+	0x67, 0x6c, 0x65, 0x2f, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2f, 0x77, 0x72, 0x61,
+	0x70, 0x70, 0x65, 0x72, 0x73, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x1d, 0x75, 0x64, 0x70,
+	0x61, 0x2f, 0x61, 0x6e, 0x6e, 0x6f, 0x74, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x2f, 0x73, 0x74,
+	0x61, 0x74, 0x75, 0x73, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x17, 0x76, 0x61, 0x6c, 0x69,
+	0x64, 0x61, 0x74, 0x65, 0x2f, 0x76, 0x61, 0x6c, 0x69, 0x64, 0x61, 0x74, 0x65, 0x2e, 0x70, 0x72,
+	0x6f, 0x74, 0x6f, 0x22, 0xd0, 0x01, 0x0a, 0x0b, 0x54, 0x6f, 0x6b, 0x65, 0x6e, 0x42, 0x75, 0x63,
+	0x6b, 0x65, 0x74, 0x12, 0x26, 0x0a, 0x0a, 0x6d, 0x61, 0x78, 0x5f, 0x74, 0x6f, 0x6b, 0x65, 0x6e,
+	0x73, 0x18, 0x01, 0x20, 0x01, 0x28, 0x0d, 0x42, 0x07, 0xfa, 0x42, 0x04, 0x2a, 0x02, 0x20, 0x00,
+	0x52, 0x09, 0x6d, 0x61, 0x78, 0x54, 0x6f, 0x6b, 0x65, 0x6e, 0x73, 0x12, 0x4d, 0x0a, 0x0f, 0x74,
+	0x6f, 0x6b, 0x65, 0x6e, 0x73, 0x5f, 0x70, 0x65, 0x72, 0x5f, 0x66, 0x69, 0x6c, 0x6c, 0x18, 0x02,
+	0x20, 0x01, 0x28, 0x0b, 0x32, 0x1c, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72,
+	0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x55, 0x49, 0x6e, 0x74, 0x33, 0x32, 0x56, 0x61, 0x6c,
+	0x75, 0x65, 0x42, 0x07, 0xfa, 0x42, 0x04, 0x2a, 0x02, 0x20, 0x00, 0x52, 0x0d, 0x74, 0x6f, 0x6b,
+	0x65, 0x6e, 0x73, 0x50, 0x65, 0x72, 0x46, 0x69, 0x6c, 0x6c, 0x12, 0x4a, 0x0a, 0x0d, 0x66, 0x69,
+	0x6c, 0x6c, 0x5f, 0x69, 0x6e, 0x74, 0x65, 0x72, 0x76, 0x61, 0x6c, 0x18, 0x03, 0x20, 0x01, 0x28,
+	0x0b, 0x32, 0x19, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f,
+	0x62, 0x75, 0x66, 0x2e, 0x44, 0x75, 0x72, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x42, 0x0a, 0xfa, 0x42,
+	0x07, 0xaa, 0x01, 0x04, 0x08, 0x01, 0x2a, 0x00, 0x52, 0x0c, 0x66, 0x69, 0x6c, 0x6c, 0x49, 0x6e,
+	0x74, 0x65, 0x72, 0x76, 0x61, 0x6c, 0x42, 0x36, 0x0a, 0x18, 0x69, 0x6f, 0x2e, 0x65, 0x6e, 0x76,
+	0x6f, 0x79, 0x70, 0x72, 0x6f, 0x78, 0x79, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x74, 0x79,
+	0x70, 0x65, 0x42, 0x10, 0x54, 0x6f, 0x6b, 0x65, 0x6e, 0x42, 0x75, 0x63, 0x6b, 0x65, 0x74, 0x50,
+	0x72, 0x6f, 0x74, 0x6f, 0x50, 0x01, 0xba, 0x80, 0xc8, 0xd1, 0x06, 0x02, 0x10, 0x01, 0x62, 0x06,
+	0x70, 0x72, 0x6f, 0x74, 0x6f, 0x33,
+}
+
+var (
+	file_envoy_type_token_bucket_proto_rawDescOnce sync.Once
+	file_envoy_type_token_bucket_proto_rawDescData = file_envoy_type_token_bucket_proto_rawDesc
+)
+
+func file_envoy_type_token_bucket_proto_rawDescGZIP() []byte {
+	file_envoy_type_token_bucket_proto_rawDescOnce.Do(func() {
+		file_envoy_type_token_bucket_proto_rawDescData = protoimpl.X.CompressGZIP(file_envoy_type_token_bucket_proto_rawDescData)
+	})
+	return file_envoy_type_token_bucket_proto_rawDescData
+}
+
+var file_envoy_type_token_bucket_proto_msgTypes = make([]protoimpl.MessageInfo, 1)
+var file_envoy_type_token_bucket_proto_goTypes = []interface{}{
+	(*TokenBucket)(nil),          // 0: envoy.type.TokenBucket
+	(*wrappers.UInt32Value)(nil), // 1: google.protobuf.UInt32Value
+	(*duration.Duration)(nil),    // 2: google.protobuf.Duration
+}
+var file_envoy_type_token_bucket_proto_depIdxs = []int32{
+	1, // 0: envoy.type.TokenBucket.tokens_per_fill:type_name -> google.protobuf.UInt32Value
+	2, // 1: envoy.type.TokenBucket.fill_interval:type_name -> google.protobuf.Duration
+	2, // [2:2] is the sub-list for method output_type
+	2, // [2:2] is the sub-list for method input_type
+	2, // [2:2] is the sub-list for extension type_name
+	2, // [2:2] is the sub-list for extension extendee
+	0, // [0:2] is the sub-list for field type_name
+}
+
+func init() { file_envoy_type_token_bucket_proto_init() }
+func file_envoy_type_token_bucket_proto_init() {
+	if File_envoy_type_token_bucket_proto != nil {
+		return
+	}
+	if !protoimpl.UnsafeEnabled {
+		file_envoy_type_token_bucket_proto_msgTypes[0].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*TokenBucket); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+	}
+	type x struct{}
+	out := protoimpl.TypeBuilder{
+		File: protoimpl.DescBuilder{
+			GoPackagePath: reflect.TypeOf(x{}).PkgPath(),
+			RawDescriptor: file_envoy_type_token_bucket_proto_rawDesc,
+			NumEnums:      0,
+			NumMessages:   1,
+			NumExtensions: 0,
+			NumServices:   0,
+		},
+		GoTypes:           file_envoy_type_token_bucket_proto_goTypes,
+		DependencyIndexes: file_envoy_type_token_bucket_proto_depIdxs,
+		MessageInfos:      file_envoy_type_token_bucket_proto_msgTypes,
+	}.Build()
+	File_envoy_type_token_bucket_proto = out.File
+	file_envoy_type_token_bucket_proto_rawDesc = nil
+	file_envoy_type_token_bucket_proto_goTypes = nil
+	file_envoy_type_token_bucket_proto_depIdxs = nil
+}
diff --git a/vendor/github.com/envoyproxy/go-control-plane/envoy/type/token_bucket.pb.validate.go b/vendor/github.com/envoyproxy/go-control-plane/envoy/type/token_bucket.pb.validate.go
new file mode 100644
index 00000000000..5bca74e6144
--- /dev/null
+++ b/vendor/github.com/envoyproxy/go-control-plane/envoy/type/token_bucket.pb.validate.go
@@ -0,0 +1,201 @@
+// Code generated by protoc-gen-validate. DO NOT EDIT.
+// source: envoy/type/token_bucket.proto
+
+package envoy_type
+
+import (
+	"bytes"
+	"errors"
+	"fmt"
+	"net"
+	"net/mail"
+	"net/url"
+	"regexp"
+	"sort"
+	"strings"
+	"time"
+	"unicode/utf8"
+
+	"google.golang.org/protobuf/types/known/anypb"
+)
+
+// ensure the imports are used
+var (
+	_ = bytes.MinRead
+	_ = errors.New("")
+	_ = fmt.Print
+	_ = utf8.UTFMax
+	_ = (*regexp.Regexp)(nil)
+	_ = (*strings.Reader)(nil)
+	_ = net.IPv4len
+	_ = time.Duration(0)
+	_ = (*url.URL)(nil)
+	_ = (*mail.Address)(nil)
+	_ = anypb.Any{}
+	_ = sort.Sort
+)
+
+// Validate checks the field values on TokenBucket with the rules defined in
+// the proto definition for this message. If any rules are violated, the first
+// error encountered is returned, or nil if there are no violations.
+func (m *TokenBucket) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on TokenBucket with the rules defined in
+// the proto definition for this message. If any rules are violated, the
+// result is a list of violation errors wrapped in TokenBucketMultiError, or
+// nil if none found.
+func (m *TokenBucket) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *TokenBucket) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	if m.GetMaxTokens() <= 0 {
+		err := TokenBucketValidationError{
+			field:  "MaxTokens",
+			reason: "value must be greater than 0",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+	}
+
+	if wrapper := m.GetTokensPerFill(); wrapper != nil {
+
+		if wrapper.GetValue() <= 0 {
+			err := TokenBucketValidationError{
+				field:  "TokensPerFill",
+				reason: "value must be greater than 0",
+			}
+			if !all {
+				return err
+			}
+			errors = append(errors, err)
+		}
+
+	}
+
+	if m.GetFillInterval() == nil {
+		err := TokenBucketValidationError{
+			field:  "FillInterval",
+			reason: "value is required",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+	}
+
+	if d := m.GetFillInterval(); d != nil {
+		dur, err := d.AsDuration(), d.CheckValid()
+		if err != nil {
+			err = TokenBucketValidationError{
+				field:  "FillInterval",
+				reason: "value is not a valid duration",
+				cause:  err,
+			}
+			if !all {
+				return err
+			}
+			errors = append(errors, err)
+		} else {
+
+			gt := time.Duration(0*time.Second + 0*time.Nanosecond)
+
+			if dur <= gt {
+				err := TokenBucketValidationError{
+					field:  "FillInterval",
+					reason: "value must be greater than 0s",
+				}
+				if !all {
+					return err
+				}
+				errors = append(errors, err)
+			}
+
+		}
+	}
+
+	if len(errors) > 0 {
+		return TokenBucketMultiError(errors)
+	}
+	return nil
+}
+
+// TokenBucketMultiError is an error wrapping multiple validation errors
+// returned by TokenBucket.ValidateAll() if the designated constraints aren't met.
+type TokenBucketMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m TokenBucketMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m TokenBucketMultiError) AllErrors() []error { return m }
+
+// TokenBucketValidationError is the validation error returned by
+// TokenBucket.Validate if the designated constraints aren't met.
+type TokenBucketValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e TokenBucketValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e TokenBucketValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e TokenBucketValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e TokenBucketValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e TokenBucketValidationError) ErrorName() string { return "TokenBucketValidationError" }
+
+// Error satisfies the builtin error interface
+func (e TokenBucketValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sTokenBucket.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = TokenBucketValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = TokenBucketValidationError{}
diff --git a/vendor/github.com/envoyproxy/go-control-plane/envoy/type/tracing/v2/custom_tag.pb.go b/vendor/github.com/envoyproxy/go-control-plane/envoy/type/tracing/v2/custom_tag.pb.go
new file mode 100644
index 00000000000..435855e52b6
--- /dev/null
+++ b/vendor/github.com/envoyproxy/go-control-plane/envoy/type/tracing/v2/custom_tag.pb.go
@@ -0,0 +1,592 @@
+// Code generated by protoc-gen-go. DO NOT EDIT.
+// versions:
+// 	protoc-gen-go v1.25.0
+// 	protoc        v3.19.1
+// source: envoy/type/tracing/v2/custom_tag.proto
+
+package envoy_type_tracing_v2
+
+import (
+	_ "github.com/cncf/xds/go/udpa/annotations"
+	v2 "github.com/envoyproxy/go-control-plane/envoy/type/metadata/v2"
+	_ "github.com/envoyproxy/protoc-gen-validate/validate"
+	proto "github.com/golang/protobuf/proto"
+	protoreflect "google.golang.org/protobuf/reflect/protoreflect"
+	protoimpl "google.golang.org/protobuf/runtime/protoimpl"
+	reflect "reflect"
+	sync "sync"
+)
+
+const (
+	// Verify that this generated code is sufficiently up-to-date.
+	_ = protoimpl.EnforceVersion(20 - protoimpl.MinVersion)
+	// Verify that runtime/protoimpl is sufficiently up-to-date.
+	_ = protoimpl.EnforceVersion(protoimpl.MaxVersion - 20)
+)
+
+// This is a compile-time assertion that a sufficiently up-to-date version
+// of the legacy proto package is being used.
+const _ = proto.ProtoPackageIsVersion4
+
+// Describes custom tags for the active span.
+// [#next-free-field: 6]
+type CustomTag struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// Used to populate the tag name.
+	Tag string `protobuf:"bytes,1,opt,name=tag,proto3" json:"tag,omitempty"`
+	// Used to specify what kind of custom tag.
+	//
+	// Types that are assignable to Type:
+	//	*CustomTag_Literal_
+	//	*CustomTag_Environment_
+	//	*CustomTag_RequestHeader
+	//	*CustomTag_Metadata_
+	Type isCustomTag_Type `protobuf_oneof:"type"`
+}
+
+func (x *CustomTag) Reset() {
+	*x = CustomTag{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_type_tracing_v2_custom_tag_proto_msgTypes[0]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *CustomTag) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*CustomTag) ProtoMessage() {}
+
+func (x *CustomTag) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_type_tracing_v2_custom_tag_proto_msgTypes[0]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use CustomTag.ProtoReflect.Descriptor instead.
+func (*CustomTag) Descriptor() ([]byte, []int) {
+	return file_envoy_type_tracing_v2_custom_tag_proto_rawDescGZIP(), []int{0}
+}
+
+func (x *CustomTag) GetTag() string {
+	if x != nil {
+		return x.Tag
+	}
+	return ""
+}
+
+func (m *CustomTag) GetType() isCustomTag_Type {
+	if m != nil {
+		return m.Type
+	}
+	return nil
+}
+
+func (x *CustomTag) GetLiteral() *CustomTag_Literal {
+	if x, ok := x.GetType().(*CustomTag_Literal_); ok {
+		return x.Literal
+	}
+	return nil
+}
+
+func (x *CustomTag) GetEnvironment() *CustomTag_Environment {
+	if x, ok := x.GetType().(*CustomTag_Environment_); ok {
+		return x.Environment
+	}
+	return nil
+}
+
+func (x *CustomTag) GetRequestHeader() *CustomTag_Header {
+	if x, ok := x.GetType().(*CustomTag_RequestHeader); ok {
+		return x.RequestHeader
+	}
+	return nil
+}
+
+func (x *CustomTag) GetMetadata() *CustomTag_Metadata {
+	if x, ok := x.GetType().(*CustomTag_Metadata_); ok {
+		return x.Metadata
+	}
+	return nil
+}
+
+type isCustomTag_Type interface {
+	isCustomTag_Type()
+}
+
+type CustomTag_Literal_ struct {
+	// A literal custom tag.
+	Literal *CustomTag_Literal `protobuf:"bytes,2,opt,name=literal,proto3,oneof"`
+}
+
+type CustomTag_Environment_ struct {
+	// An environment custom tag.
+	Environment *CustomTag_Environment `protobuf:"bytes,3,opt,name=environment,proto3,oneof"`
+}
+
+type CustomTag_RequestHeader struct {
+	// A request header custom tag.
+	RequestHeader *CustomTag_Header `protobuf:"bytes,4,opt,name=request_header,json=requestHeader,proto3,oneof"`
+}
+
+type CustomTag_Metadata_ struct {
+	// A custom tag to obtain tag value from the metadata.
+	Metadata *CustomTag_Metadata `protobuf:"bytes,5,opt,name=metadata,proto3,oneof"`
+}
+
+func (*CustomTag_Literal_) isCustomTag_Type() {}
+
+func (*CustomTag_Environment_) isCustomTag_Type() {}
+
+func (*CustomTag_RequestHeader) isCustomTag_Type() {}
+
+func (*CustomTag_Metadata_) isCustomTag_Type() {}
+
+// Literal type custom tag with static value for the tag value.
+type CustomTag_Literal struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// Static literal value to populate the tag value.
+	Value string `protobuf:"bytes,1,opt,name=value,proto3" json:"value,omitempty"`
+}
+
+func (x *CustomTag_Literal) Reset() {
+	*x = CustomTag_Literal{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_type_tracing_v2_custom_tag_proto_msgTypes[1]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *CustomTag_Literal) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*CustomTag_Literal) ProtoMessage() {}
+
+func (x *CustomTag_Literal) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_type_tracing_v2_custom_tag_proto_msgTypes[1]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use CustomTag_Literal.ProtoReflect.Descriptor instead.
+func (*CustomTag_Literal) Descriptor() ([]byte, []int) {
+	return file_envoy_type_tracing_v2_custom_tag_proto_rawDescGZIP(), []int{0, 0}
+}
+
+func (x *CustomTag_Literal) GetValue() string {
+	if x != nil {
+		return x.Value
+	}
+	return ""
+}
+
+// Environment type custom tag with environment name and default value.
+type CustomTag_Environment struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// Environment variable name to obtain the value to populate the tag value.
+	Name string `protobuf:"bytes,1,opt,name=name,proto3" json:"name,omitempty"`
+	// When the environment variable is not found,
+	// the tag value will be populated with this default value if specified,
+	// otherwise no tag will be populated.
+	DefaultValue string `protobuf:"bytes,2,opt,name=default_value,json=defaultValue,proto3" json:"default_value,omitempty"`
+}
+
+func (x *CustomTag_Environment) Reset() {
+	*x = CustomTag_Environment{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_type_tracing_v2_custom_tag_proto_msgTypes[2]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *CustomTag_Environment) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*CustomTag_Environment) ProtoMessage() {}
+
+func (x *CustomTag_Environment) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_type_tracing_v2_custom_tag_proto_msgTypes[2]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use CustomTag_Environment.ProtoReflect.Descriptor instead.
+func (*CustomTag_Environment) Descriptor() ([]byte, []int) {
+	return file_envoy_type_tracing_v2_custom_tag_proto_rawDescGZIP(), []int{0, 1}
+}
+
+func (x *CustomTag_Environment) GetName() string {
+	if x != nil {
+		return x.Name
+	}
+	return ""
+}
+
+func (x *CustomTag_Environment) GetDefaultValue() string {
+	if x != nil {
+		return x.DefaultValue
+	}
+	return ""
+}
+
+// Header type custom tag with header name and default value.
+type CustomTag_Header struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// Header name to obtain the value to populate the tag value.
+	Name string `protobuf:"bytes,1,opt,name=name,proto3" json:"name,omitempty"`
+	// When the header does not exist,
+	// the tag value will be populated with this default value if specified,
+	// otherwise no tag will be populated.
+	DefaultValue string `protobuf:"bytes,2,opt,name=default_value,json=defaultValue,proto3" json:"default_value,omitempty"`
+}
+
+func (x *CustomTag_Header) Reset() {
+	*x = CustomTag_Header{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_type_tracing_v2_custom_tag_proto_msgTypes[3]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *CustomTag_Header) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*CustomTag_Header) ProtoMessage() {}
+
+func (x *CustomTag_Header) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_type_tracing_v2_custom_tag_proto_msgTypes[3]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use CustomTag_Header.ProtoReflect.Descriptor instead.
+func (*CustomTag_Header) Descriptor() ([]byte, []int) {
+	return file_envoy_type_tracing_v2_custom_tag_proto_rawDescGZIP(), []int{0, 2}
+}
+
+func (x *CustomTag_Header) GetName() string {
+	if x != nil {
+		return x.Name
+	}
+	return ""
+}
+
+func (x *CustomTag_Header) GetDefaultValue() string {
+	if x != nil {
+		return x.DefaultValue
+	}
+	return ""
+}
+
+// Metadata type custom tag using
+// :ref:`MetadataKey <envoy_api_msg_type.metadata.v2.MetadataKey>` to retrieve the protobuf value
+// from :ref:`Metadata <envoy_api_msg_core.Metadata>`, and populate the tag value with
+// `the canonical JSON <https://developers.google.com/protocol-buffers/docs/proto3#json>`_
+// representation of it.
+type CustomTag_Metadata struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// Specify what kind of metadata to obtain tag value from.
+	Kind *v2.MetadataKind `protobuf:"bytes,1,opt,name=kind,proto3" json:"kind,omitempty"`
+	// Metadata key to define the path to retrieve the tag value.
+	MetadataKey *v2.MetadataKey `protobuf:"bytes,2,opt,name=metadata_key,json=metadataKey,proto3" json:"metadata_key,omitempty"`
+	// When no valid metadata is found,
+	// the tag value would be populated with this default value if specified,
+	// otherwise no tag would be populated.
+	DefaultValue string `protobuf:"bytes,3,opt,name=default_value,json=defaultValue,proto3" json:"default_value,omitempty"`
+}
+
+func (x *CustomTag_Metadata) Reset() {
+	*x = CustomTag_Metadata{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_type_tracing_v2_custom_tag_proto_msgTypes[4]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *CustomTag_Metadata) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*CustomTag_Metadata) ProtoMessage() {}
+
+func (x *CustomTag_Metadata) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_type_tracing_v2_custom_tag_proto_msgTypes[4]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use CustomTag_Metadata.ProtoReflect.Descriptor instead.
+func (*CustomTag_Metadata) Descriptor() ([]byte, []int) {
+	return file_envoy_type_tracing_v2_custom_tag_proto_rawDescGZIP(), []int{0, 3}
+}
+
+func (x *CustomTag_Metadata) GetKind() *v2.MetadataKind {
+	if x != nil {
+		return x.Kind
+	}
+	return nil
+}
+
+func (x *CustomTag_Metadata) GetMetadataKey() *v2.MetadataKey {
+	if x != nil {
+		return x.MetadataKey
+	}
+	return nil
+}
+
+func (x *CustomTag_Metadata) GetDefaultValue() string {
+	if x != nil {
+		return x.DefaultValue
+	}
+	return ""
+}
+
+var File_envoy_type_tracing_v2_custom_tag_proto protoreflect.FileDescriptor
+
+var file_envoy_type_tracing_v2_custom_tag_proto_rawDesc = []byte{
+	0x0a, 0x26, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2f, 0x74, 0x79, 0x70, 0x65, 0x2f, 0x74, 0x72, 0x61,
+	0x63, 0x69, 0x6e, 0x67, 0x2f, 0x76, 0x32, 0x2f, 0x63, 0x75, 0x73, 0x74, 0x6f, 0x6d, 0x5f, 0x74,
+	0x61, 0x67, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x12, 0x15, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e,
+	0x74, 0x79, 0x70, 0x65, 0x2e, 0x74, 0x72, 0x61, 0x63, 0x69, 0x6e, 0x67, 0x2e, 0x76, 0x32, 0x1a,
+	0x25, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2f, 0x74, 0x79, 0x70, 0x65, 0x2f, 0x6d, 0x65, 0x74, 0x61,
+	0x64, 0x61, 0x74, 0x61, 0x2f, 0x76, 0x32, 0x2f, 0x6d, 0x65, 0x74, 0x61, 0x64, 0x61, 0x74, 0x61,
+	0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x1d, 0x75, 0x64, 0x70, 0x61, 0x2f, 0x61, 0x6e, 0x6e,
+	0x6f, 0x74, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x2f, 0x73, 0x74, 0x61, 0x74, 0x75, 0x73, 0x2e,
+	0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x17, 0x76, 0x61, 0x6c, 0x69, 0x64, 0x61, 0x74, 0x65, 0x2f,
+	0x76, 0x61, 0x6c, 0x69, 0x64, 0x61, 0x74, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x22, 0xe7,
+	0x05, 0x0a, 0x09, 0x43, 0x75, 0x73, 0x74, 0x6f, 0x6d, 0x54, 0x61, 0x67, 0x12, 0x19, 0x0a, 0x03,
+	0x74, 0x61, 0x67, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x42, 0x07, 0xfa, 0x42, 0x04, 0x72, 0x02,
+	0x20, 0x01, 0x52, 0x03, 0x74, 0x61, 0x67, 0x12, 0x44, 0x0a, 0x07, 0x6c, 0x69, 0x74, 0x65, 0x72,
+	0x61, 0x6c, 0x18, 0x02, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x28, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79,
+	0x2e, 0x74, 0x79, 0x70, 0x65, 0x2e, 0x74, 0x72, 0x61, 0x63, 0x69, 0x6e, 0x67, 0x2e, 0x76, 0x32,
+	0x2e, 0x43, 0x75, 0x73, 0x74, 0x6f, 0x6d, 0x54, 0x61, 0x67, 0x2e, 0x4c, 0x69, 0x74, 0x65, 0x72,
+	0x61, 0x6c, 0x48, 0x00, 0x52, 0x07, 0x6c, 0x69, 0x74, 0x65, 0x72, 0x61, 0x6c, 0x12, 0x50, 0x0a,
+	0x0b, 0x65, 0x6e, 0x76, 0x69, 0x72, 0x6f, 0x6e, 0x6d, 0x65, 0x6e, 0x74, 0x18, 0x03, 0x20, 0x01,
+	0x28, 0x0b, 0x32, 0x2c, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x74, 0x79, 0x70, 0x65, 0x2e,
+	0x74, 0x72, 0x61, 0x63, 0x69, 0x6e, 0x67, 0x2e, 0x76, 0x32, 0x2e, 0x43, 0x75, 0x73, 0x74, 0x6f,
+	0x6d, 0x54, 0x61, 0x67, 0x2e, 0x45, 0x6e, 0x76, 0x69, 0x72, 0x6f, 0x6e, 0x6d, 0x65, 0x6e, 0x74,
+	0x48, 0x00, 0x52, 0x0b, 0x65, 0x6e, 0x76, 0x69, 0x72, 0x6f, 0x6e, 0x6d, 0x65, 0x6e, 0x74, 0x12,
+	0x50, 0x0a, 0x0e, 0x72, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x5f, 0x68, 0x65, 0x61, 0x64, 0x65,
+	0x72, 0x18, 0x04, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x27, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e,
+	0x74, 0x79, 0x70, 0x65, 0x2e, 0x74, 0x72, 0x61, 0x63, 0x69, 0x6e, 0x67, 0x2e, 0x76, 0x32, 0x2e,
+	0x43, 0x75, 0x73, 0x74, 0x6f, 0x6d, 0x54, 0x61, 0x67, 0x2e, 0x48, 0x65, 0x61, 0x64, 0x65, 0x72,
+	0x48, 0x00, 0x52, 0x0d, 0x72, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x48, 0x65, 0x61, 0x64, 0x65,
+	0x72, 0x12, 0x47, 0x0a, 0x08, 0x6d, 0x65, 0x74, 0x61, 0x64, 0x61, 0x74, 0x61, 0x18, 0x05, 0x20,
+	0x01, 0x28, 0x0b, 0x32, 0x29, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x74, 0x79, 0x70, 0x65,
+	0x2e, 0x74, 0x72, 0x61, 0x63, 0x69, 0x6e, 0x67, 0x2e, 0x76, 0x32, 0x2e, 0x43, 0x75, 0x73, 0x74,
+	0x6f, 0x6d, 0x54, 0x61, 0x67, 0x2e, 0x4d, 0x65, 0x74, 0x61, 0x64, 0x61, 0x74, 0x61, 0x48, 0x00,
+	0x52, 0x08, 0x6d, 0x65, 0x74, 0x61, 0x64, 0x61, 0x74, 0x61, 0x1a, 0x28, 0x0a, 0x07, 0x4c, 0x69,
+	0x74, 0x65, 0x72, 0x61, 0x6c, 0x12, 0x1d, 0x0a, 0x05, 0x76, 0x61, 0x6c, 0x75, 0x65, 0x18, 0x01,
+	0x20, 0x01, 0x28, 0x09, 0x42, 0x07, 0xfa, 0x42, 0x04, 0x72, 0x02, 0x20, 0x01, 0x52, 0x05, 0x76,
+	0x61, 0x6c, 0x75, 0x65, 0x1a, 0x4f, 0x0a, 0x0b, 0x45, 0x6e, 0x76, 0x69, 0x72, 0x6f, 0x6e, 0x6d,
+	0x65, 0x6e, 0x74, 0x12, 0x1b, 0x0a, 0x04, 0x6e, 0x61, 0x6d, 0x65, 0x18, 0x01, 0x20, 0x01, 0x28,
+	0x09, 0x42, 0x07, 0xfa, 0x42, 0x04, 0x72, 0x02, 0x20, 0x01, 0x52, 0x04, 0x6e, 0x61, 0x6d, 0x65,
+	0x12, 0x23, 0x0a, 0x0d, 0x64, 0x65, 0x66, 0x61, 0x75, 0x6c, 0x74, 0x5f, 0x76, 0x61, 0x6c, 0x75,
+	0x65, 0x18, 0x02, 0x20, 0x01, 0x28, 0x09, 0x52, 0x0c, 0x64, 0x65, 0x66, 0x61, 0x75, 0x6c, 0x74,
+	0x56, 0x61, 0x6c, 0x75, 0x65, 0x1a, 0x50, 0x0a, 0x06, 0x48, 0x65, 0x61, 0x64, 0x65, 0x72, 0x12,
+	0x21, 0x0a, 0x04, 0x6e, 0x61, 0x6d, 0x65, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x42, 0x0d, 0xfa,
+	0x42, 0x0a, 0x72, 0x08, 0x20, 0x01, 0xc0, 0x01, 0x01, 0xc8, 0x01, 0x00, 0x52, 0x04, 0x6e, 0x61,
+	0x6d, 0x65, 0x12, 0x23, 0x0a, 0x0d, 0x64, 0x65, 0x66, 0x61, 0x75, 0x6c, 0x74, 0x5f, 0x76, 0x61,
+	0x6c, 0x75, 0x65, 0x18, 0x02, 0x20, 0x01, 0x28, 0x09, 0x52, 0x0c, 0x64, 0x65, 0x66, 0x61, 0x75,
+	0x6c, 0x74, 0x56, 0x61, 0x6c, 0x75, 0x65, 0x1a, 0xb1, 0x01, 0x0a, 0x08, 0x4d, 0x65, 0x74, 0x61,
+	0x64, 0x61, 0x74, 0x61, 0x12, 0x38, 0x0a, 0x04, 0x6b, 0x69, 0x6e, 0x64, 0x18, 0x01, 0x20, 0x01,
+	0x28, 0x0b, 0x32, 0x24, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x74, 0x79, 0x70, 0x65, 0x2e,
+	0x6d, 0x65, 0x74, 0x61, 0x64, 0x61, 0x74, 0x61, 0x2e, 0x76, 0x32, 0x2e, 0x4d, 0x65, 0x74, 0x61,
+	0x64, 0x61, 0x74, 0x61, 0x4b, 0x69, 0x6e, 0x64, 0x52, 0x04, 0x6b, 0x69, 0x6e, 0x64, 0x12, 0x46,
+	0x0a, 0x0c, 0x6d, 0x65, 0x74, 0x61, 0x64, 0x61, 0x74, 0x61, 0x5f, 0x6b, 0x65, 0x79, 0x18, 0x02,
+	0x20, 0x01, 0x28, 0x0b, 0x32, 0x23, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x74, 0x79, 0x70,
+	0x65, 0x2e, 0x6d, 0x65, 0x74, 0x61, 0x64, 0x61, 0x74, 0x61, 0x2e, 0x76, 0x32, 0x2e, 0x4d, 0x65,
+	0x74, 0x61, 0x64, 0x61, 0x74, 0x61, 0x4b, 0x65, 0x79, 0x52, 0x0b, 0x6d, 0x65, 0x74, 0x61, 0x64,
+	0x61, 0x74, 0x61, 0x4b, 0x65, 0x79, 0x12, 0x23, 0x0a, 0x0d, 0x64, 0x65, 0x66, 0x61, 0x75, 0x6c,
+	0x74, 0x5f, 0x76, 0x61, 0x6c, 0x75, 0x65, 0x18, 0x03, 0x20, 0x01, 0x28, 0x09, 0x52, 0x0c, 0x64,
+	0x65, 0x66, 0x61, 0x75, 0x6c, 0x74, 0x56, 0x61, 0x6c, 0x75, 0x65, 0x42, 0x0b, 0x0a, 0x04, 0x74,
+	0x79, 0x70, 0x65, 0x12, 0x03, 0xf8, 0x42, 0x01, 0x42, 0x3f, 0x0a, 0x23, 0x69, 0x6f, 0x2e, 0x65,
+	0x6e, 0x76, 0x6f, 0x79, 0x70, 0x72, 0x6f, 0x78, 0x79, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e,
+	0x74, 0x79, 0x70, 0x65, 0x2e, 0x74, 0x72, 0x61, 0x63, 0x69, 0x6e, 0x67, 0x2e, 0x76, 0x32, 0x42,
+	0x0e, 0x43, 0x75, 0x73, 0x74, 0x6f, 0x6d, 0x54, 0x61, 0x67, 0x50, 0x72, 0x6f, 0x74, 0x6f, 0x50,
+	0x01, 0xba, 0x80, 0xc8, 0xd1, 0x06, 0x02, 0x10, 0x01, 0x62, 0x06, 0x70, 0x72, 0x6f, 0x74, 0x6f,
+	0x33,
+}
+
+var (
+	file_envoy_type_tracing_v2_custom_tag_proto_rawDescOnce sync.Once
+	file_envoy_type_tracing_v2_custom_tag_proto_rawDescData = file_envoy_type_tracing_v2_custom_tag_proto_rawDesc
+)
+
+func file_envoy_type_tracing_v2_custom_tag_proto_rawDescGZIP() []byte {
+	file_envoy_type_tracing_v2_custom_tag_proto_rawDescOnce.Do(func() {
+		file_envoy_type_tracing_v2_custom_tag_proto_rawDescData = protoimpl.X.CompressGZIP(file_envoy_type_tracing_v2_custom_tag_proto_rawDescData)
+	})
+	return file_envoy_type_tracing_v2_custom_tag_proto_rawDescData
+}
+
+var file_envoy_type_tracing_v2_custom_tag_proto_msgTypes = make([]protoimpl.MessageInfo, 5)
+var file_envoy_type_tracing_v2_custom_tag_proto_goTypes = []interface{}{
+	(*CustomTag)(nil),             // 0: envoy.type.tracing.v2.CustomTag
+	(*CustomTag_Literal)(nil),     // 1: envoy.type.tracing.v2.CustomTag.Literal
+	(*CustomTag_Environment)(nil), // 2: envoy.type.tracing.v2.CustomTag.Environment
+	(*CustomTag_Header)(nil),      // 3: envoy.type.tracing.v2.CustomTag.Header
+	(*CustomTag_Metadata)(nil),    // 4: envoy.type.tracing.v2.CustomTag.Metadata
+	(*v2.MetadataKind)(nil),       // 5: envoy.type.metadata.v2.MetadataKind
+	(*v2.MetadataKey)(nil),        // 6: envoy.type.metadata.v2.MetadataKey
+}
+var file_envoy_type_tracing_v2_custom_tag_proto_depIdxs = []int32{
+	1, // 0: envoy.type.tracing.v2.CustomTag.literal:type_name -> envoy.type.tracing.v2.CustomTag.Literal
+	2, // 1: envoy.type.tracing.v2.CustomTag.environment:type_name -> envoy.type.tracing.v2.CustomTag.Environment
+	3, // 2: envoy.type.tracing.v2.CustomTag.request_header:type_name -> envoy.type.tracing.v2.CustomTag.Header
+	4, // 3: envoy.type.tracing.v2.CustomTag.metadata:type_name -> envoy.type.tracing.v2.CustomTag.Metadata
+	5, // 4: envoy.type.tracing.v2.CustomTag.Metadata.kind:type_name -> envoy.type.metadata.v2.MetadataKind
+	6, // 5: envoy.type.tracing.v2.CustomTag.Metadata.metadata_key:type_name -> envoy.type.metadata.v2.MetadataKey
+	6, // [6:6] is the sub-list for method output_type
+	6, // [6:6] is the sub-list for method input_type
+	6, // [6:6] is the sub-list for extension type_name
+	6, // [6:6] is the sub-list for extension extendee
+	0, // [0:6] is the sub-list for field type_name
+}
+
+func init() { file_envoy_type_tracing_v2_custom_tag_proto_init() }
+func file_envoy_type_tracing_v2_custom_tag_proto_init() {
+	if File_envoy_type_tracing_v2_custom_tag_proto != nil {
+		return
+	}
+	if !protoimpl.UnsafeEnabled {
+		file_envoy_type_tracing_v2_custom_tag_proto_msgTypes[0].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*CustomTag); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_type_tracing_v2_custom_tag_proto_msgTypes[1].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*CustomTag_Literal); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_type_tracing_v2_custom_tag_proto_msgTypes[2].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*CustomTag_Environment); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_type_tracing_v2_custom_tag_proto_msgTypes[3].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*CustomTag_Header); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_type_tracing_v2_custom_tag_proto_msgTypes[4].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*CustomTag_Metadata); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+	}
+	file_envoy_type_tracing_v2_custom_tag_proto_msgTypes[0].OneofWrappers = []interface{}{
+		(*CustomTag_Literal_)(nil),
+		(*CustomTag_Environment_)(nil),
+		(*CustomTag_RequestHeader)(nil),
+		(*CustomTag_Metadata_)(nil),
+	}
+	type x struct{}
+	out := protoimpl.TypeBuilder{
+		File: protoimpl.DescBuilder{
+			GoPackagePath: reflect.TypeOf(x{}).PkgPath(),
+			RawDescriptor: file_envoy_type_tracing_v2_custom_tag_proto_rawDesc,
+			NumEnums:      0,
+			NumMessages:   5,
+			NumExtensions: 0,
+			NumServices:   0,
+		},
+		GoTypes:           file_envoy_type_tracing_v2_custom_tag_proto_goTypes,
+		DependencyIndexes: file_envoy_type_tracing_v2_custom_tag_proto_depIdxs,
+		MessageInfos:      file_envoy_type_tracing_v2_custom_tag_proto_msgTypes,
+	}.Build()
+	File_envoy_type_tracing_v2_custom_tag_proto = out.File
+	file_envoy_type_tracing_v2_custom_tag_proto_rawDesc = nil
+	file_envoy_type_tracing_v2_custom_tag_proto_goTypes = nil
+	file_envoy_type_tracing_v2_custom_tag_proto_depIdxs = nil
+}
diff --git a/vendor/github.com/envoyproxy/go-control-plane/envoy/type/tracing/v2/custom_tag.pb.validate.go b/vendor/github.com/envoyproxy/go-control-plane/envoy/type/tracing/v2/custom_tag.pb.validate.go
new file mode 100644
index 00000000000..cb38209aa19
--- /dev/null
+++ b/vendor/github.com/envoyproxy/go-control-plane/envoy/type/tracing/v2/custom_tag.pb.validate.go
@@ -0,0 +1,795 @@
+// Code generated by protoc-gen-validate. DO NOT EDIT.
+// source: envoy/type/tracing/v2/custom_tag.proto
+
+package envoy_type_tracing_v2
+
+import (
+	"bytes"
+	"errors"
+	"fmt"
+	"net"
+	"net/mail"
+	"net/url"
+	"regexp"
+	"sort"
+	"strings"
+	"time"
+	"unicode/utf8"
+
+	"google.golang.org/protobuf/types/known/anypb"
+)
+
+// ensure the imports are used
+var (
+	_ = bytes.MinRead
+	_ = errors.New("")
+	_ = fmt.Print
+	_ = utf8.UTFMax
+	_ = (*regexp.Regexp)(nil)
+	_ = (*strings.Reader)(nil)
+	_ = net.IPv4len
+	_ = time.Duration(0)
+	_ = (*url.URL)(nil)
+	_ = (*mail.Address)(nil)
+	_ = anypb.Any{}
+	_ = sort.Sort
+)
+
+// Validate checks the field values on CustomTag with the rules defined in the
+// proto definition for this message. If any rules are violated, the first
+// error encountered is returned, or nil if there are no violations.
+func (m *CustomTag) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on CustomTag with the rules defined in
+// the proto definition for this message. If any rules are violated, the
+// result is a list of violation errors wrapped in CustomTagMultiError, or nil
+// if none found.
+func (m *CustomTag) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *CustomTag) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	if len(m.GetTag()) < 1 {
+		err := CustomTagValidationError{
+			field:  "Tag",
+			reason: "value length must be at least 1 bytes",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+	}
+
+	switch m.Type.(type) {
+
+	case *CustomTag_Literal_:
+
+		if all {
+			switch v := interface{}(m.GetLiteral()).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, CustomTagValidationError{
+						field:  "Literal",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, CustomTagValidationError{
+						field:  "Literal",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(m.GetLiteral()).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return CustomTagValidationError{
+					field:  "Literal",
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	case *CustomTag_Environment_:
+
+		if all {
+			switch v := interface{}(m.GetEnvironment()).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, CustomTagValidationError{
+						field:  "Environment",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, CustomTagValidationError{
+						field:  "Environment",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(m.GetEnvironment()).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return CustomTagValidationError{
+					field:  "Environment",
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	case *CustomTag_RequestHeader:
+
+		if all {
+			switch v := interface{}(m.GetRequestHeader()).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, CustomTagValidationError{
+						field:  "RequestHeader",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, CustomTagValidationError{
+						field:  "RequestHeader",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(m.GetRequestHeader()).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return CustomTagValidationError{
+					field:  "RequestHeader",
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	case *CustomTag_Metadata_:
+
+		if all {
+			switch v := interface{}(m.GetMetadata()).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, CustomTagValidationError{
+						field:  "Metadata",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, CustomTagValidationError{
+						field:  "Metadata",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(m.GetMetadata()).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return CustomTagValidationError{
+					field:  "Metadata",
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	default:
+		err := CustomTagValidationError{
+			field:  "Type",
+			reason: "value is required",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+
+	}
+
+	if len(errors) > 0 {
+		return CustomTagMultiError(errors)
+	}
+	return nil
+}
+
+// CustomTagMultiError is an error wrapping multiple validation errors returned
+// by CustomTag.ValidateAll() if the designated constraints aren't met.
+type CustomTagMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m CustomTagMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m CustomTagMultiError) AllErrors() []error { return m }
+
+// CustomTagValidationError is the validation error returned by
+// CustomTag.Validate if the designated constraints aren't met.
+type CustomTagValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e CustomTagValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e CustomTagValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e CustomTagValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e CustomTagValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e CustomTagValidationError) ErrorName() string { return "CustomTagValidationError" }
+
+// Error satisfies the builtin error interface
+func (e CustomTagValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sCustomTag.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = CustomTagValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = CustomTagValidationError{}
+
+// Validate checks the field values on CustomTag_Literal with the rules defined
+// in the proto definition for this message. If any rules are violated, the
+// first error encountered is returned, or nil if there are no violations.
+func (m *CustomTag_Literal) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on CustomTag_Literal with the rules
+// defined in the proto definition for this message. If any rules are
+// violated, the result is a list of violation errors wrapped in
+// CustomTag_LiteralMultiError, or nil if none found.
+func (m *CustomTag_Literal) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *CustomTag_Literal) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	if len(m.GetValue()) < 1 {
+		err := CustomTag_LiteralValidationError{
+			field:  "Value",
+			reason: "value length must be at least 1 bytes",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+	}
+
+	if len(errors) > 0 {
+		return CustomTag_LiteralMultiError(errors)
+	}
+	return nil
+}
+
+// CustomTag_LiteralMultiError is an error wrapping multiple validation errors
+// returned by CustomTag_Literal.ValidateAll() if the designated constraints
+// aren't met.
+type CustomTag_LiteralMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m CustomTag_LiteralMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m CustomTag_LiteralMultiError) AllErrors() []error { return m }
+
+// CustomTag_LiteralValidationError is the validation error returned by
+// CustomTag_Literal.Validate if the designated constraints aren't met.
+type CustomTag_LiteralValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e CustomTag_LiteralValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e CustomTag_LiteralValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e CustomTag_LiteralValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e CustomTag_LiteralValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e CustomTag_LiteralValidationError) ErrorName() string {
+	return "CustomTag_LiteralValidationError"
+}
+
+// Error satisfies the builtin error interface
+func (e CustomTag_LiteralValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sCustomTag_Literal.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = CustomTag_LiteralValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = CustomTag_LiteralValidationError{}
+
+// Validate checks the field values on CustomTag_Environment with the rules
+// defined in the proto definition for this message. If any rules are
+// violated, the first error encountered is returned, or nil if there are no violations.
+func (m *CustomTag_Environment) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on CustomTag_Environment with the rules
+// defined in the proto definition for this message. If any rules are
+// violated, the result is a list of violation errors wrapped in
+// CustomTag_EnvironmentMultiError, or nil if none found.
+func (m *CustomTag_Environment) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *CustomTag_Environment) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	if len(m.GetName()) < 1 {
+		err := CustomTag_EnvironmentValidationError{
+			field:  "Name",
+			reason: "value length must be at least 1 bytes",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+	}
+
+	// no validation rules for DefaultValue
+
+	if len(errors) > 0 {
+		return CustomTag_EnvironmentMultiError(errors)
+	}
+	return nil
+}
+
+// CustomTag_EnvironmentMultiError is an error wrapping multiple validation
+// errors returned by CustomTag_Environment.ValidateAll() if the designated
+// constraints aren't met.
+type CustomTag_EnvironmentMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m CustomTag_EnvironmentMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m CustomTag_EnvironmentMultiError) AllErrors() []error { return m }
+
+// CustomTag_EnvironmentValidationError is the validation error returned by
+// CustomTag_Environment.Validate if the designated constraints aren't met.
+type CustomTag_EnvironmentValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e CustomTag_EnvironmentValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e CustomTag_EnvironmentValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e CustomTag_EnvironmentValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e CustomTag_EnvironmentValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e CustomTag_EnvironmentValidationError) ErrorName() string {
+	return "CustomTag_EnvironmentValidationError"
+}
+
+// Error satisfies the builtin error interface
+func (e CustomTag_EnvironmentValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sCustomTag_Environment.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = CustomTag_EnvironmentValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = CustomTag_EnvironmentValidationError{}
+
+// Validate checks the field values on CustomTag_Header with the rules defined
+// in the proto definition for this message. If any rules are violated, the
+// first error encountered is returned, or nil if there are no violations.
+func (m *CustomTag_Header) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on CustomTag_Header with the rules
+// defined in the proto definition for this message. If any rules are
+// violated, the result is a list of violation errors wrapped in
+// CustomTag_HeaderMultiError, or nil if none found.
+func (m *CustomTag_Header) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *CustomTag_Header) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	if len(m.GetName()) < 1 {
+		err := CustomTag_HeaderValidationError{
+			field:  "Name",
+			reason: "value length must be at least 1 bytes",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+	}
+
+	if !_CustomTag_Header_Name_Pattern.MatchString(m.GetName()) {
+		err := CustomTag_HeaderValidationError{
+			field:  "Name",
+			reason: "value does not match regex pattern \"^[^\\x00\\n\\r]*$\"",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+	}
+
+	// no validation rules for DefaultValue
+
+	if len(errors) > 0 {
+		return CustomTag_HeaderMultiError(errors)
+	}
+	return nil
+}
+
+// CustomTag_HeaderMultiError is an error wrapping multiple validation errors
+// returned by CustomTag_Header.ValidateAll() if the designated constraints
+// aren't met.
+type CustomTag_HeaderMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m CustomTag_HeaderMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m CustomTag_HeaderMultiError) AllErrors() []error { return m }
+
+// CustomTag_HeaderValidationError is the validation error returned by
+// CustomTag_Header.Validate if the designated constraints aren't met.
+type CustomTag_HeaderValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e CustomTag_HeaderValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e CustomTag_HeaderValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e CustomTag_HeaderValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e CustomTag_HeaderValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e CustomTag_HeaderValidationError) ErrorName() string { return "CustomTag_HeaderValidationError" }
+
+// Error satisfies the builtin error interface
+func (e CustomTag_HeaderValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sCustomTag_Header.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = CustomTag_HeaderValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = CustomTag_HeaderValidationError{}
+
+var _CustomTag_Header_Name_Pattern = regexp.MustCompile("^[^\x00\n\r]*$")
+
+// Validate checks the field values on CustomTag_Metadata with the rules
+// defined in the proto definition for this message. If any rules are
+// violated, the first error encountered is returned, or nil if there are no violations.
+func (m *CustomTag_Metadata) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on CustomTag_Metadata with the rules
+// defined in the proto definition for this message. If any rules are
+// violated, the result is a list of violation errors wrapped in
+// CustomTag_MetadataMultiError, or nil if none found.
+func (m *CustomTag_Metadata) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *CustomTag_Metadata) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	if all {
+		switch v := interface{}(m.GetKind()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, CustomTag_MetadataValidationError{
+					field:  "Kind",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, CustomTag_MetadataValidationError{
+					field:  "Kind",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetKind()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return CustomTag_MetadataValidationError{
+				field:  "Kind",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if all {
+		switch v := interface{}(m.GetMetadataKey()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, CustomTag_MetadataValidationError{
+					field:  "MetadataKey",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, CustomTag_MetadataValidationError{
+					field:  "MetadataKey",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetMetadataKey()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return CustomTag_MetadataValidationError{
+				field:  "MetadataKey",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	// no validation rules for DefaultValue
+
+	if len(errors) > 0 {
+		return CustomTag_MetadataMultiError(errors)
+	}
+	return nil
+}
+
+// CustomTag_MetadataMultiError is an error wrapping multiple validation errors
+// returned by CustomTag_Metadata.ValidateAll() if the designated constraints
+// aren't met.
+type CustomTag_MetadataMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m CustomTag_MetadataMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m CustomTag_MetadataMultiError) AllErrors() []error { return m }
+
+// CustomTag_MetadataValidationError is the validation error returned by
+// CustomTag_Metadata.Validate if the designated constraints aren't met.
+type CustomTag_MetadataValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e CustomTag_MetadataValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e CustomTag_MetadataValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e CustomTag_MetadataValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e CustomTag_MetadataValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e CustomTag_MetadataValidationError) ErrorName() string {
+	return "CustomTag_MetadataValidationError"
+}
+
+// Error satisfies the builtin error interface
+func (e CustomTag_MetadataValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sCustomTag_Metadata.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = CustomTag_MetadataValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = CustomTag_MetadataValidationError{}
diff --git a/vendor/github.com/envoyproxy/go-control-plane/envoy/type/tracing/v3/custom_tag.pb.go b/vendor/github.com/envoyproxy/go-control-plane/envoy/type/tracing/v3/custom_tag.pb.go
new file mode 100644
index 00000000000..f6ae9786a94
--- /dev/null
+++ b/vendor/github.com/envoyproxy/go-control-plane/envoy/type/tracing/v3/custom_tag.pb.go
@@ -0,0 +1,609 @@
+// Code generated by protoc-gen-go. DO NOT EDIT.
+// versions:
+// 	protoc-gen-go v1.25.0
+// 	protoc        v3.19.1
+// source: envoy/type/tracing/v3/custom_tag.proto
+
+package envoy_type_tracing_v3
+
+import (
+	_ "github.com/cncf/xds/go/udpa/annotations"
+	v3 "github.com/envoyproxy/go-control-plane/envoy/type/metadata/v3"
+	_ "github.com/envoyproxy/protoc-gen-validate/validate"
+	proto "github.com/golang/protobuf/proto"
+	protoreflect "google.golang.org/protobuf/reflect/protoreflect"
+	protoimpl "google.golang.org/protobuf/runtime/protoimpl"
+	reflect "reflect"
+	sync "sync"
+)
+
+const (
+	// Verify that this generated code is sufficiently up-to-date.
+	_ = protoimpl.EnforceVersion(20 - protoimpl.MinVersion)
+	// Verify that runtime/protoimpl is sufficiently up-to-date.
+	_ = protoimpl.EnforceVersion(protoimpl.MaxVersion - 20)
+)
+
+// This is a compile-time assertion that a sufficiently up-to-date version
+// of the legacy proto package is being used.
+const _ = proto.ProtoPackageIsVersion4
+
+// Describes custom tags for the active span.
+// [#next-free-field: 6]
+type CustomTag struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// Used to populate the tag name.
+	Tag string `protobuf:"bytes,1,opt,name=tag,proto3" json:"tag,omitempty"`
+	// Used to specify what kind of custom tag.
+	//
+	// Types that are assignable to Type:
+	//	*CustomTag_Literal_
+	//	*CustomTag_Environment_
+	//	*CustomTag_RequestHeader
+	//	*CustomTag_Metadata_
+	Type isCustomTag_Type `protobuf_oneof:"type"`
+}
+
+func (x *CustomTag) Reset() {
+	*x = CustomTag{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_type_tracing_v3_custom_tag_proto_msgTypes[0]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *CustomTag) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*CustomTag) ProtoMessage() {}
+
+func (x *CustomTag) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_type_tracing_v3_custom_tag_proto_msgTypes[0]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use CustomTag.ProtoReflect.Descriptor instead.
+func (*CustomTag) Descriptor() ([]byte, []int) {
+	return file_envoy_type_tracing_v3_custom_tag_proto_rawDescGZIP(), []int{0}
+}
+
+func (x *CustomTag) GetTag() string {
+	if x != nil {
+		return x.Tag
+	}
+	return ""
+}
+
+func (m *CustomTag) GetType() isCustomTag_Type {
+	if m != nil {
+		return m.Type
+	}
+	return nil
+}
+
+func (x *CustomTag) GetLiteral() *CustomTag_Literal {
+	if x, ok := x.GetType().(*CustomTag_Literal_); ok {
+		return x.Literal
+	}
+	return nil
+}
+
+func (x *CustomTag) GetEnvironment() *CustomTag_Environment {
+	if x, ok := x.GetType().(*CustomTag_Environment_); ok {
+		return x.Environment
+	}
+	return nil
+}
+
+func (x *CustomTag) GetRequestHeader() *CustomTag_Header {
+	if x, ok := x.GetType().(*CustomTag_RequestHeader); ok {
+		return x.RequestHeader
+	}
+	return nil
+}
+
+func (x *CustomTag) GetMetadata() *CustomTag_Metadata {
+	if x, ok := x.GetType().(*CustomTag_Metadata_); ok {
+		return x.Metadata
+	}
+	return nil
+}
+
+type isCustomTag_Type interface {
+	isCustomTag_Type()
+}
+
+type CustomTag_Literal_ struct {
+	// A literal custom tag.
+	Literal *CustomTag_Literal `protobuf:"bytes,2,opt,name=literal,proto3,oneof"`
+}
+
+type CustomTag_Environment_ struct {
+	// An environment custom tag.
+	Environment *CustomTag_Environment `protobuf:"bytes,3,opt,name=environment,proto3,oneof"`
+}
+
+type CustomTag_RequestHeader struct {
+	// A request header custom tag.
+	RequestHeader *CustomTag_Header `protobuf:"bytes,4,opt,name=request_header,json=requestHeader,proto3,oneof"`
+}
+
+type CustomTag_Metadata_ struct {
+	// A custom tag to obtain tag value from the metadata.
+	Metadata *CustomTag_Metadata `protobuf:"bytes,5,opt,name=metadata,proto3,oneof"`
+}
+
+func (*CustomTag_Literal_) isCustomTag_Type() {}
+
+func (*CustomTag_Environment_) isCustomTag_Type() {}
+
+func (*CustomTag_RequestHeader) isCustomTag_Type() {}
+
+func (*CustomTag_Metadata_) isCustomTag_Type() {}
+
+// Literal type custom tag with static value for the tag value.
+type CustomTag_Literal struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// Static literal value to populate the tag value.
+	Value string `protobuf:"bytes,1,opt,name=value,proto3" json:"value,omitempty"`
+}
+
+func (x *CustomTag_Literal) Reset() {
+	*x = CustomTag_Literal{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_type_tracing_v3_custom_tag_proto_msgTypes[1]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *CustomTag_Literal) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*CustomTag_Literal) ProtoMessage() {}
+
+func (x *CustomTag_Literal) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_type_tracing_v3_custom_tag_proto_msgTypes[1]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use CustomTag_Literal.ProtoReflect.Descriptor instead.
+func (*CustomTag_Literal) Descriptor() ([]byte, []int) {
+	return file_envoy_type_tracing_v3_custom_tag_proto_rawDescGZIP(), []int{0, 0}
+}
+
+func (x *CustomTag_Literal) GetValue() string {
+	if x != nil {
+		return x.Value
+	}
+	return ""
+}
+
+// Environment type custom tag with environment name and default value.
+type CustomTag_Environment struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// Environment variable name to obtain the value to populate the tag value.
+	Name string `protobuf:"bytes,1,opt,name=name,proto3" json:"name,omitempty"`
+	// When the environment variable is not found,
+	// the tag value will be populated with this default value if specified,
+	// otherwise no tag will be populated.
+	DefaultValue string `protobuf:"bytes,2,opt,name=default_value,json=defaultValue,proto3" json:"default_value,omitempty"`
+}
+
+func (x *CustomTag_Environment) Reset() {
+	*x = CustomTag_Environment{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_type_tracing_v3_custom_tag_proto_msgTypes[2]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *CustomTag_Environment) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*CustomTag_Environment) ProtoMessage() {}
+
+func (x *CustomTag_Environment) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_type_tracing_v3_custom_tag_proto_msgTypes[2]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use CustomTag_Environment.ProtoReflect.Descriptor instead.
+func (*CustomTag_Environment) Descriptor() ([]byte, []int) {
+	return file_envoy_type_tracing_v3_custom_tag_proto_rawDescGZIP(), []int{0, 1}
+}
+
+func (x *CustomTag_Environment) GetName() string {
+	if x != nil {
+		return x.Name
+	}
+	return ""
+}
+
+func (x *CustomTag_Environment) GetDefaultValue() string {
+	if x != nil {
+		return x.DefaultValue
+	}
+	return ""
+}
+
+// Header type custom tag with header name and default value.
+type CustomTag_Header struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// Header name to obtain the value to populate the tag value.
+	Name string `protobuf:"bytes,1,opt,name=name,proto3" json:"name,omitempty"`
+	// When the header does not exist,
+	// the tag value will be populated with this default value if specified,
+	// otherwise no tag will be populated.
+	DefaultValue string `protobuf:"bytes,2,opt,name=default_value,json=defaultValue,proto3" json:"default_value,omitempty"`
+}
+
+func (x *CustomTag_Header) Reset() {
+	*x = CustomTag_Header{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_type_tracing_v3_custom_tag_proto_msgTypes[3]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *CustomTag_Header) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*CustomTag_Header) ProtoMessage() {}
+
+func (x *CustomTag_Header) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_type_tracing_v3_custom_tag_proto_msgTypes[3]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use CustomTag_Header.ProtoReflect.Descriptor instead.
+func (*CustomTag_Header) Descriptor() ([]byte, []int) {
+	return file_envoy_type_tracing_v3_custom_tag_proto_rawDescGZIP(), []int{0, 2}
+}
+
+func (x *CustomTag_Header) GetName() string {
+	if x != nil {
+		return x.Name
+	}
+	return ""
+}
+
+func (x *CustomTag_Header) GetDefaultValue() string {
+	if x != nil {
+		return x.DefaultValue
+	}
+	return ""
+}
+
+// Metadata type custom tag using
+// :ref:`MetadataKey <envoy_v3_api_msg_type.metadata.v3.MetadataKey>` to retrieve the protobuf value
+// from :ref:`Metadata <envoy_v3_api_msg_config.core.v3.Metadata>`, and populate the tag value with
+// `the canonical JSON <https://developers.google.com/protocol-buffers/docs/proto3#json>`_
+// representation of it.
+type CustomTag_Metadata struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// Specify what kind of metadata to obtain tag value from.
+	Kind *v3.MetadataKind `protobuf:"bytes,1,opt,name=kind,proto3" json:"kind,omitempty"`
+	// Metadata key to define the path to retrieve the tag value.
+	MetadataKey *v3.MetadataKey `protobuf:"bytes,2,opt,name=metadata_key,json=metadataKey,proto3" json:"metadata_key,omitempty"`
+	// When no valid metadata is found,
+	// the tag value would be populated with this default value if specified,
+	// otherwise no tag would be populated.
+	DefaultValue string `protobuf:"bytes,3,opt,name=default_value,json=defaultValue,proto3" json:"default_value,omitempty"`
+}
+
+func (x *CustomTag_Metadata) Reset() {
+	*x = CustomTag_Metadata{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_type_tracing_v3_custom_tag_proto_msgTypes[4]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *CustomTag_Metadata) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*CustomTag_Metadata) ProtoMessage() {}
+
+func (x *CustomTag_Metadata) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_type_tracing_v3_custom_tag_proto_msgTypes[4]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use CustomTag_Metadata.ProtoReflect.Descriptor instead.
+func (*CustomTag_Metadata) Descriptor() ([]byte, []int) {
+	return file_envoy_type_tracing_v3_custom_tag_proto_rawDescGZIP(), []int{0, 3}
+}
+
+func (x *CustomTag_Metadata) GetKind() *v3.MetadataKind {
+	if x != nil {
+		return x.Kind
+	}
+	return nil
+}
+
+func (x *CustomTag_Metadata) GetMetadataKey() *v3.MetadataKey {
+	if x != nil {
+		return x.MetadataKey
+	}
+	return nil
+}
+
+func (x *CustomTag_Metadata) GetDefaultValue() string {
+	if x != nil {
+		return x.DefaultValue
+	}
+	return ""
+}
+
+var File_envoy_type_tracing_v3_custom_tag_proto protoreflect.FileDescriptor
+
+var file_envoy_type_tracing_v3_custom_tag_proto_rawDesc = []byte{
+	0x0a, 0x26, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2f, 0x74, 0x79, 0x70, 0x65, 0x2f, 0x74, 0x72, 0x61,
+	0x63, 0x69, 0x6e, 0x67, 0x2f, 0x76, 0x33, 0x2f, 0x63, 0x75, 0x73, 0x74, 0x6f, 0x6d, 0x5f, 0x74,
+	0x61, 0x67, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x12, 0x15, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e,
+	0x74, 0x79, 0x70, 0x65, 0x2e, 0x74, 0x72, 0x61, 0x63, 0x69, 0x6e, 0x67, 0x2e, 0x76, 0x33, 0x1a,
+	0x25, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2f, 0x74, 0x79, 0x70, 0x65, 0x2f, 0x6d, 0x65, 0x74, 0x61,
+	0x64, 0x61, 0x74, 0x61, 0x2f, 0x76, 0x33, 0x2f, 0x6d, 0x65, 0x74, 0x61, 0x64, 0x61, 0x74, 0x61,
+	0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x1d, 0x75, 0x64, 0x70, 0x61, 0x2f, 0x61, 0x6e, 0x6e,
+	0x6f, 0x74, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x2f, 0x73, 0x74, 0x61, 0x74, 0x75, 0x73, 0x2e,
+	0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x21, 0x75, 0x64, 0x70, 0x61, 0x2f, 0x61, 0x6e, 0x6e, 0x6f,
+	0x74, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x2f, 0x76, 0x65, 0x72, 0x73, 0x69, 0x6f, 0x6e, 0x69,
+	0x6e, 0x67, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x17, 0x76, 0x61, 0x6c, 0x69, 0x64, 0x61,
+	0x74, 0x65, 0x2f, 0x76, 0x61, 0x6c, 0x69, 0x64, 0x61, 0x74, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74,
+	0x6f, 0x22, 0xd4, 0x07, 0x0a, 0x09, 0x43, 0x75, 0x73, 0x74, 0x6f, 0x6d, 0x54, 0x61, 0x67, 0x12,
+	0x19, 0x0a, 0x03, 0x74, 0x61, 0x67, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x42, 0x07, 0xfa, 0x42,
+	0x04, 0x72, 0x02, 0x10, 0x01, 0x52, 0x03, 0x74, 0x61, 0x67, 0x12, 0x44, 0x0a, 0x07, 0x6c, 0x69,
+	0x74, 0x65, 0x72, 0x61, 0x6c, 0x18, 0x02, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x28, 0x2e, 0x65, 0x6e,
+	0x76, 0x6f, 0x79, 0x2e, 0x74, 0x79, 0x70, 0x65, 0x2e, 0x74, 0x72, 0x61, 0x63, 0x69, 0x6e, 0x67,
+	0x2e, 0x76, 0x33, 0x2e, 0x43, 0x75, 0x73, 0x74, 0x6f, 0x6d, 0x54, 0x61, 0x67, 0x2e, 0x4c, 0x69,
+	0x74, 0x65, 0x72, 0x61, 0x6c, 0x48, 0x00, 0x52, 0x07, 0x6c, 0x69, 0x74, 0x65, 0x72, 0x61, 0x6c,
+	0x12, 0x50, 0x0a, 0x0b, 0x65, 0x6e, 0x76, 0x69, 0x72, 0x6f, 0x6e, 0x6d, 0x65, 0x6e, 0x74, 0x18,
+	0x03, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x2c, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x74, 0x79,
+	0x70, 0x65, 0x2e, 0x74, 0x72, 0x61, 0x63, 0x69, 0x6e, 0x67, 0x2e, 0x76, 0x33, 0x2e, 0x43, 0x75,
+	0x73, 0x74, 0x6f, 0x6d, 0x54, 0x61, 0x67, 0x2e, 0x45, 0x6e, 0x76, 0x69, 0x72, 0x6f, 0x6e, 0x6d,
+	0x65, 0x6e, 0x74, 0x48, 0x00, 0x52, 0x0b, 0x65, 0x6e, 0x76, 0x69, 0x72, 0x6f, 0x6e, 0x6d, 0x65,
+	0x6e, 0x74, 0x12, 0x50, 0x0a, 0x0e, 0x72, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x5f, 0x68, 0x65,
+	0x61, 0x64, 0x65, 0x72, 0x18, 0x04, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x27, 0x2e, 0x65, 0x6e, 0x76,
+	0x6f, 0x79, 0x2e, 0x74, 0x79, 0x70, 0x65, 0x2e, 0x74, 0x72, 0x61, 0x63, 0x69, 0x6e, 0x67, 0x2e,
+	0x76, 0x33, 0x2e, 0x43, 0x75, 0x73, 0x74, 0x6f, 0x6d, 0x54, 0x61, 0x67, 0x2e, 0x48, 0x65, 0x61,
+	0x64, 0x65, 0x72, 0x48, 0x00, 0x52, 0x0d, 0x72, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x48, 0x65,
+	0x61, 0x64, 0x65, 0x72, 0x12, 0x47, 0x0a, 0x08, 0x6d, 0x65, 0x74, 0x61, 0x64, 0x61, 0x74, 0x61,
+	0x18, 0x05, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x29, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x74,
+	0x79, 0x70, 0x65, 0x2e, 0x74, 0x72, 0x61, 0x63, 0x69, 0x6e, 0x67, 0x2e, 0x76, 0x33, 0x2e, 0x43,
+	0x75, 0x73, 0x74, 0x6f, 0x6d, 0x54, 0x61, 0x67, 0x2e, 0x4d, 0x65, 0x74, 0x61, 0x64, 0x61, 0x74,
+	0x61, 0x48, 0x00, 0x52, 0x08, 0x6d, 0x65, 0x74, 0x61, 0x64, 0x61, 0x74, 0x61, 0x1a, 0x58, 0x0a,
+	0x07, 0x4c, 0x69, 0x74, 0x65, 0x72, 0x61, 0x6c, 0x12, 0x1d, 0x0a, 0x05, 0x76, 0x61, 0x6c, 0x75,
+	0x65, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x42, 0x07, 0xfa, 0x42, 0x04, 0x72, 0x02, 0x10, 0x01,
+	0x52, 0x05, 0x76, 0x61, 0x6c, 0x75, 0x65, 0x3a, 0x2e, 0x9a, 0xc5, 0x88, 0x1e, 0x29, 0x0a, 0x27,
+	0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x74, 0x79, 0x70, 0x65, 0x2e, 0x74, 0x72, 0x61, 0x63, 0x69,
+	0x6e, 0x67, 0x2e, 0x76, 0x32, 0x2e, 0x43, 0x75, 0x73, 0x74, 0x6f, 0x6d, 0x54, 0x61, 0x67, 0x2e,
+	0x4c, 0x69, 0x74, 0x65, 0x72, 0x61, 0x6c, 0x1a, 0x83, 0x01, 0x0a, 0x0b, 0x45, 0x6e, 0x76, 0x69,
+	0x72, 0x6f, 0x6e, 0x6d, 0x65, 0x6e, 0x74, 0x12, 0x1b, 0x0a, 0x04, 0x6e, 0x61, 0x6d, 0x65, 0x18,
+	0x01, 0x20, 0x01, 0x28, 0x09, 0x42, 0x07, 0xfa, 0x42, 0x04, 0x72, 0x02, 0x10, 0x01, 0x52, 0x04,
+	0x6e, 0x61, 0x6d, 0x65, 0x12, 0x23, 0x0a, 0x0d, 0x64, 0x65, 0x66, 0x61, 0x75, 0x6c, 0x74, 0x5f,
+	0x76, 0x61, 0x6c, 0x75, 0x65, 0x18, 0x02, 0x20, 0x01, 0x28, 0x09, 0x52, 0x0c, 0x64, 0x65, 0x66,
+	0x61, 0x75, 0x6c, 0x74, 0x56, 0x61, 0x6c, 0x75, 0x65, 0x3a, 0x32, 0x9a, 0xc5, 0x88, 0x1e, 0x2d,
+	0x0a, 0x2b, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x74, 0x79, 0x70, 0x65, 0x2e, 0x74, 0x72, 0x61,
+	0x63, 0x69, 0x6e, 0x67, 0x2e, 0x76, 0x32, 0x2e, 0x43, 0x75, 0x73, 0x74, 0x6f, 0x6d, 0x54, 0x61,
+	0x67, 0x2e, 0x45, 0x6e, 0x76, 0x69, 0x72, 0x6f, 0x6e, 0x6d, 0x65, 0x6e, 0x74, 0x1a, 0x7f, 0x0a,
+	0x06, 0x48, 0x65, 0x61, 0x64, 0x65, 0x72, 0x12, 0x21, 0x0a, 0x04, 0x6e, 0x61, 0x6d, 0x65, 0x18,
+	0x01, 0x20, 0x01, 0x28, 0x09, 0x42, 0x0d, 0xfa, 0x42, 0x0a, 0x72, 0x08, 0x10, 0x01, 0xc0, 0x01,
+	0x01, 0xc8, 0x01, 0x00, 0x52, 0x04, 0x6e, 0x61, 0x6d, 0x65, 0x12, 0x23, 0x0a, 0x0d, 0x64, 0x65,
+	0x66, 0x61, 0x75, 0x6c, 0x74, 0x5f, 0x76, 0x61, 0x6c, 0x75, 0x65, 0x18, 0x02, 0x20, 0x01, 0x28,
+	0x09, 0x52, 0x0c, 0x64, 0x65, 0x66, 0x61, 0x75, 0x6c, 0x74, 0x56, 0x61, 0x6c, 0x75, 0x65, 0x3a,
+	0x2d, 0x9a, 0xc5, 0x88, 0x1e, 0x28, 0x0a, 0x26, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x74, 0x79,
+	0x70, 0x65, 0x2e, 0x74, 0x72, 0x61, 0x63, 0x69, 0x6e, 0x67, 0x2e, 0x76, 0x32, 0x2e, 0x43, 0x75,
+	0x73, 0x74, 0x6f, 0x6d, 0x54, 0x61, 0x67, 0x2e, 0x48, 0x65, 0x61, 0x64, 0x65, 0x72, 0x1a, 0xe2,
+	0x01, 0x0a, 0x08, 0x4d, 0x65, 0x74, 0x61, 0x64, 0x61, 0x74, 0x61, 0x12, 0x38, 0x0a, 0x04, 0x6b,
+	0x69, 0x6e, 0x64, 0x18, 0x01, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x24, 0x2e, 0x65, 0x6e, 0x76, 0x6f,
+	0x79, 0x2e, 0x74, 0x79, 0x70, 0x65, 0x2e, 0x6d, 0x65, 0x74, 0x61, 0x64, 0x61, 0x74, 0x61, 0x2e,
+	0x76, 0x33, 0x2e, 0x4d, 0x65, 0x74, 0x61, 0x64, 0x61, 0x74, 0x61, 0x4b, 0x69, 0x6e, 0x64, 0x52,
+	0x04, 0x6b, 0x69, 0x6e, 0x64, 0x12, 0x46, 0x0a, 0x0c, 0x6d, 0x65, 0x74, 0x61, 0x64, 0x61, 0x74,
+	0x61, 0x5f, 0x6b, 0x65, 0x79, 0x18, 0x02, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x23, 0x2e, 0x65, 0x6e,
+	0x76, 0x6f, 0x79, 0x2e, 0x74, 0x79, 0x70, 0x65, 0x2e, 0x6d, 0x65, 0x74, 0x61, 0x64, 0x61, 0x74,
+	0x61, 0x2e, 0x76, 0x33, 0x2e, 0x4d, 0x65, 0x74, 0x61, 0x64, 0x61, 0x74, 0x61, 0x4b, 0x65, 0x79,
+	0x52, 0x0b, 0x6d, 0x65, 0x74, 0x61, 0x64, 0x61, 0x74, 0x61, 0x4b, 0x65, 0x79, 0x12, 0x23, 0x0a,
+	0x0d, 0x64, 0x65, 0x66, 0x61, 0x75, 0x6c, 0x74, 0x5f, 0x76, 0x61, 0x6c, 0x75, 0x65, 0x18, 0x03,
+	0x20, 0x01, 0x28, 0x09, 0x52, 0x0c, 0x64, 0x65, 0x66, 0x61, 0x75, 0x6c, 0x74, 0x56, 0x61, 0x6c,
+	0x75, 0x65, 0x3a, 0x2f, 0x9a, 0xc5, 0x88, 0x1e, 0x2a, 0x0a, 0x28, 0x65, 0x6e, 0x76, 0x6f, 0x79,
+	0x2e, 0x74, 0x79, 0x70, 0x65, 0x2e, 0x74, 0x72, 0x61, 0x63, 0x69, 0x6e, 0x67, 0x2e, 0x76, 0x32,
+	0x2e, 0x43, 0x75, 0x73, 0x74, 0x6f, 0x6d, 0x54, 0x61, 0x67, 0x2e, 0x4d, 0x65, 0x74, 0x61, 0x64,
+	0x61, 0x74, 0x61, 0x3a, 0x26, 0x9a, 0xc5, 0x88, 0x1e, 0x21, 0x0a, 0x1f, 0x65, 0x6e, 0x76, 0x6f,
+	0x79, 0x2e, 0x74, 0x79, 0x70, 0x65, 0x2e, 0x74, 0x72, 0x61, 0x63, 0x69, 0x6e, 0x67, 0x2e, 0x76,
+	0x32, 0x2e, 0x43, 0x75, 0x73, 0x74, 0x6f, 0x6d, 0x54, 0x61, 0x67, 0x42, 0x0b, 0x0a, 0x04, 0x74,
+	0x79, 0x70, 0x65, 0x12, 0x03, 0xf8, 0x42, 0x01, 0x42, 0x3f, 0x0a, 0x23, 0x69, 0x6f, 0x2e, 0x65,
+	0x6e, 0x76, 0x6f, 0x79, 0x70, 0x72, 0x6f, 0x78, 0x79, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e,
+	0x74, 0x79, 0x70, 0x65, 0x2e, 0x74, 0x72, 0x61, 0x63, 0x69, 0x6e, 0x67, 0x2e, 0x76, 0x33, 0x42,
+	0x0e, 0x43, 0x75, 0x73, 0x74, 0x6f, 0x6d, 0x54, 0x61, 0x67, 0x50, 0x72, 0x6f, 0x74, 0x6f, 0x50,
+	0x01, 0xba, 0x80, 0xc8, 0xd1, 0x06, 0x02, 0x10, 0x02, 0x62, 0x06, 0x70, 0x72, 0x6f, 0x74, 0x6f,
+	0x33,
+}
+
+var (
+	file_envoy_type_tracing_v3_custom_tag_proto_rawDescOnce sync.Once
+	file_envoy_type_tracing_v3_custom_tag_proto_rawDescData = file_envoy_type_tracing_v3_custom_tag_proto_rawDesc
+)
+
+func file_envoy_type_tracing_v3_custom_tag_proto_rawDescGZIP() []byte {
+	file_envoy_type_tracing_v3_custom_tag_proto_rawDescOnce.Do(func() {
+		file_envoy_type_tracing_v3_custom_tag_proto_rawDescData = protoimpl.X.CompressGZIP(file_envoy_type_tracing_v3_custom_tag_proto_rawDescData)
+	})
+	return file_envoy_type_tracing_v3_custom_tag_proto_rawDescData
+}
+
+var file_envoy_type_tracing_v3_custom_tag_proto_msgTypes = make([]protoimpl.MessageInfo, 5)
+var file_envoy_type_tracing_v3_custom_tag_proto_goTypes = []interface{}{
+	(*CustomTag)(nil),             // 0: envoy.type.tracing.v3.CustomTag
+	(*CustomTag_Literal)(nil),     // 1: envoy.type.tracing.v3.CustomTag.Literal
+	(*CustomTag_Environment)(nil), // 2: envoy.type.tracing.v3.CustomTag.Environment
+	(*CustomTag_Header)(nil),      // 3: envoy.type.tracing.v3.CustomTag.Header
+	(*CustomTag_Metadata)(nil),    // 4: envoy.type.tracing.v3.CustomTag.Metadata
+	(*v3.MetadataKind)(nil),       // 5: envoy.type.metadata.v3.MetadataKind
+	(*v3.MetadataKey)(nil),        // 6: envoy.type.metadata.v3.MetadataKey
+}
+var file_envoy_type_tracing_v3_custom_tag_proto_depIdxs = []int32{
+	1, // 0: envoy.type.tracing.v3.CustomTag.literal:type_name -> envoy.type.tracing.v3.CustomTag.Literal
+	2, // 1: envoy.type.tracing.v3.CustomTag.environment:type_name -> envoy.type.tracing.v3.CustomTag.Environment
+	3, // 2: envoy.type.tracing.v3.CustomTag.request_header:type_name -> envoy.type.tracing.v3.CustomTag.Header
+	4, // 3: envoy.type.tracing.v3.CustomTag.metadata:type_name -> envoy.type.tracing.v3.CustomTag.Metadata
+	5, // 4: envoy.type.tracing.v3.CustomTag.Metadata.kind:type_name -> envoy.type.metadata.v3.MetadataKind
+	6, // 5: envoy.type.tracing.v3.CustomTag.Metadata.metadata_key:type_name -> envoy.type.metadata.v3.MetadataKey
+	6, // [6:6] is the sub-list for method output_type
+	6, // [6:6] is the sub-list for method input_type
+	6, // [6:6] is the sub-list for extension type_name
+	6, // [6:6] is the sub-list for extension extendee
+	0, // [0:6] is the sub-list for field type_name
+}
+
+func init() { file_envoy_type_tracing_v3_custom_tag_proto_init() }
+func file_envoy_type_tracing_v3_custom_tag_proto_init() {
+	if File_envoy_type_tracing_v3_custom_tag_proto != nil {
+		return
+	}
+	if !protoimpl.UnsafeEnabled {
+		file_envoy_type_tracing_v3_custom_tag_proto_msgTypes[0].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*CustomTag); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_type_tracing_v3_custom_tag_proto_msgTypes[1].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*CustomTag_Literal); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_type_tracing_v3_custom_tag_proto_msgTypes[2].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*CustomTag_Environment); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_type_tracing_v3_custom_tag_proto_msgTypes[3].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*CustomTag_Header); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_type_tracing_v3_custom_tag_proto_msgTypes[4].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*CustomTag_Metadata); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+	}
+	file_envoy_type_tracing_v3_custom_tag_proto_msgTypes[0].OneofWrappers = []interface{}{
+		(*CustomTag_Literal_)(nil),
+		(*CustomTag_Environment_)(nil),
+		(*CustomTag_RequestHeader)(nil),
+		(*CustomTag_Metadata_)(nil),
+	}
+	type x struct{}
+	out := protoimpl.TypeBuilder{
+		File: protoimpl.DescBuilder{
+			GoPackagePath: reflect.TypeOf(x{}).PkgPath(),
+			RawDescriptor: file_envoy_type_tracing_v3_custom_tag_proto_rawDesc,
+			NumEnums:      0,
+			NumMessages:   5,
+			NumExtensions: 0,
+			NumServices:   0,
+		},
+		GoTypes:           file_envoy_type_tracing_v3_custom_tag_proto_goTypes,
+		DependencyIndexes: file_envoy_type_tracing_v3_custom_tag_proto_depIdxs,
+		MessageInfos:      file_envoy_type_tracing_v3_custom_tag_proto_msgTypes,
+	}.Build()
+	File_envoy_type_tracing_v3_custom_tag_proto = out.File
+	file_envoy_type_tracing_v3_custom_tag_proto_rawDesc = nil
+	file_envoy_type_tracing_v3_custom_tag_proto_goTypes = nil
+	file_envoy_type_tracing_v3_custom_tag_proto_depIdxs = nil
+}
diff --git a/vendor/github.com/envoyproxy/go-control-plane/envoy/type/tracing/v3/custom_tag.pb.validate.go b/vendor/github.com/envoyproxy/go-control-plane/envoy/type/tracing/v3/custom_tag.pb.validate.go
new file mode 100644
index 00000000000..d0f51476b54
--- /dev/null
+++ b/vendor/github.com/envoyproxy/go-control-plane/envoy/type/tracing/v3/custom_tag.pb.validate.go
@@ -0,0 +1,795 @@
+// Code generated by protoc-gen-validate. DO NOT EDIT.
+// source: envoy/type/tracing/v3/custom_tag.proto
+
+package envoy_type_tracing_v3
+
+import (
+	"bytes"
+	"errors"
+	"fmt"
+	"net"
+	"net/mail"
+	"net/url"
+	"regexp"
+	"sort"
+	"strings"
+	"time"
+	"unicode/utf8"
+
+	"google.golang.org/protobuf/types/known/anypb"
+)
+
+// ensure the imports are used
+var (
+	_ = bytes.MinRead
+	_ = errors.New("")
+	_ = fmt.Print
+	_ = utf8.UTFMax
+	_ = (*regexp.Regexp)(nil)
+	_ = (*strings.Reader)(nil)
+	_ = net.IPv4len
+	_ = time.Duration(0)
+	_ = (*url.URL)(nil)
+	_ = (*mail.Address)(nil)
+	_ = anypb.Any{}
+	_ = sort.Sort
+)
+
+// Validate checks the field values on CustomTag with the rules defined in the
+// proto definition for this message. If any rules are violated, the first
+// error encountered is returned, or nil if there are no violations.
+func (m *CustomTag) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on CustomTag with the rules defined in
+// the proto definition for this message. If any rules are violated, the
+// result is a list of violation errors wrapped in CustomTagMultiError, or nil
+// if none found.
+func (m *CustomTag) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *CustomTag) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	if utf8.RuneCountInString(m.GetTag()) < 1 {
+		err := CustomTagValidationError{
+			field:  "Tag",
+			reason: "value length must be at least 1 runes",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+	}
+
+	switch m.Type.(type) {
+
+	case *CustomTag_Literal_:
+
+		if all {
+			switch v := interface{}(m.GetLiteral()).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, CustomTagValidationError{
+						field:  "Literal",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, CustomTagValidationError{
+						field:  "Literal",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(m.GetLiteral()).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return CustomTagValidationError{
+					field:  "Literal",
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	case *CustomTag_Environment_:
+
+		if all {
+			switch v := interface{}(m.GetEnvironment()).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, CustomTagValidationError{
+						field:  "Environment",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, CustomTagValidationError{
+						field:  "Environment",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(m.GetEnvironment()).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return CustomTagValidationError{
+					field:  "Environment",
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	case *CustomTag_RequestHeader:
+
+		if all {
+			switch v := interface{}(m.GetRequestHeader()).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, CustomTagValidationError{
+						field:  "RequestHeader",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, CustomTagValidationError{
+						field:  "RequestHeader",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(m.GetRequestHeader()).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return CustomTagValidationError{
+					field:  "RequestHeader",
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	case *CustomTag_Metadata_:
+
+		if all {
+			switch v := interface{}(m.GetMetadata()).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, CustomTagValidationError{
+						field:  "Metadata",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, CustomTagValidationError{
+						field:  "Metadata",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(m.GetMetadata()).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return CustomTagValidationError{
+					field:  "Metadata",
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	default:
+		err := CustomTagValidationError{
+			field:  "Type",
+			reason: "value is required",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+
+	}
+
+	if len(errors) > 0 {
+		return CustomTagMultiError(errors)
+	}
+	return nil
+}
+
+// CustomTagMultiError is an error wrapping multiple validation errors returned
+// by CustomTag.ValidateAll() if the designated constraints aren't met.
+type CustomTagMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m CustomTagMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m CustomTagMultiError) AllErrors() []error { return m }
+
+// CustomTagValidationError is the validation error returned by
+// CustomTag.Validate if the designated constraints aren't met.
+type CustomTagValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e CustomTagValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e CustomTagValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e CustomTagValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e CustomTagValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e CustomTagValidationError) ErrorName() string { return "CustomTagValidationError" }
+
+// Error satisfies the builtin error interface
+func (e CustomTagValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sCustomTag.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = CustomTagValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = CustomTagValidationError{}
+
+// Validate checks the field values on CustomTag_Literal with the rules defined
+// in the proto definition for this message. If any rules are violated, the
+// first error encountered is returned, or nil if there are no violations.
+func (m *CustomTag_Literal) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on CustomTag_Literal with the rules
+// defined in the proto definition for this message. If any rules are
+// violated, the result is a list of violation errors wrapped in
+// CustomTag_LiteralMultiError, or nil if none found.
+func (m *CustomTag_Literal) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *CustomTag_Literal) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	if utf8.RuneCountInString(m.GetValue()) < 1 {
+		err := CustomTag_LiteralValidationError{
+			field:  "Value",
+			reason: "value length must be at least 1 runes",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+	}
+
+	if len(errors) > 0 {
+		return CustomTag_LiteralMultiError(errors)
+	}
+	return nil
+}
+
+// CustomTag_LiteralMultiError is an error wrapping multiple validation errors
+// returned by CustomTag_Literal.ValidateAll() if the designated constraints
+// aren't met.
+type CustomTag_LiteralMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m CustomTag_LiteralMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m CustomTag_LiteralMultiError) AllErrors() []error { return m }
+
+// CustomTag_LiteralValidationError is the validation error returned by
+// CustomTag_Literal.Validate if the designated constraints aren't met.
+type CustomTag_LiteralValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e CustomTag_LiteralValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e CustomTag_LiteralValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e CustomTag_LiteralValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e CustomTag_LiteralValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e CustomTag_LiteralValidationError) ErrorName() string {
+	return "CustomTag_LiteralValidationError"
+}
+
+// Error satisfies the builtin error interface
+func (e CustomTag_LiteralValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sCustomTag_Literal.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = CustomTag_LiteralValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = CustomTag_LiteralValidationError{}
+
+// Validate checks the field values on CustomTag_Environment with the rules
+// defined in the proto definition for this message. If any rules are
+// violated, the first error encountered is returned, or nil if there are no violations.
+func (m *CustomTag_Environment) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on CustomTag_Environment with the rules
+// defined in the proto definition for this message. If any rules are
+// violated, the result is a list of violation errors wrapped in
+// CustomTag_EnvironmentMultiError, or nil if none found.
+func (m *CustomTag_Environment) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *CustomTag_Environment) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	if utf8.RuneCountInString(m.GetName()) < 1 {
+		err := CustomTag_EnvironmentValidationError{
+			field:  "Name",
+			reason: "value length must be at least 1 runes",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+	}
+
+	// no validation rules for DefaultValue
+
+	if len(errors) > 0 {
+		return CustomTag_EnvironmentMultiError(errors)
+	}
+	return nil
+}
+
+// CustomTag_EnvironmentMultiError is an error wrapping multiple validation
+// errors returned by CustomTag_Environment.ValidateAll() if the designated
+// constraints aren't met.
+type CustomTag_EnvironmentMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m CustomTag_EnvironmentMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m CustomTag_EnvironmentMultiError) AllErrors() []error { return m }
+
+// CustomTag_EnvironmentValidationError is the validation error returned by
+// CustomTag_Environment.Validate if the designated constraints aren't met.
+type CustomTag_EnvironmentValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e CustomTag_EnvironmentValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e CustomTag_EnvironmentValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e CustomTag_EnvironmentValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e CustomTag_EnvironmentValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e CustomTag_EnvironmentValidationError) ErrorName() string {
+	return "CustomTag_EnvironmentValidationError"
+}
+
+// Error satisfies the builtin error interface
+func (e CustomTag_EnvironmentValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sCustomTag_Environment.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = CustomTag_EnvironmentValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = CustomTag_EnvironmentValidationError{}
+
+// Validate checks the field values on CustomTag_Header with the rules defined
+// in the proto definition for this message. If any rules are violated, the
+// first error encountered is returned, or nil if there are no violations.
+func (m *CustomTag_Header) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on CustomTag_Header with the rules
+// defined in the proto definition for this message. If any rules are
+// violated, the result is a list of violation errors wrapped in
+// CustomTag_HeaderMultiError, or nil if none found.
+func (m *CustomTag_Header) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *CustomTag_Header) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	if utf8.RuneCountInString(m.GetName()) < 1 {
+		err := CustomTag_HeaderValidationError{
+			field:  "Name",
+			reason: "value length must be at least 1 runes",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+	}
+
+	if !_CustomTag_Header_Name_Pattern.MatchString(m.GetName()) {
+		err := CustomTag_HeaderValidationError{
+			field:  "Name",
+			reason: "value does not match regex pattern \"^[^\\x00\\n\\r]*$\"",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+	}
+
+	// no validation rules for DefaultValue
+
+	if len(errors) > 0 {
+		return CustomTag_HeaderMultiError(errors)
+	}
+	return nil
+}
+
+// CustomTag_HeaderMultiError is an error wrapping multiple validation errors
+// returned by CustomTag_Header.ValidateAll() if the designated constraints
+// aren't met.
+type CustomTag_HeaderMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m CustomTag_HeaderMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m CustomTag_HeaderMultiError) AllErrors() []error { return m }
+
+// CustomTag_HeaderValidationError is the validation error returned by
+// CustomTag_Header.Validate if the designated constraints aren't met.
+type CustomTag_HeaderValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e CustomTag_HeaderValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e CustomTag_HeaderValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e CustomTag_HeaderValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e CustomTag_HeaderValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e CustomTag_HeaderValidationError) ErrorName() string { return "CustomTag_HeaderValidationError" }
+
+// Error satisfies the builtin error interface
+func (e CustomTag_HeaderValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sCustomTag_Header.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = CustomTag_HeaderValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = CustomTag_HeaderValidationError{}
+
+var _CustomTag_Header_Name_Pattern = regexp.MustCompile("^[^\x00\n\r]*$")
+
+// Validate checks the field values on CustomTag_Metadata with the rules
+// defined in the proto definition for this message. If any rules are
+// violated, the first error encountered is returned, or nil if there are no violations.
+func (m *CustomTag_Metadata) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on CustomTag_Metadata with the rules
+// defined in the proto definition for this message. If any rules are
+// violated, the result is a list of violation errors wrapped in
+// CustomTag_MetadataMultiError, or nil if none found.
+func (m *CustomTag_Metadata) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *CustomTag_Metadata) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	if all {
+		switch v := interface{}(m.GetKind()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, CustomTag_MetadataValidationError{
+					field:  "Kind",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, CustomTag_MetadataValidationError{
+					field:  "Kind",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetKind()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return CustomTag_MetadataValidationError{
+				field:  "Kind",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	if all {
+		switch v := interface{}(m.GetMetadataKey()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, CustomTag_MetadataValidationError{
+					field:  "MetadataKey",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, CustomTag_MetadataValidationError{
+					field:  "MetadataKey",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetMetadataKey()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return CustomTag_MetadataValidationError{
+				field:  "MetadataKey",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
+	// no validation rules for DefaultValue
+
+	if len(errors) > 0 {
+		return CustomTag_MetadataMultiError(errors)
+	}
+	return nil
+}
+
+// CustomTag_MetadataMultiError is an error wrapping multiple validation errors
+// returned by CustomTag_Metadata.ValidateAll() if the designated constraints
+// aren't met.
+type CustomTag_MetadataMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m CustomTag_MetadataMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m CustomTag_MetadataMultiError) AllErrors() []error { return m }
+
+// CustomTag_MetadataValidationError is the validation error returned by
+// CustomTag_Metadata.Validate if the designated constraints aren't met.
+type CustomTag_MetadataValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e CustomTag_MetadataValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e CustomTag_MetadataValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e CustomTag_MetadataValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e CustomTag_MetadataValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e CustomTag_MetadataValidationError) ErrorName() string {
+	return "CustomTag_MetadataValidationError"
+}
+
+// Error satisfies the builtin error interface
+func (e CustomTag_MetadataValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sCustomTag_Metadata.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = CustomTag_MetadataValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = CustomTag_MetadataValidationError{}
diff --git a/vendor/github.com/envoyproxy/go-control-plane/envoy/type/v3/hash_policy.pb.go b/vendor/github.com/envoyproxy/go-control-plane/envoy/type/v3/hash_policy.pb.go
new file mode 100644
index 00000000000..aae32e103e7
--- /dev/null
+++ b/vendor/github.com/envoyproxy/go-control-plane/envoy/type/v3/hash_policy.pb.go
@@ -0,0 +1,333 @@
+// Code generated by protoc-gen-go. DO NOT EDIT.
+// versions:
+// 	protoc-gen-go v1.25.0
+// 	protoc        v3.19.1
+// source: envoy/type/v3/hash_policy.proto
+
+package envoy_type_v3
+
+import (
+	_ "github.com/cncf/xds/go/udpa/annotations"
+	_ "github.com/envoyproxy/protoc-gen-validate/validate"
+	proto "github.com/golang/protobuf/proto"
+	protoreflect "google.golang.org/protobuf/reflect/protoreflect"
+	protoimpl "google.golang.org/protobuf/runtime/protoimpl"
+	reflect "reflect"
+	sync "sync"
+)
+
+const (
+	// Verify that this generated code is sufficiently up-to-date.
+	_ = protoimpl.EnforceVersion(20 - protoimpl.MinVersion)
+	// Verify that runtime/protoimpl is sufficiently up-to-date.
+	_ = protoimpl.EnforceVersion(protoimpl.MaxVersion - 20)
+)
+
+// This is a compile-time assertion that a sufficiently up-to-date version
+// of the legacy proto package is being used.
+const _ = proto.ProtoPackageIsVersion4
+
+// Specifies the hash policy
+type HashPolicy struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// Types that are assignable to PolicySpecifier:
+	//	*HashPolicy_SourceIp_
+	//	*HashPolicy_FilterState_
+	PolicySpecifier isHashPolicy_PolicySpecifier `protobuf_oneof:"policy_specifier"`
+}
+
+func (x *HashPolicy) Reset() {
+	*x = HashPolicy{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_type_v3_hash_policy_proto_msgTypes[0]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *HashPolicy) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*HashPolicy) ProtoMessage() {}
+
+func (x *HashPolicy) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_type_v3_hash_policy_proto_msgTypes[0]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use HashPolicy.ProtoReflect.Descriptor instead.
+func (*HashPolicy) Descriptor() ([]byte, []int) {
+	return file_envoy_type_v3_hash_policy_proto_rawDescGZIP(), []int{0}
+}
+
+func (m *HashPolicy) GetPolicySpecifier() isHashPolicy_PolicySpecifier {
+	if m != nil {
+		return m.PolicySpecifier
+	}
+	return nil
+}
+
+func (x *HashPolicy) GetSourceIp() *HashPolicy_SourceIp {
+	if x, ok := x.GetPolicySpecifier().(*HashPolicy_SourceIp_); ok {
+		return x.SourceIp
+	}
+	return nil
+}
+
+func (x *HashPolicy) GetFilterState() *HashPolicy_FilterState {
+	if x, ok := x.GetPolicySpecifier().(*HashPolicy_FilterState_); ok {
+		return x.FilterState
+	}
+	return nil
+}
+
+type isHashPolicy_PolicySpecifier interface {
+	isHashPolicy_PolicySpecifier()
+}
+
+type HashPolicy_SourceIp_ struct {
+	SourceIp *HashPolicy_SourceIp `protobuf:"bytes,1,opt,name=source_ip,json=sourceIp,proto3,oneof"`
+}
+
+type HashPolicy_FilterState_ struct {
+	FilterState *HashPolicy_FilterState `protobuf:"bytes,2,opt,name=filter_state,json=filterState,proto3,oneof"`
+}
+
+func (*HashPolicy_SourceIp_) isHashPolicy_PolicySpecifier() {}
+
+func (*HashPolicy_FilterState_) isHashPolicy_PolicySpecifier() {}
+
+// The source IP will be used to compute the hash used by hash-based load balancing
+// algorithms.
+type HashPolicy_SourceIp struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+}
+
+func (x *HashPolicy_SourceIp) Reset() {
+	*x = HashPolicy_SourceIp{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_type_v3_hash_policy_proto_msgTypes[1]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *HashPolicy_SourceIp) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*HashPolicy_SourceIp) ProtoMessage() {}
+
+func (x *HashPolicy_SourceIp) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_type_v3_hash_policy_proto_msgTypes[1]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use HashPolicy_SourceIp.ProtoReflect.Descriptor instead.
+func (*HashPolicy_SourceIp) Descriptor() ([]byte, []int) {
+	return file_envoy_type_v3_hash_policy_proto_rawDescGZIP(), []int{0, 0}
+}
+
+// An Object in the :ref:`filterState <arch_overview_data_sharing_between_filters>` will be used
+// to compute the hash used by hash-based load balancing algorithms.
+type HashPolicy_FilterState struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// The name of the Object in the filterState, which is an Envoy::Hashable object. If there is no
+	// data associated with the key, or the stored object is not Envoy::Hashable, no hash will be
+	// produced.
+	Key string `protobuf:"bytes,1,opt,name=key,proto3" json:"key,omitempty"`
+}
+
+func (x *HashPolicy_FilterState) Reset() {
+	*x = HashPolicy_FilterState{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_type_v3_hash_policy_proto_msgTypes[2]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *HashPolicy_FilterState) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*HashPolicy_FilterState) ProtoMessage() {}
+
+func (x *HashPolicy_FilterState) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_type_v3_hash_policy_proto_msgTypes[2]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use HashPolicy_FilterState.ProtoReflect.Descriptor instead.
+func (*HashPolicy_FilterState) Descriptor() ([]byte, []int) {
+	return file_envoy_type_v3_hash_policy_proto_rawDescGZIP(), []int{0, 1}
+}
+
+func (x *HashPolicy_FilterState) GetKey() string {
+	if x != nil {
+		return x.Key
+	}
+	return ""
+}
+
+var File_envoy_type_v3_hash_policy_proto protoreflect.FileDescriptor
+
+var file_envoy_type_v3_hash_policy_proto_rawDesc = []byte{
+	0x0a, 0x1f, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2f, 0x74, 0x79, 0x70, 0x65, 0x2f, 0x76, 0x33, 0x2f,
+	0x68, 0x61, 0x73, 0x68, 0x5f, 0x70, 0x6f, 0x6c, 0x69, 0x63, 0x79, 0x2e, 0x70, 0x72, 0x6f, 0x74,
+	0x6f, 0x12, 0x0d, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x74, 0x79, 0x70, 0x65, 0x2e, 0x76, 0x33,
+	0x1a, 0x1d, 0x75, 0x64, 0x70, 0x61, 0x2f, 0x61, 0x6e, 0x6e, 0x6f, 0x74, 0x61, 0x74, 0x69, 0x6f,
+	0x6e, 0x73, 0x2f, 0x73, 0x74, 0x61, 0x74, 0x75, 0x73, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a,
+	0x21, 0x75, 0x64, 0x70, 0x61, 0x2f, 0x61, 0x6e, 0x6e, 0x6f, 0x74, 0x61, 0x74, 0x69, 0x6f, 0x6e,
+	0x73, 0x2f, 0x76, 0x65, 0x72, 0x73, 0x69, 0x6f, 0x6e, 0x69, 0x6e, 0x67, 0x2e, 0x70, 0x72, 0x6f,
+	0x74, 0x6f, 0x1a, 0x17, 0x76, 0x61, 0x6c, 0x69, 0x64, 0x61, 0x74, 0x65, 0x2f, 0x76, 0x61, 0x6c,
+	0x69, 0x64, 0x61, 0x74, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x22, 0xaf, 0x02, 0x0a, 0x0a,
+	0x48, 0x61, 0x73, 0x68, 0x50, 0x6f, 0x6c, 0x69, 0x63, 0x79, 0x12, 0x41, 0x0a, 0x09, 0x73, 0x6f,
+	0x75, 0x72, 0x63, 0x65, 0x5f, 0x69, 0x70, 0x18, 0x01, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x22, 0x2e,
+	0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x74, 0x79, 0x70, 0x65, 0x2e, 0x76, 0x33, 0x2e, 0x48, 0x61,
+	0x73, 0x68, 0x50, 0x6f, 0x6c, 0x69, 0x63, 0x79, 0x2e, 0x53, 0x6f, 0x75, 0x72, 0x63, 0x65, 0x49,
+	0x70, 0x48, 0x00, 0x52, 0x08, 0x73, 0x6f, 0x75, 0x72, 0x63, 0x65, 0x49, 0x70, 0x12, 0x4a, 0x0a,
+	0x0c, 0x66, 0x69, 0x6c, 0x74, 0x65, 0x72, 0x5f, 0x73, 0x74, 0x61, 0x74, 0x65, 0x18, 0x02, 0x20,
+	0x01, 0x28, 0x0b, 0x32, 0x25, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x74, 0x79, 0x70, 0x65,
+	0x2e, 0x76, 0x33, 0x2e, 0x48, 0x61, 0x73, 0x68, 0x50, 0x6f, 0x6c, 0x69, 0x63, 0x79, 0x2e, 0x46,
+	0x69, 0x6c, 0x74, 0x65, 0x72, 0x53, 0x74, 0x61, 0x74, 0x65, 0x48, 0x00, 0x52, 0x0b, 0x66, 0x69,
+	0x6c, 0x74, 0x65, 0x72, 0x53, 0x74, 0x61, 0x74, 0x65, 0x1a, 0x31, 0x0a, 0x08, 0x53, 0x6f, 0x75,
+	0x72, 0x63, 0x65, 0x49, 0x70, 0x3a, 0x25, 0x9a, 0xc5, 0x88, 0x1e, 0x20, 0x0a, 0x1e, 0x65, 0x6e,
+	0x76, 0x6f, 0x79, 0x2e, 0x74, 0x79, 0x70, 0x65, 0x2e, 0x48, 0x61, 0x73, 0x68, 0x50, 0x6f, 0x6c,
+	0x69, 0x63, 0x79, 0x2e, 0x53, 0x6f, 0x75, 0x72, 0x63, 0x65, 0x49, 0x70, 0x1a, 0x28, 0x0a, 0x0b,
+	0x46, 0x69, 0x6c, 0x74, 0x65, 0x72, 0x53, 0x74, 0x61, 0x74, 0x65, 0x12, 0x19, 0x0a, 0x03, 0x6b,
+	0x65, 0x79, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x42, 0x07, 0xfa, 0x42, 0x04, 0x72, 0x02, 0x10,
+	0x01, 0x52, 0x03, 0x6b, 0x65, 0x79, 0x3a, 0x1c, 0x9a, 0xc5, 0x88, 0x1e, 0x17, 0x0a, 0x15, 0x65,
+	0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x74, 0x79, 0x70, 0x65, 0x2e, 0x48, 0x61, 0x73, 0x68, 0x50, 0x6f,
+	0x6c, 0x69, 0x63, 0x79, 0x42, 0x17, 0x0a, 0x10, 0x70, 0x6f, 0x6c, 0x69, 0x63, 0x79, 0x5f, 0x73,
+	0x70, 0x65, 0x63, 0x69, 0x66, 0x69, 0x65, 0x72, 0x12, 0x03, 0xf8, 0x42, 0x01, 0x42, 0x38, 0x0a,
+	0x1b, 0x69, 0x6f, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x70, 0x72, 0x6f, 0x78, 0x79, 0x2e, 0x65,
+	0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x74, 0x79, 0x70, 0x65, 0x2e, 0x76, 0x33, 0x42, 0x0f, 0x48, 0x61,
+	0x73, 0x68, 0x50, 0x6f, 0x6c, 0x69, 0x63, 0x79, 0x50, 0x72, 0x6f, 0x74, 0x6f, 0x50, 0x01, 0xba,
+	0x80, 0xc8, 0xd1, 0x06, 0x02, 0x10, 0x02, 0x62, 0x06, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x33,
+}
+
+var (
+	file_envoy_type_v3_hash_policy_proto_rawDescOnce sync.Once
+	file_envoy_type_v3_hash_policy_proto_rawDescData = file_envoy_type_v3_hash_policy_proto_rawDesc
+)
+
+func file_envoy_type_v3_hash_policy_proto_rawDescGZIP() []byte {
+	file_envoy_type_v3_hash_policy_proto_rawDescOnce.Do(func() {
+		file_envoy_type_v3_hash_policy_proto_rawDescData = protoimpl.X.CompressGZIP(file_envoy_type_v3_hash_policy_proto_rawDescData)
+	})
+	return file_envoy_type_v3_hash_policy_proto_rawDescData
+}
+
+var file_envoy_type_v3_hash_policy_proto_msgTypes = make([]protoimpl.MessageInfo, 3)
+var file_envoy_type_v3_hash_policy_proto_goTypes = []interface{}{
+	(*HashPolicy)(nil),             // 0: envoy.type.v3.HashPolicy
+	(*HashPolicy_SourceIp)(nil),    // 1: envoy.type.v3.HashPolicy.SourceIp
+	(*HashPolicy_FilterState)(nil), // 2: envoy.type.v3.HashPolicy.FilterState
+}
+var file_envoy_type_v3_hash_policy_proto_depIdxs = []int32{
+	1, // 0: envoy.type.v3.HashPolicy.source_ip:type_name -> envoy.type.v3.HashPolicy.SourceIp
+	2, // 1: envoy.type.v3.HashPolicy.filter_state:type_name -> envoy.type.v3.HashPolicy.FilterState
+	2, // [2:2] is the sub-list for method output_type
+	2, // [2:2] is the sub-list for method input_type
+	2, // [2:2] is the sub-list for extension type_name
+	2, // [2:2] is the sub-list for extension extendee
+	0, // [0:2] is the sub-list for field type_name
+}
+
+func init() { file_envoy_type_v3_hash_policy_proto_init() }
+func file_envoy_type_v3_hash_policy_proto_init() {
+	if File_envoy_type_v3_hash_policy_proto != nil {
+		return
+	}
+	if !protoimpl.UnsafeEnabled {
+		file_envoy_type_v3_hash_policy_proto_msgTypes[0].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*HashPolicy); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_type_v3_hash_policy_proto_msgTypes[1].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*HashPolicy_SourceIp); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_type_v3_hash_policy_proto_msgTypes[2].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*HashPolicy_FilterState); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+	}
+	file_envoy_type_v3_hash_policy_proto_msgTypes[0].OneofWrappers = []interface{}{
+		(*HashPolicy_SourceIp_)(nil),
+		(*HashPolicy_FilterState_)(nil),
+	}
+	type x struct{}
+	out := protoimpl.TypeBuilder{
+		File: protoimpl.DescBuilder{
+			GoPackagePath: reflect.TypeOf(x{}).PkgPath(),
+			RawDescriptor: file_envoy_type_v3_hash_policy_proto_rawDesc,
+			NumEnums:      0,
+			NumMessages:   3,
+			NumExtensions: 0,
+			NumServices:   0,
+		},
+		GoTypes:           file_envoy_type_v3_hash_policy_proto_goTypes,
+		DependencyIndexes: file_envoy_type_v3_hash_policy_proto_depIdxs,
+		MessageInfos:      file_envoy_type_v3_hash_policy_proto_msgTypes,
+	}.Build()
+	File_envoy_type_v3_hash_policy_proto = out.File
+	file_envoy_type_v3_hash_policy_proto_rawDesc = nil
+	file_envoy_type_v3_hash_policy_proto_goTypes = nil
+	file_envoy_type_v3_hash_policy_proto_depIdxs = nil
+}
diff --git a/vendor/github.com/envoyproxy/go-control-plane/envoy/type/v3/hash_policy.pb.validate.go b/vendor/github.com/envoyproxy/go-control-plane/envoy/type/v3/hash_policy.pb.validate.go
new file mode 100644
index 00000000000..3d6f1a101ee
--- /dev/null
+++ b/vendor/github.com/envoyproxy/go-control-plane/envoy/type/v3/hash_policy.pb.validate.go
@@ -0,0 +1,423 @@
+// Code generated by protoc-gen-validate. DO NOT EDIT.
+// source: envoy/type/v3/hash_policy.proto
+
+package envoy_type_v3
+
+import (
+	"bytes"
+	"errors"
+	"fmt"
+	"net"
+	"net/mail"
+	"net/url"
+	"regexp"
+	"sort"
+	"strings"
+	"time"
+	"unicode/utf8"
+
+	"google.golang.org/protobuf/types/known/anypb"
+)
+
+// ensure the imports are used
+var (
+	_ = bytes.MinRead
+	_ = errors.New("")
+	_ = fmt.Print
+	_ = utf8.UTFMax
+	_ = (*regexp.Regexp)(nil)
+	_ = (*strings.Reader)(nil)
+	_ = net.IPv4len
+	_ = time.Duration(0)
+	_ = (*url.URL)(nil)
+	_ = (*mail.Address)(nil)
+	_ = anypb.Any{}
+	_ = sort.Sort
+)
+
+// Validate checks the field values on HashPolicy with the rules defined in the
+// proto definition for this message. If any rules are violated, the first
+// error encountered is returned, or nil if there are no violations.
+func (m *HashPolicy) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on HashPolicy with the rules defined in
+// the proto definition for this message. If any rules are violated, the
+// result is a list of violation errors wrapped in HashPolicyMultiError, or
+// nil if none found.
+func (m *HashPolicy) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *HashPolicy) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	switch m.PolicySpecifier.(type) {
+
+	case *HashPolicy_SourceIp_:
+
+		if all {
+			switch v := interface{}(m.GetSourceIp()).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, HashPolicyValidationError{
+						field:  "SourceIp",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, HashPolicyValidationError{
+						field:  "SourceIp",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(m.GetSourceIp()).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return HashPolicyValidationError{
+					field:  "SourceIp",
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	case *HashPolicy_FilterState_:
+
+		if all {
+			switch v := interface{}(m.GetFilterState()).(type) {
+			case interface{ ValidateAll() error }:
+				if err := v.ValidateAll(); err != nil {
+					errors = append(errors, HashPolicyValidationError{
+						field:  "FilterState",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			case interface{ Validate() error }:
+				if err := v.Validate(); err != nil {
+					errors = append(errors, HashPolicyValidationError{
+						field:  "FilterState",
+						reason: "embedded message failed validation",
+						cause:  err,
+					})
+				}
+			}
+		} else if v, ok := interface{}(m.GetFilterState()).(interface{ Validate() error }); ok {
+			if err := v.Validate(); err != nil {
+				return HashPolicyValidationError{
+					field:  "FilterState",
+					reason: "embedded message failed validation",
+					cause:  err,
+				}
+			}
+		}
+
+	default:
+		err := HashPolicyValidationError{
+			field:  "PolicySpecifier",
+			reason: "value is required",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+
+	}
+
+	if len(errors) > 0 {
+		return HashPolicyMultiError(errors)
+	}
+	return nil
+}
+
+// HashPolicyMultiError is an error wrapping multiple validation errors
+// returned by HashPolicy.ValidateAll() if the designated constraints aren't met.
+type HashPolicyMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m HashPolicyMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m HashPolicyMultiError) AllErrors() []error { return m }
+
+// HashPolicyValidationError is the validation error returned by
+// HashPolicy.Validate if the designated constraints aren't met.
+type HashPolicyValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e HashPolicyValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e HashPolicyValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e HashPolicyValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e HashPolicyValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e HashPolicyValidationError) ErrorName() string { return "HashPolicyValidationError" }
+
+// Error satisfies the builtin error interface
+func (e HashPolicyValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sHashPolicy.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = HashPolicyValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = HashPolicyValidationError{}
+
+// Validate checks the field values on HashPolicy_SourceIp with the rules
+// defined in the proto definition for this message. If any rules are
+// violated, the first error encountered is returned, or nil if there are no violations.
+func (m *HashPolicy_SourceIp) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on HashPolicy_SourceIp with the rules
+// defined in the proto definition for this message. If any rules are
+// violated, the result is a list of violation errors wrapped in
+// HashPolicy_SourceIpMultiError, or nil if none found.
+func (m *HashPolicy_SourceIp) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *HashPolicy_SourceIp) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	if len(errors) > 0 {
+		return HashPolicy_SourceIpMultiError(errors)
+	}
+	return nil
+}
+
+// HashPolicy_SourceIpMultiError is an error wrapping multiple validation
+// errors returned by HashPolicy_SourceIp.ValidateAll() if the designated
+// constraints aren't met.
+type HashPolicy_SourceIpMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m HashPolicy_SourceIpMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m HashPolicy_SourceIpMultiError) AllErrors() []error { return m }
+
+// HashPolicy_SourceIpValidationError is the validation error returned by
+// HashPolicy_SourceIp.Validate if the designated constraints aren't met.
+type HashPolicy_SourceIpValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e HashPolicy_SourceIpValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e HashPolicy_SourceIpValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e HashPolicy_SourceIpValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e HashPolicy_SourceIpValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e HashPolicy_SourceIpValidationError) ErrorName() string {
+	return "HashPolicy_SourceIpValidationError"
+}
+
+// Error satisfies the builtin error interface
+func (e HashPolicy_SourceIpValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sHashPolicy_SourceIp.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = HashPolicy_SourceIpValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = HashPolicy_SourceIpValidationError{}
+
+// Validate checks the field values on HashPolicy_FilterState with the rules
+// defined in the proto definition for this message. If any rules are
+// violated, the first error encountered is returned, or nil if there are no violations.
+func (m *HashPolicy_FilterState) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on HashPolicy_FilterState with the rules
+// defined in the proto definition for this message. If any rules are
+// violated, the result is a list of violation errors wrapped in
+// HashPolicy_FilterStateMultiError, or nil if none found.
+func (m *HashPolicy_FilterState) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *HashPolicy_FilterState) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	if utf8.RuneCountInString(m.GetKey()) < 1 {
+		err := HashPolicy_FilterStateValidationError{
+			field:  "Key",
+			reason: "value length must be at least 1 runes",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+	}
+
+	if len(errors) > 0 {
+		return HashPolicy_FilterStateMultiError(errors)
+	}
+	return nil
+}
+
+// HashPolicy_FilterStateMultiError is an error wrapping multiple validation
+// errors returned by HashPolicy_FilterState.ValidateAll() if the designated
+// constraints aren't met.
+type HashPolicy_FilterStateMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m HashPolicy_FilterStateMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m HashPolicy_FilterStateMultiError) AllErrors() []error { return m }
+
+// HashPolicy_FilterStateValidationError is the validation error returned by
+// HashPolicy_FilterState.Validate if the designated constraints aren't met.
+type HashPolicy_FilterStateValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e HashPolicy_FilterStateValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e HashPolicy_FilterStateValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e HashPolicy_FilterStateValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e HashPolicy_FilterStateValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e HashPolicy_FilterStateValidationError) ErrorName() string {
+	return "HashPolicy_FilterStateValidationError"
+}
+
+// Error satisfies the builtin error interface
+func (e HashPolicy_FilterStateValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sHashPolicy_FilterState.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = HashPolicy_FilterStateValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = HashPolicy_FilterStateValidationError{}
diff --git a/vendor/github.com/envoyproxy/go-control-plane/envoy/type/v3/http.pb.go b/vendor/github.com/envoyproxy/go-control-plane/envoy/type/v3/http.pb.go
new file mode 100644
index 00000000000..c8a8dd1c78f
--- /dev/null
+++ b/vendor/github.com/envoyproxy/go-control-plane/envoy/type/v3/http.pb.go
@@ -0,0 +1,145 @@
+// Code generated by protoc-gen-go. DO NOT EDIT.
+// versions:
+// 	protoc-gen-go v1.25.0
+// 	protoc        v3.19.1
+// source: envoy/type/v3/http.proto
+
+package envoy_type_v3
+
+import (
+	_ "github.com/cncf/xds/go/udpa/annotations"
+	proto "github.com/golang/protobuf/proto"
+	protoreflect "google.golang.org/protobuf/reflect/protoreflect"
+	protoimpl "google.golang.org/protobuf/runtime/protoimpl"
+	reflect "reflect"
+	sync "sync"
+)
+
+const (
+	// Verify that this generated code is sufficiently up-to-date.
+	_ = protoimpl.EnforceVersion(20 - protoimpl.MinVersion)
+	// Verify that runtime/protoimpl is sufficiently up-to-date.
+	_ = protoimpl.EnforceVersion(protoimpl.MaxVersion - 20)
+)
+
+// This is a compile-time assertion that a sufficiently up-to-date version
+// of the legacy proto package is being used.
+const _ = proto.ProtoPackageIsVersion4
+
+type CodecClientType int32
+
+const (
+	CodecClientType_HTTP1 CodecClientType = 0
+	CodecClientType_HTTP2 CodecClientType = 1
+	// [#not-implemented-hide:] QUIC implementation is not production ready yet. Use this enum with
+	// caution to prevent accidental execution of QUIC code. I.e. `!= HTTP2` is no longer sufficient
+	// to distinguish HTTP1 and HTTP2 traffic.
+	CodecClientType_HTTP3 CodecClientType = 2
+)
+
+// Enum value maps for CodecClientType.
+var (
+	CodecClientType_name = map[int32]string{
+		0: "HTTP1",
+		1: "HTTP2",
+		2: "HTTP3",
+	}
+	CodecClientType_value = map[string]int32{
+		"HTTP1": 0,
+		"HTTP2": 1,
+		"HTTP3": 2,
+	}
+)
+
+func (x CodecClientType) Enum() *CodecClientType {
+	p := new(CodecClientType)
+	*p = x
+	return p
+}
+
+func (x CodecClientType) String() string {
+	return protoimpl.X.EnumStringOf(x.Descriptor(), protoreflect.EnumNumber(x))
+}
+
+func (CodecClientType) Descriptor() protoreflect.EnumDescriptor {
+	return file_envoy_type_v3_http_proto_enumTypes[0].Descriptor()
+}
+
+func (CodecClientType) Type() protoreflect.EnumType {
+	return &file_envoy_type_v3_http_proto_enumTypes[0]
+}
+
+func (x CodecClientType) Number() protoreflect.EnumNumber {
+	return protoreflect.EnumNumber(x)
+}
+
+// Deprecated: Use CodecClientType.Descriptor instead.
+func (CodecClientType) EnumDescriptor() ([]byte, []int) {
+	return file_envoy_type_v3_http_proto_rawDescGZIP(), []int{0}
+}
+
+var File_envoy_type_v3_http_proto protoreflect.FileDescriptor
+
+var file_envoy_type_v3_http_proto_rawDesc = []byte{
+	0x0a, 0x18, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2f, 0x74, 0x79, 0x70, 0x65, 0x2f, 0x76, 0x33, 0x2f,
+	0x68, 0x74, 0x74, 0x70, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x12, 0x0d, 0x65, 0x6e, 0x76, 0x6f,
+	0x79, 0x2e, 0x74, 0x79, 0x70, 0x65, 0x2e, 0x76, 0x33, 0x1a, 0x1d, 0x75, 0x64, 0x70, 0x61, 0x2f,
+	0x61, 0x6e, 0x6e, 0x6f, 0x74, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x2f, 0x73, 0x74, 0x61, 0x74,
+	0x75, 0x73, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x2a, 0x32, 0x0a, 0x0f, 0x43, 0x6f, 0x64, 0x65,
+	0x63, 0x43, 0x6c, 0x69, 0x65, 0x6e, 0x74, 0x54, 0x79, 0x70, 0x65, 0x12, 0x09, 0x0a, 0x05, 0x48,
+	0x54, 0x54, 0x50, 0x31, 0x10, 0x00, 0x12, 0x09, 0x0a, 0x05, 0x48, 0x54, 0x54, 0x50, 0x32, 0x10,
+	0x01, 0x12, 0x09, 0x0a, 0x05, 0x48, 0x54, 0x54, 0x50, 0x33, 0x10, 0x02, 0x42, 0x32, 0x0a, 0x1b,
+	0x69, 0x6f, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x70, 0x72, 0x6f, 0x78, 0x79, 0x2e, 0x65, 0x6e,
+	0x76, 0x6f, 0x79, 0x2e, 0x74, 0x79, 0x70, 0x65, 0x2e, 0x76, 0x33, 0x42, 0x09, 0x48, 0x74, 0x74,
+	0x70, 0x50, 0x72, 0x6f, 0x74, 0x6f, 0x50, 0x01, 0xba, 0x80, 0xc8, 0xd1, 0x06, 0x02, 0x10, 0x02,
+	0x62, 0x06, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x33,
+}
+
+var (
+	file_envoy_type_v3_http_proto_rawDescOnce sync.Once
+	file_envoy_type_v3_http_proto_rawDescData = file_envoy_type_v3_http_proto_rawDesc
+)
+
+func file_envoy_type_v3_http_proto_rawDescGZIP() []byte {
+	file_envoy_type_v3_http_proto_rawDescOnce.Do(func() {
+		file_envoy_type_v3_http_proto_rawDescData = protoimpl.X.CompressGZIP(file_envoy_type_v3_http_proto_rawDescData)
+	})
+	return file_envoy_type_v3_http_proto_rawDescData
+}
+
+var file_envoy_type_v3_http_proto_enumTypes = make([]protoimpl.EnumInfo, 1)
+var file_envoy_type_v3_http_proto_goTypes = []interface{}{
+	(CodecClientType)(0), // 0: envoy.type.v3.CodecClientType
+}
+var file_envoy_type_v3_http_proto_depIdxs = []int32{
+	0, // [0:0] is the sub-list for method output_type
+	0, // [0:0] is the sub-list for method input_type
+	0, // [0:0] is the sub-list for extension type_name
+	0, // [0:0] is the sub-list for extension extendee
+	0, // [0:0] is the sub-list for field type_name
+}
+
+func init() { file_envoy_type_v3_http_proto_init() }
+func file_envoy_type_v3_http_proto_init() {
+	if File_envoy_type_v3_http_proto != nil {
+		return
+	}
+	type x struct{}
+	out := protoimpl.TypeBuilder{
+		File: protoimpl.DescBuilder{
+			GoPackagePath: reflect.TypeOf(x{}).PkgPath(),
+			RawDescriptor: file_envoy_type_v3_http_proto_rawDesc,
+			NumEnums:      1,
+			NumMessages:   0,
+			NumExtensions: 0,
+			NumServices:   0,
+		},
+		GoTypes:           file_envoy_type_v3_http_proto_goTypes,
+		DependencyIndexes: file_envoy_type_v3_http_proto_depIdxs,
+		EnumInfos:         file_envoy_type_v3_http_proto_enumTypes,
+	}.Build()
+	File_envoy_type_v3_http_proto = out.File
+	file_envoy_type_v3_http_proto_rawDesc = nil
+	file_envoy_type_v3_http_proto_goTypes = nil
+	file_envoy_type_v3_http_proto_depIdxs = nil
+}
diff --git a/vendor/github.com/envoyproxy/go-control-plane/envoy/type/v3/http.pb.validate.go b/vendor/github.com/envoyproxy/go-control-plane/envoy/type/v3/http.pb.validate.go
new file mode 100644
index 00000000000..dc257e0dbe3
--- /dev/null
+++ b/vendor/github.com/envoyproxy/go-control-plane/envoy/type/v3/http.pb.validate.go
@@ -0,0 +1,36 @@
+// Code generated by protoc-gen-validate. DO NOT EDIT.
+// source: envoy/type/v3/http.proto
+
+package envoy_type_v3
+
+import (
+	"bytes"
+	"errors"
+	"fmt"
+	"net"
+	"net/mail"
+	"net/url"
+	"regexp"
+	"sort"
+	"strings"
+	"time"
+	"unicode/utf8"
+
+	"google.golang.org/protobuf/types/known/anypb"
+)
+
+// ensure the imports are used
+var (
+	_ = bytes.MinRead
+	_ = errors.New("")
+	_ = fmt.Print
+	_ = utf8.UTFMax
+	_ = (*regexp.Regexp)(nil)
+	_ = (*strings.Reader)(nil)
+	_ = net.IPv4len
+	_ = time.Duration(0)
+	_ = (*url.URL)(nil)
+	_ = (*mail.Address)(nil)
+	_ = anypb.Any{}
+	_ = sort.Sort
+)
diff --git a/vendor/github.com/envoyproxy/go-control-plane/envoy/type/v3/http_status.pb.go b/vendor/github.com/envoyproxy/go-control-plane/envoy/type/v3/http_status.pb.go
new file mode 100644
index 00000000000..a6090690ba6
--- /dev/null
+++ b/vendor/github.com/envoyproxy/go-control-plane/envoy/type/v3/http_status.pb.go
@@ -0,0 +1,459 @@
+// Code generated by protoc-gen-go. DO NOT EDIT.
+// versions:
+// 	protoc-gen-go v1.25.0
+// 	protoc        v3.19.1
+// source: envoy/type/v3/http_status.proto
+
+package envoy_type_v3
+
+import (
+	_ "github.com/cncf/xds/go/udpa/annotations"
+	_ "github.com/envoyproxy/protoc-gen-validate/validate"
+	proto "github.com/golang/protobuf/proto"
+	protoreflect "google.golang.org/protobuf/reflect/protoreflect"
+	protoimpl "google.golang.org/protobuf/runtime/protoimpl"
+	reflect "reflect"
+	sync "sync"
+)
+
+const (
+	// Verify that this generated code is sufficiently up-to-date.
+	_ = protoimpl.EnforceVersion(20 - protoimpl.MinVersion)
+	// Verify that runtime/protoimpl is sufficiently up-to-date.
+	_ = protoimpl.EnforceVersion(protoimpl.MaxVersion - 20)
+)
+
+// This is a compile-time assertion that a sufficiently up-to-date version
+// of the legacy proto package is being used.
+const _ = proto.ProtoPackageIsVersion4
+
+// HTTP response codes supported in Envoy.
+// For more details: https://www.iana.org/assignments/http-status-codes/http-status-codes.xhtml
+type StatusCode int32
+
+const (
+	// Empty - This code not part of the HTTP status code specification, but it is needed for proto
+	// `enum` type.
+	StatusCode_Empty                         StatusCode = 0
+	StatusCode_Continue                      StatusCode = 100
+	StatusCode_OK                            StatusCode = 200
+	StatusCode_Created                       StatusCode = 201
+	StatusCode_Accepted                      StatusCode = 202
+	StatusCode_NonAuthoritativeInformation   StatusCode = 203
+	StatusCode_NoContent                     StatusCode = 204
+	StatusCode_ResetContent                  StatusCode = 205
+	StatusCode_PartialContent                StatusCode = 206
+	StatusCode_MultiStatus                   StatusCode = 207
+	StatusCode_AlreadyReported               StatusCode = 208
+	StatusCode_IMUsed                        StatusCode = 226
+	StatusCode_MultipleChoices               StatusCode = 300
+	StatusCode_MovedPermanently              StatusCode = 301
+	StatusCode_Found                         StatusCode = 302
+	StatusCode_SeeOther                      StatusCode = 303
+	StatusCode_NotModified                   StatusCode = 304
+	StatusCode_UseProxy                      StatusCode = 305
+	StatusCode_TemporaryRedirect             StatusCode = 307
+	StatusCode_PermanentRedirect             StatusCode = 308
+	StatusCode_BadRequest                    StatusCode = 400
+	StatusCode_Unauthorized                  StatusCode = 401
+	StatusCode_PaymentRequired               StatusCode = 402
+	StatusCode_Forbidden                     StatusCode = 403
+	StatusCode_NotFound                      StatusCode = 404
+	StatusCode_MethodNotAllowed              StatusCode = 405
+	StatusCode_NotAcceptable                 StatusCode = 406
+	StatusCode_ProxyAuthenticationRequired   StatusCode = 407
+	StatusCode_RequestTimeout                StatusCode = 408
+	StatusCode_Conflict                      StatusCode = 409
+	StatusCode_Gone                          StatusCode = 410
+	StatusCode_LengthRequired                StatusCode = 411
+	StatusCode_PreconditionFailed            StatusCode = 412
+	StatusCode_PayloadTooLarge               StatusCode = 413
+	StatusCode_URITooLong                    StatusCode = 414
+	StatusCode_UnsupportedMediaType          StatusCode = 415
+	StatusCode_RangeNotSatisfiable           StatusCode = 416
+	StatusCode_ExpectationFailed             StatusCode = 417
+	StatusCode_MisdirectedRequest            StatusCode = 421
+	StatusCode_UnprocessableEntity           StatusCode = 422
+	StatusCode_Locked                        StatusCode = 423
+	StatusCode_FailedDependency              StatusCode = 424
+	StatusCode_UpgradeRequired               StatusCode = 426
+	StatusCode_PreconditionRequired          StatusCode = 428
+	StatusCode_TooManyRequests               StatusCode = 429
+	StatusCode_RequestHeaderFieldsTooLarge   StatusCode = 431
+	StatusCode_InternalServerError           StatusCode = 500
+	StatusCode_NotImplemented                StatusCode = 501
+	StatusCode_BadGateway                    StatusCode = 502
+	StatusCode_ServiceUnavailable            StatusCode = 503
+	StatusCode_GatewayTimeout                StatusCode = 504
+	StatusCode_HTTPVersionNotSupported       StatusCode = 505
+	StatusCode_VariantAlsoNegotiates         StatusCode = 506
+	StatusCode_InsufficientStorage           StatusCode = 507
+	StatusCode_LoopDetected                  StatusCode = 508
+	StatusCode_NotExtended                   StatusCode = 510
+	StatusCode_NetworkAuthenticationRequired StatusCode = 511
+)
+
+// Enum value maps for StatusCode.
+var (
+	StatusCode_name = map[int32]string{
+		0:   "Empty",
+		100: "Continue",
+		200: "OK",
+		201: "Created",
+		202: "Accepted",
+		203: "NonAuthoritativeInformation",
+		204: "NoContent",
+		205: "ResetContent",
+		206: "PartialContent",
+		207: "MultiStatus",
+		208: "AlreadyReported",
+		226: "IMUsed",
+		300: "MultipleChoices",
+		301: "MovedPermanently",
+		302: "Found",
+		303: "SeeOther",
+		304: "NotModified",
+		305: "UseProxy",
+		307: "TemporaryRedirect",
+		308: "PermanentRedirect",
+		400: "BadRequest",
+		401: "Unauthorized",
+		402: "PaymentRequired",
+		403: "Forbidden",
+		404: "NotFound",
+		405: "MethodNotAllowed",
+		406: "NotAcceptable",
+		407: "ProxyAuthenticationRequired",
+		408: "RequestTimeout",
+		409: "Conflict",
+		410: "Gone",
+		411: "LengthRequired",
+		412: "PreconditionFailed",
+		413: "PayloadTooLarge",
+		414: "URITooLong",
+		415: "UnsupportedMediaType",
+		416: "RangeNotSatisfiable",
+		417: "ExpectationFailed",
+		421: "MisdirectedRequest",
+		422: "UnprocessableEntity",
+		423: "Locked",
+		424: "FailedDependency",
+		426: "UpgradeRequired",
+		428: "PreconditionRequired",
+		429: "TooManyRequests",
+		431: "RequestHeaderFieldsTooLarge",
+		500: "InternalServerError",
+		501: "NotImplemented",
+		502: "BadGateway",
+		503: "ServiceUnavailable",
+		504: "GatewayTimeout",
+		505: "HTTPVersionNotSupported",
+		506: "VariantAlsoNegotiates",
+		507: "InsufficientStorage",
+		508: "LoopDetected",
+		510: "NotExtended",
+		511: "NetworkAuthenticationRequired",
+	}
+	StatusCode_value = map[string]int32{
+		"Empty":                         0,
+		"Continue":                      100,
+		"OK":                            200,
+		"Created":                       201,
+		"Accepted":                      202,
+		"NonAuthoritativeInformation":   203,
+		"NoContent":                     204,
+		"ResetContent":                  205,
+		"PartialContent":                206,
+		"MultiStatus":                   207,
+		"AlreadyReported":               208,
+		"IMUsed":                        226,
+		"MultipleChoices":               300,
+		"MovedPermanently":              301,
+		"Found":                         302,
+		"SeeOther":                      303,
+		"NotModified":                   304,
+		"UseProxy":                      305,
+		"TemporaryRedirect":             307,
+		"PermanentRedirect":             308,
+		"BadRequest":                    400,
+		"Unauthorized":                  401,
+		"PaymentRequired":               402,
+		"Forbidden":                     403,
+		"NotFound":                      404,
+		"MethodNotAllowed":              405,
+		"NotAcceptable":                 406,
+		"ProxyAuthenticationRequired":   407,
+		"RequestTimeout":                408,
+		"Conflict":                      409,
+		"Gone":                          410,
+		"LengthRequired":                411,
+		"PreconditionFailed":            412,
+		"PayloadTooLarge":               413,
+		"URITooLong":                    414,
+		"UnsupportedMediaType":          415,
+		"RangeNotSatisfiable":           416,
+		"ExpectationFailed":             417,
+		"MisdirectedRequest":            421,
+		"UnprocessableEntity":           422,
+		"Locked":                        423,
+		"FailedDependency":              424,
+		"UpgradeRequired":               426,
+		"PreconditionRequired":          428,
+		"TooManyRequests":               429,
+		"RequestHeaderFieldsTooLarge":   431,
+		"InternalServerError":           500,
+		"NotImplemented":                501,
+		"BadGateway":                    502,
+		"ServiceUnavailable":            503,
+		"GatewayTimeout":                504,
+		"HTTPVersionNotSupported":       505,
+		"VariantAlsoNegotiates":         506,
+		"InsufficientStorage":           507,
+		"LoopDetected":                  508,
+		"NotExtended":                   510,
+		"NetworkAuthenticationRequired": 511,
+	}
+)
+
+func (x StatusCode) Enum() *StatusCode {
+	p := new(StatusCode)
+	*p = x
+	return p
+}
+
+func (x StatusCode) String() string {
+	return protoimpl.X.EnumStringOf(x.Descriptor(), protoreflect.EnumNumber(x))
+}
+
+func (StatusCode) Descriptor() protoreflect.EnumDescriptor {
+	return file_envoy_type_v3_http_status_proto_enumTypes[0].Descriptor()
+}
+
+func (StatusCode) Type() protoreflect.EnumType {
+	return &file_envoy_type_v3_http_status_proto_enumTypes[0]
+}
+
+func (x StatusCode) Number() protoreflect.EnumNumber {
+	return protoreflect.EnumNumber(x)
+}
+
+// Deprecated: Use StatusCode.Descriptor instead.
+func (StatusCode) EnumDescriptor() ([]byte, []int) {
+	return file_envoy_type_v3_http_status_proto_rawDescGZIP(), []int{0}
+}
+
+// HTTP status.
+type HttpStatus struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// Supplies HTTP response code.
+	Code StatusCode `protobuf:"varint,1,opt,name=code,proto3,enum=envoy.type.v3.StatusCode" json:"code,omitempty"`
+}
+
+func (x *HttpStatus) Reset() {
+	*x = HttpStatus{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_type_v3_http_status_proto_msgTypes[0]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *HttpStatus) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*HttpStatus) ProtoMessage() {}
+
+func (x *HttpStatus) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_type_v3_http_status_proto_msgTypes[0]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use HttpStatus.ProtoReflect.Descriptor instead.
+func (*HttpStatus) Descriptor() ([]byte, []int) {
+	return file_envoy_type_v3_http_status_proto_rawDescGZIP(), []int{0}
+}
+
+func (x *HttpStatus) GetCode() StatusCode {
+	if x != nil {
+		return x.Code
+	}
+	return StatusCode_Empty
+}
+
+var File_envoy_type_v3_http_status_proto protoreflect.FileDescriptor
+
+var file_envoy_type_v3_http_status_proto_rawDesc = []byte{
+	0x0a, 0x1f, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2f, 0x74, 0x79, 0x70, 0x65, 0x2f, 0x76, 0x33, 0x2f,
+	0x68, 0x74, 0x74, 0x70, 0x5f, 0x73, 0x74, 0x61, 0x74, 0x75, 0x73, 0x2e, 0x70, 0x72, 0x6f, 0x74,
+	0x6f, 0x12, 0x0d, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x74, 0x79, 0x70, 0x65, 0x2e, 0x76, 0x33,
+	0x1a, 0x1d, 0x75, 0x64, 0x70, 0x61, 0x2f, 0x61, 0x6e, 0x6e, 0x6f, 0x74, 0x61, 0x74, 0x69, 0x6f,
+	0x6e, 0x73, 0x2f, 0x73, 0x74, 0x61, 0x74, 0x75, 0x73, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a,
+	0x21, 0x75, 0x64, 0x70, 0x61, 0x2f, 0x61, 0x6e, 0x6e, 0x6f, 0x74, 0x61, 0x74, 0x69, 0x6f, 0x6e,
+	0x73, 0x2f, 0x76, 0x65, 0x72, 0x73, 0x69, 0x6f, 0x6e, 0x69, 0x6e, 0x67, 0x2e, 0x70, 0x72, 0x6f,
+	0x74, 0x6f, 0x1a, 0x17, 0x76, 0x61, 0x6c, 0x69, 0x64, 0x61, 0x74, 0x65, 0x2f, 0x76, 0x61, 0x6c,
+	0x69, 0x64, 0x61, 0x74, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x22, 0x65, 0x0a, 0x0a, 0x48,
+	0x74, 0x74, 0x70, 0x53, 0x74, 0x61, 0x74, 0x75, 0x73, 0x12, 0x39, 0x0a, 0x04, 0x63, 0x6f, 0x64,
+	0x65, 0x18, 0x01, 0x20, 0x01, 0x28, 0x0e, 0x32, 0x19, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e,
+	0x74, 0x79, 0x70, 0x65, 0x2e, 0x76, 0x33, 0x2e, 0x53, 0x74, 0x61, 0x74, 0x75, 0x73, 0x43, 0x6f,
+	0x64, 0x65, 0x42, 0x0a, 0xfa, 0x42, 0x07, 0x82, 0x01, 0x04, 0x10, 0x01, 0x20, 0x00, 0x52, 0x04,
+	0x63, 0x6f, 0x64, 0x65, 0x3a, 0x1c, 0x9a, 0xc5, 0x88, 0x1e, 0x17, 0x0a, 0x15, 0x65, 0x6e, 0x76,
+	0x6f, 0x79, 0x2e, 0x74, 0x79, 0x70, 0x65, 0x2e, 0x48, 0x74, 0x74, 0x70, 0x53, 0x74, 0x61, 0x74,
+	0x75, 0x73, 0x2a, 0xb5, 0x09, 0x0a, 0x0a, 0x53, 0x74, 0x61, 0x74, 0x75, 0x73, 0x43, 0x6f, 0x64,
+	0x65, 0x12, 0x09, 0x0a, 0x05, 0x45, 0x6d, 0x70, 0x74, 0x79, 0x10, 0x00, 0x12, 0x0c, 0x0a, 0x08,
+	0x43, 0x6f, 0x6e, 0x74, 0x69, 0x6e, 0x75, 0x65, 0x10, 0x64, 0x12, 0x07, 0x0a, 0x02, 0x4f, 0x4b,
+	0x10, 0xc8, 0x01, 0x12, 0x0c, 0x0a, 0x07, 0x43, 0x72, 0x65, 0x61, 0x74, 0x65, 0x64, 0x10, 0xc9,
+	0x01, 0x12, 0x0d, 0x0a, 0x08, 0x41, 0x63, 0x63, 0x65, 0x70, 0x74, 0x65, 0x64, 0x10, 0xca, 0x01,
+	0x12, 0x20, 0x0a, 0x1b, 0x4e, 0x6f, 0x6e, 0x41, 0x75, 0x74, 0x68, 0x6f, 0x72, 0x69, 0x74, 0x61,
+	0x74, 0x69, 0x76, 0x65, 0x49, 0x6e, 0x66, 0x6f, 0x72, 0x6d, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x10,
+	0xcb, 0x01, 0x12, 0x0e, 0x0a, 0x09, 0x4e, 0x6f, 0x43, 0x6f, 0x6e, 0x74, 0x65, 0x6e, 0x74, 0x10,
+	0xcc, 0x01, 0x12, 0x11, 0x0a, 0x0c, 0x52, 0x65, 0x73, 0x65, 0x74, 0x43, 0x6f, 0x6e, 0x74, 0x65,
+	0x6e, 0x74, 0x10, 0xcd, 0x01, 0x12, 0x13, 0x0a, 0x0e, 0x50, 0x61, 0x72, 0x74, 0x69, 0x61, 0x6c,
+	0x43, 0x6f, 0x6e, 0x74, 0x65, 0x6e, 0x74, 0x10, 0xce, 0x01, 0x12, 0x10, 0x0a, 0x0b, 0x4d, 0x75,
+	0x6c, 0x74, 0x69, 0x53, 0x74, 0x61, 0x74, 0x75, 0x73, 0x10, 0xcf, 0x01, 0x12, 0x14, 0x0a, 0x0f,
+	0x41, 0x6c, 0x72, 0x65, 0x61, 0x64, 0x79, 0x52, 0x65, 0x70, 0x6f, 0x72, 0x74, 0x65, 0x64, 0x10,
+	0xd0, 0x01, 0x12, 0x0b, 0x0a, 0x06, 0x49, 0x4d, 0x55, 0x73, 0x65, 0x64, 0x10, 0xe2, 0x01, 0x12,
+	0x14, 0x0a, 0x0f, 0x4d, 0x75, 0x6c, 0x74, 0x69, 0x70, 0x6c, 0x65, 0x43, 0x68, 0x6f, 0x69, 0x63,
+	0x65, 0x73, 0x10, 0xac, 0x02, 0x12, 0x15, 0x0a, 0x10, 0x4d, 0x6f, 0x76, 0x65, 0x64, 0x50, 0x65,
+	0x72, 0x6d, 0x61, 0x6e, 0x65, 0x6e, 0x74, 0x6c, 0x79, 0x10, 0xad, 0x02, 0x12, 0x0a, 0x0a, 0x05,
+	0x46, 0x6f, 0x75, 0x6e, 0x64, 0x10, 0xae, 0x02, 0x12, 0x0d, 0x0a, 0x08, 0x53, 0x65, 0x65, 0x4f,
+	0x74, 0x68, 0x65, 0x72, 0x10, 0xaf, 0x02, 0x12, 0x10, 0x0a, 0x0b, 0x4e, 0x6f, 0x74, 0x4d, 0x6f,
+	0x64, 0x69, 0x66, 0x69, 0x65, 0x64, 0x10, 0xb0, 0x02, 0x12, 0x0d, 0x0a, 0x08, 0x55, 0x73, 0x65,
+	0x50, 0x72, 0x6f, 0x78, 0x79, 0x10, 0xb1, 0x02, 0x12, 0x16, 0x0a, 0x11, 0x54, 0x65, 0x6d, 0x70,
+	0x6f, 0x72, 0x61, 0x72, 0x79, 0x52, 0x65, 0x64, 0x69, 0x72, 0x65, 0x63, 0x74, 0x10, 0xb3, 0x02,
+	0x12, 0x16, 0x0a, 0x11, 0x50, 0x65, 0x72, 0x6d, 0x61, 0x6e, 0x65, 0x6e, 0x74, 0x52, 0x65, 0x64,
+	0x69, 0x72, 0x65, 0x63, 0x74, 0x10, 0xb4, 0x02, 0x12, 0x0f, 0x0a, 0x0a, 0x42, 0x61, 0x64, 0x52,
+	0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x10, 0x90, 0x03, 0x12, 0x11, 0x0a, 0x0c, 0x55, 0x6e, 0x61,
+	0x75, 0x74, 0x68, 0x6f, 0x72, 0x69, 0x7a, 0x65, 0x64, 0x10, 0x91, 0x03, 0x12, 0x14, 0x0a, 0x0f,
+	0x50, 0x61, 0x79, 0x6d, 0x65, 0x6e, 0x74, 0x52, 0x65, 0x71, 0x75, 0x69, 0x72, 0x65, 0x64, 0x10,
+	0x92, 0x03, 0x12, 0x0e, 0x0a, 0x09, 0x46, 0x6f, 0x72, 0x62, 0x69, 0x64, 0x64, 0x65, 0x6e, 0x10,
+	0x93, 0x03, 0x12, 0x0d, 0x0a, 0x08, 0x4e, 0x6f, 0x74, 0x46, 0x6f, 0x75, 0x6e, 0x64, 0x10, 0x94,
+	0x03, 0x12, 0x15, 0x0a, 0x10, 0x4d, 0x65, 0x74, 0x68, 0x6f, 0x64, 0x4e, 0x6f, 0x74, 0x41, 0x6c,
+	0x6c, 0x6f, 0x77, 0x65, 0x64, 0x10, 0x95, 0x03, 0x12, 0x12, 0x0a, 0x0d, 0x4e, 0x6f, 0x74, 0x41,
+	0x63, 0x63, 0x65, 0x70, 0x74, 0x61, 0x62, 0x6c, 0x65, 0x10, 0x96, 0x03, 0x12, 0x20, 0x0a, 0x1b,
+	0x50, 0x72, 0x6f, 0x78, 0x79, 0x41, 0x75, 0x74, 0x68, 0x65, 0x6e, 0x74, 0x69, 0x63, 0x61, 0x74,
+	0x69, 0x6f, 0x6e, 0x52, 0x65, 0x71, 0x75, 0x69, 0x72, 0x65, 0x64, 0x10, 0x97, 0x03, 0x12, 0x13,
+	0x0a, 0x0e, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x54, 0x69, 0x6d, 0x65, 0x6f, 0x75, 0x74,
+	0x10, 0x98, 0x03, 0x12, 0x0d, 0x0a, 0x08, 0x43, 0x6f, 0x6e, 0x66, 0x6c, 0x69, 0x63, 0x74, 0x10,
+	0x99, 0x03, 0x12, 0x09, 0x0a, 0x04, 0x47, 0x6f, 0x6e, 0x65, 0x10, 0x9a, 0x03, 0x12, 0x13, 0x0a,
+	0x0e, 0x4c, 0x65, 0x6e, 0x67, 0x74, 0x68, 0x52, 0x65, 0x71, 0x75, 0x69, 0x72, 0x65, 0x64, 0x10,
+	0x9b, 0x03, 0x12, 0x17, 0x0a, 0x12, 0x50, 0x72, 0x65, 0x63, 0x6f, 0x6e, 0x64, 0x69, 0x74, 0x69,
+	0x6f, 0x6e, 0x46, 0x61, 0x69, 0x6c, 0x65, 0x64, 0x10, 0x9c, 0x03, 0x12, 0x14, 0x0a, 0x0f, 0x50,
+	0x61, 0x79, 0x6c, 0x6f, 0x61, 0x64, 0x54, 0x6f, 0x6f, 0x4c, 0x61, 0x72, 0x67, 0x65, 0x10, 0x9d,
+	0x03, 0x12, 0x0f, 0x0a, 0x0a, 0x55, 0x52, 0x49, 0x54, 0x6f, 0x6f, 0x4c, 0x6f, 0x6e, 0x67, 0x10,
+	0x9e, 0x03, 0x12, 0x19, 0x0a, 0x14, 0x55, 0x6e, 0x73, 0x75, 0x70, 0x70, 0x6f, 0x72, 0x74, 0x65,
+	0x64, 0x4d, 0x65, 0x64, 0x69, 0x61, 0x54, 0x79, 0x70, 0x65, 0x10, 0x9f, 0x03, 0x12, 0x18, 0x0a,
+	0x13, 0x52, 0x61, 0x6e, 0x67, 0x65, 0x4e, 0x6f, 0x74, 0x53, 0x61, 0x74, 0x69, 0x73, 0x66, 0x69,
+	0x61, 0x62, 0x6c, 0x65, 0x10, 0xa0, 0x03, 0x12, 0x16, 0x0a, 0x11, 0x45, 0x78, 0x70, 0x65, 0x63,
+	0x74, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x46, 0x61, 0x69, 0x6c, 0x65, 0x64, 0x10, 0xa1, 0x03, 0x12,
+	0x17, 0x0a, 0x12, 0x4d, 0x69, 0x73, 0x64, 0x69, 0x72, 0x65, 0x63, 0x74, 0x65, 0x64, 0x52, 0x65,
+	0x71, 0x75, 0x65, 0x73, 0x74, 0x10, 0xa5, 0x03, 0x12, 0x18, 0x0a, 0x13, 0x55, 0x6e, 0x70, 0x72,
+	0x6f, 0x63, 0x65, 0x73, 0x73, 0x61, 0x62, 0x6c, 0x65, 0x45, 0x6e, 0x74, 0x69, 0x74, 0x79, 0x10,
+	0xa6, 0x03, 0x12, 0x0b, 0x0a, 0x06, 0x4c, 0x6f, 0x63, 0x6b, 0x65, 0x64, 0x10, 0xa7, 0x03, 0x12,
+	0x15, 0x0a, 0x10, 0x46, 0x61, 0x69, 0x6c, 0x65, 0x64, 0x44, 0x65, 0x70, 0x65, 0x6e, 0x64, 0x65,
+	0x6e, 0x63, 0x79, 0x10, 0xa8, 0x03, 0x12, 0x14, 0x0a, 0x0f, 0x55, 0x70, 0x67, 0x72, 0x61, 0x64,
+	0x65, 0x52, 0x65, 0x71, 0x75, 0x69, 0x72, 0x65, 0x64, 0x10, 0xaa, 0x03, 0x12, 0x19, 0x0a, 0x14,
+	0x50, 0x72, 0x65, 0x63, 0x6f, 0x6e, 0x64, 0x69, 0x74, 0x69, 0x6f, 0x6e, 0x52, 0x65, 0x71, 0x75,
+	0x69, 0x72, 0x65, 0x64, 0x10, 0xac, 0x03, 0x12, 0x14, 0x0a, 0x0f, 0x54, 0x6f, 0x6f, 0x4d, 0x61,
+	0x6e, 0x79, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x73, 0x10, 0xad, 0x03, 0x12, 0x20, 0x0a,
+	0x1b, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x48, 0x65, 0x61, 0x64, 0x65, 0x72, 0x46, 0x69,
+	0x65, 0x6c, 0x64, 0x73, 0x54, 0x6f, 0x6f, 0x4c, 0x61, 0x72, 0x67, 0x65, 0x10, 0xaf, 0x03, 0x12,
+	0x18, 0x0a, 0x13, 0x49, 0x6e, 0x74, 0x65, 0x72, 0x6e, 0x61, 0x6c, 0x53, 0x65, 0x72, 0x76, 0x65,
+	0x72, 0x45, 0x72, 0x72, 0x6f, 0x72, 0x10, 0xf4, 0x03, 0x12, 0x13, 0x0a, 0x0e, 0x4e, 0x6f, 0x74,
+	0x49, 0x6d, 0x70, 0x6c, 0x65, 0x6d, 0x65, 0x6e, 0x74, 0x65, 0x64, 0x10, 0xf5, 0x03, 0x12, 0x0f,
+	0x0a, 0x0a, 0x42, 0x61, 0x64, 0x47, 0x61, 0x74, 0x65, 0x77, 0x61, 0x79, 0x10, 0xf6, 0x03, 0x12,
+	0x17, 0x0a, 0x12, 0x53, 0x65, 0x72, 0x76, 0x69, 0x63, 0x65, 0x55, 0x6e, 0x61, 0x76, 0x61, 0x69,
+	0x6c, 0x61, 0x62, 0x6c, 0x65, 0x10, 0xf7, 0x03, 0x12, 0x13, 0x0a, 0x0e, 0x47, 0x61, 0x74, 0x65,
+	0x77, 0x61, 0x79, 0x54, 0x69, 0x6d, 0x65, 0x6f, 0x75, 0x74, 0x10, 0xf8, 0x03, 0x12, 0x1c, 0x0a,
+	0x17, 0x48, 0x54, 0x54, 0x50, 0x56, 0x65, 0x72, 0x73, 0x69, 0x6f, 0x6e, 0x4e, 0x6f, 0x74, 0x53,
+	0x75, 0x70, 0x70, 0x6f, 0x72, 0x74, 0x65, 0x64, 0x10, 0xf9, 0x03, 0x12, 0x1a, 0x0a, 0x15, 0x56,
+	0x61, 0x72, 0x69, 0x61, 0x6e, 0x74, 0x41, 0x6c, 0x73, 0x6f, 0x4e, 0x65, 0x67, 0x6f, 0x74, 0x69,
+	0x61, 0x74, 0x65, 0x73, 0x10, 0xfa, 0x03, 0x12, 0x18, 0x0a, 0x13, 0x49, 0x6e, 0x73, 0x75, 0x66,
+	0x66, 0x69, 0x63, 0x69, 0x65, 0x6e, 0x74, 0x53, 0x74, 0x6f, 0x72, 0x61, 0x67, 0x65, 0x10, 0xfb,
+	0x03, 0x12, 0x11, 0x0a, 0x0c, 0x4c, 0x6f, 0x6f, 0x70, 0x44, 0x65, 0x74, 0x65, 0x63, 0x74, 0x65,
+	0x64, 0x10, 0xfc, 0x03, 0x12, 0x10, 0x0a, 0x0b, 0x4e, 0x6f, 0x74, 0x45, 0x78, 0x74, 0x65, 0x6e,
+	0x64, 0x65, 0x64, 0x10, 0xfe, 0x03, 0x12, 0x22, 0x0a, 0x1d, 0x4e, 0x65, 0x74, 0x77, 0x6f, 0x72,
+	0x6b, 0x41, 0x75, 0x74, 0x68, 0x65, 0x6e, 0x74, 0x69, 0x63, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x52,
+	0x65, 0x71, 0x75, 0x69, 0x72, 0x65, 0x64, 0x10, 0xff, 0x03, 0x42, 0x38, 0x0a, 0x1b, 0x69, 0x6f,
+	0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x70, 0x72, 0x6f, 0x78, 0x79, 0x2e, 0x65, 0x6e, 0x76, 0x6f,
+	0x79, 0x2e, 0x74, 0x79, 0x70, 0x65, 0x2e, 0x76, 0x33, 0x42, 0x0f, 0x48, 0x74, 0x74, 0x70, 0x53,
+	0x74, 0x61, 0x74, 0x75, 0x73, 0x50, 0x72, 0x6f, 0x74, 0x6f, 0x50, 0x01, 0xba, 0x80, 0xc8, 0xd1,
+	0x06, 0x02, 0x10, 0x02, 0x62, 0x06, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x33,
+}
+
+var (
+	file_envoy_type_v3_http_status_proto_rawDescOnce sync.Once
+	file_envoy_type_v3_http_status_proto_rawDescData = file_envoy_type_v3_http_status_proto_rawDesc
+)
+
+func file_envoy_type_v3_http_status_proto_rawDescGZIP() []byte {
+	file_envoy_type_v3_http_status_proto_rawDescOnce.Do(func() {
+		file_envoy_type_v3_http_status_proto_rawDescData = protoimpl.X.CompressGZIP(file_envoy_type_v3_http_status_proto_rawDescData)
+	})
+	return file_envoy_type_v3_http_status_proto_rawDescData
+}
+
+var file_envoy_type_v3_http_status_proto_enumTypes = make([]protoimpl.EnumInfo, 1)
+var file_envoy_type_v3_http_status_proto_msgTypes = make([]protoimpl.MessageInfo, 1)
+var file_envoy_type_v3_http_status_proto_goTypes = []interface{}{
+	(StatusCode)(0),    // 0: envoy.type.v3.StatusCode
+	(*HttpStatus)(nil), // 1: envoy.type.v3.HttpStatus
+}
+var file_envoy_type_v3_http_status_proto_depIdxs = []int32{
+	0, // 0: envoy.type.v3.HttpStatus.code:type_name -> envoy.type.v3.StatusCode
+	1, // [1:1] is the sub-list for method output_type
+	1, // [1:1] is the sub-list for method input_type
+	1, // [1:1] is the sub-list for extension type_name
+	1, // [1:1] is the sub-list for extension extendee
+	0, // [0:1] is the sub-list for field type_name
+}
+
+func init() { file_envoy_type_v3_http_status_proto_init() }
+func file_envoy_type_v3_http_status_proto_init() {
+	if File_envoy_type_v3_http_status_proto != nil {
+		return
+	}
+	if !protoimpl.UnsafeEnabled {
+		file_envoy_type_v3_http_status_proto_msgTypes[0].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*HttpStatus); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+	}
+	type x struct{}
+	out := protoimpl.TypeBuilder{
+		File: protoimpl.DescBuilder{
+			GoPackagePath: reflect.TypeOf(x{}).PkgPath(),
+			RawDescriptor: file_envoy_type_v3_http_status_proto_rawDesc,
+			NumEnums:      1,
+			NumMessages:   1,
+			NumExtensions: 0,
+			NumServices:   0,
+		},
+		GoTypes:           file_envoy_type_v3_http_status_proto_goTypes,
+		DependencyIndexes: file_envoy_type_v3_http_status_proto_depIdxs,
+		EnumInfos:         file_envoy_type_v3_http_status_proto_enumTypes,
+		MessageInfos:      file_envoy_type_v3_http_status_proto_msgTypes,
+	}.Build()
+	File_envoy_type_v3_http_status_proto = out.File
+	file_envoy_type_v3_http_status_proto_rawDesc = nil
+	file_envoy_type_v3_http_status_proto_goTypes = nil
+	file_envoy_type_v3_http_status_proto_depIdxs = nil
+}
diff --git a/vendor/github.com/envoyproxy/go-control-plane/envoy/type/v3/http_status.pb.validate.go b/vendor/github.com/envoyproxy/go-control-plane/envoy/type/v3/http_status.pb.validate.go
new file mode 100644
index 00000000000..6d1d3198674
--- /dev/null
+++ b/vendor/github.com/envoyproxy/go-control-plane/envoy/type/v3/http_status.pb.validate.go
@@ -0,0 +1,160 @@
+// Code generated by protoc-gen-validate. DO NOT EDIT.
+// source: envoy/type/v3/http_status.proto
+
+package envoy_type_v3
+
+import (
+	"bytes"
+	"errors"
+	"fmt"
+	"net"
+	"net/mail"
+	"net/url"
+	"regexp"
+	"sort"
+	"strings"
+	"time"
+	"unicode/utf8"
+
+	"google.golang.org/protobuf/types/known/anypb"
+)
+
+// ensure the imports are used
+var (
+	_ = bytes.MinRead
+	_ = errors.New("")
+	_ = fmt.Print
+	_ = utf8.UTFMax
+	_ = (*regexp.Regexp)(nil)
+	_ = (*strings.Reader)(nil)
+	_ = net.IPv4len
+	_ = time.Duration(0)
+	_ = (*url.URL)(nil)
+	_ = (*mail.Address)(nil)
+	_ = anypb.Any{}
+	_ = sort.Sort
+)
+
+// Validate checks the field values on HttpStatus with the rules defined in the
+// proto definition for this message. If any rules are violated, the first
+// error encountered is returned, or nil if there are no violations.
+func (m *HttpStatus) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on HttpStatus with the rules defined in
+// the proto definition for this message. If any rules are violated, the
+// result is a list of violation errors wrapped in HttpStatusMultiError, or
+// nil if none found.
+func (m *HttpStatus) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *HttpStatus) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	if _, ok := _HttpStatus_Code_NotInLookup[m.GetCode()]; ok {
+		err := HttpStatusValidationError{
+			field:  "Code",
+			reason: "value must not be in list [0]",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+	}
+
+	if _, ok := StatusCode_name[int32(m.GetCode())]; !ok {
+		err := HttpStatusValidationError{
+			field:  "Code",
+			reason: "value must be one of the defined enum values",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+	}
+
+	if len(errors) > 0 {
+		return HttpStatusMultiError(errors)
+	}
+	return nil
+}
+
+// HttpStatusMultiError is an error wrapping multiple validation errors
+// returned by HttpStatus.ValidateAll() if the designated constraints aren't met.
+type HttpStatusMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m HttpStatusMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m HttpStatusMultiError) AllErrors() []error { return m }
+
+// HttpStatusValidationError is the validation error returned by
+// HttpStatus.Validate if the designated constraints aren't met.
+type HttpStatusValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e HttpStatusValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e HttpStatusValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e HttpStatusValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e HttpStatusValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e HttpStatusValidationError) ErrorName() string { return "HttpStatusValidationError" }
+
+// Error satisfies the builtin error interface
+func (e HttpStatusValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sHttpStatus.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = HttpStatusValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = HttpStatusValidationError{}
+
+var _HttpStatus_Code_NotInLookup = map[StatusCode]struct{}{
+	0: {},
+}
diff --git a/vendor/github.com/envoyproxy/go-control-plane/envoy/type/v3/percent.pb.go b/vendor/github.com/envoyproxy/go-control-plane/envoy/type/v3/percent.pb.go
new file mode 100644
index 00000000000..3c141a00902
--- /dev/null
+++ b/vendor/github.com/envoyproxy/go-control-plane/envoy/type/v3/percent.pb.go
@@ -0,0 +1,318 @@
+// Code generated by protoc-gen-go. DO NOT EDIT.
+// versions:
+// 	protoc-gen-go v1.25.0
+// 	protoc        v3.19.1
+// source: envoy/type/v3/percent.proto
+
+package envoy_type_v3
+
+import (
+	_ "github.com/cncf/xds/go/udpa/annotations"
+	_ "github.com/envoyproxy/protoc-gen-validate/validate"
+	proto "github.com/golang/protobuf/proto"
+	protoreflect "google.golang.org/protobuf/reflect/protoreflect"
+	protoimpl "google.golang.org/protobuf/runtime/protoimpl"
+	reflect "reflect"
+	sync "sync"
+)
+
+const (
+	// Verify that this generated code is sufficiently up-to-date.
+	_ = protoimpl.EnforceVersion(20 - protoimpl.MinVersion)
+	// Verify that runtime/protoimpl is sufficiently up-to-date.
+	_ = protoimpl.EnforceVersion(protoimpl.MaxVersion - 20)
+)
+
+// This is a compile-time assertion that a sufficiently up-to-date version
+// of the legacy proto package is being used.
+const _ = proto.ProtoPackageIsVersion4
+
+// Fraction percentages support several fixed denominator values.
+type FractionalPercent_DenominatorType int32
+
+const (
+	// 100.
+	//
+	// **Example**: 1/100 = 1%.
+	FractionalPercent_HUNDRED FractionalPercent_DenominatorType = 0
+	// 10,000.
+	//
+	// **Example**: 1/10000 = 0.01%.
+	FractionalPercent_TEN_THOUSAND FractionalPercent_DenominatorType = 1
+	// 1,000,000.
+	//
+	// **Example**: 1/1000000 = 0.0001%.
+	FractionalPercent_MILLION FractionalPercent_DenominatorType = 2
+)
+
+// Enum value maps for FractionalPercent_DenominatorType.
+var (
+	FractionalPercent_DenominatorType_name = map[int32]string{
+		0: "HUNDRED",
+		1: "TEN_THOUSAND",
+		2: "MILLION",
+	}
+	FractionalPercent_DenominatorType_value = map[string]int32{
+		"HUNDRED":      0,
+		"TEN_THOUSAND": 1,
+		"MILLION":      2,
+	}
+)
+
+func (x FractionalPercent_DenominatorType) Enum() *FractionalPercent_DenominatorType {
+	p := new(FractionalPercent_DenominatorType)
+	*p = x
+	return p
+}
+
+func (x FractionalPercent_DenominatorType) String() string {
+	return protoimpl.X.EnumStringOf(x.Descriptor(), protoreflect.EnumNumber(x))
+}
+
+func (FractionalPercent_DenominatorType) Descriptor() protoreflect.EnumDescriptor {
+	return file_envoy_type_v3_percent_proto_enumTypes[0].Descriptor()
+}
+
+func (FractionalPercent_DenominatorType) Type() protoreflect.EnumType {
+	return &file_envoy_type_v3_percent_proto_enumTypes[0]
+}
+
+func (x FractionalPercent_DenominatorType) Number() protoreflect.EnumNumber {
+	return protoreflect.EnumNumber(x)
+}
+
+// Deprecated: Use FractionalPercent_DenominatorType.Descriptor instead.
+func (FractionalPercent_DenominatorType) EnumDescriptor() ([]byte, []int) {
+	return file_envoy_type_v3_percent_proto_rawDescGZIP(), []int{1, 0}
+}
+
+// Identifies a percentage, in the range [0.0, 100.0].
+type Percent struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	Value float64 `protobuf:"fixed64,1,opt,name=value,proto3" json:"value,omitempty"`
+}
+
+func (x *Percent) Reset() {
+	*x = Percent{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_type_v3_percent_proto_msgTypes[0]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *Percent) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*Percent) ProtoMessage() {}
+
+func (x *Percent) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_type_v3_percent_proto_msgTypes[0]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use Percent.ProtoReflect.Descriptor instead.
+func (*Percent) Descriptor() ([]byte, []int) {
+	return file_envoy_type_v3_percent_proto_rawDescGZIP(), []int{0}
+}
+
+func (x *Percent) GetValue() float64 {
+	if x != nil {
+		return x.Value
+	}
+	return 0
+}
+
+// A fractional percentage is used in cases in which for performance reasons performing floating
+// point to integer conversions during randomness calculations is undesirable. The message includes
+// both a numerator and denominator that together determine the final fractional value.
+//
+// * **Example**: 1/100 = 1%.
+// * **Example**: 3/10000 = 0.03%.
+type FractionalPercent struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// Specifies the numerator. Defaults to 0.
+	Numerator uint32 `protobuf:"varint,1,opt,name=numerator,proto3" json:"numerator,omitempty"`
+	// Specifies the denominator. If the denominator specified is less than the numerator, the final
+	// fractional percentage is capped at 1 (100%).
+	Denominator FractionalPercent_DenominatorType `protobuf:"varint,2,opt,name=denominator,proto3,enum=envoy.type.v3.FractionalPercent_DenominatorType" json:"denominator,omitempty"`
+}
+
+func (x *FractionalPercent) Reset() {
+	*x = FractionalPercent{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_type_v3_percent_proto_msgTypes[1]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *FractionalPercent) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*FractionalPercent) ProtoMessage() {}
+
+func (x *FractionalPercent) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_type_v3_percent_proto_msgTypes[1]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use FractionalPercent.ProtoReflect.Descriptor instead.
+func (*FractionalPercent) Descriptor() ([]byte, []int) {
+	return file_envoy_type_v3_percent_proto_rawDescGZIP(), []int{1}
+}
+
+func (x *FractionalPercent) GetNumerator() uint32 {
+	if x != nil {
+		return x.Numerator
+	}
+	return 0
+}
+
+func (x *FractionalPercent) GetDenominator() FractionalPercent_DenominatorType {
+	if x != nil {
+		return x.Denominator
+	}
+	return FractionalPercent_HUNDRED
+}
+
+var File_envoy_type_v3_percent_proto protoreflect.FileDescriptor
+
+var file_envoy_type_v3_percent_proto_rawDesc = []byte{
+	0x0a, 0x1b, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2f, 0x74, 0x79, 0x70, 0x65, 0x2f, 0x76, 0x33, 0x2f,
+	0x70, 0x65, 0x72, 0x63, 0x65, 0x6e, 0x74, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x12, 0x0d, 0x65,
+	0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x74, 0x79, 0x70, 0x65, 0x2e, 0x76, 0x33, 0x1a, 0x1d, 0x75, 0x64,
+	0x70, 0x61, 0x2f, 0x61, 0x6e, 0x6e, 0x6f, 0x74, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x2f, 0x73,
+	0x74, 0x61, 0x74, 0x75, 0x73, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x21, 0x75, 0x64, 0x70,
+	0x61, 0x2f, 0x61, 0x6e, 0x6e, 0x6f, 0x74, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x2f, 0x76, 0x65,
+	0x72, 0x73, 0x69, 0x6f, 0x6e, 0x69, 0x6e, 0x67, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x17,
+	0x76, 0x61, 0x6c, 0x69, 0x64, 0x61, 0x74, 0x65, 0x2f, 0x76, 0x61, 0x6c, 0x69, 0x64, 0x61, 0x74,
+	0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x22, 0x53, 0x0a, 0x07, 0x50, 0x65, 0x72, 0x63, 0x65,
+	0x6e, 0x74, 0x12, 0x2d, 0x0a, 0x05, 0x76, 0x61, 0x6c, 0x75, 0x65, 0x18, 0x01, 0x20, 0x01, 0x28,
+	0x01, 0x42, 0x17, 0xfa, 0x42, 0x14, 0x12, 0x12, 0x19, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x59,
+	0x40, 0x29, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x52, 0x05, 0x76, 0x61, 0x6c, 0x75,
+	0x65, 0x3a, 0x19, 0x9a, 0xc5, 0x88, 0x1e, 0x14, 0x0a, 0x12, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e,
+	0x74, 0x79, 0x70, 0x65, 0x2e, 0x50, 0x65, 0x72, 0x63, 0x65, 0x6e, 0x74, 0x22, 0xf3, 0x01, 0x0a,
+	0x11, 0x46, 0x72, 0x61, 0x63, 0x74, 0x69, 0x6f, 0x6e, 0x61, 0x6c, 0x50, 0x65, 0x72, 0x63, 0x65,
+	0x6e, 0x74, 0x12, 0x1c, 0x0a, 0x09, 0x6e, 0x75, 0x6d, 0x65, 0x72, 0x61, 0x74, 0x6f, 0x72, 0x18,
+	0x01, 0x20, 0x01, 0x28, 0x0d, 0x52, 0x09, 0x6e, 0x75, 0x6d, 0x65, 0x72, 0x61, 0x74, 0x6f, 0x72,
+	0x12, 0x5c, 0x0a, 0x0b, 0x64, 0x65, 0x6e, 0x6f, 0x6d, 0x69, 0x6e, 0x61, 0x74, 0x6f, 0x72, 0x18,
+	0x02, 0x20, 0x01, 0x28, 0x0e, 0x32, 0x30, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x74, 0x79,
+	0x70, 0x65, 0x2e, 0x76, 0x33, 0x2e, 0x46, 0x72, 0x61, 0x63, 0x74, 0x69, 0x6f, 0x6e, 0x61, 0x6c,
+	0x50, 0x65, 0x72, 0x63, 0x65, 0x6e, 0x74, 0x2e, 0x44, 0x65, 0x6e, 0x6f, 0x6d, 0x69, 0x6e, 0x61,
+	0x74, 0x6f, 0x72, 0x54, 0x79, 0x70, 0x65, 0x42, 0x08, 0xfa, 0x42, 0x05, 0x82, 0x01, 0x02, 0x10,
+	0x01, 0x52, 0x0b, 0x64, 0x65, 0x6e, 0x6f, 0x6d, 0x69, 0x6e, 0x61, 0x74, 0x6f, 0x72, 0x22, 0x3d,
+	0x0a, 0x0f, 0x44, 0x65, 0x6e, 0x6f, 0x6d, 0x69, 0x6e, 0x61, 0x74, 0x6f, 0x72, 0x54, 0x79, 0x70,
+	0x65, 0x12, 0x0b, 0x0a, 0x07, 0x48, 0x55, 0x4e, 0x44, 0x52, 0x45, 0x44, 0x10, 0x00, 0x12, 0x10,
+	0x0a, 0x0c, 0x54, 0x45, 0x4e, 0x5f, 0x54, 0x48, 0x4f, 0x55, 0x53, 0x41, 0x4e, 0x44, 0x10, 0x01,
+	0x12, 0x0b, 0x0a, 0x07, 0x4d, 0x49, 0x4c, 0x4c, 0x49, 0x4f, 0x4e, 0x10, 0x02, 0x3a, 0x23, 0x9a,
+	0xc5, 0x88, 0x1e, 0x1e, 0x0a, 0x1c, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x74, 0x79, 0x70, 0x65,
+	0x2e, 0x46, 0x72, 0x61, 0x63, 0x74, 0x69, 0x6f, 0x6e, 0x61, 0x6c, 0x50, 0x65, 0x72, 0x63, 0x65,
+	0x6e, 0x74, 0x42, 0x35, 0x0a, 0x1b, 0x69, 0x6f, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x70, 0x72,
+	0x6f, 0x78, 0x79, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x74, 0x79, 0x70, 0x65, 0x2e, 0x76,
+	0x33, 0x42, 0x0c, 0x50, 0x65, 0x72, 0x63, 0x65, 0x6e, 0x74, 0x50, 0x72, 0x6f, 0x74, 0x6f, 0x50,
+	0x01, 0xba, 0x80, 0xc8, 0xd1, 0x06, 0x02, 0x10, 0x02, 0x62, 0x06, 0x70, 0x72, 0x6f, 0x74, 0x6f,
+	0x33,
+}
+
+var (
+	file_envoy_type_v3_percent_proto_rawDescOnce sync.Once
+	file_envoy_type_v3_percent_proto_rawDescData = file_envoy_type_v3_percent_proto_rawDesc
+)
+
+func file_envoy_type_v3_percent_proto_rawDescGZIP() []byte {
+	file_envoy_type_v3_percent_proto_rawDescOnce.Do(func() {
+		file_envoy_type_v3_percent_proto_rawDescData = protoimpl.X.CompressGZIP(file_envoy_type_v3_percent_proto_rawDescData)
+	})
+	return file_envoy_type_v3_percent_proto_rawDescData
+}
+
+var file_envoy_type_v3_percent_proto_enumTypes = make([]protoimpl.EnumInfo, 1)
+var file_envoy_type_v3_percent_proto_msgTypes = make([]protoimpl.MessageInfo, 2)
+var file_envoy_type_v3_percent_proto_goTypes = []interface{}{
+	(FractionalPercent_DenominatorType)(0), // 0: envoy.type.v3.FractionalPercent.DenominatorType
+	(*Percent)(nil),                        // 1: envoy.type.v3.Percent
+	(*FractionalPercent)(nil),              // 2: envoy.type.v3.FractionalPercent
+}
+var file_envoy_type_v3_percent_proto_depIdxs = []int32{
+	0, // 0: envoy.type.v3.FractionalPercent.denominator:type_name -> envoy.type.v3.FractionalPercent.DenominatorType
+	1, // [1:1] is the sub-list for method output_type
+	1, // [1:1] is the sub-list for method input_type
+	1, // [1:1] is the sub-list for extension type_name
+	1, // [1:1] is the sub-list for extension extendee
+	0, // [0:1] is the sub-list for field type_name
+}
+
+func init() { file_envoy_type_v3_percent_proto_init() }
+func file_envoy_type_v3_percent_proto_init() {
+	if File_envoy_type_v3_percent_proto != nil {
+		return
+	}
+	if !protoimpl.UnsafeEnabled {
+		file_envoy_type_v3_percent_proto_msgTypes[0].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*Percent); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_type_v3_percent_proto_msgTypes[1].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*FractionalPercent); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+	}
+	type x struct{}
+	out := protoimpl.TypeBuilder{
+		File: protoimpl.DescBuilder{
+			GoPackagePath: reflect.TypeOf(x{}).PkgPath(),
+			RawDescriptor: file_envoy_type_v3_percent_proto_rawDesc,
+			NumEnums:      1,
+			NumMessages:   2,
+			NumExtensions: 0,
+			NumServices:   0,
+		},
+		GoTypes:           file_envoy_type_v3_percent_proto_goTypes,
+		DependencyIndexes: file_envoy_type_v3_percent_proto_depIdxs,
+		EnumInfos:         file_envoy_type_v3_percent_proto_enumTypes,
+		MessageInfos:      file_envoy_type_v3_percent_proto_msgTypes,
+	}.Build()
+	File_envoy_type_v3_percent_proto = out.File
+	file_envoy_type_v3_percent_proto_rawDesc = nil
+	file_envoy_type_v3_percent_proto_goTypes = nil
+	file_envoy_type_v3_percent_proto_depIdxs = nil
+}
diff --git a/vendor/github.com/envoyproxy/go-control-plane/envoy/type/v3/percent.pb.validate.go b/vendor/github.com/envoyproxy/go-control-plane/envoy/type/v3/percent.pb.validate.go
new file mode 100644
index 00000000000..4c4320cef08
--- /dev/null
+++ b/vendor/github.com/envoyproxy/go-control-plane/envoy/type/v3/percent.pb.validate.go
@@ -0,0 +1,258 @@
+// Code generated by protoc-gen-validate. DO NOT EDIT.
+// source: envoy/type/v3/percent.proto
+
+package envoy_type_v3
+
+import (
+	"bytes"
+	"errors"
+	"fmt"
+	"net"
+	"net/mail"
+	"net/url"
+	"regexp"
+	"sort"
+	"strings"
+	"time"
+	"unicode/utf8"
+
+	"google.golang.org/protobuf/types/known/anypb"
+)
+
+// ensure the imports are used
+var (
+	_ = bytes.MinRead
+	_ = errors.New("")
+	_ = fmt.Print
+	_ = utf8.UTFMax
+	_ = (*regexp.Regexp)(nil)
+	_ = (*strings.Reader)(nil)
+	_ = net.IPv4len
+	_ = time.Duration(0)
+	_ = (*url.URL)(nil)
+	_ = (*mail.Address)(nil)
+	_ = anypb.Any{}
+	_ = sort.Sort
+)
+
+// Validate checks the field values on Percent with the rules defined in the
+// proto definition for this message. If any rules are violated, the first
+// error encountered is returned, or nil if there are no violations.
+func (m *Percent) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on Percent with the rules defined in the
+// proto definition for this message. If any rules are violated, the result is
+// a list of violation errors wrapped in PercentMultiError, or nil if none found.
+func (m *Percent) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *Percent) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	if val := m.GetValue(); val < 0 || val > 100 {
+		err := PercentValidationError{
+			field:  "Value",
+			reason: "value must be inside range [0, 100]",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+	}
+
+	if len(errors) > 0 {
+		return PercentMultiError(errors)
+	}
+	return nil
+}
+
+// PercentMultiError is an error wrapping multiple validation errors returned
+// by Percent.ValidateAll() if the designated constraints aren't met.
+type PercentMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m PercentMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m PercentMultiError) AllErrors() []error { return m }
+
+// PercentValidationError is the validation error returned by Percent.Validate
+// if the designated constraints aren't met.
+type PercentValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e PercentValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e PercentValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e PercentValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e PercentValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e PercentValidationError) ErrorName() string { return "PercentValidationError" }
+
+// Error satisfies the builtin error interface
+func (e PercentValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sPercent.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = PercentValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = PercentValidationError{}
+
+// Validate checks the field values on FractionalPercent with the rules defined
+// in the proto definition for this message. If any rules are violated, the
+// first error encountered is returned, or nil if there are no violations.
+func (m *FractionalPercent) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on FractionalPercent with the rules
+// defined in the proto definition for this message. If any rules are
+// violated, the result is a list of violation errors wrapped in
+// FractionalPercentMultiError, or nil if none found.
+func (m *FractionalPercent) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *FractionalPercent) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	// no validation rules for Numerator
+
+	if _, ok := FractionalPercent_DenominatorType_name[int32(m.GetDenominator())]; !ok {
+		err := FractionalPercentValidationError{
+			field:  "Denominator",
+			reason: "value must be one of the defined enum values",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+	}
+
+	if len(errors) > 0 {
+		return FractionalPercentMultiError(errors)
+	}
+	return nil
+}
+
+// FractionalPercentMultiError is an error wrapping multiple validation errors
+// returned by FractionalPercent.ValidateAll() if the designated constraints
+// aren't met.
+type FractionalPercentMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m FractionalPercentMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m FractionalPercentMultiError) AllErrors() []error { return m }
+
+// FractionalPercentValidationError is the validation error returned by
+// FractionalPercent.Validate if the designated constraints aren't met.
+type FractionalPercentValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e FractionalPercentValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e FractionalPercentValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e FractionalPercentValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e FractionalPercentValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e FractionalPercentValidationError) ErrorName() string {
+	return "FractionalPercentValidationError"
+}
+
+// Error satisfies the builtin error interface
+func (e FractionalPercentValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sFractionalPercent.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = FractionalPercentValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = FractionalPercentValidationError{}
diff --git a/vendor/github.com/envoyproxy/go-control-plane/envoy/type/v3/range.pb.go b/vendor/github.com/envoyproxy/go-control-plane/envoy/type/v3/range.pb.go
new file mode 100644
index 00000000000..be802596d4d
--- /dev/null
+++ b/vendor/github.com/envoyproxy/go-control-plane/envoy/type/v3/range.pb.go
@@ -0,0 +1,325 @@
+// Code generated by protoc-gen-go. DO NOT EDIT.
+// versions:
+// 	protoc-gen-go v1.25.0
+// 	protoc        v3.19.1
+// source: envoy/type/v3/range.proto
+
+package envoy_type_v3
+
+import (
+	_ "github.com/cncf/xds/go/udpa/annotations"
+	proto "github.com/golang/protobuf/proto"
+	protoreflect "google.golang.org/protobuf/reflect/protoreflect"
+	protoimpl "google.golang.org/protobuf/runtime/protoimpl"
+	reflect "reflect"
+	sync "sync"
+)
+
+const (
+	// Verify that this generated code is sufficiently up-to-date.
+	_ = protoimpl.EnforceVersion(20 - protoimpl.MinVersion)
+	// Verify that runtime/protoimpl is sufficiently up-to-date.
+	_ = protoimpl.EnforceVersion(protoimpl.MaxVersion - 20)
+)
+
+// This is a compile-time assertion that a sufficiently up-to-date version
+// of the legacy proto package is being used.
+const _ = proto.ProtoPackageIsVersion4
+
+// Specifies the int64 start and end of the range using half-open interval semantics [start,
+// end).
+type Int64Range struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// start of the range (inclusive)
+	Start int64 `protobuf:"varint,1,opt,name=start,proto3" json:"start,omitempty"`
+	// end of the range (exclusive)
+	End int64 `protobuf:"varint,2,opt,name=end,proto3" json:"end,omitempty"`
+}
+
+func (x *Int64Range) Reset() {
+	*x = Int64Range{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_type_v3_range_proto_msgTypes[0]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *Int64Range) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*Int64Range) ProtoMessage() {}
+
+func (x *Int64Range) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_type_v3_range_proto_msgTypes[0]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use Int64Range.ProtoReflect.Descriptor instead.
+func (*Int64Range) Descriptor() ([]byte, []int) {
+	return file_envoy_type_v3_range_proto_rawDescGZIP(), []int{0}
+}
+
+func (x *Int64Range) GetStart() int64 {
+	if x != nil {
+		return x.Start
+	}
+	return 0
+}
+
+func (x *Int64Range) GetEnd() int64 {
+	if x != nil {
+		return x.End
+	}
+	return 0
+}
+
+// Specifies the int32 start and end of the range using half-open interval semantics [start,
+// end).
+type Int32Range struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// start of the range (inclusive)
+	Start int32 `protobuf:"varint,1,opt,name=start,proto3" json:"start,omitempty"`
+	// end of the range (exclusive)
+	End int32 `protobuf:"varint,2,opt,name=end,proto3" json:"end,omitempty"`
+}
+
+func (x *Int32Range) Reset() {
+	*x = Int32Range{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_type_v3_range_proto_msgTypes[1]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *Int32Range) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*Int32Range) ProtoMessage() {}
+
+func (x *Int32Range) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_type_v3_range_proto_msgTypes[1]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use Int32Range.ProtoReflect.Descriptor instead.
+func (*Int32Range) Descriptor() ([]byte, []int) {
+	return file_envoy_type_v3_range_proto_rawDescGZIP(), []int{1}
+}
+
+func (x *Int32Range) GetStart() int32 {
+	if x != nil {
+		return x.Start
+	}
+	return 0
+}
+
+func (x *Int32Range) GetEnd() int32 {
+	if x != nil {
+		return x.End
+	}
+	return 0
+}
+
+// Specifies the double start and end of the range using half-open interval semantics [start,
+// end).
+type DoubleRange struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// start of the range (inclusive)
+	Start float64 `protobuf:"fixed64,1,opt,name=start,proto3" json:"start,omitempty"`
+	// end of the range (exclusive)
+	End float64 `protobuf:"fixed64,2,opt,name=end,proto3" json:"end,omitempty"`
+}
+
+func (x *DoubleRange) Reset() {
+	*x = DoubleRange{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_type_v3_range_proto_msgTypes[2]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *DoubleRange) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*DoubleRange) ProtoMessage() {}
+
+func (x *DoubleRange) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_type_v3_range_proto_msgTypes[2]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use DoubleRange.ProtoReflect.Descriptor instead.
+func (*DoubleRange) Descriptor() ([]byte, []int) {
+	return file_envoy_type_v3_range_proto_rawDescGZIP(), []int{2}
+}
+
+func (x *DoubleRange) GetStart() float64 {
+	if x != nil {
+		return x.Start
+	}
+	return 0
+}
+
+func (x *DoubleRange) GetEnd() float64 {
+	if x != nil {
+		return x.End
+	}
+	return 0
+}
+
+var File_envoy_type_v3_range_proto protoreflect.FileDescriptor
+
+var file_envoy_type_v3_range_proto_rawDesc = []byte{
+	0x0a, 0x19, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2f, 0x74, 0x79, 0x70, 0x65, 0x2f, 0x76, 0x33, 0x2f,
+	0x72, 0x61, 0x6e, 0x67, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x12, 0x0d, 0x65, 0x6e, 0x76,
+	0x6f, 0x79, 0x2e, 0x74, 0x79, 0x70, 0x65, 0x2e, 0x76, 0x33, 0x1a, 0x1d, 0x75, 0x64, 0x70, 0x61,
+	0x2f, 0x61, 0x6e, 0x6e, 0x6f, 0x74, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x2f, 0x73, 0x74, 0x61,
+	0x74, 0x75, 0x73, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x21, 0x75, 0x64, 0x70, 0x61, 0x2f,
+	0x61, 0x6e, 0x6e, 0x6f, 0x74, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x2f, 0x76, 0x65, 0x72, 0x73,
+	0x69, 0x6f, 0x6e, 0x69, 0x6e, 0x67, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x22, 0x52, 0x0a, 0x0a,
+	0x49, 0x6e, 0x74, 0x36, 0x34, 0x52, 0x61, 0x6e, 0x67, 0x65, 0x12, 0x14, 0x0a, 0x05, 0x73, 0x74,
+	0x61, 0x72, 0x74, 0x18, 0x01, 0x20, 0x01, 0x28, 0x03, 0x52, 0x05, 0x73, 0x74, 0x61, 0x72, 0x74,
+	0x12, 0x10, 0x0a, 0x03, 0x65, 0x6e, 0x64, 0x18, 0x02, 0x20, 0x01, 0x28, 0x03, 0x52, 0x03, 0x65,
+	0x6e, 0x64, 0x3a, 0x1c, 0x9a, 0xc5, 0x88, 0x1e, 0x17, 0x0a, 0x15, 0x65, 0x6e, 0x76, 0x6f, 0x79,
+	0x2e, 0x74, 0x79, 0x70, 0x65, 0x2e, 0x49, 0x6e, 0x74, 0x36, 0x34, 0x52, 0x61, 0x6e, 0x67, 0x65,
+	0x22, 0x52, 0x0a, 0x0a, 0x49, 0x6e, 0x74, 0x33, 0x32, 0x52, 0x61, 0x6e, 0x67, 0x65, 0x12, 0x14,
+	0x0a, 0x05, 0x73, 0x74, 0x61, 0x72, 0x74, 0x18, 0x01, 0x20, 0x01, 0x28, 0x05, 0x52, 0x05, 0x73,
+	0x74, 0x61, 0x72, 0x74, 0x12, 0x10, 0x0a, 0x03, 0x65, 0x6e, 0x64, 0x18, 0x02, 0x20, 0x01, 0x28,
+	0x05, 0x52, 0x03, 0x65, 0x6e, 0x64, 0x3a, 0x1c, 0x9a, 0xc5, 0x88, 0x1e, 0x17, 0x0a, 0x15, 0x65,
+	0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x74, 0x79, 0x70, 0x65, 0x2e, 0x49, 0x6e, 0x74, 0x33, 0x32, 0x52,
+	0x61, 0x6e, 0x67, 0x65, 0x22, 0x54, 0x0a, 0x0b, 0x44, 0x6f, 0x75, 0x62, 0x6c, 0x65, 0x52, 0x61,
+	0x6e, 0x67, 0x65, 0x12, 0x14, 0x0a, 0x05, 0x73, 0x74, 0x61, 0x72, 0x74, 0x18, 0x01, 0x20, 0x01,
+	0x28, 0x01, 0x52, 0x05, 0x73, 0x74, 0x61, 0x72, 0x74, 0x12, 0x10, 0x0a, 0x03, 0x65, 0x6e, 0x64,
+	0x18, 0x02, 0x20, 0x01, 0x28, 0x01, 0x52, 0x03, 0x65, 0x6e, 0x64, 0x3a, 0x1d, 0x9a, 0xc5, 0x88,
+	0x1e, 0x18, 0x0a, 0x16, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x74, 0x79, 0x70, 0x65, 0x2e, 0x44,
+	0x6f, 0x75, 0x62, 0x6c, 0x65, 0x52, 0x61, 0x6e, 0x67, 0x65, 0x42, 0x33, 0x0a, 0x1b, 0x69, 0x6f,
+	0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x70, 0x72, 0x6f, 0x78, 0x79, 0x2e, 0x65, 0x6e, 0x76, 0x6f,
+	0x79, 0x2e, 0x74, 0x79, 0x70, 0x65, 0x2e, 0x76, 0x33, 0x42, 0x0a, 0x52, 0x61, 0x6e, 0x67, 0x65,
+	0x50, 0x72, 0x6f, 0x74, 0x6f, 0x50, 0x01, 0xba, 0x80, 0xc8, 0xd1, 0x06, 0x02, 0x10, 0x02, 0x62,
+	0x06, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x33,
+}
+
+var (
+	file_envoy_type_v3_range_proto_rawDescOnce sync.Once
+	file_envoy_type_v3_range_proto_rawDescData = file_envoy_type_v3_range_proto_rawDesc
+)
+
+func file_envoy_type_v3_range_proto_rawDescGZIP() []byte {
+	file_envoy_type_v3_range_proto_rawDescOnce.Do(func() {
+		file_envoy_type_v3_range_proto_rawDescData = protoimpl.X.CompressGZIP(file_envoy_type_v3_range_proto_rawDescData)
+	})
+	return file_envoy_type_v3_range_proto_rawDescData
+}
+
+var file_envoy_type_v3_range_proto_msgTypes = make([]protoimpl.MessageInfo, 3)
+var file_envoy_type_v3_range_proto_goTypes = []interface{}{
+	(*Int64Range)(nil),  // 0: envoy.type.v3.Int64Range
+	(*Int32Range)(nil),  // 1: envoy.type.v3.Int32Range
+	(*DoubleRange)(nil), // 2: envoy.type.v3.DoubleRange
+}
+var file_envoy_type_v3_range_proto_depIdxs = []int32{
+	0, // [0:0] is the sub-list for method output_type
+	0, // [0:0] is the sub-list for method input_type
+	0, // [0:0] is the sub-list for extension type_name
+	0, // [0:0] is the sub-list for extension extendee
+	0, // [0:0] is the sub-list for field type_name
+}
+
+func init() { file_envoy_type_v3_range_proto_init() }
+func file_envoy_type_v3_range_proto_init() {
+	if File_envoy_type_v3_range_proto != nil {
+		return
+	}
+	if !protoimpl.UnsafeEnabled {
+		file_envoy_type_v3_range_proto_msgTypes[0].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*Int64Range); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_type_v3_range_proto_msgTypes[1].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*Int32Range); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_envoy_type_v3_range_proto_msgTypes[2].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*DoubleRange); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+	}
+	type x struct{}
+	out := protoimpl.TypeBuilder{
+		File: protoimpl.DescBuilder{
+			GoPackagePath: reflect.TypeOf(x{}).PkgPath(),
+			RawDescriptor: file_envoy_type_v3_range_proto_rawDesc,
+			NumEnums:      0,
+			NumMessages:   3,
+			NumExtensions: 0,
+			NumServices:   0,
+		},
+		GoTypes:           file_envoy_type_v3_range_proto_goTypes,
+		DependencyIndexes: file_envoy_type_v3_range_proto_depIdxs,
+		MessageInfos:      file_envoy_type_v3_range_proto_msgTypes,
+	}.Build()
+	File_envoy_type_v3_range_proto = out.File
+	file_envoy_type_v3_range_proto_rawDesc = nil
+	file_envoy_type_v3_range_proto_goTypes = nil
+	file_envoy_type_v3_range_proto_depIdxs = nil
+}
diff --git a/vendor/github.com/envoyproxy/go-control-plane/envoy/type/v3/range.pb.validate.go b/vendor/github.com/envoyproxy/go-control-plane/envoy/type/v3/range.pb.validate.go
new file mode 100644
index 00000000000..691e7c49c53
--- /dev/null
+++ b/vendor/github.com/envoyproxy/go-control-plane/envoy/type/v3/range.pb.validate.go
@@ -0,0 +1,342 @@
+// Code generated by protoc-gen-validate. DO NOT EDIT.
+// source: envoy/type/v3/range.proto
+
+package envoy_type_v3
+
+import (
+	"bytes"
+	"errors"
+	"fmt"
+	"net"
+	"net/mail"
+	"net/url"
+	"regexp"
+	"sort"
+	"strings"
+	"time"
+	"unicode/utf8"
+
+	"google.golang.org/protobuf/types/known/anypb"
+)
+
+// ensure the imports are used
+var (
+	_ = bytes.MinRead
+	_ = errors.New("")
+	_ = fmt.Print
+	_ = utf8.UTFMax
+	_ = (*regexp.Regexp)(nil)
+	_ = (*strings.Reader)(nil)
+	_ = net.IPv4len
+	_ = time.Duration(0)
+	_ = (*url.URL)(nil)
+	_ = (*mail.Address)(nil)
+	_ = anypb.Any{}
+	_ = sort.Sort
+)
+
+// Validate checks the field values on Int64Range with the rules defined in the
+// proto definition for this message. If any rules are violated, the first
+// error encountered is returned, or nil if there are no violations.
+func (m *Int64Range) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on Int64Range with the rules defined in
+// the proto definition for this message. If any rules are violated, the
+// result is a list of violation errors wrapped in Int64RangeMultiError, or
+// nil if none found.
+func (m *Int64Range) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *Int64Range) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	// no validation rules for Start
+
+	// no validation rules for End
+
+	if len(errors) > 0 {
+		return Int64RangeMultiError(errors)
+	}
+	return nil
+}
+
+// Int64RangeMultiError is an error wrapping multiple validation errors
+// returned by Int64Range.ValidateAll() if the designated constraints aren't met.
+type Int64RangeMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m Int64RangeMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m Int64RangeMultiError) AllErrors() []error { return m }
+
+// Int64RangeValidationError is the validation error returned by
+// Int64Range.Validate if the designated constraints aren't met.
+type Int64RangeValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e Int64RangeValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e Int64RangeValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e Int64RangeValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e Int64RangeValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e Int64RangeValidationError) ErrorName() string { return "Int64RangeValidationError" }
+
+// Error satisfies the builtin error interface
+func (e Int64RangeValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sInt64Range.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = Int64RangeValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = Int64RangeValidationError{}
+
+// Validate checks the field values on Int32Range with the rules defined in the
+// proto definition for this message. If any rules are violated, the first
+// error encountered is returned, or nil if there are no violations.
+func (m *Int32Range) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on Int32Range with the rules defined in
+// the proto definition for this message. If any rules are violated, the
+// result is a list of violation errors wrapped in Int32RangeMultiError, or
+// nil if none found.
+func (m *Int32Range) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *Int32Range) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	// no validation rules for Start
+
+	// no validation rules for End
+
+	if len(errors) > 0 {
+		return Int32RangeMultiError(errors)
+	}
+	return nil
+}
+
+// Int32RangeMultiError is an error wrapping multiple validation errors
+// returned by Int32Range.ValidateAll() if the designated constraints aren't met.
+type Int32RangeMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m Int32RangeMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m Int32RangeMultiError) AllErrors() []error { return m }
+
+// Int32RangeValidationError is the validation error returned by
+// Int32Range.Validate if the designated constraints aren't met.
+type Int32RangeValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e Int32RangeValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e Int32RangeValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e Int32RangeValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e Int32RangeValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e Int32RangeValidationError) ErrorName() string { return "Int32RangeValidationError" }
+
+// Error satisfies the builtin error interface
+func (e Int32RangeValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sInt32Range.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = Int32RangeValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = Int32RangeValidationError{}
+
+// Validate checks the field values on DoubleRange with the rules defined in
+// the proto definition for this message. If any rules are violated, the first
+// error encountered is returned, or nil if there are no violations.
+func (m *DoubleRange) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on DoubleRange with the rules defined in
+// the proto definition for this message. If any rules are violated, the
+// result is a list of violation errors wrapped in DoubleRangeMultiError, or
+// nil if none found.
+func (m *DoubleRange) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *DoubleRange) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	// no validation rules for Start
+
+	// no validation rules for End
+
+	if len(errors) > 0 {
+		return DoubleRangeMultiError(errors)
+	}
+	return nil
+}
+
+// DoubleRangeMultiError is an error wrapping multiple validation errors
+// returned by DoubleRange.ValidateAll() if the designated constraints aren't met.
+type DoubleRangeMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m DoubleRangeMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m DoubleRangeMultiError) AllErrors() []error { return m }
+
+// DoubleRangeValidationError is the validation error returned by
+// DoubleRange.Validate if the designated constraints aren't met.
+type DoubleRangeValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e DoubleRangeValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e DoubleRangeValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e DoubleRangeValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e DoubleRangeValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e DoubleRangeValidationError) ErrorName() string { return "DoubleRangeValidationError" }
+
+// Error satisfies the builtin error interface
+func (e DoubleRangeValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sDoubleRange.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = DoubleRangeValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = DoubleRangeValidationError{}
diff --git a/vendor/github.com/envoyproxy/go-control-plane/envoy/type/v3/ratelimit_unit.pb.go b/vendor/github.com/envoyproxy/go-control-plane/envoy/type/v3/ratelimit_unit.pb.go
new file mode 100644
index 00000000000..d53c29b6caa
--- /dev/null
+++ b/vendor/github.com/envoyproxy/go-control-plane/envoy/type/v3/ratelimit_unit.pb.go
@@ -0,0 +1,156 @@
+// Code generated by protoc-gen-go. DO NOT EDIT.
+// versions:
+// 	protoc-gen-go v1.25.0
+// 	protoc        v3.19.1
+// source: envoy/type/v3/ratelimit_unit.proto
+
+package envoy_type_v3
+
+import (
+	_ "github.com/cncf/xds/go/udpa/annotations"
+	proto "github.com/golang/protobuf/proto"
+	protoreflect "google.golang.org/protobuf/reflect/protoreflect"
+	protoimpl "google.golang.org/protobuf/runtime/protoimpl"
+	reflect "reflect"
+	sync "sync"
+)
+
+const (
+	// Verify that this generated code is sufficiently up-to-date.
+	_ = protoimpl.EnforceVersion(20 - protoimpl.MinVersion)
+	// Verify that runtime/protoimpl is sufficiently up-to-date.
+	_ = protoimpl.EnforceVersion(protoimpl.MaxVersion - 20)
+)
+
+// This is a compile-time assertion that a sufficiently up-to-date version
+// of the legacy proto package is being used.
+const _ = proto.ProtoPackageIsVersion4
+
+// Identifies the unit of of time for rate limit.
+type RateLimitUnit int32
+
+const (
+	// The time unit is not known.
+	RateLimitUnit_UNKNOWN RateLimitUnit = 0
+	// The time unit representing a second.
+	RateLimitUnit_SECOND RateLimitUnit = 1
+	// The time unit representing a minute.
+	RateLimitUnit_MINUTE RateLimitUnit = 2
+	// The time unit representing an hour.
+	RateLimitUnit_HOUR RateLimitUnit = 3
+	// The time unit representing a day.
+	RateLimitUnit_DAY RateLimitUnit = 4
+)
+
+// Enum value maps for RateLimitUnit.
+var (
+	RateLimitUnit_name = map[int32]string{
+		0: "UNKNOWN",
+		1: "SECOND",
+		2: "MINUTE",
+		3: "HOUR",
+		4: "DAY",
+	}
+	RateLimitUnit_value = map[string]int32{
+		"UNKNOWN": 0,
+		"SECOND":  1,
+		"MINUTE":  2,
+		"HOUR":    3,
+		"DAY":     4,
+	}
+)
+
+func (x RateLimitUnit) Enum() *RateLimitUnit {
+	p := new(RateLimitUnit)
+	*p = x
+	return p
+}
+
+func (x RateLimitUnit) String() string {
+	return protoimpl.X.EnumStringOf(x.Descriptor(), protoreflect.EnumNumber(x))
+}
+
+func (RateLimitUnit) Descriptor() protoreflect.EnumDescriptor {
+	return file_envoy_type_v3_ratelimit_unit_proto_enumTypes[0].Descriptor()
+}
+
+func (RateLimitUnit) Type() protoreflect.EnumType {
+	return &file_envoy_type_v3_ratelimit_unit_proto_enumTypes[0]
+}
+
+func (x RateLimitUnit) Number() protoreflect.EnumNumber {
+	return protoreflect.EnumNumber(x)
+}
+
+// Deprecated: Use RateLimitUnit.Descriptor instead.
+func (RateLimitUnit) EnumDescriptor() ([]byte, []int) {
+	return file_envoy_type_v3_ratelimit_unit_proto_rawDescGZIP(), []int{0}
+}
+
+var File_envoy_type_v3_ratelimit_unit_proto protoreflect.FileDescriptor
+
+var file_envoy_type_v3_ratelimit_unit_proto_rawDesc = []byte{
+	0x0a, 0x22, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2f, 0x74, 0x79, 0x70, 0x65, 0x2f, 0x76, 0x33, 0x2f,
+	0x72, 0x61, 0x74, 0x65, 0x6c, 0x69, 0x6d, 0x69, 0x74, 0x5f, 0x75, 0x6e, 0x69, 0x74, 0x2e, 0x70,
+	0x72, 0x6f, 0x74, 0x6f, 0x12, 0x0d, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x74, 0x79, 0x70, 0x65,
+	0x2e, 0x76, 0x33, 0x1a, 0x1d, 0x75, 0x64, 0x70, 0x61, 0x2f, 0x61, 0x6e, 0x6e, 0x6f, 0x74, 0x61,
+	0x74, 0x69, 0x6f, 0x6e, 0x73, 0x2f, 0x73, 0x74, 0x61, 0x74, 0x75, 0x73, 0x2e, 0x70, 0x72, 0x6f,
+	0x74, 0x6f, 0x2a, 0x47, 0x0a, 0x0d, 0x52, 0x61, 0x74, 0x65, 0x4c, 0x69, 0x6d, 0x69, 0x74, 0x55,
+	0x6e, 0x69, 0x74, 0x12, 0x0b, 0x0a, 0x07, 0x55, 0x4e, 0x4b, 0x4e, 0x4f, 0x57, 0x4e, 0x10, 0x00,
+	0x12, 0x0a, 0x0a, 0x06, 0x53, 0x45, 0x43, 0x4f, 0x4e, 0x44, 0x10, 0x01, 0x12, 0x0a, 0x0a, 0x06,
+	0x4d, 0x49, 0x4e, 0x55, 0x54, 0x45, 0x10, 0x02, 0x12, 0x08, 0x0a, 0x04, 0x48, 0x4f, 0x55, 0x52,
+	0x10, 0x03, 0x12, 0x07, 0x0a, 0x03, 0x44, 0x41, 0x59, 0x10, 0x04, 0x42, 0x3b, 0x0a, 0x1b, 0x69,
+	0x6f, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x70, 0x72, 0x6f, 0x78, 0x79, 0x2e, 0x65, 0x6e, 0x76,
+	0x6f, 0x79, 0x2e, 0x74, 0x79, 0x70, 0x65, 0x2e, 0x76, 0x33, 0x42, 0x12, 0x52, 0x61, 0x74, 0x65,
+	0x6c, 0x69, 0x6d, 0x69, 0x74, 0x55, 0x6e, 0x69, 0x74, 0x50, 0x72, 0x6f, 0x74, 0x6f, 0x50, 0x01,
+	0xba, 0x80, 0xc8, 0xd1, 0x06, 0x02, 0x10, 0x02, 0x62, 0x06, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x33,
+}
+
+var (
+	file_envoy_type_v3_ratelimit_unit_proto_rawDescOnce sync.Once
+	file_envoy_type_v3_ratelimit_unit_proto_rawDescData = file_envoy_type_v3_ratelimit_unit_proto_rawDesc
+)
+
+func file_envoy_type_v3_ratelimit_unit_proto_rawDescGZIP() []byte {
+	file_envoy_type_v3_ratelimit_unit_proto_rawDescOnce.Do(func() {
+		file_envoy_type_v3_ratelimit_unit_proto_rawDescData = protoimpl.X.CompressGZIP(file_envoy_type_v3_ratelimit_unit_proto_rawDescData)
+	})
+	return file_envoy_type_v3_ratelimit_unit_proto_rawDescData
+}
+
+var file_envoy_type_v3_ratelimit_unit_proto_enumTypes = make([]protoimpl.EnumInfo, 1)
+var file_envoy_type_v3_ratelimit_unit_proto_goTypes = []interface{}{
+	(RateLimitUnit)(0), // 0: envoy.type.v3.RateLimitUnit
+}
+var file_envoy_type_v3_ratelimit_unit_proto_depIdxs = []int32{
+	0, // [0:0] is the sub-list for method output_type
+	0, // [0:0] is the sub-list for method input_type
+	0, // [0:0] is the sub-list for extension type_name
+	0, // [0:0] is the sub-list for extension extendee
+	0, // [0:0] is the sub-list for field type_name
+}
+
+func init() { file_envoy_type_v3_ratelimit_unit_proto_init() }
+func file_envoy_type_v3_ratelimit_unit_proto_init() {
+	if File_envoy_type_v3_ratelimit_unit_proto != nil {
+		return
+	}
+	type x struct{}
+	out := protoimpl.TypeBuilder{
+		File: protoimpl.DescBuilder{
+			GoPackagePath: reflect.TypeOf(x{}).PkgPath(),
+			RawDescriptor: file_envoy_type_v3_ratelimit_unit_proto_rawDesc,
+			NumEnums:      1,
+			NumMessages:   0,
+			NumExtensions: 0,
+			NumServices:   0,
+		},
+		GoTypes:           file_envoy_type_v3_ratelimit_unit_proto_goTypes,
+		DependencyIndexes: file_envoy_type_v3_ratelimit_unit_proto_depIdxs,
+		EnumInfos:         file_envoy_type_v3_ratelimit_unit_proto_enumTypes,
+	}.Build()
+	File_envoy_type_v3_ratelimit_unit_proto = out.File
+	file_envoy_type_v3_ratelimit_unit_proto_rawDesc = nil
+	file_envoy_type_v3_ratelimit_unit_proto_goTypes = nil
+	file_envoy_type_v3_ratelimit_unit_proto_depIdxs = nil
+}
diff --git a/vendor/github.com/envoyproxy/go-control-plane/envoy/type/v3/ratelimit_unit.pb.validate.go b/vendor/github.com/envoyproxy/go-control-plane/envoy/type/v3/ratelimit_unit.pb.validate.go
new file mode 100644
index 00000000000..335e876fbe8
--- /dev/null
+++ b/vendor/github.com/envoyproxy/go-control-plane/envoy/type/v3/ratelimit_unit.pb.validate.go
@@ -0,0 +1,36 @@
+// Code generated by protoc-gen-validate. DO NOT EDIT.
+// source: envoy/type/v3/ratelimit_unit.proto
+
+package envoy_type_v3
+
+import (
+	"bytes"
+	"errors"
+	"fmt"
+	"net"
+	"net/mail"
+	"net/url"
+	"regexp"
+	"sort"
+	"strings"
+	"time"
+	"unicode/utf8"
+
+	"google.golang.org/protobuf/types/known/anypb"
+)
+
+// ensure the imports are used
+var (
+	_ = bytes.MinRead
+	_ = errors.New("")
+	_ = fmt.Print
+	_ = utf8.UTFMax
+	_ = (*regexp.Regexp)(nil)
+	_ = (*strings.Reader)(nil)
+	_ = net.IPv4len
+	_ = time.Duration(0)
+	_ = (*url.URL)(nil)
+	_ = (*mail.Address)(nil)
+	_ = anypb.Any{}
+	_ = sort.Sort
+)
diff --git a/vendor/github.com/envoyproxy/go-control-plane/envoy/type/v3/semantic_version.pb.go b/vendor/github.com/envoyproxy/go-control-plane/envoy/type/v3/semantic_version.pb.go
new file mode 100644
index 00000000000..90774109a42
--- /dev/null
+++ b/vendor/github.com/envoyproxy/go-control-plane/envoy/type/v3/semantic_version.pb.go
@@ -0,0 +1,183 @@
+// Code generated by protoc-gen-go. DO NOT EDIT.
+// versions:
+// 	protoc-gen-go v1.25.0
+// 	protoc        v3.19.1
+// source: envoy/type/v3/semantic_version.proto
+
+package envoy_type_v3
+
+import (
+	_ "github.com/cncf/xds/go/udpa/annotations"
+	proto "github.com/golang/protobuf/proto"
+	protoreflect "google.golang.org/protobuf/reflect/protoreflect"
+	protoimpl "google.golang.org/protobuf/runtime/protoimpl"
+	reflect "reflect"
+	sync "sync"
+)
+
+const (
+	// Verify that this generated code is sufficiently up-to-date.
+	_ = protoimpl.EnforceVersion(20 - protoimpl.MinVersion)
+	// Verify that runtime/protoimpl is sufficiently up-to-date.
+	_ = protoimpl.EnforceVersion(protoimpl.MaxVersion - 20)
+)
+
+// This is a compile-time assertion that a sufficiently up-to-date version
+// of the legacy proto package is being used.
+const _ = proto.ProtoPackageIsVersion4
+
+// Envoy uses SemVer (https://semver.org/). Major/minor versions indicate
+// expected behaviors and APIs, the patch version field is used only
+// for security fixes and can be generally ignored.
+type SemanticVersion struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	MajorNumber uint32 `protobuf:"varint,1,opt,name=major_number,json=majorNumber,proto3" json:"major_number,omitempty"`
+	MinorNumber uint32 `protobuf:"varint,2,opt,name=minor_number,json=minorNumber,proto3" json:"minor_number,omitempty"`
+	Patch       uint32 `protobuf:"varint,3,opt,name=patch,proto3" json:"patch,omitempty"`
+}
+
+func (x *SemanticVersion) Reset() {
+	*x = SemanticVersion{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_type_v3_semantic_version_proto_msgTypes[0]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *SemanticVersion) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*SemanticVersion) ProtoMessage() {}
+
+func (x *SemanticVersion) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_type_v3_semantic_version_proto_msgTypes[0]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use SemanticVersion.ProtoReflect.Descriptor instead.
+func (*SemanticVersion) Descriptor() ([]byte, []int) {
+	return file_envoy_type_v3_semantic_version_proto_rawDescGZIP(), []int{0}
+}
+
+func (x *SemanticVersion) GetMajorNumber() uint32 {
+	if x != nil {
+		return x.MajorNumber
+	}
+	return 0
+}
+
+func (x *SemanticVersion) GetMinorNumber() uint32 {
+	if x != nil {
+		return x.MinorNumber
+	}
+	return 0
+}
+
+func (x *SemanticVersion) GetPatch() uint32 {
+	if x != nil {
+		return x.Patch
+	}
+	return 0
+}
+
+var File_envoy_type_v3_semantic_version_proto protoreflect.FileDescriptor
+
+var file_envoy_type_v3_semantic_version_proto_rawDesc = []byte{
+	0x0a, 0x24, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2f, 0x74, 0x79, 0x70, 0x65, 0x2f, 0x76, 0x33, 0x2f,
+	0x73, 0x65, 0x6d, 0x61, 0x6e, 0x74, 0x69, 0x63, 0x5f, 0x76, 0x65, 0x72, 0x73, 0x69, 0x6f, 0x6e,
+	0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x12, 0x0d, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x74, 0x79,
+	0x70, 0x65, 0x2e, 0x76, 0x33, 0x1a, 0x1d, 0x75, 0x64, 0x70, 0x61, 0x2f, 0x61, 0x6e, 0x6e, 0x6f,
+	0x74, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x2f, 0x73, 0x74, 0x61, 0x74, 0x75, 0x73, 0x2e, 0x70,
+	0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x21, 0x75, 0x64, 0x70, 0x61, 0x2f, 0x61, 0x6e, 0x6e, 0x6f, 0x74,
+	0x61, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x2f, 0x76, 0x65, 0x72, 0x73, 0x69, 0x6f, 0x6e, 0x69, 0x6e,
+	0x67, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x22, 0x90, 0x01, 0x0a, 0x0f, 0x53, 0x65, 0x6d, 0x61,
+	0x6e, 0x74, 0x69, 0x63, 0x56, 0x65, 0x72, 0x73, 0x69, 0x6f, 0x6e, 0x12, 0x21, 0x0a, 0x0c, 0x6d,
+	0x61, 0x6a, 0x6f, 0x72, 0x5f, 0x6e, 0x75, 0x6d, 0x62, 0x65, 0x72, 0x18, 0x01, 0x20, 0x01, 0x28,
+	0x0d, 0x52, 0x0b, 0x6d, 0x61, 0x6a, 0x6f, 0x72, 0x4e, 0x75, 0x6d, 0x62, 0x65, 0x72, 0x12, 0x21,
+	0x0a, 0x0c, 0x6d, 0x69, 0x6e, 0x6f, 0x72, 0x5f, 0x6e, 0x75, 0x6d, 0x62, 0x65, 0x72, 0x18, 0x02,
+	0x20, 0x01, 0x28, 0x0d, 0x52, 0x0b, 0x6d, 0x69, 0x6e, 0x6f, 0x72, 0x4e, 0x75, 0x6d, 0x62, 0x65,
+	0x72, 0x12, 0x14, 0x0a, 0x05, 0x70, 0x61, 0x74, 0x63, 0x68, 0x18, 0x03, 0x20, 0x01, 0x28, 0x0d,
+	0x52, 0x05, 0x70, 0x61, 0x74, 0x63, 0x68, 0x3a, 0x21, 0x9a, 0xc5, 0x88, 0x1e, 0x1c, 0x0a, 0x1a,
+	0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x74, 0x79, 0x70, 0x65, 0x2e, 0x53, 0x65, 0x6d, 0x61, 0x6e,
+	0x74, 0x69, 0x63, 0x56, 0x65, 0x72, 0x73, 0x69, 0x6f, 0x6e, 0x42, 0x3d, 0x0a, 0x1b, 0x69, 0x6f,
+	0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x70, 0x72, 0x6f, 0x78, 0x79, 0x2e, 0x65, 0x6e, 0x76, 0x6f,
+	0x79, 0x2e, 0x74, 0x79, 0x70, 0x65, 0x2e, 0x76, 0x33, 0x42, 0x14, 0x53, 0x65, 0x6d, 0x61, 0x6e,
+	0x74, 0x69, 0x63, 0x56, 0x65, 0x72, 0x73, 0x69, 0x6f, 0x6e, 0x50, 0x72, 0x6f, 0x74, 0x6f, 0x50,
+	0x01, 0xba, 0x80, 0xc8, 0xd1, 0x06, 0x02, 0x10, 0x02, 0x62, 0x06, 0x70, 0x72, 0x6f, 0x74, 0x6f,
+	0x33,
+}
+
+var (
+	file_envoy_type_v3_semantic_version_proto_rawDescOnce sync.Once
+	file_envoy_type_v3_semantic_version_proto_rawDescData = file_envoy_type_v3_semantic_version_proto_rawDesc
+)
+
+func file_envoy_type_v3_semantic_version_proto_rawDescGZIP() []byte {
+	file_envoy_type_v3_semantic_version_proto_rawDescOnce.Do(func() {
+		file_envoy_type_v3_semantic_version_proto_rawDescData = protoimpl.X.CompressGZIP(file_envoy_type_v3_semantic_version_proto_rawDescData)
+	})
+	return file_envoy_type_v3_semantic_version_proto_rawDescData
+}
+
+var file_envoy_type_v3_semantic_version_proto_msgTypes = make([]protoimpl.MessageInfo, 1)
+var file_envoy_type_v3_semantic_version_proto_goTypes = []interface{}{
+	(*SemanticVersion)(nil), // 0: envoy.type.v3.SemanticVersion
+}
+var file_envoy_type_v3_semantic_version_proto_depIdxs = []int32{
+	0, // [0:0] is the sub-list for method output_type
+	0, // [0:0] is the sub-list for method input_type
+	0, // [0:0] is the sub-list for extension type_name
+	0, // [0:0] is the sub-list for extension extendee
+	0, // [0:0] is the sub-list for field type_name
+}
+
+func init() { file_envoy_type_v3_semantic_version_proto_init() }
+func file_envoy_type_v3_semantic_version_proto_init() {
+	if File_envoy_type_v3_semantic_version_proto != nil {
+		return
+	}
+	if !protoimpl.UnsafeEnabled {
+		file_envoy_type_v3_semantic_version_proto_msgTypes[0].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*SemanticVersion); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+	}
+	type x struct{}
+	out := protoimpl.TypeBuilder{
+		File: protoimpl.DescBuilder{
+			GoPackagePath: reflect.TypeOf(x{}).PkgPath(),
+			RawDescriptor: file_envoy_type_v3_semantic_version_proto_rawDesc,
+			NumEnums:      0,
+			NumMessages:   1,
+			NumExtensions: 0,
+			NumServices:   0,
+		},
+		GoTypes:           file_envoy_type_v3_semantic_version_proto_goTypes,
+		DependencyIndexes: file_envoy_type_v3_semantic_version_proto_depIdxs,
+		MessageInfos:      file_envoy_type_v3_semantic_version_proto_msgTypes,
+	}.Build()
+	File_envoy_type_v3_semantic_version_proto = out.File
+	file_envoy_type_v3_semantic_version_proto_rawDesc = nil
+	file_envoy_type_v3_semantic_version_proto_goTypes = nil
+	file_envoy_type_v3_semantic_version_proto_depIdxs = nil
+}
diff --git a/vendor/github.com/envoyproxy/go-control-plane/envoy/type/v3/semantic_version.pb.validate.go b/vendor/github.com/envoyproxy/go-control-plane/envoy/type/v3/semantic_version.pb.validate.go
new file mode 100644
index 00000000000..ee25b6879bb
--- /dev/null
+++ b/vendor/github.com/envoyproxy/go-control-plane/envoy/type/v3/semantic_version.pb.validate.go
@@ -0,0 +1,141 @@
+// Code generated by protoc-gen-validate. DO NOT EDIT.
+// source: envoy/type/v3/semantic_version.proto
+
+package envoy_type_v3
+
+import (
+	"bytes"
+	"errors"
+	"fmt"
+	"net"
+	"net/mail"
+	"net/url"
+	"regexp"
+	"sort"
+	"strings"
+	"time"
+	"unicode/utf8"
+
+	"google.golang.org/protobuf/types/known/anypb"
+)
+
+// ensure the imports are used
+var (
+	_ = bytes.MinRead
+	_ = errors.New("")
+	_ = fmt.Print
+	_ = utf8.UTFMax
+	_ = (*regexp.Regexp)(nil)
+	_ = (*strings.Reader)(nil)
+	_ = net.IPv4len
+	_ = time.Duration(0)
+	_ = (*url.URL)(nil)
+	_ = (*mail.Address)(nil)
+	_ = anypb.Any{}
+	_ = sort.Sort
+)
+
+// Validate checks the field values on SemanticVersion with the rules defined
+// in the proto definition for this message. If any rules are violated, the
+// first error encountered is returned, or nil if there are no violations.
+func (m *SemanticVersion) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on SemanticVersion with the rules
+// defined in the proto definition for this message. If any rules are
+// violated, the result is a list of violation errors wrapped in
+// SemanticVersionMultiError, or nil if none found.
+func (m *SemanticVersion) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *SemanticVersion) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	// no validation rules for MajorNumber
+
+	// no validation rules for MinorNumber
+
+	// no validation rules for Patch
+
+	if len(errors) > 0 {
+		return SemanticVersionMultiError(errors)
+	}
+	return nil
+}
+
+// SemanticVersionMultiError is an error wrapping multiple validation errors
+// returned by SemanticVersion.ValidateAll() if the designated constraints
+// aren't met.
+type SemanticVersionMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m SemanticVersionMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m SemanticVersionMultiError) AllErrors() []error { return m }
+
+// SemanticVersionValidationError is the validation error returned by
+// SemanticVersion.Validate if the designated constraints aren't met.
+type SemanticVersionValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e SemanticVersionValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e SemanticVersionValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e SemanticVersionValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e SemanticVersionValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e SemanticVersionValidationError) ErrorName() string { return "SemanticVersionValidationError" }
+
+// Error satisfies the builtin error interface
+func (e SemanticVersionValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sSemanticVersion.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = SemanticVersionValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = SemanticVersionValidationError{}
diff --git a/vendor/github.com/envoyproxy/go-control-plane/envoy/type/v3/token_bucket.pb.go b/vendor/github.com/envoyproxy/go-control-plane/envoy/type/v3/token_bucket.pb.go
new file mode 100644
index 00000000000..197035cc8c8
--- /dev/null
+++ b/vendor/github.com/envoyproxy/go-control-plane/envoy/type/v3/token_bucket.pb.go
@@ -0,0 +1,206 @@
+// Code generated by protoc-gen-go. DO NOT EDIT.
+// versions:
+// 	protoc-gen-go v1.25.0
+// 	protoc        v3.19.1
+// source: envoy/type/v3/token_bucket.proto
+
+package envoy_type_v3
+
+import (
+	_ "github.com/cncf/xds/go/udpa/annotations"
+	_ "github.com/envoyproxy/protoc-gen-validate/validate"
+	proto "github.com/golang/protobuf/proto"
+	duration "github.com/golang/protobuf/ptypes/duration"
+	wrappers "github.com/golang/protobuf/ptypes/wrappers"
+	protoreflect "google.golang.org/protobuf/reflect/protoreflect"
+	protoimpl "google.golang.org/protobuf/runtime/protoimpl"
+	reflect "reflect"
+	sync "sync"
+)
+
+const (
+	// Verify that this generated code is sufficiently up-to-date.
+	_ = protoimpl.EnforceVersion(20 - protoimpl.MinVersion)
+	// Verify that runtime/protoimpl is sufficiently up-to-date.
+	_ = protoimpl.EnforceVersion(protoimpl.MaxVersion - 20)
+)
+
+// This is a compile-time assertion that a sufficiently up-to-date version
+// of the legacy proto package is being used.
+const _ = proto.ProtoPackageIsVersion4
+
+// Configures a token bucket, typically used for rate limiting.
+type TokenBucket struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// The maximum tokens that the bucket can hold. This is also the number of tokens that the bucket
+	// initially contains.
+	MaxTokens uint32 `protobuf:"varint,1,opt,name=max_tokens,json=maxTokens,proto3" json:"max_tokens,omitempty"`
+	// The number of tokens added to the bucket during each fill interval. If not specified, defaults
+	// to a single token.
+	TokensPerFill *wrappers.UInt32Value `protobuf:"bytes,2,opt,name=tokens_per_fill,json=tokensPerFill,proto3" json:"tokens_per_fill,omitempty"`
+	// The fill interval that tokens are added to the bucket. During each fill interval
+	// `tokens_per_fill` are added to the bucket. The bucket will never contain more than
+	// `max_tokens` tokens.
+	FillInterval *duration.Duration `protobuf:"bytes,3,opt,name=fill_interval,json=fillInterval,proto3" json:"fill_interval,omitempty"`
+}
+
+func (x *TokenBucket) Reset() {
+	*x = TokenBucket{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_envoy_type_v3_token_bucket_proto_msgTypes[0]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *TokenBucket) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*TokenBucket) ProtoMessage() {}
+
+func (x *TokenBucket) ProtoReflect() protoreflect.Message {
+	mi := &file_envoy_type_v3_token_bucket_proto_msgTypes[0]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use TokenBucket.ProtoReflect.Descriptor instead.
+func (*TokenBucket) Descriptor() ([]byte, []int) {
+	return file_envoy_type_v3_token_bucket_proto_rawDescGZIP(), []int{0}
+}
+
+func (x *TokenBucket) GetMaxTokens() uint32 {
+	if x != nil {
+		return x.MaxTokens
+	}
+	return 0
+}
+
+func (x *TokenBucket) GetTokensPerFill() *wrappers.UInt32Value {
+	if x != nil {
+		return x.TokensPerFill
+	}
+	return nil
+}
+
+func (x *TokenBucket) GetFillInterval() *duration.Duration {
+	if x != nil {
+		return x.FillInterval
+	}
+	return nil
+}
+
+var File_envoy_type_v3_token_bucket_proto protoreflect.FileDescriptor
+
+var file_envoy_type_v3_token_bucket_proto_rawDesc = []byte{
+	0x0a, 0x20, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2f, 0x74, 0x79, 0x70, 0x65, 0x2f, 0x76, 0x33, 0x2f,
+	0x74, 0x6f, 0x6b, 0x65, 0x6e, 0x5f, 0x62, 0x75, 0x63, 0x6b, 0x65, 0x74, 0x2e, 0x70, 0x72, 0x6f,
+	0x74, 0x6f, 0x12, 0x0d, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x74, 0x79, 0x70, 0x65, 0x2e, 0x76,
+	0x33, 0x1a, 0x1e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2f, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62,
+	0x75, 0x66, 0x2f, 0x64, 0x75, 0x72, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x2e, 0x70, 0x72, 0x6f, 0x74,
+	0x6f, 0x1a, 0x1e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2f, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62,
+	0x75, 0x66, 0x2f, 0x77, 0x72, 0x61, 0x70, 0x70, 0x65, 0x72, 0x73, 0x2e, 0x70, 0x72, 0x6f, 0x74,
+	0x6f, 0x1a, 0x1d, 0x75, 0x64, 0x70, 0x61, 0x2f, 0x61, 0x6e, 0x6e, 0x6f, 0x74, 0x61, 0x74, 0x69,
+	0x6f, 0x6e, 0x73, 0x2f, 0x73, 0x74, 0x61, 0x74, 0x75, 0x73, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f,
+	0x1a, 0x21, 0x75, 0x64, 0x70, 0x61, 0x2f, 0x61, 0x6e, 0x6e, 0x6f, 0x74, 0x61, 0x74, 0x69, 0x6f,
+	0x6e, 0x73, 0x2f, 0x76, 0x65, 0x72, 0x73, 0x69, 0x6f, 0x6e, 0x69, 0x6e, 0x67, 0x2e, 0x70, 0x72,
+	0x6f, 0x74, 0x6f, 0x1a, 0x17, 0x76, 0x61, 0x6c, 0x69, 0x64, 0x61, 0x74, 0x65, 0x2f, 0x76, 0x61,
+	0x6c, 0x69, 0x64, 0x61, 0x74, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x22, 0xef, 0x01, 0x0a,
+	0x0b, 0x54, 0x6f, 0x6b, 0x65, 0x6e, 0x42, 0x75, 0x63, 0x6b, 0x65, 0x74, 0x12, 0x26, 0x0a, 0x0a,
+	0x6d, 0x61, 0x78, 0x5f, 0x74, 0x6f, 0x6b, 0x65, 0x6e, 0x73, 0x18, 0x01, 0x20, 0x01, 0x28, 0x0d,
+	0x42, 0x07, 0xfa, 0x42, 0x04, 0x2a, 0x02, 0x20, 0x00, 0x52, 0x09, 0x6d, 0x61, 0x78, 0x54, 0x6f,
+	0x6b, 0x65, 0x6e, 0x73, 0x12, 0x4d, 0x0a, 0x0f, 0x74, 0x6f, 0x6b, 0x65, 0x6e, 0x73, 0x5f, 0x70,
+	0x65, 0x72, 0x5f, 0x66, 0x69, 0x6c, 0x6c, 0x18, 0x02, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1c, 0x2e,
+	0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e,
+	0x55, 0x49, 0x6e, 0x74, 0x33, 0x32, 0x56, 0x61, 0x6c, 0x75, 0x65, 0x42, 0x07, 0xfa, 0x42, 0x04,
+	0x2a, 0x02, 0x20, 0x00, 0x52, 0x0d, 0x74, 0x6f, 0x6b, 0x65, 0x6e, 0x73, 0x50, 0x65, 0x72, 0x46,
+	0x69, 0x6c, 0x6c, 0x12, 0x4a, 0x0a, 0x0d, 0x66, 0x69, 0x6c, 0x6c, 0x5f, 0x69, 0x6e, 0x74, 0x65,
+	0x72, 0x76, 0x61, 0x6c, 0x18, 0x03, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x19, 0x2e, 0x67, 0x6f, 0x6f,
+	0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x44, 0x75, 0x72,
+	0x61, 0x74, 0x69, 0x6f, 0x6e, 0x42, 0x0a, 0xfa, 0x42, 0x07, 0xaa, 0x01, 0x04, 0x08, 0x01, 0x2a,
+	0x00, 0x52, 0x0c, 0x66, 0x69, 0x6c, 0x6c, 0x49, 0x6e, 0x74, 0x65, 0x72, 0x76, 0x61, 0x6c, 0x3a,
+	0x1d, 0x9a, 0xc5, 0x88, 0x1e, 0x18, 0x0a, 0x16, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x74, 0x79,
+	0x70, 0x65, 0x2e, 0x54, 0x6f, 0x6b, 0x65, 0x6e, 0x42, 0x75, 0x63, 0x6b, 0x65, 0x74, 0x42, 0x39,
+	0x0a, 0x1b, 0x69, 0x6f, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x70, 0x72, 0x6f, 0x78, 0x79, 0x2e,
+	0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x74, 0x79, 0x70, 0x65, 0x2e, 0x76, 0x33, 0x42, 0x10, 0x54,
+	0x6f, 0x6b, 0x65, 0x6e, 0x42, 0x75, 0x63, 0x6b, 0x65, 0x74, 0x50, 0x72, 0x6f, 0x74, 0x6f, 0x50,
+	0x01, 0xba, 0x80, 0xc8, 0xd1, 0x06, 0x02, 0x10, 0x02, 0x62, 0x06, 0x70, 0x72, 0x6f, 0x74, 0x6f,
+	0x33,
+}
+
+var (
+	file_envoy_type_v3_token_bucket_proto_rawDescOnce sync.Once
+	file_envoy_type_v3_token_bucket_proto_rawDescData = file_envoy_type_v3_token_bucket_proto_rawDesc
+)
+
+func file_envoy_type_v3_token_bucket_proto_rawDescGZIP() []byte {
+	file_envoy_type_v3_token_bucket_proto_rawDescOnce.Do(func() {
+		file_envoy_type_v3_token_bucket_proto_rawDescData = protoimpl.X.CompressGZIP(file_envoy_type_v3_token_bucket_proto_rawDescData)
+	})
+	return file_envoy_type_v3_token_bucket_proto_rawDescData
+}
+
+var file_envoy_type_v3_token_bucket_proto_msgTypes = make([]protoimpl.MessageInfo, 1)
+var file_envoy_type_v3_token_bucket_proto_goTypes = []interface{}{
+	(*TokenBucket)(nil),          // 0: envoy.type.v3.TokenBucket
+	(*wrappers.UInt32Value)(nil), // 1: google.protobuf.UInt32Value
+	(*duration.Duration)(nil),    // 2: google.protobuf.Duration
+}
+var file_envoy_type_v3_token_bucket_proto_depIdxs = []int32{
+	1, // 0: envoy.type.v3.TokenBucket.tokens_per_fill:type_name -> google.protobuf.UInt32Value
+	2, // 1: envoy.type.v3.TokenBucket.fill_interval:type_name -> google.protobuf.Duration
+	2, // [2:2] is the sub-list for method output_type
+	2, // [2:2] is the sub-list for method input_type
+	2, // [2:2] is the sub-list for extension type_name
+	2, // [2:2] is the sub-list for extension extendee
+	0, // [0:2] is the sub-list for field type_name
+}
+
+func init() { file_envoy_type_v3_token_bucket_proto_init() }
+func file_envoy_type_v3_token_bucket_proto_init() {
+	if File_envoy_type_v3_token_bucket_proto != nil {
+		return
+	}
+	if !protoimpl.UnsafeEnabled {
+		file_envoy_type_v3_token_bucket_proto_msgTypes[0].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*TokenBucket); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+	}
+	type x struct{}
+	out := protoimpl.TypeBuilder{
+		File: protoimpl.DescBuilder{
+			GoPackagePath: reflect.TypeOf(x{}).PkgPath(),
+			RawDescriptor: file_envoy_type_v3_token_bucket_proto_rawDesc,
+			NumEnums:      0,
+			NumMessages:   1,
+			NumExtensions: 0,
+			NumServices:   0,
+		},
+		GoTypes:           file_envoy_type_v3_token_bucket_proto_goTypes,
+		DependencyIndexes: file_envoy_type_v3_token_bucket_proto_depIdxs,
+		MessageInfos:      file_envoy_type_v3_token_bucket_proto_msgTypes,
+	}.Build()
+	File_envoy_type_v3_token_bucket_proto = out.File
+	file_envoy_type_v3_token_bucket_proto_rawDesc = nil
+	file_envoy_type_v3_token_bucket_proto_goTypes = nil
+	file_envoy_type_v3_token_bucket_proto_depIdxs = nil
+}
diff --git a/vendor/github.com/envoyproxy/go-control-plane/envoy/type/v3/token_bucket.pb.validate.go b/vendor/github.com/envoyproxy/go-control-plane/envoy/type/v3/token_bucket.pb.validate.go
new file mode 100644
index 00000000000..6ef9e71736a
--- /dev/null
+++ b/vendor/github.com/envoyproxy/go-control-plane/envoy/type/v3/token_bucket.pb.validate.go
@@ -0,0 +1,201 @@
+// Code generated by protoc-gen-validate. DO NOT EDIT.
+// source: envoy/type/v3/token_bucket.proto
+
+package envoy_type_v3
+
+import (
+	"bytes"
+	"errors"
+	"fmt"
+	"net"
+	"net/mail"
+	"net/url"
+	"regexp"
+	"sort"
+	"strings"
+	"time"
+	"unicode/utf8"
+
+	"google.golang.org/protobuf/types/known/anypb"
+)
+
+// ensure the imports are used
+var (
+	_ = bytes.MinRead
+	_ = errors.New("")
+	_ = fmt.Print
+	_ = utf8.UTFMax
+	_ = (*regexp.Regexp)(nil)
+	_ = (*strings.Reader)(nil)
+	_ = net.IPv4len
+	_ = time.Duration(0)
+	_ = (*url.URL)(nil)
+	_ = (*mail.Address)(nil)
+	_ = anypb.Any{}
+	_ = sort.Sort
+)
+
+// Validate checks the field values on TokenBucket with the rules defined in
+// the proto definition for this message. If any rules are violated, the first
+// error encountered is returned, or nil if there are no violations.
+func (m *TokenBucket) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on TokenBucket with the rules defined in
+// the proto definition for this message. If any rules are violated, the
+// result is a list of violation errors wrapped in TokenBucketMultiError, or
+// nil if none found.
+func (m *TokenBucket) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *TokenBucket) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	if m.GetMaxTokens() <= 0 {
+		err := TokenBucketValidationError{
+			field:  "MaxTokens",
+			reason: "value must be greater than 0",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+	}
+
+	if wrapper := m.GetTokensPerFill(); wrapper != nil {
+
+		if wrapper.GetValue() <= 0 {
+			err := TokenBucketValidationError{
+				field:  "TokensPerFill",
+				reason: "value must be greater than 0",
+			}
+			if !all {
+				return err
+			}
+			errors = append(errors, err)
+		}
+
+	}
+
+	if m.GetFillInterval() == nil {
+		err := TokenBucketValidationError{
+			field:  "FillInterval",
+			reason: "value is required",
+		}
+		if !all {
+			return err
+		}
+		errors = append(errors, err)
+	}
+
+	if d := m.GetFillInterval(); d != nil {
+		dur, err := d.AsDuration(), d.CheckValid()
+		if err != nil {
+			err = TokenBucketValidationError{
+				field:  "FillInterval",
+				reason: "value is not a valid duration",
+				cause:  err,
+			}
+			if !all {
+				return err
+			}
+			errors = append(errors, err)
+		} else {
+
+			gt := time.Duration(0*time.Second + 0*time.Nanosecond)
+
+			if dur <= gt {
+				err := TokenBucketValidationError{
+					field:  "FillInterval",
+					reason: "value must be greater than 0s",
+				}
+				if !all {
+					return err
+				}
+				errors = append(errors, err)
+			}
+
+		}
+	}
+
+	if len(errors) > 0 {
+		return TokenBucketMultiError(errors)
+	}
+	return nil
+}
+
+// TokenBucketMultiError is an error wrapping multiple validation errors
+// returned by TokenBucket.ValidateAll() if the designated constraints aren't met.
+type TokenBucketMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m TokenBucketMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m TokenBucketMultiError) AllErrors() []error { return m }
+
+// TokenBucketValidationError is the validation error returned by
+// TokenBucket.Validate if the designated constraints aren't met.
+type TokenBucketValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e TokenBucketValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e TokenBucketValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e TokenBucketValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e TokenBucketValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e TokenBucketValidationError) ErrorName() string { return "TokenBucketValidationError" }
+
+// Error satisfies the builtin error interface
+func (e TokenBucketValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sTokenBucket.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = TokenBucketValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = TokenBucketValidationError{}
diff --git a/vendor/github.com/envoyproxy/protoc-gen-validate/LICENSE b/vendor/github.com/envoyproxy/protoc-gen-validate/LICENSE
new file mode 100644
index 00000000000..d6456956733
--- /dev/null
+++ b/vendor/github.com/envoyproxy/protoc-gen-validate/LICENSE
@@ -0,0 +1,202 @@
+
+                                 Apache License
+                           Version 2.0, January 2004
+                        http://www.apache.org/licenses/
+
+   TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION
+
+   1. Definitions.
+
+      "License" shall mean the terms and conditions for use, reproduction,
+      and distribution as defined by Sections 1 through 9 of this document.
+
+      "Licensor" shall mean the copyright owner or entity authorized by
+      the copyright owner that is granting the License.
+
+      "Legal Entity" shall mean the union of the acting entity and all
+      other entities that control, are controlled by, or are under common
+      control with that entity. For the purposes of this definition,
+      "control" means (i) the power, direct or indirect, to cause the
+      direction or management of such entity, whether by contract or
+      otherwise, or (ii) ownership of fifty percent (50%) or more of the
+      outstanding shares, or (iii) beneficial ownership of such entity.
+
+      "You" (or "Your") shall mean an individual or Legal Entity
+      exercising permissions granted by this License.
+
+      "Source" form shall mean the preferred form for making modifications,
+      including but not limited to software source code, documentation
+      source, and configuration files.
+
+      "Object" form shall mean any form resulting from mechanical
+      transformation or translation of a Source form, including but
+      not limited to compiled object code, generated documentation,
+      and conversions to other media types.
+
+      "Work" shall mean the work of authorship, whether in Source or
+      Object form, made available under the License, as indicated by a
+      copyright notice that is included in or attached to the work
+      (an example is provided in the Appendix below).
+
+      "Derivative Works" shall mean any work, whether in Source or Object
+      form, that is based on (or derived from) the Work and for which the
+      editorial revisions, annotations, elaborations, or other modifications
+      represent, as a whole, an original work of authorship. For the purposes
+      of this License, Derivative Works shall not include works that remain
+      separable from, or merely link (or bind by name) to the interfaces of,
+      the Work and Derivative Works thereof.
+
+      "Contribution" shall mean any work of authorship, including
+      the original version of the Work and any modifications or additions
+      to that Work or Derivative Works thereof, that is intentionally
+      submitted to Licensor for inclusion in the Work by the copyright owner
+      or by an individual or Legal Entity authorized to submit on behalf of
+      the copyright owner. For the purposes of this definition, "submitted"
+      means any form of electronic, verbal, or written communication sent
+      to the Licensor or its representatives, including but not limited to
+      communication on electronic mailing lists, source code control systems,
+      and issue tracking systems that are managed by, or on behalf of, the
+      Licensor for the purpose of discussing and improving the Work, but
+      excluding communication that is conspicuously marked or otherwise
+      designated in writing by the copyright owner as "Not a Contribution."
+
+      "Contributor" shall mean Licensor and any individual or Legal Entity
+      on behalf of whom a Contribution has been received by Licensor and
+      subsequently incorporated within the Work.
+
+   2. Grant of Copyright License. Subject to the terms and conditions of
+      this License, each Contributor hereby grants to You a perpetual,
+      worldwide, non-exclusive, no-charge, royalty-free, irrevocable
+      copyright license to reproduce, prepare Derivative Works of,
+      publicly display, publicly perform, sublicense, and distribute the
+      Work and such Derivative Works in Source or Object form.
+
+   3. Grant of Patent License. Subject to the terms and conditions of
+      this License, each Contributor hereby grants to You a perpetual,
+      worldwide, non-exclusive, no-charge, royalty-free, irrevocable
+      (except as stated in this section) patent license to make, have made,
+      use, offer to sell, sell, import, and otherwise transfer the Work,
+      where such license applies only to those patent claims licensable
+      by such Contributor that are necessarily infringed by their
+      Contribution(s) alone or by combination of their Contribution(s)
+      with the Work to which such Contribution(s) was submitted. If You
+      institute patent litigation against any entity (including a
+      cross-claim or counterclaim in a lawsuit) alleging that the Work
+      or a Contribution incorporated within the Work constitutes direct
+      or contributory patent infringement, then any patent licenses
+      granted to You under this License for that Work shall terminate
+      as of the date such litigation is filed.
+
+   4. Redistribution. You may reproduce and distribute copies of the
+      Work or Derivative Works thereof in any medium, with or without
+      modifications, and in Source or Object form, provided that You
+      meet the following conditions:
+
+      (a) You must give any other recipients of the Work or
+          Derivative Works a copy of this License; and
+
+      (b) You must cause any modified files to carry prominent notices
+          stating that You changed the files; and
+
+      (c) You must retain, in the Source form of any Derivative Works
+          that You distribute, all copyright, patent, trademark, and
+          attribution notices from the Source form of the Work,
+          excluding those notices that do not pertain to any part of
+          the Derivative Works; and
+
+      (d) If the Work includes a "NOTICE" text file as part of its
+          distribution, then any Derivative Works that You distribute must
+          include a readable copy of the attribution notices contained
+          within such NOTICE file, excluding those notices that do not
+          pertain to any part of the Derivative Works, in at least one
+          of the following places: within a NOTICE text file distributed
+          as part of the Derivative Works; within the Source form or
+          documentation, if provided along with the Derivative Works; or,
+          within a display generated by the Derivative Works, if and
+          wherever such third-party notices normally appear. The contents
+          of the NOTICE file are for informational purposes only and
+          do not modify the License. You may add Your own attribution
+          notices within Derivative Works that You distribute, alongside
+          or as an addendum to the NOTICE text from the Work, provided
+          that such additional attribution notices cannot be construed
+          as modifying the License.
+
+      You may add Your own copyright statement to Your modifications and
+      may provide additional or different license terms and conditions
+      for use, reproduction, or distribution of Your modifications, or
+      for any such Derivative Works as a whole, provided Your use,
+      reproduction, and distribution of the Work otherwise complies with
+      the conditions stated in this License.
+
+   5. Submission of Contributions. Unless You explicitly state otherwise,
+      any Contribution intentionally submitted for inclusion in the Work
+      by You to the Licensor shall be under the terms and conditions of
+      this License, without any additional terms or conditions.
+      Notwithstanding the above, nothing herein shall supersede or modify
+      the terms of any separate license agreement you may have executed
+      with Licensor regarding such Contributions.
+
+   6. Trademarks. This License does not grant permission to use the trade
+      names, trademarks, service marks, or product names of the Licensor,
+      except as required for reasonable and customary use in describing the
+      origin of the Work and reproducing the content of the NOTICE file.
+
+   7. Disclaimer of Warranty. Unless required by applicable law or
+      agreed to in writing, Licensor provides the Work (and each
+      Contributor provides its Contributions) on an "AS IS" BASIS,
+      WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
+      implied, including, without limitation, any warranties or conditions
+      of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A
+      PARTICULAR PURPOSE. You are solely responsible for determining the
+      appropriateness of using or redistributing the Work and assume any
+      risks associated with Your exercise of permissions under this License.
+
+   8. Limitation of Liability. In no event and under no legal theory,
+      whether in tort (including negligence), contract, or otherwise,
+      unless required by applicable law (such as deliberate and grossly
+      negligent acts) or agreed to in writing, shall any Contributor be
+      liable to You for damages, including any direct, indirect, special,
+      incidental, or consequential damages of any character arising as a
+      result of this License or out of the use or inability to use the
+      Work (including but not limited to damages for loss of goodwill,
+      work stoppage, computer failure or malfunction, or any and all
+      other commercial damages or losses), even if such Contributor
+      has been advised of the possibility of such damages.
+
+   9. Accepting Warranty or Additional Liability. While redistributing
+      the Work or Derivative Works thereof, You may choose to offer,
+      and charge a fee for, acceptance of support, warranty, indemnity,
+      or other liability obligations and/or rights consistent with this
+      License. However, in accepting such obligations, You may act only
+      on Your own behalf and on Your sole responsibility, not on behalf
+      of any other Contributor, and only if You agree to indemnify,
+      defend, and hold each Contributor harmless for any liability
+      incurred by, or claims asserted against, such Contributor by reason
+      of your accepting any such warranty or additional liability.
+
+   END OF TERMS AND CONDITIONS
+
+   APPENDIX: How to apply the Apache License to your work.
+
+      To apply the Apache License to your work, attach the following
+      boilerplate notice, with the fields enclosed by brackets "[]"
+      replaced with your own identifying information. (Don't include
+      the brackets!)  The text should be enclosed in the appropriate
+      comment syntax for the file format. We also recommend that a
+      file or class name and description of purpose be included on the
+      same "printed page" as the copyright notice for easier
+      identification within third-party archives.
+
+   Copyright [yyyy] [name of copyright owner]
+
+   Licensed under the Apache License, Version 2.0 (the "License");
+   you may not use this file except in compliance with the License.
+   You may obtain a copy of the License at
+
+       http://www.apache.org/licenses/LICENSE-2.0
+
+   Unless required by applicable law or agreed to in writing, software
+   distributed under the License is distributed on an "AS IS" BASIS,
+   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+   See the License for the specific language governing permissions and
+   limitations under the License.
diff --git a/vendor/github.com/envoyproxy/protoc-gen-validate/NOTICE b/vendor/github.com/envoyproxy/protoc-gen-validate/NOTICE
new file mode 100644
index 00000000000..60884a05905
--- /dev/null
+++ b/vendor/github.com/envoyproxy/protoc-gen-validate/NOTICE
@@ -0,0 +1,4 @@
+protoc-gen-validate
+Copyright 2019 Envoy Project Authors
+
+Licensed under Apache License 2.0. See LICENSE for terms.
diff --git a/vendor/github.com/envoyproxy/protoc-gen-validate/validate/BUILD b/vendor/github.com/envoyproxy/protoc-gen-validate/validate/BUILD
new file mode 100644
index 00000000000..5040d640f1a
--- /dev/null
+++ b/vendor/github.com/envoyproxy/protoc-gen-validate/validate/BUILD
@@ -0,0 +1,69 @@
+load("@com_google_protobuf//:protobuf.bzl", "py_proto_library")
+load("@io_bazel_rules_go//proto:def.bzl", "go_proto_library")
+load("@rules_cc//cc:defs.bzl", "cc_library", "cc_proto_library")
+load("@rules_java//java:defs.bzl", "java_proto_library")
+load("@rules_proto//proto:defs.bzl", "proto_library")
+load("@io_bazel_rules_go//go:def.bzl", "go_library")
+
+package(
+    default_visibility =
+        ["//visibility:public"],
+)
+
+proto_library(
+    name = "validate_proto",
+    srcs = ["validate.proto"],
+    deps = [
+        "@com_google_protobuf//:descriptor_proto",
+        "@com_google_protobuf//:duration_proto",
+        "@com_google_protobuf//:timestamp_proto",
+    ],
+)
+
+cc_proto_library(
+    name = "validate_cc",
+    deps = [":validate_proto"],
+)
+
+py_proto_library(
+    name = "validate_py",
+    srcs = ["validate.proto"],
+    deps = ["@com_google_protobuf//:protobuf_python"],
+)
+
+go_proto_library(
+    name = "validate_go_proto",
+    importpath = "github.com/envoyproxy/protoc-gen-validate/validate",
+    proto = ":validate_proto",
+)
+
+cc_library(
+    name = "cc_validate",
+    hdrs = ["validate.h"],
+)
+
+go_library(
+    name = "validate_go",
+    embed = [":validate_go_proto"],
+    importpath = "github.com/envoyproxy/protoc-gen-validate/validate",
+)
+
+java_proto_library(
+    name = "validate_java",
+    deps = [":validate_proto"],
+)
+
+alias(
+    name = "go_default_library",
+    actual = ":validate_go",
+    deprecation = "Use :validate instead of :go_default_library.  Details about the new naming convention: https://github.com/bazelbuild/bazel-gazelle/pull/863",
+    visibility = ["//visibility:public"],
+)
+
+# this alias allows build files generated with Gazelle in other repositories
+# to find validate as an external dependency
+alias(
+    name = "validate",
+    actual = ":validate_go",
+    visibility = ["//visibility:public"],
+)
diff --git a/vendor/github.com/envoyproxy/protoc-gen-validate/validate/validate.h b/vendor/github.com/envoyproxy/protoc-gen-validate/validate/validate.h
new file mode 100644
index 00000000000..15e2c4bff6c
--- /dev/null
+++ b/vendor/github.com/envoyproxy/protoc-gen-validate/validate/validate.h
@@ -0,0 +1,157 @@
+#ifndef _VALIDATE_H
+#define _VALIDATE_H
+
+#include <functional>
+#include <regex>
+#include <stdexcept>
+#include <string>
+#include <typeinfo>
+#include <typeindex>
+#include <unordered_map>
+
+#if !defined(_WIN32)
+#include <arpa/inet.h>
+#else
+#include <winsock2.h>
+#include <ws2tcpip.h>
+
+// <windows.h> uses macros to #define a ton of symbols,
+// many of which interfere with our code here and down
+// the line in various extensions.
+#undef DELETE
+#undef ERROR
+#undef GetMessage
+#undef interface
+#undef TRUE
+#undef min
+
+#endif
+
+#include "google/protobuf/stubs/strutil.h" // for UTF8Len
+
+namespace pgv {
+using std::string;
+
+class UnimplementedException : public std::runtime_error {
+public:
+  UnimplementedException() : std::runtime_error("not yet implemented") {}
+  UnimplementedException(const std::string& message) : std::runtime_error(message) {}
+  // Thrown by C++ validation code that is not yet implemented.
+};
+
+using ValidationMsg = std::string;
+
+class BaseValidator {
+protected:
+  static std::unordered_map<std::type_index, BaseValidator*>& validators() {
+    static auto* validator_map = new std::unordered_map<std::type_index, BaseValidator*>();
+    return *validator_map;
+  }
+};
+
+template <typename T>
+class Validator : public BaseValidator {
+public:
+  Validator(std::function<bool(const T&, ValidationMsg*)> check) : check_(check)
+  {
+    validators()[std::type_index(typeid(T))] = this;
+  }
+
+  static bool CheckMessage(const T& m, ValidationMsg* err)
+  {
+    auto val = static_cast<Validator<T>*>(validators()[std::type_index(typeid(T))]);
+    if (val) {
+      return val->check_(m, err);
+    }
+    return true;
+  }
+
+private:
+  std::function<bool(const T&, ValidationMsg*)> check_;
+};
+
+static inline std::string String(const ValidationMsg& msg)
+{
+  return std::string(msg);
+}
+
+static inline bool IsPrefix(const string& maybe_prefix, const string& search_in)
+{
+  return search_in.compare(0, maybe_prefix.size(), maybe_prefix) == 0;
+}
+
+static inline bool IsSuffix(const string& maybe_suffix, const string& search_in)
+{
+  return maybe_suffix.size() <= search_in.size() && search_in.compare(search_in.size() - maybe_suffix.size(), maybe_suffix.size(), maybe_suffix) == 0;
+}
+
+static inline bool Contains(const string& search_in, const string& to_find)
+{
+  return search_in.find(to_find) != string::npos;
+}
+
+static inline bool NotContains(const string& search_in, const string& to_find)
+{
+  return !Contains(search_in, to_find);
+}
+
+static inline bool IsIpv4(const string& to_validate) {
+	struct sockaddr_in sa;
+	return !(inet_pton(AF_INET, to_validate.c_str(), &sa.sin_addr) < 1);
+}
+
+static inline bool IsIpv6(const string& to_validate) {
+  struct sockaddr_in6 sa_six;
+	return !(inet_pton(AF_INET6, to_validate.c_str(), &sa_six.sin6_addr) < 1);
+}
+
+static inline bool IsIp(const string& to_validate) {
+  return IsIpv4(to_validate) || IsIpv6(to_validate);
+}
+
+static inline bool IsHostname(const string& to_validate) {
+  if (to_validate.length() > 253) {
+    return false;
+  }
+
+  const std::regex dot_regex{"\\."};
+  const auto iter_end = std::sregex_token_iterator();
+  auto iter = std::sregex_token_iterator(to_validate.begin(), to_validate.end(), dot_regex, -1);
+  for (; iter != iter_end; ++iter) {
+    const std::string &part = *iter;
+    if (part.empty() || part.length() > 63) {
+      return false;
+    }
+    if (part.at(0) == '-') {
+      return false;
+    }
+    if (part.at(part.length() - 1) == '-') {
+      return false;
+    }
+    for (const auto &character : part) {
+      if ((character < 'A' || character > 'Z') && (character < 'a' || character > 'z') && (character < '0' || character > '9') && character != '-') {
+        return false;
+      }
+    }
+  }
+
+  return true;
+}
+
+static inline size_t Utf8Len(const string& narrow_string) {
+  const char *str_char = narrow_string.c_str();
+  ptrdiff_t byte_len = narrow_string.length();
+  size_t unicode_len = 0;
+  int char_len = 1;
+  while (byte_len > 0 && char_len > 0) {
+    char_len = google::protobuf::UTF8FirstLetterNumBytes(str_char, byte_len);
+    str_char += char_len;
+    byte_len -= char_len;
+    ++unicode_len;
+  }
+  return unicode_len;
+}
+
+} // namespace pgv
+
+#endif // _VALIDATE_H
diff --git a/vendor/github.com/envoyproxy/protoc-gen-validate/validate/validate.pb.go b/vendor/github.com/envoyproxy/protoc-gen-validate/validate/validate.pb.go
new file mode 100644
index 00000000000..61e19b95d7e
--- /dev/null
+++ b/vendor/github.com/envoyproxy/protoc-gen-validate/validate/validate.pb.go
@@ -0,0 +1,4104 @@
+// Code generated by protoc-gen-go. DO NOT EDIT.
+// versions:
+// 	protoc-gen-go v1.26.0
+// 	protoc        v3.17.3
+// source: validate/validate.proto
+
+package validate
+
+import (
+	protoreflect "google.golang.org/protobuf/reflect/protoreflect"
+	protoimpl "google.golang.org/protobuf/runtime/protoimpl"
+	descriptorpb "google.golang.org/protobuf/types/descriptorpb"
+	durationpb "google.golang.org/protobuf/types/known/durationpb"
+	timestamppb "google.golang.org/protobuf/types/known/timestamppb"
+	reflect "reflect"
+	sync "sync"
+)
+
+const (
+	// Verify that this generated code is sufficiently up-to-date.
+	_ = protoimpl.EnforceVersion(20 - protoimpl.MinVersion)
+	// Verify that runtime/protoimpl is sufficiently up-to-date.
+	_ = protoimpl.EnforceVersion(protoimpl.MaxVersion - 20)
+)
+
+// WellKnownRegex contain some well-known patterns.
+type KnownRegex int32
+
+const (
+	KnownRegex_UNKNOWN KnownRegex = 0
+	// HTTP header name as defined by RFC 7230.
+	KnownRegex_HTTP_HEADER_NAME KnownRegex = 1
+	// HTTP header value as defined by RFC 7230.
+	KnownRegex_HTTP_HEADER_VALUE KnownRegex = 2
+)
+
+// Enum value maps for KnownRegex.
+var (
+	KnownRegex_name = map[int32]string{
+		0: "UNKNOWN",
+		1: "HTTP_HEADER_NAME",
+		2: "HTTP_HEADER_VALUE",
+	}
+	KnownRegex_value = map[string]int32{
+		"UNKNOWN":           0,
+		"HTTP_HEADER_NAME":  1,
+		"HTTP_HEADER_VALUE": 2,
+	}
+)
+
+func (x KnownRegex) Enum() *KnownRegex {
+	p := new(KnownRegex)
+	*p = x
+	return p
+}
+
+func (x KnownRegex) String() string {
+	return protoimpl.X.EnumStringOf(x.Descriptor(), protoreflect.EnumNumber(x))
+}
+
+func (KnownRegex) Descriptor() protoreflect.EnumDescriptor {
+	return file_validate_validate_proto_enumTypes[0].Descriptor()
+}
+
+func (KnownRegex) Type() protoreflect.EnumType {
+	return &file_validate_validate_proto_enumTypes[0]
+}
+
+func (x KnownRegex) Number() protoreflect.EnumNumber {
+	return protoreflect.EnumNumber(x)
+}
+
+// Deprecated: Do not use.
+func (x *KnownRegex) UnmarshalJSON(b []byte) error {
+	num, err := protoimpl.X.UnmarshalJSONEnum(x.Descriptor(), b)
+	if err != nil {
+		return err
+	}
+	*x = KnownRegex(num)
+	return nil
+}
+
+// Deprecated: Use KnownRegex.Descriptor instead.
+func (KnownRegex) EnumDescriptor() ([]byte, []int) {
+	return file_validate_validate_proto_rawDescGZIP(), []int{0}
+}
+
+// FieldRules encapsulates the rules for each type of field. Depending on the
+// field, the correct set should be used to ensure proper validations.
+type FieldRules struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	Message *MessageRules `protobuf:"bytes,17,opt,name=message" json:"message,omitempty"`
+	// Types that are assignable to Type:
+	//	*FieldRules_Float
+	//	*FieldRules_Double
+	//	*FieldRules_Int32
+	//	*FieldRules_Int64
+	//	*FieldRules_Uint32
+	//	*FieldRules_Uint64
+	//	*FieldRules_Sint32
+	//	*FieldRules_Sint64
+	//	*FieldRules_Fixed32
+	//	*FieldRules_Fixed64
+	//	*FieldRules_Sfixed32
+	//	*FieldRules_Sfixed64
+	//	*FieldRules_Bool
+	//	*FieldRules_String_
+	//	*FieldRules_Bytes
+	//	*FieldRules_Enum
+	//	*FieldRules_Repeated
+	//	*FieldRules_Map
+	//	*FieldRules_Any
+	//	*FieldRules_Duration
+	//	*FieldRules_Timestamp
+	Type isFieldRules_Type `protobuf_oneof:"type"`
+}
+
+func (x *FieldRules) Reset() {
+	*x = FieldRules{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_validate_validate_proto_msgTypes[0]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *FieldRules) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*FieldRules) ProtoMessage() {}
+
+func (x *FieldRules) ProtoReflect() protoreflect.Message {
+	mi := &file_validate_validate_proto_msgTypes[0]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use FieldRules.ProtoReflect.Descriptor instead.
+func (*FieldRules) Descriptor() ([]byte, []int) {
+	return file_validate_validate_proto_rawDescGZIP(), []int{0}
+}
+
+func (x *FieldRules) GetMessage() *MessageRules {
+	if x != nil {
+		return x.Message
+	}
+	return nil
+}
+
+func (m *FieldRules) GetType() isFieldRules_Type {
+	if m != nil {
+		return m.Type
+	}
+	return nil
+}
+
+func (x *FieldRules) GetFloat() *FloatRules {
+	if x, ok := x.GetType().(*FieldRules_Float); ok {
+		return x.Float
+	}
+	return nil
+}
+
+func (x *FieldRules) GetDouble() *DoubleRules {
+	if x, ok := x.GetType().(*FieldRules_Double); ok {
+		return x.Double
+	}
+	return nil
+}
+
+func (x *FieldRules) GetInt32() *Int32Rules {
+	if x, ok := x.GetType().(*FieldRules_Int32); ok {
+		return x.Int32
+	}
+	return nil
+}
+
+func (x *FieldRules) GetInt64() *Int64Rules {
+	if x, ok := x.GetType().(*FieldRules_Int64); ok {
+		return x.Int64
+	}
+	return nil
+}
+
+func (x *FieldRules) GetUint32() *UInt32Rules {
+	if x, ok := x.GetType().(*FieldRules_Uint32); ok {
+		return x.Uint32
+	}
+	return nil
+}
+
+func (x *FieldRules) GetUint64() *UInt64Rules {
+	if x, ok := x.GetType().(*FieldRules_Uint64); ok {
+		return x.Uint64
+	}
+	return nil
+}
+
+func (x *FieldRules) GetSint32() *SInt32Rules {
+	if x, ok := x.GetType().(*FieldRules_Sint32); ok {
+		return x.Sint32
+	}
+	return nil
+}
+
+func (x *FieldRules) GetSint64() *SInt64Rules {
+	if x, ok := x.GetType().(*FieldRules_Sint64); ok {
+		return x.Sint64
+	}
+	return nil
+}
+
+func (x *FieldRules) GetFixed32() *Fixed32Rules {
+	if x, ok := x.GetType().(*FieldRules_Fixed32); ok {
+		return x.Fixed32
+	}
+	return nil
+}
+
+func (x *FieldRules) GetFixed64() *Fixed64Rules {
+	if x, ok := x.GetType().(*FieldRules_Fixed64); ok {
+		return x.Fixed64
+	}
+	return nil
+}
+
+func (x *FieldRules) GetSfixed32() *SFixed32Rules {
+	if x, ok := x.GetType().(*FieldRules_Sfixed32); ok {
+		return x.Sfixed32
+	}
+	return nil
+}
+
+func (x *FieldRules) GetSfixed64() *SFixed64Rules {
+	if x, ok := x.GetType().(*FieldRules_Sfixed64); ok {
+		return x.Sfixed64
+	}
+	return nil
+}
+
+func (x *FieldRules) GetBool() *BoolRules {
+	if x, ok := x.GetType().(*FieldRules_Bool); ok {
+		return x.Bool
+	}
+	return nil
+}
+
+func (x *FieldRules) GetString_() *StringRules {
+	if x, ok := x.GetType().(*FieldRules_String_); ok {
+		return x.String_
+	}
+	return nil
+}
+
+func (x *FieldRules) GetBytes() *BytesRules {
+	if x, ok := x.GetType().(*FieldRules_Bytes); ok {
+		return x.Bytes
+	}
+	return nil
+}
+
+func (x *FieldRules) GetEnum() *EnumRules {
+	if x, ok := x.GetType().(*FieldRules_Enum); ok {
+		return x.Enum
+	}
+	return nil
+}
+
+func (x *FieldRules) GetRepeated() *RepeatedRules {
+	if x, ok := x.GetType().(*FieldRules_Repeated); ok {
+		return x.Repeated
+	}
+	return nil
+}
+
+func (x *FieldRules) GetMap() *MapRules {
+	if x, ok := x.GetType().(*FieldRules_Map); ok {
+		return x.Map
+	}
+	return nil
+}
+
+func (x *FieldRules) GetAny() *AnyRules {
+	if x, ok := x.GetType().(*FieldRules_Any); ok {
+		return x.Any
+	}
+	return nil
+}
+
+func (x *FieldRules) GetDuration() *DurationRules {
+	if x, ok := x.GetType().(*FieldRules_Duration); ok {
+		return x.Duration
+	}
+	return nil
+}
+
+func (x *FieldRules) GetTimestamp() *TimestampRules {
+	if x, ok := x.GetType().(*FieldRules_Timestamp); ok {
+		return x.Timestamp
+	}
+	return nil
+}
+
+type isFieldRules_Type interface {
+	isFieldRules_Type()
+}
+
+type FieldRules_Float struct {
+	// Scalar Field Types
+	Float *FloatRules `protobuf:"bytes,1,opt,name=float,oneof"`
+}
+
+type FieldRules_Double struct {
+	Double *DoubleRules `protobuf:"bytes,2,opt,name=double,oneof"`
+}
+
+type FieldRules_Int32 struct {
+	Int32 *Int32Rules `protobuf:"bytes,3,opt,name=int32,oneof"`
+}
+
+type FieldRules_Int64 struct {
+	Int64 *Int64Rules `protobuf:"bytes,4,opt,name=int64,oneof"`
+}
+
+type FieldRules_Uint32 struct {
+	Uint32 *UInt32Rules `protobuf:"bytes,5,opt,name=uint32,oneof"`
+}
+
+type FieldRules_Uint64 struct {
+	Uint64 *UInt64Rules `protobuf:"bytes,6,opt,name=uint64,oneof"`
+}
+
+type FieldRules_Sint32 struct {
+	Sint32 *SInt32Rules `protobuf:"bytes,7,opt,name=sint32,oneof"`
+}
+
+type FieldRules_Sint64 struct {
+	Sint64 *SInt64Rules `protobuf:"bytes,8,opt,name=sint64,oneof"`
+}
+
+type FieldRules_Fixed32 struct {
+	Fixed32 *Fixed32Rules `protobuf:"bytes,9,opt,name=fixed32,oneof"`
+}
+
+type FieldRules_Fixed64 struct {
+	Fixed64 *Fixed64Rules `protobuf:"bytes,10,opt,name=fixed64,oneof"`
+}
+
+type FieldRules_Sfixed32 struct {
+	Sfixed32 *SFixed32Rules `protobuf:"bytes,11,opt,name=sfixed32,oneof"`
+}
+
+type FieldRules_Sfixed64 struct {
+	Sfixed64 *SFixed64Rules `protobuf:"bytes,12,opt,name=sfixed64,oneof"`
+}
+
+type FieldRules_Bool struct {
+	Bool *BoolRules `protobuf:"bytes,13,opt,name=bool,oneof"`
+}
+
+type FieldRules_String_ struct {
+	String_ *StringRules `protobuf:"bytes,14,opt,name=string,oneof"`
+}
+
+type FieldRules_Bytes struct {
+	Bytes *BytesRules `protobuf:"bytes,15,opt,name=bytes,oneof"`
+}
+
+type FieldRules_Enum struct {
+	// Complex Field Types
+	Enum *EnumRules `protobuf:"bytes,16,opt,name=enum,oneof"`
+}
+
+type FieldRules_Repeated struct {
+	Repeated *RepeatedRules `protobuf:"bytes,18,opt,name=repeated,oneof"`
+}
+
+type FieldRules_Map struct {
+	Map *MapRules `protobuf:"bytes,19,opt,name=map,oneof"`
+}
+
+type FieldRules_Any struct {
+	// Well-Known Field Types
+	Any *AnyRules `protobuf:"bytes,20,opt,name=any,oneof"`
+}
+
+type FieldRules_Duration struct {
+	Duration *DurationRules `protobuf:"bytes,21,opt,name=duration,oneof"`
+}
+
+type FieldRules_Timestamp struct {
+	Timestamp *TimestampRules `protobuf:"bytes,22,opt,name=timestamp,oneof"`
+}
+
+func (*FieldRules_Float) isFieldRules_Type() {}
+
+func (*FieldRules_Double) isFieldRules_Type() {}
+
+func (*FieldRules_Int32) isFieldRules_Type() {}
+
+func (*FieldRules_Int64) isFieldRules_Type() {}
+
+func (*FieldRules_Uint32) isFieldRules_Type() {}
+
+func (*FieldRules_Uint64) isFieldRules_Type() {}
+
+func (*FieldRules_Sint32) isFieldRules_Type() {}
+
+func (*FieldRules_Sint64) isFieldRules_Type() {}
+
+func (*FieldRules_Fixed32) isFieldRules_Type() {}
+
+func (*FieldRules_Fixed64) isFieldRules_Type() {}
+
+func (*FieldRules_Sfixed32) isFieldRules_Type() {}
+
+func (*FieldRules_Sfixed64) isFieldRules_Type() {}
+
+func (*FieldRules_Bool) isFieldRules_Type() {}
+
+func (*FieldRules_String_) isFieldRules_Type() {}
+
+func (*FieldRules_Bytes) isFieldRules_Type() {}
+
+func (*FieldRules_Enum) isFieldRules_Type() {}
+
+func (*FieldRules_Repeated) isFieldRules_Type() {}
+
+func (*FieldRules_Map) isFieldRules_Type() {}
+
+func (*FieldRules_Any) isFieldRules_Type() {}
+
+func (*FieldRules_Duration) isFieldRules_Type() {}
+
+func (*FieldRules_Timestamp) isFieldRules_Type() {}
+
+// FloatRules describes the constraints applied to `float` values
+type FloatRules struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// Const specifies that this field must be exactly the specified value
+	Const *float32 `protobuf:"fixed32,1,opt,name=const" json:"const,omitempty"`
+	// Lt specifies that this field must be less than the specified value,
+	// exclusive
+	Lt *float32 `protobuf:"fixed32,2,opt,name=lt" json:"lt,omitempty"`
+	// Lte specifies that this field must be less than or equal to the
+	// specified value, inclusive
+	Lte *float32 `protobuf:"fixed32,3,opt,name=lte" json:"lte,omitempty"`
+	// Gt specifies that this field must be greater than the specified value,
+	// exclusive. If the value of Gt is larger than a specified Lt or Lte, the
+	// range is reversed.
+	Gt *float32 `protobuf:"fixed32,4,opt,name=gt" json:"gt,omitempty"`
+	// Gte specifies that this field must be greater than or equal to the
+	// specified value, inclusive. If the value of Gte is larger than a
+	// specified Lt or Lte, the range is reversed.
+	Gte *float32 `protobuf:"fixed32,5,opt,name=gte" json:"gte,omitempty"`
+	// In specifies that this field must be equal to one of the specified
+	// values
+	In []float32 `protobuf:"fixed32,6,rep,name=in" json:"in,omitempty"`
+	// NotIn specifies that this field cannot be equal to one of the specified
+	// values
+	NotIn []float32 `protobuf:"fixed32,7,rep,name=not_in,json=notIn" json:"not_in,omitempty"`
+	// IgnoreEmpty specifies that the validation rules of this field should be
+	// evaluated only if the field is not empty
+	IgnoreEmpty *bool `protobuf:"varint,8,opt,name=ignore_empty,json=ignoreEmpty" json:"ignore_empty,omitempty"`
+}
+
+func (x *FloatRules) Reset() {
+	*x = FloatRules{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_validate_validate_proto_msgTypes[1]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *FloatRules) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*FloatRules) ProtoMessage() {}
+
+func (x *FloatRules) ProtoReflect() protoreflect.Message {
+	mi := &file_validate_validate_proto_msgTypes[1]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use FloatRules.ProtoReflect.Descriptor instead.
+func (*FloatRules) Descriptor() ([]byte, []int) {
+	return file_validate_validate_proto_rawDescGZIP(), []int{1}
+}
+
+func (x *FloatRules) GetConst() float32 {
+	if x != nil && x.Const != nil {
+		return *x.Const
+	}
+	return 0
+}
+
+func (x *FloatRules) GetLt() float32 {
+	if x != nil && x.Lt != nil {
+		return *x.Lt
+	}
+	return 0
+}
+
+func (x *FloatRules) GetLte() float32 {
+	if x != nil && x.Lte != nil {
+		return *x.Lte
+	}
+	return 0
+}
+
+func (x *FloatRules) GetGt() float32 {
+	if x != nil && x.Gt != nil {
+		return *x.Gt
+	}
+	return 0
+}
+
+func (x *FloatRules) GetGte() float32 {
+	if x != nil && x.Gte != nil {
+		return *x.Gte
+	}
+	return 0
+}
+
+func (x *FloatRules) GetIn() []float32 {
+	if x != nil {
+		return x.In
+	}
+	return nil
+}
+
+func (x *FloatRules) GetNotIn() []float32 {
+	if x != nil {
+		return x.NotIn
+	}
+	return nil
+}
+
+func (x *FloatRules) GetIgnoreEmpty() bool {
+	if x != nil && x.IgnoreEmpty != nil {
+		return *x.IgnoreEmpty
+	}
+	return false
+}
+
+// DoubleRules describes the constraints applied to `double` values
+type DoubleRules struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// Const specifies that this field must be exactly the specified value
+	Const *float64 `protobuf:"fixed64,1,opt,name=const" json:"const,omitempty"`
+	// Lt specifies that this field must be less than the specified value,
+	// exclusive
+	Lt *float64 `protobuf:"fixed64,2,opt,name=lt" json:"lt,omitempty"`
+	// Lte specifies that this field must be less than or equal to the
+	// specified value, inclusive
+	Lte *float64 `protobuf:"fixed64,3,opt,name=lte" json:"lte,omitempty"`
+	// Gt specifies that this field must be greater than the specified value,
+	// exclusive. If the value of Gt is larger than a specified Lt or Lte, the
+	// range is reversed.
+	Gt *float64 `protobuf:"fixed64,4,opt,name=gt" json:"gt,omitempty"`
+	// Gte specifies that this field must be greater than or equal to the
+	// specified value, inclusive. If the value of Gte is larger than a
+	// specified Lt or Lte, the range is reversed.
+	Gte *float64 `protobuf:"fixed64,5,opt,name=gte" json:"gte,omitempty"`
+	// In specifies that this field must be equal to one of the specified
+	// values
+	In []float64 `protobuf:"fixed64,6,rep,name=in" json:"in,omitempty"`
+	// NotIn specifies that this field cannot be equal to one of the specified
+	// values
+	NotIn []float64 `protobuf:"fixed64,7,rep,name=not_in,json=notIn" json:"not_in,omitempty"`
+	// IgnoreEmpty specifies that the validation rules of this field should be
+	// evaluated only if the field is not empty
+	IgnoreEmpty *bool `protobuf:"varint,8,opt,name=ignore_empty,json=ignoreEmpty" json:"ignore_empty,omitempty"`
+}
+
+func (x *DoubleRules) Reset() {
+	*x = DoubleRules{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_validate_validate_proto_msgTypes[2]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *DoubleRules) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*DoubleRules) ProtoMessage() {}
+
+func (x *DoubleRules) ProtoReflect() protoreflect.Message {
+	mi := &file_validate_validate_proto_msgTypes[2]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use DoubleRules.ProtoReflect.Descriptor instead.
+func (*DoubleRules) Descriptor() ([]byte, []int) {
+	return file_validate_validate_proto_rawDescGZIP(), []int{2}
+}
+
+func (x *DoubleRules) GetConst() float64 {
+	if x != nil && x.Const != nil {
+		return *x.Const
+	}
+	return 0
+}
+
+func (x *DoubleRules) GetLt() float64 {
+	if x != nil && x.Lt != nil {
+		return *x.Lt
+	}
+	return 0
+}
+
+func (x *DoubleRules) GetLte() float64 {
+	if x != nil && x.Lte != nil {
+		return *x.Lte
+	}
+	return 0
+}
+
+func (x *DoubleRules) GetGt() float64 {
+	if x != nil && x.Gt != nil {
+		return *x.Gt
+	}
+	return 0
+}
+
+func (x *DoubleRules) GetGte() float64 {
+	if x != nil && x.Gte != nil {
+		return *x.Gte
+	}
+	return 0
+}
+
+func (x *DoubleRules) GetIn() []float64 {
+	if x != nil {
+		return x.In
+	}
+	return nil
+}
+
+func (x *DoubleRules) GetNotIn() []float64 {
+	if x != nil {
+		return x.NotIn
+	}
+	return nil
+}
+
+func (x *DoubleRules) GetIgnoreEmpty() bool {
+	if x != nil && x.IgnoreEmpty != nil {
+		return *x.IgnoreEmpty
+	}
+	return false
+}
+
+// Int32Rules describes the constraints applied to `int32` values
+type Int32Rules struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// Const specifies that this field must be exactly the specified value
+	Const *int32 `protobuf:"varint,1,opt,name=const" json:"const,omitempty"`
+	// Lt specifies that this field must be less than the specified value,
+	// exclusive
+	Lt *int32 `protobuf:"varint,2,opt,name=lt" json:"lt,omitempty"`
+	// Lte specifies that this field must be less than or equal to the
+	// specified value, inclusive
+	Lte *int32 `protobuf:"varint,3,opt,name=lte" json:"lte,omitempty"`
+	// Gt specifies that this field must be greater than the specified value,
+	// exclusive. If the value of Gt is larger than a specified Lt or Lte, the
+	// range is reversed.
+	Gt *int32 `protobuf:"varint,4,opt,name=gt" json:"gt,omitempty"`
+	// Gte specifies that this field must be greater than or equal to the
+	// specified value, inclusive. If the value of Gte is larger than a
+	// specified Lt or Lte, the range is reversed.
+	Gte *int32 `protobuf:"varint,5,opt,name=gte" json:"gte,omitempty"`
+	// In specifies that this field must be equal to one of the specified
+	// values
+	In []int32 `protobuf:"varint,6,rep,name=in" json:"in,omitempty"`
+	// NotIn specifies that this field cannot be equal to one of the specified
+	// values
+	NotIn []int32 `protobuf:"varint,7,rep,name=not_in,json=notIn" json:"not_in,omitempty"`
+	// IgnoreEmpty specifies that the validation rules of this field should be
+	// evaluated only if the field is not empty
+	IgnoreEmpty *bool `protobuf:"varint,8,opt,name=ignore_empty,json=ignoreEmpty" json:"ignore_empty,omitempty"`
+}
+
+func (x *Int32Rules) Reset() {
+	*x = Int32Rules{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_validate_validate_proto_msgTypes[3]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *Int32Rules) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*Int32Rules) ProtoMessage() {}
+
+func (x *Int32Rules) ProtoReflect() protoreflect.Message {
+	mi := &file_validate_validate_proto_msgTypes[3]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use Int32Rules.ProtoReflect.Descriptor instead.
+func (*Int32Rules) Descriptor() ([]byte, []int) {
+	return file_validate_validate_proto_rawDescGZIP(), []int{3}
+}
+
+func (x *Int32Rules) GetConst() int32 {
+	if x != nil && x.Const != nil {
+		return *x.Const
+	}
+	return 0
+}
+
+func (x *Int32Rules) GetLt() int32 {
+	if x != nil && x.Lt != nil {
+		return *x.Lt
+	}
+	return 0
+}
+
+func (x *Int32Rules) GetLte() int32 {
+	if x != nil && x.Lte != nil {
+		return *x.Lte
+	}
+	return 0
+}
+
+func (x *Int32Rules) GetGt() int32 {
+	if x != nil && x.Gt != nil {
+		return *x.Gt
+	}
+	return 0
+}
+
+func (x *Int32Rules) GetGte() int32 {
+	if x != nil && x.Gte != nil {
+		return *x.Gte
+	}
+	return 0
+}
+
+func (x *Int32Rules) GetIn() []int32 {
+	if x != nil {
+		return x.In
+	}
+	return nil
+}
+
+func (x *Int32Rules) GetNotIn() []int32 {
+	if x != nil {
+		return x.NotIn
+	}
+	return nil
+}
+
+func (x *Int32Rules) GetIgnoreEmpty() bool {
+	if x != nil && x.IgnoreEmpty != nil {
+		return *x.IgnoreEmpty
+	}
+	return false
+}
+
+// Int64Rules describes the constraints applied to `int64` values
+type Int64Rules struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// Const specifies that this field must be exactly the specified value
+	Const *int64 `protobuf:"varint,1,opt,name=const" json:"const,omitempty"`
+	// Lt specifies that this field must be less than the specified value,
+	// exclusive
+	Lt *int64 `protobuf:"varint,2,opt,name=lt" json:"lt,omitempty"`
+	// Lte specifies that this field must be less than or equal to the
+	// specified value, inclusive
+	Lte *int64 `protobuf:"varint,3,opt,name=lte" json:"lte,omitempty"`
+	// Gt specifies that this field must be greater than the specified value,
+	// exclusive. If the value of Gt is larger than a specified Lt or Lte, the
+	// range is reversed.
+	Gt *int64 `protobuf:"varint,4,opt,name=gt" json:"gt,omitempty"`
+	// Gte specifies that this field must be greater than or equal to the
+	// specified value, inclusive. If the value of Gte is larger than a
+	// specified Lt or Lte, the range is reversed.
+	Gte *int64 `protobuf:"varint,5,opt,name=gte" json:"gte,omitempty"`
+	// In specifies that this field must be equal to one of the specified
+	// values
+	In []int64 `protobuf:"varint,6,rep,name=in" json:"in,omitempty"`
+	// NotIn specifies that this field cannot be equal to one of the specified
+	// values
+	NotIn []int64 `protobuf:"varint,7,rep,name=not_in,json=notIn" json:"not_in,omitempty"`
+	// IgnoreEmpty specifies that the validation rules of this field should be
+	// evaluated only if the field is not empty
+	IgnoreEmpty *bool `protobuf:"varint,8,opt,name=ignore_empty,json=ignoreEmpty" json:"ignore_empty,omitempty"`
+}
+
+func (x *Int64Rules) Reset() {
+	*x = Int64Rules{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_validate_validate_proto_msgTypes[4]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *Int64Rules) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*Int64Rules) ProtoMessage() {}
+
+func (x *Int64Rules) ProtoReflect() protoreflect.Message {
+	mi := &file_validate_validate_proto_msgTypes[4]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use Int64Rules.ProtoReflect.Descriptor instead.
+func (*Int64Rules) Descriptor() ([]byte, []int) {
+	return file_validate_validate_proto_rawDescGZIP(), []int{4}
+}
+
+func (x *Int64Rules) GetConst() int64 {
+	if x != nil && x.Const != nil {
+		return *x.Const
+	}
+	return 0
+}
+
+func (x *Int64Rules) GetLt() int64 {
+	if x != nil && x.Lt != nil {
+		return *x.Lt
+	}
+	return 0
+}
+
+func (x *Int64Rules) GetLte() int64 {
+	if x != nil && x.Lte != nil {
+		return *x.Lte
+	}
+	return 0
+}
+
+func (x *Int64Rules) GetGt() int64 {
+	if x != nil && x.Gt != nil {
+		return *x.Gt
+	}
+	return 0
+}
+
+func (x *Int64Rules) GetGte() int64 {
+	if x != nil && x.Gte != nil {
+		return *x.Gte
+	}
+	return 0
+}
+
+func (x *Int64Rules) GetIn() []int64 {
+	if x != nil {
+		return x.In
+	}
+	return nil
+}
+
+func (x *Int64Rules) GetNotIn() []int64 {
+	if x != nil {
+		return x.NotIn
+	}
+	return nil
+}
+
+func (x *Int64Rules) GetIgnoreEmpty() bool {
+	if x != nil && x.IgnoreEmpty != nil {
+		return *x.IgnoreEmpty
+	}
+	return false
+}
+
+// UInt32Rules describes the constraints applied to `uint32` values
+type UInt32Rules struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// Const specifies that this field must be exactly the specified value
+	Const *uint32 `protobuf:"varint,1,opt,name=const" json:"const,omitempty"`
+	// Lt specifies that this field must be less than the specified value,
+	// exclusive
+	Lt *uint32 `protobuf:"varint,2,opt,name=lt" json:"lt,omitempty"`
+	// Lte specifies that this field must be less than or equal to the
+	// specified value, inclusive
+	Lte *uint32 `protobuf:"varint,3,opt,name=lte" json:"lte,omitempty"`
+	// Gt specifies that this field must be greater than the specified value,
+	// exclusive. If the value of Gt is larger than a specified Lt or Lte, the
+	// range is reversed.
+	Gt *uint32 `protobuf:"varint,4,opt,name=gt" json:"gt,omitempty"`
+	// Gte specifies that this field must be greater than or equal to the
+	// specified value, inclusive. If the value of Gte is larger than a
+	// specified Lt or Lte, the range is reversed.
+	Gte *uint32 `protobuf:"varint,5,opt,name=gte" json:"gte,omitempty"`
+	// In specifies that this field must be equal to one of the specified
+	// values
+	In []uint32 `protobuf:"varint,6,rep,name=in" json:"in,omitempty"`
+	// NotIn specifies that this field cannot be equal to one of the specified
+	// values
+	NotIn []uint32 `protobuf:"varint,7,rep,name=not_in,json=notIn" json:"not_in,omitempty"`
+	// IgnoreEmpty specifies that the validation rules of this field should be
+	// evaluated only if the field is not empty
+	IgnoreEmpty *bool `protobuf:"varint,8,opt,name=ignore_empty,json=ignoreEmpty" json:"ignore_empty,omitempty"`
+}
+
+func (x *UInt32Rules) Reset() {
+	*x = UInt32Rules{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_validate_validate_proto_msgTypes[5]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *UInt32Rules) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*UInt32Rules) ProtoMessage() {}
+
+func (x *UInt32Rules) ProtoReflect() protoreflect.Message {
+	mi := &file_validate_validate_proto_msgTypes[5]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use UInt32Rules.ProtoReflect.Descriptor instead.
+func (*UInt32Rules) Descriptor() ([]byte, []int) {
+	return file_validate_validate_proto_rawDescGZIP(), []int{5}
+}
+
+func (x *UInt32Rules) GetConst() uint32 {
+	if x != nil && x.Const != nil {
+		return *x.Const
+	}
+	return 0
+}
+
+func (x *UInt32Rules) GetLt() uint32 {
+	if x != nil && x.Lt != nil {
+		return *x.Lt
+	}
+	return 0
+}
+
+func (x *UInt32Rules) GetLte() uint32 {
+	if x != nil && x.Lte != nil {
+		return *x.Lte
+	}
+	return 0
+}
+
+func (x *UInt32Rules) GetGt() uint32 {
+	if x != nil && x.Gt != nil {
+		return *x.Gt
+	}
+	return 0
+}
+
+func (x *UInt32Rules) GetGte() uint32 {
+	if x != nil && x.Gte != nil {
+		return *x.Gte
+	}
+	return 0
+}
+
+func (x *UInt32Rules) GetIn() []uint32 {
+	if x != nil {
+		return x.In
+	}
+	return nil
+}
+
+func (x *UInt32Rules) GetNotIn() []uint32 {
+	if x != nil {
+		return x.NotIn
+	}
+	return nil
+}
+
+func (x *UInt32Rules) GetIgnoreEmpty() bool {
+	if x != nil && x.IgnoreEmpty != nil {
+		return *x.IgnoreEmpty
+	}
+	return false
+}
+
+// UInt64Rules describes the constraints applied to `uint64` values
+type UInt64Rules struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// Const specifies that this field must be exactly the specified value
+	Const *uint64 `protobuf:"varint,1,opt,name=const" json:"const,omitempty"`
+	// Lt specifies that this field must be less than the specified value,
+	// exclusive
+	Lt *uint64 `protobuf:"varint,2,opt,name=lt" json:"lt,omitempty"`
+	// Lte specifies that this field must be less than or equal to the
+	// specified value, inclusive
+	Lte *uint64 `protobuf:"varint,3,opt,name=lte" json:"lte,omitempty"`
+	// Gt specifies that this field must be greater than the specified value,
+	// exclusive. If the value of Gt is larger than a specified Lt or Lte, the
+	// range is reversed.
+	Gt *uint64 `protobuf:"varint,4,opt,name=gt" json:"gt,omitempty"`
+	// Gte specifies that this field must be greater than or equal to the
+	// specified value, inclusive. If the value of Gte is larger than a
+	// specified Lt or Lte, the range is reversed.
+	Gte *uint64 `protobuf:"varint,5,opt,name=gte" json:"gte,omitempty"`
+	// In specifies that this field must be equal to one of the specified
+	// values
+	In []uint64 `protobuf:"varint,6,rep,name=in" json:"in,omitempty"`
+	// NotIn specifies that this field cannot be equal to one of the specified
+	// values
+	NotIn []uint64 `protobuf:"varint,7,rep,name=not_in,json=notIn" json:"not_in,omitempty"`
+	// IgnoreEmpty specifies that the validation rules of this field should be
+	// evaluated only if the field is not empty
+	IgnoreEmpty *bool `protobuf:"varint,8,opt,name=ignore_empty,json=ignoreEmpty" json:"ignore_empty,omitempty"`
+}
+
+func (x *UInt64Rules) Reset() {
+	*x = UInt64Rules{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_validate_validate_proto_msgTypes[6]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *UInt64Rules) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*UInt64Rules) ProtoMessage() {}
+
+func (x *UInt64Rules) ProtoReflect() protoreflect.Message {
+	mi := &file_validate_validate_proto_msgTypes[6]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use UInt64Rules.ProtoReflect.Descriptor instead.
+func (*UInt64Rules) Descriptor() ([]byte, []int) {
+	return file_validate_validate_proto_rawDescGZIP(), []int{6}
+}
+
+func (x *UInt64Rules) GetConst() uint64 {
+	if x != nil && x.Const != nil {
+		return *x.Const
+	}
+	return 0
+}
+
+func (x *UInt64Rules) GetLt() uint64 {
+	if x != nil && x.Lt != nil {
+		return *x.Lt
+	}
+	return 0
+}
+
+func (x *UInt64Rules) GetLte() uint64 {
+	if x != nil && x.Lte != nil {
+		return *x.Lte
+	}
+	return 0
+}
+
+func (x *UInt64Rules) GetGt() uint64 {
+	if x != nil && x.Gt != nil {
+		return *x.Gt
+	}
+	return 0
+}
+
+func (x *UInt64Rules) GetGte() uint64 {
+	if x != nil && x.Gte != nil {
+		return *x.Gte
+	}
+	return 0
+}
+
+func (x *UInt64Rules) GetIn() []uint64 {
+	if x != nil {
+		return x.In
+	}
+	return nil
+}
+
+func (x *UInt64Rules) GetNotIn() []uint64 {
+	if x != nil {
+		return x.NotIn
+	}
+	return nil
+}
+
+func (x *UInt64Rules) GetIgnoreEmpty() bool {
+	if x != nil && x.IgnoreEmpty != nil {
+		return *x.IgnoreEmpty
+	}
+	return false
+}
+
+// SInt32Rules describes the constraints applied to `sint32` values
+type SInt32Rules struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// Const specifies that this field must be exactly the specified value
+	Const *int32 `protobuf:"zigzag32,1,opt,name=const" json:"const,omitempty"`
+	// Lt specifies that this field must be less than the specified value,
+	// exclusive
+	Lt *int32 `protobuf:"zigzag32,2,opt,name=lt" json:"lt,omitempty"`
+	// Lte specifies that this field must be less than or equal to the
+	// specified value, inclusive
+	Lte *int32 `protobuf:"zigzag32,3,opt,name=lte" json:"lte,omitempty"`
+	// Gt specifies that this field must be greater than the specified value,
+	// exclusive. If the value of Gt is larger than a specified Lt or Lte, the
+	// range is reversed.
+	Gt *int32 `protobuf:"zigzag32,4,opt,name=gt" json:"gt,omitempty"`
+	// Gte specifies that this field must be greater than or equal to the
+	// specified value, inclusive. If the value of Gte is larger than a
+	// specified Lt or Lte, the range is reversed.
+	Gte *int32 `protobuf:"zigzag32,5,opt,name=gte" json:"gte,omitempty"`
+	// In specifies that this field must be equal to one of the specified
+	// values
+	In []int32 `protobuf:"zigzag32,6,rep,name=in" json:"in,omitempty"`
+	// NotIn specifies that this field cannot be equal to one of the specified
+	// values
+	NotIn []int32 `protobuf:"zigzag32,7,rep,name=not_in,json=notIn" json:"not_in,omitempty"`
+	// IgnoreEmpty specifies that the validation rules of this field should be
+	// evaluated only if the field is not empty
+	IgnoreEmpty *bool `protobuf:"varint,8,opt,name=ignore_empty,json=ignoreEmpty" json:"ignore_empty,omitempty"`
+}
+
+func (x *SInt32Rules) Reset() {
+	*x = SInt32Rules{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_validate_validate_proto_msgTypes[7]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *SInt32Rules) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*SInt32Rules) ProtoMessage() {}
+
+func (x *SInt32Rules) ProtoReflect() protoreflect.Message {
+	mi := &file_validate_validate_proto_msgTypes[7]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use SInt32Rules.ProtoReflect.Descriptor instead.
+func (*SInt32Rules) Descriptor() ([]byte, []int) {
+	return file_validate_validate_proto_rawDescGZIP(), []int{7}
+}
+
+func (x *SInt32Rules) GetConst() int32 {
+	if x != nil && x.Const != nil {
+		return *x.Const
+	}
+	return 0
+}
+
+func (x *SInt32Rules) GetLt() int32 {
+	if x != nil && x.Lt != nil {
+		return *x.Lt
+	}
+	return 0
+}
+
+func (x *SInt32Rules) GetLte() int32 {
+	if x != nil && x.Lte != nil {
+		return *x.Lte
+	}
+	return 0
+}
+
+func (x *SInt32Rules) GetGt() int32 {
+	if x != nil && x.Gt != nil {
+		return *x.Gt
+	}
+	return 0
+}
+
+func (x *SInt32Rules) GetGte() int32 {
+	if x != nil && x.Gte != nil {
+		return *x.Gte
+	}
+	return 0
+}
+
+func (x *SInt32Rules) GetIn() []int32 {
+	if x != nil {
+		return x.In
+	}
+	return nil
+}
+
+func (x *SInt32Rules) GetNotIn() []int32 {
+	if x != nil {
+		return x.NotIn
+	}
+	return nil
+}
+
+func (x *SInt32Rules) GetIgnoreEmpty() bool {
+	if x != nil && x.IgnoreEmpty != nil {
+		return *x.IgnoreEmpty
+	}
+	return false
+}
+
+// SInt64Rules describes the constraints applied to `sint64` values
+type SInt64Rules struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// Const specifies that this field must be exactly the specified value
+	Const *int64 `protobuf:"zigzag64,1,opt,name=const" json:"const,omitempty"`
+	// Lt specifies that this field must be less than the specified value,
+	// exclusive
+	Lt *int64 `protobuf:"zigzag64,2,opt,name=lt" json:"lt,omitempty"`
+	// Lte specifies that this field must be less than or equal to the
+	// specified value, inclusive
+	Lte *int64 `protobuf:"zigzag64,3,opt,name=lte" json:"lte,omitempty"`
+	// Gt specifies that this field must be greater than the specified value,
+	// exclusive. If the value of Gt is larger than a specified Lt or Lte, the
+	// range is reversed.
+	Gt *int64 `protobuf:"zigzag64,4,opt,name=gt" json:"gt,omitempty"`
+	// Gte specifies that this field must be greater than or equal to the
+	// specified value, inclusive. If the value of Gte is larger than a
+	// specified Lt or Lte, the range is reversed.
+	Gte *int64 `protobuf:"zigzag64,5,opt,name=gte" json:"gte,omitempty"`
+	// In specifies that this field must be equal to one of the specified
+	// values
+	In []int64 `protobuf:"zigzag64,6,rep,name=in" json:"in,omitempty"`
+	// NotIn specifies that this field cannot be equal to one of the specified
+	// values
+	NotIn []int64 `protobuf:"zigzag64,7,rep,name=not_in,json=notIn" json:"not_in,omitempty"`
+	// IgnoreEmpty specifies that the validation rules of this field should be
+	// evaluated only if the field is not empty
+	IgnoreEmpty *bool `protobuf:"varint,8,opt,name=ignore_empty,json=ignoreEmpty" json:"ignore_empty,omitempty"`
+}
+
+func (x *SInt64Rules) Reset() {
+	*x = SInt64Rules{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_validate_validate_proto_msgTypes[8]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *SInt64Rules) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*SInt64Rules) ProtoMessage() {}
+
+func (x *SInt64Rules) ProtoReflect() protoreflect.Message {
+	mi := &file_validate_validate_proto_msgTypes[8]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use SInt64Rules.ProtoReflect.Descriptor instead.
+func (*SInt64Rules) Descriptor() ([]byte, []int) {
+	return file_validate_validate_proto_rawDescGZIP(), []int{8}
+}
+
+func (x *SInt64Rules) GetConst() int64 {
+	if x != nil && x.Const != nil {
+		return *x.Const
+	}
+	return 0
+}
+
+func (x *SInt64Rules) GetLt() int64 {
+	if x != nil && x.Lt != nil {
+		return *x.Lt
+	}
+	return 0
+}
+
+func (x *SInt64Rules) GetLte() int64 {
+	if x != nil && x.Lte != nil {
+		return *x.Lte
+	}
+	return 0
+}
+
+func (x *SInt64Rules) GetGt() int64 {
+	if x != nil && x.Gt != nil {
+		return *x.Gt
+	}
+	return 0
+}
+
+func (x *SInt64Rules) GetGte() int64 {
+	if x != nil && x.Gte != nil {
+		return *x.Gte
+	}
+	return 0
+}
+
+func (x *SInt64Rules) GetIn() []int64 {
+	if x != nil {
+		return x.In
+	}
+	return nil
+}
+
+func (x *SInt64Rules) GetNotIn() []int64 {
+	if x != nil {
+		return x.NotIn
+	}
+	return nil
+}
+
+func (x *SInt64Rules) GetIgnoreEmpty() bool {
+	if x != nil && x.IgnoreEmpty != nil {
+		return *x.IgnoreEmpty
+	}
+	return false
+}
+
+// Fixed32Rules describes the constraints applied to `fixed32` values
+type Fixed32Rules struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// Const specifies that this field must be exactly the specified value
+	Const *uint32 `protobuf:"fixed32,1,opt,name=const" json:"const,omitempty"`
+	// Lt specifies that this field must be less than the specified value,
+	// exclusive
+	Lt *uint32 `protobuf:"fixed32,2,opt,name=lt" json:"lt,omitempty"`
+	// Lte specifies that this field must be less than or equal to the
+	// specified value, inclusive
+	Lte *uint32 `protobuf:"fixed32,3,opt,name=lte" json:"lte,omitempty"`
+	// Gt specifies that this field must be greater than the specified value,
+	// exclusive. If the value of Gt is larger than a specified Lt or Lte, the
+	// range is reversed.
+	Gt *uint32 `protobuf:"fixed32,4,opt,name=gt" json:"gt,omitempty"`
+	// Gte specifies that this field must be greater than or equal to the
+	// specified value, inclusive. If the value of Gte is larger than a
+	// specified Lt or Lte, the range is reversed.
+	Gte *uint32 `protobuf:"fixed32,5,opt,name=gte" json:"gte,omitempty"`
+	// In specifies that this field must be equal to one of the specified
+	// values
+	In []uint32 `protobuf:"fixed32,6,rep,name=in" json:"in,omitempty"`
+	// NotIn specifies that this field cannot be equal to one of the specified
+	// values
+	NotIn []uint32 `protobuf:"fixed32,7,rep,name=not_in,json=notIn" json:"not_in,omitempty"`
+	// IgnoreEmpty specifies that the validation rules of this field should be
+	// evaluated only if the field is not empty
+	IgnoreEmpty *bool `protobuf:"varint,8,opt,name=ignore_empty,json=ignoreEmpty" json:"ignore_empty,omitempty"`
+}
+
+func (x *Fixed32Rules) Reset() {
+	*x = Fixed32Rules{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_validate_validate_proto_msgTypes[9]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *Fixed32Rules) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*Fixed32Rules) ProtoMessage() {}
+
+func (x *Fixed32Rules) ProtoReflect() protoreflect.Message {
+	mi := &file_validate_validate_proto_msgTypes[9]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use Fixed32Rules.ProtoReflect.Descriptor instead.
+func (*Fixed32Rules) Descriptor() ([]byte, []int) {
+	return file_validate_validate_proto_rawDescGZIP(), []int{9}
+}
+
+func (x *Fixed32Rules) GetConst() uint32 {
+	if x != nil && x.Const != nil {
+		return *x.Const
+	}
+	return 0
+}
+
+func (x *Fixed32Rules) GetLt() uint32 {
+	if x != nil && x.Lt != nil {
+		return *x.Lt
+	}
+	return 0
+}
+
+func (x *Fixed32Rules) GetLte() uint32 {
+	if x != nil && x.Lte != nil {
+		return *x.Lte
+	}
+	return 0
+}
+
+func (x *Fixed32Rules) GetGt() uint32 {
+	if x != nil && x.Gt != nil {
+		return *x.Gt
+	}
+	return 0
+}
+
+func (x *Fixed32Rules) GetGte() uint32 {
+	if x != nil && x.Gte != nil {
+		return *x.Gte
+	}
+	return 0
+}
+
+func (x *Fixed32Rules) GetIn() []uint32 {
+	if x != nil {
+		return x.In
+	}
+	return nil
+}
+
+func (x *Fixed32Rules) GetNotIn() []uint32 {
+	if x != nil {
+		return x.NotIn
+	}
+	return nil
+}
+
+func (x *Fixed32Rules) GetIgnoreEmpty() bool {
+	if x != nil && x.IgnoreEmpty != nil {
+		return *x.IgnoreEmpty
+	}
+	return false
+}
+
+// Fixed64Rules describes the constraints applied to `fixed64` values
+type Fixed64Rules struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// Const specifies that this field must be exactly the specified value
+	Const *uint64 `protobuf:"fixed64,1,opt,name=const" json:"const,omitempty"`
+	// Lt specifies that this field must be less than the specified value,
+	// exclusive
+	Lt *uint64 `protobuf:"fixed64,2,opt,name=lt" json:"lt,omitempty"`
+	// Lte specifies that this field must be less than or equal to the
+	// specified value, inclusive
+	Lte *uint64 `protobuf:"fixed64,3,opt,name=lte" json:"lte,omitempty"`
+	// Gt specifies that this field must be greater than the specified value,
+	// exclusive. If the value of Gt is larger than a specified Lt or Lte, the
+	// range is reversed.
+	Gt *uint64 `protobuf:"fixed64,4,opt,name=gt" json:"gt,omitempty"`
+	// Gte specifies that this field must be greater than or equal to the
+	// specified value, inclusive. If the value of Gte is larger than a
+	// specified Lt or Lte, the range is reversed.
+	Gte *uint64 `protobuf:"fixed64,5,opt,name=gte" json:"gte,omitempty"`
+	// In specifies that this field must be equal to one of the specified
+	// values
+	In []uint64 `protobuf:"fixed64,6,rep,name=in" json:"in,omitempty"`
+	// NotIn specifies that this field cannot be equal to one of the specified
+	// values
+	NotIn []uint64 `protobuf:"fixed64,7,rep,name=not_in,json=notIn" json:"not_in,omitempty"`
+	// IgnoreEmpty specifies that the validation rules of this field should be
+	// evaluated only if the field is not empty
+	IgnoreEmpty *bool `protobuf:"varint,8,opt,name=ignore_empty,json=ignoreEmpty" json:"ignore_empty,omitempty"`
+}
+
+func (x *Fixed64Rules) Reset() {
+	*x = Fixed64Rules{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_validate_validate_proto_msgTypes[10]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *Fixed64Rules) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*Fixed64Rules) ProtoMessage() {}
+
+func (x *Fixed64Rules) ProtoReflect() protoreflect.Message {
+	mi := &file_validate_validate_proto_msgTypes[10]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use Fixed64Rules.ProtoReflect.Descriptor instead.
+func (*Fixed64Rules) Descriptor() ([]byte, []int) {
+	return file_validate_validate_proto_rawDescGZIP(), []int{10}
+}
+
+func (x *Fixed64Rules) GetConst() uint64 {
+	if x != nil && x.Const != nil {
+		return *x.Const
+	}
+	return 0
+}
+
+func (x *Fixed64Rules) GetLt() uint64 {
+	if x != nil && x.Lt != nil {
+		return *x.Lt
+	}
+	return 0
+}
+
+func (x *Fixed64Rules) GetLte() uint64 {
+	if x != nil && x.Lte != nil {
+		return *x.Lte
+	}
+	return 0
+}
+
+func (x *Fixed64Rules) GetGt() uint64 {
+	if x != nil && x.Gt != nil {
+		return *x.Gt
+	}
+	return 0
+}
+
+func (x *Fixed64Rules) GetGte() uint64 {
+	if x != nil && x.Gte != nil {
+		return *x.Gte
+	}
+	return 0
+}
+
+func (x *Fixed64Rules) GetIn() []uint64 {
+	if x != nil {
+		return x.In
+	}
+	return nil
+}
+
+func (x *Fixed64Rules) GetNotIn() []uint64 {
+	if x != nil {
+		return x.NotIn
+	}
+	return nil
+}
+
+func (x *Fixed64Rules) GetIgnoreEmpty() bool {
+	if x != nil && x.IgnoreEmpty != nil {
+		return *x.IgnoreEmpty
+	}
+	return false
+}
+
+// SFixed32Rules describes the constraints applied to `sfixed32` values
+type SFixed32Rules struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// Const specifies that this field must be exactly the specified value
+	Const *int32 `protobuf:"fixed32,1,opt,name=const" json:"const,omitempty"`
+	// Lt specifies that this field must be less than the specified value,
+	// exclusive
+	Lt *int32 `protobuf:"fixed32,2,opt,name=lt" json:"lt,omitempty"`
+	// Lte specifies that this field must be less than or equal to the
+	// specified value, inclusive
+	Lte *int32 `protobuf:"fixed32,3,opt,name=lte" json:"lte,omitempty"`
+	// Gt specifies that this field must be greater than the specified value,
+	// exclusive. If the value of Gt is larger than a specified Lt or Lte, the
+	// range is reversed.
+	Gt *int32 `protobuf:"fixed32,4,opt,name=gt" json:"gt,omitempty"`
+	// Gte specifies that this field must be greater than or equal to the
+	// specified value, inclusive. If the value of Gte is larger than a
+	// specified Lt or Lte, the range is reversed.
+	Gte *int32 `protobuf:"fixed32,5,opt,name=gte" json:"gte,omitempty"`
+	// In specifies that this field must be equal to one of the specified
+	// values
+	In []int32 `protobuf:"fixed32,6,rep,name=in" json:"in,omitempty"`
+	// NotIn specifies that this field cannot be equal to one of the specified
+	// values
+	NotIn []int32 `protobuf:"fixed32,7,rep,name=not_in,json=notIn" json:"not_in,omitempty"`
+	// IgnoreEmpty specifies that the validation rules of this field should be
+	// evaluated only if the field is not empty
+	IgnoreEmpty *bool `protobuf:"varint,8,opt,name=ignore_empty,json=ignoreEmpty" json:"ignore_empty,omitempty"`
+}
+
+func (x *SFixed32Rules) Reset() {
+	*x = SFixed32Rules{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_validate_validate_proto_msgTypes[11]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *SFixed32Rules) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*SFixed32Rules) ProtoMessage() {}
+
+func (x *SFixed32Rules) ProtoReflect() protoreflect.Message {
+	mi := &file_validate_validate_proto_msgTypes[11]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use SFixed32Rules.ProtoReflect.Descriptor instead.
+func (*SFixed32Rules) Descriptor() ([]byte, []int) {
+	return file_validate_validate_proto_rawDescGZIP(), []int{11}
+}
+
+func (x *SFixed32Rules) GetConst() int32 {
+	if x != nil && x.Const != nil {
+		return *x.Const
+	}
+	return 0
+}
+
+func (x *SFixed32Rules) GetLt() int32 {
+	if x != nil && x.Lt != nil {
+		return *x.Lt
+	}
+	return 0
+}
+
+func (x *SFixed32Rules) GetLte() int32 {
+	if x != nil && x.Lte != nil {
+		return *x.Lte
+	}
+	return 0
+}
+
+func (x *SFixed32Rules) GetGt() int32 {
+	if x != nil && x.Gt != nil {
+		return *x.Gt
+	}
+	return 0
+}
+
+func (x *SFixed32Rules) GetGte() int32 {
+	if x != nil && x.Gte != nil {
+		return *x.Gte
+	}
+	return 0
+}
+
+func (x *SFixed32Rules) GetIn() []int32 {
+	if x != nil {
+		return x.In
+	}
+	return nil
+}
+
+func (x *SFixed32Rules) GetNotIn() []int32 {
+	if x != nil {
+		return x.NotIn
+	}
+	return nil
+}
+
+func (x *SFixed32Rules) GetIgnoreEmpty() bool {
+	if x != nil && x.IgnoreEmpty != nil {
+		return *x.IgnoreEmpty
+	}
+	return false
+}
+
+// SFixed64Rules describes the constraints applied to `sfixed64` values
+type SFixed64Rules struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// Const specifies that this field must be exactly the specified value
+	Const *int64 `protobuf:"fixed64,1,opt,name=const" json:"const,omitempty"`
+	// Lt specifies that this field must be less than the specified value,
+	// exclusive
+	Lt *int64 `protobuf:"fixed64,2,opt,name=lt" json:"lt,omitempty"`
+	// Lte specifies that this field must be less than or equal to the
+	// specified value, inclusive
+	Lte *int64 `protobuf:"fixed64,3,opt,name=lte" json:"lte,omitempty"`
+	// Gt specifies that this field must be greater than the specified value,
+	// exclusive. If the value of Gt is larger than a specified Lt or Lte, the
+	// range is reversed.
+	Gt *int64 `protobuf:"fixed64,4,opt,name=gt" json:"gt,omitempty"`
+	// Gte specifies that this field must be greater than or equal to the
+	// specified value, inclusive. If the value of Gte is larger than a
+	// specified Lt or Lte, the range is reversed.
+	Gte *int64 `protobuf:"fixed64,5,opt,name=gte" json:"gte,omitempty"`
+	// In specifies that this field must be equal to one of the specified
+	// values
+	In []int64 `protobuf:"fixed64,6,rep,name=in" json:"in,omitempty"`
+	// NotIn specifies that this field cannot be equal to one of the specified
+	// values
+	NotIn []int64 `protobuf:"fixed64,7,rep,name=not_in,json=notIn" json:"not_in,omitempty"`
+	// IgnoreEmpty specifies that the validation rules of this field should be
+	// evaluated only if the field is not empty
+	IgnoreEmpty *bool `protobuf:"varint,8,opt,name=ignore_empty,json=ignoreEmpty" json:"ignore_empty,omitempty"`
+}
+
+func (x *SFixed64Rules) Reset() {
+	*x = SFixed64Rules{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_validate_validate_proto_msgTypes[12]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *SFixed64Rules) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*SFixed64Rules) ProtoMessage() {}
+
+func (x *SFixed64Rules) ProtoReflect() protoreflect.Message {
+	mi := &file_validate_validate_proto_msgTypes[12]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use SFixed64Rules.ProtoReflect.Descriptor instead.
+func (*SFixed64Rules) Descriptor() ([]byte, []int) {
+	return file_validate_validate_proto_rawDescGZIP(), []int{12}
+}
+
+func (x *SFixed64Rules) GetConst() int64 {
+	if x != nil && x.Const != nil {
+		return *x.Const
+	}
+	return 0
+}
+
+func (x *SFixed64Rules) GetLt() int64 {
+	if x != nil && x.Lt != nil {
+		return *x.Lt
+	}
+	return 0
+}
+
+func (x *SFixed64Rules) GetLte() int64 {
+	if x != nil && x.Lte != nil {
+		return *x.Lte
+	}
+	return 0
+}
+
+func (x *SFixed64Rules) GetGt() int64 {
+	if x != nil && x.Gt != nil {
+		return *x.Gt
+	}
+	return 0
+}
+
+func (x *SFixed64Rules) GetGte() int64 {
+	if x != nil && x.Gte != nil {
+		return *x.Gte
+	}
+	return 0
+}
+
+func (x *SFixed64Rules) GetIn() []int64 {
+	if x != nil {
+		return x.In
+	}
+	return nil
+}
+
+func (x *SFixed64Rules) GetNotIn() []int64 {
+	if x != nil {
+		return x.NotIn
+	}
+	return nil
+}
+
+func (x *SFixed64Rules) GetIgnoreEmpty() bool {
+	if x != nil && x.IgnoreEmpty != nil {
+		return *x.IgnoreEmpty
+	}
+	return false
+}
+
+// BoolRules describes the constraints applied to `bool` values
+type BoolRules struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// Const specifies that this field must be exactly the specified value
+	Const *bool `protobuf:"varint,1,opt,name=const" json:"const,omitempty"`
+}
+
+func (x *BoolRules) Reset() {
+	*x = BoolRules{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_validate_validate_proto_msgTypes[13]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *BoolRules) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*BoolRules) ProtoMessage() {}
+
+func (x *BoolRules) ProtoReflect() protoreflect.Message {
+	mi := &file_validate_validate_proto_msgTypes[13]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use BoolRules.ProtoReflect.Descriptor instead.
+func (*BoolRules) Descriptor() ([]byte, []int) {
+	return file_validate_validate_proto_rawDescGZIP(), []int{13}
+}
+
+func (x *BoolRules) GetConst() bool {
+	if x != nil && x.Const != nil {
+		return *x.Const
+	}
+	return false
+}
+
+// StringRules describe the constraints applied to `string` values
+type StringRules struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// Const specifies that this field must be exactly the specified value
+	Const *string `protobuf:"bytes,1,opt,name=const" json:"const,omitempty"`
+	// Len specifies that this field must be the specified number of
+	// characters (Unicode code points). Note that the number of
+	// characters may differ from the number of bytes in the string.
+	Len *uint64 `protobuf:"varint,19,opt,name=len" json:"len,omitempty"`
+	// MinLen specifies that this field must be the specified number of
+	// characters (Unicode code points) at a minimum. Note that the number of
+	// characters may differ from the number of bytes in the string.
+	MinLen *uint64 `protobuf:"varint,2,opt,name=min_len,json=minLen" json:"min_len,omitempty"`
+	// MaxLen specifies that this field must be the specified number of
+	// characters (Unicode code points) at a maximum. Note that the number of
+	// characters may differ from the number of bytes in the string.
+	MaxLen *uint64 `protobuf:"varint,3,opt,name=max_len,json=maxLen" json:"max_len,omitempty"`
+	// LenBytes specifies that this field must be the specified number of bytes
+	// at a minimum
+	LenBytes *uint64 `protobuf:"varint,20,opt,name=len_bytes,json=lenBytes" json:"len_bytes,omitempty"`
+	// MinBytes specifies that this field must be the specified number of bytes
+	// at a minimum
+	MinBytes *uint64 `protobuf:"varint,4,opt,name=min_bytes,json=minBytes" json:"min_bytes,omitempty"`
+	// MaxBytes specifies that this field must be the specified number of bytes
+	// at a maximum
+	MaxBytes *uint64 `protobuf:"varint,5,opt,name=max_bytes,json=maxBytes" json:"max_bytes,omitempty"`
+	// Pattern specifes that this field must match against the specified
+	// regular expression (RE2 syntax). The included expression should elide
+	// any delimiters.
+	Pattern *string `protobuf:"bytes,6,opt,name=pattern" json:"pattern,omitempty"`
+	// Prefix specifies that this field must have the specified substring at
+	// the beginning of the string.
+	Prefix *string `protobuf:"bytes,7,opt,name=prefix" json:"prefix,omitempty"`
+	// Suffix specifies that this field must have the specified substring at
+	// the end of the string.
+	Suffix *string `protobuf:"bytes,8,opt,name=suffix" json:"suffix,omitempty"`
+	// Contains specifies that this field must have the specified substring
+	// anywhere in the string.
+	Contains *string `protobuf:"bytes,9,opt,name=contains" json:"contains,omitempty"`
+	// NotContains specifies that this field cannot have the specified substring
+	// anywhere in the string.
+	NotContains *string `protobuf:"bytes,23,opt,name=not_contains,json=notContains" json:"not_contains,omitempty"`
+	// In specifies that this field must be equal to one of the specified
+	// values
+	In []string `protobuf:"bytes,10,rep,name=in" json:"in,omitempty"`
+	// NotIn specifies that this field cannot be equal to one of the specified
+	// values
+	NotIn []string `protobuf:"bytes,11,rep,name=not_in,json=notIn" json:"not_in,omitempty"`
+	// WellKnown rules provide advanced constraints against common string
+	// patterns
+	//
+	// Types that are assignable to WellKnown:
+	//	*StringRules_Email
+	//	*StringRules_Hostname
+	//	*StringRules_Ip
+	//	*StringRules_Ipv4
+	//	*StringRules_Ipv6
+	//	*StringRules_Uri
+	//	*StringRules_UriRef
+	//	*StringRules_Address
+	//	*StringRules_Uuid
+	//	*StringRules_WellKnownRegex
+	WellKnown isStringRules_WellKnown `protobuf_oneof:"well_known"`
+	// This applies to regexes HTTP_HEADER_NAME and HTTP_HEADER_VALUE to enable
+	// strict header validation.
+	// By default, this is true, and HTTP header validations are RFC-compliant.
+	// Setting to false will enable a looser validations that only disallows
+	// \r\n\0 characters, which can be used to bypass header matching rules.
+	Strict *bool `protobuf:"varint,25,opt,name=strict,def=1" json:"strict,omitempty"`
+	// IgnoreEmpty specifies that the validation rules of this field should be
+	// evaluated only if the field is not empty
+	IgnoreEmpty *bool `protobuf:"varint,26,opt,name=ignore_empty,json=ignoreEmpty" json:"ignore_empty,omitempty"`
+}
+
+// Default values for StringRules fields.
+const (
+	Default_StringRules_Strict = bool(true)
+)
+
+func (x *StringRules) Reset() {
+	*x = StringRules{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_validate_validate_proto_msgTypes[14]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *StringRules) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*StringRules) ProtoMessage() {}
+
+func (x *StringRules) ProtoReflect() protoreflect.Message {
+	mi := &file_validate_validate_proto_msgTypes[14]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use StringRules.ProtoReflect.Descriptor instead.
+func (*StringRules) Descriptor() ([]byte, []int) {
+	return file_validate_validate_proto_rawDescGZIP(), []int{14}
+}
+
+func (x *StringRules) GetConst() string {
+	if x != nil && x.Const != nil {
+		return *x.Const
+	}
+	return ""
+}
+
+func (x *StringRules) GetLen() uint64 {
+	if x != nil && x.Len != nil {
+		return *x.Len
+	}
+	return 0
+}
+
+func (x *StringRules) GetMinLen() uint64 {
+	if x != nil && x.MinLen != nil {
+		return *x.MinLen
+	}
+	return 0
+}
+
+func (x *StringRules) GetMaxLen() uint64 {
+	if x != nil && x.MaxLen != nil {
+		return *x.MaxLen
+	}
+	return 0
+}
+
+func (x *StringRules) GetLenBytes() uint64 {
+	if x != nil && x.LenBytes != nil {
+		return *x.LenBytes
+	}
+	return 0
+}
+
+func (x *StringRules) GetMinBytes() uint64 {
+	if x != nil && x.MinBytes != nil {
+		return *x.MinBytes
+	}
+	return 0
+}
+
+func (x *StringRules) GetMaxBytes() uint64 {
+	if x != nil && x.MaxBytes != nil {
+		return *x.MaxBytes
+	}
+	return 0
+}
+
+func (x *StringRules) GetPattern() string {
+	if x != nil && x.Pattern != nil {
+		return *x.Pattern
+	}
+	return ""
+}
+
+func (x *StringRules) GetPrefix() string {
+	if x != nil && x.Prefix != nil {
+		return *x.Prefix
+	}
+	return ""
+}
+
+func (x *StringRules) GetSuffix() string {
+	if x != nil && x.Suffix != nil {
+		return *x.Suffix
+	}
+	return ""
+}
+
+func (x *StringRules) GetContains() string {
+	if x != nil && x.Contains != nil {
+		return *x.Contains
+	}
+	return ""
+}
+
+func (x *StringRules) GetNotContains() string {
+	if x != nil && x.NotContains != nil {
+		return *x.NotContains
+	}
+	return ""
+}
+
+func (x *StringRules) GetIn() []string {
+	if x != nil {
+		return x.In
+	}
+	return nil
+}
+
+func (x *StringRules) GetNotIn() []string {
+	if x != nil {
+		return x.NotIn
+	}
+	return nil
+}
+
+func (m *StringRules) GetWellKnown() isStringRules_WellKnown {
+	if m != nil {
+		return m.WellKnown
+	}
+	return nil
+}
+
+func (x *StringRules) GetEmail() bool {
+	if x, ok := x.GetWellKnown().(*StringRules_Email); ok {
+		return x.Email
+	}
+	return false
+}
+
+func (x *StringRules) GetHostname() bool {
+	if x, ok := x.GetWellKnown().(*StringRules_Hostname); ok {
+		return x.Hostname
+	}
+	return false
+}
+
+func (x *StringRules) GetIp() bool {
+	if x, ok := x.GetWellKnown().(*StringRules_Ip); ok {
+		return x.Ip
+	}
+	return false
+}
+
+func (x *StringRules) GetIpv4() bool {
+	if x, ok := x.GetWellKnown().(*StringRules_Ipv4); ok {
+		return x.Ipv4
+	}
+	return false
+}
+
+func (x *StringRules) GetIpv6() bool {
+	if x, ok := x.GetWellKnown().(*StringRules_Ipv6); ok {
+		return x.Ipv6
+	}
+	return false
+}
+
+func (x *StringRules) GetUri() bool {
+	if x, ok := x.GetWellKnown().(*StringRules_Uri); ok {
+		return x.Uri
+	}
+	return false
+}
+
+func (x *StringRules) GetUriRef() bool {
+	if x, ok := x.GetWellKnown().(*StringRules_UriRef); ok {
+		return x.UriRef
+	}
+	return false
+}
+
+func (x *StringRules) GetAddress() bool {
+	if x, ok := x.GetWellKnown().(*StringRules_Address); ok {
+		return x.Address
+	}
+	return false
+}
+
+func (x *StringRules) GetUuid() bool {
+	if x, ok := x.GetWellKnown().(*StringRules_Uuid); ok {
+		return x.Uuid
+	}
+	return false
+}
+
+func (x *StringRules) GetWellKnownRegex() KnownRegex {
+	if x, ok := x.GetWellKnown().(*StringRules_WellKnownRegex); ok {
+		return x.WellKnownRegex
+	}
+	return KnownRegex_UNKNOWN
+}
+
+func (x *StringRules) GetStrict() bool {
+	if x != nil && x.Strict != nil {
+		return *x.Strict
+	}
+	return Default_StringRules_Strict
+}
+
+func (x *StringRules) GetIgnoreEmpty() bool {
+	if x != nil && x.IgnoreEmpty != nil {
+		return *x.IgnoreEmpty
+	}
+	return false
+}
+
+type isStringRules_WellKnown interface {
+	isStringRules_WellKnown()
+}
+
+type StringRules_Email struct {
+	// Email specifies that the field must be a valid email address as
+	// defined by RFC 5322
+	Email bool `protobuf:"varint,12,opt,name=email,oneof"`
+}
+
+type StringRules_Hostname struct {
+	// Hostname specifies that the field must be a valid hostname as
+	// defined by RFC 1034. This constraint does not support
+	// internationalized domain names (IDNs).
+	Hostname bool `protobuf:"varint,13,opt,name=hostname,oneof"`
+}
+
+type StringRules_Ip struct {
+	// Ip specifies that the field must be a valid IP (v4 or v6) address.
+	// Valid IPv6 addresses should not include surrounding square brackets.
+	Ip bool `protobuf:"varint,14,opt,name=ip,oneof"`
+}
+
+type StringRules_Ipv4 struct {
+	// Ipv4 specifies that the field must be a valid IPv4 address.
+	Ipv4 bool `protobuf:"varint,15,opt,name=ipv4,oneof"`
+}
+
+type StringRules_Ipv6 struct {
+	// Ipv6 specifies that the field must be a valid IPv6 address. Valid
+	// IPv6 addresses should not include surrounding square brackets.
+	Ipv6 bool `protobuf:"varint,16,opt,name=ipv6,oneof"`
+}
+
+type StringRules_Uri struct {
+	// Uri specifies that the field must be a valid, absolute URI as defined
+	// by RFC 3986
+	Uri bool `protobuf:"varint,17,opt,name=uri,oneof"`
+}
+
+type StringRules_UriRef struct {
+	// UriRef specifies that the field must be a valid URI as defined by RFC
+	// 3986 and may be relative or absolute.
+	UriRef bool `protobuf:"varint,18,opt,name=uri_ref,json=uriRef,oneof"`
+}
+
+type StringRules_Address struct {
+	// Address specifies that the field must be either a valid hostname as
+	// defined by RFC 1034 (which does not support internationalized domain
+	// names or IDNs), or it can be a valid IP (v4 or v6).
+	Address bool `protobuf:"varint,21,opt,name=address,oneof"`
+}
+
+type StringRules_Uuid struct {
+	// Uuid specifies that the field must be a valid UUID as defined by
+	// RFC 4122
+	Uuid bool `protobuf:"varint,22,opt,name=uuid,oneof"`
+}
+
+type StringRules_WellKnownRegex struct {
+	// WellKnownRegex specifies a common well known pattern defined as a regex.
+	WellKnownRegex KnownRegex `protobuf:"varint,24,opt,name=well_known_regex,json=wellKnownRegex,enum=validate.KnownRegex,oneof"`
+}
+
+func (*StringRules_Email) isStringRules_WellKnown() {}
+
+func (*StringRules_Hostname) isStringRules_WellKnown() {}
+
+func (*StringRules_Ip) isStringRules_WellKnown() {}
+
+func (*StringRules_Ipv4) isStringRules_WellKnown() {}
+
+func (*StringRules_Ipv6) isStringRules_WellKnown() {}
+
+func (*StringRules_Uri) isStringRules_WellKnown() {}
+
+func (*StringRules_UriRef) isStringRules_WellKnown() {}
+
+func (*StringRules_Address) isStringRules_WellKnown() {}
+
+func (*StringRules_Uuid) isStringRules_WellKnown() {}
+
+func (*StringRules_WellKnownRegex) isStringRules_WellKnown() {}
+
+// BytesRules describe the constraints applied to `bytes` values
+type BytesRules struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// Const specifies that this field must be exactly the specified value
+	Const []byte `protobuf:"bytes,1,opt,name=const" json:"const,omitempty"`
+	// Len specifies that this field must be the specified number of bytes
+	Len *uint64 `protobuf:"varint,13,opt,name=len" json:"len,omitempty"`
+	// MinLen specifies that this field must be the specified number of bytes
+	// at a minimum
+	MinLen *uint64 `protobuf:"varint,2,opt,name=min_len,json=minLen" json:"min_len,omitempty"`
+	// MaxLen specifies that this field must be the specified number of bytes
+	// at a maximum
+	MaxLen *uint64 `protobuf:"varint,3,opt,name=max_len,json=maxLen" json:"max_len,omitempty"`
+	// Pattern specifes that this field must match against the specified
+	// regular expression (RE2 syntax). The included expression should elide
+	// any delimiters.
+	Pattern *string `protobuf:"bytes,4,opt,name=pattern" json:"pattern,omitempty"`
+	// Prefix specifies that this field must have the specified bytes at the
+	// beginning of the string.
+	Prefix []byte `protobuf:"bytes,5,opt,name=prefix" json:"prefix,omitempty"`
+	// Suffix specifies that this field must have the specified bytes at the
+	// end of the string.
+	Suffix []byte `protobuf:"bytes,6,opt,name=suffix" json:"suffix,omitempty"`
+	// Contains specifies that this field must have the specified bytes
+	// anywhere in the string.
+	Contains []byte `protobuf:"bytes,7,opt,name=contains" json:"contains,omitempty"`
+	// In specifies that this field must be equal to one of the specified
+	// values
+	In [][]byte `protobuf:"bytes,8,rep,name=in" json:"in,omitempty"`
+	// NotIn specifies that this field cannot be equal to one of the specified
+	// values
+	NotIn [][]byte `protobuf:"bytes,9,rep,name=not_in,json=notIn" json:"not_in,omitempty"`
+	// WellKnown rules provide advanced constraints against common byte
+	// patterns
+	//
+	// Types that are assignable to WellKnown:
+	//	*BytesRules_Ip
+	//	*BytesRules_Ipv4
+	//	*BytesRules_Ipv6
+	WellKnown isBytesRules_WellKnown `protobuf_oneof:"well_known"`
+	// IgnoreEmpty specifies that the validation rules of this field should be
+	// evaluated only if the field is not empty
+	IgnoreEmpty *bool `protobuf:"varint,14,opt,name=ignore_empty,json=ignoreEmpty" json:"ignore_empty,omitempty"`
+}
+
+func (x *BytesRules) Reset() {
+	*x = BytesRules{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_validate_validate_proto_msgTypes[15]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *BytesRules) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*BytesRules) ProtoMessage() {}
+
+func (x *BytesRules) ProtoReflect() protoreflect.Message {
+	mi := &file_validate_validate_proto_msgTypes[15]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use BytesRules.ProtoReflect.Descriptor instead.
+func (*BytesRules) Descriptor() ([]byte, []int) {
+	return file_validate_validate_proto_rawDescGZIP(), []int{15}
+}
+
+func (x *BytesRules) GetConst() []byte {
+	if x != nil {
+		return x.Const
+	}
+	return nil
+}
+
+func (x *BytesRules) GetLen() uint64 {
+	if x != nil && x.Len != nil {
+		return *x.Len
+	}
+	return 0
+}
+
+func (x *BytesRules) GetMinLen() uint64 {
+	if x != nil && x.MinLen != nil {
+		return *x.MinLen
+	}
+	return 0
+}
+
+func (x *BytesRules) GetMaxLen() uint64 {
+	if x != nil && x.MaxLen != nil {
+		return *x.MaxLen
+	}
+	return 0
+}
+
+func (x *BytesRules) GetPattern() string {
+	if x != nil && x.Pattern != nil {
+		return *x.Pattern
+	}
+	return ""
+}
+
+func (x *BytesRules) GetPrefix() []byte {
+	if x != nil {
+		return x.Prefix
+	}
+	return nil
+}
+
+func (x *BytesRules) GetSuffix() []byte {
+	if x != nil {
+		return x.Suffix
+	}
+	return nil
+}
+
+func (x *BytesRules) GetContains() []byte {
+	if x != nil {
+		return x.Contains
+	}
+	return nil
+}
+
+func (x *BytesRules) GetIn() [][]byte {
+	if x != nil {
+		return x.In
+	}
+	return nil
+}
+
+func (x *BytesRules) GetNotIn() [][]byte {
+	if x != nil {
+		return x.NotIn
+	}
+	return nil
+}
+
+func (m *BytesRules) GetWellKnown() isBytesRules_WellKnown {
+	if m != nil {
+		return m.WellKnown
+	}
+	return nil
+}
+
+func (x *BytesRules) GetIp() bool {
+	if x, ok := x.GetWellKnown().(*BytesRules_Ip); ok {
+		return x.Ip
+	}
+	return false
+}
+
+func (x *BytesRules) GetIpv4() bool {
+	if x, ok := x.GetWellKnown().(*BytesRules_Ipv4); ok {
+		return x.Ipv4
+	}
+	return false
+}
+
+func (x *BytesRules) GetIpv6() bool {
+	if x, ok := x.GetWellKnown().(*BytesRules_Ipv6); ok {
+		return x.Ipv6
+	}
+	return false
+}
+
+func (x *BytesRules) GetIgnoreEmpty() bool {
+	if x != nil && x.IgnoreEmpty != nil {
+		return *x.IgnoreEmpty
+	}
+	return false
+}
+
+type isBytesRules_WellKnown interface {
+	isBytesRules_WellKnown()
+}
+
+type BytesRules_Ip struct {
+	// Ip specifies that the field must be a valid IP (v4 or v6) address in
+	// byte format
+	Ip bool `protobuf:"varint,10,opt,name=ip,oneof"`
+}
+
+type BytesRules_Ipv4 struct {
+	// Ipv4 specifies that the field must be a valid IPv4 address in byte
+	// format
+	Ipv4 bool `protobuf:"varint,11,opt,name=ipv4,oneof"`
+}
+
+type BytesRules_Ipv6 struct {
+	// Ipv6 specifies that the field must be a valid IPv6 address in byte
+	// format
+	Ipv6 bool `protobuf:"varint,12,opt,name=ipv6,oneof"`
+}
+
+func (*BytesRules_Ip) isBytesRules_WellKnown() {}
+
+func (*BytesRules_Ipv4) isBytesRules_WellKnown() {}
+
+func (*BytesRules_Ipv6) isBytesRules_WellKnown() {}
+
+// EnumRules describe the constraints applied to enum values
+type EnumRules struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// Const specifies that this field must be exactly the specified value
+	Const *int32 `protobuf:"varint,1,opt,name=const" json:"const,omitempty"`
+	// DefinedOnly specifies that this field must be only one of the defined
+	// values for this enum, failing on any undefined value.
+	DefinedOnly *bool `protobuf:"varint,2,opt,name=defined_only,json=definedOnly" json:"defined_only,omitempty"`
+	// In specifies that this field must be equal to one of the specified
+	// values
+	In []int32 `protobuf:"varint,3,rep,name=in" json:"in,omitempty"`
+	// NotIn specifies that this field cannot be equal to one of the specified
+	// values
+	NotIn []int32 `protobuf:"varint,4,rep,name=not_in,json=notIn" json:"not_in,omitempty"`
+}
+
+func (x *EnumRules) Reset() {
+	*x = EnumRules{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_validate_validate_proto_msgTypes[16]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *EnumRules) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*EnumRules) ProtoMessage() {}
+
+func (x *EnumRules) ProtoReflect() protoreflect.Message {
+	mi := &file_validate_validate_proto_msgTypes[16]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use EnumRules.ProtoReflect.Descriptor instead.
+func (*EnumRules) Descriptor() ([]byte, []int) {
+	return file_validate_validate_proto_rawDescGZIP(), []int{16}
+}
+
+func (x *EnumRules) GetConst() int32 {
+	if x != nil && x.Const != nil {
+		return *x.Const
+	}
+	return 0
+}
+
+func (x *EnumRules) GetDefinedOnly() bool {
+	if x != nil && x.DefinedOnly != nil {
+		return *x.DefinedOnly
+	}
+	return false
+}
+
+func (x *EnumRules) GetIn() []int32 {
+	if x != nil {
+		return x.In
+	}
+	return nil
+}
+
+func (x *EnumRules) GetNotIn() []int32 {
+	if x != nil {
+		return x.NotIn
+	}
+	return nil
+}
+
+// MessageRules describe the constraints applied to embedded message values.
+// For message-type fields, validation is performed recursively.
+type MessageRules struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// Skip specifies that the validation rules of this field should not be
+	// evaluated
+	Skip *bool `protobuf:"varint,1,opt,name=skip" json:"skip,omitempty"`
+	// Required specifies that this field must be set
+	Required *bool `protobuf:"varint,2,opt,name=required" json:"required,omitempty"`
+}
+
+func (x *MessageRules) Reset() {
+	*x = MessageRules{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_validate_validate_proto_msgTypes[17]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *MessageRules) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*MessageRules) ProtoMessage() {}
+
+func (x *MessageRules) ProtoReflect() protoreflect.Message {
+	mi := &file_validate_validate_proto_msgTypes[17]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use MessageRules.ProtoReflect.Descriptor instead.
+func (*MessageRules) Descriptor() ([]byte, []int) {
+	return file_validate_validate_proto_rawDescGZIP(), []int{17}
+}
+
+func (x *MessageRules) GetSkip() bool {
+	if x != nil && x.Skip != nil {
+		return *x.Skip
+	}
+	return false
+}
+
+func (x *MessageRules) GetRequired() bool {
+	if x != nil && x.Required != nil {
+		return *x.Required
+	}
+	return false
+}
+
+// RepeatedRules describe the constraints applied to `repeated` values
+type RepeatedRules struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// MinItems specifies that this field must have the specified number of
+	// items at a minimum
+	MinItems *uint64 `protobuf:"varint,1,opt,name=min_items,json=minItems" json:"min_items,omitempty"`
+	// MaxItems specifies that this field must have the specified number of
+	// items at a maximum
+	MaxItems *uint64 `protobuf:"varint,2,opt,name=max_items,json=maxItems" json:"max_items,omitempty"`
+	// Unique specifies that all elements in this field must be unique. This
+	// contraint is only applicable to scalar and enum types (messages are not
+	// supported).
+	Unique *bool `protobuf:"varint,3,opt,name=unique" json:"unique,omitempty"`
+	// Items specifies the contraints to be applied to each item in the field.
+	// Repeated message fields will still execute validation against each item
+	// unless skip is specified here.
+	Items *FieldRules `protobuf:"bytes,4,opt,name=items" json:"items,omitempty"`
+	// IgnoreEmpty specifies that the validation rules of this field should be
+	// evaluated only if the field is not empty
+	IgnoreEmpty *bool `protobuf:"varint,5,opt,name=ignore_empty,json=ignoreEmpty" json:"ignore_empty,omitempty"`
+}
+
+func (x *RepeatedRules) Reset() {
+	*x = RepeatedRules{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_validate_validate_proto_msgTypes[18]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *RepeatedRules) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*RepeatedRules) ProtoMessage() {}
+
+func (x *RepeatedRules) ProtoReflect() protoreflect.Message {
+	mi := &file_validate_validate_proto_msgTypes[18]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use RepeatedRules.ProtoReflect.Descriptor instead.
+func (*RepeatedRules) Descriptor() ([]byte, []int) {
+	return file_validate_validate_proto_rawDescGZIP(), []int{18}
+}
+
+func (x *RepeatedRules) GetMinItems() uint64 {
+	if x != nil && x.MinItems != nil {
+		return *x.MinItems
+	}
+	return 0
+}
+
+func (x *RepeatedRules) GetMaxItems() uint64 {
+	if x != nil && x.MaxItems != nil {
+		return *x.MaxItems
+	}
+	return 0
+}
+
+func (x *RepeatedRules) GetUnique() bool {
+	if x != nil && x.Unique != nil {
+		return *x.Unique
+	}
+	return false
+}
+
+func (x *RepeatedRules) GetItems() *FieldRules {
+	if x != nil {
+		return x.Items
+	}
+	return nil
+}
+
+func (x *RepeatedRules) GetIgnoreEmpty() bool {
+	if x != nil && x.IgnoreEmpty != nil {
+		return *x.IgnoreEmpty
+	}
+	return false
+}
+
+// MapRules describe the constraints applied to `map` values
+type MapRules struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// MinPairs specifies that this field must have the specified number of
+	// KVs at a minimum
+	MinPairs *uint64 `protobuf:"varint,1,opt,name=min_pairs,json=minPairs" json:"min_pairs,omitempty"`
+	// MaxPairs specifies that this field must have the specified number of
+	// KVs at a maximum
+	MaxPairs *uint64 `protobuf:"varint,2,opt,name=max_pairs,json=maxPairs" json:"max_pairs,omitempty"`
+	// NoSparse specifies values in this field cannot be unset. This only
+	// applies to map's with message value types.
+	NoSparse *bool `protobuf:"varint,3,opt,name=no_sparse,json=noSparse" json:"no_sparse,omitempty"`
+	// Keys specifies the constraints to be applied to each key in the field.
+	Keys *FieldRules `protobuf:"bytes,4,opt,name=keys" json:"keys,omitempty"`
+	// Values specifies the constraints to be applied to the value of each key
+	// in the field. Message values will still have their validations evaluated
+	// unless skip is specified here.
+	Values *FieldRules `protobuf:"bytes,5,opt,name=values" json:"values,omitempty"`
+	// IgnoreEmpty specifies that the validation rules of this field should be
+	// evaluated only if the field is not empty
+	IgnoreEmpty *bool `protobuf:"varint,6,opt,name=ignore_empty,json=ignoreEmpty" json:"ignore_empty,omitempty"`
+}
+
+func (x *MapRules) Reset() {
+	*x = MapRules{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_validate_validate_proto_msgTypes[19]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *MapRules) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*MapRules) ProtoMessage() {}
+
+func (x *MapRules) ProtoReflect() protoreflect.Message {
+	mi := &file_validate_validate_proto_msgTypes[19]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use MapRules.ProtoReflect.Descriptor instead.
+func (*MapRules) Descriptor() ([]byte, []int) {
+	return file_validate_validate_proto_rawDescGZIP(), []int{19}
+}
+
+func (x *MapRules) GetMinPairs() uint64 {
+	if x != nil && x.MinPairs != nil {
+		return *x.MinPairs
+	}
+	return 0
+}
+
+func (x *MapRules) GetMaxPairs() uint64 {
+	if x != nil && x.MaxPairs != nil {
+		return *x.MaxPairs
+	}
+	return 0
+}
+
+func (x *MapRules) GetNoSparse() bool {
+	if x != nil && x.NoSparse != nil {
+		return *x.NoSparse
+	}
+	return false
+}
+
+func (x *MapRules) GetKeys() *FieldRules {
+	if x != nil {
+		return x.Keys
+	}
+	return nil
+}
+
+func (x *MapRules) GetValues() *FieldRules {
+	if x != nil {
+		return x.Values
+	}
+	return nil
+}
+
+func (x *MapRules) GetIgnoreEmpty() bool {
+	if x != nil && x.IgnoreEmpty != nil {
+		return *x.IgnoreEmpty
+	}
+	return false
+}
+
+// AnyRules describe constraints applied exclusively to the
+// `google.protobuf.Any` well-known type
+type AnyRules struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// Required specifies that this field must be set
+	Required *bool `protobuf:"varint,1,opt,name=required" json:"required,omitempty"`
+	// In specifies that this field's `type_url` must be equal to one of the
+	// specified values.
+	In []string `protobuf:"bytes,2,rep,name=in" json:"in,omitempty"`
+	// NotIn specifies that this field's `type_url` must not be equal to any of
+	// the specified values.
+	NotIn []string `protobuf:"bytes,3,rep,name=not_in,json=notIn" json:"not_in,omitempty"`
+}
+
+func (x *AnyRules) Reset() {
+	*x = AnyRules{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_validate_validate_proto_msgTypes[20]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *AnyRules) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*AnyRules) ProtoMessage() {}
+
+func (x *AnyRules) ProtoReflect() protoreflect.Message {
+	mi := &file_validate_validate_proto_msgTypes[20]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use AnyRules.ProtoReflect.Descriptor instead.
+func (*AnyRules) Descriptor() ([]byte, []int) {
+	return file_validate_validate_proto_rawDescGZIP(), []int{20}
+}
+
+func (x *AnyRules) GetRequired() bool {
+	if x != nil && x.Required != nil {
+		return *x.Required
+	}
+	return false
+}
+
+func (x *AnyRules) GetIn() []string {
+	if x != nil {
+		return x.In
+	}
+	return nil
+}
+
+func (x *AnyRules) GetNotIn() []string {
+	if x != nil {
+		return x.NotIn
+	}
+	return nil
+}
+
+// DurationRules describe the constraints applied exclusively to the
+// `google.protobuf.Duration` well-known type
+type DurationRules struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// Required specifies that this field must be set
+	Required *bool `protobuf:"varint,1,opt,name=required" json:"required,omitempty"`
+	// Const specifies that this field must be exactly the specified value
+	Const *durationpb.Duration `protobuf:"bytes,2,opt,name=const" json:"const,omitempty"`
+	// Lt specifies that this field must be less than the specified value,
+	// exclusive
+	Lt *durationpb.Duration `protobuf:"bytes,3,opt,name=lt" json:"lt,omitempty"`
+	// Lt specifies that this field must be less than the specified value,
+	// inclusive
+	Lte *durationpb.Duration `protobuf:"bytes,4,opt,name=lte" json:"lte,omitempty"`
+	// Gt specifies that this field must be greater than the specified value,
+	// exclusive
+	Gt *durationpb.Duration `protobuf:"bytes,5,opt,name=gt" json:"gt,omitempty"`
+	// Gte specifies that this field must be greater than the specified value,
+	// inclusive
+	Gte *durationpb.Duration `protobuf:"bytes,6,opt,name=gte" json:"gte,omitempty"`
+	// In specifies that this field must be equal to one of the specified
+	// values
+	In []*durationpb.Duration `protobuf:"bytes,7,rep,name=in" json:"in,omitempty"`
+	// NotIn specifies that this field cannot be equal to one of the specified
+	// values
+	NotIn []*durationpb.Duration `protobuf:"bytes,8,rep,name=not_in,json=notIn" json:"not_in,omitempty"`
+}
+
+func (x *DurationRules) Reset() {
+	*x = DurationRules{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_validate_validate_proto_msgTypes[21]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *DurationRules) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*DurationRules) ProtoMessage() {}
+
+func (x *DurationRules) ProtoReflect() protoreflect.Message {
+	mi := &file_validate_validate_proto_msgTypes[21]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use DurationRules.ProtoReflect.Descriptor instead.
+func (*DurationRules) Descriptor() ([]byte, []int) {
+	return file_validate_validate_proto_rawDescGZIP(), []int{21}
+}
+
+func (x *DurationRules) GetRequired() bool {
+	if x != nil && x.Required != nil {
+		return *x.Required
+	}
+	return false
+}
+
+func (x *DurationRules) GetConst() *durationpb.Duration {
+	if x != nil {
+		return x.Const
+	}
+	return nil
+}
+
+func (x *DurationRules) GetLt() *durationpb.Duration {
+	if x != nil {
+		return x.Lt
+	}
+	return nil
+}
+
+func (x *DurationRules) GetLte() *durationpb.Duration {
+	if x != nil {
+		return x.Lte
+	}
+	return nil
+}
+
+func (x *DurationRules) GetGt() *durationpb.Duration {
+	if x != nil {
+		return x.Gt
+	}
+	return nil
+}
+
+func (x *DurationRules) GetGte() *durationpb.Duration {
+	if x != nil {
+		return x.Gte
+	}
+	return nil
+}
+
+func (x *DurationRules) GetIn() []*durationpb.Duration {
+	if x != nil {
+		return x.In
+	}
+	return nil
+}
+
+func (x *DurationRules) GetNotIn() []*durationpb.Duration {
+	if x != nil {
+		return x.NotIn
+	}
+	return nil
+}
+
+// TimestampRules describe the constraints applied exclusively to the
+// `google.protobuf.Timestamp` well-known type
+type TimestampRules struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// Required specifies that this field must be set
+	Required *bool `protobuf:"varint,1,opt,name=required" json:"required,omitempty"`
+	// Const specifies that this field must be exactly the specified value
+	Const *timestamppb.Timestamp `protobuf:"bytes,2,opt,name=const" json:"const,omitempty"`
+	// Lt specifies that this field must be less than the specified value,
+	// exclusive
+	Lt *timestamppb.Timestamp `protobuf:"bytes,3,opt,name=lt" json:"lt,omitempty"`
+	// Lte specifies that this field must be less than the specified value,
+	// inclusive
+	Lte *timestamppb.Timestamp `protobuf:"bytes,4,opt,name=lte" json:"lte,omitempty"`
+	// Gt specifies that this field must be greater than the specified value,
+	// exclusive
+	Gt *timestamppb.Timestamp `protobuf:"bytes,5,opt,name=gt" json:"gt,omitempty"`
+	// Gte specifies that this field must be greater than the specified value,
+	// inclusive
+	Gte *timestamppb.Timestamp `protobuf:"bytes,6,opt,name=gte" json:"gte,omitempty"`
+	// LtNow specifies that this must be less than the current time. LtNow
+	// can only be used with the Within rule.
+	LtNow *bool `protobuf:"varint,7,opt,name=lt_now,json=ltNow" json:"lt_now,omitempty"`
+	// GtNow specifies that this must be greater than the current time. GtNow
+	// can only be used with the Within rule.
+	GtNow *bool `protobuf:"varint,8,opt,name=gt_now,json=gtNow" json:"gt_now,omitempty"`
+	// Within specifies that this field must be within this duration of the
+	// current time. This constraint can be used alone or with the LtNow and
+	// GtNow rules.
+	Within *durationpb.Duration `protobuf:"bytes,9,opt,name=within" json:"within,omitempty"`
+}
+
+func (x *TimestampRules) Reset() {
+	*x = TimestampRules{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_validate_validate_proto_msgTypes[22]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *TimestampRules) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*TimestampRules) ProtoMessage() {}
+
+func (x *TimestampRules) ProtoReflect() protoreflect.Message {
+	mi := &file_validate_validate_proto_msgTypes[22]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use TimestampRules.ProtoReflect.Descriptor instead.
+func (*TimestampRules) Descriptor() ([]byte, []int) {
+	return file_validate_validate_proto_rawDescGZIP(), []int{22}
+}
+
+func (x *TimestampRules) GetRequired() bool {
+	if x != nil && x.Required != nil {
+		return *x.Required
+	}
+	return false
+}
+
+func (x *TimestampRules) GetConst() *timestamppb.Timestamp {
+	if x != nil {
+		return x.Const
+	}
+	return nil
+}
+
+func (x *TimestampRules) GetLt() *timestamppb.Timestamp {
+	if x != nil {
+		return x.Lt
+	}
+	return nil
+}
+
+func (x *TimestampRules) GetLte() *timestamppb.Timestamp {
+	if x != nil {
+		return x.Lte
+	}
+	return nil
+}
+
+func (x *TimestampRules) GetGt() *timestamppb.Timestamp {
+	if x != nil {
+		return x.Gt
+	}
+	return nil
+}
+
+func (x *TimestampRules) GetGte() *timestamppb.Timestamp {
+	if x != nil {
+		return x.Gte
+	}
+	return nil
+}
+
+func (x *TimestampRules) GetLtNow() bool {
+	if x != nil && x.LtNow != nil {
+		return *x.LtNow
+	}
+	return false
+}
+
+func (x *TimestampRules) GetGtNow() bool {
+	if x != nil && x.GtNow != nil {
+		return *x.GtNow
+	}
+	return false
+}
+
+func (x *TimestampRules) GetWithin() *durationpb.Duration {
+	if x != nil {
+		return x.Within
+	}
+	return nil
+}
+
+var file_validate_validate_proto_extTypes = []protoimpl.ExtensionInfo{
+	{
+		ExtendedType:  (*descriptorpb.MessageOptions)(nil),
+		ExtensionType: (*bool)(nil),
+		Field:         1071,
+		Name:          "validate.disabled",
+		Tag:           "varint,1071,opt,name=disabled",
+		Filename:      "validate/validate.proto",
+	},
+	{
+		ExtendedType:  (*descriptorpb.MessageOptions)(nil),
+		ExtensionType: (*bool)(nil),
+		Field:         1072,
+		Name:          "validate.ignored",
+		Tag:           "varint,1072,opt,name=ignored",
+		Filename:      "validate/validate.proto",
+	},
+	{
+		ExtendedType:  (*descriptorpb.OneofOptions)(nil),
+		ExtensionType: (*bool)(nil),
+		Field:         1071,
+		Name:          "validate.required",
+		Tag:           "varint,1071,opt,name=required",
+		Filename:      "validate/validate.proto",
+	},
+	{
+		ExtendedType:  (*descriptorpb.FieldOptions)(nil),
+		ExtensionType: (*FieldRules)(nil),
+		Field:         1071,
+		Name:          "validate.rules",
+		Tag:           "bytes,1071,opt,name=rules",
+		Filename:      "validate/validate.proto",
+	},
+}
+
+// Extension fields to descriptorpb.MessageOptions.
+var (
+	// Disabled nullifies any validation rules for this message, including any
+	// message fields associated with it that do support validation.
+	//
+	// optional bool disabled = 1071;
+	E_Disabled = &file_validate_validate_proto_extTypes[0]
+	// Ignore skips generation of validation methods for this message.
+	//
+	// optional bool ignored = 1072;
+	E_Ignored = &file_validate_validate_proto_extTypes[1]
+)
+
+// Extension fields to descriptorpb.OneofOptions.
+var (
+	// Required ensures that exactly one the field options in a oneof is set;
+	// validation fails if no fields in the oneof are set.
+	//
+	// optional bool required = 1071;
+	E_Required = &file_validate_validate_proto_extTypes[2]
+)
+
+// Extension fields to descriptorpb.FieldOptions.
+var (
+	// Rules specify the validations to be performed on this field. By default,
+	// no validation is performed against a field.
+	//
+	// optional validate.FieldRules rules = 1071;
+	E_Rules = &file_validate_validate_proto_extTypes[3]
+)
+
+var File_validate_validate_proto protoreflect.FileDescriptor
+
+var file_validate_validate_proto_rawDesc = []byte{
+	0x0a, 0x17, 0x76, 0x61, 0x6c, 0x69, 0x64, 0x61, 0x74, 0x65, 0x2f, 0x76, 0x61, 0x6c, 0x69, 0x64,
+	0x61, 0x74, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x12, 0x08, 0x76, 0x61, 0x6c, 0x69, 0x64,
+	0x61, 0x74, 0x65, 0x1a, 0x20, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2f, 0x70, 0x72, 0x6f, 0x74,
+	0x6f, 0x62, 0x75, 0x66, 0x2f, 0x64, 0x65, 0x73, 0x63, 0x72, 0x69, 0x70, 0x74, 0x6f, 0x72, 0x2e,
+	0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x1e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2f, 0x70, 0x72,
+	0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2f, 0x64, 0x75, 0x72, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x2e,
+	0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x1f, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2f, 0x70, 0x72,
+	0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2f, 0x74, 0x69, 0x6d, 0x65, 0x73, 0x74, 0x61, 0x6d, 0x70,
+	0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x22, 0xc8, 0x08, 0x0a, 0x0a, 0x46, 0x69, 0x65, 0x6c, 0x64,
+	0x52, 0x75, 0x6c, 0x65, 0x73, 0x12, 0x30, 0x0a, 0x07, 0x6d, 0x65, 0x73, 0x73, 0x61, 0x67, 0x65,
+	0x18, 0x11, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x16, 0x2e, 0x76, 0x61, 0x6c, 0x69, 0x64, 0x61, 0x74,
+	0x65, 0x2e, 0x4d, 0x65, 0x73, 0x73, 0x61, 0x67, 0x65, 0x52, 0x75, 0x6c, 0x65, 0x73, 0x52, 0x07,
+	0x6d, 0x65, 0x73, 0x73, 0x61, 0x67, 0x65, 0x12, 0x2c, 0x0a, 0x05, 0x66, 0x6c, 0x6f, 0x61, 0x74,
+	0x18, 0x01, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x14, 0x2e, 0x76, 0x61, 0x6c, 0x69, 0x64, 0x61, 0x74,
+	0x65, 0x2e, 0x46, 0x6c, 0x6f, 0x61, 0x74, 0x52, 0x75, 0x6c, 0x65, 0x73, 0x48, 0x00, 0x52, 0x05,
+	0x66, 0x6c, 0x6f, 0x61, 0x74, 0x12, 0x2f, 0x0a, 0x06, 0x64, 0x6f, 0x75, 0x62, 0x6c, 0x65, 0x18,
+	0x02, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x15, 0x2e, 0x76, 0x61, 0x6c, 0x69, 0x64, 0x61, 0x74, 0x65,
+	0x2e, 0x44, 0x6f, 0x75, 0x62, 0x6c, 0x65, 0x52, 0x75, 0x6c, 0x65, 0x73, 0x48, 0x00, 0x52, 0x06,
+	0x64, 0x6f, 0x75, 0x62, 0x6c, 0x65, 0x12, 0x2c, 0x0a, 0x05, 0x69, 0x6e, 0x74, 0x33, 0x32, 0x18,
+	0x03, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x14, 0x2e, 0x76, 0x61, 0x6c, 0x69, 0x64, 0x61, 0x74, 0x65,
+	0x2e, 0x49, 0x6e, 0x74, 0x33, 0x32, 0x52, 0x75, 0x6c, 0x65, 0x73, 0x48, 0x00, 0x52, 0x05, 0x69,
+	0x6e, 0x74, 0x33, 0x32, 0x12, 0x2c, 0x0a, 0x05, 0x69, 0x6e, 0x74, 0x36, 0x34, 0x18, 0x04, 0x20,
+	0x01, 0x28, 0x0b, 0x32, 0x14, 0x2e, 0x76, 0x61, 0x6c, 0x69, 0x64, 0x61, 0x74, 0x65, 0x2e, 0x49,
+	0x6e, 0x74, 0x36, 0x34, 0x52, 0x75, 0x6c, 0x65, 0x73, 0x48, 0x00, 0x52, 0x05, 0x69, 0x6e, 0x74,
+	0x36, 0x34, 0x12, 0x2f, 0x0a, 0x06, 0x75, 0x69, 0x6e, 0x74, 0x33, 0x32, 0x18, 0x05, 0x20, 0x01,
+	0x28, 0x0b, 0x32, 0x15, 0x2e, 0x76, 0x61, 0x6c, 0x69, 0x64, 0x61, 0x74, 0x65, 0x2e, 0x55, 0x49,
+	0x6e, 0x74, 0x33, 0x32, 0x52, 0x75, 0x6c, 0x65, 0x73, 0x48, 0x00, 0x52, 0x06, 0x75, 0x69, 0x6e,
+	0x74, 0x33, 0x32, 0x12, 0x2f, 0x0a, 0x06, 0x75, 0x69, 0x6e, 0x74, 0x36, 0x34, 0x18, 0x06, 0x20,
+	0x01, 0x28, 0x0b, 0x32, 0x15, 0x2e, 0x76, 0x61, 0x6c, 0x69, 0x64, 0x61, 0x74, 0x65, 0x2e, 0x55,
+	0x49, 0x6e, 0x74, 0x36, 0x34, 0x52, 0x75, 0x6c, 0x65, 0x73, 0x48, 0x00, 0x52, 0x06, 0x75, 0x69,
+	0x6e, 0x74, 0x36, 0x34, 0x12, 0x2f, 0x0a, 0x06, 0x73, 0x69, 0x6e, 0x74, 0x33, 0x32, 0x18, 0x07,
+	0x20, 0x01, 0x28, 0x0b, 0x32, 0x15, 0x2e, 0x76, 0x61, 0x6c, 0x69, 0x64, 0x61, 0x74, 0x65, 0x2e,
+	0x53, 0x49, 0x6e, 0x74, 0x33, 0x32, 0x52, 0x75, 0x6c, 0x65, 0x73, 0x48, 0x00, 0x52, 0x06, 0x73,
+	0x69, 0x6e, 0x74, 0x33, 0x32, 0x12, 0x2f, 0x0a, 0x06, 0x73, 0x69, 0x6e, 0x74, 0x36, 0x34, 0x18,
+	0x08, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x15, 0x2e, 0x76, 0x61, 0x6c, 0x69, 0x64, 0x61, 0x74, 0x65,
+	0x2e, 0x53, 0x49, 0x6e, 0x74, 0x36, 0x34, 0x52, 0x75, 0x6c, 0x65, 0x73, 0x48, 0x00, 0x52, 0x06,
+	0x73, 0x69, 0x6e, 0x74, 0x36, 0x34, 0x12, 0x32, 0x0a, 0x07, 0x66, 0x69, 0x78, 0x65, 0x64, 0x33,
+	0x32, 0x18, 0x09, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x16, 0x2e, 0x76, 0x61, 0x6c, 0x69, 0x64, 0x61,
+	0x74, 0x65, 0x2e, 0x46, 0x69, 0x78, 0x65, 0x64, 0x33, 0x32, 0x52, 0x75, 0x6c, 0x65, 0x73, 0x48,
+	0x00, 0x52, 0x07, 0x66, 0x69, 0x78, 0x65, 0x64, 0x33, 0x32, 0x12, 0x32, 0x0a, 0x07, 0x66, 0x69,
+	0x78, 0x65, 0x64, 0x36, 0x34, 0x18, 0x0a, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x16, 0x2e, 0x76, 0x61,
+	0x6c, 0x69, 0x64, 0x61, 0x74, 0x65, 0x2e, 0x46, 0x69, 0x78, 0x65, 0x64, 0x36, 0x34, 0x52, 0x75,
+	0x6c, 0x65, 0x73, 0x48, 0x00, 0x52, 0x07, 0x66, 0x69, 0x78, 0x65, 0x64, 0x36, 0x34, 0x12, 0x35,
+	0x0a, 0x08, 0x73, 0x66, 0x69, 0x78, 0x65, 0x64, 0x33, 0x32, 0x18, 0x0b, 0x20, 0x01, 0x28, 0x0b,
+	0x32, 0x17, 0x2e, 0x76, 0x61, 0x6c, 0x69, 0x64, 0x61, 0x74, 0x65, 0x2e, 0x53, 0x46, 0x69, 0x78,
+	0x65, 0x64, 0x33, 0x32, 0x52, 0x75, 0x6c, 0x65, 0x73, 0x48, 0x00, 0x52, 0x08, 0x73, 0x66, 0x69,
+	0x78, 0x65, 0x64, 0x33, 0x32, 0x12, 0x35, 0x0a, 0x08, 0x73, 0x66, 0x69, 0x78, 0x65, 0x64, 0x36,
+	0x34, 0x18, 0x0c, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x17, 0x2e, 0x76, 0x61, 0x6c, 0x69, 0x64, 0x61,
+	0x74, 0x65, 0x2e, 0x53, 0x46, 0x69, 0x78, 0x65, 0x64, 0x36, 0x34, 0x52, 0x75, 0x6c, 0x65, 0x73,
+	0x48, 0x00, 0x52, 0x08, 0x73, 0x66, 0x69, 0x78, 0x65, 0x64, 0x36, 0x34, 0x12, 0x29, 0x0a, 0x04,
+	0x62, 0x6f, 0x6f, 0x6c, 0x18, 0x0d, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x13, 0x2e, 0x76, 0x61, 0x6c,
+	0x69, 0x64, 0x61, 0x74, 0x65, 0x2e, 0x42, 0x6f, 0x6f, 0x6c, 0x52, 0x75, 0x6c, 0x65, 0x73, 0x48,
+	0x00, 0x52, 0x04, 0x62, 0x6f, 0x6f, 0x6c, 0x12, 0x2f, 0x0a, 0x06, 0x73, 0x74, 0x72, 0x69, 0x6e,
+	0x67, 0x18, 0x0e, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x15, 0x2e, 0x76, 0x61, 0x6c, 0x69, 0x64, 0x61,
+	0x74, 0x65, 0x2e, 0x53, 0x74, 0x72, 0x69, 0x6e, 0x67, 0x52, 0x75, 0x6c, 0x65, 0x73, 0x48, 0x00,
+	0x52, 0x06, 0x73, 0x74, 0x72, 0x69, 0x6e, 0x67, 0x12, 0x2c, 0x0a, 0x05, 0x62, 0x79, 0x74, 0x65,
+	0x73, 0x18, 0x0f, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x14, 0x2e, 0x76, 0x61, 0x6c, 0x69, 0x64, 0x61,
+	0x74, 0x65, 0x2e, 0x42, 0x79, 0x74, 0x65, 0x73, 0x52, 0x75, 0x6c, 0x65, 0x73, 0x48, 0x00, 0x52,
+	0x05, 0x62, 0x79, 0x74, 0x65, 0x73, 0x12, 0x29, 0x0a, 0x04, 0x65, 0x6e, 0x75, 0x6d, 0x18, 0x10,
+	0x20, 0x01, 0x28, 0x0b, 0x32, 0x13, 0x2e, 0x76, 0x61, 0x6c, 0x69, 0x64, 0x61, 0x74, 0x65, 0x2e,
+	0x45, 0x6e, 0x75, 0x6d, 0x52, 0x75, 0x6c, 0x65, 0x73, 0x48, 0x00, 0x52, 0x04, 0x65, 0x6e, 0x75,
+	0x6d, 0x12, 0x35, 0x0a, 0x08, 0x72, 0x65, 0x70, 0x65, 0x61, 0x74, 0x65, 0x64, 0x18, 0x12, 0x20,
+	0x01, 0x28, 0x0b, 0x32, 0x17, 0x2e, 0x76, 0x61, 0x6c, 0x69, 0x64, 0x61, 0x74, 0x65, 0x2e, 0x52,
+	0x65, 0x70, 0x65, 0x61, 0x74, 0x65, 0x64, 0x52, 0x75, 0x6c, 0x65, 0x73, 0x48, 0x00, 0x52, 0x08,
+	0x72, 0x65, 0x70, 0x65, 0x61, 0x74, 0x65, 0x64, 0x12, 0x26, 0x0a, 0x03, 0x6d, 0x61, 0x70, 0x18,
+	0x13, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x12, 0x2e, 0x76, 0x61, 0x6c, 0x69, 0x64, 0x61, 0x74, 0x65,
+	0x2e, 0x4d, 0x61, 0x70, 0x52, 0x75, 0x6c, 0x65, 0x73, 0x48, 0x00, 0x52, 0x03, 0x6d, 0x61, 0x70,
+	0x12, 0x26, 0x0a, 0x03, 0x61, 0x6e, 0x79, 0x18, 0x14, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x12, 0x2e,
+	0x76, 0x61, 0x6c, 0x69, 0x64, 0x61, 0x74, 0x65, 0x2e, 0x41, 0x6e, 0x79, 0x52, 0x75, 0x6c, 0x65,
+	0x73, 0x48, 0x00, 0x52, 0x03, 0x61, 0x6e, 0x79, 0x12, 0x35, 0x0a, 0x08, 0x64, 0x75, 0x72, 0x61,
+	0x74, 0x69, 0x6f, 0x6e, 0x18, 0x15, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x17, 0x2e, 0x76, 0x61, 0x6c,
+	0x69, 0x64, 0x61, 0x74, 0x65, 0x2e, 0x44, 0x75, 0x72, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x52, 0x75,
+	0x6c, 0x65, 0x73, 0x48, 0x00, 0x52, 0x08, 0x64, 0x75, 0x72, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x12,
+	0x38, 0x0a, 0x09, 0x74, 0x69, 0x6d, 0x65, 0x73, 0x74, 0x61, 0x6d, 0x70, 0x18, 0x16, 0x20, 0x01,
+	0x28, 0x0b, 0x32, 0x18, 0x2e, 0x76, 0x61, 0x6c, 0x69, 0x64, 0x61, 0x74, 0x65, 0x2e, 0x54, 0x69,
+	0x6d, 0x65, 0x73, 0x74, 0x61, 0x6d, 0x70, 0x52, 0x75, 0x6c, 0x65, 0x73, 0x48, 0x00, 0x52, 0x09,
+	0x74, 0x69, 0x6d, 0x65, 0x73, 0x74, 0x61, 0x6d, 0x70, 0x42, 0x06, 0x0a, 0x04, 0x74, 0x79, 0x70,
+	0x65, 0x22, 0xb0, 0x01, 0x0a, 0x0a, 0x46, 0x6c, 0x6f, 0x61, 0x74, 0x52, 0x75, 0x6c, 0x65, 0x73,
+	0x12, 0x14, 0x0a, 0x05, 0x63, 0x6f, 0x6e, 0x73, 0x74, 0x18, 0x01, 0x20, 0x01, 0x28, 0x02, 0x52,
+	0x05, 0x63, 0x6f, 0x6e, 0x73, 0x74, 0x12, 0x0e, 0x0a, 0x02, 0x6c, 0x74, 0x18, 0x02, 0x20, 0x01,
+	0x28, 0x02, 0x52, 0x02, 0x6c, 0x74, 0x12, 0x10, 0x0a, 0x03, 0x6c, 0x74, 0x65, 0x18, 0x03, 0x20,
+	0x01, 0x28, 0x02, 0x52, 0x03, 0x6c, 0x74, 0x65, 0x12, 0x0e, 0x0a, 0x02, 0x67, 0x74, 0x18, 0x04,
+	0x20, 0x01, 0x28, 0x02, 0x52, 0x02, 0x67, 0x74, 0x12, 0x10, 0x0a, 0x03, 0x67, 0x74, 0x65, 0x18,
+	0x05, 0x20, 0x01, 0x28, 0x02, 0x52, 0x03, 0x67, 0x74, 0x65, 0x12, 0x0e, 0x0a, 0x02, 0x69, 0x6e,
+	0x18, 0x06, 0x20, 0x03, 0x28, 0x02, 0x52, 0x02, 0x69, 0x6e, 0x12, 0x15, 0x0a, 0x06, 0x6e, 0x6f,
+	0x74, 0x5f, 0x69, 0x6e, 0x18, 0x07, 0x20, 0x03, 0x28, 0x02, 0x52, 0x05, 0x6e, 0x6f, 0x74, 0x49,
+	0x6e, 0x12, 0x21, 0x0a, 0x0c, 0x69, 0x67, 0x6e, 0x6f, 0x72, 0x65, 0x5f, 0x65, 0x6d, 0x70, 0x74,
+	0x79, 0x18, 0x08, 0x20, 0x01, 0x28, 0x08, 0x52, 0x0b, 0x69, 0x67, 0x6e, 0x6f, 0x72, 0x65, 0x45,
+	0x6d, 0x70, 0x74, 0x79, 0x22, 0xb1, 0x01, 0x0a, 0x0b, 0x44, 0x6f, 0x75, 0x62, 0x6c, 0x65, 0x52,
+	0x75, 0x6c, 0x65, 0x73, 0x12, 0x14, 0x0a, 0x05, 0x63, 0x6f, 0x6e, 0x73, 0x74, 0x18, 0x01, 0x20,
+	0x01, 0x28, 0x01, 0x52, 0x05, 0x63, 0x6f, 0x6e, 0x73, 0x74, 0x12, 0x0e, 0x0a, 0x02, 0x6c, 0x74,
+	0x18, 0x02, 0x20, 0x01, 0x28, 0x01, 0x52, 0x02, 0x6c, 0x74, 0x12, 0x10, 0x0a, 0x03, 0x6c, 0x74,
+	0x65, 0x18, 0x03, 0x20, 0x01, 0x28, 0x01, 0x52, 0x03, 0x6c, 0x74, 0x65, 0x12, 0x0e, 0x0a, 0x02,
+	0x67, 0x74, 0x18, 0x04, 0x20, 0x01, 0x28, 0x01, 0x52, 0x02, 0x67, 0x74, 0x12, 0x10, 0x0a, 0x03,
+	0x67, 0x74, 0x65, 0x18, 0x05, 0x20, 0x01, 0x28, 0x01, 0x52, 0x03, 0x67, 0x74, 0x65, 0x12, 0x0e,
+	0x0a, 0x02, 0x69, 0x6e, 0x18, 0x06, 0x20, 0x03, 0x28, 0x01, 0x52, 0x02, 0x69, 0x6e, 0x12, 0x15,
+	0x0a, 0x06, 0x6e, 0x6f, 0x74, 0x5f, 0x69, 0x6e, 0x18, 0x07, 0x20, 0x03, 0x28, 0x01, 0x52, 0x05,
+	0x6e, 0x6f, 0x74, 0x49, 0x6e, 0x12, 0x21, 0x0a, 0x0c, 0x69, 0x67, 0x6e, 0x6f, 0x72, 0x65, 0x5f,
+	0x65, 0x6d, 0x70, 0x74, 0x79, 0x18, 0x08, 0x20, 0x01, 0x28, 0x08, 0x52, 0x0b, 0x69, 0x67, 0x6e,
+	0x6f, 0x72, 0x65, 0x45, 0x6d, 0x70, 0x74, 0x79, 0x22, 0xb0, 0x01, 0x0a, 0x0a, 0x49, 0x6e, 0x74,
+	0x33, 0x32, 0x52, 0x75, 0x6c, 0x65, 0x73, 0x12, 0x14, 0x0a, 0x05, 0x63, 0x6f, 0x6e, 0x73, 0x74,
+	0x18, 0x01, 0x20, 0x01, 0x28, 0x05, 0x52, 0x05, 0x63, 0x6f, 0x6e, 0x73, 0x74, 0x12, 0x0e, 0x0a,
+	0x02, 0x6c, 0x74, 0x18, 0x02, 0x20, 0x01, 0x28, 0x05, 0x52, 0x02, 0x6c, 0x74, 0x12, 0x10, 0x0a,
+	0x03, 0x6c, 0x74, 0x65, 0x18, 0x03, 0x20, 0x01, 0x28, 0x05, 0x52, 0x03, 0x6c, 0x74, 0x65, 0x12,
+	0x0e, 0x0a, 0x02, 0x67, 0x74, 0x18, 0x04, 0x20, 0x01, 0x28, 0x05, 0x52, 0x02, 0x67, 0x74, 0x12,
+	0x10, 0x0a, 0x03, 0x67, 0x74, 0x65, 0x18, 0x05, 0x20, 0x01, 0x28, 0x05, 0x52, 0x03, 0x67, 0x74,
+	0x65, 0x12, 0x0e, 0x0a, 0x02, 0x69, 0x6e, 0x18, 0x06, 0x20, 0x03, 0x28, 0x05, 0x52, 0x02, 0x69,
+	0x6e, 0x12, 0x15, 0x0a, 0x06, 0x6e, 0x6f, 0x74, 0x5f, 0x69, 0x6e, 0x18, 0x07, 0x20, 0x03, 0x28,
+	0x05, 0x52, 0x05, 0x6e, 0x6f, 0x74, 0x49, 0x6e, 0x12, 0x21, 0x0a, 0x0c, 0x69, 0x67, 0x6e, 0x6f,
+	0x72, 0x65, 0x5f, 0x65, 0x6d, 0x70, 0x74, 0x79, 0x18, 0x08, 0x20, 0x01, 0x28, 0x08, 0x52, 0x0b,
+	0x69, 0x67, 0x6e, 0x6f, 0x72, 0x65, 0x45, 0x6d, 0x70, 0x74, 0x79, 0x22, 0xb0, 0x01, 0x0a, 0x0a,
+	0x49, 0x6e, 0x74, 0x36, 0x34, 0x52, 0x75, 0x6c, 0x65, 0x73, 0x12, 0x14, 0x0a, 0x05, 0x63, 0x6f,
+	0x6e, 0x73, 0x74, 0x18, 0x01, 0x20, 0x01, 0x28, 0x03, 0x52, 0x05, 0x63, 0x6f, 0x6e, 0x73, 0x74,
+	0x12, 0x0e, 0x0a, 0x02, 0x6c, 0x74, 0x18, 0x02, 0x20, 0x01, 0x28, 0x03, 0x52, 0x02, 0x6c, 0x74,
+	0x12, 0x10, 0x0a, 0x03, 0x6c, 0x74, 0x65, 0x18, 0x03, 0x20, 0x01, 0x28, 0x03, 0x52, 0x03, 0x6c,
+	0x74, 0x65, 0x12, 0x0e, 0x0a, 0x02, 0x67, 0x74, 0x18, 0x04, 0x20, 0x01, 0x28, 0x03, 0x52, 0x02,
+	0x67, 0x74, 0x12, 0x10, 0x0a, 0x03, 0x67, 0x74, 0x65, 0x18, 0x05, 0x20, 0x01, 0x28, 0x03, 0x52,
+	0x03, 0x67, 0x74, 0x65, 0x12, 0x0e, 0x0a, 0x02, 0x69, 0x6e, 0x18, 0x06, 0x20, 0x03, 0x28, 0x03,
+	0x52, 0x02, 0x69, 0x6e, 0x12, 0x15, 0x0a, 0x06, 0x6e, 0x6f, 0x74, 0x5f, 0x69, 0x6e, 0x18, 0x07,
+	0x20, 0x03, 0x28, 0x03, 0x52, 0x05, 0x6e, 0x6f, 0x74, 0x49, 0x6e, 0x12, 0x21, 0x0a, 0x0c, 0x69,
+	0x67, 0x6e, 0x6f, 0x72, 0x65, 0x5f, 0x65, 0x6d, 0x70, 0x74, 0x79, 0x18, 0x08, 0x20, 0x01, 0x28,
+	0x08, 0x52, 0x0b, 0x69, 0x67, 0x6e, 0x6f, 0x72, 0x65, 0x45, 0x6d, 0x70, 0x74, 0x79, 0x22, 0xb1,
+	0x01, 0x0a, 0x0b, 0x55, 0x49, 0x6e, 0x74, 0x33, 0x32, 0x52, 0x75, 0x6c, 0x65, 0x73, 0x12, 0x14,
+	0x0a, 0x05, 0x63, 0x6f, 0x6e, 0x73, 0x74, 0x18, 0x01, 0x20, 0x01, 0x28, 0x0d, 0x52, 0x05, 0x63,
+	0x6f, 0x6e, 0x73, 0x74, 0x12, 0x0e, 0x0a, 0x02, 0x6c, 0x74, 0x18, 0x02, 0x20, 0x01, 0x28, 0x0d,
+	0x52, 0x02, 0x6c, 0x74, 0x12, 0x10, 0x0a, 0x03, 0x6c, 0x74, 0x65, 0x18, 0x03, 0x20, 0x01, 0x28,
+	0x0d, 0x52, 0x03, 0x6c, 0x74, 0x65, 0x12, 0x0e, 0x0a, 0x02, 0x67, 0x74, 0x18, 0x04, 0x20, 0x01,
+	0x28, 0x0d, 0x52, 0x02, 0x67, 0x74, 0x12, 0x10, 0x0a, 0x03, 0x67, 0x74, 0x65, 0x18, 0x05, 0x20,
+	0x01, 0x28, 0x0d, 0x52, 0x03, 0x67, 0x74, 0x65, 0x12, 0x0e, 0x0a, 0x02, 0x69, 0x6e, 0x18, 0x06,
+	0x20, 0x03, 0x28, 0x0d, 0x52, 0x02, 0x69, 0x6e, 0x12, 0x15, 0x0a, 0x06, 0x6e, 0x6f, 0x74, 0x5f,
+	0x69, 0x6e, 0x18, 0x07, 0x20, 0x03, 0x28, 0x0d, 0x52, 0x05, 0x6e, 0x6f, 0x74, 0x49, 0x6e, 0x12,
+	0x21, 0x0a, 0x0c, 0x69, 0x67, 0x6e, 0x6f, 0x72, 0x65, 0x5f, 0x65, 0x6d, 0x70, 0x74, 0x79, 0x18,
+	0x08, 0x20, 0x01, 0x28, 0x08, 0x52, 0x0b, 0x69, 0x67, 0x6e, 0x6f, 0x72, 0x65, 0x45, 0x6d, 0x70,
+	0x74, 0x79, 0x22, 0xb1, 0x01, 0x0a, 0x0b, 0x55, 0x49, 0x6e, 0x74, 0x36, 0x34, 0x52, 0x75, 0x6c,
+	0x65, 0x73, 0x12, 0x14, 0x0a, 0x05, 0x63, 0x6f, 0x6e, 0x73, 0x74, 0x18, 0x01, 0x20, 0x01, 0x28,
+	0x04, 0x52, 0x05, 0x63, 0x6f, 0x6e, 0x73, 0x74, 0x12, 0x0e, 0x0a, 0x02, 0x6c, 0x74, 0x18, 0x02,
+	0x20, 0x01, 0x28, 0x04, 0x52, 0x02, 0x6c, 0x74, 0x12, 0x10, 0x0a, 0x03, 0x6c, 0x74, 0x65, 0x18,
+	0x03, 0x20, 0x01, 0x28, 0x04, 0x52, 0x03, 0x6c, 0x74, 0x65, 0x12, 0x0e, 0x0a, 0x02, 0x67, 0x74,
+	0x18, 0x04, 0x20, 0x01, 0x28, 0x04, 0x52, 0x02, 0x67, 0x74, 0x12, 0x10, 0x0a, 0x03, 0x67, 0x74,
+	0x65, 0x18, 0x05, 0x20, 0x01, 0x28, 0x04, 0x52, 0x03, 0x67, 0x74, 0x65, 0x12, 0x0e, 0x0a, 0x02,
+	0x69, 0x6e, 0x18, 0x06, 0x20, 0x03, 0x28, 0x04, 0x52, 0x02, 0x69, 0x6e, 0x12, 0x15, 0x0a, 0x06,
+	0x6e, 0x6f, 0x74, 0x5f, 0x69, 0x6e, 0x18, 0x07, 0x20, 0x03, 0x28, 0x04, 0x52, 0x05, 0x6e, 0x6f,
+	0x74, 0x49, 0x6e, 0x12, 0x21, 0x0a, 0x0c, 0x69, 0x67, 0x6e, 0x6f, 0x72, 0x65, 0x5f, 0x65, 0x6d,
+	0x70, 0x74, 0x79, 0x18, 0x08, 0x20, 0x01, 0x28, 0x08, 0x52, 0x0b, 0x69, 0x67, 0x6e, 0x6f, 0x72,
+	0x65, 0x45, 0x6d, 0x70, 0x74, 0x79, 0x22, 0xb1, 0x01, 0x0a, 0x0b, 0x53, 0x49, 0x6e, 0x74, 0x33,
+	0x32, 0x52, 0x75, 0x6c, 0x65, 0x73, 0x12, 0x14, 0x0a, 0x05, 0x63, 0x6f, 0x6e, 0x73, 0x74, 0x18,
+	0x01, 0x20, 0x01, 0x28, 0x11, 0x52, 0x05, 0x63, 0x6f, 0x6e, 0x73, 0x74, 0x12, 0x0e, 0x0a, 0x02,
+	0x6c, 0x74, 0x18, 0x02, 0x20, 0x01, 0x28, 0x11, 0x52, 0x02, 0x6c, 0x74, 0x12, 0x10, 0x0a, 0x03,
+	0x6c, 0x74, 0x65, 0x18, 0x03, 0x20, 0x01, 0x28, 0x11, 0x52, 0x03, 0x6c, 0x74, 0x65, 0x12, 0x0e,
+	0x0a, 0x02, 0x67, 0x74, 0x18, 0x04, 0x20, 0x01, 0x28, 0x11, 0x52, 0x02, 0x67, 0x74, 0x12, 0x10,
+	0x0a, 0x03, 0x67, 0x74, 0x65, 0x18, 0x05, 0x20, 0x01, 0x28, 0x11, 0x52, 0x03, 0x67, 0x74, 0x65,
+	0x12, 0x0e, 0x0a, 0x02, 0x69, 0x6e, 0x18, 0x06, 0x20, 0x03, 0x28, 0x11, 0x52, 0x02, 0x69, 0x6e,
+	0x12, 0x15, 0x0a, 0x06, 0x6e, 0x6f, 0x74, 0x5f, 0x69, 0x6e, 0x18, 0x07, 0x20, 0x03, 0x28, 0x11,
+	0x52, 0x05, 0x6e, 0x6f, 0x74, 0x49, 0x6e, 0x12, 0x21, 0x0a, 0x0c, 0x69, 0x67, 0x6e, 0x6f, 0x72,
+	0x65, 0x5f, 0x65, 0x6d, 0x70, 0x74, 0x79, 0x18, 0x08, 0x20, 0x01, 0x28, 0x08, 0x52, 0x0b, 0x69,
+	0x67, 0x6e, 0x6f, 0x72, 0x65, 0x45, 0x6d, 0x70, 0x74, 0x79, 0x22, 0xb1, 0x01, 0x0a, 0x0b, 0x53,
+	0x49, 0x6e, 0x74, 0x36, 0x34, 0x52, 0x75, 0x6c, 0x65, 0x73, 0x12, 0x14, 0x0a, 0x05, 0x63, 0x6f,
+	0x6e, 0x73, 0x74, 0x18, 0x01, 0x20, 0x01, 0x28, 0x12, 0x52, 0x05, 0x63, 0x6f, 0x6e, 0x73, 0x74,
+	0x12, 0x0e, 0x0a, 0x02, 0x6c, 0x74, 0x18, 0x02, 0x20, 0x01, 0x28, 0x12, 0x52, 0x02, 0x6c, 0x74,
+	0x12, 0x10, 0x0a, 0x03, 0x6c, 0x74, 0x65, 0x18, 0x03, 0x20, 0x01, 0x28, 0x12, 0x52, 0x03, 0x6c,
+	0x74, 0x65, 0x12, 0x0e, 0x0a, 0x02, 0x67, 0x74, 0x18, 0x04, 0x20, 0x01, 0x28, 0x12, 0x52, 0x02,
+	0x67, 0x74, 0x12, 0x10, 0x0a, 0x03, 0x67, 0x74, 0x65, 0x18, 0x05, 0x20, 0x01, 0x28, 0x12, 0x52,
+	0x03, 0x67, 0x74, 0x65, 0x12, 0x0e, 0x0a, 0x02, 0x69, 0x6e, 0x18, 0x06, 0x20, 0x03, 0x28, 0x12,
+	0x52, 0x02, 0x69, 0x6e, 0x12, 0x15, 0x0a, 0x06, 0x6e, 0x6f, 0x74, 0x5f, 0x69, 0x6e, 0x18, 0x07,
+	0x20, 0x03, 0x28, 0x12, 0x52, 0x05, 0x6e, 0x6f, 0x74, 0x49, 0x6e, 0x12, 0x21, 0x0a, 0x0c, 0x69,
+	0x67, 0x6e, 0x6f, 0x72, 0x65, 0x5f, 0x65, 0x6d, 0x70, 0x74, 0x79, 0x18, 0x08, 0x20, 0x01, 0x28,
+	0x08, 0x52, 0x0b, 0x69, 0x67, 0x6e, 0x6f, 0x72, 0x65, 0x45, 0x6d, 0x70, 0x74, 0x79, 0x22, 0xb2,
+	0x01, 0x0a, 0x0c, 0x46, 0x69, 0x78, 0x65, 0x64, 0x33, 0x32, 0x52, 0x75, 0x6c, 0x65, 0x73, 0x12,
+	0x14, 0x0a, 0x05, 0x63, 0x6f, 0x6e, 0x73, 0x74, 0x18, 0x01, 0x20, 0x01, 0x28, 0x07, 0x52, 0x05,
+	0x63, 0x6f, 0x6e, 0x73, 0x74, 0x12, 0x0e, 0x0a, 0x02, 0x6c, 0x74, 0x18, 0x02, 0x20, 0x01, 0x28,
+	0x07, 0x52, 0x02, 0x6c, 0x74, 0x12, 0x10, 0x0a, 0x03, 0x6c, 0x74, 0x65, 0x18, 0x03, 0x20, 0x01,
+	0x28, 0x07, 0x52, 0x03, 0x6c, 0x74, 0x65, 0x12, 0x0e, 0x0a, 0x02, 0x67, 0x74, 0x18, 0x04, 0x20,
+	0x01, 0x28, 0x07, 0x52, 0x02, 0x67, 0x74, 0x12, 0x10, 0x0a, 0x03, 0x67, 0x74, 0x65, 0x18, 0x05,
+	0x20, 0x01, 0x28, 0x07, 0x52, 0x03, 0x67, 0x74, 0x65, 0x12, 0x0e, 0x0a, 0x02, 0x69, 0x6e, 0x18,
+	0x06, 0x20, 0x03, 0x28, 0x07, 0x52, 0x02, 0x69, 0x6e, 0x12, 0x15, 0x0a, 0x06, 0x6e, 0x6f, 0x74,
+	0x5f, 0x69, 0x6e, 0x18, 0x07, 0x20, 0x03, 0x28, 0x07, 0x52, 0x05, 0x6e, 0x6f, 0x74, 0x49, 0x6e,
+	0x12, 0x21, 0x0a, 0x0c, 0x69, 0x67, 0x6e, 0x6f, 0x72, 0x65, 0x5f, 0x65, 0x6d, 0x70, 0x74, 0x79,
+	0x18, 0x08, 0x20, 0x01, 0x28, 0x08, 0x52, 0x0b, 0x69, 0x67, 0x6e, 0x6f, 0x72, 0x65, 0x45, 0x6d,
+	0x70, 0x74, 0x79, 0x22, 0xb2, 0x01, 0x0a, 0x0c, 0x46, 0x69, 0x78, 0x65, 0x64, 0x36, 0x34, 0x52,
+	0x75, 0x6c, 0x65, 0x73, 0x12, 0x14, 0x0a, 0x05, 0x63, 0x6f, 0x6e, 0x73, 0x74, 0x18, 0x01, 0x20,
+	0x01, 0x28, 0x06, 0x52, 0x05, 0x63, 0x6f, 0x6e, 0x73, 0x74, 0x12, 0x0e, 0x0a, 0x02, 0x6c, 0x74,
+	0x18, 0x02, 0x20, 0x01, 0x28, 0x06, 0x52, 0x02, 0x6c, 0x74, 0x12, 0x10, 0x0a, 0x03, 0x6c, 0x74,
+	0x65, 0x18, 0x03, 0x20, 0x01, 0x28, 0x06, 0x52, 0x03, 0x6c, 0x74, 0x65, 0x12, 0x0e, 0x0a, 0x02,
+	0x67, 0x74, 0x18, 0x04, 0x20, 0x01, 0x28, 0x06, 0x52, 0x02, 0x67, 0x74, 0x12, 0x10, 0x0a, 0x03,
+	0x67, 0x74, 0x65, 0x18, 0x05, 0x20, 0x01, 0x28, 0x06, 0x52, 0x03, 0x67, 0x74, 0x65, 0x12, 0x0e,
+	0x0a, 0x02, 0x69, 0x6e, 0x18, 0x06, 0x20, 0x03, 0x28, 0x06, 0x52, 0x02, 0x69, 0x6e, 0x12, 0x15,
+	0x0a, 0x06, 0x6e, 0x6f, 0x74, 0x5f, 0x69, 0x6e, 0x18, 0x07, 0x20, 0x03, 0x28, 0x06, 0x52, 0x05,
+	0x6e, 0x6f, 0x74, 0x49, 0x6e, 0x12, 0x21, 0x0a, 0x0c, 0x69, 0x67, 0x6e, 0x6f, 0x72, 0x65, 0x5f,
+	0x65, 0x6d, 0x70, 0x74, 0x79, 0x18, 0x08, 0x20, 0x01, 0x28, 0x08, 0x52, 0x0b, 0x69, 0x67, 0x6e,
+	0x6f, 0x72, 0x65, 0x45, 0x6d, 0x70, 0x74, 0x79, 0x22, 0xb3, 0x01, 0x0a, 0x0d, 0x53, 0x46, 0x69,
+	0x78, 0x65, 0x64, 0x33, 0x32, 0x52, 0x75, 0x6c, 0x65, 0x73, 0x12, 0x14, 0x0a, 0x05, 0x63, 0x6f,
+	0x6e, 0x73, 0x74, 0x18, 0x01, 0x20, 0x01, 0x28, 0x0f, 0x52, 0x05, 0x63, 0x6f, 0x6e, 0x73, 0x74,
+	0x12, 0x0e, 0x0a, 0x02, 0x6c, 0x74, 0x18, 0x02, 0x20, 0x01, 0x28, 0x0f, 0x52, 0x02, 0x6c, 0x74,
+	0x12, 0x10, 0x0a, 0x03, 0x6c, 0x74, 0x65, 0x18, 0x03, 0x20, 0x01, 0x28, 0x0f, 0x52, 0x03, 0x6c,
+	0x74, 0x65, 0x12, 0x0e, 0x0a, 0x02, 0x67, 0x74, 0x18, 0x04, 0x20, 0x01, 0x28, 0x0f, 0x52, 0x02,
+	0x67, 0x74, 0x12, 0x10, 0x0a, 0x03, 0x67, 0x74, 0x65, 0x18, 0x05, 0x20, 0x01, 0x28, 0x0f, 0x52,
+	0x03, 0x67, 0x74, 0x65, 0x12, 0x0e, 0x0a, 0x02, 0x69, 0x6e, 0x18, 0x06, 0x20, 0x03, 0x28, 0x0f,
+	0x52, 0x02, 0x69, 0x6e, 0x12, 0x15, 0x0a, 0x06, 0x6e, 0x6f, 0x74, 0x5f, 0x69, 0x6e, 0x18, 0x07,
+	0x20, 0x03, 0x28, 0x0f, 0x52, 0x05, 0x6e, 0x6f, 0x74, 0x49, 0x6e, 0x12, 0x21, 0x0a, 0x0c, 0x69,
+	0x67, 0x6e, 0x6f, 0x72, 0x65, 0x5f, 0x65, 0x6d, 0x70, 0x74, 0x79, 0x18, 0x08, 0x20, 0x01, 0x28,
+	0x08, 0x52, 0x0b, 0x69, 0x67, 0x6e, 0x6f, 0x72, 0x65, 0x45, 0x6d, 0x70, 0x74, 0x79, 0x22, 0xb3,
+	0x01, 0x0a, 0x0d, 0x53, 0x46, 0x69, 0x78, 0x65, 0x64, 0x36, 0x34, 0x52, 0x75, 0x6c, 0x65, 0x73,
+	0x12, 0x14, 0x0a, 0x05, 0x63, 0x6f, 0x6e, 0x73, 0x74, 0x18, 0x01, 0x20, 0x01, 0x28, 0x10, 0x52,
+	0x05, 0x63, 0x6f, 0x6e, 0x73, 0x74, 0x12, 0x0e, 0x0a, 0x02, 0x6c, 0x74, 0x18, 0x02, 0x20, 0x01,
+	0x28, 0x10, 0x52, 0x02, 0x6c, 0x74, 0x12, 0x10, 0x0a, 0x03, 0x6c, 0x74, 0x65, 0x18, 0x03, 0x20,
+	0x01, 0x28, 0x10, 0x52, 0x03, 0x6c, 0x74, 0x65, 0x12, 0x0e, 0x0a, 0x02, 0x67, 0x74, 0x18, 0x04,
+	0x20, 0x01, 0x28, 0x10, 0x52, 0x02, 0x67, 0x74, 0x12, 0x10, 0x0a, 0x03, 0x67, 0x74, 0x65, 0x18,
+	0x05, 0x20, 0x01, 0x28, 0x10, 0x52, 0x03, 0x67, 0x74, 0x65, 0x12, 0x0e, 0x0a, 0x02, 0x69, 0x6e,
+	0x18, 0x06, 0x20, 0x03, 0x28, 0x10, 0x52, 0x02, 0x69, 0x6e, 0x12, 0x15, 0x0a, 0x06, 0x6e, 0x6f,
+	0x74, 0x5f, 0x69, 0x6e, 0x18, 0x07, 0x20, 0x03, 0x28, 0x10, 0x52, 0x05, 0x6e, 0x6f, 0x74, 0x49,
+	0x6e, 0x12, 0x21, 0x0a, 0x0c, 0x69, 0x67, 0x6e, 0x6f, 0x72, 0x65, 0x5f, 0x65, 0x6d, 0x70, 0x74,
+	0x79, 0x18, 0x08, 0x20, 0x01, 0x28, 0x08, 0x52, 0x0b, 0x69, 0x67, 0x6e, 0x6f, 0x72, 0x65, 0x45,
+	0x6d, 0x70, 0x74, 0x79, 0x22, 0x21, 0x0a, 0x09, 0x42, 0x6f, 0x6f, 0x6c, 0x52, 0x75, 0x6c, 0x65,
+	0x73, 0x12, 0x14, 0x0a, 0x05, 0x63, 0x6f, 0x6e, 0x73, 0x74, 0x18, 0x01, 0x20, 0x01, 0x28, 0x08,
+	0x52, 0x05, 0x63, 0x6f, 0x6e, 0x73, 0x74, 0x22, 0xd4, 0x05, 0x0a, 0x0b, 0x53, 0x74, 0x72, 0x69,
+	0x6e, 0x67, 0x52, 0x75, 0x6c, 0x65, 0x73, 0x12, 0x14, 0x0a, 0x05, 0x63, 0x6f, 0x6e, 0x73, 0x74,
+	0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x05, 0x63, 0x6f, 0x6e, 0x73, 0x74, 0x12, 0x10, 0x0a,
+	0x03, 0x6c, 0x65, 0x6e, 0x18, 0x13, 0x20, 0x01, 0x28, 0x04, 0x52, 0x03, 0x6c, 0x65, 0x6e, 0x12,
+	0x17, 0x0a, 0x07, 0x6d, 0x69, 0x6e, 0x5f, 0x6c, 0x65, 0x6e, 0x18, 0x02, 0x20, 0x01, 0x28, 0x04,
+	0x52, 0x06, 0x6d, 0x69, 0x6e, 0x4c, 0x65, 0x6e, 0x12, 0x17, 0x0a, 0x07, 0x6d, 0x61, 0x78, 0x5f,
+	0x6c, 0x65, 0x6e, 0x18, 0x03, 0x20, 0x01, 0x28, 0x04, 0x52, 0x06, 0x6d, 0x61, 0x78, 0x4c, 0x65,
+	0x6e, 0x12, 0x1b, 0x0a, 0x09, 0x6c, 0x65, 0x6e, 0x5f, 0x62, 0x79, 0x74, 0x65, 0x73, 0x18, 0x14,
+	0x20, 0x01, 0x28, 0x04, 0x52, 0x08, 0x6c, 0x65, 0x6e, 0x42, 0x79, 0x74, 0x65, 0x73, 0x12, 0x1b,
+	0x0a, 0x09, 0x6d, 0x69, 0x6e, 0x5f, 0x62, 0x79, 0x74, 0x65, 0x73, 0x18, 0x04, 0x20, 0x01, 0x28,
+	0x04, 0x52, 0x08, 0x6d, 0x69, 0x6e, 0x42, 0x79, 0x74, 0x65, 0x73, 0x12, 0x1b, 0x0a, 0x09, 0x6d,
+	0x61, 0x78, 0x5f, 0x62, 0x79, 0x74, 0x65, 0x73, 0x18, 0x05, 0x20, 0x01, 0x28, 0x04, 0x52, 0x08,
+	0x6d, 0x61, 0x78, 0x42, 0x79, 0x74, 0x65, 0x73, 0x12, 0x18, 0x0a, 0x07, 0x70, 0x61, 0x74, 0x74,
+	0x65, 0x72, 0x6e, 0x18, 0x06, 0x20, 0x01, 0x28, 0x09, 0x52, 0x07, 0x70, 0x61, 0x74, 0x74, 0x65,
+	0x72, 0x6e, 0x12, 0x16, 0x0a, 0x06, 0x70, 0x72, 0x65, 0x66, 0x69, 0x78, 0x18, 0x07, 0x20, 0x01,
+	0x28, 0x09, 0x52, 0x06, 0x70, 0x72, 0x65, 0x66, 0x69, 0x78, 0x12, 0x16, 0x0a, 0x06, 0x73, 0x75,
+	0x66, 0x66, 0x69, 0x78, 0x18, 0x08, 0x20, 0x01, 0x28, 0x09, 0x52, 0x06, 0x73, 0x75, 0x66, 0x66,
+	0x69, 0x78, 0x12, 0x1a, 0x0a, 0x08, 0x63, 0x6f, 0x6e, 0x74, 0x61, 0x69, 0x6e, 0x73, 0x18, 0x09,
+	0x20, 0x01, 0x28, 0x09, 0x52, 0x08, 0x63, 0x6f, 0x6e, 0x74, 0x61, 0x69, 0x6e, 0x73, 0x12, 0x21,
+	0x0a, 0x0c, 0x6e, 0x6f, 0x74, 0x5f, 0x63, 0x6f, 0x6e, 0x74, 0x61, 0x69, 0x6e, 0x73, 0x18, 0x17,
+	0x20, 0x01, 0x28, 0x09, 0x52, 0x0b, 0x6e, 0x6f, 0x74, 0x43, 0x6f, 0x6e, 0x74, 0x61, 0x69, 0x6e,
+	0x73, 0x12, 0x0e, 0x0a, 0x02, 0x69, 0x6e, 0x18, 0x0a, 0x20, 0x03, 0x28, 0x09, 0x52, 0x02, 0x69,
+	0x6e, 0x12, 0x15, 0x0a, 0x06, 0x6e, 0x6f, 0x74, 0x5f, 0x69, 0x6e, 0x18, 0x0b, 0x20, 0x03, 0x28,
+	0x09, 0x52, 0x05, 0x6e, 0x6f, 0x74, 0x49, 0x6e, 0x12, 0x16, 0x0a, 0x05, 0x65, 0x6d, 0x61, 0x69,
+	0x6c, 0x18, 0x0c, 0x20, 0x01, 0x28, 0x08, 0x48, 0x00, 0x52, 0x05, 0x65, 0x6d, 0x61, 0x69, 0x6c,
+	0x12, 0x1c, 0x0a, 0x08, 0x68, 0x6f, 0x73, 0x74, 0x6e, 0x61, 0x6d, 0x65, 0x18, 0x0d, 0x20, 0x01,
+	0x28, 0x08, 0x48, 0x00, 0x52, 0x08, 0x68, 0x6f, 0x73, 0x74, 0x6e, 0x61, 0x6d, 0x65, 0x12, 0x10,
+	0x0a, 0x02, 0x69, 0x70, 0x18, 0x0e, 0x20, 0x01, 0x28, 0x08, 0x48, 0x00, 0x52, 0x02, 0x69, 0x70,
+	0x12, 0x14, 0x0a, 0x04, 0x69, 0x70, 0x76, 0x34, 0x18, 0x0f, 0x20, 0x01, 0x28, 0x08, 0x48, 0x00,
+	0x52, 0x04, 0x69, 0x70, 0x76, 0x34, 0x12, 0x14, 0x0a, 0x04, 0x69, 0x70, 0x76, 0x36, 0x18, 0x10,
+	0x20, 0x01, 0x28, 0x08, 0x48, 0x00, 0x52, 0x04, 0x69, 0x70, 0x76, 0x36, 0x12, 0x12, 0x0a, 0x03,
+	0x75, 0x72, 0x69, 0x18, 0x11, 0x20, 0x01, 0x28, 0x08, 0x48, 0x00, 0x52, 0x03, 0x75, 0x72, 0x69,
+	0x12, 0x19, 0x0a, 0x07, 0x75, 0x72, 0x69, 0x5f, 0x72, 0x65, 0x66, 0x18, 0x12, 0x20, 0x01, 0x28,
+	0x08, 0x48, 0x00, 0x52, 0x06, 0x75, 0x72, 0x69, 0x52, 0x65, 0x66, 0x12, 0x1a, 0x0a, 0x07, 0x61,
+	0x64, 0x64, 0x72, 0x65, 0x73, 0x73, 0x18, 0x15, 0x20, 0x01, 0x28, 0x08, 0x48, 0x00, 0x52, 0x07,
+	0x61, 0x64, 0x64, 0x72, 0x65, 0x73, 0x73, 0x12, 0x14, 0x0a, 0x04, 0x75, 0x75, 0x69, 0x64, 0x18,
+	0x16, 0x20, 0x01, 0x28, 0x08, 0x48, 0x00, 0x52, 0x04, 0x75, 0x75, 0x69, 0x64, 0x12, 0x40, 0x0a,
+	0x10, 0x77, 0x65, 0x6c, 0x6c, 0x5f, 0x6b, 0x6e, 0x6f, 0x77, 0x6e, 0x5f, 0x72, 0x65, 0x67, 0x65,
+	0x78, 0x18, 0x18, 0x20, 0x01, 0x28, 0x0e, 0x32, 0x14, 0x2e, 0x76, 0x61, 0x6c, 0x69, 0x64, 0x61,
+	0x74, 0x65, 0x2e, 0x4b, 0x6e, 0x6f, 0x77, 0x6e, 0x52, 0x65, 0x67, 0x65, 0x78, 0x48, 0x00, 0x52,
+	0x0e, 0x77, 0x65, 0x6c, 0x6c, 0x4b, 0x6e, 0x6f, 0x77, 0x6e, 0x52, 0x65, 0x67, 0x65, 0x78, 0x12,
+	0x1c, 0x0a, 0x06, 0x73, 0x74, 0x72, 0x69, 0x63, 0x74, 0x18, 0x19, 0x20, 0x01, 0x28, 0x08, 0x3a,
+	0x04, 0x74, 0x72, 0x75, 0x65, 0x52, 0x06, 0x73, 0x74, 0x72, 0x69, 0x63, 0x74, 0x12, 0x21, 0x0a,
+	0x0c, 0x69, 0x67, 0x6e, 0x6f, 0x72, 0x65, 0x5f, 0x65, 0x6d, 0x70, 0x74, 0x79, 0x18, 0x1a, 0x20,
+	0x01, 0x28, 0x08, 0x52, 0x0b, 0x69, 0x67, 0x6e, 0x6f, 0x72, 0x65, 0x45, 0x6d, 0x70, 0x74, 0x79,
+	0x42, 0x0c, 0x0a, 0x0a, 0x77, 0x65, 0x6c, 0x6c, 0x5f, 0x6b, 0x6e, 0x6f, 0x77, 0x6e, 0x22, 0xe2,
+	0x02, 0x0a, 0x0a, 0x42, 0x79, 0x74, 0x65, 0x73, 0x52, 0x75, 0x6c, 0x65, 0x73, 0x12, 0x14, 0x0a,
+	0x05, 0x63, 0x6f, 0x6e, 0x73, 0x74, 0x18, 0x01, 0x20, 0x01, 0x28, 0x0c, 0x52, 0x05, 0x63, 0x6f,
+	0x6e, 0x73, 0x74, 0x12, 0x10, 0x0a, 0x03, 0x6c, 0x65, 0x6e, 0x18, 0x0d, 0x20, 0x01, 0x28, 0x04,
+	0x52, 0x03, 0x6c, 0x65, 0x6e, 0x12, 0x17, 0x0a, 0x07, 0x6d, 0x69, 0x6e, 0x5f, 0x6c, 0x65, 0x6e,
+	0x18, 0x02, 0x20, 0x01, 0x28, 0x04, 0x52, 0x06, 0x6d, 0x69, 0x6e, 0x4c, 0x65, 0x6e, 0x12, 0x17,
+	0x0a, 0x07, 0x6d, 0x61, 0x78, 0x5f, 0x6c, 0x65, 0x6e, 0x18, 0x03, 0x20, 0x01, 0x28, 0x04, 0x52,
+	0x06, 0x6d, 0x61, 0x78, 0x4c, 0x65, 0x6e, 0x12, 0x18, 0x0a, 0x07, 0x70, 0x61, 0x74, 0x74, 0x65,
+	0x72, 0x6e, 0x18, 0x04, 0x20, 0x01, 0x28, 0x09, 0x52, 0x07, 0x70, 0x61, 0x74, 0x74, 0x65, 0x72,
+	0x6e, 0x12, 0x16, 0x0a, 0x06, 0x70, 0x72, 0x65, 0x66, 0x69, 0x78, 0x18, 0x05, 0x20, 0x01, 0x28,
+	0x0c, 0x52, 0x06, 0x70, 0x72, 0x65, 0x66, 0x69, 0x78, 0x12, 0x16, 0x0a, 0x06, 0x73, 0x75, 0x66,
+	0x66, 0x69, 0x78, 0x18, 0x06, 0x20, 0x01, 0x28, 0x0c, 0x52, 0x06, 0x73, 0x75, 0x66, 0x66, 0x69,
+	0x78, 0x12, 0x1a, 0x0a, 0x08, 0x63, 0x6f, 0x6e, 0x74, 0x61, 0x69, 0x6e, 0x73, 0x18, 0x07, 0x20,
+	0x01, 0x28, 0x0c, 0x52, 0x08, 0x63, 0x6f, 0x6e, 0x74, 0x61, 0x69, 0x6e, 0x73, 0x12, 0x0e, 0x0a,
+	0x02, 0x69, 0x6e, 0x18, 0x08, 0x20, 0x03, 0x28, 0x0c, 0x52, 0x02, 0x69, 0x6e, 0x12, 0x15, 0x0a,
+	0x06, 0x6e, 0x6f, 0x74, 0x5f, 0x69, 0x6e, 0x18, 0x09, 0x20, 0x03, 0x28, 0x0c, 0x52, 0x05, 0x6e,
+	0x6f, 0x74, 0x49, 0x6e, 0x12, 0x10, 0x0a, 0x02, 0x69, 0x70, 0x18, 0x0a, 0x20, 0x01, 0x28, 0x08,
+	0x48, 0x00, 0x52, 0x02, 0x69, 0x70, 0x12, 0x14, 0x0a, 0x04, 0x69, 0x70, 0x76, 0x34, 0x18, 0x0b,
+	0x20, 0x01, 0x28, 0x08, 0x48, 0x00, 0x52, 0x04, 0x69, 0x70, 0x76, 0x34, 0x12, 0x14, 0x0a, 0x04,
+	0x69, 0x70, 0x76, 0x36, 0x18, 0x0c, 0x20, 0x01, 0x28, 0x08, 0x48, 0x00, 0x52, 0x04, 0x69, 0x70,
+	0x76, 0x36, 0x12, 0x21, 0x0a, 0x0c, 0x69, 0x67, 0x6e, 0x6f, 0x72, 0x65, 0x5f, 0x65, 0x6d, 0x70,
+	0x74, 0x79, 0x18, 0x0e, 0x20, 0x01, 0x28, 0x08, 0x52, 0x0b, 0x69, 0x67, 0x6e, 0x6f, 0x72, 0x65,
+	0x45, 0x6d, 0x70, 0x74, 0x79, 0x42, 0x0c, 0x0a, 0x0a, 0x77, 0x65, 0x6c, 0x6c, 0x5f, 0x6b, 0x6e,
+	0x6f, 0x77, 0x6e, 0x22, 0x6b, 0x0a, 0x09, 0x45, 0x6e, 0x75, 0x6d, 0x52, 0x75, 0x6c, 0x65, 0x73,
+	0x12, 0x14, 0x0a, 0x05, 0x63, 0x6f, 0x6e, 0x73, 0x74, 0x18, 0x01, 0x20, 0x01, 0x28, 0x05, 0x52,
+	0x05, 0x63, 0x6f, 0x6e, 0x73, 0x74, 0x12, 0x21, 0x0a, 0x0c, 0x64, 0x65, 0x66, 0x69, 0x6e, 0x65,
+	0x64, 0x5f, 0x6f, 0x6e, 0x6c, 0x79, 0x18, 0x02, 0x20, 0x01, 0x28, 0x08, 0x52, 0x0b, 0x64, 0x65,
+	0x66, 0x69, 0x6e, 0x65, 0x64, 0x4f, 0x6e, 0x6c, 0x79, 0x12, 0x0e, 0x0a, 0x02, 0x69, 0x6e, 0x18,
+	0x03, 0x20, 0x03, 0x28, 0x05, 0x52, 0x02, 0x69, 0x6e, 0x12, 0x15, 0x0a, 0x06, 0x6e, 0x6f, 0x74,
+	0x5f, 0x69, 0x6e, 0x18, 0x04, 0x20, 0x03, 0x28, 0x05, 0x52, 0x05, 0x6e, 0x6f, 0x74, 0x49, 0x6e,
+	0x22, 0x3e, 0x0a, 0x0c, 0x4d, 0x65, 0x73, 0x73, 0x61, 0x67, 0x65, 0x52, 0x75, 0x6c, 0x65, 0x73,
+	0x12, 0x12, 0x0a, 0x04, 0x73, 0x6b, 0x69, 0x70, 0x18, 0x01, 0x20, 0x01, 0x28, 0x08, 0x52, 0x04,
+	0x73, 0x6b, 0x69, 0x70, 0x12, 0x1a, 0x0a, 0x08, 0x72, 0x65, 0x71, 0x75, 0x69, 0x72, 0x65, 0x64,
+	0x18, 0x02, 0x20, 0x01, 0x28, 0x08, 0x52, 0x08, 0x72, 0x65, 0x71, 0x75, 0x69, 0x72, 0x65, 0x64,
+	0x22, 0xb0, 0x01, 0x0a, 0x0d, 0x52, 0x65, 0x70, 0x65, 0x61, 0x74, 0x65, 0x64, 0x52, 0x75, 0x6c,
+	0x65, 0x73, 0x12, 0x1b, 0x0a, 0x09, 0x6d, 0x69, 0x6e, 0x5f, 0x69, 0x74, 0x65, 0x6d, 0x73, 0x18,
+	0x01, 0x20, 0x01, 0x28, 0x04, 0x52, 0x08, 0x6d, 0x69, 0x6e, 0x49, 0x74, 0x65, 0x6d, 0x73, 0x12,
+	0x1b, 0x0a, 0x09, 0x6d, 0x61, 0x78, 0x5f, 0x69, 0x74, 0x65, 0x6d, 0x73, 0x18, 0x02, 0x20, 0x01,
+	0x28, 0x04, 0x52, 0x08, 0x6d, 0x61, 0x78, 0x49, 0x74, 0x65, 0x6d, 0x73, 0x12, 0x16, 0x0a, 0x06,
+	0x75, 0x6e, 0x69, 0x71, 0x75, 0x65, 0x18, 0x03, 0x20, 0x01, 0x28, 0x08, 0x52, 0x06, 0x75, 0x6e,
+	0x69, 0x71, 0x75, 0x65, 0x12, 0x2a, 0x0a, 0x05, 0x69, 0x74, 0x65, 0x6d, 0x73, 0x18, 0x04, 0x20,
+	0x01, 0x28, 0x0b, 0x32, 0x14, 0x2e, 0x76, 0x61, 0x6c, 0x69, 0x64, 0x61, 0x74, 0x65, 0x2e, 0x46,
+	0x69, 0x65, 0x6c, 0x64, 0x52, 0x75, 0x6c, 0x65, 0x73, 0x52, 0x05, 0x69, 0x74, 0x65, 0x6d, 0x73,
+	0x12, 0x21, 0x0a, 0x0c, 0x69, 0x67, 0x6e, 0x6f, 0x72, 0x65, 0x5f, 0x65, 0x6d, 0x70, 0x74, 0x79,
+	0x18, 0x05, 0x20, 0x01, 0x28, 0x08, 0x52, 0x0b, 0x69, 0x67, 0x6e, 0x6f, 0x72, 0x65, 0x45, 0x6d,
+	0x70, 0x74, 0x79, 0x22, 0xdc, 0x01, 0x0a, 0x08, 0x4d, 0x61, 0x70, 0x52, 0x75, 0x6c, 0x65, 0x73,
+	0x12, 0x1b, 0x0a, 0x09, 0x6d, 0x69, 0x6e, 0x5f, 0x70, 0x61, 0x69, 0x72, 0x73, 0x18, 0x01, 0x20,
+	0x01, 0x28, 0x04, 0x52, 0x08, 0x6d, 0x69, 0x6e, 0x50, 0x61, 0x69, 0x72, 0x73, 0x12, 0x1b, 0x0a,
+	0x09, 0x6d, 0x61, 0x78, 0x5f, 0x70, 0x61, 0x69, 0x72, 0x73, 0x18, 0x02, 0x20, 0x01, 0x28, 0x04,
+	0x52, 0x08, 0x6d, 0x61, 0x78, 0x50, 0x61, 0x69, 0x72, 0x73, 0x12, 0x1b, 0x0a, 0x09, 0x6e, 0x6f,
+	0x5f, 0x73, 0x70, 0x61, 0x72, 0x73, 0x65, 0x18, 0x03, 0x20, 0x01, 0x28, 0x08, 0x52, 0x08, 0x6e,
+	0x6f, 0x53, 0x70, 0x61, 0x72, 0x73, 0x65, 0x12, 0x28, 0x0a, 0x04, 0x6b, 0x65, 0x79, 0x73, 0x18,
+	0x04, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x14, 0x2e, 0x76, 0x61, 0x6c, 0x69, 0x64, 0x61, 0x74, 0x65,
+	0x2e, 0x46, 0x69, 0x65, 0x6c, 0x64, 0x52, 0x75, 0x6c, 0x65, 0x73, 0x52, 0x04, 0x6b, 0x65, 0x79,
+	0x73, 0x12, 0x2c, 0x0a, 0x06, 0x76, 0x61, 0x6c, 0x75, 0x65, 0x73, 0x18, 0x05, 0x20, 0x01, 0x28,
+	0x0b, 0x32, 0x14, 0x2e, 0x76, 0x61, 0x6c, 0x69, 0x64, 0x61, 0x74, 0x65, 0x2e, 0x46, 0x69, 0x65,
+	0x6c, 0x64, 0x52, 0x75, 0x6c, 0x65, 0x73, 0x52, 0x06, 0x76, 0x61, 0x6c, 0x75, 0x65, 0x73, 0x12,
+	0x21, 0x0a, 0x0c, 0x69, 0x67, 0x6e, 0x6f, 0x72, 0x65, 0x5f, 0x65, 0x6d, 0x70, 0x74, 0x79, 0x18,
+	0x06, 0x20, 0x01, 0x28, 0x08, 0x52, 0x0b, 0x69, 0x67, 0x6e, 0x6f, 0x72, 0x65, 0x45, 0x6d, 0x70,
+	0x74, 0x79, 0x22, 0x4d, 0x0a, 0x08, 0x41, 0x6e, 0x79, 0x52, 0x75, 0x6c, 0x65, 0x73, 0x12, 0x1a,
+	0x0a, 0x08, 0x72, 0x65, 0x71, 0x75, 0x69, 0x72, 0x65, 0x64, 0x18, 0x01, 0x20, 0x01, 0x28, 0x08,
+	0x52, 0x08, 0x72, 0x65, 0x71, 0x75, 0x69, 0x72, 0x65, 0x64, 0x12, 0x0e, 0x0a, 0x02, 0x69, 0x6e,
+	0x18, 0x02, 0x20, 0x03, 0x28, 0x09, 0x52, 0x02, 0x69, 0x6e, 0x12, 0x15, 0x0a, 0x06, 0x6e, 0x6f,
+	0x74, 0x5f, 0x69, 0x6e, 0x18, 0x03, 0x20, 0x03, 0x28, 0x09, 0x52, 0x05, 0x6e, 0x6f, 0x74, 0x49,
+	0x6e, 0x22, 0xe9, 0x02, 0x0a, 0x0d, 0x44, 0x75, 0x72, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x52, 0x75,
+	0x6c, 0x65, 0x73, 0x12, 0x1a, 0x0a, 0x08, 0x72, 0x65, 0x71, 0x75, 0x69, 0x72, 0x65, 0x64, 0x18,
+	0x01, 0x20, 0x01, 0x28, 0x08, 0x52, 0x08, 0x72, 0x65, 0x71, 0x75, 0x69, 0x72, 0x65, 0x64, 0x12,
+	0x2f, 0x0a, 0x05, 0x63, 0x6f, 0x6e, 0x73, 0x74, 0x18, 0x02, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x19,
+	0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66,
+	0x2e, 0x44, 0x75, 0x72, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x52, 0x05, 0x63, 0x6f, 0x6e, 0x73, 0x74,
+	0x12, 0x29, 0x0a, 0x02, 0x6c, 0x74, 0x18, 0x03, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x19, 0x2e, 0x67,
+	0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x44,
+	0x75, 0x72, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x52, 0x02, 0x6c, 0x74, 0x12, 0x2b, 0x0a, 0x03, 0x6c,
+	0x74, 0x65, 0x18, 0x04, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x19, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c,
+	0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x44, 0x75, 0x72, 0x61, 0x74,
+	0x69, 0x6f, 0x6e, 0x52, 0x03, 0x6c, 0x74, 0x65, 0x12, 0x29, 0x0a, 0x02, 0x67, 0x74, 0x18, 0x05,
+	0x20, 0x01, 0x28, 0x0b, 0x32, 0x19, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72,
+	0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x44, 0x75, 0x72, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x52,
+	0x02, 0x67, 0x74, 0x12, 0x2b, 0x0a, 0x03, 0x67, 0x74, 0x65, 0x18, 0x06, 0x20, 0x01, 0x28, 0x0b,
+	0x32, 0x19, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62,
+	0x75, 0x66, 0x2e, 0x44, 0x75, 0x72, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x52, 0x03, 0x67, 0x74, 0x65,
+	0x12, 0x29, 0x0a, 0x02, 0x69, 0x6e, 0x18, 0x07, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x19, 0x2e, 0x67,
+	0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x44,
+	0x75, 0x72, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x52, 0x02, 0x69, 0x6e, 0x12, 0x30, 0x0a, 0x06, 0x6e,
+	0x6f, 0x74, 0x5f, 0x69, 0x6e, 0x18, 0x08, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x19, 0x2e, 0x67, 0x6f,
+	0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x44, 0x75,
+	0x72, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x52, 0x05, 0x6e, 0x6f, 0x74, 0x49, 0x6e, 0x22, 0xf3, 0x02,
+	0x0a, 0x0e, 0x54, 0x69, 0x6d, 0x65, 0x73, 0x74, 0x61, 0x6d, 0x70, 0x52, 0x75, 0x6c, 0x65, 0x73,
+	0x12, 0x1a, 0x0a, 0x08, 0x72, 0x65, 0x71, 0x75, 0x69, 0x72, 0x65, 0x64, 0x18, 0x01, 0x20, 0x01,
+	0x28, 0x08, 0x52, 0x08, 0x72, 0x65, 0x71, 0x75, 0x69, 0x72, 0x65, 0x64, 0x12, 0x30, 0x0a, 0x05,
+	0x63, 0x6f, 0x6e, 0x73, 0x74, 0x18, 0x02, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1a, 0x2e, 0x67, 0x6f,
+	0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x54, 0x69,
+	0x6d, 0x65, 0x73, 0x74, 0x61, 0x6d, 0x70, 0x52, 0x05, 0x63, 0x6f, 0x6e, 0x73, 0x74, 0x12, 0x2a,
+	0x0a, 0x02, 0x6c, 0x74, 0x18, 0x03, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1a, 0x2e, 0x67, 0x6f, 0x6f,
+	0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x54, 0x69, 0x6d,
+	0x65, 0x73, 0x74, 0x61, 0x6d, 0x70, 0x52, 0x02, 0x6c, 0x74, 0x12, 0x2c, 0x0a, 0x03, 0x6c, 0x74,
+	0x65, 0x18, 0x04, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1a, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65,
+	0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x54, 0x69, 0x6d, 0x65, 0x73, 0x74,
+	0x61, 0x6d, 0x70, 0x52, 0x03, 0x6c, 0x74, 0x65, 0x12, 0x2a, 0x0a, 0x02, 0x67, 0x74, 0x18, 0x05,
+	0x20, 0x01, 0x28, 0x0b, 0x32, 0x1a, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72,
+	0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x54, 0x69, 0x6d, 0x65, 0x73, 0x74, 0x61, 0x6d, 0x70,
+	0x52, 0x02, 0x67, 0x74, 0x12, 0x2c, 0x0a, 0x03, 0x67, 0x74, 0x65, 0x18, 0x06, 0x20, 0x01, 0x28,
+	0x0b, 0x32, 0x1a, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f,
+	0x62, 0x75, 0x66, 0x2e, 0x54, 0x69, 0x6d, 0x65, 0x73, 0x74, 0x61, 0x6d, 0x70, 0x52, 0x03, 0x67,
+	0x74, 0x65, 0x12, 0x15, 0x0a, 0x06, 0x6c, 0x74, 0x5f, 0x6e, 0x6f, 0x77, 0x18, 0x07, 0x20, 0x01,
+	0x28, 0x08, 0x52, 0x05, 0x6c, 0x74, 0x4e, 0x6f, 0x77, 0x12, 0x15, 0x0a, 0x06, 0x67, 0x74, 0x5f,
+	0x6e, 0x6f, 0x77, 0x18, 0x08, 0x20, 0x01, 0x28, 0x08, 0x52, 0x05, 0x67, 0x74, 0x4e, 0x6f, 0x77,
+	0x12, 0x31, 0x0a, 0x06, 0x77, 0x69, 0x74, 0x68, 0x69, 0x6e, 0x18, 0x09, 0x20, 0x01, 0x28, 0x0b,
+	0x32, 0x19, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62,
+	0x75, 0x66, 0x2e, 0x44, 0x75, 0x72, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x52, 0x06, 0x77, 0x69, 0x74,
+	0x68, 0x69, 0x6e, 0x2a, 0x46, 0x0a, 0x0a, 0x4b, 0x6e, 0x6f, 0x77, 0x6e, 0x52, 0x65, 0x67, 0x65,
+	0x78, 0x12, 0x0b, 0x0a, 0x07, 0x55, 0x4e, 0x4b, 0x4e, 0x4f, 0x57, 0x4e, 0x10, 0x00, 0x12, 0x14,
+	0x0a, 0x10, 0x48, 0x54, 0x54, 0x50, 0x5f, 0x48, 0x45, 0x41, 0x44, 0x45, 0x52, 0x5f, 0x4e, 0x41,
+	0x4d, 0x45, 0x10, 0x01, 0x12, 0x15, 0x0a, 0x11, 0x48, 0x54, 0x54, 0x50, 0x5f, 0x48, 0x45, 0x41,
+	0x44, 0x45, 0x52, 0x5f, 0x56, 0x41, 0x4c, 0x55, 0x45, 0x10, 0x02, 0x3a, 0x3c, 0x0a, 0x08, 0x64,
+	0x69, 0x73, 0x61, 0x62, 0x6c, 0x65, 0x64, 0x12, 0x1f, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65,
+	0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x4d, 0x65, 0x73, 0x73, 0x61, 0x67,
+	0x65, 0x4f, 0x70, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x18, 0xaf, 0x08, 0x20, 0x01, 0x28, 0x08, 0x52,
+	0x08, 0x64, 0x69, 0x73, 0x61, 0x62, 0x6c, 0x65, 0x64, 0x3a, 0x3a, 0x0a, 0x07, 0x69, 0x67, 0x6e,
+	0x6f, 0x72, 0x65, 0x64, 0x12, 0x1f, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72,
+	0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x4d, 0x65, 0x73, 0x73, 0x61, 0x67, 0x65, 0x4f, 0x70,
+	0x74, 0x69, 0x6f, 0x6e, 0x73, 0x18, 0xb0, 0x08, 0x20, 0x01, 0x28, 0x08, 0x52, 0x07, 0x69, 0x67,
+	0x6e, 0x6f, 0x72, 0x65, 0x64, 0x3a, 0x3a, 0x0a, 0x08, 0x72, 0x65, 0x71, 0x75, 0x69, 0x72, 0x65,
+	0x64, 0x12, 0x1d, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f,
+	0x62, 0x75, 0x66, 0x2e, 0x4f, 0x6e, 0x65, 0x6f, 0x66, 0x4f, 0x70, 0x74, 0x69, 0x6f, 0x6e, 0x73,
+	0x18, 0xaf, 0x08, 0x20, 0x01, 0x28, 0x08, 0x52, 0x08, 0x72, 0x65, 0x71, 0x75, 0x69, 0x72, 0x65,
+	0x64, 0x3a, 0x4a, 0x0a, 0x05, 0x72, 0x75, 0x6c, 0x65, 0x73, 0x12, 0x1d, 0x2e, 0x67, 0x6f, 0x6f,
+	0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x46, 0x69, 0x65,
+	0x6c, 0x64, 0x4f, 0x70, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x18, 0xaf, 0x08, 0x20, 0x01, 0x28, 0x0b,
+	0x32, 0x14, 0x2e, 0x76, 0x61, 0x6c, 0x69, 0x64, 0x61, 0x74, 0x65, 0x2e, 0x46, 0x69, 0x65, 0x6c,
+	0x64, 0x52, 0x75, 0x6c, 0x65, 0x73, 0x52, 0x05, 0x72, 0x75, 0x6c, 0x65, 0x73, 0x42, 0x50, 0x0a,
+	0x1a, 0x69, 0x6f, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x70, 0x72, 0x6f, 0x78, 0x79, 0x2e, 0x70,
+	0x67, 0x76, 0x2e, 0x76, 0x61, 0x6c, 0x69, 0x64, 0x61, 0x74, 0x65, 0x5a, 0x32, 0x67, 0x69, 0x74,
+	0x68, 0x75, 0x62, 0x2e, 0x63, 0x6f, 0x6d, 0x2f, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x70, 0x72, 0x6f,
+	0x78, 0x79, 0x2f, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x63, 0x2d, 0x67, 0x65, 0x6e, 0x2d, 0x76, 0x61,
+	0x6c, 0x69, 0x64, 0x61, 0x74, 0x65, 0x2f, 0x76, 0x61, 0x6c, 0x69, 0x64, 0x61, 0x74, 0x65,
+}
+
+var (
+	file_validate_validate_proto_rawDescOnce sync.Once
+	file_validate_validate_proto_rawDescData = file_validate_validate_proto_rawDesc
+)
+
+func file_validate_validate_proto_rawDescGZIP() []byte {
+	file_validate_validate_proto_rawDescOnce.Do(func() {
+		file_validate_validate_proto_rawDescData = protoimpl.X.CompressGZIP(file_validate_validate_proto_rawDescData)
+	})
+	return file_validate_validate_proto_rawDescData
+}
+
+var file_validate_validate_proto_enumTypes = make([]protoimpl.EnumInfo, 1)
+var file_validate_validate_proto_msgTypes = make([]protoimpl.MessageInfo, 23)
+var file_validate_validate_proto_goTypes = []interface{}{
+	(KnownRegex)(0),                     // 0: validate.KnownRegex
+	(*FieldRules)(nil),                  // 1: validate.FieldRules
+	(*FloatRules)(nil),                  // 2: validate.FloatRules
+	(*DoubleRules)(nil),                 // 3: validate.DoubleRules
+	(*Int32Rules)(nil),                  // 4: validate.Int32Rules
+	(*Int64Rules)(nil),                  // 5: validate.Int64Rules
+	(*UInt32Rules)(nil),                 // 6: validate.UInt32Rules
+	(*UInt64Rules)(nil),                 // 7: validate.UInt64Rules
+	(*SInt32Rules)(nil),                 // 8: validate.SInt32Rules
+	(*SInt64Rules)(nil),                 // 9: validate.SInt64Rules
+	(*Fixed32Rules)(nil),                // 10: validate.Fixed32Rules
+	(*Fixed64Rules)(nil),                // 11: validate.Fixed64Rules
+	(*SFixed32Rules)(nil),               // 12: validate.SFixed32Rules
+	(*SFixed64Rules)(nil),               // 13: validate.SFixed64Rules
+	(*BoolRules)(nil),                   // 14: validate.BoolRules
+	(*StringRules)(nil),                 // 15: validate.StringRules
+	(*BytesRules)(nil),                  // 16: validate.BytesRules
+	(*EnumRules)(nil),                   // 17: validate.EnumRules
+	(*MessageRules)(nil),                // 18: validate.MessageRules
+	(*RepeatedRules)(nil),               // 19: validate.RepeatedRules
+	(*MapRules)(nil),                    // 20: validate.MapRules
+	(*AnyRules)(nil),                    // 21: validate.AnyRules
+	(*DurationRules)(nil),               // 22: validate.DurationRules
+	(*TimestampRules)(nil),              // 23: validate.TimestampRules
+	(*durationpb.Duration)(nil),         // 24: google.protobuf.Duration
+	(*timestamppb.Timestamp)(nil),       // 25: google.protobuf.Timestamp
+	(*descriptorpb.MessageOptions)(nil), // 26: google.protobuf.MessageOptions
+	(*descriptorpb.OneofOptions)(nil),   // 27: google.protobuf.OneofOptions
+	(*descriptorpb.FieldOptions)(nil),   // 28: google.protobuf.FieldOptions
+}
+var file_validate_validate_proto_depIdxs = []int32{
+	18, // 0: validate.FieldRules.message:type_name -> validate.MessageRules
+	2,  // 1: validate.FieldRules.float:type_name -> validate.FloatRules
+	3,  // 2: validate.FieldRules.double:type_name -> validate.DoubleRules
+	4,  // 3: validate.FieldRules.int32:type_name -> validate.Int32Rules
+	5,  // 4: validate.FieldRules.int64:type_name -> validate.Int64Rules
+	6,  // 5: validate.FieldRules.uint32:type_name -> validate.UInt32Rules
+	7,  // 6: validate.FieldRules.uint64:type_name -> validate.UInt64Rules
+	8,  // 7: validate.FieldRules.sint32:type_name -> validate.SInt32Rules
+	9,  // 8: validate.FieldRules.sint64:type_name -> validate.SInt64Rules
+	10, // 9: validate.FieldRules.fixed32:type_name -> validate.Fixed32Rules
+	11, // 10: validate.FieldRules.fixed64:type_name -> validate.Fixed64Rules
+	12, // 11: validate.FieldRules.sfixed32:type_name -> validate.SFixed32Rules
+	13, // 12: validate.FieldRules.sfixed64:type_name -> validate.SFixed64Rules
+	14, // 13: validate.FieldRules.bool:type_name -> validate.BoolRules
+	15, // 14: validate.FieldRules.string:type_name -> validate.StringRules
+	16, // 15: validate.FieldRules.bytes:type_name -> validate.BytesRules
+	17, // 16: validate.FieldRules.enum:type_name -> validate.EnumRules
+	19, // 17: validate.FieldRules.repeated:type_name -> validate.RepeatedRules
+	20, // 18: validate.FieldRules.map:type_name -> validate.MapRules
+	21, // 19: validate.FieldRules.any:type_name -> validate.AnyRules
+	22, // 20: validate.FieldRules.duration:type_name -> validate.DurationRules
+	23, // 21: validate.FieldRules.timestamp:type_name -> validate.TimestampRules
+	0,  // 22: validate.StringRules.well_known_regex:type_name -> validate.KnownRegex
+	1,  // 23: validate.RepeatedRules.items:type_name -> validate.FieldRules
+	1,  // 24: validate.MapRules.keys:type_name -> validate.FieldRules
+	1,  // 25: validate.MapRules.values:type_name -> validate.FieldRules
+	24, // 26: validate.DurationRules.const:type_name -> google.protobuf.Duration
+	24, // 27: validate.DurationRules.lt:type_name -> google.protobuf.Duration
+	24, // 28: validate.DurationRules.lte:type_name -> google.protobuf.Duration
+	24, // 29: validate.DurationRules.gt:type_name -> google.protobuf.Duration
+	24, // 30: validate.DurationRules.gte:type_name -> google.protobuf.Duration
+	24, // 31: validate.DurationRules.in:type_name -> google.protobuf.Duration
+	24, // 32: validate.DurationRules.not_in:type_name -> google.protobuf.Duration
+	25, // 33: validate.TimestampRules.const:type_name -> google.protobuf.Timestamp
+	25, // 34: validate.TimestampRules.lt:type_name -> google.protobuf.Timestamp
+	25, // 35: validate.TimestampRules.lte:type_name -> google.protobuf.Timestamp
+	25, // 36: validate.TimestampRules.gt:type_name -> google.protobuf.Timestamp
+	25, // 37: validate.TimestampRules.gte:type_name -> google.protobuf.Timestamp
+	24, // 38: validate.TimestampRules.within:type_name -> google.protobuf.Duration
+	26, // 39: validate.disabled:extendee -> google.protobuf.MessageOptions
+	26, // 40: validate.ignored:extendee -> google.protobuf.MessageOptions
+	27, // 41: validate.required:extendee -> google.protobuf.OneofOptions
+	28, // 42: validate.rules:extendee -> google.protobuf.FieldOptions
+	1,  // 43: validate.rules:type_name -> validate.FieldRules
+	44, // [44:44] is the sub-list for method output_type
+	44, // [44:44] is the sub-list for method input_type
+	43, // [43:44] is the sub-list for extension type_name
+	39, // [39:43] is the sub-list for extension extendee
+	0,  // [0:39] is the sub-list for field type_name
+}
+
+func init() { file_validate_validate_proto_init() }
+func file_validate_validate_proto_init() {
+	if File_validate_validate_proto != nil {
+		return
+	}
+	if !protoimpl.UnsafeEnabled {
+		file_validate_validate_proto_msgTypes[0].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*FieldRules); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_validate_validate_proto_msgTypes[1].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*FloatRules); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_validate_validate_proto_msgTypes[2].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*DoubleRules); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_validate_validate_proto_msgTypes[3].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*Int32Rules); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_validate_validate_proto_msgTypes[4].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*Int64Rules); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_validate_validate_proto_msgTypes[5].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*UInt32Rules); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_validate_validate_proto_msgTypes[6].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*UInt64Rules); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_validate_validate_proto_msgTypes[7].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*SInt32Rules); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_validate_validate_proto_msgTypes[8].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*SInt64Rules); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_validate_validate_proto_msgTypes[9].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*Fixed32Rules); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_validate_validate_proto_msgTypes[10].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*Fixed64Rules); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_validate_validate_proto_msgTypes[11].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*SFixed32Rules); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_validate_validate_proto_msgTypes[12].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*SFixed64Rules); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_validate_validate_proto_msgTypes[13].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*BoolRules); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_validate_validate_proto_msgTypes[14].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*StringRules); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_validate_validate_proto_msgTypes[15].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*BytesRules); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_validate_validate_proto_msgTypes[16].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*EnumRules); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_validate_validate_proto_msgTypes[17].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*MessageRules); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_validate_validate_proto_msgTypes[18].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*RepeatedRules); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_validate_validate_proto_msgTypes[19].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*MapRules); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_validate_validate_proto_msgTypes[20].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*AnyRules); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_validate_validate_proto_msgTypes[21].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*DurationRules); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_validate_validate_proto_msgTypes[22].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*TimestampRules); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+	}
+	file_validate_validate_proto_msgTypes[0].OneofWrappers = []interface{}{
+		(*FieldRules_Float)(nil),
+		(*FieldRules_Double)(nil),
+		(*FieldRules_Int32)(nil),
+		(*FieldRules_Int64)(nil),
+		(*FieldRules_Uint32)(nil),
+		(*FieldRules_Uint64)(nil),
+		(*FieldRules_Sint32)(nil),
+		(*FieldRules_Sint64)(nil),
+		(*FieldRules_Fixed32)(nil),
+		(*FieldRules_Fixed64)(nil),
+		(*FieldRules_Sfixed32)(nil),
+		(*FieldRules_Sfixed64)(nil),
+		(*FieldRules_Bool)(nil),
+		(*FieldRules_String_)(nil),
+		(*FieldRules_Bytes)(nil),
+		(*FieldRules_Enum)(nil),
+		(*FieldRules_Repeated)(nil),
+		(*FieldRules_Map)(nil),
+		(*FieldRules_Any)(nil),
+		(*FieldRules_Duration)(nil),
+		(*FieldRules_Timestamp)(nil),
+	}
+	file_validate_validate_proto_msgTypes[14].OneofWrappers = []interface{}{
+		(*StringRules_Email)(nil),
+		(*StringRules_Hostname)(nil),
+		(*StringRules_Ip)(nil),
+		(*StringRules_Ipv4)(nil),
+		(*StringRules_Ipv6)(nil),
+		(*StringRules_Uri)(nil),
+		(*StringRules_UriRef)(nil),
+		(*StringRules_Address)(nil),
+		(*StringRules_Uuid)(nil),
+		(*StringRules_WellKnownRegex)(nil),
+	}
+	file_validate_validate_proto_msgTypes[15].OneofWrappers = []interface{}{
+		(*BytesRules_Ip)(nil),
+		(*BytesRules_Ipv4)(nil),
+		(*BytesRules_Ipv6)(nil),
+	}
+	type x struct{}
+	out := protoimpl.TypeBuilder{
+		File: protoimpl.DescBuilder{
+			GoPackagePath: reflect.TypeOf(x{}).PkgPath(),
+			RawDescriptor: file_validate_validate_proto_rawDesc,
+			NumEnums:      1,
+			NumMessages:   23,
+			NumExtensions: 4,
+			NumServices:   0,
+		},
+		GoTypes:           file_validate_validate_proto_goTypes,
+		DependencyIndexes: file_validate_validate_proto_depIdxs,
+		EnumInfos:         file_validate_validate_proto_enumTypes,
+		MessageInfos:      file_validate_validate_proto_msgTypes,
+		ExtensionInfos:    file_validate_validate_proto_extTypes,
+	}.Build()
+	File_validate_validate_proto = out.File
+	file_validate_validate_proto_rawDesc = nil
+	file_validate_validate_proto_goTypes = nil
+	file_validate_validate_proto_depIdxs = nil
+}
diff --git a/vendor/github.com/envoyproxy/protoc-gen-validate/validate/validate.proto b/vendor/github.com/envoyproxy/protoc-gen-validate/validate/validate.proto
new file mode 100644
index 00000000000..4195ecf9c74
--- /dev/null
+++ b/vendor/github.com/envoyproxy/protoc-gen-validate/validate/validate.proto
@@ -0,0 +1,863 @@
+syntax = "proto2";
+package validate;
+
+option go_package = "github.com/envoyproxy/protoc-gen-validate/validate";
+option java_package = "io.envoyproxy.pgv.validate";
+
+import "google/protobuf/descriptor.proto";
+import "google/protobuf/duration.proto";
+import "google/protobuf/timestamp.proto";
+
+// Validation rules applied at the message level
+extend google.protobuf.MessageOptions {
+    // Disabled nullifies any validation rules for this message, including any
+    // message fields associated with it that do support validation.
+    optional bool disabled = 1071;
+    // Ignore skips generation of validation methods for this message.
+    optional bool ignored = 1072;
+}
+
+// Validation rules applied at the oneof level
+extend google.protobuf.OneofOptions {
+    // Required ensures that exactly one the field options in a oneof is set;
+    // validation fails if no fields in the oneof are set.
+    optional bool required = 1071;
+}
+
+// Validation rules applied at the field level
+extend google.protobuf.FieldOptions {
+    // Rules specify the validations to be performed on this field. By default,
+    // no validation is performed against a field.
+    optional FieldRules rules = 1071;
+}
+
+// FieldRules encapsulates the rules for each type of field. Depending on the
+// field, the correct set should be used to ensure proper validations.
+message FieldRules {
+    optional MessageRules message = 17;
+    oneof type {
+        // Scalar Field Types
+        FloatRules    float    = 1;
+        DoubleRules   double   = 2;
+        Int32Rules    int32    = 3;
+        Int64Rules    int64    = 4;
+        UInt32Rules   uint32   = 5;
+        UInt64Rules   uint64   = 6;
+        SInt32Rules   sint32   = 7;
+        SInt64Rules   sint64   = 8;
+        Fixed32Rules  fixed32  = 9;
+        Fixed64Rules  fixed64  = 10;
+        SFixed32Rules sfixed32 = 11;
+        SFixed64Rules sfixed64 = 12;
+        BoolRules     bool     = 13;
+        StringRules   string   = 14;
+        BytesRules    bytes    = 15;
+
+        // Complex Field Types
+        EnumRules     enum     = 16;
+        RepeatedRules repeated = 18;
+        MapRules      map      = 19;
+
+        // Well-Known Field Types
+        AnyRules       any       = 20;
+        DurationRules  duration  = 21;
+        TimestampRules timestamp = 22;
+    }
+}
+
+// FloatRules describes the constraints applied to `float` values
+message FloatRules {
+    // Const specifies that this field must be exactly the specified value
+    optional float const = 1;
+
+    // Lt specifies that this field must be less than the specified value,
+    // exclusive
+    optional float lt = 2;
+
+    // Lte specifies that this field must be less than or equal to the
+    // specified value, inclusive
+    optional float lte = 3;
+
+    // Gt specifies that this field must be greater than the specified value,
+    // exclusive. If the value of Gt is larger than a specified Lt or Lte, the
+    // range is reversed.
+    optional float gt = 4;
+
+    // Gte specifies that this field must be greater than or equal to the
+    // specified value, inclusive. If the value of Gte is larger than a
+    // specified Lt or Lte, the range is reversed.
+    optional float gte = 5;
+
+    // In specifies that this field must be equal to one of the specified
+    // values
+    repeated float in = 6;
+
+    // NotIn specifies that this field cannot be equal to one of the specified
+    // values
+    repeated float not_in = 7;
+
+    // IgnoreEmpty specifies that the validation rules of this field should be
+    // evaluated only if the field is not empty
+    optional bool ignore_empty = 8;
+}
+
+// DoubleRules describes the constraints applied to `double` values
+message DoubleRules {
+    // Const specifies that this field must be exactly the specified value
+    optional double const = 1;
+
+    // Lt specifies that this field must be less than the specified value,
+    // exclusive
+    optional double lt = 2;
+
+    // Lte specifies that this field must be less than or equal to the
+    // specified value, inclusive
+    optional double lte = 3;
+
+    // Gt specifies that this field must be greater than the specified value,
+    // exclusive. If the value of Gt is larger than a specified Lt or Lte, the
+    // range is reversed.
+    optional double gt = 4;
+
+    // Gte specifies that this field must be greater than or equal to the
+    // specified value, inclusive. If the value of Gte is larger than a
+    // specified Lt or Lte, the range is reversed.
+    optional double gte = 5;
+
+    // In specifies that this field must be equal to one of the specified
+    // values
+    repeated double in = 6;
+
+    // NotIn specifies that this field cannot be equal to one of the specified
+    // values
+    repeated double not_in = 7;
+
+    // IgnoreEmpty specifies that the validation rules of this field should be
+    // evaluated only if the field is not empty
+    optional bool ignore_empty = 8;
+}
+
+// Int32Rules describes the constraints applied to `int32` values
+message Int32Rules {
+    // Const specifies that this field must be exactly the specified value
+    optional int32 const = 1;
+
+    // Lt specifies that this field must be less than the specified value,
+    // exclusive
+    optional int32 lt = 2;
+
+    // Lte specifies that this field must be less than or equal to the
+    // specified value, inclusive
+    optional int32 lte = 3;
+
+    // Gt specifies that this field must be greater than the specified value,
+    // exclusive. If the value of Gt is larger than a specified Lt or Lte, the
+    // range is reversed.
+    optional int32 gt = 4;
+
+    // Gte specifies that this field must be greater than or equal to the
+    // specified value, inclusive. If the value of Gte is larger than a
+    // specified Lt or Lte, the range is reversed.
+    optional int32 gte = 5;
+
+    // In specifies that this field must be equal to one of the specified
+    // values
+    repeated int32 in = 6;
+
+    // NotIn specifies that this field cannot be equal to one of the specified
+    // values
+    repeated int32 not_in = 7;
+
+    // IgnoreEmpty specifies that the validation rules of this field should be
+    // evaluated only if the field is not empty
+    optional bool ignore_empty = 8;
+}
+
+// Int64Rules describes the constraints applied to `int64` values
+message Int64Rules {
+    // Const specifies that this field must be exactly the specified value
+    optional int64 const = 1;
+
+    // Lt specifies that this field must be less than the specified value,
+    // exclusive
+    optional int64 lt = 2;
+
+    // Lte specifies that this field must be less than or equal to the
+    // specified value, inclusive
+    optional int64 lte = 3;
+
+    // Gt specifies that this field must be greater than the specified value,
+    // exclusive. If the value of Gt is larger than a specified Lt or Lte, the
+    // range is reversed.
+    optional int64 gt = 4;
+
+    // Gte specifies that this field must be greater than or equal to the
+    // specified value, inclusive. If the value of Gte is larger than a
+    // specified Lt or Lte, the range is reversed.
+    optional int64 gte = 5;
+
+    // In specifies that this field must be equal to one of the specified
+    // values
+    repeated int64 in = 6;
+
+    // NotIn specifies that this field cannot be equal to one of the specified
+    // values
+    repeated int64 not_in = 7;
+
+    // IgnoreEmpty specifies that the validation rules of this field should be
+    // evaluated only if the field is not empty
+    optional bool ignore_empty = 8;
+}
+
+// UInt32Rules describes the constraints applied to `uint32` values
+message UInt32Rules {
+    // Const specifies that this field must be exactly the specified value
+    optional uint32 const = 1;
+
+    // Lt specifies that this field must be less than the specified value,
+    // exclusive
+    optional uint32 lt = 2;
+
+    // Lte specifies that this field must be less than or equal to the
+    // specified value, inclusive
+    optional uint32 lte = 3;
+
+    // Gt specifies that this field must be greater than the specified value,
+    // exclusive. If the value of Gt is larger than a specified Lt or Lte, the
+    // range is reversed.
+    optional uint32 gt = 4;
+
+    // Gte specifies that this field must be greater than or equal to the
+    // specified value, inclusive. If the value of Gte is larger than a
+    // specified Lt or Lte, the range is reversed.
+    optional uint32 gte = 5;
+
+    // In specifies that this field must be equal to one of the specified
+    // values
+    repeated uint32 in = 6;
+
+    // NotIn specifies that this field cannot be equal to one of the specified
+    // values
+    repeated uint32 not_in = 7;
+
+    // IgnoreEmpty specifies that the validation rules of this field should be
+    // evaluated only if the field is not empty
+    optional bool ignore_empty = 8;
+}
+
+// UInt64Rules describes the constraints applied to `uint64` values
+message UInt64Rules {
+    // Const specifies that this field must be exactly the specified value
+    optional uint64 const = 1;
+
+    // Lt specifies that this field must be less than the specified value,
+    // exclusive
+    optional uint64 lt = 2;
+
+    // Lte specifies that this field must be less than or equal to the
+    // specified value, inclusive
+    optional uint64 lte = 3;
+
+    // Gt specifies that this field must be greater than the specified value,
+    // exclusive. If the value of Gt is larger than a specified Lt or Lte, the
+    // range is reversed.
+    optional uint64 gt = 4;
+
+    // Gte specifies that this field must be greater than or equal to the
+    // specified value, inclusive. If the value of Gte is larger than a
+    // specified Lt or Lte, the range is reversed.
+    optional uint64 gte = 5;
+
+    // In specifies that this field must be equal to one of the specified
+    // values
+    repeated uint64 in = 6;
+
+    // NotIn specifies that this field cannot be equal to one of the specified
+    // values
+    repeated uint64 not_in = 7;
+
+    // IgnoreEmpty specifies that the validation rules of this field should be
+    // evaluated only if the field is not empty
+    optional bool ignore_empty = 8;
+}
+
+// SInt32Rules describes the constraints applied to `sint32` values
+message SInt32Rules {
+    // Const specifies that this field must be exactly the specified value
+    optional sint32 const = 1;
+
+    // Lt specifies that this field must be less than the specified value,
+    // exclusive
+    optional sint32 lt = 2;
+
+    // Lte specifies that this field must be less than or equal to the
+    // specified value, inclusive
+    optional sint32 lte = 3;
+
+    // Gt specifies that this field must be greater than the specified value,
+    // exclusive. If the value of Gt is larger than a specified Lt or Lte, the
+    // range is reversed.
+    optional sint32 gt = 4;
+
+    // Gte specifies that this field must be greater than or equal to the
+    // specified value, inclusive. If the value of Gte is larger than a
+    // specified Lt or Lte, the range is reversed.
+    optional sint32 gte = 5;
+
+    // In specifies that this field must be equal to one of the specified
+    // values
+    repeated sint32 in = 6;
+
+    // NotIn specifies that this field cannot be equal to one of the specified
+    // values
+    repeated sint32 not_in = 7;
+
+    // IgnoreEmpty specifies that the validation rules of this field should be
+    // evaluated only if the field is not empty
+    optional bool ignore_empty = 8;
+}
+
+// SInt64Rules describes the constraints applied to `sint64` values
+message SInt64Rules {
+    // Const specifies that this field must be exactly the specified value
+    optional sint64 const = 1;
+
+    // Lt specifies that this field must be less than the specified value,
+    // exclusive
+    optional sint64 lt = 2;
+
+    // Lte specifies that this field must be less than or equal to the
+    // specified value, inclusive
+    optional sint64 lte = 3;
+
+    // Gt specifies that this field must be greater than the specified value,
+    // exclusive. If the value of Gt is larger than a specified Lt or Lte, the
+    // range is reversed.
+    optional sint64 gt = 4;
+
+    // Gte specifies that this field must be greater than or equal to the
+    // specified value, inclusive. If the value of Gte is larger than a
+    // specified Lt or Lte, the range is reversed.
+    optional sint64 gte = 5;
+
+    // In specifies that this field must be equal to one of the specified
+    // values
+    repeated sint64 in = 6;
+
+    // NotIn specifies that this field cannot be equal to one of the specified
+    // values
+    repeated sint64 not_in = 7;
+
+    // IgnoreEmpty specifies that the validation rules of this field should be
+    // evaluated only if the field is not empty
+    optional bool ignore_empty = 8;
+}
+
+// Fixed32Rules describes the constraints applied to `fixed32` values
+message Fixed32Rules {
+    // Const specifies that this field must be exactly the specified value
+    optional fixed32 const = 1;
+
+    // Lt specifies that this field must be less than the specified value,
+    // exclusive
+    optional fixed32 lt = 2;
+
+    // Lte specifies that this field must be less than or equal to the
+    // specified value, inclusive
+    optional fixed32 lte = 3;
+
+    // Gt specifies that this field must be greater than the specified value,
+    // exclusive. If the value of Gt is larger than a specified Lt or Lte, the
+    // range is reversed.
+    optional fixed32 gt = 4;
+
+    // Gte specifies that this field must be greater than or equal to the
+    // specified value, inclusive. If the value of Gte is larger than a
+    // specified Lt or Lte, the range is reversed.
+    optional fixed32 gte = 5;
+
+    // In specifies that this field must be equal to one of the specified
+    // values
+    repeated fixed32 in = 6;
+
+    // NotIn specifies that this field cannot be equal to one of the specified
+    // values
+    repeated fixed32 not_in = 7;
+
+    // IgnoreEmpty specifies that the validation rules of this field should be
+    // evaluated only if the field is not empty
+    optional bool ignore_empty = 8;
+}
+
+// Fixed64Rules describes the constraints applied to `fixed64` values
+message Fixed64Rules {
+    // Const specifies that this field must be exactly the specified value
+    optional fixed64 const = 1;
+
+    // Lt specifies that this field must be less than the specified value,
+    // exclusive
+    optional fixed64 lt = 2;
+
+    // Lte specifies that this field must be less than or equal to the
+    // specified value, inclusive
+    optional fixed64 lte = 3;
+
+    // Gt specifies that this field must be greater than the specified value,
+    // exclusive. If the value of Gt is larger than a specified Lt or Lte, the
+    // range is reversed.
+    optional fixed64 gt = 4;
+
+    // Gte specifies that this field must be greater than or equal to the
+    // specified value, inclusive. If the value of Gte is larger than a
+    // specified Lt or Lte, the range is reversed.
+    optional fixed64 gte = 5;
+
+    // In specifies that this field must be equal to one of the specified
+    // values
+    repeated fixed64 in = 6;
+
+    // NotIn specifies that this field cannot be equal to one of the specified
+    // values
+    repeated fixed64 not_in = 7;
+
+    // IgnoreEmpty specifies that the validation rules of this field should be
+    // evaluated only if the field is not empty
+    optional bool ignore_empty = 8;
+}
+
+// SFixed32Rules describes the constraints applied to `sfixed32` values
+message SFixed32Rules {
+    // Const specifies that this field must be exactly the specified value
+    optional sfixed32 const = 1;
+
+    // Lt specifies that this field must be less than the specified value,
+    // exclusive
+    optional sfixed32 lt = 2;
+
+    // Lte specifies that this field must be less than or equal to the
+    // specified value, inclusive
+    optional sfixed32 lte = 3;
+
+    // Gt specifies that this field must be greater than the specified value,
+    // exclusive. If the value of Gt is larger than a specified Lt or Lte, the
+    // range is reversed.
+    optional sfixed32 gt = 4;
+
+    // Gte specifies that this field must be greater than or equal to the
+    // specified value, inclusive. If the value of Gte is larger than a
+    // specified Lt or Lte, the range is reversed.
+    optional sfixed32 gte = 5;
+
+    // In specifies that this field must be equal to one of the specified
+    // values
+    repeated sfixed32 in = 6;
+
+    // NotIn specifies that this field cannot be equal to one of the specified
+    // values
+    repeated sfixed32 not_in = 7;
+
+    // IgnoreEmpty specifies that the validation rules of this field should be
+    // evaluated only if the field is not empty
+    optional bool ignore_empty = 8;
+}
+
+// SFixed64Rules describes the constraints applied to `sfixed64` values
+message SFixed64Rules {
+    // Const specifies that this field must be exactly the specified value
+    optional sfixed64 const = 1;
+
+    // Lt specifies that this field must be less than the specified value,
+    // exclusive
+    optional sfixed64 lt = 2;
+
+    // Lte specifies that this field must be less than or equal to the
+    // specified value, inclusive
+    optional sfixed64 lte = 3;
+
+    // Gt specifies that this field must be greater than the specified value,
+    // exclusive. If the value of Gt is larger than a specified Lt or Lte, the
+    // range is reversed.
+    optional sfixed64 gt = 4;
+
+    // Gte specifies that this field must be greater than or equal to the
+    // specified value, inclusive. If the value of Gte is larger than a
+    // specified Lt or Lte, the range is reversed.
+    optional sfixed64 gte = 5;
+
+    // In specifies that this field must be equal to one of the specified
+    // values
+    repeated sfixed64 in = 6;
+
+    // NotIn specifies that this field cannot be equal to one of the specified
+    // values
+    repeated sfixed64 not_in = 7;
+
+    // IgnoreEmpty specifies that the validation rules of this field should be
+    // evaluated only if the field is not empty
+    optional bool ignore_empty = 8;
+}
+
+// BoolRules describes the constraints applied to `bool` values
+message BoolRules {
+    // Const specifies that this field must be exactly the specified value
+    optional bool const = 1;
+}
+
+// StringRules describe the constraints applied to `string` values
+message StringRules {
+    // Const specifies that this field must be exactly the specified value
+    optional string const = 1;
+
+    // Len specifies that this field must be the specified number of
+    // characters (Unicode code points). Note that the number of
+    // characters may differ from the number of bytes in the string.
+    optional uint64 len = 19;
+
+    // MinLen specifies that this field must be the specified number of
+    // characters (Unicode code points) at a minimum. Note that the number of
+    // characters may differ from the number of bytes in the string.
+    optional uint64 min_len = 2;
+
+    // MaxLen specifies that this field must be the specified number of
+    // characters (Unicode code points) at a maximum. Note that the number of
+    // characters may differ from the number of bytes in the string.
+    optional uint64 max_len = 3;
+
+    // LenBytes specifies that this field must be the specified number of bytes
+    // at a minimum
+    optional uint64 len_bytes = 20;
+
+    // MinBytes specifies that this field must be the specified number of bytes
+    // at a minimum
+    optional uint64 min_bytes = 4;
+
+    // MaxBytes specifies that this field must be the specified number of bytes
+    // at a maximum
+    optional uint64 max_bytes = 5;
+
+    // Pattern specifes that this field must match against the specified
+    // regular expression (RE2 syntax). The included expression should elide
+    // any delimiters.
+    optional string pattern  = 6;
+
+    // Prefix specifies that this field must have the specified substring at
+    // the beginning of the string.
+    optional string prefix   = 7;
+
+    // Suffix specifies that this field must have the specified substring at
+    // the end of the string.
+    optional string suffix   = 8;
+
+    // Contains specifies that this field must have the specified substring
+    // anywhere in the string.
+    optional string contains = 9;
+
+    // NotContains specifies that this field cannot have the specified substring
+    // anywhere in the string.
+    optional string not_contains = 23;
+
+    // In specifies that this field must be equal to one of the specified
+    // values
+    repeated string in     = 10;
+
+    // NotIn specifies that this field cannot be equal to one of the specified
+    // values
+    repeated string not_in = 11;
+
+    // WellKnown rules provide advanced constraints against common string
+    // patterns
+    oneof well_known {
+        // Email specifies that the field must be a valid email address as
+        // defined by RFC 5322
+        bool email    = 12;
+
+        // Hostname specifies that the field must be a valid hostname as
+        // defined by RFC 1034. This constraint does not support
+        // internationalized domain names (IDNs).
+        bool hostname = 13;
+
+        // Ip specifies that the field must be a valid IP (v4 or v6) address.
+        // Valid IPv6 addresses should not include surrounding square brackets.
+        bool ip       = 14;
+
+        // Ipv4 specifies that the field must be a valid IPv4 address.
+        bool ipv4     = 15;
+
+        // Ipv6 specifies that the field must be a valid IPv6 address. Valid
+        // IPv6 addresses should not include surrounding square brackets.
+        bool ipv6     = 16;
+
+        // Uri specifies that the field must be a valid, absolute URI as defined
+        // by RFC 3986
+        bool uri      = 17;
+
+        // UriRef specifies that the field must be a valid URI as defined by RFC
+        // 3986 and may be relative or absolute.
+        bool uri_ref  = 18;
+
+        // Address specifies that the field must be either a valid hostname as
+        // defined by RFC 1034 (which does not support internationalized domain
+        // names or IDNs), or it can be a valid IP (v4 or v6).
+        bool address  = 21;
+
+        // Uuid specifies that the field must be a valid UUID as defined by
+        // RFC 4122
+        bool uuid     = 22;
+
+        // WellKnownRegex specifies a common well known pattern defined as a regex.
+        KnownRegex well_known_regex = 24;
+    }
+
+  // This applies to regexes HTTP_HEADER_NAME and HTTP_HEADER_VALUE to enable
+  // strict header validation.
+  // By default, this is true, and HTTP header validations are RFC-compliant.
+  // Setting to false will enable a looser validations that only disallows
+  // \r\n\0 characters, which can be used to bypass header matching rules.
+  optional bool strict = 25 [default = true];
+
+  // IgnoreEmpty specifies that the validation rules of this field should be
+  // evaluated only if the field is not empty
+  optional bool ignore_empty = 26;
+}
+
+// WellKnownRegex contain some well-known patterns.
+enum KnownRegex {
+  UNKNOWN = 0;
+
+  // HTTP header name as defined by RFC 7230.
+  HTTP_HEADER_NAME = 1;
+
+  // HTTP header value as defined by RFC 7230.
+  HTTP_HEADER_VALUE = 2;
+}
+
+// BytesRules describe the constraints applied to `bytes` values
+message BytesRules {
+    // Const specifies that this field must be exactly the specified value
+    optional bytes const = 1;
+
+    // Len specifies that this field must be the specified number of bytes
+    optional uint64 len = 13;
+
+    // MinLen specifies that this field must be the specified number of bytes
+    // at a minimum
+    optional uint64 min_len = 2;
+
+    // MaxLen specifies that this field must be the specified number of bytes
+    // at a maximum
+    optional uint64 max_len = 3;
+
+    // Pattern specifes that this field must match against the specified
+    // regular expression (RE2 syntax). The included expression should elide
+    // any delimiters.
+    optional string pattern  = 4;
+
+    // Prefix specifies that this field must have the specified bytes at the
+    // beginning of the string.
+    optional bytes  prefix   = 5;
+
+    // Suffix specifies that this field must have the specified bytes at the
+    // end of the string.
+    optional bytes  suffix   = 6;
+
+    // Contains specifies that this field must have the specified bytes
+    // anywhere in the string.
+    optional bytes  contains = 7;
+
+    // In specifies that this field must be equal to one of the specified
+    // values
+    repeated bytes in     = 8;
+
+    // NotIn specifies that this field cannot be equal to one of the specified
+    // values
+    repeated bytes not_in = 9;
+
+    // WellKnown rules provide advanced constraints against common byte
+    // patterns
+    oneof well_known {
+        // Ip specifies that the field must be a valid IP (v4 or v6) address in
+        // byte format
+        bool ip   = 10;
+
+        // Ipv4 specifies that the field must be a valid IPv4 address in byte
+        // format
+        bool ipv4 = 11;
+
+        // Ipv6 specifies that the field must be a valid IPv6 address in byte
+        // format
+        bool ipv6 = 12;
+    }
+
+    // IgnoreEmpty specifies that the validation rules of this field should be
+    // evaluated only if the field is not empty
+    optional bool ignore_empty = 14;
+}
+
+// EnumRules describe the constraints applied to enum values
+message EnumRules {
+    // Const specifies that this field must be exactly the specified value
+    optional int32 const        = 1;
+
+    // DefinedOnly specifies that this field must be only one of the defined
+    // values for this enum, failing on any undefined value.
+    optional bool  defined_only = 2;
+
+    // In specifies that this field must be equal to one of the specified
+    // values
+    repeated int32 in           = 3;
+
+    // NotIn specifies that this field cannot be equal to one of the specified
+    // values
+    repeated int32 not_in       = 4;
+}
+
+// MessageRules describe the constraints applied to embedded message values.
+// For message-type fields, validation is performed recursively.
+message MessageRules {
+    // Skip specifies that the validation rules of this field should not be
+    // evaluated
+    optional bool skip     = 1;
+
+    // Required specifies that this field must be set
+    optional bool required = 2;
+}
+
+// RepeatedRules describe the constraints applied to `repeated` values
+message RepeatedRules {
+    // MinItems specifies that this field must have the specified number of
+    // items at a minimum
+    optional uint64 min_items = 1;
+
+    // MaxItems specifies that this field must have the specified number of
+    // items at a maximum
+    optional uint64 max_items = 2;
+
+    // Unique specifies that all elements in this field must be unique. This
+    // contraint is only applicable to scalar and enum types (messages are not
+    // supported).
+    optional bool   unique    = 3;
+
+    // Items specifies the contraints to be applied to each item in the field.
+    // Repeated message fields will still execute validation against each item
+    // unless skip is specified here.
+    optional FieldRules items = 4;
+
+    // IgnoreEmpty specifies that the validation rules of this field should be
+    // evaluated only if the field is not empty
+    optional bool ignore_empty = 5;
+}
+
+// MapRules describe the constraints applied to `map` values
+message MapRules {
+    // MinPairs specifies that this field must have the specified number of
+    // KVs at a minimum
+    optional uint64 min_pairs = 1;
+
+    // MaxPairs specifies that this field must have the specified number of
+    // KVs at a maximum
+    optional uint64 max_pairs = 2;
+
+    // NoSparse specifies values in this field cannot be unset. This only
+    // applies to map's with message value types.
+    optional bool no_sparse = 3;
+
+    // Keys specifies the constraints to be applied to each key in the field.
+    optional FieldRules keys   = 4;
+
+    // Values specifies the constraints to be applied to the value of each key
+    // in the field. Message values will still have their validations evaluated
+    // unless skip is specified here.
+    optional FieldRules values = 5;
+
+    // IgnoreEmpty specifies that the validation rules of this field should be
+    // evaluated only if the field is not empty
+    optional bool ignore_empty = 6;
+}
+
+// AnyRules describe constraints applied exclusively to the
+// `google.protobuf.Any` well-known type
+message AnyRules {
+    // Required specifies that this field must be set
+    optional bool required = 1;
+
+    // In specifies that this field's `type_url` must be equal to one of the
+    // specified values.
+    repeated string in     = 2;
+
+    // NotIn specifies that this field's `type_url` must not be equal to any of
+    // the specified values.
+    repeated string not_in = 3;
+}
+
+// DurationRules describe the constraints applied exclusively to the
+// `google.protobuf.Duration` well-known type
+message DurationRules {
+    // Required specifies that this field must be set
+    optional bool required = 1;
+
+    // Const specifies that this field must be exactly the specified value
+    optional google.protobuf.Duration const = 2;
+
+    // Lt specifies that this field must be less than the specified value,
+    // exclusive
+    optional google.protobuf.Duration lt = 3;
+
+    // Lt specifies that this field must be less than the specified value,
+    // inclusive
+    optional google.protobuf.Duration lte = 4;
+
+    // Gt specifies that this field must be greater than the specified value,
+    // exclusive
+    optional google.protobuf.Duration gt = 5;
+
+    // Gte specifies that this field must be greater than the specified value,
+    // inclusive
+    optional google.protobuf.Duration gte = 6;
+
+    // In specifies that this field must be equal to one of the specified
+    // values
+    repeated google.protobuf.Duration in = 7;
+
+    // NotIn specifies that this field cannot be equal to one of the specified
+    // values
+    repeated google.protobuf.Duration not_in = 8;
+}
+
+// TimestampRules describe the constraints applied exclusively to the
+// `google.protobuf.Timestamp` well-known type
+message TimestampRules {
+    // Required specifies that this field must be set
+    optional bool required = 1;
+
+    // Const specifies that this field must be exactly the specified value
+    optional google.protobuf.Timestamp const = 2;
+
+    // Lt specifies that this field must be less than the specified value,
+    // exclusive
+    optional google.protobuf.Timestamp lt = 3;
+
+    // Lte specifies that this field must be less than the specified value,
+    // inclusive
+    optional google.protobuf.Timestamp lte = 4;
+
+    // Gt specifies that this field must be greater than the specified value,
+    // exclusive
+    optional google.protobuf.Timestamp gt = 5;
+
+    // Gte specifies that this field must be greater than the specified value,
+    // inclusive
+    optional google.protobuf.Timestamp gte = 6;
+
+    // LtNow specifies that this must be less than the current time. LtNow
+    // can only be used with the Within rule.
+    optional bool lt_now  = 7;
+
+    // GtNow specifies that this must be greater than the current time. GtNow
+    // can only be used with the Within rule.
+    optional bool gt_now  = 8;
+
+    // Within specifies that this field must be within this duration of the
+    // current time. This constraint can be used alone or with the LtNow and
+    // GtNow rules.
+    optional google.protobuf.Duration within = 9;
+}
diff --git a/vendor/github.com/golang/protobuf/ptypes/struct/struct.pb.go b/vendor/github.com/golang/protobuf/ptypes/struct/struct.pb.go
new file mode 100644
index 00000000000..8d82abe2133
--- /dev/null
+++ b/vendor/github.com/golang/protobuf/ptypes/struct/struct.pb.go
@@ -0,0 +1,78 @@
+// Code generated by protoc-gen-go. DO NOT EDIT.
+// source: github.com/golang/protobuf/ptypes/struct/struct.proto
+
+package structpb
+
+import (
+	protoreflect "google.golang.org/protobuf/reflect/protoreflect"
+	protoimpl "google.golang.org/protobuf/runtime/protoimpl"
+	structpb "google.golang.org/protobuf/types/known/structpb"
+	reflect "reflect"
+)
+
+// Symbols defined in public import of google/protobuf/struct.proto.
+
+type NullValue = structpb.NullValue
+
+const NullValue_NULL_VALUE = structpb.NullValue_NULL_VALUE
+
+var NullValue_name = structpb.NullValue_name
+var NullValue_value = structpb.NullValue_value
+
+type Struct = structpb.Struct
+type Value = structpb.Value
+type Value_NullValue = structpb.Value_NullValue
+type Value_NumberValue = structpb.Value_NumberValue
+type Value_StringValue = structpb.Value_StringValue
+type Value_BoolValue = structpb.Value_BoolValue
+type Value_StructValue = structpb.Value_StructValue
+type Value_ListValue = structpb.Value_ListValue
+type ListValue = structpb.ListValue
+
+var File_github_com_golang_protobuf_ptypes_struct_struct_proto protoreflect.FileDescriptor
+
+var file_github_com_golang_protobuf_ptypes_struct_struct_proto_rawDesc = []byte{
+	0x0a, 0x35, 0x67, 0x69, 0x74, 0x68, 0x75, 0x62, 0x2e, 0x63, 0x6f, 0x6d, 0x2f, 0x67, 0x6f, 0x6c,
+	0x61, 0x6e, 0x67, 0x2f, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2f, 0x70, 0x74, 0x79,
+	0x70, 0x65, 0x73, 0x2f, 0x73, 0x74, 0x72, 0x75, 0x63, 0x74, 0x2f, 0x73, 0x74, 0x72, 0x75, 0x63,
+	0x74, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x1c, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2f,
+	0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2f, 0x73, 0x74, 0x72, 0x75, 0x63, 0x74, 0x2e,
+	0x70, 0x72, 0x6f, 0x74, 0x6f, 0x42, 0x33, 0x5a, 0x31, 0x67, 0x69, 0x74, 0x68, 0x75, 0x62, 0x2e,
+	0x63, 0x6f, 0x6d, 0x2f, 0x67, 0x6f, 0x6c, 0x61, 0x6e, 0x67, 0x2f, 0x70, 0x72, 0x6f, 0x74, 0x6f,
+	0x62, 0x75, 0x66, 0x2f, 0x70, 0x74, 0x79, 0x70, 0x65, 0x73, 0x2f, 0x73, 0x74, 0x72, 0x75, 0x63,
+	0x74, 0x3b, 0x73, 0x74, 0x72, 0x75, 0x63, 0x74, 0x70, 0x62, 0x50, 0x00, 0x62, 0x06, 0x70, 0x72,
+	0x6f, 0x74, 0x6f, 0x33,
+}
+
+var file_github_com_golang_protobuf_ptypes_struct_struct_proto_goTypes = []interface{}{}
+var file_github_com_golang_protobuf_ptypes_struct_struct_proto_depIdxs = []int32{
+	0, // [0:0] is the sub-list for method output_type
+	0, // [0:0] is the sub-list for method input_type
+	0, // [0:0] is the sub-list for extension type_name
+	0, // [0:0] is the sub-list for extension extendee
+	0, // [0:0] is the sub-list for field type_name
+}
+
+func init() { file_github_com_golang_protobuf_ptypes_struct_struct_proto_init() }
+func file_github_com_golang_protobuf_ptypes_struct_struct_proto_init() {
+	if File_github_com_golang_protobuf_ptypes_struct_struct_proto != nil {
+		return
+	}
+	type x struct{}
+	out := protoimpl.TypeBuilder{
+		File: protoimpl.DescBuilder{
+			GoPackagePath: reflect.TypeOf(x{}).PkgPath(),
+			RawDescriptor: file_github_com_golang_protobuf_ptypes_struct_struct_proto_rawDesc,
+			NumEnums:      0,
+			NumMessages:   0,
+			NumExtensions: 0,
+			NumServices:   0,
+		},
+		GoTypes:           file_github_com_golang_protobuf_ptypes_struct_struct_proto_goTypes,
+		DependencyIndexes: file_github_com_golang_protobuf_ptypes_struct_struct_proto_depIdxs,
+	}.Build()
+	File_github_com_golang_protobuf_ptypes_struct_struct_proto = out.File
+	file_github_com_golang_protobuf_ptypes_struct_struct_proto_rawDesc = nil
+	file_github_com_golang_protobuf_ptypes_struct_struct_proto_goTypes = nil
+	file_github_com_golang_protobuf_ptypes_struct_struct_proto_depIdxs = nil
+}
diff --git a/vendor/github.com/google/go-cmp/cmp/cmpopts/equate.go b/vendor/github.com/google/go-cmp/cmp/cmpopts/equate.go
new file mode 100644
index 00000000000..e4ffca838a1
--- /dev/null
+++ b/vendor/github.com/google/go-cmp/cmp/cmpopts/equate.go
@@ -0,0 +1,148 @@
+// Copyright 2017, The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+// Package cmpopts provides common options for the cmp package.
+package cmpopts
+
+import (
+	"math"
+	"reflect"
+	"time"
+
+	"github.com/google/go-cmp/cmp"
+)
+
+func equateAlways(_, _ interface{}) bool { return true }
+
+// EquateEmpty returns a Comparer option that determines all maps and slices
+// with a length of zero to be equal, regardless of whether they are nil.
+//
+// EquateEmpty can be used in conjunction with SortSlices and SortMaps.
+func EquateEmpty() cmp.Option {
+	return cmp.FilterValues(isEmpty, cmp.Comparer(equateAlways))
+}
+
+func isEmpty(x, y interface{}) bool {
+	vx, vy := reflect.ValueOf(x), reflect.ValueOf(y)
+	return (x != nil && y != nil && vx.Type() == vy.Type()) &&
+		(vx.Kind() == reflect.Slice || vx.Kind() == reflect.Map) &&
+		(vx.Len() == 0 && vy.Len() == 0)
+}
+
+// EquateApprox returns a Comparer option that determines float32 or float64
+// values to be equal if they are within a relative fraction or absolute margin.
+// This option is not used when either x or y is NaN or infinite.
+//
+// The fraction determines that the difference of two values must be within the
+// smaller fraction of the two values, while the margin determines that the two
+// values must be within some absolute margin.
+// To express only a fraction or only a margin, use 0 for the other parameter.
+// The fraction and margin must be non-negative.
+//
+// The mathematical expression used is equivalent to:
+//	|x-y| ≤ max(fraction*min(|x|, |y|), margin)
+//
+// EquateApprox can be used in conjunction with EquateNaNs.
+func EquateApprox(fraction, margin float64) cmp.Option {
+	if margin < 0 || fraction < 0 || math.IsNaN(margin) || math.IsNaN(fraction) {
+		panic("margin or fraction must be a non-negative number")
+	}
+	a := approximator{fraction, margin}
+	return cmp.Options{
+		cmp.FilterValues(areRealF64s, cmp.Comparer(a.compareF64)),
+		cmp.FilterValues(areRealF32s, cmp.Comparer(a.compareF32)),
+	}
+}
+
+type approximator struct{ frac, marg float64 }
+
+func areRealF64s(x, y float64) bool {
+	return !math.IsNaN(x) && !math.IsNaN(y) && !math.IsInf(x, 0) && !math.IsInf(y, 0)
+}
+func areRealF32s(x, y float32) bool {
+	return areRealF64s(float64(x), float64(y))
+}
+func (a approximator) compareF64(x, y float64) bool {
+	relMarg := a.frac * math.Min(math.Abs(x), math.Abs(y))
+	return math.Abs(x-y) <= math.Max(a.marg, relMarg)
+}
+func (a approximator) compareF32(x, y float32) bool {
+	return a.compareF64(float64(x), float64(y))
+}
+
+// EquateNaNs returns a Comparer option that determines float32 and float64
+// NaN values to be equal.
+//
+// EquateNaNs can be used in conjunction with EquateApprox.
+func EquateNaNs() cmp.Option {
+	return cmp.Options{
+		cmp.FilterValues(areNaNsF64s, cmp.Comparer(equateAlways)),
+		cmp.FilterValues(areNaNsF32s, cmp.Comparer(equateAlways)),
+	}
+}
+
+func areNaNsF64s(x, y float64) bool {
+	return math.IsNaN(x) && math.IsNaN(y)
+}
+func areNaNsF32s(x, y float32) bool {
+	return areNaNsF64s(float64(x), float64(y))
+}
+
+// EquateApproxTime returns a Comparer option that determines two non-zero
+// time.Time values to be equal if they are within some margin of one another.
+// If both times have a monotonic clock reading, then the monotonic time
+// difference will be used. The margin must be non-negative.
+func EquateApproxTime(margin time.Duration) cmp.Option {
+	if margin < 0 {
+		panic("margin must be a non-negative number")
+	}
+	a := timeApproximator{margin}
+	return cmp.FilterValues(areNonZeroTimes, cmp.Comparer(a.compare))
+}
+
+func areNonZeroTimes(x, y time.Time) bool {
+	return !x.IsZero() && !y.IsZero()
+}
+
+type timeApproximator struct {
+	margin time.Duration
+}
+
+func (a timeApproximator) compare(x, y time.Time) bool {
+	// Avoid subtracting times to avoid overflow when the
+	// difference is larger than the largest representible duration.
+	if x.After(y) {
+		// Ensure x is always before y
+		x, y = y, x
+	}
+	// We're within the margin if x+margin >= y.
+	// Note: time.Time doesn't have AfterOrEqual method hence the negation.
+	return !x.Add(a.margin).Before(y)
+}
+
+// AnyError is an error that matches any non-nil error.
+var AnyError anyError
+
+type anyError struct{}
+
+func (anyError) Error() string     { return "any error" }
+func (anyError) Is(err error) bool { return err != nil }
+
+// EquateErrors returns a Comparer option that determines errors to be equal
+// if errors.Is reports them to match. The AnyError error can be used to
+// match any non-nil error.
+func EquateErrors() cmp.Option {
+	return cmp.FilterValues(areConcreteErrors, cmp.Comparer(compareErrors))
+}
+
+// areConcreteErrors reports whether x and y are types that implement error.
+// The input types are deliberately of the interface{} type rather than the
+// error type so that we can handle situations where the current type is an
+// interface{}, but the underlying concrete types both happen to implement
+// the error interface.
+func areConcreteErrors(x, y interface{}) bool {
+	_, ok1 := x.(error)
+	_, ok2 := y.(error)
+	return ok1 && ok2
+}
diff --git a/vendor/github.com/google/go-cmp/cmp/cmpopts/errors_go113.go b/vendor/github.com/google/go-cmp/cmp/cmpopts/errors_go113.go
new file mode 100644
index 00000000000..26fe25d6afb
--- /dev/null
+++ b/vendor/github.com/google/go-cmp/cmp/cmpopts/errors_go113.go
@@ -0,0 +1,15 @@
+// Copyright 2021, The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+// +build go1.13
+
+package cmpopts
+
+import "errors"
+
+func compareErrors(x, y interface{}) bool {
+	xe := x.(error)
+	ye := y.(error)
+	return errors.Is(xe, ye) || errors.Is(ye, xe)
+}
diff --git a/vendor/github.com/google/go-cmp/cmp/cmpopts/errors_xerrors.go b/vendor/github.com/google/go-cmp/cmp/cmpopts/errors_xerrors.go
new file mode 100644
index 00000000000..6eeb8d6e654
--- /dev/null
+++ b/vendor/github.com/google/go-cmp/cmp/cmpopts/errors_xerrors.go
@@ -0,0 +1,18 @@
+// Copyright 2021, The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+// +build !go1.13
+
+// TODO(≥go1.13): For support on <go1.13, we use the xerrors package.
+// Drop this file when we no longer support older Go versions.
+
+package cmpopts
+
+import "golang.org/x/xerrors"
+
+func compareErrors(x, y interface{}) bool {
+	xe := x.(error)
+	ye := y.(error)
+	return xerrors.Is(xe, ye) || xerrors.Is(ye, xe)
+}
diff --git a/vendor/github.com/google/go-cmp/cmp/cmpopts/ignore.go b/vendor/github.com/google/go-cmp/cmp/cmpopts/ignore.go
new file mode 100644
index 00000000000..80c60617e40
--- /dev/null
+++ b/vendor/github.com/google/go-cmp/cmp/cmpopts/ignore.go
@@ -0,0 +1,206 @@
+// Copyright 2017, The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+package cmpopts
+
+import (
+	"fmt"
+	"reflect"
+	"unicode"
+	"unicode/utf8"
+
+	"github.com/google/go-cmp/cmp"
+	"github.com/google/go-cmp/cmp/internal/function"
+)
+
+// IgnoreFields returns an Option that ignores fields of the
+// given names on a single struct type. It respects the names of exported fields
+// that are forwarded due to struct embedding.
+// The struct type is specified by passing in a value of that type.
+//
+// The name may be a dot-delimited string (e.g., "Foo.Bar") to ignore a
+// specific sub-field that is embedded or nested within the parent struct.
+func IgnoreFields(typ interface{}, names ...string) cmp.Option {
+	sf := newStructFilter(typ, names...)
+	return cmp.FilterPath(sf.filter, cmp.Ignore())
+}
+
+// IgnoreTypes returns an Option that ignores all values assignable to
+// certain types, which are specified by passing in a value of each type.
+func IgnoreTypes(typs ...interface{}) cmp.Option {
+	tf := newTypeFilter(typs...)
+	return cmp.FilterPath(tf.filter, cmp.Ignore())
+}
+
+type typeFilter []reflect.Type
+
+func newTypeFilter(typs ...interface{}) (tf typeFilter) {
+	for _, typ := range typs {
+		t := reflect.TypeOf(typ)
+		if t == nil {
+			// This occurs if someone tries to pass in sync.Locker(nil)
+			panic("cannot determine type; consider using IgnoreInterfaces")
+		}
+		tf = append(tf, t)
+	}
+	return tf
+}
+func (tf typeFilter) filter(p cmp.Path) bool {
+	if len(p) < 1 {
+		return false
+	}
+	t := p.Last().Type()
+	for _, ti := range tf {
+		if t.AssignableTo(ti) {
+			return true
+		}
+	}
+	return false
+}
+
+// IgnoreInterfaces returns an Option that ignores all values or references of
+// values assignable to certain interface types. These interfaces are specified
+// by passing in an anonymous struct with the interface types embedded in it.
+// For example, to ignore sync.Locker, pass in struct{sync.Locker}{}.
+func IgnoreInterfaces(ifaces interface{}) cmp.Option {
+	tf := newIfaceFilter(ifaces)
+	return cmp.FilterPath(tf.filter, cmp.Ignore())
+}
+
+type ifaceFilter []reflect.Type
+
+func newIfaceFilter(ifaces interface{}) (tf ifaceFilter) {
+	t := reflect.TypeOf(ifaces)
+	if ifaces == nil || t.Name() != "" || t.Kind() != reflect.Struct {
+		panic("input must be an anonymous struct")
+	}
+	for i := 0; i < t.NumField(); i++ {
+		fi := t.Field(i)
+		switch {
+		case !fi.Anonymous:
+			panic("struct cannot have named fields")
+		case fi.Type.Kind() != reflect.Interface:
+			panic("embedded field must be an interface type")
+		case fi.Type.NumMethod() == 0:
+			// This matches everything; why would you ever want this?
+			panic("cannot ignore empty interface")
+		default:
+			tf = append(tf, fi.Type)
+		}
+	}
+	return tf
+}
+func (tf ifaceFilter) filter(p cmp.Path) bool {
+	if len(p) < 1 {
+		return false
+	}
+	t := p.Last().Type()
+	for _, ti := range tf {
+		if t.AssignableTo(ti) {
+			return true
+		}
+		if t.Kind() != reflect.Ptr && reflect.PtrTo(t).AssignableTo(ti) {
+			return true
+		}
+	}
+	return false
+}
+
+// IgnoreUnexported returns an Option that only ignores the immediate unexported
+// fields of a struct, including anonymous fields of unexported types.
+// In particular, unexported fields within the struct's exported fields
+// of struct types, including anonymous fields, will not be ignored unless the
+// type of the field itself is also passed to IgnoreUnexported.
+//
+// Avoid ignoring unexported fields of a type which you do not control (i.e. a
+// type from another repository), as changes to the implementation of such types
+// may change how the comparison behaves. Prefer a custom Comparer instead.
+func IgnoreUnexported(typs ...interface{}) cmp.Option {
+	ux := newUnexportedFilter(typs...)
+	return cmp.FilterPath(ux.filter, cmp.Ignore())
+}
+
+type unexportedFilter struct{ m map[reflect.Type]bool }
+
+func newUnexportedFilter(typs ...interface{}) unexportedFilter {
+	ux := unexportedFilter{m: make(map[reflect.Type]bool)}
+	for _, typ := range typs {
+		t := reflect.TypeOf(typ)
+		if t == nil || t.Kind() != reflect.Struct {
+			panic(fmt.Sprintf("%T must be a non-pointer struct", typ))
+		}
+		ux.m[t] = true
+	}
+	return ux
+}
+func (xf unexportedFilter) filter(p cmp.Path) bool {
+	sf, ok := p.Index(-1).(cmp.StructField)
+	if !ok {
+		return false
+	}
+	return xf.m[p.Index(-2).Type()] && !isExported(sf.Name())
+}
+
+// isExported reports whether the identifier is exported.
+func isExported(id string) bool {
+	r, _ := utf8.DecodeRuneInString(id)
+	return unicode.IsUpper(r)
+}
+
+// IgnoreSliceElements returns an Option that ignores elements of []V.
+// The discard function must be of the form "func(T) bool" which is used to
+// ignore slice elements of type V, where V is assignable to T.
+// Elements are ignored if the function reports true.
+func IgnoreSliceElements(discardFunc interface{}) cmp.Option {
+	vf := reflect.ValueOf(discardFunc)
+	if !function.IsType(vf.Type(), function.ValuePredicate) || vf.IsNil() {
+		panic(fmt.Sprintf("invalid discard function: %T", discardFunc))
+	}
+	return cmp.FilterPath(func(p cmp.Path) bool {
+		si, ok := p.Index(-1).(cmp.SliceIndex)
+		if !ok {
+			return false
+		}
+		if !si.Type().AssignableTo(vf.Type().In(0)) {
+			return false
+		}
+		vx, vy := si.Values()
+		if vx.IsValid() && vf.Call([]reflect.Value{vx})[0].Bool() {
+			return true
+		}
+		if vy.IsValid() && vf.Call([]reflect.Value{vy})[0].Bool() {
+			return true
+		}
+		return false
+	}, cmp.Ignore())
+}
+
+// IgnoreMapEntries returns an Option that ignores entries of map[K]V.
+// The discard function must be of the form "func(T, R) bool" which is used to
+// ignore map entries of type K and V, where K and V are assignable to T and R.
+// Entries are ignored if the function reports true.
+func IgnoreMapEntries(discardFunc interface{}) cmp.Option {
+	vf := reflect.ValueOf(discardFunc)
+	if !function.IsType(vf.Type(), function.KeyValuePredicate) || vf.IsNil() {
+		panic(fmt.Sprintf("invalid discard function: %T", discardFunc))
+	}
+	return cmp.FilterPath(func(p cmp.Path) bool {
+		mi, ok := p.Index(-1).(cmp.MapIndex)
+		if !ok {
+			return false
+		}
+		if !mi.Key().Type().AssignableTo(vf.Type().In(0)) || !mi.Type().AssignableTo(vf.Type().In(1)) {
+			return false
+		}
+		k := mi.Key()
+		vx, vy := mi.Values()
+		if vx.IsValid() && vf.Call([]reflect.Value{k, vx})[0].Bool() {
+			return true
+		}
+		if vy.IsValid() && vf.Call([]reflect.Value{k, vy})[0].Bool() {
+			return true
+		}
+		return false
+	}, cmp.Ignore())
+}
diff --git a/vendor/github.com/google/go-cmp/cmp/cmpopts/sort.go b/vendor/github.com/google/go-cmp/cmp/cmpopts/sort.go
new file mode 100644
index 00000000000..a646d747547
--- /dev/null
+++ b/vendor/github.com/google/go-cmp/cmp/cmpopts/sort.go
@@ -0,0 +1,147 @@
+// Copyright 2017, The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+package cmpopts
+
+import (
+	"fmt"
+	"reflect"
+	"sort"
+
+	"github.com/google/go-cmp/cmp"
+	"github.com/google/go-cmp/cmp/internal/function"
+)
+
+// SortSlices returns a Transformer option that sorts all []V.
+// The less function must be of the form "func(T, T) bool" which is used to
+// sort any slice with element type V that is assignable to T.
+//
+// The less function must be:
+//	• Deterministic: less(x, y) == less(x, y)
+//	• Irreflexive: !less(x, x)
+//	• Transitive: if !less(x, y) and !less(y, z), then !less(x, z)
+//
+// The less function does not have to be "total". That is, if !less(x, y) and
+// !less(y, x) for two elements x and y, their relative order is maintained.
+//
+// SortSlices can be used in conjunction with EquateEmpty.
+func SortSlices(lessFunc interface{}) cmp.Option {
+	vf := reflect.ValueOf(lessFunc)
+	if !function.IsType(vf.Type(), function.Less) || vf.IsNil() {
+		panic(fmt.Sprintf("invalid less function: %T", lessFunc))
+	}
+	ss := sliceSorter{vf.Type().In(0), vf}
+	return cmp.FilterValues(ss.filter, cmp.Transformer("cmpopts.SortSlices", ss.sort))
+}
+
+type sliceSorter struct {
+	in  reflect.Type  // T
+	fnc reflect.Value // func(T, T) bool
+}
+
+func (ss sliceSorter) filter(x, y interface{}) bool {
+	vx, vy := reflect.ValueOf(x), reflect.ValueOf(y)
+	if !(x != nil && y != nil && vx.Type() == vy.Type()) ||
+		!(vx.Kind() == reflect.Slice && vx.Type().Elem().AssignableTo(ss.in)) ||
+		(vx.Len() <= 1 && vy.Len() <= 1) {
+		return false
+	}
+	// Check whether the slices are already sorted to avoid an infinite
+	// recursion cycle applying the same transform to itself.
+	ok1 := sort.SliceIsSorted(x, func(i, j int) bool { return ss.less(vx, i, j) })
+	ok2 := sort.SliceIsSorted(y, func(i, j int) bool { return ss.less(vy, i, j) })
+	return !ok1 || !ok2
+}
+func (ss sliceSorter) sort(x interface{}) interface{} {
+	src := reflect.ValueOf(x)
+	dst := reflect.MakeSlice(src.Type(), src.Len(), src.Len())
+	for i := 0; i < src.Len(); i++ {
+		dst.Index(i).Set(src.Index(i))
+	}
+	sort.SliceStable(dst.Interface(), func(i, j int) bool { return ss.less(dst, i, j) })
+	ss.checkSort(dst)
+	return dst.Interface()
+}
+func (ss sliceSorter) checkSort(v reflect.Value) {
+	start := -1 // Start of a sequence of equal elements.
+	for i := 1; i < v.Len(); i++ {
+		if ss.less(v, i-1, i) {
+			// Check that first and last elements in v[start:i] are equal.
+			if start >= 0 && (ss.less(v, start, i-1) || ss.less(v, i-1, start)) {
+				panic(fmt.Sprintf("incomparable values detected: want equal elements: %v", v.Slice(start, i)))
+			}
+			start = -1
+		} else if start == -1 {
+			start = i
+		}
+	}
+}
+func (ss sliceSorter) less(v reflect.Value, i, j int) bool {
+	vx, vy := v.Index(i), v.Index(j)
+	return ss.fnc.Call([]reflect.Value{vx, vy})[0].Bool()
+}
+
+// SortMaps returns a Transformer option that flattens map[K]V types to be a
+// sorted []struct{K, V}. The less function must be of the form
+// "func(T, T) bool" which is used to sort any map with key K that is
+// assignable to T.
+//
+// Flattening the map into a slice has the property that cmp.Equal is able to
+// use Comparers on K or the K.Equal method if it exists.
+//
+// The less function must be:
+//	• Deterministic: less(x, y) == less(x, y)
+//	• Irreflexive: !less(x, x)
+//	• Transitive: if !less(x, y) and !less(y, z), then !less(x, z)
+//	• Total: if x != y, then either less(x, y) or less(y, x)
+//
+// SortMaps can be used in conjunction with EquateEmpty.
+func SortMaps(lessFunc interface{}) cmp.Option {
+	vf := reflect.ValueOf(lessFunc)
+	if !function.IsType(vf.Type(), function.Less) || vf.IsNil() {
+		panic(fmt.Sprintf("invalid less function: %T", lessFunc))
+	}
+	ms := mapSorter{vf.Type().In(0), vf}
+	return cmp.FilterValues(ms.filter, cmp.Transformer("cmpopts.SortMaps", ms.sort))
+}
+
+type mapSorter struct {
+	in  reflect.Type  // T
+	fnc reflect.Value // func(T, T) bool
+}
+
+func (ms mapSorter) filter(x, y interface{}) bool {
+	vx, vy := reflect.ValueOf(x), reflect.ValueOf(y)
+	return (x != nil && y != nil && vx.Type() == vy.Type()) &&
+		(vx.Kind() == reflect.Map && vx.Type().Key().AssignableTo(ms.in)) &&
+		(vx.Len() != 0 || vy.Len() != 0)
+}
+func (ms mapSorter) sort(x interface{}) interface{} {
+	src := reflect.ValueOf(x)
+	outType := reflect.StructOf([]reflect.StructField{
+		{Name: "K", Type: src.Type().Key()},
+		{Name: "V", Type: src.Type().Elem()},
+	})
+	dst := reflect.MakeSlice(reflect.SliceOf(outType), src.Len(), src.Len())
+	for i, k := range src.MapKeys() {
+		v := reflect.New(outType).Elem()
+		v.Field(0).Set(k)
+		v.Field(1).Set(src.MapIndex(k))
+		dst.Index(i).Set(v)
+	}
+	sort.Slice(dst.Interface(), func(i, j int) bool { return ms.less(dst, i, j) })
+	ms.checkSort(dst)
+	return dst.Interface()
+}
+func (ms mapSorter) checkSort(v reflect.Value) {
+	for i := 1; i < v.Len(); i++ {
+		if !ms.less(v, i-1, i) {
+			panic(fmt.Sprintf("partial order detected: want %v < %v", v.Index(i-1), v.Index(i)))
+		}
+	}
+}
+func (ms mapSorter) less(v reflect.Value, i, j int) bool {
+	vx, vy := v.Index(i).Field(0), v.Index(j).Field(0)
+	return ms.fnc.Call([]reflect.Value{vx, vy})[0].Bool()
+}
diff --git a/vendor/github.com/google/go-cmp/cmp/cmpopts/struct_filter.go b/vendor/github.com/google/go-cmp/cmp/cmpopts/struct_filter.go
new file mode 100644
index 00000000000..a09829c3af9
--- /dev/null
+++ b/vendor/github.com/google/go-cmp/cmp/cmpopts/struct_filter.go
@@ -0,0 +1,187 @@
+// Copyright 2017, The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+package cmpopts
+
+import (
+	"fmt"
+	"reflect"
+	"strings"
+
+	"github.com/google/go-cmp/cmp"
+)
+
+// filterField returns a new Option where opt is only evaluated on paths that
+// include a specific exported field on a single struct type.
+// The struct type is specified by passing in a value of that type.
+//
+// The name may be a dot-delimited string (e.g., "Foo.Bar") to select a
+// specific sub-field that is embedded or nested within the parent struct.
+func filterField(typ interface{}, name string, opt cmp.Option) cmp.Option {
+	// TODO: This is currently unexported over concerns of how helper filters
+	// can be composed together easily.
+	// TODO: Add tests for FilterField.
+
+	sf := newStructFilter(typ, name)
+	return cmp.FilterPath(sf.filter, opt)
+}
+
+type structFilter struct {
+	t  reflect.Type // The root struct type to match on
+	ft fieldTree    // Tree of fields to match on
+}
+
+func newStructFilter(typ interface{}, names ...string) structFilter {
+	// TODO: Perhaps allow * as a special identifier to allow ignoring any
+	// number of path steps until the next field match?
+	// This could be useful when a concrete struct gets transformed into
+	// an anonymous struct where it is not possible to specify that by type,
+	// but the transformer happens to provide guarantees about the names of
+	// the transformed fields.
+
+	t := reflect.TypeOf(typ)
+	if t == nil || t.Kind() != reflect.Struct {
+		panic(fmt.Sprintf("%T must be a non-pointer struct", typ))
+	}
+	var ft fieldTree
+	for _, name := range names {
+		cname, err := canonicalName(t, name)
+		if err != nil {
+			panic(fmt.Sprintf("%s: %v", strings.Join(cname, "."), err))
+		}
+		ft.insert(cname)
+	}
+	return structFilter{t, ft}
+}
+
+func (sf structFilter) filter(p cmp.Path) bool {
+	for i, ps := range p {
+		if ps.Type().AssignableTo(sf.t) && sf.ft.matchPrefix(p[i+1:]) {
+			return true
+		}
+	}
+	return false
+}
+
+// fieldTree represents a set of dot-separated identifiers.
+//
+// For example, inserting the following selectors:
+//	Foo
+//	Foo.Bar.Baz
+//	Foo.Buzz
+//	Nuka.Cola.Quantum
+//
+// Results in a tree of the form:
+//	{sub: {
+//		"Foo": {ok: true, sub: {
+//			"Bar": {sub: {
+//				"Baz": {ok: true},
+//			}},
+//			"Buzz": {ok: true},
+//		}},
+//		"Nuka": {sub: {
+//			"Cola": {sub: {
+//				"Quantum": {ok: true},
+//			}},
+//		}},
+//	}}
+type fieldTree struct {
+	ok  bool                 // Whether this is a specified node
+	sub map[string]fieldTree // The sub-tree of fields under this node
+}
+
+// insert inserts a sequence of field accesses into the tree.
+func (ft *fieldTree) insert(cname []string) {
+	if ft.sub == nil {
+		ft.sub = make(map[string]fieldTree)
+	}
+	if len(cname) == 0 {
+		ft.ok = true
+		return
+	}
+	sub := ft.sub[cname[0]]
+	sub.insert(cname[1:])
+	ft.sub[cname[0]] = sub
+}
+
+// matchPrefix reports whether any selector in the fieldTree matches
+// the start of path p.
+func (ft fieldTree) matchPrefix(p cmp.Path) bool {
+	for _, ps := range p {
+		switch ps := ps.(type) {
+		case cmp.StructField:
+			ft = ft.sub[ps.Name()]
+			if ft.ok {
+				return true
+			}
+			if len(ft.sub) == 0 {
+				return false
+			}
+		case cmp.Indirect:
+		default:
+			return false
+		}
+	}
+	return false
+}
+
+// canonicalName returns a list of identifiers where any struct field access
+// through an embedded field is expanded to include the names of the embedded
+// types themselves.
+//
+// For example, suppose field "Foo" is not directly in the parent struct,
+// but actually from an embedded struct of type "Bar". Then, the canonical name
+// of "Foo" is actually "Bar.Foo".
+//
+// Suppose field "Foo" is not directly in the parent struct, but actually
+// a field in two different embedded structs of types "Bar" and "Baz".
+// Then the selector "Foo" causes a panic since it is ambiguous which one it
+// refers to. The user must specify either "Bar.Foo" or "Baz.Foo".
+func canonicalName(t reflect.Type, sel string) ([]string, error) {
+	var name string
+	sel = strings.TrimPrefix(sel, ".")
+	if sel == "" {
+		return nil, fmt.Errorf("name must not be empty")
+	}
+	if i := strings.IndexByte(sel, '.'); i < 0 {
+		name, sel = sel, ""
+	} else {
+		name, sel = sel[:i], sel[i:]
+	}
+
+	// Type must be a struct or pointer to struct.
+	if t.Kind() == reflect.Ptr {
+		t = t.Elem()
+	}
+	if t.Kind() != reflect.Struct {
+		return nil, fmt.Errorf("%v must be a struct", t)
+	}
+
+	// Find the canonical name for this current field name.
+	// If the field exists in an embedded struct, then it will be expanded.
+	sf, _ := t.FieldByName(name)
+	if !isExported(name) {
+		// Avoid using reflect.Type.FieldByName for unexported fields due to
+		// buggy behavior with regard to embeddeding and unexported fields.
+		// See https://golang.org/issue/4876 for details.
+		sf = reflect.StructField{}
+		for i := 0; i < t.NumField() && sf.Name == ""; i++ {
+			if t.Field(i).Name == name {
+				sf = t.Field(i)
+			}
+		}
+	}
+	if sf.Name == "" {
+		return []string{name}, fmt.Errorf("does not exist")
+	}
+	var ss []string
+	for i := range sf.Index {
+		ss = append(ss, t.FieldByIndex(sf.Index[:i+1]).Name)
+	}
+	if sel == "" {
+		return ss, nil
+	}
+	ssPost, err := canonicalName(sf.Type, sel)
+	return append(ss, ssPost...), err
+}
diff --git a/vendor/github.com/google/go-cmp/cmp/cmpopts/xform.go b/vendor/github.com/google/go-cmp/cmp/cmpopts/xform.go
new file mode 100644
index 00000000000..4eb49d63db3
--- /dev/null
+++ b/vendor/github.com/google/go-cmp/cmp/cmpopts/xform.go
@@ -0,0 +1,35 @@
+// Copyright 2018, The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+package cmpopts
+
+import (
+	"github.com/google/go-cmp/cmp"
+)
+
+type xformFilter struct{ xform cmp.Option }
+
+func (xf xformFilter) filter(p cmp.Path) bool {
+	for _, ps := range p {
+		if t, ok := ps.(cmp.Transform); ok && t.Option() == xf.xform {
+			return false
+		}
+	}
+	return true
+}
+
+// AcyclicTransformer returns a Transformer with a filter applied that ensures
+// that the transformer cannot be recursively applied upon its own output.
+//
+// An example use case is a transformer that splits a string by lines:
+//	AcyclicTransformer("SplitLines", func(s string) []string{
+//		return strings.Split(s, "\n")
+//	})
+//
+// Had this been an unfiltered Transformer instead, this would result in an
+// infinite cycle converting a string to []string to [][]string and so on.
+func AcyclicTransformer(name string, xformFunc interface{}) cmp.Option {
+	xf := xformFilter{cmp.Transformer(name, xformFunc)}
+	return cmp.FilterPath(xf.filter, xf.xform)
+}
diff --git a/vendor/github.com/hashicorp/consul/api/acl.go b/vendor/github.com/hashicorp/consul/api/acl.go
index 465e256e27e..5dc83a17fd7 100644
--- a/vendor/github.com/hashicorp/consul/api/acl.go
+++ b/vendor/github.com/hashicorp/consul/api/acl.go
@@ -379,6 +379,7 @@ type OIDCAuthMethodConfig struct {
 	OIDCClientID        string   `json:",omitempty"`
 	OIDCClientSecret    string   `json:",omitempty"`
 	OIDCScopes          []string `json:",omitempty"`
+	OIDCACRValues       []string `json:",omitempty"`
 	AllowedRedirectURIs []string `json:",omitempty"`
 	VerboseOIDCLogging  bool     `json:",omitempty"`
 	// just for type=jwt
@@ -406,6 +407,7 @@ func (c *OIDCAuthMethodConfig) RenderToConfig() map[string]interface{} {
 		"OIDCClientID":        c.OIDCClientID,
 		"OIDCClientSecret":    c.OIDCClientSecret,
 		"OIDCScopes":          c.OIDCScopes,
+		"OIDCACRValues":       c.OIDCACRValues,
 		"AllowedRedirectURIs": c.AllowedRedirectURIs,
 		"VerboseOIDCLogging":  c.VerboseOIDCLogging,
 		// just for type=jwt
diff --git a/vendor/github.com/minio/minio-go/v7/.golangci.yml b/vendor/github.com/minio/minio-go/v7/.golangci.yml
index 7d1dd335275..b60d07fc304 100644
--- a/vendor/github.com/minio/minio-go/v7/.golangci.yml
+++ b/vendor/github.com/minio/minio-go/v7/.golangci.yml
@@ -8,8 +8,8 @@ linters:
     - typecheck
     - goimports
     - misspell
+    - revive
     - govet
-    - golint
     - ineffassign
     - gosimple
     - deadcode
diff --git a/vendor/github.com/minio/minio-go/v7/Makefile b/vendor/github.com/minio/minio-go/v7/Makefile
index a6f0b9bcfcd..e7a3d75842a 100644
--- a/vendor/github.com/minio/minio-go/v7/Makefile
+++ b/vendor/github.com/minio/minio-go/v7/Makefile
@@ -9,7 +9,7 @@ checks: lint vet test examples functional-test
 
 lint:
 	@mkdir -p ${GOPATH}/bin
-	@which golangci-lint 1>/dev/null || (echo "Installing golangci-lint" && curl -sSfL https://raw.githubusercontent.com/golangci/golangci-lint/master/install.sh | sh -s -- -b $(GOPATH)/bin v1.27.0)
+	@echo "Installing golangci-lint" && curl -sSfL https://raw.githubusercontent.com/golangci/golangci-lint/master/install.sh | sh -s -- -b $(GOPATH)/bin v1.40.1
 	@echo "Running $@ check"
 	@GO111MODULE=on ${GOPATH}/bin/golangci-lint cache clean
 	@GO111MODULE=on ${GOPATH}/bin/golangci-lint run --timeout=5m --config ./.golangci.yml
@@ -21,7 +21,10 @@ test:
 	@GO111MODULE=on SERVER_ENDPOINT=localhost:9000 ACCESS_KEY=minio SECRET_KEY=minio123 ENABLE_HTTPS=1 MINT_MODE=full go test -race -v ./...
 
 examples:
-	@$(foreach v,$(wildcard examples/s3/*), go build -o ${TMPDIR}/$(basename $(v)) $(v) || exit 1;)
+	@echo "Building s3 examples"
+	@cd ./examples/s3 && $(foreach v,$(wildcard examples/s3/*.go),go build -mod=mod -o ${TMPDIR}/$(basename $(v)) $(notdir $(v)) || exit 1;)
+	@echo "Building minio examples"
+	@cd ./examples/minio && $(foreach v,$(wildcard examples/minio/*.go),go build -mod=mod -o ${TMPDIR}/$(basename $(v)) $(notdir $(v)) || exit 1;)
 
 functional-test:
 	@GO111MODULE=on SERVER_ENDPOINT=localhost:9000 ACCESS_KEY=minio SECRET_KEY=minio123 ENABLE_HTTPS=1 MINT_MODE=full go run functional_tests.go
diff --git a/vendor/github.com/minio/minio-go/v7/README.md b/vendor/github.com/minio/minio-go/v7/README.md
index ab5bcb53f33..3ba174f46c4 100644
--- a/vendor/github.com/minio/minio-go/v7/README.md
+++ b/vendor/github.com/minio/minio-go/v7/README.md
@@ -1,4 +1,4 @@
-# MinIO Go Client SDK for Amazon S3 Compatible Cloud Storage [![Slack](https://slack.min.io/slack?type=svg)](https://slack.min.io) [![Sourcegraph](https://sourcegraph.com/github.com/minio/minio-go/-/badge.svg)](https://sourcegraph.com/github.com/minio/minio-go?badge) [![Apache V2 License](http://img.shields.io/badge/license-Apache%20V2-blue.svg)](https://github.com/minio/minio-go/blob/master/LICENSE)
+# MinIO Go Client SDK for Amazon S3 Compatible Cloud Storage [![Slack](https://slack.min.io/slack?type=svg)](https://slack.min.io) [![Sourcegraph](https://sourcegraph.com/github.com/minio/minio-go/-/badge.svg)](https://sourcegraph.com/github.com/minio/minio-go?badge) [![Apache V2 License](https://img.shields.io/badge/license-Apache%20V2-blue.svg)](https://github.com/minio/minio-go/blob/master/LICENSE)
 
 The MinIO Go Client SDK provides simple APIs to access any Amazon S3 compatible object storage.
 
@@ -104,12 +104,12 @@ func main() {
 	contentType := "application/zip"
 
 	// Upload the zip file with FPutObject
-	n, err := minioClient.FPutObject(ctx, bucketName, objectName, filePath, minio.PutObjectOptions{ContentType: contentType})
+	info, err := minioClient.FPutObject(ctx, bucketName, objectName, filePath, minio.PutObjectOptions{ContentType: contentType})
 	if err != nil {
 		log.Fatalln(err)
 	}
 
-	log.Printf("Successfully uploaded %s of size %d\n", objectName, n)
+	log.Printf("Successfully uploaded %s of size %d\n", objectName, info.Size)
 }
 ```
 
@@ -171,9 +171,9 @@ The full API Reference is available here.
 * [`PresignedPostPolicy`](https://docs.min.io/docs/golang-client-api-reference#PresignedPostPolicy)
 
 ### API Reference : Client custom settings
-* [`SetAppInfo`](http://docs.min.io/docs/golang-client-api-reference#SetAppInfo)
-* [`TraceOn`](http://docs.min.io/docs/golang-client-api-reference#TraceOn)
-* [`TraceOff`](http://docs.min.io/docs/golang-client-api-reference#TraceOff)
+* [`SetAppInfo`](https://docs.min.io/docs/golang-client-api-reference#SetAppInfo)
+* [`TraceOn`](https://docs.min.io/docs/golang-client-api-reference#TraceOn)
+* [`TraceOff`](https://docs.min.io/docs/golang-client-api-reference#TraceOff)
 
 ## Full Examples
 
@@ -248,4 +248,4 @@ The full API Reference is available here.
 [Contributors Guide](https://github.com/minio/minio-go/blob/master/CONTRIBUTING.md)
 
 ## License
-This SDK is distributed under the [Apache License, Version 2.0](http://www.apache.org/licenses/LICENSE-2.0), see [LICENSE](https://github.com/minio/minio-go/blob/master/LICENSE) and [NOTICE](https://github.com/minio/minio-go/blob/master/NOTICE) for more information.
+This SDK is distributed under the [Apache License, Version 2.0](https://www.apache.org/licenses/LICENSE-2.0), see [LICENSE](https://github.com/minio/minio-go/blob/master/LICENSE) and [NOTICE](https://github.com/minio/minio-go/blob/master/NOTICE) for more information.
diff --git a/vendor/github.com/minio/minio-go/v7/api-bucket-encryption.go b/vendor/github.com/minio/minio-go/v7/api-bucket-encryption.go
index e02ab84afa3..24f94e03440 100644
--- a/vendor/github.com/minio/minio-go/v7/api-bucket-encryption.go
+++ b/vendor/github.com/minio/minio-go/v7/api-bucket-encryption.go
@@ -28,7 +28,7 @@ import (
 )
 
 // SetBucketEncryption sets the default encryption configuration on an existing bucket.
-func (c Client) SetBucketEncryption(ctx context.Context, bucketName string, config *sse.Configuration) error {
+func (c *Client) SetBucketEncryption(ctx context.Context, bucketName string, config *sse.Configuration) error {
 	// Input validation.
 	if err := s3utils.CheckValidBucketName(bucketName); err != nil {
 		return err
@@ -70,7 +70,7 @@ func (c Client) SetBucketEncryption(ctx context.Context, bucketName string, conf
 }
 
 // RemoveBucketEncryption removes the default encryption configuration on a bucket with a context to control cancellations and timeouts.
-func (c Client) RemoveBucketEncryption(ctx context.Context, bucketName string) error {
+func (c *Client) RemoveBucketEncryption(ctx context.Context, bucketName string) error {
 	// Input validation.
 	if err := s3utils.CheckValidBucketName(bucketName); err != nil {
 		return err
@@ -99,7 +99,7 @@ func (c Client) RemoveBucketEncryption(ctx context.Context, bucketName string) e
 
 // GetBucketEncryption gets the default encryption configuration
 // on an existing bucket with a context to control cancellations and timeouts.
-func (c Client) GetBucketEncryption(ctx context.Context, bucketName string) (*sse.Configuration, error) {
+func (c *Client) GetBucketEncryption(ctx context.Context, bucketName string) (*sse.Configuration, error) {
 	// Input validation.
 	if err := s3utils.CheckValidBucketName(bucketName); err != nil {
 		return nil, err
diff --git a/vendor/github.com/minio/minio-go/v7/api-bucket-lifecycle.go b/vendor/github.com/minio/minio-go/v7/api-bucket-lifecycle.go
index e1fac813cc6..7e2199732ee 100644
--- a/vendor/github.com/minio/minio-go/v7/api-bucket-lifecycle.go
+++ b/vendor/github.com/minio/minio-go/v7/api-bucket-lifecycle.go
@@ -30,7 +30,7 @@ import (
 )
 
 // SetBucketLifecycle set the lifecycle on an existing bucket.
-func (c Client) SetBucketLifecycle(ctx context.Context, bucketName string, config *lifecycle.Configuration) error {
+func (c *Client) SetBucketLifecycle(ctx context.Context, bucketName string, config *lifecycle.Configuration) error {
 	// Input validation.
 	if err := s3utils.CheckValidBucketName(bucketName); err != nil {
 		return err
@@ -51,7 +51,7 @@ func (c Client) SetBucketLifecycle(ctx context.Context, bucketName string, confi
 }
 
 // Saves a new bucket lifecycle.
-func (c Client) putBucketLifecycle(ctx context.Context, bucketName string, buf []byte) error {
+func (c *Client) putBucketLifecycle(ctx context.Context, bucketName string, buf []byte) error {
 	// Get resources properly escaped and lined up before
 	// using them in http request.
 	urlValues := make(url.Values)
@@ -81,7 +81,7 @@ func (c Client) putBucketLifecycle(ctx context.Context, bucketName string, buf [
 }
 
 // Remove lifecycle from a bucket.
-func (c Client) removeBucketLifecycle(ctx context.Context, bucketName string) error {
+func (c *Client) removeBucketLifecycle(ctx context.Context, bucketName string) error {
 	// Get resources properly escaped and lined up before
 	// using them in http request.
 	urlValues := make(url.Values)
@@ -101,7 +101,7 @@ func (c Client) removeBucketLifecycle(ctx context.Context, bucketName string) er
 }
 
 // GetBucketLifecycle fetch bucket lifecycle configuration
-func (c Client) GetBucketLifecycle(ctx context.Context, bucketName string) (*lifecycle.Configuration, error) {
+func (c *Client) GetBucketLifecycle(ctx context.Context, bucketName string) (*lifecycle.Configuration, error) {
 	// Input validation.
 	if err := s3utils.CheckValidBucketName(bucketName); err != nil {
 		return nil, err
@@ -120,7 +120,7 @@ func (c Client) GetBucketLifecycle(ctx context.Context, bucketName string) (*lif
 }
 
 // Request server for current bucket lifecycle.
-func (c Client) getBucketLifecycle(ctx context.Context, bucketName string) ([]byte, error) {
+func (c *Client) getBucketLifecycle(ctx context.Context, bucketName string) ([]byte, error) {
 	// Get resources properly escaped and lined up before
 	// using them in http request.
 	urlValues := make(url.Values)
diff --git a/vendor/github.com/minio/minio-go/v7/api-bucket-notification.go b/vendor/github.com/minio/minio-go/v7/api-bucket-notification.go
index 76787ecabc1..1e6f3da1c01 100644
--- a/vendor/github.com/minio/minio-go/v7/api-bucket-notification.go
+++ b/vendor/github.com/minio/minio-go/v7/api-bucket-notification.go
@@ -32,7 +32,7 @@ import (
 )
 
 // SetBucketNotification saves a new bucket notification with a context to control cancellations and timeouts.
-func (c Client) SetBucketNotification(ctx context.Context, bucketName string, config notification.Configuration) error {
+func (c *Client) SetBucketNotification(ctx context.Context, bucketName string, config notification.Configuration) error {
 	// Input validation.
 	if err := s3utils.CheckValidBucketName(bucketName); err != nil {
 		return err
@@ -73,12 +73,12 @@ func (c Client) SetBucketNotification(ctx context.Context, bucketName string, co
 }
 
 // RemoveAllBucketNotification - Remove bucket notification clears all previously specified config
-func (c Client) RemoveAllBucketNotification(ctx context.Context, bucketName string) error {
+func (c *Client) RemoveAllBucketNotification(ctx context.Context, bucketName string) error {
 	return c.SetBucketNotification(ctx, bucketName, notification.Configuration{})
 }
 
 // GetBucketNotification returns current bucket notification configuration
-func (c Client) GetBucketNotification(ctx context.Context, bucketName string) (bucketNotification notification.Configuration, err error) {
+func (c *Client) GetBucketNotification(ctx context.Context, bucketName string) (bucketNotification notification.Configuration, err error) {
 	// Input validation.
 	if err := s3utils.CheckValidBucketName(bucketName); err != nil {
 		return notification.Configuration{}, err
@@ -87,7 +87,7 @@ func (c Client) GetBucketNotification(ctx context.Context, bucketName string) (b
 }
 
 // Request server for notification rules.
-func (c Client) getBucketNotification(ctx context.Context, bucketName string) (notification.Configuration, error) {
+func (c *Client) getBucketNotification(ctx context.Context, bucketName string) (notification.Configuration, error) {
 	urlValues := make(url.Values)
 	urlValues.Set("notification", "")
 
@@ -121,12 +121,12 @@ func processBucketNotificationResponse(bucketName string, resp *http.Response) (
 }
 
 // ListenNotification listen for all events, this is a MinIO specific API
-func (c Client) ListenNotification(ctx context.Context, prefix, suffix string, events []string) <-chan notification.Info {
+func (c *Client) ListenNotification(ctx context.Context, prefix, suffix string, events []string) <-chan notification.Info {
 	return c.ListenBucketNotification(ctx, "", prefix, suffix, events)
 }
 
 // ListenBucketNotification listen for bucket events, this is a MinIO specific API
-func (c Client) ListenBucketNotification(ctx context.Context, bucketName, prefix, suffix string, events []string) <-chan notification.Info {
+func (c *Client) ListenBucketNotification(ctx context.Context, bucketName, prefix, suffix string, events []string) <-chan notification.Info {
 	notificationInfoCh := make(chan notification.Info, 1)
 	const notificationCapacity = 4 * 1024 * 1024
 	notificationEventBuffer := make([]byte, notificationCapacity)
diff --git a/vendor/github.com/minio/minio-go/v7/api-bucket-policy.go b/vendor/github.com/minio/minio-go/v7/api-bucket-policy.go
index 72676f34470..57cdbc6e364 100644
--- a/vendor/github.com/minio/minio-go/v7/api-bucket-policy.go
+++ b/vendor/github.com/minio/minio-go/v7/api-bucket-policy.go
@@ -27,7 +27,7 @@ import (
 )
 
 // SetBucketPolicy sets the access permissions on an existing bucket.
-func (c Client) SetBucketPolicy(ctx context.Context, bucketName, policy string) error {
+func (c *Client) SetBucketPolicy(ctx context.Context, bucketName, policy string) error {
 	// Input validation.
 	if err := s3utils.CheckValidBucketName(bucketName); err != nil {
 		return err
@@ -43,7 +43,7 @@ func (c Client) SetBucketPolicy(ctx context.Context, bucketName, policy string)
 }
 
 // Saves a new bucket policy.
-func (c Client) putBucketPolicy(ctx context.Context, bucketName, policy string) error {
+func (c *Client) putBucketPolicy(ctx context.Context, bucketName, policy string) error {
 	// Get resources properly escaped and lined up before
 	// using them in http request.
 	urlValues := make(url.Values)
@@ -63,7 +63,7 @@ func (c Client) putBucketPolicy(ctx context.Context, bucketName, policy string)
 		return err
 	}
 	if resp != nil {
-		if resp.StatusCode != http.StatusNoContent {
+		if resp.StatusCode != http.StatusNoContent && resp.StatusCode != http.StatusOK {
 			return httpRespToErrorResponse(resp, bucketName, "")
 		}
 	}
@@ -71,7 +71,7 @@ func (c Client) putBucketPolicy(ctx context.Context, bucketName, policy string)
 }
 
 // Removes all policies on a bucket.
-func (c Client) removeBucketPolicy(ctx context.Context, bucketName string) error {
+func (c *Client) removeBucketPolicy(ctx context.Context, bucketName string) error {
 	// Get resources properly escaped and lined up before
 	// using them in http request.
 	urlValues := make(url.Values)
@@ -91,7 +91,7 @@ func (c Client) removeBucketPolicy(ctx context.Context, bucketName string) error
 }
 
 // GetBucketPolicy returns the current policy
-func (c Client) GetBucketPolicy(ctx context.Context, bucketName string) (string, error) {
+func (c *Client) GetBucketPolicy(ctx context.Context, bucketName string) (string, error) {
 	// Input validation.
 	if err := s3utils.CheckValidBucketName(bucketName); err != nil {
 		return "", err
@@ -108,7 +108,7 @@ func (c Client) GetBucketPolicy(ctx context.Context, bucketName string) (string,
 }
 
 // Request server for current bucket policy.
-func (c Client) getBucketPolicy(ctx context.Context, bucketName string) (string, error) {
+func (c *Client) getBucketPolicy(ctx context.Context, bucketName string) (string, error) {
 	// Get resources properly escaped and lined up before
 	// using them in http request.
 	urlValues := make(url.Values)
diff --git a/vendor/github.com/minio/minio-go/v7/api-bucket-replication.go b/vendor/github.com/minio/minio-go/v7/api-bucket-replication.go
index bfd5ea4360d..b39211ec653 100644
--- a/vendor/github.com/minio/minio-go/v7/api-bucket-replication.go
+++ b/vendor/github.com/minio/minio-go/v7/api-bucket-replication.go
@@ -20,21 +20,25 @@ package minio
 import (
 	"bytes"
 	"context"
+	"encoding/json"
 	"encoding/xml"
+	"io/ioutil"
 	"net/http"
 	"net/url"
+	"time"
 
+	"github.com/google/uuid"
 	"github.com/minio/minio-go/v7/pkg/replication"
 	"github.com/minio/minio-go/v7/pkg/s3utils"
 )
 
 // RemoveBucketReplication removes a replication config on an existing bucket.
-func (c Client) RemoveBucketReplication(ctx context.Context, bucketName string) error {
+func (c *Client) RemoveBucketReplication(ctx context.Context, bucketName string) error {
 	return c.removeBucketReplication(ctx, bucketName)
 }
 
 // SetBucketReplication sets a replication config on an existing bucket.
-func (c Client) SetBucketReplication(ctx context.Context, bucketName string, cfg replication.Config) error {
+func (c *Client) SetBucketReplication(ctx context.Context, bucketName string, cfg replication.Config) error {
 	// Input validation.
 	if err := s3utils.CheckValidBucketName(bucketName); err != nil {
 		return err
@@ -49,7 +53,7 @@ func (c Client) SetBucketReplication(ctx context.Context, bucketName string, cfg
 }
 
 // Saves a new bucket replication.
-func (c Client) putBucketReplication(ctx context.Context, bucketName string, cfg replication.Config) error {
+func (c *Client) putBucketReplication(ctx context.Context, bucketName string, cfg replication.Config) error {
 	// Get resources properly escaped and lined up before
 	// using them in http request.
 	urlValues := make(url.Values)
@@ -82,7 +86,7 @@ func (c Client) putBucketReplication(ctx context.Context, bucketName string, cfg
 }
 
 // Remove replication from a bucket.
-func (c Client) removeBucketReplication(ctx context.Context, bucketName string) error {
+func (c *Client) removeBucketReplication(ctx context.Context, bucketName string) error {
 	// Get resources properly escaped and lined up before
 	// using them in http request.
 	urlValues := make(url.Values)
@@ -103,7 +107,7 @@ func (c Client) removeBucketReplication(ctx context.Context, bucketName string)
 
 // GetBucketReplication fetches bucket replication configuration.If config is not
 // found, returns empty config with nil error.
-func (c Client) GetBucketReplication(ctx context.Context, bucketName string) (cfg replication.Config, err error) {
+func (c *Client) GetBucketReplication(ctx context.Context, bucketName string) (cfg replication.Config, err error) {
 	// Input validation.
 	if err := s3utils.CheckValidBucketName(bucketName); err != nil {
 		return cfg, err
@@ -120,7 +124,7 @@ func (c Client) GetBucketReplication(ctx context.Context, bucketName string) (cf
 }
 
 // Request server for current bucket replication config.
-func (c Client) getBucketReplication(ctx context.Context, bucketName string) (cfg replication.Config, err error) {
+func (c *Client) getBucketReplication(ctx context.Context, bucketName string) (cfg replication.Config, err error) {
 	// Get resources properly escaped and lined up before
 	// using them in http request.
 	urlValues := make(url.Values)
@@ -147,3 +151,108 @@ func (c Client) getBucketReplication(ctx context.Context, bucketName string) (cf
 
 	return cfg, nil
 }
+
+// GetBucketReplicationMetrics fetches bucket replication status metrics
+func (c *Client) GetBucketReplicationMetrics(ctx context.Context, bucketName string) (s replication.Metrics, err error) {
+	// Input validation.
+	if err := s3utils.CheckValidBucketName(bucketName); err != nil {
+		return s, err
+	}
+	// Get resources properly escaped and lined up before
+	// using them in http request.
+	urlValues := make(url.Values)
+	urlValues.Set("replication-metrics", "")
+
+	// Execute GET on bucket to get replication config.
+	resp, err := c.executeMethod(ctx, http.MethodGet, requestMetadata{
+		bucketName:  bucketName,
+		queryValues: urlValues,
+	})
+
+	defer closeResponse(resp)
+	if err != nil {
+		return s, err
+	}
+
+	if resp.StatusCode != http.StatusOK {
+		return s, httpRespToErrorResponse(resp, bucketName, "")
+	}
+	respBytes, err := ioutil.ReadAll(resp.Body)
+	if err != nil {
+		return s, err
+	}
+
+	if err := json.Unmarshal(respBytes, &s); err != nil {
+		return s, err
+	}
+	return s, nil
+}
+
+// mustGetUUID - get a random UUID.
+func mustGetUUID() string {
+	u, err := uuid.NewRandom()
+	if err != nil {
+		return ""
+	}
+	return u.String()
+}
+
+// ResetBucketReplication kicks off replication of previously replicated objects if ExistingObjectReplication
+// is enabled in the replication config
+func (c *Client) ResetBucketReplication(ctx context.Context, bucketName string, olderThan time.Duration) (rID string, err error) {
+	rID = mustGetUUID()
+	_, err = c.resetBucketReplicationOnTarget(ctx, bucketName, olderThan, "", rID)
+	if err != nil {
+		return rID, err
+	}
+	return rID, nil
+}
+
+// ResetBucketReplicationOnTarget kicks off replication of previously replicated objects if
+// ExistingObjectReplication is enabled in the replication config
+func (c *Client) ResetBucketReplicationOnTarget(ctx context.Context, bucketName string, olderThan time.Duration, tgtArn string) (replication.ResyncTargetsInfo, error) {
+	return c.resetBucketReplicationOnTarget(ctx, bucketName, olderThan, tgtArn, mustGetUUID())
+}
+
+// ResetBucketReplication kicks off replication of previously replicated objects if ExistingObjectReplication
+// is enabled in the replication config
+func (c *Client) resetBucketReplicationOnTarget(ctx context.Context, bucketName string, olderThan time.Duration, tgtArn string, resetID string) (rinfo replication.ResyncTargetsInfo, err error) {
+	// Input validation.
+	if err = s3utils.CheckValidBucketName(bucketName); err != nil {
+		return
+	}
+	// Get resources properly escaped and lined up before
+	// using them in http request.
+	urlValues := make(url.Values)
+	urlValues.Set("replication-reset", "")
+	if olderThan > 0 {
+		urlValues.Set("older-than", olderThan.String())
+	}
+	if tgtArn != "" {
+		urlValues.Set("arn", tgtArn)
+	}
+	urlValues.Set("reset-id", resetID)
+	// Execute GET on bucket to get replication config.
+	resp, err := c.executeMethod(ctx, http.MethodPut, requestMetadata{
+		bucketName:  bucketName,
+		queryValues: urlValues,
+	})
+
+	defer closeResponse(resp)
+	if err != nil {
+		return rinfo, err
+	}
+
+	if resp.StatusCode != http.StatusOK {
+		return rinfo, httpRespToErrorResponse(resp, bucketName, "")
+	}
+	respBytes, err := ioutil.ReadAll(resp.Body)
+	if err != nil {
+		return rinfo, err
+	}
+
+	if err := json.Unmarshal(respBytes, &rinfo); err != nil {
+		return rinfo, err
+	}
+	return rinfo, nil
+}
diff --git a/vendor/github.com/minio/minio-go/v7/api-bucket-tagging.go b/vendor/github.com/minio/minio-go/v7/api-bucket-tagging.go
index fcb966e6369..1615f8f8739 100644
--- a/vendor/github.com/minio/minio-go/v7/api-bucket-tagging.go
+++ b/vendor/github.com/minio/minio-go/v7/api-bucket-tagging.go
@@ -32,7 +32,7 @@ import (
 
 // GetBucketTagging fetch tagging configuration for a bucket with a
 // context to control cancellations and timeouts.
-func (c Client) GetBucketTagging(ctx context.Context, bucketName string) (*tags.Tags, error) {
+func (c *Client) GetBucketTagging(ctx context.Context, bucketName string) (*tags.Tags, error) {
 	// Input validation.
 	if err := s3utils.CheckValidBucketName(bucketName); err != nil {
 		return nil, err
@@ -64,7 +64,7 @@ func (c Client) GetBucketTagging(ctx context.Context, bucketName string) (*tags.
 
 // SetBucketTagging sets tagging configuration for a bucket
 // with a context to control cancellations and timeouts.
-func (c Client) SetBucketTagging(ctx context.Context, bucketName string, tags *tags.Tags) error {
+func (c *Client) SetBucketTagging(ctx context.Context, bucketName string, tags *tags.Tags) error {
 	// Input validation.
 	if err := s3utils.CheckValidBucketName(bucketName); err != nil {
 		return err
@@ -107,7 +107,7 @@ func (c Client) SetBucketTagging(ctx context.Context, bucketName string, tags *t
 
 // RemoveBucketTagging removes tagging configuration for a
 // bucket with a context to control cancellations and timeouts.
-func (c Client) RemoveBucketTagging(ctx context.Context, bucketName string) error {
+func (c *Client) RemoveBucketTagging(ctx context.Context, bucketName string) error {
 	// Input validation.
 	if err := s3utils.CheckValidBucketName(bucketName); err != nil {
 		return err
diff --git a/vendor/github.com/minio/minio-go/v7/api-bucket-versioning.go b/vendor/github.com/minio/minio-go/v7/api-bucket-versioning.go
index e3ceeb336d4..930b1b93a2f 100644
--- a/vendor/github.com/minio/minio-go/v7/api-bucket-versioning.go
+++ b/vendor/github.com/minio/minio-go/v7/api-bucket-versioning.go
@@ -27,7 +27,7 @@ import (
 )
 
 // SetBucketVersioning sets a bucket versioning configuration
-func (c Client) SetBucketVersioning(ctx context.Context, bucketName string, config BucketVersioningConfiguration) error {
+func (c *Client) SetBucketVersioning(ctx context.Context, bucketName string, config BucketVersioningConfiguration) error {
 	// Input validation.
 	if err := s3utils.CheckValidBucketName(bucketName); err != nil {
 		return err
@@ -67,12 +67,12 @@ func (c Client) SetBucketVersioning(ctx context.Context, bucketName string, conf
 }
 
 // EnableVersioning - enable object versioning in given bucket.
-func (c Client) EnableVersioning(ctx context.Context, bucketName string) error {
+func (c *Client) EnableVersioning(ctx context.Context, bucketName string) error {
 	return c.SetBucketVersioning(ctx, bucketName, BucketVersioningConfiguration{Status: "Enabled"})
 }
 
 // SuspendVersioning - suspend object versioning in given bucket.
-func (c Client) SuspendVersioning(ctx context.Context, bucketName string) error {
+func (c *Client) SuspendVersioning(ctx context.Context, bucketName string) error {
 	return c.SetBucketVersioning(ctx, bucketName, BucketVersioningConfiguration{Status: "Suspended"})
 }
 
@@ -102,7 +102,7 @@ func (b BucketVersioningConfiguration) Suspended() bool {
 
 // GetBucketVersioning gets the versioning configuration on
 // an existing bucket with a context to control cancellations and timeouts.
-func (c Client) GetBucketVersioning(ctx context.Context, bucketName string) (BucketVersioningConfiguration, error) {
+func (c *Client) GetBucketVersioning(ctx context.Context, bucketName string) (BucketVersioningConfiguration, error) {
 	// Input validation.
 	if err := s3utils.CheckValidBucketName(bucketName); err != nil {
 		return BucketVersioningConfiguration{}, err
diff --git a/vendor/github.com/minio/minio-go/v7/api-compose-object.go b/vendor/github.com/minio/minio-go/v7/api-compose-object.go
index 40238de35ff..f349f99ed5c 100644
--- a/vendor/github.com/minio/minio-go/v7/api-compose-object.go
+++ b/vendor/github.com/minio/minio-go/v7/api-compose-object.go
@@ -201,7 +201,7 @@ func (opts CopySrcOptions) validate() (err error) {
 }
 
 // Low level implementation of CopyObject API, supports only upto 5GiB worth of copy.
-func (c Client) copyObjectDo(ctx context.Context, srcBucket, srcObject, destBucket, destObject string,
+func (c *Client) copyObjectDo(ctx context.Context, srcBucket, srcObject, destBucket, destObject string,
 	metadata map[string]string, srcOpts CopySrcOptions, dstOpts PutObjectOptions) (ObjectInfo, error) {
 
 	// Build headers.
@@ -220,6 +220,19 @@ func (c Client) copyObjectDo(ctx context.Context, srcBucket, srcObject, destBuck
 	if dstOpts.Internal.SourceETag != "" {
 		headers.Set(minIOBucketSourceETag, dstOpts.Internal.SourceETag)
 	}
+	if dstOpts.Internal.ReplicationRequest {
+		headers.Set(minIOBucketReplicationRequest, "")
+	}
+	if !dstOpts.Internal.LegalholdTimestamp.IsZero() {
+		headers.Set(minIOBucketReplicationObjectLegalHoldTimestamp, dstOpts.Internal.LegalholdTimestamp.Format(time.RFC3339Nano))
+	}
+	if !dstOpts.Internal.RetentionTimestamp.IsZero() {
+		headers.Set(minIOBucketReplicationObjectRetentionTimestamp, dstOpts.Internal.RetentionTimestamp.Format(time.RFC3339Nano))
+	}
+	if !dstOpts.Internal.TaggingTimestamp.IsZero() {
+		headers.Set(minIOBucketReplicationTaggingTimestamp, dstOpts.Internal.TaggingTimestamp.Format(time.RFC3339Nano))
+	}
+
 	if len(dstOpts.UserTags) != 0 {
 		headers.Set(amzTaggingHeader, s3utils.TagEncode(dstOpts.UserTags))
 	}
@@ -230,8 +243,10 @@ func (c Client) copyObjectDo(ctx context.Context, srcBucket, srcObject, destBuck
 		customHeader: headers,
 	}
 	if dstOpts.Internal.SourceVersionID != "" {
-		if _, err := uuid.Parse(dstOpts.Internal.SourceVersionID); err != nil {
-			return ObjectInfo{}, errInvalidArgument(err.Error())
+		if dstOpts.Internal.SourceVersionID != nullVersionID {
+			if _, err := uuid.Parse(dstOpts.Internal.SourceVersionID); err != nil {
+				return ObjectInfo{}, errInvalidArgument(err.Error())
+			}
 		}
 		urlValues := make(url.Values)
 		urlValues.Set("versionId", dstOpts.Internal.SourceVersionID)
@@ -269,7 +284,7 @@ func (c Client) copyObjectDo(ctx context.Context, srcBucket, srcObject, destBuck
 	return objInfo, nil
 }
 
-func (c Client) copyObjectPartDo(ctx context.Context, srcBucket, srcObject, destBucket, destObject string, uploadID string,
+func (c *Client) copyObjectPartDo(ctx context.Context, srcBucket, srcObject, destBucket, destObject string, uploadID string,
 	partID int, startOffset int64, length int64, metadata map[string]string) (p CompletePart, err error) {
 
 	headers := make(http.Header)
@@ -322,7 +337,7 @@ func (c Client) copyObjectPartDo(ctx context.Context, srcBucket, srcObject, dest
 // uploadPartCopy - helper function to create a part in a multipart
 // upload via an upload-part-copy request
 // https://docs.aws.amazon.com/AmazonS3/latest/API/mpUploadUploadPartCopy.html
-func (c Client) uploadPartCopy(ctx context.Context, bucket, object, uploadID string, partNumber int,
+func (c *Client) uploadPartCopy(ctx context.Context, bucket, object, uploadID string, partNumber int,
 	headers http.Header) (p CompletePart, err error) {
 
 	// Build query parameters
@@ -362,7 +377,7 @@ func (c Client) uploadPartCopy(ctx context.Context, bucket, object, uploadID str
 // and concatenates them into a new object using only server-side copying
 // operations. Optionally takes progress reader hook for applications to
 // look at current progress.
-func (c Client) ComposeObject(ctx context.Context, dst CopyDestOptions, srcs ...CopySrcOptions) (UploadInfo, error) {
+func (c *Client) ComposeObject(ctx context.Context, dst CopyDestOptions, srcs ...CopySrcOptions) (UploadInfo, error) {
 	if len(srcs) < 1 || len(srcs) > maxPartsCount {
 		return UploadInfo{}, errInvalidArgument("There must be as least one and up to 10000 source objects.")
 	}
@@ -383,7 +398,7 @@ func (c Client) ComposeObject(ctx context.Context, dst CopyDestOptions, srcs ...
 	var err error
 	for i, src := range srcs {
 		opts := StatObjectOptions{ServerSideEncryption: encrypt.SSE(src.Encryption), VersionID: src.VersionID}
-		srcObjectInfos[i], err = c.statObject(context.Background(), src.Bucket, src.Object, opts)
+		srcObjectInfos[i], err = c.StatObject(context.Background(), src.Bucket, src.Object, opts)
 		if err != nil {
 			return UploadInfo{}, err
 		}
@@ -510,7 +525,7 @@ func (c Client) ComposeObject(ctx context.Context, dst CopyDestOptions, srcs ...
 
 	// 4. Make final complete-multipart request.
 	uploadInfo, err := c.completeMultipartUpload(ctx, dst.Bucket, dst.Object, uploadID,
-		completeMultipartUpload{Parts: objParts})
+		completeMultipartUpload{Parts: objParts}, PutObjectOptions{})
 	if err != nil {
 		return UploadInfo{}, err
 	}
diff --git a/vendor/github.com/minio/minio-go/v7/api-copy-object.go b/vendor/github.com/minio/minio-go/v7/api-copy-object.go
index 9af036ec056..1c0ad2be4c0 100644
--- a/vendor/github.com/minio/minio-go/v7/api-copy-object.go
+++ b/vendor/github.com/minio/minio-go/v7/api-copy-object.go
@@ -25,7 +25,7 @@ import (
 )
 
 // CopyObject - copy a source object into a new object
-func (c Client) CopyObject(ctx context.Context, dst CopyDestOptions, src CopySrcOptions) (UploadInfo, error) {
+func (c *Client) CopyObject(ctx context.Context, dst CopyDestOptions, src CopySrcOptions) (UploadInfo, error) {
 	if err := src.validate(); err != nil {
 		return UploadInfo{}, err
 	}
diff --git a/vendor/github.com/minio/minio-go/v7/api-datatypes.go b/vendor/github.com/minio/minio-go/v7/api-datatypes.go
index 970e1fa5e3c..2f5912f378b 100644
--- a/vendor/github.com/minio/minio-go/v7/api-datatypes.go
+++ b/vendor/github.com/minio/minio-go/v7/api-datatypes.go
@@ -64,8 +64,9 @@ func (m *StringMap) UnmarshalXML(d *xml.Decoder, start xml.StartElement) error {
 
 // Owner name.
 type Owner struct {
-	DisplayName string `json:"name"`
-	ID          string `json:"id"`
+	XMLName     xml.Name `xml:"Owner" json:"owner"`
+	DisplayName string   `xml:"ID" json:"name"`
+	ID          string   `xml:"DisplayName" json:"id"`
 }
 
 // UploadInfo contains information about the
@@ -85,6 +86,14 @@ type UploadInfo struct {
 	ExpirationRuleID string
 }
 
+// RestoreInfo contains information of the restore operation of an archived object
+type RestoreInfo struct {
+	// Is the restoring operation is still ongoing
+	OngoingRestore bool
+	// When the restored copy of the archived object will be removed
+	ExpiryTime time.Time
+}
+
 // ObjectInfo container for object metadata.
 type ObjectInfo struct {
 	// An ETag is optionally set to md5sum of an object.  In case of multipart objects,
@@ -115,14 +124,7 @@ type ObjectInfo struct {
 	Owner Owner
 
 	// ACL grant.
-	Grant []struct {
-		Grantee struct {
-			ID          string `xml:"ID"`
-			DisplayName string `xml:"DisplayName"`
-			URI         string `xml:"URI"`
-		} `xml:"Grantee"`
-		Permission string `xml:"Permission"`
-	} `xml:"Grant"`
+	Grant []Grant
 
 	// The class of storage used to store the object.
 	StorageClass string `json:"storageClass"`
@@ -144,6 +146,8 @@ type ObjectInfo struct {
 	Expiration       time.Time
 	ExpirationRuleID string
 
+	Restore *RestoreInfo
+
 	// Error
 	Err error `json:"-"`
 }
diff --git a/vendor/github.com/minio/minio-go/v7/api-error-response.go b/vendor/github.com/minio/minio-go/v7/api-error-response.go
index c45c4fdcb24..39df7eec6ba 100644
--- a/vendor/github.com/minio/minio-go/v7/api-error-response.go
+++ b/vendor/github.com/minio/minio-go/v7/api-error-response.go
@@ -18,8 +18,11 @@
 package minio
 
 import (
+	"bytes"
 	"encoding/xml"
 	"fmt"
+	"io"
+	"io/ioutil"
 	"net/http"
 )
 
@@ -98,6 +101,19 @@ const (
 	reportIssue = "Please report this issue at https://github.com/minio/minio-go/issues."
 )
 
+// xmlDecodeAndBody reads the whole body up to 1MB and
+// tries to XML decode it into v.
+// The body that was read and any error from reading or decoding is returned.
+func xmlDecodeAndBody(bodyReader io.Reader, v interface{}) ([]byte, error) {
+	// read the whole body (up to 1MB)
+	const maxBodyLength = 1 << 20
+	body, err := ioutil.ReadAll(io.LimitReader(bodyReader, maxBodyLength))
+	if err != nil {
+		return nil, err
+	}
+	return bytes.TrimSpace(body), xmlDecoder(bytes.NewReader(body), v)
+}
+
 // httpRespToErrorResponse returns a new encoded ErrorResponse
 // structure as error.
 func httpRespToErrorResponse(resp *http.Response, bucketName, objectName string) error {
@@ -111,7 +127,7 @@ func httpRespToErrorResponse(resp *http.Response, bucketName, objectName string)
 		Server:     resp.Header.Get("Server"),
 	}
 
-	err := xmlDecoder(resp.Body, &errResp)
+	errBody, err := xmlDecodeAndBody(resp.Body, &errResp)
 	// Xml decoding failed with no body, fall back to HTTP headers.
 	if err != nil {
 		switch resp.StatusCode {
@@ -156,10 +172,17 @@ func httpRespToErrorResponse(resp *http.Response, bucketName, objectName string)
 				Key:        objectName,
 			}
 		default:
+			msg := resp.Status
+			if len(errBody) > 0 {
+				msg = string(errBody)
+				if len(msg) > 1024 {
+					msg = msg[:1024] + "..."
+				}
+			}
 			errResp = ErrorResponse{
 				StatusCode: resp.StatusCode,
 				Code:       resp.Status,
-				Message:    resp.Status,
+				Message:    msg,
 				BucketName: bucketName,
 			}
 		}
diff --git a/vendor/github.com/minio/minio-go/v7/api-get-object-acl.go b/vendor/github.com/minio/minio-go/v7/api-get-object-acl.go
index afa53079d3e..b1291b6bc70 100644
--- a/vendor/github.com/minio/minio-go/v7/api-get-object-acl.go
+++ b/vendor/github.com/minio/minio-go/v7/api-get-object-acl.go
@@ -19,29 +19,40 @@ package minio
 
 import (
 	"context"
+	"encoding/xml"
 	"net/http"
 	"net/url"
 )
 
+// Grantee represents the person being granted permissions.
+type Grantee struct {
+	XMLName     xml.Name `xml:"Grantee"`
+	ID          string   `xml:"ID"`
+	DisplayName string   `xml:"DisplayName"`
+	URI         string   `xml:"URI"`
+}
+
+// Grant holds grant information
+type Grant struct {
+	XMLName    xml.Name `xml:"Grant"`
+	Grantee    Grantee
+	Permission string `xml:"Permission"`
+}
+
+// AccessControlList contains the set of grantees and the permissions assigned to each grantee.
+type AccessControlList struct {
+	XMLName    xml.Name `xml:"AccessControlList"`
+	Grant      []Grant
+	Permission string `xml:"Permission"`
+}
+
 type accessControlPolicy struct {
-	Owner struct {
-		ID          string `xml:"ID"`
-		DisplayName string `xml:"DisplayName"`
-	} `xml:"Owner"`
-	AccessControlList struct {
-		Grant []struct {
-			Grantee struct {
-				ID          string `xml:"ID"`
-				DisplayName string `xml:"DisplayName"`
-				URI         string `xml:"URI"`
-			} `xml:"Grantee"`
-			Permission string `xml:"Permission"`
-		} `xml:"Grant"`
-	} `xml:"AccessControlList"`
+	Owner
+	AccessControlList
 }
 
 // GetObjectACL get object ACLs
-func (c Client) GetObjectACL(ctx context.Context, bucketName, objectName string) (*ObjectInfo, error) {
+func (c *Client) GetObjectACL(ctx context.Context, bucketName, objectName string) (*ObjectInfo, error) {
 	resp, err := c.executeMethod(ctx, http.MethodGet, requestMetadata{
 		bucketName: bucketName,
 		objectName: objectName,
@@ -64,7 +75,7 @@ func (c Client) GetObjectACL(ctx context.Context, bucketName, objectName string)
 		return nil, err
 	}
 
-	objInfo, err := c.statObject(ctx, bucketName, objectName, StatObjectOptions{})
+	objInfo, err := c.StatObject(ctx, bucketName, objectName, StatObjectOptions{})
 	if err != nil {
 		return nil, err
 	}
diff --git a/vendor/github.com/minio/minio-go/v7/api-get-object-file.go b/vendor/github.com/minio/minio-go/v7/api-get-object-file.go
index bccff457872..98f5acf6e04 100644
--- a/vendor/github.com/minio/minio-go/v7/api-get-object-file.go
+++ b/vendor/github.com/minio/minio-go/v7/api-get-object-file.go
@@ -28,7 +28,7 @@ import (
 
 // FGetObject - download contents of an object to a local file.
 // The options can be used to specify the GET request further.
-func (c Client) FGetObject(ctx context.Context, bucketName, objectName, filePath string, opts GetObjectOptions) error {
+func (c *Client) FGetObject(ctx context.Context, bucketName, objectName, filePath string, opts GetObjectOptions) error {
 	// Input validation.
 	if err := s3utils.CheckValidBucketName(bucketName); err != nil {
 		return err
diff --git a/vendor/github.com/minio/minio-go/v7/api-get-object.go b/vendor/github.com/minio/minio-go/v7/api-get-object.go
index ef9dd45d4c4..b9b960250f0 100644
--- a/vendor/github.com/minio/minio-go/v7/api-get-object.go
+++ b/vendor/github.com/minio/minio-go/v7/api-get-object.go
@@ -30,7 +30,7 @@ import (
 )
 
 // GetObject wrapper function that accepts a request context
-func (c Client) GetObject(ctx context.Context, bucketName, objectName string, opts GetObjectOptions) (*Object, error) {
+func (c *Client) GetObject(ctx context.Context, bucketName, objectName string, opts GetObjectOptions) (*Object, error) {
 	// Input validation.
 	if err := s3utils.CheckValidBucketName(bucketName); err != nil {
 		return nil, err
@@ -139,7 +139,7 @@ func (c Client) GetObject(ctx context.Context, bucketName, objectName string, op
 
 						// Remove range header if already set, for stat Operations to get original file size.
 						delete(opts.headers, "Range")
-						objectInfo, err = c.statObject(ctx, bucketName, objectName, StatObjectOptions(opts))
+						objectInfo, err = c.StatObject(ctx, bucketName, objectName, StatObjectOptions(opts))
 						if err != nil {
 							resCh <- getResponse{
 								Error: err,
@@ -162,7 +162,7 @@ func (c Client) GetObject(ctx context.Context, bucketName, objectName string, op
 					if etag != "" && !snowball {
 						opts.SetMatchETag(etag)
 					}
-					objectInfo, err := c.statObject(ctx, bucketName, objectName, StatObjectOptions(opts))
+					objectInfo, err := c.StatObject(ctx, bucketName, objectName, StatObjectOptions(opts))
 					if err != nil {
 						resCh <- getResponse{
 							Error: err,
@@ -639,7 +639,7 @@ func newObject(reqCh chan<- getRequest, resCh <-chan getResponse, doneCh chan<-
 //
 // For more information about the HTTP Range header.
 // go to http://www.w3.org/Protocols/rfc2616/rfc2616-sec14.html#sec14.35.
-func (c Client) getObject(ctx context.Context, bucketName, objectName string, opts GetObjectOptions) (io.ReadCloser, ObjectInfo, http.Header, error) {
+func (c *Client) getObject(ctx context.Context, bucketName, objectName string, opts GetObjectOptions) (io.ReadCloser, ObjectInfo, http.Header, error) {
 	// Validate input arguments.
 	if err := s3utils.CheckValidBucketName(bucketName); err != nil {
 		return nil, ObjectInfo{}, nil, err
diff --git a/vendor/github.com/minio/minio-go/v7/api-list.go b/vendor/github.com/minio/minio-go/v7/api-list.go
index 7996c11e9db..a8d7e713777 100644
--- a/vendor/github.com/minio/minio-go/v7/api-list.go
+++ b/vendor/github.com/minio/minio-go/v7/api-list.go
@@ -36,7 +36,7 @@ import (
 //       fmt.Println(message)
 //   }
 //
-func (c Client) ListBuckets(ctx context.Context) ([]BucketInfo, error) {
+func (c *Client) ListBuckets(ctx context.Context) ([]BucketInfo, error) {
 	// Execute GET on service.
 	resp, err := c.executeMethod(ctx, http.MethodGet, requestMetadata{contentSHA256Hex: emptySHA256Hex})
 	defer closeResponse(resp)
@@ -56,14 +56,13 @@ func (c Client) ListBuckets(ctx context.Context) ([]BucketInfo, error) {
 	return listAllMyBucketsResult.Buckets.Bucket, nil
 }
 
-/// Bucket Read Operations.
-
-func (c Client) listObjectsV2(ctx context.Context, bucketName, objectPrefix string, recursive, metadata bool, maxKeys int) <-chan ObjectInfo {
+/// Bucket List Operations.
+func (c *Client) listObjectsV2(ctx context.Context, bucketName string, opts ListObjectsOptions) <-chan ObjectInfo {
 	// Allocate new list objects channel.
 	objectStatCh := make(chan ObjectInfo, 1)
 	// Default listing is delimited at "/"
 	delimiter := "/"
-	if recursive {
+	if opts.Recursive {
 		// If recursive we do not delimit.
 		delimiter = ""
 	}
@@ -81,7 +80,7 @@ func (c Client) listObjectsV2(ctx context.Context, bucketName, objectPrefix stri
 	}
 
 	// Validate incoming object prefix.
-	if err := s3utils.CheckValidObjectNamePrefix(objectPrefix); err != nil {
+	if err := s3utils.CheckValidObjectNamePrefix(opts.Prefix); err != nil {
 		defer close(objectStatCh)
 		objectStatCh <- ObjectInfo{
 			Err: err,
@@ -96,8 +95,8 @@ func (c Client) listObjectsV2(ctx context.Context, bucketName, objectPrefix stri
 		var continuationToken string
 		for {
 			// Get list of objects a maximum of 1000 per request.
-			result, err := c.listObjectsV2Query(ctx, bucketName, objectPrefix, continuationToken,
-				fetchOwner, metadata, delimiter, maxKeys)
+			result, err := c.listObjectsV2Query(ctx, bucketName, opts.Prefix, continuationToken,
+				fetchOwner, opts.WithMetadata, delimiter, opts.StartAfter, opts.MaxKeys, opts.headers)
 			if err != nil {
 				objectStatCh <- ObjectInfo{
 					Err: err,
@@ -148,12 +147,13 @@ func (c Client) listObjectsV2(ctx context.Context, bucketName, objectPrefix stri
 // You can use the request parameters as selection criteria to return a subset of the objects in a bucket.
 // request parameters :-
 // ---------
+// ?prefix - Limits the response to keys that begin with the specified prefix.
 // ?continuation-token - Used to continue iterating over a set of objects
+// ?metadata - Specifies if we want metadata for the objects as part of list operation.
 // ?delimiter - A delimiter is a character you use to group keys.
-// ?prefix - Limits the response to keys that begin with the specified prefix.
+// ?start-after - Sets a marker to start listing lexically at this key onwards.
 // ?max-keys - Sets the maximum number of keys returned in the response body.
-// ?metadata - Specifies if we want metadata for the objects as part of list operation.
-func (c Client) listObjectsV2Query(ctx context.Context, bucketName, objectPrefix, continuationToken string, fetchOwner, metadata bool, delimiter string, maxkeys int) (ListBucketV2Result, error) {
+func (c *Client) listObjectsV2Query(ctx context.Context, bucketName, objectPrefix, continuationToken string, fetchOwner, metadata bool, delimiter string, startAfter string, maxkeys int, headers http.Header) (ListBucketV2Result, error) {
 	// Validate bucket name.
 	if err := s3utils.CheckValidBucketName(bucketName); err != nil {
 		return ListBucketV2Result{}, err
@@ -173,6 +173,11 @@ func (c Client) listObjectsV2Query(ctx context.Context, bucketName, objectPrefix
 		urlValues.Set("metadata", "true")
 	}
 
+	// Set this conditionally if asked
+	if startAfter != "" {
+		urlValues.Set("start-after", startAfter)
+	}
+
 	// Always set encoding-type in ListObjects V2
 	urlValues.Set("encoding-type", "url")
 
@@ -202,6 +207,7 @@ func (c Client) listObjectsV2Query(ctx context.Context, bucketName, objectPrefix
 		bucketName:       bucketName,
 		queryValues:      urlValues,
 		contentSHA256Hex: emptySHA256Hex,
+		customHeader:     headers,
 	})
 	defer closeResponse(resp)
 	if err != nil {
@@ -246,12 +252,12 @@ func (c Client) listObjectsV2Query(ctx context.Context, bucketName, objectPrefix
 	return listBucketResult, nil
 }
 
-func (c Client) listObjects(ctx context.Context, bucketName, objectPrefix string, recursive bool, maxKeys int) <-chan ObjectInfo {
+func (c *Client) listObjects(ctx context.Context, bucketName string, opts ListObjectsOptions) <-chan ObjectInfo {
 	// Allocate new list objects channel.
 	objectStatCh := make(chan ObjectInfo, 1)
 	// Default listing is delimited at "/"
 	delimiter := "/"
-	if recursive {
+	if opts.Recursive {
 		// If recursive we do not delimit.
 		delimiter = ""
 	}
@@ -264,7 +270,7 @@ func (c Client) listObjects(ctx context.Context, bucketName, objectPrefix string
 		return objectStatCh
 	}
 	// Validate incoming object prefix.
-	if err := s3utils.CheckValidObjectNamePrefix(objectPrefix); err != nil {
+	if err := s3utils.CheckValidObjectNamePrefix(opts.Prefix); err != nil {
 		defer close(objectStatCh)
 		objectStatCh <- ObjectInfo{
 			Err: err,
@@ -276,10 +282,10 @@ func (c Client) listObjects(ctx context.Context, bucketName, objectPrefix string
 	go func(objectStatCh chan<- ObjectInfo) {
 		defer close(objectStatCh)
 
-		marker := ""
+		marker := opts.StartAfter
 		for {
 			// Get list of objects a maximum of 1000 per request.
-			result, err := c.listObjectsQuery(ctx, bucketName, objectPrefix, marker, delimiter, maxKeys)
+			result, err := c.listObjectsQuery(ctx, bucketName, opts.Prefix, marker, delimiter, opts.MaxKeys, opts.headers)
 			if err != nil {
 				objectStatCh <- ObjectInfo{
 					Err: err,
@@ -326,12 +332,12 @@ func (c Client) listObjects(ctx context.Context, bucketName, objectPrefix string
 	return objectStatCh
 }
 
-func (c Client) listObjectVersions(ctx context.Context, bucketName, prefix string, recursive bool, maxKeys int) <-chan ObjectInfo {
+func (c *Client) listObjectVersions(ctx context.Context, bucketName string, opts ListObjectsOptions) <-chan ObjectInfo {
 	// Allocate new list objects channel.
 	resultCh := make(chan ObjectInfo, 1)
 	// Default listing is delimited at "/"
 	delimiter := "/"
-	if recursive {
+	if opts.Recursive {
 		// If recursive we do not delimit.
 		delimiter = ""
 	}
@@ -346,7 +352,7 @@ func (c Client) listObjectVersions(ctx context.Context, bucketName, prefix strin
 	}
 
 	// Validate incoming object prefix.
-	if err := s3utils.CheckValidObjectNamePrefix(prefix); err != nil {
+	if err := s3utils.CheckValidObjectNamePrefix(opts.Prefix); err != nil {
 		defer close(resultCh)
 		resultCh <- ObjectInfo{
 			Err: err,
@@ -365,7 +371,7 @@ func (c Client) listObjectVersions(ctx context.Context, bucketName, prefix strin
 
 		for {
 			// Get list of objects a maximum of 1000 per request.
-			result, err := c.listObjectVersionsQuery(ctx, bucketName, prefix, keyMarker, versionIDMarker, delimiter, maxKeys)
+			result, err := c.listObjectVersionsQuery(ctx, bucketName, opts.Prefix, keyMarker, versionIDMarker, delimiter, opts.MaxKeys, opts.headers)
 			if err != nil {
 				resultCh <- ObjectInfo{
 					Err: err,
@@ -376,15 +382,14 @@ func (c Client) listObjectVersions(ctx context.Context, bucketName, prefix strin
 			// If contents are available loop through and send over channel.
 			for _, version := range result.Versions {
 				info := ObjectInfo{
-					ETag:         trimEtag(version.ETag),
-					Key:          version.Key,
-					LastModified: version.LastModified,
-					Size:         version.Size,
-					Owner:        version.Owner,
-					StorageClass: version.StorageClass,
-					IsLatest:     version.IsLatest,
-					VersionID:    version.VersionID,
-
+					ETag:           trimEtag(version.ETag),
+					Key:            version.Key,
+					LastModified:   version.LastModified,
+					Size:           version.Size,
+					Owner:          version.Owner,
+					StorageClass:   version.StorageClass,
+					IsLatest:       version.IsLatest,
+					VersionID:      version.VersionID,
 					IsDeleteMarker: version.isDeleteMarker,
 				}
 				select {
@@ -438,7 +443,7 @@ func (c Client) listObjectVersions(ctx context.Context, bucketName, prefix strin
 // ?delimiter - A delimiter is a character you use to group keys.
 // ?prefix - Limits the response to keys that begin with the specified prefix.
 // ?max-keys - Sets the maximum number of keys returned in the response body.
-func (c Client) listObjectVersionsQuery(ctx context.Context, bucketName, prefix, keyMarker, versionIDMarker, delimiter string, maxkeys int) (ListVersionsResult, error) {
+func (c *Client) listObjectVersionsQuery(ctx context.Context, bucketName, prefix, keyMarker, versionIDMarker, delimiter string, maxkeys int, headers http.Header) (ListVersionsResult, error) {
 	// Validate bucket name.
 	if err := s3utils.CheckValidBucketName(bucketName); err != nil {
 		return ListVersionsResult{}, err
@@ -483,6 +488,7 @@ func (c Client) listObjectVersionsQuery(ctx context.Context, bucketName, prefix,
 		bucketName:       bucketName,
 		queryValues:      urlValues,
 		contentSHA256Hex: emptySHA256Hex,
+		customHeader:     headers,
 	})
 	defer closeResponse(resp)
 	if err != nil {
@@ -534,7 +540,7 @@ func (c Client) listObjectVersionsQuery(ctx context.Context, bucketName, prefix,
 // ?delimiter - A delimiter is a character you use to group keys.
 // ?prefix - Limits the response to keys that begin with the specified prefix.
 // ?max-keys - Sets the maximum number of keys returned in the response body.
-func (c Client) listObjectsQuery(ctx context.Context, bucketName, objectPrefix, objectMarker, delimiter string, maxkeys int) (ListBucketResult, error) {
+func (c *Client) listObjectsQuery(ctx context.Context, bucketName, objectPrefix, objectMarker, delimiter string, maxkeys int, headers http.Header) (ListBucketResult, error) {
 	// Validate bucket name.
 	if err := s3utils.CheckValidBucketName(bucketName); err != nil {
 		return ListBucketResult{}, err
@@ -571,6 +577,7 @@ func (c Client) listObjectsQuery(ctx context.Context, bucketName, objectPrefix,
 		bucketName:       bucketName,
 		queryValues:      urlValues,
 		contentSHA256Hex: emptySHA256Hex,
+		customHeader:     headers,
 	})
 	defer closeResponse(resp)
 	if err != nil {
@@ -626,9 +633,25 @@ type ListObjectsOptions struct {
 	// batch, advanced use-case not useful for most
 	// applications
 	MaxKeys int
+	// StartAfter start listing lexically at this
+	// object onwards, this value can also be set
+	// for Marker when `UseV1` is set to true.
+	StartAfter string
 
 	// Use the deprecated list objects V1 API
 	UseV1 bool
+
+	headers http.Header
+}
+
+// Set adds a key value pair to the options. The
+// key-value pair will be part of the HTTP GET request
+// headers.
+func (o *ListObjectsOptions) Set(key, value string) {
+	if o.headers == nil {
+		o.headers = make(http.Header)
+	}
+	o.headers.Set(key, value)
 }
 
 // ListObjects returns objects list after evaluating the passed options.
@@ -638,24 +661,24 @@ type ListObjectsOptions struct {
 //       fmt.Println(object)
 //   }
 //
-func (c Client) ListObjects(ctx context.Context, bucketName string, opts ListObjectsOptions) <-chan ObjectInfo {
+func (c *Client) ListObjects(ctx context.Context, bucketName string, opts ListObjectsOptions) <-chan ObjectInfo {
 	if opts.WithVersions {
-		return c.listObjectVersions(ctx, bucketName, opts.Prefix, opts.Recursive, opts.MaxKeys)
+		return c.listObjectVersions(ctx, bucketName, opts)
 	}
 
 	// Use legacy list objects v1 API
 	if opts.UseV1 {
-		return c.listObjects(ctx, bucketName, opts.Prefix, opts.Recursive, opts.MaxKeys)
+		return c.listObjects(ctx, bucketName, opts)
 	}
 
 	// Check whether this is snowball region, if yes ListObjectsV2 doesn't work, fallback to listObjectsV1.
 	if location, ok := c.bucketLocCache.Get(bucketName); ok {
 		if location == "snowball" {
-			return c.listObjects(ctx, bucketName, opts.Prefix, opts.Recursive, opts.MaxKeys)
+			return c.listObjects(ctx, bucketName, opts)
 		}
 	}
 
-	return c.listObjectsV2(ctx, bucketName, opts.Prefix, opts.Recursive, opts.WithMetadata, opts.MaxKeys)
+	return c.listObjectsV2(ctx, bucketName, opts)
 }
 
 // ListIncompleteUploads - List incompletely uploaded multipart objects.
@@ -674,12 +697,12 @@ func (c Client) ListObjects(ctx context.Context, bucketName string, opts ListObj
 //   for message := range api.ListIncompleteUploads(context.Background(), "mytestbucket", "starthere", recursive) {
 //       fmt.Println(message)
 //   }
-func (c Client) ListIncompleteUploads(ctx context.Context, bucketName, objectPrefix string, recursive bool) <-chan ObjectMultipartInfo {
+func (c *Client) ListIncompleteUploads(ctx context.Context, bucketName, objectPrefix string, recursive bool) <-chan ObjectMultipartInfo {
 	return c.listIncompleteUploads(ctx, bucketName, objectPrefix, recursive)
 }
 
 // listIncompleteUploads lists all incomplete uploads.
-func (c Client) listIncompleteUploads(ctx context.Context, bucketName, objectPrefix string, recursive bool) <-chan ObjectMultipartInfo {
+func (c *Client) listIncompleteUploads(ctx context.Context, bucketName, objectPrefix string, recursive bool) <-chan ObjectMultipartInfo {
 	// Allocate channel for multipart uploads.
 	objectMultipartStatCh := make(chan ObjectMultipartInfo, 1)
 	// Delimiter is set to "/" by default.
@@ -765,7 +788,7 @@ func (c Client) listIncompleteUploads(ctx context.Context, bucketName, objectPre
 // ?delimiter - A delimiter is a character you use to group keys.
 // ?prefix - Limits the response to keys that begin with the specified prefix.
 // ?max-uploads - Sets the maximum number of multipart uploads returned in the response body.
-func (c Client) listMultipartUploadsQuery(ctx context.Context, bucketName, keyMarker, uploadIDMarker, prefix, delimiter string, maxUploads int) (ListMultipartUploadsResult, error) {
+func (c *Client) listMultipartUploadsQuery(ctx context.Context, bucketName, keyMarker, uploadIDMarker, prefix, delimiter string, maxUploads int) (ListMultipartUploadsResult, error) {
 	// Get resources properly escaped and lined up before using them in http request.
 	urlValues := make(url.Values)
 	// Set uploads.
@@ -844,7 +867,7 @@ func (c Client) listMultipartUploadsQuery(ctx context.Context, bucketName, keyMa
 }
 
 // listObjectParts list all object parts recursively.
-func (c Client) listObjectParts(ctx context.Context, bucketName, objectName, uploadID string) (partsInfo map[int]ObjectPart, err error) {
+func (c *Client) listObjectParts(ctx context.Context, bucketName, objectName, uploadID string) (partsInfo map[int]ObjectPart, err error) {
 	// Part number marker for the next batch of request.
 	var nextPartNumberMarker int
 	partsInfo = make(map[int]ObjectPart)
@@ -873,7 +896,7 @@ func (c Client) listObjectParts(ctx context.Context, bucketName, objectName, upl
 }
 
 // findUploadIDs lists all incomplete uploads and find the uploadIDs of the matching object name.
-func (c Client) findUploadIDs(ctx context.Context, bucketName, objectName string) ([]string, error) {
+func (c *Client) findUploadIDs(ctx context.Context, bucketName, objectName string) ([]string, error) {
 	var uploadIDs []string
 	// Make list incomplete uploads recursive.
 	isRecursive := true
@@ -900,7 +923,7 @@ func (c Client) findUploadIDs(ctx context.Context, bucketName, objectName string
 // ?part-number-marker - Specifies the part after which listing should
 // begin.
 // ?max-parts - Maximum parts to be listed per request.
-func (c Client) listObjectPartsQuery(ctx context.Context, bucketName, objectName, uploadID string, partNumberMarker, maxParts int) (ListObjectPartsResult, error) {
+func (c *Client) listObjectPartsQuery(ctx context.Context, bucketName, objectName, uploadID string, partNumberMarker, maxParts int) (ListObjectPartsResult, error) {
 	// Get resources properly escaped and lined up before using them in http request.
 	urlValues := make(url.Values)
 	// Set part number marker.
diff --git a/vendor/github.com/minio/minio-go/v7/api-object-legal-hold.go b/vendor/github.com/minio/minio-go/v7/api-object-legal-hold.go
index b139c1687b5..0c027d550f7 100644
--- a/vendor/github.com/minio/minio-go/v7/api-object-legal-hold.go
+++ b/vendor/github.com/minio/minio-go/v7/api-object-legal-hold.go
@@ -81,7 +81,7 @@ func newObjectLegalHold(status *LegalHoldStatus) (*objectLegalHold, error) {
 }
 
 // PutObjectLegalHold : sets object legal hold for a given object and versionID.
-func (c Client) PutObjectLegalHold(ctx context.Context, bucketName, objectName string, opts PutObjectLegalHoldOptions) error {
+func (c *Client) PutObjectLegalHold(ctx context.Context, bucketName, objectName string, opts PutObjectLegalHoldOptions) error {
 	// Input validation.
 	if err := s3utils.CheckValidBucketName(bucketName); err != nil {
 		return err
@@ -135,7 +135,7 @@ func (c Client) PutObjectLegalHold(ctx context.Context, bucketName, objectName s
 }
 
 // GetObjectLegalHold gets legal-hold status of given object.
-func (c Client) GetObjectLegalHold(ctx context.Context, bucketName, objectName string, opts GetObjectLegalHoldOptions) (status *LegalHoldStatus, err error) {
+func (c *Client) GetObjectLegalHold(ctx context.Context, bucketName, objectName string, opts GetObjectLegalHoldOptions) (status *LegalHoldStatus, err error) {
 	// Input validation.
 	if err := s3utils.CheckValidBucketName(bucketName); err != nil {
 		return nil, err
diff --git a/vendor/github.com/minio/minio-go/v7/api-object-lock.go b/vendor/github.com/minio/minio-go/v7/api-object-lock.go
index 29f52b0546d..f0a439853f9 100644
--- a/vendor/github.com/minio/minio-go/v7/api-object-lock.go
+++ b/vendor/github.com/minio/minio-go/v7/api-object-lock.go
@@ -139,7 +139,7 @@ func newObjectLockConfig(mode *RetentionMode, validity *uint, unit *ValidityUnit
 }
 
 // SetBucketObjectLockConfig sets object lock configuration in given bucket. mode, validity and unit are either all set or all nil.
-func (c Client) SetBucketObjectLockConfig(ctx context.Context, bucketName string, mode *RetentionMode, validity *uint, unit *ValidityUnit) error {
+func (c *Client) SetBucketObjectLockConfig(ctx context.Context, bucketName string, mode *RetentionMode, validity *uint, unit *ValidityUnit) error {
 	// Input validation.
 	if err := s3utils.CheckValidBucketName(bucketName); err != nil {
 		return err
@@ -184,7 +184,7 @@ func (c Client) SetBucketObjectLockConfig(ctx context.Context, bucketName string
 }
 
 // GetObjectLockConfig gets object lock configuration of given bucket.
-func (c Client) GetObjectLockConfig(ctx context.Context, bucketName string) (objectLock string, mode *RetentionMode, validity *uint, unit *ValidityUnit, err error) {
+func (c *Client) GetObjectLockConfig(ctx context.Context, bucketName string) (objectLock string, mode *RetentionMode, validity *uint, unit *ValidityUnit, err error) {
 	// Input validation.
 	if err := s3utils.CheckValidBucketName(bucketName); err != nil {
 		return "", nil, nil, nil, err
@@ -230,12 +230,12 @@ func (c Client) GetObjectLockConfig(ctx context.Context, bucketName string) (obj
 }
 
 // GetBucketObjectLockConfig gets object lock configuration of given bucket.
-func (c Client) GetBucketObjectLockConfig(ctx context.Context, bucketName string) (mode *RetentionMode, validity *uint, unit *ValidityUnit, err error) {
+func (c *Client) GetBucketObjectLockConfig(ctx context.Context, bucketName string) (mode *RetentionMode, validity *uint, unit *ValidityUnit, err error) {
 	_, mode, validity, unit, err = c.GetObjectLockConfig(ctx, bucketName)
 	return mode, validity, unit, err
 }
 
 // SetObjectLockConfig sets object lock configuration in given bucket. mode, validity and unit are either all set or all nil.
-func (c Client) SetObjectLockConfig(ctx context.Context, bucketName string, mode *RetentionMode, validity *uint, unit *ValidityUnit) error {
+func (c *Client) SetObjectLockConfig(ctx context.Context, bucketName string, mode *RetentionMode, validity *uint, unit *ValidityUnit) error {
 	return c.SetBucketObjectLockConfig(ctx, bucketName, mode, validity, unit)
 }
diff --git a/vendor/github.com/minio/minio-go/v7/api-object-retention.go b/vendor/github.com/minio/minio-go/v7/api-object-retention.go
index 54f2762de92..b29cb1f8dce 100644
--- a/vendor/github.com/minio/minio-go/v7/api-object-retention.go
+++ b/vendor/github.com/minio/minio-go/v7/api-object-retention.go
@@ -63,7 +63,7 @@ type PutObjectRetentionOptions struct {
 }
 
 // PutObjectRetention sets object retention for a given object and versionID.
-func (c Client) PutObjectRetention(ctx context.Context, bucketName, objectName string, opts PutObjectRetentionOptions) error {
+func (c *Client) PutObjectRetention(ctx context.Context, bucketName, objectName string, opts PutObjectRetentionOptions) error {
 	// Input validation.
 	if err := s3utils.CheckValidBucketName(bucketName); err != nil {
 		return err
@@ -126,7 +126,7 @@ func (c Client) PutObjectRetention(ctx context.Context, bucketName, objectName s
 }
 
 // GetObjectRetention gets retention of given object.
-func (c Client) GetObjectRetention(ctx context.Context, bucketName, objectName, versionID string) (mode *RetentionMode, retainUntilDate *time.Time, err error) {
+func (c *Client) GetObjectRetention(ctx context.Context, bucketName, objectName, versionID string) (mode *RetentionMode, retainUntilDate *time.Time, err error) {
 	// Input validation.
 	if err := s3utils.CheckValidBucketName(bucketName); err != nil {
 		return nil, nil, err
diff --git a/vendor/github.com/minio/minio-go/v7/api-object-tagging.go b/vendor/github.com/minio/minio-go/v7/api-object-tagging.go
index 2709efcd127..305c36de856 100644
--- a/vendor/github.com/minio/minio-go/v7/api-object-tagging.go
+++ b/vendor/github.com/minio/minio-go/v7/api-object-tagging.go
@@ -36,7 +36,7 @@ type PutObjectTaggingOptions struct {
 
 // PutObjectTagging replaces or creates object tag(s) and can target
 // a specific object version in a versioned bucket.
-func (c Client) PutObjectTagging(ctx context.Context, bucketName, objectName string, otags *tags.Tags, opts PutObjectTaggingOptions) error {
+func (c *Client) PutObjectTagging(ctx context.Context, bucketName, objectName string, otags *tags.Tags, opts PutObjectTaggingOptions) error {
 	// Input validation.
 	if err := s3utils.CheckValidBucketName(bucketName); err != nil {
 		return err
@@ -87,7 +87,7 @@ type GetObjectTaggingOptions struct {
 
 // GetObjectTagging fetches object tag(s) with options to target
 // a specific object version in a versioned bucket.
-func (c Client) GetObjectTagging(ctx context.Context, bucketName, objectName string, opts GetObjectTaggingOptions) (*tags.Tags, error) {
+func (c *Client) GetObjectTagging(ctx context.Context, bucketName, objectName string, opts GetObjectTaggingOptions) (*tags.Tags, error) {
 	// Get resources properly escaped and lined up before
 	// using them in http request.
 	urlValues := make(url.Values)
@@ -125,7 +125,7 @@ type RemoveObjectTaggingOptions struct {
 
 // RemoveObjectTagging removes object tag(s) with options to control a specific object
 // version in a versioned bucket
-func (c Client) RemoveObjectTagging(ctx context.Context, bucketName, objectName string, opts RemoveObjectTaggingOptions) error {
+func (c *Client) RemoveObjectTagging(ctx context.Context, bucketName, objectName string, opts RemoveObjectTaggingOptions) error {
 	// Get resources properly escaped and lined up before
 	// using them in http request.
 	urlValues := make(url.Values)
diff --git a/vendor/github.com/minio/minio-go/v7/api-presigned.go b/vendor/github.com/minio/minio-go/v7/api-presigned.go
index 80c363da5b7..2e4bacf1263 100644
--- a/vendor/github.com/minio/minio-go/v7/api-presigned.go
+++ b/vendor/github.com/minio/minio-go/v7/api-presigned.go
@@ -30,7 +30,7 @@ import (
 
 // presignURL - Returns a presigned URL for an input 'method'.
 // Expires maximum is 7days - ie. 604800 and minimum is 1.
-func (c Client) presignURL(ctx context.Context, method string, bucketName string, objectName string, expires time.Duration, reqParams url.Values) (u *url.URL, err error) {
+func (c *Client) presignURL(ctx context.Context, method string, bucketName string, objectName string, expires time.Duration, reqParams url.Values, extraHeaders http.Header) (u *url.URL, err error) {
 	// Input validation.
 	if method == "" {
 		return nil, errInvalidArgument("method cannot be empty.")
@@ -45,11 +45,12 @@ func (c Client) presignURL(ctx context.Context, method string, bucketName string
 	// Convert expires into seconds.
 	expireSeconds := int64(expires / time.Second)
 	reqMetadata := requestMetadata{
-		presignURL:  true,
-		bucketName:  bucketName,
-		objectName:  objectName,
-		expires:     expireSeconds,
-		queryValues: reqParams,
+		presignURL:         true,
+		bucketName:         bucketName,
+		objectName:         objectName,
+		expires:            expireSeconds,
+		queryValues:        reqParams,
+		extraPresignHeader: extraHeaders,
 	}
 
 	// Instantiate a new request.
@@ -65,43 +66,54 @@ func (c Client) presignURL(ctx context.Context, method string, bucketName string
 // data without credentials. URL can have a maximum expiry of
 // upto 7days or a minimum of 1sec. Additionally you can override
 // a set of response headers using the query parameters.
-func (c Client) PresignedGetObject(ctx context.Context, bucketName string, objectName string, expires time.Duration, reqParams url.Values) (u *url.URL, err error) {
+func (c *Client) PresignedGetObject(ctx context.Context, bucketName string, objectName string, expires time.Duration, reqParams url.Values) (u *url.URL, err error) {
 	if err = s3utils.CheckValidObjectName(objectName); err != nil {
 		return nil, err
 	}
-	return c.presignURL(ctx, http.MethodGet, bucketName, objectName, expires, reqParams)
+	return c.presignURL(ctx, http.MethodGet, bucketName, objectName, expires, reqParams, nil)
 }
 
 // PresignedHeadObject - Returns a presigned URL to access
 // object metadata without credentials. URL can have a maximum expiry
 // of upto 7days or a minimum of 1sec. Additionally you can override
 // a set of response headers using the query parameters.
-func (c Client) PresignedHeadObject(ctx context.Context, bucketName string, objectName string, expires time.Duration, reqParams url.Values) (u *url.URL, err error) {
+func (c *Client) PresignedHeadObject(ctx context.Context, bucketName string, objectName string, expires time.Duration, reqParams url.Values) (u *url.URL, err error) {
 	if err = s3utils.CheckValidObjectName(objectName); err != nil {
 		return nil, err
 	}
-	return c.presignURL(ctx, http.MethodHead, bucketName, objectName, expires, reqParams)
+	return c.presignURL(ctx, http.MethodHead, bucketName, objectName, expires, reqParams, nil)
 }
 
 // PresignedPutObject - Returns a presigned URL to upload an object
 // without credentials. URL can have a maximum expiry of upto 7days
 // or a minimum of 1sec.
-func (c Client) PresignedPutObject(ctx context.Context, bucketName string, objectName string, expires time.Duration) (u *url.URL, err error) {
+func (c *Client) PresignedPutObject(ctx context.Context, bucketName string, objectName string, expires time.Duration) (u *url.URL, err error) {
 	if err = s3utils.CheckValidObjectName(objectName); err != nil {
 		return nil, err
 	}
-	return c.presignURL(ctx, http.MethodPut, bucketName, objectName, expires, nil)
+	return c.presignURL(ctx, http.MethodPut, bucketName, objectName, expires, nil, nil)
 }
 
-// Presign - returns a presigned URL for any http method of your choice
-// along with custom request params. URL can have a maximum expiry of
-// upto 7days or a minimum of 1sec.
-func (c Client) Presign(ctx context.Context, method string, bucketName string, objectName string, expires time.Duration, reqParams url.Values) (u *url.URL, err error) {
-	return c.presignURL(ctx, method, bucketName, objectName, expires, reqParams)
+// PresignHeader - similar to Presign() but allows including HTTP headers that
+// will be used to build the signature. The request using the resulting URL will
+// need to have the exact same headers to be added for signature validation to
+// pass.
+//
+// FIXME: The extra header parameter should be included in Presign() in the next
+// major version bump, and this function should then be deprecated.
+func (c *Client) PresignHeader(ctx context.Context, method string, bucketName string, objectName string, expires time.Duration, reqParams url.Values, extraHeaders http.Header) (u *url.URL, err error) {
+	return c.presignURL(ctx, method, bucketName, objectName, expires, reqParams, extraHeaders)
+}
+
+// Presign - returns a presigned URL for any http method of your choice along
+// with custom request params and extra signed headers. URL can have a maximum
+// expiry of upto 7days or a minimum of 1sec.
+func (c *Client) Presign(ctx context.Context, method string, bucketName string, objectName string, expires time.Duration, reqParams url.Values) (u *url.URL, err error) {
+	return c.presignURL(ctx, method, bucketName, objectName, expires, reqParams, nil)
 }
 
 // PresignedPostPolicy - Returns POST urlString, form data to upload an object.
-func (c Client) PresignedPostPolicy(ctx context.Context, p *PostPolicy) (u *url.URL, formData map[string]string, err error) {
+func (c *Client) PresignedPostPolicy(ctx context.Context, p *PostPolicy) (u *url.URL, formData map[string]string, err error) {
 	// Validate input arguments.
 	if p.expiration.IsZero() {
 		return nil, nil, errors.New("Expiration time must be specified")
diff --git a/vendor/github.com/minio/minio-go/v7/api-put-bucket.go b/vendor/github.com/minio/minio-go/v7/api-put-bucket.go
index df9fe98afa8..441c9223076 100644
--- a/vendor/github.com/minio/minio-go/v7/api-put-bucket.go
+++ b/vendor/github.com/minio/minio-go/v7/api-put-bucket.go
@@ -27,7 +27,7 @@ import (
 )
 
 /// Bucket operations
-func (c Client) makeBucket(ctx context.Context, bucketName string, opts MakeBucketOptions) (err error) {
+func (c *Client) makeBucket(ctx context.Context, bucketName string, opts MakeBucketOptions) (err error) {
 	// Validate the input arguments.
 	if err := s3utils.CheckValidBucketNameStrict(bucketName); err != nil {
 		return err
@@ -42,7 +42,7 @@ func (c Client) makeBucket(ctx context.Context, bucketName string, opts MakeBuck
 	return err
 }
 
-func (c Client) doMakeBucket(ctx context.Context, bucketName string, location string, objectLockEnabled bool) (err error) {
+func (c *Client) doMakeBucket(ctx context.Context, bucketName string, location string, objectLockEnabled bool) (err error) {
 	defer func() {
 		// Save the location into cache on a successful makeBucket response.
 		if err == nil {
@@ -118,6 +118,6 @@ type MakeBucketOptions struct {
 //
 // For Amazon S3 for more supported regions - http://docs.aws.amazon.com/general/latest/gr/rande.html
 // For Google Cloud Storage for more supported regions - https://cloud.google.com/storage/docs/bucket-locations
-func (c Client) MakeBucket(ctx context.Context, bucketName string, opts MakeBucketOptions) (err error) {
+func (c *Client) MakeBucket(ctx context.Context, bucketName string, opts MakeBucketOptions) (err error) {
 	return c.makeBucket(ctx, bucketName, opts)
 }
diff --git a/vendor/github.com/minio/minio-go/v7/api-put-object-common.go b/vendor/github.com/minio/minio-go/v7/api-put-object-common.go
index 3d0408e534f..149a536e42f 100644
--- a/vendor/github.com/minio/minio-go/v7/api-put-object-common.go
+++ b/vendor/github.com/minio/minio-go/v7/api-put-object-common.go
@@ -26,6 +26,8 @@ import (
 	"github.com/minio/minio-go/v7/pkg/s3utils"
 )
 
+const nullVersionID = "null"
+
 // Verify if reader is *minio.Object
 func isObject(reader io.Reader) (ok bool) {
 	_, ok = reader.(*Object)
@@ -57,17 +59,17 @@ func isReadAt(reader io.Reader) (ok bool) {
 	return
 }
 
-// optimalPartInfo - calculate the optimal part info for a given
+// OptimalPartInfo - calculate the optimal part info for a given
 // object size.
 //
 // NOTE: Assumption here is that for any object to be uploaded to any S3 compatible
 // object storage it will have the following parameters as constants.
 //
 //  maxPartsCount - 10000
-//  minPartSize - 128MiB
+//  minPartSize - 16MiB
 //  maxMultipartPutObjectSize - 5TiB
 //
-func optimalPartInfo(objectSize int64, configuredPartSize uint64) (totalPartsCount int, partSize int64, lastPartSize int64, err error) {
+func OptimalPartInfo(objectSize int64, configuredPartSize uint64) (totalPartsCount int, partSize int64, lastPartSize int64, err error) {
 	// object size is '-1' set it to 5TiB.
 	var unknownSize bool
 	if objectSize == -1 {
@@ -130,7 +132,7 @@ func optimalPartInfo(objectSize int64, configuredPartSize uint64) (totalPartsCou
 
 // getUploadID - fetch upload id if already present for an object name
 // or initiate a new request to fetch a new upload id.
-func (c Client) newUploadID(ctx context.Context, bucketName, objectName string, opts PutObjectOptions) (uploadID string, err error) {
+func (c *Client) newUploadID(ctx context.Context, bucketName, objectName string, opts PutObjectOptions) (uploadID string, err error) {
 	// Input validation.
 	if err := s3utils.CheckValidBucketName(bucketName); err != nil {
 		return "", err
diff --git a/vendor/github.com/minio/minio-go/v7/api-put-object-file-context.go b/vendor/github.com/minio/minio-go/v7/api-put-object-file-context.go
index 6c0f20df37b..4d29dfc18a4 100644
--- a/vendor/github.com/minio/minio-go/v7/api-put-object-file-context.go
+++ b/vendor/github.com/minio/minio-go/v7/api-put-object-file-context.go
@@ -27,7 +27,7 @@ import (
 )
 
 // FPutObject - Create an object in a bucket, with contents from file at filePath. Allows request cancellation.
-func (c Client) FPutObject(ctx context.Context, bucketName, objectName, filePath string, opts PutObjectOptions) (info UploadInfo, err error) {
+func (c *Client) FPutObject(ctx context.Context, bucketName, objectName, filePath string, opts PutObjectOptions) (info UploadInfo, err error) {
 	// Input validation.
 	if err := s3utils.CheckValidBucketName(bucketName); err != nil {
 		return UploadInfo{}, err
diff --git a/vendor/github.com/minio/minio-go/v7/api-put-object-multipart.go b/vendor/github.com/minio/minio-go/v7/api-put-object-multipart.go
index 1c862ad968b..333321aa3c2 100644
--- a/vendor/github.com/minio/minio-go/v7/api-put-object-multipart.go
+++ b/vendor/github.com/minio/minio-go/v7/api-put-object-multipart.go
@@ -32,11 +32,12 @@ import (
 	"strconv"
 	"strings"
 
+	"github.com/google/uuid"
 	"github.com/minio/minio-go/v7/pkg/encrypt"
 	"github.com/minio/minio-go/v7/pkg/s3utils"
 )
 
-func (c Client) putObjectMultipart(ctx context.Context, bucketName, objectName string, reader io.Reader, size int64,
+func (c *Client) putObjectMultipart(ctx context.Context, bucketName, objectName string, reader io.Reader, size int64,
 	opts PutObjectOptions) (info UploadInfo, err error) {
 	info, err = c.putObjectMultipartNoStream(ctx, bucketName, objectName, reader, opts)
 	if err != nil {
@@ -55,7 +56,7 @@ func (c Client) putObjectMultipart(ctx context.Context, bucketName, objectName s
 	return info, err
 }
 
-func (c Client) putObjectMultipartNoStream(ctx context.Context, bucketName, objectName string, reader io.Reader, opts PutObjectOptions) (info UploadInfo, err error) {
+func (c *Client) putObjectMultipartNoStream(ctx context.Context, bucketName, objectName string, reader io.Reader, opts PutObjectOptions) (info UploadInfo, err error) {
 	// Input validation.
 	if err = s3utils.CheckValidBucketName(bucketName); err != nil {
 		return UploadInfo{}, err
@@ -72,7 +73,7 @@ func (c Client) putObjectMultipartNoStream(ctx context.Context, bucketName, obje
 	var complMultipartUpload completeMultipartUpload
 
 	// Calculate the optimal parts info for a given size.
-	totalPartsCount, partSize, _, err := optimalPartInfo(-1, opts.PartSize)
+	totalPartsCount, partSize, _, err := OptimalPartInfo(-1, opts.PartSize)
 	if err != nil {
 		return UploadInfo{}, err
 	}
@@ -175,7 +176,7 @@ func (c Client) putObjectMultipartNoStream(ctx context.Context, bucketName, obje
 	// Sort all completed parts.
 	sort.Sort(completedParts(complMultipartUpload.Parts))
 
-	uploadInfo, err := c.completeMultipartUpload(ctx, bucketName, objectName, uploadID, complMultipartUpload)
+	uploadInfo, err := c.completeMultipartUpload(ctx, bucketName, objectName, uploadID, complMultipartUpload, PutObjectOptions{})
 	if err != nil {
 		return UploadInfo{}, err
 	}
@@ -185,7 +186,7 @@ func (c Client) putObjectMultipartNoStream(ctx context.Context, bucketName, obje
 }
 
 // initiateMultipartUpload - Initiates a multipart upload and returns an upload ID.
-func (c Client) initiateMultipartUpload(ctx context.Context, bucketName, objectName string, opts PutObjectOptions) (initiateMultipartUploadResult, error) {
+func (c *Client) initiateMultipartUpload(ctx context.Context, bucketName, objectName string, opts PutObjectOptions) (initiateMultipartUploadResult, error) {
 	// Input validation.
 	if err := s3utils.CheckValidBucketName(bucketName); err != nil {
 		return initiateMultipartUploadResult{}, err
@@ -198,6 +199,15 @@ func (c Client) initiateMultipartUpload(ctx context.Context, bucketName, objectN
 	urlValues := make(url.Values)
 	urlValues.Set("uploads", "")
 
+	if opts.Internal.SourceVersionID != "" {
+		if opts.Internal.SourceVersionID != nullVersionID {
+			if _, err := uuid.Parse(opts.Internal.SourceVersionID); err != nil {
+				return initiateMultipartUploadResult{}, errInvalidArgument(err.Error())
+			}
+		}
+		urlValues.Set("versionId", opts.Internal.SourceVersionID)
+	}
+
 	// Set ContentType header.
 	customHeader := opts.Header()
 
@@ -229,7 +239,7 @@ func (c Client) initiateMultipartUpload(ctx context.Context, bucketName, objectN
 }
 
 // uploadPart - Uploads a part in a multipart upload.
-func (c Client) uploadPart(ctx context.Context, bucketName, objectName, uploadID string, reader io.Reader,
+func (c *Client) uploadPart(ctx context.Context, bucketName, objectName, uploadID string, reader io.Reader,
 	partNumber int, md5Base64, sha256Hex string, size int64, sse encrypt.ServerSide) (ObjectPart, error) {
 	// Input validation.
 	if err := s3utils.CheckValidBucketName(bucketName); err != nil {
@@ -300,8 +310,8 @@ func (c Client) uploadPart(ctx context.Context, bucketName, objectName, uploadID
 }
 
 // completeMultipartUpload - Completes a multipart upload by assembling previously uploaded parts.
-func (c Client) completeMultipartUpload(ctx context.Context, bucketName, objectName, uploadID string,
-	complete completeMultipartUpload) (UploadInfo, error) {
+func (c *Client) completeMultipartUpload(ctx context.Context, bucketName, objectName, uploadID string,
+	complete completeMultipartUpload, opts PutObjectOptions) (UploadInfo, error) {
 	// Input validation.
 	if err := s3utils.CheckValidBucketName(bucketName); err != nil {
 		return UploadInfo{}, err
@@ -328,6 +338,7 @@ func (c Client) completeMultipartUpload(ctx context.Context, bucketName, objectN
 		contentBody:      completeMultipartUploadBuffer,
 		contentLength:    int64(len(completeMultipartUploadBytes)),
 		contentSHA256Hex: sum256Hex(completeMultipartUploadBytes),
+		customHeader:     opts.Header(),
 	}
 
 	// Execute POST to complete multipart upload for an objectName.
diff --git a/vendor/github.com/minio/minio-go/v7/api-put-object-streaming.go b/vendor/github.com/minio/minio-go/v7/api-put-object-streaming.go
index f4694fc5525..55cc4f14f12 100644
--- a/vendor/github.com/minio/minio-go/v7/api-put-object-streaming.go
+++ b/vendor/github.com/minio/minio-go/v7/api-put-object-streaming.go
@@ -41,7 +41,7 @@ import (
 //  - *minio.Object
 //  - Any reader which has a method 'ReadAt()'
 //
-func (c Client) putObjectMultipartStream(ctx context.Context, bucketName, objectName string,
+func (c *Client) putObjectMultipartStream(ctx context.Context, bucketName, objectName string,
 	reader io.Reader, size int64, opts PutObjectOptions) (info UploadInfo, err error) {
 
 	if !isObject(reader) && isReadAt(reader) && !opts.SendContentMd5 {
@@ -90,7 +90,7 @@ type uploadPartReq struct {
 // temporary files for staging all the data, these temporary files are
 // cleaned automatically when the caller i.e http client closes the
 // stream after uploading all the contents successfully.
-func (c Client) putObjectMultipartStreamFromReadAt(ctx context.Context, bucketName, objectName string,
+func (c *Client) putObjectMultipartStreamFromReadAt(ctx context.Context, bucketName, objectName string,
 	reader io.ReaderAt, size int64, opts PutObjectOptions) (info UploadInfo, err error) {
 	// Input validation.
 	if err = s3utils.CheckValidBucketName(bucketName); err != nil {
@@ -101,7 +101,7 @@ func (c Client) putObjectMultipartStreamFromReadAt(ctx context.Context, bucketNa
 	}
 
 	// Calculate the optimal parts info for a given size.
-	totalPartsCount, partSize, lastPartSize, err := optimalPartInfo(size, opts.PartSize)
+	totalPartsCount, partSize, lastPartSize, err := OptimalPartInfo(size, opts.PartSize)
 	if err != nil {
 		return UploadInfo{}, err
 	}
@@ -231,7 +231,7 @@ func (c Client) putObjectMultipartStreamFromReadAt(ctx context.Context, bucketNa
 	// Sort all completed parts.
 	sort.Sort(completedParts(complMultipartUpload.Parts))
 
-	uploadInfo, err := c.completeMultipartUpload(ctx, bucketName, objectName, uploadID, complMultipartUpload)
+	uploadInfo, err := c.completeMultipartUpload(ctx, bucketName, objectName, uploadID, complMultipartUpload, PutObjectOptions{})
 	if err != nil {
 		return UploadInfo{}, err
 	}
@@ -240,7 +240,7 @@ func (c Client) putObjectMultipartStreamFromReadAt(ctx context.Context, bucketNa
 	return uploadInfo, nil
 }
 
-func (c Client) putObjectMultipartStreamOptionalChecksum(ctx context.Context, bucketName, objectName string,
+func (c *Client) putObjectMultipartStreamOptionalChecksum(ctx context.Context, bucketName, objectName string,
 	reader io.Reader, size int64, opts PutObjectOptions) (info UploadInfo, err error) {
 	// Input validation.
 	if err = s3utils.CheckValidBucketName(bucketName); err != nil {
@@ -251,7 +251,7 @@ func (c Client) putObjectMultipartStreamOptionalChecksum(ctx context.Context, bu
 	}
 
 	// Calculate the optimal parts info for a given size.
-	totalPartsCount, partSize, lastPartSize, err := optimalPartInfo(size, opts.PartSize)
+	totalPartsCount, partSize, lastPartSize, err := OptimalPartInfo(size, opts.PartSize)
 	if err != nil {
 		return UploadInfo{}, err
 	}
@@ -358,7 +358,7 @@ func (c Client) putObjectMultipartStreamOptionalChecksum(ctx context.Context, bu
 	// Sort all completed parts.
 	sort.Sort(completedParts(complMultipartUpload.Parts))
 
-	uploadInfo, err := c.completeMultipartUpload(ctx, bucketName, objectName, uploadID, complMultipartUpload)
+	uploadInfo, err := c.completeMultipartUpload(ctx, bucketName, objectName, uploadID, complMultipartUpload, PutObjectOptions{})
 	if err != nil {
 		return UploadInfo{}, err
 	}
@@ -369,7 +369,7 @@ func (c Client) putObjectMultipartStreamOptionalChecksum(ctx context.Context, bu
 
 // putObject special function used Google Cloud Storage. This special function
 // is used for Google Cloud Storage since Google's multipart API is not S3 compatible.
-func (c Client) putObject(ctx context.Context, bucketName, objectName string, reader io.Reader, size int64, opts PutObjectOptions) (info UploadInfo, err error) {
+func (c *Client) putObject(ctx context.Context, bucketName, objectName string, reader io.Reader, size int64, opts PutObjectOptions) (info UploadInfo, err error) {
 	// Input validation.
 	if err := s3utils.CheckValidBucketName(bucketName); err != nil {
 		return UploadInfo{}, err
@@ -430,7 +430,7 @@ func (c Client) putObject(ctx context.Context, bucketName, objectName string, re
 
 // putObjectDo - executes the put object http operation.
 // NOTE: You must have WRITE permissions on a bucket to add an object to it.
-func (c Client) putObjectDo(ctx context.Context, bucketName, objectName string, reader io.Reader, md5Base64, sha256Hex string, size int64, opts PutObjectOptions) (UploadInfo, error) {
+func (c *Client) putObjectDo(ctx context.Context, bucketName, objectName string, reader io.Reader, md5Base64, sha256Hex string, size int64, opts PutObjectOptions) (UploadInfo, error) {
 	// Input validation.
 	if err := s3utils.CheckValidBucketName(bucketName); err != nil {
 		return UploadInfo{}, err
@@ -452,8 +452,10 @@ func (c Client) putObjectDo(ctx context.Context, bucketName, objectName string,
 		contentSHA256Hex: sha256Hex,
 	}
 	if opts.Internal.SourceVersionID != "" {
-		if _, err := uuid.Parse(opts.Internal.SourceVersionID); err != nil {
-			return UploadInfo{}, errInvalidArgument(err.Error())
+		if opts.Internal.SourceVersionID != nullVersionID {
+			if _, err := uuid.Parse(opts.Internal.SourceVersionID); err != nil {
+				return UploadInfo{}, errInvalidArgument(err.Error())
+			}
 		}
 		urlValues := make(url.Values)
 		urlValues.Set("versionId", opts.Internal.SourceVersionID)
diff --git a/vendor/github.com/minio/minio-go/v7/api-put-object.go b/vendor/github.com/minio/minio-go/v7/api-put-object.go
index 0cbb0a7a30f..fb61b407a20 100644
--- a/vendor/github.com/minio/minio-go/v7/api-put-object.go
+++ b/vendor/github.com/minio/minio-go/v7/api-put-object.go
@@ -55,10 +55,14 @@ func (r ReplicationStatus) Empty() bool {
 // AdvancedPutOptions for internal use - to be utilized by replication, ILM transition
 // implementation on MinIO server
 type AdvancedPutOptions struct {
-	SourceVersionID   string
-	SourceETag        string
-	ReplicationStatus ReplicationStatus
-	SourceMTime       time.Time
+	SourceVersionID    string
+	SourceETag         string
+	ReplicationStatus  ReplicationStatus
+	SourceMTime        time.Time
+	ReplicationRequest bool
+	RetentionTimestamp time.Time
+	TaggingTimestamp   time.Time
+	LegalholdTimestamp time.Time
 }
 
 // PutObjectOptions represents options specified by user for PutObject call
@@ -152,6 +156,19 @@ func (opts PutObjectOptions) Header() (header http.Header) {
 	if opts.Internal.SourceETag != "" {
 		header.Set(minIOBucketSourceETag, opts.Internal.SourceETag)
 	}
+	if opts.Internal.ReplicationRequest {
+		header.Set(minIOBucketReplicationRequest, "")
+	}
+	if !opts.Internal.LegalholdTimestamp.IsZero() {
+		header.Set(minIOBucketReplicationObjectLegalHoldTimestamp, opts.Internal.LegalholdTimestamp.Format(time.RFC3339Nano))
+	}
+	if !opts.Internal.RetentionTimestamp.IsZero() {
+		header.Set(minIOBucketReplicationObjectRetentionTimestamp, opts.Internal.RetentionTimestamp.Format(time.RFC3339Nano))
+	}
+	if !opts.Internal.TaggingTimestamp.IsZero() {
+		header.Set(minIOBucketReplicationTaggingTimestamp, opts.Internal.TaggingTimestamp.Format(time.RFC3339Nano))
+	}
+
 	if len(opts.UserTags) != 0 {
 		header.Set(amzTaggingHeader, s3utils.TagEncode(opts.UserTags))
 	}
@@ -204,7 +221,7 @@ func (a completedParts) Less(i, j int) bool { return a[i].PartNumber < a[j].Part
 //  - For size input as -1 PutObject does a multipart Put operation
 //    until input stream reaches EOF. Maximum object size that can
 //    be uploaded through this operation will be 5TiB.
-func (c Client) PutObject(ctx context.Context, bucketName, objectName string, reader io.Reader, objectSize int64,
+func (c *Client) PutObject(ctx context.Context, bucketName, objectName string, reader io.Reader, objectSize int64,
 	opts PutObjectOptions) (info UploadInfo, err error) {
 	if objectSize < 0 && opts.DisableMultipart {
 		return UploadInfo{}, errors.New("object size must be provided with disable multipart upload")
@@ -218,7 +235,7 @@ func (c Client) PutObject(ctx context.Context, bucketName, objectName string, re
 	return c.putObjectCommon(ctx, bucketName, objectName, reader, objectSize, opts)
 }
 
-func (c Client) putObjectCommon(ctx context.Context, bucketName, objectName string, reader io.Reader, size int64, opts PutObjectOptions) (info UploadInfo, err error) {
+func (c *Client) putObjectCommon(ctx context.Context, bucketName, objectName string, reader io.Reader, size int64, opts PutObjectOptions) (info UploadInfo, err error) {
 	// Check for largest object size allowed.
 	if size > int64(maxMultipartPutObjectSize) {
 		return UploadInfo{}, errEntityTooLarge(size, maxMultipartPutObjectSize, bucketName, objectName)
@@ -252,7 +269,7 @@ func (c Client) putObjectCommon(ctx context.Context, bucketName, objectName stri
 	return c.putObjectMultipartStream(ctx, bucketName, objectName, reader, size, opts)
 }
 
-func (c Client) putObjectMultipartStreamNoLength(ctx context.Context, bucketName, objectName string, reader io.Reader, opts PutObjectOptions) (info UploadInfo, err error) {
+func (c *Client) putObjectMultipartStreamNoLength(ctx context.Context, bucketName, objectName string, reader io.Reader, opts PutObjectOptions) (info UploadInfo, err error) {
 	// Input validation.
 	if err = s3utils.CheckValidBucketName(bucketName); err != nil {
 		return UploadInfo{}, err
@@ -269,7 +286,7 @@ func (c Client) putObjectMultipartStreamNoLength(ctx context.Context, bucketName
 	var complMultipartUpload completeMultipartUpload
 
 	// Calculate the optimal parts info for a given size.
-	totalPartsCount, partSize, _, err := optimalPartInfo(-1, opts.PartSize)
+	totalPartsCount, partSize, _, err := OptimalPartInfo(-1, opts.PartSize)
 	if err != nil {
 		return UploadInfo{}, err
 	}
@@ -356,7 +373,7 @@ func (c Client) putObjectMultipartStreamNoLength(ctx context.Context, bucketName
 	// Sort all completed parts.
 	sort.Sort(completedParts(complMultipartUpload.Parts))
 
-	uploadInfo, err := c.completeMultipartUpload(ctx, bucketName, objectName, uploadID, complMultipartUpload)
+	uploadInfo, err := c.completeMultipartUpload(ctx, bucketName, objectName, uploadID, complMultipartUpload, PutObjectOptions{})
 	if err != nil {
 		return UploadInfo{}, err
 	}
diff --git a/vendor/github.com/minio/minio-go/v7/api-putobject-snowball.go b/vendor/github.com/minio/minio-go/v7/api-putobject-snowball.go
new file mode 100644
index 00000000000..f9feda30f92
--- /dev/null
+++ b/vendor/github.com/minio/minio-go/v7/api-putobject-snowball.go
@@ -0,0 +1,215 @@
+/*
+ * MinIO Go Library for Amazon S3 Compatible Cloud Storage
+ * Copyright 2021 MinIO, Inc.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package minio
+
+import (
+	"archive/tar"
+	"bufio"
+	"bytes"
+	"context"
+	"fmt"
+	"io"
+	"io/ioutil"
+	"os"
+	"strings"
+	"sync"
+	"time"
+
+	"github.com/klauspost/compress/s2"
+)
+
+// SnowballOptions contains options for PutObjectsSnowball calls.
+type SnowballOptions struct {
+	// Opts is options applied to all objects.
+	Opts PutObjectOptions
+
+	// Processing options:
+
+	// InMemory specifies that all objects should be collected in memory
+	// before they are uploaded.
+	// If false a temporary file will be created.
+	InMemory bool
+
+	// Compress enabled content compression before upload.
+	// Compression will typically reduce memory and network usage,
+	// Compression can safely be enabled with MinIO hosts.
+	Compress bool
+}
+
+// SnowballObject contains information about a single object to be added to the snowball.
+type SnowballObject struct {
+	// Key is the destination key, including prefix.
+	Key string
+
+	// Size is the content size of this object.
+	Size int64
+
+	// Modtime to apply to the object.
+	ModTime time.Time
+
+	// Content of the object.
+	// Exactly 'Size' number of bytes must be provided.
+	Content io.Reader
+
+	// Close will be called when an object has finished processing.
+	// Note that if PutObjectsSnowball returns because of an error,
+	// objects not consumed from the input will NOT have been closed.
+	// Leave as nil for no callback.
+	Close func()
+}
+
+type nopReadSeekCloser struct {
+	io.ReadSeeker
+}
+
+func (n nopReadSeekCloser) Close() error {
+	return nil
+}
+
+// This is available as io.ReadSeekCloser from go1.16
+type readSeekCloser interface {
+	io.Reader
+	io.Closer
+	io.Seeker
+}
+
+// PutObjectsSnowball will put multiple objects with a single put call.
+// A (compressed) TAR file will be created which will contain multiple objects.
+// The key for each object will be used for the destination in the specified bucket.
+// Total size should be < 5TB.
+// This function blocks until 'objs' is closed and the content has been uploaded.
+func (c Client) PutObjectsSnowball(ctx context.Context, bucketName string, opts SnowballOptions, objs <-chan SnowballObject) (err error) {
+	err = opts.Opts.validate()
+	if err != nil {
+		return err
+	}
+	var tmpWriter io.Writer
+	var getTmpReader func() (rc readSeekCloser, sz int64, err error)
+	if opts.InMemory {
+		b := bytes.NewBuffer(nil)
+		tmpWriter = b
+		getTmpReader = func() (readSeekCloser, int64, error) {
+			return nopReadSeekCloser{bytes.NewReader(b.Bytes())}, int64(b.Len()), nil
+		}
+	} else {
+		f, err := ioutil.TempFile("", "s3-putsnowballobjects-*")
+		if err != nil {
+			return err
+		}
+		name := f.Name()
+		tmpWriter = f
+		var once sync.Once
+		defer once.Do(func() {
+			f.Close()
+		})
+		defer os.Remove(name)
+		getTmpReader = func() (readSeekCloser, int64, error) {
+			once.Do(func() {
+				f.Close()
+			})
+			f, err := os.Open(name)
+			if err != nil {
+				return nil, 0, err
+			}
+			st, err := f.Stat()
+			if err != nil {
+				return nil, 0, err
+			}
+			return f, st.Size(), nil
+		}
+	}
+	var flush = func() error { return nil }
+	if !opts.Compress {
+		if !opts.InMemory {
+			// Insert buffer for writes.
+			buf := bufio.NewWriterSize(tmpWriter, 1<<20)
+			flush = buf.Flush
+			tmpWriter = buf
+		}
+	} else {
+		s2c := s2.NewWriter(tmpWriter, s2.WriterBetterCompression())
+		flush = s2c.Close
+		defer s2c.Close()
+		tmpWriter = s2c
+	}
+	t := tar.NewWriter(tmpWriter)
+
+objectLoop:
+	for {
+		select {
+		case <-ctx.Done():
+			return ctx.Err()
+		case obj, ok := <-objs:
+			if !ok {
+				break objectLoop
+			}
+
+			closeObj := func() {}
+			if obj.Close != nil {
+				closeObj = obj.Close
+			}
+
+			// Trim accidental slash prefix.
+			obj.Key = strings.TrimPrefix(obj.Key, "/")
+			header := tar.Header{
+				Typeflag: tar.TypeReg,
+				Name:     obj.Key,
+				Size:     obj.Size,
+				ModTime:  obj.ModTime,
+				Format:   tar.FormatPAX,
+			}
+			if err := t.WriteHeader(&header); err != nil {
+				closeObj()
+				return err
+			}
+			n, err := io.Copy(t, obj.Content)
+			if err != nil {
+				closeObj()
+				return err
+			}
+			if n != obj.Size {
+				closeObj()
+				return io.ErrUnexpectedEOF
+			}
+			closeObj()
+		}
+	}
+	// Flush tar
+	err = t.Flush()
+	if err != nil {
+		return err
+	}
+	// Flush compression
+	err = flush()
+	if err != nil {
+		return err
+	}
+	if opts.Opts.UserMetadata == nil {
+		opts.Opts.UserMetadata = map[string]string{}
+	}
+	opts.Opts.UserMetadata["X-Amz-Meta-Snowball-Auto-Extract"] = "true"
+	opts.Opts.DisableMultipart = true
+	rc, sz, err := getTmpReader()
+	if err != nil {
+		return err
+	}
+	defer rc.Close()
+	rand := c.random.Uint64()
+	_, err = c.PutObject(ctx, bucketName, fmt.Sprintf("snowball-upload-%x.tar", rand), rc, sz, opts.Opts)
+	return err
+}
diff --git a/vendor/github.com/minio/minio-go/v7/api-remove.go b/vendor/github.com/minio/minio-go/v7/api-remove.go
index 7ac3f26aa83..fd3f1e12082 100644
--- a/vendor/github.com/minio/minio-go/v7/api-remove.go
+++ b/vendor/github.com/minio/minio-go/v7/api-remove.go
@@ -29,11 +29,62 @@ import (
 	"github.com/minio/minio-go/v7/pkg/s3utils"
 )
 
+//revive:disable
+
+// Deprecated: BucketOptions will be renamed to RemoveBucketOptions in future versions.
+type BucketOptions = RemoveBucketOptions
+
+//revive:enable
+
+// RemoveBucketOptions special headers to purge buckets, only
+// useful when endpoint is MinIO
+type RemoveBucketOptions struct {
+	ForceDelete bool
+}
+
+// RemoveBucketWithOptions deletes the bucket name.
+//
+// All objects (including all object versions and delete markers)
+// in the bucket will be deleted forcibly if bucket options set
+// ForceDelete to 'true'.
+func (c *Client) RemoveBucketWithOptions(ctx context.Context, bucketName string, opts RemoveBucketOptions) error {
+	// Input validation.
+	if err := s3utils.CheckValidBucketName(bucketName); err != nil {
+		return err
+	}
+
+	// Build headers.
+	headers := make(http.Header)
+	if opts.ForceDelete {
+		headers.Set(minIOForceDelete, "true")
+	}
+
+	// Execute DELETE on bucket.
+	resp, err := c.executeMethod(ctx, http.MethodDelete, requestMetadata{
+		bucketName:       bucketName,
+		contentSHA256Hex: emptySHA256Hex,
+		customHeader:     headers,
+	})
+	defer closeResponse(resp)
+	if err != nil {
+		return err
+	}
+	if resp != nil {
+		if resp.StatusCode != http.StatusNoContent {
+			return httpRespToErrorResponse(resp, bucketName, "")
+		}
+	}
+
+	// Remove the location from cache on a successful delete.
+	c.bucketLocCache.Delete(bucketName)
+	return nil
+}
+
 // RemoveBucket deletes the bucket name.
 //
 //  All objects (including all object versions and delete markers).
 //  in the bucket must be deleted before successfully attempting this request.
-func (c Client) RemoveBucket(ctx context.Context, bucketName string) error {
+func (c *Client) RemoveBucket(ctx context.Context, bucketName string) error {
 	// Input validation.
 	if err := s3utils.CheckValidBucketName(bucketName); err != nil {
 		return err
@@ -64,17 +115,19 @@ type AdvancedRemoveOptions struct {
 	ReplicationDeleteMarker bool
 	ReplicationStatus       ReplicationStatus
 	ReplicationMTime        time.Time
+	ReplicationRequest      bool
 }
 
 // RemoveObjectOptions represents options specified by user for RemoveObject call
 type RemoveObjectOptions struct {
+	ForceDelete      bool
 	GovernanceBypass bool
 	VersionID        string
 	Internal         AdvancedRemoveOptions
 }
 
 // RemoveObject removes an object from a bucket.
-func (c Client) RemoveObject(ctx context.Context, bucketName, objectName string, opts RemoveObjectOptions) error {
+func (c *Client) RemoveObject(ctx context.Context, bucketName, objectName string, opts RemoveObjectOptions) error {
 	// Input validation.
 	if err := s3utils.CheckValidBucketName(bucketName); err != nil {
 		return err
@@ -86,7 +139,7 @@ func (c Client) RemoveObject(ctx context.Context, bucketName, objectName string,
 	return c.removeObject(ctx, bucketName, objectName, opts)
 }
 
-func (c Client) removeObject(ctx context.Context, bucketName, objectName string, opts RemoveObjectOptions) error {
+func (c *Client) removeObject(ctx context.Context, bucketName, objectName string, opts RemoveObjectOptions) error {
 
 	// Get resources properly escaped and lined up before
 	// using them in http request.
@@ -112,6 +165,12 @@ func (c Client) removeObject(ctx context.Context, bucketName, objectName string,
 	if !opts.Internal.ReplicationStatus.Empty() {
 		headers.Set(amzBucketReplicationStatus, string(opts.Internal.ReplicationStatus))
 	}
+	if opts.Internal.ReplicationRequest {
+		headers.Set(minIOBucketReplicationRequest, "")
+	}
+	if opts.ForceDelete {
+		headers.Set(minIOForceDelete, "true")
+	}
 	// Execute DELETE on objectName.
 	resp, err := c.executeMethod(ctx, http.MethodDelete, requestMetadata{
 		bucketName:       bucketName,
@@ -194,7 +253,7 @@ type RemoveObjectsOptions struct {
 // RemoveObjects removes multiple objects from a bucket while
 // it is possible to specify objects versions which are received from
 // objectsCh. Remove failures are sent back via error channel.
-func (c Client) RemoveObjects(ctx context.Context, bucketName string, objectsCh <-chan ObjectInfo, opts RemoveObjectsOptions) <-chan RemoveObjectError {
+func (c *Client) RemoveObjects(ctx context.Context, bucketName string, objectsCh <-chan ObjectInfo, opts RemoveObjectsOptions) <-chan RemoveObjectError {
 	errorCh := make(chan RemoveObjectError, 1)
 
 	// Validate if bucket name is valid.
@@ -239,7 +298,7 @@ func hasInvalidXMLChar(str string) bool {
 }
 
 // Generate and call MultiDelete S3 requests based on entries received from objectsCh
-func (c Client) removeObjects(ctx context.Context, bucketName string, objectsCh <-chan ObjectInfo, errorCh chan<- RemoveObjectError, opts RemoveObjectsOptions) {
+func (c *Client) removeObjects(ctx context.Context, bucketName string, objectsCh <-chan ObjectInfo, errorCh chan<- RemoveObjectError, opts RemoveObjectsOptions) {
 	maxEntries := 1000
 	finish := false
 	urlValues := make(url.Values)
@@ -337,7 +396,7 @@ func (c Client) removeObjects(ctx context.Context, bucketName string, objectsCh
 }
 
 // RemoveIncompleteUpload aborts an partially uploaded object.
-func (c Client) RemoveIncompleteUpload(ctx context.Context, bucketName, objectName string) error {
+func (c *Client) RemoveIncompleteUpload(ctx context.Context, bucketName, objectName string) error {
 	// Input validation.
 	if err := s3utils.CheckValidBucketName(bucketName); err != nil {
 		return err
@@ -364,7 +423,7 @@ func (c Client) RemoveIncompleteUpload(ctx context.Context, bucketName, objectNa
 
 // abortMultipartUpload aborts a multipart upload for the given
 // uploadID, all previously uploaded parts are deleted.
-func (c Client) abortMultipartUpload(ctx context.Context, bucketName, objectName, uploadID string) error {
+func (c *Client) abortMultipartUpload(ctx context.Context, bucketName, objectName, uploadID string) error {
 	// Input validation.
 	if err := s3utils.CheckValidBucketName(bucketName); err != nil {
 		return err
diff --git a/vendor/github.com/minio/minio-go/v7/api-restore.go b/vendor/github.com/minio/minio-go/v7/api-restore.go
new file mode 100644
index 00000000000..69eefec09bc
--- /dev/null
+++ b/vendor/github.com/minio/minio-go/v7/api-restore.go
@@ -0,0 +1,182 @@
+/*
+ * MinIO Go Library for Amazon S3 Compatible Cloud Storage
+ * (C) 2018-2021 MinIO, Inc.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package minio
+
+import (
+	"bytes"
+	"context"
+	"encoding/xml"
+	"net/http"
+	"net/url"
+
+	"github.com/minio/minio-go/v7/pkg/s3utils"
+	"github.com/minio/minio-go/v7/pkg/tags"
+)
+
+// RestoreType represents the restore request type
+type RestoreType string
+
+const (
+	// RestoreSelect represents the restore SELECT operation
+	RestoreSelect = RestoreType("SELECT")
+)
+
+// TierType represents a retrieval tier
+type TierType string
+
+const (
+	// TierStandard is the standard retrieval tier
+	TierStandard = TierType("Standard")
+	// TierBulk is the bulk retrieval tier
+	TierBulk = TierType("Bulk")
+	// TierExpedited is the expedited retrieval tier
+	TierExpedited = TierType("Expedited")
+)
+
+// GlacierJobParameters represents the retrieval tier parameter
+type GlacierJobParameters struct {
+	Tier TierType
+}
+
+// Encryption contains the type of server-side encryption used during object retrieval
+type Encryption struct {
+	EncryptionType string
+	KMSContext     string
+	KMSKeyID       string `xml:"KMSKeyId"`
+}
+
+// MetadataEntry represents a metadata information of the restored object.
+type MetadataEntry struct {
+	Name  string
+	Value string
+}
+
+// S3 holds properties of the copy of the archived object
+type S3 struct {
+	AccessControlList *AccessControlList `xml:"AccessControlList,omitempty"`
+	BucketName        string
+	Prefix            string
+	CannedACL         *string        `xml:"CannedACL,omitempty"`
+	Encryption        *Encryption    `xml:"Encryption,omitempty"`
+	StorageClass      *string        `xml:"StorageClass,omitempty"`
+	Tagging           *tags.Tags     `xml:"Tagging,omitempty"`
+	UserMetadata      *MetadataEntry `xml:"UserMetadata,omitempty"`
+}
+
+// SelectParameters holds the select request parameters
+type SelectParameters struct {
+	XMLName             xml.Name `xml:"SelectParameters"`
+	ExpressionType      QueryExpressionType
+	Expression          string
+	InputSerialization  SelectObjectInputSerialization
+	OutputSerialization SelectObjectOutputSerialization
+}
+
+// OutputLocation holds properties of the copy of the archived object
+type OutputLocation struct {
+	XMLName xml.Name `xml:"OutputLocation"`
+	S3      S3       `xml:"S3"`
+}
+
+// RestoreRequest holds properties of the restore object request
+type RestoreRequest struct {
+	XMLName              xml.Name              `xml:"http://s3.amazonaws.com/doc/2006-03-01/ RestoreRequest"`
+	Type                 *RestoreType          `xml:"Type,omitempty"`
+	Tier                 *TierType             `xml:"Tier,omitempty"`
+	Days                 *int                  `xml:"Days,omitempty"`
+	GlacierJobParameters *GlacierJobParameters `xml:"GlacierJobParameters,omitempty"`
+	Description          *string               `xml:"Description,omitempty"`
+	SelectParameters     *SelectParameters     `xml:"SelectParameters,omitempty"`
+	OutputLocation       *OutputLocation       `xml:"OutputLocation,omitempty"`
+}
+
+// SetDays sets the days parameter of the restore request
+func (r *RestoreRequest) SetDays(v int) {
+	r.Days = &v
+}
+
+// SetGlacierJobParameters sets the GlacierJobParameters of the restore request
+func (r *RestoreRequest) SetGlacierJobParameters(v GlacierJobParameters) {
+	r.GlacierJobParameters = &v
+}
+
+// SetType sets the type of the restore request
+func (r *RestoreRequest) SetType(v RestoreType) {
+	r.Type = &v
+}
+
+// SetTier sets the retrieval tier of the restore request
+func (r *RestoreRequest) SetTier(v TierType) {
+	r.Tier = &v
+}
+
+// SetDescription sets the description of the restore request
+func (r *RestoreRequest) SetDescription(v string) {
+	r.Description = &v
+}
+
+// SetSelectParameters sets SelectParameters of the restore select request
+func (r *RestoreRequest) SetSelectParameters(v SelectParameters) {
+	r.SelectParameters = &v
+}
+
+// SetOutputLocation sets the properties of the copy of the archived object
+func (r *RestoreRequest) SetOutputLocation(v OutputLocation) {
+	r.OutputLocation = &v
+}
+
+// RestoreObject is a implementation of https://docs.aws.amazon.com/AmazonS3/latest/API/API_RestoreObject.html AWS S3 API
+func (c *Client) RestoreObject(ctx context.Context, bucketName, objectName, versionID string, req RestoreRequest) error {
+	// Input validation.
+	if err := s3utils.CheckValidBucketName(bucketName); err != nil {
+		return err
+	}
+	if err := s3utils.CheckValidObjectName(objectName); err != nil {
+		return err
+	}
+
+	restoreRequestBytes, err := xml.Marshal(req)
+	if err != nil {
+		return err
+	}
+
+	urlValues := make(url.Values)
+	urlValues.Set("restore", "")
+	if versionID != "" {
+		urlValues.Set("versionId", versionID)
+	}
+
+	// Execute POST on bucket/object.
+	resp, err := c.executeMethod(ctx, http.MethodPost, requestMetadata{
+		bucketName:       bucketName,
+		objectName:       objectName,
+		queryValues:      urlValues,
+		contentMD5Base64: sumMD5Base64(restoreRequestBytes),
+		contentSHA256Hex: sum256Hex(restoreRequestBytes),
+		contentBody:      bytes.NewReader(restoreRequestBytes),
+		contentLength:    int64(len(restoreRequestBytes)),
+	})
+	defer closeResponse(resp)
+	if err != nil {
+		return err
+	}
+	if resp.StatusCode != http.StatusAccepted {
+		return httpRespToErrorResponse(resp, bucketName, "")
+	}
+	return nil
+}
diff --git a/vendor/github.com/minio/minio-go/v7/api-select.go b/vendor/github.com/minio/minio-go/v7/api-select.go
index e35cf02bf3f..74c1df5f170 100644
--- a/vendor/github.com/minio/minio-go/v7/api-select.go
+++ b/vendor/github.com/minio/minio-go/v7/api-select.go
@@ -54,6 +54,13 @@ const (
 	SelectCompressionNONE SelectCompressionType = "NONE"
 	SelectCompressionGZIP                       = "GZIP"
 	SelectCompressionBZIP                       = "BZIP2"
+
+	// Non-standard compression schemes, supported by MinIO hosts:
+
+	SelectCompressionZSTD   = "ZSTD"   // Zstandard compression.
+	SelectCompressionLZ4    = "LZ4"    // LZ4 Stream
+	SelectCompressionS2     = "S2"     // S2 Stream
+	SelectCompressionSNAPPY = "SNAPPY" // Snappy stream
 )
 
 // CSVQuoteFields - is the parameter for how CSV fields are quoted.
@@ -330,10 +337,10 @@ func (j JSONOutputOptions) MarshalXML(e *xml.Encoder, start xml.StartElement) er
 
 // SelectObjectInputSerialization - input serialization parameters
 type SelectObjectInputSerialization struct {
-	CompressionType SelectCompressionType
-	Parquet         *ParquetInputOptions `xml:"Parquet,omitempty"`
-	CSV             *CSVInputOptions     `xml:"CSV,omitempty"`
-	JSON            *JSONInputOptions    `xml:"JSON,omitempty"`
+	CompressionType SelectCompressionType `xml:"CompressionType,omitempty"`
+	Parquet         *ParquetInputOptions  `xml:"Parquet,omitempty"`
+	CSV             *CSVInputOptions      `xml:"CSV,omitempty"`
+	JSON            *JSONInputOptions     `xml:"JSON,omitempty"`
 }
 
 // SelectObjectOutputSerialization - output serialization parameters.
@@ -431,7 +438,7 @@ const (
 )
 
 // SelectObjectContent is a implementation of http://docs.aws.amazon.com/AmazonS3/latest/API/RESTObjectSELECTContent.html AWS S3 API.
-func (c Client) SelectObjectContent(ctx context.Context, bucketName, objectName string, opts SelectObjectOptions) (*SelectResults, error) {
+func (c *Client) SelectObjectContent(ctx context.Context, bucketName, objectName string, opts SelectObjectOptions) (*SelectResults, error) {
 	// Input validation.
 	if err := s3utils.CheckValidBucketName(bucketName); err != nil {
 		return nil, err
diff --git a/vendor/github.com/minio/minio-go/v7/api-stat.go b/vendor/github.com/minio/minio-go/v7/api-stat.go
index aa81cc43771..6deb5f5dc94 100644
--- a/vendor/github.com/minio/minio-go/v7/api-stat.go
+++ b/vendor/github.com/minio/minio-go/v7/api-stat.go
@@ -27,7 +27,7 @@ import (
 
 // BucketExists verifies if bucket exists and you have permission to access it. Allows for a Context to
 // control cancellations and timeouts.
-func (c Client) BucketExists(ctx context.Context, bucketName string) (bool, error) {
+func (c *Client) BucketExists(ctx context.Context, bucketName string) (bool, error) {
 	// Input validation.
 	if err := s3utils.CheckValidBucketName(bucketName); err != nil {
 		return false, err
@@ -58,19 +58,7 @@ func (c Client) BucketExists(ctx context.Context, bucketName string) (bool, erro
 }
 
 // StatObject verifies if object exists and you have permission to access.
-func (c Client) StatObject(ctx context.Context, bucketName, objectName string, opts StatObjectOptions) (ObjectInfo, error) {
-	// Input validation.
-	if err := s3utils.CheckValidBucketName(bucketName); err != nil {
-		return ObjectInfo{}, err
-	}
-	if err := s3utils.CheckValidObjectName(objectName); err != nil {
-		return ObjectInfo{}, err
-	}
-	return c.statObject(ctx, bucketName, objectName, opts)
-}
-
-// Lower level API for statObject supporting pre-conditions and range headers.
-func (c Client) statObject(ctx context.Context, bucketName, objectName string, opts StatObjectOptions) (ObjectInfo, error) {
+func (c *Client) StatObject(ctx context.Context, bucketName, objectName string, opts StatObjectOptions) (ObjectInfo, error) {
 	// Input validation.
 	if err := s3utils.CheckValidBucketName(bucketName); err != nil {
 		return ObjectInfo{}, err
@@ -99,11 +87,11 @@ func (c Client) statObject(ctx context.Context, bucketName, objectName string, o
 	if err != nil {
 		return ObjectInfo{}, err
 	}
-	deleteMarker := resp.Header.Get(amzDeleteMarker) == "true"
 
 	if resp != nil {
+		deleteMarker := resp.Header.Get(amzDeleteMarker) == "true"
 		if resp.StatusCode != http.StatusOK && resp.StatusCode != http.StatusPartialContent {
-			if resp.StatusCode == http.StatusBadRequest && opts.VersionID != "" && deleteMarker {
+			if resp.StatusCode == http.StatusMethodNotAllowed && opts.VersionID != "" && deleteMarker {
 				errResp := ErrorResponse{
 					StatusCode: resp.StatusCode,
 					Code:       "MethodNotAllowed",
diff --git a/vendor/github.com/minio/minio-go/v7/api.go b/vendor/github.com/minio/minio-go/v7/api.go
index 9a957af5831..2652ad27200 100644
--- a/vendor/github.com/minio/minio-go/v7/api.go
+++ b/vendor/github.com/minio/minio-go/v7/api.go
@@ -34,6 +34,7 @@ import (
 	"runtime"
 	"strings"
 	"sync"
+	"sync/atomic"
 	"time"
 
 	md5simd "github.com/minio/md5-simd"
@@ -90,6 +91,8 @@ type Client struct {
 	// Factory for MD5 hash functions.
 	md5Hasher    func() md5simd.Hasher
 	sha256Hasher func() md5simd.Hasher
+
+	healthStatus int32
 }
 
 // Options for New method
@@ -108,7 +111,7 @@ type Options struct {
 // Global constants.
 const (
 	libraryName    = "minio-go"
-	libraryVersion = "v7.0.10"
+	libraryVersion = "v7.0.16"
 )
 
 // User Agent should always following the below style.
@@ -305,6 +308,10 @@ func privateNew(endpoint string, opts *Options) (*Client, error) {
 	// Sets bucket lookup style, whether server accepts DNS or Path lookup. Default is Auto - determined
 	// by the SDK. When Auto is specified, DNS lookup is used for Amazon/Google cloud endpoints and Path for all other endpoints.
 	clnt.lookup = opts.BucketLookup
+
+	// healthcheck is not initialized
+	clnt.healthStatus = unknown
+
 	// Return.
 	return clnt, nil
 }
@@ -387,17 +394,81 @@ func (c *Client) hashMaterials(isMd5Requested bool) (hashAlgos map[string]md5sim
 	return hashAlgos, hashSums
 }
 
+const (
+	unknown = -1
+	offline = 0
+	online  = 1
+)
+
+// IsOnline returns true if healthcheck enabled and client is online
+func (c *Client) IsOnline() bool {
+	return !c.IsOffline()
+}
+
+// sets online healthStatus to offline
+func (c *Client) markOffline() {
+	atomic.CompareAndSwapInt32(&c.healthStatus, online, offline)
+}
+
+// IsOffline returns true if healthcheck enabled and client is offline
+func (c *Client) IsOffline() bool {
+	return atomic.LoadInt32(&c.healthStatus) == offline
+}
+
+// HealthCheck starts a healthcheck to see if endpoint is up. Returns a context cancellation function
+// and and error if health check is already started
+func (c *Client) HealthCheck(hcDuration time.Duration) (context.CancelFunc, error) {
+	if atomic.LoadInt32(&c.healthStatus) == online {
+		return nil, fmt.Errorf("health check is running")
+	}
+	if hcDuration < 1*time.Second {
+		return nil, fmt.Errorf("health check duration should be atleast 1 second")
+	}
+	ctx, cancelFn := context.WithCancel(context.Background())
+	atomic.StoreInt32(&c.healthStatus, online)
+	probeBucketName := randString(60, rand.NewSource(time.Now().UnixNano()), "probe-health-")
+	go func(duration time.Duration) {
+		timer := time.NewTimer(duration)
+		defer timer.Stop()
+		for {
+			select {
+			case <-ctx.Done():
+				atomic.StoreInt32(&c.healthStatus, unknown)
+				return
+			case <-timer.C:
+				timer.Reset(duration)
+				// Do health check the first time and ONLY if the connection is marked offline
+				if c.IsOffline() {
+					gctx, gcancel := context.WithTimeout(context.Background(), 3*time.Second)
+					_, err := c.getBucketLocation(gctx, probeBucketName)
+					gcancel()
+					if IsNetworkOrHostDown(err, false) {
+						// Still network errors do not need to do anything.
+						continue
+					}
+					switch ToErrorResponse(err).Code {
+					case "NoSuchBucket", "AccessDenied", "":
+						atomic.CompareAndSwapInt32(&c.healthStatus, offline, online)
+					}
+				}
+			}
+		}
+	}(hcDuration)
+	return cancelFn, nil
+}
+
 // requestMetadata - is container for all the values to make a request.
 type requestMetadata struct {
 	// If set newRequest presigns the URL.
 	presignURL bool
 
 	// User supplied.
-	bucketName   string
-	objectName   string
-	queryValues  url.Values
-	customHeader http.Header
-	expires      int64
+	bucketName         string
+	objectName         string
+	queryValues        url.Values
+	customHeader       http.Header
+	extraPresignHeader http.Header
+	expires            int64
 
 	// Generated by our internal code.
 	bucketLocation   string
@@ -408,7 +479,7 @@ type requestMetadata struct {
 }
 
 // dumpHTTP - dump HTTP request and response.
-func (c Client) dumpHTTP(req *http.Request, resp *http.Response) error {
+func (c *Client) dumpHTTP(req *http.Request, resp *http.Response) error {
 	// Starts http dump.
 	_, err := fmt.Fprintln(c.traceOutput, "---------START-HTTP---------")
 	if err != nil {
@@ -468,8 +539,14 @@ func (c Client) dumpHTTP(req *http.Request, resp *http.Response) error {
 }
 
 // do - execute http request.
-func (c Client) do(req *http.Request) (*http.Response, error) {
-	resp, err := c.httpClient.Do(req)
+func (c *Client) do(req *http.Request) (resp *http.Response, err error) {
+	defer func() {
+		if IsNetworkOrHostDown(err, false) {
+			c.markOffline()
+		}
+	}()
+
+	resp, err = c.httpClient.Do(req)
 	if err != nil {
 		// Handle this specifically for now until future Golang versions fix this issue properly.
 		if urlErr, ok := err.(*url.Error); ok {
@@ -512,7 +589,11 @@ var successStatus = []int{
 // executeMethod - instantiates a given method, and retries the
 // request upon any error up to maxRetries attempts in a binomially
 // delayed manner using a standard back off algorithm.
-func (c Client) executeMethod(ctx context.Context, method string, metadata requestMetadata) (res *http.Response, err error) {
+func (c *Client) executeMethod(ctx context.Context, method string, metadata requestMetadata) (res *http.Response, err error) {
+	if c.IsOffline() {
+		return nil, errors.New(c.endpointURL.String() + " is offline.")
+	}
+
 	var retryable bool       // Indicates if request can be retried.
 	var bodySeeker io.Seeker // Extracted seeker from io.Reader.
 	var reqRetry = MaxRetry  // Indicates how many times we can retry the request
@@ -544,9 +625,6 @@ func (c Client) executeMethod(ctx context.Context, method string, metadata reque
 	// Indicate to our routine to exit cleanly upon return.
 	defer cancel()
 
-	// Blank indentifier is kept here on purpose since 'range' without
-	// blank identifiers is only supported since go1.4
-	// https://golang.org/doc/go1.4#forrange.
 	for range c.newRetryTimer(retryCtx, reqRetry, DefaultRetryUnit, DefaultRetryCap, MaxJitter) {
 		// Retry executes the following function body if request has an
 		// error until maxRetries have been exhausted, retry attempts are
@@ -568,9 +646,9 @@ func (c Client) executeMethod(ctx context.Context, method string, metadata reque
 			if isS3CodeRetryable(errResponse.Code) {
 				continue // Retry.
 			}
+
 			return nil, err
 		}
-
 		// Initiate the request.
 		res, err = c.do(req)
 		if err != nil {
@@ -668,7 +746,7 @@ func (c Client) executeMethod(ctx context.Context, method string, metadata reque
 }
 
 // newRequest - instantiate a new HTTP request for a given method.
-func (c Client) newRequest(ctx context.Context, method string, metadata requestMetadata) (req *http.Request, err error) {
+func (c *Client) newRequest(ctx context.Context, method string, metadata requestMetadata) (req *http.Request, err error) {
 	// If no method is supplied default to 'POST'.
 	if method == "" {
 		method = http.MethodPost
@@ -736,6 +814,14 @@ func (c Client) newRequest(ctx context.Context, method string, metadata requestM
 		if signerType.IsAnonymous() {
 			return nil, errInvalidArgument("Presigned URLs cannot be generated with anonymous credentials.")
 		}
+		if metadata.extraPresignHeader != nil {
+			if signerType.IsV2() {
+				return nil, errInvalidArgument("Extra signed headers for Presign with Signature V2 is not supported.")
+			}
+			for k, v := range metadata.extraPresignHeader {
+				req.Header.Set(k, v[0])
+			}
+		}
 		if signerType.IsV2() {
 			// Presign URL with signature v2.
 			req = signer.PreSignV2(*req, accessKeyID, secretAccessKey, metadata.expires, isVirtualHost)
@@ -808,7 +894,7 @@ func (c Client) newRequest(ctx context.Context, method string, metadata requestM
 }
 
 // set User agent.
-func (c Client) setUserAgent(req *http.Request) {
+func (c *Client) setUserAgent(req *http.Request) {
 	req.Header.Set("User-Agent", libraryUserAgent)
 	if c.appInfo.appName != "" && c.appInfo.appVersion != "" {
 		req.Header.Set("User-Agent", libraryUserAgent+" "+c.appInfo.appName+"/"+c.appInfo.appVersion)
@@ -816,7 +902,7 @@ func (c Client) setUserAgent(req *http.Request) {
 }
 
 // makeTargetURL make a new target url.
-func (c Client) makeTargetURL(bucketName, objectName, bucketLocation string, isVirtualHostStyle bool, queryValues url.Values) (*url.URL, error) {
+func (c *Client) makeTargetURL(bucketName, objectName, bucketLocation string, isVirtualHostStyle bool, queryValues url.Values) (*url.URL, error) {
 	host := c.endpointURL.Host
 	// For Amazon S3 endpoint, try to fetch location based endpoint.
 	if s3utils.IsAmazonEndpoint(*c.endpointURL) {
diff --git a/vendor/github.com/minio/minio-go/v7/bucket-cache.go b/vendor/github.com/minio/minio-go/v7/bucket-cache.go
index 156150f622f..760af77515c 100644
--- a/vendor/github.com/minio/minio-go/v7/bucket-cache.go
+++ b/vendor/github.com/minio/minio-go/v7/bucket-cache.go
@@ -73,7 +73,7 @@ func (r *bucketLocationCache) Delete(bucketName string) {
 
 // GetBucketLocation - get location for the bucket name from location cache, if not
 // fetch freshly by making a new request.
-func (c Client) GetBucketLocation(ctx context.Context, bucketName string) (string, error) {
+func (c *Client) GetBucketLocation(ctx context.Context, bucketName string) (string, error) {
 	if err := s3utils.CheckValidBucketName(bucketName); err != nil {
 		return "", err
 	}
@@ -82,7 +82,7 @@ func (c Client) GetBucketLocation(ctx context.Context, bucketName string) (strin
 
 // getBucketLocation - Get location for the bucketName from location map cache, if not
 // fetch freshly by making a new request.
-func (c Client) getBucketLocation(ctx context.Context, bucketName string) (string, error) {
+func (c *Client) getBucketLocation(ctx context.Context, bucketName string) (string, error) {
 	if err := s3utils.CheckValidBucketName(bucketName); err != nil {
 		return "", err
 	}
@@ -169,7 +169,7 @@ func processBucketLocationResponse(resp *http.Response, bucketName string) (buck
 }
 
 // getBucketLocationRequest - Wrapper creates a new getBucketLocation request.
-func (c Client) getBucketLocationRequest(ctx context.Context, bucketName string) (*http.Request, error) {
+func (c *Client) getBucketLocationRequest(ctx context.Context, bucketName string) (*http.Request, error) {
 	// Set location query.
 	urlValues := make(url.Values)
 	urlValues.Set("location", "")
diff --git a/vendor/github.com/minio/minio-go/v7/constants.go b/vendor/github.com/minio/minio-go/v7/constants.go
index 5e5aec7c2ef..7caa42d9f6e 100644
--- a/vendor/github.com/minio/minio-go/v7/constants.go
+++ b/vendor/github.com/minio/minio-go/v7/constants.go
@@ -23,9 +23,9 @@ package minio
 // a part in a multipart upload may not be uploaded.
 const absMinPartSize = 1024 * 1024 * 5
 
-// minPartSize - minimum part size 128MiB per object after which
+// minPartSize - minimum part size 16MiB per object after which
 // putObject behaves internally as multipart.
-const minPartSize = 1024 * 1024 * 128
+const minPartSize = 1024 * 1024 * 16
 
 // maxPartsCount - maximum number of parts for a single multipart session.
 const maxPartsCount = 10000
@@ -69,6 +69,7 @@ const (
 	amzVersionID         = "X-Amz-Version-Id"
 	amzTaggingCount      = "X-Amz-Tagging-Count"
 	amzExpiration        = "X-Amz-Expiration"
+	amzRestore           = "X-Amz-Restore"
 	amzReplicationStatus = "X-Amz-Replication-Status"
 	amzDeleteMarker      = "X-Amz-Delete-Marker"
 
@@ -88,4 +89,13 @@ const (
 	minIOBucketSourceETag              = "X-Minio-Source-Etag"
 	minIOBucketReplicationDeleteMarker = "X-Minio-Source-DeleteMarker"
 	minIOBucketReplicationProxyRequest = "X-Minio-Source-Proxy-Request"
+	minIOBucketReplicationRequest      = "X-Minio-Source-Replication-Request"
+	// Header indicates last tag update time on source
+	minIOBucketReplicationTaggingTimestamp = "X-Minio-Source-Replication-Tagging-Timestamp"
+	// Header indicates last retention update time on source
+	minIOBucketReplicationObjectRetentionTimestamp = "X-Minio-Source-Replication-Retention-Timestamp"
+	// Header indicates last legalhold update time on source
+	minIOBucketReplicationObjectLegalHoldTimestamp = "X-Minio-Source-Replication-LegalHold-Timestamp"
+
+	minIOForceDelete = "x-minio-force-delete"
 )
diff --git a/vendor/github.com/minio/minio-go/v7/core.go b/vendor/github.com/minio/minio-go/v7/core.go
index 2bf4edf0161..fdba52744ef 100644
--- a/vendor/github.com/minio/minio-go/v7/core.go
+++ b/vendor/github.com/minio/minio-go/v7/core.go
@@ -46,13 +46,13 @@ func NewCore(endpoint string, opts *Options) (*Core, error) {
 // ListObjects - List all the objects at a prefix, optionally with marker and delimiter
 // you can further filter the results.
 func (c Core) ListObjects(bucket, prefix, marker, delimiter string, maxKeys int) (result ListBucketResult, err error) {
-	return c.listObjectsQuery(context.Background(), bucket, prefix, marker, delimiter, maxKeys)
+	return c.listObjectsQuery(context.Background(), bucket, prefix, marker, delimiter, maxKeys, nil)
 }
 
 // ListObjectsV2 - Lists all the objects at a prefix, similar to ListObjects() but uses
 // continuationToken instead of marker to support iteration over the results.
-func (c Core) ListObjectsV2(bucketName, objectPrefix, continuationToken string, fetchOwner bool, delimiter string, maxkeys int) (ListBucketV2Result, error) {
-	return c.listObjectsV2Query(context.Background(), bucketName, objectPrefix, continuationToken, fetchOwner, false, delimiter, maxkeys)
+func (c Core) ListObjectsV2(bucketName, objectPrefix, startAfter, continuationToken, delimiter string, maxkeys int) (ListBucketV2Result, error) {
+	return c.listObjectsV2Query(context.Background(), bucketName, objectPrefix, continuationToken, true, false, delimiter, startAfter, maxkeys, nil)
 }
 
 // CopyObject - copies an object from source object to destination object on server side.
@@ -97,10 +97,10 @@ func (c Core) ListObjectParts(ctx context.Context, bucket, object, uploadID stri
 }
 
 // CompleteMultipartUpload - Concatenate uploaded parts and commit to an object.
-func (c Core) CompleteMultipartUpload(ctx context.Context, bucket, object, uploadID string, parts []CompletePart) (string, error) {
+func (c Core) CompleteMultipartUpload(ctx context.Context, bucket, object, uploadID string, parts []CompletePart, opts PutObjectOptions) (string, error) {
 	res, err := c.completeMultipartUpload(ctx, bucket, object, uploadID, completeMultipartUpload{
 		Parts: parts,
-	})
+	}, opts)
 	return res.ETag, err
 }
 
@@ -125,9 +125,3 @@ func (c Core) PutBucketPolicy(ctx context.Context, bucket, bucketPolicy string)
 func (c Core) GetObject(ctx context.Context, bucketName, objectName string, opts GetObjectOptions) (io.ReadCloser, ObjectInfo, http.Header, error) {
 	return c.getObject(ctx, bucketName, objectName, opts)
 }
-
-// StatObject is a lower level API implemented to support special
-// conditions matching etag, modtime on a request.
-func (c Core) StatObject(ctx context.Context, bucketName, objectName string, opts StatObjectOptions) (ObjectInfo, error) {
-	return c.statObject(ctx, bucketName, objectName, opts)
-}
diff --git a/vendor/github.com/minio/minio-go/v7/functional_tests.go b/vendor/github.com/minio/minio-go/v7/functional_tests.go
new file mode 100644
index 00000000000..ffe1063e46d
--- /dev/null
+++ b/vendor/github.com/minio/minio-go/v7/functional_tests.go
@@ -0,0 +1,12084 @@
+// +build mint
+
+/*
+ * MinIO Go Library for Amazon S3 Compatible Cloud Storage
+ * Copyright 2015-2020 MinIO, Inc.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package main
+
+import (
+	"archive/zip"
+	"bytes"
+	"context"
+	"errors"
+	"fmt"
+	"hash/crc32"
+	"io"
+	"io/ioutil"
+	"math/rand"
+	"mime/multipart"
+	"net/http"
+	"net/url"
+	"os"
+	"path"
+	"path/filepath"
+	"reflect"
+	"runtime"
+	"sort"
+	"strconv"
+	"strings"
+	"sync"
+	"time"
+
+	"github.com/dustin/go-humanize"
+	jsoniter "github.com/json-iterator/go"
+	log "github.com/sirupsen/logrus"
+
+	"github.com/minio/minio-go/v7"
+	"github.com/minio/minio-go/v7/pkg/credentials"
+	"github.com/minio/minio-go/v7/pkg/encrypt"
+	"github.com/minio/minio-go/v7/pkg/notification"
+	"github.com/minio/minio-go/v7/pkg/tags"
+)
+
+const letterBytes = "abcdefghijklmnopqrstuvwxyz01234569"
+const (
+	letterIdxBits = 6                    // 6 bits to represent a letter index
+	letterIdxMask = 1<<letterIdxBits - 1 // All 1-bits, as many as letterIdxBits
+	letterIdxMax  = 63 / letterIdxBits   // # of letter indices fitting in 63 bits
+)
+const (
+	serverEndpoint = "SERVER_ENDPOINT"
+	accessKey      = "ACCESS_KEY"
+	secretKey      = "SECRET_KEY"
+	enableHTTPS    = "ENABLE_HTTPS"
+	enableKMS      = "ENABLE_KMS"
+)
+
+type mintJSONFormatter struct {
+}
+
+func (f *mintJSONFormatter) Format(entry *log.Entry) ([]byte, error) {
+	data := make(log.Fields, len(entry.Data))
+	for k, v := range entry.Data {
+		switch v := v.(type) {
+		case error:
+			// Otherwise errors are ignored by `encoding/json`
+			// https://github.com/sirupsen/logrus/issues/137
+			data[k] = v.Error()
+		default:
+			data[k] = v
+		}
+	}
+	var json = jsoniter.ConfigCompatibleWithStandardLibrary
+	serialized, err := json.Marshal(data)
+	if err != nil {
+		return nil, fmt.Errorf("Failed to marshal fields to JSON, %v", err)
+	}
+	return append(serialized, '\n'), nil
+}
+
+var readFull = func(r io.Reader, buf []byte) (n int, err error) {
+	// ReadFull reads exactly len(buf) bytes from r into buf.
+	// It returns the number of bytes copied and an error if
+	// fewer bytes were read. The error is EOF only if no bytes
+	// were read. If an EOF happens after reading some but not
+	// all the bytes, ReadFull returns ErrUnexpectedEOF.
+	// On return, n == len(buf) if and only if err == nil.
+	// If r returns an error having read at least len(buf) bytes,
+	// the error is dropped.
+	for n < len(buf) && err == nil {
+		var nn int
+		nn, err = r.Read(buf[n:])
+		// Some spurious io.Reader's return
+		// io.ErrUnexpectedEOF when nn == 0
+		// this behavior is undocumented
+		// so we are on purpose not using io.ReadFull
+		// implementation because this can lead
+		// to custom handling, to avoid that
+		// we simply modify the original io.ReadFull
+		// implementation to avoid this issue.
+		// io.ErrUnexpectedEOF with nn == 0 really
+		// means that io.EOF
+		if err == io.ErrUnexpectedEOF && nn == 0 {
+			err = io.EOF
+		}
+		n += nn
+	}
+	if n >= len(buf) {
+		err = nil
+	} else if n > 0 && err == io.EOF {
+		err = io.ErrUnexpectedEOF
+	}
+	return
+}
+
+func cleanEmptyEntries(fields log.Fields) log.Fields {
+	cleanFields := log.Fields{}
+	for k, v := range fields {
+		if v != "" {
+			cleanFields[k] = v
+		}
+	}
+	return cleanFields
+}
+
+// log successful test runs
+func successLogger(testName string, function string, args map[string]interface{}, startTime time.Time) *log.Entry {
+	// calculate the test case duration
+	duration := time.Since(startTime)
+	// log with the fields as per mint
+	fields := log.Fields{"name": "minio-go: " + testName, "function": function, "args": args, "duration": duration.Nanoseconds() / 1000000, "status": "PASS"}
+	return log.WithFields(cleanEmptyEntries(fields))
+}
+
+// As few of the features are not available in Gateway(s) currently, Check if err value is NotImplemented,
+// and log as NA in that case and continue execution. Otherwise log as failure and return
+func logError(testName string, function string, args map[string]interface{}, startTime time.Time, alert string, message string, err error) {
+	// If server returns NotImplemented we assume it is gateway mode and hence log it as info and move on to next tests
+	// Special case for ComposeObject API as it is implemented on client side and adds specific error details like `Error in upload-part-copy` in
+	// addition to NotImplemented error returned from server
+	if isErrNotImplemented(err) {
+		ignoredLog(testName, function, args, startTime, message).Info()
+	} else if isRunOnFail() {
+		failureLog(testName, function, args, startTime, alert, message, err).Error()
+	} else {
+		failureLog(testName, function, args, startTime, alert, message, err).Fatal()
+	}
+}
+
+// log failed test runs
+func failureLog(testName string, function string, args map[string]interface{}, startTime time.Time, alert string, message string, err error) *log.Entry {
+	// calculate the test case duration
+	duration := time.Since(startTime)
+	var fields log.Fields
+	// log with the fields as per mint
+	if err != nil {
+		fields = log.Fields{"name": "minio-go: " + testName, "function": function, "args": args,
+			"duration": duration.Nanoseconds() / 1000000, "status": "FAIL", "alert": alert, "message": message, "error": err}
+	} else {
+		fields = log.Fields{"name": "minio-go: " + testName, "function": function, "args": args,
+			"duration": duration.Nanoseconds() / 1000000, "status": "FAIL", "alert": alert, "message": message}
+	}
+	return log.WithFields(cleanEmptyEntries(fields))
+}
+
+// log not applicable test runs
+func ignoredLog(testName string, function string, args map[string]interface{}, startTime time.Time, alert string) *log.Entry {
+	// calculate the test case duration
+	duration := time.Since(startTime)
+	// log with the fields as per mint
+	fields := log.Fields{"name": "minio-go: " + testName, "function": function, "args": args,
+		"duration": duration.Nanoseconds() / 1000000, "status": "NA", "alert": strings.Split(alert, " ")[0] + " is NotImplemented"}
+	return log.WithFields(cleanEmptyEntries(fields))
+}
+
+// Delete objects in given bucket, recursively
+func cleanupBucket(bucketName string, c *minio.Client) error {
+	// Create a done channel to control 'ListObjectsV2' go routine.
+	doneCh := make(chan struct{})
+	// Exit cleanly upon return.
+	defer close(doneCh)
+	// Iterate over all objects in the bucket via listObjectsV2 and delete
+	for objCh := range c.ListObjects(context.Background(), bucketName, minio.ListObjectsOptions{Recursive: true}) {
+		if objCh.Err != nil {
+			return objCh.Err
+		}
+		if objCh.Key != "" {
+			err := c.RemoveObject(context.Background(), bucketName, objCh.Key, minio.RemoveObjectOptions{})
+			if err != nil {
+				return err
+			}
+		}
+	}
+	for objPartInfo := range c.ListIncompleteUploads(context.Background(), bucketName, "", true) {
+		if objPartInfo.Err != nil {
+			return objPartInfo.Err
+		}
+		if objPartInfo.Key != "" {
+			err := c.RemoveIncompleteUpload(context.Background(), bucketName, objPartInfo.Key)
+			if err != nil {
+				return err
+			}
+		}
+	}
+	// objects are already deleted, clear the buckets now
+	err := c.RemoveBucket(context.Background(), bucketName)
+	if err != nil {
+		return err
+	}
+	return err
+}
+
+func cleanupVersionedBucket(bucketName string, c *minio.Client) error {
+	doneCh := make(chan struct{})
+	defer close(doneCh)
+	for obj := range c.ListObjects(context.Background(), bucketName, minio.ListObjectsOptions{WithVersions: true, Recursive: true}) {
+		if obj.Err != nil {
+			return obj.Err
+		}
+		if obj.Key != "" {
+			err := c.RemoveObject(context.Background(), bucketName, obj.Key,
+				minio.RemoveObjectOptions{VersionID: obj.VersionID, GovernanceBypass: true})
+			if err != nil {
+				return err
+			}
+		}
+	}
+	for objPartInfo := range c.ListIncompleteUploads(context.Background(), bucketName, "", true) {
+		if objPartInfo.Err != nil {
+			return objPartInfo.Err
+		}
+		if objPartInfo.Key != "" {
+			err := c.RemoveIncompleteUpload(context.Background(), bucketName, objPartInfo.Key)
+			if err != nil {
+				return err
+			}
+		}
+	}
+	// objects are already deleted, clear the buckets now
+	err := c.RemoveBucket(context.Background(), bucketName)
+	if err != nil {
+		for obj := range c.ListObjects(context.Background(), bucketName, minio.ListObjectsOptions{WithVersions: true, Recursive: true}) {
+			log.Println("found", obj.Key, obj.VersionID)
+		}
+		return err
+	}
+	return err
+}
+
+func isErrNotImplemented(err error) bool {
+	return minio.ToErrorResponse(err).Code == "NotImplemented"
+}
+
+func isRunOnFail() bool {
+	return os.Getenv("RUN_ON_FAIL") == "1"
+}
+
+func init() {
+	// If server endpoint is not set, all tests default to
+	// using https://play.min.io
+	if os.Getenv(serverEndpoint) == "" {
+		os.Setenv(serverEndpoint, "play.min.io")
+		os.Setenv(accessKey, "Q3AM3UQ867SPQQA43P2F")
+		os.Setenv(secretKey, "zuf+tfteSlswRu7BJ86wekitnifILbZam1KYY3TG")
+		os.Setenv(enableHTTPS, "1")
+	}
+}
+
+var mintDataDir = os.Getenv("MINT_DATA_DIR")
+
+func getMintDataDirFilePath(filename string) (fp string) {
+	if mintDataDir == "" {
+		return
+	}
+	return filepath.Join(mintDataDir, filename)
+}
+
+func newRandomReader(seed, size int64) io.Reader {
+	return io.LimitReader(rand.New(rand.NewSource(seed)), size)
+}
+
+func mustCrcReader(r io.Reader) uint32 {
+	crc := crc32.NewIEEE()
+	_, err := io.Copy(crc, r)
+	if err != nil {
+		panic(err)
+	}
+	return crc.Sum32()
+}
+
+func crcMatches(r io.Reader, want uint32) error {
+	crc := crc32.NewIEEE()
+	_, err := io.Copy(crc, r)
+	if err != nil {
+		panic(err)
+	}
+	got := crc.Sum32()
+	if got != want {
+		return fmt.Errorf("crc mismatch, want %x, got %x", want, got)
+	}
+	return nil
+}
+
+func crcMatchesName(r io.Reader, name string) error {
+	want := dataFileCRC32[name]
+	crc := crc32.NewIEEE()
+	_, err := io.Copy(crc, r)
+	if err != nil {
+		panic(err)
+	}
+	got := crc.Sum32()
+	if got != want {
+		return fmt.Errorf("crc mismatch, want %x, got %x", want, got)
+	}
+	return nil
+}
+
+// read data from file if it exists or optionally create a buffer of particular size
+func getDataReader(fileName string) io.ReadCloser {
+	if mintDataDir == "" {
+		size := int64(dataFileMap[fileName])
+		if _, ok := dataFileCRC32[fileName]; !ok {
+			dataFileCRC32[fileName] = mustCrcReader(newRandomReader(size, size))
+		}
+		return ioutil.NopCloser(newRandomReader(size, size))
+	}
+	reader, _ := os.Open(getMintDataDirFilePath(fileName))
+	if _, ok := dataFileCRC32[fileName]; !ok {
+		dataFileCRC32[fileName] = mustCrcReader(reader)
+		reader.Close()
+		reader, _ = os.Open(getMintDataDirFilePath(fileName))
+	}
+	return reader
+}
+
+// randString generates random names and prepends them with a known prefix.
+func randString(n int, src rand.Source, prefix string) string {
+	b := make([]byte, n)
+	// A rand.Int63() generates 63 random bits, enough for letterIdxMax letters!
+	for i, cache, remain := n-1, src.Int63(), letterIdxMax; i >= 0; {
+		if remain == 0 {
+			cache, remain = src.Int63(), letterIdxMax
+		}
+		if idx := int(cache & letterIdxMask); idx < len(letterBytes) {
+			b[i] = letterBytes[idx]
+			i--
+		}
+		cache >>= letterIdxBits
+		remain--
+	}
+	return prefix + string(b[0:30-len(prefix)])
+}
+
+var dataFileMap = map[string]int{
+	"datafile-0-b":     0,
+	"datafile-1-b":     1,
+	"datafile-1-kB":    1 * humanize.KiByte,
+	"datafile-10-kB":   10 * humanize.KiByte,
+	"datafile-33-kB":   33 * humanize.KiByte,
+	"datafile-100-kB":  100 * humanize.KiByte,
+	"datafile-1.03-MB": 1056 * humanize.KiByte,
+	"datafile-1-MB":    1 * humanize.MiByte,
+	"datafile-5-MB":    5 * humanize.MiByte,
+	"datafile-6-MB":    6 * humanize.MiByte,
+	"datafile-11-MB":   11 * humanize.MiByte,
+	"datafile-65-MB":   65 * humanize.MiByte,
+	"datafile-129-MB":  129 * humanize.MiByte,
+}
+
+var dataFileCRC32 = map[string]uint32{}
+
+func isFullMode() bool {
+	return os.Getenv("MINT_MODE") == "full"
+}
+
+func getFuncName() string {
+	return getFuncNameLoc(2)
+}
+
+func getFuncNameLoc(caller int) string {
+	pc, _, _, _ := runtime.Caller(caller)
+	return strings.TrimPrefix(runtime.FuncForPC(pc).Name(), "main.")
+}
+
+// Tests bucket re-create errors.
+func testMakeBucketError() {
+	region := "eu-central-1"
+
+	// initialize logging params
+	startTime := time.Now()
+	testName := getFuncName()
+	function := "MakeBucket(bucketName, region)"
+	// initialize logging params
+	args := map[string]interface{}{
+		"bucketName": "",
+		"region":     region,
+	}
+
+	// Seed random based on current time.
+	rand.Seed(time.Now().Unix())
+
+	// Instantiate new minio client object.
+	c, err := minio.New(os.Getenv(serverEndpoint),
+		&minio.Options{
+			Creds:  credentials.NewStaticV4(os.Getenv(accessKey), os.Getenv(secretKey), ""),
+			Secure: mustParseBool(os.Getenv(enableHTTPS)),
+		})
+	if err != nil {
+		logError(testName, function, args, startTime, "", "MinIO client creation failed", err)
+		return
+	}
+
+	// Enable tracing, write to stderr.
+	// c.TraceOn(os.Stderr)
+
+	// Set user agent.
+	c.SetAppInfo("MinIO-go-FunctionalTest", "0.1.0")
+
+	// Generate a new random bucket name.
+	bucketName := randString(60, rand.NewSource(time.Now().UnixNano()), "minio-go-test-")
+	args["bucketName"] = bucketName
+
+	// Make a new bucket in 'eu-central-1'.
+	if err = c.MakeBucket(context.Background(), bucketName, minio.MakeBucketOptions{Region: region}); err != nil {
+		logError(testName, function, args, startTime, "", "MakeBucket Failed", err)
+		return
+	}
+	defer cleanupBucket(bucketName, c)
+
+	if err = c.MakeBucket(context.Background(), bucketName, minio.MakeBucketOptions{Region: region}); err == nil {
+		logError(testName, function, args, startTime, "", "Bucket already exists", err)
+		return
+	}
+	// Verify valid error response from server.
+	if minio.ToErrorResponse(err).Code != "BucketAlreadyExists" &&
+		minio.ToErrorResponse(err).Code != "BucketAlreadyOwnedByYou" {
+		logError(testName, function, args, startTime, "", "Invalid error returned by server", err)
+		return
+	}
+
+	successLogger(testName, function, args, startTime).Info()
+}
+
+func testMetadataSizeLimit() {
+	startTime := time.Now()
+	testName := getFuncName()
+	function := "PutObject(bucketName, objectName, reader, objectSize, opts)"
+	args := map[string]interface{}{
+		"bucketName":        "",
+		"objectName":        "",
+		"opts.UserMetadata": "",
+	}
+	rand.Seed(startTime.Unix())
+
+	// Instantiate new minio client object.
+	c, err := minio.New(os.Getenv(serverEndpoint),
+		&minio.Options{
+			Creds:  credentials.NewStaticV4(os.Getenv(accessKey), os.Getenv(secretKey), ""),
+			Secure: mustParseBool(os.Getenv(enableHTTPS)),
+		})
+	if err != nil {
+		logError(testName, function, args, startTime, "", "MinIO client creation failed", err)
+		return
+	}
+	c.SetAppInfo("MinIO-go-FunctionalTest", "0.1.0")
+
+	bucketName := randString(60, rand.NewSource(time.Now().UnixNano()), "minio-go-test-")
+	args["bucketName"] = bucketName
+
+	objectName := randString(60, rand.NewSource(time.Now().UnixNano()), "")
+	args["objectName"] = objectName
+
+	err = c.MakeBucket(context.Background(), bucketName, minio.MakeBucketOptions{Region: "us-east-1"})
+	if err != nil {
+		logError(testName, function, args, startTime, "", "Make bucket failed", err)
+		return
+	}
+
+	defer cleanupBucket(bucketName, c)
+
+	const HeaderSizeLimit = 8 * 1024
+	const UserMetadataLimit = 2 * 1024
+
+	// Meta-data greater than the 2 KB limit of AWS - PUT calls with this meta-data should fail
+	metadata := make(map[string]string)
+	metadata["X-Amz-Meta-Mint-Test"] = string(bytes.Repeat([]byte("m"), 1+UserMetadataLimit-len("X-Amz-Meta-Mint-Test")))
+	args["metadata"] = fmt.Sprint(metadata)
+
+	_, err = c.PutObject(context.Background(), bucketName, objectName, bytes.NewReader(nil), 0, minio.PutObjectOptions{UserMetadata: metadata})
+	if err == nil {
+		logError(testName, function, args, startTime, "", "Created object with user-defined metadata exceeding metadata size limits", nil)
+		return
+	}
+
+	// Meta-data (headers) greater than the 8 KB limit of AWS - PUT calls with this meta-data should fail
+	metadata = make(map[string]string)
+	metadata["X-Amz-Mint-Test"] = string(bytes.Repeat([]byte("m"), 1+HeaderSizeLimit-len("X-Amz-Mint-Test")))
+	args["metadata"] = fmt.Sprint(metadata)
+	_, err = c.PutObject(context.Background(), bucketName, objectName, bytes.NewReader(nil), 0, minio.PutObjectOptions{UserMetadata: metadata})
+	if err == nil {
+		logError(testName, function, args, startTime, "", "Created object with headers exceeding header size limits", nil)
+		return
+	}
+
+	successLogger(testName, function, args, startTime).Info()
+}
+
+// Tests various bucket supported formats.
+func testMakeBucketRegions() {
+	region := "eu-central-1"
+	// initialize logging params
+	startTime := time.Now()
+	testName := getFuncName()
+	function := "MakeBucket(bucketName, region)"
+	// initialize logging params
+	args := map[string]interface{}{
+		"bucketName": "",
+		"region":     region,
+	}
+
+	// Seed random based on current time.
+	rand.Seed(time.Now().Unix())
+
+	// Instantiate new minio client object.
+	c, err := minio.New(os.Getenv(serverEndpoint),
+		&minio.Options{
+			Creds:  credentials.NewStaticV4(os.Getenv(accessKey), os.Getenv(secretKey), ""),
+			Secure: mustParseBool(os.Getenv(enableHTTPS)),
+		})
+	if err != nil {
+		logError(testName, function, args, startTime, "", "MinIO client creation failed", err)
+		return
+	}
+
+	// Enable tracing, write to stderr.
+	// c.TraceOn(os.Stderr)
+
+	// Set user agent.
+	c.SetAppInfo("MinIO-go-FunctionalTest", "0.1.0")
+
+	// Generate a new random bucket name.
+	bucketName := randString(60, rand.NewSource(time.Now().UnixNano()), "minio-go-test-")
+	args["bucketName"] = bucketName
+
+	// Make a new bucket in 'eu-central-1'.
+	if err = c.MakeBucket(context.Background(), bucketName, minio.MakeBucketOptions{Region: region}); err != nil {
+		logError(testName, function, args, startTime, "", "MakeBucket failed", err)
+		return
+	}
+
+	// Delete all objects and buckets
+	if err = cleanupBucket(bucketName, c); err != nil {
+		logError(testName, function, args, startTime, "", "CleanupBucket failed", err)
+		return
+	}
+
+	// Make a new bucket with '.' in its name, in 'us-west-2'. This
+	// request is internally staged into a path style instead of
+	// virtual host style.
+	region = "us-west-2"
+	args["region"] = region
+	if err = c.MakeBucket(context.Background(), bucketName+".withperiod", minio.MakeBucketOptions{Region: region}); err != nil {
+		logError(testName, function, args, startTime, "", "MakeBucket failed", err)
+		return
+	}
+
+	// Delete all objects and buckets
+	if err = cleanupBucket(bucketName+".withperiod", c); err != nil {
+		logError(testName, function, args, startTime, "", "CleanupBucket failed", err)
+		return
+	}
+	successLogger(testName, function, args, startTime).Info()
+}
+
+// Test PutObject using a large data to trigger multipart readat
+func testPutObjectReadAt() {
+	// initialize logging params
+	startTime := time.Now()
+	testName := getFuncName()
+	function := "PutObject(bucketName, objectName, reader, opts)"
+	args := map[string]interface{}{
+		"bucketName": "",
+		"objectName": "",
+		"opts":       "objectContentType",
+	}
+
+	// Seed random based on current time.
+	rand.Seed(time.Now().Unix())
+
+	// Instantiate new minio client object.
+	c, err := minio.New(os.Getenv(serverEndpoint),
+		&minio.Options{
+			Creds:  credentials.NewStaticV4(os.Getenv(accessKey), os.Getenv(secretKey), ""),
+			Secure: mustParseBool(os.Getenv(enableHTTPS)),
+		})
+	if err != nil {
+		logError(testName, function, args, startTime, "", "MinIO client object creation failed", err)
+		return
+	}
+
+	// Enable tracing, write to stderr.
+	// c.TraceOn(os.Stderr)
+
+	// Set user agent.
+	c.SetAppInfo("MinIO-go-FunctionalTest", "0.1.0")
+
+	// Generate a new random bucket name.
+	bucketName := randString(60, rand.NewSource(time.Now().UnixNano()), "minio-go-test-")
+	args["bucketName"] = bucketName
+
+	// Make a new bucket.
+	err = c.MakeBucket(context.Background(), bucketName, minio.MakeBucketOptions{Region: "us-east-1"})
+	if err != nil {
+		logError(testName, function, args, startTime, "", "Make bucket failed", err)
+		return
+	}
+
+	defer cleanupBucket(bucketName, c)
+
+	bufSize := dataFileMap["datafile-129-MB"]
+	var reader = getDataReader("datafile-129-MB")
+	defer reader.Close()
+
+	// Save the data
+	objectName := randString(60, rand.NewSource(time.Now().UnixNano()), "")
+	args["objectName"] = objectName
+
+	// Object content type
+	objectContentType := "binary/octet-stream"
+	args["objectContentType"] = objectContentType
+
+	_, err = c.PutObject(context.Background(), bucketName, objectName, reader, int64(bufSize), minio.PutObjectOptions{ContentType: objectContentType})
+	if err != nil {
+		logError(testName, function, args, startTime, "", "PutObject failed", err)
+		return
+	}
+
+	// Read the data back
+	r, err := c.GetObject(context.Background(), bucketName, objectName, minio.GetObjectOptions{})
+	if err != nil {
+		logError(testName, function, args, startTime, "", "Get Object failed", err)
+		return
+	}
+
+	st, err := r.Stat()
+	if err != nil {
+		logError(testName, function, args, startTime, "", "Stat Object failed", err)
+		return
+	}
+	if st.Size != int64(bufSize) {
+		logError(testName, function, args, startTime, "", fmt.Sprintf("Number of bytes in stat does not match, expected %d got %d", bufSize, st.Size), err)
+		return
+	}
+	if st.ContentType != objectContentType && st.ContentType != "application/octet-stream" {
+		logError(testName, function, args, startTime, "", "Content types don't match", err)
+		return
+	}
+	if err := crcMatchesName(r, "datafile-129-MB"); err != nil {
+		logError(testName, function, args, startTime, "", "data CRC check failed", err)
+		return
+	}
+	if err := r.Close(); err != nil {
+		logError(testName, function, args, startTime, "", "Object Close failed", err)
+		return
+	}
+	if err := r.Close(); err == nil {
+		logError(testName, function, args, startTime, "", "Object is already closed, didn't return error on Close", err)
+		return
+	}
+
+	successLogger(testName, function, args, startTime).Info()
+}
+
+func testListObjectVersions() {
+	// initialize logging params
+	startTime := time.Now()
+	testName := getFuncName()
+	function := "ListObjectVersions(bucketName, prefix, recursive)"
+	args := map[string]interface{}{
+		"bucketName": "",
+		"prefix":     "",
+		"recursive":  "",
+	}
+
+	// Seed random based on current time.
+	rand.Seed(time.Now().Unix())
+
+	// Instantiate new minio client object.
+	c, err := minio.New(os.Getenv(serverEndpoint),
+		&minio.Options{
+			Creds:  credentials.NewStaticV4(os.Getenv(accessKey), os.Getenv(secretKey), ""),
+			Secure: mustParseBool(os.Getenv(enableHTTPS)),
+		})
+	if err != nil {
+		logError(testName, function, args, startTime, "", "MinIO client object creation failed", err)
+		return
+	}
+
+	// Enable tracing, write to stderr.
+	// c.TraceOn(os.Stderr)
+
+	// Set user agent.
+	c.SetAppInfo("MinIO-go-FunctionalTest", "0.1.0")
+
+	// Generate a new random bucket name.
+	bucketName := randString(60, rand.NewSource(time.Now().UnixNano()), "minio-go-test-")
+	args["bucketName"] = bucketName
+
+	// Make a new bucket.
+	err = c.MakeBucket(context.Background(), bucketName, minio.MakeBucketOptions{Region: "us-east-1", ObjectLocking: true})
+	if err != nil {
+		logError(testName, function, args, startTime, "", "Make bucket failed", err)
+		return
+	}
+
+	err = c.EnableVersioning(context.Background(), bucketName)
+	if err != nil {
+		logError(testName, function, args, startTime, "", "Enable versioning failed", err)
+		return
+	}
+
+	// Save the data
+	objectName := randString(60, rand.NewSource(time.Now().UnixNano()), "")
+	args["objectName"] = objectName
+
+	bufSize := dataFileMap["datafile-10-kB"]
+	var reader = getDataReader("datafile-10-kB")
+
+	_, err = c.PutObject(context.Background(), bucketName, objectName, reader, int64(bufSize), minio.PutObjectOptions{})
+	if err != nil {
+		logError(testName, function, args, startTime, "", "PutObject failed", err)
+		return
+	}
+	reader.Close()
+
+	bufSize = dataFileMap["datafile-1-b"]
+	reader = getDataReader("datafile-1-b")
+	_, err = c.PutObject(context.Background(), bucketName, objectName, reader, int64(bufSize), minio.PutObjectOptions{})
+	if err != nil {
+		logError(testName, function, args, startTime, "", "PutObject failed", err)
+		return
+	}
+	reader.Close()
+
+	err = c.RemoveObject(context.Background(), bucketName, objectName, minio.RemoveObjectOptions{})
+	if err != nil {
+		logError(testName, function, args, startTime, "", "Unexpected object deletion", err)
+		return
+	}
+
+	var deleteMarkers, versions int
+
+	objectsInfo := c.ListObjects(context.Background(), bucketName, minio.ListObjectsOptions{WithVersions: true, Recursive: true})
+	for info := range objectsInfo {
+		if info.Err != nil {
+			logError(testName, function, args, startTime, "", "Unexpected error during listing objects", err)
+			return
+		}
+		if info.Key != objectName {
+			logError(testName, function, args, startTime, "", "Unexpected object name in listing objects", nil)
+			return
+		}
+		if info.VersionID == "" {
+			logError(testName, function, args, startTime, "", "Unexpected version id in listing objects", nil)
+			return
+		}
+		if info.IsDeleteMarker {
+			deleteMarkers++
+			if !info.IsLatest {
+				logError(testName, function, args, startTime, "", "Unexpected IsLatest field in listing objects", nil)
+				return
+			}
+		} else {
+			versions++
+		}
+	}
+
+	if deleteMarkers != 1 {
+		logError(testName, function, args, startTime, "", "Unexpected number of DeleteMarker elements in listing objects", nil)
+		return
+	}
+
+	if versions != 2 {
+		logError(testName, function, args, startTime, "", "Unexpected number of Version elements in listing objects", nil)
+		return
+	}
+
+	// Delete all objects and their versions as long as the bucket itself
+	if err = cleanupVersionedBucket(bucketName, c); err != nil {
+		logError(testName, function, args, startTime, "", "CleanupBucket failed", err)
+		return
+	}
+
+	successLogger(testName, function, args, startTime).Info()
+}
+
+func testStatObjectWithVersioning() {
+	// initialize logging params
+	startTime := time.Now()
+	testName := getFuncName()
+	function := "StatObject"
+	args := map[string]interface{}{}
+
+	// Seed random based on current time.
+	rand.Seed(time.Now().Unix())
+
+	// Instantiate new minio client object.
+	c, err := minio.New(os.Getenv(serverEndpoint),
+		&minio.Options{
+			Creds:  credentials.NewStaticV4(os.Getenv(accessKey), os.Getenv(secretKey), ""),
+			Secure: mustParseBool(os.Getenv(enableHTTPS)),
+		})
+	if err != nil {
+		logError(testName, function, args, startTime, "", "MinIO client object creation failed", err)
+		return
+	}
+
+	// Enable tracing, write to stderr.
+	// c.TraceOn(os.Stderr)
+
+	// Set user agent.
+	c.SetAppInfo("MinIO-go-FunctionalTest", "0.1.0")
+
+	// Generate a new random bucket name.
+	bucketName := randString(60, rand.NewSource(time.Now().UnixNano()), "minio-go-test-")
+	args["bucketName"] = bucketName
+
+	// Make a new bucket.
+	err = c.MakeBucket(context.Background(), bucketName, minio.MakeBucketOptions{Region: "us-east-1", ObjectLocking: true})
+	if err != nil {
+		logError(testName, function, args, startTime, "", "Make bucket failed", err)
+		return
+	}
+
+	err = c.EnableVersioning(context.Background(), bucketName)
+	if err != nil {
+		logError(testName, function, args, startTime, "", "Enable versioning failed", err)
+		return
+	}
+
+	// Save the data
+	objectName := randString(60, rand.NewSource(time.Now().UnixNano()), "")
+	args["objectName"] = objectName
+
+	bufSize := dataFileMap["datafile-10-kB"]
+	var reader = getDataReader("datafile-10-kB")
+
+	_, err = c.PutObject(context.Background(), bucketName, objectName, reader, int64(bufSize), minio.PutObjectOptions{})
+	if err != nil {
+		logError(testName, function, args, startTime, "", "PutObject failed", err)
+		return
+	}
+	reader.Close()
+
+	bufSize = dataFileMap["datafile-1-b"]
+	reader = getDataReader("datafile-1-b")
+	_, err = c.PutObject(context.Background(), bucketName, objectName, reader, int64(bufSize), minio.PutObjectOptions{})
+	if err != nil {
+		logError(testName, function, args, startTime, "", "PutObject failed", err)
+		return
+	}
+	reader.Close()
+
+	objectsInfo := c.ListObjects(context.Background(), bucketName, minio.ListObjectsOptions{WithVersions: true, Recursive: true})
+
+	var results []minio.ObjectInfo
+	for info := range objectsInfo {
+		if info.Err != nil {
+			logError(testName, function, args, startTime, "", "Unexpected error during listing objects", err)
+			return
+		}
+		results = append(results, info)
+	}
+
+	if len(results) != 2 {
+		logError(testName, function, args, startTime, "", "Unexpected number of Version elements in listing objects", nil)
+		return
+	}
+
+	for i := 0; i < len(results); i++ {
+		opts := minio.StatObjectOptions{VersionID: results[i].VersionID}
+		statInfo, err := c.StatObject(context.Background(), bucketName, objectName, opts)
+		if err != nil {
+			logError(testName, function, args, startTime, "", "error during HEAD object", err)
+			return
+		}
+		if statInfo.VersionID == "" || statInfo.VersionID != results[i].VersionID {
+			logError(testName, function, args, startTime, "", "error during HEAD object, unexpected version id", err)
+			return
+		}
+		if statInfo.ETag != results[i].ETag {
+			logError(testName, function, args, startTime, "", "error during HEAD object, unexpected ETag", err)
+			return
+		}
+		if statInfo.LastModified.Unix() != results[i].LastModified.Unix() {
+			logError(testName, function, args, startTime, "", "error during HEAD object, unexpected Last-Modified", err)
+			return
+		}
+		if statInfo.Size != results[i].Size {
+			logError(testName, function, args, startTime, "", "error during HEAD object, unexpected Content-Length", err)
+			return
+		}
+	}
+
+	// Delete all objects and their versions as long as the bucket itself
+	if err = cleanupVersionedBucket(bucketName, c); err != nil {
+		logError(testName, function, args, startTime, "", "CleanupBucket failed", err)
+		return
+	}
+
+	successLogger(testName, function, args, startTime).Info()
+}
+
+func testGetObjectWithVersioning() {
+	// initialize logging params
+	startTime := time.Now()
+	testName := getFuncName()
+	function := "GetObject()"
+	args := map[string]interface{}{}
+
+	// Seed random based on current time.
+	rand.Seed(time.Now().Unix())
+
+	// Instantiate new minio client object.
+	c, err := minio.New(os.Getenv(serverEndpoint),
+		&minio.Options{
+			Creds:  credentials.NewStaticV4(os.Getenv(accessKey), os.Getenv(secretKey), ""),
+			Secure: mustParseBool(os.Getenv(enableHTTPS)),
+		})
+	if err != nil {
+		logError(testName, function, args, startTime, "", "MinIO client object creation failed", err)
+		return
+	}
+
+	// Enable tracing, write to stderr.
+	// c.TraceOn(os.Stderr)
+
+	// Set user agent.
+	c.SetAppInfo("MinIO-go-FunctionalTest", "0.1.0")
+
+	// Generate a new random bucket name.
+	bucketName := randString(60, rand.NewSource(time.Now().UnixNano()), "minio-go-test-")
+	args["bucketName"] = bucketName
+
+	// Make a new bucket.
+	err = c.MakeBucket(context.Background(), bucketName, minio.MakeBucketOptions{Region: "us-east-1", ObjectLocking: true})
+	if err != nil {
+		logError(testName, function, args, startTime, "", "Make bucket failed", err)
+		return
+	}
+
+	err = c.EnableVersioning(context.Background(), bucketName)
+	if err != nil {
+		logError(testName, function, args, startTime, "", "Enable versioning failed", err)
+		return
+	}
+
+	// Save the data
+	objectName := randString(60, rand.NewSource(time.Now().UnixNano()), "")
+	args["objectName"] = objectName
+
+	// Save the contents of datafiles to check with GetObject() reader output later
+	var buffers [][]byte
+	var testFiles = []string{"datafile-1-b", "datafile-10-kB"}
+
+	for _, testFile := range testFiles {
+		r := getDataReader(testFile)
+		buf, err := ioutil.ReadAll(r)
+		if err != nil {
+			logError(testName, function, args, startTime, "", "unexpected failure", err)
+			return
+		}
+		r.Close()
+		_, err = c.PutObject(context.Background(), bucketName, objectName, bytes.NewReader(buf), int64(len(buf)), minio.PutObjectOptions{})
+		if err != nil {
+			logError(testName, function, args, startTime, "", "PutObject failed", err)
+			return
+		}
+		buffers = append(buffers, buf)
+	}
+
+	objectsInfo := c.ListObjects(context.Background(), bucketName, minio.ListObjectsOptions{WithVersions: true, Recursive: true})
+
+	var results []minio.ObjectInfo
+	for info := range objectsInfo {
+		if info.Err != nil {
+			logError(testName, function, args, startTime, "", "Unexpected error during listing objects", err)
+			return
+		}
+		results = append(results, info)
+	}
+
+	if len(results) != 2 {
+		logError(testName, function, args, startTime, "", "Unexpected number of Version elements in listing objects", nil)
+		return
+	}
+
+	sort.SliceStable(results, func(i, j int) bool {
+		return results[i].Size < results[j].Size
+	})
+
+	sort.SliceStable(buffers, func(i, j int) bool {
+		return len(buffers[i]) < len(buffers[j])
+	})
+
+	for i := 0; i < len(results); i++ {
+		opts := minio.GetObjectOptions{VersionID: results[i].VersionID}
+		reader, err := c.GetObject(context.Background(), bucketName, objectName, opts)
+		if err != nil {
+			logError(testName, function, args, startTime, "", "error during  GET object", err)
+			return
+		}
+		statInfo, err := reader.Stat()
+		if err != nil {
+			logError(testName, function, args, startTime, "", "error during calling reader.Stat()", err)
+			return
+		}
+		if statInfo.ETag != results[i].ETag {
+			logError(testName, function, args, startTime, "", "error during HEAD object, unexpected ETag", err)
+			return
+		}
+		if statInfo.LastModified.Unix() != results[i].LastModified.Unix() {
+			logError(testName, function, args, startTime, "", "error during HEAD object, unexpected Last-Modified", err)
+			return
+		}
+		if statInfo.Size != results[i].Size {
+			logError(testName, function, args, startTime, "", "error during HEAD object, unexpected Content-Length", err)
+			return
+		}
+
+		tmpBuffer := bytes.NewBuffer([]byte{})
+		_, err = io.Copy(tmpBuffer, reader)
+		if err != nil {
+			logError(testName, function, args, startTime, "", "unexpected io.Copy()", err)
+			return
+		}
+
+		if !bytes.Equal(tmpBuffer.Bytes(), buffers[i]) {
+			logError(testName, function, args, startTime, "", "unexpected content of GetObject()", err)
+			return
+		}
+	}
+
+	// Delete all objects and their versions as long as the bucket itself
+	if err = cleanupVersionedBucket(bucketName, c); err != nil {
+		logError(testName, function, args, startTime, "", "CleanupBucket failed", err)
+		return
+	}
+
+	successLogger(testName, function, args, startTime).Info()
+}
+
+func testPutObjectWithVersioning() {
+	// initialize logging params
+	startTime := time.Now()
+	testName := getFuncName()
+	function := "GetObject()"
+	args := map[string]interface{}{}
+
+	// Seed random based on current time.
+	rand.Seed(time.Now().Unix())
+
+	// Instantiate new minio client object.
+	c, err := minio.New(os.Getenv(serverEndpoint),
+		&minio.Options{
+			Creds:  credentials.NewStaticV4(os.Getenv(accessKey), os.Getenv(secretKey), ""),
+			Secure: mustParseBool(os.Getenv(enableHTTPS)),
+		})
+	if err != nil {
+		logError(testName, function, args, startTime, "", "MinIO client object creation failed", err)
+		return
+	}
+
+	// Enable tracing, write to stderr.
+	// c.TraceOn(os.Stderr)
+
+	// Set user agent.
+	c.SetAppInfo("MinIO-go-FunctionalTest", "0.1.0")
+
+	// Generate a new random bucket name.
+	bucketName := randString(60, rand.NewSource(time.Now().UnixNano()), "minio-go-test-")
+	args["bucketName"] = bucketName
+
+	// Make a new bucket.
+	err = c.MakeBucket(context.Background(), bucketName, minio.MakeBucketOptions{Region: "us-east-1", ObjectLocking: true})
+	if err != nil {
+		logError(testName, function, args, startTime, "", "Make bucket failed", err)
+		return
+	}
+
+	err = c.EnableVersioning(context.Background(), bucketName)
+	if err != nil {
+		logError(testName, function, args, startTime, "", "Enable versioning failed", err)
+		return
+	}
+
+	objectName := randString(60, rand.NewSource(time.Now().UnixNano()), "")
+	args["objectName"] = objectName
+
+	const n = 10
+	// Read input...
+
+	// Save the data concurrently.
+	var wg sync.WaitGroup
+	wg.Add(n)
+	var buffers = make([][]byte, n)
+	var errs [n]error
+	for i := 0; i < n; i++ {
+		r := newRandomReader(int64((1<<20)*i+i), int64(i))
+		buf, err := ioutil.ReadAll(r)
+		if err != nil {
+			logError(testName, function, args, startTime, "", "unexpected failure", err)
+			return
+		}
+		buffers[i] = buf
+
+		go func(i int) {
+			defer wg.Done()
+			_, errs[i] = c.PutObject(context.Background(), bucketName, objectName, bytes.NewReader(buf), int64(len(buf)), minio.PutObjectOptions{PartSize: 5 << 20})
+		}(i)
+	}
+	wg.Wait()
+	for _, err := range errs {
+		if err != nil {
+			logError(testName, function, args, startTime, "", "PutObject failed", err)
+			return
+		}
+	}
+
+	objectsInfo := c.ListObjects(context.Background(), bucketName, minio.ListObjectsOptions{WithVersions: true, Recursive: true})
+	var results []minio.ObjectInfo
+	for info := range objectsInfo {
+		if info.Err != nil {
+			logError(testName, function, args, startTime, "", "Unexpected error during listing objects", err)
+			return
+		}
+		results = append(results, info)
+	}
+
+	if len(results) != n {
+		logError(testName, function, args, startTime, "", "Unexpected number of Version elements in listing objects", nil)
+		return
+	}
+
+	sort.Slice(results, func(i, j int) bool {
+		return results[i].Size < results[j].Size
+	})
+
+	sort.Slice(buffers, func(i, j int) bool {
+		return len(buffers[i]) < len(buffers[j])
+	})
+
+	for i := 0; i < len(results); i++ {
+		opts := minio.GetObjectOptions{VersionID: results[i].VersionID}
+		reader, err := c.GetObject(context.Background(), bucketName, objectName, opts)
+		if err != nil {
+			logError(testName, function, args, startTime, "", "error during  GET object", err)
+			return
+		}
+		statInfo, err := reader.Stat()
+		if err != nil {
+			logError(testName, function, args, startTime, "", "error during calling reader.Stat()", err)
+			return
+		}
+		if statInfo.ETag != results[i].ETag {
+			logError(testName, function, args, startTime, "", "error during HEAD object, unexpected ETag", err)
+			return
+		}
+		if statInfo.LastModified.Unix() != results[i].LastModified.Unix() {
+			logError(testName, function, args, startTime, "", "error during HEAD object, unexpected Last-Modified", err)
+			return
+		}
+		if statInfo.Size != results[i].Size {
+			logError(testName, function, args, startTime, "", "error during HEAD object, unexpected Content-Length", err)
+			return
+		}
+
+		tmpBuffer := bytes.NewBuffer([]byte{})
+		_, err = io.Copy(tmpBuffer, reader)
+		if err != nil {
+			logError(testName, function, args, startTime, "", "unexpected io.Copy()", err)
+			return
+		}
+
+		if !bytes.Equal(tmpBuffer.Bytes(), buffers[i]) {
+			logError(testName, function, args, startTime, "", "unexpected content of GetObject()", err)
+			return
+		}
+	}
+
+	// Delete all objects and their versions as long as the bucket itself
+	if err = cleanupVersionedBucket(bucketName, c); err != nil {
+		logError(testName, function, args, startTime, "", "CleanupBucket failed", err)
+		return
+	}
+
+	successLogger(testName, function, args, startTime).Info()
+}
+
+func testCopyObjectWithVersioning() {
+	// initialize logging params
+	startTime := time.Now()
+	testName := getFuncName()
+	function := "CopyObject()"
+	args := map[string]interface{}{}
+
+	// Seed random based on current time.
+	rand.Seed(time.Now().Unix())
+
+	// Instantiate new minio client object.
+	c, err := minio.New(os.Getenv(serverEndpoint),
+		&minio.Options{
+			Creds:  credentials.NewStaticV4(os.Getenv(accessKey), os.Getenv(secretKey), ""),
+			Secure: mustParseBool(os.Getenv(enableHTTPS)),
+		})
+	if err != nil {
+		logError(testName, function, args, startTime, "", "MinIO client object creation failed", err)
+		return
+	}
+
+	// Enable tracing, write to stderr.
+	// c.TraceOn(os.Stderr)
+
+	// Set user agent.
+	c.SetAppInfo("MinIO-go-FunctionalTest", "0.1.0")
+
+	// Generate a new random bucket name.
+	bucketName := randString(60, rand.NewSource(time.Now().UnixNano()), "minio-go-test-")
+	args["bucketName"] = bucketName
+
+	// Make a new bucket.
+	err = c.MakeBucket(context.Background(), bucketName, minio.MakeBucketOptions{Region: "us-east-1", ObjectLocking: true})
+	if err != nil {
+		logError(testName, function, args, startTime, "", "Make bucket failed", err)
+		return
+	}
+
+	err = c.EnableVersioning(context.Background(), bucketName)
+	if err != nil {
+		logError(testName, function, args, startTime, "", "Enable versioning failed", err)
+		return
+	}
+
+	objectName := randString(60, rand.NewSource(time.Now().UnixNano()), "")
+	args["objectName"] = objectName
+
+	var testFiles = []string{"datafile-1-b", "datafile-10-kB"}
+	for _, testFile := range testFiles {
+		r := getDataReader(testFile)
+		buf, err := ioutil.ReadAll(r)
+		if err != nil {
+			logError(testName, function, args, startTime, "", "unexpected failure", err)
+			return
+		}
+		r.Close()
+		_, err = c.PutObject(context.Background(), bucketName, objectName, bytes.NewReader(buf), int64(len(buf)), minio.PutObjectOptions{})
+		if err != nil {
+			logError(testName, function, args, startTime, "", "PutObject failed", err)
+			return
+		}
+	}
+
+	objectsInfo := c.ListObjects(context.Background(), bucketName, minio.ListObjectsOptions{WithVersions: true, Recursive: true})
+	var infos []minio.ObjectInfo
+	for info := range objectsInfo {
+		if info.Err != nil {
+			logError(testName, function, args, startTime, "", "Unexpected error during listing objects", err)
+			return
+		}
+		infos = append(infos, info)
+	}
+
+	sort.Slice(infos, func(i, j int) bool {
+		return infos[i].Size < infos[j].Size
+	})
+
+	reader, err := c.GetObject(context.Background(), bucketName, objectName, minio.GetObjectOptions{VersionID: infos[0].VersionID})
+	if err != nil {
+		logError(testName, function, args, startTime, "", "GetObject of the oldest version content failed", err)
+		return
+	}
+
+	oldestContent, err := ioutil.ReadAll(reader)
+	if err != nil {
+		logError(testName, function, args, startTime, "", "Reading the oldest object version failed", err)
+		return
+	}
+
+	// Copy Source
+	srcOpts := minio.CopySrcOptions{
+		Bucket:    bucketName,
+		Object:    objectName,
+		VersionID: infos[0].VersionID,
+	}
+	args["src"] = srcOpts
+
+	dstOpts := minio.CopyDestOptions{
+		Bucket: bucketName,
+		Object: objectName + "-copy",
+	}
+	args["dst"] = dstOpts
+
+	// Perform the Copy
+	if _, err = c.CopyObject(context.Background(), dstOpts, srcOpts); err != nil {
+		logError(testName, function, args, startTime, "", "CopyObject failed", err)
+		return
+	}
+
+	// Destination object
+	readerCopy, err := c.GetObject(context.Background(), bucketName, objectName+"-copy", minio.GetObjectOptions{})
+	if err != nil {
+		logError(testName, function, args, startTime, "", "GetObject failed", err)
+		return
+	}
+	defer readerCopy.Close()
+
+	newestContent, err := ioutil.ReadAll(readerCopy)
+	if err != nil {
+		logError(testName, function, args, startTime, "", "Reading from GetObject reader failed", err)
+		return
+	}
+
+	if len(newestContent) == 0 || !bytes.Equal(oldestContent, newestContent) {
+		logError(testName, function, args, startTime, "", "Unexpected destination object content", err)
+		return
+	}
+
+	// Delete all objects and their versions as long as the bucket itself
+	if err = cleanupVersionedBucket(bucketName, c); err != nil {
+		logError(testName, function, args, startTime, "", "CleanupBucket failed", err)
+		return
+	}
+
+	successLogger(testName, function, args, startTime).Info()
+}
+
+func testConcurrentCopyObjectWithVersioning() {
+	// initialize logging params
+	startTime := time.Now()
+	testName := getFuncName()
+	function := "CopyObject()"
+	args := map[string]interface{}{}
+
+	// Seed random based on current time.
+	rand.Seed(time.Now().Unix())
+
+	// Instantiate new minio client object.
+	c, err := minio.New(os.Getenv(serverEndpoint),
+		&minio.Options{
+			Creds:  credentials.NewStaticV4(os.Getenv(accessKey), os.Getenv(secretKey), ""),
+			Secure: mustParseBool(os.Getenv(enableHTTPS)),
+		})
+	if err != nil {
+		logError(testName, function, args, startTime, "", "MinIO client object creation failed", err)
+		return
+	}
+
+	// Enable tracing, write to stderr.
+	// c.TraceOn(os.Stderr)
+
+	// Set user agent.
+	c.SetAppInfo("MinIO-go-FunctionalTest", "0.1.0")
+
+	// Generate a new random bucket name.
+	bucketName := randString(60, rand.NewSource(time.Now().UnixNano()), "minio-go-test-")
+	args["bucketName"] = bucketName
+
+	// Make a new bucket.
+	err = c.MakeBucket(context.Background(), bucketName, minio.MakeBucketOptions{Region: "us-east-1", ObjectLocking: true})
+	if err != nil {
+		logError(testName, function, args, startTime, "", "Make bucket failed", err)
+		return
+	}
+
+	err = c.EnableVersioning(context.Background(), bucketName)
+	if err != nil {
+		logError(testName, function, args, startTime, "", "Enable versioning failed", err)
+		return
+	}
+
+	objectName := randString(60, rand.NewSource(time.Now().UnixNano()), "")
+	args["objectName"] = objectName
+
+	var testFiles = []string{"datafile-10-kB"}
+	for _, testFile := range testFiles {
+		r := getDataReader(testFile)
+		buf, err := ioutil.ReadAll(r)
+		if err != nil {
+			logError(testName, function, args, startTime, "", "unexpected failure", err)
+			return
+		}
+		r.Close()
+		_, err = c.PutObject(context.Background(), bucketName, objectName, bytes.NewReader(buf), int64(len(buf)), minio.PutObjectOptions{})
+		if err != nil {
+			logError(testName, function, args, startTime, "", "PutObject failed", err)
+			return
+		}
+	}
+
+	objectsInfo := c.ListObjects(context.Background(), bucketName, minio.ListObjectsOptions{WithVersions: true, Recursive: true})
+	var infos []minio.ObjectInfo
+	for info := range objectsInfo {
+		if info.Err != nil {
+			logError(testName, function, args, startTime, "", "Unexpected error during listing objects", err)
+			return
+		}
+		infos = append(infos, info)
+	}
+
+	sort.Slice(infos, func(i, j int) bool {
+		return infos[i].Size < infos[j].Size
+	})
+
+	reader, err := c.GetObject(context.Background(), bucketName, objectName, minio.GetObjectOptions{VersionID: infos[0].VersionID})
+	if err != nil {
+		logError(testName, function, args, startTime, "", "GetObject of the oldest version content failed", err)
+		return
+	}
+
+	oldestContent, err := ioutil.ReadAll(reader)
+	if err != nil {
+		logError(testName, function, args, startTime, "", "Reading the oldest object version failed", err)
+		return
+	}
+
+	// Copy Source
+	srcOpts := minio.CopySrcOptions{
+		Bucket:    bucketName,
+		Object:    objectName,
+		VersionID: infos[0].VersionID,
+	}
+	args["src"] = srcOpts
+
+	dstOpts := minio.CopyDestOptions{
+		Bucket: bucketName,
+		Object: objectName + "-copy",
+	}
+	args["dst"] = dstOpts
+
+	// Perform the Copy concurrently
+	const n = 10
+	var wg sync.WaitGroup
+	wg.Add(n)
+	var errs [n]error
+	for i := 0; i < n; i++ {
+		go func(i int) {
+			defer wg.Done()
+			_, errs[i] = c.CopyObject(context.Background(), dstOpts, srcOpts)
+		}(i)
+	}
+	wg.Wait()
+	for _, err := range errs {
+		if err != nil {
+			logError(testName, function, args, startTime, "", "CopyObject failed", err)
+			return
+		}
+	}
+
+	objectsInfo = c.ListObjects(context.Background(), bucketName, minio.ListObjectsOptions{WithVersions: true, Recursive: false, Prefix: dstOpts.Object})
+	infos = []minio.ObjectInfo{}
+	for info := range objectsInfo {
+		// Destination object
+		readerCopy, err := c.GetObject(context.Background(), bucketName, objectName+"-copy", minio.GetObjectOptions{VersionID: info.VersionID})
+		if err != nil {
+			logError(testName, function, args, startTime, "", "GetObject failed", err)
+			return
+		}
+		defer readerCopy.Close()
+
+		newestContent, err := ioutil.ReadAll(readerCopy)
+		if err != nil {
+			logError(testName, function, args, startTime, "", "Reading from GetObject reader failed", err)
+			return
+		}
+
+		if len(newestContent) == 0 || !bytes.Equal(oldestContent, newestContent) {
+			logError(testName, function, args, startTime, "", "Unexpected destination object content", err)
+			return
+		}
+		infos = append(infos, info)
+	}
+
+	if len(infos) != n {
+		logError(testName, function, args, startTime, "", "Unexpected number of Version elements in listing objects", nil)
+		return
+	}
+
+	// Delete all objects and their versions as long as the bucket itself
+	if err = cleanupVersionedBucket(bucketName, c); err != nil {
+		logError(testName, function, args, startTime, "", "CleanupBucket failed", err)
+		return
+	}
+
+	successLogger(testName, function, args, startTime).Info()
+}
+
+func testComposeObjectWithVersioning() {
+	// initialize logging params
+	startTime := time.Now()
+	testName := getFuncName()
+	function := "ComposeObject()"
+	args := map[string]interface{}{}
+
+	// Seed random based on current time.
+	rand.Seed(time.Now().Unix())
+
+	// Instantiate new minio client object.
+	c, err := minio.New(os.Getenv(serverEndpoint),
+		&minio.Options{
+			Creds:  credentials.NewStaticV4(os.Getenv(accessKey), os.Getenv(secretKey), ""),
+			Secure: mustParseBool(os.Getenv(enableHTTPS)),
+		})
+	if err != nil {
+		logError(testName, function, args, startTime, "", "MinIO client object creation failed", err)
+		return
+	}
+
+	// Enable tracing, write to stderr.
+	// c.TraceOn(os.Stderr)
+
+	// Set user agent.
+	c.SetAppInfo("MinIO-go-FunctionalTest", "0.1.0")
+
+	// Generate a new random bucket name.
+	bucketName := randString(60, rand.NewSource(time.Now().UnixNano()), "minio-go-test-")
+	args["bucketName"] = bucketName
+
+	// Make a new bucket.
+	err = c.MakeBucket(context.Background(), bucketName, minio.MakeBucketOptions{Region: "us-east-1", ObjectLocking: true})
+	if err != nil {
+		logError(testName, function, args, startTime, "", "Make bucket failed", err)
+		return
+	}
+
+	err = c.EnableVersioning(context.Background(), bucketName)
+	if err != nil {
+		logError(testName, function, args, startTime, "", "Enable versioning failed", err)
+		return
+	}
+
+	objectName := randString(60, rand.NewSource(time.Now().UnixNano()), "")
+	args["objectName"] = objectName
+
+	// var testFiles = []string{"datafile-5-MB", "datafile-10-kB"}
+	var testFiles = []string{"datafile-5-MB", "datafile-10-kB"}
+	var testFilesBytes [][]byte
+
+	for _, testFile := range testFiles {
+		r := getDataReader(testFile)
+		buf, err := ioutil.ReadAll(r)
+		if err != nil {
+			logError(testName, function, args, startTime, "", "unexpected failure", err)
+			return
+		}
+		r.Close()
+		_, err = c.PutObject(context.Background(), bucketName, objectName, bytes.NewReader(buf), int64(len(buf)), minio.PutObjectOptions{})
+		if err != nil {
+			logError(testName, function, args, startTime, "", "PutObject failed", err)
+			return
+		}
+		testFilesBytes = append(testFilesBytes, buf)
+	}
+
+	objectsInfo := c.ListObjects(context.Background(), bucketName, minio.ListObjectsOptions{WithVersions: true, Recursive: true})
+
+	var results []minio.ObjectInfo
+	for info := range objectsInfo {
+		if info.Err != nil {
+			logError(testName, function, args, startTime, "", "Unexpected error during listing objects", err)
+			return
+		}
+		results = append(results, info)
+	}
+
+	sort.SliceStable(results, func(i, j int) bool {
+		return results[i].Size > results[j].Size
+	})
+
+	// Source objects to concatenate. We also specify decryption
+	// key for each
+	src1 := minio.CopySrcOptions{
+		Bucket:    bucketName,
+		Object:    objectName,
+		VersionID: results[0].VersionID,
+	}
+
+	src2 := minio.CopySrcOptions{
+		Bucket:    bucketName,
+		Object:    objectName,
+		VersionID: results[1].VersionID,
+	}
+
+	dst := minio.CopyDestOptions{
+		Bucket: bucketName,
+		Object: objectName + "-copy",
+	}
+
+	_, err = c.ComposeObject(context.Background(), dst, src1, src2)
+	if err != nil {
+		logError(testName, function, args, startTime, "", "ComposeObject failed", err)
+		return
+	}
+
+	// Destination object
+	readerCopy, err := c.GetObject(context.Background(), bucketName, objectName+"-copy", minio.GetObjectOptions{})
+	if err != nil {
+		logError(testName, function, args, startTime, "", "GetObject of the copy object failed", err)
+		return
+	}
+	defer readerCopy.Close()
+
+	copyContentBytes, err := ioutil.ReadAll(readerCopy)
+	if err != nil {
+		logError(testName, function, args, startTime, "", "Reading from the copy object reader failed", err)
+		return
+	}
+
+	var expectedContent []byte
+	for _, fileBytes := range testFilesBytes {
+		expectedContent = append(expectedContent, fileBytes...)
+	}
+
+	if len(copyContentBytes) == 0 || !bytes.Equal(copyContentBytes, expectedContent) {
+		logError(testName, function, args, startTime, "", "Unexpected destination object content", err)
+		return
+	}
+
+	// Delete all objects and their versions as long as the bucket itself
+	if err = cleanupVersionedBucket(bucketName, c); err != nil {
+		logError(testName, function, args, startTime, "", "CleanupBucket failed", err)
+		return
+	}
+
+	successLogger(testName, function, args, startTime).Info()
+}
+
+func testRemoveObjectWithVersioning() {
+	// initialize logging params
+	startTime := time.Now()
+	testName := getFuncName()
+	function := "DeleteObject()"
+	args := map[string]interface{}{}
+
+	// Seed random based on current time.
+	rand.Seed(time.Now().Unix())
+
+	// Instantiate new minio client object.
+	c, err := minio.New(os.Getenv(serverEndpoint),
+		&minio.Options{
+			Creds:  credentials.NewStaticV4(os.Getenv(accessKey), os.Getenv(secretKey), ""),
+			Secure: mustParseBool(os.Getenv(enableHTTPS)),
+		})
+	if err != nil {
+		logError(testName, function, args, startTime, "", "MinIO client object creation failed", err)
+		return
+	}
+
+	// Enable tracing, write to stderr.
+	// c.TraceOn(os.Stderr)
+
+	// Set user agent.
+	c.SetAppInfo("MinIO-go-FunctionalTest", "0.1.0")
+
+	// Generate a new random bucket name.
+	bucketName := randString(60, rand.NewSource(time.Now().UnixNano()), "minio-go-test-")
+	args["bucketName"] = bucketName
+
+	// Make a new bucket.
+	err = c.MakeBucket(context.Background(), bucketName, minio.MakeBucketOptions{Region: "us-east-1", ObjectLocking: true})
+	if err != nil {
+		logError(testName, function, args, startTime, "", "Make bucket failed", err)
+		return
+	}
+
+	err = c.EnableVersioning(context.Background(), bucketName)
+	if err != nil {
+		logError(testName, function, args, startTime, "", "Enable versioning failed", err)
+		return
+	}
+
+	objectName := randString(60, rand.NewSource(time.Now().UnixNano()), "")
+	args["objectName"] = objectName
+
+	_, err = c.PutObject(context.Background(), bucketName, objectName, getDataReader("datafile-10-kB"), int64(dataFileMap["datafile-10-kB"]), minio.PutObjectOptions{})
+	if err != nil {
+		logError(testName, function, args, startTime, "", "PutObject failed", err)
+		return
+	}
+
+	objectsInfo := c.ListObjects(context.Background(), bucketName, minio.ListObjectsOptions{WithVersions: true, Recursive: true})
+	var version minio.ObjectInfo
+	for info := range objectsInfo {
+		if info.Err != nil {
+			logError(testName, function, args, startTime, "", "Unexpected error during listing objects", err)
+			return
+		}
+		version = info
+		break
+	}
+
+	err = c.RemoveObject(context.Background(), bucketName, objectName, minio.RemoveObjectOptions{VersionID: version.VersionID})
+	if err != nil {
+		logError(testName, function, args, startTime, "", "DeleteObject failed", err)
+		return
+	}
+
+	objectsInfo = c.ListObjects(context.Background(), bucketName, minio.ListObjectsOptions{WithVersions: true, Recursive: true})
+	for range objectsInfo {
+		logError(testName, function, args, startTime, "", "Unexpected versioning info, should not have any one ", err)
+		return
+	}
+
+	err = c.RemoveBucket(context.Background(), bucketName)
+	if err != nil {
+		logError(testName, function, args, startTime, "", "CleanupBucket failed", err)
+		return
+	}
+
+	successLogger(testName, function, args, startTime).Info()
+}
+
+func testRemoveObjectsWithVersioning() {
+	// initialize logging params
+	startTime := time.Now()
+	testName := getFuncName()
+	function := "DeleteObjects()"
+	args := map[string]interface{}{}
+
+	// Seed random based on current time.
+	rand.Seed(time.Now().Unix())
+
+	// Instantiate new minio client object.
+	c, err := minio.New(os.Getenv(serverEndpoint),
+		&minio.Options{
+			Creds:  credentials.NewStaticV4(os.Getenv(accessKey), os.Getenv(secretKey), ""),
+			Secure: mustParseBool(os.Getenv(enableHTTPS)),
+		})
+	if err != nil {
+		logError(testName, function, args, startTime, "", "MinIO client object creation failed", err)
+		return
+	}
+
+	// Enable tracing, write to stderr.
+	// c.TraceOn(os.Stderr)
+
+	// Set user agent.
+	c.SetAppInfo("MinIO-go-FunctionalTest", "0.1.0")
+
+	// Generate a new random bucket name.
+	bucketName := randString(60, rand.NewSource(time.Now().UnixNano()), "minio-go-test-")
+	args["bucketName"] = bucketName
+
+	// Make a new bucket.
+	err = c.MakeBucket(context.Background(), bucketName, minio.MakeBucketOptions{Region: "us-east-1", ObjectLocking: true})
+	if err != nil {
+		logError(testName, function, args, startTime, "", "Make bucket failed", err)
+		return
+	}
+
+	err = c.EnableVersioning(context.Background(), bucketName)
+	if err != nil {
+		logError(testName, function, args, startTime, "", "Enable versioning failed", err)
+		return
+	}
+
+	objectName := randString(60, rand.NewSource(time.Now().UnixNano()), "")
+	args["objectName"] = objectName
+
+	_, err = c.PutObject(context.Background(), bucketName, objectName, getDataReader("datafile-10-kB"), int64(dataFileMap["datafile-10-kB"]), minio.PutObjectOptions{})
+	if err != nil {
+		logError(testName, function, args, startTime, "", "PutObject failed", err)
+		return
+	}
+
+	objectsVersions := make(chan minio.ObjectInfo)
+	go func() {
+		objectsVersionsInfo := c.ListObjects(context.Background(), bucketName,
+			minio.ListObjectsOptions{WithVersions: true, Recursive: true})
+		for info := range objectsVersionsInfo {
+			if info.Err != nil {
+				logError(testName, function, args, startTime, "", "Unexpected error during listing objects", err)
+				return
+			}
+			objectsVersions <- info
+		}
+		close(objectsVersions)
+	}()
+
+	removeErrors := c.RemoveObjects(context.Background(), bucketName, objectsVersions, minio.RemoveObjectsOptions{})
+	if err != nil {
+		logError(testName, function, args, startTime, "", "DeleteObjects call failed", err)
+		return
+	}
+
+	for e := range removeErrors {
+		if e.Err != nil {
+			logError(testName, function, args, startTime, "", "Single delete operation failed", err)
+			return
+		}
+	}
+
+	objectsVersionsInfo := c.ListObjects(context.Background(), bucketName, minio.ListObjectsOptions{WithVersions: true, Recursive: true})
+	for range objectsVersionsInfo {
+		logError(testName, function, args, startTime, "", "Unexpected versioning info, should not have any one ", err)
+		return
+	}
+
+	err = c.RemoveBucket(context.Background(), bucketName)
+	if err != nil {
+		logError(testName, function, args, startTime, "", "CleanupBucket failed", err)
+		return
+	}
+
+	successLogger(testName, function, args, startTime).Info()
+}
+
+func testObjectTaggingWithVersioning() {
+	// initialize logging params
+	startTime := time.Now()
+	testName := getFuncName()
+	function := "{Get,Set,Remove}ObjectTagging()"
+	args := map[string]interface{}{}
+
+	// Seed random based on current time.
+	rand.Seed(time.Now().Unix())
+
+	// Instantiate new minio client object.
+	c, err := minio.New(os.Getenv(serverEndpoint),
+		&minio.Options{
+			Creds:  credentials.NewStaticV4(os.Getenv(accessKey), os.Getenv(secretKey), ""),
+			Secure: mustParseBool(os.Getenv(enableHTTPS)),
+		})
+	if err != nil {
+		logError(testName, function, args, startTime, "", "MinIO client object creation failed", err)
+		return
+	}
+
+	// Enable tracing, write to stderr.
+	// c.TraceOn(os.Stderr)
+
+	// Set user agent.
+	c.SetAppInfo("MinIO-go-FunctionalTest", "0.1.0")
+
+	// Generate a new random bucket name.
+	bucketName := randString(60, rand.NewSource(time.Now().UnixNano()), "minio-go-test-")
+	args["bucketName"] = bucketName
+
+	// Make a new bucket.
+	err = c.MakeBucket(context.Background(), bucketName, minio.MakeBucketOptions{Region: "us-east-1", ObjectLocking: true})
+	if err != nil {
+		logError(testName, function, args, startTime, "", "Make bucket failed", err)
+		return
+	}
+
+	err = c.EnableVersioning(context.Background(), bucketName)
+	if err != nil {
+		logError(testName, function, args, startTime, "", "Enable versioning failed", err)
+		return
+	}
+
+	objectName := randString(60, rand.NewSource(time.Now().UnixNano()), "")
+	args["objectName"] = objectName
+
+	for _, file := range []string{"datafile-1-b", "datafile-10-kB"} {
+		_, err = c.PutObject(context.Background(), bucketName, objectName, getDataReader(file), int64(dataFileMap[file]), minio.PutObjectOptions{})
+		if err != nil {
+			logError(testName, function, args, startTime, "", "PutObject failed", err)
+			return
+		}
+	}
+
+	versionsInfo := c.ListObjects(context.Background(), bucketName, minio.ListObjectsOptions{WithVersions: true, Recursive: true})
+
+	var versions []minio.ObjectInfo
+	for info := range versionsInfo {
+		if info.Err != nil {
+			logError(testName, function, args, startTime, "", "Unexpected error during listing objects", err)
+			return
+		}
+		versions = append(versions, info)
+	}
+
+	sort.SliceStable(versions, func(i, j int) bool {
+		return versions[i].Size < versions[j].Size
+	})
+
+	tagsV1 := map[string]string{"key1": "val1"}
+	t1, err := tags.MapToObjectTags(tagsV1)
+	if err != nil {
+		logError(testName, function, args, startTime, "", "PutObjectTagging (1) failed", err)
+		return
+	}
+
+	err = c.PutObjectTagging(context.Background(), bucketName, objectName, t1, minio.PutObjectTaggingOptions{VersionID: versions[0].VersionID})
+	if err != nil {
+		logError(testName, function, args, startTime, "", "PutObjectTagging (1) failed", err)
+		return
+	}
+
+	tagsV2 := map[string]string{"key2": "val2"}
+	t2, err := tags.MapToObjectTags(tagsV2)
+	if err != nil {
+		logError(testName, function, args, startTime, "", "PutObjectTagging (1) failed", err)
+		return
+	}
+
+	err = c.PutObjectTagging(context.Background(), bucketName, objectName, t2, minio.PutObjectTaggingOptions{VersionID: versions[1].VersionID})
+	if err != nil {
+		logError(testName, function, args, startTime, "", "PutObjectTagging (2) failed", err)
+		return
+	}
+
+	tagsEqual := func(tags1, tags2 map[string]string) bool {
+		for k1, v1 := range tags1 {
+			v2, found := tags2[k1]
+			if found {
+				if v1 != v2 {
+					return false
+				}
+			}
+		}
+		return true
+	}
+
+	gotTagsV1, err := c.GetObjectTagging(context.Background(), bucketName, objectName, minio.GetObjectTaggingOptions{VersionID: versions[0].VersionID})
+	if err != nil {
+		logError(testName, function, args, startTime, "", "GetObjectTagging failed", err)
+		return
+	}
+
+	if !tagsEqual(t1.ToMap(), gotTagsV1.ToMap()) {
+		logError(testName, function, args, startTime, "", "Unexpected tags content (1)", err)
+		return
+	}
+
+	gotTagsV2, err := c.GetObjectTagging(context.Background(), bucketName, objectName, minio.GetObjectTaggingOptions{})
+	if err != nil {
+		logError(testName, function, args, startTime, "", "GetObjectTaggingContext failed", err)
+		return
+	}
+
+	if !tagsEqual(t2.ToMap(), gotTagsV2.ToMap()) {
+		logError(testName, function, args, startTime, "", "Unexpected tags content (2)", err)
+		return
+	}
+
+	err = c.RemoveObjectTagging(context.Background(), bucketName, objectName, minio.RemoveObjectTaggingOptions{VersionID: versions[0].VersionID})
+	if err != nil {
+		logError(testName, function, args, startTime, "", "PutObjectTagging (2) failed", err)
+		return
+	}
+
+	emptyTags, err := c.GetObjectTagging(context.Background(), bucketName, objectName,
+		minio.GetObjectTaggingOptions{VersionID: versions[0].VersionID})
+	if err != nil {
+		logError(testName, function, args, startTime, "", "GetObjectTagging failed", err)
+		return
+	}
+
+	if len(emptyTags.ToMap()) != 0 {
+		logError(testName, function, args, startTime, "", "Unexpected tags content (2)", err)
+		return
+	}
+
+	// Delete all objects and their versions as long as the bucket itself
+	if err = cleanupVersionedBucket(bucketName, c); err != nil {
+		logError(testName, function, args, startTime, "", "CleanupBucket failed", err)
+		return
+	}
+
+	successLogger(testName, function, args, startTime).Info()
+}
+
+// Test PutObject using a large data to trigger multipart readat
+func testPutObjectWithMetadata() {
+	// initialize logging params
+	startTime := time.Now()
+	testName := getFuncName()
+	function := "PutObject(bucketName, objectName, reader,size, opts)"
+	args := map[string]interface{}{
+		"bucketName": "",
+		"objectName": "",
+		"opts":       "minio.PutObjectOptions{UserMetadata: metadata, Progress: progress}",
+	}
+
+	if !isFullMode() {
+		ignoredLog(testName, function, args, startTime, "Skipping functional tests for short/quick runs").Info()
+		return
+	}
+
+	// Seed random based on current time.
+	rand.Seed(time.Now().Unix())
+
+	// Instantiate new minio client object.
+	c, err := minio.New(os.Getenv(serverEndpoint),
+		&minio.Options{
+			Creds:  credentials.NewStaticV4(os.Getenv(accessKey), os.Getenv(secretKey), ""),
+			Secure: mustParseBool(os.Getenv(enableHTTPS)),
+		})
+	if err != nil {
+		logError(testName, function, args, startTime, "", "MinIO client object creation failed", err)
+		return
+	}
+
+	// Enable tracing, write to stderr.
+	// c.TraceOn(os.Stderr)
+
+	// Set user agent.
+	c.SetAppInfo("MinIO-go-FunctionalTest", "0.1.0")
+
+	// Generate a new random bucket name.
+	bucketName := randString(60, rand.NewSource(time.Now().UnixNano()), "minio-go-test-")
+	args["bucketName"] = bucketName
+
+	// Make a new bucket.
+	err = c.MakeBucket(context.Background(), bucketName, minio.MakeBucketOptions{Region: "us-east-1"})
+	if err != nil {
+		logError(testName, function, args, startTime, "", "Make bucket failed", err)
+		return
+	}
+
+	defer cleanupBucket(bucketName, c)
+
+	bufSize := dataFileMap["datafile-129-MB"]
+	var reader = getDataReader("datafile-129-MB")
+	defer reader.Close()
+
+	// Save the data
+	objectName := randString(60, rand.NewSource(time.Now().UnixNano()), "")
+	args["objectName"] = objectName
+
+	// Object custom metadata
+	customContentType := "custom/contenttype"
+
+	args["metadata"] = map[string][]string{
+		"Content-Type":         {customContentType},
+		"X-Amz-Meta-CustomKey": {"extra  spaces  in   value"},
+	}
+
+	_, err = c.PutObject(context.Background(), bucketName, objectName, reader, int64(bufSize), minio.PutObjectOptions{
+		ContentType: customContentType})
+	if err != nil {
+		logError(testName, function, args, startTime, "", "PutObject failed", err)
+		return
+	}
+
+	// Read the data back
+	r, err := c.GetObject(context.Background(), bucketName, objectName, minio.GetObjectOptions{})
+	if err != nil {
+		logError(testName, function, args, startTime, "", "GetObject failed", err)
+		return
+	}
+
+	st, err := r.Stat()
+	if err != nil {
+		logError(testName, function, args, startTime, "", "Stat failed", err)
+		return
+	}
+	if st.Size != int64(bufSize) {
+		logError(testName, function, args, startTime, "", "Number of bytes returned by PutObject does not match GetObject, expected "+string(bufSize)+" got "+string(st.Size), err)
+		return
+	}
+	if st.ContentType != customContentType && st.ContentType != "application/octet-stream" {
+		logError(testName, function, args, startTime, "", "ContentType does not match, expected "+customContentType+" got "+st.ContentType, err)
+		return
+	}
+	if err := crcMatchesName(r, "datafile-129-MB"); err != nil {
+		logError(testName, function, args, startTime, "", "data CRC check failed", err)
+		return
+	}
+	if err := r.Close(); err != nil {
+		logError(testName, function, args, startTime, "", "Object Close failed", err)
+		return
+	}
+	if err := r.Close(); err == nil {
+		logError(testName, function, args, startTime, "", "Object already closed, should respond with error", err)
+		return
+	}
+
+	successLogger(testName, function, args, startTime).Info()
+}
+
+func testPutObjectWithContentLanguage() {
+	// initialize logging params
+	objectName := "test-object"
+	startTime := time.Now()
+	testName := getFuncName()
+	function := "PutObject(bucketName, objectName, reader, size, opts)"
+	args := map[string]interface{}{
+		"bucketName": "",
+		"objectName": objectName,
+		"size":       -1,
+		"opts":       "",
+	}
+
+	// Seed random based on current time.
+	rand.Seed(time.Now().Unix())
+
+	// Instantiate new minio client object.
+	c, err := minio.New(os.Getenv(serverEndpoint),
+		&minio.Options{
+			Creds:  credentials.NewStaticV4(os.Getenv(accessKey), os.Getenv(secretKey), ""),
+			Secure: mustParseBool(os.Getenv(enableHTTPS)),
+		})
+	if err != nil {
+		logError(testName, function, args, startTime, "", "MinIO client object creation failed", err)
+		return
+	}
+
+	// Enable tracing, write to stderr.
+	// c.TraceOn(os.Stderr)
+
+	// Set user agent.
+	c.SetAppInfo("MinIO-go-FunctionalTest", "0.1.0")
+
+	// Generate a new random bucket name.
+	bucketName := randString(60, rand.NewSource(time.Now().UnixNano()), "minio-go-test-")
+	args["bucketName"] = bucketName
+	// Make a new bucket.
+	err = c.MakeBucket(context.Background(), bucketName, minio.MakeBucketOptions{Region: "us-east-1"})
+	if err != nil {
+		logError(testName, function, args, startTime, "", "MakeBucket failed", err)
+		return
+	}
+
+	defer cleanupBucket(bucketName, c)
+
+	data := []byte{}
+	_, err = c.PutObject(context.Background(), bucketName, objectName, bytes.NewReader(data), int64(0), minio.PutObjectOptions{
+		ContentLanguage: "en",
+	})
+	if err != nil {
+		logError(testName, function, args, startTime, "", "PutObject failed", err)
+		return
+	}
+
+	objInfo, err := c.StatObject(context.Background(), bucketName, objectName, minio.StatObjectOptions{})
+	if err != nil {
+		logError(testName, function, args, startTime, "", "StatObject failed", err)
+		return
+	}
+
+	if objInfo.Metadata.Get("Content-Language") != "en" {
+		logError(testName, function, args, startTime, "", "Expected content-language 'en' doesn't match with StatObject return value", err)
+		return
+	}
+
+	successLogger(testName, function, args, startTime).Info()
+}
+
+// Test put object with streaming signature.
+func testPutObjectStreaming() {
+	// initialize logging params
+	objectName := "test-object"
+	startTime := time.Now()
+	testName := getFuncName()
+	function := "PutObject(bucketName, objectName, reader,size,opts)"
+	args := map[string]interface{}{
+		"bucketName": "",
+		"objectName": objectName,
+		"size":       -1,
+		"opts":       "",
+	}
+
+	// Seed random based on current time.
+	rand.Seed(time.Now().Unix())
+
+	// Instantiate new minio client object.
+	c, err := minio.New(os.Getenv(serverEndpoint),
+		&minio.Options{
+			Creds:  credentials.NewStaticV4(os.Getenv(accessKey), os.Getenv(secretKey), ""),
+			Secure: mustParseBool(os.Getenv(enableHTTPS)),
+		})
+	if err != nil {
+		logError(testName, function, args, startTime, "", "MinIO client object creation failed", err)
+		return
+	}
+
+	// Enable tracing, write to stderr.
+	// c.TraceOn(os.Stderr)
+
+	// Set user agent.
+	c.SetAppInfo("MinIO-go-FunctionalTest", "0.1.0")
+
+	// Generate a new random bucket name.
+	bucketName := randString(60, rand.NewSource(time.Now().UnixNano()), "minio-go-test-")
+	args["bucketName"] = bucketName
+	// Make a new bucket.
+	err = c.MakeBucket(context.Background(), bucketName, minio.MakeBucketOptions{Region: "us-east-1"})
+	if err != nil {
+		logError(testName, function, args, startTime, "", "MakeBucket failed", err)
+		return
+	}
+
+	defer cleanupBucket(bucketName, c)
+
+	// Upload an object.
+	sizes := []int64{0, 64*1024 - 1, 64 * 1024}
+
+	for _, size := range sizes {
+		data := newRandomReader(size, size)
+		ui, err := c.PutObject(context.Background(), bucketName, objectName, data, int64(size), minio.PutObjectOptions{})
+		if err != nil {
+			logError(testName, function, args, startTime, "", "PutObjectStreaming failed", err)
+			return
+		}
+
+		if ui.Size != size {
+			logError(testName, function, args, startTime, "", "PutObjectStreaming result has unexpected size", nil)
+			return
+		}
+
+		objInfo, err := c.StatObject(context.Background(), bucketName, objectName, minio.StatObjectOptions{})
+		if err != nil {
+			logError(testName, function, args, startTime, "", "StatObject failed", err)
+			return
+		}
+		if objInfo.Size != size {
+			logError(testName, function, args, startTime, "", "Unexpected size", err)
+			return
+		}
+
+	}
+
+	successLogger(testName, function, args, startTime).Info()
+}
+
+// Test get object seeker from the end, using whence set to '2'.
+func testGetObjectSeekEnd() {
+	// initialize logging params
+	startTime := time.Now()
+	testName := getFuncName()
+	function := "GetObject(bucketName, objectName)"
+	args := map[string]interface{}{}
+
+	// Seed random based on current time.
+	rand.Seed(time.Now().Unix())
+
+	// Instantiate new minio client object.
+	c, err := minio.New(os.Getenv(serverEndpoint),
+		&minio.Options{
+			Creds:  credentials.NewStaticV4(os.Getenv(accessKey), os.Getenv(secretKey), ""),
+			Secure: mustParseBool(os.Getenv(enableHTTPS)),
+		})
+	if err != nil {
+		logError(testName, function, args, startTime, "", "MinIO client object creation failed", err)
+		return
+	}
+
+	// Enable tracing, write to stderr.
+	// c.TraceOn(os.Stderr)
+
+	// Set user agent.
+	c.SetAppInfo("MinIO-go-FunctionalTest", "0.1.0")
+
+	// Generate a new random bucket name.
+	bucketName := randString(60, rand.NewSource(time.Now().UnixNano()), "minio-go-test-")
+	args["bucketName"] = bucketName
+
+	// Make a new bucket.
+	err = c.MakeBucket(context.Background(), bucketName, minio.MakeBucketOptions{Region: "us-east-1"})
+	if err != nil {
+		logError(testName, function, args, startTime, "", "MakeBucket failed", err)
+		return
+	}
+
+	defer cleanupBucket(bucketName, c)
+
+	// Generate 33K of data.
+	bufSize := dataFileMap["datafile-33-kB"]
+	var reader = getDataReader("datafile-33-kB")
+	defer reader.Close()
+
+	// Save the data
+	objectName := randString(60, rand.NewSource(time.Now().UnixNano()), "")
+	args["objectName"] = objectName
+
+	buf, err := ioutil.ReadAll(reader)
+	if err != nil {
+		logError(testName, function, args, startTime, "", "ReadAll failed", err)
+		return
+	}
+
+	_, err = c.PutObject(context.Background(), bucketName, objectName, bytes.NewReader(buf), int64(len(buf)), minio.PutObjectOptions{ContentType: "binary/octet-stream"})
+	if err != nil {
+		logError(testName, function, args, startTime, "", "PutObject failed", err)
+		return
+	}
+
+	// Read the data back
+	r, err := c.GetObject(context.Background(), bucketName, objectName, minio.GetObjectOptions{})
+	if err != nil {
+		logError(testName, function, args, startTime, "", "GetObject failed", err)
+		return
+	}
+
+	st, err := r.Stat()
+	if err != nil {
+		logError(testName, function, args, startTime, "", "Stat failed", err)
+		return
+	}
+
+	if st.Size != int64(bufSize) {
+		logError(testName, function, args, startTime, "", "Number of bytes read does not match, expected "+string(int64(bufSize))+" got "+string(st.Size), err)
+		return
+	}
+
+	pos, err := r.Seek(-100, 2)
+	if err != nil {
+		logError(testName, function, args, startTime, "", "Object Seek failed", err)
+		return
+	}
+	if pos != st.Size-100 {
+		logError(testName, function, args, startTime, "", "Incorrect position", err)
+		return
+	}
+	buf2 := make([]byte, 100)
+	m, err := readFull(r, buf2)
+	if err != nil {
+		logError(testName, function, args, startTime, "", "Error reading through readFull", err)
+		return
+	}
+	if m != len(buf2) {
+		logError(testName, function, args, startTime, "", "Number of bytes dont match, expected "+string(len(buf2))+" got "+string(m), err)
+		return
+	}
+	hexBuf1 := fmt.Sprintf("%02x", buf[len(buf)-100:])
+	hexBuf2 := fmt.Sprintf("%02x", buf2[:m])
+	if hexBuf1 != hexBuf2 {
+		logError(testName, function, args, startTime, "", "Values at same index dont match", err)
+		return
+	}
+	pos, err = r.Seek(-100, 2)
+	if err != nil {
+		logError(testName, function, args, startTime, "", "Object Seek failed", err)
+		return
+	}
+	if pos != st.Size-100 {
+		logError(testName, function, args, startTime, "", "Incorrect position", err)
+		return
+	}
+	if err = r.Close(); err != nil {
+		logError(testName, function, args, startTime, "", "ObjectClose failed", err)
+		return
+	}
+
+	successLogger(testName, function, args, startTime).Info()
+}
+
+// Test get object reader to not throw error on being closed twice.
+func testGetObjectClosedTwice() {
+	// initialize logging params
+	startTime := time.Now()
+	testName := getFuncName()
+	function := "GetObject(bucketName, objectName)"
+	args := map[string]interface{}{}
+
+	// Seed random based on current time.
+	rand.Seed(time.Now().Unix())
+
+	// Instantiate new minio client object.
+	c, err := minio.New(os.Getenv(serverEndpoint),
+		&minio.Options{
+			Creds:  credentials.NewStaticV4(os.Getenv(accessKey), os.Getenv(secretKey), ""),
+			Secure: mustParseBool(os.Getenv(enableHTTPS)),
+		})
+	if err != nil {
+		logError(testName, function, args, startTime, "", "MinIO client object creation failed", err)
+		return
+	}
+
+	// Enable tracing, write to stderr.
+	// c.TraceOn(os.Stderr)
+
+	// Set user agent.
+	c.SetAppInfo("MinIO-go-FunctionalTest", "0.1.0")
+
+	// Generate a new random bucket name.
+	bucketName := randString(60, rand.NewSource(time.Now().UnixNano()), "minio-go-test-")
+	args["bucketName"] = bucketName
+
+	// Make a new bucket.
+	err = c.MakeBucket(context.Background(), bucketName, minio.MakeBucketOptions{Region: "us-east-1"})
+	if err != nil {
+		logError(testName, function, args, startTime, "", "MakeBucket failed", err)
+		return
+	}
+
+	defer cleanupBucket(bucketName, c)
+
+	// Generate 33K of data.
+	bufSize := dataFileMap["datafile-33-kB"]
+	var reader = getDataReader("datafile-33-kB")
+	defer reader.Close()
+
+	// Save the data
+	objectName := randString(60, rand.NewSource(time.Now().UnixNano()), "")
+	args["objectName"] = objectName
+
+	_, err = c.PutObject(context.Background(), bucketName, objectName, reader, int64(bufSize), minio.PutObjectOptions{ContentType: "binary/octet-stream"})
+	if err != nil {
+		logError(testName, function, args, startTime, "", "PutObject failed", err)
+		return
+	}
+
+	// Read the data back
+	r, err := c.GetObject(context.Background(), bucketName, objectName, minio.GetObjectOptions{})
+	if err != nil {
+		logError(testName, function, args, startTime, "", "GetObject failed", err)
+		return
+	}
+
+	st, err := r.Stat()
+	if err != nil {
+		logError(testName, function, args, startTime, "", "Stat failed", err)
+		return
+	}
+	if st.Size != int64(bufSize) {
+		logError(testName, function, args, startTime, "", "Number of bytes in stat does not match, expected "+string(int64(bufSize))+" got "+string(st.Size), err)
+		return
+	}
+	if err := crcMatchesName(r, "datafile-33-kB"); err != nil {
+		logError(testName, function, args, startTime, "", "data CRC check failed", err)
+		return
+	}
+	if err := r.Close(); err != nil {
+		logError(testName, function, args, startTime, "", "Object Close failed", err)
+		return
+	}
+	if err := r.Close(); err == nil {
+		logError(testName, function, args, startTime, "", "Already closed object. No error returned", err)
+		return
+	}
+
+	successLogger(testName, function, args, startTime).Info()
+}
+
+// Test RemoveObjects request where context cancels after timeout
+func testRemoveObjectsContext() {
+	// Initialize logging params.
+	startTime := time.Now()
+	testName := getFuncName()
+	function := "RemoveObjects(ctx, bucketName, objectsCh)"
+	args := map[string]interface{}{
+		"bucketName": "",
+	}
+
+	// Seed random based on current tie.
+	rand.Seed(time.Now().Unix())
+
+	// Instantiate new minio client.
+	c, err := minio.New(os.Getenv(serverEndpoint),
+		&minio.Options{
+			Creds:  credentials.NewStaticV4(os.Getenv(accessKey), os.Getenv(secretKey), ""),
+			Secure: mustParseBool(os.Getenv(enableHTTPS)),
+		})
+	if err != nil {
+		logError(testName, function, args, startTime, "", "MinIO client object creation failed", err)
+		return
+	}
+
+	// Set user agent.
+	c.SetAppInfo("MinIO-go-FunctionalTest", "0.1.0")
+	// Enable tracing, write to stdout.
+	// c.TraceOn(os.Stderr)
+
+	// Generate a new random bucket name.
+	bucketName := randString(60, rand.NewSource(time.Now().UnixNano()), "minio-go-test-")
+	args["bucketName"] = bucketName
+
+	// Make a new bucket.
+	err = c.MakeBucket(context.Background(), bucketName, minio.MakeBucketOptions{Region: "us-east-1"})
+	if err != nil {
+		logError(testName, function, args, startTime, "", "MakeBucket failed", err)
+		return
+	}
+
+	defer cleanupBucket(bucketName, c)
+
+	// Generate put data.
+	r := bytes.NewReader(bytes.Repeat([]byte("a"), 8))
+
+	// Multi remove of 20 objects.
+	nrObjects := 20
+	objectsCh := make(chan minio.ObjectInfo)
+	go func() {
+		defer close(objectsCh)
+		for i := 0; i < nrObjects; i++ {
+			objectName := "sample" + strconv.Itoa(i) + ".txt"
+			info, err := c.PutObject(context.Background(), bucketName, objectName, r, 8,
+				minio.PutObjectOptions{ContentType: "application/octet-stream"})
+			if err != nil {
+				logError(testName, function, args, startTime, "", "PutObject failed", err)
+				continue
+			}
+			objectsCh <- minio.ObjectInfo{
+				Key:       info.Key,
+				VersionID: info.VersionID,
+			}
+		}
+	}()
+	// Set context to cancel in 1 nanosecond.
+	ctx, cancel := context.WithTimeout(context.Background(), 1*time.Nanosecond)
+	args["ctx"] = ctx
+	defer cancel()
+
+	// Call RemoveObjects API with short timeout.
+	errorCh := c.RemoveObjects(ctx, bucketName, objectsCh, minio.RemoveObjectsOptions{})
+	// Check for error.
+	select {
+	case r := <-errorCh:
+		if r.Err == nil {
+			logError(testName, function, args, startTime, "", "RemoveObjects should fail on short timeout", err)
+			return
+		}
+	}
+	// Set context with longer timeout.
+	ctx, cancel = context.WithTimeout(context.Background(), 1*time.Hour)
+	args["ctx"] = ctx
+	defer cancel()
+	// Perform RemoveObjects with the longer timeout. Expect the removals to succeed.
+	errorCh = c.RemoveObjects(ctx, bucketName, objectsCh, minio.RemoveObjectsOptions{})
+	select {
+	case r, more := <-errorCh:
+		if more || r.Err != nil {
+			logError(testName, function, args, startTime, "", "Unexpected error", r.Err)
+			return
+		}
+	}
+
+	successLogger(testName, function, args, startTime).Info()
+}
+
+// Test removing multiple objects with Remove API
+func testRemoveMultipleObjects() {
+	// initialize logging params
+	startTime := time.Now()
+	testName := getFuncName()
+	function := "RemoveObjects(bucketName, objectsCh)"
+	args := map[string]interface{}{
+		"bucketName": "",
+	}
+
+	// Seed random based on current time.
+	rand.Seed(time.Now().Unix())
+
+	// Instantiate new minio client object.
+	c, err := minio.New(os.Getenv(serverEndpoint),
+		&minio.Options{
+			Creds:  credentials.NewStaticV4(os.Getenv(accessKey), os.Getenv(secretKey), ""),
+			Secure: mustParseBool(os.Getenv(enableHTTPS)),
+		})
+	if err != nil {
+		logError(testName, function, args, startTime, "", "MinIO client object creation failed", err)
+		return
+	}
+
+	// Set user agent.
+	c.SetAppInfo("MinIO-go-FunctionalTest", "0.1.0")
+
+	// Enable tracing, write to stdout.
+	// c.TraceOn(os.Stderr)
+
+	// Generate a new random bucket name.
+	bucketName := randString(60, rand.NewSource(time.Now().UnixNano()), "minio-go-test-")
+	args["bucketName"] = bucketName
+
+	// Make a new bucket.
+	err = c.MakeBucket(context.Background(), bucketName, minio.MakeBucketOptions{Region: "us-east-1"})
+	if err != nil {
+		logError(testName, function, args, startTime, "", "MakeBucket failed", err)
+		return
+	}
+
+	defer cleanupBucket(bucketName, c)
+
+	r := bytes.NewReader(bytes.Repeat([]byte("a"), 8))
+
+	// Multi remove of 1100 objects
+	nrObjects := 200
+
+	objectsCh := make(chan minio.ObjectInfo)
+
+	go func() {
+		defer close(objectsCh)
+		// Upload objects and send them to objectsCh
+		for i := 0; i < nrObjects; i++ {
+			objectName := "sample" + strconv.Itoa(i) + ".txt"
+			info, err := c.PutObject(context.Background(), bucketName, objectName, r, 8,
+				minio.PutObjectOptions{ContentType: "application/octet-stream"})
+			if err != nil {
+				logError(testName, function, args, startTime, "", "PutObject failed", err)
+				continue
+			}
+			objectsCh <- minio.ObjectInfo{
+				Key:       info.Key,
+				VersionID: info.VersionID,
+			}
+		}
+	}()
+
+	// Call RemoveObjects API
+	errorCh := c.RemoveObjects(context.Background(), bucketName, objectsCh, minio.RemoveObjectsOptions{})
+
+	// Check if errorCh doesn't receive any error
+	select {
+	case r, more := <-errorCh:
+		if more {
+			logError(testName, function, args, startTime, "", "Unexpected error", r.Err)
+			return
+		}
+	}
+
+	successLogger(testName, function, args, startTime).Info()
+}
+
+// Tests FPutObject of a big file to trigger multipart
+func testFPutObjectMultipart() {
+	// initialize logging params
+	startTime := time.Now()
+	testName := getFuncName()
+	function := "FPutObject(bucketName, objectName, fileName, opts)"
+	args := map[string]interface{}{
+		"bucketName": "",
+		"objectName": "",
+		"fileName":   "",
+		"opts":       "",
+	}
+
+	// Seed random based on current time.
+	rand.Seed(time.Now().Unix())
+
+	// Instantiate new minio client object.
+	c, err := minio.New(os.Getenv(serverEndpoint),
+		&minio.Options{
+			Creds:  credentials.NewStaticV4(os.Getenv(accessKey), os.Getenv(secretKey), ""),
+			Secure: mustParseBool(os.Getenv(enableHTTPS)),
+		})
+	if err != nil {
+		logError(testName, function, args, startTime, "", "MinIO client object creation failed", err)
+		return
+	}
+
+	// Enable tracing, write to stderr.
+	// c.TraceOn(os.Stderr)
+
+	// Set user agent.
+	c.SetAppInfo("MinIO-go-FunctionalTest", "0.1.0")
+
+	// Generate a new random bucket name.
+	bucketName := randString(60, rand.NewSource(time.Now().UnixNano()), "minio-go-test-")
+	args["bucketName"] = bucketName
+
+	// Make a new bucket.
+	err = c.MakeBucket(context.Background(), bucketName, minio.MakeBucketOptions{Region: "us-east-1"})
+	if err != nil {
+		logError(testName, function, args, startTime, "", "MakeBucket failed", err)
+		return
+	}
+
+	defer cleanupBucket(bucketName, c)
+
+	// Upload 4 parts to utilize all 3 'workers' in multipart and still have a part to upload.
+	var fileName = getMintDataDirFilePath("datafile-129-MB")
+	if fileName == "" {
+		// Make a temp file with minPartSize bytes of data.
+		file, err := ioutil.TempFile(os.TempDir(), "FPutObjectTest")
+		if err != nil {
+			logError(testName, function, args, startTime, "", "TempFile creation failed", err)
+			return
+		}
+		// Upload 2 parts to utilize all 3 'workers' in multipart and still have a part to upload.
+		if _, err = io.Copy(file, getDataReader("datafile-129-MB")); err != nil {
+			logError(testName, function, args, startTime, "", "Copy failed", err)
+			return
+		}
+		if err = file.Close(); err != nil {
+			logError(testName, function, args, startTime, "", "File Close failed", err)
+			return
+		}
+		fileName = file.Name()
+		args["fileName"] = fileName
+	}
+	totalSize := dataFileMap["datafile-129-MB"]
+	// Set base object name
+	objectName := bucketName + "FPutObject" + "-standard"
+	args["objectName"] = objectName
+
+	objectContentType := "testapplication/octet-stream"
+	args["objectContentType"] = objectContentType
+
+	// Perform standard FPutObject with contentType provided (Expecting application/octet-stream)
+	_, err = c.FPutObject(context.Background(), bucketName, objectName, fileName, minio.PutObjectOptions{ContentType: objectContentType})
+	if err != nil {
+		logError(testName, function, args, startTime, "", "FPutObject failed", err)
+		return
+	}
+
+	r, err := c.GetObject(context.Background(), bucketName, objectName, minio.GetObjectOptions{})
+	if err != nil {
+		logError(testName, function, args, startTime, "", "GetObject failed", err)
+		return
+	}
+	objInfo, err := r.Stat()
+	if err != nil {
+		logError(testName, function, args, startTime, "", "Unexpected error", err)
+		return
+	}
+	if objInfo.Size != int64(totalSize) {
+		logError(testName, function, args, startTime, "", "Number of bytes does not match, expected "+string(int64(totalSize))+" got "+string(objInfo.Size), err)
+		return
+	}
+	if objInfo.ContentType != objectContentType && objInfo.ContentType != "application/octet-stream" {
+		logError(testName, function, args, startTime, "", "ContentType doesn't match", err)
+		return
+	}
+
+	successLogger(testName, function, args, startTime).Info()
+}
+
+// Tests FPutObject with null contentType (default = application/octet-stream)
+func testFPutObject() {
+	// initialize logging params
+	startTime := time.Now()
+	testName := getFuncName()
+	function := "FPutObject(bucketName, objectName, fileName, opts)"
+
+	args := map[string]interface{}{
+		"bucketName": "",
+		"objectName": "",
+		"fileName":   "",
+		"opts":       "",
+	}
+
+	// Seed random based on current time.
+	rand.Seed(time.Now().Unix())
+
+	// Instantiate new minio client object.
+	c, err := minio.New(os.Getenv(serverEndpoint),
+		&minio.Options{
+			Creds:  credentials.NewStaticV4(os.Getenv(accessKey), os.Getenv(secretKey), ""),
+			Secure: mustParseBool(os.Getenv(enableHTTPS)),
+		})
+	if err != nil {
+		logError(testName, function, args, startTime, "", "MinIO client object creation failed", err)
+		return
+	}
+
+	// Enable tracing, write to stderr.
+	// c.TraceOn(os.Stderr)
+
+	// Set user agent.
+	c.SetAppInfo("MinIO-go-FunctionalTest", "0.1.0")
+
+	// Generate a new random bucket name.
+	bucketName := randString(60, rand.NewSource(time.Now().UnixNano()), "minio-go-test-")
+	location := "us-east-1"
+
+	// Make a new bucket.
+	args["bucketName"] = bucketName
+	args["location"] = location
+	function = "MakeBucket(bucketName, location)"
+	err = c.MakeBucket(context.Background(), bucketName, minio.MakeBucketOptions{Region: location})
+	if err != nil {
+		logError(testName, function, args, startTime, "", "MakeBucket failed", err)
+		return
+	}
+
+	defer cleanupBucket(bucketName, c)
+
+	// Upload 3 parts worth of data to use all 3 of multiparts 'workers' and have an extra part.
+	// Use different data in part for multipart tests to check parts are uploaded in correct order.
+	var fName = getMintDataDirFilePath("datafile-129-MB")
+	if fName == "" {
+		// Make a temp file with minPartSize bytes of data.
+		file, err := ioutil.TempFile(os.TempDir(), "FPutObjectTest")
+		if err != nil {
+			logError(testName, function, args, startTime, "", "TempFile creation failed", err)
+			return
+		}
+
+		// Upload 3 parts to utilize all 3 'workers' in multipart and still have a part to upload.
+		if _, err = io.Copy(file, getDataReader("datafile-129-MB")); err != nil {
+			logError(testName, function, args, startTime, "", "File copy failed", err)
+			return
+		}
+		// Close the file pro-actively for windows.
+		if err = file.Close(); err != nil {
+			logError(testName, function, args, startTime, "", "File close failed", err)
+			return
+		}
+		defer os.Remove(file.Name())
+		fName = file.Name()
+	}
+
+	// Set base object name
+	function = "FPutObject(bucketName, objectName, fileName, opts)"
+	objectName := bucketName + "FPutObject"
+	args["objectName"] = objectName + "-standard"
+	args["fileName"] = fName
+	args["opts"] = minio.PutObjectOptions{ContentType: "application/octet-stream"}
+
+	// Perform standard FPutObject with contentType provided (Expecting application/octet-stream)
+	ui, err := c.FPutObject(context.Background(), bucketName, objectName+"-standard", fName, minio.PutObjectOptions{ContentType: "application/octet-stream"})
+	if err != nil {
+		logError(testName, function, args, startTime, "", "FPutObject failed", err)
+		return
+	}
+
+	if ui.Size != int64(dataFileMap["datafile-129-MB"]) {
+		logError(testName, function, args, startTime, "", "FPutObject returned an unexpected upload size", err)
+		return
+	}
+
+	// Perform FPutObject with no contentType provided (Expecting application/octet-stream)
+	args["objectName"] = objectName + "-Octet"
+	_, err = c.FPutObject(context.Background(), bucketName, objectName+"-Octet", fName, minio.PutObjectOptions{})
+	if err != nil {
+		logError(testName, function, args, startTime, "", "File close failed", err)
+		return
+	}
+
+	srcFile, err := os.Open(fName)
+	if err != nil {
+		logError(testName, function, args, startTime, "", "File open failed", err)
+		return
+	}
+	defer srcFile.Close()
+	// Add extension to temp file name
+	tmpFile, err := os.Create(fName + ".gtar")
+	if err != nil {
+		logError(testName, function, args, startTime, "", "File create failed", err)
+		return
+	}
+	_, err = io.Copy(tmpFile, srcFile)
+	if err != nil {
+		logError(testName, function, args, startTime, "", "File copy failed", err)
+		return
+	}
+	tmpFile.Close()
+
+	// Perform FPutObject with no contentType provided (Expecting application/x-gtar)
+	args["objectName"] = objectName + "-GTar"
+	args["opts"] = minio.PutObjectOptions{}
+	_, err = c.FPutObject(context.Background(), bucketName, objectName+"-GTar", fName+".gtar", minio.PutObjectOptions{})
+	if err != nil {
+		logError(testName, function, args, startTime, "", "FPutObject failed", err)
+		return
+	}
+
+	// Check headers
+	function = "StatObject(bucketName, objectName, opts)"
+	args["objectName"] = objectName + "-standard"
+	rStandard, err := c.StatObject(context.Background(), bucketName, objectName+"-standard", minio.StatObjectOptions{})
+	if err != nil {
+		logError(testName, function, args, startTime, "", "StatObject failed", err)
+		return
+	}
+	if rStandard.ContentType != "application/octet-stream" {
+		logError(testName, function, args, startTime, "", "ContentType does not match, expected application/octet-stream, got "+rStandard.ContentType, err)
+		return
+	}
+
+	function = "StatObject(bucketName, objectName, opts)"
+	args["objectName"] = objectName + "-Octet"
+	rOctet, err := c.StatObject(context.Background(), bucketName, objectName+"-Octet", minio.StatObjectOptions{})
+	if err != nil {
+		logError(testName, function, args, startTime, "", "StatObject failed", err)
+		return
+	}
+	if rOctet.ContentType != "application/octet-stream" {
+		logError(testName, function, args, startTime, "", "ContentType does not match, expected application/octet-stream, got "+rOctet.ContentType, err)
+		return
+	}
+
+	function = "StatObject(bucketName, objectName, opts)"
+	args["objectName"] = objectName + "-GTar"
+	rGTar, err := c.StatObject(context.Background(), bucketName, objectName+"-GTar", minio.StatObjectOptions{})
+	if err != nil {
+		logError(testName, function, args, startTime, "", "StatObject failed", err)
+		return
+	}
+	if rGTar.ContentType != "application/x-gtar" && rGTar.ContentType != "application/octet-stream" && rGTar.ContentType != "application/x-tar" {
+		logError(testName, function, args, startTime, "", "ContentType does not match, expected application/x-tar or application/octet-stream, got "+rGTar.ContentType, err)
+		return
+	}
+
+	os.Remove(fName + ".gtar")
+	successLogger(testName, function, args, startTime).Info()
+}
+
+// Tests FPutObject request when context cancels after timeout
+func testFPutObjectContext() {
+	// initialize logging params
+	startTime := time.Now()
+	testName := getFuncName()
+	function := "FPutObject(bucketName, objectName, fileName, opts)"
+	args := map[string]interface{}{
+		"bucketName": "",
+		"objectName": "",
+		"fileName":   "",
+		"opts":       "",
+	}
+	// Seed random based on current time.
+	rand.Seed(time.Now().Unix())
+
+	// Instantiate new minio client object.
+	c, err := minio.New(os.Getenv(serverEndpoint),
+		&minio.Options{
+			Creds:  credentials.NewStaticV4(os.Getenv(accessKey), os.Getenv(secretKey), ""),
+			Secure: mustParseBool(os.Getenv(enableHTTPS)),
+		})
+	if err != nil {
+		logError(testName, function, args, startTime, "", "MinIO client object creation failed", err)
+		return
+	}
+
+	// Enable tracing, write to stderr.
+	// c.TraceOn(os.Stderr)
+
+	// Set user agent.
+	c.SetAppInfo("MinIO-go-FunctionalTest", "0.1.0")
+
+	// Generate a new random bucket name.
+	bucketName := randString(60, rand.NewSource(time.Now().UnixNano()), "minio-go-test-")
+	args["bucketName"] = bucketName
+
+	// Make a new bucket.
+	err = c.MakeBucket(context.Background(), bucketName, minio.MakeBucketOptions{Region: "us-east-1"})
+	if err != nil {
+		logError(testName, function, args, startTime, "", "MakeBucket failed", err)
+		return
+	}
+
+	defer cleanupBucket(bucketName, c)
+
+	// Upload 1 parts worth of data to use multipart upload.
+	// Use different data in part for multipart tests to check parts are uploaded in correct order.
+	var fName = getMintDataDirFilePath("datafile-1-MB")
+	if fName == "" {
+		// Make a temp file with 1 MiB bytes of data.
+		file, err := ioutil.TempFile(os.TempDir(), "FPutObjectContextTest")
+		if err != nil {
+			logError(testName, function, args, startTime, "", "TempFile creation failed", err)
+			return
+		}
+
+		// Upload 1 parts to trigger multipart upload
+		if _, err = io.Copy(file, getDataReader("datafile-1-MB")); err != nil {
+			logError(testName, function, args, startTime, "", "File copy failed", err)
+			return
+		}
+		// Close the file pro-actively for windows.
+		if err = file.Close(); err != nil {
+			logError(testName, function, args, startTime, "", "File close failed", err)
+			return
+		}
+		defer os.Remove(file.Name())
+		fName = file.Name()
+	}
+
+	// Set base object name
+	objectName := bucketName + "FPutObjectContext"
+	args["objectName"] = objectName
+	ctx, cancel := context.WithTimeout(context.Background(), 1*time.Nanosecond)
+	args["ctx"] = ctx
+	defer cancel()
+
+	// Perform FPutObject with contentType provided (Expecting application/octet-stream)
+	_, err = c.FPutObject(ctx, bucketName, objectName+"-Shorttimeout", fName, minio.PutObjectOptions{ContentType: "application/octet-stream"})
+	if err == nil {
+		logError(testName, function, args, startTime, "", "FPutObject should fail on short timeout", err)
+		return
+	}
+	ctx, cancel = context.WithTimeout(context.Background(), 1*time.Hour)
+	defer cancel()
+	// Perform FPutObject with a long timeout. Expect the put object to succeed
+	_, err = c.FPutObject(ctx, bucketName, objectName+"-Longtimeout", fName, minio.PutObjectOptions{})
+	if err != nil {
+		logError(testName, function, args, startTime, "", "FPutObject shouldn't fail on long timeout", err)
+		return
+	}
+
+	_, err = c.StatObject(context.Background(), bucketName, objectName+"-Longtimeout", minio.StatObjectOptions{})
+	if err != nil {
+		logError(testName, function, args, startTime, "", "StatObject failed", err)
+		return
+	}
+
+	successLogger(testName, function, args, startTime).Info()
+
+}
+
+// Tests FPutObject request when context cancels after timeout
+func testFPutObjectContextV2() {
+	// initialize logging params
+	startTime := time.Now()
+	testName := getFuncName()
+	function := "FPutObjectContext(ctx, bucketName, objectName, fileName, opts)"
+	args := map[string]interface{}{
+		"bucketName": "",
+		"objectName": "",
+		"opts":       "minio.PutObjectOptions{ContentType:objectContentType}",
+	}
+	// Seed random based on current time.
+	rand.Seed(time.Now().Unix())
+
+	// Instantiate new minio client object.
+	c, err := minio.New(os.Getenv(serverEndpoint),
+		&minio.Options{
+			Creds:  credentials.NewStaticV2(os.Getenv(accessKey), os.Getenv(secretKey), ""),
+			Secure: mustParseBool(os.Getenv(enableHTTPS)),
+		})
+	if err != nil {
+		logError(testName, function, args, startTime, "", "MinIO client object creation failed", err)
+		return
+	}
+
+	// Enable tracing, write to stderr.
+	// c.TraceOn(os.Stderr)
+
+	// Set user agent.
+	c.SetAppInfo("MinIO-go-FunctionalTest", "0.1.0")
+
+	// Generate a new random bucket name.
+	bucketName := randString(60, rand.NewSource(time.Now().UnixNano()), "minio-go-test-")
+	args["bucketName"] = bucketName
+
+	// Make a new bucket.
+	err = c.MakeBucket(context.Background(), bucketName, minio.MakeBucketOptions{Region: "us-east-1"})
+	if err != nil {
+		logError(testName, function, args, startTime, "", "MakeBucket failed", err)
+		return
+	}
+
+	defer cleanupBucket(bucketName, c)
+
+	// Upload 1 parts worth of data to use multipart upload.
+	// Use different data in part for multipart tests to check parts are uploaded in correct order.
+	var fName = getMintDataDirFilePath("datafile-1-MB")
+	if fName == "" {
+		// Make a temp file with 1 MiB bytes of data.
+		file, err := ioutil.TempFile(os.TempDir(), "FPutObjectContextTest")
+		if err != nil {
+			logError(testName, function, args, startTime, "", "Temp file creation failed", err)
+			return
+		}
+
+		// Upload 1 parts to trigger multipart upload
+		if _, err = io.Copy(file, getDataReader("datafile-1-MB")); err != nil {
+			logError(testName, function, args, startTime, "", "File copy failed", err)
+			return
+		}
+
+		// Close the file pro-actively for windows.
+		if err = file.Close(); err != nil {
+			logError(testName, function, args, startTime, "", "File close failed", err)
+			return
+		}
+		defer os.Remove(file.Name())
+		fName = file.Name()
+	}
+
+	// Set base object name
+	objectName := bucketName + "FPutObjectContext"
+	args["objectName"] = objectName
+
+	ctx, cancel := context.WithTimeout(context.Background(), 1*time.Nanosecond)
+	args["ctx"] = ctx
+	defer cancel()
+
+	// Perform FPutObject with contentType provided (Expecting application/octet-stream)
+	_, err = c.FPutObject(ctx, bucketName, objectName+"-Shorttimeout", fName, minio.PutObjectOptions{ContentType: "application/octet-stream"})
+	if err == nil {
+		logError(testName, function, args, startTime, "", "FPutObject should fail on short timeout", err)
+		return
+	}
+	ctx, cancel = context.WithTimeout(context.Background(), 1*time.Hour)
+	defer cancel()
+	// Perform FPutObject with a long timeout. Expect the put object to succeed
+	_, err = c.FPutObject(ctx, bucketName, objectName+"-Longtimeout", fName, minio.PutObjectOptions{})
+	if err != nil {
+		logError(testName, function, args, startTime, "", "FPutObject shouldn't fail on longer timeout", err)
+		return
+	}
+
+	_, err = c.StatObject(context.Background(), bucketName, objectName+"-Longtimeout", minio.StatObjectOptions{})
+	if err != nil {
+		logError(testName, function, args, startTime, "", "StatObject failed", err)
+		return
+	}
+
+	successLogger(testName, function, args, startTime).Info()
+
+}
+
+// Test validates putObject with context to see if request cancellation is honored.
+func testPutObjectContext() {
+	// initialize logging params
+	startTime := time.Now()
+	testName := getFuncName()
+	function := "PutObject(ctx, bucketName, objectName, fileName, opts)"
+	args := map[string]interface{}{
+		"ctx":        "",
+		"bucketName": "",
+		"objectName": "",
+		"opts":       "",
+	}
+
+	// Instantiate new minio client object.
+	c, err := minio.New(os.Getenv(serverEndpoint),
+		&minio.Options{
+			Creds:  credentials.NewStaticV4(os.Getenv(accessKey), os.Getenv(secretKey), ""),
+			Secure: mustParseBool(os.Getenv(enableHTTPS)),
+		})
+	if err != nil {
+		logError(testName, function, args, startTime, "", "MinIO client object creation failed", err)
+		return
+	}
+
+	// Enable tracing, write to stderr.
+	// c.TraceOn(os.Stderr)
+
+	// Set user agent.
+	c.SetAppInfo("MinIO-go-FunctionalTest", "0.1.0")
+
+	// Make a new bucket.
+	bucketName := randString(60, rand.NewSource(time.Now().UnixNano()), "minio-go-test-")
+	args["bucketName"] = bucketName
+
+	err = c.MakeBucket(context.Background(), bucketName, minio.MakeBucketOptions{Region: "us-east-1"})
+	if err != nil {
+		logError(testName, function, args, startTime, "", "MakeBucket call failed", err)
+		return
+	}
+
+	defer cleanupBucket(bucketName, c)
+
+	bufSize := dataFileMap["datafile-33-kB"]
+	var reader = getDataReader("datafile-33-kB")
+	defer reader.Close()
+	objectName := fmt.Sprintf("test-file-%v", rand.Uint32())
+	args["objectName"] = objectName
+
+	ctx, cancel := context.WithTimeout(context.Background(), 1*time.Nanosecond)
+	cancel()
+	args["ctx"] = ctx
+	args["opts"] = minio.PutObjectOptions{ContentType: "binary/octet-stream"}
+
+	_, err = c.PutObject(ctx, bucketName, objectName, reader, int64(bufSize), minio.PutObjectOptions{ContentType: "binary/octet-stream"})
+	if err == nil {
+		logError(testName, function, args, startTime, "", "PutObject should fail on short timeout", err)
+		return
+	}
+
+	ctx, cancel = context.WithTimeout(context.Background(), 1*time.Hour)
+	args["ctx"] = ctx
+
+	defer cancel()
+	reader = getDataReader("datafile-33-kB")
+	defer reader.Close()
+	_, err = c.PutObject(ctx, bucketName, objectName, reader, int64(bufSize), minio.PutObjectOptions{ContentType: "binary/octet-stream"})
+	if err != nil {
+		logError(testName, function, args, startTime, "", "PutObject with long timeout failed", err)
+		return
+	}
+
+	successLogger(testName, function, args, startTime).Info()
+
+}
+
+// Tests get object with s3zip extensions.
+func testGetObjectS3Zip() {
+	// initialize logging params
+	startTime := time.Now()
+	testName := getFuncName()
+	function := "GetObject(bucketName, objectName)"
+	args := map[string]interface{}{"x-minio-extract": true}
+
+	// Seed random based on current time.
+	rand.Seed(time.Now().Unix())
+
+	// Instantiate new minio client object.
+	c, err := minio.New(os.Getenv(serverEndpoint),
+		&minio.Options{
+			Creds:  credentials.NewStaticV4(os.Getenv(accessKey), os.Getenv(secretKey), ""),
+			Secure: mustParseBool(os.Getenv(enableHTTPS)),
+		})
+	if err != nil {
+		logError(testName, function, args, startTime, "", "MinIO client object creation failed", err)
+		return
+	}
+
+	// Enable tracing, write to stderr.
+	// c.TraceOn(os.Stderr)
+
+	// Set user agent.
+	c.SetAppInfo("MinIO-go-FunctionalTest", "0.1.0")
+
+	// Generate a new random bucket name.
+	bucketName := randString(60, rand.NewSource(time.Now().UnixNano()), "minio-go-test-")
+	args["bucketName"] = bucketName
+
+	// Make a new bucket.
+	err = c.MakeBucket(context.Background(), bucketName, minio.MakeBucketOptions{Region: "us-east-1"})
+	if err != nil {
+		logError(testName, function, args, startTime, "", "MakeBucket failed", err)
+		return
+	}
+
+	defer func() {
+		// Delete all objects and buckets
+		if err = cleanupBucket(bucketName, c); err != nil {
+			logError(testName, function, args, startTime, "", "CleanupBucket failed", err)
+			return
+		}
+	}()
+
+	objectName := randString(60, rand.NewSource(time.Now().UnixNano()), "") + ".zip"
+	args["objectName"] = objectName
+
+	var zipFile bytes.Buffer
+	zw := zip.NewWriter(&zipFile)
+	rng := rand.New(rand.NewSource(0xc0cac01a))
+	const nFiles = 500
+	for i := 0; i <= nFiles; i++ {
+		if i == nFiles {
+			// Make one large, compressible file.
+			i = 1000000
+		}
+		b := make([]byte, i)
+		if i < nFiles {
+			rng.Read(b)
+		}
+		wc, err := zw.Create(fmt.Sprintf("test/small/file-%d.bin", i))
+		if err != nil {
+			logError(testName, function, args, startTime, "", "zw.Create failed", err)
+			return
+		}
+		wc.Write(b)
+	}
+	err = zw.Close()
+	if err != nil {
+		logError(testName, function, args, startTime, "", "zw.Close failed", err)
+		return
+	}
+	buf := zipFile.Bytes()
+
+	// Save the data
+	_, err = c.PutObject(context.Background(), bucketName, objectName, bytes.NewReader(buf), int64(len(buf)), minio.PutObjectOptions{ContentType: "binary/octet-stream"})
+	if err != nil {
+		logError(testName, function, args, startTime, "", "PutObject failed", err)
+		return
+	}
+
+	// Read the data back
+	r, err := c.GetObject(context.Background(), bucketName, objectName, minio.GetObjectOptions{})
+	if err != nil {
+		logError(testName, function, args, startTime, "", "GetObject failed", err)
+		return
+	}
+
+	st, err := r.Stat()
+	if err != nil {
+		logError(testName, function, args, startTime, "", "Stat object failed", err)
+		return
+	}
+
+	if st.Size != int64(len(buf)) {
+		logError(testName, function, args, startTime, "", "Number of bytes does not match, expected "+string(len(buf))+", got "+string(st.Size), err)
+		return
+	}
+	r.Close()
+
+	zr, err := zip.NewReader(bytes.NewReader(buf), int64(len(buf)))
+	if err != nil {
+		logError(testName, function, args, startTime, "", "zip.NewReader failed", err)
+		return
+	}
+	lOpts := minio.ListObjectsOptions{}
+	lOpts.Set("x-minio-extract", "true")
+	lOpts.Prefix = objectName + "/"
+	lOpts.Recursive = true
+	list := c.ListObjects(context.Background(), bucketName, lOpts)
+	var listed = map[string]minio.ObjectInfo{}
+	for item := range list {
+		if item.Err != nil {
+			break
+		}
+		listed[item.Key] = item
+	}
+	if len(listed) == 0 {
+		// Assume we are running against non-minio.
+		args["SKIPPED"] = true
+		ignoredLog(testName, function, args, startTime, "s3zip does not appear to be present").Info()
+		return
+	}
+
+	for _, file := range zr.File {
+		if file.FileInfo().IsDir() {
+			continue
+		}
+		args["zipfile"] = file.Name
+		zfr, err := file.Open()
+		if err != nil {
+			logError(testName, function, args, startTime, "", "file.Open failed", err)
+			return
+		}
+		want, err := ioutil.ReadAll(zfr)
+		if err != nil {
+			logError(testName, function, args, startTime, "", "fzip file read failed", err)
+			return
+		}
+
+		opts := minio.GetObjectOptions{}
+		opts.Set("x-minio-extract", "true")
+		key := path.Join(objectName, file.Name)
+		r, err = c.GetObject(context.Background(), bucketName, key, opts)
+		if err != nil {
+			terr := minio.ToErrorResponse(err)
+			if terr.StatusCode != http.StatusNotFound {
+				logError(testName, function, args, startTime, "", "GetObject failed", err)
+			}
+			return
+		}
+		got, err := ioutil.ReadAll(r)
+		if err != nil {
+			logError(testName, function, args, startTime, "", "ReadAll failed", err)
+			return
+		}
+		r.Close()
+		if !bytes.Equal(want, got) {
+			logError(testName, function, args, startTime, "", "Content mismatch", err)
+			return
+		}
+		oi, ok := listed[key]
+		if !ok {
+			logError(testName, function, args, startTime, "", "Object Missing", fmt.Errorf("%s not present in listing", key))
+			return
+		}
+		if int(oi.Size) != len(got) {
+			logError(testName, function, args, startTime, "", "Object Size Incorrect", fmt.Errorf("listing %d, read %d", oi.Size, len(got)))
+			return
+		}
+		delete(listed, key)
+	}
+	delete(args, "zipfile")
+	if len(listed) > 0 {
+		logError(testName, function, args, startTime, "", "Extra listed objects", fmt.Errorf("left over: %v", listed))
+		return
+	}
+	successLogger(testName, function, args, startTime).Info()
+}
+
+// Tests get object ReaderSeeker interface methods.
+func testGetObjectReadSeekFunctional() {
+	// initialize logging params
+	startTime := time.Now()
+	testName := getFuncName()
+	function := "GetObject(bucketName, objectName)"
+	args := map[string]interface{}{}
+
+	// Seed random based on current time.
+	rand.Seed(time.Now().Unix())
+
+	// Instantiate new minio client object.
+	c, err := minio.New(os.Getenv(serverEndpoint),
+		&minio.Options{
+			Creds:  credentials.NewStaticV4(os.Getenv(accessKey), os.Getenv(secretKey), ""),
+			Secure: mustParseBool(os.Getenv(enableHTTPS)),
+		})
+	if err != nil {
+		logError(testName, function, args, startTime, "", "MinIO client object creation failed", err)
+		return
+	}
+
+	// Enable tracing, write to stderr.
+	// c.TraceOn(os.Stderr)
+
+	// Set user agent.
+	c.SetAppInfo("MinIO-go-FunctionalTest", "0.1.0")
+
+	// Generate a new random bucket name.
+	bucketName := randString(60, rand.NewSource(time.Now().UnixNano()), "minio-go-test-")
+	args["bucketName"] = bucketName
+
+	// Make a new bucket.
+	err = c.MakeBucket(context.Background(), bucketName, minio.MakeBucketOptions{Region: "us-east-1"})
+	if err != nil {
+		logError(testName, function, args, startTime, "", "MakeBucket failed", err)
+		return
+	}
+
+	defer func() {
+		// Delete all objects and buckets
+		if err = cleanupBucket(bucketName, c); err != nil {
+			logError(testName, function, args, startTime, "", "CleanupBucket failed", err)
+			return
+		}
+	}()
+
+	// Generate 33K of data.
+	bufSize := dataFileMap["datafile-33-kB"]
+	var reader = getDataReader("datafile-33-kB")
+	defer reader.Close()
+
+	objectName := randString(60, rand.NewSource(time.Now().UnixNano()), "")
+	args["objectName"] = objectName
+
+	buf, err := ioutil.ReadAll(reader)
+	if err != nil {
+		logError(testName, function, args, startTime, "", "ReadAll failed", err)
+		return
+	}
+
+	// Save the data
+	_, err = c.PutObject(context.Background(), bucketName, objectName, bytes.NewReader(buf), int64(len(buf)), minio.PutObjectOptions{ContentType: "binary/octet-stream"})
+	if err != nil {
+		logError(testName, function, args, startTime, "", "PutObject failed", err)
+		return
+	}
+
+	// Read the data back
+	r, err := c.GetObject(context.Background(), bucketName, objectName, minio.GetObjectOptions{})
+	if err != nil {
+		logError(testName, function, args, startTime, "", "GetObject failed", err)
+		return
+	}
+
+	st, err := r.Stat()
+	if err != nil {
+		logError(testName, function, args, startTime, "", "Stat object failed", err)
+		return
+	}
+
+	if st.Size != int64(bufSize) {
+		logError(testName, function, args, startTime, "", "Number of bytes does not match, expected "+string(int64(bufSize))+", got "+string(st.Size), err)
+		return
+	}
+
+	// This following function helps us to compare data from the reader after seek
+	// with the data from the original buffer
+	cmpData := func(r io.Reader, start, end int) {
+		if end-start == 0 {
+			return
+		}
+		buffer := bytes.NewBuffer([]byte{})
+		if _, err := io.CopyN(buffer, r, int64(bufSize)); err != nil {
+			if err != io.EOF {
+				logError(testName, function, args, startTime, "", "CopyN failed", err)
+				return
+			}
+		}
+		if !bytes.Equal(buf[start:end], buffer.Bytes()) {
+			logError(testName, function, args, startTime, "", "Incorrect read bytes v/s original buffer", err)
+			return
+		}
+	}
+
+	// Generic seek error for errors other than io.EOF
+	seekErr := errors.New("seek error")
+
+	testCases := []struct {
+		offset    int64
+		whence    int
+		pos       int64
+		err       error
+		shouldCmp bool
+		start     int
+		end       int
+	}{
+		// Start from offset 0, fetch data and compare
+		{0, 0, 0, nil, true, 0, 0},
+		// Start from offset 2048, fetch data and compare
+		{2048, 0, 2048, nil, true, 2048, bufSize},
+		// Start from offset larger than possible
+		{int64(bufSize) + 1024, 0, 0, seekErr, false, 0, 0},
+		// Move to offset 0 without comparing
+		{0, 0, 0, nil, false, 0, 0},
+		// Move one step forward and compare
+		{1, 1, 1, nil, true, 1, bufSize},
+		// Move larger than possible
+		{int64(bufSize), 1, 0, seekErr, false, 0, 0},
+		// Provide negative offset with CUR_SEEK
+		{int64(-1), 1, 0, seekErr, false, 0, 0},
+		// Test with whence SEEK_END and with positive offset
+		{1024, 2, int64(bufSize) - 1024, io.EOF, true, 0, 0},
+		// Test with whence SEEK_END and with negative offset
+		{-1024, 2, int64(bufSize) - 1024, nil, true, bufSize - 1024, bufSize},
+		// Test with whence SEEK_END and with large negative offset
+		{-int64(bufSize) * 2, 2, 0, seekErr, true, 0, 0},
+	}
+
+	for i, testCase := range testCases {
+		// Perform seek operation
+		n, err := r.Seek(testCase.offset, testCase.whence)
+		// We expect an error
+		if testCase.err == seekErr && err == nil {
+			logError(testName, function, args, startTime, "", "Test "+string(i+1)+", unexpected err value: expected: "+testCase.err.Error()+", found: "+err.Error(), err)
+			return
+		}
+		// We expect a specific error
+		if testCase.err != seekErr && testCase.err != err {
+			logError(testName, function, args, startTime, "", "Test "+string(i+1)+", unexpected err value: expected: "+testCase.err.Error()+", found: "+err.Error(), err)
+			return
+		}
+		// If we expect an error go to the next loop
+		if testCase.err != nil {
+			continue
+		}
+		// Check the returned seek pos
+		if n != testCase.pos {
+			logError(testName, function, args, startTime, "", "Test "+string(i+1)+", number of bytes seeked does not match, expected "+string(testCase.pos)+", got "+string(n), err)
+			return
+		}
+		// Compare only if shouldCmp is activated
+		if testCase.shouldCmp {
+			cmpData(r, testCase.start, testCase.end)
+		}
+	}
+	successLogger(testName, function, args, startTime).Info()
+}
+
+// Tests get object ReaderAt interface methods.
+func testGetObjectReadAtFunctional() {
+	// initialize logging params
+	startTime := time.Now()
+	testName := getFuncName()
+	function := "GetObject(bucketName, objectName)"
+	args := map[string]interface{}{}
+
+	// Seed random based on current time.
+	rand.Seed(time.Now().Unix())
+
+	// Instantiate new minio client object.
+	c, err := minio.New(os.Getenv(serverEndpoint),
+		&minio.Options{
+			Creds:  credentials.NewStaticV4(os.Getenv(accessKey), os.Getenv(secretKey), ""),
+			Secure: mustParseBool(os.Getenv(enableHTTPS)),
+		})
+	if err != nil {
+		logError(testName, function, args, startTime, "", "MinIO client object creation failed", err)
+		return
+	}
+
+	// Enable tracing, write to stderr.
+	// c.TraceOn(os.Stderr)
+
+	// Set user agent.
+	c.SetAppInfo("MinIO-go-FunctionalTest", "0.1.0")
+
+	// Generate a new random bucket name.
+	bucketName := randString(60, rand.NewSource(time.Now().UnixNano()), "minio-go-test-")
+	args["bucketName"] = bucketName
+
+	// Make a new bucket.
+	err = c.MakeBucket(context.Background(), bucketName, minio.MakeBucketOptions{Region: "us-east-1"})
+	if err != nil {
+		logError(testName, function, args, startTime, "", "MakeBucket failed", err)
+		return
+	}
+
+	defer cleanupBucket(bucketName, c)
+
+	// Generate 33K of data.
+	bufSize := dataFileMap["datafile-33-kB"]
+	var reader = getDataReader("datafile-33-kB")
+	defer reader.Close()
+
+	objectName := randString(60, rand.NewSource(time.Now().UnixNano()), "")
+	args["objectName"] = objectName
+
+	buf, err := ioutil.ReadAll(reader)
+	if err != nil {
+		logError(testName, function, args, startTime, "", "ReadAll failed", err)
+		return
+	}
+
+	// Save the data
+	_, err = c.PutObject(context.Background(), bucketName, objectName, bytes.NewReader(buf), int64(len(buf)), minio.PutObjectOptions{ContentType: "binary/octet-stream"})
+	if err != nil {
+		logError(testName, function, args, startTime, "", "PutObject failed", err)
+		return
+	}
+
+	// read the data back
+	r, err := c.GetObject(context.Background(), bucketName, objectName, minio.GetObjectOptions{})
+	if err != nil {
+		logError(testName, function, args, startTime, "", "PutObject failed", err)
+		return
+	}
+	offset := int64(2048)
+
+	// read directly
+	buf1 := make([]byte, 512)
+	buf2 := make([]byte, 512)
+	buf3 := make([]byte, 512)
+	buf4 := make([]byte, 512)
+
+	// Test readAt before stat is called such that objectInfo doesn't change.
+	m, err := r.ReadAt(buf1, offset)
+	if err != nil {
+		logError(testName, function, args, startTime, "", "ReadAt failed", err)
+		return
+	}
+	if m != len(buf1) {
+		logError(testName, function, args, startTime, "", "ReadAt read shorter bytes before reaching EOF, expected "+string(len(buf1))+", got "+string(m), err)
+		return
+	}
+	if !bytes.Equal(buf1, buf[offset:offset+512]) {
+		logError(testName, function, args, startTime, "", "Incorrect read between two ReadAt from same offset", err)
+		return
+	}
+	offset += 512
+
+	st, err := r.Stat()
+	if err != nil {
+		logError(testName, function, args, startTime, "", "Stat failed", err)
+		return
+	}
+
+	if st.Size != int64(bufSize) {
+		logError(testName, function, args, startTime, "", "Number of bytes in stat does not match, expected "+string(int64(bufSize))+", got "+string(st.Size), err)
+		return
+	}
+
+	m, err = r.ReadAt(buf2, offset)
+	if err != nil {
+		logError(testName, function, args, startTime, "", "ReadAt failed", err)
+		return
+	}
+	if m != len(buf2) {
+		logError(testName, function, args, startTime, "", "ReadAt read shorter bytes before reaching EOF, expected "+string(len(buf2))+", got "+string(m), err)
+		return
+	}
+	if !bytes.Equal(buf2, buf[offset:offset+512]) {
+		logError(testName, function, args, startTime, "", "Incorrect read between two ReadAt from same offset", err)
+		return
+	}
+
+	offset += 512
+	m, err = r.ReadAt(buf3, offset)
+	if err != nil {
+		logError(testName, function, args, startTime, "", "ReadAt failed", err)
+		return
+	}
+	if m != len(buf3) {
+		logError(testName, function, args, startTime, "", "ReadAt read shorter bytes before reaching EOF, expected "+string(len(buf3))+", got "+string(m), err)
+		return
+	}
+	if !bytes.Equal(buf3, buf[offset:offset+512]) {
+		logError(testName, function, args, startTime, "", "Incorrect read between two ReadAt from same offset", err)
+		return
+	}
+	offset += 512
+	m, err = r.ReadAt(buf4, offset)
+	if err != nil {
+		logError(testName, function, args, startTime, "", "ReadAt failed", err)
+		return
+	}
+	if m != len(buf4) {
+		logError(testName, function, args, startTime, "", "ReadAt read shorter bytes before reaching EOF, expected "+string(len(buf4))+", got "+string(m), err)
+		return
+	}
+	if !bytes.Equal(buf4, buf[offset:offset+512]) {
+		logError(testName, function, args, startTime, "", "Incorrect read between two ReadAt from same offset", err)
+		return
+	}
+
+	buf5 := make([]byte, len(buf))
+	// Read the whole object.
+	m, err = r.ReadAt(buf5, 0)
+	if err != nil {
+		if err != io.EOF {
+			logError(testName, function, args, startTime, "", "ReadAt failed", err)
+			return
+		}
+	}
+	if m != len(buf5) {
+		logError(testName, function, args, startTime, "", "ReadAt read shorter bytes before reaching EOF, expected "+string(len(buf5))+", got "+string(m), err)
+		return
+	}
+	if !bytes.Equal(buf, buf5) {
+		logError(testName, function, args, startTime, "", "Incorrect data read in GetObject, than what was previously uploaded", err)
+		return
+	}
+
+	buf6 := make([]byte, len(buf)+1)
+	// Read the whole object and beyond.
+	_, err = r.ReadAt(buf6, 0)
+	if err != nil {
+		if err != io.EOF {
+			logError(testName, function, args, startTime, "", "ReadAt failed", err)
+			return
+		}
+	}
+
+	successLogger(testName, function, args, startTime).Info()
+}
+
+// Reproduces issue https://github.com/minio/minio-go/issues/1137
+func testGetObjectReadAtWhenEOFWasReached() {
+	// initialize logging params
+	startTime := time.Now()
+	testName := getFuncName()
+	function := "GetObject(bucketName, objectName)"
+	args := map[string]interface{}{}
+
+	// Seed random based on current time.
+	rand.Seed(time.Now().Unix())
+
+	// Instantiate new minio client object.
+	c, err := minio.New(os.Getenv(serverEndpoint),
+		&minio.Options{
+			Creds:  credentials.NewStaticV4(os.Getenv(accessKey), os.Getenv(secretKey), ""),
+			Secure: mustParseBool(os.Getenv(enableHTTPS)),
+		})
+	if err != nil {
+		logError(testName, function, args, startTime, "", "MinIO client object creation failed", err)
+		return
+	}
+
+	// Enable tracing, write to stderr.
+	// c.TraceOn(os.Stderr)
+
+	// Set user agent.
+	c.SetAppInfo("MinIO-go-FunctionalTest", "0.1.0")
+
+	// Generate a new random bucket name.
+	bucketName := randString(60, rand.NewSource(time.Now().UnixNano()), "minio-go-test-")
+	args["bucketName"] = bucketName
+
+	// Make a new bucket.
+	err = c.MakeBucket(context.Background(), bucketName, minio.MakeBucketOptions{Region: "us-east-1"})
+	if err != nil {
+		logError(testName, function, args, startTime, "", "MakeBucket failed", err)
+		return
+	}
+
+	defer cleanupBucket(bucketName, c)
+
+	// Generate 33K of data.
+	bufSize := dataFileMap["datafile-33-kB"]
+	var reader = getDataReader("datafile-33-kB")
+	defer reader.Close()
+
+	objectName := randString(60, rand.NewSource(time.Now().UnixNano()), "")
+	args["objectName"] = objectName
+
+	buf, err := ioutil.ReadAll(reader)
+	if err != nil {
+		logError(testName, function, args, startTime, "", "ReadAll failed", err)
+		return
+	}
+
+	// Save the data
+	_, err = c.PutObject(context.Background(), bucketName, objectName, bytes.NewReader(buf), int64(len(buf)), minio.PutObjectOptions{ContentType: "binary/octet-stream"})
+	if err != nil {
+		logError(testName, function, args, startTime, "", "PutObject failed", err)
+		return
+	}
+
+	// read the data back
+	r, err := c.GetObject(context.Background(), bucketName, objectName, minio.GetObjectOptions{})
+	if err != nil {
+		logError(testName, function, args, startTime, "", "PutObject failed", err)
+		return
+	}
+
+	// read directly
+	buf1 := make([]byte, len(buf))
+	buf2 := make([]byte, 512)
+
+	m, err := r.Read(buf1)
+	if err != nil {
+		if err != io.EOF {
+			logError(testName, function, args, startTime, "", "Read failed", err)
+			return
+		}
+	}
+	if m != len(buf1) {
+		logError(testName, function, args, startTime, "", "Read read shorter bytes before reaching EOF, expected "+string(len(buf1))+", got "+string(m), err)
+		return
+	}
+	if !bytes.Equal(buf1, buf) {
+		logError(testName, function, args, startTime, "", "Incorrect count of Read data", err)
+		return
+	}
+
+	st, err := r.Stat()
+	if err != nil {
+		logError(testName, function, args, startTime, "", "Stat failed", err)
+		return
+	}
+
+	if st.Size != int64(bufSize) {
+		logError(testName, function, args, startTime, "", "Number of bytes in stat does not match, expected "+string(int64(bufSize))+", got "+string(st.Size), err)
+		return
+	}
+
+	m, err = r.ReadAt(buf2, 512)
+	if err != nil {
+		logError(testName, function, args, startTime, "", "ReadAt failed", err)
+		return
+	}
+	if m != len(buf2) {
+		logError(testName, function, args, startTime, "", "ReadAt read shorter bytes before reaching EOF, expected "+string(len(buf2))+", got "+string(m), err)
+		return
+	}
+	if !bytes.Equal(buf2, buf[512:1024]) {
+		logError(testName, function, args, startTime, "", "Incorrect count of ReadAt data", err)
+		return
+	}
+
+	successLogger(testName, function, args, startTime).Info()
+}
+
+// Test Presigned Post Policy
+func testPresignedPostPolicy() {
+	// initialize logging params
+	startTime := time.Now()
+	testName := getFuncName()
+	function := "PresignedPostPolicy(policy)"
+	args := map[string]interface{}{
+		"policy": "",
+	}
+
+	// Seed random based on current time.
+	rand.Seed(time.Now().Unix())
+
+	// Instantiate new minio client object
+	c, err := minio.New(os.Getenv(serverEndpoint),
+		&minio.Options{
+			Creds:  credentials.NewStaticV4(os.Getenv(accessKey), os.Getenv(secretKey), ""),
+			Secure: mustParseBool(os.Getenv(enableHTTPS)),
+		})
+	if err != nil {
+		logError(testName, function, args, startTime, "", "MinIO client object creation failed", err)
+		return
+	}
+
+	// Enable tracing, write to stderr.
+	// c.TraceOn(os.Stderr)
+
+	// Set user agent.
+	c.SetAppInfo("MinIO-go-FunctionalTest", "0.1.0")
+
+	// Generate a new random bucket name.
+	bucketName := randString(60, rand.NewSource(time.Now().UnixNano()), "minio-go-test-")
+
+	// Make a new bucket in 'us-east-1' (source bucket).
+	err = c.MakeBucket(context.Background(), bucketName, minio.MakeBucketOptions{Region: "us-east-1"})
+	if err != nil {
+		logError(testName, function, args, startTime, "", "MakeBucket failed", err)
+		return
+	}
+
+	defer cleanupBucket(bucketName, c)
+
+	// Generate 33K of data.
+	var reader = getDataReader("datafile-33-kB")
+	defer reader.Close()
+
+	objectName := randString(60, rand.NewSource(time.Now().UnixNano()), "")
+	// Azure requires the key to not start with a number
+	metadataKey := randString(60, rand.NewSource(time.Now().UnixNano()), "user")
+	metadataValue := randString(60, rand.NewSource(time.Now().UnixNano()), "")
+
+	buf, err := ioutil.ReadAll(reader)
+	if err != nil {
+		logError(testName, function, args, startTime, "", "ReadAll failed", err)
+		return
+	}
+
+	// Save the data
+	_, err = c.PutObject(context.Background(), bucketName, objectName, bytes.NewReader(buf), int64(len(buf)), minio.PutObjectOptions{ContentType: "binary/octet-stream"})
+	if err != nil {
+		logError(testName, function, args, startTime, "", "PutObject failed", err)
+		return
+	}
+
+	policy := minio.NewPostPolicy()
+
+	if err := policy.SetBucket(""); err == nil {
+		logError(testName, function, args, startTime, "", "SetBucket did not fail for invalid conditions", err)
+		return
+	}
+	if err := policy.SetKey(""); err == nil {
+		logError(testName, function, args, startTime, "", "SetKey did not fail for invalid conditions", err)
+		return
+	}
+	if err := policy.SetKeyStartsWith(""); err == nil {
+		logError(testName, function, args, startTime, "", "SetKeyStartsWith did not fail for invalid conditions", err)
+		return
+	}
+	if err := policy.SetExpires(time.Date(1, time.January, 1, 0, 0, 0, 0, time.UTC)); err == nil {
+		logError(testName, function, args, startTime, "", "SetExpires did not fail for invalid conditions", err)
+		return
+	}
+	if err := policy.SetContentType(""); err == nil {
+		logError(testName, function, args, startTime, "", "SetContentType did not fail for invalid conditions", err)
+		return
+	}
+	if err := policy.SetContentTypeStartsWith(""); err == nil {
+		logError(testName, function, args, startTime, "", "SetContentTypeStartsWith did not fail for invalid conditions", err)
+		return
+	}
+	if err := policy.SetContentLengthRange(1024*1024, 1024); err == nil {
+		logError(testName, function, args, startTime, "", "SetContentLengthRange did not fail for invalid conditions", err)
+		return
+	}
+	if err := policy.SetUserMetadata("", ""); err == nil {
+		logError(testName, function, args, startTime, "", "SetUserMetadata did not fail for invalid conditions", err)
+		return
+	}
+
+	policy.SetBucket(bucketName)
+	policy.SetKey(objectName)
+	policy.SetExpires(time.Now().UTC().AddDate(0, 0, 10)) // expires in 10 days
+	policy.SetContentType("binary/octet-stream")
+	policy.SetContentLengthRange(10, 1024*1024)
+	policy.SetUserMetadata(metadataKey, metadataValue)
+	args["policy"] = policy.String()
+
+	presignedPostPolicyURL, formData, err := c.PresignedPostPolicy(context.Background(), policy)
+	if err != nil {
+		logError(testName, function, args, startTime, "", "PresignedPostPolicy failed", err)
+		return
+	}
+
+	var formBuf bytes.Buffer
+	writer := multipart.NewWriter(&formBuf)
+	for k, v := range formData {
+		writer.WriteField(k, v)
+	}
+
+	// Get a 33KB file to upload and test if set post policy works
+	var filePath = getMintDataDirFilePath("datafile-33-kB")
+	if filePath == "" {
+		// Make a temp file with 33 KB data.
+		file, err := ioutil.TempFile(os.TempDir(), "PresignedPostPolicyTest")
+		if err != nil {
+			logError(testName, function, args, startTime, "", "TempFile creation failed", err)
+			return
+		}
+		if _, err = io.Copy(file, getDataReader("datafile-33-kB")); err != nil {
+			logError(testName, function, args, startTime, "", "Copy failed", err)
+			return
+		}
+		if err = file.Close(); err != nil {
+			logError(testName, function, args, startTime, "", "File Close failed", err)
+			return
+		}
+		filePath = file.Name()
+	}
+
+	// add file to post request
+	f, err := os.Open(filePath)
+	defer f.Close()
+	if err != nil {
+		logError(testName, function, args, startTime, "", "File open failed", err)
+		return
+	}
+	w, err := writer.CreateFormFile("file", filePath)
+	if err != nil {
+		logError(testName, function, args, startTime, "", "CreateFormFile failed", err)
+		return
+	}
+
+	_, err = io.Copy(w, f)
+	if err != nil {
+		logError(testName, function, args, startTime, "", "Copy failed", err)
+		return
+	}
+	writer.Close()
+
+	transport, err := minio.DefaultTransport(mustParseBool(os.Getenv(enableHTTPS)))
+	if err != nil {
+		logError(testName, function, args, startTime, "", "DefaultTransport failed", err)
+		return
+	}
+
+	httpClient := &http.Client{
+		// Setting a sensible time out of 30secs to wait for response
+		// headers. Request is pro-actively canceled after 30secs
+		// with no response.
+		Timeout:   30 * time.Second,
+		Transport: transport,
+	}
+
+	req, err := http.NewRequest(http.MethodPost, presignedPostPolicyURL.String(), bytes.NewReader(formBuf.Bytes()))
+	if err != nil {
+		logError(testName, function, args, startTime, "", "Http request failed", err)
+		return
+	}
+
+	req.Header.Set("Content-Type", writer.FormDataContentType())
+
+	// make post request with correct form data
+	res, err := httpClient.Do(req)
+	if err != nil {
+		logError(testName, function, args, startTime, "", "Http request failed", err)
+		return
+	}
+	defer res.Body.Close()
+	if res.StatusCode != http.StatusNoContent {
+		logError(testName, function, args, startTime, "", "Http request failed", errors.New(res.Status))
+		return
+	}
+
+	// expected path should be absolute path of the object
+	var scheme string
+	if mustParseBool(os.Getenv(enableHTTPS)) {
+		scheme = "https://"
+	} else {
+		scheme = "http://"
+	}
+
+	expectedLocation := scheme + os.Getenv(serverEndpoint) + "/" + bucketName + "/" + objectName
+	expectedLocationBucketDNS := scheme + bucketName + "." + os.Getenv(serverEndpoint) + "/" + objectName
+
+	if val, ok := res.Header["Location"]; ok {
+		if val[0] != expectedLocation && val[0] != expectedLocationBucketDNS {
+			logError(testName, function, args, startTime, "", "Location in header response is incorrect", err)
+			return
+		}
+	} else {
+		logError(testName, function, args, startTime, "", "Location not found in header response", err)
+		return
+	}
+
+	successLogger(testName, function, args, startTime).Info()
+}
+
+// Tests copy object
+func testCopyObject() {
+	// initialize logging params
+	startTime := time.Now()
+	testName := getFuncName()
+	function := "CopyObject(dst, src)"
+	args := map[string]interface{}{}
+
+	// Seed random based on current time.
+	rand.Seed(time.Now().Unix())
+
+	// Instantiate new minio client object
+	c, err := minio.New(os.Getenv(serverEndpoint),
+		&minio.Options{
+			Creds:  credentials.NewStaticV4(os.Getenv(accessKey), os.Getenv(secretKey), ""),
+			Secure: mustParseBool(os.Getenv(enableHTTPS)),
+		})
+	if err != nil {
+		logError(testName, function, args, startTime, "", "MinIO client object creation failed", err)
+		return
+	}
+
+	// Enable tracing, write to stderr.
+	// c.TraceOn(os.Stderr)
+
+	// Set user agent.
+	c.SetAppInfo("MinIO-go-FunctionalTest", "0.1.0")
+
+	// Generate a new random bucket name.
+	bucketName := randString(60, rand.NewSource(time.Now().UnixNano()), "minio-go-test-")
+
+	// Make a new bucket in 'us-east-1' (source bucket).
+	err = c.MakeBucket(context.Background(), bucketName, minio.MakeBucketOptions{Region: "us-east-1"})
+	if err != nil {
+		logError(testName, function, args, startTime, "", "MakeBucket failed", err)
+		return
+	}
+
+	defer cleanupBucket(bucketName, c)
+
+	// Make a new bucket in 'us-east-1' (destination bucket).
+	err = c.MakeBucket(context.Background(), bucketName+"-copy", minio.MakeBucketOptions{Region: "us-east-1"})
+	if err != nil {
+		logError(testName, function, args, startTime, "", "MakeBucket failed", err)
+		return
+	}
+	defer cleanupBucket(bucketName+"-copy", c)
+
+	// Generate 33K of data.
+	bufSize := dataFileMap["datafile-33-kB"]
+	var reader = getDataReader("datafile-33-kB")
+
+	// Save the data
+	objectName := randString(60, rand.NewSource(time.Now().UnixNano()), "")
+	_, err = c.PutObject(context.Background(), bucketName, objectName, reader, int64(bufSize), minio.PutObjectOptions{ContentType: "binary/octet-stream"})
+	if err != nil {
+		logError(testName, function, args, startTime, "", "PutObject failed", err)
+		return
+	}
+
+	r, err := c.GetObject(context.Background(), bucketName, objectName, minio.GetObjectOptions{})
+	if err != nil {
+		logError(testName, function, args, startTime, "", "GetObject failed", err)
+		return
+	}
+	// Check the various fields of source object against destination object.
+	objInfo, err := r.Stat()
+	if err != nil {
+		logError(testName, function, args, startTime, "", "Stat failed", err)
+		return
+	}
+
+	// Copy Source
+	src := minio.CopySrcOptions{
+		Bucket: bucketName,
+		Object: objectName,
+		// Set copy conditions.
+		MatchETag:          objInfo.ETag,
+		MatchModifiedSince: time.Date(2014, time.April, 0, 0, 0, 0, 0, time.UTC),
+	}
+	args["src"] = src
+
+	dst := minio.CopyDestOptions{
+		Bucket: bucketName + "-copy",
+		Object: objectName + "-copy",
+	}
+
+	// Perform the Copy
+	if _, err = c.CopyObject(context.Background(), dst, src); err != nil {
+		logError(testName, function, args, startTime, "", "CopyObject failed", err)
+		return
+	}
+
+	// Source object
+	r, err = c.GetObject(context.Background(), bucketName, objectName, minio.GetObjectOptions{})
+	if err != nil {
+		logError(testName, function, args, startTime, "", "GetObject failed", err)
+		return
+	}
+
+	// Destination object
+	readerCopy, err := c.GetObject(context.Background(), bucketName+"-copy", objectName+"-copy", minio.GetObjectOptions{})
+	if err != nil {
+		logError(testName, function, args, startTime, "", "GetObject failed", err)
+		return
+	}
+
+	// Check the various fields of source object against destination object.
+	objInfo, err = r.Stat()
+	if err != nil {
+		logError(testName, function, args, startTime, "", "Stat failed", err)
+		return
+	}
+	objInfoCopy, err := readerCopy.Stat()
+	if err != nil {
+		logError(testName, function, args, startTime, "", "Stat failed", err)
+		return
+	}
+	if objInfo.Size != objInfoCopy.Size {
+		logError(testName, function, args, startTime, "", "Number of bytes does not match, expected "+string(objInfoCopy.Size)+", got "+string(objInfo.Size), err)
+		return
+	}
+
+	if err := crcMatchesName(r, "datafile-33-kB"); err != nil {
+		logError(testName, function, args, startTime, "", "data CRC check failed", err)
+		return
+	}
+	if err := crcMatchesName(readerCopy, "datafile-33-kB"); err != nil {
+		logError(testName, function, args, startTime, "", "copy data CRC check failed", err)
+		return
+	}
+	// Close all the get readers before proceeding with CopyObject operations.
+	r.Close()
+	readerCopy.Close()
+
+	// CopyObject again but with wrong conditions
+	src = minio.CopySrcOptions{
+		Bucket:               bucketName,
+		Object:               objectName,
+		MatchUnmodifiedSince: time.Date(2014, time.April, 0, 0, 0, 0, 0, time.UTC),
+		NoMatchETag:          objInfo.ETag,
+	}
+
+	// Perform the Copy which should fail
+	_, err = c.CopyObject(context.Background(), dst, src)
+	if err == nil {
+		logError(testName, function, args, startTime, "", "CopyObject did not fail for invalid conditions", err)
+		return
+	}
+
+	src = minio.CopySrcOptions{
+		Bucket: bucketName,
+		Object: objectName,
+	}
+
+	dst = minio.CopyDestOptions{
+		Bucket:          bucketName,
+		Object:          objectName,
+		ReplaceMetadata: true,
+		UserMetadata: map[string]string{
+			"Copy": "should be same",
+		},
+	}
+	args["dst"] = dst
+	args["src"] = src
+
+	_, err = c.CopyObject(context.Background(), dst, src)
+	if err != nil {
+		logError(testName, function, args, startTime, "", "CopyObject shouldn't fail", err)
+		return
+	}
+
+	oi, err := c.StatObject(context.Background(), bucketName, objectName, minio.StatObjectOptions{})
+	if err != nil {
+		logError(testName, function, args, startTime, "", "StatObject failed", err)
+		return
+	}
+
+	stOpts := minio.StatObjectOptions{}
+	stOpts.SetMatchETag(oi.ETag)
+	objInfo, err = c.StatObject(context.Background(), bucketName, objectName, stOpts)
+	if err != nil {
+		logError(testName, function, args, startTime, "", "CopyObject ETag should match and not fail", err)
+		return
+	}
+
+	if objInfo.Metadata.Get("x-amz-meta-copy") != "should be same" {
+		logError(testName, function, args, startTime, "", "CopyObject modified metadata should match", err)
+		return
+	}
+
+	successLogger(testName, function, args, startTime).Info()
+}
+
+// Tests SSE-C get object ReaderSeeker interface methods.
+func testSSECEncryptedGetObjectReadSeekFunctional() {
+	// initialize logging params
+	startTime := time.Now()
+	testName := getFuncName()
+	function := "GetObject(bucketName, objectName)"
+	args := map[string]interface{}{}
+
+	// Seed random based on current time.
+	rand.Seed(time.Now().Unix())
+
+	// Instantiate new minio client object.
+	c, err := minio.New(os.Getenv(serverEndpoint),
+		&minio.Options{
+			Creds:  credentials.NewStaticV4(os.Getenv(accessKey), os.Getenv(secretKey), ""),
+			Secure: mustParseBool(os.Getenv(enableHTTPS)),
+		})
+	if err != nil {
+		logError(testName, function, args, startTime, "", "MinIO client object creation failed", err)
+		return
+	}
+
+	// Enable tracing, write to stderr.
+	// c.TraceOn(os.Stderr)
+
+	// Set user agent.
+	c.SetAppInfo("MinIO-go-FunctionalTest", "0.1.0")
+
+	// Generate a new random bucket name.
+	bucketName := randString(60, rand.NewSource(time.Now().UnixNano()), "minio-go-test-")
+	args["bucketName"] = bucketName
+
+	// Make a new bucket.
+	err = c.MakeBucket(context.Background(), bucketName, minio.MakeBucketOptions{Region: "us-east-1"})
+	if err != nil {
+		logError(testName, function, args, startTime, "", "MakeBucket failed", err)
+		return
+	}
+
+	defer func() {
+		// Delete all objects and buckets
+		if err = cleanupBucket(bucketName, c); err != nil {
+			logError(testName, function, args, startTime, "", "CleanupBucket failed", err)
+			return
+		}
+	}()
+
+	// Generate 129MiB of data.
+	bufSize := dataFileMap["datafile-129-MB"]
+	var reader = getDataReader("datafile-129-MB")
+	defer reader.Close()
+
+	objectName := randString(60, rand.NewSource(time.Now().UnixNano()), "")
+	args["objectName"] = objectName
+
+	buf, err := ioutil.ReadAll(reader)
+	if err != nil {
+		logError(testName, function, args, startTime, "", "ReadAll failed", err)
+		return
+	}
+
+	// Save the data
+	_, err = c.PutObject(context.Background(), bucketName, objectName, bytes.NewReader(buf), int64(len(buf)), minio.PutObjectOptions{
+		ContentType:          "binary/octet-stream",
+		ServerSideEncryption: encrypt.DefaultPBKDF([]byte("correct horse battery staple"), []byte(bucketName+objectName)),
+	})
+	if err != nil {
+		logError(testName, function, args, startTime, "", "PutObject failed", err)
+		return
+	}
+
+	// Read the data back
+	r, err := c.GetObject(context.Background(), bucketName, objectName, minio.GetObjectOptions{
+		ServerSideEncryption: encrypt.DefaultPBKDF([]byte("correct horse battery staple"), []byte(bucketName+objectName)),
+	})
+	if err != nil {
+		logError(testName, function, args, startTime, "", "GetObject failed", err)
+		return
+	}
+	defer r.Close()
+
+	st, err := r.Stat()
+	if err != nil {
+		logError(testName, function, args, startTime, "", "Stat object failed", err)
+		return
+	}
+
+	if st.Size != int64(bufSize) {
+		logError(testName, function, args, startTime, "", "Number of bytes does not match, expected "+string(int64(bufSize))+", got "+string(st.Size), err)
+		return
+	}
+
+	// This following function helps us to compare data from the reader after seek
+	// with the data from the original buffer
+	cmpData := func(r io.Reader, start, end int) {
+		if end-start == 0 {
+			return
+		}
+		buffer := bytes.NewBuffer([]byte{})
+		if _, err := io.CopyN(buffer, r, int64(bufSize)); err != nil {
+			if err != io.EOF {
+				logError(testName, function, args, startTime, "", "CopyN failed", err)
+				return
+			}
+		}
+		if !bytes.Equal(buf[start:end], buffer.Bytes()) {
+			logError(testName, function, args, startTime, "", "Incorrect read bytes v/s original buffer", err)
+			return
+		}
+	}
+
+	testCases := []struct {
+		offset    int64
+		whence    int
+		pos       int64
+		err       error
+		shouldCmp bool
+		start     int
+		end       int
+	}{
+		// Start from offset 0, fetch data and compare
+		{0, 0, 0, nil, true, 0, 0},
+		// Start from offset 2048, fetch data and compare
+		{2048, 0, 2048, nil, true, 2048, bufSize},
+		// Start from offset larger than possible
+		{int64(bufSize) + 1024, 0, 0, io.EOF, false, 0, 0},
+		// Move to offset 0 without comparing
+		{0, 0, 0, nil, false, 0, 0},
+		// Move one step forward and compare
+		{1, 1, 1, nil, true, 1, bufSize},
+		// Move larger than possible
+		{int64(bufSize), 1, 0, io.EOF, false, 0, 0},
+		// Provide negative offset with CUR_SEEK
+		{int64(-1), 1, 0, fmt.Errorf("Negative position not allowed for 1"), false, 0, 0},
+		// Test with whence SEEK_END and with positive offset
+		{1024, 2, 0, io.EOF, false, 0, 0},
+		// Test with whence SEEK_END and with negative offset
+		{-1024, 2, int64(bufSize) - 1024, nil, true, bufSize - 1024, bufSize},
+		// Test with whence SEEK_END and with large negative offset
+		{-int64(bufSize) * 2, 2, 0, fmt.Errorf("Seeking at negative offset not allowed for 2"), false, 0, 0},
+		// Test with invalid whence
+		{0, 3, 0, fmt.Errorf("Invalid whence 3"), false, 0, 0},
+	}
+
+	for i, testCase := range testCases {
+		// Perform seek operation
+		n, err := r.Seek(testCase.offset, testCase.whence)
+		if err != nil && testCase.err == nil {
+			// We expected success.
+			logError(testName, function, args, startTime, "",
+				fmt.Sprintf("Test %d, unexpected err value: expected: %s, found: %s", i+1, testCase.err, err), err)
+			return
+		}
+		if err == nil && testCase.err != nil {
+			// We expected failure, but got success.
+			logError(testName, function, args, startTime, "",
+				fmt.Sprintf("Test %d, unexpected err value: expected: %s, found: %s", i+1, testCase.err, err), err)
+			return
+		}
+		if err != nil && testCase.err != nil {
+			if err.Error() != testCase.err.Error() {
+				// We expect a specific error
+				logError(testName, function, args, startTime, "",
+					fmt.Sprintf("Test %d, unexpected err value: expected: %s, found: %s", i+1, testCase.err, err), err)
+				return
+			}
+		}
+		// Check the returned seek pos
+		if n != testCase.pos {
+			logError(testName, function, args, startTime, "",
+				fmt.Sprintf("Test %d, number of bytes seeked does not match, expected %d, got %d", i+1, testCase.pos, n), err)
+			return
+		}
+		// Compare only if shouldCmp is activated
+		if testCase.shouldCmp {
+			cmpData(r, testCase.start, testCase.end)
+		}
+	}
+
+	successLogger(testName, function, args, startTime).Info()
+}
+
+// Tests SSE-S3 get object ReaderSeeker interface methods.
+func testSSES3EncryptedGetObjectReadSeekFunctional() {
+	// initialize logging params
+	startTime := time.Now()
+	testName := getFuncName()
+	function := "GetObject(bucketName, objectName)"
+	args := map[string]interface{}{}
+
+	// Seed random based on current time.
+	rand.Seed(time.Now().Unix())
+
+	// Instantiate new minio client object.
+	c, err := minio.New(os.Getenv(serverEndpoint),
+		&minio.Options{
+			Creds:  credentials.NewStaticV4(os.Getenv(accessKey), os.Getenv(secretKey), ""),
+			Secure: mustParseBool(os.Getenv(enableHTTPS)),
+		})
+	if err != nil {
+		logError(testName, function, args, startTime, "", "MinIO client object creation failed", err)
+		return
+	}
+
+	// Enable tracing, write to stderr.
+	// c.TraceOn(os.Stderr)
+
+	// Set user agent.
+	c.SetAppInfo("MinIO-go-FunctionalTest", "0.1.0")
+
+	// Generate a new random bucket name.
+	bucketName := randString(60, rand.NewSource(time.Now().UnixNano()), "minio-go-test-")
+	args["bucketName"] = bucketName
+
+	// Make a new bucket.
+	err = c.MakeBucket(context.Background(), bucketName, minio.MakeBucketOptions{Region: "us-east-1"})
+	if err != nil {
+		logError(testName, function, args, startTime, "", "MakeBucket failed", err)
+		return
+	}
+
+	defer func() {
+		// Delete all objects and buckets
+		if err = cleanupBucket(bucketName, c); err != nil {
+			logError(testName, function, args, startTime, "", "CleanupBucket failed", err)
+			return
+		}
+	}()
+
+	// Generate 129MiB of data.
+	bufSize := dataFileMap["datafile-129-MB"]
+	var reader = getDataReader("datafile-129-MB")
+	defer reader.Close()
+
+	objectName := randString(60, rand.NewSource(time.Now().UnixNano()), "")
+	args["objectName"] = objectName
+
+	buf, err := ioutil.ReadAll(reader)
+	if err != nil {
+		logError(testName, function, args, startTime, "", "ReadAll failed", err)
+		return
+	}
+
+	// Save the data
+	_, err = c.PutObject(context.Background(), bucketName, objectName, bytes.NewReader(buf), int64(len(buf)), minio.PutObjectOptions{
+		ContentType:          "binary/octet-stream",
+		ServerSideEncryption: encrypt.NewSSE(),
+	})
+	if err != nil {
+		logError(testName, function, args, startTime, "", "PutObject failed", err)
+		return
+	}
+
+	// Read the data back
+	r, err := c.GetObject(context.Background(), bucketName, objectName, minio.GetObjectOptions{})
+	if err != nil {
+		logError(testName, function, args, startTime, "", "GetObject failed", err)
+		return
+	}
+	defer r.Close()
+
+	st, err := r.Stat()
+	if err != nil {
+		logError(testName, function, args, startTime, "", "Stat object failed", err)
+		return
+	}
+
+	if st.Size != int64(bufSize) {
+		logError(testName, function, args, startTime, "", "Number of bytes does not match, expected "+string(int64(bufSize))+", got "+string(st.Size), err)
+		return
+	}
+
+	// This following function helps us to compare data from the reader after seek
+	// with the data from the original buffer
+	cmpData := func(r io.Reader, start, end int) {
+		if end-start == 0 {
+			return
+		}
+		buffer := bytes.NewBuffer([]byte{})
+		if _, err := io.CopyN(buffer, r, int64(bufSize)); err != nil {
+			if err != io.EOF {
+				logError(testName, function, args, startTime, "", "CopyN failed", err)
+				return
+			}
+		}
+		if !bytes.Equal(buf[start:end], buffer.Bytes()) {
+			logError(testName, function, args, startTime, "", "Incorrect read bytes v/s original buffer", err)
+			return
+		}
+	}
+
+	testCases := []struct {
+		offset    int64
+		whence    int
+		pos       int64
+		err       error
+		shouldCmp bool
+		start     int
+		end       int
+	}{
+		// Start from offset 0, fetch data and compare
+		{0, 0, 0, nil, true, 0, 0},
+		// Start from offset 2048, fetch data and compare
+		{2048, 0, 2048, nil, true, 2048, bufSize},
+		// Start from offset larger than possible
+		{int64(bufSize) + 1024, 0, 0, io.EOF, false, 0, 0},
+		// Move to offset 0 without comparing
+		{0, 0, 0, nil, false, 0, 0},
+		// Move one step forward and compare
+		{1, 1, 1, nil, true, 1, bufSize},
+		// Move larger than possible
+		{int64(bufSize), 1, 0, io.EOF, false, 0, 0},
+		// Provide negative offset with CUR_SEEK
+		{int64(-1), 1, 0, fmt.Errorf("Negative position not allowed for 1"), false, 0, 0},
+		// Test with whence SEEK_END and with positive offset
+		{1024, 2, 0, io.EOF, false, 0, 0},
+		// Test with whence SEEK_END and with negative offset
+		{-1024, 2, int64(bufSize) - 1024, nil, true, bufSize - 1024, bufSize},
+		// Test with whence SEEK_END and with large negative offset
+		{-int64(bufSize) * 2, 2, 0, fmt.Errorf("Seeking at negative offset not allowed for 2"), false, 0, 0},
+		// Test with invalid whence
+		{0, 3, 0, fmt.Errorf("Invalid whence 3"), false, 0, 0},
+	}
+
+	for i, testCase := range testCases {
+		// Perform seek operation
+		n, err := r.Seek(testCase.offset, testCase.whence)
+		if err != nil && testCase.err == nil {
+			// We expected success.
+			logError(testName, function, args, startTime, "",
+				fmt.Sprintf("Test %d, unexpected err value: expected: %s, found: %s", i+1, testCase.err, err), err)
+			return
+		}
+		if err == nil && testCase.err != nil {
+			// We expected failure, but got success.
+			logError(testName, function, args, startTime, "",
+				fmt.Sprintf("Test %d, unexpected err value: expected: %s, found: %s", i+1, testCase.err, err), err)
+			return
+		}
+		if err != nil && testCase.err != nil {
+			if err.Error() != testCase.err.Error() {
+				// We expect a specific error
+				logError(testName, function, args, startTime, "",
+					fmt.Sprintf("Test %d, unexpected err value: expected: %s, found: %s", i+1, testCase.err, err), err)
+				return
+			}
+		}
+		// Check the returned seek pos
+		if n != testCase.pos {
+			logError(testName, function, args, startTime, "",
+				fmt.Sprintf("Test %d, number of bytes seeked does not match, expected %d, got %d", i+1, testCase.pos, n), err)
+			return
+		}
+		// Compare only if shouldCmp is activated
+		if testCase.shouldCmp {
+			cmpData(r, testCase.start, testCase.end)
+		}
+	}
+
+	successLogger(testName, function, args, startTime).Info()
+}
+
+// Tests SSE-C get object ReaderAt interface methods.
+func testSSECEncryptedGetObjectReadAtFunctional() {
+	// initialize logging params
+	startTime := time.Now()
+	testName := getFuncName()
+	function := "GetObject(bucketName, objectName)"
+	args := map[string]interface{}{}
+
+	// Seed random based on current time.
+	rand.Seed(time.Now().Unix())
+
+	// Instantiate new minio client object.
+	c, err := minio.New(os.Getenv(serverEndpoint),
+		&minio.Options{
+			Creds:  credentials.NewStaticV4(os.Getenv(accessKey), os.Getenv(secretKey), ""),
+			Secure: mustParseBool(os.Getenv(enableHTTPS)),
+		})
+	if err != nil {
+		logError(testName, function, args, startTime, "", "MinIO client object creation failed", err)
+		return
+	}
+
+	// Enable tracing, write to stderr.
+	// c.TraceOn(os.Stderr)
+
+	// Set user agent.
+	c.SetAppInfo("MinIO-go-FunctionalTest", "0.1.0")
+
+	// Generate a new random bucket name.
+	bucketName := randString(60, rand.NewSource(time.Now().UnixNano()), "minio-go-test-")
+	args["bucketName"] = bucketName
+
+	// Make a new bucket.
+	err = c.MakeBucket(context.Background(), bucketName, minio.MakeBucketOptions{Region: "us-east-1"})
+	if err != nil {
+		logError(testName, function, args, startTime, "", "MakeBucket failed", err)
+		return
+	}
+
+	defer cleanupBucket(bucketName, c)
+
+	// Generate 129MiB of data.
+	bufSize := dataFileMap["datafile-129-MB"]
+	var reader = getDataReader("datafile-129-MB")
+	defer reader.Close()
+
+	objectName := randString(60, rand.NewSource(time.Now().UnixNano()), "")
+	args["objectName"] = objectName
+
+	buf, err := ioutil.ReadAll(reader)
+	if err != nil {
+		logError(testName, function, args, startTime, "", "ReadAll failed", err)
+		return
+	}
+
+	// Save the data
+	_, err = c.PutObject(context.Background(), bucketName, objectName, bytes.NewReader(buf), int64(len(buf)), minio.PutObjectOptions{
+		ContentType:          "binary/octet-stream",
+		ServerSideEncryption: encrypt.DefaultPBKDF([]byte("correct horse battery staple"), []byte(bucketName+objectName)),
+	})
+	if err != nil {
+		logError(testName, function, args, startTime, "", "PutObject failed", err)
+		return
+	}
+
+	// read the data back
+	r, err := c.GetObject(context.Background(), bucketName, objectName, minio.GetObjectOptions{
+		ServerSideEncryption: encrypt.DefaultPBKDF([]byte("correct horse battery staple"), []byte(bucketName+objectName)),
+	})
+	if err != nil {
+		logError(testName, function, args, startTime, "", "PutObject failed", err)
+		return
+	}
+	defer r.Close()
+
+	offset := int64(2048)
+
+	// read directly
+	buf1 := make([]byte, 512)
+	buf2 := make([]byte, 512)
+	buf3 := make([]byte, 512)
+	buf4 := make([]byte, 512)
+
+	// Test readAt before stat is called such that objectInfo doesn't change.
+	m, err := r.ReadAt(buf1, offset)
+	if err != nil {
+		logError(testName, function, args, startTime, "", "ReadAt failed", err)
+		return
+	}
+	if m != len(buf1) {
+		logError(testName, function, args, startTime, "", "ReadAt read shorter bytes before reaching EOF, expected "+string(len(buf1))+", got "+string(m), err)
+		return
+	}
+	if !bytes.Equal(buf1, buf[offset:offset+512]) {
+		logError(testName, function, args, startTime, "", "Incorrect read between two ReadAt from same offset", err)
+		return
+	}
+	offset += 512
+
+	st, err := r.Stat()
+	if err != nil {
+		logError(testName, function, args, startTime, "", "Stat failed", err)
+		return
+	}
+
+	if st.Size != int64(bufSize) {
+		logError(testName, function, args, startTime, "", "Number of bytes in stat does not match, expected "+string(int64(bufSize))+", got "+string(st.Size), err)
+		return
+	}
+
+	m, err = r.ReadAt(buf2, offset)
+	if err != nil {
+		logError(testName, function, args, startTime, "", "ReadAt failed", err)
+		return
+	}
+	if m != len(buf2) {
+		logError(testName, function, args, startTime, "", "ReadAt read shorter bytes before reaching EOF, expected "+string(len(buf2))+", got "+string(m), err)
+		return
+	}
+	if !bytes.Equal(buf2, buf[offset:offset+512]) {
+		logError(testName, function, args, startTime, "", "Incorrect read between two ReadAt from same offset", err)
+		return
+	}
+	offset += 512
+	m, err = r.ReadAt(buf3, offset)
+	if err != nil {
+		logError(testName, function, args, startTime, "", "ReadAt failed", err)
+		return
+	}
+	if m != len(buf3) {
+		logError(testName, function, args, startTime, "", "ReadAt read shorter bytes before reaching EOF, expected "+string(len(buf3))+", got "+string(m), err)
+		return
+	}
+	if !bytes.Equal(buf3, buf[offset:offset+512]) {
+		logError(testName, function, args, startTime, "", "Incorrect read between two ReadAt from same offset", err)
+		return
+	}
+	offset += 512
+	m, err = r.ReadAt(buf4, offset)
+	if err != nil {
+		logError(testName, function, args, startTime, "", "ReadAt failed", err)
+		return
+	}
+	if m != len(buf4) {
+		logError(testName, function, args, startTime, "", "ReadAt read shorter bytes before reaching EOF, expected "+string(len(buf4))+", got "+string(m), err)
+		return
+	}
+	if !bytes.Equal(buf4, buf[offset:offset+512]) {
+		logError(testName, function, args, startTime, "", "Incorrect read between two ReadAt from same offset", err)
+		return
+	}
+
+	buf5 := make([]byte, len(buf))
+	// Read the whole object.
+	m, err = r.ReadAt(buf5, 0)
+	if err != nil {
+		if err != io.EOF {
+			logError(testName, function, args, startTime, "", "ReadAt failed", err)
+			return
+		}
+	}
+	if m != len(buf5) {
+		logError(testName, function, args, startTime, "", "ReadAt read shorter bytes before reaching EOF, expected "+string(len(buf5))+", got "+string(m), err)
+		return
+	}
+	if !bytes.Equal(buf, buf5) {
+		logError(testName, function, args, startTime, "", "Incorrect data read in GetObject, than what was previously uploaded", err)
+		return
+	}
+
+	buf6 := make([]byte, len(buf)+1)
+	// Read the whole object and beyond.
+	_, err = r.ReadAt(buf6, 0)
+	if err != nil {
+		if err != io.EOF {
+			logError(testName, function, args, startTime, "", "ReadAt failed", err)
+			return
+		}
+	}
+
+	successLogger(testName, function, args, startTime).Info()
+}
+
+// Tests SSE-S3 get object ReaderAt interface methods.
+func testSSES3EncryptedGetObjectReadAtFunctional() {
+	// initialize logging params
+	startTime := time.Now()
+	testName := getFuncName()
+	function := "GetObject(bucketName, objectName)"
+	args := map[string]interface{}{}
+
+	// Seed random based on current time.
+	rand.Seed(time.Now().Unix())
+
+	// Instantiate new minio client object.
+	c, err := minio.New(os.Getenv(serverEndpoint),
+		&minio.Options{
+			Creds:  credentials.NewStaticV4(os.Getenv(accessKey), os.Getenv(secretKey), ""),
+			Secure: mustParseBool(os.Getenv(enableHTTPS)),
+		})
+	if err != nil {
+		logError(testName, function, args, startTime, "", "MinIO client object creation failed", err)
+		return
+	}
+
+	// Enable tracing, write to stderr.
+	// c.TraceOn(os.Stderr)
+
+	// Set user agent.
+	c.SetAppInfo("MinIO-go-FunctionalTest", "0.1.0")
+
+	// Generate a new random bucket name.
+	bucketName := randString(60, rand.NewSource(time.Now().UnixNano()), "minio-go-test-")
+	args["bucketName"] = bucketName
+
+	// Make a new bucket.
+	err = c.MakeBucket(context.Background(), bucketName, minio.MakeBucketOptions{Region: "us-east-1"})
+	if err != nil {
+		logError(testName, function, args, startTime, "", "MakeBucket failed", err)
+		return
+	}
+
+	defer cleanupBucket(bucketName, c)
+
+	// Generate 129MiB of data.
+	bufSize := dataFileMap["datafile-129-MB"]
+	var reader = getDataReader("datafile-129-MB")
+	defer reader.Close()
+
+	objectName := randString(60, rand.NewSource(time.Now().UnixNano()), "")
+	args["objectName"] = objectName
+
+	buf, err := ioutil.ReadAll(reader)
+	if err != nil {
+		logError(testName, function, args, startTime, "", "ReadAll failed", err)
+		return
+	}
+
+	// Save the data
+	_, err = c.PutObject(context.Background(), bucketName, objectName, bytes.NewReader(buf), int64(len(buf)), minio.PutObjectOptions{
+		ContentType:          "binary/octet-stream",
+		ServerSideEncryption: encrypt.NewSSE(),
+	})
+	if err != nil {
+		logError(testName, function, args, startTime, "", "PutObject failed", err)
+		return
+	}
+
+	// read the data back
+	r, err := c.GetObject(context.Background(), bucketName, objectName, minio.GetObjectOptions{})
+	if err != nil {
+		logError(testName, function, args, startTime, "", "PutObject failed", err)
+		return
+	}
+	defer r.Close()
+
+	offset := int64(2048)
+
+	// read directly
+	buf1 := make([]byte, 512)
+	buf2 := make([]byte, 512)
+	buf3 := make([]byte, 512)
+	buf4 := make([]byte, 512)
+
+	// Test readAt before stat is called such that objectInfo doesn't change.
+	m, err := r.ReadAt(buf1, offset)
+	if err != nil {
+		logError(testName, function, args, startTime, "", "ReadAt failed", err)
+		return
+	}
+	if m != len(buf1) {
+		logError(testName, function, args, startTime, "", "ReadAt read shorter bytes before reaching EOF, expected "+string(len(buf1))+", got "+string(m), err)
+		return
+	}
+	if !bytes.Equal(buf1, buf[offset:offset+512]) {
+		logError(testName, function, args, startTime, "", "Incorrect read between two ReadAt from same offset", err)
+		return
+	}
+	offset += 512
+
+	st, err := r.Stat()
+	if err != nil {
+		logError(testName, function, args, startTime, "", "Stat failed", err)
+		return
+	}
+
+	if st.Size != int64(bufSize) {
+		logError(testName, function, args, startTime, "", "Number of bytes in stat does not match, expected "+string(int64(bufSize))+", got "+string(st.Size), err)
+		return
+	}
+
+	m, err = r.ReadAt(buf2, offset)
+	if err != nil {
+		logError(testName, function, args, startTime, "", "ReadAt failed", err)
+		return
+	}
+	if m != len(buf2) {
+		logError(testName, function, args, startTime, "", "ReadAt read shorter bytes before reaching EOF, expected "+string(len(buf2))+", got "+string(m), err)
+		return
+	}
+	if !bytes.Equal(buf2, buf[offset:offset+512]) {
+		logError(testName, function, args, startTime, "", "Incorrect read between two ReadAt from same offset", err)
+		return
+	}
+	offset += 512
+	m, err = r.ReadAt(buf3, offset)
+	if err != nil {
+		logError(testName, function, args, startTime, "", "ReadAt failed", err)
+		return
+	}
+	if m != len(buf3) {
+		logError(testName, function, args, startTime, "", "ReadAt read shorter bytes before reaching EOF, expected "+string(len(buf3))+", got "+string(m), err)
+		return
+	}
+	if !bytes.Equal(buf3, buf[offset:offset+512]) {
+		logError(testName, function, args, startTime, "", "Incorrect read between two ReadAt from same offset", err)
+		return
+	}
+	offset += 512
+	m, err = r.ReadAt(buf4, offset)
+	if err != nil {
+		logError(testName, function, args, startTime, "", "ReadAt failed", err)
+		return
+	}
+	if m != len(buf4) {
+		logError(testName, function, args, startTime, "", "ReadAt read shorter bytes before reaching EOF, expected "+string(len(buf4))+", got "+string(m), err)
+		return
+	}
+	if !bytes.Equal(buf4, buf[offset:offset+512]) {
+		logError(testName, function, args, startTime, "", "Incorrect read between two ReadAt from same offset", err)
+		return
+	}
+
+	buf5 := make([]byte, len(buf))
+	// Read the whole object.
+	m, err = r.ReadAt(buf5, 0)
+	if err != nil {
+		if err != io.EOF {
+			logError(testName, function, args, startTime, "", "ReadAt failed", err)
+			return
+		}
+	}
+	if m != len(buf5) {
+		logError(testName, function, args, startTime, "", "ReadAt read shorter bytes before reaching EOF, expected "+string(len(buf5))+", got "+string(m), err)
+		return
+	}
+	if !bytes.Equal(buf, buf5) {
+		logError(testName, function, args, startTime, "", "Incorrect data read in GetObject, than what was previously uploaded", err)
+		return
+	}
+
+	buf6 := make([]byte, len(buf)+1)
+	// Read the whole object and beyond.
+	_, err = r.ReadAt(buf6, 0)
+	if err != nil {
+		if err != io.EOF {
+			logError(testName, function, args, startTime, "", "ReadAt failed", err)
+			return
+		}
+	}
+
+	successLogger(testName, function, args, startTime).Info()
+}
+
+// testSSECEncryptionPutGet tests encryption with customer provided encryption keys
+func testSSECEncryptionPutGet() {
+	// initialize logging params
+	startTime := time.Now()
+	testName := getFuncName()
+	function := "PutEncryptedObject(bucketName, objectName, reader, sse)"
+	args := map[string]interface{}{
+		"bucketName": "",
+		"objectName": "",
+		"sse":        "",
+	}
+	// Seed random based on current time.
+	rand.Seed(time.Now().Unix())
+
+	// Instantiate new minio client object
+	c, err := minio.New(os.Getenv(serverEndpoint),
+		&minio.Options{
+			Creds:  credentials.NewStaticV4(os.Getenv(accessKey), os.Getenv(secretKey), ""),
+			Secure: mustParseBool(os.Getenv(enableHTTPS)),
+		})
+	if err != nil {
+		logError(testName, function, args, startTime, "", "MinIO client object creation failed", err)
+		return
+	}
+
+	// Enable tracing, write to stderr.
+	// c.TraceOn(os.Stderr)
+
+	// Set user agent.
+	c.SetAppInfo("MinIO-go-FunctionalTest", "0.1.0")
+
+	// Generate a new random bucket name.
+	bucketName := randString(60, rand.NewSource(time.Now().UnixNano()), "minio-go-test-")
+	args["bucketName"] = bucketName
+
+	// Make a new bucket.
+	err = c.MakeBucket(context.Background(), bucketName, minio.MakeBucketOptions{Region: "us-east-1"})
+	if err != nil {
+		logError(testName, function, args, startTime, "", "MakeBucket failed", err)
+		return
+	}
+
+	defer cleanupBucket(bucketName, c)
+
+	testCases := []struct {
+		buf []byte
+	}{
+		{buf: bytes.Repeat([]byte("F"), 1)},
+		{buf: bytes.Repeat([]byte("F"), 15)},
+		{buf: bytes.Repeat([]byte("F"), 16)},
+		{buf: bytes.Repeat([]byte("F"), 17)},
+		{buf: bytes.Repeat([]byte("F"), 31)},
+		{buf: bytes.Repeat([]byte("F"), 32)},
+		{buf: bytes.Repeat([]byte("F"), 33)},
+		{buf: bytes.Repeat([]byte("F"), 1024)},
+		{buf: bytes.Repeat([]byte("F"), 1024*2)},
+		{buf: bytes.Repeat([]byte("F"), 1024*1024)},
+	}
+
+	const password = "correct horse battery staple" // https://xkcd.com/936/
+
+	for i, testCase := range testCases {
+		// Generate a random object name
+		objectName := randString(60, rand.NewSource(time.Now().UnixNano()), "")
+		args["objectName"] = objectName
+
+		// Secured object
+		sse := encrypt.DefaultPBKDF([]byte(password), []byte(bucketName+objectName))
+		args["sse"] = sse
+
+		// Put encrypted data
+		_, err = c.PutObject(context.Background(), bucketName, objectName, bytes.NewReader(testCase.buf), int64(len(testCase.buf)), minio.PutObjectOptions{ServerSideEncryption: sse})
+		if err != nil {
+			logError(testName, function, args, startTime, "", "PutEncryptedObject failed", err)
+			return
+		}
+
+		// Read the data back
+		r, err := c.GetObject(context.Background(), bucketName, objectName, minio.GetObjectOptions{ServerSideEncryption: sse})
+		if err != nil {
+			logError(testName, function, args, startTime, "", "GetEncryptedObject failed", err)
+			return
+		}
+		defer r.Close()
+
+		// Compare the sent object with the received one
+		recvBuffer := bytes.NewBuffer([]byte{})
+		if _, err = io.Copy(recvBuffer, r); err != nil {
+			logError(testName, function, args, startTime, "", "Test "+string(i+1)+", error: "+err.Error(), err)
+			return
+		}
+		if recvBuffer.Len() != len(testCase.buf) {
+			logError(testName, function, args, startTime, "", "Test "+string(i+1)+", Number of bytes of received object does not match, expected "+string(len(testCase.buf))+", got "+string(recvBuffer.Len()), err)
+			return
+		}
+		if !bytes.Equal(testCase.buf, recvBuffer.Bytes()) {
+			logError(testName, function, args, startTime, "", "Test "+string(i+1)+", Encrypted sent is not equal to decrypted, expected "+string(testCase.buf)+", got "+string(recvBuffer.Bytes()), err)
+			return
+		}
+
+		successLogger(testName, function, args, startTime).Info()
+
+	}
+
+	successLogger(testName, function, args, startTime).Info()
+}
+
+// TestEncryptionFPut tests encryption with customer specified encryption keys
+func testSSECEncryptionFPut() {
+	// initialize logging params
+	startTime := time.Now()
+	testName := getFuncName()
+	function := "FPutEncryptedObject(bucketName, objectName, filePath, contentType, sse)"
+	args := map[string]interface{}{
+		"bucketName":  "",
+		"objectName":  "",
+		"filePath":    "",
+		"contentType": "",
+		"sse":         "",
+	}
+	// Seed random based on current time.
+	rand.Seed(time.Now().Unix())
+
+	// Instantiate new minio client object
+	c, err := minio.New(os.Getenv(serverEndpoint),
+		&minio.Options{
+			Creds:  credentials.NewStaticV4(os.Getenv(accessKey), os.Getenv(secretKey), ""),
+			Secure: mustParseBool(os.Getenv(enableHTTPS)),
+		})
+	if err != nil {
+		logError(testName, function, args, startTime, "", "MinIO client object creation failed", err)
+		return
+	}
+
+	// Enable tracing, write to stderr.
+	// c.TraceOn(os.Stderr)
+
+	// Set user agent.
+	c.SetAppInfo("MinIO-go-FunctionalTest", "0.1.0")
+
+	// Generate a new random bucket name.
+	bucketName := randString(60, rand.NewSource(time.Now().UnixNano()), "minio-go-test-")
+	args["bucketName"] = bucketName
+
+	// Make a new bucket.
+	err = c.MakeBucket(context.Background(), bucketName, minio.MakeBucketOptions{Region: "us-east-1"})
+	if err != nil {
+		logError(testName, function, args, startTime, "", "MakeBucket failed", err)
+		return
+	}
+
+	defer cleanupBucket(bucketName, c)
+
+	// Object custom metadata
+	customContentType := "custom/contenttype"
+	args["metadata"] = customContentType
+
+	testCases := []struct {
+		buf []byte
+	}{
+		{buf: bytes.Repeat([]byte("F"), 0)},
+		{buf: bytes.Repeat([]byte("F"), 1)},
+		{buf: bytes.Repeat([]byte("F"), 15)},
+		{buf: bytes.Repeat([]byte("F"), 16)},
+		{buf: bytes.Repeat([]byte("F"), 17)},
+		{buf: bytes.Repeat([]byte("F"), 31)},
+		{buf: bytes.Repeat([]byte("F"), 32)},
+		{buf: bytes.Repeat([]byte("F"), 33)},
+		{buf: bytes.Repeat([]byte("F"), 1024)},
+		{buf: bytes.Repeat([]byte("F"), 1024*2)},
+		{buf: bytes.Repeat([]byte("F"), 1024*1024)},
+	}
+
+	const password = "correct horse battery staple" // https://xkcd.com/936/
+	for i, testCase := range testCases {
+		// Generate a random object name
+		objectName := randString(60, rand.NewSource(time.Now().UnixNano()), "")
+		args["objectName"] = objectName
+
+		// Secured object
+		sse := encrypt.DefaultPBKDF([]byte(password), []byte(bucketName+objectName))
+		args["sse"] = sse
+
+		// Generate a random file name.
+		fileName := randString(60, rand.NewSource(time.Now().UnixNano()), "")
+		file, err := os.Create(fileName)
+		if err != nil {
+			logError(testName, function, args, startTime, "", "file create failed", err)
+			return
+		}
+		_, err = file.Write(testCase.buf)
+		if err != nil {
+			logError(testName, function, args, startTime, "", "file write failed", err)
+			return
+		}
+		file.Close()
+		// Put encrypted data
+		if _, err = c.FPutObject(context.Background(), bucketName, objectName, fileName, minio.PutObjectOptions{ServerSideEncryption: sse}); err != nil {
+			logError(testName, function, args, startTime, "", "FPutEncryptedObject failed", err)
+			return
+		}
+
+		// Read the data back
+		r, err := c.GetObject(context.Background(), bucketName, objectName, minio.GetObjectOptions{ServerSideEncryption: sse})
+		if err != nil {
+			logError(testName, function, args, startTime, "", "GetEncryptedObject failed", err)
+			return
+		}
+		defer r.Close()
+
+		// Compare the sent object with the received one
+		recvBuffer := bytes.NewBuffer([]byte{})
+		if _, err = io.Copy(recvBuffer, r); err != nil {
+			logError(testName, function, args, startTime, "", "Test "+string(i+1)+", error: "+err.Error(), err)
+			return
+		}
+		if recvBuffer.Len() != len(testCase.buf) {
+			logError(testName, function, args, startTime, "", "Test "+string(i+1)+", Number of bytes of received object does not match, expected "+string(len(testCase.buf))+", got "+string(recvBuffer.Len()), err)
+			return
+		}
+		if !bytes.Equal(testCase.buf, recvBuffer.Bytes()) {
+			logError(testName, function, args, startTime, "", "Test "+string(i+1)+", Encrypted sent is not equal to decrypted, expected "+string(testCase.buf)+", got "+string(recvBuffer.Bytes()), err)
+			return
+		}
+
+		os.Remove(fileName)
+	}
+
+	successLogger(testName, function, args, startTime).Info()
+}
+
+// testSSES3EncryptionPutGet tests SSE-S3 encryption
+func testSSES3EncryptionPutGet() {
+	// initialize logging params
+	startTime := time.Now()
+	testName := getFuncName()
+	function := "PutEncryptedObject(bucketName, objectName, reader, sse)"
+	args := map[string]interface{}{
+		"bucketName": "",
+		"objectName": "",
+		"sse":        "",
+	}
+	// Seed random based on current time.
+	rand.Seed(time.Now().Unix())
+
+	// Instantiate new minio client object
+	c, err := minio.New(os.Getenv(serverEndpoint),
+		&minio.Options{
+			Creds:  credentials.NewStaticV4(os.Getenv(accessKey), os.Getenv(secretKey), ""),
+			Secure: mustParseBool(os.Getenv(enableHTTPS)),
+		})
+	if err != nil {
+		logError(testName, function, args, startTime, "", "MinIO client object creation failed", err)
+		return
+	}
+
+	// Enable tracing, write to stderr.
+	// c.TraceOn(os.Stderr)
+
+	// Set user agent.
+	c.SetAppInfo("MinIO-go-FunctionalTest", "0.1.0")
+
+	// Generate a new random bucket name.
+	bucketName := randString(60, rand.NewSource(time.Now().UnixNano()), "minio-go-test-")
+	args["bucketName"] = bucketName
+
+	// Make a new bucket.
+	err = c.MakeBucket(context.Background(), bucketName, minio.MakeBucketOptions{Region: "us-east-1"})
+	if err != nil {
+		logError(testName, function, args, startTime, "", "MakeBucket failed", err)
+		return
+	}
+
+	defer cleanupBucket(bucketName, c)
+
+	testCases := []struct {
+		buf []byte
+	}{
+		{buf: bytes.Repeat([]byte("F"), 1)},
+		{buf: bytes.Repeat([]byte("F"), 15)},
+		{buf: bytes.Repeat([]byte("F"), 16)},
+		{buf: bytes.Repeat([]byte("F"), 17)},
+		{buf: bytes.Repeat([]byte("F"), 31)},
+		{buf: bytes.Repeat([]byte("F"), 32)},
+		{buf: bytes.Repeat([]byte("F"), 33)},
+		{buf: bytes.Repeat([]byte("F"), 1024)},
+		{buf: bytes.Repeat([]byte("F"), 1024*2)},
+		{buf: bytes.Repeat([]byte("F"), 1024*1024)},
+	}
+
+	for i, testCase := range testCases {
+		// Generate a random object name
+		objectName := randString(60, rand.NewSource(time.Now().UnixNano()), "")
+		args["objectName"] = objectName
+
+		// Secured object
+		sse := encrypt.NewSSE()
+		args["sse"] = sse
+
+		// Put encrypted data
+		_, err = c.PutObject(context.Background(), bucketName, objectName, bytes.NewReader(testCase.buf), int64(len(testCase.buf)), minio.PutObjectOptions{ServerSideEncryption: sse})
+		if err != nil {
+			logError(testName, function, args, startTime, "", "PutEncryptedObject failed", err)
+			return
+		}
+
+		// Read the data back without any encryption headers
+		r, err := c.GetObject(context.Background(), bucketName, objectName, minio.GetObjectOptions{})
+		if err != nil {
+			logError(testName, function, args, startTime, "", "GetEncryptedObject failed", err)
+			return
+		}
+		defer r.Close()
+
+		// Compare the sent object with the received one
+		recvBuffer := bytes.NewBuffer([]byte{})
+		if _, err = io.Copy(recvBuffer, r); err != nil {
+			logError(testName, function, args, startTime, "", "Test "+string(i+1)+", error: "+err.Error(), err)
+			return
+		}
+		if recvBuffer.Len() != len(testCase.buf) {
+			logError(testName, function, args, startTime, "", "Test "+string(i+1)+", Number of bytes of received object does not match, expected "+string(len(testCase.buf))+", got "+string(recvBuffer.Len()), err)
+			return
+		}
+		if !bytes.Equal(testCase.buf, recvBuffer.Bytes()) {
+			logError(testName, function, args, startTime, "", "Test "+string(i+1)+", Encrypted sent is not equal to decrypted, expected "+string(testCase.buf)+", got "+string(recvBuffer.Bytes()), err)
+			return
+		}
+
+		successLogger(testName, function, args, startTime).Info()
+
+	}
+
+	successLogger(testName, function, args, startTime).Info()
+}
+
+// TestSSES3EncryptionFPut tests server side encryption
+func testSSES3EncryptionFPut() {
+	// initialize logging params
+	startTime := time.Now()
+	testName := getFuncName()
+	function := "FPutEncryptedObject(bucketName, objectName, filePath, contentType, sse)"
+	args := map[string]interface{}{
+		"bucketName":  "",
+		"objectName":  "",
+		"filePath":    "",
+		"contentType": "",
+		"sse":         "",
+	}
+	// Seed random based on current time.
+	rand.Seed(time.Now().Unix())
+
+	// Instantiate new minio client object
+	c, err := minio.New(os.Getenv(serverEndpoint),
+		&minio.Options{
+			Creds:  credentials.NewStaticV4(os.Getenv(accessKey), os.Getenv(secretKey), ""),
+			Secure: mustParseBool(os.Getenv(enableHTTPS)),
+		})
+	if err != nil {
+		logError(testName, function, args, startTime, "", "MinIO client object creation failed", err)
+		return
+	}
+
+	// Enable tracing, write to stderr.
+	// c.TraceOn(os.Stderr)
+
+	// Set user agent.
+	c.SetAppInfo("MinIO-go-FunctionalTest", "0.1.0")
+
+	// Generate a new random bucket name.
+	bucketName := randString(60, rand.NewSource(time.Now().UnixNano()), "minio-go-test-")
+	args["bucketName"] = bucketName
+
+	// Make a new bucket.
+	err = c.MakeBucket(context.Background(), bucketName, minio.MakeBucketOptions{Region: "us-east-1"})
+	if err != nil {
+		logError(testName, function, args, startTime, "", "MakeBucket failed", err)
+		return
+	}
+
+	defer cleanupBucket(bucketName, c)
+
+	// Object custom metadata
+	customContentType := "custom/contenttype"
+	args["metadata"] = customContentType
+
+	testCases := []struct {
+		buf []byte
+	}{
+		{buf: bytes.Repeat([]byte("F"), 0)},
+		{buf: bytes.Repeat([]byte("F"), 1)},
+		{buf: bytes.Repeat([]byte("F"), 15)},
+		{buf: bytes.Repeat([]byte("F"), 16)},
+		{buf: bytes.Repeat([]byte("F"), 17)},
+		{buf: bytes.Repeat([]byte("F"), 31)},
+		{buf: bytes.Repeat([]byte("F"), 32)},
+		{buf: bytes.Repeat([]byte("F"), 33)},
+		{buf: bytes.Repeat([]byte("F"), 1024)},
+		{buf: bytes.Repeat([]byte("F"), 1024*2)},
+		{buf: bytes.Repeat([]byte("F"), 1024*1024)},
+	}
+
+	for i, testCase := range testCases {
+		// Generate a random object name
+		objectName := randString(60, rand.NewSource(time.Now().UnixNano()), "")
+		args["objectName"] = objectName
+
+		// Secured object
+		sse := encrypt.NewSSE()
+		args["sse"] = sse
+
+		// Generate a random file name.
+		fileName := randString(60, rand.NewSource(time.Now().UnixNano()), "")
+		file, err := os.Create(fileName)
+		if err != nil {
+			logError(testName, function, args, startTime, "", "file create failed", err)
+			return
+		}
+		_, err = file.Write(testCase.buf)
+		if err != nil {
+			logError(testName, function, args, startTime, "", "file write failed", err)
+			return
+		}
+		file.Close()
+		// Put encrypted data
+		if _, err = c.FPutObject(context.Background(), bucketName, objectName, fileName, minio.PutObjectOptions{ServerSideEncryption: sse}); err != nil {
+			logError(testName, function, args, startTime, "", "FPutEncryptedObject failed", err)
+			return
+		}
+
+		// Read the data back
+		r, err := c.GetObject(context.Background(), bucketName, objectName, minio.GetObjectOptions{})
+		if err != nil {
+			logError(testName, function, args, startTime, "", "GetEncryptedObject failed", err)
+			return
+		}
+		defer r.Close()
+
+		// Compare the sent object with the received one
+		recvBuffer := bytes.NewBuffer([]byte{})
+		if _, err = io.Copy(recvBuffer, r); err != nil {
+			logError(testName, function, args, startTime, "", "Test "+string(i+1)+", error: "+err.Error(), err)
+			return
+		}
+		if recvBuffer.Len() != len(testCase.buf) {
+			logError(testName, function, args, startTime, "", "Test "+string(i+1)+", Number of bytes of received object does not match, expected "+string(len(testCase.buf))+", got "+string(recvBuffer.Len()), err)
+			return
+		}
+		if !bytes.Equal(testCase.buf, recvBuffer.Bytes()) {
+			logError(testName, function, args, startTime, "", "Test "+string(i+1)+", Encrypted sent is not equal to decrypted, expected "+string(testCase.buf)+", got "+string(recvBuffer.Bytes()), err)
+			return
+		}
+
+		os.Remove(fileName)
+	}
+
+	successLogger(testName, function, args, startTime).Info()
+}
+
+func testBucketNotification() {
+	// initialize logging params
+	startTime := time.Now()
+	testName := getFuncName()
+	function := "SetBucketNotification(bucketName)"
+	args := map[string]interface{}{
+		"bucketName": "",
+	}
+
+	if os.Getenv("NOTIFY_BUCKET") == "" ||
+		os.Getenv("NOTIFY_SERVICE") == "" ||
+		os.Getenv("NOTIFY_REGION") == "" ||
+		os.Getenv("NOTIFY_ACCOUNTID") == "" ||
+		os.Getenv("NOTIFY_RESOURCE") == "" {
+		ignoredLog(testName, function, args, startTime, "Skipped notification test as it is not configured").Info()
+		return
+	}
+
+	// Seed random based on current time.
+	rand.Seed(time.Now().Unix())
+
+	c, err := minio.New(os.Getenv(serverEndpoint),
+		&minio.Options{
+			Creds:  credentials.NewStaticV4(os.Getenv(accessKey), os.Getenv(secretKey), ""),
+			Secure: mustParseBool(os.Getenv(enableHTTPS)),
+		})
+	if err != nil {
+		logError(testName, function, args, startTime, "", "MinIO client object creation failed", err)
+		return
+	}
+
+	// Enable to debug
+	// c.TraceOn(os.Stderr)
+
+	// Set user agent.
+	c.SetAppInfo("MinIO-go-FunctionalTest", "0.1.0")
+
+	bucketName := os.Getenv("NOTIFY_BUCKET")
+	args["bucketName"] = bucketName
+
+	topicArn := notification.NewArn("aws", os.Getenv("NOTIFY_SERVICE"), os.Getenv("NOTIFY_REGION"), os.Getenv("NOTIFY_ACCOUNTID"), os.Getenv("NOTIFY_RESOURCE"))
+	queueArn := notification.NewArn("aws", "dummy-service", "dummy-region", "dummy-accountid", "dummy-resource")
+
+	topicConfig := notification.NewConfig(topicArn)
+	topicConfig.AddEvents(notification.ObjectCreatedAll, notification.ObjectRemovedAll)
+	topicConfig.AddFilterSuffix("jpg")
+
+	queueConfig := notification.NewConfig(queueArn)
+	queueConfig.AddEvents(notification.ObjectCreatedAll)
+	queueConfig.AddFilterPrefix("photos/")
+
+	config := notification.Configuration{}
+	config.AddTopic(topicConfig)
+
+	// Add the same topicConfig again, should have no effect
+	// because it is duplicated
+	config.AddTopic(topicConfig)
+	if len(config.TopicConfigs) != 1 {
+		logError(testName, function, args, startTime, "", "Duplicate entry added", err)
+		return
+	}
+
+	// Add and remove a queue config
+	config.AddQueue(queueConfig)
+	config.RemoveQueueByArn(queueArn)
+
+	err = c.SetBucketNotification(context.Background(), bucketName, config)
+	if err != nil {
+		logError(testName, function, args, startTime, "", "SetBucketNotification failed", err)
+		return
+	}
+
+	config, err = c.GetBucketNotification(context.Background(), bucketName)
+	if err != nil {
+		logError(testName, function, args, startTime, "", "GetBucketNotification failed", err)
+		return
+	}
+
+	if len(config.TopicConfigs) != 1 {
+		logError(testName, function, args, startTime, "", "Topic config is empty", err)
+		return
+	}
+
+	if config.TopicConfigs[0].Filter.S3Key.FilterRules[0].Value != "jpg" {
+		logError(testName, function, args, startTime, "", "Couldn't get the suffix", err)
+		return
+	}
+
+	err = c.RemoveAllBucketNotification(context.Background(), bucketName)
+	if err != nil {
+		logError(testName, function, args, startTime, "", "RemoveAllBucketNotification failed", err)
+		return
+	}
+
+	// Delete all objects and buckets
+	if err = cleanupBucket(bucketName, c); err != nil {
+		logError(testName, function, args, startTime, "", "CleanupBucket failed", err)
+		return
+	}
+
+	successLogger(testName, function, args, startTime).Info()
+}
+
+// Tests comprehensive list of all methods.
+func testFunctional() {
+	// initialize logging params
+	startTime := time.Now()
+	testName := getFuncName()
+	function := "testFunctional()"
+	functionAll := ""
+	args := map[string]interface{}{}
+
+	// Seed random based on current time.
+	rand.Seed(time.Now().Unix())
+
+	c, err := minio.New(os.Getenv(serverEndpoint),
+		&minio.Options{
+			Creds:  credentials.NewStaticV4(os.Getenv(accessKey), os.Getenv(secretKey), ""),
+			Secure: mustParseBool(os.Getenv(enableHTTPS)),
+		})
+	if err != nil {
+		logError(testName, function, nil, startTime, "", "MinIO client object creation failed", err)
+		return
+	}
+
+	// Enable to debug
+	// c.TraceOn(os.Stderr)
+
+	// Set user agent.
+	c.SetAppInfo("MinIO-go-FunctionalTest", "0.1.0")
+
+	// Generate a new random bucket name.
+	bucketName := randString(60, rand.NewSource(time.Now().UnixNano()), "minio-go-test-")
+
+	// Make a new bucket.
+	function = "MakeBucket(bucketName, region)"
+	functionAll = "MakeBucket(bucketName, region)"
+	args["bucketName"] = bucketName
+	err = c.MakeBucket(context.Background(), bucketName, minio.MakeBucketOptions{Region: "us-east-1"})
+
+	defer cleanupBucket(bucketName, c)
+	if err != nil {
+		logError(testName, function, args, startTime, "", "MakeBucket failed", err)
+		return
+	}
+
+	// Generate a random file name.
+	fileName := randString(60, rand.NewSource(time.Now().UnixNano()), "")
+	file, err := os.Create(fileName)
+	if err != nil {
+		logError(testName, function, args, startTime, "", "File creation failed", err)
+		return
+	}
+	for i := 0; i < 3; i++ {
+		buf := make([]byte, rand.Intn(1<<19))
+		_, err = file.Write(buf)
+		if err != nil {
+			logError(testName, function, args, startTime, "", "File write failed", err)
+			return
+		}
+	}
+	file.Close()
+
+	// Verify if bucket exits and you have access.
+	var exists bool
+	function = "BucketExists(bucketName)"
+	functionAll += ", " + function
+	args = map[string]interface{}{
+		"bucketName": bucketName,
+	}
+	exists, err = c.BucketExists(context.Background(), bucketName)
+
+	if err != nil {
+		logError(testName, function, args, startTime, "", "BucketExists failed", err)
+		return
+	}
+	if !exists {
+		logError(testName, function, args, startTime, "", "Could not find the bucket", err)
+		return
+	}
+
+	// Asserting the default bucket policy.
+	function = "GetBucketPolicy(ctx, bucketName)"
+	functionAll += ", " + function
+	args = map[string]interface{}{
+		"bucketName": bucketName,
+	}
+	nilPolicy, err := c.GetBucketPolicy(context.Background(), bucketName)
+	if err != nil {
+		logError(testName, function, args, startTime, "", "GetBucketPolicy failed", err)
+		return
+	}
+	if nilPolicy != "" {
+		logError(testName, function, args, startTime, "", "policy should be set to nil", err)
+		return
+	}
+
+	// Set the bucket policy to 'public readonly'.
+	function = "SetBucketPolicy(bucketName, readOnlyPolicy)"
+	functionAll += ", " + function
+
+	readOnlyPolicy := `{"Version":"2012-10-17","Statement":[{"Effect":"Allow","Principal":{"AWS":["*"]},"Action":["s3:ListBucket"],"Resource":["arn:aws:s3:::` + bucketName + `"]}]}`
+	args = map[string]interface{}{
+		"bucketName":   bucketName,
+		"bucketPolicy": readOnlyPolicy,
+	}
+
+	err = c.SetBucketPolicy(context.Background(), bucketName, readOnlyPolicy)
+	if err != nil {
+		logError(testName, function, args, startTime, "", "SetBucketPolicy failed", err)
+		return
+	}
+	// should return policy `readonly`.
+	function = "GetBucketPolicy(ctx, bucketName)"
+	functionAll += ", " + function
+	args = map[string]interface{}{
+		"bucketName": bucketName,
+	}
+	_, err = c.GetBucketPolicy(context.Background(), bucketName)
+	if err != nil {
+		logError(testName, function, args, startTime, "", "GetBucketPolicy failed", err)
+		return
+	}
+
+	// Make the bucket 'public writeonly'.
+	function = "SetBucketPolicy(bucketName, writeOnlyPolicy)"
+	functionAll += ", " + function
+
+	writeOnlyPolicy := `{"Version":"2012-10-17","Statement":[{"Effect":"Allow","Principal":{"AWS":["*"]},"Action":["s3:ListBucketMultipartUploads"],"Resource":["arn:aws:s3:::` + bucketName + `"]}]}`
+	args = map[string]interface{}{
+		"bucketName":   bucketName,
+		"bucketPolicy": writeOnlyPolicy,
+	}
+	err = c.SetBucketPolicy(context.Background(), bucketName, writeOnlyPolicy)
+
+	if err != nil {
+		logError(testName, function, args, startTime, "", "SetBucketPolicy failed", err)
+		return
+	}
+	// should return policy `writeonly`.
+	function = "GetBucketPolicy(ctx, bucketName)"
+	functionAll += ", " + function
+	args = map[string]interface{}{
+		"bucketName": bucketName,
+	}
+
+	_, err = c.GetBucketPolicy(context.Background(), bucketName)
+	if err != nil {
+		logError(testName, function, args, startTime, "", "GetBucketPolicy failed", err)
+		return
+	}
+
+	// Make the bucket 'public read/write'.
+	function = "SetBucketPolicy(bucketName, readWritePolicy)"
+	functionAll += ", " + function
+
+	readWritePolicy := `{"Version":"2012-10-17","Statement":[{"Effect":"Allow","Principal":{"AWS":["*"]},"Action":["s3:ListBucket","s3:ListBucketMultipartUploads"],"Resource":["arn:aws:s3:::` + bucketName + `"]}]}`
+
+	args = map[string]interface{}{
+		"bucketName":   bucketName,
+		"bucketPolicy": readWritePolicy,
+	}
+	err = c.SetBucketPolicy(context.Background(), bucketName, readWritePolicy)
+
+	if err != nil {
+		logError(testName, function, args, startTime, "", "SetBucketPolicy failed", err)
+		return
+	}
+	// should return policy `readwrite`.
+	function = "GetBucketPolicy(bucketName)"
+	functionAll += ", " + function
+	args = map[string]interface{}{
+		"bucketName": bucketName,
+	}
+	_, err = c.GetBucketPolicy(context.Background(), bucketName)
+	if err != nil {
+		logError(testName, function, args, startTime, "", "GetBucketPolicy failed", err)
+		return
+	}
+
+	// List all buckets.
+	function = "ListBuckets()"
+	functionAll += ", " + function
+	args = nil
+	buckets, err := c.ListBuckets(context.Background())
+
+	if len(buckets) == 0 {
+		logError(testName, function, args, startTime, "", "Found bucket list to be empty", err)
+		return
+	}
+	if err != nil {
+		logError(testName, function, args, startTime, "", "ListBuckets failed", err)
+		return
+	}
+
+	// Verify if previously created bucket is listed in list buckets.
+	bucketFound := false
+	for _, bucket := range buckets {
+		if bucket.Name == bucketName {
+			bucketFound = true
+		}
+	}
+
+	// If bucket not found error out.
+	if !bucketFound {
+		logError(testName, function, args, startTime, "", "Bucket: "+bucketName+" not found", err)
+		return
+	}
+
+	objectName := bucketName + "unique"
+
+	// Generate data
+	buf := bytes.Repeat([]byte("f"), 1<<19)
+
+	function = "PutObject(bucketName, objectName, reader, contentType)"
+	functionAll += ", " + function
+	args = map[string]interface{}{
+		"bucketName":  bucketName,
+		"objectName":  objectName,
+		"contentType": "",
+	}
+
+	_, err = c.PutObject(context.Background(), bucketName, objectName, bytes.NewReader(buf), int64(len(buf)), minio.PutObjectOptions{})
+	if err != nil {
+		logError(testName, function, args, startTime, "", "PutObject failed", err)
+		return
+	}
+
+	args = map[string]interface{}{
+		"bucketName":  bucketName,
+		"objectName":  objectName + "-nolength",
+		"contentType": "binary/octet-stream",
+	}
+
+	_, err = c.PutObject(context.Background(), bucketName, objectName+"-nolength", bytes.NewReader(buf), int64(len(buf)), minio.PutObjectOptions{ContentType: "binary/octet-stream"})
+	if err != nil {
+		logError(testName, function, args, startTime, "", "PutObject failed", err)
+		return
+	}
+
+	// Instantiate a done channel to close all listing.
+	doneCh := make(chan struct{})
+	defer close(doneCh)
+
+	objFound := false
+	isRecursive := true // Recursive is true.
+
+	function = "ListObjects(bucketName, objectName, isRecursive, doneCh)"
+	functionAll += ", " + function
+	args = map[string]interface{}{
+		"bucketName":  bucketName,
+		"objectName":  objectName,
+		"isRecursive": isRecursive,
+	}
+
+	for obj := range c.ListObjects(context.Background(), bucketName, minio.ListObjectsOptions{UseV1: true, Prefix: objectName, Recursive: true}) {
+		if obj.Key == objectName {
+			objFound = true
+			break
+		}
+	}
+	if !objFound {
+		logError(testName, function, args, startTime, "", "Object "+objectName+" not found", err)
+		return
+	}
+
+	objFound = false
+	isRecursive = true // Recursive is true.
+	function = "ListObjects()"
+	functionAll += ", " + function
+	args = map[string]interface{}{
+		"bucketName":  bucketName,
+		"objectName":  objectName,
+		"isRecursive": isRecursive,
+	}
+
+	for obj := range c.ListObjects(context.Background(), bucketName, minio.ListObjectsOptions{Prefix: objectName, Recursive: isRecursive}) {
+		if obj.Key == objectName {
+			objFound = true
+			break
+		}
+	}
+	if !objFound {
+		logError(testName, function, args, startTime, "", "Object "+objectName+" not found", err)
+		return
+	}
+
+	incompObjNotFound := true
+
+	function = "ListIncompleteUploads(bucketName, objectName, isRecursive, doneCh)"
+	functionAll += ", " + function
+	args = map[string]interface{}{
+		"bucketName":  bucketName,
+		"objectName":  objectName,
+		"isRecursive": isRecursive,
+	}
+
+	for objIncompl := range c.ListIncompleteUploads(context.Background(), bucketName, objectName, isRecursive) {
+		if objIncompl.Key != "" {
+			incompObjNotFound = false
+			break
+		}
+	}
+	if !incompObjNotFound {
+		logError(testName, function, args, startTime, "", "Unexpected dangling incomplete upload found", err)
+		return
+	}
+
+	function = "GetObject(bucketName, objectName)"
+	functionAll += ", " + function
+	args = map[string]interface{}{
+		"bucketName": bucketName,
+		"objectName": objectName,
+	}
+	newReader, err := c.GetObject(context.Background(), bucketName, objectName, minio.GetObjectOptions{})
+
+	if err != nil {
+		logError(testName, function, args, startTime, "", "GetObject failed", err)
+		return
+	}
+
+	newReadBytes, err := ioutil.ReadAll(newReader)
+	if err != nil {
+		logError(testName, function, args, startTime, "", "ReadAll failed", err)
+		return
+	}
+
+	if !bytes.Equal(newReadBytes, buf) {
+		logError(testName, function, args, startTime, "", "GetObject bytes mismatch", err)
+		return
+	}
+	newReader.Close()
+
+	function = "FGetObject(bucketName, objectName, fileName)"
+	functionAll += ", " + function
+	args = map[string]interface{}{
+		"bucketName": bucketName,
+		"objectName": objectName,
+		"fileName":   fileName + "-f",
+	}
+	err = c.FGetObject(context.Background(), bucketName, objectName, fileName+"-f", minio.GetObjectOptions{})
+
+	if err != nil {
+		logError(testName, function, args, startTime, "", "FGetObject failed", err)
+		return
+	}
+
+	function = "PresignedHeadObject(bucketName, objectName, expires, reqParams)"
+	functionAll += ", " + function
+	args = map[string]interface{}{
+		"bucketName": bucketName,
+		"objectName": "",
+		"expires":    3600 * time.Second,
+	}
+	if _, err = c.PresignedHeadObject(context.Background(), bucketName, "", 3600*time.Second, nil); err == nil {
+		logError(testName, function, args, startTime, "", "PresignedHeadObject success", err)
+		return
+	}
+
+	// Generate presigned HEAD object url.
+	function = "PresignedHeadObject(bucketName, objectName, expires, reqParams)"
+	functionAll += ", " + function
+	args = map[string]interface{}{
+		"bucketName": bucketName,
+		"objectName": objectName,
+		"expires":    3600 * time.Second,
+	}
+	presignedHeadURL, err := c.PresignedHeadObject(context.Background(), bucketName, objectName, 3600*time.Second, nil)
+
+	if err != nil {
+		logError(testName, function, args, startTime, "", "PresignedHeadObject failed", err)
+		return
+	}
+
+	transport, err := minio.DefaultTransport(mustParseBool(os.Getenv(enableHTTPS)))
+	if err != nil {
+		logError(testName, function, args, startTime, "", "DefaultTransport failed", err)
+		return
+	}
+
+	httpClient := &http.Client{
+		// Setting a sensible time out of 30secs to wait for response
+		// headers. Request is pro-actively canceled after 30secs
+		// with no response.
+		Timeout:   30 * time.Second,
+		Transport: transport,
+	}
+
+	req, err := http.NewRequest(http.MethodHead, presignedHeadURL.String(), nil)
+	if err != nil {
+		logError(testName, function, args, startTime, "", "PresignedHeadObject request was incorrect", err)
+		return
+	}
+
+	// Verify if presigned url works.
+	resp, err := httpClient.Do(req)
+	if err != nil {
+		logError(testName, function, args, startTime, "", "PresignedHeadObject response incorrect", err)
+		return
+	}
+	if resp.StatusCode != http.StatusOK {
+		logError(testName, function, args, startTime, "", "PresignedHeadObject response incorrect, status "+string(resp.StatusCode), err)
+		return
+	}
+	if resp.Header.Get("ETag") == "" {
+		logError(testName, function, args, startTime, "", "PresignedHeadObject response incorrect", err)
+		return
+	}
+	resp.Body.Close()
+
+	function = "PresignedGetObject(bucketName, objectName, expires, reqParams)"
+	functionAll += ", " + function
+	args = map[string]interface{}{
+		"bucketName": bucketName,
+		"objectName": "",
+		"expires":    3600 * time.Second,
+	}
+	_, err = c.PresignedGetObject(context.Background(), bucketName, "", 3600*time.Second, nil)
+	if err == nil {
+		logError(testName, function, args, startTime, "", "PresignedGetObject success", err)
+		return
+	}
+
+	// Generate presigned GET object url.
+	function = "PresignedGetObject(bucketName, objectName, expires, reqParams)"
+	functionAll += ", " + function
+	args = map[string]interface{}{
+		"bucketName": bucketName,
+		"objectName": objectName,
+		"expires":    3600 * time.Second,
+	}
+	presignedGetURL, err := c.PresignedGetObject(context.Background(), bucketName, objectName, 3600*time.Second, nil)
+
+	if err != nil {
+		logError(testName, function, args, startTime, "", "PresignedGetObject failed", err)
+		return
+	}
+
+	// Verify if presigned url works.
+	req, err = http.NewRequest(http.MethodGet, presignedGetURL.String(), nil)
+	if err != nil {
+		logError(testName, function, args, startTime, "", "PresignedGetObject request incorrect", err)
+		return
+	}
+
+	resp, err = httpClient.Do(req)
+	if err != nil {
+		logError(testName, function, args, startTime, "", "PresignedGetObject response incorrect", err)
+		return
+	}
+	if resp.StatusCode != http.StatusOK {
+		logError(testName, function, args, startTime, "", "PresignedGetObject response incorrect, status "+string(resp.StatusCode), err)
+		return
+	}
+	newPresignedBytes, err := ioutil.ReadAll(resp.Body)
+	if err != nil {
+		logError(testName, function, args, startTime, "", "PresignedGetObject response incorrect", err)
+		return
+	}
+	resp.Body.Close()
+	if !bytes.Equal(newPresignedBytes, buf) {
+		logError(testName, function, args, startTime, "", "PresignedGetObject response incorrect", err)
+		return
+	}
+
+	// Set request parameters.
+	reqParams := make(url.Values)
+	reqParams.Set("response-content-disposition", "attachment; filename=\"test.txt\"")
+	args = map[string]interface{}{
+		"bucketName": bucketName,
+		"objectName": objectName,
+		"expires":    3600 * time.Second,
+		"reqParams":  reqParams,
+	}
+	presignedGetURL, err = c.PresignedGetObject(context.Background(), bucketName, objectName, 3600*time.Second, reqParams)
+
+	if err != nil {
+		logError(testName, function, args, startTime, "", "PresignedGetObject failed", err)
+		return
+	}
+
+	// Verify if presigned url works.
+	req, err = http.NewRequest(http.MethodGet, presignedGetURL.String(), nil)
+	if err != nil {
+		logError(testName, function, args, startTime, "", "PresignedGetObject request incorrect", err)
+		return
+	}
+
+	resp, err = httpClient.Do(req)
+	if err != nil {
+		logError(testName, function, args, startTime, "", "PresignedGetObject response incorrect", err)
+		return
+	}
+	if resp.StatusCode != http.StatusOK {
+		logError(testName, function, args, startTime, "", "PresignedGetObject response incorrect, status "+string(resp.StatusCode), err)
+		return
+	}
+	newPresignedBytes, err = ioutil.ReadAll(resp.Body)
+	if err != nil {
+		logError(testName, function, args, startTime, "", "PresignedGetObject response incorrect", err)
+		return
+	}
+	if !bytes.Equal(newPresignedBytes, buf) {
+		logError(testName, function, args, startTime, "", "Bytes mismatch for presigned GET URL", err)
+		return
+	}
+	if resp.Header.Get("Content-Disposition") != "attachment; filename=\"test.txt\"" {
+		logError(testName, function, args, startTime, "", "wrong Content-Disposition received "+string(resp.Header.Get("Content-Disposition")), err)
+		return
+	}
+
+	function = "PresignedPutObject(bucketName, objectName, expires)"
+	functionAll += ", " + function
+	args = map[string]interface{}{
+		"bucketName": bucketName,
+		"objectName": "",
+		"expires":    3600 * time.Second,
+	}
+	_, err = c.PresignedPutObject(context.Background(), bucketName, "", 3600*time.Second)
+	if err == nil {
+		logError(testName, function, args, startTime, "", "PresignedPutObject success", err)
+		return
+	}
+
+	function = "PresignedPutObject(bucketName, objectName, expires)"
+	functionAll += ", " + function
+	args = map[string]interface{}{
+		"bucketName": bucketName,
+		"objectName": objectName + "-presigned",
+		"expires":    3600 * time.Second,
+	}
+	presignedPutURL, err := c.PresignedPutObject(context.Background(), bucketName, objectName+"-presigned", 3600*time.Second)
+
+	if err != nil {
+		logError(testName, function, args, startTime, "", "PresignedPutObject failed", err)
+		return
+	}
+
+	buf = bytes.Repeat([]byte("g"), 1<<19)
+
+	req, err = http.NewRequest(http.MethodPut, presignedPutURL.String(), bytes.NewReader(buf))
+	if err != nil {
+		logError(testName, function, args, startTime, "", "Couldn't make HTTP request with PresignedPutObject URL", err)
+		return
+	}
+
+	resp, err = httpClient.Do(req)
+	if err != nil {
+		logError(testName, function, args, startTime, "", "PresignedPutObject failed", err)
+		return
+	}
+
+	newReader, err = c.GetObject(context.Background(), bucketName, objectName+"-presigned", minio.GetObjectOptions{})
+	if err != nil {
+		logError(testName, function, args, startTime, "", "GetObject after PresignedPutObject failed", err)
+		return
+	}
+
+	newReadBytes, err = ioutil.ReadAll(newReader)
+	if err != nil {
+		logError(testName, function, args, startTime, "", "ReadAll after GetObject failed", err)
+		return
+	}
+
+	if !bytes.Equal(newReadBytes, buf) {
+		logError(testName, function, args, startTime, "", "Bytes mismatch", err)
+		return
+	}
+
+	function = "PresignHeader(method, bucketName, objectName, expires, reqParams, extraHeaders)"
+	functionAll += ", " + function
+	presignExtraHeaders := map[string][]string{
+		"mysecret": {"abcxxx"},
+	}
+	args = map[string]interface{}{
+		"method":       "PUT",
+		"bucketName":   bucketName,
+		"objectName":   objectName + "-presign-custom",
+		"expires":      3600 * time.Second,
+		"extraHeaders": presignExtraHeaders,
+	}
+	presignedURL, err := c.PresignHeader(context.Background(), "PUT", bucketName, objectName+"-presign-custom", 3600*time.Second, nil, presignExtraHeaders)
+	if err != nil {
+		logError(testName, function, args, startTime, "", "Presigned failed", err)
+		return
+	}
+
+	// Generate data more than 32K
+	buf = bytes.Repeat([]byte("1"), rand.Intn(1<<10)+32*1024)
+
+	req, err = http.NewRequest(http.MethodPut, presignedURL.String(), bytes.NewReader(buf))
+	if err != nil {
+		logError(testName, function, args, startTime, "", "HTTP request to Presigned URL failed", err)
+		return
+	}
+
+	req.Header.Add("mysecret", "abcxxx")
+	resp, err = httpClient.Do(req)
+	if err != nil {
+		logError(testName, function, args, startTime, "", "HTTP request to Presigned URL failed", err)
+		return
+	}
+
+	// Download the uploaded object to verify
+	args = map[string]interface{}{
+		"bucketName": bucketName,
+		"objectName": objectName + "-presign-custom",
+	}
+	newReader, err = c.GetObject(context.Background(), bucketName, objectName+"-presign-custom", minio.GetObjectOptions{})
+	if err != nil {
+		logError(testName, function, args, startTime, "", "GetObject of uploaded custom-presigned object failed", err)
+		return
+	}
+
+	newReadBytes, err = ioutil.ReadAll(newReader)
+	if err != nil {
+		logError(testName, function, args, startTime, "", "ReadAll failed during get on custom-presigned put object", err)
+		return
+	}
+	newReader.Close()
+
+	if !bytes.Equal(newReadBytes, buf) {
+		logError(testName, function, args, startTime, "", "Bytes mismatch on custom-presigned object upload verification", err)
+		return
+	}
+
+	function = "RemoveObject(bucketName, objectName)"
+	functionAll += ", " + function
+	args = map[string]interface{}{
+		"bucketName": bucketName,
+		"objectName": objectName,
+	}
+	err = c.RemoveObject(context.Background(), bucketName, objectName, minio.RemoveObjectOptions{})
+
+	if err != nil {
+		logError(testName, function, args, startTime, "", "RemoveObject failed", err)
+		return
+	}
+	args["objectName"] = objectName + "-f"
+	err = c.RemoveObject(context.Background(), bucketName, objectName+"-f", minio.RemoveObjectOptions{})
+
+	if err != nil {
+		logError(testName, function, args, startTime, "", "RemoveObject failed", err)
+		return
+	}
+
+	args["objectName"] = objectName + "-nolength"
+	err = c.RemoveObject(context.Background(), bucketName, objectName+"-nolength", minio.RemoveObjectOptions{})
+
+	if err != nil {
+		logError(testName, function, args, startTime, "", "RemoveObject failed", err)
+		return
+	}
+
+	args["objectName"] = objectName + "-presigned"
+	err = c.RemoveObject(context.Background(), bucketName, objectName+"-presigned", minio.RemoveObjectOptions{})
+
+	if err != nil {
+		logError(testName, function, args, startTime, "", "RemoveObject failed", err)
+		return
+	}
+
+	args["objectName"] = objectName + "-presign-custom"
+	err = c.RemoveObject(context.Background(), bucketName, objectName+"-presign-custom", minio.RemoveObjectOptions{})
+
+	if err != nil {
+		logError(testName, function, args, startTime, "", "RemoveObject failed", err)
+		return
+	}
+
+	function = "RemoveBucket(bucketName)"
+	functionAll += ", " + function
+	args = map[string]interface{}{
+		"bucketName": bucketName,
+	}
+	err = c.RemoveBucket(context.Background(), bucketName)
+
+	if err != nil {
+		logError(testName, function, args, startTime, "", "RemoveBucket failed", err)
+		return
+	}
+	err = c.RemoveBucket(context.Background(), bucketName)
+	if err == nil {
+		logError(testName, function, args, startTime, "", "RemoveBucket did not fail for invalid bucket name", err)
+		return
+	}
+	if err.Error() != "The specified bucket does not exist" {
+		logError(testName, function, args, startTime, "", "RemoveBucket failed", err)
+		return
+	}
+
+	os.Remove(fileName)
+	os.Remove(fileName + "-f")
+	successLogger(testName, functionAll, args, startTime).Info()
+}
+
+// Test for validating GetObject Reader* methods functioning when the
+// object is modified in the object store.
+func testGetObjectModified() {
+	// initialize logging params
+	startTime := time.Now()
+	testName := getFuncName()
+	function := "GetObject(bucketName, objectName)"
+	args := map[string]interface{}{}
+
+	// Instantiate new minio client object.
+	c, err := minio.New(os.Getenv(serverEndpoint),
+		&minio.Options{
+			Creds:  credentials.NewStaticV4(os.Getenv(accessKey), os.Getenv(secretKey), ""),
+			Secure: mustParseBool(os.Getenv(enableHTTPS)),
+		})
+	if err != nil {
+		logError(testName, function, args, startTime, "", "MinIO client object creation failed", err)
+		return
+	}
+
+	// Enable tracing, write to stderr.
+	// c.TraceOn(os.Stderr)
+
+	// Set user agent.
+	c.SetAppInfo("MinIO-go-FunctionalTest", "0.1.0")
+
+	// Make a new bucket.
+	bucketName := randString(60, rand.NewSource(time.Now().UnixNano()), "minio-go-test-")
+	args["bucketName"] = bucketName
+
+	err = c.MakeBucket(context.Background(), bucketName, minio.MakeBucketOptions{Region: "us-east-1"})
+	if err != nil {
+		logError(testName, function, args, startTime, "", "MakeBucket failed", err)
+		return
+	}
+
+	defer cleanupBucket(bucketName, c)
+
+	// Upload an object.
+	objectName := "myobject"
+	args["objectName"] = objectName
+	content := "helloworld"
+	_, err = c.PutObject(context.Background(), bucketName, objectName, strings.NewReader(content), int64(len(content)), minio.PutObjectOptions{ContentType: "application/text"})
+	if err != nil {
+		logError(testName, function, args, startTime, "", "Failed to upload "+objectName+", to bucket "+bucketName, err)
+		return
+	}
+
+	defer c.RemoveObject(context.Background(), bucketName, objectName, minio.RemoveObjectOptions{})
+
+	reader, err := c.GetObject(context.Background(), bucketName, objectName, minio.GetObjectOptions{})
+	if err != nil {
+		logError(testName, function, args, startTime, "", "Failed to GetObject "+objectName+", from bucket "+bucketName, err)
+		return
+	}
+	defer reader.Close()
+
+	// Read a few bytes of the object.
+	b := make([]byte, 5)
+	n, err := reader.ReadAt(b, 0)
+	if err != nil {
+		logError(testName, function, args, startTime, "", "Failed to read object "+objectName+", from bucket "+bucketName+" at an offset", err)
+		return
+	}
+
+	// Upload different contents to the same object while object is being read.
+	newContent := "goodbyeworld"
+	_, err = c.PutObject(context.Background(), bucketName, objectName, strings.NewReader(newContent), int64(len(newContent)), minio.PutObjectOptions{ContentType: "application/text"})
+	if err != nil {
+		logError(testName, function, args, startTime, "", "Failed to upload "+objectName+", to bucket "+bucketName, err)
+		return
+	}
+
+	// Confirm that a Stat() call in between doesn't change the Object's cached etag.
+	_, err = reader.Stat()
+	expectedError := "At least one of the pre-conditions you specified did not hold"
+	if err.Error() != expectedError {
+		logError(testName, function, args, startTime, "", "Expected Stat to fail with error "+expectedError+", but received "+err.Error(), err)
+		return
+	}
+
+	// Read again only to find object contents have been modified since last read.
+	_, err = reader.ReadAt(b, int64(n))
+	if err.Error() != expectedError {
+		logError(testName, function, args, startTime, "", "Expected ReadAt to fail with error "+expectedError+", but received "+err.Error(), err)
+		return
+	}
+
+	successLogger(testName, function, args, startTime).Info()
+}
+
+// Test validates putObject to upload a file seeked at a given offset.
+func testPutObjectUploadSeekedObject() {
+	// initialize logging params
+	startTime := time.Now()
+	testName := getFuncName()
+	function := "PutObject(bucketName, objectName, fileToUpload, contentType)"
+	args := map[string]interface{}{
+		"bucketName":   "",
+		"objectName":   "",
+		"fileToUpload": "",
+		"contentType":  "binary/octet-stream",
+	}
+
+	// Instantiate new minio client object.
+	c, err := minio.New(os.Getenv(serverEndpoint),
+		&minio.Options{
+			Creds:  credentials.NewStaticV4(os.Getenv(accessKey), os.Getenv(secretKey), ""),
+			Secure: mustParseBool(os.Getenv(enableHTTPS)),
+		})
+	if err != nil {
+		logError(testName, function, args, startTime, "", "MinIO client object creation failed", err)
+		return
+	}
+
+	// Enable tracing, write to stderr.
+	// c.TraceOn(os.Stderr)
+
+	// Set user agent.
+	c.SetAppInfo("MinIO-go-FunctionalTest", "0.1.0")
+
+	// Make a new bucket.
+	bucketName := randString(60, rand.NewSource(time.Now().UnixNano()), "minio-go-test-")
+	args["bucketName"] = bucketName
+
+	err = c.MakeBucket(context.Background(), bucketName, minio.MakeBucketOptions{Region: "us-east-1"})
+	if err != nil {
+		logError(testName, function, args, startTime, "", "MakeBucket failed", err)
+		return
+	}
+	defer cleanupBucket(bucketName, c)
+
+	var tempfile *os.File
+
+	if fileName := getMintDataDirFilePath("datafile-100-kB"); fileName != "" {
+		tempfile, err = os.Open(fileName)
+		if err != nil {
+			logError(testName, function, args, startTime, "", "File open failed", err)
+			return
+		}
+		args["fileToUpload"] = fileName
+	} else {
+		tempfile, err = ioutil.TempFile("", "minio-go-upload-test-")
+		if err != nil {
+			logError(testName, function, args, startTime, "", "TempFile create failed", err)
+			return
+		}
+		args["fileToUpload"] = tempfile.Name()
+
+		// Generate 100kB data
+		if _, err = io.Copy(tempfile, getDataReader("datafile-100-kB")); err != nil {
+			logError(testName, function, args, startTime, "", "File copy failed", err)
+			return
+		}
+
+		defer os.Remove(tempfile.Name())
+
+		// Seek back to the beginning of the file.
+		tempfile.Seek(0, 0)
+	}
+	var length = 100 * humanize.KiByte
+	objectName := fmt.Sprintf("test-file-%v", rand.Uint32())
+	args["objectName"] = objectName
+
+	offset := length / 2
+	if _, err = tempfile.Seek(int64(offset), 0); err != nil {
+		logError(testName, function, args, startTime, "", "TempFile seek failed", err)
+		return
+	}
+
+	_, err = c.PutObject(context.Background(), bucketName, objectName, tempfile, int64(length-offset), minio.PutObjectOptions{ContentType: "binary/octet-stream"})
+	if err != nil {
+		logError(testName, function, args, startTime, "", "PutObject failed", err)
+		return
+	}
+	tempfile.Close()
+
+	obj, err := c.GetObject(context.Background(), bucketName, objectName, minio.GetObjectOptions{})
+	if err != nil {
+		logError(testName, function, args, startTime, "", "GetObject failed", err)
+		return
+	}
+	defer obj.Close()
+
+	n, err := obj.Seek(int64(offset), 0)
+	if err != nil {
+		logError(testName, function, args, startTime, "", "Seek failed", err)
+		return
+	}
+	if n != int64(offset) {
+		logError(testName, function, args, startTime, "", fmt.Sprintf("Invalid offset returned, expected %d got %d", int64(offset), n), err)
+		return
+	}
+
+	_, err = c.PutObject(context.Background(), bucketName, objectName+"getobject", obj, int64(length-offset), minio.PutObjectOptions{ContentType: "binary/octet-stream"})
+	if err != nil {
+		logError(testName, function, args, startTime, "", "PutObject failed", err)
+		return
+	}
+	st, err := c.StatObject(context.Background(), bucketName, objectName+"getobject", minio.StatObjectOptions{})
+	if err != nil {
+		logError(testName, function, args, startTime, "", "StatObject failed", err)
+		return
+	}
+	if st.Size != int64(length-offset) {
+		logError(testName, function, args, startTime, "", fmt.Sprintf("Invalid offset returned, expected %d got %d", int64(length-offset), n), err)
+		return
+	}
+
+	successLogger(testName, function, args, startTime).Info()
+}
+
+// Tests bucket re-create errors.
+func testMakeBucketErrorV2() {
+	// initialize logging params
+	startTime := time.Now()
+	testName := getFuncName()
+	function := "MakeBucket(bucketName, region)"
+	args := map[string]interface{}{
+		"bucketName": "",
+		"region":     "eu-west-1",
+	}
+
+	// Seed random based on current time.
+	rand.Seed(time.Now().Unix())
+
+	// Instantiate new minio client object.
+	c, err := minio.New(os.Getenv(serverEndpoint),
+		&minio.Options{
+			Creds:  credentials.NewStaticV2(os.Getenv(accessKey), os.Getenv(secretKey), ""),
+			Secure: mustParseBool(os.Getenv(enableHTTPS)),
+		})
+	if err != nil {
+		logError(testName, function, args, startTime, "", "MinIO v2 client object creation failed", err)
+		return
+	}
+
+	// Enable tracing, write to stderr.
+	// c.TraceOn(os.Stderr)
+
+	// Set user agent.
+	c.SetAppInfo("MinIO-go-FunctionalTest", "0.1.0")
+
+	// Generate a new random bucket name.
+	bucketName := randString(60, rand.NewSource(time.Now().UnixNano()), "minio-go-test-")
+	region := "eu-west-1"
+	args["bucketName"] = bucketName
+	args["region"] = region
+
+	// Make a new bucket in 'eu-west-1'.
+	if err = c.MakeBucket(context.Background(), bucketName, minio.MakeBucketOptions{Region: region}); err != nil {
+		logError(testName, function, args, startTime, "", "MakeBucket failed", err)
+		return
+	}
+
+	defer cleanupBucket(bucketName, c)
+
+	if err = c.MakeBucket(context.Background(), bucketName, minio.MakeBucketOptions{Region: region}); err == nil {
+		logError(testName, function, args, startTime, "", "MakeBucket did not fail for existing bucket name", err)
+		return
+	}
+	// Verify valid error response from server.
+	if minio.ToErrorResponse(err).Code != "BucketAlreadyExists" &&
+		minio.ToErrorResponse(err).Code != "BucketAlreadyOwnedByYou" {
+		logError(testName, function, args, startTime, "", "Invalid error returned by server", err)
+		return
+	}
+
+	successLogger(testName, function, args, startTime).Info()
+}
+
+// Test get object reader to not throw error on being closed twice.
+func testGetObjectClosedTwiceV2() {
+	// initialize logging params
+	startTime := time.Now()
+	testName := getFuncName()
+	function := "MakeBucket(bucketName, region)"
+	args := map[string]interface{}{
+		"bucketName": "",
+		"region":     "eu-west-1",
+	}
+
+	// Seed random based on current time.
+	rand.Seed(time.Now().Unix())
+
+	// Instantiate new minio client object.
+	c, err := minio.New(os.Getenv(serverEndpoint),
+		&minio.Options{
+			Creds:  credentials.NewStaticV2(os.Getenv(accessKey), os.Getenv(secretKey), ""),
+			Secure: mustParseBool(os.Getenv(enableHTTPS)),
+		})
+	if err != nil {
+		logError(testName, function, args, startTime, "", "MinIO v2 client object creation failed", err)
+		return
+	}
+
+	// Enable tracing, write to stderr.
+	// c.TraceOn(os.Stderr)
+
+	// Set user agent.
+	c.SetAppInfo("MinIO-go-FunctionalTest", "0.1.0")
+
+	// Generate a new random bucket name.
+	bucketName := randString(60, rand.NewSource(time.Now().UnixNano()), "minio-go-test-")
+	args["bucketName"] = bucketName
+
+	// Make a new bucket.
+	err = c.MakeBucket(context.Background(), bucketName, minio.MakeBucketOptions{Region: "us-east-1"})
+	if err != nil {
+		logError(testName, function, args, startTime, "", "MakeBucket failed", err)
+		return
+	}
+
+	defer cleanupBucket(bucketName, c)
+
+	// Generate 33K of data.
+	bufSize := dataFileMap["datafile-33-kB"]
+	var reader = getDataReader("datafile-33-kB")
+	defer reader.Close()
+
+	// Save the data
+	objectName := randString(60, rand.NewSource(time.Now().UnixNano()), "")
+	args["objectName"] = objectName
+
+	_, err = c.PutObject(context.Background(), bucketName, objectName, reader, int64(bufSize), minio.PutObjectOptions{ContentType: "binary/octet-stream"})
+	if err != nil {
+		logError(testName, function, args, startTime, "", "PutObject failed", err)
+		return
+	}
+
+	// Read the data back
+	r, err := c.GetObject(context.Background(), bucketName, objectName, minio.GetObjectOptions{})
+	if err != nil {
+		logError(testName, function, args, startTime, "", "GetObject failed", err)
+		return
+	}
+
+	st, err := r.Stat()
+	if err != nil {
+		logError(testName, function, args, startTime, "", "Stat failed", err)
+		return
+	}
+
+	if st.Size != int64(bufSize) {
+		logError(testName, function, args, startTime, "", "Number of bytes does not match, expected "+string(bufSize)+" got "+string(st.Size), err)
+		return
+	}
+	if err := r.Close(); err != nil {
+		logError(testName, function, args, startTime, "", "Stat failed", err)
+		return
+	}
+	if err := r.Close(); err == nil {
+		logError(testName, function, args, startTime, "", "Object is already closed, should return error", err)
+		return
+	}
+
+	successLogger(testName, function, args, startTime).Info()
+}
+
+// Tests FPutObject hidden contentType setting
+func testFPutObjectV2() {
+	// initialize logging params
+	startTime := time.Now()
+	testName := getFuncName()
+	function := "FPutObject(bucketName, objectName, fileName, opts)"
+	args := map[string]interface{}{
+		"bucketName": "",
+		"objectName": "",
+		"fileName":   "",
+		"opts":       "",
+	}
+
+	// Seed random based on current time.
+	rand.Seed(time.Now().Unix())
+
+	// Instantiate new minio client object.
+	c, err := minio.New(os.Getenv(serverEndpoint),
+		&minio.Options{
+			Creds:  credentials.NewStaticV2(os.Getenv(accessKey), os.Getenv(secretKey), ""),
+			Secure: mustParseBool(os.Getenv(enableHTTPS)),
+		})
+	if err != nil {
+		logError(testName, function, args, startTime, "", "MinIO v2 client object creation failed", err)
+		return
+	}
+
+	// Enable tracing, write to stderr.
+	// c.TraceOn(os.Stderr)
+
+	// Set user agent.
+	c.SetAppInfo("MinIO-go-FunctionalTest", "0.1.0")
+
+	// Generate a new random bucket name.
+	bucketName := randString(60, rand.NewSource(time.Now().UnixNano()), "minio-go-test-")
+	args["bucketName"] = bucketName
+
+	// Make a new bucket.
+	err = c.MakeBucket(context.Background(), bucketName, minio.MakeBucketOptions{Region: "us-east-1"})
+	if err != nil {
+		logError(testName, function, args, startTime, "", "MakeBucket failed", err)
+		return
+	}
+
+	defer cleanupBucket(bucketName, c)
+
+	// Make a temp file with 11*1024*1024 bytes of data.
+	file, err := ioutil.TempFile(os.TempDir(), "FPutObjectTest")
+	if err != nil {
+		logError(testName, function, args, startTime, "", "TempFile creation failed", err)
+		return
+	}
+
+	r := bytes.NewReader(bytes.Repeat([]byte("b"), 11*1024*1024))
+	n, err := io.CopyN(file, r, 11*1024*1024)
+	if err != nil {
+		logError(testName, function, args, startTime, "", "Copy failed", err)
+		return
+	}
+	if n != int64(11*1024*1024) {
+		logError(testName, function, args, startTime, "", "Number of bytes does not match, expected "+string(int64(11*1024*1024))+" got "+string(n), err)
+		return
+	}
+
+	// Close the file pro-actively for windows.
+	err = file.Close()
+	if err != nil {
+		logError(testName, function, args, startTime, "", "File close failed", err)
+		return
+	}
+
+	// Set base object name
+	objectName := bucketName + "FPutObject"
+	args["objectName"] = objectName
+	args["fileName"] = file.Name()
+
+	// Perform standard FPutObject with contentType provided (Expecting application/octet-stream)
+	_, err = c.FPutObject(context.Background(), bucketName, objectName+"-standard", file.Name(), minio.PutObjectOptions{ContentType: "application/octet-stream"})
+	if err != nil {
+		logError(testName, function, args, startTime, "", "FPutObject failed", err)
+		return
+	}
+
+	// Perform FPutObject with no contentType provided (Expecting application/octet-stream)
+	args["objectName"] = objectName + "-Octet"
+	args["contentType"] = ""
+
+	_, err = c.FPutObject(context.Background(), bucketName, objectName+"-Octet", file.Name(), minio.PutObjectOptions{})
+	if err != nil {
+		logError(testName, function, args, startTime, "", "FPutObject failed", err)
+		return
+	}
+
+	// Add extension to temp file name
+	fileName := file.Name()
+	err = os.Rename(fileName, fileName+".gtar")
+	if err != nil {
+		logError(testName, function, args, startTime, "", "Rename failed", err)
+		return
+	}
+
+	// Perform FPutObject with no contentType provided (Expecting application/x-gtar)
+	args["objectName"] = objectName + "-Octet"
+	args["contentType"] = ""
+	args["fileName"] = fileName + ".gtar"
+
+	_, err = c.FPutObject(context.Background(), bucketName, objectName+"-GTar", fileName+".gtar", minio.PutObjectOptions{})
+	if err != nil {
+		logError(testName, function, args, startTime, "", "FPutObject failed", err)
+		return
+	}
+
+	// Check headers and sizes
+	rStandard, err := c.StatObject(context.Background(), bucketName, objectName+"-standard", minio.StatObjectOptions{})
+	if err != nil {
+		logError(testName, function, args, startTime, "", "StatObject failed", err)
+		return
+	}
+
+	if rStandard.Size != 11*1024*1024 {
+		logError(testName, function, args, startTime, "", "Unexpected size", nil)
+		return
+	}
+
+	if rStandard.ContentType != "application/octet-stream" {
+		logError(testName, function, args, startTime, "", "Content-Type headers mismatched, expected: application/octet-stream , got "+rStandard.ContentType, err)
+		return
+	}
+
+	rOctet, err := c.StatObject(context.Background(), bucketName, objectName+"-Octet", minio.StatObjectOptions{})
+	if err != nil {
+		logError(testName, function, args, startTime, "", "StatObject failed", err)
+		return
+	}
+	if rOctet.ContentType != "application/octet-stream" {
+		logError(testName, function, args, startTime, "", "Content-Type headers mismatched, expected: application/octet-stream , got "+rOctet.ContentType, err)
+		return
+	}
+
+	if rOctet.Size != 11*1024*1024 {
+		logError(testName, function, args, startTime, "", "Unexpected size", nil)
+		return
+	}
+
+	rGTar, err := c.StatObject(context.Background(), bucketName, objectName+"-GTar", minio.StatObjectOptions{})
+	if err != nil {
+		logError(testName, function, args, startTime, "", "StatObject failed", err)
+		return
+	}
+	if rGTar.Size != 11*1024*1024 {
+		logError(testName, function, args, startTime, "", "Unexpected size", nil)
+		return
+	}
+	if rGTar.ContentType != "application/x-gtar" && rGTar.ContentType != "application/octet-stream" && rGTar.ContentType != "application/x-tar" {
+		logError(testName, function, args, startTime, "", "Content-Type headers mismatched, expected: application/x-tar , got "+rGTar.ContentType, err)
+		return
+	}
+
+	os.Remove(fileName + ".gtar")
+	successLogger(testName, function, args, startTime).Info()
+}
+
+// Tests various bucket supported formats.
+func testMakeBucketRegionsV2() {
+	// initialize logging params
+	startTime := time.Now()
+	testName := getFuncName()
+	function := "MakeBucket(bucketName, region)"
+	args := map[string]interface{}{
+		"bucketName": "",
+		"region":     "eu-west-1",
+	}
+
+	// Seed random based on current time.
+	rand.Seed(time.Now().Unix())
+
+	// Instantiate new minio client object.
+	c, err := minio.New(os.Getenv(serverEndpoint),
+		&minio.Options{
+			Creds:  credentials.NewStaticV2(os.Getenv(accessKey), os.Getenv(secretKey), ""),
+			Secure: mustParseBool(os.Getenv(enableHTTPS)),
+		})
+	if err != nil {
+		logError(testName, function, args, startTime, "", "MinIO v2 client object creation failed", err)
+		return
+	}
+
+	// Enable tracing, write to stderr.
+	// c.TraceOn(os.Stderr)
+
+	// Set user agent.
+	c.SetAppInfo("MinIO-go-FunctionalTest", "0.1.0")
+
+	// Generate a new random bucket name.
+	bucketName := randString(60, rand.NewSource(time.Now().UnixNano()), "minio-go-test-")
+	args["bucketName"] = bucketName
+
+	// Make a new bucket in 'eu-central-1'.
+	if err = c.MakeBucket(context.Background(), bucketName, minio.MakeBucketOptions{Region: "eu-west-1"}); err != nil {
+		logError(testName, function, args, startTime, "", "MakeBucket failed", err)
+		return
+	}
+
+	if err = cleanupBucket(bucketName, c); err != nil {
+		logError(testName, function, args, startTime, "", "CleanupBucket failed while removing bucket recursively", err)
+		return
+	}
+
+	// Make a new bucket with '.' in its name, in 'us-west-2'. This
+	// request is internally staged into a path style instead of
+	// virtual host style.
+	if err = c.MakeBucket(context.Background(), bucketName+".withperiod", minio.MakeBucketOptions{Region: "us-west-2"}); err != nil {
+		args["bucketName"] = bucketName + ".withperiod"
+		args["region"] = "us-west-2"
+		logError(testName, function, args, startTime, "", "MakeBucket test with a bucket name with period, '.', failed", err)
+		return
+	}
+
+	// Delete all objects and buckets
+	if err = cleanupBucket(bucketName+".withperiod", c); err != nil {
+		logError(testName, function, args, startTime, "", "CleanupBucket failed while removing bucket recursively", err)
+		return
+	}
+
+	successLogger(testName, function, args, startTime).Info()
+}
+
+// Tests get object ReaderSeeker interface methods.
+func testGetObjectReadSeekFunctionalV2() {
+	// initialize logging params
+	startTime := time.Now()
+	testName := getFuncName()
+	function := "GetObject(bucketName, objectName)"
+	args := map[string]interface{}{}
+
+	// Seed random based on current time.
+	rand.Seed(time.Now().Unix())
+
+	// Instantiate new minio client object.
+	c, err := minio.New(os.Getenv(serverEndpoint),
+		&minio.Options{
+			Creds:  credentials.NewStaticV2(os.Getenv(accessKey), os.Getenv(secretKey), ""),
+			Secure: mustParseBool(os.Getenv(enableHTTPS)),
+		})
+	if err != nil {
+		logError(testName, function, args, startTime, "", "MinIO v2 client object creation failed", err)
+		return
+	}
+
+	// Enable tracing, write to stderr.
+	// c.TraceOn(os.Stderr)
+
+	// Set user agent.
+	c.SetAppInfo("MinIO-go-FunctionalTest", "0.1.0")
+
+	// Generate a new random bucket name.
+	bucketName := randString(60, rand.NewSource(time.Now().UnixNano()), "minio-go-test-")
+	args["bucketName"] = bucketName
+
+	// Make a new bucket.
+	err = c.MakeBucket(context.Background(), bucketName, minio.MakeBucketOptions{Region: "us-east-1"})
+	if err != nil {
+		logError(testName, function, args, startTime, "", "MakeBucket failed", err)
+		return
+	}
+
+	defer cleanupBucket(bucketName, c)
+
+	// Generate 33K of data.
+	bufSize := dataFileMap["datafile-33-kB"]
+	var reader = getDataReader("datafile-33-kB")
+	defer reader.Close()
+
+	objectName := randString(60, rand.NewSource(time.Now().UnixNano()), "")
+	args["objectName"] = objectName
+
+	buf, err := ioutil.ReadAll(reader)
+	if err != nil {
+		logError(testName, function, args, startTime, "", "ReadAll failed", err)
+		return
+	}
+
+	// Save the data.
+	_, err = c.PutObject(context.Background(), bucketName, objectName, bytes.NewReader(buf), int64(bufSize), minio.PutObjectOptions{ContentType: "binary/octet-stream"})
+	if err != nil {
+		logError(testName, function, args, startTime, "", "PutObject failed", err)
+		return
+	}
+
+	// Read the data back
+	r, err := c.GetObject(context.Background(), bucketName, objectName, minio.GetObjectOptions{})
+	if err != nil {
+		logError(testName, function, args, startTime, "", "GetObject failed", err)
+		return
+	}
+	defer r.Close()
+
+	st, err := r.Stat()
+	if err != nil {
+		logError(testName, function, args, startTime, "", "Stat failed", err)
+		return
+	}
+
+	if st.Size != int64(bufSize) {
+		logError(testName, function, args, startTime, "", "Number of bytes in stat does not match, expected "+string(int64(bufSize))+" got "+string(st.Size), err)
+		return
+	}
+
+	offset := int64(2048)
+	n, err := r.Seek(offset, 0)
+	if err != nil {
+		logError(testName, function, args, startTime, "", "Seek failed", err)
+		return
+	}
+	if n != offset {
+		logError(testName, function, args, startTime, "", "Number of seeked bytes does not match, expected "+string(offset)+" got "+string(n), err)
+		return
+	}
+	n, err = r.Seek(0, 1)
+	if err != nil {
+		logError(testName, function, args, startTime, "", "Seek failed", err)
+		return
+	}
+	if n != offset {
+		logError(testName, function, args, startTime, "", "Number of seeked bytes does not match, expected "+string(offset)+" got "+string(n), err)
+		return
+	}
+	_, err = r.Seek(offset, 2)
+	if err == nil {
+		logError(testName, function, args, startTime, "", "Seek on positive offset for whence '2' should error out", err)
+		return
+	}
+	n, err = r.Seek(-offset, 2)
+	if err != nil {
+		logError(testName, function, args, startTime, "", "Seek failed", err)
+		return
+	}
+	if n != st.Size-offset {
+		logError(testName, function, args, startTime, "", "Number of seeked bytes does not match, expected "+string(st.Size-offset)+" got "+string(n), err)
+		return
+	}
+
+	var buffer1 bytes.Buffer
+	if _, err = io.CopyN(&buffer1, r, st.Size); err != nil {
+		if err != io.EOF {
+			logError(testName, function, args, startTime, "", "Copy failed", err)
+			return
+		}
+	}
+	if !bytes.Equal(buf[len(buf)-int(offset):], buffer1.Bytes()) {
+		logError(testName, function, args, startTime, "", "Incorrect read bytes v/s original buffer", err)
+		return
+	}
+
+	// Seek again and read again.
+	n, err = r.Seek(offset-1, 0)
+	if err != nil {
+		logError(testName, function, args, startTime, "", "Seek failed", err)
+		return
+	}
+	if n != (offset - 1) {
+		logError(testName, function, args, startTime, "", "Number of seeked bytes does not match, expected "+string(offset-1)+" got "+string(n), err)
+		return
+	}
+
+	var buffer2 bytes.Buffer
+	if _, err = io.CopyN(&buffer2, r, st.Size); err != nil {
+		if err != io.EOF {
+			logError(testName, function, args, startTime, "", "Copy failed", err)
+			return
+		}
+	}
+	// Verify now lesser bytes.
+	if !bytes.Equal(buf[2047:], buffer2.Bytes()) {
+		logError(testName, function, args, startTime, "", "Incorrect read bytes v/s original buffer", err)
+		return
+	}
+
+	successLogger(testName, function, args, startTime).Info()
+}
+
+// Tests get object ReaderAt interface methods.
+func testGetObjectReadAtFunctionalV2() {
+	// initialize logging params
+	startTime := time.Now()
+	testName := getFuncName()
+	function := "GetObject(bucketName, objectName)"
+	args := map[string]interface{}{}
+
+	// Seed random based on current time.
+	rand.Seed(time.Now().Unix())
+
+	// Instantiate new minio client object.
+	c, err := minio.New(os.Getenv(serverEndpoint),
+		&minio.Options{
+			Creds:  credentials.NewStaticV2(os.Getenv(accessKey), os.Getenv(secretKey), ""),
+			Secure: mustParseBool(os.Getenv(enableHTTPS)),
+		})
+	if err != nil {
+		logError(testName, function, args, startTime, "", "MinIO v2 client object creation failed", err)
+		return
+	}
+
+	// Enable tracing, write to stderr.
+	// c.TraceOn(os.Stderr)
+
+	// Set user agent.
+	c.SetAppInfo("MinIO-go-FunctionalTest", "0.1.0")
+
+	// Generate a new random bucket name.
+	bucketName := randString(60, rand.NewSource(time.Now().UnixNano()), "minio-go-test-")
+	args["bucketName"] = bucketName
+
+	// Make a new bucket.
+	err = c.MakeBucket(context.Background(), bucketName, minio.MakeBucketOptions{Region: "us-east-1"})
+	if err != nil {
+		logError(testName, function, args, startTime, "", "MakeBucket failed", err)
+		return
+	}
+
+	defer cleanupBucket(bucketName, c)
+
+	// Generate 33K of data.
+	bufSize := dataFileMap["datafile-33-kB"]
+	var reader = getDataReader("datafile-33-kB")
+	defer reader.Close()
+
+	objectName := randString(60, rand.NewSource(time.Now().UnixNano()), "")
+	args["objectName"] = objectName
+
+	buf, err := ioutil.ReadAll(reader)
+	if err != nil {
+		logError(testName, function, args, startTime, "", "ReadAll failed", err)
+		return
+	}
+
+	// Save the data
+	_, err = c.PutObject(context.Background(), bucketName, objectName, bytes.NewReader(buf), int64(bufSize), minio.PutObjectOptions{ContentType: "binary/octet-stream"})
+	if err != nil {
+		logError(testName, function, args, startTime, "", "PutObject failed", err)
+		return
+	}
+
+	// Read the data back
+	r, err := c.GetObject(context.Background(), bucketName, objectName, minio.GetObjectOptions{})
+	if err != nil {
+		logError(testName, function, args, startTime, "", "GetObject failed", err)
+		return
+	}
+	defer r.Close()
+
+	st, err := r.Stat()
+	if err != nil {
+		logError(testName, function, args, startTime, "", "Stat failed", err)
+		return
+	}
+
+	if st.Size != int64(bufSize) {
+		logError(testName, function, args, startTime, "", "Number of bytes does not match, expected "+string(bufSize)+" got "+string(st.Size), err)
+		return
+	}
+
+	offset := int64(2048)
+
+	// Read directly
+	buf2 := make([]byte, 512)
+	buf3 := make([]byte, 512)
+	buf4 := make([]byte, 512)
+
+	m, err := r.ReadAt(buf2, offset)
+	if err != nil {
+		logError(testName, function, args, startTime, "", "ReadAt failed", err)
+		return
+	}
+	if m != len(buf2) {
+		logError(testName, function, args, startTime, "", "ReadAt read shorter bytes before reaching EOF, expected "+string(len(buf2))+" got "+string(m), err)
+		return
+	}
+	if !bytes.Equal(buf2, buf[offset:offset+512]) {
+		logError(testName, function, args, startTime, "", "Incorrect read between two ReadAt from same offset", err)
+		return
+	}
+	offset += 512
+	m, err = r.ReadAt(buf3, offset)
+	if err != nil {
+		logError(testName, function, args, startTime, "", "ReadAt failed", err)
+		return
+	}
+	if m != len(buf3) {
+		logError(testName, function, args, startTime, "", "ReadAt read shorter bytes before reaching EOF, expected "+string(len(buf3))+" got "+string(m), err)
+		return
+	}
+	if !bytes.Equal(buf3, buf[offset:offset+512]) {
+		logError(testName, function, args, startTime, "", "Incorrect read between two ReadAt from same offset", err)
+		return
+	}
+	offset += 512
+	m, err = r.ReadAt(buf4, offset)
+	if err != nil {
+		logError(testName, function, args, startTime, "", "ReadAt failed", err)
+		return
+	}
+	if m != len(buf4) {
+		logError(testName, function, args, startTime, "", "ReadAt read shorter bytes before reaching EOF, expected "+string(len(buf4))+" got "+string(m), err)
+		return
+	}
+	if !bytes.Equal(buf4, buf[offset:offset+512]) {
+		logError(testName, function, args, startTime, "", "Incorrect read between two ReadAt from same offset", err)
+		return
+	}
+
+	buf5 := make([]byte, bufSize)
+	// Read the whole object.
+	m, err = r.ReadAt(buf5, 0)
+	if err != nil {
+		if err != io.EOF {
+			logError(testName, function, args, startTime, "", "ReadAt failed", err)
+			return
+		}
+	}
+	if m != len(buf5) {
+		logError(testName, function, args, startTime, "", "ReadAt read shorter bytes before reaching EOF, expected "+string(len(buf5))+" got "+string(m), err)
+		return
+	}
+	if !bytes.Equal(buf, buf5) {
+		logError(testName, function, args, startTime, "", "Incorrect data read in GetObject, than what was previously uploaded", err)
+		return
+	}
+
+	buf6 := make([]byte, bufSize+1)
+	// Read the whole object and beyond.
+	_, err = r.ReadAt(buf6, 0)
+	if err != nil {
+		if err != io.EOF {
+			logError(testName, function, args, startTime, "", "ReadAt failed", err)
+			return
+		}
+	}
+
+	successLogger(testName, function, args, startTime).Info()
+}
+
+// Tests copy object
+func testCopyObjectV2() {
+	// initialize logging params
+	startTime := time.Now()
+	testName := getFuncName()
+	function := "CopyObject(destination, source)"
+	args := map[string]interface{}{}
+
+	// Seed random based on current time.
+	rand.Seed(time.Now().Unix())
+
+	// Instantiate new minio client object
+	c, err := minio.New(os.Getenv(serverEndpoint),
+		&minio.Options{
+			Creds:  credentials.NewStaticV2(os.Getenv(accessKey), os.Getenv(secretKey), ""),
+			Secure: mustParseBool(os.Getenv(enableHTTPS)),
+		})
+	if err != nil {
+		logError(testName, function, args, startTime, "", "MinIO v2 client object creation failed", err)
+		return
+	}
+
+	// Enable tracing, write to stderr.
+	// c.TraceOn(os.Stderr)
+
+	// Set user agent.
+	c.SetAppInfo("MinIO-go-FunctionalTest", "0.1.0")
+
+	// Generate a new random bucket name.
+	bucketName := randString(60, rand.NewSource(time.Now().UnixNano()), "minio-go-test-")
+
+	// Make a new bucket in 'us-east-1' (source bucket).
+	err = c.MakeBucket(context.Background(), bucketName, minio.MakeBucketOptions{Region: "us-east-1"})
+	if err != nil {
+		logError(testName, function, args, startTime, "", "MakeBucket failed", err)
+		return
+	}
+	defer cleanupBucket(bucketName, c)
+
+	// Make a new bucket in 'us-east-1' (destination bucket).
+	err = c.MakeBucket(context.Background(), bucketName+"-copy", minio.MakeBucketOptions{Region: "us-east-1"})
+	if err != nil {
+		logError(testName, function, args, startTime, "", "MakeBucket failed", err)
+		return
+	}
+	defer cleanupBucket(bucketName+"-copy", c)
+
+	// Generate 33K of data.
+	bufSize := dataFileMap["datafile-33-kB"]
+	var reader = getDataReader("datafile-33-kB")
+	defer reader.Close()
+
+	// Save the data
+	objectName := randString(60, rand.NewSource(time.Now().UnixNano()), "")
+	_, err = c.PutObject(context.Background(), bucketName, objectName, reader, int64(bufSize), minio.PutObjectOptions{ContentType: "binary/octet-stream"})
+	if err != nil {
+		logError(testName, function, args, startTime, "", "PutObject failed", err)
+		return
+	}
+
+	r, err := c.GetObject(context.Background(), bucketName, objectName, minio.GetObjectOptions{})
+	if err != nil {
+		logError(testName, function, args, startTime, "", "GetObject failed", err)
+		return
+	}
+	// Check the various fields of source object against destination object.
+	objInfo, err := r.Stat()
+	if err != nil {
+		logError(testName, function, args, startTime, "", "Stat failed", err)
+		return
+	}
+	r.Close()
+
+	// Copy Source
+	src := minio.CopySrcOptions{
+		Bucket:             bucketName,
+		Object:             objectName,
+		MatchModifiedSince: time.Date(2014, time.April, 0, 0, 0, 0, 0, time.UTC),
+		MatchETag:          objInfo.ETag,
+	}
+	args["source"] = src
+
+	// Set copy conditions.
+	dst := minio.CopyDestOptions{
+		Bucket: bucketName + "-copy",
+		Object: objectName + "-copy",
+	}
+	args["destination"] = dst
+
+	// Perform the Copy
+	_, err = c.CopyObject(context.Background(), dst, src)
+	if err != nil {
+		logError(testName, function, args, startTime, "", "CopyObject failed", err)
+		return
+	}
+
+	// Source object
+	r, err = c.GetObject(context.Background(), bucketName, objectName, minio.GetObjectOptions{})
+	if err != nil {
+		logError(testName, function, args, startTime, "", "GetObject failed", err)
+		return
+	}
+	// Destination object
+	readerCopy, err := c.GetObject(context.Background(), bucketName+"-copy", objectName+"-copy", minio.GetObjectOptions{})
+	if err != nil {
+		logError(testName, function, args, startTime, "", "GetObject failed", err)
+		return
+	}
+	// Check the various fields of source object against destination object.
+	objInfo, err = r.Stat()
+	if err != nil {
+		logError(testName, function, args, startTime, "", "Stat failed", err)
+		return
+	}
+	objInfoCopy, err := readerCopy.Stat()
+	if err != nil {
+		logError(testName, function, args, startTime, "", "Stat failed", err)
+		return
+	}
+	if objInfo.Size != objInfoCopy.Size {
+		logError(testName, function, args, startTime, "", "Number of bytes does not match, expected "+string(objInfoCopy.Size)+" got "+string(objInfo.Size), err)
+		return
+	}
+
+	// Close all the readers.
+	r.Close()
+	readerCopy.Close()
+
+	// CopyObject again but with wrong conditions
+	src = minio.CopySrcOptions{
+		Bucket:               bucketName,
+		Object:               objectName,
+		MatchUnmodifiedSince: time.Date(2014, time.April, 0, 0, 0, 0, 0, time.UTC),
+		NoMatchETag:          objInfo.ETag,
+	}
+
+	// Perform the Copy which should fail
+	_, err = c.CopyObject(context.Background(), dst, src)
+	if err == nil {
+		logError(testName, function, args, startTime, "", "CopyObject did not fail for invalid conditions", err)
+		return
+	}
+
+	successLogger(testName, function, args, startTime).Info()
+}
+
+func testComposeObjectErrorCasesWrapper(c *minio.Client) {
+	// initialize logging params
+	startTime := time.Now()
+	testName := getFuncName()
+	function := "ComposeObject(destination, sourceList)"
+	args := map[string]interface{}{}
+
+	// Generate a new random bucket name.
+	bucketName := randString(60, rand.NewSource(time.Now().UnixNano()), "minio-go-test-")
+
+	// Make a new bucket in 'us-east-1' (source bucket).
+	err := c.MakeBucket(context.Background(), bucketName, minio.MakeBucketOptions{Region: "us-east-1"})
+
+	if err != nil {
+		logError(testName, function, args, startTime, "", "MakeBucket failed", err)
+		return
+	}
+
+	defer cleanupBucket(bucketName, c)
+
+	// Test that more than 10K source objects cannot be
+	// concatenated.
+	srcArr := [10001]minio.CopySrcOptions{}
+	srcSlice := srcArr[:]
+	dst := minio.CopyDestOptions{
+		Bucket: bucketName,
+		Object: "object",
+	}
+
+	args["destination"] = dst
+	// Just explain about srcArr in args["sourceList"]
+	// to stop having 10,001 null headers logged
+	args["sourceList"] = "source array of 10,001 elements"
+	if _, err := c.ComposeObject(context.Background(), dst, srcSlice...); err == nil {
+		logError(testName, function, args, startTime, "", "Expected error in ComposeObject", err)
+		return
+	} else if err.Error() != "There must be as least one and up to 10000 source objects." {
+		logError(testName, function, args, startTime, "", "Got unexpected error", err)
+		return
+	}
+
+	// Create a source with invalid offset spec and check that
+	// error is returned:
+	// 1. Create the source object.
+	const badSrcSize = 5 * 1024 * 1024
+	buf := bytes.Repeat([]byte("1"), badSrcSize)
+	_, err = c.PutObject(context.Background(), bucketName, "badObject", bytes.NewReader(buf), int64(len(buf)), minio.PutObjectOptions{})
+	if err != nil {
+		logError(testName, function, args, startTime, "", "PutObject failed", err)
+		return
+	}
+	// 2. Set invalid range spec on the object (going beyond
+	// object size)
+	badSrc := minio.CopySrcOptions{
+		Bucket:     bucketName,
+		Object:     "badObject",
+		MatchRange: true,
+		Start:      1,
+		End:        badSrcSize,
+	}
+
+	// 3. ComposeObject call should fail.
+	if _, err := c.ComposeObject(context.Background(), dst, badSrc); err == nil {
+		logError(testName, function, args, startTime, "", "ComposeObject expected to fail", err)
+		return
+	} else if !strings.Contains(err.Error(), "has invalid segment-to-copy") {
+		logError(testName, function, args, startTime, "", "Got invalid error", err)
+		return
+	}
+
+	successLogger(testName, function, args, startTime).Info()
+}
+
+// Test expected error cases
+func testComposeObjectErrorCasesV2() {
+	// initialize logging params
+	startTime := time.Now()
+	testName := getFuncName()
+	function := "ComposeObject(destination, sourceList)"
+	args := map[string]interface{}{}
+
+	// Instantiate new minio client object
+	c, err := minio.New(os.Getenv(serverEndpoint),
+		&minio.Options{
+			Creds:  credentials.NewStaticV2(os.Getenv(accessKey), os.Getenv(secretKey), ""),
+			Secure: mustParseBool(os.Getenv(enableHTTPS)),
+		})
+	if err != nil {
+		logError(testName, function, args, startTime, "", "MinIO v2 client object creation failed", err)
+		return
+	}
+
+	testComposeObjectErrorCasesWrapper(c)
+}
+
+func testComposeMultipleSources(c *minio.Client) {
+	// initialize logging params
+	startTime := time.Now()
+	testName := getFuncName()
+	function := "ComposeObject(destination, sourceList)"
+	args := map[string]interface{}{
+		"destination": "",
+		"sourceList":  "",
+	}
+
+	// Generate a new random bucket name.
+	bucketName := randString(60, rand.NewSource(time.Now().UnixNano()), "minio-go-test-")
+	// Make a new bucket in 'us-east-1' (source bucket).
+	err := c.MakeBucket(context.Background(), bucketName, minio.MakeBucketOptions{Region: "us-east-1"})
+	if err != nil {
+		logError(testName, function, args, startTime, "", "MakeBucket failed", err)
+		return
+	}
+
+	defer cleanupBucket(bucketName, c)
+
+	// Upload a small source object
+	const srcSize = 1024 * 1024 * 5
+	buf := bytes.Repeat([]byte("1"), srcSize)
+	_, err = c.PutObject(context.Background(), bucketName, "srcObject", bytes.NewReader(buf), int64(srcSize), minio.PutObjectOptions{ContentType: "binary/octet-stream"})
+	if err != nil {
+		logError(testName, function, args, startTime, "", "PutObject failed", err)
+		return
+	}
+
+	// We will append 10 copies of the object.
+	srcs := []minio.CopySrcOptions{}
+	for i := 0; i < 10; i++ {
+		srcs = append(srcs, minio.CopySrcOptions{
+			Bucket: bucketName,
+			Object: "srcObject",
+		})
+	}
+
+	// make the last part very small
+	srcs[9].MatchRange = true
+
+	args["sourceList"] = srcs
+
+	dst := minio.CopyDestOptions{
+		Bucket: bucketName,
+		Object: "dstObject",
+	}
+	args["destination"] = dst
+
+	ui, err := c.ComposeObject(context.Background(), dst, srcs...)
+	if err != nil {
+		logError(testName, function, args, startTime, "", "ComposeObject failed", err)
+		return
+	}
+
+	if ui.Size != 9*srcSize+1 {
+		logError(testName, function, args, startTime, "", "ComposeObject returned unexpected size", err)
+		return
+	}
+
+	objProps, err := c.StatObject(context.Background(), bucketName, "dstObject", minio.StatObjectOptions{})
+	if err != nil {
+		logError(testName, function, args, startTime, "", "StatObject failed", err)
+		return
+	}
+
+	if objProps.Size != 9*srcSize+1 {
+		logError(testName, function, args, startTime, "", "Size mismatched! Expected "+string(10000*srcSize)+" got "+string(objProps.Size), err)
+		return
+	}
+
+	successLogger(testName, function, args, startTime).Info()
+}
+
+// Test concatenating multiple 10K objects V2
+func testCompose10KSourcesV2() {
+	// initialize logging params
+	startTime := time.Now()
+	testName := getFuncName()
+	function := "ComposeObject(destination, sourceList)"
+	args := map[string]interface{}{}
+
+	// Instantiate new minio client object
+	c, err := minio.New(os.Getenv(serverEndpoint),
+		&minio.Options{
+			Creds:  credentials.NewStaticV2(os.Getenv(accessKey), os.Getenv(secretKey), ""),
+			Secure: mustParseBool(os.Getenv(enableHTTPS)),
+		})
+	if err != nil {
+		logError(testName, function, args, startTime, "", "MinIO v2 client object creation failed", err)
+		return
+	}
+
+	testComposeMultipleSources(c)
+}
+
+func testEncryptedEmptyObject() {
+	// initialize logging params
+	startTime := time.Now()
+	testName := getFuncName()
+	function := "PutObject(bucketName, objectName, reader, objectSize, opts)"
+	args := map[string]interface{}{}
+
+	// Instantiate new minio client object
+	c, err := minio.New(os.Getenv(serverEndpoint),
+		&minio.Options{
+			Creds:  credentials.NewStaticV4(os.Getenv(accessKey), os.Getenv(secretKey), ""),
+			Secure: mustParseBool(os.Getenv(enableHTTPS)),
+		})
+	if err != nil {
+		logError(testName, function, args, startTime, "", "MinIO v4 client object creation failed", err)
+		return
+	}
+
+	// Generate a new random bucket name.
+	bucketName := randString(60, rand.NewSource(time.Now().UnixNano()), "minio-go-test-")
+	args["bucketName"] = bucketName
+	// Make a new bucket in 'us-east-1' (source bucket).
+	err = c.MakeBucket(context.Background(), bucketName, minio.MakeBucketOptions{Region: "us-east-1"})
+	if err != nil {
+		logError(testName, function, args, startTime, "", "MakeBucket failed", err)
+		return
+	}
+
+	defer cleanupBucket(bucketName, c)
+
+	sse := encrypt.DefaultPBKDF([]byte("correct horse battery staple"), []byte(bucketName+"object"))
+
+	// 1. create an sse-c encrypted object to copy by uploading
+	const srcSize = 0
+	var buf []byte // Empty buffer
+	args["objectName"] = "object"
+	_, err = c.PutObject(context.Background(), bucketName, "object", bytes.NewReader(buf), int64(len(buf)), minio.PutObjectOptions{ServerSideEncryption: sse})
+	if err != nil {
+		logError(testName, function, args, startTime, "", "PutObject call failed", err)
+		return
+	}
+
+	// 2. Test CopyObject for an empty object
+	src := minio.CopySrcOptions{
+		Bucket:     bucketName,
+		Object:     "object",
+		Encryption: sse,
+	}
+
+	dst := minio.CopyDestOptions{
+		Bucket:     bucketName,
+		Object:     "new-object",
+		Encryption: sse,
+	}
+
+	if _, err = c.CopyObject(context.Background(), dst, src); err != nil {
+		function = "CopyObject(dst, src)"
+		logError(testName, function, map[string]interface{}{}, startTime, "", "CopyObject failed", err)
+		return
+	}
+
+	// 3. Test Key rotation
+	newSSE := encrypt.DefaultPBKDF([]byte("Don't Panic"), []byte(bucketName+"new-object"))
+	src = minio.CopySrcOptions{
+		Bucket:     bucketName,
+		Object:     "new-object",
+		Encryption: sse,
+	}
+
+	dst = minio.CopyDestOptions{
+		Bucket:     bucketName,
+		Object:     "new-object",
+		Encryption: newSSE,
+	}
+
+	if _, err = c.CopyObject(context.Background(), dst, src); err != nil {
+		function = "CopyObject(dst, src)"
+		logError(testName, function, map[string]interface{}{}, startTime, "", "CopyObject with key rotation failed", err)
+		return
+	}
+
+	// 4. Download the object.
+	reader, err := c.GetObject(context.Background(), bucketName, "new-object", minio.GetObjectOptions{ServerSideEncryption: newSSE})
+	if err != nil {
+		logError(testName, function, args, startTime, "", "GetObject failed", err)
+		return
+	}
+	defer reader.Close()
+
+	decBytes, err := ioutil.ReadAll(reader)
+	if err != nil {
+		logError(testName, function, map[string]interface{}{}, startTime, "", "ReadAll failed", err)
+		return
+	}
+	if !bytes.Equal(decBytes, buf) {
+		logError(testName, function, map[string]interface{}{}, startTime, "", "Downloaded object doesn't match the empty encrypted object", err)
+		return
+	}
+
+	delete(args, "objectName")
+	successLogger(testName, function, args, startTime).Info()
+}
+
+func testEncryptedCopyObjectWrapper(c *minio.Client, bucketName string, sseSrc, sseDst encrypt.ServerSide) {
+	// initialize logging params
+	startTime := time.Now()
+	testName := getFuncNameLoc(2)
+	function := "CopyObject(destination, source)"
+	args := map[string]interface{}{}
+	var srcEncryption, dstEncryption encrypt.ServerSide
+
+	// Make a new bucket in 'us-east-1' (source bucket).
+	err := c.MakeBucket(context.Background(), bucketName, minio.MakeBucketOptions{Region: "us-east-1"})
+	if err != nil {
+		logError(testName, function, args, startTime, "", "MakeBucket failed", err)
+		return
+	}
+
+	defer cleanupBucket(bucketName, c)
+
+	// 1. create an sse-c encrypted object to copy by uploading
+	const srcSize = 1024 * 1024
+	buf := bytes.Repeat([]byte("abcde"), srcSize) // gives a buffer of 5MiB
+	_, err = c.PutObject(context.Background(), bucketName, "srcObject", bytes.NewReader(buf), int64(len(buf)), minio.PutObjectOptions{
+		ServerSideEncryption: sseSrc,
+	})
+	if err != nil {
+		logError(testName, function, args, startTime, "", "PutObject call failed", err)
+		return
+	}
+
+	if sseSrc != nil && sseSrc.Type() != encrypt.S3 {
+		srcEncryption = sseSrc
+	}
+
+	// 2. copy object and change encryption key
+	src := minio.CopySrcOptions{
+		Bucket:     bucketName,
+		Object:     "srcObject",
+		Encryption: srcEncryption,
+	}
+	args["source"] = src
+
+	dst := minio.CopyDestOptions{
+		Bucket:     bucketName,
+		Object:     "dstObject",
+		Encryption: sseDst,
+	}
+	args["destination"] = dst
+
+	_, err = c.CopyObject(context.Background(), dst, src)
+	if err != nil {
+		logError(testName, function, args, startTime, "", "CopyObject failed", err)
+		return
+	}
+
+	if sseDst != nil && sseDst.Type() != encrypt.S3 {
+		dstEncryption = sseDst
+	}
+	// 3. get copied object and check if content is equal
+	coreClient := minio.Core{c}
+	reader, _, _, err := coreClient.GetObject(context.Background(), bucketName, "dstObject", minio.GetObjectOptions{ServerSideEncryption: dstEncryption})
+	if err != nil {
+		logError(testName, function, args, startTime, "", "GetObject failed", err)
+		return
+	}
+
+	decBytes, err := ioutil.ReadAll(reader)
+	if err != nil {
+		logError(testName, function, args, startTime, "", "ReadAll failed", err)
+		return
+	}
+	if !bytes.Equal(decBytes, buf) {
+		logError(testName, function, args, startTime, "", "Downloaded object mismatched for encrypted object", err)
+		return
+	}
+	reader.Close()
+
+	// Test key rotation for source object in-place.
+	var newSSE encrypt.ServerSide
+	if sseSrc != nil && sseSrc.Type() == encrypt.SSEC {
+		newSSE = encrypt.DefaultPBKDF([]byte("Don't Panic"), []byte(bucketName+"srcObject")) // replace key
+	}
+	if sseSrc != nil && sseSrc.Type() == encrypt.S3 {
+		newSSE = encrypt.NewSSE()
+	}
+	if newSSE != nil {
+		dst = minio.CopyDestOptions{
+			Bucket:     bucketName,
+			Object:     "srcObject",
+			Encryption: newSSE,
+		}
+		args["destination"] = dst
+
+		_, err = c.CopyObject(context.Background(), dst, src)
+		if err != nil {
+			logError(testName, function, args, startTime, "", "CopyObject failed", err)
+			return
+		}
+
+		// Get copied object and check if content is equal
+		reader, _, _, err = coreClient.GetObject(context.Background(), bucketName, "srcObject", minio.GetObjectOptions{ServerSideEncryption: newSSE})
+		if err != nil {
+			logError(testName, function, args, startTime, "", "GetObject failed", err)
+			return
+		}
+
+		decBytes, err = ioutil.ReadAll(reader)
+		if err != nil {
+			logError(testName, function, args, startTime, "", "ReadAll failed", err)
+			return
+		}
+		if !bytes.Equal(decBytes, buf) {
+			logError(testName, function, args, startTime, "", "Downloaded object mismatched for encrypted object", err)
+			return
+		}
+		reader.Close()
+
+		// Test in-place decryption.
+		dst = minio.CopyDestOptions{
+			Bucket: bucketName,
+			Object: "srcObject",
+		}
+		args["destination"] = dst
+
+		src = minio.CopySrcOptions{
+			Bucket:     bucketName,
+			Object:     "srcObject",
+			Encryption: newSSE,
+		}
+		args["source"] = src
+		_, err = c.CopyObject(context.Background(), dst, src)
+		if err != nil {
+			logError(testName, function, args, startTime, "", "CopyObject Key rotation failed", err)
+			return
+		}
+	}
+
+	// Get copied decrypted object and check if content is equal
+	reader, _, _, err = coreClient.GetObject(context.Background(), bucketName, "srcObject", minio.GetObjectOptions{})
+	if err != nil {
+		logError(testName, function, args, startTime, "", "GetObject failed", err)
+		return
+	}
+	defer reader.Close()
+
+	decBytes, err = ioutil.ReadAll(reader)
+	if err != nil {
+		logError(testName, function, args, startTime, "", "ReadAll failed", err)
+		return
+	}
+	if !bytes.Equal(decBytes, buf) {
+		logError(testName, function, args, startTime, "", "Downloaded object mismatched for encrypted object", err)
+		return
+	}
+
+	successLogger(testName, function, args, startTime).Info()
+}
+
+// Test encrypted copy object
+func testUnencryptedToSSECCopyObject() {
+	// initialize logging params
+	startTime := time.Now()
+	testName := getFuncName()
+	function := "CopyObject(destination, source)"
+	args := map[string]interface{}{}
+
+	// Instantiate new minio client object
+	c, err := minio.New(os.Getenv(serverEndpoint),
+		&minio.Options{
+			Creds:  credentials.NewStaticV4(os.Getenv(accessKey), os.Getenv(secretKey), ""),
+			Secure: mustParseBool(os.Getenv(enableHTTPS)),
+		})
+	if err != nil {
+		logError(testName, function, args, startTime, "", "MinIO v2 client object creation failed", err)
+		return
+	}
+	// Generate a new random bucket name.
+	bucketName := randString(60, rand.NewSource(time.Now().UnixNano()), "minio-go-test-")
+
+	sseDst := encrypt.DefaultPBKDF([]byte("correct horse battery staple"), []byte(bucketName+"dstObject"))
+	// c.TraceOn(os.Stderr)
+	testEncryptedCopyObjectWrapper(c, bucketName, nil, sseDst)
+}
+
+// Test encrypted copy object
+func testUnencryptedToSSES3CopyObject() {
+	// initialize logging params
+	startTime := time.Now()
+	testName := getFuncName()
+	function := "CopyObject(destination, source)"
+	args := map[string]interface{}{}
+
+	// Instantiate new minio client object
+	c, err := minio.New(os.Getenv(serverEndpoint),
+		&minio.Options{
+			Creds:  credentials.NewStaticV4(os.Getenv(accessKey), os.Getenv(secretKey), ""),
+			Secure: mustParseBool(os.Getenv(enableHTTPS)),
+		})
+	if err != nil {
+		logError(testName, function, args, startTime, "", "MinIO v2 client object creation failed", err)
+		return
+	}
+	// Generate a new random bucket name.
+	bucketName := randString(60, rand.NewSource(time.Now().UnixNano()), "minio-go-test-")
+
+	var sseSrc encrypt.ServerSide
+	sseDst := encrypt.NewSSE()
+	// c.TraceOn(os.Stderr)
+	testEncryptedCopyObjectWrapper(c, bucketName, sseSrc, sseDst)
+}
+
+// Test encrypted copy object
+func testUnencryptedToUnencryptedCopyObject() {
+	// initialize logging params
+	startTime := time.Now()
+	testName := getFuncName()
+	function := "CopyObject(destination, source)"
+	args := map[string]interface{}{}
+
+	// Instantiate new minio client object
+	c, err := minio.New(os.Getenv(serverEndpoint),
+		&minio.Options{
+			Creds:  credentials.NewStaticV4(os.Getenv(accessKey), os.Getenv(secretKey), ""),
+			Secure: mustParseBool(os.Getenv(enableHTTPS)),
+		})
+	if err != nil {
+		logError(testName, function, args, startTime, "", "MinIO v2 client object creation failed", err)
+		return
+	}
+	// Generate a new random bucket name.
+	bucketName := randString(60, rand.NewSource(time.Now().UnixNano()), "minio-go-test-")
+
+	var sseSrc, sseDst encrypt.ServerSide
+	// c.TraceOn(os.Stderr)
+	testEncryptedCopyObjectWrapper(c, bucketName, sseSrc, sseDst)
+}
+
+// Test encrypted copy object
+func testEncryptedSSECToSSECCopyObject() {
+	// initialize logging params
+	startTime := time.Now()
+	testName := getFuncName()
+	function := "CopyObject(destination, source)"
+	args := map[string]interface{}{}
+
+	// Instantiate new minio client object
+	c, err := minio.New(os.Getenv(serverEndpoint),
+		&minio.Options{
+			Creds:  credentials.NewStaticV4(os.Getenv(accessKey), os.Getenv(secretKey), ""),
+			Secure: mustParseBool(os.Getenv(enableHTTPS)),
+		})
+	if err != nil {
+		logError(testName, function, args, startTime, "", "MinIO v2 client object creation failed", err)
+		return
+	}
+	// Generate a new random bucket name.
+	bucketName := randString(60, rand.NewSource(time.Now().UnixNano()), "minio-go-test-")
+
+	sseSrc := encrypt.DefaultPBKDF([]byte("correct horse battery staple"), []byte(bucketName+"srcObject"))
+	sseDst := encrypt.DefaultPBKDF([]byte("correct horse battery staple"), []byte(bucketName+"dstObject"))
+	// c.TraceOn(os.Stderr)
+	testEncryptedCopyObjectWrapper(c, bucketName, sseSrc, sseDst)
+}
+
+// Test encrypted copy object
+func testEncryptedSSECToSSES3CopyObject() {
+	// initialize logging params
+	startTime := time.Now()
+	testName := getFuncName()
+	function := "CopyObject(destination, source)"
+	args := map[string]interface{}{}
+
+	// Instantiate new minio client object
+	c, err := minio.New(os.Getenv(serverEndpoint),
+		&minio.Options{
+			Creds:  credentials.NewStaticV4(os.Getenv(accessKey), os.Getenv(secretKey), ""),
+			Secure: mustParseBool(os.Getenv(enableHTTPS)),
+		})
+	if err != nil {
+		logError(testName, function, args, startTime, "", "MinIO v2 client object creation failed", err)
+		return
+	}
+	// Generate a new random bucket name.
+	bucketName := randString(60, rand.NewSource(time.Now().UnixNano()), "minio-go-test-")
+
+	sseSrc := encrypt.DefaultPBKDF([]byte("correct horse battery staple"), []byte(bucketName+"srcObject"))
+	sseDst := encrypt.NewSSE()
+	// c.TraceOn(os.Stderr)
+	testEncryptedCopyObjectWrapper(c, bucketName, sseSrc, sseDst)
+}
+
+// Test encrypted copy object
+func testEncryptedSSECToUnencryptedCopyObject() {
+	// initialize logging params
+	startTime := time.Now()
+	testName := getFuncName()
+	function := "CopyObject(destination, source)"
+	args := map[string]interface{}{}
+
+	// Instantiate new minio client object
+	c, err := minio.New(os.Getenv(serverEndpoint),
+		&minio.Options{
+			Creds:  credentials.NewStaticV4(os.Getenv(accessKey), os.Getenv(secretKey), ""),
+			Secure: mustParseBool(os.Getenv(enableHTTPS)),
+		})
+	if err != nil {
+		logError(testName, function, args, startTime, "", "MinIO v2 client object creation failed", err)
+		return
+	}
+	// Generate a new random bucket name.
+	bucketName := randString(60, rand.NewSource(time.Now().UnixNano()), "minio-go-test-")
+
+	sseSrc := encrypt.DefaultPBKDF([]byte("correct horse battery staple"), []byte(bucketName+"srcObject"))
+	var sseDst encrypt.ServerSide
+	// c.TraceOn(os.Stderr)
+	testEncryptedCopyObjectWrapper(c, bucketName, sseSrc, sseDst)
+}
+
+// Test encrypted copy object
+func testEncryptedSSES3ToSSECCopyObject() {
+	// initialize logging params
+	startTime := time.Now()
+	testName := getFuncName()
+	function := "CopyObject(destination, source)"
+	args := map[string]interface{}{}
+
+	// Instantiate new minio client object
+	c, err := minio.New(os.Getenv(serverEndpoint),
+		&minio.Options{
+			Creds:  credentials.NewStaticV4(os.Getenv(accessKey), os.Getenv(secretKey), ""),
+			Secure: mustParseBool(os.Getenv(enableHTTPS)),
+		})
+	if err != nil {
+		logError(testName, function, args, startTime, "", "MinIO v2 client object creation failed", err)
+		return
+	}
+	// Generate a new random bucket name.
+	bucketName := randString(60, rand.NewSource(time.Now().UnixNano()), "minio-go-test-")
+
+	sseSrc := encrypt.NewSSE()
+	sseDst := encrypt.DefaultPBKDF([]byte("correct horse battery staple"), []byte(bucketName+"dstObject"))
+	// c.TraceOn(os.Stderr)
+	testEncryptedCopyObjectWrapper(c, bucketName, sseSrc, sseDst)
+}
+
+// Test encrypted copy object
+func testEncryptedSSES3ToSSES3CopyObject() {
+	// initialize logging params
+	startTime := time.Now()
+	testName := getFuncName()
+	function := "CopyObject(destination, source)"
+	args := map[string]interface{}{}
+
+	// Instantiate new minio client object
+	c, err := minio.New(os.Getenv(serverEndpoint),
+		&minio.Options{
+			Creds:  credentials.NewStaticV4(os.Getenv(accessKey), os.Getenv(secretKey), ""),
+			Secure: mustParseBool(os.Getenv(enableHTTPS)),
+		})
+	if err != nil {
+		logError(testName, function, args, startTime, "", "MinIO v2 client object creation failed", err)
+		return
+	}
+	// Generate a new random bucket name.
+	bucketName := randString(60, rand.NewSource(time.Now().UnixNano()), "minio-go-test-")
+
+	sseSrc := encrypt.NewSSE()
+	sseDst := encrypt.NewSSE()
+	// c.TraceOn(os.Stderr)
+	testEncryptedCopyObjectWrapper(c, bucketName, sseSrc, sseDst)
+}
+
+// Test encrypted copy object
+func testEncryptedSSES3ToUnencryptedCopyObject() {
+	// initialize logging params
+	startTime := time.Now()
+	testName := getFuncName()
+	function := "CopyObject(destination, source)"
+	args := map[string]interface{}{}
+
+	// Instantiate new minio client object
+	c, err := minio.New(os.Getenv(serverEndpoint),
+		&minio.Options{
+			Creds:  credentials.NewStaticV4(os.Getenv(accessKey), os.Getenv(secretKey), ""),
+			Secure: mustParseBool(os.Getenv(enableHTTPS)),
+		})
+	if err != nil {
+		logError(testName, function, args, startTime, "", "MinIO v2 client object creation failed", err)
+		return
+	}
+	// Generate a new random bucket name.
+	bucketName := randString(60, rand.NewSource(time.Now().UnixNano()), "minio-go-test-")
+
+	sseSrc := encrypt.NewSSE()
+	var sseDst encrypt.ServerSide
+	// c.TraceOn(os.Stderr)
+	testEncryptedCopyObjectWrapper(c, bucketName, sseSrc, sseDst)
+}
+
+// Test encrypted copy object
+func testEncryptedCopyObjectV2() {
+	// initialize logging params
+	startTime := time.Now()
+	testName := getFuncName()
+	function := "CopyObject(destination, source)"
+	args := map[string]interface{}{}
+
+	// Instantiate new minio client object
+	c, err := minio.New(os.Getenv(serverEndpoint),
+		&minio.Options{
+			Creds:  credentials.NewStaticV2(os.Getenv(accessKey), os.Getenv(secretKey), ""),
+			Secure: mustParseBool(os.Getenv(enableHTTPS)),
+		})
+	if err != nil {
+		logError(testName, function, args, startTime, "", "MinIO v2 client object creation failed", err)
+		return
+	}
+	// Generate a new random bucket name.
+	bucketName := randString(60, rand.NewSource(time.Now().UnixNano()), "minio-go-test-")
+
+	sseSrc := encrypt.DefaultPBKDF([]byte("correct horse battery staple"), []byte(bucketName+"srcObject"))
+	sseDst := encrypt.DefaultPBKDF([]byte("correct horse battery staple"), []byte(bucketName+"dstObject"))
+	// c.TraceOn(os.Stderr)
+	testEncryptedCopyObjectWrapper(c, bucketName, sseSrc, sseDst)
+}
+
+func testDecryptedCopyObject() {
+	// initialize logging params
+	startTime := time.Now()
+	testName := getFuncName()
+	function := "CopyObject(destination, source)"
+	args := map[string]interface{}{}
+
+	// Instantiate new minio client object
+	c, err := minio.New(os.Getenv(serverEndpoint),
+		&minio.Options{
+			Creds:  credentials.NewStaticV4(os.Getenv(accessKey), os.Getenv(secretKey), ""),
+			Secure: mustParseBool(os.Getenv(enableHTTPS)),
+		})
+	if err != nil {
+		logError(testName, function, args, startTime, "", "MinIO v2 client object creation failed", err)
+		return
+	}
+
+	bucketName, objectName := randString(60, rand.NewSource(time.Now().UnixNano()), "minio-go-test-"), "object"
+	if err = c.MakeBucket(context.Background(), bucketName, minio.MakeBucketOptions{Region: "us-east-1"}); err != nil {
+		logError(testName, function, args, startTime, "", "MakeBucket failed", err)
+		return
+	}
+
+	encryption := encrypt.DefaultPBKDF([]byte("correct horse battery staple"), []byte(bucketName+objectName))
+	_, err = c.PutObject(context.Background(), bucketName, objectName, bytes.NewReader(bytes.Repeat([]byte("a"), 1024*1024)), 1024*1024, minio.PutObjectOptions{
+		ServerSideEncryption: encryption,
+	})
+	if err != nil {
+		logError(testName, function, args, startTime, "", "PutObject call failed", err)
+		return
+	}
+
+	src := minio.CopySrcOptions{
+		Bucket:     bucketName,
+		Object:     objectName,
+		Encryption: encrypt.SSECopy(encryption),
+	}
+	args["source"] = src
+
+	dst := minio.CopyDestOptions{
+		Bucket: bucketName,
+		Object: "decrypted-" + objectName,
+	}
+	args["destination"] = dst
+
+	if _, err = c.CopyObject(context.Background(), dst, src); err != nil {
+		logError(testName, function, args, startTime, "", "CopyObject failed", err)
+		return
+	}
+	if _, err = c.GetObject(context.Background(), bucketName, "decrypted-"+objectName, minio.GetObjectOptions{}); err != nil {
+		logError(testName, function, args, startTime, "", "GetObject failed", err)
+		return
+	}
+	successLogger(testName, function, args, startTime).Info()
+}
+
+func testSSECMultipartEncryptedToSSECCopyObjectPart() {
+	// initialize logging params
+	startTime := time.Now()
+	testName := getFuncName()
+	function := "CopyObjectPart(destination, source)"
+	args := map[string]interface{}{}
+
+	// Instantiate new minio client object
+	client, err := minio.New(os.Getenv(serverEndpoint),
+		&minio.Options{
+			Creds:  credentials.NewStaticV4(os.Getenv(accessKey), os.Getenv(secretKey), ""),
+			Secure: mustParseBool(os.Getenv(enableHTTPS)),
+		})
+	if err != nil {
+		logError(testName, function, args, startTime, "", "MinIO v4 client object creation failed", err)
+		return
+	}
+
+	// Instantiate new core client object.
+	c := minio.Core{client}
+
+	// Enable tracing, write to stderr.
+	// c.TraceOn(os.Stderr)
+
+	// Set user agent.
+	c.SetAppInfo("MinIO-go-FunctionalTest", "0.1.0")
+
+	// Generate a new random bucket name.
+	bucketName := randString(60, rand.NewSource(time.Now().UnixNano()), "minio-go-test")
+
+	// Make a new bucket.
+	err = c.MakeBucket(context.Background(), bucketName, minio.MakeBucketOptions{Region: "us-east-1"})
+	if err != nil {
+		logError(testName, function, args, startTime, "", "MakeBucket failed", err)
+		return
+	}
+	defer cleanupBucket(bucketName, client)
+	// Make a buffer with 6MB of data
+	buf := bytes.Repeat([]byte("abcdef"), 1024*1024)
+
+	// Save the data
+	objectName := randString(60, rand.NewSource(time.Now().UnixNano()), "")
+	password := "correct horse battery staple"
+	srcencryption := encrypt.DefaultPBKDF([]byte(password), []byte(bucketName+objectName))
+
+	// Upload a 6MB object using multipart mechanism
+	uploadID, err := c.NewMultipartUpload(context.Background(), bucketName, objectName, minio.PutObjectOptions{ServerSideEncryption: srcencryption})
+	if err != nil {
+		logError(testName, function, args, startTime, "", "NewMultipartUpload call failed", err)
+		return
+	}
+
+	var completeParts []minio.CompletePart
+
+	part, err := c.PutObjectPart(context.Background(), bucketName, objectName, uploadID, 1, bytes.NewReader(buf[:5*1024*1024]), 5*1024*1024, "", "", srcencryption)
+	if err != nil {
+		logError(testName, function, args, startTime, "", "PutObjectPart call failed", err)
+		return
+	}
+	completeParts = append(completeParts, minio.CompletePart{PartNumber: part.PartNumber, ETag: part.ETag})
+
+	part, err = c.PutObjectPart(context.Background(), bucketName, objectName, uploadID, 2, bytes.NewReader(buf[5*1024*1024:]), 1024*1024, "", "", srcencryption)
+	if err != nil {
+		logError(testName, function, args, startTime, "", "PutObjectPart call failed", err)
+		return
+	}
+	completeParts = append(completeParts, minio.CompletePart{PartNumber: part.PartNumber, ETag: part.ETag})
+
+	// Complete the multipart upload
+	_, err = c.CompleteMultipartUpload(context.Background(), bucketName, objectName, uploadID, completeParts, minio.PutObjectOptions{})
+	if err != nil {
+		logError(testName, function, args, startTime, "", "CompleteMultipartUpload call failed", err)
+		return
+	}
+
+	// Stat the object and check its length matches
+	objInfo, err := c.StatObject(context.Background(), bucketName, objectName, minio.StatObjectOptions{ServerSideEncryption: srcencryption})
+	if err != nil {
+		logError(testName, function, args, startTime, "", "StatObject call failed", err)
+		return
+	}
+
+	destBucketName := bucketName
+	destObjectName := objectName + "-dest"
+	dstencryption := encrypt.DefaultPBKDF([]byte(password), []byte(destBucketName+destObjectName))
+
+	uploadID, err = c.NewMultipartUpload(context.Background(), destBucketName, destObjectName, minio.PutObjectOptions{ServerSideEncryption: dstencryption})
+	if err != nil {
+		logError(testName, function, args, startTime, "", "NewMultipartUpload call failed", err)
+		return
+	}
+
+	// Content of the destination object will be two copies of
+	// `objectName` concatenated, followed by first byte of
+	// `objectName`.
+	metadata := make(map[string]string)
+	header := make(http.Header)
+	encrypt.SSECopy(srcencryption).Marshal(header)
+	dstencryption.Marshal(header)
+	for k, v := range header {
+		metadata[k] = v[0]
+	}
+
+	metadata["x-amz-copy-source-if-match"] = objInfo.ETag
+
+	// First of three parts
+	fstPart, err := c.CopyObjectPart(context.Background(), bucketName, objectName, destBucketName, destObjectName, uploadID, 1, 0, -1, metadata)
+	if err != nil {
+		logError(testName, function, args, startTime, "", "CopyObjectPart call failed", err)
+		return
+	}
+
+	// Second of three parts
+	sndPart, err := c.CopyObjectPart(context.Background(), bucketName, objectName, destBucketName, destObjectName, uploadID, 2, 0, -1, metadata)
+	if err != nil {
+		logError(testName, function, args, startTime, "", "CopyObjectPart call failed", err)
+		return
+	}
+
+	// Last of three parts
+	lstPart, err := c.CopyObjectPart(context.Background(), bucketName, objectName, destBucketName, destObjectName, uploadID, 3, 0, 1, metadata)
+	if err != nil {
+		logError(testName, function, args, startTime, "", "CopyObjectPart call failed", err)
+		return
+	}
+
+	// Complete the multipart upload
+	_, err = c.CompleteMultipartUpload(context.Background(), destBucketName, destObjectName, uploadID, []minio.CompletePart{fstPart, sndPart, lstPart}, minio.PutObjectOptions{})
+	if err != nil {
+		logError(testName, function, args, startTime, "", "CompleteMultipartUpload call failed", err)
+		return
+	}
+
+	// Stat the object and check its length matches
+	objInfo, err = c.StatObject(context.Background(), destBucketName, destObjectName, minio.StatObjectOptions{ServerSideEncryption: dstencryption})
+	if err != nil {
+		logError(testName, function, args, startTime, "", "StatObject call failed", err)
+		return
+	}
+
+	if objInfo.Size != (6*1024*1024)*2+1 {
+		logError(testName, function, args, startTime, "", "Destination object has incorrect size!", err)
+		return
+	}
+
+	// Now we read the data back
+	getOpts := minio.GetObjectOptions{ServerSideEncryption: dstencryption}
+	getOpts.SetRange(0, 6*1024*1024-1)
+	r, _, _, err := c.GetObject(context.Background(), destBucketName, destObjectName, getOpts)
+	if err != nil {
+		logError(testName, function, args, startTime, "", "GetObject call failed", err)
+		return
+	}
+	getBuf := make([]byte, 6*1024*1024)
+	_, err = readFull(r, getBuf)
+	if err != nil {
+		logError(testName, function, args, startTime, "", "Read buffer failed", err)
+		return
+	}
+	if !bytes.Equal(getBuf, buf) {
+		logError(testName, function, args, startTime, "", "Got unexpected data in first 6MB", err)
+		return
+	}
+
+	getOpts.SetRange(6*1024*1024, 0)
+	r, _, _, err = c.GetObject(context.Background(), destBucketName, destObjectName, getOpts)
+	if err != nil {
+		logError(testName, function, args, startTime, "", "GetObject call failed", err)
+		return
+	}
+	getBuf = make([]byte, 6*1024*1024+1)
+	_, err = readFull(r, getBuf)
+	if err != nil {
+		logError(testName, function, args, startTime, "", "Read buffer failed", err)
+		return
+	}
+	if !bytes.Equal(getBuf[:6*1024*1024], buf) {
+		logError(testName, function, args, startTime, "", "Got unexpected data in second 6MB", err)
+		return
+	}
+	if getBuf[6*1024*1024] != buf[0] {
+		logError(testName, function, args, startTime, "", "Got unexpected data in last byte of copied object!", err)
+		return
+	}
+
+	successLogger(testName, function, args, startTime).Info()
+
+	// Do not need to remove destBucketName its same as bucketName.
+}
+
+// Test Core CopyObjectPart implementation
+func testSSECEncryptedToSSECCopyObjectPart() {
+	// initialize logging params
+	startTime := time.Now()
+	testName := getFuncName()
+	function := "CopyObjectPart(destination, source)"
+	args := map[string]interface{}{}
+
+	// Instantiate new minio client object
+	client, err := minio.New(os.Getenv(serverEndpoint),
+		&minio.Options{
+			Creds:  credentials.NewStaticV4(os.Getenv(accessKey), os.Getenv(secretKey), ""),
+			Secure: mustParseBool(os.Getenv(enableHTTPS)),
+		})
+	if err != nil {
+		logError(testName, function, args, startTime, "", "MinIO v4 client object creation failed", err)
+		return
+	}
+
+	// Instantiate new core client object.
+	c := minio.Core{client}
+
+	// Enable tracing, write to stderr.
+	// c.TraceOn(os.Stderr)
+
+	// Set user agent.
+	c.SetAppInfo("MinIO-go-FunctionalTest", "0.1.0")
+
+	// Generate a new random bucket name.
+	bucketName := randString(60, rand.NewSource(time.Now().UnixNano()), "minio-go-test")
+
+	// Make a new bucket.
+	err = c.MakeBucket(context.Background(), bucketName, minio.MakeBucketOptions{Region: "us-east-1"})
+	if err != nil {
+		logError(testName, function, args, startTime, "", "MakeBucket failed", err)
+		return
+	}
+	defer cleanupBucket(bucketName, client)
+	// Make a buffer with 5MB of data
+	buf := bytes.Repeat([]byte("abcde"), 1024*1024)
+
+	// Save the data
+	objectName := randString(60, rand.NewSource(time.Now().UnixNano()), "")
+	password := "correct horse battery staple"
+	srcencryption := encrypt.DefaultPBKDF([]byte(password), []byte(bucketName+objectName))
+	putmetadata := map[string]string{
+		"Content-Type": "binary/octet-stream",
+	}
+	opts := minio.PutObjectOptions{
+		UserMetadata:         putmetadata,
+		ServerSideEncryption: srcencryption,
+	}
+	uploadInfo, err := c.PutObject(context.Background(), bucketName, objectName, bytes.NewReader(buf), int64(len(buf)), "", "", opts)
+	if err != nil {
+		logError(testName, function, args, startTime, "", "PutObject call failed", err)
+		return
+	}
+
+	st, err := c.StatObject(context.Background(), bucketName, objectName, minio.StatObjectOptions{ServerSideEncryption: srcencryption})
+	if err != nil {
+		logError(testName, function, args, startTime, "", "StatObject call failed", err)
+		return
+	}
+
+	if st.Size != int64(len(buf)) {
+		logError(testName, function, args, startTime, "", fmt.Sprintf("Error: number of bytes does not match, want %v, got %v\n", len(buf), st.Size), err)
+		return
+	}
+
+	destBucketName := bucketName
+	destObjectName := objectName + "-dest"
+	dstencryption := encrypt.DefaultPBKDF([]byte(password), []byte(destBucketName+destObjectName))
+
+	uploadID, err := c.NewMultipartUpload(context.Background(), destBucketName, destObjectName, minio.PutObjectOptions{ServerSideEncryption: dstencryption})
+	if err != nil {
+		logError(testName, function, args, startTime, "", "NewMultipartUpload call failed", err)
+		return
+	}
+
+	// Content of the destination object will be two copies of
+	// `objectName` concatenated, followed by first byte of
+	// `objectName`.
+	metadata := make(map[string]string)
+	header := make(http.Header)
+	encrypt.SSECopy(srcencryption).Marshal(header)
+	dstencryption.Marshal(header)
+	for k, v := range header {
+		metadata[k] = v[0]
+	}
+
+	metadata["x-amz-copy-source-if-match"] = uploadInfo.ETag
+
+	// First of three parts
+	fstPart, err := c.CopyObjectPart(context.Background(), bucketName, objectName, destBucketName, destObjectName, uploadID, 1, 0, -1, metadata)
+	if err != nil {
+		logError(testName, function, args, startTime, "", "CopyObjectPart call failed", err)
+		return
+	}
+
+	// Second of three parts
+	sndPart, err := c.CopyObjectPart(context.Background(), bucketName, objectName, destBucketName, destObjectName, uploadID, 2, 0, -1, metadata)
+	if err != nil {
+		logError(testName, function, args, startTime, "", "CopyObjectPart call failed", err)
+		return
+	}
+
+	// Last of three parts
+	lstPart, err := c.CopyObjectPart(context.Background(), bucketName, objectName, destBucketName, destObjectName, uploadID, 3, 0, 1, metadata)
+	if err != nil {
+		logError(testName, function, args, startTime, "", "CopyObjectPart call failed", err)
+		return
+	}
+
+	// Complete the multipart upload
+	_, err = c.CompleteMultipartUpload(context.Background(), destBucketName, destObjectName, uploadID, []minio.CompletePart{fstPart, sndPart, lstPart}, minio.PutObjectOptions{})
+	if err != nil {
+		logError(testName, function, args, startTime, "", "CompleteMultipartUpload call failed", err)
+		return
+	}
+
+	// Stat the object and check its length matches
+	objInfo, err := c.StatObject(context.Background(), destBucketName, destObjectName, minio.StatObjectOptions{ServerSideEncryption: dstencryption})
+	if err != nil {
+		logError(testName, function, args, startTime, "", "StatObject call failed", err)
+		return
+	}
+
+	if objInfo.Size != (5*1024*1024)*2+1 {
+		logError(testName, function, args, startTime, "", "Destination object has incorrect size!", err)
+		return
+	}
+
+	// Now we read the data back
+	getOpts := minio.GetObjectOptions{ServerSideEncryption: dstencryption}
+	getOpts.SetRange(0, 5*1024*1024-1)
+	r, _, _, err := c.GetObject(context.Background(), destBucketName, destObjectName, getOpts)
+	if err != nil {
+		logError(testName, function, args, startTime, "", "GetObject call failed", err)
+		return
+	}
+	getBuf := make([]byte, 5*1024*1024)
+	_, err = readFull(r, getBuf)
+	if err != nil {
+		logError(testName, function, args, startTime, "", "Read buffer failed", err)
+		return
+	}
+	if !bytes.Equal(getBuf, buf) {
+		logError(testName, function, args, startTime, "", "Got unexpected data in first 5MB", err)
+		return
+	}
+
+	getOpts.SetRange(5*1024*1024, 0)
+	r, _, _, err = c.GetObject(context.Background(), destBucketName, destObjectName, getOpts)
+	if err != nil {
+		logError(testName, function, args, startTime, "", "GetObject call failed", err)
+		return
+	}
+	getBuf = make([]byte, 5*1024*1024+1)
+	_, err = readFull(r, getBuf)
+	if err != nil {
+		logError(testName, function, args, startTime, "", "Read buffer failed", err)
+		return
+	}
+	if !bytes.Equal(getBuf[:5*1024*1024], buf) {
+		logError(testName, function, args, startTime, "", "Got unexpected data in second 5MB", err)
+		return
+	}
+	if getBuf[5*1024*1024] != buf[0] {
+		logError(testName, function, args, startTime, "", "Got unexpected data in last byte of copied object!", err)
+		return
+	}
+
+	successLogger(testName, function, args, startTime).Info()
+
+	// Do not need to remove destBucketName its same as bucketName.
+}
+
+// Test Core CopyObjectPart implementation for SSEC encrypted to unencrypted copy
+func testSSECEncryptedToUnencryptedCopyPart() {
+	// initialize logging params
+	startTime := time.Now()
+	testName := getFuncName()
+	function := "CopyObjectPart(destination, source)"
+	args := map[string]interface{}{}
+
+	// Instantiate new minio client object
+	client, err := minio.New(os.Getenv(serverEndpoint),
+		&minio.Options{
+			Creds:  credentials.NewStaticV4(os.Getenv(accessKey), os.Getenv(secretKey), ""),
+			Secure: mustParseBool(os.Getenv(enableHTTPS)),
+		})
+	if err != nil {
+		logError(testName, function, args, startTime, "", "MinIO v4 client object creation failed", err)
+		return
+	}
+
+	// Instantiate new core client object.
+	c := minio.Core{client}
+
+	// Enable tracing, write to stderr.
+	// c.TraceOn(os.Stderr)
+
+	// Set user agent.
+	c.SetAppInfo("MinIO-go-FunctionalTest", "0.1.0")
+
+	// Generate a new random bucket name.
+	bucketName := randString(60, rand.NewSource(time.Now().UnixNano()), "minio-go-test")
+
+	// Make a new bucket.
+	err = c.MakeBucket(context.Background(), bucketName, minio.MakeBucketOptions{Region: "us-east-1"})
+	if err != nil {
+		logError(testName, function, args, startTime, "", "MakeBucket failed", err)
+		return
+	}
+	defer cleanupBucket(bucketName, client)
+	// Make a buffer with 5MB of data
+	buf := bytes.Repeat([]byte("abcde"), 1024*1024)
+
+	// Save the data
+	objectName := randString(60, rand.NewSource(time.Now().UnixNano()), "")
+	password := "correct horse battery staple"
+	srcencryption := encrypt.DefaultPBKDF([]byte(password), []byte(bucketName+objectName))
+
+	opts := minio.PutObjectOptions{
+		UserMetadata: map[string]string{
+			"Content-Type": "binary/octet-stream",
+		},
+		ServerSideEncryption: srcencryption,
+	}
+	uploadInfo, err := c.PutObject(context.Background(), bucketName, objectName, bytes.NewReader(buf), int64(len(buf)), "", "", opts)
+	if err != nil {
+		logError(testName, function, args, startTime, "", "PutObject call failed", err)
+		return
+	}
+
+	st, err := c.StatObject(context.Background(), bucketName, objectName, minio.StatObjectOptions{ServerSideEncryption: srcencryption})
+	if err != nil {
+		logError(testName, function, args, startTime, "", "StatObject call failed", err)
+		return
+	}
+
+	if st.Size != int64(len(buf)) {
+		logError(testName, function, args, startTime, "", fmt.Sprintf("Error: number of bytes does not match, want %v, got %v\n", len(buf), st.Size), err)
+		return
+	}
+
+	destBucketName := bucketName
+	destObjectName := objectName + "-dest"
+	var dstencryption encrypt.ServerSide
+
+	uploadID, err := c.NewMultipartUpload(context.Background(), destBucketName, destObjectName, minio.PutObjectOptions{ServerSideEncryption: dstencryption})
+	if err != nil {
+		logError(testName, function, args, startTime, "", "NewMultipartUpload call failed", err)
+		return
+	}
+
+	// Content of the destination object will be two copies of
+	// `objectName` concatenated, followed by first byte of
+	// `objectName`.
+	metadata := make(map[string]string)
+	header := make(http.Header)
+	encrypt.SSECopy(srcencryption).Marshal(header)
+	for k, v := range header {
+		metadata[k] = v[0]
+	}
+
+	metadata["x-amz-copy-source-if-match"] = uploadInfo.ETag
+
+	// First of three parts
+	fstPart, err := c.CopyObjectPart(context.Background(), bucketName, objectName, destBucketName, destObjectName, uploadID, 1, 0, -1, metadata)
+	if err != nil {
+		logError(testName, function, args, startTime, "", "CopyObjectPart call failed", err)
+		return
+	}
+
+	// Second of three parts
+	sndPart, err := c.CopyObjectPart(context.Background(), bucketName, objectName, destBucketName, destObjectName, uploadID, 2, 0, -1, metadata)
+	if err != nil {
+		logError(testName, function, args, startTime, "", "CopyObjectPart call failed", err)
+		return
+	}
+
+	// Last of three parts
+	lstPart, err := c.CopyObjectPart(context.Background(), bucketName, objectName, destBucketName, destObjectName, uploadID, 3, 0, 1, metadata)
+	if err != nil {
+		logError(testName, function, args, startTime, "", "CopyObjectPart call failed", err)
+		return
+	}
+
+	// Complete the multipart upload
+	_, err = c.CompleteMultipartUpload(context.Background(), destBucketName, destObjectName, uploadID, []minio.CompletePart{fstPart, sndPart, lstPart}, minio.PutObjectOptions{})
+	if err != nil {
+		logError(testName, function, args, startTime, "", "CompleteMultipartUpload call failed", err)
+		return
+	}
+
+	// Stat the object and check its length matches
+	objInfo, err := c.StatObject(context.Background(), destBucketName, destObjectName, minio.StatObjectOptions{})
+	if err != nil {
+		logError(testName, function, args, startTime, "", "StatObject call failed", err)
+		return
+	}
+
+	if objInfo.Size != (5*1024*1024)*2+1 {
+		logError(testName, function, args, startTime, "", "Destination object has incorrect size!", err)
+		return
+	}
+
+	// Now we read the data back
+	getOpts := minio.GetObjectOptions{}
+	getOpts.SetRange(0, 5*1024*1024-1)
+	r, _, _, err := c.GetObject(context.Background(), destBucketName, destObjectName, getOpts)
+	if err != nil {
+		logError(testName, function, args, startTime, "", "GetObject call failed", err)
+		return
+	}
+	getBuf := make([]byte, 5*1024*1024)
+	_, err = readFull(r, getBuf)
+	if err != nil {
+		logError(testName, function, args, startTime, "", "Read buffer failed", err)
+		return
+	}
+	if !bytes.Equal(getBuf, buf) {
+		logError(testName, function, args, startTime, "", "Got unexpected data in first 5MB", err)
+		return
+	}
+
+	getOpts.SetRange(5*1024*1024, 0)
+	r, _, _, err = c.GetObject(context.Background(), destBucketName, destObjectName, getOpts)
+	if err != nil {
+		logError(testName, function, args, startTime, "", "GetObject call failed", err)
+		return
+	}
+	getBuf = make([]byte, 5*1024*1024+1)
+	_, err = readFull(r, getBuf)
+	if err != nil {
+		logError(testName, function, args, startTime, "", "Read buffer failed", err)
+		return
+	}
+	if !bytes.Equal(getBuf[:5*1024*1024], buf) {
+		logError(testName, function, args, startTime, "", "Got unexpected data in second 5MB", err)
+		return
+	}
+	if getBuf[5*1024*1024] != buf[0] {
+		logError(testName, function, args, startTime, "", "Got unexpected data in last byte of copied object!", err)
+		return
+	}
+
+	successLogger(testName, function, args, startTime).Info()
+
+	// Do not need to remove destBucketName its same as bucketName.
+}
+
+// Test Core CopyObjectPart implementation for SSEC encrypted to SSE-S3 encrypted copy
+func testSSECEncryptedToSSES3CopyObjectPart() {
+	// initialize logging params
+	startTime := time.Now()
+	testName := getFuncName()
+	function := "CopyObjectPart(destination, source)"
+	args := map[string]interface{}{}
+
+	// Instantiate new minio client object
+	client, err := minio.New(os.Getenv(serverEndpoint),
+		&minio.Options{
+			Creds:  credentials.NewStaticV4(os.Getenv(accessKey), os.Getenv(secretKey), ""),
+			Secure: mustParseBool(os.Getenv(enableHTTPS)),
+		})
+	if err != nil {
+		logError(testName, function, args, startTime, "", "MinIO v4 client object creation failed", err)
+		return
+	}
+
+	// Instantiate new core client object.
+	c := minio.Core{client}
+
+	// Enable tracing, write to stderr.
+	// c.TraceOn(os.Stderr)
+
+	// Set user agent.
+	c.SetAppInfo("MinIO-go-FunctionalTest", "0.1.0")
+
+	// Generate a new random bucket name.
+	bucketName := randString(60, rand.NewSource(time.Now().UnixNano()), "minio-go-test")
+
+	// Make a new bucket.
+	err = c.MakeBucket(context.Background(), bucketName, minio.MakeBucketOptions{Region: "us-east-1"})
+	if err != nil {
+		logError(testName, function, args, startTime, "", "MakeBucket failed", err)
+		return
+	}
+	defer cleanupBucket(bucketName, client)
+	// Make a buffer with 5MB of data
+	buf := bytes.Repeat([]byte("abcde"), 1024*1024)
+
+	// Save the data
+	objectName := randString(60, rand.NewSource(time.Now().UnixNano()), "")
+	password := "correct horse battery staple"
+	srcencryption := encrypt.DefaultPBKDF([]byte(password), []byte(bucketName+objectName))
+	putmetadata := map[string]string{
+		"Content-Type": "binary/octet-stream",
+	}
+	opts := minio.PutObjectOptions{
+		UserMetadata:         putmetadata,
+		ServerSideEncryption: srcencryption,
+	}
+
+	uploadInfo, err := c.PutObject(context.Background(), bucketName, objectName, bytes.NewReader(buf), int64(len(buf)), "", "", opts)
+	if err != nil {
+		logError(testName, function, args, startTime, "", "PutObject call failed", err)
+		return
+	}
+
+	st, err := c.StatObject(context.Background(), bucketName, objectName, minio.StatObjectOptions{ServerSideEncryption: srcencryption})
+	if err != nil {
+		logError(testName, function, args, startTime, "", "StatObject call failed", err)
+		return
+	}
+
+	if st.Size != int64(len(buf)) {
+		logError(testName, function, args, startTime, "", fmt.Sprintf("Error: number of bytes does not match, want %v, got %v\n", len(buf), st.Size), err)
+		return
+	}
+
+	destBucketName := bucketName
+	destObjectName := objectName + "-dest"
+	dstencryption := encrypt.NewSSE()
+
+	uploadID, err := c.NewMultipartUpload(context.Background(), destBucketName, destObjectName, minio.PutObjectOptions{ServerSideEncryption: dstencryption})
+	if err != nil {
+		logError(testName, function, args, startTime, "", "NewMultipartUpload call failed", err)
+		return
+	}
+
+	// Content of the destination object will be two copies of
+	// `objectName` concatenated, followed by first byte of
+	// `objectName`.
+	metadata := make(map[string]string)
+	header := make(http.Header)
+	encrypt.SSECopy(srcencryption).Marshal(header)
+	dstencryption.Marshal(header)
+
+	for k, v := range header {
+		metadata[k] = v[0]
+	}
+
+	metadata["x-amz-copy-source-if-match"] = uploadInfo.ETag
+
+	// First of three parts
+	fstPart, err := c.CopyObjectPart(context.Background(), bucketName, objectName, destBucketName, destObjectName, uploadID, 1, 0, -1, metadata)
+	if err != nil {
+		logError(testName, function, args, startTime, "", "CopyObjectPart call failed", err)
+		return
+	}
+
+	// Second of three parts
+	sndPart, err := c.CopyObjectPart(context.Background(), bucketName, objectName, destBucketName, destObjectName, uploadID, 2, 0, -1, metadata)
+	if err != nil {
+		logError(testName, function, args, startTime, "", "CopyObjectPart call failed", err)
+		return
+	}
+
+	// Last of three parts
+	lstPart, err := c.CopyObjectPart(context.Background(), bucketName, objectName, destBucketName, destObjectName, uploadID, 3, 0, 1, metadata)
+	if err != nil {
+		logError(testName, function, args, startTime, "", "CopyObjectPart call failed", err)
+		return
+	}
+
+	// Complete the multipart upload
+	_, err = c.CompleteMultipartUpload(context.Background(), destBucketName, destObjectName, uploadID, []minio.CompletePart{fstPart, sndPart, lstPart}, minio.PutObjectOptions{})
+	if err != nil {
+		logError(testName, function, args, startTime, "", "CompleteMultipartUpload call failed", err)
+		return
+	}
+
+	// Stat the object and check its length matches
+	objInfo, err := c.StatObject(context.Background(), destBucketName, destObjectName, minio.StatObjectOptions{})
+	if err != nil {
+		logError(testName, function, args, startTime, "", "StatObject call failed", err)
+		return
+	}
+
+	if objInfo.Size != (5*1024*1024)*2+1 {
+		logError(testName, function, args, startTime, "", "Destination object has incorrect size!", err)
+		return
+	}
+
+	// Now we read the data back
+	getOpts := minio.GetObjectOptions{}
+	getOpts.SetRange(0, 5*1024*1024-1)
+	r, _, _, err := c.GetObject(context.Background(), destBucketName, destObjectName, getOpts)
+	if err != nil {
+		logError(testName, function, args, startTime, "", "GetObject call failed", err)
+		return
+	}
+	getBuf := make([]byte, 5*1024*1024)
+	_, err = readFull(r, getBuf)
+	if err != nil {
+		logError(testName, function, args, startTime, "", "Read buffer failed", err)
+		return
+	}
+	if !bytes.Equal(getBuf, buf) {
+		logError(testName, function, args, startTime, "", "Got unexpected data in first 5MB", err)
+		return
+	}
+
+	getOpts.SetRange(5*1024*1024, 0)
+	r, _, _, err = c.GetObject(context.Background(), destBucketName, destObjectName, getOpts)
+	if err != nil {
+		logError(testName, function, args, startTime, "", "GetObject call failed", err)
+		return
+	}
+	getBuf = make([]byte, 5*1024*1024+1)
+	_, err = readFull(r, getBuf)
+	if err != nil {
+		logError(testName, function, args, startTime, "", "Read buffer failed", err)
+		return
+	}
+	if !bytes.Equal(getBuf[:5*1024*1024], buf) {
+		logError(testName, function, args, startTime, "", "Got unexpected data in second 5MB", err)
+		return
+	}
+	if getBuf[5*1024*1024] != buf[0] {
+		logError(testName, function, args, startTime, "", "Got unexpected data in last byte of copied object!", err)
+		return
+	}
+
+	successLogger(testName, function, args, startTime).Info()
+
+	// Do not need to remove destBucketName its same as bucketName.
+}
+
+// Test Core CopyObjectPart implementation for unencrypted to SSEC encryption copy part
+func testUnencryptedToSSECCopyObjectPart() {
+	// initialize logging params
+	startTime := time.Now()
+	testName := getFuncName()
+	function := "CopyObjectPart(destination, source)"
+	args := map[string]interface{}{}
+
+	// Instantiate new minio client object
+	client, err := minio.New(os.Getenv(serverEndpoint),
+		&minio.Options{
+			Creds:  credentials.NewStaticV4(os.Getenv(accessKey), os.Getenv(secretKey), ""),
+			Secure: mustParseBool(os.Getenv(enableHTTPS)),
+		})
+	if err != nil {
+		logError(testName, function, args, startTime, "", "MinIO v4 client object creation failed", err)
+		return
+	}
+
+	// Instantiate new core client object.
+	c := minio.Core{client}
+
+	// Enable tracing, write to stderr.
+	// c.TraceOn(os.Stderr)
+
+	// Set user agent.
+	c.SetAppInfo("MinIO-go-FunctionalTest", "0.1.0")
+
+	// Generate a new random bucket name.
+	bucketName := randString(60, rand.NewSource(time.Now().UnixNano()), "minio-go-test")
+
+	// Make a new bucket.
+	err = c.MakeBucket(context.Background(), bucketName, minio.MakeBucketOptions{Region: "us-east-1"})
+	if err != nil {
+		logError(testName, function, args, startTime, "", "MakeBucket failed", err)
+		return
+	}
+	defer cleanupBucket(bucketName, client)
+	// Make a buffer with 5MB of data
+	buf := bytes.Repeat([]byte("abcde"), 1024*1024)
+
+	// Save the data
+	objectName := randString(60, rand.NewSource(time.Now().UnixNano()), "")
+	password := "correct horse battery staple"
+	putmetadata := map[string]string{
+		"Content-Type": "binary/octet-stream",
+	}
+	opts := minio.PutObjectOptions{
+		UserMetadata: putmetadata,
+	}
+	uploadInfo, err := c.PutObject(context.Background(), bucketName, objectName, bytes.NewReader(buf), int64(len(buf)), "", "", opts)
+	if err != nil {
+		logError(testName, function, args, startTime, "", "PutObject call failed", err)
+		return
+	}
+
+	st, err := c.StatObject(context.Background(), bucketName, objectName, minio.StatObjectOptions{})
+	if err != nil {
+		logError(testName, function, args, startTime, "", "StatObject call failed", err)
+		return
+	}
+
+	if st.Size != int64(len(buf)) {
+		logError(testName, function, args, startTime, "", fmt.Sprintf("Error: number of bytes does not match, want %v, got %v\n", len(buf), st.Size), err)
+		return
+	}
+
+	destBucketName := bucketName
+	destObjectName := objectName + "-dest"
+	dstencryption := encrypt.DefaultPBKDF([]byte(password), []byte(destBucketName+destObjectName))
+
+	uploadID, err := c.NewMultipartUpload(context.Background(), destBucketName, destObjectName, minio.PutObjectOptions{ServerSideEncryption: dstencryption})
+	if err != nil {
+		logError(testName, function, args, startTime, "", "NewMultipartUpload call failed", err)
+		return
+	}
+
+	// Content of the destination object will be two copies of
+	// `objectName` concatenated, followed by first byte of
+	// `objectName`.
+	metadata := make(map[string]string)
+	header := make(http.Header)
+	dstencryption.Marshal(header)
+	for k, v := range header {
+		metadata[k] = v[0]
+	}
+
+	metadata["x-amz-copy-source-if-match"] = uploadInfo.ETag
+
+	// First of three parts
+	fstPart, err := c.CopyObjectPart(context.Background(), bucketName, objectName, destBucketName, destObjectName, uploadID, 1, 0, -1, metadata)
+	if err != nil {
+		logError(testName, function, args, startTime, "", "CopyObjectPart call failed", err)
+		return
+	}
+
+	// Second of three parts
+	sndPart, err := c.CopyObjectPart(context.Background(), bucketName, objectName, destBucketName, destObjectName, uploadID, 2, 0, -1, metadata)
+	if err != nil {
+		logError(testName, function, args, startTime, "", "CopyObjectPart call failed", err)
+		return
+	}
+
+	// Last of three parts
+	lstPart, err := c.CopyObjectPart(context.Background(), bucketName, objectName, destBucketName, destObjectName, uploadID, 3, 0, 1, metadata)
+	if err != nil {
+		logError(testName, function, args, startTime, "", "CopyObjectPart call failed", err)
+		return
+	}
+
+	// Complete the multipart upload
+	_, err = c.CompleteMultipartUpload(context.Background(), destBucketName, destObjectName, uploadID, []minio.CompletePart{fstPart, sndPart, lstPart}, minio.PutObjectOptions{})
+	if err != nil {
+		logError(testName, function, args, startTime, "", "CompleteMultipartUpload call failed", err)
+		return
+	}
+
+	// Stat the object and check its length matches
+	objInfo, err := c.StatObject(context.Background(), destBucketName, destObjectName, minio.StatObjectOptions{ServerSideEncryption: dstencryption})
+	if err != nil {
+		logError(testName, function, args, startTime, "", "StatObject call failed", err)
+		return
+	}
+
+	if objInfo.Size != (5*1024*1024)*2+1 {
+		logError(testName, function, args, startTime, "", "Destination object has incorrect size!", err)
+		return
+	}
+
+	// Now we read the data back
+	getOpts := minio.GetObjectOptions{ServerSideEncryption: dstencryption}
+	getOpts.SetRange(0, 5*1024*1024-1)
+	r, _, _, err := c.GetObject(context.Background(), destBucketName, destObjectName, getOpts)
+	if err != nil {
+		logError(testName, function, args, startTime, "", "GetObject call failed", err)
+		return
+	}
+	getBuf := make([]byte, 5*1024*1024)
+	_, err = readFull(r, getBuf)
+	if err != nil {
+		logError(testName, function, args, startTime, "", "Read buffer failed", err)
+		return
+	}
+	if !bytes.Equal(getBuf, buf) {
+		logError(testName, function, args, startTime, "", "Got unexpected data in first 5MB", err)
+		return
+	}
+
+	getOpts.SetRange(5*1024*1024, 0)
+	r, _, _, err = c.GetObject(context.Background(), destBucketName, destObjectName, getOpts)
+	if err != nil {
+		logError(testName, function, args, startTime, "", "GetObject call failed", err)
+		return
+	}
+	getBuf = make([]byte, 5*1024*1024+1)
+	_, err = readFull(r, getBuf)
+	if err != nil {
+		logError(testName, function, args, startTime, "", "Read buffer failed", err)
+		return
+	}
+	if !bytes.Equal(getBuf[:5*1024*1024], buf) {
+		logError(testName, function, args, startTime, "", "Got unexpected data in second 5MB", err)
+		return
+	}
+	if getBuf[5*1024*1024] != buf[0] {
+		logError(testName, function, args, startTime, "", "Got unexpected data in last byte of copied object!", err)
+		return
+	}
+
+	successLogger(testName, function, args, startTime).Info()
+
+	// Do not need to remove destBucketName its same as bucketName.
+}
+
+// Test Core CopyObjectPart implementation for unencrypted to unencrypted copy
+func testUnencryptedToUnencryptedCopyPart() {
+	// initialize logging params
+	startTime := time.Now()
+	testName := getFuncName()
+	function := "CopyObjectPart(destination, source)"
+	args := map[string]interface{}{}
+
+	// Instantiate new minio client object
+	client, err := minio.New(os.Getenv(serverEndpoint),
+		&minio.Options{
+			Creds:  credentials.NewStaticV4(os.Getenv(accessKey), os.Getenv(secretKey), ""),
+			Secure: mustParseBool(os.Getenv(enableHTTPS)),
+		})
+	if err != nil {
+		logError(testName, function, args, startTime, "", "MinIO v4 client object creation failed", err)
+		return
+	}
+
+	// Instantiate new core client object.
+	c := minio.Core{client}
+
+	// Enable tracing, write to stderr.
+	// c.TraceOn(os.Stderr)
+
+	// Set user agent.
+	c.SetAppInfo("MinIO-go-FunctionalTest", "0.1.0")
+
+	// Generate a new random bucket name.
+	bucketName := randString(60, rand.NewSource(time.Now().UnixNano()), "minio-go-test")
+
+	// Make a new bucket.
+	err = c.MakeBucket(context.Background(), bucketName, minio.MakeBucketOptions{Region: "us-east-1"})
+	if err != nil {
+		logError(testName, function, args, startTime, "", "MakeBucket failed", err)
+		return
+	}
+	defer cleanupBucket(bucketName, client)
+	// Make a buffer with 5MB of data
+	buf := bytes.Repeat([]byte("abcde"), 1024*1024)
+
+	// Save the data
+	objectName := randString(60, rand.NewSource(time.Now().UnixNano()), "")
+	putmetadata := map[string]string{
+		"Content-Type": "binary/octet-stream",
+	}
+	opts := minio.PutObjectOptions{
+		UserMetadata: putmetadata,
+	}
+	uploadInfo, err := c.PutObject(context.Background(), bucketName, objectName, bytes.NewReader(buf), int64(len(buf)), "", "", opts)
+	if err != nil {
+		logError(testName, function, args, startTime, "", "PutObject call failed", err)
+		return
+	}
+	st, err := c.StatObject(context.Background(), bucketName, objectName, minio.StatObjectOptions{})
+	if err != nil {
+		logError(testName, function, args, startTime, "", "StatObject call failed", err)
+		return
+	}
+
+	if st.Size != int64(len(buf)) {
+		logError(testName, function, args, startTime, "", fmt.Sprintf("Error: number of bytes does not match, want %v, got %v\n", len(buf), st.Size), err)
+		return
+	}
+
+	destBucketName := bucketName
+	destObjectName := objectName + "-dest"
+
+	uploadID, err := c.NewMultipartUpload(context.Background(), destBucketName, destObjectName, minio.PutObjectOptions{})
+	if err != nil {
+		logError(testName, function, args, startTime, "", "NewMultipartUpload call failed", err)
+		return
+	}
+
+	// Content of the destination object will be two copies of
+	// `objectName` concatenated, followed by first byte of
+	// `objectName`.
+	metadata := make(map[string]string)
+	header := make(http.Header)
+	for k, v := range header {
+		metadata[k] = v[0]
+	}
+
+	metadata["x-amz-copy-source-if-match"] = uploadInfo.ETag
+
+	// First of three parts
+	fstPart, err := c.CopyObjectPart(context.Background(), bucketName, objectName, destBucketName, destObjectName, uploadID, 1, 0, -1, metadata)
+	if err != nil {
+		logError(testName, function, args, startTime, "", "CopyObjectPart call failed", err)
+		return
+	}
+
+	// Second of three parts
+	sndPart, err := c.CopyObjectPart(context.Background(), bucketName, objectName, destBucketName, destObjectName, uploadID, 2, 0, -1, metadata)
+	if err != nil {
+		logError(testName, function, args, startTime, "", "CopyObjectPart call failed", err)
+		return
+	}
+
+	// Last of three parts
+	lstPart, err := c.CopyObjectPart(context.Background(), bucketName, objectName, destBucketName, destObjectName, uploadID, 3, 0, 1, metadata)
+	if err != nil {
+		logError(testName, function, args, startTime, "", "CopyObjectPart call failed", err)
+		return
+	}
+
+	// Complete the multipart upload
+	_, err = c.CompleteMultipartUpload(context.Background(), destBucketName, destObjectName, uploadID, []minio.CompletePart{fstPart, sndPart, lstPart}, minio.PutObjectOptions{})
+	if err != nil {
+		logError(testName, function, args, startTime, "", "CompleteMultipartUpload call failed", err)
+		return
+	}
+
+	// Stat the object and check its length matches
+	objInfo, err := c.StatObject(context.Background(), destBucketName, destObjectName, minio.StatObjectOptions{})
+	if err != nil {
+		logError(testName, function, args, startTime, "", "StatObject call failed", err)
+		return
+	}
+
+	if objInfo.Size != (5*1024*1024)*2+1 {
+		logError(testName, function, args, startTime, "", "Destination object has incorrect size!", err)
+		return
+	}
+
+	// Now we read the data back
+	getOpts := minio.GetObjectOptions{}
+	getOpts.SetRange(0, 5*1024*1024-1)
+	r, _, _, err := c.GetObject(context.Background(), destBucketName, destObjectName, getOpts)
+	if err != nil {
+		logError(testName, function, args, startTime, "", "GetObject call failed", err)
+		return
+	}
+	getBuf := make([]byte, 5*1024*1024)
+	_, err = readFull(r, getBuf)
+	if err != nil {
+		logError(testName, function, args, startTime, "", "Read buffer failed", err)
+		return
+	}
+	if !bytes.Equal(getBuf, buf) {
+		logError(testName, function, args, startTime, "", "Got unexpected data in first 5MB", err)
+		return
+	}
+
+	getOpts.SetRange(5*1024*1024, 0)
+	r, _, _, err = c.GetObject(context.Background(), destBucketName, destObjectName, getOpts)
+	if err != nil {
+		logError(testName, function, args, startTime, "", "GetObject call failed", err)
+		return
+	}
+	getBuf = make([]byte, 5*1024*1024+1)
+	_, err = readFull(r, getBuf)
+	if err != nil {
+		logError(testName, function, args, startTime, "", "Read buffer failed", err)
+		return
+	}
+	if !bytes.Equal(getBuf[:5*1024*1024], buf) {
+		logError(testName, function, args, startTime, "", "Got unexpected data in second 5MB", err)
+		return
+	}
+	if getBuf[5*1024*1024] != buf[0] {
+		logError(testName, function, args, startTime, "", "Got unexpected data in last byte of copied object!", err)
+		return
+	}
+
+	successLogger(testName, function, args, startTime).Info()
+
+	// Do not need to remove destBucketName its same as bucketName.
+}
+
+// Test Core CopyObjectPart implementation for unencrypted to SSE-S3 encrypted copy
+func testUnencryptedToSSES3CopyObjectPart() {
+	// initialize logging params
+	startTime := time.Now()
+	testName := getFuncName()
+	function := "CopyObjectPart(destination, source)"
+	args := map[string]interface{}{}
+
+	// Instantiate new minio client object
+	client, err := minio.New(os.Getenv(serverEndpoint),
+		&minio.Options{
+			Creds:  credentials.NewStaticV4(os.Getenv(accessKey), os.Getenv(secretKey), ""),
+			Secure: mustParseBool(os.Getenv(enableHTTPS)),
+		})
+	if err != nil {
+		logError(testName, function, args, startTime, "", "MinIO v4 client object creation failed", err)
+		return
+	}
+
+	// Instantiate new core client object.
+	c := minio.Core{client}
+
+	// Enable tracing, write to stderr.
+	// c.TraceOn(os.Stderr)
+
+	// Set user agent.
+	c.SetAppInfo("MinIO-go-FunctionalTest", "0.1.0")
+
+	// Generate a new random bucket name.
+	bucketName := randString(60, rand.NewSource(time.Now().UnixNano()), "minio-go-test")
+
+	// Make a new bucket.
+	err = c.MakeBucket(context.Background(), bucketName, minio.MakeBucketOptions{Region: "us-east-1"})
+	if err != nil {
+		logError(testName, function, args, startTime, "", "MakeBucket failed", err)
+		return
+	}
+	defer cleanupBucket(bucketName, client)
+	// Make a buffer with 5MB of data
+	buf := bytes.Repeat([]byte("abcde"), 1024*1024)
+
+	// Save the data
+	objectName := randString(60, rand.NewSource(time.Now().UnixNano()), "")
+	opts := minio.PutObjectOptions{
+		UserMetadata: map[string]string{
+			"Content-Type": "binary/octet-stream",
+		},
+	}
+	uploadInfo, err := c.PutObject(context.Background(), bucketName, objectName, bytes.NewReader(buf), int64(len(buf)), "", "", opts)
+	if err != nil {
+		logError(testName, function, args, startTime, "", "PutObject call failed", err)
+		return
+	}
+	st, err := c.StatObject(context.Background(), bucketName, objectName, minio.StatObjectOptions{})
+	if err != nil {
+		logError(testName, function, args, startTime, "", "StatObject call failed", err)
+		return
+	}
+
+	if st.Size != int64(len(buf)) {
+		logError(testName, function, args, startTime, "", fmt.Sprintf("Error: number of bytes does not match, want %v, got %v\n", len(buf), st.Size), err)
+		return
+	}
+
+	destBucketName := bucketName
+	destObjectName := objectName + "-dest"
+	dstencryption := encrypt.NewSSE()
+
+	uploadID, err := c.NewMultipartUpload(context.Background(), destBucketName, destObjectName, minio.PutObjectOptions{ServerSideEncryption: dstencryption})
+	if err != nil {
+		logError(testName, function, args, startTime, "", "NewMultipartUpload call failed", err)
+		return
+	}
+
+	// Content of the destination object will be two copies of
+	// `objectName` concatenated, followed by first byte of
+	// `objectName`.
+	metadata := make(map[string]string)
+	header := make(http.Header)
+	dstencryption.Marshal(header)
+
+	for k, v := range header {
+		metadata[k] = v[0]
+	}
+
+	metadata["x-amz-copy-source-if-match"] = uploadInfo.ETag
+
+	// First of three parts
+	fstPart, err := c.CopyObjectPart(context.Background(), bucketName, objectName, destBucketName, destObjectName, uploadID, 1, 0, -1, metadata)
+	if err != nil {
+		logError(testName, function, args, startTime, "", "CopyObjectPart call failed", err)
+		return
+	}
+
+	// Second of three parts
+	sndPart, err := c.CopyObjectPart(context.Background(), bucketName, objectName, destBucketName, destObjectName, uploadID, 2, 0, -1, metadata)
+	if err != nil {
+		logError(testName, function, args, startTime, "", "CopyObjectPart call failed", err)
+		return
+	}
+
+	// Last of three parts
+	lstPart, err := c.CopyObjectPart(context.Background(), bucketName, objectName, destBucketName, destObjectName, uploadID, 3, 0, 1, metadata)
+	if err != nil {
+		logError(testName, function, args, startTime, "", "CopyObjectPart call failed", err)
+		return
+	}
+
+	// Complete the multipart upload
+	_, err = c.CompleteMultipartUpload(context.Background(), destBucketName, destObjectName, uploadID, []minio.CompletePart{fstPart, sndPart, lstPart}, minio.PutObjectOptions{})
+	if err != nil {
+		logError(testName, function, args, startTime, "", "CompleteMultipartUpload call failed", err)
+		return
+	}
+
+	// Stat the object and check its length matches
+	objInfo, err := c.StatObject(context.Background(), destBucketName, destObjectName, minio.StatObjectOptions{})
+	if err != nil {
+		logError(testName, function, args, startTime, "", "StatObject call failed", err)
+		return
+	}
+
+	if objInfo.Size != (5*1024*1024)*2+1 {
+		logError(testName, function, args, startTime, "", "Destination object has incorrect size!", err)
+		return
+	}
+
+	// Now we read the data back
+	getOpts := minio.GetObjectOptions{}
+	getOpts.SetRange(0, 5*1024*1024-1)
+	r, _, _, err := c.GetObject(context.Background(), destBucketName, destObjectName, getOpts)
+	if err != nil {
+		logError(testName, function, args, startTime, "", "GetObject call failed", err)
+		return
+	}
+	getBuf := make([]byte, 5*1024*1024)
+	_, err = readFull(r, getBuf)
+	if err != nil {
+		logError(testName, function, args, startTime, "", "Read buffer failed", err)
+		return
+	}
+	if !bytes.Equal(getBuf, buf) {
+		logError(testName, function, args, startTime, "", "Got unexpected data in first 5MB", err)
+		return
+	}
+
+	getOpts.SetRange(5*1024*1024, 0)
+	r, _, _, err = c.GetObject(context.Background(), destBucketName, destObjectName, getOpts)
+	if err != nil {
+		logError(testName, function, args, startTime, "", "GetObject call failed", err)
+		return
+	}
+	getBuf = make([]byte, 5*1024*1024+1)
+	_, err = readFull(r, getBuf)
+	if err != nil {
+		logError(testName, function, args, startTime, "", "Read buffer failed", err)
+		return
+	}
+	if !bytes.Equal(getBuf[:5*1024*1024], buf) {
+		logError(testName, function, args, startTime, "", "Got unexpected data in second 5MB", err)
+		return
+	}
+	if getBuf[5*1024*1024] != buf[0] {
+		logError(testName, function, args, startTime, "", "Got unexpected data in last byte of copied object!", err)
+		return
+	}
+
+	successLogger(testName, function, args, startTime).Info()
+
+	// Do not need to remove destBucketName its same as bucketName.
+}
+
+// Test Core CopyObjectPart implementation for SSE-S3 to SSEC encryption copy part
+func testSSES3EncryptedToSSECCopyObjectPart() {
+	// initialize logging params
+	startTime := time.Now()
+	testName := getFuncName()
+	function := "CopyObjectPart(destination, source)"
+	args := map[string]interface{}{}
+
+	// Instantiate new minio client object
+	client, err := minio.New(os.Getenv(serverEndpoint),
+		&minio.Options{
+			Creds:  credentials.NewStaticV4(os.Getenv(accessKey), os.Getenv(secretKey), ""),
+			Secure: mustParseBool(os.Getenv(enableHTTPS)),
+		})
+	if err != nil {
+		logError(testName, function, args, startTime, "", "MinIO v4 client object creation failed", err)
+		return
+	}
+
+	// Instantiate new core client object.
+	c := minio.Core{client}
+
+	// Enable tracing, write to stderr.
+	// c.TraceOn(os.Stderr)
+
+	// Set user agent.
+	c.SetAppInfo("MinIO-go-FunctionalTest", "0.1.0")
+
+	// Generate a new random bucket name.
+	bucketName := randString(60, rand.NewSource(time.Now().UnixNano()), "minio-go-test")
+
+	// Make a new bucket.
+	err = c.MakeBucket(context.Background(), bucketName, minio.MakeBucketOptions{Region: "us-east-1"})
+	if err != nil {
+		logError(testName, function, args, startTime, "", "MakeBucket failed", err)
+		return
+	}
+	defer cleanupBucket(bucketName, client)
+	// Make a buffer with 5MB of data
+	buf := bytes.Repeat([]byte("abcde"), 1024*1024)
+
+	// Save the data
+	objectName := randString(60, rand.NewSource(time.Now().UnixNano()), "")
+	password := "correct horse battery staple"
+	srcEncryption := encrypt.NewSSE()
+	opts := minio.PutObjectOptions{
+		UserMetadata: map[string]string{
+			"Content-Type": "binary/octet-stream",
+		},
+		ServerSideEncryption: srcEncryption,
+	}
+	uploadInfo, err := c.PutObject(context.Background(), bucketName, objectName, bytes.NewReader(buf), int64(len(buf)), "", "", opts)
+	if err != nil {
+		logError(testName, function, args, startTime, "", "PutObject call failed", err)
+		return
+	}
+
+	st, err := c.StatObject(context.Background(), bucketName, objectName, minio.StatObjectOptions{ServerSideEncryption: srcEncryption})
+	if err != nil {
+		logError(testName, function, args, startTime, "", "StatObject call failed", err)
+		return
+	}
+
+	if st.Size != int64(len(buf)) {
+		logError(testName, function, args, startTime, "", fmt.Sprintf("Error: number of bytes does not match, want %v, got %v\n", len(buf), st.Size), err)
+		return
+	}
+
+	destBucketName := bucketName
+	destObjectName := objectName + "-dest"
+	dstencryption := encrypt.DefaultPBKDF([]byte(password), []byte(destBucketName+destObjectName))
+
+	uploadID, err := c.NewMultipartUpload(context.Background(), destBucketName, destObjectName, minio.PutObjectOptions{ServerSideEncryption: dstencryption})
+	if err != nil {
+		logError(testName, function, args, startTime, "", "NewMultipartUpload call failed", err)
+		return
+	}
+
+	// Content of the destination object will be two copies of
+	// `objectName` concatenated, followed by first byte of
+	// `objectName`.
+	metadata := make(map[string]string)
+	header := make(http.Header)
+	dstencryption.Marshal(header)
+	for k, v := range header {
+		metadata[k] = v[0]
+	}
+
+	metadata["x-amz-copy-source-if-match"] = uploadInfo.ETag
+
+	// First of three parts
+	fstPart, err := c.CopyObjectPart(context.Background(), bucketName, objectName, destBucketName, destObjectName, uploadID, 1, 0, -1, metadata)
+	if err != nil {
+		logError(testName, function, args, startTime, "", "CopyObjectPart call failed", err)
+		return
+	}
+
+	// Second of three parts
+	sndPart, err := c.CopyObjectPart(context.Background(), bucketName, objectName, destBucketName, destObjectName, uploadID, 2, 0, -1, metadata)
+	if err != nil {
+		logError(testName, function, args, startTime, "", "CopyObjectPart call failed", err)
+		return
+	}
+
+	// Last of three parts
+	lstPart, err := c.CopyObjectPart(context.Background(), bucketName, objectName, destBucketName, destObjectName, uploadID, 3, 0, 1, metadata)
+	if err != nil {
+		logError(testName, function, args, startTime, "", "CopyObjectPart call failed", err)
+		return
+	}
+
+	// Complete the multipart upload
+	_, err = c.CompleteMultipartUpload(context.Background(), destBucketName, destObjectName, uploadID, []minio.CompletePart{fstPart, sndPart, lstPart}, minio.PutObjectOptions{})
+	if err != nil {
+		logError(testName, function, args, startTime, "", "CompleteMultipartUpload call failed", err)
+		return
+	}
+
+	// Stat the object and check its length matches
+	objInfo, err := c.StatObject(context.Background(), destBucketName, destObjectName, minio.StatObjectOptions{ServerSideEncryption: dstencryption})
+	if err != nil {
+		logError(testName, function, args, startTime, "", "StatObject call failed", err)
+		return
+	}
+
+	if objInfo.Size != (5*1024*1024)*2+1 {
+		logError(testName, function, args, startTime, "", "Destination object has incorrect size!", err)
+		return
+	}
+
+	// Now we read the data back
+	getOpts := minio.GetObjectOptions{ServerSideEncryption: dstencryption}
+	getOpts.SetRange(0, 5*1024*1024-1)
+	r, _, _, err := c.GetObject(context.Background(), destBucketName, destObjectName, getOpts)
+	if err != nil {
+		logError(testName, function, args, startTime, "", "GetObject call failed", err)
+		return
+	}
+	getBuf := make([]byte, 5*1024*1024)
+	_, err = readFull(r, getBuf)
+	if err != nil {
+		logError(testName, function, args, startTime, "", "Read buffer failed", err)
+		return
+	}
+	if !bytes.Equal(getBuf, buf) {
+		logError(testName, function, args, startTime, "", "Got unexpected data in first 5MB", err)
+		return
+	}
+
+	getOpts.SetRange(5*1024*1024, 0)
+	r, _, _, err = c.GetObject(context.Background(), destBucketName, destObjectName, getOpts)
+	if err != nil {
+		logError(testName, function, args, startTime, "", "GetObject call failed", err)
+		return
+	}
+	getBuf = make([]byte, 5*1024*1024+1)
+	_, err = readFull(r, getBuf)
+	if err != nil {
+		logError(testName, function, args, startTime, "", "Read buffer failed", err)
+		return
+	}
+	if !bytes.Equal(getBuf[:5*1024*1024], buf) {
+		logError(testName, function, args, startTime, "", "Got unexpected data in second 5MB", err)
+		return
+	}
+	if getBuf[5*1024*1024] != buf[0] {
+		logError(testName, function, args, startTime, "", "Got unexpected data in last byte of copied object!", err)
+		return
+	}
+
+	successLogger(testName, function, args, startTime).Info()
+
+	// Do not need to remove destBucketName its same as bucketName.
+}
+
+// Test Core CopyObjectPart implementation for unencrypted to unencrypted copy
+func testSSES3EncryptedToUnencryptedCopyPart() {
+	// initialize logging params
+	startTime := time.Now()
+	testName := getFuncName()
+	function := "CopyObjectPart(destination, source)"
+	args := map[string]interface{}{}
+
+	// Instantiate new minio client object
+	client, err := minio.New(os.Getenv(serverEndpoint),
+		&minio.Options{
+			Creds:  credentials.NewStaticV4(os.Getenv(accessKey), os.Getenv(secretKey), ""),
+			Secure: mustParseBool(os.Getenv(enableHTTPS)),
+		})
+	if err != nil {
+		logError(testName, function, args, startTime, "", "MinIO v4 client object creation failed", err)
+		return
+	}
+
+	// Instantiate new core client object.
+	c := minio.Core{client}
+
+	// Enable tracing, write to stderr.
+	// c.TraceOn(os.Stderr)
+
+	// Set user agent.
+	c.SetAppInfo("MinIO-go-FunctionalTest", "0.1.0")
+
+	// Generate a new random bucket name.
+	bucketName := randString(60, rand.NewSource(time.Now().UnixNano()), "minio-go-test")
+
+	// Make a new bucket.
+	err = c.MakeBucket(context.Background(), bucketName, minio.MakeBucketOptions{Region: "us-east-1"})
+	if err != nil {
+		logError(testName, function, args, startTime, "", "MakeBucket failed", err)
+		return
+	}
+	defer cleanupBucket(bucketName, client)
+	// Make a buffer with 5MB of data
+	buf := bytes.Repeat([]byte("abcde"), 1024*1024)
+
+	// Save the data
+	objectName := randString(60, rand.NewSource(time.Now().UnixNano()), "")
+	srcEncryption := encrypt.NewSSE()
+	opts := minio.PutObjectOptions{
+		UserMetadata: map[string]string{
+			"Content-Type": "binary/octet-stream",
+		},
+		ServerSideEncryption: srcEncryption,
+	}
+	uploadInfo, err := c.PutObject(context.Background(), bucketName, objectName, bytes.NewReader(buf), int64(len(buf)), "", "", opts)
+	if err != nil {
+		logError(testName, function, args, startTime, "", "PutObject call failed", err)
+		return
+	}
+	st, err := c.StatObject(context.Background(), bucketName, objectName, minio.StatObjectOptions{ServerSideEncryption: srcEncryption})
+	if err != nil {
+		logError(testName, function, args, startTime, "", "StatObject call failed", err)
+		return
+	}
+
+	if st.Size != int64(len(buf)) {
+		logError(testName, function, args, startTime, "", fmt.Sprintf("Error: number of bytes does not match, want %v, got %v\n", len(buf), st.Size), err)
+		return
+	}
+
+	destBucketName := bucketName
+	destObjectName := objectName + "-dest"
+
+	uploadID, err := c.NewMultipartUpload(context.Background(), destBucketName, destObjectName, minio.PutObjectOptions{})
+	if err != nil {
+		logError(testName, function, args, startTime, "", "NewMultipartUpload call failed", err)
+		return
+	}
+
+	// Content of the destination object will be two copies of
+	// `objectName` concatenated, followed by first byte of
+	// `objectName`.
+	metadata := make(map[string]string)
+	header := make(http.Header)
+	for k, v := range header {
+		metadata[k] = v[0]
+	}
+
+	metadata["x-amz-copy-source-if-match"] = uploadInfo.ETag
+
+	// First of three parts
+	fstPart, err := c.CopyObjectPart(context.Background(), bucketName, objectName, destBucketName, destObjectName, uploadID, 1, 0, -1, metadata)
+	if err != nil {
+		logError(testName, function, args, startTime, "", "CopyObjectPart call failed", err)
+		return
+	}
+
+	// Second of three parts
+	sndPart, err := c.CopyObjectPart(context.Background(), bucketName, objectName, destBucketName, destObjectName, uploadID, 2, 0, -1, metadata)
+	if err != nil {
+		logError(testName, function, args, startTime, "", "CopyObjectPart call failed", err)
+		return
+	}
+
+	// Last of three parts
+	lstPart, err := c.CopyObjectPart(context.Background(), bucketName, objectName, destBucketName, destObjectName, uploadID, 3, 0, 1, metadata)
+	if err != nil {
+		logError(testName, function, args, startTime, "", "CopyObjectPart call failed", err)
+		return
+	}
+
+	// Complete the multipart upload
+	_, err = c.CompleteMultipartUpload(context.Background(), destBucketName, destObjectName, uploadID, []minio.CompletePart{fstPart, sndPart, lstPart}, minio.PutObjectOptions{})
+	if err != nil {
+		logError(testName, function, args, startTime, "", "CompleteMultipartUpload call failed", err)
+		return
+	}
+
+	// Stat the object and check its length matches
+	objInfo, err := c.StatObject(context.Background(), destBucketName, destObjectName, minio.StatObjectOptions{})
+	if err != nil {
+		logError(testName, function, args, startTime, "", "StatObject call failed", err)
+		return
+	}
+
+	if objInfo.Size != (5*1024*1024)*2+1 {
+		logError(testName, function, args, startTime, "", "Destination object has incorrect size!", err)
+		return
+	}
+
+	// Now we read the data back
+	getOpts := minio.GetObjectOptions{}
+	getOpts.SetRange(0, 5*1024*1024-1)
+	r, _, _, err := c.GetObject(context.Background(), destBucketName, destObjectName, getOpts)
+	if err != nil {
+		logError(testName, function, args, startTime, "", "GetObject call failed", err)
+		return
+	}
+	getBuf := make([]byte, 5*1024*1024)
+	_, err = readFull(r, getBuf)
+	if err != nil {
+		logError(testName, function, args, startTime, "", "Read buffer failed", err)
+		return
+	}
+	if !bytes.Equal(getBuf, buf) {
+		logError(testName, function, args, startTime, "", "Got unexpected data in first 5MB", err)
+		return
+	}
+
+	getOpts.SetRange(5*1024*1024, 0)
+	r, _, _, err = c.GetObject(context.Background(), destBucketName, destObjectName, getOpts)
+	if err != nil {
+		logError(testName, function, args, startTime, "", "GetObject call failed", err)
+		return
+	}
+	getBuf = make([]byte, 5*1024*1024+1)
+	_, err = readFull(r, getBuf)
+	if err != nil {
+		logError(testName, function, args, startTime, "", "Read buffer failed", err)
+		return
+	}
+	if !bytes.Equal(getBuf[:5*1024*1024], buf) {
+		logError(testName, function, args, startTime, "", "Got unexpected data in second 5MB", err)
+		return
+	}
+	if getBuf[5*1024*1024] != buf[0] {
+		logError(testName, function, args, startTime, "", "Got unexpected data in last byte of copied object!", err)
+		return
+	}
+
+	successLogger(testName, function, args, startTime).Info()
+
+	// Do not need to remove destBucketName its same as bucketName.
+}
+
+// Test Core CopyObjectPart implementation for unencrypted to SSE-S3 encrypted copy
+func testSSES3EncryptedToSSES3CopyObjectPart() {
+	// initialize logging params
+	startTime := time.Now()
+	testName := getFuncName()
+	function := "CopyObjectPart(destination, source)"
+	args := map[string]interface{}{}
+
+	// Instantiate new minio client object
+	client, err := minio.New(os.Getenv(serverEndpoint),
+		&minio.Options{
+			Creds:  credentials.NewStaticV4(os.Getenv(accessKey), os.Getenv(secretKey), ""),
+			Secure: mustParseBool(os.Getenv(enableHTTPS)),
+		})
+	if err != nil {
+		logError(testName, function, args, startTime, "", "MinIO v4 client object creation failed", err)
+		return
+	}
+
+	// Instantiate new core client object.
+	c := minio.Core{client}
+
+	// Enable tracing, write to stderr.
+	// c.TraceOn(os.Stderr)
+
+	// Set user agent.
+	c.SetAppInfo("MinIO-go-FunctionalTest", "0.1.0")
+
+	// Generate a new random bucket name.
+	bucketName := randString(60, rand.NewSource(time.Now().UnixNano()), "minio-go-test")
+
+	// Make a new bucket.
+	err = c.MakeBucket(context.Background(), bucketName, minio.MakeBucketOptions{Region: "us-east-1"})
+	if err != nil {
+		logError(testName, function, args, startTime, "", "MakeBucket failed", err)
+		return
+	}
+	defer cleanupBucket(bucketName, client)
+	// Make a buffer with 5MB of data
+	buf := bytes.Repeat([]byte("abcde"), 1024*1024)
+
+	// Save the data
+	objectName := randString(60, rand.NewSource(time.Now().UnixNano()), "")
+	srcEncryption := encrypt.NewSSE()
+	opts := minio.PutObjectOptions{
+		UserMetadata: map[string]string{
+			"Content-Type": "binary/octet-stream",
+		},
+		ServerSideEncryption: srcEncryption,
+	}
+
+	uploadInfo, err := c.PutObject(context.Background(), bucketName, objectName, bytes.NewReader(buf), int64(len(buf)), "", "", opts)
+	if err != nil {
+		logError(testName, function, args, startTime, "", "PutObject call failed", err)
+		return
+	}
+	st, err := c.StatObject(context.Background(), bucketName, objectName, minio.StatObjectOptions{ServerSideEncryption: srcEncryption})
+	if err != nil {
+		logError(testName, function, args, startTime, "", "StatObject call failed", err)
+		return
+	}
+	if st.Size != int64(len(buf)) {
+		logError(testName, function, args, startTime, "", fmt.Sprintf("Error: number of bytes does not match, want %v, got %v\n", len(buf), st.Size), err)
+		return
+	}
+
+	destBucketName := bucketName
+	destObjectName := objectName + "-dest"
+	dstencryption := encrypt.NewSSE()
+
+	uploadID, err := c.NewMultipartUpload(context.Background(), destBucketName, destObjectName, minio.PutObjectOptions{ServerSideEncryption: dstencryption})
+	if err != nil {
+		logError(testName, function, args, startTime, "", "NewMultipartUpload call failed", err)
+		return
+	}
+
+	// Content of the destination object will be two copies of
+	// `objectName` concatenated, followed by first byte of
+	// `objectName`.
+	metadata := make(map[string]string)
+	header := make(http.Header)
+	dstencryption.Marshal(header)
+
+	for k, v := range header {
+		metadata[k] = v[0]
+	}
+
+	metadata["x-amz-copy-source-if-match"] = uploadInfo.ETag
+
+	// First of three parts
+	fstPart, err := c.CopyObjectPart(context.Background(), bucketName, objectName, destBucketName, destObjectName, uploadID, 1, 0, -1, metadata)
+	if err != nil {
+		logError(testName, function, args, startTime, "", "CopyObjectPart call failed", err)
+		return
+	}
+
+	// Second of three parts
+	sndPart, err := c.CopyObjectPart(context.Background(), bucketName, objectName, destBucketName, destObjectName, uploadID, 2, 0, -1, metadata)
+	if err != nil {
+		logError(testName, function, args, startTime, "", "CopyObjectPart call failed", err)
+		return
+	}
+
+	// Last of three parts
+	lstPart, err := c.CopyObjectPart(context.Background(), bucketName, objectName, destBucketName, destObjectName, uploadID, 3, 0, 1, metadata)
+	if err != nil {
+		logError(testName, function, args, startTime, "", "CopyObjectPart call failed", err)
+		return
+	}
+
+	// Complete the multipart upload
+	_, err = c.CompleteMultipartUpload(context.Background(), destBucketName, destObjectName, uploadID, []minio.CompletePart{fstPart, sndPart, lstPart}, minio.PutObjectOptions{})
+	if err != nil {
+		logError(testName, function, args, startTime, "", "CompleteMultipartUpload call failed", err)
+		return
+	}
+
+	// Stat the object and check its length matches
+	objInfo, err := c.StatObject(context.Background(), destBucketName, destObjectName, minio.StatObjectOptions{})
+	if err != nil {
+		logError(testName, function, args, startTime, "", "StatObject call failed", err)
+		return
+	}
+
+	if objInfo.Size != (5*1024*1024)*2+1 {
+		logError(testName, function, args, startTime, "", "Destination object has incorrect size!", err)
+		return
+	}
+
+	// Now we read the data back
+	getOpts := minio.GetObjectOptions{}
+	getOpts.SetRange(0, 5*1024*1024-1)
+	r, _, _, err := c.GetObject(context.Background(), destBucketName, destObjectName, getOpts)
+	if err != nil {
+		logError(testName, function, args, startTime, "", "GetObject call failed", err)
+		return
+	}
+	getBuf := make([]byte, 5*1024*1024)
+	_, err = readFull(r, getBuf)
+	if err != nil {
+		logError(testName, function, args, startTime, "", "Read buffer failed", err)
+		return
+	}
+	if !bytes.Equal(getBuf, buf) {
+		logError(testName, function, args, startTime, "", "Got unexpected data in first 5MB", err)
+		return
+	}
+
+	getOpts.SetRange(5*1024*1024, 0)
+	r, _, _, err = c.GetObject(context.Background(), destBucketName, destObjectName, getOpts)
+	if err != nil {
+		logError(testName, function, args, startTime, "", "GetObject call failed", err)
+		return
+	}
+	getBuf = make([]byte, 5*1024*1024+1)
+	_, err = readFull(r, getBuf)
+	if err != nil {
+		logError(testName, function, args, startTime, "", "Read buffer failed", err)
+		return
+	}
+	if !bytes.Equal(getBuf[:5*1024*1024], buf) {
+		logError(testName, function, args, startTime, "", "Got unexpected data in second 5MB", err)
+		return
+	}
+	if getBuf[5*1024*1024] != buf[0] {
+		logError(testName, function, args, startTime, "", "Got unexpected data in last byte of copied object!", err)
+		return
+	}
+
+	successLogger(testName, function, args, startTime).Info()
+
+	// Do not need to remove destBucketName its same as bucketName.
+}
+func testUserMetadataCopying() {
+	// initialize logging params
+	startTime := time.Now()
+	testName := getFuncName()
+	function := "CopyObject(destination, source)"
+	args := map[string]interface{}{}
+
+	// Instantiate new minio client object
+	c, err := minio.New(os.Getenv(serverEndpoint),
+		&minio.Options{
+			Creds:  credentials.NewStaticV4(os.Getenv(accessKey), os.Getenv(secretKey), ""),
+			Secure: mustParseBool(os.Getenv(enableHTTPS)),
+		})
+	if err != nil {
+		logError(testName, function, args, startTime, "", "MinIO client object creation failed", err)
+		return
+	}
+
+	// c.TraceOn(os.Stderr)
+	testUserMetadataCopyingWrapper(c)
+}
+
+func testUserMetadataCopyingWrapper(c *minio.Client) {
+	// initialize logging params
+	startTime := time.Now()
+	testName := getFuncName()
+	function := "CopyObject(destination, source)"
+	args := map[string]interface{}{}
+
+	// Generate a new random bucket name.
+	bucketName := randString(60, rand.NewSource(time.Now().UnixNano()), "minio-go-test-")
+	// Make a new bucket in 'us-east-1' (source bucket).
+	err := c.MakeBucket(context.Background(), bucketName, minio.MakeBucketOptions{Region: "us-east-1"})
+	if err != nil {
+		logError(testName, function, args, startTime, "", "MakeBucket failed", err)
+		return
+	}
+
+	defer cleanupBucket(bucketName, c)
+
+	fetchMeta := func(object string) (h http.Header) {
+		objInfo, err := c.StatObject(context.Background(), bucketName, object, minio.StatObjectOptions{})
+		if err != nil {
+			logError(testName, function, args, startTime, "", "Stat failed", err)
+			return
+		}
+		h = make(http.Header)
+		for k, vs := range objInfo.Metadata {
+			if strings.HasPrefix(strings.ToLower(k), "x-amz-meta-") {
+				h.Add(k, vs[0])
+			}
+		}
+		return h
+	}
+
+	// 1. create a client encrypted object to copy by uploading
+	const srcSize = 1024 * 1024
+	buf := bytes.Repeat([]byte("abcde"), srcSize) // gives a buffer of 5MiB
+	metadata := make(http.Header)
+	metadata.Set("x-amz-meta-myheader", "myvalue")
+	m := make(map[string]string)
+	m["x-amz-meta-myheader"] = "myvalue"
+	_, err = c.PutObject(context.Background(), bucketName, "srcObject",
+		bytes.NewReader(buf), int64(len(buf)), minio.PutObjectOptions{UserMetadata: m})
+	if err != nil {
+		logError(testName, function, args, startTime, "", "PutObjectWithMetadata failed", err)
+		return
+	}
+	if !reflect.DeepEqual(metadata, fetchMeta("srcObject")) {
+		logError(testName, function, args, startTime, "", "Metadata match failed", err)
+		return
+	}
+
+	// 2. create source
+	src := minio.CopySrcOptions{
+		Bucket: bucketName,
+		Object: "srcObject",
+	}
+
+	// 2.1 create destination with metadata set
+	dst1 := minio.CopyDestOptions{
+		Bucket:          bucketName,
+		Object:          "dstObject-1",
+		UserMetadata:    map[string]string{"notmyheader": "notmyvalue"},
+		ReplaceMetadata: true,
+	}
+
+	// 3. Check that copying to an object with metadata set resets
+	// the headers on the copy.
+	args["source"] = src
+	args["destination"] = dst1
+	_, err = c.CopyObject(context.Background(), dst1, src)
+	if err != nil {
+		logError(testName, function, args, startTime, "", "CopyObject failed", err)
+		return
+	}
+
+	expectedHeaders := make(http.Header)
+	expectedHeaders.Set("x-amz-meta-notmyheader", "notmyvalue")
+	if !reflect.DeepEqual(expectedHeaders, fetchMeta("dstObject-1")) {
+		logError(testName, function, args, startTime, "", "Metadata match failed", err)
+		return
+	}
+
+	// 4. create destination with no metadata set and same source
+	dst2 := minio.CopyDestOptions{
+		Bucket: bucketName,
+		Object: "dstObject-2",
+	}
+
+	// 5. Check that copying to an object with no metadata set,
+	// copies metadata.
+	args["source"] = src
+	args["destination"] = dst2
+	_, err = c.CopyObject(context.Background(), dst2, src)
+	if err != nil {
+		logError(testName, function, args, startTime, "", "CopyObject failed", err)
+		return
+	}
+
+	expectedHeaders = metadata
+	if !reflect.DeepEqual(expectedHeaders, fetchMeta("dstObject-2")) {
+		logError(testName, function, args, startTime, "", "Metadata match failed", err)
+		return
+	}
+
+	// 6. Compose a pair of sources.
+	dst3 := minio.CopyDestOptions{
+		Bucket:          bucketName,
+		Object:          "dstObject-3",
+		ReplaceMetadata: true,
+	}
+
+	function = "ComposeObject(destination, sources)"
+	args["source"] = []minio.CopySrcOptions{src, src}
+	args["destination"] = dst3
+	_, err = c.ComposeObject(context.Background(), dst3, src, src)
+	if err != nil {
+		logError(testName, function, args, startTime, "", "ComposeObject failed", err)
+		return
+	}
+
+	// Check that no headers are copied in this case
+	if !reflect.DeepEqual(make(http.Header), fetchMeta("dstObject-3")) {
+		logError(testName, function, args, startTime, "", "Metadata match failed", err)
+		return
+	}
+
+	// 7. Compose a pair of sources with dest user metadata set.
+	dst4 := minio.CopyDestOptions{
+		Bucket:          bucketName,
+		Object:          "dstObject-4",
+		UserMetadata:    map[string]string{"notmyheader": "notmyvalue"},
+		ReplaceMetadata: true,
+	}
+
+	function = "ComposeObject(destination, sources)"
+	args["source"] = []minio.CopySrcOptions{src, src}
+	args["destination"] = dst4
+	_, err = c.ComposeObject(context.Background(), dst4, src, src)
+	if err != nil {
+		logError(testName, function, args, startTime, "", "ComposeObject failed", err)
+		return
+	}
+
+	// Check that no headers are copied in this case
+	expectedHeaders = make(http.Header)
+	expectedHeaders.Set("x-amz-meta-notmyheader", "notmyvalue")
+	if !reflect.DeepEqual(expectedHeaders, fetchMeta("dstObject-4")) {
+		logError(testName, function, args, startTime, "", "Metadata match failed", err)
+		return
+	}
+
+	successLogger(testName, function, args, startTime).Info()
+}
+
+func testUserMetadataCopyingV2() {
+	// initialize logging params
+	startTime := time.Now()
+	testName := getFuncName()
+	function := "CopyObject(destination, source)"
+	args := map[string]interface{}{}
+
+	// Instantiate new minio client object
+	c, err := minio.New(os.Getenv(serverEndpoint),
+		&minio.Options{
+			Creds:  credentials.NewStaticV2(os.Getenv(accessKey), os.Getenv(secretKey), ""),
+			Secure: mustParseBool(os.Getenv(enableHTTPS)),
+		})
+	if err != nil {
+		logError(testName, function, args, startTime, "", "MinIO client v2 object creation failed", err)
+		return
+	}
+
+	// c.TraceOn(os.Stderr)
+	testUserMetadataCopyingWrapper(c)
+}
+
+func testStorageClassMetadataPutObject() {
+	// initialize logging params
+	startTime := time.Now()
+	function := "testStorageClassMetadataPutObject()"
+	args := map[string]interface{}{}
+	testName := getFuncName()
+
+	// Instantiate new minio client object
+	c, err := minio.New(os.Getenv(serverEndpoint),
+		&minio.Options{
+			Creds:  credentials.NewStaticV4(os.Getenv(accessKey), os.Getenv(secretKey), ""),
+			Secure: mustParseBool(os.Getenv(enableHTTPS)),
+		})
+	if err != nil {
+		logError(testName, function, args, startTime, "", "MinIO v4 client object creation failed", err)
+		return
+	}
+
+	// Generate a new random bucket name.
+	bucketName := randString(60, rand.NewSource(time.Now().UnixNano()), "minio-go-test")
+	// Make a new bucket in 'us-east-1' (source bucket).
+	err = c.MakeBucket(context.Background(), bucketName, minio.MakeBucketOptions{Region: "us-east-1"})
+	if err != nil {
+		logError(testName, function, args, startTime, "", "MakeBucket failed", err)
+		return
+	}
+
+	defer cleanupBucket(bucketName, c)
+
+	fetchMeta := func(object string) (h http.Header) {
+		objInfo, err := c.StatObject(context.Background(), bucketName, object, minio.StatObjectOptions{})
+		if err != nil {
+			logError(testName, function, args, startTime, "", "Stat failed", err)
+			return
+		}
+		h = make(http.Header)
+		for k, vs := range objInfo.Metadata {
+			if strings.HasPrefix(strings.ToLower(k), "x-amz-storage-class") {
+				for _, v := range vs {
+					h.Add(k, v)
+				}
+			}
+		}
+		return h
+	}
+
+	metadata := make(http.Header)
+	metadata.Set("x-amz-storage-class", "REDUCED_REDUNDANCY")
+
+	emptyMetadata := make(http.Header)
+
+	const srcSize = 1024 * 1024
+	buf := bytes.Repeat([]byte("abcde"), srcSize) // gives a buffer of 1MiB
+
+	_, err = c.PutObject(context.Background(), bucketName, "srcObjectRRSClass",
+		bytes.NewReader(buf), int64(len(buf)), minio.PutObjectOptions{StorageClass: "REDUCED_REDUNDANCY"})
+	if err != nil {
+		logError(testName, function, args, startTime, "", "PutObject failed", err)
+		return
+	}
+
+	// Get the returned metadata
+	returnedMeta := fetchMeta("srcObjectRRSClass")
+
+	// The response metada should either be equal to metadata (with REDUCED_REDUNDANCY) or emptyMetadata (in case of gateways)
+	if !reflect.DeepEqual(metadata, returnedMeta) && !reflect.DeepEqual(emptyMetadata, returnedMeta) {
+		logError(testName, function, args, startTime, "", "Metadata match failed", err)
+		return
+	}
+
+	metadata = make(http.Header)
+	metadata.Set("x-amz-storage-class", "STANDARD")
+
+	_, err = c.PutObject(context.Background(), bucketName, "srcObjectSSClass",
+		bytes.NewReader(buf), int64(len(buf)), minio.PutObjectOptions{StorageClass: "STANDARD"})
+	if err != nil {
+		logError(testName, function, args, startTime, "", "PutObject failed", err)
+		return
+	}
+	if reflect.DeepEqual(metadata, fetchMeta("srcObjectSSClass")) {
+		logError(testName, function, args, startTime, "", "Metadata verification failed, STANDARD storage class should not be a part of response metadata", err)
+		return
+	}
+
+	successLogger(testName, function, args, startTime).Info()
+}
+
+func testStorageClassInvalidMetadataPutObject() {
+	// initialize logging params
+	startTime := time.Now()
+	function := "testStorageClassInvalidMetadataPutObject()"
+	args := map[string]interface{}{}
+	testName := getFuncName()
+
+	// Instantiate new minio client object
+	c, err := minio.New(os.Getenv(serverEndpoint),
+		&minio.Options{
+			Creds:  credentials.NewStaticV4(os.Getenv(accessKey), os.Getenv(secretKey), ""),
+			Secure: mustParseBool(os.Getenv(enableHTTPS)),
+		})
+	if err != nil {
+		logError(testName, function, args, startTime, "", "MinIO v4 client object creation failed", err)
+		return
+	}
+
+	// Generate a new random bucket name.
+	bucketName := randString(60, rand.NewSource(time.Now().UnixNano()), "minio-go-test")
+	// Make a new bucket in 'us-east-1' (source bucket).
+	err = c.MakeBucket(context.Background(), bucketName, minio.MakeBucketOptions{Region: "us-east-1"})
+	if err != nil {
+		logError(testName, function, args, startTime, "", "MakeBucket failed", err)
+		return
+	}
+
+	defer cleanupBucket(bucketName, c)
+
+	const srcSize = 1024 * 1024
+	buf := bytes.Repeat([]byte("abcde"), srcSize) // gives a buffer of 1MiB
+
+	_, err = c.PutObject(context.Background(), bucketName, "srcObjectRRSClass",
+		bytes.NewReader(buf), int64(len(buf)), minio.PutObjectOptions{StorageClass: "INVALID_STORAGE_CLASS"})
+	if err == nil {
+		logError(testName, function, args, startTime, "", "PutObject with invalid storage class passed, was expected to fail", err)
+		return
+	}
+
+	successLogger(testName, function, args, startTime).Info()
+}
+
+func testStorageClassMetadataCopyObject() {
+	// initialize logging params
+	startTime := time.Now()
+	function := "testStorageClassMetadataCopyObject()"
+	args := map[string]interface{}{}
+	testName := getFuncName()
+
+	// Instantiate new minio client object
+	c, err := minio.New(os.Getenv(serverEndpoint),
+		&minio.Options{
+			Creds:  credentials.NewStaticV4(os.Getenv(accessKey), os.Getenv(secretKey), ""),
+			Secure: mustParseBool(os.Getenv(enableHTTPS)),
+		})
+	if err != nil {
+		logError(testName, function, args, startTime, "", "MinIO v4 client object creation failed", err)
+		return
+	}
+
+	// Generate a new random bucket name.
+	bucketName := randString(60, rand.NewSource(time.Now().UnixNano()), "minio-go-test")
+	// Make a new bucket in 'us-east-1' (source bucket).
+	err = c.MakeBucket(context.Background(), bucketName, minio.MakeBucketOptions{Region: "us-east-1"})
+	if err != nil {
+		logError(testName, function, args, startTime, "", "MakeBucket failed", err)
+		return
+	}
+
+	defer cleanupBucket(bucketName, c)
+
+	fetchMeta := func(object string) (h http.Header) {
+		objInfo, err := c.StatObject(context.Background(), bucketName, object, minio.StatObjectOptions{})
+		args["bucket"] = bucketName
+		args["object"] = object
+		if err != nil {
+			logError(testName, function, args, startTime, "", "Stat failed", err)
+			return
+		}
+		h = make(http.Header)
+		for k, vs := range objInfo.Metadata {
+			if strings.HasPrefix(strings.ToLower(k), "x-amz-storage-class") {
+				for _, v := range vs {
+					h.Add(k, v)
+				}
+			}
+		}
+		return h
+	}
+
+	metadata := make(http.Header)
+	metadata.Set("x-amz-storage-class", "REDUCED_REDUNDANCY")
+
+	emptyMetadata := make(http.Header)
+
+	const srcSize = 1024 * 1024
+	buf := bytes.Repeat([]byte("abcde"), srcSize)
+
+	// Put an object with RRS Storage class
+	_, err = c.PutObject(context.Background(), bucketName, "srcObjectRRSClass",
+		bytes.NewReader(buf), int64(len(buf)), minio.PutObjectOptions{StorageClass: "REDUCED_REDUNDANCY"})
+	if err != nil {
+		logError(testName, function, args, startTime, "", "PutObject failed", err)
+		return
+	}
+
+	// Make server side copy of object uploaded in previous step
+	src := minio.CopySrcOptions{
+		Bucket: bucketName,
+		Object: "srcObjectRRSClass",
+	}
+	dst := minio.CopyDestOptions{
+		Bucket: bucketName,
+		Object: "srcObjectRRSClassCopy",
+	}
+	if _, err = c.CopyObject(context.Background(), dst, src); err != nil {
+		logError(testName, function, args, startTime, "", "CopyObject failed on RRS", err)
+		return
+	}
+
+	// Get the returned metadata
+	returnedMeta := fetchMeta("srcObjectRRSClassCopy")
+
+	// The response metada should either be equal to metadata (with REDUCED_REDUNDANCY) or emptyMetadata (in case of gateways)
+	if !reflect.DeepEqual(metadata, returnedMeta) && !reflect.DeepEqual(emptyMetadata, returnedMeta) {
+		logError(testName, function, args, startTime, "", "Metadata match failed", err)
+		return
+	}
+
+	metadata = make(http.Header)
+	metadata.Set("x-amz-storage-class", "STANDARD")
+
+	// Put an object with Standard Storage class
+	_, err = c.PutObject(context.Background(), bucketName, "srcObjectSSClass",
+		bytes.NewReader(buf), int64(len(buf)), minio.PutObjectOptions{StorageClass: "STANDARD"})
+	if err != nil {
+		logError(testName, function, args, startTime, "", "PutObject failed", err)
+		return
+	}
+
+	// Make server side copy of object uploaded in previous step
+	src = minio.CopySrcOptions{
+		Bucket: bucketName,
+		Object: "srcObjectSSClass",
+	}
+	dst = minio.CopyDestOptions{
+		Bucket: bucketName,
+		Object: "srcObjectSSClassCopy",
+	}
+	if _, err = c.CopyObject(context.Background(), dst, src); err != nil {
+		logError(testName, function, args, startTime, "", "CopyObject failed on SS", err)
+		return
+	}
+	// Fetch the meta data of copied object
+	if reflect.DeepEqual(metadata, fetchMeta("srcObjectSSClassCopy")) {
+		logError(testName, function, args, startTime, "", "Metadata verification failed, STANDARD storage class should not be a part of response metadata", err)
+		return
+	}
+
+	successLogger(testName, function, args, startTime).Info()
+}
+
+// Test put object with size -1 byte object.
+func testPutObjectNoLengthV2() {
+	// initialize logging params
+	startTime := time.Now()
+	testName := getFuncName()
+	function := "PutObject(bucketName, objectName, reader, size, opts)"
+	args := map[string]interface{}{
+		"bucketName": "",
+		"objectName": "",
+		"size":       -1,
+		"opts":       "",
+	}
+
+	// Seed random based on current time.
+	rand.Seed(time.Now().Unix())
+
+	// Instantiate new minio client object.
+	c, err := minio.New(os.Getenv(serverEndpoint),
+		&minio.Options{
+			Creds:  credentials.NewStaticV2(os.Getenv(accessKey), os.Getenv(secretKey), ""),
+			Secure: mustParseBool(os.Getenv(enableHTTPS)),
+		})
+	if err != nil {
+		logError(testName, function, args, startTime, "", "MinIO client v2 object creation failed", err)
+		return
+	}
+
+	// Enable tracing, write to stderr.
+	// c.TraceOn(os.Stderr)
+
+	// Set user agent.
+	c.SetAppInfo("MinIO-go-FunctionalTest", "0.1.0")
+
+	// Generate a new random bucket name.
+	bucketName := randString(60, rand.NewSource(time.Now().UnixNano()), "minio-go-test-")
+	args["bucketName"] = bucketName
+
+	// Make a new bucket.
+	err = c.MakeBucket(context.Background(), bucketName, minio.MakeBucketOptions{Region: "us-east-1"})
+	if err != nil {
+		logError(testName, function, args, startTime, "", "MakeBucket failed", err)
+		return
+	}
+
+	defer cleanupBucket(bucketName, c)
+
+	objectName := bucketName + "unique"
+	args["objectName"] = objectName
+
+	bufSize := dataFileMap["datafile-129-MB"]
+	var reader = getDataReader("datafile-129-MB")
+	defer reader.Close()
+	args["size"] = bufSize
+
+	// Upload an object.
+	_, err = c.PutObject(context.Background(), bucketName, objectName, reader, -1, minio.PutObjectOptions{})
+	if err != nil {
+		logError(testName, function, args, startTime, "", "PutObjectWithSize failed", err)
+		return
+	}
+
+	st, err := c.StatObject(context.Background(), bucketName, objectName, minio.StatObjectOptions{})
+	if err != nil {
+		logError(testName, function, args, startTime, "", "StatObject failed", err)
+		return
+	}
+
+	if st.Size != int64(bufSize) {
+		logError(testName, function, args, startTime, "", "Expected upload object size "+string(bufSize)+" got "+string(st.Size), err)
+		return
+	}
+
+	successLogger(testName, function, args, startTime).Info()
+}
+
+// Test put objects of unknown size.
+func testPutObjectsUnknownV2() {
+	// initialize logging params
+	startTime := time.Now()
+	testName := getFuncName()
+	function := "PutObject(bucketName, objectName, reader,size,opts)"
+	args := map[string]interface{}{
+		"bucketName": "",
+		"objectName": "",
+		"size":       "",
+		"opts":       "",
+	}
+
+	// Seed random based on current time.
+	rand.Seed(time.Now().Unix())
+
+	// Instantiate new minio client object.
+	c, err := minio.New(os.Getenv(serverEndpoint),
+		&minio.Options{
+			Creds:  credentials.NewStaticV2(os.Getenv(accessKey), os.Getenv(secretKey), ""),
+			Secure: mustParseBool(os.Getenv(enableHTTPS)),
+		})
+	if err != nil {
+		logError(testName, function, args, startTime, "", "MinIO client v2 object creation failed", err)
+		return
+	}
+
+	// Enable tracing, write to stderr.
+	// c.TraceOn(os.Stderr)
+
+	// Set user agent.
+	c.SetAppInfo("MinIO-go-FunctionalTest", "0.1.0")
+
+	// Generate a new random bucket name.
+	bucketName := randString(60, rand.NewSource(time.Now().UnixNano()), "minio-go-test-")
+	args["bucketName"] = bucketName
+
+	// Make a new bucket.
+	err = c.MakeBucket(context.Background(), bucketName, minio.MakeBucketOptions{Region: "us-east-1"})
+	if err != nil {
+		logError(testName, function, args, startTime, "", "MakeBucket failed", err)
+		return
+	}
+
+	defer cleanupBucket(bucketName, c)
+
+	// Issues are revealed by trying to upload multiple files of unknown size
+	// sequentially (on 4GB machines)
+	for i := 1; i <= 4; i++ {
+		// Simulate that we could be receiving byte slices of data that we want
+		// to upload as a file
+		rpipe, wpipe := io.Pipe()
+		defer rpipe.Close()
+		go func() {
+			b := []byte("test")
+			wpipe.Write(b)
+			wpipe.Close()
+		}()
+
+		// Upload the object.
+		objectName := fmt.Sprintf("%sunique%d", bucketName, i)
+		args["objectName"] = objectName
+
+		ui, err := c.PutObject(context.Background(), bucketName, objectName, rpipe, -1, minio.PutObjectOptions{})
+		if err != nil {
+			logError(testName, function, args, startTime, "", "PutObjectStreaming failed", err)
+			return
+		}
+
+		if ui.Size != 4 {
+			logError(testName, function, args, startTime, "", "Expected upload object size "+string(4)+" got "+string(ui.Size), nil)
+			return
+		}
+
+		st, err := c.StatObject(context.Background(), bucketName, objectName, minio.StatObjectOptions{})
+		if err != nil {
+			logError(testName, function, args, startTime, "", "StatObjectStreaming failed", err)
+			return
+		}
+
+		if st.Size != int64(4) {
+			logError(testName, function, args, startTime, "", "Expected upload object size "+string(4)+" got "+string(st.Size), err)
+			return
+		}
+
+	}
+
+	successLogger(testName, function, args, startTime).Info()
+}
+
+// Test put object with 0 byte object.
+func testPutObject0ByteV2() {
+	// initialize logging params
+	startTime := time.Now()
+	testName := getFuncName()
+	function := "PutObject(bucketName, objectName, reader, size, opts)"
+	args := map[string]interface{}{
+		"bucketName": "",
+		"objectName": "",
+		"size":       0,
+		"opts":       "",
+	}
+
+	// Seed random based on current time.
+	rand.Seed(time.Now().Unix())
+
+	// Instantiate new minio client object.
+	c, err := minio.New(os.Getenv(serverEndpoint),
+		&minio.Options{
+			Creds:  credentials.NewStaticV2(os.Getenv(accessKey), os.Getenv(secretKey), ""),
+			Secure: mustParseBool(os.Getenv(enableHTTPS)),
+		})
+	if err != nil {
+		logError(testName, function, args, startTime, "", "MinIO client v2 object creation failed", err)
+		return
+	}
+
+	// Enable tracing, write to stderr.
+	// c.TraceOn(os.Stderr)
+
+	// Set user agent.
+	c.SetAppInfo("MinIO-go-FunctionalTest", "0.1.0")
+
+	// Generate a new random bucket name.
+	bucketName := randString(60, rand.NewSource(time.Now().UnixNano()), "minio-go-test-")
+	args["bucketName"] = bucketName
+
+	// Make a new bucket.
+	err = c.MakeBucket(context.Background(), bucketName, minio.MakeBucketOptions{Region: "us-east-1"})
+	if err != nil {
+		logError(testName, function, args, startTime, "", "MakeBucket failed", err)
+		return
+	}
+
+	defer cleanupBucket(bucketName, c)
+
+	objectName := bucketName + "unique"
+	args["objectName"] = objectName
+	args["opts"] = minio.PutObjectOptions{}
+
+	// Upload an object.
+	_, err = c.PutObject(context.Background(), bucketName, objectName, bytes.NewReader([]byte("")), 0, minio.PutObjectOptions{})
+	if err != nil {
+		logError(testName, function, args, startTime, "", "PutObjectWithSize failed", err)
+		return
+	}
+	st, err := c.StatObject(context.Background(), bucketName, objectName, minio.StatObjectOptions{})
+	if err != nil {
+		logError(testName, function, args, startTime, "", "StatObjectWithSize failed", err)
+		return
+	}
+	if st.Size != 0 {
+		logError(testName, function, args, startTime, "", "Expected upload object size 0 but got "+string(st.Size), err)
+		return
+	}
+
+	successLogger(testName, function, args, startTime).Info()
+}
+
+// Test expected error cases
+func testComposeObjectErrorCases() {
+	// initialize logging params
+	startTime := time.Now()
+	testName := getFuncName()
+	function := "ComposeObject(destination, sourceList)"
+	args := map[string]interface{}{}
+
+	// Instantiate new minio client object
+	c, err := minio.New(os.Getenv(serverEndpoint),
+		&minio.Options{
+			Creds:  credentials.NewStaticV4(os.Getenv(accessKey), os.Getenv(secretKey), ""),
+			Secure: mustParseBool(os.Getenv(enableHTTPS)),
+		})
+	if err != nil {
+		logError(testName, function, args, startTime, "", "MinIO client object creation failed", err)
+		return
+	}
+
+	testComposeObjectErrorCasesWrapper(c)
+}
+
+// Test concatenating multiple 10K objects V4
+func testCompose10KSources() {
+	// initialize logging params
+	startTime := time.Now()
+	testName := getFuncName()
+	function := "ComposeObject(destination, sourceList)"
+	args := map[string]interface{}{}
+
+	// Instantiate new minio client object
+	c, err := minio.New(os.Getenv(serverEndpoint),
+		&minio.Options{
+			Creds:  credentials.NewStaticV4(os.Getenv(accessKey), os.Getenv(secretKey), ""),
+			Secure: mustParseBool(os.Getenv(enableHTTPS)),
+		})
+	if err != nil {
+		logError(testName, function, args, startTime, "", "MinIO client object creation failed", err)
+		return
+	}
+
+	testComposeMultipleSources(c)
+}
+
+// Tests comprehensive list of all methods.
+func testFunctionalV2() {
+	// initialize logging params
+	startTime := time.Now()
+	testName := getFuncName()
+	function := "testFunctionalV2()"
+	functionAll := ""
+	args := map[string]interface{}{}
+
+	// Seed random based on current time.
+	rand.Seed(time.Now().Unix())
+
+	c, err := minio.New(os.Getenv(serverEndpoint),
+		&minio.Options{
+			Creds:  credentials.NewStaticV2(os.Getenv(accessKey), os.Getenv(secretKey), ""),
+			Secure: mustParseBool(os.Getenv(enableHTTPS)),
+		})
+	if err != nil {
+		logError(testName, function, args, startTime, "", "MinIO client v2 object creation failed", err)
+		return
+	}
+
+	// Enable to debug
+	// c.TraceOn(os.Stderr)
+
+	// Set user agent.
+	c.SetAppInfo("MinIO-go-FunctionalTest", "0.1.0")
+
+	// Generate a new random bucket name.
+	bucketName := randString(60, rand.NewSource(time.Now().UnixNano()), "minio-go-test-")
+	location := "us-east-1"
+	// Make a new bucket.
+	function = "MakeBucket(bucketName, location)"
+	functionAll = "MakeBucket(bucketName, location)"
+	args = map[string]interface{}{
+		"bucketName": bucketName,
+		"location":   location,
+	}
+	err = c.MakeBucket(context.Background(), bucketName, minio.MakeBucketOptions{Region: location})
+	if err != nil {
+		logError(testName, function, args, startTime, "", "MakeBucket failed", err)
+		return
+	}
+
+	defer cleanupBucket(bucketName, c)
+
+	// Generate a random file name.
+	fileName := randString(60, rand.NewSource(time.Now().UnixNano()), "")
+	file, err := os.Create(fileName)
+	if err != nil {
+		logError(testName, function, args, startTime, "", "file create failed", err)
+		return
+	}
+	for i := 0; i < 3; i++ {
+		buf := make([]byte, rand.Intn(1<<19))
+		_, err = file.Write(buf)
+		if err != nil {
+			logError(testName, function, args, startTime, "", "file write failed", err)
+			return
+		}
+	}
+	file.Close()
+
+	// Verify if bucket exits and you have access.
+	var exists bool
+	function = "BucketExists(bucketName)"
+	functionAll += ", " + function
+	args = map[string]interface{}{
+		"bucketName": bucketName,
+	}
+	exists, err = c.BucketExists(context.Background(), bucketName)
+	if err != nil {
+		logError(testName, function, args, startTime, "", "BucketExists failed", err)
+		return
+	}
+	if !exists {
+		logError(testName, function, args, startTime, "", "Could not find existing bucket "+bucketName, err)
+		return
+	}
+
+	// Make the bucket 'public read/write'.
+	function = "SetBucketPolicy(bucketName, bucketPolicy)"
+	functionAll += ", " + function
+
+	readWritePolicy := `{"Version": "2012-10-17","Statement": [{"Action": ["s3:ListBucketMultipartUploads", "s3:ListBucket"],"Effect": "Allow","Principal": {"AWS": ["*"]},"Resource": ["arn:aws:s3:::` + bucketName + `"],"Sid": ""}]}`
+
+	args = map[string]interface{}{
+		"bucketName":   bucketName,
+		"bucketPolicy": readWritePolicy,
+	}
+	err = c.SetBucketPolicy(context.Background(), bucketName, readWritePolicy)
+
+	if err != nil {
+		logError(testName, function, args, startTime, "", "SetBucketPolicy failed", err)
+		return
+	}
+
+	// List all buckets.
+	function = "ListBuckets()"
+	functionAll += ", " + function
+	args = nil
+	buckets, err := c.ListBuckets(context.Background())
+	if len(buckets) == 0 {
+		logError(testName, function, args, startTime, "", "List buckets cannot be empty", err)
+		return
+	}
+	if err != nil {
+		logError(testName, function, args, startTime, "", "ListBuckets failed", err)
+		return
+	}
+
+	// Verify if previously created bucket is listed in list buckets.
+	bucketFound := false
+	for _, bucket := range buckets {
+		if bucket.Name == bucketName {
+			bucketFound = true
+		}
+	}
+
+	// If bucket not found error out.
+	if !bucketFound {
+		logError(testName, function, args, startTime, "", "Bucket "+bucketName+"not found", err)
+		return
+	}
+
+	objectName := bucketName + "unique"
+
+	// Generate data
+	buf := bytes.Repeat([]byte("n"), rand.Intn(1<<19))
+
+	args = map[string]interface{}{
+		"bucketName":  bucketName,
+		"objectName":  objectName,
+		"contentType": "",
+	}
+	_, err = c.PutObject(context.Background(), bucketName, objectName, bytes.NewReader(buf), int64(len(buf)), minio.PutObjectOptions{})
+	if err != nil {
+		logError(testName, function, args, startTime, "", "PutObject failed", err)
+		return
+	}
+
+	st, err := c.StatObject(context.Background(), bucketName, objectName, minio.StatObjectOptions{})
+	if err != nil {
+		logError(testName, function, args, startTime, "", "StatObject failed", err)
+		return
+	}
+	if st.Size != int64(len(buf)) {
+		logError(testName, function, args, startTime, "", "Expected uploaded object length "+string(len(buf))+" got "+string(st.Size), err)
+		return
+	}
+
+	objectNameNoLength := objectName + "-nolength"
+	args["objectName"] = objectNameNoLength
+	_, err = c.PutObject(context.Background(), bucketName, objectNameNoLength, bytes.NewReader(buf), int64(len(buf)), minio.PutObjectOptions{ContentType: "binary/octet-stream"})
+	if err != nil {
+		logError(testName, function, args, startTime, "", "PutObject failed", err)
+		return
+	}
+	st, err = c.StatObject(context.Background(), bucketName, objectNameNoLength, minio.StatObjectOptions{})
+	if err != nil {
+		logError(testName, function, args, startTime, "", "StatObject failed", err)
+		return
+	}
+	if st.Size != int64(len(buf)) {
+		logError(testName, function, args, startTime, "", "Expected uploaded object length "+string(len(buf))+" got "+string(st.Size), err)
+		return
+	}
+
+	// Instantiate a done channel to close all listing.
+	doneCh := make(chan struct{})
+	defer close(doneCh)
+
+	objFound := false
+	isRecursive := true // Recursive is true.
+	function = "ListObjects(bucketName, objectName, isRecursive, doneCh)"
+	functionAll += ", " + function
+	args = map[string]interface{}{
+		"bucketName":  bucketName,
+		"objectName":  objectName,
+		"isRecursive": isRecursive,
+	}
+	for obj := range c.ListObjects(context.Background(), bucketName, minio.ListObjectsOptions{UseV1: true, Prefix: objectName, Recursive: isRecursive}) {
+		if obj.Key == objectName {
+			objFound = true
+			break
+		}
+	}
+	if !objFound {
+		logError(testName, function, args, startTime, "", "Could not find existing object "+objectName, err)
+		return
+	}
+
+	incompObjNotFound := true
+	function = "ListIncompleteUploads(bucketName, objectName, isRecursive, doneCh)"
+	functionAll += ", " + function
+	args = map[string]interface{}{
+		"bucketName":  bucketName,
+		"objectName":  objectName,
+		"isRecursive": isRecursive,
+	}
+	for objIncompl := range c.ListIncompleteUploads(context.Background(), bucketName, objectName, isRecursive) {
+		if objIncompl.Key != "" {
+			incompObjNotFound = false
+			break
+		}
+	}
+	if !incompObjNotFound {
+		logError(testName, function, args, startTime, "", "Unexpected dangling incomplete upload found", err)
+		return
+	}
+
+	function = "GetObject(bucketName, objectName)"
+	functionAll += ", " + function
+	args = map[string]interface{}{
+		"bucketName": bucketName,
+		"objectName": objectName,
+	}
+	newReader, err := c.GetObject(context.Background(), bucketName, objectName, minio.GetObjectOptions{})
+	if err != nil {
+		logError(testName, function, args, startTime, "", "GetObject failed", err)
+		return
+	}
+
+	newReadBytes, err := ioutil.ReadAll(newReader)
+	if err != nil {
+		logError(testName, function, args, startTime, "", "ReadAll failed", err)
+		return
+	}
+	newReader.Close()
+
+	if !bytes.Equal(newReadBytes, buf) {
+		logError(testName, function, args, startTime, "", "Bytes mismatch", err)
+		return
+	}
+
+	function = "FGetObject(bucketName, objectName, fileName)"
+	functionAll += ", " + function
+	args = map[string]interface{}{
+		"bucketName": bucketName,
+		"objectName": objectName,
+		"fileName":   fileName + "-f",
+	}
+	err = c.FGetObject(context.Background(), bucketName, objectName, fileName+"-f", minio.GetObjectOptions{})
+	if err != nil {
+		logError(testName, function, args, startTime, "", "FgetObject failed", err)
+		return
+	}
+
+	// Generate presigned HEAD object url.
+	function = "PresignedHeadObject(bucketName, objectName, expires, reqParams)"
+	functionAll += ", " + function
+	args = map[string]interface{}{
+		"bucketName": bucketName,
+		"objectName": objectName,
+		"expires":    3600 * time.Second,
+	}
+	presignedHeadURL, err := c.PresignedHeadObject(context.Background(), bucketName, objectName, 3600*time.Second, nil)
+	if err != nil {
+		logError(testName, function, args, startTime, "", "PresignedHeadObject failed", err)
+		return
+	}
+
+	transport, err := minio.DefaultTransport(mustParseBool(os.Getenv(enableHTTPS)))
+	if err != nil {
+		logError(testName, function, args, startTime, "", "DefaultTransport failed", err)
+		return
+	}
+
+	httpClient := &http.Client{
+		// Setting a sensible time out of 30secs to wait for response
+		// headers. Request is pro-actively canceled after 30secs
+		// with no response.
+		Timeout:   30 * time.Second,
+		Transport: transport,
+	}
+
+	req, err := http.NewRequest(http.MethodHead, presignedHeadURL.String(), nil)
+	if err != nil {
+		logError(testName, function, args, startTime, "", "PresignedHeadObject URL head request failed", err)
+		return
+	}
+
+	// Verify if presigned url works.
+	resp, err := httpClient.Do(req)
+	if err != nil {
+		logError(testName, function, args, startTime, "", "PresignedHeadObject URL head request failed", err)
+		return
+	}
+	if resp.StatusCode != http.StatusOK {
+		logError(testName, function, args, startTime, "", "PresignedHeadObject URL returns status "+string(resp.StatusCode), err)
+		return
+	}
+	if resp.Header.Get("ETag") == "" {
+		logError(testName, function, args, startTime, "", "Got empty ETag", err)
+		return
+	}
+	resp.Body.Close()
+
+	// Generate presigned GET object url.
+	function = "PresignedGetObject(bucketName, objectName, expires, reqParams)"
+	functionAll += ", " + function
+	args = map[string]interface{}{
+		"bucketName": bucketName,
+		"objectName": objectName,
+		"expires":    3600 * time.Second,
+	}
+	presignedGetURL, err := c.PresignedGetObject(context.Background(), bucketName, objectName, 3600*time.Second, nil)
+	if err != nil {
+		logError(testName, function, args, startTime, "", "PresignedGetObject failed", err)
+		return
+	}
+
+	// Verify if presigned url works.
+	req, err = http.NewRequest(http.MethodGet, presignedGetURL.String(), nil)
+	if err != nil {
+		logError(testName, function, args, startTime, "", "PresignedGetObject request incorrect", err)
+		return
+	}
+
+	resp, err = httpClient.Do(req)
+	if err != nil {
+		logError(testName, function, args, startTime, "", "PresignedGetObject response incorrect", err)
+		return
+	}
+
+	if resp.StatusCode != http.StatusOK {
+		logError(testName, function, args, startTime, "", "PresignedGetObject URL returns status "+string(resp.StatusCode), err)
+		return
+	}
+	newPresignedBytes, err := ioutil.ReadAll(resp.Body)
+	if err != nil {
+		logError(testName, function, args, startTime, "", "ReadAll failed", err)
+		return
+	}
+	resp.Body.Close()
+	if !bytes.Equal(newPresignedBytes, buf) {
+		logError(testName, function, args, startTime, "", "Bytes mismatch", err)
+		return
+	}
+
+	// Set request parameters.
+	reqParams := make(url.Values)
+	reqParams.Set("response-content-disposition", "attachment; filename=\"test.txt\"")
+	// Generate presigned GET object url.
+	args["reqParams"] = reqParams
+	presignedGetURL, err = c.PresignedGetObject(context.Background(), bucketName, objectName, 3600*time.Second, reqParams)
+	if err != nil {
+		logError(testName, function, args, startTime, "", "PresignedGetObject failed", err)
+		return
+	}
+
+	// Verify if presigned url works.
+	req, err = http.NewRequest(http.MethodGet, presignedGetURL.String(), nil)
+	if err != nil {
+		logError(testName, function, args, startTime, "", "PresignedGetObject request incorrect", err)
+		return
+	}
+
+	resp, err = httpClient.Do(req)
+	if err != nil {
+		logError(testName, function, args, startTime, "", "PresignedGetObject response incorrect", err)
+		return
+	}
+
+	if resp.StatusCode != http.StatusOK {
+		logError(testName, function, args, startTime, "", "PresignedGetObject URL returns status "+string(resp.StatusCode), err)
+		return
+	}
+	newPresignedBytes, err = ioutil.ReadAll(resp.Body)
+	if err != nil {
+		logError(testName, function, args, startTime, "", "ReadAll failed", err)
+		return
+	}
+	if !bytes.Equal(newPresignedBytes, buf) {
+		logError(testName, function, args, startTime, "", "Bytes mismatch", err)
+		return
+	}
+	// Verify content disposition.
+	if resp.Header.Get("Content-Disposition") != "attachment; filename=\"test.txt\"" {
+		logError(testName, function, args, startTime, "", "wrong Content-Disposition received ", err)
+		return
+	}
+
+	function = "PresignedPutObject(bucketName, objectName, expires)"
+	functionAll += ", " + function
+	args = map[string]interface{}{
+		"bucketName": bucketName,
+		"objectName": objectName + "-presigned",
+		"expires":    3600 * time.Second,
+	}
+	presignedPutURL, err := c.PresignedPutObject(context.Background(), bucketName, objectName+"-presigned", 3600*time.Second)
+	if err != nil {
+		logError(testName, function, args, startTime, "", "PresignedPutObject failed", err)
+		return
+	}
+
+	// Generate data more than 32K
+	buf = bytes.Repeat([]byte("1"), rand.Intn(1<<10)+32*1024)
+
+	req, err = http.NewRequest(http.MethodPut, presignedPutURL.String(), bytes.NewReader(buf))
+	if err != nil {
+		logError(testName, function, args, startTime, "", "HTTP request to PresignedPutObject URL failed", err)
+		return
+	}
+
+	resp, err = httpClient.Do(req)
+	if err != nil {
+		logError(testName, function, args, startTime, "", "HTTP request to PresignedPutObject URL failed", err)
+		return
+	}
+
+	// Download the uploaded object to verify
+	args = map[string]interface{}{
+		"bucketName": bucketName,
+		"objectName": objectName + "-presigned",
+	}
+	newReader, err = c.GetObject(context.Background(), bucketName, objectName+"-presigned", minio.GetObjectOptions{})
+	if err != nil {
+		logError(testName, function, args, startTime, "", "GetObject of uploaded presigned object failed", err)
+		return
+	}
+
+	newReadBytes, err = ioutil.ReadAll(newReader)
+	if err != nil {
+		logError(testName, function, args, startTime, "", "ReadAll failed during get on presigned put object", err)
+		return
+	}
+	newReader.Close()
+
+	if !bytes.Equal(newReadBytes, buf) {
+		logError(testName, function, args, startTime, "", "Bytes mismatch on presigned object upload verification", err)
+		return
+	}
+
+	function = "PresignHeader(method, bucketName, objectName, expires, reqParams, extraHeaders)"
+	functionAll += ", " + function
+	presignExtraHeaders := map[string][]string{
+		"mysecret": {"abcxxx"},
+	}
+	args = map[string]interface{}{
+		"method":       "PUT",
+		"bucketName":   bucketName,
+		"objectName":   objectName + "-presign-custom",
+		"expires":      3600 * time.Second,
+		"extraHeaders": presignExtraHeaders,
+	}
+	_, err = c.PresignHeader(context.Background(), "PUT", bucketName, objectName+"-presign-custom", 3600*time.Second, nil, presignExtraHeaders)
+	if err == nil {
+		logError(testName, function, args, startTime, "", "Presigned with extra headers succeeded", err)
+		return
+	}
+
+	os.Remove(fileName)
+	os.Remove(fileName + "-f")
+	successLogger(testName, functionAll, args, startTime).Info()
+}
+
+// Test get object with GetObject with context
+func testGetObjectContext() {
+	// initialize logging params
+	startTime := time.Now()
+	testName := getFuncName()
+	function := "GetObject(ctx, bucketName, objectName)"
+	args := map[string]interface{}{
+		"ctx":        "",
+		"bucketName": "",
+		"objectName": "",
+	}
+	// Seed random based on current time.
+	rand.Seed(time.Now().Unix())
+
+	// Instantiate new minio client object.
+	c, err := minio.New(os.Getenv(serverEndpoint),
+		&minio.Options{
+			Creds:  credentials.NewStaticV4(os.Getenv(accessKey), os.Getenv(secretKey), ""),
+			Secure: mustParseBool(os.Getenv(enableHTTPS)),
+		})
+	if err != nil {
+		logError(testName, function, args, startTime, "", "MinIO client v4 object creation failed", err)
+		return
+	}
+
+	// Enable tracing, write to stderr.
+	// c.TraceOn(os.Stderr)
+
+	// Set user agent.
+	c.SetAppInfo("MinIO-go-FunctionalTest", "0.1.0")
+
+	// Generate a new random bucket name.
+	bucketName := randString(60, rand.NewSource(time.Now().UnixNano()), "minio-go-test-")
+	args["bucketName"] = bucketName
+
+	// Make a new bucket.
+	err = c.MakeBucket(context.Background(), bucketName, minio.MakeBucketOptions{Region: "us-east-1"})
+	if err != nil {
+		logError(testName, function, args, startTime, "", "MakeBucket failed", err)
+		return
+	}
+
+	defer cleanupBucket(bucketName, c)
+
+	bufSize := dataFileMap["datafile-33-kB"]
+	var reader = getDataReader("datafile-33-kB")
+	defer reader.Close()
+	// Save the data
+	objectName := randString(60, rand.NewSource(time.Now().UnixNano()), "")
+	args["objectName"] = objectName
+
+	_, err = c.PutObject(context.Background(), bucketName, objectName, reader, int64(bufSize), minio.PutObjectOptions{ContentType: "binary/octet-stream"})
+	if err != nil {
+		logError(testName, function, args, startTime, "", "PutObject failed", err)
+		return
+	}
+
+	ctx, cancel := context.WithTimeout(context.Background(), 1*time.Nanosecond)
+	args["ctx"] = ctx
+	cancel()
+
+	r, err := c.GetObject(ctx, bucketName, objectName, minio.GetObjectOptions{})
+	if err != nil {
+		logError(testName, function, args, startTime, "", "GetObject failed unexpectedly", err)
+		return
+	}
+
+	if _, err = r.Stat(); err == nil {
+		logError(testName, function, args, startTime, "", "GetObject should fail on short timeout", err)
+		return
+	}
+	r.Close()
+
+	ctx, cancel = context.WithTimeout(context.Background(), 1*time.Hour)
+	args["ctx"] = ctx
+	defer cancel()
+
+	// Read the data back
+	r, err = c.GetObject(ctx, bucketName, objectName, minio.GetObjectOptions{})
+	if err != nil {
+		logError(testName, function, args, startTime, "", "GetObject failed", err)
+		return
+	}
+
+	st, err := r.Stat()
+	if err != nil {
+		logError(testName, function, args, startTime, "", "object Stat call failed", err)
+		return
+	}
+	if st.Size != int64(bufSize) {
+		logError(testName, function, args, startTime, "", "Number of bytes in stat does not match: want "+string(bufSize)+", got"+string(st.Size), err)
+		return
+	}
+	if err := r.Close(); err != nil {
+		logError(testName, function, args, startTime, "", "object Close() call failed", err)
+		return
+	}
+
+	successLogger(testName, function, args, startTime).Info()
+
+}
+
+// Test get object with FGetObject with a user provided context
+func testFGetObjectContext() {
+	// initialize logging params
+	startTime := time.Now()
+	testName := getFuncName()
+	function := "FGetObject(ctx, bucketName, objectName, fileName)"
+	args := map[string]interface{}{
+		"ctx":        "",
+		"bucketName": "",
+		"objectName": "",
+		"fileName":   "",
+	}
+	// Seed random based on current time.
+	rand.Seed(time.Now().Unix())
+
+	// Instantiate new minio client object.
+	c, err := minio.New(os.Getenv(serverEndpoint),
+		&minio.Options{
+			Creds:  credentials.NewStaticV4(os.Getenv(accessKey), os.Getenv(secretKey), ""),
+			Secure: mustParseBool(os.Getenv(enableHTTPS)),
+		})
+	if err != nil {
+		logError(testName, function, args, startTime, "", "MinIO client v4 object creation failed", err)
+		return
+	}
+
+	// Enable tracing, write to stderr.
+	// c.TraceOn(os.Stderr)
+
+	// Set user agent.
+	c.SetAppInfo("MinIO-go-FunctionalTest", "0.1.0")
+
+	// Generate a new random bucket name.
+	bucketName := randString(60, rand.NewSource(time.Now().UnixNano()), "minio-go-test-")
+	args["bucketName"] = bucketName
+
+	// Make a new bucket.
+	err = c.MakeBucket(context.Background(), bucketName, minio.MakeBucketOptions{Region: "us-east-1"})
+	if err != nil {
+		logError(testName, function, args, startTime, "", "MakeBucket failed", err)
+		return
+	}
+
+	defer cleanupBucket(bucketName, c)
+
+	bufSize := dataFileMap["datafile-1-MB"]
+	var reader = getDataReader("datafile-1-MB")
+	defer reader.Close()
+	// Save the data
+	objectName := randString(60, rand.NewSource(time.Now().UnixNano()), "")
+	args["objectName"] = objectName
+
+	_, err = c.PutObject(context.Background(), bucketName, objectName, reader, int64(bufSize), minio.PutObjectOptions{ContentType: "binary/octet-stream"})
+	if err != nil {
+		logError(testName, function, args, startTime, "", "PutObject failed", err)
+		return
+	}
+
+	ctx, cancel := context.WithTimeout(context.Background(), 1*time.Nanosecond)
+	args["ctx"] = ctx
+	defer cancel()
+
+	fileName := "tempfile-context"
+	args["fileName"] = fileName
+	// Read the data back
+	err = c.FGetObject(ctx, bucketName, objectName, fileName+"-f", minio.GetObjectOptions{})
+	if err == nil {
+		logError(testName, function, args, startTime, "", "FGetObject should fail on short timeout", err)
+		return
+	}
+	ctx, cancel = context.WithTimeout(context.Background(), 1*time.Hour)
+	defer cancel()
+
+	// Read the data back
+	err = c.FGetObject(ctx, bucketName, objectName, fileName+"-fcontext", minio.GetObjectOptions{})
+	if err != nil {
+		logError(testName, function, args, startTime, "", "FGetObject with long timeout failed", err)
+		return
+	}
+	if err = os.Remove(fileName + "-fcontext"); err != nil {
+		logError(testName, function, args, startTime, "", "Remove file failed", err)
+		return
+	}
+
+	successLogger(testName, function, args, startTime).Info()
+
+}
+
+// Test get object with GetObject with a user provided context
+func testGetObjectRanges() {
+	// initialize logging params
+	startTime := time.Now()
+	testName := getFuncName()
+	function := "GetObject(ctx, bucketName, objectName, fileName)"
+	args := map[string]interface{}{
+		"ctx":        "",
+		"bucketName": "",
+		"objectName": "",
+		"fileName":   "",
+	}
+	ctx, cancel := context.WithTimeout(context.Background(), 5*time.Minute)
+	defer cancel()
+
+	rng := rand.NewSource(time.Now().UnixNano())
+	// Instantiate new minio client object.
+	c, err := minio.New(os.Getenv(serverEndpoint),
+		&minio.Options{
+			Creds:  credentials.NewStaticV4(os.Getenv(accessKey), os.Getenv(secretKey), ""),
+			Secure: mustParseBool(os.Getenv(enableHTTPS)),
+		})
+	if err != nil {
+		logError(testName, function, args, startTime, "", "MinIO client v4 object creation failed", err)
+		return
+	}
+
+	// Enable tracing, write to stderr.
+	// c.TraceOn(os.Stderr)
+
+	// Set user agent.
+	c.SetAppInfo("MinIO-go-FunctionalTest", "0.1.0")
+
+	// Generate a new random bucket name.
+	bucketName := randString(60, rng, "minio-go-test-")
+	args["bucketName"] = bucketName
+
+	// Make a new bucket.
+	err = c.MakeBucket(context.Background(), bucketName, minio.MakeBucketOptions{Region: "us-east-1"})
+	if err != nil {
+		logError(testName, function, args, startTime, "", "MakeBucket failed", err)
+		return
+	}
+
+	defer cleanupBucket(bucketName, c)
+
+	bufSize := dataFileMap["datafile-129-MB"]
+	var reader = getDataReader("datafile-129-MB")
+	defer reader.Close()
+	// Save the data
+	objectName := randString(60, rng, "")
+	args["objectName"] = objectName
+
+	_, err = c.PutObject(context.Background(), bucketName, objectName, reader, int64(bufSize), minio.PutObjectOptions{ContentType: "binary/octet-stream"})
+	if err != nil {
+		logError(testName, function, args, startTime, "", "PutObject failed", err)
+		return
+	}
+
+	// Read the data back
+	tests := []struct {
+		start int64
+		end   int64
+	}{
+		{
+			start: 1024,
+			end:   1024 + 1<<20,
+		},
+		{
+			start: 20e6,
+			end:   20e6 + 10000,
+		},
+		{
+			start: 40e6,
+			end:   40e6 + 10000,
+		},
+		{
+			start: 60e6,
+			end:   60e6 + 10000,
+		},
+		{
+			start: 80e6,
+			end:   80e6 + 10000,
+		},
+		{
+			start: 120e6,
+			end:   int64(bufSize),
+		},
+	}
+	for _, test := range tests {
+		wantRC := getDataReader("datafile-129-MB")
+		io.CopyN(ioutil.Discard, wantRC, test.start)
+		want := mustCrcReader(io.LimitReader(wantRC, test.end-test.start+1))
+		opts := minio.GetObjectOptions{}
+		opts.SetRange(test.start, test.end)
+		args["opts"] = fmt.Sprintf("%+v", test)
+		obj, err := c.GetObject(ctx, bucketName, objectName, opts)
+		if err != nil {
+			logError(testName, function, args, startTime, "", "FGetObject with long timeout failed", err)
+			return
+		}
+		err = crcMatches(obj, want)
+		if err != nil {
+			logError(testName, function, args, startTime, "", fmt.Sprintf("GetObject offset %d -> %d", test.start, test.end), err)
+			return
+		}
+	}
+
+	successLogger(testName, function, args, startTime).Info()
+}
+
+// Test get object ACLs with GetObjectACL with custom provided context
+func testGetObjectACLContext() {
+	// initialize logging params
+	startTime := time.Now()
+	testName := getFuncName()
+	function := "GetObjectACL(ctx, bucketName, objectName)"
+	args := map[string]interface{}{
+		"ctx":        "",
+		"bucketName": "",
+		"objectName": "",
+	}
+	// Seed random based on current time.
+	rand.Seed(time.Now().Unix())
+
+	// skipping region functional tests for non s3 runs
+	if os.Getenv(serverEndpoint) != "s3.amazonaws.com" {
+		ignoredLog(testName, function, args, startTime, "Skipped region functional tests for non s3 runs").Info()
+		return
+	}
+
+	// Instantiate new minio client object.
+	c, err := minio.New(os.Getenv(serverEndpoint),
+		&minio.Options{
+			Creds:  credentials.NewStaticV4(os.Getenv(accessKey), os.Getenv(secretKey), ""),
+			Secure: mustParseBool(os.Getenv(enableHTTPS)),
+		})
+	if err != nil {
+		logError(testName, function, args, startTime, "", "MinIO client v4 object creation failed", err)
+		return
+	}
+
+	// Enable tracing, write to stderr.
+	// c.TraceOn(os.Stderr)
+
+	// Set user agent.
+	c.SetAppInfo("MinIO-go-FunctionalTest", "0.1.0")
+
+	// Generate a new random bucket name.
+	bucketName := randString(60, rand.NewSource(time.Now().UnixNano()), "minio-go-test-")
+	args["bucketName"] = bucketName
+
+	// Make a new bucket.
+	err = c.MakeBucket(context.Background(), bucketName, minio.MakeBucketOptions{Region: "us-east-1"})
+	if err != nil {
+		logError(testName, function, args, startTime, "", "MakeBucket failed", err)
+		return
+	}
+
+	defer cleanupBucket(bucketName, c)
+
+	bufSize := dataFileMap["datafile-1-MB"]
+	var reader = getDataReader("datafile-1-MB")
+	defer reader.Close()
+	// Save the data
+	objectName := randString(60, rand.NewSource(time.Now().UnixNano()), "")
+	args["objectName"] = objectName
+
+	// Add meta data to add a canned acl
+	metaData := map[string]string{
+		"X-Amz-Acl": "public-read-write",
+	}
+
+	_, err = c.PutObject(context.Background(), bucketName,
+		objectName, reader, int64(bufSize),
+		minio.PutObjectOptions{
+			ContentType:  "binary/octet-stream",
+			UserMetadata: metaData,
+		})
+
+	if err != nil {
+		logError(testName, function, args, startTime, "", "PutObject failed", err)
+		return
+	}
+
+	ctx, cancel := context.WithTimeout(context.Background(), 10*time.Second)
+	args["ctx"] = ctx
+	defer cancel()
+
+	// Read the data back
+	objectInfo, getObjectACLErr := c.GetObjectACL(ctx, bucketName, objectName)
+	if getObjectACLErr != nil {
+		logError(testName, function, args, startTime, "", "GetObjectACL failed. ", getObjectACLErr)
+		return
+	}
+
+	s, ok := objectInfo.Metadata["X-Amz-Acl"]
+	if !ok {
+		logError(testName, function, args, startTime, "", "GetObjectACL fail unable to find \"X-Amz-Acl\"", nil)
+		return
+	}
+
+	if len(s) != 1 {
+		logError(testName, function, args, startTime, "", "GetObjectACL fail \"X-Amz-Acl\" canned acl expected \"1\" got "+fmt.Sprintf(`"%d"`, len(s)), nil)
+		return
+	}
+
+	if s[0] != "public-read-write" {
+		logError(testName, function, args, startTime, "", "GetObjectACL fail \"X-Amz-Acl\" expected \"public-read-write\" but got"+fmt.Sprintf("%q", s[0]), nil)
+		return
+	}
+
+	bufSize = dataFileMap["datafile-1-MB"]
+	var reader2 = getDataReader("datafile-1-MB")
+	defer reader2.Close()
+	// Save the data
+	objectName = randString(60, rand.NewSource(time.Now().UnixNano()), "")
+	args["objectName"] = objectName
+
+	// Add meta data to add a canned acl
+	metaData = map[string]string{
+		"X-Amz-Grant-Read":  "id=fooread@minio.go",
+		"X-Amz-Grant-Write": "id=foowrite@minio.go",
+	}
+
+	_, err = c.PutObject(context.Background(), bucketName, objectName, reader2, int64(bufSize), minio.PutObjectOptions{ContentType: "binary/octet-stream", UserMetadata: metaData})
+	if err != nil {
+		logError(testName, function, args, startTime, "", "PutObject failed", err)
+		return
+	}
+
+	ctx, cancel = context.WithTimeout(context.Background(), 10*time.Second)
+	args["ctx"] = ctx
+	defer cancel()
+
+	// Read the data back
+	objectInfo, getObjectACLErr = c.GetObjectACL(ctx, bucketName, objectName)
+	if getObjectACLErr == nil {
+		logError(testName, function, args, startTime, "", "GetObjectACL fail", getObjectACLErr)
+		return
+	}
+
+	if len(objectInfo.Metadata) != 3 {
+		logError(testName, function, args, startTime, "", "GetObjectACL fail expected \"3\" ACLs but got "+fmt.Sprintf(`"%d"`, len(objectInfo.Metadata)), nil)
+		return
+	}
+
+	s, ok = objectInfo.Metadata["X-Amz-Grant-Read"]
+	if !ok {
+		logError(testName, function, args, startTime, "", "GetObjectACL fail unable to find \"X-Amz-Grant-Read\"", nil)
+		return
+	}
+
+	if len(s) != 1 {
+		logError(testName, function, args, startTime, "", "GetObjectACL fail \"X-Amz-Grant-Read\" acl expected \"1\" got "+fmt.Sprintf(`"%d"`, len(s)), nil)
+		return
+	}
+
+	if s[0] != "fooread@minio.go" {
+		logError(testName, function, args, startTime, "", "GetObjectACL fail \"X-Amz-Grant-Read\" acl expected \"fooread@minio.go\" got "+fmt.Sprintf("%q", s), nil)
+		return
+	}
+
+	s, ok = objectInfo.Metadata["X-Amz-Grant-Write"]
+	if !ok {
+		logError(testName, function, args, startTime, "", "GetObjectACL fail unable to find \"X-Amz-Grant-Write\"", nil)
+		return
+	}
+
+	if len(s) != 1 {
+		logError(testName, function, args, startTime, "", "GetObjectACL fail \"X-Amz-Grant-Write\" acl expected \"1\" got "+fmt.Sprintf(`"%d"`, len(s)), nil)
+		return
+	}
+
+	if s[0] != "foowrite@minio.go" {
+		logError(testName, function, args, startTime, "", "GetObjectACL fail \"X-Amz-Grant-Write\" acl expected \"foowrite@minio.go\" got "+fmt.Sprintf("%q", s), nil)
+		return
+	}
+
+	successLogger(testName, function, args, startTime).Info()
+}
+
+// Test validates putObject with context to see if request cancellation is honored for V2.
+func testPutObjectContextV2() {
+	// initialize logging params
+	startTime := time.Now()
+	testName := getFuncName()
+	function := "PutObject(ctx, bucketName, objectName, reader, size, opts)"
+	args := map[string]interface{}{
+		"ctx":        "",
+		"bucketName": "",
+		"objectName": "",
+		"size":       "",
+		"opts":       "",
+	}
+	// Instantiate new minio client object.
+	c, err := minio.New(os.Getenv(serverEndpoint),
+		&minio.Options{
+			Creds:  credentials.NewStaticV2(os.Getenv(accessKey), os.Getenv(secretKey), ""),
+			Secure: mustParseBool(os.Getenv(enableHTTPS)),
+		})
+	if err != nil {
+		logError(testName, function, args, startTime, "", "MinIO client v2 object creation failed", err)
+		return
+	}
+
+	// Enable tracing, write to stderr.
+	// c.TraceOn(os.Stderr)
+
+	// Set user agent.
+	c.SetAppInfo("MinIO-go-FunctionalTest", "0.1.0")
+
+	// Make a new bucket.
+	bucketName := randString(60, rand.NewSource(time.Now().UnixNano()), "minio-go-test-")
+	args["bucketName"] = bucketName
+
+	err = c.MakeBucket(context.Background(), bucketName, minio.MakeBucketOptions{Region: "us-east-1"})
+	if err != nil {
+		logError(testName, function, args, startTime, "", "MakeBucket failed", err)
+		return
+	}
+	defer cleanupBucket(bucketName, c)
+	bufSize := dataFileMap["datatfile-33-kB"]
+	var reader = getDataReader("datafile-33-kB")
+	defer reader.Close()
+
+	objectName := fmt.Sprintf("test-file-%v", rand.Uint32())
+	args["objectName"] = objectName
+
+	ctx, cancel := context.WithTimeout(context.Background(), 30*time.Second)
+	args["ctx"] = ctx
+	args["size"] = bufSize
+	defer cancel()
+
+	_, err = c.PutObject(ctx, bucketName, objectName, reader, int64(bufSize), minio.PutObjectOptions{ContentType: "binary/octet-stream"})
+	if err != nil {
+		logError(testName, function, args, startTime, "", "PutObject with short timeout failed", err)
+		return
+	}
+
+	ctx, cancel = context.WithTimeout(context.Background(), 1*time.Hour)
+	args["ctx"] = ctx
+
+	defer cancel()
+	reader = getDataReader("datafile-33-kB")
+	defer reader.Close()
+	_, err = c.PutObject(ctx, bucketName, objectName, reader, int64(bufSize), minio.PutObjectOptions{ContentType: "binary/octet-stream"})
+	if err != nil {
+		logError(testName, function, args, startTime, "", "PutObject with long timeout failed", err)
+		return
+	}
+
+	successLogger(testName, function, args, startTime).Info()
+
+}
+
+// Test get object with GetObject with custom context
+func testGetObjectContextV2() {
+	// initialize logging params
+	startTime := time.Now()
+	testName := getFuncName()
+	function := "GetObject(ctx, bucketName, objectName)"
+	args := map[string]interface{}{
+		"ctx":        "",
+		"bucketName": "",
+		"objectName": "",
+	}
+	// Seed random based on current time.
+	rand.Seed(time.Now().Unix())
+
+	// Instantiate new minio client object.
+	c, err := minio.New(os.Getenv(serverEndpoint),
+		&minio.Options{
+			Creds:  credentials.NewStaticV2(os.Getenv(accessKey), os.Getenv(secretKey), ""),
+			Secure: mustParseBool(os.Getenv(enableHTTPS)),
+		})
+	if err != nil {
+		logError(testName, function, args, startTime, "", "MinIO client v2 object creation failed", err)
+		return
+	}
+
+	// Enable tracing, write to stderr.
+	// c.TraceOn(os.Stderr)
+
+	// Set user agent.
+	c.SetAppInfo("MinIO-go-FunctionalTest", "0.1.0")
+
+	// Generate a new random bucket name.
+	bucketName := randString(60, rand.NewSource(time.Now().UnixNano()), "minio-go-test-")
+	args["bucketName"] = bucketName
+
+	// Make a new bucket.
+	err = c.MakeBucket(context.Background(), bucketName, minio.MakeBucketOptions{Region: "us-east-1"})
+	if err != nil {
+		logError(testName, function, args, startTime, "", "MakeBucket failed", err)
+		return
+	}
+
+	defer cleanupBucket(bucketName, c)
+
+	bufSize := dataFileMap["datafile-33-kB"]
+	var reader = getDataReader("datafile-33-kB")
+	defer reader.Close()
+	// Save the data
+	objectName := randString(60, rand.NewSource(time.Now().UnixNano()), "")
+	args["objectName"] = objectName
+
+	_, err = c.PutObject(context.Background(), bucketName, objectName, reader, int64(bufSize), minio.PutObjectOptions{ContentType: "binary/octet-stream"})
+	if err != nil {
+		logError(testName, function, args, startTime, "", "PutObject call failed", err)
+		return
+	}
+
+	ctx, cancel := context.WithTimeout(context.Background(), 1*time.Nanosecond)
+	args["ctx"] = ctx
+	cancel()
+
+	r, err := c.GetObject(ctx, bucketName, objectName, minio.GetObjectOptions{})
+	if err != nil {
+		logError(testName, function, args, startTime, "", "GetObject failed unexpectedly", err)
+		return
+	}
+	if _, err = r.Stat(); err == nil {
+		logError(testName, function, args, startTime, "", "GetObject should fail on short timeout", err)
+		return
+	}
+	r.Close()
+
+	ctx, cancel = context.WithTimeout(context.Background(), 1*time.Hour)
+	defer cancel()
+
+	// Read the data back
+	r, err = c.GetObject(ctx, bucketName, objectName, minio.GetObjectOptions{})
+	if err != nil {
+		logError(testName, function, args, startTime, "", "GetObject shouldn't fail on longer timeout", err)
+		return
+	}
+
+	st, err := r.Stat()
+	if err != nil {
+		logError(testName, function, args, startTime, "", "object Stat call failed", err)
+		return
+	}
+	if st.Size != int64(bufSize) {
+		logError(testName, function, args, startTime, "", "Number of bytes in stat does not match, expected "+string(bufSize)+" got "+string(st.Size), err)
+		return
+	}
+	if err := r.Close(); err != nil {
+		logError(testName, function, args, startTime, "", " object Close() call failed", err)
+		return
+	}
+
+	successLogger(testName, function, args, startTime).Info()
+
+}
+
+// Test get object with FGetObject with custom context
+func testFGetObjectContextV2() {
+	// initialize logging params
+	startTime := time.Now()
+	testName := getFuncName()
+	function := "FGetObject(ctx, bucketName, objectName,fileName)"
+	args := map[string]interface{}{
+		"ctx":        "",
+		"bucketName": "",
+		"objectName": "",
+		"fileName":   "",
+	}
+	// Seed random based on current time.
+	rand.Seed(time.Now().Unix())
+
+	// Instantiate new minio client object.
+	c, err := minio.New(os.Getenv(serverEndpoint),
+		&minio.Options{
+			Creds:  credentials.NewStaticV2(os.Getenv(accessKey), os.Getenv(secretKey), ""),
+			Secure: mustParseBool(os.Getenv(enableHTTPS)),
+		})
+	if err != nil {
+		logError(testName, function, args, startTime, "", "MinIO client v2 object creation failed", err)
+		return
+	}
+
+	// Enable tracing, write to stderr.
+	// c.TraceOn(os.Stderr)
+
+	// Set user agent.
+	c.SetAppInfo("MinIO-go-FunctionalTest", "0.1.0")
+
+	// Generate a new random bucket name.
+	bucketName := randString(60, rand.NewSource(time.Now().UnixNano()), "minio-go-test-")
+	args["bucketName"] = bucketName
+
+	// Make a new bucket.
+	err = c.MakeBucket(context.Background(), bucketName, minio.MakeBucketOptions{Region: "us-east-1"})
+	if err != nil {
+		logError(testName, function, args, startTime, "", "MakeBucket call failed", err)
+		return
+	}
+
+	defer cleanupBucket(bucketName, c)
+
+	bufSize := dataFileMap["datatfile-1-MB"]
+	var reader = getDataReader("datafile-1-MB")
+	defer reader.Close()
+	// Save the data
+	objectName := randString(60, rand.NewSource(time.Now().UnixNano()), "")
+	args["objectName"] = objectName
+
+	_, err = c.PutObject(context.Background(), bucketName, objectName, reader, int64(bufSize), minio.PutObjectOptions{ContentType: "binary/octet-stream"})
+	if err != nil {
+		logError(testName, function, args, startTime, "", "PutObject call failed", err)
+		return
+	}
+
+	ctx, cancel := context.WithTimeout(context.Background(), 1*time.Nanosecond)
+	args["ctx"] = ctx
+	defer cancel()
+
+	fileName := "tempfile-context"
+	args["fileName"] = fileName
+
+	// Read the data back
+	err = c.FGetObject(ctx, bucketName, objectName, fileName+"-f", minio.GetObjectOptions{})
+	if err == nil {
+		logError(testName, function, args, startTime, "", "FGetObject should fail on short timeout", err)
+		return
+	}
+	ctx, cancel = context.WithTimeout(context.Background(), 1*time.Hour)
+	defer cancel()
+
+	// Read the data back
+	err = c.FGetObject(ctx, bucketName, objectName, fileName+"-fcontext", minio.GetObjectOptions{})
+	if err != nil {
+		logError(testName, function, args, startTime, "", "FGetObject call shouldn't fail on long timeout", err)
+		return
+	}
+
+	if err = os.Remove(fileName + "-fcontext"); err != nil {
+		logError(testName, function, args, startTime, "", "Remove file failed", err)
+		return
+	}
+
+	successLogger(testName, function, args, startTime).Info()
+
+}
+
+// Test list object v1 and V2
+func testListObjects() {
+	// initialize logging params
+	startTime := time.Now()
+	testName := getFuncName()
+	function := "ListObjects(bucketName, objectPrefix, recursive, doneCh)"
+	args := map[string]interface{}{
+		"bucketName":   "",
+		"objectPrefix": "",
+		"recursive":    "true",
+	}
+	// Seed random based on current time.
+	rand.Seed(time.Now().Unix())
+
+	// Instantiate new minio client object.
+	c, err := minio.New(os.Getenv(serverEndpoint),
+		&minio.Options{
+			Creds:  credentials.NewStaticV4(os.Getenv(accessKey), os.Getenv(secretKey), ""),
+			Secure: mustParseBool(os.Getenv(enableHTTPS)),
+		})
+	if err != nil {
+		logError(testName, function, args, startTime, "", "MinIO client v4 object creation failed", err)
+		return
+	}
+
+	// Enable tracing, write to stderr.
+	// c.TraceOn(os.Stderr)
+
+	// Set user agent.
+	c.SetAppInfo("MinIO-go-FunctionalTest", "0.1.0")
+
+	// Generate a new random bucket name.
+	bucketName := randString(60, rand.NewSource(time.Now().UnixNano()), "minio-go-test-")
+	args["bucketName"] = bucketName
+
+	// Make a new bucket.
+	err = c.MakeBucket(context.Background(), bucketName, minio.MakeBucketOptions{Region: "us-east-1"})
+	if err != nil {
+		logError(testName, function, args, startTime, "", "MakeBucket failed", err)
+		return
+	}
+
+	defer cleanupBucket(bucketName, c)
+
+	testObjects := []struct {
+		name         string
+		storageClass string
+	}{
+		// Special characters
+		{"foo bar", "STANDARD"},
+		{"foo-%", "STANDARD"},
+		{"random-object-1", "STANDARD"},
+		{"random-object-2", "REDUCED_REDUNDANCY"},
+	}
+
+	for i, object := range testObjects {
+		bufSize := dataFileMap["datafile-33-kB"]
+		var reader = getDataReader("datafile-33-kB")
+		defer reader.Close()
+		_, err = c.PutObject(context.Background(), bucketName, object.name, reader, int64(bufSize),
+			minio.PutObjectOptions{ContentType: "binary/octet-stream", StorageClass: object.storageClass})
+		if err != nil {
+			logError(testName, function, args, startTime, "", fmt.Sprintf("PutObject %d call failed", i+1), err)
+			return
+		}
+	}
+
+	testList := func(listFn func(context.Context, string, minio.ListObjectsOptions) <-chan minio.ObjectInfo, bucket string, opts minio.ListObjectsOptions) {
+		var objCursor int
+
+		// check for object name and storage-class from listing object result
+		for objInfo := range listFn(context.Background(), bucket, opts) {
+			if objInfo.Err != nil {
+				logError(testName, function, args, startTime, "", "ListObjects failed unexpectedly", err)
+				return
+			}
+			if objInfo.Key != testObjects[objCursor].name {
+				logError(testName, function, args, startTime, "", "ListObjects does not return expected object name", err)
+				return
+			}
+			if objInfo.StorageClass != testObjects[objCursor].storageClass {
+				// Ignored as Gateways (Azure/GCS etc) wont return storage class
+				ignoredLog(testName, function, args, startTime, "ListObjects doesn't return expected storage class").Info()
+			}
+			objCursor++
+		}
+
+		if objCursor != len(testObjects) {
+			logError(testName, function, args, startTime, "", "ListObjects returned unexpected number of items", errors.New(""))
+			return
+		}
+	}
+
+	testList(c.ListObjects, bucketName, minio.ListObjectsOptions{Recursive: true, UseV1: true})
+	testList(c.ListObjects, bucketName, minio.ListObjectsOptions{Recursive: true})
+	testList(c.ListObjects, bucketName, minio.ListObjectsOptions{Recursive: true, WithMetadata: true})
+
+	successLogger(testName, function, args, startTime).Info()
+}
+
+// Test deleting multiple objects with object retention set in Governance mode
+func testRemoveObjects() {
+	// initialize logging params
+	startTime := time.Now()
+	testName := getFuncName()
+	function := "RemoveObjects(bucketName, objectsCh, opts)"
+	args := map[string]interface{}{
+		"bucketName":   "",
+		"objectPrefix": "",
+		"recursive":    "true",
+	}
+	// Seed random based on current time.
+	rand.Seed(time.Now().Unix())
+
+	// Instantiate new minio client object.
+	c, err := minio.New(os.Getenv(serverEndpoint),
+		&minio.Options{
+			Creds:  credentials.NewStaticV4(os.Getenv(accessKey), os.Getenv(secretKey), ""),
+			Secure: mustParseBool(os.Getenv(enableHTTPS)),
+		})
+	if err != nil {
+		logError(testName, function, args, startTime, "", "MinIO client v4 object creation failed", err)
+		return
+	}
+
+	// Enable tracing, write to stderr.
+	// c.TraceOn(os.Stderr)
+
+	// Set user agent.
+	c.SetAppInfo("MinIO-go-FunctionalTest", "0.1.0")
+
+	// Generate a new random bucket name.
+	bucketName := randString(60, rand.NewSource(time.Now().UnixNano()), "minio-go-test-")
+	args["bucketName"] = bucketName
+	objectName := randString(60, rand.NewSource(time.Now().UnixNano()), "")
+	args["objectName"] = objectName
+
+	// Make a new bucket.
+	err = c.MakeBucket(context.Background(), bucketName, minio.MakeBucketOptions{Region: "us-east-1", ObjectLocking: true})
+	if err != nil {
+		logError(testName, function, args, startTime, "", "MakeBucket failed", err)
+		return
+	}
+
+	bufSize := dataFileMap["datafile-129-MB"]
+	var reader = getDataReader("datafile-129-MB")
+	defer reader.Close()
+
+	_, err = c.PutObject(context.Background(), bucketName, objectName, reader, int64(bufSize), minio.PutObjectOptions{})
+	if err != nil {
+		logError(testName, function, args, startTime, "", "Error uploading object", err)
+	}
+
+	// Replace with smaller...
+	bufSize = dataFileMap["datafile-10-kB"]
+	reader = getDataReader("datafile-10-kB")
+	defer reader.Close()
+
+	_, err = c.PutObject(context.Background(), bucketName, objectName, reader, int64(bufSize), minio.PutObjectOptions{})
+	if err != nil {
+		logError(testName, function, args, startTime, "", "Error uploading object", err)
+	}
+
+	t := time.Date(2030, time.April, 25, 14, 0, 0, 0, time.UTC)
+	m := minio.RetentionMode(minio.Governance)
+	opts := minio.PutObjectRetentionOptions{
+		GovernanceBypass: false,
+		RetainUntilDate:  &t,
+		Mode:             &m,
+	}
+	err = c.PutObjectRetention(context.Background(), bucketName, objectName, opts)
+	if err != nil {
+		log.Fatalln(err)
+	}
+
+	objectsCh := make(chan minio.ObjectInfo)
+	// Send object names that are needed to be removed to objectsCh
+	go func() {
+		defer close(objectsCh)
+		// List all objects from a bucket-name with a matching prefix.
+		for object := range c.ListObjects(context.Background(), bucketName, minio.ListObjectsOptions{UseV1: true, Recursive: true}) {
+			if object.Err != nil {
+				log.Fatalln(object.Err)
+			}
+			objectsCh <- object
+		}
+	}()
+
+	for rErr := range c.RemoveObjects(context.Background(), bucketName, objectsCh, minio.RemoveObjectsOptions{}) {
+		// Error is expected here because Retention is set on the object
+		// and RemoveObjects is called without Bypass Governance
+		if rErr.Err == nil {
+			logError(testName, function, args, startTime, "", "Expected error during deletion", nil)
+			return
+		}
+	}
+
+	objectsCh1 := make(chan minio.ObjectInfo)
+
+	// Send object names that are needed to be removed to objectsCh
+	go func() {
+		defer close(objectsCh1)
+		// List all objects from a bucket-name with a matching prefix.
+		for object := range c.ListObjects(context.Background(), bucketName, minio.ListObjectsOptions{UseV1: true, Recursive: true}) {
+			if object.Err != nil {
+				log.Fatalln(object.Err)
+			}
+			objectsCh1 <- object
+		}
+	}()
+
+	opts1 := minio.RemoveObjectsOptions{
+		GovernanceBypass: true,
+	}
+
+	for rErr := range c.RemoveObjects(context.Background(), bucketName, objectsCh1, opts1) {
+		// Error is not expected here because Retention is set on the object
+		// and RemoveObjects is called with Bypass Governance
+		logError(testName, function, args, startTime, "", "Error detected during deletion", rErr.Err)
+		return
+	}
+
+	// Delete all objects and buckets
+	if err = cleanupVersionedBucket(bucketName, c); err != nil {
+		logError(testName, function, args, startTime, "", "CleanupBucket failed", err)
+		return
+	}
+
+	successLogger(testName, function, args, startTime).Info()
+}
+
+// Convert string to bool and always return false if any error
+func mustParseBool(str string) bool {
+	b, err := strconv.ParseBool(str)
+	if err != nil {
+		return false
+	}
+	return b
+}
+
+func main() {
+	// Output to stdout instead of the default stderr
+	log.SetOutput(os.Stdout)
+	// create custom formatter
+	mintFormatter := mintJSONFormatter{}
+	// set custom formatter
+	log.SetFormatter(&mintFormatter)
+	// log Info or above -- success cases are Info level, failures are Fatal level
+	log.SetLevel(log.InfoLevel)
+
+	tls := mustParseBool(os.Getenv(enableHTTPS))
+	kms := mustParseBool(os.Getenv(enableKMS))
+	if os.Getenv(enableKMS) == "" {
+		// Default to KMS tests.
+		kms = true
+	}
+	// execute tests
+	if isFullMode() {
+		testMakeBucketErrorV2()
+		testGetObjectClosedTwiceV2()
+		testFPutObjectV2()
+		testMakeBucketRegionsV2()
+		testGetObjectReadSeekFunctionalV2()
+		testGetObjectReadAtFunctionalV2()
+		testGetObjectRanges()
+		testCopyObjectV2()
+		testFunctionalV2()
+		testComposeObjectErrorCasesV2()
+		testCompose10KSourcesV2()
+		testUserMetadataCopyingV2()
+		testPutObject0ByteV2()
+		testPutObjectNoLengthV2()
+		testPutObjectsUnknownV2()
+		testGetObjectContextV2()
+		testFPutObjectContextV2()
+		testFGetObjectContextV2()
+		testPutObjectContextV2()
+		testPutObjectWithVersioning()
+		testMakeBucketError()
+		testMakeBucketRegions()
+		testPutObjectWithMetadata()
+		testPutObjectReadAt()
+		testPutObjectStreaming()
+		testGetObjectSeekEnd()
+		testGetObjectClosedTwice()
+		testGetObjectS3Zip()
+		testRemoveMultipleObjects()
+		testFPutObjectMultipart()
+		testFPutObject()
+		testGetObjectReadSeekFunctional()
+		testGetObjectReadAtFunctional()
+		testGetObjectReadAtWhenEOFWasReached()
+		testPresignedPostPolicy()
+		testCopyObject()
+		testComposeObjectErrorCases()
+		testCompose10KSources()
+		testUserMetadataCopying()
+		testBucketNotification()
+		testFunctional()
+		testGetObjectModified()
+		testPutObjectUploadSeekedObject()
+		testGetObjectContext()
+		testFPutObjectContext()
+		testFGetObjectContext()
+		testGetObjectACLContext()
+		testPutObjectContext()
+		testStorageClassMetadataPutObject()
+		testStorageClassInvalidMetadataPutObject()
+		testStorageClassMetadataCopyObject()
+		testPutObjectWithContentLanguage()
+		testListObjects()
+		testRemoveObjects()
+		testListObjectVersions()
+		testStatObjectWithVersioning()
+		testGetObjectWithVersioning()
+		testCopyObjectWithVersioning()
+		testConcurrentCopyObjectWithVersioning()
+		testComposeObjectWithVersioning()
+		testRemoveObjectWithVersioning()
+		testRemoveObjectsWithVersioning()
+		testObjectTaggingWithVersioning()
+
+		// SSE-C tests will only work over TLS connection.
+		if tls {
+			testSSECEncryptionPutGet()
+			testSSECEncryptionFPut()
+			testSSECEncryptedGetObjectReadAtFunctional()
+			testSSECEncryptedGetObjectReadSeekFunctional()
+			testEncryptedCopyObjectV2()
+			testEncryptedSSECToSSECCopyObject()
+			testEncryptedSSECToUnencryptedCopyObject()
+			testUnencryptedToSSECCopyObject()
+			testUnencryptedToUnencryptedCopyObject()
+			testEncryptedEmptyObject()
+			testDecryptedCopyObject()
+			testSSECEncryptedToSSECCopyObjectPart()
+			testSSECMultipartEncryptedToSSECCopyObjectPart()
+			testSSECEncryptedToUnencryptedCopyPart()
+			testUnencryptedToSSECCopyObjectPart()
+			testUnencryptedToUnencryptedCopyPart()
+			testEncryptedSSECToSSES3CopyObject()
+			testEncryptedSSES3ToSSECCopyObject()
+			testSSECEncryptedToSSES3CopyObjectPart()
+			testSSES3EncryptedToSSECCopyObjectPart()
+		}
+
+		// KMS tests
+		if kms {
+			testSSES3EncryptionPutGet()
+			testSSES3EncryptionFPut()
+			testSSES3EncryptedGetObjectReadAtFunctional()
+			testSSES3EncryptedGetObjectReadSeekFunctional()
+			testEncryptedSSES3ToSSES3CopyObject()
+			testEncryptedSSES3ToUnencryptedCopyObject()
+			testUnencryptedToSSES3CopyObject()
+			testUnencryptedToSSES3CopyObjectPart()
+			testSSES3EncryptedToUnencryptedCopyPart()
+			testSSES3EncryptedToSSES3CopyObjectPart()
+		}
+	} else {
+		testFunctional()
+		testFunctionalV2()
+	}
+}
diff --git a/vendor/github.com/minio/minio-go/v7/pkg/credentials/credentials.go b/vendor/github.com/minio/minio-go/v7/pkg/credentials/credentials.go
index 62d1701eee3..6b93a27fbd4 100644
--- a/vendor/github.com/minio/minio-go/v7/pkg/credentials/credentials.go
+++ b/vendor/github.com/minio/minio-go/v7/pkg/credentials/credentials.go
@@ -22,8 +22,13 @@ import (
 	"time"
 )
 
-// STSVersion sts version string
-const STSVersion = "2011-06-15"
+const (
+	// STSVersion sts version string
+	STSVersion = "2011-06-15"
+
+	// How much duration to slash from the given expiration duration
+	defaultExpiryWindow = 0.8
+)
 
 // A Value is the AWS credentials value for individual credential fields.
 type Value struct {
@@ -82,10 +87,15 @@ type Expiry struct {
 // the expiration time given to ensure no requests are made with expired
 // tokens.
 func (e *Expiry) SetExpiration(expiration time.Time, window time.Duration) {
-	e.expiration = expiration
-	if window > 0 {
-		e.expiration = e.expiration.Add(-window)
+	if e.CurrentTime == nil {
+		e.CurrentTime = time.Now
+	}
+	cut := window
+	if cut < 0 {
+		expireIn := expiration.Sub(e.CurrentTime())
+		cut = time.Duration(float64(expireIn) * (1 - defaultExpiryWindow))
 	}
+	e.expiration = expiration.Add(-cut)
 }
 
 // IsExpired returns if the credentials are expired.
diff --git a/vendor/github.com/minio/minio-go/v7/pkg/credentials/iam_aws.go b/vendor/github.com/minio/minio-go/v7/pkg/credentials/iam_aws.go
index 2ec0afc1904..485a717eb2a 100644
--- a/vendor/github.com/minio/minio-go/v7/pkg/credentials/iam_aws.go
+++ b/vendor/github.com/minio/minio-go/v7/pkg/credentials/iam_aws.go
@@ -38,7 +38,10 @@ import (
 // prior to the credentials actually expiring. This is beneficial
 // so race conditions with expiring credentials do not cause
 // request to fail unexpectedly due to ExpiredTokenException exceptions.
-const DefaultExpiryWindow = time.Second * 10 // 10 secs
+// DefaultExpiryWindow can be used as parameter to (*Expiry).SetExpiration.
+// When used the tokens refresh will be triggered when 80% of the elapsed
+// time until the actual expiration time is passed.
+const DefaultExpiryWindow = -1
 
 // A IAM retrieves credentials from the EC2 service, and keeps track if
 // those credentials are expired.
@@ -59,6 +62,10 @@ const (
 	defaultECSRoleEndpoint      = "http://169.254.170.2"
 	defaultSTSRoleEndpoint      = "https://sts.amazonaws.com"
 	defaultIAMSecurityCredsPath = "/latest/meta-data/iam/security-credentials/"
+	tokenRequestTTLHeader       = "X-aws-ec2-metadata-token-ttl-seconds"
+	tokenPath                   = "/latest/api/token"
+	tokenTTL                    = "21600"
+	tokenRequestHeader          = "X-aws-ec2-metadata-token"
 )
 
 // NewIAM returns a pointer to a new Credentials object wrapping the IAM.
@@ -75,6 +82,7 @@ func NewIAM(endpoint string) *Credentials {
 // Error will be returned if the request fails, or unable to extract
 // the desired
 func (m *IAM) Retrieve() (Value, error) {
+	token := os.Getenv("AWS_CONTAINER_AUTHORIZATION_TOKEN")
 	var roleCreds ec2RoleCredRespBody
 	var err error
 
@@ -104,7 +112,7 @@ func (m *IAM) Retrieve() (Value, error) {
 
 				return &WebIdentityToken{Token: string(token)}, nil
 			},
-			roleARN:         os.Getenv("AWS_ROLE_ARN"),
+			RoleARN:         os.Getenv("AWS_ROLE_ARN"),
 			roleSessionName: os.Getenv("AWS_ROLE_SESSION_NAME"),
 		}
 
@@ -120,7 +128,7 @@ func (m *IAM) Retrieve() (Value, error) {
 				os.Getenv("AWS_CONTAINER_CREDENTIALS_RELATIVE_URI"))
 		}
 
-		roleCreds, err = getEcsTaskCredentials(m.Client, endpoint)
+		roleCreds, err = getEcsTaskCredentials(m.Client, endpoint, token)
 
 	case len(os.Getenv("AWS_CONTAINER_CREDENTIALS_FULL_URI")) > 0:
 		if len(endpoint) == 0 {
@@ -134,7 +142,7 @@ func (m *IAM) Retrieve() (Value, error) {
 			}
 		}
 
-		roleCreds, err = getEcsTaskCredentials(m.Client, endpoint)
+		roleCreds, err = getEcsTaskCredentials(m.Client, endpoint, token)
 
 	default:
 		roleCreds, err = getCredentials(m.Client, endpoint)
@@ -176,10 +184,6 @@ type ec2RoleCredRespBody struct {
 // be sent to fetch the rolling access credentials.
 // http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/iam-roles-for-amazon-ec2.html
 func getIAMRoleURL(endpoint string) (*url.URL, error) {
-	if endpoint == "" {
-		endpoint = defaultIAMRoleEndpoint
-	}
-
 	u, err := url.Parse(endpoint)
 	if err != nil {
 		return nil, err
@@ -192,11 +196,14 @@ func getIAMRoleURL(endpoint string) (*url.URL, error) {
 // with the current EC2 service. If there are no credentials,
 // or there is an error making or receiving the request.
 // http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/iam-roles-for-amazon-ec2.html
-func listRoleNames(client *http.Client, u *url.URL) ([]string, error) {
+func listRoleNames(client *http.Client, u *url.URL, token string) ([]string, error) {
 	req, err := http.NewRequest(http.MethodGet, u.String(), nil)
 	if err != nil {
 		return nil, err
 	}
+	if token != "" {
+		req.Header.Add(tokenRequestHeader, token)
+	}
 	resp, err := client.Do(req)
 	if err != nil {
 		return nil, err
@@ -219,12 +226,16 @@ func listRoleNames(client *http.Client, u *url.URL) ([]string, error) {
 	return credsList, nil
 }
 
-func getEcsTaskCredentials(client *http.Client, endpoint string) (ec2RoleCredRespBody, error) {
+func getEcsTaskCredentials(client *http.Client, endpoint string, token string) (ec2RoleCredRespBody, error) {
 	req, err := http.NewRequest(http.MethodGet, endpoint, nil)
 	if err != nil {
 		return ec2RoleCredRespBody{}, err
 	}
 
+	if token != "" {
+		req.Header.Set("Authorization", token)
+	}
+
 	resp, err := client.Do(req)
 	if err != nil {
 		return ec2RoleCredRespBody{}, err
@@ -242,12 +253,39 @@ func getEcsTaskCredentials(client *http.Client, endpoint string) (ec2RoleCredRes
 	return respCreds, nil
 }
 
+func fetchIMDSToken(client *http.Client, endpoint string) (string, error) {
+	req, err := http.NewRequest(http.MethodPut, endpoint+tokenPath, nil)
+	if err != nil {
+		return "", err
+	}
+	req.Header.Add(tokenRequestTTLHeader, tokenTTL)
+	resp, err := client.Do(req)
+	if err != nil {
+		return "", err
+	}
+	defer resp.Body.Close()
+	data, err := ioutil.ReadAll(resp.Body)
+	if err != nil {
+		return "", err
+	}
+	if resp.StatusCode != http.StatusOK {
+		return "", errors.New(resp.Status)
+	}
+	return string(data), nil
+}
+
 // getCredentials - obtains the credentials from the IAM role name associated with
 // the current EC2 service.
 //
 // If the credentials cannot be found, or there is an error
 // reading the response an error will be returned.
 func getCredentials(client *http.Client, endpoint string) (ec2RoleCredRespBody, error) {
+	if endpoint == "" {
+		endpoint = defaultIAMRoleEndpoint
+	}
+
+	// https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/configuring-instance-metadata-service.html
+	token, _ := fetchIMDSToken(client, endpoint)
 
 	// http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/iam-roles-for-amazon-ec2.html
 	u, err := getIAMRoleURL(endpoint)
@@ -256,7 +294,7 @@ func getCredentials(client *http.Client, endpoint string) (ec2RoleCredRespBody,
 	}
 
 	// http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/iam-roles-for-amazon-ec2.html
-	roleNames, err := listRoleNames(client, u)
+	roleNames, err := listRoleNames(client, u, token)
 	if err != nil {
 		return ec2RoleCredRespBody{}, err
 	}
@@ -280,6 +318,9 @@ func getCredentials(client *http.Client, endpoint string) (ec2RoleCredRespBody,
 	if err != nil {
 		return ec2RoleCredRespBody{}, err
 	}
+	if token != "" {
+		req.Header.Add(tokenRequestHeader, token)
+	}
 
 	resp, err := client.Do(req)
 	if err != nil {
diff --git a/vendor/github.com/minio/minio-go/v7/pkg/credentials/sts-tls-identity.go b/vendor/github.com/minio/minio-go/v7/pkg/credentials/sts-tls-identity.go
new file mode 100644
index 00000000000..2e37025a225
--- /dev/null
+++ b/vendor/github.com/minio/minio-go/v7/pkg/credentials/sts-tls-identity.go
@@ -0,0 +1,192 @@
+// MinIO Go Library for Amazon S3 Compatible Cloud Storage
+// Copyright 2021 MinIO, Inc.
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//     http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+package credentials
+
+import (
+	"crypto/tls"
+	"encoding/xml"
+	"errors"
+	"io"
+	"net"
+	"net/http"
+	"net/url"
+	"strconv"
+	"time"
+)
+
+// CertificateIdentityOption is an optional AssumeRoleWithCertificate
+// parameter - e.g. a custom HTTP transport configuration or S3 credental
+// livetime.
+type CertificateIdentityOption func(*STSCertificateIdentity)
+
+// CertificateIdentityWithTransport returns a CertificateIdentityOption that
+// customizes the STSCertificateIdentity with the given http.RoundTripper.
+func CertificateIdentityWithTransport(t http.RoundTripper) CertificateIdentityOption {
+	return CertificateIdentityOption(func(i *STSCertificateIdentity) { i.Client.Transport = t })
+}
+
+// CertificateIdentityWithExpiry returns a CertificateIdentityOption that
+// customizes the STSCertificateIdentity with the given livetime.
+//
+// Fetched S3 credentials will have the given livetime if the STS server
+// allows such credentials.
+func CertificateIdentityWithExpiry(livetime time.Duration) CertificateIdentityOption {
+	return CertificateIdentityOption(func(i *STSCertificateIdentity) { i.S3CredentialLivetime = livetime })
+}
+
+// A STSCertificateIdentity retrieves S3 credentials from the MinIO STS API and
+// rotates those credentials once they expire.
+type STSCertificateIdentity struct {
+	Expiry
+
+	// STSEndpoint is the base URL endpoint of the STS API.
+	// For example, https://minio.local:9000
+	STSEndpoint string
+
+	// S3CredentialLivetime is the duration temp. S3 access
+	// credentials should be valid.
+	//
+	// It represents the access credential livetime requested
+	// by the client. The STS server may choose to issue
+	// temp. S3 credentials that have a different - usually
+	// shorter - livetime.
+	//
+	// The default livetime is one hour.
+	S3CredentialLivetime time.Duration
+
+	// Client is the HTTP client used to authenticate and fetch
+	// S3 credentials.
+	//
+	// A custom TLS client configuration can be specified by
+	// using a custom http.Transport:
+	//   Client: http.Client {
+	//       Transport: &http.Transport{
+	//           TLSClientConfig: &tls.Config{},
+	//       },
+	//   }
+	Client http.Client
+}
+
+var _ Provider = (*STSWebIdentity)(nil) // compiler check
+
+// NewSTSCertificateIdentity returns a STSCertificateIdentity that authenticates
+// to the given STS endpoint with the given TLS certificate and retrieves and
+// rotates S3 credentials.
+func NewSTSCertificateIdentity(endpoint string, certificate tls.Certificate, options ...CertificateIdentityOption) (*Credentials, error) {
+	if endpoint == "" {
+		return nil, errors.New("STS endpoint cannot be empty")
+	}
+	if _, err := url.Parse(endpoint); err != nil {
+		return nil, err
+	}
+	var identity = &STSCertificateIdentity{
+		STSEndpoint: endpoint,
+		Client: http.Client{
+			Transport: &http.Transport{
+				Proxy: http.ProxyFromEnvironment,
+				DialContext: (&net.Dialer{
+					Timeout:   30 * time.Second,
+					KeepAlive: 30 * time.Second,
+				}).DialContext,
+				ForceAttemptHTTP2:     true,
+				MaxIdleConns:          100,
+				IdleConnTimeout:       90 * time.Second,
+				TLSHandshakeTimeout:   10 * time.Second,
+				ExpectContinueTimeout: 5 * time.Second,
+				TLSClientConfig: &tls.Config{
+					Certificates: []tls.Certificate{certificate},
+				},
+			},
+		},
+	}
+	for _, option := range options {
+		option(identity)
+	}
+	return New(identity), nil
+}
+
+// Retrieve fetches a new set of S3 credentials from the configured
+// STS API endpoint.
+func (i *STSCertificateIdentity) Retrieve() (Value, error) {
+	endpointURL, err := url.Parse(i.STSEndpoint)
+	if err != nil {
+		return Value{}, err
+	}
+	var livetime = i.S3CredentialLivetime
+	if livetime == 0 {
+		livetime = 1 * time.Hour
+	}
+
+	queryValues := url.Values{}
+	queryValues.Set("Action", "AssumeRoleWithCertificate")
+	queryValues.Set("Version", STSVersion)
+	endpointURL.RawQuery = queryValues.Encode()
+
+	req, err := http.NewRequest(http.MethodPost, endpointURL.String(), nil)
+	if err != nil {
+		return Value{}, err
+	}
+	req.Form.Add("DurationSeconds", strconv.FormatUint(uint64(livetime.Seconds()), 10))
+
+	resp, err := i.Client.Do(req)
+	if err != nil {
+		return Value{}, err
+	}
+	if resp.Body != nil {
+		defer resp.Body.Close()
+	}
+	if resp.StatusCode != http.StatusOK {
+		return Value{}, errors.New(resp.Status)
+	}
+
+	const MaxSize = 10 * 1 << 20
+	var body io.Reader = resp.Body
+	if resp.ContentLength > 0 && resp.ContentLength < MaxSize {
+		body = io.LimitReader(body, resp.ContentLength)
+	} else {
+		body = io.LimitReader(body, MaxSize)
+	}
+
+	var response assumeRoleWithCertificateResponse
+	if err = xml.NewDecoder(body).Decode(&response); err != nil {
+		return Value{}, err
+	}
+	i.SetExpiration(response.Result.Credentials.Expiration, DefaultExpiryWindow)
+	return Value{
+		AccessKeyID:     response.Result.Credentials.AccessKey,
+		SecretAccessKey: response.Result.Credentials.SecretKey,
+		SessionToken:    response.Result.Credentials.SessionToken,
+		SignerType:      SignatureDefault,
+	}, nil
+}
+
+// Expiration returns the expiration time of the current S3 credentials.
+func (i *STSCertificateIdentity) Expiration() time.Time { return i.expiration }
+
+type assumeRoleWithCertificateResponse struct {
+	XMLName xml.Name `xml:"https://sts.amazonaws.com/doc/2011-06-15/ AssumeRoleWithCertificateResponse" json:"-"`
+	Result  struct {
+		Credentials struct {
+			AccessKey    string    `xml:"AccessKeyId" json:"accessKey,omitempty"`
+			SecretKey    string    `xml:"SecretAccessKey" json:"secretKey,omitempty"`
+			Expiration   time.Time `xml:"Expiration" json:"expiration,omitempty"`
+			SessionToken string    `xml:"SessionToken" json:"sessionToken,omitempty"`
+		} `xml:"Credentials" json:"credentials,omitempty"`
+	} `xml:"AssumeRoleWithCertificateResult"`
+	ResponseMetadata struct {
+		RequestID string `xml:"RequestId,omitempty"`
+	} `xml:"ResponseMetadata,omitempty"`
+}
diff --git a/vendor/github.com/minio/minio-go/v7/pkg/credentials/sts_ldap_identity.go b/vendor/github.com/minio/minio-go/v7/pkg/credentials/sts_ldap_identity.go
index bcb3c36a174..0fa5b55f1fe 100644
--- a/vendor/github.com/minio/minio-go/v7/pkg/credentials/sts_ldap_identity.go
+++ b/vendor/github.com/minio/minio-go/v7/pkg/credentials/sts_ldap_identity.go
@@ -1,6 +1,6 @@
 /*
  * MinIO Go Library for Amazon S3 Compatible Cloud Storage
- * Copyright 2019 MinIO, Inc.
+ * Copyright 2019-2021 MinIO, Inc.
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -20,6 +20,7 @@ package credentials
 import (
 	"encoding/xml"
 	"errors"
+	"fmt"
 	"net/http"
 	"net/url"
 	"time"
@@ -60,26 +61,86 @@ type LDAPIdentity struct {
 
 	// LDAP username/password used to fetch LDAP STS credentials.
 	LDAPUsername, LDAPPassword string
+
+	// Session policy to apply to the generated credentials. Leave empty to
+	// use the full access policy available to the user.
+	Policy string
+
+	// RequestedExpiry is the configured expiry duration for credentials
+	// requested from LDAP.
+	RequestedExpiry time.Duration
 }
 
 // NewLDAPIdentity returns new credentials object that uses LDAP
 // Identity.
-func NewLDAPIdentity(stsEndpoint, ldapUsername, ldapPassword string) (*Credentials, error) {
+func NewLDAPIdentity(stsEndpoint, ldapUsername, ldapPassword string, optFuncs ...LDAPIdentityOpt) (*Credentials, error) {
+	l := LDAPIdentity{
+		Client:       &http.Client{Transport: http.DefaultTransport},
+		STSEndpoint:  stsEndpoint,
+		LDAPUsername: ldapUsername,
+		LDAPPassword: ldapPassword,
+	}
+	for _, optFunc := range optFuncs {
+		optFunc(&l)
+	}
+	return New(&l), nil
+}
+
+// LDAPIdentityOpt is a function type used to configured the LDAPIdentity
+// instance.
+type LDAPIdentityOpt func(*LDAPIdentity)
+
+// LDAPIdentityPolicyOpt sets the session policy for requested credentials.
+func LDAPIdentityPolicyOpt(policy string) LDAPIdentityOpt {
+	return func(k *LDAPIdentity) {
+		k.Policy = policy
+	}
+}
+
+// LDAPIdentityExpiryOpt sets the expiry duration for requested credentials.
+func LDAPIdentityExpiryOpt(d time.Duration) LDAPIdentityOpt {
+	return func(k *LDAPIdentity) {
+		k.RequestedExpiry = d
+	}
+}
+
+func stripPassword(err error) error {
+	urlErr, ok := err.(*url.Error)
+	if ok {
+		u, _ := url.Parse(urlErr.URL)
+		if u == nil {
+			return urlErr
+		}
+		values := u.Query()
+		values.Set("LDAPPassword", "xxxxx")
+		u.RawQuery = values.Encode()
+		urlErr.URL = u.String()
+		return urlErr
+	}
+	return err
+}
+
+// NewLDAPIdentityWithSessionPolicy returns new credentials object that uses
+// LDAP Identity with a specified session policy. The `policy` parameter must be
+// a JSON string specifying the policy document.
+//
+// DEPRECATED: Use the `LDAPIdentityPolicyOpt` with `NewLDAPIdentity` instead.
+func NewLDAPIdentityWithSessionPolicy(stsEndpoint, ldapUsername, ldapPassword, policy string) (*Credentials, error) {
 	return New(&LDAPIdentity{
 		Client:       &http.Client{Transport: http.DefaultTransport},
 		STSEndpoint:  stsEndpoint,
 		LDAPUsername: ldapUsername,
 		LDAPPassword: ldapPassword,
+		Policy:       policy,
 	}), nil
 }
 
 // Retrieve gets the credential by calling the MinIO STS API for
 // LDAP on the configured stsEndpoint.
 func (k *LDAPIdentity) Retrieve() (value Value, err error) {
-	u, kerr := url.Parse(k.STSEndpoint)
-	if kerr != nil {
-		err = kerr
-		return
+	u, err := url.Parse(k.STSEndpoint)
+	if err != nil {
+		return value, err
 	}
 
 	v := url.Values{}
@@ -87,25 +148,28 @@ func (k *LDAPIdentity) Retrieve() (value Value, err error) {
 	v.Set("Version", STSVersion)
 	v.Set("LDAPUsername", k.LDAPUsername)
 	v.Set("LDAPPassword", k.LDAPPassword)
+	if k.Policy != "" {
+		v.Set("Policy", k.Policy)
+	}
+	if k.RequestedExpiry != 0 {
+		v.Set("DurationSeconds", fmt.Sprintf("%d", int(k.RequestedExpiry.Seconds())))
+	}
 
 	u.RawQuery = v.Encode()
 
-	req, kerr := http.NewRequest(http.MethodPost, u.String(), nil)
-	if kerr != nil {
-		err = kerr
-		return
+	req, err := http.NewRequest(http.MethodPost, u.String(), nil)
+	if err != nil {
+		return value, stripPassword(err)
 	}
 
-	resp, kerr := k.Client.Do(req)
-	if kerr != nil {
-		err = kerr
-		return
+	resp, err := k.Client.Do(req)
+	if err != nil {
+		return value, stripPassword(err)
 	}
 
 	defer resp.Body.Close()
 	if resp.StatusCode != http.StatusOK {
-		err = errors.New(resp.Status)
-		return
+		return value, errors.New(resp.Status)
 	}
 
 	r := AssumeRoleWithLDAPResponse{}
diff --git a/vendor/github.com/minio/minio-go/v7/pkg/credentials/sts_web_identity.go b/vendor/github.com/minio/minio-go/v7/pkg/credentials/sts_web_identity.go
index 161ffd36cd0..25ca751de46 100644
--- a/vendor/github.com/minio/minio-go/v7/pkg/credentials/sts_web_identity.go
+++ b/vendor/github.com/minio/minio-go/v7/pkg/credentials/sts_web_identity.go
@@ -54,8 +54,9 @@ type WebIdentityResult struct {
 
 // WebIdentityToken - web identity token with expiry.
 type WebIdentityToken struct {
-	Token  string
-	Expiry int
+	Token       string
+	AccessToken string
+	Expiry      int
 }
 
 // A STSWebIdentity retrieves credentials from MinIO service, and keeps track if
@@ -77,9 +78,9 @@ type STSWebIdentity struct {
 	// This is a customer provided function and is mandatory.
 	GetWebIDTokenExpiry func() (*WebIdentityToken, error)
 
-	// roleARN is the Amazon Resource Name (ARN) of the role that the caller is
+	// RoleARN is the Amazon Resource Name (ARN) of the role that the caller is
 	// assuming.
-	roleARN string
+	RoleARN string
 
 	// roleSessionName is the identifier for the assumed role session.
 	roleSessionName string
@@ -121,6 +122,10 @@ func getWebIdentityCredentials(clnt *http.Client, endpoint, roleARN, roleSession
 		v.Set("RoleSessionName", roleSessionName)
 	}
 	v.Set("WebIdentityToken", idToken.Token)
+	if idToken.AccessToken != "" {
+		// Usually set when server is using extended userInfo endpoint.
+		v.Set("WebIdentityAccessToken", idToken.AccessToken)
+	}
 	if idToken.Expiry > 0 {
 		v.Set("DurationSeconds", fmt.Sprintf("%d", idToken.Expiry))
 	}
@@ -159,7 +164,7 @@ func getWebIdentityCredentials(clnt *http.Client, endpoint, roleARN, roleSession
 // Retrieve retrieves credentials from the MinIO service.
 // Error will be returned if the request fails.
 func (m *STSWebIdentity) Retrieve() (Value, error) {
-	a, err := getWebIdentityCredentials(m.Client, m.STSEndpoint, m.roleARN, m.roleSessionName, m.GetWebIDTokenExpiry)
+	a, err := getWebIdentityCredentials(m.Client, m.STSEndpoint, m.RoleARN, m.roleSessionName, m.GetWebIDTokenExpiry)
 	if err != nil {
 		return Value{}, err
 	}
diff --git a/vendor/github.com/minio/minio-go/v7/pkg/lifecycle/lifecycle.go b/vendor/github.com/minio/minio-go/v7/pkg/lifecycle/lifecycle.go
index 48e91b38ed9..c343e67143a 100644
--- a/vendor/github.com/minio/minio-go/v7/pkg/lifecycle/lifecycle.go
+++ b/vendor/github.com/minio/minio-go/v7/pkg/lifecycle/lifecycle.go
@@ -19,10 +19,14 @@
 package lifecycle
 
 import (
+	"encoding/json"
 	"encoding/xml"
+	"errors"
 	"time"
 )
 
+var errMissingStorageClass = errors.New("storage-class cannot be empty")
+
 // AbortIncompleteMultipartUpload structure, not supported yet on MinIO
 type AbortIncompleteMultipartUpload struct {
 	XMLName             xml.Name       `xml:"AbortIncompleteMultipartUpload,omitempty"  json:"-"`
@@ -49,13 +53,14 @@ func (n AbortIncompleteMultipartUpload) MarshalXML(e *xml.Encoder, start xml.Sta
 // (or suspended) to request server delete noncurrent object versions at a
 // specific period in the object's lifetime.
 type NoncurrentVersionExpiration struct {
-	XMLName        xml.Name       `xml:"NoncurrentVersionExpiration" json:"-"`
-	NoncurrentDays ExpirationDays `xml:"NoncurrentDays,omitempty"`
+	XMLName               xml.Name       `xml:"NoncurrentVersionExpiration" json:"-"`
+	NoncurrentDays        ExpirationDays `xml:"NoncurrentDays,omitempty"`
+	MaxNoncurrentVersions int            `xml:"MaxNoncurrentVersions,omitempty"`
 }
 
 // MarshalXML if non-current days not set to non zero value
 func (n NoncurrentVersionExpiration) MarshalXML(e *xml.Encoder, start xml.StartElement) error {
-	if n.IsDaysNull() {
+	if n.isNull() {
 		return nil
 	}
 	type noncurrentVersionExpirationWrapper NoncurrentVersionExpiration
@@ -67,13 +72,17 @@ func (n NoncurrentVersionExpiration) IsDaysNull() bool {
 	return n.NoncurrentDays == ExpirationDays(0)
 }
 
+func (n NoncurrentVersionExpiration) isNull() bool {
+	return n.IsDaysNull() && n.MaxNoncurrentVersions == 0
+}
+
 // NoncurrentVersionTransition structure, set this action to request server to
 // transition noncurrent object versions to different set storage classes
 // at a specific period in the object's lifetime.
 type NoncurrentVersionTransition struct {
 	XMLName        xml.Name       `xml:"NoncurrentVersionTransition,omitempty"  json:"-"`
 	StorageClass   string         `xml:"StorageClass,omitempty" json:"StorageClass,omitempty"`
-	NoncurrentDays ExpirationDays `xml:"NoncurrentDays,omitempty" json:"NoncurrentDays,omitempty"`
+	NoncurrentDays ExpirationDays `xml:"NoncurrentDays" json:"NoncurrentDays"`
 }
 
 // IsDaysNull returns true if days field is null
@@ -81,10 +90,34 @@ func (n NoncurrentVersionTransition) IsDaysNull() bool {
 	return n.NoncurrentDays == ExpirationDays(0)
 }
 
+// IsStorageClassEmpty returns true if storage class field is empty
+func (n NoncurrentVersionTransition) IsStorageClassEmpty() bool {
+	return n.StorageClass == ""
+}
+
+func (n NoncurrentVersionTransition) isNull() bool {
+	return n.StorageClass == ""
+}
+
+func (n *NoncurrentVersionTransition) UnmarshalJSON(b []byte) error {
+	type noncurrentVersionTransition NoncurrentVersionTransition
+	var nt noncurrentVersionTransition
+	err := json.Unmarshal(b, &nt)
+	if err != nil {
+		return err
+	}
+
+	if nt.StorageClass == "" {
+		return errMissingStorageClass
+	}
+	*n = NoncurrentVersionTransition(nt)
+	return nil
+}
+
 // MarshalXML is extended to leave out
 // <NoncurrentVersionTransition></NoncurrentVersionTransition> tags
 func (n NoncurrentVersionTransition) MarshalXML(e *xml.Encoder, start xml.StartElement) error {
-	if n.IsDaysNull() {
+	if n.isNull() {
 		return nil
 	}
 	type noncurrentVersionTransitionWrapper NoncurrentVersionTransition
@@ -108,7 +141,46 @@ type Transition struct {
 	XMLName      xml.Name       `xml:"Transition" json:"-"`
 	Date         ExpirationDate `xml:"Date,omitempty" json:"Date,omitempty"`
 	StorageClass string         `xml:"StorageClass,omitempty" json:"StorageClass,omitempty"`
-	Days         ExpirationDays `xml:"Days,omitempty" json:"Days,omitempty"`
+	Days         ExpirationDays `xml:"Days" json:"Days"`
+}
+
+// UnmarshalJSON returns an error if storage-class is empty.
+func (t *Transition) UnmarshalJSON(b []byte) error {
+	type transition Transition
+	var tr transition
+	err := json.Unmarshal(b, &tr)
+	if err != nil {
+		return err
+	}
+
+	if tr.StorageClass == "" {
+		return errMissingStorageClass
+	}
+	*t = Transition(tr)
+	return nil
+}
+
+// MarshalJSON customizes json encoding by omitting empty values
+func (t Transition) MarshalJSON() ([]byte, error) {
+	if t.IsNull() {
+		return nil, nil
+	}
+	type transition struct {
+		Date         *ExpirationDate `json:"Date,omitempty"`
+		StorageClass string          `json:"StorageClass,omitempty"`
+		Days         *ExpirationDays `json:"Days"`
+	}
+
+	newt := transition{
+		StorageClass: t.StorageClass,
+	}
+
+	if !t.IsDateNull() {
+		newt.Date = &t.Date
+	} else {
+		newt.Days = &t.Days
+	}
+	return json.Marshal(newt)
 }
 
 // IsDaysNull returns true if days field is null
@@ -121,9 +193,9 @@ func (t Transition) IsDateNull() bool {
 	return t.Date.Time.IsZero()
 }
 
-// IsNull returns true if both date and days fields are null
+// IsNull returns true if no storage-class is set.
 func (t Transition) IsNull() bool {
-	return t.IsDaysNull() && t.IsDateNull()
+	return t.StorageClass == ""
 }
 
 // MarshalXML is transition is non null
@@ -137,9 +209,9 @@ func (t Transition) MarshalXML(en *xml.Encoder, startElement xml.StartElement) e
 
 // And And Rule for LifecycleTag, to be used in LifecycleRuleFilter
 type And struct {
-	XMLName xml.Name `xml:"And,omitempty" json:"-"`
-	Prefix  string   `xml:"Prefix,omitempty" json:"Prefix,omitempty"`
-	Tags    []Tag    `xml:"Tag,omitempty" json:"Tags,omitempty"`
+	XMLName xml.Name `xml:"And" json:"-"`
+	Prefix  string   `xml:"Prefix" json:"Prefix,omitempty"`
+	Tags    []Tag    `xml:"Tag" json:"Tags,omitempty"`
 }
 
 // IsEmpty returns true if Tags field is null
@@ -155,6 +227,31 @@ type Filter struct {
 	Tag     Tag      `xml:"Tag,omitempty" json:"Tag,omitempty"`
 }
 
+// IsNull returns true if all Filter fields are empty.
+func (f Filter) IsNull() bool {
+	return f.Tag.IsEmpty() && f.And.IsEmpty() && f.Prefix == ""
+}
+
+// MarshalJSON customizes json encoding by removing empty values.
+func (f Filter) MarshalJSON() ([]byte, error) {
+	type filter struct {
+		And    *And   `json:"And,omitempty"`
+		Prefix string `json:"Prefix,omitempty"`
+		Tag    *Tag   `json:"Tag,omitempty"`
+	}
+
+	newf := filter{
+		Prefix: f.Prefix,
+	}
+	if !f.Tag.IsEmpty() {
+		newf.Tag = &f.Tag
+	}
+	if !f.And.IsEmpty() {
+		newf.And = &f.And
+	}
+	return json.Marshal(newf)
+}
+
 // MarshalXML - produces the xml representation of the Filter struct
 // only one of Prefix, And and Tag should be present in the output.
 func (f Filter) MarshalXML(e *xml.Encoder, start xml.StartElement) error {
@@ -233,6 +330,26 @@ type Expiration struct {
 	DeleteMarker ExpireDeleteMarker `xml:"ExpiredObjectDeleteMarker,omitempty"`
 }
 
+// MarshalJSON customizes json encoding by removing empty day/date specification.
+func (e Expiration) MarshalJSON() ([]byte, error) {
+	type expiration struct {
+		Date         *ExpirationDate `json:"Date,omitempty"`
+		Days         *ExpirationDays `json:"Days,omitempty"`
+		DeleteMarker ExpireDeleteMarker
+	}
+
+	newexp := expiration{
+		DeleteMarker: e.DeleteMarker,
+	}
+	if !e.IsDaysNull() {
+		newexp.Days = &e.Days
+	}
+	if !e.IsDateNull() {
+		newexp.Date = &e.Date
+	}
+	return json.Marshal(newexp)
+}
+
 // IsDaysNull returns true if days field is null
 func (e Expiration) IsDaysNull() bool {
 	return e.Days == ExpirationDays(0)
@@ -262,6 +379,47 @@ func (e Expiration) MarshalXML(en *xml.Encoder, startElement xml.StartElement) e
 	return en.EncodeElement(expirationWrapper(e), startElement)
 }
 
+// MarshalJSON customizes json encoding by omitting empty values
+func (r Rule) MarshalJSON() ([]byte, error) {
+	type rule struct {
+		AbortIncompleteMultipartUpload *AbortIncompleteMultipartUpload `json:"AbortIncompleteMultipartUpload,omitempty"`
+		Expiration                     *Expiration                     `json:"Expiration,omitempty"`
+		ID                             string                          `json:"ID"`
+		RuleFilter                     *Filter                         `json:"Filter,omitempty"`
+		NoncurrentVersionExpiration    *NoncurrentVersionExpiration    `json:"NoncurrentVersionExpiration,omitempty"`
+		NoncurrentVersionTransition    *NoncurrentVersionTransition    `json:"NoncurrentVersionTransition,omitempty"`
+		Prefix                         string                          `json:"Prefix,omitempty"`
+		Status                         string                          `json:"Status"`
+		Transition                     *Transition                     `json:"Transition,omitempty"`
+	}
+	newr := rule{
+		Prefix: r.Prefix,
+		Status: r.Status,
+		ID:     r.ID,
+	}
+
+	if !r.RuleFilter.IsNull() {
+		newr.RuleFilter = &r.RuleFilter
+	}
+	if !r.AbortIncompleteMultipartUpload.IsDaysNull() {
+		newr.AbortIncompleteMultipartUpload = &r.AbortIncompleteMultipartUpload
+	}
+	if !r.Expiration.IsNull() {
+		newr.Expiration = &r.Expiration
+	}
+	if !r.Transition.IsNull() {
+		newr.Transition = &r.Transition
+	}
+	if !r.NoncurrentVersionExpiration.isNull() {
+		newr.NoncurrentVersionExpiration = &r.NoncurrentVersionExpiration
+	}
+	if !r.NoncurrentVersionTransition.isNull() {
+		newr.NoncurrentVersionTransition = &r.NoncurrentVersionTransition
+	}
+
+	return json.Marshal(newr)
+}
+
 // Rule represents a single rule in lifecycle configuration
 type Rule struct {
 	XMLName                        xml.Name                       `xml:"Rule,omitempty" json:"-"`
diff --git a/vendor/github.com/minio/minio-go/v7/pkg/replication/replication.go b/vendor/github.com/minio/minio-go/v7/pkg/replication/replication.go
index 6df89821443..3a29fa330fe 100644
--- a/vendor/github.com/minio/minio-go/v7/pkg/replication/replication.go
+++ b/vendor/github.com/minio/minio-go/v7/pkg/replication/replication.go
@@ -27,7 +27,7 @@ import (
 	"github.com/rs/xid"
 )
 
-var errInvalidFilter = fmt.Errorf("Invalid filter")
+var errInvalidFilter = fmt.Errorf("invalid filter")
 
 // OptionType specifies operation to be performed on config
 type OptionType string
@@ -46,19 +46,21 @@ const (
 
 // Options represents options to set a replication configuration rule
 type Options struct {
-	Op                     OptionType
-	ID                     string
-	Prefix                 string
-	RuleStatus             string
-	Priority               string
-	TagString              string
-	StorageClass           string
-	RoleArn                string
-	DestBucket             string
-	IsTagSet               bool
-	IsSCSet                bool
-	ReplicateDeletes       string // replicate versioned deletes
-	ReplicateDeleteMarkers string // replicate soft deletes
+	Op                      OptionType
+	RoleArn                 string
+	ID                      string
+	Prefix                  string
+	RuleStatus              string
+	Priority                string
+	TagString               string
+	StorageClass            string
+	DestBucket              string
+	IsTagSet                bool
+	IsSCSet                 bool
+	ReplicateDeletes        string // replicate versioned deletes
+	ReplicateDeleteMarkers  string // replicate soft deletes
+	ReplicaSync             string // replicate replica metadata modifications
+	ExistingObjectReplicate string
 }
 
 // Tags returns a slice of tags for a rule
@@ -71,7 +73,7 @@ func (opts Options) Tags() ([]Tag, error) {
 		}
 		kv := strings.SplitN(tok, "=", 2)
 		if len(kv) != 2 {
-			return []Tag{}, fmt.Errorf("Tags should be entered as comma separated k=v pairs")
+			return []Tag{}, fmt.Errorf("tags should be entered as comma separated k=v pairs")
 		}
 		tagList = append(tagList, Tag{
 			Key:   kv[0],
@@ -101,9 +103,23 @@ func (c *Config) AddRule(opts Options) error {
 	if err != nil {
 		return err
 	}
-	if opts.RoleArn != c.Role && c.Role != "" {
-		return fmt.Errorf("Role ARN does not match existing configuration")
+	var compatSw bool // true if RoleArn is used with new mc client and older minio version prior to multisite
+	if opts.RoleArn != "" {
+		tokens := strings.Split(opts.RoleArn, ":")
+		if len(tokens) != 6 {
+			return fmt.Errorf("invalid format for replication Role Arn: %v", opts.RoleArn)
+		}
+		switch {
+		case strings.HasPrefix(opts.RoleArn, "arn:minio:replication") && len(c.Rules) == 0:
+			c.Role = opts.RoleArn
+			compatSw = true
+		case strings.HasPrefix(opts.RoleArn, "arn:aws:iam"):
+			c.Role = opts.RoleArn
+		default:
+			return fmt.Errorf("RoleArn invalid for AWS replication configuration: %v", opts.RoleArn)
+		}
 	}
+
 	var status Status
 	// toggle rule status for edit option
 	switch opts.RuleStatus {
@@ -112,7 +128,7 @@ func (c *Config) AddRule(opts Options) error {
 	case "disable":
 		status = Disabled
 	default:
-		return fmt.Errorf("Rule state should be either [enable|disable]")
+		return fmt.Errorf("rule state should be either [enable|disable]")
 	}
 
 	tags, err := opts.Tags()
@@ -137,24 +153,11 @@ func (c *Config) AddRule(opts Options) error {
 	if opts.ID == "" {
 		opts.ID = xid.New().String()
 	}
-	arnStr := opts.RoleArn
-	if opts.RoleArn == "" {
-		arnStr = c.Role
-	}
-	if arnStr == "" {
-		return fmt.Errorf("Role ARN required")
-	}
-	tokens := strings.Split(arnStr, ":")
-	if len(tokens) != 6 {
-		return fmt.Errorf("invalid format for replication Arn")
-	}
-	if c.Role == "" {
-		c.Role = arnStr
-	}
+
 	destBucket := opts.DestBucket
 	// ref https://docs.aws.amazon.com/AmazonS3/latest/dev/s3-arn-format.html
 	if btokens := strings.Split(destBucket, ":"); len(btokens) != 6 {
-		if len(btokens) == 1 {
+		if len(btokens) == 1 && compatSw {
 			destBucket = fmt.Sprintf("arn:aws:s3:::%s", destBucket)
 		} else {
 			return fmt.Errorf("destination bucket needs to be in Arn format")
@@ -183,7 +186,28 @@ func (c *Config) AddRule(opts Options) error {
 			return fmt.Errorf("ReplicateDeletes should be either enable|disable")
 		}
 	}
+	var replicaSync Status
+	// replica sync is by default Enabled, unless specified.
+	switch opts.ReplicaSync {
+	case "enable", "":
+		replicaSync = Enabled
+	case "disable":
+		replicaSync = Disabled
+	default:
+		return fmt.Errorf("replica metadata sync should be either [enable|disable]")
+	}
 
+	var existingStatus Status
+	if opts.ExistingObjectReplicate != "" {
+		switch opts.ExistingObjectReplicate {
+		case "enable":
+			existingStatus = Enabled
+		case "disable", "":
+			existingStatus = Disabled
+		default:
+			return fmt.Errorf("existingObjectReplicate should be either enable|disable")
+		}
+	}
 	newRule := Rule{
 		ID:       opts.ID,
 		Priority: priority,
@@ -200,24 +224,33 @@ func (c *Config) AddRule(opts Options) error {
 		// However AWS leaves this configurable https://docs.aws.amazon.com/AmazonS3/latest/dev/replication-for-metadata-changes.html
 		SourceSelectionCriteria: SourceSelectionCriteria{
 			ReplicaModifications: ReplicaModifications{
-				Status: Enabled,
+				Status: replicaSync,
 			},
 		},
+		// By default disable existing object replication unless selected
+		ExistingObjectReplication: ExistingObjectReplication{
+			Status: existingStatus,
+		},
 	}
 
 	// validate rule after overlaying priority for pre-existing rule being disabled.
 	if err := newRule.Validate(); err != nil {
 		return err
 	}
+	// if replication config uses RoleArn, migrate this to the destination element as target ARN for remote bucket for MinIO configuration
+	if c.Role != "" && !strings.HasPrefix(c.Role, "arn:aws:iam") && !compatSw {
+		for i := range c.Rules {
+			c.Rules[i].Destination.Bucket = c.Role
+		}
+		c.Role = ""
+	}
+
 	for _, rule := range c.Rules {
 		if rule.Priority == newRule.Priority {
-			return fmt.Errorf("Priority must be unique. Replication configuration already has a rule with this priority")
-		}
-		if rule.Destination.Bucket != newRule.Destination.Bucket {
-			return fmt.Errorf("The destination bucket must be same for all rules")
+			return fmt.Errorf("priority must be unique. Replication configuration already has a rule with this priority")
 		}
 		if rule.ID == newRule.ID {
-			return fmt.Errorf("A rule exists with this ID")
+			return fmt.Errorf("a rule exists with this ID")
 		}
 	}
 
@@ -228,8 +261,16 @@ func (c *Config) AddRule(opts Options) error {
 // EditRule modifies an existing rule in replication config
 func (c *Config) EditRule(opts Options) error {
 	if opts.ID == "" {
-		return fmt.Errorf("Rule ID missing")
+		return fmt.Errorf("rule ID missing")
+	}
+	// if replication config uses RoleArn, migrate this to the destination element as target ARN for remote bucket for non AWS.
+	if c.Role != "" && !strings.HasPrefix(c.Role, "arn:aws:iam") && len(c.Rules) > 1 {
+		for i := range c.Rules {
+			c.Rules[i].Destination.Bucket = c.Role
+		}
+		c.Role = ""
 	}
+
 	rIdx := -1
 	var newRule Rule
 	for i, rule := range c.Rules {
@@ -240,7 +281,7 @@ func (c *Config) EditRule(opts Options) error {
 		}
 	}
 	if rIdx < 0 {
-		return fmt.Errorf("Rule with ID %s not found in replication configuration", opts.ID)
+		return fmt.Errorf("rule with ID %s not found in replication configuration", opts.ID)
 	}
 	prefixChg := opts.Prefix != newRule.Prefix()
 	if opts.IsTagSet || prefixChg {
@@ -286,7 +327,7 @@ func (c *Config) EditRule(opts Options) error {
 		case "disable":
 			newRule.Status = Disabled
 		default:
-			return fmt.Errorf("Rule state should be either [enable|disable]")
+			return fmt.Errorf("rule state should be either [enable|disable]")
 		}
 	}
 	// set DeleteMarkerReplication rule status for edit option
@@ -314,6 +355,27 @@ func (c *Config) EditRule(opts Options) error {
 		}
 	}
 
+	if opts.ReplicaSync != "" {
+		switch opts.ReplicaSync {
+		case "enable", "":
+			newRule.SourceSelectionCriteria.ReplicaModifications.Status = Enabled
+		case "disable":
+			newRule.SourceSelectionCriteria.ReplicaModifications.Status = Disabled
+		default:
+			return fmt.Errorf("replica metadata sync should be either [enable|disable]")
+		}
+	}
+
+	if opts.ExistingObjectReplicate != "" {
+		switch opts.ExistingObjectReplicate {
+		case "enable":
+			newRule.ExistingObjectReplication.Status = Enabled
+		case "disable":
+			newRule.ExistingObjectReplication.Status = Disabled
+		default:
+			return fmt.Errorf("existingObjectsReplication state should be either [enable|disable]")
+		}
+	}
 	if opts.IsSCSet {
 		newRule.Destination.StorageClass = opts.StorageClass
 	}
@@ -328,11 +390,7 @@ func (c *Config) EditRule(opts Options) error {
 		destBucket := opts.DestBucket
 		// ref https://docs.aws.amazon.com/AmazonS3/latest/dev/s3-arn-format.html
 		if btokens := strings.Split(opts.DestBucket, ":"); len(btokens) != 6 {
-			if len(btokens) == 1 {
-				destBucket = fmt.Sprintf("arn:aws:s3:::%s", destBucket)
-			} else {
-				return fmt.Errorf("destination bucket needs to be in Arn format")
-			}
+			return fmt.Errorf("destination bucket needs to be in Arn format")
 		}
 		newRule.Destination.Bucket = destBucket
 	}
@@ -343,10 +401,10 @@ func (c *Config) EditRule(opts Options) error {
 	// ensure priority and destination bucket restrictions are not violated
 	for idx, rule := range c.Rules {
 		if rule.Priority == newRule.Priority && rIdx != idx {
-			return fmt.Errorf("Priority must be unique. Replication configuration already has a rule with this priority")
+			return fmt.Errorf("priority must be unique. Replication configuration already has a rule with this priority")
 		}
-		if rule.Destination.Bucket != newRule.Destination.Bucket {
-			return fmt.Errorf("The destination bucket must be same for all rules")
+		if rule.Destination.Bucket != newRule.Destination.Bucket && rule.ID == newRule.ID {
+			return fmt.Errorf("invalid destination bucket for this rule")
 		}
 	}
 
@@ -369,7 +427,7 @@ func (c *Config) RemoveRule(opts Options) error {
 		return fmt.Errorf("Rule with ID %s not found", opts.ID)
 	}
 	if len(newRules) == 0 {
-		return fmt.Errorf("Replication configuration should have at least one rule")
+		return fmt.Errorf("replication configuration should have at least one rule")
 	}
 	c.Rules = newRules
 	return nil
@@ -378,15 +436,16 @@ func (c *Config) RemoveRule(opts Options) error {
 
 // Rule - a rule for replication configuration.
 type Rule struct {
-	XMLName                 xml.Name                `xml:"Rule" json:"-"`
-	ID                      string                  `xml:"ID,omitempty"`
-	Status                  Status                  `xml:"Status"`
-	Priority                int                     `xml:"Priority"`
-	DeleteMarkerReplication DeleteMarkerReplication `xml:"DeleteMarkerReplication"`
-	DeleteReplication       DeleteReplication       `xml:"DeleteReplication"`
-	Destination             Destination             `xml:"Destination"`
-	Filter                  Filter                  `xml:"Filter" json:"Filter"`
-	SourceSelectionCriteria SourceSelectionCriteria `xml:"SourceSelectionCriteria" json:"SourceSelectionCriteria"`
+	XMLName                   xml.Name                  `xml:"Rule" json:"-"`
+	ID                        string                    `xml:"ID,omitempty"`
+	Status                    Status                    `xml:"Status"`
+	Priority                  int                       `xml:"Priority"`
+	DeleteMarkerReplication   DeleteMarkerReplication   `xml:"DeleteMarkerReplication"`
+	DeleteReplication         DeleteReplication         `xml:"DeleteReplication"`
+	Destination               Destination               `xml:"Destination"`
+	Filter                    Filter                    `xml:"Filter" json:"Filter"`
+	SourceSelectionCriteria   SourceSelectionCriteria   `xml:"SourceSelectionCriteria" json:"SourceSelectionCriteria"`
+	ExistingObjectReplication ExistingObjectReplication `xml:"ExistingObjectReplication,omitempty" json:"ExistingObjectReplication,omitempty"`
 }
 
 // Validate validates the rule for correctness
@@ -402,14 +461,13 @@ func (r Rule) Validate() error {
 	}
 
 	if r.Priority < 0 && r.Status == Enabled {
-		return fmt.Errorf("Priority must be set for the rule")
+		return fmt.Errorf("priority must be set for the rule")
 	}
 
 	if err := r.validateStatus(); err != nil {
 		return err
 	}
-
-	return nil
+	return r.ExistingObjectReplication.Validate()
 }
 
 // validateID - checks if ID is valid or not.
@@ -436,10 +494,7 @@ func (r Rule) validateStatus() error {
 }
 
 func (r Rule) validateFilter() error {
-	if err := r.Filter.Validate(); err != nil {
-		return err
-	}
-	return nil
+	return r.Filter.Validate()
 }
 
 // Prefix - a rule can either have prefix under <filter></filter> or under
@@ -525,11 +580,11 @@ func (tag Tag) IsEmpty() bool {
 // Validate checks this tag.
 func (tag Tag) Validate() error {
 	if len(tag.Key) == 0 || utf8.RuneCountInString(tag.Key) > 128 {
-		return fmt.Errorf("Invalid Tag Key")
+		return fmt.Errorf("invalid Tag Key")
 	}
 
 	if utf8.RuneCountInString(tag.Value) > 256 {
-		return fmt.Errorf("Invalid Tag Value")
+		return fmt.Errorf("invalid Tag Value")
 	}
 	return nil
 }
@@ -585,7 +640,7 @@ func (d DeleteReplication) IsEmpty() bool {
 
 // ReplicaModifications specifies if replica modification sync is enabled
 type ReplicaModifications struct {
-	Status Status `xml:"Status" json:"Status"`
+	Status Status `xml:"Status" json:"Status"` // should be set to "Enabled" by default
 }
 
 // SourceSelectionCriteria - specifies additional source selection criteria in ReplicationConfiguration.
@@ -604,7 +659,70 @@ func (s SourceSelectionCriteria) Validate() error {
 		return nil
 	}
 	if !s.IsValid() {
-		return fmt.Errorf("Invalid ReplicaModification status")
+		return fmt.Errorf("invalid ReplicaModification status")
 	}
 	return nil
 }
+
+// ExistingObjectReplication - whether existing object replication is enabled
+type ExistingObjectReplication struct {
+	Status Status `xml:"Status"` // should be set to "Disabled" by default
+}
+
+// IsEmpty returns true if DeleteMarkerReplication is not set
+func (e ExistingObjectReplication) IsEmpty() bool {
+	return len(e.Status) == 0
+}
+
+// Validate validates whether the status is disabled.
+func (e ExistingObjectReplication) Validate() error {
+	if e.IsEmpty() {
+		return nil
+	}
+	if e.Status != Disabled && e.Status != Enabled {
+		return fmt.Errorf("invalid ExistingObjectReplication status")
+	}
+	return nil
+}
+
+// TargetMetrics represents inline replication metrics
+// such as pending, failed and completed bytes in total for a bucket remote target
+type TargetMetrics struct {
+	// Pending size in bytes
+	PendingSize uint64 `json:"pendingReplicationSize"`
+	// Completed size in bytes
+	ReplicatedSize uint64 `json:"completedReplicationSize"`
+	// Total Replica size in bytes
+	ReplicaSize uint64 `json:"replicaSize"`
+	// Failed size in bytes
+	FailedSize uint64 `json:"failedReplicationSize"`
+	// Total number of pending operations including metadata updates
+	PendingCount uint64 `json:"pendingReplicationCount"`
+	// Total number of failed operations including metadata updates
+	FailedCount uint64 `json:"failedReplicationCount"`
+}
+
+// Metrics represents inline replication metrics for a bucket.
+type Metrics struct {
+	Stats map[string]TargetMetrics
+	// Total Pending size in bytes across targets
+	PendingSize uint64 `json:"pendingReplicationSize"`
+	// Completed size in bytes  across targets
+	ReplicatedSize uint64 `json:"completedReplicationSize"`
+	// Total Replica size in bytes  across targets
+	ReplicaSize uint64 `json:"replicaSize"`
+	// Failed size in bytes  across targets
+	FailedSize uint64 `json:"failedReplicationSize"`
+	// Total number of pending operations including metadata updates across targets
+	PendingCount uint64 `json:"pendingReplicationCount"`
+	// Total number of failed operations including metadata updates across targets
+	FailedCount uint64 `json:"failedReplicationCount"`
+}
+
+type ResyncTargetsInfo struct {
+	Targets []ResyncTarget `json:"target,omitempty"`
+}
+type ResyncTarget struct {
+	Arn     string `json:"arn"`
+	ResetID string `json:"resetid"`
+}
diff --git a/vendor/github.com/minio/minio-go/v7/pkg/s3utils/utils.go b/vendor/github.com/minio/minio-go/v7/pkg/s3utils/utils.go
index fea25d6ef64..05e8b7ece7a 100644
--- a/vendor/github.com/minio/minio-go/v7/pkg/s3utils/utils.go
+++ b/vendor/github.com/minio/minio-go/v7/pkg/s3utils/utils.go
@@ -171,6 +171,7 @@ func IsAmazonFIPSGovCloudEndpoint(endpointURL url.URL) bool {
 		return false
 	}
 	return endpointURL.Host == "s3-fips-us-gov-west-1.amazonaws.com" ||
+		endpointURL.Host == "s3-fips.us-gov-west-1.amazonaws.com" ||
 		endpointURL.Host == "s3-fips.dualstack.us-gov-west-1.amazonaws.com"
 }
 
diff --git a/vendor/github.com/minio/minio-go/v7/pkg/signer/request-signature-v4.go b/vendor/github.com/minio/minio-go/v7/pkg/signer/request-signature-v4.go
index 67572b20d25..b518cc526f6 100644
--- a/vendor/github.com/minio/minio-go/v7/pkg/signer/request-signature-v4.go
+++ b/vendor/github.com/minio/minio-go/v7/pkg/signer/request-signature-v4.go
@@ -118,7 +118,9 @@ func getCanonicalHeaders(req http.Request, ignoredHeaders map[string]bool) strin
 		headers = append(headers, strings.ToLower(k))
 		vals[strings.ToLower(k)] = vv
 	}
-	headers = append(headers, "host")
+	if !headerExists("host", headers) {
+		headers = append(headers, "host")
+	}
 	sort.Strings(headers)
 
 	var buf bytes.Buffer
@@ -130,7 +132,7 @@ func getCanonicalHeaders(req http.Request, ignoredHeaders map[string]bool) strin
 		switch {
 		case k == "host":
 			buf.WriteString(getHostAddr(&req))
-			fallthrough
+			buf.WriteByte('\n')
 		default:
 			for idx, v := range vals[k] {
 				if idx > 0 {
@@ -144,6 +146,15 @@ func getCanonicalHeaders(req http.Request, ignoredHeaders map[string]bool) strin
 	return buf.String()
 }
 
+func headerExists(key string, headers []string) bool {
+	for _, k := range headers {
+		if k == key {
+			return true
+		}
+	}
+	return false
+}
+
 // getSignedHeaders generate all signed request headers.
 // i.e lexically sorted, semicolon-separated list of lowercase
 // request header names.
@@ -155,7 +166,9 @@ func getSignedHeaders(req http.Request, ignoredHeaders map[string]bool) string {
 		}
 		headers = append(headers, strings.ToLower(k))
 	}
-	headers = append(headers, "host")
+	if !headerExists("host", headers) {
+		headers = append(headers, "host")
+	}
 	sort.Strings(headers)
 	return strings.Join(headers, ";")
 }
diff --git a/vendor/github.com/minio/minio-go/v7/pkg/signer/utils.go b/vendor/github.com/minio/minio-go/v7/pkg/signer/utils.go
index 2192a369331..b54fa4c77cf 100644
--- a/vendor/github.com/minio/minio-go/v7/pkg/signer/utils.go
+++ b/vendor/github.com/minio/minio-go/v7/pkg/signer/utils.go
@@ -44,6 +44,10 @@ func sumHMAC(key []byte, data []byte) []byte {
 
 // getHostAddr returns host header if available, otherwise returns host from URL
 func getHostAddr(req *http.Request) string {
+	host := req.Header.Get("host")
+	if host != "" && req.Host != host {
+		return host
+	}
 	if req.Host != "" {
 		return req.Host
 	}
diff --git a/vendor/github.com/minio/minio-go/v7/retry-continous.go b/vendor/github.com/minio/minio-go/v7/retry-continous.go
index 3d25883b0c0..12b81d91ad0 100644
--- a/vendor/github.com/minio/minio-go/v7/retry-continous.go
+++ b/vendor/github.com/minio/minio-go/v7/retry-continous.go
@@ -20,7 +20,7 @@ package minio
 import "time"
 
 // newRetryTimerContinous creates a timer with exponentially increasing delays forever.
-func (c Client) newRetryTimerContinous(unit time.Duration, cap time.Duration, jitter float64, doneCh chan struct{}) <-chan int {
+func (c *Client) newRetryTimerContinous(unit time.Duration, cap time.Duration, jitter float64, doneCh chan struct{}) <-chan int {
 	attemptCh := make(chan int)
 
 	// normalize jitter to the range [0, 1.0]
diff --git a/vendor/github.com/minio/minio-go/v7/retry.go b/vendor/github.com/minio/minio-go/v7/retry.go
index 598af29752c..a449d55ddeb 100644
--- a/vendor/github.com/minio/minio-go/v7/retry.go
+++ b/vendor/github.com/minio/minio-go/v7/retry.go
@@ -42,7 +42,7 @@ var DefaultRetryCap = time.Second
 
 // newRetryTimer creates a timer with exponentially increasing
 // delays until the maximum retry attempts are reached.
-func (c Client) newRetryTimer(ctx context.Context, maxRetry int, unit time.Duration, cap time.Duration, jitter float64) <-chan int {
+func (c *Client) newRetryTimer(ctx context.Context, maxRetry int, unit time.Duration, cap time.Duration, jitter float64) <-chan int {
 	attemptCh := make(chan int)
 
 	// computes the exponential backoff duration according to
diff --git a/vendor/github.com/minio/minio-go/v7/utils.go b/vendor/github.com/minio/minio-go/v7/utils.go
index 4bdf1a3c3bb..ed388d71316 100644
--- a/vendor/github.com/minio/minio-go/v7/utils.go
+++ b/vendor/github.com/minio/minio-go/v7/utils.go
@@ -18,14 +18,17 @@
 package minio
 
 import (
+	"context"
 	"crypto/md5"
 	"encoding/base64"
 	"encoding/hex"
 	"encoding/xml"
+	"errors"
 	"fmt"
 	"hash"
 	"io"
 	"io/ioutil"
+	"math/rand"
 	"net"
 	"net/http"
 	"net/url"
@@ -49,7 +52,7 @@ var expirationRegex = regexp.MustCompile(`expiry-date="(.*?)", rule-id="(.*?)"`)
 
 func amzExpirationToExpiryDateRuleID(expiration string) (time.Time, string) {
 	if matches := expirationRegex.FindStringSubmatch(expiration); len(matches) == 3 {
-		expTime, err := time.Parse(http.TimeFormat, matches[1])
+		expTime, err := parseRFC7231Time(matches[1])
 		if err != nil {
 			return time.Time{}, ""
 		}
@@ -58,6 +61,26 @@ func amzExpirationToExpiryDateRuleID(expiration string) (time.Time, string) {
 	return time.Time{}, ""
 }
 
+var restoreRegex = regexp.MustCompile(`ongoing-request="(.*?)"(, expiry-date="(.*?)")?`)
+
+func amzRestoreToStruct(restore string) (ongoing bool, expTime time.Time, err error) {
+	matches := restoreRegex.FindStringSubmatch(restore)
+	if len(matches) != 4 {
+		return false, time.Time{}, errors.New("unexpected restore header")
+	}
+	ongoing, err = strconv.ParseBool(matches[1])
+	if err != nil {
+		return false, time.Time{}, err
+	}
+	if matches[3] != "" {
+		expTime, err = parseRFC7231Time(matches[3])
+		if err != nil {
+			return false, time.Time{}, err
+		}
+	}
+	return
+}
+
 // xmlDecoder provide decoded value in xml.
 func xmlDecoder(body io.Reader, v interface{}) error {
 	d := xml.NewDecoder(body)
@@ -217,6 +240,27 @@ func extractObjMetadata(header http.Header) http.Header {
 	return filteredHeader
 }
 
+const (
+	// RFC 7231#section-7.1.1.1 timetamp format. e.g Tue, 29 Apr 2014 18:30:38 GMT
+	rfc822TimeFormat                           = "Mon, 2 Jan 2006 15:04:05 GMT"
+	rfc822TimeFormatSingleDigitDay             = "Mon, _2 Jan 2006 15:04:05 GMT"
+	rfc822TimeFormatSingleDigitDayTwoDigitYear = "Mon, _2 Jan 06 15:04:05 GMT"
+)
+
+func parseTime(t string, formats ...string) (time.Time, error) {
+	for _, format := range formats {
+		tt, err := time.Parse(format, t)
+		if err == nil {
+			return tt, nil
+		}
+	}
+	return time.Time{}, fmt.Errorf("unable to parse %s in any of the input formats: %s", t, formats)
+}
+
+func parseRFC7231Time(lastModified string) (time.Time, error) {
+	return parseTime(lastModified, rfc822TimeFormat, rfc822TimeFormatSingleDigitDay, rfc822TimeFormatSingleDigitDayTwoDigitYear)
+}
+
 // ToObjectInfo converts http header values into ObjectInfo type,
 // extracts metadata and fills in all the necessary fields in ObjectInfo.
 func ToObjectInfo(bucketName string, objectName string, h http.Header) (ObjectInfo, error) {
@@ -244,7 +288,7 @@ func ToObjectInfo(bucketName string, objectName string, h http.Header) (ObjectIn
 	}
 
 	// Parse Last-Modified has http time format.
-	date, err := time.Parse(http.TimeFormat, h.Get("Last-Modified"))
+	mtime, err := parseRFC7231Time(h.Get("Last-Modified"))
 	if err != nil {
 		return ObjectInfo{}, ErrorResponse{
 			Code:       "InternalError",
@@ -266,7 +310,18 @@ func ToObjectInfo(bucketName string, objectName string, h http.Header) (ObjectIn
 	expiryStr := h.Get("Expires")
 	var expiry time.Time
 	if expiryStr != "" {
-		expiry, _ = time.Parse(http.TimeFormat, expiryStr)
+		expiry, err = parseRFC7231Time(expiryStr)
+		if err != nil {
+			return ObjectInfo{}, ErrorResponse{
+				Code:       "InternalError",
+				Message:    fmt.Sprintf("'Expiry' is not in supported format: %v", err),
+				BucketName: bucketName,
+				Key:        objectName,
+				RequestID:  h.Get("x-amz-request-id"),
+				HostID:     h.Get("x-amz-id-2"),
+				Region:     h.Get("x-amz-bucket-region"),
+			}
+		}
 	}
 
 	metadata := extractObjMetadata(h)
@@ -294,6 +349,16 @@ func ToObjectInfo(bucketName string, objectName string, h http.Header) (ObjectIn
 		}
 	}
 
+	// Nil if not found
+	var restore *RestoreInfo
+	if restoreHdr := h.Get(amzRestore); restoreHdr != "" {
+		ongoing, expTime, err := amzRestoreToStruct(restoreHdr)
+		if err != nil {
+			return ObjectInfo{}, err
+		}
+		restore = &RestoreInfo{OngoingRestore: ongoing, ExpiryTime: expTime}
+	}
+
 	// extract lifecycle expiry date and rule ID
 	expTime, ruleID := amzExpirationToExpiryDateRuleID(h.Get(amzExpiration))
 
@@ -304,7 +369,7 @@ func ToObjectInfo(bucketName string, objectName string, h http.Header) (ObjectIn
 		ETag:              etag,
 		Key:               objectName,
 		Size:              size,
-		LastModified:      date,
+		LastModified:      mtime,
 		ContentType:       contentType,
 		Expires:           expiry,
 		VersionID:         h.Get(amzVersionID),
@@ -319,6 +384,7 @@ func ToObjectInfo(bucketName string, objectName string, h http.Header) (ObjectIn
 		UserMetadata: userMetadata,
 		UserTags:     userTags,
 		UserTagCount: tagCount,
+		Restore:      restore,
 	}, nil
 }
 
@@ -397,19 +463,20 @@ func getDefaultLocation(u url.URL, regionOverride string) (location string) {
 	return region
 }
 
-var supportedHeaders = []string{
-	"content-type",
-	"cache-control",
-	"content-encoding",
-	"content-disposition",
-	"content-language",
-	"x-amz-website-redirect-location",
-	"x-amz-object-lock-mode",
-	"x-amz-metadata-directive",
-	"x-amz-object-lock-retain-until-date",
-	"expires",
-	"x-amz-replication-status",
+var supportedHeaders = map[string]bool{
+	"content-type":                        true,
+	"cache-control":                       true,
+	"content-encoding":                    true,
+	"content-disposition":                 true,
+	"content-language":                    true,
+	"x-amz-website-redirect-location":     true,
+	"x-amz-object-lock-mode":              true,
+	"x-amz-metadata-directive":            true,
+	"x-amz-object-lock-retain-until-date": true,
+	"expires":                             true,
+	"x-amz-replication-status":            true,
 	// Add more supported headers here.
+	// Must be lower case.
 }
 
 // isStorageClassHeader returns true if the header is a supported storage class header
@@ -419,34 +486,24 @@ func isStorageClassHeader(headerKey string) bool {
 
 // isStandardHeader returns true if header is a supported header and not a custom header
 func isStandardHeader(headerKey string) bool {
-	key := strings.ToLower(headerKey)
-	for _, header := range supportedHeaders {
-		if strings.ToLower(header) == key {
-			return true
-		}
-	}
-	return false
+	return supportedHeaders[strings.ToLower(headerKey)]
 }
 
 // sseHeaders is list of server side encryption headers
-var sseHeaders = []string{
-	"x-amz-server-side-encryption",
-	"x-amz-server-side-encryption-aws-kms-key-id",
-	"x-amz-server-side-encryption-context",
-	"x-amz-server-side-encryption-customer-algorithm",
-	"x-amz-server-side-encryption-customer-key",
-	"x-amz-server-side-encryption-customer-key-MD5",
+var sseHeaders = map[string]bool{
+	"x-amz-server-side-encryption":                    true,
+	"x-amz-server-side-encryption-aws-kms-key-id":     true,
+	"x-amz-server-side-encryption-context":            true,
+	"x-amz-server-side-encryption-customer-algorithm": true,
+	"x-amz-server-side-encryption-customer-key":       true,
+	"x-amz-server-side-encryption-customer-key-md5":   true,
+	// Add more supported headers here.
+	// Must be lower case.
 }
 
 // isSSEHeader returns true if header is a server side encryption header.
 func isSSEHeader(headerKey string) bool {
-	key := strings.ToLower(headerKey)
-	for _, h := range sseHeaders {
-		if strings.ToLower(h) == key {
-			return true
-		}
-	}
-	return false
+	return sseHeaders[strings.ToLower(headerKey)]
 }
 
 // isAmzHeader returns true if header is a x-amz-meta-* or x-amz-acl header.
@@ -486,3 +543,88 @@ func (m hashWrapper) Close() {
 	}
 	m.Hash = nil
 }
+
+const letterBytes = "abcdefghijklmnopqrstuvwxyz01234569"
+const (
+	letterIdxBits = 6                    // 6 bits to represent a letter index
+	letterIdxMask = 1<<letterIdxBits - 1 // All 1-bits, as many as letterIdxBits
+	letterIdxMax  = 63 / letterIdxBits   // # of letter indices fitting in 63 bits
+)
+
+// randString generates random names and prepends them with a known prefix.
+func randString(n int, src rand.Source, prefix string) string {
+	b := make([]byte, n)
+	// A rand.Int63() generates 63 random bits, enough for letterIdxMax letters!
+	for i, cache, remain := n-1, src.Int63(), letterIdxMax; i >= 0; {
+		if remain == 0 {
+			cache, remain = src.Int63(), letterIdxMax
+		}
+		if idx := int(cache & letterIdxMask); idx < len(letterBytes) {
+			b[i] = letterBytes[idx]
+			i--
+		}
+		cache >>= letterIdxBits
+		remain--
+	}
+	return prefix + string(b[0:30-len(prefix)])
+}
+
+// IsNetworkOrHostDown - if there was a network error or if the host is down.
+// expectTimeouts indicates that *context* timeouts are expected and does not
+// indicate a downed host. Other timeouts still returns down.
+func IsNetworkOrHostDown(err error, expectTimeouts bool) bool {
+	if err == nil {
+		return false
+	}
+
+	if errors.Is(err, context.Canceled) {
+		return false
+	}
+
+	if expectTimeouts && errors.Is(err, context.DeadlineExceeded) {
+		return false
+	}
+
+	if errors.Is(err, context.DeadlineExceeded) {
+		return true
+	}
+
+	// We need to figure if the error either a timeout
+	// or a non-temporary error.
+	urlErr := &url.Error{}
+	if errors.As(err, &urlErr) {
+		switch urlErr.Err.(type) {
+		case *net.DNSError, *net.OpError, net.UnknownNetworkError:
+			return true
+		}
+	}
+	var e net.Error
+	if errors.As(err, &e) {
+		if e.Timeout() {
+			return true
+		}
+	}
+
+	// Fallback to other mechanisms.
+	switch {
+	case strings.Contains(err.Error(), "Connection closed by foreign host"):
+		return true
+	case strings.Contains(err.Error(), "TLS handshake timeout"):
+		// If error is - tlsHandshakeTimeoutError.
+		return true
+	case strings.Contains(err.Error(), "i/o timeout"):
+		// If error is - tcp timeoutError.
+		return true
+	case strings.Contains(err.Error(), "connection timed out"):
+		// If err is a net.Dial timeout.
+		return true
+	case strings.Contains(err.Error(), "connection refused"):
+		// If err is connection refused
+		return true
+
+	case strings.Contains(strings.ToLower(err.Error()), "503 service unavailable"):
+		// Denial errors
+		return true
+	}
+	return false
+}
diff --git a/vendor/github.com/prometheus/client_golang/prometheus/testutil/lint.go b/vendor/github.com/prometheus/client_golang/prometheus/testutil/lint.go
new file mode 100644
index 00000000000..7681877a894
--- /dev/null
+++ b/vendor/github.com/prometheus/client_golang/prometheus/testutil/lint.go
@@ -0,0 +1,46 @@
+// Copyright 2020 The Prometheus Authors
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+// http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+package testutil
+
+import (
+	"fmt"
+
+	"github.com/prometheus/client_golang/prometheus"
+	"github.com/prometheus/client_golang/prometheus/testutil/promlint"
+)
+
+// CollectAndLint registers the provided Collector with a newly created pedantic
+// Registry. It then calls GatherAndLint with that Registry and with the
+// provided metricNames.
+func CollectAndLint(c prometheus.Collector, metricNames ...string) ([]promlint.Problem, error) {
+	reg := prometheus.NewPedanticRegistry()
+	if err := reg.Register(c); err != nil {
+		return nil, fmt.Errorf("registering collector failed: %s", err)
+	}
+	return GatherAndLint(reg, metricNames...)
+}
+
+// GatherAndLint gathers all metrics from the provided Gatherer and checks them
+// with the linter in the promlint package. If any metricNames are provided,
+// only metrics with those names are checked.
+func GatherAndLint(g prometheus.Gatherer, metricNames ...string) ([]promlint.Problem, error) {
+	got, err := g.Gather()
+	if err != nil {
+		return nil, fmt.Errorf("gathering metrics failed: %s", err)
+	}
+	if metricNames != nil {
+		got = filterMetrics(got, metricNames)
+	}
+	return promlint.NewWithMetricFamilies(got).Lint()
+}
diff --git a/vendor/github.com/prometheus/client_golang/prometheus/testutil/promlint/promlint.go b/vendor/github.com/prometheus/client_golang/prometheus/testutil/promlint/promlint.go
new file mode 100644
index 00000000000..ec806170625
--- /dev/null
+++ b/vendor/github.com/prometheus/client_golang/prometheus/testutil/promlint/promlint.go
@@ -0,0 +1,386 @@
+// Copyright 2020 The Prometheus Authors
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//     http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+// Package promlint provides a linter for Prometheus metrics.
+package promlint
+
+import (
+	"fmt"
+	"io"
+	"regexp"
+	"sort"
+	"strings"
+
+	"github.com/prometheus/common/expfmt"
+
+	dto "github.com/prometheus/client_model/go"
+)
+
+// A Linter is a Prometheus metrics linter.  It identifies issues with metric
+// names, types, and metadata, and reports them to the caller.
+type Linter struct {
+	// The linter will read metrics in the Prometheus text format from r and
+	// then lint it, _and_ it will lint the metrics provided directly as
+	// MetricFamily proto messages in mfs. Note, however, that the current
+	// constructor functions New and NewWithMetricFamilies only ever set one
+	// of them.
+	r   io.Reader
+	mfs []*dto.MetricFamily
+}
+
+// A Problem is an issue detected by a Linter.
+type Problem struct {
+	// The name of the metric indicated by this Problem.
+	Metric string
+
+	// A description of the issue for this Problem.
+	Text string
+}
+
+// newProblem is helper function to create a Problem.
+func newProblem(mf *dto.MetricFamily, text string) Problem {
+	return Problem{
+		Metric: mf.GetName(),
+		Text:   text,
+	}
+}
+
+// New creates a new Linter that reads an input stream of Prometheus metrics in
+// the Prometheus text exposition format.
+func New(r io.Reader) *Linter {
+	return &Linter{
+		r: r,
+	}
+}
+
+// NewWithMetricFamilies creates a new Linter that reads from a slice of
+// MetricFamily protobuf messages.
+func NewWithMetricFamilies(mfs []*dto.MetricFamily) *Linter {
+	return &Linter{
+		mfs: mfs,
+	}
+}
+
+// Lint performs a linting pass, returning a slice of Problems indicating any
+// issues found in the metrics stream. The slice is sorted by metric name
+// and issue description.
+func (l *Linter) Lint() ([]Problem, error) {
+	var problems []Problem
+
+	if l.r != nil {
+		d := expfmt.NewDecoder(l.r, expfmt.FmtText)
+
+		mf := &dto.MetricFamily{}
+		for {
+			if err := d.Decode(mf); err != nil {
+				if err == io.EOF {
+					break
+				}
+
+				return nil, err
+			}
+
+			problems = append(problems, lint(mf)...)
+		}
+	}
+	for _, mf := range l.mfs {
+		problems = append(problems, lint(mf)...)
+	}
+
+	// Ensure deterministic output.
+	sort.SliceStable(problems, func(i, j int) bool {
+		if problems[i].Metric == problems[j].Metric {
+			return problems[i].Text < problems[j].Text
+		}
+		return problems[i].Metric < problems[j].Metric
+	})
+
+	return problems, nil
+}
+
+// lint is the entry point for linting a single metric.
+func lint(mf *dto.MetricFamily) []Problem {
+	fns := []func(mf *dto.MetricFamily) []Problem{
+		lintHelp,
+		lintMetricUnits,
+		lintCounter,
+		lintHistogramSummaryReserved,
+		lintMetricTypeInName,
+		lintReservedChars,
+		lintCamelCase,
+		lintUnitAbbreviations,
+	}
+
+	var problems []Problem
+	for _, fn := range fns {
+		problems = append(problems, fn(mf)...)
+	}
+
+	// TODO(mdlayher): lint rules for specific metrics types.
+	return problems
+}
+
+// lintHelp detects issues related to the help text for a metric.
+func lintHelp(mf *dto.MetricFamily) []Problem {
+	var problems []Problem
+
+	// Expect all metrics to have help text available.
+	if mf.Help == nil {
+		problems = append(problems, newProblem(mf, "no help text"))
+	}
+
+	return problems
+}
+
+// lintMetricUnits detects issues with metric unit names.
+func lintMetricUnits(mf *dto.MetricFamily) []Problem {
+	var problems []Problem
+
+	unit, base, ok := metricUnits(*mf.Name)
+	if !ok {
+		// No known units detected.
+		return nil
+	}
+
+	// Unit is already a base unit.
+	if unit == base {
+		return nil
+	}
+
+	problems = append(problems, newProblem(mf, fmt.Sprintf("use base unit %q instead of %q", base, unit)))
+
+	return problems
+}
+
+// lintCounter detects issues specific to counters, as well as patterns that should
+// only be used with counters.
+func lintCounter(mf *dto.MetricFamily) []Problem {
+	var problems []Problem
+
+	isCounter := mf.GetType() == dto.MetricType_COUNTER
+	isUntyped := mf.GetType() == dto.MetricType_UNTYPED
+	hasTotalSuffix := strings.HasSuffix(mf.GetName(), "_total")
+
+	switch {
+	case isCounter && !hasTotalSuffix:
+		problems = append(problems, newProblem(mf, `counter metrics should have "_total" suffix`))
+	case !isUntyped && !isCounter && hasTotalSuffix:
+		problems = append(problems, newProblem(mf, `non-counter metrics should not have "_total" suffix`))
+	}
+
+	return problems
+}
+
+// lintHistogramSummaryReserved detects when other types of metrics use names or labels
+// reserved for use by histograms and/or summaries.
+func lintHistogramSummaryReserved(mf *dto.MetricFamily) []Problem {
+	// These rules do not apply to untyped metrics.
+	t := mf.GetType()
+	if t == dto.MetricType_UNTYPED {
+		return nil
+	}
+
+	var problems []Problem
+
+	isHistogram := t == dto.MetricType_HISTOGRAM
+	isSummary := t == dto.MetricType_SUMMARY
+
+	n := mf.GetName()
+
+	if !isHistogram && strings.HasSuffix(n, "_bucket") {
+		problems = append(problems, newProblem(mf, `non-histogram metrics should not have "_bucket" suffix`))
+	}
+	if !isHistogram && !isSummary && strings.HasSuffix(n, "_count") {
+		problems = append(problems, newProblem(mf, `non-histogram and non-summary metrics should not have "_count" suffix`))
+	}
+	if !isHistogram && !isSummary && strings.HasSuffix(n, "_sum") {
+		problems = append(problems, newProblem(mf, `non-histogram and non-summary metrics should not have "_sum" suffix`))
+	}
+
+	for _, m := range mf.GetMetric() {
+		for _, l := range m.GetLabel() {
+			ln := l.GetName()
+
+			if !isHistogram && ln == "le" {
+				problems = append(problems, newProblem(mf, `non-histogram metrics should not have "le" label`))
+			}
+			if !isSummary && ln == "quantile" {
+				problems = append(problems, newProblem(mf, `non-summary metrics should not have "quantile" label`))
+			}
+		}
+	}
+
+	return problems
+}
+
+// lintMetricTypeInName detects when metric types are included in the metric name.
+func lintMetricTypeInName(mf *dto.MetricFamily) []Problem {
+	var problems []Problem
+	n := strings.ToLower(mf.GetName())
+
+	for i, t := range dto.MetricType_name {
+		if i == int32(dto.MetricType_UNTYPED) {
+			continue
+		}
+
+		typename := strings.ToLower(t)
+		if strings.Contains(n, "_"+typename+"_") || strings.HasSuffix(n, "_"+typename) {
+			problems = append(problems, newProblem(mf, fmt.Sprintf(`metric name should not include type '%s'`, typename)))
+		}
+	}
+	return problems
+}
+
+// lintReservedChars detects colons in metric names.
+func lintReservedChars(mf *dto.MetricFamily) []Problem {
+	var problems []Problem
+	if strings.Contains(mf.GetName(), ":") {
+		problems = append(problems, newProblem(mf, "metric names should not contain ':'"))
+	}
+	return problems
+}
+
+var camelCase = regexp.MustCompile(`[a-z][A-Z]`)
+
+// lintCamelCase detects metric names and label names written in camelCase.
+func lintCamelCase(mf *dto.MetricFamily) []Problem {
+	var problems []Problem
+	if camelCase.FindString(mf.GetName()) != "" {
+		problems = append(problems, newProblem(mf, "metric names should be written in 'snake_case' not 'camelCase'"))
+	}
+
+	for _, m := range mf.GetMetric() {
+		for _, l := range m.GetLabel() {
+			if camelCase.FindString(l.GetName()) != "" {
+				problems = append(problems, newProblem(mf, "label names should be written in 'snake_case' not 'camelCase'"))
+			}
+		}
+	}
+	return problems
+}
+
+// lintUnitAbbreviations detects abbreviated units in the metric name.
+func lintUnitAbbreviations(mf *dto.MetricFamily) []Problem {
+	var problems []Problem
+	n := strings.ToLower(mf.GetName())
+	for _, s := range unitAbbreviations {
+		if strings.Contains(n, "_"+s+"_") || strings.HasSuffix(n, "_"+s) {
+			problems = append(problems, newProblem(mf, "metric names should not contain abbreviated units"))
+		}
+	}
+	return problems
+}
+
+// metricUnits attempts to detect known unit types used as part of a metric name,
+// e.g. "foo_bytes_total" or "bar_baz_milligrams".
+func metricUnits(m string) (unit string, base string, ok bool) {
+	ss := strings.Split(m, "_")
+
+	for unit, base := range units {
+		// Also check for "no prefix".
+		for _, p := range append(unitPrefixes, "") {
+			for _, s := range ss {
+				// Attempt to explicitly match a known unit with a known prefix,
+				// as some words may look like "units" when matching suffix.
+				//
+				// As an example, "thermometers" should not match "meters", but
+				// "kilometers" should.
+				if s == p+unit {
+					return p + unit, base, true
+				}
+			}
+		}
+	}
+
+	return "", "", false
+}
+
+// Units and their possible prefixes recognized by this library.  More can be
+// added over time as needed.
+var (
+	// map a unit to the appropriate base unit.
+	units = map[string]string{
+		// Base units.
+		"amperes": "amperes",
+		"bytes":   "bytes",
+		"celsius": "celsius", // Also allow Celsius because it is common in typical Prometheus use cases.
+		"grams":   "grams",
+		"joules":  "joules",
+		"kelvin":  "kelvin", // SI base unit, used in special cases (e.g. color temperature, scientific measurements).
+		"meters":  "meters", // Both American and international spelling permitted.
+		"metres":  "metres",
+		"seconds": "seconds",
+		"volts":   "volts",
+
+		// Non base units.
+		// Time.
+		"minutes": "seconds",
+		"hours":   "seconds",
+		"days":    "seconds",
+		"weeks":   "seconds",
+		// Temperature.
+		"kelvins":    "kelvin",
+		"fahrenheit": "celsius",
+		"rankine":    "celsius",
+		// Length.
+		"inches": "meters",
+		"yards":  "meters",
+		"miles":  "meters",
+		// Bytes.
+		"bits": "bytes",
+		// Energy.
+		"calories": "joules",
+		// Mass.
+		"pounds": "grams",
+		"ounces": "grams",
+	}
+
+	unitPrefixes = []string{
+		"pico",
+		"nano",
+		"micro",
+		"milli",
+		"centi",
+		"deci",
+		"deca",
+		"hecto",
+		"kilo",
+		"kibi",
+		"mega",
+		"mibi",
+		"giga",
+		"gibi",
+		"tera",
+		"tebi",
+		"peta",
+		"pebi",
+	}
+
+	// Common abbreviations that we'd like to discourage.
+	unitAbbreviations = []string{
+		"s",
+		"ms",
+		"us",
+		"ns",
+		"sec",
+		"b",
+		"kb",
+		"mb",
+		"gb",
+		"tb",
+		"pb",
+		"m",
+		"h",
+		"d",
+	}
+)
diff --git a/vendor/github.com/prometheus/client_golang/prometheus/testutil/testutil.go b/vendor/github.com/prometheus/client_golang/prometheus/testutil/testutil.go
new file mode 100644
index 00000000000..9af60ce1d21
--- /dev/null
+++ b/vendor/github.com/prometheus/client_golang/prometheus/testutil/testutil.go
@@ -0,0 +1,230 @@
+// Copyright 2018 The Prometheus Authors
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+// http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+// Package testutil provides helpers to test code using the prometheus package
+// of client_golang.
+//
+// While writing unit tests to verify correct instrumentation of your code, it's
+// a common mistake to mostly test the instrumentation library instead of your
+// own code. Rather than verifying that a prometheus.Counter's value has changed
+// as expected or that it shows up in the exposition after registration, it is
+// in general more robust and more faithful to the concept of unit tests to use
+// mock implementations of the prometheus.Counter and prometheus.Registerer
+// interfaces that simply assert that the Add or Register methods have been
+// called with the expected arguments. However, this might be overkill in simple
+// scenarios. The ToFloat64 function is provided for simple inspection of a
+// single-value metric, but it has to be used with caution.
+//
+// End-to-end tests to verify all or larger parts of the metrics exposition can
+// be implemented with the CollectAndCompare or GatherAndCompare functions. The
+// most appropriate use is not so much testing instrumentation of your code, but
+// testing custom prometheus.Collector implementations and in particular whole
+// exporters, i.e. programs that retrieve telemetry data from a 3rd party source
+// and convert it into Prometheus metrics.
+//
+// In a similar pattern, CollectAndLint and GatherAndLint can be used to detect
+// metrics that have issues with their name, type, or metadata without being
+// necessarily invalid, e.g. a counter with a name missing the “_total” suffix.
+package testutil
+
+import (
+	"bytes"
+	"fmt"
+	"io"
+
+	"github.com/prometheus/common/expfmt"
+
+	dto "github.com/prometheus/client_model/go"
+
+	"github.com/prometheus/client_golang/prometheus"
+	"github.com/prometheus/client_golang/prometheus/internal"
+)
+
+// ToFloat64 collects all Metrics from the provided Collector. It expects that
+// this results in exactly one Metric being collected, which must be a Gauge,
+// Counter, or Untyped. In all other cases, ToFloat64 panics. ToFloat64 returns
+// the value of the collected Metric.
+//
+// The Collector provided is typically a simple instance of Gauge or Counter, or
+// – less commonly – a GaugeVec or CounterVec with exactly one element. But any
+// Collector fulfilling the prerequisites described above will do.
+//
+// Use this function with caution. It is computationally very expensive and thus
+// not suited at all to read values from Metrics in regular code. This is really
+// only for testing purposes, and even for testing, other approaches are often
+// more appropriate (see this package's documentation).
+//
+// A clear anti-pattern would be to use a metric type from the prometheus
+// package to track values that are also needed for something else than the
+// exposition of Prometheus metrics. For example, you would like to track the
+// number of items in a queue because your code should reject queuing further
+// items if a certain limit is reached. It is tempting to track the number of
+// items in a prometheus.Gauge, as it is then easily available as a metric for
+// exposition, too. However, then you would need to call ToFloat64 in your
+// regular code, potentially quite often. The recommended way is to track the
+// number of items conventionally (in the way you would have done it without
+// considering Prometheus metrics) and then expose the number with a
+// prometheus.GaugeFunc.
+func ToFloat64(c prometheus.Collector) float64 {
+	var (
+		m      prometheus.Metric
+		mCount int
+		mChan  = make(chan prometheus.Metric)
+		done   = make(chan struct{})
+	)
+
+	go func() {
+		for m = range mChan {
+			mCount++
+		}
+		close(done)
+	}()
+
+	c.Collect(mChan)
+	close(mChan)
+	<-done
+
+	if mCount != 1 {
+		panic(fmt.Errorf("collected %d metrics instead of exactly 1", mCount))
+	}
+
+	pb := &dto.Metric{}
+	m.Write(pb)
+	if pb.Gauge != nil {
+		return pb.Gauge.GetValue()
+	}
+	if pb.Counter != nil {
+		return pb.Counter.GetValue()
+	}
+	if pb.Untyped != nil {
+		return pb.Untyped.GetValue()
+	}
+	panic(fmt.Errorf("collected a non-gauge/counter/untyped metric: %s", pb))
+}
+
+// CollectAndCount registers the provided Collector with a newly created
+// pedantic Registry. It then calls GatherAndCount with that Registry and with
+// the provided metricNames. In the unlikely case that the registration or the
+// gathering fails, this function panics. (This is inconsistent with the other
+// CollectAnd… functions in this package and has historical reasons. Changing
+// the function signature would be a breaking change and will therefore only
+// happen with the next major version bump.)
+func CollectAndCount(c prometheus.Collector, metricNames ...string) int {
+	reg := prometheus.NewPedanticRegistry()
+	if err := reg.Register(c); err != nil {
+		panic(fmt.Errorf("registering collector failed: %s", err))
+	}
+	result, err := GatherAndCount(reg, metricNames...)
+	if err != nil {
+		panic(err)
+	}
+	return result
+}
+
+// GatherAndCount gathers all metrics from the provided Gatherer and counts
+// them. It returns the number of metric children in all gathered metric
+// families together. If any metricNames are provided, only metrics with those
+// names are counted.
+func GatherAndCount(g prometheus.Gatherer, metricNames ...string) (int, error) {
+	got, err := g.Gather()
+	if err != nil {
+		return 0, fmt.Errorf("gathering metrics failed: %s", err)
+	}
+	if metricNames != nil {
+		got = filterMetrics(got, metricNames)
+	}
+
+	result := 0
+	for _, mf := range got {
+		result += len(mf.GetMetric())
+	}
+	return result, nil
+}
+
+// CollectAndCompare registers the provided Collector with a newly created
+// pedantic Registry. It then calls GatherAndCompare with that Registry and with
+// the provided metricNames.
+func CollectAndCompare(c prometheus.Collector, expected io.Reader, metricNames ...string) error {
+	reg := prometheus.NewPedanticRegistry()
+	if err := reg.Register(c); err != nil {
+		return fmt.Errorf("registering collector failed: %s", err)
+	}
+	return GatherAndCompare(reg, expected, metricNames...)
+}
+
+// GatherAndCompare gathers all metrics from the provided Gatherer and compares
+// it to an expected output read from the provided Reader in the Prometheus text
+// exposition format. If any metricNames are provided, only metrics with those
+// names are compared.
+func GatherAndCompare(g prometheus.Gatherer, expected io.Reader, metricNames ...string) error {
+	got, err := g.Gather()
+	if err != nil {
+		return fmt.Errorf("gathering metrics failed: %s", err)
+	}
+	if metricNames != nil {
+		got = filterMetrics(got, metricNames)
+	}
+	var tp expfmt.TextParser
+	wantRaw, err := tp.TextToMetricFamilies(expected)
+	if err != nil {
+		return fmt.Errorf("parsing expected metrics failed: %s", err)
+	}
+	want := internal.NormalizeMetricFamilies(wantRaw)
+
+	return compare(got, want)
+}
+
+// compare encodes both provided slices of metric families into the text format,
+// compares their string message, and returns an error if they do not match.
+// The error contains the encoded text of both the desired and the actual
+// result.
+func compare(got, want []*dto.MetricFamily) error {
+	var gotBuf, wantBuf bytes.Buffer
+	enc := expfmt.NewEncoder(&gotBuf, expfmt.FmtText)
+	for _, mf := range got {
+		if err := enc.Encode(mf); err != nil {
+			return fmt.Errorf("encoding gathered metrics failed: %s", err)
+		}
+	}
+	enc = expfmt.NewEncoder(&wantBuf, expfmt.FmtText)
+	for _, mf := range want {
+		if err := enc.Encode(mf); err != nil {
+			return fmt.Errorf("encoding expected metrics failed: %s", err)
+		}
+	}
+
+	if wantBuf.String() != gotBuf.String() {
+		return fmt.Errorf(`
+metric output does not match expectation; want:
+
+%s
+got:
+
+%s`, wantBuf.String(), gotBuf.String())
+
+	}
+	return nil
+}
+
+func filterMetrics(metrics []*dto.MetricFamily, names []string) []*dto.MetricFamily {
+	var filtered []*dto.MetricFamily
+	for _, m := range metrics {
+		for _, name := range names {
+			if m.GetName() == name {
+				filtered = append(filtered, m)
+				break
+			}
+		}
+	}
+	return filtered
+}
diff --git a/vendor/github.com/prometheus/exporter-toolkit/web/users.go b/vendor/github.com/prometheus/exporter-toolkit/web/handler.go
similarity index 66%
rename from vendor/github.com/prometheus/exporter-toolkit/web/users.go
rename to vendor/github.com/prometheus/exporter-toolkit/web/handler.go
index cf8105fc8cc..ae3ebc03b97 100644
--- a/vendor/github.com/prometheus/exporter-toolkit/web/users.go
+++ b/vendor/github.com/prometheus/exporter-toolkit/web/handler.go
@@ -17,6 +17,7 @@ package web
 
 import (
 	"encoding/hex"
+	"fmt"
 	"net/http"
 	"sync"
 
@@ -24,6 +25,17 @@ import (
 	"golang.org/x/crypto/bcrypt"
 )
 
+// extraHTTPHeaders is a map of HTTP headers that can be added to HTTP
+// responses.
+// This is private on purpose to ensure consistency in the Prometheus ecosystem.
+var extraHTTPHeaders = map[string][]string{
+	"Strict-Transport-Security": nil,
+	"X-Content-Type-Options":    {"nosniff"},
+	"X-Frame-Options":           {"deny", "sameorigin"},
+	"X-XSS-Protection":          nil,
+	"Content-Security-Policy":   nil,
+}
+
 func validateUsers(configPath string) error {
 	c, err := getConfig(configPath)
 	if err != nil {
@@ -40,7 +52,29 @@ func validateUsers(configPath string) error {
 	return nil
 }
 
-type userAuthRoundtrip struct {
+// validateHeaderConfig checks that the provided header configuration is correct.
+// It does not check the validity of all the values, only the ones which are
+// well-defined enumerations.
+func validateHeaderConfig(headers map[string]string) error {
+HeadersLoop:
+	for k, v := range headers {
+		values, ok := extraHTTPHeaders[k]
+		if !ok {
+			return fmt.Errorf("HTTP header %q can not be configured", k)
+		}
+		for _, allowedValue := range values {
+			if v == allowedValue {
+				continue HeadersLoop
+			}
+		}
+		if len(values) > 0 {
+			return fmt.Errorf("invalid value for %s. Expected one of: %q, but got: %q", k, values, v)
+		}
+	}
+	return nil
+}
+
+type webHandler struct {
 	tlsConfigPath string
 	handler       http.Handler
 	logger        log.Logger
@@ -50,7 +84,7 @@ type userAuthRoundtrip struct {
 	bcryptMtx sync.Mutex
 }
 
-func (u *userAuthRoundtrip) ServeHTTP(w http.ResponseWriter, r *http.Request) {
+func (u *webHandler) ServeHTTP(w http.ResponseWriter, r *http.Request) {
 	c, err := getConfig(u.tlsConfigPath)
 	if err != nil {
 		u.logger.Log("msg", "Unable to parse configuration", "err", err)
@@ -58,6 +92,11 @@ func (u *userAuthRoundtrip) ServeHTTP(w http.ResponseWriter, r *http.Request) {
 		return
 	}
 
+	// Configure http headers.
+	for k, v := range c.HTTPConfig.Header {
+		w.Header().Set(k, v)
+	}
+
 	if len(c.Users) == 0 {
 		u.handler.ServeHTTP(w, r)
 		return
diff --git a/vendor/github.com/prometheus/exporter-toolkit/web/tls_config.go b/vendor/github.com/prometheus/exporter-toolkit/web/tls_config.go
index 42eb5d432f6..2668964a068 100644
--- a/vendor/github.com/prometheus/exporter-toolkit/web/tls_config.go
+++ b/vendor/github.com/prometheus/exporter-toolkit/web/tls_config.go
@@ -59,7 +59,8 @@ func (t *TLSStruct) SetDirectory(dir string) {
 }
 
 type HTTPStruct struct {
-	HTTP2 bool `yaml:"http2"`
+	HTTP2  bool              `yaml:"http2"`
+	Header map[string]string `yaml:"headers,omitempty"`
 }
 
 func getConfig(configPath string) (*Config, error) {
@@ -76,6 +77,9 @@ func getConfig(configPath string) (*Config, error) {
 		HTTPConfig: HTTPStruct{HTTP2: true},
 	}
 	err = yaml.UnmarshalStrict(content, c)
+	if err == nil {
+		err = validateHeaderConfig(c.HTTPConfig.Header)
+	}
 	c.TLSConfig.SetDirectory(filepath.Dir(configPath))
 	return c, err
 }
@@ -207,7 +211,7 @@ func Serve(l net.Listener, server *http.Server, tlsConfigPath string, logger log
 		return err
 	}
 
-	server.Handler = &userAuthRoundtrip{
+	server.Handler = &webHandler{
 		tlsConfigPath: tlsConfigPath,
 		logger:        logger,
 		handler:       handler,
diff --git a/vendor/github.com/prometheus/prometheus/config/config.go b/vendor/github.com/prometheus/prometheus/config/config.go
index dc2ed19a259..24441d2bcbd 100644
--- a/vendor/github.com/prometheus/prometheus/config/config.go
+++ b/vendor/github.com/prometheus/prometheus/config/config.go
@@ -33,8 +33,8 @@ import (
 	yaml "gopkg.in/yaml.v2"
 
 	"github.com/prometheus/prometheus/discovery"
-	"github.com/prometheus/prometheus/pkg/labels"
-	"github.com/prometheus/prometheus/pkg/relabel"
+	"github.com/prometheus/prometheus/model/labels"
+	"github.com/prometheus/prometheus/model/relabel"
 )
 
 var (
@@ -99,7 +99,7 @@ func Load(s string, expandExternalLabels bool, logger log.Logger) (*Config, erro
 }
 
 // LoadFile parses the given YAML file into a Config.
-func LoadFile(filename string, expandExternalLabels bool, logger log.Logger) (*Config, error) {
+func LoadFile(filename string, agentMode, expandExternalLabels bool, logger log.Logger) (*Config, error) {
 	content, err := ioutil.ReadFile(filename)
 	if err != nil {
 		return nil, err
@@ -108,6 +108,25 @@ func LoadFile(filename string, expandExternalLabels bool, logger log.Logger) (*C
 	if err != nil {
 		return nil, errors.Wrapf(err, "parsing YAML file %s", filename)
 	}
+
+	if agentMode {
+		if len(cfg.RemoteWriteConfigs) == 0 {
+			return nil, errors.New("at least one remote_write target must be specified in agent mode")
+		}
+
+		if len(cfg.AlertingConfig.AlertmanagerConfigs) > 0 || len(cfg.AlertingConfig.AlertRelabelConfigs) > 0 {
+			return nil, errors.New("field alerting is not allowed in agent mode")
+		}
+
+		if len(cfg.RuleFiles) > 0 {
+			return nil, errors.New("field rule_files is not allowed in agent mode")
+		}
+
+		if len(cfg.RemoteReadConfigs) > 0 {
+			return nil, errors.New("field remote_read is not allowed in agent mode")
+		}
+	}
+
 	cfg.SetDirectory(filepath.Dir(filename))
 	return cfg, nil
 }
@@ -169,7 +188,7 @@ var (
 
 		// Backoff times for retrying a batch of samples on recoverable errors.
 		MinBackoff: model.Duration(30 * time.Millisecond),
-		MaxBackoff: model.Duration(100 * time.Millisecond),
+		MaxBackoff: model.Duration(5 * time.Second),
 	}
 
 	// DefaultMetadataConfig is the default metadata configuration for a remote write endpoint.
diff --git a/vendor/github.com/prometheus/prometheus/discovery/README.md b/vendor/github.com/prometheus/prometheus/discovery/README.md
index 19b579b3998..8854981a041 100644
--- a/vendor/github.com/prometheus/prometheus/discovery/README.md
+++ b/vendor/github.com/prometheus/prometheus/discovery/README.md
@@ -131,7 +131,7 @@ the Prometheus server will be able to see them.
 
 ### The SD interface
 
-A Service Discovery (SD) mechanism has to discover targets and provide them to Prometheus. We expect similar targets to be grouped together, in the form of a [target group](https://pkg.go.dev/github.com/prometheus/prometheus/discovery/targetgroup#Group). The SD mechanism sends the targets down to prometheus as list of target groups.
+A Service Discovery (SD) mechanism has to discover targets and provide them to Prometheus. We expect similar targets to be grouped together, in the form of a [target group](https://pkg.go.dev/github.com/prometheus/prometheus@v1.8.2-0.20211105201321-411021ada9ab/discovery/targetgroup#Group). The SD mechanism sends the targets down to prometheus as list of target groups.
 
 An SD mechanism has to implement the `Discoverer` Interface:
 ```go
diff --git a/vendor/github.com/prometheus/prometheus/discovery/file/file.go b/vendor/github.com/prometheus/prometheus/discovery/file/file.go
index 088fa12d46c..2371ba1941e 100644
--- a/vendor/github.com/prometheus/prometheus/discovery/file/file.go
+++ b/vendor/github.com/prometheus/prometheus/discovery/file/file.go
@@ -25,13 +25,13 @@ import (
 	"sync"
 	"time"
 
+	"github.com/fsnotify/fsnotify"
 	"github.com/go-kit/log"
 	"github.com/go-kit/log/level"
 	"github.com/pkg/errors"
 	"github.com/prometheus/client_golang/prometheus"
 	"github.com/prometheus/common/config"
 	"github.com/prometheus/common/model"
-	fsnotify "gopkg.in/fsnotify/fsnotify.v1"
 	yaml "gopkg.in/yaml.v2"
 
 	"github.com/prometheus/prometheus/discovery"
diff --git a/vendor/github.com/prometheus/prometheus/discovery/manager.go b/vendor/github.com/prometheus/prometheus/discovery/manager.go
index b3dae5c59fc..e10cfc7bd3b 100644
--- a/vendor/github.com/prometheus/prometheus/discovery/manager.go
+++ b/vendor/github.com/prometheus/prometheus/discovery/manager.go
@@ -65,7 +65,7 @@ var (
 	)
 )
 
-func init() {
+func RegisterMetrics() {
 	prometheus.MustRegister(failedConfigs, discoveredTargets, receivedUpdates, delayedUpdates, sentUpdates)
 }
 
@@ -74,12 +74,26 @@ type poolKey struct {
 	provider string
 }
 
-// provider holds a Discoverer instance, its configuration and its subscribers.
+// provider holds a Discoverer instance, its configuration, cancel func and its subscribers.
 type provider struct {
 	name   string
 	d      Discoverer
-	subs   []string
 	config interface{}
+
+	cancel context.CancelFunc
+	// done should be called after cleaning up resources associated with cancelled provider.
+	done func()
+
+	mu   sync.RWMutex
+	subs map[string]struct{}
+
+	// newSubs is used to temporary store subs to be used upon config reload completion.
+	newSubs map[string]struct{}
+}
+
+// IsStarted return true if Discoverer is started.
+func (p *provider) IsStarted() bool {
+	return p.cancel != nil
 }
 
 // NewManager is the Discovery Manager constructor.
@@ -88,13 +102,12 @@ func NewManager(ctx context.Context, logger log.Logger, options ...func(*Manager
 		logger = log.NewNopLogger()
 	}
 	mgr := &Manager{
-		logger:         logger,
-		syncCh:         make(chan map[string][]*targetgroup.Group),
-		targets:        make(map[poolKey]map[string]*targetgroup.Group),
-		discoverCancel: []context.CancelFunc{},
-		ctx:            ctx,
-		updatert:       5 * time.Second,
-		triggerSend:    make(chan struct{}, 1),
+		logger:      logger,
+		syncCh:      make(chan map[string][]*targetgroup.Group),
+		targets:     make(map[poolKey]map[string]*targetgroup.Group),
+		ctx:         ctx,
+		updatert:    5 * time.Second,
+		triggerSend: make(chan struct{}, 1),
 	}
 	for _, option := range options {
 		option(mgr)
@@ -114,15 +127,16 @@ func Name(n string) func(*Manager) {
 // Manager maintains a set of discovery providers and sends each update to a map channel.
 // Targets are grouped by the target set name.
 type Manager struct {
-	logger         log.Logger
-	name           string
-	mtx            sync.RWMutex
-	ctx            context.Context
-	discoverCancel []context.CancelFunc
+	logger log.Logger
+	name   string
+	mtx    sync.RWMutex
+	ctx    context.Context
 
-	// Some Discoverers(eg. k8s) send only the updates for a given target group
+	// Some Discoverers(e.g. k8s) send only the updates for a given target group,
 	// so we use map[tg.Source]*targetgroup.Group to know which group to update.
-	targets map[poolKey]map[string]*targetgroup.Group
+	targets    map[poolKey]map[string]*targetgroup.Group
+	targetsMtx sync.Mutex
+
 	// providers keeps track of SD providers.
 	providers []*provider
 	// The sync channel sends the updates as a map where the key is the job value from the scrape config.
@@ -132,11 +146,14 @@ type Manager struct {
 	// should only be modified in unit tests.
 	updatert time.Duration
 
-	// The triggerSend channel signals to the manager that new updates have been received from providers.
+	// The triggerSend channel signals to the Manager that new updates have been received from providers.
 	triggerSend chan struct{}
+
+	// lastProvider counts providers registered during Manager's lifetime.
+	lastProvider uint
 }
 
-// Run starts the background processing
+// Run starts the background processing.
 func (m *Manager) Run() error {
 	go m.sender()
 	for range m.ctx.Done() {
@@ -151,31 +168,82 @@ func (m *Manager) SyncCh() <-chan map[string][]*targetgroup.Group {
 	return m.syncCh
 }
 
-// ApplyConfig removes all running discovery providers and starts new ones using the provided config.
+// ApplyConfig checks if discovery provider with supplied config is already running and keeps them as is.
+// Remaining providers are then stopped and new required providers are started using the provided config.
 func (m *Manager) ApplyConfig(cfg map[string]Configs) error {
 	m.mtx.Lock()
 	defer m.mtx.Unlock()
 
-	for pk := range m.targets {
-		if _, ok := cfg[pk.setName]; !ok {
-			discoveredTargets.DeleteLabelValues(m.name, pk.setName)
-		}
-	}
-	m.cancelDiscoverers()
-	m.targets = make(map[poolKey]map[string]*targetgroup.Group)
-	m.providers = nil
-	m.discoverCancel = nil
-
-	failedCount := 0
+	var failedCount int
 	for name, scfg := range cfg {
 		failedCount += m.registerProviders(scfg, name)
-		discoveredTargets.WithLabelValues(m.name, name).Set(0)
 	}
 	failedConfigs.WithLabelValues(m.name).Set(float64(failedCount))
 
+	var (
+		wg sync.WaitGroup
+		// keep shows if we keep any providers after reload.
+		keep         bool
+		newProviders []*provider
+	)
 	for _, prov := range m.providers {
-		m.startProvider(m.ctx, prov)
+		// Cancel obsolete providers.
+		if len(prov.newSubs) == 0 {
+			wg.Add(1)
+			prov.done = func() {
+				wg.Done()
+			}
+			prov.cancel()
+			continue
+		}
+		newProviders = append(newProviders, prov)
+		// refTargets keeps reference targets used to populate new subs' targets
+		var refTargets map[string]*targetgroup.Group
+		prov.mu.Lock()
+
+		m.targetsMtx.Lock()
+		for s := range prov.subs {
+			keep = true
+			refTargets = m.targets[poolKey{s, prov.name}]
+			// Remove obsolete subs' targets.
+			if _, ok := prov.newSubs[s]; !ok {
+				delete(m.targets, poolKey{s, prov.name})
+				discoveredTargets.DeleteLabelValues(m.name, s)
+			}
+		}
+		// Set metrics and targets for new subs.
+		for s := range prov.newSubs {
+			if _, ok := prov.subs[s]; !ok {
+				discoveredTargets.WithLabelValues(m.name, s).Set(0)
+			}
+			if l := len(refTargets); l > 0 {
+				m.targets[poolKey{s, prov.name}] = make(map[string]*targetgroup.Group, l)
+				for k, v := range refTargets {
+					m.targets[poolKey{s, prov.name}][k] = v
+				}
+			}
+		}
+		m.targetsMtx.Unlock()
+
+		prov.subs = prov.newSubs
+		prov.newSubs = map[string]struct{}{}
+		prov.mu.Unlock()
+		if !prov.IsStarted() {
+			m.startProvider(m.ctx, prov)
+		}
+	}
+	// Currently downstream managers expect full target state upon config reload, so we must oblige.
+	// While startProvider does pull the trigger, it may take some time to do so, therefore
+	// we pull the trigger as soon as possible so that downstream managers can populate their state.
+	// See https://github.com/prometheus/prometheus/pull/8639 for details.
+	if keep {
+		select {
+		case m.triggerSend <- struct{}{}:
+		default:
+		}
 	}
+	m.providers = newProviders
+	wg.Wait()
 
 	return nil
 }
@@ -185,7 +253,9 @@ func (m *Manager) StartCustomProvider(ctx context.Context, name string, worker D
 	p := &provider{
 		name: name,
 		d:    worker,
-		subs: []string{name},
+		subs: map[string]struct{}{
+			name: {},
+		},
 	}
 	m.providers = append(m.providers, p)
 	m.startProvider(ctx, p)
@@ -196,13 +266,29 @@ func (m *Manager) startProvider(ctx context.Context, p *provider) {
 	ctx, cancel := context.WithCancel(ctx)
 	updates := make(chan []*targetgroup.Group)
 
-	m.discoverCancel = append(m.discoverCancel, cancel)
+	p.cancel = cancel
 
 	go p.d.Run(ctx, updates)
 	go m.updater(ctx, p, updates)
 }
 
+// cleaner cleans resources associated with provider.
+func (m *Manager) cleaner(p *provider) {
+	m.targetsMtx.Lock()
+	p.mu.RLock()
+	for s := range p.subs {
+		delete(m.targets, poolKey{s, p.name})
+	}
+	p.mu.RUnlock()
+	m.targetsMtx.Unlock()
+	if p.done != nil {
+		p.done()
+	}
+}
+
 func (m *Manager) updater(ctx context.Context, p *provider, updates chan []*targetgroup.Group) {
+	// Ensure targets from this provider are cleaned up.
+	defer m.cleaner(p)
 	for {
 		select {
 		case <-ctx.Done():
@@ -211,12 +297,16 @@ func (m *Manager) updater(ctx context.Context, p *provider, updates chan []*targ
 			receivedUpdates.WithLabelValues(m.name).Inc()
 			if !ok {
 				level.Debug(m.logger).Log("msg", "Discoverer channel closed", "provider", p.name)
+				// Wait for provider cancellation to ensure targets are cleaned up when expected.
+				<-ctx.Done()
 				return
 			}
 
-			for _, s := range p.subs {
+			p.mu.RLock()
+			for s := range p.subs {
 				m.updateGroup(poolKey{setName: s, provider: p.name}, tgs)
 			}
+			p.mu.RUnlock()
 
 			select {
 			case m.triggerSend <- struct{}{}:
@@ -234,7 +324,7 @@ func (m *Manager) sender() {
 		select {
 		case <-m.ctx.Done():
 			return
-		case <-ticker.C: // Some discoverers send updates too often so we throttle these with the ticker.
+		case <-ticker.C: // Some discoverers send updates too often, so we throttle these with the ticker.
 			select {
 			case <-m.triggerSend:
 				sentUpdates.WithLabelValues(m.name).Inc()
@@ -255,14 +345,18 @@ func (m *Manager) sender() {
 }
 
 func (m *Manager) cancelDiscoverers() {
-	for _, c := range m.discoverCancel {
-		c()
+	m.mtx.RLock()
+	defer m.mtx.RUnlock()
+	for _, p := range m.providers {
+		if p.cancel != nil {
+			p.cancel()
+		}
 	}
 }
 
 func (m *Manager) updateGroup(poolKey poolKey, tgs []*targetgroup.Group) {
-	m.mtx.Lock()
-	defer m.mtx.Unlock()
+	m.targetsMtx.Lock()
+	defer m.targetsMtx.Unlock()
 
 	if _, ok := m.targets[poolKey]; !ok {
 		m.targets[poolKey] = make(map[string]*targetgroup.Group)
@@ -275,11 +369,11 @@ func (m *Manager) updateGroup(poolKey poolKey, tgs []*targetgroup.Group) {
 }
 
 func (m *Manager) allGroups() map[string][]*targetgroup.Group {
-	m.mtx.RLock()
-	defer m.mtx.RUnlock()
-
 	tSets := map[string][]*targetgroup.Group{}
 	n := map[string]int{}
+
+	m.targetsMtx.Lock()
+	defer m.targetsMtx.Unlock()
 	for pkey, tsets := range m.targets {
 		for _, tg := range tsets {
 			// Even if the target group 'tg' is empty we still need to send it to the 'Scrape manager'
@@ -303,7 +397,7 @@ func (m *Manager) registerProviders(cfgs Configs, setName string) int {
 	add := func(cfg Config) {
 		for _, p := range m.providers {
 			if reflect.DeepEqual(cfg, p.config) {
-				p.subs = append(p.subs, setName)
+				p.newSubs[setName] = struct{}{}
 				added = true
 				return
 			}
@@ -318,11 +412,14 @@ func (m *Manager) registerProviders(cfgs Configs, setName string) int {
 			return
 		}
 		m.providers = append(m.providers, &provider{
-			name:   fmt.Sprintf("%s/%d", typ, len(m.providers)),
+			name:   fmt.Sprintf("%s/%d", typ, m.lastProvider),
 			d:      d,
 			config: cfg,
-			subs:   []string{setName},
+			newSubs: map[string]struct{}{
+				setName: {},
+			},
 		})
+		m.lastProvider++
 		added = true
 	}
 	for _, cfg := range cfgs {
diff --git a/vendor/github.com/prometheus/prometheus/pkg/exemplar/exemplar.go b/vendor/github.com/prometheus/prometheus/model/exemplar/exemplar.go
similarity index 97%
rename from vendor/github.com/prometheus/prometheus/pkg/exemplar/exemplar.go
rename to vendor/github.com/prometheus/prometheus/model/exemplar/exemplar.go
index 27ba64d4b8a..2e39cf68929 100644
--- a/vendor/github.com/prometheus/prometheus/pkg/exemplar/exemplar.go
+++ b/vendor/github.com/prometheus/prometheus/model/exemplar/exemplar.go
@@ -13,7 +13,7 @@
 
 package exemplar
 
-import "github.com/prometheus/prometheus/pkg/labels"
+import "github.com/prometheus/prometheus/model/labels"
 
 // The combined length of the label names and values of an Exemplar's LabelSet MUST NOT exceed 128 UTF-8 characters
 // https://github.com/OpenObservability/OpenMetrics/blob/main/specification/OpenMetrics.md#exemplars
diff --git a/vendor/github.com/prometheus/prometheus/pkg/labels/labels.go b/vendor/github.com/prometheus/prometheus/model/labels/labels.go
similarity index 100%
rename from vendor/github.com/prometheus/prometheus/pkg/labels/labels.go
rename to vendor/github.com/prometheus/prometheus/model/labels/labels.go
diff --git a/vendor/github.com/prometheus/prometheus/pkg/labels/matcher.go b/vendor/github.com/prometheus/prometheus/model/labels/matcher.go
similarity index 100%
rename from vendor/github.com/prometheus/prometheus/pkg/labels/matcher.go
rename to vendor/github.com/prometheus/prometheus/model/labels/matcher.go
diff --git a/vendor/github.com/prometheus/prometheus/pkg/labels/regexp.go b/vendor/github.com/prometheus/prometheus/model/labels/regexp.go
similarity index 100%
rename from vendor/github.com/prometheus/prometheus/pkg/labels/regexp.go
rename to vendor/github.com/prometheus/prometheus/model/labels/regexp.go
diff --git a/vendor/github.com/prometheus/prometheus/pkg/labels/test_utils.go b/vendor/github.com/prometheus/prometheus/model/labels/test_utils.go
similarity index 100%
rename from vendor/github.com/prometheus/prometheus/pkg/labels/test_utils.go
rename to vendor/github.com/prometheus/prometheus/model/labels/test_utils.go
diff --git a/vendor/github.com/prometheus/prometheus/pkg/relabel/relabel.go b/vendor/github.com/prometheus/prometheus/model/relabel/relabel.go
similarity index 99%
rename from vendor/github.com/prometheus/prometheus/pkg/relabel/relabel.go
rename to vendor/github.com/prometheus/prometheus/model/relabel/relabel.go
index ec452f5b525..db08f3c85fa 100644
--- a/vendor/github.com/prometheus/prometheus/pkg/relabel/relabel.go
+++ b/vendor/github.com/prometheus/prometheus/model/relabel/relabel.go
@@ -22,7 +22,7 @@ import (
 	"github.com/pkg/errors"
 	"github.com/prometheus/common/model"
 
-	"github.com/prometheus/prometheus/pkg/labels"
+	"github.com/prometheus/prometheus/model/labels"
 )
 
 var (
diff --git a/vendor/github.com/prometheus/prometheus/pkg/rulefmt/rulefmt.go b/vendor/github.com/prometheus/prometheus/model/rulefmt/rulefmt.go
similarity index 93%
rename from vendor/github.com/prometheus/prometheus/pkg/rulefmt/rulefmt.go
rename to vendor/github.com/prometheus/prometheus/model/rulefmt/rulefmt.go
index 62cd6de0921..5332514ed56 100644
--- a/vendor/github.com/prometheus/prometheus/pkg/rulefmt/rulefmt.go
+++ b/vendor/github.com/prometheus/prometheus/model/rulefmt/rulefmt.go
@@ -25,7 +25,7 @@ import (
 	"github.com/prometheus/common/model"
 	yaml "gopkg.in/yaml.v3"
 
-	"github.com/prometheus/prometheus/pkg/timestamp"
+	"github.com/prometheus/prometheus/model/timestamp"
 	"github.com/prometheus/prometheus/promql/parser"
 	"github.com/prometheus/prometheus/template"
 )
@@ -38,6 +38,16 @@ type Error struct {
 	Err      WrappedError
 }
 
+// Error prints the error message in a formatted string.
+func (err *Error) Error() string {
+	if err.Err.nodeAlt != nil {
+		return errors.Wrapf(err.Err.err, "%d:%d: %d:%d: group %q, rule %d, %q", err.Err.node.Line, err.Err.node.Column, err.Err.nodeAlt.Line, err.Err.nodeAlt.Column, err.Group, err.Rule, err.RuleName).Error()
+	} else if err.Err.node != nil {
+		return errors.Wrapf(err.Err.err, "%d:%d: group %q, rule %d, %q", err.Err.node.Line, err.Err.node.Column, err.Group, err.Rule, err.RuleName).Error()
+	}
+	return errors.Wrapf(err.Err.err, "group %q, rule %d, %q", err.Group, err.Rule, err.RuleName).Error()
+}
+
 // WrappedError wraps error with the yaml node which can be used to represent
 // the line and column numbers of the error.
 type WrappedError struct {
@@ -46,13 +56,14 @@ type WrappedError struct {
 	nodeAlt *yaml.Node
 }
 
-func (err *Error) Error() string {
-	if err.Err.nodeAlt != nil {
-		return errors.Wrapf(err.Err.err, "%d:%d: %d:%d: group %q, rule %d, %q", err.Err.node.Line, err.Err.node.Column, err.Err.nodeAlt.Line, err.Err.nodeAlt.Column, err.Group, err.Rule, err.RuleName).Error()
-	} else if err.Err.node != nil {
-		return errors.Wrapf(err.Err.err, "%d:%d: group %q, rule %d, %q", err.Err.node.Line, err.Err.node.Column, err.Group, err.Rule, err.RuleName).Error()
+// Error prints the error message in a formatted string.
+func (we *WrappedError) Error() string {
+	if we.nodeAlt != nil {
+		return errors.Wrapf(we.err, "%d:%d: %d:%d", we.node.Line, we.node.Column, we.nodeAlt.Line, we.nodeAlt.Column).Error()
+	} else if we.node != nil {
+		return errors.Wrapf(we.err, "%d:%d", we.node.Line, we.node.Column).Error()
 	}
-	return errors.Wrapf(err.Err.err, "group %q, rule %d, %q", err.Group, err.Rule, err.RuleName).Error()
+	return we.err.Error()
 }
 
 // RuleGroups is a set of rule groups that are typically exposed in a file.
@@ -83,7 +94,7 @@ func (g *RuleGroups) Validate(node ruleGroups) (errs []error) {
 		set[g.Name] = struct{}{}
 
 		for i, r := range g.Rules {
-			for _, node := range r.Validate() {
+			for _, node := range g.Rules[i].Validate() {
 				var ruleName yaml.Node
 				if r.Alert.Value != "" {
 					ruleName = r.Alert
diff --git a/vendor/github.com/prometheus/prometheus/pkg/textparse/README.md b/vendor/github.com/prometheus/prometheus/model/textparse/README.md
similarity index 100%
rename from vendor/github.com/prometheus/prometheus/pkg/textparse/README.md
rename to vendor/github.com/prometheus/prometheus/model/textparse/README.md
diff --git a/vendor/github.com/prometheus/prometheus/pkg/textparse/interface.go b/vendor/github.com/prometheus/prometheus/model/textparse/interface.go
similarity index 97%
rename from vendor/github.com/prometheus/prometheus/pkg/textparse/interface.go
rename to vendor/github.com/prometheus/prometheus/model/textparse/interface.go
index 557e566622b..cff86c0ed8f 100644
--- a/vendor/github.com/prometheus/prometheus/pkg/textparse/interface.go
+++ b/vendor/github.com/prometheus/prometheus/model/textparse/interface.go
@@ -16,8 +16,8 @@ package textparse
 import (
 	"mime"
 
-	"github.com/prometheus/prometheus/pkg/exemplar"
-	"github.com/prometheus/prometheus/pkg/labels"
+	"github.com/prometheus/prometheus/model/exemplar"
+	"github.com/prometheus/prometheus/model/labels"
 )
 
 // Parser parses samples from a byte slice of samples in the official
diff --git a/vendor/github.com/prometheus/prometheus/pkg/textparse/openmetricslex.l b/vendor/github.com/prometheus/prometheus/model/textparse/openmetricslex.l
similarity index 100%
rename from vendor/github.com/prometheus/prometheus/pkg/textparse/openmetricslex.l
rename to vendor/github.com/prometheus/prometheus/model/textparse/openmetricslex.l
diff --git a/vendor/github.com/prometheus/prometheus/pkg/textparse/openmetricslex.l.go b/vendor/github.com/prometheus/prometheus/model/textparse/openmetricslex.l.go
similarity index 100%
rename from vendor/github.com/prometheus/prometheus/pkg/textparse/openmetricslex.l.go
rename to vendor/github.com/prometheus/prometheus/model/textparse/openmetricslex.l.go
diff --git a/vendor/github.com/prometheus/prometheus/pkg/textparse/openmetricsparse.go b/vendor/github.com/prometheus/prometheus/model/textparse/openmetricsparse.go
similarity index 98%
rename from vendor/github.com/prometheus/prometheus/pkg/textparse/openmetricsparse.go
rename to vendor/github.com/prometheus/prometheus/model/textparse/openmetricsparse.go
index 565efd359d0..bbd39e3d554 100644
--- a/vendor/github.com/prometheus/prometheus/pkg/textparse/openmetricsparse.go
+++ b/vendor/github.com/prometheus/prometheus/model/textparse/openmetricsparse.go
@@ -27,9 +27,9 @@ import (
 
 	"github.com/pkg/errors"
 
-	"github.com/prometheus/prometheus/pkg/exemplar"
-	"github.com/prometheus/prometheus/pkg/labels"
-	"github.com/prometheus/prometheus/pkg/value"
+	"github.com/prometheus/prometheus/model/exemplar"
+	"github.com/prometheus/prometheus/model/labels"
+	"github.com/prometheus/prometheus/model/value"
 )
 
 var allowedSuffixes = [][]byte{[]byte("_total"), []byte("_bucket")}
diff --git a/vendor/github.com/prometheus/prometheus/pkg/textparse/promlex.l b/vendor/github.com/prometheus/prometheus/model/textparse/promlex.l
similarity index 100%
rename from vendor/github.com/prometheus/prometheus/pkg/textparse/promlex.l
rename to vendor/github.com/prometheus/prometheus/model/textparse/promlex.l
diff --git a/vendor/github.com/prometheus/prometheus/pkg/textparse/promlex.l.go b/vendor/github.com/prometheus/prometheus/model/textparse/promlex.l.go
similarity index 100%
rename from vendor/github.com/prometheus/prometheus/pkg/textparse/promlex.l.go
rename to vendor/github.com/prometheus/prometheus/model/textparse/promlex.l.go
diff --git a/vendor/github.com/prometheus/prometheus/pkg/textparse/promparse.go b/vendor/github.com/prometheus/prometheus/model/textparse/promparse.go
similarity index 98%
rename from vendor/github.com/prometheus/prometheus/pkg/textparse/promparse.go
rename to vendor/github.com/prometheus/prometheus/model/textparse/promparse.go
index 3c885af0ba6..8dc23a6b01d 100644
--- a/vendor/github.com/prometheus/prometheus/pkg/textparse/promparse.go
+++ b/vendor/github.com/prometheus/prometheus/model/textparse/promparse.go
@@ -28,9 +28,9 @@ import (
 
 	"github.com/pkg/errors"
 
-	"github.com/prometheus/prometheus/pkg/exemplar"
-	"github.com/prometheus/prometheus/pkg/labels"
-	"github.com/prometheus/prometheus/pkg/value"
+	"github.com/prometheus/prometheus/model/exemplar"
+	"github.com/prometheus/prometheus/model/labels"
+	"github.com/prometheus/prometheus/model/value"
 )
 
 type promlexer struct {
diff --git a/vendor/github.com/prometheus/prometheus/pkg/textparse/promtestdata.nometa.txt b/vendor/github.com/prometheus/prometheus/model/textparse/promtestdata.nometa.txt
similarity index 100%
rename from vendor/github.com/prometheus/prometheus/pkg/textparse/promtestdata.nometa.txt
rename to vendor/github.com/prometheus/prometheus/model/textparse/promtestdata.nometa.txt
diff --git a/vendor/github.com/prometheus/prometheus/pkg/textparse/promtestdata.txt b/vendor/github.com/prometheus/prometheus/model/textparse/promtestdata.txt
similarity index 100%
rename from vendor/github.com/prometheus/prometheus/pkg/textparse/promtestdata.txt
rename to vendor/github.com/prometheus/prometheus/model/textparse/promtestdata.txt
diff --git a/vendor/github.com/prometheus/prometheus/pkg/timestamp/timestamp.go b/vendor/github.com/prometheus/prometheus/model/timestamp/timestamp.go
similarity index 100%
rename from vendor/github.com/prometheus/prometheus/pkg/timestamp/timestamp.go
rename to vendor/github.com/prometheus/prometheus/model/timestamp/timestamp.go
diff --git a/vendor/github.com/prometheus/prometheus/pkg/value/value.go b/vendor/github.com/prometheus/prometheus/model/value/value.go
similarity index 100%
rename from vendor/github.com/prometheus/prometheus/pkg/value/value.go
rename to vendor/github.com/prometheus/prometheus/model/value/value.go
diff --git a/vendor/github.com/prometheus/prometheus/notifier/notifier.go b/vendor/github.com/prometheus/prometheus/notifier/notifier.go
index 97086d56293..0fca28c3392 100644
--- a/vendor/github.com/prometheus/prometheus/notifier/notifier.go
+++ b/vendor/github.com/prometheus/prometheus/notifier/notifier.go
@@ -41,8 +41,8 @@ import (
 
 	"github.com/prometheus/prometheus/config"
 	"github.com/prometheus/prometheus/discovery/targetgroup"
-	"github.com/prometheus/prometheus/pkg/labels"
-	"github.com/prometheus/prometheus/pkg/relabel"
+	"github.com/prometheus/prometheus/model/labels"
+	"github.com/prometheus/prometheus/model/relabel"
 )
 
 const (
@@ -303,7 +303,6 @@ func (n *Manager) nextBatch() []*Alert {
 
 // Run dispatches notifications continuously.
 func (n *Manager) Run(tsets <-chan map[string][]*targetgroup.Group) {
-
 	for {
 		select {
 		case <-n.ctx.Done():
@@ -602,7 +601,7 @@ func (n *Manager) Stop() {
 	n.cancel()
 }
 
-// alertmanager holds Alertmanager endpoint information.
+// Alertmanager holds Alertmanager endpoint information.
 type alertmanager interface {
 	url() *url.URL
 }
@@ -654,7 +653,7 @@ func (s *alertmanagerSet) sync(tgs []*targetgroup.Group) {
 	allDroppedAms := []alertmanager{}
 
 	for _, tg := range tgs {
-		ams, droppedAms, err := alertmanagerFromGroup(tg, s.cfg)
+		ams, droppedAms, err := AlertmanagerFromGroup(tg, s.cfg)
 		if err != nil {
 			level.Error(s.logger).Log("msg", "Creating discovered Alertmanagers failed", "err", err)
 			continue
@@ -691,9 +690,9 @@ func postPath(pre string, v config.AlertmanagerAPIVersion) string {
 	return path.Join("/", pre, alertPushEndpoint)
 }
 
-// alertmanagerFromGroup extracts a list of alertmanagers from a target group
+// AlertmanagerFromGroup extracts a list of alertmanagers from a target group
 // and an associated AlertmanagerConfig.
-func alertmanagerFromGroup(tg *targetgroup.Group, cfg *config.AlertmanagerConfig) ([]alertmanager, []alertmanager, error) {
+func AlertmanagerFromGroup(tg *targetgroup.Group, cfg *config.AlertmanagerConfig) ([]alertmanager, []alertmanager, error) {
 	var res []alertmanager
 	var droppedAlertManagers []alertmanager
 
diff --git a/vendor/github.com/prometheus/prometheus/promql/engine.go b/vendor/github.com/prometheus/prometheus/promql/engine.go
index e5dbcd2d771..907800be47f 100644
--- a/vendor/github.com/prometheus/prometheus/promql/engine.go
+++ b/vendor/github.com/prometheus/prometheus/promql/engine.go
@@ -35,9 +35,9 @@ import (
 	"github.com/prometheus/common/model"
 	"github.com/uber/jaeger-client-go"
 
-	"github.com/prometheus/prometheus/pkg/labels"
-	"github.com/prometheus/prometheus/pkg/timestamp"
-	"github.com/prometheus/prometheus/pkg/value"
+	"github.com/prometheus/prometheus/model/labels"
+	"github.com/prometheus/prometheus/model/timestamp"
+	"github.com/prometheus/prometheus/model/value"
 	"github.com/prometheus/prometheus/promql/parser"
 	"github.com/prometheus/prometheus/storage"
 	"github.com/prometheus/prometheus/util/stats"
@@ -87,12 +87,15 @@ type (
 func (e ErrQueryTimeout) Error() string {
 	return fmt.Sprintf("query timed out in %s", string(e))
 }
+
 func (e ErrQueryCanceled) Error() string {
 	return fmt.Sprintf("query was canceled in %s", string(e))
 }
+
 func (e ErrTooManySamples) Error() string {
 	return fmt.Sprintf("query processing would load too many samples into memory in %s", string(e))
 }
+
 func (e ErrStorage) Error() string {
 	return e.Err.Error()
 }
@@ -402,8 +405,10 @@ func (ng *Engine) newQuery(q storage.Queryable, expr parser.Expr, start, end tim
 	return qry, nil
 }
 
-var ErrValidationAtModifierDisabled = errors.New("@ modifier is disabled")
-var ErrValidationNegativeOffsetDisabled = errors.New("negative offset is disabled")
+var (
+	ErrValidationAtModifierDisabled     = errors.New("@ modifier is disabled")
+	ErrValidationNegativeOffsetDisabled = errors.New("negative offset is disabled")
+)
 
 func (ng *Engine) validateOpts(expr parser.Expr) error {
 	if ng.enableAtModifier && ng.enableNegativeOffset {
@@ -1175,7 +1180,9 @@ func (ev *evaluator) eval(expr parser.Expr) (parser.Value, storage.Warnings) {
 		}
 
 		unwrapParenExpr(&e.Param)
-		if s, ok := unwrapStepInvariantExpr(e.Param).(*parser.StringLiteral); ok {
+		param := unwrapStepInvariantExpr(e.Param)
+		unwrapParenExpr(&param)
+		if s, ok := param.(*parser.StringLiteral); ok {
 			return ev.rangeEval(initSeries, func(v []parser.Value, sh [][]EvalSeriesHelper, enh *EvalNodeHelper) (Vector, storage.Warnings) {
 				return ev.aggregation(e.Op, sortedGrouping, e.Without, s.Val, v[0].(Vector), sh[0], enh), nil
 			}, e.Expr)
@@ -1197,6 +1204,7 @@ func (ev *evaluator) eval(expr parser.Expr) (parser.Value, storage.Warnings) {
 			// a vector selector.
 			unwrapParenExpr(&e.Args[0])
 			arg := unwrapStepInvariantExpr(e.Args[0])
+			unwrapParenExpr(&arg)
 			vs, ok := arg.(*parser.VectorSelector)
 			if ok {
 				return ev.rangeEval(nil, func(v []parser.Value, _ [][]EvalSeriesHelper, enh *EvalNodeHelper) (Vector, storage.Warnings) {
@@ -1220,6 +1228,7 @@ func (ev *evaluator) eval(expr parser.Expr) (parser.Value, storage.Warnings) {
 		for i := range e.Args {
 			unwrapParenExpr(&e.Args[i])
 			a := unwrapStepInvariantExpr(e.Args[i])
+			unwrapParenExpr(&a)
 			if _, ok := a.(*parser.MatrixSelector); ok {
 				matrixArgIndex = i
 				matrixArg = true
@@ -1262,7 +1271,10 @@ func (ev *evaluator) eval(expr parser.Expr) (parser.Value, storage.Warnings) {
 			}
 		}
 
-		sel := unwrapStepInvariantExpr(e.Args[matrixArgIndex]).(*parser.MatrixSelector)
+		unwrapParenExpr(&e.Args[matrixArgIndex])
+		arg := unwrapStepInvariantExpr(e.Args[matrixArgIndex])
+		unwrapParenExpr(&arg)
+		sel := arg.(*parser.MatrixSelector)
 		selVS := sel.VectorSelector.(*parser.VectorSelector)
 
 		ws, err := checkAndExpandSeriesSet(ev.ctx, sel)
@@ -1792,9 +1804,11 @@ func (ev *evaluator) VectorOr(lhs, rhs Vector, matching *parser.VectorMatching,
 		panic("set operations must only use many-to-many matching")
 	}
 	if len(lhs) == 0 { // Short-circuit.
-		return rhs
+		enh.Out = append(enh.Out, rhs...)
+		return enh.Out
 	} else if len(rhs) == 0 {
-		return lhs
+		enh.Out = append(enh.Out, lhs...)
+		return enh.Out
 	}
 
 	leftSigs := map[string]struct{}{}
@@ -1819,7 +1833,8 @@ func (ev *evaluator) VectorUnless(lhs, rhs Vector, matching *parser.VectorMatchi
 	// Short-circuit: empty rhs means we will return everything in lhs;
 	// empty lhs means we will return empty - don't need to build a map.
 	if len(lhs) == 0 || len(rhs) == 0 {
-		return lhs
+		enh.Out = append(enh.Out, lhs...)
+		return enh.Out
 	}
 
 	rightSigs := map[string]struct{}{}
@@ -2085,6 +2100,8 @@ func scalarBinop(op parser.ItemType, lhs, rhs float64) float64 {
 		return btos(lhs >= rhs)
 	case parser.LTE:
 		return btos(lhs <= rhs)
+	case parser.ATAN2:
+		return math.Atan2(lhs, rhs)
 	}
 	panic(errors.Errorf("operator %q not allowed for Scalar operations", op))
 }
@@ -2134,8 +2151,8 @@ type groupedAggregation struct {
 // aggregation evaluates an aggregation operation on a Vector. The provided grouping labels
 // must be sorted.
 func (ev *evaluator) aggregation(op parser.ItemType, grouping []string, without bool, param interface{}, vec Vector, seriesHelper []EvalSeriesHelper, enh *EvalNodeHelper) Vector {
-
 	result := map[uint64]*groupedAggregation{}
+	orderedResult := []*groupedAggregation{}
 	var k int64
 	if op == parser.TOPK || op == parser.BOTTOMK {
 		f := param.(float64)
@@ -2204,12 +2221,16 @@ func (ev *evaluator) aggregation(op parser.ItemType, grouping []string, without
 			} else {
 				m = metric.WithLabels(grouping...)
 			}
-			result[groupingKey] = &groupedAggregation{
+			newAgg := &groupedAggregation{
 				labels:     m,
 				value:      s.V,
 				mean:       s.V,
 				groupCount: 1,
 			}
+
+			result[groupingKey] = newAgg
+			orderedResult = append(orderedResult, newAgg)
+
 			inputVecLen := int64(len(vec))
 			resultSize := k
 			if k > inputVecLen {
@@ -2331,7 +2352,7 @@ func (ev *evaluator) aggregation(op parser.ItemType, grouping []string, without
 	}
 
 	// Construct the result Vector from the aggregated groups.
-	for _, aggr := range result {
+	for _, aggr := range orderedResult {
 		switch op {
 		case parser.AVG:
 			aggr.value = aggr.mean
@@ -2499,7 +2520,6 @@ func preprocessExprHelper(expr parser.Expr, start, end time.Time) bool {
 		}
 
 		if isStepInvariant {
-
 			// The function and all arguments are step invariant.
 			return true
 		}
@@ -2545,12 +2565,6 @@ func preprocessExprHelper(expr parser.Expr, start, end time.Time) bool {
 }
 
 func newStepInvariantExpr(expr parser.Expr) parser.Expr {
-	if e, ok := expr.(*parser.ParenExpr); ok {
-		// Wrapping the inside of () makes it easy to unwrap the paren later.
-		// But this effectively unwraps the paren.
-		return newStepInvariantExpr(e.Expr)
-
-	}
 	return &parser.StepInvariantExpr{Expr: expr}
 }
 
diff --git a/vendor/github.com/prometheus/prometheus/promql/functions.go b/vendor/github.com/prometheus/prometheus/promql/functions.go
index 50594503dcc..fbafc7864f4 100644
--- a/vendor/github.com/prometheus/prometheus/promql/functions.go
+++ b/vendor/github.com/prometheus/prometheus/promql/functions.go
@@ -24,7 +24,7 @@ import (
 	"github.com/pkg/errors"
 	"github.com/prometheus/common/model"
 
-	"github.com/prometheus/prometheus/pkg/labels"
+	"github.com/prometheus/prometheus/model/labels"
 	"github.com/prometheus/prometheus/promql/parser"
 )
 
@@ -56,7 +56,7 @@ func funcTime(vals []parser.Value, args parser.Expressions, enh *EvalNodeHelper)
 // It calculates the rate (allowing for counter resets if isCounter is true),
 // extrapolates if the first/last sample is close to the boundary, and returns
 // the result as either per-second (if isRate is true) or overall.
-func extrapolatedRate(vals []parser.Value, args parser.Expressions, enh *EvalNodeHelper, isCounter bool, isRate bool) Vector {
+func extrapolatedRate(vals []parser.Value, args parser.Expressions, enh *EvalNodeHelper, isCounter, isRate bool) Vector {
 	ms := args[0].(*parser.MatrixSelector)
 	vs := ms.VectorSelector.(*parser.VectorSelector)
 	var (
@@ -367,7 +367,7 @@ func aggrOverTime(vals []parser.Value, enh *EvalNodeHelper, aggrFn func([]Point)
 // === avg_over_time(Matrix parser.ValueTypeMatrix) Vector ===
 func funcAvgOverTime(vals []parser.Value, args parser.Expressions, enh *EvalNodeHelper) Vector {
 	return aggrOverTime(vals, enh, func(values []Point) float64 {
-		var mean, count float64
+		var mean, count, c float64
 		for _, v := range values {
 			count++
 			if math.IsInf(mean, 0) {
@@ -387,9 +387,13 @@ func funcAvgOverTime(vals []parser.Value, args parser.Expressions, enh *EvalNode
 					continue
 				}
 			}
-			mean += v.V/count - mean/count
+			mean, c = kahanSumInc(v.V/count-mean/count, mean, c)
 		}
-		return mean
+
+		if math.IsInf(mean, 0) {
+			return mean
+		}
+		return mean + c
 	})
 }
 
@@ -439,11 +443,14 @@ func funcMinOverTime(vals []parser.Value, args parser.Expressions, enh *EvalNode
 // === sum_over_time(Matrix parser.ValueTypeMatrix) Vector ===
 func funcSumOverTime(vals []parser.Value, args parser.Expressions, enh *EvalNodeHelper) Vector {
 	return aggrOverTime(vals, enh, func(values []Point) float64 {
-		var sum float64
+		var sum, c float64
 		for _, v := range values {
-			sum += v.V
+			sum, c = kahanSumInc(v.V, sum, c)
+		}
+		if math.IsInf(sum, 0) {
+			return sum
 		}
-		return sum
+		return sum + c
 	})
 }
 
@@ -464,28 +471,32 @@ func funcQuantileOverTime(vals []parser.Value, args parser.Expressions, enh *Eva
 // === stddev_over_time(Matrix parser.ValueTypeMatrix) Vector ===
 func funcStddevOverTime(vals []parser.Value, args parser.Expressions, enh *EvalNodeHelper) Vector {
 	return aggrOverTime(vals, enh, func(values []Point) float64 {
-		var aux, count, mean float64
+		var count float64
+		var mean, cMean float64
+		var aux, cAux float64
 		for _, v := range values {
 			count++
-			delta := v.V - mean
-			mean += delta / count
-			aux += delta * (v.V - mean)
+			delta := v.V - (mean + cMean)
+			mean, cMean = kahanSumInc(delta/count, mean, cMean)
+			aux, cAux = kahanSumInc(delta*(v.V-(mean+cMean)), aux, cAux)
 		}
-		return math.Sqrt(aux / count)
+		return math.Sqrt((aux + cAux) / count)
 	})
 }
 
 // === stdvar_over_time(Matrix parser.ValueTypeMatrix) Vector ===
 func funcStdvarOverTime(vals []parser.Value, args parser.Expressions, enh *EvalNodeHelper) Vector {
 	return aggrOverTime(vals, enh, func(values []Point) float64 {
-		var aux, count, mean float64
+		var count float64
+		var mean, cMean float64
+		var aux, cAux float64
 		for _, v := range values {
 			count++
-			delta := v.V - mean
-			mean += delta / count
-			aux += delta * (v.V - mean)
+			delta := v.V - (mean + cMean)
+			mean, cMean = kahanSumInc(delta/count, mean, cMean)
+			aux, cAux = kahanSumInc(delta*(v.V-(mean+cMean)), aux, cAux)
 		}
-		return aux / count
+		return (aux + cAux) / count
 	})
 }
 
@@ -675,23 +686,64 @@ func funcTimestamp(vals []parser.Value, args parser.Expressions, enh *EvalNodeHe
 	return enh.Out
 }
 
+func kahanSum(samples []float64) float64 {
+	var sum, c float64
+
+	for _, v := range samples {
+		sum, c = kahanSumInc(v, sum, c)
+	}
+	return sum + c
+}
+
+func kahanSumInc(inc, sum, c float64) (newSum, newC float64) {
+	t := sum + inc
+	// Using Neumaier improvement, swap if next term larger than sum.
+	if math.Abs(sum) >= math.Abs(inc) {
+		c += (sum - t) + inc
+	} else {
+		c += (inc - t) + sum
+	}
+	return t, c
+}
+
 // linearRegression performs a least-square linear regression analysis on the
 // provided SamplePairs. It returns the slope, and the intercept value at the
 // provided time.
 func linearRegression(samples []Point, interceptTime int64) (slope, intercept float64) {
 	var (
-		n            float64
-		sumX, sumY   float64
-		sumXY, sumX2 float64
+		n          float64
+		sumX, cX   float64
+		sumY, cY   float64
+		sumXY, cXY float64
+		sumX2, cX2 float64
+		initY      float64
+		constY     bool
 	)
-	for _, sample := range samples {
-		x := float64(sample.T-interceptTime) / 1e3
+	initY = samples[0].V
+	constY = true
+	for i, sample := range samples {
+		// Set constY to false if any new y values are encountered.
+		if constY && i > 0 && sample.V != initY {
+			constY = false
+		}
 		n += 1.0
-		sumY += sample.V
-		sumX += x
-		sumXY += x * sample.V
-		sumX2 += x * x
+		x := float64(sample.T-interceptTime) / 1e3
+		sumX, cX = kahanSumInc(x, sumX, cX)
+		sumY, cY = kahanSumInc(sample.V, sumY, cY)
+		sumXY, cXY = kahanSumInc(x*sample.V, sumXY, cXY)
+		sumX2, cX2 = kahanSumInc(x*x, sumX2, cX2)
+	}
+	if constY {
+		if math.IsInf(initY, 0) {
+			return math.NaN(), math.NaN()
+		}
+		return 0, initY
 	}
+	sumX = sumX + cX
+	sumY = sumY + cY
+	sumXY = sumXY + cXY
+	sumX2 = sumX2 + cX2
+
 	covXY := sumXY - sumX*sumY/n
 	varX := sumX2 - sumX*sumX/n
 
@@ -1188,5 +1240,7 @@ func createLabelsForAbsentFunction(expr parser.Expr) labels.Labels {
 }
 
 func stringFromArg(e parser.Expr) string {
-	return unwrapStepInvariantExpr(e).(*parser.StringLiteral).Val
+	tmp := unwrapStepInvariantExpr(e) // Unwrap StepInvariant
+	unwrapParenExpr(&tmp)             // Optionally unwrap ParenExpr
+	return tmp.(*parser.StringLiteral).Val
 }
diff --git a/vendor/github.com/prometheus/prometheus/promql/fuzz.go b/vendor/github.com/prometheus/prometheus/promql/fuzz.go
index b34fbbc669f..7aaebdd6bc4 100644
--- a/vendor/github.com/prometheus/prometheus/promql/fuzz.go
+++ b/vendor/github.com/prometheus/prometheus/promql/fuzz.go
@@ -20,7 +20,7 @@ package promql
 import (
 	"io"
 
-	"github.com/prometheus/prometheus/pkg/textparse"
+	"github.com/prometheus/prometheus/model/textparse"
 	"github.com/prometheus/prometheus/promql/parser"
 )
 
diff --git a/vendor/github.com/prometheus/prometheus/promql/parser/ast.go b/vendor/github.com/prometheus/prometheus/promql/parser/ast.go
index 77624256408..fc144cbbc4a 100644
--- a/vendor/github.com/prometheus/prometheus/promql/parser/ast.go
+++ b/vendor/github.com/prometheus/prometheus/promql/parser/ast.go
@@ -19,7 +19,7 @@ import (
 
 	"github.com/pkg/errors"
 
-	"github.com/prometheus/prometheus/pkg/labels"
+	"github.com/prometheus/prometheus/model/labels"
 	"github.com/prometheus/prometheus/storage"
 )
 
@@ -407,7 +407,7 @@ type PositionRange struct {
 // mergeRanges is a helper function to merge the PositionRanges of two Nodes.
 // Note that the arguments must be in the same order as they
 // occur in the input string.
-func mergeRanges(first Node, last Node) PositionRange {
+func mergeRanges(first, last Node) PositionRange {
 	return PositionRange{
 		Start: first.PositionRange().Start,
 		End:   last.PositionRange().End,
@@ -426,15 +426,19 @@ func (i *Item) PositionRange() PositionRange {
 func (e *AggregateExpr) PositionRange() PositionRange {
 	return e.PosRange
 }
+
 func (e *BinaryExpr) PositionRange() PositionRange {
 	return mergeRanges(e.LHS, e.RHS)
 }
+
 func (e *Call) PositionRange() PositionRange {
 	return e.PosRange
 }
+
 func (e *EvalStmt) PositionRange() PositionRange {
 	return e.Expr.PositionRange()
 }
+
 func (e Expressions) PositionRange() PositionRange {
 	if len(e) == 0 {
 		// Position undefined.
@@ -445,33 +449,40 @@ func (e Expressions) PositionRange() PositionRange {
 	}
 	return mergeRanges(e[0], e[len(e)-1])
 }
+
 func (e *MatrixSelector) PositionRange() PositionRange {
 	return PositionRange{
 		Start: e.VectorSelector.PositionRange().Start,
 		End:   e.EndPos,
 	}
 }
+
 func (e *SubqueryExpr) PositionRange() PositionRange {
 	return PositionRange{
 		Start: e.Expr.PositionRange().Start,
 		End:   e.EndPos,
 	}
 }
+
 func (e *NumberLiteral) PositionRange() PositionRange {
 	return e.PosRange
 }
+
 func (e *ParenExpr) PositionRange() PositionRange {
 	return e.PosRange
 }
+
 func (e *StringLiteral) PositionRange() PositionRange {
 	return e.PosRange
 }
+
 func (e *UnaryExpr) PositionRange() PositionRange {
 	return PositionRange{
 		Start: e.StartPos,
 		End:   e.Expr.PositionRange().End,
 	}
 }
+
 func (e *VectorSelector) PositionRange() PositionRange {
 	return e.PosRange
 }
diff --git a/vendor/github.com/prometheus/prometheus/promql/parser/generated_parser.y b/vendor/github.com/prometheus/prometheus/promql/parser/generated_parser.y
index fcf504aca5e..433f45259c9 100644
--- a/vendor/github.com/prometheus/prometheus/promql/parser/generated_parser.y
+++ b/vendor/github.com/prometheus/prometheus/promql/parser/generated_parser.y
@@ -20,8 +20,8 @@ import (
         "strconv"
         "time"
 
-        "github.com/prometheus/prometheus/pkg/labels"
-        "github.com/prometheus/prometheus/pkg/value"
+        "github.com/prometheus/prometheus/model/labels"
+        "github.com/prometheus/prometheus/model/value"
 )
 %}
 
diff --git a/vendor/github.com/prometheus/prometheus/promql/parser/generated_parser.y.go b/vendor/github.com/prometheus/prometheus/promql/parser/generated_parser.y.go
index 71614913a0c..87f25f024e6 100644
--- a/vendor/github.com/prometheus/prometheus/promql/parser/generated_parser.y.go
+++ b/vendor/github.com/prometheus/prometheus/promql/parser/generated_parser.y.go
@@ -13,8 +13,8 @@ import (
 	"strconv"
 	"time"
 
-	"github.com/prometheus/prometheus/pkg/labels"
-	"github.com/prometheus/prometheus/pkg/value"
+	"github.com/prometheus/prometheus/model/labels"
+	"github.com/prometheus/prometheus/model/value"
 )
 
 //line promql/parser/generated_parser.y:28
@@ -33,82 +33,84 @@ type yySymType struct {
 	duration time.Duration
 }
 
-const EQL = 57346
-const BLANK = 57347
-const COLON = 57348
-const COMMA = 57349
-const COMMENT = 57350
-const DURATION = 57351
-const EOF = 57352
-const ERROR = 57353
-const IDENTIFIER = 57354
-const LEFT_BRACE = 57355
-const LEFT_BRACKET = 57356
-const LEFT_PAREN = 57357
-const METRIC_IDENTIFIER = 57358
-const NUMBER = 57359
-const RIGHT_BRACE = 57360
-const RIGHT_BRACKET = 57361
-const RIGHT_PAREN = 57362
-const SEMICOLON = 57363
-const SPACE = 57364
-const STRING = 57365
-const TIMES = 57366
-const operatorsStart = 57367
-const ADD = 57368
-const DIV = 57369
-const EQLC = 57370
-const EQL_REGEX = 57371
-const GTE = 57372
-const GTR = 57373
-const LAND = 57374
-const LOR = 57375
-const LSS = 57376
-const LTE = 57377
-const LUNLESS = 57378
-const MOD = 57379
-const MUL = 57380
-const NEQ = 57381
-const NEQ_REGEX = 57382
-const POW = 57383
-const SUB = 57384
-const AT = 57385
-const ATAN2 = 57386
-const operatorsEnd = 57387
-const aggregatorsStart = 57388
-const AVG = 57389
-const BOTTOMK = 57390
-const COUNT = 57391
-const COUNT_VALUES = 57392
-const GROUP = 57393
-const MAX = 57394
-const MIN = 57395
-const QUANTILE = 57396
-const STDDEV = 57397
-const STDVAR = 57398
-const SUM = 57399
-const TOPK = 57400
-const aggregatorsEnd = 57401
-const keywordsStart = 57402
-const BOOL = 57403
-const BY = 57404
-const GROUP_LEFT = 57405
-const GROUP_RIGHT = 57406
-const IGNORING = 57407
-const OFFSET = 57408
-const ON = 57409
-const WITHOUT = 57410
-const keywordsEnd = 57411
-const preprocessorStart = 57412
-const START = 57413
-const END = 57414
-const preprocessorEnd = 57415
-const startSymbolsStart = 57416
-const START_METRIC = 57417
-const START_SERIES_DESCRIPTION = 57418
-const START_EXPRESSION = 57419
-const START_METRIC_SELECTOR = 57420
-const startSymbolsEnd = 57421
+const (
+	EQL                      = 57346
+	BLANK                    = 57347
+	COLON                    = 57348
+	COMMA                    = 57349
+	COMMENT                  = 57350
+	DURATION                 = 57351
+	EOF                      = 57352
+	ERROR                    = 57353
+	IDENTIFIER               = 57354
+	LEFT_BRACE               = 57355
+	LEFT_BRACKET             = 57356
+	LEFT_PAREN               = 57357
+	METRIC_IDENTIFIER        = 57358
+	NUMBER                   = 57359
+	RIGHT_BRACE              = 57360
+	RIGHT_BRACKET            = 57361
+	RIGHT_PAREN              = 57362
+	SEMICOLON                = 57363
+	SPACE                    = 57364
+	STRING                   = 57365
+	TIMES                    = 57366
+	operatorsStart           = 57367
+	ADD                      = 57368
+	DIV                      = 57369
+	EQLC                     = 57370
+	EQL_REGEX                = 57371
+	GTE                      = 57372
+	GTR                      = 57373
+	LAND                     = 57374
+	LOR                      = 57375
+	LSS                      = 57376
+	LTE                      = 57377
+	LUNLESS                  = 57378
+	MOD                      = 57379
+	MUL                      = 57380
+	NEQ                      = 57381
+	NEQ_REGEX                = 57382
+	POW                      = 57383
+	SUB                      = 57384
+	AT                       = 57385
+	ATAN2                    = 57386
+	operatorsEnd             = 57387
+	aggregatorsStart         = 57388
+	AVG                      = 57389
+	BOTTOMK                  = 57390
+	COUNT                    = 57391
+	COUNT_VALUES             = 57392
+	GROUP                    = 57393
+	MAX                      = 57394
+	MIN                      = 57395
+	QUANTILE                 = 57396
+	STDDEV                   = 57397
+	STDVAR                   = 57398
+	SUM                      = 57399
+	TOPK                     = 57400
+	aggregatorsEnd           = 57401
+	keywordsStart            = 57402
+	BOOL                     = 57403
+	BY                       = 57404
+	GROUP_LEFT               = 57405
+	GROUP_RIGHT              = 57406
+	IGNORING                 = 57407
+	OFFSET                   = 57408
+	ON                       = 57409
+	WITHOUT                  = 57410
+	keywordsEnd              = 57411
+	preprocessorStart        = 57412
+	START                    = 57413
+	END                      = 57414
+	preprocessorEnd          = 57415
+	startSymbolsStart        = 57416
+	START_METRIC             = 57417
+	START_SERIES_DESCRIPTION = 57418
+	START_EXPRESSION         = 57419
+	START_METRIC_SELECTOR    = 57420
+	startSymbolsEnd          = 57421
+)
 
 var yyToknames = [...]string{
 	"$end",
@@ -194,9 +196,11 @@ var yyToknames = [...]string{
 
 var yyStatenames = [...]string{}
 
-const yyEofCode = 1
-const yyErrCode = 2
-const yyInitialStackSize = 16
+const (
+	yyEofCode          = 1
+	yyErrCode          = 2
+	yyInitialStackSize = 16
+)
 
 //line promql/parser/generated_parser.y:749
 
diff --git a/vendor/github.com/prometheus/prometheus/promql/parser/parse.go b/vendor/github.com/prometheus/prometheus/promql/parser/parse.go
index edecfc0e9bb..5b60c5ed518 100644
--- a/vendor/github.com/prometheus/prometheus/promql/parser/parse.go
+++ b/vendor/github.com/prometheus/prometheus/promql/parser/parse.go
@@ -26,8 +26,8 @@ import (
 	"github.com/pkg/errors"
 	"github.com/prometheus/common/model"
 
-	"github.com/prometheus/prometheus/pkg/labels"
-	"github.com/prometheus/prometheus/pkg/timestamp"
+	"github.com/prometheus/prometheus/model/labels"
+	"github.com/prometheus/prometheus/model/timestamp"
 	"github.com/prometheus/prometheus/util/strutil"
 )
 
@@ -241,7 +241,7 @@ func (p *parser) addParseErr(positionRange PositionRange, err error) {
 // unexpected creates a parser error complaining about an unexpected lexer item.
 // The item that is presented as unexpected is always the last item produced
 // by the lexer.
-func (p *parser) unexpected(context string, expected string) {
+func (p *parser) unexpected(context, expected string) {
 	var errMsg strings.Builder
 
 	// Do not report lexer errors twice
@@ -354,7 +354,8 @@ func (p *parser) InjectItem(typ ItemType) {
 	p.inject = typ
 	p.injecting = true
 }
-func (p *parser) newBinaryExpression(lhs Node, op Item, modifiers Node, rhs Node) *BinaryExpr {
+
+func (p *parser) newBinaryExpression(lhs Node, op Item, modifiers, rhs Node) *BinaryExpr {
 	ret := modifiers.(*BinaryExpr)
 
 	ret.LHS = lhs.(Expr)
@@ -374,7 +375,7 @@ func (p *parser) assembleVectorSelector(vs *VectorSelector) {
 	}
 }
 
-func (p *parser) newAggregateExpr(op Item, modifier Node, args Node) (ret *AggregateExpr) {
+func (p *parser) newAggregateExpr(op Item, modifier, args Node) (ret *AggregateExpr) {
 	ret = modifier.(*AggregateExpr)
 	arguments := args.(Expressions)
 
@@ -650,10 +651,9 @@ func (p *parser) parseGenerated(startSymbol ItemType) interface{} {
 	p.yyParser.Parse(p)
 
 	return p.generatedParserResult
-
 }
 
-func (p *parser) newLabelMatcher(label Item, operator Item, value Item) *labels.Matcher {
+func (p *parser) newLabelMatcher(label, operator, value Item) *labels.Matcher {
 	op := operator.Typ
 	val := p.unquoteString(value.Val)
 
diff --git a/vendor/github.com/prometheus/prometheus/promql/parser/printer.go b/vendor/github.com/prometheus/prometheus/promql/parser/printer.go
index f5cfe789b1a..b21444cbf8d 100644
--- a/vendor/github.com/prometheus/prometheus/promql/parser/printer.go
+++ b/vendor/github.com/prometheus/prometheus/promql/parser/printer.go
@@ -21,7 +21,7 @@ import (
 
 	"github.com/prometheus/common/model"
 
-	"github.com/prometheus/prometheus/pkg/labels"
+	"github.com/prometheus/prometheus/model/labels"
 )
 
 // Tree returns a string of the tree structure of the given node.
diff --git a/vendor/github.com/prometheus/prometheus/promql/quantile.go b/vendor/github.com/prometheus/prometheus/promql/quantile.go
index a25f8917c98..e2de98840c0 100644
--- a/vendor/github.com/prometheus/prometheus/promql/quantile.go
+++ b/vendor/github.com/prometheus/prometheus/promql/quantile.go
@@ -17,7 +17,7 @@ import (
 	"math"
 	"sort"
 
-	"github.com/prometheus/prometheus/pkg/labels"
+	"github.com/prometheus/prometheus/model/labels"
 )
 
 // Helpers to calculate quantiles.
diff --git a/vendor/github.com/prometheus/prometheus/promql/query_logger.go b/vendor/github.com/prometheus/prometheus/promql/query_logger.go
index cf2fbbfcc84..ecf93765cec 100644
--- a/vendor/github.com/prometheus/prometheus/promql/query_logger.go
+++ b/vendor/github.com/prometheus/prometheus/promql/query_logger.go
@@ -81,8 +81,7 @@ func logUnfinishedQueries(filename string, filesize int, logger log.Logger) {
 }
 
 func getMMapedFile(filename string, filesize int, logger log.Logger) ([]byte, error) {
-
-	file, err := os.OpenFile(filename, os.O_CREATE|os.O_RDWR|os.O_TRUNC, 0666)
+	file, err := os.OpenFile(filename, os.O_CREATE|os.O_RDWR|os.O_TRUNC, 0o666)
 	if err != nil {
 		level.Error(logger).Log("msg", "Error opening query log file", "file", filename, "err", err)
 		return nil, err
@@ -104,7 +103,7 @@ func getMMapedFile(filename string, filesize int, logger log.Logger) ([]byte, er
 }
 
 func NewActiveQueryTracker(localStoragePath string, maxConcurrent int, logger log.Logger) *ActiveQueryTracker {
-	err := os.MkdirAll(localStoragePath, 0777)
+	err := os.MkdirAll(localStoragePath, 0o777)
 	if err != nil {
 		level.Error(logger).Log("msg", "Failed to create directory for logging active queries")
 	}
@@ -147,7 +146,6 @@ func trimStringByBytes(str string, size int) string {
 func _newJSONEntry(query string, timestamp int64, logger log.Logger) []byte {
 	entry := Entry{query, timestamp}
 	jsonEntry, err := json.Marshal(entry)
-
 	if err != nil {
 		level.Error(logger).Log("msg", "Cannot create json of query", "query", query)
 		return []byte{}
diff --git a/vendor/github.com/prometheus/prometheus/promql/test.go b/vendor/github.com/prometheus/prometheus/promql/test.go
index d577b25d128..19b2dd8300e 100644
--- a/vendor/github.com/prometheus/prometheus/promql/test.go
+++ b/vendor/github.com/prometheus/prometheus/promql/test.go
@@ -27,9 +27,9 @@ import (
 	"github.com/prometheus/common/model"
 	"github.com/stretchr/testify/require"
 
-	"github.com/prometheus/prometheus/pkg/exemplar"
-	"github.com/prometheus/prometheus/pkg/labels"
-	"github.com/prometheus/prometheus/pkg/timestamp"
+	"github.com/prometheus/prometheus/model/exemplar"
+	"github.com/prometheus/prometheus/model/labels"
+	"github.com/prometheus/prometheus/model/timestamp"
 	"github.com/prometheus/prometheus/promql/parser"
 	"github.com/prometheus/prometheus/storage"
 	"github.com/prometheus/prometheus/tsdb"
diff --git a/vendor/github.com/prometheus/prometheus/promql/value.go b/vendor/github.com/prometheus/prometheus/promql/value.go
index ddcc8a1a402..81af1ad9da8 100644
--- a/vendor/github.com/prometheus/prometheus/promql/value.go
+++ b/vendor/github.com/prometheus/prometheus/promql/value.go
@@ -21,7 +21,7 @@ import (
 
 	"github.com/pkg/errors"
 
-	"github.com/prometheus/prometheus/pkg/labels"
+	"github.com/prometheus/prometheus/model/labels"
 	"github.com/prometheus/prometheus/promql/parser"
 	"github.com/prometheus/prometheus/storage"
 	"github.com/prometheus/prometheus/tsdb/chunkenc"
diff --git a/vendor/github.com/prometheus/prometheus/rules/alerting.go b/vendor/github.com/prometheus/prometheus/rules/alerting.go
index 5e7b8975c81..929f7586df4 100644
--- a/vendor/github.com/prometheus/prometheus/rules/alerting.go
+++ b/vendor/github.com/prometheus/prometheus/rules/alerting.go
@@ -28,9 +28,9 @@ import (
 	"github.com/prometheus/common/model"
 	yaml "gopkg.in/yaml.v2"
 
-	"github.com/prometheus/prometheus/pkg/labels"
-	"github.com/prometheus/prometheus/pkg/rulefmt"
-	"github.com/prometheus/prometheus/pkg/timestamp"
+	"github.com/prometheus/prometheus/model/labels"
+	"github.com/prometheus/prometheus/model/rulefmt"
+	"github.com/prometheus/prometheus/model/timestamp"
 	"github.com/prometheus/prometheus/promql"
 	"github.com/prometheus/prometheus/promql/parser"
 	"github.com/prometheus/prometheus/template"
@@ -291,6 +291,13 @@ func (r *AlertingRule) SetRestored(restored bool) {
 	r.restored = restored
 }
 
+// Restored returns the restoration state of the alerting rule.
+func (r *AlertingRule) Restored() bool {
+	r.mtx.Lock()
+	defer r.mtx.Unlock()
+	return r.restored
+}
+
 // resolvedRetention is the duration for which a resolved alert instance
 // is kept in memory state and consequently repeatedly sent to the AlertManager.
 const resolvedRetention = 15 * time.Minute
@@ -311,7 +318,7 @@ func (r *AlertingRule) Eval(ctx context.Context, ts time.Time, query QueryFunc,
 	resultFPs := map[uint64]struct{}{}
 
 	var vec promql.Vector
-	var alerts = make(map[uint64]*Alert, len(res))
+	alerts := make(map[uint64]*Alert, len(res))
 	for _, smpl := range res {
 		// Provide the alert information to the template.
 		l := make(map[string]string, len(smpl.Metric))
@@ -389,6 +396,7 @@ func (r *AlertingRule) Eval(ctx context.Context, ts time.Time, query QueryFunc,
 		r.active[h] = a
 	}
 
+	var numActivePending int
 	// Check if any pending alerts should be removed or fire now. Write out alert timeseries.
 	for fp, a := range r.active {
 		if _, ok := resultFPs[fp]; !ok {
@@ -403,6 +411,7 @@ func (r *AlertingRule) Eval(ctx context.Context, ts time.Time, query QueryFunc,
 			}
 			continue
 		}
+		numActivePending++
 
 		if a.State == StatePending && ts.Sub(a.ActiveAt) >= r.holdDuration {
 			a.State = StateFiring
@@ -415,10 +424,9 @@ func (r *AlertingRule) Eval(ctx context.Context, ts time.Time, query QueryFunc,
 		}
 	}
 
-	numActive := len(r.active)
-	if limit != 0 && numActive > limit {
+	if limit > 0 && numActivePending > limit {
 		r.active = map[uint64]*Alert{}
-		return nil, errors.Errorf("exceeded limit of %d with %d alerts", limit, numActive)
+		return nil, errors.Errorf("exceeded limit of %d with %d alerts", limit, numActivePending)
 	}
 
 	return vec, nil
@@ -478,7 +486,7 @@ func (r *AlertingRule) ForEachActiveAlert(f func(*Alert)) {
 	}
 }
 
-func (r *AlertingRule) sendAlerts(ctx context.Context, ts time.Time, resendDelay time.Duration, interval time.Duration, notifyFunc NotifyFunc) {
+func (r *AlertingRule) sendAlerts(ctx context.Context, ts time.Time, resendDelay, interval time.Duration, notifyFunc NotifyFunc) {
 	alerts := []*Alert{}
 	r.ForEachActiveAlert(func(alert *Alert) {
 		if alert.needsSending(ts, resendDelay) {
diff --git a/vendor/github.com/prometheus/prometheus/rules/manager.go b/vendor/github.com/prometheus/prometheus/rules/manager.go
index fa8cd6763a2..7499dbfcafe 100644
--- a/vendor/github.com/prometheus/prometheus/rules/manager.go
+++ b/vendor/github.com/prometheus/prometheus/rules/manager.go
@@ -29,10 +29,10 @@ import (
 	"github.com/prometheus/client_golang/prometheus"
 	"github.com/prometheus/common/model"
 
-	"github.com/prometheus/prometheus/pkg/labels"
-	"github.com/prometheus/prometheus/pkg/rulefmt"
-	"github.com/prometheus/prometheus/pkg/timestamp"
-	"github.com/prometheus/prometheus/pkg/value"
+	"github.com/prometheus/prometheus/model/labels"
+	"github.com/prometheus/prometheus/model/rulefmt"
+	"github.com/prometheus/prometheus/model/timestamp"
+	"github.com/prometheus/prometheus/model/value"
 	"github.com/prometheus/prometheus/promql"
 	"github.com/prometheus/prometheus/promql/parser"
 	"github.com/prometheus/prometheus/storage"
@@ -652,7 +652,8 @@ func (g *Group) Eval(ctx context.Context, ts time.Time) {
 						level.Warn(g.logger).Log("msg", "Rule evaluation result discarded", "err", err, "sample", s)
 					}
 				} else {
-					seriesReturned[s.Metric.String()] = s.Metric
+					buf := [1024]byte{}
+					seriesReturned[string(s.Metric.Bytes(buf[:]))] = s.Metric
 				}
 			}
 			if numOutOfOrder > 0 {
@@ -672,7 +673,7 @@ func (g *Group) Eval(ctx context.Context, ts time.Time) {
 						// Do not count these in logging, as this is expected if series
 						// is exposed from a different rule.
 					default:
-						level.Warn(g.logger).Log("msg", "Adding stale sample failed", "sample", metric, "err", err)
+						level.Warn(g.logger).Log("msg", "Adding stale sample failed", "sample", lset.String(), "err", err)
 					}
 				}
 			}
@@ -834,12 +835,10 @@ func (g *Group) RestoreForState(ts time.Time) {
 			level.Debug(g.logger).Log("msg", "'for' state restored",
 				labels.AlertName, alertRule.Name(), "restored_time", a.ActiveAt.Format(time.RFC850),
 				"labels", a.Labels.String())
-
 		})
 
 		alertRule.SetRestored(true)
 	}
-
 }
 
 // Equals return if two groups are the same.
diff --git a/vendor/github.com/prometheus/prometheus/rules/recording.go b/vendor/github.com/prometheus/prometheus/rules/recording.go
index 08a7e37ca36..0681db9a2dd 100644
--- a/vendor/github.com/prometheus/prometheus/rules/recording.go
+++ b/vendor/github.com/prometheus/prometheus/rules/recording.go
@@ -23,8 +23,8 @@ import (
 
 	yaml "gopkg.in/yaml.v2"
 
-	"github.com/prometheus/prometheus/pkg/labels"
-	"github.com/prometheus/prometheus/pkg/rulefmt"
+	"github.com/prometheus/prometheus/model/labels"
+	"github.com/prometheus/prometheus/model/rulefmt"
 	"github.com/prometheus/prometheus/promql"
 	"github.com/prometheus/prometheus/promql/parser"
 	"github.com/prometheus/prometheus/util/strutil"
@@ -99,9 +99,9 @@ func (rule *RecordingRule) Eval(ctx context.Context, ts time.Time, query QueryFu
 		return nil, fmt.Errorf("vector contains metrics with the same labelset after applying rule labels")
 	}
 
-	numSamples := len(vector)
-	if limit != 0 && numSamples > limit {
-		return nil, fmt.Errorf("exceeded limit %d with %d samples", limit, numSamples)
+	numSeries := len(vector)
+	if limit > 0 && numSeries > limit {
+		return nil, fmt.Errorf("exceeded limit of %d with %d series", limit, numSeries)
 	}
 
 	rule.SetHealth(HealthGood)
diff --git a/vendor/github.com/prometheus/prometheus/scrape/manager.go b/vendor/github.com/prometheus/prometheus/scrape/manager.go
index a4a7e5a5060..35d47a86b62 100644
--- a/vendor/github.com/prometheus/prometheus/scrape/manager.go
+++ b/vendor/github.com/prometheus/prometheus/scrape/manager.go
@@ -27,7 +27,7 @@ import (
 
 	"github.com/prometheus/prometheus/config"
 	"github.com/prometheus/prometheus/discovery/targetgroup"
-	"github.com/prometheus/prometheus/pkg/labels"
+	"github.com/prometheus/prometheus/model/labels"
 	"github.com/prometheus/prometheus/storage"
 	"github.com/prometheus/prometheus/util/osutil"
 )
diff --git a/vendor/github.com/prometheus/prometheus/scrape/scrape.go b/vendor/github.com/prometheus/prometheus/scrape/scrape.go
index f3622cf2ea9..e6e55900b01 100644
--- a/vendor/github.com/prometheus/prometheus/scrape/scrape.go
+++ b/vendor/github.com/prometheus/prometheus/scrape/scrape.go
@@ -24,6 +24,7 @@ import (
 	"math"
 	"net/http"
 	"reflect"
+	"sort"
 	"strconv"
 	"sync"
 	"time"
@@ -39,14 +40,14 @@ import (
 
 	"github.com/prometheus/prometheus/config"
 	"github.com/prometheus/prometheus/discovery/targetgroup"
-	"github.com/prometheus/prometheus/pkg/exemplar"
-	"github.com/prometheus/prometheus/pkg/labels"
-	"github.com/prometheus/prometheus/pkg/pool"
-	"github.com/prometheus/prometheus/pkg/relabel"
-	"github.com/prometheus/prometheus/pkg/textparse"
-	"github.com/prometheus/prometheus/pkg/timestamp"
-	"github.com/prometheus/prometheus/pkg/value"
+	"github.com/prometheus/prometheus/model/exemplar"
+	"github.com/prometheus/prometheus/model/labels"
+	"github.com/prometheus/prometheus/model/relabel"
+	"github.com/prometheus/prometheus/model/textparse"
+	"github.com/prometheus/prometheus/model/timestamp"
+	"github.com/prometheus/prometheus/model/value"
 	"github.com/prometheus/prometheus/storage"
+	"github.com/prometheus/prometheus/util/pool"
 )
 
 // ScrapeTimestampTolerance is the tolerance for scrape appends timestamps
@@ -263,7 +264,7 @@ const maxAheadTime = 10 * time.Minute
 
 type labelsMutator func(labels.Labels) labels.Labels
 
-func newScrapePool(cfg *config.ScrapeConfig, app storage.Appendable, jitterSeed uint64, logger log.Logger, reportScrapeTimeout bool) (*scrapePool, error) {
+func newScrapePool(cfg *config.ScrapeConfig, app storage.Appendable, jitterSeed uint64, logger log.Logger, reportExtraMetrics bool) (*scrapePool, error) {
 	targetScrapePools.Inc()
 	if logger == nil {
 		logger = log.NewNopLogger()
@@ -312,7 +313,7 @@ func newScrapePool(cfg *config.ScrapeConfig, app storage.Appendable, jitterSeed
 			opts.labelLimits,
 			opts.interval,
 			opts.timeout,
-			reportScrapeTimeout,
+			reportExtraMetrics,
 		)
 	}
 
@@ -471,7 +472,7 @@ func (sp *scrapePool) Sync(tgs []*targetgroup.Group) {
 	var all []*Target
 	sp.droppedTargets = []*Target{}
 	for _, tg := range tgs {
-		targets, failures := targetsFromGroup(tg, sp.config)
+		targets, failures := TargetsFromGroup(tg, sp.config)
 		for _, err := range failures {
 			level.Error(sp.logger).Log("msg", "Creating target failed", "err", err)
 		}
@@ -640,23 +641,28 @@ func verifyLabelLimits(lset labels.Labels, limits *labelLimits) error {
 
 func mutateSampleLabels(lset labels.Labels, target *Target, honor bool, rc []*relabel.Config) labels.Labels {
 	lb := labels.NewBuilder(lset)
+	targetLabels := target.Labels()
 
 	if honor {
-		for _, l := range target.Labels() {
+		for _, l := range targetLabels {
 			if !lset.Has(l.Name) {
 				lb.Set(l.Name, l.Value)
 			}
 		}
 	} else {
-		for _, l := range target.Labels() {
-			// existingValue will be empty if l.Name doesn't exist.
+		var conflictingExposedLabels labels.Labels
+		for _, l := range targetLabels {
 			existingValue := lset.Get(l.Name)
 			if existingValue != "" {
-				lb.Set(model.ExportedLabelPrefix+l.Name, existingValue)
+				conflictingExposedLabels = append(conflictingExposedLabels, labels.Label{Name: l.Name, Value: existingValue})
 			}
 			// It is now safe to set the target label.
 			lb.Set(l.Name, l.Value)
 		}
+
+		if len(conflictingExposedLabels) > 0 {
+			resolveConflictingExposedLabels(lb, lset, targetLabels, conflictingExposedLabels)
+		}
 	}
 
 	res := lb.Labels()
@@ -668,6 +674,29 @@ func mutateSampleLabels(lset labels.Labels, target *Target, honor bool, rc []*re
 	return res
 }
 
+func resolveConflictingExposedLabels(lb *labels.Builder, exposedLabels, targetLabels, conflictingExposedLabels labels.Labels) {
+	sort.SliceStable(conflictingExposedLabels, func(i, j int) bool {
+		return len(conflictingExposedLabels[i].Name) < len(conflictingExposedLabels[j].Name)
+	})
+
+	for i, l := range conflictingExposedLabels {
+		newName := l.Name
+		for {
+			newName = model.ExportedLabelPrefix + newName
+			if !exposedLabels.Has(newName) &&
+				!targetLabels.Has(newName) &&
+				!conflictingExposedLabels[:i].Has(newName) {
+				conflictingExposedLabels[i].Name = newName
+				break
+			}
+		}
+	}
+
+	for _, l := range conflictingExposedLabels {
+		lb.Set(l.Name, l.Value)
+	}
+}
+
 func mutateReportSampleLabels(lset labels.Labels, target *Target) labels.Labels {
 	lb := labels.NewBuilder(lset)
 
@@ -800,7 +829,7 @@ type loop interface {
 }
 
 type cacheEntry struct {
-	ref      uint64
+	ref      storage.SeriesRef
 	lastIter uint64
 	hash     uint64
 	lset     labels.Labels
@@ -832,7 +861,7 @@ type scrapeLoop struct {
 
 	disabledEndOfRunStalenessMarkers bool
 
-	reportScrapeTimeout bool
+	reportExtraMetrics bool
 }
 
 // scrapeCache tracks mappings of exposed metric strings to label sets and
@@ -947,7 +976,7 @@ func (c *scrapeCache) get(met string) (*cacheEntry, bool) {
 	return e, true
 }
 
-func (c *scrapeCache) addRef(met string, ref uint64, lset labels.Labels, hash uint64) {
+func (c *scrapeCache) addRef(met string, ref storage.SeriesRef, lset labels.Labels, hash uint64) {
 	if ref == 0 {
 		return
 	}
@@ -1093,7 +1122,7 @@ func newScrapeLoop(ctx context.Context,
 	labelLimits *labelLimits,
 	interval time.Duration,
 	timeout time.Duration,
-	reportScrapeTimeout bool,
+	reportExtraMetrics bool,
 ) *scrapeLoop {
 	if l == nil {
 		l = log.NewNopLogger()
@@ -1120,7 +1149,7 @@ func newScrapeLoop(ctx context.Context,
 		labelLimits:         labelLimits,
 		interval:            interval,
 		timeout:             timeout,
-		reportScrapeTimeout: reportScrapeTimeout,
+		reportExtraMetrics:  reportExtraMetrics,
 	}
 	sl.ctx, sl.cancel = context.WithCancel(ctx)
 
@@ -1171,7 +1200,7 @@ mainLoop:
 			}
 		}
 
-		last = sl.scrapeAndReport(sl.interval, sl.timeout, last, scrapeTime, errc)
+		last = sl.scrapeAndReport(last, scrapeTime, errc)
 
 		select {
 		case <-sl.parentCtx.Done():
@@ -1195,12 +1224,12 @@ mainLoop:
 // In the happy scenario, a single appender is used.
 // This function uses sl.parentCtx instead of sl.ctx on purpose. A scrape should
 // only be cancelled on shutdown, not on reloads.
-func (sl *scrapeLoop) scrapeAndReport(interval, timeout time.Duration, last, appendTime time.Time, errc chan<- error) time.Time {
+func (sl *scrapeLoop) scrapeAndReport(last, appendTime time.Time, errc chan<- error) time.Time {
 	start := time.Now()
 
 	// Only record after the first scrape.
 	if !last.IsZero() {
-		targetIntervalLength.WithLabelValues(interval.String()).Observe(
+		targetIntervalLength.WithLabelValues(sl.interval.String()).Observe(
 			time.Since(last).Seconds(),
 		)
 	}
@@ -1209,7 +1238,7 @@ func (sl *scrapeLoop) scrapeAndReport(interval, timeout time.Duration, last, app
 	defer sl.buffers.Put(b)
 	buf := bytes.NewBuffer(b)
 
-	var total, added, seriesAdded int
+	var total, added, seriesAdded, bytes int
 	var err, appErr, scrapeErr error
 
 	app := sl.appender(sl.parentCtx)
@@ -1225,7 +1254,7 @@ func (sl *scrapeLoop) scrapeAndReport(interval, timeout time.Duration, last, app
 	}()
 
 	defer func() {
-		if err = sl.report(app, appendTime, timeout, time.Since(start), total, added, seriesAdded, scrapeErr); err != nil {
+		if err = sl.report(app, appendTime, time.Since(start), total, added, seriesAdded, bytes, scrapeErr); err != nil {
 			level.Warn(sl.l).Log("msg", "Appending scrape report failed", "err", err)
 		}
 	}()
@@ -1246,7 +1275,7 @@ func (sl *scrapeLoop) scrapeAndReport(interval, timeout time.Duration, last, app
 	}
 
 	var contentType string
-	scrapeCtx, cancel := context.WithTimeout(sl.parentCtx, timeout)
+	scrapeCtx, cancel := context.WithTimeout(sl.parentCtx, sl.timeout)
 	contentType, scrapeErr = sl.scraper.scrape(scrapeCtx, buf)
 	cancel()
 
@@ -1258,11 +1287,15 @@ func (sl *scrapeLoop) scrapeAndReport(interval, timeout time.Duration, last, app
 		if len(b) > 0 {
 			sl.lastScrapeSize = len(b)
 		}
+		bytes = len(b)
 	} else {
 		level.Debug(sl.l).Log("msg", "Scrape failed", "err", scrapeErr)
 		if errc != nil {
 			errc <- scrapeErr
 		}
+		if errors.Is(scrapeErr, errBodySizeLimit) {
+			bytes = -1
+		}
 	}
 
 	// A failed scrape is the same as an empty scrape,
@@ -1444,7 +1477,7 @@ loop:
 		}
 		ce, ok := sl.cache.get(yoloString(met))
 		var (
-			ref  uint64
+			ref  storage.SeriesRef
 			lset labels.Labels
 			mets string
 			hash uint64
@@ -1609,16 +1642,17 @@ func (sl *scrapeLoop) checkAddExemplarError(err error, e exemplar.Exemplar, appE
 // The constants are suffixed with the invalid \xff unicode rune to avoid collisions
 // with scraped metrics in the cache.
 const (
-	scrapeHealthMetricName       = "up" + "\xff"
-	scrapeDurationMetricName     = "scrape_duration_seconds" + "\xff"
-	scrapeSamplesMetricName      = "scrape_samples_scraped" + "\xff"
-	samplesPostRelabelMetricName = "scrape_samples_post_metric_relabeling" + "\xff"
-	scrapeSeriesAddedMetricName  = "scrape_series_added" + "\xff"
-	scrapeTimeoutMetricName      = "scrape_timeout_seconds" + "\xff"
-	scrapeSampleLimitMetricName  = "scrape_sample_limit" + "\xff"
+	scrapeHealthMetricName        = "up" + "\xff"
+	scrapeDurationMetricName      = "scrape_duration_seconds" + "\xff"
+	scrapeSamplesMetricName       = "scrape_samples_scraped" + "\xff"
+	samplesPostRelabelMetricName  = "scrape_samples_post_metric_relabeling" + "\xff"
+	scrapeSeriesAddedMetricName   = "scrape_series_added" + "\xff"
+	scrapeTimeoutMetricName       = "scrape_timeout_seconds" + "\xff"
+	scrapeSampleLimitMetricName   = "scrape_sample_limit" + "\xff"
+	scrapeBodySizeBytesMetricName = "scrape_body_size_bytes" + "\xff"
 )
 
-func (sl *scrapeLoop) report(app storage.Appender, start time.Time, timeout, duration time.Duration, scraped, added, seriesAdded int, scrapeErr error) (err error) {
+func (sl *scrapeLoop) report(app storage.Appender, start time.Time, duration time.Duration, scraped, added, seriesAdded, bytes int, scrapeErr error) (err error) {
 	sl.scraper.Report(start, duration, scrapeErr)
 
 	ts := timestamp.FromTime(start)
@@ -1643,13 +1677,16 @@ func (sl *scrapeLoop) report(app storage.Appender, start time.Time, timeout, dur
 	if err = sl.addReportSample(app, scrapeSeriesAddedMetricName, ts, float64(seriesAdded)); err != nil {
 		return
 	}
-	if sl.reportScrapeTimeout {
-		if err = sl.addReportSample(app, scrapeTimeoutMetricName, ts, timeout.Seconds()); err != nil {
+	if sl.reportExtraMetrics {
+		if err = sl.addReportSample(app, scrapeTimeoutMetricName, ts, sl.timeout.Seconds()); err != nil {
 			return
 		}
 		if err = sl.addReportSample(app, scrapeSampleLimitMetricName, ts, float64(sl.sampleLimit)); err != nil {
 			return
 		}
+		if err = sl.addReportSample(app, scrapeBodySizeBytesMetricName, ts, float64(bytes)); err != nil {
+			return
+		}
 	}
 	return
 }
@@ -1674,20 +1711,23 @@ func (sl *scrapeLoop) reportStale(app storage.Appender, start time.Time) (err er
 	if err = sl.addReportSample(app, scrapeSeriesAddedMetricName, ts, stale); err != nil {
 		return
 	}
-	if sl.reportScrapeTimeout {
+	if sl.reportExtraMetrics {
 		if err = sl.addReportSample(app, scrapeTimeoutMetricName, ts, stale); err != nil {
 			return
 		}
 		if err = sl.addReportSample(app, scrapeSampleLimitMetricName, ts, stale); err != nil {
 			return
 		}
+		if err = sl.addReportSample(app, scrapeBodySizeBytesMetricName, ts, stale); err != nil {
+			return
+		}
 	}
 	return
 }
 
 func (sl *scrapeLoop) addReportSample(app storage.Appender, s string, t int64, v float64) error {
 	ce, ok := sl.cache.get(s)
-	var ref uint64
+	var ref storage.SeriesRef
 	var lset labels.Labels
 	if ok {
 		ref = ce.ref
diff --git a/vendor/github.com/prometheus/prometheus/scrape/target.go b/vendor/github.com/prometheus/prometheus/scrape/target.go
index ada1bcdc518..59d6c9403c4 100644
--- a/vendor/github.com/prometheus/prometheus/scrape/target.go
+++ b/vendor/github.com/prometheus/prometheus/scrape/target.go
@@ -27,10 +27,10 @@ import (
 
 	"github.com/prometheus/prometheus/config"
 	"github.com/prometheus/prometheus/discovery/targetgroup"
-	"github.com/prometheus/prometheus/pkg/labels"
-	"github.com/prometheus/prometheus/pkg/relabel"
-	"github.com/prometheus/prometheus/pkg/textparse"
-	"github.com/prometheus/prometheus/pkg/value"
+	"github.com/prometheus/prometheus/model/labels"
+	"github.com/prometheus/prometheus/model/relabel"
+	"github.com/prometheus/prometheus/model/textparse"
+	"github.com/prometheus/prometheus/model/value"
 	"github.com/prometheus/prometheus/storage"
 )
 
@@ -144,17 +144,8 @@ func (t *Target) SetMetadataStore(s MetricMetadataStore) {
 func (t *Target) hash() uint64 {
 	h := fnv.New64a()
 
-	// We must build a label set without the scrape interval and timeout
-	// labels because those aren't defining attributes of a target
-	// and can be changed without qualifying its parent as a new target,
-	// therefore they should not effect its unique hash.
-	l := t.labels.Map()
-	delete(l, model.ScrapeIntervalLabel)
-	delete(l, model.ScrapeTimeoutLabel)
-	lset := labels.FromMap(l)
-
 	//nolint: errcheck
-	h.Write([]byte(fmt.Sprintf("%016d", lset.Hash())))
+	h.Write([]byte(fmt.Sprintf("%016d", t.labels.Hash())))
 	//nolint: errcheck
 	h.Write([]byte(t.URL().String()))
 
@@ -325,7 +316,7 @@ type limitAppender struct {
 	i     int
 }
 
-func (app *limitAppender) Append(ref uint64, lset labels.Labels, t int64, v float64) (uint64, error) {
+func (app *limitAppender) Append(ref storage.SeriesRef, lset labels.Labels, t int64, v float64) (storage.SeriesRef, error) {
 	if !value.IsStaleNaN(v) {
 		app.i++
 		if app.i > app.limit {
@@ -345,7 +336,7 @@ type timeLimitAppender struct {
 	maxTime int64
 }
 
-func (app *timeLimitAppender) Append(ref uint64, lset labels.Labels, t int64, v float64) (uint64, error) {
+func (app *timeLimitAppender) Append(ref storage.SeriesRef, lset labels.Labels, t int64, v float64) (storage.SeriesRef, error) {
 	if t > app.maxTime {
 		return 0, storage.ErrOutOfBounds
 	}
@@ -357,10 +348,10 @@ func (app *timeLimitAppender) Append(ref uint64, lset labels.Labels, t int64, v
 	return ref, nil
 }
 
-// populateLabels builds a label set from the given label set and scrape configuration.
+// PopulateLabels builds a label set from the given label set and scrape configuration.
 // It returns a label set before relabeling was applied as the second return value.
 // Returns the original discovered label set found before relabelling was applied if the target is dropped during relabeling.
-func populateLabels(lset labels.Labels, cfg *config.ScrapeConfig) (res, orig labels.Labels, err error) {
+func PopulateLabels(lset labels.Labels, cfg *config.ScrapeConfig) (res, orig labels.Labels, err error) {
 	// Copy labels into the labelset for the target if they are not set already.
 	scrapeLabels := []labels.Label{
 		{Name: model.JobLabel, Value: cfg.JobName},
@@ -478,8 +469,8 @@ func populateLabels(lset labels.Labels, cfg *config.ScrapeConfig) (res, orig lab
 	return res, preRelabelLabels, nil
 }
 
-// targetsFromGroup builds targets based on the given TargetGroup and config.
-func targetsFromGroup(tg *targetgroup.Group, cfg *config.ScrapeConfig) ([]*Target, []error) {
+// TargetsFromGroup builds targets based on the given TargetGroup and config.
+func TargetsFromGroup(tg *targetgroup.Group, cfg *config.ScrapeConfig) ([]*Target, []error) {
 	targets := make([]*Target, 0, len(tg.Targets))
 	failures := []error{}
 
@@ -497,7 +488,7 @@ func targetsFromGroup(tg *targetgroup.Group, cfg *config.ScrapeConfig) ([]*Targe
 
 		lset := labels.New(lbls...)
 
-		lbls, origLabels, err := populateLabels(lset, cfg)
+		lbls, origLabels, err := PopulateLabels(lset, cfg)
 		if err != nil {
 			failures = append(failures, errors.Wrapf(err, "instance %d in group %s", i, tg))
 		}
diff --git a/vendor/github.com/prometheus/prometheus/storage/buffer.go b/vendor/github.com/prometheus/prometheus/storage/buffer.go
index feca1d91ed4..68cda5f9467 100644
--- a/vendor/github.com/prometheus/prometheus/storage/buffer.go
+++ b/vendor/github.com/prometheus/prometheus/storage/buffer.go
@@ -275,7 +275,7 @@ func (r *sampleRing) nthLast(n int) (int64, float64, bool) {
 func (r *sampleRing) samples() []sample {
 	res := make([]sample, r.l)
 
-	var k = r.f + r.l
+	k := r.f + r.l
 	var j int
 	if k > len(r.buf) {
 		k = len(r.buf)
diff --git a/vendor/github.com/prometheus/prometheus/storage/fanout.go b/vendor/github.com/prometheus/prometheus/storage/fanout.go
index 206105fa537..2d0d33215fb 100644
--- a/vendor/github.com/prometheus/prometheus/storage/fanout.go
+++ b/vendor/github.com/prometheus/prometheus/storage/fanout.go
@@ -20,8 +20,8 @@ import (
 	"github.com/go-kit/log/level"
 	"github.com/prometheus/common/model"
 
-	"github.com/prometheus/prometheus/pkg/exemplar"
-	"github.com/prometheus/prometheus/pkg/labels"
+	"github.com/prometheus/prometheus/model/exemplar"
+	"github.com/prometheus/prometheus/model/labels"
 	tsdb_errors "github.com/prometheus/prometheus/tsdb/errors"
 )
 
@@ -144,7 +144,7 @@ type fanoutAppender struct {
 	secondaries []Appender
 }
 
-func (f *fanoutAppender) Append(ref uint64, l labels.Labels, t int64, v float64) (uint64, error) {
+func (f *fanoutAppender) Append(ref SeriesRef, l labels.Labels, t int64, v float64) (SeriesRef, error) {
 	ref, err := f.primary.Append(ref, l, t, v)
 	if err != nil {
 		return ref, err
@@ -158,7 +158,7 @@ func (f *fanoutAppender) Append(ref uint64, l labels.Labels, t int64, v float64)
 	return ref, nil
 }
 
-func (f *fanoutAppender) AppendExemplar(ref uint64, l labels.Labels, e exemplar.Exemplar) (uint64, error) {
+func (f *fanoutAppender) AppendExemplar(ref SeriesRef, l labels.Labels, e exemplar.Exemplar) (SeriesRef, error) {
 	ref, err := f.primary.AppendExemplar(ref, l, e)
 	if err != nil {
 		return ref, err
diff --git a/vendor/github.com/prometheus/prometheus/storage/generic.go b/vendor/github.com/prometheus/prometheus/storage/generic.go
index 817122bc12b..6762f32a1ab 100644
--- a/vendor/github.com/prometheus/prometheus/storage/generic.go
+++ b/vendor/github.com/prometheus/prometheus/storage/generic.go
@@ -17,7 +17,7 @@
 package storage
 
 import (
-	"github.com/prometheus/prometheus/pkg/labels"
+	"github.com/prometheus/prometheus/model/labels"
 )
 
 type genericQuerier interface {
diff --git a/vendor/github.com/prometheus/prometheus/storage/interface.go b/vendor/github.com/prometheus/prometheus/storage/interface.go
index d3dab0e21e2..986f0f54e41 100644
--- a/vendor/github.com/prometheus/prometheus/storage/interface.go
+++ b/vendor/github.com/prometheus/prometheus/storage/interface.go
@@ -18,8 +18,8 @@ import (
 	"errors"
 	"fmt"
 
-	"github.com/prometheus/prometheus/pkg/exemplar"
-	"github.com/prometheus/prometheus/pkg/labels"
+	"github.com/prometheus/prometheus/model/exemplar"
+	"github.com/prometheus/prometheus/model/labels"
 	"github.com/prometheus/prometheus/tsdb/chunkenc"
 	"github.com/prometheus/prometheus/tsdb/chunks"
 )
@@ -36,6 +36,11 @@ var (
 	ErrExemplarsDisabled           = fmt.Errorf("exemplar storage is disabled or max exemplars is less than or equal to 0")
 )
 
+// SeriesRef is a generic series reference. In prometheus it is either a
+// HeadSeriesRef or BlockSeriesRef, though other implementations may have
+// their own reference types.
+type SeriesRef uint64
+
 // Appendable allows creating appenders.
 type Appendable interface {
 	// Appender returns a new appender for the storage. The implementation
@@ -145,6 +150,11 @@ type SelectHints struct {
 	Grouping []string // List of label names used in aggregation.
 	By       bool     // Indicate whether it is without or by.
 	Range    int64    // Range vector selector range in milliseconds.
+
+	// DisableTrimming allows to disable trimming of matching series chunks based on query Start and End time.
+	// When disabled, the result may contain samples outside the queried time range but Select() performances
+	// may be improved.
+	DisableTrimming bool
 }
 
 // TODO(bwplotka): Move to promql/engine_test.go?
@@ -163,14 +173,14 @@ func (f QueryableFunc) Querier(ctx context.Context, mint, maxt int64) (Querier,
 // Operations on the Appender interface are not goroutine-safe.
 type Appender interface {
 	// Append adds a sample pair for the given series.
-	// An optional reference number can be provided to accelerate calls.
-	// A reference number is returned which can be used to add further
-	// samples in the same or later transactions.
+	// An optional series reference can be provided to accelerate calls.
+	// A series reference number is returned which can be used to add further
+	// samples to the given series in the same or later transactions.
 	// Returned reference numbers are ephemeral and may be rejected in calls
 	// to Append() at any point. Adding the sample via Append() returns a new
 	// reference number.
 	// If the reference is 0 it must not be used for caching.
-	Append(ref uint64, l labels.Labels, t int64, v float64) (uint64, error)
+	Append(ref SeriesRef, l labels.Labels, t int64, v float64) (SeriesRef, error)
 
 	// Commit submits the collected samples and purges the batch. If Commit
 	// returns a non-nil error, it also rolls back all modifications made in
@@ -191,7 +201,7 @@ type GetRef interface {
 	// Returns reference number that can be used to pass to Appender.Append(),
 	// and a set of labels that will not cause another copy when passed to Appender.Append().
 	// 0 means the appender does not have a reference to this series.
-	GetRef(lset labels.Labels) (uint64, labels.Labels)
+	GetRef(lset labels.Labels) (SeriesRef, labels.Labels)
 }
 
 // ExemplarAppender provides an interface for adding samples to exemplar storage, which
@@ -208,7 +218,7 @@ type ExemplarAppender interface {
 	// Note that in our current implementation of Prometheus' exemplar storage
 	// calls to Append should generate the reference numbers, AppendExemplar
 	// generating a new reference number should be considered possible erroneous behaviour and be logged.
-	AppendExemplar(ref uint64, l labels.Labels, e exemplar.Exemplar) (uint64, error)
+	AppendExemplar(ref SeriesRef, l labels.Labels, e exemplar.Exemplar) (SeriesRef, error)
 }
 
 // SeriesSet contains a set of series.
diff --git a/vendor/github.com/prometheus/prometheus/storage/merge.go b/vendor/github.com/prometheus/prometheus/storage/merge.go
index bf81fcc6dd7..01e667751d5 100644
--- a/vendor/github.com/prometheus/prometheus/storage/merge.go
+++ b/vendor/github.com/prometheus/prometheus/storage/merge.go
@@ -22,7 +22,7 @@ import (
 
 	"github.com/pkg/errors"
 
-	"github.com/prometheus/prometheus/pkg/labels"
+	"github.com/prometheus/prometheus/model/labels"
 	"github.com/prometheus/prometheus/tsdb/chunkenc"
 	"github.com/prometheus/prometheus/tsdb/chunks"
 	tsdb_errors "github.com/prometheus/prometheus/tsdb/errors"
@@ -42,7 +42,7 @@ type mergeGenericQuerier struct {
 // See NewFanout commentary to learn more about primary vs secondary differences.
 //
 // In case of overlaps between the data given by primaries' and secondaries' Selects, merge function will be used.
-func NewMergeQuerier(primaries []Querier, secondaries []Querier, mergeFn VerticalSeriesMergeFunc) Querier {
+func NewMergeQuerier(primaries, secondaries []Querier, mergeFn VerticalSeriesMergeFunc) Querier {
 	queriers := make([]genericQuerier, 0, len(primaries)+len(secondaries))
 	for _, q := range primaries {
 		if _, ok := q.(noopQuerier); !ok && q != nil {
@@ -71,7 +71,7 @@ func NewMergeQuerier(primaries []Querier, secondaries []Querier, mergeFn Vertica
 //
 // In case of overlaps between the data given by primaries' and secondaries' Selects, merge function will be used.
 // TODO(bwplotka): Currently merge will compact overlapping chunks with bigger chunk, without limit. Split it: https://github.com/prometheus/tsdb/issues/670
-func NewMergeChunkQuerier(primaries []ChunkQuerier, secondaries []ChunkQuerier, mergeFn VerticalChunkSeriesMergeFunc) ChunkQuerier {
+func NewMergeChunkQuerier(primaries, secondaries []ChunkQuerier, mergeFn VerticalChunkSeriesMergeFunc) ChunkQuerier {
 	queriers := make([]genericQuerier, 0, len(primaries)+len(secondaries))
 	for _, q := range primaries {
 		if _, ok := q.(noopChunkQuerier); !ok && q != nil {
@@ -104,7 +104,7 @@ func (q *mergeGenericQuerier) Select(sortSeries bool, hints *SelectHints, matche
 		return q.queriers[0].Select(sortSeries, hints, matchers...)
 	}
 
-	var seriesSets = make([]genericSeriesSet, 0, len(q.queriers))
+	seriesSets := make([]genericSeriesSet, 0, len(q.queriers))
 	if !q.concurrentSelect {
 		for _, querier := range q.queriers {
 			// We need to sort for merge  to work.
@@ -265,7 +265,6 @@ func NewMergeSeriesSet(sets []SeriesSet, mergeFunc VerticalSeriesMergeFunc) Seri
 	genericSets := make([]genericSeriesSet, 0, len(sets))
 	for _, s := range sets {
 		genericSets = append(genericSets, &genericSeriesSetAdapter{s})
-
 	}
 	return &seriesSetAdapter{newGenericMergeSeriesSet(genericSets, (&seriesMergerAdapter{VerticalSeriesMergeFunc: mergeFunc}).Merge)}
 }
@@ -281,7 +280,6 @@ func NewMergeChunkSeriesSet(sets []ChunkSeriesSet, mergeFunc VerticalChunkSeries
 	genericSets := make([]genericSeriesSet, 0, len(sets))
 	for _, s := range sets {
 		genericSets = append(genericSets, &genericChunkSeriesSetAdapter{s})
-
 	}
 	return &chunkSeriesSetAdapter{newGenericMergeSeriesSet(genericSets, (&chunkSeriesMergerAdapter{VerticalChunkSeriesMergeFunc: mergeFunc}).Merge)}
 }
@@ -431,7 +429,7 @@ func ChainedSeriesMerge(series ...Series) Series {
 			for _, s := range series {
 				iterators = append(iterators, s.Iterator())
 			}
-			return newChainSampleIterator(iterators)
+			return NewChainSampleIterator(iterators)
 		},
 	}
 }
@@ -447,7 +445,10 @@ type chainSampleIterator struct {
 	lastt int64
 }
 
-func newChainSampleIterator(iterators []chunkenc.Iterator) chunkenc.Iterator {
+// NewChainSampleIterator returns a single iterator that iterates over the samples from the given iterators in a sorted
+// fashion. If samples overlap, one sample from overlapped ones is kept (randomly) and all others with the same
+// timestamp are dropped.
+func NewChainSampleIterator(iterators []chunkenc.Iterator) chunkenc.Iterator {
 	return &chainSampleIterator{
 		iterators: iterators,
 		h:         nil,
diff --git a/vendor/github.com/prometheus/prometheus/storage/noop.go b/vendor/github.com/prometheus/prometheus/storage/noop.go
index c63353b92f9..83953ca43fb 100644
--- a/vendor/github.com/prometheus/prometheus/storage/noop.go
+++ b/vendor/github.com/prometheus/prometheus/storage/noop.go
@@ -14,7 +14,7 @@
 package storage
 
 import (
-	"github.com/prometheus/prometheus/pkg/labels"
+	"github.com/prometheus/prometheus/model/labels"
 )
 
 type noopQuerier struct{}
diff --git a/vendor/github.com/prometheus/prometheus/storage/remote/codec.go b/vendor/github.com/prometheus/prometheus/storage/remote/codec.go
index 545138da565..a9f6af0f38d 100644
--- a/vendor/github.com/prometheus/prometheus/storage/remote/codec.go
+++ b/vendor/github.com/prometheus/prometheus/storage/remote/codec.go
@@ -26,9 +26,9 @@ import (
 	"github.com/pkg/errors"
 	"github.com/prometheus/common/model"
 
-	"github.com/prometheus/prometheus/pkg/exemplar"
-	"github.com/prometheus/prometheus/pkg/labels"
-	"github.com/prometheus/prometheus/pkg/textparse"
+	"github.com/prometheus/prometheus/model/exemplar"
+	"github.com/prometheus/prometheus/model/labels"
+	"github.com/prometheus/prometheus/model/textparse"
 	"github.com/prometheus/prometheus/prompb"
 	"github.com/prometheus/prometheus/storage"
 	"github.com/prometheus/prometheus/tsdb/chunkenc"
diff --git a/vendor/github.com/prometheus/prometheus/storage/remote/metadata_watcher.go b/vendor/github.com/prometheus/prometheus/storage/remote/metadata_watcher.go
index 1096e406ad9..eee36463b10 100644
--- a/vendor/github.com/prometheus/prometheus/storage/remote/metadata_watcher.go
+++ b/vendor/github.com/prometheus/prometheus/storage/remote/metadata_watcher.go
@@ -21,6 +21,7 @@ import (
 	"github.com/go-kit/log/level"
 	"github.com/pkg/errors"
 	"github.com/prometheus/common/model"
+
 	"github.com/prometheus/prometheus/scrape"
 )
 
diff --git a/vendor/github.com/prometheus/prometheus/storage/remote/queue_manager.go b/vendor/github.com/prometheus/prometheus/storage/remote/queue_manager.go
index 17e57ea85cb..b3323051888 100644
--- a/vendor/github.com/prometheus/prometheus/storage/remote/queue_manager.go
+++ b/vendor/github.com/prometheus/prometheus/storage/remote/queue_manager.go
@@ -26,15 +26,16 @@ import (
 	"github.com/golang/snappy"
 	"github.com/opentracing/opentracing-go"
 	"github.com/opentracing/opentracing-go/ext"
-	"go.uber.org/atomic"
-
 	"github.com/prometheus/client_golang/prometheus"
 	"github.com/prometheus/common/model"
+	"go.uber.org/atomic"
+
 	"github.com/prometheus/prometheus/config"
-	"github.com/prometheus/prometheus/pkg/labels"
-	"github.com/prometheus/prometheus/pkg/relabel"
+	"github.com/prometheus/prometheus/model/labels"
+	"github.com/prometheus/prometheus/model/relabel"
 	"github.com/prometheus/prometheus/prompb"
 	"github.com/prometheus/prometheus/scrape"
+	"github.com/prometheus/prometheus/tsdb/chunks"
 	"github.com/prometheus/prometheus/tsdb/record"
 	"github.com/prometheus/prometheus/tsdb/wal"
 )
@@ -353,11 +354,11 @@ type QueueManager struct {
 	storeClient WriteClient
 
 	seriesMtx     sync.Mutex // Covers seriesLabels and droppedSeries.
-	seriesLabels  map[uint64]labels.Labels
-	droppedSeries map[uint64]struct{}
+	seriesLabels  map[chunks.HeadSeriesRef]labels.Labels
+	droppedSeries map[chunks.HeadSeriesRef]struct{}
 
 	seriesSegmentMtx     sync.Mutex // Covers seriesSegmentIndexes - if you also lock seriesMtx, take seriesMtx first.
-	seriesSegmentIndexes map[uint64]int
+	seriesSegmentIndexes map[chunks.HeadSeriesRef]int
 
 	shards      *shards
 	numShards   int
@@ -406,9 +407,9 @@ func NewQueueManager(
 		storeClient:    client,
 		sendExemplars:  enableExemplarRemoteWrite,
 
-		seriesLabels:         make(map[uint64]labels.Labels),
-		seriesSegmentIndexes: make(map[uint64]int),
-		droppedSeries:        make(map[uint64]struct{}),
+		seriesLabels:         make(map[chunks.HeadSeriesRef]labels.Labels),
+		seriesSegmentIndexes: make(map[chunks.HeadSeriesRef]int),
+		droppedSeries:        make(map[chunks.HeadSeriesRef]struct{}),
 
 		numShards:   cfg.MinShards,
 		reshardChan: make(chan int),
@@ -433,7 +434,7 @@ func NewQueueManager(
 	return t
 }
 
-// AppendMetadata sends metadata the remote storage. Metadata is sent all at once and is not parallelized.
+// AppendMetadata sends metadata the remote storage. Metadata is sent in batches, but is not parallelized.
 func (t *QueueManager) AppendMetadata(ctx context.Context, metadata []scrape.MetricMetadata) {
 	mm := make([]prompb.MetricMetadata, 0, len(metadata))
 	for _, entry := range metadata {
@@ -445,13 +446,14 @@ func (t *QueueManager) AppendMetadata(ctx context.Context, metadata []scrape.Met
 		})
 	}
 
+	pBuf := proto.NewBuffer(nil)
 	numSends := int(math.Ceil(float64(len(metadata)) / float64(t.mcfg.MaxSamplesPerSend)))
 	for i := 0; i < numSends; i++ {
 		last := (i + 1) * t.mcfg.MaxSamplesPerSend
 		if last > len(metadata) {
 			last = len(metadata)
 		}
-		err := t.sendMetadataWithBackoff(ctx, mm[i*t.mcfg.MaxSamplesPerSend:last])
+		err := t.sendMetadataWithBackoff(ctx, mm[i*t.mcfg.MaxSamplesPerSend:last], pBuf)
 		if err != nil {
 			t.metrics.failedMetadataTotal.Add(float64(last - (i * t.mcfg.MaxSamplesPerSend)))
 			level.Error(t.logger).Log("msg", "non-recoverable error while sending metadata", "count", last-(i*t.mcfg.MaxSamplesPerSend), "err", err)
@@ -459,9 +461,9 @@ func (t *QueueManager) AppendMetadata(ctx context.Context, metadata []scrape.Met
 	}
 }
 
-func (t *QueueManager) sendMetadataWithBackoff(ctx context.Context, metadata []prompb.MetricMetadata) error {
+func (t *QueueManager) sendMetadataWithBackoff(ctx context.Context, metadata []prompb.MetricMetadata, pBuf *proto.Buffer) error {
 	// Build the WriteRequest with no samples.
-	req, _, err := buildWriteRequest(nil, metadata, nil)
+	req, _, err := buildWriteRequest(nil, metadata, pBuf, nil)
 	if err != nil {
 		return err
 	}
@@ -668,7 +670,8 @@ func (t *QueueManager) StoreSeries(series []record.RefSeries, index int) {
 	}
 }
 
-// Update the segment number held against the series, so we can trim older ones in SeriesReset.
+// UpdateSeriesSegment updates the segment number held against the series,
+// so we can trim older ones in SeriesReset.
 func (t *QueueManager) UpdateSeriesSegment(series []record.RefSeries, index int) {
 	t.seriesSegmentMtx.Lock()
 	defer t.seriesSegmentMtx.Unlock()
@@ -727,7 +730,7 @@ func (t *QueueManager) releaseLabels(ls labels.Labels) {
 
 // processExternalLabels merges externalLabels into ls. If ls contains
 // a label in externalLabels, the value in ls wins.
-func processExternalLabels(ls labels.Labels, externalLabels labels.Labels) labels.Labels {
+func processExternalLabels(ls, externalLabels labels.Labels) labels.Labels {
 	i, j, result := 0, 0, make(labels.Labels, 0, len(ls)+len(externalLabels))
 	for i < len(ls) && j < len(externalLabels) {
 		if ls[i].Name < externalLabels[j].Name {
@@ -996,7 +999,7 @@ func (s *shards) stop() {
 
 // enqueue data (sample or exemplar).  If we are currently in the process of shutting down or resharding,
 // will return false; in this case, you should back off and retry.
-func (s *shards) enqueue(ref uint64, data interface{}) bool {
+func (s *shards) enqueue(ref chunks.HeadSeriesRef, data interface{}) bool {
 	s.mtx.RLock()
 	defer s.mtx.RUnlock()
 
@@ -1040,13 +1043,14 @@ func (s *shards) runShard(ctx context.Context, shardID int, queue chan interface
 		max                                          = s.qm.cfg.MaxSamplesPerSend
 		nPending, nPendingSamples, nPendingExemplars = 0, 0, 0
 
-		buf []byte
+		pBuf = proto.NewBuffer(nil)
+		buf  []byte
 	)
 	if s.qm.sendExemplars {
 		max += int(float64(max) * 0.1)
 	}
 
-	var pendingData = make([]prompb.TimeSeries, max)
+	pendingData := make([]prompb.TimeSeries, max)
 	for i := range pendingData {
 		pendingData[i].Samples = []prompb.Sample{{}}
 		if s.qm.sendExemplars {
@@ -1084,7 +1088,7 @@ func (s *shards) runShard(ctx context.Context, shardID int, queue chan interface
 			if !ok {
 				if nPendingSamples > 0 || nPendingExemplars > 0 {
 					level.Debug(s.qm.logger).Log("msg", "Flushing data to remote storage...", "samples", nPendingSamples, "exemplars", nPendingExemplars)
-					s.sendSamples(ctx, pendingData[:nPending], nPendingSamples, nPendingExemplars, &buf)
+					s.sendSamples(ctx, pendingData[:nPending], nPendingSamples, nPendingExemplars, pBuf, &buf)
 					s.qm.metrics.pendingSamples.Sub(float64(nPendingSamples))
 					s.qm.metrics.pendingExemplars.Sub(float64(nPendingExemplars))
 					level.Debug(s.qm.logger).Log("msg", "Done flushing.")
@@ -1114,7 +1118,7 @@ func (s *shards) runShard(ctx context.Context, shardID int, queue chan interface
 			}
 
 			if nPending >= max {
-				s.sendSamples(ctx, pendingData[:nPending], nPendingSamples, nPendingExemplars, &buf)
+				s.sendSamples(ctx, pendingData[:nPending], nPendingSamples, nPendingExemplars, pBuf, &buf)
 				s.qm.metrics.pendingSamples.Sub(float64(nPendingSamples))
 				s.qm.metrics.pendingExemplars.Sub(float64(nPendingExemplars))
 				nPendingSamples = 0
@@ -1128,7 +1132,7 @@ func (s *shards) runShard(ctx context.Context, shardID int, queue chan interface
 		case <-timer.C:
 			if nPendingSamples > 0 || nPendingExemplars > 0 {
 				level.Debug(s.qm.logger).Log("msg", "runShard timer ticked, sending buffered data", "samples", nPendingSamples, "exemplars", nPendingExemplars, "shard", shardNum)
-				s.sendSamples(ctx, pendingData[:nPending], nPendingSamples, nPendingExemplars, &buf)
+				s.sendSamples(ctx, pendingData[:nPending], nPendingSamples, nPendingExemplars, pBuf, &buf)
 				s.qm.metrics.pendingSamples.Sub(float64(nPendingSamples))
 				s.qm.metrics.pendingExemplars.Sub(float64(nPendingExemplars))
 				nPendingSamples = 0
@@ -1140,9 +1144,9 @@ func (s *shards) runShard(ctx context.Context, shardID int, queue chan interface
 	}
 }
 
-func (s *shards) sendSamples(ctx context.Context, samples []prompb.TimeSeries, sampleCount int, exemplarCount int, buf *[]byte) {
+func (s *shards) sendSamples(ctx context.Context, samples []prompb.TimeSeries, sampleCount, exemplarCount int, pBuf *proto.Buffer, buf *[]byte) {
 	begin := time.Now()
-	err := s.sendSamplesWithBackoff(ctx, samples, sampleCount, exemplarCount, buf)
+	err := s.sendSamplesWithBackoff(ctx, samples, sampleCount, exemplarCount, pBuf, buf)
 	if err != nil {
 		level.Error(s.qm.logger).Log("msg", "non-recoverable error", "count", sampleCount, "exemplarCount", exemplarCount, "err", err)
 		s.qm.metrics.failedSamplesTotal.Add(float64(sampleCount))
@@ -1157,16 +1161,16 @@ func (s *shards) sendSamples(ctx context.Context, samples []prompb.TimeSeries, s
 }
 
 // sendSamples to the remote storage with backoff for recoverable errors.
-func (s *shards) sendSamplesWithBackoff(ctx context.Context, samples []prompb.TimeSeries, sampleCount int, exemplarCount int, buf *[]byte) error {
+func (s *shards) sendSamplesWithBackoff(ctx context.Context, samples []prompb.TimeSeries, sampleCount, exemplarCount int, pBuf *proto.Buffer, buf *[]byte) error {
 	// Build the WriteRequest with no metadata.
-	req, highest, err := buildWriteRequest(samples, nil, *buf)
+	req, highest, err := buildWriteRequest(samples, nil, pBuf, *buf)
 	if err != nil {
 		// Failing to build the write request is non-recoverable, since it will
 		// only error if marshaling the proto to bytes fails.
 		return err
 	}
 
-	reqSize := len(*buf)
+	reqSize := len(req)
 	*buf = req
 
 	// An anonymous function allows us to defer the completion of our per-try spans
@@ -1262,11 +1266,10 @@ func sendWriteRequestWithBackoff(ctx context.Context, cfg config.QueueConfig, l
 		}
 
 		try++
-		continue
 	}
 }
 
-func buildWriteRequest(samples []prompb.TimeSeries, metadata []prompb.MetricMetadata, buf []byte) ([]byte, int64, error) {
+func buildWriteRequest(samples []prompb.TimeSeries, metadata []prompb.MetricMetadata, pBuf *proto.Buffer, buf []byte) ([]byte, int64, error) {
 	var highest int64
 	for _, ts := range samples {
 		// At the moment we only ever append a TimeSeries with a single sample or exemplar in it.
@@ -1283,7 +1286,12 @@ func buildWriteRequest(samples []prompb.TimeSeries, metadata []prompb.MetricMeta
 		Metadata:   metadata,
 	}
 
-	data, err := proto.Marshal(req)
+	if pBuf == nil {
+		pBuf = proto.NewBuffer(nil) // For convenience in tests. Not efficient.
+	} else {
+		pBuf.Reset()
+	}
+	err := pBuf.Marshal(req)
 	if err != nil {
 		return nil, highest, err
 	}
@@ -1293,6 +1301,6 @@ func buildWriteRequest(samples []prompb.TimeSeries, metadata []prompb.MetricMeta
 	if buf != nil {
 		buf = buf[0:cap(buf)]
 	}
-	compressed := snappy.Encode(buf, data)
+	compressed := snappy.Encode(buf, pBuf.Bytes())
 	return compressed, highest, nil
 }
diff --git a/vendor/github.com/prometheus/prometheus/storage/remote/read.go b/vendor/github.com/prometheus/prometheus/storage/remote/read.go
index 7f1d749e639..07176359379 100644
--- a/vendor/github.com/prometheus/prometheus/storage/remote/read.go
+++ b/vendor/github.com/prometheus/prometheus/storage/remote/read.go
@@ -18,7 +18,7 @@ import (
 
 	"github.com/pkg/errors"
 
-	"github.com/prometheus/prometheus/pkg/labels"
+	"github.com/prometheus/prometheus/model/labels"
 	"github.com/prometheus/prometheus/storage"
 )
 
diff --git a/vendor/github.com/prometheus/prometheus/storage/remote/read_handler.go b/vendor/github.com/prometheus/prometheus/storage/remote/read_handler.go
index ceea4579afc..e1f1df21c19 100644
--- a/vendor/github.com/prometheus/prometheus/storage/remote/read_handler.go
+++ b/vendor/github.com/prometheus/prometheus/storage/remote/read_handler.go
@@ -20,13 +20,13 @@ import (
 
 	"github.com/go-kit/log"
 	"github.com/go-kit/log/level"
-
 	"github.com/prometheus/client_golang/prometheus"
+
 	"github.com/prometheus/prometheus/config"
-	"github.com/prometheus/prometheus/pkg/gate"
-	"github.com/prometheus/prometheus/pkg/labels"
+	"github.com/prometheus/prometheus/model/labels"
 	"github.com/prometheus/prometheus/prompb"
 	"github.com/prometheus/prometheus/storage"
+	"github.com/prometheus/prometheus/util/gate"
 )
 
 type readHandler struct {
diff --git a/vendor/github.com/prometheus/prometheus/storage/remote/storage.go b/vendor/github.com/prometheus/prometheus/storage/remote/storage.go
index 5716605a8dc..c82db1f9dff 100644
--- a/vendor/github.com/prometheus/prometheus/storage/remote/storage.go
+++ b/vendor/github.com/prometheus/prometheus/storage/remote/storage.go
@@ -27,10 +27,10 @@ import (
 	"gopkg.in/yaml.v2"
 
 	"github.com/prometheus/prometheus/config"
-	"github.com/prometheus/prometheus/pkg/labels"
-	"github.com/prometheus/prometheus/pkg/logging"
+	"github.com/prometheus/prometheus/model/labels"
 	"github.com/prometheus/prometheus/scrape"
 	"github.com/prometheus/prometheus/storage"
+	"github.com/prometheus/prometheus/util/logging"
 )
 
 // String constants for instrumentation.
@@ -51,7 +51,7 @@ type startTimeCallback func() (int64, error)
 // Storage represents all the remote read and write endpoints.  It implements
 // storage.Storage.
 type Storage struct {
-	logger log.Logger
+	logger *logging.Deduper
 	mtx    sync.Mutex
 
 	rws *WriteStorage
@@ -66,9 +66,10 @@ func NewStorage(l log.Logger, reg prometheus.Registerer, stCallback startTimeCal
 	if l == nil {
 		l = log.NewNopLogger()
 	}
+	logger := logging.Dedupe(l, 1*time.Minute)
 
 	s := &Storage{
-		logger:                 logging.Dedupe(l, 1*time.Minute),
+		logger:                 logger,
 		localStartTimeCallback: stCallback,
 	}
 	s.rws = NewWriteStorage(s.logger, reg, walDir, flushDeadline, sm)
@@ -179,8 +180,14 @@ func (s *Storage) Appender(ctx context.Context) storage.Appender {
 	return s.rws.Appender(ctx)
 }
 
+// LowestSentTimestamp returns the lowest sent timestamp across all queues.
+func (s *Storage) LowestSentTimestamp() int64 {
+	return s.rws.LowestSentTimestamp()
+}
+
 // Close the background processing of the storage queues.
 func (s *Storage) Close() error {
+	s.logger.Stop()
 	s.mtx.Lock()
 	defer s.mtx.Unlock()
 	return s.rws.Close()
diff --git a/vendor/github.com/prometheus/prometheus/storage/remote/write.go b/vendor/github.com/prometheus/prometheus/storage/remote/write.go
index b3fec364a7a..bd330fe8b4b 100644
--- a/vendor/github.com/prometheus/prometheus/storage/remote/write.go
+++ b/vendor/github.com/prometheus/prometheus/storage/remote/write.go
@@ -16,6 +16,7 @@ package remote
 import (
 	"context"
 	"fmt"
+	"math"
 	"sync"
 	"time"
 
@@ -24,8 +25,8 @@ import (
 	"github.com/prometheus/client_golang/prometheus/promauto"
 
 	"github.com/prometheus/prometheus/config"
-	"github.com/prometheus/prometheus/pkg/exemplar"
-	"github.com/prometheus/prometheus/pkg/labels"
+	"github.com/prometheus/prometheus/model/exemplar"
+	"github.com/prometheus/prometheus/model/labels"
 	"github.com/prometheus/prometheus/storage"
 	"github.com/prometheus/prometheus/tsdb/wal"
 )
@@ -60,6 +61,7 @@ type WriteStorage struct {
 	flushDeadline     time.Duration
 	interner          *pool
 	scraper           ReadyScrapeManager
+	quit              chan struct{}
 
 	// For timestampTracker.
 	highestTimestamp *maxTimestamp
@@ -81,6 +83,7 @@ func NewWriteStorage(logger log.Logger, reg prometheus.Registerer, walDir string
 		walDir:            walDir,
 		interner:          newPool(),
 		scraper:           sm,
+		quit:              make(chan struct{}),
 		highestTimestamp: &maxTimestamp{
 			Gauge: prometheus.NewGauge(prometheus.GaugeOpts{
 				Namespace: namespace,
@@ -100,8 +103,13 @@ func NewWriteStorage(logger log.Logger, reg prometheus.Registerer, walDir string
 func (rws *WriteStorage) run() {
 	ticker := time.NewTicker(shardUpdateDuration)
 	defer ticker.Stop()
-	for range ticker.C {
-		rws.samplesIn.tick()
+	for {
+		select {
+		case <-ticker.C:
+			rws.samplesIn.tick()
+		case <-rws.quit:
+			return
+		}
 	}
 }
 
@@ -207,6 +215,26 @@ func (rws *WriteStorage) Appender(_ context.Context) storage.Appender {
 	}
 }
 
+// LowestSentTimestamp returns the lowest sent timestamp across all queues.
+func (rws *WriteStorage) LowestSentTimestamp() int64 {
+	rws.mtx.Lock()
+	defer rws.mtx.Unlock()
+
+	var lowestTs int64 = math.MaxInt64
+
+	for _, q := range rws.queues {
+		ts := int64(q.metrics.highestSentTimestamp.Get() * 1000)
+		if ts < lowestTs {
+			lowestTs = ts
+		}
+	}
+	if len(rws.queues) == 0 {
+		lowestTs = 0
+	}
+
+	return lowestTs
+}
+
 // Close closes the WriteStorage.
 func (rws *WriteStorage) Close() error {
 	rws.mtx.Lock()
@@ -214,6 +242,7 @@ func (rws *WriteStorage) Close() error {
 	for _, q := range rws.queues {
 		q.Stop()
 	}
+	close(rws.quit)
 	return nil
 }
 
@@ -226,7 +255,7 @@ type timestampTracker struct {
 }
 
 // Append implements storage.Appender.
-func (t *timestampTracker) Append(_ uint64, _ labels.Labels, ts int64, _ float64) (uint64, error) {
+func (t *timestampTracker) Append(_ storage.SeriesRef, _ labels.Labels, ts int64, _ float64) (storage.SeriesRef, error) {
 	t.samples++
 	if ts > t.highestTimestamp {
 		t.highestTimestamp = ts
@@ -234,7 +263,7 @@ func (t *timestampTracker) Append(_ uint64, _ labels.Labels, ts int64, _ float64
 	return 0, nil
 }
 
-func (t *timestampTracker) AppendExemplar(_ uint64, _ labels.Labels, _ exemplar.Exemplar) (uint64, error) {
+func (t *timestampTracker) AppendExemplar(_ storage.SeriesRef, _ labels.Labels, _ exemplar.Exemplar) (storage.SeriesRef, error) {
 	t.exemplars++
 	return 0, nil
 }
diff --git a/vendor/github.com/prometheus/prometheus/storage/remote/write_handler.go b/vendor/github.com/prometheus/prometheus/storage/remote/write_handler.go
index 92637cf471d..42e1060385c 100644
--- a/vendor/github.com/prometheus/prometheus/storage/remote/write_handler.go
+++ b/vendor/github.com/prometheus/prometheus/storage/remote/write_handler.go
@@ -22,7 +22,7 @@ import (
 	"github.com/go-kit/log/level"
 	"github.com/pkg/errors"
 
-	"github.com/prometheus/prometheus/pkg/exemplar"
+	"github.com/prometheus/prometheus/model/exemplar"
 	"github.com/prometheus/prometheus/prompb"
 	"github.com/prometheus/prometheus/storage"
 )
@@ -81,9 +81,7 @@ func (h *writeHandler) checkAppendExemplarError(err error, e exemplar.Exemplar,
 }
 
 func (h *writeHandler) write(ctx context.Context, req *prompb.WriteRequest) (err error) {
-	var (
-		outOfOrderExemplarErrs = 0
-	)
+	outOfOrderExemplarErrs := 0
 
 	app := h.appendable.Appender(ctx)
 	defer func() {
diff --git a/vendor/github.com/prometheus/prometheus/storage/secondary.go b/vendor/github.com/prometheus/prometheus/storage/secondary.go
index 64a83b5e7c2..d66a2861724 100644
--- a/vendor/github.com/prometheus/prometheus/storage/secondary.go
+++ b/vendor/github.com/prometheus/prometheus/storage/secondary.go
@@ -16,7 +16,7 @@ package storage
 import (
 	"sync"
 
-	"github.com/prometheus/prometheus/pkg/labels"
+	"github.com/prometheus/prometheus/model/labels"
 )
 
 // secondaryQuerier is a wrapper that allows a querier to be treated in a best effort manner.
diff --git a/vendor/github.com/prometheus/prometheus/storage/series.go b/vendor/github.com/prometheus/prometheus/storage/series.go
index d92b4fd18c6..3a5790c2a87 100644
--- a/vendor/github.com/prometheus/prometheus/storage/series.go
+++ b/vendor/github.com/prometheus/prometheus/storage/series.go
@@ -17,7 +17,7 @@ import (
 	"math"
 	"sort"
 
-	"github.com/prometheus/prometheus/pkg/labels"
+	"github.com/prometheus/prometheus/model/labels"
 	"github.com/prometheus/prometheus/tsdb/chunkenc"
 	"github.com/prometheus/prometheus/tsdb/chunks"
 	"github.com/prometheus/prometheus/tsdb/tsdbutil"
diff --git a/vendor/github.com/prometheus/prometheus/template/template.go b/vendor/github.com/prometheus/prometheus/template/template.go
index dca5aa432a9..e79de5ee6b8 100644
--- a/vendor/github.com/prometheus/prometheus/template/template.go
+++ b/vendor/github.com/prometheus/prometheus/template/template.go
@@ -87,7 +87,7 @@ func query(ctx context.Context, q string, ts time.Time, queryFn QueryFunc) (quer
 	// promql.Vector is hard to work with in templates, so convert to
 	// base data types.
 	// TODO(fabxc): probably not true anymore after type rework.
-	var result = make(queryResult, len(vector))
+	result := make(queryResult, len(vector))
 	for n, v := range vector {
 		s := sample{
 			Value:  v.V,
@@ -104,6 +104,10 @@ func convertToFloat(i interface{}) (float64, error) {
 		return v, nil
 	case string:
 		return strconv.ParseFloat(v, 64)
+	case int:
+		return float64(v), nil
+	case uint:
+		return float64(v), nil
 	default:
 		return 0, fmt.Errorf("can't convert %T to float", v)
 	}
@@ -244,10 +248,11 @@ func NewTemplateExpander(
 						sign = "-"
 						v = -v
 					}
-					seconds := int64(v) % 60
-					minutes := (int64(v) / 60) % 60
-					hours := (int64(v) / 60 / 60) % 24
-					days := int64(v) / 60 / 60 / 24
+					duration := int64(v)
+					seconds := duration % 60
+					minutes := (duration / 60) % 60
+					hours := (duration / 60 / 60) % 24
+					days := duration / 60 / 60 / 24
 					// For days to minutes, we display seconds as an integer.
 					if days != 0 {
 						return fmt.Sprintf("%s%dd %dh %dm %ds", sign, days, hours, minutes, seconds), nil
@@ -286,7 +291,11 @@ func NewTemplateExpander(
 				if math.IsNaN(v) || math.IsInf(v, 0) {
 					return fmt.Sprintf("%.4g", v), nil
 				}
-				t := model.TimeFromUnixNano(int64(v * 1e9)).Time().UTC()
+				timestamp := v * 1e9
+				if timestamp > math.MaxInt64 || timestamp < math.MinInt64 {
+					return "", fmt.Errorf("%v cannot be represented as a nanoseconds timestamp since it overflows int64", v)
+				}
+				t := model.TimeFromUnixNano(int64(timestamp)).Time().UTC()
 				return fmt.Sprint(t), nil
 			},
 			"pathPrefix": func() string {
@@ -295,13 +304,20 @@ func NewTemplateExpander(
 			"externalURL": func() string {
 				return externalURL.String()
 			},
+			"parseDuration": func(d string) (float64, error) {
+				v, err := model.ParseDuration(d)
+				if err != nil {
+					return 0, err
+				}
+				return float64(time.Duration(v)) / float64(time.Second), nil
+			},
 		},
 		options: options,
 	}
 }
 
 // AlertTemplateData returns the interface to be used in expanding the template.
-func AlertTemplateData(labels map[string]string, externalLabels map[string]string, externalURL string, value float64) interface{} {
+func AlertTemplateData(labels, externalLabels map[string]string, externalURL string, value float64) interface{} {
 	return struct {
 		Labels         map[string]string
 		ExternalLabels map[string]string
diff --git a/vendor/github.com/prometheus/prometheus/tsdb/README.md b/vendor/github.com/prometheus/prometheus/tsdb/README.md
index 59f800c7aea..a8dfdc5406b 100644
--- a/vendor/github.com/prometheus/prometheus/tsdb/README.md
+++ b/vendor/github.com/prometheus/prometheus/tsdb/README.md
@@ -1,16 +1,25 @@
 # TSDB 
 
-[![GoPkg](https://pkg.go.dev/badge/github.com/prometheus/prometheus/tsdb.svg)](https://pkg.go.dev/github.com/prometheus/prometheus/tsdb)
+[![GoPkg](https://pkg.go.dev/badge/github.com/prometheus/prometheus/tsdb.svg)](https://pkg.go.dev/github.com/prometheus/prometheus@v1.8.2-0.20211105201321-411021ada9ab/tsdb)
 
-This directory contains the Prometheus storage layer that is used in its 2.x releases.
+This directory contains the Prometheus TSDB (Time Series DataBase) library,
+which handles storage and querying of all Prometheus v2 data.
 
-A writeup of its design can be found [here](https://fabxc.org/blog/2017-04-10-writing-a-tsdb/).
+Due to an issue with versioning, the "latest" docs shown on Godoc are outdated.
+Instead you may use [the docs for v2.31.1](https://pkg.go.dev/github.com/prometheus/prometheus@v1.8.2-0.20211105201321-411021ada9ab)
 
-Based on the Gorilla TSDB [white papers](http://www.vldb.org/pvldb/vol8/p1816-teller.pdf).
+## Documentation
 
-Video: [Storing 16 Bytes at Scale](https://youtu.be/b_pEevMAC3I) from [PromCon 2017](https://promcon.io/2017-munich/).
+* [Data format](docs/format/README.md).
+* [Usage](docs/usage.md).
+* [Bstream details](docs/bstream.md).
+
+## External resources
+
+* A writeup of the original design can be found [here](https://fabxc.org/blog/2017-04-10-writing-a-tsdb/).
+* Video: [Storing 16 Bytes at Scale](https://youtu.be/b_pEevMAC3I) from [PromCon 2017](https://promcon.io/2017-munich/).
+* Compression is based on the Gorilla TSDB [white paper](http://www.vldb.org/pvldb/vol8/p1816-teller.pdf).
 
-See also the [format documentation](docs/format/README.md).
 
 A series of blog posts explaining different components of TSDB:
 * [The Head Block](https://ganeshvernekar.com/blog/prometheus-tsdb-the-head-block/)
diff --git a/vendor/github.com/prometheus/prometheus/tsdb/block.go b/vendor/github.com/prometheus/prometheus/tsdb/block.go
index 42a91ff5930..e4db21f85e7 100644
--- a/vendor/github.com/prometheus/prometheus/tsdb/block.go
+++ b/vendor/github.com/prometheus/prometheus/tsdb/block.go
@@ -28,7 +28,8 @@ import (
 	"github.com/oklog/ulid"
 	"github.com/pkg/errors"
 
-	"github.com/prometheus/prometheus/pkg/labels"
+	"github.com/prometheus/prometheus/model/labels"
+	"github.com/prometheus/prometheus/storage"
 	"github.com/prometheus/prometheus/tsdb/chunkenc"
 	"github.com/prometheus/prometheus/tsdb/chunks"
 	tsdb_errors "github.com/prometheus/prometheus/tsdb/errors"
@@ -49,7 +50,7 @@ type IndexWriter interface {
 	// Implementations may require series to be insert in strictly increasing order by
 	// their labels. The reference numbers are used to resolve entries in postings lists
 	// that are added later.
-	AddSeries(ref uint64, l labels.Labels, chunks ...chunks.Meta) error
+	AddSeries(ref storage.SeriesRef, l labels.Labels, chunks ...chunks.Meta) error
 
 	// Close writes any finalization and closes the resources associated with
 	// the underlying writer.
@@ -82,7 +83,7 @@ type IndexReader interface {
 	// Series populates the given labels and chunk metas for the series identified
 	// by the reference.
 	// Returns storage.ErrNotFound if the ref does not resolve to a known series.
-	Series(ref uint64, lset *labels.Labels, chks *[]chunks.Meta) error
+	Series(ref storage.SeriesRef, lset *labels.Labels, chks *[]chunks.Meta) error
 
 	// LabelNames returns all the unique label names present in the index in sorted order.
 	LabelNames(matchers ...*labels.Matcher) ([]string, error)
@@ -90,11 +91,11 @@ type IndexReader interface {
 	// LabelValueFor returns label value for the given label name in the series referred to by ID.
 	// If the series couldn't be found or the series doesn't have the requested label a
 	// storage.ErrNotFound is returned as error.
-	LabelValueFor(id uint64, label string) (string, error)
+	LabelValueFor(id storage.SeriesRef, label string) (string, error)
 
 	// LabelNamesFor returns all the label names for the series referred to by IDs.
 	// The names returned are sorted.
-	LabelNamesFor(ids ...uint64) ([]string, error)
+	LabelNamesFor(ids ...storage.SeriesRef) ([]string, error)
 
 	// Close releases the underlying resources of the reader.
 	Close() error
@@ -116,7 +117,7 @@ type ChunkWriter interface {
 // ChunkReader provides reading access of serialized time series data.
 type ChunkReader interface {
 	// Chunk returns the series data chunk with the given reference.
-	Chunk(ref uint64) (chunkenc.Chunk, error)
+	Chunk(ref chunks.ChunkRef) (chunkenc.Chunk, error)
 
 	// Close releases all underlying resources of the reader.
 	Close() error
@@ -191,9 +192,11 @@ type BlockMetaCompaction struct {
 	Failed  bool        `json:"failed,omitempty"`
 }
 
-const indexFilename = "index"
-const metaFilename = "meta.json"
-const metaVersion1 = 1
+const (
+	indexFilename = "index"
+	metaFilename  = "meta.json"
+	metaVersion1  = 1
+)
 
 func chunkDir(dir string) string { return filepath.Join(dir, "chunks") }
 
@@ -470,7 +473,7 @@ func (r blockIndexReader) SortedPostings(p index.Postings) index.Postings {
 	return r.ir.SortedPostings(p)
 }
 
-func (r blockIndexReader) Series(ref uint64, lset *labels.Labels, chks *[]chunks.Meta) error {
+func (r blockIndexReader) Series(ref storage.SeriesRef, lset *labels.Labels, chks *[]chunks.Meta) error {
 	if err := r.ir.Series(ref, lset, chks); err != nil {
 		return errors.Wrapf(err, "block: %s", r.b.Meta().ULID)
 	}
@@ -483,13 +486,13 @@ func (r blockIndexReader) Close() error {
 }
 
 // LabelValueFor returns label value for the given label name in the series referred to by ID.
-func (r blockIndexReader) LabelValueFor(id uint64, label string) (string, error) {
+func (r blockIndexReader) LabelValueFor(id storage.SeriesRef, label string) (string, error) {
 	return r.ir.LabelValueFor(id, label)
 }
 
 // LabelNamesFor returns all the label names for the series referred to by IDs.
 // The names returned are sorted.
-func (r blockIndexReader) LabelNamesFor(ids ...uint64) ([]string, error) {
+func (r blockIndexReader) LabelNamesFor(ids ...storage.SeriesRef) ([]string, error) {
 	return r.ir.LabelNamesFor(ids...)
 }
 
@@ -556,7 +559,7 @@ Outer:
 		return p.Err()
 	}
 
-	err = pb.tombstones.Iter(func(id uint64, ivs tombstones.Intervals) error {
+	err = pb.tombstones.Iter(func(id storage.SeriesRef, ivs tombstones.Intervals) error {
 		for _, iv := range ivs {
 			stones.AddInterval(id, iv)
 		}
@@ -588,7 +591,7 @@ Outer:
 func (pb *Block) CleanTombstones(dest string, c Compactor) (*ulid.ULID, bool, error) {
 	numStones := 0
 
-	if err := pb.tombstones.Iter(func(id uint64, ivs tombstones.Intervals) error {
+	if err := pb.tombstones.Iter(func(id storage.SeriesRef, ivs tombstones.Intervals) error {
 		numStones += len(ivs)
 		return nil
 	}); err != nil {
@@ -611,12 +614,12 @@ func (pb *Block) CleanTombstones(dest string, c Compactor) (*ulid.ULID, bool, er
 // Snapshot creates snapshot of the block into dir.
 func (pb *Block) Snapshot(dir string) error {
 	blockDir := filepath.Join(dir, pb.meta.ULID.String())
-	if err := os.MkdirAll(blockDir, 0777); err != nil {
+	if err := os.MkdirAll(blockDir, 0o777); err != nil {
 		return errors.Wrap(err, "create snapshot block dir")
 	}
 
 	chunksDir := chunkDir(blockDir)
-	if err := os.MkdirAll(chunksDir, 0777); err != nil {
+	if err := os.MkdirAll(chunksDir, 0o777); err != nil {
 		return errors.Wrap(err, "create snapshot chunk dir")
 	}
 
diff --git a/vendor/github.com/prometheus/prometheus/tsdb/blockwriter.go b/vendor/github.com/prometheus/prometheus/tsdb/blockwriter.go
index a5a5d747432..064cd01c7e2 100644
--- a/vendor/github.com/prometheus/prometheus/tsdb/blockwriter.go
+++ b/vendor/github.com/prometheus/prometheus/tsdb/blockwriter.go
@@ -24,7 +24,7 @@ import (
 	"github.com/oklog/ulid"
 	"github.com/pkg/errors"
 
-	"github.com/prometheus/prometheus/pkg/timestamp"
+	"github.com/prometheus/prometheus/model/timestamp"
 	"github.com/prometheus/prometheus/storage"
 	"github.com/prometheus/prometheus/tsdb/chunkenc"
 )
diff --git a/vendor/github.com/prometheus/prometheus/tsdb/chunkenc/bstream.go b/vendor/github.com/prometheus/prometheus/tsdb/chunkenc/bstream.go
index c8efeab1d7a..833c9794b6b 100644
--- a/vendor/github.com/prometheus/prometheus/tsdb/chunkenc/bstream.go
+++ b/vendor/github.com/prometheus/prometheus/tsdb/chunkenc/bstream.go
@@ -48,8 +48,8 @@ import (
 
 // bstream is a stream of bits.
 type bstream struct {
-	stream []byte // the data stream
-	count  uint8  // how many bits are valid in current byte
+	stream []byte // The data stream.
+	count  uint8  // How many right-most bits are available for writing in the current byte (the last byte of the stream).
 }
 
 func (b *bstream) bytes() []byte {
@@ -86,14 +86,17 @@ func (b *bstream) writeByte(byt byte) {
 
 	i := len(b.stream) - 1
 
-	// fill up b.b with b.count bits from byt
+	// Complete the last byte with the leftmost b.count bits from byt.
 	b.stream[i] |= byt >> (8 - b.count)
 
 	b.stream = append(b.stream, 0)
 	i++
+	// Write the remainder, if any.
 	b.stream[i] = byt << b.count
 }
 
+// writeBits writes the nbits right-most bits of u to the stream
+// in left-to-right order.
 func (b *bstream) writeBits(u uint64, nbits int) {
 	u <<= 64 - uint(nbits)
 	for nbits >= 8 {
@@ -115,7 +118,7 @@ type bstreamReader struct {
 	streamOffset int // The offset from which read the next byte from the stream.
 
 	buffer uint64 // The current buffer, filled from the stream, containing up to 8 bytes from which read bits.
-	valid  uint8  // The number of bits valid to read (from left) in the current buffer.
+	valid  uint8  // The number of right-most bits valid to read (from left) in the current 8 byte buffer.
 }
 
 func newBReader(b []byte) bstreamReader {
@@ -148,6 +151,8 @@ func (b *bstreamReader) readBitFast() (bit, error) {
 	return (b.buffer & bitmask) != 0, nil
 }
 
+// readBits constructs a uint64 with the nbits right-most bits
+// read from the stream, and any other bits 0.
 func (b *bstreamReader) readBits(nbits uint8) (uint64, error) {
 	if b.valid == 0 {
 		if !b.loadNextBuffer(nbits) {
diff --git a/vendor/github.com/prometheus/prometheus/tsdb/chunkenc/xor.go b/vendor/github.com/prometheus/prometheus/tsdb/chunkenc/xor.go
index 4eabd5a9532..ba00a6e8118 100644
--- a/vendor/github.com/prometheus/prometheus/tsdb/chunkenc/xor.go
+++ b/vendor/github.com/prometheus/prometheus/tsdb/chunkenc/xor.go
@@ -200,6 +200,8 @@ func (a *xorAppender) Append(t int64, v float64) {
 	a.tDelta = tDelta
 }
 
+// bitRange returns whether the given integer can be represented by nbits.
+// See docs/bstream.md.
 func bitRange(x int64, nbits uint8) bool {
 	return -((1<<(nbits-1))-1) <= x && x <= 1<<(nbits-1)
 }
@@ -372,9 +374,11 @@ func (it *xorIterator) Next() bool {
 			it.err = err
 			return false
 		}
+
+		// Account for negative numbers, which come back as high unsigned numbers.
+		// See docs/bstream.md.
 		if bits > (1 << (sz - 1)) {
-			// or something
-			bits = bits - (1 << sz)
+			bits -= 1 << sz
 		}
 		dod = int64(bits)
 	}
diff --git a/vendor/github.com/prometheus/prometheus/tsdb/chunks/chunks.go b/vendor/github.com/prometheus/prometheus/tsdb/chunks/chunks.go
index 11417c38cf1..2f565fcb17b 100644
--- a/vendor/github.com/prometheus/prometheus/tsdb/chunks/chunks.go
+++ b/vendor/github.com/prometheus/prometheus/tsdb/chunks/chunks.go
@@ -54,13 +54,69 @@ const (
 	ChunkEncodingSize = 1
 )
 
+// ChunkRef is a generic reference for reading chunk data. In prometheus it
+// is either a HeadChunkRef or BlockChunkRef, though other implementations
+// may have their own reference types.
+type ChunkRef uint64
+
+// HeadSeriesRef refers to in-memory series.
+type HeadSeriesRef uint64
+
+// HeadChunkRef packs a HeadSeriesRef and a ChunkID into a global 8 Byte ID.
+// The HeadSeriesRef and ChunkID may not exceed 5 and 3 bytes respectively.
+type HeadChunkRef uint64
+
+func NewHeadChunkRef(hsr HeadSeriesRef, chunkID HeadChunkID) HeadChunkRef {
+	if hsr > (1<<40)-1 {
+		panic("series ID exceeds 5 bytes")
+	}
+	if chunkID > (1<<24)-1 {
+		panic("chunk ID exceeds 3 bytes")
+	}
+	return HeadChunkRef(uint64(hsr<<24) | uint64(chunkID))
+}
+
+func (p HeadChunkRef) Unpack() (HeadSeriesRef, HeadChunkID) {
+	return HeadSeriesRef(p >> 24), HeadChunkID(p<<40) >> 40
+}
+
+// HeadChunkID refers to a specific chunk in a series (memSeries) in the Head.
+// Each memSeries has its own monotonically increasing number to refer to its chunks.
+// If the HeadChunkID value is...
+// * memSeries.firstChunkID+len(memSeries.mmappedChunks), it's the head chunk.
+// * less than the above, but >= memSeries.firstID, then it's
+//   memSeries.mmappedChunks[i] where i = HeadChunkID - memSeries.firstID.
+// Example:
+// assume a memSeries.firstChunkID=7 and memSeries.mmappedChunks=[p5,p6,p7,p8,p9].
+// | HeadChunkID value | refers to ...                                                                          |
+// |-------------------|----------------------------------------------------------------------------------------|
+// |               0-6 | chunks that have been compacted to blocks, these won't return data for queries in Head |
+// |              7-11 | memSeries.mmappedChunks[i] where i is 0 to 4.                                          |
+// |                12 | memSeries.headChunk                                                                    |
+type HeadChunkID uint64
+
+// BlockChunkRef refers to a chunk within a persisted block.
+// The upper 4 bytes are for the segment index and
+// the lower 4 bytes are for the segment offset where the data starts for this chunk.
+type BlockChunkRef uint64
+
+// NewBlockChunkRef packs the file index and byte offset into a BlockChunkRef.
+func NewBlockChunkRef(fileIndex, fileOffset uint64) BlockChunkRef {
+	return BlockChunkRef(fileIndex<<32 | fileOffset)
+}
+
+func (b BlockChunkRef) Unpack() (int, int) {
+	sgmIndex := int(b >> 32)
+	chkStart := int((b << 32) >> 32)
+	return sgmIndex, chkStart
+}
+
 // Meta holds information about a chunk of data.
 type Meta struct {
 	// Ref and Chunk hold either a reference that can be used to retrieve
 	// chunk data or the data itself.
-	// When it is a reference it is the segment offset at which the chunk bytes start.
-	// Generally, only one of them is set.
-	Ref   uint64
+	// If Chunk is nil, call ChunkReader.Chunk(Meta.Ref) to get the chunk and assign it to the Chunk field
+	Ref   ChunkRef
 	Chunk chunkenc.Chunk
 
 	// Time range the data covers.
@@ -68,7 +124,7 @@ type Meta struct {
 	MinTime, MaxTime int64
 }
 
-// Iterator iterates over the chunk of a time series.
+// Iterator iterates over the chunks of a single time series.
 type Iterator interface {
 	// At returns the current meta.
 	// It depends on implementation if the chunk is populated or not.
@@ -97,9 +153,7 @@ func (cm *Meta) OverlapsClosedInterval(mint, maxt int64) bool {
 	return cm.MinTime <= maxt && mint <= cm.MaxTime
 }
 
-var (
-	errInvalidSize = fmt.Errorf("invalid size")
-)
+var errInvalidSize = fmt.Errorf("invalid size")
 
 var castagnoliTable *crc32.Table
 
@@ -148,7 +202,7 @@ func newWriter(dir string, segmentSize int64) (*Writer, error) {
 		segmentSize = DefaultChunkSegmentSize
 	}
 
-	if err := os.MkdirAll(dir, 0777); err != nil {
+	if err := os.MkdirAll(dir, 0o777); err != nil {
 		return nil, err
 	}
 	dirFile, err := fileutil.OpenDir(dir)
@@ -224,7 +278,7 @@ func cutSegmentFile(dirFile *os.File, magicNumber uint32, chunksFormat byte, all
 		return 0, nil, 0, errors.Wrap(err, "next sequence file")
 	}
 	ptmp := p + ".tmp"
-	f, err := os.OpenFile(ptmp, os.O_WRONLY|os.O_CREATE, 0666)
+	f, err := os.OpenFile(ptmp, os.O_WRONLY|os.O_CREATE, 0o666)
 	if err != nil {
 		return 0, nil, 0, errors.Wrap(err, "open temp file")
 	}
@@ -266,7 +320,7 @@ func cutSegmentFile(dirFile *os.File, magicNumber uint32, chunksFormat byte, all
 		return 0, nil, 0, errors.Wrap(err, "replace file")
 	}
 
-	f, err = os.OpenFile(p, os.O_WRONLY, 0666)
+	f, err = os.OpenFile(p, os.O_WRONLY, 0o666)
 	if err != nil {
 		return 0, nil, 0, errors.Wrap(err, "open final file")
 	}
@@ -355,16 +409,11 @@ func (w *Writer) writeChunks(chks []Meta) error {
 		return nil
 	}
 
-	var seq = uint64(w.seq()) << 32
+	seq := uint64(w.seq())
 	for i := range chks {
 		chk := &chks[i]
 
-		// The reference is set to the segment index and the offset where
-		// the data starts for this chunk.
-		//
-		// The upper 4 bytes are for the segment index and
-		// the lower 4 bytes are for the segment offset where to start reading this chunk.
-		chk.Ref = seq | uint64(w.n)
+		chk.Ref = ChunkRef(NewBlockChunkRef(seq, uint64(w.n)))
 
 		n := binary.PutUvarint(w.buf[:], uint64(len(chk.Chunk.Bytes())))
 
@@ -497,16 +546,9 @@ func (s *Reader) Size() int64 {
 }
 
 // Chunk returns a chunk from a given reference.
-func (s *Reader) Chunk(ref uint64) (chunkenc.Chunk, error) {
-	var (
-		// Get the upper 4 bytes.
-		// These contain the segment index.
-		sgmIndex = int(ref >> 32)
-		// Get the lower 4 bytes.
-		// These contain the segment offset where the data for this chunk starts.
-		chkStart = int((ref << 32) >> 32)
-		chkCRC32 = newCRC32()
-	)
+func (s *Reader) Chunk(ref ChunkRef) (chunkenc.Chunk, error) {
+	sgmIndex, chkStart := BlockChunkRef(ref).Unpack()
+	chkCRC32 := newCRC32()
 
 	if sgmIndex >= len(s.bs) {
 		return nil, errors.Errorf("segment index %d out of range", sgmIndex)
diff --git a/vendor/github.com/prometheus/prometheus/tsdb/chunks/head_chunks.go b/vendor/github.com/prometheus/prometheus/tsdb/chunks/head_chunks.go
index 1443e0bd490..51e6e323258 100644
--- a/vendor/github.com/prometheus/prometheus/tsdb/chunks/head_chunks.go
+++ b/vendor/github.com/prometheus/prometheus/tsdb/chunks/head_chunks.go
@@ -42,18 +42,16 @@ const (
 	headChunksFormatV1 = 1
 )
 
-var (
-	// ErrChunkDiskMapperClosed returned by any method indicates
-	// that the ChunkDiskMapper was closed.
-	ErrChunkDiskMapperClosed = errors.New("ChunkDiskMapper closed")
-)
+// ErrChunkDiskMapperClosed returned by any method indicates
+// that the ChunkDiskMapper was closed.
+var ErrChunkDiskMapperClosed = errors.New("ChunkDiskMapper closed")
 
 const (
 	// MintMaxtSize is the size of the mint/maxt for head chunk file and chunks.
 	MintMaxtSize = 8
 	// SeriesRefSize is the size of series reference on disk.
 	SeriesRefSize = 8
-	// HeadChunkFileHeaderSize is the total size of the header for the head chunk file.
+	// HeadChunkFileHeaderSize is the total size of the header for a head chunk file.
 	HeadChunkFileHeaderSize = SegmentHeaderSize
 	// MaxHeadChunkFileSize is the max size of a head chunk file.
 	MaxHeadChunkFileSize = 128 * 1024 * 1024 // 128 MiB.
@@ -70,6 +68,21 @@ const (
 	DefaultWriteBufferSize = 4 * 1024 * 1024 // 4 MiB.
 )
 
+// ChunkDiskMapperRef represents the location of a head chunk on disk.
+// The upper 4 bytes hold the index of the head chunk file and
+// the lower 4 bytes hold the byte offset in the head chunk file where the chunk starts.
+type ChunkDiskMapperRef uint64
+
+func newChunkDiskMapperRef(seq, offset uint64) ChunkDiskMapperRef {
+	return ChunkDiskMapperRef((seq << 32) | offset)
+}
+
+func (ref ChunkDiskMapperRef) Unpack() (sgmIndex, chkStart int) {
+	sgmIndex = int(ref >> 32)
+	chkStart = int((ref << 32) >> 32)
+	return sgmIndex, chkStart
+}
+
 // CorruptionErr is an error that's returned when corruption is encountered.
 type CorruptionErr struct {
 	Dir       string
@@ -111,32 +124,33 @@ type ChunkDiskMapper struct {
 	// from which chunks are served till they are flushed and are ready for m-mapping.
 	chunkBuffer *chunkBuffer
 
-	// If 'true', it indicated that the maxt of all the on-disk files were set
-	// after iterating through all the chunks in those files.
+	// Whether the maxt field is set for all mmapped chunk files tracked within the mmappedChunkFiles map.
+	// This is done after iterating through all the chunks in those files using the IterateAllChunks method.
 	fileMaxtSet bool
 
 	closed bool
 }
 
+// mmappedChunkFile provides mmapp access to an entire head chunks file that holds many chunks.
 type mmappedChunkFile struct {
 	byteSlice ByteSlice
-	maxt      int64
+	maxt      int64 // Max timestamp among all of this file's chunks.
 }
 
-// NewChunkDiskMapper returns a new writer against the given directory
+// NewChunkDiskMapper returns a new ChunkDiskMapper against the given directory
 // using the default head chunk file duration.
 // NOTE: 'IterateAllChunks' method needs to be called at least once after creating ChunkDiskMapper
 // to set the maxt of all the file.
 func NewChunkDiskMapper(dir string, pool chunkenc.Pool, writeBufferSize int) (*ChunkDiskMapper, error) {
 	// Validate write buffer size.
 	if writeBufferSize < MinWriteBufferSize || writeBufferSize > MaxWriteBufferSize {
-		return nil, errors.Errorf("ChunkDiskMapper write buffer size should be between %d and %d (actual: %d)", MinWriteBufferSize, MaxHeadChunkFileSize, writeBufferSize)
+		return nil, errors.Errorf("ChunkDiskMapper write buffer size should be between %d and %d (actual: %d)", MinWriteBufferSize, MaxWriteBufferSize, writeBufferSize)
 	}
 	if writeBufferSize%1024 != 0 {
 		return nil, errors.Errorf("ChunkDiskMapper write buffer size should be a multiple of 1024 (actual: %d)", writeBufferSize)
 	}
 
-	if err := os.MkdirAll(dir, 0777); err != nil {
+	if err := os.MkdirAll(dir, 0o777); err != nil {
 		return nil, err
 	}
 	dirFile, err := fileutil.OpenDir(dir)
@@ -159,6 +173,7 @@ func NewChunkDiskMapper(dir string, pool chunkenc.Pool, writeBufferSize int) (*C
 	return m, m.openMMapFiles()
 }
 
+// openMMapFiles opens all files within dir for mmapping.
 func (cdm *ChunkDiskMapper) openMMapFiles() (returnErr error) {
 	cdm.mmappedChunkFiles = map[int]*mmappedChunkFile{}
 	cdm.closers = map[int]io.Closer{}
@@ -241,7 +256,7 @@ func listChunkFiles(dir string) (map[int]string, error) {
 }
 
 // repairLastChunkFile deletes the last file if it's empty.
-// Because we don't fsync when creating these file, we could end
+// Because we don't fsync when creating these files, we could end
 // up with an empty file at the end during an abrupt shutdown.
 func repairLastChunkFile(files map[int]string) (_ map[int]string, returnErr error) {
 	lastFile := -1
@@ -272,7 +287,7 @@ func repairLastChunkFile(files map[int]string) (_ map[int]string, returnErr erro
 
 // WriteChunk writes the chunk to the disk.
 // The returned chunk ref is the reference from where the chunk encoding starts for the chunk.
-func (cdm *ChunkDiskMapper) WriteChunk(seriesRef uint64, mint, maxt int64, chk chunkenc.Chunk) (chkRef uint64, err error) {
+func (cdm *ChunkDiskMapper) WriteChunk(seriesRef HeadSeriesRef, mint, maxt int64, chk chunkenc.Chunk) (chkRef ChunkDiskMapperRef, err error) {
 	cdm.writePathMtx.Lock()
 	defer cdm.writePathMtx.Unlock()
 
@@ -297,11 +312,9 @@ func (cdm *ChunkDiskMapper) WriteChunk(seriesRef uint64, mint, maxt int64, chk c
 	cdm.crc32.Reset()
 	bytesWritten := 0
 
-	// The upper 4 bytes are for the head chunk file index and
-	// the lower 4 bytes are for the head chunk file offset where to start reading this chunk.
-	chkRef = chunkRef(uint64(cdm.curFileSequence), uint64(cdm.curFileSize()))
+	chkRef = newChunkDiskMapperRef(uint64(cdm.curFileSequence), uint64(cdm.curFileSize()))
 
-	binary.BigEndian.PutUint64(cdm.byteBuf[bytesWritten:], seriesRef)
+	binary.BigEndian.PutUint64(cdm.byteBuf[bytesWritten:], uint64(seriesRef))
 	bytesWritten += SeriesRefSize
 	binary.BigEndian.PutUint64(cdm.byteBuf[bytesWritten:], uint64(mint))
 	bytesWritten += MintMaxtSize
@@ -339,11 +352,7 @@ func (cdm *ChunkDiskMapper) WriteChunk(seriesRef uint64, mint, maxt int64, chk c
 	return chkRef, nil
 }
 
-func chunkRef(seq, offset uint64) (chunkRef uint64) {
-	return (seq << 32) | offset
-}
-
-// shouldCutNewFile decides the cutting of a new file based on time and size retention.
+// shouldCutNewFile returns whether a new file should be cut, based on time and size retention.
 // Size retention: because depending on the system architecture, there is a limit on how big of a file we can m-map.
 // Time retention: so that we can delete old chunks with some time guarantee in low load environments.
 func (cdm *ChunkDiskMapper) shouldCutNewFile(chunkSize int) bool {
@@ -456,28 +465,22 @@ func (cdm *ChunkDiskMapper) flushBuffer() error {
 }
 
 // Chunk returns a chunk from a given reference.
-func (cdm *ChunkDiskMapper) Chunk(ref uint64) (chunkenc.Chunk, error) {
+func (cdm *ChunkDiskMapper) Chunk(ref ChunkDiskMapperRef) (chunkenc.Chunk, error) {
 	cdm.readPathMtx.RLock()
-	// We hold this read lock for the entire duration because if the Close()
+	// We hold this read lock for the entire duration because if Close()
 	// is called, the data in the byte slice will get corrupted as the mmapped
 	// file will be closed.
 	defer cdm.readPathMtx.RUnlock()
 
-	var (
-		// Get the upper 4 bytes.
-		// These contain the head chunk file index.
-		sgmIndex = int(ref >> 32)
-		// Get the lower 4 bytes.
-		// These contain the head chunk file offset where the chunk starts.
-		// We skip the series ref and the mint/maxt beforehand.
-		chkStart = int((ref<<32)>>32) + SeriesRefSize + (2 * MintMaxtSize)
-		chkCRC32 = newCRC32()
-	)
-
 	if cdm.closed {
 		return nil, ErrChunkDiskMapperClosed
 	}
 
+	sgmIndex, chkStart := ref.Unpack()
+	// We skip the series ref and the mint/maxt beforehand.
+	chkStart += SeriesRefSize + (2 * MintMaxtSize)
+	chkCRC32 := newCRC32()
+
 	// If it is the current open file, then the chunks can be in the buffer too.
 	if sgmIndex == cdm.curFileSequence {
 		chunk := cdm.chunkBuffer.get(ref)
@@ -574,11 +577,11 @@ func (cdm *ChunkDiskMapper) Chunk(ref uint64) (chunkenc.Chunk, error) {
 	return chk, nil
 }
 
-// IterateAllChunks iterates on all the chunks in its byte slices in the order of the head chunk file sequence
-// and runs the provided function on each chunk. It returns on the first error encountered.
+// IterateAllChunks iterates all mmappedChunkFiles (in order of head chunk file name/number) and all the chunks within it
+// and runs the provided function with information about each chunk. It returns on the first error encountered.
 // NOTE: This method needs to be called at least once after creating ChunkDiskMapper
 // to set the maxt of all the file.
-func (cdm *ChunkDiskMapper) IterateAllChunks(f func(seriesRef, chunkRef uint64, mint, maxt int64, numSamples uint16) error) (err error) {
+func (cdm *ChunkDiskMapper) IterateAllChunks(f func(seriesRef HeadSeriesRef, chunkRef ChunkDiskMapperRef, mint, maxt int64, numSamples uint16) error) (err error) {
 	cdm.writePathMtx.Lock()
 	defer cdm.writePathMtx.Unlock()
 
@@ -623,10 +626,10 @@ func (cdm *ChunkDiskMapper) IterateAllChunks(f func(seriesRef, chunkRef uint64,
 				}
 			}
 			chkCRC32.Reset()
-			chunkRef := chunkRef(uint64(segID), uint64(idx))
+			chunkRef := newChunkDiskMapperRef(uint64(segID), uint64(idx))
 
 			startIdx := idx
-			seriesRef := binary.BigEndian.Uint64(mmapFile.byteSlice.Range(idx, idx+SeriesRefSize))
+			seriesRef := HeadSeriesRef(binary.BigEndian.Uint64(mmapFile.byteSlice.Range(idx, idx+SeriesRefSize)))
 			idx += SeriesRefSize
 			mint := int64(binary.BigEndian.Uint64(mmapFile.byteSlice.Range(idx, idx+MintMaxtSize)))
 			idx += MintMaxtSize
@@ -824,21 +827,21 @@ func closeAllFromMap(cs map[int]io.Closer) error {
 
 const inBufferShards = 128 // 128 is a randomly chosen number.
 
-// chunkBuffer is a thread safe buffer for chunks.
+// chunkBuffer is a thread safe lookup table for chunks by their ref.
 type chunkBuffer struct {
-	inBufferChunks     [inBufferShards]map[uint64]chunkenc.Chunk
+	inBufferChunks     [inBufferShards]map[ChunkDiskMapperRef]chunkenc.Chunk
 	inBufferChunksMtxs [inBufferShards]sync.RWMutex
 }
 
 func newChunkBuffer() *chunkBuffer {
 	cb := &chunkBuffer{}
 	for i := 0; i < inBufferShards; i++ {
-		cb.inBufferChunks[i] = make(map[uint64]chunkenc.Chunk)
+		cb.inBufferChunks[i] = make(map[ChunkDiskMapperRef]chunkenc.Chunk)
 	}
 	return cb
 }
 
-func (cb *chunkBuffer) put(ref uint64, chk chunkenc.Chunk) {
+func (cb *chunkBuffer) put(ref ChunkDiskMapperRef, chk chunkenc.Chunk) {
 	shardIdx := ref % inBufferShards
 
 	cb.inBufferChunksMtxs[shardIdx].Lock()
@@ -846,7 +849,7 @@ func (cb *chunkBuffer) put(ref uint64, chk chunkenc.Chunk) {
 	cb.inBufferChunksMtxs[shardIdx].Unlock()
 }
 
-func (cb *chunkBuffer) get(ref uint64) chunkenc.Chunk {
+func (cb *chunkBuffer) get(ref ChunkDiskMapperRef) chunkenc.Chunk {
 	shardIdx := ref % inBufferShards
 
 	cb.inBufferChunksMtxs[shardIdx].RLock()
@@ -858,7 +861,7 @@ func (cb *chunkBuffer) get(ref uint64) chunkenc.Chunk {
 func (cb *chunkBuffer) clear() {
 	for i := 0; i < inBufferShards; i++ {
 		cb.inBufferChunksMtxs[i].Lock()
-		cb.inBufferChunks[i] = make(map[uint64]chunkenc.Chunk)
+		cb.inBufferChunks[i] = make(map[ChunkDiskMapperRef]chunkenc.Chunk)
 		cb.inBufferChunksMtxs[i].Unlock()
 	}
 }
diff --git a/vendor/github.com/prometheus/prometheus/tsdb/chunks/head_chunks_other.go b/vendor/github.com/prometheus/prometheus/tsdb/chunks/head_chunks_other.go
index 8b37dd8c257..3d00fddc374 100644
--- a/vendor/github.com/prometheus/prometheus/tsdb/chunks/head_chunks_other.go
+++ b/vendor/github.com/prometheus/prometheus/tsdb/chunks/head_chunks_other.go
@@ -16,8 +16,7 @@
 
 package chunks
 
-var (
-	// HeadChunkFilePreallocationSize is the size to which the m-map file should be preallocated when a new file is cut.
-	// Windows needs pre-allocations while the other OS does not.
-	HeadChunkFilePreallocationSize int64
-)
+// HeadChunkFilePreallocationSize is the size to which the m-map file should be preallocated when a new file is cut.
+// Windows needs pre-allocations while the other OS does not. But we observed that a 0 pre-allocation causes unit tests to flake.
+// This small allocation for non-Windows OSes removes the flake.
+var HeadChunkFilePreallocationSize int64 = MinWriteBufferSize * 2
diff --git a/vendor/github.com/prometheus/prometheus/tsdb/chunks/head_chunks_windows.go b/vendor/github.com/prometheus/prometheus/tsdb/chunks/head_chunks_windows.go
index b772b64b468..214ee42f596 100644
--- a/vendor/github.com/prometheus/prometheus/tsdb/chunks/head_chunks_windows.go
+++ b/vendor/github.com/prometheus/prometheus/tsdb/chunks/head_chunks_windows.go
@@ -13,8 +13,6 @@
 
 package chunks
 
-var (
-	// HeadChunkFilePreallocationSize is the size to which the m-map file should be preallocated when a new file is cut.
-	// Windows needs pre-allocation to m-map the file.
-	HeadChunkFilePreallocationSize int64 = MaxHeadChunkFileSize
-)
+// HeadChunkFilePreallocationSize is the size to which the m-map file should be preallocated when a new file is cut.
+// Windows needs pre-allocation to m-map the file.
+var HeadChunkFilePreallocationSize int64 = MaxHeadChunkFileSize
diff --git a/vendor/github.com/prometheus/prometheus/tsdb/compact.go b/vendor/github.com/prometheus/prometheus/tsdb/compact.go
index b2ae7e4ea5b..7c12d172975 100644
--- a/vendor/github.com/prometheus/prometheus/tsdb/compact.go
+++ b/vendor/github.com/prometheus/prometheus/tsdb/compact.go
@@ -564,7 +564,7 @@ func (c *LeveledCompactor) write(dest string, meta *BlockMeta, blocks ...BlockRe
 		return err
 	}
 
-	if err = os.MkdirAll(tmp, 0777); err != nil {
+	if err = os.MkdirAll(tmp, 0o777); err != nil {
 		return err
 	}
 
@@ -726,7 +726,7 @@ func (c *LeveledCompactor) populateBlock(blocks []BlockReader, meta *BlockMeta,
 		}
 		all = indexr.SortedPostings(all)
 		// Blocks meta is half open: [min, max), so subtract 1 to ensure we don't hold samples with exact meta.MaxTime timestamp.
-		sets = append(sets, newBlockChunkSeriesSet(indexr, chunkr, tombsr, all, meta.MinTime, meta.MaxTime-1))
+		sets = append(sets, newBlockChunkSeriesSet(indexr, chunkr, tombsr, all, meta.MinTime, meta.MaxTime-1, false))
 		syms := indexr.Symbols()
 		if i == 0 {
 			symbols = syms
@@ -745,7 +745,7 @@ func (c *LeveledCompactor) populateBlock(blocks []BlockReader, meta *BlockMeta,
 	}
 
 	var (
-		ref  = uint64(0)
+		ref  = storage.SeriesRef(0)
 		chks []chunks.Meta
 	)
 
diff --git a/vendor/github.com/prometheus/prometheus/tsdb/db.go b/vendor/github.com/prometheus/prometheus/tsdb/db.go
index c69f6f464f7..f00bd39f9b1 100644
--- a/vendor/github.com/prometheus/prometheus/tsdb/db.go
+++ b/vendor/github.com/prometheus/prometheus/tsdb/db.go
@@ -36,13 +36,14 @@ import (
 	"golang.org/x/sync/errgroup"
 
 	"github.com/prometheus/prometheus/config"
-	"github.com/prometheus/prometheus/pkg/labels"
+	"github.com/prometheus/prometheus/model/labels"
 	"github.com/prometheus/prometheus/storage"
 	"github.com/prometheus/prometheus/tsdb/chunkenc"
 	"github.com/prometheus/prometheus/tsdb/chunks"
 	tsdb_errors "github.com/prometheus/prometheus/tsdb/errors"
 	"github.com/prometheus/prometheus/tsdb/fileutil"
 	_ "github.com/prometheus/prometheus/tsdb/goversion" // Load the package into main to make sure minium Go version is met.
+	"github.com/prometheus/prometheus/tsdb/tsdbutil"
 	"github.com/prometheus/prometheus/tsdb/wal"
 )
 
@@ -59,16 +60,10 @@ const (
 	tmpForCreationBlockDirSuffix = ".tmp-for-creation"
 	// Pre-2.21 tmp dir suffix, used in clean-up functions.
 	tmpLegacy = ".tmp"
-
-	lockfileDisabled       = -1
-	lockfileReplaced       = 0
-	lockfileCreatedCleanly = 1
 )
 
-var (
-	// ErrNotReady is returned if the underlying storage is not ready yet.
-	ErrNotReady = errors.New("TSDB not ready")
-)
+// ErrNotReady is returned if the underlying storage is not ready yet.
+var ErrNotReady = errors.New("TSDB not ready")
 
 // DefaultOptions used for the DB. They are sane for setups using
 // millisecond precision timestamps.
@@ -84,6 +79,7 @@ func DefaultOptions() *Options {
 		WALCompression:            false,
 		StripeSize:                DefaultStripeSize,
 		HeadChunksWriteBufferSize: chunks.DefaultWriteBufferSize,
+		IsolationDisabled:         defaultIsolationDisabled,
 	}
 }
 
@@ -148,7 +144,7 @@ type Options struct {
 	// mainly meant for external users who import TSDB.
 	BlocksToDelete BlocksToDeleteFunc
 
-	// Enables the in memory exemplar storage,.
+	// Enables the in memory exemplar storage.
 	EnableExemplarStorage bool
 
 	// Enables the snapshot of in-memory chunks on shutdown. This makes restarts faster.
@@ -157,6 +153,9 @@ type Options struct {
 	// MaxExemplars sets the size, in # of exemplars stored, of the single circular buffer used to store exemplars in memory.
 	// See tsdb/exemplar.go, specifically the CircularExemplarStorage struct and it's constructor NewCircularExemplarStorage.
 	MaxExemplars int64
+
+	// Disables isolation between reads and in-flight appends.
+	IsolationDisabled bool
 }
 
 type BlocksToDeleteFunc func(blocks []*Block) map[ulid.ULID]struct{}
@@ -164,9 +163,8 @@ type BlocksToDeleteFunc func(blocks []*Block) map[ulid.ULID]struct{}
 // DB handles reads and writes of time series falling into
 // a hashed partition of a seriedb.
 type DB struct {
-	dir       string
-	lockf     fileutil.Releaser
-	lockfPath string
+	dir    string
+	locker *tsdbutil.DirLocker
 
 	logger         log.Logger
 	metrics        *dbMetrics
@@ -198,20 +196,19 @@ type DB struct {
 }
 
 type dbMetrics struct {
-	loadedBlocks           prometheus.GaugeFunc
-	symbolTableSize        prometheus.GaugeFunc
-	reloads                prometheus.Counter
-	reloadsFailed          prometheus.Counter
-	compactionsFailed      prometheus.Counter
-	compactionsTriggered   prometheus.Counter
-	compactionsSkipped     prometheus.Counter
-	sizeRetentionCount     prometheus.Counter
-	timeRetentionCount     prometheus.Counter
-	startTime              prometheus.GaugeFunc
-	tombCleanTimer         prometheus.Histogram
-	blocksBytes            prometheus.Gauge
-	maxBytes               prometheus.Gauge
-	lockfileCreatedCleanly prometheus.Gauge
+	loadedBlocks         prometheus.GaugeFunc
+	symbolTableSize      prometheus.GaugeFunc
+	reloads              prometheus.Counter
+	reloadsFailed        prometheus.Counter
+	compactionsFailed    prometheus.Counter
+	compactionsTriggered prometheus.Counter
+	compactionsSkipped   prometheus.Counter
+	sizeRetentionCount   prometheus.Counter
+	timeRetentionCount   prometheus.Counter
+	startTime            prometheus.GaugeFunc
+	tombCleanTimer       prometheus.Histogram
+	blocksBytes          prometheus.Gauge
+	maxBytes             prometheus.Gauge
 }
 
 func newDBMetrics(db *DB, r prometheus.Registerer) *dbMetrics {
@@ -289,10 +286,6 @@ func newDBMetrics(db *DB, r prometheus.Registerer) *dbMetrics {
 		Name: "prometheus_tsdb_size_retentions_total",
 		Help: "The number of times that blocks were deleted because the maximum number of bytes was exceeded.",
 	})
-	m.lockfileCreatedCleanly = prometheus.NewGauge(prometheus.GaugeOpts{
-		Name: "prometheus_tsdb_clean_start",
-		Help: "-1: lockfile is disabled. 0: a lockfile from a previous execution was replaced. 1: lockfile creation was clean",
-	})
 
 	if r != nil {
 		r.MustRegister(
@@ -309,7 +302,6 @@ func newDBMetrics(db *DB, r prometheus.Registerer) *dbMetrics {
 			m.tombCleanTimer,
 			m.blocksBytes,
 			m.maxBytes,
-			m.lockfileCreatedCleanly,
 		)
 	}
 	return m
@@ -608,8 +600,11 @@ func validateOpts(opts *Options, rngs []int64) (*Options, []int64) {
 	return opts, rngs
 }
 
+// open returns a new DB in the given directory.
+// It initializes the lockfile, WAL, compactor, and Head (by replaying the WAL), and runs the database.
+// It is not safe to open more than one DB in the same directory.
 func open(dir string, l log.Logger, r prometheus.Registerer, opts *Options, rngs []int64, stats *DBStats) (_ *DB, returnedErr error) {
-	if err := os.MkdirAll(dir, 0777); err != nil {
+	if err := os.MkdirAll(dir, 0o777); err != nil {
 		return nil, err
 	}
 	if l == nil {
@@ -671,29 +666,17 @@ func open(dir string, l log.Logger, r prometheus.Registerer, opts *Options, rngs
 		db.blocksToDelete = DefaultBlocksToDelete(db)
 	}
 
-	lockfileCreationStatus := lockfileDisabled
+	var err error
+	db.locker, err = tsdbutil.NewDirLocker(dir, "tsdb", db.logger, r)
+	if err != nil {
+		return nil, err
+	}
 	if !opts.NoLockfile {
-		absdir, err := filepath.Abs(dir)
-		if err != nil {
+		if err := db.locker.Lock(); err != nil {
 			return nil, err
 		}
-		db.lockfPath = filepath.Join(absdir, "lock")
-
-		if _, err := os.Stat(db.lockfPath); err == nil {
-			level.Warn(db.logger).Log("msg", "A TSDB lockfile from a previous execution already existed. It was replaced", "file", db.lockfPath)
-			lockfileCreationStatus = lockfileReplaced
-		} else {
-			lockfileCreationStatus = lockfileCreatedCleanly
-		}
-
-		lockf, _, err := fileutil.Flock(db.lockfPath)
-		if err != nil {
-			return nil, errors.Wrap(err, "lock DB directory")
-		}
-		db.lockf = lockf
 	}
 
-	var err error
 	ctx, cancel := context.WithCancel(context.Background())
 	db.compactor, err = NewLeveledCompactorWithChunkSize(ctx, r, l, rngs, db.chunkPool, opts.MaxBlockChunkSegmentSize, nil)
 	if err != nil {
@@ -726,6 +709,10 @@ func open(dir string, l log.Logger, r prometheus.Registerer, opts *Options, rngs
 	headOpts.EnableExemplarStorage = opts.EnableExemplarStorage
 	headOpts.MaxExemplars.Store(opts.MaxExemplars)
 	headOpts.EnableMemorySnapshotOnShutdown = opts.EnableMemorySnapshotOnShutdown
+	if opts.IsolationDisabled {
+		// We only override this flag if isolation is disabled at DB level. We use the default otherwise.
+		headOpts.IsolationDisabled = opts.IsolationDisabled
+	}
 	db.head, err = NewHead(r, l, wlog, headOpts, stats.Head)
 	if err != nil {
 		return nil, err
@@ -737,7 +724,6 @@ func open(dir string, l log.Logger, r prometheus.Registerer, opts *Options, rngs
 	if maxBytes < 0 {
 		maxBytes = 0
 	}
-	db.metrics.lockfileCreatedCleanly.Set(float64(lockfileCreationStatus))
 	db.metrics.maxBytes.Set(float64(maxBytes))
 
 	if err := db.reload(); err != nil {
@@ -860,7 +846,7 @@ type dbAppender struct {
 
 var _ storage.GetRef = dbAppender{}
 
-func (a dbAppender) GetRef(lset labels.Labels) (uint64, labels.Labels) {
+func (a dbAppender) GetRef(lset labels.Labels) (storage.SeriesRef, labels.Labels) {
 	if g, ok := a.Appender.(storage.GetRef); ok {
 		return g.GetRef(lset)
 	}
@@ -1450,11 +1436,7 @@ func (db *DB) Close() error {
 		g.Go(pb.Close)
 	}
 
-	errs := tsdb_errors.NewMulti(g.Wait())
-	if db.lockf != nil {
-		errs.Add(db.lockf.Release())
-		errs.Add(os.Remove(db.lockfPath))
-	}
+	errs := tsdb_errors.NewMulti(g.Wait(), db.locker.Release())
 	if db.head != nil {
 		errs.Add(db.head.Close())
 	}
@@ -1642,7 +1624,7 @@ func (db *DB) ExemplarQuerier(ctx context.Context) (storage.ExemplarQuerier, err
 	return db.head.exemplars.ExemplarQuerier(ctx)
 }
 
-func rangeForTimestamp(t int64, width int64) (maxt int64) {
+func rangeForTimestamp(t, width int64) (maxt int64) {
 	return (t/width)*width + width
 }
 
diff --git a/vendor/github.com/prometheus/prometheus/tsdb/encoding/encoding.go b/vendor/github.com/prometheus/prometheus/tsdb/encoding/encoding.go
index 8a94ff7bac3..c2da86afa17 100644
--- a/vendor/github.com/prometheus/prometheus/tsdb/encoding/encoding.go
+++ b/vendor/github.com/prometheus/prometheus/tsdb/encoding/encoding.go
@@ -133,7 +133,6 @@ func NewDecbufAt(bs ByteSlice, off int, castagnoliTable *crc32.Table) Decbuf {
 	dec := Decbuf{B: b[:len(b)-4]}
 
 	if castagnoliTable != nil {
-
 		if exp := binary.BigEndian.Uint32(b[len(b)-4:]); dec.Crc32(castagnoliTable) != exp {
 			return Decbuf{E: ErrInvalidChecksum}
 		}
diff --git a/vendor/github.com/prometheus/prometheus/tsdb/errors/errors.go b/vendor/github.com/prometheus/prometheus/tsdb/errors/errors.go
index aeac4d27716..607a7782a21 100644
--- a/vendor/github.com/prometheus/prometheus/tsdb/errors/errors.go
+++ b/vendor/github.com/prometheus/prometheus/tsdb/errors/errors.go
@@ -24,7 +24,7 @@ import (
 type multiError []error
 
 // NewMulti returns multiError with provided errors added if not nil.
-func NewMulti(errs ...error) multiError { // nolint:golint
+func NewMulti(errs ...error) multiError { // nolint:revive
 	m := multiError{}
 	m.Add(errs...)
 	return m
diff --git a/vendor/github.com/prometheus/prometheus/tsdb/exemplar.go b/vendor/github.com/prometheus/prometheus/tsdb/exemplar.go
index 1e09da21e1f..516b538e18a 100644
--- a/vendor/github.com/prometheus/prometheus/tsdb/exemplar.go
+++ b/vendor/github.com/prometheus/prometheus/tsdb/exemplar.go
@@ -20,9 +20,10 @@ import (
 	"unicode/utf8"
 
 	"github.com/prometheus/client_golang/prometheus"
+
 	"github.com/prometheus/prometheus/config"
-	"github.com/prometheus/prometheus/pkg/exemplar"
-	"github.com/prometheus/prometheus/pkg/labels"
+	"github.com/prometheus/prometheus/model/exemplar"
+	"github.com/prometheus/prometheus/model/labels"
 	"github.com/prometheus/prometheus/storage"
 )
 
@@ -284,7 +285,7 @@ func (ce *CircularExemplarStorage) Resize(l int64) int {
 		// This math is essentially looking at nextIndex, where we would write the next exemplar to,
 		// and find the index in the old exemplar buffer that we should start migrating exemplars from.
 		// This way we don't migrate exemplars that would just be overwritten when migrating later exemplars.
-		var startIndex int64 = (oldNextIndex - count + int64(len(oldBuffer))) % int64(len(oldBuffer))
+		startIndex := (oldNextIndex - count + int64(len(oldBuffer))) % int64(len(oldBuffer))
 
 		for i := int64(0); i < count; i++ {
 			idx := (startIndex + i) % int64(len(oldBuffer))
diff --git a/vendor/github.com/prometheus/prometheus/tsdb/fileutil/fileutil.go b/vendor/github.com/prometheus/prometheus/tsdb/fileutil/fileutil.go
index 927ebe004da..8ab8ce3dd1c 100644
--- a/vendor/github.com/prometheus/prometheus/tsdb/fileutil/fileutil.go
+++ b/vendor/github.com/prometheus/prometheus/tsdb/fileutil/fileutil.go
@@ -27,7 +27,7 @@ import (
 // CopyDirs copies all directories, subdirectories and files recursively including the empty folders.
 // Source and destination must be full paths.
 func CopyDirs(src, dest string) error {
-	if err := os.MkdirAll(dest, 0777); err != nil {
+	if err := os.MkdirAll(dest, 0o777); err != nil {
 		return err
 	}
 	files, err := readDirs(src)
@@ -46,7 +46,7 @@ func CopyDirs(src, dest string) error {
 
 		// Empty directories are also created.
 		if stat.IsDir() {
-			if err := os.MkdirAll(dp, 0777); err != nil {
+			if err := os.MkdirAll(dp, 0o777); err != nil {
 				return err
 			}
 			continue
@@ -65,7 +65,7 @@ func copyFile(src, dest string) error {
 		return err
 	}
 
-	err = ioutil.WriteFile(dest, data, 0666)
+	err = ioutil.WriteFile(dest, data, 0o666)
 	if err != nil {
 		return err
 	}
diff --git a/vendor/github.com/prometheus/prometheus/tsdb/fileutil/flock.go b/vendor/github.com/prometheus/prometheus/tsdb/fileutil/flock.go
index d5eaa7ca2ad..e0082e2f2cf 100644
--- a/vendor/github.com/prometheus/prometheus/tsdb/fileutil/flock.go
+++ b/vendor/github.com/prometheus/prometheus/tsdb/fileutil/flock.go
@@ -29,7 +29,7 @@ type Releaser interface {
 // locking has failed. Neither this function nor the returned Releaser is
 // goroutine-safe.
 func Flock(fileName string) (r Releaser, existed bool, err error) {
-	if err = os.MkdirAll(filepath.Dir(fileName), 0755); err != nil {
+	if err = os.MkdirAll(filepath.Dir(fileName), 0o755); err != nil {
 		return nil, false, err
 	}
 
diff --git a/vendor/github.com/prometheus/prometheus/tsdb/fileutil/flock_plan9.go b/vendor/github.com/prometheus/prometheus/tsdb/fileutil/flock_plan9.go
index 71ed67e8c3e..3b9550e7f23 100644
--- a/vendor/github.com/prometheus/prometheus/tsdb/fileutil/flock_plan9.go
+++ b/vendor/github.com/prometheus/prometheus/tsdb/fileutil/flock_plan9.go
@@ -24,7 +24,7 @@ func (l *plan9Lock) Release() error {
 }
 
 func newLock(fileName string) (Releaser, error) {
-	f, err := os.OpenFile(path, os.O_RDWR|os.O_CREATE, os.ModeExclusive|0666)
+	f, err := os.OpenFile(path, os.O_RDWR|os.O_CREATE, os.ModeExclusive|0o666)
 	if err != nil {
 		return nil, err
 	}
diff --git a/vendor/github.com/prometheus/prometheus/tsdb/fileutil/flock_solaris.go b/vendor/github.com/prometheus/prometheus/tsdb/fileutil/flock_solaris.go
index f19c184a448..21be384d331 100644
--- a/vendor/github.com/prometheus/prometheus/tsdb/fileutil/flock_solaris.go
+++ b/vendor/github.com/prometheus/prometheus/tsdb/fileutil/flock_solaris.go
@@ -46,7 +46,7 @@ func (l *unixLock) set(lock bool) error {
 }
 
 func newLock(fileName string) (Releaser, error) {
-	f, err := os.OpenFile(fileName, os.O_RDWR|os.O_CREATE, 0666)
+	f, err := os.OpenFile(fileName, os.O_RDWR|os.O_CREATE, 0o666)
 	if err != nil {
 		return nil, err
 	}
diff --git a/vendor/github.com/prometheus/prometheus/tsdb/fileutil/flock_unix.go b/vendor/github.com/prometheus/prometheus/tsdb/fileutil/flock_unix.go
index c0aeb694868..9637f073bff 100644
--- a/vendor/github.com/prometheus/prometheus/tsdb/fileutil/flock_unix.go
+++ b/vendor/github.com/prometheus/prometheus/tsdb/fileutil/flock_unix.go
@@ -41,7 +41,7 @@ func (l *unixLock) set(lock bool) error {
 }
 
 func newLock(fileName string) (Releaser, error) {
-	f, err := os.OpenFile(fileName, os.O_RDWR|os.O_CREATE, 0666)
+	f, err := os.OpenFile(fileName, os.O_RDWR|os.O_CREATE, 0o666)
 	if err != nil {
 		return nil, err
 	}
diff --git a/vendor/github.com/prometheus/prometheus/tsdb/fileutil/mmap_arm64.go b/vendor/github.com/prometheus/prometheus/tsdb/fileutil/mmap_arm64.go
new file mode 100644
index 00000000000..4c9534e93fd
--- /dev/null
+++ b/vendor/github.com/prometheus/prometheus/tsdb/fileutil/mmap_arm64.go
@@ -0,0 +1,19 @@
+// Copyright 2018 The Prometheus Authors
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+// http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+//go:build windows
+// +build windows
+
+package fileutil
+
+const maxMapSize = 0xFFFFFFFFFFFF // 256TB
diff --git a/vendor/github.com/prometheus/prometheus/tsdb/head.go b/vendor/github.com/prometheus/prometheus/tsdb/head.go
index cd0f9bd1660..dff2b0c6757 100644
--- a/vendor/github.com/prometheus/prometheus/tsdb/head.go
+++ b/vendor/github.com/prometheus/prometheus/tsdb/head.go
@@ -29,8 +29,8 @@ import (
 	"go.uber.org/atomic"
 
 	"github.com/prometheus/prometheus/config"
-	"github.com/prometheus/prometheus/pkg/exemplar"
-	"github.com/prometheus/prometheus/pkg/labels"
+	"github.com/prometheus/prometheus/model/exemplar"
+	"github.com/prometheus/prometheus/model/labels"
 	"github.com/prometheus/prometheus/storage"
 	"github.com/prometheus/prometheus/tsdb/chunkenc"
 	"github.com/prometheus/prometheus/tsdb/chunks"
@@ -52,6 +52,9 @@ var (
 	// ErrAppenderClosed is returned if an appender has already be successfully
 	// rolled back or committed.
 	ErrAppenderClosed = errors.New("appender closed")
+
+	// defaultIsolationDisabled is true if isolation is disabled by default.
+	defaultIsolationDisabled = false
 )
 
 // Head handles reads and writes of time series data within a time window.
@@ -80,7 +83,7 @@ type Head struct {
 	series *stripeSeries
 
 	deletedMtx sync.Mutex
-	deleted    map[uint64]int // Deleted series, and what WAL segment they must be kept until.
+	deleted    map[chunks.HeadSeriesRef]int // Deleted series, and what WAL segment they must be kept until.
 
 	postings *index.MemPostings // Postings lists for terms.
 
@@ -131,6 +134,8 @@ type HeadOptions struct {
 	SeriesCallback                 SeriesLifecycleCallback
 	EnableExemplarStorage          bool
 	EnableMemorySnapshotOnShutdown bool
+
+	IsolationDisabled bool
 }
 
 func DefaultHeadOptions() *HeadOptions {
@@ -141,6 +146,7 @@ func DefaultHeadOptions() *HeadOptions {
 		ChunkWriteBufferSize: chunks.DefaultWriteBufferSize,
 		StripeSize:           DefaultStripeSize,
 		SeriesCallback:       &noopSeriesLifecycleCallback{},
+		IsolationDisabled:    defaultIsolationDisabled,
 	}
 }
 
@@ -230,13 +236,14 @@ func (h *Head) resetInMemoryState() error {
 		return err
 	}
 
+	h.iso = newIsolation(h.opts.IsolationDisabled)
+
 	h.exemplarMetrics = em
 	h.exemplars = es
 	h.series = newStripeSeries(h.opts.StripeSize, h.opts.SeriesCallback)
 	h.postings = index.NewUnorderedMemPostings()
 	h.tombstones = tombstones.NewMemTombstones()
-	h.iso = newIsolation()
-	h.deleted = map[uint64]int{}
+	h.deleted = map[chunks.HeadSeriesRef]int{}
 	h.chunkRange.Store(h.opts.ChunkRange)
 	h.minTime.Store(math.MaxInt64)
 	h.maxTime.Store(math.MinInt64)
@@ -480,7 +487,7 @@ func (h *Head) Init(minValidTime int64) error {
 	start := time.Now()
 
 	snapIdx, snapOffset := -1, 0
-	refSeries := make(map[uint64]*memSeries)
+	refSeries := make(map[chunks.HeadSeriesRef]*memSeries)
 
 	if h.opts.EnableMemorySnapshotOnShutdown {
 		level.Info(h.logger).Log("msg", "Chunk snapshot is enabled, replaying from the snapshot")
@@ -533,7 +540,7 @@ func (h *Head) Init(minValidTime int64) error {
 
 	h.startWALReplayStatus(startFrom, endAt)
 
-	multiRef := map[uint64]uint64{}
+	multiRef := map[chunks.HeadSeriesRef]chunks.HeadSeriesRef{}
 	if err == nil && startFrom >= snapIdx {
 		sr, err := wal.NewSegmentsReader(dir)
 		if err != nil {
@@ -603,9 +610,9 @@ func (h *Head) Init(minValidTime int64) error {
 	return nil
 }
 
-func (h *Head) loadMmappedChunks(refSeries map[uint64]*memSeries) (map[uint64][]*mmappedChunk, error) {
-	mmappedChunks := map[uint64][]*mmappedChunk{}
-	if err := h.chunkDiskMapper.IterateAllChunks(func(seriesRef, chunkRef uint64, mint, maxt int64, numSamples uint16) error {
+func (h *Head) loadMmappedChunks(refSeries map[chunks.HeadSeriesRef]*memSeries) (map[chunks.HeadSeriesRef][]*mmappedChunk, error) {
+	mmappedChunks := map[chunks.HeadSeriesRef][]*mmappedChunk{}
+	if err := h.chunkDiskMapper.IterateAllChunks(func(seriesRef chunks.HeadSeriesRef, chunkRef chunks.ChunkDiskMapperRef, mint, maxt int64, numSamples uint16) error {
 		if maxt < h.minValidTime.Load() {
 			return nil
 		}
@@ -655,19 +662,19 @@ func (h *Head) loadMmappedChunks(refSeries map[uint64]*memSeries) (map[uint64][]
 
 // removeCorruptedMmappedChunks attempts to delete the corrupted mmapped chunks and if it fails, it clears all the previously
 // loaded mmapped chunks.
-func (h *Head) removeCorruptedMmappedChunks(err error, refSeries map[uint64]*memSeries) map[uint64][]*mmappedChunk {
+func (h *Head) removeCorruptedMmappedChunks(err error, refSeries map[chunks.HeadSeriesRef]*memSeries) map[chunks.HeadSeriesRef][]*mmappedChunk {
 	level.Info(h.logger).Log("msg", "Deleting mmapped chunk files")
 
 	if err := h.chunkDiskMapper.DeleteCorrupted(err); err != nil {
 		level.Info(h.logger).Log("msg", "Deletion of mmap chunk files failed, discarding chunk files completely", "err", err)
-		return map[uint64][]*mmappedChunk{}
+		return map[chunks.HeadSeriesRef][]*mmappedChunk{}
 	}
 
 	level.Info(h.logger).Log("msg", "Deletion of mmap chunk files successful, reattempting m-mapping the on-disk chunks")
 	mmappedChunks, err := h.loadMmappedChunks(refSeries)
 	if err != nil {
 		level.Error(h.logger).Log("msg", "Loading on-disk chunks failed, discarding chunk files completely", "err", err)
-		mmappedChunks = map[uint64][]*mmappedChunk{}
+		mmappedChunks = map[chunks.HeadSeriesRef][]*mmappedChunk{}
 	}
 
 	return mmappedChunks
@@ -850,7 +857,7 @@ func (h *Head) WaitForPendingReadersInTimeRange(mint, maxt int64) {
 // new range head and the new querier. This methods helps preventing races with the truncation of in-memory data.
 //
 // NOTE: The querier should already be taken before calling this.
-func (h *Head) IsQuerierCollidingWithTruncation(querierMint, querierMaxt int64) (shouldClose bool, getNew bool, newMint int64) {
+func (h *Head) IsQuerierCollidingWithTruncation(querierMint, querierMaxt int64) (shouldClose, getNew bool, newMint int64) {
 	if !h.memTruncationInProcess.Load() {
 		return false, false, 0
 	}
@@ -925,7 +932,7 @@ func (h *Head) truncateWAL(mint int64) error {
 		return nil
 	}
 
-	keep := func(id uint64) bool {
+	keep := func(id chunks.HeadSeriesRef) bool {
 		if h.series.getByID(id) != nil {
 			return true
 		}
@@ -992,12 +999,15 @@ func (h *Head) Stats(statsByLabelName string) *Stats {
 	}
 }
 
+// RangeHead allows querying Head via an IndexReader, ChunkReader and tombstones.Reader
+// but only within a restricted range.  Used for queries and compactions.
 type RangeHead struct {
 	head       *Head
 	mint, maxt int64
 }
 
 // NewRangeHead returns a *RangeHead.
+// There are no restrictions on mint/maxt.
 func NewRangeHead(head *Head, mint, maxt int64) *RangeHead {
 	return &RangeHead{
 		head: head,
@@ -1072,7 +1082,7 @@ func (h *Head) Delete(mint, maxt int64, ms ...*labels.Matcher) error {
 
 	var stones []tombstones.Stone
 	for p.Next() {
-		series := h.series.getByID(p.At())
+		series := h.series.getByID(chunks.HeadSeriesRef(p.At()))
 
 		series.RLock()
 		t0, t1 := series.minTime(), series.maxTime()
@@ -1094,7 +1104,7 @@ func (h *Head) Delete(mint, maxt int64, ms ...*labels.Matcher) error {
 		}
 	}
 	for _, s := range stones {
-		h.tombstones.AddInterval(s.Ref, s.Intervals[0])
+		h.tombstones.AddInterval(storage.SeriesRef(s.Ref), s.Intervals[0])
 	}
 
 	return nil
@@ -1133,7 +1143,7 @@ func (h *Head) gc() int64 {
 		// that reads the WAL, wouldn't be able to use those
 		// samples since we would have no labels for that ref ID.
 		for ref := range deleted {
-			h.deleted[ref] = last
+			h.deleted[chunks.HeadSeriesRef(ref)] = last
 		}
 		h.deletedMtx.Unlock()
 	}
@@ -1197,7 +1207,6 @@ func (h *Head) Close() error {
 		errs.Add(h.performChunkSnapshot())
 	}
 	return errs.Err()
-
 }
 
 // String returns an human readable representation of the TSDB head. It's important to
@@ -1217,14 +1226,14 @@ func (h *Head) getOrCreate(hash uint64, lset labels.Labels) (*memSeries, bool, e
 	}
 
 	// Optimistically assume that we are the first one to create the series.
-	id := h.lastSeriesID.Inc()
+	id := chunks.HeadSeriesRef(h.lastSeriesID.Inc())
 
 	return h.getOrCreateWithID(id, hash, lset)
 }
 
-func (h *Head) getOrCreateWithID(id, hash uint64, lset labels.Labels) (*memSeries, bool, error) {
+func (h *Head) getOrCreateWithID(id chunks.HeadSeriesRef, hash uint64, lset labels.Labels) (*memSeries, bool, error) {
 	s, created, err := h.series.getOrSet(hash, lset, func() *memSeries {
-		return newMemSeries(lset, id, h.chunkRange.Load(), &h.memChunkPool)
+		return newMemSeries(lset, id, h.chunkRange.Load(), &h.memChunkPool, h.opts.IsolationDisabled)
 	})
 	if err != nil {
 		return nil, false, err
@@ -1236,7 +1245,7 @@ func (h *Head) getOrCreateWithID(id, hash uint64, lset labels.Labels) (*memSerie
 	h.metrics.seriesCreated.Inc()
 	h.numSeries.Inc()
 
-	h.postings.Add(id, lset)
+	h.postings.Add(storage.SeriesRef(id), lset)
 	return s, true, nil
 }
 
@@ -1285,15 +1294,17 @@ const (
 	DefaultStripeSize = 1 << 14
 )
 
-// stripeSeries locks modulo ranges of IDs and hashes to reduce lock contention.
+// stripeSeries holds series by HeadSeriesRef ("ID") and also by hash of their labels.
+// ID-based lookups via (getByID()) are preferred over getByHash() for performance reasons.
+// It locks modulo ranges of IDs and hashes to reduce lock contention.
 // The locks are padded to not be on the same cache line. Filling the padded space
 // with the maps was profiled to be slower – likely due to the additional pointer
 // dereferences.
 type stripeSeries struct {
 	size                    int
-	series                  []map[uint64]*memSeries
-	hashes                  []seriesHashmap
-	locks                   []stripeLock
+	series                  []map[chunks.HeadSeriesRef]*memSeries // Sharded by ref. A series ref is the value of `size` when the series was being newly added.
+	hashes                  []seriesHashmap                       // Sharded by label hash.
+	locks                   []stripeLock                          // Sharded by ref for series access, by label hash for hashes access.
 	seriesLifecycleCallback SeriesLifecycleCallback
 }
 
@@ -1306,14 +1317,14 @@ type stripeLock struct {
 func newStripeSeries(stripeSize int, seriesCallback SeriesLifecycleCallback) *stripeSeries {
 	s := &stripeSeries{
 		size:                    stripeSize,
-		series:                  make([]map[uint64]*memSeries, stripeSize),
+		series:                  make([]map[chunks.HeadSeriesRef]*memSeries, stripeSize),
 		hashes:                  make([]seriesHashmap, stripeSize),
 		locks:                   make([]stripeLock, stripeSize),
 		seriesLifecycleCallback: seriesCallback,
 	}
 
 	for i := range s.series {
-		s.series[i] = map[uint64]*memSeries{}
+		s.series[i] = map[chunks.HeadSeriesRef]*memSeries{}
 	}
 	for i := range s.hashes {
 		s.hashes[i] = seriesHashmap{}
@@ -1323,9 +1334,12 @@ func newStripeSeries(stripeSize int, seriesCallback SeriesLifecycleCallback) *st
 
 // gc garbage collects old chunks that are strictly before mint and removes
 // series entirely that have no chunks left.
-func (s *stripeSeries) gc(mint int64) (map[uint64]struct{}, int, int64) {
+// note: returning map[chunks.HeadSeriesRef]struct{} would be more accurate,
+// but the returned map goes into postings.Delete() which expects a map[storage.SeriesRef]struct
+// and there's no easy way to cast maps.
+func (s *stripeSeries) gc(mint int64) (map[storage.SeriesRef]struct{}, int, int64) {
 	var (
-		deleted                  = map[uint64]struct{}{}
+		deleted                  = map[storage.SeriesRef]struct{}{}
 		deletedForCallback       = []labels.Labels{}
 		rmChunks                 = 0
 		actualMint         int64 = math.MaxInt64
@@ -1360,7 +1374,7 @@ func (s *stripeSeries) gc(mint int64) (map[uint64]struct{}, int, int64) {
 					s.locks[j].Lock()
 				}
 
-				deleted[series.ref] = struct{}{}
+				deleted[storage.SeriesRef(series.ref)] = struct{}{}
 				s.hashes[i].del(hash, series.lset)
 				delete(s.series[j], series.ref)
 				deletedForCallback = append(deletedForCallback, series.lset)
@@ -1386,8 +1400,8 @@ func (s *stripeSeries) gc(mint int64) (map[uint64]struct{}, int, int64) {
 	return deleted, rmChunks, actualMint
 }
 
-func (s *stripeSeries) getByID(id uint64) *memSeries {
-	i := id & uint64(s.size-1)
+func (s *stripeSeries) getByID(id chunks.HeadSeriesRef) *memSeries {
+	i := uint64(id) & uint64(s.size-1)
 
 	s.locks[i].RLock()
 	series := s.series[i][id]
@@ -1439,7 +1453,7 @@ func (s *stripeSeries) getOrSet(hash uint64, lset labels.Labels, createSeries fu
 	// as any further calls to this methods would return that series.
 	s.seriesLifecycleCallback.PostCreation(series.lset)
 
-	i = series.ref & uint64(s.size-1)
+	i = uint64(series.ref) & uint64(s.size-1)
 
 	s.locks[i].Lock()
 	s.series[i][series.ref] = series
@@ -1462,34 +1476,55 @@ func (s sample) V() float64                        { return s.v }
 type memSeries struct {
 	sync.RWMutex
 
-	ref           uint64
-	lset          labels.Labels
+	ref  chunks.HeadSeriesRef
+	lset labels.Labels
+
+	// Immutable chunks on disk that have not yet gone into a block, in order of ascending time stamps.
+	// When compaction runs, chunks get moved into a block and all pointers are shifted like so:
+	//
+	//                                    /------- let's say these 2 chunks get stored into a block
+	//                                    |  |
+	// before compaction: mmappedChunks=[p5,p6,p7,p8,p9] firstChunkID=5
+	//  after compaction: mmappedChunks=[p7,p8,p9]       firstChunkID=7
+	//
+	// pN is the pointer to the mmappedChunk referered to by HeadChunkID=N
 	mmappedChunks []*mmappedChunk
-	mmMaxTime     int64 // Max time of any mmapped chunk, only used during WAL replay.
-	headChunk     *memChunk
-	chunkRange    int64
-	firstChunkID  int
 
-	nextAt        int64 // Timestamp at which to cut the next chunk.
-	sampleBuf     [4]sample
+	mmMaxTime    int64     // Max time of any mmapped chunk, only used during WAL replay.
+	headChunk    *memChunk // Most recent chunk in memory that's still being built.
+	chunkRange   int64
+	firstChunkID chunks.HeadChunkID // HeadChunkID for mmappedChunks[0]
+
+	nextAt int64 // Timestamp at which to cut the next chunk.
+
+	// We keep the last 4 samples here (in addition to appending them to the chunk) so we don't need coordination between appender and querier.
+	// Even the most compact encoding of a sample takes 2 bits, so the last byte is not contended.
+	sampleBuf [4]sample
+
 	pendingCommit bool // Whether there are samples waiting to be committed to this series.
 
-	app chunkenc.Appender // Current appender for the chunk.
+	// Current appender for the head chunk. Set when a new head chunk is cut.
+	// It is nil only if headChunk is nil. E.g. if there was an appender that created a new series, but rolled back the commit
+	// (the first sample would create a headChunk, hence appender, but rollback skipped it while the Append() call would create a series).
+	app chunkenc.Appender
 
 	memChunkPool *sync.Pool
 
+	// txs is nil if isolation is disabled.
 	txs *txRing
 }
 
-func newMemSeries(lset labels.Labels, id uint64, chunkRange int64, memChunkPool *sync.Pool) *memSeries {
+func newMemSeries(lset labels.Labels, id chunks.HeadSeriesRef, chunkRange int64, memChunkPool *sync.Pool, isolationDisabled bool) *memSeries {
 	s := &memSeries{
 		lset:         lset,
 		ref:          id,
 		chunkRange:   chunkRange,
 		nextAt:       math.MinInt64,
-		txs:          newTxRing(4),
 		memChunkPool: memChunkPool,
 	}
+	if !isolationDisabled {
+		s.txs = newTxRing(4)
+	}
 	return s
 }
 
@@ -1521,7 +1556,7 @@ func (s *memSeries) truncateChunksBefore(mint int64) (removed int) {
 	if s.headChunk != nil && s.headChunk.maxTime < mint {
 		// If head chunk is truncated, we can truncate all mmapped chunks.
 		removed = 1 + len(s.mmappedChunks)
-		s.firstChunkID += removed
+		s.firstChunkID += chunks.HeadChunkID(removed)
 		s.headChunk = nil
 		s.mmappedChunks = nil
 		return removed
@@ -1534,7 +1569,7 @@ func (s *memSeries) truncateChunksBefore(mint int64) (removed int) {
 			removed = i + 1
 		}
 		s.mmappedChunks = append(s.mmappedChunks[:0], s.mmappedChunks[removed:]...)
-		s.firstChunkID += removed
+		s.firstChunkID += chunks.HeadChunkID(removed)
 	}
 	return removed
 }
@@ -1542,7 +1577,9 @@ func (s *memSeries) truncateChunksBefore(mint int64) (removed int) {
 // cleanupAppendIDsBelow cleans up older appendIDs. Has to be called after
 // acquiring lock.
 func (s *memSeries) cleanupAppendIDsBelow(bound uint64) {
-	s.txs.cleanupAppendIDsBelow(bound)
+	if s.txs != nil {
+		s.txs.cleanupAppendIDsBelow(bound)
+	}
 }
 
 func (s *memSeries) head() *memChunk {
@@ -1563,8 +1600,9 @@ func overlapsClosedInterval(mint1, maxt1, mint2, maxt2 int64) bool {
 	return mint1 <= maxt2 && mint2 <= maxt1
 }
 
+// mappedChunks describes a head chunk on disk that has been mmapped
 type mmappedChunk struct {
-	ref              uint64
+	ref              chunks.ChunkDiskMapperRef
 	numSamples       uint16
 	minTime, maxTime int64
 }
diff --git a/vendor/github.com/prometheus/prometheus/tsdb/head_append.go b/vendor/github.com/prometheus/prometheus/tsdb/head_append.go
index 10c7d0795a0..4a14785d467 100644
--- a/vendor/github.com/prometheus/prometheus/tsdb/head_append.go
+++ b/vendor/github.com/prometheus/prometheus/tsdb/head_append.go
@@ -21,8 +21,8 @@ import (
 	"github.com/go-kit/log/level"
 	"github.com/pkg/errors"
 
-	"github.com/prometheus/prometheus/pkg/exemplar"
-	"github.com/prometheus/prometheus/pkg/labels"
+	"github.com/prometheus/prometheus/model/exemplar"
+	"github.com/prometheus/prometheus/model/labels"
 	"github.com/prometheus/prometheus/storage"
 	"github.com/prometheus/prometheus/tsdb/chunkenc"
 	"github.com/prometheus/prometheus/tsdb/chunks"
@@ -38,7 +38,7 @@ type initAppender struct {
 
 var _ storage.GetRef = &initAppender{}
 
-func (a *initAppender) Append(ref uint64, lset labels.Labels, t int64, v float64) (uint64, error) {
+func (a *initAppender) Append(ref storage.SeriesRef, lset labels.Labels, t int64, v float64) (storage.SeriesRef, error) {
 	if a.app != nil {
 		return a.app.Append(ref, lset, t, v)
 	}
@@ -48,7 +48,7 @@ func (a *initAppender) Append(ref uint64, lset labels.Labels, t int64, v float64
 	return a.app.Append(ref, lset, t, v)
 }
 
-func (a *initAppender) AppendExemplar(ref uint64, l labels.Labels, e exemplar.Exemplar) (uint64, error) {
+func (a *initAppender) AppendExemplar(ref storage.SeriesRef, l labels.Labels, e exemplar.Exemplar) (storage.SeriesRef, error) {
 	// Check if exemplar storage is enabled.
 	if !a.head.opts.EnableExemplarStorage || a.head.opts.MaxExemplars.Load() <= 0 {
 		return 0, nil
@@ -76,7 +76,7 @@ func (h *Head) initTime(t int64) {
 	h.maxTime.CAS(math.MinInt64, t)
 }
 
-func (a *initAppender) GetRef(lset labels.Labels) (uint64, labels.Labels) {
+func (a *initAppender) GetRef(lset labels.Labels) (storage.SeriesRef, labels.Labels) {
 	if g, ok := a.app.(storage.GetRef); ok {
 		return g.GetRef(lset)
 	}
@@ -114,7 +114,7 @@ func (h *Head) Appender(_ context.Context) storage.Appender {
 }
 
 func (h *Head) appender() *headAppender {
-	appendID, cleanupAppendIDsBelow := h.iso.newAppendID()
+	appendID, cleanupAppendIDsBelow := h.iso.newAppendID() // Every appender gets an ID that is cleared upon commit/rollback.
 
 	// Allocate the exemplars buffer only if exemplars are enabled.
 	var exemplarsBuf []exemplarWithSeriesRef
@@ -141,6 +141,16 @@ func (h *Head) appendableMinValidTime() int64 {
 	return max(h.minValidTime.Load(), h.MaxTime()-h.chunkRange.Load()/2)
 }
 
+// AppendableMinValidTime returns the minimum valid time for samples to be appended to the Head.
+// Returns false if Head hasn't been initialized yet and the minimum time isn't known yet.
+func (h *Head) AppendableMinValidTime() (int64, bool) {
+	if h.MinTime() == math.MaxInt64 {
+		return 0, false
+	}
+
+	return h.appendableMinValidTime(), true
+}
+
 func max(a, b int64) int64 {
 	if a > b {
 		return a
@@ -205,7 +215,7 @@ func (h *Head) putBytesBuffer(b []byte) {
 }
 
 type exemplarWithSeriesRef struct {
-	ref      uint64
+	ref      storage.SeriesRef
 	exemplar exemplar.Exemplar
 }
 
@@ -214,22 +224,22 @@ type headAppender struct {
 	minValidTime int64 // No samples below this timestamp are allowed.
 	mint, maxt   int64
 
-	series       []record.RefSeries
-	samples      []record.RefSample
-	exemplars    []exemplarWithSeriesRef
-	sampleSeries []*memSeries
+	series       []record.RefSeries      // New series held by this appender.
+	samples      []record.RefSample      // New samples held by this appender.
+	exemplars    []exemplarWithSeriesRef // New exemplars held by this appender.
+	sampleSeries []*memSeries            // Series corresponding to the samples held by this appender (using corresponding slice indices - same series may appear more than once).
 
 	appendID, cleanupAppendIDsBelow uint64
 	closed                          bool
 }
 
-func (a *headAppender) Append(ref uint64, lset labels.Labels, t int64, v float64) (uint64, error) {
+func (a *headAppender) Append(ref storage.SeriesRef, lset labels.Labels, t int64, v float64) (storage.SeriesRef, error) {
 	if t < a.minValidTime {
 		a.head.metrics.outOfBoundSamples.Inc()
 		return 0, storage.ErrOutOfBounds
 	}
 
-	s := a.head.series.getByID(ref)
+	s := a.head.series.getByID(chunks.HeadSeriesRef(ref))
 	if s == nil {
 		// Ensure no empty labels have gotten through.
 		lset = lset.WithoutEmpty()
@@ -279,7 +289,7 @@ func (a *headAppender) Append(ref uint64, lset labels.Labels, t int64, v float64
 		V:   v,
 	})
 	a.sampleSeries = append(a.sampleSeries, s)
-	return s.ref, nil
+	return storage.SeriesRef(s.ref), nil
 }
 
 // appendable checks whether the given sample is valid for appending to the series.
@@ -305,14 +315,22 @@ func (s *memSeries) appendable(t int64, v float64) error {
 
 // AppendExemplar for headAppender assumes the series ref already exists, and so it doesn't
 // use getOrCreate or make any of the lset sanity checks that Append does.
-func (a *headAppender) AppendExemplar(ref uint64, _ labels.Labels, e exemplar.Exemplar) (uint64, error) {
+func (a *headAppender) AppendExemplar(ref storage.SeriesRef, lset labels.Labels, e exemplar.Exemplar) (storage.SeriesRef, error) {
 	// Check if exemplar storage is enabled.
 	if !a.head.opts.EnableExemplarStorage || a.head.opts.MaxExemplars.Load() <= 0 {
 		return 0, nil
 	}
-	s := a.head.series.getByID(ref)
+
+	// Get Series
+	s := a.head.series.getByID(chunks.HeadSeriesRef(ref))
+	if s == nil {
+		s = a.head.series.getByHash(lset.Hash(), lset)
+		if s != nil {
+			ref = storage.SeriesRef(s.ref)
+		}
+	}
 	if s == nil {
-		return 0, fmt.Errorf("unknown series ref. when trying to add exemplar: %d", ref)
+		return 0, fmt.Errorf("unknown HeadSeriesRef when trying to add exemplar: %d", ref)
 	}
 
 	// Ensure no empty labels have gotten through.
@@ -329,20 +347,21 @@ func (a *headAppender) AppendExemplar(ref uint64, _ labels.Labels, e exemplar.Ex
 
 	a.exemplars = append(a.exemplars, exemplarWithSeriesRef{ref, e})
 
-	return s.ref, nil
+	return storage.SeriesRef(s.ref), nil
 }
 
 var _ storage.GetRef = &headAppender{}
 
-func (a *headAppender) GetRef(lset labels.Labels) (uint64, labels.Labels) {
+func (a *headAppender) GetRef(lset labels.Labels) (storage.SeriesRef, labels.Labels) {
 	s := a.head.series.getByHash(lset.Hash(), lset)
 	if s == nil {
 		return 0, nil
 	}
 	// returned labels must be suitable to pass to Append()
-	return s.ref, s.lset
+	return storage.SeriesRef(s.ref), s.lset
 }
 
+// log writes all headAppender's data to the WAL.
 func (a *headAppender) log() error {
 	if a.head.wal == nil {
 		return nil
@@ -385,7 +404,7 @@ func exemplarsForEncoding(es []exemplarWithSeriesRef) []record.RefExemplar {
 	ret := make([]record.RefExemplar, 0, len(es))
 	for _, e := range es {
 		ret = append(ret, record.RefExemplar{
-			Ref:    e.ref,
+			Ref:    chunks.HeadSeriesRef(e.ref),
 			T:      e.exemplar.Ts,
 			V:      e.exemplar.Value,
 			Labels: e.exemplar.Labels,
@@ -394,6 +413,7 @@ func exemplarsForEncoding(es []exemplarWithSeriesRef) []record.RefExemplar {
 	return ret
 }
 
+// Commit writes to the WAL and adds the data to the Head.
 func (a *headAppender) Commit() (err error) {
 	if a.closed {
 		return ErrAppenderClosed
@@ -407,7 +427,7 @@ func (a *headAppender) Commit() (err error) {
 
 	// No errors logging to WAL, so pass the exemplars along to the in memory storage.
 	for _, e := range a.exemplars {
-		s := a.head.series.getByID(e.ref)
+		s := a.head.series.getByID(chunks.HeadSeriesRef(e.ref))
 		// We don't instrument exemplar appends here, all is instrumented by storage.
 		if err := a.head.exemplars.AddExemplar(s.lset, e.exemplar); err != nil {
 			if err == storage.ErrOutOfOrderExemplar {
@@ -463,7 +483,7 @@ func (s *memSeries) append(t int64, v float64, appendID uint64, chunkDiskMapper
 
 	if c == nil {
 		if len(s.mmappedChunks) > 0 && s.mmappedChunks[len(s.mmappedChunks)-1].maxTime >= t {
-			// Out of order sample. Sample timestamp is already in the mmaped chunks, so ignore it.
+			// Out of order sample. Sample timestamp is already in the mmapped chunks, so ignore it.
 			return false, false
 		}
 		// There is no chunk in this series yet, create the first chunk for the sample.
@@ -504,7 +524,7 @@ func (s *memSeries) append(t int64, v float64, appendID uint64, chunkDiskMapper
 	s.sampleBuf[2] = s.sampleBuf[3]
 	s.sampleBuf[3] = sample{t: t, v: v}
 
-	if appendID > 0 {
+	if appendID > 0 && s.txs != nil {
 		s.txs.add(appendID)
 	}
 
@@ -565,6 +585,7 @@ func (s *memSeries) mmapCurrentHeadChunk(chunkDiskMapper *chunks.ChunkDiskMapper
 	})
 }
 
+// Rollback removes the samples and exemplars from headAppender and writes any series to WAL.
 func (a *headAppender) Rollback() (err error) {
 	if a.closed {
 		return ErrAppenderClosed
diff --git a/vendor/github.com/prometheus/prometheus/tsdb/head_read.go b/vendor/github.com/prometheus/prometheus/tsdb/head_read.go
index a337b694830..8d34a544396 100644
--- a/vendor/github.com/prometheus/prometheus/tsdb/head_read.go
+++ b/vendor/github.com/prometheus/prometheus/tsdb/head_read.go
@@ -21,7 +21,7 @@ import (
 	"github.com/go-kit/log/level"
 	"github.com/pkg/errors"
 
-	"github.com/prometheus/prometheus/pkg/labels"
+	"github.com/prometheus/prometheus/model/labels"
 	"github.com/prometheus/prometheus/storage"
 	"github.com/prometheus/prometheus/tsdb/chunkenc"
 	"github.com/prometheus/prometheus/tsdb/chunks"
@@ -115,7 +115,7 @@ func (h *headIndexReader) SortedPostings(p index.Postings) index.Postings {
 
 	// Fetch all the series only once.
 	for p.Next() {
-		s := h.head.series.getByID(p.At())
+		s := h.head.series.getByID(chunks.HeadSeriesRef(p.At()))
 		if s == nil {
 			level.Debug(h.head.logger).Log("msg", "Looked up series not found")
 		} else {
@@ -131,16 +131,16 @@ func (h *headIndexReader) SortedPostings(p index.Postings) index.Postings {
 	})
 
 	// Convert back to list.
-	ep := make([]uint64, 0, len(series))
+	ep := make([]storage.SeriesRef, 0, len(series))
 	for _, p := range series {
-		ep = append(ep, p.ref)
+		ep = append(ep, storage.SeriesRef(p.ref))
 	}
 	return index.NewListPostings(ep)
 }
 
 // Series returns the series for the given reference.
-func (h *headIndexReader) Series(ref uint64, lbls *labels.Labels, chks *[]chunks.Meta) error {
-	s := h.head.series.getByID(ref)
+func (h *headIndexReader) Series(ref storage.SeriesRef, lbls *labels.Labels, chks *[]chunks.Meta) error {
+	s := h.head.series.getByID(chunks.HeadSeriesRef(ref))
 
 	if s == nil {
 		h.head.metrics.seriesNotFound.Inc()
@@ -161,27 +161,28 @@ func (h *headIndexReader) Series(ref uint64, lbls *labels.Labels, chks *[]chunks
 		*chks = append(*chks, chunks.Meta{
 			MinTime: c.minTime,
 			MaxTime: c.maxTime,
-			Ref:     packChunkID(s.ref, uint64(s.chunkID(i))),
+			Ref:     chunks.ChunkRef(chunks.NewHeadChunkRef(s.ref, s.headChunkID(i))),
 		})
 	}
 	if s.headChunk != nil && s.headChunk.OverlapsClosedInterval(h.mint, h.maxt) {
 		*chks = append(*chks, chunks.Meta{
 			MinTime: s.headChunk.minTime,
 			MaxTime: math.MaxInt64, // Set the head chunks as open (being appended to).
-			Ref:     packChunkID(s.ref, uint64(s.chunkID(len(s.mmappedChunks)))),
+			Ref:     chunks.ChunkRef(chunks.NewHeadChunkRef(s.ref, s.headChunkID(len(s.mmappedChunks)))),
 		})
 	}
 
 	return nil
 }
 
-func (s *memSeries) chunkID(pos int) int {
-	return pos + s.firstChunkID
+// headChunkID returns the HeadChunkID corresponding to .mmappedChunks[pos]
+func (s *memSeries) headChunkID(pos int) chunks.HeadChunkID {
+	return chunks.HeadChunkID(pos) + s.firstChunkID
 }
 
 // LabelValueFor returns label value for the given label name in the series referred to by ID.
-func (h *headIndexReader) LabelValueFor(id uint64, label string) (string, error) {
-	memSeries := h.head.series.getByID(id)
+func (h *headIndexReader) LabelValueFor(id storage.SeriesRef, label string) (string, error) {
+	memSeries := h.head.series.getByID(chunks.HeadSeriesRef(id))
 	if memSeries == nil {
 		return "", storage.ErrNotFound
 	}
@@ -196,10 +197,10 @@ func (h *headIndexReader) LabelValueFor(id uint64, label string) (string, error)
 
 // LabelNamesFor returns all the label names for the series referred to by IDs.
 // The names returned are sorted.
-func (h *headIndexReader) LabelNamesFor(ids ...uint64) ([]string, error) {
+func (h *headIndexReader) LabelNamesFor(ids ...storage.SeriesRef) ([]string, error) {
 	namesMap := make(map[string]struct{})
 	for _, id := range ids {
-		memSeries := h.head.series.getByID(id)
+		memSeries := h.head.series.getByID(chunks.HeadSeriesRef(id))
 		if memSeries == nil {
 			return nil, storage.ErrNotFound
 		}
@@ -248,25 +249,9 @@ func (h *headChunkReader) Close() error {
 	return nil
 }
 
-// packChunkID packs a seriesID and a chunkID within it into a global 8 byte ID.
-// It panicks if the seriesID exceeds 5 bytes or the chunk ID 3 bytes.
-func packChunkID(seriesID, chunkID uint64) uint64 {
-	if seriesID > (1<<40)-1 {
-		panic("series ID exceeds 5 bytes")
-	}
-	if chunkID > (1<<24)-1 {
-		panic("chunk ID exceeds 3 bytes")
-	}
-	return (seriesID << 24) | chunkID
-}
-
-func unpackChunkID(id uint64) (seriesID, chunkID uint64) {
-	return id >> 24, (id << 40) >> 40
-}
-
 // Chunk returns the chunk for the reference number.
-func (h *headChunkReader) Chunk(ref uint64) (chunkenc.Chunk, error) {
-	sid, cid := unpackChunkID(ref)
+func (h *headChunkReader) Chunk(ref chunks.ChunkRef) (chunkenc.Chunk, error) {
+	sid, cid := chunks.HeadChunkRef(ref).Unpack()
 
 	s := h.head.series.getByID(sid)
 	// This means that the series has been garbage collected.
@@ -275,7 +260,7 @@ func (h *headChunkReader) Chunk(ref uint64) (chunkenc.Chunk, error) {
 	}
 
 	s.Lock()
-	c, garbageCollect, err := s.chunk(int(cid), h.head.chunkDiskMapper)
+	c, garbageCollect, err := s.chunk(cid, h.head.chunkDiskMapper)
 	if err != nil {
 		s.Unlock()
 		return nil, err
@@ -298,21 +283,21 @@ func (h *headChunkReader) Chunk(ref uint64) (chunkenc.Chunk, error) {
 	return &safeChunk{
 		Chunk:           c.chunk,
 		s:               s,
-		cid:             int(cid),
+		cid:             cid,
 		isoState:        h.isoState,
 		chunkDiskMapper: h.head.chunkDiskMapper,
 	}, nil
 }
 
-// chunk returns the chunk for the chunk id from memory or by m-mapping it from the disk.
+// chunk returns the chunk for the HeadChunkID from memory or by m-mapping it from the disk.
 // If garbageCollect is true, it means that the returned *memChunk
-// (and not the chunkenc.Chunk inside it) can be garbage collected after it's usage.
-func (s *memSeries) chunk(id int, chunkDiskMapper *chunks.ChunkDiskMapper) (chunk *memChunk, garbageCollect bool, err error) {
+// (and not the chunkenc.Chunk inside it) can be garbage collected after its usage.
+func (s *memSeries) chunk(id chunks.HeadChunkID, chunkDiskMapper *chunks.ChunkDiskMapper) (chunk *memChunk, garbageCollect bool, err error) {
 	// ix represents the index of chunk in the s.mmappedChunks slice. The chunk id's are
 	// incremented by 1 when new chunk is created, hence (id - firstChunkID) gives the slice index.
 	// The max index for the s.mmappedChunks slice can be len(s.mmappedChunks)-1, hence if the ix
 	// is len(s.mmappedChunks), it represents the next chunk, which is the head chunk.
-	ix := id - s.firstChunkID
+	ix := int(id) - int(s.firstChunkID)
 	if ix < 0 || ix > len(s.mmappedChunks) {
 		return nil, false, storage.ErrNotFound
 	}
@@ -339,7 +324,7 @@ func (s *memSeries) chunk(id int, chunkDiskMapper *chunks.ChunkDiskMapper) (chun
 type safeChunk struct {
 	chunkenc.Chunk
 	s               *memSeries
-	cid             int
+	cid             chunks.HeadChunkID
 	isoState        *isolationState
 	chunkDiskMapper *chunks.ChunkDiskMapper
 }
@@ -351,9 +336,9 @@ func (c *safeChunk) Iterator(reuseIter chunkenc.Iterator) chunkenc.Iterator {
 	return it
 }
 
-// iterator returns a chunk iterator.
+// iterator returns a chunk iterator for the requested chunkID, or a NopIterator if the requested ID is out of range.
 // It is unsafe to call this concurrently with s.append(...) without holding the series lock.
-func (s *memSeries) iterator(id int, isoState *isolationState, chunkDiskMapper *chunks.ChunkDiskMapper, it chunkenc.Iterator) chunkenc.Iterator {
+func (s *memSeries) iterator(id chunks.HeadChunkID, isoState *isolationState, chunkDiskMapper *chunks.ChunkDiskMapper, it chunkenc.Iterator) chunkenc.Iterator {
 	c, garbageCollect, err := s.chunk(id, chunkDiskMapper)
 	// TODO(fabxc): Work around! An error will be returns when a querier have retrieved a pointer to a
 	// series's chunk, which got then garbage collected before it got
@@ -371,12 +356,12 @@ func (s *memSeries) iterator(id int, isoState *isolationState, chunkDiskMapper *
 		}
 	}()
 
-	ix := id - s.firstChunkID
+	ix := int(id) - int(s.firstChunkID)
 
 	numSamples := c.chunk.NumSamples()
 	stopAfter := numSamples
 
-	if isoState != nil {
+	if isoState != nil && !isoState.IsolationDisabled() {
 		totalSamples := 0    // Total samples in this series.
 		previousSamples := 0 // Samples before this chunk.
 
@@ -418,7 +403,7 @@ func (s *memSeries) iterator(id int, isoState *isolationState, chunkDiskMapper *
 		return chunkenc.NewNopIterator()
 	}
 
-	if id-s.firstChunkID < len(s.mmappedChunks) {
+	if int(id)-int(s.firstChunkID) < len(s.mmappedChunks) {
 		if stopAfter == numSamples {
 			return c.chunk.Iterator(it)
 		}
@@ -455,6 +440,8 @@ func (s *memSeries) iterator(id int, isoState *isolationState, chunkDiskMapper *
 	}
 }
 
+// memSafeIterator returns values from the wrapped stopIterator
+// except the last 4, which come from buf.
 type memSafeIterator struct {
 	stopIterator
 
@@ -498,6 +485,8 @@ func (it *memSafeIterator) At() (int64, float64) {
 	return s.t, s.v
 }
 
+// stopIterator wraps an Iterator, but only returns the first
+// stopAfter values, if initialized with i=-1.
 type stopIterator struct {
 	chunkenc.Iterator
 
diff --git a/vendor/github.com/prometheus/prometheus/tsdb/head_wal.go b/vendor/github.com/prometheus/prometheus/tsdb/head_wal.go
index 47882982400..5d5c995b3c2 100644
--- a/vendor/github.com/prometheus/prometheus/tsdb/head_wal.go
+++ b/vendor/github.com/prometheus/prometheus/tsdb/head_wal.go
@@ -15,11 +15,6 @@ package tsdb
 
 import (
 	"fmt"
-	"github.com/prometheus/prometheus/pkg/labels"
-	"github.com/prometheus/prometheus/tsdb/chunkenc"
-	"github.com/prometheus/prometheus/tsdb/encoding"
-	tsdb_errors "github.com/prometheus/prometheus/tsdb/errors"
-	"github.com/prometheus/prometheus/tsdb/fileutil"
 	"io/ioutil"
 	"math"
 	"os"
@@ -34,14 +29,20 @@ import (
 	"github.com/pkg/errors"
 	"go.uber.org/atomic"
 
-	"github.com/prometheus/prometheus/pkg/exemplar"
+	"github.com/prometheus/prometheus/model/exemplar"
+	"github.com/prometheus/prometheus/model/labels"
 	"github.com/prometheus/prometheus/storage"
+	"github.com/prometheus/prometheus/tsdb/chunkenc"
+	"github.com/prometheus/prometheus/tsdb/chunks"
+	"github.com/prometheus/prometheus/tsdb/encoding"
+	tsdb_errors "github.com/prometheus/prometheus/tsdb/errors"
+	"github.com/prometheus/prometheus/tsdb/fileutil"
 	"github.com/prometheus/prometheus/tsdb/record"
 	"github.com/prometheus/prometheus/tsdb/tombstones"
 	"github.com/prometheus/prometheus/tsdb/wal"
 )
 
-func (h *Head) loadWAL(r *wal.Reader, multiRef map[uint64]uint64, mmappedChunks map[uint64][]*mmappedChunk) (err error) {
+func (h *Head) loadWAL(r *wal.Reader, multiRef map[chunks.HeadSeriesRef]chunks.HeadSeriesRef, mmappedChunks map[chunks.HeadSeriesRef][]*mmappedChunk) (err error) {
 	// Track number of samples that referenced a series we don't know about
 	// for error reporting.
 	var unknownRefs atomic.Uint64
@@ -207,8 +208,8 @@ Outer:
 					break Outer
 				}
 
-				if h.lastSeriesID.Load() < walSeries.Ref {
-					h.lastSeriesID.Store(walSeries.Ref)
+				if chunks.HeadSeriesRef(h.lastSeriesID.Load()) < walSeries.Ref {
+					h.lastSeriesID.Store(uint64(walSeries.Ref))
 				}
 
 				mmc := mmappedChunks[walSeries.Ref]
@@ -225,7 +226,7 @@ Outer:
 
 				multiRef[walSeries.Ref] = mSeries.ref
 
-				idx := mSeries.ref % uint64(n)
+				idx := uint64(mSeries.ref) % uint64(n)
 				// It is possible that some old sample is being processed in processWALSamples that
 				// could cause race below. So we wait for the goroutine to empty input the buffer and finish
 				// processing all old samples after emptying the buffer.
@@ -297,7 +298,7 @@ Outer:
 					if r, ok := multiRef[sam.Ref]; ok {
 						sam.Ref = r
 					}
-					mod := sam.Ref % uint64(n)
+					mod := uint64(sam.Ref) % uint64(n)
 					shards[mod] = append(shards[mod], sam)
 				}
 				for i := 0; i < n; i++ {
@@ -313,11 +314,11 @@ Outer:
 					if itv.Maxt < h.minValidTime.Load() {
 						continue
 					}
-					if m := h.series.getByID(s.Ref); m == nil {
+					if m := h.series.getByID(chunks.HeadSeriesRef(s.Ref)); m == nil {
 						unknownRefs.Inc()
 						continue
 					}
-					h.tombstones.AddInterval(s.Ref, itv)
+					h.tombstones.AddInterval(storage.SeriesRef(s.Ref), itv)
 				}
 			}
 			//nolint:staticcheck // Ignore SA6002 relax staticcheck verification.
@@ -428,7 +429,7 @@ const (
 )
 
 type chunkSnapshotRecord struct {
-	ref        uint64
+	ref        chunks.HeadSeriesRef
 	lset       labels.Labels
 	chunkRange int64
 	mc         *memChunk
@@ -439,7 +440,7 @@ func (s *memSeries) encodeToSnapshotRecord(b []byte) []byte {
 	buf := encoding.Encbuf{B: b}
 
 	buf.PutByte(chunkSnapshotRecordTypeSeries)
-	buf.PutBE64(s.ref)
+	buf.PutBE64(uint64(s.ref))
 	buf.PutUvarint(len(s.lset))
 	for _, l := range s.lset {
 		buf.PutUvarintStr(l.Name)
@@ -474,7 +475,7 @@ func decodeSeriesFromChunkSnapshot(b []byte) (csr chunkSnapshotRecord, err error
 		return csr, errors.Errorf("invalid record type %x", flag)
 	}
 
-	csr.ref = dec.Be64()
+	csr.ref = chunks.HeadSeriesRef(dec.Be64())
 
 	// The label set written to the disk is already sorted.
 	csr.lset = make(labels.Labels, dec.Uvarint())
@@ -585,7 +586,7 @@ func (h *Head) ChunkSnapshot() (*ChunkSnapshotStats, error) {
 	cpdirtmp := cpdir + ".tmp"
 	stats.Dir = cpdir
 
-	if err := os.MkdirAll(cpdirtmp, 0777); err != nil {
+	if err := os.MkdirAll(cpdirtmp, 0o777); err != nil {
 		return stats, errors.Wrap(err, "create chunk snapshot dir")
 	}
 	cp, err := wal.New(nil, nil, cpdirtmp, h.wal.CompressionEnabled())
@@ -816,7 +817,7 @@ func DeleteChunkSnapshots(dir string, maxIndex, maxOffset int) error {
 
 // loadChunkSnapshot replays the chunk snapshot and restores the Head state from it. If there was any error returned,
 // it is the responsibility of the caller to clear the contents of the Head.
-func (h *Head) loadChunkSnapshot() (int, int, map[uint64]*memSeries, error) {
+func (h *Head) loadChunkSnapshot() (int, int, map[chunks.HeadSeriesRef]*memSeries, error) {
 	dir, snapIdx, snapOffset, err := LastChunkSnapshot(h.opts.ChunkDirRoot)
 	if err != nil {
 		if err == record.ErrNotFound {
@@ -842,9 +843,9 @@ func (h *Head) loadChunkSnapshot() (int, int, map[uint64]*memSeries, error) {
 		n                = runtime.GOMAXPROCS(0)
 		wg               sync.WaitGroup
 		recordChan       = make(chan chunkSnapshotRecord, 5*n)
-		shardedRefSeries = make([]map[uint64]*memSeries, n)
+		shardedRefSeries = make([]map[chunks.HeadSeriesRef]*memSeries, n)
 		errChan          = make(chan error, n)
-		refSeries        map[uint64]*memSeries
+		refSeries        map[chunks.HeadSeriesRef]*memSeries
 		exemplarBuf      []record.RefExemplar
 		dec              record.Decoder
 	)
@@ -860,7 +861,7 @@ func (h *Head) loadChunkSnapshot() (int, int, map[uint64]*memSeries, error) {
 				}
 			}()
 
-			shardedRefSeries[idx] = make(map[uint64]*memSeries)
+			shardedRefSeries[idx] = make(map[chunks.HeadSeriesRef]*memSeries)
 			localRefSeries := shardedRefSeries[idx]
 
 			for csr := range rc {
@@ -870,8 +871,8 @@ func (h *Head) loadChunkSnapshot() (int, int, map[uint64]*memSeries, error) {
 					return
 				}
 				localRefSeries[csr.ref] = series
-				if h.lastSeriesID.Load() < series.ref {
-					h.lastSeriesID.Store(series.ref)
+				if chunks.HeadSeriesRef(h.lastSeriesID.Load()) < series.ref {
+					h.lastSeriesID.Store(uint64(series.ref))
 				}
 
 				series.chunkRange = csr.chunkRange
@@ -926,7 +927,7 @@ Outer:
 				break Outer
 			}
 
-			if err = tr.Iter(func(ref uint64, ivs tombstones.Intervals) error {
+			if err = tr.Iter(func(ref storage.SeriesRef, ivs tombstones.Intervals) error {
 				h.tombstones.AddInterval(ref, ivs...)
 				return nil
 			}); err != nil {
@@ -940,7 +941,7 @@ Outer:
 				close(recordChan)
 				wg.Wait()
 
-				refSeries = make(map[uint64]*memSeries, numSeries)
+				refSeries = make(map[chunks.HeadSeriesRef]*memSeries, numSeries)
 				for _, shard := range shardedRefSeries {
 					for k, v := range shard {
 						refSeries[k] = v
@@ -1006,7 +1007,7 @@ Outer:
 
 	if len(refSeries) == 0 {
 		// We had no exemplar record, so we have to build the map here.
-		refSeries = make(map[uint64]*memSeries, numSeries)
+		refSeries = make(map[chunks.HeadSeriesRef]*memSeries, numSeries)
 		for _, shard := range shardedRefSeries {
 			for k, v := range shard {
 				refSeries[k] = v
diff --git a/vendor/github.com/prometheus/prometheus/tsdb/index/index.go b/vendor/github.com/prometheus/prometheus/tsdb/index/index.go
index d6f5d6b880b..957e468f67e 100644
--- a/vendor/github.com/prometheus/prometheus/tsdb/index/index.go
+++ b/vendor/github.com/prometheus/prometheus/tsdb/index/index.go
@@ -30,7 +30,7 @@ import (
 
 	"github.com/pkg/errors"
 
-	"github.com/prometheus/prometheus/pkg/labels"
+	"github.com/prometheus/prometheus/model/labels"
 	"github.com/prometheus/prometheus/storage"
 	"github.com/prometheus/prometheus/tsdb/chunks"
 	"github.com/prometheus/prometheus/tsdb/encoding"
@@ -143,7 +143,7 @@ type Writer struct {
 
 	// Hold last series to validate that clients insert new series in order.
 	lastSeries labels.Labels
-	lastRef    uint64
+	lastRef    storage.SeriesRef
 
 	crc32 hash.Hash
 
@@ -262,7 +262,7 @@ type FileWriter struct {
 }
 
 func NewFileWriter(name string) (*FileWriter, error) {
-	f, err := os.OpenFile(name, os.O_CREATE|os.O_RDWR, 0666)
+	f, err := os.OpenFile(name, os.O_CREATE|os.O_RDWR, 0o666)
 	if err != nil {
 		return nil, err
 	}
@@ -414,7 +414,7 @@ func (w *Writer) writeMeta() error {
 }
 
 // AddSeries adds the series one at a time along with its chunks.
-func (w *Writer) AddSeries(ref uint64, lset labels.Labels, chunks ...chunks.Meta) error {
+func (w *Writer) AddSeries(ref storage.SeriesRef, lset labels.Labels, chunks ...chunks.Meta) error {
 	if err := w.ensureStage(idxStageSeries); err != nil {
 		return err
 	}
@@ -472,7 +472,7 @@ func (w *Writer) AddSeries(ref uint64, lset labels.Labels, chunks ...chunks.Meta
 		c := chunks[0]
 		w.buf2.PutVarint64(c.MinTime)
 		w.buf2.PutUvarint64(uint64(c.MaxTime - c.MinTime))
-		w.buf2.PutUvarint64(c.Ref)
+		w.buf2.PutUvarint64(uint64(c.Ref))
 		t0 := c.MaxTime
 		ref0 := int64(c.Ref)
 
@@ -525,7 +525,7 @@ func (w *Writer) AddSymbol(sym string) error {
 func (w *Writer) finishSymbols() error {
 	symbolTableSize := w.f.pos - w.toc.Symbols - 4
 	// The symbol table's <len> part is 4 bytes. So the total symbol table size must be less than or equal to 2^32-1
-	if symbolTableSize > 4294967295 {
+	if symbolTableSize > math.MaxUint32 {
 		return errors.Errorf("symbol table size exceeds 4 bytes: %d", symbolTableSize)
 	}
 
@@ -657,7 +657,11 @@ func (w *Writer) writeLabelIndex(name string, values []uint32) error {
 
 	// Write out the length.
 	w.buf1.Reset()
-	w.buf1.PutBE32int(int(w.f.pos - startPos - 4))
+	l := w.f.pos - startPos - 4
+	if l > math.MaxUint32 {
+		return errors.Errorf("label index size exceeds 4 bytes: %d", l)
+	}
+	w.buf1.PutBE32int(int(l))
 	if err := w.writeAt(w.buf1.Get(), startPos); err != nil {
 		return err
 	}
@@ -697,7 +701,11 @@ func (w *Writer) writeLabelIndexesOffsetTable() error {
 	}
 	// Write out the length.
 	w.buf1.Reset()
-	w.buf1.PutBE32int(int(w.f.pos - startPos - 4))
+	l := w.f.pos - startPos - 4
+	if l > math.MaxUint32 {
+		return errors.Errorf("label indexes offset table size exceeds 4 bytes: %d", l)
+	}
+	w.buf1.PutBE32int(int(l))
 	if err := w.writeAt(w.buf1.Get(), startPos); err != nil {
 		return err
 	}
@@ -774,7 +782,11 @@ func (w *Writer) writePostingsOffsetTable() error {
 
 	// Write out the length.
 	w.buf1.Reset()
-	w.buf1.PutBE32int(int(w.f.pos - startPos - 4))
+	l := w.f.pos - startPos - 4
+	if l > math.MaxUint32 {
+		return errors.Errorf("postings offset table size exceeds 4 bytes: %d", l)
+	}
+	w.buf1.PutBE32int(int(l))
 	if err := w.writeAt(w.buf1.Get(), startPos); err != nil {
 		return err
 	}
@@ -903,7 +915,6 @@ func (w *Writer) writePostingsToTmpFiles() error {
 			values := make([]uint32, 0, len(postings[sid]))
 			for v := range postings[sid] {
 				values = append(values, v)
-
 			}
 			// Symbol numbers are in order, so the strings will also be in order.
 			sort.Sort(uint32slice(values))
@@ -955,7 +966,12 @@ func (w *Writer) writePosting(name, value string, offs []uint32) error {
 	}
 
 	w.buf2.Reset()
-	w.buf2.PutBE32int(w.buf1.Len())
+	l := w.buf1.Len()
+	// We convert to uint to make code compile on 32-bit systems, as math.MaxUint32 doesn't fit into int there.
+	if uint(l) > math.MaxUint32 {
+		return errors.Errorf("posting size exceeds 4 bytes: %d", l)
+	}
+	w.buf2.PutBE32int(l)
 	w.buf1.PutHash(w.crc32)
 	return w.fP.Write(w.buf2.Get(), w.buf1.Get())
 }
@@ -1265,7 +1281,7 @@ type Symbols struct {
 const symbolFactor = 32
 
 // NewSymbols returns a Symbols object for symbol lookups.
-func NewSymbols(bs ByteSlice, version int, off int) (*Symbols, error) {
+func NewSymbols(bs ByteSlice, version, off int) (*Symbols, error) {
 	s := &Symbols{
 		bs:      bs,
 		version: version,
@@ -1504,7 +1520,7 @@ func (r *Reader) LabelValues(name string, matchers ...*labels.Matcher) ([]string
 		} else {
 			d.Skip(skip)
 		}
-		s := yoloString(d.UvarintBytes()) //Label value.
+		s := yoloString(d.UvarintBytes()) // Label value.
 		values = append(values, s)
 		if s == lastVal {
 			break
@@ -1519,7 +1535,7 @@ func (r *Reader) LabelValues(name string, matchers ...*labels.Matcher) ([]string
 
 // LabelNamesFor returns all the label names for the series referred to by IDs.
 // The names returned are sorted.
-func (r *Reader) LabelNamesFor(ids ...uint64) ([]string, error) {
+func (r *Reader) LabelNamesFor(ids ...storage.SeriesRef) ([]string, error) {
 	// Gather offsetsMap the name offsetsMap in the symbol table first
 	offsetsMap := make(map[uint32]struct{})
 	for _, id := range ids {
@@ -1561,7 +1577,7 @@ func (r *Reader) LabelNamesFor(ids ...uint64) ([]string, error) {
 }
 
 // LabelValueFor returns label value for the given label name in the series referred to by ID.
-func (r *Reader) LabelValueFor(id uint64, label string) (string, error) {
+func (r *Reader) LabelValueFor(id storage.SeriesRef, label string) (string, error) {
 	offset := id
 	// In version 2 series IDs are no longer exact references but series are 16-byte padded
 	// and the ID is the multiple of 16 of the actual position.
@@ -1587,7 +1603,7 @@ func (r *Reader) LabelValueFor(id uint64, label string) (string, error) {
 }
 
 // Series reads the series with the given ID and writes its labels and chunks into lbls and chks.
-func (r *Reader) Series(id uint64, lbls *labels.Labels, chks *[]chunks.Meta) error {
+func (r *Reader) Series(id storage.SeriesRef, lbls *labels.Labels, chks *[]chunks.Meta) error {
 	offset := id
 	// In version 2 series IDs are no longer exact references but series are 16-byte padded
 	// and the ID is the multiple of 16 of the actual position.
@@ -1860,7 +1876,7 @@ func (dec *Decoder) Series(b []byte, lbls *labels.Labels, chks *[]chunks.Meta) e
 	ref0 := int64(d.Uvarint64())
 
 	*chks = append(*chks, chunks.Meta{
-		Ref:     uint64(ref0),
+		Ref:     chunks.ChunkRef(ref0),
 		MinTime: t0,
 		MaxTime: maxt,
 	})
@@ -1878,7 +1894,7 @@ func (dec *Decoder) Series(b []byte, lbls *labels.Labels, chks *[]chunks.Meta) e
 		}
 
 		*chks = append(*chks, chunks.Meta{
-			Ref:     uint64(ref0),
+			Ref:     chunks.ChunkRef(ref0),
 			MinTime: mint,
 			MaxTime: maxt,
 		})
diff --git a/vendor/github.com/prometheus/prometheus/tsdb/index/postings.go b/vendor/github.com/prometheus/prometheus/tsdb/index/postings.go
index 6c493be1df5..10312d84d8f 100644
--- a/vendor/github.com/prometheus/prometheus/tsdb/index/postings.go
+++ b/vendor/github.com/prometheus/prometheus/tsdb/index/postings.go
@@ -20,7 +20,8 @@ import (
 	"sort"
 	"sync"
 
-	"github.com/prometheus/prometheus/pkg/labels"
+	"github.com/prometheus/prometheus/model/labels"
+	"github.com/prometheus/prometheus/storage"
 )
 
 var allPostingsKey = labels.Label{}
@@ -30,29 +31,39 @@ func AllPostingsKey() (name, value string) {
 	return allPostingsKey.Name, allPostingsKey.Value
 }
 
+// ensureOrderBatchSize is the max number of postings passed to a worker in a single batch in MemPostings.EnsureOrder().
+const ensureOrderBatchSize = 1024
+
+// ensureOrderBatchPool is a pool used to recycle batches passed to workers in MemPostings.EnsureOrder().
+var ensureOrderBatchPool = sync.Pool{
+	New: func() interface{} {
+		return make([][]storage.SeriesRef, 0, ensureOrderBatchSize)
+	},
+}
+
 // MemPostings holds postings list for series ID per label pair. They may be written
 // to out of order.
-// ensureOrder() must be called once before any reads are done. This allows for quick
+// EnsureOrder() must be called once before any reads are done. This allows for quick
 // unordered batch fills on startup.
 type MemPostings struct {
 	mtx     sync.RWMutex
-	m       map[string]map[string][]uint64
+	m       map[string]map[string][]storage.SeriesRef
 	ordered bool
 }
 
 // NewMemPostings returns a memPostings that's ready for reads and writes.
 func NewMemPostings() *MemPostings {
 	return &MemPostings{
-		m:       make(map[string]map[string][]uint64, 512),
+		m:       make(map[string]map[string][]storage.SeriesRef, 512),
 		ordered: true,
 	}
 }
 
 // NewUnorderedMemPostings returns a memPostings that is not safe to be read from
-// until ensureOrder was called once.
+// until EnsureOrder() was called once.
 func NewUnorderedMemPostings() *MemPostings {
 	return &MemPostings{
-		m:       make(map[string]map[string][]uint64, 512),
+		m:       make(map[string]map[string][]storage.SeriesRef, 512),
 		ordered: false,
 	}
 }
@@ -188,7 +199,7 @@ func (p *MemPostings) Stats(label string) *PostingsStats {
 
 // Get returns a postings list for the given label pair.
 func (p *MemPostings) Get(name, value string) Postings {
-	var lp []uint64
+	var lp []storage.SeriesRef
 	p.mtx.RLock()
 	l := p.m[name]
 	if l != nil {
@@ -218,25 +229,42 @@ func (p *MemPostings) EnsureOrder() {
 	}
 
 	n := runtime.GOMAXPROCS(0)
-	workc := make(chan []uint64)
+	workc := make(chan [][]storage.SeriesRef)
 
 	var wg sync.WaitGroup
 	wg.Add(n)
 
 	for i := 0; i < n; i++ {
 		go func() {
-			for l := range workc {
-				sort.Slice(l, func(a, b int) bool { return l[a] < l[b] })
+			for job := range workc {
+				for _, l := range job {
+					sort.Sort(seriesRefSlice(l))
+				}
+
+				job = job[:0]
+				ensureOrderBatchPool.Put(job) //nolint:staticcheck // Ignore SA6002 safe to ignore and actually fixing it has some performance penalty.
 			}
 			wg.Done()
 		}()
 	}
 
+	nextJob := ensureOrderBatchPool.Get().([][]storage.SeriesRef)
 	for _, e := range p.m {
 		for _, l := range e {
-			workc <- l
+			nextJob = append(nextJob, l)
+
+			if len(nextJob) >= ensureOrderBatchSize {
+				workc <- nextJob
+				nextJob = ensureOrderBatchPool.Get().([][]storage.SeriesRef)
+			}
 		}
 	}
+
+	// If the last job was partially filled, we need to push it to workers too.
+	if len(nextJob) > 0 {
+		workc <- nextJob
+	}
+
 	close(workc)
 	wg.Wait()
 
@@ -244,7 +272,7 @@ func (p *MemPostings) EnsureOrder() {
 }
 
 // Delete removes all ids in the given map from the postings lists.
-func (p *MemPostings) Delete(deleted map[uint64]struct{}) {
+func (p *MemPostings) Delete(deleted map[storage.SeriesRef]struct{}) {
 	var keys, vals []string
 
 	// Collect all keys relevant for deletion once. New keys added afterwards
@@ -280,7 +308,7 @@ func (p *MemPostings) Delete(deleted map[uint64]struct{}) {
 				p.mtx.Unlock()
 				continue
 			}
-			repl := make([]uint64, 0, len(p.m[n][l]))
+			repl := make([]storage.SeriesRef, 0, len(p.m[n][l]))
 
 			for _, id := range p.m[n][l] {
 				if _, ok := deleted[id]; !ok {
@@ -318,7 +346,7 @@ func (p *MemPostings) Iter(f func(labels.Label, Postings) error) error {
 }
 
 // Add a label set to the postings index.
-func (p *MemPostings) Add(id uint64, lset labels.Labels) {
+func (p *MemPostings) Add(id storage.SeriesRef, lset labels.Labels) {
 	p.mtx.Lock()
 
 	for _, l := range lset {
@@ -329,10 +357,10 @@ func (p *MemPostings) Add(id uint64, lset labels.Labels) {
 	p.mtx.Unlock()
 }
 
-func (p *MemPostings) addFor(id uint64, l labels.Label) {
+func (p *MemPostings) addFor(id storage.SeriesRef, l labels.Label) {
 	nm, ok := p.m[l.Name]
 	if !ok {
-		nm = map[string][]uint64{}
+		nm = map[string][]storage.SeriesRef{}
 		p.m[l.Name] = nm
 	}
 	list := append(nm[l.Value], id)
@@ -354,7 +382,7 @@ func (p *MemPostings) addFor(id uint64, l labels.Label) {
 }
 
 // ExpandPostings returns the postings expanded as a slice.
-func ExpandPostings(p Postings) (res []uint64, err error) {
+func ExpandPostings(p Postings) (res []storage.SeriesRef, err error) {
 	for p.Next() {
 		res = append(res, p.At())
 	}
@@ -368,10 +396,10 @@ type Postings interface {
 
 	// Seek advances the iterator to value v or greater and returns
 	// true if a value was found.
-	Seek(v uint64) bool
+	Seek(v storage.SeriesRef) bool
 
 	// At returns the value at the current iterator position.
-	At() uint64
+	At() storage.SeriesRef
 
 	// Err returns the last error of the iterator.
 	Err() error
@@ -382,15 +410,15 @@ type errPostings struct {
 	err error
 }
 
-func (e errPostings) Next() bool       { return false }
-func (e errPostings) Seek(uint64) bool { return false }
-func (e errPostings) At() uint64       { return 0 }
-func (e errPostings) Err() error       { return e.err }
+func (e errPostings) Next() bool                  { return false }
+func (e errPostings) Seek(storage.SeriesRef) bool { return false }
+func (e errPostings) At() storage.SeriesRef       { return 0 }
+func (e errPostings) Err() error                  { return e.err }
 
 var emptyPostings = errPostings{}
 
 // EmptyPostings returns a postings list that's always empty.
-// NOTE: Returning EmptyPostings sentinel when index.Postings struct has no postings is recommended.
+// NOTE: Returning EmptyPostings sentinel when Postings struct has no postings is recommended.
 // It triggers optimized flow in other functions like Intersect, Without etc.
 func EmptyPostings() Postings {
 	return emptyPostings
@@ -421,14 +449,14 @@ func Intersect(its ...Postings) Postings {
 
 type intersectPostings struct {
 	arr []Postings
-	cur uint64
+	cur storage.SeriesRef
 }
 
 func newIntersectPostings(its ...Postings) *intersectPostings {
 	return &intersectPostings{arr: its}
 }
 
-func (it *intersectPostings) At() uint64 {
+func (it *intersectPostings) At() storage.SeriesRef {
 	return it.cur
 }
 
@@ -460,7 +488,7 @@ func (it *intersectPostings) Next() bool {
 	return it.doNext()
 }
 
-func (it *intersectPostings) Seek(id uint64) bool {
+func (it *intersectPostings) Seek(id storage.SeriesRef) bool {
 	it.cur = id
 	return it.doNext()
 }
@@ -511,7 +539,7 @@ func (h *postingsHeap) Pop() interface{} {
 type mergedPostings struct {
 	h           postingsHeap
 	initialized bool
-	cur         uint64
+	cur         storage.SeriesRef
 	err         error
 }
 
@@ -571,7 +599,7 @@ func (it *mergedPostings) Next() bool {
 	}
 }
 
-func (it *mergedPostings) Seek(id uint64) bool {
+func (it *mergedPostings) Seek(id storage.SeriesRef) bool {
 	if it.h.Len() == 0 || it.err != nil {
 		return false
 	}
@@ -601,7 +629,7 @@ func (it *mergedPostings) Seek(id uint64) bool {
 	return true
 }
 
-func (it mergedPostings) At() uint64 {
+func (it mergedPostings) At() storage.SeriesRef {
 	return it.cur
 }
 
@@ -625,7 +653,7 @@ func Without(full, drop Postings) Postings {
 type removedPostings struct {
 	full, remove Postings
 
-	cur uint64
+	cur storage.SeriesRef
 
 	initialized bool
 	fok, rok    bool
@@ -638,7 +666,7 @@ func newRemovedPostings(full, remove Postings) *removedPostings {
 	}
 }
 
-func (rp *removedPostings) At() uint64 {
+func (rp *removedPostings) At() storage.SeriesRef {
 	return rp.cur
 }
 
@@ -675,7 +703,7 @@ func (rp *removedPostings) Next() bool {
 	}
 }
 
-func (rp *removedPostings) Seek(id uint64) bool {
+func (rp *removedPostings) Seek(id storage.SeriesRef) bool {
 	if rp.cur >= id {
 		return true
 	}
@@ -697,19 +725,19 @@ func (rp *removedPostings) Err() error {
 
 // ListPostings implements the Postings interface over a plain list.
 type ListPostings struct {
-	list []uint64
-	cur  uint64
+	list []storage.SeriesRef
+	cur  storage.SeriesRef
 }
 
-func NewListPostings(list []uint64) Postings {
+func NewListPostings(list []storage.SeriesRef) Postings {
 	return newListPostings(list...)
 }
 
-func newListPostings(list ...uint64) *ListPostings {
+func newListPostings(list ...storage.SeriesRef) *ListPostings {
 	return &ListPostings{list: list}
 }
 
-func (it *ListPostings) At() uint64 {
+func (it *ListPostings) At() storage.SeriesRef {
 	return it.cur
 }
 
@@ -723,7 +751,7 @@ func (it *ListPostings) Next() bool {
 	return false
 }
 
-func (it *ListPostings) Seek(x uint64) bool {
+func (it *ListPostings) Seek(x storage.SeriesRef) bool {
 	// If the current value satisfies, then return.
 	if it.cur >= x {
 		return true
@@ -760,8 +788,8 @@ func newBigEndianPostings(list []byte) *bigEndianPostings {
 	return &bigEndianPostings{list: list}
 }
 
-func (it *bigEndianPostings) At() uint64 {
-	return uint64(it.cur)
+func (it *bigEndianPostings) At() storage.SeriesRef {
+	return storage.SeriesRef(it.cur)
 }
 
 func (it *bigEndianPostings) Next() bool {
@@ -773,8 +801,8 @@ func (it *bigEndianPostings) Next() bool {
 	return false
 }
 
-func (it *bigEndianPostings) Seek(x uint64) bool {
-	if uint64(it.cur) >= x {
+func (it *bigEndianPostings) Seek(x storage.SeriesRef) bool {
+	if storage.SeriesRef(it.cur) >= x {
 		return true
 	}
 
@@ -796,3 +824,10 @@ func (it *bigEndianPostings) Seek(x uint64) bool {
 func (it *bigEndianPostings) Err() error {
 	return nil
 }
+
+// seriesRefSlice attaches the methods of sort.Interface to []storage.SeriesRef, sorting in increasing order.
+type seriesRefSlice []storage.SeriesRef
+
+func (x seriesRefSlice) Len() int           { return len(x) }
+func (x seriesRefSlice) Less(i, j int) bool { return x[i] < x[j] }
+func (x seriesRefSlice) Swap(i, j int)      { x[i], x[j] = x[j], x[i] }
diff --git a/vendor/github.com/prometheus/prometheus/tsdb/index/postingsstats.go b/vendor/github.com/prometheus/prometheus/tsdb/index/postingsstats.go
index 2fc2465d9c5..5e5880720ac 100644
--- a/vendor/github.com/prometheus/prometheus/tsdb/index/postingsstats.go
+++ b/vendor/github.com/prometheus/prometheus/tsdb/index/postingsstats.go
@@ -59,7 +59,6 @@ func (m *maxHeap) push(item Stat) {
 			m.minIndex = i
 		}
 	}
-
 }
 
 func (m *maxHeap) get() []Stat {
diff --git a/vendor/github.com/prometheus/prometheus/tsdb/isolation.go b/vendor/github.com/prometheus/prometheus/tsdb/isolation.go
index ca6ce1980fc..4919bfe9156 100644
--- a/vendor/github.com/prometheus/prometheus/tsdb/isolation.go
+++ b/vendor/github.com/prometheus/prometheus/tsdb/isolation.go
@@ -39,6 +39,10 @@ func (i *isolationState) Close() {
 	i.prev.next = i.next
 }
 
+func (i *isolationState) IsolationDisabled() bool {
+	return i.isolation.disabled
+}
+
 type isolationAppender struct {
 	appendID uint64
 	prev     *isolationAppender
@@ -63,9 +67,11 @@ type isolation struct {
 	readMtx sync.RWMutex
 	// All current in use isolationStates. This is a doubly-linked list.
 	readsOpen *isolationState
+	// If true, writes are not tracked while reads are still tracked.
+	disabled bool
 }
 
-func newIsolation() *isolation {
+func newIsolation(disabled bool) *isolation {
 	isoState := &isolationState{}
 	isoState.next = isoState
 	isoState.prev = isoState
@@ -78,6 +84,7 @@ func newIsolation() *isolation {
 		appendsOpen:     map[uint64]*isolationAppender{},
 		appendsOpenList: appender,
 		readsOpen:       isoState,
+		disabled:        disabled,
 		appendersPool:   sync.Pool{New: func() interface{} { return &isolationAppender{} }},
 	}
 }
@@ -85,12 +92,20 @@ func newIsolation() *isolation {
 // lowWatermark returns the appendID below which we no longer need to track
 // which appends were from which appendID.
 func (i *isolation) lowWatermark() uint64 {
+	if i.disabled {
+		return 0
+	}
+
 	i.appendMtx.RLock() // Take appendMtx first.
 	defer i.appendMtx.RUnlock()
 	return i.lowWatermarkLocked()
 }
 
 func (i *isolation) lowWatermarkLocked() uint64 {
+	if i.disabled {
+		return 0
+	}
+
 	i.readMtx.RLock()
 	defer i.readMtx.RUnlock()
 	if i.readsOpen.prev != i.readsOpen {
@@ -106,6 +121,8 @@ func (i *isolation) lowWatermarkLocked() uint64 {
 func (i *isolation) State(mint, maxt int64) *isolationState {
 	i.appendMtx.RLock() // Take append mutex before read mutex.
 	defer i.appendMtx.RUnlock()
+
+	// We need to track the reads even when isolation is disabled.
 	isoState := &isolationState{
 		maxAppendID:       i.appendsOpenList.appendID,
 		lowWatermark:      i.appendsOpenList.next.appendID, // Lowest appendID from appenders, or lastAppendId.
@@ -124,6 +141,7 @@ func (i *isolation) State(mint, maxt int64) *isolationState {
 	isoState.next = i.readsOpen.next
 	i.readsOpen.next.prev = isoState
 	i.readsOpen.next = isoState
+
 	return isoState
 }
 
@@ -146,6 +164,10 @@ func (i *isolation) TraverseOpenReads(f func(s *isolationState) bool) {
 // ID. The first ID returned is 1.
 // Also returns the low watermark, to keep lock/unlock operations down.
 func (i *isolation) newAppendID() (uint64, uint64) {
+	if i.disabled {
+		return 0, 0
+	}
+
 	i.appendMtx.Lock()
 	defer i.appendMtx.Unlock()
 
@@ -165,6 +187,10 @@ func (i *isolation) newAppendID() (uint64, uint64) {
 }
 
 func (i *isolation) lastAppendID() uint64 {
+	if i.disabled {
+		return 0
+	}
+
 	i.appendMtx.RLock()
 	defer i.appendMtx.RUnlock()
 
@@ -172,6 +198,10 @@ func (i *isolation) lastAppendID() uint64 {
 }
 
 func (i *isolation) closeAppend(appendID uint64) {
+	if i.disabled {
+		return
+	}
+
 	i.appendMtx.Lock()
 	defer i.appendMtx.Unlock()
 
diff --git a/vendor/github.com/prometheus/prometheus/tsdb/querier.go b/vendor/github.com/prometheus/prometheus/tsdb/querier.go
index 18a1fd20a5f..4719470a74c 100644
--- a/vendor/github.com/prometheus/prometheus/tsdb/querier.go
+++ b/vendor/github.com/prometheus/prometheus/tsdb/querier.go
@@ -21,7 +21,7 @@ import (
 
 	"github.com/pkg/errors"
 
-	"github.com/prometheus/prometheus/pkg/labels"
+	"github.com/prometheus/prometheus/model/labels"
 	"github.com/prometheus/prometheus/storage"
 	"github.com/prometheus/prometheus/tsdb/chunkenc"
 	"github.com/prometheus/prometheus/tsdb/chunks"
@@ -123,6 +123,8 @@ func NewBlockQuerier(b BlockReader, mint, maxt int64) (storage.Querier, error) {
 func (q *blockQuerier) Select(sortSeries bool, hints *storage.SelectHints, ms ...*labels.Matcher) storage.SeriesSet {
 	mint := q.mint
 	maxt := q.maxt
+	disableTrimming := false
+
 	p, err := PostingsForMatchers(q.index, ms...)
 	if err != nil {
 		return storage.ErrSeriesSet(err)
@@ -134,13 +136,14 @@ func (q *blockQuerier) Select(sortSeries bool, hints *storage.SelectHints, ms ..
 	if hints != nil {
 		mint = hints.Start
 		maxt = hints.End
+		disableTrimming = hints.DisableTrimming
 		if hints.Func == "series" {
 			// When you're only looking up metadata (for example series API), you don't need to load any chunks.
-			return newBlockSeriesSet(q.index, newNopChunkReader(), q.tombstones, p, mint, maxt)
+			return newBlockSeriesSet(q.index, newNopChunkReader(), q.tombstones, p, mint, maxt, disableTrimming)
 		}
 	}
 
-	return newBlockSeriesSet(q.index, q.chunks, q.tombstones, p, mint, maxt)
+	return newBlockSeriesSet(q.index, q.chunks, q.tombstones, p, mint, maxt, disableTrimming)
 }
 
 // blockChunkQuerier provides chunk querying access to a single block database.
@@ -160,9 +163,11 @@ func NewBlockChunkQuerier(b BlockReader, mint, maxt int64) (storage.ChunkQuerier
 func (q *blockChunkQuerier) Select(sortSeries bool, hints *storage.SelectHints, ms ...*labels.Matcher) storage.ChunkSeriesSet {
 	mint := q.mint
 	maxt := q.maxt
+	disableTrimming := false
 	if hints != nil {
 		mint = hints.Start
 		maxt = hints.End
+		disableTrimming = hints.DisableTrimming
 	}
 	p, err := PostingsForMatchers(q.index, ms...)
 	if err != nil {
@@ -171,7 +176,7 @@ func (q *blockChunkQuerier) Select(sortSeries bool, hints *storage.SelectHints,
 	if sortSeries {
 		p = q.index.SortedPostings(p)
 	}
-	return newBlockChunkSeriesSet(q.index, q.chunks, q.tombstones, p, mint, maxt)
+	return newBlockChunkSeriesSet(q.index, q.chunks, q.tombstones, p, mint, maxt, disableTrimming)
 }
 
 func findSetMatches(pattern string) []string {
@@ -413,7 +418,7 @@ func labelNamesWithMatchers(r IndexReader, matchers ...*labels.Matcher) ([]strin
 		return nil, err
 	}
 
-	var postings []uint64
+	var postings []storage.SeriesRef
 	for p.Next() {
 		postings = append(postings, p.At())
 	}
@@ -428,11 +433,12 @@ func labelNamesWithMatchers(r IndexReader, matchers ...*labels.Matcher) ([]strin
 // Iterated series are trimmed with given min and max time as well as tombstones.
 // See newBlockSeriesSet and newBlockChunkSeriesSet to use it for either sample or chunk iterating.
 type blockBaseSeriesSet struct {
-	p          index.Postings
-	index      IndexReader
-	chunks     ChunkReader
-	tombstones tombstones.Reader
-	mint, maxt int64
+	p               index.Postings
+	index           IndexReader
+	chunks          ChunkReader
+	tombstones      tombstones.Reader
+	mint, maxt      int64
+	disableTrimming bool
 
 	currIterFn func() *populateWithDelGenericSeriesIterator
 	currLabels labels.Labels
@@ -487,11 +493,13 @@ func (b *blockBaseSeriesSet) Next() bool {
 			}
 
 			// If still not entirely deleted, check if trim is needed based on requested time range.
-			if chk.MinTime < b.mint {
-				trimFront = true
-			}
-			if chk.MaxTime > b.maxt {
-				trimBack = true
+			if !b.disableTrimming {
+				if chk.MinTime < b.mint {
+					trimFront = true
+				}
+				if chk.MaxTime > b.maxt {
+					trimBack = true
+				}
 			}
 		}
 
@@ -606,6 +614,7 @@ func (p *populateWithDelGenericSeriesIterator) Err() error { return p.err }
 func (p *populateWithDelGenericSeriesIterator) toSeriesIterator() chunkenc.Iterator {
 	return &populateWithDelSeriesIterator{populateWithDelGenericSeriesIterator: p}
 }
+
 func (p *populateWithDelGenericSeriesIterator) toChunkSeriesIterator() chunks.Iterator {
 	return &populateWithDelChunkSeriesIterator{populateWithDelGenericSeriesIterator: p}
 }
@@ -721,16 +730,17 @@ type blockSeriesSet struct {
 	blockBaseSeriesSet
 }
 
-func newBlockSeriesSet(i IndexReader, c ChunkReader, t tombstones.Reader, p index.Postings, mint, maxt int64) storage.SeriesSet {
+func newBlockSeriesSet(i IndexReader, c ChunkReader, t tombstones.Reader, p index.Postings, mint, maxt int64, disableTrimming bool) storage.SeriesSet {
 	return &blockSeriesSet{
 		blockBaseSeriesSet{
-			index:      i,
-			chunks:     c,
-			tombstones: t,
-			p:          p,
-			mint:       mint,
-			maxt:       maxt,
-			bufLbls:    make(labels.Labels, 0, 10),
+			index:           i,
+			chunks:          c,
+			tombstones:      t,
+			p:               p,
+			mint:            mint,
+			maxt:            maxt,
+			disableTrimming: disableTrimming,
+			bufLbls:         make(labels.Labels, 0, 10),
 		},
 	}
 }
@@ -753,16 +763,17 @@ type blockChunkSeriesSet struct {
 	blockBaseSeriesSet
 }
 
-func newBlockChunkSeriesSet(i IndexReader, c ChunkReader, t tombstones.Reader, p index.Postings, mint, maxt int64) storage.ChunkSeriesSet {
+func newBlockChunkSeriesSet(i IndexReader, c ChunkReader, t tombstones.Reader, p index.Postings, mint, maxt int64, disableTrimming bool) storage.ChunkSeriesSet {
 	return &blockChunkSeriesSet{
 		blockBaseSeriesSet{
-			index:      i,
-			chunks:     c,
-			tombstones: t,
-			p:          p,
-			mint:       mint,
-			maxt:       maxt,
-			bufLbls:    make(labels.Labels, 0, 10),
+			index:           i,
+			chunks:          c,
+			tombstones:      t,
+			p:               p,
+			mint:            mint,
+			maxt:            maxt,
+			disableTrimming: disableTrimming,
+			bufLbls:         make(labels.Labels, 0, 10),
 		},
 	}
 }
@@ -779,7 +790,7 @@ func (b *blockChunkSeriesSet) At() storage.ChunkSeries {
 }
 
 // NewMergedStringIter returns string iterator that allows to merge symbols on demand and stream result.
-func NewMergedStringIter(a index.StringIter, b index.StringIter) index.StringIter {
+func NewMergedStringIter(a, b index.StringIter) index.StringIter {
 	return &mergedStringIter{a: a, b: b, aok: a.Next(), bok: b.Next()}
 }
 
@@ -875,7 +886,6 @@ Outer:
 
 			if ts <= tr.Maxt {
 				return true
-
 			}
 			it.Intervals = it.Intervals[1:]
 		}
@@ -896,6 +906,8 @@ func newNopChunkReader() ChunkReader {
 	}
 }
 
-func (cr nopChunkReader) Chunk(ref uint64) (chunkenc.Chunk, error) { return cr.emptyChunk, nil }
+func (cr nopChunkReader) Chunk(ref chunks.ChunkRef) (chunkenc.Chunk, error) {
+	return cr.emptyChunk, nil
+}
 
 func (cr nopChunkReader) Close() error { return nil }
diff --git a/vendor/github.com/prometheus/prometheus/tsdb/record/record.go b/vendor/github.com/prometheus/prometheus/tsdb/record/record.go
index 3bfb1be9358..12a4047396f 100644
--- a/vendor/github.com/prometheus/prometheus/tsdb/record/record.go
+++ b/vendor/github.com/prometheus/prometheus/tsdb/record/record.go
@@ -12,6 +12,7 @@
 // See the License for the specific language governing permissions and
 // limitations under the License.
 
+// Package record contains the various record types used for encoding various Head block data in the WAL and in-memory snapshot.
 package record
 
 import (
@@ -20,7 +21,9 @@ import (
 
 	"github.com/pkg/errors"
 
-	"github.com/prometheus/prometheus/pkg/labels"
+	"github.com/prometheus/prometheus/model/labels"
+	"github.com/prometheus/prometheus/storage"
+	"github.com/prometheus/prometheus/tsdb/chunks"
 	"github.com/prometheus/prometheus/tsdb/encoding"
 	"github.com/prometheus/prometheus/tsdb/tombstones"
 )
@@ -41,27 +44,25 @@ const (
 	Exemplars Type = 4
 )
 
-var (
-	// ErrNotFound is returned if a looked up resource was not found. Duplicate ErrNotFound from head.go.
-	ErrNotFound = errors.New("not found")
-)
+// ErrNotFound is returned if a looked up resource was not found. Duplicate ErrNotFound from head.go.
+var ErrNotFound = errors.New("not found")
 
 // RefSeries is the series labels with the series ID.
 type RefSeries struct {
-	Ref    uint64
+	Ref    chunks.HeadSeriesRef
 	Labels labels.Labels
 }
 
 // RefSample is a timestamp/value pair associated with a reference to a series.
 type RefSample struct {
-	Ref uint64
+	Ref chunks.HeadSeriesRef
 	T   int64
 	V   float64
 }
 
 // RefExemplar is an exemplar with it's labels, timestamp, value the exemplar was collected/observed with, and a reference to a series.
 type RefExemplar struct {
-	Ref    uint64
+	Ref    chunks.HeadSeriesRef
 	T      int64
 	V      float64
 	Labels labels.Labels
@@ -69,8 +70,7 @@ type RefExemplar struct {
 
 // Decoder decodes series, sample, and tombstone records.
 // The zero value is ready to use.
-type Decoder struct {
-}
+type Decoder struct{}
 
 // Type returns the type of the record.
 // Returns RecordUnknown if no valid record type is found.
@@ -93,7 +93,7 @@ func (d *Decoder) Series(rec []byte, series []RefSeries) ([]RefSeries, error) {
 		return nil, errors.New("invalid record type")
 	}
 	for len(dec.B) > 0 && dec.Err() == nil {
-		ref := dec.Be64()
+		ref := storage.SeriesRef(dec.Be64())
 
 		lset := make(labels.Labels, dec.Uvarint())
 
@@ -104,7 +104,7 @@ func (d *Decoder) Series(rec []byte, series []RefSeries) ([]RefSeries, error) {
 		sort.Sort(lset)
 
 		series = append(series, RefSeries{
-			Ref:    ref,
+			Ref:    chunks.HeadSeriesRef(ref),
 			Labels: lset,
 		})
 	}
@@ -137,7 +137,7 @@ func (d *Decoder) Samples(rec []byte, samples []RefSample) ([]RefSample, error)
 		val := dec.Be64()
 
 		samples = append(samples, RefSample{
-			Ref: uint64(int64(baseRef) + dref),
+			Ref: chunks.HeadSeriesRef(int64(baseRef) + dref),
 			T:   baseTime + dtime,
 			V:   math.Float64frombits(val),
 		})
@@ -161,7 +161,7 @@ func (d *Decoder) Tombstones(rec []byte, tstones []tombstones.Stone) ([]tombston
 	}
 	for dec.Len() > 0 && dec.Err() == nil {
 		tstones = append(tstones, tombstones.Stone{
-			Ref: dec.Be64(),
+			Ref: storage.SeriesRef(dec.Be64()),
 			Intervals: tombstones.Intervals{
 				{Mint: dec.Varint64(), Maxt: dec.Varint64()},
 			},
@@ -207,7 +207,7 @@ func (d *Decoder) ExemplarsFromBuffer(dec *encoding.Decbuf, exemplars []RefExemp
 		sort.Sort(lset)
 
 		exemplars = append(exemplars, RefExemplar{
-			Ref:    baseRef + uint64(dref),
+			Ref:    chunks.HeadSeriesRef(baseRef + uint64(dref)),
 			T:      baseTime + dtime,
 			V:      math.Float64frombits(val),
 			Labels: lset,
@@ -225,8 +225,7 @@ func (d *Decoder) ExemplarsFromBuffer(dec *encoding.Decbuf, exemplars []RefExemp
 
 // Encoder encodes series, sample, and tombstones records.
 // The zero value is ready to use.
-type Encoder struct {
-}
+type Encoder struct{}
 
 // Series appends the encoded series to b and returns the resulting slice.
 func (e *Encoder) Series(series []RefSeries, b []byte) []byte {
@@ -234,7 +233,7 @@ func (e *Encoder) Series(series []RefSeries, b []byte) []byte {
 	buf.PutByte(byte(Series))
 
 	for _, s := range series {
-		buf.PutBE64(s.Ref)
+		buf.PutBE64(uint64(s.Ref))
 		buf.PutUvarint(len(s.Labels))
 
 		for _, l := range s.Labels {
@@ -258,7 +257,7 @@ func (e *Encoder) Samples(samples []RefSample, b []byte) []byte {
 	// All samples encode their timestamp and ref as delta to those.
 	first := samples[0]
 
-	buf.PutBE64(first.Ref)
+	buf.PutBE64(uint64(first.Ref))
 	buf.PutBE64int64(first.T)
 
 	for _, s := range samples {
@@ -276,7 +275,7 @@ func (e *Encoder) Tombstones(tstones []tombstones.Stone, b []byte) []byte {
 
 	for _, s := range tstones {
 		for _, iv := range s.Intervals {
-			buf.PutBE64(s.Ref)
+			buf.PutBE64(uint64(s.Ref))
 			buf.PutVarint64(iv.Mint)
 			buf.PutVarint64(iv.Maxt)
 		}
@@ -302,7 +301,7 @@ func (e *Encoder) EncodeExemplarsIntoBuffer(exemplars []RefExemplar, buf *encodi
 	// All samples encode their timestamp and ref as delta to those.
 	first := exemplars[0]
 
-	buf.PutBE64(first.Ref)
+	buf.PutBE64(uint64(first.Ref))
 	buf.PutBE64int64(first.T)
 
 	for _, ex := range exemplars {
diff --git a/vendor/github.com/prometheus/prometheus/tsdb/tombstones/tombstones.go b/vendor/github.com/prometheus/prometheus/tsdb/tombstones/tombstones.go
index 8b95481a4fc..621e104714d 100644
--- a/vendor/github.com/prometheus/prometheus/tsdb/tombstones/tombstones.go
+++ b/vendor/github.com/prometheus/prometheus/tsdb/tombstones/tombstones.go
@@ -28,6 +28,7 @@ import (
 	"github.com/go-kit/log/level"
 	"github.com/pkg/errors"
 
+	"github.com/prometheus/prometheus/storage"
 	"github.com/prometheus/prometheus/tsdb/encoding"
 	tsdb_errors "github.com/prometheus/prometheus/tsdb/errors"
 	"github.com/prometheus/prometheus/tsdb/fileutil"
@@ -39,8 +40,10 @@ const (
 	// MagicTombstone is 4 bytes at the head of a tombstone file.
 	MagicTombstone = 0x0130BA30
 
-	tombstoneFormatV1    = 1
-	tombstonesHeaderSize = 5
+	tombstoneFormatV1          = 1
+	tombstoneFormatVersionSize = 1
+	tombstonesHeaderSize       = 5
+	tombstonesCRCSize          = 4
 )
 
 // The table gets initialized with sync.Once but may still cause a race
@@ -61,10 +64,10 @@ func newCRC32() hash.Hash32 {
 // Reader gives access to tombstone intervals by series reference.
 type Reader interface {
 	// Get returns deletion intervals for the series with the given reference.
-	Get(ref uint64) (Intervals, error)
+	Get(ref storage.SeriesRef) (Intervals, error)
 
 	// Iter calls the given function for each encountered interval.
-	Iter(func(uint64, Intervals) error) error
+	Iter(func(storage.SeriesRef, Intervals) error) error
 
 	// Total returns the total count of tombstones.
 	Total() uint64
@@ -110,7 +113,7 @@ func WriteFile(logger log.Logger, dir string, tr Reader) (int64, error) {
 	}
 
 	// Ignore first byte which is the format type. We do this for compatibility.
-	if _, err := hash.Write(bytes[1:]); err != nil {
+	if _, err := hash.Write(bytes[tombstoneFormatVersionSize:]); err != nil {
 		return 0, errors.Wrap(err, "calculating hash for tombstones")
 	}
 
@@ -142,9 +145,9 @@ func WriteFile(logger log.Logger, dir string, tr Reader) (int64, error) {
 func Encode(tr Reader) ([]byte, error) {
 	buf := encoding.Encbuf{}
 	buf.PutByte(tombstoneFormatV1)
-	err := tr.Iter(func(ref uint64, ivs Intervals) error {
+	err := tr.Iter(func(ref storage.SeriesRef, ivs Intervals) error {
 		for _, iv := range ivs {
-			buf.PutUvarint64(ref)
+			buf.PutUvarint64(uint64(ref))
 			buf.PutVarint64(iv.Mint)
 			buf.PutVarint64(iv.Maxt)
 		}
@@ -167,7 +170,7 @@ func Decode(b []byte) (Reader, error) {
 
 	stonesMap := NewMemTombstones()
 	for d.Len() > 0 {
-		k := d.Uvarint64()
+		k := storage.SeriesRef(d.Uvarint64())
 		mint := d.Varint64()
 		maxt := d.Varint64()
 		if d.Err() != nil {
@@ -182,7 +185,7 @@ func Decode(b []byte) (Reader, error) {
 // Stone holds the information on the posting and time-range
 // that is deleted.
 type Stone struct {
-	Ref       uint64
+	Ref       storage.SeriesRef
 	Intervals Intervals
 }
 
@@ -198,7 +201,7 @@ func ReadTombstones(dir string) (Reader, int64, error) {
 		return nil, 0, errors.Wrap(encoding.ErrInvalidSize, "tombstones header")
 	}
 
-	d := &encoding.Decbuf{B: b[:len(b)-4]} // 4 for the checksum.
+	d := &encoding.Decbuf{B: b[:len(b)-tombstonesCRCSize]}
 	if mg := d.Be32(); mg != MagicTombstone {
 		return nil, 0, fmt.Errorf("invalid magic number %x", mg)
 	}
@@ -206,10 +209,10 @@ func ReadTombstones(dir string) (Reader, int64, error) {
 	// Verify checksum.
 	hash := newCRC32()
 	// Ignore first byte which is the format type.
-	if _, err := hash.Write(d.Get()[1:]); err != nil {
+	if _, err := hash.Write(d.Get()[tombstoneFormatVersionSize:]); err != nil {
 		return nil, 0, errors.Wrap(err, "write to hash")
 	}
-	if binary.BigEndian.Uint32(b[len(b)-4:]) != hash.Sum32() {
+	if binary.BigEndian.Uint32(b[len(b)-tombstonesCRCSize:]) != hash.Sum32() {
 		return nil, 0, errors.New("checksum did not match")
 	}
 
@@ -226,33 +229,33 @@ func ReadTombstones(dir string) (Reader, int64, error) {
 }
 
 type MemTombstones struct {
-	intvlGroups map[uint64]Intervals
+	intvlGroups map[storage.SeriesRef]Intervals
 	mtx         sync.RWMutex
 }
 
 // NewMemTombstones creates new in memory Tombstone Reader
 // that allows adding new intervals.
 func NewMemTombstones() *MemTombstones {
-	return &MemTombstones{intvlGroups: make(map[uint64]Intervals)}
+	return &MemTombstones{intvlGroups: make(map[storage.SeriesRef]Intervals)}
 }
 
 func NewTestMemTombstones(intervals []Intervals) *MemTombstones {
 	ret := NewMemTombstones()
 	for i, intervalsGroup := range intervals {
 		for _, interval := range intervalsGroup {
-			ret.AddInterval(uint64(i+1), interval)
+			ret.AddInterval(storage.SeriesRef(i+1), interval)
 		}
 	}
 	return ret
 }
 
-func (t *MemTombstones) Get(ref uint64) (Intervals, error) {
+func (t *MemTombstones) Get(ref storage.SeriesRef) (Intervals, error) {
 	t.mtx.RLock()
 	defer t.mtx.RUnlock()
 	return t.intvlGroups[ref], nil
 }
 
-func (t *MemTombstones) DeleteTombstones(refs map[uint64]struct{}) {
+func (t *MemTombstones) DeleteTombstones(refs map[storage.SeriesRef]struct{}) {
 	t.mtx.Lock()
 	defer t.mtx.Unlock()
 	for ref := range refs {
@@ -280,7 +283,7 @@ func (t *MemTombstones) TruncateBefore(beforeT int64) {
 	}
 }
 
-func (t *MemTombstones) Iter(f func(uint64, Intervals) error) error {
+func (t *MemTombstones) Iter(f func(storage.SeriesRef, Intervals) error) error {
 	t.mtx.RLock()
 	defer t.mtx.RUnlock()
 	for ref, ivs := range t.intvlGroups {
@@ -303,7 +306,7 @@ func (t *MemTombstones) Total() uint64 {
 }
 
 // AddInterval to an existing memTombstones.
-func (t *MemTombstones) AddInterval(ref uint64, itvs ...Interval) {
+func (t *MemTombstones) AddInterval(ref storage.SeriesRef, itvs ...Interval) {
 	t.mtx.Lock()
 	defer t.mtx.Unlock()
 	for _, itv := range itvs {
diff --git a/vendor/github.com/prometheus/prometheus/tsdb/tsdbblockutil.go b/vendor/github.com/prometheus/prometheus/tsdb/tsdbblockutil.go
index 3e4ac5856fe..73244632472 100644
--- a/vendor/github.com/prometheus/prometheus/tsdb/tsdbblockutil.go
+++ b/vendor/github.com/prometheus/prometheus/tsdb/tsdbblockutil.go
@@ -48,7 +48,7 @@ func CreateBlock(series []storage.Series, dir string, chunkRange int64, logger l
 	app := w.Appender(ctx)
 
 	for _, s := range series {
-		ref := uint64(0)
+		ref := storage.SeriesRef(0)
 		it := s.Iterator()
 		lset := s.Labels()
 		for it.Next() {
diff --git a/vendor/github.com/prometheus/prometheus/tsdb/tsdbutil/buffer.go b/vendor/github.com/prometheus/prometheus/tsdb/tsdbutil/buffer.go
index a24d5047293..3e136bb1d53 100644
--- a/vendor/github.com/prometheus/prometheus/tsdb/tsdbutil/buffer.go
+++ b/vendor/github.com/prometheus/prometheus/tsdb/tsdbutil/buffer.go
@@ -210,7 +210,7 @@ func (r *sampleRing) last() (int64, float64, bool) {
 func (r *sampleRing) samples() []sample {
 	res := make([]sample, r.l)
 
-	var k = r.f + r.l
+	k := r.f + r.l
 	var j int
 	if k > len(r.buf) {
 		k = len(r.buf)
diff --git a/vendor/github.com/prometheus/prometheus/tsdb/tsdbutil/chunks.go b/vendor/github.com/prometheus/prometheus/tsdb/tsdbutil/chunks.go
index 5ae58b0a8cf..ffe9c05e001 100644
--- a/vendor/github.com/prometheus/prometheus/tsdb/tsdbutil/chunks.go
+++ b/vendor/github.com/prometheus/prometheus/tsdb/tsdbutil/chunks.go
@@ -67,7 +67,7 @@ func PopulatedChunk(numSamples int, minTime int64) chunks.Meta {
 }
 
 // GenerateSamples starting at start and counting up numSamples.
-func GenerateSamples(start int, numSamples int) []Sample {
+func GenerateSamples(start, numSamples int) []Sample {
 	samples := make([]Sample, 0, numSamples)
 	for i := start; i < start+numSamples; i++ {
 		samples = append(samples, sample{
diff --git a/vendor/github.com/prometheus/prometheus/tsdb/tsdbutil/dir_locker.go b/vendor/github.com/prometheus/prometheus/tsdb/tsdbutil/dir_locker.go
new file mode 100644
index 00000000000..155f5864150
--- /dev/null
+++ b/vendor/github.com/prometheus/prometheus/tsdb/tsdbutil/dir_locker.go
@@ -0,0 +1,104 @@
+// Copyright 2021 The Prometheus Authors
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+// http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+package tsdbutil
+
+import (
+	"fmt"
+	"os"
+	"path/filepath"
+
+	"github.com/go-kit/log"
+	"github.com/go-kit/log/level"
+	"github.com/pkg/errors"
+	"github.com/prometheus/client_golang/prometheus"
+
+	tsdb_errors "github.com/prometheus/prometheus/tsdb/errors"
+	"github.com/prometheus/prometheus/tsdb/fileutil"
+)
+
+const (
+	lockfileDisabled       = -1
+	lockfileReplaced       = 0
+	lockfileCreatedCleanly = 1
+)
+
+type DirLocker struct {
+	logger log.Logger
+
+	createdCleanly prometheus.Gauge
+
+	releaser fileutil.Releaser
+	path     string
+}
+
+// NewDirLocker creates a DirLocker that can obtain an exclusive lock on dir.
+func NewDirLocker(dir, subsystem string, l log.Logger, r prometheus.Registerer) (*DirLocker, error) {
+	lock := &DirLocker{
+		logger: l,
+		createdCleanly: prometheus.NewGauge(prometheus.GaugeOpts{
+			Name: fmt.Sprintf("prometheus_%s_clean_start", subsystem),
+			Help: "-1: lockfile is disabled. 0: a lockfile from a previous execution was replaced. 1: lockfile creation was clean",
+		}),
+	}
+
+	if r != nil {
+		r.MustRegister(lock.createdCleanly)
+	}
+
+	lock.createdCleanly.Set(lockfileDisabled)
+
+	absdir, err := filepath.Abs(dir)
+	if err != nil {
+		return nil, err
+	}
+	lock.path = filepath.Join(absdir, "lock")
+
+	return lock, nil
+}
+
+// Lock obtains the lock on the locker directory.
+func (l *DirLocker) Lock() error {
+	if l.releaser != nil {
+		return errors.New("DB lock already obtained")
+	}
+
+	if _, err := os.Stat(l.path); err == nil {
+		level.Warn(l.logger).Log("msg", "A lockfile from a previous execution already existed. It was replaced", "file", l.path)
+
+		l.createdCleanly.Set(lockfileReplaced)
+	} else {
+		l.createdCleanly.Set(lockfileCreatedCleanly)
+	}
+
+	lockf, _, err := fileutil.Flock(l.path)
+	if err != nil {
+		return errors.Wrap(err, "lock DB directory")
+	}
+	l.releaser = lockf
+	return nil
+}
+
+// Release releases the lock. No-op if the lock is not held.
+func (l *DirLocker) Release() error {
+	if l.releaser == nil {
+		return nil
+	}
+
+	errs := tsdb_errors.NewMulti()
+	errs.Add(l.releaser.Release())
+	errs.Add(os.Remove(l.path))
+
+	l.releaser = nil
+	return errs.Err()
+}
diff --git a/vendor/github.com/prometheus/prometheus/tsdb/tsdbutil/dir_locker_testutil.go b/vendor/github.com/prometheus/prometheus/tsdb/tsdbutil/dir_locker_testutil.go
new file mode 100644
index 00000000000..cbb21e254fa
--- /dev/null
+++ b/vendor/github.com/prometheus/prometheus/tsdb/tsdbutil/dir_locker_testutil.go
@@ -0,0 +1,91 @@
+// Copyright 2021 The Prometheus Authors
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+// http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+package tsdbutil
+
+import (
+	"fmt"
+	"io/ioutil"
+	"os"
+	"testing"
+
+	"github.com/go-kit/log"
+	prom_testutil "github.com/prometheus/client_golang/prometheus/testutil"
+	"github.com/stretchr/testify/require"
+
+	"github.com/prometheus/prometheus/util/testutil"
+)
+
+// TestDirLockerUsage performs a set of tests which guarantee correct usage of
+// DirLocker. open should use data as the storage directory, and createLock
+// to determine if a lock file should be used.
+func TestDirLockerUsage(t *testing.T, open func(t *testing.T, data string, createLock bool) (*DirLocker, testutil.Closer)) {
+	t.Helper()
+
+	cases := []struct {
+		fileAlreadyExists bool
+		lockFileDisabled  bool
+		expectedValue     int
+	}{
+		{
+			fileAlreadyExists: false,
+			lockFileDisabled:  false,
+			expectedValue:     lockfileCreatedCleanly,
+		},
+		{
+			fileAlreadyExists: true,
+			lockFileDisabled:  false,
+			expectedValue:     lockfileReplaced,
+		},
+		{
+			fileAlreadyExists: true,
+			lockFileDisabled:  true,
+			expectedValue:     lockfileDisabled,
+		},
+		{
+			fileAlreadyExists: false,
+			lockFileDisabled:  true,
+			expectedValue:     lockfileDisabled,
+		},
+	}
+
+	for _, c := range cases {
+		t.Run(fmt.Sprintf("%+v", c), func(t *testing.T) {
+			tmpdir, err := ioutil.TempDir("", "test")
+			require.NoError(t, err)
+			t.Cleanup(func() {
+				require.NoError(t, os.RemoveAll(tmpdir))
+			})
+
+			// Test preconditions (file already exists + lockfile option)
+			if c.fileAlreadyExists {
+				tmpLocker, err := NewDirLocker(tmpdir, "tsdb", log.NewNopLogger(), nil)
+				require.NoError(t, err)
+				err = ioutil.WriteFile(tmpLocker.path, []byte{}, 0o644)
+				require.NoError(t, err)
+			}
+
+			locker, closer := open(t, tmpdir, !c.lockFileDisabled)
+			require.Equal(t, float64(c.expectedValue), prom_testutil.ToFloat64(locker.createdCleanly))
+
+			// Close the client. This should delete the lockfile.
+			closer.Close()
+
+			// Check that the lockfile is always deleted
+			if !c.lockFileDisabled {
+				_, err = os.Stat(locker.path)
+				require.True(t, os.IsNotExist(err), "lockfile was not deleted")
+			}
+		})
+	}
+}
diff --git a/vendor/github.com/prometheus/prometheus/tsdb/wal.go b/vendor/github.com/prometheus/prometheus/tsdb/wal.go
index 71fc0a44c37..05661779fe9 100644
--- a/vendor/github.com/prometheus/prometheus/tsdb/wal.go
+++ b/vendor/github.com/prometheus/prometheus/tsdb/wal.go
@@ -32,7 +32,9 @@ import (
 	"github.com/pkg/errors"
 	"github.com/prometheus/client_golang/prometheus"
 
-	"github.com/prometheus/prometheus/pkg/labels"
+	"github.com/prometheus/prometheus/model/labels"
+	"github.com/prometheus/prometheus/storage"
+	"github.com/prometheus/prometheus/tsdb/chunks"
 	"github.com/prometheus/prometheus/tsdb/encoding"
 	"github.com/prometheus/prometheus/tsdb/fileutil"
 	"github.com/prometheus/prometheus/tsdb/record"
@@ -113,8 +115,8 @@ type WALReader interface {
 // the truncation threshold can be compacted.
 type segmentFile struct {
 	*os.File
-	maxTime   int64  // highest tombstone or sample timestamp in segment
-	minSeries uint64 // lowerst series ID in segment
+	maxTime   int64                // highest tombstone or sample timestamp in segment
+	minSeries chunks.HeadSeriesRef // lowerst series ID in segment
 }
 
 func newSegmentFile(f *os.File) *segmentFile {
@@ -171,7 +173,7 @@ type SegmentWAL struct {
 // OpenSegmentWAL opens or creates a write ahead log in the given directory.
 // The WAL must be read completely before new data is written.
 func OpenSegmentWAL(dir string, logger log.Logger, flushInterval time.Duration, r prometheus.Registerer) (*SegmentWAL, error) {
-	if err := os.MkdirAll(dir, 0777); err != nil {
+	if err := os.MkdirAll(dir, 0o777); err != nil {
 		return nil, err
 	}
 	df, err := fileutil.OpenDir(dir)
@@ -292,7 +294,7 @@ func (w *SegmentWAL) putBuffer(b *encoding.Encbuf) {
 
 // Truncate deletes the values prior to mint and the series which the keep function
 // does not indicate to preserve.
-func (w *SegmentWAL) Truncate(mint int64, keep func(uint64) bool) error {
+func (w *SegmentWAL) Truncate(mint int64, keep func(chunks.HeadSeriesRef) bool) error {
 	// The last segment is always active.
 	if len(w.files) < 2 {
 		return nil
@@ -505,7 +507,7 @@ func (w *SegmentWAL) LogDeletes(stones []tombstones.Stone) error {
 func (w *SegmentWAL) openSegmentFile(name string) (*os.File, error) {
 	// We must open all files in read/write mode as we may have to truncate along
 	// the way and any file may become the head.
-	f, err := os.OpenFile(name, os.O_RDWR, 0666)
+	f, err := os.OpenFile(name, os.O_RDWR, 0o666)
 	if err != nil {
 		return nil, err
 	}
@@ -787,7 +789,7 @@ const (
 
 func (w *SegmentWAL) encodeSeries(buf *encoding.Encbuf, series []record.RefSeries) uint8 {
 	for _, s := range series {
-		buf.PutBE64(s.Ref)
+		buf.PutBE64(uint64(s.Ref))
 		buf.PutUvarint(len(s.Labels))
 
 		for _, l := range s.Labels {
@@ -808,7 +810,7 @@ func (w *SegmentWAL) encodeSamples(buf *encoding.Encbuf, samples []record.RefSam
 	// TODO(fabxc): optimize for all samples having the same timestamp.
 	first := samples[0]
 
-	buf.PutBE64(first.Ref)
+	buf.PutBE64(uint64(first.Ref))
 	buf.PutBE64int64(first.T)
 
 	for _, s := range samples {
@@ -822,7 +824,7 @@ func (w *SegmentWAL) encodeSamples(buf *encoding.Encbuf, samples []record.RefSam
 func (w *SegmentWAL) encodeDeletes(buf *encoding.Encbuf, stones []tombstones.Stone) uint8 {
 	for _, s := range stones {
 		for _, iv := range s.Intervals {
-			buf.PutBE64(s.Ref)
+			buf.PutBE64(uint64(s.Ref))
 			buf.PutVarint64(iv.Mint)
 			buf.PutVarint64(iv.Maxt)
 		}
@@ -1120,7 +1122,7 @@ func (r *walReader) decodeSeries(flag byte, b []byte, res *[]record.RefSeries) e
 	dec := encoding.Decbuf{B: b}
 
 	for len(dec.B) > 0 && dec.Err() == nil {
-		ref := dec.Be64()
+		ref := chunks.HeadSeriesRef(dec.Be64())
 
 		lset := make(labels.Labels, dec.Uvarint())
 
@@ -1161,7 +1163,7 @@ func (r *walReader) decodeSamples(flag byte, b []byte, res *[]record.RefSample)
 		val := dec.Be64()
 
 		*res = append(*res, record.RefSample{
-			Ref: uint64(int64(baseRef) + dref),
+			Ref: chunks.HeadSeriesRef(int64(baseRef) + dref),
 			T:   baseTime + dtime,
 			V:   math.Float64frombits(val),
 		})
@@ -1181,7 +1183,7 @@ func (r *walReader) decodeDeletes(flag byte, b []byte, res *[]tombstones.Stone)
 
 	for dec.Len() > 0 && dec.Err() == nil {
 		*res = append(*res, tombstones.Stone{
-			Ref: dec.Be64(),
+			Ref: storage.SeriesRef(dec.Be64()),
 			Intervals: tombstones.Intervals{
 				{Mint: dec.Varint64(), Maxt: dec.Varint64()},
 			},
diff --git a/vendor/github.com/prometheus/prometheus/tsdb/wal/checkpoint.go b/vendor/github.com/prometheus/prometheus/tsdb/wal/checkpoint.go
index eb0d27034a5..9064beed061 100644
--- a/vendor/github.com/prometheus/prometheus/tsdb/wal/checkpoint.go
+++ b/vendor/github.com/prometheus/prometheus/tsdb/wal/checkpoint.go
@@ -29,6 +29,7 @@ import (
 	"github.com/go-kit/log/level"
 	"github.com/pkg/errors"
 
+	"github.com/prometheus/prometheus/tsdb/chunks"
 	tsdb_errors "github.com/prometheus/prometheus/tsdb/errors"
 	"github.com/prometheus/prometheus/tsdb/fileutil"
 	"github.com/prometheus/prometheus/tsdb/record"
@@ -82,22 +83,21 @@ func DeleteCheckpoints(dir string, maxIndex int) error {
 
 const checkpointPrefix = "checkpoint."
 
-// Checkpoint creates a compacted checkpoint of segments in range [first, last] in the given WAL.
+// Checkpoint creates a compacted checkpoint of segments in range [from, to] in the given WAL.
 // It includes the most recent checkpoint if it exists.
-// All series not satisfying keep and samples below mint are dropped.
+// All series not satisfying keep and samples/tombstones/exemplars below mint are dropped.
 //
 // The checkpoint is stored in a directory named checkpoint.N in the same
 // segmented format as the original WAL itself.
 // This makes it easy to read it through the WAL package and concatenate
 // it with the original WAL.
-func Checkpoint(logger log.Logger, w *WAL, from, to int, keep func(id uint64) bool, mint int64) (*CheckpointStats, error) {
+func Checkpoint(logger log.Logger, w *WAL, from, to int, keep func(id chunks.HeadSeriesRef) bool, mint int64) (*CheckpointStats, error) {
 	stats := &CheckpointStats{}
 	var sgmReader io.ReadCloser
 
 	level.Info(logger).Log("msg", "Creating checkpoint", "from_segment", from, "to_segment", to, "mint", mint)
 
 	{
-
 		var sgmRange []SegmentRange
 		dir, idx, err := LastCheckpoint(w.Dir())
 		if err != nil && err != record.ErrNotFound {
@@ -129,7 +129,7 @@ func Checkpoint(logger log.Logger, w *WAL, from, to int, keep func(id uint64) bo
 		return nil, errors.Wrap(err, "remove previous temporary checkpoint dir")
 	}
 
-	if err := os.MkdirAll(cpdirtmp, 0777); err != nil {
+	if err := os.MkdirAll(cpdirtmp, 0o777); err != nil {
 		return nil, errors.Wrap(err, "create checkpoint dir")
 	}
 	cp, err := New(nil, nil, cpdirtmp, w.CompressionEnabled())
diff --git a/vendor/github.com/prometheus/prometheus/tsdb/wal/wal.go b/vendor/github.com/prometheus/prometheus/tsdb/wal/wal.go
index c5023b0fdbf..3bc2894d322 100644
--- a/vendor/github.com/prometheus/prometheus/tsdb/wal/wal.go
+++ b/vendor/github.com/prometheus/prometheus/tsdb/wal/wal.go
@@ -118,7 +118,7 @@ func (e *CorruptionErr) Error() string {
 // OpenWriteSegment opens segment k in dir. The returned segment is ready for new appends.
 func OpenWriteSegment(logger log.Logger, dir string, k int) (*Segment, error) {
 	segName := SegmentName(dir, k)
-	f, err := os.OpenFile(segName, os.O_WRONLY|os.O_APPEND, 0666)
+	f, err := os.OpenFile(segName, os.O_WRONLY|os.O_APPEND, 0o666)
 	if err != nil {
 		return nil, err
 	}
@@ -144,7 +144,7 @@ func OpenWriteSegment(logger log.Logger, dir string, k int) (*Segment, error) {
 
 // CreateSegment creates a new segment k in dir.
 func CreateSegment(dir string, k int) (*Segment, error) {
-	f, err := os.OpenFile(SegmentName(dir, k), os.O_WRONLY|os.O_CREATE|os.O_APPEND, 0666)
+	f, err := os.OpenFile(SegmentName(dir, k), os.O_WRONLY|os.O_CREATE|os.O_APPEND, 0o666)
 	if err != nil {
 		return nil, err
 	}
@@ -260,7 +260,7 @@ func NewSize(logger log.Logger, reg prometheus.Registerer, dir string, segmentSi
 	if segmentSize%pageSize != 0 {
 		return nil, errors.New("invalid segment size")
 	}
-	if err := os.MkdirAll(dir, 0777); err != nil {
+	if err := os.MkdirAll(dir, 0o777); err != nil {
 		return nil, errors.Wrap(err, "create dir")
 	}
 	if logger == nil {
@@ -452,10 +452,7 @@ func (w *WAL) Repair(origErr error) error {
 	if err != nil {
 		return err
 	}
-	if err := w.setSegment(s); err != nil {
-		return err
-	}
-	return nil
+	return w.setSegment(s)
 }
 
 // SegmentName builds a segment name for the directory.
@@ -472,6 +469,10 @@ func (w *WAL) NextSegment() error {
 
 // nextSegment creates the next segment and closes the previous one.
 func (w *WAL) nextSegment() error {
+	if w.closed {
+		return errors.New("wal is closed")
+	}
+
 	// Only flush the current page if it actually holds data.
 	if w.page.alloc > 0 {
 		if err := w.flushPage(true); err != nil {
@@ -875,19 +876,24 @@ type segmentBufReader struct {
 	off  int // Offset of read data into current segment.
 }
 
-// nolint:golint // TODO: Consider exporting segmentBufReader
+// nolint:revive // TODO: Consider exporting segmentBufReader
 func NewSegmentBufReader(segs ...*Segment) *segmentBufReader {
+	if len(segs) == 0 {
+		return &segmentBufReader{}
+	}
+
 	return &segmentBufReader{
 		buf:  bufio.NewReaderSize(segs[0], 16*pageSize),
 		segs: segs,
 	}
 }
 
-// nolint:golint
+// nolint:revive
 func NewSegmentBufReaderWithOffset(offset int, segs ...*Segment) (sbr *segmentBufReader, err error) {
-	if offset == 0 {
+	if offset == 0 || len(segs) == 0 {
 		return NewSegmentBufReader(segs...), nil
 	}
+
 	sbr = &segmentBufReader{
 		buf:  bufio.NewReaderSize(segs[0], 16*pageSize),
 		segs: segs,
@@ -909,6 +915,10 @@ func (r *segmentBufReader) Close() (err error) {
 
 // Read implements io.Reader.
 func (r *segmentBufReader) Read(b []byte) (n int, err error) {
+	if len(r.segs) == 0 {
+		return 0, io.EOF
+	}
+
 	n, err = r.buf.Read(b)
 	r.off += n
 
diff --git a/vendor/github.com/prometheus/prometheus/tsdb/wal/watcher.go b/vendor/github.com/prometheus/prometheus/tsdb/wal/watcher.go
index accefa7aaff..3c47b58d057 100644
--- a/vendor/github.com/prometheus/prometheus/tsdb/wal/watcher.go
+++ b/vendor/github.com/prometheus/prometheus/tsdb/wal/watcher.go
@@ -30,7 +30,7 @@ import (
 	"github.com/pkg/errors"
 	"github.com/prometheus/client_golang/prometheus"
 
-	"github.com/prometheus/prometheus/pkg/timestamp"
+	"github.com/prometheus/prometheus/model/timestamp"
 	"github.com/prometheus/prometheus/tsdb/record"
 )
 
diff --git a/vendor/github.com/prometheus/prometheus/pkg/gate/gate.go b/vendor/github.com/prometheus/prometheus/util/gate/gate.go
similarity index 100%
rename from vendor/github.com/prometheus/prometheus/pkg/gate/gate.go
rename to vendor/github.com/prometheus/prometheus/util/gate/gate.go
diff --git a/vendor/github.com/prometheus/prometheus/pkg/logging/dedupe.go b/vendor/github.com/prometheus/prometheus/util/logging/dedupe.go
similarity index 100%
rename from vendor/github.com/prometheus/prometheus/pkg/logging/dedupe.go
rename to vendor/github.com/prometheus/prometheus/util/logging/dedupe.go
diff --git a/vendor/github.com/prometheus/prometheus/pkg/logging/file.go b/vendor/github.com/prometheus/prometheus/util/logging/file.go
similarity index 91%
rename from vendor/github.com/prometheus/prometheus/pkg/logging/file.go
rename to vendor/github.com/prometheus/prometheus/util/logging/file.go
index 3c0c3e3b049..6b5751b016c 100644
--- a/vendor/github.com/prometheus/prometheus/pkg/logging/file.go
+++ b/vendor/github.com/prometheus/prometheus/util/logging/file.go
@@ -21,11 +21,9 @@ import (
 	"github.com/pkg/errors"
 )
 
-var (
-	timestampFormat = log.TimestampFormat(
-		func() time.Time { return time.Now().UTC() },
-		"2006-01-02T15:04:05.000Z07:00",
-	)
+var timestampFormat = log.TimestampFormat(
+	func() time.Time { return time.Now().UTC() },
+	"2006-01-02T15:04:05.000Z07:00",
 )
 
 // JSONFileLogger represents a logger that writes JSON to a file.
@@ -40,7 +38,7 @@ func NewJSONFileLogger(s string) (*JSONFileLogger, error) {
 		return nil, nil
 	}
 
-	f, err := os.OpenFile(s, os.O_APPEND|os.O_CREATE|os.O_WRONLY, 0666)
+	f, err := os.OpenFile(s, os.O_APPEND|os.O_CREATE|os.O_WRONLY, 0o666)
 	if err != nil {
 		return nil, errors.Wrap(err, "can't create json logger")
 	}
diff --git a/vendor/github.com/prometheus/prometheus/pkg/logging/ratelimit.go b/vendor/github.com/prometheus/prometheus/util/logging/ratelimit.go
similarity index 100%
rename from vendor/github.com/prometheus/prometheus/pkg/logging/ratelimit.go
rename to vendor/github.com/prometheus/prometheus/util/logging/ratelimit.go
diff --git a/vendor/github.com/prometheus/prometheus/util/osutil/hostname.go b/vendor/github.com/prometheus/prometheus/util/osutil/hostname.go
index 224dffe7c43..c44cb391b66 100644
--- a/vendor/github.com/prometheus/prometheus/util/osutil/hostname.go
+++ b/vendor/github.com/prometheus/prometheus/util/osutil/hostname.go
@@ -49,14 +49,12 @@ func GetFQDN() (string, error) {
 			if fqdn, err := lookup(ip); err == nil {
 				return fqdn, nil
 			}
-
 		}
 
 		if ip := addr.To16(); ip != nil {
 			if fqdn, err := lookup(ip); err == nil {
 				return fqdn, nil
 			}
-
 		}
 	}
 	return hostname, nil
diff --git a/vendor/github.com/prometheus/prometheus/pkg/pool/pool.go b/vendor/github.com/prometheus/prometheus/util/pool/pool.go
similarity index 100%
rename from vendor/github.com/prometheus/prometheus/pkg/pool/pool.go
rename to vendor/github.com/prometheus/prometheus/util/pool/pool.go
diff --git a/vendor/github.com/prometheus/prometheus/util/strutil/strconv.go b/vendor/github.com/prometheus/prometheus/util/strutil/strconv.go
index 3d96e4faf63..eed0134abda 100644
--- a/vendor/github.com/prometheus/prometheus/util/strutil/strconv.go
+++ b/vendor/github.com/prometheus/prometheus/util/strutil/strconv.go
@@ -19,9 +19,7 @@ import (
 	"regexp"
 )
 
-var (
-	invalidLabelCharRE = regexp.MustCompile(`[^a-zA-Z0-9_]`)
-)
+var invalidLabelCharRE = regexp.MustCompile(`[^a-zA-Z0-9_]`)
 
 // TableLinkForExpression creates an escaped relative link to the table view of
 // the provided expression.
diff --git a/vendor/github.com/prometheus/prometheus/util/teststorage/storage.go b/vendor/github.com/prometheus/prometheus/util/teststorage/storage.go
index 39aac596ebc..a829894778c 100644
--- a/vendor/github.com/prometheus/prometheus/util/teststorage/storage.go
+++ b/vendor/github.com/prometheus/prometheus/util/teststorage/storage.go
@@ -21,8 +21,8 @@ import (
 	"github.com/prometheus/client_golang/prometheus"
 	"github.com/stretchr/testify/require"
 
-	"github.com/prometheus/prometheus/pkg/exemplar"
-	"github.com/prometheus/prometheus/pkg/labels"
+	"github.com/prometheus/prometheus/model/exemplar"
+	"github.com/prometheus/prometheus/model/labels"
 	"github.com/prometheus/prometheus/storage"
 	"github.com/prometheus/prometheus/tsdb"
 	"github.com/prometheus/prometheus/util/testutil"
@@ -70,6 +70,6 @@ func (s TestStorage) ExemplarQueryable() storage.ExemplarQueryable {
 	return s.exemplarStorage
 }
 
-func (s TestStorage) AppendExemplar(ref uint64, l labels.Labels, e exemplar.Exemplar) (uint64, error) {
+func (s TestStorage) AppendExemplar(ref storage.SeriesRef, l labels.Labels, e exemplar.Exemplar) (storage.SeriesRef, error) {
 	return ref, s.exemplarStorage.AddExemplar(l, e)
 }
diff --git a/vendor/github.com/prometheus/prometheus/util/testutil/port.go b/vendor/github.com/prometheus/prometheus/util/testutil/port.go
new file mode 100644
index 00000000000..1e449b123d3
--- /dev/null
+++ b/vendor/github.com/prometheus/prometheus/util/testutil/port.go
@@ -0,0 +1,35 @@
+// Copyright 2021 The Prometheus Authors
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+// http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+package testutil
+
+import (
+	"net"
+	"testing"
+)
+
+// RandomUnprivilegedPort returns valid unprivileged random port number which can be used for testing.
+func RandomUnprivilegedPort(t *testing.T) int {
+	t.Helper()
+
+	listener, err := net.Listen("tcp", ":0")
+	if err != nil {
+		t.Fatalf("Listening on random port: %v", err)
+	}
+
+	if err := listener.Close(); err != nil {
+		t.Fatalf("Closing listener: %v", err)
+	}
+
+	return listener.Addr().(*net.TCPAddr).Port
+}
diff --git a/vendor/github.com/prometheus/prometheus/util/testutil/roundtrip.go b/vendor/github.com/prometheus/prometheus/util/testutil/roundtrip.go
index 996d11f3680..a93991a13e8 100644
--- a/vendor/github.com/prometheus/prometheus/util/testutil/roundtrip.go
+++ b/vendor/github.com/prometheus/prometheus/util/testutil/roundtrip.go
@@ -43,5 +43,7 @@ func NewRoundTripCheckRequest(checkRequest func(*http.Request), theResponse *htt
 		checkRequest: checkRequest,
 		roundTrip: roundTrip{
 			theResponse: theResponse,
-			theError:    theError}}
+			theError:    theError,
+		},
+	}
 }
diff --git a/vendor/github.com/prometheus/prometheus/web/api/v1/api.go b/vendor/github.com/prometheus/prometheus/web/api/v1/api.go
index 9ef2ad47ea6..39d07383c3e 100644
--- a/vendor/github.com/prometheus/prometheus/web/api/v1/api.go
+++ b/vendor/github.com/prometheus/prometheus/web/api/v1/api.go
@@ -39,10 +39,10 @@ import (
 	"github.com/prometheus/common/route"
 
 	"github.com/prometheus/prometheus/config"
-	"github.com/prometheus/prometheus/pkg/exemplar"
-	"github.com/prometheus/prometheus/pkg/labels"
-	"github.com/prometheus/prometheus/pkg/textparse"
-	"github.com/prometheus/prometheus/pkg/timestamp"
+	"github.com/prometheus/prometheus/model/exemplar"
+	"github.com/prometheus/prometheus/model/labels"
+	"github.com/prometheus/prometheus/model/textparse"
+	"github.com/prometheus/prometheus/model/timestamp"
 	"github.com/prometheus/prometheus/promql"
 	"github.com/prometheus/prometheus/promql/parser"
 	"github.com/prometheus/prometheus/rules"
@@ -75,9 +75,7 @@ const (
 	errorNotFound    errorType = "not_found"
 )
 
-var (
-	LocalhostRepresentations = []string{"127.0.0.1", "localhost", "::1"}
-)
+var LocalhostRepresentations = []string{"127.0.0.1", "localhost", "::1"}
 
 type apiError struct {
 	typ errorType
@@ -181,6 +179,7 @@ type API struct {
 	buildInfo   *PrometheusVersion
 	runtimeInfo func() (RuntimeInfo, error)
 	gatherer    prometheus.Gatherer
+	isAgent     bool
 
 	remoteWriteHandler http.Handler
 	remoteReadHandler  http.Handler
@@ -211,6 +210,7 @@ func NewAPI(
 	remoteReadSampleLimit int,
 	remoteReadConcurrencyLimit int,
 	remoteReadMaxBytesInFrame int,
+	isAgent bool,
 	CORSOrigin *regexp.Regexp,
 	runtimeInfo func() (RuntimeInfo, error),
 	buildInfo *PrometheusVersion,
@@ -239,6 +239,7 @@ func NewAPI(
 		runtimeInfo:      runtimeInfo,
 		buildInfo:        buildInfo,
 		gatherer:         gatherer,
+		isAgent:          isAgent,
 
 		remoteReadHandler: remote.NewReadHandler(logger, registerer, q, configFunc, remoteReadSampleLimit, remoteReadConcurrencyLimit, remoteReadMaxBytesInFrame),
 	}
@@ -282,26 +283,35 @@ func (api *API) Register(r *route.Router) {
 		}.ServeHTTP)
 	}
 
+	wrapAgent := func(f apiFunc) http.HandlerFunc {
+		return wrap(func(r *http.Request) apiFuncResult {
+			if api.isAgent {
+				return apiFuncResult{nil, &apiError{errorExec, errors.New("unavailable with Prometheus Agent")}, nil, nil}
+			}
+			return f(r)
+		})
+	}
+
 	r.Options("/*path", wrap(api.options))
 
-	r.Get("/query", wrap(api.query))
-	r.Post("/query", wrap(api.query))
-	r.Get("/query_range", wrap(api.queryRange))
-	r.Post("/query_range", wrap(api.queryRange))
-	r.Get("/query_exemplars", wrap(api.queryExemplars))
-	r.Post("/query_exemplars", wrap(api.queryExemplars))
+	r.Get("/query", wrapAgent(api.query))
+	r.Post("/query", wrapAgent(api.query))
+	r.Get("/query_range", wrapAgent(api.queryRange))
+	r.Post("/query_range", wrapAgent(api.queryRange))
+	r.Get("/query_exemplars", wrapAgent(api.queryExemplars))
+	r.Post("/query_exemplars", wrapAgent(api.queryExemplars))
 
-	r.Get("/labels", wrap(api.labelNames))
-	r.Post("/labels", wrap(api.labelNames))
-	r.Get("/label/:name/values", wrap(api.labelValues))
+	r.Get("/labels", wrapAgent(api.labelNames))
+	r.Post("/labels", wrapAgent(api.labelNames))
+	r.Get("/label/:name/values", wrapAgent(api.labelValues))
 
-	r.Get("/series", wrap(api.series))
-	r.Post("/series", wrap(api.series))
-	r.Del("/series", wrap(api.dropSeries))
+	r.Get("/series", wrapAgent(api.series))
+	r.Post("/series", wrapAgent(api.series))
+	r.Del("/series", wrapAgent(api.dropSeries))
 
 	r.Get("/targets", wrap(api.targets))
 	r.Get("/targets/metadata", wrap(api.targetMetadata))
-	r.Get("/alertmanagers", wrap(api.alertmanagers))
+	r.Get("/alertmanagers", wrapAgent(api.alertmanagers))
 
 	r.Get("/metadata", wrap(api.metricMetadata))
 
@@ -309,22 +319,22 @@ func (api *API) Register(r *route.Router) {
 	r.Get("/status/runtimeinfo", wrap(api.serveRuntimeInfo))
 	r.Get("/status/buildinfo", wrap(api.serveBuildInfo))
 	r.Get("/status/flags", wrap(api.serveFlags))
-	r.Get("/status/tsdb", wrap(api.serveTSDBStatus))
+	r.Get("/status/tsdb", wrapAgent(api.serveTSDBStatus))
 	r.Get("/status/walreplay", api.serveWALReplayStatus)
-	r.Post("/read", api.ready(http.HandlerFunc(api.remoteRead)))
-	r.Post("/write", api.ready(http.HandlerFunc(api.remoteWrite)))
+	r.Post("/read", api.ready(api.remoteRead))
+	r.Post("/write", api.ready(api.remoteWrite))
 
-	r.Get("/alerts", wrap(api.alerts))
-	r.Get("/rules", wrap(api.rules))
+	r.Get("/alerts", wrapAgent(api.alerts))
+	r.Get("/rules", wrapAgent(api.rules))
 
 	// Admin APIs
-	r.Post("/admin/tsdb/delete_series", wrap(api.deleteSeries))
-	r.Post("/admin/tsdb/clean_tombstones", wrap(api.cleanTombstones))
-	r.Post("/admin/tsdb/snapshot", wrap(api.snapshot))
+	r.Post("/admin/tsdb/delete_series", wrapAgent(api.deleteSeries))
+	r.Post("/admin/tsdb/clean_tombstones", wrapAgent(api.cleanTombstones))
+	r.Post("/admin/tsdb/snapshot", wrapAgent(api.snapshot))
 
-	r.Put("/admin/tsdb/delete_series", wrap(api.deleteSeries))
-	r.Put("/admin/tsdb/clean_tombstones", wrap(api.cleanTombstones))
-	r.Put("/admin/tsdb/snapshot", wrap(api.snapshot))
+	r.Put("/admin/tsdb/delete_series", wrapAgent(api.deleteSeries))
+	r.Put("/admin/tsdb/clean_tombstones", wrapAgent(api.cleanTombstones))
+	r.Put("/admin/tsdb/snapshot", wrapAgent(api.snapshot))
 }
 
 type queryData struct {
@@ -1441,7 +1451,7 @@ func (api *API) snapshot(r *http.Request) apiFuncResult {
 			rand.Int63())
 		dir = filepath.Join(snapdir, name)
 	)
-	if err := os.MkdirAll(dir, 0777); err != nil {
+	if err := os.MkdirAll(dir, 0o777); err != nil {
 		return apiFuncResult{nil, &apiError{errorInternal, errors.Wrap(err, "create snapshot directory")}, nil, nil}
 	}
 	if err := api.db.Snapshot(dir, !skipHead); err != nil {
@@ -1497,7 +1507,6 @@ func (api *API) respondError(w http.ResponseWriter, apiErr *apiError, data inter
 		Error:     apiErr.err.Error(),
 		Data:      data,
 	})
-
 	if err != nil {
 		level.Error(api.logger).Log("msg", "error marshaling json response", "err", err)
 		http.Error(w, err.Error(), http.StatusInternalServerError)
@@ -1640,7 +1649,7 @@ func marshalExemplarJSON(ptr unsafe.Pointer, stream *jsoniter.Stream) {
 	stream.WriteMore()
 	stream.WriteObjectField(`timestamp`)
 	marshalTimestamp(p.Ts, stream)
-	//marshalTimestamp(p.Ts, stream)
+	// marshalTimestamp(p.Ts, stream)
 
 	stream.WriteObjectEnd()
 }
diff --git a/vendor/github.com/thanos-io/thanos/pkg/block/block.go b/vendor/github.com/thanos-io/thanos/pkg/block/block.go
index 3f17271ff05..6720e43d1af 100644
--- a/vendor/github.com/thanos-io/thanos/pkg/block/block.go
+++ b/vendor/github.com/thanos-io/thanos/pkg/block/block.go
@@ -18,8 +18,8 @@ import (
 	"strings"
 	"time"
 
-	"github.com/go-kit/kit/log"
-	"github.com/go-kit/kit/log/level"
+	"github.com/go-kit/log"
+	"github.com/go-kit/log/level"
 	"github.com/oklog/ulid"
 	"github.com/pkg/errors"
 	"github.com/prometheus/client_golang/prometheus"
diff --git a/vendor/github.com/thanos-io/thanos/pkg/block/fetcher.go b/vendor/github.com/thanos-io/thanos/pkg/block/fetcher.go
index f9f45202d99..0eeb9453673 100644
--- a/vendor/github.com/thanos-io/thanos/pkg/block/fetcher.go
+++ b/vendor/github.com/thanos-io/thanos/pkg/block/fetcher.go
@@ -14,15 +14,15 @@ import (
 	"sync"
 	"time"
 
-	"github.com/go-kit/kit/log"
-	"github.com/go-kit/kit/log/level"
+	"github.com/go-kit/log"
+	"github.com/go-kit/log/level"
 	"github.com/golang/groupcache/singleflight"
 	"github.com/oklog/ulid"
 	"github.com/pkg/errors"
 	"github.com/prometheus/client_golang/prometheus"
 	"github.com/prometheus/client_golang/prometheus/promauto"
-	"github.com/prometheus/prometheus/pkg/labels"
-	"github.com/prometheus/prometheus/pkg/relabel"
+	"github.com/prometheus/prometheus/model/labels"
+	"github.com/prometheus/prometheus/model/relabel"
 	"github.com/prometheus/prometheus/tsdb"
 	"golang.org/x/sync/errgroup"
 	"gopkg.in/yaml.v2"
@@ -660,9 +660,9 @@ func (f *DeduplicateFilter) DuplicateIDs() []ulid.ULID {
 
 func addNodeBySources(root, add *Node) bool {
 	var rootNode *Node
+	childSources := add.Compaction.Sources
 	for _, node := range root.Children {
 		parentSources := node.Compaction.Sources
-		childSources := add.Compaction.Sources
 
 		// Block exists with same sources, add as child.
 		if contains(parentSources, childSources) && contains(childSources, parentSources) {
diff --git a/vendor/github.com/thanos-io/thanos/pkg/block/index.go b/vendor/github.com/thanos-io/thanos/pkg/block/index.go
index 851dfa9d98a..830ac897180 100644
--- a/vendor/github.com/thanos-io/thanos/pkg/block/index.go
+++ b/vendor/github.com/thanos-io/thanos/pkg/block/index.go
@@ -14,17 +14,17 @@ import (
 	"strings"
 	"time"
 
-	"github.com/thanos-io/thanos/pkg/block/metadata"
-
-	"github.com/go-kit/kit/log"
-	"github.com/go-kit/kit/log/level"
+	"github.com/go-kit/log"
+	"github.com/go-kit/log/level"
 	"github.com/oklog/ulid"
 	"github.com/pkg/errors"
-
-	"github.com/prometheus/prometheus/pkg/labels"
+	"github.com/prometheus/prometheus/model/labels"
+	"github.com/prometheus/prometheus/storage"
 	"github.com/prometheus/prometheus/tsdb"
 	"github.com/prometheus/prometheus/tsdb/chunks"
 	"github.com/prometheus/prometheus/tsdb/index"
+
+	"github.com/thanos-io/thanos/pkg/block/metadata"
 	"github.com/thanos-io/thanos/pkg/runutil"
 )
 
@@ -328,6 +328,7 @@ func GatherIndexHealthStats(logger log.Logger, fn string, minTime, maxTime int64
 		if ooo > 0 {
 			stats.OutOfOrderSeries++
 			stats.OutOfOrderChunks += ooo
+			level.Debug(logger).Log("msg", "found out of order series", "labels", lset)
 		}
 
 		seriesChunks.Add(int64(len(chks)))
@@ -562,7 +563,7 @@ func rewrite(
 	var (
 		postings = index.NewMemPostings()
 		values   = map[string]stringset{}
-		i        = uint64(0)
+		i        = storage.SeriesRef(0)
 		series   = []seriesRepair{}
 	)
 
diff --git a/vendor/github.com/thanos-io/thanos/pkg/block/indexheader/binary_reader.go b/vendor/github.com/thanos-io/thanos/pkg/block/indexheader/binary_reader.go
index b3f30a2c05d..a945d53fa2e 100644
--- a/vendor/github.com/thanos-io/thanos/pkg/block/indexheader/binary_reader.go
+++ b/vendor/github.com/thanos-io/thanos/pkg/block/indexheader/binary_reader.go
@@ -19,13 +19,14 @@ import (
 	"time"
 	"unsafe"
 
-	"github.com/go-kit/kit/log"
-	"github.com/go-kit/kit/log/level"
+	"github.com/go-kit/log"
+	"github.com/go-kit/log/level"
 	"github.com/oklog/ulid"
 	"github.com/pkg/errors"
 	"github.com/prometheus/prometheus/tsdb/encoding"
 	"github.com/prometheus/prometheus/tsdb/fileutil"
 	"github.com/prometheus/prometheus/tsdb/index"
+
 	"github.com/thanos-io/thanos/pkg/block"
 	"github.com/thanos-io/thanos/pkg/objstore"
 	"github.com/thanos-io/thanos/pkg/runutil"
diff --git a/vendor/github.com/thanos-io/thanos/pkg/block/indexheader/lazy_binary_reader.go b/vendor/github.com/thanos-io/thanos/pkg/block/indexheader/lazy_binary_reader.go
index 90ba11c97b3..e805fa1e487 100644
--- a/vendor/github.com/thanos-io/thanos/pkg/block/indexheader/lazy_binary_reader.go
+++ b/vendor/github.com/thanos-io/thanos/pkg/block/indexheader/lazy_binary_reader.go
@@ -10,8 +10,8 @@ import (
 	"sync"
 	"time"
 
-	"github.com/go-kit/kit/log"
-	"github.com/go-kit/kit/log/level"
+	"github.com/go-kit/log"
+	"github.com/go-kit/log/level"
 	"github.com/oklog/ulid"
 	"github.com/pkg/errors"
 	"github.com/prometheus/client_golang/prometheus"
diff --git a/vendor/github.com/thanos-io/thanos/pkg/block/indexheader/reader_pool.go b/vendor/github.com/thanos-io/thanos/pkg/block/indexheader/reader_pool.go
index 20ebecaacaa..c1742d5d4c4 100644
--- a/vendor/github.com/thanos-io/thanos/pkg/block/indexheader/reader_pool.go
+++ b/vendor/github.com/thanos-io/thanos/pkg/block/indexheader/reader_pool.go
@@ -8,8 +8,8 @@ import (
 	"sync"
 	"time"
 
-	"github.com/go-kit/kit/log"
-	"github.com/go-kit/kit/log/level"
+	"github.com/go-kit/log"
+	"github.com/go-kit/log/level"
 	"github.com/oklog/ulid"
 	"github.com/pkg/errors"
 	"github.com/prometheus/client_golang/prometheus"
diff --git a/vendor/github.com/thanos-io/thanos/pkg/block/metadata/hash.go b/vendor/github.com/thanos-io/thanos/pkg/block/metadata/hash.go
index 2ae5fa7e3f0..424d8868f53 100644
--- a/vendor/github.com/thanos-io/thanos/pkg/block/metadata/hash.go
+++ b/vendor/github.com/thanos-io/thanos/pkg/block/metadata/hash.go
@@ -11,8 +11,9 @@ import (
 	"os"
 	"path/filepath"
 
-	"github.com/go-kit/kit/log"
+	"github.com/go-kit/log"
 	"github.com/pkg/errors"
+
 	"github.com/thanos-io/thanos/pkg/runutil"
 )
 
diff --git a/vendor/github.com/thanos-io/thanos/pkg/block/metadata/markers.go b/vendor/github.com/thanos-io/thanos/pkg/block/metadata/markers.go
index f2d40bd0452..81480652fc0 100644
--- a/vendor/github.com/thanos-io/thanos/pkg/block/metadata/markers.go
+++ b/vendor/github.com/thanos-io/thanos/pkg/block/metadata/markers.go
@@ -9,9 +9,10 @@ import (
 	"io/ioutil"
 	"path"
 
-	"github.com/go-kit/kit/log"
+	"github.com/go-kit/log"
 	"github.com/oklog/ulid"
 	"github.com/pkg/errors"
+
 	"github.com/thanos-io/thanos/pkg/objstore"
 	"github.com/thanos-io/thanos/pkg/runutil"
 )
diff --git a/vendor/github.com/thanos-io/thanos/pkg/block/metadata/meta.go b/vendor/github.com/thanos-io/thanos/pkg/block/metadata/meta.go
index f02c09a977c..575fb4e5865 100644
--- a/vendor/github.com/thanos-io/thanos/pkg/block/metadata/meta.go
+++ b/vendor/github.com/thanos-io/thanos/pkg/block/metadata/meta.go
@@ -15,11 +15,11 @@ import (
 	"os"
 	"path/filepath"
 
-	"github.com/go-kit/kit/log"
+	"github.com/go-kit/log"
 	"github.com/oklog/ulid"
 	"github.com/pkg/errors"
-	"github.com/prometheus/prometheus/pkg/labels"
-	"github.com/prometheus/prometheus/pkg/relabel"
+	"github.com/prometheus/prometheus/model/labels"
+	"github.com/prometheus/prometheus/model/relabel"
 	"github.com/prometheus/prometheus/promql/parser"
 	"github.com/prometheus/prometheus/tsdb"
 	"github.com/prometheus/prometheus/tsdb/fileutil"
diff --git a/vendor/github.com/thanos-io/thanos/pkg/block/writer.go b/vendor/github.com/thanos-io/thanos/pkg/block/writer.go
index 38455e3e9ff..c7c999784ad 100644
--- a/vendor/github.com/thanos-io/thanos/pkg/block/writer.go
+++ b/vendor/github.com/thanos-io/thanos/pkg/block/writer.go
@@ -9,10 +9,11 @@ import (
 	"os"
 	"path/filepath"
 
-	"github.com/go-kit/kit/log"
-	"github.com/go-kit/kit/log/level"
+	"github.com/go-kit/log"
+	"github.com/go-kit/log/level"
 	"github.com/pkg/errors"
-	"github.com/prometheus/prometheus/pkg/labels"
+	"github.com/prometheus/prometheus/model/labels"
+	"github.com/prometheus/prometheus/storage"
 	"github.com/prometheus/prometheus/tsdb"
 	"github.com/prometheus/prometheus/tsdb/chunks"
 	tsdb_errors "github.com/prometheus/prometheus/tsdb/errors"
@@ -160,7 +161,7 @@ func (s *statsGatheringSeriesWriter) AddSymbol(sym string) error {
 	return nil
 }
 
-func (s *statsGatheringSeriesWriter) AddSeries(ref uint64, l labels.Labels, chks ...chunks.Meta) error {
+func (s *statsGatheringSeriesWriter) AddSeries(ref storage.SeriesRef, l labels.Labels, chks ...chunks.Meta) error {
 	if err := s.iw.AddSeries(ref, l, chks...); err != nil {
 		return err
 	}
diff --git a/vendor/github.com/thanos-io/thanos/pkg/cache/inmemory.go b/vendor/github.com/thanos-io/thanos/pkg/cache/inmemory.go
index 8ddfe9f0b93..d44cd865b22 100644
--- a/vendor/github.com/thanos-io/thanos/pkg/cache/inmemory.go
+++ b/vendor/github.com/thanos-io/thanos/pkg/cache/inmemory.go
@@ -8,14 +8,15 @@ import (
 	"sync"
 	"time"
 
-	"github.com/go-kit/kit/log"
-	"github.com/go-kit/kit/log/level"
+	"github.com/go-kit/log"
+	"github.com/go-kit/log/level"
 	lru "github.com/hashicorp/golang-lru/simplelru"
 	"github.com/pkg/errors"
 	"github.com/prometheus/client_golang/prometheus"
 	"github.com/prometheus/client_golang/prometheus/promauto"
-	"github.com/thanos-io/thanos/pkg/model"
 	"gopkg.in/yaml.v2"
+
+	"github.com/thanos-io/thanos/pkg/model"
 )
 
 var (
diff --git a/vendor/github.com/thanos-io/thanos/pkg/cache/memcached.go b/vendor/github.com/thanos-io/thanos/pkg/cache/memcached.go
index 695b78e6cd8..0d94806ae35 100644
--- a/vendor/github.com/thanos-io/thanos/pkg/cache/memcached.go
+++ b/vendor/github.com/thanos-io/thanos/pkg/cache/memcached.go
@@ -7,8 +7,8 @@ import (
 	"context"
 	"time"
 
-	"github.com/go-kit/kit/log"
-	"github.com/go-kit/kit/log/level"
+	"github.com/go-kit/log"
+	"github.com/go-kit/log/level"
 	"github.com/prometheus/client_golang/prometheus"
 	"github.com/prometheus/client_golang/prometheus/promauto"
 
@@ -18,7 +18,7 @@ import (
 // MemcachedCache is a memcached-based cache.
 type MemcachedCache struct {
 	logger    log.Logger
-	memcached cacheutil.MemcachedClient
+	memcached cacheutil.RemoteCacheClient
 	name      string
 
 	// Metrics.
@@ -27,7 +27,7 @@ type MemcachedCache struct {
 }
 
 // NewMemcachedCache makes a new MemcachedCache.
-func NewMemcachedCache(name string, logger log.Logger, memcached cacheutil.MemcachedClient, reg prometheus.Registerer) *MemcachedCache {
+func NewMemcachedCache(name string, logger log.Logger, memcached cacheutil.RemoteCacheClient, reg prometheus.Registerer) *MemcachedCache {
 	c := &MemcachedCache{
 		logger:    logger,
 		memcached: memcached,
diff --git a/vendor/github.com/thanos-io/thanos/pkg/cache/redis.go b/vendor/github.com/thanos-io/thanos/pkg/cache/redis.go
new file mode 100644
index 00000000000..9c272d3e2b0
--- /dev/null
+++ b/vendor/github.com/thanos-io/thanos/pkg/cache/redis.go
@@ -0,0 +1,69 @@
+// Copyright (c) The Thanos Authors.
+// Licensed under the Apache License 2.0.
+
+package cache
+
+import (
+	"context"
+	"time"
+
+	"github.com/go-kit/log"
+	"github.com/go-kit/log/level"
+	"github.com/prometheus/client_golang/prometheus"
+	"github.com/prometheus/client_golang/prometheus/promauto"
+	"github.com/thanos-io/thanos/pkg/cacheutil"
+)
+
+// RedisCache is a redis cache.
+type RedisCache struct {
+	logger      log.Logger
+	redisClient *cacheutil.RedisClient
+	name        string
+
+	// Metrics.
+	requests prometheus.Counter
+	hits     prometheus.Counter
+}
+
+// NewRedisCache makes a new RedisCache.
+func NewRedisCache(name string, logger log.Logger, redisClient *cacheutil.RedisClient, reg prometheus.Registerer) *RedisCache {
+	c := &RedisCache{
+		logger:      logger,
+		redisClient: redisClient,
+		name:        name,
+	}
+
+	c.requests = promauto.With(reg).NewCounter(prometheus.CounterOpts{
+		Name:        "thanos_cache_redis_requests_total",
+		Help:        "Total number of items requests to redis.",
+		ConstLabels: prometheus.Labels{"name": name},
+	})
+
+	c.hits = promauto.With(reg).NewCounter(prometheus.CounterOpts{
+		Name:        "thanos_cache_redis_hits_total",
+		Help:        "Total number of items requests to the cache that were a hit.",
+		ConstLabels: prometheus.Labels{"name": name},
+	})
+
+	level.Info(logger).Log("msg", "created redis cache")
+
+	return c
+}
+
+// Store data identified by keys.
+func (c *RedisCache) Store(ctx context.Context, data map[string][]byte, ttl time.Duration) {
+	c.redisClient.SetMulti(ctx, data, ttl)
+}
+
+// Fetch fetches multiple keys and returns a map containing cache hits, along with a list of missing keys.
+// In case of error, it logs and return an empty cache hits map.
+func (c *RedisCache) Fetch(ctx context.Context, keys []string) map[string][]byte {
+	c.requests.Add(float64(len(keys)))
+	results := c.redisClient.GetMulti(ctx, keys)
+	c.hits.Add(float64(len(results)))
+	return results
+}
+
+func (c *RedisCache) Name() string {
+	return c.name
+}
diff --git a/vendor/github.com/thanos-io/thanos/pkg/cacheutil/memcached_client.go b/vendor/github.com/thanos-io/thanos/pkg/cacheutil/memcached_client.go
index 02059e8e691..84cdabfb474 100644
--- a/vendor/github.com/thanos-io/thanos/pkg/cacheutil/memcached_client.go
+++ b/vendor/github.com/thanos-io/thanos/pkg/cacheutil/memcached_client.go
@@ -13,8 +13,8 @@ import (
 	"time"
 
 	"github.com/bradfitz/gomemcache/memcache"
-	"github.com/go-kit/kit/log"
-	"github.com/go-kit/kit/log/level"
+	"github.com/go-kit/log"
+	"github.com/go-kit/log/level"
 	"github.com/pkg/errors"
 	"github.com/prometheus/client_golang/prometheus"
 	"github.com/prometheus/client_golang/prometheus/promauto"
@@ -29,6 +29,7 @@ import (
 
 const (
 	opSet                 = "set"
+	opSetMulti            = "setmulti"
 	opGetMulti            = "getmulti"
 	reasonMaxItemSize     = "max-item-size"
 	reasonAsyncBufferFull = "async-buffer-full"
@@ -58,9 +59,14 @@ var (
 	}
 )
 
-// MemcachedClient is a high level client to interact with memcached.
-type MemcachedClient interface {
-	// GetMulti fetches multiple keys at once from memcached. In case of error,
+var (
+	_ RemoteCacheClient = (*memcachedClient)(nil)
+	_ RemoteCacheClient = (*RedisClient)(nil)
+)
+
+// RemoteCacheClient is a high level client to interact with remote cache.
+type RemoteCacheClient interface {
+	// GetMulti fetches multiple keys at once from remoteCache. In case of error,
 	// an empty map is returned and the error tracked/logged.
 	GetMulti(ctx context.Context, keys []string) map[string][]byte
 
@@ -73,13 +79,16 @@ type MemcachedClient interface {
 	Stop()
 }
 
+// MemcachedClient for compatible.
+type MemcachedClient = RemoteCacheClient
+
 // memcachedClientBackend is an interface used to mock the underlying client in tests.
 type memcachedClientBackend interface {
 	GetMulti(keys []string) (map[string]*memcache.Item, error)
 	Set(item *memcache.Item) error
 }
 
-// MemcachedClientConfig is the config accepted by MemcachedClient.
+// MemcachedClientConfig is the config accepted by RemoteCacheClient.
 type MemcachedClientConfig struct {
 	// Addresses specifies the list of memcached addresses. The addresses get
 	// resolved with the DNS provider.
@@ -196,7 +205,7 @@ type memcachedGetMultiResult struct {
 	err   error
 }
 
-// NewMemcachedClient makes a new MemcachedClient.
+// NewMemcachedClient makes a new RemoteCacheClient.
 func NewMemcachedClient(logger log.Logger, name string, conf []byte, reg prometheus.Registerer) (*memcachedClient, error) {
 	config, err := parseMemcachedClientConfig(conf)
 	if err != nil {
@@ -206,7 +215,7 @@ func NewMemcachedClient(logger log.Logger, name string, conf []byte, reg prometh
 	return NewMemcachedClientWithConfig(logger, name, config, reg)
 }
 
-// NewMemcachedClientWithConfig makes a new MemcachedClient.
+// NewMemcachedClientWithConfig makes a new RemoteCacheClient.
 func NewMemcachedClientWithConfig(logger log.Logger, name string, config MemcachedClientConfig, reg prometheus.Registerer) (*memcachedClient, error) {
 	if err := config.validate(); err != nil {
 		return nil, err
diff --git a/vendor/github.com/thanos-io/thanos/pkg/cacheutil/redis_client.go b/vendor/github.com/thanos-io/thanos/pkg/cacheutil/redis_client.go
new file mode 100644
index 00000000000..9b15585d607
--- /dev/null
+++ b/vendor/github.com/thanos-io/thanos/pkg/cacheutil/redis_client.go
@@ -0,0 +1,316 @@
+// Copyright (c) The Thanos Authors.
+// Licensed under the Apache License 2.0.
+
+package cacheutil
+
+import (
+	"context"
+	"fmt"
+	"sync"
+	"time"
+	"unsafe"
+
+	"github.com/go-kit/log"
+	"github.com/go-kit/log/level"
+	"github.com/go-redis/redis/v8"
+	"github.com/pkg/errors"
+	"github.com/prometheus/client_golang/prometheus"
+	"github.com/prometheus/client_golang/prometheus/promauto"
+	"github.com/thanos-io/thanos/pkg/extprom"
+	"github.com/thanos-io/thanos/pkg/gate"
+	"golang.org/x/sync/errgroup"
+	"gopkg.in/yaml.v3"
+)
+
+var (
+	// DefaultRedisClientConfig is default redis config.
+	DefaultRedisClientConfig = RedisClientConfig{
+		DialTimeout:            time.Second * 5,
+		ReadTimeout:            time.Second * 3,
+		WriteTimeout:           time.Second * 3,
+		PoolSize:               100,
+		MinIdleConns:           10,
+		IdleTimeout:            time.Minute * 5,
+		MaxGetMultiConcurrency: 100,
+		GetMultiBatchSize:      100,
+		MaxSetMultiConcurrency: 100,
+		SetMultiBatchSize:      100,
+	}
+)
+
+// RedisClientConfig is the config accepted by RedisClient.
+type RedisClientConfig struct {
+	// Addr specifies the addresses of redis server.
+	Addr string `yaml:"addr"`
+
+	// Use the specified Username to authenticate the current connection
+	// with one of the connections defined in the ACL list when connecting
+	// to a Redis 6.0 instance, or greater, that is using the Redis ACL system.
+	Username string `yaml:"username"`
+	// Optional password. Must match the password specified in the
+	// requirepass server configuration option (if connecting to a Redis 5.0 instance, or lower),
+	// or the User Password when connecting to a Redis 6.0 instance, or greater,
+	// that is using the Redis ACL system.
+	Password string `yaml:"password"`
+
+	// DB Database to be selected after connecting to the server.
+	DB int `yaml:"db"`
+
+	// DialTimeout specifies the client dial timeout.
+	DialTimeout time.Duration `yaml:"dial_timeout"`
+
+	// ReadTimeout specifies the client read timeout.
+	ReadTimeout time.Duration `yaml:"read_timeout"`
+
+	// WriteTimeout specifies the client write timeout.
+	WriteTimeout time.Duration `yaml:"write_timeout"`
+
+	// Maximum number of socket connections.
+	PoolSize int `yaml:"pool_size"`
+
+	// MinIdleConns specifies the minimum number of idle connections which is useful when establishing
+	// new connection is slow.
+	MinIdleConns int `yaml:"min_idle_conns"`
+
+	// Amount of time after which client closes idle connections.
+	// Should be less than server's timeout.
+	// -1 disables idle timeout check.
+	IdleTimeout time.Duration `yaml:"idle_timeout"`
+
+	// Connection age at which client retires (closes) the connection.
+	// Default 0 is to not close aged connections.
+	MaxConnAge time.Duration `yaml:"max_conn_age"`
+
+	// MaxGetMultiConcurrency specifies the maximum number of concurrent GetMulti() operations.
+	// If set to 0, concurrency is unlimited.
+	MaxGetMultiConcurrency int `yaml:"max_get_multi_concurrency"`
+
+	// GetMultiBatchSize specifies the maximum size per batch for mget.
+	GetMultiBatchSize int `yaml:"get_multi_batch_size"`
+
+	// MaxSetMultiConcurrency specifies the maximum number of concurrent SetMulti() operations.
+	// If set to 0, concurrency is unlimited.
+	MaxSetMultiConcurrency int `yaml:"max_set_multi_concurrency"`
+
+	// SetMultiBatchSize specifies the maximum size per batch for pipeline set.
+	SetMultiBatchSize int `yaml:"set_multi_batch_size"`
+}
+
+func (c *RedisClientConfig) validate() error {
+	if c.Addr == "" {
+		return errors.New("no redis addr provided")
+	}
+	return nil
+}
+
+// RedisClient is a wrap of redis.Client.
+type RedisClient struct {
+	*redis.Client
+	config RedisClientConfig
+
+	// getMultiGate used to enforce the max number of concurrent GetMulti() operations.
+	getMultiGate gate.Gate
+	// setMultiGate used to enforce the max number of concurrent SetMulti() operations.
+	setMultiGate gate.Gate
+
+	logger           log.Logger
+	durationSet      prometheus.Observer
+	durationSetMulti prometheus.Observer
+	durationGetMulti prometheus.Observer
+}
+
+// NewRedisClient makes a new RedisClient.
+func NewRedisClient(logger log.Logger, name string, conf []byte, reg prometheus.Registerer) (*RedisClient, error) {
+	config, err := parseRedisClientConfig(conf)
+	if err != nil {
+		return nil, err
+	}
+
+	return NewRedisClientWithConfig(logger, name, config, reg)
+}
+
+// NewRedisClientWithConfig makes a new RedisClient.
+func NewRedisClientWithConfig(logger log.Logger, name string, config RedisClientConfig,
+	reg prometheus.Registerer) (*RedisClient, error) {
+
+	if err := config.validate(); err != nil {
+		return nil, err
+	}
+	redisClient := redis.NewClient(&redis.Options{
+		Addr:         config.Addr,
+		Username:     config.Username,
+		Password:     config.Password,
+		DB:           config.DB,
+		DialTimeout:  config.DialTimeout,
+		ReadTimeout:  config.ReadTimeout,
+		WriteTimeout: config.WriteTimeout,
+		MinIdleConns: config.MinIdleConns,
+		MaxConnAge:   config.MaxConnAge,
+		IdleTimeout:  config.IdleTimeout,
+	})
+
+	if reg != nil {
+		reg = prometheus.WrapRegistererWith(prometheus.Labels{"name": name}, reg)
+	}
+
+	c := &RedisClient{
+		Client: redisClient,
+		config: config,
+		logger: logger,
+		getMultiGate: gate.New(
+			extprom.WrapRegistererWithPrefix("thanos_redis_getmulti_", reg),
+			config.MaxGetMultiConcurrency,
+		),
+		setMultiGate: gate.New(
+			extprom.WrapRegistererWithPrefix("thanos_redis_setmulti_", reg),
+			config.MaxSetMultiConcurrency,
+		),
+	}
+	duration := promauto.With(reg).NewHistogramVec(prometheus.HistogramOpts{
+		Name:    "thanos_redis_operation_duration_seconds",
+		Help:    "Duration of operations against memcached.",
+		Buckets: []float64{0.001, 0.005, 0.01, 0.025, 0.05, 0.1, 0.2, 0.5, 1, 3, 6, 10},
+	}, []string{"operation"})
+	c.durationSet = duration.WithLabelValues(opSet)
+	c.durationSetMulti = duration.WithLabelValues(opSetMulti)
+	c.durationGetMulti = duration.WithLabelValues(opGetMulti)
+	return c, nil
+}
+
+// SetAsync implement RemoteCacheClient.
+func (c *RedisClient) SetAsync(ctx context.Context, key string, value []byte, ttl time.Duration) error {
+	start := time.Now()
+	if _, err := c.Set(ctx, key, value, ttl).Result(); err != nil {
+		level.Warn(c.logger).Log("msg", "failed to set item into redis", "err", err, "key", key,
+			"value_size", len(value))
+		return nil
+	}
+	c.durationSet.Observe(time.Since(start).Seconds())
+	return nil
+}
+
+// SetMulti set multiple keys and value.
+func (c *RedisClient) SetMulti(ctx context.Context, data map[string][]byte, ttl time.Duration) {
+	if len(data) == 0 {
+		return
+	}
+	start := time.Now()
+	keys := make([]string, 0, len(data))
+	for k := range data {
+		keys = append(keys, k)
+	}
+	err := doWithBatch(ctx, len(data), c.config.SetMultiBatchSize, c.setMultiGate, func(startIndex, endIndex int) error {
+		_, err := c.Pipelined(ctx, func(p redis.Pipeliner) error {
+			for _, key := range keys {
+				p.SetEX(ctx, key, data[key], ttl)
+			}
+			return nil
+		})
+		if err != nil {
+			level.Warn(c.logger).Log("msg", "failed to set multi items from redis",
+				"err", err, "items", len(data))
+			return nil
+		}
+		return nil
+	})
+	if err != nil {
+		level.Warn(c.logger).Log("msg", "failed to set multi items from redis", "err", err,
+			"items", len(data))
+		return
+	}
+	c.durationSetMulti.Observe(time.Since(start).Seconds())
+}
+
+// GetMulti implement RemoteCacheClient.
+func (c *RedisClient) GetMulti(ctx context.Context, keys []string) map[string][]byte {
+	if len(keys) == 0 {
+		return nil
+	}
+	start := time.Now()
+	results := make(map[string][]byte, len(keys))
+	var mu sync.Mutex
+	err := doWithBatch(ctx, len(keys), c.config.GetMultiBatchSize, c.getMultiGate, func(startIndex, endIndex int) error {
+		currentKeys := keys[startIndex:endIndex]
+		resp, err := c.MGet(ctx, currentKeys...).Result()
+		if err != nil {
+			level.Warn(c.logger).Log("msg", "failed to mget items from redis", "err", err, "items", len(resp))
+			return nil
+		}
+		mu.Lock()
+		defer mu.Unlock()
+		for i := 0; i < len(resp); i++ {
+			key := currentKeys[i]
+			switch val := resp[i].(type) {
+			case string:
+				results[key] = stringToBytes(val)
+			case nil: // miss
+			default:
+				level.Warn(c.logger).Log("msg",
+					fmt.Sprintf("unexpected redis mget result type:%T %v", resp[i], resp[i]))
+			}
+		}
+		return nil
+	})
+	if err != nil {
+		level.Warn(c.logger).Log("msg", "failed to mget items from redis", "err", err, "items", len(keys))
+		return nil
+	}
+	c.durationGetMulti.Observe(time.Since(start).Seconds())
+	return results
+}
+
+// Stop implement RemoteCacheClient.
+func (c *RedisClient) Stop() {
+	if err := c.Close(); err != nil {
+		level.Error(c.logger).Log("msg", "redis close err")
+	}
+}
+
+// stringToBytes converts string to byte slice (copied from vendor/github.com/go-redis/redis/v8/internal/util/unsafe.go).
+func stringToBytes(s string) []byte {
+	return *(*[]byte)(unsafe.Pointer(
+		&struct {
+			string
+			Cap int
+		}{s, len(s)},
+	))
+}
+
+// doWithBatch do func with batch and gate. batchSize==0 means one batch. gate==nil means no gate.
+func doWithBatch(ctx context.Context, totalSize int, batchSize int, ga gate.Gate, f func(startIndex, endIndex int) error) error {
+	if totalSize == 0 {
+		return nil
+	}
+	if batchSize <= 0 {
+		return f(0, totalSize)
+	}
+	g, ctx := errgroup.WithContext(ctx)
+	for i := 0; i < totalSize; i += batchSize {
+		j := i + batchSize
+		if j > totalSize {
+			j = totalSize
+		}
+		if ga != nil {
+			if err := ga.Start(ctx); err != nil {
+				return nil
+			}
+		}
+		startIndex, endIndex := i, j
+		g.Go(func() error {
+			if ga != nil {
+				defer ga.Done()
+			}
+			return f(startIndex, endIndex)
+		})
+	}
+	return g.Wait()
+}
+
+// parseRedisClientConfig unmarshals a buffer into a RedisClientConfig with default values.
+func parseRedisClientConfig(conf []byte) (RedisClientConfig, error) {
+	config := DefaultRedisClientConfig
+	if err := yaml.Unmarshal(conf, &config); err != nil {
+		return RedisClientConfig{}, err
+	}
+	return config, nil
+}
diff --git a/vendor/github.com/thanos-io/thanos/pkg/compact/blocks_cleaner.go b/vendor/github.com/thanos-io/thanos/pkg/compact/blocks_cleaner.go
index e80b963f5bf..6b86c15f6c5 100644
--- a/vendor/github.com/thanos-io/thanos/pkg/compact/blocks_cleaner.go
+++ b/vendor/github.com/thanos-io/thanos/pkg/compact/blocks_cleaner.go
@@ -7,10 +7,11 @@ import (
 	"context"
 	"time"
 
-	"github.com/go-kit/kit/log"
-	"github.com/go-kit/kit/log/level"
+	"github.com/go-kit/log"
+	"github.com/go-kit/log/level"
 	"github.com/pkg/errors"
 	"github.com/prometheus/client_golang/prometheus"
+
 	"github.com/thanos-io/thanos/pkg/block"
 	"github.com/thanos-io/thanos/pkg/objstore"
 )
diff --git a/vendor/github.com/thanos-io/thanos/pkg/compact/clean.go b/vendor/github.com/thanos-io/thanos/pkg/compact/clean.go
index 8d99927d515..9a7cce5b92f 100644
--- a/vendor/github.com/thanos-io/thanos/pkg/compact/clean.go
+++ b/vendor/github.com/thanos-io/thanos/pkg/compact/clean.go
@@ -7,10 +7,11 @@ import (
 	"context"
 	"time"
 
-	"github.com/go-kit/kit/log"
-	"github.com/go-kit/kit/log/level"
+	"github.com/go-kit/log"
+	"github.com/go-kit/log/level"
 	"github.com/oklog/ulid"
 	"github.com/prometheus/client_golang/prometheus"
+
 	"github.com/thanos-io/thanos/pkg/block"
 	"github.com/thanos-io/thanos/pkg/objstore"
 )
diff --git a/vendor/github.com/thanos-io/thanos/pkg/compact/compact.go b/vendor/github.com/thanos-io/thanos/pkg/compact/compact.go
index 547eae57f2c..c8e9945ba72 100644
--- a/vendor/github.com/thanos-io/thanos/pkg/compact/compact.go
+++ b/vendor/github.com/thanos-io/thanos/pkg/compact/compact.go
@@ -14,23 +14,25 @@ import (
 	"sync"
 	"time"
 
-	"github.com/go-kit/kit/log"
-	"github.com/go-kit/kit/log/level"
+	"github.com/go-kit/log"
+	"github.com/go-kit/log/level"
 	"github.com/oklog/ulid"
+	"github.com/opentracing/opentracing-go"
 	"github.com/pkg/errors"
 	"github.com/prometheus/client_golang/prometheus"
 	"github.com/prometheus/client_golang/prometheus/promauto"
-	"github.com/prometheus/prometheus/pkg/labels"
+	"github.com/prometheus/prometheus/model/labels"
 	"github.com/prometheus/prometheus/tsdb"
-	"github.com/thanos-io/thanos/pkg/extprom"
-	"github.com/thanos-io/thanos/pkg/runutil"
 	"golang.org/x/sync/errgroup"
 
 	"github.com/thanos-io/thanos/pkg/block"
 	"github.com/thanos-io/thanos/pkg/block/metadata"
 	"github.com/thanos-io/thanos/pkg/compact/downsample"
 	"github.com/thanos-io/thanos/pkg/errutil"
+	"github.com/thanos-io/thanos/pkg/extprom"
 	"github.com/thanos-io/thanos/pkg/objstore"
+	"github.com/thanos-io/thanos/pkg/runutil"
+	"github.com/thanos-io/thanos/pkg/tracing"
 )
 
 type ResolutionLevel int64
@@ -402,6 +404,19 @@ func (cg *Group) Key() string {
 	return cg.key
 }
 
+func (cg *Group) deleteFromGroup(target map[ulid.ULID]struct{}) {
+	cg.mtx.Lock()
+	defer cg.mtx.Unlock()
+	var newGroupMeta []*metadata.Meta
+	for _, meta := range cg.metasByMinTime {
+		if _, found := target[meta.BlockMeta.ULID]; !found {
+			newGroupMeta = append(newGroupMeta, meta)
+		}
+	}
+
+	cg.metasByMinTime = newGroupMeta
+}
+
 // AppendMeta the block with the given meta to the group.
 func (cg *Group) AppendMeta(meta *metadata.Meta) error {
 	cg.mtx.Lock()
@@ -470,6 +485,239 @@ func (cg *Group) Resolution() int64 {
 	return cg.resolution
 }
 
+// CompactProgressMetrics contains Prometheus metrics related to compaction progress.
+type CompactProgressMetrics struct {
+	NumberOfCompactionRuns   *prometheus.GaugeVec
+	NumberOfCompactionBlocks *prometheus.GaugeVec
+}
+
+// ProgressCalculator calculates the progress of the compaction process for a given slice of Groups.
+type ProgressCalculator interface {
+	ProgressCalculate(ctx context.Context, groups []*Group) error
+}
+
+// CompactionProgressCalculator contains a planner and ProgressMetrics, which are updated during the compaction simulation process.
+type CompactionProgressCalculator struct {
+	planner Planner
+	*CompactProgressMetrics
+}
+
+// NewCompactProgressCalculator creates a new CompactionProgressCalculator.
+func NewCompactionProgressCalculator(reg prometheus.Registerer, planner *tsdbBasedPlanner) *CompactionProgressCalculator {
+	return &CompactionProgressCalculator{
+		planner: planner,
+		CompactProgressMetrics: &CompactProgressMetrics{
+			NumberOfCompactionRuns: promauto.With(reg).NewGaugeVec(prometheus.GaugeOpts{
+				Name: "thanos_compact_todo_compactions",
+				Help: "number of compactions to be done",
+			}, []string{"group"}),
+			NumberOfCompactionBlocks: promauto.With(reg).NewGaugeVec(prometheus.GaugeOpts{
+				Name: "thanos_compact_todo_compaction_blocks",
+				Help: "number of blocks planned to be compacted",
+			}, []string{"group"}),
+		},
+	}
+}
+
+// ProgressCalculate calculates the number of blocks and compaction runs in the planning process of the given groups.
+func (ps *CompactionProgressCalculator) ProgressCalculate(ctx context.Context, groups []*Group) error {
+	groupCompactions := make(map[string]int, len(groups))
+	groupBlocks := make(map[string]int, len(groups))
+
+	for len(groups) > 0 {
+		tmpGroups := make([]*Group, 0, len(groups))
+		for _, g := range groups {
+			if len(g.IDs()) == 1 {
+				continue
+			}
+			plan, err := ps.planner.Plan(ctx, g.metasByMinTime)
+			if err != nil {
+				return errors.Wrapf(err, "could not plan")
+			}
+			if len(plan) == 0 {
+				continue
+			}
+			groupCompactions[g.key]++
+
+			toRemove := make(map[ulid.ULID]struct{}, len(plan))
+			metas := make([]*tsdb.BlockMeta, 0, len(plan))
+			for _, p := range plan {
+				metas = append(metas, &p.BlockMeta)
+				toRemove[p.BlockMeta.ULID] = struct{}{}
+			}
+			g.deleteFromGroup(toRemove)
+
+			groupBlocks[g.key] += len(plan)
+
+			if len(g.metasByMinTime) == 0 {
+				continue
+			}
+
+			newMeta := tsdb.CompactBlockMetas(ulid.MustNew(uint64(time.Now().Unix()), nil), metas...)
+			if err := g.AppendMeta(&metadata.Meta{BlockMeta: *newMeta, Thanos: metadata.Thanos{Downsample: metadata.ThanosDownsample{Resolution: g.Resolution()}, Labels: g.Labels().Map()}}); err != nil {
+				return errors.Wrapf(err, "append meta")
+			}
+			tmpGroups = append(tmpGroups, g)
+		}
+
+		groups = tmpGroups
+	}
+
+	ps.CompactProgressMetrics.NumberOfCompactionRuns.Reset()
+	ps.CompactProgressMetrics.NumberOfCompactionBlocks.Reset()
+
+	for key, iters := range groupCompactions {
+		ps.CompactProgressMetrics.NumberOfCompactionRuns.WithLabelValues(key).Add(float64(iters))
+		ps.CompactProgressMetrics.NumberOfCompactionBlocks.WithLabelValues(key).Add(float64(groupBlocks[key]))
+	}
+
+	return nil
+}
+
+// DownsampleProgressMetrics contains Prometheus metrics related to downsampling progress.
+type DownsampleProgressMetrics struct {
+	NumberOfBlocksDownsampled *prometheus.GaugeVec
+}
+
+// DownsampleProgressCalculator contains DownsampleMetrics, which are updated during the downsampling simulation process.
+type DownsampleProgressCalculator struct {
+	*DownsampleProgressMetrics
+}
+
+// NewDownsampleProgressCalculator creates a new DownsampleProgressCalculator.
+func NewDownsampleProgressCalculator(reg prometheus.Registerer) *DownsampleProgressCalculator {
+	return &DownsampleProgressCalculator{
+		DownsampleProgressMetrics: &DownsampleProgressMetrics{
+			NumberOfBlocksDownsampled: promauto.With(reg).NewGaugeVec(prometheus.GaugeOpts{
+				Name: "thanos_compact_todo_downsample_blocks",
+				Help: "number of blocks to be downsampled",
+			}, []string{"group"}),
+		},
+	}
+}
+
+// ProgressCalculate calculates the number of blocks to be downsampled for the given groups.
+func (ds *DownsampleProgressCalculator) ProgressCalculate(ctx context.Context, groups []*Group) error {
+	sources5m := map[ulid.ULID]struct{}{}
+	sources1h := map[ulid.ULID]struct{}{}
+	groupBlocks := make(map[string]int, len(groups))
+
+	for _, group := range groups {
+		for _, m := range group.metasByMinTime {
+			switch m.Thanos.Downsample.Resolution {
+			case downsample.ResLevel0:
+				continue
+			case downsample.ResLevel1:
+				for _, id := range m.Compaction.Sources {
+					sources5m[id] = struct{}{}
+				}
+			case downsample.ResLevel2:
+				for _, id := range m.Compaction.Sources {
+					sources1h[id] = struct{}{}
+				}
+			default:
+				return errors.Errorf("unexpected downsampling resolution %d", m.Thanos.Downsample.Resolution)
+			}
+
+		}
+	}
+
+	for _, group := range groups {
+		for _, m := range group.metasByMinTime {
+			switch m.Thanos.Downsample.Resolution {
+			case downsample.ResLevel0:
+				missing := false
+				for _, id := range m.Compaction.Sources {
+					if _, ok := sources5m[id]; !ok {
+						missing = true
+						break
+					}
+				}
+				if !missing {
+					continue
+				}
+
+				if m.MaxTime-m.MinTime < downsample.DownsampleRange0 {
+					continue
+				}
+				groupBlocks[group.key]++
+			case downsample.ResLevel1:
+				missing := false
+				for _, id := range m.Compaction.Sources {
+					if _, ok := sources1h[id]; !ok {
+						missing = true
+						break
+					}
+				}
+				if !missing {
+					continue
+				}
+
+				if m.MaxTime-m.MinTime < downsample.DownsampleRange1 {
+					continue
+				}
+				groupBlocks[group.key]++
+			}
+		}
+	}
+
+	ds.DownsampleProgressMetrics.NumberOfBlocksDownsampled.Reset()
+	for key, blocks := range groupBlocks {
+		ds.DownsampleProgressMetrics.NumberOfBlocksDownsampled.WithLabelValues(key).Add(float64(blocks))
+	}
+
+	return nil
+}
+
+// RetentionProgressMetrics contains Prometheus metrics related to retention progress.
+type RetentionProgressMetrics struct {
+	NumberOfBlocksToDelete *prometheus.GaugeVec
+}
+
+// RetentionProgressCalculator contains RetentionProgressMetrics, which are updated during the retention simulation process.
+type RetentionProgressCalculator struct {
+	*RetentionProgressMetrics
+	retentionByResolution map[ResolutionLevel]time.Duration
+}
+
+// NewRetentionProgressCalculator creates a new RetentionProgressCalculator.
+func NewRetentionProgressCalculator(reg prometheus.Registerer, retentionByResolution map[ResolutionLevel]time.Duration) *RetentionProgressCalculator {
+	return &RetentionProgressCalculator{
+		retentionByResolution: retentionByResolution,
+		RetentionProgressMetrics: &RetentionProgressMetrics{
+			NumberOfBlocksToDelete: promauto.With(reg).NewGaugeVec(prometheus.GaugeOpts{
+				Name: "thanos_compact_todo_deletion_blocks",
+				Help: "number of blocks that have crossed their retention period",
+			}, []string{"group"}),
+		},
+	}
+}
+
+// ProgressCalculate calculates the number of blocks to be retained for the given groups.
+func (rs *RetentionProgressCalculator) ProgressCalculate(ctx context.Context, groups []*Group) error {
+	groupBlocks := make(map[string]int, len(groups))
+
+	for _, group := range groups {
+		for _, m := range group.metasByMinTime {
+			retentionDuration := rs.retentionByResolution[ResolutionLevel(m.Thanos.Downsample.Resolution)]
+			if retentionDuration.Seconds() == 0 {
+				continue
+			}
+			maxTime := time.Unix(m.MaxTime/1000, 0)
+			if time.Now().After(maxTime.Add(retentionDuration)) {
+				groupBlocks[group.key]++
+			}
+		}
+	}
+
+	rs.RetentionProgressMetrics.NumberOfBlocksToDelete.Reset()
+	for key, blocks := range groupBlocks {
+		rs.RetentionProgressMetrics.NumberOfBlocksToDelete.WithLabelValues(key).Add(float64(blocks))
+	}
+
+	return nil
+}
+
 // Planner returns blocks to compact.
 type Planner interface {
 	// Plan returns a list of blocks that should be compacted into single one.
@@ -518,7 +766,11 @@ func (cg *Group) Compact(ctx context.Context, dir string, planner Planner, comp
 		return false, ulid.ULID{}, errors.Wrap(err, "create compaction group dir")
 	}
 
-	shouldRerun, compID, err := cg.compact(ctx, subDir, planner, comp)
+	var err error
+	tracing.DoInSpanWithErr(ctx, "compaction_group", func(ctx context.Context) error {
+		shouldRerun, compID, err = cg.compact(ctx, subDir, planner, comp)
+		return err
+	}, opentracing.Tags{"group.key": cg.Key()})
 	if err != nil {
 		cg.compactionFailures.Inc()
 		return false, ulid.ULID{}, err
@@ -734,7 +986,11 @@ func (cg *Group) compact(ctx context.Context, dir string, planner Planner, comp
 		overlappingBlocks = true
 	}
 
-	toCompact, err := planner.Plan(ctx, cg.metasByMinTime)
+	var toCompact []*metadata.Meta
+	tracing.DoInSpanWithErr(ctx, "compaction_planning", func(ctx context.Context) error {
+		toCompact, err = planner.Plan(ctx, cg.metasByMinTime)
+		return err
+	})
 	if err != nil {
 		return false, ulid.ULID{}, errors.Wrap(err, "plan compaction")
 	}
@@ -762,12 +1018,20 @@ func (cg *Group) compact(ctx context.Context, dir string, planner Planner, comp
 			uniqueSources[s] = struct{}{}
 		}
 
-		if err := block.Download(ctx, cg.logger, cg.bkt, meta.ULID, bdir); err != nil {
+		tracing.DoInSpanWithErr(ctx, "compaction_block_download", func(ctx context.Context) error {
+			err = block.Download(ctx, cg.logger, cg.bkt, meta.ULID, bdir)
+			return err
+		}, opentracing.Tags{"block.id": meta.ULID})
+		if err != nil {
 			return false, ulid.ULID{}, retry(errors.Wrapf(err, "download block %s", meta.ULID))
 		}
 
 		// Ensure all input blocks are valid.
-		stats, err := block.GatherIndexHealthStats(cg.logger, filepath.Join(bdir, block.IndexFilename), meta.MinTime, meta.MaxTime)
+		var stats block.HealthStats
+		tracing.DoInSpanWithErr(ctx, "compaction_block_health_stats", func(ctx context.Context) error {
+			stats, err = block.GatherIndexHealthStats(cg.logger, filepath.Join(bdir, block.IndexFilename), meta.MinTime, meta.MaxTime)
+			return err
+		}, opentracing.Tags{"block.id": meta.ULID})
 		if err != nil {
 			return false, ulid.ULID{}, errors.Wrapf(err, "gather index issues for block %s", bdir)
 		}
@@ -793,7 +1057,10 @@ func (cg *Group) compact(ctx context.Context, dir string, planner Planner, comp
 	level.Info(cg.logger).Log("msg", "downloaded and verified blocks; compacting blocks", "plan", fmt.Sprintf("%v", toCompactDirs), "duration", time.Since(begin), "duration_ms", time.Since(begin).Milliseconds())
 
 	begin = time.Now()
-	compID, err = comp.Compact(dir, toCompactDirs, nil)
+	tracing.DoInSpanWithErr(ctx, "compaction", func(ctx context.Context) error {
+		compID, err = comp.Compact(dir, toCompactDirs, nil)
+		return err
+	})
 	if err != nil {
 		return false, ulid.ULID{}, halt(errors.Wrapf(err, "compact blocks %v", toCompactDirs))
 	}
@@ -835,7 +1102,11 @@ func (cg *Group) compact(ctx context.Context, dir string, planner Planner, comp
 	}
 
 	// Ensure the output block is valid.
-	if err := block.VerifyIndex(cg.logger, index, newMeta.MinTime, newMeta.MaxTime); !cg.acceptMalformedIndex && err != nil {
+	tracing.DoInSpanWithErr(ctx, "compaction_verify_index", func(ctx context.Context) error {
+		err = block.VerifyIndex(cg.logger, index, newMeta.MinTime, newMeta.MaxTime)
+		return err
+	})
+	if !cg.acceptMalformedIndex && err != nil {
 		return false, ulid.ULID{}, halt(errors.Wrapf(err, "invalid result block %s", bdir))
 	}
 
@@ -849,7 +1120,11 @@ func (cg *Group) compact(ctx context.Context, dir string, planner Planner, comp
 
 	begin = time.Now()
 
-	if err := block.Upload(ctx, cg.logger, cg.bkt, bdir, cg.hashFunc); err != nil {
+	tracing.DoInSpanWithErr(ctx, "compaction_block_upload", func(ctx context.Context) error {
+		err = block.Upload(ctx, cg.logger, cg.bkt, bdir, cg.hashFunc)
+		return err
+	})
+	if err != nil {
 		return false, ulid.ULID{}, retry(errors.Wrapf(err, "upload of %s failed", compID))
 	}
 	level.Info(cg.logger).Log("msg", "uploaded block", "result_block", compID, "duration", time.Since(begin), "duration_ms", time.Since(begin).Milliseconds())
@@ -858,7 +1133,11 @@ func (cg *Group) compact(ctx context.Context, dir string, planner Planner, comp
 	// into the next planning cycle.
 	// Eventually the block we just uploaded should get synced into the group again (including sync-delay).
 	for _, meta := range toCompact {
-		if err := cg.deleteBlock(meta.ULID, filepath.Join(dir, meta.ULID.String())); err != nil {
+		tracing.DoInSpanWithErr(ctx, "compaction_block_delete", func(ctx context.Context) error {
+			err = cg.deleteBlock(meta.ULID, filepath.Join(dir, meta.ULID.String()))
+			return err
+		}, opentracing.Tags{"block.id": meta.ULID})
+		if err != nil {
 			return false, ulid.ULID{}, retry(errors.Wrapf(err, "mark old block for deletion from bucket"))
 		}
 		cg.groupGarbageCollectedBlocks.Inc()
@@ -1030,6 +1309,10 @@ func (c *BucketCompactor) Compact(ctx context.Context) (rerr error) {
 		var groupErrs errutil.MultiError
 	groupLoop:
 		for _, g := range groups {
+			// Ignore groups with only one block because there is nothing to compact.
+			if len(g.IDs()) == 1 {
+				continue
+			}
 			select {
 			case groupErr := <-errChan:
 				groupErrs.Add(groupErr)
diff --git a/vendor/github.com/thanos-io/thanos/pkg/compact/downsample/downsample.go b/vendor/github.com/thanos-io/thanos/pkg/compact/downsample/downsample.go
index 0460fefe453..ea66b295717 100644
--- a/vendor/github.com/thanos-io/thanos/pkg/compact/downsample/downsample.go
+++ b/vendor/github.com/thanos-io/thanos/pkg/compact/downsample/downsample.go
@@ -10,11 +10,11 @@ import (
 	"path/filepath"
 	"time"
 
-	"github.com/go-kit/kit/log"
+	"github.com/go-kit/log"
 	"github.com/oklog/ulid"
 	"github.com/pkg/errors"
-	"github.com/prometheus/prometheus/pkg/labels"
-	"github.com/prometheus/prometheus/pkg/value"
+	"github.com/prometheus/prometheus/model/labels"
+	"github.com/prometheus/prometheus/model/value"
 	"github.com/prometheus/prometheus/tsdb"
 	"github.com/prometheus/prometheus/tsdb/chunkenc"
 	"github.com/prometheus/prometheus/tsdb/chunks"
diff --git a/vendor/github.com/thanos-io/thanos/pkg/compact/downsample/streamed_block_writer.go b/vendor/github.com/thanos-io/thanos/pkg/compact/downsample/streamed_block_writer.go
index 1872091bfda..1db0496376d 100644
--- a/vendor/github.com/thanos-io/thanos/pkg/compact/downsample/streamed_block_writer.go
+++ b/vendor/github.com/thanos-io/thanos/pkg/compact/downsample/streamed_block_writer.go
@@ -9,14 +9,16 @@ import (
 	"path/filepath"
 	"strings"
 
-	"github.com/go-kit/kit/log"
-	"github.com/go-kit/kit/log/level"
+	"github.com/go-kit/log"
+	"github.com/go-kit/log/level"
 	"github.com/pkg/errors"
-	"github.com/prometheus/prometheus/pkg/labels"
+	"github.com/prometheus/prometheus/model/labels"
+	"github.com/prometheus/prometheus/storage"
 	"github.com/prometheus/prometheus/tsdb"
 	"github.com/prometheus/prometheus/tsdb/chunks"
 	"github.com/prometheus/prometheus/tsdb/fileutil"
 	"github.com/prometheus/prometheus/tsdb/index"
+
 	"github.com/thanos-io/thanos/pkg/block"
 	"github.com/thanos-io/thanos/pkg/block/metadata"
 	"github.com/thanos-io/thanos/pkg/errutil"
@@ -40,7 +42,7 @@ type streamedBlockWriter struct {
 	indexReader tsdb.IndexReader
 	closers     []io.Closer
 
-	seriesRefs uint64 // postings is a current posting position.
+	seriesRefs storage.SeriesRef // postings is a current posting position.
 }
 
 // NewStreamedBlockWriter returns streamedBlockWriter instance, it's not concurrency safe.
@@ -206,7 +208,7 @@ func (w *streamedBlockWriter) writeMetaFile() error {
 	w.meta.Thanos.SegmentFiles = block.GetSegmentFiles(w.blockDir)
 	w.meta.Stats.NumChunks = w.totalChunks
 	w.meta.Stats.NumSamples = w.totalSamples
-	w.meta.Stats.NumSeries = w.seriesRefs
+	w.meta.Stats.NumSeries = uint64(w.seriesRefs)
 
 	return w.meta.WriteToDir(w.logger, w.blockDir)
 }
diff --git a/vendor/github.com/thanos-io/thanos/pkg/compact/planner.go b/vendor/github.com/thanos-io/thanos/pkg/compact/planner.go
index 59a334905e4..d316994f542 100644
--- a/vendor/github.com/thanos-io/thanos/pkg/compact/planner.go
+++ b/vendor/github.com/thanos-io/thanos/pkg/compact/planner.go
@@ -9,10 +9,11 @@ import (
 	"math"
 	"path/filepath"
 
-	"github.com/go-kit/kit/log"
+	"github.com/go-kit/log"
 	"github.com/oklog/ulid"
 	"github.com/pkg/errors"
 	"github.com/prometheus/client_golang/prometheus"
+
 	"github.com/thanos-io/thanos/pkg/block"
 	"github.com/thanos-io/thanos/pkg/block/metadata"
 	"github.com/thanos-io/thanos/pkg/objstore"
diff --git a/vendor/github.com/thanos-io/thanos/pkg/compact/retention.go b/vendor/github.com/thanos-io/thanos/pkg/compact/retention.go
index 703bad5dda4..691fd8532d4 100644
--- a/vendor/github.com/thanos-io/thanos/pkg/compact/retention.go
+++ b/vendor/github.com/thanos-io/thanos/pkg/compact/retention.go
@@ -8,11 +8,12 @@ import (
 	"fmt"
 	"time"
 
-	"github.com/go-kit/kit/log"
-	"github.com/go-kit/kit/log/level"
+	"github.com/go-kit/log"
+	"github.com/go-kit/log/level"
 	"github.com/oklog/ulid"
 	"github.com/pkg/errors"
 	"github.com/prometheus/client_golang/prometheus"
+
 	"github.com/thanos-io/thanos/pkg/block"
 	"github.com/thanos-io/thanos/pkg/block/metadata"
 	"github.com/thanos-io/thanos/pkg/objstore"
diff --git a/vendor/github.com/thanos-io/thanos/pkg/discovery/dns/provider.go b/vendor/github.com/thanos-io/thanos/pkg/discovery/dns/provider.go
index 68bb0b2e1f1..3ec032a654d 100644
--- a/vendor/github.com/thanos-io/thanos/pkg/discovery/dns/provider.go
+++ b/vendor/github.com/thanos-io/thanos/pkg/discovery/dns/provider.go
@@ -9,8 +9,8 @@ import (
 	"strings"
 	"sync"
 
-	"github.com/go-kit/kit/log"
-	"github.com/go-kit/kit/log/level"
+	"github.com/go-kit/log"
+	"github.com/go-kit/log/level"
 	"github.com/prometheus/client_golang/prometheus"
 	"github.com/prometheus/client_golang/prometheus/promauto"
 
diff --git a/vendor/github.com/thanos-io/thanos/pkg/discovery/dns/resolver.go b/vendor/github.com/thanos-io/thanos/pkg/discovery/dns/resolver.go
index 7f8108ce00c..02514dbdd6d 100644
--- a/vendor/github.com/thanos-io/thanos/pkg/discovery/dns/resolver.go
+++ b/vendor/github.com/thanos-io/thanos/pkg/discovery/dns/resolver.go
@@ -9,8 +9,8 @@ import (
 	"strconv"
 	"strings"
 
-	"github.com/go-kit/kit/log"
-	"github.com/go-kit/kit/log/level"
+	"github.com/go-kit/log"
+	"github.com/go-kit/log/level"
 
 	"github.com/pkg/errors"
 )
diff --git a/vendor/github.com/thanos-io/thanos/pkg/discovery/memcache/provider.go b/vendor/github.com/thanos-io/thanos/pkg/discovery/memcache/provider.go
index 9bb13178240..0456a52bf4e 100644
--- a/vendor/github.com/thanos-io/thanos/pkg/discovery/memcache/provider.go
+++ b/vendor/github.com/thanos-io/thanos/pkg/discovery/memcache/provider.go
@@ -9,10 +9,11 @@ import (
 	"sync"
 	"time"
 
-	"github.com/go-kit/kit/log"
-	"github.com/go-kit/kit/log/level"
+	"github.com/go-kit/log"
+	"github.com/go-kit/log/level"
 	"github.com/prometheus/client_golang/prometheus"
 	"github.com/prometheus/client_golang/prometheus/promauto"
+
 	"github.com/thanos-io/thanos/pkg/errutil"
 	"github.com/thanos-io/thanos/pkg/extprom"
 )
diff --git a/vendor/github.com/thanos-io/thanos/pkg/exemplars/exemplarspb/custom.go b/vendor/github.com/thanos-io/thanos/pkg/exemplars/exemplarspb/custom.go
index f17bc151b62..34de4560b3b 100644
--- a/vendor/github.com/thanos-io/thanos/pkg/exemplars/exemplarspb/custom.go
+++ b/vendor/github.com/thanos-io/thanos/pkg/exemplars/exemplarspb/custom.go
@@ -8,8 +8,9 @@ import (
 	"math/big"
 
 	"github.com/prometheus/common/model"
-	"github.com/prometheus/prometheus/pkg/exemplar"
-	"github.com/prometheus/prometheus/pkg/labels"
+	"github.com/prometheus/prometheus/model/exemplar"
+	"github.com/prometheus/prometheus/model/labels"
+
 	"github.com/thanos-io/thanos/pkg/store/labelpb"
 )
 
diff --git a/vendor/github.com/thanos-io/thanos/pkg/gate/gate.go b/vendor/github.com/thanos-io/thanos/pkg/gate/gate.go
index 65ecfe8131d..35443d908ce 100644
--- a/vendor/github.com/thanos-io/thanos/pkg/gate/gate.go
+++ b/vendor/github.com/thanos-io/thanos/pkg/gate/gate.go
@@ -9,7 +9,7 @@ import (
 
 	"github.com/prometheus/client_golang/prometheus"
 	"github.com/prometheus/client_golang/prometheus/promauto"
-	promgate "github.com/prometheus/prometheus/pkg/gate"
+	promgate "github.com/prometheus/prometheus/util/gate"
 )
 
 var (
@@ -53,7 +53,7 @@ type Gate interface {
 // whether requests are being blocked or not. For clients that call
 // gate.(*Keeper).NewGate only once, it is recommended to use gate.New()
 // instead. Otherwise it is recommended to use the
-// github.com/prometheus/prometheus/pkg/gate package directly and wrap the
+// github.com/prometheus/prometheus/util/gate package directly and wrap the
 // returned gate with gate.InstrumentGateDuration().
 type Keeper struct {
 	reg prometheus.Registerer
@@ -79,7 +79,7 @@ func (k *Keeper) NewGate(maxConcurrent int) Gate {
 // executed concurrently.
 //
 // The gate implementation is based on the
-// github.com/prometheus/prometheus/pkg/gate package.
+// github.com/prometheus/prometheus/util/gate package.
 //
 // It can be called several times but not with the same registerer otherwise it
 // will panic when trying to register the same metric multiple times.
diff --git a/vendor/github.com/thanos-io/thanos/pkg/httpconfig/config.go b/vendor/github.com/thanos-io/thanos/pkg/httpconfig/config.go
new file mode 100644
index 00000000000..3280e333782
--- /dev/null
+++ b/vendor/github.com/thanos-io/thanos/pkg/httpconfig/config.go
@@ -0,0 +1,75 @@
+// Copyright (c) The Thanos Authors.
+// Licensed under the Apache License 2.0.
+
+package httpconfig
+
+import (
+	"fmt"
+	"net/url"
+	"strings"
+
+	"gopkg.in/yaml.v2"
+
+	"github.com/pkg/errors"
+)
+
+// Config is a structure that allows pointing to various HTTP endpoint, e.g ruler connecting to queriers.
+type Config struct {
+	HTTPClientConfig ClientConfig    `yaml:"http_config"`
+	EndpointsConfig  EndpointsConfig `yaml:",inline"`
+}
+
+func DefaultConfig() Config {
+	return Config{
+		EndpointsConfig: EndpointsConfig{
+			Scheme:          "http",
+			StaticAddresses: []string{},
+			FileSDConfigs:   []FileSDConfig{},
+		},
+	}
+}
+
+// UnmarshalYAML implements the yaml.Unmarshaler interface.
+func (c *Config) UnmarshalYAML(unmarshal func(interface{}) error) error {
+	*c = DefaultConfig()
+	type plain Config
+	return unmarshal((*plain)(c))
+}
+
+// LoadConfigs loads a list of Config from YAML data.
+func LoadConfigs(confYAML []byte) ([]Config, error) {
+	var queryCfg []Config
+	if err := yaml.UnmarshalStrict(confYAML, &queryCfg); err != nil {
+		return nil, err
+	}
+	return queryCfg, nil
+}
+
+// BuildConfig returns a configuration from a static addresses.
+func BuildConfig(addrs []string) ([]Config, error) {
+	configs := make([]Config, 0, len(addrs))
+	for i, addr := range addrs {
+		if addr == "" {
+			return nil, errors.Errorf("static address cannot be empty at index %d", i)
+		}
+		// If addr is missing schema, add http.
+		if !strings.Contains(addr, "://") {
+			addr = fmt.Sprintf("http://%s", addr)
+		}
+		u, err := url.Parse(addr)
+		if err != nil {
+			return nil, errors.Wrapf(err, "failed to parse addr %q", addr)
+		}
+		if u.Scheme != "http" && u.Scheme != "https" {
+			return nil, errors.Errorf("%q is not supported scheme for address", u.Scheme)
+		}
+		configs = append(configs, Config{
+			EndpointsConfig: EndpointsConfig{
+				Scheme:          u.Scheme,
+				StaticAddresses: []string{u.Host},
+				PathPrefix:      u.Path,
+			},
+		})
+	}
+	return configs, nil
+}
diff --git a/vendor/github.com/thanos-io/thanos/pkg/http/http.go b/vendor/github.com/thanos-io/thanos/pkg/httpconfig/http.go
similarity index 58%
rename from vendor/github.com/thanos-io/thanos/pkg/http/http.go
rename to vendor/github.com/thanos-io/thanos/pkg/httpconfig/http.go
index 5b82a1dc4e3..ed5fdda13aa 100644
--- a/vendor/github.com/thanos-io/thanos/pkg/http/http.go
+++ b/vendor/github.com/thanos-io/thanos/pkg/httpconfig/http.go
@@ -1,25 +1,29 @@
 // Copyright (c) The Thanos Authors.
 // Licensed under the Apache License 2.0.
 
-// Package http is a wrapper around github.com/prometheus/common/config.
-package http
+// Package httpconfig is a wrapper around github.com/prometheus/common/config.
+package httpconfig
 
 import (
 	"context"
+	"crypto/tls"
 	"fmt"
 	"net/http"
 	"net/url"
 	"path"
 	"sync"
+	"time"
 
 	extpromhttp "github.com/thanos-io/thanos/pkg/extprom/http"
 
-	"github.com/go-kit/kit/log"
+	"github.com/go-kit/log"
+	"github.com/mwitkow/go-conntrack"
 	config_util "github.com/prometheus/common/config"
 	"github.com/prometheus/common/model"
 	"github.com/prometheus/common/version"
 	"github.com/prometheus/prometheus/discovery/file"
 	"github.com/prometheus/prometheus/discovery/targetgroup"
+	"golang.org/x/net/http2"
 	"gopkg.in/yaml.v2"
 
 	"github.com/thanos-io/thanos/pkg/discovery/cache"
@@ -37,6 +41,8 @@ type ClientConfig struct {
 	ProxyURL string `yaml:"proxy_url"`
 	// TLSConfig to use to connect to the targets.
 	TLSConfig TLSConfig `yaml:"tls_config"`
+	// TransportConfig for Client transport properties
+	TransportConfig TransportConfig `yaml:"transport_config"`
 	// ClientMetrics contains metrics that will be used to instrument
 	// the client that will be created with this config.
 	ClientMetrics *extpromhttp.ClientMetrics `yaml:"-"`
@@ -50,7 +56,7 @@ type TLSConfig struct {
 	CertFile string `yaml:"cert_file"`
 	// The client key file for the targets.
 	KeyFile string `yaml:"key_file"`
-	// Used to verify the hostname for the targets.
+	// Used to verify the hostname for the targets. See https://tools.ietf.org/html/rfc4366#section-3.1
 	ServerName string `yaml:"server_name"`
 	// Disable target certificate validation.
 	InsecureSkipVerify bool `yaml:"insecure_skip_verify"`
@@ -68,6 +74,104 @@ func (b BasicAuth) IsZero() bool {
 	return b.Username == "" && b.Password == "" && b.PasswordFile == ""
 }
 
+// Transport configures client's transport properties.
+type TransportConfig struct {
+	MaxIdleConns          int   `yaml:"max_idle_conns"`
+	MaxIdleConnsPerHost   int   `yaml:"max_idle_conns_per_host"`
+	IdleConnTimeout       int64 `yaml:"idle_conn_timeout"`
+	ResponseHeaderTimeout int64 `yaml:"response_header_timeout"`
+	ExpectContinueTimeout int64 `yaml:"expect_continue_timeout"`
+	MaxConnsPerHost       int   `yaml:"max_conns_per_host"`
+	DisableCompression    bool  `yaml:"disable_compression"`
+	TLSHandshakeTimeout   int64 `yaml:"tls_handshake_timeout"`
+}
+
+var defaultTransportConfig TransportConfig = TransportConfig{
+	MaxIdleConns:          100,
+	MaxIdleConnsPerHost:   2,
+	ResponseHeaderTimeout: 0,
+	MaxConnsPerHost:       0,
+	IdleConnTimeout:       int64(90 * time.Second),
+	ExpectContinueTimeout: int64(10 * time.Second),
+	DisableCompression:    false,
+	TLSHandshakeTimeout:   int64(10 * time.Second),
+}
+
+func NewClientConfigFromYAML(cfg []byte) (*ClientConfig, error) {
+	conf := &ClientConfig{TransportConfig: defaultTransportConfig}
+	if err := yaml.Unmarshal(cfg, conf); err != nil {
+		return nil, err
+	}
+	return conf, nil
+}
+
+// NewRoundTripperFromConfig returns a new HTTP RoundTripper configured for the
+// given http.HTTPClientConfig and http.HTTPClientOption.
+func NewRoundTripperFromConfig(cfg config_util.HTTPClientConfig, transportConfig TransportConfig, name string) (http.RoundTripper, error) {
+	newRT := func(tlsConfig *tls.Config) (http.RoundTripper, error) {
+		var rt http.RoundTripper = &http.Transport{
+			Proxy:                 http.ProxyURL(cfg.ProxyURL.URL),
+			MaxIdleConns:          transportConfig.MaxIdleConns,
+			MaxIdleConnsPerHost:   transportConfig.MaxIdleConnsPerHost,
+			MaxConnsPerHost:       transportConfig.MaxConnsPerHost,
+			TLSClientConfig:       tlsConfig,
+			DisableCompression:    transportConfig.DisableCompression,
+			IdleConnTimeout:       time.Duration(transportConfig.IdleConnTimeout),
+			ResponseHeaderTimeout: time.Duration(transportConfig.ResponseHeaderTimeout),
+			ExpectContinueTimeout: time.Duration(transportConfig.ExpectContinueTimeout),
+			TLSHandshakeTimeout:   time.Duration(transportConfig.TLSHandshakeTimeout),
+			DialContext: conntrack.NewDialContextFunc(
+				conntrack.DialWithTracing(),
+				conntrack.DialWithName(name)),
+		}
+
+		// HTTP/2 support is golang has many problematic cornercases where
+		// dead connections would be kept and used in connection pools.
+		// https://github.com/golang/go/issues/32388
+		// https://github.com/golang/go/issues/39337
+		// https://github.com/golang/go/issues/39750
+		// TODO: Re-Enable HTTP/2 once upstream issue is fixed.
+		// TODO: use ForceAttemptHTTP2 when we move to Go 1.13+.
+		err := http2.ConfigureTransport(rt.(*http.Transport))
+		if err != nil {
+			return nil, err
+		}
+
+		// If a authorization_credentials is provided, create a round tripper that will set the
+		// Authorization header correctly on each request.
+		if cfg.Authorization != nil && len(cfg.Authorization.Credentials) > 0 {
+			rt = config_util.NewAuthorizationCredentialsRoundTripper(cfg.Authorization.Type, cfg.Authorization.Credentials, rt)
+		} else if cfg.Authorization != nil && len(cfg.Authorization.CredentialsFile) > 0 {
+			rt = config_util.NewAuthorizationCredentialsFileRoundTripper(cfg.Authorization.Type, cfg.Authorization.CredentialsFile, rt)
+		}
+		// Backwards compatibility, be nice with importers who would not have
+		// called Validate().
+		if len(cfg.BearerToken) > 0 {
+			rt = config_util.NewAuthorizationCredentialsRoundTripper("Bearer", cfg.BearerToken, rt)
+		} else if len(cfg.BearerTokenFile) > 0 {
+			rt = config_util.NewAuthorizationCredentialsFileRoundTripper("Bearer", cfg.BearerTokenFile, rt)
+		}
+
+		if cfg.BasicAuth != nil {
+			rt = config_util.NewBasicAuthRoundTripper(cfg.BasicAuth.Username, cfg.BasicAuth.Password, cfg.BasicAuth.PasswordFile, rt)
+		}
+		// Return a new configured RoundTripper.
+		return rt, nil
+	}
+
+	tlsConfig, err := config_util.NewTLSConfig(&cfg.TLSConfig)
+	if err != nil {
+		return nil, err
+	}
+
+	if len(cfg.TLSConfig.CAFile) == 0 {
+		// No need for a RoundTripper that reloads the CA file automatically.
+		return newRT(tlsConfig)
+	}
+
+	return config_util.NewTLSRoundTripper(tlsConfig, cfg.TLSConfig.CAFile, newRT)
+}
+
 // NewHTTPClient returns a new HTTP client.
 func NewHTTPClient(cfg ClientConfig, name string) (*http.Client, error) {
 	httpClientConfig := config_util.HTTPClientConfig{
@@ -96,22 +200,34 @@ func NewHTTPClient(cfg ClientConfig, name string) (*http.Client, error) {
 			PasswordFile: cfg.BasicAuth.PasswordFile,
 		}
 	}
+
+	if cfg.BearerToken != "" {
+		httpClientConfig.BearerToken = config_util.Secret(cfg.BearerToken)
+	}
+
+	if cfg.BearerTokenFile != "" {
+		httpClientConfig.BearerTokenFile = cfg.BearerTokenFile
+	}
+
 	if err := httpClientConfig.Validate(); err != nil {
 		return nil, err
 	}
 
-	client, err := config_util.NewClientFromConfig(httpClientConfig, name, config_util.WithHTTP2Disabled())
+	rt, err := NewRoundTripperFromConfig(
+		httpClientConfig,
+		cfg.TransportConfig,
+		name,
+	)
 	if err != nil {
 		return nil, err
 	}
 
-	tripper := client.Transport
-
 	if cfg.ClientMetrics != nil {
-		tripper = extpromhttp.InstrumentedRoundTripper(tripper, cfg.ClientMetrics)
+		rt = extpromhttp.InstrumentedRoundTripper(rt, cfg.ClientMetrics)
 	}
 
-	client.Transport = &userAgentRoundTripper{name: ThanosUserAgent, rt: tripper}
+	rt = &userAgentRoundTripper{name: ThanosUserAgent, rt: rt}
+	client := &http.Client{Transport: rt}
 
 	return client, nil
 }
diff --git a/vendor/github.com/thanos-io/thanos/pkg/model/timeduration.go b/vendor/github.com/thanos-io/thanos/pkg/model/timeduration.go
index 1d525136f09..d97a54da633 100644
--- a/vendor/github.com/thanos-io/thanos/pkg/model/timeduration.go
+++ b/vendor/github.com/thanos-io/thanos/pkg/model/timeduration.go
@@ -7,7 +7,7 @@ import (
 	"time"
 
 	"github.com/prometheus/common/model"
-	"github.com/prometheus/prometheus/pkg/timestamp"
+	"github.com/prometheus/prometheus/model/timestamp"
 	"gopkg.in/alecthomas/kingpin.v2"
 )
 
@@ -51,6 +51,9 @@ func (tdv *TimeOrDurationValue) String() string {
 	case tdv.Time != nil:
 		return tdv.Time.String()
 	case tdv.Dur != nil:
+		if v := *tdv.Dur; v < 0 {
+			return "-" + (-v).String()
+		}
 		return tdv.Dur.String()
 	}
 
diff --git a/vendor/github.com/thanos-io/thanos/pkg/objstore/azure/azure.go b/vendor/github.com/thanos-io/thanos/pkg/objstore/azure/azure.go
index 92bffabd341..9904e6faa5d 100644
--- a/vendor/github.com/thanos-io/thanos/pkg/objstore/azure/azure.go
+++ b/vendor/github.com/thanos-io/thanos/pkg/objstore/azure/azure.go
@@ -14,12 +14,13 @@ import (
 	"time"
 
 	blob "github.com/Azure/azure-storage-blob-go/azblob"
-	"github.com/go-kit/kit/log"
-	"github.com/go-kit/kit/log/level"
+	"github.com/go-kit/log"
+	"github.com/go-kit/log/level"
 	"github.com/pkg/errors"
 	"github.com/prometheus/common/model"
+	"gopkg.in/yaml.v2"
+
 	"github.com/thanos-io/thanos/pkg/objstore"
-	yaml "gopkg.in/yaml.v2"
 )
 
 const (
diff --git a/vendor/github.com/thanos-io/thanos/pkg/objstore/azure/helpers.go b/vendor/github.com/thanos-io/thanos/pkg/objstore/azure/helpers.go
index 07e34490d30..0edd448adac 100644
--- a/vendor/github.com/thanos-io/thanos/pkg/objstore/azure/helpers.go
+++ b/vendor/github.com/thanos-io/thanos/pkg/objstore/azure/helpers.go
@@ -17,8 +17,8 @@ import (
 	blob "github.com/Azure/azure-storage-blob-go/azblob"
 	"github.com/Azure/go-autorest/autorest/adal"
 	"github.com/Azure/go-autorest/autorest/azure/auth"
-	"github.com/go-kit/kit/log"
-	"github.com/go-kit/kit/log/level"
+	"github.com/go-kit/log"
+	"github.com/go-kit/log/level"
 )
 
 // DirDelim is the delimiter used to model a directory structure in an object store bucket.
@@ -104,6 +104,10 @@ func getContainerURL(ctx context.Context, logger log.Logger, conf Config) (blob.
 		retryOptions.TryTimeout = time.Until(deadline)
 	}
 
+	client := http.Client{
+		Transport: DefaultTransport(conf),
+	}
+
 	p := blob.NewPipeline(credentials, blob.PipelineOptions{
 		Retry:     retryOptions,
 		Telemetry: blob.TelemetryOptions{Value: "Thanos"},
@@ -117,10 +121,6 @@ func getContainerURL(ctx context.Context, logger log.Logger, conf Config) (blob.
 		},
 		HTTPSender: pipeline.FactoryFunc(func(next pipeline.Policy, po *pipeline.PolicyOptions) pipeline.PolicyFunc {
 			return func(ctx context.Context, request pipeline.Request) (pipeline.Response, error) {
-				client := http.Client{
-					Transport: DefaultTransport(conf),
-				}
-
 				resp, err := client.Do(request.WithContext(ctx))
 
 				return pipeline.NewHTTPResponse(resp), err
diff --git a/vendor/github.com/thanos-io/thanos/pkg/objstore/gcs/gcs.go b/vendor/github.com/thanos-io/thanos/pkg/objstore/gcs/gcs.go
index 2ceb23d68a8..0bc5a947a48 100644
--- a/vendor/github.com/thanos-io/thanos/pkg/objstore/gcs/gcs.go
+++ b/vendor/github.com/thanos-io/thanos/pkg/objstore/gcs/gcs.go
@@ -13,14 +13,15 @@ import (
 	"testing"
 
 	"cloud.google.com/go/storage"
-	"github.com/go-kit/kit/log"
+	"github.com/go-kit/log"
 	"github.com/pkg/errors"
 	"github.com/prometheus/common/version"
-	"github.com/thanos-io/thanos/pkg/objstore"
 	"golang.org/x/oauth2/google"
 	"google.golang.org/api/iterator"
 	"google.golang.org/api/option"
 	"gopkg.in/yaml.v2"
+
+	"github.com/thanos-io/thanos/pkg/objstore"
 )
 
 // DirDelim is the delimiter used to model a directory structure in an object store bucket.
diff --git a/vendor/github.com/thanos-io/thanos/pkg/objstore/objstore.go b/vendor/github.com/thanos-io/thanos/pkg/objstore/objstore.go
index c7f54f23ad6..500b86a5ea4 100644
--- a/vendor/github.com/thanos-io/thanos/pkg/objstore/objstore.go
+++ b/vendor/github.com/thanos-io/thanos/pkg/objstore/objstore.go
@@ -12,8 +12,8 @@ import (
 	"strings"
 	"time"
 
-	"github.com/go-kit/kit/log"
-	"github.com/go-kit/kit/log/level"
+	"github.com/go-kit/log"
+	"github.com/go-kit/log/level"
 	"github.com/pkg/errors"
 	"github.com/prometheus/client_golang/prometheus"
 	"github.com/prometheus/client_golang/prometheus/promauto"
diff --git a/vendor/github.com/thanos-io/thanos/pkg/objstore/s3/s3.go b/vendor/github.com/thanos-io/thanos/pkg/objstore/s3/s3.go
index 8d50156d18b..610ac6cf5c8 100644
--- a/vendor/github.com/thanos-io/thanos/pkg/objstore/s3/s3.go
+++ b/vendor/github.com/thanos-io/thanos/pkg/objstore/s3/s3.go
@@ -19,17 +19,18 @@ import (
 	"testing"
 	"time"
 
-	"github.com/go-kit/kit/log"
-	"github.com/go-kit/kit/log/level"
+	"github.com/go-kit/log"
+	"github.com/go-kit/log/level"
 	"github.com/minio/minio-go/v7"
 	"github.com/minio/minio-go/v7/pkg/credentials"
 	"github.com/minio/minio-go/v7/pkg/encrypt"
 	"github.com/pkg/errors"
 	"github.com/prometheus/common/model"
 	"github.com/prometheus/common/version"
+	"gopkg.in/yaml.v2"
+
 	"github.com/thanos-io/thanos/pkg/objstore"
 	"github.com/thanos-io/thanos/pkg/runutil"
-	"gopkg.in/yaml.v2"
 )
 
 type ctxKey int
@@ -84,8 +85,9 @@ type Config struct {
 	ListObjectsVersion string            `yaml:"list_objects_version"`
 	// PartSize used for multipart upload. Only used if uploaded object size is known and larger than configured PartSize.
 	// NOTE we need to make sure this number does not produce more parts than 10 000.
-	PartSize  uint64    `yaml:"part_size"`
-	SSEConfig SSEConfig `yaml:"sse_config"`
+	PartSize    uint64    `yaml:"part_size"`
+	SSEConfig   SSEConfig `yaml:"sse_config"`
+	STSEndpoint string    `yaml:"sts_endpoint"`
 }
 
 // SSEConfig deals with the configuration of SSE for Minio. The following options are valid:
@@ -228,6 +230,7 @@ func NewBucketWithConfig(logger log.Logger, config Config, component string) (*B
 				Client: &http.Client{
 					Transport: http.DefaultTransport,
 				},
+				Endpoint: config.STSEndpoint,
 			}),
 		}
 	}
diff --git a/vendor/github.com/thanos-io/thanos/pkg/objstore/swift/swift.go b/vendor/github.com/thanos-io/thanos/pkg/objstore/swift/swift.go
index 719ffa3feda..eb757ae9ac2 100644
--- a/vendor/github.com/thanos-io/thanos/pkg/objstore/swift/swift.go
+++ b/vendor/github.com/thanos-io/thanos/pkg/objstore/swift/swift.go
@@ -14,14 +14,15 @@ import (
 	"testing"
 	"time"
 
-	"github.com/go-kit/kit/log"
-	"github.com/go-kit/kit/log/level"
+	"github.com/go-kit/log"
+	"github.com/go-kit/log/level"
 	"github.com/ncw/swift"
 	"github.com/pkg/errors"
 	"github.com/prometheus/common/model"
+	"gopkg.in/yaml.v2"
+
 	"github.com/thanos-io/thanos/pkg/objstore"
 	"github.com/thanos-io/thanos/pkg/runutil"
-	"gopkg.in/yaml.v2"
 )
 
 const (
diff --git a/vendor/github.com/thanos-io/thanos/pkg/pool/pool.go b/vendor/github.com/thanos-io/thanos/pkg/pool/pool.go
index cbd034e9e7c..a7eb98c8540 100644
--- a/vendor/github.com/thanos-io/thanos/pkg/pool/pool.go
+++ b/vendor/github.com/thanos-io/thanos/pkg/pool/pool.go
@@ -107,8 +107,9 @@ func (p *BucketedBytes) Put(b *[]byte) {
 		return
 	}
 
+	sz := cap(*b)
 	for i, bktSize := range p.sizes {
-		if cap(*b) > bktSize {
+		if sz > bktSize {
 			continue
 		}
 		*b = (*b)[:0]
@@ -118,13 +119,11 @@ func (p *BucketedBytes) Put(b *[]byte) {
 
 	p.mtx.Lock()
 	defer p.mtx.Unlock()
-
 	// We could assume here that our users will not make the slices larger
 	// but lets be on the safe side to avoid an underflow of p.usedTotal.
-	sz := uint64(cap(*b))
-	if sz >= p.usedTotal {
+	if uint64(sz) >= p.usedTotal {
 		p.usedTotal = 0
 	} else {
-		p.usedTotal -= sz
+		p.usedTotal -= uint64(sz)
 	}
 }
diff --git a/vendor/github.com/thanos-io/thanos/pkg/promclient/promclient.go b/vendor/github.com/thanos-io/thanos/pkg/promclient/promclient.go
index 73043283b70..f6183849114 100644
--- a/vendor/github.com/thanos-io/thanos/pkg/promclient/promclient.go
+++ b/vendor/github.com/thanos-io/thanos/pkg/promclient/promclient.go
@@ -21,25 +21,27 @@ import (
 	"strings"
 	"time"
 
-	"github.com/go-kit/kit/log"
-	"github.com/go-kit/kit/log/level"
+	"github.com/go-kit/log"
+	"github.com/go-kit/log/level"
 	"github.com/gogo/status"
 	"github.com/pkg/errors"
 	"github.com/prometheus/common/model"
 	"github.com/prometheus/prometheus/config"
-	"github.com/prometheus/prometheus/pkg/labels"
-	"github.com/prometheus/prometheus/pkg/timestamp"
+	"github.com/prometheus/prometheus/model/labels"
+	"github.com/prometheus/prometheus/model/timestamp"
 	"github.com/prometheus/prometheus/promql"
 	"github.com/prometheus/prometheus/promql/parser"
+	"google.golang.org/grpc/codes"
+	"gopkg.in/yaml.v2"
+
 	"github.com/thanos-io/thanos/pkg/exemplars/exemplarspb"
+	"github.com/thanos-io/thanos/pkg/httpconfig"
 	"github.com/thanos-io/thanos/pkg/metadata/metadatapb"
 	"github.com/thanos-io/thanos/pkg/rules/rulespb"
 	"github.com/thanos-io/thanos/pkg/runutil"
 	"github.com/thanos-io/thanos/pkg/store/storepb"
 	"github.com/thanos-io/thanos/pkg/targets/targetspb"
 	"github.com/thanos-io/thanos/pkg/tracing"
-	"google.golang.org/grpc/codes"
-	yaml "gopkg.in/yaml.v2"
 )
 
 var (
@@ -84,18 +86,19 @@ func NewClient(c HTTPClient, logger log.Logger, userAgent string) *Client {
 
 // NewDefaultClient returns Client with tracing tripperware.
 func NewDefaultClient() *Client {
+	client, _ := httpconfig.NewHTTPClient(httpconfig.ClientConfig{}, "")
 	return NewWithTracingClient(
 		log.NewNopLogger(),
+		client,
 		"",
 	)
 }
 
 // NewWithTracingClient returns client with tracing tripperware.
-func NewWithTracingClient(logger log.Logger, userAgent string) *Client {
+func NewWithTracingClient(logger log.Logger, httpClient *http.Client, userAgent string) *Client {
+	httpClient.Transport = tracing.HTTPTripperware(log.NewNopLogger(), httpClient.Transport)
 	return NewClient(
-		&http.Client{
-			Transport: tracing.HTTPTripperware(log.NewNopLogger(), http.DefaultTransport),
-		},
+		httpClient,
 		logger,
 		userAgent,
 	)
@@ -357,10 +360,14 @@ type QueryOptions struct {
 	Deduplicate             bool
 	PartialResponseStrategy storepb.PartialResponseStrategy
 	Method                  string
+	MaxSourceResolution     string
 }
 
 func (p *QueryOptions) AddTo(values url.Values) error {
 	values.Add("dedup", fmt.Sprintf("%v", p.Deduplicate))
+	if len(p.MaxSourceResolution) > 0 {
+		values.Add("max_source_resolution", p.MaxSourceResolution)
+	}
 
 	var partialResponseValue string
 	switch p.PartialResponseStrategy {
@@ -448,9 +455,9 @@ func (c *Client) QueryInstant(ctx context.Context, base *url.URL, query string,
 		if m.Error != "" {
 			return nil, nil, errors.Errorf("error: %s, type: %s", m.Error, m.ErrorType)
 		}
-
 		return nil, nil, errors.Errorf("received status code: 200, unknown response type: '%q'", m.Data.ResultType)
 	}
+
 	return vectorResult, m.Warnings, nil
 }
 
diff --git a/vendor/github.com/thanos-io/thanos/pkg/rules/rulespb/custom.go b/vendor/github.com/thanos-io/thanos/pkg/rules/rulespb/custom.go
index c699b3a4cab..52d1a2e8a64 100644
--- a/vendor/github.com/thanos-io/thanos/pkg/rules/rulespb/custom.go
+++ b/vendor/github.com/thanos-io/thanos/pkg/rules/rulespb/custom.go
@@ -11,7 +11,8 @@ import (
 	"time"
 
 	"github.com/pkg/errors"
-	"github.com/prometheus/prometheus/pkg/labels"
+	"github.com/prometheus/prometheus/model/labels"
+
 	"github.com/thanos-io/thanos/pkg/store/labelpb"
 )
 
diff --git a/vendor/github.com/thanos-io/thanos/pkg/rules/rulespb/rpc.pb.go b/vendor/github.com/thanos-io/thanos/pkg/rules/rulespb/rpc.pb.go
index 12b21d7b846..4d85a902b81 100644
--- a/vendor/github.com/thanos-io/thanos/pkg/rules/rulespb/rpc.pb.go
+++ b/vendor/github.com/thanos-io/thanos/pkg/rules/rulespb/rpc.pb.go
@@ -279,6 +279,7 @@ type RuleGroup struct {
 	Interval                  float64   `protobuf:"fixed64,4,opt,name=interval,proto3" json:"interval"`
 	EvaluationDurationSeconds float64   `protobuf:"fixed64,5,opt,name=evaluation_duration_seconds,json=evaluationDurationSeconds,proto3" json:"evaluationTime"`
 	LastEvaluation            time.Time `protobuf:"bytes,6,opt,name=last_evaluation,json=lastEvaluation,proto3,stdtime" json:"lastEvaluation"`
+	Limit                     int64     `protobuf:"varint,9,opt,name=limit,proto3" json:"limit"`
 	// Thanos specific.
 	PartialResponseStrategy storepb.PartialResponseStrategy `protobuf:"varint,8,opt,name=PartialResponseStrategy,proto3,enum=thanos.PartialResponseStrategy" json:"partialResponseStrategy"`
 }
@@ -551,69 +552,70 @@ func init() {
 func init() { proto.RegisterFile("rules/rulespb/rpc.proto", fileDescriptor_91b1d28f30eb5efb) }
 
 var fileDescriptor_91b1d28f30eb5efb = []byte{
-	// 981 bytes of a gzipped FileDescriptorProto
+	// 999 bytes of a gzipped FileDescriptorProto
 	0x1f, 0x8b, 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0xff, 0xb4, 0x56, 0xcd, 0x6e, 0xdb, 0x46,
 	0x10, 0x26, 0x2d, 0x91, 0x12, 0xc7, 0x76, 0xa2, 0x6e, 0x62, 0x98, 0x56, 0x0a, 0xd1, 0x10, 0x90,
-	0xc2, 0x2d, 0x1a, 0xa9, 0xb0, 0x91, 0x14, 0x39, 0x15, 0x92, 0xad, 0xc6, 0x02, 0x0c, 0x37, 0x58,
-	0x09, 0x3d, 0xa4, 0x07, 0x75, 0x25, 0x6f, 0x64, 0x01, 0x14, 0xc9, 0xec, 0xae, 0x5c, 0xe8, 0x01,
-	0x7a, 0xcf, 0xb9, 0x2f, 0xd2, 0x7b, 0x4f, 0xbe, 0x14, 0xc8, 0xb1, 0x27, 0xb5, 0xb5, 0x6f, 0x7a,
-	0x8a, 0x62, 0x77, 0x49, 0x51, 0x56, 0xe5, 0x3a, 0x69, 0xd5, 0x0b, 0x67, 0x77, 0xe6, 0x9b, 0xfd,
-	0x99, 0xf9, 0xf8, 0x91, 0xb0, 0xcd, 0x46, 0x3e, 0xe5, 0x55, 0xf5, 0x8c, 0xba, 0x55, 0x16, 0xf5,
-	0x2a, 0x11, 0x0b, 0x45, 0x88, 0x6c, 0x71, 0x4e, 0x82, 0x90, 0x17, 0x77, 0xb8, 0x08, 0x19, 0xad,
-	0xaa, 0x67, 0xd4, 0xad, 0x8a, 0x71, 0x44, 0xb9, 0x86, 0x24, 0x21, 0x9f, 0x74, 0xa9, 0xbf, 0x10,
-	0x7a, 0xd8, 0x0f, 0xfb, 0xa1, 0x1a, 0x56, 0xe5, 0x28, 0xf6, 0x7a, 0xfd, 0x30, 0xec, 0xfb, 0xb4,
-	0xaa, 0x66, 0xdd, 0xd1, 0xeb, 0xaa, 0x18, 0x0c, 0x29, 0x17, 0x64, 0x18, 0x69, 0x40, 0xf9, 0x17,
-	0x13, 0x36, 0xb0, 0x3c, 0x0a, 0xa6, 0x6f, 0x46, 0x94, 0x0b, 0xf4, 0x04, 0xb2, 0x72, 0x59, 0xd7,
-	0xdc, 0x35, 0xf7, 0xee, 0xed, 0xef, 0x54, 0xf4, 0xa1, 0x2a, 0xf3, 0x98, 0x4a, 0x7b, 0x1c, 0x51,
-	0xac, 0x60, 0xe8, 0x3b, 0xd8, 0x89, 0x08, 0x13, 0x03, 0xe2, 0x77, 0x18, 0xe5, 0x51, 0x18, 0x70,
-	0xda, 0xe1, 0x82, 0x11, 0x41, 0xfb, 0x63, 0x77, 0x4d, 0xad, 0xe1, 0x25, 0x6b, 0xbc, 0xd4, 0x40,
-	0x1c, 0xe3, 0x5a, 0x31, 0x0c, 0x6f, 0x47, 0xcb, 0x03, 0xe5, 0x4f, 0x20, 0x2b, 0xb7, 0x42, 0x39,
-	0xc8, 0xd4, 0x4e, 0x4e, 0x0a, 0x06, 0x72, 0xc0, 0xaa, 0x9d, 0x34, 0x70, 0xbb, 0x60, 0x22, 0x00,
-	0x1b, 0x37, 0x0e, 0xbf, 0xc1, 0x47, 0x85, 0xb5, 0xf2, 0xf7, 0xb0, 0x19, 0x9f, 0x4f, 0x2f, 0x80,
-	0x3e, 0x05, 0xab, 0xcf, 0xc2, 0x51, 0xa4, 0x6e, 0xb1, 0xbe, 0xff, 0xd1, 0xfc, 0x2d, 0x5e, 0xc8,
-	0xc0, 0xb1, 0x81, 0x35, 0x02, 0x15, 0x21, 0xf7, 0x03, 0x61, 0xc1, 0x20, 0xe8, 0xab, 0xe3, 0x3a,
-	0xc7, 0x06, 0x4e, 0x1c, 0xf5, 0x3c, 0xd8, 0x8c, 0xf2, 0x91, 0x2f, 0xca, 0x87, 0x00, 0xb3, 0x5c,
-	0x8e, 0x9e, 0x82, 0xad, 0x92, 0xb9, 0x6b, 0xee, 0x66, 0x96, 0xae, 0x5f, 0x87, 0xe9, 0xc4, 0x8b,
-	0x41, 0x38, 0xb6, 0xe5, 0x5f, 0x33, 0xe0, 0xcc, 0x10, 0xe8, 0x63, 0xc8, 0x06, 0x64, 0xa8, 0x0b,
-	0xed, 0xd4, 0xf3, 0xd3, 0x89, 0xa7, 0xe6, 0x58, 0x3d, 0x65, 0xf4, 0xf5, 0xc0, 0xa7, 0xfa, 0x4c,
-	0x3a, 0x2a, 0xe7, 0x58, 0x3d, 0xd1, 0x13, 0xb0, 0x14, 0x7f, 0xdc, 0x8c, 0xda, 0x7f, 0x63, 0x7e,
-	0xff, 0xba, 0x33, 0x9d, 0x78, 0x3a, 0x8c, 0xb5, 0x41, 0x7b, 0x90, 0x1f, 0x04, 0x82, 0xb2, 0x0b,
-	0xe2, 0xbb, 0xd9, 0x5d, 0x73, 0xcf, 0xac, 0x6f, 0x4c, 0x27, 0xde, 0xcc, 0x87, 0x67, 0x23, 0x84,
-	0xe1, 0x11, 0xbd, 0x20, 0xfe, 0x88, 0x88, 0x41, 0x18, 0x74, 0xce, 0x46, 0x4c, 0x0f, 0x38, 0xed,
-	0x85, 0xc1, 0x19, 0x77, 0x2d, 0x95, 0x8c, 0xa6, 0x13, 0xef, 0x5e, 0x0a, 0x6b, 0x0f, 0x86, 0x14,
-	0xef, 0xa4, 0xf3, 0xa3, 0x38, 0xab, 0xa5, 0x93, 0x50, 0x07, 0xee, 0xfb, 0x84, 0x8b, 0x4e, 0x8a,
-	0x70, 0x6d, 0xd5, 0x96, 0x62, 0x45, 0xb3, 0xb3, 0x92, 0xb0, 0xb3, 0xd2, 0x4e, 0xd8, 0x59, 0x2f,
-	0x5e, 0x4e, 0x3c, 0x43, 0xee, 0x23, 0x53, 0x1b, 0xb3, 0xcc, 0xb7, 0xbf, 0x7b, 0x26, 0x5e, 0xf0,
-	0xa1, 0x0b, 0xd8, 0xbe, 0x85, 0x5a, 0x6e, 0xfe, 0xbd, 0x18, 0x58, 0x7f, 0x34, 0x9d, 0x78, 0xb7,
-	0xb1, 0x10, 0xdf, 0xb6, 0x78, 0x39, 0x80, 0xac, 0x2c, 0x38, 0x7a, 0x0a, 0x0e, 0xa3, 0xbd, 0x90,
-	0x9d, 0x49, 0x12, 0x69, 0xc6, 0x6d, 0xcd, 0x3a, 0x92, 0x04, 0x24, 0xf2, 0xd8, 0xc0, 0x29, 0x12,
-	0x3d, 0x06, 0x8b, 0xf8, 0x94, 0x09, 0xd5, 0xe3, 0xf5, 0xfd, 0xcd, 0x24, 0xa5, 0x26, 0x9d, 0x92,
-	0xa0, 0x2a, 0x3a, 0x47, 0xc2, 0x9f, 0x33, 0xb0, 0xa9, 0x82, 0xcd, 0x80, 0x0b, 0x12, 0xf4, 0x28,
-	0x7a, 0x0e, 0xb6, 0xd2, 0x02, 0xbe, 0x48, 0xf4, 0x57, 0x27, 0xd2, 0xdd, 0xa2, 0xa2, 0x7e, 0x2f,
-	0x2e, 0x64, 0x0c, 0xc4, 0xb1, 0x45, 0xc7, 0xb0, 0x4e, 0x82, 0x20, 0x14, 0xaa, 0x84, 0x3c, 0x3e,
-	0xc3, 0x92, 0xfc, 0x07, 0x71, 0xfe, 0x3c, 0x1a, 0xcf, 0x4f, 0xd0, 0x01, 0x58, 0x5c, 0x10, 0x41,
-	0xdd, 0x8c, 0x2a, 0x36, 0xba, 0x71, 0x8f, 0x96, 0x8c, 0x68, 0x4a, 0x2a, 0x10, 0xd6, 0x06, 0xb5,
-	0xc0, 0x21, 0x3d, 0x31, 0xb8, 0xa0, 0x1d, 0x22, 0x14, 0x27, 0xef, 0xa0, 0xc3, 0x74, 0xe2, 0x21,
-	0x9d, 0x50, 0x13, 0x9f, 0x87, 0xc3, 0x81, 0xa0, 0xc3, 0x48, 0x8c, 0x15, 0x1d, 0xf2, 0x89, 0x1f,
-	0x79, 0x60, 0x49, 0x56, 0x50, 0xc5, 0x53, 0x47, 0xef, 0xaa, 0x1c, 0x58, 0x9b, 0x7f, 0x62, 0x8a,
-	0xfd, 0x7f, 0x32, 0xe5, 0x47, 0x0b, 0x2c, 0x55, 0x8e, 0xb4, 0x58, 0xe6, 0x07, 0x14, 0x2b, 0x91,
-	0x8a, 0xb5, 0xa5, 0x52, 0xe1, 0x81, 0xf5, 0x66, 0x44, 0xd9, 0x58, 0xd5, 0x3f, 0xbe, 0xb5, 0x72,
-	0x60, 0x6d, 0xd0, 0x97, 0x50, 0xf8, 0xdb, 0x9b, 0x3c, 0x27, 0x03, 0x49, 0x0c, 0xdf, 0x3f, 0x5b,
-	0x78, 0x73, 0x53, 0x7a, 0x59, 0xff, 0x91, 0x5e, 0xf6, 0xbf, 0xa7, 0xd7, 0x73, 0xb0, 0xd5, 0x8b,
-	0xc0, 0xdd, 0x9c, 0x12, 0xbb, 0xad, 0x1b, 0x25, 0x4b, 0x5e, 0x05, 0x2d, 0xb8, 0x1a, 0x88, 0x63,
-	0x8b, 0xca, 0x60, 0x9f, 0x53, 0xe2, 0x8b, 0x73, 0xa5, 0x03, 0x8e, 0xc6, 0x68, 0x0f, 0x8e, 0x2d,
-	0x7a, 0x06, 0xa0, 0xd5, 0x89, 0xb1, 0x90, 0xb9, 0x8e, 0xc2, 0x6d, 0x4f, 0x27, 0xde, 0x03, 0x25,
-	0x32, 0xd2, 0x99, 0xd2, 0x0d, 0x3b, 0x33, 0xe7, 0x5d, 0x4a, 0x09, 0x2b, 0x52, 0xca, 0xf5, 0x55,
-	0x2a, 0x65, 0xf9, 0xa7, 0x0c, 0x6c, 0xde, 0x50, 0xa4, 0x3b, 0xbe, 0x42, 0x33, 0x6a, 0xad, 0xdd,
-	0x42, 0xad, 0x94, 0x21, 0x99, 0x0f, 0x65, 0x48, 0xda, 0x9c, 0xec, 0x7b, 0x36, 0xc7, 0x5a, 0x55,
-	0x73, 0xec, 0x15, 0x35, 0x27, 0xb7, 0xca, 0xe6, 0x7c, 0x76, 0x00, 0x90, 0xaa, 0x00, 0xda, 0x80,
-	0x7c, 0xf3, 0xb4, 0x76, 0xd8, 0x6e, 0x7e, 0xdb, 0x28, 0x18, 0x68, 0x1d, 0x72, 0x2f, 0x1b, 0xa7,
-	0x47, 0xcd, 0xd3, 0x17, 0xfa, 0xd7, 0xe7, 0xeb, 0x26, 0x96, 0xe3, 0xb5, 0xfd, 0xaf, 0xc0, 0x52,
-	0xbf, 0x3e, 0xe8, 0x59, 0x32, 0x78, 0xb8, 0xec, 0x97, 0xad, 0xb8, 0xb5, 0xe0, 0xd5, 0x02, 0xf5,
-	0x85, 0x59, 0x7f, 0x7c, 0xf9, 0x67, 0xc9, 0xb8, 0xbc, 0x2a, 0x99, 0xef, 0xae, 0x4a, 0xe6, 0x1f,
-	0x57, 0x25, 0xf3, 0xed, 0x75, 0xc9, 0x78, 0x77, 0x5d, 0x32, 0x7e, 0xbb, 0x2e, 0x19, 0xaf, 0x72,
-	0xf1, 0x6f, 0x6a, 0xd7, 0x56, 0x97, 0x3b, 0xf8, 0x2b, 0x00, 0x00, 0xff, 0xff, 0x02, 0xf0, 0xe5,
-	0x62, 0xbe, 0x0a, 0x00, 0x00,
+	0xc2, 0x2d, 0x1a, 0xa9, 0xb0, 0x91, 0x14, 0x39, 0x15, 0xa2, 0xad, 0xc6, 0x02, 0x0c, 0x37, 0x58,
+	0x09, 0x3d, 0xa4, 0x07, 0x95, 0x92, 0x37, 0x32, 0x01, 0x8a, 0x64, 0x76, 0x57, 0x2e, 0xf4, 0x00,
+	0xbd, 0xe7, 0xdc, 0x17, 0xe9, 0xbd, 0x27, 0x1f, 0x73, 0xec, 0x49, 0x6d, 0xed, 0x9b, 0x0e, 0x7d,
+	0x86, 0x62, 0x77, 0x49, 0x51, 0x56, 0xe5, 0x3a, 0x69, 0xd5, 0x8b, 0x66, 0x77, 0xe6, 0x9b, 0xfd,
+	0x99, 0xf9, 0xf6, 0x13, 0x61, 0x9b, 0x8e, 0x02, 0xc2, 0xea, 0xf2, 0x37, 0xee, 0xd5, 0x69, 0xdc,
+	0xaf, 0xc5, 0x34, 0xe2, 0x11, 0x32, 0xf9, 0xb9, 0x17, 0x46, 0xac, 0xbc, 0xc3, 0x78, 0x44, 0x49,
+	0x5d, 0xfe, 0xc6, 0xbd, 0x3a, 0x1f, 0xc7, 0x84, 0x29, 0x48, 0x1a, 0x0a, 0xbc, 0x1e, 0x09, 0x16,
+	0x42, 0x0f, 0x07, 0xd1, 0x20, 0x92, 0xc3, 0xba, 0x18, 0x25, 0x5e, 0x67, 0x10, 0x45, 0x83, 0x80,
+	0xd4, 0xe5, 0xac, 0x37, 0x7a, 0x5d, 0xe7, 0xfe, 0x90, 0x30, 0xee, 0x0d, 0x63, 0x05, 0xa8, 0xfe,
+	0xa2, 0xc3, 0x06, 0x16, 0x47, 0xc1, 0xe4, 0xcd, 0x88, 0x30, 0x8e, 0x9e, 0x40, 0x5e, 0x2c, 0x6b,
+	0xeb, 0xbb, 0xfa, 0xde, 0xbd, 0xfd, 0x9d, 0x9a, 0x3a, 0x54, 0x6d, 0x1e, 0x53, 0xeb, 0x8c, 0x63,
+	0x82, 0x25, 0x0c, 0x7d, 0x07, 0x3b, 0xb1, 0x47, 0xb9, 0xef, 0x05, 0x5d, 0x4a, 0x58, 0x1c, 0x85,
+	0x8c, 0x74, 0x19, 0xa7, 0x1e, 0x27, 0x83, 0xb1, 0xbd, 0x26, 0xd7, 0x70, 0xd2, 0x35, 0x5e, 0x2a,
+	0x20, 0x4e, 0x70, 0xed, 0x04, 0x86, 0xb7, 0xe3, 0xe5, 0x81, 0xea, 0x27, 0x90, 0x17, 0x5b, 0xa1,
+	0x02, 0xe4, 0x1a, 0x27, 0x27, 0x25, 0x0d, 0x59, 0x60, 0x34, 0x4e, 0x9a, 0xb8, 0x53, 0xd2, 0x11,
+	0x80, 0x89, 0x9b, 0x87, 0xdf, 0xe0, 0xa3, 0xd2, 0x5a, 0xf5, 0x7b, 0xd8, 0x4c, 0xce, 0xa7, 0x16,
+	0x40, 0x9f, 0x82, 0x31, 0xa0, 0xd1, 0x28, 0x96, 0xb7, 0x58, 0xdf, 0xff, 0x68, 0xfe, 0x16, 0x2f,
+	0x44, 0xe0, 0x58, 0xc3, 0x0a, 0x81, 0xca, 0x50, 0xf8, 0xc1, 0xa3, 0xa1, 0x1f, 0x0e, 0xe4, 0x71,
+	0xad, 0x63, 0x0d, 0xa7, 0x0e, 0xb7, 0x08, 0x26, 0x25, 0x6c, 0x14, 0xf0, 0xea, 0x21, 0xc0, 0x2c,
+	0x97, 0xa1, 0xa7, 0x60, 0xca, 0x64, 0x66, 0xeb, 0xbb, 0xb9, 0xa5, 0xeb, 0xbb, 0x30, 0x9d, 0x38,
+	0x09, 0x08, 0x27, 0xb6, 0xfa, 0x67, 0x0e, 0xac, 0x19, 0x02, 0x7d, 0x0c, 0xf9, 0xd0, 0x1b, 0xaa,
+	0x42, 0x5b, 0x6e, 0x71, 0x3a, 0x71, 0xe4, 0x1c, 0xcb, 0x5f, 0x11, 0x7d, 0xed, 0x07, 0x44, 0x9d,
+	0x49, 0x45, 0xc5, 0x1c, 0xcb, 0x5f, 0xf4, 0x04, 0x0c, 0xc9, 0x1f, 0x3b, 0x27, 0xf7, 0xdf, 0x98,
+	0xdf, 0xdf, 0xb5, 0xa6, 0x13, 0x47, 0x85, 0xb1, 0x32, 0x68, 0x0f, 0x8a, 0x7e, 0xc8, 0x09, 0xbd,
+	0xf0, 0x02, 0x3b, 0xbf, 0xab, 0xef, 0xe9, 0xee, 0xc6, 0x74, 0xe2, 0xcc, 0x7c, 0x78, 0x36, 0x42,
+	0x18, 0x1e, 0x91, 0x0b, 0x2f, 0x18, 0x79, 0xdc, 0x8f, 0xc2, 0xee, 0xd9, 0x88, 0xaa, 0x01, 0x23,
+	0xfd, 0x28, 0x3c, 0x63, 0xb6, 0x21, 0x93, 0xd1, 0x74, 0xe2, 0xdc, 0xcb, 0x60, 0x1d, 0x7f, 0x48,
+	0xf0, 0x4e, 0x36, 0x3f, 0x4a, 0xb2, 0xda, 0x2a, 0x09, 0x75, 0xe1, 0x7e, 0xe0, 0x31, 0xde, 0xcd,
+	0x10, 0xb6, 0x29, 0xdb, 0x52, 0xae, 0x29, 0x76, 0xd6, 0x52, 0x76, 0xd6, 0x3a, 0x29, 0x3b, 0xdd,
+	0xf2, 0xe5, 0xc4, 0xd1, 0xc4, 0x3e, 0x22, 0xb5, 0x39, 0xcb, 0x7c, 0xfb, 0x9b, 0xa3, 0xe3, 0x05,
+	0x1f, 0x72, 0xc0, 0x08, 0xfc, 0xa1, 0xcf, 0x6d, 0x6b, 0x57, 0xdf, 0xcb, 0xa9, 0xfb, 0x4b, 0x07,
+	0x56, 0x06, 0x5d, 0xc0, 0xf6, 0x2d, 0xdc, 0xb3, 0x8b, 0xef, 0x45, 0x51, 0xf7, 0xd1, 0x74, 0xe2,
+	0xdc, 0x46, 0x53, 0x7c, 0xdb, 0xe2, 0xd5, 0x10, 0xf2, 0xa2, 0x23, 0xe8, 0x29, 0x58, 0x94, 0xf4,
+	0x23, 0x7a, 0x26, 0x58, 0xa6, 0x28, 0xb9, 0x35, 0x6b, 0x59, 0x1a, 0x10, 0xc8, 0x63, 0x0d, 0x67,
+	0x48, 0xf4, 0x18, 0x0c, 0x2f, 0x20, 0x94, 0x4b, 0x12, 0xac, 0xef, 0x6f, 0xa6, 0x29, 0x0d, 0xe1,
+	0x14, 0x0c, 0x96, 0xd1, 0x39, 0x96, 0xfe, 0x9c, 0x83, 0x4d, 0x19, 0x6c, 0x85, 0x8c, 0x7b, 0x61,
+	0x9f, 0xa0, 0xe7, 0x60, 0x4a, 0xb1, 0x60, 0x8b, 0x2f, 0xe1, 0xd5, 0x89, 0x70, 0xb7, 0x09, 0x77,
+	0xef, 0x25, 0x95, 0x4e, 0x80, 0x38, 0xb1, 0xe8, 0x18, 0xd6, 0xbd, 0x30, 0x8c, 0xb8, 0xac, 0x31,
+	0x4b, 0xce, 0xb0, 0x24, 0xff, 0x41, 0x92, 0x3f, 0x8f, 0xc6, 0xf3, 0x13, 0x74, 0x00, 0x06, 0xe3,
+	0x1e, 0x27, 0x76, 0x4e, 0x16, 0x1b, 0xdd, 0xb8, 0x47, 0x5b, 0x44, 0x54, 0xcf, 0x24, 0x08, 0x2b,
+	0x83, 0xda, 0x60, 0x79, 0x7d, 0xee, 0x5f, 0x90, 0xae, 0xc7, 0x25, 0x69, 0xef, 0xe0, 0xcb, 0x74,
+	0xe2, 0x20, 0x95, 0xd0, 0xe0, 0x9f, 0x47, 0x43, 0x9f, 0x93, 0x61, 0xcc, 0xc7, 0x92, 0x2f, 0xc5,
+	0xd4, 0x2f, 0x98, 0x22, 0x68, 0x43, 0x24, 0x91, 0x2d, 0xb5, 0xab, 0x74, 0x60, 0x65, 0xfe, 0x89,
+	0x29, 0xe6, 0xff, 0xc9, 0x94, 0x1f, 0x0d, 0x30, 0x64, 0x39, 0xb2, 0x62, 0xe9, 0x1f, 0x50, 0xac,
+	0x54, 0x4b, 0xd6, 0x96, 0x6a, 0x89, 0x03, 0xc6, 0x9b, 0x11, 0xa1, 0x63, 0x59, 0xff, 0xe4, 0xd6,
+	0xd2, 0x81, 0x95, 0x41, 0x5f, 0x42, 0xe9, 0x6f, 0x4f, 0x7d, 0x4e, 0x27, 0xd2, 0x18, 0xbe, 0x7f,
+	0xb6, 0xf0, 0xb4, 0x33, 0x7a, 0x19, 0xff, 0x91, 0x5e, 0xe6, 0xbf, 0xa7, 0xd7, 0x73, 0x30, 0xe5,
+	0x43, 0x60, 0x76, 0x41, 0xaa, 0xe1, 0xd6, 0x8d, 0x92, 0xa5, 0x4f, 0x41, 0x29, 0xb2, 0x02, 0xe2,
+	0xc4, 0xa2, 0x2a, 0x98, 0xe7, 0xc4, 0x0b, 0xf8, 0xb9, 0xd4, 0x01, 0x4b, 0x61, 0x94, 0x07, 0x27,
+	0x16, 0x3d, 0x03, 0x50, 0xf2, 0x45, 0x69, 0x44, 0xa5, 0xc4, 0x58, 0xee, 0xf6, 0x74, 0xe2, 0x3c,
+	0x90, 0x2a, 0x24, 0x9c, 0x19, 0xdd, 0xb0, 0x35, 0x73, 0xde, 0x25, 0xa5, 0xb0, 0x22, 0x29, 0x5d,
+	0x5f, 0xa5, 0x94, 0x56, 0x7f, 0xca, 0xc1, 0xe6, 0x0d, 0x45, 0xba, 0xe3, 0x6f, 0x6a, 0x46, 0xad,
+	0xb5, 0x5b, 0xa8, 0x95, 0x31, 0x24, 0xf7, 0xa1, 0x0c, 0xc9, 0x9a, 0x93, 0x7f, 0xcf, 0xe6, 0x18,
+	0xab, 0x6a, 0x8e, 0xb9, 0xa2, 0xe6, 0x14, 0x56, 0xd9, 0x9c, 0xcf, 0x0e, 0x00, 0x32, 0x15, 0x40,
+	0x1b, 0x50, 0x6c, 0x9d, 0x36, 0x0e, 0x3b, 0xad, 0x6f, 0x9b, 0x25, 0x0d, 0xad, 0x43, 0xe1, 0x65,
+	0xf3, 0xf4, 0xa8, 0x75, 0xfa, 0x42, 0x7d, 0x1b, 0x7d, 0xdd, 0xc2, 0x62, 0xbc, 0xb6, 0xff, 0x15,
+	0x18, 0xf2, 0xdb, 0x08, 0x3d, 0x4b, 0x07, 0x0f, 0x97, 0x7d, 0xd3, 0x95, 0xb7, 0x16, 0xbc, 0x4a,
+	0xa0, 0xbe, 0xd0, 0xdd, 0xc7, 0x97, 0x7f, 0x54, 0xb4, 0xcb, 0xab, 0x8a, 0xfe, 0xee, 0xaa, 0xa2,
+	0xff, 0x7e, 0x55, 0xd1, 0xdf, 0x5e, 0x57, 0xb4, 0x77, 0xd7, 0x15, 0xed, 0xd7, 0xeb, 0x8a, 0xf6,
+	0xaa, 0x90, 0x7c, 0xc7, 0xf6, 0x4c, 0x79, 0xb9, 0x83, 0xbf, 0x02, 0x00, 0x00, 0xff, 0xff, 0x8f,
+	0x24, 0x78, 0x7a, 0xdf, 0x0a, 0x00, 0x00,
 }
 
 // Reference imports to suppress errors if they are not otherwise used.
@@ -884,6 +886,11 @@ func (m *RuleGroup) MarshalToSizedBuffer(dAtA []byte) (int, error) {
 	_ = i
 	var l int
 	_ = l
+	if m.Limit != 0 {
+		i = encodeVarintRpc(dAtA, i, uint64(m.Limit))
+		i--
+		dAtA[i] = 0x48
+	}
 	if m.PartialResponseStrategy != 0 {
 		i = encodeVarintRpc(dAtA, i, uint64(m.PartialResponseStrategy))
 		i--
@@ -1375,6 +1382,9 @@ func (m *RuleGroup) Size() (n int) {
 	if m.PartialResponseStrategy != 0 {
 		n += 1 + sovRpc(uint64(m.PartialResponseStrategy))
 	}
+	if m.Limit != 0 {
+		n += 1 + sovRpc(uint64(m.Limit))
+	}
 	return n
 }
 
@@ -2015,6 +2025,25 @@ func (m *RuleGroup) Unmarshal(dAtA []byte) error {
 					break
 				}
 			}
+		case 9:
+			if wireType != 0 {
+				return fmt.Errorf("proto: wrong wireType = %d for field Limit", wireType)
+			}
+			m.Limit = 0
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowRpc
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				m.Limit |= int64(b&0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
 		default:
 			iNdEx = preIndex
 			skippy, err := skipRpc(dAtA[iNdEx:])
diff --git a/vendor/github.com/thanos-io/thanos/pkg/rules/rulespb/rpc.proto b/vendor/github.com/thanos-io/thanos/pkg/rules/rulespb/rpc.proto
index 2d791f6cf09..2049334610d 100644
--- a/vendor/github.com/thanos-io/thanos/pkg/rules/rulespb/rpc.proto
+++ b/vendor/github.com/thanos-io/thanos/pkg/rules/rulespb/rpc.proto
@@ -72,6 +72,7 @@ message RuleGroup {
     double interval                           = 4 [(gogoproto.jsontag) = "interval" ];
     double evaluation_duration_seconds        = 5 [(gogoproto.jsontag) = "evaluationTime" ]; // TODO: Is it really second?
     google.protobuf.Timestamp last_evaluation = 6 [(gogoproto.jsontag) = "lastEvaluation", (gogoproto.stdtime) = true, (gogoproto.nullable) = false ];
+    int64 limit                               = 9 [(gogoproto.jsontag) = "limit" ];
 
     // Thanos specific.
     PartialResponseStrategy PartialResponseStrategy = 8 [(gogoproto.jsontag) = "partialResponseStrategy" ];
diff --git a/vendor/github.com/thanos-io/thanos/pkg/runutil/runutil.go b/vendor/github.com/thanos-io/thanos/pkg/runutil/runutil.go
index 77652cbb9f1..05b4bd46ea0 100644
--- a/vendor/github.com/thanos-io/thanos/pkg/runutil/runutil.go
+++ b/vendor/github.com/thanos-io/thanos/pkg/runutil/runutil.go
@@ -58,8 +58,8 @@ import (
 	"strings"
 	"time"
 
-	"github.com/go-kit/kit/log"
-	"github.com/go-kit/kit/log/level"
+	"github.com/go-kit/log"
+	"github.com/go-kit/log/level"
 	"github.com/pkg/errors"
 
 	"github.com/thanos-io/thanos/pkg/errutil"
diff --git a/vendor/github.com/thanos-io/thanos/pkg/shipper/shipper.go b/vendor/github.com/thanos-io/thanos/pkg/shipper/shipper.go
index 2dac5a5cc97..2d410538ea2 100644
--- a/vendor/github.com/thanos-io/thanos/pkg/shipper/shipper.go
+++ b/vendor/github.com/thanos-io/thanos/pkg/shipper/shipper.go
@@ -15,15 +15,16 @@ import (
 	"path/filepath"
 	"sort"
 
-	"github.com/go-kit/kit/log"
-	"github.com/go-kit/kit/log/level"
+	"github.com/go-kit/log"
+	"github.com/go-kit/log/level"
 	"github.com/oklog/ulid"
 	"github.com/pkg/errors"
 	"github.com/prometheus/client_golang/prometheus"
 	"github.com/prometheus/client_golang/prometheus/promauto"
-	"github.com/prometheus/prometheus/pkg/labels"
+	"github.com/prometheus/prometheus/model/labels"
 	"github.com/prometheus/prometheus/tsdb"
 	"github.com/prometheus/prometheus/tsdb/fileutil"
+
 	"github.com/thanos-io/thanos/pkg/block"
 	"github.com/thanos-io/thanos/pkg/block/metadata"
 	"github.com/thanos-io/thanos/pkg/objstore"
diff --git a/vendor/github.com/thanos-io/thanos/pkg/store/bucket.go b/vendor/github.com/thanos-io/thanos/pkg/store/bucket.go
index d181f047315..0be444d24ab 100644
--- a/vendor/github.com/thanos-io/thanos/pkg/store/bucket.go
+++ b/vendor/github.com/thanos-io/thanos/pkg/store/bucket.go
@@ -20,14 +20,16 @@ import (
 	"sync"
 	"time"
 
-	"github.com/go-kit/kit/log"
-	"github.com/go-kit/kit/log/level"
+	"github.com/alecthomas/units"
+	"github.com/go-kit/log"
+	"github.com/go-kit/log/level"
 	"github.com/gogo/protobuf/types"
 	"github.com/oklog/ulid"
 	"github.com/pkg/errors"
 	"github.com/prometheus/client_golang/prometheus"
 	"github.com/prometheus/client_golang/prometheus/promauto"
-	"github.com/prometheus/prometheus/pkg/labels"
+	"github.com/prometheus/prometheus/model/labels"
+	"github.com/prometheus/prometheus/storage"
 	"github.com/prometheus/prometheus/tsdb/chunkenc"
 	"github.com/prometheus/prometheus/tsdb/chunks"
 	"github.com/prometheus/prometheus/tsdb/encoding"
@@ -92,12 +94,19 @@ const (
 	// Labels for metrics.
 	labelEncode = "encode"
 	labelDecode = "decode"
+
+	minBlockSyncConcurrency = 1
+)
+
+var (
+	errBlockSyncConcurrencyNotValid = errors.New("the block sync concurrency must be equal or greater than 1.")
 )
 
 type bucketStoreMetrics struct {
 	blocksLoaded          prometheus.Gauge
 	blockLoads            prometheus.Counter
 	blockLoadFailures     prometheus.Counter
+	lastLoadedBlock       prometheus.Gauge
 	blockDrops            prometheus.Counter
 	blockDropFailures     prometheus.Counter
 	seriesDataTouched     *prometheus.SummaryVec
@@ -145,6 +154,10 @@ func newBucketStoreMetrics(reg prometheus.Registerer) *bucketStoreMetrics {
 		Name: "thanos_bucket_store_blocks_loaded",
 		Help: "Number of currently loaded blocks.",
 	})
+	m.lastLoadedBlock = promauto.With(reg).NewGauge(prometheus.GaugeOpts{
+		Name: "thanos_bucket_store_blocks_last_loaded_timestamp_seconds",
+		Help: "Timestamp when last block got loaded.",
+	})
 
 	m.seriesDataTouched = promauto.With(reg).NewSummaryVec(prometheus.SummaryOpts{
 		Name: "thanos_bucket_store_series_data_touched",
@@ -298,6 +311,13 @@ type BucketStore struct {
 	enableSeriesResponseHints bool
 }
 
+func (b *BucketStore) validate() error {
+	if b.blockSyncConcurrency < minBlockSyncConcurrency {
+		return errBlockSyncConcurrencyNotValid
+	}
+	return nil
+}
+
 type noopCache struct{}
 
 func (noopCache) StorePostings(context.Context, ulid.ULID, labels.Label, []byte) {}
@@ -305,9 +325,9 @@ func (noopCache) FetchMultiPostings(_ context.Context, _ ulid.ULID, keys []label
 	return map[labels.Label][]byte{}, keys
 }
 
-func (noopCache) StoreSeries(context.Context, ulid.ULID, uint64, []byte) {}
-func (noopCache) FetchMultiSeries(_ context.Context, _ ulid.ULID, ids []uint64) (map[uint64][]byte, []uint64) {
-	return map[uint64][]byte{}, ids
+func (noopCache) StoreSeries(context.Context, ulid.ULID, storage.SeriesRef, []byte) {}
+func (noopCache) FetchMultiSeries(_ context.Context, _ ulid.ULID, ids []storage.SeriesRef) (map[storage.SeriesRef][]byte, []storage.SeriesRef) {
+	return map[storage.SeriesRef][]byte{}, ids
 }
 
 // BucketStoreOption are functions that configure BucketStore.
@@ -407,6 +427,10 @@ func NewBucketStore(
 	s.indexReaderPool = indexheader.NewReaderPool(s.logger, lazyIndexReaderEnabled, lazyIndexReaderIdleTimeout, indexReaderPoolMetrics)
 	s.metrics = newBucketStoreMetrics(s.reg) // TODO(metalmatze): Might be possible via Option too
 
+	if err := s.validate(); err != nil {
+		return nil, errors.Wrap(err, "validate config")
+	}
+
 	if err := os.MkdirAll(dir, 0750); err != nil {
 		return nil, errors.Wrap(err, "create dir")
 	}
@@ -611,7 +635,7 @@ func (s *BucketStore) addBlock(ctx context.Context, meta *metadata.Meta) (err er
 	s.blocks[b.meta.ULID] = b
 
 	s.metrics.blocksLoaded.Inc()
-
+	s.metrics.lastLoadedBlock.SetToCurrentTime()
 	return nil
 }
 
@@ -659,6 +683,16 @@ func (s *BucketStore) TimeRange() (mint, maxt int64) {
 	return mint, maxt
 }
 
+func (s *BucketStore) LabelSet() []labelpb.ZLabelSet {
+	labelSets := s.advLabelSets
+
+	if s.enableCompatibilityLabel && len(labelSets) > 0 {
+		labelSets = append(labelSets, labelpb.ZLabelSet{Labels: []labelpb.ZLabel{{Name: CompatibilityTypeLabelName, Value: "store"}}})
+	}
+
+	return labelSets
+}
+
 // Info implements the storepb.StoreServer interface.
 func (s *BucketStore) Info(context.Context, *storepb.InfoRequest) (*storepb.InfoResponse, error) {
 	mint, maxt := s.TimeRange()
@@ -669,14 +703,8 @@ func (s *BucketStore) Info(context.Context, *storepb.InfoRequest) (*storepb.Info
 	}
 
 	s.mtx.RLock()
-	res.LabelSets = s.advLabelSets
+	res.LabelSets = s.LabelSet()
 	s.mtx.RUnlock()
-
-	if s.enableCompatibilityLabel && len(res.LabelSets) > 0 {
-		// This is for compatibility with Querier v0.7.0.
-		// See query.StoreCompatibilityTypeLabelName comment for details.
-		res.LabelSets = append(res.LabelSets, labelpb.ZLabelSet{Labels: []labelpb.ZLabel{{Name: CompatibilityTypeLabelName, Value: "store"}}})
-	}
 	return res, nil
 }
 
@@ -710,7 +738,7 @@ func (s *BucketStore) limitMaxTime(maxt int64) int64 {
 
 type seriesEntry struct {
 	lset labels.Labels
-	refs []uint64
+	refs []chunks.ChunkRef
 	chks []storepb.AggrChunk
 }
 
@@ -798,7 +826,7 @@ func blockSeries(
 		s := seriesEntry{}
 		if !skipChunks {
 			// Schedule loading chunks.
-			s.refs = make([]uint64, 0, len(chks))
+			s.refs = make([]chunks.ChunkRef, 0, len(chks))
 			s.chks = make([]storepb.AggrChunk, 0, len(chks))
 			for j, meta := range chks {
 				// seriesEntry s is appended to res, but not at every outer loop iteration,
@@ -1064,27 +1092,28 @@ func (s *BucketStore) Series(req *storepb.SeriesRequest, srv storepb.Store_Serie
 	defer func() {
 		s.metrics.seriesDataTouched.WithLabelValues("postings").Observe(float64(stats.postingsTouched))
 		s.metrics.seriesDataFetched.WithLabelValues("postings").Observe(float64(stats.postingsFetched))
-		s.metrics.seriesDataSizeTouched.WithLabelValues("postings").Observe(float64(stats.postingsTouchedSizeSum))
-		s.metrics.seriesDataSizeFetched.WithLabelValues("postings").Observe(float64(stats.postingsFetchedSizeSum))
+		s.metrics.seriesDataSizeTouched.WithLabelValues("postings").Observe(float64(stats.PostingsTouchedSizeSum))
+		s.metrics.seriesDataSizeFetched.WithLabelValues("postings").Observe(float64(stats.PostingsFetchedSizeSum))
 		s.metrics.seriesDataTouched.WithLabelValues("series").Observe(float64(stats.seriesTouched))
 		s.metrics.seriesDataFetched.WithLabelValues("series").Observe(float64(stats.seriesFetched))
-		s.metrics.seriesDataSizeTouched.WithLabelValues("series").Observe(float64(stats.seriesTouchedSizeSum))
-		s.metrics.seriesDataSizeFetched.WithLabelValues("series").Observe(float64(stats.seriesFetchedSizeSum))
+		s.metrics.seriesDataSizeTouched.WithLabelValues("series").Observe(float64(stats.SeriesTouchedSizeSum))
+		s.metrics.seriesDataSizeFetched.WithLabelValues("series").Observe(float64(stats.SeriesFetchedSizeSum))
 		s.metrics.seriesDataTouched.WithLabelValues("chunks").Observe(float64(stats.chunksTouched))
 		s.metrics.seriesDataFetched.WithLabelValues("chunks").Observe(float64(stats.chunksFetched))
-		s.metrics.seriesDataSizeTouched.WithLabelValues("chunks").Observe(float64(stats.chunksTouchedSizeSum))
-		s.metrics.seriesDataSizeFetched.WithLabelValues("chunks").Observe(float64(stats.chunksFetchedSizeSum))
+		s.metrics.seriesDataSizeTouched.WithLabelValues("chunks").Observe(float64(stats.ChunksTouchedSizeSum))
+		s.metrics.seriesDataSizeFetched.WithLabelValues("chunks").Observe(float64(stats.ChunksFetchedSizeSum))
 		s.metrics.resultSeriesCount.Observe(float64(stats.mergedSeriesCount))
 		s.metrics.cachedPostingsCompressions.WithLabelValues(labelEncode).Add(float64(stats.cachedPostingsCompressions))
 		s.metrics.cachedPostingsCompressions.WithLabelValues(labelDecode).Add(float64(stats.cachedPostingsDecompressions))
 		s.metrics.cachedPostingsCompressionErrors.WithLabelValues(labelEncode).Add(float64(stats.cachedPostingsCompressionErrors))
 		s.metrics.cachedPostingsCompressionErrors.WithLabelValues(labelDecode).Add(float64(stats.cachedPostingsDecompressionErrors))
-		s.metrics.cachedPostingsCompressionTimeSeconds.WithLabelValues(labelEncode).Add(stats.cachedPostingsCompressionTimeSum.Seconds())
-		s.metrics.cachedPostingsCompressionTimeSeconds.WithLabelValues(labelDecode).Add(stats.cachedPostingsDecompressionTimeSum.Seconds())
-		s.metrics.cachedPostingsOriginalSizeBytes.Add(float64(stats.cachedPostingsOriginalSizeSum))
-		s.metrics.cachedPostingsCompressedSizeBytes.Add(float64(stats.cachedPostingsCompressedSizeSum))
+		s.metrics.cachedPostingsCompressionTimeSeconds.WithLabelValues(labelEncode).Add(stats.CachedPostingsCompressionTimeSum.Seconds())
+		s.metrics.cachedPostingsCompressionTimeSeconds.WithLabelValues(labelDecode).Add(stats.CachedPostingsDecompressionTimeSum.Seconds())
+		s.metrics.cachedPostingsOriginalSizeBytes.Add(float64(stats.CachedPostingsOriginalSizeSum))
+		s.metrics.cachedPostingsCompressedSizeBytes.Add(float64(stats.CachedPostingsCompressedSizeSum))
 
 		level.Debug(s.logger).Log("msg", "stats query processed",
+			"request", req,
 			"stats", fmt.Sprintf("%+v", stats), "err", err)
 	}()
 
@@ -1102,8 +1131,8 @@ func (s *BucketStore) Series(req *storepb.SeriesRequest, srv storepb.Store_Serie
 			return status.Error(code, err.Error())
 		}
 		stats.blocksQueried = len(res)
-		stats.getAllDuration = time.Since(begin)
-		s.metrics.seriesGetAllDuration.Observe(stats.getAllDuration.Seconds())
+		stats.GetAllDuration = time.Since(begin)
+		s.metrics.seriesGetAllDuration.Observe(stats.GetAllDuration.Seconds())
 		s.metrics.seriesBlocksQueried.Observe(float64(stats.blocksQueried))
 	}
 	// Merge the sub-results from each selected block.
@@ -1137,8 +1166,8 @@ func (s *BucketStore) Series(req *storepb.SeriesRequest, srv storepb.Store_Serie
 			err = status.Error(codes.Unknown, errors.Wrap(set.Err(), "expand series set").Error())
 			return
 		}
-		stats.mergeDuration = time.Since(begin)
-		s.metrics.seriesMergeDuration.Observe(stats.mergeDuration.Seconds())
+		stats.MergeDuration = time.Since(begin)
+		s.metrics.seriesMergeDuration.Observe(stats.MergeDuration.Seconds())
 
 		err = nil
 	})
@@ -1736,7 +1765,7 @@ type bucketIndexReader struct {
 	stats *queryStats
 
 	mtx          sync.Mutex
-	loadedSeries map[uint64][]byte
+	loadedSeries map[storage.SeriesRef][]byte
 }
 
 func newBucketIndexReader(block *bucketBlock) *bucketIndexReader {
@@ -1746,7 +1775,7 @@ func newBucketIndexReader(block *bucketBlock) *bucketIndexReader {
 			LookupSymbol: block.indexHeaderReader.LookupSymbol,
 		},
 		stats:        &queryStats{},
-		loadedSeries: map[uint64][]byte{},
+		loadedSeries: map[storage.SeriesRef][]byte{},
 	}
 	return r
 }
@@ -1760,7 +1789,7 @@ func newBucketIndexReader(block *bucketBlock) *bucketIndexReader {
 // Reminder: A posting is a reference (represented as a uint64) to a series reference, which in turn points to the first
 // chunk where the series contains the matching label-value pair for a given block of data. Postings can be fetched by
 // single label name=value.
-func (r *bucketIndexReader) ExpandedPostings(ctx context.Context, ms []*labels.Matcher) ([]uint64, error) {
+func (r *bucketIndexReader) ExpandedPostings(ctx context.Context, ms []*labels.Matcher) ([]storage.SeriesRef, error) {
 	var (
 		postingGroups []*postingGroup
 		allRequested  = false
@@ -1962,7 +1991,7 @@ func (r *bucketIndexReader) fetchPostings(ctx context.Context, keys []labels.Lab
 		// Get postings for the given key from cache first.
 		if b, ok := fromCache[key]; ok {
 			r.stats.postingsTouched++
-			r.stats.postingsTouchedSizeSum += len(b)
+			r.stats.PostingsTouchedSizeSum += units.Base2Bytes(len(b))
 
 			// Even if this instance is not using compression, there may be compressed
 			// entries in the cache written by other stores.
@@ -1974,7 +2003,7 @@ func (r *bucketIndexReader) fetchPostings(ctx context.Context, keys []labels.Lab
 				s := time.Now()
 				l, err = diffVarintSnappyDecode(b)
 				r.stats.cachedPostingsDecompressions += 1
-				r.stats.cachedPostingsDecompressionTimeSum += time.Since(s)
+				r.stats.CachedPostingsDecompressionTimeSum += time.Since(s)
 				if err != nil {
 					r.stats.cachedPostingsDecompressionErrors += 1
 				}
@@ -2037,8 +2066,8 @@ func (r *bucketIndexReader) fetchPostings(ctx context.Context, keys []labels.Lab
 			r.mtx.Lock()
 			r.stats.postingsFetchCount++
 			r.stats.postingsFetched += j - i
-			r.stats.postingsFetchDurationSum += fetchTime
-			r.stats.postingsFetchedSizeSum += int(length)
+			r.stats.PostingsFetchDurationSum += fetchTime
+			r.stats.PostingsFetchedSizeSum += units.Base2Bytes(int(length))
 			r.mtx.Unlock()
 
 			for _, p := range ptrs[i:j] {
@@ -2078,12 +2107,12 @@ func (r *bucketIndexReader) fetchPostings(ctx context.Context, keys []labels.Lab
 
 				// If we just fetched it we still have to update the stats for touched postings.
 				r.stats.postingsTouched++
-				r.stats.postingsTouchedSizeSum += len(pBytes)
+				r.stats.PostingsTouchedSizeSum += units.Base2Bytes(len(pBytes))
 				r.stats.cachedPostingsCompressions += compressions
 				r.stats.cachedPostingsCompressionErrors += compressionErrors
-				r.stats.cachedPostingsOriginalSizeSum += len(pBytes)
-				r.stats.cachedPostingsCompressedSizeSum += compressedSize
-				r.stats.cachedPostingsCompressionTimeSum += compressionTime
+				r.stats.CachedPostingsOriginalSizeSum += units.Base2Bytes(len(pBytes))
+				r.stats.CachedPostingsCompressedSizeSum += units.Base2Bytes(compressedSize)
+				r.stats.CachedPostingsCompressionTimeSum += compressionTime
 				r.mtx.Unlock()
 			}
 			return nil
@@ -2120,8 +2149,8 @@ func newBigEndianPostings(list []byte) *bigEndianPostings {
 	return &bigEndianPostings{list: list}
 }
 
-func (it *bigEndianPostings) At() uint64 {
-	return uint64(it.cur)
+func (it *bigEndianPostings) At() storage.SeriesRef {
+	return storage.SeriesRef(it.cur)
 }
 
 func (it *bigEndianPostings) Next() bool {
@@ -2133,8 +2162,8 @@ func (it *bigEndianPostings) Next() bool {
 	return false
 }
 
-func (it *bigEndianPostings) Seek(x uint64) bool {
-	if uint64(it.cur) >= x {
+func (it *bigEndianPostings) Seek(x storage.SeriesRef) bool {
+	if storage.SeriesRef(it.cur) >= x {
 		return true
 	}
 
@@ -2162,7 +2191,7 @@ func (it *bigEndianPostings) length() int {
 	return len(it.list) / 4
 }
 
-func (r *bucketIndexReader) PreloadSeries(ctx context.Context, ids []uint64) error {
+func (r *bucketIndexReader) PreloadSeries(ctx context.Context, ids []storage.SeriesRef) error {
 	timer := prometheus.NewTimer(r.block.metrics.seriesFetchDuration)
 	defer timer.ObserveDuration()
 
@@ -2174,7 +2203,7 @@ func (r *bucketIndexReader) PreloadSeries(ctx context.Context, ids []uint64) err
 	}
 
 	parts := r.block.partitioner.Partition(len(ids), func(i int) (start, end uint64) {
-		return ids[i], ids[i] + maxSeriesSize
+		return uint64(ids[i]), uint64(ids[i] + maxSeriesSize)
 	})
 	g, ctx := errgroup.WithContext(ctx)
 	for _, p := range parts {
@@ -2188,7 +2217,7 @@ func (r *bucketIndexReader) PreloadSeries(ctx context.Context, ids []uint64) err
 	return g.Wait()
 }
 
-func (r *bucketIndexReader) loadSeries(ctx context.Context, ids []uint64, refetch bool, start, end uint64) error {
+func (r *bucketIndexReader) loadSeries(ctx context.Context, ids []storage.SeriesRef, refetch bool, start, end uint64) error {
 	begin := time.Now()
 
 	b, err := r.block.readIndexRange(ctx, int64(start), int64(end-start))
@@ -2199,12 +2228,12 @@ func (r *bucketIndexReader) loadSeries(ctx context.Context, ids []uint64, refetc
 	r.mtx.Lock()
 	r.stats.seriesFetchCount++
 	r.stats.seriesFetched += len(ids)
-	r.stats.seriesFetchDurationSum += time.Since(begin)
-	r.stats.seriesFetchedSizeSum += int(end - start)
+	r.stats.SeriesFetchDurationSum += time.Since(begin)
+	r.stats.SeriesFetchedSizeSum += units.Base2Bytes(int(end - start))
 	r.mtx.Unlock()
 
 	for i, id := range ids {
-		c := b[id-start:]
+		c := b[uint64(id)-start:]
 
 		l, n := binary.Uvarint(c)
 		if n < 1 {
@@ -2220,7 +2249,7 @@ func (r *bucketIndexReader) loadSeries(ctx context.Context, ids []uint64, refetc
 			level.Warn(r.block.logger).Log("msg", "series size exceeded expected size; refetching", "id", id, "series length", n+int(l), "maxSeriesSize", maxSeriesSize)
 
 			// Fetch plus to get the size of next one if exists.
-			return r.loadSeries(ctx, ids[i:], true, id, id+uint64(n+int(l)+1))
+			return r.loadSeries(ctx, ids[i:], true, uint64(id), uint64(id)+uint64(n+int(l)+1))
 		}
 		c = c[n : n+int(l)]
 		r.mtx.Lock()
@@ -2297,14 +2326,14 @@ type symbolizedLabel struct {
 // LoadSeriesForTime returns false, when there are no series data for given time range.
 //
 // Error is returned on decoding error or if the reference does not resolve to a known series.
-func (r *bucketIndexReader) LoadSeriesForTime(ref uint64, lset *[]symbolizedLabel, chks *[]chunks.Meta, skipChunks bool, mint, maxt int64) (ok bool, err error) {
+func (r *bucketIndexReader) LoadSeriesForTime(ref storage.SeriesRef, lset *[]symbolizedLabel, chks *[]chunks.Meta, skipChunks bool, mint, maxt int64) (ok bool, err error) {
 	b, ok := r.loadedSeries[ref]
 	if !ok {
 		return false, errors.Errorf("series %d not found", ref)
 	}
 
 	r.stats.seriesTouched++
-	r.stats.seriesTouchedSizeSum += len(b)
+	r.stats.SeriesTouchedSizeSum += units.Base2Bytes(len(b))
 	return decodeSeriesForTime(b, lset, chks, skipChunks, mint, maxt)
 }
 
@@ -2378,7 +2407,7 @@ func decodeSeriesForTime(b []byte, lset *[]symbolizedLabel, chks *[]chunks.Meta,
 			}
 
 			*chks = append(*chks, chunks.Meta{
-				Ref:     uint64(ref),
+				Ref:     chunks.ChunkRef(ref),
 				MinTime: mint,
 				MaxTime: maxt,
 			})
@@ -2427,7 +2456,7 @@ func (r *bucketChunkReader) Close() error {
 
 // addLoad adds the chunk with id to the data set to be fetched.
 // Chunk will be fetched and saved to res[seriesEntry][chunk] upon r.load(res, <...>) call.
-func (r *bucketChunkReader) addLoad(id uint64, seriesEntry, chunk int) error {
+func (r *bucketChunkReader) addLoad(id chunks.ChunkRef, seriesEntry, chunk int) error {
 	var (
 		seq = int(id >> 32)
 		off = uint32(id)
@@ -2487,28 +2516,36 @@ func (r *bucketChunkReader) loadChunks(ctx context.Context, res []seriesEntry, a
 
 	r.stats.chunksFetchCount++
 	r.stats.chunksFetched += len(pIdxs)
-	r.stats.chunksFetchDurationSum += time.Since(fetchBegin)
-	r.stats.chunksFetchedSizeSum += int(part.End - part.Start)
+	r.stats.ChunksFetchDurationSum += time.Since(fetchBegin)
+	r.stats.ChunksFetchedSizeSum += units.Base2Bytes(int(part.End - part.Start))
 
 	var (
-		buf        = make([]byte, EstimatedMaxChunkSize)
+		buf        []byte
 		readOffset = int(pIdxs[0].offset)
 
 		// Save a few allocations.
-		written  int64
+		written  int
 		diff     uint32
 		chunkLen int
 		n        int
 	)
 
+	bufPooled, err := r.block.chunkPool.Get(EstimatedMaxChunkSize)
+	if err == nil {
+		buf = *bufPooled
+	} else {
+		buf = make([]byte, EstimatedMaxChunkSize)
+	}
+	defer r.block.chunkPool.Put(&buf)
+
 	for i, pIdx := range pIdxs {
 		// Fast forward range reader to the next chunk start in case of sparse (for our purposes) byte range.
 		for readOffset < int(pIdx.offset) {
-			written, err = io.CopyN(ioutil.Discard, bufReader, int64(pIdx.offset)-int64(readOffset))
+			written, err = bufReader.Discard(int(pIdx.offset) - int(readOffset))
 			if err != nil {
 				return errors.Wrap(err, "fast forward range reader")
 			}
-			readOffset += int(written)
+			readOffset += written
 		}
 		// Presume chunk length to be reasonably large for common use cases.
 		// However, declaration for EstimatedMaxChunkSize warns us some chunks could be larger in some rare cases.
@@ -2541,7 +2578,7 @@ func (r *bucketChunkReader) loadChunks(ctx context.Context, res []seriesEntry, a
 				return errors.Wrap(err, "populate chunk")
 			}
 			r.stats.chunksTouched++
-			r.stats.chunksTouchedSizeSum += int(chunkDataLen)
+			r.stats.ChunksTouchedSizeSum += units.Base2Bytes(int(chunkDataLen))
 			continue
 		}
 
@@ -2565,15 +2602,15 @@ func (r *bucketChunkReader) loadChunks(ctx context.Context, res []seriesEntry, a
 		locked = true
 
 		r.stats.chunksFetchCount++
-		r.stats.chunksFetchDurationSum += time.Since(fetchBegin)
-		r.stats.chunksFetchedSizeSum += len(*nb)
+		r.stats.ChunksFetchDurationSum += time.Since(fetchBegin)
+		r.stats.ChunksFetchedSizeSum += units.Base2Bytes(len(*nb))
 		err = populateChunk(&(res[pIdx.seriesEntry].chks[pIdx.chunk]), rawChunk((*nb)[n:]), aggrs, r.save)
 		if err != nil {
 			r.block.chunkPool.Put(nb)
 			return errors.Wrap(err, "populate chunk")
 		}
 		r.stats.chunksTouched++
-		r.stats.chunksTouchedSizeSum += int(chunkDataLen)
+		r.stats.ChunksTouchedSizeSum += units.Base2Bytes(int(chunkDataLen))
 
 		r.block.chunkPool.Put(nb)
 	}
@@ -2627,79 +2664,79 @@ type queryStats struct {
 	blocksQueried int
 
 	postingsTouched          int
-	postingsTouchedSizeSum   int
+	PostingsTouchedSizeSum   units.Base2Bytes
 	postingsToFetch          int
 	postingsFetched          int
-	postingsFetchedSizeSum   int
+	PostingsFetchedSizeSum   units.Base2Bytes
 	postingsFetchCount       int
-	postingsFetchDurationSum time.Duration
+	PostingsFetchDurationSum time.Duration
 
 	cachedPostingsCompressions         int
 	cachedPostingsCompressionErrors    int
-	cachedPostingsOriginalSizeSum      int
-	cachedPostingsCompressedSizeSum    int
-	cachedPostingsCompressionTimeSum   time.Duration
+	CachedPostingsOriginalSizeSum      units.Base2Bytes
+	CachedPostingsCompressedSizeSum    units.Base2Bytes
+	CachedPostingsCompressionTimeSum   time.Duration
 	cachedPostingsDecompressions       int
 	cachedPostingsDecompressionErrors  int
-	cachedPostingsDecompressionTimeSum time.Duration
+	CachedPostingsDecompressionTimeSum time.Duration
 
 	seriesTouched          int
-	seriesTouchedSizeSum   int
+	SeriesTouchedSizeSum   units.Base2Bytes
 	seriesFetched          int
-	seriesFetchedSizeSum   int
+	SeriesFetchedSizeSum   units.Base2Bytes
 	seriesFetchCount       int
-	seriesFetchDurationSum time.Duration
+	SeriesFetchDurationSum time.Duration
 
 	chunksTouched          int
-	chunksTouchedSizeSum   int
+	ChunksTouchedSizeSum   units.Base2Bytes
 	chunksFetched          int
-	chunksFetchedSizeSum   int
+	ChunksFetchedSizeSum   units.Base2Bytes
 	chunksFetchCount       int
-	chunksFetchDurationSum time.Duration
+	ChunksFetchDurationSum time.Duration
 
-	getAllDuration    time.Duration
+	GetAllDuration    time.Duration
 	mergedSeriesCount int
 	mergedChunksCount int
-	mergeDuration     time.Duration
+	MergeDuration     time.Duration
 }
 
 func (s queryStats) merge(o *queryStats) *queryStats {
 	s.blocksQueried += o.blocksQueried
 
 	s.postingsTouched += o.postingsTouched
-	s.postingsTouchedSizeSum += o.postingsTouchedSizeSum
+	s.PostingsTouchedSizeSum += o.PostingsTouchedSizeSum
 	s.postingsFetched += o.postingsFetched
-	s.postingsFetchedSizeSum += o.postingsFetchedSizeSum
+	s.PostingsFetchedSizeSum += o.PostingsFetchedSizeSum
 	s.postingsFetchCount += o.postingsFetchCount
-	s.postingsFetchDurationSum += o.postingsFetchDurationSum
+	s.PostingsFetchDurationSum += o.PostingsFetchDurationSum
 
 	s.cachedPostingsCompressions += o.cachedPostingsCompressions
 	s.cachedPostingsCompressionErrors += o.cachedPostingsCompressionErrors
-	s.cachedPostingsOriginalSizeSum += o.cachedPostingsOriginalSizeSum
-	s.cachedPostingsCompressedSizeSum += o.cachedPostingsCompressedSizeSum
-	s.cachedPostingsCompressionTimeSum += o.cachedPostingsCompressionTimeSum
+	s.CachedPostingsOriginalSizeSum += o.CachedPostingsOriginalSizeSum
+	s.CachedPostingsCompressedSizeSum += o.CachedPostingsCompressedSizeSum
+	s.CachedPostingsCompressionTimeSum += o.CachedPostingsCompressionTimeSum
 	s.cachedPostingsDecompressions += o.cachedPostingsDecompressions
 	s.cachedPostingsDecompressionErrors += o.cachedPostingsDecompressionErrors
-	s.cachedPostingsDecompressionTimeSum += o.cachedPostingsDecompressionTimeSum
+	s.CachedPostingsDecompressionTimeSum += o.CachedPostingsDecompressionTimeSum
 
 	s.seriesTouched += o.seriesTouched
-	s.seriesTouchedSizeSum += o.seriesTouchedSizeSum
+	s.SeriesTouchedSizeSum += o.SeriesTouchedSizeSum
 	s.seriesFetched += o.seriesFetched
-	s.seriesFetchedSizeSum += o.seriesFetchedSizeSum
+	s.SeriesFetchedSizeSum += o.SeriesFetchedSizeSum
 	s.seriesFetchCount += o.seriesFetchCount
-	s.seriesFetchDurationSum += o.seriesFetchDurationSum
+	s.SeriesFetchDurationSum += o.SeriesFetchDurationSum
 
 	s.chunksTouched += o.chunksTouched
-	s.chunksTouchedSizeSum += o.chunksTouchedSizeSum
+	s.ChunksTouchedSizeSum += o.ChunksTouchedSizeSum
 	s.chunksFetched += o.chunksFetched
-	s.chunksFetchedSizeSum += o.chunksFetchedSizeSum
+	s.ChunksFetchedSizeSum += o.ChunksFetchedSizeSum
 	s.chunksFetchCount += o.chunksFetchCount
-	s.chunksFetchDurationSum += o.chunksFetchDurationSum
+	s.ChunksFetchDurationSum += o.ChunksFetchDurationSum
 
-	s.getAllDuration += o.getAllDuration
+	s.GetAllDuration += o.GetAllDuration
 	s.mergedSeriesCount += o.mergedSeriesCount
 	s.mergedChunksCount += o.mergedChunksCount
-	s.mergeDuration += o.mergeDuration
+	s.MergeDuration += o.MergeDuration
 
 	return &s
 }
diff --git a/vendor/github.com/thanos-io/thanos/pkg/store/cache/cache.go b/vendor/github.com/thanos-io/thanos/pkg/store/cache/cache.go
index 2973de7b22f..5b79a6011bd 100644
--- a/vendor/github.com/thanos-io/thanos/pkg/store/cache/cache.go
+++ b/vendor/github.com/thanos-io/thanos/pkg/store/cache/cache.go
@@ -9,7 +9,8 @@ import (
 	"strconv"
 
 	"github.com/oklog/ulid"
-	"github.com/prometheus/prometheus/pkg/labels"
+	"github.com/prometheus/prometheus/model/labels"
+	"github.com/prometheus/prometheus/storage"
 	"golang.org/x/crypto/blake2b"
 )
 
@@ -34,11 +35,11 @@ type IndexCache interface {
 	FetchMultiPostings(ctx context.Context, blockID ulid.ULID, keys []labels.Label) (hits map[labels.Label][]byte, misses []labels.Label)
 
 	// StoreSeries stores a single series.
-	StoreSeries(ctx context.Context, blockID ulid.ULID, id uint64, v []byte)
+	StoreSeries(ctx context.Context, blockID ulid.ULID, id storage.SeriesRef, v []byte)
 
 	// FetchMultiSeries fetches multiple series - each identified by ID - from the cache
 	// and returns a map containing cache hits, along with a list of missing IDs.
-	FetchMultiSeries(ctx context.Context, blockID ulid.ULID, ids []uint64) (hits map[uint64][]byte, misses []uint64)
+	FetchMultiSeries(ctx context.Context, blockID ulid.ULID, ids []storage.SeriesRef) (hits map[storage.SeriesRef][]byte, misses []storage.SeriesRef)
 }
 
 type cacheKey struct {
diff --git a/vendor/github.com/thanos-io/thanos/pkg/store/cache/caching_bucket.go b/vendor/github.com/thanos-io/thanos/pkg/store/cache/caching_bucket.go
index 2f55f2e0cd0..9ab554c467a 100644
--- a/vendor/github.com/thanos-io/thanos/pkg/store/cache/caching_bucket.go
+++ b/vendor/github.com/thanos-io/thanos/pkg/store/cache/caching_bucket.go
@@ -11,11 +11,12 @@ import (
 	"io"
 	"io/ioutil"
 	"strconv"
+	"strings"
 	"sync"
 	"time"
 
-	"github.com/go-kit/kit/log"
-	"github.com/go-kit/kit/log/level"
+	"github.com/go-kit/log"
+	"github.com/go-kit/log/level"
 	"github.com/pkg/errors"
 	"github.com/prometheus/client_golang/prometheus"
 	"github.com/prometheus/client_golang/prometheus/promauto"
@@ -31,7 +32,12 @@ const (
 	originBucket = "bucket"
 )
 
-var errObjNotFound = errors.Errorf("object not found")
+var (
+	errObjNotFound                 = errors.Errorf("object not found")
+	ErrInvalidBucketCacheKeyFormat = errors.New("key has invalid format")
+	ErrInvalidBucketCacheKeyVerb   = errors.New("key has invalid verb")
+	ErrParseKeyInt                 = errors.New("failed to parse integer in key")
+)
 
 // CachingBucket implementation that provides some caching features, based on passed configuration.
 type CachingBucket struct {
@@ -130,8 +136,8 @@ func (cb *CachingBucket) Iter(ctx context.Context, dir string, f func(string) er
 	}
 
 	cb.operationRequests.WithLabelValues(objstore.OpIter, cfgName).Inc()
-
-	key := cachingKeyIter(dir)
+	iterVerb := BucketCacheKey{Verb: IterVerb, Name: dir}
+	key := iterVerb.String()
 	data := cfg.cache.Fetch(ctx, []string{key})
 	if data[key] != nil {
 		list, err := cfg.codec.Decode(data[key])
@@ -176,7 +182,8 @@ func (cb *CachingBucket) Exists(ctx context.Context, name string) (bool, error)
 
 	cb.operationRequests.WithLabelValues(objstore.OpExists, cfgName).Inc()
 
-	key := cachingKeyExists(name)
+	existsVerb := BucketCacheKey{Verb: ExistsVerb, Name: name}
+	key := existsVerb.String()
 	hits := cfg.cache.Fetch(ctx, []string{key})
 
 	if ex := hits[key]; ex != nil {
@@ -218,8 +225,10 @@ func (cb *CachingBucket) Get(ctx context.Context, name string) (io.ReadCloser, e
 
 	cb.operationRequests.WithLabelValues(objstore.OpGet, cfgName).Inc()
 
-	contentKey := cachingKeyContent(name)
-	existsKey := cachingKeyExists(name)
+	contentVerb := BucketCacheKey{Verb: ContentVerb, Name: name}
+	contentKey := contentVerb.String()
+	existsVerb := BucketCacheKey{Verb: ExistsVerb, Name: name}
+	existsKey := existsVerb.String()
 
 	hits := cfg.cache.Fetch(ctx, []string{contentKey, existsKey})
 	if hits[contentKey] != nil {
@@ -286,7 +295,8 @@ func (cb *CachingBucket) Attributes(ctx context.Context, name string) (objstore.
 }
 
 func (cb *CachingBucket) cachedAttributes(ctx context.Context, name, cfgName string, cache cache.Cache, ttl time.Duration) (objstore.ObjectAttributes, error) {
-	key := cachingKeyAttributes(name)
+	attrVerb := BucketCacheKey{Verb: AttributesVerb, Name: name}
+	key := attrVerb.String()
 
 	cb.operationRequests.WithLabelValues(objstore.OpAttributes, cfgName).Inc()
 
@@ -357,8 +367,8 @@ func (cb *CachingBucket) cachedGetRange(ctx context.Context, name string, offset
 			end = attrs.Size
 		}
 		totalRequestedBytes += (end - off)
-
-		k := cachingKeyObjectSubrange(name, off, end)
+		objectSubrange := BucketCacheKey{Verb: SubrangeVerb, Name: name, Start: off, End: end}
+		k := objectSubrange.String()
 		keys = append(keys, k)
 		offsetKeys[off] = k
 	}
@@ -421,6 +431,19 @@ func (cb *CachingBucket) fetchMissingSubranges(ctx context.Context, name string,
 			}
 			defer runutil.CloseWithLogOnErr(cb.logger, r, "fetching range [%d, %d]", m.start, m.end)
 
+			var bufSize int64
+			if lastSubrangeOffset >= m.end {
+				bufSize = m.end - m.start
+			} else {
+				bufSize = ((m.end - m.start) - cfg.subrangeSize) + int64(lastSubrangeLength)
+			}
+
+			buf := make([]byte, bufSize)
+			_, err = io.ReadFull(r, buf)
+			if err != nil {
+				return errors.Wrapf(err, "fetching range [%d, %d]", m.start, m.end)
+			}
+
 			for off := m.start; off < m.end && gctx.Err() == nil; off += cfg.subrangeSize {
 				key := cacheKeys[off]
 				if key == "" {
@@ -432,13 +455,9 @@ func (cb *CachingBucket) fetchMissingSubranges(ctx context.Context, name string,
 				if off == lastSubrangeOffset {
 					// The very last subrange in the object may have different length,
 					// if object length isn't divisible by subrange size.
-					subrangeData = make([]byte, lastSubrangeLength)
+					subrangeData = buf[off-m.start : off-m.start+int64(lastSubrangeLength)]
 				} else {
-					subrangeData = make([]byte, cfg.subrangeSize)
-				}
-				_, err := io.ReadFull(r, subrangeData)
-				if err != nil {
-					return errors.Wrapf(err, "fetching range [%d, %d]", m.start, m.end)
+					subrangeData = buf[off-m.start : off-m.start+cfg.subrangeSize]
 				}
 
 				storeToCache := false
@@ -482,24 +501,86 @@ func mergeRanges(input []rng, limit int64) []rng {
 	return input[:last+1]
 }
 
-func cachingKeyAttributes(name string) string {
-	return fmt.Sprintf("attrs:%s", name)
-}
+// VerbType is the type of operation whose result has been stored in the caching bucket's cache.
+type VerbType string
+
+const (
+	ExistsVerb     VerbType = "exists"
+	ContentVerb    VerbType = "content"
+	IterVerb       VerbType = "iter"
+	AttributesVerb VerbType = "attrs"
+	SubrangeVerb   VerbType = "subrange"
+)
 
-func cachingKeyObjectSubrange(name string, start, end int64) string {
-	return fmt.Sprintf("subrange:%s:%d:%d", name, start, end)
+type BucketCacheKey struct {
+	Verb  VerbType
+	Name  string
+	Start int64
+	End   int64
 }
 
-func cachingKeyIter(name string) string {
-	return fmt.Sprintf("iter:%s", name)
+// String returns the string representation of BucketCacheKey.
+func (ck BucketCacheKey) String() string {
+	if ck.Start == 0 && ck.End == 0 {
+		return fmt.Sprintf("%s:%s", ck.Verb, ck.Name)
+	}
+
+	return fmt.Sprintf("%s:%s:%d:%d", ck.Verb, ck.Name, ck.Start, ck.End)
 }
 
-func cachingKeyExists(name string) string {
-	return fmt.Sprintf("exists:%s", name)
+// IsValidVerb checks if the VerbType matches the predefined verbs.
+func IsValidVerb(v VerbType) bool {
+	switch v {
+	case
+		ExistsVerb,
+		ContentVerb,
+		IterVerb,
+		AttributesVerb,
+		SubrangeVerb:
+		return true
+	}
+	return false
 }
 
-func cachingKeyContent(name string) string {
-	return fmt.Sprintf("content:%s", name)
+// ParseBucketCacheKey parses a string and returns BucketCacheKey.
+func ParseBucketCacheKey(key string) (BucketCacheKey, error) {
+	ck := BucketCacheKey{}
+	slice := strings.Split(key, ":")
+	if len(slice) < 2 {
+		return ck, ErrInvalidBucketCacheKeyFormat
+	}
+
+	verb := VerbType(slice[0])
+	if !IsValidVerb(verb) {
+		return BucketCacheKey{}, ErrInvalidBucketCacheKeyVerb
+	}
+
+	if verb == SubrangeVerb {
+		if len(slice) != 4 {
+			return BucketCacheKey{}, ErrInvalidBucketCacheKeyFormat
+		}
+
+		start, err := strconv.ParseInt(slice[2], 10, 64)
+		if err != nil {
+			return BucketCacheKey{}, ErrParseKeyInt
+		}
+
+		end, err := strconv.ParseInt(slice[3], 10, 64)
+		if err != nil {
+			return BucketCacheKey{}, ErrParseKeyInt
+		}
+
+		ck.Start = start
+		ck.End = end
+	} else {
+		if len(slice) != 2 {
+			return BucketCacheKey{}, ErrInvalidBucketCacheKeyFormat
+		}
+	}
+
+	ck.Verb = verb
+	ck.Name = slice[1]
+	return ck, nil
 }
 
 // Reader implementation that uses in-memory subranges.
diff --git a/vendor/github.com/thanos-io/thanos/pkg/store/cache/caching_bucket_factory.go b/vendor/github.com/thanos-io/thanos/pkg/store/cache/caching_bucket_factory.go
index c9030a040ac..7ba4a6da81a 100644
--- a/vendor/github.com/thanos-io/thanos/pkg/store/cache/caching_bucket_factory.go
+++ b/vendor/github.com/thanos-io/thanos/pkg/store/cache/caching_bucket_factory.go
@@ -8,8 +8,8 @@ import (
 	"strings"
 	"time"
 
-	"github.com/go-kit/kit/log"
-	"github.com/go-kit/kit/log/level"
+	"github.com/go-kit/log"
+	"github.com/go-kit/log/level"
 	"github.com/pkg/errors"
 	"github.com/prometheus/client_golang/prometheus"
 	"gopkg.in/yaml.v2"
@@ -27,6 +27,7 @@ type BucketCacheProvider string
 const (
 	InMemoryBucketCacheProvider  BucketCacheProvider = "IN-MEMORY" // In-memory cache-provider for caching bucket.
 	MemcachedBucketCacheProvider BucketCacheProvider = "MEMCACHED" // Memcached cache-provider for caching bucket.
+	RedisBucketCacheProvider     BucketCacheProvider = "REDIS"     // Redis cache-provider for caching bucket.
 )
 
 // CachingWithBackendConfig is a configuration of caching bucket used by Store component.
@@ -86,7 +87,7 @@ func NewCachingBucketFromYaml(yamlContent []byte, bucket objstore.Bucket, logger
 
 	switch strings.ToUpper(string(config.Type)) {
 	case string(MemcachedBucketCacheProvider):
-		var memcached cacheutil.MemcachedClient
+		var memcached cacheutil.RemoteCacheClient
 		memcached, err := cacheutil.NewMemcachedClient(logger, "caching-bucket", backendConfig, reg)
 		if err != nil {
 			return nil, errors.Wrapf(err, "failed to create memcached client")
@@ -97,6 +98,12 @@ func NewCachingBucketFromYaml(yamlContent []byte, bucket objstore.Bucket, logger
 		if err != nil {
 			return nil, errors.Wrapf(err, "failed to create inmemory cache")
 		}
+	case string(RedisBucketCacheProvider):
+		redisCache, err := cacheutil.NewRedisClient(logger, "caching-bucket", backendConfig, reg)
+		if err != nil {
+			return nil, errors.Wrapf(err, "failed to create memcached client")
+		}
+		c = cache.NewRedisCache("caching-bucket", logger, redisCache, reg)
 	default:
 		return nil, errors.Errorf("unsupported cache type: %s", config.Type)
 	}
diff --git a/vendor/github.com/thanos-io/thanos/pkg/store/cache/factory.go b/vendor/github.com/thanos-io/thanos/pkg/store/cache/factory.go
index e67251d3c76..9b4103a26d8 100644
--- a/vendor/github.com/thanos-io/thanos/pkg/store/cache/factory.go
+++ b/vendor/github.com/thanos-io/thanos/pkg/store/cache/factory.go
@@ -7,12 +7,13 @@ import (
 	"fmt"
 	"strings"
 
-	"github.com/go-kit/kit/log"
-	"github.com/go-kit/kit/log/level"
+	"github.com/go-kit/log"
+	"github.com/go-kit/log/level"
 	"github.com/pkg/errors"
 	"github.com/prometheus/client_golang/prometheus"
-	"github.com/thanos-io/thanos/pkg/cacheutil"
 	"gopkg.in/yaml.v2"
+
+	"github.com/thanos-io/thanos/pkg/cacheutil"
 )
 
 type IndexCacheProvider string
@@ -20,6 +21,7 @@ type IndexCacheProvider string
 const (
 	INMEMORY  IndexCacheProvider = "IN-MEMORY"
 	MEMCACHED IndexCacheProvider = "MEMCACHED"
+	REDIS     IndexCacheProvider = "REDIS"
 )
 
 // IndexCacheConfig specifies the index cache config.
@@ -46,10 +48,16 @@ func NewIndexCache(logger log.Logger, confContentYaml []byte, reg prometheus.Reg
 	case string(INMEMORY):
 		cache, err = NewInMemoryIndexCache(logger, reg, backendConfig)
 	case string(MEMCACHED):
-		var memcached cacheutil.MemcachedClient
+		var memcached cacheutil.RemoteCacheClient
 		memcached, err = cacheutil.NewMemcachedClient(logger, "index-cache", backendConfig, reg)
 		if err == nil {
-			cache, err = NewMemcachedIndexCache(logger, memcached, reg)
+			cache, err = NewRemoteIndexCache(logger, memcached, reg)
+		}
+	case string(REDIS):
+		var redisCache cacheutil.RemoteCacheClient
+		redisCache, err = cacheutil.NewRedisClient(logger, "index-cache", backendConfig, reg)
+		if err == nil {
+			cache, err = NewRemoteIndexCache(logger, redisCache, reg)
 		}
 	default:
 		return nil, errors.Errorf("index cache with type %s is not supported", cacheConfig.Type)
diff --git a/vendor/github.com/thanos-io/thanos/pkg/store/cache/inmemory.go b/vendor/github.com/thanos-io/thanos/pkg/store/cache/inmemory.go
index f91ec5de48e..1665601a821 100644
--- a/vendor/github.com/thanos-io/thanos/pkg/store/cache/inmemory.go
+++ b/vendor/github.com/thanos-io/thanos/pkg/store/cache/inmemory.go
@@ -9,16 +9,18 @@ import (
 	"sync"
 	"unsafe"
 
-	"github.com/go-kit/kit/log"
-	"github.com/go-kit/kit/log/level"
+	"github.com/go-kit/log"
+	"github.com/go-kit/log/level"
 	lru "github.com/hashicorp/golang-lru/simplelru"
 	"github.com/oklog/ulid"
 	"github.com/pkg/errors"
 	"github.com/prometheus/client_golang/prometheus"
 	"github.com/prometheus/client_golang/prometheus/promauto"
-	"github.com/prometheus/prometheus/pkg/labels"
-	"github.com/thanos-io/thanos/pkg/model"
+	"github.com/prometheus/prometheus/model/labels"
+	"github.com/prometheus/prometheus/storage"
 	"gopkg.in/yaml.v2"
+
+	"github.com/thanos-io/thanos/pkg/model"
 )
 
 var (
@@ -310,14 +312,14 @@ func (c *InMemoryIndexCache) FetchMultiPostings(_ context.Context, blockID ulid.
 
 // StoreSeries sets the series identified by the ulid and id to the value v,
 // if the series already exists in the cache it is not mutated.
-func (c *InMemoryIndexCache) StoreSeries(_ context.Context, blockID ulid.ULID, id uint64, v []byte) {
+func (c *InMemoryIndexCache) StoreSeries(_ context.Context, blockID ulid.ULID, id storage.SeriesRef, v []byte) {
 	c.set(cacheTypeSeries, cacheKey{blockID, cacheKeySeries(id)}, v)
 }
 
 // FetchMultiSeries fetches multiple series - each identified by ID - from the cache
 // and returns a map containing cache hits, along with a list of missing IDs.
-func (c *InMemoryIndexCache) FetchMultiSeries(_ context.Context, blockID ulid.ULID, ids []uint64) (hits map[uint64][]byte, misses []uint64) {
-	hits = map[uint64][]byte{}
+func (c *InMemoryIndexCache) FetchMultiSeries(_ context.Context, blockID ulid.ULID, ids []storage.SeriesRef) (hits map[storage.SeriesRef][]byte, misses []storage.SeriesRef) {
+	hits = map[storage.SeriesRef][]byte{}
 
 	for _, id := range ids {
 		if b, ok := c.get(cacheTypeSeries, cacheKey{blockID, cacheKeySeries(id)}); ok {
diff --git a/vendor/github.com/thanos-io/thanos/pkg/store/cache/memcached.go b/vendor/github.com/thanos-io/thanos/pkg/store/cache/memcached.go
index abd2b3659d5..a103667c769 100644
--- a/vendor/github.com/thanos-io/thanos/pkg/store/cache/memcached.go
+++ b/vendor/github.com/thanos-io/thanos/pkg/store/cache/memcached.go
@@ -7,12 +7,13 @@ import (
 	"context"
 	"time"
 
-	"github.com/go-kit/kit/log"
-	"github.com/go-kit/kit/log/level"
+	"github.com/go-kit/log"
+	"github.com/go-kit/log/level"
 	"github.com/oklog/ulid"
 	"github.com/prometheus/client_golang/prometheus"
 	"github.com/prometheus/client_golang/prometheus/promauto"
-	"github.com/prometheus/prometheus/pkg/labels"
+	"github.com/prometheus/prometheus/model/labels"
+	"github.com/prometheus/prometheus/storage"
 
 	"github.com/thanos-io/thanos/pkg/cacheutil"
 )
@@ -21,21 +22,21 @@ const (
 	memcachedDefaultTTL = 24 * time.Hour
 )
 
-// MemcachedIndexCache is a memcached-based index cache.
-type MemcachedIndexCache struct {
+// RemoteIndexCache is a memcached-based index cache.
+type RemoteIndexCache struct {
 	logger    log.Logger
-	memcached cacheutil.MemcachedClient
+	memcached cacheutil.RemoteCacheClient
 
 	// Metrics.
 	requests *prometheus.CounterVec
 	hits     *prometheus.CounterVec
 }
 
-// NewMemcachedIndexCache makes a new MemcachedIndexCache.
-func NewMemcachedIndexCache(logger log.Logger, memcached cacheutil.MemcachedClient, reg prometheus.Registerer) (*MemcachedIndexCache, error) {
-	c := &MemcachedIndexCache{
+// NewRemoteIndexCache makes a new RemoteIndexCache.
+func NewRemoteIndexCache(logger log.Logger, cacheClient cacheutil.RemoteCacheClient, reg prometheus.Registerer) (*RemoteIndexCache, error) {
+	c := &RemoteIndexCache{
 		logger:    logger,
-		memcached: memcached,
+		memcached: cacheClient,
 	}
 
 	c.requests = promauto.With(reg).NewCounterVec(prometheus.CounterOpts{
@@ -52,7 +53,7 @@ func NewMemcachedIndexCache(logger log.Logger, memcached cacheutil.MemcachedClie
 	c.hits.WithLabelValues(cacheTypePostings)
 	c.hits.WithLabelValues(cacheTypeSeries)
 
-	level.Info(logger).Log("msg", "created memcached index cache")
+	level.Info(logger).Log("msg", "created cacheClient index cache")
 
 	return c, nil
 }
@@ -60,7 +61,7 @@ func NewMemcachedIndexCache(logger log.Logger, memcached cacheutil.MemcachedClie
 // StorePostings sets the postings identified by the ulid and label to the value v.
 // The function enqueues the request and returns immediately: the entry will be
 // asynchronously stored in the cache.
-func (c *MemcachedIndexCache) StorePostings(ctx context.Context, blockID ulid.ULID, l labels.Label, v []byte) {
+func (c *RemoteIndexCache) StorePostings(ctx context.Context, blockID ulid.ULID, l labels.Label, v []byte) {
 	key := cacheKey{blockID, cacheKeyPostings(l)}.string()
 
 	if err := c.memcached.SetAsync(ctx, key, v, memcachedDefaultTTL); err != nil {
@@ -71,7 +72,7 @@ func (c *MemcachedIndexCache) StorePostings(ctx context.Context, blockID ulid.UL
 // FetchMultiPostings fetches multiple postings - each identified by a label -
 // and returns a map containing cache hits, along with a list of missing keys.
 // In case of error, it logs and return an empty cache hits map.
-func (c *MemcachedIndexCache) FetchMultiPostings(ctx context.Context, blockID ulid.ULID, lbls []labels.Label) (hits map[labels.Label][]byte, misses []labels.Label) {
+func (c *RemoteIndexCache) FetchMultiPostings(ctx context.Context, blockID ulid.ULID, lbls []labels.Label) (hits map[labels.Label][]byte, misses []labels.Label) {
 	// Build the cache keys, while keeping a map between input label and the cache key
 	// so that we can easily reverse it back after the GetMulti().
 	keys := make([]string, 0, len(lbls))
@@ -120,7 +121,7 @@ func (c *MemcachedIndexCache) FetchMultiPostings(ctx context.Context, blockID ul
 // StoreSeries sets the series identified by the ulid and id to the value v.
 // The function enqueues the request and returns immediately: the entry will be
 // asynchronously stored in the cache.
-func (c *MemcachedIndexCache) StoreSeries(ctx context.Context, blockID ulid.ULID, id uint64, v []byte) {
+func (c *RemoteIndexCache) StoreSeries(ctx context.Context, blockID ulid.ULID, id storage.SeriesRef, v []byte) {
 	key := cacheKey{blockID, cacheKeySeries(id)}.string()
 
 	if err := c.memcached.SetAsync(ctx, key, v, memcachedDefaultTTL); err != nil {
@@ -131,11 +132,11 @@ func (c *MemcachedIndexCache) StoreSeries(ctx context.Context, blockID ulid.ULID
 // FetchMultiSeries fetches multiple series - each identified by ID - from the cache
 // and returns a map containing cache hits, along with a list of missing IDs.
 // In case of error, it logs and return an empty cache hits map.
-func (c *MemcachedIndexCache) FetchMultiSeries(ctx context.Context, blockID ulid.ULID, ids []uint64) (hits map[uint64][]byte, misses []uint64) {
+func (c *RemoteIndexCache) FetchMultiSeries(ctx context.Context, blockID ulid.ULID, ids []storage.SeriesRef) (hits map[storage.SeriesRef][]byte, misses []storage.SeriesRef) {
 	// Build the cache keys, while keeping a map between input id and the cache key
 	// so that we can easily reverse it back after the GetMulti().
 	keys := make([]string, 0, len(ids))
-	keysMapping := map[uint64]string{}
+	keysMapping := map[storage.SeriesRef]string{}
 
 	for _, id := range ids {
 		key := cacheKey{blockID, cacheKeySeries(id)}.string()
@@ -153,7 +154,7 @@ func (c *MemcachedIndexCache) FetchMultiSeries(ctx context.Context, blockID ulid
 
 	// Construct the resulting hits map and list of missing keys. We iterate on the input
 	// list of ids to be able to easily create the list of ones in a single iteration.
-	hits = map[uint64][]byte{}
+	hits = map[storage.SeriesRef][]byte{}
 
 	for _, id := range ids {
 		key, ok := keysMapping[id]
@@ -176,3 +177,8 @@ func (c *MemcachedIndexCache) FetchMultiSeries(ctx context.Context, blockID ulid
 	c.hits.WithLabelValues(cacheTypeSeries).Add(float64(len(hits)))
 	return hits, misses
 }
+
+// NewMemcachedIndexCache is alias NewRemoteIndexCache for compatible.
+func NewMemcachedIndexCache(logger log.Logger, memcached cacheutil.RemoteCacheClient, reg prometheus.Registerer) (*RemoteIndexCache, error) {
+	return NewRemoteIndexCache(logger, memcached, reg)
+}
diff --git a/vendor/github.com/thanos-io/thanos/pkg/store/labelpb/label.go b/vendor/github.com/thanos-io/thanos/pkg/store/labelpb/label.go
index 5c1baeaaba0..69a69f029b5 100644
--- a/vendor/github.com/thanos-io/thanos/pkg/store/labelpb/label.go
+++ b/vendor/github.com/thanos-io/thanos/pkg/store/labelpb/label.go
@@ -16,7 +16,7 @@ import (
 
 	"github.com/cespare/xxhash/v2"
 	"github.com/pkg/errors"
-	"github.com/prometheus/prometheus/pkg/labels"
+	"github.com/prometheus/prometheus/model/labels"
 )
 
 var sep = []byte{'\xff'}
diff --git a/vendor/github.com/thanos-io/thanos/pkg/store/local.go b/vendor/github.com/thanos-io/thanos/pkg/store/local.go
index a7a7583bdff..5cc20ee4600 100644
--- a/vendor/github.com/thanos-io/thanos/pkg/store/local.go
+++ b/vendor/github.com/thanos-io/thanos/pkg/store/local.go
@@ -11,11 +11,11 @@ import (
 	"math"
 	"sort"
 
-	"github.com/go-kit/kit/log"
-	"github.com/go-kit/kit/log/level"
+	"github.com/go-kit/log"
+	"github.com/go-kit/log/level"
 	"github.com/gogo/protobuf/jsonpb"
 	"github.com/pkg/errors"
-	"github.com/prometheus/prometheus/pkg/labels"
+	"github.com/prometheus/prometheus/model/labels"
 	"github.com/prometheus/prometheus/tsdb/fileutil"
 	"google.golang.org/grpc/codes"
 	"google.golang.org/grpc/status"
diff --git a/vendor/github.com/thanos-io/thanos/pkg/store/multitsdb.go b/vendor/github.com/thanos-io/thanos/pkg/store/multitsdb.go
index 0069b32908c..12b848230cf 100644
--- a/vendor/github.com/thanos-io/thanos/pkg/store/multitsdb.go
+++ b/vendor/github.com/thanos-io/thanos/pkg/store/multitsdb.go
@@ -7,14 +7,15 @@ import (
 	"context"
 	"fmt"
 	"io"
+	"math"
 	"sync"
 
-	"github.com/go-kit/kit/log"
+	"github.com/go-kit/log"
 	grpc_opentracing "github.com/grpc-ecosystem/go-grpc-middleware/v2/interceptors/tracing"
 	"github.com/opentracing/opentracing-go"
 	"github.com/pkg/errors"
 	"github.com/prometheus/client_golang/prometheus"
-	"github.com/prometheus/prometheus/pkg/labels"
+	"github.com/prometheus/prometheus/model/labels"
 	"golang.org/x/sync/errgroup"
 	"google.golang.org/grpc"
 	"google.golang.org/grpc/codes"
@@ -28,16 +29,24 @@ import (
 	"github.com/thanos-io/thanos/pkg/tracing"
 )
 
+// InfoStoreServer packs a store server with extra methods in order
+// to be able to obtain information about a particular store.
+type InfoStoreServer interface {
+	storepb.StoreServer
+	LabelSet() []labelpb.ZLabelSet
+	TimeRange() (int64, int64)
+}
+
 // MultiTSDBStore implements the Store interface backed by multiple TSDBStore instances.
 // TODO(bwplotka): Remove this and use Proxy instead. Details: https://github.com/thanos-io/thanos/issues/2864
 type MultiTSDBStore struct {
 	logger     log.Logger
 	component  component.SourceStoreAPI
-	tsdbStores func() map[string]storepb.StoreServer
+	tsdbStores func() map[string]InfoStoreServer
 }
 
 // NewMultiTSDBStore creates a new MultiTSDBStore.
-func NewMultiTSDBStore(logger log.Logger, _ prometheus.Registerer, component component.SourceStoreAPI, tsdbStores func() map[string]storepb.StoreServer) *MultiTSDBStore {
+func NewMultiTSDBStore(logger log.Logger, _ prometheus.Registerer, component component.SourceStoreAPI, tsdbStores func() map[string]InfoStoreServer) *MultiTSDBStore {
 	if logger == nil {
 		logger = log.NewNopLogger()
 	}
@@ -90,6 +99,42 @@ func (s *MultiTSDBStore) Info(ctx context.Context, req *storepb.InfoRequest) (*s
 	return resp, nil
 }
 
+func (s *MultiTSDBStore) LabelSet() []labelpb.ZLabelSet {
+	stores := s.tsdbStores()
+	if len(stores) == 0 {
+		return []labelpb.ZLabelSet{}
+	}
+
+	// We can rely on every underlying TSDB to only have one labelset, so this
+	// will always allocate the correct length immediately.
+	lsets := make([]labelpb.ZLabelSet, 0, len(stores))
+	for _, store := range stores {
+		lsets = append(lsets, store.LabelSet()...)
+	}
+
+	return lsets
+}
+
+func (s *MultiTSDBStore) TimeRange() (int64, int64) {
+	stores := s.tsdbStores()
+	if len(stores) == 0 {
+		return math.MinInt64, math.MaxInt64
+	}
+
+	var minTime, maxTime int64 = math.MaxInt64, math.MinInt64
+	for _, store := range stores {
+		storeMinTime, storeMaxTime := store.TimeRange()
+		if minTime > storeMinTime {
+			minTime = storeMinTime
+		}
+		if maxTime < storeMaxTime {
+			maxTime = storeMaxTime
+		}
+	}
+
+	return minTime, maxTime
+}
+
 type tenantSeriesSetServer struct {
 	grpc.ServerStream
 
diff --git a/vendor/github.com/thanos-io/thanos/pkg/store/postings_codec.go b/vendor/github.com/thanos-io/thanos/pkg/store/postings_codec.go
index 8f518066328..3920049227c 100644
--- a/vendor/github.com/thanos-io/thanos/pkg/store/postings_codec.go
+++ b/vendor/github.com/thanos-io/thanos/pkg/store/postings_codec.go
@@ -8,6 +8,7 @@ import (
 
 	"github.com/golang/snappy"
 	"github.com/pkg/errors"
+	"github.com/prometheus/prometheus/storage"
 	"github.com/prometheus/prometheus/tsdb/encoding"
 	"github.com/prometheus/prometheus/tsdb/index"
 )
@@ -63,7 +64,7 @@ func diffVarintEncodeNoHeader(p index.Postings, length int) ([]byte, error) {
 		buf.B = make([]byte, 0, 5*length/4)
 	}
 
-	prev := uint64(0)
+	prev := storage.SeriesRef(0)
 	for p.Next() {
 		v := p.At()
 		if v < prev {
@@ -71,7 +72,7 @@ func diffVarintEncodeNoHeader(p index.Postings, length int) ([]byte, error) {
 		}
 
 		// This is the 'diff' part -- compute difference from previous value.
-		buf.PutUvarint64(v - prev)
+		buf.PutUvarint64(uint64(v - prev))
 		prev = v
 	}
 	if p.Err() != nil {
@@ -101,10 +102,10 @@ func newDiffVarintPostings(input []byte) *diffVarintPostings {
 // diffVarintPostings is an implementation of index.Postings based on diff+varint encoded data.
 type diffVarintPostings struct {
 	buf *encoding.Decbuf
-	cur uint64
+	cur storage.SeriesRef
 }
 
-func (it *diffVarintPostings) At() uint64 {
+func (it *diffVarintPostings) At() storage.SeriesRef {
 	return it.cur
 }
 
@@ -118,11 +119,11 @@ func (it *diffVarintPostings) Next() bool {
 		return false
 	}
 
-	it.cur = it.cur + val
+	it.cur = it.cur + storage.SeriesRef(val)
 	return true
 }
 
-func (it *diffVarintPostings) Seek(x uint64) bool {
+func (it *diffVarintPostings) Seek(x storage.SeriesRef) bool {
 	if it.cur >= x {
 		return true
 	}
diff --git a/vendor/github.com/thanos-io/thanos/pkg/store/prometheus.go b/vendor/github.com/thanos-io/thanos/pkg/store/prometheus.go
index 2952e4467b7..69010107e76 100644
--- a/vendor/github.com/thanos-io/thanos/pkg/store/prometheus.go
+++ b/vendor/github.com/thanos-io/thanos/pkg/store/prometheus.go
@@ -17,24 +17,24 @@ import (
 	"sync"
 
 	"github.com/blang/semver/v4"
-	"github.com/go-kit/kit/log"
-	"github.com/go-kit/kit/log/level"
+	"github.com/go-kit/log"
+	"github.com/go-kit/log/level"
 	"github.com/gogo/protobuf/proto"
 	"github.com/golang/snappy"
 	"github.com/pkg/errors"
 	"github.com/prometheus/client_golang/prometheus"
 	"github.com/prometheus/client_golang/prometheus/promauto"
-	"github.com/prometheus/prometheus/pkg/labels"
+	"github.com/prometheus/prometheus/model/labels"
 	"github.com/prometheus/prometheus/storage/remote"
 	"github.com/prometheus/prometheus/tsdb/chunkenc"
-	"github.com/thanos-io/thanos/pkg/store/labelpb"
 	"google.golang.org/grpc/codes"
 	"google.golang.org/grpc/status"
 
 	"github.com/thanos-io/thanos/pkg/component"
-	thanoshttp "github.com/thanos-io/thanos/pkg/http"
+	"github.com/thanos-io/thanos/pkg/httpconfig"
 	"github.com/thanos-io/thanos/pkg/promclient"
 	"github.com/thanos-io/thanos/pkg/runutil"
+	"github.com/thanos-io/thanos/pkg/store/labelpb"
 	"github.com/thanos-io/thanos/pkg/store/storepb"
 	"github.com/thanos-io/thanos/pkg/store/storepb/prompb"
 	"github.com/thanos-io/thanos/pkg/tracing"
@@ -48,8 +48,8 @@ type PrometheusStore struct {
 	buffers          sync.Pool
 	component        component.StoreAPI
 	externalLabelsFn func() labels.Labels
-	timestamps       func() (mint int64, maxt int64)
 	promVersion      func() string
+	timestamps       func() (mint int64, maxt int64)
 
 	remoteReadAcceptableResponses []prompb.ReadRequest_ResponseType
 
@@ -84,8 +84,8 @@ func NewPrometheusStore(
 		client:                        client,
 		component:                     component,
 		externalLabelsFn:              externalLabelsFn,
-		timestamps:                    timestamps,
 		promVersion:                   promVersion,
+		timestamps:                    timestamps,
 		remoteReadAcceptableResponses: []prompb.ReadRequest_ResponseType{prompb.ReadRequest_STREAMED_XOR_CHUNKS, prompb.ReadRequest_SAMPLES},
 		buffers: sync.Pool{New: func() interface{} {
 			b := make([]byte, 0, initialBufSize)
@@ -441,7 +441,7 @@ func (p *PrometheusStore) startPromRemoteRead(ctx context.Context, q *prompb.Que
 	preq.Header.Set("Content-Type", "application/x-stream-protobuf")
 	preq.Header.Set("X-Prometheus-Remote-Read-Version", "0.1.0")
 
-	preq.Header.Set("User-Agent", thanoshttp.ThanosUserAgent)
+	preq.Header.Set("User-Agent", httpconfig.ThanosUserAgent)
 	presp, err = p.client.Do(preq.WithContext(ctx))
 	if err != nil {
 		return nil, errors.Wrap(err, "send request")
@@ -607,3 +607,23 @@ func (p *PrometheusStore) LabelValues(ctx context.Context, r *storepb.LabelValue
 	sort.Strings(vals)
 	return &storepb.LabelValuesResponse{Values: vals}, nil
 }
+
+func (p *PrometheusStore) LabelSet() []labelpb.ZLabelSet {
+	lset := p.externalLabelsFn()
+
+	labels := make([]labelpb.ZLabel, 0, len(lset))
+	labels = append(labels, labelpb.ZLabelsFromPromLabels(lset)...)
+
+	labelset := []labelpb.ZLabelSet{}
+	if len(labels) > 0 {
+		labelset = append(labelset, labelpb.ZLabelSet{
+			Labels: labels,
+		})
+	}
+
+	return labelset
+}
+
+func (p *PrometheusStore) Timestamps() (mint int64, maxt int64) {
+	return p.timestamps()
+}
diff --git a/vendor/github.com/thanos-io/thanos/pkg/store/proxy.go b/vendor/github.com/thanos-io/thanos/pkg/store/proxy.go
index 40f47a42f8d..c6b0c098d86 100644
--- a/vendor/github.com/thanos-io/thanos/pkg/store/proxy.go
+++ b/vendor/github.com/thanos-io/thanos/pkg/store/proxy.go
@@ -12,23 +12,24 @@ import (
 	"sync"
 	"time"
 
-	"github.com/go-kit/kit/log"
-	"github.com/go-kit/kit/log/level"
+	"github.com/go-kit/log"
+	"github.com/go-kit/log/level"
 	grpc_opentracing "github.com/grpc-ecosystem/go-grpc-middleware/v2/interceptors/tracing"
 	"github.com/opentracing/opentracing-go"
 	"github.com/pkg/errors"
 	"github.com/prometheus/client_golang/prometheus"
 	"github.com/prometheus/client_golang/prometheus/promauto"
-	"github.com/prometheus/prometheus/pkg/labels"
+	"github.com/prometheus/prometheus/model/labels"
+	"golang.org/x/sync/errgroup"
+	"google.golang.org/grpc"
+	"google.golang.org/grpc/codes"
+	"google.golang.org/grpc/status"
+
 	"github.com/thanos-io/thanos/pkg/component"
 	"github.com/thanos-io/thanos/pkg/store/labelpb"
 	"github.com/thanos-io/thanos/pkg/store/storepb"
 	"github.com/thanos-io/thanos/pkg/strutil"
 	"github.com/thanos-io/thanos/pkg/tracing"
-	"golang.org/x/sync/errgroup"
-	"google.golang.org/grpc"
-	"google.golang.org/grpc/codes"
-	"google.golang.org/grpc/status"
 )
 
 type ctxKey int
@@ -166,6 +167,56 @@ func (s *ProxyStore) Info(_ context.Context, _ *storepb.InfoRequest) (*storepb.I
 	return res, nil
 }
 
+func (s *ProxyStore) LabelSet() []labelpb.ZLabelSet {
+	stores := s.stores()
+	if len(stores) == 0 {
+		return []labelpb.ZLabelSet{}
+	}
+
+	mergedLabelSets := make(map[uint64]labelpb.ZLabelSet, len(stores))
+	for _, st := range stores {
+		for _, lset := range st.LabelSets() {
+			mergedLabelSet := labelpb.ExtendSortedLabels(lset, s.selectorLabels)
+			mergedLabelSets[mergedLabelSet.Hash()] = labelpb.ZLabelSet{Labels: labelpb.ZLabelsFromPromLabels(mergedLabelSet)}
+		}
+	}
+
+	labelSets := make([]labelpb.ZLabelSet, 0, len(mergedLabelSets))
+	for _, v := range mergedLabelSets {
+		labelSets = append(labelSets, v)
+	}
+
+	// We always want to enforce announcing the subset of data that
+	// selector-labels represents. If no label-sets are announced by the
+	// store-proxy's discovered stores, then we still want to enforce
+	// announcing this subset by announcing the selector as the label-set.
+	selectorLabels := labelpb.ZLabelsFromPromLabels(s.selectorLabels)
+	if len(labelSets) == 0 && len(selectorLabels) > 0 {
+		labelSets = append(labelSets, labelpb.ZLabelSet{Labels: selectorLabels})
+	}
+
+	return labelSets
+}
+func (s *ProxyStore) TimeRange() (int64, int64) {
+	stores := s.stores()
+	if len(stores) == 0 {
+		return math.MinInt64, math.MaxInt64
+	}
+
+	var minTime, maxTime int64 = math.MaxInt64, math.MinInt64
+	for _, s := range stores {
+		storeMinTime, storeMaxTime := s.TimeRange()
+		if storeMinTime < minTime {
+			minTime = storeMinTime
+		}
+		if storeMaxTime > maxTime {
+			maxTime = storeMaxTime
+		}
+	}
+
+	return minTime, maxTime
+}
+
 // cancelableRespSender is a response channel that does need to be exhausted on cancel.
 type cancelableRespSender struct {
 	ctx context.Context
@@ -418,28 +469,30 @@ func startStreamSeriesSet(
 				}
 			}
 		}()
-		for {
+		// The `defer` only executed when function return, we do `defer cancel` in for loop,
+		// so make the loop body as a function, release timers created by context as early.
+		handleRecvResponse := func() (next bool) {
 			frameTimeoutCtx, cancel := frameCtx(s.responseTimeout)
 			defer cancel()
 			var rr *recvResponse
 			select {
 			case <-ctx.Done():
 				s.handleErr(errors.Wrapf(ctx.Err(), "failed to receive any data from %s", s.name), done)
-				return
+				return false
 			case <-frameTimeoutCtx.Done():
 				s.handleErr(errors.Wrapf(frameTimeoutCtx.Err(), "failed to receive any data in %s from %s", s.responseTimeout.String(), s.name), done)
-				return
+				return false
 			case rr = <-rCh:
 			}
 
 			if rr.err == io.EOF {
 				close(done)
-				return
+				return false
 			}
 
 			if rr.err != nil {
 				s.handleErr(errors.Wrapf(rr.err, "receive series from %s", s.name), done)
-				return
+				return false
 			}
 			numResponses++
 			bytesProcessed += rr.r.Size()
@@ -455,9 +508,15 @@ func startStreamSeriesSet(
 				case s.recvCh <- series:
 				case <-ctx.Done():
 					s.handleErr(errors.Wrapf(ctx.Err(), "failed to receive any data from %s", s.name), done)
-					return
+					return false
 				}
 			}
+			return true
+		}
+		for {
+			if !handleRecvResponse() {
+				return
+			}
 		}
 	}()
 	return s
diff --git a/vendor/github.com/thanos-io/thanos/pkg/store/storepb/custom.go b/vendor/github.com/thanos-io/thanos/pkg/store/storepb/custom.go
index 9af006849dd..d62b82dc3f7 100644
--- a/vendor/github.com/thanos-io/thanos/pkg/store/storepb/custom.go
+++ b/vendor/github.com/thanos-io/thanos/pkg/store/storepb/custom.go
@@ -13,7 +13,8 @@ import (
 
 	"github.com/gogo/protobuf/types"
 	"github.com/pkg/errors"
-	"github.com/prometheus/prometheus/pkg/labels"
+	"github.com/prometheus/prometheus/model/labels"
+
 	"github.com/thanos-io/thanos/pkg/store/labelpb"
 )
 
diff --git a/vendor/github.com/thanos-io/thanos/pkg/store/storepb/rpc.pb.go b/vendor/github.com/thanos-io/thanos/pkg/store/storepb/rpc.pb.go
index 969578c0eeb..745686a208b 100644
--- a/vendor/github.com/thanos-io/thanos/pkg/store/storepb/rpc.pb.go
+++ b/vendor/github.com/thanos-io/thanos/pkg/store/storepb/rpc.pb.go
@@ -280,6 +280,10 @@ type SeriesRequest struct {
 	// The content of this field and whether it's supported depends on the
 	// implementation of a specific store.
 	Hints *types.Any `protobuf:"bytes,9,opt,name=hints,proto3" json:"hints,omitempty"`
+	// Query step size in milliseconds.
+	Step int64 `protobuf:"varint,10,opt,name=step,proto3" json:"step,omitempty"`
+	// Range vector selector range in milliseconds.
+	Range int64 `protobuf:"varint,11,opt,name=range,proto3" json:"range,omitempty"`
 }
 
 func (m *SeriesRequest) Reset()         { *m = SeriesRequest{} }
@@ -608,74 +612,75 @@ func init() {
 func init() { proto.RegisterFile("store/storepb/rpc.proto", fileDescriptor_a938d55a388af629) }
 
 var fileDescriptor_a938d55a388af629 = []byte{
-	// 1060 bytes of a gzipped FileDescriptorProto
+	// 1083 bytes of a gzipped FileDescriptorProto
 	0x1f, 0x8b, 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0xff, 0xac, 0x56, 0xdf, 0x6e, 0x1a, 0xc7,
-	0x17, 0x66, 0x59, 0x58, 0xe0, 0x60, 0xfb, 0xb7, 0x19, 0x63, 0x67, 0x4d, 0x24, 0x8c, 0x90, 0x7e,
-	0x12, 0xb2, 0x52, 0x68, 0x69, 0x15, 0xa9, 0x55, 0x6e, 0xc0, 0xa6, 0xb5, 0xd5, 0x18, 0xb7, 0x83,
-	0x89, 0xdb, 0x54, 0x15, 0x5a, 0xf0, 0x64, 0x59, 0x19, 0x76, 0xb7, 0x3b, 0x43, 0x6d, 0x6e, 0xdb,
-	0xfb, 0xaa, 0xea, 0xd3, 0xf4, 0x05, 0x2a, 0xf9, 0xae, 0xb9, 0xac, 0x7a, 0x11, 0xb5, 0xf6, 0x8b,
-	0x54, 0xf3, 0x67, 0x81, 0x75, 0x9d, 0xa4, 0x91, 0x73, 0x83, 0xe6, 0x9c, 0xef, 0x9c, 0x33, 0xdf,
-	0x9c, 0x6f, 0xce, 0xb0, 0x70, 0x9f, 0x32, 0x3f, 0x24, 0x75, 0xf1, 0x1b, 0x0c, 0xea, 0x61, 0x30,
-	0xac, 0x05, 0xa1, 0xcf, 0x7c, 0x64, 0xb0, 0x91, 0xed, 0xf9, 0xb4, 0xb8, 0x15, 0x0f, 0x60, 0xb3,
-	0x80, 0x50, 0x19, 0x52, 0x2c, 0x38, 0xbe, 0xe3, 0x8b, 0x65, 0x9d, 0xaf, 0x94, 0xb7, 0x1c, 0x4f,
-	0x08, 0x42, 0x7f, 0x72, 0x23, 0x4f, 0x95, 0x1c, 0xdb, 0x03, 0x32, 0xbe, 0x09, 0x39, 0xbe, 0xef,
-	0x8c, 0x49, 0x5d, 0x58, 0x83, 0xe9, 0xf3, 0xba, 0xed, 0xcd, 0x24, 0x54, 0xf9, 0x1f, 0xac, 0x9e,
-	0x84, 0x2e, 0x23, 0x98, 0xd0, 0xc0, 0xf7, 0x28, 0xa9, 0xfc, 0xa8, 0xc1, 0x8a, 0xf2, 0x7c, 0x37,
-	0x25, 0x94, 0xa1, 0x26, 0x00, 0x73, 0x27, 0x84, 0x92, 0xd0, 0x25, 0xd4, 0xd2, 0xca, 0x7a, 0x35,
-	0xdf, 0x78, 0xc0, 0xb3, 0x27, 0x84, 0x8d, 0xc8, 0x94, 0xf6, 0x87, 0x7e, 0x30, 0xab, 0x1d, 0xbb,
-	0x13, 0xd2, 0x15, 0x21, 0xad, 0xd4, 0xe5, 0xcb, 0xed, 0x04, 0x5e, 0x4a, 0x42, 0x9b, 0x60, 0x30,
-	0xe2, 0xd9, 0x1e, 0xb3, 0x92, 0x65, 0xad, 0x9a, 0xc3, 0xca, 0x42, 0x16, 0x64, 0x42, 0x12, 0x8c,
-	0xdd, 0xa1, 0x6d, 0xe9, 0x65, 0xad, 0xaa, 0xe3, 0xc8, 0xac, 0xac, 0x42, 0xfe, 0xc0, 0x7b, 0xee,
-	0x2b, 0x0e, 0x95, 0x5f, 0x92, 0xb0, 0x22, 0x6d, 0xc9, 0x12, 0x0d, 0xc1, 0x10, 0x07, 0x8d, 0x08,
-	0xad, 0xd6, 0x64, 0x63, 0x6b, 0x4f, 0xb8, 0xb7, 0xf5, 0x98, 0x53, 0xf8, 0xf3, 0xe5, 0xf6, 0x47,
-	0x8e, 0xcb, 0x46, 0xd3, 0x41, 0x6d, 0xe8, 0x4f, 0xea, 0x32, 0xe0, 0x3d, 0xd7, 0x57, 0xab, 0x7a,
-	0x70, 0xe6, 0xd4, 0x63, 0x3d, 0xab, 0x3d, 0x13, 0xd9, 0x58, 0x95, 0x46, 0x5b, 0x90, 0x9d, 0xb8,
-	0x5e, 0x9f, 0x1f, 0x44, 0x10, 0xd7, 0x71, 0x66, 0xe2, 0x7a, 0xfc, 0xa4, 0x02, 0xb2, 0x2f, 0x24,
-	0xa4, 0xa8, 0x4f, 0xec, 0x0b, 0x01, 0xd5, 0x21, 0x27, 0xaa, 0x1e, 0xcf, 0x02, 0x62, 0xa5, 0xca,
-	0x5a, 0x75, 0xad, 0x71, 0x2f, 0x62, 0xd7, 0x8d, 0x00, 0xbc, 0x88, 0x41, 0x8f, 0x00, 0xc4, 0x86,
-	0x7d, 0x4a, 0x18, 0xb5, 0xd2, 0xe2, 0x3c, 0xf3, 0x0c, 0x49, 0xa9, 0x4b, 0x98, 0x6a, 0x6b, 0x6e,
-	0xac, 0x6c, 0x5a, 0xf9, 0x4d, 0x87, 0x55, 0xd9, 0xf2, 0x48, 0xaa, 0x65, 0xc2, 0xda, 0xab, 0x09,
-	0x27, 0xe3, 0x84, 0x1f, 0x71, 0x88, 0x0d, 0x47, 0x24, 0xa4, 0x96, 0x2e, 0x76, 0x2f, 0xc4, 0xba,
-	0x79, 0x28, 0x41, 0x45, 0x60, 0x1e, 0x8b, 0x1a, 0xb0, 0xc1, 0x4b, 0x86, 0x84, 0xfa, 0xe3, 0x29,
-	0x73, 0x7d, 0xaf, 0x7f, 0xee, 0x7a, 0xa7, 0xfe, 0xb9, 0x38, 0xb4, 0x8e, 0xd7, 0x27, 0xf6, 0x05,
-	0x9e, 0x63, 0x27, 0x02, 0x42, 0x0f, 0x01, 0x6c, 0xc7, 0x09, 0x89, 0x63, 0x33, 0x22, 0xcf, 0xba,
-	0xd6, 0x58, 0x89, 0x76, 0x6b, 0x3a, 0x4e, 0x88, 0x97, 0x70, 0xf4, 0x09, 0x6c, 0x05, 0x76, 0xc8,
-	0x5c, 0x7b, 0xcc, 0x77, 0x11, 0xca, 0xf7, 0x4f, 0x5d, 0x6a, 0x0f, 0xc6, 0xe4, 0xd4, 0x32, 0xca,
-	0x5a, 0x35, 0x8b, 0xef, 0xab, 0x80, 0xe8, 0x66, 0xec, 0x29, 0x18, 0x7d, 0x73, 0x4b, 0x2e, 0x65,
-	0xa1, 0xcd, 0x88, 0x33, 0xb3, 0x32, 0x42, 0x96, 0xed, 0x68, 0xe3, 0x2f, 0xe2, 0x35, 0xba, 0x2a,
-	0xec, 0x5f, 0xc5, 0x23, 0x00, 0x6d, 0x43, 0x9e, 0x9e, 0xb9, 0x41, 0x7f, 0x38, 0x9a, 0x7a, 0x67,
-	0xd4, 0xca, 0x0a, 0x2a, 0xc0, 0x5d, 0xbb, 0xc2, 0x83, 0x76, 0x20, 0x3d, 0x72, 0x3d, 0x46, 0xad,
-	0x5c, 0x59, 0x13, 0x0d, 0x95, 0x13, 0x58, 0x8b, 0x26, 0xb0, 0xd6, 0xf4, 0x66, 0x58, 0x86, 0x54,
-	0x7e, 0xd2, 0x60, 0x2d, 0xd2, 0x51, 0x5d, 0xef, 0x2a, 0x18, 0xf3, 0x79, 0xe3, 0xf9, 0x6b, 0xf3,
-	0x0b, 0x24, 0xbc, 0xfb, 0x09, 0xac, 0x70, 0x54, 0x84, 0xcc, 0xb9, 0x1d, 0x7a, 0xae, 0xe7, 0xc8,
-	0xd9, 0xda, 0x4f, 0xe0, 0xc8, 0x81, 0x1e, 0x46, 0x24, 0xf4, 0x57, 0x93, 0xd8, 0x4f, 0x28, 0x1a,
-	0xad, 0x2c, 0x18, 0x21, 0xa1, 0xd3, 0x31, 0xab, 0xfc, 0x9a, 0x84, 0x7b, 0x42, 0xf9, 0x8e, 0x3d,
-	0x59, 0x5c, 0xae, 0xd7, 0x8a, 0xa1, 0xdd, 0x41, 0x8c, 0xe4, 0x1d, 0xc5, 0x28, 0x40, 0x9a, 0x32,
-	0x3b, 0x64, 0x6a, 0x10, 0xa5, 0x81, 0x4c, 0xd0, 0x89, 0x77, 0xaa, 0xee, 0x22, 0x5f, 0x2e, 0x34,
-	0x49, 0xbf, 0x51, 0x93, 0xd8, 0x4c, 0x18, 0xff, 0x7d, 0x26, 0x2a, 0x21, 0xa0, 0xe5, 0xce, 0x29,
-	0x39, 0x0b, 0x90, 0xf6, 0xb8, 0x43, 0x3c, 0x56, 0x39, 0x2c, 0x0d, 0x54, 0x84, 0xac, 0x52, 0x8a,
-	0x5a, 0x49, 0x01, 0xcc, 0xed, 0x05, 0x57, 0xfd, 0xcd, 0xf7, 0xe7, 0xf7, 0xa4, 0xda, 0xf4, 0xa9,
-	0x3d, 0x9e, 0x2e, 0xf4, 0x2a, 0x40, 0x5a, 0xbc, 0x15, 0x42, 0x9b, 0x1c, 0x96, 0xc6, 0xeb, 0x55,
-	0x4c, 0xde, 0x41, 0x45, 0xfd, 0x5d, 0xa9, 0x98, 0xba, 0x45, 0xc5, 0xf4, 0x2d, 0x2a, 0x1a, 0x6f,
-	0xa7, 0x62, 0xe6, 0x2d, 0x54, 0x9c, 0xc2, 0x7a, 0xac, 0xa1, 0x4a, 0xc6, 0x4d, 0x30, 0xbe, 0x17,
-	0x1e, 0xa5, 0xa3, 0xb2, 0xde, 0x95, 0x90, 0x3b, 0xdf, 0x42, 0x6e, 0xfe, 0x07, 0x81, 0xf2, 0x90,
-	0xe9, 0x75, 0x3e, 0xef, 0x1c, 0x9d, 0x74, 0xcc, 0x04, 0xca, 0x41, 0xfa, 0xcb, 0x5e, 0x1b, 0x7f,
-	0x6d, 0x6a, 0x28, 0x0b, 0x29, 0xdc, 0x7b, 0xd2, 0x36, 0x93, 0x3c, 0xa2, 0x7b, 0xb0, 0xd7, 0xde,
-	0x6d, 0x62, 0x53, 0xe7, 0x11, 0xdd, 0xe3, 0x23, 0xdc, 0x36, 0x53, 0xdc, 0x8f, 0xdb, 0xbb, 0xed,
-	0x83, 0xa7, 0x6d, 0x33, 0xcd, 0xfd, 0x7b, 0xed, 0x56, 0xef, 0x33, 0xd3, 0xd8, 0x69, 0x41, 0x8a,
-	0xbf, 0xb0, 0x28, 0x03, 0x3a, 0x6e, 0x9e, 0xc8, 0xaa, 0xbb, 0x47, 0xbd, 0xce, 0xb1, 0xa9, 0x71,
-	0x5f, 0xb7, 0x77, 0x68, 0x26, 0xf9, 0xe2, 0xf0, 0xa0, 0x63, 0xea, 0x62, 0xd1, 0xfc, 0x4a, 0x96,
-	0x13, 0x51, 0x6d, 0x6c, 0xa6, 0x1b, 0x3f, 0x24, 0x21, 0x2d, 0x38, 0xa2, 0x0f, 0x20, 0xc5, 0xff,
-	0x91, 0xd1, 0x7a, 0xd4, 0xd1, 0xa5, 0xff, 0xeb, 0x62, 0x21, 0xee, 0x54, 0xfd, 0xfb, 0x18, 0x0c,
-	0xf9, 0x7e, 0xa1, 0x8d, 0xf8, 0x7b, 0x16, 0xa5, 0x6d, 0xde, 0x74, 0xcb, 0xc4, 0xf7, 0x35, 0xb4,
-	0x0b, 0xb0, 0x98, 0x2b, 0xb4, 0x15, 0x53, 0x71, 0xf9, 0x95, 0x2a, 0x16, 0x6f, 0x83, 0xd4, 0xfe,
-	0x9f, 0x42, 0x7e, 0x49, 0x56, 0x14, 0x0f, 0x8d, 0x0d, 0x4f, 0xf1, 0xc1, 0xad, 0x98, 0xac, 0xd3,
-	0xe8, 0xc0, 0x9a, 0xf8, 0x42, 0xe2, 0x53, 0x21, 0x9b, 0xf1, 0x18, 0xf2, 0x98, 0x4c, 0x7c, 0x46,
-	0x84, 0x1f, 0xcd, 0x8f, 0xbf, 0xfc, 0x21, 0x55, 0xdc, 0xb8, 0xe1, 0x55, 0x1f, 0x5c, 0x89, 0xd6,
-	0xff, 0x2f, 0xff, 0x2e, 0x25, 0x2e, 0xaf, 0x4a, 0xda, 0x8b, 0xab, 0x92, 0xf6, 0xd7, 0x55, 0x49,
-	0xfb, 0xf9, 0xba, 0x94, 0x78, 0x71, 0x5d, 0x4a, 0xfc, 0x71, 0x5d, 0x4a, 0x3c, 0xcb, 0xa8, 0x6f,
-	0xbe, 0x81, 0x21, 0xee, 0xcc, 0x87, 0xff, 0x04, 0x00, 0x00, 0xff, 0xff, 0xa3, 0x83, 0x98, 0x24,
-	0x5d, 0x0a, 0x00, 0x00,
+	0x17, 0x66, 0x59, 0x76, 0x81, 0x83, 0xed, 0xdf, 0x66, 0x8c, 0x9d, 0x35, 0x91, 0x30, 0x42, 0xfa,
+	0x49, 0xc8, 0x4a, 0xa1, 0xa5, 0x55, 0xa4, 0x56, 0xb9, 0x01, 0x9b, 0xd6, 0x56, 0x63, 0xdc, 0x0e,
+	0x26, 0x6e, 0x53, 0x55, 0x68, 0xc1, 0x93, 0x65, 0x65, 0xf6, 0x4f, 0x77, 0x86, 0xda, 0xdc, 0xb6,
+	0xf7, 0x55, 0xd5, 0xa7, 0xe9, 0x23, 0xf8, 0xae, 0xb9, 0xac, 0x7a, 0x11, 0xb5, 0xf6, 0x03, 0xf4,
+	0x15, 0xaa, 0x9d, 0x99, 0x05, 0xd6, 0x75, 0x92, 0x46, 0xce, 0x0d, 0x9a, 0x73, 0xbe, 0x73, 0xce,
+	0x7c, 0x73, 0xbe, 0x39, 0xc3, 0xc2, 0x7d, 0xca, 0xfc, 0x90, 0x34, 0xf8, 0x6f, 0x30, 0x6c, 0x84,
+	0xc1, 0xa8, 0x1e, 0x84, 0x3e, 0xf3, 0x91, 0xce, 0xc6, 0x96, 0xe7, 0xd3, 0xd2, 0x56, 0x32, 0x80,
+	0xcd, 0x02, 0x42, 0x45, 0x48, 0xa9, 0x68, 0xfb, 0xb6, 0xcf, 0x97, 0x8d, 0x68, 0x25, 0xbd, 0x95,
+	0x64, 0x42, 0x10, 0xfa, 0xee, 0x8d, 0x3c, 0x59, 0x72, 0x62, 0x0d, 0xc9, 0xe4, 0x26, 0x64, 0xfb,
+	0xbe, 0x3d, 0x21, 0x0d, 0x6e, 0x0d, 0xa7, 0xcf, 0x1b, 0x96, 0x37, 0x13, 0x50, 0xf5, 0x7f, 0xb0,
+	0x7a, 0x12, 0x3a, 0x8c, 0x60, 0x42, 0x03, 0xdf, 0xa3, 0xa4, 0xfa, 0xa3, 0x02, 0x2b, 0xd2, 0xf3,
+	0xdd, 0x94, 0x50, 0x86, 0x5a, 0x00, 0xcc, 0x71, 0x09, 0x25, 0xa1, 0x43, 0xa8, 0xa9, 0x54, 0xd4,
+	0x5a, 0xa1, 0xf9, 0x20, 0xca, 0x76, 0x09, 0x1b, 0x93, 0x29, 0x1d, 0x8c, 0xfc, 0x60, 0x56, 0x3f,
+	0x76, 0x5c, 0xd2, 0xe3, 0x21, 0xed, 0xcc, 0xe5, 0xcb, 0xed, 0x14, 0x5e, 0x4a, 0x42, 0x9b, 0xa0,
+	0x33, 0xe2, 0x59, 0x1e, 0x33, 0xd3, 0x15, 0xa5, 0x96, 0xc7, 0xd2, 0x42, 0x26, 0x64, 0x43, 0x12,
+	0x4c, 0x9c, 0x91, 0x65, 0xaa, 0x15, 0xa5, 0xa6, 0xe2, 0xd8, 0xac, 0xae, 0x42, 0xe1, 0xc0, 0x7b,
+	0xee, 0x4b, 0x0e, 0xd5, 0x5f, 0xd2, 0xb0, 0x22, 0x6c, 0xc1, 0x12, 0x8d, 0x40, 0xe7, 0x07, 0x8d,
+	0x09, 0xad, 0xd6, 0x45, 0x63, 0xeb, 0x4f, 0x22, 0x6f, 0xfb, 0x71, 0x44, 0xe1, 0x8f, 0x97, 0xdb,
+	0x1f, 0xd9, 0x0e, 0x1b, 0x4f, 0x87, 0xf5, 0x91, 0xef, 0x36, 0x44, 0xc0, 0x7b, 0x8e, 0x2f, 0x57,
+	0x8d, 0xe0, 0xcc, 0x6e, 0x24, 0x7a, 0x56, 0x7f, 0xc6, 0xb3, 0xb1, 0x2c, 0x8d, 0xb6, 0x20, 0xe7,
+	0x3a, 0xde, 0x20, 0x3a, 0x08, 0x27, 0xae, 0xe2, 0xac, 0xeb, 0x78, 0xd1, 0x49, 0x39, 0x64, 0x5d,
+	0x08, 0x48, 0x52, 0x77, 0xad, 0x0b, 0x0e, 0x35, 0x20, 0xcf, 0xab, 0x1e, 0xcf, 0x02, 0x62, 0x66,
+	0x2a, 0x4a, 0x6d, 0xad, 0x79, 0x2f, 0x66, 0xd7, 0x8b, 0x01, 0xbc, 0x88, 0x41, 0x8f, 0x00, 0xf8,
+	0x86, 0x03, 0x4a, 0x18, 0x35, 0x35, 0x7e, 0x9e, 0x79, 0x86, 0xa0, 0xd4, 0x23, 0x4c, 0xb6, 0x35,
+	0x3f, 0x91, 0x36, 0xad, 0xfe, 0xad, 0xc2, 0xaa, 0x68, 0x79, 0x2c, 0xd5, 0x32, 0x61, 0xe5, 0xd5,
+	0x84, 0xd3, 0x49, 0xc2, 0x8f, 0x22, 0x88, 0x8d, 0xc6, 0x24, 0xa4, 0xa6, 0xca, 0x77, 0x2f, 0x26,
+	0xba, 0x79, 0x28, 0x40, 0x49, 0x60, 0x1e, 0x8b, 0x9a, 0xb0, 0x11, 0x95, 0x0c, 0x09, 0xf5, 0x27,
+	0x53, 0xe6, 0xf8, 0xde, 0xe0, 0xdc, 0xf1, 0x4e, 0xfd, 0x73, 0x7e, 0x68, 0x15, 0xaf, 0xbb, 0xd6,
+	0x05, 0x9e, 0x63, 0x27, 0x1c, 0x42, 0x0f, 0x01, 0x2c, 0xdb, 0x0e, 0x89, 0x6d, 0x31, 0x22, 0xce,
+	0xba, 0xd6, 0x5c, 0x89, 0x77, 0x6b, 0xd9, 0x76, 0x88, 0x97, 0x70, 0xf4, 0x09, 0x6c, 0x05, 0x56,
+	0xc8, 0x1c, 0x6b, 0x12, 0xed, 0xc2, 0x95, 0x1f, 0x9c, 0x3a, 0xd4, 0x1a, 0x4e, 0xc8, 0xa9, 0xa9,
+	0x57, 0x94, 0x5a, 0x0e, 0xdf, 0x97, 0x01, 0xf1, 0xcd, 0xd8, 0x93, 0x30, 0xfa, 0xe6, 0x96, 0x5c,
+	0xca, 0x42, 0x8b, 0x11, 0x7b, 0x66, 0x66, 0xb9, 0x2c, 0xdb, 0xf1, 0xc6, 0x5f, 0x24, 0x6b, 0xf4,
+	0x64, 0xd8, 0xbf, 0x8a, 0xc7, 0x00, 0xda, 0x86, 0x02, 0x3d, 0x73, 0x82, 0xc1, 0x68, 0x3c, 0xf5,
+	0xce, 0xa8, 0x99, 0xe3, 0x54, 0x20, 0x72, 0xed, 0x72, 0x0f, 0xda, 0x01, 0x6d, 0xec, 0x78, 0x8c,
+	0x9a, 0xf9, 0x8a, 0xc2, 0x1b, 0x2a, 0x26, 0xb0, 0x1e, 0x4f, 0x60, 0xbd, 0xe5, 0xcd, 0xb0, 0x08,
+	0x41, 0x08, 0x32, 0x94, 0x91, 0xc0, 0x04, 0xde, 0x36, 0xbe, 0x46, 0x45, 0xd0, 0x42, 0xcb, 0xb3,
+	0x89, 0x59, 0xe0, 0x4e, 0x61, 0x54, 0x7f, 0x52, 0x60, 0x2d, 0x56, 0x5c, 0x0e, 0x42, 0x0d, 0xf4,
+	0xf9, 0x64, 0x46, 0x3b, 0xad, 0xcd, 0xaf, 0x1a, 0xf7, 0xee, 0xa7, 0xb0, 0xc4, 0x51, 0x09, 0xb2,
+	0xe7, 0x56, 0xe8, 0x39, 0x9e, 0x2d, 0xa6, 0x70, 0x3f, 0x85, 0x63, 0x07, 0x7a, 0x18, 0xd3, 0x55,
+	0x5f, 0x4d, 0x77, 0x3f, 0x25, 0x09, 0xb7, 0x73, 0xa0, 0x87, 0x84, 0x4e, 0x27, 0xac, 0xfa, 0x6b,
+	0x1a, 0xee, 0xf1, 0x3b, 0xd2, 0xb5, 0xdc, 0xc5, 0x35, 0x7c, 0xad, 0x6c, 0xca, 0x1d, 0x64, 0x4b,
+	0xdf, 0x51, 0xb6, 0x22, 0x68, 0x94, 0x59, 0x21, 0x93, 0x23, 0x2b, 0x0c, 0x64, 0x80, 0x4a, 0xbc,
+	0x53, 0x79, 0x6b, 0xa3, 0xe5, 0x42, 0x3d, 0xed, 0xcd, 0xea, 0x2d, 0x4f, 0x8f, 0xfe, 0xdf, 0xa7,
+	0xa7, 0x1a, 0x02, 0x5a, 0xee, 0x9c, 0x94, 0xb3, 0x08, 0x9a, 0x17, 0x39, 0xf8, 0xb3, 0x96, 0xc7,
+	0xc2, 0x40, 0x25, 0xc8, 0x49, 0xa5, 0xa8, 0x99, 0xe6, 0xc0, 0xdc, 0x5e, 0x70, 0x55, 0xdf, 0xc8,
+	0xb5, 0xfa, 0x5b, 0x5a, 0x6e, 0xfa, 0xd4, 0x9a, 0x4c, 0x17, 0x7a, 0x15, 0x41, 0xe3, 0xaf, 0x0a,
+	0xd7, 0x26, 0x8f, 0x85, 0xf1, 0x7a, 0x15, 0xd3, 0x77, 0x50, 0x51, 0x7d, 0x57, 0x2a, 0x66, 0x6e,
+	0x51, 0x51, 0xbb, 0x45, 0x45, 0xfd, 0xed, 0x54, 0xcc, 0xbe, 0x85, 0x8a, 0x53, 0x58, 0x4f, 0x34,
+	0x54, 0xca, 0xb8, 0x09, 0xfa, 0xf7, 0xdc, 0x23, 0x75, 0x94, 0xd6, 0xbb, 0x12, 0x72, 0xe7, 0x5b,
+	0xc8, 0xcf, 0xff, 0x4a, 0x50, 0x01, 0xb2, 0xfd, 0xee, 0xe7, 0xdd, 0xa3, 0x93, 0xae, 0x91, 0x42,
+	0x79, 0xd0, 0xbe, 0xec, 0x77, 0xf0, 0xd7, 0x86, 0x82, 0x72, 0x90, 0xc1, 0xfd, 0x27, 0x1d, 0x23,
+	0x1d, 0x45, 0xf4, 0x0e, 0xf6, 0x3a, 0xbb, 0x2d, 0x6c, 0xa8, 0x51, 0x44, 0xef, 0xf8, 0x08, 0x77,
+	0x8c, 0x4c, 0xe4, 0xc7, 0x9d, 0xdd, 0xce, 0xc1, 0xd3, 0x8e, 0xa1, 0x45, 0xfe, 0xbd, 0x4e, 0xbb,
+	0xff, 0x99, 0xa1, 0xef, 0xb4, 0x21, 0x13, 0xbd, 0xc5, 0x28, 0x0b, 0x2a, 0x6e, 0x9d, 0x88, 0xaa,
+	0xbb, 0x47, 0xfd, 0xee, 0xb1, 0xa1, 0x44, 0xbe, 0x5e, 0xff, 0xd0, 0x48, 0x47, 0x8b, 0xc3, 0x83,
+	0xae, 0xa1, 0xf2, 0x45, 0xeb, 0x2b, 0x51, 0x8e, 0x47, 0x75, 0xb0, 0xa1, 0x35, 0x7f, 0x48, 0x83,
+	0xc6, 0x39, 0xa2, 0x0f, 0x20, 0x13, 0xfd, 0x77, 0xa3, 0xf5, 0xb8, 0xa3, 0x4b, 0xff, 0xec, 0xa5,
+	0x62, 0xd2, 0x29, 0xfb, 0xf7, 0x31, 0xe8, 0xe2, 0xfd, 0x42, 0x1b, 0xc9, 0xf7, 0x2c, 0x4e, 0xdb,
+	0xbc, 0xe9, 0x16, 0x89, 0xef, 0x2b, 0x68, 0x17, 0x60, 0x31, 0x57, 0x68, 0x2b, 0xa1, 0xe2, 0xf2,
+	0x2b, 0x55, 0x2a, 0xdd, 0x06, 0xc9, 0xfd, 0x3f, 0x85, 0xc2, 0x92, 0xac, 0x28, 0x19, 0x9a, 0x18,
+	0x9e, 0xd2, 0x83, 0x5b, 0x31, 0x51, 0xa7, 0xd9, 0x85, 0x35, 0xfe, 0x2d, 0x15, 0x4d, 0x85, 0x68,
+	0xc6, 0x63, 0x28, 0x60, 0xe2, 0xfa, 0x8c, 0x70, 0x3f, 0x9a, 0x1f, 0x7f, 0xf9, 0x93, 0xab, 0xb4,
+	0x71, 0xc3, 0x2b, 0x3f, 0xcd, 0x52, 0xed, 0xff, 0x5f, 0xfe, 0x55, 0x4e, 0x5d, 0x5e, 0x95, 0x95,
+	0x17, 0x57, 0x65, 0xe5, 0xcf, 0xab, 0xb2, 0xf2, 0xf3, 0x75, 0x39, 0xf5, 0xe2, 0xba, 0x9c, 0xfa,
+	0xfd, 0xba, 0x9c, 0x7a, 0x96, 0x95, 0x5f, 0x87, 0x43, 0x9d, 0xdf, 0x99, 0x0f, 0xff, 0x09, 0x00,
+	0x00, 0xff, 0xff, 0xa4, 0xea, 0x02, 0x9d, 0x87, 0x0a, 0x00, 0x00,
 }
 
 // Reference imports to suppress errors if they are not otherwise used.
@@ -1175,6 +1180,16 @@ func (m *SeriesRequest) MarshalToSizedBuffer(dAtA []byte) (int, error) {
 	_ = i
 	var l int
 	_ = l
+	if m.Range != 0 {
+		i = encodeVarintRpc(dAtA, i, uint64(m.Range))
+		i--
+		dAtA[i] = 0x58
+	}
+	if m.Step != 0 {
+		i = encodeVarintRpc(dAtA, i, uint64(m.Step))
+		i--
+		dAtA[i] = 0x50
+	}
 	if m.Hints != nil {
 		{
 			size, err := m.Hints.MarshalToSizedBuffer(dAtA[:i])
@@ -1733,6 +1748,12 @@ func (m *SeriesRequest) Size() (n int) {
 		l = m.Hints.Size()
 		n += 1 + l + sovRpc(uint64(l))
 	}
+	if m.Step != 0 {
+		n += 1 + sovRpc(uint64(m.Step))
+	}
+	if m.Range != 0 {
+		n += 1 + sovRpc(uint64(m.Range))
+	}
 	return n
 }
 
@@ -2598,6 +2619,44 @@ func (m *SeriesRequest) Unmarshal(dAtA []byte) error {
 				return err
 			}
 			iNdEx = postIndex
+		case 10:
+			if wireType != 0 {
+				return fmt.Errorf("proto: wrong wireType = %d for field Step", wireType)
+			}
+			m.Step = 0
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowRpc
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				m.Step |= int64(b&0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+		case 11:
+			if wireType != 0 {
+				return fmt.Errorf("proto: wrong wireType = %d for field Range", wireType)
+			}
+			m.Range = 0
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowRpc
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				m.Range |= int64(b&0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
 		default:
 			iNdEx = preIndex
 			skippy, err := skipRpc(dAtA[iNdEx:])
diff --git a/vendor/github.com/thanos-io/thanos/pkg/store/storepb/rpc.proto b/vendor/github.com/thanos-io/thanos/pkg/store/storepb/rpc.proto
index f60661a32ad..4a9240620d8 100644
--- a/vendor/github.com/thanos-io/thanos/pkg/store/storepb/rpc.proto
+++ b/vendor/github.com/thanos-io/thanos/pkg/store/storepb/rpc.proto
@@ -106,6 +106,12 @@ message SeriesRequest {
   // The content of this field and whether it's supported depends on the
   // implementation of a specific store.
   google.protobuf.Any hints = 9;
+
+  // Query step size in milliseconds.
+  int64 step = 10;
+
+  // Range vector selector range in milliseconds.
+  int64 range = 11;
 }
 
 enum Aggr {
diff --git a/vendor/github.com/thanos-io/thanos/pkg/store/tsdb.go b/vendor/github.com/thanos-io/thanos/pkg/store/tsdb.go
index a58c86bc62d..c13391a6918 100644
--- a/vendor/github.com/thanos-io/thanos/pkg/store/tsdb.go
+++ b/vendor/github.com/thanos-io/thanos/pkg/store/tsdb.go
@@ -9,17 +9,17 @@ import (
 	"math"
 	"sort"
 
-	"github.com/go-kit/kit/log"
+	"github.com/go-kit/log"
 	"github.com/pkg/errors"
-	"github.com/prometheus/prometheus/pkg/labels"
+	"github.com/prometheus/prometheus/model/labels"
 	"github.com/prometheus/prometheus/storage"
-	"github.com/thanos-io/thanos/pkg/store/labelpb"
 	"google.golang.org/grpc"
 	"google.golang.org/grpc/codes"
 	"google.golang.org/grpc/status"
 
 	"github.com/thanos-io/thanos/pkg/component"
 	"github.com/thanos-io/thanos/pkg/runutil"
+	"github.com/thanos-io/thanos/pkg/store/labelpb"
 	"github.com/thanos-io/thanos/pkg/store/storepb"
 )
 
@@ -93,6 +93,30 @@ func (s *TSDBStore) Info(_ context.Context, _ *storepb.InfoRequest) (*storepb.In
 	return res, nil
 }
 
+func (s *TSDBStore) LabelSet() []labelpb.ZLabelSet {
+	labels := labelpb.ZLabelsFromPromLabels(s.extLset)
+	labelSets := []labelpb.ZLabelSet{}
+	if len(labels) > 0 {
+		labelSets = append(labelSets, labelpb.ZLabelSet{
+			Labels: labels,
+		})
+	}
+
+	return labelSets
+}
+
+func (s *TSDBStore) TimeRange() (int64, int64) {
+	var minTime int64 = math.MinInt64
+	startTime, err := s.db.StartTime()
+	if err == nil {
+		// Since we always use tsdb.DB  implementation,
+		// StartTime should never return error.
+		minTime = startTime
+	}
+
+	return minTime, math.MaxInt64
+}
+
 // CloseDelegator allows to delegate close (releasing resources used by request to the server).
 // This is useful when we invoke StoreAPI within another StoreAPI and results are ephemeral until copied.
 type CloseDelegator interface {
diff --git a/vendor/github.com/thanos-io/thanos/pkg/targets/targetspb/custom.go b/vendor/github.com/thanos-io/thanos/pkg/targets/targetspb/custom.go
index 95405ca48ac..724fbba78f5 100644
--- a/vendor/github.com/thanos-io/thanos/pkg/targets/targetspb/custom.go
+++ b/vendor/github.com/thanos-io/thanos/pkg/targets/targetspb/custom.go
@@ -8,7 +8,8 @@ import (
 	"strings"
 
 	"github.com/pkg/errors"
-	"github.com/prometheus/prometheus/pkg/labels"
+	"github.com/prometheus/prometheus/model/labels"
+
 	"github.com/thanos-io/thanos/pkg/store/labelpb"
 )
 
diff --git a/vendor/github.com/thanos-io/thanos/pkg/testutil/testutil.go b/vendor/github.com/thanos-io/thanos/pkg/testutil/testutil.go
index 9a649436ea8..b31caf62405 100644
--- a/vendor/github.com/thanos-io/thanos/pkg/testutil/testutil.go
+++ b/vendor/github.com/thanos-io/thanos/pkg/testutil/testutil.go
@@ -14,16 +14,16 @@ import (
 	"sort"
 	"testing"
 
-	"github.com/prometheus/prometheus/pkg/labels"
-	"github.com/prometheus/prometheus/tsdb/chunkenc"
-	"github.com/prometheus/prometheus/tsdb/chunks"
-	"github.com/prometheus/prometheus/tsdb/index"
-
 	"github.com/davecgh/go-spew/spew"
 	"github.com/pkg/errors"
 	"github.com/pmezard/go-difflib/difflib"
 	"github.com/prometheus/client_golang/prometheus"
 	dto "github.com/prometheus/client_model/go"
+	"github.com/prometheus/prometheus/model/labels"
+	"github.com/prometheus/prometheus/storage"
+	"github.com/prometheus/prometheus/tsdb/chunkenc"
+	"github.com/prometheus/prometheus/tsdb/chunks"
+	"github.com/prometheus/prometheus/tsdb/index"
 	"go.uber.org/goleak"
 )
 
@@ -259,14 +259,14 @@ func PutOutOfOrderIndex(blockDir string, minTime int64, maxTime int64) error {
 		chk1 := chunks.Meta{
 			MinTime: maxTime - 2,
 			MaxTime: maxTime - 1,
-			Ref:     rand.Uint64(),
+			Ref:     chunks.ChunkRef(rand.Uint64()),
 			Chunk:   chunkenc.NewXORChunk(),
 		}
 		metas = append(metas, chk1)
 		chk2 := chunks.Meta{
 			MinTime: minTime + 1,
 			MaxTime: minTime + 2,
-			Ref:     rand.Uint64(),
+			Ref:     chunks.ChunkRef(rand.Uint64()),
 			Chunk:   chunkenc.NewXORChunk(),
 		}
 		metas = append(metas, chk2)
@@ -300,7 +300,7 @@ func PutOutOfOrderIndex(blockDir string, minTime int64, maxTime int64) error {
 	)
 
 	for i, s := range input {
-		if err := iw.AddSeries(uint64(i), s.labels, s.chunks...); err != nil {
+		if err := iw.AddSeries(storage.SeriesRef(i), s.labels, s.chunks...); err != nil {
 			return err
 		}
 
@@ -312,7 +312,7 @@ func PutOutOfOrderIndex(blockDir string, minTime int64, maxTime int64) error {
 			}
 			valset[l.Value] = struct{}{}
 		}
-		postings.Add(uint64(i), s.labels)
+		postings.Add(storage.SeriesRef(i), s.labels)
 	}
 
 	return iw.Close()
diff --git a/vendor/github.com/thanos-io/thanos/pkg/tracing/http.go b/vendor/github.com/thanos-io/thanos/pkg/tracing/http.go
index f158f0e6f35..bb906eb54a0 100644
--- a/vendor/github.com/thanos-io/thanos/pkg/tracing/http.go
+++ b/vendor/github.com/thanos-io/thanos/pkg/tracing/http.go
@@ -8,9 +8,10 @@ import (
 	"net"
 	"net/http"
 	"strconv"
+	"strings"
 
-	"github.com/go-kit/kit/log"
-	"github.com/go-kit/kit/log/level"
+	"github.com/go-kit/log"
+	"github.com/go-kit/log/level"
 	"github.com/opentracing/opentracing-go"
 	"github.com/opentracing/opentracing-go/ext"
 )
@@ -35,7 +36,7 @@ func HTTPMiddleware(tracer opentracing.Tracer, name string, logger log.Logger, n
 		ext.HTTPUrl.Set(span, r.URL.String())
 
 		// If client specified ForceTracingBaggageKey header, ensure span includes it to force tracing.
-		span.SetBaggageItem(ForceTracingBaggageKey, r.Header.Get(ForceTracingBaggageKey))
+		span.SetBaggageItem(strings.ToLower(ForceTracingBaggageKey), r.Header.Get(ForceTracingBaggageKey))
 
 		if t, ok := tracer.(Tracer); ok {
 			if traceID, ok := t.GetTraceIDFromSpanContext(span.Context()); ok {
diff --git a/vendor/github.com/thanos-io/thanos/pkg/tracing/tracing.go b/vendor/github.com/thanos-io/thanos/pkg/tracing/tracing.go
index 867eef7ce02..1987382d589 100644
--- a/vendor/github.com/thanos-io/thanos/pkg/tracing/tracing.go
+++ b/vendor/github.com/thanos-io/thanos/pkg/tracing/tracing.go
@@ -7,6 +7,7 @@ import (
 	"context"
 
 	"github.com/opentracing/opentracing-go"
+	"github.com/opentracing/opentracing-go/ext"
 )
 
 const (
@@ -72,6 +73,18 @@ func StartSpan(ctx context.Context, operationName string, opts ...opentracing.St
 	return span, opentracing.ContextWithSpan(ctx, span)
 }
 
+// DoInSpanWtihErr executes function doFn inside new span with `operationName` name and hooking as child to a span found within given context if any.
+// It uses opentracing.Tracer propagated in context. If no found, it uses noop tracer notification.
+// It logs the error inside the new span created, which differentiates it from DoInSpan and DoWithSpan.
+func DoInSpanWithErr(ctx context.Context, operationName string, doFn func(context.Context) error, opts ...opentracing.StartSpanOption) {
+	span, newCtx := StartSpan(ctx, operationName, opts...)
+	defer span.Finish()
+	err := doFn(newCtx)
+	if err != nil {
+		ext.LogError(span, err)
+	}
+}
+
 // DoInSpan executes function doFn inside new span with `operationName` name and hooking as child to a span found within given context if any.
 // It uses opentracing.Tracer propagated in context. If no found, it uses noop tracer notification.
 func DoInSpan(ctx context.Context, operationName string, doFn func(context.Context), opts ...opentracing.StartSpanOption) {
diff --git a/vendor/go.uber.org/goleak/CHANGELOG.md b/vendor/go.uber.org/goleak/CHANGELOG.md
index ba3df4f373e..a6275e27d3b 100644
--- a/vendor/go.uber.org/goleak/CHANGELOG.md
+++ b/vendor/go.uber.org/goleak/CHANGELOG.md
@@ -4,7 +4,17 @@ All notable changes to this project will be documented in this file.
 The format is based on [Keep a Changelog](http://keepachangelog.com/en/1.0.0/)
 and this project adheres to [Semantic Versioning](http://semver.org/spec/v2.0.0.html).
 
-## [1.1.0]
+## [1.1.12]
+### Fixed
+- Fixed logic for ignoring trace related goroutines on Go versions 1.16 and above.
+
+## [1.1.11]
+### Fixed
+- Documentation fix on how to test.
+- Update dependency on stretchr/testify to v1.7.0. (#59)
+- Update dependency on golang.org/x/tools to address CVE-2020-14040. (#62)
+
+## [1.1.10]
 ### Added
 - [#49]: Add option to ignore current goroutines, which checks for any additional leaks and allows for incremental adoption of goleak in larger projects.
 
diff --git a/vendor/go.uber.org/goleak/options.go b/vendor/go.uber.org/goleak/options.go
index 0f6bd9e7982..33266f61700 100644
--- a/vendor/go.uber.org/goleak/options.go
+++ b/vendor/go.uber.org/goleak/options.go
@@ -154,11 +154,3 @@ func isStdLibStack(s stack.Stack) bool {
 	// Using signal.Notify will start a runtime goroutine.
 	return strings.Contains(s.Full(), "runtime.ensureSigM")
 }
-
-func isTraceStack(s stack.Stack) bool {
-	if f := s.FirstFunction(); f != "runtime.goparkunlock" {
-		return false
-	}
-
-	return strings.Contains(s.Full(), "runtime.ReadTrace")
-}
diff --git a/vendor/go.uber.org/goleak/tracestack_new.go b/vendor/go.uber.org/goleak/tracestack_new.go
new file mode 100644
index 00000000000..d12ffd84043
--- /dev/null
+++ b/vendor/go.uber.org/goleak/tracestack_new.go
@@ -0,0 +1,34 @@
+// Copyright (c) 2021 Uber Technologies, Inc.
+//
+// Permission is hereby granted, free of charge, to any person obtaining a copy
+// of this software and associated documentation files (the "Software"), to deal
+// in the Software without restriction, including without limitation the rights
+// to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+// copies of the Software, and to permit persons to whom the Software is
+// furnished to do so, subject to the following conditions:
+//
+// The above copyright notice and this permission notice shall be included in
+// all copies or substantial portions of the Software.
+//
+// THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+// IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+// FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+// AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+// LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+// OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+// THE SOFTWARE.
+
+//go:build go1.16
+// +build go1.16
+
+package goleak
+
+import (
+	"strings"
+
+	"go.uber.org/goleak/internal/stack"
+)
+
+func isTraceStack(s stack.Stack) bool {
+	return strings.Contains(s.Full(), "runtime.ReadTrace")
+}
diff --git a/vendor/go.uber.org/goleak/tracestack_old.go b/vendor/go.uber.org/goleak/tracestack_old.go
new file mode 100644
index 00000000000..1874384ceb6
--- /dev/null
+++ b/vendor/go.uber.org/goleak/tracestack_old.go
@@ -0,0 +1,38 @@
+// Copyright (c) 2021 Uber Technologies, Inc.
+//
+// Permission is hereby granted, free of charge, to any person obtaining a copy
+// of this software and associated documentation files (the "Software"), to deal
+// in the Software without restriction, including without limitation the rights
+// to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+// copies of the Software, and to permit persons to whom the Software is
+// furnished to do so, subject to the following conditions:
+//
+// The above copyright notice and this permission notice shall be included in
+// all copies or substantial portions of the Software.
+//
+// THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+// IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+// FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+// AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+// LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+// OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+// THE SOFTWARE.
+
+//go:build !go1.16
+// +build !go1.16
+
+package goleak
+
+import (
+	"strings"
+
+	"go.uber.org/goleak/internal/stack"
+)
+
+func isTraceStack(s stack.Stack) bool {
+	if f := s.FirstFunction(); f != "runtime.goparkunlock" {
+		return false
+	}
+
+	return strings.Contains(s.Full(), "runtime.ReadTrace")
+}
diff --git a/vendor/golang.org/x/net/http/httpproxy/proxy.go b/vendor/golang.org/x/net/http/httpproxy/proxy.go
index 1415b077912..d2c8c87eab9 100644
--- a/vendor/golang.org/x/net/http/httpproxy/proxy.go
+++ b/vendor/golang.org/x/net/http/httpproxy/proxy.go
@@ -113,8 +113,8 @@ func getEnvAny(names ...string) string {
 // environment, or a proxy should not be used for the given request, as
 // defined by NO_PROXY.
 //
-// As a special case, if req.URL.Host is "localhost" (with or without a
-// port number), then a nil URL and nil error will be returned.
+// As a special case, if req.URL.Host is "localhost" or a loopback address
+// (with or without a port number), then a nil URL and nil error will be returned.
 func (cfg *Config) ProxyFunc() func(reqURL *url.URL) (*url.URL, error) {
 	// Preprocess the Config settings for more efficient evaluation.
 	cfg1 := &config{
diff --git a/vendor/golang.org/x/net/http2/client_conn_pool.go b/vendor/golang.org/x/net/http2/client_conn_pool.go
index 652bc11a029..c936843eafa 100644
--- a/vendor/golang.org/x/net/http2/client_conn_pool.go
+++ b/vendor/golang.org/x/net/http2/client_conn_pool.go
@@ -16,6 +16,12 @@ import (
 
 // ClientConnPool manages a pool of HTTP/2 client connections.
 type ClientConnPool interface {
+	// GetClientConn returns a specific HTTP/2 connection (usually
+	// a TLS-TCP connection) to an HTTP/2 server. On success, the
+	// returned ClientConn accounts for the upcoming RoundTrip
+	// call, so the caller should not omit it. If the caller needs
+	// to, ClientConn.RoundTrip can be called with a bogus
+	// new(http.Request) to release the stream reservation.
 	GetClientConn(req *http.Request, addr string) (*ClientConn, error)
 	MarkDead(*ClientConn)
 }
@@ -42,7 +48,7 @@ type clientConnPool struct {
 	conns        map[string][]*ClientConn // key is host:port
 	dialing      map[string]*dialCall     // currently in-flight dials
 	keys         map[*ClientConn][]string
-	addConnCalls map[string]*addConnCall // in-flight addConnIfNeede calls
+	addConnCalls map[string]*addConnCall // in-flight addConnIfNeeded calls
 }
 
 func (p *clientConnPool) GetClientConn(req *http.Request, addr string) (*ClientConn, error) {
@@ -54,28 +60,8 @@ const (
 	noDialOnMiss = false
 )
 
-// shouldTraceGetConn reports whether getClientConn should call any
-// ClientTrace.GetConn hook associated with the http.Request.
-//
-// This complexity is needed to avoid double calls of the GetConn hook
-// during the back-and-forth between net/http and x/net/http2 (when the
-// net/http.Transport is upgraded to also speak http2), as well as support
-// the case where x/net/http2 is being used directly.
-func (p *clientConnPool) shouldTraceGetConn(st clientConnIdleState) bool {
-	// If our Transport wasn't made via ConfigureTransport, always
-	// trace the GetConn hook if provided, because that means the
-	// http2 package is being used directly and it's the one
-	// dialing, as opposed to net/http.
-	if _, ok := p.t.ConnPool.(noDialClientConnPool); !ok {
-		return true
-	}
-	// Otherwise, only use the GetConn hook if this connection has
-	// been used previously for other requests. For fresh
-	// connections, the net/http package does the dialing.
-	return !st.freshConn
-}
-
 func (p *clientConnPool) getClientConn(req *http.Request, addr string, dialOnMiss bool) (*ClientConn, error) {
+	// TODO(dneil): Dial a new connection when t.DisableKeepAlives is set?
 	if isConnectionCloseRequest(req) && dialOnMiss {
 		// It gets its own connection.
 		traceGetConn(req, addr)
@@ -89,10 +75,14 @@ func (p *clientConnPool) getClientConn(req *http.Request, addr string, dialOnMis
 	for {
 		p.mu.Lock()
 		for _, cc := range p.conns[addr] {
-			if st := cc.idleState(); st.canTakeNewRequest {
-				if p.shouldTraceGetConn(st) {
+			if cc.ReserveNewRequest() {
+				// When a connection is presented to us by the net/http package,
+				// the GetConn hook has already been called.
+				// Don't call it a second time here.
+				if !cc.getConnCalled {
 					traceGetConn(req, addr)
 				}
+				cc.getConnCalled = false
 				p.mu.Unlock()
 				return cc, nil
 			}
@@ -108,7 +98,13 @@ func (p *clientConnPool) getClientConn(req *http.Request, addr string, dialOnMis
 		if shouldRetryDial(call, req) {
 			continue
 		}
-		return call.res, call.err
+		cc, err := call.res, call.err
+		if err != nil {
+			return nil, err
+		}
+		if cc.ReserveNewRequest() {
+			return cc, nil
+		}
 	}
 }
 
@@ -205,6 +201,7 @@ func (c *addConnCall) run(t *Transport, key string, tc *tls.Conn) {
 	if err != nil {
 		c.err = err
 	} else {
+		cc.getConnCalled = true // already called by the net/http package
 		p.addConnLocked(key, cc)
 	}
 	delete(p.addConnCalls, key)
diff --git a/vendor/golang.org/x/net/http2/frame.go b/vendor/golang.org/x/net/http2/frame.go
index b95d6f2df2f..96a74790524 100644
--- a/vendor/golang.org/x/net/http2/frame.go
+++ b/vendor/golang.org/x/net/http2/frame.go
@@ -122,7 +122,7 @@ var flagName = map[FrameType]map[Flags]string{
 // a frameParser parses a frame given its FrameHeader and payload
 // bytes. The length of payload will always equal fh.Length (which
 // might be 0).
-type frameParser func(fc *frameCache, fh FrameHeader, payload []byte) (Frame, error)
+type frameParser func(fc *frameCache, fh FrameHeader, countError func(string), payload []byte) (Frame, error)
 
 var frameParsers = map[FrameType]frameParser{
 	FrameData:         parseDataFrame,
@@ -267,6 +267,11 @@ type Framer struct {
 	lastFrame Frame
 	errDetail error
 
+	// countError is a non-nil func that's called on a frame parse
+	// error with some unique error path token. It's initialized
+	// from Transport.CountError or Server.CountError.
+	countError func(errToken string)
+
 	// lastHeaderStream is non-zero if the last frame was an
 	// unfinished HEADERS/CONTINUATION.
 	lastHeaderStream uint32
@@ -426,6 +431,7 @@ func NewFramer(w io.Writer, r io.Reader) *Framer {
 	fr := &Framer{
 		w:                 w,
 		r:                 r,
+		countError:        func(string) {},
 		logReads:          logFrameReads,
 		logWrites:         logFrameWrites,
 		debugReadLoggerf:  log.Printf,
@@ -500,7 +506,7 @@ func (fr *Framer) ReadFrame() (Frame, error) {
 	if _, err := io.ReadFull(fr.r, payload); err != nil {
 		return nil, err
 	}
-	f, err := typeFrameParser(fh.Type)(fr.frameCache, fh, payload)
+	f, err := typeFrameParser(fh.Type)(fr.frameCache, fh, fr.countError, payload)
 	if err != nil {
 		if ce, ok := err.(connError); ok {
 			return nil, fr.connError(ce.Code, ce.Reason)
@@ -588,13 +594,14 @@ func (f *DataFrame) Data() []byte {
 	return f.data
 }
 
-func parseDataFrame(fc *frameCache, fh FrameHeader, payload []byte) (Frame, error) {
+func parseDataFrame(fc *frameCache, fh FrameHeader, countError func(string), payload []byte) (Frame, error) {
 	if fh.StreamID == 0 {
 		// DATA frames MUST be associated with a stream. If a
 		// DATA frame is received whose stream identifier
 		// field is 0x0, the recipient MUST respond with a
 		// connection error (Section 5.4.1) of type
 		// PROTOCOL_ERROR.
+		countError("frame_data_stream_0")
 		return nil, connError{ErrCodeProtocol, "DATA frame with stream ID 0"}
 	}
 	f := fc.getDataFrame()
@@ -605,6 +612,7 @@ func parseDataFrame(fc *frameCache, fh FrameHeader, payload []byte) (Frame, erro
 		var err error
 		payload, padSize, err = readByte(payload)
 		if err != nil {
+			countError("frame_data_pad_byte_short")
 			return nil, err
 		}
 	}
@@ -613,6 +621,7 @@ func parseDataFrame(fc *frameCache, fh FrameHeader, payload []byte) (Frame, erro
 		// length of the frame payload, the recipient MUST
 		// treat this as a connection error.
 		// Filed: https://github.com/http2/http2-spec/issues/610
+		countError("frame_data_pad_too_big")
 		return nil, connError{ErrCodeProtocol, "pad size larger than data payload"}
 	}
 	f.data = payload[:len(payload)-int(padSize)]
@@ -695,7 +704,7 @@ type SettingsFrame struct {
 	p []byte
 }
 
-func parseSettingsFrame(_ *frameCache, fh FrameHeader, p []byte) (Frame, error) {
+func parseSettingsFrame(_ *frameCache, fh FrameHeader, countError func(string), p []byte) (Frame, error) {
 	if fh.Flags.Has(FlagSettingsAck) && fh.Length > 0 {
 		// When this (ACK 0x1) bit is set, the payload of the
 		// SETTINGS frame MUST be empty. Receipt of a
@@ -703,6 +712,7 @@ func parseSettingsFrame(_ *frameCache, fh FrameHeader, p []byte) (Frame, error)
 		// field value other than 0 MUST be treated as a
 		// connection error (Section 5.4.1) of type
 		// FRAME_SIZE_ERROR.
+		countError("frame_settings_ack_with_length")
 		return nil, ConnectionError(ErrCodeFrameSize)
 	}
 	if fh.StreamID != 0 {
@@ -713,14 +723,17 @@ func parseSettingsFrame(_ *frameCache, fh FrameHeader, p []byte) (Frame, error)
 		// field is anything other than 0x0, the endpoint MUST
 		// respond with a connection error (Section 5.4.1) of
 		// type PROTOCOL_ERROR.
+		countError("frame_settings_has_stream")
 		return nil, ConnectionError(ErrCodeProtocol)
 	}
 	if len(p)%6 != 0 {
+		countError("frame_settings_mod_6")
 		// Expecting even number of 6 byte settings.
 		return nil, ConnectionError(ErrCodeFrameSize)
 	}
 	f := &SettingsFrame{FrameHeader: fh, p: p}
 	if v, ok := f.Value(SettingInitialWindowSize); ok && v > (1<<31)-1 {
+		countError("frame_settings_window_size_too_big")
 		// Values above the maximum flow control window size of 2^31 - 1 MUST
 		// be treated as a connection error (Section 5.4.1) of type
 		// FLOW_CONTROL_ERROR.
@@ -832,11 +845,13 @@ type PingFrame struct {
 
 func (f *PingFrame) IsAck() bool { return f.Flags.Has(FlagPingAck) }
 
-func parsePingFrame(_ *frameCache, fh FrameHeader, payload []byte) (Frame, error) {
+func parsePingFrame(_ *frameCache, fh FrameHeader, countError func(string), payload []byte) (Frame, error) {
 	if len(payload) != 8 {
+		countError("frame_ping_length")
 		return nil, ConnectionError(ErrCodeFrameSize)
 	}
 	if fh.StreamID != 0 {
+		countError("frame_ping_has_stream")
 		return nil, ConnectionError(ErrCodeProtocol)
 	}
 	f := &PingFrame{FrameHeader: fh}
@@ -872,11 +887,13 @@ func (f *GoAwayFrame) DebugData() []byte {
 	return f.debugData
 }
 
-func parseGoAwayFrame(_ *frameCache, fh FrameHeader, p []byte) (Frame, error) {
+func parseGoAwayFrame(_ *frameCache, fh FrameHeader, countError func(string), p []byte) (Frame, error) {
 	if fh.StreamID != 0 {
+		countError("frame_goaway_has_stream")
 		return nil, ConnectionError(ErrCodeProtocol)
 	}
 	if len(p) < 8 {
+		countError("frame_goaway_short")
 		return nil, ConnectionError(ErrCodeFrameSize)
 	}
 	return &GoAwayFrame{
@@ -912,7 +929,7 @@ func (f *UnknownFrame) Payload() []byte {
 	return f.p
 }
 
-func parseUnknownFrame(_ *frameCache, fh FrameHeader, p []byte) (Frame, error) {
+func parseUnknownFrame(_ *frameCache, fh FrameHeader, countError func(string), p []byte) (Frame, error) {
 	return &UnknownFrame{fh, p}, nil
 }
 
@@ -923,8 +940,9 @@ type WindowUpdateFrame struct {
 	Increment uint32 // never read with high bit set
 }
 
-func parseWindowUpdateFrame(_ *frameCache, fh FrameHeader, p []byte) (Frame, error) {
+func parseWindowUpdateFrame(_ *frameCache, fh FrameHeader, countError func(string), p []byte) (Frame, error) {
 	if len(p) != 4 {
+		countError("frame_windowupdate_bad_len")
 		return nil, ConnectionError(ErrCodeFrameSize)
 	}
 	inc := binary.BigEndian.Uint32(p[:4]) & 0x7fffffff // mask off high reserved bit
@@ -936,8 +954,10 @@ func parseWindowUpdateFrame(_ *frameCache, fh FrameHeader, p []byte) (Frame, err
 		// control window MUST be treated as a connection
 		// error (Section 5.4.1).
 		if fh.StreamID == 0 {
+			countError("frame_windowupdate_zero_inc_conn")
 			return nil, ConnectionError(ErrCodeProtocol)
 		}
+		countError("frame_windowupdate_zero_inc_stream")
 		return nil, streamError(fh.StreamID, ErrCodeProtocol)
 	}
 	return &WindowUpdateFrame{
@@ -988,7 +1008,7 @@ func (f *HeadersFrame) HasPriority() bool {
 	return f.FrameHeader.Flags.Has(FlagHeadersPriority)
 }
 
-func parseHeadersFrame(_ *frameCache, fh FrameHeader, p []byte) (_ Frame, err error) {
+func parseHeadersFrame(_ *frameCache, fh FrameHeader, countError func(string), p []byte) (_ Frame, err error) {
 	hf := &HeadersFrame{
 		FrameHeader: fh,
 	}
@@ -997,11 +1017,13 @@ func parseHeadersFrame(_ *frameCache, fh FrameHeader, p []byte) (_ Frame, err er
 		// is received whose stream identifier field is 0x0, the recipient MUST
 		// respond with a connection error (Section 5.4.1) of type
 		// PROTOCOL_ERROR.
+		countError("frame_headers_zero_stream")
 		return nil, connError{ErrCodeProtocol, "HEADERS frame with stream ID 0"}
 	}
 	var padLength uint8
 	if fh.Flags.Has(FlagHeadersPadded) {
 		if p, padLength, err = readByte(p); err != nil {
+			countError("frame_headers_pad_short")
 			return
 		}
 	}
@@ -1009,16 +1031,19 @@ func parseHeadersFrame(_ *frameCache, fh FrameHeader, p []byte) (_ Frame, err er
 		var v uint32
 		p, v, err = readUint32(p)
 		if err != nil {
+			countError("frame_headers_prio_short")
 			return nil, err
 		}
 		hf.Priority.StreamDep = v & 0x7fffffff
 		hf.Priority.Exclusive = (v != hf.Priority.StreamDep) // high bit was set
 		p, hf.Priority.Weight, err = readByte(p)
 		if err != nil {
+			countError("frame_headers_prio_weight_short")
 			return nil, err
 		}
 	}
 	if len(p)-int(padLength) < 0 {
+		countError("frame_headers_pad_too_big")
 		return nil, streamError(fh.StreamID, ErrCodeProtocol)
 	}
 	hf.headerFragBuf = p[:len(p)-int(padLength)]
@@ -1125,11 +1150,13 @@ func (p PriorityParam) IsZero() bool {
 	return p == PriorityParam{}
 }
 
-func parsePriorityFrame(_ *frameCache, fh FrameHeader, payload []byte) (Frame, error) {
+func parsePriorityFrame(_ *frameCache, fh FrameHeader, countError func(string), payload []byte) (Frame, error) {
 	if fh.StreamID == 0 {
+		countError("frame_priority_zero_stream")
 		return nil, connError{ErrCodeProtocol, "PRIORITY frame with stream ID 0"}
 	}
 	if len(payload) != 5 {
+		countError("frame_priority_bad_length")
 		return nil, connError{ErrCodeFrameSize, fmt.Sprintf("PRIORITY frame payload size was %d; want 5", len(payload))}
 	}
 	v := binary.BigEndian.Uint32(payload[:4])
@@ -1172,11 +1199,13 @@ type RSTStreamFrame struct {
 	ErrCode ErrCode
 }
 
-func parseRSTStreamFrame(_ *frameCache, fh FrameHeader, p []byte) (Frame, error) {
+func parseRSTStreamFrame(_ *frameCache, fh FrameHeader, countError func(string), p []byte) (Frame, error) {
 	if len(p) != 4 {
+		countError("frame_rststream_bad_len")
 		return nil, ConnectionError(ErrCodeFrameSize)
 	}
 	if fh.StreamID == 0 {
+		countError("frame_rststream_zero_stream")
 		return nil, ConnectionError(ErrCodeProtocol)
 	}
 	return &RSTStreamFrame{fh, ErrCode(binary.BigEndian.Uint32(p[:4]))}, nil
@@ -1202,8 +1231,9 @@ type ContinuationFrame struct {
 	headerFragBuf []byte
 }
 
-func parseContinuationFrame(_ *frameCache, fh FrameHeader, p []byte) (Frame, error) {
+func parseContinuationFrame(_ *frameCache, fh FrameHeader, countError func(string), p []byte) (Frame, error) {
 	if fh.StreamID == 0 {
+		countError("frame_continuation_zero_stream")
 		return nil, connError{ErrCodeProtocol, "CONTINUATION frame with stream ID 0"}
 	}
 	return &ContinuationFrame{fh, p}, nil
@@ -1252,7 +1282,7 @@ func (f *PushPromiseFrame) HeadersEnded() bool {
 	return f.FrameHeader.Flags.Has(FlagPushPromiseEndHeaders)
 }
 
-func parsePushPromise(_ *frameCache, fh FrameHeader, p []byte) (_ Frame, err error) {
+func parsePushPromise(_ *frameCache, fh FrameHeader, countError func(string), p []byte) (_ Frame, err error) {
 	pp := &PushPromiseFrame{
 		FrameHeader: fh,
 	}
@@ -1263,6 +1293,7 @@ func parsePushPromise(_ *frameCache, fh FrameHeader, p []byte) (_ Frame, err err
 		// with. If the stream identifier field specifies the value
 		// 0x0, a recipient MUST respond with a connection error
 		// (Section 5.4.1) of type PROTOCOL_ERROR.
+		countError("frame_pushpromise_zero_stream")
 		return nil, ConnectionError(ErrCodeProtocol)
 	}
 	// The PUSH_PROMISE frame includes optional padding.
@@ -1270,18 +1301,21 @@ func parsePushPromise(_ *frameCache, fh FrameHeader, p []byte) (_ Frame, err err
 	var padLength uint8
 	if fh.Flags.Has(FlagPushPromisePadded) {
 		if p, padLength, err = readByte(p); err != nil {
+			countError("frame_pushpromise_pad_short")
 			return
 		}
 	}
 
 	p, pp.PromiseID, err = readUint32(p)
 	if err != nil {
+		countError("frame_pushpromise_promiseid_short")
 		return
 	}
 	pp.PromiseID = pp.PromiseID & (1<<31 - 1)
 
 	if int(padLength) > len(p) {
 		// like the DATA frame, error out if padding is longer than the body.
+		countError("frame_pushpromise_pad_too_big")
 		return nil, ConnectionError(ErrCodeProtocol)
 	}
 	pp.headerFragBuf = p[:len(p)-int(padLength)]
diff --git a/vendor/golang.org/x/net/http2/hpack/huffman.go b/vendor/golang.org/x/net/http2/hpack/huffman.go
index a1ab2f05679..fe0b84ccd46 100644
--- a/vendor/golang.org/x/net/http2/hpack/huffman.go
+++ b/vendor/golang.org/x/net/http2/hpack/huffman.go
@@ -140,25 +140,29 @@ func buildRootHuffmanNode() {
 		panic("unexpected size")
 	}
 	lazyRootHuffmanNode = newInternalNode()
-	for i, code := range huffmanCodes {
-		addDecoderNode(byte(i), code, huffmanCodeLen[i])
-	}
-}
+	// allocate a leaf node for each of the 256 symbols
+	leaves := new([256]node)
+
+	for sym, code := range huffmanCodes {
+		codeLen := huffmanCodeLen[sym]
+
+		cur := lazyRootHuffmanNode
+		for codeLen > 8 {
+			codeLen -= 8
+			i := uint8(code >> codeLen)
+			if cur.children[i] == nil {
+				cur.children[i] = newInternalNode()
+			}
+			cur = cur.children[i]
+		}
+		shift := 8 - codeLen
+		start, end := int(uint8(code<<shift)), int(1<<shift)
 
-func addDecoderNode(sym byte, code uint32, codeLen uint8) {
-	cur := lazyRootHuffmanNode
-	for codeLen > 8 {
-		codeLen -= 8
-		i := uint8(code >> codeLen)
-		if cur.children[i] == nil {
-			cur.children[i] = newInternalNode()
+		leaves[sym].sym = byte(sym)
+		leaves[sym].codeLen = codeLen
+		for i := start; i < start+end; i++ {
+			cur.children[i] = &leaves[sym]
 		}
-		cur = cur.children[i]
-	}
-	shift := 8 - codeLen
-	start, end := int(uint8(code<<shift)), int(1<<shift)
-	for i := start; i < start+end; i++ {
-		cur.children[i] = &node{sym: sym, codeLen: codeLen}
 	}
 }
 
diff --git a/vendor/golang.org/x/net/http2/pipe.go b/vendor/golang.org/x/net/http2/pipe.go
index 2a5399ec4a0..c15b8a7719b 100644
--- a/vendor/golang.org/x/net/http2/pipe.go
+++ b/vendor/golang.org/x/net/http2/pipe.go
@@ -30,6 +30,17 @@ type pipeBuffer interface {
 	io.Reader
 }
 
+// setBuffer initializes the pipe buffer.
+// It has no effect if the pipe is already closed.
+func (p *pipe) setBuffer(b pipeBuffer) {
+	p.mu.Lock()
+	defer p.mu.Unlock()
+	if p.err != nil || p.breakErr != nil {
+		return
+	}
+	p.b = b
+}
+
 func (p *pipe) Len() int {
 	p.mu.Lock()
 	defer p.mu.Unlock()
diff --git a/vendor/golang.org/x/net/http2/server.go b/vendor/golang.org/x/net/http2/server.go
index d986655c609..c67e9b7f555 100644
--- a/vendor/golang.org/x/net/http2/server.go
+++ b/vendor/golang.org/x/net/http2/server.go
@@ -411,6 +411,9 @@ func (s *Server) ServeConn(c net.Conn, opts *ServeConnOpts) {
 	sc.hpackEncoder = hpack.NewEncoder(&sc.headerWriteBuf)
 
 	fr := NewFramer(sc.bw, c)
+	if s.CountError != nil {
+		fr.countError = s.CountError
+	}
 	fr.ReadMetaHeaders = hpack.NewDecoder(initialHeaderTableSize, nil)
 	fr.MaxHeaderListSize = sc.maxHeaderListSize()
 	fr.SetMaxReadFrameSize(s.maxReadFrameSize())
@@ -2006,7 +2009,7 @@ func (sc *serverConn) newWriterAndRequest(st *stream, f *MetaHeadersFrame) (*res
 	isConnect := rp.method == "CONNECT"
 	if isConnect {
 		if rp.path != "" || rp.scheme != "" || rp.authority == "" {
-			return nil, nil, streamError(f.StreamID, ErrCodeProtocol)
+			return nil, nil, sc.countError("bad_connect", streamError(f.StreamID, ErrCodeProtocol))
 		}
 	} else if rp.method == "" || rp.path == "" || (rp.scheme != "https" && rp.scheme != "http") {
 		// See 8.1.2.6 Malformed Requests and Responses:
diff --git a/vendor/golang.org/x/net/http2/transport.go b/vendor/golang.org/x/net/http2/transport.go
index dc4bdde83f5..581999bed20 100644
--- a/vendor/golang.org/x/net/http2/transport.go
+++ b/vendor/golang.org/x/net/http2/transport.go
@@ -24,6 +24,7 @@ import (
 	"net/http"
 	"net/http/httptrace"
 	"net/textproto"
+	"os"
 	"sort"
 	"strconv"
 	"strings"
@@ -130,6 +131,11 @@ type Transport struct {
 	// Defaults to 15s.
 	PingTimeout time.Duration
 
+	// WriteByteTimeout is the timeout after which the connection will be
+	// closed no data can be written to it. The timeout begins when data is
+	// available to write, and is extended whenever any bytes are written.
+	WriteByteTimeout time.Duration
+
 	// CountError, if non-nil, is called on HTTP/2 transport errors.
 	// It's intended to increment a metric for monitoring, such
 	// as an expvar or Prometheus metric.
@@ -242,11 +248,12 @@ func (t *Transport) initConnPool() {
 // ClientConn is the state of a single HTTP/2 client connection to an
 // HTTP/2 server.
 type ClientConn struct {
-	t         *Transport
-	tconn     net.Conn             // usually *tls.Conn, except specialized impls
-	tlsState  *tls.ConnectionState // nil only for specialized impls
-	reused    uint32               // whether conn is being reused; atomic
-	singleUse bool                 // whether being used for a single http.Request
+	t             *Transport
+	tconn         net.Conn             // usually *tls.Conn, except specialized impls
+	tlsState      *tls.ConnectionState // nil only for specialized impls
+	reused        uint32               // whether conn is being reused; atomic
+	singleUse     bool                 // whether being used for a single http.Request
+	getConnCalled bool                 // used by clientConnPool
 
 	// readLoop goroutine fields:
 	readerDone chan struct{} // closed on error
@@ -267,6 +274,7 @@ type ClientConn struct {
 	goAway          *GoAwayFrame             // if non-nil, the GoAwayFrame we received
 	goAwayDebug     string                   // goAway frame's debug data, retained as a string
 	streams         map[uint32]*clientStream // client-initiated
+	streamsReserved int                      // incr by ReserveNewRequest; decr on RoundTrip
 	nextStreamID    uint32
 	pendingRequests int                       // requests blocked and waiting to be sent because len(streams) == maxConcurrentStreams
 	pings           map[[8]byte]chan struct{} // in flight ping data to notification channel
@@ -298,56 +306,54 @@ type ClientConn struct {
 // clientStream is the state for a single HTTP/2 stream. One of these
 // is created for each Transport.RoundTrip call.
 type clientStream struct {
-	cc            *ClientConn
-	req           *http.Request
+	cc *ClientConn
+
+	// Fields of Request that we may access even after the response body is closed.
+	ctx       context.Context
+	reqCancel <-chan struct{}
+
 	trace         *httptrace.ClientTrace // or nil
 	ID            uint32
-	resc          chan resAndError
 	bufPipe       pipe // buffered pipe with the flow-controlled response payload
-	startedWrite  bool // started request body write; guarded by cc.mu
 	requestedGzip bool
-	on100         func() // optional code to run if get a 100 continue response
+	isHead        bool
+
+	abortOnce sync.Once
+	abort     chan struct{} // closed to signal stream should end immediately
+	abortErr  error         // set if abort is closed
+
+	peerClosed chan struct{} // closed when the peer sends an END_STREAM flag
+	donec      chan struct{} // closed after the stream is in the closed state
+	on100      chan struct{} // buffered; written to if a 100 is received
+
+	respHeaderRecv chan struct{}  // closed when headers are received
+	res            *http.Response // set if respHeaderRecv is closed
 
 	flow        flow  // guarded by cc.mu
 	inflow      flow  // guarded by cc.mu
 	bytesRemain int64 // -1 means unknown; owned by transportResponseBody.Read
 	readErr     error // sticky read error; owned by transportResponseBody.Read
-	stopReqBody error // if non-nil, stop writing req body; guarded by cc.mu
-	didReset    bool  // whether we sent a RST_STREAM to the server; guarded by cc.mu
 
-	peerReset chan struct{} // closed on peer reset
-	resetErr  error         // populated before peerReset is closed
+	reqBody              io.ReadCloser
+	reqBodyContentLength int64 // -1 means unknown
+	reqBodyClosed        bool  // body has been closed; guarded by cc.mu
 
-	done chan struct{} // closed when stream remove from cc.streams map; close calls guarded by cc.mu
+	// owned by writeRequest:
+	sentEndStream bool // sent an END_STREAM flag to the peer
+	sentHeaders   bool
 
 	// owned by clientConnReadLoop:
 	firstByte    bool  // got the first response byte
 	pastHeaders  bool  // got first MetaHeadersFrame (actual headers)
 	pastTrailers bool  // got optional second MetaHeadersFrame (trailers)
 	num1xx       uint8 // number of 1xx responses seen
+	readClosed   bool  // peer sent an END_STREAM flag
+	readAborted  bool  // read loop reset the stream
 
 	trailer    http.Header  // accumulated trailers
 	resTrailer *http.Header // client's Response.Trailer
 }
 
-// awaitRequestCancel waits for the user to cancel a request or for the done
-// channel to be signaled. A non-nil error is returned only if the request was
-// canceled.
-func awaitRequestCancel(req *http.Request, done <-chan struct{}) error {
-	ctx := req.Context()
-	if req.Cancel == nil && ctx.Done() == nil {
-		return nil
-	}
-	select {
-	case <-req.Cancel:
-		return errRequestCanceled
-	case <-ctx.Done():
-		return ctx.Err()
-	case <-done:
-		return nil
-	}
-}
-
 var got1xxFuncForTests func(int, textproto.MIMEHeader) error
 
 // get1xxTraceFunc returns the value of request's httptrace.ClientTrace.Got1xxResponse func,
@@ -359,79 +365,65 @@ func (cs *clientStream) get1xxTraceFunc() func(int, textproto.MIMEHeader) error
 	return traceGot1xxResponseFunc(cs.trace)
 }
 
-// awaitRequestCancel waits for the user to cancel a request, its context to
-// expire, or for the request to be done (any way it might be removed from the
-// cc.streams map: peer reset, successful completion, TCP connection breakage,
-// etc). If the request is canceled, then cs will be canceled and closed.
-func (cs *clientStream) awaitRequestCancel(req *http.Request) {
-	if err := awaitRequestCancel(req, cs.done); err != nil {
-		cs.cancelStream()
-		cs.bufPipe.CloseWithError(err)
-	}
+func (cs *clientStream) abortStream(err error) {
+	cs.cc.mu.Lock()
+	defer cs.cc.mu.Unlock()
+	cs.abortStreamLocked(err)
 }
 
-func (cs *clientStream) cancelStream() {
-	cc := cs.cc
-	cc.mu.Lock()
-	didReset := cs.didReset
-	cs.didReset = true
-	cc.mu.Unlock()
-
-	if !didReset {
-		cc.writeStreamReset(cs.ID, ErrCodeCancel, nil)
-		cc.forgetStreamID(cs.ID)
+func (cs *clientStream) abortStreamLocked(err error) {
+	cs.abortOnce.Do(func() {
+		cs.abortErr = err
+		close(cs.abort)
+	})
+	if cs.reqBody != nil && !cs.reqBodyClosed {
+		cs.reqBody.Close()
+		cs.reqBodyClosed = true
 	}
-}
-
-// checkResetOrDone reports any error sent in a RST_STREAM frame by the
-// server, or errStreamClosed if the stream is complete.
-func (cs *clientStream) checkResetOrDone() error {
-	select {
-	case <-cs.peerReset:
-		return cs.resetErr
-	case <-cs.done:
-		return errStreamClosed
-	default:
-		return nil
+	// TODO(dneil): Clean up tests where cs.cc.cond is nil.
+	if cs.cc.cond != nil {
+		// Wake up writeRequestBody if it is waiting on flow control.
+		cs.cc.cond.Broadcast()
 	}
 }
 
-func (cs *clientStream) getStartedWrite() bool {
+func (cs *clientStream) abortRequestBodyWrite() {
 	cc := cs.cc
 	cc.mu.Lock()
 	defer cc.mu.Unlock()
-	return cs.startedWrite
-}
-
-func (cs *clientStream) abortRequestBodyWrite(err error) {
-	if err == nil {
-		panic("nil error")
-	}
-	cc := cs.cc
-	cc.mu.Lock()
-	if cs.stopReqBody == nil {
-		cs.stopReqBody = err
+	if cs.reqBody != nil && !cs.reqBodyClosed {
+		cs.reqBody.Close()
+		cs.reqBodyClosed = true
 		cc.cond.Broadcast()
-		// Close the body after releasing the mutex, in case it blocks.
-		if body := cs.req.Body; body != nil {
-			defer body.Close()
-		}
 	}
-	cc.mu.Unlock()
 }
 
 type stickyErrWriter struct {
-	w   io.Writer
-	err *error
+	conn    net.Conn
+	timeout time.Duration
+	err     *error
 }
 
 func (sew stickyErrWriter) Write(p []byte) (n int, err error) {
 	if *sew.err != nil {
 		return 0, *sew.err
 	}
-	n, err = sew.w.Write(p)
-	*sew.err = err
-	return
+	for {
+		if sew.timeout != 0 {
+			sew.conn.SetWriteDeadline(time.Now().Add(sew.timeout))
+		}
+		nn, err := sew.conn.Write(p[n:])
+		n += nn
+		if n < len(p) && nn > 0 && errors.Is(err, os.ErrDeadlineExceeded) {
+			// Keep extending the deadline so long as we're making progress.
+			continue
+		}
+		if sew.timeout != 0 {
+			sew.conn.SetWriteDeadline(time.Time{})
+		}
+		*sew.err = err
+		return n, err
+	}
 }
 
 // noCachedConnError is the concrete type of ErrNoCachedConn, which
@@ -504,10 +496,9 @@ func (t *Transport) RoundTripOpt(req *http.Request, opt RoundTripOpt) (*http.Res
 		}
 		reused := !atomic.CompareAndSwapUint32(&cc.reused, 0, 1)
 		traceGotConn(req, cc, reused)
-		body := req.Body
-		res, gotErrAfterReqBodyWrite, err := cc.roundTrip(req)
+		res, err := cc.RoundTrip(req)
 		if err != nil && retry <= 6 {
-			if req, err = shouldRetryRequest(req, err, gotErrAfterReqBodyWrite); err == nil {
+			if req, err = shouldRetryRequest(req, err); err == nil {
 				// After the first retry, do exponential backoff with 10% jitter.
 				if retry == 0 {
 					continue
@@ -524,11 +515,6 @@ func (t *Transport) RoundTripOpt(req *http.Request, opt RoundTripOpt) (*http.Res
 		}
 		if err != nil {
 			t.vlogf("RoundTrip failure: %v", err)
-			// If the error occurred after the body write started,
-			// the body writer will close the body. Otherwise, do so here.
-			if body != nil && !gotErrAfterReqBodyWrite {
-				body.Close()
-			}
 			return nil, err
 		}
 		return res, nil
@@ -554,7 +540,7 @@ var (
 // response headers. It is always called with a non-nil error.
 // It returns either a request to retry (either the same request, or a
 // modified clone), or an error if the request can't be replayed.
-func shouldRetryRequest(req *http.Request, err error, afterBodyWrite bool) (*http.Request, error) {
+func shouldRetryRequest(req *http.Request, err error) (*http.Request, error) {
 	if !canRetryError(err) {
 		return nil, err
 	}
@@ -567,7 +553,6 @@ func shouldRetryRequest(req *http.Request, err error, afterBodyWrite bool) (*htt
 	// If the request body can be reset back to its original
 	// state via the optional req.GetBody, do that.
 	if req.GetBody != nil {
-		req.Body.Close()
 		body, err := req.GetBody()
 		if err != nil {
 			return nil, err
@@ -579,10 +564,8 @@ func shouldRetryRequest(req *http.Request, err error, afterBodyWrite bool) (*htt
 
 	// The Request.Body can't reset back to the beginning, but we
 	// don't seem to have started to read from it yet, so reuse
-	// the request directly. The "afterBodyWrite" means the
-	// bodyWrite process has started, which becomes true before
-	// the first Read.
-	if !afterBodyWrite {
+	// the request directly.
+	if err == errClientConnUnusable {
 		return req, nil
 	}
 
@@ -695,9 +678,16 @@ func (t *Transport) newClientConn(c net.Conn, singleUse bool) (*ClientConn, erro
 
 	// TODO: adjust this writer size to account for frame size +
 	// MTU + crypto/tls record padding.
-	cc.bw = bufio.NewWriter(stickyErrWriter{c, &cc.werr})
+	cc.bw = bufio.NewWriter(stickyErrWriter{
+		conn:    c,
+		timeout: t.WriteByteTimeout,
+		err:     &cc.werr,
+	})
 	cc.br = bufio.NewReader(c)
 	cc.fr = NewFramer(cc.bw, cc.br)
+	if t.CountError != nil {
+		cc.fr.countError = t.CountError
+	}
 	cc.fr.ReadMetaHeaders = hpack.NewDecoder(initialHeaderTableSize, nil)
 	cc.fr.MaxHeaderListSize = t.maxHeaderListSize()
 
@@ -774,27 +764,94 @@ func (cc *ClientConn) setGoAway(f *GoAwayFrame) {
 	last := f.LastStreamID
 	for streamID, cs := range cc.streams {
 		if streamID > last {
-			select {
-			case cs.resc <- resAndError{err: errClientConnGotGoAway}:
-			default:
-			}
+			cs.abortStreamLocked(errClientConnGotGoAway)
 		}
 	}
 }
 
 // CanTakeNewRequest reports whether the connection can take a new request,
 // meaning it has not been closed or received or sent a GOAWAY.
+//
+// If the caller is going to immediately make a new request on this
+// connection, use ReserveNewRequest instead.
 func (cc *ClientConn) CanTakeNewRequest() bool {
 	cc.mu.Lock()
 	defer cc.mu.Unlock()
 	return cc.canTakeNewRequestLocked()
 }
 
+// ReserveNewRequest is like CanTakeNewRequest but also reserves a
+// concurrent stream in cc. The reservation is decremented on the
+// next call to RoundTrip.
+func (cc *ClientConn) ReserveNewRequest() bool {
+	cc.mu.Lock()
+	defer cc.mu.Unlock()
+	if st := cc.idleStateLocked(); !st.canTakeNewRequest {
+		return false
+	}
+	cc.streamsReserved++
+	return true
+}
+
+// ClientConnState describes the state of a ClientConn.
+type ClientConnState struct {
+	// Closed is whether the connection is closed.
+	Closed bool
+
+	// Closing is whether the connection is in the process of
+	// closing. It may be closing due to shutdown, being a
+	// single-use connection, being marked as DoNotReuse, or
+	// having received a GOAWAY frame.
+	Closing bool
+
+	// StreamsActive is how many streams are active.
+	StreamsActive int
+
+	// StreamsReserved is how many streams have been reserved via
+	// ClientConn.ReserveNewRequest.
+	StreamsReserved int
+
+	// StreamsPending is how many requests have been sent in excess
+	// of the peer's advertised MaxConcurrentStreams setting and
+	// are waiting for other streams to complete.
+	StreamsPending int
+
+	// MaxConcurrentStreams is how many concurrent streams the
+	// peer advertised as acceptable. Zero means no SETTINGS
+	// frame has been received yet.
+	MaxConcurrentStreams uint32
+
+	// LastIdle, if non-zero, is when the connection last
+	// transitioned to idle state.
+	LastIdle time.Time
+}
+
+// State returns a snapshot of cc's state.
+func (cc *ClientConn) State() ClientConnState {
+	cc.wmu.Lock()
+	maxConcurrent := cc.maxConcurrentStreams
+	if !cc.seenSettings {
+		maxConcurrent = 0
+	}
+	cc.wmu.Unlock()
+
+	cc.mu.Lock()
+	defer cc.mu.Unlock()
+	return ClientConnState{
+		Closed:               cc.closed,
+		Closing:              cc.closing || cc.singleUse || cc.doNotReuse || cc.goAway != nil,
+		StreamsActive:        len(cc.streams),
+		StreamsReserved:      cc.streamsReserved,
+		StreamsPending:       cc.pendingRequests,
+		LastIdle:             cc.lastIdle,
+		MaxConcurrentStreams: maxConcurrent,
+	}
+}
+
 // clientConnIdleState describes the suitability of a client
 // connection to initiate a new RoundTrip request.
 type clientConnIdleState struct {
 	canTakeNewRequest bool
-	freshConn         bool // whether it's unused by any previous request
 }
 
 func (cc *ClientConn) idleState() clientConnIdleState {
@@ -815,14 +872,13 @@ func (cc *ClientConn) idleStateLocked() (st clientConnIdleState) {
 		// writing it.
 		maxConcurrentOkay = true
 	} else {
-		maxConcurrentOkay = int64(len(cc.streams)+1) <= int64(cc.maxConcurrentStreams)
+		maxConcurrentOkay = int64(len(cc.streams)+cc.streamsReserved+1) <= int64(cc.maxConcurrentStreams)
 	}
 
 	st.canTakeNewRequest = cc.goAway == nil && !cc.closed && !cc.closing && maxConcurrentOkay &&
 		!cc.doNotReuse &&
 		int64(cc.nextStreamID)+2*int64(cc.pendingRequests) < math.MaxInt32 &&
 		!cc.tooIdleLocked()
-	st.freshConn = cc.nextStreamID == 1 && st.canTakeNewRequest
 	return
 }
 
@@ -853,7 +909,7 @@ func (cc *ClientConn) onIdleTimeout() {
 
 func (cc *ClientConn) closeIfIdle() {
 	cc.mu.Lock()
-	if len(cc.streams) > 0 {
+	if len(cc.streams) > 0 || cc.streamsReserved > 0 {
 		cc.mu.Unlock()
 		return
 	}
@@ -868,9 +924,15 @@ func (cc *ClientConn) closeIfIdle() {
 	cc.tconn.Close()
 }
 
+func (cc *ClientConn) isDoNotReuseAndIdle() bool {
+	cc.mu.Lock()
+	defer cc.mu.Unlock()
+	return cc.doNotReuse && len(cc.streams) == 0
+}
+
 var shutdownEnterWaitStateHook = func() {}
 
-// Shutdown gracefully close the client connection, waiting for running streams to complete.
+// Shutdown gracefully closes the client connection, waiting for running streams to complete.
 func (cc *ClientConn) Shutdown(ctx context.Context) error {
 	if err := cc.sendGoAway(); err != nil {
 		return err
@@ -935,20 +997,10 @@ func (cc *ClientConn) sendGoAway() error {
 // err is sent to streams.
 func (cc *ClientConn) closeForError(err error) error {
 	cc.mu.Lock()
-	streams := cc.streams
-	cc.streams = nil
 	cc.closed = true
-	cc.mu.Unlock()
-
-	for _, cs := range streams {
-		select {
-		case cs.resc <- resAndError{err: err}:
-		default:
-		}
-		cs.bufPipe.CloseWithError(err)
+	for _, cs := range cc.streams {
+		cs.abortStreamLocked(err)
 	}
-
-	cc.mu.Lock()
 	defer cc.cond.Broadcast()
 	defer cc.mu.Unlock()
 	return cc.tconn.Close()
@@ -1032,62 +1084,158 @@ func actualContentLength(req *http.Request) int64 {
 	return -1
 }
 
-func (cc *ClientConn) RoundTrip(req *http.Request) (*http.Response, error) {
-	resp, _, err := cc.roundTrip(req)
-	return resp, err
+func (cc *ClientConn) decrStreamReservations() {
+	cc.mu.Lock()
+	defer cc.mu.Unlock()
+	cc.decrStreamReservationsLocked()
+}
+
+func (cc *ClientConn) decrStreamReservationsLocked() {
+	if cc.streamsReserved > 0 {
+		cc.streamsReserved--
+	}
 }
 
-func (cc *ClientConn) roundTrip(req *http.Request) (res *http.Response, gotErrAfterReqBodyWrite bool, err error) {
+func (cc *ClientConn) RoundTrip(req *http.Request) (*http.Response, error) {
 	ctx := req.Context()
-	if err := checkConnHeaders(req); err != nil {
-		return nil, false, err
+	cs := &clientStream{
+		cc:                   cc,
+		ctx:                  ctx,
+		reqCancel:            req.Cancel,
+		isHead:               req.Method == "HEAD",
+		reqBody:              req.Body,
+		reqBodyContentLength: actualContentLength(req),
+		trace:                httptrace.ContextClientTrace(ctx),
+		peerClosed:           make(chan struct{}),
+		abort:                make(chan struct{}),
+		respHeaderRecv:       make(chan struct{}),
+		donec:                make(chan struct{}),
+	}
+	go cs.doRequest(req)
+
+	waitDone := func() error {
+		select {
+		case <-cs.donec:
+			return nil
+		case <-ctx.Done():
+			return ctx.Err()
+		case <-cs.reqCancel:
+			return errRequestCanceled
+		}
 	}
-	if cc.idleTimer != nil {
-		cc.idleTimer.Stop()
+
+	handleResponseHeaders := func() (*http.Response, error) {
+		res := cs.res
+		if res.StatusCode > 299 {
+			// On error or status code 3xx, 4xx, 5xx, etc abort any
+			// ongoing write, assuming that the server doesn't care
+			// about our request body. If the server replied with 1xx or
+			// 2xx, however, then assume the server DOES potentially
+			// want our body (e.g. full-duplex streaming:
+			// golang.org/issue/13444). If it turns out the server
+			// doesn't, they'll RST_STREAM us soon enough. This is a
+			// heuristic to avoid adding knobs to Transport. Hopefully
+			// we can keep it.
+			cs.abortRequestBodyWrite()
+		}
+		res.Request = req
+		res.TLS = cc.tlsState
+		if res.Body == noBody && actualContentLength(req) == 0 {
+			// If there isn't a request or response body still being
+			// written, then wait for the stream to be closed before
+			// RoundTrip returns.
+			if err := waitDone(); err != nil {
+				return nil, err
+			}
+		}
+		return res, nil
 	}
 
-	trailers, err := commaSeparatedTrailers(req)
-	if err != nil {
-		return nil, false, err
+	for {
+		select {
+		case <-cs.respHeaderRecv:
+			return handleResponseHeaders()
+		case <-cs.abort:
+			select {
+			case <-cs.respHeaderRecv:
+				// If both cs.respHeaderRecv and cs.abort are signaling,
+				// pick respHeaderRecv. The server probably wrote the
+				// response and immediately reset the stream.
+				// golang.org/issue/49645
+				return handleResponseHeaders()
+			default:
+				waitDone()
+				return nil, cs.abortErr
+			}
+		case <-ctx.Done():
+			err := ctx.Err()
+			cs.abortStream(err)
+			return nil, err
+		case <-cs.reqCancel:
+			cs.abortStream(errRequestCanceled)
+			return nil, errRequestCanceled
+		}
+	}
+}
+
+// doRequest runs for the duration of the request lifetime.
+//
+// It sends the request and performs post-request cleanup (closing Request.Body, etc.).
+func (cs *clientStream) doRequest(req *http.Request) {
+	err := cs.writeRequest(req)
+	cs.cleanupWriteRequest(err)
+}
+
+// writeRequest sends a request.
+//
+// It returns nil after the request is written, the response read,
+// and the request stream is half-closed by the peer.
+//
+// It returns non-nil if the request ends otherwise.
+// If the returned error is StreamError, the error Code may be used in resetting the stream.
+func (cs *clientStream) writeRequest(req *http.Request) (err error) {
+	cc := cs.cc
+	ctx := cs.ctx
+
+	if err := checkConnHeaders(req); err != nil {
+		return err
 	}
-	hasTrailers := trailers != ""
 
 	// Acquire the new-request lock by writing to reqHeaderMu.
 	// This lock guards the critical section covering allocating a new stream ID
 	// (requires mu) and creating the stream (requires wmu).
 	if cc.reqHeaderMu == nil {
-		panic("RoundTrip on initialized ClientConn") // for tests
+		panic("RoundTrip on uninitialized ClientConn") // for tests
 	}
 	select {
 	case cc.reqHeaderMu <- struct{}{}:
-	case <-req.Cancel:
-		return nil, false, errRequestCanceled
+	case <-cs.reqCancel:
+		return errRequestCanceled
 	case <-ctx.Done():
-		return nil, false, ctx.Err()
+		return ctx.Err()
 	}
-	reqHeaderMuNeedsUnlock := true
-	defer func() {
-		if reqHeaderMuNeedsUnlock {
-			<-cc.reqHeaderMu
-		}
-	}()
 
 	cc.mu.Lock()
-	if err := cc.awaitOpenSlotForRequest(req); err != nil {
+	if cc.idleTimer != nil {
+		cc.idleTimer.Stop()
+	}
+	cc.decrStreamReservationsLocked()
+	if err := cc.awaitOpenSlotForStreamLocked(cs); err != nil {
 		cc.mu.Unlock()
-		return nil, false, err
+		<-cc.reqHeaderMu
+		return err
 	}
-
-	body := req.Body
-	contentLen := actualContentLength(req)
-	hasBody := contentLen != 0
+	cc.addStreamLocked(cs) // assigns stream ID
+	if isConnectionCloseRequest(req) {
+		cc.doNotReuse = true
+	}
+	cc.mu.Unlock()
 
 	// TODO(bradfitz): this is a copy of the logic in net/http. Unify somewhere?
-	var requestedGzip bool
 	if !cc.t.disableCompression() &&
 		req.Header.Get("Accept-Encoding") == "" &&
 		req.Header.Get("Range") == "" &&
-		req.Method != "HEAD" {
+		!cs.isHead {
 		// Request gzip only, not deflate. Deflate is ambiguous and
 		// not as universally supported anyway.
 		// See: https://zlib.net/zlib_faq.html#faq39
@@ -1100,185 +1248,224 @@ func (cc *ClientConn) roundTrip(req *http.Request) (res *http.Response, gotErrAf
 		// We don't request gzip if the request is for a range, since
 		// auto-decoding a portion of a gzipped document will just fail
 		// anyway. See https://golang.org/issue/8923
-		requestedGzip = true
+		cs.requestedGzip = true
 	}
 
-	cs := cc.newStream()
-	cs.req = req
-	cs.trace = httptrace.ContextClientTrace(req.Context())
-	cs.requestedGzip = requestedGzip
-	bodyWriter := cc.t.getBodyWriterState(cs, body)
-	cs.on100 = bodyWriter.on100
-	cc.mu.Unlock()
+	continueTimeout := cc.t.expectContinueTimeout()
+	if continueTimeout != 0 &&
+		!httpguts.HeaderValuesContainsToken(
+			req.Header["Expect"],
+			"100-continue") {
+		continueTimeout = 0
+		cs.on100 = make(chan struct{}, 1)
+	}
+
+	// Past this point (where we send request headers), it is possible for
+	// RoundTrip to return successfully. Since the RoundTrip contract permits
+	// the caller to "mutate or reuse" the Request after closing the Response's Body,
+	// we must take care when referencing the Request from here on.
+	err = cs.encodeAndWriteHeaders(req)
+	<-cc.reqHeaderMu
+	if err != nil {
+		return err
+	}
 
+	hasBody := cs.reqBodyContentLength != 0
+	if !hasBody {
+		cs.sentEndStream = true
+	} else {
+		if continueTimeout != 0 {
+			traceWait100Continue(cs.trace)
+			timer := time.NewTimer(continueTimeout)
+			select {
+			case <-timer.C:
+				err = nil
+			case <-cs.on100:
+				err = nil
+			case <-cs.abort:
+				err = cs.abortErr
+			case <-ctx.Done():
+				err = ctx.Err()
+			case <-cs.reqCancel:
+				err = errRequestCanceled
+			}
+			timer.Stop()
+			if err != nil {
+				traceWroteRequest(cs.trace, err)
+				return err
+			}
+		}
+
+		if err = cs.writeRequestBody(req); err != nil {
+			if err != errStopReqBodyWrite {
+				traceWroteRequest(cs.trace, err)
+				return err
+			}
+		} else {
+			cs.sentEndStream = true
+		}
+	}
+
+	traceWroteRequest(cs.trace, err)
+
+	var respHeaderTimer <-chan time.Time
+	var respHeaderRecv chan struct{}
+	if d := cc.responseHeaderTimeout(); d != 0 {
+		timer := time.NewTimer(d)
+		defer timer.Stop()
+		respHeaderTimer = timer.C
+		respHeaderRecv = cs.respHeaderRecv
+	}
+	// Wait until the peer half-closes its end of the stream,
+	// or until the request is aborted (via context, error, or otherwise),
+	// whichever comes first.
+	for {
+		select {
+		case <-cs.peerClosed:
+			return nil
+		case <-respHeaderTimer:
+			return errTimeout
+		case <-respHeaderRecv:
+			respHeaderRecv = nil
+			respHeaderTimer = nil // keep waiting for END_STREAM
+		case <-cs.abort:
+			return cs.abortErr
+		case <-ctx.Done():
+			return ctx.Err()
+		case <-cs.reqCancel:
+			return errRequestCanceled
+		}
+	}
+}
+
+func (cs *clientStream) encodeAndWriteHeaders(req *http.Request) error {
+	cc := cs.cc
+	ctx := cs.ctx
+
+	cc.wmu.Lock()
+	defer cc.wmu.Unlock()
+
+	// If the request was canceled while waiting for cc.mu, just quit.
+	select {
+	case <-cs.abort:
+		return cs.abortErr
+	case <-ctx.Done():
+		return ctx.Err()
+	case <-cs.reqCancel:
+		return errRequestCanceled
+	default:
+	}
+
+	// Encode headers.
+	//
 	// we send: HEADERS{1}, CONTINUATION{0,} + DATA{0,} (DATA is
 	// sent by writeRequestBody below, along with any Trailers,
 	// again in form HEADERS{1}, CONTINUATION{0,})
-	cc.wmu.Lock()
-	hdrs, err := cc.encodeHeaders(req, requestedGzip, trailers, contentLen)
+	trailers, err := commaSeparatedTrailers(req)
 	if err != nil {
-		cc.wmu.Unlock()
-		return nil, false, err
+		return err
+	}
+	hasTrailers := trailers != ""
+	contentLen := actualContentLength(req)
+	hasBody := contentLen != 0
+	hdrs, err := cc.encodeHeaders(req, cs.requestedGzip, trailers, contentLen)
+	if err != nil {
+		return err
 	}
 
-	defer func() {
-		cc.wmu.Lock()
-		werr := cc.werr
-		cc.wmu.Unlock()
-		if werr != nil {
-			cc.Close()
-		}
-	}()
-
+	// Write the request.
 	endStream := !hasBody && !hasTrailers
+	cs.sentHeaders = true
 	err = cc.writeHeaders(cs.ID, endStream, int(cc.maxFrameSize), hdrs)
-	cc.wmu.Unlock()
-	<-cc.reqHeaderMu // release the new-request lock
-	reqHeaderMuNeedsUnlock = false
 	traceWroteHeaders(cs.trace)
+	return err
+}
 
-	if err != nil {
-		if hasBody {
-			bodyWriter.cancel()
-		}
-		cc.forgetStreamID(cs.ID)
-		// Don't bother sending a RST_STREAM (our write already failed;
-		// no need to keep writing)
-		traceWroteRequest(cs.trace, err)
-		// TODO(dneil): An error occurred while writing the headers.
-		// Should we return an error indicating that this request can be retried?
-		return nil, false, err
-	}
+// cleanupWriteRequest performs post-request tasks.
+//
+// If err (the result of writeRequest) is non-nil and the stream is not closed,
+// cleanupWriteRequest will send a reset to the peer.
+func (cs *clientStream) cleanupWriteRequest(err error) {
+	cc := cs.cc
 
-	var respHeaderTimer <-chan time.Time
-	if hasBody {
-		bodyWriter.scheduleBodyWrite()
-	} else {
-		traceWroteRequest(cs.trace, nil)
-		if d := cc.responseHeaderTimeout(); d != 0 {
-			timer := time.NewTimer(d)
-			defer timer.Stop()
-			respHeaderTimer = timer.C
-		}
+	if cs.ID == 0 {
+		// We were canceled before creating the stream, so return our reservation.
+		cc.decrStreamReservations()
 	}
 
-	readLoopResCh := cs.resc
-	bodyWritten := false
+	// TODO: write h12Compare test showing whether
+	// Request.Body is closed by the Transport,
+	// and in multiple cases: server replies <=299 and >299
+	// while still writing request body
+	cc.mu.Lock()
+	bodyClosed := cs.reqBodyClosed
+	cs.reqBodyClosed = true
+	cc.mu.Unlock()
+	if !bodyClosed && cs.reqBody != nil {
+		cs.reqBody.Close()
+	}
 
-	handleReadLoopResponse := func(re resAndError) (*http.Response, bool, error) {
-		res := re.res
-		if re.err != nil || res.StatusCode > 299 {
-			// On error or status code 3xx, 4xx, 5xx, etc abort any
-			// ongoing write, assuming that the server doesn't care
-			// about our request body. If the server replied with 1xx or
-			// 2xx, however, then assume the server DOES potentially
-			// want our body (e.g. full-duplex streaming:
-			// golang.org/issue/13444). If it turns out the server
-			// doesn't, they'll RST_STREAM us soon enough. This is a
-			// heuristic to avoid adding knobs to Transport. Hopefully
-			// we can keep it.
-			bodyWriter.cancel()
-			cs.abortRequestBodyWrite(errStopReqBodyWrite)
-			if hasBody && !bodyWritten {
-				<-bodyWriter.resc
+	if err != nil && cs.sentEndStream {
+		// If the connection is closed immediately after the response is read,
+		// we may be aborted before finishing up here. If the stream was closed
+		// cleanly on both sides, there is no error.
+		select {
+		case <-cs.peerClosed:
+			err = nil
+		default:
+		}
+	}
+	if err != nil {
+		cs.abortStream(err) // possibly redundant, but harmless
+		if cs.sentHeaders {
+			if se, ok := err.(StreamError); ok {
+				if se.Cause != errFromPeer {
+					cc.writeStreamReset(cs.ID, se.Code, err)
+				}
+			} else {
+				cc.writeStreamReset(cs.ID, ErrCodeCancel, err)
 			}
 		}
-		if re.err != nil {
-			cc.forgetStreamID(cs.ID)
-			return nil, cs.getStartedWrite(), re.err
+		cs.bufPipe.CloseWithError(err) // no-op if already closed
+	} else {
+		if cs.sentHeaders && !cs.sentEndStream {
+			cc.writeStreamReset(cs.ID, ErrCodeNo, nil)
 		}
-		res.Request = req
-		res.TLS = cc.tlsState
-		return res, false, nil
+		cs.bufPipe.CloseWithError(errRequestCanceled)
 	}
-
-	handleError := func(err error) (*http.Response, bool, error) {
-		if !hasBody || bodyWritten {
-			cc.writeStreamReset(cs.ID, ErrCodeCancel, nil)
-		} else {
-			bodyWriter.cancel()
-			cs.abortRequestBodyWrite(errStopReqBodyWriteAndCancel)
-			<-bodyWriter.resc
-		}
+	if cs.ID != 0 {
 		cc.forgetStreamID(cs.ID)
-		return nil, cs.getStartedWrite(), err
 	}
 
-	for {
-		select {
-		case re := <-readLoopResCh:
-			return handleReadLoopResponse(re)
-		case <-respHeaderTimer:
-			return handleError(errTimeout)
-		case <-ctx.Done():
-			return handleError(ctx.Err())
-		case <-req.Cancel:
-			return handleError(errRequestCanceled)
-		case <-cs.peerReset:
-			// processResetStream already removed the
-			// stream from the streams map; no need for
-			// forgetStreamID.
-			return nil, cs.getStartedWrite(), cs.resetErr
-		case err := <-bodyWriter.resc:
-			bodyWritten = true
-			// Prefer the read loop's response, if available. Issue 16102.
-			select {
-			case re := <-readLoopResCh:
-				return handleReadLoopResponse(re)
-			default:
-			}
-			if err != nil {
-				cc.forgetStreamID(cs.ID)
-				return nil, cs.getStartedWrite(), err
-			}
-			if d := cc.responseHeaderTimeout(); d != 0 {
-				timer := time.NewTimer(d)
-				defer timer.Stop()
-				respHeaderTimer = timer.C
-			}
-		}
+	cc.wmu.Lock()
+	werr := cc.werr
+	cc.wmu.Unlock()
+	if werr != nil {
+		cc.Close()
 	}
+
+	close(cs.donec)
 }
 
-// awaitOpenSlotForRequest waits until len(streams) < maxConcurrentStreams.
+// awaitOpenSlotForStream waits until len(streams) < maxConcurrentStreams.
 // Must hold cc.mu.
-func (cc *ClientConn) awaitOpenSlotForRequest(req *http.Request) error {
-	var waitingForConn chan struct{}
-	var waitingForConnErr error // guarded by cc.mu
+func (cc *ClientConn) awaitOpenSlotForStreamLocked(cs *clientStream) error {
 	for {
 		cc.lastActive = time.Now()
 		if cc.closed || !cc.canTakeNewRequestLocked() {
-			if waitingForConn != nil {
-				close(waitingForConn)
-			}
 			return errClientConnUnusable
 		}
 		cc.lastIdle = time.Time{}
 		if int64(len(cc.streams)) < int64(cc.maxConcurrentStreams) {
-			if waitingForConn != nil {
-				close(waitingForConn)
-			}
 			return nil
 		}
-		// Unfortunately, we cannot wait on a condition variable and channel at
-		// the same time, so instead, we spin up a goroutine to check if the
-		// request is canceled while we wait for a slot to open in the connection.
-		if waitingForConn == nil {
-			waitingForConn = make(chan struct{})
-			go func() {
-				if err := awaitRequestCancel(req, waitingForConn); err != nil {
-					cc.mu.Lock()
-					waitingForConnErr = err
-					cc.cond.Broadcast()
-					cc.mu.Unlock()
-				}
-			}()
-		}
 		cc.pendingRequests++
 		cc.cond.Wait()
 		cc.pendingRequests--
-		if waitingForConnErr != nil {
-			return waitingForConnErr
+		select {
+		case <-cs.abort:
+			return cs.abortErr
+		default:
 		}
 	}
 }
@@ -1305,10 +1492,6 @@ func (cc *ClientConn) writeHeaders(streamID uint32, endStream bool, maxFrameSize
 			cc.fr.WriteContinuation(streamID, endHeaders, chunk)
 		}
 	}
-	// TODO(bradfitz): this Flush could potentially block (as
-	// could the WriteHeaders call(s) above), which means they
-	// wouldn't respond to Request.Cancel being readable. That's
-	// rare, but this should probably be in a goroutine.
 	cc.bw.Flush()
 	return cc.werr
 }
@@ -1335,7 +1518,7 @@ func (cs *clientStream) frameScratchBufferLen(maxFrameSize int) int {
 	if n > max {
 		n = max
 	}
-	if cl := actualContentLength(cs.req); cl != -1 && cl+1 < n {
+	if cl := cs.reqBodyContentLength; cl != -1 && cl+1 < n {
 		// Add an extra byte past the declared content-length to
 		// give the caller's Request.Body io.Reader a chance to
 		// give us more bytes than they declared, so we can catch it
@@ -1350,31 +1533,13 @@ func (cs *clientStream) frameScratchBufferLen(maxFrameSize int) int {
 
 var bufPool sync.Pool // of *[]byte
 
-func (cs *clientStream) writeRequestBody(body io.Reader, bodyCloser io.Closer) (err error) {
+func (cs *clientStream) writeRequestBody(req *http.Request) (err error) {
 	cc := cs.cc
+	body := cs.reqBody
 	sentEnd := false // whether we sent the final DATA frame w/ END_STREAM
 
-	defer func() {
-		traceWroteRequest(cs.trace, err)
-		// TODO: write h12Compare test showing whether
-		// Request.Body is closed by the Transport,
-		// and in multiple cases: server replies <=299 and >299
-		// while still writing request body
-		var cerr error
-		cc.mu.Lock()
-		if cs.stopReqBody == nil {
-			cs.stopReqBody = errStopReqBodyWrite
-			cerr = bodyCloser.Close()
-		}
-		cc.mu.Unlock()
-		if err == nil {
-			err = cerr
-		}
-	}()
-
-	req := cs.req
 	hasTrailers := req.Trailer != nil
-	remainLen := actualContentLength(req)
+	remainLen := cs.reqBodyContentLength
 	hasContentLen := remainLen != -1
 
 	cc.mu.Lock()
@@ -1412,29 +1577,29 @@ func (cs *clientStream) writeRequestBody(body io.Reader, bodyCloser io.Closer) (
 			}
 			if remainLen < 0 {
 				err = errReqBodyTooLong
-				cc.writeStreamReset(cs.ID, ErrCodeCancel, err)
 				return err
 			}
 		}
-		if err == io.EOF {
-			sawEOF = true
-			err = nil
-		} else if err != nil {
-			cc.writeStreamReset(cs.ID, ErrCodeCancel, err)
-			return err
+		if err != nil {
+			cc.mu.Lock()
+			bodyClosed := cs.reqBodyClosed
+			cc.mu.Unlock()
+			switch {
+			case bodyClosed:
+				return errStopReqBodyWrite
+			case err == io.EOF:
+				sawEOF = true
+				err = nil
+			default:
+				return err
+			}
 		}
 
 		remain := buf[:n]
 		for len(remain) > 0 && err == nil {
 			var allowed int32
 			allowed, err = cs.awaitFlowControl(len(remain))
-			switch {
-			case err == errStopReqBodyWrite:
-				return err
-			case err == errStopReqBodyWriteAndCancel:
-				cc.writeStreamReset(cs.ID, ErrCodeCancel, nil)
-				return err
-			case err != nil:
+			if err != nil {
 				return err
 			}
 			cc.wmu.Lock()
@@ -1465,18 +1630,26 @@ func (cs *clientStream) writeRequestBody(body io.Reader, bodyCloser io.Closer) (
 		return nil
 	}
 
+	// Since the RoundTrip contract permits the caller to "mutate or reuse"
+	// a request after the Response's Body is closed, verify that this hasn't
+	// happened before accessing the trailers.
+	cc.mu.Lock()
+	trailer := req.Trailer
+	err = cs.abortErr
+	cc.mu.Unlock()
+	if err != nil {
+		return err
+	}
+
 	cc.wmu.Lock()
+	defer cc.wmu.Unlock()
 	var trls []byte
-	if hasTrailers {
-		trls, err = cc.encodeTrailers(req)
+	if len(trailer) > 0 {
+		trls, err = cc.encodeTrailers(trailer)
 		if err != nil {
-			cc.wmu.Unlock()
-			cc.writeStreamReset(cs.ID, ErrCodeInternal, err)
-			cc.forgetStreamID(cs.ID)
 			return err
 		}
 	}
-	defer cc.wmu.Unlock()
 
 	// Two ways to send END_STREAM: either with trailers, or
 	// with an empty DATA frame.
@@ -1497,17 +1670,24 @@ func (cs *clientStream) writeRequestBody(body io.Reader, bodyCloser io.Closer) (
 // if the stream is dead.
 func (cs *clientStream) awaitFlowControl(maxBytes int) (taken int32, err error) {
 	cc := cs.cc
+	ctx := cs.ctx
 	cc.mu.Lock()
 	defer cc.mu.Unlock()
 	for {
 		if cc.closed {
 			return 0, errClientConnClosed
 		}
-		if cs.stopReqBody != nil {
-			return 0, cs.stopReqBody
+		if cs.reqBodyClosed {
+			return 0, errStopReqBodyWrite
 		}
-		if err := cs.checkResetOrDone(); err != nil {
-			return 0, err
+		select {
+		case <-cs.abort:
+			return 0, cs.abortErr
+		case <-ctx.Done():
+			return 0, ctx.Err()
+		case <-cs.reqCancel:
+			return 0, errRequestCanceled
+		default:
 		}
 		if a := cs.flow.available(); a > 0 {
 			take := a
@@ -1525,9 +1705,14 @@ func (cs *clientStream) awaitFlowControl(maxBytes int) (taken int32, err error)
 	}
 }
 
+var errNilRequestURL = errors.New("http2: Request.URI is nil")
+
 // requires cc.wmu be held.
 func (cc *ClientConn) encodeHeaders(req *http.Request, addGzipHeader bool, trailers string, contentLength int64) ([]byte, error) {
 	cc.hbuf.Reset()
+	if req.URL == nil {
+		return nil, errNilRequestURL
+	}
 
 	host := req.Host
 	if host == "" {
@@ -1714,11 +1899,11 @@ func shouldSendReqContentLength(method string, contentLength int64) bool {
 }
 
 // requires cc.wmu be held.
-func (cc *ClientConn) encodeTrailers(req *http.Request) ([]byte, error) {
+func (cc *ClientConn) encodeTrailers(trailer http.Header) ([]byte, error) {
 	cc.hbuf.Reset()
 
 	hlSize := uint64(0)
-	for k, vv := range req.Trailer {
+	for k, vv := range trailer {
 		for _, v := range vv {
 			hf := hpack.HeaderField{Name: k, Value: v}
 			hlSize += uint64(hf.Size())
@@ -1728,7 +1913,7 @@ func (cc *ClientConn) encodeTrailers(req *http.Request) ([]byte, error) {
 		return nil, errRequestHeaderListSize
 	}
 
-	for k, vv := range req.Trailer {
+	for k, vv := range trailer {
 		lowKey, ascii := asciiToLower(k)
 		if !ascii {
 			// Skip writing invalid headers. Per RFC 7540, Section 8.1.2, header
@@ -1758,51 +1943,51 @@ type resAndError struct {
 }
 
 // requires cc.mu be held.
-func (cc *ClientConn) newStream() *clientStream {
-	cs := &clientStream{
-		cc:        cc,
-		ID:        cc.nextStreamID,
-		resc:      make(chan resAndError, 1),
-		peerReset: make(chan struct{}),
-		done:      make(chan struct{}),
-	}
+func (cc *ClientConn) addStreamLocked(cs *clientStream) {
 	cs.flow.add(int32(cc.initialWindowSize))
 	cs.flow.setConnFlow(&cc.flow)
 	cs.inflow.add(transportDefaultStreamFlow)
 	cs.inflow.setConnFlow(&cc.inflow)
+	cs.ID = cc.nextStreamID
 	cc.nextStreamID += 2
 	cc.streams[cs.ID] = cs
-	return cs
+	if cs.ID == 0 {
+		panic("assigned stream ID 0")
+	}
 }
 
 func (cc *ClientConn) forgetStreamID(id uint32) {
-	cc.streamByID(id, true)
-}
-
-func (cc *ClientConn) streamByID(id uint32, andRemove bool) *clientStream {
 	cc.mu.Lock()
-	defer cc.mu.Unlock()
-	cs := cc.streams[id]
-	if andRemove && cs != nil && !cc.closed {
-		cc.lastActive = time.Now()
-		delete(cc.streams, id)
-		if len(cc.streams) == 0 && cc.idleTimer != nil {
-			cc.idleTimer.Reset(cc.idleTimeout)
-			cc.lastIdle = time.Now()
-		}
-		close(cs.done)
-		// Wake up checkResetOrDone via clientStream.awaitFlowControl and
-		// wake up RoundTrip if there is a pending request.
-		cc.cond.Broadcast()
+	slen := len(cc.streams)
+	delete(cc.streams, id)
+	if len(cc.streams) != slen-1 {
+		panic("forgetting unknown stream id")
+	}
+	cc.lastActive = time.Now()
+	if len(cc.streams) == 0 && cc.idleTimer != nil {
+		cc.idleTimer.Reset(cc.idleTimeout)
+		cc.lastIdle = time.Now()
+	}
+	// Wake up writeRequestBody via clientStream.awaitFlowControl and
+	// wake up RoundTrip if there is a pending request.
+	cc.cond.Broadcast()
+
+	closeOnIdle := cc.singleUse || cc.doNotReuse || cc.t.disableKeepAlives()
+	if closeOnIdle && cc.streamsReserved == 0 && len(cc.streams) == 0 {
+		if VerboseLogs {
+			cc.vlogf("http2: Transport closing idle conn %p (forSingleUse=%v, maxStream=%v)", cc, cc.singleUse, cc.nextStreamID-2)
+		}
+		cc.closed = true
+		defer cc.tconn.Close()
 	}
-	return cs
+
+	cc.mu.Unlock()
 }
 
 // clientConnReadLoop is the state owned by the clientConn's frame-reading readLoop.
 type clientConnReadLoop struct {
-	_             incomparable
-	cc            *ClientConn
-	closeWhenIdle bool
+	_  incomparable
+	cc *ClientConn
 }
 
 // readLoop runs in its own goroutine and reads and dispatches frames.
@@ -1863,18 +2048,15 @@ func (rl *clientConnReadLoop) cleanup() {
 		err = io.ErrUnexpectedEOF
 	}
 	cc.closed = true
-	streams := cc.streams
-	cc.streams = nil
-	cc.mu.Unlock()
-	for _, cs := range streams {
-		cs.bufPipe.CloseWithError(err) // no-op if already closed
+	for _, cs := range cc.streams {
 		select {
-		case cs.resc <- resAndError{err: err}:
+		case <-cs.peerClosed:
+			// The server closed the stream before closing the conn,
+			// so no need to interrupt it.
 		default:
+			cs.abortStreamLocked(err)
 		}
-		close(cs.done)
 	}
-	cc.mu.Lock()
 	cc.cond.Broadcast()
 	cc.mu.Unlock()
 }
@@ -1908,8 +2090,6 @@ func (cc *ClientConn) countReadFrameError(err error) {
 
 func (rl *clientConnReadLoop) run() error {
 	cc := rl.cc
-	rl.closeWhenIdle = cc.t.disableKeepAlives() || cc.singleUse
-	gotReply := false // ever saw a HEADERS reply
 	gotSettings := false
 	readIdleTimeout := cc.t.ReadIdleTimeout
 	var t *time.Timer
@@ -1926,9 +2106,7 @@ func (rl *clientConnReadLoop) run() error {
 			cc.vlogf("http2: Transport readFrame error on conn %p: (%T) %v", cc, err, err)
 		}
 		if se, ok := err.(StreamError); ok {
-			if cs := cc.streamByID(se.StreamID, false); cs != nil {
-				cs.cc.writeStreamReset(cs.ID, se.Code, err)
-				cs.cc.forgetStreamID(cs.ID)
+			if cs := rl.streamByID(se.StreamID); cs != nil {
 				if se.Cause == nil {
 					se.Cause = cc.fr.errDetail
 				}
@@ -1949,22 +2127,16 @@ func (rl *clientConnReadLoop) run() error {
 			}
 			gotSettings = true
 		}
-		maybeIdle := false // whether frame might transition us to idle
 
 		switch f := f.(type) {
 		case *MetaHeadersFrame:
 			err = rl.processHeaders(f)
-			maybeIdle = true
-			gotReply = true
 		case *DataFrame:
 			err = rl.processData(f)
-			maybeIdle = true
 		case *GoAwayFrame:
 			err = rl.processGoAway(f)
-			maybeIdle = true
 		case *RSTStreamFrame:
 			err = rl.processResetStream(f)
-			maybeIdle = true
 		case *SettingsFrame:
 			err = rl.processSettings(f)
 		case *PushPromiseFrame:
@@ -1982,38 +2154,24 @@ func (rl *clientConnReadLoop) run() error {
 			}
 			return err
 		}
-		if rl.closeWhenIdle && gotReply && maybeIdle {
-			cc.closeIfIdle()
-		}
 	}
 }
 
 func (rl *clientConnReadLoop) processHeaders(f *MetaHeadersFrame) error {
-	cc := rl.cc
-	cs := cc.streamByID(f.StreamID, false)
+	cs := rl.streamByID(f.StreamID)
 	if cs == nil {
 		// We'd get here if we canceled a request while the
 		// server had its response still in flight. So if this
 		// was just something we canceled, ignore it.
 		return nil
 	}
-	if f.StreamEnded() {
-		// Issue 20521: If the stream has ended, streamByID() causes
-		// clientStream.done to be closed, which causes the request's bodyWriter
-		// to be closed with an errStreamClosed, which may be received by
-		// clientConn.RoundTrip before the result of processing these headers.
-		// Deferring stream closure allows the header processing to occur first.
-		// clientConn.RoundTrip may still receive the bodyWriter error first, but
-		// the fix for issue 16102 prioritises any response.
-		//
-		// Issue 22413: If there is no request body, we should close the
-		// stream before writing to cs.resc so that the stream is closed
-		// immediately once RoundTrip returns.
-		if cs.req.Body != nil {
-			defer cc.forgetStreamID(f.StreamID)
-		} else {
-			cc.forgetStreamID(f.StreamID)
-		}
+	if cs.readClosed {
+		rl.endStreamError(cs, StreamError{
+			StreamID: f.StreamID,
+			Code:     ErrCodeProtocol,
+			Cause:    errors.New("protocol error: headers after END_STREAM"),
+		})
+		return nil
 	}
 	if !cs.firstByte {
 		if cs.trace != nil {
@@ -2037,9 +2195,11 @@ func (rl *clientConnReadLoop) processHeaders(f *MetaHeadersFrame) error {
 			return err
 		}
 		// Any other error type is a stream error.
-		cs.cc.writeStreamReset(f.StreamID, ErrCodeProtocol, err)
-		cc.forgetStreamID(cs.ID)
-		cs.resc <- resAndError{err: err}
+		rl.endStreamError(cs, StreamError{
+			StreamID: f.StreamID,
+			Code:     ErrCodeProtocol,
+			Cause:    err,
+		})
 		return nil // return nil from process* funcs to keep conn alive
 	}
 	if res == nil {
@@ -2047,7 +2207,11 @@ func (rl *clientConnReadLoop) processHeaders(f *MetaHeadersFrame) error {
 		return nil
 	}
 	cs.resTrailer = &res.Trailer
-	cs.resc <- resAndError{res: res}
+	cs.res = res
+	close(cs.respHeaderRecv)
+	if f.StreamEnded() {
+		rl.endStream(cs)
+	}
 	return nil
 }
 
@@ -2109,6 +2273,9 @@ func (rl *clientConnReadLoop) handleResponse(cs *clientStream, f *MetaHeadersFra
 	}
 
 	if statusCode >= 100 && statusCode <= 199 {
+		if f.StreamEnded() {
+			return nil, errors.New("1xx informational response with END_STREAM flag")
+		}
 		cs.num1xx++
 		const max1xxResponses = 5 // arbitrary bound on number of informational responses, same as net/http
 		if cs.num1xx > max1xxResponses {
@@ -2121,42 +2288,49 @@ func (rl *clientConnReadLoop) handleResponse(cs *clientStream, f *MetaHeadersFra
 		}
 		if statusCode == 100 {
 			traceGot100Continue(cs.trace)
-			if cs.on100 != nil {
-				cs.on100() // forces any write delay timer to fire
+			select {
+			case cs.on100 <- struct{}{}:
+			default:
 			}
 		}
 		cs.pastHeaders = false // do it all again
 		return nil, nil
 	}
 
-	streamEnded := f.StreamEnded()
-	isHead := cs.req.Method == "HEAD"
-	if !streamEnded || isHead {
-		res.ContentLength = -1
-		if clens := res.Header["Content-Length"]; len(clens) == 1 {
-			if cl, err := strconv.ParseUint(clens[0], 10, 63); err == nil {
-				res.ContentLength = int64(cl)
-			} else {
-				// TODO: care? unlike http/1, it won't mess up our framing, so it's
-				// more safe smuggling-wise to ignore.
-			}
-		} else if len(clens) > 1 {
+	res.ContentLength = -1
+	if clens := res.Header["Content-Length"]; len(clens) == 1 {
+		if cl, err := strconv.ParseUint(clens[0], 10, 63); err == nil {
+			res.ContentLength = int64(cl)
+		} else {
 			// TODO: care? unlike http/1, it won't mess up our framing, so it's
 			// more safe smuggling-wise to ignore.
 		}
+	} else if len(clens) > 1 {
+		// TODO: care? unlike http/1, it won't mess up our framing, so it's
+		// more safe smuggling-wise to ignore.
+	} else if f.StreamEnded() && !cs.isHead {
+		res.ContentLength = 0
 	}
 
-	if streamEnded || isHead {
+	if cs.isHead {
 		res.Body = noBody
 		return res, nil
 	}
 
-	cs.bufPipe = pipe{b: &dataBuffer{expected: res.ContentLength}}
+	if f.StreamEnded() {
+		if res.ContentLength > 0 {
+			res.Body = missingBody{}
+		} else {
+			res.Body = noBody
+		}
+		return res, nil
+	}
+
+	cs.bufPipe.setBuffer(&dataBuffer{expected: res.ContentLength})
 	cs.bytesRemain = res.ContentLength
 	res.Body = transportResponseBody{cs}
-	go cs.awaitRequestCancel(cs.req)
 
-	if cs.requestedGzip && res.Header.Get("Content-Encoding") == "gzip" {
+	if cs.requestedGzip && asciiEqualFold(res.Header.Get("Content-Encoding"), "gzip") {
 		res.Header.Del("Content-Encoding")
 		res.Header.Del("Content-Length")
 		res.ContentLength = -1
@@ -2195,8 +2369,7 @@ func (rl *clientConnReadLoop) processTrailers(cs *clientStream, f *MetaHeadersFr
 }
 
 // transportResponseBody is the concrete type of Transport.RoundTrip's
-// Response.Body. It is an io.ReadCloser. On Read, it reads from cs.body.
-// On Close it sends RST_STREAM if EOF wasn't already seen.
+// Response.Body. It is an io.ReadCloser.
 type transportResponseBody struct {
 	cs *clientStream
 }
@@ -2214,7 +2387,7 @@ func (b transportResponseBody) Read(p []byte) (n int, err error) {
 			n = int(cs.bytesRemain)
 			if err == nil {
 				err = errors.New("net/http: server replied with more than declared Content-Length; truncated")
-				cc.writeStreamReset(cs.ID, ErrCodeProtocol, err)
+				cs.abortStream(err)
 			}
 			cs.readErr = err
 			return int(cs.bytesRemain), err
@@ -2270,24 +2443,18 @@ func (b transportResponseBody) Close() error {
 	cs := b.cs
 	cc := cs.cc
 
-	serverSentStreamEnd := cs.bufPipe.Err() == io.EOF
 	unread := cs.bufPipe.Len()
-
-	if unread > 0 || !serverSentStreamEnd {
+	if unread > 0 {
 		cc.mu.Lock()
-		if !serverSentStreamEnd {
-			cs.didReset = true
-		}
 		// Return connection-level flow control.
 		if unread > 0 {
 			cc.inflow.add(int32(unread))
 		}
 		cc.mu.Unlock()
 
+		// TODO(dneil): Acquiring this mutex can block indefinitely.
+		// Move flow control return to a goroutine?
 		cc.wmu.Lock()
-		if !serverSentStreamEnd {
-			cc.fr.WriteRSTStream(cs.ID, ErrCodeCancel)
-		}
 		// Return connection-level flow control.
 		if unread > 0 {
 			cc.fr.WriteWindowUpdate(0, uint32(unread))
@@ -2297,13 +2464,24 @@ func (b transportResponseBody) Close() error {
 	}
 
 	cs.bufPipe.BreakWithError(errClosedResponseBody)
-	cc.forgetStreamID(cs.ID)
+	cs.abortStream(errClosedResponseBody)
+
+	select {
+	case <-cs.donec:
+	case <-cs.ctx.Done():
+		// See golang/go#49366: The net/http package can cancel the
+		// request context after the response body is fully read.
+		// Don't treat this as an error.
+		return nil
+	case <-cs.reqCancel:
+		return errRequestCanceled
+	}
 	return nil
 }
 
 func (rl *clientConnReadLoop) processData(f *DataFrame) error {
 	cc := rl.cc
-	cs := cc.streamByID(f.StreamID, f.StreamEnded())
+	cs := rl.streamByID(f.StreamID)
 	data := f.Data()
 	if cs == nil {
 		cc.mu.Lock()
@@ -2332,6 +2510,14 @@ func (rl *clientConnReadLoop) processData(f *DataFrame) error {
 		}
 		return nil
 	}
+	if cs.readClosed {
+		cc.logf("protocol error: received DATA after END_STREAM")
+		rl.endStreamError(cs, StreamError{
+			StreamID: f.StreamID,
+			Code:     ErrCodeProtocol,
+		})
+		return nil
+	}
 	if !cs.firstByte {
 		cc.logf("protocol error: received DATA before a HEADERS frame")
 		rl.endStreamError(cs, StreamError{
@@ -2341,7 +2527,7 @@ func (rl *clientConnReadLoop) processData(f *DataFrame) error {
 		return nil
 	}
 	if f.Length > 0 {
-		if cs.req.Method == "HEAD" && len(data) > 0 {
+		if cs.isHead && len(data) > 0 {
 			cc.logf("protocol error: received DATA on a HEAD request")
 			rl.endStreamError(cs, StreamError{
 				StreamID: f.StreamID,
@@ -2363,14 +2549,23 @@ func (rl *clientConnReadLoop) processData(f *DataFrame) error {
 		if pad := int(f.Length) - len(data); pad > 0 {
 			refund += pad
 		}
-		// Return len(data) now if the stream is already closed,
-		// since data will never be read.
-		didReset := cs.didReset
-		if didReset {
-			refund += len(data)
+
+		didReset := false
+		var err error
+		if len(data) > 0 {
+			if _, err = cs.bufPipe.Write(data); err != nil {
+				// Return len(data) now if the stream is already closed,
+				// since data will never be read.
+				didReset = true
+				refund += len(data)
+			}
 		}
+
 		if refund > 0 {
 			cc.inflow.add(int32(refund))
+			if !didReset {
+				cs.inflow.add(int32(refund))
+			}
 		}
 		cc.mu.Unlock()
 
@@ -2378,18 +2573,15 @@ func (rl *clientConnReadLoop) processData(f *DataFrame) error {
 			cc.wmu.Lock()
 			cc.fr.WriteWindowUpdate(0, uint32(refund))
 			if !didReset {
-				cs.inflow.add(int32(refund))
 				cc.fr.WriteWindowUpdate(cs.ID, uint32(refund))
 			}
 			cc.bw.Flush()
 			cc.wmu.Unlock()
 		}
 
-		if len(data) > 0 && !didReset {
-			if _, err := cs.bufPipe.Write(data); err != nil {
-				rl.endStreamError(cs, err)
-				return err
-			}
+		if err != nil {
+			rl.endStreamError(cs, err)
+			return nil
 		}
 	}
 
@@ -2402,24 +2594,32 @@ func (rl *clientConnReadLoop) processData(f *DataFrame) error {
 func (rl *clientConnReadLoop) endStream(cs *clientStream) {
 	// TODO: check that any declared content-length matches, like
 	// server.go's (*stream).endStream method.
-	rl.endStreamError(cs, nil)
+	if !cs.readClosed {
+		cs.readClosed = true
+		// Close cs.bufPipe and cs.peerClosed with cc.mu held to avoid a
+		// race condition: The caller can read io.EOF from Response.Body
+		// and close the body before we close cs.peerClosed, causing
+		// cleanupWriteRequest to send a RST_STREAM.
+		rl.cc.mu.Lock()
+		defer rl.cc.mu.Unlock()
+		cs.bufPipe.closeWithErrorAndCode(io.EOF, cs.copyTrailers)
+		close(cs.peerClosed)
+	}
 }
 
 func (rl *clientConnReadLoop) endStreamError(cs *clientStream, err error) {
-	var code func()
-	if err == nil {
-		err = io.EOF
-		code = cs.copyTrailers
-	}
-	if isConnectionCloseRequest(cs.req) {
-		rl.closeWhenIdle = true
-	}
-	cs.bufPipe.closeWithErrorAndCode(err, code)
+	cs.readAborted = true
+	cs.abortStream(err)
+}
 
-	select {
-	case cs.resc <- resAndError{err: err}:
-	default:
+func (rl *clientConnReadLoop) streamByID(id uint32) *clientStream {
+	rl.cc.mu.Lock()
+	defer rl.cc.mu.Unlock()
+	cs := rl.cc.streams[id]
+	if cs != nil && !cs.readAborted {
+		return cs
 	}
+	return nil
 }
 
 func (cs *clientStream) copyTrailers() {
@@ -2532,7 +2732,7 @@ func (rl *clientConnReadLoop) processSettingsNoWrite(f *SettingsFrame) error {
 
 func (rl *clientConnReadLoop) processWindowUpdate(f *WindowUpdateFrame) error {
 	cc := rl.cc
-	cs := cc.streamByID(f.StreamID, false)
+	cs := rl.streamByID(f.StreamID)
 	if f.StreamID != 0 && cs == nil {
 		return nil
 	}
@@ -2552,31 +2752,22 @@ func (rl *clientConnReadLoop) processWindowUpdate(f *WindowUpdateFrame) error {
 }
 
 func (rl *clientConnReadLoop) processResetStream(f *RSTStreamFrame) error {
-	cs := rl.cc.streamByID(f.StreamID, true)
+	cs := rl.streamByID(f.StreamID)
 	if cs == nil {
-		// TODO: return error if server tries to RST_STEAM an idle stream
+		// TODO: return error if server tries to RST_STREAM an idle stream
 		return nil
 	}
-	select {
-	case <-cs.peerReset:
-		// Already reset.
-		// This is the only goroutine
-		// which closes this, so there
-		// isn't a race.
-	default:
-		serr := streamError(cs.ID, f.ErrCode)
-		if f.ErrCode == ErrCodeProtocol {
-			rl.cc.SetDoNotReuse()
-			serr.Cause = errFromPeer
-		}
-		if fn := cs.cc.t.CountError; fn != nil {
-			fn("recv_rststream_" + f.ErrCode.stringToken())
-		}
-		cs.resetErr = serr
-		close(cs.peerReset)
-		cs.bufPipe.CloseWithError(serr)
-		cs.cc.cond.Broadcast() // wake up checkResetOrDone via clientStream.awaitFlowControl
+	serr := streamError(cs.ID, f.ErrCode)
+	serr.Cause = errFromPeer
+	if f.ErrCode == ErrCodeProtocol {
+		rl.cc.SetDoNotReuse()
+	}
+	if fn := cs.cc.t.CountError; fn != nil {
+		fn("recv_rststream_" + f.ErrCode.stringToken())
 	}
+	cs.abortStream(serr)
+
+	cs.bufPipe.CloseWithError(serr)
 	return nil
 }
 
@@ -2598,19 +2789,24 @@ func (cc *ClientConn) Ping(ctx context.Context) error {
 		}
 		cc.mu.Unlock()
 	}
-	cc.wmu.Lock()
-	if err := cc.fr.WritePing(false, p); err != nil {
-		cc.wmu.Unlock()
-		return err
-	}
-	if err := cc.bw.Flush(); err != nil {
-		cc.wmu.Unlock()
-		return err
-	}
-	cc.wmu.Unlock()
+	errc := make(chan error, 1)
+	go func() {
+		cc.wmu.Lock()
+		defer cc.wmu.Unlock()
+		if err := cc.fr.WritePing(false, p); err != nil {
+			errc <- err
+			return
+		}
+		if err := cc.bw.Flush(); err != nil {
+			errc <- err
+			return
+		}
+	}()
 	select {
 	case <-c:
 		return nil
+	case err := <-errc:
+		return err
 	case <-ctx.Done():
 		return ctx.Err()
 	case <-cc.readerDone:
@@ -2687,6 +2883,11 @@ func (t *Transport) logf(format string, args ...interface{}) {
 
 var noBody io.ReadCloser = ioutil.NopCloser(bytes.NewReader(nil))
 
+type missingBody struct{}
+
+func (missingBody) Close() error             { return nil }
+func (missingBody) Read([]byte) (int, error) { return 0, io.ErrUnexpectedEOF }
+
 func strSliceContains(ss []string, s string) bool {
 	for _, v := range ss {
 		if v == s {
@@ -2732,87 +2933,6 @@ type errorReader struct{ err error }
 
 func (r errorReader) Read(p []byte) (int, error) { return 0, r.err }
 
-// bodyWriterState encapsulates various state around the Transport's writing
-// of the request body, particularly regarding doing delayed writes of the body
-// when the request contains "Expect: 100-continue".
-type bodyWriterState struct {
-	cs     *clientStream
-	timer  *time.Timer   // if non-nil, we're doing a delayed write
-	fnonce *sync.Once    // to call fn with
-	fn     func()        // the code to run in the goroutine, writing the body
-	resc   chan error    // result of fn's execution
-	delay  time.Duration // how long we should delay a delayed write for
-}
-
-func (t *Transport) getBodyWriterState(cs *clientStream, body io.Reader) (s bodyWriterState) {
-	s.cs = cs
-	if body == nil {
-		return
-	}
-	resc := make(chan error, 1)
-	s.resc = resc
-	s.fn = func() {
-		cs.cc.mu.Lock()
-		cs.startedWrite = true
-		cs.cc.mu.Unlock()
-		resc <- cs.writeRequestBody(body, cs.req.Body)
-	}
-	s.delay = t.expectContinueTimeout()
-	if s.delay == 0 ||
-		!httpguts.HeaderValuesContainsToken(
-			cs.req.Header["Expect"],
-			"100-continue") {
-		return
-	}
-	s.fnonce = new(sync.Once)
-
-	// Arm the timer with a very large duration, which we'll
-	// intentionally lower later. It has to be large now because
-	// we need a handle to it before writing the headers, but the
-	// s.delay value is defined to not start until after the
-	// request headers were written.
-	const hugeDuration = 365 * 24 * time.Hour
-	s.timer = time.AfterFunc(hugeDuration, func() {
-		s.fnonce.Do(s.fn)
-	})
-	return
-}
-
-func (s bodyWriterState) cancel() {
-	if s.timer != nil {
-		if s.timer.Stop() {
-			s.resc <- nil
-		}
-	}
-}
-
-func (s bodyWriterState) on100() {
-	if s.timer == nil {
-		// If we didn't do a delayed write, ignore the server's
-		// bogus 100 continue response.
-		return
-	}
-	s.timer.Stop()
-	go func() { s.fnonce.Do(s.fn) }()
-}
-
-// scheduleBodyWrite starts writing the body, either immediately (in
-// the common case) or after the delay timeout. It should not be
-// called until after the headers have been written.
-func (s bodyWriterState) scheduleBodyWrite() {
-	if s.timer == nil {
-		// We're not doing a delayed write (see
-		// getBodyWriterState), so just start the writing
-		// goroutine immediately.
-		go s.fn()
-		return
-	}
-	traceWait100Continue(s.cs.trace)
-	if s.timer.Stop() {
-		s.timer.Reset(s.delay)
-	}
-}
-
 // isConnectionCloseRequest reports whether req should use its own
 // connection for a single request and then close the connection.
 func isConnectionCloseRequest(req *http.Request) bool {
diff --git a/vendor/golang.org/x/net/idna/go118.go b/vendor/golang.org/x/net/idna/go118.go
new file mode 100644
index 00000000000..c5c4338dbed
--- /dev/null
+++ b/vendor/golang.org/x/net/idna/go118.go
@@ -0,0 +1,14 @@
+// Code generated by running "go generate" in golang.org/x/text. DO NOT EDIT.
+
+// Copyright 2021 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+//go:build go1.18
+// +build go1.18
+
+package idna
+
+// Transitional processing is disabled by default in Go 1.18.
+// https://golang.org/issue/47510
+const transitionalLookup = false
diff --git a/vendor/golang.org/x/net/idna/idna10.0.0.go b/vendor/golang.org/x/net/idna/idna10.0.0.go
index 5208ba6cb88..64ccf85febb 100644
--- a/vendor/golang.org/x/net/idna/idna10.0.0.go
+++ b/vendor/golang.org/x/net/idna/idna10.0.0.go
@@ -59,10 +59,10 @@ type Option func(*options)
 // Transitional sets a Profile to use the Transitional mapping as defined in UTS
 // #46. This will cause, for example, "ß" to be mapped to "ss". Using the
 // transitional mapping provides a compromise between IDNA2003 and IDNA2008
-// compatibility. It is used by most browsers when resolving domain names. This
+// compatibility. It is used by some browsers when resolving domain names. This
 // option is only meaningful if combined with MapForLookup.
 func Transitional(transitional bool) Option {
-	return func(o *options) { o.transitional = true }
+	return func(o *options) { o.transitional = transitional }
 }
 
 // VerifyDNSLength sets whether a Profile should fail if any of the IDN parts
@@ -284,7 +284,7 @@ var (
 
 	punycode = &Profile{}
 	lookup   = &Profile{options{
-		transitional: true,
+		transitional: transitionalLookup,
 		useSTD3Rules: true,
 		checkHyphens: true,
 		checkJoiners: true,
diff --git a/vendor/golang.org/x/net/idna/idna9.0.0.go b/vendor/golang.org/x/net/idna/idna9.0.0.go
index 55f718f1274..aae6aac872b 100644
--- a/vendor/golang.org/x/net/idna/idna9.0.0.go
+++ b/vendor/golang.org/x/net/idna/idna9.0.0.go
@@ -58,10 +58,10 @@ type Option func(*options)
 // Transitional sets a Profile to use the Transitional mapping as defined in UTS
 // #46. This will cause, for example, "ß" to be mapped to "ss". Using the
 // transitional mapping provides a compromise between IDNA2003 and IDNA2008
-// compatibility. It is used by most browsers when resolving domain names. This
+// compatibility. It is used by some browsers when resolving domain names. This
 // option is only meaningful if combined with MapForLookup.
 func Transitional(transitional bool) Option {
-	return func(o *options) { o.transitional = true }
+	return func(o *options) { o.transitional = transitional }
 }
 
 // VerifyDNSLength sets whether a Profile should fail if any of the IDN parts
diff --git a/vendor/golang.org/x/net/idna/pre_go118.go b/vendor/golang.org/x/net/idna/pre_go118.go
new file mode 100644
index 00000000000..3aaccab1c5a
--- /dev/null
+++ b/vendor/golang.org/x/net/idna/pre_go118.go
@@ -0,0 +1,12 @@
+// Code generated by running "go generate" in golang.org/x/text. DO NOT EDIT.
+
+// Copyright 2021 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+//go:build !go1.18
+// +build !go1.18
+
+package idna
+
+const transitionalLookup = true
diff --git a/vendor/golang.org/x/net/idna/punycode.go b/vendor/golang.org/x/net/idna/punycode.go
index 02c7d59af3b..e8e3ac11a94 100644
--- a/vendor/golang.org/x/net/idna/punycode.go
+++ b/vendor/golang.org/x/net/idna/punycode.go
@@ -49,6 +49,7 @@ func decode(encoded string) (string, error) {
 		}
 	}
 	i, n, bias := int32(0), initialN, initialBias
+	overflow := false
 	for pos < len(encoded) {
 		oldI, w := i, int32(1)
 		for k := base; ; k += base {
@@ -60,29 +61,32 @@ func decode(encoded string) (string, error) {
 				return "", punyError(encoded)
 			}
 			pos++
-			i += digit * w
-			if i < 0 {
+			i, overflow = madd(i, digit, w)
+			if overflow {
 				return "", punyError(encoded)
 			}
 			t := k - bias
-			if t < tmin {
+			if k <= bias {
 				t = tmin
-			} else if t > tmax {
+			} else if k >= bias+tmax {
 				t = tmax
 			}
 			if digit < t {
 				break
 			}
-			w *= base - t
-			if w >= math.MaxInt32/base {
+			w, overflow = madd(0, w, base-t)
+			if overflow {
 				return "", punyError(encoded)
 			}
 		}
+		if len(output) >= 1024 {
+			return "", punyError(encoded)
+		}
 		x := int32(len(output) + 1)
 		bias = adapt(i-oldI, x, oldI == 0)
 		n += i / x
 		i %= x
-		if n > utf8.MaxRune || len(output) >= 1024 {
+		if n < 0 || n > utf8.MaxRune {
 			return "", punyError(encoded)
 		}
 		output = append(output, 0)
@@ -115,6 +119,7 @@ func encode(prefix, s string) (string, error) {
 	if b > 0 {
 		output = append(output, '-')
 	}
+	overflow := false
 	for remaining != 0 {
 		m := int32(0x7fffffff)
 		for _, r := range s {
@@ -122,8 +127,8 @@ func encode(prefix, s string) (string, error) {
 				m = r
 			}
 		}
-		delta += (m - n) * (h + 1)
-		if delta < 0 {
+		delta, overflow = madd(delta, m-n, h+1)
+		if overflow {
 			return "", punyError(s)
 		}
 		n = m
@@ -141,9 +146,9 @@ func encode(prefix, s string) (string, error) {
 			q := delta
 			for k := base; ; k += base {
 				t := k - bias
-				if t < tmin {
+				if k <= bias {
 					t = tmin
-				} else if t > tmax {
+				} else if k >= bias+tmax {
 					t = tmax
 				}
 				if q < t {
@@ -164,6 +169,15 @@ func encode(prefix, s string) (string, error) {
 	return string(output), nil
 }
 
+// madd computes a + (b * c), detecting overflow.
+func madd(a, b, c int32) (next int32, overflow bool) {
+	p := int64(b) * int64(c)
+	if p > math.MaxInt32-int64(a) {
+		return 0, true
+	}
+	return a + int32(p), false
+}
+
 func decodeDigit(x byte) (digit int32, ok bool) {
 	switch {
 	case '0' <= x && x <= '9':
diff --git a/vendor/golang.org/x/net/internal/socket/empty.s b/vendor/golang.org/x/net/internal/socket/empty.s
index bff0231c7d5..90ab4ca3d8e 100644
--- a/vendor/golang.org/x/net/internal/socket/empty.s
+++ b/vendor/golang.org/x/net/internal/socket/empty.s
@@ -2,6 +2,7 @@
 // Use of this source code is governed by a BSD-style
 // license that can be found in the LICENSE file.
 
+//go:build darwin && go1.12
 // +build darwin,go1.12
 
 // This exists solely so we can linkname in symbols from syscall.
diff --git a/vendor/golang.org/x/net/internal/socket/sys_bsd.go b/vendor/golang.org/x/net/internal/socket/sys_bsd.go
index b6cd77088d5..b258879d446 100644
--- a/vendor/golang.org/x/net/internal/socket/sys_bsd.go
+++ b/vendor/golang.org/x/net/internal/socket/sys_bsd.go
@@ -2,8 +2,8 @@
 // Use of this source code is governed by a BSD-style
 // license that can be found in the LICENSE file.
 
-//go:build aix || darwin || dragonfly || freebsd || openbsd
-// +build aix darwin dragonfly freebsd openbsd
+//go:build aix || darwin || dragonfly || freebsd || openbsd || solaris
+// +build aix darwin dragonfly freebsd openbsd solaris
 
 package socket
 
diff --git a/vendor/golang.org/x/net/internal/socket/sys_linkname.go b/vendor/golang.org/x/net/internal/socket/sys_linkname.go
deleted file mode 100644
index 21734af4b85..00000000000
--- a/vendor/golang.org/x/net/internal/socket/sys_linkname.go
+++ /dev/null
@@ -1,43 +0,0 @@
-// Copyright 2018 The Go Authors. All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-//go:build aix || (go1.12 && darwin)
-// +build aix go1.12,darwin
-
-package socket
-
-import (
-	"syscall"
-	"unsafe"
-)
-
-//go:linkname syscall_getsockopt syscall.getsockopt
-func syscall_getsockopt(s int, level int, name int, val unsafe.Pointer, vallen *uint32) error
-
-func getsockopt(s uintptr, level, name int, b []byte) (int, error) {
-	l := uint32(len(b))
-	err := syscall_getsockopt(int(s), level, name, unsafe.Pointer(&b[0]), &l)
-	return int(l), err
-}
-
-//go:linkname syscall_setsockopt syscall.setsockopt
-func syscall_setsockopt(s int, level int, name int, val unsafe.Pointer, vallen uintptr) error
-
-func setsockopt(s uintptr, level, name int, b []byte) error {
-	return syscall_setsockopt(int(s), level, name, unsafe.Pointer(&b[0]), uintptr(len(b)))
-}
-
-//go:linkname syscall_recvmsg syscall.recvmsg
-func syscall_recvmsg(s int, msg *syscall.Msghdr, flags int) (n int, err error)
-
-func recvmsg(s uintptr, h *msghdr, flags int) (int, error) {
-	return syscall_recvmsg(int(s), (*syscall.Msghdr)(unsafe.Pointer(h)), flags)
-}
-
-//go:linkname syscall_sendmsg syscall.sendmsg
-func syscall_sendmsg(s int, msg *syscall.Msghdr, flags int) (n int, err error)
-
-func sendmsg(s uintptr, h *msghdr, flags int) (int, error) {
-	return syscall_sendmsg(int(s), (*syscall.Msghdr)(unsafe.Pointer(h)), flags)
-}
diff --git a/vendor/golang.org/x/net/internal/socket/sys_linux_386.go b/vendor/golang.org/x/net/internal/socket/sys_linux_386.go
index 651215321bc..c877ef23ae0 100644
--- a/vendor/golang.org/x/net/internal/socket/sys_linux_386.go
+++ b/vendor/golang.org/x/net/internal/socket/sys_linux_386.go
@@ -10,38 +10,13 @@ import (
 )
 
 const (
-	sysSETSOCKOPT = 0xe
-	sysGETSOCKOPT = 0xf
-	sysSENDMSG    = 0x10
-	sysRECVMSG    = 0x11
-	sysRECVMMSG   = 0x13
-	sysSENDMMSG   = 0x14
+	sysRECVMMSG = 0x13
+	sysSENDMMSG = 0x14
 )
 
 func socketcall(call, a0, a1, a2, a3, a4, a5 uintptr) (uintptr, syscall.Errno)
 func rawsocketcall(call, a0, a1, a2, a3, a4, a5 uintptr) (uintptr, syscall.Errno)
 
-func getsockopt(s uintptr, level, name int, b []byte) (int, error) {
-	l := uint32(len(b))
-	_, errno := socketcall(sysGETSOCKOPT, s, uintptr(level), uintptr(name), uintptr(unsafe.Pointer(&b[0])), uintptr(unsafe.Pointer(&l)), 0)
-	return int(l), errnoErr(errno)
-}
-
-func setsockopt(s uintptr, level, name int, b []byte) error {
-	_, errno := socketcall(sysSETSOCKOPT, s, uintptr(level), uintptr(name), uintptr(unsafe.Pointer(&b[0])), uintptr(len(b)), 0)
-	return errnoErr(errno)
-}
-
-func recvmsg(s uintptr, h *msghdr, flags int) (int, error) {
-	n, errno := socketcall(sysRECVMSG, s, uintptr(unsafe.Pointer(h)), uintptr(flags), 0, 0, 0)
-	return int(n), errnoErr(errno)
-}
-
-func sendmsg(s uintptr, h *msghdr, flags int) (int, error) {
-	n, errno := socketcall(sysSENDMSG, s, uintptr(unsafe.Pointer(h)), uintptr(flags), 0, 0, 0)
-	return int(n), errnoErr(errno)
-}
-
 func recvmmsg(s uintptr, hs []mmsghdr, flags int) (int, error) {
 	n, errno := socketcall(sysRECVMMSG, s, uintptr(unsafe.Pointer(&hs[0])), uintptr(len(hs)), uintptr(flags), 0, 0)
 	return int(n), errnoErr(errno)
diff --git a/vendor/golang.org/x/net/internal/socket/sys_linux_s390x.go b/vendor/golang.org/x/net/internal/socket/sys_linux_s390x.go
index 651215321bc..c877ef23ae0 100644
--- a/vendor/golang.org/x/net/internal/socket/sys_linux_s390x.go
+++ b/vendor/golang.org/x/net/internal/socket/sys_linux_s390x.go
@@ -10,38 +10,13 @@ import (
 )
 
 const (
-	sysSETSOCKOPT = 0xe
-	sysGETSOCKOPT = 0xf
-	sysSENDMSG    = 0x10
-	sysRECVMSG    = 0x11
-	sysRECVMMSG   = 0x13
-	sysSENDMMSG   = 0x14
+	sysRECVMMSG = 0x13
+	sysSENDMMSG = 0x14
 )
 
 func socketcall(call, a0, a1, a2, a3, a4, a5 uintptr) (uintptr, syscall.Errno)
 func rawsocketcall(call, a0, a1, a2, a3, a4, a5 uintptr) (uintptr, syscall.Errno)
 
-func getsockopt(s uintptr, level, name int, b []byte) (int, error) {
-	l := uint32(len(b))
-	_, errno := socketcall(sysGETSOCKOPT, s, uintptr(level), uintptr(name), uintptr(unsafe.Pointer(&b[0])), uintptr(unsafe.Pointer(&l)), 0)
-	return int(l), errnoErr(errno)
-}
-
-func setsockopt(s uintptr, level, name int, b []byte) error {
-	_, errno := socketcall(sysSETSOCKOPT, s, uintptr(level), uintptr(name), uintptr(unsafe.Pointer(&b[0])), uintptr(len(b)), 0)
-	return errnoErr(errno)
-}
-
-func recvmsg(s uintptr, h *msghdr, flags int) (int, error) {
-	n, errno := socketcall(sysRECVMSG, s, uintptr(unsafe.Pointer(h)), uintptr(flags), 0, 0, 0)
-	return int(n), errnoErr(errno)
-}
-
-func sendmsg(s uintptr, h *msghdr, flags int) (int, error) {
-	n, errno := socketcall(sysSENDMSG, s, uintptr(unsafe.Pointer(h)), uintptr(flags), 0, 0, 0)
-	return int(n), errnoErr(errno)
-}
-
 func recvmmsg(s uintptr, hs []mmsghdr, flags int) (int, error) {
 	n, errno := socketcall(sysRECVMMSG, s, uintptr(unsafe.Pointer(&hs[0])), uintptr(len(hs)), uintptr(flags), 0, 0)
 	return int(n), errnoErr(errno)
diff --git a/vendor/golang.org/x/net/internal/socket/sys_solaris.go b/vendor/golang.org/x/net/internal/socket/sys_solaris.go
deleted file mode 100644
index e79ca95183a..00000000000
--- a/vendor/golang.org/x/net/internal/socket/sys_solaris.go
+++ /dev/null
@@ -1,59 +0,0 @@
-// Copyright 2017 The Go Authors. All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-package socket
-
-import (
-	"syscall"
-	"unsafe"
-)
-
-//go:cgo_import_dynamic libc___xnet_getsockopt __xnet_getsockopt "libsocket.so"
-//go:cgo_import_dynamic libc_setsockopt setsockopt "libsocket.so"
-//go:cgo_import_dynamic libc___xnet_recvmsg __xnet_recvmsg "libsocket.so"
-//go:cgo_import_dynamic libc___xnet_sendmsg __xnet_sendmsg "libsocket.so"
-
-//go:linkname procGetsockopt libc___xnet_getsockopt
-//go:linkname procSetsockopt libc_setsockopt
-//go:linkname procRecvmsg libc___xnet_recvmsg
-//go:linkname procSendmsg libc___xnet_sendmsg
-
-var (
-	procGetsockopt uintptr
-	procSetsockopt uintptr
-	procRecvmsg    uintptr
-	procSendmsg    uintptr
-)
-
-func sysvicall6(trap, nargs, a1, a2, a3, a4, a5, a6 uintptr) (uintptr, uintptr, syscall.Errno)
-func rawSysvicall6(trap, nargs, a1, a2, a3, a4, a5, a6 uintptr) (uintptr, uintptr, syscall.Errno)
-
-func getsockopt(s uintptr, level, name int, b []byte) (int, error) {
-	l := uint32(len(b))
-	_, _, errno := sysvicall6(uintptr(unsafe.Pointer(&procGetsockopt)), 5, s, uintptr(level), uintptr(name), uintptr(unsafe.Pointer(&b[0])), uintptr(unsafe.Pointer(&l)), 0)
-	return int(l), errnoErr(errno)
-}
-
-func setsockopt(s uintptr, level, name int, b []byte) error {
-	_, _, errno := sysvicall6(uintptr(unsafe.Pointer(&procSetsockopt)), 5, s, uintptr(level), uintptr(name), uintptr(unsafe.Pointer(&b[0])), uintptr(len(b)), 0)
-	return errnoErr(errno)
-}
-
-func recvmsg(s uintptr, h *msghdr, flags int) (int, error) {
-	n, _, errno := sysvicall6(uintptr(unsafe.Pointer(&procRecvmsg)), 3, s, uintptr(unsafe.Pointer(h)), uintptr(flags), 0, 0, 0)
-	return int(n), errnoErr(errno)
-}
-
-func sendmsg(s uintptr, h *msghdr, flags int) (int, error) {
-	n, _, errno := sysvicall6(uintptr(unsafe.Pointer(&procSendmsg)), 3, s, uintptr(unsafe.Pointer(h)), uintptr(flags), 0, 0, 0)
-	return int(n), errnoErr(errno)
-}
-
-func recvmmsg(s uintptr, hs []mmsghdr, flags int) (int, error) {
-	return 0, errNotImplemented
-}
-
-func sendmmsg(s uintptr, hs []mmsghdr, flags int) (int, error) {
-	return 0, errNotImplemented
-}
diff --git a/vendor/golang.org/x/net/internal/socket/sys_solaris_amd64.s b/vendor/golang.org/x/net/internal/socket/sys_solaris_amd64.s
deleted file mode 100644
index a18ac5ed755..00000000000
--- a/vendor/golang.org/x/net/internal/socket/sys_solaris_amd64.s
+++ /dev/null
@@ -1,11 +0,0 @@
-// Copyright 2016 The Go Authors. All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-#include "textflag.h"
-
-TEXT	·sysvicall6(SB),NOSPLIT,$0-88
-	JMP	syscall·sysvicall6(SB)
-
-TEXT	·rawSysvicall6(SB),NOSPLIT,$0-88
-	JMP	syscall·rawSysvicall6(SB)
diff --git a/vendor/golang.org/x/net/internal/socket/sys_unix.go b/vendor/golang.org/x/net/internal/socket/sys_unix.go
index c98ebae548c..d203e2984ca 100644
--- a/vendor/golang.org/x/net/internal/socket/sys_unix.go
+++ b/vendor/golang.org/x/net/internal/socket/sys_unix.go
@@ -2,8 +2,8 @@
 // Use of this source code is governed by a BSD-style
 // license that can be found in the LICENSE file.
 
-//go:build dragonfly || freebsd || (linux && !s390x && !386) || netbsd || openbsd
-// +build dragonfly freebsd linux,!s390x,!386 netbsd openbsd
+//go:build aix || darwin || dragonfly || freebsd || linux || netbsd || openbsd || solaris
+// +build aix darwin dragonfly freebsd linux netbsd openbsd solaris
 
 package socket
 
@@ -12,23 +12,32 @@ import (
 	"unsafe"
 )
 
+//go:linkname syscall_getsockopt syscall.getsockopt
+func syscall_getsockopt(s, level, name int, val unsafe.Pointer, vallen *uint32) error
+
+//go:linkname syscall_setsockopt syscall.setsockopt
+func syscall_setsockopt(s, level, name int, val unsafe.Pointer, vallen uintptr) error
+
+//go:linkname syscall_recvmsg syscall.recvmsg
+func syscall_recvmsg(s int, msg *syscall.Msghdr, flags int) (int, error)
+
+//go:linkname syscall_sendmsg syscall.sendmsg
+func syscall_sendmsg(s int, msg *syscall.Msghdr, flags int) (int, error)
+
 func getsockopt(s uintptr, level, name int, b []byte) (int, error) {
 	l := uint32(len(b))
-	_, _, errno := syscall.Syscall6(syscall.SYS_GETSOCKOPT, s, uintptr(level), uintptr(name), uintptr(unsafe.Pointer(&b[0])), uintptr(unsafe.Pointer(&l)), 0)
-	return int(l), errnoErr(errno)
+	err := syscall_getsockopt(int(s), level, name, unsafe.Pointer(&b[0]), &l)
+	return int(l), err
 }
 
 func setsockopt(s uintptr, level, name int, b []byte) error {
-	_, _, errno := syscall.Syscall6(syscall.SYS_SETSOCKOPT, s, uintptr(level), uintptr(name), uintptr(unsafe.Pointer(&b[0])), uintptr(len(b)), 0)
-	return errnoErr(errno)
+	return syscall_setsockopt(int(s), level, name, unsafe.Pointer(&b[0]), uintptr(len(b)))
 }
 
 func recvmsg(s uintptr, h *msghdr, flags int) (int, error) {
-	n, _, errno := syscall.Syscall(syscall.SYS_RECVMSG, s, uintptr(unsafe.Pointer(h)), uintptr(flags))
-	return int(n), errnoErr(errno)
+	return syscall_recvmsg(int(s), (*syscall.Msghdr)(unsafe.Pointer(h)), flags)
 }
 
 func sendmsg(s uintptr, h *msghdr, flags int) (int, error) {
-	n, _, errno := syscall.Syscall(syscall.SYS_SENDMSG, s, uintptr(unsafe.Pointer(h)), uintptr(flags))
-	return int(n), errnoErr(errno)
+	return syscall_sendmsg(int(s), (*syscall.Msghdr)(unsafe.Pointer(h)), flags)
 }
diff --git a/vendor/golang.org/x/net/publicsuffix/table.go b/vendor/golang.org/x/net/publicsuffix/table.go
index c2e368db1bc..51f40b8ebad 100644
--- a/vendor/golang.org/x/net/publicsuffix/table.go
+++ b/vendor/golang.org/x/net/publicsuffix/table.go
@@ -2,7 +2,7 @@
 
 package publicsuffix
 
-const version = "publicsuffix.org's public_suffix_list.dat, git revision 1e2388af5cee935fdec6dc557db41559111e3fb9 (2021-04-26T23:42:06Z)"
+const version = "publicsuffix.org's public_suffix_list.dat, git revision 792f13d38c795cf910de96de4baac48f1fee3162 (2021-08-23T07:37:32Z)"
 
 const (
 	nodesBitsChildren   = 10
@@ -23,506 +23,510 @@ const (
 )
 
 // numTLD is the number of top level domains.
-const numTLD = 1506
+const numTLD = 1508
 
 // Text is the combined text of all labels.
-const text = "9guacuiababia-goracleaningroks-theatree12hpalmasfjorden4tatarant" +
-	"ours3-ap-northeast-2ix4432-balsan-suedtirolkuszczytnord-aurdalp1" +
-	"kappchizip6116-b-datacentermezproxyzgorabogadobeaemcloud-fr1337b" +
-	"irdartcenterprisecloudaccesscambridgeiseiroumuenchenirasakincheo" +
-	"nishiazaindianapolis-a-bloggerbirkenesoddtangenovarahkkeravjuego" +
-	"shikikugawashtenawdev-myqnapcloudcontrolledekagaminogifts3-websi" +
-	"te-ap-southeast-2birthplacevje-og-hornnes3-website-eu-west-1bjar" +
-	"koyuu2-localhostrolekaniepcextraspace-to-rentalstomakomaibarabje" +
-	"rkreimbamblebesbyglandroverhallaakesvuemieleccebinagisoccertmgra" +
-	"zerbaijan-mayengerdalipaywhirlimanowarudaustevollillyokosukanrag" +
-	"rocerybnikeisenbahnaumburggfarmerseine164-balsfjordd-dnshome-web" +
-	"serverdal-o-g-i-naval-d-aosta-valleyboltateshinanomachimkentatey" +
-	"amajudygarlanddnslivefsnillfjorddnss3-ap-south-1bjugnieznord-oda" +
-	"lomzaporizhzhiablackfridayuzawabloombergbauernishigohtawaramotoi" +
-	"neppueblockbusterniiminamiawajikindianmarketinglitcheltenham-rad" +
-	"io-opencraftrainingliwicebloxcms3-website-sa-east-1bluedagestang" +
-	"emologicallyngenishiharabmoattachments3-website-us-east-1bms3-we" +
-	"bsite-us-west-1bmwedeploybnrwegroweibolognagareyamakeuparaglidin" +
-	"globoavistanbulsan-sudtirolondonetskaratebomloabathsbchernivtsic" +
-	"iliabondigitaloceanographicsxboxfordellogliastradinglogoweirbonn" +
-	"ishiizunazukindielddanuorrindigenamsosnowiechernovtsyncloudray-d" +
-	"nstracebookinghostedpictetjeldsundrayddnsfreebox-osascoli-piceno" +
-	"rdlandraydnsupdaterbookonlinewjerseyboomlajollamericanexpressexy" +
-	"boschaefflerdalondrinapleskns3-website-us-west-2bostik-serverran" +
-	"koshigayachts5ybostonakijinsekikogentappsselfiparisor-fronishika" +
-	"taketomisatomobelembetsukubankaratsuginamikatagamilanotairesakyo" +
-	"tanabellevuelosangelesjabbottjmaxxxenishikatsuragit-reposalangen" +
-	"ishikawazukamisatohoboleslawiechirurgiens-dentistes-en-francebot" +
-	"anicalgardeno-stagingloppenzaporizhzhedmarkareliancebotanicgarde" +
-	"nishimerabotanychiryukyuragifuchungbukharanzanishinomiyashironom" +
-	"niweatherchannelorenskoglugsjcbnpparibashkiriabouncemerckmsdnipr" +
-	"opetrovskjervoyageorgeorgiabounty-fullensakerrypropertiesalon-1b" +
-	"outiquebeconomiastalowa-wolawassamukawataricoharuovatmallorcafed" +
-	"eration-webpaashorokanaieboutiresindevicenzaganquannefrankfurtjo" +
-	"meloyalistoragebozen-sudtirolottebozen-suedtirolottokonamegataka" +
-	"yamassa-carrara-massacarraramassabusinessebykleclerchitachinakag" +
-	"awatchandclockariyameiwamarshallstatebankarlsoybplaceducatoraybr" +
-	"andywinevalleybrasiliabrindisibenikilatironrenderbristoloseyouri" +
-	"parliamentjxeroxfinitybritishcolumbialowiezakopanelastxjampalace" +
-	"broadcastlebtimnetzjavaldaostathelleluxembourgmbhartipschlesisch" +
-	"esaltdalouvrehabmerbroadwaybroke-itkmaxxn--0trq7p7nnishinoomoteg" +
-	"omurabrokerbronnoysundrivegarsheiheijindowapblogsiteleafamilycom" +
-	"pany-2brothermesaverdealerbrowsersafetymarketsaludrobaknoluoktac" +
-	"hikawafflecellclstagehirnrtksatxn--11b4c3drudupontariobranconaka" +
-	"niikawatanagurabrumunddalpusercontentlon-2brunelblagrarchaeology" +
-	"eongbuk0brusselsalvadordalibabalena-devicesalzburgminakamichihar" +
-	"abruxellesamegawabryanskleppgafanishinoshimatsusakahoginankokubu" +
-	"njindustriabrynewmexicodyn-o-saurlandesamnangerbuskerudurbanamex" +
-	"hibitionishiokoppegardurhamburgmodellingmxn--12c1fe0bradescotlan" +
-	"dynathomebuiltwithdarkarmoybuzentsujiiebuzzlgretakamoriokakegawa" +
-	"bwellbeingzonebzhitomirbzzwesteuropenairbusantiquest-a-la-maison" +
-	"dre-landroidyndns-at-homedepotenzaolbia-tempio-olbiatempioolbial" +
-	"ystokkeliwebhostingrimstadyndns-at-workisboringripecolumbusheyco" +
-	"mmunecommunity-prochowicecomoarekecomparemarkerryhotelsantamaria" +
-	"kecomsecaaskoyabearalvahkihokumakogenebakkeshibechambagriculture" +
-	"nnebugattiffanyaarborteaches-yogasawara-rugbydgoszczecinemacerat" +
-	"abuseating-organicbcieszyncondoshichinohealth-carereformemergenc" +
-	"yahikobeardubaiduckdnswedeniwaizumiotsukumiyamazonawsglobalaccel" +
-	"eratorahimeshimabaridagawalbrzycharternopilawalesundyndns-remote" +
-	"wdyndns-serverisignconferenceconstructionconsuladoesntexisteinge" +
-	"ekashibatakatorinzais-a-candidateconsultanthropologyconsultingro" +
-	"undhandlingroznynysaikisosakitagawacontactoyouracontagematsubara" +
-	"vpagexluzerncontemporaryarteducationalchikugodogadollsantoandrea" +
-	"mhostersanukis-a-caterercontractorskenconventureshinodearthruher" +
-	"ecifedexetercookingchannelsdvrdnsdojoburgrpasadenaritakoelncoolv" +
-	"ivanovoldacooperativano-frankivskolefrakkestadyndns-webhareidsbe" +
-	"rgentingruecopenhagencyclopedichonanbulsan-suedtirolubindalublin" +
-	"desnesamsclubartowestfalenishitosashimizunaminamibosogndalucania" +
-	"coproductionsaobernardocorporationcorsicahcesuoloansaogoncarrier" +
-	"corvettemp-dnsaotomelbournecosenzamamidorissadonnagatorogersvps-" +
-	"hostrowiechoseikarugamvikarpaczeladzcosidnsfor-better-thanawawsm" +
-	"pplanetariumemorialcostumedicinaharimalborkashiharacouchpotatofr" +
-	"iesapporocoukashiwaracouncilcouponsardegnarusawacozoracqcxn--12c" +
-	"fi8ixb8lcranbrookuwanalyticsardiniacrdyndns-wikinkobierzycecredi" +
-	"tcardyndns-workshoparenakanojohanamakinoharacreditunioncremonash" +
-	"gabadaddjaguarqhachinoheguris-a-celticsfancrewhoswholdingsmall-w" +
-	"ebredirectmeetoystre-slidrettozawacricketrzyncrimeast-kazakhstan" +
-	"angercrotonecrownipassagensarlcrsarpsborguidefenseljordyndns1cru" +
-	"isesarufutsunomiyawakasaikaitabashijonawatecuisinellancashirecip" +
-	"escaracalvinklein-berlindaskvollculturalcentertainmentozsdelmenh" +
-	"orstalbansasayamattelekommunikationcuneocupcakecuritibaghdadynns" +
-	"asebofageologycurvallee-aosteroycymrussiacyonabarumemsettlersask" +
-	"atchewancyouthachiojiyaizuwakamatsubushikusakadogawaferrarivnefe" +
-	"rrerotikagoshimalopolskanlandynv6fetsundynvpnpluscountryestateof" +
-	"delawareclaimsaudafgulenfhvalerfidoomdnsiskinkyotobetsumidatlant" +
-	"ichoshibuyahabackyardsamsungriwataraidyndns-freeboxoslocus-4fiel" +
-	"dyroyrvikinguitarsauheradynservebbsassaris-a-chefashionfigueresi" +
-	"stancefilateliafilegear-audnedalnfilegear-dealstahaugesunderseap" +
-	"ortsinfolionetworkangerfilegear-gbizfilegear-iefilegear-jpmorgan" +
-	"filegear-sg-1filminamiechizenfinalfinancefineartschokokekschokol" +
-	"adenfinlandfinnoyfirebaseappatriafirenetraniandriabarlettatrania" +
-	"ndriafirenzefirestonefirewebhopensocialfirmdalegnicapebretonamic" +
-	"rolightingunmaniwakuratefishingokasells-for-lesscholarshipschool" +
-	"sztynsettsurgeonshalloffameldalfitjarvodkafjordvagsoygardendofth" +
-	"einternetnedalceschulefitnessettlementranoyfjalerflekkefjordfles" +
-	"berguovdageaidnulminamifuranoflickragerokunohealthcareerschulser" +
-	"verflirfloginlinefloraflorencefloridatsunanjoetsuwanouchikujogas" +
-	"zkolancasterfloripaderbornfloristanohatajiris-a-cpadualstackasse" +
-	"rversailleschwarzgwangjuifminamiiserniafloromskogushikamifuranor" +
-	"e-og-uvdalflowerschweizfltranslateflynnhosting-clusterfndfnwkasu" +
-	"kabedzin-addrammenulvikasumigaurayasudafoodnetworkdalfor-ourfor-" +
-	"somedizinhistorischesciencecentersciencehistoryfor-theaterforexr" +
-	"othachirogatakanabeautysfjordforgotdnscientistordalforli-cesena-" +
-	"forlicesenaforlikescandyn53forsalegoldpoint2thisamitsukeforsanda" +
-	"suoloftransportefortalfortevaksdalfortmissoulanciafortworthadano" +
-	"rfolkebibleksvikasuyanaizuerichardlillesandefjordfosnescjohnsonf" +
-	"otaruis-a-cubicle-slavellinodeobjectscrapper-sitefoxafozfranamiz" +
-	"uhobby-sitexascrappingwiddleitungsenfrancaiseharafranziskanerima" +
-	"ringatlantakahamalselvendrellfredrikstadtvscrysecuritytacticserv" +
-	"ehttpaviancargodaddyn-vpndnservehumourfreeddnsgeekgalaxyfreedesk" +
-	"topocznordreisa-hockeynutazurestaticappspacehosted-by-previderfr" +
-	"eemasonryfreemyiphosteurovisionfreesitextileikangerfreetlserveir" +
-	"choyodobashichikashukujitawaraumalatvuopmicrosoftbankaruizawafre" +
-	"iburgxn--1ck2e1bar0emmafann-arboretumbriamallamaceiobbcg12038fre" +
-	"seniusculturecreationfribourgfriuli-v-giuliafriuli-ve-giuliafriu" +
-	"li-vegiuliafriuli-venezia-giuliafriuli-veneziagiuliafriuli-vgiul" +
-	"iafriuliv-giuliafriulive-giuliafriulivegiuliafriulivenezia-giuli" +
-	"afriuliveneziagiuliafriulivgiuliafrlfroganserveminecraftransurlf" +
-	"rognfrolandfrom-akrehamnfrom-alfrom-arfrom-azimuthatogayabukijob" +
-	"servableusercontentrapaniizafrom-capetownnews-stagingfrom-coffee" +
-	"dbackplaneappfizerfrom-ctravelchannelfrom-dchristiansburgroks-th" +
-	"isayamanobeokakudamatsuefrom-deatnuniversityfrom-flanderservemp3" +
-	"from-gaulardalfrom-hichisochildrensgardenfrom-iafrom-idfrom-ilfr" +
-	"om-in-brbar1from-kservep2pgfoggiafrom-kyowariasahikawafrom-lange" +
-	"vagrigentomologyeonggiehtavuoatnabudapest-a-la-masion-rancherkas" +
-	"ydneyfrom-malvikaszubyfrom-mdfrom-meerestaurantravelersinsurance" +
-	"from-mifunefrom-mnfrom-modalenfrom-mservepicservequakefrom-mtnfr" +
-	"om-nctulanservesarcasmatartanddesignfrom-ndfrom-nefrom-nh-serveb" +
-	"logspotrdfrom-njservicesevastopolefrom-nminamiizukaminokawanishi" +
-	"aizubangefrom-nvallee-d-aosteigenfrom-nyminamimakis-a-democratre" +
-	"ndhostingfrom-ohdattorelayfrom-oketogolffansevenassisicilyfrom-o" +
-	"rfrom-padoval-daostavalleyfrom-pratogurafrom-ris-a-designerfrom-" +
-	"schoenbrunnfrom-sdscloudfrom-tnfrom-txn--1ctwolominamatarnobrzeg" +
-	"yptianfrom-utsiracusagaeroclubmedecincinnativeamericanantiquest-" +
-	"mon-blogueurodirumadridnbloggerimo-i-rana4unjargafrom-vald-aosta" +
-	"rostwodzislawienfrom-vtrentin-sud-tirolfrom-wafrom-wiardwebspace" +
-	"from-wvalleeaosteinkjerusalempresashibetsukuis-a-doctorprojectre" +
-	"ntin-sudtirolfrom-wyfrosinonefrostaplesharis-a-financialadvisor-" +
-	"aurdalfroyaitakaharunusualpersonfstcgroupharmaciensharpharmacysh" +
-	"awaiijimarburgfujiiderafujikawaguchikonefujiminokamoenairlineen-" +
-	"rootaribeiraogashimadachicagoboatshellaspeziafujinomiyadattowebc" +
-	"ampinashikiminohostfoldnavyfujiokayamamurogawafujisatoshonairpor" +
-	"tland-4-salernoduminamiminowafujisawafujishiroishidakabiratoride" +
-	"bianfujitsurugashimandalfujiyoshidavvenjargap-northeast-3fukayab" +
-	"eatshimojis-a-geekatowicefukuchiyamadavvesiidappnodebalancertifi" +
-	"cationfukudomigawafukuis-a-greenfukumitsubishigakirovogradoyfuku" +
-	"okazakiryuohkurafukuroishikarikaturindalfukusakisarazure-mobilei" +
-	"rfjordfukuyamagatakahashimamakishiwadazaifudaigojomedio-campidan" +
-	"o-mediocampidanomediofunabashiriuchinadafunagatakahatakaishimogo" +
-	"senfunahashikamiamakusatsumasendaisennangonohejis-a-gurunzenfund" +
-	"aciofunkfeuerfuoiskujukuriyamangooglecodespotrentin-sued-tirolfu" +
-	"osskoczowiiheyakumodernfurnitureggio-calabriafurubirafurudonosti" +
-	"aafurukawairtelebitbridgestonekobayashikaoirmitakeharackmazeplay" +
-	"fusodegaurafussagamiharafutabayamaguchinomihachimanagementrentin" +
-	"-suedtirolfutboldlygoingnowhere-for-morenakatombetsumitakagiizef" +
-	"uttsurugimperiafuturecmshimokawafuturehostingfuturemailingfvghan" +
-	"gglidinghangoutsystemscloudsitehannanmokuizumodenaklodzkochikush" +
-	"inonsenergyhannorthwesternmutualhanyuzenhapmircloudletshimonitay" +
-	"anagitapphdfcbankatsuyamarugame-hostyhostinghappousrcfastly-terr" +
-	"ariumetacentrumeteorappassenger-associationharstadharvestcelebra" +
-	"tionhasamansionshimonosekikawahasaminami-alpshimosuwalkis-a-land" +
-	"scaperugiahashbanghasudahasura-apphiladelphiaareadmyblogsytehasv" +
-	"ikaufentigerhatoyamazakitahiroshimanxn--1lqs03nhatsukaichikaisei" +
-	"yoichippubetsubetsugarustkanmakiwakunigamiharutwentehattfjelldal" +
-	"hayashimamotobungotakadancehazuminobusells-for-uhelsinkitakamiiz" +
-	"umisanofidelitysvardontexistmein-iservebeerhembygdsforbundhemnes" +
-	"himotsukehemsedalhepforgeblockshimotsumaherokusslattuminamioguni" +
-	"5heroyhgtvalleedaostehidorahigashiagatsumagoianiahigashichichibu" +
-	"nkyonanaoshimakanegasakimobetsuldalhigashihiroshimanehigashiizum" +
-	"ozakitakatakaokalmykiahigashikagawahigashikagurasoedahigashikawa" +
-	"kitaaikitakyushuaiahigashikurumegurownproviderhigashimatsushimao" +
-	"ris-a-lawyerhigashimatsuyamakitaakitadaitoigawahigashimurayamamo" +
-	"torcycleshinichinanhigashinarusells-itrentino-aadigehigashinehig" +
-	"ashiomitamamurausukitamihamadahigashiosakasayamanakakogawahigash" +
-	"ishirakawamatakarazukaluganskygearapphilatelyhigashisumiyoshikaw" +
-	"aminamiaikitamotosumy-gatewayhigashitsunortonhigashiurawa-mazows" +
-	"zexnetrentino-alto-adigehigashiyamatokoriyamanashifteditorxn--1l" +
-	"qs71dhigashiyodogawahigashiyoshinogaris-a-liberalhiraizumisatohm" +
-	"apartmentshinjournalismailillehammerfeste-iphilipsynology-diskst" +
-	"ationhirakatashinagawahiranairtrafficplexus-1hirarahiratsukaeruh" +
-	"irayakagehistorichouseshinjukumamotoyamashikokuchuohitachiomiyag" +
-	"ildeskaliszhitachiotagoppdalhitraeumtgeradegreehjartdalhjelmelan" +
-	"dholeckodairaholidayhomegoodshinkamigototalhomeiphoenixn--1qqw23" +
-	"ahomelinkyard-cloudjiffylkesbiblackbaudcdn-edgestackhero-network" +
-	"inggroupowiathletajimageandsoundandvision-riopretochigiessensios" +
-	"itecnologiahomelinuxn--2m4a15ehomeofficehomesecuritymacaparecida" +
-	"homesecuritypchristmaseratinterhostsolutionsandnessjoenishiwakin" +
-	"ternationalfirearmsandoyhomesenseeringhomeunixn--2scrj9chromedic" +
-	"altanissettaishinomakinderoyhondahongotembaixadahonjyoitakasagot" +
-	"pantheonsitehornindalhorsellsyourhomeftphonefosshinshinotsurgery" +
-	"hortendofinternet-dnshinshirohospitalhoteleshintokushimahotelwit" +
-	"hflightshintomikasaharahotmailhoyangerhoylandetroitskypehumaniti" +
-	"eshinyoshitomiokamishihoronobeauxartsandcraftshiojirishirifujied" +
-	"ahurdalhurumajis-a-libertarianhyllestadhyogoris-a-linux-usershio" +
-	"yandexcloudhyugawarahyundaiwafuneis-uberleetrentino-stirolis-ver" +
-	"y-badajozis-a-painteractivestfoldis-very-evillageis-very-goodyea" +
-	"ris-very-niceis-very-sweetpepperis-with-thebandownloadisleofmana" +
-	"ustdaljenv-arubajddarchitecturealtoregontrailroadjeonnamerikawau" +
-	"ejetztrentino-sud-tiroljevnakershusdecorativeartshisognejewelryj" +
-	"ewishartgalleryjfkazteleportlligatrentino-sudtiroljgorajlljls-st" +
-	"o1jls-sto2jls-sto3jmphxn--30rr7yjnjaworznoshiroomgjoyentrentino-" +
-	"sued-tiroljoyokaichibalashovhadselburgjpnjprshisuifuettertdasnet" +
-	"zjurkosaigawakosakaerodromegallupaascolipiceno-ipifony-1koseis-a" +
-	"-photographerokuapphotographysiokosherbrookegawakoshimizumakiyos" +
-	"emitekoshunantankddiamondshizukuishimofusaitoshimatta-varjjatren" +
-	"tino-suedtirolkosugekotohiradomainsureggioemiliaromagnamsskogane" +
-	"is-a-playershiftcryptonomichigangwonkotourakouhokutamakiyosunnda" +
-	"lkounosupplieshopitsitekouyamashikekouzushimashikizunokunimilita" +
-	"rykozagawakozakis-a-republicancerresearchaeologicaliforniakozowi" +
-	"ldlifestylekpnkppspdnshoppingkrasnikahokutokamachintaifun-dnsali" +
-	"ashopwarendalenugkrasnodarkredstonekrelliankristiansandcatshouji" +
-	"s-a-rockstarachowicekristiansundkrodsheradkrokstadelvalle-aostat" +
-	"ic-accesshowakryminamisanrikubetsupportrentinoa-adigekumanottero" +
-	"ykumatorinow-dnshowtimelhusgardenkumejimasoykumenantokigawakunis" +
-	"akis-a-socialistdlibestadkunitachiarailwaykunitomigusukuleuvenet" +
-	"okashikis-a-soxfankunneppubtlshwilliamhillkunstsammlungkunstundd" +
-	"esignkuokgroupilotsienarviikamiokameokamakurazakitchenkuregruhos" +
-	"tingkurgankurobeepilepsykkylvenicekurogimimatakatsukis-a-student" +
-	"alkuroisoftwarezzokuromatsunais-a-teacherkassyno-dshirahamatonbe" +
-	"tsurnadalkurotakikawasakis-a-techietis-a-llamaritimoldell-oglias" +
-	"traderkushirogawakustanais-a-therapistoiakusupplynxn--3bst00mina" +
-	"mitanekutchanelkutnowruzhgorodeokuzumakis-an-accountantshirakoka" +
-	"miminershiranukamisunagawakvafjordkvalsundkvamlidlugolekadenagah" +
-	"amaroyerkvanangenkvinesdalkvinnheradkviteseidatingkvitsoykwpspec" +
-	"truminamiuonumassivegridkzmisconfusedmishimasudamissilewismiller" +
-	"misugitokorozawamitourismilezajskfh-muenstermitoyoakemiuramiyazu" +
-	"recontainerdpolicemiyotamanomjondalenmlbfanmontrealestatefarmequ" +
-	"ipmentrentinoaadigemonza-brianzapposigdalmonza-e-della-brianzapt" +
-	"okuyamatsumaebashikshacknetrentinoalto-adigemonzabrianzaramonzae" +
-	"brianzamonzaedellabrianzamoonscaleforcemordoviamoriyamatsumotofu" +
-	"kemoriyoshiminamiashigaramormonstermoroyamatsunomortgagemoscowin" +
-	"barclaycards3-external-1moseushistorymosjoenmoskenesilkhakassiam" +
-	"ossimple-urlmosvikharkivanylvenneslaskerrylogisticshizuokamitsue" +
-	"moteginowaniigatakamatsukawamoviemovimientokyotangovtrentinoalto" +
-	"adigemozilla-iotrentinos-tirolmtranbymuginozawaonsenmuikaminoyam" +
-	"axunispacemukoebenhavnmulhouseoullensvanguardmultibaasirdalmunak" +
-	"atanemuncienciamuosattemupimientakinouemurmanskharkovaomurotorcr" +
-	"aftrentinostirolmusashinoharamuseetrentinosud-tirolmuseumverenig" +
-	"ingmusicarbonia-iglesias-carboniaiglesiascarboniamutsuzawamy-vig" +
-	"orgemy-wanggouvichurchaseljedugit-pagespeedmobilizeroticagliarik" +
-	"uzentakataipeidsvolluccaravantaarparochernigovernmentoyosatoyoka" +
-	"wamyactivedirectorymyasustor-elvdalmycdmycloudnslupskhersonmydat" +
-	"tolocalhistorymyddnskingmydissentrentinosudtirolmydobisshikis-an" +
-	"-artistgstagemydroboehringerikemydslzmyeffectrentinosued-tirolmy" +
-	"fastblogermyfirewallonieruchomoscienceandindustrynmyforuminamiya" +
-	"mashirokawanabelaudibleasingmyfritzmyftpaccessmolarvikhmelnitski" +
-	"yamarumorimachidamyhome-servermyjinomykolaivarggatrentinosuedtir" +
-	"olmymailermymediapcircustomer-ocimdbananarepublic66myokohamamats" +
-	"udamypepinbarclays3-fips-us-gov-west-1mypetsmushcdn77-sslingmyph" +
-	"otoshibalatinoipirangalsaceomypicturesnoasakakinokiamypsxn--3ds4" +
-	"43gmysecuritycamerakermyshopblocksokndalmyshopifyresdalmythic-be" +
-	"astsolarssonmytis-a-bookkeeperspectakashimarcheapigeelvinckhmeln" +
-	"ytskyivaporcloudmytuleaprendemasakievennodesabaerobaticketsologn" +
-	"emyvncistrondheimmobilienissandiegomywireitrentinsud-tirolplatte" +
-	"rpioneerplazaplcube-serverplumbingoplurinacionalpodhalepodlasiel" +
-	"laktyubinskiptveterinairealmpmnpodzonepohlpoivronpokerpokrovsknx" +
-	"-serversicherungpoliticarrdpolitiendapolkowicepoltavalle-d-aosta" +
-	"ticsomnarvikomaganepomorzeszowindmillponpesaro-urbino-pesarourbi" +
-	"nopesaromasvuotnaroyponypordenonepornporsangerporsangugeporsgrun" +
-	"nanyokoshibahikariwanumatakkofuefukihabororosoopoznanpraxis-a-br" +
-	"uinsfanprdpresidioprgmrprimetelemarkomakiyosatokaizukamikoaniiha" +
-	"matamakawajimarnardalprincipeprivatizehealthinsuranceprofesional" +
-	"progressivestnesopotrentinsudtirolpromombetsurfaststacksavannahg" +
-	"apropertyprotectionprotonetrentinsued-tirolprudentialpruszkowind" +
-	"owskrakowinnersor-odalprvcyberlevagangaviikanonjis-an-engineerin" +
-	"gprzeworskogpulawypupippugliapvhagebostadpvtrentinsuedtirolpwcit" +
-	"adeliverydyndns-iparsanfranciscofreakunemurorangecloudplatform0p" +
-	"ythonanywherepaircraftingvollolipopittsburghofficialpzqldqotoyoh" +
-	"ashimotoolsor-varangerqponiatowadaqslgbtrentoyonakagyokutoyakolo" +
-	"brzegersundqualifioappiwatequickconnectrevisohughesorfoldquicksy" +
-	"tesorocabalestrandabergamo-siemenscaledogawarabikomaezakirunombr" +
-	"esciaquipelementsorreisahayakawakamiichikawamisatottoris-an-ente" +
-	"rtainerqvcitichitosetoeigersundyndns-blogdnsampaleomutashinaindu" +
-	"striesteamfamberkeleyswidnikkokonoeswiebodzin-butterswiftcoversw" +
-	"inoujscienceandhistoryswissmarterthanyousynology-dsowatuvalleaos" +
-	"taverntuxfamilytwmailvevelstadvibo-valentiavibovalentiavideovill" +
-	"asphinxn--3e0b707evinnicasacamdvrcampinagrandebuilderschmidtre-g" +
-	"auldalvinnytsiavipsinaappixolinovirginiavirtual-userveexchangevi" +
-	"rtualcloudvirtualservervirtualuserveftpizzavirtueeldomein-vigorl" +
-	"icevirtuelvisakegawaviterboknowsitallvivolkenkundenvixn--3hcrj9c" +
-	"ivilizationisshingucciprianidyndns-mailukowestus2vlaanderenvladi" +
-	"kavkazimierz-dolnyvladimirvlogintoyonezawavminiservervologdansko" +
-	"mmunevolvolkswagentspjelkavikomatsushimarylandvolyngdalvoorloper" +
-	"auniterois-foundationvossevangenvotevotingvotoyonowithyoutubersp" +
-	"acekitagatargitlaborwiwatsukiyonosegawawixsitewloclawekomorotsuk" +
-	"agawawmcloudwmflabsrhtritonwnextdirectromsojamisonwoodsideloitte" +
-	"mpurlworldworse-thandawowiospydebergwpdevcloudwpenginepoweredwph" +
-	"ostedmailwpmucdnpklabudhabikinokawabarthaebaruericssongdalenvikn" +
-	"akatsugawawpmudevcdnaccessokamogawawritesthisblogwroclawitdkomon" +
-	"otogawawtcircleverappspotagerwtfastvps-serveronakasatsunairguard" +
-	"iannakadomarinedre-eikerwuozuwzmiuwajimaxn--45brj9civilwarmiasak" +
-	"uchinotsuchiurakawatchesangoxn--45q11clanbibaidarmeniaxn--4gbrim" +
-	"iningxn--4it168dxn--4it797kongsbergxn--4pvxs4allxn--54b7fta0ccld" +
-	"mailuroyxn--55qw42gxn--55qx5dxn--5js045dxn--5rtp49clic20001wwwfa" +
-	"rmsteadyndns-office-on-the-weberxn--5rtq34kongsvingerxn--5su34j9" +
-	"36bgsgxn--5tzm5gxn--6btw5axn--6frz82gxn--6orx2rxn--6qq986b3xlxn-" +
-	"-7t0a264clicketcloudcontrolappartintuitoyotapartsanjotoyotomiyaz" +
-	"akinuyamashinatsukigatakasakitashiobaraxn--80aaa0cvacationsrlxn-" +
-	"-80adxhksrvaroyxn--80ao21axn--80aqecdr1axn--80asehdbarefootballo" +
-	"oningjesdalimitediscourses3-sa-east-1xn--80aswgxn--80augustowith" +
-	"googleapiszxn--8ltr62koninjambylxn--8pvr4uxn--8y0a063axn--90a1af" +
-	"lakstadaokagakicks-assnasaarlandxn--90a3academiamicable-modemone" +
-	"yxn--90aeroportalaheadjudaicadaquestorebaselectroandinosaurepbod" +
-	"ynamic-dnsoruminanoxn--90aishobarakawagoexn--90amcdirxn--90azhyt" +
-	"omyravendbargainstantcloudfrontdoorlandiscoveryggeehimejiiyamano" +
-	"uchikuhokuryugasakitanakagusukumodumcpreservationayorovnoceanogr" +
-	"aphiquemrhcloudishakotanfshostrodawaraustraliamuneues3-ap-southe" +
-	"ast-1xn--9dbhblg6dietrusteexn--9dbq2axn--9et52uxn--9krt00axn--an" +
-	"dy-iraxn--aroport-byaotsurreyxn--asky-iraxn--aurskog-hland-jnbar" +
-	"reauctioncilla-speziaustrheimatunduhrennesoyokoteastasiamusement" +
-	"dllpages3-ap-southeast-2xn--avery-yuasakuhokksundxn--b-5gaxn--b4" +
-	"w605ferdxn--balsan-sdtirol-nsbstorfjordxn--bck1b9a5dre4clickrisi" +
-	"nglesannaniyodogawaxn--bdddj-mrabdxn--bearalvhki-y4axn--berlevg-" +
-	"jxaxn--bhcavuotna-s4axn--bhccavuotna-k7axn--bidr-5nachikatsuurax" +
-	"n--bievt-0qa2xn--bjarky-fyasakaiminatoyookanazawaxn--bjddar-ptar" +
-	"umizusawaxn--blt-elabourxn--bmlo-graingerxn--bod-2naturalhistory" +
-	"museumcenterxn--bozen-sdtirol-2obanazawaxn--brnny-wuacademy-fire" +
-	"wall-gatewayxn--brnnysund-m8accident-investigation-aptibleadpage" +
-	"square7xn--brum-voagatrvestre-slidreportromsakatamayufuelverumin" +
-	"comcastresinstagingxn--btsfjord-9zaxn--bulsan-sdtirol-nsbarrel-o" +
-	"f-knowledgeappleborkaracoldwarszawauthordalandds3-ca-central-1xn" +
-	"--c1avgxn--c2br7gxn--c3s14minnesotaketakazakis-an-actorxn--cck2b" +
-	"3barrell-of-knowledgecomputerhistoryofscience-fictionfabricafjs3" +
-	"-us-east-2xn--cckwcxetdxn--cesena-forl-mcbremangerxn--cesenaforl" +
-	"-i8axn--cg4bkis-gonexn--ciqpnxn--clchc0ea0b2g2a9gcdxn--comunicae" +
-	"s-v6a2oxn--correios-e-telecomunicaes-ghc29axn--czr694barsycenter" +
-	"prisesakikonaikawachinaganoharamcoachampionshiphoptobamagazineat" +
-	"-urlimolisemineu-1xn--czrs0try-snowplowiczest-le-patronxn--czru2" +
-	"dxn--czrw28barsyonlineustargardiskussionsbereichattanooganordest" +
-	"e-idcasadelamonedapliernewspaperxn--d1acj3basicservercelliguriau" +
-	"tomotivelandeportenrittogitsulikes-piedmonticellocalzoneastcoast" +
-	"aldefenceastus2xn--d1alfaromeoxn--d1atrycloudflareplantationxn--" +
-	"d5qv7z876clinichofunatoriginstitutemasekd1xn--davvenjrga-y4axn--" +
-	"djrs72d6uyxn--djty4konskowolayangroupiemontexn--dnna-grajewolter" +
-	"skluwerxn--drbak-wuaxn--dyry-iraxn--e1a4cliniquenoharavennagasak" +
-	"indlecznagasukexn--eckvdtc9dxn--efvn9storjcloud-ver-jpchungnamda" +
-	"lseidfjordyndns-homednsandvikcoromantovalle-daostavangerxn--efvy" +
-	"88haibarakitahatakanezawaxn--ehqz56nxn--elqq16hair-surveillancex" +
-	"n--eveni-0qa01gaxn--f6qx53axn--fct429konsulatrobeeldengeluidvare" +
-	"serve-onlinexn--fhbeiarnxn--finny-yuaxn--fiq228c5hstpetersburgxn" +
-	"--fiq64basilicataniautoscanadaeguambulancentralus-2xn--fiqs8stre" +
-	"amscompute-1xn--fiqz9studioxn--fjord-lraxn--fjq720axn--fl-ziaxn-" +
-	"-flor-jraxn--flw351exn--forl-cesena-fcbsstudynamisches-dnsoundca" +
-	"stronomy-routerxn--forlcesena-c8axn--fpcrj9c3dxn--frde-grandrapi" +
-	"dstuff-4-salexn--frna-woaraisaijosoyrovigotsukisofukushimangyshl" +
-	"akasamatsudopaasnesoddenmarkhangelskjakdnepropetrovskiervaapstei" +
-	"ermarkonyvelohmusashimurayamarylhurstjordalshalsenxn--frya-hraxn" +
-	"--fzc2c9e2clintonoshoesannohelplfinancialutskarumaifarsundyndns-" +
-	"picsanokasaokamikitayamatsurinvestmentsantabarbaraxn--fzys8d69uv" +
-	"gmailxn--g2xx48clothingdustdataitogakushimotoganewyorkshirebungo" +
-	"onordkappartyxn--gckr3f0fauskedsmokorsetagayaseralingenoamishira" +
-	"satogliattis-a-conservativegasaveincloudynufcfanxn--gecrj9cn-nor" +
-	"thwest-1xn--ggaviika-8ya47hakatanorth-kazakhstanxn--gildeskl-g0a" +
-	"xn--givuotna-8yasugitpagefrontapplantsolundbeckmpspbar2xn--gjvik" +
-	"-wuaxn--gk3at1exn--gls-elacaixaxn--gmq050is-into-animeinforumzxn" +
-	"--gmqw5axn--gnstigbestellen-zvbrplsbxn--3oq18vl8pn36axn--gnstigl" +
-	"iefern-wobihirosakikamijimatsushigexn--h-2failxn--h1aeghakodatex" +
-	"n--h1ahnxn--h1alizxn--h2breg3evenestufftoread-booksnesouthcaroli" +
-	"natalxn--h2brj9c8cngrondarxn--h3cuzk1discountysnestuttgartrogsta" +
-	"dxn--hbmer-xqaxn--hcesuolo-7ya35basketballfinanzgorzeleccogjovik" +
-	"aragandaveroykenflfanpachigasakids3-eu-central-1xn--hery-iraxn--" +
-	"hgebostad-g3axn--hkkinen-5waxn--hmmrfeasta-s4accident-prevention" +
-	"-k3susakis-bytomaritimekeepingxn--hnefoss-q1axn--hobl-iraxn--hol" +
-	"tlen-hxaxn--hpmir-xqaxn--hxt814exn--hyanger-q1axn--hylandet-54ax" +
-	"n--i1b6b1a6a2exn--imr513nxn--indery-fyasuokannamihokkaidovre-eik" +
-	"erxn--io0a7is-into-carshiraokamitondabayashiogamagoriziaxn--j1ad" +
-	"platformshangrilaquilanxessomaxn--j1aefbsbxn--12co0c3b4evalled-a" +
-	"ostaobaomoriguchiharag-cloud-charitychyattorneyagawakayamagnethn" +
-	"ologyxn--j1ael8batochiokinoshimaintenanceu-2xn--j1amhakonexn--j6" +
-	"w193gxn--jlq480n2rgxn--jlq61u9w7batsfjordisrechtranakaiwamizawav" +
-	"ocatanzarowbq-aukraanghkembuchikumagayagawakepnogatagajoboji234l" +
-	"ima-cityeatselinogradult3l3p0rtatamotorsitestingdyniabruzzoologi" +
-	"calabamagasakishimabaraogakibichuobiraetnaamesjevuemielnoboribet" +
-	"sucks3-ap-northeast-1xn--jlster-byatominamidaitomanchesterxn--jr" +
-	"peland-54axn--jvr189mintereisenxn--k7yn95exn--karmy-yuaxn--kbrq7" +
-	"oxn--kcrx77d1x4axn--kfjord-iuaxn--klbu-woaxn--klt787dxn--kltp7dx" +
-	"n--kltx9axn--klty5xn--3pxu8komvuxn--32vp30hagakhanamigawaxn--kol" +
-	"uokta-7ya57hakubahcavuotnagaivuotnagaokakyotambabyenglandxn--kpr" +
-	"w13dxn--kpry57dxn--kput3is-into-cartoonshiratakahagithubusercont" +
-	"entrentino-altoadigexn--krager-gyatsukanoyaltakasugais-into-game" +
-	"ssinazawaxn--kranghke-b0axn--krdsherad-m8axn--krehamn-dxaxn--krj" +
-	"ohka-hwab49jdevcloudfunctionshishikuis-a-patsfanxn--ksnes-uuaxn-" +
-	"-kvfjord-nxaxn--kvitsy-fyatsushiroxn--kvnangen-k0axn--l-1fairwin" +
-	"dsusonoxn--l1accentureklamborghinikolaeventsuzakanagawaxn--lahea" +
-	"dju-7yawaraxn--langevg-jxaxn--lcvr32dxn--ldingen-q1axn--leagavii" +
-	"ka-52bauhausposts-and-telecommunicationsncfditchyouripalmsprings" +
-	"akerxn--lesund-huaxn--lgbbat1ad8jdfastlylbanzaicloudappspaceuser" +
-	"contentatsunobninskanzakiwielunnereviewsaitamatsukuribmdevelopme" +
-	"ntattoolforgerockartuzyolasitebinordre-landgcanonoichinomiyakebi" +
-	"zenakanotoddenavuotnarashinobserverevistarnbergjerstadotsuruokak" +
-	"amigaharaustinnavigationavoizumizakibigawamswatch-and-clockeretr" +
-	"osnubaltimore-og-romsdalpha-myqnapcloud66xn--lgrd-poacctrysiljan" +
-	"xn--lhppi-xqaxn--linds-pramericanartunespeedpartnersortlandxn--l" +
-	"ns-qlavagiskexn--loabt-0qaxn--lrdal-sraxn--lrenskog-54axn--lt-li" +
-	"acnpyatigorskodjeepsondriodejaneirodoyxn--lten-granexn--lury-ira" +
-	"xn--m3ch0j3axn--mely-iraxn--merker-kuaxn--mgb2ddesuzukananiikapp" +
-	"uboliviajessheimpertrixcdn77-secureggiocalabriaxn--mgb9awbfbx-os" +
-	"trowwlkpmgujoinvilleirvikashiwazakiyokawaraxn--mgba3a3ejtunkommu" +
-	"nalforbundxn--mgba3a4f16axn--mgba3a4fra1-deltaiwanairforcechirea" +
-	"dthedocscbgxn--mgba7c0bbn0axn--mgbaakc7dvfbxosaves-the-whalessan" +
-	"dria-trani-barletta-andriatranibarlettaandriaxn--mgbaam7a8hakuis" +
-	"-a-hard-workershimokitayamayfirstockholmestrandxn--mgbab2bdxn--m" +
-	"gbah1a3hjkrdxn--mgbai9a5eva00bellunord-frontierxn--mgbai9azgqp6j" +
-	"ejuniperxn--mgbayh7gpalermomahachijolsterxn--mgbbh1a71exn--mgbc0" +
-	"a9azcgxn--mgbca7dzdoxn--mgbcpq6gpa1axn--mgberp4a5d4a87gxn--mgber" +
-	"p4a5d4arxn--mgbgu82axn--mgbi4ecexposedxn--mgbpl2fhskydivingxn--m" +
-	"gbqly7c0a67fbcnsantacruzsewhalingrongausdaluxuryxn--mgbqly7cvafr" +
-	"-1xn--mgbt3dhdxn--mgbtf8flapymnturystykaneyamazoexn--mgbtx2benev" +
-	"entodayombolzano-altoadigeometre-experts-comptables3-us-gov-west" +
-	"-1xn--mgbx4cd0abbvieeexn--mix082fedorainfraclouderaxn--mix891fed" +
-	"orapeoplegallodingenxn--mjndalen-64axn--mk0axin-dsldxn--mk1bu44c" +
-	"ntoyotsukaidoxn--mkru45is-leetrentino-s-tirolxn--mlatvuopmi-s4ax" +
-	"n--mli-tlavangenxn--mlselv-iuaxn--moreke-juaxn--mori-qsakuragawa" +
-	"xn--mosjen-eyawatahamaxn--mot-tlazioxn--mre-og-romsdal-qqbuseran" +
-	"ishiaritakurashikis-lostre-toteneis-a-nursembokukitauraxn--msy-u" +
-	"la0hakusanagochijiwadefinimamateramobaraxn--mtta-vrjjat-k7afedor" +
-	"aprojectrani-andria-barletta-trani-andriaxn--muost-0qaxn--mxtq1m" +
-	"isakis-an-actresshiraois-a-musicianxn--ngbc5azdxn--ngbe9e0axn--n" +
-	"gbrxn--41axn--nit225kooris-a-personaltrainerxn--nmesjevuemie-tcb" +
-	"alsan-sudtirollagdenesnaaseinet-freaksuzukis-certifiedunetlifyis" +
-	"-a-nascarfanxn--nnx388axn--nodessakurais-not-certifiedxn--nqv7fs" +
-	"00emaxn--nry-yla5gxn--ntso0iqx3axn--ntsq17gxn--nttery-byaeserveg" +
-	"ame-serverxn--nvuotna-hwaxn--nyqy26axn--o1achernihivgubsvalbardu" +
-	"nloppacificivilaviationissayokkaichiropractichocolatelevisionthe" +
-	"wifiatmparmatsuzakinfinitintelligencexn--o3cw4haldenxn--o3cyx2ax" +
-	"n--od0algxn--od0aq3bentleyomitanocelotenkawavoues3-eu-west-1xn--" +
-	"ogbpf8flatangerxn--oppegrd-ixaxn--ostery-fyaxn--osyro-wuaxn--otu" +
-	"796dxn--p1acfeiraquarelleaseeklogesavonarutolgaxn--p1ais-savedxn" +
-	"--pgbs0dhlxn--porsgu-sta26fermochizukirkenesaxoxn--pssu33lxn--ps" +
-	"sy2uxn--q7ce6axn--q9jyb4collectionxn--qcka1pmckinseyxn--qqqt11mi" +
-	"sasaguris-an-anarchistoricalsocietyxn--qxa6axn--qxamsterdamnserv" +
-	"erbaniaxn--rady-iraxn--rdal-poaxn--rde-ulaxn--rdy-0nabaris-slick" +
-	"autokeinoticeablevangerxn--rennesy-v1axn--rhkkervju-01aferraraxn" +
-	"--rholt-mragowoltlab-democraciaxn--rhqv96gxn--rht27zxn--rht3dxn-" +
-	"-rht61exn--risa-5naturalsciencesnaturellesvcivilisationissedaluc" +
-	"ernexn--risr-iraxn--rland-uuaxn--rlingen-mxaxn--rmskog-byaxn--rn" +
-	"y31halsaintlouis-a-anarchistoireggio-emilia-romagnakayamannorthf" +
-	"lankatsushikabeebyteapplinzis-a-hunterxn--rovu88beppublishproxyo" +
-	"nagoyaxarnetflixilovecollegefantasyleaguernseyokozeatonsbergivin" +
-	"gjemnes3-eu-west-2xn--rros-granvindafjordxn--rskog-uuaxn--rst-0n" +
-	"aturbruksgymnxn--rsta-framercanvasveioxn--rvc1e0am3exn--ryken-vu" +
-	"axn--ryrvik-byaxn--s-1faithammarfeastafricapitalonewportrentino-" +
-	"a-adigexn--s9brj9colognexus-3xn--sandnessjen-ogbeskidyn-ip24xn--" +
-	"sandy-yuaxn--sdtirol-n2axn--seral-lraxn--ses554gxn--sgne-graphox" +
-	"n--42c2d9axn--skierv-utazasvelvikomforbarcelonagawakuyachimataij" +
-	"iitatebayashiibahccavuotnagaragusarts3-eu-west-3utilities-1xn--s" +
-	"kjervy-v1axn--skjk-soaxn--sknit-yqaxn--sknland-fxaxn--slat-5natu" +
-	"rhistorischesvizzeraxn--slt-elabcn-north-1xn--smla-hraxn--smna-g" +
-	"ratangentlentapisa-geekopervikazunoticiashitaramaxn--snase-nraxn" +
-	"--sndre-land-0cbestbuyshouses3-us-west-1xn--snes-poaxn--snsa-roa" +
-	"xn--sr-aurdal-l8axn--sr-fron-q1axn--sr-odal-q1axn--sr-varanger-g" +
-	"gbetainaboxfusejnyanagawalmartaxihuanhktcmembers3-us-west-2xn--s" +
-	"rfold-byaxn--srreisa-q1axn--srum-gratis-a-bulls-fanxn--stfold-9x" +
-	"axn--stjrdal-s1axn--stjrdalshalsen-sqbhzcasertairaholtalenhlfanh" +
-	"s3-website-ap-northeast-1xn--stre-toten-zcbieidskoguchikuzenviro" +
-	"nmentalconservationionjukudoyamaizuruhrxn--t60b56axn--tckwebthin" +
-	"gsvn-reposouthwest1-uslivinghistoryxn--tiq49xqyjelasticbeanstalk" +
-	"azoologyxn--tjme-hraxn--tn0agrinetbankoryokamikawanehonbetsuruta" +
-	"haraxn--tnsberg-q1axn--tor131oxn--trany-yuaxn--trentin-sd-tirol-" +
-	"rzbielawaltervistainaioirasebastopologyeongnamegawafaicloudinebr" +
-	"askaunicommbankarasjohkameyamatotakadazurewebsiteshikagamiishibu" +
-	"kawakkanaibetsubamericanfamilydsmynasushiobaracingjerdrumcpebets" +
-	"uikiraurskog-holandingivestbytemark12xn--trentin-sdtirol-7vbiell" +
-	"ahppiacenzachpomorskienikonanporocpanamatsuuraxn--trentino-sd-ti" +
-	"rol-c3bieszczadygeyachiyodaejeonbukcoalwaysdatabaseballangenkain" +
-	"anaejrietisalatinabenonicasinorddalivornowtv-infolldalombardiade" +
-	"mbroideryonagunicloudivtasvuodnakamagayahooguyoriikarasjokarasuy" +
-	"amarriottcp4xn--trentino-sdtirol-szbievat-band-campaniaxn--trent" +
-	"inosd-tirol-rzbifukagawashingtondclk3xn--trentinosdtirol-7vbigva" +
-	"lledaostargetmyipanasonicateringebuildingladedyn-berlincolninohe" +
-	"kinannestadivttasvuotnakamuratajimidsundiyoshiokanumazuryukin-th" +
-	"e-bandain-vpncatholicaxiaskimitsubatamibudejjuedischesapeakebaye" +
-	"rnuorochesterxn--trentinsd-tirol-6vbihorologyukuhashimoichinosek" +
-	"igaharaxn--trentinsdtirol-nsbikedaemonmoutheworkpccweddinglassas" +
-	"sinationalheritagets-itgoryurihonjournalistjohninomiyakonojorpel" +
-	"andrangedalombardynalias3-website-ap-southeast-1xn--trgstad-r1ax" +
-	"n--trna-woaxn--troms-zuaxn--tysvr-vraxn--uc0atvestre-totennishia" +
-	"wakuraxn--uc0ay4axn--uist22hamurakamigoris-a-knightpointtohnosho" +
-	"ooshikamaishimodatexn--uisz3gxn--unjrga-rtashkentuscanyxn--unup4" +
-	"yxn--uuwu58axn--vads-jraxn--valle-aoste-ebbtushuissier-justicexn" +
-	"--valle-d-aoste-ehbodoes-itvedestrandxn--valleaoste-e7axn--valle" +
-	"daoste-ebbvadsobetsuitaikikuchikuseihicampobassociatest-iserveco" +
-	"unterstrikeymachinewhampshirealtydalvdalaskanittedallasalleangav" +
-	"iikaasdaburxn--vard-jraxn--vegrshei-c0axn--vermgensberater-ctbit" +
-	"swidnicartoonartdecologiaxn--vermgensberatung-pwblogoiplatter-ap" +
-	"pinkhplaystation-cloudyclusterxn--vestvgy-ixa6oxn--vg-yiabkhazia" +
-	"xn--vgan-qoaxn--vgsy-qoa0jelenia-goraxn--vgu402colonialwilliamsb" +
-	"urgrossetouchihayaakasakawaharaxn--vhquvestvagoyxn--vler-qoaxn--" +
-	"vre-eiker-k8axn--vrggt-xqadxn--vry-yla5gxn--vuq861bilbaokinawash" +
-	"irosatobishimagentositechnologyusuharaxn--w4r85el8fhu5dnraxn--w4" +
-	"rs40lxn--wcvs22dxn--wgbh1coloradoplateaudiopsysantafedjeffersonx" +
-	"n--wgbl6axn--xhq521billustrationredumbrellair-traffic-controlley" +
-	"usuisservehalflifeinsuranceu-3xn--xkc2al3hye2axn--xkc2dl3a5ee0ha" +
-	"ndsonyxn--y9a3aquariumisawaxn--yer-znatuurwetenschappenginexn--y" +
-	"fro4i67oxn--ygarden-p1axn--ygbi2ammxn--45br5cylxn--ystre-slidre-" +
-	"ujbioddaxn--zbx025dxn--zf0ao64axn--zf0avxlxn--zfr164biparachutin" +
-	"gleezeu-4xnbayxz"
+const text = "9guacuiababia-goracleaningroks-theatree164-balsfjordd-dnshome-we" +
+	"bserverdal-o-g-i-n4t3l3p0rtashkentatamotorsitestinggfarmerseinea" +
+	"stasiaetnaamesjevuemielnoboribetsucks3-ap-northeast-2ix4432-bals" +
+	"an-suedtirolkuszczytnoopencraftrainingdyniabruzzoologicalabamaga" +
+	"sakishimabaraogashimadachicagoboats3-ap-northeast-1kappchizip611" +
+	"6-b-datacentermezproxyzgorabogadobeaemcloud-fr1337birdartcenterp" +
+	"risecloudaccesscambridgeiseiroumuencheninohekinannestaditchyouri" +
+	"parachutingleezebirkenesoddtangenovaranzanquannefrankfurtcmember" +
+	"s3-website-ap-southeast-2birthplacebitbucketrzyninomiyakonojorpe" +
+	"landivtasvuodnakamagayahooguyurihonjournalistjohnirasakin-vpncas" +
+	"inord-odalombardynalias3-website-eu-west-1bjarkoyusuharabjerkrei" +
+	"mbamblebesbyenvironmentalconservationionjukudoyamaintenancebizen" +
+	"akanojohanamakinoharaustinnaumburgjerdrumcpeatonsbergjerstadotsu" +
+	"ruokakamigaharamswatch-and-clockerevistarnbergivestbytemark12bju" +
+	"gnieznord-frontierblackfridayusuisservehttpbin-butterbloombergba" +
+	"uernishiazaincheonishigovtcp4bloxcms3-website-sa-east-1bluebitem" +
+	"p-dnswedenishiharabmoattachments3-website-us-east-1bms3-website-" +
+	"us-west-1bmwedeployuufcfanishiizunazukindianapolis-a-bloggerbnrw" +
+	"egroweibolognagareyamakeuparaglidinglitcheltenham-radio-opensoci" +
+	"alomzaporizhzhegurindianmarketingliwicebomloabathsbcateringebuil" +
+	"dingloboavistanbulsan-sudtirolondonetskaratsuginamikatagamilanos" +
+	"hiroomglogoweirbondigitaloceanographicsxboxfordellogliastradingl" +
+	"oppenzaolbia-tempio-olbiatempioolbialystokkeliwebhostinglugsjcbn" +
+	"pparibashkiriabonnishikatakazakindielddanuorrindigenaklodzkodair" +
+	"abookinghostedpictetgoryuzawabookonlinewjerseyboomlajollamerican" +
+	"expressexyboschaefflerdalondrinamsskoganeindowapblogsiteleafamil" +
+	"ycompany-2bostik-serverrankoshigayachts3-website-us-west-2boston" +
+	"akijinsekikogentappsselfiparisor-fronishikatsuragit-reposts-and-" +
+	"telecommunicationsakyotanabellevuelosangelesjabbottjeldsundivtta" +
+	"svuotnakamurataiwanairforcechireadthedocscbgmbhartipschlesisches" +
+	"alangenishikawazukamisatohoboleslawieconomiastalowa-wolawabotani" +
+	"calgardeno-stagingminakamichiharabotanicgardenishimerabotanycath" +
+	"olicaxiaskimitsubatamibudejjuegoshikievennodesabaerobaticketsalo" +
+	"n-1bouncemerckmsdnipropetrovskjervoyageometre-experts-comptables" +
+	"altdalorenskogmodellingmxenishinomiyashironoddabounty-fullensake" +
+	"rrypropertiesaludiyboutiquebecommerce-shopitsitempurlotteboutire" +
+	"serve-onlinewmexicodyn-o-saurlandesalvadordalibabalena-devicesal" +
+	"zburgretakamatsukawabozen-sudtirolottokonamegatakatsukindustriab" +
+	"ozen-suedtirolouvrehabmerbplaceducatorprojectjmaxxxeroxfinitybra" +
+	"ndywinevalleybrasiliabresciabrindisibenikikugawashtenawdevcdnacc" +
+	"essobetsuitaijindustriesteamfamberkeleybristoloseyouriparliament" +
+	"jomelhusgardenishinoomotegohtawaramotoineppubtlsamegawabritishco" +
+	"lumbialowiezaganishinoshimatsunowruzhgorodeomniweatherchannelpus" +
+	"ercontentjxjampalacebroadcastlebtimnetzjavaldaostathelleluxembou" +
+	"rgrimstadrangedalublindesnesamnangerbroadwaybroke-itvedestrandra" +
+	"y-dnstracebrokerbronnoysundrayddns5ybrothermesaverdealerbrowsers" +
+	"afetymarketsampaleomurabrumunddalucaniabrunelastxn--0trq7p7nnish" +
+	"iokoppegardraydnsupdaterbrusselsamsclubartowellbeingzonebruxelle" +
+	"samsungripebryanskodjedugit-pagespeedmobilizeroticagliaricoharuh" +
+	"rbrynewportkmaxxn--11b4c3drivegarsheiheijinfinitinsureggioemilia" +
+	"romagnamsosnowiechernivtsiciliabuskerudrobaknoluoktachikawafflec" +
+	"elluciancrmadviseharag-cloud-charitychyattorneyagawakayamagazine" +
+	"kobayashikaoirmitakeharagusartsandnessjoenishitosashimizunaminam" +
+	"ibosognebuzentsujiiebuzzlgriwataraidrrbwesteuropenairbusantiques" +
+	"t-a-la-maisondre-landroidrudupontariobranconavstackareliancebzhi" +
+	"tomirbzzwestfalenishiwakintelligencecoloradoplateaudiopsysanokar" +
+	"umaifarsundyndns-homednsantabarbaracolumbusheycommunecommunity-p" +
+	"rochowicecomobaracomparemarkerryhotelsantacruzsantafedjeffersonc" +
+	"omsecaaskoyabearalvahkihokumakogenebakkeshibechambagriculturenne" +
+	"bugattiffanyaarborteaches-yogasawaracingrpartinternationalfirear" +
+	"msantamariakecondoshichinohealth-carereformemergencyahikobeardub" +
+	"aiduckdnsncfdyndns-ipartsantoandreamhostersanukintuitoyosatoyoka" +
+	"waconferenceconstructionconsuladoesntexisteingeekasaokamikitayam" +
+	"atsurinuyamashinatsukigatakasagotpantheonsiteconsultanthropology" +
+	"consultingruenoharacontactoyotapartycontagematsubaracontemporary" +
+	"arteducationalchikugodogadollsaobernardocontractorskenconventure" +
+	"shinodearthruherecifedexetercookingchannelsdvrdnsdojoburguidefen" +
+	"seljordyndns-mailcoolcooperativano-frankivskygearappasadenarashi" +
+	"nocopenhagencyclopedichofunatoriginstantcloudfrontdoorcoproducti" +
+	"onsaogoncarriercorporationcorsicahcesuoloansaotomeiwamashikokuch" +
+	"uocorvettenrissadonnagatorogersvp4cosenzakopanelblagrarchaeology" +
+	"eongbuk0cosidnsfor-better-thanawatchesapporocostumedicaltanisset" +
+	"taishinomakindlefrakkestadyndns-office-on-the-webercouchpotatofr" +
+	"iesardegnaroycoukashibatakasugainvestmentsardiniacouncilcouponsa" +
+	"rlcozoracqcxn--12cfi8ixb8lcranbrookuwanalyticsarpsborguitarsaruf" +
+	"utsunomiyawakasaikaitabashijonawatecrdyndns-picsasayamatta-varjj" +
+	"atoyotomiyazakinzais-a-candidatecreditcardyndns-remotewdyndns-se" +
+	"rverisigncreditunioncremonashgabadaddjaguarqhachinohedmarkashiha" +
+	"racrewhalingujoinvilleirvikashiwaracricketoyotsukaidocrimeast-ka" +
+	"zakhstanangercrotonecrownipassagensasebofagemologicallynxn--12co" +
+	"0c3b4evalled-aostamayufuettertdasnetzcrsaskatchewancruisesassari" +
+	"s-a-caterercuisinellancashirecipescaracalvinklein-berlindaskvoll" +
+	"pagesaudaculturalcentertainmentoyouracuneocupcakecuritibaghdadul" +
+	"toystre-slidrettozawacurvalledaostaobaomoriguchiharahkkeravjuedi" +
+	"schesapeakebayernuorochestercymruovatmallorcafederationcilla-spe" +
+	"ziacyonabarumemorialcyouthachiojiyaizuwakamatsubushikusakadogawa" +
+	"ferrarivneferrerotikagoshimalopolskanlandyndns-workshoparenakani" +
+	"ikawatanagurafetsundyndns1fgushikamifuranordreisa-hockeynutsirac" +
+	"usaintlouis-a-anarchistoireggio-emilia-romagnakatombetsumitakagi" +
+	"izefhvalerfidoomdnsiskinkyotobetsulikes-piedmonticellocalzonefie" +
+	"ldynnsauheradyndns-webhareidsbergentingulenfigueresinstagingwidd" +
+	"leitungsenfilateliafilegear-audnedalnfilegear-dealstahaugesunder" +
+	"seaportsinfolionetworkangerfilegear-gbizfilegear-iefilegear-jpmo" +
+	"rganfilegear-sg-1filminamiechizenfinalfinancefineartschulefinlan" +
+	"dynservebbsavannahgafinnoyfirebaseappatriafirenetrani-andria-bar" +
+	"letta-trani-andriafirenzefirestonefirewebhopocznordre-landynulme" +
+	"msettlersaveincloudyndns-wikirafirmdalegnicapebretonamicrolighti" +
+	"ngxn--1ctwolominamatargithubusercontentraniandriabarlettatranian" +
+	"driafishingokasellfylkesbiblackbaudcdn-edgestackhero-networkingg" +
+	"roupowiathletajimageandsoundandvision-riopretochigiessensiositel" +
+	"evision-webpaashorokanaiefitjarvodkagaminogatagajobojis-a-chefas" +
+	"tly-terrariumetacentrumeteorappassenger-associationfitnessettlem" +
+	"entranoyfjalerflekkefjordynv6flesbergflickragerokunohealthcareer" +
+	"schulserverflirfloginlinefloraflorencefloridatsunanjoetsuwanouch" +
+	"ikujogaszkolancasterfloripaderbornfloristanohatajimidsundynvpnpl" +
+	"us-4floromskogflowerschwarzgwangjuifminamifuranowtvallee-aostero" +
+	"yfltranslateflynnhosting-clusterfndyroyrvikingunmaniwakuratefnwk" +
+	"asukabedzin-addrammenuniversityfoodnetworkdalfor-ourfor-somedio-" +
+	"campidano-mediocampidanomediofor-theaterforexrothachirogatakamor" +
+	"iokakudamatsueforgotdnschweizforli-cesena-forlicesenaforlikescan" +
+	"dyn53forsalegoldpoint2thisamitsukeforsandasuoloftransportefortal" +
+	"fortextileikangerfortmissoulanciafortworthadanore-og-uvdalfosnes" +
+	"ciencecentersciencehistoryfotransurlfoxafozfranamizuhobby-sitefr" +
+	"ancaiserniafranziskanerimaringatlantajiris-a-conservativegascien" +
+	"tistordalfredrikstadtvscjohnsonfreeddnsfreebox-oscrapper-sitefre" +
+	"edesktoppdalfreemasonryfreemyiphosteurovisionfreesitefreetlscrap" +
+	"pingfreiburgfreseniusculturecreationfribourgfriuli-v-giuliafriul" +
+	"i-ve-giuliafriuli-vegiuliafriuli-venezia-giuliafriuli-veneziagiu" +
+	"liafriuli-vgiuliafriuliv-giuliafriulive-giuliafriulivegiuliafriu" +
+	"livenezia-giuliafriuliveneziagiuliafriulivgiuliafrlfroganscrysec" +
+	"uritytacticservehumourfrognfrolandfrom-akrehamnfrom-alfrom-arfro" +
+	"m-azimuthatogayabukijobservableusercontentrapaniizafrom-capetown" +
+	"news-stagingfrom-coffeedbackplaneappaviancargodaddyn-vpndnservei" +
+	"rchonanbulsan-suedtirolucernefrom-ctravelchannelfrom-dchoseikaru" +
+	"gamvikarlsoyfrom-deatnunjargafrom-flanderserveminecraftravelersi" +
+	"nsurancefrom-gaulardalfrom-hichisodegaurafrom-iafrom-idfrom-ilfr" +
+	"om-in-brbar1from-kservemp3from-kyowariasahikawafrom-langevagrige" +
+	"ntomologyeonggiehtavuoatnabudapest-a-la-masion-rancherkasydneyfr" +
+	"om-malselvendrelluciancrmadvancefrom-mdfrom-medizinhistorischese" +
+	"rvep2pfizerfrom-mifunefrom-mnfrom-modalenfrom-mservepicservequak" +
+	"efrom-mtnfrom-nctulanservesarcasmatartanddesignfrom-ndfrom-nefro" +
+	"m-nhktrdfrom-njservicesevastopolefrom-nminamiiseoullensvanguardf" +
+	"rom-nvallee-d-aosteigenfrom-nynysagaeroclubmedecincinnativeameri" +
+	"canantiquest-mon-blogueurodirumaceratabuseating-organichoshibuya" +
+	"habackyardsandvikcoromantovalle-daostavangerfrom-ohdattorelayfro" +
+	"m-oketogolffansevenassisicilyfrom-orfrom-padoval-daostavalleyfro" +
+	"m-pratogurafrom-ris-a-cpadualstackasumigaurayasudafrom-schoenbru" +
+	"nnfrom-sdscloudfrom-tnfrom-txn--1lqs03nfrom-utazurestaticappspac" +
+	"eusercontentrendhostingfrom-vald-aostarostwodzislawhoswholdingsm" +
+	"all-webredirectmeeresistancefrom-vtrentin-sud-tirolfrom-wafrom-w" +
+	"iardwebspacefrom-wvalleeaosteinkjerusalembroideryfrom-wyfrosinon" +
+	"efrostaplesewienfroyaitakahamalvikasuyanaizuerichardlillesandefj" +
+	"ordfruskydivingfstcgroupgfoggiafujiiderafujikawaguchikonefujimin" +
+	"okamoenairguardiannakadomarinebraskaunicommbankaszubyfujinomiyad" +
+	"attowebcampinashikiminohostfoldnavyfujiokayamamurogawafujisatosh" +
+	"onairlinedre-eikerfujisawafujishiroishidakabiratoridebianfujitsu" +
+	"rugashimandalfujiyoshidavvenjargap-northeast-3fukayabeatsharis-a" +
+	"-cubicle-slavellinodeobjectsharpharmacienshawaiijimarburgfukuchi" +
+	"yamadavvesiidappnodebalancertificationfukudomigawafukuis-a-democ" +
+	"ratrentin-sudtirolfukumitsubishigakirovogradoyfukuokazakiryuohku" +
+	"rafukuroishikarikaturindalfukusakisarazure-mobileirfjordfukuyama" +
+	"gatakaharussiafunabashiriuchinadazaifudaigojomedicinaharimalbork" +
+	"atowicefunagatakahashimamakishiwadafunahashikamiamakusatsumasend" +
+	"aisennangonohejis-a-designerfundaciofunkfeuerfuoiskujukuriyamang" +
+	"ooglecodespotrentin-sued-tirolfuosskoczowiiheyakumodernfurniture" +
+	"ggio-calabriafurubirafurudonostiaafurukawairportland-4-salernodu" +
+	"minamiizukaminokawanishiaizubangefusoftwarezzoologyfussagamihara" +
+	"futabayamaguchinomihachimanagementrentin-suedtirolfutboldlygoing" +
+	"nowhere-for-morenakasatsunairtelebitbridgestoneen-rootaruis-a-do" +
+	"ctorfuttsurugimperiafuturecmshellaspeziafuturehostingfuturemaili" +
+	"ngfvghangglidinghangoutsystemscloudsitehannanmokuizumodenakayama" +
+	"nnorth-kazakhstanhannorthflankautokeinotairestaurantrentino-a-ad" +
+	"igehanyuzenhapmircloudletshimojis-a-hard-workershimokawahappounz" +
+	"enharstadharvestcelebrationhasamansionshimokitayamattelekommunik" +
+	"ationhasaminami-alpshimonitayanagitappharmacyshimonosekikawahash" +
+	"banghasudahasura-apphdfcbankazohasvikazteleportlligatrentino-aad" +
+	"igehatoyamazakitahiroshimanxn--1lqs71dhatsukaichikaiseiyoichippu" +
+	"betsubetsugarusrcfastlylbanzaicloudappspotagerhattfjelldalhayash" +
+	"imamotobungotakadagestangeorgeorgiahazuminobusells-for-lesshimos" +
+	"uwalkis-a-hunterhelsinkitakamiizumisanofidelitysvardontexistmein" +
+	"-iservebeero-stagehembygdsforbundhemneshimotsukehemsedalhepforge" +
+	"blockshimotsumayfirstockholmestrandherokusslattuminamimakis-a-kn" +
+	"ightpointtohnoshoooshikamaishimodateheroyhgtvalleedaostehidorahi" +
+	"gashiagatsumagoianiahigashichichibunkyonanaoshimakanegasakilatir" +
+	"onthewifiatlassian-dev-myqnapcloudcontrolledogawarabikomaezakiru" +
+	"nogiftshinichinanhigashihiroshimanehigashiizumozakitakatakanezaw" +
+	"ahigashikagawahigashikagurasoedahigashikawakitaaikitakyushuaiahi" +
+	"gashikurumeetrentino-alto-adigehigashimatsushimaoris-a-landscape" +
+	"rugiahigashimatsuyamakitaakitadaitoigawahigashimurayamamotorcycl" +
+	"eshinjournalismailillehammerfeste-iphiladelphiaareadmyblogsytehi" +
+	"gashinarusells-for-ustkanmakitchenhigashinehigashiomitamamurausu" +
+	"kitamihamadahigashiosakasayamanakakogawahigashishirakawamatakaok" +
+	"almykiahigashisumiyoshikawaminamiaikitamotosumy-gatewayhigashits" +
+	"unorthwesternmutualhigashiurawa-mazowszexnetrentino-altoadigehig" +
+	"ashiyamatokoriyamanashifteditorxn--1qqw23ahigashiyodogawahigashi" +
+	"yoshinogaris-a-lawyerhiraizumisatohmapartmentshinjukumamotoyamas" +
+	"hikehirakatashinagawahiranairtrafficplexus-1hirarahiratsukaerutw" +
+	"entehirayakagehistorichouseshinkamigototalhitachiomiyagildeskali" +
+	"szhitachiotagophilatelyhitraeumtgeradegreehjartdalhjelmelandhole" +
+	"ckochikushinonsenergyholidayhomegoodshinshinotsurgeonshalloffame" +
+	"lbournehomeiphilipsynology-diskstationhomelinkyard-cloudjiffyres" +
+	"dalhomelinuxn--2m4a15ehomeofficehomesecuritymacaparecidahomesecu" +
+	"ritypchoyodobashichikashukujitawaravpagexlukowestus2homesenseeri" +
+	"nghomesklepphoenixn--2scrj9christiansburgrondarhomeunixn--30rr7y" +
+	"hondahongotembaixadahonjyoitakarazukaluganskazunoticeablevangerh" +
+	"ornindalhorsells-itrentino-s-tirolhortendofinternet-dnshinshiroh" +
+	"ospitalhoteleshintokushimahotelwithflightshintomikasaharahotmail" +
+	"hoyangerhoylandetroitskddiamondshinyoshitomiokamishihoronobeauxa" +
+	"rtsandcraftshiojirishirifujiedahumanitieshioyandexcloudhurdalhur" +
+	"umajis-a-liberalhyllestadhyogoris-a-libertarianhyugawarahyundaiw" +
+	"afuneis-uberleetrentino-sudtirolis-very-badajozis-a-painteractiv" +
+	"estfoldis-very-evillageis-very-goodyearis-very-niceis-very-sweet" +
+	"pepperis-with-thebandownloadisleofmanaustdaljenv-arubajddarchite" +
+	"cturealtorlandjeonnamerikawauejetztrentino-sued-tiroljevnakershu" +
+	"sdecorativeartshopwarendalenugjewelryjewishartgalleryjfkharkovao" +
+	"jgorajlljls-sto1jls-sto2jls-sto3jmphxn--32vp30hadselburgjnjaworz" +
+	"nosegawajoyentrentino-suedtiroljoyokaichibalashovhaebaruericsson" +
+	"gdalenviknakatsugawajpnjprshoujis-a-personaltrainerjurkoshimizum" +
+	"akiyosatokaizukamikoaniihamatamakawajimaritimoldell-ogliastrader" +
+	"koshunantankhmelnitskiyamarugame-hostyhostingkosugekotohiradomai" +
+	"nstitutekotourakouhokutamakiyosemitekounosupabasembokukiyosunnda" +
+	"lkouyamarylhurstjordalshalsenkouzushimasfjordenkozagawakozakizun" +
+	"okunimilitarykozowildlifestylekpnkppspdnshowtimeldalkrasnikahoku" +
+	"tokamachintaifun-dnsaliashwilliamhillkrasnodarkredstonekrelliank" +
+	"ristiansandcatsienarutolgakristiansundkrodsheradkrokstadelvalle-" +
+	"aostatic-accessigdalkryminamioguni5kumanotogawakumatorinotteroyk" +
+	"umejimashikis-a-republicancerresearchaeologicaliforniakumenantok" +
+	"igawakunisakis-a-rockstarachowicekunitachiarailwaykunitomigusuku" +
+	"leuvenetokashikis-a-socialistdlibestadkunneppuboliviajessheimper" +
+	"trixcdn77-secureggiocalabriakunstsammlungkunstunddesignkuokgroup" +
+	"ilotsilkhmelnytskyivaporcloudkuregruhostingkurgankurobeepilepsyk" +
+	"kylvenicekurogimimatakatoris-a-soxfankuroisogndalkuromatsunais-a" +
+	"-studentalkurotakikawasakis-a-teacherkassyno-dshiraois-a-linux-u" +
+	"sershirahamatonbetsurgerykushirogawakustanais-a-techietis-a-llam" +
+	"archeapigeelvinckfh-muensterkusuppliesimple-urlkutchanelverumina" +
+	"misanrikubetsupplykutnovecoregontrailroadkuzumakis-a-therapistoi" +
+	"akvafjordkvalsundkvamlidlugolekafjordvagsoygardendoftheinterneth" +
+	"nologykvanangenkvinesdalkvinnheradkviteseidatingkvitsoykwpspectr" +
+	"uminamitanekzmisakis-an-accountantshiraokamitondabayashiogamagor" +
+	"iziamisasaguris-an-actormisawamisconfusedmishimassivegridmissile" +
+	"wismillermisugitokorozawamitourismilezajskhplaystation-cloudyclu" +
+	"stermitoyoakemiuramiyazurecontainerdpolicemiyotamanomjondalenmlb" +
+	"fanmontrealestatefarmequipmentrentinoa-adigemonza-brianzapposird" +
+	"almonza-e-della-brianzaptokuyamasudamonzabrianzaramonzaebrianzam" +
+	"onzaedellabrianzamoonscaleforcemordoviamoriyamatsumaebashikshack" +
+	"netrentinoaadigemoriyoshiminamiashigaramormonstermoroyamatsumoto" +
+	"fukemortgagemoscowinbarclaycards3-external-1moseushistorymosjoen" +
+	"moskeneslupsklabudhabikinokawabarthagakhanamigawamosslzmosvikmps" +
+	"pbar2moteginowaniigatakahatakaishimogosenmoviemovimientokyotango" +
+	"uvichungnamdalseidfjordynathomebuiltwithdarkarmoymozilla-iotrent" +
+	"inoalto-adigemtranbymuginozawaonsenmuikaminoyamaxunispacemukoebe" +
+	"nhavnmulhouservegame-servermunakatanemuncienciamuosattemupimient" +
+	"aketomisatomobelementoraymurmansknx-serversicherungmurotorcraftr" +
+	"entinoaltoadigemusashinoharamuseetrentinos-tirolmuseumvereniging" +
+	"musicarbonia-iglesias-carboniaiglesiascarboniamutsuzawamy-vigorg" +
+	"emy-wanggoupilemyactivedirectorymyasustor-elvdalmycdmycloudnsmol" +
+	"arvikomaganemydattolocalhistorymyddnsgeekgalaxymydissentrentinos" +
+	"tirolmydobisshikis-an-actresshiratakahagithubpreviewsaikisofukus" +
+	"himangyshlakasamatsudopaashishikuis-a-musicianmydroboehringerike" +
+	"mydsmushcdn77-sslingmyeffectrentinosud-tirolmyfastblogermyfirewa" +
+	"llonieruchomoscienceandindustrynmyforuminamiuonumasoymyfritzmyft" +
+	"paccessnoasakakinokiamyhome-servermyjinomykolaivarggatrentinosud" +
+	"tirolmymailermymediapchurchaseljeepsondriodejaneirodoymyokohamam" +
+	"atsudamypepinbarclays3-fips-us-gov-west-1mypetsokndalmyphotoshib" +
+	"alatinombrendlyngeniwaizumiotsukumiyamazonawsglobalacceleratorah" +
+	"imeshimabaridagawakuyachimataikikonaikawachinaganoharamcoachampi" +
+	"onshiphoptobamadridnbloggerimo-siemenscaledekaasdaburmypictureso" +
+	"larssonmypsxn--3ds443gmysecuritycamerakermyshopblocksolognemysho" +
+	"pifymyspreadshoppingmythic-beastsolundbeckomakiyokawaramytis-a-b" +
+	"ookkeeperspectakasakitashiobaramytuleap-partnersomamyvncircustom" +
+	"er-ocimdbananarepublic66mywireitrentinosued-tirolplatterpioneerp" +
+	"lazaplcube-serverplumbingoplurinacionalpodhalepodlasiellaktyubin" +
+	"skiptveterinairealmpmnpodzonepohlpoivronpokerpokrovskommunalforb" +
+	"undpoliticarrdpolitiendapolkowicepoltavalle-d-aostaticsopotrenti" +
+	"nosuedtirolpomorzeszowindmillponpesaro-urbino-pesarourbinopesaro" +
+	"masvuotnaritakoelnponypordenonepornporsangerporsangugeporsgrunna" +
+	"nyokoshibahikariwanumatakinouepoznanpraxis-a-bruinsfanprdpresidi" +
+	"oprgmrprimetelemarkommuneprincipeprivatizehealthinsuranceprofesi" +
+	"onalprogressivestnesor-odalpromombetsupportrentinsud-tirolproper" +
+	"typrotectionprotonetrentinsudtirolprudentialpruszkowindowskrakow" +
+	"innersor-varangerprvcyberlevagangaviikanonjis-an-artistgstageprz" +
+	"eworskogpugliapulawypupippueblockbusterniiminamiawajikis-an-anar" +
+	"chistoricalsocietypvhagebostadpvtrentinsued-tirolpwcistrondheimm" +
+	"obilienissayokkaichiropractichernovtsyncloudurbanamexhibitioniss" +
+	"andiegomutashinainterhostsolutionsandoypythonanywherepaircraftin" +
+	"gvollolipopittsburghofficialpzqldqotoyohashimotoolsorfoldqponiat" +
+	"owadaqslgbtrentinsuedtirolqualifioappiwatequickconnectrentoyonak" +
+	"agyokutoyakolobrzegersundquicksytesorocabalestrandabergamoarekey" +
+	"machineustargardquipelementsorreisahayakawakamiichikawamisatotto" +
+	"ris-an-engineeringqvcitadeliverydyndns-at-homedepotenzamamidorit" +
+	"togitsumidatlantichirurgiens-dentistes-en-franceswidnikkokonoesw" +
+	"iebodzin-dsldswiftcoverswinoujscienceandhistoryswissmarterthanyo" +
+	"usynology-dsouthwest1-uslivinghistorytushuissier-justicetuvallea" +
+	"ostaverntuxfamilytwmailvevelstadvibo-valentiavibovalentiavideovi" +
+	"llasphinxn--3e0b707evinnicasacamdvrcampinagrandebuilderschmidtre" +
+	"-gauldalvinnytsiavipsinaappixolinovirginiavirtual-userveexchange" +
+	"virtualcloudvirtualservervirtualuserveftpizzavirtueeldomein-vigo" +
+	"rlicevirtuelvisakegawaviterboknowsitallvivolkenkundenvixn--3hcrj" +
+	"9civilisationisshingucciprianidyndns-at-workisboringrongausdalut" +
+	"skarpaczeladzvlaanderenvladikavkazimierz-dolnyvladimirvlogintoyo" +
+	"nezawavminanovologdanskongsvingervolvolkswagentspjelkavikomorots" +
+	"ukagawavolyngdalvoorlopervossevangenvotevotingvotoyonovps-hostro" +
+	"wiecivilizationiyodogawawithyoutuberspacekitagatargetmyipkomforb" +
+	"arcelonagawalbrzycharternopilawalesundgcanonoichinomiyakehimejib" +
+	"igawaustraliamuneues3-ap-south-1wiwatsukiyonortonwixsitewloclawe" +
+	"konskowolayangroupiemontewmcloudwmflabsrhtrevisojamisonwnextdire" +
+	"ctromsakatakkofuefukihabororosowawoodsideloittevaksdalworse-than" +
+	"dawowiospydebergwpdevcloudwpenginepoweredwphostedmailwpmucdnplan" +
+	"tsomnarviikamiokameokamakurazakitaurawpmudeveloperauniterois-cer" +
+	"tifiedunetlifyis-a-nascarfanwritesthisblogwroclawitdkoninjambylw" +
+	"tcirclerkstagets-itromsokamogawawtfastvps-serveronakanotoddenwuo" +
+	"zuwzmiuwajimaxn--45brj9civilwarmiasakuchinotsuchiurakawatchandcl" +
+	"ockaruizawaxn--45q11clanbibaidarmeniaxn--4gbriminingxn--4it168dx" +
+	"n--4it797konyvelohmusashimurayamarylandxn--4pvxs4allxn--54b7fta0" +
+	"ccldmailuxuryxn--55qw42gxn--55qx5dxn--5js045dxn--5rtp49cleverapp" +
+	"stmnxn--5rtq34kooris-a-photographerokuapphotographysioxn--5su34j" +
+	"936bgsgxn--5tzm5gxn--6btw5axn--6frz82gxn--6orx2rxn--6qq986b3xlxn" +
+	"--7t0a264clic20001wwwfarmsteadyndns-blogdnsanfranciscofreakunemu" +
+	"rorangecloudplatform0xn--80aaa0cvacationsrlxn--80adxhksrvaroyxn-" +
+	"-80ao21axn--80aqecdr1axn--80asehdbarefootballooningjovikaraganda" +
+	"ustrheimatunduhrennesoyokosukanramusementdllclstagehirnrtatarant" +
+	"ours3-ap-southeast-1xn--80aswgxn--80augustowithgoogleapiszxn--8l" +
+	"tr62kopervikhersonxn--8pvr4uxn--8y0a063axn--90a1aflakstadaokagak" +
+	"icks-assnasaarlandxn--90a3academiamicable-modemoneyxn--90aeropor" +
+	"talaheadjudaicadaquestorebaselectritonxn--90aishobarakawagoexn--" +
+	"90amcdirxn--90azhytomyravendbargainstancempresashibetsukuibmdisc" +
+	"ourses3-sa-east-1xn--9dbhblg6dietrusteexn--9dbq2axn--9et52uxn--9" +
+	"krt00axn--andy-iraxn--aroport-byaotsurnadalxn--asky-iraxn--aursk" +
+	"og-hland-jnbarreauctionfabricafjs3-us-east-2xn--avery-yuasakuhok" +
+	"ksundxn--b-5gaxn--b4w605ferdxn--balsan-sdtirol-nsbstorfjordxn--b" +
+	"ck1b9a5dre4clicketcloudcontrolappgafanxn--bdddj-mrabdxn--bearalv" +
+	"hki-y4axn--berlevg-jxaxn--bhcavuotna-s4axn--bhccavuotna-k7axn--b" +
+	"idr-5nachikatsuuraxn--bievt-0qa2xn--bjarky-fyasakaiminatoyookana" +
+	"zawaxn--bjddar-ptarnobrzegyptianxn--blt-elabourxn--bmlo-grainger" +
+	"xn--bod-2natalxn--bozen-sdtirol-2obanazawaxn--brnny-wuacademy-fi" +
+	"rewall-gatewayxn--brnnysund-m8accident-investigation-aptibleadpa" +
+	"gesquare7xn--brum-voagatrvestre-slidreportrogstadxn--btsfjord-9z" +
+	"axn--bulsan-sdtirol-nsbarrel-of-knowledgeappleborkarasjohkameyam" +
+	"atotakadauthgear-stagingjesdalimanowarudaukraanghkembuchikumagay" +
+	"agawakepnoipirangalsaceobiragrocerybnikeisenbahnatuurwetenschapp" +
+	"engineastcoastaldefenceastus2xn--c1avgxn--c2br7gxn--c3s14mincomc" +
+	"astresindevicenzaporizhzhiaxn--cck2b3barrell-of-knowledgecompute" +
+	"rhistoryofscience-fictionredumbrellaakesvuemieleccemrxn--cckwcxe" +
+	"tdxn--cesena-forl-mcbremangerxn--cesenaforl-i8axn--cg4bkis-found" +
+	"ationxn--ciqpnxn--clchc0ea0b2g2a9gcdxn--comunicaes-v6a2oxn--corr" +
+	"eios-e-telecomunicaes-ghc29axn--czr694barsycenterprisesakikuchik" +
+	"useihicampobassociatest-iservecounterstrikeu-1xn--czrs0try-snowp" +
+	"lowiczest-le-patronxn--czru2dxn--czrw28barsyonlinewhampshirealty" +
+	"dalpha-myqnapcloud66xn--d1acj3basicservercelliguriauthgearappspa" +
+	"cehosted-by-previderhclouddnslivefsnillfjorddnss3-ca-central-1xn" +
+	"--d1alfaromeoxn--d1atrycloudflareplantationxn--d5qv7z876clickris" +
+	"inglesangoxn--davvenjrga-y4axn--djrs72d6uyxn--djty4koryokamikawa" +
+	"nehonbetsurutaharaxn--dnna-grajewolterskluwerxn--drbak-wuaxn--dy" +
+	"ry-iraxn--e1a4clinichitachinakagawassamukawatarikuzentakatairave" +
+	"nnagasakimobetsuldaluccaravantaarparmatsuuraxn--eckvdtc9dxn--efv" +
+	"n9storjcloud-ver-jpchristmasakinderoyxn--efvy88haibarakitahataka" +
+	"nabeautysfjordxn--ehqz56nxn--elqq16hair-surveillancexn--eveni-0q" +
+	"a01gaxn--f6qx53axn--fct429kosaigawaxn--fhbeiarnxn--finny-yuaxn--" +
+	"fiq228c5hstpetersburgxn--fiq64basilicataniauthordalandds3-eu-cen" +
+	"tral-1xn--fiqs8streamscompute-1xn--fiqz9studioxn--fjord-lraxn--f" +
+	"jq720axn--fl-ziaxn--flor-jraxn--flw351exn--forl-cesena-fcbsstudy" +
+	"namisches-dnsortlandxn--forlcesena-c8axn--fpcrj9c3dxn--frde-gran" +
+	"drapidstuff-4-salexn--frna-woaraisaijosoyrovigotsukisosakitagawa" +
+	"xn--frya-hraxn--fzc2c9e2cliniquedapliernewyorkshirebungoonordest" +
+	"e-idchitosetoeigersundurhamburgroks-thisayamanobeokakegawaxn--fz" +
+	"ys8d69uvgmailxn--g2xx48clintonoshoesanjotelulubindaluzernxn--gck" +
+	"r3f0fauskedsmokorsetagayaseralingenoamishirasatogliattis-a-celti" +
+	"csfanxn--gecrj9clothingdustdatadetectksatxn--12c1fe0bradescotlan" +
+	"dyndns-freeboxosascoli-picenordkapparochernigovernmentlon-2xn--g" +
+	"gaviika-8ya47hakatanorfolkebibleksvikatsushikabeebyteapplinzis-a" +
+	"-financialadvisor-aurdalxn--gildeskl-g0axn--givuotna-8yasugitlab" +
+	"orxn--gjvik-wuaxn--gk3at1exn--gls-elacaixaxn--gmq050is-gonexn--g" +
+	"mqw5axn--gnstigbestellen-zvbrplsbxn--3oq18vl8pn36axn--gnstiglief" +
+	"ern-wobihirosakikamijimatsusakahoginankokubunjis-into-animegurow" +
+	"nproviderxn--h-2failxn--h1aeghakodatexn--h1ahnxn--h1alizxn--h2br" +
+	"eg3evenestufftoread-booksnesoruminamiyamashirokawanabelaudibleas" +
+	"ingxn--h2brj9c8cn-northwest-1xn--h3cuzk1discountysnestuttgartroa" +
+	"ndinosaurepbodynamic-dnsoundcastronomy-routerxn--hbmer-xqaxn--hc" +
+	"esuolo-7ya35basketballfinanzgorzeleccogladedyn-berlincolnavigati" +
+	"onavoizumizakiitatebayashiibahccavuotnagaraholtalenglandiscovery" +
+	"ggeeu-2xn--hery-iraxn--hgebostad-g3axn--hkkinen-5waxn--hmmrfeast" +
+	"a-s4accident-prevention-k3surreyxn--hnefoss-q1axn--hobl-iraxn--h" +
+	"oltlen-hxaxn--hpmir-xqaxn--hxt814exn--hyanger-q1axn--hylandet-54" +
+	"axn--i1b6b1a6a2exn--imr513nxn--indery-fyasuokannamiharuxn--io0a7" +
+	"is-into-carshisohugheshisuifuelluciancrmrecruitrentino-stirolxn-" +
+	"-j1adplatformshangrilaquilanxessooxn--j1aefbsbxn--1ck2e1bar0emma" +
+	"fann-arboretumbriamallamaceiobbcg12038xn--j1ael8batochiokinoshim" +
+	"aizurugbyglandroverhallahppiacenzachpomorskienavuotnapleskns3-us" +
+	"-gov-west-1xn--j1amhakonexn--j6w193gxn--jlq480n2rgxn--jlq61u9w7b" +
+	"atsfjordishakotanayorovnobserverxn--jlster-byatominamidaitomanch" +
+	"esterxn--jrpeland-54axn--jvr189miniserverxn--k7yn95exn--karmy-yu" +
+	"axn--kbrq7oxn--kcrx77d1x4axn--kfjord-iuaxn--klbu-woaxn--klt787dx" +
+	"n--kltp7dxn--kltx9axn--klty5xn--3pxu8konsulatrobeeldengeluidvare" +
+	"servdxn--koluokta-7ya57hakubahcavuotnagaivuotnagaokakyotambabydg" +
+	"oszczecinemagnetnedalipaywhirlxn--kprw13dxn--kpry57dxn--kput3is-" +
+	"into-cartoonshitaramaxn--krager-gyatsukanoyaltakashimarnardalxn-" +
+	"-kranghke-b0axn--krdsherad-m8axn--krehamn-dxaxn--krjohka-hwab49j" +
+	"devcloudfunctionshizukuishimofusaitoshimatsuzakis-a-patsfanxn--k" +
+	"snes-uuaxn--kvfjord-nxaxn--kvitsy-fyatsushiroxn--kvnangen-k0axn-" +
+	"-l-1fairwindsusakis-an-entertainerxn--l1accentureklamborghinikol" +
+	"aeventsusonoxn--laheadju-7yawaraxn--langevg-jxaxn--lcvr32dxn--ld" +
+	"ingen-q1axn--leagaviika-52bauhauspostman-echocolatemasekd1xn--le" +
+	"sund-huaxn--lgbbat1ad8jdfaststacksaves-the-whalessandria-trani-b" +
+	"arletta-andriatranibarlettaandriaxn--lgrd-poacctrysiljanxn--lhpp" +
+	"i-xqaxn--linds-pramericanartunespeedpartnerxn--lns-qlavagiskexn-" +
+	"-loabt-0qaxn--lrdal-sraxn--lrenskog-54axn--lt-liacngrossetouchih" +
+	"ayaakasakawaharaxn--lten-granexn--lury-iraxn--m3ch0j3axn--mely-i" +
+	"raxn--merker-kuaxn--mgb2ddesuzakanagawaxn--mgb9awbfbx-oslocuscou" +
+	"ntryestateofdelawareclaimsavonarusawaxn--mgba3a3ejtunkongsbergxn" +
+	"--mgba3a4f16axn--mgba3a4fra1-deltaitogakushimotoganexn--mgba7c0b" +
+	"bn0axn--mgbaakc7dvfbxostrowwlkpmguovdageaidnulvikashiwazakiwielu" +
+	"nnerxn--mgbaam7a8hakuis-a-geekatsuyamarshallstatebankaufentigerx" +
+	"n--mgbab2bdxn--mgbah1a3hjkrdxn--mgbai9a5eva00bellunord-aurdalvda" +
+	"laskanittedallasalleangaviikadenagahamaroyerxn--mgbai9azgqp6jeju" +
+	"niperxn--mgbayh7gpalermomahachijolsterxn--mgbbh1a71exn--mgbc0a9a" +
+	"zcgxn--mgbca7dzdoxn--mgbcpq6gpa1axn--mgberp4a5d4a87gxn--mgberp4a" +
+	"5d4arxn--mgbgu82axn--mgbi4ecexposedxn--mgbpl2fhskypexn--mgbqly7c" +
+	"0a67fbcnpyatigorskolecznagasukexn--mgbqly7cvafr-1xn--mgbt3dhdxn-" +
+	"-mgbtf8flapymnturystykaneyamazoexn--mgbtx2beneventodayombolzano-" +
+	"altoadigeologyomitanoceanographiqueu-3xn--mgbx4cd0abbvieeexn--mi" +
+	"x082fedorainfraclouderaxn--mix891fedorapeoplegallodingenxn--mjnd" +
+	"alen-64axn--mk0axin-the-bandais-into-gamessinazawaxn--mk1bu44cns" +
+	"annanxn--mkru45is-leetrentino-sud-tirolxn--mlatvuopmi-s4axn--mli" +
+	"-tlavangenxn--mlselv-iuaxn--moreke-juaxn--mori-qsakuragawaxn--mo" +
+	"sjen-eyawatahamaxn--mot-tlazioxn--mre-og-romsdal-qqbuseranishiar" +
+	"itakurashikis-lostre-toteneis-a-nursellsyourhomeftphonefosshirak" +
+	"okamiminershiranukamisunagawaxn--msy-ula0hakusanagochijiwadefini" +
+	"mamateramochizukinkobierzycexn--mtta-vrjjat-k7afedoraprojectozsd" +
+	"elmenhorstalbansaxoxn--muost-0qaxn--mxtq1minisitexn--ngbc5azdxn-" +
+	"-ngbe9e0axn--ngbrxn--41axn--nit225kosakaerodromegallupaascolipic" +
+	"eno-ipifony-1xn--nmesjevuemie-tcbalsan-sudtirollagdenesnaaseinet" +
+	"-freaksuzukananiikappudoxn--nnx388axn--nodessakurais-not-certifi" +
+	"edxn--nqv7fs00emaxn--nry-yla5gxn--ntso0iqx3axn--ntsq17gxn--ntter" +
+	"y-byaeservehalflifeinsurancexn--nvuotna-hwaxn--nyqy26axn--o1ache" +
+	"rnihivgubsuzukis-bytomaritimekeepingxn--o3cw4haldenxn--o3cyx2axn" +
+	"--od0algxn--od0aq3bentleyonagoyautomotivelandeportexasnesoddenma" +
+	"rkhangelskjakdnepropetrovskiervaapsteiermarkanzakiwakunigamihokk" +
+	"aidovre-eikerxn--ogbpf8flatangerxn--oppegrd-ixaxn--ostery-fyaxn-" +
+	"-osyro-wuaxn--otu796dxn--p1acfeiraquarelleaseeklogeschokokekscho" +
+	"koladenxn--p1ais-savedxn--pgbs0dhlx3xn--porsgu-sta26fermockasser" +
+	"versaillescholarshipschoolsztynsettsurfashionxn--pssu33lxn--pssy" +
+	"2uxn--q7ce6axn--q9jyb4cntmparsannohelplfinancialvivanovoldaxn--q" +
+	"cka1pmckinseyxn--qqqt11minnesotaketakayamassa-carrara-massacarra" +
+	"ramassabusinessebykleclerchromediatechnologyxn--qxa6axn--qxamste" +
+	"rdamnserverbaniaxn--rady-iraxn--rdal-poaxn--rde-ulaxn--rdy-0naba" +
+	"ris-slickhakassiaxn--rennesy-v1axn--rhkkervju-01aferraraxn--rhol" +
+	"t-mragowoltlab-democraciaxn--rhqv96gxn--rht27zxn--rht3dxn--rht61" +
+	"exn--risa-5naturalhistorymuseumcenterxn--risr-iraxn--rland-uuaxn" +
+	"--rlingen-mxaxn--rmskog-byaxn--rny31halsaitamatsukuris-a-greenxn" +
+	"--rovu88beppublishproxyonagunicloudiskussionsbereichattanooganor" +
+	"ddalimitedisrechtranakaiwamizawawsmpplanetariumcpreservationfsho" +
+	"strodawarautoscanadaeguambulancentralus-2xn--rros-granvindafjord" +
+	"xn--rskog-uuaxn--rst-0naturalsciencesnaturellesvalbardunloppacif" +
+	"icitichiryukyuragifuchungbukharaumalatvuopmicrosoftbankariyamein" +
+	"forumzxn--rsta-framercanvasvcivilaviationissedaluroyxn--rvc1e0am" +
+	"3exn--ryken-vuaxn--ryrvik-byaxn--s-1faithammarfeastafricapitalon" +
+	"ewspaperxn--s9brj9collectionxn--sandnessjen-ogbeskidyn-ip24lima-" +
+	"cityeatselinogradimo-i-rana4u2-localhostrolekaniepce12hpalmasera" +
+	"ti234xn--sandy-yuaxn--sdtirol-n2axn--seral-lraxn--ses554gxn--sgn" +
+	"e-graphoxn--42c2d9axn--skierv-utazasveioxn--skjervy-v1axn--skjk-" +
+	"soaxn--sknit-yqaxn--sknland-fxaxn--slat-5naturbruksgymnxn--slt-e" +
+	"labcieszynh-serveblogspotaribeiraogakibichuoxn--smla-hraxn--smna" +
+	"-gratangentlentapisa-geekoseis-a-playershiftcryptonomichigangwon" +
+	"xn--snase-nraxn--sndre-land-0cbestbuyshouses3-us-west-1xn--snes-" +
+	"poaxn--snsa-roaxn--sr-aurdal-l8axn--sr-fron-q1axn--sr-odal-q1axn" +
+	"--sr-varanger-ggbetainaboxfusejnyanagawalmartattoolforgerockartu" +
+	"zyoriikarasjokarasuyamarriottaxihuanhlfanhs3-us-west-2xn--srfold" +
+	"-byaxn--srreisa-q1axn--srum-gratis-a-bulls-fanxn--stfold-9xaxn--" +
+	"stjrdal-s1axn--stjrdalshalsen-sqbhzcasadelamonedanceu-4xn--stre-" +
+	"toten-zcbieidskoguchikuzenikonanporocelotenkawaveroykenflfanpach" +
+	"igasakids3-eu-west-1xn--t60b56axn--tckwebthingsvelvikomvuxn--3bs" +
+	"t00minamiminowaxn--tiq49xqyjelasticbeanstalkharkivanylvenneslask" +
+	"errylogisticshizuokamitsuexn--tjme-hraxn--tn0agrinetbankosherbro" +
+	"okegawaxn--tnsberg-q1axn--tor131oxn--trany-yuaxn--trentin-sd-tir" +
+	"ol-rzbielawaltervistainaioirasebastopologyeongnamegawafaicloudin" +
+	"eat-urlimoliseminevje-og-hornnes3-website-ap-northeast-1xn--tren" +
+	"tin-sdtirol-7vbiellair-traffic-controlleyoshiokanumazuryukiiyama" +
+	"nouchikuhokuryugasakitanakagusukumodumeloyalistoragextraspace-to" +
+	"-rentalstomakomaibaravocatanzarowbq-aurskog-holandingivingjemnes" +
+	"3-ap-southeast-2xn--trentino-sd-tirol-c3bieszczadygeyachiyodaeje" +
+	"onbukcoalwaysdatabaseballangenkainanaejrietisalatinabenonicbcn-n" +
+	"orth-1xn--trentino-sdtirol-szbievat-band-campaniavoues3-eu-west-" +
+	"2xn--trentinosd-tirol-rzbifukagawashingtondclk3xn--trentinosdtir" +
+	"ol-7vbigv-infolldalivornow-dns3-website-ap-southeast-1xn--trenti" +
+	"nsd-tirol-6vbihorologyukuhashimoichinosekigaharaxarnetflixilovec" +
+	"ollegefantasyleaguernseyokotebetsuikirkenes3-eu-west-3utilities-" +
+	"1xn--trentinsdtirol-nsbikedaemonmoutheworkpccweddinglassassinati" +
+	"onalheritagexn--trgstad-r1axn--trna-woaxn--troms-zuaxn--tysvr-vr" +
+	"axn--uc0atvestre-totennishiawakuraxn--uc0ay4axn--uist22hamurakam" +
+	"igoris-a-gurunusualpersonxn--uisz3gxn--unjrga-rtarumizusawaxn--u" +
+	"nup4yxn--uuwu58axn--vads-jraxn--valle-aoste-ebbtuscanyxn--valle-" +
+	"d-aoste-ehbodoes-itcouldbeworldxn--valleaoste-e7axn--valledaoste" +
+	"-ebbvadsoccertmgrazerbaijan-mayengerdalcesvizzeraxn--vard-jraxn-" +
+	"-vegrshei-c0axn--vermgensberater-ctbitsvn-reposouthcarolinarviko" +
+	"monoticiashowaxn--vermgensberatung-pwblogoiplatter-appinkomatsus" +
+	"himarumorimachidaxn--vestvgy-ixa6oxn--vg-yiabkhaziaxn--vgan-qoax" +
+	"n--vgsy-qoa0jelenia-goraxn--vgu402colognexus-3xn--vhquvestvagoyx" +
+	"n--vler-qoaxn--vre-eiker-k8axn--vrggt-xqadxn--vry-yla5gxn--vuq86" +
+	"1bilbaokinawashirosatobishimagentositecnologiazurewebsiteshikaga" +
+	"miishibukawakkanaibetsubamericanfamilydsmynasushiobarackmazeplay" +
+	"okozebinagisochildrensgardenaval-d-aosta-valleyolasitebinordland" +
+	"evelopmentatsunobninskaracoldwarszawaustevollillyboltateshinanom" +
+	"achimkentateyamajudygarlanddnskingitpagefrontappalmspringsakeret" +
+	"rosnubaltimore-og-romsdalp1xn--w4r85el8fhu5dnraxn--w4rs40lxn--wc" +
+	"vs22dxn--wgbh1colonialwilliamsburgroundhandlingroznyxn--wgbl6axn" +
+	"--xhq521billustrationrenderxn--xkc2al3hye2axn--xkc2dl3a5ee0hands" +
+	"onyxn--y9a3aquariumintereisenxn--yer-znaturhistorischeswidnicart" +
+	"oonartdecologiaxn--yfro4i67oxn--ygarden-p1axn--ygbi2ammxn--45br5" +
+	"cylxn--ystre-slidre-ujbiocpanamatsushigexn--zbx025dxn--zf0ao64ax" +
+	"n--zf0avxlxn--zfr164bipanasonicasertaipeidsvollombardiadembetsuk" +
+	"ubankaratexnbayxz"
 
 // nodes is the list of nodes. Each node is represented as a uint32, which
 // encodes the node's children, wildcard bit and node type (as an index into
@@ -542,9307 +546,9337 @@ const text = "9guacuiababia-goracleaningroks-theatree12hpalmasfjorden4tatarant"
 //	[15 bits] text index
 //	[ 6 bits] text length
 var nodes = [...]uint32{
-	0x329b43,
-	0x2f0784,
-	0x31f886,
-	0x21a5c3,
-	0x21a5c6,
-	0x399386,
-	0x3bf783,
-	0x277104,
-	0x2029c7,
-	0x31f4c8,
+	0x3346c3,
+	0x358784,
+	0x2ed746,
+	0x21cb43,
+	0x21cb46,
+	0x399c86,
+	0x3c3043,
+	0x221ec4,
+	0x205687,
+	0x2ed388,
 	0x1a000c2,
-	0x1f3cd07,
-	0x37f349,
-	0x2ddb4a,
-	0x2ddb4b,
-	0x23d883,
-	0x23f745,
-	0x2202ac2,
-	0x28c4c4,
-	0x2c9743,
-	0x3734c5,
-	0x2602c02,
-	0x354743,
-	0x2a85584,
-	0x374945,
-	0x2e0f242,
-	0x229d8e,
-	0x260543,
-	0x3b9946,
-	0x3205b42,
-	0x378ac7,
-	0x242446,
-	0x36041c2,
-	0x293b03,
-	0x232946,
-	0x38ec88,
-	0x298246,
-	0x359944,
-	0x3a00ac2,
-	0x34b549,
-	0x22d607,
-	0x2094c6,
-	0x3679c9,
-	0x224748,
-	0x210204,
-	0x2f9546,
-	0x207b46,
-	0x3e03742,
-	0x239b06,
-	0x216b8f,
-	0x3cd40e,
-	0x22ff04,
-	0x311205,
-	0x32dbc5,
-	0x3aec89,
-	0x2494c9,
-	0x233147,
-	0x221b46,
-	0x21da43,
-	0x420b602,
-	0x233843,
-	0x2b200a,
-	0x4602043,
-	0x3402c5,
-	0x30c842,
-	0x3ab409,
-	0x4e00ec2,
-	0x207e84,
-	0x346706,
-	0x2c54c5,
-	0x376bc4,
-	0x5646644,
-	0x2030c3,
-	0x23a844,
-	0x5a00b82,
-	0x3e3104,
-	0x5f35d04,
-	0x3e1b0a,
+	0x1f44d87,
+	0x385a09,
+	0x2e460a,
+	0x2e460b,
+	0x238883,
+	0x241b45,
+	0x2204502,
+	0x204504,
+	0x2cdbc3,
+	0x252f05,
+	0x2602142,
+	0x36c683,
+	0x2a20c04,
+	0x202145,
+	0x2e03702,
+	0x219e8e,
+	0x267743,
+	0x3bdcc6,
+	0x3203f42,
+	0x2ed8c7,
+	0x244206,
+	0x3603802,
+	0x2979c3,
+	0x235c86,
+	0x21d4c8,
+	0x29e686,
+	0x3aa2c4,
+	0x3a00b02,
+	0x354109,
+	0x224ac7,
+	0x3804c6,
+	0x3704c9,
+	0x391a48,
+	0x24fcc4,
+	0x349446,
+	0x3d4146,
+	0x3e01902,
+	0x2fe906,
+	0x218e0f,
+	0x3e960e,
+	0x311c44,
+	0x228685,
+	0x339845,
+	0x3b1ec9,
+	0x24a949,
+	0x236487,
+	0x207a06,
+	0x207943,
+	0x4204302,
+	0x216183,
+	0x2b990a,
+	0x4604d03,
+	0x347a45,
+	0x314102,
+	0x3ac849,
+	0x4e01d42,
+	0x20ad44,
+	0x2ffcc6,
+	0x258405,
+	0x37ce44,
+	0x5721084,
+	0x205d83,
+	0x241004,
+	0x5a016c2,
+	0x300b84,
+	0x5e02084,
+	0x35030a,
 	0x6200882,
-	0x2b82c7,
-	0x36f9c8,
-	0x7a01e02,
-	0x335087,
-	0x2f5404,
-	0x2f5407,
-	0x3ea985,
-	0x381247,
-	0x340886,
-	0x349f84,
-	0x3544c5,
-	0x26d147,
-	0x9205202,
-	0x239c83,
-	0x961a7c2,
-	0x3b6143,
-	0x9a04142,
-	0x26e645,
+	0x2631c7,
+	0x2339c8,
+	0x7a0c502,
+	0x33e407,
+	0x237c44,
+	0x36ddc7,
+	0x237c45,
+	0x387787,
+	0x35ca86,
+	0x2a1784,
+	0x3b9245,
+	0x27a907,
+	0x9218682,
+	0x2fea83,
+	0x9620102,
+	0x3dabc3,
+	0x9a0f202,
+	0x289b85,
 	0x9e00202,
-	0x379b84,
-	0x239305,
-	0x22fe47,
-	0x2f78ce,
-	0x2c4ac4,
-	0x219684,
-	0x207e43,
-	0x3bc989,
-	0x2e700b,
-	0x2f8288,
-	0x32acc8,
-	0x330248,
-	0x3d0bc8,
-	0xa36780a,
-	0x381147,
-	0x3d7f06,
-	0xa61a602,
-	0x271d03,
-	0x3dfa43,
-	0x3e1204,
-	0x271d43,
-	0x396303,
-	0x17385c2,
-	0xaa02b82,
-	0x28ffc5,
-	0x266446,
-	0x2a59c4,
-	0x3a94c7,
-	0x24f486,
-	0x2d64c4,
-	0x3c13c7,
-	0x2194c3,
-	0xb6e29c2,
-	0xbb27082,
-	0xbe27bc2,
-	0x227bc6,
+	0x37fe84,
+	0x23cfc5,
+	0x311b87,
+	0x30420e,
+	0x2ca444,
+	0x28fac4,
+	0x204243,
+	0x324fc9,
+	0x2ec50b,
+	0x2fd348,
+	0x335848,
+	0x33b708,
+	0x3d6448,
+	0xa37030a,
+	0x387687,
+	0x2542c6,
+	0xa61cb82,
+	0x378743,
+	0x3e0b43,
+	0x3e2084,
+	0x378783,
+	0x397143,
+	0x1740a82,
+	0xaa02742,
+	0x292d05,
+	0x35a086,
+	0x2aa1c4,
+	0x3a9487,
+	0x251c86,
+	0x2da804,
+	0x3c5787,
+	0x202743,
+	0xb6e7fc2,
+	0xba1da82,
+	0xbe16c02,
+	0x21db46,
 	0xc200282,
-	0x269185,
-	0x339b03,
-	0x3d9704,
-	0x2fe784,
-	0x2fe785,
-	0x3ef083,
-	0xc658843,
-	0xca06f02,
-	0x20d3c5,
-	0x20d3cb,
-	0x20e18b,
-	0x2045c4,
-	0x20d7c9,
-	0x20fcc4,
-	0xce10602,
-	0x210e43,
-	0x2113c3,
-	0xd20a182,
-	0x21e78a,
-	0xd602a02,
-	0x28c745,
-	0x2f348a,
-	0x2510c4,
-	0x212a43,
-	0x213104,
-	0x2151c3,
-	0x2151c4,
-	0x2151c7,
-	0x217005,
-	0x217c06,
-	0x2183c6,
-	0x21a643,
-	0x21ffc8,
-	0x213743,
-	0xda037c2,
-	0x230d08,
-	0x2984cb,
-	0x2284c8,
-	0x229146,
-	0x22a187,
-	0x22d208,
-	0xf205f42,
-	0xf6272c2,
-	0x27c848,
-	0x2370c7,
-	0x314b85,
-	0xfb14b88,
-	0xfe23848,
-	0x2551c3,
-	0x2319c4,
-	0x399402,
-	0x10232002,
-	0x106083c2,
-	0x10e32382,
-	0x232383,
-	0x11203702,
-	0x30e183,
-	0x220ec4,
-	0x207243,
-	0x2101c4,
-	0x24f18b,
-	0x203703,
-	0x2fa346,
-	0x28cfc4,
-	0x2d06ce,
-	0x384b05,
-	0x277848,
-	0x3b9a47,
-	0x3b9a4a,
-	0x223203,
-	0x2f0587,
-	0x2e71c5,
-	0x238b84,
-	0x25fc86,
-	0x25fc87,
-	0x36d4c4,
-	0x117145c4,
-	0x3c5a04,
-	0x24ed84,
-	0x3d1606,
-	0x224dc3,
-	0x3d5608,
-	0x3d7348,
-	0x29e303,
-	0x21e743,
-	0x343a04,
-	0x356943,
-	0x11e035c2,
-	0x122b79c2,
-	0x202546,
-	0x2f9643,
-	0x3b2fc4,
-	0x12648fc2,
-	0x29ed03,
-	0x381a43,
-	0x21ce82,
-	0x12a02102,
-	0x2dd246,
-	0x21e247,
-	0x36f747,
-	0x2ef505,
-	0x348b84,
-	0x2fbb05,
-	0x2d1bc7,
-	0x2ba349,
-	0x2bbdc6,
-	0x2ef406,
-	0x13a12fc2,
-	0x318508,
-	0x321246,
-	0x30a6c5,
-	0x309f47,
-	0x310244,
-	0x310245,
-	0x373104,
-	0x373108,
-	0x13e0d482,
+	0x3676c5,
+	0x341fc3,
+	0x3dc584,
+	0x305544,
+	0x305545,
+	0x3f2583,
+	0xc60bec3,
+	0xca0aa82,
+	0x20e485,
+	0x20e48b,
+	0x30f70b,
+	0x211d44,
+	0x20ed49,
+	0x20fdc4,
+	0xce10482,
+	0x210cc3,
+	0x211243,
+	0xd211f02,
+	0x216f8a,
+	0xd602642,
+	0x204785,
+	0x2f8cca,
+	0x24f984,
+	0x2139c3,
+	0x2153c4,
+	0x218043,
+	0x218044,
+	0x218047,
+	0x219285,
+	0x21a286,
+	0x21ae86,
+	0x21cbc3,
+	0x2234c8,
+	0x215a03,
+	0xda03ac2,
+	0x365d08,
+	0x29e90b,
+	0x22c908,
+	0x22d286,
+	0x22d907,
+	0x22f608,
+	0xf201002,
+	0xf629b02,
+	0x27f688,
+	0x23b007,
+	0x213f05,
+	0xfb1cc08,
+	0xffb11c8,
+	0x285f03,
+	0x235504,
+	0x399d02,
+	0x10235982,
+	0x1060b282,
+	0x10e36f02,
+	0x236f03,
+	0x11203d82,
+	0x315983,
+	0x254ac4,
+	0x203d83,
+	0x24fc84,
+	0x25198b,
+	0x2063c3,
+	0x301806,
+	0x26c004,
+	0x2d85ce,
+	0x3259c5,
+	0x279e08,
+	0x3bddc7,
+	0x3bddca,
+	0x23c843,
+	0x358587,
+	0x2ec6c5,
+	0x23c844,
+	0x266e86,
+	0x266e87,
+	0x376204,
+	0x1171c644,
+	0x3f3784,
+	0x251584,
+	0x209f46,
+	0x213cc3,
+	0x213cc8,
+	0x21ff08,
+	0x2a55c3,
+	0x216f43,
+	0x34d4c4,
+	0x35ee03,
+	0x11e06282,
+	0x12227e82,
+	0x205206,
+	0x349543,
+	0x27b604,
+	0x12611582,
+	0x211583,
+	0x23d283,
+	0x21f9c2,
+	0x12a045c2,
+	0x2e0c86,
+	0x22ad87,
+	0x233747,
+	0x2fc645,
+	0x3b7c84,
+	0x2e0085,
+	0x2d5187,
+	0x3594c9,
+	0x3b1646,
+	0x2fc546,
+	0x13a12f82,
+	0x320588,
+	0x32c046,
+	0x333c45,
+	0x317507,
+	0x3bb044,
+	0x3bb045,
+	0x3bf004,
+	0x3bf008,
+	0x13e02882,
 	0x14200482,
-	0x254206,
+	0x38e506,
 	0x200488,
-	0x328205,
-	0x34c246,
-	0x34ea08,
-	0x35d3c8,
-	0x14602cc5,
-	0x17243244,
-	0x285687,
-	0x1760f742,
-	0x17ab90c2,
-	0x18e05842,
-	0x346805,
-	0x19a96945,
-	0x277e86,
-	0x3b6547,
-	0x3ba447,
-	0x19e29f43,
-	0x33f007,
-	0x3cc1c8,
-	0x27635149,
-	0x229f47,
-	0x235887,
-	0x342548,
-	0x236086,
-	0x238686,
-	0x23b74c,
-	0x23cd0a,
-	0x23d8c7,
-	0x23f60b,
-	0x240307,
-	0x24030e,
-	0x27a40ec4,
-	0x241284,
-	0x244887,
-	0x253c47,
-	0x248706,
-	0x248707,
-	0x32b4c7,
-	0x261c03,
-	0x27e0f1c2,
-	0x249ec6,
-	0x249eca,
-	0x24ab0b,
-	0x24c887,
-	0x24d305,
-	0x24d783,
-	0x24df46,
-	0x24df47,
-	0x38f183,
-	0x28200102,
-	0x24eaca,
-	0x28729c42,
-	0x28ba8ac2,
-	0x28e48e02,
-	0x29238fc2,
-	0x251805,
-	0x252204,
-	0x29e01bc2,
-	0x3e3185,
-	0x24b103,
-	0x2a4585,
-	0x202444,
-	0x216384,
-	0x2dfb06,
-	0x2608c6,
-	0x20d5c3,
-	0x3d4804,
-	0x340b43,
-	0x2ae00d02,
-	0x22a504,
-	0x22a506,
-	0x257a85,
-	0x2b5a46,
-	0x30a048,
-	0x2138c4,
-	0x31de08,
-	0x38ea45,
-	0x281d88,
-	0x2d9f06,
-	0x21ba87,
-	0x27f784,
-	0x2c27f786,
-	0x2c605483,
-	0x3ac1c3,
-	0x2cc488,
-	0x333444,
-	0x2ca131c7,
-	0x24c106,
-	0x2f1289,
-	0x366948,
-	0x330988,
-	0x332384,
-	0x3d69c3,
-	0x24b1c2,
-	0x2d25d9c2,
-	0x2d61c982,
-	0x31f383,
-	0x2da02b02,
-	0x38f104,
-	0x288c46,
-	0x23eb43,
-	0x2cd707,
-	0x385d43,
-	0x2c4b88,
-	0x229545,
-	0x26c9c3,
-	0x239285,
-	0x2393c4,
-	0x3a6f86,
-	0x22bb06,
-	0x22fd86,
-	0x25db84,
-	0x2406c3,
-	0x2de46882,
-	0x2e23fd85,
+	0x3402c5,
+	0x357386,
+	0x361608,
+	0x3653c8,
+	0x14605985,
+	0x1722f8c4,
+	0x2849c7,
+	0x17607e42,
+	0x17b6e3c2,
+	0x18e0b642,
+	0x2ffdc5,
+	0x19a9a145,
+	0x27a446,
+	0x3dafc7,
+	0x3e6887,
+	0x19e1a043,
+	0x34af07,
+	0x28f9c8,
+	0x27a38d49,
+	0x21a047,
+	0x239447,
+	0x34be48,
+	0x239fc6,
+	0x23c346,
+	0x23e30c,
+	0x24000a,
+	0x2404c7,
+	0x241a0b,
+	0x242707,
+	0x24270e,
+	0x27e43444,
+	0x243544,
+	0x245687,
+	0x38df47,
+	0x249e06,
+	0x249e07,
+	0x33bfc7,
+	0x288583,
+	0x28203682,
+	0x24c806,
+	0x24c80a,
+	0x24d24b,
+	0x24e8c7,
+	0x24f505,
+	0x250943,
+	0x250cc6,
+	0x250cc7,
+	0x21d9c3,
+	0x28600102,
+	0x2512ca,
+	0x28b347c2,
+	0x28fa8a82,
+	0x2924a282,
+	0x2963cc82,
+	0x254705,
+	0x255504,
+	0x2a203402,
+	0x300c05,
+	0x24d843,
+	0x3cabc5,
+	0x205104,
+	0x22f4c4,
+	0x2e3a86,
+	0x267ac6,
+	0x20e683,
+	0x3d8a84,
+	0x35cd43,
+	0x2b2101c2,
+	0x22dc84,
+	0x22dc86,
+	0x25bb85,
+	0x2bc906,
+	0x317608,
+	0x215b84,
+	0x3289c8,
+	0x38f745,
+	0x294ec8,
+	0x2de106,
+	0x318747,
+	0x282a44,
+	0x2c682a46,
+	0x2ca24dc3,
+	0x3ad7c3,
+	0x2c5608,
+	0x33c744,
+	0x2ce15487,
+	0x28b246,
+	0x2f55c9,
+	0x36ea08,
+	0x371dc8,
+	0x37b1c4,
+	0x223403,
+	0x2304c2,
+	0x2d664842,
+	0x2da30902,
+	0x329e83,
+	0x2de057c2,
+	0x21d944,
+	0x29ef86,
+	0x241543,
+	0x2d1ec7,
+	0x20cec3,
+	0x2ca508,
+	0x231645,
+	0x2724c3,
+	0x23cf45,
+	0x23d084,
+	0x3bad46,
+	0x2366c6,
+	0x311ac6,
+	0x2e2904,
+	0x242ac3,
+	0x2e217e02,
+	0x2e642185,
 	0x200843,
-	0x2ea03402,
-	0x220203,
-	0x205a45,
-	0x2ee24d03,
-	0x2f63e6c9,
-	0x2fa00942,
-	0x30204f42,
-	0x29bc85,
-	0x21ecc6,
-	0x29d146,
-	0x308d88,
-	0x308d8b,
-	0x345ecb,
-	0x38a445,
-	0x2e2f49,
-	0x1602642,
-	0x31fb88,
-	0x20dac4,
-	0x30a03642,
-	0x33dfc3,
-	0x31253e06,
-	0x3160ea82,
-	0x3d11c8,
-	0x31a06cc2,
-	0x26f54a,
-	0x322771c3,
-	0x32b7f986,
-	0x315d88,
-	0x398846,
-	0x3957c7,
-	0x216d87,
-	0x2076ca,
-	0x251144,
-	0x364a84,
-	0x37ee49,
-	0x32fb9585,
-	0x229dc6,
-	0x22e783,
-	0x282a04,
-	0x3320a6c4,
-	0x20a6c7,
-	0x33656c07,
-	0x29ed44,
-	0x2400c5,
-	0x277f48,
-	0x252d07,
-	0x252f87,
-	0x33a18b02,
-	0x3a8084,
-	0x2a51c8,
-	0x2547c4,
-	0x259344,
-	0x259745,
-	0x259887,
-	0x34689bc9,
-	0x25a444,
-	0x25b309,
-	0x25b9c8,
-	0x25c604,
-	0x25c607,
-	0x25d7c3,
-	0x25e587,
-	0x34a00c02,
-	0x16c7402,
-	0x25f746,
-	0x2bf047,
-	0x2600c4,
-	0x261687,
-	0x263287,
-	0x263883,
-	0x34e62642,
-	0x213802,
-	0x2649c3,
-	0x2649c4,
-	0x2649cb,
-	0x32adc8,
-	0x213804,
-	0x265e85,
-	0x2676c7,
-	0x2f4d05,
-	0x31b2ca,
-	0x26ac43,
-	0x35202e42,
-	0x215a44,
-	0x271f49,
-	0x275843,
-	0x275907,
-	0x330689,
-	0x3929c8,
-	0x20f283,
-	0x28f107,
-	0x27e1c3,
-	0x295f04,
-	0x2975c9,
-	0x29a286,
-	0x3a3f03,
-	0x202a82,
-	0x26dc83,
-	0x2c7207,
-	0x39a245,
-	0x2ca6c6,
-	0x29e6c4,
-	0x37bf05,
-	0x28fa83,
-	0x21c186,
-	0x218143,
-	0x20d9c2,
-	0x258804,
-	0x356a5c02,
-	0x35b10a03,
-	0x35e038c2,
-	0x2574c3,
-	0x218844,
-	0x242047,
-	0x21f406,
-	0x20a682,
-	0x36204682,
-	0x330bc4,
-	0x36a15342,
-	0x36e05d02,
-	0x205d04,
-	0x205d05,
-	0x3ce545,
-	0x3b6ec6,
-	0x37208442,
-	0x3d5a05,
-	0x3d9e45,
-	0x296883,
-	0x239d46,
-	0x212005,
-	0x227b42,
-	0x35d005,
-	0x227b44,
-	0x230783,
-	0x2309c3,
-	0x3760ccc2,
-	0x26d347,
-	0x267884,
-	0x267889,
-	0x282904,
-	0x2967c3,
-	0x2c3e48,
-	0x37a967c4,
-	0x2967c6,
-	0x2b5543,
-	0x266803,
-	0x2e9c43,
-	0x37f003c2,
-	0x392ec2,
-	0x38200642,
-	0x33b848,
-	0x213508,
-	0x3c4846,
-	0x2916c5,
-	0x234b85,
-	0x209fc7,
-	0x3868a905,
-	0x21e682,
-	0x38aa71c2,
-	0x38e00042,
-	0x321ec8,
-	0x318445,
-	0x302d04,
-	0x24da05,
-	0x2562c7,
-	0x295d04,
-	0x262442,
-	0x3922cf82,
-	0x351b84,
-	0x230607,
-	0x29c207,
-	0x381204,
-	0x3e0443,
-	0x29e244,
-	0x29e248,
-	0x396389c6,
-	0x25fb0a,
-	0x35b6c4,
-	0x2a4c08,
-	0x23ff44,
-	0x22a286,
-	0x2a7184,
-	0x346b06,
-	0x267b49,
-	0x223d07,
-	0x3a6c43,
-	0x39a04d02,
-	0x3c3943,
-	0x210802,
-	0x39e0a442,
-	0x26e406,
-	0x24bc88,
-	0x2b6347,
-	0x233549,
-	0x2b6509,
-	0x2b9a05,
-	0x2bb609,
-	0x2bc705,
-	0x2bd545,
-	0x2be748,
-	0x3a207304,
-	0x3a634307,
-	0x235c43,
-	0x2be947,
-	0x235c46,
-	0x2bf5c7,
-	0x2b4445,
-	0x2354c3,
-	0x3aa3cac2,
-	0x212c84,
-	0x3ae05302,
-	0x3b21d7c2,
-	0x30db46,
-	0x36f945,
-	0x2c2507,
-	0x383d03,
-	0x238404,
+	0x2ee060c2,
+	0x21c0c3,
+	0x300a45,
+	0x2f226783,
+	0x2fa410c9,
+	0x2fe00942,
+	0x30612002,
+	0x29fe85,
+	0x221206,
+	0x2bd3c6,
+	0x3171c8,
+	0x3171cb,
+	0x34fb0b,
+	0x2fc845,
+	0x2e8549,
+	0x1601082,
+	0x2cee08,
+	0x20f044,
+	0x30e01b42,
+	0x346043,
+	0x316e82c6,
+	0x31a02182,
+	0x3d6a48,
+	0x31e0a842,
+	0x2738ca,
+	0x32679783,
+	0x32f86046,
+	0x31de08,
+	0x221b86,
+	0x396707,
+	0x219007,
+	0x3d3cca,
+	0x24fa04,
+	0x36c404,
+	0x385109,
+	0x333bd905,
+	0x219ec6,
+	0x2115c3,
+	0x2872c4,
+	0x33601d04,
+	0x201d07,
+	0x33bae987,
+	0x264f44,
+	0x2424c5,
+	0x27a508,
+	0x256007,
+	0x256287,
+	0x33e1b5c2,
+	0x2ae1c4,
+	0x2a99c8,
+	0x259284,
+	0x25d444,
+	0x25d845,
+	0x25d987,
+	0x34b68049,
+	0x23be84,
+	0x25f649,
+	0x2607c8,
+	0x262104,
+	0x262107,
+	0x264643,
+	0x265cc7,
+	0x34e00bc2,
+	0x16ccd82,
+	0x266946,
+	0x2c48c7,
+	0x2672c4,
+	0x268887,
+	0x269387,
+	0x26a303,
+	0x352698c2,
+	0x215ac2,
+	0x26b7c3,
+	0x26b7c4,
+	0x26b7cb,
+	0x335948,
+	0x215ac4,
+	0x26ca05,
+	0x26e147,
+	0x2fa885,
+	0x34deca,
+	0x270903,
+	0x35605b02,
+	0x2727c4,
+	0x274309,
+	0x277c03,
+	0x277cc7,
+	0x244b49,
+	0x20e288,
+	0x203743,
+	0x291e47,
+	0x244603,
+	0x299704,
+	0x29adc9,
+	0x29dc86,
+	0x32b303,
+	0x203f82,
+	0x2ccb83,
+	0x2ccb87,
+	0x39ab45,
+	0x3a3c06,
+	0x2d1704,
+	0x39b945,
+	0x2927c3,
+	0x21f0c6,
+	0x2094c3,
+	0x20ef42,
+	0x25c904,
+	0x35a03942,
+	0x35f339c3,
+	0x36206582,
+	0x243b43,
+	0x21b304,
+	0x25a807,
+	0x2a8606,
+	0x201cc2,
+	0x36601c82,
+	0x372004,
+	0x36e181c2,
+	0x37203d02,
+	0x2af084,
+	0x2af085,
+	0x20db45,
+	0x3d4d06,
+	0x37607282,
+	0x370985,
+	0x3dccc5,
+	0x207283,
+	0x2feb46,
+	0x2140c5,
+	0x21dac2,
+	0x363205,
+	0x21dac4,
+	0x222343,
+	0x222583,
+	0x37a0e002,
+	0x27ab07,
+	0x26e304,
+	0x26e309,
+	0x2871c4,
+	0x299fc3,
+	0x2c97c8,
+	0x37e99fc4,
+	0x299fc6,
+	0x2bc303,
+	0x23f783,
 	0x20f583,
-	0x236e03,
-	0x3b603842,
-	0x3be075c2,
-	0x399484,
-	0x262603,
-	0x308a45,
-	0x3c209c42,
-	0x3ca08102,
-	0x39f646,
-	0x2f7804,
-	0x2fd3c4,
-	0x2fd3ca,
-	0x3d2005c2,
-	0x203e83,
-	0x310f0a,
-	0x3a8488,
-	0x3d658104,
-	0x2005c3,
-	0x249bc3,
-	0x34c689,
-	0x27ddc9,
-	0x2cd806,
-	0x3da5e043,
-	0x2baf8d,
-	0x328846,
-	0x35c70b,
-	0x3de0f002,
-	0x2f9388,
-	0x42a200c2,
-	0x42e019c2,
-	0x2c0c85,
-	0x43203382,
-	0x2b2507,
-	0x2121c3,
-	0x2121c8,
-	0x43605fc2,
-	0x39ec44,
-	0x3e0643,
-	0x24b206,
-	0x2274c4,
-	0x21e703,
-	0x44a06702,
-	0x38a3c4,
-	0x2c6045,
-	0x2c6e07,
-	0x28d743,
-	0x2c7dc3,
-	0x161a742,
-	0x2c8483,
-	0x2c8803,
-	0x44e00c42,
-	0x276f44,
-	0x2408c6,
-	0x328cc3,
-	0x2c8c83,
-	0x45258e02,
-	0x258e08,
-	0x2c9a44,
-	0x204ec6,
-	0x393047,
-	0x2a2046,
-	0x2cc404,
-	0x53604842,
-	0x235b0b,
-	0x2e894e,
-	0x21fa8f,
-	0x2e1803,
-	0x53e6dc42,
-	0x161d942,
-	0x54203e42,
-	0x2a94c3,
-	0x28d243,
-	0x2bc506,
-	0x34efc6,
-	0x2d8bc7,
-	0x3835c4,
-	0x5461ee02,
-	0x54a17682,
-	0x240d85,
-	0x31a707,
-	0x2cb806,
-	0x54e78102,
-	0x38d184,
-	0x2d12c3,
-	0x55208042,
-	0x5577c743,
-	0x2d2684,
-	0x2d8149,
-	0x55adfe42,
-	0x55e19f42,
-	0x254b45,
-	0x562e0602,
-	0x56a065c2,
+	0x3830f1c2,
+	0x317442,
+	0x38600642,
+	0x343e08,
+	0x2157c8,
+	0x3c9706,
+	0x3b6e45,
+	0x230185,
+	0x349707,
+	0x38a62fc5,
+	0x216e82,
+	0x38eaca82,
+	0x39200042,
+	0x28f288,
+	0x3204c5,
+	0x309c84,
+	0x242e05,
+	0x24ad47,
+	0x3df244,
+	0x25aec2,
+	0x3963ff82,
+	0x35a8c4,
 	0x362607,
-	0x37f5cb,
-	0x216b45,
-	0x2610c9,
-	0x268b06,
-	0x56e08484,
-	0x208489,
-	0x36e507,
-	0x3e2d07,
-	0x225903,
-	0x2f9206,
-	0x352a87,
-	0x21b643,
-	0x2ab186,
-	0x5762cbc2,
-	0x57a2b342,
-	0x215703,
-	0x3ab5c5,
-	0x223b47,
-	0x241886,
-	0x39a1c5,
-	0x267804,
-	0x2b3985,
-	0x30c904,
-	0x57e04442,
-	0x2deb84,
-	0x2d1084,
-	0x3ec38d,
-	0x2d1089,
-	0x25c088,
-	0x267384,
-	0x209c05,
-	0x32b287,
-	0x3470c4,
-	0x3d5d07,
-	0x242f45,
-	0x582b7144,
-	0x2b2b85,
-	0x20c444,
-	0x3c8586,
-	0x3b6345,
-	0x58601a82,
-	0x22b303,
-	0x3018c3,
-	0x244bc4,
-	0x244bc5,
-	0x386dc6,
-	0x255d45,
-	0x2680c4,
-	0x58b0b703,
-	0x58e12686,
-	0x222705,
-	0x222bc5,
-	0x3b6444,
-	0x2fde43,
-	0x35b74c,
-	0x592c5b02,
-	0x59601742,
-	0x59a0b982,
-	0x2280c3,
-	0x2280c4,
-	0x59e0fd02,
-	0x3619c8,
-	0x227904,
-	0x396a86,
-	0x5a22d442,
-	0x5a609cc2,
-	0x5aa00b42,
-	0x28ae85,
-	0x286446,
-	0x35bc04,
-	0x232e86,
-	0x211c46,
-	0x2097c3,
-	0x5ae99c0a,
-	0x296705,
-	0x2b1fc3,
-	0x20e986,
-	0x5b20e989,
-	0x22a9c7,
-	0x3d3048,
-	0x224609,
-	0x2ba4c8,
-	0x2503c6,
-	0x208143,
-	0x5b602c82,
-	0x3adb08,
-	0x5ba54902,
-	0x5be026c2,
-	0x2335c3,
-	0x2f7305,
-	0x24c284,
-	0x245489,
-	0x238dc4,
-	0x2472c8,
-	0x5c610843,
-	0x5ca643c4,
-	0x21ed08,
-	0x5ce08f02,
-	0x23f002,
-	0x32db45,
-	0x270a09,
-	0x219c03,
-	0x319ac4,
-	0x376504,
-	0x267c43,
-	0x29190a,
-	0x5d20bdc2,
-	0x5d612ac2,
-	0x2e2943,
-	0x39c503,
-	0x1635002,
-	0x271503,
-	0x5da1dfc2,
-	0x5de0dec2,
-	0x5e292e44,
-	0x292e46,
-	0x27e5c4,
-	0x28bc83,
-	0x3d8d43,
-	0x5e706943,
-	0x24ae86,
-	0x32df05,
-	0x2e6707,
-	0x2e6646,
-	0x2e6c08,
-	0x2e6e06,
-	0x20dec4,
-	0x2abf8b,
-	0x2e9703,
-	0x2e9705,
-	0x226e42,
-	0x362902,
-	0x5ea51882,
-	0x5ee0f782,
-	0x21ee43,
-	0x5f27eec2,
-	0x27eec3,
-	0x2ea783,
-	0x5fa03b02,
-	0x5feedcc6,
-	0x29d686,
-	0x60246542,
-	0x60611402,
-	0x60a30a02,
-	0x60e05582,
-	0x6120d082,
-	0x61604342,
-	0x21a083,
-	0x3b6006,
-	0x61a22d84,
-	0x33bc86,
-	0x28d5c4,
-	0x20a383,
-	0x62603bc2,
-	0x2048c2,
-	0x2350c3,
-	0x62a127c3,
-	0x3c97c7,
-	0x3b6247,
-	0x67e582c7,
-	0x348507,
-	0x2166c3,
-	0x68277a44,
-	0x31d704,
-	0x31d70a,
-	0x3ba585,
-	0x6863b542,
-	0x261643,
-	0x68a00602,
-	0x25c743,
-	0x3c3903,
-	0x69200582,
+	0x2a0407,
+	0x387744,
+	0x3e1243,
+	0x2a5504,
+	0x2a5508,
+	0x39a3c686,
+	0x266d0a,
+	0x3af884,
+	0x2a9408,
+	0x242344,
+	0x22da06,
+	0x2aca44,
+	0x3000c6,
+	0x26e5c9,
+	0x2bba87,
+	0x3a80c3,
+	0x39e01742,
+	0x2830c3,
+	0x210682,
+	0x3a209bc2,
+	0x257c86,
+	0x28adc8,
+	0x2bd547,
+	0x317a89,
+	0x2bd709,
+	0x2bf805,
+	0x2c0d09,
+	0x2c2005,
+	0x2c3205,
+	0x2c3fc8,
+	0x3a616c44,
+	0x3aa16c47,
+	0x239803,
+	0x2c41c7,
+	0x239806,
+	0x2c4e47,
+	0x2bb585,
+	0x2390c3,
+	0x3ae30fc2,
+	0x213c04,
+	0x3b20e9c2,
+	0x3b607142,
+	0x376406,
+	0x233945,
+	0x2c7e07,
+	0x33be43,
+	0x3d6e44,
+	0x213903,
+	0x23ad43,
+	0x3ba06502,
+	0x3c202502,
+	0x399d84,
+	0x269883,
+	0x30e905,
+	0x3c613f82,
+	0x3ce04182,
+	0x3a0fc6,
+	0x304144,
+	0x310f44,
+	0x310f4a,
+	0x3d6005c2,
+	0x20f2c3,
+	0x22838a,
+	0x231a48,
+	0x3da5c204,
+	0x2005c3,
+	0x251a83,
+	0x2d1fc9,
+	0x27cfc9,
+	0x231c06,
+	0x3de0bc83,
+	0x23bb4d,
+	0x23dbc6,
+	0x2497cb,
+	0x3e20b882,
+	0x349288,
+	0x432235c2,
+	0x43603202,
+	0x2c6405,
+	0x43a040c2,
+	0x2b3307,
+	0x209a83,
+	0x214288,
+	0x43e01ac2,
+	0x32a7c4,
+	0x22cc83,
+	0x24d946,
+	0x22b9c4,
+	0x216f03,
+	0x45202382,
+	0x2fc7c4,
+	0x2cb785,
+	0x2cc787,
+	0x290943,
+	0x2cd143,
+	0x1626b42,
+	0x2cd803,
+	0x2cde03,
+	0x45600c02,
+	0x279504,
+	0x242cc6,
+	0x363983,
+	0x2ce203,
+	0x45a5cf02,
+	0x25cf08,
+	0x2cf5c4,
+	0x2206c6,
+	0x393f87,
+	0x391d06,
+	0x2c5584,
+	0x53e01782,
+	0x2396cb,
+	0x3cdfce,
+	0x222f8f,
+	0x2e0403,
+	0x546dbe82,
+	0x164f082,
+	0x54a04082,
+	0x2b6103,
 	0x3cc144,
-	0x20a1c4,
-	0x3cf585,
-	0x32c5c5,
-	0x2fd606,
-	0x3a7586,
-	0x69616602,
-	0x69a01242,
-	0x2f9bc5,
-	0x29d392,
-	0x2af9c6,
-	0x209843,
-	0x2dd486,
-	0x3d19c5,
-	0x161e7c2,
-	0x71e09f02,
-	0x209f03,
-	0x211683,
-	0x3a5bc3,
-	0x72214542,
-	0x21d343,
-	0x7261c682,
-	0x249c83,
-	0x3856c8,
-	0x25d543,
-	0x2b9886,
-	0x3e8dc7,
-	0x34d686,
-	0x34d68b,
-	0x28d507,
-	0x30b684,
-	0x72e07c42,
-	0x2ca605,
-	0x73212783,
-	0x22d043,
-	0x3c7445,
-	0x2165c3,
-	0x73a165c6,
-	0x3ddfc3,
-	0x20f0c4,
+	0x220243,
+	0x359746,
+	0x248286,
+	0x2b46c7,
+	0x390e44,
+	0x54e21342,
+	0x55232ac2,
+	0x309345,
+	0x3e4e07,
+	0x3cedc6,
+	0x5567a6c2,
+	0x390744,
+	0x2d4783,
+	0x55a0af02,
+	0x55f82443,
+	0x2d5b84,
+	0x2dbdc9,
+	0x562e3dc2,
+	0x5661c4c2,
+	0x259605,
+	0x56ae42c2,
+	0x57203e02,
+	0x3698c7,
+	0x385c8b,
+	0x218dc5,
+	0x2682c9,
+	0x26f6c6,
+	0x57609004,
+	0x379289,
+	0x377647,
+	0x393347,
+	0x237b43,
+	0x2fe046,
+	0x37ea87,
+	0x21e803,
+	0x2b93c6,
+	0x57e16202,
+	0x5820b602,
+	0x21cd43,
+	0x3aca05,
+	0x3b14c7,
+	0x248386,
+	0x39aac5,
+	0x26e284,
+	0x2ba945,
+	0x3141c4,
+	0x58609a42,
+	0x2e2544,
+	0x2d4544,
+	0x3a73cd,
+	0x2d4549,
+	0x260e88,
+	0x259884,
+	0x3ebb05,
+	0x3b80c7,
+	0x3d1184,
+	0x370c87,
+	0x22c4c5,
+	0x58abea84,
+	0x2be3c5,
+	0x58e768c4,
+	0x31a606,
+	0x3dadc5,
+	0x592032c2,
+	0x336a83,
+	0x251f83,
+	0x2459c4,
+	0x2459c5,
+	0x20d706,
+	0x38de05,
+	0x26eb44,
+	0x59713103,
+	0x59a14746,
+	0x223d05,
+	0x225845,
+	0x3daec4,
+	0x304c03,
+	0x3af90c,
+	0x59ecc882,
+	0x5a200b42,
+	0x5a612a82,
+	0x222043,
+	0x222044,
+	0x5aa0fe02,
+	0x302888,
+	0x22be04,
+	0x3301c6,
+	0x5ae24902,
+	0x5b216902,
+	0x5b603f02,
+	0x2a4a45,
+	0x300346,
+	0x238044,
+	0x2361c6,
+	0x212506,
+	0x26ac03,
+	0x5ba9d60a,
+	0x299f05,
+	0x2b98c3,
+	0x213606,
+	0x5be13609,
+	0x22e147,
+	0x3c8548,
+	0x391909,
+	0x3bfe88,
+	0x2a3c46,
+	0x20a2c3,
+	0x5c205942,
+	0x3b0148,
+	0x5c6593c2,
+	0x5ca00ec2,
+	0x2384c3,
+	0x2fc3c5,
+	0x2b1244,
+	0x2bdf89,
+	0x23ca84,
+	0x255308,
+	0x5d20b4c3,
+	0x5d66b484,
+	0x221248,
+	0x5da15142,
+	0x23d8c2,
+	0x3397c5,
+	0x3bba89,
+	0x214e43,
+	0x32eb84,
+	0x3f0484,
+	0x2202c3,
+	0x29558a,
+	0x5df9b302,
+	0x5e213a42,
+	0x2e7f43,
+	0x39d383,
+	0x161c182,
+	0x377f43,
+	0x5e62ab02,
+	0x5ea01942,
+	0x5ee30944,
+	0x296ac6,
+	0x281884,
+	0x28f0c3,
+	0x3da783,
+	0x5f30c783,
+	0x24d5c6,
+	0x339b85,
+	0x2eba87,
+	0x2eb9c6,
+	0x2ec108,
+	0x2ec306,
+	0x201944,
+	0x2b2dcb,
+	0x2eea43,
+	0x2eea45,
+	0x5f60ffc2,
+	0x369bc2,
+	0x5fa54782,
+	0x5fe0d3c2,
+	0x221383,
+	0x60282182,
+	0x282183,
+	0x2f0343,
+	0x60a067c2,
+	0x60ef3c06,
+	0x2f4005,
+	0x2b7346,
+	0x6127c082,
+	0x61611282,
+	0x61a225c2,
+	0x61e736c2,
+	0x622130c2,
+	0x62602202,
+	0x21c603,
+	0x3a9686,
+	0x62a25a04,
+	0x3b52c6,
+	0x2907c4,
+	0x2ec4c3,
+	0x63603642,
+	0x201f42,
+	0x238cc3,
+	0x63a14883,
+	0x3cec47,
+	0x3dacc7,
+	0x6965c3c7,
+	0x316147,
+	0x218943,
+	0x69a7a004,
+	0x327e04,
+	0x327e0a,
+	0x3e69c5,
+	0x69e31a82,
+	0x268843,
+	0x6a200602,
+	0x262243,
+	0x283083,
+	0x6aa00582,
+	0x28f944,
+	0x349904,
+	0x3cb645,
+	0x32bd85,
+	0x311f06,
+	0x311186,
+	0x6ae18882,
+	0x6b2025c2,
+	0x2fb405,
+	0x2b7052,
+	0x326ac6,
+	0x22a783,
+	0x22a786,
+	0x269b85,
+	0x1616fc2,
+	0x73611f42,
+	0x336783,
+	0x211f43,
+	0x2ac1c3,
+	0x73a17a02,
+	0x21fe83,
+	0x73e07982,
+	0x230983,
+	0x37b608,
+	0x248803,
+	0x248806,
+	0x3e8187,
+	0x3271c6,
+	0x3271cb,
+	0x290707,
+	0x313084,
+	0x74600e82,
+	0x3a3b45,
+	0x74a14843,
+	0x247043,
+	0x20b8c5,
+	0x218843,
+	0x75218846,
+	0x2ac403,
+	0x203584,
 	0x2003c6,
-	0x30aac6,
-	0x73e1f483,
-	0x2382c7,
-	0x34c587,
-	0x2ad945,
-	0x31cec6,
-	0x21a683,
-	0x76ac9683,
-	0x76e00a82,
-	0x7723e044,
-	0x3d5409,
-	0x218b85,
-	0x30a444,
-	0x388b08,
-	0x328b05,
-	0x7775e205,
-	0x24d489,
-	0x209583,
-	0x3d9c04,
-	0x77a0f102,
-	0x21f043,
-	0x77e78302,
-	0x278306,
-	0x162e6c2,
-	0x782135c2,
-	0x28ad88,
-	0x29e203,
-	0x2b2ac7,
-	0x2bd9c5,
-	0x2cb045,
-	0x2cb48b,
-	0x2f8f86,
-	0x2cb686,
-	0x27ea44,
-	0x215506,
-	0x786f9788,
-	0x293ec3,
-	0x26b483,
-	0x26b484,
-	0x3e5004,
-	0x2fe047,
-	0x316985,
-	0x78b1f402,
-	0x78e06582,
-	0x79606585,
-	0x298f04,
-	0x3e514b,
-	0x2fe688,
-	0x253b44,
-	0x79a58e42,
-	0x79e53ac2,
-	0x3d72c3,
-	0x2ff984,
-	0x2ffc45,
-	0x3006c7,
-	0x7a302844,
-	0x381304,
-	0x7a602782,
-	0x3885c9,
-	0x303d45,
-	0x216e05,
-	0x3045c5,
-	0x7aa02783,
-	0x244084,
-	0x24408b,
-	0x305d44,
-	0x30600b,
-	0x306885,
-	0x21fbca,
-	0x307048,
-	0x30724a,
-	0x307ac3,
-	0x307aca,
-	0x7b2189c2,
-	0x7b685042,
-	0x7baa31c3,
-	0x7bed2102,
-	0x309ec3,
-	0x7c30afc2,
-	0x7c73a282,
-	0x30c584,
-	0x220106,
-	0x232bc5,
-	0x3101c3,
-	0x3cdb06,
-	0x20ef45,
-	0x255884,
-	0x7ca00902,
-	0x2a1b84,
-	0x2e2bca,
-	0x2c5747,
-	0x3e26c6,
-	0x24eec7,
-	0x249f03,
-	0x2d26c8,
-	0x3eb80b,
-	0x2282c5,
-	0x376645,
-	0x376646,
-	0x2fd9c4,
-	0x21cb08,
-	0x207a43,
-	0x207a44,
-	0x207a47,
-	0x30b2c6,
-	0x33e886,
-	0x2d050a,
-	0x25b384,
-	0x27d94a,
-	0x7cf83846,
-	0x383847,
-	0x265f07,
-	0x2696c4,
-	0x2696c9,
-	0x220a45,
-	0x36e343,
-	0x22bcc3,
-	0x7d225f83,
-	0x298ac4,
-	0x7d600682,
-	0x2f08c6,
-	0x7dad3105,
-	0x2dd6c5,
-	0x245d86,
-	0x2c8b44,
-	0x7de01082,
-	0x245e84,
-	0x7e209942,
-	0x237a05,
-	0x3c78c4,
-	0x7f62cac3,
-	0x7fa116c2,
-	0x2116c3,
-	0x21d486,
-	0x7fe01782,
-	0x32d608,
-	0x22a844,
-	0x22a846,
-	0x39cd86,
-	0x80267784,
-	0x21fe05,
-	0x243148,
-	0x255547,
-	0x350587,
-	0x35058f,
-	0x2a50c6,
-	0x248083,
-	0x24d684,
-	0x215c83,
-	0x22a3c4,
+	0x334046,
+	0x7564acc3,
+	0x285c07,
+	0x244747,
+	0x2b54c5,
+	0x24eb06,
+	0x21cc03,
+	0x782cebc3,
+	0x78607002,
+	0x78a30704,
+	0x3f3589,
+	0x21b645,
+	0x3af684,
+	0x303a08,
+	0x23d505,
+	0x78e407c5,
+	0x24f689,
+	0x380583,
+	0x3dca84,
+	0x792035c2,
+	0x221583,
+	0x79681142,
+	0x281146,
+	0x168e5c2,
+	0x79a15882,
+	0x2a4948,
+	0x2a54c3,
+	0x2be307,
+	0x39fc85,
+	0x2fddc5,
+	0x331a0b,
+	0x2fddc6,
+	0x331c06,
+	0x24bb04,
+	0x218386,
+	0x79f00dc8,
+	0x26c0c3,
+	0x274003,
+	0x274004,
+	0x3e4d44,
+	0x304e07,
+	0x31ea05,
+	0x7a324e02,
+	0x7a608782,
+	0x7ae08785,
+	0x2e6ac4,
+	0x2e6acb,
+	0x305448,
+	0x268f84,
+	0x7b25cf42,
+	0x7b609ec2,
+	0x209ec3,
+	0x306744,
+	0x306a05,
+	0x307387,
+	0x7bb097c4,
+	0x21bd84,
+	0x7be05442,
+	0x38a3c9,
+	0x30a905,
+	0x219085,
+	0x30b185,
+	0x7c205443,
+	0x244e04,
+	0x244e0b,
+	0x30be44,
+	0x30c10b,
+	0x30c6c5,
+	0x2230ca,
+	0x30ce88,
+	0x30d08a,
+	0x30d883,
+	0x30d88a,
+	0x7ca1b482,
+	0x7ce21e42,
+	0x7d229a83,
+	0x7d6cc442,
+	0x310c43,
+	0x7db129c2,
+	0x7df42742,
+	0x313e44,
+	0x223606,
+	0x235f05,
+	0x317483,
+	0x23b886,
+	0x212c85,
+	0x235804,
+	0x7e200902,
+	0x21d784,
+	0x2e81ca,
+	0x2cb0c7,
+	0x351e86,
+	0x2516c7,
+	0x24c843,
+	0x2d5bc8,
+	0x34c64b,
+	0x226445,
+	0x3f05c5,
+	0x3f05c6,
+	0x304704,
+	0x236d08,
+	0x2221c3,
+	0x28b8c4,
+	0x3d4047,
+	0x312cc6,
+	0x346906,
+	0x2d840a,
+	0x25f6c4,
+	0x2a1a8a,
+	0x7e6f7b86,
+	0x2f7b87,
+	0x26ca87,
+	0x28db44,
+	0x28db49,
+	0x230dc5,
+	0x377483,
+	0x236883,
+	0x7ea06f83,
+	0x234344,
+	0x7ee00682,
+	0x366906,
+	0x7f2d9445,
+	0x22a9c5,
+	0x246646,
+	0x215084,
+	0x7f601a42,
+	0x246744,
+	0x7fe03b02,
+	0x379105,
+	0x230f44,
+	0x8122ea03,
+	0x81611f82,
+	0x211f83,
+	0x3bb206,
+	0x81a02fc2,
+	0x339288,
+	0x22dfc4,
+	0x22dfc6,
+	0x39dc06,
+	0x81e6e204,
+	0x220f05,
+	0x22f7c8,
+	0x230007,
+	0x286287,
+	0x28628f,
+	0x2a98c6,
+	0x247943,
+	0x249f84,
+	0x234c03,
+	0x22db44,
+	0x3a23c4,
+	0x8220b242,
+	0x2625c3,
+	0x33fc03,
+	0x82606382,
+	0x206383,
+	0x21da03,
+	0x21930a,
+	0x31cdc7,
+	0x3ae24c,
+	0x3ae506,
+	0x25dd06,
+	0x269507,
+	0x82a6ffc7,
+	0x272589,
+	0x82f65e44,
+	0x836213c2,
+	0x83a01042,
+	0x2d87c6,
+	0x285a04,
+	0x2db286,
+	0x277f48,
 	0x3acac4,
-	0x80608382,
-	0x2b76c3,
-	0x337703,
-	0x80a036c2,
-	0x2036c3,
-	0x38f1c3,
-	0x21708a,
-	0x314d47,
-	0x25cbcc,
-	0x25ce86,
-	0x25e406,
-	0x262287,
-	0x80e65507,
-	0x269d89,
-	0x81230e44,
-	0x81a1ee82,
-	0x81e033c2,
-	0x2d08c6,
-	0x2380c4,
-	0x38c746,
-	0x26cb88,
-	0x3ab684,
-	0x32ea46,
-	0x29d105,
-	0x82280408,
-	0x24e043,
-	0x282ac5,
-	0x396603,
-	0x216f03,
-	0x216f04,
-	0x215a03,
-	0x82639d02,
-	0x82a04082,
-	0x36e209,
-	0x28ac85,
-	0x28af84,
-	0x28c845,
-	0x204084,
-	0x2e43c7,
-	0x35b485,
-	0x8324a3c4,
-	0x2d1548,
-	0x2d2e86,
-	0x2d4204,
-	0x2d53c8,
-	0x83605f82,
-	0x2e7cc4,
-	0x315484,
-	0x337f87,
-	0x83a05f84,
-	0x21a542,
-	0x83e12882,
-	0x254a43,
-	0x254a44,
-	0x2ae6c3,
-	0x2bfcc5,
-	0x8420c402,
-	0x2f8dc5,
-	0x246f82,
-	0x312685,
-	0x2e15c5,
-	0x8460c582,
-	0x3819c4,
-	0x84a04942,
-	0x208d46,
-	0x25b846,
-	0x270b48,
-	0x2da1c8,
-	0x30dac4,
-	0x2fb0c5,
-	0x2ba8c9,
-	0x31fcc4,
-	0x3ed084,
-	0x224b03,
-	0x207803,
-	0x84e07805,
-	0x268285,
-	0x2800c4,
-	0x29ec82,
-	0x329e83,
-	0x85203682,
-	0x85601402,
-	0x32d0c5,
-	0x289807,
-	0x286f44,
-	0x224809,
-	0x2e2d09,
-	0x28a843,
-	0x28a848,
-	0x3917c9,
-	0x222207,
-	0x85b2e885,
-	0x354f06,
-	0x355546,
-	0x356a05,
-	0x2d1185,
-	0x85e01882,
-	0x375005,
-	0x2cf188,
-	0x2dcac6,
-	0x862d4807,
-	0x306ac4,
-	0x2bde47,
-	0x3a3946,
-	0x866088c2,
-	0x386ac6,
-	0x311d0a,
-	0x312585,
-	0x86a136c2,
-	0x86e14cc2,
-	0x27cfc6,
-	0x8729c3c7,
-	0x87601b42,
-	0x237fc3,
-	0x2f0206,
-	0x2d9fc4,
-	0x36f086,
-	0x3d51c6,
-	0x37378a,
-	0x200e05,
-	0x384046,
-	0x3c3743,
-	0x3c3744,
-	0x87a03142,
-	0x321203,
-	0x87e28102,
-	0x320e43,
-	0x88311184,
-	0x2db744,
-	0x887e954a,
-	0x229c83,
-	0x34c847,
-	0x3dcdc6,
-	0x268644,
-	0x243502,
-	0x2b5902,
-	0x88a007c2,
-	0x231403,
-	0x265cc7,
+	0x33a6c6,
+	0x2bd385,
+	0x842833c8,
+	0x250dc3,
+	0x287385,
+	0x28d283,
+	0x219183,
+	0x219184,
+	0x272983,
+	0x846291c2,
+	0x84a00e02,
+	0x377349,
+	0x2936c5,
+	0x293a44,
+	0x29f705,
+	0x20f144,
+	0x2eadc7,
+	0x3637c5,
+	0x85223984,
+	0x302308,
+	0x2cf686,
+	0x2d4a04,
+	0x2d4a08,
+	0x85601a82,
+	0x2dc104,
+	0x31d504,
+	0x354fc7,
+	0x85a01a84,
+	0x202342,
+	0x85e14942,
+	0x220203,
+	0x259504,
+	0x243a83,
+	0x396bc5,
+	0x8621e7c2,
+	0x2f93c5,
+	0x2827c2,
+	0x319cc5,
+	0x2e6805,
+	0x8662c602,
+	0x23d204,
+	0x86a075c2,
+	0x3e21c6,
+	0x212f06,
+	0x3bbbc8,
+	0x29c8c8,
+	0x376384,
+	0x300f85,
+	0x312649,
+	0x2cef44,
+	0x3effc4,
+	0x27c243,
+	0x289f03,
+	0x86e89f05,
+	0x26ed05,
+	0x29a244,
+	0x2a7382,
+	0x334a03,
+	0x87206342,
+	0x87601b82,
+	0x338d45,
+	0x28d107,
+	0x20d944,
+	0x391b09,
+	0x2e8309,
+	0x28e403,
+	0x28e408,
+	0x2ab4c9,
+	0x3d3b47,
+	0x87b3a505,
+	0x35d3c6,
+	0x35da06,
+	0x35eec5,
+	0x2d4645,
+	0x87e02802,
+	0x202805,
+	0x2e0788,
+	0x2e1306,
+	0x8830c907,
+	0x3ae8c4,
+	0x2df487,
+	0x3a8246,
+	0x88609202,
+	0x20d406,
+	0x31934a,
+	0x319bc5,
+	0x88a15982,
+	0x88e37dc2,
+	0x27fe06,
+	0x892a05c7,
+	0x89603382,
+	0x221e83,
+	0x3f38c6,
+	0x2de1c4,
+	0x253846,
+	0x324bc6,
+	0x20184a,
+	0x336e05,
+	0x3c7b06,
+	0x3c8703,
+	0x3c8704,
+	0x89a05e02,
+	0x32c003,
+	0x89e22082,
+	0x32bc83,
+	0x8a228604,
+	0x2dfc04,
+	0x8a7b188a,
+	0x219d83,
+	0x387c47,
+	0x3de4c6,
+	0x328b44,
+	0x2372c2,
+	0x2184c2,
+	0x8aa007c2,
+	0x2ef983,
+	0x26c847,
 	0x2007c7,
-	0x297f84,
-	0x2fcd07,
-	0x3007c6,
-	0x237207,
-	0x227cc4,
-	0x221705,
-	0x201985,
-	0x88e15642,
-	0x21a706,
-	0x226243,
-	0x228882,
-	0x228886,
-	0x89227202,
-	0x89608ec2,
-	0x220d05,
-	0x89a01c82,
-	0x89e00fc2,
-	0x398085,
-	0x2e9a45,
-	0x30c185,
-	0x8a66e003,
-	0x224e45,
-	0x2f9047,
-	0x2b6985,
-	0x200fc5,
-	0x277944,
-	0x328986,
-	0x24c344,
-	0x8aa008c2,
-	0x8b6dc005,
-	0x213b47,
-	0x20f2c8,
-	0x278606,
-	0x27860d,
-	0x27db89,
-	0x27db92,
-	0x333505,
-	0x33e543,
-	0x8ba10702,
-	0x31be44,
-	0x3288c3,
-	0x3888c5,
-	0x3dfac5,
-	0x8be6ca02,
-	0x26ca03,
-	0x8c231342,
-	0x8ca27442,
-	0x8ce00082,
-	0x219645,
-	0x3a6d43,
-	0x8d205182,
-	0x8d609e42,
-	0x3cc106,
-	0x27988a,
-	0x24e2c3,
-	0x244b43,
-	0x2f1c43,
-	0x8f201b02,
-	0x9da55202,
-	0x9e20d682,
-	0x204c02,
-	0x329c89,
-	0x2df244,
-	0x2eb948,
-	0x9e708602,
-	0x9ee08602,
-	0x35f645,
-	0x23fa48,
-	0x23b2c8,
-	0x30010c,
-	0x2450c3,
-	0x9f273ec2,
-	0x9f612182,
-	0x38c146,
-	0x313dc5,
-	0x2eef43,
-	0x256186,
-	0x313f06,
-	0x24f243,
-	0x3153c3,
-	0x315806,
-	0x317284,
-	0x26f646,
-	0x240fc4,
-	0x317944,
-	0x318c4a,
-	0x9fa52ec2,
-	0x25d945,
-	0x31a20a,
-	0x31a145,
-	0x31b804,
-	0x31b906,
-	0x31ba84,
-	0x21f306,
-	0x9fe08902,
-	0x21a246,
-	0x23ab05,
-	0x3c35c7,
-	0x3cb1c6,
-	0x262484,
-	0x2ef1c7,
-	0x224045,
-	0x323447,
-	0x21e087,
-	0x21e08e,
-	0x28cf06,
-	0x3266c5,
-	0x205ec7,
-	0x3d9cc7,
-	0x211845,
-	0x213e04,
-	0x325f42,
-	0x24bb47,
-	0x287304,
-	0x249b04,
-	0x2d77cb,
-	0xa0225103,
-	0x307f07,
-	0x225104,
-	0x308207,
-	0x22f403,
-	0x34de8d,
-	0x31dc88,
-	0xa06348c4,
-	0x24a2c5,
-	0x31e145,
-	0x31e583,
-	0xa0a2a742,
-	0x3211c3,
-	0x321743,
-	0x213704,
-	0x2262c5,
-	0x2263c7,
-	0x3c37c6,
-	0x39ab03,
-	0x22b7cb,
-	0x27114b,
-	0x2b6d8b,
-	0x2bbb4b,
-	0x2c858a,
-	0x2dcc8b,
-	0x2f9e0b,
-	0x31418c,
-	0x317d4b,
-	0x363911,
-	0x37848a,
-	0x3bbfcb,
-	0x3ee8cc,
-	0x322a0b,
-	0x32370a,
-	0x323d8a,
-	0x324c0e,
-	0x32520b,
-	0x3254ca,
-	0x326d51,
-	0x32718a,
-	0x32768b,
-	0x327bce,
-	0x329f4c,
-	0x32a3cb,
-	0x32a68e,
-	0x32aa0c,
-	0x32b94a,
-	0x32ca8c,
-	0xa0f2d80a,
-	0x32e048,
-	0x32f4c9,
-	0x3336ca,
-	0x33394a,
-	0x333bcb,
-	0x336e8e,
-	0x3379d1,
-	0x340f89,
-	0x3411ca,
-	0x341dcb,
-	0x34328d,
-	0x34410a,
-	0x344756,
-	0x345acb,
-	0x34748a,
-	0x347dca,
-	0x34980b,
-	0x34b3c9,
-	0x34e809,
-	0x34f3cd,
-	0x350e0b,
-	0x3526cb,
-	0x353309,
-	0x35394e,
-	0x353f8a,
-	0x354cca,
-	0x35530a,
-	0x355a0b,
-	0x35624b,
-	0x35784d,
-	0x35af8d,
-	0x35cc90,
-	0x35d14b,
-	0x35e34c,
-	0x35fc0b,
-	0x36210b,
-	0x36548e,
-	0x36614b,
-	0x36614d,
-	0x36b54b,
-	0x36bfcf,
-	0x36c38b,
-	0x36d08a,
-	0x36e789,
-	0x370b09,
-	0xa1370e8b,
-	0x37114e,
-	0x3714ce,
-	0x37628b,
-	0x37704f,
-	0x379e4b,
-	0x37a10b,
-	0x37a3ca,
-	0x37f1c9,
-	0x38248f,
-	0x38b98c,
-	0x38cbcc,
-	0x38dace,
-	0x38e28f,
-	0x38e64e,
-	0x38f2d0,
-	0x38f6cf,
-	0x390b4e,
-	0x391bcc,
-	0x391ed1,
-	0x392312,
-	0x392bd1,
-	0x39320e,
-	0x393a4b,
-	0x393a4e,
-	0x393dcf,
-	0x39418e,
-	0x394510,
-	0x394913,
-	0x394dd1,
-	0x39520c,
-	0x39550e,
-	0x39598c,
-	0x395ed3,
-	0x396c10,
-	0x39708c,
-	0x39738c,
-	0x397c4b,
-	0x39908e,
-	0x39958b,
-	0x399ccb,
-	0x39ad0c,
-	0x3a0d8a,
-	0x3a18cc,
-	0x3a1bcc,
-	0x3a1ec9,
-	0x3a430b,
-	0x3a45c8,
-	0x3a4d89,
-	0x3a4d8f,
-	0x3a664b,
-	0xa17a894a,
-	0x3a9f0c,
-	0x3aae4b,
-	0xa1bab109,
-	0x3abbc8,
-	0x3abf8b,
-	0x3ace8a,
-	0x3ad10a,
-	0x3ad38b,
-	0x3ad88c,
-	0x3ae8c9,
-	0x3aeb08,
-	0x3b17cb,
-	0x3b598b,
-	0x3b898e,
-	0x3ba1cb,
-	0x3bb94b,
-	0x3c79cb,
-	0x3c7c89,
-	0x3c88cd,
-	0x3dedca,
-	0x3e39d7,
-	0x3e4658,
-	0x3e77c9,
-	0x3e8a0b,
-	0x3e9994,
-	0x3e9e8b,
-	0x3ea40a,
-	0x3eafca,
-	0x3eb24b,
-	0x3ec790,
-	0x3ecb91,
-	0x3ed18a,
-	0x3edecd,
-	0x3ee5cd,
-	0x3efa8b,
-	0x21a803,
-	0xa1e02843,
-	0x2181c6,
-	0x3d2985,
-	0x2eaf47,
-	0x2c2006,
-	0xa2209302,
-	0x2700c9,
-	0x237744,
-	0x2f7d08,
-	0x225ec3,
-	0x31bd87,
-	0xa2601c42,
-	0x2c2543,
-	0xa2a04182,
-	0x2e3786,
-	0x2e4d84,
-	0x2efc44,
-	0x2021c3,
-	0xa32e0642,
-	0xa3632284,
-	0x269607,
-	0xa3a32642,
-	0x229f43,
-	0x224d03,
-	0x2e9c43,
-	0x219c03,
-	0x2127c3,
-	0x21f483,
-	0x10bb08,
-	0x20bc03,
+	0x29b784,
+	0x220d87,
+	0x307486,
+	0x23b147,
+	0x21dc44,
+	0x223f05,
+	0x2031c5,
+	0x8ae09b02,
+	0x226b06,
+	0x22b203,
+	0x231282,
+	0x231286,
+	0x8b229b42,
+	0x8b649902,
+	0x254905,
+	0x8ba021c2,
+	0x8be019c2,
+	0x398c45,
+	0x2eed85,
+	0x313b85,
+	0x8c673143,
+	0x2f2505,
+	0x2fde87,
+	0x2bb945,
+	0x336fc5,
+	0x279f04,
+	0x240646,
+	0x253004,
+	0x8ca008c2,
+	0x8d6d0e85,
+	0x215e07,
+	0x203788,
+	0x27b8c6,
+	0x27b8cd,
+	0x27cd89,
+	0x27cd92,
+	0x33c805,
+	0x3465c3,
+	0x8da0ea02,
+	0x3247c4,
+	0x23dc43,
+	0x38a6c5,
+	0x31a945,
+	0x8de2ccc2,
+	0x272503,
+	0x8e25c442,
+	0x8ea2b942,
+	0x8ee00082,
+	0x3f4005,
+	0x3a81c3,
+	0x8f20dfc2,
+	0x8f60ba42,
+	0x28f906,
+	0x26b54a,
+	0x22a743,
+	0x245943,
+	0x2ed243,
+	0x91203342,
+	0x9fa096c2,
+	0xa0203b42,
+	0x207882,
+	0x334809,
+	0x2e31c4,
+	0x283dc8,
+	0xa0627e42,
+	0xa0e01102,
+	0x271dc5,
+	0x241e48,
+	0x24d048,
+	0x2f29cc,
+	0x246143,
+	0xa1276282,
+	0xa160b382,
+	0x2dac86,
+	0x31be45,
+	0x2f4e83,
+	0x26aa06,
+	0x31bf86,
+	0x251a43,
+	0x31d443,
+	0x31d886,
+	0x31f304,
+	0x2637c6,
+	0x3afc04,
+	0x31f9c4,
+	0x32134a,
+	0xa1a561c2,
+	0x2647c5,
+	0x32290a,
+	0x322845,
+	0x323904,
+	0x323a06,
+	0x323b84,
+	0x221846,
+	0xa1e02402,
+	0x21c7c6,
+	0x325785,
+	0x3c7987,
+	0x3d0286,
+	0x269704,
+	0x2f5107,
+	0x20d445,
+	0x2477c7,
+	0x22abc7,
+	0x22abce,
+	0x290106,
+	0x248b85,
+	0x2080c7,
+	0x3dcb47,
+	0x212105,
+	0x2152c4,
+	0x333502,
+	0x28ac87,
+	0x28d304,
+	0x260644,
+	0x2d568b,
+	0xa22270c3,
+	0x30dcc7,
+	0x2270c4,
+	0x30dfc7,
+	0x224303,
+	0x35680d,
+	0x328848,
+	0xa2656bc4,
+	0x256bc5,
+	0x3e1685,
+	0x329083,
+	0xa2a2dec2,
+	0x32bfc3,
+	0x32c803,
+	0x2159c4,
+	0x226c85,
+	0x226d87,
+	0x3c8786,
+	0x39b403,
+	0x2313cb,
+	0x377b8b,
+	0x2b87cb,
+	0x2c144b,
+	0x2c1d8a,
+	0x3cce4b,
+	0x3012cb,
+	0x31c20c,
+	0x31fdcb,
+	0x36a851,
+	0x37e70a,
+	0x3c120b,
+	0x3f1dcc,
+	0x32d34b,
+	0x32e2ca,
+	0x32e94a,
+	0x32fd0e,
+	0x33034b,
+	0x33060a,
+	0x331d91,
+	0x3321ca,
+	0x3326cb,
+	0x332c0e,
+	0x334acc,
+	0x334f4b,
+	0x33520e,
+	0x33558c,
+	0x33750a,
+	0x33870c,
+	0xa2f3948a,
+	0x339cc8,
+	0x33a989,
+	0x33c9ca,
+	0x33cc4a,
+	0x33cecb,
+	0x33f38e,
+	0x33fed1,
+	0x34a749,
+	0x34a98a,
+	0x34b6cb,
+	0x34cd4d,
+	0x34dbca,
+	0x34e396,
+	0x34f70b,
+	0x350b8a,
+	0x3514ca,
+	0x35250b,
+	0x353f89,
+	0x357189,
+	0x358b0d,
+	0x35994b,
+	0x35b40b,
+	0x35b8c9,
+	0x35bf0e,
+	0x35c54a,
+	0x35d18a,
+	0x35d7ca,
+	0x35decb,
+	0x35e70b,
+	0x35f98d,
+	0x36130d,
+	0x362e90,
+	0x36334b,
+	0x363e4c,
+	0x36514b,
+	0x3693cb,
+	0x36ce0e,
+	0x36e0cb,
+	0x36e0cd,
+	0x3745cb,
+	0x37504f,
+	0x37540b,
+	0x375dca,
+	0x377889,
+	0x37a2c9,
+	0xa337a64b,
+	0x37a90e,
+	0x37ac8e,
+	0x37c54b,
+	0x37d2cf,
+	0x38078b,
+	0x380a4b,
+	0x380d0a,
+	0x385889,
+	0x38820f,
+	0x38d40c,
+	0x38d9cc,
+	0x38e94e,
+	0x38ef8f,
+	0x38f34e,
+	0x38fd10,
+	0x39010f,
+	0x39110e,
+	0x391fcc,
+	0x3922d1,
+	0x392712,
+	0x393b11,
+	0x39414e,
+	0x39498b,
+	0x39498e,
+	0x394d0f,
+	0x3950ce,
+	0x395450,
+	0x395853,
+	0x395d11,
+	0x39614c,
+	0x39644e,
+	0x3968cc,
+	0x396d13,
+	0x3977d0,
+	0x397c4c,
+	0x397f4c,
+	0x39880b,
+	0x39998e,
+	0x399e8b,
+	0x39a5cb,
+	0x39bc8c,
+	0x3a280a,
+	0x3a2c4c,
+	0x3a2f4c,
+	0x3a3249,
+	0x3a560b,
+	0x3a58c8,
+	0x3a6089,
+	0x3a608f,
+	0x3a7acb,
+	0xa37a890a,
+	0x3ab34c,
+	0x3ac28b,
+	0xa3bac549,
+	0x3ad1c8,
+	0x3ad58b,
+	0x3aee0a,
+	0x3af08a,
+	0x3af30b,
+	0x3afecc,
+	0x3b1b09,
+	0x3b1d48,
+	0x3b464b,
+	0x3b6f8b,
+	0x3bcd0e,
+	0x3be20b,
+	0x3c0b8b,
+	0x3cc50b,
+	0x3cc7c9,
+	0x3cd3cd,
+	0x3dfeca,
+	0x3e3357,
+	0x3e4398,
+	0x3e6b89,
+	0x3e7dcb,
+	0x3ed6d4,
+	0x3edbcb,
+	0x3ee14a,
+	0x3eed0a,
+	0x3eef8b,
+	0x3ef6d0,
+	0x3efad1,
+	0x3f00ca,
+	0x3f13cd,
+	0x3f1acd,
+	0x3f328b,
+	0x226c03,
+	0xa3e05503,
+	0x21a846,
+	0x209545,
+	0x2f0b07,
+	0x2c6b06,
+	0xa420b2c2,
+	0x2c0209,
+	0x23b684,
+	0x2fcdc8,
+	0x206ec3,
+	0x324707,
+	0xa4603482,
+	0x2c7e43,
+	0xa4a079c2,
+	0x2e8dc6,
+	0x2e9b84,
+	0x230ac4,
+	0x204e83,
+	0xa52e4302,
+	0xa562fd04,
+	0x28da87,
+	0xa5a371c2,
+	0x21a043,
+	0x358c3,
+	0x226783,
+	0x20f583,
+	0x214e43,
+	0x214883,
+	0x24acc3,
+	0x113508,
+	0x208c43,
 	0x2000c2,
-	0x7ffc8,
-	0x205842,
-	0x2e9c43,
-	0x219c03,
-	0x2127c3,
-	0xbc03,
-	0x21f483,
-	0x217083,
-	0x33d716,
-	0x369b53,
-	0x2fcb89,
-	0x285588,
-	0x2ca489,
-	0x31a386,
-	0x351bd0,
-	0x3eba93,
-	0x30b388,
-	0x28bd87,
-	0x28de87,
-	0x2b36ca,
-	0x354849,
-	0x335dc9,
-	0x29f80b,
-	0x340886,
-	0x32aeca,
-	0x229146,
-	0x2361c3,
-	0x26d285,
-	0x3d5608,
-	0x290e4d,
-	0x3468cc,
-	0x23a7c7,
-	0x3a728d,
-	0x243244,
-	0x23b4ca,
-	0x23c84a,
-	0x23cd0a,
-	0x205847,
-	0x248547,
-	0x24ba84,
-	0x27f786,
-	0x384a84,
-	0x224d08,
-	0x238e09,
-	0x308d86,
-	0x308d88,
-	0x24fa4d,
-	0x2e2f49,
-	0x315d88,
-	0x216d87,
-	0x220f4a,
-	0x2bf046,
-	0x33ed44,
-	0x211e87,
-	0x2f0aca,
-	0x23cf4e,
-	0x28a905,
-	0x29bf4b,
-	0x231149,
-	0x27ddc9,
-	0x2b2347,
-	0x3da84a,
-	0x2f5547,
-	0x2e8a89,
-	0x346d88,
-	0x37078b,
-	0x2f7305,
-	0x25bf4a,
-	0x2307c9,
-	0x38638a,
-	0x3efd8b,
-	0x211d8b,
-	0x29f595,
-	0x2d8345,
-	0x216e05,
-	0x24408a,
-	0x2722ca,
-	0x32ee87,
-	0x216e43,
-	0x2d0848,
-	0x2ece4a,
-	0x22a846,
-	0x266949,
-	0x280408,
-	0x2d4204,
-	0x395c89,
-	0x2da1c8,
-	0x2d9e47,
-	0x2dc006,
-	0x213b47,
-	0x3a2947,
-	0x24ac85,
-	0x2b7f0c,
-	0x24a2c5,
-	0x229f43,
-	0x224d03,
-	0x2e9c43,
-	0x2127c3,
-	0xbc03,
-	0x21f483,
-	0x205842,
-	0x229f43,
-	0x2127c3,
-	0x20bc03,
-	0x21f483,
-	0x229f43,
-	0x2127c3,
-	0xbc03,
-	0x25d543,
-	0x21f483,
-	0x1df183,
-	0x7ffc8,
-	0x229f43,
-	0x224d03,
-	0x2e9c43,
-	0x219c03,
-	0x2127c3,
-	0xbc03,
-	0x21f483,
-	0x7ffc8,
-	0x205842,
-	0x229f43,
-	0x234f87,
-	0x98704,
-	0x2127c3,
-	0x37344,
-	0x21f483,
-	0xef45,
-	0x205842,
-	0x201902,
-	0x30b602,
-	0x205fc2,
-	0x202a42,
-	0x229ac2,
-	0x164ca,
-	0x14244b,
-	0x5b547,
-	0x1b8586,
-	0xa1606,
-	0x60209,
-	0xebb49,
-	0x1a3dc7,
-	0x15b4e8a,
-	0x1314e,
-	0x10ad89,
-	0x482cac3,
-	0x98307,
-	0x149c86,
-	0x5ec3,
-	0x11d6c5,
+	0x1c3448,
+	0x20b642,
+	0x20f583,
+	0x214e43,
+	0x214883,
+	0x24acc3,
+	0x219303,
+	0x345796,
+	0x373113,
+	0x220c09,
+	0x2848c8,
+	0x3a39c9,
+	0x322a86,
+	0x35a910,
+	0x3d24d3,
+	0x312d88,
+	0x291087,
+	0x29ba47,
+	0x2ba68a,
+	0x3b95c9,
+	0x336809,
+	0x265a0b,
+	0x35ca86,
+	0x335a4a,
+	0x22d286,
+	0x23a103,
+	0x27aa45,
+	0x213cc8,
+	0x29464d,
+	0x2ffe8c,
+	0x325447,
+	0x3bc70d,
+	0x22f8c4,
+	0x23e08a,
+	0x23fb4a,
+	0x24000a,
+	0x2ae887,
+	0x249c47,
+	0x24e084,
+	0x282a46,
+	0x325944,
+	0x226788,
+	0x23cac9,
+	0x3171c6,
+	0x3171c8,
+	0x25248d,
+	0x2e8549,
+	0x31de08,
+	0x219007,
+	0x254b4a,
+	0x2c48c6,
+	0x3766c4,
+	0x212747,
+	0x366b0a,
+	0x3ee84e,
+	0x262fc5,
+	0x2a014b,
+	0x2ef6c9,
+	0x27cfc9,
+	0x2098c7,
+	0x2098ca,
+	0x36df07,
+	0x3ce109,
+	0x233e08,
+	0x20bc0b,
+	0x2fc3c5,
+	0x260d4a,
+	0x222389,
+	0x370e0a,
+	0x20700b,
+	0x21264b,
+	0x265795,
+	0x2dbfc5,
+	0x219085,
+	0x244e0a,
+	0x27468a,
+	0x36f207,
+	0x2190c3,
+	0x2d8748,
+	0x2f2d4a,
+	0x22dfc6,
+	0x271ec9,
+	0x2833c8,
+	0x2d4a04,
+	0x28e189,
+	0x29c8c8,
+	0x2de047,
+	0x2d0e86,
+	0x215e07,
+	0x2cfb07,
+	0x24d3c5,
+	0x262e0c,
+	0x256bc5,
+	0x21a043,
+	0x226783,
+	0x20f583,
+	0x214883,
+	0x24acc3,
+	0x20b642,
+	0x21a043,
+	0x214883,
+	0x208c43,
+	0x24acc3,
+	0x21a043,
+	0x214883,
+	0x248803,
+	0x24acc3,
+	0x1e0283,
+	0x1c3448,
+	0x21a043,
+	0x226783,
+	0x20f583,
+	0x214e43,
+	0x214883,
+	0x24acc3,
+	0x1c3448,
+	0x20b642,
+	0x21a043,
+	0x238b87,
+	0x33f84,
+	0x214883,
+	0x3b284,
+	0x24acc3,
+	0x12c85,
+	0x20b642,
+	0x203142,
+	0x313002,
+	0x201ac2,
+	0x203cc2,
+	0x20ea82,
+	0x1874a,
+	0x12c105,
+	0x12c10a,
+	0x152aa49,
+	0x14bd4b,
+	0x5f887,
+	0x1bc3c6,
+	0xa5286,
+	0x67409,
+	0x12b1c7,
+	0x3504,
+	0x14a150a,
+	0x1540e,
+	0x134309,
+	0x482ea03,
+	0x9e747,
+	0x152986,
+	0xf83,
+	0x127dc5,
 	0xc1,
-	0x5229f43,
-	0x224d03,
-	0x28c6c3,
-	0x2e9c43,
-	0x25e043,
-	0x219c03,
-	0x2ee0c6,
-	0x2127c3,
-	0x21f483,
-	0x236f03,
-	0x7ffc8,
-	0x20a944,
-	0x264187,
-	0x202203,
-	0x261a44,
-	0x225f43,
-	0x2455c3,
-	0x2e9c43,
-	0xf1a47,
-	0x9c4,
-	0x14c3,
-	0x172f85,
+	0x521a043,
+	0x226783,
+	0x204703,
+	0x20f583,
+	0x20bc83,
+	0x214e43,
+	0x2f4006,
+	0x214883,
+	0x24acc3,
+	0x23ae43,
+	0x1c3448,
+	0x200984,
+	0x26b247,
+	0x204ec3,
+	0x271984,
+	0x206f43,
+	0x209943,
+	0x20f583,
+	0xf5d87,
+	0x1bfd04,
+	0x2d03,
+	0x1bee85,
 	0x66000c2,
-	0x58843,
-	0x6a05842,
-	0x6e96109,
-	0x709b3c9,
-	0x9b80d,
-	0x9bb4d,
-	0x30b602,
-	0x58104,
-	0x172fc9,
+	0xbec3,
+	0x6a0b642,
+	0x6e99909,
+	0x709f509,
+	0x9fa0d,
+	0x9fd4d,
+	0x313002,
+	0x5c204,
+	0x1beec9,
+	0x10210c,
 	0x2003c2,
-	0x7658008,
-	0x105744,
-	0x320a03,
-	0x7ffc8,
-	0x87304,
-	0x14076c2,
+	0x765c108,
+	0x10b844,
+	0x32b843,
+	0x1c3448,
+	0x8d304,
+	0x1419002,
 	0x14005c2,
-	0x14076c2,
-	0x1517b46,
-	0x23d9c3,
-	0x2c9ec3,
-	0x7e29f43,
-	0x23b4c4,
-	0x8624d03,
-	0x8ee9c43,
-	0x203842,
-	0x258104,
-	0x2127c3,
-	0x239503,
-	0x200f82,
-	0x21f483,
-	0x222402,
-	0x30bd83,
-	0x201782,
-	0x2b32c3,
-	0x221943,
-	0x205242,
-	0x7ffc8,
-	0x829db89,
-	0x22003,
-	0x23d9c3,
-	0x3d7348,
-	0x8a39503,
-	0x200f82,
-	0x30bd83,
-	0x201782,
-	0x2b32c3,
-	0x221943,
-	0x205242,
-	0x25ce87,
-	0x30bd83,
-	0x201782,
-	0x2b32c3,
-	0x221943,
-	0x205242,
-	0x229f43,
-	0x2b82,
-	0x24dc3,
-	0x3642,
-	0x6cc2,
-	0x4682,
-	0x2c82,
-	0x1b02,
-	0x2842,
-	0x258843,
-	0x229f43,
-	0x224d03,
-	0x2e9c43,
-	0x258104,
-	0x25e043,
-	0x219c03,
-	0x222d84,
-	0x2127c3,
-	0x21f483,
-	0x202082,
-	0x202783,
-	0x7ffc8,
-	0x229f43,
-	0x224d03,
-	0x2e9c43,
-	0x219c03,
-	0x2127c3,
-	0x21f483,
-	0x9a03,
-	0x1c682,
-	0x258843,
-	0x205842,
-	0x229f43,
-	0x224d03,
-	0x2e9c43,
-	0x258104,
-	0x2127c3,
-	0x21f483,
-	0x32e885,
-	0x26ca02,
+	0x1419002,
+	0x151fbc6,
+	0x2405c3,
+	0x2507c3,
+	0x7e1a043,
+	0x23e084,
+	0x8626783,
+	0x8e0f583,
+	0x206502,
+	0x25c204,
+	0x214883,
+	0x2100c3,
+	0x201802,
+	0x24acc3,
+	0x225542,
+	0x313783,
+	0x202fc2,
+	0x201683,
+	0x224e43,
+	0x20d442,
+	0x1c3448,
+	0x82a2449,
+	0x10210c,
+	0x29083,
+	0x2405c3,
+	0x21ff08,
+	0x8a100c3,
+	0x201802,
+	0x313783,
+	0x202fc2,
+	0x201683,
+	0x224e43,
+	0x20d442,
+	0x3ae507,
+	0x313783,
+	0x202fc2,
+	0x201683,
+	0x224e43,
+	0x20d442,
+	0x21a043,
+	0x2742,
+	0x13cc3,
+	0x1b42,
+	0xa842,
+	0x1c82,
+	0x5942,
+	0x3342,
+	0x5502,
+	0x20bec3,
+	0x21a043,
+	0x226783,
+	0x20f583,
+	0x25c204,
+	0x20bc83,
+	0x214e43,
+	0x225a04,
+	0x214883,
+	0x24acc3,
+	0x204d42,
+	0x205443,
+	0x1c3448,
+	0x21a043,
+	0x226783,
+	0x20f583,
+	0x214e43,
+	0x214883,
+	0x24acc3,
+	0x1a42,
+	0xc503,
+	0x7982,
+	0x20bec3,
+	0x20b642,
+	0x21a043,
+	0x226783,
+	0x20f583,
+	0x25c204,
+	0x214883,
+	0x24acc3,
+	0x33a505,
+	0x22ccc2,
 	0x2000c2,
-	0x7ffc8,
-	0xaeba692,
-	0xb2d6d88,
-	0x1475dc8,
-	0x3424a,
-	0x2cc5,
-	0x2707,
-	0x2e9c43,
-	0x228ac1,
+	0x1c3448,
+	0xaf12412,
+	0xb2d9f88,
+	0x10210c,
+	0x1470708,
+	0x16b8a,
+	0x5985,
+	0x53c7,
+	0x20f583,
+	0x201601,
 	0x2009c1,
+	0x202d01,
+	0x201501,
+	0x200a41,
+	0x22d881,
 	0x200a01,
-	0x201101,
-	0x200dc1,
-	0x218341,
-	0x202281,
-	0x202f81,
-	0x249081,
+	0x205c41,
+	0x24a501,
 	0x200001,
 	0x2000c1,
 	0x200201,
-	0x145d45,
-	0x7ffc8,
+	0x14f985,
+	0x1c3448,
 	0x200101,
-	0x200d01,
+	0x200cc1,
 	0x200501,
-	0x200c01,
+	0x200bc1,
 	0x200041,
 	0x200801,
 	0x200181,
-	0x200c41,
+	0x200c01,
 	0x200701,
 	0x2004c1,
-	0x200b41,
+	0x200ec1,
 	0x200581,
 	0x2003c1,
-	0x200a81,
-	0x205601,
+	0x2015c1,
+	0x207a81,
 	0x200401,
 	0x200741,
 	0x2007c1,
 	0x200081,
-	0x204c01,
-	0x205241,
-	0x201541,
-	0x201c41,
-	0x201b81,
-	0x229f43,
-	0x224d03,
-	0x2e9c43,
-	0x2127c3,
-	0x21f483,
-	0x205842,
-	0x229f43,
-	0x224d03,
+	0x201101,
+	0x200f81,
+	0x202d81,
+	0x203481,
+	0x2033c1,
+	0x21a043,
+	0x226783,
+	0x20f583,
+	0x214883,
+	0x24acc3,
+	0x20b642,
+	0x21a043,
+	0x226783,
 	0x2003c2,
-	0x21f483,
-	0xf1a47,
-	0x84447,
-	0x332c6,
-	0x46aca,
-	0x9a808,
-	0x64f08,
-	0x65bc7,
-	0xc3184,
-	0x71506,
-	0xf58c5,
-	0xcab05,
-	0xb0e03,
-	0x18a46,
-	0x5b646,
-	0x29f804,
-	0x334f47,
-	0x7ffc8,
-	0x2ef2c4,
-	0x229f43,
-	0x224d03,
-	0x2e9c43,
-	0x2127c3,
-	0x21f483,
-	0x5842,
-	0x229f43,
-	0x224d03,
-	0x2e9c43,
-	0x2127c3,
-	0x21f483,
-	0x32da08,
-	0x209f84,
-	0x23a844,
-	0x2045c4,
-	0x38c047,
-	0x2ec207,
-	0x229f43,
-	0x24128b,
-	0x3b154a,
-	0x34a2c7,
-	0x3e4448,
-	0x220208,
-	0x224d03,
-	0x2886c7,
-	0x28c6c3,
-	0x214688,
-	0x22f089,
-	0x258104,
-	0x25e043,
-	0x247608,
-	0x219c03,
-	0x2e984a,
-	0x2ee0c6,
-	0x33bc87,
-	0x2127c3,
-	0x30eec6,
-	0x3c0848,
-	0x21f483,
-	0x25a6c6,
-	0x2fe8cd,
-	0x300408,
-	0x305d4b,
-	0x20e0c6,
-	0x385887,
-	0x22ab45,
-	0x2b904a,
-	0x22b685,
-	0x26818a,
-	0x26ca02,
-	0x205ec3,
-	0x249b04,
+	0x24acc3,
+	0xf5d87,
+	0x89207,
+	0x38286,
+	0x473ca,
+	0x9e208,
+	0x6bd08,
+	0x6c747,
+	0xc8b04,
+	0x177f46,
+	0xfaf05,
+	0x1a4045,
+	0xb8743,
+	0x1b506,
+	0x5f986,
+	0x265a04,
+	0x33e2c7,
+	0x1c3448,
+	0x2eef84,
+	0x21a043,
+	0x226783,
+	0x20f583,
+	0x214883,
+	0x24acc3,
+	0xb642,
+	0x21a043,
+	0x226783,
+	0x20f583,
+	0x214883,
+	0x24acc3,
+	0x339688,
+	0x3496c4,
+	0x241004,
+	0x211d44,
+	0x2dab87,
+	0x2f1a07,
+	0x21a043,
+	0x24354b,
+	0x3b43ca,
+	0x3a9b07,
+	0x3f11c8,
+	0x21e908,
+	0x226783,
+	0x33ba07,
+	0x204703,
+	0x217b48,
+	0x225d89,
+	0x25c204,
+	0x20bc83,
+	0x297b48,
+	0x214e43,
+	0x2eeb8a,
+	0x2f4006,
+	0x3b52c7,
+	0x214883,
+	0x2fe146,
+	0x3e4088,
+	0x24acc3,
+	0x25e906,
+	0x30568d,
+	0x3070c8,
+	0x30be4b,
+	0x30f646,
+	0x20d847,
+	0x223305,
+	0x3e890a,
+	0x365905,
+	0x26ec0a,
+	0x22ccc2,
+	0x200f83,
+	0x260644,
 	0x200006,
-	0x3bf783,
-	0x2a1c03,
-	0x289e03,
-	0x209f83,
-	0x20c083,
-	0x203742,
-	0x38bd85,
-	0x2b9dc9,
-	0x202043,
-	0x24b303,
-	0x2030c3,
-	0x219243,
+	0x3c3043,
+	0x2b3c83,
+	0x2332c3,
+	0x23ac83,
+	0x3ec3c3,
+	0x201902,
+	0x3a52c5,
+	0x2bfbc9,
+	0x204d03,
+	0x24da43,
+	0x205d83,
+	0x20cb03,
 	0x200201,
-	0x31fa87,
-	0x219385,
-	0x3c5943,
-	0x269183,
-	0x3ef083,
-	0x2045c4,
-	0x383d43,
-	0x2120c8,
-	0x36e9c3,
-	0x31484d,
-	0x28cfc8,
-	0x3d7506,
-	0x2f77c3,
-	0x366443,
-	0x39afc3,
-	0xde29f43,
-	0x23dc08,
-	0x241284,
-	0x248c03,
-	0x24c883,
+	0x2ced07,
+	0x2f2345,
+	0x3ca803,
+	0x262603,
+	0x3f2583,
+	0x211d44,
+	0x33be83,
+	0x214188,
+	0x377ac3,
+	0x31c8cd,
+	0x2901c8,
+	0x2200c6,
+	0x304103,
+	0x38bc43,
+	0x3af583,
+	0xde1a043,
+	0x240908,
+	0x243544,
+	0x24a083,
+	0x24e8c3,
 	0x200106,
-	0x250bc8,
-	0x24dac3,
-	0x22f903,
-	0x2bfb03,
-	0x205483,
-	0x2b9083,
-	0x220203,
-	0x224d03,
-	0x233a43,
-	0x254583,
-	0x209343,
-	0x296a03,
-	0x328343,
-	0x20ea83,
-	0x20a6c3,
-	0x3ab305,
-	0x2601c4,
-	0x261307,
-	0x262642,
-	0x263d83,
-	0x268406,
-	0x269fc3,
-	0x26ad43,
-	0x28a803,
-	0x271dc3,
-	0x21f403,
-	0x20a643,
-	0x2a7a87,
-	0xeae9c43,
-	0x2421c3,
-	0x208103,
-	0x204203,
-	0x258103,
-	0x21a583,
-	0x226dc5,
-	0x382803,
-	0x38d2c9,
-	0x200c43,
-	0x3dfdc3,
-	0xee57443,
-	0x227883,
-	0x204603,
-	0x217388,
-	0x2b9d06,
-	0x271b86,
-	0x2c4f06,
-	0x26bf87,
-	0x22ea83,
-	0x2335c3,
-	0x219c03,
-	0x29a906,
-	0x226e42,
-	0x2ed403,
-	0x366005,
-	0x2127c3,
-	0x31b087,
-	0x160bc03,
-	0x219d03,
-	0x2058c3,
-	0x23eb03,
-	0x22d043,
-	0x21f483,
-	0x215c46,
-	0x200a86,
-	0x387c83,
-	0x22e683,
-	0x202783,
-	0x227d43,
-	0x315443,
-	0x309743,
-	0x30c883,
-	0x20ef45,
-	0x23ffc3,
-	0x23ffc6,
-	0x21ad03,
-	0x28c148,
-	0x22bcc3,
-	0x22bcc9,
-	0x2b8a88,
-	0x22d3c8,
-	0x310ac5,
-	0x235d8a,
-	0x23ed4a,
-	0x24430b,
-	0x244cc8,
-	0x31c843,
-	0x21e6c3,
-	0x30c8c3,
-	0x2f3883,
-	0x30e088,
-	0x32a203,
-	0x3c3744,
-	0x203142,
-	0x23c7c3,
-	0x253f03,
+	0x252c48,
+	0x242ec3,
+	0x220ac3,
+	0x2c5383,
+	0x224dc3,
+	0x3e8943,
+	0x21c0c3,
+	0x226783,
+	0x20ff83,
+	0x25aa43,
+	0x265883,
+	0x2307c3,
+	0x340403,
+	0x213703,
+	0x201d03,
+	0x3ac745,
+	0x2673c4,
+	0x268507,
+	0x2698c2,
+	0x26a803,
+	0x26ee86,
+	0x270683,
+	0x270a03,
+	0x28e3c3,
+	0x378803,
+	0x221943,
+	0x201c83,
+	0x2ad347,
+	0xea0f583,
+	0x240243,
+	0x20afc3,
+	0x211983,
+	0x231a43,
+	0x21cb03,
+	0x22b2c5,
+	0x388583,
+	0x24e349,
+	0x200c03,
+	0x31ac43,
+	0xee5b543,
+	0x22bd83,
+	0x203c83,
+	0x219608,
+	0x2bfb06,
+	0x3785c6,
+	0x2ca886,
+	0x271607,
+	0x2252c3,
+	0x2384c3,
+	0x214e43,
+	0x29e306,
+	0x20ffc2,
+	0x2f33c3,
+	0x344245,
+	0x214883,
+	0x32ad07,
+	0x1608c43,
+	0x2a1943,
+	0x241a83,
+	0x241503,
+	0x247043,
+	0x24acc3,
+	0x366386,
+	0x3bfdc6,
+	0x389a83,
+	0x3407c3,
+	0x205443,
+	0x21dcc3,
+	0x31d4c3,
+	0x310483,
+	0x314143,
+	0x212c85,
+	0x2423c3,
+	0x2423c6,
+	0x21bd03,
+	0x3c3688,
+	0x236883,
+	0x236889,
+	0x263988,
+	0x224888,
+	0x22e2c5,
+	0x23c04a,
+	0x23d60a,
+	0x24174b,
+	0x245088,
+	0x2ce083,
+	0x216ec3,
+	0x314183,
+	0x2edd03,
+	0x315888,
+	0x334d83,
+	0x3c8704,
+	0x205e02,
+	0x23fac3,
+	0x265603,
 	0x2007c3,
-	0x3a8143,
-	0x280183,
-	0x236f03,
-	0x26ca02,
-	0x2f5443,
-	0x2450c3,
-	0x317cc3,
-	0x319684,
-	0x249b04,
-	0x231a83,
-	0x7ffc8,
-	0xe315f8c,
-	0xe6e5745,
-	0xc1e05,
+	0x3af603,
+	0x283143,
+	0x23ae43,
+	0x22ccc2,
+	0x2233c3,
+	0x246143,
+	0x31fd43,
+	0x321d84,
+	0x260644,
+	0x2355c3,
+	0x1c3448,
+	0xe31e00c,
+	0xe6ea545,
+	0xdefc5,
 	0x2000c2,
-	0x200ac2,
-	0x203742,
-	0x201182,
+	0x200b02,
+	0x201902,
+	0x2029c2,
 	0x200202,
-	0x202542,
-	0x25a282,
-	0x203642,
+	0x205202,
+	0x244b02,
+	0x201b42,
 	0x200382,
-	0x200b42,
-	0x208f02,
-	0x20f782,
-	0x27eec2,
-	0x200a82,
-	0x229ac2,
-	0x20f102,
-	0x215502,
-	0x202782,
-	0x2bbd02,
-	0x206902,
+	0x203f02,
+	0x215142,
+	0x20d3c2,
+	0x282182,
+	0x207002,
+	0x20ea82,
+	0x2035c2,
+	0x216402,
+	0x205442,
+	0x24bf42,
+	0x209982,
 	0x200682,
-	0x214602,
-	0x201082,
-	0x2036c2,
-	0x2033c2,
-	0x207802,
-	0x200fc2,
+	0x217ac2,
+	0x201a42,
+	0x206382,
+	0x201042,
+	0x230802,
+	0x2019c2,
 	0xc2,
-	0xac2,
-	0x3742,
-	0x1182,
+	0xb02,
+	0x1902,
+	0x29c2,
 	0x202,
-	0x2542,
-	0x5a282,
-	0x3642,
+	0x5202,
+	0x44b02,
+	0x1b42,
 	0x382,
-	0xb42,
-	0x8f02,
-	0xf782,
-	0x7eec2,
-	0xa82,
-	0x29ac2,
-	0xf102,
-	0x15502,
-	0x2782,
-	0xbbd02,
-	0x6902,
+	0x3f02,
+	0x15142,
+	0xd3c2,
+	0x82182,
+	0x7002,
+	0xea82,
+	0x35c2,
+	0x16402,
+	0x5442,
+	0x4bf42,
+	0x9982,
 	0x682,
-	0x14602,
-	0x1082,
-	0x36c2,
-	0x33c2,
-	0x7802,
-	0xfc2,
-	0x229f43,
-	0x224d03,
-	0x2e9c43,
-	0x2127c3,
-	0x21f483,
-	0x5ec2,
-	0x229f43,
-	0x224d03,
-	0x2e9c43,
-	0x2127c3,
-	0x21f483,
-	0x9c589,
-	0x5842,
-	0x205842,
-	0x21f483,
-	0x10a29f43,
-	0x2e9c43,
-	0x219c03,
-	0xf19c7,
-	0x81983,
-	0x247f42,
-	0x7ffc8,
-	0x229f43,
-	0x224d03,
-	0x2e9c43,
-	0x1e683,
-	0x2127c3,
-	0xbc03,
-	0x81983,
-	0x21f483,
-	0x4182,
+	0x17ac2,
+	0x1a42,
+	0x6382,
+	0x1042,
+	0x30802,
+	0x19c2,
+	0x21a043,
+	0x226783,
+	0x20f583,
+	0x214883,
+	0x24acc3,
+	0xf82,
+	0x21a043,
+	0x226783,
+	0x20f583,
+	0x214883,
+	0x24acc3,
+	0xa0789,
+	0xb642,
+	0x20b642,
+	0x24acc3,
+	0x10a1a043,
+	0x20f583,
+	0x1b1749,
+	0x214e43,
+	0xf5d07,
+	0x2445c2,
+	0x1c3448,
+	0x21a043,
+	0x226783,
+	0x20f583,
+	0x16e83,
+	0x214883,
+	0x24acc3,
+	0x79c2,
 	0x2001c2,
-	0x1405405,
-	0x145d45,
-	0x212d02,
-	0x7ffc8,
-	0x5842,
-	0x240482,
-	0x203782,
-	0x20a382,
-	0x23b542,
-	0x216602,
-	0xcab05,
-	0x20ad82,
-	0x200f82,
-	0x214542,
-	0x203fc2,
-	0x20f102,
-	0x248dc2,
-	0x212882,
-	0x223ac2,
-	0x11a7c7c4,
+	0x1427d45,
+	0x14f985,
+	0x213c82,
+	0x1c3448,
+	0xb642,
+	0x242882,
+	0x206442,
+	0x10210c,
+	0x20da42,
+	0x231a82,
+	0x218882,
+	0x1a4045,
+	0x200dc2,
+	0x201802,
+	0x217a02,
+	0x208e02,
+	0x2035c2,
+	0x24a242,
+	0x214942,
+	0x2b60c2,
+	0x11a7f604,
 	0x142,
-	0xf1a47,
-	0x13683,
-	0x1b670d,
-	0xf5949,
-	0x1a5fcb,
-	0xf8f08,
-	0x6b349,
-	0x1133c6,
-	0x2e9c43,
-	0x7ffc8,
-	0x9c4,
-	0x14c3,
-	0x172f85,
-	0x7ffc8,
-	0xf2447,
-	0x12c5a847,
-	0x13263284,
-	0x66806,
-	0x172fc9,
-	0xb714e,
-	0x13e007,
-	0x15b2a43,
-	0x13602c02,
-	0x1edc89,
-	0x1f04,
+	0xf5d87,
+	0x15943,
+	0x1db18d,
+	0xfaf89,
+	0xf140b,
+	0xfdd48,
+	0x73ec9,
+	0x11b446,
+	0x20f583,
+	0x1c3448,
+	0x1bfd04,
+	0x2d03,
+	0x1bee85,
+	0x1c3448,
+	0x1ec6c7,
+	0x12c5ea87,
+	0x13269384,
+	0x6d446,
+	0x1beec9,
+	0xbea8e,
+	0x10210c,
+	0x146087,
+	0x15bc683,
+	0x13602142,
+	0x149f49,
+	0x1ed5c4,
 	0x2000c2,
-	0x29f804,
-	0x205842,
-	0x229f43,
-	0x201902,
-	0x224d03,
-	0x26403,
+	0x265a04,
+	0x20b642,
+	0x21a043,
+	0x203142,
+	0x226783,
+	0x26dc3,
 	0x200382,
-	0x2ef2c4,
-	0x25e043,
-	0x254902,
-	0x2127c3,
-	0x16602,
+	0x2eef84,
+	0x20bc83,
+	0x2593c2,
+	0x214883,
+	0x18882,
 	0x2003c2,
-	0x21f483,
-	0x216e06,
-	0x33418f,
-	0x725ec3,
-	0x2fc58a,
-	0x7ffc8,
-	0x205842,
-	0x28c6c3,
-	0x2e9c43,
-	0x219c03,
-	0xbc03,
-	0x14bb6147,
-	0x1582a46,
-	0x1d1ec6,
-	0x14fc8bc8,
-	0x1e6644,
-	0x152c518a,
-	0x15c34147,
-	0xd6d88,
-	0xb7148,
-	0x15e930b,
-	0x147ccca,
-	0x1606ac83,
-	0xfb6c9,
-	0x165045c8,
-	0x16a54187,
-	0x14b8e4a,
-	0x1500f47,
-	0xb378b,
-	0x16e81f4c,
-	0xaa845,
-	0xfc185,
-	0x11adc9,
-	0x1bddc4,
-	0x1153c3,
-	0x156c52c5,
-	0x124283,
-	0x15a32783,
-	0x124283,
-	0x13682,
-	0x1c82,
-	0x9e42,
-	0x9e42,
-	0x3702,
-	0x9e42,
-	0x1b02,
-	0x2102,
-	0xd02,
-	0x145d45,
-	0xf1a47,
-	0x1e6644,
-	0x102504,
-	0x205842,
-	0x229f43,
-	0x2e9c43,
-	0x2127c3,
+	0x24acc3,
+	0x219086,
+	0x33d48f,
+	0x733483,
+	0x1c3448,
+	0x20b642,
+	0x204703,
+	0x20f583,
+	0x214e43,
+	0x14bdabc7,
+	0x14a7606,
+	0x1f3d06,
+	0xf2389,
+	0x14fcd6c8,
+	0x1e6304,
+	0x152cab0a,
+	0x163988,
+	0x15c16a87,
+	0xd9f88,
+	0xbea88,
+	0x15e86cb,
+	0x147fb0a,
+	0x16070943,
+	0x103189,
+	0x1650b188,
+	0x16b8e487,
+	0x1463d4a,
+	0x1507c07,
+	0xba74b,
+	0x16e8a2cc,
+	0x16bf05,
+	0xdc4c5,
+	0x123409,
+	0x1dbf44,
+	0x11d443,
+	0x156cac45,
+	0x12ee43,
+	0x15a35ac3,
+	0x12ee43,
+	0x15942,
+	0x21c2,
+	0xba42,
+	0xba42,
+	0x3d82,
+	0xba42,
+	0x3342,
+	0x45c2,
+	0x101c2,
+	0x14f985,
+	0xf5d87,
+	0x1e6304,
+	0x109484,
+	0x20b642,
+	0x21a043,
+	0x20f583,
+	0x214883,
 	0x2000c2,
-	0x204cc2,
-	0x206f02,
-	0x17e29f43,
-	0x248d82,
-	0x224d03,
-	0x200c02,
-	0x2a5c02,
-	0x2e9c43,
-	0x21e682,
-	0x271102,
-	0x232242,
-	0x2086c2,
-	0x2a1342,
+	0x209582,
+	0x20aa82,
+	0x17e1a043,
+	0x24a202,
+	0x226783,
+	0x200bc2,
+	0x203942,
+	0x20f583,
+	0x216e82,
+	0x261042,
+	0x22fcc2,
+	0x20ad02,
+	0x2a4fc2,
 	0x200802,
-	0x202142,
-	0x204d02,
-	0x227e02,
-	0x20a442,
-	0x13038c,
-	0x2c7dc2,
-	0x2803c2,
-	0x226282,
-	0x240e42,
-	0x219c03,
-	0x20dec2,
-	0x2127c3,
-	0x20e942,
-	0x2a28c2,
-	0x21f483,
-	0x24b382,
-	0x2036c2,
-	0x21ee82,
-	0x204082,
-	0x20c582,
-	0x2136c2,
-	0x215642,
-	0x231342,
-	0x226d82,
-	0x3254ca,
-	0x36d08a,
-	0x3a8fca,
-	0x3f0382,
-	0x2102c2,
-	0x227482,
-	0x18239b09,
-	0x187bf80a,
-	0x1542547,
-	0x18a05f02,
-	0x142cb83,
-	0x10c2,
-	0x1bf80a,
-	0x15fe8e,
-	0x259b44,
-	0x100585,
-	0x19229f43,
-	0x498c3,
-	0x224d03,
-	0x25b9c4,
-	0x2e9c43,
-	0x258104,
-	0x25e043,
-	0x13de09,
-	0x136086,
-	0x219c03,
-	0xf9704,
-	0xd83,
-	0x2127c3,
-	0x8e345,
-	0x20bc03,
-	0x21f483,
-	0x1528a44,
-	0x23ffc3,
-	0x1954bc04,
-	0x205ec3,
-	0x7ffc8,
-	0x3842,
-	0x154d603,
-	0x125e06,
-	0x1471484,
-	0x1fc5,
-	0x1bdbca,
-	0x86a42,
-	0x1a002acd,
-	0x1b9946,
-	0x187591,
-	0x1a639b09,
-	0x15500a,
-	0x2048,
-	0x1b5508,
-	0x6e90e,
-	0x182d13,
-	0x21121487,
-	0xec2,
-	0x39c94,
-	0x46f07,
-	0x2d74e,
-	0x145d4b,
-	0x1482cb,
-	0x1c304a,
-	0x110947,
-	0x7ffc8,
-	0xa1d08,
-	0xf647,
-	0x2141f6cb,
-	0x21646,
-	0x24bc7,
-	0x37c2,
-	0x3124d,
-	0x142e85,
-	0x18ee07,
-	0x10a6ca,
-	0x12820c,
-	0x1283cf,
-	0x570f,
-	0xb90c2,
-	0x5842,
-	0x96948,
-	0x218f754c,
-	0x1aee0a,
-	0xf1f4a,
-	0x8240a,
-	0x8cdc8,
-	0x15948,
-	0x6da88,
-	0xf2408,
-	0xc348,
-	0xd02,
-	0x548f,
-	0x152038d,
-	0x181acb,
-	0xd1e88,
-	0x40787,
-	0x5494a,
-	0x3bc0b,
-	0xa54c9,
-	0x54847,
-	0x159286,
-	0x15848,
-	0x3ef0c,
-	0x1cd787,
-	0x2f5ca,
-	0x1db408,
-	0x332ce,
-	0x3464e,
-	0x11078b,
-	0x5594b,
-	0x15024b,
-	0x10a249,
-	0x11870b,
-	0x12618d,
-	0x15be4b,
-	0x3accd,
-	0x3b04d,
-	0x41b4a,
-	0x4994b,
-	0x4a10b,
-	0x50ec5,
-	0x21dc8c10,
-	0x32c4f,
-	0x7c98f,
-	0x147a8d,
-	0x85f10,
-	0x6cc2,
-	0x222fc8c8,
-	0x1cd608,
-	0x9ed50,
-	0x1217ce,
-	0x2276e985,
-	0x5a44b,
-	0x13cf10,
-	0xa650b,
-	0x1b858c,
-	0x15a4a,
-	0x55b09,
-	0x6f248,
-	0x762c7,
-	0x76607,
-	0x767c7,
-	0x77707,
-	0x78487,
-	0x78947,
-	0x79607,
-	0x79b07,
-	0x7a007,
-	0x7a387,
-	0x7aa47,
-	0x7ac07,
-	0x7adc7,
-	0x7af87,
-	0x7b307,
-	0x7b847,
-	0x7d147,
+	0x204142,
+	0x201742,
+	0x21dd82,
+	0x209bc2,
+	0x4484c,
+	0x2cd142,
+	0x283382,
+	0x22b242,
+	0x202582,
+	0x214e43,
+	0x201942,
+	0x214883,
+	0x20b482,
+	0x24fdc2,
+	0x24acc3,
+	0x24dac2,
+	0x206382,
+	0x2213c2,
+	0x200e02,
+	0x22c602,
+	0x215982,
+	0x209b02,
+	0x25c442,
+	0x22b282,
+	0x33060a,
+	0x375dca,
+	0x3a8f8a,
+	0x3f43c2,
+	0x2039c2,
+	0x22b982,
+	0x182fe909,
+	0x187d6f0a,
+	0x154be47,
+	0x18a00fc2,
+	0x1446b83,
+	0x2902,
+	0x1d6f0a,
+	0x16e3ce,
+	0x2346c4,
+	0x107245,
+	0x1921a043,
+	0x4b8c3,
+	0x226783,
+	0x2607c4,
+	0x20f583,
+	0x25c204,
+	0x20bc83,
+	0x145e89,
+	0x51fc6,
+	0x214e43,
+	0x100d44,
+	0x1443,
+	0x214883,
+	0x9bf05,
+	0x208c43,
+	0x24acc3,
+	0x1440704,
+	0x2423c3,
+	0x195547c4,
+	0xd2a48,
+	0x200f83,
+	0x1c3448,
+	0x6502,
+	0x1527143,
+	0x1333c6,
+	0x1577ec4,
+	0x4c85,
+	0x1dbd4a,
+	0x138682,
+	0x1a00578d,
+	0x1bdcc6,
+	0x152051,
+	0x1a6fe909,
+	0x15d4ca,
+	0x4d08,
+	0x167d48,
+	0x152e8e,
+	0x89e53,
+	0x210a78c7,
+	0x1d42,
+	0x148210,
+	0x152c8c,
+	0xfea94,
+	0x1b87c7,
+	0x24c0e,
+	0x14f98b,
+	0x1519cb,
+	0x1c740a,
+	0x133907,
+	0x1c3448,
+	0xb3d88,
+	0xf747,
+	0x21422bcb,
+	0x23e46,
+	0x26647,
+	0x3ac2,
+	0xef7cd,
+	0x13e705,
+	0x1d647,
+	0x133c4a,
+	0x1402cc,
+	0x14048f,
+	0xae74f,
+	0x16e3c2,
+	0xb642,
+	0x9a148,
+	0x21903e8c,
+	0x1b204a,
+	0x21f656ca,
+	0xf638a,
+	0x86cca,
+	0x8ffc8,
+	0x2d785,
+	0x728c8,
+	0xf6848,
+	0x1ec688,
+	0x153648,
+	0x101c2,
+	0xae4cf,
+	0x1427dcd,
+	0x6d8b,
+	0xd5448,
+	0x42b87,
+	0x5940a,
+	0x3e7cb,
+	0xa9cc9,
+	0x59307,
+	0xf8506,
+	0x2d688,
+	0x3d7cc,
+	0x1e9987,
+	0x244ca,
+	0xa3c8,
+	0x11780e,
+	0x12078e,
+	0x13374b,
+	0x16600b,
+	0x3828b,
+	0x3d309,
+	0x4318b,
+	0x4864d,
+	0x4b94b,
+	0x4ca4d,
+	0x4cdcd,
+	0x5a30a,
+	0x6048b,
+	0x56a0b,
+	0x5a045,
+	0x221cd710,
+	0x80392,
+	0x33011,
+	0x176752,
+	0x35f8f,
+	0x7f7cf,
+	0x15118d,
+	0x85250,
+	0xa842,
+	0x22620948,
+	0x1e9808,
+	0x64f50,
+	0x12c88e,
+	0x22b77a85,
+	0x5e68b,
+	0x144f90,
+	0xaaecb,
+	0x1bc3cc,
+	0x729ca,
+	0x1661c9,
+	0x735c8,
+	0x78887,
+	0x78bc7,
+	0x78d87,
+	0x79cc7,
+	0x7b747,
+	0x7bc07,
+	0x7c307,
+	0x7c747,
+	0x7d207,
 	0x7d587,
-	0x7e007,
-	0x7e2c7,
-	0x7e487,
-	0x7e787,
-	0x7ed87,
-	0x7ef87,
-	0x7f907,
-	0x7fac7,
-	0x7fc87,
-	0x80247,
-	0x80887,
-	0x81247,
+	0x7da47,
+	0x7dc07,
+	0x7ddc7,
+	0x7df87,
+	0x7e307,
+	0x7e687,
+	0x7ff87,
+	0x80807,
+	0x812c7,
+	0x81587,
+	0x81747,
+	0x81a47,
+	0x82047,
 	0x82247,
-	0x82687,
-	0x82e87,
-	0x83047,
-	0x83687,
-	0x83a07,
-	0x83ec7,
-	0x842c7,
-	0x84607,
-	0x847c7,
-	0x85187,
-	0x86c47,
-	0x87407,
-	0x879c7,
-	0x87b87,
-	0x88007,
-	0x89347,
-	0xd9c2,
-	0x6db8a,
-	0x18848,
-	0x1c014c,
-	0x1d5287,
-	0x9ae85,
-	0x17ac91,
-	0x1f0006,
-	0x12c00a,
-	0x967ca,
-	0x66806,
-	0xbcf4b,
+	0x82bc7,
+	0x82d87,
+	0x82f47,
+	0x83207,
+	0x83847,
+	0x83fc7,
+	0x86b07,
+	0x86f47,
+	0x87747,
+	0x87907,
+	0x87f47,
+	0x882c7,
+	0x88c87,
+	0x89087,
+	0x893c7,
+	0x89587,
+	0x899c7,
+	0x8a5c7,
+	0x8b707,
+	0x8bcc7,
+	0x8be87,
+	0x8c307,
+	0x8cc47,
+	0xef42,
+	0xf694a,
+	0x1b308,
+	0x1c41cc,
+	0x124c87,
+	0x58f85,
+	0x61591,
+	0x7286,
+	0x137bca,
+	0x99fca,
+	0x6d446,
+	0x3f78b,
 	0x642,
-	0x389d1,
-	0xcb289,
-	0xa6a09,
-	0xa7546,
-	0x4d02,
-	0x6b04a,
-	0xb92c9,
-	0xb9a0f,
-	0xba00e,
-	0xbb988,
-	0x22a6eb12,
-	0x15388,
-	0x22e6f447,
-	0xbee0f,
-	0x1d7c2,
-	0x719c9,
-	0x8654a,
-	0x23217d09,
-	0x18c389,
-	0x18c38c,
-	0x2994b,
-	0x1b438e,
-	0x448c,
-	0xfb3cf,
-	0x1c494e,
-	0x3f30c,
-	0x56a09,
-	0x15f291,
-	0x61ac8,
-	0x6a152,
-	0x81c4d,
-	0x83b8d,
-	0x88b0b,
-	0x89a95,
-	0x90249,
-	0x9158a,
-	0x95bc9,
-	0x190f90,
-	0x1b56cb,
-	0xa0dcf,
-	0xab04b,
-	0xb194c,
-	0xc1390,
-	0xdb90a,
-	0x1a158d,
-	0x1a3f8e,
-	0x19e84a,
-	0xc324c,
-	0x1a2614,
-	0xcaf11,
-	0xce00b,
-	0xd03cf,
-	0xd2fcd,
-	0xd608e,
-	0xd9d0c,
-	0xda74c,
-	0xdb60b,
-	0xdc60e,
-	0xdd9d0,
-	0x141b0b,
-	0x1a110d,
-	0x1ae1cf,
-	0xf2ecc,
-	0x108c0e,
-	0x10fd91,
-	0x1a3a8c,
-	0x144347,
-	0x162a4d,
-	0x16d2cc,
-	0x17a610,
-	0x17bd0d,
-	0x19b5c7,
-	0x1a4990,
-	0x1afe08,
-	0xc284b,
-	0xc480f,
-	0x1c03c8,
-	0x6e30d,
-	0x112610,
-	0x17d2c9,
-	0x237c8bc8,
-	0x23ac8c86,
-	0xc9983,
-	0x61ec9,
-	0x25889,
-	0xd0e85,
-	0x8042,
-	0x14a749,
-	0x6738a,
-	0x23e6a606,
-	0x146a60d,
-	0x242ff684,
-	0x1e4c46,
-	0x25dca,
-	0x2c60d,
-	0x246e034b,
-	0x98e08,
-	0x2489f389,
-	0x2f443,
-	0x119aca,
-	0xebb49,
-	0xf1091,
-	0xf14c9,
-	0xf1ec7,
-	0xf2c08,
-	0xf3347,
-	0x6f348,
-	0x558b,
-	0x130049,
-	0xfa0d0,
-	0xfa58c,
-	0xfaa09,
-	0x24efadcd,
-	0xfc408,
-	0xfd045,
-	0x146f08,
-	0x1a370a,
-	0x1325c7,
-	0x1242,
-	0x25276f95,
-	0x13dc0a,
-	0x142cc9,
-	0x25a48,
-	0x1a7ec9,
-	0x1d2a45,
-	0x11af0a,
-	0x173947,
-	0x9c30f,
-	0xaa8cb,
-	0x16154c,
-	0xef892,
-	0x3e046,
-	0x1409588,
-	0x7b645,
-	0x115608,
-	0x1e4d8b,
-	0x1e5151,
-	0x17587,
-	0x6798a,
-	0x25704485,
-	0x1b5ccc,
-	0x2590afce,
-	0x13a283,
-	0x19de06,
-	0x48dc2,
-	0x10d2cb,
-	0x10de4a,
-	0x150f14c,
-	0x98d08,
-	0x3ae88,
-	0x25e25ac6,
-	0x152f8e,
-	0x132207,
-	0x9942,
-	0x1782,
-	0x18fb50,
-	0x6ca87,
-	0x6cb8f,
-	0x18a46,
-	0x5c88e,
-	0xa494b,
-	0x566c8,
-	0xa5889,
-	0x1e1e52,
-	0x115c4d,
-	0x1167c8,
-	0x1a5e89,
-	0x1ec14d,
-	0x6cf09,
-	0x6d6cb,
-	0x6fe48,
-	0x79e08,
-	0x7b488,
-	0x7e909,
-	0x7eb0a,
-	0x7f28c,
-	0xcf34a,
-	0xe808a,
-	0x115487,
-	0xae6ca,
-	0xf8ac8,
-	0x780d,
-	0xb7bd1,
-	0x262d6386,
-	0x16588b,
-	0x3754c,
-	0x45188,
-	0x1d9a49,
-	0x15d48d,
-	0x77950,
-	0x1476cc,
-	0x14b94d,
-	0x9e42,
-	0x8a4cd,
-	0x1b02,
-	0x55202,
-	0x1153ca,
-	0x267cbc4a,
-	0x2b10a,
-	0x26a87cc8,
-	0x12bf0a,
-	0x11bc8b,
-	0x11c9c7,
-	0x1b134c,
-	0x348cc,
-	0x11e90a,
-	0x26d1eb8f,
-	0x11ef4c,
-	0x11f247,
-	0x1208ce,
-	0x271f0245,
-	0x184588,
-	0x4182,
-	0x1405483,
-	0x1ab751ce,
-	0x1b20118e,
-	0x1ba0c98a,
-	0x1c332dce,
-	0x1ca060ce,
-	0x1d340c8c,
-	0x1542547,
-	0x15550c9,
-	0x142cb83,
-	0x1db6890c,
-	0x1e206cc9,
-	0x1ebb7249,
-	0x1f3bd9c9,
-	0x10c2,
-	0x175111,
-	0x10d1,
-	0xc8cd,
-	0x132d11,
-	0x1361d1,
-	0x140bcf,
-	0x16884f,
-	0x1a9c0c,
-	0x1b718c,
-	0x1bd90c,
-	0xe72cd,
-	0xf8455,
-	0x12b64c,
-	0x142f8c,
-	0x198c90,
-	0x1c170c,
-	0x1c3bcc,
-	0x1c6019,
-	0x1db5d9,
-	0x5e19,
-	0x6a14,
-	0xf7d4,
-	0x10954,
-	0x10ed4,
-	0x17714,
-	0x1fa0fa89,
-	0x20010c09,
-	0x20b43049,
-	0x1ae61cc9,
-	0x10c2,
-	0x1b661cc9,
-	0x10c2,
-	0x5e0a,
-	0x10c2,
-	0x1be61cc9,
-	0x10c2,
-	0x5e0a,
-	0x10c2,
-	0x1c661cc9,
-	0x10c2,
-	0x1ce61cc9,
-	0x10c2,
-	0x1d661cc9,
-	0x10c2,
-	0x5e0a,
-	0x10c2,
-	0x1de61cc9,
-	0x10c2,
-	0x5e0a,
-	0x10c2,
-	0x1e661cc9,
-	0x10c2,
-	0x1ee61cc9,
-	0x10c2,
-	0x5e0a,
-	0x10c2,
-	0x1f661cc9,
-	0x10c2,
-	0x5e0a,
-	0x10c2,
-	0x1fe61cc9,
-	0x10c2,
-	0x20661cc9,
-	0x10c2,
-	0x20e61cc9,
-	0x10c2,
-	0x5e0a,
-	0x10c2,
+	0x3c691,
+	0x131809,
+	0xab8c9,
+	0xace06,
+	0x1742,
+	0x70d0a,
+	0xbf0c9,
+	0xbf80f,
+	0xbfe0e,
+	0xc1bc8,
+	0x22f53092,
+	0x18208,
+	0x232737c7,
+	0xc468f,
+	0x7142,
+	0x178409,
+	0x10044a,
+	0x2361a389,
+	0xdaec9,
+	0xdaecc,
+	0x19a4b,
+	0x5824e,
+	0x11c0c,
+	0x102e8f,
+	0x1c980e,
+	0x50fcc,
+	0x64d49,
+	0x71a11,
+	0x88448,
+	0x92f12,
+	0x94d8d,
+	0x993cd,
+	0x9ee4b,
+	0x167f15,
+	0x191549,
+	0x1b6d0a,
+	0x1df109,
+	0xa27d0,
+	0xa914b,
+	0xb1c8f,
+	0xb928b,
+	0xc710c,
+	0xc77d0,
+	0xdfdca,
+	0xf884d,
+	0x12b38e,
+	0x19f6ca,
+	0xc8bcc,
+	0xcf7d4,
+	0x131491,
+	0x1c470b,
+	0xd82cf,
+	0xd930d,
+	0xda3ce,
+	0xddf0c,
+	0xde64c,
+	0xdfacb,
+	0xe1c0e,
+	0xe4490,
+	0xe534b,
+	0xf740d,
+	0x10fd8f,
+	0x10eacc,
+	0x11704e,
+	0x185451,
+	0x12ae8c,
+	0x169d07,
+	0x16bb8d,
+	0x17600c,
+	0x180f50,
+	0x19b74d,
+	0x19c3c7,
+	0x1a5c90,
+	0x1b3048,
+	0xc814b,
+	0xca18f,
+	0x1c4448,
+	0x57b8d,
+	0x119c50,
+	0x182fc9,
+	0x23bcd6c8,
+	0x23ece206,
+	0xcf503,
+	0x1ade89,
+	0xade49,
+	0xd4345,
+	0xaf02,
+	0x59889,
+	0x6de0a,
+	0x242933c6,
+	0x14933cd,
+	0x24706444,
+	0x1e4986,
+	0x28b4a,
+	0x2af0d,
+	0x24ae5b8b,
+	0x1e9e08,
+	0x24c65589,
+	0x24343,
+	0x17c7ca,
+	0xf53d1,
+	0xf5809,
+	0xf6307,
+	0xf7148,
+	0xf8b87,
+	0x736c8,
+	0xae5cb,
+	0x13b509,
+	0x101590,
+	0x101a4c,
+	0x101ec9,
+	0x10210c,
+	0x2530250d,
+	0x1037c8,
+	0x103cc5,
+	0x1d0fc8,
+	0x1a4f4a,
+	0x1b8ec7,
+	0x25c2,
+	0x25679555,
+	0x145c8a,
+	0x13e549,
+	0x1ef4c8,
+	0xae009,
+	0x9605,
+	0x12ab8a,
+	0x1a07,
+	0xa050f,
+	0x16bf8b,
+	0x1ec90c,
+	0x30712,
+	0xc0906,
+	0x1580588,
+	0x8e5c5,
+	0x11d688,
+	0x1e4acb,
+	0xe6ad1,
+	0x179d47,
+	0x6e40a,
+	0x18784c,
+	0x25b0b045,
+	0x1b72cc,
+	0x25d129ce,
+	0x142743,
+	0x19ec86,
+	0x4a242,
+	0x11468b,
+	0x11564a,
+	0x151640c,
+	0x1e9d08,
+	0x4cc08,
+	0x263ef546,
+	0x17ef87,
+	0x23f8e,
+	0x1534c7,
+	0x3b02,
+	0x2fc2,
+	0x188850,
+	0x77e47,
+	0x77f4f,
+	0x1b506,
+	0xa8b4e,
+	0xb424b,
+	0x5e0c8,
+	0xaa089,
+	0x150652,
+	0x11dccd,
+	0x11e848,
+	0xf12c9,
+	0x1a718d,
+	0xe889,
+	0x782cb,
+	0x7ae88,
+	0x7e488,
+	0x80f88,
+	0x81bc9,
+	0x81dca,
+	0x8254c,
+	0x2398a,
+	0xe094a,
+	0x11d507,
+	0x43a8a,
+	0xf90c8,
+	0x1d3e0d,
+	0x62ad1,
+	0x266da6c6,
+	0x16d20b,
+	0x3b48c,
+	0xff48,
+	0x1dc8c9,
+	0x16548d,
+	0x79f10,
+	0x150dcc,
+	0x15450d,
+	0x10384f,
+	0xba42,
+	0x1df30d,
+	0x3342,
+	0x96c2,
+	0x11d44a,
+	0x26bd0d0a,
+	0x32e4a,
+	0x26e8bfc8,
+	0x137aca,
+	0x12460b,
+	0x126c47,
+	0x1b41cc,
+	0x120a0c,
+	0x12940a,
+	0x2712968f,
+	0x129a4c,
+	0x129d47,
+	0x12b70e,
+	0x275f4285,
+	0x1eab88,
+	0x79c2,
+	0x1424dc3,
+	0x1aa0494e,
+	0x1b2029ce,
+	0x1bb2658a,
+	0x1c33718e,
+	0x1ca082ce,
+	0x1d353c8c,
+	0x154be47,
+	0x155d589,
+	0x1446b83,
+	0x1db5ce8c,
+	0x1e20a849,
+	0x1ebd7e09,
+	0x1f3dbb49,
+	0x2902,
+	0x4891,
+	0x2911,
+	0x1264cd,
+	0x1370d1,
+	0x1d4fd1,
+	0x153bcf,
+	0x15cdcf,
+	0x1cc20c,
+	0x1d7d4c,
+	0x1dba8c,
+	0xec7cd,
+	0xfd515,
+	0x13c14c,
+	0x13e80c,
+	0x179ed0,
+	0x1c5acc,
+	0x1c8a8c,
+	0x1d17d9,
+	0x1d9759,
+	0x8019,
+	0xa594,
+	0xf8d4,
+	0x107d4,
+	0x10d54,
+	0x1a994,
+	0x1fa0fb89,
+	0x20010a89,
+	0x20b3e8c9,
+	0x1ae88649,
+	0x2902,
+	0x1b688649,
+	0x2902,
+	0x800a,
+	0x2902,
+	0x1be88649,
+	0x2902,
+	0x800a,
+	0x2902,
+	0x1c688649,
+	0x2902,
+	0x1ce88649,
+	0x2902,
+	0x1d688649,
+	0x2902,
+	0x800a,
+	0x2902,
+	0x1de88649,
+	0x2902,
+	0x800a,
+	0x2902,
+	0x1e688649,
+	0x2902,
+	0x1ee88649,
+	0x2902,
+	0x800a,
+	0x2902,
+	0x1f688649,
+	0x2902,
+	0x800a,
+	0x2902,
+	0x1fe88649,
+	0x2902,
+	0x20688649,
+	0x2902,
+	0x20e88649,
+	0x2902,
+	0x800a,
+	0x2902,
 	0x1400401,
-	0x187585,
-	0x1c3044,
-	0x145b883,
-	0x15cf803,
-	0x158f143,
-	0x1751ce,
-	0x118e,
-	0x8face,
-	0xc98a,
-	0x132dce,
-	0x60ce,
-	0x140c8c,
-	0x16890c,
-	0x6cc9,
-	0x1b7249,
-	0x1bd9c9,
-	0xfa89,
-	0x10c09,
-	0x143049,
-	0xf864d,
-	0x11189,
-	0x179c9,
-	0x147384,
-	0x170a04,
-	0x1ec684,
-	0x1f0144,
-	0xb3a44,
-	0x154bc4,
-	0x1ba644,
-	0x55e04,
-	0x18944,
-	0x212c4,
-	0x16f4c9,
-	0x16f4cc,
-	0x14fa46,
-	0x14fa4e,
-	0x81d84,
-	0x1596343,
-	0x1c3a47,
-	0x1490c0c,
-	0x2043,
-	0x212c4,
-	0x6cc2,
-	0x4f087,
-	0xf7548,
-	0xa2108,
-	0xdcbc4,
-	0x1a9806,
-	0x1351c7,
-	0xe3504,
-	0x114046,
-	0x1f182,
-	0x1541,
-	0x22104,
-	0x6e786,
-	0x1a883,
-	0x6cc2,
-	0x2043,
-	0xdc843,
-	0xef683,
-	0x12683,
-	0x10a1c3,
-	0xef885,
-	0x803c2,
-	0x7102,
-	0x7108,
-	0xf4c87,
-	0x1300c7,
-	0xd02,
+	0x152045,
+	0x1c7404,
+	0x1412f43,
+	0x15f2603,
+	0x141d983,
+	0x94ec4,
+	0x13b848,
+	0x494e,
+	0x29ce,
+	0x9280e,
+	0x12658a,
+	0x13718e,
+	0x82ce,
+	0x153c8c,
+	0x15ce8c,
+	0xa849,
+	0x1d7e09,
+	0x1dbb49,
+	0xfb89,
+	0x10a89,
+	0x13e8c9,
+	0xfd70d,
+	0x11009,
+	0x1ac49,
+	0x150a84,
+	0x1720c4,
+	0x199884,
+	0x1cacc4,
+	0xbaa04,
+	0x1b9944,
+	0x1e6a84,
+	0x69004,
+	0x1b404,
+	0x642c4,
+	0x334c9,
+	0x334cc,
+	0x159186,
+	0x15918e,
+	0x94ec4,
+	0x159bf43,
+	0x7e87,
+	0x149440c,
+	0x4d03,
+	0x642c4,
+	0xa842,
+	0x51887,
+	0x103e88,
+	0x191dc8,
+	0x4fd44,
+	0x1cb8c6,
+	0x54d47,
+	0xe8b44,
+	0x11c0c6,
+	0x216c2,
+	0x2d81,
+	0x1d3a44,
+	0x89cc6,
+	0x22603,
+	0xa842,
+	0x4d03,
+	0xe0143,
+	0x30503,
+	0x14743,
+	0x117783,
+	0x30705,
+	0x83382,
+	0x151682,
+	0x1bf708,
+	0xfa807,
+	0x15743,
+	0x13b587,
+	0x101c2,
+	0xf2389,
 	0x2000c2,
-	0x205842,
-	0x201902,
-	0x218b02,
+	0x20b642,
+	0x203142,
+	0x21b5c2,
 	0x200382,
 	0x2003c2,
-	0x201782,
-	0x229f43,
-	0x224d03,
-	0x2e9c43,
-	0x258103,
-	0x2127c3,
-	0x21f483,
-	0x7ffc8,
-	0x229f43,
-	0x224d03,
-	0x2127c3,
-	0x21f483,
-	0x12c03,
-	0x2e9c43,
-	0x58104,
+	0x202fc2,
+	0x21a043,
+	0x226783,
+	0x20f583,
+	0x231a43,
+	0x214883,
+	0x24acc3,
+	0x1c3448,
+	0x21a043,
+	0x226783,
+	0x214883,
+	0x24acc3,
+	0x13b83,
+	0x20f583,
+	0x5c204,
 	0x2000c2,
-	0x258843,
-	0x29629f43,
-	0x3ab707,
-	0x2e9c43,
-	0x2280c3,
-	0x222d84,
-	0x2127c3,
-	0x21f483,
-	0x22600a,
-	0x216e05,
-	0x202783,
-	0x208ec2,
-	0x7ffc8,
-	0x29ae574a,
-	0xc41,
-	0x7ffc8,
-	0x5842,
-	0x137d42,
-	0x2a29f10b,
-	0x2a635204,
-	0xff5c5,
-	0x1402cc5,
-	0xf7546,
-	0x2aa02cc5,
-	0x635c3,
-	0x9ec43,
-	0x9c4,
-	0x14c3,
-	0x172f85,
-	0x145d45,
-	0x7ffc8,
-	0x24bc7,
-	0x29f43,
-	0x3514d,
-	0x2b246907,
-	0xac86,
-	0x2b40c7c5,
-	0x148792,
-	0xad47,
-	0x1624a,
-	0x14e88,
-	0x16147,
-	0x1d5b4a,
-	0x1bad08,
-	0x6d487,
-	0x156acf,
-	0x4dd87,
-	0x539c6,
-	0x13cf10,
-	0xc9c8f,
-	0x1ac09,
-	0x1e4cc4,
-	0x2b80ae0e,
-	0x4f3c9,
-	0x7b0c6,
-	0x111ac9,
-	0x19ab46,
-	0x1d71c6,
-	0xbe24c,
-	0x3be0a,
-	0xa5647,
-	0x1e224a,
-	0xb209,
-	0xfe38c,
-	0x2724a,
-	0x6b68a,
-	0x172fc9,
-	0x1e4c46,
-	0xa570a,
-	0x116d4a,
-	0xaf4ca,
-	0x157189,
-	0xeee88,
-	0xef106,
-	0xf644d,
-	0x5fe0b,
-	0xd1445,
-	0x2bf889cc,
-	0x13e007,
-	0x1c8049,
-	0xdab07,
-	0xb2c54,
-	0x112a0b,
-	0xd1cca,
-	0x1e1cca,
-	0xb578d,
-	0x151be89,
-	0x115a0c,
-	0x1165cb,
-	0x163217,
-	0x163d55,
-	0x2f5c3,
-	0x2f5c3,
-	0x332c6,
-	0x2f5c3,
-	0xf7548,
-	0x156983,
-	0x51384,
-	0x1c244,
-	0x1c24c,
-	0x63883,
-	0x14af587,
-	0xa5845,
-	0x142b343,
-	0x142b348,
-	0x60209,
-	0xef885,
-	0x1e4d8b,
-	0xce2cb,
-	0x14f3143,
-	0x14f3148,
-	0x149c86,
-	0x1441d07,
-	0x191207,
-	0x2cd82bc9,
-	0x12686,
-	0x58843,
-	0x7ffc8,
-	0x5842,
-	0x5b9c4,
-	0x97783,
-	0x12e885,
-	0x229f43,
-	0x224d03,
-	0x2e9c43,
-	0x2127c3,
-	0x21f483,
-	0x2030c3,
-	0x229f43,
-	0x224d03,
-	0x28c6c3,
-	0x2e9c43,
-	0x219c03,
-	0x2127c3,
-	0x21f483,
-	0x39ac43,
-	0x205ec3,
-	0x2030c3,
-	0x29f804,
-	0x229f43,
-	0x224d03,
-	0x2e9c43,
-	0x2127c3,
-	0x21f483,
-	0x2043c3,
-	0x208d43,
-	0x208ec2,
-	0x2e582cc5,
-	0x14325c3,
-	0x229f43,
-	0x224d03,
-	0x226403,
-	0x28c6c3,
-	0x2e9c43,
-	0x258104,
-	0x3ce883,
-	0x2335c3,
-	0x219c03,
-	0x2127c3,
-	0x81983,
-	0x21f483,
-	0x202783,
-	0x2f2265c3,
-	0xef789,
-	0x5842,
-	0x2f0243,
-	0x2fe29f43,
-	0x224d03,
-	0x255f03,
-	0x2e9c43,
-	0x22d643,
-	0x2335c3,
-	0x21f483,
-	0x203303,
-	0x3d2bc4,
-	0x7ffc8,
-	0x30629f43,
-	0x224d03,
-	0x2bba43,
-	0x2e9c43,
-	0x219c03,
-	0x222d84,
-	0x2127c3,
-	0x21f483,
-	0x265503,
-	0x7ffc8,
-	0x30e29f43,
-	0x224d03,
-	0x28c6c3,
-	0x20bc03,
-	0x21f483,
-	0x7ffc8,
-	0x1542547,
-	0x258843,
-	0x229f43,
-	0x224d03,
-	0x2e9c43,
-	0x258104,
-	0x222d84,
-	0x2127c3,
-	0x21f483,
-	0x145d45,
-	0xf1a47,
-	0xb2e8b,
-	0x31e3eb46,
-	0xf18c4,
-	0xd1445,
-	0x1475dc8,
-	0x3204d,
-	0x1c8bc8,
-	0x3275e205,
-	0x2c684,
-	0x5842,
-	0xb8c3,
-	0x14f945,
-	0x47f42,
-	0x340a45,
-	0x7ffc8,
-	0x33f0ac4d,
-	0x3420244a,
-	0xc142,
-	0x5083,
-	0x16934f,
-	0x18b02,
-	0x81d84,
-	0x212c4,
-	0x5842,
+	0x20bec3,
+	0x29a1a043,
+	0x3acb47,
+	0x20f583,
+	0x222043,
+	0x225a04,
+	0x214883,
+	0x24acc3,
+	0x228d8a,
+	0x219085,
+	0x205443,
+	0x249902,
+	0x1c3448,
+	0x29eea54a,
+	0xc01,
+	0x1c3448,
+	0xb642,
+	0x140242,
+	0x2a66530b,
+	0x2aa1c1c4,
+	0x106385,
+	0x1405985,
+	0x103e86,
+	0x2ae05985,
+	0x6a043,
+	0xa7343,
+	0x1bfd04,
+	0x2d03,
+	0x1bee85,
+	0x14f985,
+	0x1c3448,
+	0x26647,
+	0x1a043,
+	0x38d4d,
+	0x2b647207,
+	0xcc6,
+	0x2b953ac5,
+	0x1b7892,
+	0xd87,
+	0x2f38a,
+	0x2cf48,
+	0x2f287,
+	0x170aca,
+	0x1becc8,
+	0x7ac47,
+	0x15ef8f,
+	0x574c7,
+	0x68e06,
+	0x144f90,
+	0x148e0c6,
+	0x5058f,
+	0x1bc09,
+	0x1e4a04,
+	0x2bc00e4e,
+	0x51bc9,
+	0x7e0c6,
+	0xeb09,
+	0x119186,
+	0x9dc6,
+	0xc3acc,
+	0x3e9ca,
+	0xa9e47,
+	0x115f4a,
+	0x1249,
+	0x10514c,
+	0x2b74a,
+	0x5b00a,
+	0x1beec9,
+	0x1e4986,
+	0xa9f0a,
+	0x11edca,
+	0xb6b4a,
+	0x16f909,
+	0xf4dc8,
+	0xf5046,
+	0xfb54d,
+	0x10210c,
+	0x6700b,
+	0xd4905,
+	0x2c38a7cc,
+	0x146087,
+	0x1e3989,
+	0xdea07,
+	0xbe494,
+	0x11a04b,
+	0xd528a,
+	0x1504ca,
+	0xbc64d,
+	0x1524809,
+	0x11da8c,
+	0x11e64b,
+	0x16a157,
+	0x16ac95,
+	0x3983,
+	0x3983,
+	0x38286,
+	0x3983,
+	0x103e88,
+	0x15ee43,
+	0x53544,
+	0x1f184,
+	0x1f18c,
+	0x6a303,
+	0x14b6c07,
+	0xf79cd,
+	0xaa045,
+	0x151e183,
+	0x1536ac8,
+	0x67409,
+	0x1b1749,
+	0x30705,
+	0x1e4acb,
+	0x1c49cb,
+	0x150ed43,
+	0x150ed48,
+	0x152986,
+	0x145a4c7,
+	0xa2a47,
+	0x2d0a7789,
+	0x14746,
+	0xbec3,
+	0x1c3448,
+	0xb642,
+	0x607c4,
+	0x10210c,
+	0x31d03,
+	0x13a505,
+	0x21a043,
+	0x226783,
+	0x20f583,
+	0x214883,
+	0x24acc3,
+	0x205d83,
+	0x21a043,
+	0x226783,
+	0x204703,
+	0x20f583,
+	0x214e43,
+	0x214883,
+	0x24acc3,
+	0x319283,
+	0x200f83,
+	0x205d83,
+	0x265a04,
+	0x21a043,
+	0x226783,
+	0x20f583,
+	0x214883,
+	0x24acc3,
+	0x211b43,
+	0x212f03,
+	0x249902,
+	0x2e8a7885,
+	0x1437143,
+	0x21a043,
+	0x226783,
+	0x226dc3,
+	0x204703,
+	0x20f583,
+	0x25c204,
+	0x20de83,
+	0x2384c3,
+	0x214e43,
+	0x214883,
+	0x24acc3,
+	0x205443,
+	0x2f629e03,
+	0x30609,
+	0xb642,
+	0x3f3903,
+	0x3021a043,
+	0x226783,
+	0x259f43,
+	0x20f583,
+	0x224b03,
+	0x2384c3,
+	0x24acc3,
+	0x205fc3,
+	0x3c80c4,
+	0x1c3448,
+	0x30a1a043,
+	0x226783,
+	0x2c1c83,
+	0x20f583,
+	0x214e43,
+	0x225a04,
+	0x214883,
+	0x24acc3,
+	0x227603,
+	0x1c3448,
+	0x3121a043,
+	0x226783,
+	0x204703,
+	0x10210c,
+	0x208c43,
+	0x24acc3,
+	0x1c3448,
+	0x154be47,
+	0x20bec3,
+	0x21a043,
+	0x226783,
+	0x20f583,
+	0x25c204,
+	0x225a04,
+	0x214883,
+	0x24acc3,
+	0x14f985,
+	0xf5d87,
+	0xbe6cb,
+	0x32241546,
+	0xf5c04,
+	0xd4905,
+	0x1470708,
+	0x2facd,
+	0x1cd6c8,
+	0x32a407c5,
+	0x2af84,
+	0xb642,
+	0x18b43,
+	0x159085,
+	0x445c2,
+	0x35cc45,
+	0x1c3448,
+	0x343341cd,
+	0x3460510a,
+	0x3982,
+	0x20883,
+	0x10210c,
+	0x17290f,
+	0x1b5c2,
+	0x94ec4,
+	0x642c4,
+	0xb642,
 	0x2000c2,
-	0x258843,
-	0x229f43,
-	0x2e9c43,
-	0x258104,
-	0x219c03,
-	0x222d84,
-	0x2127c3,
-	0x21f483,
-	0x202783,
-	0x229f43,
-	0x224d03,
-	0x2127c3,
-	0x21f483,
-	0xef45,
-	0x32e1c8,
-	0x29f804,
-	0x371f86,
-	0x3a9ac6,
-	0x7ffc8,
-	0x3184c3,
-	0x236c09,
-	0x21b795,
-	0x1b79f,
-	0x229f43,
-	0x8bf47,
-	0x398852,
-	0x18ce86,
-	0x18fa45,
-	0x15a4a,
-	0x55b09,
-	0x39860f,
-	0x2ef2c4,
-	0x231b05,
-	0x3dfb90,
-	0x285787,
-	0x20bc03,
-	0x219d08,
-	0x21146,
-	0x28aa0a,
-	0x257fc4,
-	0x3041c3,
-	0x208ec2,
-	0x2ff38b,
-	0x224d03,
-	0x2e9c43,
-	0xbc03,
-	0x18a044,
-	0x229f43,
-	0x224d03,
-	0x2e9c43,
-	0x219c03,
-	0x2127c3,
-	0xbc03,
-	0x21f483,
-	0x309a43,
-	0x205842,
-	0x38fc3,
-	0x1e3084,
-	0x2127c3,
-	0x21f483,
-	0x36426b85,
-	0x1d9806,
-	0x229f43,
-	0x224d03,
-	0x2e9c43,
-	0x219c03,
-	0x21f483,
-	0x229f43,
-	0x224d03,
-	0x2e9c43,
-	0x2280c3,
-	0x2307c3,
-	0x21f483,
-	0x58843,
-	0x205842,
-	0x229f43,
-	0x224d03,
-	0x2127c3,
-	0xbc03,
-	0x21f483,
-	0x1a802,
+	0x20bec3,
+	0x21a043,
+	0x20f583,
+	0x25c204,
+	0x214e43,
+	0x225a04,
+	0x214883,
+	0x24acc3,
+	0x205443,
+	0x21a043,
+	0x226783,
+	0x214883,
+	0x24acc3,
+	0x12c85,
+	0x339e48,
+	0x265a04,
+	0x3d4506,
+	0x3d7c06,
+	0x1c3448,
+	0x320543,
+	0x23ab49,
+	0x318455,
+	0x11845f,
+	0x21a043,
+	0x9ebc7,
+	0x221b92,
+	0x18dc86,
+	0x190485,
+	0x729ca,
+	0x1661c9,
+	0x22194f,
+	0xf5207,
+	0x2eef84,
+	0x225105,
+	0x31aa10,
+	0x284ac7,
+	0x10210c,
+	0x208c43,
+	0x2a1948,
+	0x64146,
+	0x2937ca,
+	0x2311c4,
+	0x30ad83,
+	0x249902,
+	0x30614b,
+	0x1c3203,
+	0x226783,
+	0x20f583,
+	0x197184,
+	0x21a043,
+	0x226783,
+	0x20f583,
+	0x214e43,
+	0x214883,
+	0x24acc3,
+	0x310783,
+	0x20b642,
+	0x3cc83,
+	0x100b04,
+	0x214883,
+	0x24acc3,
+	0x36846ac5,
+	0x1dc686,
+	0x21a043,
+	0x226783,
+	0x20f583,
+	0x214e43,
+	0x24acc3,
+	0x21a043,
+	0x226783,
+	0x20f583,
+	0x222043,
+	0x222383,
+	0x24acc3,
+	0xbec3,
+	0x20b642,
+	0x21a043,
+	0x226783,
+	0x214883,
+	0x24acc3,
+	0x26c02,
 	0x2000c2,
-	0x229f43,
-	0x224d03,
-	0x2e9c43,
-	0x2127c3,
-	0x21f483,
-	0x2cc5,
-	0x63649,
-	0x2043,
-	0x29f804,
-	0x229f43,
-	0x224d03,
-	0x292e44,
-	0x2127c3,
-	0x21f483,
-	0x7ffc8,
-	0x229f43,
-	0x224d03,
-	0x2e9c43,
-	0x2127c3,
-	0x81983,
-	0x21f483,
-	0x12b409,
-	0x45c4,
-	0x229f43,
-	0xd02,
-	0x224d03,
-	0x28c6c3,
-	0x204203,
-	0x219c03,
-	0x2127c3,
-	0xbc03,
-	0x21f483,
-	0xfc2,
-	0x229f43,
-	0x224d03,
-	0x2e9c43,
-	0x3547c4,
-	0x258104,
-	0x2127c3,
-	0x21f483,
-	0x205ec3,
-	0x2b82,
-	0x205842,
-	0x229f43,
-	0x224d03,
-	0x2e9c43,
-	0x2127c3,
-	0x81983,
-	0x21f483,
-	0x15aec3,
-	0x7ffc8,
-	0x229f43,
-	0x224d03,
-	0x2e9c43,
-	0x352e83,
-	0x3e83,
-	0x280c3,
-	0x2127c3,
-	0x81983,
-	0x21f483,
-	0x36146,
-	0x3254ca,
-	0x344509,
-	0x3627cb,
-	0x362f8a,
-	0x36d08a,
-	0x38068b,
-	0x39a90a,
-	0x3a0d8a,
-	0x3a8fca,
-	0x3a924b,
-	0x3c9509,
-	0x3dc94a,
-	0x3dd18b,
-	0x3ea14b,
-	0x3ef7ca,
-	0x35c2,
-	0x229f43,
-	0x224d03,
-	0x28c6c3,
-	0x219c03,
-	0x2127c3,
-	0xbc03,
-	0x21f483,
-	0x344b,
-	0x1217c7,
-	0x6f7c8,
-	0x1ec284,
-	0x1e6644,
-	0x9dac8,
-	0xf3f86,
-	0x56c6,
-	0x11df87,
-	0x120287,
-	0xf0c9,
-	0x7ffc8,
-	0x229f43,
-	0x15a44,
-	0x2762c4,
-	0x202182,
-	0x222d84,
-	0x3734c5,
-	0x2030c3,
-	0x29f804,
-	0x229f43,
-	0x241284,
-	0x224d03,
-	0x25b9c4,
-	0x2ef2c4,
-	0x258104,
-	0x2335c3,
-	0x2127c3,
-	0x21f483,
-	0x28a685,
-	0x2043c3,
-	0x202783,
-	0x21cb03,
-	0x24a3c4,
-	0x325d84,
-	0x22cc85,
-	0x7ffc8,
-	0x20b904,
-	0x3d1606,
-	0x373104,
-	0x205842,
-	0x2efc87,
-	0x253087,
-	0x259344,
-	0x2f4d05,
-	0x37bf05,
-	0x235c45,
-	0x258104,
-	0x26c048,
-	0x260ec6,
-	0x35a148,
-	0x358fc5,
-	0x2f7305,
-	0x277a44,
-	0x21f483,
-	0x305744,
-	0x37f506,
-	0x216f03,
-	0x24a3c4,
-	0x268285,
-	0x34a6c4,
-	0x2affc4,
-	0x208ec2,
-	0x24fd46,
-	0x3bc546,
-	0x313dc5,
+	0x21a043,
+	0x226783,
+	0x20f583,
+	0x214883,
+	0x24acc3,
+	0x5985,
+	0x6a0c9,
+	0x4d03,
+	0x265a04,
+	0x21a043,
+	0x226783,
+	0x230944,
+	0x214883,
+	0x24acc3,
+	0x1c3448,
+	0x21a043,
+	0x226783,
+	0x20f583,
+	0x214883,
+	0x24acc3,
+	0x13bf09,
+	0x11d44,
+	0x21a043,
+	0x101c2,
+	0x226783,
+	0x204703,
+	0x211983,
+	0x214e43,
+	0x214883,
+	0x24acc3,
+	0x19c2,
+	0x21a043,
+	0x226783,
+	0x20f583,
+	0x3b9544,
+	0x25c204,
+	0x214883,
+	0x24acc3,
+	0x200f83,
+	0x2742,
+	0x20b642,
+	0x21a043,
+	0x226783,
+	0x20f583,
+	0x214883,
+	0x24acc3,
+	0x161243,
+	0x1c3448,
+	0x21a043,
+	0x226783,
+	0x20f583,
+	0x37ee83,
+	0xf2c3,
+	0x22043,
+	0x214883,
+	0x24acc3,
+	0x3a086,
+	0x33060a,
+	0x34e149,
+	0x369a8b,
+	0x369eca,
+	0x375dca,
+	0x386bcb,
+	0x39b20a,
+	0x3a280a,
+	0x3a8f8a,
+	0x3a920b,
+	0x3ce989,
+	0x3de04a,
+	0x3de88b,
+	0x3ede8b,
+	0x3f2fca,
+	0x6282,
+	0x21a043,
+	0x226783,
+	0x204703,
+	0x214e43,
+	0x214883,
+	0x24acc3,
+	0x610b,
+	0x12c887,
+	0x73b48,
+	0x1a72c4,
+	0x1e6304,
+	0xa2388,
+	0xf9b06,
+	0xae706,
+	0x23b87,
+	0x12a947,
+	0x3589,
+	0x1c3448,
+	0x21a043,
+	0x727c4,
+	0x278884,
+	0x204e42,
+	0x225a04,
+	0x252f05,
+	0x205d83,
+	0x265a04,
+	0x21a043,
+	0x243544,
+	0x226783,
+	0x2607c4,
+	0x2eef84,
+	0x25c204,
+	0x2384c3,
+	0x214883,
+	0x24acc3,
+	0x2cf905,
+	0x211b43,
+	0x205443,
+	0x236d03,
+	0x223984,
+	0x333344,
+	0x246c85,
+	0x1c3448,
+	0x3ebc44,
+	0x209f46,
+	0x3bf004,
+	0x20b642,
+	0x230b07,
+	0x256387,
+	0x25d444,
+	0x2fa885,
+	0x39b945,
+	0x239805,
+	0x25c204,
+	0x2716c8,
+	0x2680c6,
+	0x32f248,
+	0x2f8245,
+	0x2fc3c5,
+	0x27a004,
+	0x24acc3,
+	0x30b844,
+	0x385bc6,
+	0x219183,
+	0x223984,
+	0x26ed05,
+	0x259804,
+	0x2b7944,
+	0x249902,
+	0x3a1ec6,
+	0x3c1786,
+	0x31be45,
 	0x2000c2,
-	0x258843,
-	0xf4106,
-	0x3ba05842,
-	0x22f904,
-	0x197604,
-	0x68585,
+	0x20bec3,
+	0xf9c86,
+	0x3be0b642,
+	0x220ac4,
+	0x1981c4,
+	0x6f005,
 	0x200382,
-	0x219c03,
-	0x205582,
-	0x2127c3,
+	0x214e43,
+	0x2736c2,
+	0x214883,
 	0x2003c2,
-	0x301946,
-	0x217083,
-	0x1e4bc5,
-	0x205ec3,
-	0x7ffc8,
-	0x7ffc8,
-	0x2e9c43,
-	0x81983,
+	0x308746,
+	0x219303,
+	0x1e4905,
+	0x200f83,
+	0x1c3448,
+	0x1c3448,
+	0x20f583,
+	0x10210c,
 	0x2000c2,
-	0x3c605842,
-	0x2e9c43,
-	0x27ad43,
-	0x3ce883,
-	0x235204,
-	0x2127c3,
-	0x21f483,
-	0x7ffc8,
-	0x3df87,
+	0x3ca0b642,
+	0x20f583,
+	0x27dd43,
+	0x20de83,
+	0x21c1c4,
+	0x214883,
+	0x24acc3,
+	0x1c3448,
+	0xc0847,
 	0x2000c2,
-	0x3ce05842,
-	0x229f43,
-	0x2127c3,
-	0xbc03,
-	0x21f483,
+	0x3d20b642,
+	0x21a043,
+	0x214883,
+	0x24acc3,
 	0x682,
-	0x210702,
-	0x26ca02,
-	0x2280c3,
-	0x2fe343,
+	0x20ea02,
+	0x22ccc2,
+	0x222043,
+	0x305103,
 	0x2000c2,
-	0x145d45,
-	0x7ffc8,
-	0xf1a47,
-	0x205842,
-	0x224d03,
-	0x25b9c4,
-	0x204b03,
-	0x2e9c43,
-	0x204203,
-	0x219c03,
-	0x2127c3,
-	0x21c043,
-	0x21f483,
-	0x216e43,
-	0x5ec3,
-	0x13fe13,
-	0x142054,
-	0x145d45,
-	0xf1a47,
-	0x16249,
-	0x114786,
-	0x12efcb,
-	0x332c6,
-	0x64d47,
-	0x162e06,
+	0x14f985,
+	0x1c3448,
+	0xf5d87,
+	0x20b642,
+	0x226783,
+	0x2607c4,
+	0x207783,
+	0x20f583,
+	0x211983,
+	0x214e43,
+	0x214883,
+	0x21c243,
+	0x24acc3,
+	0x2190c3,
+	0xd2a48,
+	0xf83,
+	0x147593,
+	0x14b954,
+	0x14f985,
+	0xf5d87,
+	0x2f389,
+	0x11c806,
+	0x16f34b,
+	0x38286,
+	0x6bb47,
+	0x1bc006,
 	0x649,
-	0x78e0a,
-	0x9a6cd,
-	0x1b640c,
-	0x1176ca,
-	0x191648,
-	0xcab05,
-	0x16288,
-	0x18a46,
-	0x1d1ac6,
-	0x5b646,
-	0x206cc2,
-	0x71e44,
-	0xfbbc6,
-	0x14e1f4e,
-	0x23c6,
-	0x7804c,
-	0x3e382a4b,
-	0x145d45,
-	0x149a8b,
-	0x3e7b5347,
-	0x3ebb534a,
-	0x3efd4ec4,
-	0x1c3207,
-	0x2a691,
-	0x12130a,
-	0x229f43,
-	0x3f290b08,
-	0x1d5ac5,
-	0x19f508,
-	0x2ba44,
-	0x67585,
-	0xb0d07,
-	0x3f5d14c6,
-	0xe184b,
-	0x3fb84209,
-	0x15345,
-	0x17ac86,
-	0x11c306,
-	0xa160a,
-	0x9e80c,
-	0x1c5983,
-	0x1e6644,
-	0x3ffeba44,
-	0x60209,
-	0x10b707,
-	0x10e60a,
-	0x14e5649,
+	0x16278a,
+	0x9e0cd,
+	0x1dae8c,
+	0x11f74a,
+	0xab348,
+	0x1a4045,
+	0x2f3c8,
+	0x1b506,
+	0x1d9206,
+	0x5f986,
+	0x20a842,
+	0x178884,
+	0xe0146,
+	0x14e754e,
+	0x5086,
+	0x7a60c,
+	0x3e6a760b,
+	0x14f985,
+	0x15278b,
+	0x3eb67b87,
+	0x3ef67b8a,
+	0x3f3d9144,
+	0x88c9,
+	0xfdc8,
+	0x1c75c7,
+	0x2de11,
+	0x130dca,
+	0x21a043,
+	0x3f694308,
+	0x170a45,
+	0x1a0e88,
+	0x36604,
+	0x6e005,
+	0xb8647,
+	0x3f9d6d46,
+	0xe044b,
+	0x3ffc7cc9,
+	0x181c5,
+	0x61586,
+	0x168e86,
+	0xa528a,
+	0xd184c,
+	0x1ca843,
+	0x1e6304,
+	0x403d2484,
+	0x67409,
+	0x113107,
+	0x10070a,
+	0x14ea449,
 	0x605,
-	0x118683,
-	0x4023fcc7,
-	0x8e345,
-	0x1569f86,
-	0x14b89c6,
-	0xbd00c,
-	0x1074c8,
-	0x40448dc3,
-	0x10be44,
-	0x18ef4b,
-	0x2178b,
-	0x40b3f1cc,
-	0x1418303,
-	0xd2cc8,
-	0xce2cb,
-	0xb0bc9,
-	0xd7743,
-	0x11bf88,
-	0x1425d06,
-	0x98307,
-	0x40f5d489,
-	0x422eb088,
-	0xa3b47,
-	0xfc18a,
-	0x42763748,
-	0x11628d,
-	0x1c7e49,
-	0x11448,
-	0x2043,
-	0x1455349,
-	0x212c4,
-	0x14c945,
-	0x2d143,
-	0x332c6,
-	0xf7548,
-	0x1403842,
-	0x18944,
-	0x2b405,
-	0x149c3c3,
-	0x2d907,
-	0x41205483,
-	0x41771a06,
-	0x41a44084,
-	0x41f73a47,
-	0xf7544,
-	0xf7544,
-	0xf7544,
-	0xf7544,
-	0x2cc9,
+	0x120703,
+	0x406420c7,
+	0x9bf05,
+	0x1573546,
+	0x14638c6,
+	0x3f84c,
+	0x10d308,
+	0x40930fc5,
+	0x40c4a243,
+	0x113844,
+	0x1d78b,
+	0x14b0cb,
+	0x4125ac0c,
+	0x142d843,
+	0xd61c8,
+	0x1c49cb,
+	0xb8509,
+	0xd5603,
+	0x124908,
+	0x1428a86,
+	0x9e747,
+	0x41765489,
+	0x42af0c48,
+	0xbaf47,
+	0xdc4ca,
+	0x42f6a688,
+	0x11e30d,
+	0x1cc989,
+	0x112c8,
+	0x4d03,
+	0x1486089,
+	0x642c4,
+	0x187d45,
+	0x47143,
+	0x38286,
+	0x103e88,
+	0x6502,
+	0x1b404,
+	0xaa345,
+	0x1addc4,
+	0x1437dc3,
+	0x24dc7,
+	0x41a24dc3,
+	0x41fb8246,
+	0x42244e04,
+	0x42601b07,
+	0x103e84,
+	0x17ef87,
+	0x103e84,
+	0x17ef87,
+	0x103e84,
+	0x103e84,
+	0x17ef87,
+	0x5989,
 	0x41,
-	0x229f43,
-	0x224d03,
-	0x2e9c43,
-	0x219c03,
-	0x2127c3,
-	0x21f483,
+	0x21a043,
+	0x226783,
+	0x20f583,
+	0x214e43,
+	0x214883,
+	0x24acc3,
 	0x2000c2,
-	0x205842,
-	0x2e9c43,
-	0x203842,
-	0x2127c3,
-	0x21f483,
-	0x217083,
-	0x38e28f,
-	0x38e64e,
-	0x7ffc8,
-	0x229f43,
-	0x50a07,
-	0x224d03,
-	0x2e9c43,
-	0x25e043,
-	0x2127c3,
-	0x21f483,
-	0x2304,
-	0x1604,
-	0xa9c4,
-	0x225543,
-	0x373d07,
-	0x205b42,
-	0x27c049,
-	0x200ac2,
-	0x38fe4b,
-	0x2b038a,
-	0x2e9f09,
+	0x20b642,
+	0x20f583,
+	0x206502,
+	0x214883,
+	0x24acc3,
+	0x219303,
+	0x38ef8f,
+	0x38f34e,
+	0x1c3448,
+	0x21a043,
+	0x52a87,
+	0x226783,
+	0x20f583,
+	0x20bc83,
+	0x214883,
+	0x24acc3,
+	0x4fc4,
+	0x2e44,
+	0xa04,
+	0x203a83,
+	0x203a87,
+	0x203f42,
+	0x27ee89,
+	0x200b02,
+	0x388b4b,
+	0x2b154a,
+	0x2b7d09,
 	0x200542,
-	0x22be06,
-	0x3a0355,
-	0x38ff95,
-	0x25ab13,
-	0x390513,
-	0x20b602,
-	0x20b605,
-	0x20b60c,
-	0x2833cb,
-	0x251605,
-	0x201182,
-	0x30c842,
-	0x36e406,
-	0x200ec2,
-	0x2da306,
-	0x215ccd,
-	0x2ca88c,
-	0x3c8c84,
+	0x2369c6,
+	0x25ed95,
+	0x388c95,
+	0x261ad3,
+	0x389213,
+	0x204302,
+	0x22bb45,
+	0x3ea8cc,
+	0x287c8b,
+	0x269e45,
+	0x2029c2,
+	0x314102,
+	0x377546,
+	0x201d42,
+	0x29ca06,
+	0x36640d,
+	0x3a3dcc,
+	0x3cd784,
 	0x200882,
-	0x204e42,
-	0x26a508,
+	0x214202,
+	0x2932c8,
 	0x200202,
-	0x2016c6,
-	0x3a2fcf,
-	0x2016d0,
-	0x23a404,
-	0x3a0515,
-	0x25ac93,
-	0x21e943,
-	0x3541ca,
-	0x392747,
-	0x397ec9,
-	0x30e4c7,
-	0x327082,
+	0x202f06,
+	0x3a480f,
+	0x202f10,
+	0x2ff204,
+	0x25ef55,
+	0x261c53,
+	0x217143,
+	0x35c78a,
+	0x392b47,
+	0x398a89,
+	0x315cc7,
+	0x21da82,
 	0x200282,
-	0x3ceec6,
+	0x3d2386,
+	0x20b102,
+	0x1c3448,
+	0x211f02,
+	0x202642,
+	0x2121c7,
+	0x398e07,
+	0x398e11,
+	0x225505,
+	0x22550e,
+	0x225fcf,
+	0x203ac2,
+	0x227547,
+	0x227708,
+	0x201002,
+	0x229b02,
+	0x2143c6,
+	0x2143cf,
+	0x27b1d0,
+	0x236f02,
+	0x203d82,
+	0x230c48,
+	0x203d83,
+	0x29b148,
+	0x247d4d,
+	0x2063c3,
+	0x3d7a48,
+	0x26c00f,
+	0x26c3ce,
+	0x35018a,
+	0x2f4111,
+	0x2f4590,
+	0x3b0b8d,
+	0x3b0ecc,
+	0x3f3787,
+	0x35c907,
+	0x3d45c9,
+	0x216f42,
+	0x205202,
+	0x26d8cc,
+	0x26dbcb,
 	0x2045c2,
-	0x7ffc8,
-	0x20a182,
-	0x202a02,
-	0x211907,
-	0x398247,
-	0x398251,
-	0x2223c5,
-	0x2223ce,
-	0x22284f,
-	0x2037c2,
-	0x30ef87,
-	0x225588,
-	0x205f42,
-	0x2272c2,
-	0x212306,
-	0x21230f,
-	0x242910,
-	0x232382,
-	0x203702,
-	0x2efdc8,
-	0x207243,
-	0x297948,
-	0x2bbfcd,
-	0x203703,
-	0x3d3bc8,
-	0x293e0f,
-	0x2941ce,
-	0x3e198a,
-	0x2ee1d1,
-	0x2ee650,
-	0x22320d,
-	0x22354c,
-	0x3c5a07,
-	0x354347,
-	0x372049,
-	0x21e742,
-	0x202542,
-	0x266e4c,
-	0x26714b,
-	0x202102,
-	0x2db7c6,
-	0x212fc2,
+	0x2dfc86,
+	0x212f82,
 	0x200482,
-	0x2b90c2,
-	0x205842,
-	0x235644,
-	0x2456c7,
-	0x20f1c2,
-	0x24adc7,
-	0x24d147,
-	0x213682,
-	0x215582,
-	0x2508c5,
-	0x201bc2,
-	0x2dbd4e,
-	0x2138cd,
-	0x224d03,
-	0x3b494e,
-	0x2cda8d,
-	0x332183,
-	0x200d42,
-	0x2958c4,
-	0x29e2c2,
-	0x220f42,
-	0x3ac685,
-	0x3b0dc7,
-	0x254482,
-	0x218b02,
-	0x25b147,
-	0x260588,
-	0x262642,
-	0x27b6c6,
-	0x266ccc,
-	0x26700b,
-	0x202e42,
-	0x27274f,
-	0x272b10,
-	0x272f0f,
-	0x2732d5,
-	0x273814,
-	0x273d0e,
-	0x27408e,
-	0x27440f,
-	0x2747ce,
-	0x274b54,
-	0x275053,
-	0x27550d,
-	0x289509,
-	0x29be83,
-	0x2038c2,
-	0x35ed05,
-	0x204b06,
+	0x36e3c2,
+	0x20b642,
+	0x239244,
+	0x246887,
+	0x203682,
+	0x24d507,
+	0x24f347,
+	0x215942,
+	0x218402,
+	0x252945,
+	0x203402,
+	0x2d0bce,
+	0x215b8d,
+	0x226783,
+	0x25880e,
+	0x231e8d,
+	0x34cc83,
+	0x2017c2,
+	0x2990c4,
+	0x211542,
+	0x22e042,
+	0x3add05,
+	0x3b3c47,
+	0x257682,
+	0x21b5c2,
+	0x25f487,
+	0x267788,
+	0x2698c2,
+	0x28e646,
+	0x26d74c,
+	0x26da8b,
+	0x205b02,
+	0x274b0f,
+	0x274ed0,
+	0x2752cf,
+	0x275695,
+	0x275bd4,
+	0x2760ce,
+	0x27644e,
+	0x2767cf,
+	0x276b8e,
+	0x276f14,
+	0x277413,
+	0x2778cd,
+	0x28ce09,
+	0x2a0083,
+	0x206582,
+	0x364805,
+	0x207786,
 	0x200382,
-	0x36dc47,
-	0x2e9c43,
+	0x2e4f47,
+	0x20f583,
 	0x200642,
-	0x3e7088,
-	0x2ee411,
-	0x2ee850,
-	0x208102,
-	0x29b207,
-	0x203382,
-	0x262807,
-	0x208042,
-	0x335309,
-	0x36e3c7,
-	0x28c948,
-	0x3d1306,
-	0x2fe243,
-	0x39d7c5,
-	0x22b342,
+	0x38bcc8,
+	0x2f4351,
+	0x2f4790,
+	0x204182,
+	0x29f347,
+	0x2040c2,
+	0x271107,
+	0x20af02,
+	0x254e89,
+	0x377507,
+	0x29f808,
+	0x3d6b86,
+	0x305003,
+	0x39e645,
+	0x20b602,
 	0x2004c2,
-	0x208a85,
-	0x367d45,
-	0x204442,
-	0x25c083,
-	0x349e07,
-	0x3d1887,
-	0x202d02,
-	0x39a304,
-	0x20d003,
-	0x3d1d49,
-	0x3db288,
-	0x20b982,
-	0x20fd02,
-	0x243e47,
-	0x2f04c5,
-	0x237e48,
-	0x350847,
-	0x20e983,
-	0x2fba46,
-	0x22308d,
-	0x22340c,
-	0x39f706,
-	0x203782,
-	0x202c82,
-	0x2026c2,
-	0x293c8f,
-	0x29408e,
-	0x37bf87,
-	0x205c02,
-	0x219c05,
-	0x219c06,
-	0x21dfc2,
-	0x20dec2,
-	0x29cb06,
-	0x210043,
-	0x347146,
-	0x2e34c5,
-	0x2e34cd,
-	0x2e3a55,
-	0x2e4b0c,
-	0x2e4e8d,
-	0x2e51d2,
-	0x20f782,
-	0x27eec2,
-	0x204342,
-	0x217506,
-	0x204346,
-	0x43a8bec4,
-	0x201242,
-	0x204b86,
-	0x214542,
-	0x3d8045,
-	0x202a42,
-	0x2139c9,
-	0x23388c,
-	0x233bcb,
+	0x34cb85,
+	0x370845,
+	0x209a42,
+	0x237743,
+	0x352b07,
+	0x3d9487,
+	0x203c82,
+	0x39ac04,
+	0x20a243,
+	0x3f3b89,
+	0x20a248,
+	0x212a82,
+	0x20fe02,
+	0x22e807,
+	0x3584c5,
+	0x285788,
+	0x286547,
+	0x20ddc3,
+	0x2dffc6,
+	0x3b0a0d,
+	0x3b0d8c,
+	0x3a1086,
+	0x206442,
+	0x205942,
+	0x200ec2,
+	0x26be8f,
+	0x26c28e,
+	0x39b9c7,
+	0x2024c2,
+	0x214e45,
+	0x214e46,
+	0x22ab02,
+	0x201942,
+	0x2a0d06,
+	0x24fb03,
+	0x3d1206,
+	0x2e8b05,
+	0x2e8b0d,
+	0x2e9095,
+	0x2e990c,
+	0x2e9c8d,
+	0x2e9fd2,
+	0x20d3c2,
+	0x282182,
+	0x10210c,
+	0x202202,
+	0x379cc6,
+	0x211ac6,
+	0x4429eb44,
+	0x2025c2,
+	0x207806,
+	0x217a02,
+	0x254405,
+	0x203cc2,
+	0x215c89,
+	0x2161cc,
+	0x21650b,
 	0x2003c2,
-	0x261708,
-	0x20df02,
-	0x200a82,
-	0x283186,
-	0x261c45,
-	0x393507,
-	0x3a81c5,
-	0x26d105,
-	0x2020c2,
-	0x216342,
-	0x20f102,
-	0x2a10c7,
-	0x301a0d,
-	0x301d8c,
-	0x24efc7,
-	0x22e6c2,
-	0x215502,
-	0x3cf0c8,
-	0x34a8c8,
-	0x34d908,
-	0x3c0384,
-	0x2dc887,
-	0x2ff703,
-	0x253ac2,
-	0x2043c2,
-	0x302609,
-	0x2336c7,
-	0x202782,
-	0x2837c5,
-	0x285042,
-	0x20e0c2,
-	0x3095c3,
-	0x3095c6,
-	0x309742,
-	0x30bd02,
+	0x268908,
+	0x201982,
+	0x207002,
+	0x287a46,
+	0x2885c5,
+	0x394447,
+	0x358845,
+	0x27a8c5,
+	0x204d82,
+	0x22f482,
+	0x2035c2,
+	0x2b1f87,
+	0x30880d,
+	0x308b8c,
+	0x2517c7,
+	0x28e5c2,
+	0x216402,
+	0x379688,
+	0x259a08,
+	0x327448,
+	0x3c4404,
+	0x2e1e87,
+	0x3064c3,
+	0x209ec2,
+	0x211b42,
+	0x309589,
+	0x317c07,
+	0x205442,
+	0x288085,
+	0x221e42,
+	0x223c42,
+	0x30f203,
+	0x30f206,
+	0x310482,
+	0x313702,
 	0x200402,
-	0x3bd706,
-	0x34ed07,
-	0x21e202,
+	0x234586,
+	0x357f07,
+	0x21d602,
 	0x200902,
-	0x29778f,
-	0x3b478d,
-	0x38c84e,
-	0x2cd90c,
-	0x20a602,
-	0x203342,
-	0x3d1145,
-	0x323f46,
-	0x202682,
-	0x206902,
+	0x29af8f,
+	0x25864d,
+	0x2db38e,
+	0x231d0c,
+	0x20c802,
+	0x2026c2,
+	0x3d69c5,
+	0x32eb06,
+	0x201d82,
+	0x209982,
 	0x200682,
-	0x2cdc04,
-	0x2bbe44,
-	0x358906,
-	0x201782,
-	0x28e207,
-	0x248883,
-	0x248888,
-	0x2496c8,
-	0x256887,
-	0x3ab886,
-	0x205f82,
-	0x212f43,
-	0x212f47,
-	0x282d06,
-	0x2d8485,
-	0x285348,
-	0x204942,
-	0x38a4c7,
-	0x207802,
-	0x29ec82,
-	0x203682,
-	0x201889,
-	0x2088c2,
-	0x14cc8,
-	0x200e02,
-	0x2aa083,
-	0x200e87,
-	0x202602,
-	0x233a0c,
-	0x233d0b,
-	0x39f786,
-	0x20e385,
-	0x43e27303,
-	0x201c82,
-	0x200fc2,
-	0x2d5146,
-	0x243783,
-	0x354547,
-	0x26d0c2,
+	0x232004,
+	0x354204,
+	0x360a46,
+	0x202fc2,
+	0x29bdc7,
+	0x234683,
+	0x249088,
+	0x249a48,
+	0x250e47,
+	0x38e646,
+	0x201a82,
+	0x232603,
+	0x232607,
+	0x2875c6,
+	0x2d6385,
+	0x257ec8,
+	0x2075c2,
+	0x2fc8c7,
+	0x230802,
+	0x2a7382,
+	0x206342,
+	0x2030c9,
+	0x209202,
+	0x111908,
+	0x201682,
+	0x2b0b43,
+	0x336e87,
+	0x201b02,
+	0x21634c,
+	0x21664b,
+	0x3a1106,
+	0x30f905,
+	0x4462b803,
+	0x2021c2,
+	0x2019c2,
+	0x2d7cc6,
+	0x234b83,
+	0x3b92c7,
+	0x20ea42,
 	0x2008c2,
-	0x3a01d5,
-	0x390155,
-	0x25a9d3,
-	0x390693,
-	0x277487,
-	0x287591,
-	0x288f50,
-	0x296b12,
-	0x299e51,
-	0x2ac948,
-	0x3b9dd0,
-	0x2ac94f,
-	0x2b0153,
-	0x37b092,
-	0x39b750,
-	0x2c2acf,
-	0x2c6152,
-	0x2c7851,
-	0x2c8dd3,
-	0x2ccf12,
-	0x2d498f,
-	0x2e314e,
-	0x2e4692,
-	0x2e9d11,
-	0x2ea3cf,
-	0x2ed08e,
-	0x2ed891,
-	0x2f2810,
-	0x2f3b12,
-	0x2f6c51,
-	0x2fda90,
-	0x3064cf,
-	0x307691,
-	0x309ad0,
-	0x30c9c6,
-	0x30d987,
-	0x311047,
-	0x205dc2,
-	0x292805,
-	0x3dec07,
-	0x26ca02,
-	0x202d82,
-	0x3cbe45,
-	0x20a503,
-	0x2718c6,
-	0x301bcd,
-	0x301f0c,
-	0x204c02,
-	0x20b48b,
-	0x28328a,
-	0x286d8a,
-	0x227549,
-	0x2d3d0b,
-	0x300ccd,
-	0x35098c,
-	0x312e0a,
-	0x36ee0c,
-	0x3d4f8b,
-	0x25144c,
-	0x2813ce,
-	0x28818b,
-	0x2a724c,
-	0x2ecd03,
-	0x352f06,
-	0x363742,
-	0x308602,
-	0x25f183,
-	0x208602,
-	0x23fa43,
-	0x2d6ec6,
-	0x273487,
-	0x2d9706,
-	0x3aefc8,
-	0x349c88,
-	0x321a86,
-	0x212182,
-	0x31378d,
-	0x313acc,
-	0x221947,
-	0x317507,
-	0x228282,
-	0x21f182,
-	0x212ec2,
-	0x28f8c2,
-	0x337216,
-	0x33c315,
-	0x33f8d6,
-	0x3435d3,
-	0x343c92,
-	0x356513,
-	0x3573d2,
-	0x3bb24f,
-	0x3caad8,
-	0x3ce957,
-	0x3cfb99,
-	0x3d3318,
-	0x3d3dd8,
-	0x3d4957,
-	0x3d8357,
-	0x3d91d6,
-	0x3df613,
-	0x3dff95,
-	0x3e0952,
-	0x3e0dd3,
-	0x1e702,
-	0x4420f0c4,
-	0x447c8bc8,
-	0x2cc5,
-	0x205842,
-	0x2127c3,
-	0x47f42,
-	0x21f483,
-	0x229f43,
-	0x224d03,
-	0x2e9c43,
-	0x219c03,
-	0x222d84,
-	0x2127c3,
-	0x21f483,
-	0x217083,
+	0x25ec15,
+	0x388e55,
+	0x261993,
+	0x389393,
+	0x279a47,
+	0x28b891,
+	0x295090,
+	0x29a312,
+	0x29d851,
+	0x2a1cc8,
+	0x2a1cd0,
+	0x2a5d0f,
+	0x2b1313,
+	0x2b7ad2,
+	0x2c3490,
+	0x376b8f,
+	0x39c552,
+	0x2c83d1,
+	0x2cb893,
+	0x2ce352,
+	0x2e874f,
+	0x2eb08e,
+	0x2efed2,
+	0x2f2f91,
+	0x2f384f,
+	0x2f6dce,
+	0x2f96d1,
+	0x2fbd50,
+	0x3047d2,
+	0x307e91,
+	0x30ca90,
+	0x30d4cf,
+	0x310811,
+	0x314290,
+	0x314d46,
+	0x327a47,
+	0x2284c7,
+	0x2027c2,
+	0x296485,
+	0x3e0bc7,
+	0x22ccc2,
+	0x205a42,
+	0x3d0f05,
+	0x20c703,
+	0x378306,
+	0x3089cd,
+	0x308d0c,
+	0x207882,
+	0x3ea74b,
+	0x287b4a,
+	0x28a70a,
+	0x22ba49,
+	0x2d6e8b,
+	0x30798d,
+	0x28668c,
+	0x31ae8a,
+	0x25018c,
+	0x25360b,
+	0x269c8c,
+	0x28414e,
+	0x28c48b,
+	0x2acb0c,
+	0x2ccf43,
+	0x37ef06,
+	0x36a682,
+	0x227e42,
+	0x26fd83,
+	0x201102,
+	0x220983,
+	0x2da0c6,
+	0x275847,
+	0x2dd0c6,
+	0x3b2208,
+	0x352988,
+	0x32cb46,
+	0x20b382,
+	0x31b80d,
+	0x31bb4c,
+	0x34b287,
+	0x31f587,
+	0x226402,
+	0x2216c2,
+	0x209142,
+	0x292602,
+	0x33f716,
+	0x344395,
+	0x347056,
+	0x34d093,
+	0x34d752,
+	0x35e9d3,
+	0x35f512,
+	0x3c048f,
+	0x3cfb98,
+	0x3d1e17,
+	0x3d5419,
+	0x3d7198,
+	0x3d8058,
+	0x3d8bd7,
+	0x3d9d97,
+	0x3dc056,
+	0x3e0713,
+	0x3e0d95,
+	0x3e17d2,
+	0x3e1c53,
+	0x16f02,
+	0x44a03584,
+	0x44fcd6c8,
+	0x5985,
+	0x20b642,
+	0x214883,
+	0x445c2,
+	0x24acc3,
+	0x21a043,
+	0x226783,
+	0x20f583,
+	0x214e43,
+	0x225a04,
+	0x214883,
+	0x24acc3,
+	0x219303,
 	0x2000c2,
-	0x202ac2,
-	0x456a2d45,
-	0x45a3d685,
-	0x45f6f186,
-	0x7ffc8,
-	0x462c9445,
-	0x205842,
-	0x201902,
-	0x46730c85,
-	0x46a91485,
-	0x46e91f07,
-	0x47358c49,
-	0x4761d684,
+	0x204502,
+	0x45ea6b05,
+	0x462a6305,
+	0x46653946,
+	0x1c3448,
+	0x46ace985,
+	0x20b642,
+	0x203142,
+	0x46f25e05,
+	0x47294c85,
+	0x47695b87,
+	0x47af7ec9,
+	0x47fbb404,
 	0x200382,
 	0x200642,
-	0x47a5c245,
-	0x47ea2689,
-	0x4836cc48,
-	0x486c19c5,
-	0x48b51107,
-	0x48e1b008,
-	0x4930d585,
-	0x49623f46,
-	0x49a531c9,
-	0x49f7fbc8,
-	0x4a2db448,
-	0x4a6aa18a,
-	0x4aa39104,
-	0x4ae9cdc5,
-	0x4b2b4708,
-	0x4b654b45,
-	0x21c142,
-	0x4ba089c3,
-	0x4beb4ec6,
-	0x4c328ec8,
-	0x4c746546,
-	0x4cb4ee48,
-	0x4cfb6006,
-	0x4d3854c4,
-	0x4d6048c2,
-	0x4dee9287,
-	0x4e2bcd44,
-	0x4e68d7c7,
-	0x4ebe8dc7,
+	0x4826ab45,
+	0x486a6449,
+	0x48baaf08,
+	0x48ec7645,
+	0x49359c47,
+	0x4961e1c8,
+	0x49b14945,
+	0x49eb0206,
+	0x4a2564c9,
+	0x4a78d7c8,
+	0x4aade488,
+	0x4aeb0c4a,
+	0x4b23cdc4,
+	0x4b6bd045,
+	0x4bab9cc8,
+	0x4be59605,
+	0x21f082,
+	0x4c2024c3,
+	0x4c6bbc86,
+	0x4ca4c1c8,
+	0x4ceffb06,
+	0x4d358048,
+	0x4d7a9686,
+	0x4da43e44,
+	0x4de01f42,
+	0x4e6ee3c7,
+	0x4eac2644,
+	0x4ee909c7,
+	0x4f3e8187,
 	0x2003c2,
-	0x4eead945,
-	0x4f2854c4,
-	0x4f7839c7,
-	0x4fa48087,
-	0x4fe95706,
-	0x50218085,
-	0x506a8b87,
-	0x50ae8c88,
-	0x50eb8c07,
-	0x512bebc9,
-	0x516e9a45,
-	0x51b0fc07,
-	0x51ea2386,
-	0x2c68b,
-	0x5236fc88,
-	0x2289cd,
-	0x284949,
-	0x2a290b,
-	0x2b0e8b,
-	0x2b94cb,
-	0x37880b,
-	0x32414b,
-	0x32440b,
-	0x3248c9,
-	0x32574b,
-	0x325a0b,
-	0x32680b,
-	0x32740a,
-	0x32794a,
-	0x327f4c,
-	0x32c2cb,
-	0x32c80a,
-	0x34144a,
-	0x34bf0e,
-	0x34cf0e,
-	0x34d28a,
-	0x34f70a,
-	0x35164b,
-	0x35190b,
-	0x35240b,
-	0x3767cb,
-	0x376dca,
-	0x377a8b,
-	0x377d4a,
-	0x377fca,
-	0x37824a,
-	0x39b34b,
-	0x3a228b,
-	0x3a548e,
-	0x3a580b,
-	0x3acbcb,
-	0x3add0b,
-	0x3b1a8a,
-	0x3b1d09,
-	0x3b1f4a,
-	0x3b3e8a,
-	0x3ca4cb,
-	0x3dd44b,
-	0x3de4ca,
-	0x3df04b,
-	0x3e694b,
-	0x3ef20b,
-	0x52693288,
-	0x52a99789,
-	0x52eb0a49,
-	0x532f7d08,
-	0x358685,
-	0x20c003,
-	0x260a44,
-	0x34f285,
+	0x4f6b54c5,
+	0x4fa84804,
+	0x4ffb69c7,
+	0x50247947,
+	0x50698f06,
+	0x50a1a705,
+	0x50eaf707,
+	0x513ce308,
+	0x51663b07,
+	0x51ac4449,
+	0x51eeed85,
+	0x52316ec7,
+	0x526a6146,
+	0x2af8b,
+	0x52a33c88,
+	0x22ec0d,
+	0x261089,
+	0x28970b,
+	0x2a66cb,
+	0x2bf2cb,
+	0x2cd90b,
+	0x32ed0b,
+	0x32efcb,
+	0x32f9c9,
+	0x33088b,
+	0x330b4b,
+	0x33110b,
+	0x33244a,
+	0x33298a,
+	0x332f8c,
+	0x337e8b,
+	0x33848a,
+	0x34ac0a,
+	0x354ace,
+	0x35570e,
+	0x355a8a,
+	0x358e4a,
+	0x35a38b,
+	0x35a64b,
+	0x35b14b,
+	0x37ca4b,
+	0x37d04a,
+	0x37dd0b,
+	0x37dfca,
+	0x37e24a,
+	0x37e4ca,
+	0x39c14b,
+	0x3a360b,
+	0x3a678e,
+	0x3a6b0b,
+	0x3aeb4b,
+	0x3b034b,
+	0x3b490a,
+	0x3b4b89,
+	0x3b4dca,
+	0x3b66ca,
+	0x3cf58b,
+	0x3deb4b,
+	0x3df64a,
+	0x3e014b,
+	0x3e660b,
+	0x3f2a0b,
+	0x52e96f08,
+	0x5329d189,
+	0x536b8389,
+	0x53afcdc8,
+	0x3607c5,
+	0x203ec3,
+	0x267c44,
+	0x397685,
+	0x3bb146,
+	0x3574c5,
+	0x29c844,
+	0x2e4e48,
+	0x328f45,
+	0x2a88c4,
+	0x206a87,
+	0x2b74ca,
+	0x325b4a,
+	0x39bac7,
+	0x23f147,
+	0x2f7287,
+	0x26acc7,
+	0x3bfb05,
+	0x3bbd86,
+	0x249647,
+	0x2606c4,
+	0x2d2d86,
+	0x302a46,
+	0x3cb6c5,
+	0x37b304,
+	0x2b5106,
+	0x2b6407,
+	0x22ef06,
+	0x320307,
+	0x242d03,
+	0x3cb3c6,
+	0x230e85,
+	0x295c87,
+	0x27e84a,
+	0x362244,
+	0x21b988,
+	0x2c3d89,
+	0x381307,
+	0x356306,
+	0x28d588,
+	0x3e8509,
+	0x3622c4,
+	0x287144,
+	0x2d01c5,
+	0x225908,
+	0x2e7187,
+	0x3138c9,
+	0x23de88,
+	0x321f06,
+	0x240646,
+	0x2b1a08,
+	0x37bb06,
+	0x2a6305,
+	0x298fc6,
+	0x290d88,
+	0x297a46,
+	0x26cc0b,
+	0x2a2e06,
+	0x2b3f8d,
+	0x209805,
+	0x2c2506,
+	0x21e285,
+	0x2d0389,
+	0x32a287,
+	0x214cc8,
+	0x2c2ac6,
+	0x2b2549,
+	0x3a3886,
+	0x27e7c5,
+	0x21e4c6,
+	0x2e4146,
+	0x2eb409,
+	0x2d4e06,
+	0x214f47,
+	0x2ac7c5,
+	0x204343,
+	0x264a45,
+	0x2d2bc7,
+	0x3db5c6,
+	0x209709,
+	0x253946,
+	0x299206,
+	0x24db09,
+	0x2989c9,
+	0x2ba547,
+	0x36b208,
+	0x2a4649,
+	0x296108,
+	0x2e5606,
+	0x2f4b85,
+	0x28f48a,
+	0x299286,
+	0x3d0646,
+	0x2ee305,
+	0x266b88,
+	0x3af747,
+	0x23c48a,
+	0x262186,
+	0x328245,
+	0x313fc6,
+	0x2a71c7,
+	0x3561c7,
+	0x2aec85,
+	0x27e985,
+	0x27b046,
+	0x27bd86,
+	0x285d86,
+	0x245f84,
+	0x297389,
+	0x29f106,
+	0x2ed9ca,
+	0x21f648,
+	0x316bc8,
+	0x325b4a,
+	0x24c385,
+	0x2b6345,
+	0x2093c8,
+	0x32c608,
+	0x24e687,
+	0x2dd546,
+	0x342288,
+	0x220247,
+	0x296808,
+	0x2d3dc6,
+	0x299c88,
+	0x2ad906,
+	0x2f83c7,
+	0x317e46,
+	0x2b5106,
+	0x234eca,
+	0x2392c6,
+	0x2f4b89,
+	0x371946,
+	0x21230a,
+	0x243e49,
+	0x3091c6,
+	0x2d5a44,
+	0x3648cd,
+	0x294ac7,
+	0x20b986,
+	0x2de345,
+	0x3a3905,
+	0x39dc06,
+	0x383609,
+	0x39fe87,
+	0x291786,
+	0x376546,
+	0x27d809,
+	0x360d04,
+	0x3092c4,
+	0x3ec208,
+	0x38fb86,
+	0x2ac248,
+	0x2f20c8,
+	0x288a47,
+	0x2ff509,
+	0x3d5d07,
+	0x2ce84a,
+	0x30a04f,
+	0x24eaca,
+	0x3d67c5,
+	0x290fc5,
+	0x214c85,
+	0x2ff147,
+	0x292403,
+	0x36b408,
+	0x23a546,
+	0x23a649,
+	0x359646,
+	0x22a647,
+	0x2b2309,
+	0x214bc8,
+	0x2d0547,
+	0x32cfc3,
+	0x360845,
+	0x2a6d05,
+	0x245dcb,
+	0x2596c4,
+	0x381204,
+	0x28ec46,
+	0x32d187,
+	0x39e18a,
+	0x25d687,
+	0x2318c7,
+	0x294c85,
+	0x3dc5c5,
+	0x391749,
+	0x2b5106,
+	0x25d50d,
+	0x300285,
+	0x2d1d83,
+	0x208e03,
+	0x220b45,
+	0x342b85,
+	0x28d588,
+	0x291f47,
+	0x24b286,
+	0x2b8006,
+	0x235205,
+	0x241387,
+	0x3d30c7,
+	0x267f87,
+	0x2bd0ca,
+	0x3cb488,
+	0x245f84,
+	0x2977c7,
+	0x293e47,
+	0x367346,
+	0x2acf87,
+	0x36da88,
+	0x362948,
+	0x29c146,
+	0x23f388,
+	0x2d4e84,
+	0x249646,
+	0x28d846,
+	0x302c46,
+	0x349986,
+	0x2198c4,
+	0x26ad86,
+	0x2dd246,
+	0x2b1146,
+	0x234ec6,
+	0x208cc6,
+	0x2fe846,
+	0x24b188,
+	0x2cfec8,
+	0x2f16c8,
+	0x3576c8,
+	0x209346,
+	0x20f0c5,
+	0x264a06,
+	0x2c76c5,
+	0x338e87,
+	0x23df45,
+	0x2180c3,
+	0x312185,
+	0x320d44,
+	0x208e05,
+	0x201983,
+	0x35b707,
+	0x2e5188,
+	0x3203c6,
+	0x2c57cd,
+	0x290f86,
+	0x2b06c5,
+	0x2030c3,
+	0x2d9949,
+	0x360e86,
+	0x2afcc6,
+	0x21e5c4,
+	0x24ea47,
+	0x3db7c6,
+	0x328485,
+	0x258dc3,
+	0x20e744,
+	0x294006,
+	0x3bbe84,
+	0x3c7808,
+	0x3da549,
+	0x29c609,
+	0x2b960a,
+	0x25588d,
+	0x38c147,
+	0x39b606,
+	0x22f4c4,
+	0x2f7ec9,
+	0x29b548,
+	0x29d006,
+	0x2476c6,
+	0x2acf87,
+	0x2f7746,
+	0x222986,
+	0x371346,
+	0x3e820a,
+	0x21e1c8,
+	0x237505,
+	0x371149,
+	0x3e8f0a,
+	0x398548,
+	0x2b5d08,
+	0x2afc48,
+	0x3034cc,
+	0x331385,
+	0x2b8288,
+	0x2d4046,
+	0x375c46,
+	0x2e5a47,
+	0x25d585,
+	0x299145,
+	0x29c4c9,
+	0x20f447,
+	0x23a605,
+	0x229507,
+	0x208e03,
+	0x2e7b45,
+	0x229bc8,
+	0x2ee7c7,
+	0x2b5bc9,
+	0x3e4245,
+	0x303bc4,
+	0x322fc8,
+	0x248007,
+	0x2d0708,
+	0x257148,
+	0x39f5c5,
+	0x279386,
+	0x2b8106,
+	0x23ef49,
+	0x28d947,
+	0x2c7c06,
+	0x3cbe87,
+	0x20bd43,
+	0x3bb404,
+	0x36b845,
+	0x2414c4,
+	0x24e2c4,
+	0x298447,
+	0x27d6c7,
+	0x291944,
+	0x2b5a10,
+	0x325f87,
+	0x3dc5c5,
+	0x20d0cc,
+	0x256f04,
+	0x2c4c48,
+	0x2f82c9,
+	0x2cb606,
+	0x324a48,
+	0x264984,
+	0x28ef48,
+	0x234386,
+	0x234d48,
+	0x2b69c6,
+	0x2cf24b,
+	0x3c3845,
+	0x36b6c8,
+	0x21b184,
+	0x3da98a,
+	0x2b5bc9,
+	0x268b86,
+	0x3b0888,
+	0x29ed45,
+	0x2d8f44,
+	0x2c4b46,
+	0x267e48,
+	0x296f08,
+	0x33d7c6,
+	0x37b484,
+	0x28f406,
+	0x3d5d87,
+	0x2908c7,
+	0x2acf8f,
+	0x34fcc7,
+	0x39f007,
+	0x375b05,
+	0x336705,
+	0x2ba209,
+	0x2ed686,
+	0x295dc5,
+	0x298cc7,
+	0x2eac88,
+	0x245c05,
+	0x317e46,
+	0x21f488,
+	0x2ffb0a,
+	0x20bfc8,
+	0x2a0a87,
+	0x30a486,
+	0x371106,
+	0x2003c3,
+	0x21c543,
+	0x3e90c9,
+	0x2a44c9,
+	0x2c4346,
+	0x3e4245,
+	0x303348,
+	0x3b0888,
+	0x2b4d48,
+	0x3713cb,
+	0x2c5a07,
+	0x326909,
+	0x2ad208,
+	0x2402c4,
+	0x3d2a08,
+	0x2a4189,
+	0x2c7f05,
+	0x2632c7,
+	0x3bb485,
+	0x296e08,
+	0x2a698b,
+	0x2af450,
+	0x2c2145,
+	0x21b0cc,
+	0x24b445,
+	0x294d03,
+	0x2d78c6,
+	0x2dc744,
+	0x29ce86,
+	0x2b6407,
+	0x209344,
+	0x3c4c48,
+	0x36b2cd,
+	0x3b0745,
+	0x255d84,
+	0x364644,
+	0x39ed49,
+	0x2af188,
+	0x33ab87,
+	0x234408,
+	0x297448,
+	0x291a85,
+	0x3e9407,
+	0x291a07,
+	0x23a907,
+	0x27e989,
+	0x33bb89,
+	0x264346,
+	0x3b10c6,
+	0x298d86,
+	0x32e605,
+	0x3cb204,
+	0x3d8606,
+	0x3da306,
+	0x291ac8,
+	0x2a6e8b,
+	0x362107,
+	0x22f4c4,
+	0x3db706,
+	0x3f3e07,
+	0x2fe445,
+	0x300645,
+	0x28de04,
+	0x33bb06,
+	0x3d8688,
+	0x2f7ec9,
+	0x257906,
+	0x29b348,
+	0x328546,
+	0x36c748,
+	0x2df20c,
+	0x291946,
+	0x2b038d,
+	0x2b080b,
+	0x215005,
+	0x3d3207,
+	0x2d4f06,
+	0x356088,
+	0x2643c9,
+	0x2c5d08,
+	0x3dc5c5,
+	0x2adb87,
+	0x296208,
+	0x3b85c9,
 	0x21d3c6,
-	0x223cc5,
-	0x299004,
-	0x36db48,
-	0x31e445,
-	0x2a46c4,
-	0x3d5f87,
-	0x2afb4a,
-	0x384c8a,
-	0x37c087,
-	0x329087,
-	0x2f2d47,
-	0x25c3c7,
-	0x207505,
-	0x224346,
-	0x37bb87,
-	0x3ce084,
-	0x2ced86,
-	0x3048c6,
-	0x3cf605,
-	0x3324c4,
-	0x2ad586,
-	0x2aed87,
-	0x2301c6,
-	0x318287,
-	0x240903,
-	0x3c6c46,
-	0x220b05,
-	0x292007,
-	0x27ba0a,
-	0x310484,
-	0x21a988,
-	0x2be509,
-	0x3c0a07,
-	0x3c9f86,
-	0x26c248,
-	0x3e9149,
-	0x310504,
-	0x282884,
-	0x304b45,
-	0x222c88,
-	0x2e1b87,
-	0x30bec9,
-	0x2f0e88,
-	0x319806,
-	0x328986,
-	0x2aadc8,
-	0x375846,
-	0x23d685,
-	0x2957c6,
-	0x28db88,
+	0x25780a,
+	0x355e08,
+	0x2c5b4b,
+	0x3a044c,
+	0x28f048,
+	0x292c06,
+	0x348c48,
+	0x2ff787,
+	0x3581c9,
+	0x2a634d,
+	0x2b5006,
+	0x2d0048,
+	0x2cfd89,
+	0x2da988,
+	0x299d88,
+	0x2ddc4c,
+	0x2df647,
+	0x2e0bc7,
+	0x27e7c5,
+	0x2b9f47,
+	0x2eab48,
+	0x2c4bc6,
+	0x26990c,
+	0x30c788,
+	0x2ecb08,
+	0x357986,
+	0x333f87,
+	0x264544,
+	0x3576c8,
+	0x29e40c,
+	0x258b0c,
+	0x3d6845,
+	0x3cb747,
+	0x37b406,
+	0x333f06,
+	0x3a5388,
+	0x227984,
+	0x22ef0b,
+	0x2025cb,
+	0x30a486,
+	0x36b147,
+	0x3495c5,
+	0x287085,
+	0x22f046,
+	0x29ed05,
+	0x259685,
+	0x2ebf47,
+	0x2298c9,
+	0x206744,
+	0x24a0c5,
+	0x30f585,
+	0x21a5c8,
+	0x361c45,
+	0x2e1149,
+	0x2c6447,
+	0x2c644b,
+	0x308f06,
+	0x24aec9,
+	0x37b248,
+	0x292e05,
+	0x23aa08,
+	0x33bbc8,
+	0x367a47,
+	0x234187,
+	0x2984c9,
+	0x234c87,
+	0x2a2bc9,
+	0x2bd90c,
+	0x2c4348,
+	0x3a0289,
+	0x2deb87,
+	0x297509,
+	0x228087,
+	0x3a0548,
+	0x2ff6c5,
+	0x2495c6,
+	0x2de388,
+	0x30a588,
+	0x3e8dc9,
+	0x2596c7,
+	0x2b9805,
+	0x3d4209,
+	0x3a84c6,
+	0x2a6144,
+	0x315186,
+	0x24c048,
+	0x252787,
+	0x2a7088,
+	0x23f449,
+	0x32dc47,
+	0x2b4e86,
+	0x3d2d44,
+	0x312209,
+	0x3e9288,
+	0x357847,
+	0x29ab46,
+	0x2a6dc6,
+	0x3d05c4,
+	0x381b86,
+	0x208d83,
+	0x203ec9,
+	0x3c3806,
+	0x23f6c5,
+	0x2b8006,
+	0x2d0845,
+	0x296688,
+	0x220787,
+	0x297d46,
+	0x325e46,
+	0x316bc8,
+	0x2ba387,
+	0x2b5045,
+	0x2b5808,
+	0x3def48,
+	0x355e08,
+	0x24b305,
+	0x249646,
+	0x29c3c9,
+	0x23edc4,
+	0x30fa8b,
+	0x22268b,
+	0x237409,
+	0x208e03,
+	0x26e945,
+	0x39bfc6,
+	0x24bbc8,
+	0x311244,
+	0x3203c6,
+	0x2bd209,
+	0x3762c5,
+	0x2ebe86,
+	0x248006,
+	0x217604,
+	0x2c26ca,
+	0x23f608,
+	0x30a586,
+	0x37fdc5,
+	0x3eb247,
+	0x342dc7,
+	0x279384,
+	0x2228c7,
+	0x23df04,
+	0x23df06,
+	0x20d183,
+	0x27e985,
+	0x2ca445,
+	0x34ff08,
+	0x297985,
+	0x291689,
+	0x2bba87,
+	0x35750b,
+	0x2bba8c,
+	0x2bc08a,
+	0x359c47,
+	0x206b43,
+	0x2902c8,
+	0x309285,
+	0x245c85,
+	0x360904,
+	0x3a0446,
+	0x2f82c6,
+	0x381bc7,
+	0x28884b,
+	0x2198c4,
+	0x3aae84,
+	0x2e4a84,
+	0x2ea9c6,
+	0x209344,
+	0x225a08,
+	0x360705,
+	0x255ec5,
+	0x2b4c87,
+	0x3d3309,
+	0x342b85,
+	0x39dc0a,
+	0x2ac6c9,
+	0x2ab14a,
+	0x3e8349,
+	0x328744,
+	0x376605,
+	0x2f7848,
+	0x3b6a8b,
+	0x2d01c5,
+	0x2f2246,
+	0x24f404,
+	0x291bc6,
+	0x32dac9,
+	0x3f3f07,
+	0x253b08,
+	0x255c06,
+	0x3d5d07,
+	0x296f08,
+	0x386686,
+	0x3d2dc4,
+	0x270b47,
+	0x391445,
+	0x3a0a47,
+	0x264884,
+	0x2d4e86,
+	0x342f08,
+	0x2b09c8,
+	0x3e4e07,
+	0x32cc48,
+	0x2ad9c5,
+	0x208c44,
+	0x325a48,
+	0x2d79c4,
+	0x2174c5,
+	0x3a5184,
+	0x220347,
+	0x29f1c7,
+	0x297648,
+	0x2d0886,
+	0x297905,
+	0x291488,
+	0x20c1c8,
+	0x2b9549,
+	0x222986,
+	0x23c508,
+	0x3da80a,
+	0x2fe4c8,
+	0x314945,
+	0x264c06,
+	0x2ac588,
+	0x2adc4a,
+	0x237f47,
+	0x29b985,
+	0x2a9588,
+	0x2c0644,
+	0x266c06,
+	0x2e1a48,
+	0x208cc6,
+	0x3dfcc8,
+	0x26cf47,
+	0x206986,
+	0x2d5a44,
+	0x2445c7,
+	0x2d1044,
+	0x32da87,
+	0x357b8d,
+	0x237485,
+	0x38340b,
+	0x258d86,
+	0x268a08,
+	0x3636c4,
+	0x285f86,
+	0x294006,
+	0x348f87,
+	0x2b004d,
+	0x30e947,
+	0x2d1cc8,
+	0x2a0f85,
+	0x2d1608,
+	0x2e7106,
+	0x2ada48,
+	0x23da86,
+	0x20ce47,
+	0x2251c9,
+	0x3636c7,
+	0x29d2c8,
+	0x289b05,
+	0x235288,
+	0x333e45,
+	0x317d85,
+	0x378d45,
+	0x21e503,
+	0x299044,
+	0x2a9785,
+	0x2564c9,
+	0x381986,
+	0x36db88,
+	0x3a13c5,
+	0x2d3047,
+	0x32a58a,
+	0x2ebdc9,
+	0x2e404a,
+	0x2f1748,
+	0x22934c,
+	0x298d4d,
+	0x3777c3,
+	0x3dfbc8,
+	0x20e705,
+	0x2ff8c6,
+	0x214a46,
+	0x364585,
+	0x3cbf89,
+	0x3ea105,
+	0x291488,
+	0x26fa46,
+	0x37a4c6,
+	0x2bac89,
+	0x233387,
+	0x2a6c46,
+	0x32a508,
+	0x302b48,
+	0x2fcfc7,
+	0x2eb64e,
+	0x2e7345,
+	0x3b84c5,
+	0x208bc8,
+	0x3b90c7,
+	0x229942,
+	0x2dda04,
+	0x29cd8a,
+	0x357908,
+	0x33bd06,
+	0x2b2448,
+	0x2b8106,
+	0x336588,
+	0x2c7c08,
+	0x317d44,
+	0x2d3805,
+	0x7bf004,
+	0x7bf004,
+	0x7bf004,
+	0x204043,
+	0x206586,
+	0x291946,
+	0x2b6dcc,
+	0x2069c3,
+	0x264886,
+	0x20d144,
+	0x360e08,
+	0x2bd045,
+	0x29ce86,
+	0x2b9dc8,
+	0x2f2cc6,
+	0x297cc6,
+	0x21d148,
+	0x36b8c7,
+	0x234a49,
+	0x32438a,
+	0x263b44,
+	0x23df45,
+	0x313885,
+	0x360b86,
+	0x38c186,
+	0x3d3746,
+	0x385306,
+	0x234b84,
+	0x234b8b,
+	0x23dd04,
+	0x22a6c5,
+	0x2c7005,
+	0x288b06,
+	0x20ac08,
+	0x298c07,
+	0x204284,
+	0x273443,
+	0x2c0145,
+	0x315047,
+	0x298b0b,
+	0x34fe07,
+	0x2b9cc8,
+	0x2d8147,
+	0x281406,
+	0x261348,
+	0x2d75cb,
+	0x3975c6,
+	0x210249,
+	0x2d7745,
+	0x32cfc3,
+	0x2ebe86,
+	0x26ce48,
+	0x211903,
+	0x2a17c3,
+	0x233d86,
+	0x2b8106,
+	0x3848ca,
+	0x292c45,
+	0x293e4b,
+	0x2b7f4b,
+	0x242e83,
+	0x201f03,
+	0x2ce7c4,
+	0x32a3c7,
+	0x26cec4,
+	0x23ee44,
+	0x2d3ec4,
+	0x2fe7c8,
+	0x37fd08,
+	0x21c4c9,
+	0x2eee08,
+	0x378fc7,
+	0x234ec6,
+	0x36d7cf,
+	0x2e7486,
+	0x2f0e44,
+	0x37fb4a,
+	0x314f47,
+	0x2d1146,
+	0x2a6189,
+	0x21c445,
+	0x27be45,
+	0x21c586,
+	0x2353c3,
+	0x2c0689,
+	0x21e346,
+	0x23f209,
+	0x39e186,
+	0x27e985,
+	0x3d6c45,
+	0x206043,
+	0x347e48,
+	0x33ad47,
+	0x23a544,
+	0x360c88,
+	0x3aac04,
+	0x3e3f86,
+	0x2d78c6,
+	0x24a886,
+	0x36b589,
+	0x245c05,
+	0x2b5106,
+	0x2839c9,
+	0x2e6246,
+	0x2fe846,
+	0x3b2f06,
+	0x204105,
+	0x3a5186,
+	0x20ce44,
+	0x2ff6c5,
+	0x2de384,
+	0x2d2586,
+	0x300244,
+	0x2027c3,
+	0x29b605,
+	0x241f48,
+	0x235707,
+	0x3112c9,
+	0x29b888,
+	0x2b17d1,
+	0x24808a,
+	0x30a3c7,
+	0x26d086,
+	0x20d144,
+	0x2de488,
+	0x3e5088,
+	0x2b198a,
+	0x2e0f0d,
+	0x21e4c6,
+	0x21d246,
+	0x244686,
+	0x2aeb07,
+	0x2d1d85,
+	0x325147,
+	0x360d45,
+	0x2c6584,
+	0x3d1306,
+	0x249487,
+	0x2c038d,
+	0x2ac4c7,
+	0x2e4d48,
+	0x291789,
+	0x264b06,
+	0x21d345,
+	0x245b84,
+	0x24c146,
+	0x2ff406,
+	0x357a86,
+	0x2b2cc8,
+	0x216143,
+	0x209503,
+	0x3ead45,
+	0x262286,
+	0x2c7bc5,
+	0x255e08,
+	0x2b65ca,
+	0x279484,
+	0x360e08,
+	0x2afc48,
+	0x32a787,
+	0x234009,
+	0x2d9c88,
+	0x2c44c7,
+	0x2dd3c6,
+	0x208cca,
+	0x24c1c8,
+	0x322e89,
+	0x2af248,
+	0x21fb49,
+	0x362b47,
+	0x3837c5,
+	0x3715c6,
+	0x2c4a48,
+	0x297088,
+	0x359f08,
+	0x217608,
+	0x22a6c5,
+	0x204584,
+	0x240a08,
+	0x24f184,
+	0x3e8144,
+	0x27e985,
+	0x2a8907,
+	0x3d30c9,
+	0x348d87,
+	0x23c545,
+	0x28ee46,
+	0x37f5c6,
+	0x20ad04,
+	0x2bb106,
+	0x294284,
 	0x293b86,
-	0x26608b,
-	0x29eb06,
-	0x2ac4cd,
-	0x3da785,
-	0x2bcc06,
-	0x21b0c5,
-	0x304d09,
-	0x2d86c7,
-	0x219a88,
-	0x3c0746,
-	0x2ab709,
-	0x2ca346,
-	0x27b985,
-	0x219186,
-	0x2dd006,
-	0x2e6089,
-	0x2d1846,
-	0x2c8a07,
-	0x364e85,
-	0x202a43,
-	0x266205,
-	0x39ea47,
-	0x335ac6,
-	0x3da689,
-	0x36f186,
-	0x295a06,
-	0x24b3c9,
-	0x2951c9,
-	0x2b3587,
-	0x3642c8,
-	0x29df09,
-	0x292488,
-	0x3ed546,
-	0x2eec45,
-	0x3220ca,
-	0x295a86,
-	0x3cb586,
-	0x2e91c5,
-	0x25f988,
-	0x35b587,
-	0x2387ca,
-	0x25c686,
-	0x303605,
-	0x30c706,
-	0x2a3407,
-	0x3c9e47,
-	0x30eb45,
-	0x27bb45,
-	0x242786,
-	0x246246,
-	0x255046,
-	0x2b4bc4,
-	0x294549,
-	0x29afc6,
-	0x378bca,
-	0x22de48,
-	0x30f908,
-	0x384c8a,
-	0x23c3c5,
-	0x2aecc5,
-	0x3d2808,
-	0x3206c8,
-	0x248307,
-	0x23c286,
-	0x339dc8,
-	0x3d7687,
-	0x292b88,
-	0x2d0286,
-	0x296488,
-	0x2a8046,
-	0x359147,
-	0x245906,
-	0x2ad586,
-	0x243aca,
-	0x39f886,
-	0x2eec49,
-	0x3bd606,
-	0x211a4a,
-	0x3854c9,
-	0x240c06,
-	0x2d2544,
-	0x35edcd,
-	0x2912c7,
-	0x3c7506,
-	0x2db305,
-	0x2ca3c5,
-	0x39cd86,
-	0x2cc849,
-	0x2dddc7,
-	0x28ea46,
-	0x2c9b06,
-	0x299089,
-	0x23d5c4,
-	0x240d04,
-	0x20bec8,
-	0x35dac6,
-	0x3dde08,
-	0x219108,
-	0x264787,
-	0x3bcd49,
-	0x3d0487,
-	0x2c930a,
-	0x3030cf,
-	0x39b0ca,
-	0x3d0f45,
-	0x28ddc5,
-	0x218f45,
-	0x23a347,
-	0x28f6c3,
-	0x3644c8,
-	0x236606,
-	0x236709,
-	0x2fc746,
-	0x2e6a47,
-	0x2ab4c9,
-	0x219988,
-	0x304ec7,
-	0x322683,
-	0x358705,
+	0x3d2e86,
+	0x211746,
+	0x3dc5c5,
+	0x255cc7,
+	0x206b43,
+	0x32e089,
+	0x3169c8,
+	0x2f7dc4,
+	0x2f7dcd,
+	0x2b0ac8,
+	0x2f6108,
+	0x322e06,
+	0x2252c9,
+	0x2ebdc9,
+	0x32d7c5,
+	0x2b66ca,
+	0x2abc0a,
+	0x3cd0cc,
+	0x3cd246,
+	0x28fec6,
+	0x2e7a86,
+	0x3a1209,
+	0x2ffb06,
+	0x2ba3c6,
+	0x3ea1c6,
+	0x3576c8,
+	0x20bfc6,
+	0x2f060b,
+	0x2a8a85,
+	0x255ec5,
+	0x2909c5,
+	0x3ebf86,
+	0x208c83,
+	0x24a806,
+	0x2ac447,
+	0x2de345,
+	0x3c35c5,
+	0x3a3905,
+	0x2fb286,
+	0x32d884,
+	0x33ee46,
+	0x2a8e89,
+	0x3ebe0c,
+	0x2c62c8,
+	0x267dc4,
+	0x38d6c6,
+	0x258e86,
+	0x26ce48,
+	0x3b0888,
+	0x3ebd09,
+	0x3eb247,
+	0x38f8c9,
+	0x288146,
+	0x237004,
+	0x361784,
+	0x2987c4,
+	0x296f08,
+	0x3d2f0a,
+	0x342b06,
+	0x3759c7,
+	0x3a0cc7,
+	0x24afc5,
+	0x2bb8c4,
+	0x2a4146,
+	0x2d1dc6,
+	0x220883,
+	0x316807,
+	0x257048,
+	0x32d90a,
+	0x358908,
+	0x358048,
+	0x300285,
+	0x22e485,
+	0x362205,
+	0x24b386,
+	0x24f886,
+	0x350045,
+	0x204109,
+	0x2bb6cc,
+	0x318007,
+	0x2b1a08,
 	0x2a2f45,
-	0x2b4a0b,
-	0x254c04,
-	0x37a8c4,
-	0x28b806,
-	0x322847,
-	0x39d30a,
-	0x259587,
-	0x2297c7,
-	0x291485,
-	0x3d9745,
-	0x29e409,
-	0x2ad586,
-	0x25940d,
-	0x346cc5,
-	0x2b4c83,
-	0x21df03,
-	0x2fcac5,
-	0x33a6c5,
-	0x26c248,
-	0x28f207,
-	0x24e486,
-	0x2b06c6,
-	0x2316c5,
-	0x23e987,
-	0x331047,
-	0x260d87,
-	0x29ce4a,
-	0x3c6d08,
-	0x2b4bc4,
-	0x293907,
-	0x290647,
-	0x360686,
-	0x2a76c7,
-	0x2f50c8,
-	0x278fc8,
-	0x280b46,
-	0x3292c8,
-	0x22ec44,
-	0x37bb86,
-	0x2693c6,
-	0x38d946,
-	0x20a246,
-	0x2add04,
-	0x25c486,
-	0x2d9886,
-	0x2aa686,
-	0x20e506,
-	0x3dac86,
-	0x239a46,
-	0x24e388,
-	0x2cbd48,
-	0x2ebec8,
-	0x223ec8,
-	0x3d2786,
-	0x204005,
-	0x372b86,
-	0x2c1a45,
-	0x32d207,
-	0x280d85,
-	0x215243,
-	0x310c85,
-	0x396884,
-	0x3dadc5,
-	0x20df03,
-	0x2ca187,
-	0x3ae008,
-	0x318346,
-	0x2c004d,
-	0x28dd86,
-	0x2a9c05,
-	0x201883,
-	0x2d6749,
-	0x23d746,
-	0x2a9146,
-	0x21b404,
-	0x39b047,
-	0x3cdf86,
-	0x303845,
-	0x239803,
-	0x3ec004,
-	0x290806,
-	0x224444,
-	0x3c3448,
-	0x3d8b09,
-	0x281009,
-	0x2b1d0a,
-	0x25258d,
-	0x3e7507,
-	0x3d7086,
-	0x216384,
-	0x358c49,
-	0x297d48,
-	0x299606,
-	0x246dc6,
-	0x2a76c7,
-	0x37aa06,
-	0x21de46,
-	0x3bd006,
-	0x3e8e4a,
-	0x21b008,
-	0x2bae85,
-	0x3866c9,
-	0x3ccd0a,
-	0x397988,
-	0x2ae188,
-	0x2a90c8,
-	0x3296cc,
-	0x3a2505,
-	0x2b0948,
-	0x2cfd86,
-	0x2a3a06,
-	0x2e0947,
-	0x259485,
-	0x295945,
-	0x280ec9,
-	0x20db47,
-	0x2366c5,
-	0x228e87,
-	0x21df03,
-	0x2e2545,
-	0x22e248,
-	0x294e47,
-	0x2ae049,
-	0x2d4205,
-	0x36e684,
-	0x31cf48,
-	0x2bc287,
-	0x305088,
-	0x22c1c8,
-	0x39e745,
-	0x276dc6,
-	0x2b07c6,
-	0x35c509,
-	0x2694c7,
-	0x2c2306,
-	0x3684c7,
-	0x205383,
-	0x21d684,
-	0x22ed45,
-	0x23eac4,
-	0x38d244,
-	0x293507,
-	0x27a4c7,
-	0x28ec04,
-	0x2ade90,
-	0x3868c7,
-	0x3d9745,
-	0x385f4c,
-	0x207504,
-	0x2bf3c8,
-	0x359049,
-	0x2c5ec6,
-	0x31c0c8,
-	0x205c04,
-	0x28bb08,
-	0x298b06,
-	0x243948,
-	0x2af346,
-	0x31ffcb,
-	0x3745c5,
-	0x22ebc8,
-	0x2186c4,
-	0x3d8f4a,
-	0x2ae049,
-	0x3d6746,
-	0x222f08,
-	0x26a045,
-	0x2d5cc4,
-	0x2bf2c6,
-	0x260c48,
-	0x293288,
-	0x3344c6,
-	0x331c84,
-	0x322046,
-	0x3d0507,
-	0x28d6c7,
-	0x2a76cf,
-	0x346087,
-	0x39e187,
-	0x36ca85,
-	0x209e85,
-	0x2b3249,
-	0x31f7c6,
-	0x292145,
-	0x2954c7,
-	0x2e4288,
-	0x2244c5,
-	0x245906,
-	0x22dc88,
-	0x34654a,
-	0x24a588,
-	0x29c887,
-	0x303506,
-	0x386686,
-	0x2003c3,
-	0x219d43,
-	0x3ccec9,
-	0x29dd89,
-	0x2beac6,
-	0x2d4205,
-	0x329548,
-	0x222f08,
-	0x2ad1c8,
-	0x3bd08b,
-	0x2c0287,
-	0x31c609,
-	0x2a7948,
-	0x34eb84,
-	0x3d6a48,
-	0x2a07c9,
+	0x7bf004,
+	0x2ca484,
+	0x2ee904,
+	0x213346,
+	0x2b8e4e,
+	0x27bec7,
+	0x2aed05,
+	0x23ed4c,
+	0x2b4587,
+	0x249407,
+	0x24de49,
+	0x21ba49,
+	0x29b985,
+	0x3169c8,
+	0x29c3c9,
+	0x355cc5,
+	0x2de288,
+	0x3ce506,
+	0x325cc6,
+	0x243e44,
+	0x2ce008,
+	0x255783,
+	0x206184,
+	0x2c01c5,
+	0x3a5b07,
+	0x355145,
+	0x3da6c9,
+	0x2a398d,
+	0x2b3046,
+	0x3f3684,
+	0x2dd4c8,
+	0x22970a,
+	0x3cba07,
+	0x246205,
+	0x2061c3,
+	0x2b810e,
+	0x347f4c,
+	0x398647,
+	0x2b9007,
+	0x4e3a4e47,
+	0x136c46,
+	0x2af84,
+	0x203f43,
+	0x2ffb45,
+	0x2ee905,
+	0x2b2808,
+	0x2afa89,
+	0x267cc6,
+	0x26cec4,
+	0x30a306,
+	0x390c0b,
+	0x2fa98c,
+	0x26e6c7,
+	0x2f08c5,
+	0x3dee48,
+	0x2fcd85,
+	0x37fb47,
+	0x2ee3c7,
+	0x255785,
+	0x208c83,
+	0x246384,
+	0x3638c5,
+	0x206645,
+	0x206646,
+	0x2a4d08,
+	0x249487,
+	0x214d46,
+	0x3d04c6,
+	0x378c86,
+	0x2d5009,
+	0x3e9507,
+	0x267b46,
+	0x2fab06,
+	0x23ccc6,
 	0x2c2605,
-	0x2b83c7,
-	0x21d705,
-	0x293188,
-	0x2a2bcb,
-	0x2a88d0,
-	0x2bc845,
-	0x21860c,
-	0x24e645,
-	0x288a83,
-	0x2d4d46,
-	0x2d8d84,
-	0x299486,
-	0x2aed87,
-	0x223ec4,
-	0x2ce548,
-	0x36438d,
-	0x341805,
-	0x22ebc4,
-	0x2ba544,
-	0x39dec9,
-	0x2ac208,
-	0x32f6c7,
-	0x298b88,
-	0x294608,
-	0x28ed45,
-	0x3cd207,
-	0x28ecc7,
-	0x2369c7,
-	0x27bb49,
-	0x288849,
-	0x221346,
-	0x223746,
-	0x295586,
-	0x323a45,
-	0x3c6a84,
-	0x3d4386,
-	0x3d88c6,
-	0x28ed88,
-	0x2a30cb,
-	0x310347,
-	0x216384,
-	0x3cdec6,
-	0x219447,
-	0x239645,
-	0x286745,
-	0x269984,
-	0x2887c6,
-	0x3d4408,
-	0x358c49,
-	0x25f5c6,
-	0x297b48,
-	0x303906,
-	0x364dc8,
-	0x2dadcc,
-	0x28ec06,
-	0x2a98cd,
-	0x2a9d4b,
-	0x2c8ac5,
-	0x331187,
-	0x2d1946,
-	0x3c9d08,
-	0x2213c9,
-	0x2c0588,
-	0x3d9745,
-	0x2a82c7,
-	0x292588,
-	0x371d89,
-	0x38eb86,
-	0x262d4a,
-	0x3c9a88,
-	0x2c03cb,
-	0x2de38c,
-	0x28bc08,
-	0x28fec6,
-	0x3725c8,
-	0x3461c7,
-	0x2a8589,
-	0x2a258d,
-	0x2ad486,
-	0x3049c8,
-	0x2cbc09,
-	0x2d7488,
-	0x296588,
-	0x2da48c,
-	0x2dc187,
-	0x2dd187,
-	0x27b985,
-	0x2cf707,
-	0x2e4148,
-	0x2bf346,
-	0x25f44c,
-	0x306948,
-	0x2e7608,
-	0x220846,
-	0x30aa07,
-	0x221544,
-	0x223ec8,
-	0x321b8c,
-	0x29aa0c,
-	0x3d0fc5,
-	0x3cf687,
-	0x331c06,
-	0x30a986,
-	0x38be48,
-	0x225804,
-	0x2301cb,
-	0x374dcb,
-	0x303506,
-	0x364207,
-	0x374845,
-	0x2827c5,
-	0x230306,
-	0x26a005,
-	0x254bc5,
-	0x2e5ec7,
-	0x20df09,
-	0x203a84,
-	0x248c45,
-	0x309505,
-	0x217f48,
-	0x35de45,
-	0x2d4649,
-	0x2c0cc7,
-	0x2c0ccb,
-	0x302106,
-	0x24e0c9,
-	0x332408,
-	0x289985,
-	0x236ac8,
-	0x288888,
-	0x3b5207,
-	0x298907,
-	0x293589,
-	0x243887,
-	0x29b5c9,
-	0x2bdbcc,
-	0x2beac8,
-	0x2de1c9,
-	0x3a1407,
-	0x2946c9,
-	0x3e1347,
-	0x2de488,
-	0x3e1545,
-	0x37bb06,
-	0x2db348,
-	0x2ec7c8,
-	0x3ccbc9,
-	0x254c07,
-	0x2b1f05,
-	0x207c09,
-	0x36a346,
-	0x2a2384,
-	0x30ce06,
-	0x328d48,
-	0x23da47,
-	0x2a32c8,
-	0x329389,
-	0x323307,
-	0x2ad306,
-	0x331244,
-	0x310d09,
-	0x3cd088,
-	0x220707,
-	0x297346,
-	0x2a3006,
-	0x3cb504,
-	0x2fb8c6,
-	0x207cc3,
-	0x374149,
-	0x374586,
-	0x2bce85,
-	0x2b06c6,
-	0x20e685,
-	0x292a08,
-	0x204f87,
-	0x247806,
-	0x330cc6,
-	0x30f908,
-	0x2b33c7,
-	0x2ad4c5,
-	0x2adc88,
-	0x3dd848,
-	0x3c9a88,
-	0x24e505,
-	0x37bb86,
-	0x280dc9,
-	0x35c384,
-	0x20e50b,
-	0x21db4b,
-	0x2bad89,
-	0x21df03,
-	0x267ec5,
-	0x338106,
-	0x250248,
-	0x3a7644,
-	0x318346,
-	0x29cf89,
-	0x2c6c05,
-	0x2e5e06,
-	0x2bc286,
-	0x222f04,
-	0x2ae30a,
-	0x2bcdc8,
-	0x2ec7c6,
-	0x379ac5,
-	0x383187,
-	0x33a907,
-	0x276dc4,
-	0x21dd87,
-	0x2c9304,
-	0x2f0f06,
-	0x205bc3,
-	0x27bb45,
-	0x2c4ac5,
-	0x3e1708,
-	0x293ac5,
-	0x28e949,
-	0x223d07,
-	0x223d0b,
-	0x2b4ccc,
-	0x2b52ca,
-	0x351107,
-	0x208c03,
-	0x28d0c8,
-	0x240cc5,
-	0x224545,
-	0x3587c4,
-	0x2de386,
-	0x359046,
-	0x2fb907,
-	0x26458b,
-	0x2add04,
-	0x36cbc4,
-	0x2e1404,
-	0x2e5bc6,
-	0x223ec4,
-	0x222d88,
-	0x3585c5,
-	0x252bc5,
-	0x2ad107,
-	0x331289,
-	0x33a6c5,
-	0x39cd8a,
-	0x3de289,
-	0x2a678a,
-	0x3e8f89,
-	0x312c84,
-	0x2c9bc5,
-	0x37ab08,
-	0x383a8b,
-	0x304b45,
-	0x219286,
-	0x24d204,
-	0x28ee86,
-	0x323189,
-	0x219547,
-	0x36f348,
-	0x252906,
-	0x3d0487,
-	0x293288,
-	0x380146,
-	0x3d6e04,
-	0x26ae87,
-	0x390e85,
-	0x39f0c7,
-	0x205b04,
-	0x2d18c6,
-	0x33aa48,
-	0x2a9f08,
-	0x31a707,
-	0x385088,
-	0x2a8105,
-	0x21dc84,
-	0x384b88,
-	0x320fc4,
-	0x218ec5,
-	0x38bc44,
-	0x3d7787,
-	0x29b087,
-	0x294808,
-	0x305206,
-	0x293a45,
-	0x28e748,
-	0x24a788,
-	0x2b1c49,
-	0x21de46,
-	0x238848,
-	0x3d8dca,
-	0x2396c8,
-	0x30d585,
-	0x372d86,
-	0x3de148,
-	0x2a838a,
-	0x35bb07,
-	0x298185,
-	0x2a4d88,
-	0x270504,
-	0x25fa06,
-	0x2dd808,
-	0x3dac86,
-	0x33b048,
-	0x231cc7,
-	0x3d5e86,
-	0x2d2544,
-	0x34c407,
-	0x2cc184,
-	0x323147,
-	0x2eff4d,
-	0x248385,
-	0x2cc64b,
-	0x29ac86,
-	0x261808,
-	0x2ce504,
-	0x255246,
-	0x290806,
-	0x372907,
-	0x2a958d,
-	0x308a87,
-	0x2cd508,
-	0x3b4dc5,
-	0x29e5c8,
-	0x2e1b06,
-	0x2a8188,
-	0x23f1c6,
-	0x385cc7,
-	0x2e93c9,
-	0x35b387,
-	0x2998c8,
-	0x26e5c5,
-	0x231748,
-	0x30a8c5,
-	0x245845,
-	0x370505,
-	0x2191c3,
-	0x20a2c4,
-	0x239785,
-	0x2531c9,
-	0x37b946,
-	0x2f51c8,
-	0x249b85,
-	0x2cf5c7,
-	0x2d89ca,
-	0x2e5d49,
-	0x2dcf0a,
-	0x2ebf48,
-	0x228ccc,
-	0x29554d,
-	0x303b03,
-	0x33af48,
-	0x3ebfc5,
-	0x346306,
-	0x219806,
-	0x35ea85,
-	0x3685c9,
-	0x208b85,
-	0x28e748,
-	0x268e86,
-	0x370d06,
-	0x2b3cc9,
-	0x26ba87,
-	0x2a2e86,
-	0x2d8948,
-	0x38d848,
-	0x2f7f07,
-	0x2e62ce,
-	0x2e1d45,
-	0x371c85,
-	0x3dab88,
-	0x3327c7,
-	0x20df82,
-	0x2da144,
-	0x29938a,
-	0x2207c8,
-	0x2889c6,
-	0x2ab608,
-	0x2b07c6,
-	0x209d08,
-	0x2c2308,
-	0x245804,
-	0x2cf985,
-	0x773104,
-	0x773104,
-	0x773104,
-	0x203e03,
-	0x2038c6,
-	0x28ec06,
-	0x2af74c,
-	0x205c43,
-	0x205b06,
-	0x21b284,
-	0x23d6c8,
-	0x29cdc5,
-	0x299486,
-	0x2b4808,
-	0x2ecdc6,
-	0x247786,
-	0x3d6548,
-	0x22edc7,
-	0x243649,
-	0x33824a,
-	0x27a644,
-	0x280d85,
-	0x30be85,
-	0x358a46,
-	0x3e7546,
-	0x3316c6,
-	0x36a0c6,
-	0x243784,
-	0x24378b,
-	0x23da44,
-	0x24e245,
-	0x2c1285,
-	0x264846,
-	0x3e9788,
-	0x295407,
-	0x374504,
-	0x26f0c3,
-	0x270005,
-	0x30ccc7,
-	0x29530b,
-	0x3e1607,
-	0x2b4708,
-	0x2cfac7,
-	0x27e146,
-	0x284c08,
-	0x2a6d4b,
-	0x34f1c6,
-	0x2103c9,
-	0x2a6ec5,
-	0x322683,
-	0x2e5e06,
-	0x231bc8,
-	0x214283,
-	0x2d1a03,
-	0x293286,
-	0x2b07c6,
-	0x37e60a,
-	0x28ff05,
-	0x29064b,
-	0x2b060b,
-	0x24da83,
-	0x20a8c3,
-	0x2c9284,
-	0x2d8807,
-	0x231c44,
-	0x23d6c4,
-	0x2cfc04,
-	0x2399c8,
-	0x379a08,
-	0x219f49,
-	0x2e9ac8,
-	0x3c7787,
-	0x20e506,
-	0x2f4e0f,
-	0x2e1e86,
-	0x2eb284,
-	0x37984a,
-	0x30cbc7,
-	0x2cc286,
-	0x2a23c9,
-	0x219ec5,
-	0x246305,
-	0x21a006,
-	0x231883,
-	0x270549,
-	0x21b186,
-	0x329149,
-	0x39d306,
-	0x27bb45,
-	0x3d13c5,
-	0x203383,
-	0x3cc588,
-	0x32f887,
-	0x236604,
-	0x23d548,
-	0x2a3784,
-	0x320ec6,
-	0x2d4d46,
-	0x249406,
-	0x22ea89,
-	0x2244c5,
-	0x2ad586,
-	0x262689,
-	0x2e1006,
-	0x239a46,
-	0x3afcc6,
-	0x22e9c5,
-	0x38bc46,
-	0x385cc4,
-	0x3e1545,
-	0x2db344,
-	0x2cec86,
-	0x346c84,
-	0x219543,
-	0x297e05,
-	0x23fb48,
-	0x255787,
-	0x3a76c9,
-	0x298088,
-	0x2aab91,
-	0x2bc30a,
-	0x303447,
-	0x279306,
-	0x21b284,
-	0x2db448,
-	0x2f6088,
-	0x2aad4a,
-	0x2d440d,
-	0x219186,
-	0x3d6646,
-	0x34c4c6,
-	0x30e9c7,
-	0x2cd5c5,
-	0x3bcb07,
-	0x23d605,
-	0x2c0e04,
-	0x347246,
-	0x23c0c7,
-	0x27024d,
-	0x3de087,
-	0x36da48,
-	0x28ea49,
-	0x372c86,
-	0x38eb05,
-	0x245404,
-	0x328e46,
-	0x3bcc46,
-	0x220946,
-	0x2abe88,
-	0x233803,
-	0x218183,
-	0x384745,
-	0x25c786,
-	0x2c22c5,
-	0x252b08,
-	0x2aef4a,
-	0x276ec4,
-	0x23d6c8,
-	0x2a90c8,
-	0x39ec07,
-	0x298789,
-	0x2d6a88,
-	0x2bec47,
-	0x2d9a06,
-	0x3dac8a,
-	0x328ec8,
-	0x31ce09,
-	0x2ac2c8,
-	0x21d009,
-	0x2791c7,
-	0x2cca05,
-	0x3bd286,
-	0x2bf1c8,
-	0x28a308,
-	0x2662c8,
-	0x341948,
-	0x24e245,
-	0x20bcc4,
+	0x2185c6,
+	0x3b7205,
+	0x361cc8,
+	0x2a81cb,
+	0x2a36c6,
+	0x3a0d04,
+	0x2fefc9,
+	0x2bba84,
+	0x3ce488,
+	0x318dc7,
+	0x299c84,
+	0x2d9148,
+	0x2e0704,
+	0x2c2644,
+	0x2f7d05,
+	0x3b0786,
+	0x2fe707,
+	0x234643,
+	0x2b4f45,
+	0x250504,
+	0x3b8506,
+	0x32d848,
+	0x20bec5,
+	0x2a7e89,
+	0x359c45,
+	0x264888,
+	0x23ec07,
+	0x3c3908,
+	0x2d8d87,
+	0x39f0c9,
+	0x26ac06,
+	0x2e4346,
+	0x2a4784,
+	0x30f9c5,
+	0x3de58c,
+	0x2909c7,
+	0x290e87,
+	0x38bdc8,
+	0x2b3046,
+	0x2ac384,
+	0x327b84,
+	0x298349,
+	0x2e7b86,
+	0x2b2387,
+	0x3490c4,
+	0x2bb206,
+	0x3b7645,
+	0x2ee247,
+	0x2f0586,
+	0x2576c9,
+	0x2cec47,
+	0x2acf87,
+	0x2bab06,
+	0x29aa85,
+	0x295708,
+	0x21e1c8,
+	0x37be06,
+	0x20bf05,
+	0x3936c6,
+	0x206b03,
+	0x2b2689,
+	0x3d34ce,
+	0x2d7fc8,
+	0x3aad08,
+	0x37bc0b,
+	0x2a80c6,
+	0x3a0bc4,
+	0x297cc4,
+	0x3d35ca,
+	0x21afc7,
+	0x267c05,
+	0x210249,
+	0x2dd305,
+	0x3e8187,
+	0x246444,
+	0x2a2647,
+	0x2f1fc8,
+	0x3813c6,
+	0x2da1c9,
+	0x2d9d8a,
+	0x21af46,
+	0x2b0606,
+	0x2c6f85,
+	0x3a70c5,
+	0x399347,
+	0x255108,
+	0x3b7588,
+	0x317d46,
+	0x3d6cc5,
+	0x38bf0e,
+	0x245f84,
+	0x2b2785,
+	0x28e7c9,
+	0x2ed488,
+	0x2a09c6,
+	0x2b530c,
+	0x2b61d0,
+	0x2b8a8f,
+	0x2ba108,
+	0x359c47,
+	0x3dc5c5,
+	0x2a9785,
+	0x2fe589,
+	0x2a9789,
+	0x28f506,
+	0x2d0247,
+	0x3a5285,
+	0x24e689,
+	0x3673c6,
+	0x2ff94d,
+	0x298689,
+	0x23ee44,
+	0x2d7bc8,
+	0x240ac9,
+	0x342cc6,
+	0x2904c5,
+	0x2e4346,
+	0x2539c9,
+	0x233b08,
+	0x20f0c5,
+	0x2a4c84,
+	0x2b54cb,
+	0x342b85,
+	0x24bc46,
+	0x299086,
+	0x3ae7c6,
+	0x24b60b,
+	0x2a7f89,
+	0x2281c5,
+	0x338d87,
+	0x248006,
+	0x2718c6,
+	0x2ee688,
+	0x225b89,
+	0x2e4b0c,
+	0x314e48,
+	0x323c06,
+	0x33d7c3,
+	0x23c1c6,
+	0x309205,
+	0x294988,
+	0x3d66c6,
+	0x2d0608,
+	0x25d705,
+	0x2715c5,
+	0x3a0048,
+	0x3aaac7,
+	0x214987,
+	0x381bc7,
+	0x324a48,
+	0x359d88,
+	0x2d1506,
+	0x2d23c7,
+	0x3bb2c7,
+	0x39ee4a,
+	0x203cc3,
+	0x3ebf86,
+	0x267f05,
+	0x284804,
+	0x291789,
+	0x39f044,
+	0x235784,
+	0x2b6a44,
+	0x2b900b,
+	0x33ac87,
+	0x2fb245,
+	0x2ad6c8,
+	0x28ee46,
+	0x28ee48,
+	0x292b86,
+	0x2a1445,
+	0x2a20c5,
+	0x2a5106,
+	0x279208,
+	0x2a60c8,
+	0x291946,
+	0x2ad50f,
+	0x2b2150,
+	0x209805,
+	0x206b43,
+	0x2856c5,
+	0x326848,
+	0x2a9689,
+	0x355e08,
+	0x21e448,
+	0x26afc8,
+	0x33ad47,
+	0x28eb09,
+	0x2d0808,
+	0x2a56c4,
+	0x2b68c8,
+	0x21a689,
+	0x2d2907,
+	0x2d2d04,
+	0x348e48,
+	0x255a8a,
+	0x3221c6,
+	0x21e4c6,
+	0x222849,
+	0x2b6407,
+	0x2ebc48,
+	0x2464c8,
+	0x3d0b88,
+	0x279b85,
+	0x3b7e85,
+	0x255ec5,
+	0x2ee8c5,
+	0x3cf007,
+	0x208c85,
+	0x2de345,
+	0x207906,
+	0x355d47,
+	0x3b69c7,
+	0x255d86,
+	0x2f1c85,
+	0x24bc46,
+	0x220805,
+	0x2e4888,
+	0x32c584,
+	0x2e62c6,
+	0x398c44,
+	0x2d8f48,
+	0x2e63ca,
+	0x291f4c,
+	0x2b7685,
+	0x2aebc6,
+	0x2e4cc6,
+	0x3e9fc6,
+	0x323c84,
+	0x3c8045,
+	0x292447,
+	0x2b6489,
+	0x2eb507,
+	0x7bf004,
+	0x7bf004,
+	0x33ab05,
+	0x315d84,
+	0x2b4aca,
+	0x28ecc6,
+	0x39ffc4,
+	0x3cb6c5,
+	0x3c4605,
+	0x2d1cc4,
+	0x298cc7,
+	0x3d4387,
+	0x2ea9c8,
+	0x3937c8,
+	0x20f0c9,
+	0x2d79c8,
+	0x29d40b,
+	0x20cf04,
+	0x317f45,
+	0x295e45,
+	0x381b49,
+	0x225b89,
+	0x2feec8,
 	0x23dd08,
-	0x24cf84,
-	0x3e8d84,
-	0x27bb45,
-	0x2a4707,
-	0x331049,
-	0x372707,
-	0x238885,
-	0x28ba06,
-	0x3792c6,
-	0x210504,
-	0x2b3fc6,
-	0x290a84,
-	0x28b0c6,
-	0x330e06,
-	0x2140c6,
-	0x3d9745,
-	0x2529c7,
-	0x208c03,
-	0x270d09,
-	0x30f708,
-	0x23d544,
-	0x358b4d,
-	0x2aa008,
-	0x3012c8,
-	0x31cd86,
-	0x2e94c9,
-	0x2e5d49,
-	0x322e85,
-	0x2af04a,
-	0x281a0a,
-	0x28e44c,
-	0x28e5c6,
-	0x28ccc6,
-	0x2e2486,
-	0x3ac749,
-	0x346546,
-	0x2b3406,
-	0x208c46,
-	0x223ec8,
-	0x24a586,
-	0x2eaa4b,
-	0x2a4885,
-	0x252bc5,
-	0x28d7c5,
-	0x20bc46,
-	0x219143,
-	0x249386,
-	0x3de007,
-	0x2db305,
-	0x28c085,
-	0x2ca3c5,
-	0x2f9a46,
-	0x322f44,
-	0x336946,
-	0x2a0b09,
-	0x20bacc,
-	0x2c0b48,
-	0x260bc4,
-	0x37fac6,
-	0x29ad86,
-	0x231bc8,
-	0x222f08,
-	0x20b9c9,
-	0x383187,
-	0x35d809,
-	0x283886,
-	0x219104,
-	0x20fd44,
-	0x293884,
-	0x293288,
-	0x330e8a,
-	0x33a646,
-	0x36c947,
-	0x39f347,
-	0x24e1c5,
-	0x2b6904,
-	0x2a0786,
-	0x2cd606,
-	0x205083,
-	0x30f547,
-	0x22c0c8,
-	0x322fca,
-	0x3cf988,
-	0x34ee48,
-	0x346cc5,
-	0x229005,
-	0x310445,
-	0x24e586,
-	0x250fc6,
-	0x3e1845,
-	0x374389,
-	0x2b670c,
-	0x34a587,
-	0x2aadc8,
-	0x295dc5,
-	0x773104,
-	0x2bb4c4,
-	0x294f84,
-	0x24b586,
-	0x2b150e,
-	0x246387,
-	0x301285,
-	0x35c30c,
-	0x2a3647,
-	0x23c047,
-	0x247a89,
-	0x21aa49,
-	0x298185,
-	0x30f708,
-	0x280dc9,
-	0x3c9945,
-	0x2db248,
-	0x2e8e86,
-	0x384e06,
-	0x3854c4,
-	0x31c7c8,
-	0x252483,
-	0x2034c4,
-	0x270085,
-	0x3a4807,
-	0x3235c5,
-	0x3d8c89,
-	0x39138d,
-	0x2b2246,
-	0x3d5504,
-	0x23c208,
-	0x20dd4a,
-	0x3a9947,
-	0x34a405,
-	0x203503,
-	0x2b07ce,
-	0x3cc68c,
-	0x397a87,
-	0x2b16c7,
-	0x4dba3607,
-	0x2b4c6,
-	0x2c684,
-	0x205b43,
-	0x346585,
-	0x294f85,
-	0x2ab9c8,
-	0x2a8f09,
-	0x260ac6,
-	0x231c44,
-	0x303386,
-	0x38d60b,
-	0x2e00cc,
-	0x267c47,
-	0x2ead05,
-	0x3dd748,
-	0x2f7cc5,
-	0x379847,
-	0x2e9287,
-	0x252485,
-	0x219143,
-	0x245ac4,
-	0x328c05,
-	0x203985,
-	0x203986,
-	0x2a0588,
-	0x23c0c7,
-	0x219b06,
-	0x3cb406,
-	0x370446,
-	0x2d1a49,
-	0x3cd307,
-	0x260946,
-	0x2e0246,
-	0x239006,
-	0x2bcd05,
-	0x20d646,
-	0x3b5c05,
-	0x35dec8,
-	0x2a434b,
-	0x2a0106,
-	0x39f384,
-	0x23a1c9,
-	0x223d04,
-	0x2e8e08,
-	0x311707,
-	0x296484,
-	0x2d5ec8,
-	0x2dca44,
-	0x2bcd44,
-	0x23d485,
-	0x341846,
-	0x239907,
-	0x22eb83,
-	0x2ad3c5,
-	0x33ecc4,
-	0x371cc6,
-	0x322f08,
-	0x384f85,
-	0x2a4009,
-	0x207e05,
-	0x205b08,
-	0x35c1c7,
-	0x374688,
-	0x2d5b07,
-	0x39e249,
-	0x25c306,
-	0x3a0fc6,
-	0x208c44,
-	0x20e445,
-	0x3dce8c,
-	0x28d7c7,
-	0x28dc87,
-	0x3e7188,
-	0x2b2246,
-	0x3ddf44,
-	0x31da44,
-	0x293409,
-	0x2e2586,
-	0x29e487,
-	0x372a44,
-	0x2b40c6,
-	0x3d22c5,
-	0x2e9107,
-	0x2ea9c6,
-	0x262c09,
-	0x31f9c7,
-	0x2a76c7,
-	0x2b3b46,
-	0x297285,
-	0x291a88,
-	0x21b008,
-	0x375b46,
-	0x384fc5,
-	0x2dedc6,
-	0x203e43,
-	0x2ab849,
-	0x33144e,
-	0x2d5848,
-	0x2a3888,
-	0x37594b,
-	0x2a4246,
-	0x39f244,
-	0x247784,
-	0x33154a,
-	0x218507,
-	0x260a05,
-	0x2103c9,
-	0x2d9945,
-	0x3e8dc7,
-	0x245b84,
-	0x2900c7,
-	0x219008,
-	0x3c0ac6,
-	0x2d6fc9,
-	0x2d6b8a,
-	0x218486,
-	0x2a9b46,
-	0x2c1205,
-	0x3a5dc5,
-	0x3a9647,
-	0x251a88,
-	0x3d2208,
-	0x245806,
-	0x3d1445,
-	0x3e72ce,
-	0x2b4bc4,
-	0x2ab945,
-	0x28b389,
-	0x31f5c8,
-	0x29c7c6,
-	0x2ad78c,
-	0x2aeb50,
-	0x2b114f,
-	0x2b3148,
-	0x351107,
-	0x3d9745,
-	0x239785,
-	0x239789,
-	0x2a4f89,
-	0x322146,
-	0x304bc7,
-	0x38bd45,
-	0x248309,
-	0x360706,
-	0x34638d,
-	0x293749,
-	0x23d6c4,
-	0x2d5048,
-	0x23ddc9,
-	0x33a806,
-	0x28d2c5,
-	0x3a0fc6,
-	0x36f209,
-	0x36fb08,
-	0x204005,
-	0x2a0504,
-	0x2ad94b,
-	0x33a6c5,
-	0x2502c6,
-	0x295886,
-	0x25d146,
-	0x24e80b,
-	0x2a4109,
-	0x3e1485,
-	0x32d107,
-	0x2bc286,
-	0x261986,
-	0x294d08,
-	0x2d9b09,
-	0x36d80c,
-	0x30cac8,
-	0x31bb06,
-	0x3344c3,
-	0x235f06,
-	0x240c45,
-	0x291188,
-	0x3d0e46,
-	0x304f88,
-	0x259605,
-	0x26bf45,
-	0x2ddf88,
-	0x383487,
-	0x219747,
-	0x2fb907,
-	0x31c0c8,
-	0x351248,
-	0x2f5f86,
-	0x2ceac7,
-	0x21d547,
-	0x39dfca,
-	0x205cc3,
-	0x20bc46,
-	0x260d05,
-	0x2854c4,
-	0x28ea49,
-	0x39e1c4,
-	0x200e84,
-	0x2af3c4,
-	0x2b16cb,
-	0x32f7c7,
-	0x2f9a05,
-	0x2a7e08,
-	0x28ba06,
-	0x28ba08,
-	0x28fe46,
-	0x29d2c5,
-	0x29d805,
-	0x2a1486,
-	0x276c48,
-	0x2a2308,
-	0x28ec06,
-	0x2a7c4f,
-	0x2ab310,
-	0x3da785,
-	0x208c03,
-	0x286385,
-	0x31c548,
-	0x2a4e89,
-	0x3c9a88,
-	0x21b288,
-	0x263f08,
-	0x32f887,
-	0x28b6c9,
-	0x305188,
-	0x3c8fc4,
+	0x288b04,
+	0x258ec5,
+	0x203ec3,
+	0x360b45,
+	0x2b5186,
+	0x2af8cc,
+	0x21e246,
+	0x2903c6,
+	0x2a0c45,
+	0x2fb308,
+	0x2e9786,
+	0x26d206,
+	0x21e4c6,
+	0x22a3cc,
+	0x286c44,
+	0x378dca,
+	0x2a0b88,
+	0x2af707,
+	0x250406,
+	0x267d87,
+	0x309f05,
+	0x29ab46,
+	0x368d86,
+	0x381847,
+	0x2357c4,
+	0x220445,
+	0x28e7c4,
+	0x2c6607,
+	0x28ea08,
+	0x28fd4a,
+	0x296087,
+	0x2c2207,
+	0x359bc7,
+	0x2fcec9,
+	0x2af8ca,
+	0x234b43,
+	0x2356c5,
+	0x211783,
+	0x2d3f09,
+	0x362c88,
+	0x375b07,
+	0x355f09,
+	0x21e2c6,
+	0x227a08,
+	0x35b685,
+	0x20c2ca,
+	0x3839c9,
+	0x29c009,
+	0x2e5a47,
+	0x3e5189,
+	0x211648,
+	0x3d2c06,
+	0x2aed88,
+	0x204407,
+	0x234c87,
+	0x2ac6c7,
+	0x3ce308,
+	0x386186,
+	0x255845,
+	0x292447,
+	0x2b0108,
+	0x378c04,
+	0x2ed884,
+	0x2a6b47,
+	0x2c7f87,
+	0x29c24a,
+	0x3d2b86,
+	0x3c834a,
+	0x2dd947,
+	0x245d47,
+	0x220504,
+	0x2a2c84,
+	0x2ee146,
+	0x3e9a84,
+	0x3e9a8c,
+	0x318d05,
+	0x217449,
+	0x2af004,
+	0x2d1d85,
+	0x229688,
+	0x20bb45,
+	0x39dc06,
+	0x237e44,
+	0x2aa98a,
+	0x2c6a06,
+	0x2afdca,
+	0x263b07,
+	0x2a71c5,
+	0x2353c5,
+	0x24b00a,
+	0x28d4c5,
+	0x2b9606,
+	0x24f184,
+	0x2ce946,
+	0x399405,
+	0x3d6786,
+	0x3e4e0c,
+	0x3f278a,
+	0x2abd04,
+	0x234ec6,
+	0x2b6407,
+	0x2f0504,
+	0x3576c8,
+	0x2d6446,
+	0x3a0b49,
+	0x2f8649,
+	0x2c4449,
+	0x30fc46,
+	0x204506,
+	0x2aeec7,
+	0x204048,
+	0x204309,
+	0x33ac87,
+	0x2ad846,
+	0x3d5d87,
+	0x244545,
+	0x245f84,
+	0x2aea87,
+	0x3bb485,
+	0x29ccc5,
+	0x394687,
+	0x255648,
+	0x3dedc6,
+	0x2b0f8d,
+	0x2b2a0f,
+	0x2b7f4d,
+	0x222744,
+	0x242046,
+	0x2f3508,
+	0x3ea185,
+	0x24b4c8,
+	0x36790a,
+	0x23ee44,
+	0x2d2686,
+	0x217e87,
+	0x2198c7,
+	0x36b989,
+	0x2aed45,
+	0x2d1cc4,
+	0x2d374a,
+	0x2d9849,
+	0x3e5287,
+	0x36be46,
+	0x342cc6,
+	0x258e06,
+	0x270c06,
+	0x32f48f,
+	0x2f33c9,
+	0x20bfc6,
+	0x271506,
+	0x23b6c9,
+	0x2d24c7,
+	0x200e83,
+	0x22a546,
+	0x21c543,
+	0x364448,
+	0x285e47,
+	0x2ba309,
+	0x2b9b48,
+	0x214ac8,
+	0x318146,
+	0x232c89,
+	0x38f805,
+	0x23c104,
+	0x383887,
+	0x3a1285,
+	0x222744,
+	0x38c208,
+	0x21b284,
+	0x2d2207,
+	0x2e5106,
+	0x27b105,
 	0x2af248,
-	0x218009,
-	0x2cf047,
-	0x39eb84,
-	0x3727c8,
-	0x25278a,
-	0x32f346,
-	0x219186,
-	0x21dd09,
-	0x2aed87,
-	0x2e68c8,
-	0x245c08,
-	0x3cbac8,
-	0x2775c5,
-	0x348d85,
-	0x252bc5,
-	0x294f45,
-	0x2cba47,
-	0x21dcc5,
-	0x2db305,
-	0x21da06,
-	0x3c99c7,
-	0x3839c7,
-	0x252a86,
-	0x2ec485,
-	0x2502c6,
-	0x205005,
-	0x36d588,
-	0x320644,
-	0x2e1086,
-	0x398084,
-	0x2d5cc8,
-	0x2e118a,
-	0x28f20c,
-	0x2afd05,
-	0x30ea86,
-	0x36d9c6,
-	0x3b6b46,
-	0x31bb84,
-	0x3d2b45,
-	0x28f707,
-	0x2aee09,
-	0x2e6187,
-	0x773104,
-	0x773104,
-	0x32f645,
-	0x30e584,
-	0x2acf4a,
-	0x28b886,
-	0x2ddf04,
-	0x3cf605,
-	0x2cae05,
-	0x2cd504,
-	0x2954c7,
-	0x207d87,
-	0x2e5bc8,
-	0x2deec8,
-	0x204009,
-	0x320fc8,
-	0x299a0b,
-	0x2398c4,
-	0x34a4c5,
-	0x2921c5,
-	0x2fb889,
-	0x2d9b09,
-	0x23a0c8,
-	0x2f0d08,
-	0x264844,
-	0x29adc5,
-	0x20c003,
-	0x358a05,
-	0x2ad606,
-	0x2a8d4c,
-	0x21b086,
-	0x28d1c6,
-	0x29ca45,
-	0x2f9ac8,
-	0x2e0a86,
-	0x279486,
-	0x219186,
-	0x22e80c,
-	0x282384,
-	0x37058a,
-	0x29c988,
-	0x2a8b87,
-	0x33ebc6,
-	0x260b87,
-	0x302f85,
-	0x297346,
-	0x361386,
-	0x37b807,
-	0x255844,
-	0x3d7885,
-	0x28b384,
-	0x2c0e87,
-	0x28b5c8,
-	0x28cb4a,
-	0x292407,
-	0x2bc907,
-	0x351087,
-	0x2f7e09,
-	0x2a8d4a,
-	0x232443,
-	0x255745,
-	0x214103,
-	0x2cfc49,
-	0x231e08,
-	0x36ca87,
-	0x3c9b89,
-	0x21b106,
-	0x2050c8,
-	0x2ca105,
-	0x24a88a,
-	0x3a8289,
-	0x280a09,
-	0x2e0947,
-	0x2f6189,
-	0x213fc8,
-	0x3d6c46,
-	0x30ec48,
-	0x28c3c7,
-	0x243887,
-	0x3de287,
-	0x2e8c88,
-	0x37f046,
-	0x252545,
-	0x28f707,
-	0x2a9648,
-	0x3703c4,
-	0x378a84,
-	0x2a2d87,
-	0x2c2687,
-	0x280c4a,
-	0x3d6bc6,
-	0x3d2e4a,
-	0x2da087,
-	0x2b4987,
-	0x3d7944,
-	0x29b684,
-	0x2e9006,
-	0x3cd884,
-	0x3cd88c,
-	0x311645,
-	0x218e49,
-	0x205c84,
-	0x2cd5c5,
-	0x20dcc8,
-	0x2a23c5,
-	0x39cd86,
-	0x2a50c4,
-	0x2a5fca,
-	0x2c1f06,
-	0x3513ca,
-	0x2b8c07,
-	0x2a3405,
-	0x231885,
-	0x24e20a,
-	0x28a245,
-	0x239746,
-	0x24cf84,
-	0x2c9406,
-	0x3a9705,
-	0x3d0f06,
-	0x31a70c,
-	0x36464a,
-	0x281b04,
-	0x20e506,
-	0x2aed87,
-	0x2ea944,
-	0x223ec8,
-	0x3ab986,
-	0x39f1c9,
-	0x37d709,
-	0x2bebc9,
-	0x20e6c6,
-	0x28c4c6,
-	0x30ed87,
-	0x3742c8,
-	0x28c2c9,
-	0x32f7c7,
-	0x2a7f86,
-	0x3d0507,
-	0x34c385,
-	0x2b4bc4,
-	0x30e947,
-	0x21d705,
-	0x2992c5,
-	0x393747,
-	0x252348,
-	0x3dd6c6,
-	0x2aa4cd,
-	0x2abbcf,
-	0x2b060d,
-	0x21dc04,
-	0x23fc46,
-	0x2ed548,
-	0x208c05,
-	0x24e6c8,
-	0x3b50ca,
-	0x23d6c4,
-	0x2cbec6,
-	0x2b6187,
-	0x2cde87,
-	0x22ee89,
-	0x30ec05,
-	0x2cd504,
-	0x2cf8ca,
-	0x2d6649,
-	0x2f6287,
-	0x2aa786,
-	0x33a806,
-	0x29ad06,
-	0x26af46,
-	0x35a38f,
-	0x2ed409,
-	0x24a586,
-	0x26be86,
-	0x237789,
-	0x2cebc7,
-	0x20ae43,
-	0x22e986,
-	0x219d43,
-	0x35e948,
-	0x255107,
-	0x2b3349,
-	0x2b4588,
-	0x219888,
-	0x254d46,
-	0x22af49,
-	0x35d745,
-	0x235e44,
-	0x2ccac7,
-	0x3ac7c5,
-	0x21dc04,
-	0x3e75c8,
-	0x2187c4,
-	0x2ce907,
-	0x3adf86,
-	0x242845,
-	0x2ac2c8,
-	0x33a6cb,
-	0x30fc07,
-	0x24e486,
-	0x2e1f04,
-	0x3b5f86,
-	0x27bb45,
-	0x21d705,
-	0x291809,
-	0x2950c9,
-	0x2438c4,
-	0x243905,
-	0x20e545,
-	0x24a706,
-	0x30f808,
-	0x2d9286,
-	0x22bf0b,
-	0x2c5d4a,
-	0x2d5c05,
-	0x29d886,
-	0x236305,
-	0x3c5b45,
-	0x2a9247,
-	0x20bec8,
-	0x276cc4,
-	0x25be46,
-	0x2a2386,
-	0x214187,
-	0x322644,
-	0x290806,
-	0x23a445,
-	0x23a449,
-	0x28c6c4,
-	0x30bfc9,
-	0x28ec06,
-	0x2dc248,
-	0x20e545,
-	0x39f445,
-	0x3d0f06,
-	0x36d709,
-	0x21aa49,
-	0x28d246,
-	0x31f6c8,
-	0x35c408,
-	0x2362c4,
-	0x2d0084,
-	0x2d0088,
-	0x3c7608,
-	0x35d909,
-	0x2ad586,
-	0x219186,
-	0x339c8d,
-	0x318346,
-	0x2dac89,
-	0x3bcf05,
-	0x21a006,
-	0x36fc88,
-	0x336885,
-	0x21d584,
-	0x27bb45,
-	0x294a08,
-	0x2acd09,
-	0x28b444,
-	0x2d18c6,
-	0x2eadca,
-	0x397988,
-	0x280dc9,
-	0x28d90a,
-	0x3c9b06,
-	0x2abd88,
-	0x379605,
-	0x3b4c48,
-	0x303005,
-	0x21afc9,
-	0x33c7c9,
-	0x23bc42,
-	0x2a6ec5,
-	0x292286,
-	0x28eb47,
-	0x2854c5,
-	0x33eac6,
-	0x317308,
-	0x2b2246,
-	0x37a9c9,
-	0x28dd86,
-	0x294b88,
-	0x2be0c5,
-	0x24c706,
-	0x385dc8,
-	0x293288,
-	0x2790c8,
-	0x319888,
-	0x20d644,
-	0x223803,
-	0x37ac04,
-	0x292606,
-	0x34c3c4,
-	0x2a37c7,
-	0x279389,
-	0x2e1405,
-	0x245c06,
-	0x22e986,
-	0x2a03cb,
-	0x2cc1c6,
-	0x237fc6,
-	0x2e3fc8,
-	0x328986,
-	0x2a3203,
-	0x207083,
-	0x2b4bc4,
-	0x238745,
-	0x303747,
-	0x28b5c8,
-	0x28b5cf,
-	0x28f60b,
-	0x30f608,
-	0x2d1946,
-	0x30f90e,
-	0x24e643,
-	0x3036c4,
-	0x2cc145,
-	0x2cd386,
-	0x2a088b,
-	0x2a47c6,
-	0x22dd09,
-	0x242845,
-	0x248a08,
-	0x203cc8,
-	0x21a90c,
-	0x2b1706,
-	0x358a46,
-	0x2d4205,
-	0x299688,
-	0x28f205,
-	0x34eb88,
-	0x2adb0a,
-	0x2b0a49,
-	0x773104,
+	0x342b8b,
+	0x316ec7,
+	0x24b286,
+	0x2e7504,
+	0x3a9606,
+	0x27e985,
+	0x3bb485,
+	0x295489,
+	0x2988c9,
+	0x234cc4,
+	0x234d05,
+	0x214b85,
+	0x20c146,
+	0x316ac8,
+	0x2dcc46,
+	0x256e8b,
+	0x2cb48a,
+	0x2d8e85,
+	0x2a2146,
+	0x23a245,
+	0x357e45,
+	0x2b5e87,
+	0x3ec208,
+	0x279284,
+	0x260c46,
+	0x2a6146,
+	0x211807,
+	0x32cf84,
+	0x294006,
+	0x2ff245,
+	0x2ff249,
+	0x204704,
+	0x3139c9,
+	0x291946,
+	0x2df708,
+	0x214b85,
+	0x3a0dc5,
+	0x3d6786,
+	0x2e4a09,
+	0x21ba49,
+	0x290446,
+	0x2ed588,
+	0x23ee48,
+	0x23a204,
+	0x2d3bc4,
+	0x2d3bc8,
+	0x20ba88,
+	0x38f9c9,
+	0x2b5106,
+	0x21e4c6,
+	0x34214d,
+	0x3203c6,
+	0x2df0c9,
+	0x228285,
+	0x21c586,
+	0x233c88,
+	0x33ed85,
+	0x3bb304,
+	0x27e985,
+	0x2981c8,
+	0x2b4889,
+	0x28e884,
+	0x2d4e86,
+	0x2f098a,
+	0x398548,
+	0x29c3c9,
+	0x290b0a,
+	0x355e86,
+	0x2b2bc8,
+	0x37f905,
+	0x2a0e08,
+	0x309f85,
+	0x21e189,
+	0x344849,
+	0x231e42,
+	0x2d7745,
+	0x295f06,
+	0x291887,
+	0x284805,
+	0x328146,
+	0x31f388,
+	0x2b3046,
+	0x2f7709,
+	0x290f86,
+	0x2ee508,
+	0x2c3945,
+	0x2533c6,
+	0x20cf48,
+	0x296f08,
+	0x362a48,
+	0x321f88,
+	0x2185c4,
+	0x232783,
+	0x2f7944,
+	0x296286,
+	0x244584,
+	0x3aac47,
+	0x26d109,
+	0x2e6645,
+	0x2464c6,
+	0x22a546,
+	0x2a4b4b,
+	0x2d1086,
+	0x285906,
+	0x2e9608,
+	0x240646,
+	0x2a6fc3,
+	0x211483,
+	0x245f84,
+	0x23c405,
+	0x328387,
+	0x28ea08,
+	0x28ea0f,
+	0x29234b,
+	0x3168c8,
+	0x2d4f06,
+	0x316bce,
+	0x24b443,
+	0x328304,
+	0x2d1005,
+	0x2d1b46,
+	0x2a424b,
+	0x2a89c6,
+	0x21f509,
+	0x27b105,
+	0x38e748,
+	0x209c08,
+	0x21b90c,
+	0x2b9046,
+	0x360b86,
+	0x3e4245,
+	0x29d088,
+	0x20cf45,
+	0x2402c8,
+	0x2b568a,
+	0x2b8389,
+	0x7bf004,
 	0x2000c2,
-	0x53a05842,
+	0x5420b642,
 	0x200382,
-	0x258104,
-	0x2026c2,
-	0x292e44,
-	0x2048c2,
-	0xbc03,
+	0x25c204,
+	0x200ec2,
+	0x230944,
+	0x201f42,
 	0x2003c2,
-	0x2036c2,
-	0x7ffc8,
-	0x45c4,
-	0x229f43,
-	0x224d03,
-	0x2e9c43,
-	0xf002,
-	0x58e02,
-	0x219c03,
-	0x2127c3,
-	0x21f483,
-	0x6ca02,
-	0x9e42,
-	0x1b02,
-	0x258843,
-	0x229f43,
-	0x224d03,
-	0x2e9c43,
-	0x258104,
-	0x2127c3,
-	0x21f483,
-	0x220743,
-	0x29f804,
-	0x229f43,
-	0x241284,
-	0x224d03,
-	0x2ef2c4,
-	0x2e9c43,
-	0x285787,
-	0x219c03,
-	0x20bc03,
-	0x219d08,
-	0x21f483,
-	0x28aa0b,
-	0x3041c3,
-	0x216e06,
-	0x208ec2,
-	0x2ff38b,
-	0x224d03,
-	0x2e9c43,
-	0x2127c3,
-	0x21f483,
-	0x229f43,
-	0x224d03,
-	0x2e9c43,
-	0x21f483,
-	0x21ad03,
-	0x207743,
+	0x206382,
+	0x1c3448,
+	0x11d44,
+	0x21a043,
+	0x226783,
+	0x20f583,
+	0xb882,
+	0x5cf02,
+	0x214e43,
+	0x214883,
+	0x24acc3,
+	0x2ccc2,
+	0xba42,
+	0x3342,
+	0x20bec3,
+	0x21a043,
+	0x226783,
+	0x20f583,
+	0x25c204,
+	0x214883,
+	0x24acc3,
+	0x24f6c3,
+	0x265a04,
+	0x21a043,
+	0x243544,
+	0x226783,
+	0x2eef84,
+	0x20f583,
+	0x284ac7,
+	0x214e43,
+	0x208c43,
+	0x2a1948,
+	0x24acc3,
+	0x2937cb,
+	0x30ad83,
+	0x219086,
+	0x249902,
+	0x30614b,
+	0x226783,
+	0x20f583,
+	0x214883,
+	0x24acc3,
+	0x21a043,
+	0x226783,
+	0x20f583,
+	0x24acc3,
+	0x21bd03,
+	0x203783,
 	0x2000c2,
-	0x7ffc8,
-	0x232a05,
-	0x21d788,
-	0x34fd88,
-	0x205842,
-	0x354705,
-	0x3d0647,
-	0x203642,
-	0x2ce747,
+	0x1c3448,
+	0x235d45,
+	0x3bb508,
+	0x2ef0c8,
+	0x20b642,
+	0x3b9485,
+	0x3d5ec7,
+	0x201b42,
+	0x3c4e47,
 	0x200382,
-	0x262447,
-	0x22cf89,
-	0x27c388,
-	0x3cb949,
-	0x212c82,
-	0x203e87,
-	0x392fc4,
-	0x3d0707,
-	0x2c5c47,
-	0x26dc42,
-	0x219c03,
-	0x20f782,
-	0x2048c2,
+	0x2696c7,
+	0x246f89,
+	0x27f1c8,
+	0x3d0a09,
+	0x213c02,
+	0x20f2c7,
+	0x393f04,
+	0x3d5f87,
+	0x2cb387,
+	0x2dbe82,
+	0x214e43,
+	0x20d3c2,
+	0x201f42,
 	0x2003c2,
-	0x20f102,
+	0x2035c2,
 	0x200902,
-	0x2036c2,
-	0x2eb705,
-	0x212345,
-	0x5842,
-	0x24d03,
-	0x229f43,
-	0x224d03,
-	0x219443,
-	0x2e9c43,
-	0x204203,
-	0x2127c3,
-	0x21f483,
-	0x229f43,
-	0x224d03,
-	0x2e9c43,
-	0x2127c3,
-	0x21f483,
-	0x229f43,
-	0x224d03,
-	0x2e9c43,
-	0x14fa46,
-	0x566c744b,
-	0x219c03,
-	0x2127c3,
-	0x81983,
-	0x21f483,
-	0xca7c5,
-	0x11643,
+	0x206382,
+	0x283b85,
+	0x214405,
+	0xb642,
+	0x26783,
+	0x21a043,
+	0x226783,
+	0x207ec3,
+	0x20f583,
+	0x211983,
+	0x214883,
+	0x24acc3,
+	0x21a043,
+	0x226783,
+	0x20f583,
+	0x214883,
+	0x24acc3,
+	0x21a043,
+	0x226783,
+	0x20f583,
+	0x159186,
+	0x56ea590b,
+	0x214e43,
+	0x214883,
+	0x24acc3,
+	0x1a3d05,
+	0x11f03,
 	0x101,
-	0x229f43,
-	0x224d03,
-	0x2e9c43,
-	0x258104,
-	0x25e043,
-	0x2127c3,
-	0x81983,
-	0x21f483,
-	0x21fc83,
-	0x5706e786,
-	0x5483,
-	0x1739c5,
-	0x229f43,
-	0x224d03,
-	0x2e9c43,
-	0x2127c3,
-	0x21f483,
-	0x205842,
-	0x229f43,
-	0x224d03,
-	0x2e9c43,
-	0x2127c3,
-	0x81983,
-	0x21f483,
-	0x7042,
-	0x7ffc8,
-	0x361c3,
-	0xbc03,
-	0x81983,
-	0x51a44,
-	0x1487dc4,
-	0xf80c5,
+	0x21a043,
+	0x226783,
+	0x20f583,
+	0x25c204,
+	0x20bc83,
+	0x214883,
+	0x24acc3,
+	0x221c03,
+	0x57889cc6,
+	0x24dc3,
+	0x1a85,
+	0x21a043,
+	0x226783,
+	0x20f583,
+	0x214883,
+	0x24acc3,
+	0x20b642,
+	0x21a043,
+	0x226783,
+	0x20f583,
+	0x214883,
+	0x24acc3,
+	0xabc2,
+	0x1c3448,
+	0x3a103,
+	0x550c4,
+	0x148c0c4,
+	0xfd185,
+	0x1ad803,
 	0x2000c2,
-	0x32d4c4,
-	0x229f43,
-	0x224d03,
-	0x2e9c43,
-	0x240a03,
-	0x235c45,
-	0x25e043,
-	0x2280c3,
-	0x2127c3,
-	0x25c743,
-	0x21f483,
-	0x217083,
-	0x208d43,
-	0x205ec3,
-	0xc8bc3,
+	0x339144,
+	0x21a043,
+	0x226783,
+	0x20f583,
+	0x23b9c3,
+	0x239805,
+	0x20bc83,
+	0x222043,
+	0x214883,
+	0x262243,
+	0x24acc3,
+	0x219303,
+	0x212f03,
+	0x200f83,
+	0x15103,
 	0x5c2,
-	0x47f42,
-	0x229f43,
-	0x224d03,
-	0x2e9c43,
-	0x2127c3,
-	0x21f483,
+	0x445c2,
+	0x21a043,
+	0x226783,
+	0x20f583,
+	0x214883,
+	0x24acc3,
 	0x2000c2,
-	0x258843,
-	0x205842,
-	0xd02,
-	0x224d03,
-	0x2e9c43,
-	0x258104,
-	0x2127c3,
-	0x21f483,
-	0x2036c2,
-	0x7ffc8,
-	0x2e9c43,
-	0x81983,
-	0x7ffc8,
-	0x81983,
-	0x2c9ec3,
-	0x229f43,
-	0x23b4c4,
-	0x224d03,
-	0x2e9c43,
-	0x203842,
-	0x219c03,
-	0x2127c3,
-	0xbc03,
-	0x21f483,
-	0x229f43,
-	0x224d03,
-	0x2e9c43,
-	0x203842,
-	0x2335c3,
-	0x2127c3,
-	0x21f483,
-	0x2fe343,
-	0x217083,
+	0x20bec3,
+	0x20b642,
+	0x101c2,
+	0x226783,
+	0x20f583,
+	0x25c204,
+	0x214883,
+	0x24acc3,
+	0x206382,
+	0x1c3448,
+	0x20f583,
+	0x1c3448,
+	0x2507c3,
+	0x21a043,
+	0x23e084,
+	0x226783,
+	0x20f583,
+	0x206502,
+	0x214e43,
+	0x214883,
+	0x24acc3,
+	0x21a043,
+	0x226783,
+	0x20f583,
+	0x206502,
+	0x2384c3,
+	0x214883,
+	0x24acc3,
+	0x305103,
+	0x219303,
 	0x2000c2,
-	0x205842,
-	0x2e9c43,
-	0x2127c3,
-	0x21f483,
-	0x216e05,
-	0x157246,
-	0x762c4,
-	0x31384,
-	0x29f804,
-	0x208ec2,
+	0x20b642,
+	0x20f583,
+	0x214883,
+	0x24acc3,
+	0x219085,
+	0x16f9c6,
+	0x78884,
+	0xc47c4,
+	0x265a04,
+	0x249902,
 	0x882,
-	0x7ffc8,
-	0xd02,
-	0x58e02,
-	0xfc2,
+	0x1c3448,
+	0x101c2,
+	0x5cf02,
+	0x19c2,
 	0x2000c2,
-	0x145d45,
-	0x25388,
-	0xf7c03,
-	0x205842,
-	0x48244,
-	0x5c149406,
-	0xc344,
-	0xb2e8b,
-	0x46a06,
-	0x84447,
-	0xb7ac9,
-	0x224d03,
-	0x573c8,
-	0x573cb,
-	0x5784b,
-	0x585cb,
-	0x5890b,
-	0x58bcb,
-	0x5900b,
-	0xeb86,
-	0x2e9c43,
-	0x146bc5,
-	0x172ec4,
-	0x267c83,
-	0x1196c7,
-	0x15a2c6,
-	0x12fc05,
-	0x1cde04,
-	0xf37c4,
-	0x7f0c4,
-	0x2127c3,
-	0x8d346,
-	0xf9304,
-	0x81983,
-	0x21f483,
-	0x305744,
-	0x1300c7,
-	0x156e49,
-	0xb2c48,
-	0x1e3f05,
-	0x1d3204,
-	0x1d0844,
-	0x172283,
-	0x5b646,
-	0x11448,
-	0x198185,
-	0x71c9,
-	0x13803,
-	0x10b2c6,
-	0x145d45,
-	0x205842,
-	0x229f43,
-	0x224d03,
-	0x2e9c43,
-	0x219c03,
-	0x20bc03,
-	0x21f483,
-	0x3041c3,
-	0x208ec2,
-	0x7ffc8,
-	0x229f43,
-	0x224d03,
-	0x2e9c43,
-	0x258103,
-	0x222d84,
-	0x2127c3,
-	0xbc03,
-	0x21f483,
-	0x229f43,
-	0x224d03,
-	0x2ef2c4,
-	0x2e9c43,
-	0x2127c3,
-	0x21f483,
-	0x216e06,
-	0x224d03,
-	0x2e9c43,
-	0x1d343,
-	0x81983,
-	0x21f483,
-	0x229f43,
-	0x224d03,
-	0x2e9c43,
-	0x2127c3,
-	0x21f483,
-	0x145d45,
-	0x84447,
-	0x84c3,
-	0x13803,
-	0x7ffc8,
-	0x2e9c43,
-	0x229f43,
-	0x224d03,
-	0x2e9c43,
-	0x979c3,
-	0x2127c3,
-	0x21f483,
-	0x5f629f43,
-	0x224d03,
-	0x2127c3,
-	0x21f483,
-	0x7ffc8,
+	0x14f985,
+	0x27348,
+	0x104543,
+	0x20b642,
+	0x49344,
+	0x5cd61806,
+	0x2d784,
+	0xbe6cb,
+	0x47306,
+	0x89207,
+	0x629c9,
+	0x226783,
+	0x5b4c8,
+	0x5b4cb,
+	0x5b94b,
+	0x5c6cb,
+	0x5ca0b,
+	0x5cccb,
+	0x5d10b,
+	0x128c6,
+	0x20f583,
+	0x100185,
+	0x1c0044,
+	0x220303,
+	0x121dc7,
+	0x12f3c6,
+	0x13b0c5,
+	0xca04,
+	0xf9004,
+	0x82384,
+	0x214883,
+	0x90546,
+	0x149204,
+	0x24acc3,
+	0x30b844,
+	0x13b587,
+	0x16f5c9,
+	0xbe488,
+	0x1e3885,
+	0xf644,
+	0x1d60c4,
+	0x467c3,
+	0x1d4803,
+	0x5f986,
+	0x112c8,
+	0x198d45,
+	0x1bf7c9,
+	0x15ac3,
+	0x112cc6,
+	0x14f985,
+	0x20b642,
+	0x21a043,
+	0x226783,
+	0x20f583,
+	0x214e43,
+	0x208c43,
+	0x24acc3,
+	0x30ad83,
+	0x249902,
+	0x1c3448,
+	0x21a043,
+	0x226783,
+	0x20f583,
+	0x231a43,
+	0x225a04,
+	0x214883,
+	0x24acc3,
+	0x21a043,
+	0x226783,
+	0x2eef84,
+	0x20f583,
+	0x214883,
+	0x24acc3,
+	0x219086,
+	0x226783,
+	0x20f583,
+	0x1fe83,
+	0x24acc3,
+	0x21a043,
+	0x226783,
+	0x20f583,
+	0x214883,
+	0x24acc3,
+	0x14f985,
+	0x89207,
+	0x9043,
+	0x15ac3,
+	0xba02,
+	0x1c3448,
+	0x20f583,
+	0x21a043,
+	0x226783,
+	0x20f583,
+	0x3e03,
+	0x1a2a48,
+	0x214883,
+	0x24acc3,
+	0x6061a043,
+	0x226783,
+	0x214883,
+	0x24acc3,
+	0x1c3448,
 	0x2000c2,
-	0x205842,
-	0x229f43,
-	0x2e9c43,
-	0x2127c3,
+	0x20b642,
+	0x21a043,
+	0x20f583,
+	0x214883,
 	0x2003c2,
-	0x21f483,
-	0x33cd07,
-	0x236d4b,
-	0x219dc3,
-	0x321e08,
-	0x374047,
-	0x3e2986,
-	0x3112c5,
-	0x354849,
-	0x216b88,
-	0x285b89,
-	0x285b90,
-	0x38864b,
-	0x3aec89,
-	0x2084c3,
-	0x221c49,
-	0x23ca06,
-	0x23ca0c,
-	0x232ac8,
-	0x3ed388,
-	0x271709,
-	0x2d094e,
-	0x22cd4b,
-	0x2c54cc,
-	0x2030c3,
-	0x27f60c,
-	0x2030c9,
-	0x3e4347,
-	0x23e60c,
-	0x2c714a,
-	0x259b44,
-	0x2c084d,
-	0x27f4c8,
-	0x3d9ecd,
-	0x282c06,
-	0x29f80b,
-	0x356fc9,
-	0x26c107,
-	0x386206,
-	0x332949,
-	0x349f8a,
-	0x3a73c8,
-	0x303dc4,
-	0x2c3087,
-	0x250d47,
-	0x20a3c4,
-	0x22d744,
-	0x387109,
-	0x3bc989,
-	0x3d0bc8,
-	0x32e9c5,
-	0x212bc5,
-	0x20da06,
-	0x2c0709,
-	0x352bcd,
-	0x21a108,
-	0x20d907,
-	0x311348,
-	0x24f486,
-	0x2443c4,
-	0x269185,
-	0x3e8c86,
-	0x3eb4c4,
-	0x202fc7,
-	0x20644a,
-	0x213f04,
-	0x2183c6,
-	0x21bf49,
-	0x21bf4f,
-	0x21cd0d,
-	0x21d246,
-	0x224f90,
-	0x225386,
-	0x225c47,
-	0x226587,
-	0x22658f,
-	0x227009,
-	0x22ca86,
-	0x22d207,
-	0x22d208,
-	0x22e049,
-	0x3d5848,
-	0x30b9c7,
-	0x20e2c3,
-	0x234e06,
-	0x32e6c8,
-	0x2d0c0a,
-	0x203709,
-	0x216cc3,
-	0x354606,
-	0x25bc8a,
-	0x244e47,
-	0x3e418a,
-	0x34910e,
-	0x227146,
-	0x33f0c7,
-	0x24b806,
-	0x202546,
-	0x348b8b,
-	0x20ec8a,
-	0x3d7c8d,
-	0x28c587,
-	0x27a688,
-	0x27a689,
-	0x27a68f,
-	0x3a784c,
-	0x3a7b09,
-	0x278ace,
-	0x28588a,
-	0x237d46,
-	0x2f7486,
-	0x3b2acc,
-	0x317fcc,
-	0x322c88,
-	0x35b287,
-	0x224245,
-	0x3d08c4,
-	0x34aece,
-	0x22f544,
-	0x3405c7,
-	0x3ad60a,
-	0x3e6bd4,
-	0x3ea64f,
-	0x226748,
-	0x234cc8,
-	0x38168d,
-	0x38168e,
-	0x235149,
-	0x342548,
-	0x34254f,
-	0x23e30c,
-	0x23e30f,
-	0x23f987,
-	0x2422ca,
-	0x2445cb,
-	0x245008,
-	0x2474c7,
-	0x253c4d,
-	0x366a06,
-	0x2c0a06,
-	0x249209,
-	0x272348,
-	0x24f808,
-	0x24f80e,
-	0x236e47,
-	0x308645,
-	0x251805,
-	0x209484,
-	0x3e2c46,
-	0x3d0ac8,
-	0x264283,
-	0x2c68ce,
-	0x254008,
-	0x24fe4b,
-	0x359547,
-	0x233645,
-	0x27f786,
-	0x2bfb07,
-	0x32ecc8,
-	0x330989,
-	0x23ec45,
-	0x297e48,
-	0x230546,
-	0x3b984a,
-	0x34adc9,
-	0x23e6c9,
-	0x23e6cb,
-	0x284f88,
-	0x20a289,
-	0x2c9806,
-	0x26c4ca,
-	0x3d1fca,
-	0x2424cc,
-	0x379c87,
-	0x27c18a,
-	0x3c6e8b,
-	0x3c6e99,
-	0x2d9408,
-	0x216e85,
-	0x253e06,
-	0x36ff09,
-	0x240186,
-	0x22ff8a,
-	0x229dc6,
-	0x20a6c4,
-	0x2e2e4d,
-	0x20a6c7,
-	0x325f89,
-	0x255f05,
-	0x256dc8,
-	0x257189,
-	0x259344,
-	0x259a47,
-	0x259a48,
-	0x25a107,
-	0x279c48,
-	0x260787,
-	0x2e5885,
-	0x26888c,
-	0x268c89,
-	0x31b2ca,
-	0x26b909,
-	0x221d49,
-	0x26bc4c,
-	0x26ef8b,
-	0x270f48,
-	0x272548,
-	0x275904,
-	0x295f08,
-	0x2975c9,
-	0x2c7207,
-	0x21c186,
-	0x2af587,
-	0x2fbc89,
-	0x20ffcb,
-	0x2511c7,
-	0x21f507,
-	0x2b8d47,
-	0x3d9e44,
-	0x3d9e45,
-	0x2eefc5,
-	0x357dcb,
-	0x208f44,
-	0x3b6988,
-	0x25d44a,
-	0x230607,
-	0x3ecf87,
-	0x29fc92,
-	0x28afc6,
-	0x2389c6,
-	0x33564e,
-	0x28c886,
-	0x2a4c08,
-	0x2a5acf,
-	0x3da288,
-	0x3b4608,
-	0x3ae48a,
-	0x3ae491,
-	0x2b424e,
-	0x26524a,
-	0x26524c,
-	0x265a07,
-	0x342750,
-	0x3d8948,
-	0x2b4445,
-	0x2bfe0a,
-	0x3eb50c,
-	0x2b84cd,
-	0x204206,
-	0x204207,
-	0x20420c,
-	0x20e80c,
-	0x3a864c,
-	0x2c340b,
-	0x3ab384,
-	0x21de84,
-	0x2c4d89,
-	0x31dac7,
-	0x3ead89,
-	0x288509,
-	0x2c6e07,
-	0x2c6fc6,
-	0x2c6fc9,
-	0x2c73c3,
-	0x2b234a,
-	0x32e587,
-	0x20c0cb,
-	0x3d7b0a,
-	0x262584,
-	0x2128c6,
-	0x292689,
-	0x368784,
-	0x2eb30a,
-	0x240d85,
-	0x2d7a85,
-	0x2d7a8d,
-	0x2d7dce,
-	0x31c3c5,
-	0x33b486,
-	0x216a07,
-	0x24ecca,
-	0x22f846,
-	0x27f1c4,
-	0x2fb147,
-	0x2e0d4b,
-	0x3d5d07,
-	0x3b55c4,
-	0x3c8586,
-	0x3c858d,
-	0x2f208c,
-	0x212686,
-	0x21a30a,
-	0x2281c6,
-	0x222088,
-	0x3b2f47,
-	0x22790a,
-	0x23e186,
-	0x286443,
-	0x286446,
-	0x220d48,
-	0x375c0a,
-	0x2a0207,
-	0x2a0208,
-	0x2a2844,
-	0x28b1c7,
-	0x36a3c8,
-	0x2dbb08,
-	0x31a988,
-	0x35a6ca,
-	0x2f7305,
-	0x2bbec7,
-	0x265093,
-	0x27d886,
-	0x2472c8,
-	0x22a349,
-	0x2ce608,
-	0x254dcb,
-	0x2cfe88,
-	0x2e0e84,
-	0x2de086,
-	0x323fc6,
-	0x341689,
-	0x2e0c07,
-	0x268988,
-	0x297446,
-	0x393644,
-	0x32df05,
-	0x3d98c8,
-	0x34a9ca,
-	0x2e2ac8,
-	0x2e6e06,
-	0x2abf8a,
-	0x203b08,
-	0x2e1908,
-	0x2eb588,
-	0x2ec146,
-	0x2ed746,
-	0x33c00c,
-	0x2edcd0,
-	0x2ee0c5,
-	0x2bb0c8,
-	0x2bb0d0,
-	0x3da090,
-	0x285a0e,
-	0x33bc8e,
-	0x33bc94,
-	0x3b244f,
-	0x3b2806,
-	0x3bef11,
-	0x3ed913,
-	0x20a488,
-	0x20b405,
-	0x3cbf08,
-	0x332c05,
-	0x3e244c,
-	0x2166c9,
-	0x22f389,
-	0x3b9c47,
-	0x3495c9,
-	0x35dbc7,
-	0x207586,
-	0x268f87,
-	0x201245,
-	0x211683,
-	0x21d343,
-	0x23d384,
-	0x21338d,
-	0x331e0f,
-	0x393685,
-	0x2165c6,
-	0x22bbc7,
-	0x232847,
-	0x2c5886,
-	0x2c588b,
-	0x2b5485,
-	0x213786,
-	0x3a7107,
-	0x261449,
-	0x226e86,
-	0x310b85,
-	0x381d4b,
-	0x3cf886,
-	0x218b85,
-	0x240a88,
-	0x28ad88,
-	0x2a184c,
-	0x2a1850,
-	0x2ae909,
+	0x24acc3,
+	0x344d87,
+	0x23ac8b,
+	0x217f43,
+	0x28f1c8,
+	0x203dc7,
+	0x392fc6,
+	0x228745,
+	0x3b95c9,
+	0x218e08,
+	0x284ec9,
+	0x284ed0,
+	0x38a44b,
+	0x3b1ec9,
+	0x209043,
+	0x207b09,
+	0x23fd06,
+	0x23fd0c,
+	0x235e08,
+	0x3f02c8,
+	0x378149,
+	0x2d884e,
+	0x246d4b,
+	0x2cae4c,
+	0x205d83,
+	0x2828cc,
+	0x205d89,
+	0x3f10c7,
+	0x24100c,
+	0x2ccaca,
+	0x2346c4,
+	0x2c5fcd,
+	0x282788,
+	0x3dcd4d,
+	0x2874c6,
+	0x265a0b,
+	0x36f749,
+	0x271787,
+	0x20c506,
+	0x326109,
+	0x3a97ca,
+	0x3bc848,
+	0x30a984,
+	0x2c8a07,
+	0x252dc7,
+	0x349b04,
+	0x224c04,
+	0x3ed149,
+	0x324fc9,
+	0x3d6448,
+	0x33a645,
+	0x213b45,
+	0x20ef86,
+	0x2c5e89,
+	0x37ebcd,
+	0x21c688,
+	0x20ee87,
+	0x2287c8,
+	0x251c86,
+	0x241804,
+	0x3676c5,
+	0x3e8046,
+	0x3ef204,
+	0x205c87,
+	0x20864a,
+	0x217384,
+	0x21ae86,
+	0x21ee89,
+	0x21ee8f,
+	0x21f84d,
+	0x21fd86,
+	0x226f50,
+	0x227346,
+	0x2289c7,
+	0x229dc7,
+	0x229dcf,
+	0x22b509,
+	0x22e9c6,
+	0x22f607,
+	0x22f608,
+	0x22fe09,
+	0x213f08,
+	0x3133c7,
+	0x2327c3,
+	0x238a06,
+	0x33a348,
+	0x2d8b0a,
+	0x2063c9,
+	0x218f43,
+	0x3b9386,
+	0x260a8a,
+	0x245207,
+	0x3f0f0a,
+	0x3ca8ce,
+	0x22b646,
+	0x34afc7,
+	0x364ec6,
+	0x205206,
+	0x3b7c8b,
+	0x2129ca,
+	0x25404d,
+	0x2045c7,
+	0x3ea348,
+	0x3ea349,
+	0x3ea34f,
+	0x31144c,
+	0x387a89,
+	0x2c16ce,
+	0x284bca,
+	0x380186,
+	0x303dc6,
+	0x32004c,
+	0x3240cc,
+	0x32d5c8,
+	0x3635c7,
+	0x20d6c5,
+	0x3d6144,
+	0x34a24e,
+	0x224444,
+	0x3eb647,
+	0x3be48a,
+	0x3ee394,
+	0x23790f,
+	0x229f88,
+	0x2388c8,
+	0x21c10d,
+	0x21c10e,
+	0x238d49,
+	0x34be48,
+	0x34be4f,
+	0x240d0c,
+	0x240d0f,
+	0x241d87,
+	0x24408a,
+	0x2453cb,
+	0x246088,
+	0x247b07,
+	0x38df4d,
+	0x36eac6,
+	0x2c6186,
+	0x24a689,
+	0x274708,
+	0x252248,
+	0x25224e,
+	0x23ad87,
+	0x30e505,
+	0x254705,
+	0x224a84,
+	0x393286,
+	0x3d6348,
+	0x26b343,
+	0x2cc04e,
+	0x38e308,
+	0x3a1fcb,
+	0x3a9ec7,
+	0x317b85,
+	0x282a46,
+	0x2c5387,
+	0x36f048,
+	0x371dc9,
+	0x241645,
+	0x29b648,
+	0x362546,
+	0x3bdbca,
+	0x34a149,
+	0x2410c9,
+	0x2410cb,
+	0x343608,
+	0x3499c9,
+	0x2cdc86,
+	0x2801ca,
+	0x28c9ca,
+	0x24428c,
+	0x371c47,
+	0x27efca,
+	0x20b30b,
+	0x20b319,
+	0x2dcdc8,
+	0x219105,
+	0x2e82c6,
+	0x2e2f49,
+	0x242586,
+	0x311cca,
+	0x219ec6,
+	0x201d04,
+	0x2e844d,
+	0x201d07,
+	0x333549,
+	0x259f45,
+	0x25aac8,
+	0x25b289,
+	0x25d444,
+	0x25db47,
+	0x25db48,
+	0x25de87,
+	0x27c888,
+	0x267987,
+	0x21d585,
+	0x26f44c,
+	0x26f849,
+	0x34deca,
+	0x270f89,
+	0x207c09,
+	0x2712cc,
+	0x27330b,
+	0x274108,
+	0x274908,
+	0x277cc4,
+	0x299708,
+	0x29adc9,
+	0x2ccb87,
+	0x21f0c6,
 	0x2b6c07,
-	0x2cb48b,
-	0x2d8346,
-	0x30b88a,
-	0x24704b,
-	0x34bc8a,
-	0x361806,
-	0x2fe205,
-	0x32e2c6,
-	0x28df48,
-	0x2c760a,
-	0x38131c,
-	0x33194c,
-	0x304288,
-	0x216e05,
-	0x288dc7,
-	0x2d0586,
-	0x38bfc5,
-	0x220106,
-	0x2c5a48,
-	0x2d68c7,
-	0x2d0848,
-	0x256f0a,
-	0x38a5cc,
-	0x3d8109,
-	0x384347,
-	0x2cdc04,
-	0x2518c6,
-	0x3b418a,
-	0x288605,
-	0x22d3cc,
-	0x22da88,
-	0x2fd6c8,
-	0x30a50c,
-	0x35c98c,
-	0x3963c9,
-	0x3eab87,
-	0x251f0c,
-	0x22b704,
-	0x306dca,
-	0x227d8c,
-	0x28400b,
-	0x259e4b,
-	0x25ce86,
-	0x263407,
-	0x265507,
-	0x34298f,
-	0x312151,
-	0x2f47d2,
-	0x26550d,
-	0x26550e,
-	0x26584e,
-	0x3b2608,
-	0x3b2612,
-	0x230e48,
-	0x257f07,
-	0x25e70a,
-	0x251d48,
-	0x28c845,
-	0x2cb88a,
-	0x225707,
-	0x2e7cc4,
-	0x254a43,
-	0x2417c5,
-	0x3ae707,
-	0x2fce87,
-	0x2b86ce,
-	0x365d4d,
-	0x3c8249,
-	0x207805,
-	0x31e6c3,
-	0x33e006,
-	0x26c905,
-	0x250088,
-	0x385989,
-	0x224805,
-	0x253e4f,
-	0x2b2f87,
-	0x311145,
-	0x359f0a,
-	0x3daa46,
-	0x3917c9,
-	0x353c8c,
-	0x366c49,
-	0x3ec046,
-	0x25d24c,
-	0x3345c6,
-	0x3bf308,
-	0x239546,
-	0x27cfc6,
-	0x2cc344,
-	0x3c39c3,
-	0x3e954a,
-	0x250491,
-	0x3a7cca,
-	0x26b245,
-	0x26f947,
-	0x265cc7,
-	0x2d54c4,
-	0x36a4cb,
-	0x3cb7c8,
-	0x2d5146,
-	0x3e7205,
-	0x277944,
-	0x268189,
+	0x2e0209,
+	0x24fa8b,
+	0x3991c7,
+	0x2a8707,
+	0x263c47,
+	0x3dccc4,
+	0x3dccc5,
+	0x2f4f05,
+	0x35ff0b,
+	0x3e23c4,
+	0x3db408,
+	0x2bdd8a,
+	0x362607,
+	0x3efec7,
+	0x2a3252,
+	0x293a86,
+	0x23c686,
+	0x33610e,
+	0x29f746,
+	0x2a9408,
+	0x2aa48f,
+	0x3dd108,
+	0x2584c8,
+	0x31004a,
+	0x310051,
+	0x2bb38e,
+	0x280cca,
+	0x280ccc,
+	0x2704c7,
+	0x34c050,
+	0x3da388,
+	0x2bb585,
+	0x2c67ca,
+	0x3ef24c,
+	0x2633cd,
+	0x211986,
+	0x211987,
+	0x21198c,
+	0x21348c,
+	0x23760c,
+	0x2c8d8b,
+	0x3ac7c4,
+	0x20b3c4,
+	0x2ca709,
+	0x327c07,
+	0x239d89,
+	0x28c809,
+	0x2cc787,
+	0x2cc946,
+	0x2cc949,
+	0x2ccd43,
+	0x2b314a,
+	0x33a207,
+	0x3ec40b,
+	0x253eca,
+	0x269804,
+	0x3f4106,
+	0x296309,
+	0x3cc144,
+	0x2f0eca,
+	0x309345,
+	0x2db705,
+	0x2db70d,
+	0x2dba4e,
+	0x368f45,
+	0x343a46,
+	0x218c87,
+	0x2514ca,
+	0x224746,
+	0x282484,
+	0x301007,
+	0x2e5f8b,
+	0x370c87,
+	0x367e04,
+	0x31a606,
+	0x31a60d,
+	0x2f64cc,
+	0x214746,
+	0x21c88a,
+	0x226346,
+	0x3d39c8,
+	0x27b587,
+	0x22be0a,
+	0x363cc6,
+	0x2044c3,
+	0x300346,
+	0x254948,
+	0x37beca,
+	0x2a37c7,
+	0x2a37c8,
+	0x2a6604,
+	0x293c87,
+	0x3a8548,
+	0x2d0988,
+	0x32f7c8,
+	0x2d318a,
+	0x2fc3c5,
+	0x247c47,
+	0x280b13,
+	0x28b3c6,
+	0x255308,
+	0x22dac9,
+	0x3c4d08,
+	0x3181cb,
+	0x2d4148,
+	0x2e60c4,
+	0x3a0146,
+	0x32eb86,
+	0x3b05c9,
+	0x2e5e47,
+	0x26f548,
+	0x29ac46,
+	0x394584,
+	0x339b85,
+	0x3dc748,
+	0x259b0a,
+	0x2e80c8,
+	0x2ec306,
+	0x2b2dca,
+	0x2067c8,
+	0x2e0508,
+	0x2f1148,
+	0x2f1946,
+	0x2f3706,
+	0x3b564c,
+	0x2f3c10,
+	0x2f4005,
+	0x23bc88,
+	0x23bc90,
+	0x3dcf10,
+	0x284d4e,
+	0x3b52ce,
+	0x3b52d4,
+	0x3ba58f,
+	0x3ba946,
+	0x3f0991,
+	0x349bd3,
+	0x20c688,
+	0x3ea6c5,
+	0x28f708,
+	0x3263c5,
+	0x351c0c,
+	0x218949,
+	0x224289,
+	0x231107,
+	0x3bdfc9,
+	0x3619c7,
+	0x3bfb86,
+	0x3674c7,
+	0x202a85,
+	0x211f43,
+	0x21fe83,
+	0x284704,
+	0x21564d,
+	0x39950f,
+	0x3945c5,
+	0x218846,
+	0x236787,
+	0x235b87,
+	0x2e1686,
+	0x2e168b,
+	0x2bc245,
+	0x215a46,
+	0x3baec7,
+	0x268649,
+	0x22b386,
+	0x22e385,
+	0x3ecbcb,
+	0x3f2686,
+	0x21b645,
+	0x243cc8,
+	0x2a4948,
+	0x2b38cc,
+	0x2b38d0,
+	0x2bc389,
+	0x2c12c7,
+	0x331a0b,
+	0x2dbfc6,
+	0x31328a,
+	0x3b890b,
+	0x35484a,
+	0x329f06,
+	0x304fc5,
+	0x339f46,
+	0x29bb08,
+	0x2a5aca,
+	0x21bd9c,
+	0x3b8c0c,
+	0x30ae48,
+	0x219085,
+	0x226987,
+	0x2d8486,
+	0x2dab05,
+	0x223606,
+	0x2e1848,
+	0x2d9ac7,
+	0x2d8748,
+	0x28b48a,
+	0x2fc9cc,
+	0x2544c9,
+	0x3c7e07,
+	0x232004,
+	0x297206,
+	0x25804a,
+	0x28c905,
+	0x22488c,
+	0x224f48,
+	0x311fc8,
+	0x333a8c,
+	0x2385cc,
+	0x239949,
+	0x239b87,
+	0x2509cc,
+	0x365984,
+	0x25e28a,
+	0x21dd0c,
+	0x288dcb,
+	0x3acf0b,
+	0x3ae506,
+	0x26d587,
+	0x26ffc7,
+	0x34c28f,
+	0x319791,
+	0x2fa352,
+	0x26ffcd,
+	0x26ffce,
+	0x27030e,
+	0x3ba748,
+	0x3ba752,
+	0x365e48,
+	0x25c007,
+	0x265e4a,
+	0x260048,
+	0x29f705,
+	0x3cee4a,
+	0x227887,
+	0x2dc104,
+	0x220203,
+	0x397405,
+	0x3102c7,
+	0x301d07,
+	0x2635ce,
+	0x3e3b8d,
+	0x31a2c9,
+	0x289f05,
+	0x3291c3,
+	0x346086,
+	0x272405,
+	0x3a2208,
+	0x20d949,
+	0x2e8305,
+	0x38e14f,
+	0x2be7c7,
+	0x2285c5,
+	0x3aa88a,
+	0x209ac6,
+	0x2ab4c9,
+	0x35c24c,
+	0x36ed09,
+	0x20e786,
+	0x2bdb8c,
+	0x373686,
+	0x3e2a48,
+	0x210106,
+	0x27fe06,
+	0x2d1204,
+	0x207e03,
+	0x3b188a,
+	0x2a3d11,
+	0x263f4a,
+	0x3a9c45,
+	0x26f0c7,
+	0x26c847,
+	0x2d4b04,
+	0x3a864b,
+	0x3d0888,
+	0x2d7cc6,
+	0x38be45,
+	0x279f04,
+	0x26ec09,
 	0x2008c4,
-	0x3ebe47,
-	0x333505,
-	0x333507,
-	0x335885,
-	0x25f3c3,
-	0x257dc8,
-	0x27988a,
-	0x22eb83,
-	0x232a4a,
-	0x3bd7c6,
-	0x253bcf,
-	0x272109,
-	0x2c6850,
-	0x2d5648,
-	0x2e7709,
-	0x2aa307,
-	0x3c850f,
-	0x3c9f44,
-	0x2ef344,
-	0x20b786,
-	0x2f0686,
-	0x26204a,
-	0x256186,
-	0x2c3a87,
-	0x315808,
-	0x315a07,
-	0x3170c7,
-	0x318c4a,
-	0x3179cb,
-	0x23ab05,
-	0x2f4408,
-	0x2098c3,
-	0x3d458c,
-	0x386b0f,
-	0x22404d,
-	0x29d4c7,
-	0x243449,
-	0x396687,
-	0x2d0f88,
-	0x3e6dcc,
-	0x301748,
-	0x24a2c8,
-	0x33314e,
-	0x344cd4,
-	0x3451e4,
-	0x364b8a,
-	0x388ecb,
-	0x35dc84,
-	0x35dc89,
-	0x2cbf48,
-	0x252245,
-	0x373e4a,
-	0x3c9047,
-	0x285584,
-	0x258843,
-	0x229f43,
-	0x241284,
-	0x224d03,
-	0x2e9c43,
-	0x258104,
-	0x25e043,
-	0x219c03,
-	0x2edcc6,
-	0x222d84,
-	0x2127c3,
-	0x21f483,
-	0x202783,
+	0x3d2887,
+	0x33c805,
+	0x33c807,
+	0x336345,
+	0x25ff03,
+	0x25bec8,
+	0x26b54a,
+	0x234643,
+	0x235d8a,
+	0x234646,
+	0x38decf,
+	0x2744c9,
+	0x2cbfd0,
+	0x229188,
+	0x2ecc09,
+	0x2b0dc7,
+	0x31a58f,
+	0x3562c4,
+	0x2ef004,
+	0x2271c6,
+	0x358686,
+	0x3ae00a,
+	0x26aa06,
+	0x2c9407,
+	0x31d888,
+	0x31da87,
+	0x31f147,
+	0x32134a,
+	0x31fa4b,
+	0x325785,
+	0x2f9f88,
+	0x229783,
+	0x3d880c,
+	0x20d44f,
+	0x32dd8d,
+	0x2b7187,
+	0x237209,
+	0x24e147,
+	0x2d4448,
+	0x3ee58c,
+	0x308548,
+	0x256bc8,
+	0x33c44e,
+	0x34e914,
+	0x34ee24,
+	0x36c50a,
+	0x38aacb,
+	0x361a84,
+	0x361a89,
+	0x2d2708,
+	0x255545,
+	0x203bca,
+	0x29cb07,
+	0x220c04,
+	0x20bec3,
+	0x21a043,
+	0x243544,
+	0x226783,
+	0x20f583,
+	0x25c204,
+	0x20bc83,
+	0x214e43,
+	0x2f3c06,
+	0x225a04,
+	0x214883,
+	0x24acc3,
+	0x205443,
 	0x2000c2,
-	0x258843,
-	0x205842,
-	0x229f43,
-	0x241284,
-	0x224d03,
-	0x2e9c43,
-	0x25e043,
-	0x2edcc6,
-	0x2127c3,
-	0x21f483,
-	0x7ffc8,
-	0x229f43,
-	0x224d03,
-	0x28c6c3,
-	0x2127c3,
-	0x81983,
-	0x21f483,
-	0x258843,
-	0x7ffc8,
-	0x229f43,
-	0x224d03,
-	0x2e9c43,
-	0x219c03,
-	0x222d84,
-	0x2127c3,
-	0x21f483,
+	0x20bec3,
+	0x20b642,
+	0x21a043,
+	0x243544,
+	0x226783,
+	0x20f583,
+	0x20bc83,
+	0x2f3c06,
+	0x214883,
+	0x24acc3,
+	0x1c3448,
+	0x21a043,
+	0x226783,
+	0x204703,
+	0x214883,
+	0x24acc3,
+	0x20bec3,
+	0x1c3448,
+	0x21a043,
+	0x226783,
+	0x20f583,
+	0x214e43,
+	0x225a04,
+	0x214883,
+	0x24acc3,
 	0x2000c2,
-	0x289e03,
-	0x205842,
-	0x224d03,
-	0x2e9c43,
-	0x219c03,
-	0x2127c3,
-	0x21f483,
-	0x203702,
-	0x2035c2,
-	0x205842,
-	0x229f43,
-	0x208542,
+	0x2332c3,
+	0x20b642,
+	0x226783,
+	0x20f583,
+	0x214e43,
+	0x214883,
+	0x24acc3,
+	0x203d82,
+	0x206282,
+	0x20b642,
+	0x21a043,
+	0x20c942,
 	0x2005c2,
-	0x258104,
-	0x292e44,
-	0x230a02,
-	0x222d84,
+	0x25c204,
+	0x230944,
+	0x2225c2,
+	0x225a04,
 	0x2003c2,
-	0x21f483,
-	0x202783,
-	0x25ce86,
-	0x26ca02,
-	0x201b02,
-	0x22a742,
-	0x61e12d83,
-	0x62265243,
-	0x66746,
-	0x66746,
-	0x29f804,
-	0x20bc03,
-	0x2acd,
-	0x1d094a,
-	0x1d39cc,
-	0x92ccc,
-	0x62c6e64f,
-	0x1cc94d,
-	0x713c4,
-	0x7b204,
-	0x161cc4,
-	0x145d45,
-	0x98409,
-	0xb778c,
-	0x110947,
-	0x16906,
-	0x1eb88,
-	0x24bc7,
-	0x286c8,
-	0x1c14ca,
-	0x1145c7,
-	0xb79c9,
-	0x632f8c05,
-	0xf8c09,
-	0x634404cb,
-	0x125c88,
-	0x137dcb,
-	0x344b,
-	0x182bc8,
-	0x13054a,
-	0x17d3ce,
-	0x638b738a,
-	0x1e544d,
-	0x3514d,
-	0x14ce40b,
-	0xf1f4a,
-	0xc344,
-	0x8ef86,
-	0x19f508,
-	0xd1e88,
-	0x40787,
-	0x16245,
-	0x1e0507,
-	0xa54c9,
-	0x1cd787,
-	0x1db408,
-	0x31009,
-	0x15f9c4,
-	0x53705,
-	0x3810e,
-	0x1401c7,
-	0x63e26c46,
-	0xbe10d,
-	0x1cd608,
-	0xf4008,
-	0x6429ed46,
-	0x64d82888,
-	0x106b8a,
-	0xb2908,
-	0x13cf10,
-	0x6388c,
-	0x76987,
-	0x77d47,
-	0x7bd87,
-	0x81847,
-	0xd9c2,
-	0x1da407,
-	0xee4c,
-	0x1e1905,
-	0xbd847,
-	0xb6ac6,
-	0xb92c9,
-	0xbb988,
-	0x1d7c2,
+	0x24acc3,
+	0x205443,
+	0x3ae506,
+	0x22ccc2,
+	0x203342,
+	0x22dec2,
+	0x62e2acc3,
+	0x632584c3,
+	0x6d386,
+	0x6d386,
+	0x265a04,
+	0x208c43,
+	0x578d,
+	0x1d61ca,
+	0x1a5486,
+	0x1d784c,
+	0x63eae24d,
+	0x9694c,
+	0x64489b8f,
+	0x1e8b4d,
+	0x177e04,
+	0x7e204,
+	0xee044,
+	0x14f985,
+	0x9e849,
+	0x6268c,
+	0x133907,
+	0x18b86,
+	0x210c8,
+	0x26647,
+	0x2cb08,
+	0x1c588a,
+	0x11c647,
+	0x628c9,
+	0x64adb105,
+	0xf9209,
+	0x64c428cb,
+	0x133248,
+	0x154e0b,
+	0x610b,
+	0xa7788,
+	0x44a0a,
+	0x1830ce,
+	0x650becca,
+	0xe6dcd,
+	0x38d4d,
+	0x15c4b0b,
+	0xf638a,
+	0x2d784,
+	0x91cc6,
+	0x1a0e88,
+	0xd5448,
+	0x42b87,
+	0x2f385,
+	0x1e1307,
+	0xa9cc9,
+	0x1e9987,
+	0xa3c8,
+	0xef589,
+	0x5fe44,
+	0x66605,
+	0x85a4e,
+	0x147947,
+	0x6562eac6,
+	0xc398d,
+	0x1e9808,
+	0xf9b88,
+	0x65a64f46,
+	0x664a7448,
+	0x18860a,
+	0xb3708,
+	0x144f90,
+	0x6a30c,
+	0x78f47,
+	0x7a307,
+	0x7ebc7,
+	0x845c7,
+	0xef42,
+	0x12c307,
+	0x12b8c,
+	0x150105,
+	0x19fb07,
+	0xbe1c6,
+	0xbf0c9,
+	0xc1bc8,
+	0x7142,
 	0x5c2,
-	0x19ab46,
-	0x1d6ecb,
-	0x1d71c6,
-	0x71c84,
-	0xcabc7,
-	0x56a09,
-	0x90249,
-	0x1c03c8,
-	0x58e02,
-	0x12d349,
-	0x15288,
-	0xfff4a,
-	0xd28c8,
-	0x652e034b,
-	0x162d09,
-	0x51c86,
-	0xe5649,
-	0xf1ec7,
-	0xf2609,
-	0xf3948,
-	0xf5707,
-	0xf7289,
-	0xf9d05,
-	0xfa0d0,
-	0x1c5e46,
-	0xcab05,
-	0xd5247,
-	0x12634d,
-	0x65ac9683,
-	0x4d385,
-	0x2e6c6,
-	0xff7c7,
-	0x105758,
-	0x98d08,
-	0x4c08a,
-	0x152f8e,
-	0x9942,
-	0x65f5f74b,
-	0x662e574a,
-	0x59c0a,
-	0x6a90d,
-	0x33c2,
-	0xdfa46,
-	0x18a46,
-	0xac788,
-	0xbb70a,
-	0x566c8,
-	0x7fe89,
-	0x1167c8,
-	0x75a8e,
-	0x29c08,
-	0x13e007,
-	0x6669ec84,
-	0xd3f0d,
-	0x10df85,
-	0x1735c8,
-	0x3fe48,
-	0x66888d0a,
-	0x66eb3dc8,
-	0x1133c6,
-	0x9e42,
-	0xa6f44,
-	0x6d586,
-	0x67045f08,
-	0x5b646,
-	0x678c200b,
-	0x4182,
-	0x154a09,
-	0x135c08,
-	0x14b207,
-	0x3268a,
-	0x118a87,
+	0x119186,
+	0x19b44b,
+	0x9dc6,
+	0x1786c4,
+	0x1a4107,
+	0x64d49,
+	0x191549,
+	0x1c4448,
+	0x5cf02,
+	0x138fc9,
+	0x18108,
+	0xf280a,
+	0xd5dc8,
+	0x66ae5b8b,
+	0x1bbf09,
+	0x5ff86,
+	0xea449,
+	0xf6307,
+	0xf6bc9,
+	0xf9508,
+	0xfad47,
+	0xfc349,
+	0x1011c5,
+	0x101590,
+	0x10210c,
+	0x1c88c6,
+	0x1a4045,
+	0x1d95c7,
+	0x4880d,
+	0x36a89,
+	0x672cebc3,
+	0x4f585,
+	0x140806,
+	0x106587,
+	0x10b858,
+	0x1e9d08,
+	0x8b1ca,
+	0x23f8e,
+	0x3b02,
+	0x6766020b,
+	0x67aea54a,
+	0x1accca,
+	0x72c0d,
+	0x1042,
+	0xe39c6,
+	0x1b506,
+	0xc32c8,
+	0xc0e0a,
+	0x5e0c8,
+	0x1c3309,
+	0x11e848,
+	0x7ca4e,
+	0x19d08,
+	0x146087,
+	0x67ea7384,
+	0xd708d,
+	0xd2a48,
+	0x115785,
+	0x14c8,
+	0x42248,
+	0x680268ca,
+	0x686bad88,
+	0x11b446,
+	0xba42,
+	0xd77c4,
+	0x7ad46,
+	0x68923d88,
+	0x5f986,
+	0x690c6b0b,
+	0x79c2,
+	0x64244e04,
+	0x27e83,
+	0x1b9789,
+	0x1f88,
+	0x14a587,
+	0x359ca,
+	0xc0b47,
 	0x401,
 	0x81,
-	0x18e907,
-	0x1c8388,
-	0xc7e88,
-	0xc8088,
-	0xc8288,
-	0x6fcc7,
-	0xb1fc3,
-	0x64644084,
-	0x64aa6b83,
+	0x18f607,
+	0x11a408,
+	0xcd208,
+	0xcd408,
+	0xcd608,
+	0x73d47,
+	0xb98c3,
+	0x65e44e04,
+	0x662aba43,
 	0xc1,
-	0x39d46,
+	0xfeb46,
 	0xc1,
 	0x201,
-	0x39d46,
-	0xb1fc3,
-	0x656212c4,
-	0x196f84,
-	0x1fe85,
-	0x2c945,
-	0xcad04,
-	0x2a084,
-	0x59244,
-	0x1434307,
-	0x1421207,
-	0x1c8bc8,
-	0x148e4c,
-	0xc41,
-	0x8d43,
-	0x2c684,
-	0xef885,
-	0x1c8bc8,
-	0x677c8bc8,
-	0x54e83,
-	0x80383,
-	0x16c43,
-	0x22207,
-	0x5ec7,
-	0x145e305,
-	0x5d8c4,
-	0x76ac7,
-	0x5842,
-	0x2c904,
-	0x1b01ca,
-	0x259b44,
-	0x229f43,
-	0x25b9c4,
-	0x258104,
-	0x2127c3,
-	0x22a205,
-	0x21fc83,
-	0x23ffc3,
-	0x32e885,
-	0x205ec3,
-	0x15d43,
-	0x68e29f43,
-	0x224d03,
-	0x5b9c4,
-	0x4b03,
-	0x2e9c43,
+	0xfeb46,
+	0xb98c3,
+	0x66e642c4,
+	0x197b44,
+	0x20f85,
+	0x166d85,
+	0x1a4244,
+	0x1a184,
+	0x5d344,
+	0x1416c47,
+	0x1464207,
+	0x1cd6c8,
+	0x161e4c,
+	0xc01,
+	0x12f03,
+	0x2af84,
+	0x30705,
+	0x1cd6c8,
+	0x68fcd6c8,
+	0x71783,
+	0x83343,
+	0x18ec3,
+	0x1d3b47,
+	0x80c7,
+	0x15e2945,
+	0x64744,
+	0x79087,
+	0xb642,
+	0x166d44,
+	0xc2bca,
+	0x2346c4,
+	0x21a043,
+	0x2607c4,
+	0x25c204,
+	0x214883,
+	0x22d985,
+	0x221c03,
+	0x2423c3,
+	0x33a505,
+	0x200f83,
+	0x29f83,
+	0x6a61a043,
+	0x226783,
+	0x607c4,
+	0x7783,
+	0x20f583,
 	0x200181,
-	0x280c3,
-	0x219c03,
-	0x292e44,
-	0x222d84,
-	0x2127c3,
-	0x5c743,
-	0x21f483,
-	0x217083,
-	0x7ffc8,
+	0x22043,
+	0x214e43,
+	0x230944,
+	0x225a04,
+	0x214883,
+	0x62243,
+	0x24acc3,
+	0x219303,
+	0x1c3448,
 	0x2000c2,
-	0x258843,
-	0x205842,
-	0x229f43,
-	0x224d03,
-	0x28c6c3,
+	0x20bec3,
+	0x20b642,
+	0x21a043,
+	0x226783,
+	0x204703,
 	0x2005c2,
-	0x258104,
-	0x25e043,
-	0x219c03,
-	0x2127c3,
-	0x20bc03,
-	0x21f483,
-	0x205ec3,
-	0x186a44,
-	0x7ffc8,
-	0xfd147,
-	0x5842,
-	0x12de85,
-	0x639cf,
-	0x1e50c6,
-	0x1475dc8,
-	0x116ace,
-	0x69e087c2,
-	0x2373c8,
-	0x3d1086,
-	0x25da46,
-	0x3a33c7,
-	0x6a204cc2,
-	0x6a6c66c8,
-	0x22ad4a,
-	0x276408,
-	0x200ac2,
-	0x32e3c9,
-	0x23ab47,
-	0x21c106,
-	0x257b09,
-	0x2bc004,
-	0x3e2886,
-	0x2deb04,
-	0x20de84,
-	0x267f09,
-	0x314a86,
-	0x2bb4c5,
-	0x27a245,
-	0x235987,
-	0x2d2187,
-	0x305344,
-	0x35eb06,
-	0x2e88c5,
-	0x3d7605,
-	0x236245,
-	0x24f647,
-	0x359385,
-	0x257609,
-	0x372385,
-	0x32ee04,
-	0x22f787,
-	0x3ce14e,
-	0x209a09,
-	0x335509,
-	0x3681c6,
-	0x24b088,
-	0x3793cb,
-	0x3bd38c,
-	0x323ac6,
-	0x2c5387,
-	0x2f9185,
-	0x30e20a,
-	0x3d0cc9,
-	0x20aa89,
-	0x208186,
-	0x3a6ec5,
-	0x251b85,
-	0x371809,
-	0x2363cb,
-	0x239186,
-	0x353486,
-	0x20d904,
-	0x241f86,
-	0x3086c8,
-	0x3d38c6,
-	0x242d46,
-	0x204788,
-	0x206f07,
-	0x207f49,
-	0x20cc05,
-	0x7ffc8,
-	0x3e0484,
-	0x317644,
-	0x212a45,
-	0x343a49,
-	0x2292c7,
-	0x2292cb,
-	0x22c3ca,
-	0x22f2c5,
-	0x6aa0a582,
-	0x3d79c7,
-	0x6ae2fbc8,
-	0x2083c7,
-	0x223a85,
-	0x2449ca,
-	0x5842,
-	0x28f84b,
-	0x29090a,
-	0x279746,
-	0x2114c3,
-	0x21438d,
-	0x3d250c,
-	0x3d628d,
-	0x245b45,
-	0x36cdc5,
-	0x2642c7,
-	0x3db089,
-	0x22ac46,
-	0x256005,
-	0x30d0c8,
-	0x241e83,
-	0x350088,
-	0x241e88,
-	0x3c6b07,
-	0x2f0308,
-	0x310589,
-	0x33edc7,
-	0x2368c7,
-	0x209348,
-	0x25e1c4,
-	0x25e1c7,
-	0x282b08,
-	0x365746,
-	0x20668f,
-	0x35bcc7,
-	0x35e606,
-	0x3eacc5,
-	0x22a8c3,
-	0x253847,
-	0x395c03,
-	0x25a2c6,
-	0x25d7c6,
-	0x25eac6,
-	0x2a3e05,
-	0x279c43,
-	0x32cfc8,
-	0x3aa189,
-	0x25ec4b,
-	0x25ef08,
-	0x260445,
-	0x2629c5,
-	0x6b262642,
-	0x269049,
-	0x3d1bc7,
-	0x213805,
-	0x267e07,
-	0x269c46,
-	0x26ae05,
-	0x26c74b,
-	0x270f44,
-	0x275fc5,
-	0x276107,
-	0x289746,
-	0x28a185,
-	0x296347,
-	0x296f87,
-	0x2cc984,
-	0x2b758a,
-	0x2fabc8,
-	0x379689,
-	0x2f9505,
-	0x2464c6,
-	0x30888a,
-	0x27a146,
-	0x396907,
-	0x27c50d,
-	0x2b4fc9,
-	0x389205,
-	0x3b7007,
-	0x3cdc48,
-	0x385b88,
-	0x32b107,
-	0x367e86,
-	0x21c507,
-	0x267883,
-	0x314a04,
-	0x38abc5,
-	0x3b76c7,
-	0x3bffc9,
-	0x234488,
-	0x396805,
-	0x2421c4,
-	0x2544c5,
-	0x25f0cd,
-	0x2086c2,
-	0x228346,
-	0x2c9706,
-	0x3097ca,
-	0x3a8b86,
-	0x3b40c5,
-	0x2defc5,
-	0x2defc7,
-	0x3b968c,
-	0x2b278a,
-	0x29da06,
-	0x2ed645,
-	0x241dc6,
-	0x29fac7,
-	0x2a1f06,
-	0x2a3d0c,
-	0x257c49,
-	0x6b61c907,
-	0x2a5e85,
-	0x2a5e86,
-	0x2a6248,
-	0x256505,
-	0x2b5705,
-	0x2b5bc8,
-	0x2b5dca,
-	0x6ba27e02,
-	0x6be10802,
-	0x21b485,
-	0x30bac3,
-	0x336a48,
-	0x24bc83,
-	0x2b6044,
-	0x39190b,
-	0x3c5c88,
-	0x2bda08,
-	0x6c340949,
-	0x2bd309,
-	0x2be006,
-	0x2bf788,
-	0x2bf989,
-	0x2c1046,
+	0x25c204,
+	0x20bc83,
+	0x214e43,
+	0x214883,
+	0x208c43,
+	0x24acc3,
+	0x200f83,
+	0xd384,
+	0x1c3448,
+	0x110cc7,
+	0xb642,
+	0x139b05,
+	0x6a44f,
+	0xe6a46,
+	0x10210c,
+	0x1470708,
+	0x11eb4e,
+	0x6b602242,
+	0x23b308,
+	0x3d6906,
+	0x2e20c6,
+	0x3a4c07,
+	0x6ba09582,
+	0x6becbe48,
+	0x232a8a,
+	0x2789c8,
+	0x200b02,
+	0x33a049,
+	0x3257c7,
+	0x21f046,
+	0x25bc09,
+	0x247d84,
+	0x392ec6,
+	0x2e24c4,
+	0x201904,
+	0x26e989,
+	0x31cb06,
+	0x312885,
+	0x27d445,
+	0x239547,
+	0x2cc4c7,
+	0x381d44,
+	0x364606,
+	0x3cdf45,
+	0x2201c5,
+	0x23a185,
+	0x251e47,
+	0x3a9d05,
+	0x25b709,
+	0x348a05,
+	0x36f184,
+	0x224687,
+	0x3d490e,
+	0x3eb909,
+	0x335fc9,
+	0x3cbb86,
+	0x24d7c8,
+	0x37f6cb,
+	0x3716cc,
+	0x32e686,
+	0x2cad07,
+	0x2fdfc5,
+	0x315a0a,
+	0x3d6549,
+	0x200ac9,
+	0x20b046,
+	0x3bac85,
+	0x255205,
+	0x37afc9,
+	0x23a30b,
+	0x23ce46,
+	0x35ba46,
+	0x20cc44,
+	0x25a746,
+	0x30e588,
+	0x3d7746,
+	0x363b86,
+	0x207408,
+	0x20aa87,
+	0x20ae09,
+	0x20df45,
+	0x1c3448,
+	0x3e1284,
+	0x31f6c4,
+	0x2139c5,
+	0x34d509,
+	0x22d407,
+	0x22d40b,
+	0x22e5ca,
+	0x231045,
+	0x6c208982,
+	0x220587,
+	0x6c6327c8,
+	0x3791c7,
+	0x3b1405,
+	0x2457ca,
+	0xb642,
+	0x29258b,
+	0x29410a,
+	0x27c446,
+	0x211343,
+	0x21784d,
+	0x2090cc,
+	0x21ce8d,
+	0x246405,
+	0x3ab085,
+	0x26b387,
+	0x22c209,
+	0x232986,
+	0x26a885,
+	0x315448,
+	0x25a643,
+	0x2ef3c8,
+	0x25a648,
+	0x3cb287,
+	0x3f39c8,
+	0x362349,
+	0x2e0d87,
+	0x23a807,
+	0x3e27c8,
+	0x380384,
+	0x380387,
+	0x2873c8,
+	0x36d0c6,
+	0x3d144f,
+	0x238107,
+	0x364106,
+	0x239cc5,
+	0x22e043,
+	0x257347,
+	0x396b43,
+	0x25e506,
+	0x264646,
+	0x266206,
+	0x2a7c85,
+	0x27c883,
+	0x338c48,
+	0x3ab5c9,
+	0x26638b,
+	0x266748,
+	0x267645,
+	0x269105,
+	0x6ca698c2,
+	0x367589,
+	0x3d9307,
+	0x215ac5,
+	0x26e887,
+	0x26fe86,
+	0x270ac5,
+	0x27224b,
+	0x274104,
+	0x278585,
+	0x2786c7,
+	0x28d046,
+	0x28d405,
+	0x299b47,
+	0x29a787,
+	0x383744,
+	0x26248a,
+	0x2beec8,
+	0x37f989,
+	0x349405,
+	0x27c006,
+	0x30e74a,
+	0x27d346,
+	0x320dc7,
+	0x27f34d,
+	0x2bbd89,
+	0x38ae05,
+	0x3d4e47,
+	0x20c848,
+	0x20cd08,
+	0x3485c7,
+	0x335c86,
+	0x215f87,
+	0x26e303,
+	0x31ca84,
+	0x38c645,
+	0x3b9c87,
+	0x3c4049,
+	0x22c048,
+	0x320cc5,
+	0x240244,
+	0x25a985,
+	0x39080d,
+	0x20ad02,
+	0x2264c6,
+	0x2cdb86,
+	0x31050a,
+	0x3a8b46,
+	0x3b6905,
+	0x3938c5,
+	0x3938c7,
+	0x3bda0c,
+	0x2b358a,
+	0x2a22c6,
+	0x20d2c5,
+	0x25a586,
+	0x2a3087,
+	0x2a57c6,
+	0x2a7b8c,
+	0x25bd49,
+	0x6ce4dcc7,
+	0x2aa845,
+	0x2aa846,
+	0x2aac08,
+	0x25a205,
+	0x2bc5c5,
+	0x2bca88,
+	0x2bcc8a,
+	0x6d21dd82,
+	0x6d610682,
+	0x21e645,
+	0x244583,
+	0x33ef48,
+	0x21ffc3,
+	0x2bcf04,
+	0x2ab60b,
+	0x371ac8,
+	0x39fcc8,
+	0x6db5cb49,
+	0x2c2fc9,
+	0x2c3886,
+	0x2c5008,
+	0x2c5209,
+	0x2c6dc6,
+	0x2c6f45,
+	0x259106,
+	0x2c7409,
+	0x2da7c7,
+	0x253286,
+	0x359787,
+	0x3a9987,
+	0x3a8104,
+	0x6dfe2609,
+	0x2dad48,
+	0x2cbd48,
+	0x3947c7,
+	0x2e7d46,
+	0x208ec9,
+	0x2e2787,
+	0x347c4a,
+	0x3c8188,
+	0x27c147,
+	0x2efac6,
+	0x2a174a,
+	0x3db8c8,
+	0x2ed305,
 	0x2c11c5,
-	0x254646,
-	0x2c1789,
-	0x2d6487,
-	0x24c5c6,
-	0x2bc547,
-	0x34a147,
-	0x3a6c84,
-	0x6c609189,
-	0x38c208,
-	0x2c65c8,
-	0x393887,
-	0x2e2746,
-	0x3dae89,
-	0x25da07,
-	0x3cc38a,
-	0x3d2c88,
-	0x224a07,
-	0x231546,
-	0x3affca,
-	0x3ac908,
-	0x31f445,
-	0x22e5c5,
-	0x319f87,
-	0x324689,
-	0x326a8b,
-	0x3c0588,
-	0x372409,
-	0x25f847,
-	0x2d2acc,
-	0x2d350c,
-	0x2d380a,
-	0x2d3a8c,
-	0x2de688,
-	0x2de888,
-	0x2dea84,
-	0x2df209,
-	0x2df449,
-	0x2df68a,
-	0x2df909,
-	0x2dfc87,
-	0x20878c,
-	0x3cefc6,
-	0x27bec8,
-	0x27a206,
-	0x2f5c06,
-	0x389107,
-	0x39c208,
-	0x3e2e4b,
-	0x208287,
-	0x26fa89,
-	0x292f49,
-	0x38d487,
-	0x207484,
-	0x269247,
-	0x31fe46,
-	0x217246,
-	0x21a4c5,
-	0x3b03c8,
-	0x3494c4,
-	0x3494c6,
-	0x2b264b,
-	0x269889,
-	0x24f546,
-	0x242f49,
-	0x212b06,
-	0x39a308,
-	0x20d003,
-	0x3a7045,
-	0x21e3c9,
-	0x3a98c5,
-	0x3619c4,
-	0x383706,
-	0x3250c5,
-	0x263c06,
-	0x31ac07,
-	0x210286,
-	0x2707cb,
-	0x26c3c7,
-	0x27d286,
-	0x28f486,
-	0x235a46,
-	0x305309,
-	0x200b4a,
-	0x2d59c5,
-	0x2ccc0d,
-	0x2b5ec6,
-	0x25d646,
-	0x2d5546,
-	0x222005,
-	0x2fa3c7,
-	0x3d6847,
-	0x314e0e,
-	0x219c03,
-	0x2e2709,
-	0x286809,
-	0x2356c7,
-	0x27e5c7,
-	0x3317c5,
-	0x2dbc85,
-	0x6cb8724f,
-	0x2e7947,
-	0x2e7b08,
-	0x2e7fc4,
-	0x2e8306,
-	0x6ce51882,
-	0x2ec3c6,
-	0x2edcc6,
-	0x374a0e,
-	0x34feca,
-	0x214806,
-	0x2cdd4a,
-	0x3d6089,
-	0x3023c5,
-	0x2d8548,
-	0x301186,
-	0x2c4f88,
-	0x385348,
-	0x32234b,
-	0x3a34c5,
-	0x359408,
-	0x2048cc,
-	0x223947,
-	0x25e646,
-	0x3b2d88,
-	0x3e2b08,
-	0x6d216602,
-	0x201ccb,
-	0x392889,
-	0x20ce09,
-	0x3d1707,
-	0x35e048,
-	0x6d615f88,
-	0x38480b,
-	0x26e189,
-	0x262f4d,
-	0x385188,
-	0x2d4e48,
-	0x6da00f82,
-	0x3ef104,
-	0x6de47f42,
-	0x365c06,
-	0x6e201a42,
-	0x3021ca,
-	0x2b5586,
-	0x230388,
-	0x2583c8,
-	0x264bc6,
-	0x330846,
-	0x309186,
-	0x250005,
-	0x245704,
-	0x6e655cc4,
-	0x358806,
-	0x251647,
-	0x6ea8d407,
-	0x39e54b,
-	0x2085c9,
-	0x36ce0a,
-	0x2df104,
-	0x25dcc8,
-	0x24c38d,
-	0x302949,
-	0x302b88,
-	0x302e09,
-	0x305744,
-	0x230d44,
-	0x291dc5,
-	0x204c8b,
-	0x3c5c06,
-	0x358645,
-	0x241949,
-	0x35ebc8,
-	0x26ae44,
-	0x30e389,
-	0x270705,
-	0x2d21c8,
-	0x236f87,
-	0x335908,
-	0x292886,
-	0x3d5707,
-	0x2f3589,
-	0x381ec9,
-	0x218c05,
-	0x245a05,
-	0x6ee09702,
-	0x32ebc4,
-	0x38a845,
-	0x3a32c6,
-	0x33ea05,
-	0x262a87,
-	0x303a05,
-	0x287004,
-	0x368286,
-	0x256087,
-	0x220bc6,
-	0x330b45,
-	0x21ae08,
-	0x3d1285,
-	0x228047,
-	0x22f989,
-	0x2699ca,
-	0x2baac7,
-	0x2baacc,
-	0x2bb486,
-	0x24d809,
-	0x254345,
-	0x256448,
-	0x218a43,
-	0x2c97c5,
-	0x2ef5c5,
-	0x24dc07,
-	0x6f200bc2,
-	0x2fef07,
-	0x2e38c6,
-	0x387e86,
-	0x2ebd46,
-	0x3e2a46,
-	0x253548,
-	0x3cc045,
-	0x35e6c7,
-	0x35e6cd,
-	0x254a43,
-	0x3cf485,
-	0x359cc7,
-	0x2ff248,
-	0x359885,
-	0x21f1c8,
-	0x38a2c6,
-	0x2a6bc7,
-	0x2f5b45,
-	0x3a3546,
-	0x32d545,
-	0x20c58a,
-	0x2f9946,
-	0x243cc7,
-	0x2c6cc5,
-	0x2fa847,
-	0x2fb0c4,
-	0x361946,
-	0x3010c5,
-	0x232f4b,
-	0x31fcc9,
-	0x289f0a,
-	0x218c88,
-	0x308388,
-	0x30c28c,
-	0x30dc87,
-	0x30f408,
-	0x388cc8,
-	0x32f245,
-	0x31a4ca,
-	0x31e6c9,
-	0x6f601402,
-	0x20fec6,
-	0x224804,
-	0x2276c9,
-	0x350bc9,
-	0x312fc7,
-	0x281687,
-	0x288389,
-	0x35a8c8,
-	0x35a8cf,
-	0x234046,
-	0x2f160b,
-	0x266b05,
-	0x266b07,
-	0x337789,
-	0x30e306,
-	0x30e307,
-	0x2f4b45,
-	0x23bb04,
-	0x2a8746,
-	0x215784,
-	0x2cee87,
-	0x2db048,
-	0x6fba6dc8,
-	0x3b8845,
-	0x3bc687,
-	0x2d9589,
-	0x21a004,
-	0x24cf48,
-	0x6ff04708,
-	0x2d54c4,
-	0x30b548,
-	0x3862c4,
-	0x215649,
-	0x221f45,
-	0x70208ec2,
-	0x234085,
-	0x3aba85,
-	0x3b6d08,
-	0x23f7c7,
-	0x706008c2,
-	0x371bc5,
-	0x2ea7c6,
-	0x25e946,
-	0x32eb88,
-	0x366e48,
-	0x33e9c6,
-	0x31d946,
-	0x2fd209,
-	0x387dc6,
-	0x3e068b,
-	0x3e27c5,
-	0x25d086,
-	0x266548,
-	0x366b06,
-	0x2a5346,
-	0x21f8ca,
-	0x2eb7ca,
-	0x264485,
-	0x286a87,
-	0x2852c6,
-	0x70a04c02,
-	0x359e07,
-	0x3e1285,
-	0x308804,
-	0x308805,
-	0x25dbc6,
-	0x2686c7,
-	0x20b785,
-	0x2eb944,
-	0x2e85c8,
-	0x2a5405,
-	0x2f6ac7,
-	0x32a285,
-	0x20c4c5,
-	0x229604,
-	0x229609,
-	0x2e8708,
-	0x20b0c6,
-	0x217e86,
-	0x3ce5c6,
-	0x70ec3648,
-	0x306247,
-	0x33e5cd,
-	0x3dcb8c,
-	0x3e79c9,
-	0x313549,
-	0x7137e082,
-	0x3e6403,
-	0x246583,
-	0x31ff05,
-	0x3b77ca,
-	0x33e406,
-	0x241145,
-	0x31b544,
-	0x31b54b,
-	0x333e8c,
-	0x33474c,
-	0x334a55,
-	0x33660d,
-	0x3384cf,
-	0x338892,
-	0x338d0f,
-	0x3390d2,
-	0x339553,
-	0x339a0d,
-	0x339fcd,
-	0x33a34e,
-	0x33ac4e,
-	0x33b24c,
-	0x33b60c,
-	0x33ba4b,
-	0x33ca0e,
-	0x33d312,
-	0x33e1cc,
-	0x33f4d0,
-	0x34ca92,
-	0x34db0c,
-	0x34e1cd,
-	0x34e50c,
-	0x351fd1,
-	0x35360d,
-	0x3556cd,
-	0x355cca,
-	0x355f4c,
-	0x357b8c,
-	0x35834c,
-	0x35ac8c,
-	0x360213,
-	0x360c10,
-	0x361010,
-	0x361dcd,
-	0x3623cc,
-	0x3648c9,
-	0x36704d,
-	0x367393,
-	0x368f11,
-	0x369713,
-	0x36a78f,
-	0x36ab4c,
-	0x36ae4f,
-	0x36b20d,
-	0x36b80f,
-	0x36bbd0,
-	0x36c64e,
-	0x37554e,
-	0x375e90,
-	0x376a8d,
-	0x37740e,
-	0x37778c,
-	0x378e53,
-	0x37b50e,
-	0x37c250,
-	0x37c651,
-	0x37ca8f,
-	0x37ce53,
-	0x37dc0d,
-	0x37df4f,
-	0x37e30e,
-	0x37e890,
-	0x37ec89,
-	0x37fdd0,
-	0x3802cf,
-	0x38094f,
-	0x380d12,
-	0x38210e,
-	0x387a4d,
-	0x38800d,
-	0x38834d,
-	0x38934d,
-	0x38968d,
-	0x3899d0,
-	0x389dcb,
-	0x38a98c,
-	0x38ad0c,
-	0x38b30c,
-	0x38b60e,
-	0x39a510,
-	0x39bb52,
-	0x39bfcb,
-	0x39c40e,
-	0x39c78e,
-	0x39d00e,
-	0x39d58b,
-	0x7179d916,
-	0x39edcd,
-	0x39fa14,
-	0x3a0a4d,
-	0x3a2b15,
-	0x3a514d,
-	0x3a5acf,
-	0x3a628f,
-	0x3aa3cf,
-	0x3aa78e,
-	0x3aab0d,
-	0x3ac291,
-	0x3af1cc,
-	0x3af4cc,
-	0x3af7cb,
-	0x3afa8c,
-	0x3b05cf,
-	0x3b0992,
-	0x3b0f8d,
-	0x3b21cc,
-	0x3b310c,
-	0x3b340d,
-	0x3b374f,
-	0x3b3b0e,
-	0x3b748c,
-	0x3b7a4d,
-	0x3b7d8b,
-	0x3b834c,
-	0x3b8d0d,
-	0x3b904e,
-	0x3b93c9,
-	0x3ba753,
-	0x3baf0d,
-	0x3bb60d,
-	0x3bbc0c,
-	0x3bc28e,
-	0x3bdecf,
-	0x3be28c,
-	0x3be58d,
-	0x3be8cf,
-	0x3bec8c,
-	0x3bf50c,
-	0x3bfa8c,
-	0x3bfd8c,
-	0x3c0c4d,
-	0x3c0f92,
-	0x3c1a0c,
-	0x3c1d0c,
-	0x3c2011,
-	0x3c244f,
-	0x3c280f,
-	0x3c2bd3,
-	0x3c3ece,
-	0x3c424f,
-	0x3c460c,
-	0x71bc4cce,
-	0x3c504f,
-	0x3c5416,
-	0x3c6652,
-	0x3c920c,
-	0x3ca10f,
-	0x3ca78d,
-	0x3dbc0f,
-	0x3dbfcc,
-	0x3dc2cd,
-	0x3dc60d,
-	0x3de74e,
-	0x3df30c,
-	0x3e32cc,
-	0x3e35d0,
-	0x3e5791,
-	0x3e5bcb,
-	0x3e600c,
-	0x3e630e,
-	0x3e7f11,
-	0x3e834e,
-	0x3e86cd,
-	0x3ed6cb,
-	0x3ee20f,
-	0x3eebd4,
-	0x21e682,
-	0x21e682,
-	0x2048c3,
-	0x21e682,
-	0x2048c3,
-	0x21e682,
-	0x204fc2,
-	0x254685,
-	0x3e7c0c,
-	0x21e682,
-	0x21e682,
-	0x204fc2,
-	0x21e682,
-	0x2a7045,
-	0x2699c5,
-	0x21e682,
-	0x21e682,
-	0x202a02,
-	0x2a7045,
-	0x336c49,
-	0x368c0c,
-	0x21e682,
-	0x21e682,
-	0x21e682,
-	0x21e682,
-	0x254685,
-	0x21e682,
-	0x21e682,
-	0x21e682,
-	0x21e682,
-	0x202a02,
-	0x336c49,
-	0x21e682,
-	0x21e682,
-	0x21e682,
-	0x2699c5,
-	0x21e682,
-	0x2699c5,
-	0x368c0c,
-	0x3e7c0c,
-	0x258843,
-	0x229f43,
-	0x224d03,
-	0x2e9c43,
-	0x258104,
-	0x2127c3,
-	0x21f483,
-	0x31cf,
-	0xa788,
-	0x75bc4,
-	0xbc03,
-	0xe44c8,
-	0x1df183,
+	0x30b487,
+	0x38ed49,
+	0x32258b,
+	0x338108,
+	0x348a89,
+	0x266a47,
+	0x2d5fcc,
+	0x2d668c,
+	0x2d698a,
+	0x2d6c0c,
+	0x2e2048,
+	0x2e2248,
+	0x2e2444,
+	0x2e3189,
+	0x2e33c9,
+	0x2e360a,
+	0x2e3889,
+	0x2e3c07,
+	0x34c88c,
+	0x379586,
+	0x27ed08,
+	0x27d406,
+	0x2f5fc6,
+	0x38ad07,
+	0x39d088,
+	0x39348b,
+	0x20b147,
+	0x26f209,
+	0x296bc9,
+	0x24e507,
+	0x2e2704,
+	0x367787,
+	0x2cf0c6,
+	0x2194c6,
+	0x21ca45,
+	0x2c2dc8,
+	0x3618c4,
+	0x3618c6,
+	0x2b344b,
+	0x28dd09,
+	0x251d46,
+	0x22c4c9,
+	0x213a86,
+	0x39ac08,
+	0x20a243,
+	0x3bae05,
+	0x222149,
+	0x3cb985,
+	0x302884,
+	0x390f86,
+	0x3bcbc5,
+	0x26a686,
+	0x323247,
+	0x2fe346,
+	0x3bb84b,
+	0x2800c7,
+	0x28d706,
+	0x2921c6,
+	0x239606,
+	0x381d09,
+	0x2d394a,
+	0x2fac05,
+	0x24bd4d,
+	0x2bcd86,
+	0x2d4b86,
+	0x229086,
+	0x3d3945,
+	0x301887,
+	0x268c87,
+	0x31ce8e,
+	0x214e43,
+	0x2e7d09,
+	0x3bf489,
+	0x315e07,
+	0x281887,
+	0x3d3845,
+	0x2d0b05,
+	0x6e3ed28f,
+	0x2ece47,
+	0x2ed008,
+	0x2edc44,
+	0x2eddc6,
+	0x6e654782,
+	0x2f1bc6,
+	0x2f3c06,
+	0x10210c,
+	0x20220e,
+	0x2ef20a,
+	0x232146,
+	0x21978a,
+	0x206b89,
+	0x249205,
+	0x32a108,
+	0x3e3e46,
+	0x2ca908,
+	0x379b48,
+	0x2911cb,
+	0x3a4d05,
+	0x3a9d88,
+	0x20754c,
+	0x3b12c7,
+	0x265d86,
+	0x3bca08,
+	0x393148,
+	0x6ea18882,
+	0x392c8b,
+	0x20e149,
+	0x20a049,
+	0x3b7f47,
+	0x3666c8,
+	0x6efeae08,
+	0x25fbcb,
+	0x257a09,
+	0x26fb4d,
+	0x32cd48,
+	0x2d7dc8,
+	0x6f201802,
+	0x222ac4,
+	0x6f6445c2,
+	0x36d586,
+	0x6fa03282,
+	0x308fca,
+	0x273186,
+	0x22f0c8,
+	0x25c4c8,
+	0x26b9c6,
+	0x2cb206,
+	0x30f086,
+	0x3a2185,
+	0x2468c4,
+	0x6ff8dd84,
+	0x360946,
+	0x269e87,
+	0x70290607,
+	0x39f3cb,
+	0x3793c9,
+	0x3ab0ca,
+	0x393a04,
+	0x2e2a48,
+	0x25304d,
+	0x3098c9,
+	0x309b08,
+	0x309d89,
+	0x30b844,
+	0x2bc884,
+	0x295a45,
+	0x253c8b,
+	0x371a46,
+	0x360785,
+	0x248449,
+	0x3646c8,
+	0x270b04,
+	0x315b89,
+	0x3bb785,
+	0x2cc508,
+	0x23aec7,
+	0x3363c8,
+	0x296506,
+	0x213dc7,
+	0x2f8dc9,
+	0x3ecd49,
+	0x21b6c5,
+	0x2462c5,
+	0x70623cc2,
+	0x36ef44,
+	0x2fcc45,
+	0x3a4b06,
+	0x328085,
+	0x2691c7,
+	0x328645,
+	0x28a984,
+	0x3cbc46,
+	0x26a907,
+	0x2547c6,
+	0x371f85,
+	0x21dfc8,
+	0x3d6b05,
+	0x221fc7,
+	0x22c6c9,
+	0x28de4a,
+	0x234787,
+	0x23478c,
+	0x312846,
+	0x24ab49,
+	0x252105,
+	0x25a148,
+	0x21b503,
+	0x2cdc45,
+	0x2fc705,
+	0x243007,
+	0x70a00b82,
+	0x305cc7,
+	0x2d7386,
+	0x389c86,
+	0x2e8f06,
+	0x393086,
+	0x256848,
+	0x28f845,
+	0x3641c7,
+	0x3641cd,
+	0x220203,
+	0x379a45,
+	0x3aa647,
+	0x306008,
+	0x3aa205,
+	0x221708,
+	0x230406,
+	0x2aba87,
+	0x2f5f05,
+	0x3a4d86,
+	0x3391c5,
+	0x35388a,
+	0x2fb186,
+	0x2dda87,
+	0x2350c5,
+	0x2fdb87,
+	0x300f84,
+	0x302806,
+	0x32a045,
+	0x23628b,
+	0x2cef49,
+	0x36838a,
+	0x21b748,
+	0x30c4c8,
+	0x30e14c,
+	0x313c87,
+	0x3166c8,
+	0x35f308,
+	0x36d6c5,
+	0x322bca,
+	0x3291c9,
+	0x70e01b82,
+	0x2a8506,
+	0x22bbc4,
+	0x22bbc9,
+	0x2868c9,
+	0x31b047,
+	0x284407,
+	0x28c689,
+	0x2d3388,
+	0x2d338f,
+	0x216986,
+	0x2f594b,
+	0x272085,
+	0x272087,
+	0x33fc89,
+	0x22ce06,
+	0x315b07,
+	0x2fa6c5,
+	0x23e6c4,
+	0x358386,
+	0x21cdc4,
+	0x2d2e87,
+	0x33d8c8,
+	0x713bab88,
+	0x3c18c5,
+	0x3ccb87,
+	0x2dcf49,
+	0x21c584,
+	0x24f148,
+	0x7170b2c8,
+	0x2d4b04,
+	0x312f48,
+	0x20c5c4,
+	0x21cc89,
+	0x228fc5,
+	0x71a49902,
+	0x2169c5,
+	0x2d6545,
+	0x20cb48,
+	0x241bc7,
+	0x71e008c2,
+	0x3b8405,
+	0x2f0386,
+	0x266086,
+	0x36ef08,
+	0x346a48,
+	0x328046,
+	0x32c486,
+	0x310d89,
+	0x389bc6,
+	0x22cccb,
+	0x351f85,
+	0x3ae706,
+	0x35a188,
+	0x36ebc6,
+	0x2a9b46,
+	0x222dca,
+	0x283c4a,
+	0x390b05,
+	0x27c587,
+	0x257e46,
+	0x72207882,
+	0x3aa787,
+	0x3e2105,
+	0x30e6c4,
+	0x30e6c5,
+	0x2e2946,
+	0x328bc7,
+	0x2271c5,
+	0x283dc4,
+	0x3cdc48,
+	0x2a9c05,
+	0x2fbbc7,
+	0x334e05,
+	0x3537c5,
+	0x231704,
+	0x231709,
+	0x3cdd88,
+	0x201106,
+	0x21a506,
+	0x20dbc6,
+	0x726c8fc8,
+	0x30c347,
+	0x34664d,
+	0x3de28c,
+	0x3e6d89,
+	0x31b5c9,
+	0x72b84342,
+	0x3e60c3,
+	0x24e603,
+	0x2cf185,
+	0x3b9d8a,
+	0x346486,
+	0x3afd85,
+	0x323644,
+	0x32364b,
+	0x33d18c,
+	0x33dacc,
+	0x33ddd5,
+	0x33eb0d,
+	0x34098f,
+	0x340d52,
+	0x3411cf,
+	0x341592,
+	0x341a13,
+	0x341ecd,
+	0x34248d,
+	0x34280e,
+	0x34310e,
+	0x34380c,
+	0x343bcc,
+	0x34400b,
+	0x344a8e,
+	0x345392,
+	0x34624c,
+	0x346c50,
+	0x355292,
+	0x35648c,
+	0x356b4d,
+	0x356e8c,
+	0x35ad11,
+	0x35bbcd,
+	0x35db8d,
+	0x35e18a,
+	0x35e40c,
+	0x35fccc,
+	0x36048c,
+	0x36100c,
+	0x366ed3,
+	0x368610,
+	0x368a10,
+	0x36908d,
+	0x36968c,
+	0x36c249,
+	0x36fb4d,
+	0x36fe93,
+	0x3724d1,
+	0x372cd3,
+	0x37380f,
+	0x373bcc,
+	0x373ecf,
+	0x37428d,
+	0x37488f,
+	0x374c50,
+	0x3756ce,
+	0x37b80e,
+	0x37c150,
+	0x37cd0d,
+	0x37d68e,
+	0x37da0c,
+	0x37f153,
+	0x38154e,
+	0x381f50,
+	0x382351,
+	0x38278f,
+	0x382b53,
+	0x383ecd,
+	0x38420f,
+	0x3845ce,
+	0x384b50,
+	0x384f49,
+	0x386310,
+	0x38680f,
+	0x386e8f,
+	0x387252,
+	0x387e8e,
+	0x38984d,
+	0x389e0d,
+	0x38a14d,
+	0x38af4d,
+	0x38b28d,
+	0x38b5d0,
+	0x38b9cb,
+	0x38c40c,
+	0x38c78c,
+	0x38cd8c,
+	0x38d08e,
+	0x39ae10,
+	0x39c9d2,
+	0x39ce4b,
+	0x39d28e,
+	0x39d60e,
+	0x39de8e,
+	0x39e40b,
+	0x72f9e796,
+	0x3a074d,
+	0x3a1714,
+	0x3a24cd,
+	0x3a4355,
+	0x3a644d,
+	0x3a6dcf,
+	0x3a770f,
+	0x3ab80f,
+	0x3abbce,
+	0x3abf4d,
+	0x3ad911,
+	0x3b240c,
+	0x3b270c,
+	0x3b2a0b,
+	0x3b2ccc,
+	0x3b344f,
+	0x3b3812,
+	0x3b3e0d,
+	0x3b504c,
+	0x3b594c,
+	0x3b5c4d,
+	0x3b5f8f,
+	0x3b634e,
+	0x3b9a4c,
+	0x3ba00d,
+	0x3ba34b,
+	0x3bc18c,
+	0x3bd08d,
+	0x3bd3ce,
+	0x3bd749,
+	0x3be713,
+	0x3c014d,
+	0x3c084d,
+	0x3c0e4c,
+	0x3c14ce,
+	0x3c1a0f,
+	0x3c1dcc,
+	0x3c20cd,
+	0x3c240f,
+	0x3c27cc,
+	0x3c2dcc,
+	0x3c3b0c,
+	0x3c3e0c,
+	0x3c500d,
+	0x3c5352,
+	0x3c5dcc,
+	0x3c60cc,
+	0x3c63d1,
+	0x3c680f,
+	0x3c6bcf,
+	0x3c6f93,
+	0x3c8d8e,
+	0x3c910f,
+	0x3c94cc,
+	0x733c9b8e,
+	0x3c9f0f,
+	0x3ca2d6,
+	0x3cadd2,
+	0x3ce68c,
+	0x3cf1cf,
+	0x3cf84d,
+	0x3dd30f,
+	0x3dd6cc,
+	0x3dd9cd,
+	0x3ddd0d,
+	0x3df8ce,
+	0x3e040c,
+	0x3e2c4c,
+	0x3e2f50,
+	0x3e5451,
+	0x3e588b,
+	0x3e5ccc,
+	0x3e5fce,
+	0x3e72d1,
+	0x3e770e,
+	0x3e7a8d,
+	0x3f074b,
+	0x3f170f,
+	0x3f20d4,
+	0x216e82,
+	0x216e82,
+	0x206c43,
+	0x216e82,
+	0x206c43,
+	0x216e82,
+	0x214f82,
+	0x259145,
+	0x3e6fcc,
+	0x216e82,
+	0x216e82,
+	0x214f82,
+	0x216e82,
+	0x2ac905,
+	0x28de45,
+	0x216e82,
+	0x216e82,
+	0x202642,
+	0x2ac905,
+	0x33f149,
+	0x3721cc,
+	0x216e82,
+	0x216e82,
+	0x216e82,
+	0x216e82,
+	0x259145,
+	0x216e82,
+	0x216e82,
+	0x216e82,
+	0x216e82,
+	0x202642,
+	0x33f149,
+	0x216e82,
+	0x216e82,
+	0x216e82,
+	0x28de45,
+	0x216e82,
+	0x28de45,
+	0x3721cc,
+	0x3e6fcc,
+	0x20bec3,
+	0x21a043,
+	0x226783,
+	0x20f583,
+	0x25c204,
+	0x214883,
+	0x24acc3,
+	0x5e8f,
+	0x1dc8,
+	0x7cb84,
+	0xeaec8,
 	0x2000c2,
-	0x72a05842,
-	0x24c883,
-	0x23bf84,
-	0x204b03,
-	0x2e9c44,
-	0x2389c6,
-	0x20f503,
-	0x3835c4,
-	0x2aaf45,
-	0x219c03,
-	0x2127c3,
-	0x81983,
-	0x21f483,
-	0x22600a,
-	0x25ce86,
-	0x39cb0c,
-	0x7ffc8,
-	0x205842,
-	0x229f43,
-	0x224d03,
-	0x2e9c43,
-	0x2335c3,
-	0x2edcc6,
-	0x2127c3,
-	0x21f483,
-	0x202783,
-	0x13803,
-	0xb7048,
-	0x735eb785,
-	0x80407,
-	0x57dc5,
-	0x1c387,
-	0x145d45,
-	0x3589,
-	0x2c02,
-	0x1cb20a,
-	0x74332b45,
-	0x145d45,
-	0x110947,
-	0x29b08,
-	0x1060e,
-	0x9a352,
-	0x12dc8b,
-	0x1146c6,
-	0x746f8c05,
-	0x74b8c5cc,
-	0x8e07,
-	0xf1a47,
-	0x1b654a,
-	0x47cd0,
-	0xc7c5,
-	0xb2e8b,
-	0xd1e88,
-	0x40787,
-	0x3bc0b,
-	0xa54c9,
-	0x54847,
-	0x1cd787,
-	0x393c7,
-	0x406c6,
-	0x1db408,
-	0x750332c6,
-	0x56607,
-	0xef6c6,
-	0xbe10d,
-	0x5de50,
-	0x75406cc2,
-	0x1cd608,
-	0x199810,
-	0x199f4c,
-	0x75b9fecd,
-	0x6d988,
-	0x6de0b,
-	0x7d747,
-	0x9e6c9,
-	0x66806,
-	0xa6448,
-	0x4d02,
-	0x6b04a,
-	0x150407,
-	0xbd847,
-	0xb92c9,
-	0xbb988,
-	0x146bc5,
-	0x19ab46,
-	0x1d71c6,
-	0x103e4e,
-	0x3c4ce,
-	0x4b6cf,
-	0x56a09,
-	0x90249,
-	0x1dda0b,
-	0xc1b4f,
-	0x17d90c,
-	0xd71cb,
-	0x11b208,
-	0x19e447,
-	0x1abd88,
-	0xc2e8b,
-	0xc384c,
-	0xc3c4c,
-	0xc404c,
-	0xc434d,
-	0x1c03c8,
-	0x803c2,
-	0x12d349,
-	0x191648,
-	0xe068b,
-	0xe2946,
-	0xea14b,
-	0x13ce4b,
-	0xf428a,
-	0xf58c5,
-	0xfa0d0,
-	0xfd8c6,
-	0x1683c6,
-	0xcab05,
-	0xd5247,
-	0xec648,
-	0xff7c7,
-	0xffa87,
-	0x121587,
-	0xd7606,
-	0x165a4a,
-	0xa1b8a,
-	0x18a46,
-	0xbd60d,
-	0x566c8,
-	0x1167c8,
-	0x1a5e89,
-	0x4be49,
-	0xd1445,
-	0x15804c,
-	0xc454b,
-	0x184109,
-	0x18de04,
-	0x113189,
-	0x1133c6,
-	0x15fa86,
-	0x1b02,
-	0x5b646,
-	0x4bfcb,
-	0x11d147,
-	0x11d307,
-	0x4182,
-	0xe3f05,
-	0x29c84,
+	0x7420b642,
+	0x24e8c3,
+	0x23eb44,
+	0x207783,
+	0x20f584,
+	0x23c686,
+	0x213883,
+	0x390e44,
+	0x2b1b85,
+	0x214e43,
+	0x214883,
+	0x24acc3,
+	0x228d8a,
+	0x3ae506,
+	0x39d98c,
+	0x1c3448,
+	0x20b642,
+	0x21a043,
+	0x226783,
+	0x20f583,
+	0x2384c3,
+	0x2f3c06,
+	0x214883,
+	0x24acc3,
+	0x205443,
+	0x15ac3,
+	0xbe988,
+	0x74d4c5c5,
+	0x833c7,
+	0x5bec5,
+	0x1f2c7,
+	0x14f985,
+	0xaa204,
+	0xaa20a,
+	0x6249,
+	0x2142,
+	0x1d02ca,
+	0x75b26305,
+	0x14f985,
+	0x133907,
+	0x19c08,
+	0x1048e,
+	0x9dd52,
+	0x13990b,
+	0x11c746,
+	0x75edb105,
+	0x762db10c,
+	0x1e2287,
+	0xf5d87,
+	0x1dafca,
+	0x48cd0,
+	0x153ac5,
+	0xbe6cb,
+	0xd5448,
+	0x42b87,
+	0x3e7cb,
+	0xa9cc9,
+	0x59307,
+	0x1e9987,
+	0x3d087,
+	0x42ac6,
+	0xa3c8,
+	0x76838286,
+	0x5e007,
+	0x30546,
+	0xc398d,
+	0xe2bd0,
+	0x76c0a842,
+	0x1e9808,
+	0x19a110,
+	0x19a84c,
+	0x773a1bcd,
+	0x727c8,
+	0x72f4b,
+	0x809c7,
+	0xd1709,
+	0x6d446,
+	0xaae08,
+	0x1742,
+	0x70d0a,
+	0x38447,
+	0x19fb07,
+	0xbf0c9,
+	0xc1bc8,
+	0x100185,
+	0xe9c7,
+	0x119186,
+	0x9dc6,
+	0x10aa0e,
+	0x4c48e,
+	0x164d8f,
+	0x64d49,
+	0x191549,
+	0xabe4b,
+	0xded0f,
+	0x183bcc,
+	0xdd68b,
+	0x14de08,
+	0x19f2c7,
+	0x1ad388,
+	0xc880b,
+	0xc91cc,
+	0xc95cc,
+	0xc99cc,
+	0xc9ccd,
+	0x1c4448,
+	0x83382,
+	0x138fc9,
+	0xab348,
+	0xe578b,
+	0xe7f46,
+	0xefc4b,
+	0x144ecb,
+	0xf9e0a,
+	0xfaf05,
+	0x101590,
+	0x104606,
+	0x1cbd86,
+	0x1a4045,
+	0x1d95c7,
+	0xf1e48,
+	0x106587,
+	0x106847,
+	0xa79c7,
+	0x29a86,
+	0x16d3ca,
+	0xb3c0a,
+	0x1b506,
+	0x19f8cd,
+	0x5e0c8,
+	0x11e848,
+	0xf12c9,
+	0x8af89,
+	0xd4905,
+	0x16018c,
+	0xc9ecb,
+	0x1c7bc9,
+	0x18ec84,
+	0x11b209,
+	0x11b446,
+	0x11506,
+	0x3342,
+	0x5f986,
+	0x8b10b,
+	0x127647,
+	0x127807,
+	0x79c2,
+	0xe9545,
+	0x19d84,
 	0x101,
-	0x5fdc3,
-	0x74f4c586,
-	0xa6b83,
+	0x66fc3,
+	0x76644746,
+	0xaba43,
 	0x382,
-	0xae04,
-	0xac2,
-	0x9f804,
+	0xe44,
+	0xb02,
+	0x65a04,
 	0x882,
-	0x1e02,
-	0x2b82,
-	0x127082,
-	0x3702,
-	0xb79c2,
-	0x2102,
-	0xb90c2,
-	0x38fc2,
-	0x1bc2,
-	0xd02,
-	0x5d9c2,
-	0x24d03,
+	0xc502,
+	0x2742,
+	0x1da82,
+	0x3d82,
+	0x27e82,
+	0x45c2,
+	0x16e3c2,
+	0x3cc82,
+	0x3402,
+	0x101c2,
+	0x64842,
+	0x26783,
 	0x942,
-	0x3642,
-	0x18b02,
-	0x2e42,
+	0x1b42,
+	0x1b5c2,
+	0x5b02,
 	0x642,
-	0x3cac2,
-	0x1d7c2,
-	0x75c2,
-	0x9c42,
+	0x30fc2,
+	0x7142,
+	0x2502,
+	0x13f82,
 	0x5c2,
-	0x5e043,
-	0x3382,
-	0x5fc2,
-	0x58e02,
-	0x8042,
-	0xb982,
-	0xfd02,
-	0x2d442,
-	0x2c82,
-	0x26c2,
-	0xbdc2,
-	0x7eec2,
-	0x5582,
-	0x127c3,
+	0xbc83,
+	0x40c2,
+	0x1ac2,
+	0x5cf02,
+	0xaf02,
+	0x12a82,
+	0xfe02,
+	0x24902,
+	0x5942,
+	0xec2,
+	0x19b302,
+	0x82182,
+	0x736c2,
+	0x14883,
 	0x602,
-	0x16602,
-	0x1242,
-	0x1c682,
-	0x18b85,
-	0x6582,
-	0x85042,
-	0x172303,
+	0x18882,
+	0x25c2,
+	0x7982,
+	0x1b645,
+	0x8782,
+	0x21e42,
+	0x1d4883,
 	0x682,
-	0x9942,
-	0x33c2,
-	0x5f82,
-	0x12882,
+	0x3b02,
+	0x1042,
+	0x1a82,
+	0x14942,
 	0x8c2,
-	0x9e42,
-	0x1b02,
-	0x2cc5,
-	0x75e04fc2,
-	0x762f3143,
-	0x2043,
-	0x76604fc2,
-	0x2043,
-	0xe2207,
-	0x2029c3,
+	0xba42,
+	0x3342,
+	0x5985,
+	0x77614f82,
+	0x77b0ed43,
+	0x4d03,
+	0x77e14f82,
+	0x4d03,
+	0xe7807,
+	0x205683,
 	0x2000c2,
-	0x229f43,
-	0x224d03,
-	0x28c6c3,
+	0x21a043,
+	0x226783,
+	0x204703,
 	0x2005c3,
-	0x2335c3,
-	0x2127c3,
-	0x20bc03,
-	0x21f483,
-	0x39ac43,
-	0x16fe06,
-	0xd1484,
-	0x17585,
-	0x108585,
-	0xb8c3,
-	0x7ffc8,
-	0x229f43,
-	0x224d03,
-	0x28c6c3,
-	0x219c03,
-	0x2127c3,
-	0x20bc03,
-	0x81983,
-	0x21f483,
-	0x229f43,
-	0x224d03,
-	0x21f483,
-	0x229f43,
-	0x224d03,
-	0x2e9c43,
+	0x2384c3,
+	0x214883,
+	0x208c43,
+	0x24acc3,
+	0x319283,
+	0x1ad803,
+	0x1ad804,
+	0x180286,
+	0xd4944,
+	0x179d45,
+	0x10e445,
+	0x18b43,
+	0x1c3448,
+	0x21a043,
+	0x226783,
+	0x204703,
+	0x214e43,
+	0x214883,
+	0x208c43,
+	0x24acc3,
+	0x21a043,
+	0x226783,
+	0x24acc3,
+	0x21a043,
+	0x226783,
+	0x20f583,
 	0x200181,
-	0x219c03,
-	0x2127c3,
-	0x25c743,
-	0x21f483,
-	0x2ec4,
-	0x258843,
-	0x229f43,
-	0x224d03,
-	0x229dc3,
-	0x28c6c3,
-	0x25c783,
-	0x244d83,
-	0x2b5543,
-	0x204f83,
-	0x2e9c43,
-	0x258104,
-	0x2127c3,
-	0x21f483,
-	0x205ec3,
-	0x209f84,
-	0x239343,
-	0x30c3,
-	0x220cc3,
-	0x32bd48,
-	0x349f84,
+	0x214e43,
+	0x214883,
+	0x262243,
+	0x24acc3,
+	0x5b84,
+	0x20bec3,
+	0x21a043,
+	0x226783,
+	0x219ec3,
+	0x204703,
+	0x262283,
+	0x245143,
+	0x2bc303,
+	0x220783,
+	0x20f583,
+	0x25c204,
+	0x214883,
+	0x24acc3,
+	0x200f83,
+	0x3496c4,
+	0x235843,
+	0x5d83,
+	0x2548c3,
+	0x337908,
+	0x2a1784,
 	0x20020a,
-	0x264086,
-	0xd9384,
-	0x3babc7,
-	0x22688a,
-	0x233f09,
-	0x3cb087,
-	0x3d018a,
-	0x258843,
-	0x21b50b,
-	0x237ac9,
-	0x36a2c5,
-	0x2384c7,
-	0x5842,
-	0x229f43,
-	0x246747,
-	0x347a05,
-	0x2dec09,
-	0x224d03,
-	0x22cb86,
-	0x2dd343,
-	0xe3943,
-	0x119e46,
-	0x173bc6,
-	0xf487,
-	0x213cc6,
-	0x22dc45,
-	0x20ccc7,
-	0x316f07,
-	0x792e9c43,
-	0x34dd47,
-	0x24be03,
-	0x23aa45,
-	0x258104,
-	0x2c8888,
-	0x3e664c,
-	0x2c7c85,
-	0x2b5146,
-	0x246607,
-	0x384407,
-	0x27d3c7,
-	0x290448,
-	0x3190cf,
-	0x372ac5,
-	0x24c987,
-	0x29cc87,
-	0x249c4a,
-	0x30cf09,
-	0x32c545,
-	0x34d4ca,
-	0x1080c6,
-	0xd1747,
-	0x2dd3c5,
-	0x397644,
-	0x340386,
-	0x14f0c6,
-	0x25bb47,
-	0x2e1687,
-	0x209748,
-	0x20d005,
-	0x347906,
-	0x43288,
-	0x242cc5,
-	0x42e86,
-	0x318985,
-	0x29bcc4,
-	0x247907,
-	0x25338a,
-	0x2afe88,
-	0x3d6cc6,
-	0x335c3,
-	0x2f7305,
-	0x220346,
-	0x2089c6,
-	0x374cc6,
-	0x219c03,
-	0x3b1207,
-	0x29cc05,
-	0x2127c3,
-	0x2f454d,
-	0x20bc03,
-	0x209848,
-	0x23d404,
-	0x220645,
-	0x2b6086,
-	0x201a46,
-	0x25cf87,
-	0x26e047,
-	0x280745,
-	0x21f483,
-	0x3326c7,
-	0x207349,
-	0x246049,
-	0x38cf8a,
-	0x2020c2,
-	0x23aa04,
-	0x32c1c4,
-	0x2fec07,
-	0x2fedc8,
-	0x300949,
-	0x3cf349,
-	0x3014c7,
-	0x10c5c9,
-	0x2b81c6,
-	0x103bc6,
-	0x305744,
-	0x2353ca,
-	0x307d48,
-	0x309049,
-	0x309306,
-	0x2cd685,
-	0x2afd48,
-	0x2e2bca,
-	0x21cb03,
-	0x20a106,
-	0x3015c7,
-	0x35c0c5,
-	0x84408,
-	0x3c3345,
-	0x216f03,
-	0x24a3c4,
-	0x4a3c9,
-	0x22e585,
-	0x297087,
-	0x2e8845,
-	0x2f1bc6,
-	0x1063c5,
-	0x2148c3,
-	0x2148c9,
-	0x22040c,
-	0x2d320c,
-	0x3485c8,
-	0x2a0c47,
-	0x3e4008,
-	0x111547,
-	0x3118ca,
-	0x311f8b,
-	0x237c08,
-	0x201b48,
-	0x260fc6,
-	0x31c245,
-	0x284d8a,
-	0x3da585,
-	0x208ec2,
-	0x2e1487,
-	0x278606,
-	0x37f485,
-	0x3977c9,
-	0x36f885,
-	0x1d2348,
-	0x2a3585,
-	0x23a609,
-	0x322dc6,
-	0x3406c8,
-	0x246ec3,
-	0x211706,
-	0x383646,
-	0x31cb85,
-	0x31cb89,
-	0x287109,
-	0x284b07,
-	0x120c44,
-	0x320c47,
-	0x3cf249,
-	0x221a85,
-	0x26a88,
-	0x372185,
-	0x2028c5,
-	0x367bc9,
-	0x201182,
-	0x2556c4,
-	0x20f582,
-	0x203382,
-	0x361b85,
-	0x352948,
-	0x2d1385,
-	0x2dfe43,
-	0x2dfe45,
-	0x2ec5c3,
-	0x211402,
-	0x298a44,
-	0x203a83,
-	0x200a82,
-	0x2f81c4,
-	0x30d543,
-	0x2043c2,
-	0x26e983,
-	0x2189c4,
-	0x309483,
-	0x2623c4,
-	0x201782,
-	0x21ee83,
-	0x21e503,
-	0x204942,
-	0x29ec82,
-	0x286f49,
-	0x205182,
-	0x29b184,
-	0x203ac2,
-	0x264644,
-	0x2b8184,
-	0x2d4844,
-	0x201b02,
-	0x249442,
-	0x396583,
-	0x311d43,
-	0x297204,
-	0x2e6f44,
-	0x31e604,
-	0x320dc4,
-	0x31c503,
-	0x383983,
-	0x308044,
-	0x322604,
-	0x322746,
-	0x202742,
-	0x5842,
-	0x4d383,
-	0x205842,
-	0x224d03,
-	0x2e9c43,
-	0x2127c3,
-	0x21f483,
-	0x14305,
+	0x26b146,
+	0xdcd44,
+	0x3beb87,
+	0x22a0ca,
+	0x216849,
+	0x3d0147,
+	0x3d5a0a,
+	0x20bec3,
+	0x21e6cb,
+	0x37ff09,
+	0x3a8445,
+	0x3c30c7,
+	0xb642,
+	0x21a043,
+	0x321187,
+	0x351105,
+	0x2e25c9,
+	0x2370e,
+	0x226783,
+	0x246b86,
+	0x322c83,
+	0xcf003,
+	0x122446,
+	0x3946,
+	0x13807,
+	0x215186,
+	0x21f445,
+	0x20e007,
+	0x31ef87,
+	0x7aa0f583,
+	0x3566c7,
+	0x28af43,
+	0xc1089,
+	0x3256c5,
+	0x25c204,
+	0x2cde88,
+	0x3e630c,
+	0x2cd005,
+	0x2bbf06,
+	0x321047,
+	0x3c7ec7,
+	0x28fb87,
+	0x297fc8,
+	0x3217cf,
+	0x349145,
+	0x208a47,
+	0x217d47,
+	0x3a148a,
+	0x315289,
+	0x32bd05,
+	0x32700a,
+	0x10de86,
+	0xd4d07,
+	0x2e1485,
+	0x398204,
+	0x347b06,
+	0x1974c6,
+	0x260947,
+	0x2e68c7,
+	0x348748,
+	0x213045,
+	0x351006,
+	0x2f908,
+	0x363b05,
+	0x2c406,
+	0x2c0a45,
+	0x243344,
+	0x297e47,
+	0x25668a,
+	0x2b7808,
+	0x3d2c86,
+	0x384c3,
+	0x2fc3c5,
+	0x21ea46,
+	0x34cac6,
+	0x2024c6,
+	0x214e43,
+	0x3b4087,
+	0x10210c,
+	0x217cc5,
+	0x214883,
+	0x2fa0cd,
+	0x208c43,
+	0x348848,
+	0x284784,
+	0x21ed45,
+	0x2bcf46,
+	0x203286,
+	0x3ae607,
+	0x25fa87,
+	0x283705,
+	0x24acc3,
+	0x3b8fc7,
+	0x3bf949,
+	0x323ec9,
+	0x39054a,
+	0x204d82,
+	0x325684,
+	0x337d84,
+	0x3059c7,
+	0x305b88,
+	0x307609,
+	0x379909,
+	0x3082c7,
+	0x113e89,
+	0x2630c6,
+	0x10a786,
+	0x30b844,
+	0x238fca,
+	0x30db08,
+	0x30ef49,
+	0x30f386,
+	0x2d1e45,
+	0x2b76c8,
+	0x2e81ca,
+	0x236d03,
+	0x349846,
+	0x3083c7,
+	0x237e45,
+	0x891c8,
+	0x3c7705,
+	0x219183,
+	0x223984,
+	0x56cc9,
+	0x2c1185,
+	0x29a887,
+	0x3cdec5,
+	0x2ed1c6,
+	0x107d85,
+	0x232203,
+	0x232209,
+	0x21eb0c,
+	0x2d954c,
+	0x316208,
+	0x2a8fc7,
+	0x3f0d88,
+	0x118c07,
+	0x318f8a,
+	0x3195cb,
+	0x380048,
+	0x203388,
+	0x2681c6,
+	0x2614c5,
+	0x34340a,
+	0x2184c5,
+	0x249902,
+	0x2e66c7,
+	0x27b8c6,
+	0x385b45,
+	0x398389,
+	0x233885,
+	0x1b76c8,
+	0x2b44c5,
+	0x325289,
+	0x32d706,
+	0x3eb748,
+	0x324583,
+	0x211fc6,
+	0x390ec6,
+	0x326e05,
+	0x326e09,
+	0x28aa89,
+	0x261247,
+	0x12ba84,
+	0x32ba87,
+	0x379809,
+	0x22a2c5,
+	0x469c8,
+	0x3d4705,
+	0x205585,
+	0x3706c9,
+	0x2029c2,
+	0x235644,
+	0x203d42,
+	0x2040c2,
+	0x2edf05,
+	0x37e948,
+	0x2d4845,
+	0x2e3dc3,
+	0x2e3dc5,
+	0x2f1dc3,
+	0x211282,
+	0x2342c4,
+	0x206743,
+	0x207002,
+	0x2fd284,
+	0x314903,
+	0x211b42,
+	0x289ec3,
+	0x21b484,
+	0x30f503,
+	0x269644,
+	0x202fc2,
+	0x2213c3,
+	0x219883,
+	0x2075c2,
+	0x2a7382,
+	0x28a8c9,
+	0x20dfc2,
+	0x29f2c4,
+	0x206782,
+	0x288904,
+	0x263084,
+	0x30c944,
+	0x203342,
+	0x24a8c2,
+	0x239b03,
+	0x2ae143,
+	0x29aa04,
+	0x2ec444,
+	0x329104,
+	0x32bc04,
+	0x326803,
+	0x2f7cc3,
+	0x30de04,
+	0x32cf44,
+	0x32d086,
+	0x205402,
+	0xb642,
+	0x4f583,
+	0x20b642,
+	0x226783,
+	0x20f583,
+	0x214883,
+	0x24acc3,
+	0x177c5,
 	0x2000c2,
-	0x258843,
-	0x229f43,
-	0x224d03,
-	0x206dc3,
-	0x2e9c43,
-	0x258104,
-	0x287204,
-	0x222d84,
-	0x2127c3,
-	0x21f483,
-	0x202783,
-	0x305d44,
-	0x329b43,
-	0x223503,
-	0x387d04,
-	0x371f86,
-	0x207e43,
-	0x145d45,
-	0xf1a47,
-	0x261c03,
-	0x7ae14fc8,
-	0x209343,
-	0x2ca043,
-	0x21b643,
-	0x2335c3,
-	0x371ac5,
-	0x38483,
-	0x229f43,
-	0x224d03,
-	0x2e9c43,
-	0x2127c3,
-	0x21f483,
-	0x211543,
-	0x2033c3,
-	0x7ffc8,
-	0x229f43,
-	0x224d03,
-	0x2e9c43,
-	0x25e043,
-	0x2127c3,
-	0x294384,
-	0x81983,
-	0x21f483,
-	0x2d0584,
-	0x145d45,
-	0x2f5345,
-	0xf1a47,
-	0x205842,
-	0x201902,
+	0x20bec3,
+	0x21a043,
+	0x226783,
+	0x201b43,
+	0x20f583,
+	0x25c204,
+	0x28ab84,
+	0x225a04,
+	0x214883,
+	0x24acc3,
+	0x205443,
+	0x30be44,
+	0x3346c3,
+	0x251943,
+	0x389b04,
+	0x3d4506,
+	0x204243,
+	0x14f985,
+	0xf5d87,
+	0x288583,
+	0x7c62d088,
+	0x265883,
+	0x2cfcc3,
+	0x21e803,
+	0x2384c3,
+	0x3b8305,
+	0x1c3083,
+	0x21a043,
+	0x226783,
+	0x20f583,
+	0x214883,
+	0x24acc3,
+	0x2113c3,
+	0x206083,
+	0x1c3448,
+	0x21a043,
+	0x226783,
+	0x20f583,
+	0x20bc83,
+	0x214883,
+	0x26c584,
+	0x24acc3,
+	0x2d8484,
+	0x14f985,
+	0x36dd05,
+	0xf5d87,
+	0x20b642,
+	0x203142,
 	0x200382,
-	0x2048c2,
-	0xbc03,
+	0x201f42,
 	0x2003c2,
-	0x1544,
-	0x229f43,
-	0x241284,
-	0x224d03,
-	0x2e9c43,
-	0x219c03,
-	0x2127c3,
-	0x21f483,
-	0x7ffc8,
-	0x229f43,
-	0x224d03,
-	0x2e9c43,
-	0x219c03,
-	0x222d84,
-	0x2127c3,
-	0xbc03,
-	0x21f483,
-	0x217083,
-	0x29f804,
-	0x7ffc8,
-	0x229f43,
-	0x20bc03,
-	0xb8c3,
-	0x123944,
-	0x259b44,
-	0x7ffc8,
-	0x5842,
-	0x229f43,
-	0x25b9c4,
-	0x258104,
-	0x20bc03,
-	0x200f82,
-	0x81983,
-	0x21f483,
-	0x23ffc3,
-	0x4a3c4,
-	0x32e885,
-	0x208ec2,
-	0x325ec3,
-	0x172fc9,
-	0xf2386,
-	0x87e08,
+	0x2d84,
+	0x21a043,
+	0x243544,
+	0x226783,
+	0x20f583,
+	0x214e43,
+	0x214883,
+	0x24acc3,
+	0x1c3448,
+	0x21a043,
+	0x226783,
+	0x20f583,
+	0x214e43,
+	0x225a04,
+	0x214883,
+	0x24acc3,
+	0x219303,
+	0x265a04,
+	0x1c3448,
+	0x21a043,
+	0x208c43,
+	0x18b43,
+	0x12e504,
+	0x2346c4,
+	0x1c3448,
+	0xb642,
+	0x21a043,
+	0x2607c4,
+	0x25c204,
+	0x208c43,
+	0x201802,
+	0x24acc3,
+	0x2423c3,
+	0x23984,
+	0x33a505,
+	0x249902,
+	0x333483,
+	0x1beec9,
+	0xf67c6,
+	0x8c108,
 	0x2000c2,
-	0x7ffc8,
-	0x205842,
-	0x224d03,
-	0x2e9c43,
+	0x1c3448,
+	0x7fafe207,
+	0x20b642,
+	0x226783,
+	0x20f583,
 	0x2005c2,
-	0xbc03,
-	0x21f483,
-	0x2802,
+	0x24acc3,
+	0x54c2,
 	0x82,
+	0x23984,
 	0xc2,
-	0x1d0347,
-	0x1e949,
-	0x2fc3,
-	0x7ffc8,
-	0x18f203,
-	0x7e724f47,
-	0x29f43,
-	0xfdc8,
-	0x24d03,
-	0x86247,
-	0xe9c43,
-	0x3d286,
-	0x5e043,
-	0xa9388,
-	0xdc448,
-	0x1d4883,
-	0x122246,
-	0x7e92fc05,
-	0x1318c5,
-	0x19c03,
-	0x9dac8,
-	0xe59c8,
-	0x62b03,
-	0x7ecf6786,
-	0xfb305,
-	0x869c4,
-	0x3e8c7,
-	0x127c3,
-	0x4b83,
-	0x1f483,
-	0x2082,
-	0x18a0ca,
-	0x37945,
-	0x3d43,
-	0x7f2d8e0c,
-	0x161c43,
-	0x120984,
-	0x118ecb,
-	0x119488,
-	0x1965c4,
-	0xa1342,
-	0x45f03,
-	0x1434307,
-	0x15ce3c7,
-	0x14dff08,
-	0x1445f03,
-	0x1c8bc8,
-	0x1496944,
-	0x183dcb,
-	0x12c82,
-	0x1300c7,
-	0x14bc04,
+	0x1d5bc7,
+	0x17149,
+	0x5c83,
+	0x1c3448,
+	0x1da43,
+	0x80330047,
+	0x1a043,
+	0xa8408,
+	0x26783,
+	0x85587,
+	0xf583,
+	0x1eeb86,
+	0xbc83,
+	0xb5fc8,
+	0xdf908,
+	0x1d8b03,
+	0x8f606,
+	0x8053b0c5,
+	0x1b8b85,
+	0x14e43,
+	0xa2388,
+	0xea7c8,
+	0x69243,
+	0x808fb886,
+	0x102dc5,
+	0x1bf644,
+	0x412c7,
+	0x14883,
+	0x7803,
+	0x4acc3,
+	0x4d42,
+	0x19720a,
+	0x9c83,
+	0x80edc7cc,
+	0xedfc3,
+	0x1b04,
+	0x1215cb,
+	0x121b88,
+	0xa4fc2,
+	0x123d83,
+	0x1416c47,
+	0x15d4b87,
+	0x14e3e88,
+	0x1523d83,
+	0x1cd6c8,
+	0x149a144,
+	0x1eafcb,
+	0x13c02,
+	0x13b587,
+	0x1547c4,
 	0x2000c2,
-	0x205842,
-	0x241284,
-	0x2e9c43,
-	0x219c03,
-	0x2127c3,
-	0x21f483,
-	0x229f43,
-	0x224d03,
-	0x2e9c43,
-	0x2335c3,
-	0x2127c3,
-	0x21f483,
-	0x2a31c3,
-	0x217083,
-	0x13803,
-	0x229f43,
-	0x224d03,
-	0x2e9c43,
-	0x2127c3,
-	0x21f483,
-	0x229f43,
-	0x224d03,
-	0x2e9c43,
-	0x2127c3,
-	0x21f483,
-	0xb8c3,
-	0x24d03,
-	0x814e9c43,
-	0x80407,
-	0x229f43,
-	0x224d03,
-	0x2e9c43,
-	0x258104,
-	0x2335c3,
-	0x2127c3,
-	0x21f483,
-	0x26ca02,
+	0x20b642,
+	0x243544,
+	0x20f583,
+	0x214e43,
+	0x214883,
+	0x24acc3,
+	0x21a043,
+	0x226783,
+	0x20f583,
+	0x2384c3,
+	0x214883,
+	0x24acc3,
+	0x229a83,
+	0x219303,
+	0x15ac3,
+	0x21a043,
+	0x226783,
+	0x20f583,
+	0x214883,
+	0x24acc3,
+	0x21a043,
+	0x226783,
+	0x20f583,
+	0x214883,
+	0x24acc3,
+	0x18b43,
+	0x26783,
+	0x8300f583,
+	0x833c7,
+	0x21a043,
+	0x226783,
+	0x20f583,
+	0x25c204,
+	0x2384c3,
+	0x214883,
+	0x24acc3,
+	0x22ccc2,
 	0x2000c1,
 	0x2000c2,
 	0x200201,
-	0x3385c2,
-	0x7ffc8,
-	0x224f85,
+	0x340a82,
+	0x1c3448,
+	0x226f45,
 	0x200101,
-	0x29f43,
-	0x3b4c4,
-	0x200d01,
+	0x1a043,
+	0x3e084,
+	0x200cc1,
 	0x200501,
-	0x200c01,
-	0x254602,
-	0x395c04,
-	0x254603,
+	0x200bc1,
+	0x2590c2,
+	0x396b44,
+	0x2590c3,
 	0x200041,
 	0x200801,
 	0x200181,
-	0x1eaa46,
+	0x37d06,
+	0x1e144c,
 	0x200701,
-	0x3bc807,
-	0x38decf,
-	0x3786c6,
+	0x324e47,
+	0x306d0f,
+	0x3ccd06,
 	0x2004c1,
-	0x323986,
-	0x200b41,
+	0x32e546,
+	0x200ec1,
+	0x10210c,
 	0x200581,
-	0x3b7fce,
+	0x3c2a4e,
 	0x2003c1,
-	0x21f483,
-	0x200a81,
-	0x328745,
-	0x202082,
-	0x216e05,
+	0x24acc3,
+	0x2015c1,
+	0x83ed2ac4,
+	0x23ba45,
+	0x204d42,
+	0x219085,
 	0x200401,
 	0x200741,
 	0x2007c1,
-	0x208ec2,
+	0x249902,
 	0x200081,
-	0x205241,
-	0x201541,
-	0x201c41,
-	0x201b81,
-	0x60209,
-	0x7ffc8,
-	0x229f43,
-	0x224d03,
-	0x10e7c8,
-	0x2e9c43,
-	0x2127c3,
-	0x21f483,
-	0x21fc83,
-	0x1efd03,
-	0x229f43,
-	0x2e9c43,
-	0xa1288,
-	0x219c03,
-	0x2127c3,
-	0x9843,
-	0x21f483,
-	0x82f0ad88,
-	0x1ef9c3,
-	0x11448,
-	0x12d02,
-	0x2583,
-	0x6cc2,
-	0x1b02,
-	0x145d45,
-	0x7ffc8,
-	0x9e0c6,
-	0x161487,
-	0xbc03,
-	0x145d45,
-	0x179c04,
-	0x199ac8,
-	0x51a44,
-	0x1217c7,
-	0x63e44,
-	0x5818c,
-	0x1e6644,
-	0x27885,
-	0x60209,
-	0x176507,
-	0x1df86,
-	0x5b74a,
-	0x156e00a,
-	0x11d484,
-	0x1506c43,
-	0x7ffc8,
-	0x81983,
-	0x229f43,
-	0x224d03,
-	0x2e9c43,
-	0x2127c3,
-	0x21f483,
-	0x2030c3,
-	0x7ffc8,
-	0x229f43,
-	0x224d03,
-	0x2ef2c4,
-	0x21f483,
-	0x28a685,
-	0x279884,
-	0x229f43,
-	0x224d03,
-	0x2e9c43,
-	0x2026c2,
-	0x2127c3,
-	0x21f483,
-	0x17083,
-	0xf3f86,
-	0xc2904,
-	0x124a86,
-	0x258843,
-	0x229f43,
-	0x224d03,
-	0x2e9c43,
-	0x2026c2,
-	0x2127c3,
-	0x21f483,
-	0x217083,
-	0x205842,
-	0x229f43,
-	0x23ba49,
-	0x224d03,
-	0x2bc9c9,
-	0x219c03,
-	0x2127c3,
-	0x8d344,
-	0xbc03,
-	0x21f483,
-	0x305548,
-	0x245347,
-	0x32e885,
-	0xd2048,
-	0x12e889,
-	0x1e5e08,
-	0x1d0347,
-	0xff04a,
-	0x15964b,
-	0x123bc7,
-	0x4af48,
-	0x8fca,
-	0xc9508,
-	0x1e949,
-	0x2e447,
-	0x1d8c7,
-	0xbd08,
-	0xfdc8,
-	0x4cc4f,
-	0xb0045,
-	0x1f507,
-	0x3d286,
-	0x41007,
-	0x12c686,
-	0xa9388,
-	0xae506,
-	0x1404c7,
-	0x167fc9,
-	0x1ca87,
-	0xe7d89,
-	0xd2449,
-	0xd9106,
-	0xdc448,
-	0xd2305,
-	0x158e0a,
-	0xe59c8,
-	0x62b03,
-	0xec9c8,
-	0x3e8c7,
-	0x1865c5,
-	0x160810,
-	0x4b83,
-	0x81983,
-	0x183307,
-	0x1c605,
-	0xffd88,
-	0x7a605,
-	0x161c43,
-	0x1dea48,
-	0x2606,
-	0x15f089,
-	0xbfb87,
-	0x17328b,
-	0x7f144,
-	0x112d84,
-	0x118ecb,
-	0x119488,
-	0x119d47,
-	0x145d45,
-	0x229f43,
-	0x224d03,
-	0x28c6c3,
-	0x21f483,
-	0x249f03,
-	0x2e9c43,
-	0x81983,
-	0x229f43,
-	0x224d03,
-	0x2e9c43,
-	0x219c03,
-	0x2127c3,
-	0x21f483,
-	0x1ddb4b,
+	0x200f81,
+	0x202d81,
+	0x203481,
+	0x2033c1,
+	0x2802,
+	0x67409,
+	0x1c3448,
+	0x21a043,
+	0x226783,
+	0x1008c8,
+	0x20f583,
+	0x214883,
+	0x24acc3,
+	0x221c03,
+	0x1f3503,
+	0x21a043,
+	0x20f583,
+	0xa4f08,
+	0x214e43,
+	0x214883,
+	0x2a783,
+	0x24acc3,
+	0x84f34308,
+	0x1f31c3,
+	0x112c8,
+	0x13c82,
+	0x17c3,
+	0xa842,
+	0x3342,
+	0x14f985,
+	0x1c3448,
+	0xa4806,
+	0x1ec847,
+	0x14f985,
+	0xb284,
+	0x19a3c8,
+	0x550c4,
+	0x12c887,
+	0x6af04,
+	0x5c28c,
+	0x1e6304,
+	0x2bd85,
+	0x67409,
+	0x1f0487,
+	0xe1548,
+	0x2aac6,
+	0x12e0a,
+	0x157714a,
+	0x127984,
+	0x15886c3,
+	0x1c3448,
+	0x21a043,
+	0x226783,
+	0x20f583,
+	0x214883,
+	0x24acc3,
+	0x205d83,
+	0x1c3448,
+	0x21a043,
+	0x226783,
+	0x2eef84,
+	0x24acc3,
+	0x2cf905,
+	0x26b544,
+	0x21a043,
+	0x226783,
+	0x20f583,
+	0x200ec2,
+	0x214883,
+	0x24acc3,
+	0x19303,
+	0xf9b06,
+	0xc8204,
+	0x12fb86,
+	0x20bec3,
+	0x21a043,
+	0x226783,
+	0x20f583,
+	0x200ec2,
+	0x214883,
+	0x24acc3,
+	0x219303,
+	0x20b642,
+	0x21a043,
+	0x23e609,
+	0x226783,
+	0x2c22c9,
+	0x214e43,
+	0x214883,
+	0x90544,
+	0x24acc3,
+	0x30b648,
+	0x245ac7,
+	0x33a505,
+	0x62386,
+	0xcc388,
+	0x13a509,
+	0x1e5ac8,
+	0x1d5bc7,
+	0x105e0a,
+	0x1a9fcb,
+	0x12e787,
+	0x4d688,
+	0x1e244a,
+	0xcea48,
+	0x17149,
+	0x302c7,
+	0x1bb647,
+	0x1ec048,
+	0xa8408,
+	0x4ee4f,
+	0xb79c5,
+	0xa8707,
+	0x1eeb86,
+	0x1afc47,
+	0x12be46,
+	0xb5fc8,
+	0xc28c6,
+	0x1eb547,
+	0x135dc9,
+	0x36c87,
+	0x1b3209,
+	0xd5949,
+	0xdcac6,
+	0xdf908,
+	0xcc645,
+	0xf808a,
+	0xea7c8,
+	0x69243,
+	0xf2648,
+	0x412c7,
+	0x171045,
+	0xa1050,
+	0x7803,
+	0x1eb3c7,
+	0x16085,
+	0x106b48,
+	0x1ea2c5,
+	0xedfc3,
+	0x1688,
+	0x52c6,
+	0x164b89,
+	0xc5407,
+	0x1bf18b,
+	0x82404,
+	0x11ae04,
+	0x1215cb,
+	0x121b88,
+	0x122347,
+	0x14f985,
+	0x21a043,
+	0x226783,
+	0x204703,
+	0x24acc3,
+	0x24c843,
+	0x20f583,
+	0x21a043,
+	0x226783,
+	0x20f583,
+	0x214e43,
+	0x214883,
+	0x24acc3,
+	0xabf8b,
 	0x2000c2,
-	0x205842,
-	0x21f483,
-	0x2102,
-	0x26c2,
-	0x5ec2,
-	0x7ffc8,
-	0x12b409,
-	0x1c8bc8,
-	0x5842,
+	0x20b642,
+	0x24acc3,
+	0x45c2,
+	0xec2,
+	0xf82,
+	0x1c3448,
+	0x13bf09,
+	0x1cd6c8,
+	0xb642,
 	0x2000c2,
-	0x205842,
+	0x20b642,
 	0x200382,
 	0x2005c2,
-	0x205c02,
-	0x2127c3,
-	0x165c6,
+	0x2024c2,
+	0x214883,
+	0x18846,
 	0x2003c2,
-	0x4a3c4,
+	0x23984,
 	0x2000c2,
-	0x258843,
-	0x205842,
-	0x229f43,
-	0x224d03,
+	0x20bec3,
+	0x20b642,
+	0x21a043,
+	0x226783,
 	0x200382,
-	0x2e9c43,
-	0x25e043,
-	0x219c03,
-	0x222d84,
-	0x2127c3,
-	0x21c043,
-	0xbc03,
-	0x21f483,
-	0x320984,
-	0x205ec3,
-	0x2e9c43,
-	0x205842,
-	0x229f43,
-	0x224d03,
-	0x2e9c43,
-	0x219c03,
-	0x2127c3,
-	0x20bc03,
-	0x21f483,
-	0x3c96c7,
-	0x229f43,
-	0x24dac7,
-	0x3a3d06,
-	0x21b983,
-	0x226403,
-	0x2e9c43,
-	0x204203,
-	0x258104,
-	0x3b4204,
-	0x33ef46,
-	0x231083,
-	0x2127c3,
-	0x10aacb,
-	0x21f483,
-	0x28a685,
-	0x22b5c4,
-	0x3b6a43,
-	0x3d8003,
-	0x2e1487,
-	0x236f05,
-	0x2283,
-	0x229f43,
-	0x224d03,
-	0x2e9c43,
-	0x219c03,
-	0x2127c3,
-	0x1c3404,
-	0x21f483,
-	0x1f343,
-	0x8a30d6cc,
-	0x5db43,
-	0x53a87,
-	0x4c106,
-	0xd5247,
-	0x135f85,
-	0x204e42,
-	0x256803,
-	0x219383,
-	0x258843,
-	0x8ae29f43,
-	0x208542,
-	0x224d03,
-	0x204b03,
-	0x2e9c43,
-	0x258104,
-	0x3ce883,
-	0x372ac3,
-	0x219c03,
-	0x222d84,
-	0x8b203bc2,
-	0x2127c3,
-	0x21f483,
-	0x2043c3,
-	0x229c83,
-	0x212843,
-	0x26ca02,
-	0x205ec3,
-	0x7ffc8,
-	0x2e9c43,
-	0xb8c3,
-	0x285584,
-	0x258843,
-	0x205842,
-	0x229f43,
-	0x241284,
-	0x224d03,
-	0x2e9c43,
-	0x258104,
-	0x25e043,
-	0x276f44,
-	0x292e44,
-	0x2edcc6,
-	0x222d84,
-	0x2127c3,
-	0x21f483,
-	0x202783,
-	0x278606,
-	0x46bcb,
-	0x332c6,
-	0x12650a,
-	0x11e28a,
-	0x7ffc8,
-	0x243244,
-	0x8c629f43,
-	0x384f44,
-	0x224d03,
-	0x29e6c4,
-	0x2e9c43,
-	0x352e83,
-	0x219c03,
-	0x2127c3,
-	0x81983,
-	0x21f483,
-	0x2f7c3,
-	0x34804b,
-	0x3dc94a,
-	0x3ef4cc,
-	0xf7088,
+	0x20f583,
+	0x20bc83,
+	0x214e43,
+	0x225a04,
+	0x214883,
+	0x21c243,
+	0x24acc3,
+	0x201b04,
+	0x200f83,
+	0x20f583,
+	0x20b642,
+	0x21a043,
+	0x226783,
+	0x20f583,
+	0x214e43,
+	0x214883,
+	0x208c43,
+	0x24acc3,
+	0x3ceb47,
+	0x21a043,
+	0x242ec7,
+	0x32b106,
+	0x212e83,
+	0x226dc3,
+	0x20f583,
+	0x211983,
+	0x25c204,
+	0x2580c4,
+	0x34ae46,
+	0x23bc83,
+	0x214883,
+	0x13404b,
+	0x24acc3,
+	0x2cf905,
+	0x336d44,
+	0x3db4c3,
+	0x2543c3,
+	0x2e66c7,
+	0x23ae45,
+	0x4f43,
+	0x21a043,
+	0x226783,
+	0x20f583,
+	0x214e43,
+	0x214883,
+	0x1c77c4,
+	0x24acc3,
+	0xbb43,
+	0x8c314a8c,
+	0xe28c3,
+	0x68ec7,
+	0x8b246,
+	0x1d95c7,
+	0x1369c5,
+	0x214202,
+	0x25e203,
+	0x21c683,
+	0x20bec3,
+	0x8ce1a043,
+	0x20c942,
+	0x226783,
+	0x207783,
+	0x20f583,
+	0x25c204,
+	0x20de83,
+	0x349143,
+	0x214e43,
+	0x225a04,
+	0x8d203642,
+	0x214883,
+	0x24acc3,
+	0x211b43,
+	0x219d83,
+	0x214903,
+	0x22ccc2,
+	0x200f83,
+	0x1c3448,
+	0x20f583,
+	0x18b43,
+	0x220c04,
+	0x20bec3,
+	0x20b642,
+	0x21a043,
+	0x243544,
+	0x226783,
+	0x20f583,
+	0x25c204,
+	0x20bc83,
+	0x279504,
+	0x230944,
+	0x2f3c06,
+	0x225a04,
+	0x214883,
+	0x24acc3,
+	0x205443,
+	0x27b8c6,
+	0x474cb,
+	0x38286,
+	0x489ca,
+	0x128d8a,
+	0x1c3448,
+	0x22f8c4,
+	0x8e61a043,
+	0x20be84,
+	0x226783,
+	0x2d1704,
+	0x20f583,
+	0x37ee83,
+	0x214e43,
+	0x214883,
+	0x24acc3,
+	0x23c83,
+	0x35174b,
+	0x3de04a,
+	0x3f2ccc,
+	0xfc148,
 	0x2000c2,
-	0x205842,
+	0x20b642,
 	0x200382,
-	0x235c45,
-	0x258104,
-	0x2026c2,
-	0x219c03,
-	0x292e44,
-	0x2048c2,
+	0x239805,
+	0x25c204,
+	0x200ec2,
+	0x214e43,
+	0x230944,
+	0x201f42,
 	0x2003c2,
-	0x2036c2,
-	0x26ca02,
-	0x58843,
-	0x35c2,
-	0x2da949,
-	0x27ce48,
-	0x2f0949,
-	0x3a6ac9,
-	0x212d4a,
-	0x214aca,
-	0x20d482,
-	0x2b90c2,
-	0x5842,
-	0x229f43,
-	0x20f1c2,
-	0x24cb46,
-	0x329c42,
-	0x48e02,
-	0x20ad42,
-	0x3599ce,
-	0x21eece,
-	0x212747,
-	0x2154c2,
-	0x224d03,
-	0x2e9c43,
-	0x205d42,
+	0x206382,
+	0x22ccc2,
+	0xbec3,
+	0x6282,
+	0x2de849,
+	0x27fc88,
+	0x366989,
+	0x3a7f49,
+	0x23240a,
+	0x31170a,
+	0x202882,
+	0x36e3c2,
+	0xb642,
+	0x21a043,
+	0x203682,
+	0x24ed46,
+	0x3347c2,
+	0x4a282,
+	0x200d82,
+	0x3aa34e,
+	0x22140e,
+	0x214807,
+	0x218342,
+	0x226783,
+	0x20f583,
+	0x2380c2,
 	0x2005c2,
-	0x58103,
-	0x24148f,
-	0x21d942,
-	0x2e8447,
-	0x2ecb87,
-	0x2f1d07,
-	0x2f5d4c,
-	0x2fbe8c,
-	0x2fc844,
-	0x291c0a,
-	0x21ee02,
-	0x208042,
-	0x2d4344,
+	0x31a43,
+	0x24374f,
+	0x24f082,
+	0x3cdac7,
+	0x2ccdc7,
+	0x3382c7,
+	0x2d12cc,
+	0x2dc1cc,
+	0x2208c4,
+	0x29588a,
+	0x221342,
+	0x20af02,
+	0x2d7504,
 	0x200702,
-	0x24f6c2,
-	0x2fc0c4,
-	0x21c142,
-	0x20b982,
-	0x280c3,
-	0x2ae587,
-	0x35ba05,
-	0x22d442,
-	0x240f84,
-	0x20bdc2,
-	0x2f6908,
-	0x2127c3,
-	0x37f808,
-	0x204982,
-	0x2fca05,
-	0x3a4706,
-	0x21f483,
-	0x206582,
-	0x300b87,
-	0x2082,
-	0x252e45,
-	0x331d05,
-	0x20b082,
-	0x208382,
-	0x3cb68a,
-	0x2805ca,
-	0x246f82,
-	0x2af444,
-	0x202602,
-	0x23a8c8,
-	0x20d682,
-	0x2dd588,
-	0x4c01,
-	0x314487,
-	0x315189,
-	0x252ec2,
-	0x31ab85,
-	0x37ba45,
-	0x21c6cb,
-	0x20d0cc,
-	0x2323c8,
-	0x32ff08,
-	0x202742,
-	0x25d042,
+	0x251ec2,
+	0x2dc404,
+	0x21f082,
+	0x212a82,
+	0x22043,
+	0x2c2947,
+	0x320f45,
+	0x224902,
+	0x31f984,
+	0x39b302,
+	0x2fba08,
+	0x214883,
+	0x385ec8,
+	0x207602,
+	0x220a85,
+	0x3a5a06,
+	0x24acc3,
+	0x208782,
+	0x307847,
+	0x4d42,
+	0x256145,
+	0x37b505,
+	0x2010c2,
+	0x20b242,
+	0x3d074a,
+	0x28358a,
+	0x2827c2,
+	0x2b6ac4,
+	0x201b02,
+	0x325548,
+	0x203b42,
+	0x22a888,
+	0x1101,
+	0x31c507,
+	0x31d209,
+	0x2561c2,
+	0x3231c5,
+	0x381a85,
+	0x21310b,
+	0x34b3cc,
+	0x236f48,
+	0x33b3c8,
+	0x205402,
+	0x2a5982,
 	0x2000c2,
-	0x7ffc8,
-	0x205842,
-	0x229f43,
+	0x1c3448,
+	0x20b642,
+	0x21a043,
 	0x200382,
-	0x2048c2,
-	0xbc03,
+	0x201f42,
 	0x2003c2,
-	0x21f483,
-	0x2036c2,
+	0x24acc3,
+	0x206382,
 	0x2000c2,
-	0x145d45,
-	0x8da05842,
-	0x10d804,
-	0x44005,
-	0x8eae9c43,
-	0x2280c3,
-	0x2026c2,
-	0x2127c3,
-	0x3c5f83,
-	0x8ee1f483,
-	0x2fe343,
-	0x2e2306,
-	0x1976c5,
-	0x1617083,
-	0x145d45,
-	0x1482cb,
-	0x7ffc8,
-	0x8dfce6c8,
-	0x6b547,
-	0x8e2ce18a,
-	0x7fdc7,
-	0xcab05,
-	0x8e786f09,
-	0x3204d,
-	0x3d082,
-	0x119a82,
-	0xc41,
-	0xf7544,
-	0xb978a,
-	0x80407,
-	0x1e5c4,
-	0x1e603,
-	0x1e604,
-	0x8f603e02,
-	0x8fa00ac2,
-	0x8fe00ec2,
-	0x90200b82,
-	0x90604142,
-	0x90a03702,
-	0xf1a47,
-	0x90e05842,
-	0x91215582,
-	0x91605802,
-	0x91a00d02,
-	0x21eec3,
-	0x2ba44,
-	0x91f0e7c8,
-	0x220f43,
-	0x92217202,
-	0x6d988,
-	0x92602a82,
-	0x82907,
-	0x1bbe47,
-	0x92a00042,
-	0x92e02142,
-	0x93200182,
-	0x93603842,
-	0x93a09c42,
-	0x93e005c2,
-	0x16a205,
-	0x2191c3,
-	0x368784,
-	0x94200702,
-	0x94619f42,
-	0x94a065c2,
-	0x8e04b,
-	0x94e00b42,
-	0x95654902,
-	0x95a026c2,
-	0x95e05c02,
-	0x9dac8,
-	0x9621dfc2,
-	0x9660dec2,
-	0x96a0f782,
-	0x96e7eec2,
-	0x97203bc2,
-	0x97604242,
-	0x97a048c2,
-	0x97e0ee02,
-	0x9822f002,
-	0x9860e942,
-	0xf9304,
-	0x381983,
-	0x98a3fa02,
-	0x98e1d342,
-	0x9920dcc2,
-	0x996006c2,
-	0x99a003c2,
-	0x99e00a82,
-	0xfde88,
-	0x1ddcc7,
-	0x9a202782,
-	0x9a603342,
-	0x9aa036c2,
-	0x9ae1ee82,
-	0x15804c,
-	0x9b201c82,
-	0x9b626d42,
-	0x9ba06202,
-	0x9be04c02,
-	0x9c212182,
-	0x9c612ec2,
-	0x9ca05242,
-	0x9ce0f542,
-	0x9d288142,
-	0x9d689482,
-	0x2035c2,
-	0x3ce883,
-	0x22d643,
-	0x2035c2,
-	0x3ce883,
-	0x22d643,
-	0x2035c2,
-	0x3ce883,
-	0x22d643,
-	0x2035c2,
-	0x3ce883,
-	0x22d643,
-	0x2035c2,
-	0x3ce883,
-	0x22d643,
-	0x2035c2,
-	0x3ce883,
-	0x22d643,
-	0x2035c2,
-	0x3ce883,
-	0x22d643,
-	0x2035c2,
-	0x3ce883,
-	0x22d643,
-	0x2035c2,
-	0x3ce883,
-	0x22d643,
-	0x2035c2,
-	0x3ce883,
-	0x2d643,
-	0xc8503,
-	0x2035c2,
-	0x3ce883,
-	0x22d643,
-	0x2035c2,
-	0x3ce883,
-	0x22d643,
-	0x2035c2,
-	0x3ce883,
-	0x22d643,
-	0x2035c2,
-	0x22d643,
-	0x2035c2,
-	0x3ce883,
-	0x22d643,
-	0x2035c2,
-	0x3ce883,
-	0x22d643,
-	0x2035c2,
-	0x3ce883,
-	0x22d643,
-	0x2035c2,
-	0x3ce883,
-	0x22d643,
-	0x2035c2,
-	0x3ce883,
-	0x22d643,
-	0x2035c2,
-	0x3ce883,
-	0x22d643,
-	0x2035c2,
-	0x3ce883,
-	0x22d643,
-	0x2035c2,
-	0x953ce883,
-	0x22d643,
-	0x371b44,
-	0x2f0846,
-	0x309a43,
-	0x2035c2,
-	0x3ce883,
-	0x22d643,
-	0x2035c2,
-	0x3ce883,
-	0x22d643,
-	0x271609,
-	0x2035c2,
-	0x367e03,
-	0x2d2743,
-	0x3b6c85,
-	0x204b03,
-	0x3ce883,
-	0x22d643,
-	0x2ed403,
-	0x23c7c3,
-	0x205249,
-	0x2035c2,
-	0x3ce883,
-	0x22d643,
-	0x2035c2,
-	0x3ce883,
-	0x22d643,
-	0x2035c2,
-	0x3ce883,
-	0x22d643,
-	0x2035c2,
-	0x3ce883,
-	0x22d643,
-	0x2035c2,
-	0x3ce883,
-	0x22d643,
-	0x2035c2,
-	0x22d643,
-	0x2035c2,
-	0x3ce883,
-	0x22d643,
-	0x2035c2,
-	0x3ce883,
-	0x22d643,
-	0x2035c2,
-	0x3ce883,
-	0x22d643,
-	0x2035c2,
-	0x3ce883,
-	0x22d643,
-	0x2035c2,
-	0x3ce883,
-	0x22d643,
-	0x2035c2,
-	0x3ce883,
-	0x22d643,
-	0x2035c2,
-	0x3ce883,
-	0x22d643,
-	0x2035c2,
-	0x3ce883,
-	0x22d643,
-	0x2035c2,
-	0x3ce883,
-	0x22d643,
-	0x2035c2,
-	0x3ce883,
-	0x22d643,
-	0x2035c2,
-	0x3ce883,
-	0x22d643,
-	0x2035c2,
-	0x22d643,
-	0x2035c2,
-	0x3ce883,
-	0x22d643,
-	0x2035c2,
-	0x22d643,
-	0x2035c2,
-	0x3ce883,
-	0x22d643,
-	0x2035c2,
-	0x3ce883,
-	0x22d643,
-	0x2035c2,
-	0x3ce883,
-	0x22d643,
-	0x2035c2,
-	0x3ce883,
-	0x22d643,
-	0x2035c2,
-	0x3ce883,
-	0x22d643,
-	0x2035c2,
-	0x3ce883,
-	0x22d643,
-	0x2035c2,
-	0x3ce883,
-	0x22d643,
-	0x2035c2,
-	0x3ce883,
-	0x22d643,
-	0x2035c2,
-	0x2035c2,
-	0x3ce883,
-	0x22d643,
-	0x9de29f43,
-	0x224d03,
-	0x3a6d03,
-	0x219c03,
-	0x2127c3,
-	0xbc03,
-	0x21f483,
-	0x7ffc8,
-	0x205842,
-	0x229f43,
-	0x2127c3,
-	0x21f483,
-	0x71482,
-	0x229f43,
-	0x224d03,
-	0x2e9c43,
-	0x9e90b602,
-	0x219c03,
-	0x2127c3,
-	0xbc03,
-	0x21f483,
-	0xd01,
-	0x259b44,
-	0x205842,
-	0x229f43,
-	0x200983,
-	0x224d03,
-	0x25b9c4,
-	0x28c6c3,
-	0x2e9c43,
-	0x258104,
-	0x25e043,
-	0x219c03,
-	0x2127c3,
-	0x21f483,
-	0x23ffc3,
-	0x32e885,
-	0x23c7c3,
-	0x205ec3,
+	0x14f985,
+	0x8fa0b642,
+	0x114bc4,
+	0x44d85,
+	0x90a0f583,
+	0xc3fc4,
+	0x222043,
+	0x200ec2,
+	0x214883,
+	0x3c8a03,
+	0x90e4acc3,
+	0x305103,
+	0x2e7906,
+	0x198285,
+	0x1619303,
+	0x1bf3c5,
+	0x14f985,
+	0x1519cb,
+	0x1c3448,
+	0x8fe0dcc8,
+	0x5aec7,
+	0x903c488a,
+	0x10210c,
+	0x1c3247,
+	0x1a4045,
+	0x907ecf49,
+	0x2facd,
+	0x8a3c2,
+	0x122182,
+	0xc01,
+	0x103e84,
+	0xbf58a,
+	0x833c7,
+	0x16dc4,
+	0x16e03,
+	0x16e04,
+	0x91604042,
+	0x91a00b02,
+	0x91e01d42,
+	0x922016c2,
+	0x9260f202,
+	0x92a03d82,
+	0xf5d87,
+	0x92e0b642,
+	0x93218402,
+	0x9362b602,
+	0x93a101c2,
+	0x221403,
+	0x36604,
+	0x93f008c8,
+	0x239cc3,
+	0x94219482,
+	0x727c8,
+	0x94603f82,
+	0x871c7,
+	0x1c1087,
+	0x94a00042,
+	0x94e04142,
+	0x95200182,
+	0x95606502,
+	0x95a13f82,
+	0x95e005c2,
+	0x1a8385,
+	0x21e503,
+	0x3cc144,
+	0x96200702,
+	0x9661c4c2,
+	0x96a03e02,
+	0x9bc0b,
+	0x96e03f02,
+	0x976593c2,
+	0x97a00ec2,
+	0x97e024c2,
+	0xa2388,
+	0x9822ab02,
+	0x98601942,
+	0x98a0d3c2,
+	0x98e82182,
+	0x99203642,
+	0x99609082,
+	0x99a01f42,
+	0x99e12b42,
+	0x9a209882,
+	0x9a60b482,
+	0x149204,
+	0x23d1c3,
+	0x9aa0b342,
+	0x9ae1a182,
+	0x9b206a42,
+	0x9b6006c2,
+	0x9ba003c2,
+	0x9be07002,
+	0x104c48,
+	0xac107,
+	0x9c205442,
+	0x9c6026c2,
+	0x9ca06382,
+	0x9ce213c2,
+	0x16018c,
+	0x9d2021c2,
+	0x9d62ebc2,
+	0x9da07182,
+	0x9de07882,
+	0x9e20b382,
+	0x9e609142,
+	0x9ea0d442,
+	0x9ee138c2,
+	0x9f28c442,
+	0x9f68cd82,
+	0x206282,
+	0x20de83,
+	0x224b03,
+	0x206282,
+	0x20de83,
+	0x224b03,
+	0x206282,
+	0x20de83,
+	0x224b03,
+	0x206282,
+	0x20de83,
+	0x224b03,
+	0x206282,
+	0x20de83,
+	0x224b03,
+	0x206282,
+	0x20de83,
+	0x224b03,
+	0x206282,
+	0x20de83,
+	0x224b03,
+	0x206282,
+	0x20de83,
+	0x224b03,
+	0x206282,
+	0x20de83,
+	0x224b03,
+	0x206282,
+	0x20de83,
+	0x24b03,
+	0xcd883,
+	0x206282,
+	0x20de83,
+	0x224b03,
+	0x206282,
+	0x20de83,
+	0x224b03,
+	0x206282,
+	0x20de83,
+	0x224b03,
+	0x206282,
+	0x224b03,
+	0x206282,
+	0x20de83,
+	0x224b03,
+	0x206282,
+	0x20de83,
+	0x224b03,
+	0x206282,
+	0x20de83,
+	0x224b03,
+	0x206282,
+	0x20de83,
+	0x224b03,
+	0x206282,
+	0x20de83,
+	0x224b03,
+	0x206282,
+	0x20de83,
+	0x224b03,
+	0x206282,
+	0x20de83,
+	0x224b03,
+	0x206282,
+	0x9720de83,
+	0x224b03,
+	0x3b8384,
+	0x366886,
+	0x310783,
+	0x206282,
+	0x20de83,
+	0x224b03,
+	0x206282,
+	0x20de83,
+	0x224b03,
+	0x378049,
+	0x206282,
+	0x370903,
+	0x2d5c43,
+	0x20cac5,
+	0x207783,
+	0x20de83,
+	0x224b03,
+	0x2f33c3,
+	0x23fac3,
+	0x227b89,
+	0x206282,
+	0x20de83,
+	0x224b03,
+	0x206282,
+	0x20de83,
+	0x224b03,
+	0x206282,
+	0x20de83,
+	0x224b03,
+	0x206282,
+	0x20de83,
+	0x224b03,
+	0x206282,
+	0x20de83,
+	0x224b03,
+	0x206282,
+	0x224b03,
+	0x206282,
+	0x20de83,
+	0x224b03,
+	0x206282,
+	0x20de83,
+	0x224b03,
+	0x206282,
+	0x20de83,
+	0x224b03,
+	0x206282,
+	0x20de83,
+	0x224b03,
+	0x206282,
+	0x20de83,
+	0x224b03,
+	0x206282,
+	0x20de83,
+	0x224b03,
+	0x206282,
+	0x20de83,
+	0x224b03,
+	0x206282,
+	0x20de83,
+	0x224b03,
+	0x206282,
+	0x20de83,
+	0x224b03,
+	0x206282,
+	0x20de83,
+	0x224b03,
+	0x206282,
+	0x20de83,
+	0x224b03,
+	0x206282,
+	0x224b03,
+	0x206282,
+	0x20de83,
+	0x224b03,
+	0x206282,
+	0x224b03,
+	0x206282,
+	0x20de83,
+	0x224b03,
+	0x206282,
+	0x20de83,
+	0x224b03,
+	0x206282,
+	0x20de83,
+	0x224b03,
+	0x206282,
+	0x20de83,
+	0x224b03,
+	0x206282,
+	0x20de83,
+	0x224b03,
+	0x206282,
+	0x20de83,
+	0x224b03,
+	0x206282,
+	0x20de83,
+	0x224b03,
+	0x206282,
+	0x20de83,
+	0x224b03,
+	0x206282,
+	0x206282,
+	0x20de83,
+	0x224b03,
+	0x9fe1a043,
+	0x226783,
+	0x3a8183,
+	0x214e43,
+	0x214883,
+	0x24acc3,
+	0x1c3448,
+	0x20b642,
+	0x21a043,
+	0x214883,
+	0x24acc3,
+	0x14e5c2,
+	0x21a043,
+	0x226783,
+	0x20f583,
+	0xa0913002,
+	0x214e43,
+	0x214883,
+	0x24acc3,
+	0xcc1,
+	0x2346c4,
+	0x262603,
+	0x20b642,
+	0x21a043,
+	0x3bfcc3,
+	0x226783,
+	0x2607c4,
+	0x204703,
+	0x20f583,
+	0x25c204,
+	0x20bc83,
+	0x214e43,
+	0x214883,
+	0x208c43,
+	0x24acc3,
+	0x240f03,
+	0x2423c3,
+	0x33a505,
+	0x23fac3,
+	0x200f83,
 	0x882,
-	0xbc03,
-	0x205842,
-	0x229f43,
-	0x3ce883,
-	0x2127c3,
-	0x21f483,
+	0x20b642,
+	0x21a043,
+	0x20de83,
+	0x214883,
+	0x24acc3,
 	0x2000c2,
-	0x258843,
-	0x7ffc8,
-	0x229f43,
-	0x224d03,
-	0x2e9c43,
-	0x2389c6,
-	0x258104,
-	0x25e043,
-	0x222d84,
-	0x2127c3,
-	0x21f483,
-	0x202783,
-	0x45c4,
-	0xb90c2,
-	0x229f43,
-	0x5483,
-	0x224d03,
-	0x26c2,
-	0x2127c3,
-	0x21f483,
-	0x76c04,
-	0x762c4,
-	0xfc2,
-	0x1489e07,
-	0x187887,
-	0x229f43,
-	0x332c6,
-	0x224d03,
-	0x2e9c43,
-	0xf8986,
-	0x2127c3,
-	0x21f483,
-	0x32bbc8,
-	0x32fd49,
-	0x340f89,
-	0x34b788,
-	0x3a6908,
-	0x3a6909,
-	0x3254ca,
-	0x362f8a,
-	0x3a0d8a,
-	0x3a8fca,
-	0x3dc94a,
-	0x3ea14b,
-	0x230a4d,
-	0x248e4f,
-	0x36ea90,
-	0x36668d,
-	0x38b00c,
-	0x3a8d0b,
-	0x1a20c7,
-	0x1299ce,
-	0x12cd8a,
-	0x12fa49,
-	0x140f89,
-	0x164fc9,
-	0x16520a,
-	0x16de09,
-	0x16e789,
-	0x17014b,
-	0x29b08,
-	0x10b448,
-	0x14abc9,
-	0x1498307,
-	0xe3f05,
-	0x229f43,
-	0x224d03,
-	0x2e9c43,
-	0x219c03,
-	0x2127c3,
-	0x21f483,
-	0x1f483,
+	0x20bec3,
+	0x1c3448,
+	0x21a043,
+	0x226783,
+	0x20f583,
+	0x23c686,
+	0x25c204,
+	0x20bc83,
+	0x225a04,
+	0x214883,
+	0x24acc3,
+	0x205443,
+	0x11d44,
+	0x16e3c2,
+	0x21a043,
+	0x24dc3,
+	0x226783,
+	0xec2,
+	0x214883,
+	0x24acc3,
+	0x791c4,
+	0x78884,
+	0x19c2,
+	0x1568287,
+	0x152347,
+	0x21a043,
+	0x38286,
+	0x226783,
+	0x20f583,
+	0xfda46,
+	0x214883,
+	0x24acc3,
+	0x337788,
+	0x33b209,
+	0x34a749,
+	0x354348,
+	0x3a7d88,
+	0x3a7d89,
+	0x33060a,
+	0x369eca,
+	0x3a280a,
+	0x3a8f8a,
+	0x3de04a,
+	0x3ede8b,
+	0x365a4d,
+	0x24a2cf,
+	0x24fe10,
+	0x36e74d,
+	0x38ca8c,
+	0x3a8ccb,
+	0x1a3447,
+	0x13454e,
+	0x138a0a,
+	0x13af09,
+	0x14a749,
+	0x16c949,
+	0x16cb8a,
+	0x176f49,
+	0x177889,
+	0x17898b,
+	0x19c08,
+	0x112e48,
+	0x59d09,
+	0x149e747,
+	0xe9545,
+	0x21a043,
+	0x226783,
+	0x20f583,
+	0x214e43,
+	0x214883,
+	0x24acc3,
+	0x4acc3,
 	0x2000c2,
-	0x236d45,
-	0x228083,
-	0xa2e05842,
-	0x224d03,
-	0x2e9c43,
-	0x3664c7,
-	0x21b643,
-	0x219c03,
-	0x2127c3,
-	0x25c743,
-	0x21c043,
-	0x204003,
-	0x20bc03,
-	0x21f483,
-	0x25ce86,
-	0x208ec2,
-	0x205ec3,
-	0x7ffc8,
+	0x23ac85,
+	0x222003,
+	0xa4e0b642,
+	0x226783,
+	0x20f583,
+	0x2c1a07,
+	0x21e803,
+	0x214e43,
+	0x214883,
+	0x262243,
+	0x21c243,
+	0x20f0c3,
+	0x208c43,
+	0x24acc3,
+	0x3ae506,
+	0x249902,
+	0x200f83,
+	0x1c3448,
 	0x2000c2,
-	0x258843,
-	0x205842,
-	0x229f43,
-	0x224d03,
-	0x2e9c43,
-	0x258104,
-	0x219c03,
-	0x2127c3,
-	0x21f483,
-	0x217083,
-	0x187887,
-	0x12c82,
-	0x9744,
-	0x151d546,
+	0x20bec3,
+	0x20b642,
+	0x21a043,
+	0x226783,
+	0x20f583,
+	0x25c204,
+	0x214e43,
+	0x214883,
+	0x24acc3,
+	0x219303,
+	0x152347,
+	0x13c02,
+	0x148744,
+	0x153a806,
 	0x2000c2,
-	0x205842,
-	0x2e9c43,
-	0x219c03,
-	0x21f483,
+	0x20b642,
+	0x20f583,
+	0x214e43,
+	0x24acc3,
 }
 
 // children is the list of nodes' children, the parent's wildcard bit and the
@@ -9862,659 +9896,667 @@ var children = [...]uint32{
 	0x40000000,
 	0x50000000,
 	0x60000000,
-	0x17a05e2,
-	0x17a45e8,
-	0x17a85e9,
-	0x17cc5ea,
-	0x19245f3,
-	0x193c649,
-	0x195064f,
-	0x1968654,
-	0x198865a,
-	0x19ac662,
-	0x19c466b,
-	0x1a04671,
-	0x1a08681,
-	0x1a30682,
-	0x1a3468c,
-	0x1a4c68d,
-	0x1a50693,
-	0x1a54694,
-	0x1a94695,
-	0x1a986a5,
-	0x1a9c6a6,
-	0x21aa06a7,
-	0x61aa86a8,
-	0x21ab06aa,
-	0x1af86ac,
-	0x1b006be,
-	0x21b046c0,
-	0x1b286c1,
-	0x1b2c6ca,
-	0x1b406cb,
-	0x1b446d0,
-	0x1b646d1,
-	0x1b946d9,
-	0x1bb06e5,
-	0x1bb86ec,
-	0x1be06ee,
-	0x1bf86f8,
-	0x21bfc6fe,
-	0x21c006ff,
-	0x1c04700,
-	0x1c9c701,
-	0x1cb0727,
-	0x1cc472c,
-	0x1cfc731,
-	0x1d0c73f,
-	0x1d20743,
-	0x1d38748,
-	0x1ddc74e,
-	0x2010777,
-	0x2018804,
-	0x2201c806,
-	0x22020807,
-	0x208c808,
-	0x20f8823,
-	0x211083e,
-	0x2124844,
-	0x2128849,
-	0x212c84a,
-	0x213484b,
-	0x214c84d,
-	0x2150853,
-	0x2174854,
-	0x21c485d,
-	0x21c8871,
-	0x221cc872,
-	0x21ec873,
-	0x21f087b,
-	0x21f487c,
-	0x222087d,
-	0x62224888,
-	0x2222c889,
-	0x2223088b,
-	0x227488c,
-	0x6227889d,
-	0x229489e,
-	0x22ec8a5,
-	0x222f08bb,
-	0x222f48bc,
-	0x222fc8bd,
-	0x223008bf,
-	0x223048c0,
-	0x23088c1,
-	0x23108c2,
-	0x23148c4,
-	0x223208c5,
-	0x223288c8,
-	0x23388ca,
-	0x23488ce,
-	0x23fc8d2,
-	0x24008ff,
-	0x22410900,
-	0x22414904,
-	0x2241c905,
-	0x2474907,
-	0x247891d,
-	0x247c91e,
-	0x248091f,
-	0x2a4c920,
-	0x2a50a93,
-	0x22af8a94,
-	0x22afcabe,
-	0x22b00abf,
-	0x22b0cac0,
-	0x22b10ac3,
-	0x22b1cac4,
-	0x22b20ac7,
-	0x22b24ac8,
-	0x22b28ac9,
-	0x22b2caca,
-	0x22b30acb,
-	0x22b3cacc,
+	0x17ac5e4,
+	0x17b05eb,
+	0x17b45ec,
+	0x17d45ed,
+	0x192c5f5,
+	0x194064b,
+	0x1954650,
+	0x1968655,
+	0x198465a,
+	0x19a8661,
+	0x19c066a,
+	0x1a0c670,
+	0x1a10683,
+	0x1a38684,
+	0x1a3c68e,
+	0x1a5468f,
+	0x1a58695,
+	0x1a5c696,
+	0x1aa0697,
+	0x1aa46a8,
+	0x1aa86a9,
+	0x21aac6aa,
+	0x61ab46ab,
+	0x21abc6ad,
+	0x1b046af,
+	0x1b106c1,
+	0x21b146c4,
+	0x1b386c5,
+	0x1b3c6ce,
+	0x1b506cf,
+	0x1b546d4,
+	0x1b746d5,
+	0x1ba46dd,
+	0x1bc46e9,
+	0x1bcc6f1,
+	0x1bf46f3,
+	0x1c106fd,
+	0x21c14704,
+	0x21c18705,
+	0x1c1c706,
+	0x1cb4707,
+	0x1cc872d,
+	0x1cdc732,
+	0x1d14737,
+	0x1d24745,
+	0x1d38749,
+	0x1d5074e,
+	0x1df4754,
+	0x202877d,
+	0x203080a,
+	0x2203480c,
+	0x2203880d,
+	0x20a480e,
+	0x2110829,
+	0x2128844,
+	0x213c84a,
+	0x214084f,
+	0x2144850,
+	0x214c851,
+	0x2164853,
+	0x2168859,
+	0x218485a,
+	0x21d8861,
+	0x21dc876,
+	0x221e0877,
+	0x2200878,
+	0x2204880,
+	0x2208881,
+	0x2238882,
+	0x6223c88e,
+	0x2224488f,
+	0x22248891,
+	0x228c892,
+	0x622908a3,
+	0x22a48a4,
+	0x23048a9,
+	0x223088c1,
+	0x2230c8c2,
+	0x223148c3,
+	0x223188c5,
+	0x2231c8c6,
+	0x23208c7,
+	0x23288c8,
+	0x232c8ca,
+	0x223388cb,
+	0x223408ce,
+	0x23508d0,
+	0x23608d4,
+	0x24148d8,
+	0x2418905,
+	0x22428906,
+	0x2242c90a,
+	0x2243490b,
+	0x249090d,
+	0x2494924,
+	0x2498925,
+	0x249c926,
+	0x2a90927,
+	0x2a94aa4,
+	0x22b3caa5,
 	0x22b40acf,
-	0x22b4cad0,
-	0x22b50ad3,
+	0x22b44ad0,
+	0x22b50ad1,
 	0x22b54ad4,
-	0x22b58ad5,
-	0x22b64ad6,
+	0x22b60ad5,
+	0x22b64ad8,
 	0x22b68ad9,
-	0x22b74ada,
-	0x22b78add,
-	0x22b7cade,
-	0x22b80adf,
-	0x2b84ae0,
-	0x22b88ae1,
-	0x22b94ae2,
+	0x22b6cada,
+	0x22b70adb,
+	0x22b74adc,
+	0x22b80add,
+	0x22b84ae0,
+	0x22b90ae1,
+	0x22b94ae4,
 	0x22b98ae5,
-	0x2b9cae6,
-	0x2ba4ae7,
-	0x62bb0ae9,
-	0x2bf4aec,
-	0x22c14afd,
-	0x22c18b05,
-	0x22c1cb06,
-	0x22c24b07,
-	0x22c2cb09,
-	0x22c30b0b,
-	0x22c34b0c,
-	0x22c3cb0d,
-	0x22c40b0f,
-	0x22c44b10,
-	0x2c48b11,
-	0x22c74b12,
-	0x22c78b1d,
+	0x22b9cae6,
+	0x22ba8ae7,
+	0x22bacaea,
+	0x22bb8aeb,
+	0x22bbcaee,
+	0x22bc0aef,
+	0x22bc4af0,
+	0x2bc8af1,
+	0x22bccaf2,
+	0x22bd8af3,
+	0x22bdcaf6,
+	0x2be0af7,
+	0x2be8af8,
+	0x62bf4afa,
+	0x22bfcafd,
+	0x2c40aff,
+	0x22c60b10,
+	0x22c64b18,
+	0x22c68b19,
+	0x22c70b1a,
+	0x22c78b1c,
 	0x22c7cb1e,
-	0x2c80b1f,
-	0x22c84b20,
-	0x22c88b21,
-	0x22c94b22,
-	0x22c98b25,
-	0x2c9cb26,
-	0x2ca4b27,
-	0x2cacb29,
-	0x2cb0b2b,
-	0x2cccb2c,
-	0x2ce4b33,
+	0x22c80b1f,
+	0x22c88b20,
+	0x22c8cb22,
+	0x22c90b23,
+	0x2c94b24,
+	0x22cc0b25,
+	0x22cc4b30,
+	0x22cc8b31,
+	0x2cccb32,
+	0x22cd0b33,
+	0x22cd4b34,
+	0x22ce0b35,
+	0x22ce4b38,
 	0x2ce8b39,
-	0x2cf8b3a,
-	0x2d04b3e,
-	0x2d38b41,
-	0x2d40b4e,
-	0x22d44b50,
-	0x2d5cb51,
-	0x22d64b57,
-	0x22d68b59,
-	0x22d70b5a,
-	0x2e74b5c,
-	0x22e78b9d,
-	0x2e80b9e,
-	0x2e84ba0,
-	0x22e88ba1,
-	0x2e8cba2,
-	0x2ed0ba3,
-	0x2ed4bb4,
-	0x2ed8bb5,
-	0x2ef0bb6,
-	0x2f04bbc,
-	0x2f2cbc1,
-	0x2f54bcb,
-	0x2f58bd5,
-	0x62f5cbd6,
-	0x2f90bd7,
-	0x2f94be4,
-	0x22f98be5,
-	0x2f9cbe6,
-	0x2fc4be7,
-	0x2fc8bf1,
-	0x2fecbf2,
-	0x2ff0bfb,
-	0x3004bfc,
-	0x3008c01,
-	0x300cc02,
-	0x302cc03,
-	0x304cc0b,
-	0x23050c13,
+	0x2cf0b3a,
+	0x2cfcb3c,
+	0x2d04b3f,
+	0x2d20b41,
+	0x2d38b48,
+	0x2d3cb4e,
+	0x2d4cb4f,
+	0x2d58b53,
+	0x2d8cb56,
+	0x2d94b63,
+	0x22d98b65,
+	0x2db0b66,
+	0x22db8b6c,
+	0x22dbcb6e,
+	0x22dc4b6f,
+	0x2ed0b71,
+	0x22ed4bb4,
+	0x2edcbb5,
+	0x2ee0bb7,
+	0x22ee4bb8,
+	0x2ee8bb9,
+	0x2f34bba,
+	0x2f38bcd,
+	0x2f3cbce,
+	0x2f58bcf,
+	0x2f6cbd6,
+	0x2f94bdb,
+	0x2fbcbe5,
+	0x2fc0bef,
+	0x62fc4bf0,
+	0x2ff4bf1,
+	0x2ff8bfd,
+	0x22ffcbfe,
+	0x3000bff,
+	0x3028c00,
+	0x302cc0a,
+	0x3050c0b,
 	0x3054c14,
-	0x23058c15,
-	0x305cc16,
-	0x3060c17,
-	0x3064c18,
-	0x3068c19,
-	0x3084c1a,
-	0x23088c21,
-	0x23090c22,
-	0x3094c24,
-	0x30bcc25,
-	0x30d0c2f,
-	0x3144c34,
-	0x3150c51,
-	0x3154c54,
-	0x3174c55,
-	0x318cc5d,
-	0x3190c63,
-	0x31a4c64,
-	0x31bcc69,
-	0x31dcc6f,
-	0x31f4c77,
-	0x31fcc7d,
-	0x3218c7f,
-	0x3234c86,
-	0x3238c8d,
-	0x3264c8e,
-	0x3284c99,
-	0x32a4ca1,
-	0x32a8ca9,
-	0x3310caa,
-	0x3330cc4,
-	0x3358ccc,
-	0x335ccd6,
-	0x3374cd7,
-	0x33b8cdd,
-	0x3438cee,
-	0x3478d0e,
-	0x347cd1e,
-	0x3488d1f,
-	0x34a8d22,
-	0x34b0d2a,
-	0x34d4d2c,
-	0x34dcd35,
-	0x351cd37,
-	0x3570d47,
-	0x3574d5c,
-	0x3678d5d,
-	0x23680d9e,
-	0x23684da0,
-	0x23688da1,
-	0x2368cda2,
-	0x23690da3,
-	0x3694da4,
-	0x23698da5,
-	0x2369cda6,
-	0x236a0da7,
-	0x36a4da8,
-	0x236a8da9,
-	0x236b8daa,
-	0x236bcdae,
-	0x236c0daf,
-	0x236c4db0,
-	0x236c8db1,
-	0x236ccdb2,
-	0x236d0db3,
-	0x36e8db4,
-	0x370cdba,
-	0x372cdc3,
-	0x3da0dcb,
-	0x23da4f68,
-	0x23da8f69,
-	0x23dacf6a,
-	0x23db0f6b,
-	0x3dc0f6c,
-	0x3de0f70,
-	0x3fa0f78,
-	0x4070fe8,
-	0x40e101c,
-	0x4139038,
-	0x422104e,
-	0x4279088,
-	0x42b509e,
-	0x43b10ad,
-	0x447d0ec,
-	0x451511f,
-	0x45a5145,
-	0x4609169,
-	0x4841182,
-	0x48f9210,
-	0x49c523e,
-	0x4a11271,
-	0x4a99284,
-	0x4ad52a6,
-	0x4b252b5,
-	0x4b9d2c9,
-	0x64ba12e7,
-	0x64ba52e8,
-	0x64ba92e9,
-	0x4c252ea,
-	0x4c81309,
-	0x4cfd320,
-	0x4d7533f,
-	0x4df535d,
-	0x4e6137d,
-	0x4f8d398,
-	0x4fe53e3,
-	0x64fe93f9,
-	0x50813fa,
-	0x5089420,
-	0x2508d422,
-	0x5115423,
-	0x5161445,
-	0x51c9458,
-	0x5271472,
-	0x533949c,
-	0x53a14ce,
-	0x54b54e8,
-	0x654b952d,
-	0x654bd52e,
-	0x551952f,
-	0x5575546,
-	0x560555d,
-	0x5681581,
-	0x56c55a0,
-	0x57a95b1,
-	0x57dd5ea,
-	0x583d5f7,
-	0x58b160f,
-	0x593962c,
-	0x597964e,
-	0x59e965e,
-	0x659ed67a,
-	0x5a1567b,
-	0x5a19685,
-	0x5a49686,
-	0x5a65692,
-	0x5aa9699,
-	0x5ab96aa,
-	0x5ad16ae,
-	0x5b496b4,
-	0x5b516d2,
-	0x5b6d6d4,
-	0x5b816db,
-	0x5ba56e0,
-	0x25ba96e9,
-	0x5bd56ea,
-	0x5bd96f5,
-	0x5be16f6,
+	0x306cc15,
+	0x3070c1b,
+	0x3074c1c,
+	0x3094c1d,
+	0x30b4c25,
+	0x230b8c2d,
+	0x30bcc2e,
+	0x230c0c2f,
+	0x30c4c30,
+	0x30c8c31,
+	0x30ccc32,
+	0x30d0c33,
+	0x30f0c34,
+	0x230f4c3c,
+	0x230fcc3d,
+	0x3100c3f,
+	0x3128c40,
+	0x313cc4a,
+	0x31bcc4f,
+	0x31c4c6f,
+	0x31c8c71,
+	0x31e4c72,
+	0x31fcc79,
+	0x3200c7f,
+	0x3214c80,
+	0x322cc85,
+	0x3248c8b,
+	0x3260c92,
+	0x3268c98,
+	0x3284c9a,
+	0x329cca1,
+	0x32a0ca7,
+	0x32c8ca8,
+	0x32e8cb2,
+	0x3304cba,
+	0x3308cc1,
+	0x336ccc2,
+	0x3388cdb,
+	0x33b0ce2,
+	0x33b4cec,
+	0x33ccced,
+	0x3410cf3,
+	0x3490d04,
+	0x34d0d24,
+	0x34d4d34,
+	0x34e0d35,
+	0x3500d38,
+	0x3508d40,
+	0x3528d42,
+	0x3530d4a,
+	0x3574d4c,
+	0x35c8d5d,
+	0x35ccd72,
+	0x36dcd73,
+	0x236e4db7,
+	0x236e8db9,
+	0x236ecdba,
+	0x236f0dbb,
+	0x236f4dbc,
+	0x36f8dbd,
+	0x236fcdbe,
+	0x23700dbf,
+	0x23704dc0,
+	0x3708dc1,
+	0x370cdc2,
+	0x23710dc3,
+	0x23720dc4,
+	0x23728dc8,
+	0x23730dca,
+	0x23734dcc,
+	0x2373cdcd,
+	0x23740dcf,
+	0x23744dd0,
+	0x375cdd1,
+	0x3780dd7,
+	0x37a0de0,
+	0x3e18de8,
+	0x23e1cf86,
+	0x23e20f87,
+	0x23e24f88,
+	0x23e28f89,
+	0x3e38f8a,
+	0x3e58f8e,
+	0x4018f96,
+	0x40e9006,
+	0x415903a,
+	0x41b1056,
+	0x429906c,
+	0x42f10a6,
+	0x432d0bc,
+	0x44290cb,
+	0x44f510a,
+	0x458d13d,
+	0x461d163,
+	0x4681187,
+	0x48b91a0,
+	0x497122e,
+	0x4a3d25c,
+	0x4a8928f,
+	0x4b112a2,
+	0x4b4d2c4,
+	0x4b9d2d3,
+	0x4c152e7,
+	0x64c19305,
+	0x64c1d306,
+	0x64c21307,
+	0x4c9d308,
+	0x4cf9327,
+	0x4d7533e,
+	0x4ded35d,
+	0x4e6d37b,
+	0x4ed939b,
+	0x50053b6,
+	0x505d401,
+	0x65061417,
+	0x50f9418,
+	0x510143e,
+	0x25105440,
+	0x518d441,
+	0x51d9463,
+	0x5241476,
+	0x52e9490,
+	0x53b14ba,
+	0x54194ec,
+	0x552d506,
+	0x6553154b,
+	0x6553554c,
+	0x559154d,
+	0x55ed564,
+	0x567d57b,
+	0x56f959f,
+	0x573d5be,
+	0x58215cf,
+	0x5855608,
+	0x58b5615,
+	0x592962d,
+	0x59b164a,
+	0x59f166c,
+	0x5a6167c,
+	0x65a65698,
+	0x5a89699,
+	0x5a8d6a2,
+	0x5abd6a3,
+	0x5ad96af,
+	0x5b1d6b6,
+	0x5b2d6c7,
+	0x5b456cb,
+	0x5bbd6d1,
+	0x5bc56ef,
+	0x5be16f1,
 	0x5bf56f8,
 	0x5c156fd,
-	0x5c25705,
-	0x5c31709,
-	0x5c6d70c,
-	0x5c7171b,
-	0x5c7971c,
-	0x5c8d71e,
-	0x5cb5723,
-	0x5cc172d,
-	0x5cc9730,
-	0x5cf1732,
-	0x5d1573c,
-	0x5d2d745,
-	0x5d3174b,
-	0x5d3974c,
-	0x5d4174e,
-	0x5d55750,
-	0x5e11755,
-	0x5e15784,
-	0x5e1d785,
-	0x5e21787,
-	0x5e45788,
-	0x5e69791,
-	0x5e8579a,
-	0x5e997a1,
-	0x5ead7a6,
-	0x5eb57ab,
-	0x5ebd7ad,
-	0x5ec57af,
-	0x5edd7b1,
-	0x5eed7b7,
-	0x5ef17bb,
-	0x5f0d7bc,
-	0x67957c3,
-	0x67cd9e5,
-	0x67f99f3,
-	0x68159fe,
-	0x6839a05,
-	0x6859a0e,
-	0x689da16,
-	0x68a5a27,
-	0x268a9a29,
-	0x268ada2a,
-	0x68b5a2b,
-	0x6ae5a2d,
-	0x6af9ab9,
-	0x26afdabe,
-	0x6b01abf,
-	0x6b09ac0,
-	0x26b15ac2,
-	0x26b25ac5,
-	0x26b2dac9,
-	0x26b39acb,
-	0x6b3dace,
-	0x26b41acf,
-	0x26b59ad0,
-	0x26b61ad6,
-	0x26b69ad8,
+	0x25c19705,
+	0x5c41706,
+	0x5c45710,
+	0x5c4d711,
+	0x5c61713,
+	0x5c7d718,
+	0x5c8571f,
+	0x5c91721,
+	0x5c95724,
+	0x5cd1725,
+	0x5cd5734,
+	0x5cdd735,
+	0x5cf1737,
+	0x5d1973c,
+	0x5d21746,
+	0x5d25748,
+	0x5d49749,
+	0x5d6d752,
+	0x5d8575b,
+	0x5d89761,
+	0x5d91762,
+	0x5d99764,
+	0x5dad766,
+	0x5e6976b,
+	0x5e6d79a,
+	0x5e7579b,
+	0x5e7979d,
+	0x5e9d79e,
+	0x5ebd7a7,
+	0x5ed97af,
+	0x5ee97b6,
+	0x5efd7ba,
+	0x5f057bf,
+	0x5f0d7c1,
+	0x5f117c3,
+	0x5f197c4,
+	0x5f357c6,
+	0x5f457cd,
+	0x5f497d1,
+	0x5f657d2,
+	0x67ed7d9,
+	0x68259fb,
+	0x6851a09,
+	0x6869a14,
+	0x688da1a,
+	0x68ada23,
+	0x68f1a2b,
+	0x68f9a3c,
+	0x268fda3e,
+	0x26901a3f,
+	0x6909a40,
+	0x6b4da42,
+	0x26b51ad3,
+	0x26b55ad4,
+	0x6b69ad5,
 	0x26b6dada,
-	0x26b75adb,
-	0x6b79add,
-	0x26b7dade,
-	0x6b81adf,
-	0x26b8dae0,
-	0x6b95ae3,
-	0x6ba9ae5,
+	0x6b71adb,
+	0x6b79adc,
+	0x26b85ade,
+	0x26b95ae1,
+	0x26b9dae5,
+	0x26ba9ae7,
 	0x6badaea,
-	0x6bd5aeb,
-	0x6c11af5,
-	0x6c15b04,
-	0x6c4db05,
-	0x6c71b13,
-	0x77c9b1c,
-	0x77cddf2,
-	0x77d1df3,
-	0x277d5df4,
-	0x77d9df5,
-	0x277dddf6,
-	0x77e1df7,
-	0x277eddf8,
-	0x77f1dfb,
-	0x77f5dfc,
-	0x277f9dfd,
-	0x77fddfe,
-	0x27805dff,
-	0x7809e01,
-	0x780de02,
-	0x2781de03,
-	0x7821e07,
-	0x7825e08,
-	0x7829e09,
-	0x782de0a,
-	0x27831e0b,
-	0x7835e0c,
-	0x7839e0d,
-	0x783de0e,
-	0x7841e0f,
-	0x27849e10,
-	0x784de12,
+	0x26bb1aeb,
+	0x26bc9aec,
+	0x26bd1af2,
+	0x26bd9af4,
+	0x26bddaf6,
+	0x26be5af7,
+	0x6be9af9,
+	0x26bedafa,
+	0x6bf1afb,
+	0x26bfdafc,
+	0x6c05aff,
+	0x6c19b01,
+	0x6c1db06,
+	0x6c45b07,
+	0x6c81b11,
+	0x6c85b20,
+	0x6cbdb21,
+	0x6ce5b2f,
+	0x7841b39,
+	0x7845e10,
+	0x7849e11,
+	0x2784de12,
 	0x7851e13,
-	0x7855e14,
-	0x27859e15,
-	0x785de16,
-	0x27865e17,
-	0x27869e19,
-	0x7885e1a,
-	0x789de21,
-	0x78e1e27,
-	0x78e5e38,
-	0x7909e39,
-	0x791de42,
-	0x7921e47,
-	0x7925e48,
-	0x7ae9e49,
-	0x27aedeba,
-	0x27af5ebb,
-	0x27af9ebd,
-	0x27afdebe,
-	0x7b05ebf,
-	0x7be1ec1,
-	0x27bedef8,
-	0x27bf1efb,
-	0x27bf5efc,
-	0x27bf9efd,
-	0x7bfdefe,
-	0x7c29eff,
-	0x7c39f0a,
-	0x7c3df0e,
-	0x7c61f0f,
-	0x7c6df18,
-	0x7c8df1b,
-	0x7c91f23,
-	0x7cc9f24,
-	0x7f85f32,
-	0x8041fe1,
-	0x8046010,
-	0x804a011,
-	0x805e012,
-	0x8062017,
-	0x8096018,
-	0x80ce025,
-	0x280d2033,
-	0x80ee034,
-	0x811603b,
-	0x811a045,
-	0x813e046,
-	0x815a04f,
-	0x8182056,
-	0x8192060,
-	0x8196064,
-	0x819a065,
-	0x81d6066,
-	0x81e2075,
-	0x820a078,
-	0x82ae082,
-	0x282b20ab,
-	0x82b60ac,
-	0x82c60ad,
-	0x282ca0b1,
-	0x82de0b2,
-	0x82fa0b7,
-	0x831a0be,
-	0x831e0c6,
-	0x83320c7,
-	0x83460cc,
-	0x834a0d1,
-	0x83520d2,
-	0x83560d4,
-	0x83760d5,
-	0x84220dd,
-	0x8426108,
-	0x8446109,
-	0x8472111,
-	0x2848211c,
-	0x8486120,
-	0x8496121,
-	0x84d6125,
-	0x84de135,
-	0x84f2137,
-	0x851213c,
-	0x852e144,
-	0x853a14b,
-	0x855a14e,
-	0x858e156,
-	0x8596163,
-	0x866a165,
-	0x866e19a,
-	0x868219b,
-	0x868a1a0,
-	0x86a21a2,
-	0x86a61a8,
-	0x86b21a9,
-	0x86be1ac,
-	0x86c21af,
-	0x86ca1b0,
-	0x86ce1b2,
-	0x86f21b3,
-	0x87321bc,
-	0x87361cc,
-	0x87561cd,
-	0x87aa1d5,
-	0x87da1ea,
-	0x287de1f6,
-	0x87e61f7,
-	0x883e1f9,
-	0x884220f,
-	0x8846210,
-	0x884a211,
-	0x888e212,
-	0x889e223,
-	0x88de227,
-	0x88e2237,
-	0x8912238,
-	0x8a5e244,
-	0x8a86297,
-	0x8ac22a1,
-	0x8aea2b0,
-	0x28af22ba,
-	0x28af62bc,
-	0x28afa2bd,
-	0x8b022be,
-	0x8b0e2c0,
-	0x8c322c3,
-	0x8c3e30c,
-	0x8c4a30f,
-	0x8c56312,
-	0x8c62315,
-	0x8c6e318,
-	0x8c7a31b,
-	0x8c8631e,
-	0x8c92321,
-	0x8c9e324,
-	0x8caa327,
-	0x28cae32a,
-	0x8cba32b,
-	0x8cc632e,
-	0x8cd2331,
-	0x8cda334,
+	0x27855e14,
+	0x7859e15,
+	0x27865e16,
+	0x7869e19,
+	0x786de1a,
+	0x27871e1b,
+	0x7875e1c,
+	0x2787de1d,
+	0x7881e1f,
+	0x7885e20,
+	0x27895e21,
+	0x7899e25,
+	0x789de26,
+	0x78a1e27,
+	0x78a5e28,
+	0x278a9e29,
+	0x78ade2a,
+	0x78b1e2b,
+	0x78b5e2c,
+	0x78b9e2d,
+	0x278c1e2e,
+	0x78c5e30,
+	0x78c9e31,
+	0x78cde32,
+	0x278d1e33,
+	0x78d5e34,
+	0x278dde35,
+	0x278e1e37,
+	0x78fde38,
+	0x790de3f,
+	0x794de43,
+	0x7951e53,
+	0x7975e54,
+	0x7989e5d,
+	0x798de62,
+	0x7999e63,
+	0x7b61e66,
+	0x27b65ed8,
+	0x27b6ded9,
+	0x27b71edb,
+	0x27b75edc,
+	0x7b7dedd,
+	0x7c59edf,
+	0x27c65f16,
+	0x27c69f19,
+	0x27c6df1a,
+	0x27c71f1b,
+	0x7c75f1c,
+	0x7ca1f1d,
+	0x7cb9f28,
+	0x7cbdf2e,
+	0x7cddf2f,
+	0x7ce9f37,
+	0x7d09f3a,
+	0x7d0df42,
+	0x7d45f43,
+	0x800df51,
+	0x80ca003,
+	0x80ce032,
+	0x80d2033,
+	0x80e6034,
+	0x80ea039,
+	0x811e03a,
+	0x8156047,
+	0x2815a055,
+	0x8176056,
+	0x819a05d,
+	0x819e066,
+	0x81be067,
+	0x81da06f,
+	0x81fe076,
+	0x820e07f,
+	0x8212083,
+	0x8216084,
+	0x824e085,
+	0x825a093,
+	0x8282096,
+	0x282860a0,
+	0x83220a1,
+	0x283260c8,
+	0x832a0c9,
+	0x833a0ca,
+	0x2833e0ce,
+	0x83520cf,
+	0x836e0d4,
+	0x838e0db,
+	0x83920e3,
+	0x83a60e4,
+	0x83ba0e9,
+	0x83be0ee,
+	0x83c60ef,
+	0x83ca0f1,
+	0x83ea0f2,
+	0x84a20fa,
+	0x284a6128,
+	0x84aa129,
+	0x84ca12a,
+	0x84f6132,
+	0x2850613d,
+	0x850a141,
+	0x8516142,
+	0x855a145,
+	0x855e156,
+	0x8572157,
+	0x859215c,
+	0x85ae164,
+	0x85ba16b,
+	0x85da16e,
+	0x860a176,
+	0x8616182,
+	0x86e6185,
+	0x86ea1b9,
+	0x86fe1ba,
+	0x87021bf,
+	0x871a1c0,
+	0x871e1c6,
+	0x872a1c7,
+	0x87361ca,
+	0x873a1cd,
+	0x87421ce,
+	0x87461d0,
+	0x876a1d1,
+	0x87a61da,
+	0x87aa1e9,
+	0x87ca1ea,
+	0x881e1f2,
+	0x884e207,
+	0x28852213,
+	0x885a214,
+	0x88b2216,
+	0x88b622c,
+	0x88ba22d,
+	0x88be22e,
+	0x890222f,
+	0x8912240,
+	0x894e244,
+	0x8952253,
+	0x8982254,
+	0x8ace260,
+	0x8af22b3,
+	0x8b322bc,
+	0x8b622cc,
+	0x28b6a2d8,
+	0x28b6e2da,
+	0x28b722db,
+	0x8b7a2dc,
+	0x8b862de,
+	0x8caa2e1,
+	0x8cb632a,
+	0x8cc232d,
+	0x8cce330,
+	0x8cda333,
 	0x8ce6336,
 	0x8cf2339,
 	0x8cfe33c,
 	0x8d0a33f,
 	0x8d16342,
 	0x8d22345,
-	0x8d2e348,
-	0x8d3a34b,
-	0x8d4634e,
-	0x8d52351,
+	0x28d26348,
+	0x8d32349,
+	0x8d3e34c,
+	0x8d4a34f,
+	0x8d52352,
 	0x8d5e354,
-	0x8d8a357,
-	0x8d96362,
-	0x8da2365,
-	0x8dae368,
-	0x8dba36b,
-	0x8dc636e,
-	0x8dce371,
-	0x8dda373,
-	0x8de6376,
-	0x8df2379,
-	0x8dfe37c,
-	0x8e0a37f,
-	0x8e16382,
-	0x8e22385,
-	0x8e2e388,
-	0x8e3a38b,
-	0x8e4638e,
+	0x8d6a357,
+	0x8d7635a,
+	0x8d8235d,
+	0x8d8e360,
+	0x8d9a363,
+	0x8da6366,
+	0x8db2369,
+	0x8dbe36c,
+	0x8dca36f,
+	0x8dd6372,
+	0x8e02375,
+	0x8e0e380,
+	0x8e1a383,
+	0x8e26386,
+	0x8e32389,
+	0x8e3e38c,
+	0x8e4638f,
 	0x8e52391,
-	0x8e5a394,
-	0x8e66396,
-	0x8e6e399,
-	0x8e7a39b,
-	0x8e8639e,
-	0x8e923a1,
-	0x8e9e3a4,
-	0x8eaa3a7,
-	0x8eb63aa,
-	0x8ec23ad,
-	0x8ece3b0,
-	0x8ed23b3,
+	0x8e5e394,
+	0x8e6a397,
+	0x8e7639a,
+	0x8e8239d,
+	0x8e8e3a0,
+	0x8e9a3a3,
+	0x8ea63a6,
+	0x8eb23a9,
+	0x8ebe3ac,
+	0x8eca3af,
+	0x8ed23b2,
 	0x8ede3b4,
-	0x8efa3b7,
-	0x8efe3be,
-	0x8f0e3bf,
-	0x8f323c3,
-	0x8f363cc,
-	0x8f7a3cd,
-	0x8f823de,
-	0x8f963e0,
-	0x8fca3e5,
-	0x8fea3f2,
-	0x8fee3fa,
-	0x8ff63fb,
-	0x901a3fd,
-	0x9032406,
-	0x904a40c,
-	0x9062412,
-	0x908a418,
-	0x909e422,
-	0x90b6427,
-	0x90ba42d,
-	0x2910242e,
-	0x9106440,
-	0x9132441,
-	0x914244c,
-	0x9156450,
+	0x8ee63b7,
+	0x8ef23b9,
+	0x8efe3bc,
+	0x8f0a3bf,
+	0x8f163c2,
+	0x8f223c5,
+	0x8f2e3c8,
+	0x8f3a3cb,
+	0x8f463ce,
+	0x8f4a3d1,
+	0x8f563d2,
+	0x8f6e3d5,
+	0x8f723db,
+	0x8f823dc,
+	0x8fa23e0,
+	0x8fa63e8,
+	0x8ff63e9,
+	0x8ffa3fd,
+	0x900e3fe,
+	0x9042403,
+	0x9062410,
+	0x9066418,
+	0x906e419,
+	0x909241b,
+	0x90aa424,
+	0x90c242a,
+	0x90da430,
+	0x9102436,
+	0x9116440,
+	0x912e445,
+	0x913244b,
+	0x2917a44c,
+	0x917e45e,
+	0x91aa45f,
+	0x91ba46a,
+	0x91ce46e,
 }
 
-// max children 654 (capacity 1023)
-// max text offset 31758 (capacity 32767)
+// max children 662 (capacity 1023)
+// max text offset 32015 (capacity 32767)
 // max text length 36 (capacity 63)
-// max hi 9301 (capacity 16383)
-// max lo 9296 (capacity 16383)
+// max hi 9331 (capacity 16383)
+// max lo 9326 (capacity 16383)
diff --git a/vendor/golang.org/x/oauth2/google/google.go b/vendor/golang.org/x/oauth2/google/google.go
index 41ced10acdf..ccc23ee0aef 100644
--- a/vendor/golang.org/x/oauth2/google/google.go
+++ b/vendor/golang.org/x/oauth2/google/google.go
@@ -92,9 +92,10 @@ func JWTConfigFromJSON(jsonKey []byte, scope ...string) (*jwt.Config, error) {
 
 // JSON key file types.
 const (
-	serviceAccountKey  = "service_account"
-	userCredentialsKey = "authorized_user"
-	externalAccountKey = "external_account"
+	serviceAccountKey          = "service_account"
+	userCredentialsKey         = "authorized_user"
+	externalAccountKey         = "external_account"
+	impersonatedServiceAccount = "impersonated_service_account"
 )
 
 // credentialsFile is the unmarshalled representation of a credentials file.
@@ -121,9 +122,13 @@ type credentialsFile struct {
 	TokenURLExternal               string                           `json:"token_url"`
 	TokenInfoURL                   string                           `json:"token_info_url"`
 	ServiceAccountImpersonationURL string                           `json:"service_account_impersonation_url"`
+	Delegates                      []string                         `json:"delegates"`
 	CredentialSource               externalaccount.CredentialSource `json:"credential_source"`
 	QuotaProjectID                 string                           `json:"quota_project_id"`
 	WorkforcePoolUserProject       string                           `json:"workforce_pool_user_project"`
+
+	// Service account impersonation
+	SourceCredentials *credentialsFile `json:"source_credentials"`
 }
 
 func (f *credentialsFile) jwtConfig(scopes []string, subject string) *jwt.Config {
@@ -180,6 +185,23 @@ func (f *credentialsFile) tokenSource(ctx context.Context, params CredentialsPar
 			WorkforcePoolUserProject:       f.WorkforcePoolUserProject,
 		}
 		return cfg.TokenSource(ctx)
+	case impersonatedServiceAccount:
+		if f.ServiceAccountImpersonationURL == "" || f.SourceCredentials == nil {
+			return nil, errors.New("missing 'source_credentials' field or 'service_account_impersonation_url' in credentials")
+		}
+
+		ts, err := f.SourceCredentials.tokenSource(ctx, params)
+		if err != nil {
+			return nil, err
+		}
+		imp := externalaccount.ImpersonateTokenSource{
+			Ctx:       ctx,
+			URL:       f.ServiceAccountImpersonationURL,
+			Scopes:    params.Scopes,
+			Ts:        ts,
+			Delegates: f.Delegates,
+		}
+		return oauth2.ReuseTokenSource(nil, imp), nil
 	case "":
 		return nil, errors.New("missing 'type' field in credentials")
 	default:
diff --git a/vendor/golang.org/x/oauth2/google/internal/externalaccount/basecredentials.go b/vendor/golang.org/x/oauth2/google/internal/externalaccount/basecredentials.go
index a1e36c0c700..bc3ce53172a 100644
--- a/vendor/golang.org/x/oauth2/google/internal/externalaccount/basecredentials.go
+++ b/vendor/golang.org/x/oauth2/google/internal/externalaccount/basecredentials.go
@@ -140,11 +140,11 @@ func (c *Config) tokenSource(ctx context.Context, tokenURLValidPats []*regexp.Re
 	}
 	scopes := c.Scopes
 	ts.conf.Scopes = []string{"https://www.googleapis.com/auth/cloud-platform"}
-	imp := impersonateTokenSource{
-		ctx:    ctx,
-		url:    c.ServiceAccountImpersonationURL,
-		scopes: scopes,
-		ts:     oauth2.ReuseTokenSource(nil, ts),
+	imp := ImpersonateTokenSource{
+		Ctx:    ctx,
+		URL:    c.ServiceAccountImpersonationURL,
+		Scopes: scopes,
+		Ts:     oauth2.ReuseTokenSource(nil, ts),
 	}
 	return oauth2.ReuseTokenSource(nil, imp), nil
 }
diff --git a/vendor/golang.org/x/oauth2/google/internal/externalaccount/impersonate.go b/vendor/golang.org/x/oauth2/google/internal/externalaccount/impersonate.go
index 64edb560013..8251fc85e00 100644
--- a/vendor/golang.org/x/oauth2/google/internal/externalaccount/impersonate.go
+++ b/vendor/golang.org/x/oauth2/google/internal/externalaccount/impersonate.go
@@ -29,30 +29,44 @@ type impersonateTokenResponse struct {
 	ExpireTime  string `json:"expireTime"`
 }
 
-type impersonateTokenSource struct {
-	ctx context.Context
-	ts  oauth2.TokenSource
+// ImpersonateTokenSource uses a source credential, stored in Ts, to request an access token to the provided URL.
+// Scopes can be defined when the access token is requested.
+type ImpersonateTokenSource struct {
+	// Ctx is the execution context of the impersonation process
+	// used to perform http call to the URL. Required
+	Ctx context.Context
+	// Ts is the source credential used to generate a token on the
+	// impersonated service account. Required.
+	Ts oauth2.TokenSource
 
-	url    string
-	scopes []string
+	// URL is the endpoint to call to generate a token
+	// on behalf the service account. Required.
+	URL string
+	// Scopes that the impersonated credential should have. Required.
+	Scopes []string
+	// Delegates are the service account email addresses in a delegation chain.
+	// Each service account must be granted roles/iam.serviceAccountTokenCreator
+	// on the next service account in the chain. Optional.
+	Delegates []string
 }
 
 // Token performs the exchange to get a temporary service account token to allow access to GCP.
-func (its impersonateTokenSource) Token() (*oauth2.Token, error) {
+func (its ImpersonateTokenSource) Token() (*oauth2.Token, error) {
 	reqBody := generateAccessTokenReq{
-		Lifetime: "3600s",
-		Scope:    its.scopes,
+		Lifetime:  "3600s",
+		Scope:     its.Scopes,
+		Delegates: its.Delegates,
 	}
 	b, err := json.Marshal(reqBody)
 	if err != nil {
 		return nil, fmt.Errorf("oauth2/google: unable to marshal request: %v", err)
 	}
-	client := oauth2.NewClient(its.ctx, its.ts)
-	req, err := http.NewRequest("POST", its.url, bytes.NewReader(b))
+	client := oauth2.NewClient(its.Ctx, its.Ts)
+	req, err := http.NewRequest("POST", its.URL, bytes.NewReader(b))
 	if err != nil {
 		return nil, fmt.Errorf("oauth2/google: unable to create impersonation request: %v", err)
 	}
-	req = req.WithContext(its.ctx)
+	req = req.WithContext(its.Ctx)
 	req.Header.Set("Content-Type", "application/json")
 
 	resp, err := client.Do(req)
diff --git a/vendor/golang.org/x/sys/cpu/cpu_x86.go b/vendor/golang.org/x/sys/cpu/cpu_x86.go
index 5ea287b7eca..f5aacfc825d 100644
--- a/vendor/golang.org/x/sys/cpu/cpu_x86.go
+++ b/vendor/golang.org/x/sys/cpu/cpu_x86.go
@@ -90,9 +90,10 @@ func archInit() {
 		osSupportsAVX = isSet(1, eax) && isSet(2, eax)
 
 		if runtime.GOOS == "darwin" {
-			// Check darwin commpage for AVX512 support. Necessary because:
-			// https://github.com/apple/darwin-xnu/blob/0a798f6738bc1db01281fc08ae024145e84df927/osfmk/i386/fpu.c#L175-L201
-			osSupportsAVX512 = osSupportsAVX && darwinSupportsAVX512()
+			// Darwin doesn't save/restore AVX-512 mask registers correctly across signal handlers.
+			// Since users can't rely on mask register contents, let's not advertise AVX-512 support.
+			// See issue 49233.
+			osSupportsAVX512 = false
 		} else {
 			// Check if OPMASK and ZMM registers have OS support.
 			osSupportsAVX512 = osSupportsAVX && isSet(5, eax) && isSet(6, eax) && isSet(7, eax)
diff --git a/vendor/golang.org/x/sys/cpu/cpu_x86.s b/vendor/golang.org/x/sys/cpu/cpu_x86.s
index b748ba52f7c..39acab2ff5c 100644
--- a/vendor/golang.org/x/sys/cpu/cpu_x86.s
+++ b/vendor/golang.org/x/sys/cpu/cpu_x86.s
@@ -26,27 +26,3 @@ TEXT ·xgetbv(SB),NOSPLIT,$0-8
 	MOVL AX, eax+0(FP)
 	MOVL DX, edx+4(FP)
 	RET
-
-// func darwinSupportsAVX512() bool
-TEXT ·darwinSupportsAVX512(SB), NOSPLIT, $0-1
-    MOVB    $0, ret+0(FP) // default to false
-#ifdef GOOS_darwin   // return if not darwin
-#ifdef GOARCH_amd64  // return if not amd64
-// These values from:
-// https://github.com/apple/darwin-xnu/blob/xnu-4570.1.46/osfmk/i386/cpu_capabilities.h
-#define commpage64_base_address         0x00007fffffe00000
-#define commpage64_cpu_capabilities64   (commpage64_base_address+0x010)
-#define commpage64_version              (commpage64_base_address+0x01E)
-#define hasAVX512F                      0x0000004000000000
-    MOVQ    $commpage64_version, BX
-    CMPW    (BX), $13  // cpu_capabilities64 undefined in versions < 13
-    JL      no_avx512
-    MOVQ    $commpage64_cpu_capabilities64, BX
-    MOVQ    $hasAVX512F, CX
-    TESTQ   (BX), CX
-    JZ      no_avx512
-    MOVB    $1, ret+0(FP)
-no_avx512:
-#endif
-#endif
-    RET
diff --git a/vendor/golang.org/x/sys/unix/README.md b/vendor/golang.org/x/sys/unix/README.md
index 474efad0e03..7d3c060e122 100644
--- a/vendor/golang.org/x/sys/unix/README.md
+++ b/vendor/golang.org/x/sys/unix/README.md
@@ -149,7 +149,7 @@ To add a constant, add the header that includes it to the appropriate variable.
 Then, edit the regex (if necessary) to match the desired constant. Avoid making
 the regex too broad to avoid matching unintended constants.
 
-### mkmerge.go
+### internal/mkmerge
 
 This program is used to extract duplicate const, func, and type declarations
 from the generated architecture-specific files listed below, and merge these
diff --git a/vendor/golang.org/x/sys/unix/mkall.sh b/vendor/golang.org/x/sys/unix/mkall.sh
index 396aadf86de..ee73623489b 100644
--- a/vendor/golang.org/x/sys/unix/mkall.sh
+++ b/vendor/golang.org/x/sys/unix/mkall.sh
@@ -50,7 +50,7 @@ if [[ "$GOOS" = "linux" ]]; then
 	# Use the Docker-based build system
 	# Files generated through docker (use $cmd so you can Ctl-C the build or run)
 	$cmd docker build --tag generate:$GOOS $GOOS
-	$cmd docker run --interactive --tty --volume $(cd -- "$(dirname -- "$0")" && /bin/pwd):/build generate:$GOOS
+	$cmd docker run --interactive --tty --volume $(cd -- "$(dirname -- "$0")/.." && /bin/pwd):/build generate:$GOOS
 	exit
 fi
 
diff --git a/vendor/golang.org/x/sys/unix/mkerrors.sh b/vendor/golang.org/x/sys/unix/mkerrors.sh
index a74ef58f8c6..4945739ea0a 100644
--- a/vendor/golang.org/x/sys/unix/mkerrors.sh
+++ b/vendor/golang.org/x/sys/unix/mkerrors.sh
@@ -239,6 +239,7 @@ struct ltchars {
 #include <linux/magic.h>
 #include <linux/memfd.h>
 #include <linux/module.h>
+#include <linux/mount.h>
 #include <linux/netfilter/nfnetlink.h>
 #include <linux/netlink.h>
 #include <linux/net_namespace.h>
@@ -520,7 +521,7 @@ ccflags="$@"
 		$2 ~ /^HW_MACHINE$/ ||
 		$2 ~ /^SYSCTL_VERS/ ||
 		$2 !~ "MNT_BITS" &&
-		$2 ~ /^(MS|MNT|UMOUNT)_/ ||
+		$2 ~ /^(MS|MNT|MOUNT|UMOUNT)_/ ||
 		$2 ~ /^NS_GET_/ ||
 		$2 ~ /^TUN(SET|GET|ATTACH|DETACH)/ ||
 		$2 ~ /^(O|F|[ES]?FD|NAME|S|PTRACE|PT|TFD)_/ ||
diff --git a/vendor/golang.org/x/sys/unix/sockcmsg_linux.go b/vendor/golang.org/x/sys/unix/sockcmsg_linux.go
index 8bf45705947..5f63147e06c 100644
--- a/vendor/golang.org/x/sys/unix/sockcmsg_linux.go
+++ b/vendor/golang.org/x/sys/unix/sockcmsg_linux.go
@@ -34,3 +34,52 @@ func ParseUnixCredentials(m *SocketControlMessage) (*Ucred, error) {
 	ucred := *(*Ucred)(unsafe.Pointer(&m.Data[0]))
 	return &ucred, nil
 }
+
+// PktInfo4 encodes Inet4Pktinfo into a socket control message of type IP_PKTINFO.
+func PktInfo4(info *Inet4Pktinfo) []byte {
+	b := make([]byte, CmsgSpace(SizeofInet4Pktinfo))
+	h := (*Cmsghdr)(unsafe.Pointer(&b[0]))
+	h.Level = SOL_IP
+	h.Type = IP_PKTINFO
+	h.SetLen(CmsgLen(SizeofInet4Pktinfo))
+	*(*Inet4Pktinfo)(h.data(0)) = *info
+	return b
+}
+
+// PktInfo6 encodes Inet6Pktinfo into a socket control message of type IPV6_PKTINFO.
+func PktInfo6(info *Inet6Pktinfo) []byte {
+	b := make([]byte, CmsgSpace(SizeofInet6Pktinfo))
+	h := (*Cmsghdr)(unsafe.Pointer(&b[0]))
+	h.Level = SOL_IPV6
+	h.Type = IPV6_PKTINFO
+	h.SetLen(CmsgLen(SizeofInet6Pktinfo))
+	*(*Inet6Pktinfo)(h.data(0)) = *info
+	return b
+}
+
+// ParseOrigDstAddr decodes a socket control message containing the original
+// destination address. To receive such a message the IP_RECVORIGDSTADDR or
+// IPV6_RECVORIGDSTADDR option must be enabled on the socket.
+func ParseOrigDstAddr(m *SocketControlMessage) (Sockaddr, error) {
+	switch {
+	case m.Header.Level == SOL_IP && m.Header.Type == IP_ORIGDSTADDR:
+		pp := (*RawSockaddrInet4)(unsafe.Pointer(&m.Data[0]))
+		sa := new(SockaddrInet4)
+		p := (*[2]byte)(unsafe.Pointer(&pp.Port))
+		sa.Port = int(p[0])<<8 + int(p[1])
+		sa.Addr = pp.Addr
+		return sa, nil
+
+	case m.Header.Level == SOL_IPV6 && m.Header.Type == IPV6_ORIGDSTADDR:
+		pp := (*RawSockaddrInet6)(unsafe.Pointer(&m.Data[0]))
+		sa := new(SockaddrInet6)
+		p := (*[2]byte)(unsafe.Pointer(&pp.Port))
+		sa.Port = int(p[0])<<8 + int(p[1])
+		sa.ZoneId = pp.Scope_id
+		sa.Addr = pp.Addr
+		return sa, nil
+
+	default:
+		return nil, EINVAL
+	}
+}
diff --git a/vendor/golang.org/x/sys/unix/syscall_aix.go b/vendor/golang.org/x/sys/unix/syscall_aix.go
index d8efb715ff1..6192750ce31 100644
--- a/vendor/golang.org/x/sys/unix/syscall_aix.go
+++ b/vendor/golang.org/x/sys/unix/syscall_aix.go
@@ -70,9 +70,7 @@ func (sa *SockaddrInet4) sockaddr() (unsafe.Pointer, _Socklen, error) {
 	p := (*[2]byte)(unsafe.Pointer(&sa.raw.Port))
 	p[0] = byte(sa.Port >> 8)
 	p[1] = byte(sa.Port)
-	for i := 0; i < len(sa.Addr); i++ {
-		sa.raw.Addr[i] = sa.Addr[i]
-	}
+	sa.raw.Addr = sa.Addr
 	return unsafe.Pointer(&sa.raw), SizeofSockaddrInet4, nil
 }
 
@@ -85,9 +83,7 @@ func (sa *SockaddrInet6) sockaddr() (unsafe.Pointer, _Socklen, error) {
 	p[0] = byte(sa.Port >> 8)
 	p[1] = byte(sa.Port)
 	sa.raw.Scope_id = sa.ZoneId
-	for i := 0; i < len(sa.Addr); i++ {
-		sa.raw.Addr[i] = sa.Addr[i]
-	}
+	sa.raw.Addr = sa.Addr
 	return unsafe.Pointer(&sa.raw), SizeofSockaddrInet6, nil
 }
 
@@ -261,9 +257,7 @@ func anyToSockaddr(fd int, rsa *RawSockaddrAny) (Sockaddr, error) {
 		sa := new(SockaddrInet4)
 		p := (*[2]byte)(unsafe.Pointer(&pp.Port))
 		sa.Port = int(p[0])<<8 + int(p[1])
-		for i := 0; i < len(sa.Addr); i++ {
-			sa.Addr[i] = pp.Addr[i]
-		}
+		sa.Addr = pp.Addr
 		return sa, nil
 
 	case AF_INET6:
@@ -272,9 +266,7 @@ func anyToSockaddr(fd int, rsa *RawSockaddrAny) (Sockaddr, error) {
 		p := (*[2]byte)(unsafe.Pointer(&pp.Port))
 		sa.Port = int(p[0])<<8 + int(p[1])
 		sa.ZoneId = pp.Scope_id
-		for i := 0; i < len(sa.Addr); i++ {
-			sa.Addr[i] = pp.Addr[i]
-		}
+		sa.Addr = pp.Addr
 		return sa, nil
 	}
 	return nil, EAFNOSUPPORT
@@ -385,6 +377,11 @@ func (w WaitStatus) TrapCause() int { return -1 }
 
 //sys	fcntl(fd int, cmd int, arg int) (val int, err error)
 
+//sys	fsyncRange(fd int, how int, start int64, length int64) (err error) = fsync_range
+func Fsync(fd int) error {
+	return fsyncRange(fd, O_SYNC, 0, 0)
+}
+
 /*
  * Direct access
  */
@@ -401,7 +398,6 @@ func (w WaitStatus) TrapCause() int { return -1 }
 //sys	Fchmodat(dirfd int, path string, mode uint32, flags int) (err error)
 //sys	Fchownat(dirfd int, path string, uid int, gid int, flags int) (err error)
 //sys	Fdatasync(fd int) (err error)
-//sys	Fsync(fd int) (err error)
 // readdir_r
 //sysnb	Getpgid(pid int) (pgid int, err error)
 
diff --git a/vendor/golang.org/x/sys/unix/syscall_bsd.go b/vendor/golang.org/x/sys/unix/syscall_bsd.go
index 95ac3946b5c..0ce45232611 100644
--- a/vendor/golang.org/x/sys/unix/syscall_bsd.go
+++ b/vendor/golang.org/x/sys/unix/syscall_bsd.go
@@ -163,9 +163,7 @@ func (sa *SockaddrInet4) sockaddr() (unsafe.Pointer, _Socklen, error) {
 	p := (*[2]byte)(unsafe.Pointer(&sa.raw.Port))
 	p[0] = byte(sa.Port >> 8)
 	p[1] = byte(sa.Port)
-	for i := 0; i < len(sa.Addr); i++ {
-		sa.raw.Addr[i] = sa.Addr[i]
-	}
+	sa.raw.Addr = sa.Addr
 	return unsafe.Pointer(&sa.raw), _Socklen(sa.raw.Len), nil
 }
 
@@ -179,9 +177,7 @@ func (sa *SockaddrInet6) sockaddr() (unsafe.Pointer, _Socklen, error) {
 	p[0] = byte(sa.Port >> 8)
 	p[1] = byte(sa.Port)
 	sa.raw.Scope_id = sa.ZoneId
-	for i := 0; i < len(sa.Addr); i++ {
-		sa.raw.Addr[i] = sa.Addr[i]
-	}
+	sa.raw.Addr = sa.Addr
 	return unsafe.Pointer(&sa.raw), _Socklen(sa.raw.Len), nil
 }
 
@@ -210,9 +206,7 @@ func (sa *SockaddrDatalink) sockaddr() (unsafe.Pointer, _Socklen, error) {
 	sa.raw.Nlen = sa.Nlen
 	sa.raw.Alen = sa.Alen
 	sa.raw.Slen = sa.Slen
-	for i := 0; i < len(sa.raw.Data); i++ {
-		sa.raw.Data[i] = sa.Data[i]
-	}
+	sa.raw.Data = sa.Data
 	return unsafe.Pointer(&sa.raw), SizeofSockaddrDatalink, nil
 }
 
@@ -228,9 +222,7 @@ func anyToSockaddr(fd int, rsa *RawSockaddrAny) (Sockaddr, error) {
 		sa.Nlen = pp.Nlen
 		sa.Alen = pp.Alen
 		sa.Slen = pp.Slen
-		for i := 0; i < len(sa.Data); i++ {
-			sa.Data[i] = pp.Data[i]
-		}
+		sa.Data = pp.Data
 		return sa, nil
 
 	case AF_UNIX:
@@ -262,9 +254,7 @@ func anyToSockaddr(fd int, rsa *RawSockaddrAny) (Sockaddr, error) {
 		sa := new(SockaddrInet4)
 		p := (*[2]byte)(unsafe.Pointer(&pp.Port))
 		sa.Port = int(p[0])<<8 + int(p[1])
-		for i := 0; i < len(sa.Addr); i++ {
-			sa.Addr[i] = pp.Addr[i]
-		}
+		sa.Addr = pp.Addr
 		return sa, nil
 
 	case AF_INET6:
@@ -273,9 +263,7 @@ func anyToSockaddr(fd int, rsa *RawSockaddrAny) (Sockaddr, error) {
 		p := (*[2]byte)(unsafe.Pointer(&pp.Port))
 		sa.Port = int(p[0])<<8 + int(p[1])
 		sa.ZoneId = pp.Scope_id
-		for i := 0; i < len(sa.Addr); i++ {
-			sa.Addr[i] = pp.Addr[i]
-		}
+		sa.Addr = pp.Addr
 		return sa, nil
 	}
 	return anyToSockaddrGOOS(fd, rsa)
diff --git a/vendor/golang.org/x/sys/unix/syscall_darwin.go b/vendor/golang.org/x/sys/unix/syscall_darwin.go
index a8c13317d75..8826f41435e 100644
--- a/vendor/golang.org/x/sys/unix/syscall_darwin.go
+++ b/vendor/golang.org/x/sys/unix/syscall_darwin.go
@@ -430,8 +430,25 @@ func GetsockoptXucred(fd, level, opt int) (*Xucred, error) {
 	return x, err
 }
 
-func SysctlKinfoProcSlice(name string) ([]KinfoProc, error) {
-	mib, err := sysctlmib(name)
+func SysctlKinfoProc(name string, args ...int) (*KinfoProc, error) {
+	mib, err := sysctlmib(name, args...)
+	if err != nil {
+		return nil, err
+	}
+
+	var kinfo KinfoProc
+	n := uintptr(SizeofKinfoProc)
+	if err := sysctl(mib, (*byte)(unsafe.Pointer(&kinfo)), &n, nil, 0); err != nil {
+		return nil, err
+	}
+	if n != SizeofKinfoProc {
+		return nil, EIO
+	}
+	return &kinfo, nil
+}
+
+func SysctlKinfoProcSlice(name string, args ...int) ([]KinfoProc, error) {
+	mib, err := sysctlmib(name, args...)
 	if err != nil {
 		return nil, err
 	}
diff --git a/vendor/golang.org/x/sys/unix/syscall_linux.go b/vendor/golang.org/x/sys/unix/syscall_linux.go
index fff38a84c9c..4bc5baf77d9 100644
--- a/vendor/golang.org/x/sys/unix/syscall_linux.go
+++ b/vendor/golang.org/x/sys/unix/syscall_linux.go
@@ -372,9 +372,7 @@ func (sa *SockaddrInet4) sockaddr() (unsafe.Pointer, _Socklen, error) {
 	p := (*[2]byte)(unsafe.Pointer(&sa.raw.Port))
 	p[0] = byte(sa.Port >> 8)
 	p[1] = byte(sa.Port)
-	for i := 0; i < len(sa.Addr); i++ {
-		sa.raw.Addr[i] = sa.Addr[i]
-	}
+	sa.raw.Addr = sa.Addr
 	return unsafe.Pointer(&sa.raw), SizeofSockaddrInet4, nil
 }
 
@@ -387,9 +385,7 @@ func (sa *SockaddrInet6) sockaddr() (unsafe.Pointer, _Socklen, error) {
 	p[0] = byte(sa.Port >> 8)
 	p[1] = byte(sa.Port)
 	sa.raw.Scope_id = sa.ZoneId
-	for i := 0; i < len(sa.Addr); i++ {
-		sa.raw.Addr[i] = sa.Addr[i]
-	}
+	sa.raw.Addr = sa.Addr
 	return unsafe.Pointer(&sa.raw), SizeofSockaddrInet6, nil
 }
 
@@ -438,9 +434,7 @@ func (sa *SockaddrLinklayer) sockaddr() (unsafe.Pointer, _Socklen, error) {
 	sa.raw.Hatype = sa.Hatype
 	sa.raw.Pkttype = sa.Pkttype
 	sa.raw.Halen = sa.Halen
-	for i := 0; i < len(sa.Addr); i++ {
-		sa.raw.Addr[i] = sa.Addr[i]
-	}
+	sa.raw.Addr = sa.Addr
 	return unsafe.Pointer(&sa.raw), SizeofSockaddrLinklayer, nil
 }
 
@@ -855,12 +849,10 @@ func (sa *SockaddrTIPC) sockaddr() (unsafe.Pointer, _Socklen, error) {
 	if sa.Addr == nil {
 		return nil, 0, EINVAL
 	}
-
 	sa.raw.Family = AF_TIPC
 	sa.raw.Scope = int8(sa.Scope)
 	sa.raw.Addrtype = sa.Addr.tipcAddrtype()
 	sa.raw.Addr = sa.Addr.tipcAddr()
-
 	return unsafe.Pointer(&sa.raw), SizeofSockaddrTIPC, nil
 }
 
@@ -874,9 +866,7 @@ type SockaddrL2TPIP struct {
 func (sa *SockaddrL2TPIP) sockaddr() (unsafe.Pointer, _Socklen, error) {
 	sa.raw.Family = AF_INET
 	sa.raw.Conn_id = sa.ConnId
-	for i := 0; i < len(sa.Addr); i++ {
-		sa.raw.Addr[i] = sa.Addr[i]
-	}
+	sa.raw.Addr = sa.Addr
 	return unsafe.Pointer(&sa.raw), SizeofSockaddrL2TPIP, nil
 }
 
@@ -892,9 +882,7 @@ func (sa *SockaddrL2TPIP6) sockaddr() (unsafe.Pointer, _Socklen, error) {
 	sa.raw.Family = AF_INET6
 	sa.raw.Conn_id = sa.ConnId
 	sa.raw.Scope_id = sa.ZoneId
-	for i := 0; i < len(sa.Addr); i++ {
-		sa.raw.Addr[i] = sa.Addr[i]
-	}
+	sa.raw.Addr = sa.Addr
 	return unsafe.Pointer(&sa.raw), SizeofSockaddrL2TPIP6, nil
 }
 
@@ -990,9 +978,7 @@ func anyToSockaddr(fd int, rsa *RawSockaddrAny) (Sockaddr, error) {
 		sa.Hatype = pp.Hatype
 		sa.Pkttype = pp.Pkttype
 		sa.Halen = pp.Halen
-		for i := 0; i < len(sa.Addr); i++ {
-			sa.Addr[i] = pp.Addr[i]
-		}
+		sa.Addr = pp.Addr
 		return sa, nil
 
 	case AF_UNIX:
@@ -1031,18 +1017,14 @@ func anyToSockaddr(fd int, rsa *RawSockaddrAny) (Sockaddr, error) {
 			pp := (*RawSockaddrL2TPIP)(unsafe.Pointer(rsa))
 			sa := new(SockaddrL2TPIP)
 			sa.ConnId = pp.Conn_id
-			for i := 0; i < len(sa.Addr); i++ {
-				sa.Addr[i] = pp.Addr[i]
-			}
+			sa.Addr = pp.Addr
 			return sa, nil
 		default:
 			pp := (*RawSockaddrInet4)(unsafe.Pointer(rsa))
 			sa := new(SockaddrInet4)
 			p := (*[2]byte)(unsafe.Pointer(&pp.Port))
 			sa.Port = int(p[0])<<8 + int(p[1])
-			for i := 0; i < len(sa.Addr); i++ {
-				sa.Addr[i] = pp.Addr[i]
-			}
+			sa.Addr = pp.Addr
 			return sa, nil
 		}
 
@@ -1058,9 +1040,7 @@ func anyToSockaddr(fd int, rsa *RawSockaddrAny) (Sockaddr, error) {
 			sa := new(SockaddrL2TPIP6)
 			sa.ConnId = pp.Conn_id
 			sa.ZoneId = pp.Scope_id
-			for i := 0; i < len(sa.Addr); i++ {
-				sa.Addr[i] = pp.Addr[i]
-			}
+			sa.Addr = pp.Addr
 			return sa, nil
 		default:
 			pp := (*RawSockaddrInet6)(unsafe.Pointer(rsa))
@@ -1068,9 +1048,7 @@ func anyToSockaddr(fd int, rsa *RawSockaddrAny) (Sockaddr, error) {
 			p := (*[2]byte)(unsafe.Pointer(&pp.Port))
 			sa.Port = int(p[0])<<8 + int(p[1])
 			sa.ZoneId = pp.Scope_id
-			for i := 0; i < len(sa.Addr); i++ {
-				sa.Addr[i] = pp.Addr[i]
-			}
+			sa.Addr = pp.Addr
 			return sa, nil
 		}
 
@@ -1797,6 +1775,16 @@ func Mount(source string, target string, fstype string, flags uintptr, data stri
 	return mount(source, target, fstype, flags, datap)
 }
 
+//sys	mountSetattr(dirfd int, pathname string, flags uint, attr *MountAttr, size uintptr) (err error) = SYS_MOUNT_SETATTR
+
+// MountSetattr is a wrapper for mount_setattr(2).
+// https://man7.org/linux/man-pages/man2/mount_setattr.2.html
+//
+// Requires kernel >= 5.12.
+func MountSetattr(dirfd int, pathname string, flags uint, attr *MountAttr) error {
+	return mountSetattr(dirfd, pathname, flags, attr, unsafe.Sizeof(*attr))
+}
+
 func Sendfile(outfd int, infd int, offset *int64, count int) (written int, err error) {
 	if raceenabled {
 		raceReleaseMerge(unsafe.Pointer(&ioSync))
diff --git a/vendor/golang.org/x/sys/unix/syscall_solaris.go b/vendor/golang.org/x/sys/unix/syscall_solaris.go
index d2a6495c7e3..8b88ac21333 100644
--- a/vendor/golang.org/x/sys/unix/syscall_solaris.go
+++ b/vendor/golang.org/x/sys/unix/syscall_solaris.go
@@ -92,9 +92,7 @@ func (sa *SockaddrInet4) sockaddr() (unsafe.Pointer, _Socklen, error) {
 	p := (*[2]byte)(unsafe.Pointer(&sa.raw.Port))
 	p[0] = byte(sa.Port >> 8)
 	p[1] = byte(sa.Port)
-	for i := 0; i < len(sa.Addr); i++ {
-		sa.raw.Addr[i] = sa.Addr[i]
-	}
+	sa.raw.Addr = sa.Addr
 	return unsafe.Pointer(&sa.raw), SizeofSockaddrInet4, nil
 }
 
@@ -107,9 +105,7 @@ func (sa *SockaddrInet6) sockaddr() (unsafe.Pointer, _Socklen, error) {
 	p[0] = byte(sa.Port >> 8)
 	p[1] = byte(sa.Port)
 	sa.raw.Scope_id = sa.ZoneId
-	for i := 0; i < len(sa.Addr); i++ {
-		sa.raw.Addr[i] = sa.Addr[i]
-	}
+	sa.raw.Addr = sa.Addr
 	return unsafe.Pointer(&sa.raw), SizeofSockaddrInet6, nil
 }
 
@@ -417,9 +413,7 @@ func anyToSockaddr(fd int, rsa *RawSockaddrAny) (Sockaddr, error) {
 		sa := new(SockaddrInet4)
 		p := (*[2]byte)(unsafe.Pointer(&pp.Port))
 		sa.Port = int(p[0])<<8 + int(p[1])
-		for i := 0; i < len(sa.Addr); i++ {
-			sa.Addr[i] = pp.Addr[i]
-		}
+		sa.Addr = pp.Addr
 		return sa, nil
 
 	case AF_INET6:
@@ -428,9 +422,7 @@ func anyToSockaddr(fd int, rsa *RawSockaddrAny) (Sockaddr, error) {
 		p := (*[2]byte)(unsafe.Pointer(&pp.Port))
 		sa.Port = int(p[0])<<8 + int(p[1])
 		sa.ZoneId = pp.Scope_id
-		for i := 0; i < len(sa.Addr); i++ {
-			sa.Addr[i] = pp.Addr[i]
-		}
+		sa.Addr = pp.Addr
 		return sa, nil
 	}
 	return nil, EAFNOSUPPORT
diff --git a/vendor/golang.org/x/sys/unix/syscall_zos_s390x.go b/vendor/golang.org/x/sys/unix/syscall_zos_s390x.go
index 1ffd8bfcfb9..5fb76a14684 100644
--- a/vendor/golang.org/x/sys/unix/syscall_zos_s390x.go
+++ b/vendor/golang.org/x/sys/unix/syscall_zos_s390x.go
@@ -67,9 +67,7 @@ func (sa *SockaddrInet4) sockaddr() (unsafe.Pointer, _Socklen, error) {
 	p := (*[2]byte)(unsafe.Pointer(&sa.raw.Port))
 	p[0] = byte(sa.Port >> 8)
 	p[1] = byte(sa.Port)
-	for i := 0; i < len(sa.Addr); i++ {
-		sa.raw.Addr[i] = sa.Addr[i]
-	}
+	sa.raw.Addr = sa.Addr
 	return unsafe.Pointer(&sa.raw), _Socklen(sa.raw.Len), nil
 }
 
@@ -83,9 +81,7 @@ func (sa *SockaddrInet6) sockaddr() (unsafe.Pointer, _Socklen, error) {
 	p[0] = byte(sa.Port >> 8)
 	p[1] = byte(sa.Port)
 	sa.raw.Scope_id = sa.ZoneId
-	for i := 0; i < len(sa.Addr); i++ {
-		sa.raw.Addr[i] = sa.Addr[i]
-	}
+	sa.raw.Addr = sa.Addr
 	return unsafe.Pointer(&sa.raw), _Socklen(sa.raw.Len), nil
 }
 
@@ -144,9 +140,7 @@ func anyToSockaddr(_ int, rsa *RawSockaddrAny) (Sockaddr, error) {
 		sa := new(SockaddrInet4)
 		p := (*[2]byte)(unsafe.Pointer(&pp.Port))
 		sa.Port = int(p[0])<<8 + int(p[1])
-		for i := 0; i < len(sa.Addr); i++ {
-			sa.Addr[i] = pp.Addr[i]
-		}
+		sa.Addr = pp.Addr
 		return sa, nil
 
 	case AF_INET6:
@@ -155,9 +149,7 @@ func anyToSockaddr(_ int, rsa *RawSockaddrAny) (Sockaddr, error) {
 		p := (*[2]byte)(unsafe.Pointer(&pp.Port))
 		sa.Port = int(p[0])<<8 + int(p[1])
 		sa.ZoneId = pp.Scope_id
-		for i := 0; i < len(sa.Addr); i++ {
-			sa.Addr[i] = pp.Addr[i]
-		}
+		sa.Addr = pp.Addr
 		return sa, nil
 	}
 	return nil, EAFNOSUPPORT
diff --git a/vendor/golang.org/x/sys/unix/zerrors_linux.go b/vendor/golang.org/x/sys/unix/zerrors_linux.go
index 78d4b85ece5..d175aae896c 100644
--- a/vendor/golang.org/x/sys/unix/zerrors_linux.go
+++ b/vendor/golang.org/x/sys/unix/zerrors_linux.go
@@ -1,4 +1,4 @@
-// Code generated by mkmerge.go; DO NOT EDIT.
+// Code generated by mkmerge; DO NOT EDIT.
 
 //go:build linux
 // +build linux
@@ -116,6 +116,7 @@ const (
 	ARPHRD_LAPB                                 = 0x204
 	ARPHRD_LOCALTLK                             = 0x305
 	ARPHRD_LOOPBACK                             = 0x304
+	ARPHRD_MCTP                                 = 0x122
 	ARPHRD_METRICOM                             = 0x17
 	ARPHRD_NETLINK                              = 0x338
 	ARPHRD_NETROM                               = 0x0
@@ -472,6 +473,7 @@ const (
 	DM_DEV_WAIT                                 = 0xc138fd08
 	DM_DIR                                      = "mapper"
 	DM_GET_TARGET_VERSION                       = 0xc138fd11
+	DM_IMA_MEASUREMENT_FLAG                     = 0x80000
 	DM_INACTIVE_PRESENT_FLAG                    = 0x40
 	DM_INTERNAL_SUSPEND_FLAG                    = 0x40000
 	DM_IOCTL                                    = 0xfd
@@ -716,6 +718,7 @@ const (
 	ETH_P_LOOPBACK                              = 0x9000
 	ETH_P_MACSEC                                = 0x88e5
 	ETH_P_MAP                                   = 0xf9
+	ETH_P_MCTP                                  = 0xfa
 	ETH_P_MOBITEX                               = 0x15
 	ETH_P_MPLS_MC                               = 0x8848
 	ETH_P_MPLS_UC                               = 0x8847
@@ -751,6 +754,21 @@ const (
 	ETH_P_WCCP                                  = 0x883e
 	ETH_P_X25                                   = 0x805
 	ETH_P_XDSA                                  = 0xf8
+	EV_ABS                                      = 0x3
+	EV_CNT                                      = 0x20
+	EV_FF                                       = 0x15
+	EV_FF_STATUS                                = 0x17
+	EV_KEY                                      = 0x1
+	EV_LED                                      = 0x11
+	EV_MAX                                      = 0x1f
+	EV_MSC                                      = 0x4
+	EV_PWR                                      = 0x16
+	EV_REL                                      = 0x2
+	EV_REP                                      = 0x14
+	EV_SND                                      = 0x12
+	EV_SW                                       = 0x5
+	EV_SYN                                      = 0x0
+	EV_VERSION                                  = 0x10001
 	EXABYTE_ENABLE_NEST                         = 0xf0
 	EXT2_SUPER_MAGIC                            = 0xef53
 	EXT3_SUPER_MAGIC                            = 0xef53
@@ -789,9 +807,11 @@ const (
 	FAN_DELETE_SELF                             = 0x400
 	FAN_DENY                                    = 0x2
 	FAN_ENABLE_AUDIT                            = 0x40
+	FAN_EPIDFD                                  = -0x2
 	FAN_EVENT_INFO_TYPE_DFID                    = 0x3
 	FAN_EVENT_INFO_TYPE_DFID_NAME               = 0x2
 	FAN_EVENT_INFO_TYPE_FID                     = 0x1
+	FAN_EVENT_INFO_TYPE_PIDFD                   = 0x4
 	FAN_EVENT_METADATA_LEN                      = 0x18
 	FAN_EVENT_ON_CHILD                          = 0x8000000
 	FAN_MARK_ADD                                = 0x1
@@ -811,6 +831,7 @@ const (
 	FAN_MOVE_SELF                               = 0x800
 	FAN_NOFD                                    = -0x1
 	FAN_NONBLOCK                                = 0x2
+	FAN_NOPIDFD                                 = -0x1
 	FAN_ONDIR                                   = 0x40000000
 	FAN_OPEN                                    = 0x20
 	FAN_OPEN_EXEC                               = 0x1000
@@ -821,6 +842,7 @@ const (
 	FAN_REPORT_DIR_FID                          = 0x400
 	FAN_REPORT_FID                              = 0x200
 	FAN_REPORT_NAME                             = 0x800
+	FAN_REPORT_PIDFD                            = 0x80
 	FAN_REPORT_TID                              = 0x100
 	FAN_UNLIMITED_MARKS                         = 0x20
 	FAN_UNLIMITED_QUEUE                         = 0x10
@@ -1454,6 +1476,18 @@ const (
 	MNT_FORCE                                   = 0x1
 	MODULE_INIT_IGNORE_MODVERSIONS              = 0x1
 	MODULE_INIT_IGNORE_VERMAGIC                 = 0x2
+	MOUNT_ATTR_IDMAP                            = 0x100000
+	MOUNT_ATTR_NOATIME                          = 0x10
+	MOUNT_ATTR_NODEV                            = 0x4
+	MOUNT_ATTR_NODIRATIME                       = 0x80
+	MOUNT_ATTR_NOEXEC                           = 0x8
+	MOUNT_ATTR_NOSUID                           = 0x2
+	MOUNT_ATTR_NOSYMFOLLOW                      = 0x200000
+	MOUNT_ATTR_RDONLY                           = 0x1
+	MOUNT_ATTR_RELATIME                         = 0x0
+	MOUNT_ATTR_SIZE_VER0                        = 0x20
+	MOUNT_ATTR_STRICTATIME                      = 0x20
+	MOUNT_ATTR__ATIME                           = 0x70
 	MSDOS_SUPER_MAGIC                           = 0x4d44
 	MSG_BATCH                                   = 0x40000
 	MSG_CMSG_CLOEXEC                            = 0x40000000
@@ -1997,6 +2031,7 @@ const (
 	PR_SPEC_ENABLE                              = 0x2
 	PR_SPEC_FORCE_DISABLE                       = 0x8
 	PR_SPEC_INDIRECT_BRANCH                     = 0x1
+	PR_SPEC_L1D_FLUSH                           = 0x2
 	PR_SPEC_NOT_AFFECTED                        = 0x0
 	PR_SPEC_PRCTL                               = 0x1
 	PR_SPEC_STORE_BYPASS                        = 0x0
@@ -2432,12 +2467,15 @@ const (
 	SMART_WRITE_THRESHOLDS                      = 0xd7
 	SMB_SUPER_MAGIC                             = 0x517b
 	SOCKFS_MAGIC                                = 0x534f434b
+	SOCK_BUF_LOCK_MASK                          = 0x3
 	SOCK_DCCP                                   = 0x6
 	SOCK_IOC_TYPE                               = 0x89
 	SOCK_PACKET                                 = 0xa
 	SOCK_RAW                                    = 0x3
+	SOCK_RCVBUF_LOCK                            = 0x2
 	SOCK_RDM                                    = 0x4
 	SOCK_SEQPACKET                              = 0x5
+	SOCK_SNDBUF_LOCK                            = 0x1
 	SOL_AAL                                     = 0x109
 	SOL_ALG                                     = 0x117
 	SOL_ATM                                     = 0x108
diff --git a/vendor/golang.org/x/sys/unix/zerrors_linux_386.go b/vendor/golang.org/x/sys/unix/zerrors_linux_386.go
index 697811a4600..3ca40ca7f02 100644
--- a/vendor/golang.org/x/sys/unix/zerrors_linux_386.go
+++ b/vendor/golang.org/x/sys/unix/zerrors_linux_386.go
@@ -5,7 +5,7 @@
 // +build 386,linux
 
 // Code generated by cmd/cgo -godefs; DO NOT EDIT.
-// cgo -godefs -- -Wall -Werror -static -I/tmp/include -m32 /build/_const.go
+// cgo -godefs -- -Wall -Werror -static -I/tmp/include -m32 /build/unix/_const.go
 
 package unix
 
@@ -293,6 +293,7 @@ const (
 	SO_BPF_EXTENSIONS                = 0x30
 	SO_BROADCAST                     = 0x6
 	SO_BSDCOMPAT                     = 0xe
+	SO_BUF_LOCK                      = 0x48
 	SO_BUSY_POLL                     = 0x2e
 	SO_BUSY_POLL_BUDGET              = 0x46
 	SO_CNX_ADVICE                    = 0x35
diff --git a/vendor/golang.org/x/sys/unix/zerrors_linux_amd64.go b/vendor/golang.org/x/sys/unix/zerrors_linux_amd64.go
index 7d8d93bfc4b..ead332091af 100644
--- a/vendor/golang.org/x/sys/unix/zerrors_linux_amd64.go
+++ b/vendor/golang.org/x/sys/unix/zerrors_linux_amd64.go
@@ -5,7 +5,7 @@
 // +build amd64,linux
 
 // Code generated by cmd/cgo -godefs; DO NOT EDIT.
-// cgo -godefs -- -Wall -Werror -static -I/tmp/include -m64 /build/_const.go
+// cgo -godefs -- -Wall -Werror -static -I/tmp/include -m64 /build/unix/_const.go
 
 package unix
 
@@ -294,6 +294,7 @@ const (
 	SO_BPF_EXTENSIONS                = 0x30
 	SO_BROADCAST                     = 0x6
 	SO_BSDCOMPAT                     = 0xe
+	SO_BUF_LOCK                      = 0x48
 	SO_BUSY_POLL                     = 0x2e
 	SO_BUSY_POLL_BUDGET              = 0x46
 	SO_CNX_ADVICE                    = 0x35
diff --git a/vendor/golang.org/x/sys/unix/zerrors_linux_arm.go b/vendor/golang.org/x/sys/unix/zerrors_linux_arm.go
index f707d508941..39bdc945589 100644
--- a/vendor/golang.org/x/sys/unix/zerrors_linux_arm.go
+++ b/vendor/golang.org/x/sys/unix/zerrors_linux_arm.go
@@ -5,7 +5,7 @@
 // +build arm,linux
 
 // Code generated by cmd/cgo -godefs; DO NOT EDIT.
-// cgo -godefs -- -Wall -Werror -static -I/tmp/include /build/_const.go
+// cgo -godefs -- -Wall -Werror -static -I/tmp/include /build/unix/_const.go
 
 package unix
 
@@ -300,6 +300,7 @@ const (
 	SO_BPF_EXTENSIONS                = 0x30
 	SO_BROADCAST                     = 0x6
 	SO_BSDCOMPAT                     = 0xe
+	SO_BUF_LOCK                      = 0x48
 	SO_BUSY_POLL                     = 0x2e
 	SO_BUSY_POLL_BUDGET              = 0x46
 	SO_CNX_ADVICE                    = 0x35
diff --git a/vendor/golang.org/x/sys/unix/zerrors_linux_arm64.go b/vendor/golang.org/x/sys/unix/zerrors_linux_arm64.go
index 3a67a9c8521..9aec987db1c 100644
--- a/vendor/golang.org/x/sys/unix/zerrors_linux_arm64.go
+++ b/vendor/golang.org/x/sys/unix/zerrors_linux_arm64.go
@@ -5,7 +5,7 @@
 // +build arm64,linux
 
 // Code generated by cmd/cgo -godefs; DO NOT EDIT.
-// cgo -godefs -- -Wall -Werror -static -I/tmp/include -fsigned-char /build/_const.go
+// cgo -godefs -- -Wall -Werror -static -I/tmp/include -fsigned-char /build/unix/_const.go
 
 package unix
 
@@ -290,6 +290,7 @@ const (
 	SO_BPF_EXTENSIONS                = 0x30
 	SO_BROADCAST                     = 0x6
 	SO_BSDCOMPAT                     = 0xe
+	SO_BUF_LOCK                      = 0x48
 	SO_BUSY_POLL                     = 0x2e
 	SO_BUSY_POLL_BUDGET              = 0x46
 	SO_CNX_ADVICE                    = 0x35
diff --git a/vendor/golang.org/x/sys/unix/zerrors_linux_mips.go b/vendor/golang.org/x/sys/unix/zerrors_linux_mips.go
index a7ccef56c52..a8bba9491e8 100644
--- a/vendor/golang.org/x/sys/unix/zerrors_linux_mips.go
+++ b/vendor/golang.org/x/sys/unix/zerrors_linux_mips.go
@@ -5,7 +5,7 @@
 // +build mips,linux
 
 // Code generated by cmd/cgo -godefs; DO NOT EDIT.
-// cgo -godefs -- -Wall -Werror -static -I/tmp/include /build/_const.go
+// cgo -godefs -- -Wall -Werror -static -I/tmp/include /build/unix/_const.go
 
 package unix
 
@@ -293,6 +293,7 @@ const (
 	SO_BPF_EXTENSIONS                = 0x30
 	SO_BROADCAST                     = 0x20
 	SO_BSDCOMPAT                     = 0xe
+	SO_BUF_LOCK                      = 0x48
 	SO_BUSY_POLL                     = 0x2e
 	SO_BUSY_POLL_BUDGET              = 0x46
 	SO_CNX_ADVICE                    = 0x35
diff --git a/vendor/golang.org/x/sys/unix/zerrors_linux_mips64.go b/vendor/golang.org/x/sys/unix/zerrors_linux_mips64.go
index f7b7cec910f..ee9e7e2020e 100644
--- a/vendor/golang.org/x/sys/unix/zerrors_linux_mips64.go
+++ b/vendor/golang.org/x/sys/unix/zerrors_linux_mips64.go
@@ -5,7 +5,7 @@
 // +build mips64,linux
 
 // Code generated by cmd/cgo -godefs; DO NOT EDIT.
-// cgo -godefs -- -Wall -Werror -static -I/tmp/include /build/_const.go
+// cgo -godefs -- -Wall -Werror -static -I/tmp/include /build/unix/_const.go
 
 package unix
 
@@ -293,6 +293,7 @@ const (
 	SO_BPF_EXTENSIONS                = 0x30
 	SO_BROADCAST                     = 0x20
 	SO_BSDCOMPAT                     = 0xe
+	SO_BUF_LOCK                      = 0x48
 	SO_BUSY_POLL                     = 0x2e
 	SO_BUSY_POLL_BUDGET              = 0x46
 	SO_CNX_ADVICE                    = 0x35
diff --git a/vendor/golang.org/x/sys/unix/zerrors_linux_mips64le.go b/vendor/golang.org/x/sys/unix/zerrors_linux_mips64le.go
index 4fcacf95849..ba4b288a3c0 100644
--- a/vendor/golang.org/x/sys/unix/zerrors_linux_mips64le.go
+++ b/vendor/golang.org/x/sys/unix/zerrors_linux_mips64le.go
@@ -5,7 +5,7 @@
 // +build mips64le,linux
 
 // Code generated by cmd/cgo -godefs; DO NOT EDIT.
-// cgo -godefs -- -Wall -Werror -static -I/tmp/include /build/_const.go
+// cgo -godefs -- -Wall -Werror -static -I/tmp/include /build/unix/_const.go
 
 package unix
 
@@ -293,6 +293,7 @@ const (
 	SO_BPF_EXTENSIONS                = 0x30
 	SO_BROADCAST                     = 0x20
 	SO_BSDCOMPAT                     = 0xe
+	SO_BUF_LOCK                      = 0x48
 	SO_BUSY_POLL                     = 0x2e
 	SO_BUSY_POLL_BUDGET              = 0x46
 	SO_CNX_ADVICE                    = 0x35
diff --git a/vendor/golang.org/x/sys/unix/zerrors_linux_mipsle.go b/vendor/golang.org/x/sys/unix/zerrors_linux_mipsle.go
index 6f6c223a2cb..bc93afc3675 100644
--- a/vendor/golang.org/x/sys/unix/zerrors_linux_mipsle.go
+++ b/vendor/golang.org/x/sys/unix/zerrors_linux_mipsle.go
@@ -5,7 +5,7 @@
 // +build mipsle,linux
 
 // Code generated by cmd/cgo -godefs; DO NOT EDIT.
-// cgo -godefs -- -Wall -Werror -static -I/tmp/include /build/_const.go
+// cgo -godefs -- -Wall -Werror -static -I/tmp/include /build/unix/_const.go
 
 package unix
 
@@ -293,6 +293,7 @@ const (
 	SO_BPF_EXTENSIONS                = 0x30
 	SO_BROADCAST                     = 0x20
 	SO_BSDCOMPAT                     = 0xe
+	SO_BUF_LOCK                      = 0x48
 	SO_BUSY_POLL                     = 0x2e
 	SO_BUSY_POLL_BUDGET              = 0x46
 	SO_CNX_ADVICE                    = 0x35
diff --git a/vendor/golang.org/x/sys/unix/zerrors_linux_ppc.go b/vendor/golang.org/x/sys/unix/zerrors_linux_ppc.go
index 59e522bcf4e..9295e694785 100644
--- a/vendor/golang.org/x/sys/unix/zerrors_linux_ppc.go
+++ b/vendor/golang.org/x/sys/unix/zerrors_linux_ppc.go
@@ -5,7 +5,7 @@
 // +build ppc,linux
 
 // Code generated by cmd/cgo -godefs; DO NOT EDIT.
-// cgo -godefs -- -Wall -Werror -static -I/tmp/include /build/_const.go
+// cgo -godefs -- -Wall -Werror -static -I/tmp/include /build/unix/_const.go
 
 package unix
 
@@ -348,6 +348,7 @@ const (
 	SO_BPF_EXTENSIONS                = 0x30
 	SO_BROADCAST                     = 0x6
 	SO_BSDCOMPAT                     = 0xe
+	SO_BUF_LOCK                      = 0x48
 	SO_BUSY_POLL                     = 0x2e
 	SO_BUSY_POLL_BUDGET              = 0x46
 	SO_CNX_ADVICE                    = 0x35
diff --git a/vendor/golang.org/x/sys/unix/zerrors_linux_ppc64.go b/vendor/golang.org/x/sys/unix/zerrors_linux_ppc64.go
index d4264a0f73e..1fa081c9a67 100644
--- a/vendor/golang.org/x/sys/unix/zerrors_linux_ppc64.go
+++ b/vendor/golang.org/x/sys/unix/zerrors_linux_ppc64.go
@@ -5,7 +5,7 @@
 // +build ppc64,linux
 
 // Code generated by cmd/cgo -godefs; DO NOT EDIT.
-// cgo -godefs -- -Wall -Werror -static -I/tmp/include /build/_const.go
+// cgo -godefs -- -Wall -Werror -static -I/tmp/include /build/unix/_const.go
 
 package unix
 
@@ -352,6 +352,7 @@ const (
 	SO_BPF_EXTENSIONS                = 0x30
 	SO_BROADCAST                     = 0x6
 	SO_BSDCOMPAT                     = 0xe
+	SO_BUF_LOCK                      = 0x48
 	SO_BUSY_POLL                     = 0x2e
 	SO_BUSY_POLL_BUDGET              = 0x46
 	SO_CNX_ADVICE                    = 0x35
diff --git a/vendor/golang.org/x/sys/unix/zerrors_linux_ppc64le.go b/vendor/golang.org/x/sys/unix/zerrors_linux_ppc64le.go
index 21cbec1dd35..74b32114946 100644
--- a/vendor/golang.org/x/sys/unix/zerrors_linux_ppc64le.go
+++ b/vendor/golang.org/x/sys/unix/zerrors_linux_ppc64le.go
@@ -5,7 +5,7 @@
 // +build ppc64le,linux
 
 // Code generated by cmd/cgo -godefs; DO NOT EDIT.
-// cgo -godefs -- -Wall -Werror -static -I/tmp/include /build/_const.go
+// cgo -godefs -- -Wall -Werror -static -I/tmp/include /build/unix/_const.go
 
 package unix
 
@@ -352,6 +352,7 @@ const (
 	SO_BPF_EXTENSIONS                = 0x30
 	SO_BROADCAST                     = 0x6
 	SO_BSDCOMPAT                     = 0xe
+	SO_BUF_LOCK                      = 0x48
 	SO_BUSY_POLL                     = 0x2e
 	SO_BUSY_POLL_BUDGET              = 0x46
 	SO_CNX_ADVICE                    = 0x35
diff --git a/vendor/golang.org/x/sys/unix/zerrors_linux_riscv64.go b/vendor/golang.org/x/sys/unix/zerrors_linux_riscv64.go
index 9b05bf12fc3..c91c8ac5b01 100644
--- a/vendor/golang.org/x/sys/unix/zerrors_linux_riscv64.go
+++ b/vendor/golang.org/x/sys/unix/zerrors_linux_riscv64.go
@@ -5,7 +5,7 @@
 // +build riscv64,linux
 
 // Code generated by cmd/cgo -godefs; DO NOT EDIT.
-// cgo -godefs -- -Wall -Werror -static -I/tmp/include /build/_const.go
+// cgo -godefs -- -Wall -Werror -static -I/tmp/include /build/unix/_const.go
 
 package unix
 
@@ -281,6 +281,7 @@ const (
 	SO_BPF_EXTENSIONS                = 0x30
 	SO_BROADCAST                     = 0x6
 	SO_BSDCOMPAT                     = 0xe
+	SO_BUF_LOCK                      = 0x48
 	SO_BUSY_POLL                     = 0x2e
 	SO_BUSY_POLL_BUDGET              = 0x46
 	SO_CNX_ADVICE                    = 0x35
diff --git a/vendor/golang.org/x/sys/unix/zerrors_linux_s390x.go b/vendor/golang.org/x/sys/unix/zerrors_linux_s390x.go
index bd82ace09a5..b66bf222894 100644
--- a/vendor/golang.org/x/sys/unix/zerrors_linux_s390x.go
+++ b/vendor/golang.org/x/sys/unix/zerrors_linux_s390x.go
@@ -5,7 +5,7 @@
 // +build s390x,linux
 
 // Code generated by cmd/cgo -godefs; DO NOT EDIT.
-// cgo -godefs -- -Wall -Werror -static -I/tmp/include -fsigned-char /build/_const.go
+// cgo -godefs -- -Wall -Werror -static -I/tmp/include -fsigned-char /build/unix/_const.go
 
 package unix
 
@@ -356,6 +356,7 @@ const (
 	SO_BPF_EXTENSIONS                = 0x30
 	SO_BROADCAST                     = 0x6
 	SO_BSDCOMPAT                     = 0xe
+	SO_BUF_LOCK                      = 0x48
 	SO_BUSY_POLL                     = 0x2e
 	SO_BUSY_POLL_BUDGET              = 0x46
 	SO_CNX_ADVICE                    = 0x35
diff --git a/vendor/golang.org/x/sys/unix/zerrors_linux_sparc64.go b/vendor/golang.org/x/sys/unix/zerrors_linux_sparc64.go
index 1f8bded56bb..f7fb149b0c9 100644
--- a/vendor/golang.org/x/sys/unix/zerrors_linux_sparc64.go
+++ b/vendor/golang.org/x/sys/unix/zerrors_linux_sparc64.go
@@ -5,7 +5,7 @@
 // +build sparc64,linux
 
 // Code generated by cmd/cgo -godefs; DO NOT EDIT.
-// cgo -godefs -- -Wall -Werror -static -I/tmp/include /build/_const.go
+// cgo -godefs -- -Wall -Werror -static -I/tmp/include /build/unix/_const.go
 
 package unix
 
@@ -347,6 +347,7 @@ const (
 	SO_BPF_EXTENSIONS                = 0x32
 	SO_BROADCAST                     = 0x20
 	SO_BSDCOMPAT                     = 0x400
+	SO_BUF_LOCK                      = 0x51
 	SO_BUSY_POLL                     = 0x30
 	SO_BUSY_POLL_BUDGET              = 0x49
 	SO_CNX_ADVICE                    = 0x37
diff --git a/vendor/golang.org/x/sys/unix/zsyscall_aix_ppc.go b/vendor/golang.org/x/sys/unix/zsyscall_aix_ppc.go
index 91a23cc7287..85e0cc38667 100644
--- a/vendor/golang.org/x/sys/unix/zsyscall_aix_ppc.go
+++ b/vendor/golang.org/x/sys/unix/zsyscall_aix_ppc.go
@@ -17,6 +17,7 @@ int getdirent(int, uintptr_t, size_t);
 int wait4(int, uintptr_t, int, uintptr_t);
 int ioctl(int, int, uintptr_t);
 int fcntl(uintptr_t, int, uintptr_t);
+int fsync_range(int, int, long long, long long);
 int acct(uintptr_t);
 int chdir(uintptr_t);
 int chroot(uintptr_t);
@@ -29,7 +30,6 @@ int fchmod(int, unsigned int);
 int fchmodat(int, uintptr_t, unsigned int, int);
 int fchownat(int, uintptr_t, int, int, int);
 int fdatasync(int);
-int fsync(int);
 int getpgid(int);
 int getpgrp();
 int getpid();
@@ -255,6 +255,16 @@ func fcntl(fd int, cmd int, arg int) (val int, err error) {
 
 // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
 
+func fsyncRange(fd int, how int, start int64, length int64) (err error) {
+	r0, er := C.fsync_range(C.int(fd), C.int(how), C.longlong(start), C.longlong(length))
+	if r0 == -1 && er != nil {
+		err = er
+	}
+	return
+}
+
+// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
+
 func Acct(path string) (err error) {
 	_p0 := uintptr(unsafe.Pointer(C.CString(path)))
 	r0, er := C.acct(C.uintptr_t(_p0))
@@ -379,16 +389,6 @@ func Fdatasync(fd int) (err error) {
 
 // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
 
-func Fsync(fd int) (err error) {
-	r0, er := C.fsync(C.int(fd))
-	if r0 == -1 && er != nil {
-		err = er
-	}
-	return
-}
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
 func Getpgid(pid int) (pgid int, err error) {
 	r0, er := C.getpgid(C.int(pid))
 	pgid = int(r0)
diff --git a/vendor/golang.org/x/sys/unix/zsyscall_aix_ppc64.go b/vendor/golang.org/x/sys/unix/zsyscall_aix_ppc64.go
index 33c2609b8b4..f1d4a73b089 100644
--- a/vendor/golang.org/x/sys/unix/zsyscall_aix_ppc64.go
+++ b/vendor/golang.org/x/sys/unix/zsyscall_aix_ppc64.go
@@ -135,6 +135,16 @@ func fcntl(fd int, cmd int, arg int) (val int, err error) {
 
 // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
 
+func fsyncRange(fd int, how int, start int64, length int64) (err error) {
+	_, e1 := callfsync_range(fd, how, start, length)
+	if e1 != 0 {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
+
 func Acct(path string) (err error) {
 	var _p0 *byte
 	_p0, err = BytePtrFromString(path)
@@ -283,16 +293,6 @@ func Fdatasync(fd int) (err error) {
 
 // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
 
-func Fsync(fd int) (err error) {
-	_, e1 := callfsync(fd)
-	if e1 != 0 {
-		err = errnoErr(e1)
-	}
-	return
-}
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
 func Getpgid(pid int) (pgid int, err error) {
 	r0, e1 := callgetpgid(pid)
 	pgid = int(r0)
diff --git a/vendor/golang.org/x/sys/unix/zsyscall_aix_ppc64_gc.go b/vendor/golang.org/x/sys/unix/zsyscall_aix_ppc64_gc.go
index 8b737fa971e..2caa5adf950 100644
--- a/vendor/golang.org/x/sys/unix/zsyscall_aix_ppc64_gc.go
+++ b/vendor/golang.org/x/sys/unix/zsyscall_aix_ppc64_gc.go
@@ -18,6 +18,7 @@ import (
 //go:cgo_import_dynamic libc_wait4 wait4 "libc.a/shr_64.o"
 //go:cgo_import_dynamic libc_ioctl ioctl "libc.a/shr_64.o"
 //go:cgo_import_dynamic libc_fcntl fcntl "libc.a/shr_64.o"
+//go:cgo_import_dynamic libc_fsync_range fsync_range "libc.a/shr_64.o"
 //go:cgo_import_dynamic libc_acct acct "libc.a/shr_64.o"
 //go:cgo_import_dynamic libc_chdir chdir "libc.a/shr_64.o"
 //go:cgo_import_dynamic libc_chroot chroot "libc.a/shr_64.o"
@@ -30,7 +31,6 @@ import (
 //go:cgo_import_dynamic libc_fchmodat fchmodat "libc.a/shr_64.o"
 //go:cgo_import_dynamic libc_fchownat fchownat "libc.a/shr_64.o"
 //go:cgo_import_dynamic libc_fdatasync fdatasync "libc.a/shr_64.o"
-//go:cgo_import_dynamic libc_fsync fsync "libc.a/shr_64.o"
 //go:cgo_import_dynamic libc_getpgid getpgid "libc.a/shr_64.o"
 //go:cgo_import_dynamic libc_getpgrp getpgrp "libc.a/shr_64.o"
 //go:cgo_import_dynamic libc_getpid getpid "libc.a/shr_64.o"
@@ -136,6 +136,7 @@ import (
 //go:linkname libc_wait4 libc_wait4
 //go:linkname libc_ioctl libc_ioctl
 //go:linkname libc_fcntl libc_fcntl
+//go:linkname libc_fsync_range libc_fsync_range
 //go:linkname libc_acct libc_acct
 //go:linkname libc_chdir libc_chdir
 //go:linkname libc_chroot libc_chroot
@@ -148,7 +149,6 @@ import (
 //go:linkname libc_fchmodat libc_fchmodat
 //go:linkname libc_fchownat libc_fchownat
 //go:linkname libc_fdatasync libc_fdatasync
-//go:linkname libc_fsync libc_fsync
 //go:linkname libc_getpgid libc_getpgid
 //go:linkname libc_getpgrp libc_getpgrp
 //go:linkname libc_getpid libc_getpid
@@ -257,6 +257,7 @@ var (
 	libc_wait4,
 	libc_ioctl,
 	libc_fcntl,
+	libc_fsync_range,
 	libc_acct,
 	libc_chdir,
 	libc_chroot,
@@ -269,7 +270,6 @@ var (
 	libc_fchmodat,
 	libc_fchownat,
 	libc_fdatasync,
-	libc_fsync,
 	libc_getpgid,
 	libc_getpgrp,
 	libc_getpid,
@@ -430,6 +430,13 @@ func callfcntl(fd uintptr, cmd int, arg uintptr) (r1 uintptr, e1 Errno) {
 
 // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
 
+func callfsync_range(fd int, how int, start int64, length int64) (r1 uintptr, e1 Errno) {
+	r1, _, e1 = syscall6(uintptr(unsafe.Pointer(&libc_fsync_range)), 4, uintptr(fd), uintptr(how), uintptr(start), uintptr(length), 0, 0)
+	return
+}
+
+// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
+
 func callacct(_p0 uintptr) (r1 uintptr, e1 Errno) {
 	r1, _, e1 = syscall6(uintptr(unsafe.Pointer(&libc_acct)), 1, _p0, 0, 0, 0, 0, 0)
 	return
@@ -514,13 +521,6 @@ func callfdatasync(fd int) (r1 uintptr, e1 Errno) {
 
 // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
 
-func callfsync(fd int) (r1 uintptr, e1 Errno) {
-	r1, _, e1 = syscall6(uintptr(unsafe.Pointer(&libc_fsync)), 1, uintptr(fd), 0, 0, 0, 0, 0)
-	return
-}
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
 func callgetpgid(pid int) (r1 uintptr, e1 Errno) {
 	r1, _, e1 = rawSyscall6(uintptr(unsafe.Pointer(&libc_getpgid)), 1, uintptr(pid), 0, 0, 0, 0, 0)
 	return
diff --git a/vendor/golang.org/x/sys/unix/zsyscall_aix_ppc64_gccgo.go b/vendor/golang.org/x/sys/unix/zsyscall_aix_ppc64_gccgo.go
index 3c260917ed5..944a714b1ad 100644
--- a/vendor/golang.org/x/sys/unix/zsyscall_aix_ppc64_gccgo.go
+++ b/vendor/golang.org/x/sys/unix/zsyscall_aix_ppc64_gccgo.go
@@ -16,6 +16,7 @@ int getdirent(int, uintptr_t, size_t);
 int wait4(int, uintptr_t, int, uintptr_t);
 int ioctl(int, int, uintptr_t);
 int fcntl(uintptr_t, int, uintptr_t);
+int fsync_range(int, int, long long, long long);
 int acct(uintptr_t);
 int chdir(uintptr_t);
 int chroot(uintptr_t);
@@ -28,7 +29,6 @@ int fchmod(int, unsigned int);
 int fchmodat(int, uintptr_t, unsigned int, int);
 int fchownat(int, uintptr_t, int, int, int);
 int fdatasync(int);
-int fsync(int);
 int getpgid(int);
 int getpgrp();
 int getpid();
@@ -199,6 +199,14 @@ func callfcntl(fd uintptr, cmd int, arg uintptr) (r1 uintptr, e1 Errno) {
 
 // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
 
+func callfsync_range(fd int, how int, start int64, length int64) (r1 uintptr, e1 Errno) {
+	r1 = uintptr(C.fsync_range(C.int(fd), C.int(how), C.longlong(start), C.longlong(length)))
+	e1 = syscall.GetErrno()
+	return
+}
+
+// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
+
 func callacct(_p0 uintptr) (r1 uintptr, e1 Errno) {
 	r1 = uintptr(C.acct(C.uintptr_t(_p0)))
 	e1 = syscall.GetErrno()
@@ -295,14 +303,6 @@ func callfdatasync(fd int) (r1 uintptr, e1 Errno) {
 
 // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
 
-func callfsync(fd int) (r1 uintptr, e1 Errno) {
-	r1 = uintptr(C.fsync(C.int(fd)))
-	e1 = syscall.GetErrno()
-	return
-}
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
 func callgetpgid(pid int) (r1 uintptr, e1 Errno) {
 	r1 = uintptr(C.getpgid(C.int(pid)))
 	e1 = syscall.GetErrno()
diff --git a/vendor/golang.org/x/sys/unix/zsyscall_linux.go b/vendor/golang.org/x/sys/unix/zsyscall_linux.go
index 4f5da1f54f8..93edda4c493 100644
--- a/vendor/golang.org/x/sys/unix/zsyscall_linux.go
+++ b/vendor/golang.org/x/sys/unix/zsyscall_linux.go
@@ -1,4 +1,4 @@
-// Code generated by mkmerge.go; DO NOT EDIT.
+// Code generated by mkmerge; DO NOT EDIT.
 
 //go:build linux
 // +build linux
@@ -409,6 +409,21 @@ func mount(source string, target string, fstype string, flags uintptr, data *byt
 
 // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
 
+func mountSetattr(dirfd int, pathname string, flags uint, attr *MountAttr, size uintptr) (err error) {
+	var _p0 *byte
+	_p0, err = BytePtrFromString(pathname)
+	if err != nil {
+		return
+	}
+	_, _, e1 := Syscall6(SYS_MOUNT_SETATTR, uintptr(dirfd), uintptr(unsafe.Pointer(_p0)), uintptr(flags), uintptr(unsafe.Pointer(attr)), uintptr(size), 0)
+	if e1 != 0 {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
+
 func Acct(path string) (err error) {
 	var _p0 *byte
 	_p0, err = BytePtrFromString(path)
diff --git a/vendor/golang.org/x/sys/unix/zsysnum_linux_386.go b/vendor/golang.org/x/sys/unix/zsysnum_linux_386.go
index aa7ce85d155..31847d2305f 100644
--- a/vendor/golang.org/x/sys/unix/zsysnum_linux_386.go
+++ b/vendor/golang.org/x/sys/unix/zsysnum_linux_386.go
@@ -444,4 +444,5 @@ const (
 	SYS_LANDLOCK_ADD_RULE            = 445
 	SYS_LANDLOCK_RESTRICT_SELF       = 446
 	SYS_MEMFD_SECRET                 = 447
+	SYS_PROCESS_MRELEASE             = 448
 )
diff --git a/vendor/golang.org/x/sys/unix/zsysnum_linux_amd64.go b/vendor/golang.org/x/sys/unix/zsysnum_linux_amd64.go
index b830326386c..3503cbbde38 100644
--- a/vendor/golang.org/x/sys/unix/zsysnum_linux_amd64.go
+++ b/vendor/golang.org/x/sys/unix/zsysnum_linux_amd64.go
@@ -366,4 +366,5 @@ const (
 	SYS_LANDLOCK_ADD_RULE       = 445
 	SYS_LANDLOCK_RESTRICT_SELF  = 446
 	SYS_MEMFD_SECRET            = 447
+	SYS_PROCESS_MRELEASE        = 448
 )
diff --git a/vendor/golang.org/x/sys/unix/zsysnum_linux_arm.go b/vendor/golang.org/x/sys/unix/zsysnum_linux_arm.go
index d75f65a0aa7..5ecd24bf683 100644
--- a/vendor/golang.org/x/sys/unix/zsysnum_linux_arm.go
+++ b/vendor/golang.org/x/sys/unix/zsysnum_linux_arm.go
@@ -7,6 +7,7 @@
 package unix
 
 const (
+	SYS_SYSCALL_MASK                 = 0
 	SYS_RESTART_SYSCALL              = 0
 	SYS_EXIT                         = 1
 	SYS_FORK                         = 2
@@ -407,4 +408,5 @@ const (
 	SYS_LANDLOCK_CREATE_RULESET      = 444
 	SYS_LANDLOCK_ADD_RULE            = 445
 	SYS_LANDLOCK_RESTRICT_SELF       = 446
+	SYS_PROCESS_MRELEASE             = 448
 )
diff --git a/vendor/golang.org/x/sys/unix/zsysnum_linux_arm64.go b/vendor/golang.org/x/sys/unix/zsysnum_linux_arm64.go
index 8b02f09e9b5..7e5c94cc7fe 100644
--- a/vendor/golang.org/x/sys/unix/zsysnum_linux_arm64.go
+++ b/vendor/golang.org/x/sys/unix/zsysnum_linux_arm64.go
@@ -311,4 +311,5 @@ const (
 	SYS_LANDLOCK_ADD_RULE       = 445
 	SYS_LANDLOCK_RESTRICT_SELF  = 446
 	SYS_MEMFD_SECRET            = 447
+	SYS_PROCESS_MRELEASE        = 448
 )
diff --git a/vendor/golang.org/x/sys/unix/zsysnum_linux_mips.go b/vendor/golang.org/x/sys/unix/zsysnum_linux_mips.go
index 026695abb1a..e1e2a2bf59e 100644
--- a/vendor/golang.org/x/sys/unix/zsysnum_linux_mips.go
+++ b/vendor/golang.org/x/sys/unix/zsysnum_linux_mips.go
@@ -428,4 +428,5 @@ const (
 	SYS_LANDLOCK_CREATE_RULESET      = 4444
 	SYS_LANDLOCK_ADD_RULE            = 4445
 	SYS_LANDLOCK_RESTRICT_SELF       = 4446
+	SYS_PROCESS_MRELEASE             = 4448
 )
diff --git a/vendor/golang.org/x/sys/unix/zsysnum_linux_mips64.go b/vendor/golang.org/x/sys/unix/zsysnum_linux_mips64.go
index 7320ba95833..7651915a3ad 100644
--- a/vendor/golang.org/x/sys/unix/zsysnum_linux_mips64.go
+++ b/vendor/golang.org/x/sys/unix/zsysnum_linux_mips64.go
@@ -358,4 +358,5 @@ const (
 	SYS_LANDLOCK_CREATE_RULESET = 5444
 	SYS_LANDLOCK_ADD_RULE       = 5445
 	SYS_LANDLOCK_RESTRICT_SELF  = 5446
+	SYS_PROCESS_MRELEASE        = 5448
 )
diff --git a/vendor/golang.org/x/sys/unix/zsysnum_linux_mips64le.go b/vendor/golang.org/x/sys/unix/zsysnum_linux_mips64le.go
index 45082dd67ff..a26a2c050bc 100644
--- a/vendor/golang.org/x/sys/unix/zsysnum_linux_mips64le.go
+++ b/vendor/golang.org/x/sys/unix/zsysnum_linux_mips64le.go
@@ -358,4 +358,5 @@ const (
 	SYS_LANDLOCK_CREATE_RULESET = 5444
 	SYS_LANDLOCK_ADD_RULE       = 5445
 	SYS_LANDLOCK_RESTRICT_SELF  = 5446
+	SYS_PROCESS_MRELEASE        = 5448
 )
diff --git a/vendor/golang.org/x/sys/unix/zsysnum_linux_mipsle.go b/vendor/golang.org/x/sys/unix/zsysnum_linux_mipsle.go
index 570a857a56e..fda9a6a9913 100644
--- a/vendor/golang.org/x/sys/unix/zsysnum_linux_mipsle.go
+++ b/vendor/golang.org/x/sys/unix/zsysnum_linux_mipsle.go
@@ -428,4 +428,5 @@ const (
 	SYS_LANDLOCK_CREATE_RULESET      = 4444
 	SYS_LANDLOCK_ADD_RULE            = 4445
 	SYS_LANDLOCK_RESTRICT_SELF       = 4446
+	SYS_PROCESS_MRELEASE             = 4448
 )
diff --git a/vendor/golang.org/x/sys/unix/zsysnum_linux_ppc.go b/vendor/golang.org/x/sys/unix/zsysnum_linux_ppc.go
index 638498d62e2..e8496150d41 100644
--- a/vendor/golang.org/x/sys/unix/zsysnum_linux_ppc.go
+++ b/vendor/golang.org/x/sys/unix/zsysnum_linux_ppc.go
@@ -435,4 +435,5 @@ const (
 	SYS_LANDLOCK_CREATE_RULESET      = 444
 	SYS_LANDLOCK_ADD_RULE            = 445
 	SYS_LANDLOCK_RESTRICT_SELF       = 446
+	SYS_PROCESS_MRELEASE             = 448
 )
diff --git a/vendor/golang.org/x/sys/unix/zsysnum_linux_ppc64.go b/vendor/golang.org/x/sys/unix/zsysnum_linux_ppc64.go
index 702beebfefe..5ee0678a360 100644
--- a/vendor/golang.org/x/sys/unix/zsysnum_linux_ppc64.go
+++ b/vendor/golang.org/x/sys/unix/zsysnum_linux_ppc64.go
@@ -407,4 +407,5 @@ const (
 	SYS_LANDLOCK_CREATE_RULESET = 444
 	SYS_LANDLOCK_ADD_RULE       = 445
 	SYS_LANDLOCK_RESTRICT_SELF  = 446
+	SYS_PROCESS_MRELEASE        = 448
 )
diff --git a/vendor/golang.org/x/sys/unix/zsysnum_linux_ppc64le.go b/vendor/golang.org/x/sys/unix/zsysnum_linux_ppc64le.go
index bfc87ea4443..29c0f9a39ea 100644
--- a/vendor/golang.org/x/sys/unix/zsysnum_linux_ppc64le.go
+++ b/vendor/golang.org/x/sys/unix/zsysnum_linux_ppc64le.go
@@ -407,4 +407,5 @@ const (
 	SYS_LANDLOCK_CREATE_RULESET = 444
 	SYS_LANDLOCK_ADD_RULE       = 445
 	SYS_LANDLOCK_RESTRICT_SELF  = 446
+	SYS_PROCESS_MRELEASE        = 448
 )
diff --git a/vendor/golang.org/x/sys/unix/zsysnum_linux_riscv64.go b/vendor/golang.org/x/sys/unix/zsysnum_linux_riscv64.go
index a390e147d3c..5c9a9a3b61c 100644
--- a/vendor/golang.org/x/sys/unix/zsysnum_linux_riscv64.go
+++ b/vendor/golang.org/x/sys/unix/zsysnum_linux_riscv64.go
@@ -309,4 +309,5 @@ const (
 	SYS_LANDLOCK_CREATE_RULESET = 444
 	SYS_LANDLOCK_ADD_RULE       = 445
 	SYS_LANDLOCK_RESTRICT_SELF  = 446
+	SYS_PROCESS_MRELEASE        = 448
 )
diff --git a/vendor/golang.org/x/sys/unix/zsysnum_linux_s390x.go b/vendor/golang.org/x/sys/unix/zsysnum_linux_s390x.go
index 3e791e6cd22..913f50f98b9 100644
--- a/vendor/golang.org/x/sys/unix/zsysnum_linux_s390x.go
+++ b/vendor/golang.org/x/sys/unix/zsysnum_linux_s390x.go
@@ -372,4 +372,5 @@ const (
 	SYS_LANDLOCK_CREATE_RULESET = 444
 	SYS_LANDLOCK_ADD_RULE       = 445
 	SYS_LANDLOCK_RESTRICT_SELF  = 446
+	SYS_PROCESS_MRELEASE        = 448
 )
diff --git a/vendor/golang.org/x/sys/unix/zsysnum_linux_sparc64.go b/vendor/golang.org/x/sys/unix/zsysnum_linux_sparc64.go
index 78802a5cf7c..0de03a7227c 100644
--- a/vendor/golang.org/x/sys/unix/zsysnum_linux_sparc64.go
+++ b/vendor/golang.org/x/sys/unix/zsysnum_linux_sparc64.go
@@ -386,4 +386,5 @@ const (
 	SYS_LANDLOCK_CREATE_RULESET = 444
 	SYS_LANDLOCK_ADD_RULE       = 445
 	SYS_LANDLOCK_RESTRICT_SELF  = 446
+	SYS_PROCESS_MRELEASE        = 448
 )
diff --git a/vendor/golang.org/x/sys/unix/ztypes_darwin_amd64.go b/vendor/golang.org/x/sys/unix/ztypes_darwin_amd64.go
index 7efe5ccba33..885842c0eb4 100644
--- a/vendor/golang.org/x/sys/unix/ztypes_darwin_amd64.go
+++ b/vendor/golang.org/x/sys/unix/ztypes_darwin_amd64.go
@@ -641,13 +641,13 @@ type Eproc struct {
 	Tdev    int32
 	Tpgid   int32
 	Tsess   uintptr
-	Wmesg   [8]int8
+	Wmesg   [8]byte
 	Xsize   int32
 	Xrssize int16
 	Xccount int16
 	Xswrss  int16
 	Flag    int32
-	Login   [12]int8
+	Login   [12]byte
 	Spare   [4]int32
 	_       [4]byte
 }
@@ -688,7 +688,7 @@ type ExternProc struct {
 	P_priority  uint8
 	P_usrpri    uint8
 	P_nice      int8
-	P_comm      [17]int8
+	P_comm      [17]byte
 	P_pgrp      uintptr
 	P_addr      uintptr
 	P_xstat     uint16
diff --git a/vendor/golang.org/x/sys/unix/ztypes_darwin_arm64.go b/vendor/golang.org/x/sys/unix/ztypes_darwin_arm64.go
index b23a2efe81b..b23c02337db 100644
--- a/vendor/golang.org/x/sys/unix/ztypes_darwin_arm64.go
+++ b/vendor/golang.org/x/sys/unix/ztypes_darwin_arm64.go
@@ -641,13 +641,13 @@ type Eproc struct {
 	Tdev    int32
 	Tpgid   int32
 	Tsess   uintptr
-	Wmesg   [8]int8
+	Wmesg   [8]byte
 	Xsize   int32
 	Xrssize int16
 	Xccount int16
 	Xswrss  int16
 	Flag    int32
-	Login   [12]int8
+	Login   [12]byte
 	Spare   [4]int32
 	_       [4]byte
 }
@@ -688,7 +688,7 @@ type ExternProc struct {
 	P_priority  uint8
 	P_usrpri    uint8
 	P_nice      int8
-	P_comm      [17]int8
+	P_comm      [17]byte
 	P_pgrp      uintptr
 	P_addr      uintptr
 	P_xstat     uint16
diff --git a/vendor/golang.org/x/sys/unix/ztypes_linux.go b/vendor/golang.org/x/sys/unix/ztypes_linux.go
index 249ecfcd4cc..37b521436bc 100644
--- a/vendor/golang.org/x/sys/unix/ztypes_linux.go
+++ b/vendor/golang.org/x/sys/unix/ztypes_linux.go
@@ -1,4 +1,4 @@
-// Code generated by mkmerge.go; DO NOT EDIT.
+// Code generated by mkmerge; DO NOT EDIT.
 
 //go:build linux
 // +build linux
@@ -743,6 +743,8 @@ const (
 	AT_STATX_FORCE_SYNC   = 0x2000
 	AT_STATX_DONT_SYNC    = 0x4000
 
+	AT_RECURSIVE = 0x8000
+
 	AT_SYMLINK_FOLLOW   = 0x400
 	AT_SYMLINK_NOFOLLOW = 0x100
 
@@ -3264,7 +3266,8 @@ const (
 	LWTUNNEL_ENCAP_BPF        = 0x6
 	LWTUNNEL_ENCAP_SEG6_LOCAL = 0x7
 	LWTUNNEL_ENCAP_RPL        = 0x8
-	LWTUNNEL_ENCAP_MAX        = 0x8
+	LWTUNNEL_ENCAP_IOAM6      = 0x9
+	LWTUNNEL_ENCAP_MAX        = 0x9
 
 	MPLS_IPTUNNEL_UNSPEC = 0x0
 	MPLS_IPTUNNEL_DST    = 0x1
@@ -3617,7 +3620,9 @@ const (
 	ETHTOOL_A_COALESCE_TX_USECS_HIGH          = 0x15
 	ETHTOOL_A_COALESCE_TX_MAX_FRAMES_HIGH     = 0x16
 	ETHTOOL_A_COALESCE_RATE_SAMPLE_INTERVAL   = 0x17
-	ETHTOOL_A_COALESCE_MAX                    = 0x17
+	ETHTOOL_A_COALESCE_USE_CQE_MODE_TX        = 0x18
+	ETHTOOL_A_COALESCE_USE_CQE_MODE_RX        = 0x19
+	ETHTOOL_A_COALESCE_MAX                    = 0x19
 	ETHTOOL_A_PAUSE_UNSPEC                    = 0x0
 	ETHTOOL_A_PAUSE_HEADER                    = 0x1
 	ETHTOOL_A_PAUSE_AUTONEG                   = 0x2
@@ -3956,3 +3961,10 @@ const (
 	SHM_RDONLY = 0x1000
 	SHM_RND    = 0x2000
 )
+
+type MountAttr struct {
+	Attr_set    uint64
+	Attr_clr    uint64
+	Propagation uint64
+	Userns_fd   uint64
+}
diff --git a/vendor/golang.org/x/sys/unix/ztypes_linux_386.go b/vendor/golang.org/x/sys/unix/ztypes_linux_386.go
index eeeb9aa39ac..bea2549455e 100644
--- a/vendor/golang.org/x/sys/unix/ztypes_linux_386.go
+++ b/vendor/golang.org/x/sys/unix/ztypes_linux_386.go
@@ -1,4 +1,4 @@
-// cgo -godefs -- -Wall -Werror -static -I/tmp/include -m32 /build/linux/types.go | go run mkpost.go
+// cgo -godefs -- -Wall -Werror -static -I/tmp/include -m32 /build/unix/linux/types.go | go run mkpost.go
 // Code generated by the command above; see README.md. DO NOT EDIT.
 
 //go:build 386 && linux
diff --git a/vendor/golang.org/x/sys/unix/ztypes_linux_amd64.go b/vendor/golang.org/x/sys/unix/ztypes_linux_amd64.go
index d30e1155cc0..b8c8f289433 100644
--- a/vendor/golang.org/x/sys/unix/ztypes_linux_amd64.go
+++ b/vendor/golang.org/x/sys/unix/ztypes_linux_amd64.go
@@ -1,4 +1,4 @@
-// cgo -godefs -- -Wall -Werror -static -I/tmp/include -m64 /build/linux/types.go | go run mkpost.go
+// cgo -godefs -- -Wall -Werror -static -I/tmp/include -m64 /build/unix/linux/types.go | go run mkpost.go
 // Code generated by the command above; see README.md. DO NOT EDIT.
 
 //go:build amd64 && linux
diff --git a/vendor/golang.org/x/sys/unix/ztypes_linux_arm.go b/vendor/golang.org/x/sys/unix/ztypes_linux_arm.go
index 69d0297520c..4db44301632 100644
--- a/vendor/golang.org/x/sys/unix/ztypes_linux_arm.go
+++ b/vendor/golang.org/x/sys/unix/ztypes_linux_arm.go
@@ -1,4 +1,4 @@
-// cgo -godefs -- -Wall -Werror -static -I/tmp/include /build/linux/types.go | go run mkpost.go
+// cgo -godefs -- -Wall -Werror -static -I/tmp/include /build/unix/linux/types.go | go run mkpost.go
 // Code generated by the command above; see README.md. DO NOT EDIT.
 
 //go:build arm && linux
diff --git a/vendor/golang.org/x/sys/unix/ztypes_linux_arm64.go b/vendor/golang.org/x/sys/unix/ztypes_linux_arm64.go
index 28a0455bc9d..3ebcad8a887 100644
--- a/vendor/golang.org/x/sys/unix/ztypes_linux_arm64.go
+++ b/vendor/golang.org/x/sys/unix/ztypes_linux_arm64.go
@@ -1,4 +1,4 @@
-// cgo -godefs -- -Wall -Werror -static -I/tmp/include -fsigned-char /build/linux/types.go | go run mkpost.go
+// cgo -godefs -- -Wall -Werror -static -I/tmp/include -fsigned-char /build/unix/linux/types.go | go run mkpost.go
 // Code generated by the command above; see README.md. DO NOT EDIT.
 
 //go:build arm64 && linux
diff --git a/vendor/golang.org/x/sys/unix/ztypes_linux_mips.go b/vendor/golang.org/x/sys/unix/ztypes_linux_mips.go
index 64a845483db..3eb33e48ab5 100644
--- a/vendor/golang.org/x/sys/unix/ztypes_linux_mips.go
+++ b/vendor/golang.org/x/sys/unix/ztypes_linux_mips.go
@@ -1,4 +1,4 @@
-// cgo -godefs -- -Wall -Werror -static -I/tmp/include /build/linux/types.go | go run mkpost.go
+// cgo -godefs -- -Wall -Werror -static -I/tmp/include /build/unix/linux/types.go | go run mkpost.go
 // Code generated by the command above; see README.md. DO NOT EDIT.
 
 //go:build mips && linux
diff --git a/vendor/golang.org/x/sys/unix/ztypes_linux_mips64.go b/vendor/golang.org/x/sys/unix/ztypes_linux_mips64.go
index a1b7dee4123..79a94467252 100644
--- a/vendor/golang.org/x/sys/unix/ztypes_linux_mips64.go
+++ b/vendor/golang.org/x/sys/unix/ztypes_linux_mips64.go
@@ -1,4 +1,4 @@
-// cgo -godefs -- -Wall -Werror -static -I/tmp/include /build/linux/types.go | go run mkpost.go
+// cgo -godefs -- -Wall -Werror -static -I/tmp/include /build/unix/linux/types.go | go run mkpost.go
 // Code generated by the command above; see README.md. DO NOT EDIT.
 
 //go:build mips64 && linux
diff --git a/vendor/golang.org/x/sys/unix/ztypes_linux_mips64le.go b/vendor/golang.org/x/sys/unix/ztypes_linux_mips64le.go
index 936fa6a266f..8f4b107cad3 100644
--- a/vendor/golang.org/x/sys/unix/ztypes_linux_mips64le.go
+++ b/vendor/golang.org/x/sys/unix/ztypes_linux_mips64le.go
@@ -1,4 +1,4 @@
-// cgo -godefs -- -Wall -Werror -static -I/tmp/include /build/linux/types.go | go run mkpost.go
+// cgo -godefs -- -Wall -Werror -static -I/tmp/include /build/unix/linux/types.go | go run mkpost.go
 // Code generated by the command above; see README.md. DO NOT EDIT.
 
 //go:build mips64le && linux
diff --git a/vendor/golang.org/x/sys/unix/ztypes_linux_mipsle.go b/vendor/golang.org/x/sys/unix/ztypes_linux_mipsle.go
index 5dd546fbf07..e4eb2179811 100644
--- a/vendor/golang.org/x/sys/unix/ztypes_linux_mipsle.go
+++ b/vendor/golang.org/x/sys/unix/ztypes_linux_mipsle.go
@@ -1,4 +1,4 @@
-// cgo -godefs -- -Wall -Werror -static -I/tmp/include /build/linux/types.go | go run mkpost.go
+// cgo -godefs -- -Wall -Werror -static -I/tmp/include /build/unix/linux/types.go | go run mkpost.go
 // Code generated by the command above; see README.md. DO NOT EDIT.
 
 //go:build mipsle && linux
diff --git a/vendor/golang.org/x/sys/unix/ztypes_linux_ppc.go b/vendor/golang.org/x/sys/unix/ztypes_linux_ppc.go
index 947b32e434b..d5b21f0f7da 100644
--- a/vendor/golang.org/x/sys/unix/ztypes_linux_ppc.go
+++ b/vendor/golang.org/x/sys/unix/ztypes_linux_ppc.go
@@ -1,4 +1,4 @@
-// cgo -godefs -- -Wall -Werror -static -I/tmp/include /build/linux/types.go | go run mkpost.go
+// cgo -godefs -- -Wall -Werror -static -I/tmp/include /build/unix/linux/types.go | go run mkpost.go
 // Code generated by the command above; see README.md. DO NOT EDIT.
 
 //go:build ppc && linux
diff --git a/vendor/golang.org/x/sys/unix/ztypes_linux_ppc64.go b/vendor/golang.org/x/sys/unix/ztypes_linux_ppc64.go
index 2a606151b0c..5188d142b9f 100644
--- a/vendor/golang.org/x/sys/unix/ztypes_linux_ppc64.go
+++ b/vendor/golang.org/x/sys/unix/ztypes_linux_ppc64.go
@@ -1,4 +1,4 @@
-// cgo -godefs -- -Wall -Werror -static -I/tmp/include /build/linux/types.go | go run mkpost.go
+// cgo -godefs -- -Wall -Werror -static -I/tmp/include /build/unix/linux/types.go | go run mkpost.go
 // Code generated by the command above; see README.md. DO NOT EDIT.
 
 //go:build ppc64 && linux
diff --git a/vendor/golang.org/x/sys/unix/ztypes_linux_ppc64le.go b/vendor/golang.org/x/sys/unix/ztypes_linux_ppc64le.go
index d0d735d02cd..de4dd4c736e 100644
--- a/vendor/golang.org/x/sys/unix/ztypes_linux_ppc64le.go
+++ b/vendor/golang.org/x/sys/unix/ztypes_linux_ppc64le.go
@@ -1,4 +1,4 @@
-// cgo -godefs -- -Wall -Werror -static -I/tmp/include /build/linux/types.go | go run mkpost.go
+// cgo -godefs -- -Wall -Werror -static -I/tmp/include /build/unix/linux/types.go | go run mkpost.go
 // Code generated by the command above; see README.md. DO NOT EDIT.
 
 //go:build ppc64le && linux
diff --git a/vendor/golang.org/x/sys/unix/ztypes_linux_riscv64.go b/vendor/golang.org/x/sys/unix/ztypes_linux_riscv64.go
index 95e3d6d06fc..dccbf9b0604 100644
--- a/vendor/golang.org/x/sys/unix/ztypes_linux_riscv64.go
+++ b/vendor/golang.org/x/sys/unix/ztypes_linux_riscv64.go
@@ -1,4 +1,4 @@
-// cgo -godefs -- -Wall -Werror -static -I/tmp/include /build/linux/types.go | go run mkpost.go
+// cgo -godefs -- -Wall -Werror -static -I/tmp/include /build/unix/linux/types.go | go run mkpost.go
 // Code generated by the command above; see README.md. DO NOT EDIT.
 
 //go:build riscv64 && linux
diff --git a/vendor/golang.org/x/sys/unix/ztypes_linux_s390x.go b/vendor/golang.org/x/sys/unix/ztypes_linux_s390x.go
index cccf1ef26a6..6358806106f 100644
--- a/vendor/golang.org/x/sys/unix/ztypes_linux_s390x.go
+++ b/vendor/golang.org/x/sys/unix/ztypes_linux_s390x.go
@@ -1,4 +1,4 @@
-// cgo -godefs -- -Wall -Werror -static -I/tmp/include -fsigned-char /build/linux/types.go | go run mkpost.go
+// cgo -godefs -- -Wall -Werror -static -I/tmp/include -fsigned-char /build/unix/linux/types.go | go run mkpost.go
 // Code generated by the command above; see README.md. DO NOT EDIT.
 
 //go:build s390x && linux
diff --git a/vendor/golang.org/x/sys/unix/ztypes_linux_sparc64.go b/vendor/golang.org/x/sys/unix/ztypes_linux_sparc64.go
index 44fcbe4e9a1..765edc13ff2 100644
--- a/vendor/golang.org/x/sys/unix/ztypes_linux_sparc64.go
+++ b/vendor/golang.org/x/sys/unix/ztypes_linux_sparc64.go
@@ -1,4 +1,4 @@
-// cgo -godefs -- -Wall -Werror -static -I/tmp/include /build/linux/types.go | go run mkpost.go
+// cgo -godefs -- -Wall -Werror -static -I/tmp/include /build/unix/linux/types.go | go run mkpost.go
 // Code generated by the command above; see README.md. DO NOT EDIT.
 
 //go:build sparc64 && linux
diff --git a/vendor/golang.org/x/sys/unix/ztypes_openbsd_386.go b/vendor/golang.org/x/sys/unix/ztypes_openbsd_386.go
index 2a8b1e6f73f..baf5fe65044 100644
--- a/vendor/golang.org/x/sys/unix/ztypes_openbsd_386.go
+++ b/vendor/golang.org/x/sys/unix/ztypes_openbsd_386.go
@@ -564,12 +564,11 @@ type Uvmexp struct {
 	Kmapent            int32
 }
 
-const SizeofClockinfo = 0x14
+const SizeofClockinfo = 0x10
 
 type Clockinfo struct {
-	Hz      int32
-	Tick    int32
-	Tickadj int32
-	Stathz  int32
-	Profhz  int32
+	Hz     int32
+	Tick   int32
+	Stathz int32
+	Profhz int32
 }
diff --git a/vendor/golang.org/x/sys/unix/ztypes_openbsd_amd64.go b/vendor/golang.org/x/sys/unix/ztypes_openbsd_amd64.go
index b1759cf705c..e21ae8ecfa6 100644
--- a/vendor/golang.org/x/sys/unix/ztypes_openbsd_amd64.go
+++ b/vendor/golang.org/x/sys/unix/ztypes_openbsd_amd64.go
@@ -564,12 +564,11 @@ type Uvmexp struct {
 	Kmapent            int32
 }
 
-const SizeofClockinfo = 0x14
+const SizeofClockinfo = 0x10
 
 type Clockinfo struct {
-	Hz      int32
-	Tick    int32
-	Tickadj int32
-	Stathz  int32
-	Profhz  int32
+	Hz     int32
+	Tick   int32
+	Stathz int32
+	Profhz int32
 }
diff --git a/vendor/golang.org/x/sys/unix/ztypes_openbsd_arm.go b/vendor/golang.org/x/sys/unix/ztypes_openbsd_arm.go
index e807de2065c..f190651cd96 100644
--- a/vendor/golang.org/x/sys/unix/ztypes_openbsd_arm.go
+++ b/vendor/golang.org/x/sys/unix/ztypes_openbsd_arm.go
@@ -565,12 +565,11 @@ type Uvmexp struct {
 	Kmapent            int32
 }
 
-const SizeofClockinfo = 0x14
+const SizeofClockinfo = 0x10
 
 type Clockinfo struct {
-	Hz      int32
-	Tick    int32
-	Tickadj int32
-	Stathz  int32
-	Profhz  int32
+	Hz     int32
+	Tick   int32
+	Stathz int32
+	Profhz int32
 }
diff --git a/vendor/golang.org/x/sys/unix/ztypes_openbsd_arm64.go b/vendor/golang.org/x/sys/unix/ztypes_openbsd_arm64.go
index ff3aecaee40..84747c582cf 100644
--- a/vendor/golang.org/x/sys/unix/ztypes_openbsd_arm64.go
+++ b/vendor/golang.org/x/sys/unix/ztypes_openbsd_arm64.go
@@ -558,12 +558,11 @@ type Uvmexp struct {
 	Kmapent            int32
 }
 
-const SizeofClockinfo = 0x14
+const SizeofClockinfo = 0x10
 
 type Clockinfo struct {
-	Hz      int32
-	Tick    int32
-	Tickadj int32
-	Stathz  int32
-	Profhz  int32
+	Hz     int32
+	Tick   int32
+	Stathz int32
+	Profhz int32
 }
diff --git a/vendor/golang.org/x/sys/unix/ztypes_openbsd_mips64.go b/vendor/golang.org/x/sys/unix/ztypes_openbsd_mips64.go
index 9ecda69174c..ac5c8b6370b 100644
--- a/vendor/golang.org/x/sys/unix/ztypes_openbsd_mips64.go
+++ b/vendor/golang.org/x/sys/unix/ztypes_openbsd_mips64.go
@@ -558,12 +558,11 @@ type Uvmexp struct {
 	Kmapent            int32
 }
 
-const SizeofClockinfo = 0x14
+const SizeofClockinfo = 0x10
 
 type Clockinfo struct {
-	Hz      int32
-	Tick    int32
-	Tickadj int32
-	Stathz  int32
-	Profhz  int32
+	Hz     int32
+	Tick   int32
+	Stathz int32
+	Profhz int32
 }
diff --git a/vendor/golang.org/x/sys/windows/aliases.go b/vendor/golang.org/x/sys/windows/aliases.go
index af3af60db97..a20ebea6331 100644
--- a/vendor/golang.org/x/sys/windows/aliases.go
+++ b/vendor/golang.org/x/sys/windows/aliases.go
@@ -2,8 +2,8 @@
 // Use of this source code is governed by a BSD-style
 // license that can be found in the LICENSE file.
 
-// +build windows
-// +build go1.9
+//go:build windows && go1.9
+// +build windows,go1.9
 
 package windows
 
diff --git a/vendor/golang.org/x/sys/windows/eventlog.go b/vendor/golang.org/x/sys/windows/eventlog.go
index 40af946e162..2cd60645ee7 100644
--- a/vendor/golang.org/x/sys/windows/eventlog.go
+++ b/vendor/golang.org/x/sys/windows/eventlog.go
@@ -2,6 +2,7 @@
 // Use of this source code is governed by a BSD-style
 // license that can be found in the LICENSE file.
 
+//go:build windows
 // +build windows
 
 package windows
diff --git a/vendor/golang.org/x/sys/windows/mksyscall.go b/vendor/golang.org/x/sys/windows/mksyscall.go
index 328e3b2ace2..8563f79c57f 100644
--- a/vendor/golang.org/x/sys/windows/mksyscall.go
+++ b/vendor/golang.org/x/sys/windows/mksyscall.go
@@ -2,8 +2,9 @@
 // Use of this source code is governed by a BSD-style
 // license that can be found in the LICENSE file.
 
+//go:build generate
 // +build generate
 
 package windows
 
-//go:generate go run golang.org/x/sys/windows/mkwinsyscall -output zsyscall_windows.go eventlog.go service.go syscall_windows.go security_windows.go
+//go:generate go run golang.org/x/sys/windows/mkwinsyscall -output zsyscall_windows.go eventlog.go service.go syscall_windows.go security_windows.go setupapi_windows.go
diff --git a/vendor/golang.org/x/sys/windows/race.go b/vendor/golang.org/x/sys/windows/race.go
index a74e3e24b55..9196b089ca1 100644
--- a/vendor/golang.org/x/sys/windows/race.go
+++ b/vendor/golang.org/x/sys/windows/race.go
@@ -2,6 +2,7 @@
 // Use of this source code is governed by a BSD-style
 // license that can be found in the LICENSE file.
 
+//go:build windows && race
 // +build windows,race
 
 package windows
diff --git a/vendor/golang.org/x/sys/windows/race0.go b/vendor/golang.org/x/sys/windows/race0.go
index e44a3cbf679..7bae4817a06 100644
--- a/vendor/golang.org/x/sys/windows/race0.go
+++ b/vendor/golang.org/x/sys/windows/race0.go
@@ -2,6 +2,7 @@
 // Use of this source code is governed by a BSD-style
 // license that can be found in the LICENSE file.
 
+//go:build windows && !race
 // +build windows,!race
 
 package windows
diff --git a/vendor/golang.org/x/sys/windows/registry/key.go b/vendor/golang.org/x/sys/windows/registry/key.go
index c256483434f..906325e095a 100644
--- a/vendor/golang.org/x/sys/windows/registry/key.go
+++ b/vendor/golang.org/x/sys/windows/registry/key.go
@@ -2,6 +2,7 @@
 // Use of this source code is governed by a BSD-style
 // license that can be found in the LICENSE file.
 
+//go:build windows
 // +build windows
 
 // Package registry provides access to the Windows registry.
@@ -24,6 +25,7 @@ package registry
 
 import (
 	"io"
+	"runtime"
 	"syscall"
 	"time"
 )
@@ -113,6 +115,13 @@ func OpenRemoteKey(pcname string, k Key) (Key, error) {
 // The parameter n controls the number of returned names,
 // analogous to the way os.File.Readdirnames works.
 func (k Key) ReadSubKeyNames(n int) ([]string, error) {
+	// RegEnumKeyEx must be called repeatedly and to completion.
+	// During this time, this goroutine cannot migrate away from
+	// its current thread. See https://golang.org/issue/49320 and
+	// https://golang.org/issue/49466.
+	runtime.LockOSThread()
+	defer runtime.UnlockOSThread()
+
 	names := make([]string, 0)
 	// Registry key size limit is 255 bytes and described there:
 	// https://msdn.microsoft.com/library/windows/desktop/ms724872.aspx
diff --git a/vendor/golang.org/x/sys/windows/registry/mksyscall.go b/vendor/golang.org/x/sys/windows/registry/mksyscall.go
index 50c32a3f4e1..ee74927d3c6 100644
--- a/vendor/golang.org/x/sys/windows/registry/mksyscall.go
+++ b/vendor/golang.org/x/sys/windows/registry/mksyscall.go
@@ -2,6 +2,7 @@
 // Use of this source code is governed by a BSD-style
 // license that can be found in the LICENSE file.
 
+//go:build generate
 // +build generate
 
 package registry
diff --git a/vendor/golang.org/x/sys/windows/registry/syscall.go b/vendor/golang.org/x/sys/windows/registry/syscall.go
index e66643cbaa6..41733512308 100644
--- a/vendor/golang.org/x/sys/windows/registry/syscall.go
+++ b/vendor/golang.org/x/sys/windows/registry/syscall.go
@@ -2,6 +2,7 @@
 // Use of this source code is governed by a BSD-style
 // license that can be found in the LICENSE file.
 
+//go:build windows
 // +build windows
 
 package registry
diff --git a/vendor/golang.org/x/sys/windows/registry/value.go b/vendor/golang.org/x/sys/windows/registry/value.go
index f25e7e97ae5..2789f6f18d8 100644
--- a/vendor/golang.org/x/sys/windows/registry/value.go
+++ b/vendor/golang.org/x/sys/windows/registry/value.go
@@ -2,6 +2,7 @@
 // Use of this source code is governed by a BSD-style
 // license that can be found in the LICENSE file.
 
+//go:build windows
 // +build windows
 
 package registry
diff --git a/vendor/golang.org/x/sys/windows/service.go b/vendor/golang.org/x/sys/windows/service.go
index b269850d066..f8deca8397a 100644
--- a/vendor/golang.org/x/sys/windows/service.go
+++ b/vendor/golang.org/x/sys/windows/service.go
@@ -2,6 +2,7 @@
 // Use of this source code is governed by a BSD-style
 // license that can be found in the LICENSE file.
 
+//go:build windows
 // +build windows
 
 package windows
@@ -16,8 +17,6 @@ const (
 	SC_MANAGER_ALL_ACCESS         = 0xf003f
 )
 
-//sys	OpenSCManager(machineName *uint16, databaseName *uint16, access uint32) (handle Handle, err error) [failretval==0] = advapi32.OpenSCManagerW
-
 const (
 	SERVICE_KERNEL_DRIVER       = 1
 	SERVICE_FILE_SYSTEM_DRIVER  = 2
@@ -132,6 +131,14 @@ const (
 	SC_EVENT_DATABASE_CHANGE = 0
 	SC_EVENT_PROPERTY_CHANGE = 1
 	SC_EVENT_STATUS_CHANGE   = 2
+
+	SERVICE_START_REASON_DEMAND             = 0x00000001
+	SERVICE_START_REASON_AUTO               = 0x00000002
+	SERVICE_START_REASON_TRIGGER            = 0x00000004
+	SERVICE_START_REASON_RESTART_ON_FAILURE = 0x00000008
+	SERVICE_START_REASON_DELAYEDAUTO        = 0x00000010
+
+	SERVICE_DYNAMIC_INFORMATION_LEVEL_START_REASON = 1
 )
 
 type SERVICE_STATUS struct {
@@ -216,6 +223,7 @@ type QUERY_SERVICE_LOCK_STATUS struct {
 	LockDuration uint32
 }
 
+//sys	OpenSCManager(machineName *uint16, databaseName *uint16, access uint32) (handle Handle, err error) [failretval==0] = advapi32.OpenSCManagerW
 //sys	CloseServiceHandle(handle Handle) (err error) = advapi32.CloseServiceHandle
 //sys	CreateService(mgr Handle, serviceName *uint16, displayName *uint16, access uint32, srvType uint32, startType uint32, errCtl uint32, pathName *uint16, loadOrderGroup *uint16, tagId *uint32, dependencies *uint16, serviceStartName *uint16, password *uint16) (handle Handle, err error) [failretval==0] = advapi32.CreateServiceW
 //sys	OpenService(mgr Handle, serviceName *uint16, access uint32) (handle Handle, err error) [failretval==0] = advapi32.OpenServiceW
@@ -235,3 +243,5 @@ type QUERY_SERVICE_LOCK_STATUS struct {
 //sys	NotifyServiceStatusChange(service Handle, notifyMask uint32, notifier *SERVICE_NOTIFY) (ret error) = advapi32.NotifyServiceStatusChangeW
 //sys	SubscribeServiceChangeNotifications(service Handle, eventType uint32, callback uintptr, callbackCtx uintptr, subscription *uintptr) (ret error) = sechost.SubscribeServiceChangeNotifications?
 //sys	UnsubscribeServiceChangeNotifications(subscription uintptr) = sechost.UnsubscribeServiceChangeNotifications?
+//sys	RegisterServiceCtrlHandlerEx(serviceName *uint16, handlerProc uintptr, context uintptr) (handle Handle, err error) = advapi32.RegisterServiceCtrlHandlerExW
+//sys	QueryServiceDynamicInformation(service Handle, infoLevel uint32, dynamicInfo unsafe.Pointer) (err error) = advapi32.QueryServiceDynamicInformation?
diff --git a/vendor/golang.org/x/sys/windows/setupapi_windows.go b/vendor/golang.org/x/sys/windows/setupapi_windows.go
new file mode 100644
index 00000000000..14027da3f3f
--- /dev/null
+++ b/vendor/golang.org/x/sys/windows/setupapi_windows.go
@@ -0,0 +1,1425 @@
+// Copyright 2021 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+package windows
+
+import (
+	"encoding/binary"
+	"errors"
+	"fmt"
+	"runtime"
+	"strings"
+	"syscall"
+	"unsafe"
+)
+
+// This file contains functions that wrap SetupAPI.dll and CfgMgr32.dll,
+// core system functions for managing hardware devices, drivers, and the PnP tree.
+// Information about these APIs can be found at:
+//     https://docs.microsoft.com/en-us/windows-hardware/drivers/install/setupapi
+//     https://docs.microsoft.com/en-us/windows/win32/devinst/cfgmgr32-
+
+const (
+	ERROR_EXPECTED_SECTION_NAME                  Errno = 0x20000000 | 0xC0000000 | 0
+	ERROR_BAD_SECTION_NAME_LINE                  Errno = 0x20000000 | 0xC0000000 | 1
+	ERROR_SECTION_NAME_TOO_LONG                  Errno = 0x20000000 | 0xC0000000 | 2
+	ERROR_GENERAL_SYNTAX                         Errno = 0x20000000 | 0xC0000000 | 3
+	ERROR_WRONG_INF_STYLE                        Errno = 0x20000000 | 0xC0000000 | 0x100
+	ERROR_SECTION_NOT_FOUND                      Errno = 0x20000000 | 0xC0000000 | 0x101
+	ERROR_LINE_NOT_FOUND                         Errno = 0x20000000 | 0xC0000000 | 0x102
+	ERROR_NO_BACKUP                              Errno = 0x20000000 | 0xC0000000 | 0x103
+	ERROR_NO_ASSOCIATED_CLASS                    Errno = 0x20000000 | 0xC0000000 | 0x200
+	ERROR_CLASS_MISMATCH                         Errno = 0x20000000 | 0xC0000000 | 0x201
+	ERROR_DUPLICATE_FOUND                        Errno = 0x20000000 | 0xC0000000 | 0x202
+	ERROR_NO_DRIVER_SELECTED                     Errno = 0x20000000 | 0xC0000000 | 0x203
+	ERROR_KEY_DOES_NOT_EXIST                     Errno = 0x20000000 | 0xC0000000 | 0x204
+	ERROR_INVALID_DEVINST_NAME                   Errno = 0x20000000 | 0xC0000000 | 0x205
+	ERROR_INVALID_CLASS                          Errno = 0x20000000 | 0xC0000000 | 0x206
+	ERROR_DEVINST_ALREADY_EXISTS                 Errno = 0x20000000 | 0xC0000000 | 0x207
+	ERROR_DEVINFO_NOT_REGISTERED                 Errno = 0x20000000 | 0xC0000000 | 0x208
+	ERROR_INVALID_REG_PROPERTY                   Errno = 0x20000000 | 0xC0000000 | 0x209
+	ERROR_NO_INF                                 Errno = 0x20000000 | 0xC0000000 | 0x20A
+	ERROR_NO_SUCH_DEVINST                        Errno = 0x20000000 | 0xC0000000 | 0x20B
+	ERROR_CANT_LOAD_CLASS_ICON                   Errno = 0x20000000 | 0xC0000000 | 0x20C
+	ERROR_INVALID_CLASS_INSTALLER                Errno = 0x20000000 | 0xC0000000 | 0x20D
+	ERROR_DI_DO_DEFAULT                          Errno = 0x20000000 | 0xC0000000 | 0x20E
+	ERROR_DI_NOFILECOPY                          Errno = 0x20000000 | 0xC0000000 | 0x20F
+	ERROR_INVALID_HWPROFILE                      Errno = 0x20000000 | 0xC0000000 | 0x210
+	ERROR_NO_DEVICE_SELECTED                     Errno = 0x20000000 | 0xC0000000 | 0x211
+	ERROR_DEVINFO_LIST_LOCKED                    Errno = 0x20000000 | 0xC0000000 | 0x212
+	ERROR_DEVINFO_DATA_LOCKED                    Errno = 0x20000000 | 0xC0000000 | 0x213
+	ERROR_DI_BAD_PATH                            Errno = 0x20000000 | 0xC0000000 | 0x214
+	ERROR_NO_CLASSINSTALL_PARAMS                 Errno = 0x20000000 | 0xC0000000 | 0x215
+	ERROR_FILEQUEUE_LOCKED                       Errno = 0x20000000 | 0xC0000000 | 0x216
+	ERROR_BAD_SERVICE_INSTALLSECT                Errno = 0x20000000 | 0xC0000000 | 0x217
+	ERROR_NO_CLASS_DRIVER_LIST                   Errno = 0x20000000 | 0xC0000000 | 0x218
+	ERROR_NO_ASSOCIATED_SERVICE                  Errno = 0x20000000 | 0xC0000000 | 0x219
+	ERROR_NO_DEFAULT_DEVICE_INTERFACE            Errno = 0x20000000 | 0xC0000000 | 0x21A
+	ERROR_DEVICE_INTERFACE_ACTIVE                Errno = 0x20000000 | 0xC0000000 | 0x21B
+	ERROR_DEVICE_INTERFACE_REMOVED               Errno = 0x20000000 | 0xC0000000 | 0x21C
+	ERROR_BAD_INTERFACE_INSTALLSECT              Errno = 0x20000000 | 0xC0000000 | 0x21D
+	ERROR_NO_SUCH_INTERFACE_CLASS                Errno = 0x20000000 | 0xC0000000 | 0x21E
+	ERROR_INVALID_REFERENCE_STRING               Errno = 0x20000000 | 0xC0000000 | 0x21F
+	ERROR_INVALID_MACHINENAME                    Errno = 0x20000000 | 0xC0000000 | 0x220
+	ERROR_REMOTE_COMM_FAILURE                    Errno = 0x20000000 | 0xC0000000 | 0x221
+	ERROR_MACHINE_UNAVAILABLE                    Errno = 0x20000000 | 0xC0000000 | 0x222
+	ERROR_NO_CONFIGMGR_SERVICES                  Errno = 0x20000000 | 0xC0000000 | 0x223
+	ERROR_INVALID_PROPPAGE_PROVIDER              Errno = 0x20000000 | 0xC0000000 | 0x224
+	ERROR_NO_SUCH_DEVICE_INTERFACE               Errno = 0x20000000 | 0xC0000000 | 0x225
+	ERROR_DI_POSTPROCESSING_REQUIRED             Errno = 0x20000000 | 0xC0000000 | 0x226
+	ERROR_INVALID_COINSTALLER                    Errno = 0x20000000 | 0xC0000000 | 0x227
+	ERROR_NO_COMPAT_DRIVERS                      Errno = 0x20000000 | 0xC0000000 | 0x228
+	ERROR_NO_DEVICE_ICON                         Errno = 0x20000000 | 0xC0000000 | 0x229
+	ERROR_INVALID_INF_LOGCONFIG                  Errno = 0x20000000 | 0xC0000000 | 0x22A
+	ERROR_DI_DONT_INSTALL                        Errno = 0x20000000 | 0xC0000000 | 0x22B
+	ERROR_INVALID_FILTER_DRIVER                  Errno = 0x20000000 | 0xC0000000 | 0x22C
+	ERROR_NON_WINDOWS_NT_DRIVER                  Errno = 0x20000000 | 0xC0000000 | 0x22D
+	ERROR_NON_WINDOWS_DRIVER                     Errno = 0x20000000 | 0xC0000000 | 0x22E
+	ERROR_NO_CATALOG_FOR_OEM_INF                 Errno = 0x20000000 | 0xC0000000 | 0x22F
+	ERROR_DEVINSTALL_QUEUE_NONNATIVE             Errno = 0x20000000 | 0xC0000000 | 0x230
+	ERROR_NOT_DISABLEABLE                        Errno = 0x20000000 | 0xC0000000 | 0x231
+	ERROR_CANT_REMOVE_DEVINST                    Errno = 0x20000000 | 0xC0000000 | 0x232
+	ERROR_INVALID_TARGET                         Errno = 0x20000000 | 0xC0000000 | 0x233
+	ERROR_DRIVER_NONNATIVE                       Errno = 0x20000000 | 0xC0000000 | 0x234
+	ERROR_IN_WOW64                               Errno = 0x20000000 | 0xC0000000 | 0x235
+	ERROR_SET_SYSTEM_RESTORE_POINT               Errno = 0x20000000 | 0xC0000000 | 0x236
+	ERROR_SCE_DISABLED                           Errno = 0x20000000 | 0xC0000000 | 0x238
+	ERROR_UNKNOWN_EXCEPTION                      Errno = 0x20000000 | 0xC0000000 | 0x239
+	ERROR_PNP_REGISTRY_ERROR                     Errno = 0x20000000 | 0xC0000000 | 0x23A
+	ERROR_REMOTE_REQUEST_UNSUPPORTED             Errno = 0x20000000 | 0xC0000000 | 0x23B
+	ERROR_NOT_AN_INSTALLED_OEM_INF               Errno = 0x20000000 | 0xC0000000 | 0x23C
+	ERROR_INF_IN_USE_BY_DEVICES                  Errno = 0x20000000 | 0xC0000000 | 0x23D
+	ERROR_DI_FUNCTION_OBSOLETE                   Errno = 0x20000000 | 0xC0000000 | 0x23E
+	ERROR_NO_AUTHENTICODE_CATALOG                Errno = 0x20000000 | 0xC0000000 | 0x23F
+	ERROR_AUTHENTICODE_DISALLOWED                Errno = 0x20000000 | 0xC0000000 | 0x240
+	ERROR_AUTHENTICODE_TRUSTED_PUBLISHER         Errno = 0x20000000 | 0xC0000000 | 0x241
+	ERROR_AUTHENTICODE_TRUST_NOT_ESTABLISHED     Errno = 0x20000000 | 0xC0000000 | 0x242
+	ERROR_AUTHENTICODE_PUBLISHER_NOT_TRUSTED     Errno = 0x20000000 | 0xC0000000 | 0x243
+	ERROR_SIGNATURE_OSATTRIBUTE_MISMATCH         Errno = 0x20000000 | 0xC0000000 | 0x244
+	ERROR_ONLY_VALIDATE_VIA_AUTHENTICODE         Errno = 0x20000000 | 0xC0000000 | 0x245
+	ERROR_DEVICE_INSTALLER_NOT_READY             Errno = 0x20000000 | 0xC0000000 | 0x246
+	ERROR_DRIVER_STORE_ADD_FAILED                Errno = 0x20000000 | 0xC0000000 | 0x247
+	ERROR_DEVICE_INSTALL_BLOCKED                 Errno = 0x20000000 | 0xC0000000 | 0x248
+	ERROR_DRIVER_INSTALL_BLOCKED                 Errno = 0x20000000 | 0xC0000000 | 0x249
+	ERROR_WRONG_INF_TYPE                         Errno = 0x20000000 | 0xC0000000 | 0x24A
+	ERROR_FILE_HASH_NOT_IN_CATALOG               Errno = 0x20000000 | 0xC0000000 | 0x24B
+	ERROR_DRIVER_STORE_DELETE_FAILED             Errno = 0x20000000 | 0xC0000000 | 0x24C
+	ERROR_UNRECOVERABLE_STACK_OVERFLOW           Errno = 0x20000000 | 0xC0000000 | 0x300
+	EXCEPTION_SPAPI_UNRECOVERABLE_STACK_OVERFLOW Errno = ERROR_UNRECOVERABLE_STACK_OVERFLOW
+	ERROR_NO_DEFAULT_INTERFACE_DEVICE            Errno = ERROR_NO_DEFAULT_DEVICE_INTERFACE
+	ERROR_INTERFACE_DEVICE_ACTIVE                Errno = ERROR_DEVICE_INTERFACE_ACTIVE
+	ERROR_INTERFACE_DEVICE_REMOVED               Errno = ERROR_DEVICE_INTERFACE_REMOVED
+	ERROR_NO_SUCH_INTERFACE_DEVICE               Errno = ERROR_NO_SUCH_DEVICE_INTERFACE
+)
+
+const (
+	MAX_DEVICE_ID_LEN   = 200
+	MAX_DEVNODE_ID_LEN  = MAX_DEVICE_ID_LEN
+	MAX_GUID_STRING_LEN = 39 // 38 chars + terminator null
+	MAX_CLASS_NAME_LEN  = 32
+	MAX_PROFILE_LEN     = 80
+	MAX_CONFIG_VALUE    = 9999
+	MAX_INSTANCE_VALUE  = 9999
+	CONFIGMG_VERSION    = 0x0400
+)
+
+// Maximum string length constants
+const (
+	LINE_LEN                    = 256  // Windows 9x-compatible maximum for displayable strings coming from a device INF.
+	MAX_INF_STRING_LENGTH       = 4096 // Actual maximum size of an INF string (including string substitutions).
+	MAX_INF_SECTION_NAME_LENGTH = 255  // For Windows 9x compatibility, INF section names should be constrained to 32 characters.
+	MAX_TITLE_LEN               = 60
+	MAX_INSTRUCTION_LEN         = 256
+	MAX_LABEL_LEN               = 30
+	MAX_SERVICE_NAME_LEN        = 256
+	MAX_SUBTITLE_LEN            = 256
+)
+
+const (
+	// SP_MAX_MACHINENAME_LENGTH defines maximum length of a machine name in the format expected by ConfigMgr32 CM_Connect_Machine (i.e., "\\\\MachineName\0").
+	SP_MAX_MACHINENAME_LENGTH = MAX_PATH + 3
+)
+
+// HSPFILEQ is type for setup file queue
+type HSPFILEQ uintptr
+
+// DevInfo holds reference to device information set
+type DevInfo Handle
+
+// DEVINST is a handle usually recognized by cfgmgr32 APIs
+type DEVINST uint32
+
+// DevInfoData is a device information structure (references a device instance that is a member of a device information set)
+type DevInfoData struct {
+	size      uint32
+	ClassGUID GUID
+	DevInst   DEVINST
+	_         uintptr
+}
+
+// DevInfoListDetailData is a structure for detailed information on a device information set (used for SetupDiGetDeviceInfoListDetail which supersedes the functionality of SetupDiGetDeviceInfoListClass).
+type DevInfoListDetailData struct {
+	size                uint32 // Use unsafeSizeOf method
+	ClassGUID           GUID
+	RemoteMachineHandle Handle
+	remoteMachineName   [SP_MAX_MACHINENAME_LENGTH]uint16
+}
+
+func (*DevInfoListDetailData) unsafeSizeOf() uint32 {
+	if unsafe.Sizeof(uintptr(0)) == 4 {
+		// Windows declares this with pshpack1.h
+		return uint32(unsafe.Offsetof(DevInfoListDetailData{}.remoteMachineName) + unsafe.Sizeof(DevInfoListDetailData{}.remoteMachineName))
+	}
+	return uint32(unsafe.Sizeof(DevInfoListDetailData{}))
+}
+
+func (data *DevInfoListDetailData) RemoteMachineName() string {
+	return UTF16ToString(data.remoteMachineName[:])
+}
+
+func (data *DevInfoListDetailData) SetRemoteMachineName(remoteMachineName string) error {
+	str, err := UTF16FromString(remoteMachineName)
+	if err != nil {
+		return err
+	}
+	copy(data.remoteMachineName[:], str)
+	return nil
+}
+
+// DI_FUNCTION is function type for device installer
+type DI_FUNCTION uint32
+
+const (
+	DIF_SELECTDEVICE                   DI_FUNCTION = 0x00000001
+	DIF_INSTALLDEVICE                  DI_FUNCTION = 0x00000002
+	DIF_ASSIGNRESOURCES                DI_FUNCTION = 0x00000003
+	DIF_PROPERTIES                     DI_FUNCTION = 0x00000004
+	DIF_REMOVE                         DI_FUNCTION = 0x00000005
+	DIF_FIRSTTIMESETUP                 DI_FUNCTION = 0x00000006
+	DIF_FOUNDDEVICE                    DI_FUNCTION = 0x00000007
+	DIF_SELECTCLASSDRIVERS             DI_FUNCTION = 0x00000008
+	DIF_VALIDATECLASSDRIVERS           DI_FUNCTION = 0x00000009
+	DIF_INSTALLCLASSDRIVERS            DI_FUNCTION = 0x0000000A
+	DIF_CALCDISKSPACE                  DI_FUNCTION = 0x0000000B
+	DIF_DESTROYPRIVATEDATA             DI_FUNCTION = 0x0000000C
+	DIF_VALIDATEDRIVER                 DI_FUNCTION = 0x0000000D
+	DIF_DETECT                         DI_FUNCTION = 0x0000000F
+	DIF_INSTALLWIZARD                  DI_FUNCTION = 0x00000010
+	DIF_DESTROYWIZARDDATA              DI_FUNCTION = 0x00000011
+	DIF_PROPERTYCHANGE                 DI_FUNCTION = 0x00000012
+	DIF_ENABLECLASS                    DI_FUNCTION = 0x00000013
+	DIF_DETECTVERIFY                   DI_FUNCTION = 0x00000014
+	DIF_INSTALLDEVICEFILES             DI_FUNCTION = 0x00000015
+	DIF_UNREMOVE                       DI_FUNCTION = 0x00000016
+	DIF_SELECTBESTCOMPATDRV            DI_FUNCTION = 0x00000017
+	DIF_ALLOW_INSTALL                  DI_FUNCTION = 0x00000018
+	DIF_REGISTERDEVICE                 DI_FUNCTION = 0x00000019
+	DIF_NEWDEVICEWIZARD_PRESELECT      DI_FUNCTION = 0x0000001A
+	DIF_NEWDEVICEWIZARD_SELECT         DI_FUNCTION = 0x0000001B
+	DIF_NEWDEVICEWIZARD_PREANALYZE     DI_FUNCTION = 0x0000001C
+	DIF_NEWDEVICEWIZARD_POSTANALYZE    DI_FUNCTION = 0x0000001D
+	DIF_NEWDEVICEWIZARD_FINISHINSTALL  DI_FUNCTION = 0x0000001E
+	DIF_INSTALLINTERFACES              DI_FUNCTION = 0x00000020
+	DIF_DETECTCANCEL                   DI_FUNCTION = 0x00000021
+	DIF_REGISTER_COINSTALLERS          DI_FUNCTION = 0x00000022
+	DIF_ADDPROPERTYPAGE_ADVANCED       DI_FUNCTION = 0x00000023
+	DIF_ADDPROPERTYPAGE_BASIC          DI_FUNCTION = 0x00000024
+	DIF_TROUBLESHOOTER                 DI_FUNCTION = 0x00000026
+	DIF_POWERMESSAGEWAKE               DI_FUNCTION = 0x00000027
+	DIF_ADDREMOTEPROPERTYPAGE_ADVANCED DI_FUNCTION = 0x00000028
+	DIF_UPDATEDRIVER_UI                DI_FUNCTION = 0x00000029
+	DIF_FINISHINSTALL_ACTION           DI_FUNCTION = 0x0000002A
+)
+
+// DevInstallParams is device installation parameters structure (associated with a particular device information element, or globally with a device information set)
+type DevInstallParams struct {
+	size                     uint32
+	Flags                    DI_FLAGS
+	FlagsEx                  DI_FLAGSEX
+	hwndParent               uintptr
+	InstallMsgHandler        uintptr
+	InstallMsgHandlerContext uintptr
+	FileQueue                HSPFILEQ
+	_                        uintptr
+	_                        uint32
+	driverPath               [MAX_PATH]uint16
+}
+
+func (params *DevInstallParams) DriverPath() string {
+	return UTF16ToString(params.driverPath[:])
+}
+
+func (params *DevInstallParams) SetDriverPath(driverPath string) error {
+	str, err := UTF16FromString(driverPath)
+	if err != nil {
+		return err
+	}
+	copy(params.driverPath[:], str)
+	return nil
+}
+
+// DI_FLAGS is SP_DEVINSTALL_PARAMS.Flags values
+type DI_FLAGS uint32
+
+const (
+	// Flags for choosing a device
+	DI_SHOWOEM       DI_FLAGS = 0x00000001 // support Other... button
+	DI_SHOWCOMPAT    DI_FLAGS = 0x00000002 // show compatibility list
+	DI_SHOWCLASS     DI_FLAGS = 0x00000004 // show class list
+	DI_SHOWALL       DI_FLAGS = 0x00000007 // both class & compat list shown
+	DI_NOVCP         DI_FLAGS = 0x00000008 // don't create a new copy queue--use caller-supplied FileQueue
+	DI_DIDCOMPAT     DI_FLAGS = 0x00000010 // Searched for compatible devices
+	DI_DIDCLASS      DI_FLAGS = 0x00000020 // Searched for class devices
+	DI_AUTOASSIGNRES DI_FLAGS = 0x00000040 // No UI for resources if possible
+
+	// Flags returned by DiInstallDevice to indicate need to reboot/restart
+	DI_NEEDRESTART DI_FLAGS = 0x00000080 // Reboot required to take effect
+	DI_NEEDREBOOT  DI_FLAGS = 0x00000100 // ""
+
+	// Flags for device installation
+	DI_NOBROWSE DI_FLAGS = 0x00000200 // no Browse... in InsertDisk
+
+	// Flags set by DiBuildDriverInfoList
+	DI_MULTMFGS DI_FLAGS = 0x00000400 // Set if multiple manufacturers in class driver list
+
+	// Flag indicates that device is disabled
+	DI_DISABLED DI_FLAGS = 0x00000800 // Set if device disabled
+
+	// Flags for Device/Class Properties
+	DI_GENERALPAGE_ADDED  DI_FLAGS = 0x00001000
+	DI_RESOURCEPAGE_ADDED DI_FLAGS = 0x00002000
+
+	// Flag to indicate the setting properties for this Device (or class) caused a change so the Dev Mgr UI probably needs to be updated.
+	DI_PROPERTIES_CHANGE DI_FLAGS = 0x00004000
+
+	// Flag to indicate that the sorting from the INF file should be used.
+	DI_INF_IS_SORTED DI_FLAGS = 0x00008000
+
+	// Flag to indicate that only the the INF specified by SP_DEVINSTALL_PARAMS.DriverPath should be searched.
+	DI_ENUMSINGLEINF DI_FLAGS = 0x00010000
+
+	// Flag that prevents ConfigMgr from removing/re-enumerating devices during device
+	// registration, installation, and deletion.
+	DI_DONOTCALLCONFIGMG DI_FLAGS = 0x00020000
+
+	// The following flag can be used to install a device disabled
+	DI_INSTALLDISABLED DI_FLAGS = 0x00040000
+
+	// Flag that causes SetupDiBuildDriverInfoList to build a device's compatible driver
+	// list from its existing class driver list, instead of the normal INF search.
+	DI_COMPAT_FROM_CLASS DI_FLAGS = 0x00080000
+
+	// This flag is set if the Class Install params should be used.
+	DI_CLASSINSTALLPARAMS DI_FLAGS = 0x00100000
+
+	// This flag is set if the caller of DiCallClassInstaller does NOT want the internal default action performed if the Class installer returns ERROR_DI_DO_DEFAULT.
+	DI_NODI_DEFAULTACTION DI_FLAGS = 0x00200000
+
+	// Flags for device installation
+	DI_QUIETINSTALL        DI_FLAGS = 0x00800000 // don't confuse the user with questions or excess info
+	DI_NOFILECOPY          DI_FLAGS = 0x01000000 // No file Copy necessary
+	DI_FORCECOPY           DI_FLAGS = 0x02000000 // Force files to be copied from install path
+	DI_DRIVERPAGE_ADDED    DI_FLAGS = 0x04000000 // Prop provider added Driver page.
+	DI_USECI_SELECTSTRINGS DI_FLAGS = 0x08000000 // Use Class Installer Provided strings in the Select Device Dlg
+	DI_OVERRIDE_INFFLAGS   DI_FLAGS = 0x10000000 // Override INF flags
+	DI_PROPS_NOCHANGEUSAGE DI_FLAGS = 0x20000000 // No Enable/Disable in General Props
+
+	DI_NOSELECTICONS DI_FLAGS = 0x40000000 // No small icons in select device dialogs
+
+	DI_NOWRITE_IDS DI_FLAGS = 0x80000000 // Don't write HW & Compat IDs on install
+)
+
+// DI_FLAGSEX is SP_DEVINSTALL_PARAMS.FlagsEx values
+type DI_FLAGSEX uint32
+
+const (
+	DI_FLAGSEX_CI_FAILED                DI_FLAGSEX = 0x00000004 // Failed to Load/Call class installer
+	DI_FLAGSEX_FINISHINSTALL_ACTION     DI_FLAGSEX = 0x00000008 // Class/co-installer wants to get a DIF_FINISH_INSTALL action in client context.
+	DI_FLAGSEX_DIDINFOLIST              DI_FLAGSEX = 0x00000010 // Did the Class Info List
+	DI_FLAGSEX_DIDCOMPATINFO            DI_FLAGSEX = 0x00000020 // Did the Compat Info List
+	DI_FLAGSEX_FILTERCLASSES            DI_FLAGSEX = 0x00000040
+	DI_FLAGSEX_SETFAILEDINSTALL         DI_FLAGSEX = 0x00000080
+	DI_FLAGSEX_DEVICECHANGE             DI_FLAGSEX = 0x00000100
+	DI_FLAGSEX_ALWAYSWRITEIDS           DI_FLAGSEX = 0x00000200
+	DI_FLAGSEX_PROPCHANGE_PENDING       DI_FLAGSEX = 0x00000400 // One or more device property sheets have had changes made to them, and need to have a DIF_PROPERTYCHANGE occur.
+	DI_FLAGSEX_ALLOWEXCLUDEDDRVS        DI_FLAGSEX = 0x00000800
+	DI_FLAGSEX_NOUIONQUERYREMOVE        DI_FLAGSEX = 0x00001000
+	DI_FLAGSEX_USECLASSFORCOMPAT        DI_FLAGSEX = 0x00002000 // Use the device's class when building compat drv list. (Ignored if DI_COMPAT_FROM_CLASS flag is specified.)
+	DI_FLAGSEX_NO_DRVREG_MODIFY         DI_FLAGSEX = 0x00008000 // Don't run AddReg and DelReg for device's software (driver) key.
+	DI_FLAGSEX_IN_SYSTEM_SETUP          DI_FLAGSEX = 0x00010000 // Installation is occurring during initial system setup.
+	DI_FLAGSEX_INET_DRIVER              DI_FLAGSEX = 0x00020000 // Driver came from Windows Update
+	DI_FLAGSEX_APPENDDRIVERLIST         DI_FLAGSEX = 0x00040000 // Cause SetupDiBuildDriverInfoList to append a new driver list to an existing list.
+	DI_FLAGSEX_PREINSTALLBACKUP         DI_FLAGSEX = 0x00080000 // not used
+	DI_FLAGSEX_BACKUPONREPLACE          DI_FLAGSEX = 0x00100000 // not used
+	DI_FLAGSEX_DRIVERLIST_FROM_URL      DI_FLAGSEX = 0x00200000 // build driver list from INF(s) retrieved from URL specified in SP_DEVINSTALL_PARAMS.DriverPath (empty string means Windows Update website)
+	DI_FLAGSEX_EXCLUDE_OLD_INET_DRIVERS DI_FLAGSEX = 0x00800000 // Don't include old Internet drivers when building a driver list. Ignored on Windows Vista and later.
+	DI_FLAGSEX_POWERPAGE_ADDED          DI_FLAGSEX = 0x01000000 // class installer added their own power page
+	DI_FLAGSEX_FILTERSIMILARDRIVERS     DI_FLAGSEX = 0x02000000 // only include similar drivers in class list
+	DI_FLAGSEX_INSTALLEDDRIVER          DI_FLAGSEX = 0x04000000 // only add the installed driver to the class or compat driver list.  Used in calls to SetupDiBuildDriverInfoList
+	DI_FLAGSEX_NO_CLASSLIST_NODE_MERGE  DI_FLAGSEX = 0x08000000 // Don't remove identical driver nodes from the class list
+	DI_FLAGSEX_ALTPLATFORM_DRVSEARCH    DI_FLAGSEX = 0x10000000 // Build driver list based on alternate platform information specified in associated file queue
+	DI_FLAGSEX_RESTART_DEVICE_ONLY      DI_FLAGSEX = 0x20000000 // only restart the device drivers are being installed on as opposed to restarting all devices using those drivers.
+	DI_FLAGSEX_RECURSIVESEARCH          DI_FLAGSEX = 0x40000000 // Tell SetupDiBuildDriverInfoList to do a recursive search
+	DI_FLAGSEX_SEARCH_PUBLISHED_INFS    DI_FLAGSEX = 0x80000000 // Tell SetupDiBuildDriverInfoList to do a "published INF" search
+)
+
+// ClassInstallHeader is the first member of any class install parameters structure. It contains the device installation request code that defines the format of the rest of the install parameters structure.
+type ClassInstallHeader struct {
+	size            uint32
+	InstallFunction DI_FUNCTION
+}
+
+func MakeClassInstallHeader(installFunction DI_FUNCTION) *ClassInstallHeader {
+	hdr := &ClassInstallHeader{InstallFunction: installFunction}
+	hdr.size = uint32(unsafe.Sizeof(*hdr))
+	return hdr
+}
+
+// DICS_STATE specifies values indicating a change in a device's state
+type DICS_STATE uint32
+
+const (
+	DICS_ENABLE     DICS_STATE = 0x00000001 // The device is being enabled.
+	DICS_DISABLE    DICS_STATE = 0x00000002 // The device is being disabled.
+	DICS_PROPCHANGE DICS_STATE = 0x00000003 // The properties of the device have changed.
+	DICS_START      DICS_STATE = 0x00000004 // The device is being started (if the request is for the currently active hardware profile).
+	DICS_STOP       DICS_STATE = 0x00000005 // The device is being stopped. The driver stack will be unloaded and the CSCONFIGFLAG_DO_NOT_START flag will be set for the device.
+)
+
+// DICS_FLAG specifies the scope of a device property change
+type DICS_FLAG uint32
+
+const (
+	DICS_FLAG_GLOBAL         DICS_FLAG = 0x00000001 // make change in all hardware profiles
+	DICS_FLAG_CONFIGSPECIFIC DICS_FLAG = 0x00000002 // make change in specified profile only
+	DICS_FLAG_CONFIGGENERAL  DICS_FLAG = 0x00000004 // 1 or more hardware profile-specific changes to follow (obsolete)
+)
+
+// PropChangeParams is a structure corresponding to a DIF_PROPERTYCHANGE install function.
+type PropChangeParams struct {
+	ClassInstallHeader ClassInstallHeader
+	StateChange        DICS_STATE
+	Scope              DICS_FLAG
+	HwProfile          uint32
+}
+
+// DI_REMOVEDEVICE specifies the scope of the device removal
+type DI_REMOVEDEVICE uint32
+
+const (
+	DI_REMOVEDEVICE_GLOBAL         DI_REMOVEDEVICE = 0x00000001 // Make this change in all hardware profiles. Remove information about the device from the registry.
+	DI_REMOVEDEVICE_CONFIGSPECIFIC DI_REMOVEDEVICE = 0x00000002 // Make this change to only the hardware profile specified by HwProfile. this flag only applies to root-enumerated devices. When Windows removes the device from the last hardware profile in which it was configured, Windows performs a global removal.
+)
+
+// RemoveDeviceParams is a structure corresponding to a DIF_REMOVE install function.
+type RemoveDeviceParams struct {
+	ClassInstallHeader ClassInstallHeader
+	Scope              DI_REMOVEDEVICE
+	HwProfile          uint32
+}
+
+// DrvInfoData is driver information structure (member of a driver info list that may be associated with a particular device instance, or (globally) with a device information set)
+type DrvInfoData struct {
+	size          uint32
+	DriverType    uint32
+	_             uintptr
+	description   [LINE_LEN]uint16
+	mfgName       [LINE_LEN]uint16
+	providerName  [LINE_LEN]uint16
+	DriverDate    Filetime
+	DriverVersion uint64
+}
+
+func (data *DrvInfoData) Description() string {
+	return UTF16ToString(data.description[:])
+}
+
+func (data *DrvInfoData) SetDescription(description string) error {
+	str, err := UTF16FromString(description)
+	if err != nil {
+		return err
+	}
+	copy(data.description[:], str)
+	return nil
+}
+
+func (data *DrvInfoData) MfgName() string {
+	return UTF16ToString(data.mfgName[:])
+}
+
+func (data *DrvInfoData) SetMfgName(mfgName string) error {
+	str, err := UTF16FromString(mfgName)
+	if err != nil {
+		return err
+	}
+	copy(data.mfgName[:], str)
+	return nil
+}
+
+func (data *DrvInfoData) ProviderName() string {
+	return UTF16ToString(data.providerName[:])
+}
+
+func (data *DrvInfoData) SetProviderName(providerName string) error {
+	str, err := UTF16FromString(providerName)
+	if err != nil {
+		return err
+	}
+	copy(data.providerName[:], str)
+	return nil
+}
+
+// IsNewer method returns true if DrvInfoData date and version is newer than supplied parameters.
+func (data *DrvInfoData) IsNewer(driverDate Filetime, driverVersion uint64) bool {
+	if data.DriverDate.HighDateTime > driverDate.HighDateTime {
+		return true
+	}
+	if data.DriverDate.HighDateTime < driverDate.HighDateTime {
+		return false
+	}
+
+	if data.DriverDate.LowDateTime > driverDate.LowDateTime {
+		return true
+	}
+	if data.DriverDate.LowDateTime < driverDate.LowDateTime {
+		return false
+	}
+
+	if data.DriverVersion > driverVersion {
+		return true
+	}
+	if data.DriverVersion < driverVersion {
+		return false
+	}
+
+	return false
+}
+
+// DrvInfoDetailData is driver information details structure (provides detailed information about a particular driver information structure)
+type DrvInfoDetailData struct {
+	size            uint32 // Use unsafeSizeOf method
+	InfDate         Filetime
+	compatIDsOffset uint32
+	compatIDsLength uint32
+	_               uintptr
+	sectionName     [LINE_LEN]uint16
+	infFileName     [MAX_PATH]uint16
+	drvDescription  [LINE_LEN]uint16
+	hardwareID      [1]uint16
+}
+
+func (*DrvInfoDetailData) unsafeSizeOf() uint32 {
+	if unsafe.Sizeof(uintptr(0)) == 4 {
+		// Windows declares this with pshpack1.h
+		return uint32(unsafe.Offsetof(DrvInfoDetailData{}.hardwareID) + unsafe.Sizeof(DrvInfoDetailData{}.hardwareID))
+	}
+	return uint32(unsafe.Sizeof(DrvInfoDetailData{}))
+}
+
+func (data *DrvInfoDetailData) SectionName() string {
+	return UTF16ToString(data.sectionName[:])
+}
+
+func (data *DrvInfoDetailData) InfFileName() string {
+	return UTF16ToString(data.infFileName[:])
+}
+
+func (data *DrvInfoDetailData) DrvDescription() string {
+	return UTF16ToString(data.drvDescription[:])
+}
+
+func (data *DrvInfoDetailData) HardwareID() string {
+	if data.compatIDsOffset > 1 {
+		bufW := data.getBuf()
+		return UTF16ToString(bufW[:wcslen(bufW)])
+	}
+
+	return ""
+}
+
+func (data *DrvInfoDetailData) CompatIDs() []string {
+	a := make([]string, 0)
+
+	if data.compatIDsLength > 0 {
+		bufW := data.getBuf()
+		bufW = bufW[data.compatIDsOffset : data.compatIDsOffset+data.compatIDsLength]
+		for i := 0; i < len(bufW); {
+			j := i + wcslen(bufW[i:])
+			if i < j {
+				a = append(a, UTF16ToString(bufW[i:j]))
+			}
+			i = j + 1
+		}
+	}
+
+	return a
+}
+
+func (data *DrvInfoDetailData) getBuf() []uint16 {
+	len := (data.size - uint32(unsafe.Offsetof(data.hardwareID))) / 2
+	sl := struct {
+		addr *uint16
+		len  int
+		cap  int
+	}{&data.hardwareID[0], int(len), int(len)}
+	return *(*[]uint16)(unsafe.Pointer(&sl))
+}
+
+// IsCompatible method tests if given hardware ID matches the driver or is listed on the compatible ID list.
+func (data *DrvInfoDetailData) IsCompatible(hwid string) bool {
+	hwidLC := strings.ToLower(hwid)
+	if strings.ToLower(data.HardwareID()) == hwidLC {
+		return true
+	}
+	a := data.CompatIDs()
+	for i := range a {
+		if strings.ToLower(a[i]) == hwidLC {
+			return true
+		}
+	}
+
+	return false
+}
+
+// DICD flags control SetupDiCreateDeviceInfo
+type DICD uint32
+
+const (
+	DICD_GENERATE_ID       DICD = 0x00000001
+	DICD_INHERIT_CLASSDRVS DICD = 0x00000002
+)
+
+// SUOI flags control SetupUninstallOEMInf
+type SUOI uint32
+
+const (
+	SUOI_FORCEDELETE SUOI = 0x0001
+)
+
+// SPDIT flags to distinguish between class drivers and
+// device drivers. (Passed in 'DriverType' parameter of
+// driver information list APIs)
+type SPDIT uint32
+
+const (
+	SPDIT_NODRIVER     SPDIT = 0x00000000
+	SPDIT_CLASSDRIVER  SPDIT = 0x00000001
+	SPDIT_COMPATDRIVER SPDIT = 0x00000002
+)
+
+// DIGCF flags control what is included in the device information set built by SetupDiGetClassDevs
+type DIGCF uint32
+
+const (
+	DIGCF_DEFAULT         DIGCF = 0x00000001 // only valid with DIGCF_DEVICEINTERFACE
+	DIGCF_PRESENT         DIGCF = 0x00000002
+	DIGCF_ALLCLASSES      DIGCF = 0x00000004
+	DIGCF_PROFILE         DIGCF = 0x00000008
+	DIGCF_DEVICEINTERFACE DIGCF = 0x00000010
+)
+
+// DIREG specifies values for SetupDiCreateDevRegKey, SetupDiOpenDevRegKey, and SetupDiDeleteDevRegKey.
+type DIREG uint32
+
+const (
+	DIREG_DEV  DIREG = 0x00000001 // Open/Create/Delete device key
+	DIREG_DRV  DIREG = 0x00000002 // Open/Create/Delete driver key
+	DIREG_BOTH DIREG = 0x00000004 // Delete both driver and Device key
+)
+
+// SPDRP specifies device registry property codes
+// (Codes marked as read-only (R) may only be used for
+// SetupDiGetDeviceRegistryProperty)
+//
+// These values should cover the same set of registry properties
+// as defined by the CM_DRP codes in cfgmgr32.h.
+//
+// Note that SPDRP codes are zero based while CM_DRP codes are one based!
+type SPDRP uint32
+
+const (
+	SPDRP_DEVICEDESC                  SPDRP = 0x00000000 // DeviceDesc (R/W)
+	SPDRP_HARDWAREID                  SPDRP = 0x00000001 // HardwareID (R/W)
+	SPDRP_COMPATIBLEIDS               SPDRP = 0x00000002 // CompatibleIDs (R/W)
+	SPDRP_SERVICE                     SPDRP = 0x00000004 // Service (R/W)
+	SPDRP_CLASS                       SPDRP = 0x00000007 // Class (R--tied to ClassGUID)
+	SPDRP_CLASSGUID                   SPDRP = 0x00000008 // ClassGUID (R/W)
+	SPDRP_DRIVER                      SPDRP = 0x00000009 // Driver (R/W)
+	SPDRP_CONFIGFLAGS                 SPDRP = 0x0000000A // ConfigFlags (R/W)
+	SPDRP_MFG                         SPDRP = 0x0000000B // Mfg (R/W)
+	SPDRP_FRIENDLYNAME                SPDRP = 0x0000000C // FriendlyName (R/W)
+	SPDRP_LOCATION_INFORMATION        SPDRP = 0x0000000D // LocationInformation (R/W)
+	SPDRP_PHYSICAL_DEVICE_OBJECT_NAME SPDRP = 0x0000000E // PhysicalDeviceObjectName (R)
+	SPDRP_CAPABILITIES                SPDRP = 0x0000000F // Capabilities (R)
+	SPDRP_UI_NUMBER                   SPDRP = 0x00000010 // UiNumber (R)
+	SPDRP_UPPERFILTERS                SPDRP = 0x00000011 // UpperFilters (R/W)
+	SPDRP_LOWERFILTERS                SPDRP = 0x00000012 // LowerFilters (R/W)
+	SPDRP_BUSTYPEGUID                 SPDRP = 0x00000013 // BusTypeGUID (R)
+	SPDRP_LEGACYBUSTYPE               SPDRP = 0x00000014 // LegacyBusType (R)
+	SPDRP_BUSNUMBER                   SPDRP = 0x00000015 // BusNumber (R)
+	SPDRP_ENUMERATOR_NAME             SPDRP = 0x00000016 // Enumerator Name (R)
+	SPDRP_SECURITY                    SPDRP = 0x00000017 // Security (R/W, binary form)
+	SPDRP_SECURITY_SDS                SPDRP = 0x00000018 // Security (W, SDS form)
+	SPDRP_DEVTYPE                     SPDRP = 0x00000019 // Device Type (R/W)
+	SPDRP_EXCLUSIVE                   SPDRP = 0x0000001A // Device is exclusive-access (R/W)
+	SPDRP_CHARACTERISTICS             SPDRP = 0x0000001B // Device Characteristics (R/W)
+	SPDRP_ADDRESS                     SPDRP = 0x0000001C // Device Address (R)
+	SPDRP_UI_NUMBER_DESC_FORMAT       SPDRP = 0x0000001D // UiNumberDescFormat (R/W)
+	SPDRP_DEVICE_POWER_DATA           SPDRP = 0x0000001E // Device Power Data (R)
+	SPDRP_REMOVAL_POLICY              SPDRP = 0x0000001F // Removal Policy (R)
+	SPDRP_REMOVAL_POLICY_HW_DEFAULT   SPDRP = 0x00000020 // Hardware Removal Policy (R)
+	SPDRP_REMOVAL_POLICY_OVERRIDE     SPDRP = 0x00000021 // Removal Policy Override (RW)
+	SPDRP_INSTALL_STATE               SPDRP = 0x00000022 // Device Install State (R)
+	SPDRP_LOCATION_PATHS              SPDRP = 0x00000023 // Device Location Paths (R)
+	SPDRP_BASE_CONTAINERID            SPDRP = 0x00000024 // Base ContainerID (R)
+
+	SPDRP_MAXIMUM_PROPERTY SPDRP = 0x00000025 // Upper bound on ordinals
+)
+
+// DEVPROPTYPE represents the property-data-type identifier that specifies the
+// data type of a device property value in the unified device property model.
+type DEVPROPTYPE uint32
+
+const (
+	DEVPROP_TYPEMOD_ARRAY DEVPROPTYPE = 0x00001000
+	DEVPROP_TYPEMOD_LIST  DEVPROPTYPE = 0x00002000
+
+	DEVPROP_TYPE_EMPTY                      DEVPROPTYPE = 0x00000000
+	DEVPROP_TYPE_NULL                       DEVPROPTYPE = 0x00000001
+	DEVPROP_TYPE_SBYTE                      DEVPROPTYPE = 0x00000002
+	DEVPROP_TYPE_BYTE                       DEVPROPTYPE = 0x00000003
+	DEVPROP_TYPE_INT16                      DEVPROPTYPE = 0x00000004
+	DEVPROP_TYPE_UINT16                     DEVPROPTYPE = 0x00000005
+	DEVPROP_TYPE_INT32                      DEVPROPTYPE = 0x00000006
+	DEVPROP_TYPE_UINT32                     DEVPROPTYPE = 0x00000007
+	DEVPROP_TYPE_INT64                      DEVPROPTYPE = 0x00000008
+	DEVPROP_TYPE_UINT64                     DEVPROPTYPE = 0x00000009
+	DEVPROP_TYPE_FLOAT                      DEVPROPTYPE = 0x0000000A
+	DEVPROP_TYPE_DOUBLE                     DEVPROPTYPE = 0x0000000B
+	DEVPROP_TYPE_DECIMAL                    DEVPROPTYPE = 0x0000000C
+	DEVPROP_TYPE_GUID                       DEVPROPTYPE = 0x0000000D
+	DEVPROP_TYPE_CURRENCY                   DEVPROPTYPE = 0x0000000E
+	DEVPROP_TYPE_DATE                       DEVPROPTYPE = 0x0000000F
+	DEVPROP_TYPE_FILETIME                   DEVPROPTYPE = 0x00000010
+	DEVPROP_TYPE_BOOLEAN                    DEVPROPTYPE = 0x00000011
+	DEVPROP_TYPE_STRING                     DEVPROPTYPE = 0x00000012
+	DEVPROP_TYPE_STRING_LIST                DEVPROPTYPE = DEVPROP_TYPE_STRING | DEVPROP_TYPEMOD_LIST
+	DEVPROP_TYPE_SECURITY_DESCRIPTOR        DEVPROPTYPE = 0x00000013
+	DEVPROP_TYPE_SECURITY_DESCRIPTOR_STRING DEVPROPTYPE = 0x00000014
+	DEVPROP_TYPE_DEVPROPKEY                 DEVPROPTYPE = 0x00000015
+	DEVPROP_TYPE_DEVPROPTYPE                DEVPROPTYPE = 0x00000016
+	DEVPROP_TYPE_BINARY                     DEVPROPTYPE = DEVPROP_TYPE_BYTE | DEVPROP_TYPEMOD_ARRAY
+	DEVPROP_TYPE_ERROR                      DEVPROPTYPE = 0x00000017
+	DEVPROP_TYPE_NTSTATUS                   DEVPROPTYPE = 0x00000018
+	DEVPROP_TYPE_STRING_INDIRECT            DEVPROPTYPE = 0x00000019
+
+	MAX_DEVPROP_TYPE    DEVPROPTYPE = 0x00000019
+	MAX_DEVPROP_TYPEMOD DEVPROPTYPE = 0x00002000
+
+	DEVPROP_MASK_TYPE    DEVPROPTYPE = 0x00000FFF
+	DEVPROP_MASK_TYPEMOD DEVPROPTYPE = 0x0000F000
+)
+
+// DEVPROPGUID specifies a property category.
+type DEVPROPGUID GUID
+
+// DEVPROPID uniquely identifies the property within the property category.
+type DEVPROPID uint32
+
+const DEVPROPID_FIRST_USABLE DEVPROPID = 2
+
+// DEVPROPKEY represents a device property key for a device property in the
+// unified device property model.
+type DEVPROPKEY struct {
+	FmtID DEVPROPGUID
+	PID   DEVPROPID
+}
+
+// CONFIGRET is a return value or error code from cfgmgr32 APIs
+type CONFIGRET uint32
+
+func (ret CONFIGRET) Error() string {
+	if win32Error, ok := ret.Unwrap().(Errno); ok {
+		return fmt.Sprintf("%s (CfgMgr error: 0x%08x)", win32Error.Error(), uint32(ret))
+	}
+	return fmt.Sprintf("CfgMgr error: 0x%08x", uint32(ret))
+}
+
+func (ret CONFIGRET) Win32Error(defaultError Errno) Errno {
+	return cm_MapCrToWin32Err(ret, defaultError)
+}
+
+func (ret CONFIGRET) Unwrap() error {
+	const noMatch = Errno(^uintptr(0))
+	win32Error := ret.Win32Error(noMatch)
+	if win32Error == noMatch {
+		return nil
+	}
+	return win32Error
+}
+
+const (
+	CR_SUCCESS                  CONFIGRET = 0x00000000
+	CR_DEFAULT                  CONFIGRET = 0x00000001
+	CR_OUT_OF_MEMORY            CONFIGRET = 0x00000002
+	CR_INVALID_POINTER          CONFIGRET = 0x00000003
+	CR_INVALID_FLAG             CONFIGRET = 0x00000004
+	CR_INVALID_DEVNODE          CONFIGRET = 0x00000005
+	CR_INVALID_DEVINST                    = CR_INVALID_DEVNODE
+	CR_INVALID_RES_DES          CONFIGRET = 0x00000006
+	CR_INVALID_LOG_CONF         CONFIGRET = 0x00000007
+	CR_INVALID_ARBITRATOR       CONFIGRET = 0x00000008
+	CR_INVALID_NODELIST         CONFIGRET = 0x00000009
+	CR_DEVNODE_HAS_REQS         CONFIGRET = 0x0000000A
+	CR_DEVINST_HAS_REQS                   = CR_DEVNODE_HAS_REQS
+	CR_INVALID_RESOURCEID       CONFIGRET = 0x0000000B
+	CR_DLVXD_NOT_FOUND          CONFIGRET = 0x0000000C
+	CR_NO_SUCH_DEVNODE          CONFIGRET = 0x0000000D
+	CR_NO_SUCH_DEVINST                    = CR_NO_SUCH_DEVNODE
+	CR_NO_MORE_LOG_CONF         CONFIGRET = 0x0000000E
+	CR_NO_MORE_RES_DES          CONFIGRET = 0x0000000F
+	CR_ALREADY_SUCH_DEVNODE     CONFIGRET = 0x00000010
+	CR_ALREADY_SUCH_DEVINST               = CR_ALREADY_SUCH_DEVNODE
+	CR_INVALID_RANGE_LIST       CONFIGRET = 0x00000011
+	CR_INVALID_RANGE            CONFIGRET = 0x00000012
+	CR_FAILURE                  CONFIGRET = 0x00000013
+	CR_NO_SUCH_LOGICAL_DEV      CONFIGRET = 0x00000014
+	CR_CREATE_BLOCKED           CONFIGRET = 0x00000015
+	CR_NOT_SYSTEM_VM            CONFIGRET = 0x00000016
+	CR_REMOVE_VETOED            CONFIGRET = 0x00000017
+	CR_APM_VETOED               CONFIGRET = 0x00000018
+	CR_INVALID_LOAD_TYPE        CONFIGRET = 0x00000019
+	CR_BUFFER_SMALL             CONFIGRET = 0x0000001A
+	CR_NO_ARBITRATOR            CONFIGRET = 0x0000001B
+	CR_NO_REGISTRY_HANDLE       CONFIGRET = 0x0000001C
+	CR_REGISTRY_ERROR           CONFIGRET = 0x0000001D
+	CR_INVALID_DEVICE_ID        CONFIGRET = 0x0000001E
+	CR_INVALID_DATA             CONFIGRET = 0x0000001F
+	CR_INVALID_API              CONFIGRET = 0x00000020
+	CR_DEVLOADER_NOT_READY      CONFIGRET = 0x00000021
+	CR_NEED_RESTART             CONFIGRET = 0x00000022
+	CR_NO_MORE_HW_PROFILES      CONFIGRET = 0x00000023
+	CR_DEVICE_NOT_THERE         CONFIGRET = 0x00000024
+	CR_NO_SUCH_VALUE            CONFIGRET = 0x00000025
+	CR_WRONG_TYPE               CONFIGRET = 0x00000026
+	CR_INVALID_PRIORITY         CONFIGRET = 0x00000027
+	CR_NOT_DISABLEABLE          CONFIGRET = 0x00000028
+	CR_FREE_RESOURCES           CONFIGRET = 0x00000029
+	CR_QUERY_VETOED             CONFIGRET = 0x0000002A
+	CR_CANT_SHARE_IRQ           CONFIGRET = 0x0000002B
+	CR_NO_DEPENDENT             CONFIGRET = 0x0000002C
+	CR_SAME_RESOURCES           CONFIGRET = 0x0000002D
+	CR_NO_SUCH_REGISTRY_KEY     CONFIGRET = 0x0000002E
+	CR_INVALID_MACHINENAME      CONFIGRET = 0x0000002F
+	CR_REMOTE_COMM_FAILURE      CONFIGRET = 0x00000030
+	CR_MACHINE_UNAVAILABLE      CONFIGRET = 0x00000031
+	CR_NO_CM_SERVICES           CONFIGRET = 0x00000032
+	CR_ACCESS_DENIED            CONFIGRET = 0x00000033
+	CR_CALL_NOT_IMPLEMENTED     CONFIGRET = 0x00000034
+	CR_INVALID_PROPERTY         CONFIGRET = 0x00000035
+	CR_DEVICE_INTERFACE_ACTIVE  CONFIGRET = 0x00000036
+	CR_NO_SUCH_DEVICE_INTERFACE CONFIGRET = 0x00000037
+	CR_INVALID_REFERENCE_STRING CONFIGRET = 0x00000038
+	CR_INVALID_CONFLICT_LIST    CONFIGRET = 0x00000039
+	CR_INVALID_INDEX            CONFIGRET = 0x0000003A
+	CR_INVALID_STRUCTURE_SIZE   CONFIGRET = 0x0000003B
+	NUM_CR_RESULTS              CONFIGRET = 0x0000003C
+)
+
+const (
+	CM_GET_DEVICE_INTERFACE_LIST_PRESENT     = 0 // only currently 'live' device interfaces
+	CM_GET_DEVICE_INTERFACE_LIST_ALL_DEVICES = 1 // all registered device interfaces, live or not
+)
+
+const (
+	DN_ROOT_ENUMERATED       = 0x00000001        // Was enumerated by ROOT
+	DN_DRIVER_LOADED         = 0x00000002        // Has Register_Device_Driver
+	DN_ENUM_LOADED           = 0x00000004        // Has Register_Enumerator
+	DN_STARTED               = 0x00000008        // Is currently configured
+	DN_MANUAL                = 0x00000010        // Manually installed
+	DN_NEED_TO_ENUM          = 0x00000020        // May need reenumeration
+	DN_NOT_FIRST_TIME        = 0x00000040        // Has received a config
+	DN_HARDWARE_ENUM         = 0x00000080        // Enum generates hardware ID
+	DN_LIAR                  = 0x00000100        // Lied about can reconfig once
+	DN_HAS_MARK              = 0x00000200        // Not CM_Create_DevInst lately
+	DN_HAS_PROBLEM           = 0x00000400        // Need device installer
+	DN_FILTERED              = 0x00000800        // Is filtered
+	DN_MOVED                 = 0x00001000        // Has been moved
+	DN_DISABLEABLE           = 0x00002000        // Can be disabled
+	DN_REMOVABLE             = 0x00004000        // Can be removed
+	DN_PRIVATE_PROBLEM       = 0x00008000        // Has a private problem
+	DN_MF_PARENT             = 0x00010000        // Multi function parent
+	DN_MF_CHILD              = 0x00020000        // Multi function child
+	DN_WILL_BE_REMOVED       = 0x00040000        // DevInst is being removed
+	DN_NOT_FIRST_TIMEE       = 0x00080000        // Has received a config enumerate
+	DN_STOP_FREE_RES         = 0x00100000        // When child is stopped, free resources
+	DN_REBAL_CANDIDATE       = 0x00200000        // Don't skip during rebalance
+	DN_BAD_PARTIAL           = 0x00400000        // This devnode's log_confs do not have same resources
+	DN_NT_ENUMERATOR         = 0x00800000        // This devnode's is an NT enumerator
+	DN_NT_DRIVER             = 0x01000000        // This devnode's is an NT driver
+	DN_NEEDS_LOCKING         = 0x02000000        // Devnode need lock resume processing
+	DN_ARM_WAKEUP            = 0x04000000        // Devnode can be the wakeup device
+	DN_APM_ENUMERATOR        = 0x08000000        // APM aware enumerator
+	DN_APM_DRIVER            = 0x10000000        // APM aware driver
+	DN_SILENT_INSTALL        = 0x20000000        // Silent install
+	DN_NO_SHOW_IN_DM         = 0x40000000        // No show in device manager
+	DN_BOOT_LOG_PROB         = 0x80000000        // Had a problem during preassignment of boot log conf
+	DN_NEED_RESTART          = DN_LIAR           // System needs to be restarted for this Devnode to work properly
+	DN_DRIVER_BLOCKED        = DN_NOT_FIRST_TIME // One or more drivers are blocked from loading for this Devnode
+	DN_LEGACY_DRIVER         = DN_MOVED          // This device is using a legacy driver
+	DN_CHILD_WITH_INVALID_ID = DN_HAS_MARK       // One or more children have invalid IDs
+	DN_DEVICE_DISCONNECTED   = DN_NEEDS_LOCKING  // The function driver for a device reported that the device is not connected.  Typically this means a wireless device is out of range.
+	DN_QUERY_REMOVE_PENDING  = DN_MF_PARENT      // Device is part of a set of related devices collectively pending query-removal
+	DN_QUERY_REMOVE_ACTIVE   = DN_MF_CHILD       // Device is actively engaged in a query-remove IRP
+	DN_CHANGEABLE_FLAGS      = DN_NOT_FIRST_TIME | DN_HARDWARE_ENUM | DN_HAS_MARK | DN_DISABLEABLE | DN_REMOVABLE | DN_MF_CHILD | DN_MF_PARENT | DN_NOT_FIRST_TIMEE | DN_STOP_FREE_RES | DN_REBAL_CANDIDATE | DN_NT_ENUMERATOR | DN_NT_DRIVER | DN_SILENT_INSTALL | DN_NO_SHOW_IN_DM
+)
+
+//sys	setupDiCreateDeviceInfoListEx(classGUID *GUID, hwndParent uintptr, machineName *uint16, reserved uintptr) (handle DevInfo, err error) [failretval==DevInfo(InvalidHandle)] = setupapi.SetupDiCreateDeviceInfoListExW
+
+// SetupDiCreateDeviceInfoListEx function creates an empty device information set on a remote or a local computer and optionally associates the set with a device setup class.
+func SetupDiCreateDeviceInfoListEx(classGUID *GUID, hwndParent uintptr, machineName string) (deviceInfoSet DevInfo, err error) {
+	var machineNameUTF16 *uint16
+	if machineName != "" {
+		machineNameUTF16, err = UTF16PtrFromString(machineName)
+		if err != nil {
+			return
+		}
+	}
+	return setupDiCreateDeviceInfoListEx(classGUID, hwndParent, machineNameUTF16, 0)
+}
+
+//sys	setupDiGetDeviceInfoListDetail(deviceInfoSet DevInfo, deviceInfoSetDetailData *DevInfoListDetailData) (err error) = setupapi.SetupDiGetDeviceInfoListDetailW
+
+// SetupDiGetDeviceInfoListDetail function retrieves information associated with a device information set including the class GUID, remote computer handle, and remote computer name.
+func SetupDiGetDeviceInfoListDetail(deviceInfoSet DevInfo) (deviceInfoSetDetailData *DevInfoListDetailData, err error) {
+	data := &DevInfoListDetailData{}
+	data.size = data.unsafeSizeOf()
+
+	return data, setupDiGetDeviceInfoListDetail(deviceInfoSet, data)
+}
+
+// DeviceInfoListDetail method retrieves information associated with a device information set including the class GUID, remote computer handle, and remote computer name.
+func (deviceInfoSet DevInfo) DeviceInfoListDetail() (*DevInfoListDetailData, error) {
+	return SetupDiGetDeviceInfoListDetail(deviceInfoSet)
+}
+
+//sys	setupDiCreateDeviceInfo(deviceInfoSet DevInfo, DeviceName *uint16, classGUID *GUID, DeviceDescription *uint16, hwndParent uintptr, CreationFlags DICD, deviceInfoData *DevInfoData) (err error) = setupapi.SetupDiCreateDeviceInfoW
+
+// SetupDiCreateDeviceInfo function creates a new device information element and adds it as a new member to the specified device information set.
+func SetupDiCreateDeviceInfo(deviceInfoSet DevInfo, deviceName string, classGUID *GUID, deviceDescription string, hwndParent uintptr, creationFlags DICD) (deviceInfoData *DevInfoData, err error) {
+	deviceNameUTF16, err := UTF16PtrFromString(deviceName)
+	if err != nil {
+		return
+	}
+
+	var deviceDescriptionUTF16 *uint16
+	if deviceDescription != "" {
+		deviceDescriptionUTF16, err = UTF16PtrFromString(deviceDescription)
+		if err != nil {
+			return
+		}
+	}
+
+	data := &DevInfoData{}
+	data.size = uint32(unsafe.Sizeof(*data))
+
+	return data, setupDiCreateDeviceInfo(deviceInfoSet, deviceNameUTF16, classGUID, deviceDescriptionUTF16, hwndParent, creationFlags, data)
+}
+
+// CreateDeviceInfo method creates a new device information element and adds it as a new member to the specified device information set.
+func (deviceInfoSet DevInfo) CreateDeviceInfo(deviceName string, classGUID *GUID, deviceDescription string, hwndParent uintptr, creationFlags DICD) (*DevInfoData, error) {
+	return SetupDiCreateDeviceInfo(deviceInfoSet, deviceName, classGUID, deviceDescription, hwndParent, creationFlags)
+}
+
+//sys	setupDiEnumDeviceInfo(deviceInfoSet DevInfo, memberIndex uint32, deviceInfoData *DevInfoData) (err error) = setupapi.SetupDiEnumDeviceInfo
+
+// SetupDiEnumDeviceInfo function returns a DevInfoData structure that specifies a device information element in a device information set.
+func SetupDiEnumDeviceInfo(deviceInfoSet DevInfo, memberIndex int) (*DevInfoData, error) {
+	data := &DevInfoData{}
+	data.size = uint32(unsafe.Sizeof(*data))
+
+	return data, setupDiEnumDeviceInfo(deviceInfoSet, uint32(memberIndex), data)
+}
+
+// EnumDeviceInfo method returns a DevInfoData structure that specifies a device information element in a device information set.
+func (deviceInfoSet DevInfo) EnumDeviceInfo(memberIndex int) (*DevInfoData, error) {
+	return SetupDiEnumDeviceInfo(deviceInfoSet, memberIndex)
+}
+
+// SetupDiDestroyDeviceInfoList function deletes a device information set and frees all associated memory.
+//sys	SetupDiDestroyDeviceInfoList(deviceInfoSet DevInfo) (err error) = setupapi.SetupDiDestroyDeviceInfoList
+
+// Close method deletes a device information set and frees all associated memory.
+func (deviceInfoSet DevInfo) Close() error {
+	return SetupDiDestroyDeviceInfoList(deviceInfoSet)
+}
+
+//sys	SetupDiBuildDriverInfoList(deviceInfoSet DevInfo, deviceInfoData *DevInfoData, driverType SPDIT) (err error) = setupapi.SetupDiBuildDriverInfoList
+
+// BuildDriverInfoList method builds a list of drivers that is associated with a specific device or with the global class driver list for a device information set.
+func (deviceInfoSet DevInfo) BuildDriverInfoList(deviceInfoData *DevInfoData, driverType SPDIT) error {
+	return SetupDiBuildDriverInfoList(deviceInfoSet, deviceInfoData, driverType)
+}
+
+//sys	SetupDiCancelDriverInfoSearch(deviceInfoSet DevInfo) (err error) = setupapi.SetupDiCancelDriverInfoSearch
+
+// CancelDriverInfoSearch method cancels a driver list search that is currently in progress in a different thread.
+func (deviceInfoSet DevInfo) CancelDriverInfoSearch() error {
+	return SetupDiCancelDriverInfoSearch(deviceInfoSet)
+}
+
+//sys	setupDiEnumDriverInfo(deviceInfoSet DevInfo, deviceInfoData *DevInfoData, driverType SPDIT, memberIndex uint32, driverInfoData *DrvInfoData) (err error) = setupapi.SetupDiEnumDriverInfoW
+
+// SetupDiEnumDriverInfo function enumerates the members of a driver list.
+func SetupDiEnumDriverInfo(deviceInfoSet DevInfo, deviceInfoData *DevInfoData, driverType SPDIT, memberIndex int) (*DrvInfoData, error) {
+	data := &DrvInfoData{}
+	data.size = uint32(unsafe.Sizeof(*data))
+
+	return data, setupDiEnumDriverInfo(deviceInfoSet, deviceInfoData, driverType, uint32(memberIndex), data)
+}
+
+// EnumDriverInfo method enumerates the members of a driver list.
+func (deviceInfoSet DevInfo) EnumDriverInfo(deviceInfoData *DevInfoData, driverType SPDIT, memberIndex int) (*DrvInfoData, error) {
+	return SetupDiEnumDriverInfo(deviceInfoSet, deviceInfoData, driverType, memberIndex)
+}
+
+//sys	setupDiGetSelectedDriver(deviceInfoSet DevInfo, deviceInfoData *DevInfoData, driverInfoData *DrvInfoData) (err error) = setupapi.SetupDiGetSelectedDriverW
+
+// SetupDiGetSelectedDriver function retrieves the selected driver for a device information set or a particular device information element.
+func SetupDiGetSelectedDriver(deviceInfoSet DevInfo, deviceInfoData *DevInfoData) (*DrvInfoData, error) {
+	data := &DrvInfoData{}
+	data.size = uint32(unsafe.Sizeof(*data))
+
+	return data, setupDiGetSelectedDriver(deviceInfoSet, deviceInfoData, data)
+}
+
+// SelectedDriver method retrieves the selected driver for a device information set or a particular device information element.
+func (deviceInfoSet DevInfo) SelectedDriver(deviceInfoData *DevInfoData) (*DrvInfoData, error) {
+	return SetupDiGetSelectedDriver(deviceInfoSet, deviceInfoData)
+}
+
+//sys	SetupDiSetSelectedDriver(deviceInfoSet DevInfo, deviceInfoData *DevInfoData, driverInfoData *DrvInfoData) (err error) = setupapi.SetupDiSetSelectedDriverW
+
+// SetSelectedDriver method sets, or resets, the selected driver for a device information element or the selected class driver for a device information set.
+func (deviceInfoSet DevInfo) SetSelectedDriver(deviceInfoData *DevInfoData, driverInfoData *DrvInfoData) error {
+	return SetupDiSetSelectedDriver(deviceInfoSet, deviceInfoData, driverInfoData)
+}
+
+//sys	setupDiGetDriverInfoDetail(deviceInfoSet DevInfo, deviceInfoData *DevInfoData, driverInfoData *DrvInfoData, driverInfoDetailData *DrvInfoDetailData, driverInfoDetailDataSize uint32, requiredSize *uint32) (err error) = setupapi.SetupDiGetDriverInfoDetailW
+
+// SetupDiGetDriverInfoDetail function retrieves driver information detail for a device information set or a particular device information element in the device information set.
+func SetupDiGetDriverInfoDetail(deviceInfoSet DevInfo, deviceInfoData *DevInfoData, driverInfoData *DrvInfoData) (*DrvInfoDetailData, error) {
+	reqSize := uint32(2048)
+	for {
+		buf := make([]byte, reqSize)
+		data := (*DrvInfoDetailData)(unsafe.Pointer(&buf[0]))
+		data.size = data.unsafeSizeOf()
+		err := setupDiGetDriverInfoDetail(deviceInfoSet, deviceInfoData, driverInfoData, data, uint32(len(buf)), &reqSize)
+		if err == ERROR_INSUFFICIENT_BUFFER {
+			continue
+		}
+		if err != nil {
+			return nil, err
+		}
+		data.size = reqSize
+		return data, nil
+	}
+}
+
+// DriverInfoDetail method retrieves driver information detail for a device information set or a particular device information element in the device information set.
+func (deviceInfoSet DevInfo) DriverInfoDetail(deviceInfoData *DevInfoData, driverInfoData *DrvInfoData) (*DrvInfoDetailData, error) {
+	return SetupDiGetDriverInfoDetail(deviceInfoSet, deviceInfoData, driverInfoData)
+}
+
+//sys	SetupDiDestroyDriverInfoList(deviceInfoSet DevInfo, deviceInfoData *DevInfoData, driverType SPDIT) (err error) = setupapi.SetupDiDestroyDriverInfoList
+
+// DestroyDriverInfoList method deletes a driver list.
+func (deviceInfoSet DevInfo) DestroyDriverInfoList(deviceInfoData *DevInfoData, driverType SPDIT) error {
+	return SetupDiDestroyDriverInfoList(deviceInfoSet, deviceInfoData, driverType)
+}
+
+//sys	setupDiGetClassDevsEx(classGUID *GUID, Enumerator *uint16, hwndParent uintptr, Flags DIGCF, deviceInfoSet DevInfo, machineName *uint16, reserved uintptr) (handle DevInfo, err error) [failretval==DevInfo(InvalidHandle)] = setupapi.SetupDiGetClassDevsExW
+
+// SetupDiGetClassDevsEx function returns a handle to a device information set that contains requested device information elements for a local or a remote computer.
+func SetupDiGetClassDevsEx(classGUID *GUID, enumerator string, hwndParent uintptr, flags DIGCF, deviceInfoSet DevInfo, machineName string) (handle DevInfo, err error) {
+	var enumeratorUTF16 *uint16
+	if enumerator != "" {
+		enumeratorUTF16, err = UTF16PtrFromString(enumerator)
+		if err != nil {
+			return
+		}
+	}
+	var machineNameUTF16 *uint16
+	if machineName != "" {
+		machineNameUTF16, err = UTF16PtrFromString(machineName)
+		if err != nil {
+			return
+		}
+	}
+	return setupDiGetClassDevsEx(classGUID, enumeratorUTF16, hwndParent, flags, deviceInfoSet, machineNameUTF16, 0)
+}
+
+// SetupDiCallClassInstaller function calls the appropriate class installer, and any registered co-installers, with the specified installation request (DIF code).
+//sys	SetupDiCallClassInstaller(installFunction DI_FUNCTION, deviceInfoSet DevInfo, deviceInfoData *DevInfoData) (err error) = setupapi.SetupDiCallClassInstaller
+
+// CallClassInstaller member calls the appropriate class installer, and any registered co-installers, with the specified installation request (DIF code).
+func (deviceInfoSet DevInfo) CallClassInstaller(installFunction DI_FUNCTION, deviceInfoData *DevInfoData) error {
+	return SetupDiCallClassInstaller(installFunction, deviceInfoSet, deviceInfoData)
+}
+
+// SetupDiOpenDevRegKey function opens a registry key for device-specific configuration information.
+//sys	SetupDiOpenDevRegKey(deviceInfoSet DevInfo, deviceInfoData *DevInfoData, Scope DICS_FLAG, HwProfile uint32, KeyType DIREG, samDesired uint32) (key Handle, err error) [failretval==InvalidHandle] = setupapi.SetupDiOpenDevRegKey
+
+// OpenDevRegKey method opens a registry key for device-specific configuration information.
+func (deviceInfoSet DevInfo) OpenDevRegKey(DeviceInfoData *DevInfoData, Scope DICS_FLAG, HwProfile uint32, KeyType DIREG, samDesired uint32) (Handle, error) {
+	return SetupDiOpenDevRegKey(deviceInfoSet, DeviceInfoData, Scope, HwProfile, KeyType, samDesired)
+}
+
+//sys	setupDiGetDeviceProperty(deviceInfoSet DevInfo, deviceInfoData *DevInfoData, propertyKey *DEVPROPKEY, propertyType *DEVPROPTYPE, propertyBuffer *byte, propertyBufferSize uint32, requiredSize *uint32, flags uint32) (err error) = setupapi.SetupDiGetDevicePropertyW
+
+// SetupDiGetDeviceProperty function retrieves a specified device instance property.
+func SetupDiGetDeviceProperty(deviceInfoSet DevInfo, deviceInfoData *DevInfoData, propertyKey *DEVPROPKEY) (value interface{}, err error) {
+	reqSize := uint32(256)
+	for {
+		var dataType DEVPROPTYPE
+		buf := make([]byte, reqSize)
+		err = setupDiGetDeviceProperty(deviceInfoSet, deviceInfoData, propertyKey, &dataType, &buf[0], uint32(len(buf)), &reqSize, 0)
+		if err == ERROR_INSUFFICIENT_BUFFER {
+			continue
+		}
+		if err != nil {
+			return
+		}
+		switch dataType {
+		case DEVPROP_TYPE_STRING:
+			ret := UTF16ToString(bufToUTF16(buf))
+			runtime.KeepAlive(buf)
+			return ret, nil
+		}
+		return nil, errors.New("unimplemented property type")
+	}
+}
+
+//sys	setupDiGetDeviceRegistryProperty(deviceInfoSet DevInfo, deviceInfoData *DevInfoData, property SPDRP, propertyRegDataType *uint32, propertyBuffer *byte, propertyBufferSize uint32, requiredSize *uint32) (err error) = setupapi.SetupDiGetDeviceRegistryPropertyW
+
+// SetupDiGetDeviceRegistryProperty function retrieves a specified Plug and Play device property.
+func SetupDiGetDeviceRegistryProperty(deviceInfoSet DevInfo, deviceInfoData *DevInfoData, property SPDRP) (value interface{}, err error) {
+	reqSize := uint32(256)
+	for {
+		var dataType uint32
+		buf := make([]byte, reqSize)
+		err = setupDiGetDeviceRegistryProperty(deviceInfoSet, deviceInfoData, property, &dataType, &buf[0], uint32(len(buf)), &reqSize)
+		if err == ERROR_INSUFFICIENT_BUFFER {
+			continue
+		}
+		if err != nil {
+			return
+		}
+		return getRegistryValue(buf[:reqSize], dataType)
+	}
+}
+
+func getRegistryValue(buf []byte, dataType uint32) (interface{}, error) {
+	switch dataType {
+	case REG_SZ:
+		ret := UTF16ToString(bufToUTF16(buf))
+		runtime.KeepAlive(buf)
+		return ret, nil
+	case REG_EXPAND_SZ:
+		value := UTF16ToString(bufToUTF16(buf))
+		if value == "" {
+			return "", nil
+		}
+		p, err := syscall.UTF16PtrFromString(value)
+		if err != nil {
+			return "", err
+		}
+		ret := make([]uint16, 100)
+		for {
+			n, err := ExpandEnvironmentStrings(p, &ret[0], uint32(len(ret)))
+			if err != nil {
+				return "", err
+			}
+			if n <= uint32(len(ret)) {
+				return UTF16ToString(ret[:n]), nil
+			}
+			ret = make([]uint16, n)
+		}
+	case REG_BINARY:
+		return buf, nil
+	case REG_DWORD_LITTLE_ENDIAN:
+		return binary.LittleEndian.Uint32(buf), nil
+	case REG_DWORD_BIG_ENDIAN:
+		return binary.BigEndian.Uint32(buf), nil
+	case REG_MULTI_SZ:
+		bufW := bufToUTF16(buf)
+		a := []string{}
+		for i := 0; i < len(bufW); {
+			j := i + wcslen(bufW[i:])
+			if i < j {
+				a = append(a, UTF16ToString(bufW[i:j]))
+			}
+			i = j + 1
+		}
+		runtime.KeepAlive(buf)
+		return a, nil
+	case REG_QWORD_LITTLE_ENDIAN:
+		return binary.LittleEndian.Uint64(buf), nil
+	default:
+		return nil, fmt.Errorf("Unsupported registry value type: %v", dataType)
+	}
+}
+
+// bufToUTF16 function reinterprets []byte buffer as []uint16
+func bufToUTF16(buf []byte) []uint16 {
+	sl := struct {
+		addr *uint16
+		len  int
+		cap  int
+	}{(*uint16)(unsafe.Pointer(&buf[0])), len(buf) / 2, cap(buf) / 2}
+	return *(*[]uint16)(unsafe.Pointer(&sl))
+}
+
+// utf16ToBuf function reinterprets []uint16 as []byte
+func utf16ToBuf(buf []uint16) []byte {
+	sl := struct {
+		addr *byte
+		len  int
+		cap  int
+	}{(*byte)(unsafe.Pointer(&buf[0])), len(buf) * 2, cap(buf) * 2}
+	return *(*[]byte)(unsafe.Pointer(&sl))
+}
+
+func wcslen(str []uint16) int {
+	for i := 0; i < len(str); i++ {
+		if str[i] == 0 {
+			return i
+		}
+	}
+	return len(str)
+}
+
+// DeviceRegistryProperty method retrieves a specified Plug and Play device property.
+func (deviceInfoSet DevInfo) DeviceRegistryProperty(deviceInfoData *DevInfoData, property SPDRP) (interface{}, error) {
+	return SetupDiGetDeviceRegistryProperty(deviceInfoSet, deviceInfoData, property)
+}
+
+//sys	setupDiSetDeviceRegistryProperty(deviceInfoSet DevInfo, deviceInfoData *DevInfoData, property SPDRP, propertyBuffer *byte, propertyBufferSize uint32) (err error) = setupapi.SetupDiSetDeviceRegistryPropertyW
+
+// SetupDiSetDeviceRegistryProperty function sets a Plug and Play device property for a device.
+func SetupDiSetDeviceRegistryProperty(deviceInfoSet DevInfo, deviceInfoData *DevInfoData, property SPDRP, propertyBuffers []byte) error {
+	return setupDiSetDeviceRegistryProperty(deviceInfoSet, deviceInfoData, property, &propertyBuffers[0], uint32(len(propertyBuffers)))
+}
+
+// SetDeviceRegistryProperty function sets a Plug and Play device property for a device.
+func (deviceInfoSet DevInfo) SetDeviceRegistryProperty(deviceInfoData *DevInfoData, property SPDRP, propertyBuffers []byte) error {
+	return SetupDiSetDeviceRegistryProperty(deviceInfoSet, deviceInfoData, property, propertyBuffers)
+}
+
+// SetDeviceRegistryPropertyString method sets a Plug and Play device property string for a device.
+func (deviceInfoSet DevInfo) SetDeviceRegistryPropertyString(deviceInfoData *DevInfoData, property SPDRP, str string) error {
+	str16, err := UTF16FromString(str)
+	if err != nil {
+		return err
+	}
+	err = SetupDiSetDeviceRegistryProperty(deviceInfoSet, deviceInfoData, property, utf16ToBuf(append(str16, 0)))
+	runtime.KeepAlive(str16)
+	return err
+}
+
+//sys	setupDiGetDeviceInstallParams(deviceInfoSet DevInfo, deviceInfoData *DevInfoData, deviceInstallParams *DevInstallParams) (err error) = setupapi.SetupDiGetDeviceInstallParamsW
+
+// SetupDiGetDeviceInstallParams function retrieves device installation parameters for a device information set or a particular device information element.
+func SetupDiGetDeviceInstallParams(deviceInfoSet DevInfo, deviceInfoData *DevInfoData) (*DevInstallParams, error) {
+	params := &DevInstallParams{}
+	params.size = uint32(unsafe.Sizeof(*params))
+
+	return params, setupDiGetDeviceInstallParams(deviceInfoSet, deviceInfoData, params)
+}
+
+// DeviceInstallParams method retrieves device installation parameters for a device information set or a particular device information element.
+func (deviceInfoSet DevInfo) DeviceInstallParams(deviceInfoData *DevInfoData) (*DevInstallParams, error) {
+	return SetupDiGetDeviceInstallParams(deviceInfoSet, deviceInfoData)
+}
+
+//sys	setupDiGetDeviceInstanceId(deviceInfoSet DevInfo, deviceInfoData *DevInfoData, instanceId *uint16, instanceIdSize uint32, instanceIdRequiredSize *uint32) (err error) = setupapi.SetupDiGetDeviceInstanceIdW
+
+// SetupDiGetDeviceInstanceId function retrieves the instance ID of the device.
+func SetupDiGetDeviceInstanceId(deviceInfoSet DevInfo, deviceInfoData *DevInfoData) (string, error) {
+	reqSize := uint32(1024)
+	for {
+		buf := make([]uint16, reqSize)
+		err := setupDiGetDeviceInstanceId(deviceInfoSet, deviceInfoData, &buf[0], uint32(len(buf)), &reqSize)
+		if err == ERROR_INSUFFICIENT_BUFFER {
+			continue
+		}
+		if err != nil {
+			return "", err
+		}
+		return UTF16ToString(buf), nil
+	}
+}
+
+// DeviceInstanceID method retrieves the instance ID of the device.
+func (deviceInfoSet DevInfo) DeviceInstanceID(deviceInfoData *DevInfoData) (string, error) {
+	return SetupDiGetDeviceInstanceId(deviceInfoSet, deviceInfoData)
+}
+
+// SetupDiGetClassInstallParams function retrieves class installation parameters for a device information set or a particular device information element.
+//sys	SetupDiGetClassInstallParams(deviceInfoSet DevInfo, deviceInfoData *DevInfoData, classInstallParams *ClassInstallHeader, classInstallParamsSize uint32, requiredSize *uint32) (err error) = setupapi.SetupDiGetClassInstallParamsW
+
+// ClassInstallParams method retrieves class installation parameters for a device information set or a particular device information element.
+func (deviceInfoSet DevInfo) ClassInstallParams(deviceInfoData *DevInfoData, classInstallParams *ClassInstallHeader, classInstallParamsSize uint32, requiredSize *uint32) error {
+	return SetupDiGetClassInstallParams(deviceInfoSet, deviceInfoData, classInstallParams, classInstallParamsSize, requiredSize)
+}
+
+//sys	SetupDiSetDeviceInstallParams(deviceInfoSet DevInfo, deviceInfoData *DevInfoData, deviceInstallParams *DevInstallParams) (err error) = setupapi.SetupDiSetDeviceInstallParamsW
+
+// SetDeviceInstallParams member sets device installation parameters for a device information set or a particular device information element.
+func (deviceInfoSet DevInfo) SetDeviceInstallParams(deviceInfoData *DevInfoData, deviceInstallParams *DevInstallParams) error {
+	return SetupDiSetDeviceInstallParams(deviceInfoSet, deviceInfoData, deviceInstallParams)
+}
+
+// SetupDiSetClassInstallParams function sets or clears class install parameters for a device information set or a particular device information element.
+//sys	SetupDiSetClassInstallParams(deviceInfoSet DevInfo, deviceInfoData *DevInfoData, classInstallParams *ClassInstallHeader, classInstallParamsSize uint32) (err error) = setupapi.SetupDiSetClassInstallParamsW
+
+// SetClassInstallParams method sets or clears class install parameters for a device information set or a particular device information element.
+func (deviceInfoSet DevInfo) SetClassInstallParams(deviceInfoData *DevInfoData, classInstallParams *ClassInstallHeader, classInstallParamsSize uint32) error {
+	return SetupDiSetClassInstallParams(deviceInfoSet, deviceInfoData, classInstallParams, classInstallParamsSize)
+}
+
+//sys	setupDiClassNameFromGuidEx(classGUID *GUID, className *uint16, classNameSize uint32, requiredSize *uint32, machineName *uint16, reserved uintptr) (err error) = setupapi.SetupDiClassNameFromGuidExW
+
+// SetupDiClassNameFromGuidEx function retrieves the class name associated with a class GUID. The class can be installed on a local or remote computer.
+func SetupDiClassNameFromGuidEx(classGUID *GUID, machineName string) (className string, err error) {
+	var classNameUTF16 [MAX_CLASS_NAME_LEN]uint16
+
+	var machineNameUTF16 *uint16
+	if machineName != "" {
+		machineNameUTF16, err = UTF16PtrFromString(machineName)
+		if err != nil {
+			return
+		}
+	}
+
+	err = setupDiClassNameFromGuidEx(classGUID, &classNameUTF16[0], MAX_CLASS_NAME_LEN, nil, machineNameUTF16, 0)
+	if err != nil {
+		return
+	}
+
+	className = UTF16ToString(classNameUTF16[:])
+	return
+}
+
+//sys	setupDiClassGuidsFromNameEx(className *uint16, classGuidList *GUID, classGuidListSize uint32, requiredSize *uint32, machineName *uint16, reserved uintptr) (err error) = setupapi.SetupDiClassGuidsFromNameExW
+
+// SetupDiClassGuidsFromNameEx function retrieves the GUIDs associated with the specified class name. This resulting list contains the classes currently installed on a local or remote computer.
+func SetupDiClassGuidsFromNameEx(className string, machineName string) ([]GUID, error) {
+	classNameUTF16, err := UTF16PtrFromString(className)
+	if err != nil {
+		return nil, err
+	}
+
+	var machineNameUTF16 *uint16
+	if machineName != "" {
+		machineNameUTF16, err = UTF16PtrFromString(machineName)
+		if err != nil {
+			return nil, err
+		}
+	}
+
+	reqSize := uint32(4)
+	for {
+		buf := make([]GUID, reqSize)
+		err = setupDiClassGuidsFromNameEx(classNameUTF16, &buf[0], uint32(len(buf)), &reqSize, machineNameUTF16, 0)
+		if err == ERROR_INSUFFICIENT_BUFFER {
+			continue
+		}
+		if err != nil {
+			return nil, err
+		}
+		return buf[:reqSize], nil
+	}
+}
+
+//sys	setupDiGetSelectedDevice(deviceInfoSet DevInfo, deviceInfoData *DevInfoData) (err error) = setupapi.SetupDiGetSelectedDevice
+
+// SetupDiGetSelectedDevice function retrieves the selected device information element in a device information set.
+func SetupDiGetSelectedDevice(deviceInfoSet DevInfo) (*DevInfoData, error) {
+	data := &DevInfoData{}
+	data.size = uint32(unsafe.Sizeof(*data))
+
+	return data, setupDiGetSelectedDevice(deviceInfoSet, data)
+}
+
+// SelectedDevice method retrieves the selected device information element in a device information set.
+func (deviceInfoSet DevInfo) SelectedDevice() (*DevInfoData, error) {
+	return SetupDiGetSelectedDevice(deviceInfoSet)
+}
+
+// SetupDiSetSelectedDevice function sets a device information element as the selected member of a device information set. This function is typically used by an installation wizard.
+//sys	SetupDiSetSelectedDevice(deviceInfoSet DevInfo, deviceInfoData *DevInfoData) (err error) = setupapi.SetupDiSetSelectedDevice
+
+// SetSelectedDevice method sets a device information element as the selected member of a device information set. This function is typically used by an installation wizard.
+func (deviceInfoSet DevInfo) SetSelectedDevice(deviceInfoData *DevInfoData) error {
+	return SetupDiSetSelectedDevice(deviceInfoSet, deviceInfoData)
+}
+
+//sys	setupUninstallOEMInf(infFileName *uint16, flags SUOI, reserved uintptr) (err error) = setupapi.SetupUninstallOEMInfW
+
+// SetupUninstallOEMInf uninstalls the specified driver.
+func SetupUninstallOEMInf(infFileName string, flags SUOI) error {
+	infFileName16, err := UTF16PtrFromString(infFileName)
+	if err != nil {
+		return err
+	}
+	return setupUninstallOEMInf(infFileName16, flags, 0)
+}
+
+//sys cm_MapCrToWin32Err(configRet CONFIGRET, defaultWin32Error Errno) (ret Errno) = CfgMgr32.CM_MapCrToWin32Err
+
+//sys cm_Get_Device_Interface_List_Size(len *uint32, interfaceClass *GUID, deviceID *uint16, flags uint32) (ret CONFIGRET) = CfgMgr32.CM_Get_Device_Interface_List_SizeW
+//sys cm_Get_Device_Interface_List(interfaceClass *GUID, deviceID *uint16, buffer *uint16, bufferLen uint32, flags uint32) (ret CONFIGRET) = CfgMgr32.CM_Get_Device_Interface_ListW
+
+func CM_Get_Device_Interface_List(deviceID string, interfaceClass *GUID, flags uint32) ([]string, error) {
+	deviceID16, err := UTF16PtrFromString(deviceID)
+	if err != nil {
+		return nil, err
+	}
+	var buf []uint16
+	var buflen uint32
+	for {
+		if ret := cm_Get_Device_Interface_List_Size(&buflen, interfaceClass, deviceID16, flags); ret != CR_SUCCESS {
+			return nil, ret
+		}
+		buf = make([]uint16, buflen)
+		if ret := cm_Get_Device_Interface_List(interfaceClass, deviceID16, &buf[0], buflen, flags); ret == CR_SUCCESS {
+			break
+		} else if ret != CR_BUFFER_SMALL {
+			return nil, ret
+		}
+	}
+	var interfaces []string
+	for i := 0; i < len(buf); {
+		j := i + wcslen(buf[i:])
+		if i < j {
+			interfaces = append(interfaces, UTF16ToString(buf[i:j]))
+		}
+		i = j + 1
+	}
+	if interfaces == nil {
+		return nil, ERROR_NO_SUCH_DEVICE_INTERFACE
+	}
+	return interfaces, nil
+}
+
+//sys cm_Get_DevNode_Status(status *uint32, problemNumber *uint32, devInst DEVINST, flags uint32) (ret CONFIGRET) = CfgMgr32.CM_Get_DevNode_Status
+
+func CM_Get_DevNode_Status(status *uint32, problemNumber *uint32, devInst DEVINST, flags uint32) error {
+	ret := cm_Get_DevNode_Status(status, problemNumber, devInst, flags)
+	if ret == CR_SUCCESS {
+		return nil
+	}
+	return ret
+}
diff --git a/vendor/golang.org/x/sys/windows/setupapierrors_windows.go b/vendor/golang.org/x/sys/windows/setupapierrors_windows.go
deleted file mode 100644
index 1681810e048..00000000000
--- a/vendor/golang.org/x/sys/windows/setupapierrors_windows.go
+++ /dev/null
@@ -1,100 +0,0 @@
-// Copyright 2020 The Go Authors. All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-package windows
-
-import "syscall"
-
-const (
-	ERROR_EXPECTED_SECTION_NAME                  syscall.Errno = 0x20000000 | 0xC0000000 | 0
-	ERROR_BAD_SECTION_NAME_LINE                  syscall.Errno = 0x20000000 | 0xC0000000 | 1
-	ERROR_SECTION_NAME_TOO_LONG                  syscall.Errno = 0x20000000 | 0xC0000000 | 2
-	ERROR_GENERAL_SYNTAX                         syscall.Errno = 0x20000000 | 0xC0000000 | 3
-	ERROR_WRONG_INF_STYLE                        syscall.Errno = 0x20000000 | 0xC0000000 | 0x100
-	ERROR_SECTION_NOT_FOUND                      syscall.Errno = 0x20000000 | 0xC0000000 | 0x101
-	ERROR_LINE_NOT_FOUND                         syscall.Errno = 0x20000000 | 0xC0000000 | 0x102
-	ERROR_NO_BACKUP                              syscall.Errno = 0x20000000 | 0xC0000000 | 0x103
-	ERROR_NO_ASSOCIATED_CLASS                    syscall.Errno = 0x20000000 | 0xC0000000 | 0x200
-	ERROR_CLASS_MISMATCH                         syscall.Errno = 0x20000000 | 0xC0000000 | 0x201
-	ERROR_DUPLICATE_FOUND                        syscall.Errno = 0x20000000 | 0xC0000000 | 0x202
-	ERROR_NO_DRIVER_SELECTED                     syscall.Errno = 0x20000000 | 0xC0000000 | 0x203
-	ERROR_KEY_DOES_NOT_EXIST                     syscall.Errno = 0x20000000 | 0xC0000000 | 0x204
-	ERROR_INVALID_DEVINST_NAME                   syscall.Errno = 0x20000000 | 0xC0000000 | 0x205
-	ERROR_INVALID_CLASS                          syscall.Errno = 0x20000000 | 0xC0000000 | 0x206
-	ERROR_DEVINST_ALREADY_EXISTS                 syscall.Errno = 0x20000000 | 0xC0000000 | 0x207
-	ERROR_DEVINFO_NOT_REGISTERED                 syscall.Errno = 0x20000000 | 0xC0000000 | 0x208
-	ERROR_INVALID_REG_PROPERTY                   syscall.Errno = 0x20000000 | 0xC0000000 | 0x209
-	ERROR_NO_INF                                 syscall.Errno = 0x20000000 | 0xC0000000 | 0x20A
-	ERROR_NO_SUCH_DEVINST                        syscall.Errno = 0x20000000 | 0xC0000000 | 0x20B
-	ERROR_CANT_LOAD_CLASS_ICON                   syscall.Errno = 0x20000000 | 0xC0000000 | 0x20C
-	ERROR_INVALID_CLASS_INSTALLER                syscall.Errno = 0x20000000 | 0xC0000000 | 0x20D
-	ERROR_DI_DO_DEFAULT                          syscall.Errno = 0x20000000 | 0xC0000000 | 0x20E
-	ERROR_DI_NOFILECOPY                          syscall.Errno = 0x20000000 | 0xC0000000 | 0x20F
-	ERROR_INVALID_HWPROFILE                      syscall.Errno = 0x20000000 | 0xC0000000 | 0x210
-	ERROR_NO_DEVICE_SELECTED                     syscall.Errno = 0x20000000 | 0xC0000000 | 0x211
-	ERROR_DEVINFO_LIST_LOCKED                    syscall.Errno = 0x20000000 | 0xC0000000 | 0x212
-	ERROR_DEVINFO_DATA_LOCKED                    syscall.Errno = 0x20000000 | 0xC0000000 | 0x213
-	ERROR_DI_BAD_PATH                            syscall.Errno = 0x20000000 | 0xC0000000 | 0x214
-	ERROR_NO_CLASSINSTALL_PARAMS                 syscall.Errno = 0x20000000 | 0xC0000000 | 0x215
-	ERROR_FILEQUEUE_LOCKED                       syscall.Errno = 0x20000000 | 0xC0000000 | 0x216
-	ERROR_BAD_SERVICE_INSTALLSECT                syscall.Errno = 0x20000000 | 0xC0000000 | 0x217
-	ERROR_NO_CLASS_DRIVER_LIST                   syscall.Errno = 0x20000000 | 0xC0000000 | 0x218
-	ERROR_NO_ASSOCIATED_SERVICE                  syscall.Errno = 0x20000000 | 0xC0000000 | 0x219
-	ERROR_NO_DEFAULT_DEVICE_INTERFACE            syscall.Errno = 0x20000000 | 0xC0000000 | 0x21A
-	ERROR_DEVICE_INTERFACE_ACTIVE                syscall.Errno = 0x20000000 | 0xC0000000 | 0x21B
-	ERROR_DEVICE_INTERFACE_REMOVED               syscall.Errno = 0x20000000 | 0xC0000000 | 0x21C
-	ERROR_BAD_INTERFACE_INSTALLSECT              syscall.Errno = 0x20000000 | 0xC0000000 | 0x21D
-	ERROR_NO_SUCH_INTERFACE_CLASS                syscall.Errno = 0x20000000 | 0xC0000000 | 0x21E
-	ERROR_INVALID_REFERENCE_STRING               syscall.Errno = 0x20000000 | 0xC0000000 | 0x21F
-	ERROR_INVALID_MACHINENAME                    syscall.Errno = 0x20000000 | 0xC0000000 | 0x220
-	ERROR_REMOTE_COMM_FAILURE                    syscall.Errno = 0x20000000 | 0xC0000000 | 0x221
-	ERROR_MACHINE_UNAVAILABLE                    syscall.Errno = 0x20000000 | 0xC0000000 | 0x222
-	ERROR_NO_CONFIGMGR_SERVICES                  syscall.Errno = 0x20000000 | 0xC0000000 | 0x223
-	ERROR_INVALID_PROPPAGE_PROVIDER              syscall.Errno = 0x20000000 | 0xC0000000 | 0x224
-	ERROR_NO_SUCH_DEVICE_INTERFACE               syscall.Errno = 0x20000000 | 0xC0000000 | 0x225
-	ERROR_DI_POSTPROCESSING_REQUIRED             syscall.Errno = 0x20000000 | 0xC0000000 | 0x226
-	ERROR_INVALID_COINSTALLER                    syscall.Errno = 0x20000000 | 0xC0000000 | 0x227
-	ERROR_NO_COMPAT_DRIVERS                      syscall.Errno = 0x20000000 | 0xC0000000 | 0x228
-	ERROR_NO_DEVICE_ICON                         syscall.Errno = 0x20000000 | 0xC0000000 | 0x229
-	ERROR_INVALID_INF_LOGCONFIG                  syscall.Errno = 0x20000000 | 0xC0000000 | 0x22A
-	ERROR_DI_DONT_INSTALL                        syscall.Errno = 0x20000000 | 0xC0000000 | 0x22B
-	ERROR_INVALID_FILTER_DRIVER                  syscall.Errno = 0x20000000 | 0xC0000000 | 0x22C
-	ERROR_NON_WINDOWS_NT_DRIVER                  syscall.Errno = 0x20000000 | 0xC0000000 | 0x22D
-	ERROR_NON_WINDOWS_DRIVER                     syscall.Errno = 0x20000000 | 0xC0000000 | 0x22E
-	ERROR_NO_CATALOG_FOR_OEM_INF                 syscall.Errno = 0x20000000 | 0xC0000000 | 0x22F
-	ERROR_DEVINSTALL_QUEUE_NONNATIVE             syscall.Errno = 0x20000000 | 0xC0000000 | 0x230
-	ERROR_NOT_DISABLEABLE                        syscall.Errno = 0x20000000 | 0xC0000000 | 0x231
-	ERROR_CANT_REMOVE_DEVINST                    syscall.Errno = 0x20000000 | 0xC0000000 | 0x232
-	ERROR_INVALID_TARGET                         syscall.Errno = 0x20000000 | 0xC0000000 | 0x233
-	ERROR_DRIVER_NONNATIVE                       syscall.Errno = 0x20000000 | 0xC0000000 | 0x234
-	ERROR_IN_WOW64                               syscall.Errno = 0x20000000 | 0xC0000000 | 0x235
-	ERROR_SET_SYSTEM_RESTORE_POINT               syscall.Errno = 0x20000000 | 0xC0000000 | 0x236
-	ERROR_SCE_DISABLED                           syscall.Errno = 0x20000000 | 0xC0000000 | 0x238
-	ERROR_UNKNOWN_EXCEPTION                      syscall.Errno = 0x20000000 | 0xC0000000 | 0x239
-	ERROR_PNP_REGISTRY_ERROR                     syscall.Errno = 0x20000000 | 0xC0000000 | 0x23A
-	ERROR_REMOTE_REQUEST_UNSUPPORTED             syscall.Errno = 0x20000000 | 0xC0000000 | 0x23B
-	ERROR_NOT_AN_INSTALLED_OEM_INF               syscall.Errno = 0x20000000 | 0xC0000000 | 0x23C
-	ERROR_INF_IN_USE_BY_DEVICES                  syscall.Errno = 0x20000000 | 0xC0000000 | 0x23D
-	ERROR_DI_FUNCTION_OBSOLETE                   syscall.Errno = 0x20000000 | 0xC0000000 | 0x23E
-	ERROR_NO_AUTHENTICODE_CATALOG                syscall.Errno = 0x20000000 | 0xC0000000 | 0x23F
-	ERROR_AUTHENTICODE_DISALLOWED                syscall.Errno = 0x20000000 | 0xC0000000 | 0x240
-	ERROR_AUTHENTICODE_TRUSTED_PUBLISHER         syscall.Errno = 0x20000000 | 0xC0000000 | 0x241
-	ERROR_AUTHENTICODE_TRUST_NOT_ESTABLISHED     syscall.Errno = 0x20000000 | 0xC0000000 | 0x242
-	ERROR_AUTHENTICODE_PUBLISHER_NOT_TRUSTED     syscall.Errno = 0x20000000 | 0xC0000000 | 0x243
-	ERROR_SIGNATURE_OSATTRIBUTE_MISMATCH         syscall.Errno = 0x20000000 | 0xC0000000 | 0x244
-	ERROR_ONLY_VALIDATE_VIA_AUTHENTICODE         syscall.Errno = 0x20000000 | 0xC0000000 | 0x245
-	ERROR_DEVICE_INSTALLER_NOT_READY             syscall.Errno = 0x20000000 | 0xC0000000 | 0x246
-	ERROR_DRIVER_STORE_ADD_FAILED                syscall.Errno = 0x20000000 | 0xC0000000 | 0x247
-	ERROR_DEVICE_INSTALL_BLOCKED                 syscall.Errno = 0x20000000 | 0xC0000000 | 0x248
-	ERROR_DRIVER_INSTALL_BLOCKED                 syscall.Errno = 0x20000000 | 0xC0000000 | 0x249
-	ERROR_WRONG_INF_TYPE                         syscall.Errno = 0x20000000 | 0xC0000000 | 0x24A
-	ERROR_FILE_HASH_NOT_IN_CATALOG               syscall.Errno = 0x20000000 | 0xC0000000 | 0x24B
-	ERROR_DRIVER_STORE_DELETE_FAILED             syscall.Errno = 0x20000000 | 0xC0000000 | 0x24C
-	ERROR_UNRECOVERABLE_STACK_OVERFLOW           syscall.Errno = 0x20000000 | 0xC0000000 | 0x300
-	EXCEPTION_SPAPI_UNRECOVERABLE_STACK_OVERFLOW syscall.Errno = ERROR_UNRECOVERABLE_STACK_OVERFLOW
-	ERROR_NO_DEFAULT_INTERFACE_DEVICE            syscall.Errno = ERROR_NO_DEFAULT_DEVICE_INTERFACE
-	ERROR_INTERFACE_DEVICE_ACTIVE                syscall.Errno = ERROR_DEVICE_INTERFACE_ACTIVE
-	ERROR_INTERFACE_DEVICE_REMOVED               syscall.Errno = ERROR_DEVICE_INTERFACE_REMOVED
-	ERROR_NO_SUCH_INTERFACE_DEVICE               syscall.Errno = ERROR_NO_SUCH_DEVICE_INTERFACE
-)
diff --git a/vendor/golang.org/x/sys/windows/str.go b/vendor/golang.org/x/sys/windows/str.go
index 917cc2aae4e..4fc01434e4a 100644
--- a/vendor/golang.org/x/sys/windows/str.go
+++ b/vendor/golang.org/x/sys/windows/str.go
@@ -2,6 +2,7 @@
 // Use of this source code is governed by a BSD-style
 // license that can be found in the LICENSE file.
 
+//go:build windows
 // +build windows
 
 package windows
diff --git a/vendor/golang.org/x/sys/windows/syscall.go b/vendor/golang.org/x/sys/windows/syscall.go
index 6122f557a09..72074d582f1 100644
--- a/vendor/golang.org/x/sys/windows/syscall.go
+++ b/vendor/golang.org/x/sys/windows/syscall.go
@@ -2,6 +2,7 @@
 // Use of this source code is governed by a BSD-style
 // license that can be found in the LICENSE file.
 
+//go:build windows
 // +build windows
 
 // Package windows contains an interface to the low-level operating system
diff --git a/vendor/golang.org/x/sys/windows/syscall_windows.go b/vendor/golang.org/x/sys/windows/syscall_windows.go
index d3b59ae69cd..7702bbb8d8b 100644
--- a/vendor/golang.org/x/sys/windows/syscall_windows.go
+++ b/vendor/golang.org/x/sys/windows/syscall_windows.go
@@ -248,6 +248,7 @@ func NewCallbackCDecl(fn interface{}) uintptr {
 //sys	FreeEnvironmentStrings(envs *uint16) (err error) = kernel32.FreeEnvironmentStringsW
 //sys	GetEnvironmentVariable(name *uint16, buffer *uint16, size uint32) (n uint32, err error) = kernel32.GetEnvironmentVariableW
 //sys	SetEnvironmentVariable(name *uint16, value *uint16) (err error) = kernel32.SetEnvironmentVariableW
+//sys	ExpandEnvironmentStrings(src *uint16, dst *uint16, size uint32) (n uint32, err error) = kernel32.ExpandEnvironmentStringsW
 //sys	CreateEnvironmentBlock(block **uint16, token Token, inheritExisting bool) (err error) = userenv.CreateEnvironmentBlock
 //sys	DestroyEnvironmentBlock(block *uint16) (err error) = userenv.DestroyEnvironmentBlock
 //sys	getTickCount64() (ms uint64) = kernel32.GetTickCount64
@@ -401,6 +402,11 @@ func NewCallbackCDecl(fn interface{}) uintptr {
 //sys	LoadResource(module Handle, resInfo Handle) (resData Handle, err error) = kernel32.LoadResource
 //sys	LockResource(resData Handle) (addr uintptr, err error) = kernel32.LockResource
 
+// Version APIs
+//sys	GetFileVersionInfoSize(filename string, zeroHandle *Handle) (bufSize uint32, err error) = version.GetFileVersionInfoSizeW
+//sys	GetFileVersionInfo(filename string, handle uint32, bufSize uint32, buffer unsafe.Pointer) (err error) = version.GetFileVersionInfoW
+//sys	VerQueryValue(block unsafe.Pointer, subBlock string, pointerToBufferPointer unsafe.Pointer, bufSize *uint32) (err error) = version.VerQueryValueW
+
 // Process Status API (PSAPI)
 //sys	EnumProcesses(processIds []uint32, bytesReturned *uint32) (err error) = psapi.EnumProcesses
 //sys	EnumProcessModules(process Handle, module *Handle, cb uint32, cbNeeded *uint32) (err error) = psapi.EnumProcessModules
@@ -418,11 +424,16 @@ func NewCallbackCDecl(fn interface{}) uintptr {
 //sys	RtlInitString(destinationString *NTString, sourceString *byte) = ntdll.RtlInitString
 //sys	NtCreateFile(handle *Handle, access uint32, oa *OBJECT_ATTRIBUTES, iosb *IO_STATUS_BLOCK, allocationSize *int64, attributes uint32, share uint32, disposition uint32, options uint32, eabuffer uintptr, ealength uint32) (ntstatus error) = ntdll.NtCreateFile
 //sys	NtCreateNamedPipeFile(pipe *Handle, access uint32, oa *OBJECT_ATTRIBUTES, iosb *IO_STATUS_BLOCK, share uint32, disposition uint32, options uint32, typ uint32, readMode uint32, completionMode uint32, maxInstances uint32, inboundQuota uint32, outputQuota uint32, timeout *int64) (ntstatus error) = ntdll.NtCreateNamedPipeFile
+//sys	NtSetInformationFile(handle Handle, iosb *IO_STATUS_BLOCK, inBuffer *byte, inBufferLen uint32, class uint32) (ntstatus error) = ntdll.NtSetInformationFile
 //sys	RtlDosPathNameToNtPathName(dosName *uint16, ntName *NTUnicodeString, ntFileNamePart *uint16, relativeName *RTL_RELATIVE_NAME) (ntstatus error) = ntdll.RtlDosPathNameToNtPathName_U_WithStatus
 //sys	RtlDosPathNameToRelativeNtPathName(dosName *uint16, ntName *NTUnicodeString, ntFileNamePart *uint16, relativeName *RTL_RELATIVE_NAME) (ntstatus error) = ntdll.RtlDosPathNameToRelativeNtPathName_U_WithStatus
 //sys	RtlDefaultNpAcl(acl **ACL) (ntstatus error) = ntdll.RtlDefaultNpAcl
 //sys	NtQueryInformationProcess(proc Handle, procInfoClass int32, procInfo unsafe.Pointer, procInfoLen uint32, retLen *uint32) (ntstatus error) = ntdll.NtQueryInformationProcess
 //sys	NtSetInformationProcess(proc Handle, procInfoClass int32, procInfo unsafe.Pointer, procInfoLen uint32) (ntstatus error) = ntdll.NtSetInformationProcess
+//sys	NtQuerySystemInformation(sysInfoClass int32, sysInfo unsafe.Pointer, sysInfoLen uint32, retLen *uint32) (ntstatus error) = ntdll.NtQuerySystemInformation
+//sys	NtSetSystemInformation(sysInfoClass int32, sysInfo unsafe.Pointer, sysInfoLen uint32) (ntstatus error) = ntdll.NtSetSystemInformation
+//sys	RtlAddFunctionTable(functionTable *RUNTIME_FUNCTION, entryCount uint32, baseAddress uintptr) (ret bool) = ntdll.RtlAddFunctionTable
+//sys	RtlDeleteFunctionTable(functionTable *RUNTIME_FUNCTION) (ret bool) = ntdll.RtlDeleteFunctionTable
 
 // syscall interface implementation for other packages
 
@@ -883,9 +894,7 @@ func (sa *SockaddrInet4) sockaddr() (unsafe.Pointer, int32, error) {
 	p := (*[2]byte)(unsafe.Pointer(&sa.raw.Port))
 	p[0] = byte(sa.Port >> 8)
 	p[1] = byte(sa.Port)
-	for i := 0; i < len(sa.Addr); i++ {
-		sa.raw.Addr[i] = sa.Addr[i]
-	}
+	sa.raw.Addr = sa.Addr
 	return unsafe.Pointer(&sa.raw), int32(unsafe.Sizeof(sa.raw)), nil
 }
 
@@ -905,9 +914,7 @@ func (sa *SockaddrInet6) sockaddr() (unsafe.Pointer, int32, error) {
 	p[0] = byte(sa.Port >> 8)
 	p[1] = byte(sa.Port)
 	sa.raw.Scope_id = sa.ZoneId
-	for i := 0; i < len(sa.Addr); i++ {
-		sa.raw.Addr[i] = sa.Addr[i]
-	}
+	sa.raw.Addr = sa.Addr
 	return unsafe.Pointer(&sa.raw), int32(unsafe.Sizeof(sa.raw)), nil
 }
 
@@ -980,9 +987,7 @@ func (rsa *RawSockaddrAny) Sockaddr() (Sockaddr, error) {
 		sa := new(SockaddrInet4)
 		p := (*[2]byte)(unsafe.Pointer(&pp.Port))
 		sa.Port = int(p[0])<<8 + int(p[1])
-		for i := 0; i < len(sa.Addr); i++ {
-			sa.Addr[i] = pp.Addr[i]
-		}
+		sa.Addr = pp.Addr
 		return sa, nil
 
 	case AF_INET6:
@@ -991,9 +996,7 @@ func (rsa *RawSockaddrAny) Sockaddr() (Sockaddr, error) {
 		p := (*[2]byte)(unsafe.Pointer(&pp.Port))
 		sa.Port = int(p[0])<<8 + int(p[1])
 		sa.ZoneId = pp.Scope_id
-		for i := 0; i < len(sa.Addr); i++ {
-			sa.Addr[i] = pp.Addr[i]
-		}
+		sa.Addr = pp.Addr
 		return sa, nil
 	}
 	return nil, syscall.EAFNOSUPPORT
diff --git a/vendor/golang.org/x/sys/windows/types_windows.go b/vendor/golang.org/x/sys/windows/types_windows.go
index 02db2ee5e6c..286dd1eab95 100644
--- a/vendor/golang.org/x/sys/windows/types_windows.go
+++ b/vendor/golang.org/x/sys/windows/types_windows.go
@@ -2366,6 +2366,12 @@ type LIST_ENTRY struct {
 	Blink *LIST_ENTRY
 }
 
+type RUNTIME_FUNCTION struct {
+	BeginAddress uint32
+	EndAddress   uint32
+	UnwindData   uint32
+}
+
 type LDR_DATA_TABLE_ENTRY struct {
 	reserved1          [2]uintptr
 	InMemoryOrderLinks LIST_ENTRY
@@ -2556,6 +2562,60 @@ const (
 	FILE_PIPE_SERVER_END = 0x00000001
 )
 
+const (
+	// FileInformationClass for NtSetInformationFile
+	FileBasicInformation                         = 4
+	FileRenameInformation                        = 10
+	FileDispositionInformation                   = 13
+	FilePositionInformation                      = 14
+	FileEndOfFileInformation                     = 20
+	FileValidDataLengthInformation               = 39
+	FileShortNameInformation                     = 40
+	FileIoPriorityHintInformation                = 43
+	FileReplaceCompletionInformation             = 61
+	FileDispositionInformationEx                 = 64
+	FileCaseSensitiveInformation                 = 71
+	FileLinkInformation                          = 72
+	FileCaseSensitiveInformationForceAccessCheck = 75
+	FileKnownFolderInformation                   = 76
+
+	// Flags for FILE_RENAME_INFORMATION
+	FILE_RENAME_REPLACE_IF_EXISTS                    = 0x00000001
+	FILE_RENAME_POSIX_SEMANTICS                      = 0x00000002
+	FILE_RENAME_SUPPRESS_PIN_STATE_INHERITANCE       = 0x00000004
+	FILE_RENAME_SUPPRESS_STORAGE_RESERVE_INHERITANCE = 0x00000008
+	FILE_RENAME_NO_INCREASE_AVAILABLE_SPACE          = 0x00000010
+	FILE_RENAME_NO_DECREASE_AVAILABLE_SPACE          = 0x00000020
+	FILE_RENAME_PRESERVE_AVAILABLE_SPACE             = 0x00000030
+	FILE_RENAME_IGNORE_READONLY_ATTRIBUTE            = 0x00000040
+	FILE_RENAME_FORCE_RESIZE_TARGET_SR               = 0x00000080
+	FILE_RENAME_FORCE_RESIZE_SOURCE_SR               = 0x00000100
+	FILE_RENAME_FORCE_RESIZE_SR                      = 0x00000180
+
+	// Flags for FILE_DISPOSITION_INFORMATION_EX
+	FILE_DISPOSITION_DO_NOT_DELETE             = 0x00000000
+	FILE_DISPOSITION_DELETE                    = 0x00000001
+	FILE_DISPOSITION_POSIX_SEMANTICS           = 0x00000002
+	FILE_DISPOSITION_FORCE_IMAGE_SECTION_CHECK = 0x00000004
+	FILE_DISPOSITION_ON_CLOSE                  = 0x00000008
+	FILE_DISPOSITION_IGNORE_READONLY_ATTRIBUTE = 0x00000010
+
+	// Flags for FILE_CASE_SENSITIVE_INFORMATION
+	FILE_CS_FLAG_CASE_SENSITIVE_DIR = 0x00000001
+
+	// Flags for FILE_LINK_INFORMATION
+	FILE_LINK_REPLACE_IF_EXISTS                    = 0x00000001
+	FILE_LINK_POSIX_SEMANTICS                      = 0x00000002
+	FILE_LINK_SUPPRESS_STORAGE_RESERVE_INHERITANCE = 0x00000008
+	FILE_LINK_NO_INCREASE_AVAILABLE_SPACE          = 0x00000010
+	FILE_LINK_NO_DECREASE_AVAILABLE_SPACE          = 0x00000020
+	FILE_LINK_PRESERVE_AVAILABLE_SPACE             = 0x00000030
+	FILE_LINK_IGNORE_READONLY_ATTRIBUTE            = 0x00000040
+	FILE_LINK_FORCE_RESIZE_TARGET_SR               = 0x00000080
+	FILE_LINK_FORCE_RESIZE_SOURCE_SR               = 0x00000100
+	FILE_LINK_FORCE_RESIZE_SR                      = 0x00000180
+)
+
 // ProcessInformationClasses for NtQueryInformationProcess and NtSetInformationProcess.
 const (
 	ProcessBasicInformation = iota
@@ -2672,6 +2732,203 @@ type PROCESS_BASIC_INFORMATION struct {
 	InheritedFromUniqueProcessId uintptr
 }
 
+// SystemInformationClasses for NtQuerySystemInformation and NtSetSystemInformation
+const (
+	SystemBasicInformation = iota
+	SystemProcessorInformation
+	SystemPerformanceInformation
+	SystemTimeOfDayInformation
+	SystemPathInformation
+	SystemProcessInformation
+	SystemCallCountInformation
+	SystemDeviceInformation
+	SystemProcessorPerformanceInformation
+	SystemFlagsInformation
+	SystemCallTimeInformation
+	SystemModuleInformation
+	SystemLocksInformation
+	SystemStackTraceInformation
+	SystemPagedPoolInformation
+	SystemNonPagedPoolInformation
+	SystemHandleInformation
+	SystemObjectInformation
+	SystemPageFileInformation
+	SystemVdmInstemulInformation
+	SystemVdmBopInformation
+	SystemFileCacheInformation
+	SystemPoolTagInformation
+	SystemInterruptInformation
+	SystemDpcBehaviorInformation
+	SystemFullMemoryInformation
+	SystemLoadGdiDriverInformation
+	SystemUnloadGdiDriverInformation
+	SystemTimeAdjustmentInformation
+	SystemSummaryMemoryInformation
+	SystemMirrorMemoryInformation
+	SystemPerformanceTraceInformation
+	systemObsolete0
+	SystemExceptionInformation
+	SystemCrashDumpStateInformation
+	SystemKernelDebuggerInformation
+	SystemContextSwitchInformation
+	SystemRegistryQuotaInformation
+	SystemExtendServiceTableInformation
+	SystemPrioritySeperation
+	SystemVerifierAddDriverInformation
+	SystemVerifierRemoveDriverInformation
+	SystemProcessorIdleInformation
+	SystemLegacyDriverInformation
+	SystemCurrentTimeZoneInformation
+	SystemLookasideInformation
+	SystemTimeSlipNotification
+	SystemSessionCreate
+	SystemSessionDetach
+	SystemSessionInformation
+	SystemRangeStartInformation
+	SystemVerifierInformation
+	SystemVerifierThunkExtend
+	SystemSessionProcessInformation
+	SystemLoadGdiDriverInSystemSpace
+	SystemNumaProcessorMap
+	SystemPrefetcherInformation
+	SystemExtendedProcessInformation
+	SystemRecommendedSharedDataAlignment
+	SystemComPlusPackage
+	SystemNumaAvailableMemory
+	SystemProcessorPowerInformation
+	SystemEmulationBasicInformation
+	SystemEmulationProcessorInformation
+	SystemExtendedHandleInformation
+	SystemLostDelayedWriteInformation
+	SystemBigPoolInformation
+	SystemSessionPoolTagInformation
+	SystemSessionMappedViewInformation
+	SystemHotpatchInformation
+	SystemObjectSecurityMode
+	SystemWatchdogTimerHandler
+	SystemWatchdogTimerInformation
+	SystemLogicalProcessorInformation
+	SystemWow64SharedInformationObsolete
+	SystemRegisterFirmwareTableInformationHandler
+	SystemFirmwareTableInformation
+	SystemModuleInformationEx
+	SystemVerifierTriageInformation
+	SystemSuperfetchInformation
+	SystemMemoryListInformation
+	SystemFileCacheInformationEx
+	SystemThreadPriorityClientIdInformation
+	SystemProcessorIdleCycleTimeInformation
+	SystemVerifierCancellationInformation
+	SystemProcessorPowerInformationEx
+	SystemRefTraceInformation
+	SystemSpecialPoolInformation
+	SystemProcessIdInformation
+	SystemErrorPortInformation
+	SystemBootEnvironmentInformation
+	SystemHypervisorInformation
+	SystemVerifierInformationEx
+	SystemTimeZoneInformation
+	SystemImageFileExecutionOptionsInformation
+	SystemCoverageInformation
+	SystemPrefetchPatchInformation
+	SystemVerifierFaultsInformation
+	SystemSystemPartitionInformation
+	SystemSystemDiskInformation
+	SystemProcessorPerformanceDistribution
+	SystemNumaProximityNodeInformation
+	SystemDynamicTimeZoneInformation
+	SystemCodeIntegrityInformation
+	SystemProcessorMicrocodeUpdateInformation
+	SystemProcessorBrandString
+	SystemVirtualAddressInformation
+	SystemLogicalProcessorAndGroupInformation
+	SystemProcessorCycleTimeInformation
+	SystemStoreInformation
+	SystemRegistryAppendString
+	SystemAitSamplingValue
+	SystemVhdBootInformation
+	SystemCpuQuotaInformation
+	SystemNativeBasicInformation
+	systemSpare1
+	SystemLowPriorityIoInformation
+	SystemTpmBootEntropyInformation
+	SystemVerifierCountersInformation
+	SystemPagedPoolInformationEx
+	SystemSystemPtesInformationEx
+	SystemNodeDistanceInformation
+	SystemAcpiAuditInformation
+	SystemBasicPerformanceInformation
+	SystemQueryPerformanceCounterInformation
+	SystemSessionBigPoolInformation
+	SystemBootGraphicsInformation
+	SystemScrubPhysicalMemoryInformation
+	SystemBadPageInformation
+	SystemProcessorProfileControlArea
+	SystemCombinePhysicalMemoryInformation
+	SystemEntropyInterruptTimingCallback
+	SystemConsoleInformation
+	SystemPlatformBinaryInformation
+	SystemThrottleNotificationInformation
+	SystemHypervisorProcessorCountInformation
+	SystemDeviceDataInformation
+	SystemDeviceDataEnumerationInformation
+	SystemMemoryTopologyInformation
+	SystemMemoryChannelInformation
+	SystemBootLogoInformation
+	SystemProcessorPerformanceInformationEx
+	systemSpare0
+	SystemSecureBootPolicyInformation
+	SystemPageFileInformationEx
+	SystemSecureBootInformation
+	SystemEntropyInterruptTimingRawInformation
+	SystemPortableWorkspaceEfiLauncherInformation
+	SystemFullProcessInformation
+	SystemKernelDebuggerInformationEx
+	SystemBootMetadataInformation
+	SystemSoftRebootInformation
+	SystemElamCertificateInformation
+	SystemOfflineDumpConfigInformation
+	SystemProcessorFeaturesInformation
+	SystemRegistryReconciliationInformation
+	SystemEdidInformation
+	SystemManufacturingInformation
+	SystemEnergyEstimationConfigInformation
+	SystemHypervisorDetailInformation
+	SystemProcessorCycleStatsInformation
+	SystemVmGenerationCountInformation
+	SystemTrustedPlatformModuleInformation
+	SystemKernelDebuggerFlags
+	SystemCodeIntegrityPolicyInformation
+	SystemIsolatedUserModeInformation
+	SystemHardwareSecurityTestInterfaceResultsInformation
+	SystemSingleModuleInformation
+	SystemAllowedCpuSetsInformation
+	SystemDmaProtectionInformation
+	SystemInterruptCpuSetsInformation
+	SystemSecureBootPolicyFullInformation
+	SystemCodeIntegrityPolicyFullInformation
+	SystemAffinitizedInterruptProcessorInformation
+	SystemRootSiloInformation
+)
+
+type RTL_PROCESS_MODULE_INFORMATION struct {
+	Section          Handle
+	MappedBase       uintptr
+	ImageBase        uintptr
+	ImageSize        uint32
+	Flags            uint32
+	LoadOrderIndex   uint16
+	InitOrderIndex   uint16
+	LoadCount        uint16
+	OffsetToFileName uint16
+	FullPathName     [256]byte
+}
+
+type RTL_PROCESS_MODULES struct {
+	NumberOfModules uint32
+	Modules         [1]RTL_PROCESS_MODULE_INFORMATION
+}
+
 // Constants for LocalAlloc flags.
 const (
 	LMEM_FIXED          = 0x0
@@ -2766,6 +3023,22 @@ var (
 	RT_MANIFEST     ResourceID = 24
 )
 
+type VS_FIXEDFILEINFO struct {
+	Signature        uint32
+	StrucVersion     uint32
+	FileVersionMS    uint32
+	FileVersionLS    uint32
+	ProductVersionMS uint32
+	ProductVersionLS uint32
+	FileFlagsMask    uint32
+	FileFlags        uint32
+	FileOS           uint32
+	FileType         uint32
+	FileSubtype      uint32
+	FileDateMS       uint32
+	FileDateLS       uint32
+}
+
 type COAUTHIDENTITY struct {
 	User           *uint16
 	UserLength     uint32
diff --git a/vendor/golang.org/x/sys/windows/zsyscall_windows.go b/vendor/golang.org/x/sys/windows/zsyscall_windows.go
index 4ea788e4c41..bf0dd8fca88 100644
--- a/vendor/golang.org/x/sys/windows/zsyscall_windows.go
+++ b/vendor/golang.org/x/sys/windows/zsyscall_windows.go
@@ -36,6 +36,7 @@ func errnoErr(e syscall.Errno) error {
 }
 
 var (
+	modCfgMgr32 = NewLazySystemDLL("CfgMgr32.dll")
 	modadvapi32 = NewLazySystemDLL("advapi32.dll")
 	modcrypt32  = NewLazySystemDLL("crypt32.dll")
 	moddnsapi   = NewLazySystemDLL("dnsapi.dll")
@@ -48,13 +49,19 @@ var (
 	modpsapi    = NewLazySystemDLL("psapi.dll")
 	modsechost  = NewLazySystemDLL("sechost.dll")
 	modsecur32  = NewLazySystemDLL("secur32.dll")
+	modsetupapi = NewLazySystemDLL("setupapi.dll")
 	modshell32  = NewLazySystemDLL("shell32.dll")
 	moduser32   = NewLazySystemDLL("user32.dll")
 	moduserenv  = NewLazySystemDLL("userenv.dll")
+	modversion  = NewLazySystemDLL("version.dll")
 	modwintrust = NewLazySystemDLL("wintrust.dll")
 	modws2_32   = NewLazySystemDLL("ws2_32.dll")
 	modwtsapi32 = NewLazySystemDLL("wtsapi32.dll")
 
+	procCM_Get_DevNode_Status                                = modCfgMgr32.NewProc("CM_Get_DevNode_Status")
+	procCM_Get_Device_Interface_ListW                        = modCfgMgr32.NewProc("CM_Get_Device_Interface_ListW")
+	procCM_Get_Device_Interface_List_SizeW                   = modCfgMgr32.NewProc("CM_Get_Device_Interface_List_SizeW")
+	procCM_MapCrToWin32Err                                   = modCfgMgr32.NewProc("CM_MapCrToWin32Err")
 	procAdjustTokenGroups                                    = modadvapi32.NewProc("AdjustTokenGroups")
 	procAdjustTokenPrivileges                                = modadvapi32.NewProc("AdjustTokenPrivileges")
 	procAllocateAndInitializeSid                             = modadvapi32.NewProc("AllocateAndInitializeSid")
@@ -114,6 +121,7 @@ var (
 	procOpenThreadToken                                      = modadvapi32.NewProc("OpenThreadToken")
 	procQueryServiceConfig2W                                 = modadvapi32.NewProc("QueryServiceConfig2W")
 	procQueryServiceConfigW                                  = modadvapi32.NewProc("QueryServiceConfigW")
+	procQueryServiceDynamicInformation                       = modadvapi32.NewProc("QueryServiceDynamicInformation")
 	procQueryServiceLockStatusW                              = modadvapi32.NewProc("QueryServiceLockStatusW")
 	procQueryServiceStatus                                   = modadvapi32.NewProc("QueryServiceStatus")
 	procQueryServiceStatusEx                                 = modadvapi32.NewProc("QueryServiceStatusEx")
@@ -124,6 +132,7 @@ var (
 	procRegQueryInfoKeyW                                     = modadvapi32.NewProc("RegQueryInfoKeyW")
 	procRegQueryValueExW                                     = modadvapi32.NewProc("RegQueryValueExW")
 	procRegisterEventSourceW                                 = modadvapi32.NewProc("RegisterEventSourceW")
+	procRegisterServiceCtrlHandlerExW                        = modadvapi32.NewProc("RegisterServiceCtrlHandlerExW")
 	procReportEventW                                         = modadvapi32.NewProc("ReportEventW")
 	procRevertToSelf                                         = modadvapi32.NewProc("RevertToSelf")
 	procSetEntriesInAclW                                     = modadvapi32.NewProc("SetEntriesInAclW")
@@ -196,6 +205,7 @@ var (
 	procDeviceIoControl                                      = modkernel32.NewProc("DeviceIoControl")
 	procDuplicateHandle                                      = modkernel32.NewProc("DuplicateHandle")
 	procExitProcess                                          = modkernel32.NewProc("ExitProcess")
+	procExpandEnvironmentStringsW                            = modkernel32.NewProc("ExpandEnvironmentStringsW")
 	procFindClose                                            = modkernel32.NewProc("FindClose")
 	procFindCloseChangeNotification                          = modkernel32.NewProc("FindCloseChangeNotification")
 	procFindFirstChangeNotificationW                         = modkernel32.NewProc("FindFirstChangeNotificationW")
@@ -365,8 +375,13 @@ var (
 	procNtCreateFile                                         = modntdll.NewProc("NtCreateFile")
 	procNtCreateNamedPipeFile                                = modntdll.NewProc("NtCreateNamedPipeFile")
 	procNtQueryInformationProcess                            = modntdll.NewProc("NtQueryInformationProcess")
+	procNtQuerySystemInformation                             = modntdll.NewProc("NtQuerySystemInformation")
+	procNtSetInformationFile                                 = modntdll.NewProc("NtSetInformationFile")
 	procNtSetInformationProcess                              = modntdll.NewProc("NtSetInformationProcess")
+	procNtSetSystemInformation                               = modntdll.NewProc("NtSetSystemInformation")
+	procRtlAddFunctionTable                                  = modntdll.NewProc("RtlAddFunctionTable")
 	procRtlDefaultNpAcl                                      = modntdll.NewProc("RtlDefaultNpAcl")
+	procRtlDeleteFunctionTable                               = modntdll.NewProc("RtlDeleteFunctionTable")
 	procRtlDosPathNameToNtPathName_U_WithStatus              = modntdll.NewProc("RtlDosPathNameToNtPathName_U_WithStatus")
 	procRtlDosPathNameToRelativeNtPathName_U_WithStatus      = modntdll.NewProc("RtlDosPathNameToRelativeNtPathName_U_WithStatus")
 	procRtlGetCurrentPeb                                     = modntdll.NewProc("RtlGetCurrentPeb")
@@ -392,6 +407,34 @@ var (
 	procUnsubscribeServiceChangeNotifications                = modsechost.NewProc("UnsubscribeServiceChangeNotifications")
 	procGetUserNameExW                                       = modsecur32.NewProc("GetUserNameExW")
 	procTranslateNameW                                       = modsecur32.NewProc("TranslateNameW")
+	procSetupDiBuildDriverInfoList                           = modsetupapi.NewProc("SetupDiBuildDriverInfoList")
+	procSetupDiCallClassInstaller                            = modsetupapi.NewProc("SetupDiCallClassInstaller")
+	procSetupDiCancelDriverInfoSearch                        = modsetupapi.NewProc("SetupDiCancelDriverInfoSearch")
+	procSetupDiClassGuidsFromNameExW                         = modsetupapi.NewProc("SetupDiClassGuidsFromNameExW")
+	procSetupDiClassNameFromGuidExW                          = modsetupapi.NewProc("SetupDiClassNameFromGuidExW")
+	procSetupDiCreateDeviceInfoListExW                       = modsetupapi.NewProc("SetupDiCreateDeviceInfoListExW")
+	procSetupDiCreateDeviceInfoW                             = modsetupapi.NewProc("SetupDiCreateDeviceInfoW")
+	procSetupDiDestroyDeviceInfoList                         = modsetupapi.NewProc("SetupDiDestroyDeviceInfoList")
+	procSetupDiDestroyDriverInfoList                         = modsetupapi.NewProc("SetupDiDestroyDriverInfoList")
+	procSetupDiEnumDeviceInfo                                = modsetupapi.NewProc("SetupDiEnumDeviceInfo")
+	procSetupDiEnumDriverInfoW                               = modsetupapi.NewProc("SetupDiEnumDriverInfoW")
+	procSetupDiGetClassDevsExW                               = modsetupapi.NewProc("SetupDiGetClassDevsExW")
+	procSetupDiGetClassInstallParamsW                        = modsetupapi.NewProc("SetupDiGetClassInstallParamsW")
+	procSetupDiGetDeviceInfoListDetailW                      = modsetupapi.NewProc("SetupDiGetDeviceInfoListDetailW")
+	procSetupDiGetDeviceInstallParamsW                       = modsetupapi.NewProc("SetupDiGetDeviceInstallParamsW")
+	procSetupDiGetDeviceInstanceIdW                          = modsetupapi.NewProc("SetupDiGetDeviceInstanceIdW")
+	procSetupDiGetDevicePropertyW                            = modsetupapi.NewProc("SetupDiGetDevicePropertyW")
+	procSetupDiGetDeviceRegistryPropertyW                    = modsetupapi.NewProc("SetupDiGetDeviceRegistryPropertyW")
+	procSetupDiGetDriverInfoDetailW                          = modsetupapi.NewProc("SetupDiGetDriverInfoDetailW")
+	procSetupDiGetSelectedDevice                             = modsetupapi.NewProc("SetupDiGetSelectedDevice")
+	procSetupDiGetSelectedDriverW                            = modsetupapi.NewProc("SetupDiGetSelectedDriverW")
+	procSetupDiOpenDevRegKey                                 = modsetupapi.NewProc("SetupDiOpenDevRegKey")
+	procSetupDiSetClassInstallParamsW                        = modsetupapi.NewProc("SetupDiSetClassInstallParamsW")
+	procSetupDiSetDeviceInstallParamsW                       = modsetupapi.NewProc("SetupDiSetDeviceInstallParamsW")
+	procSetupDiSetDeviceRegistryPropertyW                    = modsetupapi.NewProc("SetupDiSetDeviceRegistryPropertyW")
+	procSetupDiSetSelectedDevice                             = modsetupapi.NewProc("SetupDiSetSelectedDevice")
+	procSetupDiSetSelectedDriverW                            = modsetupapi.NewProc("SetupDiSetSelectedDriverW")
+	procSetupUninstallOEMInfW                                = modsetupapi.NewProc("SetupUninstallOEMInfW")
 	procCommandLineToArgvW                                   = modshell32.NewProc("CommandLineToArgvW")
 	procSHGetKnownFolderPath                                 = modshell32.NewProc("SHGetKnownFolderPath")
 	procShellExecuteW                                        = modshell32.NewProc("ShellExecuteW")
@@ -402,6 +445,9 @@ var (
 	procCreateEnvironmentBlock                               = moduserenv.NewProc("CreateEnvironmentBlock")
 	procDestroyEnvironmentBlock                              = moduserenv.NewProc("DestroyEnvironmentBlock")
 	procGetUserProfileDirectoryW                             = moduserenv.NewProc("GetUserProfileDirectoryW")
+	procGetFileVersionInfoSizeW                              = modversion.NewProc("GetFileVersionInfoSizeW")
+	procGetFileVersionInfoW                                  = modversion.NewProc("GetFileVersionInfoW")
+	procVerQueryValueW                                       = modversion.NewProc("VerQueryValueW")
 	procWinVerifyTrustEx                                     = modwintrust.NewProc("WinVerifyTrustEx")
 	procFreeAddrInfoW                                        = modws2_32.NewProc("FreeAddrInfoW")
 	procGetAddrInfoW                                         = modws2_32.NewProc("GetAddrInfoW")
@@ -436,6 +482,30 @@ var (
 	procWTSQueryUserToken                                    = modwtsapi32.NewProc("WTSQueryUserToken")
 )
 
+func cm_Get_DevNode_Status(status *uint32, problemNumber *uint32, devInst DEVINST, flags uint32) (ret CONFIGRET) {
+	r0, _, _ := syscall.Syscall6(procCM_Get_DevNode_Status.Addr(), 4, uintptr(unsafe.Pointer(status)), uintptr(unsafe.Pointer(problemNumber)), uintptr(devInst), uintptr(flags), 0, 0)
+	ret = CONFIGRET(r0)
+	return
+}
+
+func cm_Get_Device_Interface_List(interfaceClass *GUID, deviceID *uint16, buffer *uint16, bufferLen uint32, flags uint32) (ret CONFIGRET) {
+	r0, _, _ := syscall.Syscall6(procCM_Get_Device_Interface_ListW.Addr(), 5, uintptr(unsafe.Pointer(interfaceClass)), uintptr(unsafe.Pointer(deviceID)), uintptr(unsafe.Pointer(buffer)), uintptr(bufferLen), uintptr(flags), 0)
+	ret = CONFIGRET(r0)
+	return
+}
+
+func cm_Get_Device_Interface_List_Size(len *uint32, interfaceClass *GUID, deviceID *uint16, flags uint32) (ret CONFIGRET) {
+	r0, _, _ := syscall.Syscall6(procCM_Get_Device_Interface_List_SizeW.Addr(), 4, uintptr(unsafe.Pointer(len)), uintptr(unsafe.Pointer(interfaceClass)), uintptr(unsafe.Pointer(deviceID)), uintptr(flags), 0, 0)
+	ret = CONFIGRET(r0)
+	return
+}
+
+func cm_MapCrToWin32Err(configRet CONFIGRET, defaultWin32Error Errno) (ret Errno) {
+	r0, _, _ := syscall.Syscall(procCM_MapCrToWin32Err.Addr(), 2, uintptr(configRet), uintptr(defaultWin32Error), 0)
+	ret = Errno(r0)
+	return
+}
+
 func AdjustTokenGroups(token Token, resetToDefault bool, newstate *Tokengroups, buflen uint32, prevstate *Tokengroups, returnlen *uint32) (err error) {
 	var _p0 uint32
 	if resetToDefault {
@@ -966,6 +1036,18 @@ func QueryServiceConfig(service Handle, serviceConfig *QUERY_SERVICE_CONFIG, buf
 	return
 }
 
+func QueryServiceDynamicInformation(service Handle, infoLevel uint32, dynamicInfo unsafe.Pointer) (err error) {
+	err = procQueryServiceDynamicInformation.Find()
+	if err != nil {
+		return
+	}
+	r1, _, e1 := syscall.Syscall(procQueryServiceDynamicInformation.Addr(), 3, uintptr(service), uintptr(infoLevel), uintptr(dynamicInfo))
+	if r1 == 0 {
+		err = errnoErr(e1)
+	}
+	return
+}
+
 func QueryServiceLockStatus(mgr Handle, lockStatus *QUERY_SERVICE_LOCK_STATUS, bufSize uint32, bytesNeeded *uint32) (err error) {
 	r1, _, e1 := syscall.Syscall6(procQueryServiceLockStatusW.Addr(), 4, uintptr(mgr), uintptr(unsafe.Pointer(lockStatus)), uintptr(bufSize), uintptr(unsafe.Pointer(bytesNeeded)), 0, 0)
 	if r1 == 0 {
@@ -1055,6 +1137,15 @@ func RegisterEventSource(uncServerName *uint16, sourceName *uint16) (handle Hand
 	return
 }
 
+func RegisterServiceCtrlHandlerEx(serviceName *uint16, handlerProc uintptr, context uintptr) (handle Handle, err error) {
+	r0, _, e1 := syscall.Syscall(procRegisterServiceCtrlHandlerExW.Addr(), 3, uintptr(unsafe.Pointer(serviceName)), uintptr(handlerProc), uintptr(context))
+	handle = Handle(r0)
+	if handle == 0 {
+		err = errnoErr(e1)
+	}
+	return
+}
+
 func ReportEvent(log Handle, etype uint16, category uint16, eventId uint32, usrSId uintptr, numStrings uint16, dataSize uint32, strings **uint16, rawData *byte) (err error) {
 	r1, _, e1 := syscall.Syscall9(procReportEventW.Addr(), 9, uintptr(log), uintptr(etype), uintptr(category), uintptr(eventId), uintptr(usrSId), uintptr(numStrings), uintptr(dataSize), uintptr(unsafe.Pointer(strings)), uintptr(unsafe.Pointer(rawData)))
 	if r1 == 0 {
@@ -1684,6 +1775,15 @@ func ExitProcess(exitcode uint32) {
 	return
 }
 
+func ExpandEnvironmentStrings(src *uint16, dst *uint16, size uint32) (n uint32, err error) {
+	r0, _, e1 := syscall.Syscall(procExpandEnvironmentStringsW.Addr(), 3, uintptr(unsafe.Pointer(src)), uintptr(unsafe.Pointer(dst)), uintptr(size))
+	n = uint32(r0)
+	if n == 0 {
+		err = errnoErr(e1)
+	}
+	return
+}
+
 func FindClose(handle Handle) (err error) {
 	r1, _, e1 := syscall.Syscall(procFindClose.Addr(), 1, uintptr(handle), 0, 0)
 	if r1 == 0 {
@@ -3160,6 +3260,22 @@ func NtQueryInformationProcess(proc Handle, procInfoClass int32, procInfo unsafe
 	return
 }
 
+func NtQuerySystemInformation(sysInfoClass int32, sysInfo unsafe.Pointer, sysInfoLen uint32, retLen *uint32) (ntstatus error) {
+	r0, _, _ := syscall.Syscall6(procNtQuerySystemInformation.Addr(), 4, uintptr(sysInfoClass), uintptr(sysInfo), uintptr(sysInfoLen), uintptr(unsafe.Pointer(retLen)), 0, 0)
+	if r0 != 0 {
+		ntstatus = NTStatus(r0)
+	}
+	return
+}
+
+func NtSetInformationFile(handle Handle, iosb *IO_STATUS_BLOCK, inBuffer *byte, inBufferLen uint32, class uint32) (ntstatus error) {
+	r0, _, _ := syscall.Syscall6(procNtSetInformationFile.Addr(), 5, uintptr(handle), uintptr(unsafe.Pointer(iosb)), uintptr(unsafe.Pointer(inBuffer)), uintptr(inBufferLen), uintptr(class), 0)
+	if r0 != 0 {
+		ntstatus = NTStatus(r0)
+	}
+	return
+}
+
 func NtSetInformationProcess(proc Handle, procInfoClass int32, procInfo unsafe.Pointer, procInfoLen uint32) (ntstatus error) {
 	r0, _, _ := syscall.Syscall6(procNtSetInformationProcess.Addr(), 4, uintptr(proc), uintptr(procInfoClass), uintptr(procInfo), uintptr(procInfoLen), 0, 0)
 	if r0 != 0 {
@@ -3168,6 +3284,20 @@ func NtSetInformationProcess(proc Handle, procInfoClass int32, procInfo unsafe.P
 	return
 }
 
+func NtSetSystemInformation(sysInfoClass int32, sysInfo unsafe.Pointer, sysInfoLen uint32) (ntstatus error) {
+	r0, _, _ := syscall.Syscall(procNtSetSystemInformation.Addr(), 3, uintptr(sysInfoClass), uintptr(sysInfo), uintptr(sysInfoLen))
+	if r0 != 0 {
+		ntstatus = NTStatus(r0)
+	}
+	return
+}
+
+func RtlAddFunctionTable(functionTable *RUNTIME_FUNCTION, entryCount uint32, baseAddress uintptr) (ret bool) {
+	r0, _, _ := syscall.Syscall(procRtlAddFunctionTable.Addr(), 3, uintptr(unsafe.Pointer(functionTable)), uintptr(entryCount), uintptr(baseAddress))
+	ret = r0 != 0
+	return
+}
+
 func RtlDefaultNpAcl(acl **ACL) (ntstatus error) {
 	r0, _, _ := syscall.Syscall(procRtlDefaultNpAcl.Addr(), 1, uintptr(unsafe.Pointer(acl)), 0, 0)
 	if r0 != 0 {
@@ -3176,6 +3306,12 @@ func RtlDefaultNpAcl(acl **ACL) (ntstatus error) {
 	return
 }
 
+func RtlDeleteFunctionTable(functionTable *RUNTIME_FUNCTION) (ret bool) {
+	r0, _, _ := syscall.Syscall(procRtlDeleteFunctionTable.Addr(), 1, uintptr(unsafe.Pointer(functionTable)), 0, 0)
+	ret = r0 != 0
+	return
+}
+
 func RtlDosPathNameToNtPathName(dosName *uint16, ntName *NTUnicodeString, ntFileNamePart *uint16, relativeName *RTL_RELATIVE_NAME) (ntstatus error) {
 	r0, _, _ := syscall.Syscall6(procRtlDosPathNameToNtPathName_U_WithStatus.Addr(), 4, uintptr(unsafe.Pointer(dosName)), uintptr(unsafe.Pointer(ntName)), uintptr(unsafe.Pointer(ntFileNamePart)), uintptr(unsafe.Pointer(relativeName)), 0, 0)
 	if r0 != 0 {
@@ -3364,6 +3500,233 @@ func TranslateName(accName *uint16, accNameFormat uint32, desiredNameFormat uint
 	return
 }
 
+func SetupDiBuildDriverInfoList(deviceInfoSet DevInfo, deviceInfoData *DevInfoData, driverType SPDIT) (err error) {
+	r1, _, e1 := syscall.Syscall(procSetupDiBuildDriverInfoList.Addr(), 3, uintptr(deviceInfoSet), uintptr(unsafe.Pointer(deviceInfoData)), uintptr(driverType))
+	if r1 == 0 {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+func SetupDiCallClassInstaller(installFunction DI_FUNCTION, deviceInfoSet DevInfo, deviceInfoData *DevInfoData) (err error) {
+	r1, _, e1 := syscall.Syscall(procSetupDiCallClassInstaller.Addr(), 3, uintptr(installFunction), uintptr(deviceInfoSet), uintptr(unsafe.Pointer(deviceInfoData)))
+	if r1 == 0 {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+func SetupDiCancelDriverInfoSearch(deviceInfoSet DevInfo) (err error) {
+	r1, _, e1 := syscall.Syscall(procSetupDiCancelDriverInfoSearch.Addr(), 1, uintptr(deviceInfoSet), 0, 0)
+	if r1 == 0 {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+func setupDiClassGuidsFromNameEx(className *uint16, classGuidList *GUID, classGuidListSize uint32, requiredSize *uint32, machineName *uint16, reserved uintptr) (err error) {
+	r1, _, e1 := syscall.Syscall6(procSetupDiClassGuidsFromNameExW.Addr(), 6, uintptr(unsafe.Pointer(className)), uintptr(unsafe.Pointer(classGuidList)), uintptr(classGuidListSize), uintptr(unsafe.Pointer(requiredSize)), uintptr(unsafe.Pointer(machineName)), uintptr(reserved))
+	if r1 == 0 {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+func setupDiClassNameFromGuidEx(classGUID *GUID, className *uint16, classNameSize uint32, requiredSize *uint32, machineName *uint16, reserved uintptr) (err error) {
+	r1, _, e1 := syscall.Syscall6(procSetupDiClassNameFromGuidExW.Addr(), 6, uintptr(unsafe.Pointer(classGUID)), uintptr(unsafe.Pointer(className)), uintptr(classNameSize), uintptr(unsafe.Pointer(requiredSize)), uintptr(unsafe.Pointer(machineName)), uintptr(reserved))
+	if r1 == 0 {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+func setupDiCreateDeviceInfoListEx(classGUID *GUID, hwndParent uintptr, machineName *uint16, reserved uintptr) (handle DevInfo, err error) {
+	r0, _, e1 := syscall.Syscall6(procSetupDiCreateDeviceInfoListExW.Addr(), 4, uintptr(unsafe.Pointer(classGUID)), uintptr(hwndParent), uintptr(unsafe.Pointer(machineName)), uintptr(reserved), 0, 0)
+	handle = DevInfo(r0)
+	if handle == DevInfo(InvalidHandle) {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+func setupDiCreateDeviceInfo(deviceInfoSet DevInfo, DeviceName *uint16, classGUID *GUID, DeviceDescription *uint16, hwndParent uintptr, CreationFlags DICD, deviceInfoData *DevInfoData) (err error) {
+	r1, _, e1 := syscall.Syscall9(procSetupDiCreateDeviceInfoW.Addr(), 7, uintptr(deviceInfoSet), uintptr(unsafe.Pointer(DeviceName)), uintptr(unsafe.Pointer(classGUID)), uintptr(unsafe.Pointer(DeviceDescription)), uintptr(hwndParent), uintptr(CreationFlags), uintptr(unsafe.Pointer(deviceInfoData)), 0, 0)
+	if r1 == 0 {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+func SetupDiDestroyDeviceInfoList(deviceInfoSet DevInfo) (err error) {
+	r1, _, e1 := syscall.Syscall(procSetupDiDestroyDeviceInfoList.Addr(), 1, uintptr(deviceInfoSet), 0, 0)
+	if r1 == 0 {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+func SetupDiDestroyDriverInfoList(deviceInfoSet DevInfo, deviceInfoData *DevInfoData, driverType SPDIT) (err error) {
+	r1, _, e1 := syscall.Syscall(procSetupDiDestroyDriverInfoList.Addr(), 3, uintptr(deviceInfoSet), uintptr(unsafe.Pointer(deviceInfoData)), uintptr(driverType))
+	if r1 == 0 {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+func setupDiEnumDeviceInfo(deviceInfoSet DevInfo, memberIndex uint32, deviceInfoData *DevInfoData) (err error) {
+	r1, _, e1 := syscall.Syscall(procSetupDiEnumDeviceInfo.Addr(), 3, uintptr(deviceInfoSet), uintptr(memberIndex), uintptr(unsafe.Pointer(deviceInfoData)))
+	if r1 == 0 {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+func setupDiEnumDriverInfo(deviceInfoSet DevInfo, deviceInfoData *DevInfoData, driverType SPDIT, memberIndex uint32, driverInfoData *DrvInfoData) (err error) {
+	r1, _, e1 := syscall.Syscall6(procSetupDiEnumDriverInfoW.Addr(), 5, uintptr(deviceInfoSet), uintptr(unsafe.Pointer(deviceInfoData)), uintptr(driverType), uintptr(memberIndex), uintptr(unsafe.Pointer(driverInfoData)), 0)
+	if r1 == 0 {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+func setupDiGetClassDevsEx(classGUID *GUID, Enumerator *uint16, hwndParent uintptr, Flags DIGCF, deviceInfoSet DevInfo, machineName *uint16, reserved uintptr) (handle DevInfo, err error) {
+	r0, _, e1 := syscall.Syscall9(procSetupDiGetClassDevsExW.Addr(), 7, uintptr(unsafe.Pointer(classGUID)), uintptr(unsafe.Pointer(Enumerator)), uintptr(hwndParent), uintptr(Flags), uintptr(deviceInfoSet), uintptr(unsafe.Pointer(machineName)), uintptr(reserved), 0, 0)
+	handle = DevInfo(r0)
+	if handle == DevInfo(InvalidHandle) {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+func SetupDiGetClassInstallParams(deviceInfoSet DevInfo, deviceInfoData *DevInfoData, classInstallParams *ClassInstallHeader, classInstallParamsSize uint32, requiredSize *uint32) (err error) {
+	r1, _, e1 := syscall.Syscall6(procSetupDiGetClassInstallParamsW.Addr(), 5, uintptr(deviceInfoSet), uintptr(unsafe.Pointer(deviceInfoData)), uintptr(unsafe.Pointer(classInstallParams)), uintptr(classInstallParamsSize), uintptr(unsafe.Pointer(requiredSize)), 0)
+	if r1 == 0 {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+func setupDiGetDeviceInfoListDetail(deviceInfoSet DevInfo, deviceInfoSetDetailData *DevInfoListDetailData) (err error) {
+	r1, _, e1 := syscall.Syscall(procSetupDiGetDeviceInfoListDetailW.Addr(), 2, uintptr(deviceInfoSet), uintptr(unsafe.Pointer(deviceInfoSetDetailData)), 0)
+	if r1 == 0 {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+func setupDiGetDeviceInstallParams(deviceInfoSet DevInfo, deviceInfoData *DevInfoData, deviceInstallParams *DevInstallParams) (err error) {
+	r1, _, e1 := syscall.Syscall(procSetupDiGetDeviceInstallParamsW.Addr(), 3, uintptr(deviceInfoSet), uintptr(unsafe.Pointer(deviceInfoData)), uintptr(unsafe.Pointer(deviceInstallParams)))
+	if r1 == 0 {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+func setupDiGetDeviceInstanceId(deviceInfoSet DevInfo, deviceInfoData *DevInfoData, instanceId *uint16, instanceIdSize uint32, instanceIdRequiredSize *uint32) (err error) {
+	r1, _, e1 := syscall.Syscall6(procSetupDiGetDeviceInstanceIdW.Addr(), 5, uintptr(deviceInfoSet), uintptr(unsafe.Pointer(deviceInfoData)), uintptr(unsafe.Pointer(instanceId)), uintptr(instanceIdSize), uintptr(unsafe.Pointer(instanceIdRequiredSize)), 0)
+	if r1 == 0 {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+func setupDiGetDeviceProperty(deviceInfoSet DevInfo, deviceInfoData *DevInfoData, propertyKey *DEVPROPKEY, propertyType *DEVPROPTYPE, propertyBuffer *byte, propertyBufferSize uint32, requiredSize *uint32, flags uint32) (err error) {
+	r1, _, e1 := syscall.Syscall9(procSetupDiGetDevicePropertyW.Addr(), 8, uintptr(deviceInfoSet), uintptr(unsafe.Pointer(deviceInfoData)), uintptr(unsafe.Pointer(propertyKey)), uintptr(unsafe.Pointer(propertyType)), uintptr(unsafe.Pointer(propertyBuffer)), uintptr(propertyBufferSize), uintptr(unsafe.Pointer(requiredSize)), uintptr(flags), 0)
+	if r1 == 0 {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+func setupDiGetDeviceRegistryProperty(deviceInfoSet DevInfo, deviceInfoData *DevInfoData, property SPDRP, propertyRegDataType *uint32, propertyBuffer *byte, propertyBufferSize uint32, requiredSize *uint32) (err error) {
+	r1, _, e1 := syscall.Syscall9(procSetupDiGetDeviceRegistryPropertyW.Addr(), 7, uintptr(deviceInfoSet), uintptr(unsafe.Pointer(deviceInfoData)), uintptr(property), uintptr(unsafe.Pointer(propertyRegDataType)), uintptr(unsafe.Pointer(propertyBuffer)), uintptr(propertyBufferSize), uintptr(unsafe.Pointer(requiredSize)), 0, 0)
+	if r1 == 0 {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+func setupDiGetDriverInfoDetail(deviceInfoSet DevInfo, deviceInfoData *DevInfoData, driverInfoData *DrvInfoData, driverInfoDetailData *DrvInfoDetailData, driverInfoDetailDataSize uint32, requiredSize *uint32) (err error) {
+	r1, _, e1 := syscall.Syscall6(procSetupDiGetDriverInfoDetailW.Addr(), 6, uintptr(deviceInfoSet), uintptr(unsafe.Pointer(deviceInfoData)), uintptr(unsafe.Pointer(driverInfoData)), uintptr(unsafe.Pointer(driverInfoDetailData)), uintptr(driverInfoDetailDataSize), uintptr(unsafe.Pointer(requiredSize)))
+	if r1 == 0 {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+func setupDiGetSelectedDevice(deviceInfoSet DevInfo, deviceInfoData *DevInfoData) (err error) {
+	r1, _, e1 := syscall.Syscall(procSetupDiGetSelectedDevice.Addr(), 2, uintptr(deviceInfoSet), uintptr(unsafe.Pointer(deviceInfoData)), 0)
+	if r1 == 0 {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+func setupDiGetSelectedDriver(deviceInfoSet DevInfo, deviceInfoData *DevInfoData, driverInfoData *DrvInfoData) (err error) {
+	r1, _, e1 := syscall.Syscall(procSetupDiGetSelectedDriverW.Addr(), 3, uintptr(deviceInfoSet), uintptr(unsafe.Pointer(deviceInfoData)), uintptr(unsafe.Pointer(driverInfoData)))
+	if r1 == 0 {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+func SetupDiOpenDevRegKey(deviceInfoSet DevInfo, deviceInfoData *DevInfoData, Scope DICS_FLAG, HwProfile uint32, KeyType DIREG, samDesired uint32) (key Handle, err error) {
+	r0, _, e1 := syscall.Syscall6(procSetupDiOpenDevRegKey.Addr(), 6, uintptr(deviceInfoSet), uintptr(unsafe.Pointer(deviceInfoData)), uintptr(Scope), uintptr(HwProfile), uintptr(KeyType), uintptr(samDesired))
+	key = Handle(r0)
+	if key == InvalidHandle {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+func SetupDiSetClassInstallParams(deviceInfoSet DevInfo, deviceInfoData *DevInfoData, classInstallParams *ClassInstallHeader, classInstallParamsSize uint32) (err error) {
+	r1, _, e1 := syscall.Syscall6(procSetupDiSetClassInstallParamsW.Addr(), 4, uintptr(deviceInfoSet), uintptr(unsafe.Pointer(deviceInfoData)), uintptr(unsafe.Pointer(classInstallParams)), uintptr(classInstallParamsSize), 0, 0)
+	if r1 == 0 {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+func SetupDiSetDeviceInstallParams(deviceInfoSet DevInfo, deviceInfoData *DevInfoData, deviceInstallParams *DevInstallParams) (err error) {
+	r1, _, e1 := syscall.Syscall(procSetupDiSetDeviceInstallParamsW.Addr(), 3, uintptr(deviceInfoSet), uintptr(unsafe.Pointer(deviceInfoData)), uintptr(unsafe.Pointer(deviceInstallParams)))
+	if r1 == 0 {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+func setupDiSetDeviceRegistryProperty(deviceInfoSet DevInfo, deviceInfoData *DevInfoData, property SPDRP, propertyBuffer *byte, propertyBufferSize uint32) (err error) {
+	r1, _, e1 := syscall.Syscall6(procSetupDiSetDeviceRegistryPropertyW.Addr(), 5, uintptr(deviceInfoSet), uintptr(unsafe.Pointer(deviceInfoData)), uintptr(property), uintptr(unsafe.Pointer(propertyBuffer)), uintptr(propertyBufferSize), 0)
+	if r1 == 0 {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+func SetupDiSetSelectedDevice(deviceInfoSet DevInfo, deviceInfoData *DevInfoData) (err error) {
+	r1, _, e1 := syscall.Syscall(procSetupDiSetSelectedDevice.Addr(), 2, uintptr(deviceInfoSet), uintptr(unsafe.Pointer(deviceInfoData)), 0)
+	if r1 == 0 {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+func SetupDiSetSelectedDriver(deviceInfoSet DevInfo, deviceInfoData *DevInfoData, driverInfoData *DrvInfoData) (err error) {
+	r1, _, e1 := syscall.Syscall(procSetupDiSetSelectedDriverW.Addr(), 3, uintptr(deviceInfoSet), uintptr(unsafe.Pointer(deviceInfoData)), uintptr(unsafe.Pointer(driverInfoData)))
+	if r1 == 0 {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+func setupUninstallOEMInf(infFileName *uint16, flags SUOI, reserved uintptr) (err error) {
+	r1, _, e1 := syscall.Syscall(procSetupUninstallOEMInfW.Addr(), 3, uintptr(unsafe.Pointer(infFileName)), uintptr(flags), uintptr(reserved))
+	if r1 == 0 {
+		err = errnoErr(e1)
+	}
+	return
+}
+
 func CommandLineToArgv(cmd *uint16, argc *int32) (argv *[8192]*[8192]uint16, err error) {
 	r0, _, e1 := syscall.Syscall(procCommandLineToArgvW.Addr(), 2, uintptr(unsafe.Pointer(cmd)), uintptr(unsafe.Pointer(argc)), 0)
 	argv = (*[8192]*[8192]uint16)(unsafe.Pointer(r0))
@@ -3449,6 +3812,58 @@ func GetUserProfileDirectory(t Token, dir *uint16, dirLen *uint32) (err error) {
 	return
 }
 
+func GetFileVersionInfoSize(filename string, zeroHandle *Handle) (bufSize uint32, err error) {
+	var _p0 *uint16
+	_p0, err = syscall.UTF16PtrFromString(filename)
+	if err != nil {
+		return
+	}
+	return _GetFileVersionInfoSize(_p0, zeroHandle)
+}
+
+func _GetFileVersionInfoSize(filename *uint16, zeroHandle *Handle) (bufSize uint32, err error) {
+	r0, _, e1 := syscall.Syscall(procGetFileVersionInfoSizeW.Addr(), 2, uintptr(unsafe.Pointer(filename)), uintptr(unsafe.Pointer(zeroHandle)), 0)
+	bufSize = uint32(r0)
+	if bufSize == 0 {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+func GetFileVersionInfo(filename string, handle uint32, bufSize uint32, buffer unsafe.Pointer) (err error) {
+	var _p0 *uint16
+	_p0, err = syscall.UTF16PtrFromString(filename)
+	if err != nil {
+		return
+	}
+	return _GetFileVersionInfo(_p0, handle, bufSize, buffer)
+}
+
+func _GetFileVersionInfo(filename *uint16, handle uint32, bufSize uint32, buffer unsafe.Pointer) (err error) {
+	r1, _, e1 := syscall.Syscall6(procGetFileVersionInfoW.Addr(), 4, uintptr(unsafe.Pointer(filename)), uintptr(handle), uintptr(bufSize), uintptr(buffer), 0, 0)
+	if r1 == 0 {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+func VerQueryValue(block unsafe.Pointer, subBlock string, pointerToBufferPointer unsafe.Pointer, bufSize *uint32) (err error) {
+	var _p0 *uint16
+	_p0, err = syscall.UTF16PtrFromString(subBlock)
+	if err != nil {
+		return
+	}
+	return _VerQueryValue(block, _p0, pointerToBufferPointer, bufSize)
+}
+
+func _VerQueryValue(block unsafe.Pointer, subBlock *uint16, pointerToBufferPointer unsafe.Pointer, bufSize *uint32) (err error) {
+	r1, _, e1 := syscall.Syscall6(procVerQueryValueW.Addr(), 4, uintptr(block), uintptr(unsafe.Pointer(subBlock)), uintptr(pointerToBufferPointer), uintptr(unsafe.Pointer(bufSize)), 0, 0)
+	if r1 == 0 {
+		err = errnoErr(e1)
+	}
+	return
+}
+
 func WinVerifyTrustEx(hwnd HWND, actionId *GUID, data *WinTrustData) (ret error) {
 	r0, _, _ := syscall.Syscall(procWinVerifyTrustEx.Addr(), 3, uintptr(hwnd), uintptr(unsafe.Pointer(actionId)), uintptr(unsafe.Pointer(data)))
 	if r0 != 0 {
diff --git a/vendor/golang.org/x/time/rate/rate.go b/vendor/golang.org/x/time/rate/rate.go
index 0cfcc8463c2..b0b982e9c6e 100644
--- a/vendor/golang.org/x/time/rate/rate.go
+++ b/vendor/golang.org/x/time/rate/rate.go
@@ -306,15 +306,27 @@ func (lim *Limiter) SetBurstAt(now time.Time, newBurst int) {
 // reserveN returns Reservation, not *Reservation, to avoid allocation in AllowN and WaitN.
 func (lim *Limiter) reserveN(now time.Time, n int, maxFutureReserve time.Duration) Reservation {
 	lim.mu.Lock()
+	defer lim.mu.Unlock()
 
 	if lim.limit == Inf {
-		lim.mu.Unlock()
 		return Reservation{
 			ok:        true,
 			lim:       lim,
 			tokens:    n,
 			timeToAct: now,
 		}
+	} else if lim.limit == 0 {
+		var ok bool
+		if lim.burst >= n {
+			ok = true
+			lim.burst -= n
+		}
+		return Reservation{
+			ok:        ok,
+			lim:       lim,
+			tokens:    lim.burst,
+			timeToAct: now,
+		}
 	}
 
 	now, last, tokens := lim.advance(now)
@@ -351,7 +363,6 @@ func (lim *Limiter) reserveN(now time.Time, n int, maxFutureReserve time.Duratio
 		lim.last = last
 	}
 
-	lim.mu.Unlock()
 	return r
 }
 
@@ -377,6 +388,9 @@ func (lim *Limiter) advance(now time.Time) (newNow time.Time, newLast time.Time,
 // durationFromTokens is a unit conversion function from the number of tokens to the duration
 // of time it takes to accumulate them at a rate of limit tokens per second.
 func (limit Limit) durationFromTokens(tokens float64) time.Duration {
+	if limit <= 0 {
+		return InfDuration
+	}
 	seconds := tokens / float64(limit)
 	return time.Duration(float64(time.Second) * seconds)
 }
@@ -384,5 +398,8 @@ func (limit Limit) durationFromTokens(tokens float64) time.Duration {
 // tokensFromDuration is a unit conversion function from a time duration to the number of tokens
 // which could be accumulated during that duration at a rate of limit tokens per second.
 func (limit Limit) tokensFromDuration(d time.Duration) float64 {
+	if limit <= 0 {
+		return 0
+	}
 	return d.Seconds() * float64(limit)
 }
diff --git a/vendor/google.golang.org/api/cloudresourcemanager/v1/cloudresourcemanager-api.json b/vendor/google.golang.org/api/cloudresourcemanager/v1/cloudresourcemanager-api.json
index 41aab790baf..0d80c12b86a 100644
--- a/vendor/google.golang.org/api/cloudresourcemanager/v1/cloudresourcemanager-api.json
+++ b/vendor/google.golang.org/api/cloudresourcemanager/v1/cloudresourcemanager-api.json
@@ -1171,7 +1171,7 @@
       }
     }
   },
-  "revision": "20210830",
+  "revision": "20211017",
   "rootUrl": "https://cloudresourcemanager.googleapis.com/",
   "schemas": {
     "Ancestor": {
@@ -1234,22 +1234,22 @@
       "type": "object"
     },
     "Binding": {
-      "description": "Associates `members` with a `role`.",
+      "description": "Associates `members`, or principals, with a `role`.",
       "id": "Binding",
       "properties": {
         "condition": {
           "$ref": "Expr",
-          "description": "The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies)."
+          "description": "The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the principals in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies)."
         },
         "members": {
-          "description": "Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`. ",
+          "description": "Specifies the principals requesting access for a Cloud Platform resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`. ",
           "items": {
             "type": "string"
           },
           "type": "array"
         },
         "role": {
-          "description": "Role that is assigned to `members`. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.",
+          "description": "Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.",
           "type": "string"
         }
       },
@@ -1460,7 +1460,7 @@
       "type": "object"
     },
     "DeleteOrganizationMetadata": {
-      "description": "A status object which is used as the `metadata` field for the operation returned by DeleteOrganization.",
+      "description": "LINT.IfChange A status object which is used as the `metadata` field for the operation returned by DeleteOrganization.",
       "id": "DeleteOrganizationMetadata",
       "properties": {},
       "type": "object"
@@ -1996,7 +1996,7 @@
       "type": "object"
     },
     "Policy": {
-      "description": "An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources. A `Policy` is a collection of `bindings`. A `binding` binds one or more `members` to a single `role`. Members can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role. For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies). **JSON example:** { \"bindings\": [ { \"role\": \"roles/resourcemanager.organizationAdmin\", \"members\": [ \"user:mike@example.com\", \"group:admins@example.com\", \"domain:google.com\", \"serviceAccount:my-project-id@appspot.gserviceaccount.com\" ] }, { \"role\": \"roles/resourcemanager.organizationViewer\", \"members\": [ \"user:eve@example.com\" ], \"condition\": { \"title\": \"expirable access\", \"description\": \"Does not grant access after Sep 2020\", \"expression\": \"request.time \u003c timestamp('2020-10-01T00:00:00.000Z')\", } } ], \"etag\": \"BwWWja0YfJA=\", \"version\": 3 } **YAML example:** bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time \u003c timestamp('2020-10-01T00:00:00.000Z') etag: BwWWja0YfJA= version: 3 For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/).",
+      "description": "An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources. A `Policy` is a collection of `bindings`. A `binding` binds one or more `members`, or principals, to a single `role`. Principals can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role. For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies). **JSON example:** { \"bindings\": [ { \"role\": \"roles/resourcemanager.organizationAdmin\", \"members\": [ \"user:mike@example.com\", \"group:admins@example.com\", \"domain:google.com\", \"serviceAccount:my-project-id@appspot.gserviceaccount.com\" ] }, { \"role\": \"roles/resourcemanager.organizationViewer\", \"members\": [ \"user:eve@example.com\" ], \"condition\": { \"title\": \"expirable access\", \"description\": \"Does not grant access after Sep 2020\", \"expression\": \"request.time \u003c timestamp('2020-10-01T00:00:00.000Z')\", } } ], \"etag\": \"BwWWja0YfJA=\", \"version\": 3 } **YAML example:** bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time \u003c timestamp('2020-10-01T00:00:00.000Z') etag: BwWWja0YfJA= version: 3 For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/).",
       "id": "Policy",
       "properties": {
         "auditConfigs": {
@@ -2007,7 +2007,7 @@
           "type": "array"
         },
         "bindings": {
-          "description": "Associates a list of `members` to a `role`. Optionally, may specify a `condition` that determines how and when the `bindings` are applied. Each of the `bindings` must contain at least one member.",
+          "description": "Associates a list of `members`, or principals, with a `role`. Optionally, may specify a `condition` that determines how and when the `bindings` are applied. Each of the `bindings` must contain at least one principal. The `bindings` in a `Policy` can refer to up to 1,500 principals; up to 250 of these principals can be Google groups. Each occurrence of a principal counts towards these limits. For example, if the `bindings` grant 50 different roles to `user:alice@example.com`, and not to any other principal, then you can add another 1,450 principals to the `bindings` in the `Policy`.",
           "items": {
             "$ref": "Binding"
           },
@@ -2246,7 +2246,7 @@
       "type": "object"
     },
     "UndeleteOrganizationMetadata": {
-      "description": "A status object which is used as the `metadata` field for the Operation returned by UndeleteOrganization.",
+      "description": "LINT.IfChange A status object which is used as the `metadata` field for the Operation returned by UndeleteOrganization.",
       "id": "UndeleteOrganizationMetadata",
       "properties": {},
       "type": "object"
diff --git a/vendor/google.golang.org/api/cloudresourcemanager/v1/cloudresourcemanager-gen.go b/vendor/google.golang.org/api/cloudresourcemanager/v1/cloudresourcemanager-gen.go
index 0df15453a8e..bf8b7df94b8 100644
--- a/vendor/google.golang.org/api/cloudresourcemanager/v1/cloudresourcemanager-gen.go
+++ b/vendor/google.golang.org/api/cloudresourcemanager/v1/cloudresourcemanager-gen.go
@@ -327,19 +327,19 @@ func (s *AuditLogConfig) MarshalJSON() ([]byte, error) {
 	return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields)
 }
 
-// Binding: Associates `members` with a `role`.
+// Binding: Associates `members`, or principals, with a `role`.
 type Binding struct {
 	// Condition: The condition that is associated with this binding. If the
 	// condition evaluates to `true`, then this binding applies to the
 	// current request. If the condition evaluates to `false`, then this
 	// binding does not apply to the current request. However, a different
-	// role binding might grant the same role to one or more of the members
-	// in this binding. To learn which resources support conditions in their
-	// IAM policies, see the IAM documentation
+	// role binding might grant the same role to one or more of the
+	// principals in this binding. To learn which resources support
+	// conditions in their IAM policies, see the IAM documentation
 	// (https://cloud.google.com/iam/help/conditions/resource-policies).
 	Condition *Expr `json:"condition,omitempty"`
 
-	// Members: Specifies the identities requesting access for a Cloud
+	// Members: Specifies the principals requesting access for a Cloud
 	// Platform resource. `members` can have the following values: *
 	// `allUsers`: A special identifier that represents anyone who is on the
 	// internet; with or without a Google account. *
@@ -373,8 +373,8 @@ type Binding struct {
 	// For example, `google.com` or `example.com`.
 	Members []string `json:"members,omitempty"`
 
-	// Role: Role that is assigned to `members`. For example,
-	// `roles/viewer`, `roles/editor`, or `roles/owner`.
+	// Role: Role that is assigned to the list of `members`, or principals.
+	// For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
 	Role string `json:"role,omitempty"`
 
 	// ForceSendFields is a list of field names (e.g. "Condition") to
@@ -751,8 +751,9 @@ type CreateTagValueMetadata struct {
 type DeleteFolderMetadata struct {
 }
 
-// DeleteOrganizationMetadata: A status object which is used as the
-// `metadata` field for the operation returned by DeleteOrganization.
+// DeleteOrganizationMetadata: LINT.IfChange A status object which is
+// used as the `metadata` field for the operation returned by
+// DeleteOrganization.
 type DeleteOrganizationMetadata struct {
 }
 
@@ -1840,17 +1841,17 @@ func (s *OrganizationOwner) MarshalJSON() ([]byte, error) {
 
 // Policy: An Identity and Access Management (IAM) policy, which
 // specifies access controls for Google Cloud resources. A `Policy` is a
-// collection of `bindings`. A `binding` binds one or more `members` to
-// a single `role`. Members can be user accounts, service accounts,
-// Google groups, and domains (such as G Suite). A `role` is a named
-// list of permissions; each `role` can be an IAM predefined role or a
-// user-created custom role. For some types of Google Cloud resources, a
-// `binding` can also specify a `condition`, which is a logical
-// expression that allows access to a resource only if the expression
-// evaluates to `true`. A condition can add constraints based on
-// attributes of the request, the resource, or both. To learn which
-// resources support conditions in their IAM policies, see the IAM
-// documentation
+// collection of `bindings`. A `binding` binds one or more `members`, or
+// principals, to a single `role`. Principals can be user accounts,
+// service accounts, Google groups, and domains (such as G Suite). A
+// `role` is a named list of permissions; each `role` can be an IAM
+// predefined role or a user-created custom role. For some types of
+// Google Cloud resources, a `binding` can also specify a `condition`,
+// which is a logical expression that allows access to a resource only
+// if the expression evaluates to `true`. A condition can add
+// constraints based on attributes of the request, the resource, or
+// both. To learn which resources support conditions in their IAM
+// policies, see the IAM documentation
 // (https://cloud.google.com/iam/help/conditions/resource-policies).
 // **JSON example:** { "bindings": [ { "role":
 // "roles/resourcemanager.organizationAdmin", "members": [
@@ -1877,9 +1878,15 @@ type Policy struct {
 	// policy.
 	AuditConfigs []*AuditConfig `json:"auditConfigs,omitempty"`
 
-	// Bindings: Associates a list of `members` to a `role`. Optionally, may
-	// specify a `condition` that determines how and when the `bindings` are
-	// applied. Each of the `bindings` must contain at least one member.
+	// Bindings: Associates a list of `members`, or principals, with a
+	// `role`. Optionally, may specify a `condition` that determines how and
+	// when the `bindings` are applied. Each of the `bindings` must contain
+	// at least one principal. The `bindings` in a `Policy` can refer to up
+	// to 1,500 principals; up to 250 of these principals can be Google
+	// groups. Each occurrence of a principal counts towards these limits.
+	// For example, if the `bindings` grant 50 different roles to
+	// `user:alice@example.com`, and not to any other principal, then you
+	// can add another 1,450 principals to the `bindings` in the `Policy`.
 	Bindings []*Binding `json:"bindings,omitempty"`
 
 	// Etag: `etag` is used for optimistic concurrency control as a way to
@@ -2384,8 +2391,9 @@ func (s *TestIamPermissionsResponse) MarshalJSON() ([]byte, error) {
 type UndeleteFolderMetadata struct {
 }
 
-// UndeleteOrganizationMetadata: A status object which is used as the
-// `metadata` field for the Operation returned by UndeleteOrganization.
+// UndeleteOrganizationMetadata: LINT.IfChange A status object which is
+// used as the `metadata` field for the Operation returned by
+// UndeleteOrganization.
 type UndeleteOrganizationMetadata struct {
 }
 
@@ -2467,7 +2475,7 @@ func (c *FoldersClearOrgPolicyCall) Header() http.Header {
 
 func (c *FoldersClearOrgPolicyCall) doRequest(alt string) (*http.Response, error) {
 	reqHeaders := make(http.Header)
-	reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20210927")
+	reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20211027")
 	for k, v := range c.header_ {
 		reqHeaders[k] = v
 	}
@@ -2614,7 +2622,7 @@ func (c *FoldersGetEffectiveOrgPolicyCall) Header() http.Header {
 
 func (c *FoldersGetEffectiveOrgPolicyCall) doRequest(alt string) (*http.Response, error) {
 	reqHeaders := make(http.Header)
-	reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20210927")
+	reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20211027")
 	for k, v := range c.header_ {
 		reqHeaders[k] = v
 	}
@@ -2761,7 +2769,7 @@ func (c *FoldersGetOrgPolicyCall) Header() http.Header {
 
 func (c *FoldersGetOrgPolicyCall) doRequest(alt string) (*http.Response, error) {
 	reqHeaders := make(http.Header)
-	reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20210927")
+	reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20211027")
 	for k, v := range c.header_ {
 		reqHeaders[k] = v
 	}
@@ -2905,7 +2913,7 @@ func (c *FoldersListAvailableOrgPolicyConstraintsCall) Header() http.Header {
 
 func (c *FoldersListAvailableOrgPolicyConstraintsCall) doRequest(alt string) (*http.Response, error) {
 	reqHeaders := make(http.Header)
-	reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20210927")
+	reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20211027")
 	for k, v := range c.header_ {
 		reqHeaders[k] = v
 	}
@@ -3072,7 +3080,7 @@ func (c *FoldersListOrgPoliciesCall) Header() http.Header {
 
 func (c *FoldersListOrgPoliciesCall) doRequest(alt string) (*http.Response, error) {
 	reqHeaders := make(http.Header)
-	reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20210927")
+	reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20211027")
 	for k, v := range c.header_ {
 		reqHeaders[k] = v
 	}
@@ -3239,7 +3247,7 @@ func (c *FoldersSetOrgPolicyCall) Header() http.Header {
 
 func (c *FoldersSetOrgPolicyCall) doRequest(alt string) (*http.Response, error) {
 	reqHeaders := make(http.Header)
-	reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20210927")
+	reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20211027")
 	for k, v := range c.header_ {
 		reqHeaders[k] = v
 	}
@@ -3381,7 +3389,7 @@ func (c *LiensCreateCall) Header() http.Header {
 
 func (c *LiensCreateCall) doRequest(alt string) (*http.Response, error) {
 	reqHeaders := make(http.Header)
-	reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20210927")
+	reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20211027")
 	for k, v := range c.header_ {
 		reqHeaders[k] = v
 	}
@@ -3512,7 +3520,7 @@ func (c *LiensDeleteCall) Header() http.Header {
 
 func (c *LiensDeleteCall) doRequest(alt string) (*http.Response, error) {
 	reqHeaders := make(http.Header)
-	reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20210927")
+	reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20211027")
 	for k, v := range c.header_ {
 		reqHeaders[k] = v
 	}
@@ -3659,7 +3667,7 @@ func (c *LiensGetCall) Header() http.Header {
 
 func (c *LiensGetCall) doRequest(alt string) (*http.Response, error) {
 	reqHeaders := make(http.Header)
-	reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20210927")
+	reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20211027")
 	for k, v := range c.header_ {
 		reqHeaders[k] = v
 	}
@@ -3832,7 +3840,7 @@ func (c *LiensListCall) Header() http.Header {
 
 func (c *LiensListCall) doRequest(alt string) (*http.Response, error) {
 	reqHeaders := make(http.Header)
-	reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20210927")
+	reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20211027")
 	for k, v := range c.header_ {
 		reqHeaders[k] = v
 	}
@@ -4006,7 +4014,7 @@ func (c *OperationsGetCall) Header() http.Header {
 
 func (c *OperationsGetCall) doRequest(alt string) (*http.Response, error) {
 	reqHeaders := make(http.Header)
-	reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20210927")
+	reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20211027")
 	for k, v := range c.header_ {
 		reqHeaders[k] = v
 	}
@@ -4144,7 +4152,7 @@ func (c *OrganizationsClearOrgPolicyCall) Header() http.Header {
 
 func (c *OrganizationsClearOrgPolicyCall) doRequest(alt string) (*http.Response, error) {
 	reqHeaders := make(http.Header)
-	reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20210927")
+	reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20211027")
 	for k, v := range c.header_ {
 		reqHeaders[k] = v
 	}
@@ -4299,7 +4307,7 @@ func (c *OrganizationsGetCall) Header() http.Header {
 
 func (c *OrganizationsGetCall) doRequest(alt string) (*http.Response, error) {
 	reqHeaders := make(http.Header)
-	reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20210927")
+	reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20211027")
 	for k, v := range c.header_ {
 		reqHeaders[k] = v
 	}
@@ -4442,7 +4450,7 @@ func (c *OrganizationsGetEffectiveOrgPolicyCall) Header() http.Header {
 
 func (c *OrganizationsGetEffectiveOrgPolicyCall) doRequest(alt string) (*http.Response, error) {
 	reqHeaders := make(http.Header)
-	reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20210927")
+	reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20211027")
 	for k, v := range c.header_ {
 		reqHeaders[k] = v
 	}
@@ -4592,7 +4600,7 @@ func (c *OrganizationsGetIamPolicyCall) Header() http.Header {
 
 func (c *OrganizationsGetIamPolicyCall) doRequest(alt string) (*http.Response, error) {
 	reqHeaders := make(http.Header)
-	reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20210927")
+	reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20211027")
 	for k, v := range c.header_ {
 		reqHeaders[k] = v
 	}
@@ -4739,7 +4747,7 @@ func (c *OrganizationsGetOrgPolicyCall) Header() http.Header {
 
 func (c *OrganizationsGetOrgPolicyCall) doRequest(alt string) (*http.Response, error) {
 	reqHeaders := make(http.Header)
-	reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20210927")
+	reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20211027")
 	for k, v := range c.header_ {
 		reqHeaders[k] = v
 	}
@@ -4883,7 +4891,7 @@ func (c *OrganizationsListAvailableOrgPolicyConstraintsCall) Header() http.Heade
 
 func (c *OrganizationsListAvailableOrgPolicyConstraintsCall) doRequest(alt string) (*http.Response, error) {
 	reqHeaders := make(http.Header)
-	reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20210927")
+	reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20211027")
 	for k, v := range c.header_ {
 		reqHeaders[k] = v
 	}
@@ -5050,7 +5058,7 @@ func (c *OrganizationsListOrgPoliciesCall) Header() http.Header {
 
 func (c *OrganizationsListOrgPoliciesCall) doRequest(alt string) (*http.Response, error) {
 	reqHeaders := make(http.Header)
-	reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20210927")
+	reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20211027")
 	for k, v := range c.header_ {
 		reqHeaders[k] = v
 	}
@@ -5214,7 +5222,7 @@ func (c *OrganizationsSearchCall) Header() http.Header {
 
 func (c *OrganizationsSearchCall) doRequest(alt string) (*http.Response, error) {
 	reqHeaders := make(http.Header)
-	reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20210927")
+	reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20211027")
 	for k, v := range c.header_ {
 		reqHeaders[k] = v
 	}
@@ -5372,7 +5380,7 @@ func (c *OrganizationsSetIamPolicyCall) Header() http.Header {
 
 func (c *OrganizationsSetIamPolicyCall) doRequest(alt string) (*http.Response, error) {
 	reqHeaders := make(http.Header)
-	reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20210927")
+	reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20211027")
 	for k, v := range c.header_ {
 		reqHeaders[k] = v
 	}
@@ -5517,7 +5525,7 @@ func (c *OrganizationsSetOrgPolicyCall) Header() http.Header {
 
 func (c *OrganizationsSetOrgPolicyCall) doRequest(alt string) (*http.Response, error) {
 	reqHeaders := make(http.Header)
-	reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20210927")
+	reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20211027")
 	for k, v := range c.header_ {
 		reqHeaders[k] = v
 	}
@@ -5664,7 +5672,7 @@ func (c *OrganizationsTestIamPermissionsCall) Header() http.Header {
 
 func (c *OrganizationsTestIamPermissionsCall) doRequest(alt string) (*http.Response, error) {
 	reqHeaders := make(http.Header)
-	reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20210927")
+	reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20211027")
 	for k, v := range c.header_ {
 		reqHeaders[k] = v
 	}
@@ -5807,7 +5815,7 @@ func (c *ProjectsClearOrgPolicyCall) Header() http.Header {
 
 func (c *ProjectsClearOrgPolicyCall) doRequest(alt string) (*http.Response, error) {
 	reqHeaders := make(http.Header)
-	reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20210927")
+	reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20211027")
 	for k, v := range c.header_ {
 		reqHeaders[k] = v
 	}
@@ -5956,7 +5964,7 @@ func (c *ProjectsCreateCall) Header() http.Header {
 
 func (c *ProjectsCreateCall) doRequest(alt string) (*http.Response, error) {
 	reqHeaders := make(http.Header)
-	reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20210927")
+	reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20211027")
 	for k, v := range c.header_ {
 		reqHeaders[k] = v
 	}
@@ -6094,7 +6102,7 @@ func (c *ProjectsDeleteCall) Header() http.Header {
 
 func (c *ProjectsDeleteCall) doRequest(alt string) (*http.Response, error) {
 	reqHeaders := make(http.Header)
-	reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20210927")
+	reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20211027")
 	for k, v := range c.header_ {
 		reqHeaders[k] = v
 	}
@@ -6238,7 +6246,7 @@ func (c *ProjectsGetCall) Header() http.Header {
 
 func (c *ProjectsGetCall) doRequest(alt string) (*http.Response, error) {
 	reqHeaders := make(http.Header)
-	reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20210927")
+	reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20211027")
 	for k, v := range c.header_ {
 		reqHeaders[k] = v
 	}
@@ -6378,7 +6386,7 @@ func (c *ProjectsGetAncestryCall) Header() http.Header {
 
 func (c *ProjectsGetAncestryCall) doRequest(alt string) (*http.Response, error) {
 	reqHeaders := make(http.Header)
-	reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20210927")
+	reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20211027")
 	for k, v := range c.header_ {
 		reqHeaders[k] = v
 	}
@@ -6525,7 +6533,7 @@ func (c *ProjectsGetEffectiveOrgPolicyCall) Header() http.Header {
 
 func (c *ProjectsGetEffectiveOrgPolicyCall) doRequest(alt string) (*http.Response, error) {
 	reqHeaders := make(http.Header)
-	reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20210927")
+	reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20211027")
 	for k, v := range c.header_ {
 		reqHeaders[k] = v
 	}
@@ -6676,7 +6684,7 @@ func (c *ProjectsGetIamPolicyCall) Header() http.Header {
 
 func (c *ProjectsGetIamPolicyCall) doRequest(alt string) (*http.Response, error) {
 	reqHeaders := make(http.Header)
-	reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20210927")
+	reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20211027")
 	for k, v := range c.header_ {
 		reqHeaders[k] = v
 	}
@@ -6822,7 +6830,7 @@ func (c *ProjectsGetOrgPolicyCall) Header() http.Header {
 
 func (c *ProjectsGetOrgPolicyCall) doRequest(alt string) (*http.Response, error) {
 	reqHeaders := make(http.Header)
-	reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20210927")
+	reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20211027")
 	for k, v := range c.header_ {
 		reqHeaders[k] = v
 	}
@@ -7030,7 +7038,7 @@ func (c *ProjectsListCall) Header() http.Header {
 
 func (c *ProjectsListCall) doRequest(alt string) (*http.Response, error) {
 	reqHeaders := make(http.Header)
-	reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20210927")
+	reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20211027")
 	for k, v := range c.header_ {
 		reqHeaders[k] = v
 	}
@@ -7194,7 +7202,7 @@ func (c *ProjectsListAvailableOrgPolicyConstraintsCall) Header() http.Header {
 
 func (c *ProjectsListAvailableOrgPolicyConstraintsCall) doRequest(alt string) (*http.Response, error) {
 	reqHeaders := make(http.Header)
-	reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20210927")
+	reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20211027")
 	for k, v := range c.header_ {
 		reqHeaders[k] = v
 	}
@@ -7361,7 +7369,7 @@ func (c *ProjectsListOrgPoliciesCall) Header() http.Header {
 
 func (c *ProjectsListOrgPoliciesCall) doRequest(alt string) (*http.Response, error) {
 	reqHeaders := make(http.Header)
-	reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20210927")
+	reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20211027")
 	for k, v := range c.header_ {
 		reqHeaders[k] = v
 	}
@@ -7563,7 +7571,7 @@ func (c *ProjectsSetIamPolicyCall) Header() http.Header {
 
 func (c *ProjectsSetIamPolicyCall) doRequest(alt string) (*http.Response, error) {
 	reqHeaders := make(http.Header)
-	reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20210927")
+	reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20211027")
 	for k, v := range c.header_ {
 		reqHeaders[k] = v
 	}
@@ -7707,7 +7715,7 @@ func (c *ProjectsSetOrgPolicyCall) Header() http.Header {
 
 func (c *ProjectsSetOrgPolicyCall) doRequest(alt string) (*http.Response, error) {
 	reqHeaders := make(http.Header)
-	reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20210927")
+	reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20211027")
 	for k, v := range c.header_ {
 		reqHeaders[k] = v
 	}
@@ -7855,7 +7863,7 @@ func (c *ProjectsTestIamPermissionsCall) Header() http.Header {
 
 func (c *ProjectsTestIamPermissionsCall) doRequest(alt string) (*http.Response, error) {
 	reqHeaders := make(http.Header)
-	reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20210927")
+	reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20211027")
 	for k, v := range c.header_ {
 		reqHeaders[k] = v
 	}
@@ -8001,7 +8009,7 @@ func (c *ProjectsUndeleteCall) Header() http.Header {
 
 func (c *ProjectsUndeleteCall) doRequest(alt string) (*http.Response, error) {
 	reqHeaders := make(http.Header)
-	reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20210927")
+	reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20211027")
 	for k, v := range c.header_ {
 		reqHeaders[k] = v
 	}
@@ -8144,7 +8152,7 @@ func (c *ProjectsUpdateCall) Header() http.Header {
 
 func (c *ProjectsUpdateCall) doRequest(alt string) (*http.Response, error) {
 	reqHeaders := make(http.Header)
-	reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20210927")
+	reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20211027")
 	for k, v := range c.header_ {
 		reqHeaders[k] = v
 	}
diff --git a/vendor/google.golang.org/api/iamcredentials/v1/iamcredentials-gen.go b/vendor/google.golang.org/api/iamcredentials/v1/iamcredentials-gen.go
index 0a84fe052be..686923a8629 100644
--- a/vendor/google.golang.org/api/iamcredentials/v1/iamcredentials-gen.go
+++ b/vendor/google.golang.org/api/iamcredentials/v1/iamcredentials-gen.go
@@ -553,7 +553,7 @@ func (c *ProjectsServiceAccountsGenerateAccessTokenCall) Header() http.Header {
 
 func (c *ProjectsServiceAccountsGenerateAccessTokenCall) doRequest(alt string) (*http.Response, error) {
 	reqHeaders := make(http.Header)
-	reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20210927")
+	reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20211027")
 	for k, v := range c.header_ {
 		reqHeaders[k] = v
 	}
@@ -700,7 +700,7 @@ func (c *ProjectsServiceAccountsGenerateIdTokenCall) Header() http.Header {
 
 func (c *ProjectsServiceAccountsGenerateIdTokenCall) doRequest(alt string) (*http.Response, error) {
 	reqHeaders := make(http.Header)
-	reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20210927")
+	reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20211027")
 	for k, v := range c.header_ {
 		reqHeaders[k] = v
 	}
@@ -847,7 +847,7 @@ func (c *ProjectsServiceAccountsSignBlobCall) Header() http.Header {
 
 func (c *ProjectsServiceAccountsSignBlobCall) doRequest(alt string) (*http.Response, error) {
 	reqHeaders := make(http.Header)
-	reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20210927")
+	reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20211027")
 	for k, v := range c.header_ {
 		reqHeaders[k] = v
 	}
@@ -994,7 +994,7 @@ func (c *ProjectsServiceAccountsSignJwtCall) Header() http.Header {
 
 func (c *ProjectsServiceAccountsSignJwtCall) doRequest(alt string) (*http.Response, error) {
 	reqHeaders := make(http.Header)
-	reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20210927")
+	reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20211027")
 	for k, v := range c.header_ {
 		reqHeaders[k] = v
 	}
diff --git a/vendor/google.golang.org/api/storage/v1/storage-api.json b/vendor/google.golang.org/api/storage/v1/storage-api.json
index 55666d8f21e..10383aa7bce 100644
--- a/vendor/google.golang.org/api/storage/v1/storage-api.json
+++ b/vendor/google.golang.org/api/storage/v1/storage-api.json
@@ -26,7 +26,7 @@
   "description": "Stores and retrieves potentially large, immutable data objects.",
   "discoveryVersion": "v1",
   "documentationLink": "https://developers.google.com/storage/docs/json_api/",
-  "etag": "\"353939383733353534373734383337373436\"",
+  "etag": "\"3133363930393533313437363430303131373733\"",
   "icons": {
     "x16": "https://www.google.com/images/icons/product/cloud_storage-16.png",
     "x32": "https://www.google.com/images/icons/product/cloud_storage-32.png"
@@ -3230,7 +3230,7 @@
       }
     }
   },
-  "revision": "20210918",
+  "revision": "20211018",
   "rootUrl": "https://storage.googleapis.com/",
   "schemas": {
     "Bucket": {
@@ -3249,6 +3249,21 @@
           },
           "type": "array"
         },
+        "autoclass": {
+          "description": "The bucket's Autoclass configuration.",
+          "properties": {
+            "enabled": {
+              "description": "Whether or not Autoclass is enabled on this bucket",
+              "type": "boolean"
+            },
+            "toggleTime": {
+              "description": "A date and time in RFC 3339 format representing the instant at which \"enabled\" was last toggled.",
+              "format": "date-time",
+              "type": "string"
+            }
+          },
+          "type": "object"
+        },
         "billing": {
           "description": "The bucket's billing configuration.",
           "properties": {
diff --git a/vendor/google.golang.org/api/storage/v1/storage-gen.go b/vendor/google.golang.org/api/storage/v1/storage-gen.go
index 2f4aa44962c..db4d25344af 100644
--- a/vendor/google.golang.org/api/storage/v1/storage-gen.go
+++ b/vendor/google.golang.org/api/storage/v1/storage-gen.go
@@ -279,6 +279,9 @@ type Bucket struct {
 	// Acl: Access controls on the bucket.
 	Acl []*BucketAccessControl `json:"acl,omitempty"`
 
+	// Autoclass: The bucket's Autoclass configuration.
+	Autoclass *BucketAutoclass `json:"autoclass,omitempty"`
+
 	// Billing: The bucket's billing configuration.
 	Billing *BucketBilling `json:"billing,omitempty"`
 
@@ -433,6 +436,38 @@ func (s *Bucket) MarshalJSON() ([]byte, error) {
 	return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields)
 }
 
+// BucketAutoclass: The bucket's Autoclass configuration.
+type BucketAutoclass struct {
+	// Enabled: Whether or not Autoclass is enabled on this bucket
+	Enabled bool `json:"enabled,omitempty"`
+
+	// ToggleTime: A date and time in RFC 3339 format representing the
+	// instant at which "enabled" was last toggled.
+	ToggleTime string `json:"toggleTime,omitempty"`
+
+	// ForceSendFields is a list of field names (e.g. "Enabled") to
+	// unconditionally include in API requests. By default, fields with
+	// empty or default values are omitted from API requests. However, any
+	// non-pointer, non-interface field appearing in ForceSendFields will be
+	// sent to the server regardless of whether the field is empty or not.
+	// This may be used to include empty fields in Patch requests.
+	ForceSendFields []string `json:"-"`
+
+	// NullFields is a list of field names (e.g. "Enabled") to include in
+	// API requests with the JSON null value. By default, fields with empty
+	// values are omitted from API requests. However, any field with an
+	// empty value appearing in NullFields will be sent to the server as
+	// null. It is an error if a field in this list has a non-empty value.
+	// This may be used to include null fields in Patch requests.
+	NullFields []string `json:"-"`
+}
+
+func (s *BucketAutoclass) MarshalJSON() ([]byte, error) {
+	type NoMethod BucketAutoclass
+	raw := NoMethod(*s)
+	return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields)
+}
+
 // BucketBilling: The bucket's billing configuration.
 type BucketBilling struct {
 	// RequesterPays: When set to true, Requester Pays is enabled for this
@@ -2485,7 +2520,7 @@ func (c *BucketAccessControlsDeleteCall) Header() http.Header {
 
 func (c *BucketAccessControlsDeleteCall) doRequest(alt string) (*http.Response, error) {
 	reqHeaders := make(http.Header)
-	reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20210927")
+	reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20211027")
 	for k, v := range c.header_ {
 		reqHeaders[k] = v
 	}
@@ -2638,7 +2673,7 @@ func (c *BucketAccessControlsGetCall) Header() http.Header {
 
 func (c *BucketAccessControlsGetCall) doRequest(alt string) (*http.Response, error) {
 	reqHeaders := make(http.Header)
-	reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20210927")
+	reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20211027")
 	for k, v := range c.header_ {
 		reqHeaders[k] = v
 	}
@@ -2807,7 +2842,7 @@ func (c *BucketAccessControlsInsertCall) Header() http.Header {
 
 func (c *BucketAccessControlsInsertCall) doRequest(alt string) (*http.Response, error) {
 	reqHeaders := make(http.Header)
-	reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20210927")
+	reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20211027")
 	for k, v := range c.header_ {
 		reqHeaders[k] = v
 	}
@@ -2982,7 +3017,7 @@ func (c *BucketAccessControlsListCall) Header() http.Header {
 
 func (c *BucketAccessControlsListCall) doRequest(alt string) (*http.Response, error) {
 	reqHeaders := make(http.Header)
-	reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20210927")
+	reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20211027")
 	for k, v := range c.header_ {
 		reqHeaders[k] = v
 	}
@@ -3148,7 +3183,7 @@ func (c *BucketAccessControlsPatchCall) Header() http.Header {
 
 func (c *BucketAccessControlsPatchCall) doRequest(alt string) (*http.Response, error) {
 	reqHeaders := make(http.Header)
-	reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20210927")
+	reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20211027")
 	for k, v := range c.header_ {
 		reqHeaders[k] = v
 	}
@@ -3327,7 +3362,7 @@ func (c *BucketAccessControlsUpdateCall) Header() http.Header {
 
 func (c *BucketAccessControlsUpdateCall) doRequest(alt string) (*http.Response, error) {
 	reqHeaders := make(http.Header)
-	reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20210927")
+	reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20211027")
 	for k, v := range c.header_ {
 		reqHeaders[k] = v
 	}
@@ -3515,7 +3550,7 @@ func (c *BucketsDeleteCall) Header() http.Header {
 
 func (c *BucketsDeleteCall) doRequest(alt string) (*http.Response, error) {
 	reqHeaders := make(http.Header)
-	reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20210927")
+	reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20211027")
 	for k, v := range c.header_ {
 		reqHeaders[k] = v
 	}
@@ -3696,7 +3731,7 @@ func (c *BucketsGetCall) Header() http.Header {
 
 func (c *BucketsGetCall) doRequest(alt string) (*http.Response, error) {
 	reqHeaders := make(http.Header)
-	reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20210927")
+	reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20211027")
 	for k, v := range c.header_ {
 		reqHeaders[k] = v
 	}
@@ -3904,7 +3939,7 @@ func (c *BucketsGetIamPolicyCall) Header() http.Header {
 
 func (c *BucketsGetIamPolicyCall) doRequest(alt string) (*http.Response, error) {
 	reqHeaders := make(http.Header)
-	reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20210927")
+	reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20211027")
 	for k, v := range c.header_ {
 		reqHeaders[k] = v
 	}
@@ -4123,7 +4158,7 @@ func (c *BucketsInsertCall) Header() http.Header {
 
 func (c *BucketsInsertCall) doRequest(alt string) (*http.Response, error) {
 	reqHeaders := make(http.Header)
-	reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20210927")
+	reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20211027")
 	for k, v := range c.header_ {
 		reqHeaders[k] = v
 	}
@@ -4382,7 +4417,7 @@ func (c *BucketsListCall) Header() http.Header {
 
 func (c *BucketsListCall) doRequest(alt string) (*http.Response, error) {
 	reqHeaders := make(http.Header)
-	reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20210927")
+	reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20211027")
 	for k, v := range c.header_ {
 		reqHeaders[k] = v
 	}
@@ -4596,7 +4631,7 @@ func (c *BucketsLockRetentionPolicyCall) Header() http.Header {
 
 func (c *BucketsLockRetentionPolicyCall) doRequest(alt string) (*http.Response, error) {
 	reqHeaders := make(http.Header)
-	reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20210927")
+	reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20211027")
 	for k, v := range c.header_ {
 		reqHeaders[k] = v
 	}
@@ -4833,7 +4868,7 @@ func (c *BucketsPatchCall) Header() http.Header {
 
 func (c *BucketsPatchCall) doRequest(alt string) (*http.Response, error) {
 	reqHeaders := make(http.Header)
-	reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20210927")
+	reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20211027")
 	for k, v := range c.header_ {
 		reqHeaders[k] = v
 	}
@@ -5064,7 +5099,7 @@ func (c *BucketsSetIamPolicyCall) Header() http.Header {
 
 func (c *BucketsSetIamPolicyCall) doRequest(alt string) (*http.Response, error) {
 	reqHeaders := make(http.Header)
-	reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20210927")
+	reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20211027")
 	for k, v := range c.header_ {
 		reqHeaders[k] = v
 	}
@@ -5242,7 +5277,7 @@ func (c *BucketsTestIamPermissionsCall) Header() http.Header {
 
 func (c *BucketsTestIamPermissionsCall) doRequest(alt string) (*http.Response, error) {
 	reqHeaders := make(http.Header)
-	reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20210927")
+	reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20211027")
 	for k, v := range c.header_ {
 		reqHeaders[k] = v
 	}
@@ -5484,7 +5519,7 @@ func (c *BucketsUpdateCall) Header() http.Header {
 
 func (c *BucketsUpdateCall) doRequest(alt string) (*http.Response, error) {
 	reqHeaders := make(http.Header)
-	reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20210927")
+	reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20211027")
 	for k, v := range c.header_ {
 		reqHeaders[k] = v
 	}
@@ -5696,7 +5731,7 @@ func (c *ChannelsStopCall) Header() http.Header {
 
 func (c *ChannelsStopCall) doRequest(alt string) (*http.Response, error) {
 	reqHeaders := make(http.Header)
-	reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20210927")
+	reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20211027")
 	for k, v := range c.header_ {
 		reqHeaders[k] = v
 	}
@@ -5818,7 +5853,7 @@ func (c *DefaultObjectAccessControlsDeleteCall) Header() http.Header {
 
 func (c *DefaultObjectAccessControlsDeleteCall) doRequest(alt string) (*http.Response, error) {
 	reqHeaders := make(http.Header)
-	reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20210927")
+	reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20211027")
 	for k, v := range c.header_ {
 		reqHeaders[k] = v
 	}
@@ -5971,7 +6006,7 @@ func (c *DefaultObjectAccessControlsGetCall) Header() http.Header {
 
 func (c *DefaultObjectAccessControlsGetCall) doRequest(alt string) (*http.Response, error) {
 	reqHeaders := make(http.Header)
-	reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20210927")
+	reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20211027")
 	for k, v := range c.header_ {
 		reqHeaders[k] = v
 	}
@@ -6141,7 +6176,7 @@ func (c *DefaultObjectAccessControlsInsertCall) Header() http.Header {
 
 func (c *DefaultObjectAccessControlsInsertCall) doRequest(alt string) (*http.Response, error) {
 	reqHeaders := make(http.Header)
-	reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20210927")
+	reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20211027")
 	for k, v := range c.header_ {
 		reqHeaders[k] = v
 	}
@@ -6333,7 +6368,7 @@ func (c *DefaultObjectAccessControlsListCall) Header() http.Header {
 
 func (c *DefaultObjectAccessControlsListCall) doRequest(alt string) (*http.Response, error) {
 	reqHeaders := make(http.Header)
-	reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20210927")
+	reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20211027")
 	for k, v := range c.header_ {
 		reqHeaders[k] = v
 	}
@@ -6511,7 +6546,7 @@ func (c *DefaultObjectAccessControlsPatchCall) Header() http.Header {
 
 func (c *DefaultObjectAccessControlsPatchCall) doRequest(alt string) (*http.Response, error) {
 	reqHeaders := make(http.Header)
-	reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20210927")
+	reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20211027")
 	for k, v := range c.header_ {
 		reqHeaders[k] = v
 	}
@@ -6690,7 +6725,7 @@ func (c *DefaultObjectAccessControlsUpdateCall) Header() http.Header {
 
 func (c *DefaultObjectAccessControlsUpdateCall) doRequest(alt string) (*http.Response, error) {
 	reqHeaders := make(http.Header)
-	reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20210927")
+	reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20211027")
 	for k, v := range c.header_ {
 		reqHeaders[k] = v
 	}
@@ -6865,7 +6900,7 @@ func (c *NotificationsDeleteCall) Header() http.Header {
 
 func (c *NotificationsDeleteCall) doRequest(alt string) (*http.Response, error) {
 	reqHeaders := make(http.Header)
-	reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20210927")
+	reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20211027")
 	for k, v := range c.header_ {
 		reqHeaders[k] = v
 	}
@@ -7016,7 +7051,7 @@ func (c *NotificationsGetCall) Header() http.Header {
 
 func (c *NotificationsGetCall) doRequest(alt string) (*http.Response, error) {
 	reqHeaders := make(http.Header)
-	reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20210927")
+	reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20211027")
 	for k, v := range c.header_ {
 		reqHeaders[k] = v
 	}
@@ -7188,7 +7223,7 @@ func (c *NotificationsInsertCall) Header() http.Header {
 
 func (c *NotificationsInsertCall) doRequest(alt string) (*http.Response, error) {
 	reqHeaders := make(http.Header)
-	reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20210927")
+	reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20211027")
 	for k, v := range c.header_ {
 		reqHeaders[k] = v
 	}
@@ -7365,7 +7400,7 @@ func (c *NotificationsListCall) Header() http.Header {
 
 func (c *NotificationsListCall) doRequest(alt string) (*http.Response, error) {
 	reqHeaders := make(http.Header)
-	reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20210927")
+	reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20211027")
 	for k, v := range c.header_ {
 		reqHeaders[k] = v
 	}
@@ -7545,7 +7580,7 @@ func (c *ObjectAccessControlsDeleteCall) Header() http.Header {
 
 func (c *ObjectAccessControlsDeleteCall) doRequest(alt string) (*http.Response, error) {
 	reqHeaders := make(http.Header)
-	reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20210927")
+	reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20211027")
 	for k, v := range c.header_ {
 		reqHeaders[k] = v
 	}
@@ -7724,7 +7759,7 @@ func (c *ObjectAccessControlsGetCall) Header() http.Header {
 
 func (c *ObjectAccessControlsGetCall) doRequest(alt string) (*http.Response, error) {
 	reqHeaders := make(http.Header)
-	reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20210927")
+	reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20211027")
 	for k, v := range c.header_ {
 		reqHeaders[k] = v
 	}
@@ -7919,7 +7954,7 @@ func (c *ObjectAccessControlsInsertCall) Header() http.Header {
 
 func (c *ObjectAccessControlsInsertCall) doRequest(alt string) (*http.Response, error) {
 	reqHeaders := make(http.Header)
-	reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20210927")
+	reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20211027")
 	for k, v := range c.header_ {
 		reqHeaders[k] = v
 	}
@@ -8120,7 +8155,7 @@ func (c *ObjectAccessControlsListCall) Header() http.Header {
 
 func (c *ObjectAccessControlsListCall) doRequest(alt string) (*http.Response, error) {
 	reqHeaders := make(http.Header)
-	reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20210927")
+	reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20211027")
 	for k, v := range c.header_ {
 		reqHeaders[k] = v
 	}
@@ -8312,7 +8347,7 @@ func (c *ObjectAccessControlsPatchCall) Header() http.Header {
 
 func (c *ObjectAccessControlsPatchCall) doRequest(alt string) (*http.Response, error) {
 	reqHeaders := make(http.Header)
-	reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20210927")
+	reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20211027")
 	for k, v := range c.header_ {
 		reqHeaders[k] = v
 	}
@@ -8517,7 +8552,7 @@ func (c *ObjectAccessControlsUpdateCall) Header() http.Header {
 
 func (c *ObjectAccessControlsUpdateCall) doRequest(alt string) (*http.Response, error) {
 	reqHeaders := make(http.Header)
-	reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20210927")
+	reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20211027")
 	for k, v := range c.header_ {
 		reqHeaders[k] = v
 	}
@@ -8760,7 +8795,7 @@ func (c *ObjectsComposeCall) Header() http.Header {
 
 func (c *ObjectsComposeCall) doRequest(alt string) (*http.Response, error) {
 	reqHeaders := make(http.Header)
-	reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20210927")
+	reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20211027")
 	for k, v := range c.header_ {
 		reqHeaders[k] = v
 	}
@@ -9116,7 +9151,7 @@ func (c *ObjectsCopyCall) Header() http.Header {
 
 func (c *ObjectsCopyCall) doRequest(alt string) (*http.Response, error) {
 	reqHeaders := make(http.Header)
-	reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20210927")
+	reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20211027")
 	for k, v := range c.header_ {
 		reqHeaders[k] = v
 	}
@@ -9448,7 +9483,7 @@ func (c *ObjectsDeleteCall) Header() http.Header {
 
 func (c *ObjectsDeleteCall) doRequest(alt string) (*http.Response, error) {
 	reqHeaders := make(http.Header)
-	reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20210927")
+	reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20211027")
 	for k, v := range c.header_ {
 		reqHeaders[k] = v
 	}
@@ -9685,7 +9720,7 @@ func (c *ObjectsGetCall) Header() http.Header {
 
 func (c *ObjectsGetCall) doRequest(alt string) (*http.Response, error) {
 	reqHeaders := make(http.Header)
-	reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20210927")
+	reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20211027")
 	for k, v := range c.header_ {
 		reqHeaders[k] = v
 	}
@@ -9939,7 +9974,7 @@ func (c *ObjectsGetIamPolicyCall) Header() http.Header {
 
 func (c *ObjectsGetIamPolicyCall) doRequest(alt string) (*http.Response, error) {
 	reqHeaders := make(http.Header)
-	reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20210927")
+	reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20211027")
 	for k, v := range c.header_ {
 		reqHeaders[k] = v
 	}
@@ -10259,7 +10294,7 @@ func (c *ObjectsInsertCall) Header() http.Header {
 
 func (c *ObjectsInsertCall) doRequest(alt string) (*http.Response, error) {
 	reqHeaders := make(http.Header)
-	reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20210927")
+	reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20211027")
 	for k, v := range c.header_ {
 		reqHeaders[k] = v
 	}
@@ -10634,7 +10669,7 @@ func (c *ObjectsListCall) Header() http.Header {
 
 func (c *ObjectsListCall) doRequest(alt string) (*http.Response, error) {
 	reqHeaders := make(http.Header)
-	reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20210927")
+	reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20211027")
 	for k, v := range c.header_ {
 		reqHeaders[k] = v
 	}
@@ -10955,7 +10990,7 @@ func (c *ObjectsPatchCall) Header() http.Header {
 
 func (c *ObjectsPatchCall) doRequest(alt string) (*http.Response, error) {
 	reqHeaders := make(http.Header)
-	reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20210927")
+	reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20211027")
 	for k, v := range c.header_ {
 		reqHeaders[k] = v
 	}
@@ -11360,7 +11395,7 @@ func (c *ObjectsRewriteCall) Header() http.Header {
 
 func (c *ObjectsRewriteCall) doRequest(alt string) (*http.Response, error) {
 	reqHeaders := make(http.Header)
-	reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20210927")
+	reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20211027")
 	for k, v := range c.header_ {
 		reqHeaders[k] = v
 	}
@@ -11667,7 +11702,7 @@ func (c *ObjectsSetIamPolicyCall) Header() http.Header {
 
 func (c *ObjectsSetIamPolicyCall) doRequest(alt string) (*http.Response, error) {
 	reqHeaders := make(http.Header)
-	reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20210927")
+	reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20211027")
 	for k, v := range c.header_ {
 		reqHeaders[k] = v
 	}
@@ -11872,7 +11907,7 @@ func (c *ObjectsTestIamPermissionsCall) Header() http.Header {
 
 func (c *ObjectsTestIamPermissionsCall) doRequest(alt string) (*http.Response, error) {
 	reqHeaders := make(http.Header)
-	reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20210927")
+	reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20211027")
 	for k, v := range c.header_ {
 		reqHeaders[k] = v
 	}
@@ -12137,7 +12172,7 @@ func (c *ObjectsUpdateCall) Header() http.Header {
 
 func (c *ObjectsUpdateCall) doRequest(alt string) (*http.Response, error) {
 	reqHeaders := make(http.Header)
-	reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20210927")
+	reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20211027")
 	for k, v := range c.header_ {
 		reqHeaders[k] = v
 	}
@@ -12457,7 +12492,7 @@ func (c *ObjectsWatchAllCall) Header() http.Header {
 
 func (c *ObjectsWatchAllCall) doRequest(alt string) (*http.Response, error) {
 	reqHeaders := make(http.Header)
-	reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20210927")
+	reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20211027")
 	for k, v := range c.header_ {
 		reqHeaders[k] = v
 	}
@@ -12676,7 +12711,7 @@ func (c *ProjectsHmacKeysCreateCall) Header() http.Header {
 
 func (c *ProjectsHmacKeysCreateCall) doRequest(alt string) (*http.Response, error) {
 	reqHeaders := make(http.Header)
-	reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20210927")
+	reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20211027")
 	for k, v := range c.header_ {
 		reqHeaders[k] = v
 	}
@@ -12829,7 +12864,7 @@ func (c *ProjectsHmacKeysDeleteCall) Header() http.Header {
 
 func (c *ProjectsHmacKeysDeleteCall) doRequest(alt string) (*http.Response, error) {
 	reqHeaders := make(http.Header)
-	reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20210927")
+	reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20211027")
 	for k, v := range c.header_ {
 		reqHeaders[k] = v
 	}
@@ -12968,7 +13003,7 @@ func (c *ProjectsHmacKeysGetCall) Header() http.Header {
 
 func (c *ProjectsHmacKeysGetCall) doRequest(alt string) (*http.Response, error) {
 	reqHeaders := make(http.Header)
-	reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20210927")
+	reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20211027")
 	for k, v := range c.header_ {
 		reqHeaders[k] = v
 	}
@@ -13170,7 +13205,7 @@ func (c *ProjectsHmacKeysListCall) Header() http.Header {
 
 func (c *ProjectsHmacKeysListCall) doRequest(alt string) (*http.Response, error) {
 	reqHeaders := make(http.Header)
-	reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20210927")
+	reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20211027")
 	for k, v := range c.header_ {
 		reqHeaders[k] = v
 	}
@@ -13369,7 +13404,7 @@ func (c *ProjectsHmacKeysUpdateCall) Header() http.Header {
 
 func (c *ProjectsHmacKeysUpdateCall) doRequest(alt string) (*http.Response, error) {
 	reqHeaders := make(http.Header)
-	reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20210927")
+	reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20211027")
 	for k, v := range c.header_ {
 		reqHeaders[k] = v
 	}
@@ -13548,7 +13583,7 @@ func (c *ProjectsServiceAccountGetCall) Header() http.Header {
 
 func (c *ProjectsServiceAccountGetCall) doRequest(alt string) (*http.Response, error) {
 	reqHeaders := make(http.Header)
-	reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20210927")
+	reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20211027")
 	for k, v := range c.header_ {
 		reqHeaders[k] = v
 	}
diff --git a/vendor/google.golang.org/api/transport/grpc/dial.go b/vendor/google.golang.org/api/transport/grpc/dial.go
index 8cce06f4611..0334ef4f694 100644
--- a/vendor/google.golang.org/api/transport/grpc/dial.go
+++ b/vendor/google.golang.org/api/transport/grpc/dial.go
@@ -12,6 +12,8 @@ import (
 	"crypto/tls"
 	"errors"
 	"log"
+	"net"
+	"os"
 	"strings"
 
 	"cloud.google.com/go/compute/metadata"
@@ -29,6 +31,9 @@ import (
 	_ "google.golang.org/grpc/balancer/grpclb"
 )
 
+// Check env to decide if using google-c2p resolver for DirectPath traffic.
+const enableDirectPathXds = "GOOGLE_CLOUD_ENABLE_DIRECT_PATH_XDS"
+
 // Set at init time by dial_appengine.go. If nil, we're not on App Engine.
 var appengineDialerHook func(context.Context) grpc.DialOption
 
@@ -134,23 +139,32 @@ func dial(ctx context.Context, insecure bool, o *internal.DialSettings) (*grpc.C
 			o.QuotaProject = internal.QuotaProjectFromCreds(creds)
 		}
 
-		// Attempt Direct Path only if:
-		// * The endpoint is a host:port (or dns:///host:port).
-		// * Credentials are obtained via GCE metadata server, using the default
-		//   service account.
+		// Attempt Direct Path:
 		if o.EnableDirectPath && checkDirectPathEndPoint(endpoint) && isTokenSourceDirectPathCompatible(creds.TokenSource, o) && metadata.OnGCE() {
-			if !strings.HasPrefix(endpoint, "dns:///") {
-				endpoint = "dns:///" + endpoint
-			}
 			grpcOpts = []grpc.DialOption{
-				grpc.WithCredentialsBundle(
-					grpcgoogle.NewComputeEngineCredentials(),
-				),
-				// For now all DirectPath go clients will be using the following lb config, but in future
-				// when different services need different configs, then we should change this to a
-				// per-service config.
-				grpc.WithDisableServiceConfig(),
-				grpc.WithDefaultServiceConfig(`{"loadBalancingConfig":[{"grpclb":{"childPolicy":[{"pick_first":{}}]}}]}`),
+				grpc.WithCredentialsBundle(grpcgoogle.NewComputeEngineCredentials())}
+			if timeoutDialerOption != nil {
+				grpcOpts = append(grpcOpts, timeoutDialerOption)
+			}
+			// Check if google-c2p resolver is enabled for DirectPath
+			// TODO(mohanli): remove grpc version guard once google-api-go-client is able to depends on the latest grpc
+			if grpc.Version >= "1.42" && strings.EqualFold(os.Getenv(enableDirectPathXds), "true") {
+				// google-c2p resolver target must not have a port number
+				if addr, _, err := net.SplitHostPort(endpoint); err == nil {
+					endpoint = "google-c2p:///" + addr
+				} else {
+					endpoint = "google-c2p:///" + endpoint
+				}
+			} else {
+				if !strings.HasPrefix(endpoint, "dns:///") {
+					endpoint = "dns:///" + endpoint
+				}
+				grpcOpts = append(grpcOpts,
+					// For now all DirectPath go clients will be using the following lb config, but in future
+					// when different services need different configs, then we should change this to a
+					// per-service config.
+					grpc.WithDisableServiceConfig(),
+					grpc.WithDefaultServiceConfig(`{"loadBalancingConfig":[{"grpclb":{"childPolicy":[{"pick_first":{}}]}}]}`))
 			}
 			// TODO(cbro): add support for system parameters (quota project, request reason) via chained interceptor.
 		} else {
@@ -183,14 +197,6 @@ func dial(ctx context.Context, insecure bool, o *internal.DialSettings) (*grpc.C
 		grpcOpts = append(grpcOpts, grpc.WithUserAgent(o.UserAgent))
 	}
 
-	// TODO(weiranf): This socketopt dialer will be used by default at some
-	// point when isDirectPathEnabled will default to true, we guard it by
-	// the Directpath env var for now once we can introspect user defined
-	// dialer (https://github.com/grpc/grpc-go/issues/2795).
-	if timeoutDialerOption != nil && o.EnableDirectPath && checkDirectPathEndPoint(endpoint) && metadata.OnGCE() {
-		grpcOpts = append(grpcOpts, timeoutDialerOption)
-	}
-
 	return grpc.DialContext(ctx, endpoint, grpcOpts...)
 }
 
diff --git a/vendor/google.golang.org/api/transport/grpc/dial_enablexds.go b/vendor/google.golang.org/api/transport/grpc/dial_enablexds.go
new file mode 100644
index 00000000000..2face41af12
--- /dev/null
+++ b/vendor/google.golang.org/api/transport/grpc/dial_enablexds.go
@@ -0,0 +1,17 @@
+// Copyright 2021 Google LLC.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+// Package grpc supports network connections to GRPC servers.
+// This package is not intended for use by end developers. Use the
+// google.golang.org/api/option package to configure API clients.
+
+//go:build enablexds
+// +build enablexds
+
+package grpc
+
+import (
+	// Install google-c2p resolver, which is required for direct path.
+	_ "google.golang.org/grpc/xds/googledirectpath"
+)
diff --git a/vendor/google.golang.org/genproto/googleapis/api/httpbody/httpbody.pb.go b/vendor/google.golang.org/genproto/googleapis/api/httpbody/httpbody.pb.go
index b47efe82b20..7ea5ced87e0 100644
--- a/vendor/google.golang.org/genproto/googleapis/api/httpbody/httpbody.pb.go
+++ b/vendor/google.golang.org/genproto/googleapis/api/httpbody/httpbody.pb.go
@@ -56,12 +56,15 @@ const (
 //
 //       // The raw HTTP body is bound to this field.
 //       google.api.HttpBody http_body = 2;
+//
 //     }
 //
 //     service ResourceService {
-//       rpc GetResource(GetResourceRequest) returns (google.api.HttpBody);
-//       rpc UpdateResource(google.api.HttpBody) returns
-//       (google.protobuf.Empty);
+//       rpc GetResource(GetResourceRequest)
+//         returns (google.api.HttpBody);
+//       rpc UpdateResource(google.api.HttpBody)
+//         returns (google.protobuf.Empty);
+//
 //     }
 //
 // Example with streaming methods:
@@ -71,6 +74,7 @@ const (
 //         returns (stream google.api.HttpBody);
 //       rpc UpdateCalendar(stream google.api.HttpBody)
 //         returns (stream google.api.HttpBody);
+//
 //     }
 //
 // Use of this type only changes how the request and response bodies are
diff --git a/vendor/google.golang.org/genproto/googleapis/bigtable/admin/v2/bigtable_instance_admin.pb.go b/vendor/google.golang.org/genproto/googleapis/bigtable/admin/v2/bigtable_instance_admin.pb.go
index 069b2c849ee..df58fc05920 100644
--- a/vendor/google.golang.org/genproto/googleapis/bigtable/admin/v2/bigtable_instance_admin.pb.go
+++ b/vendor/google.golang.org/genproto/googleapis/bigtable/admin/v2/bigtable_instance_admin.pb.go
@@ -1494,470 +1494,473 @@ var file_google_bigtable_admin_v2_bigtable_instance_admin_proto_rawDesc = []byte
 	0x01, 0x28, 0x0b, 0x32, 0x21, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x62, 0x69, 0x67,
 	0x74, 0x61, 0x62, 0x6c, 0x65, 0x2e, 0x61, 0x64, 0x6d, 0x69, 0x6e, 0x2e, 0x76, 0x32, 0x2e, 0x43,
 	0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0x52, 0x05, 0x76, 0x61, 0x6c, 0x75, 0x65, 0x3a, 0x02, 0x38,
-	0x01, 0x22, 0x52, 0x0a, 0x12, 0x47, 0x65, 0x74, 0x49, 0x6e, 0x73, 0x74, 0x61, 0x6e, 0x63, 0x65,
-	0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x12, 0x3c, 0x0a, 0x04, 0x6e, 0x61, 0x6d, 0x65, 0x18,
-	0x01, 0x20, 0x01, 0x28, 0x09, 0x42, 0x28, 0xe0, 0x41, 0x02, 0xfa, 0x41, 0x22, 0x0a, 0x20, 0x62,
-	0x69, 0x67, 0x74, 0x61, 0x62, 0x6c, 0x65, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x61, 0x70,
-	0x69, 0x73, 0x2e, 0x63, 0x6f, 0x6d, 0x2f, 0x49, 0x6e, 0x73, 0x74, 0x61, 0x6e, 0x63, 0x65, 0x52,
-	0x04, 0x6e, 0x61, 0x6d, 0x65, 0x22, 0x82, 0x01, 0x0a, 0x14, 0x4c, 0x69, 0x73, 0x74, 0x49, 0x6e,
-	0x73, 0x74, 0x61, 0x6e, 0x63, 0x65, 0x73, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x12, 0x4b,
-	0x0a, 0x06, 0x70, 0x61, 0x72, 0x65, 0x6e, 0x74, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x42, 0x33,
-	0xe0, 0x41, 0x02, 0xfa, 0x41, 0x2d, 0x0a, 0x2b, 0x63, 0x6c, 0x6f, 0x75, 0x64, 0x72, 0x65, 0x73,
-	0x6f, 0x75, 0x72, 0x63, 0x65, 0x6d, 0x61, 0x6e, 0x61, 0x67, 0x65, 0x72, 0x2e, 0x67, 0x6f, 0x6f,
-	0x67, 0x6c, 0x65, 0x61, 0x70, 0x69, 0x73, 0x2e, 0x63, 0x6f, 0x6d, 0x2f, 0x50, 0x72, 0x6f, 0x6a,
-	0x65, 0x63, 0x74, 0x52, 0x06, 0x70, 0x61, 0x72, 0x65, 0x6e, 0x74, 0x12, 0x1d, 0x0a, 0x0a, 0x70,
-	0x61, 0x67, 0x65, 0x5f, 0x74, 0x6f, 0x6b, 0x65, 0x6e, 0x18, 0x02, 0x20, 0x01, 0x28, 0x09, 0x52,
-	0x09, 0x70, 0x61, 0x67, 0x65, 0x54, 0x6f, 0x6b, 0x65, 0x6e, 0x22, 0xac, 0x01, 0x0a, 0x15, 0x4c,
-	0x69, 0x73, 0x74, 0x49, 0x6e, 0x73, 0x74, 0x61, 0x6e, 0x63, 0x65, 0x73, 0x52, 0x65, 0x73, 0x70,
-	0x6f, 0x6e, 0x73, 0x65, 0x12, 0x40, 0x0a, 0x09, 0x69, 0x6e, 0x73, 0x74, 0x61, 0x6e, 0x63, 0x65,
-	0x73, 0x18, 0x01, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x22, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65,
-	0x2e, 0x62, 0x69, 0x67, 0x74, 0x61, 0x62, 0x6c, 0x65, 0x2e, 0x61, 0x64, 0x6d, 0x69, 0x6e, 0x2e,
-	0x76, 0x32, 0x2e, 0x49, 0x6e, 0x73, 0x74, 0x61, 0x6e, 0x63, 0x65, 0x52, 0x09, 0x69, 0x6e, 0x73,
-	0x74, 0x61, 0x6e, 0x63, 0x65, 0x73, 0x12, 0x29, 0x0a, 0x10, 0x66, 0x61, 0x69, 0x6c, 0x65, 0x64,
-	0x5f, 0x6c, 0x6f, 0x63, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x18, 0x02, 0x20, 0x03, 0x28, 0x09,
-	0x52, 0x0f, 0x66, 0x61, 0x69, 0x6c, 0x65, 0x64, 0x4c, 0x6f, 0x63, 0x61, 0x74, 0x69, 0x6f, 0x6e,
-	0x73, 0x12, 0x26, 0x0a, 0x0f, 0x6e, 0x65, 0x78, 0x74, 0x5f, 0x70, 0x61, 0x67, 0x65, 0x5f, 0x74,
-	0x6f, 0x6b, 0x65, 0x6e, 0x18, 0x03, 0x20, 0x01, 0x28, 0x09, 0x52, 0x0d, 0x6e, 0x65, 0x78, 0x74,
-	0x50, 0x61, 0x67, 0x65, 0x54, 0x6f, 0x6b, 0x65, 0x6e, 0x22, 0xa5, 0x01, 0x0a, 0x1c, 0x50, 0x61,
-	0x72, 0x74, 0x69, 0x61, 0x6c, 0x55, 0x70, 0x64, 0x61, 0x74, 0x65, 0x49, 0x6e, 0x73, 0x74, 0x61,
-	0x6e, 0x63, 0x65, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x12, 0x43, 0x0a, 0x08, 0x69, 0x6e,
-	0x73, 0x74, 0x61, 0x6e, 0x63, 0x65, 0x18, 0x01, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x22, 0x2e, 0x67,
+	0x01, 0x22, 0x57, 0x0a, 0x12, 0x47, 0x65, 0x74, 0x49, 0x6e, 0x73, 0x74, 0x61, 0x6e, 0x63, 0x65,
+	0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x12, 0x41, 0x0a, 0x04, 0x6e, 0x61, 0x6d, 0x65, 0x18,
+	0x01, 0x20, 0x01, 0x28, 0x09, 0x42, 0x2d, 0xe0, 0x41, 0x02, 0xfa, 0x41, 0x27, 0x0a, 0x25, 0x62,
+	0x69, 0x67, 0x74, 0x61, 0x62, 0x6c, 0x65, 0x61, 0x64, 0x6d, 0x69, 0x6e, 0x2e, 0x67, 0x6f, 0x6f,
+	0x67, 0x6c, 0x65, 0x61, 0x70, 0x69, 0x73, 0x2e, 0x63, 0x6f, 0x6d, 0x2f, 0x49, 0x6e, 0x73, 0x74,
+	0x61, 0x6e, 0x63, 0x65, 0x52, 0x04, 0x6e, 0x61, 0x6d, 0x65, 0x22, 0x82, 0x01, 0x0a, 0x14, 0x4c,
+	0x69, 0x73, 0x74, 0x49, 0x6e, 0x73, 0x74, 0x61, 0x6e, 0x63, 0x65, 0x73, 0x52, 0x65, 0x71, 0x75,
+	0x65, 0x73, 0x74, 0x12, 0x4b, 0x0a, 0x06, 0x70, 0x61, 0x72, 0x65, 0x6e, 0x74, 0x18, 0x01, 0x20,
+	0x01, 0x28, 0x09, 0x42, 0x33, 0xe0, 0x41, 0x02, 0xfa, 0x41, 0x2d, 0x0a, 0x2b, 0x63, 0x6c, 0x6f,
+	0x75, 0x64, 0x72, 0x65, 0x73, 0x6f, 0x75, 0x72, 0x63, 0x65, 0x6d, 0x61, 0x6e, 0x61, 0x67, 0x65,
+	0x72, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x61, 0x70, 0x69, 0x73, 0x2e, 0x63, 0x6f, 0x6d,
+	0x2f, 0x50, 0x72, 0x6f, 0x6a, 0x65, 0x63, 0x74, 0x52, 0x06, 0x70, 0x61, 0x72, 0x65, 0x6e, 0x74,
+	0x12, 0x1d, 0x0a, 0x0a, 0x70, 0x61, 0x67, 0x65, 0x5f, 0x74, 0x6f, 0x6b, 0x65, 0x6e, 0x18, 0x02,
+	0x20, 0x01, 0x28, 0x09, 0x52, 0x09, 0x70, 0x61, 0x67, 0x65, 0x54, 0x6f, 0x6b, 0x65, 0x6e, 0x22,
+	0xac, 0x01, 0x0a, 0x15, 0x4c, 0x69, 0x73, 0x74, 0x49, 0x6e, 0x73, 0x74, 0x61, 0x6e, 0x63, 0x65,
+	0x73, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x12, 0x40, 0x0a, 0x09, 0x69, 0x6e, 0x73,
+	0x74, 0x61, 0x6e, 0x63, 0x65, 0x73, 0x18, 0x01, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x22, 0x2e, 0x67,
 	0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x62, 0x69, 0x67, 0x74, 0x61, 0x62, 0x6c, 0x65, 0x2e, 0x61,
 	0x64, 0x6d, 0x69, 0x6e, 0x2e, 0x76, 0x32, 0x2e, 0x49, 0x6e, 0x73, 0x74, 0x61, 0x6e, 0x63, 0x65,
-	0x42, 0x03, 0xe0, 0x41, 0x02, 0x52, 0x08, 0x69, 0x6e, 0x73, 0x74, 0x61, 0x6e, 0x63, 0x65, 0x12,
-	0x40, 0x0a, 0x0b, 0x75, 0x70, 0x64, 0x61, 0x74, 0x65, 0x5f, 0x6d, 0x61, 0x73, 0x6b, 0x18, 0x02,
-	0x20, 0x01, 0x28, 0x0b, 0x32, 0x1a, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72,
-	0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x46, 0x69, 0x65, 0x6c, 0x64, 0x4d, 0x61, 0x73, 0x6b,
-	0x42, 0x03, 0xe0, 0x41, 0x02, 0x52, 0x0a, 0x75, 0x70, 0x64, 0x61, 0x74, 0x65, 0x4d, 0x61, 0x73,
-	0x6b, 0x22, 0x55, 0x0a, 0x15, 0x44, 0x65, 0x6c, 0x65, 0x74, 0x65, 0x49, 0x6e, 0x73, 0x74, 0x61,
-	0x6e, 0x63, 0x65, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x12, 0x3c, 0x0a, 0x04, 0x6e, 0x61,
-	0x6d, 0x65, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x42, 0x28, 0xe0, 0x41, 0x02, 0xfa, 0x41, 0x22,
-	0x0a, 0x20, 0x62, 0x69, 0x67, 0x74, 0x61, 0x62, 0x6c, 0x65, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c,
-	0x65, 0x61, 0x70, 0x69, 0x73, 0x2e, 0x63, 0x6f, 0x6d, 0x2f, 0x49, 0x6e, 0x73, 0x74, 0x61, 0x6e,
-	0x63, 0x65, 0x52, 0x04, 0x6e, 0x61, 0x6d, 0x65, 0x22, 0xbe, 0x01, 0x0a, 0x14, 0x43, 0x72, 0x65,
-	0x61, 0x74, 0x65, 0x43, 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73,
-	0x74, 0x12, 0x40, 0x0a, 0x06, 0x70, 0x61, 0x72, 0x65, 0x6e, 0x74, 0x18, 0x01, 0x20, 0x01, 0x28,
-	0x09, 0x42, 0x28, 0xe0, 0x41, 0x02, 0xfa, 0x41, 0x22, 0x0a, 0x20, 0x62, 0x69, 0x67, 0x74, 0x61,
-	0x62, 0x6c, 0x65, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x61, 0x70, 0x69, 0x73, 0x2e, 0x63,
-	0x6f, 0x6d, 0x2f, 0x49, 0x6e, 0x73, 0x74, 0x61, 0x6e, 0x63, 0x65, 0x52, 0x06, 0x70, 0x61, 0x72,
-	0x65, 0x6e, 0x74, 0x12, 0x22, 0x0a, 0x0a, 0x63, 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0x5f, 0x69,
-	0x64, 0x18, 0x02, 0x20, 0x01, 0x28, 0x09, 0x42, 0x03, 0xe0, 0x41, 0x02, 0x52, 0x09, 0x63, 0x6c,
-	0x75, 0x73, 0x74, 0x65, 0x72, 0x49, 0x64, 0x12, 0x40, 0x0a, 0x07, 0x63, 0x6c, 0x75, 0x73, 0x74,
-	0x65, 0x72, 0x18, 0x03, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x21, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c,
-	0x65, 0x2e, 0x62, 0x69, 0x67, 0x74, 0x61, 0x62, 0x6c, 0x65, 0x2e, 0x61, 0x64, 0x6d, 0x69, 0x6e,
-	0x2e, 0x76, 0x32, 0x2e, 0x43, 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0x42, 0x03, 0xe0, 0x41, 0x02,
-	0x52, 0x07, 0x63, 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0x22, 0x50, 0x0a, 0x11, 0x47, 0x65, 0x74,
-	0x43, 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x12, 0x3b,
-	0x0a, 0x04, 0x6e, 0x61, 0x6d, 0x65, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x42, 0x27, 0xe0, 0x41,
-	0x02, 0xfa, 0x41, 0x21, 0x0a, 0x1f, 0x62, 0x69, 0x67, 0x74, 0x61, 0x62, 0x6c, 0x65, 0x2e, 0x67,
-	0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x61, 0x70, 0x69, 0x73, 0x2e, 0x63, 0x6f, 0x6d, 0x2f, 0x43, 0x6c,
-	0x75, 0x73, 0x74, 0x65, 0x72, 0x52, 0x04, 0x6e, 0x61, 0x6d, 0x65, 0x22, 0x76, 0x0a, 0x13, 0x4c,
-	0x69, 0x73, 0x74, 0x43, 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0x73, 0x52, 0x65, 0x71, 0x75, 0x65,
-	0x73, 0x74, 0x12, 0x40, 0x0a, 0x06, 0x70, 0x61, 0x72, 0x65, 0x6e, 0x74, 0x18, 0x01, 0x20, 0x01,
-	0x28, 0x09, 0x42, 0x28, 0xe0, 0x41, 0x02, 0xfa, 0x41, 0x22, 0x0a, 0x20, 0x62, 0x69, 0x67, 0x74,
-	0x61, 0x62, 0x6c, 0x65, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x61, 0x70, 0x69, 0x73, 0x2e,
-	0x63, 0x6f, 0x6d, 0x2f, 0x49, 0x6e, 0x73, 0x74, 0x61, 0x6e, 0x63, 0x65, 0x52, 0x06, 0x70, 0x61,
-	0x72, 0x65, 0x6e, 0x74, 0x12, 0x1d, 0x0a, 0x0a, 0x70, 0x61, 0x67, 0x65, 0x5f, 0x74, 0x6f, 0x6b,
-	0x65, 0x6e, 0x18, 0x02, 0x20, 0x01, 0x28, 0x09, 0x52, 0x09, 0x70, 0x61, 0x67, 0x65, 0x54, 0x6f,
-	0x6b, 0x65, 0x6e, 0x22, 0xa8, 0x01, 0x0a, 0x14, 0x4c, 0x69, 0x73, 0x74, 0x43, 0x6c, 0x75, 0x73,
-	0x74, 0x65, 0x72, 0x73, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x12, 0x3d, 0x0a, 0x08,
-	0x63, 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0x73, 0x18, 0x01, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x21,
-	0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x62, 0x69, 0x67, 0x74, 0x61, 0x62, 0x6c, 0x65,
-	0x2e, 0x61, 0x64, 0x6d, 0x69, 0x6e, 0x2e, 0x76, 0x32, 0x2e, 0x43, 0x6c, 0x75, 0x73, 0x74, 0x65,
-	0x72, 0x52, 0x08, 0x63, 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0x73, 0x12, 0x29, 0x0a, 0x10, 0x66,
+	0x52, 0x09, 0x69, 0x6e, 0x73, 0x74, 0x61, 0x6e, 0x63, 0x65, 0x73, 0x12, 0x29, 0x0a, 0x10, 0x66,
 	0x61, 0x69, 0x6c, 0x65, 0x64, 0x5f, 0x6c, 0x6f, 0x63, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x18,
 	0x02, 0x20, 0x03, 0x28, 0x09, 0x52, 0x0f, 0x66, 0x61, 0x69, 0x6c, 0x65, 0x64, 0x4c, 0x6f, 0x63,
 	0x61, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x12, 0x26, 0x0a, 0x0f, 0x6e, 0x65, 0x78, 0x74, 0x5f, 0x70,
 	0x61, 0x67, 0x65, 0x5f, 0x74, 0x6f, 0x6b, 0x65, 0x6e, 0x18, 0x03, 0x20, 0x01, 0x28, 0x09, 0x52,
-	0x0d, 0x6e, 0x65, 0x78, 0x74, 0x50, 0x61, 0x67, 0x65, 0x54, 0x6f, 0x6b, 0x65, 0x6e, 0x22, 0x53,
-	0x0a, 0x14, 0x44, 0x65, 0x6c, 0x65, 0x74, 0x65, 0x43, 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0x52,
-	0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x12, 0x3b, 0x0a, 0x04, 0x6e, 0x61, 0x6d, 0x65, 0x18, 0x01,
-	0x20, 0x01, 0x28, 0x09, 0x42, 0x27, 0xe0, 0x41, 0x02, 0xfa, 0x41, 0x21, 0x0a, 0x1f, 0x62, 0x69,
-	0x67, 0x74, 0x61, 0x62, 0x6c, 0x65, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x61, 0x70, 0x69,
-	0x73, 0x2e, 0x63, 0x6f, 0x6d, 0x2f, 0x43, 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0x52, 0x04, 0x6e,
-	0x61, 0x6d, 0x65, 0x22, 0xf0, 0x01, 0x0a, 0x16, 0x43, 0x72, 0x65, 0x61, 0x74, 0x65, 0x49, 0x6e,
-	0x73, 0x74, 0x61, 0x6e, 0x63, 0x65, 0x4d, 0x65, 0x74, 0x61, 0x64, 0x61, 0x74, 0x61, 0x12, 0x5a,
-	0x0a, 0x10, 0x6f, 0x72, 0x69, 0x67, 0x69, 0x6e, 0x61, 0x6c, 0x5f, 0x72, 0x65, 0x71, 0x75, 0x65,
-	0x73, 0x74, 0x18, 0x01, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x2f, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c,
-	0x65, 0x2e, 0x62, 0x69, 0x67, 0x74, 0x61, 0x62, 0x6c, 0x65, 0x2e, 0x61, 0x64, 0x6d, 0x69, 0x6e,
-	0x2e, 0x76, 0x32, 0x2e, 0x43, 0x72, 0x65, 0x61, 0x74, 0x65, 0x49, 0x6e, 0x73, 0x74, 0x61, 0x6e,
-	0x63, 0x65, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x52, 0x0f, 0x6f, 0x72, 0x69, 0x67, 0x69,
-	0x6e, 0x61, 0x6c, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x12, 0x3d, 0x0a, 0x0c, 0x72, 0x65,
-	0x71, 0x75, 0x65, 0x73, 0x74, 0x5f, 0x74, 0x69, 0x6d, 0x65, 0x18, 0x02, 0x20, 0x01, 0x28, 0x0b,
-	0x32, 0x1a, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62,
-	0x75, 0x66, 0x2e, 0x54, 0x69, 0x6d, 0x65, 0x73, 0x74, 0x61, 0x6d, 0x70, 0x52, 0x0b, 0x72, 0x65,
-	0x71, 0x75, 0x65, 0x73, 0x74, 0x54, 0x69, 0x6d, 0x65, 0x12, 0x3b, 0x0a, 0x0b, 0x66, 0x69, 0x6e,
-	0x69, 0x73, 0x68, 0x5f, 0x74, 0x69, 0x6d, 0x65, 0x18, 0x03, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1a,
+	0x0d, 0x6e, 0x65, 0x78, 0x74, 0x50, 0x61, 0x67, 0x65, 0x54, 0x6f, 0x6b, 0x65, 0x6e, 0x22, 0xa5,
+	0x01, 0x0a, 0x1c, 0x50, 0x61, 0x72, 0x74, 0x69, 0x61, 0x6c, 0x55, 0x70, 0x64, 0x61, 0x74, 0x65,
+	0x49, 0x6e, 0x73, 0x74, 0x61, 0x6e, 0x63, 0x65, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x12,
+	0x43, 0x0a, 0x08, 0x69, 0x6e, 0x73, 0x74, 0x61, 0x6e, 0x63, 0x65, 0x18, 0x01, 0x20, 0x01, 0x28,
+	0x0b, 0x32, 0x22, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x62, 0x69, 0x67, 0x74, 0x61,
+	0x62, 0x6c, 0x65, 0x2e, 0x61, 0x64, 0x6d, 0x69, 0x6e, 0x2e, 0x76, 0x32, 0x2e, 0x49, 0x6e, 0x73,
+	0x74, 0x61, 0x6e, 0x63, 0x65, 0x42, 0x03, 0xe0, 0x41, 0x02, 0x52, 0x08, 0x69, 0x6e, 0x73, 0x74,
+	0x61, 0x6e, 0x63, 0x65, 0x12, 0x40, 0x0a, 0x0b, 0x75, 0x70, 0x64, 0x61, 0x74, 0x65, 0x5f, 0x6d,
+	0x61, 0x73, 0x6b, 0x18, 0x02, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1a, 0x2e, 0x67, 0x6f, 0x6f, 0x67,
+	0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x46, 0x69, 0x65, 0x6c,
+	0x64, 0x4d, 0x61, 0x73, 0x6b, 0x42, 0x03, 0xe0, 0x41, 0x02, 0x52, 0x0a, 0x75, 0x70, 0x64, 0x61,
+	0x74, 0x65, 0x4d, 0x61, 0x73, 0x6b, 0x22, 0x5a, 0x0a, 0x15, 0x44, 0x65, 0x6c, 0x65, 0x74, 0x65,
+	0x49, 0x6e, 0x73, 0x74, 0x61, 0x6e, 0x63, 0x65, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x12,
+	0x41, 0x0a, 0x04, 0x6e, 0x61, 0x6d, 0x65, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x42, 0x2d, 0xe0,
+	0x41, 0x02, 0xfa, 0x41, 0x27, 0x0a, 0x25, 0x62, 0x69, 0x67, 0x74, 0x61, 0x62, 0x6c, 0x65, 0x61,
+	0x64, 0x6d, 0x69, 0x6e, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x61, 0x70, 0x69, 0x73, 0x2e,
+	0x63, 0x6f, 0x6d, 0x2f, 0x49, 0x6e, 0x73, 0x74, 0x61, 0x6e, 0x63, 0x65, 0x52, 0x04, 0x6e, 0x61,
+	0x6d, 0x65, 0x22, 0xc3, 0x01, 0x0a, 0x14, 0x43, 0x72, 0x65, 0x61, 0x74, 0x65, 0x43, 0x6c, 0x75,
+	0x73, 0x74, 0x65, 0x72, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x12, 0x45, 0x0a, 0x06, 0x70,
+	0x61, 0x72, 0x65, 0x6e, 0x74, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x42, 0x2d, 0xe0, 0x41, 0x02,
+	0xfa, 0x41, 0x27, 0x0a, 0x25, 0x62, 0x69, 0x67, 0x74, 0x61, 0x62, 0x6c, 0x65, 0x61, 0x64, 0x6d,
+	0x69, 0x6e, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x61, 0x70, 0x69, 0x73, 0x2e, 0x63, 0x6f,
+	0x6d, 0x2f, 0x49, 0x6e, 0x73, 0x74, 0x61, 0x6e, 0x63, 0x65, 0x52, 0x06, 0x70, 0x61, 0x72, 0x65,
+	0x6e, 0x74, 0x12, 0x22, 0x0a, 0x0a, 0x63, 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0x5f, 0x69, 0x64,
+	0x18, 0x02, 0x20, 0x01, 0x28, 0x09, 0x42, 0x03, 0xe0, 0x41, 0x02, 0x52, 0x09, 0x63, 0x6c, 0x75,
+	0x73, 0x74, 0x65, 0x72, 0x49, 0x64, 0x12, 0x40, 0x0a, 0x07, 0x63, 0x6c, 0x75, 0x73, 0x74, 0x65,
+	0x72, 0x18, 0x03, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x21, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65,
+	0x2e, 0x62, 0x69, 0x67, 0x74, 0x61, 0x62, 0x6c, 0x65, 0x2e, 0x61, 0x64, 0x6d, 0x69, 0x6e, 0x2e,
+	0x76, 0x32, 0x2e, 0x43, 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0x42, 0x03, 0xe0, 0x41, 0x02, 0x52,
+	0x07, 0x63, 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0x22, 0x55, 0x0a, 0x11, 0x47, 0x65, 0x74, 0x43,
+	0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x12, 0x40, 0x0a,
+	0x04, 0x6e, 0x61, 0x6d, 0x65, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x42, 0x2c, 0xe0, 0x41, 0x02,
+	0xfa, 0x41, 0x26, 0x0a, 0x24, 0x62, 0x69, 0x67, 0x74, 0x61, 0x62, 0x6c, 0x65, 0x61, 0x64, 0x6d,
+	0x69, 0x6e, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x61, 0x70, 0x69, 0x73, 0x2e, 0x63, 0x6f,
+	0x6d, 0x2f, 0x43, 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0x52, 0x04, 0x6e, 0x61, 0x6d, 0x65, 0x22,
+	0x7b, 0x0a, 0x13, 0x4c, 0x69, 0x73, 0x74, 0x43, 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0x73, 0x52,
+	0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x12, 0x45, 0x0a, 0x06, 0x70, 0x61, 0x72, 0x65, 0x6e, 0x74,
+	0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x42, 0x2d, 0xe0, 0x41, 0x02, 0xfa, 0x41, 0x27, 0x0a, 0x25,
+	0x62, 0x69, 0x67, 0x74, 0x61, 0x62, 0x6c, 0x65, 0x61, 0x64, 0x6d, 0x69, 0x6e, 0x2e, 0x67, 0x6f,
+	0x6f, 0x67, 0x6c, 0x65, 0x61, 0x70, 0x69, 0x73, 0x2e, 0x63, 0x6f, 0x6d, 0x2f, 0x49, 0x6e, 0x73,
+	0x74, 0x61, 0x6e, 0x63, 0x65, 0x52, 0x06, 0x70, 0x61, 0x72, 0x65, 0x6e, 0x74, 0x12, 0x1d, 0x0a,
+	0x0a, 0x70, 0x61, 0x67, 0x65, 0x5f, 0x74, 0x6f, 0x6b, 0x65, 0x6e, 0x18, 0x02, 0x20, 0x01, 0x28,
+	0x09, 0x52, 0x09, 0x70, 0x61, 0x67, 0x65, 0x54, 0x6f, 0x6b, 0x65, 0x6e, 0x22, 0xa8, 0x01, 0x0a,
+	0x14, 0x4c, 0x69, 0x73, 0x74, 0x43, 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0x73, 0x52, 0x65, 0x73,
+	0x70, 0x6f, 0x6e, 0x73, 0x65, 0x12, 0x3d, 0x0a, 0x08, 0x63, 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72,
+	0x73, 0x18, 0x01, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x21, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65,
+	0x2e, 0x62, 0x69, 0x67, 0x74, 0x61, 0x62, 0x6c, 0x65, 0x2e, 0x61, 0x64, 0x6d, 0x69, 0x6e, 0x2e,
+	0x76, 0x32, 0x2e, 0x43, 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0x52, 0x08, 0x63, 0x6c, 0x75, 0x73,
+	0x74, 0x65, 0x72, 0x73, 0x12, 0x29, 0x0a, 0x10, 0x66, 0x61, 0x69, 0x6c, 0x65, 0x64, 0x5f, 0x6c,
+	0x6f, 0x63, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x18, 0x02, 0x20, 0x03, 0x28, 0x09, 0x52, 0x0f,
+	0x66, 0x61, 0x69, 0x6c, 0x65, 0x64, 0x4c, 0x6f, 0x63, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x12,
+	0x26, 0x0a, 0x0f, 0x6e, 0x65, 0x78, 0x74, 0x5f, 0x70, 0x61, 0x67, 0x65, 0x5f, 0x74, 0x6f, 0x6b,
+	0x65, 0x6e, 0x18, 0x03, 0x20, 0x01, 0x28, 0x09, 0x52, 0x0d, 0x6e, 0x65, 0x78, 0x74, 0x50, 0x61,
+	0x67, 0x65, 0x54, 0x6f, 0x6b, 0x65, 0x6e, 0x22, 0x58, 0x0a, 0x14, 0x44, 0x65, 0x6c, 0x65, 0x74,
+	0x65, 0x43, 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x12,
+	0x40, 0x0a, 0x04, 0x6e, 0x61, 0x6d, 0x65, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x42, 0x2c, 0xe0,
+	0x41, 0x02, 0xfa, 0x41, 0x26, 0x0a, 0x24, 0x62, 0x69, 0x67, 0x74, 0x61, 0x62, 0x6c, 0x65, 0x61,
+	0x64, 0x6d, 0x69, 0x6e, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x61, 0x70, 0x69, 0x73, 0x2e,
+	0x63, 0x6f, 0x6d, 0x2f, 0x43, 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0x52, 0x04, 0x6e, 0x61, 0x6d,
+	0x65, 0x22, 0xf0, 0x01, 0x0a, 0x16, 0x43, 0x72, 0x65, 0x61, 0x74, 0x65, 0x49, 0x6e, 0x73, 0x74,
+	0x61, 0x6e, 0x63, 0x65, 0x4d, 0x65, 0x74, 0x61, 0x64, 0x61, 0x74, 0x61, 0x12, 0x5a, 0x0a, 0x10,
+	0x6f, 0x72, 0x69, 0x67, 0x69, 0x6e, 0x61, 0x6c, 0x5f, 0x72, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74,
+	0x18, 0x01, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x2f, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e,
+	0x62, 0x69, 0x67, 0x74, 0x61, 0x62, 0x6c, 0x65, 0x2e, 0x61, 0x64, 0x6d, 0x69, 0x6e, 0x2e, 0x76,
+	0x32, 0x2e, 0x43, 0x72, 0x65, 0x61, 0x74, 0x65, 0x49, 0x6e, 0x73, 0x74, 0x61, 0x6e, 0x63, 0x65,
+	0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x52, 0x0f, 0x6f, 0x72, 0x69, 0x67, 0x69, 0x6e, 0x61,
+	0x6c, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x12, 0x3d, 0x0a, 0x0c, 0x72, 0x65, 0x71, 0x75,
+	0x65, 0x73, 0x74, 0x5f, 0x74, 0x69, 0x6d, 0x65, 0x18, 0x02, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1a,
 	0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66,
-	0x2e, 0x54, 0x69, 0x6d, 0x65, 0x73, 0x74, 0x61, 0x6d, 0x70, 0x52, 0x0a, 0x66, 0x69, 0x6e, 0x69,
-	0x73, 0x68, 0x54, 0x69, 0x6d, 0x65, 0x22, 0xf7, 0x01, 0x0a, 0x16, 0x55, 0x70, 0x64, 0x61, 0x74,
-	0x65, 0x49, 0x6e, 0x73, 0x74, 0x61, 0x6e, 0x63, 0x65, 0x4d, 0x65, 0x74, 0x61, 0x64, 0x61, 0x74,
-	0x61, 0x12, 0x61, 0x0a, 0x10, 0x6f, 0x72, 0x69, 0x67, 0x69, 0x6e, 0x61, 0x6c, 0x5f, 0x72, 0x65,
-	0x71, 0x75, 0x65, 0x73, 0x74, 0x18, 0x01, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x36, 0x2e, 0x67, 0x6f,
-	0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x62, 0x69, 0x67, 0x74, 0x61, 0x62, 0x6c, 0x65, 0x2e, 0x61, 0x64,
-	0x6d, 0x69, 0x6e, 0x2e, 0x76, 0x32, 0x2e, 0x50, 0x61, 0x72, 0x74, 0x69, 0x61, 0x6c, 0x55, 0x70,
-	0x64, 0x61, 0x74, 0x65, 0x49, 0x6e, 0x73, 0x74, 0x61, 0x6e, 0x63, 0x65, 0x52, 0x65, 0x71, 0x75,
-	0x65, 0x73, 0x74, 0x52, 0x0f, 0x6f, 0x72, 0x69, 0x67, 0x69, 0x6e, 0x61, 0x6c, 0x52, 0x65, 0x71,
-	0x75, 0x65, 0x73, 0x74, 0x12, 0x3d, 0x0a, 0x0c, 0x72, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x5f,
-	0x74, 0x69, 0x6d, 0x65, 0x18, 0x02, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1a, 0x2e, 0x67, 0x6f, 0x6f,
-	0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x54, 0x69, 0x6d,
-	0x65, 0x73, 0x74, 0x61, 0x6d, 0x70, 0x52, 0x0b, 0x72, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x54,
-	0x69, 0x6d, 0x65, 0x12, 0x3b, 0x0a, 0x0b, 0x66, 0x69, 0x6e, 0x69, 0x73, 0x68, 0x5f, 0x74, 0x69,
-	0x6d, 0x65, 0x18, 0x03, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1a, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c,
+	0x2e, 0x54, 0x69, 0x6d, 0x65, 0x73, 0x74, 0x61, 0x6d, 0x70, 0x52, 0x0b, 0x72, 0x65, 0x71, 0x75,
+	0x65, 0x73, 0x74, 0x54, 0x69, 0x6d, 0x65, 0x12, 0x3b, 0x0a, 0x0b, 0x66, 0x69, 0x6e, 0x69, 0x73,
+	0x68, 0x5f, 0x74, 0x69, 0x6d, 0x65, 0x18, 0x03, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1a, 0x2e, 0x67,
+	0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x54,
+	0x69, 0x6d, 0x65, 0x73, 0x74, 0x61, 0x6d, 0x70, 0x52, 0x0a, 0x66, 0x69, 0x6e, 0x69, 0x73, 0x68,
+	0x54, 0x69, 0x6d, 0x65, 0x22, 0xf7, 0x01, 0x0a, 0x16, 0x55, 0x70, 0x64, 0x61, 0x74, 0x65, 0x49,
+	0x6e, 0x73, 0x74, 0x61, 0x6e, 0x63, 0x65, 0x4d, 0x65, 0x74, 0x61, 0x64, 0x61, 0x74, 0x61, 0x12,
+	0x61, 0x0a, 0x10, 0x6f, 0x72, 0x69, 0x67, 0x69, 0x6e, 0x61, 0x6c, 0x5f, 0x72, 0x65, 0x71, 0x75,
+	0x65, 0x73, 0x74, 0x18, 0x01, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x36, 0x2e, 0x67, 0x6f, 0x6f, 0x67,
+	0x6c, 0x65, 0x2e, 0x62, 0x69, 0x67, 0x74, 0x61, 0x62, 0x6c, 0x65, 0x2e, 0x61, 0x64, 0x6d, 0x69,
+	0x6e, 0x2e, 0x76, 0x32, 0x2e, 0x50, 0x61, 0x72, 0x74, 0x69, 0x61, 0x6c, 0x55, 0x70, 0x64, 0x61,
+	0x74, 0x65, 0x49, 0x6e, 0x73, 0x74, 0x61, 0x6e, 0x63, 0x65, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73,
+	0x74, 0x52, 0x0f, 0x6f, 0x72, 0x69, 0x67, 0x69, 0x6e, 0x61, 0x6c, 0x52, 0x65, 0x71, 0x75, 0x65,
+	0x73, 0x74, 0x12, 0x3d, 0x0a, 0x0c, 0x72, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x5f, 0x74, 0x69,
+	0x6d, 0x65, 0x18, 0x02, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1a, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c,
 	0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x54, 0x69, 0x6d, 0x65, 0x73,
-	0x74, 0x61, 0x6d, 0x70, 0x52, 0x0a, 0x66, 0x69, 0x6e, 0x69, 0x73, 0x68, 0x54, 0x69, 0x6d, 0x65,
-	0x22, 0xee, 0x01, 0x0a, 0x15, 0x43, 0x72, 0x65, 0x61, 0x74, 0x65, 0x43, 0x6c, 0x75, 0x73, 0x74,
-	0x65, 0x72, 0x4d, 0x65, 0x74, 0x61, 0x64, 0x61, 0x74, 0x61, 0x12, 0x59, 0x0a, 0x10, 0x6f, 0x72,
-	0x69, 0x67, 0x69, 0x6e, 0x61, 0x6c, 0x5f, 0x72, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x18, 0x01,
-	0x20, 0x01, 0x28, 0x0b, 0x32, 0x2e, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x62, 0x69,
-	0x67, 0x74, 0x61, 0x62, 0x6c, 0x65, 0x2e, 0x61, 0x64, 0x6d, 0x69, 0x6e, 0x2e, 0x76, 0x32, 0x2e,
-	0x43, 0x72, 0x65, 0x61, 0x74, 0x65, 0x43, 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0x52, 0x65, 0x71,
-	0x75, 0x65, 0x73, 0x74, 0x52, 0x0f, 0x6f, 0x72, 0x69, 0x67, 0x69, 0x6e, 0x61, 0x6c, 0x52, 0x65,
-	0x71, 0x75, 0x65, 0x73, 0x74, 0x12, 0x3d, 0x0a, 0x0c, 0x72, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74,
-	0x5f, 0x74, 0x69, 0x6d, 0x65, 0x18, 0x02, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1a, 0x2e, 0x67, 0x6f,
-	0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x54, 0x69,
-	0x6d, 0x65, 0x73, 0x74, 0x61, 0x6d, 0x70, 0x52, 0x0b, 0x72, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74,
-	0x54, 0x69, 0x6d, 0x65, 0x12, 0x3b, 0x0a, 0x0b, 0x66, 0x69, 0x6e, 0x69, 0x73, 0x68, 0x5f, 0x74,
-	0x69, 0x6d, 0x65, 0x18, 0x03, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1a, 0x2e, 0x67, 0x6f, 0x6f, 0x67,
+	0x74, 0x61, 0x6d, 0x70, 0x52, 0x0b, 0x72, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x54, 0x69, 0x6d,
+	0x65, 0x12, 0x3b, 0x0a, 0x0b, 0x66, 0x69, 0x6e, 0x69, 0x73, 0x68, 0x5f, 0x74, 0x69, 0x6d, 0x65,
+	0x18, 0x03, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1a, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e,
+	0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x54, 0x69, 0x6d, 0x65, 0x73, 0x74, 0x61,
+	0x6d, 0x70, 0x52, 0x0a, 0x66, 0x69, 0x6e, 0x69, 0x73, 0x68, 0x54, 0x69, 0x6d, 0x65, 0x22, 0xee,
+	0x01, 0x0a, 0x15, 0x43, 0x72, 0x65, 0x61, 0x74, 0x65, 0x43, 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72,
+	0x4d, 0x65, 0x74, 0x61, 0x64, 0x61, 0x74, 0x61, 0x12, 0x59, 0x0a, 0x10, 0x6f, 0x72, 0x69, 0x67,
+	0x69, 0x6e, 0x61, 0x6c, 0x5f, 0x72, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x18, 0x01, 0x20, 0x01,
+	0x28, 0x0b, 0x32, 0x2e, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x62, 0x69, 0x67, 0x74,
+	0x61, 0x62, 0x6c, 0x65, 0x2e, 0x61, 0x64, 0x6d, 0x69, 0x6e, 0x2e, 0x76, 0x32, 0x2e, 0x43, 0x72,
+	0x65, 0x61, 0x74, 0x65, 0x43, 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0x52, 0x65, 0x71, 0x75, 0x65,
+	0x73, 0x74, 0x52, 0x0f, 0x6f, 0x72, 0x69, 0x67, 0x69, 0x6e, 0x61, 0x6c, 0x52, 0x65, 0x71, 0x75,
+	0x65, 0x73, 0x74, 0x12, 0x3d, 0x0a, 0x0c, 0x72, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x5f, 0x74,
+	0x69, 0x6d, 0x65, 0x18, 0x02, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1a, 0x2e, 0x67, 0x6f, 0x6f, 0x67,
 	0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x54, 0x69, 0x6d, 0x65,
-	0x73, 0x74, 0x61, 0x6d, 0x70, 0x52, 0x0a, 0x66, 0x69, 0x6e, 0x69, 0x73, 0x68, 0x54, 0x69, 0x6d,
-	0x65, 0x22, 0xe1, 0x01, 0x0a, 0x15, 0x55, 0x70, 0x64, 0x61, 0x74, 0x65, 0x43, 0x6c, 0x75, 0x73,
-	0x74, 0x65, 0x72, 0x4d, 0x65, 0x74, 0x61, 0x64, 0x61, 0x74, 0x61, 0x12, 0x4c, 0x0a, 0x10, 0x6f,
-	0x72, 0x69, 0x67, 0x69, 0x6e, 0x61, 0x6c, 0x5f, 0x72, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x18,
-	0x01, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x21, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x62,
-	0x69, 0x67, 0x74, 0x61, 0x62, 0x6c, 0x65, 0x2e, 0x61, 0x64, 0x6d, 0x69, 0x6e, 0x2e, 0x76, 0x32,
-	0x2e, 0x43, 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0x52, 0x0f, 0x6f, 0x72, 0x69, 0x67, 0x69, 0x6e,
-	0x61, 0x6c, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x12, 0x3d, 0x0a, 0x0c, 0x72, 0x65, 0x71,
-	0x75, 0x65, 0x73, 0x74, 0x5f, 0x74, 0x69, 0x6d, 0x65, 0x18, 0x02, 0x20, 0x01, 0x28, 0x0b, 0x32,
-	0x1a, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75,
-	0x66, 0x2e, 0x54, 0x69, 0x6d, 0x65, 0x73, 0x74, 0x61, 0x6d, 0x70, 0x52, 0x0b, 0x72, 0x65, 0x71,
-	0x75, 0x65, 0x73, 0x74, 0x54, 0x69, 0x6d, 0x65, 0x12, 0x3b, 0x0a, 0x0b, 0x66, 0x69, 0x6e, 0x69,
-	0x73, 0x68, 0x5f, 0x74, 0x69, 0x6d, 0x65, 0x18, 0x03, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1a, 0x2e,
+	0x73, 0x74, 0x61, 0x6d, 0x70, 0x52, 0x0b, 0x72, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x54, 0x69,
+	0x6d, 0x65, 0x12, 0x3b, 0x0a, 0x0b, 0x66, 0x69, 0x6e, 0x69, 0x73, 0x68, 0x5f, 0x74, 0x69, 0x6d,
+	0x65, 0x18, 0x03, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1a, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65,
+	0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x54, 0x69, 0x6d, 0x65, 0x73, 0x74,
+	0x61, 0x6d, 0x70, 0x52, 0x0a, 0x66, 0x69, 0x6e, 0x69, 0x73, 0x68, 0x54, 0x69, 0x6d, 0x65, 0x22,
+	0xe1, 0x01, 0x0a, 0x15, 0x55, 0x70, 0x64, 0x61, 0x74, 0x65, 0x43, 0x6c, 0x75, 0x73, 0x74, 0x65,
+	0x72, 0x4d, 0x65, 0x74, 0x61, 0x64, 0x61, 0x74, 0x61, 0x12, 0x4c, 0x0a, 0x10, 0x6f, 0x72, 0x69,
+	0x67, 0x69, 0x6e, 0x61, 0x6c, 0x5f, 0x72, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x18, 0x01, 0x20,
+	0x01, 0x28, 0x0b, 0x32, 0x21, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x62, 0x69, 0x67,
+	0x74, 0x61, 0x62, 0x6c, 0x65, 0x2e, 0x61, 0x64, 0x6d, 0x69, 0x6e, 0x2e, 0x76, 0x32, 0x2e, 0x43,
+	0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0x52, 0x0f, 0x6f, 0x72, 0x69, 0x67, 0x69, 0x6e, 0x61, 0x6c,
+	0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x12, 0x3d, 0x0a, 0x0c, 0x72, 0x65, 0x71, 0x75, 0x65,
+	0x73, 0x74, 0x5f, 0x74, 0x69, 0x6d, 0x65, 0x18, 0x02, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1a, 0x2e,
 	0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e,
-	0x54, 0x69, 0x6d, 0x65, 0x73, 0x74, 0x61, 0x6d, 0x70, 0x52, 0x0a, 0x66, 0x69, 0x6e, 0x69, 0x73,
-	0x68, 0x54, 0x69, 0x6d, 0x65, 0x22, 0xfb, 0x01, 0x0a, 0x17, 0x43, 0x72, 0x65, 0x61, 0x74, 0x65,
-	0x41, 0x70, 0x70, 0x50, 0x72, 0x6f, 0x66, 0x69, 0x6c, 0x65, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73,
-	0x74, 0x12, 0x40, 0x0a, 0x06, 0x70, 0x61, 0x72, 0x65, 0x6e, 0x74, 0x18, 0x01, 0x20, 0x01, 0x28,
-	0x09, 0x42, 0x28, 0xe0, 0x41, 0x02, 0xfa, 0x41, 0x22, 0x0a, 0x20, 0x62, 0x69, 0x67, 0x74, 0x61,
-	0x62, 0x6c, 0x65, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x61, 0x70, 0x69, 0x73, 0x2e, 0x63,
-	0x6f, 0x6d, 0x2f, 0x49, 0x6e, 0x73, 0x74, 0x61, 0x6e, 0x63, 0x65, 0x52, 0x06, 0x70, 0x61, 0x72,
-	0x65, 0x6e, 0x74, 0x12, 0x29, 0x0a, 0x0e, 0x61, 0x70, 0x70, 0x5f, 0x70, 0x72, 0x6f, 0x66, 0x69,
-	0x6c, 0x65, 0x5f, 0x69, 0x64, 0x18, 0x02, 0x20, 0x01, 0x28, 0x09, 0x42, 0x03, 0xe0, 0x41, 0x02,
-	0x52, 0x0c, 0x61, 0x70, 0x70, 0x50, 0x72, 0x6f, 0x66, 0x69, 0x6c, 0x65, 0x49, 0x64, 0x12, 0x4a,
-	0x0a, 0x0b, 0x61, 0x70, 0x70, 0x5f, 0x70, 0x72, 0x6f, 0x66, 0x69, 0x6c, 0x65, 0x18, 0x03, 0x20,
-	0x01, 0x28, 0x0b, 0x32, 0x24, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x62, 0x69, 0x67,
-	0x74, 0x61, 0x62, 0x6c, 0x65, 0x2e, 0x61, 0x64, 0x6d, 0x69, 0x6e, 0x2e, 0x76, 0x32, 0x2e, 0x41,
-	0x70, 0x70, 0x50, 0x72, 0x6f, 0x66, 0x69, 0x6c, 0x65, 0x42, 0x03, 0xe0, 0x41, 0x02, 0x52, 0x0a,
-	0x61, 0x70, 0x70, 0x50, 0x72, 0x6f, 0x66, 0x69, 0x6c, 0x65, 0x12, 0x27, 0x0a, 0x0f, 0x69, 0x67,
-	0x6e, 0x6f, 0x72, 0x65, 0x5f, 0x77, 0x61, 0x72, 0x6e, 0x69, 0x6e, 0x67, 0x73, 0x18, 0x04, 0x20,
-	0x01, 0x28, 0x08, 0x52, 0x0e, 0x69, 0x67, 0x6e, 0x6f, 0x72, 0x65, 0x57, 0x61, 0x72, 0x6e, 0x69,
-	0x6e, 0x67, 0x73, 0x22, 0x56, 0x0a, 0x14, 0x47, 0x65, 0x74, 0x41, 0x70, 0x70, 0x50, 0x72, 0x6f,
-	0x66, 0x69, 0x6c, 0x65, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x12, 0x3e, 0x0a, 0x04, 0x6e,
-	0x61, 0x6d, 0x65, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x42, 0x2a, 0xe0, 0x41, 0x02, 0xfa, 0x41,
-	0x24, 0x0a, 0x22, 0x62, 0x69, 0x67, 0x74, 0x61, 0x62, 0x6c, 0x65, 0x2e, 0x67, 0x6f, 0x6f, 0x67,
-	0x6c, 0x65, 0x61, 0x70, 0x69, 0x73, 0x2e, 0x63, 0x6f, 0x6d, 0x2f, 0x41, 0x70, 0x70, 0x50, 0x72,
-	0x6f, 0x66, 0x69, 0x6c, 0x65, 0x52, 0x04, 0x6e, 0x61, 0x6d, 0x65, 0x22, 0x96, 0x01, 0x0a, 0x16,
-	0x4c, 0x69, 0x73, 0x74, 0x41, 0x70, 0x70, 0x50, 0x72, 0x6f, 0x66, 0x69, 0x6c, 0x65, 0x73, 0x52,
-	0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x12, 0x40, 0x0a, 0x06, 0x70, 0x61, 0x72, 0x65, 0x6e, 0x74,
-	0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x42, 0x28, 0xe0, 0x41, 0x02, 0xfa, 0x41, 0x22, 0x0a, 0x20,
-	0x62, 0x69, 0x67, 0x74, 0x61, 0x62, 0x6c, 0x65, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x61,
-	0x70, 0x69, 0x73, 0x2e, 0x63, 0x6f, 0x6d, 0x2f, 0x49, 0x6e, 0x73, 0x74, 0x61, 0x6e, 0x63, 0x65,
-	0x52, 0x06, 0x70, 0x61, 0x72, 0x65, 0x6e, 0x74, 0x12, 0x1b, 0x0a, 0x09, 0x70, 0x61, 0x67, 0x65,
-	0x5f, 0x73, 0x69, 0x7a, 0x65, 0x18, 0x03, 0x20, 0x01, 0x28, 0x05, 0x52, 0x08, 0x70, 0x61, 0x67,
-	0x65, 0x53, 0x69, 0x7a, 0x65, 0x12, 0x1d, 0x0a, 0x0a, 0x70, 0x61, 0x67, 0x65, 0x5f, 0x74, 0x6f,
-	0x6b, 0x65, 0x6e, 0x18, 0x02, 0x20, 0x01, 0x28, 0x09, 0x52, 0x09, 0x70, 0x61, 0x67, 0x65, 0x54,
-	0x6f, 0x6b, 0x65, 0x6e, 0x22, 0xb5, 0x01, 0x0a, 0x17, 0x4c, 0x69, 0x73, 0x74, 0x41, 0x70, 0x70,
-	0x50, 0x72, 0x6f, 0x66, 0x69, 0x6c, 0x65, 0x73, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65,
-	0x12, 0x47, 0x0a, 0x0c, 0x61, 0x70, 0x70, 0x5f, 0x70, 0x72, 0x6f, 0x66, 0x69, 0x6c, 0x65, 0x73,
-	0x18, 0x01, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x24, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e,
+	0x54, 0x69, 0x6d, 0x65, 0x73, 0x74, 0x61, 0x6d, 0x70, 0x52, 0x0b, 0x72, 0x65, 0x71, 0x75, 0x65,
+	0x73, 0x74, 0x54, 0x69, 0x6d, 0x65, 0x12, 0x3b, 0x0a, 0x0b, 0x66, 0x69, 0x6e, 0x69, 0x73, 0x68,
+	0x5f, 0x74, 0x69, 0x6d, 0x65, 0x18, 0x03, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1a, 0x2e, 0x67, 0x6f,
+	0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x54, 0x69,
+	0x6d, 0x65, 0x73, 0x74, 0x61, 0x6d, 0x70, 0x52, 0x0a, 0x66, 0x69, 0x6e, 0x69, 0x73, 0x68, 0x54,
+	0x69, 0x6d, 0x65, 0x22, 0x80, 0x02, 0x0a, 0x17, 0x43, 0x72, 0x65, 0x61, 0x74, 0x65, 0x41, 0x70,
+	0x70, 0x50, 0x72, 0x6f, 0x66, 0x69, 0x6c, 0x65, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x12,
+	0x45, 0x0a, 0x06, 0x70, 0x61, 0x72, 0x65, 0x6e, 0x74, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x42,
+	0x2d, 0xe0, 0x41, 0x02, 0xfa, 0x41, 0x27, 0x0a, 0x25, 0x62, 0x69, 0x67, 0x74, 0x61, 0x62, 0x6c,
+	0x65, 0x61, 0x64, 0x6d, 0x69, 0x6e, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x61, 0x70, 0x69,
+	0x73, 0x2e, 0x63, 0x6f, 0x6d, 0x2f, 0x49, 0x6e, 0x73, 0x74, 0x61, 0x6e, 0x63, 0x65, 0x52, 0x06,
+	0x70, 0x61, 0x72, 0x65, 0x6e, 0x74, 0x12, 0x29, 0x0a, 0x0e, 0x61, 0x70, 0x70, 0x5f, 0x70, 0x72,
+	0x6f, 0x66, 0x69, 0x6c, 0x65, 0x5f, 0x69, 0x64, 0x18, 0x02, 0x20, 0x01, 0x28, 0x09, 0x42, 0x03,
+	0xe0, 0x41, 0x02, 0x52, 0x0c, 0x61, 0x70, 0x70, 0x50, 0x72, 0x6f, 0x66, 0x69, 0x6c, 0x65, 0x49,
+	0x64, 0x12, 0x4a, 0x0a, 0x0b, 0x61, 0x70, 0x70, 0x5f, 0x70, 0x72, 0x6f, 0x66, 0x69, 0x6c, 0x65,
+	0x18, 0x03, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x24, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e,
 	0x62, 0x69, 0x67, 0x74, 0x61, 0x62, 0x6c, 0x65, 0x2e, 0x61, 0x64, 0x6d, 0x69, 0x6e, 0x2e, 0x76,
-	0x32, 0x2e, 0x41, 0x70, 0x70, 0x50, 0x72, 0x6f, 0x66, 0x69, 0x6c, 0x65, 0x52, 0x0b, 0x61, 0x70,
-	0x70, 0x50, 0x72, 0x6f, 0x66, 0x69, 0x6c, 0x65, 0x73, 0x12, 0x26, 0x0a, 0x0f, 0x6e, 0x65, 0x78,
-	0x74, 0x5f, 0x70, 0x61, 0x67, 0x65, 0x5f, 0x74, 0x6f, 0x6b, 0x65, 0x6e, 0x18, 0x02, 0x20, 0x01,
-	0x28, 0x09, 0x52, 0x0d, 0x6e, 0x65, 0x78, 0x74, 0x50, 0x61, 0x67, 0x65, 0x54, 0x6f, 0x6b, 0x65,
-	0x6e, 0x12, 0x29, 0x0a, 0x10, 0x66, 0x61, 0x69, 0x6c, 0x65, 0x64, 0x5f, 0x6c, 0x6f, 0x63, 0x61,
-	0x74, 0x69, 0x6f, 0x6e, 0x73, 0x18, 0x03, 0x20, 0x03, 0x28, 0x09, 0x52, 0x0f, 0x66, 0x61, 0x69,
-	0x6c, 0x65, 0x64, 0x4c, 0x6f, 0x63, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x22, 0xd0, 0x01, 0x0a,
-	0x17, 0x55, 0x70, 0x64, 0x61, 0x74, 0x65, 0x41, 0x70, 0x70, 0x50, 0x72, 0x6f, 0x66, 0x69, 0x6c,
-	0x65, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x12, 0x4a, 0x0a, 0x0b, 0x61, 0x70, 0x70, 0x5f,
-	0x70, 0x72, 0x6f, 0x66, 0x69, 0x6c, 0x65, 0x18, 0x01, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x24, 0x2e,
-	0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x62, 0x69, 0x67, 0x74, 0x61, 0x62, 0x6c, 0x65, 0x2e,
-	0x61, 0x64, 0x6d, 0x69, 0x6e, 0x2e, 0x76, 0x32, 0x2e, 0x41, 0x70, 0x70, 0x50, 0x72, 0x6f, 0x66,
-	0x69, 0x6c, 0x65, 0x42, 0x03, 0xe0, 0x41, 0x02, 0x52, 0x0a, 0x61, 0x70, 0x70, 0x50, 0x72, 0x6f,
-	0x66, 0x69, 0x6c, 0x65, 0x12, 0x40, 0x0a, 0x0b, 0x75, 0x70, 0x64, 0x61, 0x74, 0x65, 0x5f, 0x6d,
-	0x61, 0x73, 0x6b, 0x18, 0x02, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1a, 0x2e, 0x67, 0x6f, 0x6f, 0x67,
-	0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x46, 0x69, 0x65, 0x6c,
-	0x64, 0x4d, 0x61, 0x73, 0x6b, 0x42, 0x03, 0xe0, 0x41, 0x02, 0x52, 0x0a, 0x75, 0x70, 0x64, 0x61,
-	0x74, 0x65, 0x4d, 0x61, 0x73, 0x6b, 0x12, 0x27, 0x0a, 0x0f, 0x69, 0x67, 0x6e, 0x6f, 0x72, 0x65,
-	0x5f, 0x77, 0x61, 0x72, 0x6e, 0x69, 0x6e, 0x67, 0x73, 0x18, 0x03, 0x20, 0x01, 0x28, 0x08, 0x52,
-	0x0e, 0x69, 0x67, 0x6e, 0x6f, 0x72, 0x65, 0x57, 0x61, 0x72, 0x6e, 0x69, 0x6e, 0x67, 0x73, 0x22,
-	0x87, 0x01, 0x0a, 0x17, 0x44, 0x65, 0x6c, 0x65, 0x74, 0x65, 0x41, 0x70, 0x70, 0x50, 0x72, 0x6f,
-	0x66, 0x69, 0x6c, 0x65, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x12, 0x3e, 0x0a, 0x04, 0x6e,
-	0x61, 0x6d, 0x65, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x42, 0x2a, 0xe0, 0x41, 0x02, 0xfa, 0x41,
-	0x24, 0x0a, 0x22, 0x62, 0x69, 0x67, 0x74, 0x61, 0x62, 0x6c, 0x65, 0x2e, 0x67, 0x6f, 0x6f, 0x67,
-	0x6c, 0x65, 0x61, 0x70, 0x69, 0x73, 0x2e, 0x63, 0x6f, 0x6d, 0x2f, 0x41, 0x70, 0x70, 0x50, 0x72,
-	0x6f, 0x66, 0x69, 0x6c, 0x65, 0x52, 0x04, 0x6e, 0x61, 0x6d, 0x65, 0x12, 0x2c, 0x0a, 0x0f, 0x69,
-	0x67, 0x6e, 0x6f, 0x72, 0x65, 0x5f, 0x77, 0x61, 0x72, 0x6e, 0x69, 0x6e, 0x67, 0x73, 0x18, 0x02,
-	0x20, 0x01, 0x28, 0x08, 0x42, 0x03, 0xe0, 0x41, 0x02, 0x52, 0x0e, 0x69, 0x67, 0x6e, 0x6f, 0x72,
-	0x65, 0x57, 0x61, 0x72, 0x6e, 0x69, 0x6e, 0x67, 0x73, 0x22, 0x1a, 0x0a, 0x18, 0x55, 0x70, 0x64,
-	0x61, 0x74, 0x65, 0x41, 0x70, 0x70, 0x50, 0x72, 0x6f, 0x66, 0x69, 0x6c, 0x65, 0x4d, 0x65, 0x74,
-	0x61, 0x64, 0x61, 0x74, 0x61, 0x32, 0x92, 0x1e, 0x0a, 0x15, 0x42, 0x69, 0x67, 0x74, 0x61, 0x62,
-	0x6c, 0x65, 0x49, 0x6e, 0x73, 0x74, 0x61, 0x6e, 0x63, 0x65, 0x41, 0x64, 0x6d, 0x69, 0x6e, 0x12,
-	0xda, 0x01, 0x0a, 0x0e, 0x43, 0x72, 0x65, 0x61, 0x74, 0x65, 0x49, 0x6e, 0x73, 0x74, 0x61, 0x6e,
-	0x63, 0x65, 0x12, 0x2f, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x62, 0x69, 0x67, 0x74,
-	0x61, 0x62, 0x6c, 0x65, 0x2e, 0x61, 0x64, 0x6d, 0x69, 0x6e, 0x2e, 0x76, 0x32, 0x2e, 0x43, 0x72,
-	0x65, 0x61, 0x74, 0x65, 0x49, 0x6e, 0x73, 0x74, 0x61, 0x6e, 0x63, 0x65, 0x52, 0x65, 0x71, 0x75,
-	0x65, 0x73, 0x74, 0x1a, 0x1d, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x6c, 0x6f, 0x6e,
-	0x67, 0x72, 0x75, 0x6e, 0x6e, 0x69, 0x6e, 0x67, 0x2e, 0x4f, 0x70, 0x65, 0x72, 0x61, 0x74, 0x69,
-	0x6f, 0x6e, 0x22, 0x78, 0x82, 0xd3, 0xe4, 0x93, 0x02, 0x26, 0x22, 0x21, 0x2f, 0x76, 0x32, 0x2f,
-	0x7b, 0x70, 0x61, 0x72, 0x65, 0x6e, 0x74, 0x3d, 0x70, 0x72, 0x6f, 0x6a, 0x65, 0x63, 0x74, 0x73,
-	0x2f, 0x2a, 0x7d, 0x2f, 0x69, 0x6e, 0x73, 0x74, 0x61, 0x6e, 0x63, 0x65, 0x73, 0x3a, 0x01, 0x2a,
-	0xda, 0x41, 0x24, 0x70, 0x61, 0x72, 0x65, 0x6e, 0x74, 0x2c, 0x69, 0x6e, 0x73, 0x74, 0x61, 0x6e,
-	0x63, 0x65, 0x5f, 0x69, 0x64, 0x2c, 0x69, 0x6e, 0x73, 0x74, 0x61, 0x6e, 0x63, 0x65, 0x2c, 0x63,
-	0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0x73, 0xca, 0x41, 0x22, 0x0a, 0x08, 0x49, 0x6e, 0x73, 0x74,
-	0x61, 0x6e, 0x63, 0x65, 0x12, 0x16, 0x43, 0x72, 0x65, 0x61, 0x74, 0x65, 0x49, 0x6e, 0x73, 0x74,
-	0x61, 0x6e, 0x63, 0x65, 0x4d, 0x65, 0x74, 0x61, 0x64, 0x61, 0x74, 0x61, 0x12, 0x91, 0x01, 0x0a,
-	0x0b, 0x47, 0x65, 0x74, 0x49, 0x6e, 0x73, 0x74, 0x61, 0x6e, 0x63, 0x65, 0x12, 0x2c, 0x2e, 0x67,
-	0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x62, 0x69, 0x67, 0x74, 0x61, 0x62, 0x6c, 0x65, 0x2e, 0x61,
-	0x64, 0x6d, 0x69, 0x6e, 0x2e, 0x76, 0x32, 0x2e, 0x47, 0x65, 0x74, 0x49, 0x6e, 0x73, 0x74, 0x61,
-	0x6e, 0x63, 0x65, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, 0x22, 0x2e, 0x67, 0x6f, 0x6f,
-	0x67, 0x6c, 0x65, 0x2e, 0x62, 0x69, 0x67, 0x74, 0x61, 0x62, 0x6c, 0x65, 0x2e, 0x61, 0x64, 0x6d,
-	0x69, 0x6e, 0x2e, 0x76, 0x32, 0x2e, 0x49, 0x6e, 0x73, 0x74, 0x61, 0x6e, 0x63, 0x65, 0x22, 0x30,
-	0x82, 0xd3, 0xe4, 0x93, 0x02, 0x23, 0x12, 0x21, 0x2f, 0x76, 0x32, 0x2f, 0x7b, 0x6e, 0x61, 0x6d,
-	0x65, 0x3d, 0x70, 0x72, 0x6f, 0x6a, 0x65, 0x63, 0x74, 0x73, 0x2f, 0x2a, 0x2f, 0x69, 0x6e, 0x73,
-	0x74, 0x61, 0x6e, 0x63, 0x65, 0x73, 0x2f, 0x2a, 0x7d, 0xda, 0x41, 0x04, 0x6e, 0x61, 0x6d, 0x65,
-	0x12, 0xa4, 0x01, 0x0a, 0x0d, 0x4c, 0x69, 0x73, 0x74, 0x49, 0x6e, 0x73, 0x74, 0x61, 0x6e, 0x63,
-	0x65, 0x73, 0x12, 0x2e, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x62, 0x69, 0x67, 0x74,
-	0x61, 0x62, 0x6c, 0x65, 0x2e, 0x61, 0x64, 0x6d, 0x69, 0x6e, 0x2e, 0x76, 0x32, 0x2e, 0x4c, 0x69,
-	0x73, 0x74, 0x49, 0x6e, 0x73, 0x74, 0x61, 0x6e, 0x63, 0x65, 0x73, 0x52, 0x65, 0x71, 0x75, 0x65,
-	0x73, 0x74, 0x1a, 0x2f, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x62, 0x69, 0x67, 0x74,
-	0x61, 0x62, 0x6c, 0x65, 0x2e, 0x61, 0x64, 0x6d, 0x69, 0x6e, 0x2e, 0x76, 0x32, 0x2e, 0x4c, 0x69,
-	0x73, 0x74, 0x49, 0x6e, 0x73, 0x74, 0x61, 0x6e, 0x63, 0x65, 0x73, 0x52, 0x65, 0x73, 0x70, 0x6f,
-	0x6e, 0x73, 0x65, 0x22, 0x32, 0x82, 0xd3, 0xe4, 0x93, 0x02, 0x23, 0x12, 0x21, 0x2f, 0x76, 0x32,
-	0x2f, 0x7b, 0x70, 0x61, 0x72, 0x65, 0x6e, 0x74, 0x3d, 0x70, 0x72, 0x6f, 0x6a, 0x65, 0x63, 0x74,
-	0x73, 0x2f, 0x2a, 0x7d, 0x2f, 0x69, 0x6e, 0x73, 0x74, 0x61, 0x6e, 0x63, 0x65, 0x73, 0xda, 0x41,
-	0x06, 0x70, 0x61, 0x72, 0x65, 0x6e, 0x74, 0x12, 0x86, 0x01, 0x0a, 0x0e, 0x55, 0x70, 0x64, 0x61,
-	0x74, 0x65, 0x49, 0x6e, 0x73, 0x74, 0x61, 0x6e, 0x63, 0x65, 0x12, 0x22, 0x2e, 0x67, 0x6f, 0x6f,
-	0x67, 0x6c, 0x65, 0x2e, 0x62, 0x69, 0x67, 0x74, 0x61, 0x62, 0x6c, 0x65, 0x2e, 0x61, 0x64, 0x6d,
-	0x69, 0x6e, 0x2e, 0x76, 0x32, 0x2e, 0x49, 0x6e, 0x73, 0x74, 0x61, 0x6e, 0x63, 0x65, 0x1a, 0x22,
-	0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x62, 0x69, 0x67, 0x74, 0x61, 0x62, 0x6c, 0x65,
-	0x2e, 0x61, 0x64, 0x6d, 0x69, 0x6e, 0x2e, 0x76, 0x32, 0x2e, 0x49, 0x6e, 0x73, 0x74, 0x61, 0x6e,
-	0x63, 0x65, 0x22, 0x2c, 0x82, 0xd3, 0xe4, 0x93, 0x02, 0x26, 0x1a, 0x21, 0x2f, 0x76, 0x32, 0x2f,
-	0x7b, 0x6e, 0x61, 0x6d, 0x65, 0x3d, 0x70, 0x72, 0x6f, 0x6a, 0x65, 0x63, 0x74, 0x73, 0x2f, 0x2a,
-	0x2f, 0x69, 0x6e, 0x73, 0x74, 0x61, 0x6e, 0x63, 0x65, 0x73, 0x2f, 0x2a, 0x7d, 0x3a, 0x01, 0x2a,
-	0x12, 0xe8, 0x01, 0x0a, 0x15, 0x50, 0x61, 0x72, 0x74, 0x69, 0x61, 0x6c, 0x55, 0x70, 0x64, 0x61,
-	0x74, 0x65, 0x49, 0x6e, 0x73, 0x74, 0x61, 0x6e, 0x63, 0x65, 0x12, 0x36, 0x2e, 0x67, 0x6f, 0x6f,
+	0x32, 0x2e, 0x41, 0x70, 0x70, 0x50, 0x72, 0x6f, 0x66, 0x69, 0x6c, 0x65, 0x42, 0x03, 0xe0, 0x41,
+	0x02, 0x52, 0x0a, 0x61, 0x70, 0x70, 0x50, 0x72, 0x6f, 0x66, 0x69, 0x6c, 0x65, 0x12, 0x27, 0x0a,
+	0x0f, 0x69, 0x67, 0x6e, 0x6f, 0x72, 0x65, 0x5f, 0x77, 0x61, 0x72, 0x6e, 0x69, 0x6e, 0x67, 0x73,
+	0x18, 0x04, 0x20, 0x01, 0x28, 0x08, 0x52, 0x0e, 0x69, 0x67, 0x6e, 0x6f, 0x72, 0x65, 0x57, 0x61,
+	0x72, 0x6e, 0x69, 0x6e, 0x67, 0x73, 0x22, 0x5b, 0x0a, 0x14, 0x47, 0x65, 0x74, 0x41, 0x70, 0x70,
+	0x50, 0x72, 0x6f, 0x66, 0x69, 0x6c, 0x65, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x12, 0x43,
+	0x0a, 0x04, 0x6e, 0x61, 0x6d, 0x65, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x42, 0x2f, 0xe0, 0x41,
+	0x02, 0xfa, 0x41, 0x29, 0x0a, 0x27, 0x62, 0x69, 0x67, 0x74, 0x61, 0x62, 0x6c, 0x65, 0x61, 0x64,
+	0x6d, 0x69, 0x6e, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x61, 0x70, 0x69, 0x73, 0x2e, 0x63,
+	0x6f, 0x6d, 0x2f, 0x41, 0x70, 0x70, 0x50, 0x72, 0x6f, 0x66, 0x69, 0x6c, 0x65, 0x52, 0x04, 0x6e,
+	0x61, 0x6d, 0x65, 0x22, 0x9b, 0x01, 0x0a, 0x16, 0x4c, 0x69, 0x73, 0x74, 0x41, 0x70, 0x70, 0x50,
+	0x72, 0x6f, 0x66, 0x69, 0x6c, 0x65, 0x73, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x12, 0x45,
+	0x0a, 0x06, 0x70, 0x61, 0x72, 0x65, 0x6e, 0x74, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x42, 0x2d,
+	0xe0, 0x41, 0x02, 0xfa, 0x41, 0x27, 0x0a, 0x25, 0x62, 0x69, 0x67, 0x74, 0x61, 0x62, 0x6c, 0x65,
+	0x61, 0x64, 0x6d, 0x69, 0x6e, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x61, 0x70, 0x69, 0x73,
+	0x2e, 0x63, 0x6f, 0x6d, 0x2f, 0x49, 0x6e, 0x73, 0x74, 0x61, 0x6e, 0x63, 0x65, 0x52, 0x06, 0x70,
+	0x61, 0x72, 0x65, 0x6e, 0x74, 0x12, 0x1b, 0x0a, 0x09, 0x70, 0x61, 0x67, 0x65, 0x5f, 0x73, 0x69,
+	0x7a, 0x65, 0x18, 0x03, 0x20, 0x01, 0x28, 0x05, 0x52, 0x08, 0x70, 0x61, 0x67, 0x65, 0x53, 0x69,
+	0x7a, 0x65, 0x12, 0x1d, 0x0a, 0x0a, 0x70, 0x61, 0x67, 0x65, 0x5f, 0x74, 0x6f, 0x6b, 0x65, 0x6e,
+	0x18, 0x02, 0x20, 0x01, 0x28, 0x09, 0x52, 0x09, 0x70, 0x61, 0x67, 0x65, 0x54, 0x6f, 0x6b, 0x65,
+	0x6e, 0x22, 0xb5, 0x01, 0x0a, 0x17, 0x4c, 0x69, 0x73, 0x74, 0x41, 0x70, 0x70, 0x50, 0x72, 0x6f,
+	0x66, 0x69, 0x6c, 0x65, 0x73, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x12, 0x47, 0x0a,
+	0x0c, 0x61, 0x70, 0x70, 0x5f, 0x70, 0x72, 0x6f, 0x66, 0x69, 0x6c, 0x65, 0x73, 0x18, 0x01, 0x20,
+	0x03, 0x28, 0x0b, 0x32, 0x24, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x62, 0x69, 0x67,
+	0x74, 0x61, 0x62, 0x6c, 0x65, 0x2e, 0x61, 0x64, 0x6d, 0x69, 0x6e, 0x2e, 0x76, 0x32, 0x2e, 0x41,
+	0x70, 0x70, 0x50, 0x72, 0x6f, 0x66, 0x69, 0x6c, 0x65, 0x52, 0x0b, 0x61, 0x70, 0x70, 0x50, 0x72,
+	0x6f, 0x66, 0x69, 0x6c, 0x65, 0x73, 0x12, 0x26, 0x0a, 0x0f, 0x6e, 0x65, 0x78, 0x74, 0x5f, 0x70,
+	0x61, 0x67, 0x65, 0x5f, 0x74, 0x6f, 0x6b, 0x65, 0x6e, 0x18, 0x02, 0x20, 0x01, 0x28, 0x09, 0x52,
+	0x0d, 0x6e, 0x65, 0x78, 0x74, 0x50, 0x61, 0x67, 0x65, 0x54, 0x6f, 0x6b, 0x65, 0x6e, 0x12, 0x29,
+	0x0a, 0x10, 0x66, 0x61, 0x69, 0x6c, 0x65, 0x64, 0x5f, 0x6c, 0x6f, 0x63, 0x61, 0x74, 0x69, 0x6f,
+	0x6e, 0x73, 0x18, 0x03, 0x20, 0x03, 0x28, 0x09, 0x52, 0x0f, 0x66, 0x61, 0x69, 0x6c, 0x65, 0x64,
+	0x4c, 0x6f, 0x63, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x22, 0xd0, 0x01, 0x0a, 0x17, 0x55, 0x70,
+	0x64, 0x61, 0x74, 0x65, 0x41, 0x70, 0x70, 0x50, 0x72, 0x6f, 0x66, 0x69, 0x6c, 0x65, 0x52, 0x65,
+	0x71, 0x75, 0x65, 0x73, 0x74, 0x12, 0x4a, 0x0a, 0x0b, 0x61, 0x70, 0x70, 0x5f, 0x70, 0x72, 0x6f,
+	0x66, 0x69, 0x6c, 0x65, 0x18, 0x01, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x24, 0x2e, 0x67, 0x6f, 0x6f,
 	0x67, 0x6c, 0x65, 0x2e, 0x62, 0x69, 0x67, 0x74, 0x61, 0x62, 0x6c, 0x65, 0x2e, 0x61, 0x64, 0x6d,
-	0x69, 0x6e, 0x2e, 0x76, 0x32, 0x2e, 0x50, 0x61, 0x72, 0x74, 0x69, 0x61, 0x6c, 0x55, 0x70, 0x64,
-	0x61, 0x74, 0x65, 0x49, 0x6e, 0x73, 0x74, 0x61, 0x6e, 0x63, 0x65, 0x52, 0x65, 0x71, 0x75, 0x65,
-	0x73, 0x74, 0x1a, 0x1d, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x6c, 0x6f, 0x6e, 0x67,
-	0x72, 0x75, 0x6e, 0x6e, 0x69, 0x6e, 0x67, 0x2e, 0x4f, 0x70, 0x65, 0x72, 0x61, 0x74, 0x69, 0x6f,
-	0x6e, 0x22, 0x78, 0x82, 0xd3, 0xe4, 0x93, 0x02, 0x36, 0x32, 0x2a, 0x2f, 0x76, 0x32, 0x2f, 0x7b,
-	0x69, 0x6e, 0x73, 0x74, 0x61, 0x6e, 0x63, 0x65, 0x2e, 0x6e, 0x61, 0x6d, 0x65, 0x3d, 0x70, 0x72,
-	0x6f, 0x6a, 0x65, 0x63, 0x74, 0x73, 0x2f, 0x2a, 0x2f, 0x69, 0x6e, 0x73, 0x74, 0x61, 0x6e, 0x63,
-	0x65, 0x73, 0x2f, 0x2a, 0x7d, 0x3a, 0x08, 0x69, 0x6e, 0x73, 0x74, 0x61, 0x6e, 0x63, 0x65, 0xda,
-	0x41, 0x14, 0x69, 0x6e, 0x73, 0x74, 0x61, 0x6e, 0x63, 0x65, 0x2c, 0x75, 0x70, 0x64, 0x61, 0x74,
-	0x65, 0x5f, 0x6d, 0x61, 0x73, 0x6b, 0xca, 0x41, 0x22, 0x0a, 0x08, 0x49, 0x6e, 0x73, 0x74, 0x61,
-	0x6e, 0x63, 0x65, 0x12, 0x16, 0x55, 0x70, 0x64, 0x61, 0x74, 0x65, 0x49, 0x6e, 0x73, 0x74, 0x61,
-	0x6e, 0x63, 0x65, 0x4d, 0x65, 0x74, 0x61, 0x64, 0x61, 0x74, 0x61, 0x12, 0x8b, 0x01, 0x0a, 0x0e,
-	0x44, 0x65, 0x6c, 0x65, 0x74, 0x65, 0x49, 0x6e, 0x73, 0x74, 0x61, 0x6e, 0x63, 0x65, 0x12, 0x2f,
-	0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x62, 0x69, 0x67, 0x74, 0x61, 0x62, 0x6c, 0x65,
-	0x2e, 0x61, 0x64, 0x6d, 0x69, 0x6e, 0x2e, 0x76, 0x32, 0x2e, 0x44, 0x65, 0x6c, 0x65, 0x74, 0x65,
-	0x49, 0x6e, 0x73, 0x74, 0x61, 0x6e, 0x63, 0x65, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a,
-	0x16, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75,
-	0x66, 0x2e, 0x45, 0x6d, 0x70, 0x74, 0x79, 0x22, 0x30, 0x82, 0xd3, 0xe4, 0x93, 0x02, 0x23, 0x2a,
-	0x21, 0x2f, 0x76, 0x32, 0x2f, 0x7b, 0x6e, 0x61, 0x6d, 0x65, 0x3d, 0x70, 0x72, 0x6f, 0x6a, 0x65,
-	0x63, 0x74, 0x73, 0x2f, 0x2a, 0x2f, 0x69, 0x6e, 0x73, 0x74, 0x61, 0x6e, 0x63, 0x65, 0x73, 0x2f,
-	0x2a, 0x7d, 0xda, 0x41, 0x04, 0x6e, 0x61, 0x6d, 0x65, 0x12, 0xdc, 0x01, 0x0a, 0x0d, 0x43, 0x72,
-	0x65, 0x61, 0x74, 0x65, 0x43, 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0x12, 0x2e, 0x2e, 0x67, 0x6f,
-	0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x62, 0x69, 0x67, 0x74, 0x61, 0x62, 0x6c, 0x65, 0x2e, 0x61, 0x64,
-	0x6d, 0x69, 0x6e, 0x2e, 0x76, 0x32, 0x2e, 0x43, 0x72, 0x65, 0x61, 0x74, 0x65, 0x43, 0x6c, 0x75,
-	0x73, 0x74, 0x65, 0x72, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, 0x1d, 0x2e, 0x67, 0x6f,
-	0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x6c, 0x6f, 0x6e, 0x67, 0x72, 0x75, 0x6e, 0x6e, 0x69, 0x6e, 0x67,
-	0x2e, 0x4f, 0x70, 0x65, 0x72, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x22, 0x7c, 0x82, 0xd3, 0xe4, 0x93,
-	0x02, 0x37, 0x22, 0x2c, 0x2f, 0x76, 0x32, 0x2f, 0x7b, 0x70, 0x61, 0x72, 0x65, 0x6e, 0x74, 0x3d,
-	0x70, 0x72, 0x6f, 0x6a, 0x65, 0x63, 0x74, 0x73, 0x2f, 0x2a, 0x2f, 0x69, 0x6e, 0x73, 0x74, 0x61,
-	0x6e, 0x63, 0x65, 0x73, 0x2f, 0x2a, 0x7d, 0x2f, 0x63, 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0x73,
-	0x3a, 0x07, 0x63, 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0xda, 0x41, 0x19, 0x70, 0x61, 0x72, 0x65,
-	0x6e, 0x74, 0x2c, 0x63, 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0x5f, 0x69, 0x64, 0x2c, 0x63, 0x6c,
-	0x75, 0x73, 0x74, 0x65, 0x72, 0xca, 0x41, 0x20, 0x0a, 0x07, 0x43, 0x6c, 0x75, 0x73, 0x74, 0x65,
-	0x72, 0x12, 0x15, 0x43, 0x72, 0x65, 0x61, 0x74, 0x65, 0x43, 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72,
-	0x4d, 0x65, 0x74, 0x61, 0x64, 0x61, 0x74, 0x61, 0x12, 0x99, 0x01, 0x0a, 0x0a, 0x47, 0x65, 0x74,
-	0x43, 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0x12, 0x2b, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65,
-	0x2e, 0x62, 0x69, 0x67, 0x74, 0x61, 0x62, 0x6c, 0x65, 0x2e, 0x61, 0x64, 0x6d, 0x69, 0x6e, 0x2e,
-	0x76, 0x32, 0x2e, 0x47, 0x65, 0x74, 0x43, 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0x52, 0x65, 0x71,
-	0x75, 0x65, 0x73, 0x74, 0x1a, 0x21, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x62, 0x69,
+	0x69, 0x6e, 0x2e, 0x76, 0x32, 0x2e, 0x41, 0x70, 0x70, 0x50, 0x72, 0x6f, 0x66, 0x69, 0x6c, 0x65,
+	0x42, 0x03, 0xe0, 0x41, 0x02, 0x52, 0x0a, 0x61, 0x70, 0x70, 0x50, 0x72, 0x6f, 0x66, 0x69, 0x6c,
+	0x65, 0x12, 0x40, 0x0a, 0x0b, 0x75, 0x70, 0x64, 0x61, 0x74, 0x65, 0x5f, 0x6d, 0x61, 0x73, 0x6b,
+	0x18, 0x02, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1a, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e,
+	0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x46, 0x69, 0x65, 0x6c, 0x64, 0x4d, 0x61,
+	0x73, 0x6b, 0x42, 0x03, 0xe0, 0x41, 0x02, 0x52, 0x0a, 0x75, 0x70, 0x64, 0x61, 0x74, 0x65, 0x4d,
+	0x61, 0x73, 0x6b, 0x12, 0x27, 0x0a, 0x0f, 0x69, 0x67, 0x6e, 0x6f, 0x72, 0x65, 0x5f, 0x77, 0x61,
+	0x72, 0x6e, 0x69, 0x6e, 0x67, 0x73, 0x18, 0x03, 0x20, 0x01, 0x28, 0x08, 0x52, 0x0e, 0x69, 0x67,
+	0x6e, 0x6f, 0x72, 0x65, 0x57, 0x61, 0x72, 0x6e, 0x69, 0x6e, 0x67, 0x73, 0x22, 0x8c, 0x01, 0x0a,
+	0x17, 0x44, 0x65, 0x6c, 0x65, 0x74, 0x65, 0x41, 0x70, 0x70, 0x50, 0x72, 0x6f, 0x66, 0x69, 0x6c,
+	0x65, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x12, 0x43, 0x0a, 0x04, 0x6e, 0x61, 0x6d, 0x65,
+	0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x42, 0x2f, 0xe0, 0x41, 0x02, 0xfa, 0x41, 0x29, 0x0a, 0x27,
+	0x62, 0x69, 0x67, 0x74, 0x61, 0x62, 0x6c, 0x65, 0x61, 0x64, 0x6d, 0x69, 0x6e, 0x2e, 0x67, 0x6f,
+	0x6f, 0x67, 0x6c, 0x65, 0x61, 0x70, 0x69, 0x73, 0x2e, 0x63, 0x6f, 0x6d, 0x2f, 0x41, 0x70, 0x70,
+	0x50, 0x72, 0x6f, 0x66, 0x69, 0x6c, 0x65, 0x52, 0x04, 0x6e, 0x61, 0x6d, 0x65, 0x12, 0x2c, 0x0a,
+	0x0f, 0x69, 0x67, 0x6e, 0x6f, 0x72, 0x65, 0x5f, 0x77, 0x61, 0x72, 0x6e, 0x69, 0x6e, 0x67, 0x73,
+	0x18, 0x02, 0x20, 0x01, 0x28, 0x08, 0x42, 0x03, 0xe0, 0x41, 0x02, 0x52, 0x0e, 0x69, 0x67, 0x6e,
+	0x6f, 0x72, 0x65, 0x57, 0x61, 0x72, 0x6e, 0x69, 0x6e, 0x67, 0x73, 0x22, 0x1a, 0x0a, 0x18, 0x55,
+	0x70, 0x64, 0x61, 0x74, 0x65, 0x41, 0x70, 0x70, 0x50, 0x72, 0x6f, 0x66, 0x69, 0x6c, 0x65, 0x4d,
+	0x65, 0x74, 0x61, 0x64, 0x61, 0x74, 0x61, 0x32, 0x92, 0x1e, 0x0a, 0x15, 0x42, 0x69, 0x67, 0x74,
+	0x61, 0x62, 0x6c, 0x65, 0x49, 0x6e, 0x73, 0x74, 0x61, 0x6e, 0x63, 0x65, 0x41, 0x64, 0x6d, 0x69,
+	0x6e, 0x12, 0xda, 0x01, 0x0a, 0x0e, 0x43, 0x72, 0x65, 0x61, 0x74, 0x65, 0x49, 0x6e, 0x73, 0x74,
+	0x61, 0x6e, 0x63, 0x65, 0x12, 0x2f, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x62, 0x69,
 	0x67, 0x74, 0x61, 0x62, 0x6c, 0x65, 0x2e, 0x61, 0x64, 0x6d, 0x69, 0x6e, 0x2e, 0x76, 0x32, 0x2e,
-	0x43, 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0x22, 0x3b, 0x82, 0xd3, 0xe4, 0x93, 0x02, 0x2e, 0x12,
-	0x2c, 0x2f, 0x76, 0x32, 0x2f, 0x7b, 0x6e, 0x61, 0x6d, 0x65, 0x3d, 0x70, 0x72, 0x6f, 0x6a, 0x65,
-	0x63, 0x74, 0x73, 0x2f, 0x2a, 0x2f, 0x69, 0x6e, 0x73, 0x74, 0x61, 0x6e, 0x63, 0x65, 0x73, 0x2f,
-	0x2a, 0x2f, 0x63, 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0x73, 0x2f, 0x2a, 0x7d, 0xda, 0x41, 0x04,
-	0x6e, 0x61, 0x6d, 0x65, 0x12, 0xac, 0x01, 0x0a, 0x0c, 0x4c, 0x69, 0x73, 0x74, 0x43, 0x6c, 0x75,
-	0x73, 0x74, 0x65, 0x72, 0x73, 0x12, 0x2d, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x62,
-	0x69, 0x67, 0x74, 0x61, 0x62, 0x6c, 0x65, 0x2e, 0x61, 0x64, 0x6d, 0x69, 0x6e, 0x2e, 0x76, 0x32,
-	0x2e, 0x4c, 0x69, 0x73, 0x74, 0x43, 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0x73, 0x52, 0x65, 0x71,
-	0x75, 0x65, 0x73, 0x74, 0x1a, 0x2e, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x62, 0x69,
-	0x67, 0x74, 0x61, 0x62, 0x6c, 0x65, 0x2e, 0x61, 0x64, 0x6d, 0x69, 0x6e, 0x2e, 0x76, 0x32, 0x2e,
-	0x4c, 0x69, 0x73, 0x74, 0x43, 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0x73, 0x52, 0x65, 0x73, 0x70,
-	0x6f, 0x6e, 0x73, 0x65, 0x22, 0x3d, 0x82, 0xd3, 0xe4, 0x93, 0x02, 0x2e, 0x12, 0x2c, 0x2f, 0x76,
+	0x43, 0x72, 0x65, 0x61, 0x74, 0x65, 0x49, 0x6e, 0x73, 0x74, 0x61, 0x6e, 0x63, 0x65, 0x52, 0x65,
+	0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, 0x1d, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x6c,
+	0x6f, 0x6e, 0x67, 0x72, 0x75, 0x6e, 0x6e, 0x69, 0x6e, 0x67, 0x2e, 0x4f, 0x70, 0x65, 0x72, 0x61,
+	0x74, 0x69, 0x6f, 0x6e, 0x22, 0x78, 0x82, 0xd3, 0xe4, 0x93, 0x02, 0x26, 0x22, 0x21, 0x2f, 0x76,
 	0x32, 0x2f, 0x7b, 0x70, 0x61, 0x72, 0x65, 0x6e, 0x74, 0x3d, 0x70, 0x72, 0x6f, 0x6a, 0x65, 0x63,
-	0x74, 0x73, 0x2f, 0x2a, 0x2f, 0x69, 0x6e, 0x73, 0x74, 0x61, 0x6e, 0x63, 0x65, 0x73, 0x2f, 0x2a,
-	0x7d, 0x2f, 0x63, 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0x73, 0xda, 0x41, 0x06, 0x70, 0x61, 0x72,
-	0x65, 0x6e, 0x74, 0x12, 0xad, 0x01, 0x0a, 0x0d, 0x55, 0x70, 0x64, 0x61, 0x74, 0x65, 0x43, 0x6c,
-	0x75, 0x73, 0x74, 0x65, 0x72, 0x12, 0x21, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x62,
-	0x69, 0x67, 0x74, 0x61, 0x62, 0x6c, 0x65, 0x2e, 0x61, 0x64, 0x6d, 0x69, 0x6e, 0x2e, 0x76, 0x32,
-	0x2e, 0x43, 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0x1a, 0x1d, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c,
-	0x65, 0x2e, 0x6c, 0x6f, 0x6e, 0x67, 0x72, 0x75, 0x6e, 0x6e, 0x69, 0x6e, 0x67, 0x2e, 0x4f, 0x70,
-	0x65, 0x72, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x22, 0x5a, 0x82, 0xd3, 0xe4, 0x93, 0x02, 0x31, 0x1a,
-	0x2c, 0x2f, 0x76, 0x32, 0x2f, 0x7b, 0x6e, 0x61, 0x6d, 0x65, 0x3d, 0x70, 0x72, 0x6f, 0x6a, 0x65,
-	0x63, 0x74, 0x73, 0x2f, 0x2a, 0x2f, 0x69, 0x6e, 0x73, 0x74, 0x61, 0x6e, 0x63, 0x65, 0x73, 0x2f,
-	0x2a, 0x2f, 0x63, 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0x73, 0x2f, 0x2a, 0x7d, 0x3a, 0x01, 0x2a,
-	0xca, 0x41, 0x20, 0x0a, 0x07, 0x43, 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0x12, 0x15, 0x55, 0x70,
-	0x64, 0x61, 0x74, 0x65, 0x43, 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0x4d, 0x65, 0x74, 0x61, 0x64,
-	0x61, 0x74, 0x61, 0x12, 0x94, 0x01, 0x0a, 0x0d, 0x44, 0x65, 0x6c, 0x65, 0x74, 0x65, 0x43, 0x6c,
-	0x75, 0x73, 0x74, 0x65, 0x72, 0x12, 0x2e, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x62,
-	0x69, 0x67, 0x74, 0x61, 0x62, 0x6c, 0x65, 0x2e, 0x61, 0x64, 0x6d, 0x69, 0x6e, 0x2e, 0x76, 0x32,
-	0x2e, 0x44, 0x65, 0x6c, 0x65, 0x74, 0x65, 0x43, 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0x52, 0x65,
-	0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, 0x16, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70,
-	0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x45, 0x6d, 0x70, 0x74, 0x79, 0x22, 0x3b, 0x82,
-	0xd3, 0xe4, 0x93, 0x02, 0x2e, 0x2a, 0x2c, 0x2f, 0x76, 0x32, 0x2f, 0x7b, 0x6e, 0x61, 0x6d, 0x65,
-	0x3d, 0x70, 0x72, 0x6f, 0x6a, 0x65, 0x63, 0x74, 0x73, 0x2f, 0x2a, 0x2f, 0x69, 0x6e, 0x73, 0x74,
-	0x61, 0x6e, 0x63, 0x65, 0x73, 0x2f, 0x2a, 0x2f, 0x63, 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0x73,
-	0x2f, 0x2a, 0x7d, 0xda, 0x41, 0x04, 0x6e, 0x61, 0x6d, 0x65, 0x12, 0xd5, 0x01, 0x0a, 0x10, 0x43,
-	0x72, 0x65, 0x61, 0x74, 0x65, 0x41, 0x70, 0x70, 0x50, 0x72, 0x6f, 0x66, 0x69, 0x6c, 0x65, 0x12,
-	0x31, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x62, 0x69, 0x67, 0x74, 0x61, 0x62, 0x6c,
-	0x65, 0x2e, 0x61, 0x64, 0x6d, 0x69, 0x6e, 0x2e, 0x76, 0x32, 0x2e, 0x43, 0x72, 0x65, 0x61, 0x74,
-	0x65, 0x41, 0x70, 0x70, 0x50, 0x72, 0x6f, 0x66, 0x69, 0x6c, 0x65, 0x52, 0x65, 0x71, 0x75, 0x65,
-	0x73, 0x74, 0x1a, 0x24, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x62, 0x69, 0x67, 0x74,
-	0x61, 0x62, 0x6c, 0x65, 0x2e, 0x61, 0x64, 0x6d, 0x69, 0x6e, 0x2e, 0x76, 0x32, 0x2e, 0x41, 0x70,
-	0x70, 0x50, 0x72, 0x6f, 0x66, 0x69, 0x6c, 0x65, 0x22, 0x68, 0x82, 0xd3, 0xe4, 0x93, 0x02, 0x3e,
-	0x22, 0x2f, 0x2f, 0x76, 0x32, 0x2f, 0x7b, 0x70, 0x61, 0x72, 0x65, 0x6e, 0x74, 0x3d, 0x70, 0x72,
-	0x6f, 0x6a, 0x65, 0x63, 0x74, 0x73, 0x2f, 0x2a, 0x2f, 0x69, 0x6e, 0x73, 0x74, 0x61, 0x6e, 0x63,
-	0x65, 0x73, 0x2f, 0x2a, 0x7d, 0x2f, 0x61, 0x70, 0x70, 0x50, 0x72, 0x6f, 0x66, 0x69, 0x6c, 0x65,
-	0x73, 0x3a, 0x0b, 0x61, 0x70, 0x70, 0x5f, 0x70, 0x72, 0x6f, 0x66, 0x69, 0x6c, 0x65, 0xda, 0x41,
-	0x21, 0x70, 0x61, 0x72, 0x65, 0x6e, 0x74, 0x2c, 0x61, 0x70, 0x70, 0x5f, 0x70, 0x72, 0x6f, 0x66,
-	0x69, 0x6c, 0x65, 0x5f, 0x69, 0x64, 0x2c, 0x61, 0x70, 0x70, 0x5f, 0x70, 0x72, 0x6f, 0x66, 0x69,
-	0x6c, 0x65, 0x12, 0xa5, 0x01, 0x0a, 0x0d, 0x47, 0x65, 0x74, 0x41, 0x70, 0x70, 0x50, 0x72, 0x6f,
-	0x66, 0x69, 0x6c, 0x65, 0x12, 0x2e, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x62, 0x69,
+	0x74, 0x73, 0x2f, 0x2a, 0x7d, 0x2f, 0x69, 0x6e, 0x73, 0x74, 0x61, 0x6e, 0x63, 0x65, 0x73, 0x3a,
+	0x01, 0x2a, 0xda, 0x41, 0x24, 0x70, 0x61, 0x72, 0x65, 0x6e, 0x74, 0x2c, 0x69, 0x6e, 0x73, 0x74,
+	0x61, 0x6e, 0x63, 0x65, 0x5f, 0x69, 0x64, 0x2c, 0x69, 0x6e, 0x73, 0x74, 0x61, 0x6e, 0x63, 0x65,
+	0x2c, 0x63, 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0x73, 0xca, 0x41, 0x22, 0x0a, 0x08, 0x49, 0x6e,
+	0x73, 0x74, 0x61, 0x6e, 0x63, 0x65, 0x12, 0x16, 0x43, 0x72, 0x65, 0x61, 0x74, 0x65, 0x49, 0x6e,
+	0x73, 0x74, 0x61, 0x6e, 0x63, 0x65, 0x4d, 0x65, 0x74, 0x61, 0x64, 0x61, 0x74, 0x61, 0x12, 0x91,
+	0x01, 0x0a, 0x0b, 0x47, 0x65, 0x74, 0x49, 0x6e, 0x73, 0x74, 0x61, 0x6e, 0x63, 0x65, 0x12, 0x2c,
+	0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x62, 0x69, 0x67, 0x74, 0x61, 0x62, 0x6c, 0x65,
+	0x2e, 0x61, 0x64, 0x6d, 0x69, 0x6e, 0x2e, 0x76, 0x32, 0x2e, 0x47, 0x65, 0x74, 0x49, 0x6e, 0x73,
+	0x74, 0x61, 0x6e, 0x63, 0x65, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, 0x22, 0x2e, 0x67,
+	0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x62, 0x69, 0x67, 0x74, 0x61, 0x62, 0x6c, 0x65, 0x2e, 0x61,
+	0x64, 0x6d, 0x69, 0x6e, 0x2e, 0x76, 0x32, 0x2e, 0x49, 0x6e, 0x73, 0x74, 0x61, 0x6e, 0x63, 0x65,
+	0x22, 0x30, 0x82, 0xd3, 0xe4, 0x93, 0x02, 0x23, 0x12, 0x21, 0x2f, 0x76, 0x32, 0x2f, 0x7b, 0x6e,
+	0x61, 0x6d, 0x65, 0x3d, 0x70, 0x72, 0x6f, 0x6a, 0x65, 0x63, 0x74, 0x73, 0x2f, 0x2a, 0x2f, 0x69,
+	0x6e, 0x73, 0x74, 0x61, 0x6e, 0x63, 0x65, 0x73, 0x2f, 0x2a, 0x7d, 0xda, 0x41, 0x04, 0x6e, 0x61,
+	0x6d, 0x65, 0x12, 0xa4, 0x01, 0x0a, 0x0d, 0x4c, 0x69, 0x73, 0x74, 0x49, 0x6e, 0x73, 0x74, 0x61,
+	0x6e, 0x63, 0x65, 0x73, 0x12, 0x2e, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x62, 0x69,
 	0x67, 0x74, 0x61, 0x62, 0x6c, 0x65, 0x2e, 0x61, 0x64, 0x6d, 0x69, 0x6e, 0x2e, 0x76, 0x32, 0x2e,
-	0x47, 0x65, 0x74, 0x41, 0x70, 0x70, 0x50, 0x72, 0x6f, 0x66, 0x69, 0x6c, 0x65, 0x52, 0x65, 0x71,
-	0x75, 0x65, 0x73, 0x74, 0x1a, 0x24, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x62, 0x69,
+	0x4c, 0x69, 0x73, 0x74, 0x49, 0x6e, 0x73, 0x74, 0x61, 0x6e, 0x63, 0x65, 0x73, 0x52, 0x65, 0x71,
+	0x75, 0x65, 0x73, 0x74, 0x1a, 0x2f, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x62, 0x69,
 	0x67, 0x74, 0x61, 0x62, 0x6c, 0x65, 0x2e, 0x61, 0x64, 0x6d, 0x69, 0x6e, 0x2e, 0x76, 0x32, 0x2e,
-	0x41, 0x70, 0x70, 0x50, 0x72, 0x6f, 0x66, 0x69, 0x6c, 0x65, 0x22, 0x3e, 0x82, 0xd3, 0xe4, 0x93,
-	0x02, 0x31, 0x12, 0x2f, 0x2f, 0x76, 0x32, 0x2f, 0x7b, 0x6e, 0x61, 0x6d, 0x65, 0x3d, 0x70, 0x72,
-	0x6f, 0x6a, 0x65, 0x63, 0x74, 0x73, 0x2f, 0x2a, 0x2f, 0x69, 0x6e, 0x73, 0x74, 0x61, 0x6e, 0x63,
-	0x65, 0x73, 0x2f, 0x2a, 0x2f, 0x61, 0x70, 0x70, 0x50, 0x72, 0x6f, 0x66, 0x69, 0x6c, 0x65, 0x73,
-	0x2f, 0x2a, 0x7d, 0xda, 0x41, 0x04, 0x6e, 0x61, 0x6d, 0x65, 0x12, 0xb8, 0x01, 0x0a, 0x0f, 0x4c,
-	0x69, 0x73, 0x74, 0x41, 0x70, 0x70, 0x50, 0x72, 0x6f, 0x66, 0x69, 0x6c, 0x65, 0x73, 0x12, 0x30,
-	0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x62, 0x69, 0x67, 0x74, 0x61, 0x62, 0x6c, 0x65,
-	0x2e, 0x61, 0x64, 0x6d, 0x69, 0x6e, 0x2e, 0x76, 0x32, 0x2e, 0x4c, 0x69, 0x73, 0x74, 0x41, 0x70,
-	0x70, 0x50, 0x72, 0x6f, 0x66, 0x69, 0x6c, 0x65, 0x73, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74,
-	0x1a, 0x31, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x62, 0x69, 0x67, 0x74, 0x61, 0x62,
-	0x6c, 0x65, 0x2e, 0x61, 0x64, 0x6d, 0x69, 0x6e, 0x2e, 0x76, 0x32, 0x2e, 0x4c, 0x69, 0x73, 0x74,
-	0x41, 0x70, 0x70, 0x50, 0x72, 0x6f, 0x66, 0x69, 0x6c, 0x65, 0x73, 0x52, 0x65, 0x73, 0x70, 0x6f,
-	0x6e, 0x73, 0x65, 0x22, 0x40, 0x82, 0xd3, 0xe4, 0x93, 0x02, 0x31, 0x12, 0x2f, 0x2f, 0x76, 0x32,
-	0x2f, 0x7b, 0x70, 0x61, 0x72, 0x65, 0x6e, 0x74, 0x3d, 0x70, 0x72, 0x6f, 0x6a, 0x65, 0x63, 0x74,
-	0x73, 0x2f, 0x2a, 0x2f, 0x69, 0x6e, 0x73, 0x74, 0x61, 0x6e, 0x63, 0x65, 0x73, 0x2f, 0x2a, 0x7d,
-	0x2f, 0x61, 0x70, 0x70, 0x50, 0x72, 0x6f, 0x66, 0x69, 0x6c, 0x65, 0x73, 0xda, 0x41, 0x06, 0x70,
-	0x61, 0x72, 0x65, 0x6e, 0x74, 0x12, 0xfa, 0x01, 0x0a, 0x10, 0x55, 0x70, 0x64, 0x61, 0x74, 0x65,
-	0x41, 0x70, 0x70, 0x50, 0x72, 0x6f, 0x66, 0x69, 0x6c, 0x65, 0x12, 0x31, 0x2e, 0x67, 0x6f, 0x6f,
-	0x67, 0x6c, 0x65, 0x2e, 0x62, 0x69, 0x67, 0x74, 0x61, 0x62, 0x6c, 0x65, 0x2e, 0x61, 0x64, 0x6d,
-	0x69, 0x6e, 0x2e, 0x76, 0x32, 0x2e, 0x55, 0x70, 0x64, 0x61, 0x74, 0x65, 0x41, 0x70, 0x70, 0x50,
-	0x72, 0x6f, 0x66, 0x69, 0x6c, 0x65, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, 0x1d, 0x2e,
+	0x4c, 0x69, 0x73, 0x74, 0x49, 0x6e, 0x73, 0x74, 0x61, 0x6e, 0x63, 0x65, 0x73, 0x52, 0x65, 0x73,
+	0x70, 0x6f, 0x6e, 0x73, 0x65, 0x22, 0x32, 0x82, 0xd3, 0xe4, 0x93, 0x02, 0x23, 0x12, 0x21, 0x2f,
+	0x76, 0x32, 0x2f, 0x7b, 0x70, 0x61, 0x72, 0x65, 0x6e, 0x74, 0x3d, 0x70, 0x72, 0x6f, 0x6a, 0x65,
+	0x63, 0x74, 0x73, 0x2f, 0x2a, 0x7d, 0x2f, 0x69, 0x6e, 0x73, 0x74, 0x61, 0x6e, 0x63, 0x65, 0x73,
+	0xda, 0x41, 0x06, 0x70, 0x61, 0x72, 0x65, 0x6e, 0x74, 0x12, 0x86, 0x01, 0x0a, 0x0e, 0x55, 0x70,
+	0x64, 0x61, 0x74, 0x65, 0x49, 0x6e, 0x73, 0x74, 0x61, 0x6e, 0x63, 0x65, 0x12, 0x22, 0x2e, 0x67,
+	0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x62, 0x69, 0x67, 0x74, 0x61, 0x62, 0x6c, 0x65, 0x2e, 0x61,
+	0x64, 0x6d, 0x69, 0x6e, 0x2e, 0x76, 0x32, 0x2e, 0x49, 0x6e, 0x73, 0x74, 0x61, 0x6e, 0x63, 0x65,
+	0x1a, 0x22, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x62, 0x69, 0x67, 0x74, 0x61, 0x62,
+	0x6c, 0x65, 0x2e, 0x61, 0x64, 0x6d, 0x69, 0x6e, 0x2e, 0x76, 0x32, 0x2e, 0x49, 0x6e, 0x73, 0x74,
+	0x61, 0x6e, 0x63, 0x65, 0x22, 0x2c, 0x82, 0xd3, 0xe4, 0x93, 0x02, 0x26, 0x1a, 0x21, 0x2f, 0x76,
+	0x32, 0x2f, 0x7b, 0x6e, 0x61, 0x6d, 0x65, 0x3d, 0x70, 0x72, 0x6f, 0x6a, 0x65, 0x63, 0x74, 0x73,
+	0x2f, 0x2a, 0x2f, 0x69, 0x6e, 0x73, 0x74, 0x61, 0x6e, 0x63, 0x65, 0x73, 0x2f, 0x2a, 0x7d, 0x3a,
+	0x01, 0x2a, 0x12, 0xe8, 0x01, 0x0a, 0x15, 0x50, 0x61, 0x72, 0x74, 0x69, 0x61, 0x6c, 0x55, 0x70,
+	0x64, 0x61, 0x74, 0x65, 0x49, 0x6e, 0x73, 0x74, 0x61, 0x6e, 0x63, 0x65, 0x12, 0x36, 0x2e, 0x67,
+	0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x62, 0x69, 0x67, 0x74, 0x61, 0x62, 0x6c, 0x65, 0x2e, 0x61,
+	0x64, 0x6d, 0x69, 0x6e, 0x2e, 0x76, 0x32, 0x2e, 0x50, 0x61, 0x72, 0x74, 0x69, 0x61, 0x6c, 0x55,
+	0x70, 0x64, 0x61, 0x74, 0x65, 0x49, 0x6e, 0x73, 0x74, 0x61, 0x6e, 0x63, 0x65, 0x52, 0x65, 0x71,
+	0x75, 0x65, 0x73, 0x74, 0x1a, 0x1d, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x6c, 0x6f,
+	0x6e, 0x67, 0x72, 0x75, 0x6e, 0x6e, 0x69, 0x6e, 0x67, 0x2e, 0x4f, 0x70, 0x65, 0x72, 0x61, 0x74,
+	0x69, 0x6f, 0x6e, 0x22, 0x78, 0x82, 0xd3, 0xe4, 0x93, 0x02, 0x36, 0x32, 0x2a, 0x2f, 0x76, 0x32,
+	0x2f, 0x7b, 0x69, 0x6e, 0x73, 0x74, 0x61, 0x6e, 0x63, 0x65, 0x2e, 0x6e, 0x61, 0x6d, 0x65, 0x3d,
+	0x70, 0x72, 0x6f, 0x6a, 0x65, 0x63, 0x74, 0x73, 0x2f, 0x2a, 0x2f, 0x69, 0x6e, 0x73, 0x74, 0x61,
+	0x6e, 0x63, 0x65, 0x73, 0x2f, 0x2a, 0x7d, 0x3a, 0x08, 0x69, 0x6e, 0x73, 0x74, 0x61, 0x6e, 0x63,
+	0x65, 0xda, 0x41, 0x14, 0x69, 0x6e, 0x73, 0x74, 0x61, 0x6e, 0x63, 0x65, 0x2c, 0x75, 0x70, 0x64,
+	0x61, 0x74, 0x65, 0x5f, 0x6d, 0x61, 0x73, 0x6b, 0xca, 0x41, 0x22, 0x0a, 0x08, 0x49, 0x6e, 0x73,
+	0x74, 0x61, 0x6e, 0x63, 0x65, 0x12, 0x16, 0x55, 0x70, 0x64, 0x61, 0x74, 0x65, 0x49, 0x6e, 0x73,
+	0x74, 0x61, 0x6e, 0x63, 0x65, 0x4d, 0x65, 0x74, 0x61, 0x64, 0x61, 0x74, 0x61, 0x12, 0x8b, 0x01,
+	0x0a, 0x0e, 0x44, 0x65, 0x6c, 0x65, 0x74, 0x65, 0x49, 0x6e, 0x73, 0x74, 0x61, 0x6e, 0x63, 0x65,
+	0x12, 0x2f, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x62, 0x69, 0x67, 0x74, 0x61, 0x62,
+	0x6c, 0x65, 0x2e, 0x61, 0x64, 0x6d, 0x69, 0x6e, 0x2e, 0x76, 0x32, 0x2e, 0x44, 0x65, 0x6c, 0x65,
+	0x74, 0x65, 0x49, 0x6e, 0x73, 0x74, 0x61, 0x6e, 0x63, 0x65, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73,
+	0x74, 0x1a, 0x16, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f,
+	0x62, 0x75, 0x66, 0x2e, 0x45, 0x6d, 0x70, 0x74, 0x79, 0x22, 0x30, 0x82, 0xd3, 0xe4, 0x93, 0x02,
+	0x23, 0x2a, 0x21, 0x2f, 0x76, 0x32, 0x2f, 0x7b, 0x6e, 0x61, 0x6d, 0x65, 0x3d, 0x70, 0x72, 0x6f,
+	0x6a, 0x65, 0x63, 0x74, 0x73, 0x2f, 0x2a, 0x2f, 0x69, 0x6e, 0x73, 0x74, 0x61, 0x6e, 0x63, 0x65,
+	0x73, 0x2f, 0x2a, 0x7d, 0xda, 0x41, 0x04, 0x6e, 0x61, 0x6d, 0x65, 0x12, 0xdc, 0x01, 0x0a, 0x0d,
+	0x43, 0x72, 0x65, 0x61, 0x74, 0x65, 0x43, 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0x12, 0x2e, 0x2e,
+	0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x62, 0x69, 0x67, 0x74, 0x61, 0x62, 0x6c, 0x65, 0x2e,
+	0x61, 0x64, 0x6d, 0x69, 0x6e, 0x2e, 0x76, 0x32, 0x2e, 0x43, 0x72, 0x65, 0x61, 0x74, 0x65, 0x43,
+	0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, 0x1d, 0x2e,
 	0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x6c, 0x6f, 0x6e, 0x67, 0x72, 0x75, 0x6e, 0x6e, 0x69,
-	0x6e, 0x67, 0x2e, 0x4f, 0x70, 0x65, 0x72, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x22, 0x93, 0x01, 0x82,
-	0xd3, 0xe4, 0x93, 0x02, 0x4a, 0x32, 0x3b, 0x2f, 0x76, 0x32, 0x2f, 0x7b, 0x61, 0x70, 0x70, 0x5f,
-	0x70, 0x72, 0x6f, 0x66, 0x69, 0x6c, 0x65, 0x2e, 0x6e, 0x61, 0x6d, 0x65, 0x3d, 0x70, 0x72, 0x6f,
+	0x6e, 0x67, 0x2e, 0x4f, 0x70, 0x65, 0x72, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x22, 0x7c, 0x82, 0xd3,
+	0xe4, 0x93, 0x02, 0x37, 0x22, 0x2c, 0x2f, 0x76, 0x32, 0x2f, 0x7b, 0x70, 0x61, 0x72, 0x65, 0x6e,
+	0x74, 0x3d, 0x70, 0x72, 0x6f, 0x6a, 0x65, 0x63, 0x74, 0x73, 0x2f, 0x2a, 0x2f, 0x69, 0x6e, 0x73,
+	0x74, 0x61, 0x6e, 0x63, 0x65, 0x73, 0x2f, 0x2a, 0x7d, 0x2f, 0x63, 0x6c, 0x75, 0x73, 0x74, 0x65,
+	0x72, 0x73, 0x3a, 0x07, 0x63, 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0xda, 0x41, 0x19, 0x70, 0x61,
+	0x72, 0x65, 0x6e, 0x74, 0x2c, 0x63, 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0x5f, 0x69, 0x64, 0x2c,
+	0x63, 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0xca, 0x41, 0x20, 0x0a, 0x07, 0x43, 0x6c, 0x75, 0x73,
+	0x74, 0x65, 0x72, 0x12, 0x15, 0x43, 0x72, 0x65, 0x61, 0x74, 0x65, 0x43, 0x6c, 0x75, 0x73, 0x74,
+	0x65, 0x72, 0x4d, 0x65, 0x74, 0x61, 0x64, 0x61, 0x74, 0x61, 0x12, 0x99, 0x01, 0x0a, 0x0a, 0x47,
+	0x65, 0x74, 0x43, 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0x12, 0x2b, 0x2e, 0x67, 0x6f, 0x6f, 0x67,
+	0x6c, 0x65, 0x2e, 0x62, 0x69, 0x67, 0x74, 0x61, 0x62, 0x6c, 0x65, 0x2e, 0x61, 0x64, 0x6d, 0x69,
+	0x6e, 0x2e, 0x76, 0x32, 0x2e, 0x47, 0x65, 0x74, 0x43, 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0x52,
+	0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, 0x21, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e,
+	0x62, 0x69, 0x67, 0x74, 0x61, 0x62, 0x6c, 0x65, 0x2e, 0x61, 0x64, 0x6d, 0x69, 0x6e, 0x2e, 0x76,
+	0x32, 0x2e, 0x43, 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0x22, 0x3b, 0x82, 0xd3, 0xe4, 0x93, 0x02,
+	0x2e, 0x12, 0x2c, 0x2f, 0x76, 0x32, 0x2f, 0x7b, 0x6e, 0x61, 0x6d, 0x65, 0x3d, 0x70, 0x72, 0x6f,
 	0x6a, 0x65, 0x63, 0x74, 0x73, 0x2f, 0x2a, 0x2f, 0x69, 0x6e, 0x73, 0x74, 0x61, 0x6e, 0x63, 0x65,
-	0x73, 0x2f, 0x2a, 0x2f, 0x61, 0x70, 0x70, 0x50, 0x72, 0x6f, 0x66, 0x69, 0x6c, 0x65, 0x73, 0x2f,
-	0x2a, 0x7d, 0x3a, 0x0b, 0x61, 0x70, 0x70, 0x5f, 0x70, 0x72, 0x6f, 0x66, 0x69, 0x6c, 0x65, 0xda,
-	0x41, 0x17, 0x61, 0x70, 0x70, 0x5f, 0x70, 0x72, 0x6f, 0x66, 0x69, 0x6c, 0x65, 0x2c, 0x75, 0x70,
-	0x64, 0x61, 0x74, 0x65, 0x5f, 0x6d, 0x61, 0x73, 0x6b, 0xca, 0x41, 0x26, 0x0a, 0x0a, 0x41, 0x70,
-	0x70, 0x50, 0x72, 0x6f, 0x66, 0x69, 0x6c, 0x65, 0x12, 0x18, 0x55, 0x70, 0x64, 0x61, 0x74, 0x65,
-	0x41, 0x70, 0x70, 0x50, 0x72, 0x6f, 0x66, 0x69, 0x6c, 0x65, 0x4d, 0x65, 0x74, 0x61, 0x64, 0x61,
-	0x74, 0x61, 0x12, 0x9d, 0x01, 0x0a, 0x10, 0x44, 0x65, 0x6c, 0x65, 0x74, 0x65, 0x41, 0x70, 0x70,
-	0x50, 0x72, 0x6f, 0x66, 0x69, 0x6c, 0x65, 0x12, 0x31, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65,
+	0x73, 0x2f, 0x2a, 0x2f, 0x63, 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0x73, 0x2f, 0x2a, 0x7d, 0xda,
+	0x41, 0x04, 0x6e, 0x61, 0x6d, 0x65, 0x12, 0xac, 0x01, 0x0a, 0x0c, 0x4c, 0x69, 0x73, 0x74, 0x43,
+	0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0x73, 0x12, 0x2d, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65,
 	0x2e, 0x62, 0x69, 0x67, 0x74, 0x61, 0x62, 0x6c, 0x65, 0x2e, 0x61, 0x64, 0x6d, 0x69, 0x6e, 0x2e,
-	0x76, 0x32, 0x2e, 0x44, 0x65, 0x6c, 0x65, 0x74, 0x65, 0x41, 0x70, 0x70, 0x50, 0x72, 0x6f, 0x66,
-	0x69, 0x6c, 0x65, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, 0x16, 0x2e, 0x67, 0x6f, 0x6f,
-	0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x45, 0x6d, 0x70,
-	0x74, 0x79, 0x22, 0x3e, 0x82, 0xd3, 0xe4, 0x93, 0x02, 0x31, 0x2a, 0x2f, 0x2f, 0x76, 0x32, 0x2f,
-	0x7b, 0x6e, 0x61, 0x6d, 0x65, 0x3d, 0x70, 0x72, 0x6f, 0x6a, 0x65, 0x63, 0x74, 0x73, 0x2f, 0x2a,
-	0x2f, 0x69, 0x6e, 0x73, 0x74, 0x61, 0x6e, 0x63, 0x65, 0x73, 0x2f, 0x2a, 0x2f, 0x61, 0x70, 0x70,
-	0x50, 0x72, 0x6f, 0x66, 0x69, 0x6c, 0x65, 0x73, 0x2f, 0x2a, 0x7d, 0xda, 0x41, 0x04, 0x6e, 0x61,
-	0x6d, 0x65, 0x12, 0x93, 0x01, 0x0a, 0x0c, 0x47, 0x65, 0x74, 0x49, 0x61, 0x6d, 0x50, 0x6f, 0x6c,
-	0x69, 0x63, 0x79, 0x12, 0x22, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x69, 0x61, 0x6d,
-	0x2e, 0x76, 0x31, 0x2e, 0x47, 0x65, 0x74, 0x49, 0x61, 0x6d, 0x50, 0x6f, 0x6c, 0x69, 0x63, 0x79,
-	0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, 0x15, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65,
-	0x2e, 0x69, 0x61, 0x6d, 0x2e, 0x76, 0x31, 0x2e, 0x50, 0x6f, 0x6c, 0x69, 0x63, 0x79, 0x22, 0x48,
-	0x82, 0xd3, 0xe4, 0x93, 0x02, 0x37, 0x22, 0x32, 0x2f, 0x76, 0x32, 0x2f, 0x7b, 0x72, 0x65, 0x73,
-	0x6f, 0x75, 0x72, 0x63, 0x65, 0x3d, 0x70, 0x72, 0x6f, 0x6a, 0x65, 0x63, 0x74, 0x73, 0x2f, 0x2a,
-	0x2f, 0x69, 0x6e, 0x73, 0x74, 0x61, 0x6e, 0x63, 0x65, 0x73, 0x2f, 0x2a, 0x7d, 0x3a, 0x67, 0x65,
-	0x74, 0x49, 0x61, 0x6d, 0x50, 0x6f, 0x6c, 0x69, 0x63, 0x79, 0x3a, 0x01, 0x2a, 0xda, 0x41, 0x08,
-	0x72, 0x65, 0x73, 0x6f, 0x75, 0x72, 0x63, 0x65, 0x12, 0x9a, 0x01, 0x0a, 0x0c, 0x53, 0x65, 0x74,
-	0x49, 0x61, 0x6d, 0x50, 0x6f, 0x6c, 0x69, 0x63, 0x79, 0x12, 0x22, 0x2e, 0x67, 0x6f, 0x6f, 0x67,
-	0x6c, 0x65, 0x2e, 0x69, 0x61, 0x6d, 0x2e, 0x76, 0x31, 0x2e, 0x53, 0x65, 0x74, 0x49, 0x61, 0x6d,
-	0x50, 0x6f, 0x6c, 0x69, 0x63, 0x79, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, 0x15, 0x2e,
-	0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x69, 0x61, 0x6d, 0x2e, 0x76, 0x31, 0x2e, 0x50, 0x6f,
-	0x6c, 0x69, 0x63, 0x79, 0x22, 0x4f, 0x82, 0xd3, 0xe4, 0x93, 0x02, 0x37, 0x22, 0x32, 0x2f, 0x76,
-	0x32, 0x2f, 0x7b, 0x72, 0x65, 0x73, 0x6f, 0x75, 0x72, 0x63, 0x65, 0x3d, 0x70, 0x72, 0x6f, 0x6a,
+	0x76, 0x32, 0x2e, 0x4c, 0x69, 0x73, 0x74, 0x43, 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0x73, 0x52,
+	0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, 0x2e, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e,
+	0x62, 0x69, 0x67, 0x74, 0x61, 0x62, 0x6c, 0x65, 0x2e, 0x61, 0x64, 0x6d, 0x69, 0x6e, 0x2e, 0x76,
+	0x32, 0x2e, 0x4c, 0x69, 0x73, 0x74, 0x43, 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0x73, 0x52, 0x65,
+	0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x22, 0x3d, 0x82, 0xd3, 0xe4, 0x93, 0x02, 0x2e, 0x12, 0x2c,
+	0x2f, 0x76, 0x32, 0x2f, 0x7b, 0x70, 0x61, 0x72, 0x65, 0x6e, 0x74, 0x3d, 0x70, 0x72, 0x6f, 0x6a,
 	0x65, 0x63, 0x74, 0x73, 0x2f, 0x2a, 0x2f, 0x69, 0x6e, 0x73, 0x74, 0x61, 0x6e, 0x63, 0x65, 0x73,
-	0x2f, 0x2a, 0x7d, 0x3a, 0x73, 0x65, 0x74, 0x49, 0x61, 0x6d, 0x50, 0x6f, 0x6c, 0x69, 0x63, 0x79,
-	0x3a, 0x01, 0x2a, 0xda, 0x41, 0x0f, 0x72, 0x65, 0x73, 0x6f, 0x75, 0x72, 0x63, 0x65, 0x2c, 0x70,
-	0x6f, 0x6c, 0x69, 0x63, 0x79, 0x12, 0xc5, 0x01, 0x0a, 0x12, 0x54, 0x65, 0x73, 0x74, 0x49, 0x61,
-	0x6d, 0x50, 0x65, 0x72, 0x6d, 0x69, 0x73, 0x73, 0x69, 0x6f, 0x6e, 0x73, 0x12, 0x28, 0x2e, 0x67,
-	0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x69, 0x61, 0x6d, 0x2e, 0x76, 0x31, 0x2e, 0x54, 0x65, 0x73,
-	0x74, 0x49, 0x61, 0x6d, 0x50, 0x65, 0x72, 0x6d, 0x69, 0x73, 0x73, 0x69, 0x6f, 0x6e, 0x73, 0x52,
-	0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, 0x29, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e,
-	0x69, 0x61, 0x6d, 0x2e, 0x76, 0x31, 0x2e, 0x54, 0x65, 0x73, 0x74, 0x49, 0x61, 0x6d, 0x50, 0x65,
-	0x72, 0x6d, 0x69, 0x73, 0x73, 0x69, 0x6f, 0x6e, 0x73, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73,
-	0x65, 0x22, 0x5a, 0x82, 0xd3, 0xe4, 0x93, 0x02, 0x3d, 0x22, 0x38, 0x2f, 0x76, 0x32, 0x2f, 0x7b,
-	0x72, 0x65, 0x73, 0x6f, 0x75, 0x72, 0x63, 0x65, 0x3d, 0x70, 0x72, 0x6f, 0x6a, 0x65, 0x63, 0x74,
-	0x73, 0x2f, 0x2a, 0x2f, 0x69, 0x6e, 0x73, 0x74, 0x61, 0x6e, 0x63, 0x65, 0x73, 0x2f, 0x2a, 0x7d,
-	0x3a, 0x74, 0x65, 0x73, 0x74, 0x49, 0x61, 0x6d, 0x50, 0x65, 0x72, 0x6d, 0x69, 0x73, 0x73, 0x69,
-	0x6f, 0x6e, 0x73, 0x3a, 0x01, 0x2a, 0xda, 0x41, 0x14, 0x72, 0x65, 0x73, 0x6f, 0x75, 0x72, 0x63,
-	0x65, 0x2c, 0x70, 0x65, 0x72, 0x6d, 0x69, 0x73, 0x73, 0x69, 0x6f, 0x6e, 0x73, 0x1a, 0x9a, 0x03,
-	0xca, 0x41, 0x1c, 0x62, 0x69, 0x67, 0x74, 0x61, 0x62, 0x6c, 0x65, 0x61, 0x64, 0x6d, 0x69, 0x6e,
-	0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x61, 0x70, 0x69, 0x73, 0x2e, 0x63, 0x6f, 0x6d, 0xd2,
-	0x41, 0xf7, 0x02, 0x68, 0x74, 0x74, 0x70, 0x73, 0x3a, 0x2f, 0x2f, 0x77, 0x77, 0x77, 0x2e, 0x67,
-	0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x61, 0x70, 0x69, 0x73, 0x2e, 0x63, 0x6f, 0x6d, 0x2f, 0x61, 0x75,
-	0x74, 0x68, 0x2f, 0x62, 0x69, 0x67, 0x74, 0x61, 0x62, 0x6c, 0x65, 0x2e, 0x61, 0x64, 0x6d, 0x69,
-	0x6e, 0x2c, 0x68, 0x74, 0x74, 0x70, 0x73, 0x3a, 0x2f, 0x2f, 0x77, 0x77, 0x77, 0x2e, 0x67, 0x6f,
-	0x6f, 0x67, 0x6c, 0x65, 0x61, 0x70, 0x69, 0x73, 0x2e, 0x63, 0x6f, 0x6d, 0x2f, 0x61, 0x75, 0x74,
-	0x68, 0x2f, 0x62, 0x69, 0x67, 0x74, 0x61, 0x62, 0x6c, 0x65, 0x2e, 0x61, 0x64, 0x6d, 0x69, 0x6e,
-	0x2e, 0x63, 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0x2c, 0x68, 0x74, 0x74, 0x70, 0x73, 0x3a, 0x2f,
-	0x2f, 0x77, 0x77, 0x77, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x61, 0x70, 0x69, 0x73, 0x2e,
-	0x63, 0x6f, 0x6d, 0x2f, 0x61, 0x75, 0x74, 0x68, 0x2f, 0x62, 0x69, 0x67, 0x74, 0x61, 0x62, 0x6c,
-	0x65, 0x2e, 0x61, 0x64, 0x6d, 0x69, 0x6e, 0x2e, 0x69, 0x6e, 0x73, 0x74, 0x61, 0x6e, 0x63, 0x65,
-	0x2c, 0x68, 0x74, 0x74, 0x70, 0x73, 0x3a, 0x2f, 0x2f, 0x77, 0x77, 0x77, 0x2e, 0x67, 0x6f, 0x6f,
-	0x67, 0x6c, 0x65, 0x61, 0x70, 0x69, 0x73, 0x2e, 0x63, 0x6f, 0x6d, 0x2f, 0x61, 0x75, 0x74, 0x68,
-	0x2f, 0x63, 0x6c, 0x6f, 0x75, 0x64, 0x2d, 0x62, 0x69, 0x67, 0x74, 0x61, 0x62, 0x6c, 0x65, 0x2e,
-	0x61, 0x64, 0x6d, 0x69, 0x6e, 0x2c, 0x68, 0x74, 0x74, 0x70, 0x73, 0x3a, 0x2f, 0x2f, 0x77, 0x77,
-	0x77, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x61, 0x70, 0x69, 0x73, 0x2e, 0x63, 0x6f, 0x6d,
-	0x2f, 0x61, 0x75, 0x74, 0x68, 0x2f, 0x63, 0x6c, 0x6f, 0x75, 0x64, 0x2d, 0x62, 0x69, 0x67, 0x74,
-	0x61, 0x62, 0x6c, 0x65, 0x2e, 0x61, 0x64, 0x6d, 0x69, 0x6e, 0x2e, 0x63, 0x6c, 0x75, 0x73, 0x74,
-	0x65, 0x72, 0x2c, 0x68, 0x74, 0x74, 0x70, 0x73, 0x3a, 0x2f, 0x2f, 0x77, 0x77, 0x77, 0x2e, 0x67,
+	0x2f, 0x2a, 0x7d, 0x2f, 0x63, 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0x73, 0xda, 0x41, 0x06, 0x70,
+	0x61, 0x72, 0x65, 0x6e, 0x74, 0x12, 0xad, 0x01, 0x0a, 0x0d, 0x55, 0x70, 0x64, 0x61, 0x74, 0x65,
+	0x43, 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0x12, 0x21, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65,
+	0x2e, 0x62, 0x69, 0x67, 0x74, 0x61, 0x62, 0x6c, 0x65, 0x2e, 0x61, 0x64, 0x6d, 0x69, 0x6e, 0x2e,
+	0x76, 0x32, 0x2e, 0x43, 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0x1a, 0x1d, 0x2e, 0x67, 0x6f, 0x6f,
+	0x67, 0x6c, 0x65, 0x2e, 0x6c, 0x6f, 0x6e, 0x67, 0x72, 0x75, 0x6e, 0x6e, 0x69, 0x6e, 0x67, 0x2e,
+	0x4f, 0x70, 0x65, 0x72, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x22, 0x5a, 0x82, 0xd3, 0xe4, 0x93, 0x02,
+	0x31, 0x1a, 0x2c, 0x2f, 0x76, 0x32, 0x2f, 0x7b, 0x6e, 0x61, 0x6d, 0x65, 0x3d, 0x70, 0x72, 0x6f,
+	0x6a, 0x65, 0x63, 0x74, 0x73, 0x2f, 0x2a, 0x2f, 0x69, 0x6e, 0x73, 0x74, 0x61, 0x6e, 0x63, 0x65,
+	0x73, 0x2f, 0x2a, 0x2f, 0x63, 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0x73, 0x2f, 0x2a, 0x7d, 0x3a,
+	0x01, 0x2a, 0xca, 0x41, 0x20, 0x0a, 0x07, 0x43, 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0x12, 0x15,
+	0x55, 0x70, 0x64, 0x61, 0x74, 0x65, 0x43, 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0x4d, 0x65, 0x74,
+	0x61, 0x64, 0x61, 0x74, 0x61, 0x12, 0x94, 0x01, 0x0a, 0x0d, 0x44, 0x65, 0x6c, 0x65, 0x74, 0x65,
+	0x43, 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0x12, 0x2e, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65,
+	0x2e, 0x62, 0x69, 0x67, 0x74, 0x61, 0x62, 0x6c, 0x65, 0x2e, 0x61, 0x64, 0x6d, 0x69, 0x6e, 0x2e,
+	0x76, 0x32, 0x2e, 0x44, 0x65, 0x6c, 0x65, 0x74, 0x65, 0x43, 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72,
+	0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, 0x16, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65,
+	0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x45, 0x6d, 0x70, 0x74, 0x79, 0x22,
+	0x3b, 0x82, 0xd3, 0xe4, 0x93, 0x02, 0x2e, 0x2a, 0x2c, 0x2f, 0x76, 0x32, 0x2f, 0x7b, 0x6e, 0x61,
+	0x6d, 0x65, 0x3d, 0x70, 0x72, 0x6f, 0x6a, 0x65, 0x63, 0x74, 0x73, 0x2f, 0x2a, 0x2f, 0x69, 0x6e,
+	0x73, 0x74, 0x61, 0x6e, 0x63, 0x65, 0x73, 0x2f, 0x2a, 0x2f, 0x63, 0x6c, 0x75, 0x73, 0x74, 0x65,
+	0x72, 0x73, 0x2f, 0x2a, 0x7d, 0xda, 0x41, 0x04, 0x6e, 0x61, 0x6d, 0x65, 0x12, 0xd5, 0x01, 0x0a,
+	0x10, 0x43, 0x72, 0x65, 0x61, 0x74, 0x65, 0x41, 0x70, 0x70, 0x50, 0x72, 0x6f, 0x66, 0x69, 0x6c,
+	0x65, 0x12, 0x31, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x62, 0x69, 0x67, 0x74, 0x61,
+	0x62, 0x6c, 0x65, 0x2e, 0x61, 0x64, 0x6d, 0x69, 0x6e, 0x2e, 0x76, 0x32, 0x2e, 0x43, 0x72, 0x65,
+	0x61, 0x74, 0x65, 0x41, 0x70, 0x70, 0x50, 0x72, 0x6f, 0x66, 0x69, 0x6c, 0x65, 0x52, 0x65, 0x71,
+	0x75, 0x65, 0x73, 0x74, 0x1a, 0x24, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x62, 0x69,
+	0x67, 0x74, 0x61, 0x62, 0x6c, 0x65, 0x2e, 0x61, 0x64, 0x6d, 0x69, 0x6e, 0x2e, 0x76, 0x32, 0x2e,
+	0x41, 0x70, 0x70, 0x50, 0x72, 0x6f, 0x66, 0x69, 0x6c, 0x65, 0x22, 0x68, 0x82, 0xd3, 0xe4, 0x93,
+	0x02, 0x3e, 0x22, 0x2f, 0x2f, 0x76, 0x32, 0x2f, 0x7b, 0x70, 0x61, 0x72, 0x65, 0x6e, 0x74, 0x3d,
+	0x70, 0x72, 0x6f, 0x6a, 0x65, 0x63, 0x74, 0x73, 0x2f, 0x2a, 0x2f, 0x69, 0x6e, 0x73, 0x74, 0x61,
+	0x6e, 0x63, 0x65, 0x73, 0x2f, 0x2a, 0x7d, 0x2f, 0x61, 0x70, 0x70, 0x50, 0x72, 0x6f, 0x66, 0x69,
+	0x6c, 0x65, 0x73, 0x3a, 0x0b, 0x61, 0x70, 0x70, 0x5f, 0x70, 0x72, 0x6f, 0x66, 0x69, 0x6c, 0x65,
+	0xda, 0x41, 0x21, 0x70, 0x61, 0x72, 0x65, 0x6e, 0x74, 0x2c, 0x61, 0x70, 0x70, 0x5f, 0x70, 0x72,
+	0x6f, 0x66, 0x69, 0x6c, 0x65, 0x5f, 0x69, 0x64, 0x2c, 0x61, 0x70, 0x70, 0x5f, 0x70, 0x72, 0x6f,
+	0x66, 0x69, 0x6c, 0x65, 0x12, 0xa5, 0x01, 0x0a, 0x0d, 0x47, 0x65, 0x74, 0x41, 0x70, 0x70, 0x50,
+	0x72, 0x6f, 0x66, 0x69, 0x6c, 0x65, 0x12, 0x2e, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e,
+	0x62, 0x69, 0x67, 0x74, 0x61, 0x62, 0x6c, 0x65, 0x2e, 0x61, 0x64, 0x6d, 0x69, 0x6e, 0x2e, 0x76,
+	0x32, 0x2e, 0x47, 0x65, 0x74, 0x41, 0x70, 0x70, 0x50, 0x72, 0x6f, 0x66, 0x69, 0x6c, 0x65, 0x52,
+	0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, 0x24, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e,
+	0x62, 0x69, 0x67, 0x74, 0x61, 0x62, 0x6c, 0x65, 0x2e, 0x61, 0x64, 0x6d, 0x69, 0x6e, 0x2e, 0x76,
+	0x32, 0x2e, 0x41, 0x70, 0x70, 0x50, 0x72, 0x6f, 0x66, 0x69, 0x6c, 0x65, 0x22, 0x3e, 0x82, 0xd3,
+	0xe4, 0x93, 0x02, 0x31, 0x12, 0x2f, 0x2f, 0x76, 0x32, 0x2f, 0x7b, 0x6e, 0x61, 0x6d, 0x65, 0x3d,
+	0x70, 0x72, 0x6f, 0x6a, 0x65, 0x63, 0x74, 0x73, 0x2f, 0x2a, 0x2f, 0x69, 0x6e, 0x73, 0x74, 0x61,
+	0x6e, 0x63, 0x65, 0x73, 0x2f, 0x2a, 0x2f, 0x61, 0x70, 0x70, 0x50, 0x72, 0x6f, 0x66, 0x69, 0x6c,
+	0x65, 0x73, 0x2f, 0x2a, 0x7d, 0xda, 0x41, 0x04, 0x6e, 0x61, 0x6d, 0x65, 0x12, 0xb8, 0x01, 0x0a,
+	0x0f, 0x4c, 0x69, 0x73, 0x74, 0x41, 0x70, 0x70, 0x50, 0x72, 0x6f, 0x66, 0x69, 0x6c, 0x65, 0x73,
+	0x12, 0x30, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x62, 0x69, 0x67, 0x74, 0x61, 0x62,
+	0x6c, 0x65, 0x2e, 0x61, 0x64, 0x6d, 0x69, 0x6e, 0x2e, 0x76, 0x32, 0x2e, 0x4c, 0x69, 0x73, 0x74,
+	0x41, 0x70, 0x70, 0x50, 0x72, 0x6f, 0x66, 0x69, 0x6c, 0x65, 0x73, 0x52, 0x65, 0x71, 0x75, 0x65,
+	0x73, 0x74, 0x1a, 0x31, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x62, 0x69, 0x67, 0x74,
+	0x61, 0x62, 0x6c, 0x65, 0x2e, 0x61, 0x64, 0x6d, 0x69, 0x6e, 0x2e, 0x76, 0x32, 0x2e, 0x4c, 0x69,
+	0x73, 0x74, 0x41, 0x70, 0x70, 0x50, 0x72, 0x6f, 0x66, 0x69, 0x6c, 0x65, 0x73, 0x52, 0x65, 0x73,
+	0x70, 0x6f, 0x6e, 0x73, 0x65, 0x22, 0x40, 0x82, 0xd3, 0xe4, 0x93, 0x02, 0x31, 0x12, 0x2f, 0x2f,
+	0x76, 0x32, 0x2f, 0x7b, 0x70, 0x61, 0x72, 0x65, 0x6e, 0x74, 0x3d, 0x70, 0x72, 0x6f, 0x6a, 0x65,
+	0x63, 0x74, 0x73, 0x2f, 0x2a, 0x2f, 0x69, 0x6e, 0x73, 0x74, 0x61, 0x6e, 0x63, 0x65, 0x73, 0x2f,
+	0x2a, 0x7d, 0x2f, 0x61, 0x70, 0x70, 0x50, 0x72, 0x6f, 0x66, 0x69, 0x6c, 0x65, 0x73, 0xda, 0x41,
+	0x06, 0x70, 0x61, 0x72, 0x65, 0x6e, 0x74, 0x12, 0xfa, 0x01, 0x0a, 0x10, 0x55, 0x70, 0x64, 0x61,
+	0x74, 0x65, 0x41, 0x70, 0x70, 0x50, 0x72, 0x6f, 0x66, 0x69, 0x6c, 0x65, 0x12, 0x31, 0x2e, 0x67,
+	0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x62, 0x69, 0x67, 0x74, 0x61, 0x62, 0x6c, 0x65, 0x2e, 0x61,
+	0x64, 0x6d, 0x69, 0x6e, 0x2e, 0x76, 0x32, 0x2e, 0x55, 0x70, 0x64, 0x61, 0x74, 0x65, 0x41, 0x70,
+	0x70, 0x50, 0x72, 0x6f, 0x66, 0x69, 0x6c, 0x65, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a,
+	0x1d, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x6c, 0x6f, 0x6e, 0x67, 0x72, 0x75, 0x6e,
+	0x6e, 0x69, 0x6e, 0x67, 0x2e, 0x4f, 0x70, 0x65, 0x72, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x22, 0x93,
+	0x01, 0x82, 0xd3, 0xe4, 0x93, 0x02, 0x4a, 0x32, 0x3b, 0x2f, 0x76, 0x32, 0x2f, 0x7b, 0x61, 0x70,
+	0x70, 0x5f, 0x70, 0x72, 0x6f, 0x66, 0x69, 0x6c, 0x65, 0x2e, 0x6e, 0x61, 0x6d, 0x65, 0x3d, 0x70,
+	0x72, 0x6f, 0x6a, 0x65, 0x63, 0x74, 0x73, 0x2f, 0x2a, 0x2f, 0x69, 0x6e, 0x73, 0x74, 0x61, 0x6e,
+	0x63, 0x65, 0x73, 0x2f, 0x2a, 0x2f, 0x61, 0x70, 0x70, 0x50, 0x72, 0x6f, 0x66, 0x69, 0x6c, 0x65,
+	0x73, 0x2f, 0x2a, 0x7d, 0x3a, 0x0b, 0x61, 0x70, 0x70, 0x5f, 0x70, 0x72, 0x6f, 0x66, 0x69, 0x6c,
+	0x65, 0xda, 0x41, 0x17, 0x61, 0x70, 0x70, 0x5f, 0x70, 0x72, 0x6f, 0x66, 0x69, 0x6c, 0x65, 0x2c,
+	0x75, 0x70, 0x64, 0x61, 0x74, 0x65, 0x5f, 0x6d, 0x61, 0x73, 0x6b, 0xca, 0x41, 0x26, 0x0a, 0x0a,
+	0x41, 0x70, 0x70, 0x50, 0x72, 0x6f, 0x66, 0x69, 0x6c, 0x65, 0x12, 0x18, 0x55, 0x70, 0x64, 0x61,
+	0x74, 0x65, 0x41, 0x70, 0x70, 0x50, 0x72, 0x6f, 0x66, 0x69, 0x6c, 0x65, 0x4d, 0x65, 0x74, 0x61,
+	0x64, 0x61, 0x74, 0x61, 0x12, 0x9d, 0x01, 0x0a, 0x10, 0x44, 0x65, 0x6c, 0x65, 0x74, 0x65, 0x41,
+	0x70, 0x70, 0x50, 0x72, 0x6f, 0x66, 0x69, 0x6c, 0x65, 0x12, 0x31, 0x2e, 0x67, 0x6f, 0x6f, 0x67,
+	0x6c, 0x65, 0x2e, 0x62, 0x69, 0x67, 0x74, 0x61, 0x62, 0x6c, 0x65, 0x2e, 0x61, 0x64, 0x6d, 0x69,
+	0x6e, 0x2e, 0x76, 0x32, 0x2e, 0x44, 0x65, 0x6c, 0x65, 0x74, 0x65, 0x41, 0x70, 0x70, 0x50, 0x72,
+	0x6f, 0x66, 0x69, 0x6c, 0x65, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, 0x16, 0x2e, 0x67,
+	0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x45,
+	0x6d, 0x70, 0x74, 0x79, 0x22, 0x3e, 0x82, 0xd3, 0xe4, 0x93, 0x02, 0x31, 0x2a, 0x2f, 0x2f, 0x76,
+	0x32, 0x2f, 0x7b, 0x6e, 0x61, 0x6d, 0x65, 0x3d, 0x70, 0x72, 0x6f, 0x6a, 0x65, 0x63, 0x74, 0x73,
+	0x2f, 0x2a, 0x2f, 0x69, 0x6e, 0x73, 0x74, 0x61, 0x6e, 0x63, 0x65, 0x73, 0x2f, 0x2a, 0x2f, 0x61,
+	0x70, 0x70, 0x50, 0x72, 0x6f, 0x66, 0x69, 0x6c, 0x65, 0x73, 0x2f, 0x2a, 0x7d, 0xda, 0x41, 0x04,
+	0x6e, 0x61, 0x6d, 0x65, 0x12, 0x93, 0x01, 0x0a, 0x0c, 0x47, 0x65, 0x74, 0x49, 0x61, 0x6d, 0x50,
+	0x6f, 0x6c, 0x69, 0x63, 0x79, 0x12, 0x22, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x69,
+	0x61, 0x6d, 0x2e, 0x76, 0x31, 0x2e, 0x47, 0x65, 0x74, 0x49, 0x61, 0x6d, 0x50, 0x6f, 0x6c, 0x69,
+	0x63, 0x79, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, 0x15, 0x2e, 0x67, 0x6f, 0x6f, 0x67,
+	0x6c, 0x65, 0x2e, 0x69, 0x61, 0x6d, 0x2e, 0x76, 0x31, 0x2e, 0x50, 0x6f, 0x6c, 0x69, 0x63, 0x79,
+	0x22, 0x48, 0x82, 0xd3, 0xe4, 0x93, 0x02, 0x37, 0x22, 0x32, 0x2f, 0x76, 0x32, 0x2f, 0x7b, 0x72,
+	0x65, 0x73, 0x6f, 0x75, 0x72, 0x63, 0x65, 0x3d, 0x70, 0x72, 0x6f, 0x6a, 0x65, 0x63, 0x74, 0x73,
+	0x2f, 0x2a, 0x2f, 0x69, 0x6e, 0x73, 0x74, 0x61, 0x6e, 0x63, 0x65, 0x73, 0x2f, 0x2a, 0x7d, 0x3a,
+	0x67, 0x65, 0x74, 0x49, 0x61, 0x6d, 0x50, 0x6f, 0x6c, 0x69, 0x63, 0x79, 0x3a, 0x01, 0x2a, 0xda,
+	0x41, 0x08, 0x72, 0x65, 0x73, 0x6f, 0x75, 0x72, 0x63, 0x65, 0x12, 0x9a, 0x01, 0x0a, 0x0c, 0x53,
+	0x65, 0x74, 0x49, 0x61, 0x6d, 0x50, 0x6f, 0x6c, 0x69, 0x63, 0x79, 0x12, 0x22, 0x2e, 0x67, 0x6f,
+	0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x69, 0x61, 0x6d, 0x2e, 0x76, 0x31, 0x2e, 0x53, 0x65, 0x74, 0x49,
+	0x61, 0x6d, 0x50, 0x6f, 0x6c, 0x69, 0x63, 0x79, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a,
+	0x15, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x69, 0x61, 0x6d, 0x2e, 0x76, 0x31, 0x2e,
+	0x50, 0x6f, 0x6c, 0x69, 0x63, 0x79, 0x22, 0x4f, 0x82, 0xd3, 0xe4, 0x93, 0x02, 0x37, 0x22, 0x32,
+	0x2f, 0x76, 0x32, 0x2f, 0x7b, 0x72, 0x65, 0x73, 0x6f, 0x75, 0x72, 0x63, 0x65, 0x3d, 0x70, 0x72,
+	0x6f, 0x6a, 0x65, 0x63, 0x74, 0x73, 0x2f, 0x2a, 0x2f, 0x69, 0x6e, 0x73, 0x74, 0x61, 0x6e, 0x63,
+	0x65, 0x73, 0x2f, 0x2a, 0x7d, 0x3a, 0x73, 0x65, 0x74, 0x49, 0x61, 0x6d, 0x50, 0x6f, 0x6c, 0x69,
+	0x63, 0x79, 0x3a, 0x01, 0x2a, 0xda, 0x41, 0x0f, 0x72, 0x65, 0x73, 0x6f, 0x75, 0x72, 0x63, 0x65,
+	0x2c, 0x70, 0x6f, 0x6c, 0x69, 0x63, 0x79, 0x12, 0xc5, 0x01, 0x0a, 0x12, 0x54, 0x65, 0x73, 0x74,
+	0x49, 0x61, 0x6d, 0x50, 0x65, 0x72, 0x6d, 0x69, 0x73, 0x73, 0x69, 0x6f, 0x6e, 0x73, 0x12, 0x28,
+	0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x69, 0x61, 0x6d, 0x2e, 0x76, 0x31, 0x2e, 0x54,
+	0x65, 0x73, 0x74, 0x49, 0x61, 0x6d, 0x50, 0x65, 0x72, 0x6d, 0x69, 0x73, 0x73, 0x69, 0x6f, 0x6e,
+	0x73, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, 0x29, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c,
+	0x65, 0x2e, 0x69, 0x61, 0x6d, 0x2e, 0x76, 0x31, 0x2e, 0x54, 0x65, 0x73, 0x74, 0x49, 0x61, 0x6d,
+	0x50, 0x65, 0x72, 0x6d, 0x69, 0x73, 0x73, 0x69, 0x6f, 0x6e, 0x73, 0x52, 0x65, 0x73, 0x70, 0x6f,
+	0x6e, 0x73, 0x65, 0x22, 0x5a, 0x82, 0xd3, 0xe4, 0x93, 0x02, 0x3d, 0x22, 0x38, 0x2f, 0x76, 0x32,
+	0x2f, 0x7b, 0x72, 0x65, 0x73, 0x6f, 0x75, 0x72, 0x63, 0x65, 0x3d, 0x70, 0x72, 0x6f, 0x6a, 0x65,
+	0x63, 0x74, 0x73, 0x2f, 0x2a, 0x2f, 0x69, 0x6e, 0x73, 0x74, 0x61, 0x6e, 0x63, 0x65, 0x73, 0x2f,
+	0x2a, 0x7d, 0x3a, 0x74, 0x65, 0x73, 0x74, 0x49, 0x61, 0x6d, 0x50, 0x65, 0x72, 0x6d, 0x69, 0x73,
+	0x73, 0x69, 0x6f, 0x6e, 0x73, 0x3a, 0x01, 0x2a, 0xda, 0x41, 0x14, 0x72, 0x65, 0x73, 0x6f, 0x75,
+	0x72, 0x63, 0x65, 0x2c, 0x70, 0x65, 0x72, 0x6d, 0x69, 0x73, 0x73, 0x69, 0x6f, 0x6e, 0x73, 0x1a,
+	0x9a, 0x03, 0xca, 0x41, 0x1c, 0x62, 0x69, 0x67, 0x74, 0x61, 0x62, 0x6c, 0x65, 0x61, 0x64, 0x6d,
+	0x69, 0x6e, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x61, 0x70, 0x69, 0x73, 0x2e, 0x63, 0x6f,
+	0x6d, 0xd2, 0x41, 0xf7, 0x02, 0x68, 0x74, 0x74, 0x70, 0x73, 0x3a, 0x2f, 0x2f, 0x77, 0x77, 0x77,
+	0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x61, 0x70, 0x69, 0x73, 0x2e, 0x63, 0x6f, 0x6d, 0x2f,
+	0x61, 0x75, 0x74, 0x68, 0x2f, 0x62, 0x69, 0x67, 0x74, 0x61, 0x62, 0x6c, 0x65, 0x2e, 0x61, 0x64,
+	0x6d, 0x69, 0x6e, 0x2c, 0x68, 0x74, 0x74, 0x70, 0x73, 0x3a, 0x2f, 0x2f, 0x77, 0x77, 0x77, 0x2e,
+	0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x61, 0x70, 0x69, 0x73, 0x2e, 0x63, 0x6f, 0x6d, 0x2f, 0x61,
+	0x75, 0x74, 0x68, 0x2f, 0x62, 0x69, 0x67, 0x74, 0x61, 0x62, 0x6c, 0x65, 0x2e, 0x61, 0x64, 0x6d,
+	0x69, 0x6e, 0x2e, 0x63, 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0x2c, 0x68, 0x74, 0x74, 0x70, 0x73,
+	0x3a, 0x2f, 0x2f, 0x77, 0x77, 0x77, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x61, 0x70, 0x69,
+	0x73, 0x2e, 0x63, 0x6f, 0x6d, 0x2f, 0x61, 0x75, 0x74, 0x68, 0x2f, 0x62, 0x69, 0x67, 0x74, 0x61,
+	0x62, 0x6c, 0x65, 0x2e, 0x61, 0x64, 0x6d, 0x69, 0x6e, 0x2e, 0x69, 0x6e, 0x73, 0x74, 0x61, 0x6e,
+	0x63, 0x65, 0x2c, 0x68, 0x74, 0x74, 0x70, 0x73, 0x3a, 0x2f, 0x2f, 0x77, 0x77, 0x77, 0x2e, 0x67,
 	0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x61, 0x70, 0x69, 0x73, 0x2e, 0x63, 0x6f, 0x6d, 0x2f, 0x61, 0x75,
-	0x74, 0x68, 0x2f, 0x63, 0x6c, 0x6f, 0x75, 0x64, 0x2d, 0x70, 0x6c, 0x61, 0x74, 0x66, 0x6f, 0x72,
-	0x6d, 0x2c, 0x68, 0x74, 0x74, 0x70, 0x73, 0x3a, 0x2f, 0x2f, 0x77, 0x77, 0x77, 0x2e, 0x67, 0x6f,
-	0x6f, 0x67, 0x6c, 0x65, 0x61, 0x70, 0x69, 0x73, 0x2e, 0x63, 0x6f, 0x6d, 0x2f, 0x61, 0x75, 0x74,
-	0x68, 0x2f, 0x63, 0x6c, 0x6f, 0x75, 0x64, 0x2d, 0x70, 0x6c, 0x61, 0x74, 0x66, 0x6f, 0x72, 0x6d,
-	0x2e, 0x72, 0x65, 0x61, 0x64, 0x2d, 0x6f, 0x6e, 0x6c, 0x79, 0x42, 0xe2, 0x01, 0x0a, 0x1c, 0x63,
-	0x6f, 0x6d, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x62, 0x69, 0x67, 0x74, 0x61, 0x62,
-	0x6c, 0x65, 0x2e, 0x61, 0x64, 0x6d, 0x69, 0x6e, 0x2e, 0x76, 0x32, 0x42, 0x1a, 0x42, 0x69, 0x67,
-	0x74, 0x61, 0x62, 0x6c, 0x65, 0x49, 0x6e, 0x73, 0x74, 0x61, 0x6e, 0x63, 0x65, 0x41, 0x64, 0x6d,
-	0x69, 0x6e, 0x50, 0x72, 0x6f, 0x74, 0x6f, 0x50, 0x01, 0x5a, 0x3d, 0x67, 0x6f, 0x6f, 0x67, 0x6c,
-	0x65, 0x2e, 0x67, 0x6f, 0x6c, 0x61, 0x6e, 0x67, 0x2e, 0x6f, 0x72, 0x67, 0x2f, 0x67, 0x65, 0x6e,
-	0x70, 0x72, 0x6f, 0x74, 0x6f, 0x2f, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x61, 0x70, 0x69, 0x73,
-	0x2f, 0x62, 0x69, 0x67, 0x74, 0x61, 0x62, 0x6c, 0x65, 0x2f, 0x61, 0x64, 0x6d, 0x69, 0x6e, 0x2f,
-	0x76, 0x32, 0x3b, 0x61, 0x64, 0x6d, 0x69, 0x6e, 0xaa, 0x02, 0x1e, 0x47, 0x6f, 0x6f, 0x67, 0x6c,
-	0x65, 0x2e, 0x43, 0x6c, 0x6f, 0x75, 0x64, 0x2e, 0x42, 0x69, 0x67, 0x74, 0x61, 0x62, 0x6c, 0x65,
-	0x2e, 0x41, 0x64, 0x6d, 0x69, 0x6e, 0x2e, 0x56, 0x32, 0xca, 0x02, 0x1e, 0x47, 0x6f, 0x6f, 0x67,
-	0x6c, 0x65, 0x5c, 0x43, 0x6c, 0x6f, 0x75, 0x64, 0x5c, 0x42, 0x69, 0x67, 0x74, 0x61, 0x62, 0x6c,
-	0x65, 0x5c, 0x41, 0x64, 0x6d, 0x69, 0x6e, 0x5c, 0x56, 0x32, 0xea, 0x02, 0x22, 0x47, 0x6f, 0x6f,
-	0x67, 0x6c, 0x65, 0x3a, 0x3a, 0x43, 0x6c, 0x6f, 0x75, 0x64, 0x3a, 0x3a, 0x42, 0x69, 0x67, 0x74,
-	0x61, 0x62, 0x6c, 0x65, 0x3a, 0x3a, 0x41, 0x64, 0x6d, 0x69, 0x6e, 0x3a, 0x3a, 0x56, 0x32, 0x62,
-	0x06, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x33,
+	0x74, 0x68, 0x2f, 0x63, 0x6c, 0x6f, 0x75, 0x64, 0x2d, 0x62, 0x69, 0x67, 0x74, 0x61, 0x62, 0x6c,
+	0x65, 0x2e, 0x61, 0x64, 0x6d, 0x69, 0x6e, 0x2c, 0x68, 0x74, 0x74, 0x70, 0x73, 0x3a, 0x2f, 0x2f,
+	0x77, 0x77, 0x77, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x61, 0x70, 0x69, 0x73, 0x2e, 0x63,
+	0x6f, 0x6d, 0x2f, 0x61, 0x75, 0x74, 0x68, 0x2f, 0x63, 0x6c, 0x6f, 0x75, 0x64, 0x2d, 0x62, 0x69,
+	0x67, 0x74, 0x61, 0x62, 0x6c, 0x65, 0x2e, 0x61, 0x64, 0x6d, 0x69, 0x6e, 0x2e, 0x63, 0x6c, 0x75,
+	0x73, 0x74, 0x65, 0x72, 0x2c, 0x68, 0x74, 0x74, 0x70, 0x73, 0x3a, 0x2f, 0x2f, 0x77, 0x77, 0x77,
+	0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x61, 0x70, 0x69, 0x73, 0x2e, 0x63, 0x6f, 0x6d, 0x2f,
+	0x61, 0x75, 0x74, 0x68, 0x2f, 0x63, 0x6c, 0x6f, 0x75, 0x64, 0x2d, 0x70, 0x6c, 0x61, 0x74, 0x66,
+	0x6f, 0x72, 0x6d, 0x2c, 0x68, 0x74, 0x74, 0x70, 0x73, 0x3a, 0x2f, 0x2f, 0x77, 0x77, 0x77, 0x2e,
+	0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x61, 0x70, 0x69, 0x73, 0x2e, 0x63, 0x6f, 0x6d, 0x2f, 0x61,
+	0x75, 0x74, 0x68, 0x2f, 0x63, 0x6c, 0x6f, 0x75, 0x64, 0x2d, 0x70, 0x6c, 0x61, 0x74, 0x66, 0x6f,
+	0x72, 0x6d, 0x2e, 0x72, 0x65, 0x61, 0x64, 0x2d, 0x6f, 0x6e, 0x6c, 0x79, 0x42, 0xe2, 0x01, 0x0a,
+	0x1c, 0x63, 0x6f, 0x6d, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x62, 0x69, 0x67, 0x74,
+	0x61, 0x62, 0x6c, 0x65, 0x2e, 0x61, 0x64, 0x6d, 0x69, 0x6e, 0x2e, 0x76, 0x32, 0x42, 0x1a, 0x42,
+	0x69, 0x67, 0x74, 0x61, 0x62, 0x6c, 0x65, 0x49, 0x6e, 0x73, 0x74, 0x61, 0x6e, 0x63, 0x65, 0x41,
+	0x64, 0x6d, 0x69, 0x6e, 0x50, 0x72, 0x6f, 0x74, 0x6f, 0x50, 0x01, 0x5a, 0x3d, 0x67, 0x6f, 0x6f,
+	0x67, 0x6c, 0x65, 0x2e, 0x67, 0x6f, 0x6c, 0x61, 0x6e, 0x67, 0x2e, 0x6f, 0x72, 0x67, 0x2f, 0x67,
+	0x65, 0x6e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x2f, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x61, 0x70,
+	0x69, 0x73, 0x2f, 0x62, 0x69, 0x67, 0x74, 0x61, 0x62, 0x6c, 0x65, 0x2f, 0x61, 0x64, 0x6d, 0x69,
+	0x6e, 0x2f, 0x76, 0x32, 0x3b, 0x61, 0x64, 0x6d, 0x69, 0x6e, 0xaa, 0x02, 0x1e, 0x47, 0x6f, 0x6f,
+	0x67, 0x6c, 0x65, 0x2e, 0x43, 0x6c, 0x6f, 0x75, 0x64, 0x2e, 0x42, 0x69, 0x67, 0x74, 0x61, 0x62,
+	0x6c, 0x65, 0x2e, 0x41, 0x64, 0x6d, 0x69, 0x6e, 0x2e, 0x56, 0x32, 0xca, 0x02, 0x1e, 0x47, 0x6f,
+	0x6f, 0x67, 0x6c, 0x65, 0x5c, 0x43, 0x6c, 0x6f, 0x75, 0x64, 0x5c, 0x42, 0x69, 0x67, 0x74, 0x61,
+	0x62, 0x6c, 0x65, 0x5c, 0x41, 0x64, 0x6d, 0x69, 0x6e, 0x5c, 0x56, 0x32, 0xea, 0x02, 0x22, 0x47,
+	0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x3a, 0x3a, 0x43, 0x6c, 0x6f, 0x75, 0x64, 0x3a, 0x3a, 0x42, 0x69,
+	0x67, 0x74, 0x61, 0x62, 0x6c, 0x65, 0x3a, 0x3a, 0x41, 0x64, 0x6d, 0x69, 0x6e, 0x3a, 0x3a, 0x56,
+	0x32, 0x62, 0x06, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x33,
 }
 
 var (
diff --git a/vendor/google.golang.org/genproto/googleapis/bigtable/admin/v2/bigtable_table_admin.pb.go b/vendor/google.golang.org/genproto/googleapis/bigtable/admin/v2/bigtable_table_admin.pb.go
index 314c221715c..487c0ca3f75 100644
--- a/vendor/google.golang.org/genproto/googleapis/bigtable/admin/v2/bigtable_table_admin.pb.go
+++ b/vendor/google.golang.org/genproto/googleapis/bigtable/admin/v2/bigtable_table_admin.pb.go
@@ -2351,200 +2351,205 @@ var file_google_bigtable_admin_v2_bigtable_table_admin_proto_rawDesc = []byte{
 	0x69, 0x65, 0x6c, 0x64, 0x5f, 0x6d, 0x61, 0x73, 0x6b, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a,
 	0x1f, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2f, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66,
 	0x2f, 0x74, 0x69, 0x6d, 0x65, 0x73, 0x74, 0x61, 0x6d, 0x70, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f,
-	0x22, 0xc0, 0x01, 0x0a, 0x13, 0x52, 0x65, 0x73, 0x74, 0x6f, 0x72, 0x65, 0x54, 0x61, 0x62, 0x6c,
-	0x65, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x12, 0x40, 0x0a, 0x06, 0x70, 0x61, 0x72, 0x65,
-	0x6e, 0x74, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x42, 0x28, 0xe0, 0x41, 0x02, 0xfa, 0x41, 0x22,
-	0x0a, 0x20, 0x62, 0x69, 0x67, 0x74, 0x61, 0x62, 0x6c, 0x65, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c,
-	0x65, 0x61, 0x70, 0x69, 0x73, 0x2e, 0x63, 0x6f, 0x6d, 0x2f, 0x49, 0x6e, 0x73, 0x74, 0x61, 0x6e,
-	0x63, 0x65, 0x52, 0x06, 0x70, 0x61, 0x72, 0x65, 0x6e, 0x74, 0x12, 0x1e, 0x0a, 0x08, 0x74, 0x61,
-	0x62, 0x6c, 0x65, 0x5f, 0x69, 0x64, 0x18, 0x02, 0x20, 0x01, 0x28, 0x09, 0x42, 0x03, 0xe0, 0x41,
-	0x02, 0x52, 0x07, 0x74, 0x61, 0x62, 0x6c, 0x65, 0x49, 0x64, 0x12, 0x3d, 0x0a, 0x06, 0x62, 0x61,
-	0x63, 0x6b, 0x75, 0x70, 0x18, 0x03, 0x20, 0x01, 0x28, 0x09, 0x42, 0x23, 0xfa, 0x41, 0x20, 0x0a,
-	0x1e, 0x62, 0x69, 0x67, 0x74, 0x61, 0x62, 0x6c, 0x65, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65,
-	0x61, 0x70, 0x69, 0x73, 0x2e, 0x63, 0x6f, 0x6d, 0x2f, 0x42, 0x61, 0x63, 0x6b, 0x75, 0x70, 0x48,
-	0x00, 0x52, 0x06, 0x62, 0x61, 0x63, 0x6b, 0x75, 0x70, 0x42, 0x08, 0x0a, 0x06, 0x73, 0x6f, 0x75,
-	0x72, 0x63, 0x65, 0x22, 0xdc, 0x02, 0x0a, 0x14, 0x52, 0x65, 0x73, 0x74, 0x6f, 0x72, 0x65, 0x54,
-	0x61, 0x62, 0x6c, 0x65, 0x4d, 0x65, 0x74, 0x61, 0x64, 0x61, 0x74, 0x61, 0x12, 0x12, 0x0a, 0x04,
-	0x6e, 0x61, 0x6d, 0x65, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x04, 0x6e, 0x61, 0x6d, 0x65,
-	0x12, 0x4c, 0x0a, 0x0b, 0x73, 0x6f, 0x75, 0x72, 0x63, 0x65, 0x5f, 0x74, 0x79, 0x70, 0x65, 0x18,
-	0x02, 0x20, 0x01, 0x28, 0x0e, 0x32, 0x2b, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x62,
-	0x69, 0x67, 0x74, 0x61, 0x62, 0x6c, 0x65, 0x2e, 0x61, 0x64, 0x6d, 0x69, 0x6e, 0x2e, 0x76, 0x32,
-	0x2e, 0x52, 0x65, 0x73, 0x74, 0x6f, 0x72, 0x65, 0x53, 0x6f, 0x75, 0x72, 0x63, 0x65, 0x54, 0x79,
-	0x70, 0x65, 0x52, 0x0a, 0x73, 0x6f, 0x75, 0x72, 0x63, 0x65, 0x54, 0x79, 0x70, 0x65, 0x12, 0x47,
-	0x0a, 0x0b, 0x62, 0x61, 0x63, 0x6b, 0x75, 0x70, 0x5f, 0x69, 0x6e, 0x66, 0x6f, 0x18, 0x03, 0x20,
-	0x01, 0x28, 0x0b, 0x32, 0x24, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x62, 0x69, 0x67,
-	0x74, 0x61, 0x62, 0x6c, 0x65, 0x2e, 0x61, 0x64, 0x6d, 0x69, 0x6e, 0x2e, 0x76, 0x32, 0x2e, 0x42,
-	0x61, 0x63, 0x6b, 0x75, 0x70, 0x49, 0x6e, 0x66, 0x6f, 0x48, 0x00, 0x52, 0x0a, 0x62, 0x61, 0x63,
-	0x6b, 0x75, 0x70, 0x49, 0x6e, 0x66, 0x6f, 0x12, 0x41, 0x0a, 0x1d, 0x6f, 0x70, 0x74, 0x69, 0x6d,
-	0x69, 0x7a, 0x65, 0x5f, 0x74, 0x61, 0x62, 0x6c, 0x65, 0x5f, 0x6f, 0x70, 0x65, 0x72, 0x61, 0x74,
-	0x69, 0x6f, 0x6e, 0x5f, 0x6e, 0x61, 0x6d, 0x65, 0x18, 0x04, 0x20, 0x01, 0x28, 0x09, 0x52, 0x1a,
-	0x6f, 0x70, 0x74, 0x69, 0x6d, 0x69, 0x7a, 0x65, 0x54, 0x61, 0x62, 0x6c, 0x65, 0x4f, 0x70, 0x65,
-	0x72, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x4e, 0x61, 0x6d, 0x65, 0x12, 0x47, 0x0a, 0x08, 0x70, 0x72,
-	0x6f, 0x67, 0x72, 0x65, 0x73, 0x73, 0x18, 0x05, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x2b, 0x2e, 0x67,
-	0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x62, 0x69, 0x67, 0x74, 0x61, 0x62, 0x6c, 0x65, 0x2e, 0x61,
-	0x64, 0x6d, 0x69, 0x6e, 0x2e, 0x76, 0x32, 0x2e, 0x4f, 0x70, 0x65, 0x72, 0x61, 0x74, 0x69, 0x6f,
-	0x6e, 0x50, 0x72, 0x6f, 0x67, 0x72, 0x65, 0x73, 0x73, 0x52, 0x08, 0x70, 0x72, 0x6f, 0x67, 0x72,
-	0x65, 0x73, 0x73, 0x42, 0x0d, 0x0a, 0x0b, 0x73, 0x6f, 0x75, 0x72, 0x63, 0x65, 0x5f, 0x69, 0x6e,
-	0x66, 0x6f, 0x22, 0x7c, 0x0a, 0x1d, 0x4f, 0x70, 0x74, 0x69, 0x6d, 0x69, 0x7a, 0x65, 0x52, 0x65,
-	0x73, 0x74, 0x6f, 0x72, 0x65, 0x64, 0x54, 0x61, 0x62, 0x6c, 0x65, 0x4d, 0x65, 0x74, 0x61, 0x64,
-	0x61, 0x74, 0x61, 0x12, 0x12, 0x0a, 0x04, 0x6e, 0x61, 0x6d, 0x65, 0x18, 0x01, 0x20, 0x01, 0x28,
-	0x09, 0x52, 0x04, 0x6e, 0x61, 0x6d, 0x65, 0x12, 0x47, 0x0a, 0x08, 0x70, 0x72, 0x6f, 0x67, 0x72,
-	0x65, 0x73, 0x73, 0x18, 0x02, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x2b, 0x2e, 0x67, 0x6f, 0x6f, 0x67,
-	0x6c, 0x65, 0x2e, 0x62, 0x69, 0x67, 0x74, 0x61, 0x62, 0x6c, 0x65, 0x2e, 0x61, 0x64, 0x6d, 0x69,
-	0x6e, 0x2e, 0x76, 0x32, 0x2e, 0x4f, 0x70, 0x65, 0x72, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x50, 0x72,
-	0x6f, 0x67, 0x72, 0x65, 0x73, 0x73, 0x52, 0x08, 0x70, 0x72, 0x6f, 0x67, 0x72, 0x65, 0x73, 0x73,
-	0x22, 0xa8, 0x02, 0x0a, 0x12, 0x43, 0x72, 0x65, 0x61, 0x74, 0x65, 0x54, 0x61, 0x62, 0x6c, 0x65,
-	0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x12, 0x40, 0x0a, 0x06, 0x70, 0x61, 0x72, 0x65, 0x6e,
-	0x74, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x42, 0x28, 0xe0, 0x41, 0x02, 0xfa, 0x41, 0x22, 0x0a,
-	0x20, 0x62, 0x69, 0x67, 0x74, 0x61, 0x62, 0x6c, 0x65, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65,
-	0x61, 0x70, 0x69, 0x73, 0x2e, 0x63, 0x6f, 0x6d, 0x2f, 0x49, 0x6e, 0x73, 0x74, 0x61, 0x6e, 0x63,
-	0x65, 0x52, 0x06, 0x70, 0x61, 0x72, 0x65, 0x6e, 0x74, 0x12, 0x1e, 0x0a, 0x08, 0x74, 0x61, 0x62,
-	0x6c, 0x65, 0x5f, 0x69, 0x64, 0x18, 0x02, 0x20, 0x01, 0x28, 0x09, 0x42, 0x03, 0xe0, 0x41, 0x02,
-	0x52, 0x07, 0x74, 0x61, 0x62, 0x6c, 0x65, 0x49, 0x64, 0x12, 0x3a, 0x0a, 0x05, 0x74, 0x61, 0x62,
-	0x6c, 0x65, 0x18, 0x03, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1f, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c,
-	0x65, 0x2e, 0x62, 0x69, 0x67, 0x74, 0x61, 0x62, 0x6c, 0x65, 0x2e, 0x61, 0x64, 0x6d, 0x69, 0x6e,
-	0x2e, 0x76, 0x32, 0x2e, 0x54, 0x61, 0x62, 0x6c, 0x65, 0x42, 0x03, 0xe0, 0x41, 0x02, 0x52, 0x05,
-	0x74, 0x61, 0x62, 0x6c, 0x65, 0x12, 0x59, 0x0a, 0x0e, 0x69, 0x6e, 0x69, 0x74, 0x69, 0x61, 0x6c,
-	0x5f, 0x73, 0x70, 0x6c, 0x69, 0x74, 0x73, 0x18, 0x04, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x32, 0x2e,
+	0x22, 0xca, 0x01, 0x0a, 0x13, 0x52, 0x65, 0x73, 0x74, 0x6f, 0x72, 0x65, 0x54, 0x61, 0x62, 0x6c,
+	0x65, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x12, 0x45, 0x0a, 0x06, 0x70, 0x61, 0x72, 0x65,
+	0x6e, 0x74, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x42, 0x2d, 0xe0, 0x41, 0x02, 0xfa, 0x41, 0x27,
+	0x0a, 0x25, 0x62, 0x69, 0x67, 0x74, 0x61, 0x62, 0x6c, 0x65, 0x61, 0x64, 0x6d, 0x69, 0x6e, 0x2e,
+	0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x61, 0x70, 0x69, 0x73, 0x2e, 0x63, 0x6f, 0x6d, 0x2f, 0x49,
+	0x6e, 0x73, 0x74, 0x61, 0x6e, 0x63, 0x65, 0x52, 0x06, 0x70, 0x61, 0x72, 0x65, 0x6e, 0x74, 0x12,
+	0x1e, 0x0a, 0x08, 0x74, 0x61, 0x62, 0x6c, 0x65, 0x5f, 0x69, 0x64, 0x18, 0x02, 0x20, 0x01, 0x28,
+	0x09, 0x42, 0x03, 0xe0, 0x41, 0x02, 0x52, 0x07, 0x74, 0x61, 0x62, 0x6c, 0x65, 0x49, 0x64, 0x12,
+	0x42, 0x0a, 0x06, 0x62, 0x61, 0x63, 0x6b, 0x75, 0x70, 0x18, 0x03, 0x20, 0x01, 0x28, 0x09, 0x42,
+	0x28, 0xfa, 0x41, 0x25, 0x0a, 0x23, 0x62, 0x69, 0x67, 0x74, 0x61, 0x62, 0x6c, 0x65, 0x61, 0x64,
+	0x6d, 0x69, 0x6e, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x61, 0x70, 0x69, 0x73, 0x2e, 0x63,
+	0x6f, 0x6d, 0x2f, 0x42, 0x61, 0x63, 0x6b, 0x75, 0x70, 0x48, 0x00, 0x52, 0x06, 0x62, 0x61, 0x63,
+	0x6b, 0x75, 0x70, 0x42, 0x08, 0x0a, 0x06, 0x73, 0x6f, 0x75, 0x72, 0x63, 0x65, 0x22, 0xdc, 0x02,
+	0x0a, 0x14, 0x52, 0x65, 0x73, 0x74, 0x6f, 0x72, 0x65, 0x54, 0x61, 0x62, 0x6c, 0x65, 0x4d, 0x65,
+	0x74, 0x61, 0x64, 0x61, 0x74, 0x61, 0x12, 0x12, 0x0a, 0x04, 0x6e, 0x61, 0x6d, 0x65, 0x18, 0x01,
+	0x20, 0x01, 0x28, 0x09, 0x52, 0x04, 0x6e, 0x61, 0x6d, 0x65, 0x12, 0x4c, 0x0a, 0x0b, 0x73, 0x6f,
+	0x75, 0x72, 0x63, 0x65, 0x5f, 0x74, 0x79, 0x70, 0x65, 0x18, 0x02, 0x20, 0x01, 0x28, 0x0e, 0x32,
+	0x2b, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x62, 0x69, 0x67, 0x74, 0x61, 0x62, 0x6c,
+	0x65, 0x2e, 0x61, 0x64, 0x6d, 0x69, 0x6e, 0x2e, 0x76, 0x32, 0x2e, 0x52, 0x65, 0x73, 0x74, 0x6f,
+	0x72, 0x65, 0x53, 0x6f, 0x75, 0x72, 0x63, 0x65, 0x54, 0x79, 0x70, 0x65, 0x52, 0x0a, 0x73, 0x6f,
+	0x75, 0x72, 0x63, 0x65, 0x54, 0x79, 0x70, 0x65, 0x12, 0x47, 0x0a, 0x0b, 0x62, 0x61, 0x63, 0x6b,
+	0x75, 0x70, 0x5f, 0x69, 0x6e, 0x66, 0x6f, 0x18, 0x03, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x24, 0x2e,
 	0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x62, 0x69, 0x67, 0x74, 0x61, 0x62, 0x6c, 0x65, 0x2e,
-	0x61, 0x64, 0x6d, 0x69, 0x6e, 0x2e, 0x76, 0x32, 0x2e, 0x43, 0x72, 0x65, 0x61, 0x74, 0x65, 0x54,
-	0x61, 0x62, 0x6c, 0x65, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x2e, 0x53, 0x70, 0x6c, 0x69,
-	0x74, 0x52, 0x0d, 0x69, 0x6e, 0x69, 0x74, 0x69, 0x61, 0x6c, 0x53, 0x70, 0x6c, 0x69, 0x74, 0x73,
-	0x1a, 0x19, 0x0a, 0x05, 0x53, 0x70, 0x6c, 0x69, 0x74, 0x12, 0x10, 0x0a, 0x03, 0x6b, 0x65, 0x79,
-	0x18, 0x01, 0x20, 0x01, 0x28, 0x0c, 0x52, 0x03, 0x6b, 0x65, 0x79, 0x22, 0xd5, 0x01, 0x0a, 0x1e,
-	0x43, 0x72, 0x65, 0x61, 0x74, 0x65, 0x54, 0x61, 0x62, 0x6c, 0x65, 0x46, 0x72, 0x6f, 0x6d, 0x53,
-	0x6e, 0x61, 0x70, 0x73, 0x68, 0x6f, 0x74, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x12, 0x40,
-	0x0a, 0x06, 0x70, 0x61, 0x72, 0x65, 0x6e, 0x74, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x42, 0x28,
-	0xe0, 0x41, 0x02, 0xfa, 0x41, 0x22, 0x0a, 0x20, 0x62, 0x69, 0x67, 0x74, 0x61, 0x62, 0x6c, 0x65,
-	0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x61, 0x70, 0x69, 0x73, 0x2e, 0x63, 0x6f, 0x6d, 0x2f,
-	0x49, 0x6e, 0x73, 0x74, 0x61, 0x6e, 0x63, 0x65, 0x52, 0x06, 0x70, 0x61, 0x72, 0x65, 0x6e, 0x74,
-	0x12, 0x1e, 0x0a, 0x08, 0x74, 0x61, 0x62, 0x6c, 0x65, 0x5f, 0x69, 0x64, 0x18, 0x02, 0x20, 0x01,
-	0x28, 0x09, 0x42, 0x03, 0xe0, 0x41, 0x02, 0x52, 0x07, 0x74, 0x61, 0x62, 0x6c, 0x65, 0x49, 0x64,
-	0x12, 0x51, 0x0a, 0x0f, 0x73, 0x6f, 0x75, 0x72, 0x63, 0x65, 0x5f, 0x73, 0x6e, 0x61, 0x70, 0x73,
-	0x68, 0x6f, 0x74, 0x18, 0x03, 0x20, 0x01, 0x28, 0x09, 0x42, 0x28, 0xe0, 0x41, 0x02, 0xfa, 0x41,
-	0x22, 0x0a, 0x20, 0x62, 0x69, 0x67, 0x74, 0x61, 0x62, 0x6c, 0x65, 0x2e, 0x67, 0x6f, 0x6f, 0x67,
-	0x6c, 0x65, 0x61, 0x70, 0x69, 0x73, 0x2e, 0x63, 0x6f, 0x6d, 0x2f, 0x53, 0x6e, 0x61, 0x70, 0x73,
-	0x68, 0x6f, 0x74, 0x52, 0x0e, 0x73, 0x6f, 0x75, 0x72, 0x63, 0x65, 0x53, 0x6e, 0x61, 0x70, 0x73,
-	0x68, 0x6f, 0x74, 0x22, 0xc0, 0x01, 0x0a, 0x13, 0x44, 0x72, 0x6f, 0x70, 0x52, 0x6f, 0x77, 0x52,
-	0x61, 0x6e, 0x67, 0x65, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x12, 0x39, 0x0a, 0x04, 0x6e,
-	0x61, 0x6d, 0x65, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x42, 0x25, 0xe0, 0x41, 0x02, 0xfa, 0x41,
-	0x1f, 0x0a, 0x1d, 0x62, 0x69, 0x67, 0x74, 0x61, 0x62, 0x6c, 0x65, 0x2e, 0x67, 0x6f, 0x6f, 0x67,
-	0x6c, 0x65, 0x61, 0x70, 0x69, 0x73, 0x2e, 0x63, 0x6f, 0x6d, 0x2f, 0x54, 0x61, 0x62, 0x6c, 0x65,
-	0x52, 0x04, 0x6e, 0x61, 0x6d, 0x65, 0x12, 0x26, 0x0a, 0x0e, 0x72, 0x6f, 0x77, 0x5f, 0x6b, 0x65,
-	0x79, 0x5f, 0x70, 0x72, 0x65, 0x66, 0x69, 0x78, 0x18, 0x02, 0x20, 0x01, 0x28, 0x0c, 0x48, 0x00,
-	0x52, 0x0c, 0x72, 0x6f, 0x77, 0x4b, 0x65, 0x79, 0x50, 0x72, 0x65, 0x66, 0x69, 0x78, 0x12, 0x3c,
-	0x0a, 0x1a, 0x64, 0x65, 0x6c, 0x65, 0x74, 0x65, 0x5f, 0x61, 0x6c, 0x6c, 0x5f, 0x64, 0x61, 0x74,
-	0x61, 0x5f, 0x66, 0x72, 0x6f, 0x6d, 0x5f, 0x74, 0x61, 0x62, 0x6c, 0x65, 0x18, 0x03, 0x20, 0x01,
-	0x28, 0x08, 0x48, 0x00, 0x52, 0x16, 0x64, 0x65, 0x6c, 0x65, 0x74, 0x65, 0x41, 0x6c, 0x6c, 0x44,
-	0x61, 0x74, 0x61, 0x46, 0x72, 0x6f, 0x6d, 0x54, 0x61, 0x62, 0x6c, 0x65, 0x42, 0x08, 0x0a, 0x06,
-	0x74, 0x61, 0x72, 0x67, 0x65, 0x74, 0x22, 0xcb, 0x01, 0x0a, 0x11, 0x4c, 0x69, 0x73, 0x74, 0x54,
-	0x61, 0x62, 0x6c, 0x65, 0x73, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x12, 0x40, 0x0a, 0x06,
-	0x70, 0x61, 0x72, 0x65, 0x6e, 0x74, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x42, 0x28, 0xe0, 0x41,
-	0x02, 0xfa, 0x41, 0x22, 0x0a, 0x20, 0x62, 0x69, 0x67, 0x74, 0x61, 0x62, 0x6c, 0x65, 0x2e, 0x67,
-	0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x61, 0x70, 0x69, 0x73, 0x2e, 0x63, 0x6f, 0x6d, 0x2f, 0x49, 0x6e,
-	0x73, 0x74, 0x61, 0x6e, 0x63, 0x65, 0x52, 0x06, 0x70, 0x61, 0x72, 0x65, 0x6e, 0x74, 0x12, 0x38,
-	0x0a, 0x04, 0x76, 0x69, 0x65, 0x77, 0x18, 0x02, 0x20, 0x01, 0x28, 0x0e, 0x32, 0x24, 0x2e, 0x67,
-	0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x62, 0x69, 0x67, 0x74, 0x61, 0x62, 0x6c, 0x65, 0x2e, 0x61,
-	0x64, 0x6d, 0x69, 0x6e, 0x2e, 0x76, 0x32, 0x2e, 0x54, 0x61, 0x62, 0x6c, 0x65, 0x2e, 0x56, 0x69,
-	0x65, 0x77, 0x52, 0x04, 0x76, 0x69, 0x65, 0x77, 0x12, 0x1b, 0x0a, 0x09, 0x70, 0x61, 0x67, 0x65,
-	0x5f, 0x73, 0x69, 0x7a, 0x65, 0x18, 0x04, 0x20, 0x01, 0x28, 0x05, 0x52, 0x08, 0x70, 0x61, 0x67,
-	0x65, 0x53, 0x69, 0x7a, 0x65, 0x12, 0x1d, 0x0a, 0x0a, 0x70, 0x61, 0x67, 0x65, 0x5f, 0x74, 0x6f,
-	0x6b, 0x65, 0x6e, 0x18, 0x03, 0x20, 0x01, 0x28, 0x09, 0x52, 0x09, 0x70, 0x61, 0x67, 0x65, 0x54,
-	0x6f, 0x6b, 0x65, 0x6e, 0x22, 0x75, 0x0a, 0x12, 0x4c, 0x69, 0x73, 0x74, 0x54, 0x61, 0x62, 0x6c,
-	0x65, 0x73, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x12, 0x37, 0x0a, 0x06, 0x74, 0x61,
-	0x62, 0x6c, 0x65, 0x73, 0x18, 0x01, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x1f, 0x2e, 0x67, 0x6f, 0x6f,
-	0x67, 0x6c, 0x65, 0x2e, 0x62, 0x69, 0x67, 0x74, 0x61, 0x62, 0x6c, 0x65, 0x2e, 0x61, 0x64, 0x6d,
-	0x69, 0x6e, 0x2e, 0x76, 0x32, 0x2e, 0x54, 0x61, 0x62, 0x6c, 0x65, 0x52, 0x06, 0x74, 0x61, 0x62,
-	0x6c, 0x65, 0x73, 0x12, 0x26, 0x0a, 0x0f, 0x6e, 0x65, 0x78, 0x74, 0x5f, 0x70, 0x61, 0x67, 0x65,
-	0x5f, 0x74, 0x6f, 0x6b, 0x65, 0x6e, 0x18, 0x02, 0x20, 0x01, 0x28, 0x09, 0x52, 0x0d, 0x6e, 0x65,
-	0x78, 0x74, 0x50, 0x61, 0x67, 0x65, 0x54, 0x6f, 0x6b, 0x65, 0x6e, 0x22, 0x86, 0x01, 0x0a, 0x0f,
-	0x47, 0x65, 0x74, 0x54, 0x61, 0x62, 0x6c, 0x65, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x12,
-	0x39, 0x0a, 0x04, 0x6e, 0x61, 0x6d, 0x65, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x42, 0x25, 0xe0,
-	0x41, 0x02, 0xfa, 0x41, 0x1f, 0x0a, 0x1d, 0x62, 0x69, 0x67, 0x74, 0x61, 0x62, 0x6c, 0x65, 0x2e,
-	0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x61, 0x70, 0x69, 0x73, 0x2e, 0x63, 0x6f, 0x6d, 0x2f, 0x54,
-	0x61, 0x62, 0x6c, 0x65, 0x52, 0x04, 0x6e, 0x61, 0x6d, 0x65, 0x12, 0x38, 0x0a, 0x04, 0x76, 0x69,
-	0x65, 0x77, 0x18, 0x02, 0x20, 0x01, 0x28, 0x0e, 0x32, 0x24, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c,
-	0x65, 0x2e, 0x62, 0x69, 0x67, 0x74, 0x61, 0x62, 0x6c, 0x65, 0x2e, 0x61, 0x64, 0x6d, 0x69, 0x6e,
-	0x2e, 0x76, 0x32, 0x2e, 0x54, 0x61, 0x62, 0x6c, 0x65, 0x2e, 0x56, 0x69, 0x65, 0x77, 0x52, 0x04,
-	0x76, 0x69, 0x65, 0x77, 0x22, 0x4f, 0x0a, 0x12, 0x44, 0x65, 0x6c, 0x65, 0x74, 0x65, 0x54, 0x61,
-	0x62, 0x6c, 0x65, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x12, 0x39, 0x0a, 0x04, 0x6e, 0x61,
-	0x6d, 0x65, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x42, 0x25, 0xe0, 0x41, 0x02, 0xfa, 0x41, 0x1f,
-	0x0a, 0x1d, 0x62, 0x69, 0x67, 0x74, 0x61, 0x62, 0x6c, 0x65, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c,
-	0x65, 0x61, 0x70, 0x69, 0x73, 0x2e, 0x63, 0x6f, 0x6d, 0x2f, 0x54, 0x61, 0x62, 0x6c, 0x65, 0x52,
-	0x04, 0x6e, 0x61, 0x6d, 0x65, 0x22, 0x89, 0x03, 0x0a, 0x1b, 0x4d, 0x6f, 0x64, 0x69, 0x66, 0x79,
-	0x43, 0x6f, 0x6c, 0x75, 0x6d, 0x6e, 0x46, 0x61, 0x6d, 0x69, 0x6c, 0x69, 0x65, 0x73, 0x52, 0x65,
-	0x71, 0x75, 0x65, 0x73, 0x74, 0x12, 0x39, 0x0a, 0x04, 0x6e, 0x61, 0x6d, 0x65, 0x18, 0x01, 0x20,
-	0x01, 0x28, 0x09, 0x42, 0x25, 0xe0, 0x41, 0x02, 0xfa, 0x41, 0x1f, 0x0a, 0x1d, 0x62, 0x69, 0x67,
-	0x74, 0x61, 0x62, 0x6c, 0x65, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x61, 0x70, 0x69, 0x73,
-	0x2e, 0x63, 0x6f, 0x6d, 0x2f, 0x54, 0x61, 0x62, 0x6c, 0x65, 0x52, 0x04, 0x6e, 0x61, 0x6d, 0x65,
-	0x12, 0x6d, 0x0a, 0x0d, 0x6d, 0x6f, 0x64, 0x69, 0x66, 0x69, 0x63, 0x61, 0x74, 0x69, 0x6f, 0x6e,
-	0x73, 0x18, 0x02, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x42, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65,
+	0x61, 0x64, 0x6d, 0x69, 0x6e, 0x2e, 0x76, 0x32, 0x2e, 0x42, 0x61, 0x63, 0x6b, 0x75, 0x70, 0x49,
+	0x6e, 0x66, 0x6f, 0x48, 0x00, 0x52, 0x0a, 0x62, 0x61, 0x63, 0x6b, 0x75, 0x70, 0x49, 0x6e, 0x66,
+	0x6f, 0x12, 0x41, 0x0a, 0x1d, 0x6f, 0x70, 0x74, 0x69, 0x6d, 0x69, 0x7a, 0x65, 0x5f, 0x74, 0x61,
+	0x62, 0x6c, 0x65, 0x5f, 0x6f, 0x70, 0x65, 0x72, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x5f, 0x6e, 0x61,
+	0x6d, 0x65, 0x18, 0x04, 0x20, 0x01, 0x28, 0x09, 0x52, 0x1a, 0x6f, 0x70, 0x74, 0x69, 0x6d, 0x69,
+	0x7a, 0x65, 0x54, 0x61, 0x62, 0x6c, 0x65, 0x4f, 0x70, 0x65, 0x72, 0x61, 0x74, 0x69, 0x6f, 0x6e,
+	0x4e, 0x61, 0x6d, 0x65, 0x12, 0x47, 0x0a, 0x08, 0x70, 0x72, 0x6f, 0x67, 0x72, 0x65, 0x73, 0x73,
+	0x18, 0x05, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x2b, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e,
+	0x62, 0x69, 0x67, 0x74, 0x61, 0x62, 0x6c, 0x65, 0x2e, 0x61, 0x64, 0x6d, 0x69, 0x6e, 0x2e, 0x76,
+	0x32, 0x2e, 0x4f, 0x70, 0x65, 0x72, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x50, 0x72, 0x6f, 0x67, 0x72,
+	0x65, 0x73, 0x73, 0x52, 0x08, 0x70, 0x72, 0x6f, 0x67, 0x72, 0x65, 0x73, 0x73, 0x42, 0x0d, 0x0a,
+	0x0b, 0x73, 0x6f, 0x75, 0x72, 0x63, 0x65, 0x5f, 0x69, 0x6e, 0x66, 0x6f, 0x22, 0x7c, 0x0a, 0x1d,
+	0x4f, 0x70, 0x74, 0x69, 0x6d, 0x69, 0x7a, 0x65, 0x52, 0x65, 0x73, 0x74, 0x6f, 0x72, 0x65, 0x64,
+	0x54, 0x61, 0x62, 0x6c, 0x65, 0x4d, 0x65, 0x74, 0x61, 0x64, 0x61, 0x74, 0x61, 0x12, 0x12, 0x0a,
+	0x04, 0x6e, 0x61, 0x6d, 0x65, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x04, 0x6e, 0x61, 0x6d,
+	0x65, 0x12, 0x47, 0x0a, 0x08, 0x70, 0x72, 0x6f, 0x67, 0x72, 0x65, 0x73, 0x73, 0x18, 0x02, 0x20,
+	0x01, 0x28, 0x0b, 0x32, 0x2b, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x62, 0x69, 0x67,
+	0x74, 0x61, 0x62, 0x6c, 0x65, 0x2e, 0x61, 0x64, 0x6d, 0x69, 0x6e, 0x2e, 0x76, 0x32, 0x2e, 0x4f,
+	0x70, 0x65, 0x72, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x50, 0x72, 0x6f, 0x67, 0x72, 0x65, 0x73, 0x73,
+	0x52, 0x08, 0x70, 0x72, 0x6f, 0x67, 0x72, 0x65, 0x73, 0x73, 0x22, 0xad, 0x02, 0x0a, 0x12, 0x43,
+	0x72, 0x65, 0x61, 0x74, 0x65, 0x54, 0x61, 0x62, 0x6c, 0x65, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73,
+	0x74, 0x12, 0x45, 0x0a, 0x06, 0x70, 0x61, 0x72, 0x65, 0x6e, 0x74, 0x18, 0x01, 0x20, 0x01, 0x28,
+	0x09, 0x42, 0x2d, 0xe0, 0x41, 0x02, 0xfa, 0x41, 0x27, 0x0a, 0x25, 0x62, 0x69, 0x67, 0x74, 0x61,
+	0x62, 0x6c, 0x65, 0x61, 0x64, 0x6d, 0x69, 0x6e, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x61,
+	0x70, 0x69, 0x73, 0x2e, 0x63, 0x6f, 0x6d, 0x2f, 0x49, 0x6e, 0x73, 0x74, 0x61, 0x6e, 0x63, 0x65,
+	0x52, 0x06, 0x70, 0x61, 0x72, 0x65, 0x6e, 0x74, 0x12, 0x1e, 0x0a, 0x08, 0x74, 0x61, 0x62, 0x6c,
+	0x65, 0x5f, 0x69, 0x64, 0x18, 0x02, 0x20, 0x01, 0x28, 0x09, 0x42, 0x03, 0xe0, 0x41, 0x02, 0x52,
+	0x07, 0x74, 0x61, 0x62, 0x6c, 0x65, 0x49, 0x64, 0x12, 0x3a, 0x0a, 0x05, 0x74, 0x61, 0x62, 0x6c,
+	0x65, 0x18, 0x03, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1f, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65,
 	0x2e, 0x62, 0x69, 0x67, 0x74, 0x61, 0x62, 0x6c, 0x65, 0x2e, 0x61, 0x64, 0x6d, 0x69, 0x6e, 0x2e,
-	0x76, 0x32, 0x2e, 0x4d, 0x6f, 0x64, 0x69, 0x66, 0x79, 0x43, 0x6f, 0x6c, 0x75, 0x6d, 0x6e, 0x46,
-	0x61, 0x6d, 0x69, 0x6c, 0x69, 0x65, 0x73, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x2e, 0x4d,
-	0x6f, 0x64, 0x69, 0x66, 0x69, 0x63, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x42, 0x03, 0xe0, 0x41, 0x02,
-	0x52, 0x0d, 0x6d, 0x6f, 0x64, 0x69, 0x66, 0x69, 0x63, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x1a,
-	0xbf, 0x01, 0x0a, 0x0c, 0x4d, 0x6f, 0x64, 0x69, 0x66, 0x69, 0x63, 0x61, 0x74, 0x69, 0x6f, 0x6e,
-	0x12, 0x0e, 0x0a, 0x02, 0x69, 0x64, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x02, 0x69, 0x64,
-	0x12, 0x40, 0x0a, 0x06, 0x63, 0x72, 0x65, 0x61, 0x74, 0x65, 0x18, 0x02, 0x20, 0x01, 0x28, 0x0b,
-	0x32, 0x26, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x62, 0x69, 0x67, 0x74, 0x61, 0x62,
-	0x6c, 0x65, 0x2e, 0x61, 0x64, 0x6d, 0x69, 0x6e, 0x2e, 0x76, 0x32, 0x2e, 0x43, 0x6f, 0x6c, 0x75,
-	0x6d, 0x6e, 0x46, 0x61, 0x6d, 0x69, 0x6c, 0x79, 0x48, 0x00, 0x52, 0x06, 0x63, 0x72, 0x65, 0x61,
-	0x74, 0x65, 0x12, 0x40, 0x0a, 0x06, 0x75, 0x70, 0x64, 0x61, 0x74, 0x65, 0x18, 0x03, 0x20, 0x01,
+	0x76, 0x32, 0x2e, 0x54, 0x61, 0x62, 0x6c, 0x65, 0x42, 0x03, 0xe0, 0x41, 0x02, 0x52, 0x05, 0x74,
+	0x61, 0x62, 0x6c, 0x65, 0x12, 0x59, 0x0a, 0x0e, 0x69, 0x6e, 0x69, 0x74, 0x69, 0x61, 0x6c, 0x5f,
+	0x73, 0x70, 0x6c, 0x69, 0x74, 0x73, 0x18, 0x04, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x32, 0x2e, 0x67,
+	0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x62, 0x69, 0x67, 0x74, 0x61, 0x62, 0x6c, 0x65, 0x2e, 0x61,
+	0x64, 0x6d, 0x69, 0x6e, 0x2e, 0x76, 0x32, 0x2e, 0x43, 0x72, 0x65, 0x61, 0x74, 0x65, 0x54, 0x61,
+	0x62, 0x6c, 0x65, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x2e, 0x53, 0x70, 0x6c, 0x69, 0x74,
+	0x52, 0x0d, 0x69, 0x6e, 0x69, 0x74, 0x69, 0x61, 0x6c, 0x53, 0x70, 0x6c, 0x69, 0x74, 0x73, 0x1a,
+	0x19, 0x0a, 0x05, 0x53, 0x70, 0x6c, 0x69, 0x74, 0x12, 0x10, 0x0a, 0x03, 0x6b, 0x65, 0x79, 0x18,
+	0x01, 0x20, 0x01, 0x28, 0x0c, 0x52, 0x03, 0x6b, 0x65, 0x79, 0x22, 0xdf, 0x01, 0x0a, 0x1e, 0x43,
+	0x72, 0x65, 0x61, 0x74, 0x65, 0x54, 0x61, 0x62, 0x6c, 0x65, 0x46, 0x72, 0x6f, 0x6d, 0x53, 0x6e,
+	0x61, 0x70, 0x73, 0x68, 0x6f, 0x74, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x12, 0x45, 0x0a,
+	0x06, 0x70, 0x61, 0x72, 0x65, 0x6e, 0x74, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x42, 0x2d, 0xe0,
+	0x41, 0x02, 0xfa, 0x41, 0x27, 0x0a, 0x25, 0x62, 0x69, 0x67, 0x74, 0x61, 0x62, 0x6c, 0x65, 0x61,
+	0x64, 0x6d, 0x69, 0x6e, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x61, 0x70, 0x69, 0x73, 0x2e,
+	0x63, 0x6f, 0x6d, 0x2f, 0x49, 0x6e, 0x73, 0x74, 0x61, 0x6e, 0x63, 0x65, 0x52, 0x06, 0x70, 0x61,
+	0x72, 0x65, 0x6e, 0x74, 0x12, 0x1e, 0x0a, 0x08, 0x74, 0x61, 0x62, 0x6c, 0x65, 0x5f, 0x69, 0x64,
+	0x18, 0x02, 0x20, 0x01, 0x28, 0x09, 0x42, 0x03, 0xe0, 0x41, 0x02, 0x52, 0x07, 0x74, 0x61, 0x62,
+	0x6c, 0x65, 0x49, 0x64, 0x12, 0x56, 0x0a, 0x0f, 0x73, 0x6f, 0x75, 0x72, 0x63, 0x65, 0x5f, 0x73,
+	0x6e, 0x61, 0x70, 0x73, 0x68, 0x6f, 0x74, 0x18, 0x03, 0x20, 0x01, 0x28, 0x09, 0x42, 0x2d, 0xe0,
+	0x41, 0x02, 0xfa, 0x41, 0x27, 0x0a, 0x25, 0x62, 0x69, 0x67, 0x74, 0x61, 0x62, 0x6c, 0x65, 0x61,
+	0x64, 0x6d, 0x69, 0x6e, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x61, 0x70, 0x69, 0x73, 0x2e,
+	0x63, 0x6f, 0x6d, 0x2f, 0x53, 0x6e, 0x61, 0x70, 0x73, 0x68, 0x6f, 0x74, 0x52, 0x0e, 0x73, 0x6f,
+	0x75, 0x72, 0x63, 0x65, 0x53, 0x6e, 0x61, 0x70, 0x73, 0x68, 0x6f, 0x74, 0x22, 0xc5, 0x01, 0x0a,
+	0x13, 0x44, 0x72, 0x6f, 0x70, 0x52, 0x6f, 0x77, 0x52, 0x61, 0x6e, 0x67, 0x65, 0x52, 0x65, 0x71,
+	0x75, 0x65, 0x73, 0x74, 0x12, 0x3e, 0x0a, 0x04, 0x6e, 0x61, 0x6d, 0x65, 0x18, 0x01, 0x20, 0x01,
+	0x28, 0x09, 0x42, 0x2a, 0xe0, 0x41, 0x02, 0xfa, 0x41, 0x24, 0x0a, 0x22, 0x62, 0x69, 0x67, 0x74,
+	0x61, 0x62, 0x6c, 0x65, 0x61, 0x64, 0x6d, 0x69, 0x6e, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65,
+	0x61, 0x70, 0x69, 0x73, 0x2e, 0x63, 0x6f, 0x6d, 0x2f, 0x54, 0x61, 0x62, 0x6c, 0x65, 0x52, 0x04,
+	0x6e, 0x61, 0x6d, 0x65, 0x12, 0x26, 0x0a, 0x0e, 0x72, 0x6f, 0x77, 0x5f, 0x6b, 0x65, 0x79, 0x5f,
+	0x70, 0x72, 0x65, 0x66, 0x69, 0x78, 0x18, 0x02, 0x20, 0x01, 0x28, 0x0c, 0x48, 0x00, 0x52, 0x0c,
+	0x72, 0x6f, 0x77, 0x4b, 0x65, 0x79, 0x50, 0x72, 0x65, 0x66, 0x69, 0x78, 0x12, 0x3c, 0x0a, 0x1a,
+	0x64, 0x65, 0x6c, 0x65, 0x74, 0x65, 0x5f, 0x61, 0x6c, 0x6c, 0x5f, 0x64, 0x61, 0x74, 0x61, 0x5f,
+	0x66, 0x72, 0x6f, 0x6d, 0x5f, 0x74, 0x61, 0x62, 0x6c, 0x65, 0x18, 0x03, 0x20, 0x01, 0x28, 0x08,
+	0x48, 0x00, 0x52, 0x16, 0x64, 0x65, 0x6c, 0x65, 0x74, 0x65, 0x41, 0x6c, 0x6c, 0x44, 0x61, 0x74,
+	0x61, 0x46, 0x72, 0x6f, 0x6d, 0x54, 0x61, 0x62, 0x6c, 0x65, 0x42, 0x08, 0x0a, 0x06, 0x74, 0x61,
+	0x72, 0x67, 0x65, 0x74, 0x22, 0xd0, 0x01, 0x0a, 0x11, 0x4c, 0x69, 0x73, 0x74, 0x54, 0x61, 0x62,
+	0x6c, 0x65, 0x73, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x12, 0x45, 0x0a, 0x06, 0x70, 0x61,
+	0x72, 0x65, 0x6e, 0x74, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x42, 0x2d, 0xe0, 0x41, 0x02, 0xfa,
+	0x41, 0x27, 0x0a, 0x25, 0x62, 0x69, 0x67, 0x74, 0x61, 0x62, 0x6c, 0x65, 0x61, 0x64, 0x6d, 0x69,
+	0x6e, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x61, 0x70, 0x69, 0x73, 0x2e, 0x63, 0x6f, 0x6d,
+	0x2f, 0x49, 0x6e, 0x73, 0x74, 0x61, 0x6e, 0x63, 0x65, 0x52, 0x06, 0x70, 0x61, 0x72, 0x65, 0x6e,
+	0x74, 0x12, 0x38, 0x0a, 0x04, 0x76, 0x69, 0x65, 0x77, 0x18, 0x02, 0x20, 0x01, 0x28, 0x0e, 0x32,
+	0x24, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x62, 0x69, 0x67, 0x74, 0x61, 0x62, 0x6c,
+	0x65, 0x2e, 0x61, 0x64, 0x6d, 0x69, 0x6e, 0x2e, 0x76, 0x32, 0x2e, 0x54, 0x61, 0x62, 0x6c, 0x65,
+	0x2e, 0x56, 0x69, 0x65, 0x77, 0x52, 0x04, 0x76, 0x69, 0x65, 0x77, 0x12, 0x1b, 0x0a, 0x09, 0x70,
+	0x61, 0x67, 0x65, 0x5f, 0x73, 0x69, 0x7a, 0x65, 0x18, 0x04, 0x20, 0x01, 0x28, 0x05, 0x52, 0x08,
+	0x70, 0x61, 0x67, 0x65, 0x53, 0x69, 0x7a, 0x65, 0x12, 0x1d, 0x0a, 0x0a, 0x70, 0x61, 0x67, 0x65,
+	0x5f, 0x74, 0x6f, 0x6b, 0x65, 0x6e, 0x18, 0x03, 0x20, 0x01, 0x28, 0x09, 0x52, 0x09, 0x70, 0x61,
+	0x67, 0x65, 0x54, 0x6f, 0x6b, 0x65, 0x6e, 0x22, 0x75, 0x0a, 0x12, 0x4c, 0x69, 0x73, 0x74, 0x54,
+	0x61, 0x62, 0x6c, 0x65, 0x73, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x12, 0x37, 0x0a,
+	0x06, 0x74, 0x61, 0x62, 0x6c, 0x65, 0x73, 0x18, 0x01, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x1f, 0x2e,
+	0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x62, 0x69, 0x67, 0x74, 0x61, 0x62, 0x6c, 0x65, 0x2e,
+	0x61, 0x64, 0x6d, 0x69, 0x6e, 0x2e, 0x76, 0x32, 0x2e, 0x54, 0x61, 0x62, 0x6c, 0x65, 0x52, 0x06,
+	0x74, 0x61, 0x62, 0x6c, 0x65, 0x73, 0x12, 0x26, 0x0a, 0x0f, 0x6e, 0x65, 0x78, 0x74, 0x5f, 0x70,
+	0x61, 0x67, 0x65, 0x5f, 0x74, 0x6f, 0x6b, 0x65, 0x6e, 0x18, 0x02, 0x20, 0x01, 0x28, 0x09, 0x52,
+	0x0d, 0x6e, 0x65, 0x78, 0x74, 0x50, 0x61, 0x67, 0x65, 0x54, 0x6f, 0x6b, 0x65, 0x6e, 0x22, 0x8b,
+	0x01, 0x0a, 0x0f, 0x47, 0x65, 0x74, 0x54, 0x61, 0x62, 0x6c, 0x65, 0x52, 0x65, 0x71, 0x75, 0x65,
+	0x73, 0x74, 0x12, 0x3e, 0x0a, 0x04, 0x6e, 0x61, 0x6d, 0x65, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09,
+	0x42, 0x2a, 0xe0, 0x41, 0x02, 0xfa, 0x41, 0x24, 0x0a, 0x22, 0x62, 0x69, 0x67, 0x74, 0x61, 0x62,
+	0x6c, 0x65, 0x61, 0x64, 0x6d, 0x69, 0x6e, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x61, 0x70,
+	0x69, 0x73, 0x2e, 0x63, 0x6f, 0x6d, 0x2f, 0x54, 0x61, 0x62, 0x6c, 0x65, 0x52, 0x04, 0x6e, 0x61,
+	0x6d, 0x65, 0x12, 0x38, 0x0a, 0x04, 0x76, 0x69, 0x65, 0x77, 0x18, 0x02, 0x20, 0x01, 0x28, 0x0e,
+	0x32, 0x24, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x62, 0x69, 0x67, 0x74, 0x61, 0x62,
+	0x6c, 0x65, 0x2e, 0x61, 0x64, 0x6d, 0x69, 0x6e, 0x2e, 0x76, 0x32, 0x2e, 0x54, 0x61, 0x62, 0x6c,
+	0x65, 0x2e, 0x56, 0x69, 0x65, 0x77, 0x52, 0x04, 0x76, 0x69, 0x65, 0x77, 0x22, 0x54, 0x0a, 0x12,
+	0x44, 0x65, 0x6c, 0x65, 0x74, 0x65, 0x54, 0x61, 0x62, 0x6c, 0x65, 0x52, 0x65, 0x71, 0x75, 0x65,
+	0x73, 0x74, 0x12, 0x3e, 0x0a, 0x04, 0x6e, 0x61, 0x6d, 0x65, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09,
+	0x42, 0x2a, 0xe0, 0x41, 0x02, 0xfa, 0x41, 0x24, 0x0a, 0x22, 0x62, 0x69, 0x67, 0x74, 0x61, 0x62,
+	0x6c, 0x65, 0x61, 0x64, 0x6d, 0x69, 0x6e, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x61, 0x70,
+	0x69, 0x73, 0x2e, 0x63, 0x6f, 0x6d, 0x2f, 0x54, 0x61, 0x62, 0x6c, 0x65, 0x52, 0x04, 0x6e, 0x61,
+	0x6d, 0x65, 0x22, 0x8e, 0x03, 0x0a, 0x1b, 0x4d, 0x6f, 0x64, 0x69, 0x66, 0x79, 0x43, 0x6f, 0x6c,
+	0x75, 0x6d, 0x6e, 0x46, 0x61, 0x6d, 0x69, 0x6c, 0x69, 0x65, 0x73, 0x52, 0x65, 0x71, 0x75, 0x65,
+	0x73, 0x74, 0x12, 0x3e, 0x0a, 0x04, 0x6e, 0x61, 0x6d, 0x65, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09,
+	0x42, 0x2a, 0xe0, 0x41, 0x02, 0xfa, 0x41, 0x24, 0x0a, 0x22, 0x62, 0x69, 0x67, 0x74, 0x61, 0x62,
+	0x6c, 0x65, 0x61, 0x64, 0x6d, 0x69, 0x6e, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x61, 0x70,
+	0x69, 0x73, 0x2e, 0x63, 0x6f, 0x6d, 0x2f, 0x54, 0x61, 0x62, 0x6c, 0x65, 0x52, 0x04, 0x6e, 0x61,
+	0x6d, 0x65, 0x12, 0x6d, 0x0a, 0x0d, 0x6d, 0x6f, 0x64, 0x69, 0x66, 0x69, 0x63, 0x61, 0x74, 0x69,
+	0x6f, 0x6e, 0x73, 0x18, 0x02, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x42, 0x2e, 0x67, 0x6f, 0x6f, 0x67,
+	0x6c, 0x65, 0x2e, 0x62, 0x69, 0x67, 0x74, 0x61, 0x62, 0x6c, 0x65, 0x2e, 0x61, 0x64, 0x6d, 0x69,
+	0x6e, 0x2e, 0x76, 0x32, 0x2e, 0x4d, 0x6f, 0x64, 0x69, 0x66, 0x79, 0x43, 0x6f, 0x6c, 0x75, 0x6d,
+	0x6e, 0x46, 0x61, 0x6d, 0x69, 0x6c, 0x69, 0x65, 0x73, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74,
+	0x2e, 0x4d, 0x6f, 0x64, 0x69, 0x66, 0x69, 0x63, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x42, 0x03, 0xe0,
+	0x41, 0x02, 0x52, 0x0d, 0x6d, 0x6f, 0x64, 0x69, 0x66, 0x69, 0x63, 0x61, 0x74, 0x69, 0x6f, 0x6e,
+	0x73, 0x1a, 0xbf, 0x01, 0x0a, 0x0c, 0x4d, 0x6f, 0x64, 0x69, 0x66, 0x69, 0x63, 0x61, 0x74, 0x69,
+	0x6f, 0x6e, 0x12, 0x0e, 0x0a, 0x02, 0x69, 0x64, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x02,
+	0x69, 0x64, 0x12, 0x40, 0x0a, 0x06, 0x63, 0x72, 0x65, 0x61, 0x74, 0x65, 0x18, 0x02, 0x20, 0x01,
 	0x28, 0x0b, 0x32, 0x26, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x62, 0x69, 0x67, 0x74,
 	0x61, 0x62, 0x6c, 0x65, 0x2e, 0x61, 0x64, 0x6d, 0x69, 0x6e, 0x2e, 0x76, 0x32, 0x2e, 0x43, 0x6f,
-	0x6c, 0x75, 0x6d, 0x6e, 0x46, 0x61, 0x6d, 0x69, 0x6c, 0x79, 0x48, 0x00, 0x52, 0x06, 0x75, 0x70,
-	0x64, 0x61, 0x74, 0x65, 0x12, 0x14, 0x0a, 0x04, 0x64, 0x72, 0x6f, 0x70, 0x18, 0x04, 0x20, 0x01,
-	0x28, 0x08, 0x48, 0x00, 0x52, 0x04, 0x64, 0x72, 0x6f, 0x70, 0x42, 0x05, 0x0a, 0x03, 0x6d, 0x6f,
-	0x64, 0x22, 0x5c, 0x0a, 0x1f, 0x47, 0x65, 0x6e, 0x65, 0x72, 0x61, 0x74, 0x65, 0x43, 0x6f, 0x6e,
-	0x73, 0x69, 0x73, 0x74, 0x65, 0x6e, 0x63, 0x79, 0x54, 0x6f, 0x6b, 0x65, 0x6e, 0x52, 0x65, 0x71,
-	0x75, 0x65, 0x73, 0x74, 0x12, 0x39, 0x0a, 0x04, 0x6e, 0x61, 0x6d, 0x65, 0x18, 0x01, 0x20, 0x01,
-	0x28, 0x09, 0x42, 0x25, 0xe0, 0x41, 0x02, 0xfa, 0x41, 0x1f, 0x0a, 0x1d, 0x62, 0x69, 0x67, 0x74,
-	0x61, 0x62, 0x6c, 0x65, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x61, 0x70, 0x69, 0x73, 0x2e,
-	0x63, 0x6f, 0x6d, 0x2f, 0x54, 0x61, 0x62, 0x6c, 0x65, 0x52, 0x04, 0x6e, 0x61, 0x6d, 0x65, 0x22,
-	0x4f, 0x0a, 0x20, 0x47, 0x65, 0x6e, 0x65, 0x72, 0x61, 0x74, 0x65, 0x43, 0x6f, 0x6e, 0x73, 0x69,
-	0x73, 0x74, 0x65, 0x6e, 0x63, 0x79, 0x54, 0x6f, 0x6b, 0x65, 0x6e, 0x52, 0x65, 0x73, 0x70, 0x6f,
-	0x6e, 0x73, 0x65, 0x12, 0x2b, 0x0a, 0x11, 0x63, 0x6f, 0x6e, 0x73, 0x69, 0x73, 0x74, 0x65, 0x6e,
-	0x63, 0x79, 0x5f, 0x74, 0x6f, 0x6b, 0x65, 0x6e, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x10,
-	0x63, 0x6f, 0x6e, 0x73, 0x69, 0x73, 0x74, 0x65, 0x6e, 0x63, 0x79, 0x54, 0x6f, 0x6b, 0x65, 0x6e,
-	0x22, 0x86, 0x01, 0x0a, 0x17, 0x43, 0x68, 0x65, 0x63, 0x6b, 0x43, 0x6f, 0x6e, 0x73, 0x69, 0x73,
-	0x74, 0x65, 0x6e, 0x63, 0x79, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x12, 0x39, 0x0a, 0x04,
-	0x6e, 0x61, 0x6d, 0x65, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x42, 0x25, 0xe0, 0x41, 0x02, 0xfa,
-	0x41, 0x1f, 0x0a, 0x1d, 0x62, 0x69, 0x67, 0x74, 0x61, 0x62, 0x6c, 0x65, 0x2e, 0x67, 0x6f, 0x6f,
-	0x67, 0x6c, 0x65, 0x61, 0x70, 0x69, 0x73, 0x2e, 0x63, 0x6f, 0x6d, 0x2f, 0x54, 0x61, 0x62, 0x6c,
-	0x65, 0x52, 0x04, 0x6e, 0x61, 0x6d, 0x65, 0x12, 0x30, 0x0a, 0x11, 0x63, 0x6f, 0x6e, 0x73, 0x69,
-	0x73, 0x74, 0x65, 0x6e, 0x63, 0x79, 0x5f, 0x74, 0x6f, 0x6b, 0x65, 0x6e, 0x18, 0x02, 0x20, 0x01,
-	0x28, 0x09, 0x42, 0x03, 0xe0, 0x41, 0x02, 0x52, 0x10, 0x63, 0x6f, 0x6e, 0x73, 0x69, 0x73, 0x74,
-	0x65, 0x6e, 0x63, 0x79, 0x54, 0x6f, 0x6b, 0x65, 0x6e, 0x22, 0x3a, 0x0a, 0x18, 0x43, 0x68, 0x65,
-	0x63, 0x6b, 0x43, 0x6f, 0x6e, 0x73, 0x69, 0x73, 0x74, 0x65, 0x6e, 0x63, 0x79, 0x52, 0x65, 0x73,
-	0x70, 0x6f, 0x6e, 0x73, 0x65, 0x12, 0x1e, 0x0a, 0x0a, 0x63, 0x6f, 0x6e, 0x73, 0x69, 0x73, 0x74,
-	0x65, 0x6e, 0x74, 0x18, 0x01, 0x20, 0x01, 0x28, 0x08, 0x52, 0x0a, 0x63, 0x6f, 0x6e, 0x73, 0x69,
-	0x73, 0x74, 0x65, 0x6e, 0x74, 0x22, 0x89, 0x02, 0x0a, 0x14, 0x53, 0x6e, 0x61, 0x70, 0x73, 0x68,
-	0x6f, 0x74, 0x54, 0x61, 0x62, 0x6c, 0x65, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x12, 0x39,
-	0x0a, 0x04, 0x6e, 0x61, 0x6d, 0x65, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x42, 0x25, 0xe0, 0x41,
-	0x02, 0xfa, 0x41, 0x1f, 0x0a, 0x1d, 0x62, 0x69, 0x67, 0x74, 0x61, 0x62, 0x6c, 0x65, 0x2e, 0x67,
-	0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x61, 0x70, 0x69, 0x73, 0x2e, 0x63, 0x6f, 0x6d, 0x2f, 0x54, 0x61,
-	0x62, 0x6c, 0x65, 0x52, 0x04, 0x6e, 0x61, 0x6d, 0x65, 0x12, 0x41, 0x0a, 0x07, 0x63, 0x6c, 0x75,
-	0x73, 0x74, 0x65, 0x72, 0x18, 0x02, 0x20, 0x01, 0x28, 0x09, 0x42, 0x27, 0xe0, 0x41, 0x02, 0xfa,
-	0x41, 0x21, 0x0a, 0x1f, 0x62, 0x69, 0x67, 0x74, 0x61, 0x62, 0x6c, 0x65, 0x2e, 0x67, 0x6f, 0x6f,
-	0x67, 0x6c, 0x65, 0x61, 0x70, 0x69, 0x73, 0x2e, 0x63, 0x6f, 0x6d, 0x2f, 0x43, 0x6c, 0x75, 0x73,
-	0x74, 0x65, 0x72, 0x52, 0x07, 0x63, 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0x12, 0x24, 0x0a, 0x0b,
-	0x73, 0x6e, 0x61, 0x70, 0x73, 0x68, 0x6f, 0x74, 0x5f, 0x69, 0x64, 0x18, 0x03, 0x20, 0x01, 0x28,
-	0x09, 0x42, 0x03, 0xe0, 0x41, 0x02, 0x52, 0x0a, 0x73, 0x6e, 0x61, 0x70, 0x73, 0x68, 0x6f, 0x74,
-	0x49, 0x64, 0x12, 0x2b, 0x0a, 0x03, 0x74, 0x74, 0x6c, 0x18, 0x04, 0x20, 0x01, 0x28, 0x0b, 0x32,
-	0x19, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75,
-	0x66, 0x2e, 0x44, 0x75, 0x72, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x52, 0x03, 0x74, 0x74, 0x6c, 0x12,
-	0x20, 0x0a, 0x0b, 0x64, 0x65, 0x73, 0x63, 0x72, 0x69, 0x70, 0x74, 0x69, 0x6f, 0x6e, 0x18, 0x05,
-	0x20, 0x01, 0x28, 0x09, 0x52, 0x0b, 0x64, 0x65, 0x73, 0x63, 0x72, 0x69, 0x70, 0x74, 0x69, 0x6f,
-	0x6e, 0x22, 0x52, 0x0a, 0x12, 0x47, 0x65, 0x74, 0x53, 0x6e, 0x61, 0x70, 0x73, 0x68, 0x6f, 0x74,
-	0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x12, 0x3c, 0x0a, 0x04, 0x6e, 0x61, 0x6d, 0x65, 0x18,
-	0x01, 0x20, 0x01, 0x28, 0x09, 0x42, 0x28, 0xe0, 0x41, 0x02, 0xfa, 0x41, 0x22, 0x0a, 0x20, 0x62,
-	0x69, 0x67, 0x74, 0x61, 0x62, 0x6c, 0x65, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x61, 0x70,
-	0x69, 0x73, 0x2e, 0x63, 0x6f, 0x6d, 0x2f, 0x53, 0x6e, 0x61, 0x70, 0x73, 0x68, 0x6f, 0x74, 0x52,
-	0x04, 0x6e, 0x61, 0x6d, 0x65, 0x22, 0x93, 0x01, 0x0a, 0x14, 0x4c, 0x69, 0x73, 0x74, 0x53, 0x6e,
-	0x61, 0x70, 0x73, 0x68, 0x6f, 0x74, 0x73, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x12, 0x3f,
-	0x0a, 0x06, 0x70, 0x61, 0x72, 0x65, 0x6e, 0x74, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x42, 0x27,
-	0xe0, 0x41, 0x02, 0xfa, 0x41, 0x21, 0x0a, 0x1f, 0x62, 0x69, 0x67, 0x74, 0x61, 0x62, 0x6c, 0x65,
+	0x6c, 0x75, 0x6d, 0x6e, 0x46, 0x61, 0x6d, 0x69, 0x6c, 0x79, 0x48, 0x00, 0x52, 0x06, 0x63, 0x72,
+	0x65, 0x61, 0x74, 0x65, 0x12, 0x40, 0x0a, 0x06, 0x75, 0x70, 0x64, 0x61, 0x74, 0x65, 0x18, 0x03,
+	0x20, 0x01, 0x28, 0x0b, 0x32, 0x26, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x62, 0x69,
+	0x67, 0x74, 0x61, 0x62, 0x6c, 0x65, 0x2e, 0x61, 0x64, 0x6d, 0x69, 0x6e, 0x2e, 0x76, 0x32, 0x2e,
+	0x43, 0x6f, 0x6c, 0x75, 0x6d, 0x6e, 0x46, 0x61, 0x6d, 0x69, 0x6c, 0x79, 0x48, 0x00, 0x52, 0x06,
+	0x75, 0x70, 0x64, 0x61, 0x74, 0x65, 0x12, 0x14, 0x0a, 0x04, 0x64, 0x72, 0x6f, 0x70, 0x18, 0x04,
+	0x20, 0x01, 0x28, 0x08, 0x48, 0x00, 0x52, 0x04, 0x64, 0x72, 0x6f, 0x70, 0x42, 0x05, 0x0a, 0x03,
+	0x6d, 0x6f, 0x64, 0x22, 0x61, 0x0a, 0x1f, 0x47, 0x65, 0x6e, 0x65, 0x72, 0x61, 0x74, 0x65, 0x43,
+	0x6f, 0x6e, 0x73, 0x69, 0x73, 0x74, 0x65, 0x6e, 0x63, 0x79, 0x54, 0x6f, 0x6b, 0x65, 0x6e, 0x52,
+	0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x12, 0x3e, 0x0a, 0x04, 0x6e, 0x61, 0x6d, 0x65, 0x18, 0x01,
+	0x20, 0x01, 0x28, 0x09, 0x42, 0x2a, 0xe0, 0x41, 0x02, 0xfa, 0x41, 0x24, 0x0a, 0x22, 0x62, 0x69,
+	0x67, 0x74, 0x61, 0x62, 0x6c, 0x65, 0x61, 0x64, 0x6d, 0x69, 0x6e, 0x2e, 0x67, 0x6f, 0x6f, 0x67,
+	0x6c, 0x65, 0x61, 0x70, 0x69, 0x73, 0x2e, 0x63, 0x6f, 0x6d, 0x2f, 0x54, 0x61, 0x62, 0x6c, 0x65,
+	0x52, 0x04, 0x6e, 0x61, 0x6d, 0x65, 0x22, 0x4f, 0x0a, 0x20, 0x47, 0x65, 0x6e, 0x65, 0x72, 0x61,
+	0x74, 0x65, 0x43, 0x6f, 0x6e, 0x73, 0x69, 0x73, 0x74, 0x65, 0x6e, 0x63, 0x79, 0x54, 0x6f, 0x6b,
+	0x65, 0x6e, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x12, 0x2b, 0x0a, 0x11, 0x63, 0x6f,
+	0x6e, 0x73, 0x69, 0x73, 0x74, 0x65, 0x6e, 0x63, 0x79, 0x5f, 0x74, 0x6f, 0x6b, 0x65, 0x6e, 0x18,
+	0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x10, 0x63, 0x6f, 0x6e, 0x73, 0x69, 0x73, 0x74, 0x65, 0x6e,
+	0x63, 0x79, 0x54, 0x6f, 0x6b, 0x65, 0x6e, 0x22, 0x8b, 0x01, 0x0a, 0x17, 0x43, 0x68, 0x65, 0x63,
+	0x6b, 0x43, 0x6f, 0x6e, 0x73, 0x69, 0x73, 0x74, 0x65, 0x6e, 0x63, 0x79, 0x52, 0x65, 0x71, 0x75,
+	0x65, 0x73, 0x74, 0x12, 0x3e, 0x0a, 0x04, 0x6e, 0x61, 0x6d, 0x65, 0x18, 0x01, 0x20, 0x01, 0x28,
+	0x09, 0x42, 0x2a, 0xe0, 0x41, 0x02, 0xfa, 0x41, 0x24, 0x0a, 0x22, 0x62, 0x69, 0x67, 0x74, 0x61,
+	0x62, 0x6c, 0x65, 0x61, 0x64, 0x6d, 0x69, 0x6e, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x61,
+	0x70, 0x69, 0x73, 0x2e, 0x63, 0x6f, 0x6d, 0x2f, 0x54, 0x61, 0x62, 0x6c, 0x65, 0x52, 0x04, 0x6e,
+	0x61, 0x6d, 0x65, 0x12, 0x30, 0x0a, 0x11, 0x63, 0x6f, 0x6e, 0x73, 0x69, 0x73, 0x74, 0x65, 0x6e,
+	0x63, 0x79, 0x5f, 0x74, 0x6f, 0x6b, 0x65, 0x6e, 0x18, 0x02, 0x20, 0x01, 0x28, 0x09, 0x42, 0x03,
+	0xe0, 0x41, 0x02, 0x52, 0x10, 0x63, 0x6f, 0x6e, 0x73, 0x69, 0x73, 0x74, 0x65, 0x6e, 0x63, 0x79,
+	0x54, 0x6f, 0x6b, 0x65, 0x6e, 0x22, 0x3a, 0x0a, 0x18, 0x43, 0x68, 0x65, 0x63, 0x6b, 0x43, 0x6f,
+	0x6e, 0x73, 0x69, 0x73, 0x74, 0x65, 0x6e, 0x63, 0x79, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73,
+	0x65, 0x12, 0x1e, 0x0a, 0x0a, 0x63, 0x6f, 0x6e, 0x73, 0x69, 0x73, 0x74, 0x65, 0x6e, 0x74, 0x18,
+	0x01, 0x20, 0x01, 0x28, 0x08, 0x52, 0x0a, 0x63, 0x6f, 0x6e, 0x73, 0x69, 0x73, 0x74, 0x65, 0x6e,
+	0x74, 0x22, 0x93, 0x02, 0x0a, 0x14, 0x53, 0x6e, 0x61, 0x70, 0x73, 0x68, 0x6f, 0x74, 0x54, 0x61,
+	0x62, 0x6c, 0x65, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x12, 0x3e, 0x0a, 0x04, 0x6e, 0x61,
+	0x6d, 0x65, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x42, 0x2a, 0xe0, 0x41, 0x02, 0xfa, 0x41, 0x24,
+	0x0a, 0x22, 0x62, 0x69, 0x67, 0x74, 0x61, 0x62, 0x6c, 0x65, 0x61, 0x64, 0x6d, 0x69, 0x6e, 0x2e,
+	0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x61, 0x70, 0x69, 0x73, 0x2e, 0x63, 0x6f, 0x6d, 0x2f, 0x54,
+	0x61, 0x62, 0x6c, 0x65, 0x52, 0x04, 0x6e, 0x61, 0x6d, 0x65, 0x12, 0x46, 0x0a, 0x07, 0x63, 0x6c,
+	0x75, 0x73, 0x74, 0x65, 0x72, 0x18, 0x02, 0x20, 0x01, 0x28, 0x09, 0x42, 0x2c, 0xe0, 0x41, 0x02,
+	0xfa, 0x41, 0x26, 0x0a, 0x24, 0x62, 0x69, 0x67, 0x74, 0x61, 0x62, 0x6c, 0x65, 0x61, 0x64, 0x6d,
+	0x69, 0x6e, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x61, 0x70, 0x69, 0x73, 0x2e, 0x63, 0x6f,
+	0x6d, 0x2f, 0x43, 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0x52, 0x07, 0x63, 0x6c, 0x75, 0x73, 0x74,
+	0x65, 0x72, 0x12, 0x24, 0x0a, 0x0b, 0x73, 0x6e, 0x61, 0x70, 0x73, 0x68, 0x6f, 0x74, 0x5f, 0x69,
+	0x64, 0x18, 0x03, 0x20, 0x01, 0x28, 0x09, 0x42, 0x03, 0xe0, 0x41, 0x02, 0x52, 0x0a, 0x73, 0x6e,
+	0x61, 0x70, 0x73, 0x68, 0x6f, 0x74, 0x49, 0x64, 0x12, 0x2b, 0x0a, 0x03, 0x74, 0x74, 0x6c, 0x18,
+	0x04, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x19, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70,
+	0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x44, 0x75, 0x72, 0x61, 0x74, 0x69, 0x6f, 0x6e,
+	0x52, 0x03, 0x74, 0x74, 0x6c, 0x12, 0x20, 0x0a, 0x0b, 0x64, 0x65, 0x73, 0x63, 0x72, 0x69, 0x70,
+	0x74, 0x69, 0x6f, 0x6e, 0x18, 0x05, 0x20, 0x01, 0x28, 0x09, 0x52, 0x0b, 0x64, 0x65, 0x73, 0x63,
+	0x72, 0x69, 0x70, 0x74, 0x69, 0x6f, 0x6e, 0x22, 0x57, 0x0a, 0x12, 0x47, 0x65, 0x74, 0x53, 0x6e,
+	0x61, 0x70, 0x73, 0x68, 0x6f, 0x74, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x12, 0x41, 0x0a,
+	0x04, 0x6e, 0x61, 0x6d, 0x65, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x42, 0x2d, 0xe0, 0x41, 0x02,
+	0xfa, 0x41, 0x27, 0x0a, 0x25, 0x62, 0x69, 0x67, 0x74, 0x61, 0x62, 0x6c, 0x65, 0x61, 0x64, 0x6d,
+	0x69, 0x6e, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x61, 0x70, 0x69, 0x73, 0x2e, 0x63, 0x6f,
+	0x6d, 0x2f, 0x53, 0x6e, 0x61, 0x70, 0x73, 0x68, 0x6f, 0x74, 0x52, 0x04, 0x6e, 0x61, 0x6d, 0x65,
+	0x22, 0x98, 0x01, 0x0a, 0x14, 0x4c, 0x69, 0x73, 0x74, 0x53, 0x6e, 0x61, 0x70, 0x73, 0x68, 0x6f,
+	0x74, 0x73, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x12, 0x44, 0x0a, 0x06, 0x70, 0x61, 0x72,
+	0x65, 0x6e, 0x74, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x42, 0x2c, 0xe0, 0x41, 0x02, 0xfa, 0x41,
+	0x26, 0x0a, 0x24, 0x62, 0x69, 0x67, 0x74, 0x61, 0x62, 0x6c, 0x65, 0x61, 0x64, 0x6d, 0x69, 0x6e,
 	0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x61, 0x70, 0x69, 0x73, 0x2e, 0x63, 0x6f, 0x6d, 0x2f,
 	0x43, 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0x52, 0x06, 0x70, 0x61, 0x72, 0x65, 0x6e, 0x74, 0x12,
 	0x1b, 0x0a, 0x09, 0x70, 0x61, 0x67, 0x65, 0x5f, 0x73, 0x69, 0x7a, 0x65, 0x18, 0x02, 0x20, 0x01,
@@ -2559,34 +2564,18 @@ var file_google_bigtable_admin_v2_bigtable_table_admin_proto_rawDesc = []byte{
 	0x61, 0x70, 0x73, 0x68, 0x6f, 0x74, 0x73, 0x12, 0x26, 0x0a, 0x0f, 0x6e, 0x65, 0x78, 0x74, 0x5f,
 	0x70, 0x61, 0x67, 0x65, 0x5f, 0x74, 0x6f, 0x6b, 0x65, 0x6e, 0x18, 0x02, 0x20, 0x01, 0x28, 0x09,
 	0x52, 0x0d, 0x6e, 0x65, 0x78, 0x74, 0x50, 0x61, 0x67, 0x65, 0x54, 0x6f, 0x6b, 0x65, 0x6e, 0x22,
-	0x55, 0x0a, 0x15, 0x44, 0x65, 0x6c, 0x65, 0x74, 0x65, 0x53, 0x6e, 0x61, 0x70, 0x73, 0x68, 0x6f,
-	0x74, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x12, 0x3c, 0x0a, 0x04, 0x6e, 0x61, 0x6d, 0x65,
-	0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x42, 0x28, 0xe0, 0x41, 0x02, 0xfa, 0x41, 0x22, 0x0a, 0x20,
-	0x62, 0x69, 0x67, 0x74, 0x61, 0x62, 0x6c, 0x65, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x61,
-	0x70, 0x69, 0x73, 0x2e, 0x63, 0x6f, 0x6d, 0x2f, 0x53, 0x6e, 0x61, 0x70, 0x73, 0x68, 0x6f, 0x74,
-	0x52, 0x04, 0x6e, 0x61, 0x6d, 0x65, 0x22, 0xee, 0x01, 0x0a, 0x15, 0x53, 0x6e, 0x61, 0x70, 0x73,
-	0x68, 0x6f, 0x74, 0x54, 0x61, 0x62, 0x6c, 0x65, 0x4d, 0x65, 0x74, 0x61, 0x64, 0x61, 0x74, 0x61,
-	0x12, 0x59, 0x0a, 0x10, 0x6f, 0x72, 0x69, 0x67, 0x69, 0x6e, 0x61, 0x6c, 0x5f, 0x72, 0x65, 0x71,
-	0x75, 0x65, 0x73, 0x74, 0x18, 0x01, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x2e, 0x2e, 0x67, 0x6f, 0x6f,
-	0x67, 0x6c, 0x65, 0x2e, 0x62, 0x69, 0x67, 0x74, 0x61, 0x62, 0x6c, 0x65, 0x2e, 0x61, 0x64, 0x6d,
-	0x69, 0x6e, 0x2e, 0x76, 0x32, 0x2e, 0x53, 0x6e, 0x61, 0x70, 0x73, 0x68, 0x6f, 0x74, 0x54, 0x61,
-	0x62, 0x6c, 0x65, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x52, 0x0f, 0x6f, 0x72, 0x69, 0x67,
-	0x69, 0x6e, 0x61, 0x6c, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x12, 0x3d, 0x0a, 0x0c, 0x72,
-	0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x5f, 0x74, 0x69, 0x6d, 0x65, 0x18, 0x02, 0x20, 0x01, 0x28,
-	0x0b, 0x32, 0x1a, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f,
-	0x62, 0x75, 0x66, 0x2e, 0x54, 0x69, 0x6d, 0x65, 0x73, 0x74, 0x61, 0x6d, 0x70, 0x52, 0x0b, 0x72,
-	0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x54, 0x69, 0x6d, 0x65, 0x12, 0x3b, 0x0a, 0x0b, 0x66, 0x69,
-	0x6e, 0x69, 0x73, 0x68, 0x5f, 0x74, 0x69, 0x6d, 0x65, 0x18, 0x03, 0x20, 0x01, 0x28, 0x0b, 0x32,
-	0x1a, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75,
-	0x66, 0x2e, 0x54, 0x69, 0x6d, 0x65, 0x73, 0x74, 0x61, 0x6d, 0x70, 0x52, 0x0a, 0x66, 0x69, 0x6e,
-	0x69, 0x73, 0x68, 0x54, 0x69, 0x6d, 0x65, 0x22, 0x82, 0x02, 0x0a, 0x1f, 0x43, 0x72, 0x65, 0x61,
-	0x74, 0x65, 0x54, 0x61, 0x62, 0x6c, 0x65, 0x46, 0x72, 0x6f, 0x6d, 0x53, 0x6e, 0x61, 0x70, 0x73,
-	0x68, 0x6f, 0x74, 0x4d, 0x65, 0x74, 0x61, 0x64, 0x61, 0x74, 0x61, 0x12, 0x63, 0x0a, 0x10, 0x6f,
-	0x72, 0x69, 0x67, 0x69, 0x6e, 0x61, 0x6c, 0x5f, 0x72, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x18,
-	0x01, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x38, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x62,
-	0x69, 0x67, 0x74, 0x61, 0x62, 0x6c, 0x65, 0x2e, 0x61, 0x64, 0x6d, 0x69, 0x6e, 0x2e, 0x76, 0x32,
-	0x2e, 0x43, 0x72, 0x65, 0x61, 0x74, 0x65, 0x54, 0x61, 0x62, 0x6c, 0x65, 0x46, 0x72, 0x6f, 0x6d,
-	0x53, 0x6e, 0x61, 0x70, 0x73, 0x68, 0x6f, 0x74, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x52,
+	0x5a, 0x0a, 0x15, 0x44, 0x65, 0x6c, 0x65, 0x74, 0x65, 0x53, 0x6e, 0x61, 0x70, 0x73, 0x68, 0x6f,
+	0x74, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x12, 0x41, 0x0a, 0x04, 0x6e, 0x61, 0x6d, 0x65,
+	0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x42, 0x2d, 0xe0, 0x41, 0x02, 0xfa, 0x41, 0x27, 0x0a, 0x25,
+	0x62, 0x69, 0x67, 0x74, 0x61, 0x62, 0x6c, 0x65, 0x61, 0x64, 0x6d, 0x69, 0x6e, 0x2e, 0x67, 0x6f,
+	0x6f, 0x67, 0x6c, 0x65, 0x61, 0x70, 0x69, 0x73, 0x2e, 0x63, 0x6f, 0x6d, 0x2f, 0x53, 0x6e, 0x61,
+	0x70, 0x73, 0x68, 0x6f, 0x74, 0x52, 0x04, 0x6e, 0x61, 0x6d, 0x65, 0x22, 0xee, 0x01, 0x0a, 0x15,
+	0x53, 0x6e, 0x61, 0x70, 0x73, 0x68, 0x6f, 0x74, 0x54, 0x61, 0x62, 0x6c, 0x65, 0x4d, 0x65, 0x74,
+	0x61, 0x64, 0x61, 0x74, 0x61, 0x12, 0x59, 0x0a, 0x10, 0x6f, 0x72, 0x69, 0x67, 0x69, 0x6e, 0x61,
+	0x6c, 0x5f, 0x72, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x18, 0x01, 0x20, 0x01, 0x28, 0x0b, 0x32,
+	0x2e, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x62, 0x69, 0x67, 0x74, 0x61, 0x62, 0x6c,
+	0x65, 0x2e, 0x61, 0x64, 0x6d, 0x69, 0x6e, 0x2e, 0x76, 0x32, 0x2e, 0x53, 0x6e, 0x61, 0x70, 0x73,
+	0x68, 0x6f, 0x74, 0x54, 0x61, 0x62, 0x6c, 0x65, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x52,
 	0x0f, 0x6f, 0x72, 0x69, 0x67, 0x69, 0x6e, 0x61, 0x6c, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74,
 	0x12, 0x3d, 0x0a, 0x0c, 0x72, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x5f, 0x74, 0x69, 0x6d, 0x65,
 	0x18, 0x02, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1a, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e,
@@ -2595,383 +2584,401 @@ var file_google_bigtable_admin_v2_bigtable_table_admin_proto_rawDesc = []byte{
 	0x3b, 0x0a, 0x0b, 0x66, 0x69, 0x6e, 0x69, 0x73, 0x68, 0x5f, 0x74, 0x69, 0x6d, 0x65, 0x18, 0x03,
 	0x20, 0x01, 0x28, 0x0b, 0x32, 0x1a, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72,
 	0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x54, 0x69, 0x6d, 0x65, 0x73, 0x74, 0x61, 0x6d, 0x70,
-	0x52, 0x0a, 0x66, 0x69, 0x6e, 0x69, 0x73, 0x68, 0x54, 0x69, 0x6d, 0x65, 0x22, 0xb7, 0x01, 0x0a,
-	0x13, 0x43, 0x72, 0x65, 0x61, 0x74, 0x65, 0x42, 0x61, 0x63, 0x6b, 0x75, 0x70, 0x52, 0x65, 0x71,
-	0x75, 0x65, 0x73, 0x74, 0x12, 0x3f, 0x0a, 0x06, 0x70, 0x61, 0x72, 0x65, 0x6e, 0x74, 0x18, 0x01,
-	0x20, 0x01, 0x28, 0x09, 0x42, 0x27, 0xe0, 0x41, 0x02, 0xfa, 0x41, 0x21, 0x0a, 0x1f, 0x62, 0x69,
-	0x67, 0x74, 0x61, 0x62, 0x6c, 0x65, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x61, 0x70, 0x69,
-	0x73, 0x2e, 0x63, 0x6f, 0x6d, 0x2f, 0x43, 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0x52, 0x06, 0x70,
-	0x61, 0x72, 0x65, 0x6e, 0x74, 0x12, 0x20, 0x0a, 0x09, 0x62, 0x61, 0x63, 0x6b, 0x75, 0x70, 0x5f,
-	0x69, 0x64, 0x18, 0x02, 0x20, 0x01, 0x28, 0x09, 0x42, 0x03, 0xe0, 0x41, 0x02, 0x52, 0x08, 0x62,
-	0x61, 0x63, 0x6b, 0x75, 0x70, 0x49, 0x64, 0x12, 0x3d, 0x0a, 0x06, 0x62, 0x61, 0x63, 0x6b, 0x75,
-	0x70, 0x18, 0x03, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x20, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65,
-	0x2e, 0x62, 0x69, 0x67, 0x74, 0x61, 0x62, 0x6c, 0x65, 0x2e, 0x61, 0x64, 0x6d, 0x69, 0x6e, 0x2e,
-	0x76, 0x32, 0x2e, 0x42, 0x61, 0x63, 0x6b, 0x75, 0x70, 0x42, 0x03, 0xe0, 0x41, 0x02, 0x52, 0x06,
-	0x62, 0x61, 0x63, 0x6b, 0x75, 0x70, 0x22, 0xbf, 0x01, 0x0a, 0x14, 0x43, 0x72, 0x65, 0x61, 0x74,
-	0x65, 0x42, 0x61, 0x63, 0x6b, 0x75, 0x70, 0x4d, 0x65, 0x74, 0x61, 0x64, 0x61, 0x74, 0x61, 0x12,
-	0x12, 0x0a, 0x04, 0x6e, 0x61, 0x6d, 0x65, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x04, 0x6e,
-	0x61, 0x6d, 0x65, 0x12, 0x21, 0x0a, 0x0c, 0x73, 0x6f, 0x75, 0x72, 0x63, 0x65, 0x5f, 0x74, 0x61,
-	0x62, 0x6c, 0x65, 0x18, 0x02, 0x20, 0x01, 0x28, 0x09, 0x52, 0x0b, 0x73, 0x6f, 0x75, 0x72, 0x63,
-	0x65, 0x54, 0x61, 0x62, 0x6c, 0x65, 0x12, 0x39, 0x0a, 0x0a, 0x73, 0x74, 0x61, 0x72, 0x74, 0x5f,
-	0x74, 0x69, 0x6d, 0x65, 0x18, 0x03, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1a, 0x2e, 0x67, 0x6f, 0x6f,
-	0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x54, 0x69, 0x6d,
-	0x65, 0x73, 0x74, 0x61, 0x6d, 0x70, 0x52, 0x09, 0x73, 0x74, 0x61, 0x72, 0x74, 0x54, 0x69, 0x6d,
-	0x65, 0x12, 0x35, 0x0a, 0x08, 0x65, 0x6e, 0x64, 0x5f, 0x74, 0x69, 0x6d, 0x65, 0x18, 0x04, 0x20,
-	0x01, 0x28, 0x0b, 0x32, 0x1a, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f,
-	0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x54, 0x69, 0x6d, 0x65, 0x73, 0x74, 0x61, 0x6d, 0x70, 0x52,
-	0x07, 0x65, 0x6e, 0x64, 0x54, 0x69, 0x6d, 0x65, 0x22, 0x96, 0x01, 0x0a, 0x13, 0x55, 0x70, 0x64,
-	0x61, 0x74, 0x65, 0x42, 0x61, 0x63, 0x6b, 0x75, 0x70, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74,
-	0x12, 0x3d, 0x0a, 0x06, 0x62, 0x61, 0x63, 0x6b, 0x75, 0x70, 0x18, 0x01, 0x20, 0x01, 0x28, 0x0b,
-	0x32, 0x20, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x62, 0x69, 0x67, 0x74, 0x61, 0x62,
-	0x6c, 0x65, 0x2e, 0x61, 0x64, 0x6d, 0x69, 0x6e, 0x2e, 0x76, 0x32, 0x2e, 0x42, 0x61, 0x63, 0x6b,
-	0x75, 0x70, 0x42, 0x03, 0xe0, 0x41, 0x02, 0x52, 0x06, 0x62, 0x61, 0x63, 0x6b, 0x75, 0x70, 0x12,
-	0x40, 0x0a, 0x0b, 0x75, 0x70, 0x64, 0x61, 0x74, 0x65, 0x5f, 0x6d, 0x61, 0x73, 0x6b, 0x18, 0x02,
+	0x52, 0x0a, 0x66, 0x69, 0x6e, 0x69, 0x73, 0x68, 0x54, 0x69, 0x6d, 0x65, 0x22, 0x82, 0x02, 0x0a,
+	0x1f, 0x43, 0x72, 0x65, 0x61, 0x74, 0x65, 0x54, 0x61, 0x62, 0x6c, 0x65, 0x46, 0x72, 0x6f, 0x6d,
+	0x53, 0x6e, 0x61, 0x70, 0x73, 0x68, 0x6f, 0x74, 0x4d, 0x65, 0x74, 0x61, 0x64, 0x61, 0x74, 0x61,
+	0x12, 0x63, 0x0a, 0x10, 0x6f, 0x72, 0x69, 0x67, 0x69, 0x6e, 0x61, 0x6c, 0x5f, 0x72, 0x65, 0x71,
+	0x75, 0x65, 0x73, 0x74, 0x18, 0x01, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x38, 0x2e, 0x67, 0x6f, 0x6f,
+	0x67, 0x6c, 0x65, 0x2e, 0x62, 0x69, 0x67, 0x74, 0x61, 0x62, 0x6c, 0x65, 0x2e, 0x61, 0x64, 0x6d,
+	0x69, 0x6e, 0x2e, 0x76, 0x32, 0x2e, 0x43, 0x72, 0x65, 0x61, 0x74, 0x65, 0x54, 0x61, 0x62, 0x6c,
+	0x65, 0x46, 0x72, 0x6f, 0x6d, 0x53, 0x6e, 0x61, 0x70, 0x73, 0x68, 0x6f, 0x74, 0x52, 0x65, 0x71,
+	0x75, 0x65, 0x73, 0x74, 0x52, 0x0f, 0x6f, 0x72, 0x69, 0x67, 0x69, 0x6e, 0x61, 0x6c, 0x52, 0x65,
+	0x71, 0x75, 0x65, 0x73, 0x74, 0x12, 0x3d, 0x0a, 0x0c, 0x72, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74,
+	0x5f, 0x74, 0x69, 0x6d, 0x65, 0x18, 0x02, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1a, 0x2e, 0x67, 0x6f,
+	0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x54, 0x69,
+	0x6d, 0x65, 0x73, 0x74, 0x61, 0x6d, 0x70, 0x52, 0x0b, 0x72, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74,
+	0x54, 0x69, 0x6d, 0x65, 0x12, 0x3b, 0x0a, 0x0b, 0x66, 0x69, 0x6e, 0x69, 0x73, 0x68, 0x5f, 0x74,
+	0x69, 0x6d, 0x65, 0x18, 0x03, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1a, 0x2e, 0x67, 0x6f, 0x6f, 0x67,
+	0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x54, 0x69, 0x6d, 0x65,
+	0x73, 0x74, 0x61, 0x6d, 0x70, 0x52, 0x0a, 0x66, 0x69, 0x6e, 0x69, 0x73, 0x68, 0x54, 0x69, 0x6d,
+	0x65, 0x22, 0xbc, 0x01, 0x0a, 0x13, 0x43, 0x72, 0x65, 0x61, 0x74, 0x65, 0x42, 0x61, 0x63, 0x6b,
+	0x75, 0x70, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x12, 0x44, 0x0a, 0x06, 0x70, 0x61, 0x72,
+	0x65, 0x6e, 0x74, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x42, 0x2c, 0xe0, 0x41, 0x02, 0xfa, 0x41,
+	0x26, 0x0a, 0x24, 0x62, 0x69, 0x67, 0x74, 0x61, 0x62, 0x6c, 0x65, 0x61, 0x64, 0x6d, 0x69, 0x6e,
+	0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x61, 0x70, 0x69, 0x73, 0x2e, 0x63, 0x6f, 0x6d, 0x2f,
+	0x43, 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0x52, 0x06, 0x70, 0x61, 0x72, 0x65, 0x6e, 0x74, 0x12,
+	0x20, 0x0a, 0x09, 0x62, 0x61, 0x63, 0x6b, 0x75, 0x70, 0x5f, 0x69, 0x64, 0x18, 0x02, 0x20, 0x01,
+	0x28, 0x09, 0x42, 0x03, 0xe0, 0x41, 0x02, 0x52, 0x08, 0x62, 0x61, 0x63, 0x6b, 0x75, 0x70, 0x49,
+	0x64, 0x12, 0x3d, 0x0a, 0x06, 0x62, 0x61, 0x63, 0x6b, 0x75, 0x70, 0x18, 0x03, 0x20, 0x01, 0x28,
+	0x0b, 0x32, 0x20, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x62, 0x69, 0x67, 0x74, 0x61,
+	0x62, 0x6c, 0x65, 0x2e, 0x61, 0x64, 0x6d, 0x69, 0x6e, 0x2e, 0x76, 0x32, 0x2e, 0x42, 0x61, 0x63,
+	0x6b, 0x75, 0x70, 0x42, 0x03, 0xe0, 0x41, 0x02, 0x52, 0x06, 0x62, 0x61, 0x63, 0x6b, 0x75, 0x70,
+	0x22, 0xbf, 0x01, 0x0a, 0x14, 0x43, 0x72, 0x65, 0x61, 0x74, 0x65, 0x42, 0x61, 0x63, 0x6b, 0x75,
+	0x70, 0x4d, 0x65, 0x74, 0x61, 0x64, 0x61, 0x74, 0x61, 0x12, 0x12, 0x0a, 0x04, 0x6e, 0x61, 0x6d,
+	0x65, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x04, 0x6e, 0x61, 0x6d, 0x65, 0x12, 0x21, 0x0a,
+	0x0c, 0x73, 0x6f, 0x75, 0x72, 0x63, 0x65, 0x5f, 0x74, 0x61, 0x62, 0x6c, 0x65, 0x18, 0x02, 0x20,
+	0x01, 0x28, 0x09, 0x52, 0x0b, 0x73, 0x6f, 0x75, 0x72, 0x63, 0x65, 0x54, 0x61, 0x62, 0x6c, 0x65,
+	0x12, 0x39, 0x0a, 0x0a, 0x73, 0x74, 0x61, 0x72, 0x74, 0x5f, 0x74, 0x69, 0x6d, 0x65, 0x18, 0x03,
 	0x20, 0x01, 0x28, 0x0b, 0x32, 0x1a, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72,
-	0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x46, 0x69, 0x65, 0x6c, 0x64, 0x4d, 0x61, 0x73, 0x6b,
-	0x42, 0x03, 0xe0, 0x41, 0x02, 0x52, 0x0a, 0x75, 0x70, 0x64, 0x61, 0x74, 0x65, 0x4d, 0x61, 0x73,
-	0x6b, 0x22, 0x4e, 0x0a, 0x10, 0x47, 0x65, 0x74, 0x42, 0x61, 0x63, 0x6b, 0x75, 0x70, 0x52, 0x65,
-	0x71, 0x75, 0x65, 0x73, 0x74, 0x12, 0x3a, 0x0a, 0x04, 0x6e, 0x61, 0x6d, 0x65, 0x18, 0x01, 0x20,
-	0x01, 0x28, 0x09, 0x42, 0x26, 0xe0, 0x41, 0x02, 0xfa, 0x41, 0x20, 0x0a, 0x1e, 0x62, 0x69, 0x67,
-	0x74, 0x61, 0x62, 0x6c, 0x65, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x61, 0x70, 0x69, 0x73,
-	0x2e, 0x63, 0x6f, 0x6d, 0x2f, 0x42, 0x61, 0x63, 0x6b, 0x75, 0x70, 0x52, 0x04, 0x6e, 0x61, 0x6d,
-	0x65, 0x22, 0x51, 0x0a, 0x13, 0x44, 0x65, 0x6c, 0x65, 0x74, 0x65, 0x42, 0x61, 0x63, 0x6b, 0x75,
-	0x70, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x12, 0x3a, 0x0a, 0x04, 0x6e, 0x61, 0x6d, 0x65,
-	0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x42, 0x26, 0xe0, 0x41, 0x02, 0xfa, 0x41, 0x20, 0x0a, 0x1e,
-	0x62, 0x69, 0x67, 0x74, 0x61, 0x62, 0x6c, 0x65, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x61,
-	0x70, 0x69, 0x73, 0x2e, 0x63, 0x6f, 0x6d, 0x2f, 0x42, 0x61, 0x63, 0x6b, 0x75, 0x70, 0x52, 0x04,
-	0x6e, 0x61, 0x6d, 0x65, 0x22, 0xc4, 0x01, 0x0a, 0x12, 0x4c, 0x69, 0x73, 0x74, 0x42, 0x61, 0x63,
-	0x6b, 0x75, 0x70, 0x73, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x12, 0x3f, 0x0a, 0x06, 0x70,
-	0x61, 0x72, 0x65, 0x6e, 0x74, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x42, 0x27, 0xe0, 0x41, 0x02,
-	0xfa, 0x41, 0x21, 0x0a, 0x1f, 0x62, 0x69, 0x67, 0x74, 0x61, 0x62, 0x6c, 0x65, 0x2e, 0x67, 0x6f,
-	0x6f, 0x67, 0x6c, 0x65, 0x61, 0x70, 0x69, 0x73, 0x2e, 0x63, 0x6f, 0x6d, 0x2f, 0x43, 0x6c, 0x75,
-	0x73, 0x74, 0x65, 0x72, 0x52, 0x06, 0x70, 0x61, 0x72, 0x65, 0x6e, 0x74, 0x12, 0x16, 0x0a, 0x06,
-	0x66, 0x69, 0x6c, 0x74, 0x65, 0x72, 0x18, 0x02, 0x20, 0x01, 0x28, 0x09, 0x52, 0x06, 0x66, 0x69,
-	0x6c, 0x74, 0x65, 0x72, 0x12, 0x19, 0x0a, 0x08, 0x6f, 0x72, 0x64, 0x65, 0x72, 0x5f, 0x62, 0x79,
-	0x18, 0x03, 0x20, 0x01, 0x28, 0x09, 0x52, 0x07, 0x6f, 0x72, 0x64, 0x65, 0x72, 0x42, 0x79, 0x12,
-	0x1b, 0x0a, 0x09, 0x70, 0x61, 0x67, 0x65, 0x5f, 0x73, 0x69, 0x7a, 0x65, 0x18, 0x04, 0x20, 0x01,
-	0x28, 0x05, 0x52, 0x08, 0x70, 0x61, 0x67, 0x65, 0x53, 0x69, 0x7a, 0x65, 0x12, 0x1d, 0x0a, 0x0a,
-	0x70, 0x61, 0x67, 0x65, 0x5f, 0x74, 0x6f, 0x6b, 0x65, 0x6e, 0x18, 0x05, 0x20, 0x01, 0x28, 0x09,
-	0x52, 0x09, 0x70, 0x61, 0x67, 0x65, 0x54, 0x6f, 0x6b, 0x65, 0x6e, 0x22, 0x79, 0x0a, 0x13, 0x4c,
-	0x69, 0x73, 0x74, 0x42, 0x61, 0x63, 0x6b, 0x75, 0x70, 0x73, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e,
-	0x73, 0x65, 0x12, 0x3a, 0x0a, 0x07, 0x62, 0x61, 0x63, 0x6b, 0x75, 0x70, 0x73, 0x18, 0x01, 0x20,
-	0x03, 0x28, 0x0b, 0x32, 0x20, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x62, 0x69, 0x67,
-	0x74, 0x61, 0x62, 0x6c, 0x65, 0x2e, 0x61, 0x64, 0x6d, 0x69, 0x6e, 0x2e, 0x76, 0x32, 0x2e, 0x42,
-	0x61, 0x63, 0x6b, 0x75, 0x70, 0x52, 0x07, 0x62, 0x61, 0x63, 0x6b, 0x75, 0x70, 0x73, 0x12, 0x26,
-	0x0a, 0x0f, 0x6e, 0x65, 0x78, 0x74, 0x5f, 0x70, 0x61, 0x67, 0x65, 0x5f, 0x74, 0x6f, 0x6b, 0x65,
-	0x6e, 0x18, 0x02, 0x20, 0x01, 0x28, 0x09, 0x52, 0x0d, 0x6e, 0x65, 0x78, 0x74, 0x50, 0x61, 0x67,
-	0x65, 0x54, 0x6f, 0x6b, 0x65, 0x6e, 0x32, 0x98, 0x25, 0x0a, 0x12, 0x42, 0x69, 0x67, 0x74, 0x61,
-	0x62, 0x6c, 0x65, 0x54, 0x61, 0x62, 0x6c, 0x65, 0x41, 0x64, 0x6d, 0x69, 0x6e, 0x12, 0xab, 0x01,
-	0x0a, 0x0b, 0x43, 0x72, 0x65, 0x61, 0x74, 0x65, 0x54, 0x61, 0x62, 0x6c, 0x65, 0x12, 0x2c, 0x2e,
-	0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x62, 0x69, 0x67, 0x74, 0x61, 0x62, 0x6c, 0x65, 0x2e,
-	0x61, 0x64, 0x6d, 0x69, 0x6e, 0x2e, 0x76, 0x32, 0x2e, 0x43, 0x72, 0x65, 0x61, 0x74, 0x65, 0x54,
-	0x61, 0x62, 0x6c, 0x65, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, 0x1f, 0x2e, 0x67, 0x6f,
-	0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x62, 0x69, 0x67, 0x74, 0x61, 0x62, 0x6c, 0x65, 0x2e, 0x61, 0x64,
-	0x6d, 0x69, 0x6e, 0x2e, 0x76, 0x32, 0x2e, 0x54, 0x61, 0x62, 0x6c, 0x65, 0x22, 0x4d, 0x82, 0xd3,
-	0xe4, 0x93, 0x02, 0x2f, 0x22, 0x2a, 0x2f, 0x76, 0x32, 0x2f, 0x7b, 0x70, 0x61, 0x72, 0x65, 0x6e,
-	0x74, 0x3d, 0x70, 0x72, 0x6f, 0x6a, 0x65, 0x63, 0x74, 0x73, 0x2f, 0x2a, 0x2f, 0x69, 0x6e, 0x73,
-	0x74, 0x61, 0x6e, 0x63, 0x65, 0x73, 0x2f, 0x2a, 0x7d, 0x2f, 0x74, 0x61, 0x62, 0x6c, 0x65, 0x73,
-	0x3a, 0x01, 0x2a, 0xda, 0x41, 0x15, 0x70, 0x61, 0x72, 0x65, 0x6e, 0x74, 0x2c, 0x74, 0x61, 0x62,
-	0x6c, 0x65, 0x5f, 0x69, 0x64, 0x2c, 0x74, 0x61, 0x62, 0x6c, 0x65, 0x12, 0x8a, 0x02, 0x0a, 0x17,
-	0x43, 0x72, 0x65, 0x61, 0x74, 0x65, 0x54, 0x61, 0x62, 0x6c, 0x65, 0x46, 0x72, 0x6f, 0x6d, 0x53,
-	0x6e, 0x61, 0x70, 0x73, 0x68, 0x6f, 0x74, 0x12, 0x38, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65,
-	0x2e, 0x62, 0x69, 0x67, 0x74, 0x61, 0x62, 0x6c, 0x65, 0x2e, 0x61, 0x64, 0x6d, 0x69, 0x6e, 0x2e,
-	0x76, 0x32, 0x2e, 0x43, 0x72, 0x65, 0x61, 0x74, 0x65, 0x54, 0x61, 0x62, 0x6c, 0x65, 0x46, 0x72,
-	0x6f, 0x6d, 0x53, 0x6e, 0x61, 0x70, 0x73, 0x68, 0x6f, 0x74, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73,
-	0x74, 0x1a, 0x1d, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x6c, 0x6f, 0x6e, 0x67, 0x72,
-	0x75, 0x6e, 0x6e, 0x69, 0x6e, 0x67, 0x2e, 0x4f, 0x70, 0x65, 0x72, 0x61, 0x74, 0x69, 0x6f, 0x6e,
-	0x22, 0x95, 0x01, 0x82, 0xd3, 0xe4, 0x93, 0x02, 0x42, 0x22, 0x3d, 0x2f, 0x76, 0x32, 0x2f, 0x7b,
-	0x70, 0x61, 0x72, 0x65, 0x6e, 0x74, 0x3d, 0x70, 0x72, 0x6f, 0x6a, 0x65, 0x63, 0x74, 0x73, 0x2f,
-	0x2a, 0x2f, 0x69, 0x6e, 0x73, 0x74, 0x61, 0x6e, 0x63, 0x65, 0x73, 0x2f, 0x2a, 0x7d, 0x2f, 0x74,
-	0x61, 0x62, 0x6c, 0x65, 0x73, 0x3a, 0x63, 0x72, 0x65, 0x61, 0x74, 0x65, 0x46, 0x72, 0x6f, 0x6d,
-	0x53, 0x6e, 0x61, 0x70, 0x73, 0x68, 0x6f, 0x74, 0x3a, 0x01, 0x2a, 0xda, 0x41, 0x1f, 0x70, 0x61,
-	0x72, 0x65, 0x6e, 0x74, 0x2c, 0x74, 0x61, 0x62, 0x6c, 0x65, 0x5f, 0x69, 0x64, 0x2c, 0x73, 0x6f,
-	0x75, 0x72, 0x63, 0x65, 0x5f, 0x73, 0x6e, 0x61, 0x70, 0x73, 0x68, 0x6f, 0x74, 0xca, 0x41, 0x28,
-	0x0a, 0x05, 0x54, 0x61, 0x62, 0x6c, 0x65, 0x12, 0x1f, 0x43, 0x72, 0x65, 0x61, 0x74, 0x65, 0x54,
-	0x61, 0x62, 0x6c, 0x65, 0x46, 0x72, 0x6f, 0x6d, 0x53, 0x6e, 0x61, 0x70, 0x73, 0x68, 0x6f, 0x74,
-	0x4d, 0x65, 0x74, 0x61, 0x64, 0x61, 0x74, 0x61, 0x12, 0xa4, 0x01, 0x0a, 0x0a, 0x4c, 0x69, 0x73,
-	0x74, 0x54, 0x61, 0x62, 0x6c, 0x65, 0x73, 0x12, 0x2b, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65,
-	0x2e, 0x62, 0x69, 0x67, 0x74, 0x61, 0x62, 0x6c, 0x65, 0x2e, 0x61, 0x64, 0x6d, 0x69, 0x6e, 0x2e,
-	0x76, 0x32, 0x2e, 0x4c, 0x69, 0x73, 0x74, 0x54, 0x61, 0x62, 0x6c, 0x65, 0x73, 0x52, 0x65, 0x71,
-	0x75, 0x65, 0x73, 0x74, 0x1a, 0x2c, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x62, 0x69,
-	0x67, 0x74, 0x61, 0x62, 0x6c, 0x65, 0x2e, 0x61, 0x64, 0x6d, 0x69, 0x6e, 0x2e, 0x76, 0x32, 0x2e,
-	0x4c, 0x69, 0x73, 0x74, 0x54, 0x61, 0x62, 0x6c, 0x65, 0x73, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e,
-	0x73, 0x65, 0x22, 0x3b, 0x82, 0xd3, 0xe4, 0x93, 0x02, 0x2c, 0x12, 0x2a, 0x2f, 0x76, 0x32, 0x2f,
-	0x7b, 0x70, 0x61, 0x72, 0x65, 0x6e, 0x74, 0x3d, 0x70, 0x72, 0x6f, 0x6a, 0x65, 0x63, 0x74, 0x73,
-	0x2f, 0x2a, 0x2f, 0x69, 0x6e, 0x73, 0x74, 0x61, 0x6e, 0x63, 0x65, 0x73, 0x2f, 0x2a, 0x7d, 0x2f,
-	0x74, 0x61, 0x62, 0x6c, 0x65, 0x73, 0xda, 0x41, 0x06, 0x70, 0x61, 0x72, 0x65, 0x6e, 0x74, 0x12,
-	0x91, 0x01, 0x0a, 0x08, 0x47, 0x65, 0x74, 0x54, 0x61, 0x62, 0x6c, 0x65, 0x12, 0x29, 0x2e, 0x67,
-	0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x62, 0x69, 0x67, 0x74, 0x61, 0x62, 0x6c, 0x65, 0x2e, 0x61,
-	0x64, 0x6d, 0x69, 0x6e, 0x2e, 0x76, 0x32, 0x2e, 0x47, 0x65, 0x74, 0x54, 0x61, 0x62, 0x6c, 0x65,
-	0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, 0x1f, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65,
-	0x2e, 0x62, 0x69, 0x67, 0x74, 0x61, 0x62, 0x6c, 0x65, 0x2e, 0x61, 0x64, 0x6d, 0x69, 0x6e, 0x2e,
-	0x76, 0x32, 0x2e, 0x54, 0x61, 0x62, 0x6c, 0x65, 0x22, 0x39, 0x82, 0xd3, 0xe4, 0x93, 0x02, 0x2c,
-	0x12, 0x2a, 0x2f, 0x76, 0x32, 0x2f, 0x7b, 0x6e, 0x61, 0x6d, 0x65, 0x3d, 0x70, 0x72, 0x6f, 0x6a,
-	0x65, 0x63, 0x74, 0x73, 0x2f, 0x2a, 0x2f, 0x69, 0x6e, 0x73, 0x74, 0x61, 0x6e, 0x63, 0x65, 0x73,
-	0x2f, 0x2a, 0x2f, 0x74, 0x61, 0x62, 0x6c, 0x65, 0x73, 0x2f, 0x2a, 0x7d, 0xda, 0x41, 0x04, 0x6e,
-	0x61, 0x6d, 0x65, 0x12, 0x8e, 0x01, 0x0a, 0x0b, 0x44, 0x65, 0x6c, 0x65, 0x74, 0x65, 0x54, 0x61,
-	0x62, 0x6c, 0x65, 0x12, 0x2c, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x62, 0x69, 0x67,
-	0x74, 0x61, 0x62, 0x6c, 0x65, 0x2e, 0x61, 0x64, 0x6d, 0x69, 0x6e, 0x2e, 0x76, 0x32, 0x2e, 0x44,
-	0x65, 0x6c, 0x65, 0x74, 0x65, 0x54, 0x61, 0x62, 0x6c, 0x65, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73,
-	0x74, 0x1a, 0x16, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f,
-	0x62, 0x75, 0x66, 0x2e, 0x45, 0x6d, 0x70, 0x74, 0x79, 0x22, 0x39, 0x82, 0xd3, 0xe4, 0x93, 0x02,
-	0x2c, 0x2a, 0x2a, 0x2f, 0x76, 0x32, 0x2f, 0x7b, 0x6e, 0x61, 0x6d, 0x65, 0x3d, 0x70, 0x72, 0x6f,
-	0x6a, 0x65, 0x63, 0x74, 0x73, 0x2f, 0x2a, 0x2f, 0x69, 0x6e, 0x73, 0x74, 0x61, 0x6e, 0x63, 0x65,
-	0x73, 0x2f, 0x2a, 0x2f, 0x74, 0x61, 0x62, 0x6c, 0x65, 0x73, 0x2f, 0x2a, 0x7d, 0xda, 0x41, 0x04,
-	0x6e, 0x61, 0x6d, 0x65, 0x12, 0xcf, 0x01, 0x0a, 0x14, 0x4d, 0x6f, 0x64, 0x69, 0x66, 0x79, 0x43,
-	0x6f, 0x6c, 0x75, 0x6d, 0x6e, 0x46, 0x61, 0x6d, 0x69, 0x6c, 0x69, 0x65, 0x73, 0x12, 0x35, 0x2e,
-	0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x62, 0x69, 0x67, 0x74, 0x61, 0x62, 0x6c, 0x65, 0x2e,
-	0x61, 0x64, 0x6d, 0x69, 0x6e, 0x2e, 0x76, 0x32, 0x2e, 0x4d, 0x6f, 0x64, 0x69, 0x66, 0x79, 0x43,
-	0x6f, 0x6c, 0x75, 0x6d, 0x6e, 0x46, 0x61, 0x6d, 0x69, 0x6c, 0x69, 0x65, 0x73, 0x52, 0x65, 0x71,
-	0x75, 0x65, 0x73, 0x74, 0x1a, 0x1f, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x62, 0x69,
-	0x67, 0x74, 0x61, 0x62, 0x6c, 0x65, 0x2e, 0x61, 0x64, 0x6d, 0x69, 0x6e, 0x2e, 0x76, 0x32, 0x2e,
-	0x54, 0x61, 0x62, 0x6c, 0x65, 0x22, 0x5f, 0x82, 0xd3, 0xe4, 0x93, 0x02, 0x44, 0x22, 0x3f, 0x2f,
-	0x76, 0x32, 0x2f, 0x7b, 0x6e, 0x61, 0x6d, 0x65, 0x3d, 0x70, 0x72, 0x6f, 0x6a, 0x65, 0x63, 0x74,
-	0x73, 0x2f, 0x2a, 0x2f, 0x69, 0x6e, 0x73, 0x74, 0x61, 0x6e, 0x63, 0x65, 0x73, 0x2f, 0x2a, 0x2f,
-	0x74, 0x61, 0x62, 0x6c, 0x65, 0x73, 0x2f, 0x2a, 0x7d, 0x3a, 0x6d, 0x6f, 0x64, 0x69, 0x66, 0x79,
-	0x43, 0x6f, 0x6c, 0x75, 0x6d, 0x6e, 0x46, 0x61, 0x6d, 0x69, 0x6c, 0x69, 0x65, 0x73, 0x3a, 0x01,
-	0x2a, 0xda, 0x41, 0x12, 0x6e, 0x61, 0x6d, 0x65, 0x2c, 0x6d, 0x6f, 0x64, 0x69, 0x66, 0x69, 0x63,
-	0x61, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x12, 0x99, 0x01, 0x0a, 0x0c, 0x44, 0x72, 0x6f, 0x70, 0x52,
-	0x6f, 0x77, 0x52, 0x61, 0x6e, 0x67, 0x65, 0x12, 0x2d, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65,
-	0x2e, 0x62, 0x69, 0x67, 0x74, 0x61, 0x62, 0x6c, 0x65, 0x2e, 0x61, 0x64, 0x6d, 0x69, 0x6e, 0x2e,
-	0x76, 0x32, 0x2e, 0x44, 0x72, 0x6f, 0x70, 0x52, 0x6f, 0x77, 0x52, 0x61, 0x6e, 0x67, 0x65, 0x52,
-	0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, 0x16, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e,
-	0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x45, 0x6d, 0x70, 0x74, 0x79, 0x22, 0x42,
-	0x82, 0xd3, 0xe4, 0x93, 0x02, 0x3c, 0x22, 0x37, 0x2f, 0x76, 0x32, 0x2f, 0x7b, 0x6e, 0x61, 0x6d,
-	0x65, 0x3d, 0x70, 0x72, 0x6f, 0x6a, 0x65, 0x63, 0x74, 0x73, 0x2f, 0x2a, 0x2f, 0x69, 0x6e, 0x73,
-	0x74, 0x61, 0x6e, 0x63, 0x65, 0x73, 0x2f, 0x2a, 0x2f, 0x74, 0x61, 0x62, 0x6c, 0x65, 0x73, 0x2f,
-	0x2a, 0x7d, 0x3a, 0x64, 0x72, 0x6f, 0x70, 0x52, 0x6f, 0x77, 0x52, 0x61, 0x6e, 0x67, 0x65, 0x3a,
-	0x01, 0x2a, 0x12, 0xe8, 0x01, 0x0a, 0x18, 0x47, 0x65, 0x6e, 0x65, 0x72, 0x61, 0x74, 0x65, 0x43,
-	0x6f, 0x6e, 0x73, 0x69, 0x73, 0x74, 0x65, 0x6e, 0x63, 0x79, 0x54, 0x6f, 0x6b, 0x65, 0x6e, 0x12,
-	0x39, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x62, 0x69, 0x67, 0x74, 0x61, 0x62, 0x6c,
-	0x65, 0x2e, 0x61, 0x64, 0x6d, 0x69, 0x6e, 0x2e, 0x76, 0x32, 0x2e, 0x47, 0x65, 0x6e, 0x65, 0x72,
-	0x61, 0x74, 0x65, 0x43, 0x6f, 0x6e, 0x73, 0x69, 0x73, 0x74, 0x65, 0x6e, 0x63, 0x79, 0x54, 0x6f,
-	0x6b, 0x65, 0x6e, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, 0x3a, 0x2e, 0x67, 0x6f, 0x6f,
+	0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x54, 0x69, 0x6d, 0x65, 0x73, 0x74, 0x61, 0x6d, 0x70,
+	0x52, 0x09, 0x73, 0x74, 0x61, 0x72, 0x74, 0x54, 0x69, 0x6d, 0x65, 0x12, 0x35, 0x0a, 0x08, 0x65,
+	0x6e, 0x64, 0x5f, 0x74, 0x69, 0x6d, 0x65, 0x18, 0x04, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1a, 0x2e,
+	0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e,
+	0x54, 0x69, 0x6d, 0x65, 0x73, 0x74, 0x61, 0x6d, 0x70, 0x52, 0x07, 0x65, 0x6e, 0x64, 0x54, 0x69,
+	0x6d, 0x65, 0x22, 0x96, 0x01, 0x0a, 0x13, 0x55, 0x70, 0x64, 0x61, 0x74, 0x65, 0x42, 0x61, 0x63,
+	0x6b, 0x75, 0x70, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x12, 0x3d, 0x0a, 0x06, 0x62, 0x61,
+	0x63, 0x6b, 0x75, 0x70, 0x18, 0x01, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x20, 0x2e, 0x67, 0x6f, 0x6f,
 	0x67, 0x6c, 0x65, 0x2e, 0x62, 0x69, 0x67, 0x74, 0x61, 0x62, 0x6c, 0x65, 0x2e, 0x61, 0x64, 0x6d,
-	0x69, 0x6e, 0x2e, 0x76, 0x32, 0x2e, 0x47, 0x65, 0x6e, 0x65, 0x72, 0x61, 0x74, 0x65, 0x43, 0x6f,
-	0x6e, 0x73, 0x69, 0x73, 0x74, 0x65, 0x6e, 0x63, 0x79, 0x54, 0x6f, 0x6b, 0x65, 0x6e, 0x52, 0x65,
-	0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x22, 0x55, 0x82, 0xd3, 0xe4, 0x93, 0x02, 0x48, 0x22, 0x43,
-	0x2f, 0x76, 0x32, 0x2f, 0x7b, 0x6e, 0x61, 0x6d, 0x65, 0x3d, 0x70, 0x72, 0x6f, 0x6a, 0x65, 0x63,
-	0x74, 0x73, 0x2f, 0x2a, 0x2f, 0x69, 0x6e, 0x73, 0x74, 0x61, 0x6e, 0x63, 0x65, 0x73, 0x2f, 0x2a,
-	0x2f, 0x74, 0x61, 0x62, 0x6c, 0x65, 0x73, 0x2f, 0x2a, 0x7d, 0x3a, 0x67, 0x65, 0x6e, 0x65, 0x72,
-	0x61, 0x74, 0x65, 0x43, 0x6f, 0x6e, 0x73, 0x69, 0x73, 0x74, 0x65, 0x6e, 0x63, 0x79, 0x54, 0x6f,
-	0x6b, 0x65, 0x6e, 0x3a, 0x01, 0x2a, 0xda, 0x41, 0x04, 0x6e, 0x61, 0x6d, 0x65, 0x12, 0xda, 0x01,
-	0x0a, 0x10, 0x43, 0x68, 0x65, 0x63, 0x6b, 0x43, 0x6f, 0x6e, 0x73, 0x69, 0x73, 0x74, 0x65, 0x6e,
-	0x63, 0x79, 0x12, 0x31, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x62, 0x69, 0x67, 0x74,
-	0x61, 0x62, 0x6c, 0x65, 0x2e, 0x61, 0x64, 0x6d, 0x69, 0x6e, 0x2e, 0x76, 0x32, 0x2e, 0x43, 0x68,
-	0x65, 0x63, 0x6b, 0x43, 0x6f, 0x6e, 0x73, 0x69, 0x73, 0x74, 0x65, 0x6e, 0x63, 0x79, 0x52, 0x65,
-	0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, 0x32, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x62,
-	0x69, 0x67, 0x74, 0x61, 0x62, 0x6c, 0x65, 0x2e, 0x61, 0x64, 0x6d, 0x69, 0x6e, 0x2e, 0x76, 0x32,
-	0x2e, 0x43, 0x68, 0x65, 0x63, 0x6b, 0x43, 0x6f, 0x6e, 0x73, 0x69, 0x73, 0x74, 0x65, 0x6e, 0x63,
-	0x79, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x22, 0x5f, 0x82, 0xd3, 0xe4, 0x93, 0x02,
-	0x40, 0x22, 0x3b, 0x2f, 0x76, 0x32, 0x2f, 0x7b, 0x6e, 0x61, 0x6d, 0x65, 0x3d, 0x70, 0x72, 0x6f,
-	0x6a, 0x65, 0x63, 0x74, 0x73, 0x2f, 0x2a, 0x2f, 0x69, 0x6e, 0x73, 0x74, 0x61, 0x6e, 0x63, 0x65,
-	0x73, 0x2f, 0x2a, 0x2f, 0x74, 0x61, 0x62, 0x6c, 0x65, 0x73, 0x2f, 0x2a, 0x7d, 0x3a, 0x63, 0x68,
-	0x65, 0x63, 0x6b, 0x43, 0x6f, 0x6e, 0x73, 0x69, 0x73, 0x74, 0x65, 0x6e, 0x63, 0x79, 0x3a, 0x01,
-	0x2a, 0xda, 0x41, 0x16, 0x6e, 0x61, 0x6d, 0x65, 0x2c, 0x63, 0x6f, 0x6e, 0x73, 0x69, 0x73, 0x74,
-	0x65, 0x6e, 0x63, 0x79, 0x5f, 0x74, 0x6f, 0x6b, 0x65, 0x6e, 0x12, 0xea, 0x01, 0x0a, 0x0d, 0x53,
-	0x6e, 0x61, 0x70, 0x73, 0x68, 0x6f, 0x74, 0x54, 0x61, 0x62, 0x6c, 0x65, 0x12, 0x2e, 0x2e, 0x67,
+	0x69, 0x6e, 0x2e, 0x76, 0x32, 0x2e, 0x42, 0x61, 0x63, 0x6b, 0x75, 0x70, 0x42, 0x03, 0xe0, 0x41,
+	0x02, 0x52, 0x06, 0x62, 0x61, 0x63, 0x6b, 0x75, 0x70, 0x12, 0x40, 0x0a, 0x0b, 0x75, 0x70, 0x64,
+	0x61, 0x74, 0x65, 0x5f, 0x6d, 0x61, 0x73, 0x6b, 0x18, 0x02, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1a,
+	0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66,
+	0x2e, 0x46, 0x69, 0x65, 0x6c, 0x64, 0x4d, 0x61, 0x73, 0x6b, 0x42, 0x03, 0xe0, 0x41, 0x02, 0x52,
+	0x0a, 0x75, 0x70, 0x64, 0x61, 0x74, 0x65, 0x4d, 0x61, 0x73, 0x6b, 0x22, 0x53, 0x0a, 0x10, 0x47,
+	0x65, 0x74, 0x42, 0x61, 0x63, 0x6b, 0x75, 0x70, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x12,
+	0x3f, 0x0a, 0x04, 0x6e, 0x61, 0x6d, 0x65, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x42, 0x2b, 0xe0,
+	0x41, 0x02, 0xfa, 0x41, 0x25, 0x0a, 0x23, 0x62, 0x69, 0x67, 0x74, 0x61, 0x62, 0x6c, 0x65, 0x61,
+	0x64, 0x6d, 0x69, 0x6e, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x61, 0x70, 0x69, 0x73, 0x2e,
+	0x63, 0x6f, 0x6d, 0x2f, 0x42, 0x61, 0x63, 0x6b, 0x75, 0x70, 0x52, 0x04, 0x6e, 0x61, 0x6d, 0x65,
+	0x22, 0x56, 0x0a, 0x13, 0x44, 0x65, 0x6c, 0x65, 0x74, 0x65, 0x42, 0x61, 0x63, 0x6b, 0x75, 0x70,
+	0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x12, 0x3f, 0x0a, 0x04, 0x6e, 0x61, 0x6d, 0x65, 0x18,
+	0x01, 0x20, 0x01, 0x28, 0x09, 0x42, 0x2b, 0xe0, 0x41, 0x02, 0xfa, 0x41, 0x25, 0x0a, 0x23, 0x62,
+	0x69, 0x67, 0x74, 0x61, 0x62, 0x6c, 0x65, 0x61, 0x64, 0x6d, 0x69, 0x6e, 0x2e, 0x67, 0x6f, 0x6f,
+	0x67, 0x6c, 0x65, 0x61, 0x70, 0x69, 0x73, 0x2e, 0x63, 0x6f, 0x6d, 0x2f, 0x42, 0x61, 0x63, 0x6b,
+	0x75, 0x70, 0x52, 0x04, 0x6e, 0x61, 0x6d, 0x65, 0x22, 0xc9, 0x01, 0x0a, 0x12, 0x4c, 0x69, 0x73,
+	0x74, 0x42, 0x61, 0x63, 0x6b, 0x75, 0x70, 0x73, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x12,
+	0x44, 0x0a, 0x06, 0x70, 0x61, 0x72, 0x65, 0x6e, 0x74, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x42,
+	0x2c, 0xe0, 0x41, 0x02, 0xfa, 0x41, 0x26, 0x0a, 0x24, 0x62, 0x69, 0x67, 0x74, 0x61, 0x62, 0x6c,
+	0x65, 0x61, 0x64, 0x6d, 0x69, 0x6e, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x61, 0x70, 0x69,
+	0x73, 0x2e, 0x63, 0x6f, 0x6d, 0x2f, 0x43, 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0x52, 0x06, 0x70,
+	0x61, 0x72, 0x65, 0x6e, 0x74, 0x12, 0x16, 0x0a, 0x06, 0x66, 0x69, 0x6c, 0x74, 0x65, 0x72, 0x18,
+	0x02, 0x20, 0x01, 0x28, 0x09, 0x52, 0x06, 0x66, 0x69, 0x6c, 0x74, 0x65, 0x72, 0x12, 0x19, 0x0a,
+	0x08, 0x6f, 0x72, 0x64, 0x65, 0x72, 0x5f, 0x62, 0x79, 0x18, 0x03, 0x20, 0x01, 0x28, 0x09, 0x52,
+	0x07, 0x6f, 0x72, 0x64, 0x65, 0x72, 0x42, 0x79, 0x12, 0x1b, 0x0a, 0x09, 0x70, 0x61, 0x67, 0x65,
+	0x5f, 0x73, 0x69, 0x7a, 0x65, 0x18, 0x04, 0x20, 0x01, 0x28, 0x05, 0x52, 0x08, 0x70, 0x61, 0x67,
+	0x65, 0x53, 0x69, 0x7a, 0x65, 0x12, 0x1d, 0x0a, 0x0a, 0x70, 0x61, 0x67, 0x65, 0x5f, 0x74, 0x6f,
+	0x6b, 0x65, 0x6e, 0x18, 0x05, 0x20, 0x01, 0x28, 0x09, 0x52, 0x09, 0x70, 0x61, 0x67, 0x65, 0x54,
+	0x6f, 0x6b, 0x65, 0x6e, 0x22, 0x79, 0x0a, 0x13, 0x4c, 0x69, 0x73, 0x74, 0x42, 0x61, 0x63, 0x6b,
+	0x75, 0x70, 0x73, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x12, 0x3a, 0x0a, 0x07, 0x62,
+	0x61, 0x63, 0x6b, 0x75, 0x70, 0x73, 0x18, 0x01, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x20, 0x2e, 0x67,
 	0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x62, 0x69, 0x67, 0x74, 0x61, 0x62, 0x6c, 0x65, 0x2e, 0x61,
-	0x64, 0x6d, 0x69, 0x6e, 0x2e, 0x76, 0x32, 0x2e, 0x53, 0x6e, 0x61, 0x70, 0x73, 0x68, 0x6f, 0x74,
-	0x54, 0x61, 0x62, 0x6c, 0x65, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, 0x1d, 0x2e, 0x67,
-	0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x6c, 0x6f, 0x6e, 0x67, 0x72, 0x75, 0x6e, 0x6e, 0x69, 0x6e,
-	0x67, 0x2e, 0x4f, 0x70, 0x65, 0x72, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x22, 0x89, 0x01, 0x82, 0xd3,
-	0xe4, 0x93, 0x02, 0x38, 0x22, 0x33, 0x2f, 0x76, 0x32, 0x2f, 0x7b, 0x6e, 0x61, 0x6d, 0x65, 0x3d,
-	0x70, 0x72, 0x6f, 0x6a, 0x65, 0x63, 0x74, 0x73, 0x2f, 0x2a, 0x2f, 0x69, 0x6e, 0x73, 0x74, 0x61,
-	0x6e, 0x63, 0x65, 0x73, 0x2f, 0x2a, 0x2f, 0x74, 0x61, 0x62, 0x6c, 0x65, 0x73, 0x2f, 0x2a, 0x7d,
-	0x3a, 0x73, 0x6e, 0x61, 0x70, 0x73, 0x68, 0x6f, 0x74, 0x3a, 0x01, 0x2a, 0xda, 0x41, 0x24, 0x6e,
-	0x61, 0x6d, 0x65, 0x2c, 0x63, 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0x2c, 0x73, 0x6e, 0x61, 0x70,
-	0x73, 0x68, 0x6f, 0x74, 0x5f, 0x69, 0x64, 0x2c, 0x64, 0x65, 0x73, 0x63, 0x72, 0x69, 0x70, 0x74,
-	0x69, 0x6f, 0x6e, 0xca, 0x41, 0x21, 0x0a, 0x08, 0x53, 0x6e, 0x61, 0x70, 0x73, 0x68, 0x6f, 0x74,
-	0x12, 0x15, 0x53, 0x6e, 0x61, 0x70, 0x73, 0x68, 0x6f, 0x74, 0x54, 0x61, 0x62, 0x6c, 0x65, 0x4d,
-	0x65, 0x74, 0x61, 0x64, 0x61, 0x74, 0x61, 0x12, 0xa8, 0x01, 0x0a, 0x0b, 0x47, 0x65, 0x74, 0x53,
-	0x6e, 0x61, 0x70, 0x73, 0x68, 0x6f, 0x74, 0x12, 0x2c, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65,
-	0x2e, 0x62, 0x69, 0x67, 0x74, 0x61, 0x62, 0x6c, 0x65, 0x2e, 0x61, 0x64, 0x6d, 0x69, 0x6e, 0x2e,
-	0x76, 0x32, 0x2e, 0x47, 0x65, 0x74, 0x53, 0x6e, 0x61, 0x70, 0x73, 0x68, 0x6f, 0x74, 0x52, 0x65,
-	0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, 0x22, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x62,
-	0x69, 0x67, 0x74, 0x61, 0x62, 0x6c, 0x65, 0x2e, 0x61, 0x64, 0x6d, 0x69, 0x6e, 0x2e, 0x76, 0x32,
-	0x2e, 0x53, 0x6e, 0x61, 0x70, 0x73, 0x68, 0x6f, 0x74, 0x22, 0x47, 0x82, 0xd3, 0xe4, 0x93, 0x02,
-	0x3a, 0x12, 0x38, 0x2f, 0x76, 0x32, 0x2f, 0x7b, 0x6e, 0x61, 0x6d, 0x65, 0x3d, 0x70, 0x72, 0x6f,
-	0x6a, 0x65, 0x63, 0x74, 0x73, 0x2f, 0x2a, 0x2f, 0x69, 0x6e, 0x73, 0x74, 0x61, 0x6e, 0x63, 0x65,
-	0x73, 0x2f, 0x2a, 0x2f, 0x63, 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0x73, 0x2f, 0x2a, 0x2f, 0x73,
-	0x6e, 0x61, 0x70, 0x73, 0x68, 0x6f, 0x74, 0x73, 0x2f, 0x2a, 0x7d, 0xda, 0x41, 0x04, 0x6e, 0x61,
-	0x6d, 0x65, 0x12, 0xbb, 0x01, 0x0a, 0x0d, 0x4c, 0x69, 0x73, 0x74, 0x53, 0x6e, 0x61, 0x70, 0x73,
-	0x68, 0x6f, 0x74, 0x73, 0x12, 0x2e, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x62, 0x69,
-	0x67, 0x74, 0x61, 0x62, 0x6c, 0x65, 0x2e, 0x61, 0x64, 0x6d, 0x69, 0x6e, 0x2e, 0x76, 0x32, 0x2e,
-	0x4c, 0x69, 0x73, 0x74, 0x53, 0x6e, 0x61, 0x70, 0x73, 0x68, 0x6f, 0x74, 0x73, 0x52, 0x65, 0x71,
-	0x75, 0x65, 0x73, 0x74, 0x1a, 0x2f, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x62, 0x69,
+	0x64, 0x6d, 0x69, 0x6e, 0x2e, 0x76, 0x32, 0x2e, 0x42, 0x61, 0x63, 0x6b, 0x75, 0x70, 0x52, 0x07,
+	0x62, 0x61, 0x63, 0x6b, 0x75, 0x70, 0x73, 0x12, 0x26, 0x0a, 0x0f, 0x6e, 0x65, 0x78, 0x74, 0x5f,
+	0x70, 0x61, 0x67, 0x65, 0x5f, 0x74, 0x6f, 0x6b, 0x65, 0x6e, 0x18, 0x02, 0x20, 0x01, 0x28, 0x09,
+	0x52, 0x0d, 0x6e, 0x65, 0x78, 0x74, 0x50, 0x61, 0x67, 0x65, 0x54, 0x6f, 0x6b, 0x65, 0x6e, 0x32,
+	0x98, 0x25, 0x0a, 0x12, 0x42, 0x69, 0x67, 0x74, 0x61, 0x62, 0x6c, 0x65, 0x54, 0x61, 0x62, 0x6c,
+	0x65, 0x41, 0x64, 0x6d, 0x69, 0x6e, 0x12, 0xab, 0x01, 0x0a, 0x0b, 0x43, 0x72, 0x65, 0x61, 0x74,
+	0x65, 0x54, 0x61, 0x62, 0x6c, 0x65, 0x12, 0x2c, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e,
+	0x62, 0x69, 0x67, 0x74, 0x61, 0x62, 0x6c, 0x65, 0x2e, 0x61, 0x64, 0x6d, 0x69, 0x6e, 0x2e, 0x76,
+	0x32, 0x2e, 0x43, 0x72, 0x65, 0x61, 0x74, 0x65, 0x54, 0x61, 0x62, 0x6c, 0x65, 0x52, 0x65, 0x71,
+	0x75, 0x65, 0x73, 0x74, 0x1a, 0x1f, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x62, 0x69,
 	0x67, 0x74, 0x61, 0x62, 0x6c, 0x65, 0x2e, 0x61, 0x64, 0x6d, 0x69, 0x6e, 0x2e, 0x76, 0x32, 0x2e,
-	0x4c, 0x69, 0x73, 0x74, 0x53, 0x6e, 0x61, 0x70, 0x73, 0x68, 0x6f, 0x74, 0x73, 0x52, 0x65, 0x73,
-	0x70, 0x6f, 0x6e, 0x73, 0x65, 0x22, 0x49, 0x82, 0xd3, 0xe4, 0x93, 0x02, 0x3a, 0x12, 0x38, 0x2f,
+	0x54, 0x61, 0x62, 0x6c, 0x65, 0x22, 0x4d, 0x82, 0xd3, 0xe4, 0x93, 0x02, 0x2f, 0x22, 0x2a, 0x2f,
 	0x76, 0x32, 0x2f, 0x7b, 0x70, 0x61, 0x72, 0x65, 0x6e, 0x74, 0x3d, 0x70, 0x72, 0x6f, 0x6a, 0x65,
 	0x63, 0x74, 0x73, 0x2f, 0x2a, 0x2f, 0x69, 0x6e, 0x73, 0x74, 0x61, 0x6e, 0x63, 0x65, 0x73, 0x2f,
-	0x2a, 0x2f, 0x63, 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0x73, 0x2f, 0x2a, 0x7d, 0x2f, 0x73, 0x6e,
-	0x61, 0x70, 0x73, 0x68, 0x6f, 0x74, 0x73, 0xda, 0x41, 0x06, 0x70, 0x61, 0x72, 0x65, 0x6e, 0x74,
-	0x12, 0xa2, 0x01, 0x0a, 0x0e, 0x44, 0x65, 0x6c, 0x65, 0x74, 0x65, 0x53, 0x6e, 0x61, 0x70, 0x73,
-	0x68, 0x6f, 0x74, 0x12, 0x2f, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x62, 0x69, 0x67,
-	0x74, 0x61, 0x62, 0x6c, 0x65, 0x2e, 0x61, 0x64, 0x6d, 0x69, 0x6e, 0x2e, 0x76, 0x32, 0x2e, 0x44,
-	0x65, 0x6c, 0x65, 0x74, 0x65, 0x53, 0x6e, 0x61, 0x70, 0x73, 0x68, 0x6f, 0x74, 0x52, 0x65, 0x71,
-	0x75, 0x65, 0x73, 0x74, 0x1a, 0x16, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72,
-	0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x45, 0x6d, 0x70, 0x74, 0x79, 0x22, 0x47, 0x82, 0xd3,
-	0xe4, 0x93, 0x02, 0x3a, 0x2a, 0x38, 0x2f, 0x76, 0x32, 0x2f, 0x7b, 0x6e, 0x61, 0x6d, 0x65, 0x3d,
+	0x2a, 0x7d, 0x2f, 0x74, 0x61, 0x62, 0x6c, 0x65, 0x73, 0x3a, 0x01, 0x2a, 0xda, 0x41, 0x15, 0x70,
+	0x61, 0x72, 0x65, 0x6e, 0x74, 0x2c, 0x74, 0x61, 0x62, 0x6c, 0x65, 0x5f, 0x69, 0x64, 0x2c, 0x74,
+	0x61, 0x62, 0x6c, 0x65, 0x12, 0x8a, 0x02, 0x0a, 0x17, 0x43, 0x72, 0x65, 0x61, 0x74, 0x65, 0x54,
+	0x61, 0x62, 0x6c, 0x65, 0x46, 0x72, 0x6f, 0x6d, 0x53, 0x6e, 0x61, 0x70, 0x73, 0x68, 0x6f, 0x74,
+	0x12, 0x38, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x62, 0x69, 0x67, 0x74, 0x61, 0x62,
+	0x6c, 0x65, 0x2e, 0x61, 0x64, 0x6d, 0x69, 0x6e, 0x2e, 0x76, 0x32, 0x2e, 0x43, 0x72, 0x65, 0x61,
+	0x74, 0x65, 0x54, 0x61, 0x62, 0x6c, 0x65, 0x46, 0x72, 0x6f, 0x6d, 0x53, 0x6e, 0x61, 0x70, 0x73,
+	0x68, 0x6f, 0x74, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, 0x1d, 0x2e, 0x67, 0x6f, 0x6f,
+	0x67, 0x6c, 0x65, 0x2e, 0x6c, 0x6f, 0x6e, 0x67, 0x72, 0x75, 0x6e, 0x6e, 0x69, 0x6e, 0x67, 0x2e,
+	0x4f, 0x70, 0x65, 0x72, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x22, 0x95, 0x01, 0x82, 0xd3, 0xe4, 0x93,
+	0x02, 0x42, 0x22, 0x3d, 0x2f, 0x76, 0x32, 0x2f, 0x7b, 0x70, 0x61, 0x72, 0x65, 0x6e, 0x74, 0x3d,
 	0x70, 0x72, 0x6f, 0x6a, 0x65, 0x63, 0x74, 0x73, 0x2f, 0x2a, 0x2f, 0x69, 0x6e, 0x73, 0x74, 0x61,
-	0x6e, 0x63, 0x65, 0x73, 0x2f, 0x2a, 0x2f, 0x63, 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0x73, 0x2f,
-	0x2a, 0x2f, 0x73, 0x6e, 0x61, 0x70, 0x73, 0x68, 0x6f, 0x74, 0x73, 0x2f, 0x2a, 0x7d, 0xda, 0x41,
-	0x04, 0x6e, 0x61, 0x6d, 0x65, 0x12, 0xe0, 0x01, 0x0a, 0x0c, 0x43, 0x72, 0x65, 0x61, 0x74, 0x65,
-	0x42, 0x61, 0x63, 0x6b, 0x75, 0x70, 0x12, 0x2d, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e,
+	0x6e, 0x63, 0x65, 0x73, 0x2f, 0x2a, 0x7d, 0x2f, 0x74, 0x61, 0x62, 0x6c, 0x65, 0x73, 0x3a, 0x63,
+	0x72, 0x65, 0x61, 0x74, 0x65, 0x46, 0x72, 0x6f, 0x6d, 0x53, 0x6e, 0x61, 0x70, 0x73, 0x68, 0x6f,
+	0x74, 0x3a, 0x01, 0x2a, 0xda, 0x41, 0x1f, 0x70, 0x61, 0x72, 0x65, 0x6e, 0x74, 0x2c, 0x74, 0x61,
+	0x62, 0x6c, 0x65, 0x5f, 0x69, 0x64, 0x2c, 0x73, 0x6f, 0x75, 0x72, 0x63, 0x65, 0x5f, 0x73, 0x6e,
+	0x61, 0x70, 0x73, 0x68, 0x6f, 0x74, 0xca, 0x41, 0x28, 0x0a, 0x05, 0x54, 0x61, 0x62, 0x6c, 0x65,
+	0x12, 0x1f, 0x43, 0x72, 0x65, 0x61, 0x74, 0x65, 0x54, 0x61, 0x62, 0x6c, 0x65, 0x46, 0x72, 0x6f,
+	0x6d, 0x53, 0x6e, 0x61, 0x70, 0x73, 0x68, 0x6f, 0x74, 0x4d, 0x65, 0x74, 0x61, 0x64, 0x61, 0x74,
+	0x61, 0x12, 0xa4, 0x01, 0x0a, 0x0a, 0x4c, 0x69, 0x73, 0x74, 0x54, 0x61, 0x62, 0x6c, 0x65, 0x73,
+	0x12, 0x2b, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x62, 0x69, 0x67, 0x74, 0x61, 0x62,
+	0x6c, 0x65, 0x2e, 0x61, 0x64, 0x6d, 0x69, 0x6e, 0x2e, 0x76, 0x32, 0x2e, 0x4c, 0x69, 0x73, 0x74,
+	0x54, 0x61, 0x62, 0x6c, 0x65, 0x73, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, 0x2c, 0x2e,
+	0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x62, 0x69, 0x67, 0x74, 0x61, 0x62, 0x6c, 0x65, 0x2e,
+	0x61, 0x64, 0x6d, 0x69, 0x6e, 0x2e, 0x76, 0x32, 0x2e, 0x4c, 0x69, 0x73, 0x74, 0x54, 0x61, 0x62,
+	0x6c, 0x65, 0x73, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x22, 0x3b, 0x82, 0xd3, 0xe4,
+	0x93, 0x02, 0x2c, 0x12, 0x2a, 0x2f, 0x76, 0x32, 0x2f, 0x7b, 0x70, 0x61, 0x72, 0x65, 0x6e, 0x74,
+	0x3d, 0x70, 0x72, 0x6f, 0x6a, 0x65, 0x63, 0x74, 0x73, 0x2f, 0x2a, 0x2f, 0x69, 0x6e, 0x73, 0x74,
+	0x61, 0x6e, 0x63, 0x65, 0x73, 0x2f, 0x2a, 0x7d, 0x2f, 0x74, 0x61, 0x62, 0x6c, 0x65, 0x73, 0xda,
+	0x41, 0x06, 0x70, 0x61, 0x72, 0x65, 0x6e, 0x74, 0x12, 0x91, 0x01, 0x0a, 0x08, 0x47, 0x65, 0x74,
+	0x54, 0x61, 0x62, 0x6c, 0x65, 0x12, 0x29, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x62,
+	0x69, 0x67, 0x74, 0x61, 0x62, 0x6c, 0x65, 0x2e, 0x61, 0x64, 0x6d, 0x69, 0x6e, 0x2e, 0x76, 0x32,
+	0x2e, 0x47, 0x65, 0x74, 0x54, 0x61, 0x62, 0x6c, 0x65, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74,
+	0x1a, 0x1f, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x62, 0x69, 0x67, 0x74, 0x61, 0x62,
+	0x6c, 0x65, 0x2e, 0x61, 0x64, 0x6d, 0x69, 0x6e, 0x2e, 0x76, 0x32, 0x2e, 0x54, 0x61, 0x62, 0x6c,
+	0x65, 0x22, 0x39, 0x82, 0xd3, 0xe4, 0x93, 0x02, 0x2c, 0x12, 0x2a, 0x2f, 0x76, 0x32, 0x2f, 0x7b,
+	0x6e, 0x61, 0x6d, 0x65, 0x3d, 0x70, 0x72, 0x6f, 0x6a, 0x65, 0x63, 0x74, 0x73, 0x2f, 0x2a, 0x2f,
+	0x69, 0x6e, 0x73, 0x74, 0x61, 0x6e, 0x63, 0x65, 0x73, 0x2f, 0x2a, 0x2f, 0x74, 0x61, 0x62, 0x6c,
+	0x65, 0x73, 0x2f, 0x2a, 0x7d, 0xda, 0x41, 0x04, 0x6e, 0x61, 0x6d, 0x65, 0x12, 0x8e, 0x01, 0x0a,
+	0x0b, 0x44, 0x65, 0x6c, 0x65, 0x74, 0x65, 0x54, 0x61, 0x62, 0x6c, 0x65, 0x12, 0x2c, 0x2e, 0x67,
+	0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x62, 0x69, 0x67, 0x74, 0x61, 0x62, 0x6c, 0x65, 0x2e, 0x61,
+	0x64, 0x6d, 0x69, 0x6e, 0x2e, 0x76, 0x32, 0x2e, 0x44, 0x65, 0x6c, 0x65, 0x74, 0x65, 0x54, 0x61,
+	0x62, 0x6c, 0x65, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, 0x16, 0x2e, 0x67, 0x6f, 0x6f,
+	0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x45, 0x6d, 0x70,
+	0x74, 0x79, 0x22, 0x39, 0x82, 0xd3, 0xe4, 0x93, 0x02, 0x2c, 0x2a, 0x2a, 0x2f, 0x76, 0x32, 0x2f,
+	0x7b, 0x6e, 0x61, 0x6d, 0x65, 0x3d, 0x70, 0x72, 0x6f, 0x6a, 0x65, 0x63, 0x74, 0x73, 0x2f, 0x2a,
+	0x2f, 0x69, 0x6e, 0x73, 0x74, 0x61, 0x6e, 0x63, 0x65, 0x73, 0x2f, 0x2a, 0x2f, 0x74, 0x61, 0x62,
+	0x6c, 0x65, 0x73, 0x2f, 0x2a, 0x7d, 0xda, 0x41, 0x04, 0x6e, 0x61, 0x6d, 0x65, 0x12, 0xcf, 0x01,
+	0x0a, 0x14, 0x4d, 0x6f, 0x64, 0x69, 0x66, 0x79, 0x43, 0x6f, 0x6c, 0x75, 0x6d, 0x6e, 0x46, 0x61,
+	0x6d, 0x69, 0x6c, 0x69, 0x65, 0x73, 0x12, 0x35, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e,
 	0x62, 0x69, 0x67, 0x74, 0x61, 0x62, 0x6c, 0x65, 0x2e, 0x61, 0x64, 0x6d, 0x69, 0x6e, 0x2e, 0x76,
-	0x32, 0x2e, 0x43, 0x72, 0x65, 0x61, 0x74, 0x65, 0x42, 0x61, 0x63, 0x6b, 0x75, 0x70, 0x52, 0x65,
+	0x32, 0x2e, 0x4d, 0x6f, 0x64, 0x69, 0x66, 0x79, 0x43, 0x6f, 0x6c, 0x75, 0x6d, 0x6e, 0x46, 0x61,
+	0x6d, 0x69, 0x6c, 0x69, 0x65, 0x73, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, 0x1f, 0x2e,
+	0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x62, 0x69, 0x67, 0x74, 0x61, 0x62, 0x6c, 0x65, 0x2e,
+	0x61, 0x64, 0x6d, 0x69, 0x6e, 0x2e, 0x76, 0x32, 0x2e, 0x54, 0x61, 0x62, 0x6c, 0x65, 0x22, 0x5f,
+	0x82, 0xd3, 0xe4, 0x93, 0x02, 0x44, 0x22, 0x3f, 0x2f, 0x76, 0x32, 0x2f, 0x7b, 0x6e, 0x61, 0x6d,
+	0x65, 0x3d, 0x70, 0x72, 0x6f, 0x6a, 0x65, 0x63, 0x74, 0x73, 0x2f, 0x2a, 0x2f, 0x69, 0x6e, 0x73,
+	0x74, 0x61, 0x6e, 0x63, 0x65, 0x73, 0x2f, 0x2a, 0x2f, 0x74, 0x61, 0x62, 0x6c, 0x65, 0x73, 0x2f,
+	0x2a, 0x7d, 0x3a, 0x6d, 0x6f, 0x64, 0x69, 0x66, 0x79, 0x43, 0x6f, 0x6c, 0x75, 0x6d, 0x6e, 0x46,
+	0x61, 0x6d, 0x69, 0x6c, 0x69, 0x65, 0x73, 0x3a, 0x01, 0x2a, 0xda, 0x41, 0x12, 0x6e, 0x61, 0x6d,
+	0x65, 0x2c, 0x6d, 0x6f, 0x64, 0x69, 0x66, 0x69, 0x63, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x12,
+	0x99, 0x01, 0x0a, 0x0c, 0x44, 0x72, 0x6f, 0x70, 0x52, 0x6f, 0x77, 0x52, 0x61, 0x6e, 0x67, 0x65,
+	0x12, 0x2d, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x62, 0x69, 0x67, 0x74, 0x61, 0x62,
+	0x6c, 0x65, 0x2e, 0x61, 0x64, 0x6d, 0x69, 0x6e, 0x2e, 0x76, 0x32, 0x2e, 0x44, 0x72, 0x6f, 0x70,
+	0x52, 0x6f, 0x77, 0x52, 0x61, 0x6e, 0x67, 0x65, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a,
+	0x16, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75,
+	0x66, 0x2e, 0x45, 0x6d, 0x70, 0x74, 0x79, 0x22, 0x42, 0x82, 0xd3, 0xe4, 0x93, 0x02, 0x3c, 0x22,
+	0x37, 0x2f, 0x76, 0x32, 0x2f, 0x7b, 0x6e, 0x61, 0x6d, 0x65, 0x3d, 0x70, 0x72, 0x6f, 0x6a, 0x65,
+	0x63, 0x74, 0x73, 0x2f, 0x2a, 0x2f, 0x69, 0x6e, 0x73, 0x74, 0x61, 0x6e, 0x63, 0x65, 0x73, 0x2f,
+	0x2a, 0x2f, 0x74, 0x61, 0x62, 0x6c, 0x65, 0x73, 0x2f, 0x2a, 0x7d, 0x3a, 0x64, 0x72, 0x6f, 0x70,
+	0x52, 0x6f, 0x77, 0x52, 0x61, 0x6e, 0x67, 0x65, 0x3a, 0x01, 0x2a, 0x12, 0xe8, 0x01, 0x0a, 0x18,
+	0x47, 0x65, 0x6e, 0x65, 0x72, 0x61, 0x74, 0x65, 0x43, 0x6f, 0x6e, 0x73, 0x69, 0x73, 0x74, 0x65,
+	0x6e, 0x63, 0x79, 0x54, 0x6f, 0x6b, 0x65, 0x6e, 0x12, 0x39, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c,
+	0x65, 0x2e, 0x62, 0x69, 0x67, 0x74, 0x61, 0x62, 0x6c, 0x65, 0x2e, 0x61, 0x64, 0x6d, 0x69, 0x6e,
+	0x2e, 0x76, 0x32, 0x2e, 0x47, 0x65, 0x6e, 0x65, 0x72, 0x61, 0x74, 0x65, 0x43, 0x6f, 0x6e, 0x73,
+	0x69, 0x73, 0x74, 0x65, 0x6e, 0x63, 0x79, 0x54, 0x6f, 0x6b, 0x65, 0x6e, 0x52, 0x65, 0x71, 0x75,
+	0x65, 0x73, 0x74, 0x1a, 0x3a, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x62, 0x69, 0x67,
+	0x74, 0x61, 0x62, 0x6c, 0x65, 0x2e, 0x61, 0x64, 0x6d, 0x69, 0x6e, 0x2e, 0x76, 0x32, 0x2e, 0x47,
+	0x65, 0x6e, 0x65, 0x72, 0x61, 0x74, 0x65, 0x43, 0x6f, 0x6e, 0x73, 0x69, 0x73, 0x74, 0x65, 0x6e,
+	0x63, 0x79, 0x54, 0x6f, 0x6b, 0x65, 0x6e, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x22,
+	0x55, 0x82, 0xd3, 0xe4, 0x93, 0x02, 0x48, 0x22, 0x43, 0x2f, 0x76, 0x32, 0x2f, 0x7b, 0x6e, 0x61,
+	0x6d, 0x65, 0x3d, 0x70, 0x72, 0x6f, 0x6a, 0x65, 0x63, 0x74, 0x73, 0x2f, 0x2a, 0x2f, 0x69, 0x6e,
+	0x73, 0x74, 0x61, 0x6e, 0x63, 0x65, 0x73, 0x2f, 0x2a, 0x2f, 0x74, 0x61, 0x62, 0x6c, 0x65, 0x73,
+	0x2f, 0x2a, 0x7d, 0x3a, 0x67, 0x65, 0x6e, 0x65, 0x72, 0x61, 0x74, 0x65, 0x43, 0x6f, 0x6e, 0x73,
+	0x69, 0x73, 0x74, 0x65, 0x6e, 0x63, 0x79, 0x54, 0x6f, 0x6b, 0x65, 0x6e, 0x3a, 0x01, 0x2a, 0xda,
+	0x41, 0x04, 0x6e, 0x61, 0x6d, 0x65, 0x12, 0xda, 0x01, 0x0a, 0x10, 0x43, 0x68, 0x65, 0x63, 0x6b,
+	0x43, 0x6f, 0x6e, 0x73, 0x69, 0x73, 0x74, 0x65, 0x6e, 0x63, 0x79, 0x12, 0x31, 0x2e, 0x67, 0x6f,
+	0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x62, 0x69, 0x67, 0x74, 0x61, 0x62, 0x6c, 0x65, 0x2e, 0x61, 0x64,
+	0x6d, 0x69, 0x6e, 0x2e, 0x76, 0x32, 0x2e, 0x43, 0x68, 0x65, 0x63, 0x6b, 0x43, 0x6f, 0x6e, 0x73,
+	0x69, 0x73, 0x74, 0x65, 0x6e, 0x63, 0x79, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, 0x32,
+	0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x62, 0x69, 0x67, 0x74, 0x61, 0x62, 0x6c, 0x65,
+	0x2e, 0x61, 0x64, 0x6d, 0x69, 0x6e, 0x2e, 0x76, 0x32, 0x2e, 0x43, 0x68, 0x65, 0x63, 0x6b, 0x43,
+	0x6f, 0x6e, 0x73, 0x69, 0x73, 0x74, 0x65, 0x6e, 0x63, 0x79, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e,
+	0x73, 0x65, 0x22, 0x5f, 0x82, 0xd3, 0xe4, 0x93, 0x02, 0x40, 0x22, 0x3b, 0x2f, 0x76, 0x32, 0x2f,
+	0x7b, 0x6e, 0x61, 0x6d, 0x65, 0x3d, 0x70, 0x72, 0x6f, 0x6a, 0x65, 0x63, 0x74, 0x73, 0x2f, 0x2a,
+	0x2f, 0x69, 0x6e, 0x73, 0x74, 0x61, 0x6e, 0x63, 0x65, 0x73, 0x2f, 0x2a, 0x2f, 0x74, 0x61, 0x62,
+	0x6c, 0x65, 0x73, 0x2f, 0x2a, 0x7d, 0x3a, 0x63, 0x68, 0x65, 0x63, 0x6b, 0x43, 0x6f, 0x6e, 0x73,
+	0x69, 0x73, 0x74, 0x65, 0x6e, 0x63, 0x79, 0x3a, 0x01, 0x2a, 0xda, 0x41, 0x16, 0x6e, 0x61, 0x6d,
+	0x65, 0x2c, 0x63, 0x6f, 0x6e, 0x73, 0x69, 0x73, 0x74, 0x65, 0x6e, 0x63, 0x79, 0x5f, 0x74, 0x6f,
+	0x6b, 0x65, 0x6e, 0x12, 0xea, 0x01, 0x0a, 0x0d, 0x53, 0x6e, 0x61, 0x70, 0x73, 0x68, 0x6f, 0x74,
+	0x54, 0x61, 0x62, 0x6c, 0x65, 0x12, 0x2e, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x62,
+	0x69, 0x67, 0x74, 0x61, 0x62, 0x6c, 0x65, 0x2e, 0x61, 0x64, 0x6d, 0x69, 0x6e, 0x2e, 0x76, 0x32,
+	0x2e, 0x53, 0x6e, 0x61, 0x70, 0x73, 0x68, 0x6f, 0x74, 0x54, 0x61, 0x62, 0x6c, 0x65, 0x52, 0x65,
 	0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, 0x1d, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x6c,
 	0x6f, 0x6e, 0x67, 0x72, 0x75, 0x6e, 0x6e, 0x69, 0x6e, 0x67, 0x2e, 0x4f, 0x70, 0x65, 0x72, 0x61,
-	0x74, 0x69, 0x6f, 0x6e, 0x22, 0x81, 0x01, 0x82, 0xd3, 0xe4, 0x93, 0x02, 0x40, 0x22, 0x36, 0x2f,
-	0x76, 0x32, 0x2f, 0x7b, 0x70, 0x61, 0x72, 0x65, 0x6e, 0x74, 0x3d, 0x70, 0x72, 0x6f, 0x6a, 0x65,
-	0x63, 0x74, 0x73, 0x2f, 0x2a, 0x2f, 0x69, 0x6e, 0x73, 0x74, 0x61, 0x6e, 0x63, 0x65, 0x73, 0x2f,
-	0x2a, 0x2f, 0x63, 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0x73, 0x2f, 0x2a, 0x7d, 0x2f, 0x62, 0x61,
-	0x63, 0x6b, 0x75, 0x70, 0x73, 0x3a, 0x06, 0x62, 0x61, 0x63, 0x6b, 0x75, 0x70, 0xda, 0x41, 0x17,
-	0x70, 0x61, 0x72, 0x65, 0x6e, 0x74, 0x2c, 0x62, 0x61, 0x63, 0x6b, 0x75, 0x70, 0x5f, 0x69, 0x64,
-	0x2c, 0x62, 0x61, 0x63, 0x6b, 0x75, 0x70, 0xca, 0x41, 0x1e, 0x0a, 0x06, 0x42, 0x61, 0x63, 0x6b,
-	0x75, 0x70, 0x12, 0x14, 0x43, 0x72, 0x65, 0x61, 0x74, 0x65, 0x42, 0x61, 0x63, 0x6b, 0x75, 0x70,
-	0x4d, 0x65, 0x74, 0x61, 0x64, 0x61, 0x74, 0x61, 0x12, 0xa0, 0x01, 0x0a, 0x09, 0x47, 0x65, 0x74,
-	0x42, 0x61, 0x63, 0x6b, 0x75, 0x70, 0x12, 0x2a, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e,
-	0x62, 0x69, 0x67, 0x74, 0x61, 0x62, 0x6c, 0x65, 0x2e, 0x61, 0x64, 0x6d, 0x69, 0x6e, 0x2e, 0x76,
-	0x32, 0x2e, 0x47, 0x65, 0x74, 0x42, 0x61, 0x63, 0x6b, 0x75, 0x70, 0x52, 0x65, 0x71, 0x75, 0x65,
-	0x73, 0x74, 0x1a, 0x20, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x62, 0x69, 0x67, 0x74,
-	0x61, 0x62, 0x6c, 0x65, 0x2e, 0x61, 0x64, 0x6d, 0x69, 0x6e, 0x2e, 0x76, 0x32, 0x2e, 0x42, 0x61,
-	0x63, 0x6b, 0x75, 0x70, 0x22, 0x45, 0x82, 0xd3, 0xe4, 0x93, 0x02, 0x38, 0x12, 0x36, 0x2f, 0x76,
-	0x32, 0x2f, 0x7b, 0x6e, 0x61, 0x6d, 0x65, 0x3d, 0x70, 0x72, 0x6f, 0x6a, 0x65, 0x63, 0x74, 0x73,
-	0x2f, 0x2a, 0x2f, 0x69, 0x6e, 0x73, 0x74, 0x61, 0x6e, 0x63, 0x65, 0x73, 0x2f, 0x2a, 0x2f, 0x63,
-	0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0x73, 0x2f, 0x2a, 0x2f, 0x62, 0x61, 0x63, 0x6b, 0x75, 0x70,
-	0x73, 0x2f, 0x2a, 0x7d, 0xda, 0x41, 0x04, 0x6e, 0x61, 0x6d, 0x65, 0x12, 0xc3, 0x01, 0x0a, 0x0c,
-	0x55, 0x70, 0x64, 0x61, 0x74, 0x65, 0x42, 0x61, 0x63, 0x6b, 0x75, 0x70, 0x12, 0x2d, 0x2e, 0x67,
+	0x74, 0x69, 0x6f, 0x6e, 0x22, 0x89, 0x01, 0x82, 0xd3, 0xe4, 0x93, 0x02, 0x38, 0x22, 0x33, 0x2f,
+	0x76, 0x32, 0x2f, 0x7b, 0x6e, 0x61, 0x6d, 0x65, 0x3d, 0x70, 0x72, 0x6f, 0x6a, 0x65, 0x63, 0x74,
+	0x73, 0x2f, 0x2a, 0x2f, 0x69, 0x6e, 0x73, 0x74, 0x61, 0x6e, 0x63, 0x65, 0x73, 0x2f, 0x2a, 0x2f,
+	0x74, 0x61, 0x62, 0x6c, 0x65, 0x73, 0x2f, 0x2a, 0x7d, 0x3a, 0x73, 0x6e, 0x61, 0x70, 0x73, 0x68,
+	0x6f, 0x74, 0x3a, 0x01, 0x2a, 0xda, 0x41, 0x24, 0x6e, 0x61, 0x6d, 0x65, 0x2c, 0x63, 0x6c, 0x75,
+	0x73, 0x74, 0x65, 0x72, 0x2c, 0x73, 0x6e, 0x61, 0x70, 0x73, 0x68, 0x6f, 0x74, 0x5f, 0x69, 0x64,
+	0x2c, 0x64, 0x65, 0x73, 0x63, 0x72, 0x69, 0x70, 0x74, 0x69, 0x6f, 0x6e, 0xca, 0x41, 0x21, 0x0a,
+	0x08, 0x53, 0x6e, 0x61, 0x70, 0x73, 0x68, 0x6f, 0x74, 0x12, 0x15, 0x53, 0x6e, 0x61, 0x70, 0x73,
+	0x68, 0x6f, 0x74, 0x54, 0x61, 0x62, 0x6c, 0x65, 0x4d, 0x65, 0x74, 0x61, 0x64, 0x61, 0x74, 0x61,
+	0x12, 0xa8, 0x01, 0x0a, 0x0b, 0x47, 0x65, 0x74, 0x53, 0x6e, 0x61, 0x70, 0x73, 0x68, 0x6f, 0x74,
+	0x12, 0x2c, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x62, 0x69, 0x67, 0x74, 0x61, 0x62,
+	0x6c, 0x65, 0x2e, 0x61, 0x64, 0x6d, 0x69, 0x6e, 0x2e, 0x76, 0x32, 0x2e, 0x47, 0x65, 0x74, 0x53,
+	0x6e, 0x61, 0x70, 0x73, 0x68, 0x6f, 0x74, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, 0x22,
+	0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x62, 0x69, 0x67, 0x74, 0x61, 0x62, 0x6c, 0x65,
+	0x2e, 0x61, 0x64, 0x6d, 0x69, 0x6e, 0x2e, 0x76, 0x32, 0x2e, 0x53, 0x6e, 0x61, 0x70, 0x73, 0x68,
+	0x6f, 0x74, 0x22, 0x47, 0x82, 0xd3, 0xe4, 0x93, 0x02, 0x3a, 0x12, 0x38, 0x2f, 0x76, 0x32, 0x2f,
+	0x7b, 0x6e, 0x61, 0x6d, 0x65, 0x3d, 0x70, 0x72, 0x6f, 0x6a, 0x65, 0x63, 0x74, 0x73, 0x2f, 0x2a,
+	0x2f, 0x69, 0x6e, 0x73, 0x74, 0x61, 0x6e, 0x63, 0x65, 0x73, 0x2f, 0x2a, 0x2f, 0x63, 0x6c, 0x75,
+	0x73, 0x74, 0x65, 0x72, 0x73, 0x2f, 0x2a, 0x2f, 0x73, 0x6e, 0x61, 0x70, 0x73, 0x68, 0x6f, 0x74,
+	0x73, 0x2f, 0x2a, 0x7d, 0xda, 0x41, 0x04, 0x6e, 0x61, 0x6d, 0x65, 0x12, 0xbb, 0x01, 0x0a, 0x0d,
+	0x4c, 0x69, 0x73, 0x74, 0x53, 0x6e, 0x61, 0x70, 0x73, 0x68, 0x6f, 0x74, 0x73, 0x12, 0x2e, 0x2e,
+	0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x62, 0x69, 0x67, 0x74, 0x61, 0x62, 0x6c, 0x65, 0x2e,
+	0x61, 0x64, 0x6d, 0x69, 0x6e, 0x2e, 0x76, 0x32, 0x2e, 0x4c, 0x69, 0x73, 0x74, 0x53, 0x6e, 0x61,
+	0x70, 0x73, 0x68, 0x6f, 0x74, 0x73, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, 0x2f, 0x2e,
+	0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x62, 0x69, 0x67, 0x74, 0x61, 0x62, 0x6c, 0x65, 0x2e,
+	0x61, 0x64, 0x6d, 0x69, 0x6e, 0x2e, 0x76, 0x32, 0x2e, 0x4c, 0x69, 0x73, 0x74, 0x53, 0x6e, 0x61,
+	0x70, 0x73, 0x68, 0x6f, 0x74, 0x73, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x22, 0x49,
+	0x82, 0xd3, 0xe4, 0x93, 0x02, 0x3a, 0x12, 0x38, 0x2f, 0x76, 0x32, 0x2f, 0x7b, 0x70, 0x61, 0x72,
+	0x65, 0x6e, 0x74, 0x3d, 0x70, 0x72, 0x6f, 0x6a, 0x65, 0x63, 0x74, 0x73, 0x2f, 0x2a, 0x2f, 0x69,
+	0x6e, 0x73, 0x74, 0x61, 0x6e, 0x63, 0x65, 0x73, 0x2f, 0x2a, 0x2f, 0x63, 0x6c, 0x75, 0x73, 0x74,
+	0x65, 0x72, 0x73, 0x2f, 0x2a, 0x7d, 0x2f, 0x73, 0x6e, 0x61, 0x70, 0x73, 0x68, 0x6f, 0x74, 0x73,
+	0xda, 0x41, 0x06, 0x70, 0x61, 0x72, 0x65, 0x6e, 0x74, 0x12, 0xa2, 0x01, 0x0a, 0x0e, 0x44, 0x65,
+	0x6c, 0x65, 0x74, 0x65, 0x53, 0x6e, 0x61, 0x70, 0x73, 0x68, 0x6f, 0x74, 0x12, 0x2f, 0x2e, 0x67,
 	0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x62, 0x69, 0x67, 0x74, 0x61, 0x62, 0x6c, 0x65, 0x2e, 0x61,
-	0x64, 0x6d, 0x69, 0x6e, 0x2e, 0x76, 0x32, 0x2e, 0x55, 0x70, 0x64, 0x61, 0x74, 0x65, 0x42, 0x61,
+	0x64, 0x6d, 0x69, 0x6e, 0x2e, 0x76, 0x32, 0x2e, 0x44, 0x65, 0x6c, 0x65, 0x74, 0x65, 0x53, 0x6e,
+	0x61, 0x70, 0x73, 0x68, 0x6f, 0x74, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, 0x16, 0x2e,
+	0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e,
+	0x45, 0x6d, 0x70, 0x74, 0x79, 0x22, 0x47, 0x82, 0xd3, 0xe4, 0x93, 0x02, 0x3a, 0x2a, 0x38, 0x2f,
+	0x76, 0x32, 0x2f, 0x7b, 0x6e, 0x61, 0x6d, 0x65, 0x3d, 0x70, 0x72, 0x6f, 0x6a, 0x65, 0x63, 0x74,
+	0x73, 0x2f, 0x2a, 0x2f, 0x69, 0x6e, 0x73, 0x74, 0x61, 0x6e, 0x63, 0x65, 0x73, 0x2f, 0x2a, 0x2f,
+	0x63, 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0x73, 0x2f, 0x2a, 0x2f, 0x73, 0x6e, 0x61, 0x70, 0x73,
+	0x68, 0x6f, 0x74, 0x73, 0x2f, 0x2a, 0x7d, 0xda, 0x41, 0x04, 0x6e, 0x61, 0x6d, 0x65, 0x12, 0xe0,
+	0x01, 0x0a, 0x0c, 0x43, 0x72, 0x65, 0x61, 0x74, 0x65, 0x42, 0x61, 0x63, 0x6b, 0x75, 0x70, 0x12,
+	0x2d, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x62, 0x69, 0x67, 0x74, 0x61, 0x62, 0x6c,
+	0x65, 0x2e, 0x61, 0x64, 0x6d, 0x69, 0x6e, 0x2e, 0x76, 0x32, 0x2e, 0x43, 0x72, 0x65, 0x61, 0x74,
+	0x65, 0x42, 0x61, 0x63, 0x6b, 0x75, 0x70, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, 0x1d,
+	0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x6c, 0x6f, 0x6e, 0x67, 0x72, 0x75, 0x6e, 0x6e,
+	0x69, 0x6e, 0x67, 0x2e, 0x4f, 0x70, 0x65, 0x72, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x22, 0x81, 0x01,
+	0x82, 0xd3, 0xe4, 0x93, 0x02, 0x40, 0x22, 0x36, 0x2f, 0x76, 0x32, 0x2f, 0x7b, 0x70, 0x61, 0x72,
+	0x65, 0x6e, 0x74, 0x3d, 0x70, 0x72, 0x6f, 0x6a, 0x65, 0x63, 0x74, 0x73, 0x2f, 0x2a, 0x2f, 0x69,
+	0x6e, 0x73, 0x74, 0x61, 0x6e, 0x63, 0x65, 0x73, 0x2f, 0x2a, 0x2f, 0x63, 0x6c, 0x75, 0x73, 0x74,
+	0x65, 0x72, 0x73, 0x2f, 0x2a, 0x7d, 0x2f, 0x62, 0x61, 0x63, 0x6b, 0x75, 0x70, 0x73, 0x3a, 0x06,
+	0x62, 0x61, 0x63, 0x6b, 0x75, 0x70, 0xda, 0x41, 0x17, 0x70, 0x61, 0x72, 0x65, 0x6e, 0x74, 0x2c,
+	0x62, 0x61, 0x63, 0x6b, 0x75, 0x70, 0x5f, 0x69, 0x64, 0x2c, 0x62, 0x61, 0x63, 0x6b, 0x75, 0x70,
+	0xca, 0x41, 0x1e, 0x0a, 0x06, 0x42, 0x61, 0x63, 0x6b, 0x75, 0x70, 0x12, 0x14, 0x43, 0x72, 0x65,
+	0x61, 0x74, 0x65, 0x42, 0x61, 0x63, 0x6b, 0x75, 0x70, 0x4d, 0x65, 0x74, 0x61, 0x64, 0x61, 0x74,
+	0x61, 0x12, 0xa0, 0x01, 0x0a, 0x09, 0x47, 0x65, 0x74, 0x42, 0x61, 0x63, 0x6b, 0x75, 0x70, 0x12,
+	0x2a, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x62, 0x69, 0x67, 0x74, 0x61, 0x62, 0x6c,
+	0x65, 0x2e, 0x61, 0x64, 0x6d, 0x69, 0x6e, 0x2e, 0x76, 0x32, 0x2e, 0x47, 0x65, 0x74, 0x42, 0x61,
 	0x63, 0x6b, 0x75, 0x70, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, 0x20, 0x2e, 0x67, 0x6f,
 	0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x62, 0x69, 0x67, 0x74, 0x61, 0x62, 0x6c, 0x65, 0x2e, 0x61, 0x64,
-	0x6d, 0x69, 0x6e, 0x2e, 0x76, 0x32, 0x2e, 0x42, 0x61, 0x63, 0x6b, 0x75, 0x70, 0x22, 0x62, 0x82,
-	0xd3, 0xe4, 0x93, 0x02, 0x47, 0x32, 0x3d, 0x2f, 0x76, 0x32, 0x2f, 0x7b, 0x62, 0x61, 0x63, 0x6b,
-	0x75, 0x70, 0x2e, 0x6e, 0x61, 0x6d, 0x65, 0x3d, 0x70, 0x72, 0x6f, 0x6a, 0x65, 0x63, 0x74, 0x73,
-	0x2f, 0x2a, 0x2f, 0x69, 0x6e, 0x73, 0x74, 0x61, 0x6e, 0x63, 0x65, 0x73, 0x2f, 0x2a, 0x2f, 0x63,
-	0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0x73, 0x2f, 0x2a, 0x2f, 0x62, 0x61, 0x63, 0x6b, 0x75, 0x70,
-	0x73, 0x2f, 0x2a, 0x7d, 0x3a, 0x06, 0x62, 0x61, 0x63, 0x6b, 0x75, 0x70, 0xda, 0x41, 0x12, 0x62,
-	0x61, 0x63, 0x6b, 0x75, 0x70, 0x2c, 0x75, 0x70, 0x64, 0x61, 0x74, 0x65, 0x5f, 0x6d, 0x61, 0x73,
-	0x6b, 0x12, 0x9c, 0x01, 0x0a, 0x0c, 0x44, 0x65, 0x6c, 0x65, 0x74, 0x65, 0x42, 0x61, 0x63, 0x6b,
-	0x75, 0x70, 0x12, 0x2d, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x62, 0x69, 0x67, 0x74,
-	0x61, 0x62, 0x6c, 0x65, 0x2e, 0x61, 0x64, 0x6d, 0x69, 0x6e, 0x2e, 0x76, 0x32, 0x2e, 0x44, 0x65,
-	0x6c, 0x65, 0x74, 0x65, 0x42, 0x61, 0x63, 0x6b, 0x75, 0x70, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73,
-	0x74, 0x1a, 0x16, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f,
-	0x62, 0x75, 0x66, 0x2e, 0x45, 0x6d, 0x70, 0x74, 0x79, 0x22, 0x45, 0x82, 0xd3, 0xe4, 0x93, 0x02,
-	0x38, 0x2a, 0x36, 0x2f, 0x76, 0x32, 0x2f, 0x7b, 0x6e, 0x61, 0x6d, 0x65, 0x3d, 0x70, 0x72, 0x6f,
-	0x6a, 0x65, 0x63, 0x74, 0x73, 0x2f, 0x2a, 0x2f, 0x69, 0x6e, 0x73, 0x74, 0x61, 0x6e, 0x63, 0x65,
-	0x73, 0x2f, 0x2a, 0x2f, 0x63, 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0x73, 0x2f, 0x2a, 0x2f, 0x62,
-	0x61, 0x63, 0x6b, 0x75, 0x70, 0x73, 0x2f, 0x2a, 0x7d, 0xda, 0x41, 0x04, 0x6e, 0x61, 0x6d, 0x65,
-	0x12, 0xb3, 0x01, 0x0a, 0x0b, 0x4c, 0x69, 0x73, 0x74, 0x42, 0x61, 0x63, 0x6b, 0x75, 0x70, 0x73,
-	0x12, 0x2c, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x62, 0x69, 0x67, 0x74, 0x61, 0x62,
-	0x6c, 0x65, 0x2e, 0x61, 0x64, 0x6d, 0x69, 0x6e, 0x2e, 0x76, 0x32, 0x2e, 0x4c, 0x69, 0x73, 0x74,
-	0x42, 0x61, 0x63, 0x6b, 0x75, 0x70, 0x73, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, 0x2d,
-	0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x62, 0x69, 0x67, 0x74, 0x61, 0x62, 0x6c, 0x65,
-	0x2e, 0x61, 0x64, 0x6d, 0x69, 0x6e, 0x2e, 0x76, 0x32, 0x2e, 0x4c, 0x69, 0x73, 0x74, 0x42, 0x61,
-	0x63, 0x6b, 0x75, 0x70, 0x73, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x22, 0x47, 0x82,
-	0xd3, 0xe4, 0x93, 0x02, 0x38, 0x12, 0x36, 0x2f, 0x76, 0x32, 0x2f, 0x7b, 0x70, 0x61, 0x72, 0x65,
-	0x6e, 0x74, 0x3d, 0x70, 0x72, 0x6f, 0x6a, 0x65, 0x63, 0x74, 0x73, 0x2f, 0x2a, 0x2f, 0x69, 0x6e,
-	0x73, 0x74, 0x61, 0x6e, 0x63, 0x65, 0x73, 0x2f, 0x2a, 0x2f, 0x63, 0x6c, 0x75, 0x73, 0x74, 0x65,
-	0x72, 0x73, 0x2f, 0x2a, 0x7d, 0x2f, 0x62, 0x61, 0x63, 0x6b, 0x75, 0x70, 0x73, 0xda, 0x41, 0x06,
-	0x70, 0x61, 0x72, 0x65, 0x6e, 0x74, 0x12, 0xbb, 0x01, 0x0a, 0x0c, 0x52, 0x65, 0x73, 0x74, 0x6f,
-	0x72, 0x65, 0x54, 0x61, 0x62, 0x6c, 0x65, 0x12, 0x2d, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65,
+	0x6d, 0x69, 0x6e, 0x2e, 0x76, 0x32, 0x2e, 0x42, 0x61, 0x63, 0x6b, 0x75, 0x70, 0x22, 0x45, 0x82,
+	0xd3, 0xe4, 0x93, 0x02, 0x38, 0x12, 0x36, 0x2f, 0x76, 0x32, 0x2f, 0x7b, 0x6e, 0x61, 0x6d, 0x65,
+	0x3d, 0x70, 0x72, 0x6f, 0x6a, 0x65, 0x63, 0x74, 0x73, 0x2f, 0x2a, 0x2f, 0x69, 0x6e, 0x73, 0x74,
+	0x61, 0x6e, 0x63, 0x65, 0x73, 0x2f, 0x2a, 0x2f, 0x63, 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0x73,
+	0x2f, 0x2a, 0x2f, 0x62, 0x61, 0x63, 0x6b, 0x75, 0x70, 0x73, 0x2f, 0x2a, 0x7d, 0xda, 0x41, 0x04,
+	0x6e, 0x61, 0x6d, 0x65, 0x12, 0xc3, 0x01, 0x0a, 0x0c, 0x55, 0x70, 0x64, 0x61, 0x74, 0x65, 0x42,
+	0x61, 0x63, 0x6b, 0x75, 0x70, 0x12, 0x2d, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x62,
+	0x69, 0x67, 0x74, 0x61, 0x62, 0x6c, 0x65, 0x2e, 0x61, 0x64, 0x6d, 0x69, 0x6e, 0x2e, 0x76, 0x32,
+	0x2e, 0x55, 0x70, 0x64, 0x61, 0x74, 0x65, 0x42, 0x61, 0x63, 0x6b, 0x75, 0x70, 0x52, 0x65, 0x71,
+	0x75, 0x65, 0x73, 0x74, 0x1a, 0x20, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x62, 0x69,
+	0x67, 0x74, 0x61, 0x62, 0x6c, 0x65, 0x2e, 0x61, 0x64, 0x6d, 0x69, 0x6e, 0x2e, 0x76, 0x32, 0x2e,
+	0x42, 0x61, 0x63, 0x6b, 0x75, 0x70, 0x22, 0x62, 0x82, 0xd3, 0xe4, 0x93, 0x02, 0x47, 0x32, 0x3d,
+	0x2f, 0x76, 0x32, 0x2f, 0x7b, 0x62, 0x61, 0x63, 0x6b, 0x75, 0x70, 0x2e, 0x6e, 0x61, 0x6d, 0x65,
+	0x3d, 0x70, 0x72, 0x6f, 0x6a, 0x65, 0x63, 0x74, 0x73, 0x2f, 0x2a, 0x2f, 0x69, 0x6e, 0x73, 0x74,
+	0x61, 0x6e, 0x63, 0x65, 0x73, 0x2f, 0x2a, 0x2f, 0x63, 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0x73,
+	0x2f, 0x2a, 0x2f, 0x62, 0x61, 0x63, 0x6b, 0x75, 0x70, 0x73, 0x2f, 0x2a, 0x7d, 0x3a, 0x06, 0x62,
+	0x61, 0x63, 0x6b, 0x75, 0x70, 0xda, 0x41, 0x12, 0x62, 0x61, 0x63, 0x6b, 0x75, 0x70, 0x2c, 0x75,
+	0x70, 0x64, 0x61, 0x74, 0x65, 0x5f, 0x6d, 0x61, 0x73, 0x6b, 0x12, 0x9c, 0x01, 0x0a, 0x0c, 0x44,
+	0x65, 0x6c, 0x65, 0x74, 0x65, 0x42, 0x61, 0x63, 0x6b, 0x75, 0x70, 0x12, 0x2d, 0x2e, 0x67, 0x6f,
+	0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x62, 0x69, 0x67, 0x74, 0x61, 0x62, 0x6c, 0x65, 0x2e, 0x61, 0x64,
+	0x6d, 0x69, 0x6e, 0x2e, 0x76, 0x32, 0x2e, 0x44, 0x65, 0x6c, 0x65, 0x74, 0x65, 0x42, 0x61, 0x63,
+	0x6b, 0x75, 0x70, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, 0x16, 0x2e, 0x67, 0x6f, 0x6f,
+	0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x45, 0x6d, 0x70,
+	0x74, 0x79, 0x22, 0x45, 0x82, 0xd3, 0xe4, 0x93, 0x02, 0x38, 0x2a, 0x36, 0x2f, 0x76, 0x32, 0x2f,
+	0x7b, 0x6e, 0x61, 0x6d, 0x65, 0x3d, 0x70, 0x72, 0x6f, 0x6a, 0x65, 0x63, 0x74, 0x73, 0x2f, 0x2a,
+	0x2f, 0x69, 0x6e, 0x73, 0x74, 0x61, 0x6e, 0x63, 0x65, 0x73, 0x2f, 0x2a, 0x2f, 0x63, 0x6c, 0x75,
+	0x73, 0x74, 0x65, 0x72, 0x73, 0x2f, 0x2a, 0x2f, 0x62, 0x61, 0x63, 0x6b, 0x75, 0x70, 0x73, 0x2f,
+	0x2a, 0x7d, 0xda, 0x41, 0x04, 0x6e, 0x61, 0x6d, 0x65, 0x12, 0xb3, 0x01, 0x0a, 0x0b, 0x4c, 0x69,
+	0x73, 0x74, 0x42, 0x61, 0x63, 0x6b, 0x75, 0x70, 0x73, 0x12, 0x2c, 0x2e, 0x67, 0x6f, 0x6f, 0x67,
+	0x6c, 0x65, 0x2e, 0x62, 0x69, 0x67, 0x74, 0x61, 0x62, 0x6c, 0x65, 0x2e, 0x61, 0x64, 0x6d, 0x69,
+	0x6e, 0x2e, 0x76, 0x32, 0x2e, 0x4c, 0x69, 0x73, 0x74, 0x42, 0x61, 0x63, 0x6b, 0x75, 0x70, 0x73,
+	0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, 0x2d, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65,
 	0x2e, 0x62, 0x69, 0x67, 0x74, 0x61, 0x62, 0x6c, 0x65, 0x2e, 0x61, 0x64, 0x6d, 0x69, 0x6e, 0x2e,
-	0x76, 0x32, 0x2e, 0x52, 0x65, 0x73, 0x74, 0x6f, 0x72, 0x65, 0x54, 0x61, 0x62, 0x6c, 0x65, 0x52,
-	0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, 0x1d, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e,
-	0x6c, 0x6f, 0x6e, 0x67, 0x72, 0x75, 0x6e, 0x6e, 0x69, 0x6e, 0x67, 0x2e, 0x4f, 0x70, 0x65, 0x72,
-	0x61, 0x74, 0x69, 0x6f, 0x6e, 0x22, 0x5d, 0x82, 0xd3, 0xe4, 0x93, 0x02, 0x37, 0x22, 0x32, 0x2f,
-	0x76, 0x32, 0x2f, 0x7b, 0x70, 0x61, 0x72, 0x65, 0x6e, 0x74, 0x3d, 0x70, 0x72, 0x6f, 0x6a, 0x65,
-	0x63, 0x74, 0x73, 0x2f, 0x2a, 0x2f, 0x69, 0x6e, 0x73, 0x74, 0x61, 0x6e, 0x63, 0x65, 0x73, 0x2f,
-	0x2a, 0x7d, 0x2f, 0x74, 0x61, 0x62, 0x6c, 0x65, 0x73, 0x3a, 0x72, 0x65, 0x73, 0x74, 0x6f, 0x72,
-	0x65, 0x3a, 0x01, 0x2a, 0xca, 0x41, 0x1d, 0x0a, 0x05, 0x54, 0x61, 0x62, 0x6c, 0x65, 0x12, 0x14,
-	0x52, 0x65, 0x73, 0x74, 0x6f, 0x72, 0x65, 0x54, 0x61, 0x62, 0x6c, 0x65, 0x4d, 0x65, 0x74, 0x61,
-	0x64, 0x61, 0x74, 0x61, 0x12, 0xec, 0x01, 0x0a, 0x0c, 0x47, 0x65, 0x74, 0x49, 0x61, 0x6d, 0x50,
-	0x6f, 0x6c, 0x69, 0x63, 0x79, 0x12, 0x22, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x69,
-	0x61, 0x6d, 0x2e, 0x76, 0x31, 0x2e, 0x47, 0x65, 0x74, 0x49, 0x61, 0x6d, 0x50, 0x6f, 0x6c, 0x69,
-	0x63, 0x79, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, 0x15, 0x2e, 0x67, 0x6f, 0x6f, 0x67,
-	0x6c, 0x65, 0x2e, 0x69, 0x61, 0x6d, 0x2e, 0x76, 0x31, 0x2e, 0x50, 0x6f, 0x6c, 0x69, 0x63, 0x79,
-	0x22, 0xa0, 0x01, 0x82, 0xd3, 0xe4, 0x93, 0x02, 0x8e, 0x01, 0x22, 0x3b, 0x2f, 0x76, 0x32, 0x2f,
-	0x7b, 0x72, 0x65, 0x73, 0x6f, 0x75, 0x72, 0x63, 0x65, 0x3d, 0x70, 0x72, 0x6f, 0x6a, 0x65, 0x63,
-	0x74, 0x73, 0x2f, 0x2a, 0x2f, 0x69, 0x6e, 0x73, 0x74, 0x61, 0x6e, 0x63, 0x65, 0x73, 0x2f, 0x2a,
-	0x2f, 0x74, 0x61, 0x62, 0x6c, 0x65, 0x73, 0x2f, 0x2a, 0x7d, 0x3a, 0x67, 0x65, 0x74, 0x49, 0x61,
-	0x6d, 0x50, 0x6f, 0x6c, 0x69, 0x63, 0x79, 0x3a, 0x01, 0x2a, 0x5a, 0x4c, 0x22, 0x47, 0x2f, 0x76,
-	0x32, 0x2f, 0x7b, 0x72, 0x65, 0x73, 0x6f, 0x75, 0x72, 0x63, 0x65, 0x3d, 0x70, 0x72, 0x6f, 0x6a,
+	0x76, 0x32, 0x2e, 0x4c, 0x69, 0x73, 0x74, 0x42, 0x61, 0x63, 0x6b, 0x75, 0x70, 0x73, 0x52, 0x65,
+	0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x22, 0x47, 0x82, 0xd3, 0xe4, 0x93, 0x02, 0x38, 0x12, 0x36,
+	0x2f, 0x76, 0x32, 0x2f, 0x7b, 0x70, 0x61, 0x72, 0x65, 0x6e, 0x74, 0x3d, 0x70, 0x72, 0x6f, 0x6a,
 	0x65, 0x63, 0x74, 0x73, 0x2f, 0x2a, 0x2f, 0x69, 0x6e, 0x73, 0x74, 0x61, 0x6e, 0x63, 0x65, 0x73,
-	0x2f, 0x2a, 0x2f, 0x63, 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0x73, 0x2f, 0x2a, 0x2f, 0x62, 0x61,
-	0x63, 0x6b, 0x75, 0x70, 0x73, 0x2f, 0x2a, 0x7d, 0x3a, 0x67, 0x65, 0x74, 0x49, 0x61, 0x6d, 0x50,
-	0x6f, 0x6c, 0x69, 0x63, 0x79, 0x3a, 0x01, 0x2a, 0xda, 0x41, 0x08, 0x72, 0x65, 0x73, 0x6f, 0x75,
-	0x72, 0x63, 0x65, 0x12, 0xf3, 0x01, 0x0a, 0x0c, 0x53, 0x65, 0x74, 0x49, 0x61, 0x6d, 0x50, 0x6f,
-	0x6c, 0x69, 0x63, 0x79, 0x12, 0x22, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x69, 0x61,
-	0x6d, 0x2e, 0x76, 0x31, 0x2e, 0x53, 0x65, 0x74, 0x49, 0x61, 0x6d, 0x50, 0x6f, 0x6c, 0x69, 0x63,
-	0x79, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, 0x15, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c,
-	0x65, 0x2e, 0x69, 0x61, 0x6d, 0x2e, 0x76, 0x31, 0x2e, 0x50, 0x6f, 0x6c, 0x69, 0x63, 0x79, 0x22,
-	0xa7, 0x01, 0x82, 0xd3, 0xe4, 0x93, 0x02, 0x8e, 0x01, 0x22, 0x3b, 0x2f, 0x76, 0x32, 0x2f, 0x7b,
-	0x72, 0x65, 0x73, 0x6f, 0x75, 0x72, 0x63, 0x65, 0x3d, 0x70, 0x72, 0x6f, 0x6a, 0x65, 0x63, 0x74,
-	0x73, 0x2f, 0x2a, 0x2f, 0x69, 0x6e, 0x73, 0x74, 0x61, 0x6e, 0x63, 0x65, 0x73, 0x2f, 0x2a, 0x2f,
-	0x74, 0x61, 0x62, 0x6c, 0x65, 0x73, 0x2f, 0x2a, 0x7d, 0x3a, 0x73, 0x65, 0x74, 0x49, 0x61, 0x6d,
-	0x50, 0x6f, 0x6c, 0x69, 0x63, 0x79, 0x3a, 0x01, 0x2a, 0x5a, 0x4c, 0x22, 0x47, 0x2f, 0x76, 0x32,
-	0x2f, 0x7b, 0x72, 0x65, 0x73, 0x6f, 0x75, 0x72, 0x63, 0x65, 0x3d, 0x70, 0x72, 0x6f, 0x6a, 0x65,
-	0x63, 0x74, 0x73, 0x2f, 0x2a, 0x2f, 0x69, 0x6e, 0x73, 0x74, 0x61, 0x6e, 0x63, 0x65, 0x73, 0x2f,
-	0x2a, 0x2f, 0x63, 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0x73, 0x2f, 0x2a, 0x2f, 0x62, 0x61, 0x63,
-	0x6b, 0x75, 0x70, 0x73, 0x2f, 0x2a, 0x7d, 0x3a, 0x73, 0x65, 0x74, 0x49, 0x61, 0x6d, 0x50, 0x6f,
-	0x6c, 0x69, 0x63, 0x79, 0x3a, 0x01, 0x2a, 0xda, 0x41, 0x0f, 0x72, 0x65, 0x73, 0x6f, 0x75, 0x72,
-	0x63, 0x65, 0x2c, 0x70, 0x6f, 0x6c, 0x69, 0x63, 0x79, 0x12, 0xa4, 0x02, 0x0a, 0x12, 0x54, 0x65,
-	0x73, 0x74, 0x49, 0x61, 0x6d, 0x50, 0x65, 0x72, 0x6d, 0x69, 0x73, 0x73, 0x69, 0x6f, 0x6e, 0x73,
-	0x12, 0x28, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x69, 0x61, 0x6d, 0x2e, 0x76, 0x31,
-	0x2e, 0x54, 0x65, 0x73, 0x74, 0x49, 0x61, 0x6d, 0x50, 0x65, 0x72, 0x6d, 0x69, 0x73, 0x73, 0x69,
-	0x6f, 0x6e, 0x73, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, 0x29, 0x2e, 0x67, 0x6f, 0x6f,
-	0x67, 0x6c, 0x65, 0x2e, 0x69, 0x61, 0x6d, 0x2e, 0x76, 0x31, 0x2e, 0x54, 0x65, 0x73, 0x74, 0x49,
-	0x61, 0x6d, 0x50, 0x65, 0x72, 0x6d, 0x69, 0x73, 0x73, 0x69, 0x6f, 0x6e, 0x73, 0x52, 0x65, 0x73,
-	0x70, 0x6f, 0x6e, 0x73, 0x65, 0x22, 0xb8, 0x01, 0x82, 0xd3, 0xe4, 0x93, 0x02, 0x9a, 0x01, 0x22,
-	0x41, 0x2f, 0x76, 0x32, 0x2f, 0x7b, 0x72, 0x65, 0x73, 0x6f, 0x75, 0x72, 0x63, 0x65, 0x3d, 0x70,
-	0x72, 0x6f, 0x6a, 0x65, 0x63, 0x74, 0x73, 0x2f, 0x2a, 0x2f, 0x69, 0x6e, 0x73, 0x74, 0x61, 0x6e,
-	0x63, 0x65, 0x73, 0x2f, 0x2a, 0x2f, 0x74, 0x61, 0x62, 0x6c, 0x65, 0x73, 0x2f, 0x2a, 0x7d, 0x3a,
-	0x74, 0x65, 0x73, 0x74, 0x49, 0x61, 0x6d, 0x50, 0x65, 0x72, 0x6d, 0x69, 0x73, 0x73, 0x69, 0x6f,
-	0x6e, 0x73, 0x3a, 0x01, 0x2a, 0x5a, 0x52, 0x22, 0x4d, 0x2f, 0x76, 0x32, 0x2f, 0x7b, 0x72, 0x65,
-	0x73, 0x6f, 0x75, 0x72, 0x63, 0x65, 0x3d, 0x70, 0x72, 0x6f, 0x6a, 0x65, 0x63, 0x74, 0x73, 0x2f,
-	0x2a, 0x2f, 0x69, 0x6e, 0x73, 0x74, 0x61, 0x6e, 0x63, 0x65, 0x73, 0x2f, 0x2a, 0x2f, 0x63, 0x6c,
-	0x75, 0x73, 0x74, 0x65, 0x72, 0x73, 0x2f, 0x2a, 0x2f, 0x62, 0x61, 0x63, 0x6b, 0x75, 0x70, 0x73,
-	0x2f, 0x2a, 0x7d, 0x3a, 0x74, 0x65, 0x73, 0x74, 0x49, 0x61, 0x6d, 0x50, 0x65, 0x72, 0x6d, 0x69,
-	0x73, 0x73, 0x69, 0x6f, 0x6e, 0x73, 0x3a, 0x01, 0x2a, 0xda, 0x41, 0x14, 0x72, 0x65, 0x73, 0x6f,
-	0x75, 0x72, 0x63, 0x65, 0x2c, 0x70, 0x65, 0x72, 0x6d, 0x69, 0x73, 0x73, 0x69, 0x6f, 0x6e, 0x73,
-	0x1a, 0xde, 0x02, 0xca, 0x41, 0x1c, 0x62, 0x69, 0x67, 0x74, 0x61, 0x62, 0x6c, 0x65, 0x61, 0x64,
-	0x6d, 0x69, 0x6e, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x61, 0x70, 0x69, 0x73, 0x2e, 0x63,
-	0x6f, 0x6d, 0xd2, 0x41, 0xbb, 0x02, 0x68, 0x74, 0x74, 0x70, 0x73, 0x3a, 0x2f, 0x2f, 0x77, 0x77,
-	0x77, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x61, 0x70, 0x69, 0x73, 0x2e, 0x63, 0x6f, 0x6d,
-	0x2f, 0x61, 0x75, 0x74, 0x68, 0x2f, 0x62, 0x69, 0x67, 0x74, 0x61, 0x62, 0x6c, 0x65, 0x2e, 0x61,
-	0x64, 0x6d, 0x69, 0x6e, 0x2c, 0x68, 0x74, 0x74, 0x70, 0x73, 0x3a, 0x2f, 0x2f, 0x77, 0x77, 0x77,
-	0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x61, 0x70, 0x69, 0x73, 0x2e, 0x63, 0x6f, 0x6d, 0x2f,
-	0x61, 0x75, 0x74, 0x68, 0x2f, 0x62, 0x69, 0x67, 0x74, 0x61, 0x62, 0x6c, 0x65, 0x2e, 0x61, 0x64,
-	0x6d, 0x69, 0x6e, 0x2e, 0x74, 0x61, 0x62, 0x6c, 0x65, 0x2c, 0x68, 0x74, 0x74, 0x70, 0x73, 0x3a,
-	0x2f, 0x2f, 0x77, 0x77, 0x77, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x61, 0x70, 0x69, 0x73,
-	0x2e, 0x63, 0x6f, 0x6d, 0x2f, 0x61, 0x75, 0x74, 0x68, 0x2f, 0x63, 0x6c, 0x6f, 0x75, 0x64, 0x2d,
-	0x62, 0x69, 0x67, 0x74, 0x61, 0x62, 0x6c, 0x65, 0x2e, 0x61, 0x64, 0x6d, 0x69, 0x6e, 0x2c, 0x68,
+	0x2f, 0x2a, 0x2f, 0x63, 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0x73, 0x2f, 0x2a, 0x7d, 0x2f, 0x62,
+	0x61, 0x63, 0x6b, 0x75, 0x70, 0x73, 0xda, 0x41, 0x06, 0x70, 0x61, 0x72, 0x65, 0x6e, 0x74, 0x12,
+	0xbb, 0x01, 0x0a, 0x0c, 0x52, 0x65, 0x73, 0x74, 0x6f, 0x72, 0x65, 0x54, 0x61, 0x62, 0x6c, 0x65,
+	0x12, 0x2d, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x62, 0x69, 0x67, 0x74, 0x61, 0x62,
+	0x6c, 0x65, 0x2e, 0x61, 0x64, 0x6d, 0x69, 0x6e, 0x2e, 0x76, 0x32, 0x2e, 0x52, 0x65, 0x73, 0x74,
+	0x6f, 0x72, 0x65, 0x54, 0x61, 0x62, 0x6c, 0x65, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a,
+	0x1d, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x6c, 0x6f, 0x6e, 0x67, 0x72, 0x75, 0x6e,
+	0x6e, 0x69, 0x6e, 0x67, 0x2e, 0x4f, 0x70, 0x65, 0x72, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x22, 0x5d,
+	0x82, 0xd3, 0xe4, 0x93, 0x02, 0x37, 0x22, 0x32, 0x2f, 0x76, 0x32, 0x2f, 0x7b, 0x70, 0x61, 0x72,
+	0x65, 0x6e, 0x74, 0x3d, 0x70, 0x72, 0x6f, 0x6a, 0x65, 0x63, 0x74, 0x73, 0x2f, 0x2a, 0x2f, 0x69,
+	0x6e, 0x73, 0x74, 0x61, 0x6e, 0x63, 0x65, 0x73, 0x2f, 0x2a, 0x7d, 0x2f, 0x74, 0x61, 0x62, 0x6c,
+	0x65, 0x73, 0x3a, 0x72, 0x65, 0x73, 0x74, 0x6f, 0x72, 0x65, 0x3a, 0x01, 0x2a, 0xca, 0x41, 0x1d,
+	0x0a, 0x05, 0x54, 0x61, 0x62, 0x6c, 0x65, 0x12, 0x14, 0x52, 0x65, 0x73, 0x74, 0x6f, 0x72, 0x65,
+	0x54, 0x61, 0x62, 0x6c, 0x65, 0x4d, 0x65, 0x74, 0x61, 0x64, 0x61, 0x74, 0x61, 0x12, 0xec, 0x01,
+	0x0a, 0x0c, 0x47, 0x65, 0x74, 0x49, 0x61, 0x6d, 0x50, 0x6f, 0x6c, 0x69, 0x63, 0x79, 0x12, 0x22,
+	0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x69, 0x61, 0x6d, 0x2e, 0x76, 0x31, 0x2e, 0x47,
+	0x65, 0x74, 0x49, 0x61, 0x6d, 0x50, 0x6f, 0x6c, 0x69, 0x63, 0x79, 0x52, 0x65, 0x71, 0x75, 0x65,
+	0x73, 0x74, 0x1a, 0x15, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x69, 0x61, 0x6d, 0x2e,
+	0x76, 0x31, 0x2e, 0x50, 0x6f, 0x6c, 0x69, 0x63, 0x79, 0x22, 0xa0, 0x01, 0x82, 0xd3, 0xe4, 0x93,
+	0x02, 0x8e, 0x01, 0x22, 0x3b, 0x2f, 0x76, 0x32, 0x2f, 0x7b, 0x72, 0x65, 0x73, 0x6f, 0x75, 0x72,
+	0x63, 0x65, 0x3d, 0x70, 0x72, 0x6f, 0x6a, 0x65, 0x63, 0x74, 0x73, 0x2f, 0x2a, 0x2f, 0x69, 0x6e,
+	0x73, 0x74, 0x61, 0x6e, 0x63, 0x65, 0x73, 0x2f, 0x2a, 0x2f, 0x74, 0x61, 0x62, 0x6c, 0x65, 0x73,
+	0x2f, 0x2a, 0x7d, 0x3a, 0x67, 0x65, 0x74, 0x49, 0x61, 0x6d, 0x50, 0x6f, 0x6c, 0x69, 0x63, 0x79,
+	0x3a, 0x01, 0x2a, 0x5a, 0x4c, 0x22, 0x47, 0x2f, 0x76, 0x32, 0x2f, 0x7b, 0x72, 0x65, 0x73, 0x6f,
+	0x75, 0x72, 0x63, 0x65, 0x3d, 0x70, 0x72, 0x6f, 0x6a, 0x65, 0x63, 0x74, 0x73, 0x2f, 0x2a, 0x2f,
+	0x69, 0x6e, 0x73, 0x74, 0x61, 0x6e, 0x63, 0x65, 0x73, 0x2f, 0x2a, 0x2f, 0x63, 0x6c, 0x75, 0x73,
+	0x74, 0x65, 0x72, 0x73, 0x2f, 0x2a, 0x2f, 0x62, 0x61, 0x63, 0x6b, 0x75, 0x70, 0x73, 0x2f, 0x2a,
+	0x7d, 0x3a, 0x67, 0x65, 0x74, 0x49, 0x61, 0x6d, 0x50, 0x6f, 0x6c, 0x69, 0x63, 0x79, 0x3a, 0x01,
+	0x2a, 0xda, 0x41, 0x08, 0x72, 0x65, 0x73, 0x6f, 0x75, 0x72, 0x63, 0x65, 0x12, 0xf3, 0x01, 0x0a,
+	0x0c, 0x53, 0x65, 0x74, 0x49, 0x61, 0x6d, 0x50, 0x6f, 0x6c, 0x69, 0x63, 0x79, 0x12, 0x22, 0x2e,
+	0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x69, 0x61, 0x6d, 0x2e, 0x76, 0x31, 0x2e, 0x53, 0x65,
+	0x74, 0x49, 0x61, 0x6d, 0x50, 0x6f, 0x6c, 0x69, 0x63, 0x79, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73,
+	0x74, 0x1a, 0x15, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x69, 0x61, 0x6d, 0x2e, 0x76,
+	0x31, 0x2e, 0x50, 0x6f, 0x6c, 0x69, 0x63, 0x79, 0x22, 0xa7, 0x01, 0x82, 0xd3, 0xe4, 0x93, 0x02,
+	0x8e, 0x01, 0x22, 0x3b, 0x2f, 0x76, 0x32, 0x2f, 0x7b, 0x72, 0x65, 0x73, 0x6f, 0x75, 0x72, 0x63,
+	0x65, 0x3d, 0x70, 0x72, 0x6f, 0x6a, 0x65, 0x63, 0x74, 0x73, 0x2f, 0x2a, 0x2f, 0x69, 0x6e, 0x73,
+	0x74, 0x61, 0x6e, 0x63, 0x65, 0x73, 0x2f, 0x2a, 0x2f, 0x74, 0x61, 0x62, 0x6c, 0x65, 0x73, 0x2f,
+	0x2a, 0x7d, 0x3a, 0x73, 0x65, 0x74, 0x49, 0x61, 0x6d, 0x50, 0x6f, 0x6c, 0x69, 0x63, 0x79, 0x3a,
+	0x01, 0x2a, 0x5a, 0x4c, 0x22, 0x47, 0x2f, 0x76, 0x32, 0x2f, 0x7b, 0x72, 0x65, 0x73, 0x6f, 0x75,
+	0x72, 0x63, 0x65, 0x3d, 0x70, 0x72, 0x6f, 0x6a, 0x65, 0x63, 0x74, 0x73, 0x2f, 0x2a, 0x2f, 0x69,
+	0x6e, 0x73, 0x74, 0x61, 0x6e, 0x63, 0x65, 0x73, 0x2f, 0x2a, 0x2f, 0x63, 0x6c, 0x75, 0x73, 0x74,
+	0x65, 0x72, 0x73, 0x2f, 0x2a, 0x2f, 0x62, 0x61, 0x63, 0x6b, 0x75, 0x70, 0x73, 0x2f, 0x2a, 0x7d,
+	0x3a, 0x73, 0x65, 0x74, 0x49, 0x61, 0x6d, 0x50, 0x6f, 0x6c, 0x69, 0x63, 0x79, 0x3a, 0x01, 0x2a,
+	0xda, 0x41, 0x0f, 0x72, 0x65, 0x73, 0x6f, 0x75, 0x72, 0x63, 0x65, 0x2c, 0x70, 0x6f, 0x6c, 0x69,
+	0x63, 0x79, 0x12, 0xa4, 0x02, 0x0a, 0x12, 0x54, 0x65, 0x73, 0x74, 0x49, 0x61, 0x6d, 0x50, 0x65,
+	0x72, 0x6d, 0x69, 0x73, 0x73, 0x69, 0x6f, 0x6e, 0x73, 0x12, 0x28, 0x2e, 0x67, 0x6f, 0x6f, 0x67,
+	0x6c, 0x65, 0x2e, 0x69, 0x61, 0x6d, 0x2e, 0x76, 0x31, 0x2e, 0x54, 0x65, 0x73, 0x74, 0x49, 0x61,
+	0x6d, 0x50, 0x65, 0x72, 0x6d, 0x69, 0x73, 0x73, 0x69, 0x6f, 0x6e, 0x73, 0x52, 0x65, 0x71, 0x75,
+	0x65, 0x73, 0x74, 0x1a, 0x29, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x69, 0x61, 0x6d,
+	0x2e, 0x76, 0x31, 0x2e, 0x54, 0x65, 0x73, 0x74, 0x49, 0x61, 0x6d, 0x50, 0x65, 0x72, 0x6d, 0x69,
+	0x73, 0x73, 0x69, 0x6f, 0x6e, 0x73, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x22, 0xb8,
+	0x01, 0x82, 0xd3, 0xe4, 0x93, 0x02, 0x9a, 0x01, 0x22, 0x41, 0x2f, 0x76, 0x32, 0x2f, 0x7b, 0x72,
+	0x65, 0x73, 0x6f, 0x75, 0x72, 0x63, 0x65, 0x3d, 0x70, 0x72, 0x6f, 0x6a, 0x65, 0x63, 0x74, 0x73,
+	0x2f, 0x2a, 0x2f, 0x69, 0x6e, 0x73, 0x74, 0x61, 0x6e, 0x63, 0x65, 0x73, 0x2f, 0x2a, 0x2f, 0x74,
+	0x61, 0x62, 0x6c, 0x65, 0x73, 0x2f, 0x2a, 0x7d, 0x3a, 0x74, 0x65, 0x73, 0x74, 0x49, 0x61, 0x6d,
+	0x50, 0x65, 0x72, 0x6d, 0x69, 0x73, 0x73, 0x69, 0x6f, 0x6e, 0x73, 0x3a, 0x01, 0x2a, 0x5a, 0x52,
+	0x22, 0x4d, 0x2f, 0x76, 0x32, 0x2f, 0x7b, 0x72, 0x65, 0x73, 0x6f, 0x75, 0x72, 0x63, 0x65, 0x3d,
+	0x70, 0x72, 0x6f, 0x6a, 0x65, 0x63, 0x74, 0x73, 0x2f, 0x2a, 0x2f, 0x69, 0x6e, 0x73, 0x74, 0x61,
+	0x6e, 0x63, 0x65, 0x73, 0x2f, 0x2a, 0x2f, 0x63, 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0x73, 0x2f,
+	0x2a, 0x2f, 0x62, 0x61, 0x63, 0x6b, 0x75, 0x70, 0x73, 0x2f, 0x2a, 0x7d, 0x3a, 0x74, 0x65, 0x73,
+	0x74, 0x49, 0x61, 0x6d, 0x50, 0x65, 0x72, 0x6d, 0x69, 0x73, 0x73, 0x69, 0x6f, 0x6e, 0x73, 0x3a,
+	0x01, 0x2a, 0xda, 0x41, 0x14, 0x72, 0x65, 0x73, 0x6f, 0x75, 0x72, 0x63, 0x65, 0x2c, 0x70, 0x65,
+	0x72, 0x6d, 0x69, 0x73, 0x73, 0x69, 0x6f, 0x6e, 0x73, 0x1a, 0xde, 0x02, 0xca, 0x41, 0x1c, 0x62,
+	0x69, 0x67, 0x74, 0x61, 0x62, 0x6c, 0x65, 0x61, 0x64, 0x6d, 0x69, 0x6e, 0x2e, 0x67, 0x6f, 0x6f,
+	0x67, 0x6c, 0x65, 0x61, 0x70, 0x69, 0x73, 0x2e, 0x63, 0x6f, 0x6d, 0xd2, 0x41, 0xbb, 0x02, 0x68,
 	0x74, 0x74, 0x70, 0x73, 0x3a, 0x2f, 0x2f, 0x77, 0x77, 0x77, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c,
-	0x65, 0x61, 0x70, 0x69, 0x73, 0x2e, 0x63, 0x6f, 0x6d, 0x2f, 0x61, 0x75, 0x74, 0x68, 0x2f, 0x63,
-	0x6c, 0x6f, 0x75, 0x64, 0x2d, 0x62, 0x69, 0x67, 0x74, 0x61, 0x62, 0x6c, 0x65, 0x2e, 0x61, 0x64,
-	0x6d, 0x69, 0x6e, 0x2e, 0x74, 0x61, 0x62, 0x6c, 0x65, 0x2c, 0x68, 0x74, 0x74, 0x70, 0x73, 0x3a,
-	0x2f, 0x2f, 0x77, 0x77, 0x77, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x61, 0x70, 0x69, 0x73,
-	0x2e, 0x63, 0x6f, 0x6d, 0x2f, 0x61, 0x75, 0x74, 0x68, 0x2f, 0x63, 0x6c, 0x6f, 0x75, 0x64, 0x2d,
-	0x70, 0x6c, 0x61, 0x74, 0x66, 0x6f, 0x72, 0x6d, 0x2c, 0x68, 0x74, 0x74, 0x70, 0x73, 0x3a, 0x2f,
-	0x2f, 0x77, 0x77, 0x77, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x61, 0x70, 0x69, 0x73, 0x2e,
-	0x63, 0x6f, 0x6d, 0x2f, 0x61, 0x75, 0x74, 0x68, 0x2f, 0x63, 0x6c, 0x6f, 0x75, 0x64, 0x2d, 0x70,
-	0x6c, 0x61, 0x74, 0x66, 0x6f, 0x72, 0x6d, 0x2e, 0x72, 0x65, 0x61, 0x64, 0x2d, 0x6f, 0x6e, 0x6c,
-	0x79, 0x42, 0xdf, 0x01, 0x0a, 0x1c, 0x63, 0x6f, 0x6d, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65,
-	0x2e, 0x62, 0x69, 0x67, 0x74, 0x61, 0x62, 0x6c, 0x65, 0x2e, 0x61, 0x64, 0x6d, 0x69, 0x6e, 0x2e,
-	0x76, 0x32, 0x42, 0x17, 0x42, 0x69, 0x67, 0x74, 0x61, 0x62, 0x6c, 0x65, 0x54, 0x61, 0x62, 0x6c,
-	0x65, 0x41, 0x64, 0x6d, 0x69, 0x6e, 0x50, 0x72, 0x6f, 0x74, 0x6f, 0x50, 0x01, 0x5a, 0x3d, 0x67,
-	0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x67, 0x6f, 0x6c, 0x61, 0x6e, 0x67, 0x2e, 0x6f, 0x72, 0x67,
-	0x2f, 0x67, 0x65, 0x6e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x2f, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65,
-	0x61, 0x70, 0x69, 0x73, 0x2f, 0x62, 0x69, 0x67, 0x74, 0x61, 0x62, 0x6c, 0x65, 0x2f, 0x61, 0x64,
-	0x6d, 0x69, 0x6e, 0x2f, 0x76, 0x32, 0x3b, 0x61, 0x64, 0x6d, 0x69, 0x6e, 0xaa, 0x02, 0x1e, 0x47,
-	0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x43, 0x6c, 0x6f, 0x75, 0x64, 0x2e, 0x42, 0x69, 0x67, 0x74,
-	0x61, 0x62, 0x6c, 0x65, 0x2e, 0x41, 0x64, 0x6d, 0x69, 0x6e, 0x2e, 0x56, 0x32, 0xca, 0x02, 0x1e,
-	0x47, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x5c, 0x43, 0x6c, 0x6f, 0x75, 0x64, 0x5c, 0x42, 0x69, 0x67,
-	0x74, 0x61, 0x62, 0x6c, 0x65, 0x5c, 0x41, 0x64, 0x6d, 0x69, 0x6e, 0x5c, 0x56, 0x32, 0xea, 0x02,
-	0x22, 0x47, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x3a, 0x3a, 0x43, 0x6c, 0x6f, 0x75, 0x64, 0x3a, 0x3a,
-	0x42, 0x69, 0x67, 0x74, 0x61, 0x62, 0x6c, 0x65, 0x3a, 0x3a, 0x41, 0x64, 0x6d, 0x69, 0x6e, 0x3a,
-	0x3a, 0x56, 0x32, 0x62, 0x06, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x33,
+	0x65, 0x61, 0x70, 0x69, 0x73, 0x2e, 0x63, 0x6f, 0x6d, 0x2f, 0x61, 0x75, 0x74, 0x68, 0x2f, 0x62,
+	0x69, 0x67, 0x74, 0x61, 0x62, 0x6c, 0x65, 0x2e, 0x61, 0x64, 0x6d, 0x69, 0x6e, 0x2c, 0x68, 0x74,
+	0x74, 0x70, 0x73, 0x3a, 0x2f, 0x2f, 0x77, 0x77, 0x77, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65,
+	0x61, 0x70, 0x69, 0x73, 0x2e, 0x63, 0x6f, 0x6d, 0x2f, 0x61, 0x75, 0x74, 0x68, 0x2f, 0x62, 0x69,
+	0x67, 0x74, 0x61, 0x62, 0x6c, 0x65, 0x2e, 0x61, 0x64, 0x6d, 0x69, 0x6e, 0x2e, 0x74, 0x61, 0x62,
+	0x6c, 0x65, 0x2c, 0x68, 0x74, 0x74, 0x70, 0x73, 0x3a, 0x2f, 0x2f, 0x77, 0x77, 0x77, 0x2e, 0x67,
+	0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x61, 0x70, 0x69, 0x73, 0x2e, 0x63, 0x6f, 0x6d, 0x2f, 0x61, 0x75,
+	0x74, 0x68, 0x2f, 0x63, 0x6c, 0x6f, 0x75, 0x64, 0x2d, 0x62, 0x69, 0x67, 0x74, 0x61, 0x62, 0x6c,
+	0x65, 0x2e, 0x61, 0x64, 0x6d, 0x69, 0x6e, 0x2c, 0x68, 0x74, 0x74, 0x70, 0x73, 0x3a, 0x2f, 0x2f,
+	0x77, 0x77, 0x77, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x61, 0x70, 0x69, 0x73, 0x2e, 0x63,
+	0x6f, 0x6d, 0x2f, 0x61, 0x75, 0x74, 0x68, 0x2f, 0x63, 0x6c, 0x6f, 0x75, 0x64, 0x2d, 0x62, 0x69,
+	0x67, 0x74, 0x61, 0x62, 0x6c, 0x65, 0x2e, 0x61, 0x64, 0x6d, 0x69, 0x6e, 0x2e, 0x74, 0x61, 0x62,
+	0x6c, 0x65, 0x2c, 0x68, 0x74, 0x74, 0x70, 0x73, 0x3a, 0x2f, 0x2f, 0x77, 0x77, 0x77, 0x2e, 0x67,
+	0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x61, 0x70, 0x69, 0x73, 0x2e, 0x63, 0x6f, 0x6d, 0x2f, 0x61, 0x75,
+	0x74, 0x68, 0x2f, 0x63, 0x6c, 0x6f, 0x75, 0x64, 0x2d, 0x70, 0x6c, 0x61, 0x74, 0x66, 0x6f, 0x72,
+	0x6d, 0x2c, 0x68, 0x74, 0x74, 0x70, 0x73, 0x3a, 0x2f, 0x2f, 0x77, 0x77, 0x77, 0x2e, 0x67, 0x6f,
+	0x6f, 0x67, 0x6c, 0x65, 0x61, 0x70, 0x69, 0x73, 0x2e, 0x63, 0x6f, 0x6d, 0x2f, 0x61, 0x75, 0x74,
+	0x68, 0x2f, 0x63, 0x6c, 0x6f, 0x75, 0x64, 0x2d, 0x70, 0x6c, 0x61, 0x74, 0x66, 0x6f, 0x72, 0x6d,
+	0x2e, 0x72, 0x65, 0x61, 0x64, 0x2d, 0x6f, 0x6e, 0x6c, 0x79, 0x42, 0xdf, 0x01, 0x0a, 0x1c, 0x63,
+	0x6f, 0x6d, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x62, 0x69, 0x67, 0x74, 0x61, 0x62,
+	0x6c, 0x65, 0x2e, 0x61, 0x64, 0x6d, 0x69, 0x6e, 0x2e, 0x76, 0x32, 0x42, 0x17, 0x42, 0x69, 0x67,
+	0x74, 0x61, 0x62, 0x6c, 0x65, 0x54, 0x61, 0x62, 0x6c, 0x65, 0x41, 0x64, 0x6d, 0x69, 0x6e, 0x50,
+	0x72, 0x6f, 0x74, 0x6f, 0x50, 0x01, 0x5a, 0x3d, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x67,
+	0x6f, 0x6c, 0x61, 0x6e, 0x67, 0x2e, 0x6f, 0x72, 0x67, 0x2f, 0x67, 0x65, 0x6e, 0x70, 0x72, 0x6f,
+	0x74, 0x6f, 0x2f, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x61, 0x70, 0x69, 0x73, 0x2f, 0x62, 0x69,
+	0x67, 0x74, 0x61, 0x62, 0x6c, 0x65, 0x2f, 0x61, 0x64, 0x6d, 0x69, 0x6e, 0x2f, 0x76, 0x32, 0x3b,
+	0x61, 0x64, 0x6d, 0x69, 0x6e, 0xaa, 0x02, 0x1e, 0x47, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x43,
+	0x6c, 0x6f, 0x75, 0x64, 0x2e, 0x42, 0x69, 0x67, 0x74, 0x61, 0x62, 0x6c, 0x65, 0x2e, 0x41, 0x64,
+	0x6d, 0x69, 0x6e, 0x2e, 0x56, 0x32, 0xca, 0x02, 0x1e, 0x47, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x5c,
+	0x43, 0x6c, 0x6f, 0x75, 0x64, 0x5c, 0x42, 0x69, 0x67, 0x74, 0x61, 0x62, 0x6c, 0x65, 0x5c, 0x41,
+	0x64, 0x6d, 0x69, 0x6e, 0x5c, 0x56, 0x32, 0xea, 0x02, 0x22, 0x47, 0x6f, 0x6f, 0x67, 0x6c, 0x65,
+	0x3a, 0x3a, 0x43, 0x6c, 0x6f, 0x75, 0x64, 0x3a, 0x3a, 0x42, 0x69, 0x67, 0x74, 0x61, 0x62, 0x6c,
+	0x65, 0x3a, 0x3a, 0x41, 0x64, 0x6d, 0x69, 0x6e, 0x3a, 0x3a, 0x56, 0x32, 0x62, 0x06, 0x70, 0x72,
+	0x6f, 0x74, 0x6f, 0x33,
 }
 
 var (
diff --git a/vendor/google.golang.org/genproto/googleapis/bigtable/admin/v2/instance.pb.go b/vendor/google.golang.org/genproto/googleapis/bigtable/admin/v2/instance.pb.go
index 2ec938ab51c..f8fc4da21c6 100644
--- a/vendor/google.golang.org/genproto/googleapis/bigtable/admin/v2/instance.pb.go
+++ b/vendor/google.golang.org/genproto/googleapis/bigtable/admin/v2/instance.pb.go
@@ -27,6 +27,7 @@ import (
 	_ "google.golang.org/genproto/googleapis/api/annotations"
 	protoreflect "google.golang.org/protobuf/reflect/protoreflect"
 	protoimpl "google.golang.org/protobuf/runtime/protoimpl"
+	timestamppb "google.golang.org/protobuf/types/known/timestamppb"
 )
 
 const (
@@ -254,6 +255,10 @@ type Instance struct {
 	// * No more than 64 labels can be associated with a given resource.
 	// * Keys and values must both be under 128 bytes.
 	Labels map[string]string `protobuf:"bytes,5,rep,name=labels,proto3" json:"labels,omitempty" protobuf_key:"bytes,1,opt,name=key,proto3" protobuf_val:"bytes,2,opt,name=value,proto3"`
+	// Output only. A server-assigned timestamp representing when this Instance was created.
+	// For instances created before this field was added (August 2021), this value
+	// is `seconds: 0, nanos: 1`.
+	CreateTime *timestamppb.Timestamp `protobuf:"bytes,7,opt,name=create_time,json=createTime,proto3" json:"create_time,omitempty"`
 }
 
 func (x *Instance) Reset() {
@@ -323,6 +328,13 @@ func (x *Instance) GetLabels() map[string]string {
 	return nil
 }
 
+func (x *Instance) GetCreateTime() *timestamppb.Timestamp {
+	if x != nil {
+		return x.CreateTime
+	}
+	return nil
+}
+
 // A resizable group of nodes in a particular cloud location, capable
 // of serving all [Tables][google.bigtable.admin.v2.Table] in the parent
 // [Instance][google.bigtable.admin.v2.Instance].
@@ -736,116 +748,125 @@ var file_google_bigtable_admin_v2_instance_proto_rawDesc = []byte{
 	0x2f, 0x72, 0x65, 0x73, 0x6f, 0x75, 0x72, 0x63, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a,
 	0x25, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2f, 0x62, 0x69, 0x67, 0x74, 0x61, 0x62, 0x6c, 0x65,
 	0x2f, 0x61, 0x64, 0x6d, 0x69, 0x6e, 0x2f, 0x76, 0x32, 0x2f, 0x63, 0x6f, 0x6d, 0x6d, 0x6f, 0x6e,
-	0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x22, 0x91, 0x04, 0x0a, 0x08, 0x49, 0x6e, 0x73, 0x74, 0x61,
-	0x6e, 0x63, 0x65, 0x12, 0x17, 0x0a, 0x04, 0x6e, 0x61, 0x6d, 0x65, 0x18, 0x01, 0x20, 0x01, 0x28,
-	0x09, 0x42, 0x03, 0xe0, 0x41, 0x03, 0x52, 0x04, 0x6e, 0x61, 0x6d, 0x65, 0x12, 0x26, 0x0a, 0x0c,
-	0x64, 0x69, 0x73, 0x70, 0x6c, 0x61, 0x79, 0x5f, 0x6e, 0x61, 0x6d, 0x65, 0x18, 0x02, 0x20, 0x01,
-	0x28, 0x09, 0x42, 0x03, 0xe0, 0x41, 0x02, 0x52, 0x0b, 0x64, 0x69, 0x73, 0x70, 0x6c, 0x61, 0x79,
-	0x4e, 0x61, 0x6d, 0x65, 0x12, 0x3e, 0x0a, 0x05, 0x73, 0x74, 0x61, 0x74, 0x65, 0x18, 0x03, 0x20,
-	0x01, 0x28, 0x0e, 0x32, 0x28, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x62, 0x69, 0x67,
-	0x74, 0x61, 0x62, 0x6c, 0x65, 0x2e, 0x61, 0x64, 0x6d, 0x69, 0x6e, 0x2e, 0x76, 0x32, 0x2e, 0x49,
-	0x6e, 0x73, 0x74, 0x61, 0x6e, 0x63, 0x65, 0x2e, 0x53, 0x74, 0x61, 0x74, 0x65, 0x52, 0x05, 0x73,
-	0x74, 0x61, 0x74, 0x65, 0x12, 0x3b, 0x0a, 0x04, 0x74, 0x79, 0x70, 0x65, 0x18, 0x04, 0x20, 0x01,
-	0x28, 0x0e, 0x32, 0x27, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x62, 0x69, 0x67, 0x74,
+	0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x1f, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2f, 0x70,
+	0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2f, 0x74, 0x69, 0x6d, 0x65, 0x73, 0x74, 0x61, 0x6d,
+	0x70, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x1c, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2f,
+	0x61, 0x70, 0x69, 0x2f, 0x61, 0x6e, 0x6e, 0x6f, 0x74, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x2e,
+	0x70, 0x72, 0x6f, 0x74, 0x6f, 0x22, 0xd8, 0x04, 0x0a, 0x08, 0x49, 0x6e, 0x73, 0x74, 0x61, 0x6e,
+	0x63, 0x65, 0x12, 0x17, 0x0a, 0x04, 0x6e, 0x61, 0x6d, 0x65, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09,
+	0x42, 0x03, 0xe0, 0x41, 0x03, 0x52, 0x04, 0x6e, 0x61, 0x6d, 0x65, 0x12, 0x26, 0x0a, 0x0c, 0x64,
+	0x69, 0x73, 0x70, 0x6c, 0x61, 0x79, 0x5f, 0x6e, 0x61, 0x6d, 0x65, 0x18, 0x02, 0x20, 0x01, 0x28,
+	0x09, 0x42, 0x03, 0xe0, 0x41, 0x02, 0x52, 0x0b, 0x64, 0x69, 0x73, 0x70, 0x6c, 0x61, 0x79, 0x4e,
+	0x61, 0x6d, 0x65, 0x12, 0x3e, 0x0a, 0x05, 0x73, 0x74, 0x61, 0x74, 0x65, 0x18, 0x03, 0x20, 0x01,
+	0x28, 0x0e, 0x32, 0x28, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x62, 0x69, 0x67, 0x74,
 	0x61, 0x62, 0x6c, 0x65, 0x2e, 0x61, 0x64, 0x6d, 0x69, 0x6e, 0x2e, 0x76, 0x32, 0x2e, 0x49, 0x6e,
-	0x73, 0x74, 0x61, 0x6e, 0x63, 0x65, 0x2e, 0x54, 0x79, 0x70, 0x65, 0x52, 0x04, 0x74, 0x79, 0x70,
-	0x65, 0x12, 0x46, 0x0a, 0x06, 0x6c, 0x61, 0x62, 0x65, 0x6c, 0x73, 0x18, 0x05, 0x20, 0x03, 0x28,
-	0x0b, 0x32, 0x2e, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x62, 0x69, 0x67, 0x74, 0x61,
+	0x73, 0x74, 0x61, 0x6e, 0x63, 0x65, 0x2e, 0x53, 0x74, 0x61, 0x74, 0x65, 0x52, 0x05, 0x73, 0x74,
+	0x61, 0x74, 0x65, 0x12, 0x3b, 0x0a, 0x04, 0x74, 0x79, 0x70, 0x65, 0x18, 0x04, 0x20, 0x01, 0x28,
+	0x0e, 0x32, 0x27, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x62, 0x69, 0x67, 0x74, 0x61,
 	0x62, 0x6c, 0x65, 0x2e, 0x61, 0x64, 0x6d, 0x69, 0x6e, 0x2e, 0x76, 0x32, 0x2e, 0x49, 0x6e, 0x73,
-	0x74, 0x61, 0x6e, 0x63, 0x65, 0x2e, 0x4c, 0x61, 0x62, 0x65, 0x6c, 0x73, 0x45, 0x6e, 0x74, 0x72,
-	0x79, 0x52, 0x06, 0x6c, 0x61, 0x62, 0x65, 0x6c, 0x73, 0x1a, 0x39, 0x0a, 0x0b, 0x4c, 0x61, 0x62,
-	0x65, 0x6c, 0x73, 0x45, 0x6e, 0x74, 0x72, 0x79, 0x12, 0x10, 0x0a, 0x03, 0x6b, 0x65, 0x79, 0x18,
-	0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x03, 0x6b, 0x65, 0x79, 0x12, 0x14, 0x0a, 0x05, 0x76, 0x61,
-	0x6c, 0x75, 0x65, 0x18, 0x02, 0x20, 0x01, 0x28, 0x09, 0x52, 0x05, 0x76, 0x61, 0x6c, 0x75, 0x65,
-	0x3a, 0x02, 0x38, 0x01, 0x22, 0x35, 0x0a, 0x05, 0x53, 0x74, 0x61, 0x74, 0x65, 0x12, 0x13, 0x0a,
-	0x0f, 0x53, 0x54, 0x41, 0x54, 0x45, 0x5f, 0x4e, 0x4f, 0x54, 0x5f, 0x4b, 0x4e, 0x4f, 0x57, 0x4e,
-	0x10, 0x00, 0x12, 0x09, 0x0a, 0x05, 0x52, 0x45, 0x41, 0x44, 0x59, 0x10, 0x01, 0x12, 0x0c, 0x0a,
-	0x08, 0x43, 0x52, 0x45, 0x41, 0x54, 0x49, 0x4e, 0x47, 0x10, 0x02, 0x22, 0x3d, 0x0a, 0x04, 0x54,
-	0x79, 0x70, 0x65, 0x12, 0x14, 0x0a, 0x10, 0x54, 0x59, 0x50, 0x45, 0x5f, 0x55, 0x4e, 0x53, 0x50,
-	0x45, 0x43, 0x49, 0x46, 0x49, 0x45, 0x44, 0x10, 0x00, 0x12, 0x0e, 0x0a, 0x0a, 0x50, 0x52, 0x4f,
-	0x44, 0x55, 0x43, 0x54, 0x49, 0x4f, 0x4e, 0x10, 0x01, 0x12, 0x0f, 0x0a, 0x0b, 0x44, 0x45, 0x56,
-	0x45, 0x4c, 0x4f, 0x50, 0x4d, 0x45, 0x4e, 0x54, 0x10, 0x02, 0x3a, 0x4e, 0xea, 0x41, 0x4b, 0x0a,
-	0x20, 0x62, 0x69, 0x67, 0x74, 0x61, 0x62, 0x6c, 0x65, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65,
-	0x61, 0x70, 0x69, 0x73, 0x2e, 0x63, 0x6f, 0x6d, 0x2f, 0x49, 0x6e, 0x73, 0x74, 0x61, 0x6e, 0x63,
-	0x65, 0x12, 0x27, 0x70, 0x72, 0x6f, 0x6a, 0x65, 0x63, 0x74, 0x73, 0x2f, 0x7b, 0x70, 0x72, 0x6f,
-	0x6a, 0x65, 0x63, 0x74, 0x7d, 0x2f, 0x69, 0x6e, 0x73, 0x74, 0x61, 0x6e, 0x63, 0x65, 0x73, 0x2f,
-	0x7b, 0x69, 0x6e, 0x73, 0x74, 0x61, 0x6e, 0x63, 0x65, 0x7d, 0x22, 0xa2, 0x05, 0x0a, 0x07, 0x43,
-	0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0x12, 0x17, 0x0a, 0x04, 0x6e, 0x61, 0x6d, 0x65, 0x18, 0x01,
-	0x20, 0x01, 0x28, 0x09, 0x42, 0x03, 0xe0, 0x41, 0x03, 0x52, 0x04, 0x6e, 0x61, 0x6d, 0x65, 0x12,
-	0x42, 0x0a, 0x08, 0x6c, 0x6f, 0x63, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x18, 0x02, 0x20, 0x01, 0x28,
-	0x09, 0x42, 0x26, 0xfa, 0x41, 0x23, 0x0a, 0x21, 0x6c, 0x6f, 0x63, 0x61, 0x74, 0x69, 0x6f, 0x6e,
-	0x73, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x61, 0x70, 0x69, 0x73, 0x2e, 0x63, 0x6f, 0x6d,
-	0x2f, 0x4c, 0x6f, 0x63, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x52, 0x08, 0x6c, 0x6f, 0x63, 0x61, 0x74,
-	0x69, 0x6f, 0x6e, 0x12, 0x42, 0x0a, 0x05, 0x73, 0x74, 0x61, 0x74, 0x65, 0x18, 0x03, 0x20, 0x01,
-	0x28, 0x0e, 0x32, 0x27, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x62, 0x69, 0x67, 0x74,
-	0x61, 0x62, 0x6c, 0x65, 0x2e, 0x61, 0x64, 0x6d, 0x69, 0x6e, 0x2e, 0x76, 0x32, 0x2e, 0x43, 0x6c,
-	0x75, 0x73, 0x74, 0x65, 0x72, 0x2e, 0x53, 0x74, 0x61, 0x74, 0x65, 0x42, 0x03, 0xe0, 0x41, 0x03,
-	0x52, 0x05, 0x73, 0x74, 0x61, 0x74, 0x65, 0x12, 0x24, 0x0a, 0x0b, 0x73, 0x65, 0x72, 0x76, 0x65,
-	0x5f, 0x6e, 0x6f, 0x64, 0x65, 0x73, 0x18, 0x04, 0x20, 0x01, 0x28, 0x05, 0x42, 0x03, 0xe0, 0x41,
-	0x02, 0x52, 0x0a, 0x73, 0x65, 0x72, 0x76, 0x65, 0x4e, 0x6f, 0x64, 0x65, 0x73, 0x12, 0x57, 0x0a,
-	0x14, 0x64, 0x65, 0x66, 0x61, 0x75, 0x6c, 0x74, 0x5f, 0x73, 0x74, 0x6f, 0x72, 0x61, 0x67, 0x65,
-	0x5f, 0x74, 0x79, 0x70, 0x65, 0x18, 0x05, 0x20, 0x01, 0x28, 0x0e, 0x32, 0x25, 0x2e, 0x67, 0x6f,
+	0x74, 0x61, 0x6e, 0x63, 0x65, 0x2e, 0x54, 0x79, 0x70, 0x65, 0x52, 0x04, 0x74, 0x79, 0x70, 0x65,
+	0x12, 0x46, 0x0a, 0x06, 0x6c, 0x61, 0x62, 0x65, 0x6c, 0x73, 0x18, 0x05, 0x20, 0x03, 0x28, 0x0b,
+	0x32, 0x2e, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x62, 0x69, 0x67, 0x74, 0x61, 0x62,
+	0x6c, 0x65, 0x2e, 0x61, 0x64, 0x6d, 0x69, 0x6e, 0x2e, 0x76, 0x32, 0x2e, 0x49, 0x6e, 0x73, 0x74,
+	0x61, 0x6e, 0x63, 0x65, 0x2e, 0x4c, 0x61, 0x62, 0x65, 0x6c, 0x73, 0x45, 0x6e, 0x74, 0x72, 0x79,
+	0x52, 0x06, 0x6c, 0x61, 0x62, 0x65, 0x6c, 0x73, 0x12, 0x40, 0x0a, 0x0b, 0x63, 0x72, 0x65, 0x61,
+	0x74, 0x65, 0x5f, 0x74, 0x69, 0x6d, 0x65, 0x18, 0x07, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1a, 0x2e,
+	0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e,
+	0x54, 0x69, 0x6d, 0x65, 0x73, 0x74, 0x61, 0x6d, 0x70, 0x42, 0x03, 0xe0, 0x41, 0x03, 0x52, 0x0a,
+	0x63, 0x72, 0x65, 0x61, 0x74, 0x65, 0x54, 0x69, 0x6d, 0x65, 0x1a, 0x39, 0x0a, 0x0b, 0x4c, 0x61,
+	0x62, 0x65, 0x6c, 0x73, 0x45, 0x6e, 0x74, 0x72, 0x79, 0x12, 0x10, 0x0a, 0x03, 0x6b, 0x65, 0x79,
+	0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x03, 0x6b, 0x65, 0x79, 0x12, 0x14, 0x0a, 0x05, 0x76,
+	0x61, 0x6c, 0x75, 0x65, 0x18, 0x02, 0x20, 0x01, 0x28, 0x09, 0x52, 0x05, 0x76, 0x61, 0x6c, 0x75,
+	0x65, 0x3a, 0x02, 0x38, 0x01, 0x22, 0x35, 0x0a, 0x05, 0x53, 0x74, 0x61, 0x74, 0x65, 0x12, 0x13,
+	0x0a, 0x0f, 0x53, 0x54, 0x41, 0x54, 0x45, 0x5f, 0x4e, 0x4f, 0x54, 0x5f, 0x4b, 0x4e, 0x4f, 0x57,
+	0x4e, 0x10, 0x00, 0x12, 0x09, 0x0a, 0x05, 0x52, 0x45, 0x41, 0x44, 0x59, 0x10, 0x01, 0x12, 0x0c,
+	0x0a, 0x08, 0x43, 0x52, 0x45, 0x41, 0x54, 0x49, 0x4e, 0x47, 0x10, 0x02, 0x22, 0x3d, 0x0a, 0x04,
+	0x54, 0x79, 0x70, 0x65, 0x12, 0x14, 0x0a, 0x10, 0x54, 0x59, 0x50, 0x45, 0x5f, 0x55, 0x4e, 0x53,
+	0x50, 0x45, 0x43, 0x49, 0x46, 0x49, 0x45, 0x44, 0x10, 0x00, 0x12, 0x0e, 0x0a, 0x0a, 0x50, 0x52,
+	0x4f, 0x44, 0x55, 0x43, 0x54, 0x49, 0x4f, 0x4e, 0x10, 0x01, 0x12, 0x0f, 0x0a, 0x0b, 0x44, 0x45,
+	0x56, 0x45, 0x4c, 0x4f, 0x50, 0x4d, 0x45, 0x4e, 0x54, 0x10, 0x02, 0x3a, 0x53, 0xea, 0x41, 0x50,
+	0x0a, 0x25, 0x62, 0x69, 0x67, 0x74, 0x61, 0x62, 0x6c, 0x65, 0x61, 0x64, 0x6d, 0x69, 0x6e, 0x2e,
+	0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x61, 0x70, 0x69, 0x73, 0x2e, 0x63, 0x6f, 0x6d, 0x2f, 0x49,
+	0x6e, 0x73, 0x74, 0x61, 0x6e, 0x63, 0x65, 0x12, 0x27, 0x70, 0x72, 0x6f, 0x6a, 0x65, 0x63, 0x74,
+	0x73, 0x2f, 0x7b, 0x70, 0x72, 0x6f, 0x6a, 0x65, 0x63, 0x74, 0x7d, 0x2f, 0x69, 0x6e, 0x73, 0x74,
+	0x61, 0x6e, 0x63, 0x65, 0x73, 0x2f, 0x7b, 0x69, 0x6e, 0x73, 0x74, 0x61, 0x6e, 0x63, 0x65, 0x7d,
+	0x22, 0xa7, 0x05, 0x0a, 0x07, 0x43, 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0x12, 0x17, 0x0a, 0x04,
+	0x6e, 0x61, 0x6d, 0x65, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x42, 0x03, 0xe0, 0x41, 0x03, 0x52,
+	0x04, 0x6e, 0x61, 0x6d, 0x65, 0x12, 0x42, 0x0a, 0x08, 0x6c, 0x6f, 0x63, 0x61, 0x74, 0x69, 0x6f,
+	0x6e, 0x18, 0x02, 0x20, 0x01, 0x28, 0x09, 0x42, 0x26, 0xfa, 0x41, 0x23, 0x0a, 0x21, 0x6c, 0x6f,
+	0x63, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x61, 0x70,
+	0x69, 0x73, 0x2e, 0x63, 0x6f, 0x6d, 0x2f, 0x4c, 0x6f, 0x63, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x52,
+	0x08, 0x6c, 0x6f, 0x63, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x12, 0x42, 0x0a, 0x05, 0x73, 0x74, 0x61,
+	0x74, 0x65, 0x18, 0x03, 0x20, 0x01, 0x28, 0x0e, 0x32, 0x27, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c,
+	0x65, 0x2e, 0x62, 0x69, 0x67, 0x74, 0x61, 0x62, 0x6c, 0x65, 0x2e, 0x61, 0x64, 0x6d, 0x69, 0x6e,
+	0x2e, 0x76, 0x32, 0x2e, 0x43, 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0x2e, 0x53, 0x74, 0x61, 0x74,
+	0x65, 0x42, 0x03, 0xe0, 0x41, 0x03, 0x52, 0x05, 0x73, 0x74, 0x61, 0x74, 0x65, 0x12, 0x24, 0x0a,
+	0x0b, 0x73, 0x65, 0x72, 0x76, 0x65, 0x5f, 0x6e, 0x6f, 0x64, 0x65, 0x73, 0x18, 0x04, 0x20, 0x01,
+	0x28, 0x05, 0x42, 0x03, 0xe0, 0x41, 0x02, 0x52, 0x0a, 0x73, 0x65, 0x72, 0x76, 0x65, 0x4e, 0x6f,
+	0x64, 0x65, 0x73, 0x12, 0x57, 0x0a, 0x14, 0x64, 0x65, 0x66, 0x61, 0x75, 0x6c, 0x74, 0x5f, 0x73,
+	0x74, 0x6f, 0x72, 0x61, 0x67, 0x65, 0x5f, 0x74, 0x79, 0x70, 0x65, 0x18, 0x05, 0x20, 0x01, 0x28,
+	0x0e, 0x32, 0x25, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x62, 0x69, 0x67, 0x74, 0x61,
+	0x62, 0x6c, 0x65, 0x2e, 0x61, 0x64, 0x6d, 0x69, 0x6e, 0x2e, 0x76, 0x32, 0x2e, 0x53, 0x74, 0x6f,
+	0x72, 0x61, 0x67, 0x65, 0x54, 0x79, 0x70, 0x65, 0x52, 0x12, 0x64, 0x65, 0x66, 0x61, 0x75, 0x6c,
+	0x74, 0x53, 0x74, 0x6f, 0x72, 0x61, 0x67, 0x65, 0x54, 0x79, 0x70, 0x65, 0x12, 0x64, 0x0a, 0x11,
+	0x65, 0x6e, 0x63, 0x72, 0x79, 0x70, 0x74, 0x69, 0x6f, 0x6e, 0x5f, 0x63, 0x6f, 0x6e, 0x66, 0x69,
+	0x67, 0x18, 0x06, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x32, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65,
+	0x2e, 0x62, 0x69, 0x67, 0x74, 0x61, 0x62, 0x6c, 0x65, 0x2e, 0x61, 0x64, 0x6d, 0x69, 0x6e, 0x2e,
+	0x76, 0x32, 0x2e, 0x43, 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0x2e, 0x45, 0x6e, 0x63, 0x72, 0x79,
+	0x70, 0x74, 0x69, 0x6f, 0x6e, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x42, 0x03, 0xe0, 0x41, 0x05,
+	0x52, 0x10, 0x65, 0x6e, 0x63, 0x72, 0x79, 0x70, 0x74, 0x69, 0x6f, 0x6e, 0x43, 0x6f, 0x6e, 0x66,
+	0x69, 0x67, 0x1a, 0x5c, 0x0a, 0x10, 0x45, 0x6e, 0x63, 0x72, 0x79, 0x70, 0x74, 0x69, 0x6f, 0x6e,
+	0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x12, 0x48, 0x0a, 0x0c, 0x6b, 0x6d, 0x73, 0x5f, 0x6b, 0x65,
+	0x79, 0x5f, 0x6e, 0x61, 0x6d, 0x65, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x42, 0x26, 0xfa, 0x41,
+	0x23, 0x0a, 0x21, 0x63, 0x6c, 0x6f, 0x75, 0x64, 0x6b, 0x6d, 0x73, 0x2e, 0x67, 0x6f, 0x6f, 0x67,
+	0x6c, 0x65, 0x61, 0x70, 0x69, 0x73, 0x2e, 0x63, 0x6f, 0x6d, 0x2f, 0x43, 0x72, 0x79, 0x70, 0x74,
+	0x6f, 0x4b, 0x65, 0x79, 0x52, 0x0a, 0x6b, 0x6d, 0x73, 0x4b, 0x65, 0x79, 0x4e, 0x61, 0x6d, 0x65,
+	0x22, 0x51, 0x0a, 0x05, 0x53, 0x74, 0x61, 0x74, 0x65, 0x12, 0x13, 0x0a, 0x0f, 0x53, 0x54, 0x41,
+	0x54, 0x45, 0x5f, 0x4e, 0x4f, 0x54, 0x5f, 0x4b, 0x4e, 0x4f, 0x57, 0x4e, 0x10, 0x00, 0x12, 0x09,
+	0x0a, 0x05, 0x52, 0x45, 0x41, 0x44, 0x59, 0x10, 0x01, 0x12, 0x0c, 0x0a, 0x08, 0x43, 0x52, 0x45,
+	0x41, 0x54, 0x49, 0x4e, 0x47, 0x10, 0x02, 0x12, 0x0c, 0x0a, 0x08, 0x52, 0x45, 0x53, 0x49, 0x5a,
+	0x49, 0x4e, 0x47, 0x10, 0x03, 0x12, 0x0c, 0x0a, 0x08, 0x44, 0x49, 0x53, 0x41, 0x42, 0x4c, 0x45,
+	0x44, 0x10, 0x04, 0x3a, 0x65, 0xea, 0x41, 0x62, 0x0a, 0x24, 0x62, 0x69, 0x67, 0x74, 0x61, 0x62,
+	0x6c, 0x65, 0x61, 0x64, 0x6d, 0x69, 0x6e, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x61, 0x70,
+	0x69, 0x73, 0x2e, 0x63, 0x6f, 0x6d, 0x2f, 0x43, 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0x12, 0x3a,
+	0x70, 0x72, 0x6f, 0x6a, 0x65, 0x63, 0x74, 0x73, 0x2f, 0x7b, 0x70, 0x72, 0x6f, 0x6a, 0x65, 0x63,
+	0x74, 0x7d, 0x2f, 0x69, 0x6e, 0x73, 0x74, 0x61, 0x6e, 0x63, 0x65, 0x73, 0x2f, 0x7b, 0x69, 0x6e,
+	0x73, 0x74, 0x61, 0x6e, 0x63, 0x65, 0x7d, 0x2f, 0x63, 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0x73,
+	0x2f, 0x7b, 0x63, 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0x7d, 0x22, 0x84, 0x05, 0x0a, 0x0a, 0x41,
+	0x70, 0x70, 0x50, 0x72, 0x6f, 0x66, 0x69, 0x6c, 0x65, 0x12, 0x12, 0x0a, 0x04, 0x6e, 0x61, 0x6d,
+	0x65, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x04, 0x6e, 0x61, 0x6d, 0x65, 0x12, 0x12, 0x0a,
+	0x04, 0x65, 0x74, 0x61, 0x67, 0x18, 0x02, 0x20, 0x01, 0x28, 0x09, 0x52, 0x04, 0x65, 0x74, 0x61,
+	0x67, 0x12, 0x20, 0x0a, 0x0b, 0x64, 0x65, 0x73, 0x63, 0x72, 0x69, 0x70, 0x74, 0x69, 0x6f, 0x6e,
+	0x18, 0x03, 0x20, 0x01, 0x28, 0x09, 0x52, 0x0b, 0x64, 0x65, 0x73, 0x63, 0x72, 0x69, 0x70, 0x74,
+	0x69, 0x6f, 0x6e, 0x12, 0x82, 0x01, 0x0a, 0x1d, 0x6d, 0x75, 0x6c, 0x74, 0x69, 0x5f, 0x63, 0x6c,
+	0x75, 0x73, 0x74, 0x65, 0x72, 0x5f, 0x72, 0x6f, 0x75, 0x74, 0x69, 0x6e, 0x67, 0x5f, 0x75, 0x73,
+	0x65, 0x5f, 0x61, 0x6e, 0x79, 0x18, 0x05, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x3e, 0x2e, 0x67, 0x6f,
 	0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x62, 0x69, 0x67, 0x74, 0x61, 0x62, 0x6c, 0x65, 0x2e, 0x61, 0x64,
-	0x6d, 0x69, 0x6e, 0x2e, 0x76, 0x32, 0x2e, 0x53, 0x74, 0x6f, 0x72, 0x61, 0x67, 0x65, 0x54, 0x79,
-	0x70, 0x65, 0x52, 0x12, 0x64, 0x65, 0x66, 0x61, 0x75, 0x6c, 0x74, 0x53, 0x74, 0x6f, 0x72, 0x61,
-	0x67, 0x65, 0x54, 0x79, 0x70, 0x65, 0x12, 0x64, 0x0a, 0x11, 0x65, 0x6e, 0x63, 0x72, 0x79, 0x70,
-	0x74, 0x69, 0x6f, 0x6e, 0x5f, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x18, 0x06, 0x20, 0x01, 0x28,
-	0x0b, 0x32, 0x32, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x62, 0x69, 0x67, 0x74, 0x61,
-	0x62, 0x6c, 0x65, 0x2e, 0x61, 0x64, 0x6d, 0x69, 0x6e, 0x2e, 0x76, 0x32, 0x2e, 0x43, 0x6c, 0x75,
-	0x73, 0x74, 0x65, 0x72, 0x2e, 0x45, 0x6e, 0x63, 0x72, 0x79, 0x70, 0x74, 0x69, 0x6f, 0x6e, 0x43,
-	0x6f, 0x6e, 0x66, 0x69, 0x67, 0x42, 0x03, 0xe0, 0x41, 0x05, 0x52, 0x10, 0x65, 0x6e, 0x63, 0x72,
-	0x79, 0x70, 0x74, 0x69, 0x6f, 0x6e, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x1a, 0x5c, 0x0a, 0x10,
-	0x45, 0x6e, 0x63, 0x72, 0x79, 0x70, 0x74, 0x69, 0x6f, 0x6e, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67,
-	0x12, 0x48, 0x0a, 0x0c, 0x6b, 0x6d, 0x73, 0x5f, 0x6b, 0x65, 0x79, 0x5f, 0x6e, 0x61, 0x6d, 0x65,
-	0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x42, 0x26, 0xfa, 0x41, 0x23, 0x0a, 0x21, 0x63, 0x6c, 0x6f,
-	0x75, 0x64, 0x6b, 0x6d, 0x73, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x61, 0x70, 0x69, 0x73,
-	0x2e, 0x63, 0x6f, 0x6d, 0x2f, 0x43, 0x72, 0x79, 0x70, 0x74, 0x6f, 0x4b, 0x65, 0x79, 0x52, 0x0a,
-	0x6b, 0x6d, 0x73, 0x4b, 0x65, 0x79, 0x4e, 0x61, 0x6d, 0x65, 0x22, 0x51, 0x0a, 0x05, 0x53, 0x74,
-	0x61, 0x74, 0x65, 0x12, 0x13, 0x0a, 0x0f, 0x53, 0x54, 0x41, 0x54, 0x45, 0x5f, 0x4e, 0x4f, 0x54,
-	0x5f, 0x4b, 0x4e, 0x4f, 0x57, 0x4e, 0x10, 0x00, 0x12, 0x09, 0x0a, 0x05, 0x52, 0x45, 0x41, 0x44,
-	0x59, 0x10, 0x01, 0x12, 0x0c, 0x0a, 0x08, 0x43, 0x52, 0x45, 0x41, 0x54, 0x49, 0x4e, 0x47, 0x10,
-	0x02, 0x12, 0x0c, 0x0a, 0x08, 0x52, 0x45, 0x53, 0x49, 0x5a, 0x49, 0x4e, 0x47, 0x10, 0x03, 0x12,
-	0x0c, 0x0a, 0x08, 0x44, 0x49, 0x53, 0x41, 0x42, 0x4c, 0x45, 0x44, 0x10, 0x04, 0x3a, 0x60, 0xea,
-	0x41, 0x5d, 0x0a, 0x1f, 0x62, 0x69, 0x67, 0x74, 0x61, 0x62, 0x6c, 0x65, 0x2e, 0x67, 0x6f, 0x6f,
-	0x67, 0x6c, 0x65, 0x61, 0x70, 0x69, 0x73, 0x2e, 0x63, 0x6f, 0x6d, 0x2f, 0x43, 0x6c, 0x75, 0x73,
-	0x74, 0x65, 0x72, 0x12, 0x3a, 0x70, 0x72, 0x6f, 0x6a, 0x65, 0x63, 0x74, 0x73, 0x2f, 0x7b, 0x70,
-	0x72, 0x6f, 0x6a, 0x65, 0x63, 0x74, 0x7d, 0x2f, 0x69, 0x6e, 0x73, 0x74, 0x61, 0x6e, 0x63, 0x65,
-	0x73, 0x2f, 0x7b, 0x69, 0x6e, 0x73, 0x74, 0x61, 0x6e, 0x63, 0x65, 0x7d, 0x2f, 0x63, 0x6c, 0x75,
-	0x73, 0x74, 0x65, 0x72, 0x73, 0x2f, 0x7b, 0x63, 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0x7d, 0x22,
-	0xff, 0x04, 0x0a, 0x0a, 0x41, 0x70, 0x70, 0x50, 0x72, 0x6f, 0x66, 0x69, 0x6c, 0x65, 0x12, 0x12,
-	0x0a, 0x04, 0x6e, 0x61, 0x6d, 0x65, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x04, 0x6e, 0x61,
-	0x6d, 0x65, 0x12, 0x12, 0x0a, 0x04, 0x65, 0x74, 0x61, 0x67, 0x18, 0x02, 0x20, 0x01, 0x28, 0x09,
-	0x52, 0x04, 0x65, 0x74, 0x61, 0x67, 0x12, 0x20, 0x0a, 0x0b, 0x64, 0x65, 0x73, 0x63, 0x72, 0x69,
-	0x70, 0x74, 0x69, 0x6f, 0x6e, 0x18, 0x03, 0x20, 0x01, 0x28, 0x09, 0x52, 0x0b, 0x64, 0x65, 0x73,
-	0x63, 0x72, 0x69, 0x70, 0x74, 0x69, 0x6f, 0x6e, 0x12, 0x82, 0x01, 0x0a, 0x1d, 0x6d, 0x75, 0x6c,
-	0x74, 0x69, 0x5f, 0x63, 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0x5f, 0x72, 0x6f, 0x75, 0x74, 0x69,
-	0x6e, 0x67, 0x5f, 0x75, 0x73, 0x65, 0x5f, 0x61, 0x6e, 0x79, 0x18, 0x05, 0x20, 0x01, 0x28, 0x0b,
-	0x32, 0x3e, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x62, 0x69, 0x67, 0x74, 0x61, 0x62,
-	0x6c, 0x65, 0x2e, 0x61, 0x64, 0x6d, 0x69, 0x6e, 0x2e, 0x76, 0x32, 0x2e, 0x41, 0x70, 0x70, 0x50,
-	0x72, 0x6f, 0x66, 0x69, 0x6c, 0x65, 0x2e, 0x4d, 0x75, 0x6c, 0x74, 0x69, 0x43, 0x6c, 0x75, 0x73,
-	0x74, 0x65, 0x72, 0x52, 0x6f, 0x75, 0x74, 0x69, 0x6e, 0x67, 0x55, 0x73, 0x65, 0x41, 0x6e, 0x79,
-	0x48, 0x00, 0x52, 0x19, 0x6d, 0x75, 0x6c, 0x74, 0x69, 0x43, 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72,
-	0x52, 0x6f, 0x75, 0x74, 0x69, 0x6e, 0x67, 0x55, 0x73, 0x65, 0x41, 0x6e, 0x79, 0x12, 0x71, 0x0a,
-	0x16, 0x73, 0x69, 0x6e, 0x67, 0x6c, 0x65, 0x5f, 0x63, 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0x5f,
-	0x72, 0x6f, 0x75, 0x74, 0x69, 0x6e, 0x67, 0x18, 0x06, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x39, 0x2e,
-	0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x62, 0x69, 0x67, 0x74, 0x61, 0x62, 0x6c, 0x65, 0x2e,
-	0x61, 0x64, 0x6d, 0x69, 0x6e, 0x2e, 0x76, 0x32, 0x2e, 0x41, 0x70, 0x70, 0x50, 0x72, 0x6f, 0x66,
-	0x69, 0x6c, 0x65, 0x2e, 0x53, 0x69, 0x6e, 0x67, 0x6c, 0x65, 0x43, 0x6c, 0x75, 0x73, 0x74, 0x65,
-	0x72, 0x52, 0x6f, 0x75, 0x74, 0x69, 0x6e, 0x67, 0x48, 0x00, 0x52, 0x14, 0x73, 0x69, 0x6e, 0x67,
-	0x6c, 0x65, 0x43, 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0x52, 0x6f, 0x75, 0x74, 0x69, 0x6e, 0x67,
-	0x1a, 0x3c, 0x0a, 0x19, 0x4d, 0x75, 0x6c, 0x74, 0x69, 0x43, 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72,
-	0x52, 0x6f, 0x75, 0x74, 0x69, 0x6e, 0x67, 0x55, 0x73, 0x65, 0x41, 0x6e, 0x79, 0x12, 0x1f, 0x0a,
-	0x0b, 0x63, 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0x5f, 0x69, 0x64, 0x73, 0x18, 0x01, 0x20, 0x03,
-	0x28, 0x09, 0x52, 0x0a, 0x63, 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0x49, 0x64, 0x73, 0x1a, 0x73,
-	0x0a, 0x14, 0x53, 0x69, 0x6e, 0x67, 0x6c, 0x65, 0x43, 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0x52,
-	0x6f, 0x75, 0x74, 0x69, 0x6e, 0x67, 0x12, 0x1d, 0x0a, 0x0a, 0x63, 0x6c, 0x75, 0x73, 0x74, 0x65,
-	0x72, 0x5f, 0x69, 0x64, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x09, 0x63, 0x6c, 0x75, 0x73,
-	0x74, 0x65, 0x72, 0x49, 0x64, 0x12, 0x3c, 0x0a, 0x1a, 0x61, 0x6c, 0x6c, 0x6f, 0x77, 0x5f, 0x74,
-	0x72, 0x61, 0x6e, 0x73, 0x61, 0x63, 0x74, 0x69, 0x6f, 0x6e, 0x61, 0x6c, 0x5f, 0x77, 0x72, 0x69,
-	0x74, 0x65, 0x73, 0x18, 0x02, 0x20, 0x01, 0x28, 0x08, 0x52, 0x18, 0x61, 0x6c, 0x6c, 0x6f, 0x77,
-	0x54, 0x72, 0x61, 0x6e, 0x73, 0x61, 0x63, 0x74, 0x69, 0x6f, 0x6e, 0x61, 0x6c, 0x57, 0x72, 0x69,
-	0x74, 0x65, 0x73, 0x3a, 0x6a, 0xea, 0x41, 0x67, 0x0a, 0x22, 0x62, 0x69, 0x67, 0x74, 0x61, 0x62,
-	0x6c, 0x65, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x61, 0x70, 0x69, 0x73, 0x2e, 0x63, 0x6f,
+	0x6d, 0x69, 0x6e, 0x2e, 0x76, 0x32, 0x2e, 0x41, 0x70, 0x70, 0x50, 0x72, 0x6f, 0x66, 0x69, 0x6c,
+	0x65, 0x2e, 0x4d, 0x75, 0x6c, 0x74, 0x69, 0x43, 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0x52, 0x6f,
+	0x75, 0x74, 0x69, 0x6e, 0x67, 0x55, 0x73, 0x65, 0x41, 0x6e, 0x79, 0x48, 0x00, 0x52, 0x19, 0x6d,
+	0x75, 0x6c, 0x74, 0x69, 0x43, 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0x52, 0x6f, 0x75, 0x74, 0x69,
+	0x6e, 0x67, 0x55, 0x73, 0x65, 0x41, 0x6e, 0x79, 0x12, 0x71, 0x0a, 0x16, 0x73, 0x69, 0x6e, 0x67,
+	0x6c, 0x65, 0x5f, 0x63, 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0x5f, 0x72, 0x6f, 0x75, 0x74, 0x69,
+	0x6e, 0x67, 0x18, 0x06, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x39, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c,
+	0x65, 0x2e, 0x62, 0x69, 0x67, 0x74, 0x61, 0x62, 0x6c, 0x65, 0x2e, 0x61, 0x64, 0x6d, 0x69, 0x6e,
+	0x2e, 0x76, 0x32, 0x2e, 0x41, 0x70, 0x70, 0x50, 0x72, 0x6f, 0x66, 0x69, 0x6c, 0x65, 0x2e, 0x53,
+	0x69, 0x6e, 0x67, 0x6c, 0x65, 0x43, 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0x52, 0x6f, 0x75, 0x74,
+	0x69, 0x6e, 0x67, 0x48, 0x00, 0x52, 0x14, 0x73, 0x69, 0x6e, 0x67, 0x6c, 0x65, 0x43, 0x6c, 0x75,
+	0x73, 0x74, 0x65, 0x72, 0x52, 0x6f, 0x75, 0x74, 0x69, 0x6e, 0x67, 0x1a, 0x3c, 0x0a, 0x19, 0x4d,
+	0x75, 0x6c, 0x74, 0x69, 0x43, 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0x52, 0x6f, 0x75, 0x74, 0x69,
+	0x6e, 0x67, 0x55, 0x73, 0x65, 0x41, 0x6e, 0x79, 0x12, 0x1f, 0x0a, 0x0b, 0x63, 0x6c, 0x75, 0x73,
+	0x74, 0x65, 0x72, 0x5f, 0x69, 0x64, 0x73, 0x18, 0x01, 0x20, 0x03, 0x28, 0x09, 0x52, 0x0a, 0x63,
+	0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0x49, 0x64, 0x73, 0x1a, 0x73, 0x0a, 0x14, 0x53, 0x69, 0x6e,
+	0x67, 0x6c, 0x65, 0x43, 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0x52, 0x6f, 0x75, 0x74, 0x69, 0x6e,
+	0x67, 0x12, 0x1d, 0x0a, 0x0a, 0x63, 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0x5f, 0x69, 0x64, 0x18,
+	0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x09, 0x63, 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0x49, 0x64,
+	0x12, 0x3c, 0x0a, 0x1a, 0x61, 0x6c, 0x6c, 0x6f, 0x77, 0x5f, 0x74, 0x72, 0x61, 0x6e, 0x73, 0x61,
+	0x63, 0x74, 0x69, 0x6f, 0x6e, 0x61, 0x6c, 0x5f, 0x77, 0x72, 0x69, 0x74, 0x65, 0x73, 0x18, 0x02,
+	0x20, 0x01, 0x28, 0x08, 0x52, 0x18, 0x61, 0x6c, 0x6c, 0x6f, 0x77, 0x54, 0x72, 0x61, 0x6e, 0x73,
+	0x61, 0x63, 0x74, 0x69, 0x6f, 0x6e, 0x61, 0x6c, 0x57, 0x72, 0x69, 0x74, 0x65, 0x73, 0x3a, 0x6f,
+	0xea, 0x41, 0x6c, 0x0a, 0x27, 0x62, 0x69, 0x67, 0x74, 0x61, 0x62, 0x6c, 0x65, 0x61, 0x64, 0x6d,
+	0x69, 0x6e, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x61, 0x70, 0x69, 0x73, 0x2e, 0x63, 0x6f,
 	0x6d, 0x2f, 0x41, 0x70, 0x70, 0x50, 0x72, 0x6f, 0x66, 0x69, 0x6c, 0x65, 0x12, 0x41, 0x70, 0x72,
 	0x6f, 0x6a, 0x65, 0x63, 0x74, 0x73, 0x2f, 0x7b, 0x70, 0x72, 0x6f, 0x6a, 0x65, 0x63, 0x74, 0x7d,
 	0x2f, 0x69, 0x6e, 0x73, 0x74, 0x61, 0x6e, 0x63, 0x65, 0x73, 0x2f, 0x7b, 0x69, 0x6e, 0x73, 0x74,
@@ -901,22 +922,24 @@ var file_google_bigtable_admin_v2_instance_proto_goTypes = []interface{}{
 	(*Cluster_EncryptionConfig)(nil), // 7: google.bigtable.admin.v2.Cluster.EncryptionConfig
 	(*AppProfile_MultiClusterRoutingUseAny)(nil), // 8: google.bigtable.admin.v2.AppProfile.MultiClusterRoutingUseAny
 	(*AppProfile_SingleClusterRouting)(nil),      // 9: google.bigtable.admin.v2.AppProfile.SingleClusterRouting
-	(StorageType)(0),                             // 10: google.bigtable.admin.v2.StorageType
+	(*timestamppb.Timestamp)(nil),                // 10: google.protobuf.Timestamp
+	(StorageType)(0),                             // 11: google.bigtable.admin.v2.StorageType
 }
 var file_google_bigtable_admin_v2_instance_proto_depIdxs = []int32{
 	0,  // 0: google.bigtable.admin.v2.Instance.state:type_name -> google.bigtable.admin.v2.Instance.State
 	1,  // 1: google.bigtable.admin.v2.Instance.type:type_name -> google.bigtable.admin.v2.Instance.Type
 	6,  // 2: google.bigtable.admin.v2.Instance.labels:type_name -> google.bigtable.admin.v2.Instance.LabelsEntry
-	2,  // 3: google.bigtable.admin.v2.Cluster.state:type_name -> google.bigtable.admin.v2.Cluster.State
-	10, // 4: google.bigtable.admin.v2.Cluster.default_storage_type:type_name -> google.bigtable.admin.v2.StorageType
-	7,  // 5: google.bigtable.admin.v2.Cluster.encryption_config:type_name -> google.bigtable.admin.v2.Cluster.EncryptionConfig
-	8,  // 6: google.bigtable.admin.v2.AppProfile.multi_cluster_routing_use_any:type_name -> google.bigtable.admin.v2.AppProfile.MultiClusterRoutingUseAny
-	9,  // 7: google.bigtable.admin.v2.AppProfile.single_cluster_routing:type_name -> google.bigtable.admin.v2.AppProfile.SingleClusterRouting
-	8,  // [8:8] is the sub-list for method output_type
-	8,  // [8:8] is the sub-list for method input_type
-	8,  // [8:8] is the sub-list for extension type_name
-	8,  // [8:8] is the sub-list for extension extendee
-	0,  // [0:8] is the sub-list for field type_name
+	10, // 3: google.bigtable.admin.v2.Instance.create_time:type_name -> google.protobuf.Timestamp
+	2,  // 4: google.bigtable.admin.v2.Cluster.state:type_name -> google.bigtable.admin.v2.Cluster.State
+	11, // 5: google.bigtable.admin.v2.Cluster.default_storage_type:type_name -> google.bigtable.admin.v2.StorageType
+	7,  // 6: google.bigtable.admin.v2.Cluster.encryption_config:type_name -> google.bigtable.admin.v2.Cluster.EncryptionConfig
+	8,  // 7: google.bigtable.admin.v2.AppProfile.multi_cluster_routing_use_any:type_name -> google.bigtable.admin.v2.AppProfile.MultiClusterRoutingUseAny
+	9,  // 8: google.bigtable.admin.v2.AppProfile.single_cluster_routing:type_name -> google.bigtable.admin.v2.AppProfile.SingleClusterRouting
+	9,  // [9:9] is the sub-list for method output_type
+	9,  // [9:9] is the sub-list for method input_type
+	9,  // [9:9] is the sub-list for extension type_name
+	9,  // [9:9] is the sub-list for extension extendee
+	0,  // [0:9] is the sub-list for field type_name
 }
 
 func init() { file_google_bigtable_admin_v2_instance_proto_init() }
diff --git a/vendor/google.golang.org/genproto/googleapis/bigtable/admin/v2/table.pb.go b/vendor/google.golang.org/genproto/googleapis/bigtable/admin/v2/table.pb.go
index d532e544cb7..ee271385929 100644
--- a/vendor/google.golang.org/genproto/googleapis/bigtable/admin/v2/table.pb.go
+++ b/vendor/google.golang.org/genproto/googleapis/bigtable/admin/v2/table.pb.go
@@ -1384,7 +1384,7 @@ var file_google_bigtable_admin_v2_table_proto_rawDesc = []byte{
 	0x6c, 0x65, 0x2e, 0x62, 0x69, 0x67, 0x74, 0x61, 0x62, 0x6c, 0x65, 0x2e, 0x61, 0x64, 0x6d, 0x69,
 	0x6e, 0x2e, 0x76, 0x32, 0x2e, 0x42, 0x61, 0x63, 0x6b, 0x75, 0x70, 0x49, 0x6e, 0x66, 0x6f, 0x48,
 	0x00, 0x52, 0x0a, 0x62, 0x61, 0x63, 0x6b, 0x75, 0x70, 0x49, 0x6e, 0x66, 0x6f, 0x42, 0x0d, 0x0a,
-	0x0b, 0x73, 0x6f, 0x75, 0x72, 0x63, 0x65, 0x5f, 0x69, 0x6e, 0x66, 0x6f, 0x22, 0xd1, 0x09, 0x0a,
+	0x0b, 0x73, 0x6f, 0x75, 0x72, 0x63, 0x65, 0x5f, 0x69, 0x6e, 0x66, 0x6f, 0x22, 0xd6, 0x09, 0x0a,
 	0x05, 0x54, 0x61, 0x62, 0x6c, 0x65, 0x12, 0x12, 0x0a, 0x04, 0x6e, 0x61, 0x6d, 0x65, 0x18, 0x01,
 	0x20, 0x01, 0x28, 0x09, 0x52, 0x04, 0x6e, 0x61, 0x6d, 0x65, 0x12, 0x59, 0x0a, 0x0e, 0x63, 0x6c,
 	0x75, 0x73, 0x74, 0x65, 0x72, 0x5f, 0x73, 0x74, 0x61, 0x74, 0x65, 0x73, 0x18, 0x02, 0x20, 0x03,
@@ -1456,182 +1456,183 @@ var file_google_bigtable_admin_v2_table_proto_rawDesc = []byte{
 	0x14, 0x0a, 0x10, 0x52, 0x45, 0x50, 0x4c, 0x49, 0x43, 0x41, 0x54, 0x49, 0x4f, 0x4e, 0x5f, 0x56,
 	0x49, 0x45, 0x57, 0x10, 0x03, 0x12, 0x13, 0x0a, 0x0f, 0x45, 0x4e, 0x43, 0x52, 0x59, 0x50, 0x54,
 	0x49, 0x4f, 0x4e, 0x5f, 0x56, 0x49, 0x45, 0x57, 0x10, 0x05, 0x12, 0x08, 0x0a, 0x04, 0x46, 0x55,
-	0x4c, 0x4c, 0x10, 0x04, 0x3a, 0x5a, 0xea, 0x41, 0x57, 0x0a, 0x1d, 0x62, 0x69, 0x67, 0x74, 0x61,
-	0x62, 0x6c, 0x65, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x61, 0x70, 0x69, 0x73, 0x2e, 0x63,
-	0x6f, 0x6d, 0x2f, 0x54, 0x61, 0x62, 0x6c, 0x65, 0x12, 0x36, 0x70, 0x72, 0x6f, 0x6a, 0x65, 0x63,
-	0x74, 0x73, 0x2f, 0x7b, 0x70, 0x72, 0x6f, 0x6a, 0x65, 0x63, 0x74, 0x7d, 0x2f, 0x69, 0x6e, 0x73,
-	0x74, 0x61, 0x6e, 0x63, 0x65, 0x73, 0x2f, 0x7b, 0x69, 0x6e, 0x73, 0x74, 0x61, 0x6e, 0x63, 0x65,
-	0x7d, 0x2f, 0x74, 0x61, 0x62, 0x6c, 0x65, 0x73, 0x2f, 0x7b, 0x74, 0x61, 0x62, 0x6c, 0x65, 0x7d,
-	0x22, 0x49, 0x0a, 0x0c, 0x43, 0x6f, 0x6c, 0x75, 0x6d, 0x6e, 0x46, 0x61, 0x6d, 0x69, 0x6c, 0x79,
-	0x12, 0x39, 0x0a, 0x07, 0x67, 0x63, 0x5f, 0x72, 0x75, 0x6c, 0x65, 0x18, 0x01, 0x20, 0x01, 0x28,
+	0x4c, 0x4c, 0x10, 0x04, 0x3a, 0x5f, 0xea, 0x41, 0x5c, 0x0a, 0x22, 0x62, 0x69, 0x67, 0x74, 0x61,
+	0x62, 0x6c, 0x65, 0x61, 0x64, 0x6d, 0x69, 0x6e, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x61,
+	0x70, 0x69, 0x73, 0x2e, 0x63, 0x6f, 0x6d, 0x2f, 0x54, 0x61, 0x62, 0x6c, 0x65, 0x12, 0x36, 0x70,
+	0x72, 0x6f, 0x6a, 0x65, 0x63, 0x74, 0x73, 0x2f, 0x7b, 0x70, 0x72, 0x6f, 0x6a, 0x65, 0x63, 0x74,
+	0x7d, 0x2f, 0x69, 0x6e, 0x73, 0x74, 0x61, 0x6e, 0x63, 0x65, 0x73, 0x2f, 0x7b, 0x69, 0x6e, 0x73,
+	0x74, 0x61, 0x6e, 0x63, 0x65, 0x7d, 0x2f, 0x74, 0x61, 0x62, 0x6c, 0x65, 0x73, 0x2f, 0x7b, 0x74,
+	0x61, 0x62, 0x6c, 0x65, 0x7d, 0x22, 0x49, 0x0a, 0x0c, 0x43, 0x6f, 0x6c, 0x75, 0x6d, 0x6e, 0x46,
+	0x61, 0x6d, 0x69, 0x6c, 0x79, 0x12, 0x39, 0x0a, 0x07, 0x67, 0x63, 0x5f, 0x72, 0x75, 0x6c, 0x65,
+	0x18, 0x01, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x20, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e,
+	0x62, 0x69, 0x67, 0x74, 0x61, 0x62, 0x6c, 0x65, 0x2e, 0x61, 0x64, 0x6d, 0x69, 0x6e, 0x2e, 0x76,
+	0x32, 0x2e, 0x47, 0x63, 0x52, 0x75, 0x6c, 0x65, 0x52, 0x06, 0x67, 0x63, 0x52, 0x75, 0x6c, 0x65,
+	0x22, 0x90, 0x03, 0x0a, 0x06, 0x47, 0x63, 0x52, 0x75, 0x6c, 0x65, 0x12, 0x2a, 0x0a, 0x10, 0x6d,
+	0x61, 0x78, 0x5f, 0x6e, 0x75, 0x6d, 0x5f, 0x76, 0x65, 0x72, 0x73, 0x69, 0x6f, 0x6e, 0x73, 0x18,
+	0x01, 0x20, 0x01, 0x28, 0x05, 0x48, 0x00, 0x52, 0x0e, 0x6d, 0x61, 0x78, 0x4e, 0x75, 0x6d, 0x56,
+	0x65, 0x72, 0x73, 0x69, 0x6f, 0x6e, 0x73, 0x12, 0x34, 0x0a, 0x07, 0x6d, 0x61, 0x78, 0x5f, 0x61,
+	0x67, 0x65, 0x18, 0x02, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x19, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c,
+	0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x44, 0x75, 0x72, 0x61, 0x74,
+	0x69, 0x6f, 0x6e, 0x48, 0x00, 0x52, 0x06, 0x6d, 0x61, 0x78, 0x41, 0x67, 0x65, 0x12, 0x53, 0x0a,
+	0x0c, 0x69, 0x6e, 0x74, 0x65, 0x72, 0x73, 0x65, 0x63, 0x74, 0x69, 0x6f, 0x6e, 0x18, 0x03, 0x20,
+	0x01, 0x28, 0x0b, 0x32, 0x2d, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x62, 0x69, 0x67,
+	0x74, 0x61, 0x62, 0x6c, 0x65, 0x2e, 0x61, 0x64, 0x6d, 0x69, 0x6e, 0x2e, 0x76, 0x32, 0x2e, 0x47,
+	0x63, 0x52, 0x75, 0x6c, 0x65, 0x2e, 0x49, 0x6e, 0x74, 0x65, 0x72, 0x73, 0x65, 0x63, 0x74, 0x69,
+	0x6f, 0x6e, 0x48, 0x00, 0x52, 0x0c, 0x69, 0x6e, 0x74, 0x65, 0x72, 0x73, 0x65, 0x63, 0x74, 0x69,
+	0x6f, 0x6e, 0x12, 0x3e, 0x0a, 0x05, 0x75, 0x6e, 0x69, 0x6f, 0x6e, 0x18, 0x04, 0x20, 0x01, 0x28,
+	0x0b, 0x32, 0x26, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x62, 0x69, 0x67, 0x74, 0x61,
+	0x62, 0x6c, 0x65, 0x2e, 0x61, 0x64, 0x6d, 0x69, 0x6e, 0x2e, 0x76, 0x32, 0x2e, 0x47, 0x63, 0x52,
+	0x75, 0x6c, 0x65, 0x2e, 0x55, 0x6e, 0x69, 0x6f, 0x6e, 0x48, 0x00, 0x52, 0x05, 0x75, 0x6e, 0x69,
+	0x6f, 0x6e, 0x1a, 0x46, 0x0a, 0x0c, 0x49, 0x6e, 0x74, 0x65, 0x72, 0x73, 0x65, 0x63, 0x74, 0x69,
+	0x6f, 0x6e, 0x12, 0x36, 0x0a, 0x05, 0x72, 0x75, 0x6c, 0x65, 0x73, 0x18, 0x01, 0x20, 0x03, 0x28,
 	0x0b, 0x32, 0x20, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x62, 0x69, 0x67, 0x74, 0x61,
 	0x62, 0x6c, 0x65, 0x2e, 0x61, 0x64, 0x6d, 0x69, 0x6e, 0x2e, 0x76, 0x32, 0x2e, 0x47, 0x63, 0x52,
-	0x75, 0x6c, 0x65, 0x52, 0x06, 0x67, 0x63, 0x52, 0x75, 0x6c, 0x65, 0x22, 0x90, 0x03, 0x0a, 0x06,
-	0x47, 0x63, 0x52, 0x75, 0x6c, 0x65, 0x12, 0x2a, 0x0a, 0x10, 0x6d, 0x61, 0x78, 0x5f, 0x6e, 0x75,
-	0x6d, 0x5f, 0x76, 0x65, 0x72, 0x73, 0x69, 0x6f, 0x6e, 0x73, 0x18, 0x01, 0x20, 0x01, 0x28, 0x05,
-	0x48, 0x00, 0x52, 0x0e, 0x6d, 0x61, 0x78, 0x4e, 0x75, 0x6d, 0x56, 0x65, 0x72, 0x73, 0x69, 0x6f,
-	0x6e, 0x73, 0x12, 0x34, 0x0a, 0x07, 0x6d, 0x61, 0x78, 0x5f, 0x61, 0x67, 0x65, 0x18, 0x02, 0x20,
-	0x01, 0x28, 0x0b, 0x32, 0x19, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f,
-	0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x44, 0x75, 0x72, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x48, 0x00,
-	0x52, 0x06, 0x6d, 0x61, 0x78, 0x41, 0x67, 0x65, 0x12, 0x53, 0x0a, 0x0c, 0x69, 0x6e, 0x74, 0x65,
-	0x72, 0x73, 0x65, 0x63, 0x74, 0x69, 0x6f, 0x6e, 0x18, 0x03, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x2d,
-	0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x62, 0x69, 0x67, 0x74, 0x61, 0x62, 0x6c, 0x65,
-	0x2e, 0x61, 0x64, 0x6d, 0x69, 0x6e, 0x2e, 0x76, 0x32, 0x2e, 0x47, 0x63, 0x52, 0x75, 0x6c, 0x65,
-	0x2e, 0x49, 0x6e, 0x74, 0x65, 0x72, 0x73, 0x65, 0x63, 0x74, 0x69, 0x6f, 0x6e, 0x48, 0x00, 0x52,
-	0x0c, 0x69, 0x6e, 0x74, 0x65, 0x72, 0x73, 0x65, 0x63, 0x74, 0x69, 0x6f, 0x6e, 0x12, 0x3e, 0x0a,
-	0x05, 0x75, 0x6e, 0x69, 0x6f, 0x6e, 0x18, 0x04, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x26, 0x2e, 0x67,
-	0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x62, 0x69, 0x67, 0x74, 0x61, 0x62, 0x6c, 0x65, 0x2e, 0x61,
-	0x64, 0x6d, 0x69, 0x6e, 0x2e, 0x76, 0x32, 0x2e, 0x47, 0x63, 0x52, 0x75, 0x6c, 0x65, 0x2e, 0x55,
-	0x6e, 0x69, 0x6f, 0x6e, 0x48, 0x00, 0x52, 0x05, 0x75, 0x6e, 0x69, 0x6f, 0x6e, 0x1a, 0x46, 0x0a,
-	0x0c, 0x49, 0x6e, 0x74, 0x65, 0x72, 0x73, 0x65, 0x63, 0x74, 0x69, 0x6f, 0x6e, 0x12, 0x36, 0x0a,
-	0x05, 0x72, 0x75, 0x6c, 0x65, 0x73, 0x18, 0x01, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x20, 0x2e, 0x67,
-	0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x62, 0x69, 0x67, 0x74, 0x61, 0x62, 0x6c, 0x65, 0x2e, 0x61,
-	0x64, 0x6d, 0x69, 0x6e, 0x2e, 0x76, 0x32, 0x2e, 0x47, 0x63, 0x52, 0x75, 0x6c, 0x65, 0x52, 0x05,
-	0x72, 0x75, 0x6c, 0x65, 0x73, 0x1a, 0x3f, 0x0a, 0x05, 0x55, 0x6e, 0x69, 0x6f, 0x6e, 0x12, 0x36,
-	0x0a, 0x05, 0x72, 0x75, 0x6c, 0x65, 0x73, 0x18, 0x01, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x20, 0x2e,
+	0x75, 0x6c, 0x65, 0x52, 0x05, 0x72, 0x75, 0x6c, 0x65, 0x73, 0x1a, 0x3f, 0x0a, 0x05, 0x55, 0x6e,
+	0x69, 0x6f, 0x6e, 0x12, 0x36, 0x0a, 0x05, 0x72, 0x75, 0x6c, 0x65, 0x73, 0x18, 0x01, 0x20, 0x03,
+	0x28, 0x0b, 0x32, 0x20, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x62, 0x69, 0x67, 0x74,
+	0x61, 0x62, 0x6c, 0x65, 0x2e, 0x61, 0x64, 0x6d, 0x69, 0x6e, 0x2e, 0x76, 0x32, 0x2e, 0x47, 0x63,
+	0x52, 0x75, 0x6c, 0x65, 0x52, 0x05, 0x72, 0x75, 0x6c, 0x65, 0x73, 0x42, 0x06, 0x0a, 0x04, 0x72,
+	0x75, 0x6c, 0x65, 0x22, 0x8a, 0x03, 0x0a, 0x0e, 0x45, 0x6e, 0x63, 0x72, 0x79, 0x70, 0x74, 0x69,
+	0x6f, 0x6e, 0x49, 0x6e, 0x66, 0x6f, 0x12, 0x65, 0x0a, 0x0f, 0x65, 0x6e, 0x63, 0x72, 0x79, 0x70,
+	0x74, 0x69, 0x6f, 0x6e, 0x5f, 0x74, 0x79, 0x70, 0x65, 0x18, 0x03, 0x20, 0x01, 0x28, 0x0e, 0x32,
+	0x37, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x62, 0x69, 0x67, 0x74, 0x61, 0x62, 0x6c,
+	0x65, 0x2e, 0x61, 0x64, 0x6d, 0x69, 0x6e, 0x2e, 0x76, 0x32, 0x2e, 0x45, 0x6e, 0x63, 0x72, 0x79,
+	0x70, 0x74, 0x69, 0x6f, 0x6e, 0x49, 0x6e, 0x66, 0x6f, 0x2e, 0x45, 0x6e, 0x63, 0x72, 0x79, 0x70,
+	0x74, 0x69, 0x6f, 0x6e, 0x54, 0x79, 0x70, 0x65, 0x42, 0x03, 0xe0, 0x41, 0x03, 0x52, 0x0e, 0x65,
+	0x6e, 0x63, 0x72, 0x79, 0x70, 0x74, 0x69, 0x6f, 0x6e, 0x54, 0x79, 0x70, 0x65, 0x12, 0x44, 0x0a,
+	0x11, 0x65, 0x6e, 0x63, 0x72, 0x79, 0x70, 0x74, 0x69, 0x6f, 0x6e, 0x5f, 0x73, 0x74, 0x61, 0x74,
+	0x75, 0x73, 0x18, 0x04, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x12, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c,
+	0x65, 0x2e, 0x72, 0x70, 0x63, 0x2e, 0x53, 0x74, 0x61, 0x74, 0x75, 0x73, 0x42, 0x03, 0xe0, 0x41,
+	0x03, 0x52, 0x10, 0x65, 0x6e, 0x63, 0x72, 0x79, 0x70, 0x74, 0x69, 0x6f, 0x6e, 0x53, 0x74, 0x61,
+	0x74, 0x75, 0x73, 0x12, 0x58, 0x0a, 0x0f, 0x6b, 0x6d, 0x73, 0x5f, 0x6b, 0x65, 0x79, 0x5f, 0x76,
+	0x65, 0x72, 0x73, 0x69, 0x6f, 0x6e, 0x18, 0x02, 0x20, 0x01, 0x28, 0x09, 0x42, 0x30, 0xe0, 0x41,
+	0x03, 0xfa, 0x41, 0x2a, 0x0a, 0x28, 0x63, 0x6c, 0x6f, 0x75, 0x64, 0x6b, 0x6d, 0x73, 0x2e, 0x67,
+	0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x61, 0x70, 0x69, 0x73, 0x2e, 0x63, 0x6f, 0x6d, 0x2f, 0x43, 0x72,
+	0x79, 0x70, 0x74, 0x6f, 0x4b, 0x65, 0x79, 0x56, 0x65, 0x72, 0x73, 0x69, 0x6f, 0x6e, 0x52, 0x0d,
+	0x6b, 0x6d, 0x73, 0x4b, 0x65, 0x79, 0x56, 0x65, 0x72, 0x73, 0x69, 0x6f, 0x6e, 0x22, 0x71, 0x0a,
+	0x0e, 0x45, 0x6e, 0x63, 0x72, 0x79, 0x70, 0x74, 0x69, 0x6f, 0x6e, 0x54, 0x79, 0x70, 0x65, 0x12,
+	0x1f, 0x0a, 0x1b, 0x45, 0x4e, 0x43, 0x52, 0x59, 0x50, 0x54, 0x49, 0x4f, 0x4e, 0x5f, 0x54, 0x59,
+	0x50, 0x45, 0x5f, 0x55, 0x4e, 0x53, 0x50, 0x45, 0x43, 0x49, 0x46, 0x49, 0x45, 0x44, 0x10, 0x00,
+	0x12, 0x1d, 0x0a, 0x19, 0x47, 0x4f, 0x4f, 0x47, 0x4c, 0x45, 0x5f, 0x44, 0x45, 0x46, 0x41, 0x55,
+	0x4c, 0x54, 0x5f, 0x45, 0x4e, 0x43, 0x52, 0x59, 0x50, 0x54, 0x49, 0x4f, 0x4e, 0x10, 0x01, 0x12,
+	0x1f, 0x0a, 0x1b, 0x43, 0x55, 0x53, 0x54, 0x4f, 0x4d, 0x45, 0x52, 0x5f, 0x4d, 0x41, 0x4e, 0x41,
+	0x47, 0x45, 0x44, 0x5f, 0x45, 0x4e, 0x43, 0x52, 0x59, 0x50, 0x54, 0x49, 0x4f, 0x4e, 0x10, 0x02,
+	0x22, 0x9a, 0x04, 0x0a, 0x08, 0x53, 0x6e, 0x61, 0x70, 0x73, 0x68, 0x6f, 0x74, 0x12, 0x12, 0x0a,
+	0x04, 0x6e, 0x61, 0x6d, 0x65, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x04, 0x6e, 0x61, 0x6d,
+	0x65, 0x12, 0x42, 0x0a, 0x0c, 0x73, 0x6f, 0x75, 0x72, 0x63, 0x65, 0x5f, 0x74, 0x61, 0x62, 0x6c,
+	0x65, 0x18, 0x02, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1f, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65,
+	0x2e, 0x62, 0x69, 0x67, 0x74, 0x61, 0x62, 0x6c, 0x65, 0x2e, 0x61, 0x64, 0x6d, 0x69, 0x6e, 0x2e,
+	0x76, 0x32, 0x2e, 0x54, 0x61, 0x62, 0x6c, 0x65, 0x52, 0x0b, 0x73, 0x6f, 0x75, 0x72, 0x63, 0x65,
+	0x54, 0x61, 0x62, 0x6c, 0x65, 0x12, 0x26, 0x0a, 0x0f, 0x64, 0x61, 0x74, 0x61, 0x5f, 0x73, 0x69,
+	0x7a, 0x65, 0x5f, 0x62, 0x79, 0x74, 0x65, 0x73, 0x18, 0x03, 0x20, 0x01, 0x28, 0x03, 0x52, 0x0d,
+	0x64, 0x61, 0x74, 0x61, 0x53, 0x69, 0x7a, 0x65, 0x42, 0x79, 0x74, 0x65, 0x73, 0x12, 0x3b, 0x0a,
+	0x0b, 0x63, 0x72, 0x65, 0x61, 0x74, 0x65, 0x5f, 0x74, 0x69, 0x6d, 0x65, 0x18, 0x04, 0x20, 0x01,
+	0x28, 0x0b, 0x32, 0x1a, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74,
+	0x6f, 0x62, 0x75, 0x66, 0x2e, 0x54, 0x69, 0x6d, 0x65, 0x73, 0x74, 0x61, 0x6d, 0x70, 0x52, 0x0a,
+	0x63, 0x72, 0x65, 0x61, 0x74, 0x65, 0x54, 0x69, 0x6d, 0x65, 0x12, 0x3b, 0x0a, 0x0b, 0x64, 0x65,
+	0x6c, 0x65, 0x74, 0x65, 0x5f, 0x74, 0x69, 0x6d, 0x65, 0x18, 0x05, 0x20, 0x01, 0x28, 0x0b, 0x32,
+	0x1a, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75,
+	0x66, 0x2e, 0x54, 0x69, 0x6d, 0x65, 0x73, 0x74, 0x61, 0x6d, 0x70, 0x52, 0x0a, 0x64, 0x65, 0x6c,
+	0x65, 0x74, 0x65, 0x54, 0x69, 0x6d, 0x65, 0x12, 0x3e, 0x0a, 0x05, 0x73, 0x74, 0x61, 0x74, 0x65,
+	0x18, 0x06, 0x20, 0x01, 0x28, 0x0e, 0x32, 0x28, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e,
+	0x62, 0x69, 0x67, 0x74, 0x61, 0x62, 0x6c, 0x65, 0x2e, 0x61, 0x64, 0x6d, 0x69, 0x6e, 0x2e, 0x76,
+	0x32, 0x2e, 0x53, 0x6e, 0x61, 0x70, 0x73, 0x68, 0x6f, 0x74, 0x2e, 0x53, 0x74, 0x61, 0x74, 0x65,
+	0x52, 0x05, 0x73, 0x74, 0x61, 0x74, 0x65, 0x12, 0x20, 0x0a, 0x0b, 0x64, 0x65, 0x73, 0x63, 0x72,
+	0x69, 0x70, 0x74, 0x69, 0x6f, 0x6e, 0x18, 0x07, 0x20, 0x01, 0x28, 0x09, 0x52, 0x0b, 0x64, 0x65,
+	0x73, 0x63, 0x72, 0x69, 0x70, 0x74, 0x69, 0x6f, 0x6e, 0x22, 0x35, 0x0a, 0x05, 0x53, 0x74, 0x61,
+	0x74, 0x65, 0x12, 0x13, 0x0a, 0x0f, 0x53, 0x54, 0x41, 0x54, 0x45, 0x5f, 0x4e, 0x4f, 0x54, 0x5f,
+	0x4b, 0x4e, 0x4f, 0x57, 0x4e, 0x10, 0x00, 0x12, 0x09, 0x0a, 0x05, 0x52, 0x45, 0x41, 0x44, 0x59,
+	0x10, 0x01, 0x12, 0x0c, 0x0a, 0x08, 0x43, 0x52, 0x45, 0x41, 0x54, 0x49, 0x4e, 0x47, 0x10, 0x02,
+	0x3a, 0x7b, 0xea, 0x41, 0x78, 0x0a, 0x25, 0x62, 0x69, 0x67, 0x74, 0x61, 0x62, 0x6c, 0x65, 0x61,
+	0x64, 0x6d, 0x69, 0x6e, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x61, 0x70, 0x69, 0x73, 0x2e,
+	0x63, 0x6f, 0x6d, 0x2f, 0x53, 0x6e, 0x61, 0x70, 0x73, 0x68, 0x6f, 0x74, 0x12, 0x4f, 0x70, 0x72,
+	0x6f, 0x6a, 0x65, 0x63, 0x74, 0x73, 0x2f, 0x7b, 0x70, 0x72, 0x6f, 0x6a, 0x65, 0x63, 0x74, 0x7d,
+	0x2f, 0x69, 0x6e, 0x73, 0x74, 0x61, 0x6e, 0x63, 0x65, 0x73, 0x2f, 0x7b, 0x69, 0x6e, 0x73, 0x74,
+	0x61, 0x6e, 0x63, 0x65, 0x7d, 0x2f, 0x63, 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0x73, 0x2f, 0x7b,
+	0x63, 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0x7d, 0x2f, 0x73, 0x6e, 0x61, 0x70, 0x73, 0x68, 0x6f,
+	0x74, 0x73, 0x2f, 0x7b, 0x73, 0x6e, 0x61, 0x70, 0x73, 0x68, 0x6f, 0x74, 0x7d, 0x22, 0xf9, 0x04,
+	0x0a, 0x06, 0x42, 0x61, 0x63, 0x6b, 0x75, 0x70, 0x12, 0x17, 0x0a, 0x04, 0x6e, 0x61, 0x6d, 0x65,
+	0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x42, 0x03, 0xe0, 0x41, 0x03, 0x52, 0x04, 0x6e, 0x61, 0x6d,
+	0x65, 0x12, 0x29, 0x0a, 0x0c, 0x73, 0x6f, 0x75, 0x72, 0x63, 0x65, 0x5f, 0x74, 0x61, 0x62, 0x6c,
+	0x65, 0x18, 0x02, 0x20, 0x01, 0x28, 0x09, 0x42, 0x06, 0xe0, 0x41, 0x05, 0xe0, 0x41, 0x02, 0x52,
+	0x0b, 0x73, 0x6f, 0x75, 0x72, 0x63, 0x65, 0x54, 0x61, 0x62, 0x6c, 0x65, 0x12, 0x40, 0x0a, 0x0b,
+	0x65, 0x78, 0x70, 0x69, 0x72, 0x65, 0x5f, 0x74, 0x69, 0x6d, 0x65, 0x18, 0x03, 0x20, 0x01, 0x28,
+	0x0b, 0x32, 0x1a, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f,
+	0x62, 0x75, 0x66, 0x2e, 0x54, 0x69, 0x6d, 0x65, 0x73, 0x74, 0x61, 0x6d, 0x70, 0x42, 0x03, 0xe0,
+	0x41, 0x02, 0x52, 0x0a, 0x65, 0x78, 0x70, 0x69, 0x72, 0x65, 0x54, 0x69, 0x6d, 0x65, 0x12, 0x3e,
+	0x0a, 0x0a, 0x73, 0x74, 0x61, 0x72, 0x74, 0x5f, 0x74, 0x69, 0x6d, 0x65, 0x18, 0x04, 0x20, 0x01,
+	0x28, 0x0b, 0x32, 0x1a, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74,
+	0x6f, 0x62, 0x75, 0x66, 0x2e, 0x54, 0x69, 0x6d, 0x65, 0x73, 0x74, 0x61, 0x6d, 0x70, 0x42, 0x03,
+	0xe0, 0x41, 0x03, 0x52, 0x09, 0x73, 0x74, 0x61, 0x72, 0x74, 0x54, 0x69, 0x6d, 0x65, 0x12, 0x3a,
+	0x0a, 0x08, 0x65, 0x6e, 0x64, 0x5f, 0x74, 0x69, 0x6d, 0x65, 0x18, 0x05, 0x20, 0x01, 0x28, 0x0b,
+	0x32, 0x1a, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62,
+	0x75, 0x66, 0x2e, 0x54, 0x69, 0x6d, 0x65, 0x73, 0x74, 0x61, 0x6d, 0x70, 0x42, 0x03, 0xe0, 0x41,
+	0x03, 0x52, 0x07, 0x65, 0x6e, 0x64, 0x54, 0x69, 0x6d, 0x65, 0x12, 0x22, 0x0a, 0x0a, 0x73, 0x69,
+	0x7a, 0x65, 0x5f, 0x62, 0x79, 0x74, 0x65, 0x73, 0x18, 0x06, 0x20, 0x01, 0x28, 0x03, 0x42, 0x03,
+	0xe0, 0x41, 0x03, 0x52, 0x09, 0x73, 0x69, 0x7a, 0x65, 0x42, 0x79, 0x74, 0x65, 0x73, 0x12, 0x41,
+	0x0a, 0x05, 0x73, 0x74, 0x61, 0x74, 0x65, 0x18, 0x07, 0x20, 0x01, 0x28, 0x0e, 0x32, 0x26, 0x2e,
 	0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x62, 0x69, 0x67, 0x74, 0x61, 0x62, 0x6c, 0x65, 0x2e,
-	0x61, 0x64, 0x6d, 0x69, 0x6e, 0x2e, 0x76, 0x32, 0x2e, 0x47, 0x63, 0x52, 0x75, 0x6c, 0x65, 0x52,
-	0x05, 0x72, 0x75, 0x6c, 0x65, 0x73, 0x42, 0x06, 0x0a, 0x04, 0x72, 0x75, 0x6c, 0x65, 0x22, 0x8a,
-	0x03, 0x0a, 0x0e, 0x45, 0x6e, 0x63, 0x72, 0x79, 0x70, 0x74, 0x69, 0x6f, 0x6e, 0x49, 0x6e, 0x66,
-	0x6f, 0x12, 0x65, 0x0a, 0x0f, 0x65, 0x6e, 0x63, 0x72, 0x79, 0x70, 0x74, 0x69, 0x6f, 0x6e, 0x5f,
-	0x74, 0x79, 0x70, 0x65, 0x18, 0x03, 0x20, 0x01, 0x28, 0x0e, 0x32, 0x37, 0x2e, 0x67, 0x6f, 0x6f,
+	0x61, 0x64, 0x6d, 0x69, 0x6e, 0x2e, 0x76, 0x32, 0x2e, 0x42, 0x61, 0x63, 0x6b, 0x75, 0x70, 0x2e,
+	0x53, 0x74, 0x61, 0x74, 0x65, 0x42, 0x03, 0xe0, 0x41, 0x03, 0x52, 0x05, 0x73, 0x74, 0x61, 0x74,
+	0x65, 0x12, 0x56, 0x0a, 0x0f, 0x65, 0x6e, 0x63, 0x72, 0x79, 0x70, 0x74, 0x69, 0x6f, 0x6e, 0x5f,
+	0x69, 0x6e, 0x66, 0x6f, 0x18, 0x09, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x28, 0x2e, 0x67, 0x6f, 0x6f,
 	0x67, 0x6c, 0x65, 0x2e, 0x62, 0x69, 0x67, 0x74, 0x61, 0x62, 0x6c, 0x65, 0x2e, 0x61, 0x64, 0x6d,
 	0x69, 0x6e, 0x2e, 0x76, 0x32, 0x2e, 0x45, 0x6e, 0x63, 0x72, 0x79, 0x70, 0x74, 0x69, 0x6f, 0x6e,
-	0x49, 0x6e, 0x66, 0x6f, 0x2e, 0x45, 0x6e, 0x63, 0x72, 0x79, 0x70, 0x74, 0x69, 0x6f, 0x6e, 0x54,
-	0x79, 0x70, 0x65, 0x42, 0x03, 0xe0, 0x41, 0x03, 0x52, 0x0e, 0x65, 0x6e, 0x63, 0x72, 0x79, 0x70,
-	0x74, 0x69, 0x6f, 0x6e, 0x54, 0x79, 0x70, 0x65, 0x12, 0x44, 0x0a, 0x11, 0x65, 0x6e, 0x63, 0x72,
-	0x79, 0x70, 0x74, 0x69, 0x6f, 0x6e, 0x5f, 0x73, 0x74, 0x61, 0x74, 0x75, 0x73, 0x18, 0x04, 0x20,
-	0x01, 0x28, 0x0b, 0x32, 0x12, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x72, 0x70, 0x63,
-	0x2e, 0x53, 0x74, 0x61, 0x74, 0x75, 0x73, 0x42, 0x03, 0xe0, 0x41, 0x03, 0x52, 0x10, 0x65, 0x6e,
-	0x63, 0x72, 0x79, 0x70, 0x74, 0x69, 0x6f, 0x6e, 0x53, 0x74, 0x61, 0x74, 0x75, 0x73, 0x12, 0x58,
-	0x0a, 0x0f, 0x6b, 0x6d, 0x73, 0x5f, 0x6b, 0x65, 0x79, 0x5f, 0x76, 0x65, 0x72, 0x73, 0x69, 0x6f,
-	0x6e, 0x18, 0x02, 0x20, 0x01, 0x28, 0x09, 0x42, 0x30, 0xe0, 0x41, 0x03, 0xfa, 0x41, 0x2a, 0x0a,
-	0x28, 0x63, 0x6c, 0x6f, 0x75, 0x64, 0x6b, 0x6d, 0x73, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65,
-	0x61, 0x70, 0x69, 0x73, 0x2e, 0x63, 0x6f, 0x6d, 0x2f, 0x43, 0x72, 0x79, 0x70, 0x74, 0x6f, 0x4b,
-	0x65, 0x79, 0x56, 0x65, 0x72, 0x73, 0x69, 0x6f, 0x6e, 0x52, 0x0d, 0x6b, 0x6d, 0x73, 0x4b, 0x65,
-	0x79, 0x56, 0x65, 0x72, 0x73, 0x69, 0x6f, 0x6e, 0x22, 0x71, 0x0a, 0x0e, 0x45, 0x6e, 0x63, 0x72,
-	0x79, 0x70, 0x74, 0x69, 0x6f, 0x6e, 0x54, 0x79, 0x70, 0x65, 0x12, 0x1f, 0x0a, 0x1b, 0x45, 0x4e,
-	0x43, 0x52, 0x59, 0x50, 0x54, 0x49, 0x4f, 0x4e, 0x5f, 0x54, 0x59, 0x50, 0x45, 0x5f, 0x55, 0x4e,
-	0x53, 0x50, 0x45, 0x43, 0x49, 0x46, 0x49, 0x45, 0x44, 0x10, 0x00, 0x12, 0x1d, 0x0a, 0x19, 0x47,
-	0x4f, 0x4f, 0x47, 0x4c, 0x45, 0x5f, 0x44, 0x45, 0x46, 0x41, 0x55, 0x4c, 0x54, 0x5f, 0x45, 0x4e,
-	0x43, 0x52, 0x59, 0x50, 0x54, 0x49, 0x4f, 0x4e, 0x10, 0x01, 0x12, 0x1f, 0x0a, 0x1b, 0x43, 0x55,
-	0x53, 0x54, 0x4f, 0x4d, 0x45, 0x52, 0x5f, 0x4d, 0x41, 0x4e, 0x41, 0x47, 0x45, 0x44, 0x5f, 0x45,
-	0x4e, 0x43, 0x52, 0x59, 0x50, 0x54, 0x49, 0x4f, 0x4e, 0x10, 0x02, 0x22, 0x95, 0x04, 0x0a, 0x08,
-	0x53, 0x6e, 0x61, 0x70, 0x73, 0x68, 0x6f, 0x74, 0x12, 0x12, 0x0a, 0x04, 0x6e, 0x61, 0x6d, 0x65,
-	0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x04, 0x6e, 0x61, 0x6d, 0x65, 0x12, 0x42, 0x0a, 0x0c,
-	0x73, 0x6f, 0x75, 0x72, 0x63, 0x65, 0x5f, 0x74, 0x61, 0x62, 0x6c, 0x65, 0x18, 0x02, 0x20, 0x01,
-	0x28, 0x0b, 0x32, 0x1f, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x62, 0x69, 0x67, 0x74,
-	0x61, 0x62, 0x6c, 0x65, 0x2e, 0x61, 0x64, 0x6d, 0x69, 0x6e, 0x2e, 0x76, 0x32, 0x2e, 0x54, 0x61,
-	0x62, 0x6c, 0x65, 0x52, 0x0b, 0x73, 0x6f, 0x75, 0x72, 0x63, 0x65, 0x54, 0x61, 0x62, 0x6c, 0x65,
-	0x12, 0x26, 0x0a, 0x0f, 0x64, 0x61, 0x74, 0x61, 0x5f, 0x73, 0x69, 0x7a, 0x65, 0x5f, 0x62, 0x79,
-	0x74, 0x65, 0x73, 0x18, 0x03, 0x20, 0x01, 0x28, 0x03, 0x52, 0x0d, 0x64, 0x61, 0x74, 0x61, 0x53,
-	0x69, 0x7a, 0x65, 0x42, 0x79, 0x74, 0x65, 0x73, 0x12, 0x3b, 0x0a, 0x0b, 0x63, 0x72, 0x65, 0x61,
-	0x74, 0x65, 0x5f, 0x74, 0x69, 0x6d, 0x65, 0x18, 0x04, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1a, 0x2e,
-	0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e,
-	0x54, 0x69, 0x6d, 0x65, 0x73, 0x74, 0x61, 0x6d, 0x70, 0x52, 0x0a, 0x63, 0x72, 0x65, 0x61, 0x74,
-	0x65, 0x54, 0x69, 0x6d, 0x65, 0x12, 0x3b, 0x0a, 0x0b, 0x64, 0x65, 0x6c, 0x65, 0x74, 0x65, 0x5f,
-	0x74, 0x69, 0x6d, 0x65, 0x18, 0x05, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1a, 0x2e, 0x67, 0x6f, 0x6f,
-	0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x54, 0x69, 0x6d,
-	0x65, 0x73, 0x74, 0x61, 0x6d, 0x70, 0x52, 0x0a, 0x64, 0x65, 0x6c, 0x65, 0x74, 0x65, 0x54, 0x69,
-	0x6d, 0x65, 0x12, 0x3e, 0x0a, 0x05, 0x73, 0x74, 0x61, 0x74, 0x65, 0x18, 0x06, 0x20, 0x01, 0x28,
-	0x0e, 0x32, 0x28, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x62, 0x69, 0x67, 0x74, 0x61,
-	0x62, 0x6c, 0x65, 0x2e, 0x61, 0x64, 0x6d, 0x69, 0x6e, 0x2e, 0x76, 0x32, 0x2e, 0x53, 0x6e, 0x61,
-	0x70, 0x73, 0x68, 0x6f, 0x74, 0x2e, 0x53, 0x74, 0x61, 0x74, 0x65, 0x52, 0x05, 0x73, 0x74, 0x61,
-	0x74, 0x65, 0x12, 0x20, 0x0a, 0x0b, 0x64, 0x65, 0x73, 0x63, 0x72, 0x69, 0x70, 0x74, 0x69, 0x6f,
-	0x6e, 0x18, 0x07, 0x20, 0x01, 0x28, 0x09, 0x52, 0x0b, 0x64, 0x65, 0x73, 0x63, 0x72, 0x69, 0x70,
-	0x74, 0x69, 0x6f, 0x6e, 0x22, 0x35, 0x0a, 0x05, 0x53, 0x74, 0x61, 0x74, 0x65, 0x12, 0x13, 0x0a,
-	0x0f, 0x53, 0x54, 0x41, 0x54, 0x45, 0x5f, 0x4e, 0x4f, 0x54, 0x5f, 0x4b, 0x4e, 0x4f, 0x57, 0x4e,
-	0x10, 0x00, 0x12, 0x09, 0x0a, 0x05, 0x52, 0x45, 0x41, 0x44, 0x59, 0x10, 0x01, 0x12, 0x0c, 0x0a,
-	0x08, 0x43, 0x52, 0x45, 0x41, 0x54, 0x49, 0x4e, 0x47, 0x10, 0x02, 0x3a, 0x76, 0xea, 0x41, 0x73,
-	0x0a, 0x20, 0x62, 0x69, 0x67, 0x74, 0x61, 0x62, 0x6c, 0x65, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c,
-	0x65, 0x61, 0x70, 0x69, 0x73, 0x2e, 0x63, 0x6f, 0x6d, 0x2f, 0x53, 0x6e, 0x61, 0x70, 0x73, 0x68,
-	0x6f, 0x74, 0x12, 0x4f, 0x70, 0x72, 0x6f, 0x6a, 0x65, 0x63, 0x74, 0x73, 0x2f, 0x7b, 0x70, 0x72,
-	0x6f, 0x6a, 0x65, 0x63, 0x74, 0x7d, 0x2f, 0x69, 0x6e, 0x73, 0x74, 0x61, 0x6e, 0x63, 0x65, 0x73,
-	0x2f, 0x7b, 0x69, 0x6e, 0x73, 0x74, 0x61, 0x6e, 0x63, 0x65, 0x7d, 0x2f, 0x63, 0x6c, 0x75, 0x73,
-	0x74, 0x65, 0x72, 0x73, 0x2f, 0x7b, 0x63, 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0x7d, 0x2f, 0x73,
-	0x6e, 0x61, 0x70, 0x73, 0x68, 0x6f, 0x74, 0x73, 0x2f, 0x7b, 0x73, 0x6e, 0x61, 0x70, 0x73, 0x68,
-	0x6f, 0x74, 0x7d, 0x22, 0xf4, 0x04, 0x0a, 0x06, 0x42, 0x61, 0x63, 0x6b, 0x75, 0x70, 0x12, 0x17,
-	0x0a, 0x04, 0x6e, 0x61, 0x6d, 0x65, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x42, 0x03, 0xe0, 0x41,
-	0x03, 0x52, 0x04, 0x6e, 0x61, 0x6d, 0x65, 0x12, 0x29, 0x0a, 0x0c, 0x73, 0x6f, 0x75, 0x72, 0x63,
-	0x65, 0x5f, 0x74, 0x61, 0x62, 0x6c, 0x65, 0x18, 0x02, 0x20, 0x01, 0x28, 0x09, 0x42, 0x06, 0xe0,
-	0x41, 0x05, 0xe0, 0x41, 0x02, 0x52, 0x0b, 0x73, 0x6f, 0x75, 0x72, 0x63, 0x65, 0x54, 0x61, 0x62,
-	0x6c, 0x65, 0x12, 0x40, 0x0a, 0x0b, 0x65, 0x78, 0x70, 0x69, 0x72, 0x65, 0x5f, 0x74, 0x69, 0x6d,
+	0x49, 0x6e, 0x66, 0x6f, 0x42, 0x03, 0xe0, 0x41, 0x03, 0x52, 0x0e, 0x65, 0x6e, 0x63, 0x72, 0x79,
+	0x70, 0x74, 0x69, 0x6f, 0x6e, 0x49, 0x6e, 0x66, 0x6f, 0x22, 0x37, 0x0a, 0x05, 0x53, 0x74, 0x61,
+	0x74, 0x65, 0x12, 0x15, 0x0a, 0x11, 0x53, 0x54, 0x41, 0x54, 0x45, 0x5f, 0x55, 0x4e, 0x53, 0x50,
+	0x45, 0x43, 0x49, 0x46, 0x49, 0x45, 0x44, 0x10, 0x00, 0x12, 0x0c, 0x0a, 0x08, 0x43, 0x52, 0x45,
+	0x41, 0x54, 0x49, 0x4e, 0x47, 0x10, 0x01, 0x12, 0x09, 0x0a, 0x05, 0x52, 0x45, 0x41, 0x44, 0x59,
+	0x10, 0x02, 0x3a, 0x75, 0xea, 0x41, 0x72, 0x0a, 0x23, 0x62, 0x69, 0x67, 0x74, 0x61, 0x62, 0x6c,
+	0x65, 0x61, 0x64, 0x6d, 0x69, 0x6e, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x61, 0x70, 0x69,
+	0x73, 0x2e, 0x63, 0x6f, 0x6d, 0x2f, 0x42, 0x61, 0x63, 0x6b, 0x75, 0x70, 0x12, 0x4b, 0x70, 0x72,
+	0x6f, 0x6a, 0x65, 0x63, 0x74, 0x73, 0x2f, 0x7b, 0x70, 0x72, 0x6f, 0x6a, 0x65, 0x63, 0x74, 0x7d,
+	0x2f, 0x69, 0x6e, 0x73, 0x74, 0x61, 0x6e, 0x63, 0x65, 0x73, 0x2f, 0x7b, 0x69, 0x6e, 0x73, 0x74,
+	0x61, 0x6e, 0x63, 0x65, 0x7d, 0x2f, 0x63, 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0x73, 0x2f, 0x7b,
+	0x63, 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0x7d, 0x2f, 0x62, 0x61, 0x63, 0x6b, 0x75, 0x70, 0x73,
+	0x2f, 0x7b, 0x62, 0x61, 0x63, 0x6b, 0x75, 0x70, 0x7d, 0x22, 0xcd, 0x01, 0x0a, 0x0a, 0x42, 0x61,
+	0x63, 0x6b, 0x75, 0x70, 0x49, 0x6e, 0x66, 0x6f, 0x12, 0x1b, 0x0a, 0x06, 0x62, 0x61, 0x63, 0x6b,
+	0x75, 0x70, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x42, 0x03, 0xe0, 0x41, 0x03, 0x52, 0x06, 0x62,
+	0x61, 0x63, 0x6b, 0x75, 0x70, 0x12, 0x3e, 0x0a, 0x0a, 0x73, 0x74, 0x61, 0x72, 0x74, 0x5f, 0x74,
+	0x69, 0x6d, 0x65, 0x18, 0x02, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1a, 0x2e, 0x67, 0x6f, 0x6f, 0x67,
+	0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x54, 0x69, 0x6d, 0x65,
+	0x73, 0x74, 0x61, 0x6d, 0x70, 0x42, 0x03, 0xe0, 0x41, 0x03, 0x52, 0x09, 0x73, 0x74, 0x61, 0x72,
+	0x74, 0x54, 0x69, 0x6d, 0x65, 0x12, 0x3a, 0x0a, 0x08, 0x65, 0x6e, 0x64, 0x5f, 0x74, 0x69, 0x6d,
 	0x65, 0x18, 0x03, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1a, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65,
 	0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x54, 0x69, 0x6d, 0x65, 0x73, 0x74,
-	0x61, 0x6d, 0x70, 0x42, 0x03, 0xe0, 0x41, 0x02, 0x52, 0x0a, 0x65, 0x78, 0x70, 0x69, 0x72, 0x65,
-	0x54, 0x69, 0x6d, 0x65, 0x12, 0x3e, 0x0a, 0x0a, 0x73, 0x74, 0x61, 0x72, 0x74, 0x5f, 0x74, 0x69,
-	0x6d, 0x65, 0x18, 0x04, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1a, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c,
-	0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x54, 0x69, 0x6d, 0x65, 0x73,
-	0x74, 0x61, 0x6d, 0x70, 0x42, 0x03, 0xe0, 0x41, 0x03, 0x52, 0x09, 0x73, 0x74, 0x61, 0x72, 0x74,
-	0x54, 0x69, 0x6d, 0x65, 0x12, 0x3a, 0x0a, 0x08, 0x65, 0x6e, 0x64, 0x5f, 0x74, 0x69, 0x6d, 0x65,
-	0x18, 0x05, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1a, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e,
-	0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x54, 0x69, 0x6d, 0x65, 0x73, 0x74, 0x61,
-	0x6d, 0x70, 0x42, 0x03, 0xe0, 0x41, 0x03, 0x52, 0x07, 0x65, 0x6e, 0x64, 0x54, 0x69, 0x6d, 0x65,
-	0x12, 0x22, 0x0a, 0x0a, 0x73, 0x69, 0x7a, 0x65, 0x5f, 0x62, 0x79, 0x74, 0x65, 0x73, 0x18, 0x06,
-	0x20, 0x01, 0x28, 0x03, 0x42, 0x03, 0xe0, 0x41, 0x03, 0x52, 0x09, 0x73, 0x69, 0x7a, 0x65, 0x42,
-	0x79, 0x74, 0x65, 0x73, 0x12, 0x41, 0x0a, 0x05, 0x73, 0x74, 0x61, 0x74, 0x65, 0x18, 0x07, 0x20,
-	0x01, 0x28, 0x0e, 0x32, 0x26, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x62, 0x69, 0x67,
-	0x74, 0x61, 0x62, 0x6c, 0x65, 0x2e, 0x61, 0x64, 0x6d, 0x69, 0x6e, 0x2e, 0x76, 0x32, 0x2e, 0x42,
-	0x61, 0x63, 0x6b, 0x75, 0x70, 0x2e, 0x53, 0x74, 0x61, 0x74, 0x65, 0x42, 0x03, 0xe0, 0x41, 0x03,
-	0x52, 0x05, 0x73, 0x74, 0x61, 0x74, 0x65, 0x12, 0x56, 0x0a, 0x0f, 0x65, 0x6e, 0x63, 0x72, 0x79,
-	0x70, 0x74, 0x69, 0x6f, 0x6e, 0x5f, 0x69, 0x6e, 0x66, 0x6f, 0x18, 0x09, 0x20, 0x01, 0x28, 0x0b,
-	0x32, 0x28, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x62, 0x69, 0x67, 0x74, 0x61, 0x62,
-	0x6c, 0x65, 0x2e, 0x61, 0x64, 0x6d, 0x69, 0x6e, 0x2e, 0x76, 0x32, 0x2e, 0x45, 0x6e, 0x63, 0x72,
-	0x79, 0x70, 0x74, 0x69, 0x6f, 0x6e, 0x49, 0x6e, 0x66, 0x6f, 0x42, 0x03, 0xe0, 0x41, 0x03, 0x52,
-	0x0e, 0x65, 0x6e, 0x63, 0x72, 0x79, 0x70, 0x74, 0x69, 0x6f, 0x6e, 0x49, 0x6e, 0x66, 0x6f, 0x22,
-	0x37, 0x0a, 0x05, 0x53, 0x74, 0x61, 0x74, 0x65, 0x12, 0x15, 0x0a, 0x11, 0x53, 0x54, 0x41, 0x54,
-	0x45, 0x5f, 0x55, 0x4e, 0x53, 0x50, 0x45, 0x43, 0x49, 0x46, 0x49, 0x45, 0x44, 0x10, 0x00, 0x12,
-	0x0c, 0x0a, 0x08, 0x43, 0x52, 0x45, 0x41, 0x54, 0x49, 0x4e, 0x47, 0x10, 0x01, 0x12, 0x09, 0x0a,
-	0x05, 0x52, 0x45, 0x41, 0x44, 0x59, 0x10, 0x02, 0x3a, 0x70, 0xea, 0x41, 0x6d, 0x0a, 0x1e, 0x62,
-	0x69, 0x67, 0x74, 0x61, 0x62, 0x6c, 0x65, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x61, 0x70,
-	0x69, 0x73, 0x2e, 0x63, 0x6f, 0x6d, 0x2f, 0x42, 0x61, 0x63, 0x6b, 0x75, 0x70, 0x12, 0x4b, 0x70,
-	0x72, 0x6f, 0x6a, 0x65, 0x63, 0x74, 0x73, 0x2f, 0x7b, 0x70, 0x72, 0x6f, 0x6a, 0x65, 0x63, 0x74,
-	0x7d, 0x2f, 0x69, 0x6e, 0x73, 0x74, 0x61, 0x6e, 0x63, 0x65, 0x73, 0x2f, 0x7b, 0x69, 0x6e, 0x73,
-	0x74, 0x61, 0x6e, 0x63, 0x65, 0x7d, 0x2f, 0x63, 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0x73, 0x2f,
-	0x7b, 0x63, 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0x7d, 0x2f, 0x62, 0x61, 0x63, 0x6b, 0x75, 0x70,
-	0x73, 0x2f, 0x7b, 0x62, 0x61, 0x63, 0x6b, 0x75, 0x70, 0x7d, 0x22, 0xcd, 0x01, 0x0a, 0x0a, 0x42,
-	0x61, 0x63, 0x6b, 0x75, 0x70, 0x49, 0x6e, 0x66, 0x6f, 0x12, 0x1b, 0x0a, 0x06, 0x62, 0x61, 0x63,
-	0x6b, 0x75, 0x70, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x42, 0x03, 0xe0, 0x41, 0x03, 0x52, 0x06,
-	0x62, 0x61, 0x63, 0x6b, 0x75, 0x70, 0x12, 0x3e, 0x0a, 0x0a, 0x73, 0x74, 0x61, 0x72, 0x74, 0x5f,
-	0x74, 0x69, 0x6d, 0x65, 0x18, 0x02, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1a, 0x2e, 0x67, 0x6f, 0x6f,
-	0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x54, 0x69, 0x6d,
-	0x65, 0x73, 0x74, 0x61, 0x6d, 0x70, 0x42, 0x03, 0xe0, 0x41, 0x03, 0x52, 0x09, 0x73, 0x74, 0x61,
-	0x72, 0x74, 0x54, 0x69, 0x6d, 0x65, 0x12, 0x3a, 0x0a, 0x08, 0x65, 0x6e, 0x64, 0x5f, 0x74, 0x69,
-	0x6d, 0x65, 0x18, 0x03, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1a, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c,
-	0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x54, 0x69, 0x6d, 0x65, 0x73,
-	0x74, 0x61, 0x6d, 0x70, 0x42, 0x03, 0xe0, 0x41, 0x03, 0x52, 0x07, 0x65, 0x6e, 0x64, 0x54, 0x69,
-	0x6d, 0x65, 0x12, 0x26, 0x0a, 0x0c, 0x73, 0x6f, 0x75, 0x72, 0x63, 0x65, 0x5f, 0x74, 0x61, 0x62,
-	0x6c, 0x65, 0x18, 0x04, 0x20, 0x01, 0x28, 0x09, 0x42, 0x03, 0xe0, 0x41, 0x03, 0x52, 0x0b, 0x73,
-	0x6f, 0x75, 0x72, 0x63, 0x65, 0x54, 0x61, 0x62, 0x6c, 0x65, 0x2a, 0x44, 0x0a, 0x11, 0x52, 0x65,
-	0x73, 0x74, 0x6f, 0x72, 0x65, 0x53, 0x6f, 0x75, 0x72, 0x63, 0x65, 0x54, 0x79, 0x70, 0x65, 0x12,
-	0x23, 0x0a, 0x1f, 0x52, 0x45, 0x53, 0x54, 0x4f, 0x52, 0x45, 0x5f, 0x53, 0x4f, 0x55, 0x52, 0x43,
-	0x45, 0x5f, 0x54, 0x59, 0x50, 0x45, 0x5f, 0x55, 0x4e, 0x53, 0x50, 0x45, 0x43, 0x49, 0x46, 0x49,
-	0x45, 0x44, 0x10, 0x00, 0x12, 0x0a, 0x0a, 0x06, 0x42, 0x41, 0x43, 0x4b, 0x55, 0x50, 0x10, 0x01,
-	0x42, 0xfc, 0x02, 0x0a, 0x1c, 0x63, 0x6f, 0x6d, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e,
-	0x62, 0x69, 0x67, 0x74, 0x61, 0x62, 0x6c, 0x65, 0x2e, 0x61, 0x64, 0x6d, 0x69, 0x6e, 0x2e, 0x76,
-	0x32, 0x42, 0x0a, 0x54, 0x61, 0x62, 0x6c, 0x65, 0x50, 0x72, 0x6f, 0x74, 0x6f, 0x50, 0x01, 0x5a,
-	0x3d, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x67, 0x6f, 0x6c, 0x61, 0x6e, 0x67, 0x2e, 0x6f,
-	0x72, 0x67, 0x2f, 0x67, 0x65, 0x6e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x2f, 0x67, 0x6f, 0x6f, 0x67,
-	0x6c, 0x65, 0x61, 0x70, 0x69, 0x73, 0x2f, 0x62, 0x69, 0x67, 0x74, 0x61, 0x62, 0x6c, 0x65, 0x2f,
-	0x61, 0x64, 0x6d, 0x69, 0x6e, 0x2f, 0x76, 0x32, 0x3b, 0x61, 0x64, 0x6d, 0x69, 0x6e, 0xaa, 0x02,
-	0x1e, 0x47, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x43, 0x6c, 0x6f, 0x75, 0x64, 0x2e, 0x42, 0x69,
-	0x67, 0x74, 0x61, 0x62, 0x6c, 0x65, 0x2e, 0x41, 0x64, 0x6d, 0x69, 0x6e, 0x2e, 0x56, 0x32, 0xca,
-	0x02, 0x1e, 0x47, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x5c, 0x43, 0x6c, 0x6f, 0x75, 0x64, 0x5c, 0x42,
-	0x69, 0x67, 0x74, 0x61, 0x62, 0x6c, 0x65, 0x5c, 0x41, 0x64, 0x6d, 0x69, 0x6e, 0x5c, 0x56, 0x32,
-	0xea, 0x02, 0x22, 0x47, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x3a, 0x3a, 0x43, 0x6c, 0x6f, 0x75, 0x64,
-	0x3a, 0x3a, 0x42, 0x69, 0x67, 0x74, 0x61, 0x62, 0x6c, 0x65, 0x3a, 0x3a, 0x41, 0x64, 0x6d, 0x69,
-	0x6e, 0x3a, 0x3a, 0x56, 0x32, 0xea, 0x41, 0xa6, 0x01, 0x0a, 0x28, 0x63, 0x6c, 0x6f, 0x75, 0x64,
-	0x6b, 0x6d, 0x73, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x61, 0x70, 0x69, 0x73, 0x2e, 0x63,
-	0x6f, 0x6d, 0x2f, 0x43, 0x72, 0x79, 0x70, 0x74, 0x6f, 0x4b, 0x65, 0x79, 0x56, 0x65, 0x72, 0x73,
-	0x69, 0x6f, 0x6e, 0x12, 0x7a, 0x70, 0x72, 0x6f, 0x6a, 0x65, 0x63, 0x74, 0x73, 0x2f, 0x7b, 0x70,
-	0x72, 0x6f, 0x6a, 0x65, 0x63, 0x74, 0x7d, 0x2f, 0x6c, 0x6f, 0x63, 0x61, 0x74, 0x69, 0x6f, 0x6e,
-	0x73, 0x2f, 0x7b, 0x6c, 0x6f, 0x63, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x7d, 0x2f, 0x6b, 0x65, 0x79,
-	0x52, 0x69, 0x6e, 0x67, 0x73, 0x2f, 0x7b, 0x6b, 0x65, 0x79, 0x5f, 0x72, 0x69, 0x6e, 0x67, 0x7d,
-	0x2f, 0x63, 0x72, 0x79, 0x70, 0x74, 0x6f, 0x4b, 0x65, 0x79, 0x73, 0x2f, 0x7b, 0x63, 0x72, 0x79,
-	0x70, 0x74, 0x6f, 0x5f, 0x6b, 0x65, 0x79, 0x7d, 0x2f, 0x63, 0x72, 0x79, 0x70, 0x74, 0x6f, 0x4b,
-	0x65, 0x79, 0x56, 0x65, 0x72, 0x73, 0x69, 0x6f, 0x6e, 0x73, 0x2f, 0x7b, 0x63, 0x72, 0x79, 0x70,
-	0x74, 0x6f, 0x5f, 0x6b, 0x65, 0x79, 0x5f, 0x76, 0x65, 0x72, 0x73, 0x69, 0x6f, 0x6e, 0x7d, 0x62,
-	0x06, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x33,
+	0x61, 0x6d, 0x70, 0x42, 0x03, 0xe0, 0x41, 0x03, 0x52, 0x07, 0x65, 0x6e, 0x64, 0x54, 0x69, 0x6d,
+	0x65, 0x12, 0x26, 0x0a, 0x0c, 0x73, 0x6f, 0x75, 0x72, 0x63, 0x65, 0x5f, 0x74, 0x61, 0x62, 0x6c,
+	0x65, 0x18, 0x04, 0x20, 0x01, 0x28, 0x09, 0x42, 0x03, 0xe0, 0x41, 0x03, 0x52, 0x0b, 0x73, 0x6f,
+	0x75, 0x72, 0x63, 0x65, 0x54, 0x61, 0x62, 0x6c, 0x65, 0x2a, 0x44, 0x0a, 0x11, 0x52, 0x65, 0x73,
+	0x74, 0x6f, 0x72, 0x65, 0x53, 0x6f, 0x75, 0x72, 0x63, 0x65, 0x54, 0x79, 0x70, 0x65, 0x12, 0x23,
+	0x0a, 0x1f, 0x52, 0x45, 0x53, 0x54, 0x4f, 0x52, 0x45, 0x5f, 0x53, 0x4f, 0x55, 0x52, 0x43, 0x45,
+	0x5f, 0x54, 0x59, 0x50, 0x45, 0x5f, 0x55, 0x4e, 0x53, 0x50, 0x45, 0x43, 0x49, 0x46, 0x49, 0x45,
+	0x44, 0x10, 0x00, 0x12, 0x0a, 0x0a, 0x06, 0x42, 0x41, 0x43, 0x4b, 0x55, 0x50, 0x10, 0x01, 0x42,
+	0xfc, 0x02, 0x0a, 0x1c, 0x63, 0x6f, 0x6d, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x62,
+	0x69, 0x67, 0x74, 0x61, 0x62, 0x6c, 0x65, 0x2e, 0x61, 0x64, 0x6d, 0x69, 0x6e, 0x2e, 0x76, 0x32,
+	0x42, 0x0a, 0x54, 0x61, 0x62, 0x6c, 0x65, 0x50, 0x72, 0x6f, 0x74, 0x6f, 0x50, 0x01, 0x5a, 0x3d,
+	0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x67, 0x6f, 0x6c, 0x61, 0x6e, 0x67, 0x2e, 0x6f, 0x72,
+	0x67, 0x2f, 0x67, 0x65, 0x6e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x2f, 0x67, 0x6f, 0x6f, 0x67, 0x6c,
+	0x65, 0x61, 0x70, 0x69, 0x73, 0x2f, 0x62, 0x69, 0x67, 0x74, 0x61, 0x62, 0x6c, 0x65, 0x2f, 0x61,
+	0x64, 0x6d, 0x69, 0x6e, 0x2f, 0x76, 0x32, 0x3b, 0x61, 0x64, 0x6d, 0x69, 0x6e, 0xaa, 0x02, 0x1e,
+	0x47, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x43, 0x6c, 0x6f, 0x75, 0x64, 0x2e, 0x42, 0x69, 0x67,
+	0x74, 0x61, 0x62, 0x6c, 0x65, 0x2e, 0x41, 0x64, 0x6d, 0x69, 0x6e, 0x2e, 0x56, 0x32, 0xca, 0x02,
+	0x1e, 0x47, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x5c, 0x43, 0x6c, 0x6f, 0x75, 0x64, 0x5c, 0x42, 0x69,
+	0x67, 0x74, 0x61, 0x62, 0x6c, 0x65, 0x5c, 0x41, 0x64, 0x6d, 0x69, 0x6e, 0x5c, 0x56, 0x32, 0xea,
+	0x02, 0x22, 0x47, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x3a, 0x3a, 0x43, 0x6c, 0x6f, 0x75, 0x64, 0x3a,
+	0x3a, 0x42, 0x69, 0x67, 0x74, 0x61, 0x62, 0x6c, 0x65, 0x3a, 0x3a, 0x41, 0x64, 0x6d, 0x69, 0x6e,
+	0x3a, 0x3a, 0x56, 0x32, 0xea, 0x41, 0xa6, 0x01, 0x0a, 0x28, 0x63, 0x6c, 0x6f, 0x75, 0x64, 0x6b,
+	0x6d, 0x73, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x61, 0x70, 0x69, 0x73, 0x2e, 0x63, 0x6f,
+	0x6d, 0x2f, 0x43, 0x72, 0x79, 0x70, 0x74, 0x6f, 0x4b, 0x65, 0x79, 0x56, 0x65, 0x72, 0x73, 0x69,
+	0x6f, 0x6e, 0x12, 0x7a, 0x70, 0x72, 0x6f, 0x6a, 0x65, 0x63, 0x74, 0x73, 0x2f, 0x7b, 0x70, 0x72,
+	0x6f, 0x6a, 0x65, 0x63, 0x74, 0x7d, 0x2f, 0x6c, 0x6f, 0x63, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x73,
+	0x2f, 0x7b, 0x6c, 0x6f, 0x63, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x7d, 0x2f, 0x6b, 0x65, 0x79, 0x52,
+	0x69, 0x6e, 0x67, 0x73, 0x2f, 0x7b, 0x6b, 0x65, 0x79, 0x5f, 0x72, 0x69, 0x6e, 0x67, 0x7d, 0x2f,
+	0x63, 0x72, 0x79, 0x70, 0x74, 0x6f, 0x4b, 0x65, 0x79, 0x73, 0x2f, 0x7b, 0x63, 0x72, 0x79, 0x70,
+	0x74, 0x6f, 0x5f, 0x6b, 0x65, 0x79, 0x7d, 0x2f, 0x63, 0x72, 0x79, 0x70, 0x74, 0x6f, 0x4b, 0x65,
+	0x79, 0x56, 0x65, 0x72, 0x73, 0x69, 0x6f, 0x6e, 0x73, 0x2f, 0x7b, 0x63, 0x72, 0x79, 0x70, 0x74,
+	0x6f, 0x5f, 0x6b, 0x65, 0x79, 0x5f, 0x76, 0x65, 0x72, 0x73, 0x69, 0x6f, 0x6e, 0x7d, 0x62, 0x06,
+	0x70, 0x72, 0x6f, 0x74, 0x6f, 0x33,
 }
 
 var (
diff --git a/vendor/google.golang.org/genproto/googleapis/bigtable/v2/bigtable.pb.go b/vendor/google.golang.org/genproto/googleapis/bigtable/v2/bigtable.pb.go
index 465ef8a96a1..0ac5c9266f9 100644
--- a/vendor/google.golang.org/genproto/googleapis/bigtable/v2/bigtable.pb.go
+++ b/vendor/google.golang.org/genproto/googleapis/bigtable/v2/bigtable.pb.go
@@ -1176,295 +1176,297 @@ var file_google_bigtable_v2_bigtable_proto_rawDesc = []byte{
 	0x65, 0x2f, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2f, 0x77, 0x72, 0x61, 0x70, 0x70,
 	0x65, 0x72, 0x73, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x17, 0x67, 0x6f, 0x6f, 0x67, 0x6c,
 	0x65, 0x2f, 0x72, 0x70, 0x63, 0x2f, 0x73, 0x74, 0x61, 0x74, 0x75, 0x73, 0x2e, 0x70, 0x72, 0x6f,
-	0x74, 0x6f, 0x22, 0x83, 0x02, 0x0a, 0x0f, 0x52, 0x65, 0x61, 0x64, 0x52, 0x6f, 0x77, 0x73, 0x52,
-	0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x12, 0x44, 0x0a, 0x0a, 0x74, 0x61, 0x62, 0x6c, 0x65, 0x5f,
-	0x6e, 0x61, 0x6d, 0x65, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x42, 0x25, 0xe0, 0x41, 0x02, 0xfa,
-	0x41, 0x1f, 0x0a, 0x1d, 0x62, 0x69, 0x67, 0x74, 0x61, 0x62, 0x6c, 0x65, 0x2e, 0x67, 0x6f, 0x6f,
-	0x67, 0x6c, 0x65, 0x61, 0x70, 0x69, 0x73, 0x2e, 0x63, 0x6f, 0x6d, 0x2f, 0x54, 0x61, 0x62, 0x6c,
-	0x65, 0x52, 0x09, 0x74, 0x61, 0x62, 0x6c, 0x65, 0x4e, 0x61, 0x6d, 0x65, 0x12, 0x24, 0x0a, 0x0e,
-	0x61, 0x70, 0x70, 0x5f, 0x70, 0x72, 0x6f, 0x66, 0x69, 0x6c, 0x65, 0x5f, 0x69, 0x64, 0x18, 0x05,
-	0x20, 0x01, 0x28, 0x09, 0x52, 0x0c, 0x61, 0x70, 0x70, 0x50, 0x72, 0x6f, 0x66, 0x69, 0x6c, 0x65,
-	0x49, 0x64, 0x12, 0x2e, 0x0a, 0x04, 0x72, 0x6f, 0x77, 0x73, 0x18, 0x02, 0x20, 0x01, 0x28, 0x0b,
-	0x32, 0x1a, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x62, 0x69, 0x67, 0x74, 0x61, 0x62,
-	0x6c, 0x65, 0x2e, 0x76, 0x32, 0x2e, 0x52, 0x6f, 0x77, 0x53, 0x65, 0x74, 0x52, 0x04, 0x72, 0x6f,
-	0x77, 0x73, 0x12, 0x35, 0x0a, 0x06, 0x66, 0x69, 0x6c, 0x74, 0x65, 0x72, 0x18, 0x03, 0x20, 0x01,
-	0x28, 0x0b, 0x32, 0x1d, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x62, 0x69, 0x67, 0x74,
-	0x61, 0x62, 0x6c, 0x65, 0x2e, 0x76, 0x32, 0x2e, 0x52, 0x6f, 0x77, 0x46, 0x69, 0x6c, 0x74, 0x65,
-	0x72, 0x52, 0x06, 0x66, 0x69, 0x6c, 0x74, 0x65, 0x72, 0x12, 0x1d, 0x0a, 0x0a, 0x72, 0x6f, 0x77,
-	0x73, 0x5f, 0x6c, 0x69, 0x6d, 0x69, 0x74, 0x18, 0x04, 0x20, 0x01, 0x28, 0x03, 0x52, 0x09, 0x72,
-	0x6f, 0x77, 0x73, 0x4c, 0x69, 0x6d, 0x69, 0x74, 0x22, 0xf2, 0x03, 0x0a, 0x10, 0x52, 0x65, 0x61,
-	0x64, 0x52, 0x6f, 0x77, 0x73, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x12, 0x46, 0x0a,
-	0x06, 0x63, 0x68, 0x75, 0x6e, 0x6b, 0x73, 0x18, 0x01, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x2e, 0x2e,
-	0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x62, 0x69, 0x67, 0x74, 0x61, 0x62, 0x6c, 0x65, 0x2e,
-	0x76, 0x32, 0x2e, 0x52, 0x65, 0x61, 0x64, 0x52, 0x6f, 0x77, 0x73, 0x52, 0x65, 0x73, 0x70, 0x6f,
-	0x6e, 0x73, 0x65, 0x2e, 0x43, 0x65, 0x6c, 0x6c, 0x43, 0x68, 0x75, 0x6e, 0x6b, 0x52, 0x06, 0x63,
-	0x68, 0x75, 0x6e, 0x6b, 0x73, 0x12, 0x2f, 0x0a, 0x14, 0x6c, 0x61, 0x73, 0x74, 0x5f, 0x73, 0x63,
-	0x61, 0x6e, 0x6e, 0x65, 0x64, 0x5f, 0x72, 0x6f, 0x77, 0x5f, 0x6b, 0x65, 0x79, 0x18, 0x02, 0x20,
-	0x01, 0x28, 0x0c, 0x52, 0x11, 0x6c, 0x61, 0x73, 0x74, 0x53, 0x63, 0x61, 0x6e, 0x6e, 0x65, 0x64,
-	0x52, 0x6f, 0x77, 0x4b, 0x65, 0x79, 0x1a, 0xe4, 0x02, 0x0a, 0x09, 0x43, 0x65, 0x6c, 0x6c, 0x43,
-	0x68, 0x75, 0x6e, 0x6b, 0x12, 0x17, 0x0a, 0x07, 0x72, 0x6f, 0x77, 0x5f, 0x6b, 0x65, 0x79, 0x18,
-	0x01, 0x20, 0x01, 0x28, 0x0c, 0x52, 0x06, 0x72, 0x6f, 0x77, 0x4b, 0x65, 0x79, 0x12, 0x3d, 0x0a,
-	0x0b, 0x66, 0x61, 0x6d, 0x69, 0x6c, 0x79, 0x5f, 0x6e, 0x61, 0x6d, 0x65, 0x18, 0x02, 0x20, 0x01,
-	0x28, 0x0b, 0x32, 0x1c, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74,
-	0x6f, 0x62, 0x75, 0x66, 0x2e, 0x53, 0x74, 0x72, 0x69, 0x6e, 0x67, 0x56, 0x61, 0x6c, 0x75, 0x65,
-	0x52, 0x0a, 0x66, 0x61, 0x6d, 0x69, 0x6c, 0x79, 0x4e, 0x61, 0x6d, 0x65, 0x12, 0x39, 0x0a, 0x09,
-	0x71, 0x75, 0x61, 0x6c, 0x69, 0x66, 0x69, 0x65, 0x72, 0x18, 0x03, 0x20, 0x01, 0x28, 0x0b, 0x32,
-	0x1b, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75,
-	0x66, 0x2e, 0x42, 0x79, 0x74, 0x65, 0x73, 0x56, 0x61, 0x6c, 0x75, 0x65, 0x52, 0x09, 0x71, 0x75,
-	0x61, 0x6c, 0x69, 0x66, 0x69, 0x65, 0x72, 0x12, 0x29, 0x0a, 0x10, 0x74, 0x69, 0x6d, 0x65, 0x73,
-	0x74, 0x61, 0x6d, 0x70, 0x5f, 0x6d, 0x69, 0x63, 0x72, 0x6f, 0x73, 0x18, 0x04, 0x20, 0x01, 0x28,
-	0x03, 0x52, 0x0f, 0x74, 0x69, 0x6d, 0x65, 0x73, 0x74, 0x61, 0x6d, 0x70, 0x4d, 0x69, 0x63, 0x72,
-	0x6f, 0x73, 0x12, 0x16, 0x0a, 0x06, 0x6c, 0x61, 0x62, 0x65, 0x6c, 0x73, 0x18, 0x05, 0x20, 0x03,
-	0x28, 0x09, 0x52, 0x06, 0x6c, 0x61, 0x62, 0x65, 0x6c, 0x73, 0x12, 0x14, 0x0a, 0x05, 0x76, 0x61,
-	0x6c, 0x75, 0x65, 0x18, 0x06, 0x20, 0x01, 0x28, 0x0c, 0x52, 0x05, 0x76, 0x61, 0x6c, 0x75, 0x65,
-	0x12, 0x1d, 0x0a, 0x0a, 0x76, 0x61, 0x6c, 0x75, 0x65, 0x5f, 0x73, 0x69, 0x7a, 0x65, 0x18, 0x07,
-	0x20, 0x01, 0x28, 0x05, 0x52, 0x09, 0x76, 0x61, 0x6c, 0x75, 0x65, 0x53, 0x69, 0x7a, 0x65, 0x12,
-	0x1d, 0x0a, 0x09, 0x72, 0x65, 0x73, 0x65, 0x74, 0x5f, 0x72, 0x6f, 0x77, 0x18, 0x08, 0x20, 0x01,
-	0x28, 0x08, 0x48, 0x00, 0x52, 0x08, 0x72, 0x65, 0x73, 0x65, 0x74, 0x52, 0x6f, 0x77, 0x12, 0x1f,
-	0x0a, 0x0a, 0x63, 0x6f, 0x6d, 0x6d, 0x69, 0x74, 0x5f, 0x72, 0x6f, 0x77, 0x18, 0x09, 0x20, 0x01,
-	0x28, 0x08, 0x48, 0x00, 0x52, 0x09, 0x63, 0x6f, 0x6d, 0x6d, 0x69, 0x74, 0x52, 0x6f, 0x77, 0x42,
-	0x0c, 0x0a, 0x0a, 0x72, 0x6f, 0x77, 0x5f, 0x73, 0x74, 0x61, 0x74, 0x75, 0x73, 0x22, 0x82, 0x01,
-	0x0a, 0x14, 0x53, 0x61, 0x6d, 0x70, 0x6c, 0x65, 0x52, 0x6f, 0x77, 0x4b, 0x65, 0x79, 0x73, 0x52,
-	0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x12, 0x44, 0x0a, 0x0a, 0x74, 0x61, 0x62, 0x6c, 0x65, 0x5f,
-	0x6e, 0x61, 0x6d, 0x65, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x42, 0x25, 0xe0, 0x41, 0x02, 0xfa,
-	0x41, 0x1f, 0x0a, 0x1d, 0x62, 0x69, 0x67, 0x74, 0x61, 0x62, 0x6c, 0x65, 0x2e, 0x67, 0x6f, 0x6f,
+	0x74, 0x6f, 0x22, 0x88, 0x02, 0x0a, 0x0f, 0x52, 0x65, 0x61, 0x64, 0x52, 0x6f, 0x77, 0x73, 0x52,
+	0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x12, 0x49, 0x0a, 0x0a, 0x74, 0x61, 0x62, 0x6c, 0x65, 0x5f,
+	0x6e, 0x61, 0x6d, 0x65, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x42, 0x2a, 0xe0, 0x41, 0x02, 0xfa,
+	0x41, 0x24, 0x0a, 0x22, 0x62, 0x69, 0x67, 0x74, 0x61, 0x62, 0x6c, 0x65, 0x61, 0x64, 0x6d, 0x69,
+	0x6e, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x61, 0x70, 0x69, 0x73, 0x2e, 0x63, 0x6f, 0x6d,
+	0x2f, 0x54, 0x61, 0x62, 0x6c, 0x65, 0x52, 0x09, 0x74, 0x61, 0x62, 0x6c, 0x65, 0x4e, 0x61, 0x6d,
+	0x65, 0x12, 0x24, 0x0a, 0x0e, 0x61, 0x70, 0x70, 0x5f, 0x70, 0x72, 0x6f, 0x66, 0x69, 0x6c, 0x65,
+	0x5f, 0x69, 0x64, 0x18, 0x05, 0x20, 0x01, 0x28, 0x09, 0x52, 0x0c, 0x61, 0x70, 0x70, 0x50, 0x72,
+	0x6f, 0x66, 0x69, 0x6c, 0x65, 0x49, 0x64, 0x12, 0x2e, 0x0a, 0x04, 0x72, 0x6f, 0x77, 0x73, 0x18,
+	0x02, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1a, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x62,
+	0x69, 0x67, 0x74, 0x61, 0x62, 0x6c, 0x65, 0x2e, 0x76, 0x32, 0x2e, 0x52, 0x6f, 0x77, 0x53, 0x65,
+	0x74, 0x52, 0x04, 0x72, 0x6f, 0x77, 0x73, 0x12, 0x35, 0x0a, 0x06, 0x66, 0x69, 0x6c, 0x74, 0x65,
+	0x72, 0x18, 0x03, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1d, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65,
+	0x2e, 0x62, 0x69, 0x67, 0x74, 0x61, 0x62, 0x6c, 0x65, 0x2e, 0x76, 0x32, 0x2e, 0x52, 0x6f, 0x77,
+	0x46, 0x69, 0x6c, 0x74, 0x65, 0x72, 0x52, 0x06, 0x66, 0x69, 0x6c, 0x74, 0x65, 0x72, 0x12, 0x1d,
+	0x0a, 0x0a, 0x72, 0x6f, 0x77, 0x73, 0x5f, 0x6c, 0x69, 0x6d, 0x69, 0x74, 0x18, 0x04, 0x20, 0x01,
+	0x28, 0x03, 0x52, 0x09, 0x72, 0x6f, 0x77, 0x73, 0x4c, 0x69, 0x6d, 0x69, 0x74, 0x22, 0xf2, 0x03,
+	0x0a, 0x10, 0x52, 0x65, 0x61, 0x64, 0x52, 0x6f, 0x77, 0x73, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e,
+	0x73, 0x65, 0x12, 0x46, 0x0a, 0x06, 0x63, 0x68, 0x75, 0x6e, 0x6b, 0x73, 0x18, 0x01, 0x20, 0x03,
+	0x28, 0x0b, 0x32, 0x2e, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x62, 0x69, 0x67, 0x74,
+	0x61, 0x62, 0x6c, 0x65, 0x2e, 0x76, 0x32, 0x2e, 0x52, 0x65, 0x61, 0x64, 0x52, 0x6f, 0x77, 0x73,
+	0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x2e, 0x43, 0x65, 0x6c, 0x6c, 0x43, 0x68, 0x75,
+	0x6e, 0x6b, 0x52, 0x06, 0x63, 0x68, 0x75, 0x6e, 0x6b, 0x73, 0x12, 0x2f, 0x0a, 0x14, 0x6c, 0x61,
+	0x73, 0x74, 0x5f, 0x73, 0x63, 0x61, 0x6e, 0x6e, 0x65, 0x64, 0x5f, 0x72, 0x6f, 0x77, 0x5f, 0x6b,
+	0x65, 0x79, 0x18, 0x02, 0x20, 0x01, 0x28, 0x0c, 0x52, 0x11, 0x6c, 0x61, 0x73, 0x74, 0x53, 0x63,
+	0x61, 0x6e, 0x6e, 0x65, 0x64, 0x52, 0x6f, 0x77, 0x4b, 0x65, 0x79, 0x1a, 0xe4, 0x02, 0x0a, 0x09,
+	0x43, 0x65, 0x6c, 0x6c, 0x43, 0x68, 0x75, 0x6e, 0x6b, 0x12, 0x17, 0x0a, 0x07, 0x72, 0x6f, 0x77,
+	0x5f, 0x6b, 0x65, 0x79, 0x18, 0x01, 0x20, 0x01, 0x28, 0x0c, 0x52, 0x06, 0x72, 0x6f, 0x77, 0x4b,
+	0x65, 0x79, 0x12, 0x3d, 0x0a, 0x0b, 0x66, 0x61, 0x6d, 0x69, 0x6c, 0x79, 0x5f, 0x6e, 0x61, 0x6d,
+	0x65, 0x18, 0x02, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1c, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65,
+	0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x53, 0x74, 0x72, 0x69, 0x6e, 0x67,
+	0x56, 0x61, 0x6c, 0x75, 0x65, 0x52, 0x0a, 0x66, 0x61, 0x6d, 0x69, 0x6c, 0x79, 0x4e, 0x61, 0x6d,
+	0x65, 0x12, 0x39, 0x0a, 0x09, 0x71, 0x75, 0x61, 0x6c, 0x69, 0x66, 0x69, 0x65, 0x72, 0x18, 0x03,
+	0x20, 0x01, 0x28, 0x0b, 0x32, 0x1b, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72,
+	0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x42, 0x79, 0x74, 0x65, 0x73, 0x56, 0x61, 0x6c, 0x75,
+	0x65, 0x52, 0x09, 0x71, 0x75, 0x61, 0x6c, 0x69, 0x66, 0x69, 0x65, 0x72, 0x12, 0x29, 0x0a, 0x10,
+	0x74, 0x69, 0x6d, 0x65, 0x73, 0x74, 0x61, 0x6d, 0x70, 0x5f, 0x6d, 0x69, 0x63, 0x72, 0x6f, 0x73,
+	0x18, 0x04, 0x20, 0x01, 0x28, 0x03, 0x52, 0x0f, 0x74, 0x69, 0x6d, 0x65, 0x73, 0x74, 0x61, 0x6d,
+	0x70, 0x4d, 0x69, 0x63, 0x72, 0x6f, 0x73, 0x12, 0x16, 0x0a, 0x06, 0x6c, 0x61, 0x62, 0x65, 0x6c,
+	0x73, 0x18, 0x05, 0x20, 0x03, 0x28, 0x09, 0x52, 0x06, 0x6c, 0x61, 0x62, 0x65, 0x6c, 0x73, 0x12,
+	0x14, 0x0a, 0x05, 0x76, 0x61, 0x6c, 0x75, 0x65, 0x18, 0x06, 0x20, 0x01, 0x28, 0x0c, 0x52, 0x05,
+	0x76, 0x61, 0x6c, 0x75, 0x65, 0x12, 0x1d, 0x0a, 0x0a, 0x76, 0x61, 0x6c, 0x75, 0x65, 0x5f, 0x73,
+	0x69, 0x7a, 0x65, 0x18, 0x07, 0x20, 0x01, 0x28, 0x05, 0x52, 0x09, 0x76, 0x61, 0x6c, 0x75, 0x65,
+	0x53, 0x69, 0x7a, 0x65, 0x12, 0x1d, 0x0a, 0x09, 0x72, 0x65, 0x73, 0x65, 0x74, 0x5f, 0x72, 0x6f,
+	0x77, 0x18, 0x08, 0x20, 0x01, 0x28, 0x08, 0x48, 0x00, 0x52, 0x08, 0x72, 0x65, 0x73, 0x65, 0x74,
+	0x52, 0x6f, 0x77, 0x12, 0x1f, 0x0a, 0x0a, 0x63, 0x6f, 0x6d, 0x6d, 0x69, 0x74, 0x5f, 0x72, 0x6f,
+	0x77, 0x18, 0x09, 0x20, 0x01, 0x28, 0x08, 0x48, 0x00, 0x52, 0x09, 0x63, 0x6f, 0x6d, 0x6d, 0x69,
+	0x74, 0x52, 0x6f, 0x77, 0x42, 0x0c, 0x0a, 0x0a, 0x72, 0x6f, 0x77, 0x5f, 0x73, 0x74, 0x61, 0x74,
+	0x75, 0x73, 0x22, 0x87, 0x01, 0x0a, 0x14, 0x53, 0x61, 0x6d, 0x70, 0x6c, 0x65, 0x52, 0x6f, 0x77,
+	0x4b, 0x65, 0x79, 0x73, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x12, 0x49, 0x0a, 0x0a, 0x74,
+	0x61, 0x62, 0x6c, 0x65, 0x5f, 0x6e, 0x61, 0x6d, 0x65, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x42,
+	0x2a, 0xe0, 0x41, 0x02, 0xfa, 0x41, 0x24, 0x0a, 0x22, 0x62, 0x69, 0x67, 0x74, 0x61, 0x62, 0x6c,
+	0x65, 0x61, 0x64, 0x6d, 0x69, 0x6e, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x61, 0x70, 0x69,
+	0x73, 0x2e, 0x63, 0x6f, 0x6d, 0x2f, 0x54, 0x61, 0x62, 0x6c, 0x65, 0x52, 0x09, 0x74, 0x61, 0x62,
+	0x6c, 0x65, 0x4e, 0x61, 0x6d, 0x65, 0x12, 0x24, 0x0a, 0x0e, 0x61, 0x70, 0x70, 0x5f, 0x70, 0x72,
+	0x6f, 0x66, 0x69, 0x6c, 0x65, 0x5f, 0x69, 0x64, 0x18, 0x02, 0x20, 0x01, 0x28, 0x09, 0x52, 0x0c,
+	0x61, 0x70, 0x70, 0x50, 0x72, 0x6f, 0x66, 0x69, 0x6c, 0x65, 0x49, 0x64, 0x22, 0x53, 0x0a, 0x15,
+	0x53, 0x61, 0x6d, 0x70, 0x6c, 0x65, 0x52, 0x6f, 0x77, 0x4b, 0x65, 0x79, 0x73, 0x52, 0x65, 0x73,
+	0x70, 0x6f, 0x6e, 0x73, 0x65, 0x12, 0x17, 0x0a, 0x07, 0x72, 0x6f, 0x77, 0x5f, 0x6b, 0x65, 0x79,
+	0x18, 0x01, 0x20, 0x01, 0x28, 0x0c, 0x52, 0x06, 0x72, 0x6f, 0x77, 0x4b, 0x65, 0x79, 0x12, 0x21,
+	0x0a, 0x0c, 0x6f, 0x66, 0x66, 0x73, 0x65, 0x74, 0x5f, 0x62, 0x79, 0x74, 0x65, 0x73, 0x18, 0x02,
+	0x20, 0x01, 0x28, 0x03, 0x52, 0x0b, 0x6f, 0x66, 0x66, 0x73, 0x65, 0x74, 0x42, 0x79, 0x74, 0x65,
+	0x73, 0x22, 0xe2, 0x01, 0x0a, 0x10, 0x4d, 0x75, 0x74, 0x61, 0x74, 0x65, 0x52, 0x6f, 0x77, 0x52,
+	0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x12, 0x49, 0x0a, 0x0a, 0x74, 0x61, 0x62, 0x6c, 0x65, 0x5f,
+	0x6e, 0x61, 0x6d, 0x65, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x42, 0x2a, 0xe0, 0x41, 0x02, 0xfa,
+	0x41, 0x24, 0x0a, 0x22, 0x62, 0x69, 0x67, 0x74, 0x61, 0x62, 0x6c, 0x65, 0x61, 0x64, 0x6d, 0x69,
+	0x6e, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x61, 0x70, 0x69, 0x73, 0x2e, 0x63, 0x6f, 0x6d,
+	0x2f, 0x54, 0x61, 0x62, 0x6c, 0x65, 0x52, 0x09, 0x74, 0x61, 0x62, 0x6c, 0x65, 0x4e, 0x61, 0x6d,
+	0x65, 0x12, 0x24, 0x0a, 0x0e, 0x61, 0x70, 0x70, 0x5f, 0x70, 0x72, 0x6f, 0x66, 0x69, 0x6c, 0x65,
+	0x5f, 0x69, 0x64, 0x18, 0x04, 0x20, 0x01, 0x28, 0x09, 0x52, 0x0c, 0x61, 0x70, 0x70, 0x50, 0x72,
+	0x6f, 0x66, 0x69, 0x6c, 0x65, 0x49, 0x64, 0x12, 0x1c, 0x0a, 0x07, 0x72, 0x6f, 0x77, 0x5f, 0x6b,
+	0x65, 0x79, 0x18, 0x02, 0x20, 0x01, 0x28, 0x0c, 0x42, 0x03, 0xe0, 0x41, 0x02, 0x52, 0x06, 0x72,
+	0x6f, 0x77, 0x4b, 0x65, 0x79, 0x12, 0x3f, 0x0a, 0x09, 0x6d, 0x75, 0x74, 0x61, 0x74, 0x69, 0x6f,
+	0x6e, 0x73, 0x18, 0x03, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x1c, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c,
+	0x65, 0x2e, 0x62, 0x69, 0x67, 0x74, 0x61, 0x62, 0x6c, 0x65, 0x2e, 0x76, 0x32, 0x2e, 0x4d, 0x75,
+	0x74, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x42, 0x03, 0xe0, 0x41, 0x02, 0x52, 0x09, 0x6d, 0x75, 0x74,
+	0x61, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x22, 0x13, 0x0a, 0x11, 0x4d, 0x75, 0x74, 0x61, 0x74, 0x65,
+	0x52, 0x6f, 0x77, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x22, 0xb3, 0x02, 0x0a, 0x11,
+	0x4d, 0x75, 0x74, 0x61, 0x74, 0x65, 0x52, 0x6f, 0x77, 0x73, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73,
+	0x74, 0x12, 0x49, 0x0a, 0x0a, 0x74, 0x61, 0x62, 0x6c, 0x65, 0x5f, 0x6e, 0x61, 0x6d, 0x65, 0x18,
+	0x01, 0x20, 0x01, 0x28, 0x09, 0x42, 0x2a, 0xe0, 0x41, 0x02, 0xfa, 0x41, 0x24, 0x0a, 0x22, 0x62,
+	0x69, 0x67, 0x74, 0x61, 0x62, 0x6c, 0x65, 0x61, 0x64, 0x6d, 0x69, 0x6e, 0x2e, 0x67, 0x6f, 0x6f,
 	0x67, 0x6c, 0x65, 0x61, 0x70, 0x69, 0x73, 0x2e, 0x63, 0x6f, 0x6d, 0x2f, 0x54, 0x61, 0x62, 0x6c,
 	0x65, 0x52, 0x09, 0x74, 0x61, 0x62, 0x6c, 0x65, 0x4e, 0x61, 0x6d, 0x65, 0x12, 0x24, 0x0a, 0x0e,
-	0x61, 0x70, 0x70, 0x5f, 0x70, 0x72, 0x6f, 0x66, 0x69, 0x6c, 0x65, 0x5f, 0x69, 0x64, 0x18, 0x02,
+	0x61, 0x70, 0x70, 0x5f, 0x70, 0x72, 0x6f, 0x66, 0x69, 0x6c, 0x65, 0x5f, 0x69, 0x64, 0x18, 0x03,
 	0x20, 0x01, 0x28, 0x09, 0x52, 0x0c, 0x61, 0x70, 0x70, 0x50, 0x72, 0x6f, 0x66, 0x69, 0x6c, 0x65,
-	0x49, 0x64, 0x22, 0x53, 0x0a, 0x15, 0x53, 0x61, 0x6d, 0x70, 0x6c, 0x65, 0x52, 0x6f, 0x77, 0x4b,
-	0x65, 0x79, 0x73, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x12, 0x17, 0x0a, 0x07, 0x72,
-	0x6f, 0x77, 0x5f, 0x6b, 0x65, 0x79, 0x18, 0x01, 0x20, 0x01, 0x28, 0x0c, 0x52, 0x06, 0x72, 0x6f,
-	0x77, 0x4b, 0x65, 0x79, 0x12, 0x21, 0x0a, 0x0c, 0x6f, 0x66, 0x66, 0x73, 0x65, 0x74, 0x5f, 0x62,
-	0x79, 0x74, 0x65, 0x73, 0x18, 0x02, 0x20, 0x01, 0x28, 0x03, 0x52, 0x0b, 0x6f, 0x66, 0x66, 0x73,
-	0x65, 0x74, 0x42, 0x79, 0x74, 0x65, 0x73, 0x22, 0xdd, 0x01, 0x0a, 0x10, 0x4d, 0x75, 0x74, 0x61,
-	0x74, 0x65, 0x52, 0x6f, 0x77, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x12, 0x44, 0x0a, 0x0a,
-	0x74, 0x61, 0x62, 0x6c, 0x65, 0x5f, 0x6e, 0x61, 0x6d, 0x65, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09,
-	0x42, 0x25, 0xe0, 0x41, 0x02, 0xfa, 0x41, 0x1f, 0x0a, 0x1d, 0x62, 0x69, 0x67, 0x74, 0x61, 0x62,
-	0x6c, 0x65, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x61, 0x70, 0x69, 0x73, 0x2e, 0x63, 0x6f,
-	0x6d, 0x2f, 0x54, 0x61, 0x62, 0x6c, 0x65, 0x52, 0x09, 0x74, 0x61, 0x62, 0x6c, 0x65, 0x4e, 0x61,
-	0x6d, 0x65, 0x12, 0x24, 0x0a, 0x0e, 0x61, 0x70, 0x70, 0x5f, 0x70, 0x72, 0x6f, 0x66, 0x69, 0x6c,
-	0x65, 0x5f, 0x69, 0x64, 0x18, 0x04, 0x20, 0x01, 0x28, 0x09, 0x52, 0x0c, 0x61, 0x70, 0x70, 0x50,
-	0x72, 0x6f, 0x66, 0x69, 0x6c, 0x65, 0x49, 0x64, 0x12, 0x1c, 0x0a, 0x07, 0x72, 0x6f, 0x77, 0x5f,
-	0x6b, 0x65, 0x79, 0x18, 0x02, 0x20, 0x01, 0x28, 0x0c, 0x42, 0x03, 0xe0, 0x41, 0x02, 0x52, 0x06,
-	0x72, 0x6f, 0x77, 0x4b, 0x65, 0x79, 0x12, 0x3f, 0x0a, 0x09, 0x6d, 0x75, 0x74, 0x61, 0x74, 0x69,
-	0x6f, 0x6e, 0x73, 0x18, 0x03, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x1c, 0x2e, 0x67, 0x6f, 0x6f, 0x67,
+	0x49, 0x64, 0x12, 0x4a, 0x0a, 0x07, 0x65, 0x6e, 0x74, 0x72, 0x69, 0x65, 0x73, 0x18, 0x02, 0x20,
+	0x03, 0x28, 0x0b, 0x32, 0x2b, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x62, 0x69, 0x67,
+	0x74, 0x61, 0x62, 0x6c, 0x65, 0x2e, 0x76, 0x32, 0x2e, 0x4d, 0x75, 0x74, 0x61, 0x74, 0x65, 0x52,
+	0x6f, 0x77, 0x73, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x2e, 0x45, 0x6e, 0x74, 0x72, 0x79,
+	0x42, 0x03, 0xe0, 0x41, 0x02, 0x52, 0x07, 0x65, 0x6e, 0x74, 0x72, 0x69, 0x65, 0x73, 0x1a, 0x61,
+	0x0a, 0x05, 0x45, 0x6e, 0x74, 0x72, 0x79, 0x12, 0x17, 0x0a, 0x07, 0x72, 0x6f, 0x77, 0x5f, 0x6b,
+	0x65, 0x79, 0x18, 0x01, 0x20, 0x01, 0x28, 0x0c, 0x52, 0x06, 0x72, 0x6f, 0x77, 0x4b, 0x65, 0x79,
+	0x12, 0x3f, 0x0a, 0x09, 0x6d, 0x75, 0x74, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x18, 0x02, 0x20,
+	0x03, 0x28, 0x0b, 0x32, 0x1c, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x62, 0x69, 0x67,
+	0x74, 0x61, 0x62, 0x6c, 0x65, 0x2e, 0x76, 0x32, 0x2e, 0x4d, 0x75, 0x74, 0x61, 0x74, 0x69, 0x6f,
+	0x6e, 0x42, 0x03, 0xe0, 0x41, 0x02, 0x52, 0x09, 0x6d, 0x75, 0x74, 0x61, 0x74, 0x69, 0x6f, 0x6e,
+	0x73, 0x22, 0xa7, 0x01, 0x0a, 0x12, 0x4d, 0x75, 0x74, 0x61, 0x74, 0x65, 0x52, 0x6f, 0x77, 0x73,
+	0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x12, 0x46, 0x0a, 0x07, 0x65, 0x6e, 0x74, 0x72,
+	0x69, 0x65, 0x73, 0x18, 0x01, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x2c, 0x2e, 0x67, 0x6f, 0x6f, 0x67,
 	0x6c, 0x65, 0x2e, 0x62, 0x69, 0x67, 0x74, 0x61, 0x62, 0x6c, 0x65, 0x2e, 0x76, 0x32, 0x2e, 0x4d,
-	0x75, 0x74, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x42, 0x03, 0xe0, 0x41, 0x02, 0x52, 0x09, 0x6d, 0x75,
-	0x74, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x22, 0x13, 0x0a, 0x11, 0x4d, 0x75, 0x74, 0x61, 0x74,
-	0x65, 0x52, 0x6f, 0x77, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x22, 0xae, 0x02, 0x0a,
-	0x11, 0x4d, 0x75, 0x74, 0x61, 0x74, 0x65, 0x52, 0x6f, 0x77, 0x73, 0x52, 0x65, 0x71, 0x75, 0x65,
-	0x73, 0x74, 0x12, 0x44, 0x0a, 0x0a, 0x74, 0x61, 0x62, 0x6c, 0x65, 0x5f, 0x6e, 0x61, 0x6d, 0x65,
-	0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x42, 0x25, 0xe0, 0x41, 0x02, 0xfa, 0x41, 0x1f, 0x0a, 0x1d,
-	0x62, 0x69, 0x67, 0x74, 0x61, 0x62, 0x6c, 0x65, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x61,
-	0x70, 0x69, 0x73, 0x2e, 0x63, 0x6f, 0x6d, 0x2f, 0x54, 0x61, 0x62, 0x6c, 0x65, 0x52, 0x09, 0x74,
-	0x61, 0x62, 0x6c, 0x65, 0x4e, 0x61, 0x6d, 0x65, 0x12, 0x24, 0x0a, 0x0e, 0x61, 0x70, 0x70, 0x5f,
-	0x70, 0x72, 0x6f, 0x66, 0x69, 0x6c, 0x65, 0x5f, 0x69, 0x64, 0x18, 0x03, 0x20, 0x01, 0x28, 0x09,
-	0x52, 0x0c, 0x61, 0x70, 0x70, 0x50, 0x72, 0x6f, 0x66, 0x69, 0x6c, 0x65, 0x49, 0x64, 0x12, 0x4a,
-	0x0a, 0x07, 0x65, 0x6e, 0x74, 0x72, 0x69, 0x65, 0x73, 0x18, 0x02, 0x20, 0x03, 0x28, 0x0b, 0x32,
-	0x2b, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x62, 0x69, 0x67, 0x74, 0x61, 0x62, 0x6c,
-	0x65, 0x2e, 0x76, 0x32, 0x2e, 0x4d, 0x75, 0x74, 0x61, 0x74, 0x65, 0x52, 0x6f, 0x77, 0x73, 0x52,
-	0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x2e, 0x45, 0x6e, 0x74, 0x72, 0x79, 0x42, 0x03, 0xe0, 0x41,
-	0x02, 0x52, 0x07, 0x65, 0x6e, 0x74, 0x72, 0x69, 0x65, 0x73, 0x1a, 0x61, 0x0a, 0x05, 0x45, 0x6e,
-	0x74, 0x72, 0x79, 0x12, 0x17, 0x0a, 0x07, 0x72, 0x6f, 0x77, 0x5f, 0x6b, 0x65, 0x79, 0x18, 0x01,
-	0x20, 0x01, 0x28, 0x0c, 0x52, 0x06, 0x72, 0x6f, 0x77, 0x4b, 0x65, 0x79, 0x12, 0x3f, 0x0a, 0x09,
-	0x6d, 0x75, 0x74, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x18, 0x02, 0x20, 0x03, 0x28, 0x0b, 0x32,
+	0x75, 0x74, 0x61, 0x74, 0x65, 0x52, 0x6f, 0x77, 0x73, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73,
+	0x65, 0x2e, 0x45, 0x6e, 0x74, 0x72, 0x79, 0x52, 0x07, 0x65, 0x6e, 0x74, 0x72, 0x69, 0x65, 0x73,
+	0x1a, 0x49, 0x0a, 0x05, 0x45, 0x6e, 0x74, 0x72, 0x79, 0x12, 0x14, 0x0a, 0x05, 0x69, 0x6e, 0x64,
+	0x65, 0x78, 0x18, 0x01, 0x20, 0x01, 0x28, 0x03, 0x52, 0x05, 0x69, 0x6e, 0x64, 0x65, 0x78, 0x12,
+	0x2a, 0x0a, 0x06, 0x73, 0x74, 0x61, 0x74, 0x75, 0x73, 0x18, 0x02, 0x20, 0x01, 0x28, 0x0b, 0x32,
+	0x12, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x72, 0x70, 0x63, 0x2e, 0x53, 0x74, 0x61,
+	0x74, 0x75, 0x73, 0x52, 0x06, 0x73, 0x74, 0x61, 0x74, 0x75, 0x73, 0x22, 0xff, 0x02, 0x0a, 0x18,
+	0x43, 0x68, 0x65, 0x63, 0x6b, 0x41, 0x6e, 0x64, 0x4d, 0x75, 0x74, 0x61, 0x74, 0x65, 0x52, 0x6f,
+	0x77, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x12, 0x49, 0x0a, 0x0a, 0x74, 0x61, 0x62, 0x6c,
+	0x65, 0x5f, 0x6e, 0x61, 0x6d, 0x65, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x42, 0x2a, 0xe0, 0x41,
+	0x02, 0xfa, 0x41, 0x24, 0x0a, 0x22, 0x62, 0x69, 0x67, 0x74, 0x61, 0x62, 0x6c, 0x65, 0x61, 0x64,
+	0x6d, 0x69, 0x6e, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x61, 0x70, 0x69, 0x73, 0x2e, 0x63,
+	0x6f, 0x6d, 0x2f, 0x54, 0x61, 0x62, 0x6c, 0x65, 0x52, 0x09, 0x74, 0x61, 0x62, 0x6c, 0x65, 0x4e,
+	0x61, 0x6d, 0x65, 0x12, 0x24, 0x0a, 0x0e, 0x61, 0x70, 0x70, 0x5f, 0x70, 0x72, 0x6f, 0x66, 0x69,
+	0x6c, 0x65, 0x5f, 0x69, 0x64, 0x18, 0x07, 0x20, 0x01, 0x28, 0x09, 0x52, 0x0c, 0x61, 0x70, 0x70,
+	0x50, 0x72, 0x6f, 0x66, 0x69, 0x6c, 0x65, 0x49, 0x64, 0x12, 0x1c, 0x0a, 0x07, 0x72, 0x6f, 0x77,
+	0x5f, 0x6b, 0x65, 0x79, 0x18, 0x02, 0x20, 0x01, 0x28, 0x0c, 0x42, 0x03, 0xe0, 0x41, 0x02, 0x52,
+	0x06, 0x72, 0x6f, 0x77, 0x4b, 0x65, 0x79, 0x12, 0x48, 0x0a, 0x10, 0x70, 0x72, 0x65, 0x64, 0x69,
+	0x63, 0x61, 0x74, 0x65, 0x5f, 0x66, 0x69, 0x6c, 0x74, 0x65, 0x72, 0x18, 0x06, 0x20, 0x01, 0x28,
+	0x0b, 0x32, 0x1d, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x62, 0x69, 0x67, 0x74, 0x61,
+	0x62, 0x6c, 0x65, 0x2e, 0x76, 0x32, 0x2e, 0x52, 0x6f, 0x77, 0x46, 0x69, 0x6c, 0x74, 0x65, 0x72,
+	0x52, 0x0f, 0x70, 0x72, 0x65, 0x64, 0x69, 0x63, 0x61, 0x74, 0x65, 0x46, 0x69, 0x6c, 0x74, 0x65,
+	0x72, 0x12, 0x43, 0x0a, 0x0e, 0x74, 0x72, 0x75, 0x65, 0x5f, 0x6d, 0x75, 0x74, 0x61, 0x74, 0x69,
+	0x6f, 0x6e, 0x73, 0x18, 0x04, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x1c, 0x2e, 0x67, 0x6f, 0x6f, 0x67,
+	0x6c, 0x65, 0x2e, 0x62, 0x69, 0x67, 0x74, 0x61, 0x62, 0x6c, 0x65, 0x2e, 0x76, 0x32, 0x2e, 0x4d,
+	0x75, 0x74, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x52, 0x0d, 0x74, 0x72, 0x75, 0x65, 0x4d, 0x75, 0x74,
+	0x61, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x12, 0x45, 0x0a, 0x0f, 0x66, 0x61, 0x6c, 0x73, 0x65, 0x5f,
+	0x6d, 0x75, 0x74, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x18, 0x05, 0x20, 0x03, 0x28, 0x0b, 0x32,
 	0x1c, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x62, 0x69, 0x67, 0x74, 0x61, 0x62, 0x6c,
-	0x65, 0x2e, 0x76, 0x32, 0x2e, 0x4d, 0x75, 0x74, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x42, 0x03, 0xe0,
-	0x41, 0x02, 0x52, 0x09, 0x6d, 0x75, 0x74, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x22, 0xa7, 0x01,
-	0x0a, 0x12, 0x4d, 0x75, 0x74, 0x61, 0x74, 0x65, 0x52, 0x6f, 0x77, 0x73, 0x52, 0x65, 0x73, 0x70,
-	0x6f, 0x6e, 0x73, 0x65, 0x12, 0x46, 0x0a, 0x07, 0x65, 0x6e, 0x74, 0x72, 0x69, 0x65, 0x73, 0x18,
-	0x01, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x2c, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x62,
-	0x69, 0x67, 0x74, 0x61, 0x62, 0x6c, 0x65, 0x2e, 0x76, 0x32, 0x2e, 0x4d, 0x75, 0x74, 0x61, 0x74,
-	0x65, 0x52, 0x6f, 0x77, 0x73, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x2e, 0x45, 0x6e,
-	0x74, 0x72, 0x79, 0x52, 0x07, 0x65, 0x6e, 0x74, 0x72, 0x69, 0x65, 0x73, 0x1a, 0x49, 0x0a, 0x05,
-	0x45, 0x6e, 0x74, 0x72, 0x79, 0x12, 0x14, 0x0a, 0x05, 0x69, 0x6e, 0x64, 0x65, 0x78, 0x18, 0x01,
-	0x20, 0x01, 0x28, 0x03, 0x52, 0x05, 0x69, 0x6e, 0x64, 0x65, 0x78, 0x12, 0x2a, 0x0a, 0x06, 0x73,
-	0x74, 0x61, 0x74, 0x75, 0x73, 0x18, 0x02, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x12, 0x2e, 0x67, 0x6f,
-	0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x72, 0x70, 0x63, 0x2e, 0x53, 0x74, 0x61, 0x74, 0x75, 0x73, 0x52,
-	0x06, 0x73, 0x74, 0x61, 0x74, 0x75, 0x73, 0x22, 0xfa, 0x02, 0x0a, 0x18, 0x43, 0x68, 0x65, 0x63,
-	0x6b, 0x41, 0x6e, 0x64, 0x4d, 0x75, 0x74, 0x61, 0x74, 0x65, 0x52, 0x6f, 0x77, 0x52, 0x65, 0x71,
-	0x75, 0x65, 0x73, 0x74, 0x12, 0x44, 0x0a, 0x0a, 0x74, 0x61, 0x62, 0x6c, 0x65, 0x5f, 0x6e, 0x61,
-	0x6d, 0x65, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x42, 0x25, 0xe0, 0x41, 0x02, 0xfa, 0x41, 0x1f,
-	0x0a, 0x1d, 0x62, 0x69, 0x67, 0x74, 0x61, 0x62, 0x6c, 0x65, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c,
-	0x65, 0x61, 0x70, 0x69, 0x73, 0x2e, 0x63, 0x6f, 0x6d, 0x2f, 0x54, 0x61, 0x62, 0x6c, 0x65, 0x52,
-	0x09, 0x74, 0x61, 0x62, 0x6c, 0x65, 0x4e, 0x61, 0x6d, 0x65, 0x12, 0x24, 0x0a, 0x0e, 0x61, 0x70,
-	0x70, 0x5f, 0x70, 0x72, 0x6f, 0x66, 0x69, 0x6c, 0x65, 0x5f, 0x69, 0x64, 0x18, 0x07, 0x20, 0x01,
-	0x28, 0x09, 0x52, 0x0c, 0x61, 0x70, 0x70, 0x50, 0x72, 0x6f, 0x66, 0x69, 0x6c, 0x65, 0x49, 0x64,
-	0x12, 0x1c, 0x0a, 0x07, 0x72, 0x6f, 0x77, 0x5f, 0x6b, 0x65, 0x79, 0x18, 0x02, 0x20, 0x01, 0x28,
-	0x0c, 0x42, 0x03, 0xe0, 0x41, 0x02, 0x52, 0x06, 0x72, 0x6f, 0x77, 0x4b, 0x65, 0x79, 0x12, 0x48,
-	0x0a, 0x10, 0x70, 0x72, 0x65, 0x64, 0x69, 0x63, 0x61, 0x74, 0x65, 0x5f, 0x66, 0x69, 0x6c, 0x74,
-	0x65, 0x72, 0x18, 0x06, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1d, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c,
-	0x65, 0x2e, 0x62, 0x69, 0x67, 0x74, 0x61, 0x62, 0x6c, 0x65, 0x2e, 0x76, 0x32, 0x2e, 0x52, 0x6f,
-	0x77, 0x46, 0x69, 0x6c, 0x74, 0x65, 0x72, 0x52, 0x0f, 0x70, 0x72, 0x65, 0x64, 0x69, 0x63, 0x61,
-	0x74, 0x65, 0x46, 0x69, 0x6c, 0x74, 0x65, 0x72, 0x12, 0x43, 0x0a, 0x0e, 0x74, 0x72, 0x75, 0x65,
-	0x5f, 0x6d, 0x75, 0x74, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x18, 0x04, 0x20, 0x03, 0x28, 0x0b,
-	0x32, 0x1c, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x62, 0x69, 0x67, 0x74, 0x61, 0x62,
-	0x6c, 0x65, 0x2e, 0x76, 0x32, 0x2e, 0x4d, 0x75, 0x74, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x52, 0x0d,
-	0x74, 0x72, 0x75, 0x65, 0x4d, 0x75, 0x74, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x12, 0x45, 0x0a,
-	0x0f, 0x66, 0x61, 0x6c, 0x73, 0x65, 0x5f, 0x6d, 0x75, 0x74, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x73,
-	0x18, 0x05, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x1c, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e,
-	0x62, 0x69, 0x67, 0x74, 0x61, 0x62, 0x6c, 0x65, 0x2e, 0x76, 0x32, 0x2e, 0x4d, 0x75, 0x74, 0x61,
-	0x74, 0x69, 0x6f, 0x6e, 0x52, 0x0e, 0x66, 0x61, 0x6c, 0x73, 0x65, 0x4d, 0x75, 0x74, 0x61, 0x74,
-	0x69, 0x6f, 0x6e, 0x73, 0x22, 0x48, 0x0a, 0x19, 0x43, 0x68, 0x65, 0x63, 0x6b, 0x41, 0x6e, 0x64,
-	0x4d, 0x75, 0x74, 0x61, 0x74, 0x65, 0x52, 0x6f, 0x77, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73,
-	0x65, 0x12, 0x2b, 0x0a, 0x11, 0x70, 0x72, 0x65, 0x64, 0x69, 0x63, 0x61, 0x74, 0x65, 0x5f, 0x6d,
-	0x61, 0x74, 0x63, 0x68, 0x65, 0x64, 0x18, 0x01, 0x20, 0x01, 0x28, 0x08, 0x52, 0x10, 0x70, 0x72,
-	0x65, 0x64, 0x69, 0x63, 0x61, 0x74, 0x65, 0x4d, 0x61, 0x74, 0x63, 0x68, 0x65, 0x64, 0x22, 0xe9,
-	0x01, 0x0a, 0x19, 0x52, 0x65, 0x61, 0x64, 0x4d, 0x6f, 0x64, 0x69, 0x66, 0x79, 0x57, 0x72, 0x69,
-	0x74, 0x65, 0x52, 0x6f, 0x77, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x12, 0x44, 0x0a, 0x0a,
-	0x74, 0x61, 0x62, 0x6c, 0x65, 0x5f, 0x6e, 0x61, 0x6d, 0x65, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09,
-	0x42, 0x25, 0xe0, 0x41, 0x02, 0xfa, 0x41, 0x1f, 0x0a, 0x1d, 0x62, 0x69, 0x67, 0x74, 0x61, 0x62,
-	0x6c, 0x65, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x61, 0x70, 0x69, 0x73, 0x2e, 0x63, 0x6f,
-	0x6d, 0x2f, 0x54, 0x61, 0x62, 0x6c, 0x65, 0x52, 0x09, 0x74, 0x61, 0x62, 0x6c, 0x65, 0x4e, 0x61,
-	0x6d, 0x65, 0x12, 0x24, 0x0a, 0x0e, 0x61, 0x70, 0x70, 0x5f, 0x70, 0x72, 0x6f, 0x66, 0x69, 0x6c,
-	0x65, 0x5f, 0x69, 0x64, 0x18, 0x04, 0x20, 0x01, 0x28, 0x09, 0x52, 0x0c, 0x61, 0x70, 0x70, 0x50,
-	0x72, 0x6f, 0x66, 0x69, 0x6c, 0x65, 0x49, 0x64, 0x12, 0x1c, 0x0a, 0x07, 0x72, 0x6f, 0x77, 0x5f,
-	0x6b, 0x65, 0x79, 0x18, 0x02, 0x20, 0x01, 0x28, 0x0c, 0x42, 0x03, 0xe0, 0x41, 0x02, 0x52, 0x06,
-	0x72, 0x6f, 0x77, 0x4b, 0x65, 0x79, 0x12, 0x42, 0x0a, 0x05, 0x72, 0x75, 0x6c, 0x65, 0x73, 0x18,
-	0x03, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x27, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x62,
-	0x69, 0x67, 0x74, 0x61, 0x62, 0x6c, 0x65, 0x2e, 0x76, 0x32, 0x2e, 0x52, 0x65, 0x61, 0x64, 0x4d,
-	0x6f, 0x64, 0x69, 0x66, 0x79, 0x57, 0x72, 0x69, 0x74, 0x65, 0x52, 0x75, 0x6c, 0x65, 0x42, 0x03,
-	0xe0, 0x41, 0x02, 0x52, 0x05, 0x72, 0x75, 0x6c, 0x65, 0x73, 0x22, 0x47, 0x0a, 0x1a, 0x52, 0x65,
-	0x61, 0x64, 0x4d, 0x6f, 0x64, 0x69, 0x66, 0x79, 0x57, 0x72, 0x69, 0x74, 0x65, 0x52, 0x6f, 0x77,
-	0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x12, 0x29, 0x0a, 0x03, 0x72, 0x6f, 0x77, 0x18,
-	0x01, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x17, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x62,
-	0x69, 0x67, 0x74, 0x61, 0x62, 0x6c, 0x65, 0x2e, 0x76, 0x32, 0x2e, 0x52, 0x6f, 0x77, 0x52, 0x03,
-	0x72, 0x6f, 0x77, 0x32, 0xc4, 0x0e, 0x0a, 0x08, 0x42, 0x69, 0x67, 0x74, 0x61, 0x62, 0x6c, 0x65,
-	0x12, 0xc6, 0x01, 0x0a, 0x08, 0x52, 0x65, 0x61, 0x64, 0x52, 0x6f, 0x77, 0x73, 0x12, 0x23, 0x2e,
-	0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x62, 0x69, 0x67, 0x74, 0x61, 0x62, 0x6c, 0x65, 0x2e,
-	0x76, 0x32, 0x2e, 0x52, 0x65, 0x61, 0x64, 0x52, 0x6f, 0x77, 0x73, 0x52, 0x65, 0x71, 0x75, 0x65,
-	0x73, 0x74, 0x1a, 0x24, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x62, 0x69, 0x67, 0x74,
-	0x61, 0x62, 0x6c, 0x65, 0x2e, 0x76, 0x32, 0x2e, 0x52, 0x65, 0x61, 0x64, 0x52, 0x6f, 0x77, 0x73,
-	0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x22, 0x6d, 0x82, 0xd3, 0xe4, 0x93, 0x02, 0x3e,
-	0x22, 0x39, 0x2f, 0x76, 0x32, 0x2f, 0x7b, 0x74, 0x61, 0x62, 0x6c, 0x65, 0x5f, 0x6e, 0x61, 0x6d,
-	0x65, 0x3d, 0x70, 0x72, 0x6f, 0x6a, 0x65, 0x63, 0x74, 0x73, 0x2f, 0x2a, 0x2f, 0x69, 0x6e, 0x73,
-	0x74, 0x61, 0x6e, 0x63, 0x65, 0x73, 0x2f, 0x2a, 0x2f, 0x74, 0x61, 0x62, 0x6c, 0x65, 0x73, 0x2f,
-	0x2a, 0x7d, 0x3a, 0x72, 0x65, 0x61, 0x64, 0x52, 0x6f, 0x77, 0x73, 0x3a, 0x01, 0x2a, 0xda, 0x41,
-	0x0a, 0x74, 0x61, 0x62, 0x6c, 0x65, 0x5f, 0x6e, 0x61, 0x6d, 0x65, 0xda, 0x41, 0x19, 0x74, 0x61,
-	0x62, 0x6c, 0x65, 0x5f, 0x6e, 0x61, 0x6d, 0x65, 0x2c, 0x61, 0x70, 0x70, 0x5f, 0x70, 0x72, 0x6f,
-	0x66, 0x69, 0x6c, 0x65, 0x5f, 0x69, 0x64, 0x30, 0x01, 0x12, 0xd7, 0x01, 0x0a, 0x0d, 0x53, 0x61,
-	0x6d, 0x70, 0x6c, 0x65, 0x52, 0x6f, 0x77, 0x4b, 0x65, 0x79, 0x73, 0x12, 0x28, 0x2e, 0x67, 0x6f,
+	0x65, 0x2e, 0x76, 0x32, 0x2e, 0x4d, 0x75, 0x74, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x52, 0x0e, 0x66,
+	0x61, 0x6c, 0x73, 0x65, 0x4d, 0x75, 0x74, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x22, 0x48, 0x0a,
+	0x19, 0x43, 0x68, 0x65, 0x63, 0x6b, 0x41, 0x6e, 0x64, 0x4d, 0x75, 0x74, 0x61, 0x74, 0x65, 0x52,
+	0x6f, 0x77, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x12, 0x2b, 0x0a, 0x11, 0x70, 0x72,
+	0x65, 0x64, 0x69, 0x63, 0x61, 0x74, 0x65, 0x5f, 0x6d, 0x61, 0x74, 0x63, 0x68, 0x65, 0x64, 0x18,
+	0x01, 0x20, 0x01, 0x28, 0x08, 0x52, 0x10, 0x70, 0x72, 0x65, 0x64, 0x69, 0x63, 0x61, 0x74, 0x65,
+	0x4d, 0x61, 0x74, 0x63, 0x68, 0x65, 0x64, 0x22, 0xee, 0x01, 0x0a, 0x19, 0x52, 0x65, 0x61, 0x64,
+	0x4d, 0x6f, 0x64, 0x69, 0x66, 0x79, 0x57, 0x72, 0x69, 0x74, 0x65, 0x52, 0x6f, 0x77, 0x52, 0x65,
+	0x71, 0x75, 0x65, 0x73, 0x74, 0x12, 0x49, 0x0a, 0x0a, 0x74, 0x61, 0x62, 0x6c, 0x65, 0x5f, 0x6e,
+	0x61, 0x6d, 0x65, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x42, 0x2a, 0xe0, 0x41, 0x02, 0xfa, 0x41,
+	0x24, 0x0a, 0x22, 0x62, 0x69, 0x67, 0x74, 0x61, 0x62, 0x6c, 0x65, 0x61, 0x64, 0x6d, 0x69, 0x6e,
+	0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x61, 0x70, 0x69, 0x73, 0x2e, 0x63, 0x6f, 0x6d, 0x2f,
+	0x54, 0x61, 0x62, 0x6c, 0x65, 0x52, 0x09, 0x74, 0x61, 0x62, 0x6c, 0x65, 0x4e, 0x61, 0x6d, 0x65,
+	0x12, 0x24, 0x0a, 0x0e, 0x61, 0x70, 0x70, 0x5f, 0x70, 0x72, 0x6f, 0x66, 0x69, 0x6c, 0x65, 0x5f,
+	0x69, 0x64, 0x18, 0x04, 0x20, 0x01, 0x28, 0x09, 0x52, 0x0c, 0x61, 0x70, 0x70, 0x50, 0x72, 0x6f,
+	0x66, 0x69, 0x6c, 0x65, 0x49, 0x64, 0x12, 0x1c, 0x0a, 0x07, 0x72, 0x6f, 0x77, 0x5f, 0x6b, 0x65,
+	0x79, 0x18, 0x02, 0x20, 0x01, 0x28, 0x0c, 0x42, 0x03, 0xe0, 0x41, 0x02, 0x52, 0x06, 0x72, 0x6f,
+	0x77, 0x4b, 0x65, 0x79, 0x12, 0x42, 0x0a, 0x05, 0x72, 0x75, 0x6c, 0x65, 0x73, 0x18, 0x03, 0x20,
+	0x03, 0x28, 0x0b, 0x32, 0x27, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x62, 0x69, 0x67,
+	0x74, 0x61, 0x62, 0x6c, 0x65, 0x2e, 0x76, 0x32, 0x2e, 0x52, 0x65, 0x61, 0x64, 0x4d, 0x6f, 0x64,
+	0x69, 0x66, 0x79, 0x57, 0x72, 0x69, 0x74, 0x65, 0x52, 0x75, 0x6c, 0x65, 0x42, 0x03, 0xe0, 0x41,
+	0x02, 0x52, 0x05, 0x72, 0x75, 0x6c, 0x65, 0x73, 0x22, 0x47, 0x0a, 0x1a, 0x52, 0x65, 0x61, 0x64,
+	0x4d, 0x6f, 0x64, 0x69, 0x66, 0x79, 0x57, 0x72, 0x69, 0x74, 0x65, 0x52, 0x6f, 0x77, 0x52, 0x65,
+	0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x12, 0x29, 0x0a, 0x03, 0x72, 0x6f, 0x77, 0x18, 0x01, 0x20,
+	0x01, 0x28, 0x0b, 0x32, 0x17, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x62, 0x69, 0x67,
+	0x74, 0x61, 0x62, 0x6c, 0x65, 0x2e, 0x76, 0x32, 0x2e, 0x52, 0x6f, 0x77, 0x52, 0x03, 0x72, 0x6f,
+	0x77, 0x32, 0xc4, 0x0e, 0x0a, 0x08, 0x42, 0x69, 0x67, 0x74, 0x61, 0x62, 0x6c, 0x65, 0x12, 0xc6,
+	0x01, 0x0a, 0x08, 0x52, 0x65, 0x61, 0x64, 0x52, 0x6f, 0x77, 0x73, 0x12, 0x23, 0x2e, 0x67, 0x6f,
 	0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x62, 0x69, 0x67, 0x74, 0x61, 0x62, 0x6c, 0x65, 0x2e, 0x76, 0x32,
-	0x2e, 0x53, 0x61, 0x6d, 0x70, 0x6c, 0x65, 0x52, 0x6f, 0x77, 0x4b, 0x65, 0x79, 0x73, 0x52, 0x65,
-	0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, 0x29, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x62,
-	0x69, 0x67, 0x74, 0x61, 0x62, 0x6c, 0x65, 0x2e, 0x76, 0x32, 0x2e, 0x53, 0x61, 0x6d, 0x70, 0x6c,
-	0x65, 0x52, 0x6f, 0x77, 0x4b, 0x65, 0x79, 0x73, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65,
-	0x22, 0x6f, 0x82, 0xd3, 0xe4, 0x93, 0x02, 0x40, 0x12, 0x3e, 0x2f, 0x76, 0x32, 0x2f, 0x7b, 0x74,
-	0x61, 0x62, 0x6c, 0x65, 0x5f, 0x6e, 0x61, 0x6d, 0x65, 0x3d, 0x70, 0x72, 0x6f, 0x6a, 0x65, 0x63,
-	0x74, 0x73, 0x2f, 0x2a, 0x2f, 0x69, 0x6e, 0x73, 0x74, 0x61, 0x6e, 0x63, 0x65, 0x73, 0x2f, 0x2a,
-	0x2f, 0x74, 0x61, 0x62, 0x6c, 0x65, 0x73, 0x2f, 0x2a, 0x7d, 0x3a, 0x73, 0x61, 0x6d, 0x70, 0x6c,
-	0x65, 0x52, 0x6f, 0x77, 0x4b, 0x65, 0x79, 0x73, 0xda, 0x41, 0x0a, 0x74, 0x61, 0x62, 0x6c, 0x65,
-	0x5f, 0x6e, 0x61, 0x6d, 0x65, 0xda, 0x41, 0x19, 0x74, 0x61, 0x62, 0x6c, 0x65, 0x5f, 0x6e, 0x61,
-	0x6d, 0x65, 0x2c, 0x61, 0x70, 0x70, 0x5f, 0x70, 0x72, 0x6f, 0x66, 0x69, 0x6c, 0x65, 0x5f, 0x69,
-	0x64, 0x30, 0x01, 0x12, 0xed, 0x01, 0x0a, 0x09, 0x4d, 0x75, 0x74, 0x61, 0x74, 0x65, 0x52, 0x6f,
-	0x77, 0x12, 0x24, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x62, 0x69, 0x67, 0x74, 0x61,
-	0x62, 0x6c, 0x65, 0x2e, 0x76, 0x32, 0x2e, 0x4d, 0x75, 0x74, 0x61, 0x74, 0x65, 0x52, 0x6f, 0x77,
-	0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, 0x25, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65,
+	0x2e, 0x52, 0x65, 0x61, 0x64, 0x52, 0x6f, 0x77, 0x73, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74,
+	0x1a, 0x24, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x62, 0x69, 0x67, 0x74, 0x61, 0x62,
+	0x6c, 0x65, 0x2e, 0x76, 0x32, 0x2e, 0x52, 0x65, 0x61, 0x64, 0x52, 0x6f, 0x77, 0x73, 0x52, 0x65,
+	0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x22, 0x6d, 0x82, 0xd3, 0xe4, 0x93, 0x02, 0x3e, 0x22, 0x39,
+	0x2f, 0x76, 0x32, 0x2f, 0x7b, 0x74, 0x61, 0x62, 0x6c, 0x65, 0x5f, 0x6e, 0x61, 0x6d, 0x65, 0x3d,
+	0x70, 0x72, 0x6f, 0x6a, 0x65, 0x63, 0x74, 0x73, 0x2f, 0x2a, 0x2f, 0x69, 0x6e, 0x73, 0x74, 0x61,
+	0x6e, 0x63, 0x65, 0x73, 0x2f, 0x2a, 0x2f, 0x74, 0x61, 0x62, 0x6c, 0x65, 0x73, 0x2f, 0x2a, 0x7d,
+	0x3a, 0x72, 0x65, 0x61, 0x64, 0x52, 0x6f, 0x77, 0x73, 0x3a, 0x01, 0x2a, 0xda, 0x41, 0x0a, 0x74,
+	0x61, 0x62, 0x6c, 0x65, 0x5f, 0x6e, 0x61, 0x6d, 0x65, 0xda, 0x41, 0x19, 0x74, 0x61, 0x62, 0x6c,
+	0x65, 0x5f, 0x6e, 0x61, 0x6d, 0x65, 0x2c, 0x61, 0x70, 0x70, 0x5f, 0x70, 0x72, 0x6f, 0x66, 0x69,
+	0x6c, 0x65, 0x5f, 0x69, 0x64, 0x30, 0x01, 0x12, 0xd7, 0x01, 0x0a, 0x0d, 0x53, 0x61, 0x6d, 0x70,
+	0x6c, 0x65, 0x52, 0x6f, 0x77, 0x4b, 0x65, 0x79, 0x73, 0x12, 0x28, 0x2e, 0x67, 0x6f, 0x6f, 0x67,
+	0x6c, 0x65, 0x2e, 0x62, 0x69, 0x67, 0x74, 0x61, 0x62, 0x6c, 0x65, 0x2e, 0x76, 0x32, 0x2e, 0x53,
+	0x61, 0x6d, 0x70, 0x6c, 0x65, 0x52, 0x6f, 0x77, 0x4b, 0x65, 0x79, 0x73, 0x52, 0x65, 0x71, 0x75,
+	0x65, 0x73, 0x74, 0x1a, 0x29, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x62, 0x69, 0x67,
+	0x74, 0x61, 0x62, 0x6c, 0x65, 0x2e, 0x76, 0x32, 0x2e, 0x53, 0x61, 0x6d, 0x70, 0x6c, 0x65, 0x52,
+	0x6f, 0x77, 0x4b, 0x65, 0x79, 0x73, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x22, 0x6f,
+	0x82, 0xd3, 0xe4, 0x93, 0x02, 0x40, 0x12, 0x3e, 0x2f, 0x76, 0x32, 0x2f, 0x7b, 0x74, 0x61, 0x62,
+	0x6c, 0x65, 0x5f, 0x6e, 0x61, 0x6d, 0x65, 0x3d, 0x70, 0x72, 0x6f, 0x6a, 0x65, 0x63, 0x74, 0x73,
+	0x2f, 0x2a, 0x2f, 0x69, 0x6e, 0x73, 0x74, 0x61, 0x6e, 0x63, 0x65, 0x73, 0x2f, 0x2a, 0x2f, 0x74,
+	0x61, 0x62, 0x6c, 0x65, 0x73, 0x2f, 0x2a, 0x7d, 0x3a, 0x73, 0x61, 0x6d, 0x70, 0x6c, 0x65, 0x52,
+	0x6f, 0x77, 0x4b, 0x65, 0x79, 0x73, 0xda, 0x41, 0x0a, 0x74, 0x61, 0x62, 0x6c, 0x65, 0x5f, 0x6e,
+	0x61, 0x6d, 0x65, 0xda, 0x41, 0x19, 0x74, 0x61, 0x62, 0x6c, 0x65, 0x5f, 0x6e, 0x61, 0x6d, 0x65,
+	0x2c, 0x61, 0x70, 0x70, 0x5f, 0x70, 0x72, 0x6f, 0x66, 0x69, 0x6c, 0x65, 0x5f, 0x69, 0x64, 0x30,
+	0x01, 0x12, 0xed, 0x01, 0x0a, 0x09, 0x4d, 0x75, 0x74, 0x61, 0x74, 0x65, 0x52, 0x6f, 0x77, 0x12,
+	0x24, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x62, 0x69, 0x67, 0x74, 0x61, 0x62, 0x6c,
+	0x65, 0x2e, 0x76, 0x32, 0x2e, 0x4d, 0x75, 0x74, 0x61, 0x74, 0x65, 0x52, 0x6f, 0x77, 0x52, 0x65,
+	0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, 0x25, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x62,
+	0x69, 0x67, 0x74, 0x61, 0x62, 0x6c, 0x65, 0x2e, 0x76, 0x32, 0x2e, 0x4d, 0x75, 0x74, 0x61, 0x74,
+	0x65, 0x52, 0x6f, 0x77, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x22, 0x92, 0x01, 0x82,
+	0xd3, 0xe4, 0x93, 0x02, 0x3f, 0x22, 0x3a, 0x2f, 0x76, 0x32, 0x2f, 0x7b, 0x74, 0x61, 0x62, 0x6c,
+	0x65, 0x5f, 0x6e, 0x61, 0x6d, 0x65, 0x3d, 0x70, 0x72, 0x6f, 0x6a, 0x65, 0x63, 0x74, 0x73, 0x2f,
+	0x2a, 0x2f, 0x69, 0x6e, 0x73, 0x74, 0x61, 0x6e, 0x63, 0x65, 0x73, 0x2f, 0x2a, 0x2f, 0x74, 0x61,
+	0x62, 0x6c, 0x65, 0x73, 0x2f, 0x2a, 0x7d, 0x3a, 0x6d, 0x75, 0x74, 0x61, 0x74, 0x65, 0x52, 0x6f,
+	0x77, 0x3a, 0x01, 0x2a, 0xda, 0x41, 0x1c, 0x74, 0x61, 0x62, 0x6c, 0x65, 0x5f, 0x6e, 0x61, 0x6d,
+	0x65, 0x2c, 0x72, 0x6f, 0x77, 0x5f, 0x6b, 0x65, 0x79, 0x2c, 0x6d, 0x75, 0x74, 0x61, 0x74, 0x69,
+	0x6f, 0x6e, 0x73, 0xda, 0x41, 0x2b, 0x74, 0x61, 0x62, 0x6c, 0x65, 0x5f, 0x6e, 0x61, 0x6d, 0x65,
+	0x2c, 0x72, 0x6f, 0x77, 0x5f, 0x6b, 0x65, 0x79, 0x2c, 0x6d, 0x75, 0x74, 0x61, 0x74, 0x69, 0x6f,
+	0x6e, 0x73, 0x2c, 0x61, 0x70, 0x70, 0x5f, 0x70, 0x72, 0x6f, 0x66, 0x69, 0x6c, 0x65, 0x5f, 0x69,
+	0x64, 0x12, 0xde, 0x01, 0x0a, 0x0a, 0x4d, 0x75, 0x74, 0x61, 0x74, 0x65, 0x52, 0x6f, 0x77, 0x73,
+	0x12, 0x25, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x62, 0x69, 0x67, 0x74, 0x61, 0x62,
+	0x6c, 0x65, 0x2e, 0x76, 0x32, 0x2e, 0x4d, 0x75, 0x74, 0x61, 0x74, 0x65, 0x52, 0x6f, 0x77, 0x73,
+	0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, 0x26, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65,
 	0x2e, 0x62, 0x69, 0x67, 0x74, 0x61, 0x62, 0x6c, 0x65, 0x2e, 0x76, 0x32, 0x2e, 0x4d, 0x75, 0x74,
-	0x61, 0x74, 0x65, 0x52, 0x6f, 0x77, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x22, 0x92,
-	0x01, 0x82, 0xd3, 0xe4, 0x93, 0x02, 0x3f, 0x22, 0x3a, 0x2f, 0x76, 0x32, 0x2f, 0x7b, 0x74, 0x61,
+	0x61, 0x74, 0x65, 0x52, 0x6f, 0x77, 0x73, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x22,
+	0x7f, 0x82, 0xd3, 0xe4, 0x93, 0x02, 0x40, 0x22, 0x3b, 0x2f, 0x76, 0x32, 0x2f, 0x7b, 0x74, 0x61,
 	0x62, 0x6c, 0x65, 0x5f, 0x6e, 0x61, 0x6d, 0x65, 0x3d, 0x70, 0x72, 0x6f, 0x6a, 0x65, 0x63, 0x74,
 	0x73, 0x2f, 0x2a, 0x2f, 0x69, 0x6e, 0x73, 0x74, 0x61, 0x6e, 0x63, 0x65, 0x73, 0x2f, 0x2a, 0x2f,
 	0x74, 0x61, 0x62, 0x6c, 0x65, 0x73, 0x2f, 0x2a, 0x7d, 0x3a, 0x6d, 0x75, 0x74, 0x61, 0x74, 0x65,
-	0x52, 0x6f, 0x77, 0x3a, 0x01, 0x2a, 0xda, 0x41, 0x1c, 0x74, 0x61, 0x62, 0x6c, 0x65, 0x5f, 0x6e,
-	0x61, 0x6d, 0x65, 0x2c, 0x72, 0x6f, 0x77, 0x5f, 0x6b, 0x65, 0x79, 0x2c, 0x6d, 0x75, 0x74, 0x61,
-	0x74, 0x69, 0x6f, 0x6e, 0x73, 0xda, 0x41, 0x2b, 0x74, 0x61, 0x62, 0x6c, 0x65, 0x5f, 0x6e, 0x61,
-	0x6d, 0x65, 0x2c, 0x72, 0x6f, 0x77, 0x5f, 0x6b, 0x65, 0x79, 0x2c, 0x6d, 0x75, 0x74, 0x61, 0x74,
-	0x69, 0x6f, 0x6e, 0x73, 0x2c, 0x61, 0x70, 0x70, 0x5f, 0x70, 0x72, 0x6f, 0x66, 0x69, 0x6c, 0x65,
-	0x5f, 0x69, 0x64, 0x12, 0xde, 0x01, 0x0a, 0x0a, 0x4d, 0x75, 0x74, 0x61, 0x74, 0x65, 0x52, 0x6f,
-	0x77, 0x73, 0x12, 0x25, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x62, 0x69, 0x67, 0x74,
-	0x61, 0x62, 0x6c, 0x65, 0x2e, 0x76, 0x32, 0x2e, 0x4d, 0x75, 0x74, 0x61, 0x74, 0x65, 0x52, 0x6f,
-	0x77, 0x73, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, 0x26, 0x2e, 0x67, 0x6f, 0x6f, 0x67,
-	0x6c, 0x65, 0x2e, 0x62, 0x69, 0x67, 0x74, 0x61, 0x62, 0x6c, 0x65, 0x2e, 0x76, 0x32, 0x2e, 0x4d,
-	0x75, 0x74, 0x61, 0x74, 0x65, 0x52, 0x6f, 0x77, 0x73, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73,
-	0x65, 0x22, 0x7f, 0x82, 0xd3, 0xe4, 0x93, 0x02, 0x40, 0x22, 0x3b, 0x2f, 0x76, 0x32, 0x2f, 0x7b,
-	0x74, 0x61, 0x62, 0x6c, 0x65, 0x5f, 0x6e, 0x61, 0x6d, 0x65, 0x3d, 0x70, 0x72, 0x6f, 0x6a, 0x65,
-	0x63, 0x74, 0x73, 0x2f, 0x2a, 0x2f, 0x69, 0x6e, 0x73, 0x74, 0x61, 0x6e, 0x63, 0x65, 0x73, 0x2f,
-	0x2a, 0x2f, 0x74, 0x61, 0x62, 0x6c, 0x65, 0x73, 0x2f, 0x2a, 0x7d, 0x3a, 0x6d, 0x75, 0x74, 0x61,
-	0x74, 0x65, 0x52, 0x6f, 0x77, 0x73, 0x3a, 0x01, 0x2a, 0xda, 0x41, 0x12, 0x74, 0x61, 0x62, 0x6c,
-	0x65, 0x5f, 0x6e, 0x61, 0x6d, 0x65, 0x2c, 0x65, 0x6e, 0x74, 0x72, 0x69, 0x65, 0x73, 0xda, 0x41,
-	0x21, 0x74, 0x61, 0x62, 0x6c, 0x65, 0x5f, 0x6e, 0x61, 0x6d, 0x65, 0x2c, 0x65, 0x6e, 0x74, 0x72,
-	0x69, 0x65, 0x73, 0x2c, 0x61, 0x70, 0x70, 0x5f, 0x70, 0x72, 0x6f, 0x66, 0x69, 0x6c, 0x65, 0x5f,
-	0x69, 0x64, 0x30, 0x01, 0x12, 0xd9, 0x02, 0x0a, 0x11, 0x43, 0x68, 0x65, 0x63, 0x6b, 0x41, 0x6e,
-	0x64, 0x4d, 0x75, 0x74, 0x61, 0x74, 0x65, 0x52, 0x6f, 0x77, 0x12, 0x2c, 0x2e, 0x67, 0x6f, 0x6f,
-	0x67, 0x6c, 0x65, 0x2e, 0x62, 0x69, 0x67, 0x74, 0x61, 0x62, 0x6c, 0x65, 0x2e, 0x76, 0x32, 0x2e,
-	0x43, 0x68, 0x65, 0x63, 0x6b, 0x41, 0x6e, 0x64, 0x4d, 0x75, 0x74, 0x61, 0x74, 0x65, 0x52, 0x6f,
-	0x77, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, 0x2d, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c,
+	0x52, 0x6f, 0x77, 0x73, 0x3a, 0x01, 0x2a, 0xda, 0x41, 0x12, 0x74, 0x61, 0x62, 0x6c, 0x65, 0x5f,
+	0x6e, 0x61, 0x6d, 0x65, 0x2c, 0x65, 0x6e, 0x74, 0x72, 0x69, 0x65, 0x73, 0xda, 0x41, 0x21, 0x74,
+	0x61, 0x62, 0x6c, 0x65, 0x5f, 0x6e, 0x61, 0x6d, 0x65, 0x2c, 0x65, 0x6e, 0x74, 0x72, 0x69, 0x65,
+	0x73, 0x2c, 0x61, 0x70, 0x70, 0x5f, 0x70, 0x72, 0x6f, 0x66, 0x69, 0x6c, 0x65, 0x5f, 0x69, 0x64,
+	0x30, 0x01, 0x12, 0xd9, 0x02, 0x0a, 0x11, 0x43, 0x68, 0x65, 0x63, 0x6b, 0x41, 0x6e, 0x64, 0x4d,
+	0x75, 0x74, 0x61, 0x74, 0x65, 0x52, 0x6f, 0x77, 0x12, 0x2c, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c,
 	0x65, 0x2e, 0x62, 0x69, 0x67, 0x74, 0x61, 0x62, 0x6c, 0x65, 0x2e, 0x76, 0x32, 0x2e, 0x43, 0x68,
 	0x65, 0x63, 0x6b, 0x41, 0x6e, 0x64, 0x4d, 0x75, 0x74, 0x61, 0x74, 0x65, 0x52, 0x6f, 0x77, 0x52,
-	0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x22, 0xe6, 0x01, 0x82, 0xd3, 0xe4, 0x93, 0x02, 0x47,
-	0x22, 0x42, 0x2f, 0x76, 0x32, 0x2f, 0x7b, 0x74, 0x61, 0x62, 0x6c, 0x65, 0x5f, 0x6e, 0x61, 0x6d,
-	0x65, 0x3d, 0x70, 0x72, 0x6f, 0x6a, 0x65, 0x63, 0x74, 0x73, 0x2f, 0x2a, 0x2f, 0x69, 0x6e, 0x73,
-	0x74, 0x61, 0x6e, 0x63, 0x65, 0x73, 0x2f, 0x2a, 0x2f, 0x74, 0x61, 0x62, 0x6c, 0x65, 0x73, 0x2f,
-	0x2a, 0x7d, 0x3a, 0x63, 0x68, 0x65, 0x63, 0x6b, 0x41, 0x6e, 0x64, 0x4d, 0x75, 0x74, 0x61, 0x74,
-	0x65, 0x52, 0x6f, 0x77, 0x3a, 0x01, 0x2a, 0xda, 0x41, 0x42, 0x74, 0x61, 0x62, 0x6c, 0x65, 0x5f,
-	0x6e, 0x61, 0x6d, 0x65, 0x2c, 0x72, 0x6f, 0x77, 0x5f, 0x6b, 0x65, 0x79, 0x2c, 0x70, 0x72, 0x65,
-	0x64, 0x69, 0x63, 0x61, 0x74, 0x65, 0x5f, 0x66, 0x69, 0x6c, 0x74, 0x65, 0x72, 0x2c, 0x74, 0x72,
-	0x75, 0x65, 0x5f, 0x6d, 0x75, 0x74, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x2c, 0x66, 0x61, 0x6c,
-	0x73, 0x65, 0x5f, 0x6d, 0x75, 0x74, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0xda, 0x41, 0x51, 0x74,
-	0x61, 0x62, 0x6c, 0x65, 0x5f, 0x6e, 0x61, 0x6d, 0x65, 0x2c, 0x72, 0x6f, 0x77, 0x5f, 0x6b, 0x65,
-	0x79, 0x2c, 0x70, 0x72, 0x65, 0x64, 0x69, 0x63, 0x61, 0x74, 0x65, 0x5f, 0x66, 0x69, 0x6c, 0x74,
-	0x65, 0x72, 0x2c, 0x74, 0x72, 0x75, 0x65, 0x5f, 0x6d, 0x75, 0x74, 0x61, 0x74, 0x69, 0x6f, 0x6e,
-	0x73, 0x2c, 0x66, 0x61, 0x6c, 0x73, 0x65, 0x5f, 0x6d, 0x75, 0x74, 0x61, 0x74, 0x69, 0x6f, 0x6e,
-	0x73, 0x2c, 0x61, 0x70, 0x70, 0x5f, 0x70, 0x72, 0x6f, 0x66, 0x69, 0x6c, 0x65, 0x5f, 0x69, 0x64,
-	0x12, 0x89, 0x02, 0x0a, 0x12, 0x52, 0x65, 0x61, 0x64, 0x4d, 0x6f, 0x64, 0x69, 0x66, 0x79, 0x57,
-	0x72, 0x69, 0x74, 0x65, 0x52, 0x6f, 0x77, 0x12, 0x2d, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65,
-	0x2e, 0x62, 0x69, 0x67, 0x74, 0x61, 0x62, 0x6c, 0x65, 0x2e, 0x76, 0x32, 0x2e, 0x52, 0x65, 0x61,
-	0x64, 0x4d, 0x6f, 0x64, 0x69, 0x66, 0x79, 0x57, 0x72, 0x69, 0x74, 0x65, 0x52, 0x6f, 0x77, 0x52,
-	0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, 0x2e, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e,
-	0x62, 0x69, 0x67, 0x74, 0x61, 0x62, 0x6c, 0x65, 0x2e, 0x76, 0x32, 0x2e, 0x52, 0x65, 0x61, 0x64,
-	0x4d, 0x6f, 0x64, 0x69, 0x66, 0x79, 0x57, 0x72, 0x69, 0x74, 0x65, 0x52, 0x6f, 0x77, 0x52, 0x65,
-	0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x22, 0x93, 0x01, 0x82, 0xd3, 0xe4, 0x93, 0x02, 0x48, 0x22,
-	0x43, 0x2f, 0x76, 0x32, 0x2f, 0x7b, 0x74, 0x61, 0x62, 0x6c, 0x65, 0x5f, 0x6e, 0x61, 0x6d, 0x65,
-	0x3d, 0x70, 0x72, 0x6f, 0x6a, 0x65, 0x63, 0x74, 0x73, 0x2f, 0x2a, 0x2f, 0x69, 0x6e, 0x73, 0x74,
-	0x61, 0x6e, 0x63, 0x65, 0x73, 0x2f, 0x2a, 0x2f, 0x74, 0x61, 0x62, 0x6c, 0x65, 0x73, 0x2f, 0x2a,
-	0x7d, 0x3a, 0x72, 0x65, 0x61, 0x64, 0x4d, 0x6f, 0x64, 0x69, 0x66, 0x79, 0x57, 0x72, 0x69, 0x74,
-	0x65, 0x52, 0x6f, 0x77, 0x3a, 0x01, 0x2a, 0xda, 0x41, 0x18, 0x74, 0x61, 0x62, 0x6c, 0x65, 0x5f,
-	0x6e, 0x61, 0x6d, 0x65, 0x2c, 0x72, 0x6f, 0x77, 0x5f, 0x6b, 0x65, 0x79, 0x2c, 0x72, 0x75, 0x6c,
-	0x65, 0x73, 0xda, 0x41, 0x27, 0x74, 0x61, 0x62, 0x6c, 0x65, 0x5f, 0x6e, 0x61, 0x6d, 0x65, 0x2c,
-	0x72, 0x6f, 0x77, 0x5f, 0x6b, 0x65, 0x79, 0x2c, 0x72, 0x75, 0x6c, 0x65, 0x73, 0x2c, 0x61, 0x70,
-	0x70, 0x5f, 0x70, 0x72, 0x6f, 0x66, 0x69, 0x6c, 0x65, 0x5f, 0x69, 0x64, 0x1a, 0xdb, 0x02, 0xca,
-	0x41, 0x17, 0x62, 0x69, 0x67, 0x74, 0x61, 0x62, 0x6c, 0x65, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c,
-	0x65, 0x61, 0x70, 0x69, 0x73, 0x2e, 0x63, 0x6f, 0x6d, 0xd2, 0x41, 0xbd, 0x02, 0x68, 0x74, 0x74,
-	0x70, 0x73, 0x3a, 0x2f, 0x2f, 0x77, 0x77, 0x77, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x61,
-	0x70, 0x69, 0x73, 0x2e, 0x63, 0x6f, 0x6d, 0x2f, 0x61, 0x75, 0x74, 0x68, 0x2f, 0x62, 0x69, 0x67,
-	0x74, 0x61, 0x62, 0x6c, 0x65, 0x2e, 0x64, 0x61, 0x74, 0x61, 0x2c, 0x68, 0x74, 0x74, 0x70, 0x73,
+	0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, 0x2d, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e,
+	0x62, 0x69, 0x67, 0x74, 0x61, 0x62, 0x6c, 0x65, 0x2e, 0x76, 0x32, 0x2e, 0x43, 0x68, 0x65, 0x63,
+	0x6b, 0x41, 0x6e, 0x64, 0x4d, 0x75, 0x74, 0x61, 0x74, 0x65, 0x52, 0x6f, 0x77, 0x52, 0x65, 0x73,
+	0x70, 0x6f, 0x6e, 0x73, 0x65, 0x22, 0xe6, 0x01, 0x82, 0xd3, 0xe4, 0x93, 0x02, 0x47, 0x22, 0x42,
+	0x2f, 0x76, 0x32, 0x2f, 0x7b, 0x74, 0x61, 0x62, 0x6c, 0x65, 0x5f, 0x6e, 0x61, 0x6d, 0x65, 0x3d,
+	0x70, 0x72, 0x6f, 0x6a, 0x65, 0x63, 0x74, 0x73, 0x2f, 0x2a, 0x2f, 0x69, 0x6e, 0x73, 0x74, 0x61,
+	0x6e, 0x63, 0x65, 0x73, 0x2f, 0x2a, 0x2f, 0x74, 0x61, 0x62, 0x6c, 0x65, 0x73, 0x2f, 0x2a, 0x7d,
+	0x3a, 0x63, 0x68, 0x65, 0x63, 0x6b, 0x41, 0x6e, 0x64, 0x4d, 0x75, 0x74, 0x61, 0x74, 0x65, 0x52,
+	0x6f, 0x77, 0x3a, 0x01, 0x2a, 0xda, 0x41, 0x42, 0x74, 0x61, 0x62, 0x6c, 0x65, 0x5f, 0x6e, 0x61,
+	0x6d, 0x65, 0x2c, 0x72, 0x6f, 0x77, 0x5f, 0x6b, 0x65, 0x79, 0x2c, 0x70, 0x72, 0x65, 0x64, 0x69,
+	0x63, 0x61, 0x74, 0x65, 0x5f, 0x66, 0x69, 0x6c, 0x74, 0x65, 0x72, 0x2c, 0x74, 0x72, 0x75, 0x65,
+	0x5f, 0x6d, 0x75, 0x74, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x2c, 0x66, 0x61, 0x6c, 0x73, 0x65,
+	0x5f, 0x6d, 0x75, 0x74, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0xda, 0x41, 0x51, 0x74, 0x61, 0x62,
+	0x6c, 0x65, 0x5f, 0x6e, 0x61, 0x6d, 0x65, 0x2c, 0x72, 0x6f, 0x77, 0x5f, 0x6b, 0x65, 0x79, 0x2c,
+	0x70, 0x72, 0x65, 0x64, 0x69, 0x63, 0x61, 0x74, 0x65, 0x5f, 0x66, 0x69, 0x6c, 0x74, 0x65, 0x72,
+	0x2c, 0x74, 0x72, 0x75, 0x65, 0x5f, 0x6d, 0x75, 0x74, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x2c,
+	0x66, 0x61, 0x6c, 0x73, 0x65, 0x5f, 0x6d, 0x75, 0x74, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x2c,
+	0x61, 0x70, 0x70, 0x5f, 0x70, 0x72, 0x6f, 0x66, 0x69, 0x6c, 0x65, 0x5f, 0x69, 0x64, 0x12, 0x89,
+	0x02, 0x0a, 0x12, 0x52, 0x65, 0x61, 0x64, 0x4d, 0x6f, 0x64, 0x69, 0x66, 0x79, 0x57, 0x72, 0x69,
+	0x74, 0x65, 0x52, 0x6f, 0x77, 0x12, 0x2d, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x62,
+	0x69, 0x67, 0x74, 0x61, 0x62, 0x6c, 0x65, 0x2e, 0x76, 0x32, 0x2e, 0x52, 0x65, 0x61, 0x64, 0x4d,
+	0x6f, 0x64, 0x69, 0x66, 0x79, 0x57, 0x72, 0x69, 0x74, 0x65, 0x52, 0x6f, 0x77, 0x52, 0x65, 0x71,
+	0x75, 0x65, 0x73, 0x74, 0x1a, 0x2e, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x62, 0x69,
+	0x67, 0x74, 0x61, 0x62, 0x6c, 0x65, 0x2e, 0x76, 0x32, 0x2e, 0x52, 0x65, 0x61, 0x64, 0x4d, 0x6f,
+	0x64, 0x69, 0x66, 0x79, 0x57, 0x72, 0x69, 0x74, 0x65, 0x52, 0x6f, 0x77, 0x52, 0x65, 0x73, 0x70,
+	0x6f, 0x6e, 0x73, 0x65, 0x22, 0x93, 0x01, 0x82, 0xd3, 0xe4, 0x93, 0x02, 0x48, 0x22, 0x43, 0x2f,
+	0x76, 0x32, 0x2f, 0x7b, 0x74, 0x61, 0x62, 0x6c, 0x65, 0x5f, 0x6e, 0x61, 0x6d, 0x65, 0x3d, 0x70,
+	0x72, 0x6f, 0x6a, 0x65, 0x63, 0x74, 0x73, 0x2f, 0x2a, 0x2f, 0x69, 0x6e, 0x73, 0x74, 0x61, 0x6e,
+	0x63, 0x65, 0x73, 0x2f, 0x2a, 0x2f, 0x74, 0x61, 0x62, 0x6c, 0x65, 0x73, 0x2f, 0x2a, 0x7d, 0x3a,
+	0x72, 0x65, 0x61, 0x64, 0x4d, 0x6f, 0x64, 0x69, 0x66, 0x79, 0x57, 0x72, 0x69, 0x74, 0x65, 0x52,
+	0x6f, 0x77, 0x3a, 0x01, 0x2a, 0xda, 0x41, 0x18, 0x74, 0x61, 0x62, 0x6c, 0x65, 0x5f, 0x6e, 0x61,
+	0x6d, 0x65, 0x2c, 0x72, 0x6f, 0x77, 0x5f, 0x6b, 0x65, 0x79, 0x2c, 0x72, 0x75, 0x6c, 0x65, 0x73,
+	0xda, 0x41, 0x27, 0x74, 0x61, 0x62, 0x6c, 0x65, 0x5f, 0x6e, 0x61, 0x6d, 0x65, 0x2c, 0x72, 0x6f,
+	0x77, 0x5f, 0x6b, 0x65, 0x79, 0x2c, 0x72, 0x75, 0x6c, 0x65, 0x73, 0x2c, 0x61, 0x70, 0x70, 0x5f,
+	0x70, 0x72, 0x6f, 0x66, 0x69, 0x6c, 0x65, 0x5f, 0x69, 0x64, 0x1a, 0xdb, 0x02, 0xca, 0x41, 0x17,
+	0x62, 0x69, 0x67, 0x74, 0x61, 0x62, 0x6c, 0x65, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x61,
+	0x70, 0x69, 0x73, 0x2e, 0x63, 0x6f, 0x6d, 0xd2, 0x41, 0xbd, 0x02, 0x68, 0x74, 0x74, 0x70, 0x73,
 	0x3a, 0x2f, 0x2f, 0x77, 0x77, 0x77, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x61, 0x70, 0x69,
 	0x73, 0x2e, 0x63, 0x6f, 0x6d, 0x2f, 0x61, 0x75, 0x74, 0x68, 0x2f, 0x62, 0x69, 0x67, 0x74, 0x61,
-	0x62, 0x6c, 0x65, 0x2e, 0x64, 0x61, 0x74, 0x61, 0x2e, 0x72, 0x65, 0x61, 0x64, 0x6f, 0x6e, 0x6c,
-	0x79, 0x2c, 0x68, 0x74, 0x74, 0x70, 0x73, 0x3a, 0x2f, 0x2f, 0x77, 0x77, 0x77, 0x2e, 0x67, 0x6f,
-	0x6f, 0x67, 0x6c, 0x65, 0x61, 0x70, 0x69, 0x73, 0x2e, 0x63, 0x6f, 0x6d, 0x2f, 0x61, 0x75, 0x74,
-	0x68, 0x2f, 0x63, 0x6c, 0x6f, 0x75, 0x64, 0x2d, 0x62, 0x69, 0x67, 0x74, 0x61, 0x62, 0x6c, 0x65,
-	0x2e, 0x64, 0x61, 0x74, 0x61, 0x2c, 0x68, 0x74, 0x74, 0x70, 0x73, 0x3a, 0x2f, 0x2f, 0x77, 0x77,
-	0x77, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x61, 0x70, 0x69, 0x73, 0x2e, 0x63, 0x6f, 0x6d,
-	0x2f, 0x61, 0x75, 0x74, 0x68, 0x2f, 0x63, 0x6c, 0x6f, 0x75, 0x64, 0x2d, 0x62, 0x69, 0x67, 0x74,
-	0x61, 0x62, 0x6c, 0x65, 0x2e, 0x64, 0x61, 0x74, 0x61, 0x2e, 0x72, 0x65, 0x61, 0x64, 0x6f, 0x6e,
-	0x6c, 0x79, 0x2c, 0x68, 0x74, 0x74, 0x70, 0x73, 0x3a, 0x2f, 0x2f, 0x77, 0x77, 0x77, 0x2e, 0x67,
-	0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x61, 0x70, 0x69, 0x73, 0x2e, 0x63, 0x6f, 0x6d, 0x2f, 0x61, 0x75,
-	0x74, 0x68, 0x2f, 0x63, 0x6c, 0x6f, 0x75, 0x64, 0x2d, 0x70, 0x6c, 0x61, 0x74, 0x66, 0x6f, 0x72,
-	0x6d, 0x2c, 0x68, 0x74, 0x74, 0x70, 0x73, 0x3a, 0x2f, 0x2f, 0x77, 0x77, 0x77, 0x2e, 0x67, 0x6f,
-	0x6f, 0x67, 0x6c, 0x65, 0x61, 0x70, 0x69, 0x73, 0x2e, 0x63, 0x6f, 0x6d, 0x2f, 0x61, 0x75, 0x74,
-	0x68, 0x2f, 0x63, 0x6c, 0x6f, 0x75, 0x64, 0x2d, 0x70, 0x6c, 0x61, 0x74, 0x66, 0x6f, 0x72, 0x6d,
-	0x2e, 0x72, 0x65, 0x61, 0x64, 0x2d, 0x6f, 0x6e, 0x6c, 0x79, 0x42, 0x93, 0x02, 0x0a, 0x16, 0x63,
-	0x6f, 0x6d, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x62, 0x69, 0x67, 0x74, 0x61, 0x62,
-	0x6c, 0x65, 0x2e, 0x76, 0x32, 0x42, 0x0d, 0x42, 0x69, 0x67, 0x74, 0x61, 0x62, 0x6c, 0x65, 0x50,
-	0x72, 0x6f, 0x74, 0x6f, 0x50, 0x01, 0x5a, 0x3a, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x67,
-	0x6f, 0x6c, 0x61, 0x6e, 0x67, 0x2e, 0x6f, 0x72, 0x67, 0x2f, 0x67, 0x65, 0x6e, 0x70, 0x72, 0x6f,
-	0x74, 0x6f, 0x2f, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x61, 0x70, 0x69, 0x73, 0x2f, 0x62, 0x69,
-	0x67, 0x74, 0x61, 0x62, 0x6c, 0x65, 0x2f, 0x76, 0x32, 0x3b, 0x62, 0x69, 0x67, 0x74, 0x61, 0x62,
-	0x6c, 0x65, 0xaa, 0x02, 0x18, 0x47, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x43, 0x6c, 0x6f, 0x75,
-	0x64, 0x2e, 0x42, 0x69, 0x67, 0x74, 0x61, 0x62, 0x6c, 0x65, 0x2e, 0x56, 0x32, 0xca, 0x02, 0x18,
-	0x47, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x5c, 0x43, 0x6c, 0x6f, 0x75, 0x64, 0x5c, 0x42, 0x69, 0x67,
-	0x74, 0x61, 0x62, 0x6c, 0x65, 0x5c, 0x56, 0x32, 0xea, 0x02, 0x1b, 0x47, 0x6f, 0x6f, 0x67, 0x6c,
-	0x65, 0x3a, 0x3a, 0x43, 0x6c, 0x6f, 0x75, 0x64, 0x3a, 0x3a, 0x42, 0x69, 0x67, 0x74, 0x61, 0x62,
-	0x6c, 0x65, 0x3a, 0x3a, 0x56, 0x32, 0xea, 0x41, 0x57, 0x0a, 0x1d, 0x62, 0x69, 0x67, 0x74, 0x61,
-	0x62, 0x6c, 0x65, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x61, 0x70, 0x69, 0x73, 0x2e, 0x63,
-	0x6f, 0x6d, 0x2f, 0x54, 0x61, 0x62, 0x6c, 0x65, 0x12, 0x36, 0x70, 0x72, 0x6f, 0x6a, 0x65, 0x63,
-	0x74, 0x73, 0x2f, 0x7b, 0x70, 0x72, 0x6f, 0x6a, 0x65, 0x63, 0x74, 0x7d, 0x2f, 0x69, 0x6e, 0x73,
-	0x74, 0x61, 0x6e, 0x63, 0x65, 0x73, 0x2f, 0x7b, 0x69, 0x6e, 0x73, 0x74, 0x61, 0x6e, 0x63, 0x65,
-	0x7d, 0x2f, 0x74, 0x61, 0x62, 0x6c, 0x65, 0x73, 0x2f, 0x7b, 0x74, 0x61, 0x62, 0x6c, 0x65, 0x7d,
-	0x62, 0x06, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x33,
+	0x62, 0x6c, 0x65, 0x2e, 0x64, 0x61, 0x74, 0x61, 0x2c, 0x68, 0x74, 0x74, 0x70, 0x73, 0x3a, 0x2f,
+	0x2f, 0x77, 0x77, 0x77, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x61, 0x70, 0x69, 0x73, 0x2e,
+	0x63, 0x6f, 0x6d, 0x2f, 0x61, 0x75, 0x74, 0x68, 0x2f, 0x62, 0x69, 0x67, 0x74, 0x61, 0x62, 0x6c,
+	0x65, 0x2e, 0x64, 0x61, 0x74, 0x61, 0x2e, 0x72, 0x65, 0x61, 0x64, 0x6f, 0x6e, 0x6c, 0x79, 0x2c,
+	0x68, 0x74, 0x74, 0x70, 0x73, 0x3a, 0x2f, 0x2f, 0x77, 0x77, 0x77, 0x2e, 0x67, 0x6f, 0x6f, 0x67,
+	0x6c, 0x65, 0x61, 0x70, 0x69, 0x73, 0x2e, 0x63, 0x6f, 0x6d, 0x2f, 0x61, 0x75, 0x74, 0x68, 0x2f,
+	0x63, 0x6c, 0x6f, 0x75, 0x64, 0x2d, 0x62, 0x69, 0x67, 0x74, 0x61, 0x62, 0x6c, 0x65, 0x2e, 0x64,
+	0x61, 0x74, 0x61, 0x2c, 0x68, 0x74, 0x74, 0x70, 0x73, 0x3a, 0x2f, 0x2f, 0x77, 0x77, 0x77, 0x2e,
+	0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x61, 0x70, 0x69, 0x73, 0x2e, 0x63, 0x6f, 0x6d, 0x2f, 0x61,
+	0x75, 0x74, 0x68, 0x2f, 0x63, 0x6c, 0x6f, 0x75, 0x64, 0x2d, 0x62, 0x69, 0x67, 0x74, 0x61, 0x62,
+	0x6c, 0x65, 0x2e, 0x64, 0x61, 0x74, 0x61, 0x2e, 0x72, 0x65, 0x61, 0x64, 0x6f, 0x6e, 0x6c, 0x79,
+	0x2c, 0x68, 0x74, 0x74, 0x70, 0x73, 0x3a, 0x2f, 0x2f, 0x77, 0x77, 0x77, 0x2e, 0x67, 0x6f, 0x6f,
+	0x67, 0x6c, 0x65, 0x61, 0x70, 0x69, 0x73, 0x2e, 0x63, 0x6f, 0x6d, 0x2f, 0x61, 0x75, 0x74, 0x68,
+	0x2f, 0x63, 0x6c, 0x6f, 0x75, 0x64, 0x2d, 0x70, 0x6c, 0x61, 0x74, 0x66, 0x6f, 0x72, 0x6d, 0x2c,
+	0x68, 0x74, 0x74, 0x70, 0x73, 0x3a, 0x2f, 0x2f, 0x77, 0x77, 0x77, 0x2e, 0x67, 0x6f, 0x6f, 0x67,
+	0x6c, 0x65, 0x61, 0x70, 0x69, 0x73, 0x2e, 0x63, 0x6f, 0x6d, 0x2f, 0x61, 0x75, 0x74, 0x68, 0x2f,
+	0x63, 0x6c, 0x6f, 0x75, 0x64, 0x2d, 0x70, 0x6c, 0x61, 0x74, 0x66, 0x6f, 0x72, 0x6d, 0x2e, 0x72,
+	0x65, 0x61, 0x64, 0x2d, 0x6f, 0x6e, 0x6c, 0x79, 0x42, 0x98, 0x02, 0x0a, 0x16, 0x63, 0x6f, 0x6d,
+	0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x62, 0x69, 0x67, 0x74, 0x61, 0x62, 0x6c, 0x65,
+	0x2e, 0x76, 0x32, 0x42, 0x0d, 0x42, 0x69, 0x67, 0x74, 0x61, 0x62, 0x6c, 0x65, 0x50, 0x72, 0x6f,
+	0x74, 0x6f, 0x50, 0x01, 0x5a, 0x3a, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x67, 0x6f, 0x6c,
+	0x61, 0x6e, 0x67, 0x2e, 0x6f, 0x72, 0x67, 0x2f, 0x67, 0x65, 0x6e, 0x70, 0x72, 0x6f, 0x74, 0x6f,
+	0x2f, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x61, 0x70, 0x69, 0x73, 0x2f, 0x62, 0x69, 0x67, 0x74,
+	0x61, 0x62, 0x6c, 0x65, 0x2f, 0x76, 0x32, 0x3b, 0x62, 0x69, 0x67, 0x74, 0x61, 0x62, 0x6c, 0x65,
+	0xaa, 0x02, 0x18, 0x47, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x43, 0x6c, 0x6f, 0x75, 0x64, 0x2e,
+	0x42, 0x69, 0x67, 0x74, 0x61, 0x62, 0x6c, 0x65, 0x2e, 0x56, 0x32, 0xca, 0x02, 0x18, 0x47, 0x6f,
+	0x6f, 0x67, 0x6c, 0x65, 0x5c, 0x43, 0x6c, 0x6f, 0x75, 0x64, 0x5c, 0x42, 0x69, 0x67, 0x74, 0x61,
+	0x62, 0x6c, 0x65, 0x5c, 0x56, 0x32, 0xea, 0x02, 0x1b, 0x47, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x3a,
+	0x3a, 0x43, 0x6c, 0x6f, 0x75, 0x64, 0x3a, 0x3a, 0x42, 0x69, 0x67, 0x74, 0x61, 0x62, 0x6c, 0x65,
+	0x3a, 0x3a, 0x56, 0x32, 0xea, 0x41, 0x5c, 0x0a, 0x22, 0x62, 0x69, 0x67, 0x74, 0x61, 0x62, 0x6c,
+	0x65, 0x61, 0x64, 0x6d, 0x69, 0x6e, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x61, 0x70, 0x69,
+	0x73, 0x2e, 0x63, 0x6f, 0x6d, 0x2f, 0x54, 0x61, 0x62, 0x6c, 0x65, 0x12, 0x36, 0x70, 0x72, 0x6f,
+	0x6a, 0x65, 0x63, 0x74, 0x73, 0x2f, 0x7b, 0x70, 0x72, 0x6f, 0x6a, 0x65, 0x63, 0x74, 0x7d, 0x2f,
+	0x69, 0x6e, 0x73, 0x74, 0x61, 0x6e, 0x63, 0x65, 0x73, 0x2f, 0x7b, 0x69, 0x6e, 0x73, 0x74, 0x61,
+	0x6e, 0x63, 0x65, 0x7d, 0x2f, 0x74, 0x61, 0x62, 0x6c, 0x65, 0x73, 0x2f, 0x7b, 0x74, 0x61, 0x62,
+	0x6c, 0x65, 0x7d, 0x62, 0x06, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x33,
 }
 
 var (
diff --git a/vendor/google.golang.org/genproto/googleapis/storage/v2/storage.pb.go b/vendor/google.golang.org/genproto/googleapis/storage/v2/storage.pb.go
index 6452d377d48..321c90b7d36 100644
--- a/vendor/google.golang.org/genproto/googleapis/storage/v2/storage.pb.go
+++ b/vendor/google.golang.org/genproto/googleapis/storage/v2/storage.pb.go
@@ -1288,7 +1288,6 @@ type CommonRequestParams struct {
 	unknownFields protoimpl.UnknownFields
 
 	// Required. Required when using buckets with Requestor Pays feature enabled.
-	// Example: `projects/123456`.
 	UserProject string `protobuf:"bytes,1,opt,name=user_project,json=userProject,proto3" json:"user_project,omitempty"`
 }
 
@@ -1377,19 +1376,12 @@ type Bucket struct {
 	unknownFields protoimpl.UnknownFields
 
 	// Immutable. The name of the bucket.
-	// Global buckets will be of the format `projects/{project}/buckets/{bucket}`.
-	// Other sorts of buckets in the future are not guaranteed to follow this
-	// pattern.
-	// For globally unique bucket names, a `_` may be substituted for the project
-	// ID.
 	Name string `protobuf:"bytes,1,opt,name=name,proto3" json:"name,omitempty"`
 	// Output only. The user-chosen part of the bucket name. The `{bucket}` portion of the
 	// `name` field. For globally unique buckets, this is equal to the "bucket
 	// name" of other Cloud Storage APIs. Example: "pub".
 	BucketId string `protobuf:"bytes,2,opt,name=bucket_id,json=bucketId,proto3" json:"bucket_id,omitempty"`
 	// Immutable. The project which owns this bucket.
-	// Format: projects/{project_number}
-	// Example: `projects/123456`.
 	Project string `protobuf:"bytes,3,opt,name=project,proto3" json:"project,omitempty"`
 	// Output only. The metadata generation of this bucket.
 	// Attempting to set or update this field will result in a
@@ -1956,7 +1948,6 @@ type Object struct {
 	// (bucket, object, generation).
 	Name string `protobuf:"bytes,1,opt,name=name,proto3" json:"name,omitempty"`
 	// Immutable. The name of the bucket containing this object.
-	// Example: `projects/_/buckets/foo`.
 	Bucket string `protobuf:"bytes,2,opt,name=bucket,proto3" json:"bucket,omitempty"`
 	// Immutable. The content generation of this object. Used for object versioning.
 	// Attempting to set or update this field will result in a
diff --git a/vendor/google.golang.org/grpc/.travis.yml b/vendor/google.golang.org/grpc/.travis.yml
index 3e495fa23b9..5847d94e551 100644
--- a/vendor/google.golang.org/grpc/.travis.yml
+++ b/vendor/google.golang.org/grpc/.travis.yml
@@ -35,7 +35,7 @@ install:
 
 script:
   - set -e
-  - if [[ -n "${TESTEXTRAS}" ]]; then examples/examples_test.sh; interop/interop_test.sh; make testsubmodule; exit 0; fi
+  - if [[ -n "${TESTEXTRAS}" ]]; then examples/examples_test.sh; security/advancedtls/examples/examples_test.sh; interop/interop_test.sh; make testsubmodule; exit 0; fi
   - if [[ -n "${VET}" ]]; then ./vet.sh; fi
   - if [[ -n "${GAE}" ]]; then make testappengine; exit 0; fi
   - if [[ -n "${RACE}" ]]; then make testrace; exit 0; fi
diff --git a/vendor/google.golang.org/grpc/Makefile b/vendor/google.golang.org/grpc/Makefile
index 3f661a7879d..1f0722f1624 100644
--- a/vendor/google.golang.org/grpc/Makefile
+++ b/vendor/google.golang.org/grpc/Makefile
@@ -1,13 +1,13 @@
 all: vet test testrace
 
-build: deps
+build:
 	go build google.golang.org/grpc/...
 
 clean:
 	go clean -i google.golang.org/grpc/...
 
 deps:
-	go get -d -v google.golang.org/grpc/...
+	GO111MODULE=on go get -d -v google.golang.org/grpc/...
 
 proto:
 	@ if ! which protoc > /dev/null; then \
@@ -16,30 +16,18 @@ proto:
 	fi
 	go generate google.golang.org/grpc/...
 
-test: testdeps
+test:
 	go test -cpu 1,4 -timeout 7m google.golang.org/grpc/...
 
-testsubmodule: testdeps
+testsubmodule:
 	cd security/advancedtls && go test -cpu 1,4 -timeout 7m google.golang.org/grpc/security/advancedtls/...
 	cd security/authorization && go test -cpu 1,4 -timeout 7m google.golang.org/grpc/security/authorization/...
 
-testappengine: testappenginedeps
-	goapp test -cpu 1,4 -timeout 7m google.golang.org/grpc/...
-
-testappenginedeps:
-	goapp get -d -v -t -tags 'appengine appenginevm' google.golang.org/grpc/...
-
-testdeps:
-	go get -d -v -t google.golang.org/grpc/...
-
-testrace: testdeps
+testrace:
 	go test -race -cpu 1,4 -timeout 7m google.golang.org/grpc/...
 
-updatedeps:
-	go get -d -v -u -f google.golang.org/grpc/...
-
-updatetestdeps:
-	go get -d -v -t -u -f google.golang.org/grpc/...
+testdeps:
+	GO111MODULE=on go get -d -v -t google.golang.org/grpc/...
 
 vet: vetdeps
 	./vet.sh
@@ -51,14 +39,10 @@ vetdeps:
 	all \
 	build \
 	clean \
-	deps \
 	proto \
 	test \
 	testappengine \
 	testappenginedeps \
-	testdeps \
 	testrace \
-	updatedeps \
-	updatetestdeps \
 	vet \
 	vetdeps
diff --git a/vendor/google.golang.org/grpc/SECURITY.md b/vendor/google.golang.org/grpc/SECURITY.md
new file mode 100644
index 00000000000..be6e108705c
--- /dev/null
+++ b/vendor/google.golang.org/grpc/SECURITY.md
@@ -0,0 +1,3 @@
+# Security Policy
+
+For information on gRPC Security Policy and reporting potentional security issues, please see [gRPC CVE Process](https://github.com/grpc/proposal/blob/master/P4-grpc-cve-process.md).
diff --git a/vendor/google.golang.org/grpc/balancer/balancer.go b/vendor/google.golang.org/grpc/balancer/balancer.go
index 8bf359dbfda..ab531f4c0b8 100644
--- a/vendor/google.golang.org/grpc/balancer/balancer.go
+++ b/vendor/google.golang.org/grpc/balancer/balancer.go
@@ -101,6 +101,9 @@ type SubConn interface {
 	// a new connection will be created.
 	//
 	// This will trigger a state transition for the SubConn.
+	//
+	// Deprecated: This method is now part of the ClientConn interface and will
+	// eventually be removed from here.
 	UpdateAddresses([]resolver.Address)
 	// Connect starts the connecting for this SubConn.
 	Connect()
@@ -143,6 +146,13 @@ type ClientConn interface {
 	// RemoveSubConn removes the SubConn from ClientConn.
 	// The SubConn will be shutdown.
 	RemoveSubConn(SubConn)
+	// UpdateAddresses updates the addresses used in the passed in SubConn.
+	// gRPC checks if the currently connected address is still in the new list.
+	// If so, the connection will be kept. Else, the connection will be
+	// gracefully closed, and a new connection will be created.
+	//
+	// This will trigger a state transition for the SubConn.
+	UpdateAddresses(SubConn, []resolver.Address)
 
 	// UpdateState notifies gRPC that the balancer's internal state has
 	// changed.
@@ -174,6 +184,10 @@ type BuildOptions struct {
 	Dialer func(context.Context, string) (net.Conn, error)
 	// ChannelzParentID is the entity parent's channelz unique identification number.
 	ChannelzParentID int64
+	// CustomUserAgent is the custom user agent set on the parent ClientConn.
+	// The balancer should set the same custom user agent if it creates a
+	// ClientConn.
+	CustomUserAgent string
 	// Target contains the parsed address info of the dial target. It is the same resolver.Target as
 	// passed to the resolver.
 	// See the documentation for the resolver.Target type for details about what it contains.
diff --git a/vendor/google.golang.org/grpc/balancer/base/balancer.go b/vendor/google.golang.org/grpc/balancer/base/balancer.go
index 32d782f1cf5..c883efa0bbf 100644
--- a/vendor/google.golang.org/grpc/balancer/base/balancer.go
+++ b/vendor/google.golang.org/grpc/balancer/base/balancer.go
@@ -22,6 +22,7 @@ import (
 	"errors"
 	"fmt"
 
+	"google.golang.org/grpc/attributes"
 	"google.golang.org/grpc/balancer"
 	"google.golang.org/grpc/connectivity"
 	"google.golang.org/grpc/grpclog"
@@ -41,7 +42,7 @@ func (bb *baseBuilder) Build(cc balancer.ClientConn, opt balancer.BuildOptions)
 		cc:            cc,
 		pickerBuilder: bb.pickerBuilder,
 
-		subConns: make(map[resolver.Address]balancer.SubConn),
+		subConns: make(map[resolver.Address]subConnInfo),
 		scStates: make(map[balancer.SubConn]connectivity.State),
 		csEvltr:  &balancer.ConnectivityStateEvaluator{},
 		config:   bb.config,
@@ -57,6 +58,11 @@ func (bb *baseBuilder) Name() string {
 	return bb.name
 }
 
+type subConnInfo struct {
+	subConn balancer.SubConn
+	attrs   *attributes.Attributes
+}
+
 type baseBalancer struct {
 	cc            balancer.ClientConn
 	pickerBuilder PickerBuilder
@@ -64,7 +70,7 @@ type baseBalancer struct {
 	csEvltr *balancer.ConnectivityStateEvaluator
 	state   connectivity.State
 
-	subConns map[resolver.Address]balancer.SubConn
+	subConns map[resolver.Address]subConnInfo // `attributes` is stripped from the keys of this map (the addresses)
 	scStates map[balancer.SubConn]connectivity.State
 	picker   balancer.Picker
 	config   Config
@@ -101,23 +107,49 @@ func (b *baseBalancer) UpdateClientConnState(s balancer.ClientConnState) error {
 	// addrsSet is the set converted from addrs, it's used for quick lookup of an address.
 	addrsSet := make(map[resolver.Address]struct{})
 	for _, a := range s.ResolverState.Addresses {
-		addrsSet[a] = struct{}{}
-		if _, ok := b.subConns[a]; !ok {
+		// Strip attributes from addresses before using them as map keys. So
+		// that when two addresses only differ in attributes pointers (but with
+		// the same attribute content), they are considered the same address.
+		//
+		// Note that this doesn't handle the case where the attribute content is
+		// different. So if users want to set different attributes to create
+		// duplicate connections to the same backend, it doesn't work. This is
+		// fine for now, because duplicate is done by setting Metadata today.
+		//
+		// TODO: read attributes to handle duplicate connections.
+		aNoAttrs := a
+		aNoAttrs.Attributes = nil
+		addrsSet[aNoAttrs] = struct{}{}
+		if scInfo, ok := b.subConns[aNoAttrs]; !ok {
 			// a is a new address (not existing in b.subConns).
+			//
+			// When creating SubConn, the original address with attributes is
+			// passed through. So that connection configurations in attributes
+			// (like creds) will be used.
 			sc, err := b.cc.NewSubConn([]resolver.Address{a}, balancer.NewSubConnOptions{HealthCheckEnabled: b.config.HealthCheck})
 			if err != nil {
 				logger.Warningf("base.baseBalancer: failed to create new SubConn: %v", err)
 				continue
 			}
-			b.subConns[a] = sc
+			b.subConns[aNoAttrs] = subConnInfo{subConn: sc, attrs: a.Attributes}
 			b.scStates[sc] = connectivity.Idle
 			sc.Connect()
+		} else {
+			// Always update the subconn's address in case the attributes
+			// changed.
+			//
+			// The SubConn does a reflect.DeepEqual of the new and old
+			// addresses. So this is a noop if the current address is the same
+			// as the old one (including attributes).
+			scInfo.attrs = a.Attributes
+			b.subConns[aNoAttrs] = scInfo
+			b.cc.UpdateAddresses(scInfo.subConn, []resolver.Address{a})
 		}
 	}
-	for a, sc := range b.subConns {
+	for a, scInfo := range b.subConns {
 		// a was removed by resolver.
 		if _, ok := addrsSet[a]; !ok {
-			b.cc.RemoveSubConn(sc)
+			b.cc.RemoveSubConn(scInfo.subConn)
 			delete(b.subConns, a)
 			// Keep the state of this sc in b.scStates until sc's state becomes Shutdown.
 			// The entry will be deleted in UpdateSubConnState.
@@ -160,9 +192,10 @@ func (b *baseBalancer) regeneratePicker() {
 	readySCs := make(map[balancer.SubConn]SubConnInfo)
 
 	// Filter out all ready SCs from full subConn map.
-	for addr, sc := range b.subConns {
-		if st, ok := b.scStates[sc]; ok && st == connectivity.Ready {
-			readySCs[sc] = SubConnInfo{Address: addr}
+	for addr, scInfo := range b.subConns {
+		if st, ok := b.scStates[scInfo.subConn]; ok && st == connectivity.Ready {
+			addr.Attributes = scInfo.attrs
+			readySCs[scInfo.subConn] = SubConnInfo{Address: addr}
 		}
 	}
 	b.picker = b.pickerBuilder.Build(PickerBuildInfo{ReadySCs: readySCs})
diff --git a/vendor/google.golang.org/grpc/balancer/grpclb/grpc_lb_v1/load_balancer.pb.go b/vendor/google.golang.org/grpc/balancer/grpclb/grpc_lb_v1/load_balancer.pb.go
index 4725858e79d..c393d7ffd3b 100644
--- a/vendor/google.golang.org/grpc/balancer/grpclb/grpc_lb_v1/load_balancer.pb.go
+++ b/vendor/google.golang.org/grpc/balancer/grpclb/grpc_lb_v1/load_balancer.pb.go
@@ -20,17 +20,17 @@
 // Code generated by protoc-gen-go. DO NOT EDIT.
 // versions:
 // 	protoc-gen-go v1.25.0
-// 	protoc        v3.3.0
+// 	protoc        v3.14.0
 // source: grpc/lb/v1/load_balancer.proto
 
 package grpc_lb_v1
 
 import (
 	proto "github.com/golang/protobuf/proto"
-	duration "github.com/golang/protobuf/ptypes/duration"
-	timestamp "github.com/golang/protobuf/ptypes/timestamp"
 	protoreflect "google.golang.org/protobuf/reflect/protoreflect"
 	protoimpl "google.golang.org/protobuf/runtime/protoimpl"
+	durationpb "google.golang.org/protobuf/types/known/durationpb"
+	timestamppb "google.golang.org/protobuf/types/known/timestamppb"
 	reflect "reflect"
 	sync "sync"
 )
@@ -246,7 +246,7 @@ type ClientStats struct {
 	unknownFields protoimpl.UnknownFields
 
 	// The timestamp of generating the report.
-	Timestamp *timestamp.Timestamp `protobuf:"bytes,1,opt,name=timestamp,proto3" json:"timestamp,omitempty"`
+	Timestamp *timestamppb.Timestamp `protobuf:"bytes,1,opt,name=timestamp,proto3" json:"timestamp,omitempty"`
 	// The total number of RPCs that started.
 	NumCallsStarted int64 `protobuf:"varint,2,opt,name=num_calls_started,json=numCallsStarted,proto3" json:"num_calls_started,omitempty"`
 	// The total number of RPCs that finished.
@@ -292,7 +292,7 @@ func (*ClientStats) Descriptor() ([]byte, []int) {
 	return file_grpc_lb_v1_load_balancer_proto_rawDescGZIP(), []int{3}
 }
 
-func (x *ClientStats) GetTimestamp() *timestamp.Timestamp {
+func (x *ClientStats) GetTimestamp() *timestamppb.Timestamp {
 	if x != nil {
 		return x.Timestamp
 	}
@@ -479,7 +479,7 @@ type InitialLoadBalanceResponse struct {
 	// This interval defines how often the client should send the client stats
 	// to the load balancer. Stats should only be reported when the duration is
 	// positive.
-	ClientStatsReportInterval *duration.Duration `protobuf:"bytes,2,opt,name=client_stats_report_interval,json=clientStatsReportInterval,proto3" json:"client_stats_report_interval,omitempty"`
+	ClientStatsReportInterval *durationpb.Duration `protobuf:"bytes,2,opt,name=client_stats_report_interval,json=clientStatsReportInterval,proto3" json:"client_stats_report_interval,omitempty"`
 }
 
 func (x *InitialLoadBalanceResponse) Reset() {
@@ -514,7 +514,7 @@ func (*InitialLoadBalanceResponse) Descriptor() ([]byte, []int) {
 	return file_grpc_lb_v1_load_balancer_proto_rawDescGZIP(), []int{6}
 }
 
-func (x *InitialLoadBalanceResponse) GetClientStatsReportInterval() *duration.Duration {
+func (x *InitialLoadBalanceResponse) GetClientStatsReportInterval() *durationpb.Duration {
 	if x != nil {
 		return x.ClientStatsReportInterval
 	}
@@ -793,8 +793,8 @@ var file_grpc_lb_v1_load_balancer_proto_goTypes = []interface{}{
 	(*InitialLoadBalanceResponse)(nil), // 6: grpc.lb.v1.InitialLoadBalanceResponse
 	(*ServerList)(nil),                 // 7: grpc.lb.v1.ServerList
 	(*Server)(nil),                     // 8: grpc.lb.v1.Server
-	(*timestamp.Timestamp)(nil),        // 9: google.protobuf.Timestamp
-	(*duration.Duration)(nil),          // 10: google.protobuf.Duration
+	(*timestamppb.Timestamp)(nil),      // 9: google.protobuf.Timestamp
+	(*durationpb.Duration)(nil),        // 10: google.protobuf.Duration
 }
 var file_grpc_lb_v1_load_balancer_proto_depIdxs = []int32{
 	1,  // 0: grpc.lb.v1.LoadBalanceRequest.initial_request:type_name -> grpc.lb.v1.InitialLoadBalanceRequest
diff --git a/vendor/google.golang.org/grpc/balancer/grpclb/grpc_lb_v1/load_balancer_grpc.pb.go b/vendor/google.golang.org/grpc/balancer/grpclb/grpc_lb_v1/load_balancer_grpc.pb.go
index b28b7341dba..50cc9da4a90 100644
--- a/vendor/google.golang.org/grpc/balancer/grpclb/grpc_lb_v1/load_balancer_grpc.pb.go
+++ b/vendor/google.golang.org/grpc/balancer/grpclb/grpc_lb_v1/load_balancer_grpc.pb.go
@@ -1,4 +1,8 @@
 // Code generated by protoc-gen-go-grpc. DO NOT EDIT.
+// versions:
+// - protoc-gen-go-grpc v1.1.0
+// - protoc             v3.14.0
+// source: grpc/lb/v1/load_balancer.proto
 
 package grpc_lb_v1
 
@@ -11,6 +15,7 @@ import (
 
 // This is a compile-time assertion to ensure that this generated file
 // is compatible with the grpc package it is being compiled against.
+// Requires gRPC-Go v1.32.0 or later.
 const _ = grpc.SupportPackageIsVersion7
 
 // LoadBalancerClient is the client API for LoadBalancer service.
@@ -30,7 +35,7 @@ func NewLoadBalancerClient(cc grpc.ClientConnInterface) LoadBalancerClient {
 }
 
 func (c *loadBalancerClient) BalanceLoad(ctx context.Context, opts ...grpc.CallOption) (LoadBalancer_BalanceLoadClient, error) {
-	stream, err := c.cc.NewStream(ctx, &_LoadBalancer_serviceDesc.Streams[0], "/grpc.lb.v1.LoadBalancer/BalanceLoad", opts...)
+	stream, err := c.cc.NewStream(ctx, &LoadBalancer_ServiceDesc.Streams[0], "/grpc.lb.v1.LoadBalancer/BalanceLoad", opts...)
 	if err != nil {
 		return nil, err
 	}
@@ -83,8 +88,8 @@ type UnsafeLoadBalancerServer interface {
 	mustEmbedUnimplementedLoadBalancerServer()
 }
 
-func RegisterLoadBalancerServer(s *grpc.Server, srv LoadBalancerServer) {
-	s.RegisterService(&_LoadBalancer_serviceDesc, srv)
+func RegisterLoadBalancerServer(s grpc.ServiceRegistrar, srv LoadBalancerServer) {
+	s.RegisterService(&LoadBalancer_ServiceDesc, srv)
 }
 
 func _LoadBalancer_BalanceLoad_Handler(srv interface{}, stream grpc.ServerStream) error {
@@ -113,7 +118,10 @@ func (x *loadBalancerBalanceLoadServer) Recv() (*LoadBalanceRequest, error) {
 	return m, nil
 }
 
-var _LoadBalancer_serviceDesc = grpc.ServiceDesc{
+// LoadBalancer_ServiceDesc is the grpc.ServiceDesc for LoadBalancer service.
+// It's only intended for direct use with grpc.RegisterService,
+// and not to be introspected or modified (even as a copy)
+var LoadBalancer_ServiceDesc = grpc.ServiceDesc{
 	ServiceName: "grpc.lb.v1.LoadBalancer",
 	HandlerType: (*LoadBalancerServer)(nil),
 	Methods:     []grpc.MethodDesc{},
diff --git a/vendor/google.golang.org/grpc/balancer/grpclb/grpclb.go b/vendor/google.golang.org/grpc/balancer/grpclb/grpclb.go
index a7424cf8d2d..a43d8964119 100644
--- a/vendor/google.golang.org/grpc/balancer/grpclb/grpclb.go
+++ b/vendor/google.golang.org/grpc/balancer/grpclb/grpclb.go
@@ -288,7 +288,11 @@ func (lb *lbBalancer) regeneratePicker(resetDrop bool) {
 //
 // The aggregated state is:
 //  - If at least one SubConn in Ready, the aggregated state is Ready;
-//  - Else if at least one SubConn in Connecting, the aggregated state is Connecting;
+//  - Else if at least one SubConn in Connecting or IDLE, the aggregated state is Connecting;
+//    - It's OK to consider IDLE as Connecting. SubConns never stay in IDLE,
+//    they start to connect immediately. But there's a race between the overall
+//    state is reported, and when the new SubConn state arrives. And SubConns
+//    never go back to IDLE.
 //  - Else the aggregated state is TransientFailure.
 func (lb *lbBalancer) aggregateSubConnStates() connectivity.State {
 	var numConnecting uint64
@@ -298,7 +302,7 @@ func (lb *lbBalancer) aggregateSubConnStates() connectivity.State {
 			switch state {
 			case connectivity.Ready:
 				return connectivity.Ready
-			case connectivity.Connecting:
+			case connectivity.Connecting, connectivity.Idle:
 				numConnecting++
 			}
 		}
diff --git a/vendor/google.golang.org/grpc/balancer/grpclb/grpclb_remote_balancer.go b/vendor/google.golang.org/grpc/balancer/grpclb/grpclb_remote_balancer.go
index 8eb45be28e3..5ac8d86bd57 100644
--- a/vendor/google.golang.org/grpc/balancer/grpclb/grpclb_remote_balancer.go
+++ b/vendor/google.golang.org/grpc/balancer/grpclb/grpclb_remote_balancer.go
@@ -35,6 +35,7 @@ import (
 	"google.golang.org/grpc/connectivity"
 	"google.golang.org/grpc/internal/backoff"
 	"google.golang.org/grpc/internal/channelz"
+	imetadata "google.golang.org/grpc/internal/metadata"
 	"google.golang.org/grpc/keepalive"
 	"google.golang.org/grpc/metadata"
 	"google.golang.org/grpc/resolver"
@@ -76,10 +77,7 @@ func (lb *lbBalancer) processServerList(l *lbpb.ServerList) {
 			// net.SplitHostPort() will return too many colons error.
 			ipStr = fmt.Sprintf("[%s]", ipStr)
 		}
-		addr := resolver.Address{
-			Addr:     fmt.Sprintf("%s:%d", ipStr, s.Port),
-			Metadata: &md,
-		}
+		addr := imetadata.Set(resolver.Address{Addr: fmt.Sprintf("%s:%d", ipStr, s.Port)}, md)
 		if logger.V(2) {
 			logger.Infof("lbBalancer: server list entry[%d]: ipStr:|%s|, port:|%d|, load balancer token:|%v|",
 				i, ipStr, s.Port, s.LoadBalanceToken)
@@ -142,7 +140,7 @@ func (lb *lbBalancer) refreshSubConns(backendAddrs []resolver.Address, fallback
 			break
 		}
 		if sc != nil {
-			sc.UpdateAddresses(backendAddrs)
+			lb.cc.cc.UpdateAddresses(sc, backendAddrs)
 			sc.Connect()
 			return
 		}
@@ -163,19 +161,19 @@ func (lb *lbBalancer) refreshSubConns(backendAddrs []resolver.Address, fallback
 	addrsSet := make(map[resolver.Address]struct{})
 	// Create new SubConns.
 	for _, addr := range backendAddrs {
-		addrWithoutMD := addr
-		addrWithoutMD.Metadata = nil
-		addrsSet[addrWithoutMD] = struct{}{}
-		lb.backendAddrsWithoutMetadata = append(lb.backendAddrsWithoutMetadata, addrWithoutMD)
+		addrWithoutAttrs := addr
+		addrWithoutAttrs.Attributes = nil
+		addrsSet[addrWithoutAttrs] = struct{}{}
+		lb.backendAddrsWithoutMetadata = append(lb.backendAddrsWithoutMetadata, addrWithoutAttrs)
 
-		if _, ok := lb.subConns[addrWithoutMD]; !ok {
+		if _, ok := lb.subConns[addrWithoutAttrs]; !ok {
 			// Use addrWithMD to create the SubConn.
 			sc, err := lb.cc.NewSubConn([]resolver.Address{addr}, opts)
 			if err != nil {
 				logger.Warningf("grpclb: failed to create new SubConn: %v", err)
 				continue
 			}
-			lb.subConns[addrWithoutMD] = sc // Use the addr without MD as key for the map.
+			lb.subConns[addrWithoutAttrs] = sc // Use the addr without MD as key for the map.
 			if _, ok := lb.scStates[sc]; !ok {
 				// Only set state of new sc to IDLE. The state could already be
 				// READY for cached SubConns.
@@ -224,6 +222,9 @@ func (lb *lbBalancer) newRemoteBalancerCCWrapper() {
 	if lb.opt.Dialer != nil {
 		dopts = append(dopts, grpc.WithContextDialer(lb.opt.Dialer))
 	}
+	if lb.opt.CustomUserAgent != "" {
+		dopts = append(dopts, grpc.WithUserAgent(lb.opt.CustomUserAgent))
+	}
 	// Explicitly set pickfirst as the balancer.
 	dopts = append(dopts, grpc.WithDefaultServiceConfig(`{"loadBalancingPolicy":"pick_first"}`))
 	dopts = append(dopts, grpc.WithResolvers(lb.manualResolver))
diff --git a/vendor/google.golang.org/grpc/balancer/grpclb/grpclb_util.go b/vendor/google.golang.org/grpc/balancer/grpclb/grpclb_util.go
index 636725e5416..373f04b98d3 100644
--- a/vendor/google.golang.org/grpc/balancer/grpclb/grpclb_util.go
+++ b/vendor/google.golang.org/grpc/balancer/grpclb/grpclb_util.go
@@ -124,16 +124,16 @@ func (ccc *lbCacheClientConn) NewSubConn(addrs []resolver.Address, opts balancer
 	if len(addrs) != 1 {
 		return nil, fmt.Errorf("grpclb calling NewSubConn with addrs of length %v", len(addrs))
 	}
-	addrWithoutMD := addrs[0]
-	addrWithoutMD.Metadata = nil
+	addrWithoutAttrs := addrs[0]
+	addrWithoutAttrs.Attributes = nil
 
 	ccc.mu.Lock()
 	defer ccc.mu.Unlock()
-	if entry, ok := ccc.subConnCache[addrWithoutMD]; ok {
+	if entry, ok := ccc.subConnCache[addrWithoutAttrs]; ok {
 		// If entry is in subConnCache, the SubConn was being deleted.
 		// cancel function will never be nil.
 		entry.cancel()
-		delete(ccc.subConnCache, addrWithoutMD)
+		delete(ccc.subConnCache, addrWithoutAttrs)
 		return entry.sc, nil
 	}
 
@@ -142,7 +142,7 @@ func (ccc *lbCacheClientConn) NewSubConn(addrs []resolver.Address, opts balancer
 		return nil, err
 	}
 
-	ccc.subConnToAddr[scNew] = addrWithoutMD
+	ccc.subConnToAddr[scNew] = addrWithoutAttrs
 	return scNew, nil
 }
 
diff --git a/vendor/google.golang.org/grpc/balancer/weightedroundrobin/weightedroundrobin.go b/vendor/google.golang.org/grpc/balancer/weightedroundrobin/weightedroundrobin.go
new file mode 100644
index 00000000000..4b7d3bfedff
--- /dev/null
+++ b/vendor/google.golang.org/grpc/balancer/weightedroundrobin/weightedroundrobin.go
@@ -0,0 +1,61 @@
+/*
+ *
+ * Copyright 2019 gRPC authors.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ */
+
+// Package weightedroundrobin defines a weighted roundrobin balancer.
+package weightedroundrobin
+
+import (
+	"google.golang.org/grpc/resolver"
+)
+
+// Name is the name of weighted_round_robin balancer.
+const Name = "weighted_round_robin"
+
+// attributeKey is the type used as the key to store AddrInfo in the Attributes
+// field of resolver.Address.
+type attributeKey struct{}
+
+// AddrInfo will be stored inside Address metadata in order to use weighted
+// roundrobin balancer.
+type AddrInfo struct {
+	Weight uint32
+}
+
+// SetAddrInfo returns a copy of addr in which the Attributes field is updated
+// with addrInfo.
+//
+// Experimental
+//
+// Notice: This API is EXPERIMENTAL and may be changed or removed in a
+// later release.
+func SetAddrInfo(addr resolver.Address, addrInfo AddrInfo) resolver.Address {
+	addr.Attributes = addr.Attributes.WithValues(attributeKey{}, addrInfo)
+	return addr
+}
+
+// GetAddrInfo returns the AddrInfo stored in the Attributes fields of addr.
+//
+// Experimental
+//
+// Notice: This API is EXPERIMENTAL and may be changed or removed in a
+// later release.
+func GetAddrInfo(addr resolver.Address) AddrInfo {
+	v := addr.Attributes.Value(attributeKey{})
+	ai, _ := v.(AddrInfo)
+	return ai
+}
diff --git a/vendor/google.golang.org/grpc/balancer_conn_wrappers.go b/vendor/google.golang.org/grpc/balancer_conn_wrappers.go
index 11e592aabb0..4cc7f9159b1 100644
--- a/vendor/google.golang.org/grpc/balancer_conn_wrappers.go
+++ b/vendor/google.golang.org/grpc/balancer_conn_wrappers.go
@@ -163,6 +163,14 @@ func (ccb *ccBalancerWrapper) RemoveSubConn(sc balancer.SubConn) {
 	ccb.cc.removeAddrConn(acbw.getAddrConn(), errConnDrain)
 }
 
+func (ccb *ccBalancerWrapper) UpdateAddresses(sc balancer.SubConn, addrs []resolver.Address) {
+	acbw, ok := sc.(*acBalancerWrapper)
+	if !ok {
+		return
+	}
+	acbw.UpdateAddresses(addrs)
+}
+
 func (ccb *ccBalancerWrapper) UpdateState(s balancer.State) {
 	ccb.mu.Lock()
 	defer ccb.mu.Unlock()
@@ -197,7 +205,7 @@ func (acbw *acBalancerWrapper) UpdateAddresses(addrs []resolver.Address) {
 	acbw.mu.Lock()
 	defer acbw.mu.Unlock()
 	if len(addrs) <= 0 {
-		acbw.ac.tearDown(errConnDrain)
+		acbw.ac.cc.removeAddrConn(acbw.ac, errConnDrain)
 		return
 	}
 	if !acbw.ac.tryUpdateAddrs(addrs) {
@@ -212,7 +220,7 @@ func (acbw *acBalancerWrapper) UpdateAddresses(addrs []resolver.Address) {
 		acbw.ac.acbw = nil
 		acbw.ac.mu.Unlock()
 		acState := acbw.ac.getState()
-		acbw.ac.tearDown(errConnDrain)
+		acbw.ac.cc.removeAddrConn(acbw.ac, errConnDrain)
 
 		if acState == connectivity.Shutdown {
 			return
diff --git a/vendor/google.golang.org/grpc/binarylog/grpc_binarylog_v1/binarylog.pb.go b/vendor/google.golang.org/grpc/binarylog/grpc_binarylog_v1/binarylog.pb.go
index da047296761..ed75290cdf3 100644
--- a/vendor/google.golang.org/grpc/binarylog/grpc_binarylog_v1/binarylog.pb.go
+++ b/vendor/google.golang.org/grpc/binarylog/grpc_binarylog_v1/binarylog.pb.go
@@ -19,17 +19,17 @@
 // Code generated by protoc-gen-go. DO NOT EDIT.
 // versions:
 // 	protoc-gen-go v1.25.0
-// 	protoc        v3.3.0
+// 	protoc        v3.14.0
 // source: grpc/binlog/v1/binarylog.proto
 
 package grpc_binarylog_v1
 
 import (
 	proto "github.com/golang/protobuf/proto"
-	duration "github.com/golang/protobuf/ptypes/duration"
-	timestamp "github.com/golang/protobuf/ptypes/timestamp"
 	protoreflect "google.golang.org/protobuf/reflect/protoreflect"
 	protoimpl "google.golang.org/protobuf/runtime/protoimpl"
+	durationpb "google.golang.org/protobuf/types/known/durationpb"
+	timestamppb "google.golang.org/protobuf/types/known/timestamppb"
 	reflect "reflect"
 	sync "sync"
 )
@@ -243,7 +243,7 @@ type GrpcLogEntry struct {
 	unknownFields protoimpl.UnknownFields
 
 	// The timestamp of the binary log message
-	Timestamp *timestamp.Timestamp `protobuf:"bytes,1,opt,name=timestamp,proto3" json:"timestamp,omitempty"`
+	Timestamp *timestamppb.Timestamp `protobuf:"bytes,1,opt,name=timestamp,proto3" json:"timestamp,omitempty"`
 	// Uniquely identifies a call. The value must not be 0 in order to disambiguate
 	// from an unset value.
 	// Each call may have several log entries, they will all have the same call_id.
@@ -308,7 +308,7 @@ func (*GrpcLogEntry) Descriptor() ([]byte, []int) {
 	return file_grpc_binlog_v1_binarylog_proto_rawDescGZIP(), []int{0}
 }
 
-func (x *GrpcLogEntry) GetTimestamp() *timestamp.Timestamp {
+func (x *GrpcLogEntry) GetTimestamp() *timestamppb.Timestamp {
 	if x != nil {
 		return x.Timestamp
 	}
@@ -439,7 +439,7 @@ type ClientHeader struct {
 	// <host> or <host>:<port> .
 	Authority string `protobuf:"bytes,3,opt,name=authority,proto3" json:"authority,omitempty"`
 	// the RPC timeout
-	Timeout *duration.Duration `protobuf:"bytes,4,opt,name=timeout,proto3" json:"timeout,omitempty"`
+	Timeout *durationpb.Duration `protobuf:"bytes,4,opt,name=timeout,proto3" json:"timeout,omitempty"`
 }
 
 func (x *ClientHeader) Reset() {
@@ -495,7 +495,7 @@ func (x *ClientHeader) GetAuthority() string {
 	return ""
 }
 
-func (x *ClientHeader) GetTimeout() *duration.Duration {
+func (x *ClientHeader) GetTimeout() *durationpb.Duration {
 	if x != nil {
 		return x.Timeout
 	}
@@ -1020,19 +1020,19 @@ func file_grpc_binlog_v1_binarylog_proto_rawDescGZIP() []byte {
 var file_grpc_binlog_v1_binarylog_proto_enumTypes = make([]protoimpl.EnumInfo, 3)
 var file_grpc_binlog_v1_binarylog_proto_msgTypes = make([]protoimpl.MessageInfo, 8)
 var file_grpc_binlog_v1_binarylog_proto_goTypes = []interface{}{
-	(GrpcLogEntry_EventType)(0), // 0: grpc.binarylog.v1.GrpcLogEntry.EventType
-	(GrpcLogEntry_Logger)(0),    // 1: grpc.binarylog.v1.GrpcLogEntry.Logger
-	(Address_Type)(0),           // 2: grpc.binarylog.v1.Address.Type
-	(*GrpcLogEntry)(nil),        // 3: grpc.binarylog.v1.GrpcLogEntry
-	(*ClientHeader)(nil),        // 4: grpc.binarylog.v1.ClientHeader
-	(*ServerHeader)(nil),        // 5: grpc.binarylog.v1.ServerHeader
-	(*Trailer)(nil),             // 6: grpc.binarylog.v1.Trailer
-	(*Message)(nil),             // 7: grpc.binarylog.v1.Message
-	(*Metadata)(nil),            // 8: grpc.binarylog.v1.Metadata
-	(*MetadataEntry)(nil),       // 9: grpc.binarylog.v1.MetadataEntry
-	(*Address)(nil),             // 10: grpc.binarylog.v1.Address
-	(*timestamp.Timestamp)(nil), // 11: google.protobuf.Timestamp
-	(*duration.Duration)(nil),   // 12: google.protobuf.Duration
+	(GrpcLogEntry_EventType)(0),   // 0: grpc.binarylog.v1.GrpcLogEntry.EventType
+	(GrpcLogEntry_Logger)(0),      // 1: grpc.binarylog.v1.GrpcLogEntry.Logger
+	(Address_Type)(0),             // 2: grpc.binarylog.v1.Address.Type
+	(*GrpcLogEntry)(nil),          // 3: grpc.binarylog.v1.GrpcLogEntry
+	(*ClientHeader)(nil),          // 4: grpc.binarylog.v1.ClientHeader
+	(*ServerHeader)(nil),          // 5: grpc.binarylog.v1.ServerHeader
+	(*Trailer)(nil),               // 6: grpc.binarylog.v1.Trailer
+	(*Message)(nil),               // 7: grpc.binarylog.v1.Message
+	(*Metadata)(nil),              // 8: grpc.binarylog.v1.Metadata
+	(*MetadataEntry)(nil),         // 9: grpc.binarylog.v1.MetadataEntry
+	(*Address)(nil),               // 10: grpc.binarylog.v1.Address
+	(*timestamppb.Timestamp)(nil), // 11: google.protobuf.Timestamp
+	(*durationpb.Duration)(nil),   // 12: google.protobuf.Duration
 }
 var file_grpc_binlog_v1_binarylog_proto_depIdxs = []int32{
 	11, // 0: grpc.binarylog.v1.GrpcLogEntry.timestamp:type_name -> google.protobuf.Timestamp
diff --git a/vendor/google.golang.org/grpc/clientconn.go b/vendor/google.golang.org/grpc/clientconn.go
index cbd671a8531..24109264f55 100644
--- a/vendor/google.golang.org/grpc/clientconn.go
+++ b/vendor/google.golang.org/grpc/clientconn.go
@@ -23,7 +23,6 @@ import (
 	"errors"
 	"fmt"
 	"math"
-	"net"
 	"reflect"
 	"strings"
 	"sync"
@@ -39,6 +38,7 @@ import (
 	"google.golang.org/grpc/internal/channelz"
 	"google.golang.org/grpc/internal/grpcsync"
 	"google.golang.org/grpc/internal/grpcutil"
+	iresolver "google.golang.org/grpc/internal/resolver"
 	"google.golang.org/grpc/internal/transport"
 	"google.golang.org/grpc/keepalive"
 	"google.golang.org/grpc/resolver"
@@ -48,6 +48,7 @@ import (
 	_ "google.golang.org/grpc/balancer/roundrobin"           // To register roundrobin.
 	_ "google.golang.org/grpc/internal/resolver/dns"         // To register dns resolver.
 	_ "google.golang.org/grpc/internal/resolver/passthrough" // To register passthrough resolver.
+	_ "google.golang.org/grpc/internal/resolver/unix"        // To register unix resolver.
 )
 
 const (
@@ -104,6 +105,17 @@ func Dial(target string, opts ...DialOption) (*ClientConn, error) {
 	return DialContext(context.Background(), target, opts...)
 }
 
+type defaultConfigSelector struct {
+	sc *ServiceConfig
+}
+
+func (dcs *defaultConfigSelector) SelectConfig(rpcInfo iresolver.RPCInfo) (*iresolver.RPCConfig, error) {
+	return &iresolver.RPCConfig{
+		Context:      rpcInfo.Context,
+		MethodConfig: getMethodConfig(dcs.sc, rpcInfo.Method),
+	}, nil
+}
+
 // DialContext creates a client connection to the given target. By default, it's
 // a non-blocking dial (the function won't wait for connections to be
 // established, and connecting happens in the background). To make it a blocking
@@ -131,6 +143,7 @@ func DialContext(ctx context.Context, target string, opts ...DialOption) (conn *
 		firstResolveEvent: grpcsync.NewEvent(),
 	}
 	cc.retryThrottler.Store((*retryThrottler)(nil))
+	cc.safeConfigSelector.UpdateConfigSelector(&defaultConfigSelector{nil})
 	cc.ctx, cc.cancel = context.WithCancel(context.Background())
 
 	for _, opt := range opts {
@@ -191,16 +204,6 @@ func DialContext(ctx context.Context, target string, opts ...DialOption) (conn *
 	}
 	cc.mkp = cc.dopts.copts.KeepaliveParams
 
-	if cc.dopts.copts.Dialer == nil {
-		cc.dopts.copts.Dialer = func(ctx context.Context, addr string) (net.Conn, error) {
-			network, addr := parseDialTarget(addr)
-			return (&net.Dialer{}).DialContext(ctx, network, addr)
-		}
-		if cc.dopts.withProxy {
-			cc.dopts.copts.Dialer = newProxyDialer(cc.dopts.copts.Dialer)
-		}
-	}
-
 	if cc.dopts.copts.UserAgent != "" {
 		cc.dopts.copts.UserAgent += " " + grpcUA
 	} else {
@@ -234,6 +237,7 @@ func DialContext(ctx context.Context, target string, opts ...DialOption) (conn *
 		case sc, ok := <-cc.dopts.scChan:
 			if ok {
 				cc.sc = &sc
+				cc.safeConfigSelector.UpdateConfigSelector(&defaultConfigSelector{&sc})
 				scSet = true
 			}
 		default:
@@ -244,8 +248,7 @@ func DialContext(ctx context.Context, target string, opts ...DialOption) (conn *
 	}
 
 	// Determine the resolver to use.
-	cc.parsedTarget = grpcutil.ParseTarget(cc.target)
-	unixScheme := strings.HasPrefix(cc.target, "unix:")
+	cc.parsedTarget = grpcutil.ParseTarget(cc.target, cc.dopts.copts.Dialer != nil)
 	channelz.Infof(logger, cc.channelzID, "parsed scheme: %q", cc.parsedTarget.Scheme)
 	resolverBuilder := cc.getResolver(cc.parsedTarget.Scheme)
 	if resolverBuilder == nil {
@@ -268,8 +271,10 @@ func DialContext(ctx context.Context, target string, opts ...DialOption) (conn *
 		cc.authority = creds.Info().ServerName
 	} else if cc.dopts.insecure && cc.dopts.authority != "" {
 		cc.authority = cc.dopts.authority
-	} else if unixScheme {
+	} else if strings.HasPrefix(cc.target, "unix:") || strings.HasPrefix(cc.target, "unix-abstract:") {
 		cc.authority = "localhost"
+	} else if strings.HasPrefix(cc.parsedTarget.Endpoint, ":") {
+		cc.authority = "localhost" + cc.parsedTarget.Endpoint
 	} else {
 		// Use endpoint from "scheme://authority/endpoint" as the default
 		// authority for ClientConn.
@@ -282,6 +287,7 @@ func DialContext(ctx context.Context, target string, opts ...DialOption) (conn *
 		case sc, ok := <-cc.dopts.scChan:
 			if ok {
 				cc.sc = &sc
+				cc.safeConfigSelector.UpdateConfigSelector(&defaultConfigSelector{&sc})
 			}
 		case <-ctx.Done():
 			return nil, ctx.Err()
@@ -299,6 +305,7 @@ func DialContext(ctx context.Context, target string, opts ...DialOption) (conn *
 		DialCreds:        credsClone,
 		CredsBundle:      cc.dopts.copts.CredsBundle,
 		Dialer:           cc.dopts.copts.Dialer,
+		CustomUserAgent:  cc.dopts.copts.UserAgent,
 		ChannelzParentID: cc.channelzID,
 		Target:           cc.parsedTarget,
 	}
@@ -487,6 +494,8 @@ type ClientConn struct {
 	balancerBuildOpts balancer.BuildOptions
 	blockingpicker    *pickerWrapper
 
+	safeConfigSelector iresolver.SafeConfigSelector
+
 	mu              sync.RWMutex
 	resolverWrapper *ccResolverWrapper
 	sc              *ServiceConfig
@@ -547,6 +556,7 @@ func (cc *ClientConn) scWatcher() {
 			// TODO: load balance policy runtime change is ignored.
 			// We may revisit this decision in the future.
 			cc.sc = &sc
+			cc.safeConfigSelector.UpdateConfigSelector(&defaultConfigSelector{&sc})
 			cc.mu.Unlock()
 		case <-cc.ctx.Done():
 			return
@@ -585,13 +595,13 @@ func init() {
 
 func (cc *ClientConn) maybeApplyDefaultServiceConfig(addrs []resolver.Address) {
 	if cc.sc != nil {
-		cc.applyServiceConfigAndBalancer(cc.sc, addrs)
+		cc.applyServiceConfigAndBalancer(cc.sc, nil, addrs)
 		return
 	}
 	if cc.dopts.defaultServiceConfig != nil {
-		cc.applyServiceConfigAndBalancer(cc.dopts.defaultServiceConfig, addrs)
+		cc.applyServiceConfigAndBalancer(cc.dopts.defaultServiceConfig, &defaultConfigSelector{cc.dopts.defaultServiceConfig}, addrs)
 	} else {
-		cc.applyServiceConfigAndBalancer(emptyServiceConfig, addrs)
+		cc.applyServiceConfigAndBalancer(emptyServiceConfig, &defaultConfigSelector{emptyServiceConfig}, addrs)
 	}
 }
 
@@ -628,7 +638,15 @@ func (cc *ClientConn) updateResolverState(s resolver.State, err error) error {
 		// default, per the error handling design?
 	} else {
 		if sc, ok := s.ServiceConfig.Config.(*ServiceConfig); s.ServiceConfig.Err == nil && ok {
-			cc.applyServiceConfigAndBalancer(sc, s.Addresses)
+			configSelector := iresolver.GetConfigSelector(s)
+			if configSelector != nil {
+				if len(s.ServiceConfig.Config.(*ServiceConfig).Methods) != 0 {
+					channelz.Infof(logger, cc.channelzID, "method configs in service config will be ignored due to presence of config selector")
+				}
+			} else {
+				configSelector = &defaultConfigSelector{sc}
+			}
+			cc.applyServiceConfigAndBalancer(sc, configSelector, s.Addresses)
 		} else {
 			ret = balancer.ErrBadResolverState
 			if cc.balancerWrapper == nil {
@@ -638,6 +656,7 @@ func (cc *ClientConn) updateResolverState(s resolver.State, err error) error {
 				} else {
 					err = status.Errorf(codes.Unavailable, "illegal service config type: %T", s.ServiceConfig.Config)
 				}
+				cc.safeConfigSelector.UpdateConfigSelector(&defaultConfigSelector{cc.sc})
 				cc.blockingpicker.updatePicker(base.NewErrPicker(err))
 				cc.csMgr.updateState(connectivity.TransientFailure)
 				cc.mu.Unlock()
@@ -872,6 +891,20 @@ func (ac *addrConn) tryUpdateAddrs(addrs []resolver.Address) bool {
 	return curAddrFound
 }
 
+func getMethodConfig(sc *ServiceConfig, method string) MethodConfig {
+	if sc == nil {
+		return MethodConfig{}
+	}
+	if m, ok := sc.Methods[method]; ok {
+		return m
+	}
+	i := strings.LastIndex(method, "/")
+	if m, ok := sc.Methods[method[:i+1]]; ok {
+		return m
+	}
+	return sc.Methods[""]
+}
+
 // GetMethodConfig gets the method config of the input method.
 // If there's an exact match for input method (i.e. /service/method), we return
 // the corresponding MethodConfig.
@@ -884,17 +917,7 @@ func (cc *ClientConn) GetMethodConfig(method string) MethodConfig {
 	// TODO: Avoid the locking here.
 	cc.mu.RLock()
 	defer cc.mu.RUnlock()
-	if cc.sc == nil {
-		return MethodConfig{}
-	}
-	if m, ok := cc.sc.Methods[method]; ok {
-		return m
-	}
-	i := strings.LastIndex(method, "/")
-	if m, ok := cc.sc.Methods[method[:i+1]]; ok {
-		return m
-	}
-	return cc.sc.Methods[""]
+	return getMethodConfig(cc.sc, method)
 }
 
 func (cc *ClientConn) healthCheckConfig() *healthCheckConfig {
@@ -917,12 +940,15 @@ func (cc *ClientConn) getTransport(ctx context.Context, failfast bool, method st
 	return t, done, nil
 }
 
-func (cc *ClientConn) applyServiceConfigAndBalancer(sc *ServiceConfig, addrs []resolver.Address) {
+func (cc *ClientConn) applyServiceConfigAndBalancer(sc *ServiceConfig, configSelector iresolver.ConfigSelector, addrs []resolver.Address) {
 	if sc == nil {
 		// should never reach here.
 		return
 	}
 	cc.sc = sc
+	if configSelector != nil {
+		cc.safeConfigSelector.UpdateConfigSelector(configSelector)
+	}
 
 	if cc.sc.retryThrottling != nil {
 		newThrottler := &retryThrottler{
@@ -1172,7 +1198,7 @@ func (ac *addrConn) resetTransport() {
 		ac.mu.Lock()
 		if ac.state == connectivity.Shutdown {
 			ac.mu.Unlock()
-			newTr.Close()
+			newTr.Close(fmt.Errorf("reached connectivity state: SHUTDOWN"))
 			return
 		}
 		ac.curAddr = addr
@@ -1304,7 +1330,7 @@ func (ac *addrConn) createTransport(addr resolver.Address, copts transport.Conne
 	select {
 	case <-time.After(time.Until(connectDeadline)):
 		// We didn't get the preface in time.
-		newTr.Close()
+		newTr.Close(fmt.Errorf("failed to receive server preface within timeout"))
 		channelz.Warningf(logger, ac.channelzID, "grpc: addrConn.createTransport failed to connect to %v: didn't receive server preface in time. Reconnecting...", addr)
 		return nil, nil, errors.New("timed out waiting for server handshake")
 	case <-prefaceReceived:
@@ -1421,10 +1447,9 @@ func (ac *addrConn) getReadyTransport() (transport.ClientTransport, bool) {
 }
 
 // tearDown starts to tear down the addrConn.
-// TODO(zhaoq): Make this synchronous to avoid unbounded memory consumption in
-// some edge cases (e.g., the caller opens and closes many addrConn's in a
-// tight loop.
-// tearDown doesn't remove ac from ac.cc.conns.
+//
+// Note that tearDown doesn't remove ac from ac.cc.conns, so the addrConn struct
+// will leak. In most cases, call cc.removeAddrConn() instead.
 func (ac *addrConn) tearDown(err error) {
 	ac.mu.Lock()
 	if ac.state == connectivity.Shutdown {
diff --git a/vendor/google.golang.org/grpc/credentials/alts/alts.go b/vendor/google.golang.org/grpc/credentials/alts/alts.go
index 729c4b43b5f..579adf210c4 100644
--- a/vendor/google.golang.org/grpc/credentials/alts/alts.go
+++ b/vendor/google.golang.org/grpc/credentials/alts/alts.go
@@ -37,6 +37,7 @@ import (
 	"google.golang.org/grpc/credentials/alts/internal/handshaker/service"
 	altspb "google.golang.org/grpc/credentials/alts/internal/proto/grpc_gcp"
 	"google.golang.org/grpc/grpclog"
+	"google.golang.org/grpc/internal/googlecloud"
 )
 
 const (
@@ -54,6 +55,7 @@ const (
 )
 
 var (
+	vmOnGCP       bool
 	once          sync.Once
 	maxRPCVersion = &altspb.RpcProtocolVersions_Version{
 		Major: protocolVersionMaxMajor,
@@ -149,9 +151,8 @@ func NewServerCreds(opts *ServerOptions) credentials.TransportCredentials {
 
 func newALTS(side core.Side, accounts []string, hsAddress string) credentials.TransportCredentials {
 	once.Do(func() {
-		vmOnGCP = isRunningOnGCP()
+		vmOnGCP = googlecloud.OnGCE()
 	})
-
 	if hsAddress == "" {
 		hsAddress = hypervisorHandshakerServiceAddress
 	}
diff --git a/vendor/google.golang.org/grpc/credentials/alts/internal/proto/grpc_gcp/altscontext.pb.go b/vendor/google.golang.org/grpc/credentials/alts/internal/proto/grpc_gcp/altscontext.pb.go
index e0744eef355..703b48da753 100644
--- a/vendor/google.golang.org/grpc/credentials/alts/internal/proto/grpc_gcp/altscontext.pb.go
+++ b/vendor/google.golang.org/grpc/credentials/alts/internal/proto/grpc_gcp/altscontext.pb.go
@@ -18,7 +18,7 @@
 // Code generated by protoc-gen-go. DO NOT EDIT.
 // versions:
 // 	protoc-gen-go v1.25.0
-// 	protoc        v3.3.0
+// 	protoc        v3.14.0
 // source: grpc/gcp/altscontext.proto
 
 package grpc_gcp
diff --git a/vendor/google.golang.org/grpc/credentials/alts/internal/proto/grpc_gcp/handshaker.pb.go b/vendor/google.golang.org/grpc/credentials/alts/internal/proto/grpc_gcp/handshaker.pb.go
index ed94ab265bb..40570e9bf2d 100644
--- a/vendor/google.golang.org/grpc/credentials/alts/internal/proto/grpc_gcp/handshaker.pb.go
+++ b/vendor/google.golang.org/grpc/credentials/alts/internal/proto/grpc_gcp/handshaker.pb.go
@@ -18,7 +18,7 @@
 // Code generated by protoc-gen-go. DO NOT EDIT.
 // versions:
 // 	protoc-gen-go v1.25.0
-// 	protoc        v3.3.0
+// 	protoc        v3.14.0
 // source: grpc/gcp/handshaker.proto
 
 package grpc_gcp
diff --git a/vendor/google.golang.org/grpc/credentials/alts/internal/proto/grpc_gcp/handshaker_grpc.pb.go b/vendor/google.golang.org/grpc/credentials/alts/internal/proto/grpc_gcp/handshaker_grpc.pb.go
index d27bd063ee2..a02c4582815 100644
--- a/vendor/google.golang.org/grpc/credentials/alts/internal/proto/grpc_gcp/handshaker_grpc.pb.go
+++ b/vendor/google.golang.org/grpc/credentials/alts/internal/proto/grpc_gcp/handshaker_grpc.pb.go
@@ -1,4 +1,8 @@
 // Code generated by protoc-gen-go-grpc. DO NOT EDIT.
+// versions:
+// - protoc-gen-go-grpc v1.1.0
+// - protoc             v3.14.0
+// source: grpc/gcp/handshaker.proto
 
 package grpc_gcp
 
@@ -11,6 +15,7 @@ import (
 
 // This is a compile-time assertion to ensure that this generated file
 // is compatible with the grpc package it is being compiled against.
+// Requires gRPC-Go v1.32.0 or later.
 const _ = grpc.SupportPackageIsVersion7
 
 // HandshakerServiceClient is the client API for HandshakerService service.
@@ -35,7 +40,7 @@ func NewHandshakerServiceClient(cc grpc.ClientConnInterface) HandshakerServiceCl
 }
 
 func (c *handshakerServiceClient) DoHandshake(ctx context.Context, opts ...grpc.CallOption) (HandshakerService_DoHandshakeClient, error) {
-	stream, err := c.cc.NewStream(ctx, &_HandshakerService_serviceDesc.Streams[0], "/grpc.gcp.HandshakerService/DoHandshake", opts...)
+	stream, err := c.cc.NewStream(ctx, &HandshakerService_ServiceDesc.Streams[0], "/grpc.gcp.HandshakerService/DoHandshake", opts...)
 	if err != nil {
 		return nil, err
 	}
@@ -95,8 +100,8 @@ type UnsafeHandshakerServiceServer interface {
 	mustEmbedUnimplementedHandshakerServiceServer()
 }
 
-func RegisterHandshakerServiceServer(s *grpc.Server, srv HandshakerServiceServer) {
-	s.RegisterService(&_HandshakerService_serviceDesc, srv)
+func RegisterHandshakerServiceServer(s grpc.ServiceRegistrar, srv HandshakerServiceServer) {
+	s.RegisterService(&HandshakerService_ServiceDesc, srv)
 }
 
 func _HandshakerService_DoHandshake_Handler(srv interface{}, stream grpc.ServerStream) error {
@@ -125,7 +130,10 @@ func (x *handshakerServiceDoHandshakeServer) Recv() (*HandshakerReq, error) {
 	return m, nil
 }
 
-var _HandshakerService_serviceDesc = grpc.ServiceDesc{
+// HandshakerService_ServiceDesc is the grpc.ServiceDesc for HandshakerService service.
+// It's only intended for direct use with grpc.RegisterService,
+// and not to be introspected or modified (even as a copy)
+var HandshakerService_ServiceDesc = grpc.ServiceDesc{
 	ServiceName: "grpc.gcp.HandshakerService",
 	HandlerType: (*HandshakerServiceServer)(nil),
 	Methods:     []grpc.MethodDesc{},
diff --git a/vendor/google.golang.org/grpc/credentials/alts/internal/proto/grpc_gcp/transport_security_common.pb.go b/vendor/google.golang.org/grpc/credentials/alts/internal/proto/grpc_gcp/transport_security_common.pb.go
index 922b531a55c..4fc3c79d6a3 100644
--- a/vendor/google.golang.org/grpc/credentials/alts/internal/proto/grpc_gcp/transport_security_common.pb.go
+++ b/vendor/google.golang.org/grpc/credentials/alts/internal/proto/grpc_gcp/transport_security_common.pb.go
@@ -18,7 +18,7 @@
 // Code generated by protoc-gen-go. DO NOT EDIT.
 // versions:
 // 	protoc-gen-go v1.25.0
-// 	protoc        v3.3.0
+// 	protoc        v3.14.0
 // source: grpc/gcp/transport_security_common.proto
 
 package grpc_gcp
diff --git a/vendor/google.golang.org/grpc/credentials/alts/utils.go b/vendor/google.golang.org/grpc/credentials/alts/utils.go
index 9a300bc19aa..cbfd056cfb1 100644
--- a/vendor/google.golang.org/grpc/credentials/alts/utils.go
+++ b/vendor/google.golang.org/grpc/credentials/alts/utils.go
@@ -21,14 +21,6 @@ package alts
 import (
 	"context"
 	"errors"
-	"fmt"
-	"io"
-	"io/ioutil"
-	"log"
-	"os"
-	"os/exec"
-	"regexp"
-	"runtime"
 	"strings"
 
 	"google.golang.org/grpc/codes"
@@ -36,92 +28,6 @@ import (
 	"google.golang.org/grpc/status"
 )
 
-const (
-	linuxProductNameFile     = "/sys/class/dmi/id/product_name"
-	windowsCheckCommand      = "powershell.exe"
-	windowsCheckCommandArgs  = "Get-WmiObject -Class Win32_BIOS"
-	powershellOutputFilter   = "Manufacturer"
-	windowsManufacturerRegex = ":(.*)"
-)
-
-type platformError string
-
-func (k platformError) Error() string {
-	return fmt.Sprintf("%s is not supported", string(k))
-}
-
-var (
-	// The following two variables will be reassigned in tests.
-	runningOS          = runtime.GOOS
-	manufacturerReader = func() (io.Reader, error) {
-		switch runningOS {
-		case "linux":
-			return os.Open(linuxProductNameFile)
-		case "windows":
-			cmd := exec.Command(windowsCheckCommand, windowsCheckCommandArgs)
-			out, err := cmd.Output()
-			if err != nil {
-				return nil, err
-			}
-
-			for _, line := range strings.Split(strings.TrimSuffix(string(out), "\n"), "\n") {
-				if strings.HasPrefix(line, powershellOutputFilter) {
-					re := regexp.MustCompile(windowsManufacturerRegex)
-					name := re.FindString(line)
-					name = strings.TrimLeft(name, ":")
-					return strings.NewReader(name), nil
-				}
-			}
-
-			return nil, errors.New("cannot determine the machine's manufacturer")
-		default:
-			return nil, platformError(runningOS)
-		}
-	}
-	vmOnGCP bool
-)
-
-// isRunningOnGCP checks whether the local system, without doing a network request is
-// running on GCP.
-func isRunningOnGCP() bool {
-	manufacturer, err := readManufacturer()
-	if os.IsNotExist(err) {
-		return false
-	}
-	if err != nil {
-		log.Fatalf("failure to read manufacturer information: %v", err)
-	}
-	name := string(manufacturer)
-	switch runningOS {
-	case "linux":
-		name = strings.TrimSpace(name)
-		return name == "Google" || name == "Google Compute Engine"
-	case "windows":
-		name = strings.Replace(name, " ", "", -1)
-		name = strings.Replace(name, "\n", "", -1)
-		name = strings.Replace(name, "\r", "", -1)
-		return name == "Google"
-	default:
-		log.Fatal(platformError(runningOS))
-	}
-	return false
-}
-
-func readManufacturer() ([]byte, error) {
-	reader, err := manufacturerReader()
-	if err != nil {
-		return nil, err
-	}
-	if reader == nil {
-		return nil, errors.New("got nil reader")
-	}
-	manufacturer, err := ioutil.ReadAll(reader)
-	if err != nil {
-		return nil, fmt.Errorf("failed reading %v: %v", linuxProductNameFile, err)
-	}
-	return manufacturer, nil
-}
-
 // AuthInfoFromContext extracts the alts.AuthInfo object from the given context,
 // if it exists. This API should be used by gRPC server RPC handlers to get
 // information about the communicating peer. For client-side, use grpc.Peer()
diff --git a/vendor/google.golang.org/grpc/credentials/credentials.go b/vendor/google.golang.org/grpc/credentials/credentials.go
index 02766443ae7..7eee7e4ec12 100644
--- a/vendor/google.golang.org/grpc/credentials/credentials.go
+++ b/vendor/google.golang.org/grpc/credentials/credentials.go
@@ -30,7 +30,7 @@ import (
 
 	"github.com/golang/protobuf/proto"
 	"google.golang.org/grpc/attributes"
-	"google.golang.org/grpc/internal"
+	icredentials "google.golang.org/grpc/internal/credentials"
 )
 
 // PerRPCCredentials defines the common interface for the credentials which need to
@@ -58,9 +58,9 @@ type PerRPCCredentials interface {
 type SecurityLevel int
 
 const (
-	// Invalid indicates an invalid security level.
+	// InvalidSecurityLevel indicates an invalid security level.
 	// The zero SecurityLevel value is invalid for backward compatibility.
-	Invalid SecurityLevel = iota
+	InvalidSecurityLevel SecurityLevel = iota
 	// NoSecurity indicates a connection is insecure.
 	NoSecurity
 	// IntegrityOnly indicates a connection only provides integrity protection.
@@ -92,7 +92,7 @@ type CommonAuthInfo struct {
 }
 
 // GetCommonAuthInfo returns the pointer to CommonAuthInfo struct.
-func (c *CommonAuthInfo) GetCommonAuthInfo() *CommonAuthInfo {
+func (c CommonAuthInfo) GetCommonAuthInfo() CommonAuthInfo {
 	return c
 }
 
@@ -188,15 +188,12 @@ type RequestInfo struct {
 	AuthInfo AuthInfo
 }
 
-// requestInfoKey is a struct to be used as the key when attaching a RequestInfo to a context object.
-type requestInfoKey struct{}
-
 // RequestInfoFromContext extracts the RequestInfo from the context if it exists.
 //
 // This API is experimental.
 func RequestInfoFromContext(ctx context.Context) (ri RequestInfo, ok bool) {
-	ri, ok = ctx.Value(requestInfoKey{}).(RequestInfo)
-	return
+	ri, ok = icredentials.RequestInfoFromContext(ctx).(RequestInfo)
+	return ri, ok
 }
 
 // ClientHandshakeInfo holds data to be passed to ClientHandshake. This makes
@@ -211,16 +208,12 @@ type ClientHandshakeInfo struct {
 	Attributes *attributes.Attributes
 }
 
-// clientHandshakeInfoKey is a struct used as the key to store
-// ClientHandshakeInfo in a context.
-type clientHandshakeInfoKey struct{}
-
 // ClientHandshakeInfoFromContext returns the ClientHandshakeInfo struct stored
 // in ctx.
 //
 // This API is experimental.
 func ClientHandshakeInfoFromContext(ctx context.Context) ClientHandshakeInfo {
-	chi, _ := ctx.Value(clientHandshakeInfoKey{}).(ClientHandshakeInfo)
+	chi, _ := icredentials.ClientHandshakeInfoFromContext(ctx).(ClientHandshakeInfo)
 	return chi
 }
 
@@ -229,17 +222,16 @@ func ClientHandshakeInfoFromContext(ctx context.Context) ClientHandshakeInfo {
 // or 3) CommonAuthInfo.SecurityLevel has an invalid zero value. For 2) and 3), it is for the purpose of backward-compatibility.
 //
 // This API is experimental.
-func CheckSecurityLevel(ctx context.Context, level SecurityLevel) error {
+func CheckSecurityLevel(ai AuthInfo, level SecurityLevel) error {
 	type internalInfo interface {
-		GetCommonAuthInfo() *CommonAuthInfo
+		GetCommonAuthInfo() CommonAuthInfo
 	}
-	ri, _ := RequestInfoFromContext(ctx)
-	if ri.AuthInfo == nil {
-		return errors.New("unable to obtain SecurityLevel from context")
+	if ai == nil {
+		return errors.New("AuthInfo is nil")
 	}
-	if ci, ok := ri.AuthInfo.(internalInfo); ok {
+	if ci, ok := ai.(internalInfo); ok {
 		// CommonAuthInfo.SecurityLevel has an invalid value.
-		if ci.GetCommonAuthInfo().SecurityLevel == Invalid {
+		if ci.GetCommonAuthInfo().SecurityLevel == InvalidSecurityLevel {
 			return nil
 		}
 		if ci.GetCommonAuthInfo().SecurityLevel < level {
@@ -250,15 +242,6 @@ func CheckSecurityLevel(ctx context.Context, level SecurityLevel) error {
 	return nil
 }
 
-func init() {
-	internal.NewRequestInfoContext = func(ctx context.Context, ri RequestInfo) context.Context {
-		return context.WithValue(ctx, requestInfoKey{}, ri)
-	}
-	internal.NewClientHandshakeInfoContext = func(ctx context.Context, chi ClientHandshakeInfo) context.Context {
-		return context.WithValue(ctx, clientHandshakeInfoKey{}, chi)
-	}
-}
-
 // ChannelzSecurityInfo defines the interface that security protocols should implement
 // in order to provide security info to channelz.
 //
diff --git a/vendor/google.golang.org/grpc/credentials/google/google.go b/vendor/google.golang.org/grpc/credentials/google/google.go
index 7f3e240e475..265d193c7c3 100644
--- a/vendor/google.golang.org/grpc/credentials/google/google.go
+++ b/vendor/google.golang.org/grpc/credentials/google/google.go
@@ -99,6 +99,15 @@ func (c *creds) PerRPCCredentials() credentials.PerRPCCredentials {
 	return c.perRPCCreds
 }
 
+var (
+	newTLS = func() credentials.TransportCredentials {
+		return credentials.NewTLS(nil)
+	}
+	newALTS = func() credentials.TransportCredentials {
+		return alts.NewClientCreds(alts.DefaultClientOptions())
+	}
+)
+
 // NewWithMode should make a copy of Bundle, and switch mode. Modifying the
 // existing Bundle may cause races.
 func (c *creds) NewWithMode(mode string) (credentials.Bundle, error) {
@@ -110,11 +119,11 @@ func (c *creds) NewWithMode(mode string) (credentials.Bundle, error) {
 	// Create transport credentials.
 	switch mode {
 	case internal.CredsBundleModeFallback:
-		newCreds.transportCreds = credentials.NewTLS(nil)
+		newCreds.transportCreds = newClusterTransportCreds(newTLS(), newALTS())
 	case internal.CredsBundleModeBackendFromBalancer, internal.CredsBundleModeBalancer:
 		// Only the clients can use google default credentials, so we only need
 		// to create new ALTS client creds here.
-		newCreds.transportCreds = alts.NewClientCreds(alts.DefaultClientOptions())
+		newCreds.transportCreds = newALTS()
 	default:
 		return nil, fmt.Errorf("unsupported mode: %v", mode)
 	}
diff --git a/vendor/google.golang.org/grpc/credentials/google/xds.go b/vendor/google.golang.org/grpc/credentials/google/xds.go
new file mode 100644
index 00000000000..588c685e259
--- /dev/null
+++ b/vendor/google.golang.org/grpc/credentials/google/xds.go
@@ -0,0 +1,90 @@
+/*
+ *
+ * Copyright 2021 gRPC authors.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ */
+
+package google
+
+import (
+	"context"
+	"net"
+
+	"google.golang.org/grpc/credentials"
+	"google.golang.org/grpc/internal"
+)
+
+const cfeClusterName = "google-cfe"
+
+// clusterTransportCreds is a combo of TLS + ALTS.
+//
+// On the client, ClientHandshake picks TLS or ALTS based on address attributes.
+// - if attributes has cluster name
+//   - if cluster name is "google_cfe", use TLS
+//   - otherwise, use ALTS
+// - else, do TLS
+//
+// On the server, ServerHandshake always does TLS.
+type clusterTransportCreds struct {
+	tls  credentials.TransportCredentials
+	alts credentials.TransportCredentials
+}
+
+func newClusterTransportCreds(tls, alts credentials.TransportCredentials) *clusterTransportCreds {
+	return &clusterTransportCreds{
+		tls:  tls,
+		alts: alts,
+	}
+}
+
+func (c *clusterTransportCreds) ClientHandshake(ctx context.Context, authority string, rawConn net.Conn) (net.Conn, credentials.AuthInfo, error) {
+	chi := credentials.ClientHandshakeInfoFromContext(ctx)
+	if chi.Attributes == nil {
+		return c.tls.ClientHandshake(ctx, authority, rawConn)
+	}
+	cn, ok := internal.GetXDSHandshakeClusterName(chi.Attributes)
+	if !ok || cn == cfeClusterName {
+		return c.tls.ClientHandshake(ctx, authority, rawConn)
+	}
+	// If attributes have cluster name, and cluster name is not cfe, it's a
+	// backend address, use ALTS.
+	return c.alts.ClientHandshake(ctx, authority, rawConn)
+}
+
+func (c *clusterTransportCreds) ServerHandshake(conn net.Conn) (net.Conn, credentials.AuthInfo, error) {
+	return c.tls.ServerHandshake(conn)
+}
+
+func (c *clusterTransportCreds) Info() credentials.ProtocolInfo {
+	// TODO: this always returns tls.Info now, because we don't have a cluster
+	// name to check when this method is called. This method doesn't affect
+	// anything important now. We may want to revisit this if it becomes more
+	// important later.
+	return c.tls.Info()
+}
+
+func (c *clusterTransportCreds) Clone() credentials.TransportCredentials {
+	return &clusterTransportCreds{
+		tls:  c.tls.Clone(),
+		alts: c.alts.Clone(),
+	}
+}
+
+func (c *clusterTransportCreds) OverrideServerName(s string) error {
+	if err := c.tls.OverrideServerName(s); err != nil {
+		return err
+	}
+	return c.alts.OverrideServerName(s)
+}
diff --git a/vendor/google.golang.org/grpc/credentials/insecure/insecure.go b/vendor/google.golang.org/grpc/credentials/insecure/insecure.go
new file mode 100644
index 00000000000..c4fa27c920d
--- /dev/null
+++ b/vendor/google.golang.org/grpc/credentials/insecure/insecure.go
@@ -0,0 +1,74 @@
+/*
+ *
+ * Copyright 2020 gRPC authors.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ */
+
+// Package insecure provides an implementation of the
+// credentials.TransportCredentials interface which disables transport security.
+//
+// Experimental
+//
+// Notice: This package is EXPERIMENTAL and may be changed or removed in a
+// later release.
+package insecure
+
+import (
+	"context"
+	"net"
+
+	"google.golang.org/grpc/credentials"
+)
+
+// NewCredentials returns a credentials which disables transport security.
+func NewCredentials() credentials.TransportCredentials {
+	return insecureTC{}
+}
+
+// insecureTC implements the insecure transport credentials. The handshake
+// methods simply return the passed in net.Conn and set the security level to
+// NoSecurity.
+type insecureTC struct{}
+
+func (insecureTC) ClientHandshake(ctx context.Context, _ string, conn net.Conn) (net.Conn, credentials.AuthInfo, error) {
+	return conn, info{credentials.CommonAuthInfo{SecurityLevel: credentials.NoSecurity}}, nil
+}
+
+func (insecureTC) ServerHandshake(conn net.Conn) (net.Conn, credentials.AuthInfo, error) {
+	return conn, info{credentials.CommonAuthInfo{SecurityLevel: credentials.NoSecurity}}, nil
+}
+
+func (insecureTC) Info() credentials.ProtocolInfo {
+	return credentials.ProtocolInfo{SecurityProtocol: "insecure"}
+}
+
+func (insecureTC) Clone() credentials.TransportCredentials {
+	return insecureTC{}
+}
+
+func (insecureTC) OverrideServerName(string) error {
+	return nil
+}
+
+// info contains the auth information for an insecure connection.
+// It implements the AuthInfo interface.
+type info struct {
+	credentials.CommonAuthInfo
+}
+
+// AuthType returns the type of info as a string.
+func (info) AuthType() string {
+	return "insecure"
+}
diff --git a/vendor/google.golang.org/grpc/credentials/oauth/oauth.go b/vendor/google.golang.org/grpc/credentials/oauth/oauth.go
index 6657055d660..852ae375cfc 100644
--- a/vendor/google.golang.org/grpc/credentials/oauth/oauth.go
+++ b/vendor/google.golang.org/grpc/credentials/oauth/oauth.go
@@ -42,7 +42,8 @@ func (ts TokenSource) GetRequestMetadata(ctx context.Context, uri ...string) (ma
 	if err != nil {
 		return nil, err
 	}
-	if err = credentials.CheckSecurityLevel(ctx, credentials.PrivacyAndIntegrity); err != nil {
+	ri, _ := credentials.RequestInfoFromContext(ctx)
+	if err = credentials.CheckSecurityLevel(ri.AuthInfo, credentials.PrivacyAndIntegrity); err != nil {
 		return nil, fmt.Errorf("unable to transfer TokenSource PerRPCCredentials: %v", err)
 	}
 	return map[string]string{
@@ -84,7 +85,8 @@ func (j jwtAccess) GetRequestMetadata(ctx context.Context, uri ...string) (map[s
 	if err != nil {
 		return nil, err
 	}
-	if err = credentials.CheckSecurityLevel(ctx, credentials.PrivacyAndIntegrity); err != nil {
+	ri, _ := credentials.RequestInfoFromContext(ctx)
+	if err = credentials.CheckSecurityLevel(ri.AuthInfo, credentials.PrivacyAndIntegrity); err != nil {
 		return nil, fmt.Errorf("unable to transfer jwtAccess PerRPCCredentials: %v", err)
 	}
 	return map[string]string{
@@ -107,7 +109,8 @@ func NewOauthAccess(token *oauth2.Token) credentials.PerRPCCredentials {
 }
 
 func (oa oauthAccess) GetRequestMetadata(ctx context.Context, uri ...string) (map[string]string, error) {
-	if err := credentials.CheckSecurityLevel(ctx, credentials.PrivacyAndIntegrity); err != nil {
+	ri, _ := credentials.RequestInfoFromContext(ctx)
+	if err := credentials.CheckSecurityLevel(ri.AuthInfo, credentials.PrivacyAndIntegrity); err != nil {
 		return nil, fmt.Errorf("unable to transfer oauthAccess PerRPCCredentials: %v", err)
 	}
 	return map[string]string{
@@ -144,7 +147,8 @@ func (s *serviceAccount) GetRequestMetadata(ctx context.Context, uri ...string)
 			return nil, err
 		}
 	}
-	if err := credentials.CheckSecurityLevel(ctx, credentials.PrivacyAndIntegrity); err != nil {
+	ri, _ := credentials.RequestInfoFromContext(ctx)
+	if err := credentials.CheckSecurityLevel(ri.AuthInfo, credentials.PrivacyAndIntegrity); err != nil {
 		return nil, fmt.Errorf("unable to transfer serviceAccount PerRPCCredentials: %v", err)
 	}
 	return map[string]string{
diff --git a/vendor/google.golang.org/grpc/credentials/tls/certprovider/distributor.go b/vendor/google.golang.org/grpc/credentials/tls/certprovider/distributor.go
new file mode 100644
index 00000000000..fdb38a663fe
--- /dev/null
+++ b/vendor/google.golang.org/grpc/credentials/tls/certprovider/distributor.go
@@ -0,0 +1,114 @@
+/*
+ *
+ * Copyright 2020 gRPC authors.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ */
+
+package certprovider
+
+import (
+	"context"
+	"sync"
+
+	"google.golang.org/grpc/internal/grpcsync"
+)
+
+// Distributor makes it easy for provider implementations to furnish new key
+// materials by handling synchronization between the producer and consumers of
+// the key material.
+//
+// Provider implementations which choose to use a Distributor should do the
+// following:
+// - create a new Distributor using the NewDistributor() function.
+// - invoke the Set() method whenever they have new key material or errors to
+//   report.
+// - delegate to the distributor when handing calls to KeyMaterial().
+// - invoke the Stop() method when they are done using the distributor.
+type Distributor struct {
+	// mu protects the underlying key material.
+	mu   sync.Mutex
+	km   *KeyMaterial
+	pErr error
+
+	// ready channel to unblock KeyMaterial() invocations blocked on
+	// availability of key material.
+	ready *grpcsync.Event
+	// done channel to notify provider implementations and unblock any
+	// KeyMaterial() calls, once the Distributor is closed.
+	closed *grpcsync.Event
+}
+
+// NewDistributor returns a new Distributor.
+func NewDistributor() *Distributor {
+	return &Distributor{
+		ready:  grpcsync.NewEvent(),
+		closed: grpcsync.NewEvent(),
+	}
+}
+
+// Set updates the key material in the distributor with km.
+//
+// Provider implementations which use the distributor must not modify the
+// contents of the KeyMaterial struct pointed to by km.
+//
+// A non-nil err value indicates the error that the provider implementation ran
+// into when trying to fetch key material, and makes it possible to surface the
+// error to the user. A non-nil error value passed here causes distributor's
+// KeyMaterial() method to return nil key material.
+func (d *Distributor) Set(km *KeyMaterial, err error) {
+	d.mu.Lock()
+	d.km = km
+	d.pErr = err
+	if err != nil {
+		// If a non-nil err is passed, we ignore the key material being passed.
+		d.km = nil
+	}
+	d.ready.Fire()
+	d.mu.Unlock()
+}
+
+// KeyMaterial returns the most recent key material provided to the Distributor.
+// If no key material was provided at the time of this call, it will block until
+// the deadline on the context expires or fresh key material arrives.
+func (d *Distributor) KeyMaterial(ctx context.Context) (*KeyMaterial, error) {
+	if d.closed.HasFired() {
+		return nil, errProviderClosed
+	}
+
+	if d.ready.HasFired() {
+		return d.keyMaterial()
+	}
+
+	select {
+	case <-ctx.Done():
+		return nil, ctx.Err()
+	case <-d.closed.Done():
+		return nil, errProviderClosed
+	case <-d.ready.Done():
+		return d.keyMaterial()
+	}
+}
+
+func (d *Distributor) keyMaterial() (*KeyMaterial, error) {
+	d.mu.Lock()
+	defer d.mu.Unlock()
+	return d.km, d.pErr
+}
+
+// Stop turns down the distributor, releases allocated resources and fails any
+// active KeyMaterial() call waiting for new key material.
+func (d *Distributor) Stop() {
+	d.closed.Fire()
+}
diff --git a/vendor/google.golang.org/grpc/credentials/tls/certprovider/pemfile/builder.go b/vendor/google.golang.org/grpc/credentials/tls/certprovider/pemfile/builder.go
new file mode 100644
index 00000000000..957523caad1
--- /dev/null
+++ b/vendor/google.golang.org/grpc/credentials/tls/certprovider/pemfile/builder.go
@@ -0,0 +1,96 @@
+/*
+ *
+ * Copyright 2020 gRPC authors.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ */
+
+package pemfile
+
+import (
+	"encoding/json"
+	"fmt"
+	"time"
+
+	"google.golang.org/grpc/credentials/tls/certprovider"
+	"google.golang.org/protobuf/encoding/protojson"
+	"google.golang.org/protobuf/types/known/durationpb"
+)
+
+const (
+	pluginName             = "file_watcher"
+	defaultRefreshInterval = 10 * time.Minute
+)
+
+func init() {
+	certprovider.Register(&pluginBuilder{})
+}
+
+type pluginBuilder struct{}
+
+func (p *pluginBuilder) ParseConfig(c interface{}) (*certprovider.BuildableConfig, error) {
+	data, ok := c.(json.RawMessage)
+	if !ok {
+		return nil, fmt.Errorf("meshca: unsupported config type: %T", c)
+	}
+	opts, err := pluginConfigFromJSON(data)
+	if err != nil {
+		return nil, err
+	}
+	return certprovider.NewBuildableConfig(pluginName, opts.canonical(), func(certprovider.BuildOptions) certprovider.Provider {
+		return newProvider(opts)
+	}), nil
+}
+
+func (p *pluginBuilder) Name() string {
+	return pluginName
+}
+
+func pluginConfigFromJSON(jd json.RawMessage) (Options, error) {
+	// The only difference between this anonymous struct and the Options struct
+	// is that the refresh_interval is represented here as a duration proto,
+	// while in the latter a time.Duration is used.
+	cfg := &struct {
+		CertificateFile   string          `json:"certificate_file,omitempty"`
+		PrivateKeyFile    string          `json:"private_key_file,omitempty"`
+		CACertificateFile string          `json:"ca_certificate_file,omitempty"`
+		RefreshInterval   json.RawMessage `json:"refresh_interval,omitempty"`
+	}{}
+	if err := json.Unmarshal(jd, cfg); err != nil {
+		return Options{}, fmt.Errorf("pemfile: json.Unmarshal(%s) failed: %v", string(jd), err)
+	}
+
+	opts := Options{
+		CertFile: cfg.CertificateFile,
+		KeyFile:  cfg.PrivateKeyFile,
+		RootFile: cfg.CACertificateFile,
+		// Refresh interval is the only field in the configuration for which we
+		// support a default value. We cannot possibly have valid defaults for
+		// file paths to watch. Also, it is valid to specify an empty path for
+		// some of those fields if the user does not want to watch them.
+		RefreshDuration: defaultRefreshInterval,
+	}
+	if cfg.RefreshInterval != nil {
+		dur := &durationpb.Duration{}
+		if err := protojson.Unmarshal(cfg.RefreshInterval, dur); err != nil {
+			return Options{}, fmt.Errorf("pemfile: protojson.Unmarshal(%+v) failed: %v", cfg.RefreshInterval, err)
+		}
+		opts.RefreshDuration = dur.AsDuration()
+	}
+
+	if err := opts.validate(); err != nil {
+		return Options{}, err
+	}
+	return opts, nil
+}
diff --git a/vendor/google.golang.org/grpc/credentials/tls/certprovider/pemfile/watcher.go b/vendor/google.golang.org/grpc/credentials/tls/certprovider/pemfile/watcher.go
new file mode 100644
index 00000000000..e154030cbe8
--- /dev/null
+++ b/vendor/google.golang.org/grpc/credentials/tls/certprovider/pemfile/watcher.go
@@ -0,0 +1,260 @@
+/*
+ *
+ * Copyright 2020 gRPC authors.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ */
+
+// Package pemfile provides a file watching certificate provider plugin
+// implementation which works for files with PEM contents.
+//
+// Experimental
+//
+// Notice: All APIs in this package are experimental and may be removed in a
+// later release.
+package pemfile
+
+import (
+	"bytes"
+	"context"
+	"crypto/tls"
+	"crypto/x509"
+	"errors"
+	"fmt"
+	"io/ioutil"
+	"path/filepath"
+	"time"
+
+	"google.golang.org/grpc/credentials/tls/certprovider"
+	"google.golang.org/grpc/grpclog"
+)
+
+const defaultCertRefreshDuration = 1 * time.Hour
+
+var (
+	// For overriding from unit tests.
+	newDistributor = func() distributor { return certprovider.NewDistributor() }
+
+	logger = grpclog.Component("pemfile")
+)
+
+// Options configures a certificate provider plugin that watches a specified set
+// of files that contain certificates and keys in PEM format.
+type Options struct {
+	// CertFile is the file that holds the identity certificate.
+	// Optional. If this is set, KeyFile must also be set.
+	CertFile string
+	// KeyFile is the file that holds identity private key.
+	// Optional. If this is set, CertFile must also be set.
+	KeyFile string
+	// RootFile is the file that holds trusted root certificate(s).
+	// Optional.
+	RootFile string
+	// RefreshDuration is the amount of time the plugin waits before checking
+	// for updates in the specified files.
+	// Optional. If not set, a default value (1 hour) will be used.
+	RefreshDuration time.Duration
+}
+
+func (o Options) canonical() []byte {
+	return []byte(fmt.Sprintf("%s:%s:%s:%s", o.CertFile, o.KeyFile, o.RootFile, o.RefreshDuration))
+}
+
+func (o Options) validate() error {
+	if o.CertFile == "" && o.KeyFile == "" && o.RootFile == "" {
+		return fmt.Errorf("pemfile: at least one credential file needs to be specified")
+	}
+	if keySpecified, certSpecified := o.KeyFile != "", o.CertFile != ""; keySpecified != certSpecified {
+		return fmt.Errorf("pemfile: private key file and identity cert file should be both specified or not specified")
+	}
+	// C-core has a limitation that they cannot verify that a certificate file
+	// matches a key file. So, the only way to get around this is to make sure
+	// that both files are in the same directory and that they do an atomic
+	// read. Even though Java/Go do not have this limitation, we want the
+	// overall plugin behavior to be consistent across languages.
+	if certDir, keyDir := filepath.Dir(o.CertFile), filepath.Dir(o.KeyFile); certDir != keyDir {
+		return errors.New("pemfile: certificate and key file must be in the same directory")
+	}
+	return nil
+}
+
+// NewProvider returns a new certificate provider plugin that is configured to
+// watch the PEM files specified in the passed in options.
+func NewProvider(o Options) (certprovider.Provider, error) {
+	if err := o.validate(); err != nil {
+		return nil, err
+	}
+	return newProvider(o), nil
+}
+
+// newProvider is used to create a new certificate provider plugin after
+// validating the options, and hence does not return an error.
+func newProvider(o Options) certprovider.Provider {
+	if o.RefreshDuration == 0 {
+		o.RefreshDuration = defaultCertRefreshDuration
+	}
+
+	provider := &watcher{opts: o}
+	if o.CertFile != "" && o.KeyFile != "" {
+		provider.identityDistributor = newDistributor()
+	}
+	if o.RootFile != "" {
+		provider.rootDistributor = newDistributor()
+	}
+
+	ctx, cancel := context.WithCancel(context.Background())
+	provider.cancel = cancel
+	go provider.run(ctx)
+	return provider
+}
+
+// watcher is a certificate provider plugin that implements the
+// certprovider.Provider interface. It watches a set of certificate and key
+// files and provides the most up-to-date key material for consumption by
+// credentials implementation.
+type watcher struct {
+	identityDistributor distributor
+	rootDistributor     distributor
+	opts                Options
+	certFileContents    []byte
+	keyFileContents     []byte
+	rootFileContents    []byte
+	cancel              context.CancelFunc
+}
+
+// distributor wraps the methods on certprovider.Distributor which are used by
+// the plugin. This is very useful in tests which need to know exactly when the
+// plugin updates its key material.
+type distributor interface {
+	KeyMaterial(ctx context.Context) (*certprovider.KeyMaterial, error)
+	Set(km *certprovider.KeyMaterial, err error)
+	Stop()
+}
+
+// updateIdentityDistributor checks if the cert/key files that the plugin is
+// watching have changed, and if so, reads the new contents and updates the
+// identityDistributor with the new key material.
+//
+// Skips updates when file reading or parsing fails.
+// TODO(easwars): Retry with limit (on the number of retries or the amount of
+// time) upon failures.
+func (w *watcher) updateIdentityDistributor() {
+	if w.identityDistributor == nil {
+		return
+	}
+
+	certFileContents, err := ioutil.ReadFile(w.opts.CertFile)
+	if err != nil {
+		logger.Warningf("certFile (%s) read failed: %v", w.opts.CertFile, err)
+		return
+	}
+	keyFileContents, err := ioutil.ReadFile(w.opts.KeyFile)
+	if err != nil {
+		logger.Warningf("keyFile (%s) read failed: %v", w.opts.KeyFile, err)
+		return
+	}
+	// If the file contents have not changed, skip updating the distributor.
+	if bytes.Equal(w.certFileContents, certFileContents) && bytes.Equal(w.keyFileContents, keyFileContents) {
+		return
+	}
+
+	cert, err := tls.X509KeyPair(certFileContents, keyFileContents)
+	if err != nil {
+		logger.Warningf("tls.X509KeyPair(%q, %q) failed: %v", certFileContents, keyFileContents, err)
+		return
+	}
+	w.certFileContents = certFileContents
+	w.keyFileContents = keyFileContents
+	w.identityDistributor.Set(&certprovider.KeyMaterial{Certs: []tls.Certificate{cert}}, nil)
+}
+
+// updateRootDistributor checks if the root cert file that the plugin is
+// watching hs changed, and if so, updates the rootDistributor with the new key
+// material.
+//
+// Skips updates when root cert reading or parsing fails.
+// TODO(easwars): Retry with limit (on the number of retries or the amount of
+// time) upon failures.
+func (w *watcher) updateRootDistributor() {
+	if w.rootDistributor == nil {
+		return
+	}
+
+	rootFileContents, err := ioutil.ReadFile(w.opts.RootFile)
+	if err != nil {
+		logger.Warningf("rootFile (%s) read failed: %v", w.opts.RootFile, err)
+		return
+	}
+	trustPool := x509.NewCertPool()
+	if !trustPool.AppendCertsFromPEM(rootFileContents) {
+		logger.Warning("failed to parse root certificate")
+		return
+	}
+	// If the file contents have not changed, skip updating the distributor.
+	if bytes.Equal(w.rootFileContents, rootFileContents) {
+		return
+	}
+
+	w.rootFileContents = rootFileContents
+	w.rootDistributor.Set(&certprovider.KeyMaterial{Roots: trustPool}, nil)
+}
+
+// run is a long running goroutine which watches the configured files for
+// changes, and pushes new key material into the appropriate distributors which
+// is returned from calls to KeyMaterial().
+func (w *watcher) run(ctx context.Context) {
+	ticker := time.NewTicker(w.opts.RefreshDuration)
+	for {
+		w.updateIdentityDistributor()
+		w.updateRootDistributor()
+		select {
+		case <-ctx.Done():
+			ticker.Stop()
+			if w.identityDistributor != nil {
+				w.identityDistributor.Stop()
+			}
+			if w.rootDistributor != nil {
+				w.rootDistributor.Stop()
+			}
+			return
+		case <-ticker.C:
+		}
+	}
+}
+
+// KeyMaterial returns the key material sourced by the watcher.
+// Callers are expected to use the returned value as read-only.
+func (w *watcher) KeyMaterial(ctx context.Context) (*certprovider.KeyMaterial, error) {
+	km := &certprovider.KeyMaterial{}
+	if w.identityDistributor != nil {
+		identityKM, err := w.identityDistributor.KeyMaterial(ctx)
+		if err != nil {
+			return nil, err
+		}
+		km.Certs = identityKM.Certs
+	}
+	if w.rootDistributor != nil {
+		rootKM, err := w.rootDistributor.KeyMaterial(ctx)
+		if err != nil {
+			return nil, err
+		}
+		km.Roots = rootKM.Roots
+	}
+	return km, nil
+}
+
+// Close cleans up resources allocated by the watcher.
+func (w *watcher) Close() {
+	w.cancel()
+}
diff --git a/vendor/google.golang.org/grpc/credentials/tls/certprovider/provider.go b/vendor/google.golang.org/grpc/credentials/tls/certprovider/provider.go
new file mode 100644
index 00000000000..275c176afdf
--- /dev/null
+++ b/vendor/google.golang.org/grpc/credentials/tls/certprovider/provider.go
@@ -0,0 +1,109 @@
+/*
+ *
+ * Copyright 2020 gRPC authors.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ */
+
+// Package certprovider defines APIs for Certificate Providers in gRPC.
+//
+// Experimental
+//
+// Notice: All APIs in this package are experimental and may be removed in a
+// later release.
+package certprovider
+
+import (
+	"context"
+	"crypto/tls"
+	"crypto/x509"
+	"errors"
+
+	"google.golang.org/grpc/internal"
+)
+
+func init() {
+	internal.GetCertificateProviderBuilder = getBuilder
+}
+
+var (
+	// errProviderClosed is returned by Distributor.KeyMaterial when it is
+	// closed.
+	errProviderClosed = errors.New("provider instance is closed")
+
+	// m is a map from name to Provider builder.
+	m = make(map[string]Builder)
+)
+
+// Register registers the Provider builder, whose name as returned by its Name()
+// method will be used as the name registered with this builder. Registered
+// Builders are used by the Store to create Providers.
+func Register(b Builder) {
+	m[b.Name()] = b
+}
+
+// getBuilder returns the Provider builder registered with the given name.
+// If no builder is registered with the provided name, nil will be returned.
+func getBuilder(name string) Builder {
+	if b, ok := m[name]; ok {
+		return b
+	}
+	return nil
+}
+
+// Builder creates a Provider.
+type Builder interface {
+	// ParseConfig parses the given config, which is in a format specific to individual
+	// implementations, and returns a BuildableConfig on success.
+	ParseConfig(interface{}) (*BuildableConfig, error)
+
+	// Name returns the name of providers built by this builder.
+	Name() string
+}
+
+// Provider makes it possible to keep channel credential implementations up to
+// date with secrets that they rely on to secure communications on the
+// underlying channel.
+//
+// Provider implementations are free to rely on local or remote sources to fetch
+// the latest secrets, and free to share any state between different
+// instantiations as they deem fit.
+type Provider interface {
+	// KeyMaterial returns the key material sourced by the Provider.
+	// Callers are expected to use the returned value as read-only.
+	KeyMaterial(ctx context.Context) (*KeyMaterial, error)
+
+	// Close cleans up resources allocated by the Provider.
+	Close()
+}
+
+// KeyMaterial wraps the certificates and keys returned by a Provider instance.
+type KeyMaterial struct {
+	// Certs contains a slice of cert/key pairs used to prove local identity.
+	Certs []tls.Certificate
+	// Roots contains the set of trusted roots to validate the peer's identity.
+	Roots *x509.CertPool
+}
+
+// BuildOptions contains parameters passed to a Provider at build time.
+type BuildOptions struct {
+	// CertName holds the certificate name, whose key material is of interest to
+	// the caller.
+	CertName string
+	// WantRoot indicates if the caller is interested in the root certificate.
+	WantRoot bool
+	// WantIdentity indicates if the caller is interested in the identity
+	// certificate.
+	WantIdentity bool
+}
diff --git a/vendor/google.golang.org/grpc/credentials/tls/certprovider/store.go b/vendor/google.golang.org/grpc/credentials/tls/certprovider/store.go
new file mode 100644
index 00000000000..90f98b3c9e7
--- /dev/null
+++ b/vendor/google.golang.org/grpc/credentials/tls/certprovider/store.go
@@ -0,0 +1,156 @@
+/*
+ *
+ * Copyright 2020 gRPC authors.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ */
+
+package certprovider
+
+import (
+	"fmt"
+	"sync"
+)
+
+// provStore is the global singleton certificate provider store.
+var provStore = &store{
+	providers: make(map[storeKey]*wrappedProvider),
+}
+
+// storeKey acts as the key to the map of providers maintained by the store. A
+// combination of provider name and configuration is used to uniquely identify
+// every provider instance in the store. Go maps need to be indexed by
+// comparable types, so the provider configuration is converted from
+// `interface{}` to string using the ParseConfig method while creating this key.
+type storeKey struct {
+	// name of the certificate provider.
+	name string
+	// configuration of the certificate provider in string form.
+	config string
+	// opts contains the certificate name and other keyMaterial options.
+	opts BuildOptions
+}
+
+// wrappedProvider wraps a provider instance with a reference count.
+type wrappedProvider struct {
+	Provider
+	refCount int
+
+	// A reference to the key and store are also kept here to override the
+	// Close method on the provider.
+	storeKey storeKey
+	store    *store
+}
+
+// store is a collection of provider instances, safe for concurrent access.
+type store struct {
+	mu        sync.Mutex
+	providers map[storeKey]*wrappedProvider
+}
+
+// Close overrides the Close method of the embedded provider. It releases the
+// reference held by the caller on the underlying provider and if the
+// provider's reference count reaches zero, it is removed from the store, and
+// its Close method is also invoked.
+func (wp *wrappedProvider) Close() {
+	ps := wp.store
+	ps.mu.Lock()
+	defer ps.mu.Unlock()
+
+	wp.refCount--
+	if wp.refCount == 0 {
+		wp.Provider.Close()
+		delete(ps.providers, wp.storeKey)
+	}
+}
+
+// BuildableConfig wraps parsed provider configuration and functionality to
+// instantiate provider instances.
+type BuildableConfig struct {
+	name    string
+	config  []byte
+	starter func(BuildOptions) Provider
+	pStore  *store
+}
+
+// NewBuildableConfig creates a new BuildableConfig with the given arguments.
+// Provider implementations are expected to invoke this function after parsing
+// the given configuration as part of their ParseConfig() method.
+// Equivalent configurations are expected to invoke this function with the same
+// config argument.
+func NewBuildableConfig(name string, config []byte, starter func(BuildOptions) Provider) *BuildableConfig {
+	return &BuildableConfig{
+		name:    name,
+		config:  config,
+		starter: starter,
+		pStore:  provStore,
+	}
+}
+
+// Build kicks off a provider instance with the wrapped configuration. Multiple
+// invocations of this method with the same opts will result in provider
+// instances being reused.
+func (bc *BuildableConfig) Build(opts BuildOptions) (Provider, error) {
+	provStore.mu.Lock()
+	defer provStore.mu.Unlock()
+
+	sk := storeKey{
+		name:   bc.name,
+		config: string(bc.config),
+		opts:   opts,
+	}
+	if wp, ok := provStore.providers[sk]; ok {
+		wp.refCount++
+		return wp, nil
+	}
+
+	provider := bc.starter(opts)
+	if provider == nil {
+		return nil, fmt.Errorf("provider(%q, %q).Build(%v) failed", sk.name, sk.config, opts)
+	}
+	wp := &wrappedProvider{
+		Provider: provider,
+		refCount: 1,
+		storeKey: sk,
+		store:    provStore,
+	}
+	provStore.providers[sk] = wp
+	return wp, nil
+}
+
+// String returns the provider name and config as a colon separated string.
+func (bc *BuildableConfig) String() string {
+	return fmt.Sprintf("%s:%s", bc.name, string(bc.config))
+}
+
+// ParseConfig is a convenience function to create a BuildableConfig given a
+// provider name and configuration. Returns an error if there is no registered
+// builder for the given name or if the config parsing fails.
+func ParseConfig(name string, config interface{}) (*BuildableConfig, error) {
+	parser := getBuilder(name)
+	if parser == nil {
+		return nil, fmt.Errorf("no certificate provider builder found for %q", name)
+	}
+	return parser.ParseConfig(config)
+}
+
+// GetProvider is a convenience function to create a provider given the name,
+// config and build options.
+func GetProvider(name string, config interface{}, opts BuildOptions) (Provider, error) {
+	bc, err := ParseConfig(name, config)
+	if err != nil {
+		return nil, err
+	}
+	return bc.Build(opts)
+}
diff --git a/vendor/google.golang.org/grpc/dialoptions.go b/vendor/google.golang.org/grpc/dialoptions.go
index a93fcab8f34..7a497237bbd 100644
--- a/vendor/google.golang.org/grpc/dialoptions.go
+++ b/vendor/google.golang.org/grpc/dialoptions.go
@@ -66,12 +66,7 @@ type dialOptions struct {
 	minConnectTimeout           func() time.Duration
 	defaultServiceConfig        *ServiceConfig // defaultServiceConfig is parsed from defaultServiceConfigRawJSON.
 	defaultServiceConfigRawJSON *string
-	// This is used by ccResolverWrapper to backoff between successive calls to
-	// resolver.ResolveNow(). The user will have no need to configure this, but
-	// we need to be able to configure this in tests.
-	resolveNowBackoff func(int) time.Duration
-	resolvers         []resolver.Builder
-	withProxy         bool
+	resolvers                   []resolver.Builder
 }
 
 // DialOption configures how we set up the connection.
@@ -325,7 +320,7 @@ func WithInsecure() DialOption {
 // later release.
 func WithNoProxy() DialOption {
 	return newFuncDialOption(func(o *dialOptions) {
-		o.withProxy = false
+		o.copts.UseProxy = false
 	})
 }
 
@@ -595,9 +590,8 @@ func defaultDialOptions() dialOptions {
 		copts: transport.ConnectOptions{
 			WriteBufferSize: defaultWriteBufSize,
 			ReadBufferSize:  defaultReadBufSize,
+			UseProxy:        true,
 		},
-		resolveNowBackoff: internalbackoff.DefaultExponential.Backoff,
-		withProxy:         true,
 	}
 }
 
@@ -612,16 +606,6 @@ func withMinConnectDeadline(f func() time.Duration) DialOption {
 	})
 }
 
-// withResolveNowBackoff specifies the function that clientconn uses to backoff
-// between successive calls to resolver.ResolveNow().
-//
-// For testing purpose only.
-func withResolveNowBackoff(f func(int) time.Duration) DialOption {
-	return newFuncDialOption(func(o *dialOptions) {
-		o.resolveNowBackoff = f
-	})
-}
-
 // WithResolvers allows a list of resolver implementations to be registered
 // locally with the ClientConn without needing to be globally registered via
 // resolver.Register.  They will be matched against the scheme used for the
diff --git a/vendor/google.golang.org/grpc/encoding/proto/proto.go b/vendor/google.golang.org/grpc/encoding/proto/proto.go
index 66b97a6f692..3009b35afe7 100644
--- a/vendor/google.golang.org/grpc/encoding/proto/proto.go
+++ b/vendor/google.golang.org/grpc/encoding/proto/proto.go
@@ -21,8 +21,7 @@
 package proto
 
 import (
-	"math"
-	"sync"
+	"fmt"
 
 	"github.com/golang/protobuf/proto"
 	"google.golang.org/grpc/encoding"
@@ -38,73 +37,22 @@ func init() {
 // codec is a Codec implementation with protobuf. It is the default codec for gRPC.
 type codec struct{}
 
-type cachedProtoBuffer struct {
-	lastMarshaledSize uint32
-	proto.Buffer
-}
-
-func capToMaxInt32(val int) uint32 {
-	if val > math.MaxInt32 {
-		return uint32(math.MaxInt32)
-	}
-	return uint32(val)
-}
-
-func marshal(v interface{}, cb *cachedProtoBuffer) ([]byte, error) {
-	protoMsg := v.(proto.Message)
-	newSlice := make([]byte, 0, cb.lastMarshaledSize)
-
-	cb.SetBuf(newSlice)
-	cb.Reset()
-	if err := cb.Marshal(protoMsg); err != nil {
-		return nil, err
-	}
-	out := cb.Bytes()
-	cb.lastMarshaledSize = capToMaxInt32(len(out))
-	return out, nil
-}
-
 func (codec) Marshal(v interface{}) ([]byte, error) {
-	if pm, ok := v.(proto.Marshaler); ok {
-		// object can marshal itself, no need for buffer
-		return pm.Marshal()
+	vv, ok := v.(proto.Message)
+	if !ok {
+		return nil, fmt.Errorf("failed to marshal, message is %T, want proto.Message", v)
 	}
-
-	cb := protoBufferPool.Get().(*cachedProtoBuffer)
-	out, err := marshal(v, cb)
-
-	// put back buffer and lose the ref to the slice
-	cb.SetBuf(nil)
-	protoBufferPool.Put(cb)
-	return out, err
+	return proto.Marshal(vv)
 }
 
 func (codec) Unmarshal(data []byte, v interface{}) error {
-	protoMsg := v.(proto.Message)
-	protoMsg.Reset()
-
-	if pu, ok := protoMsg.(proto.Unmarshaler); ok {
-		// object can unmarshal itself, no need for buffer
-		return pu.Unmarshal(data)
+	vv, ok := v.(proto.Message)
+	if !ok {
+		return fmt.Errorf("failed to unmarshal, message is %T, want proto.Message", v)
 	}
-
-	cb := protoBufferPool.Get().(*cachedProtoBuffer)
-	cb.SetBuf(data)
-	err := cb.Unmarshal(protoMsg)
-	cb.SetBuf(nil)
-	protoBufferPool.Put(cb)
-	return err
+	return proto.Unmarshal(data, vv)
 }
 
 func (codec) Name() string {
 	return Name
 }
-
-var protoBufferPool = &sync.Pool{
-	New: func() interface{} {
-		return &cachedProtoBuffer{
-			Buffer:            proto.Buffer{},
-			lastMarshaledSize: 16,
-		}
-	},
-}
diff --git a/vendor/google.golang.org/grpc/health/grpc_health_v1/health.pb.go b/vendor/google.golang.org/grpc/health/grpc_health_v1/health.pb.go
index 2b6803ecc72..a66024d23e3 100644
--- a/vendor/google.golang.org/grpc/health/grpc_health_v1/health.pb.go
+++ b/vendor/google.golang.org/grpc/health/grpc_health_v1/health.pb.go
@@ -18,7 +18,7 @@
 // Code generated by protoc-gen-go. DO NOT EDIT.
 // versions:
 // 	protoc-gen-go v1.25.0
-// 	protoc        v3.3.0
+// 	protoc        v3.14.0
 // source: grpc/health/v1/health.proto
 
 package grpc_health_v1
diff --git a/vendor/google.golang.org/grpc/health/grpc_health_v1/health_grpc.pb.go b/vendor/google.golang.org/grpc/health/grpc_health_v1/health_grpc.pb.go
index 463c8734ade..bdc3ae284e7 100644
--- a/vendor/google.golang.org/grpc/health/grpc_health_v1/health_grpc.pb.go
+++ b/vendor/google.golang.org/grpc/health/grpc_health_v1/health_grpc.pb.go
@@ -1,4 +1,8 @@
 // Code generated by protoc-gen-go-grpc. DO NOT EDIT.
+// versions:
+// - protoc-gen-go-grpc v1.1.0
+// - protoc             v3.14.0
+// source: grpc/health/v1/health.proto
 
 package grpc_health_v1
 
@@ -11,6 +15,7 @@ import (
 
 // This is a compile-time assertion to ensure that this generated file
 // is compatible with the grpc package it is being compiled against.
+// Requires gRPC-Go v1.32.0 or later.
 const _ = grpc.SupportPackageIsVersion7
 
 // HealthClient is the client API for Health service.
@@ -56,7 +61,7 @@ func (c *healthClient) Check(ctx context.Context, in *HealthCheckRequest, opts .
 }
 
 func (c *healthClient) Watch(ctx context.Context, in *HealthCheckRequest, opts ...grpc.CallOption) (Health_WatchClient, error) {
-	stream, err := c.cc.NewStream(ctx, &_Health_serviceDesc.Streams[0], "/grpc.health.v1.Health/Watch", opts...)
+	stream, err := c.cc.NewStream(ctx, &Health_ServiceDesc.Streams[0], "/grpc.health.v1.Health/Watch", opts...)
 	if err != nil {
 		return nil, err
 	}
@@ -130,8 +135,8 @@ type UnsafeHealthServer interface {
 	mustEmbedUnimplementedHealthServer()
 }
 
-func RegisterHealthServer(s *grpc.Server, srv HealthServer) {
-	s.RegisterService(&_Health_serviceDesc, srv)
+func RegisterHealthServer(s grpc.ServiceRegistrar, srv HealthServer) {
+	s.RegisterService(&Health_ServiceDesc, srv)
 }
 
 func _Health_Check_Handler(srv interface{}, ctx context.Context, dec func(interface{}) error, interceptor grpc.UnaryServerInterceptor) (interface{}, error) {
@@ -173,7 +178,10 @@ func (x *healthWatchServer) Send(m *HealthCheckResponse) error {
 	return x.ServerStream.SendMsg(m)
 }
 
-var _Health_serviceDesc = grpc.ServiceDesc{
+// Health_ServiceDesc is the grpc.ServiceDesc for Health service.
+// It's only intended for direct use with grpc.RegisterService,
+// and not to be introspected or modified (even as a copy)
+var Health_ServiceDesc = grpc.ServiceDesc{
 	ServiceName: "grpc.health.v1.Health",
 	HandlerType: (*HealthServer)(nil),
 	Methods: []grpc.MethodDesc{
diff --git a/vendor/google.golang.org/grpc/interceptor.go b/vendor/google.golang.org/grpc/interceptor.go
index d1a609e4893..668e0adcf0a 100644
--- a/vendor/google.golang.org/grpc/interceptor.go
+++ b/vendor/google.golang.org/grpc/interceptor.go
@@ -25,25 +25,41 @@ import (
 // UnaryInvoker is called by UnaryClientInterceptor to complete RPCs.
 type UnaryInvoker func(ctx context.Context, method string, req, reply interface{}, cc *ClientConn, opts ...CallOption) error
 
-// UnaryClientInterceptor intercepts the execution of a unary RPC on the client. invoker is the handler to complete the RPC
-// and it is the responsibility of the interceptor to call it.
+// UnaryClientInterceptor intercepts the execution of a unary RPC on the client.
+// Unary interceptors can be specified as a DialOption, using
+// WithUnaryInterceptor() or WithChainUnaryInterceptor(), when creating a
+// ClientConn. When a unary interceptor(s) is set on a ClientConn, gRPC
+// delegates all unary RPC invocations to the interceptor, and it is the
+// responsibility of the interceptor to call invoker to complete the processing
+// of the RPC.
 //
-// Experimental
+// method is the RPC name. req and reply are the corresponding request and
+// response messages. cc is the ClientConn on which the RPC was invoked. invoker
+// is the handler to complete the RPC and it is the responsibility of the
+// interceptor to call it. opts contain all applicable call options, including
+// defaults from the ClientConn as well as per-call options.
 //
-// Notice: This type is EXPERIMENTAL and may be changed or removed in a
-// later release.
+// The returned error must be compatible with the status package.
 type UnaryClientInterceptor func(ctx context.Context, method string, req, reply interface{}, cc *ClientConn, invoker UnaryInvoker, opts ...CallOption) error
 
 // Streamer is called by StreamClientInterceptor to create a ClientStream.
 type Streamer func(ctx context.Context, desc *StreamDesc, cc *ClientConn, method string, opts ...CallOption) (ClientStream, error)
 
-// StreamClientInterceptor intercepts the creation of ClientStream. It may return a custom ClientStream to intercept all I/O
-// operations. streamer is the handler to create a ClientStream and it is the responsibility of the interceptor to call it.
+// StreamClientInterceptor intercepts the creation of a ClientStream. Stream
+// interceptors can be specified as a DialOption, using WithStreamInterceptor()
+// or WithChainStreamInterceptor(), when creating a ClientConn. When a stream
+// interceptor(s) is set on the ClientConn, gRPC delegates all stream creations
+// to the interceptor, and it is the responsibility of the interceptor to call
+// streamer.
 //
-// Experimental
+// desc contains a description of the stream. cc is the ClientConn on which the
+// RPC was invoked. streamer is the handler to create a ClientStream and it is
+// the responsibility of the interceptor to call it. opts contain all applicable
+// call options, including defaults from the ClientConn as well as per-call
+// options.
 //
-// Notice: This type is EXPERIMENTAL and may be changed or removed in a
-// later release.
+// StreamClientInterceptor may return a custom ClientStream to intercept all I/O
+// operations. The returned error must be compatible with the status package.
 type StreamClientInterceptor func(ctx context.Context, desc *StreamDesc, cc *ClientConn, method string, streamer Streamer, opts ...CallOption) (ClientStream, error)
 
 // UnaryServerInfo consists of various information about a unary RPC on
diff --git a/vendor/google.golang.org/grpc/internal/admin/admin.go b/vendor/google.golang.org/grpc/internal/admin/admin.go
new file mode 100644
index 00000000000..a9285ee7484
--- /dev/null
+++ b/vendor/google.golang.org/grpc/internal/admin/admin.go
@@ -0,0 +1,60 @@
+/*
+ *
+ * Copyright 2021 gRPC authors.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ */
+
+// Package admin contains internal implementation for admin service.
+package admin
+
+import "google.golang.org/grpc"
+
+// services is a map from name to service register functions.
+var services []func(grpc.ServiceRegistrar) (func(), error)
+
+// AddService adds a service to the list of admin services.
+//
+// NOTE: this function must only be called during initialization time (i.e. in
+// an init() function), and is not thread-safe.
+//
+// If multiple services with the same service name are added (e.g. two services
+// for `grpc.channelz.v1.Channelz`), the server will panic on `Register()`.
+func AddService(f func(grpc.ServiceRegistrar) (func(), error)) {
+	services = append(services, f)
+}
+
+// Register registers the set of admin services to the given server.
+func Register(s grpc.ServiceRegistrar) (cleanup func(), _ error) {
+	var cleanups []func()
+	for _, f := range services {
+		cleanup, err := f(s)
+		if err != nil {
+			callFuncs(cleanups)
+			return nil, err
+		}
+		if cleanup != nil {
+			cleanups = append(cleanups, cleanup)
+		}
+	}
+	return func() {
+		callFuncs(cleanups)
+	}, nil
+}
+
+func callFuncs(fs []func()) {
+	for _, f := range fs {
+		f()
+	}
+}
diff --git a/vendor/google.golang.org/grpc/internal/cache/timeoutCache.go b/vendor/google.golang.org/grpc/internal/cache/timeoutCache.go
new file mode 100644
index 00000000000..200b499ec81
--- /dev/null
+++ b/vendor/google.golang.org/grpc/internal/cache/timeoutCache.go
@@ -0,0 +1,144 @@
+/*
+ * Copyright 2019 gRPC authors.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+// Package cache implements caches to be used in gRPC.
+package cache
+
+import (
+	"sync"
+	"time"
+)
+
+type cacheEntry struct {
+	item interface{}
+	// Note that to avoid deadlocks (potentially caused by lock ordering),
+	// callback can only be called without holding cache's mutex.
+	callback func()
+	timer    *time.Timer
+	// deleted is set to true in Remove() when the call to timer.Stop() fails.
+	// This can happen when the timer in the cache entry fires around the same
+	// time that timer.stop() is called in Remove().
+	deleted bool
+}
+
+// TimeoutCache is a cache with items to be deleted after a timeout.
+type TimeoutCache struct {
+	mu      sync.Mutex
+	timeout time.Duration
+	cache   map[interface{}]*cacheEntry
+}
+
+// NewTimeoutCache creates a TimeoutCache with the given timeout.
+func NewTimeoutCache(timeout time.Duration) *TimeoutCache {
+	return &TimeoutCache{
+		timeout: timeout,
+		cache:   make(map[interface{}]*cacheEntry),
+	}
+}
+
+// Add adds an item to the cache, with the specified callback to be called when
+// the item is removed from the cache upon timeout. If the item is removed from
+// the cache using a call to Remove before the timeout expires, the callback
+// will not be called.
+//
+// If the Add was successful, it returns (newly added item, true). If there is
+// an existing entry for the specified key, the cache entry is not be updated
+// with the specified item and it returns (existing item, false).
+func (c *TimeoutCache) Add(key, item interface{}, callback func()) (interface{}, bool) {
+	c.mu.Lock()
+	defer c.mu.Unlock()
+	if e, ok := c.cache[key]; ok {
+		return e.item, false
+	}
+
+	entry := &cacheEntry{
+		item:     item,
+		callback: callback,
+	}
+	entry.timer = time.AfterFunc(c.timeout, func() {
+		c.mu.Lock()
+		if entry.deleted {
+			c.mu.Unlock()
+			// Abort the delete since this has been taken care of in Remove().
+			return
+		}
+		delete(c.cache, key)
+		c.mu.Unlock()
+		entry.callback()
+	})
+	c.cache[key] = entry
+	return item, true
+}
+
+// Remove the item with the key from the cache.
+//
+// If the specified key exists in the cache, it returns (item associated with
+// key, true) and the callback associated with the item is guaranteed to be not
+// called. If the given key is not found in the cache, it returns (nil, false)
+func (c *TimeoutCache) Remove(key interface{}) (item interface{}, ok bool) {
+	c.mu.Lock()
+	defer c.mu.Unlock()
+	entry, ok := c.removeInternal(key)
+	if !ok {
+		return nil, false
+	}
+	return entry.item, true
+}
+
+// removeInternal removes and returns the item with key.
+//
+// caller must hold c.mu.
+func (c *TimeoutCache) removeInternal(key interface{}) (*cacheEntry, bool) {
+	entry, ok := c.cache[key]
+	if !ok {
+		return nil, false
+	}
+	delete(c.cache, key)
+	if !entry.timer.Stop() {
+		// If stop was not successful, the timer has fired (this can only happen
+		// in a race). But the deleting function is blocked on c.mu because the
+		// mutex was held by the caller of this function.
+		//
+		// Set deleted to true to abort the deleting function. When the lock is
+		// released, the delete function will acquire the lock, check the value
+		// of deleted and return.
+		entry.deleted = true
+	}
+	return entry, true
+}
+
+// Clear removes all entries, and runs the callbacks if runCallback is true.
+func (c *TimeoutCache) Clear(runCallback bool) {
+	var entries []*cacheEntry
+	c.mu.Lock()
+	for key := range c.cache {
+		if e, ok := c.removeInternal(key); ok {
+			entries = append(entries, e)
+		}
+	}
+	c.mu.Unlock()
+
+	if !runCallback {
+		return
+	}
+
+	// removeInternal removes entries from cache, and also stops the timer, so
+	// the callback is guaranteed to be not called. If runCallback is true,
+	// manual execute all callbacks.
+	for _, entry := range entries {
+		entry.callback()
+	}
+}
diff --git a/vendor/google.golang.org/grpc/internal/credentials/credentials.go b/vendor/google.golang.org/grpc/internal/credentials/credentials.go
new file mode 100644
index 00000000000..32c9b59033c
--- /dev/null
+++ b/vendor/google.golang.org/grpc/internal/credentials/credentials.go
@@ -0,0 +1,49 @@
+/*
+ * Copyright 2021 gRPC authors.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package credentials
+
+import (
+	"context"
+)
+
+// requestInfoKey is a struct to be used as the key to store RequestInfo in a
+// context.
+type requestInfoKey struct{}
+
+// NewRequestInfoContext creates a context with ri.
+func NewRequestInfoContext(ctx context.Context, ri interface{}) context.Context {
+	return context.WithValue(ctx, requestInfoKey{}, ri)
+}
+
+// RequestInfoFromContext extracts the RequestInfo from ctx.
+func RequestInfoFromContext(ctx context.Context) interface{} {
+	return ctx.Value(requestInfoKey{})
+}
+
+// clientHandshakeInfoKey is a struct used as the key to store
+// ClientHandshakeInfo in a context.
+type clientHandshakeInfoKey struct{}
+
+// ClientHandshakeInfoFromContext extracts the ClientHandshakeInfo from ctx.
+func ClientHandshakeInfoFromContext(ctx context.Context) interface{} {
+	return ctx.Value(clientHandshakeInfoKey{})
+}
+
+// NewClientHandshakeInfoContext creates a context with chi.
+func NewClientHandshakeInfoContext(ctx context.Context, chi interface{}) context.Context {
+	return context.WithValue(ctx, clientHandshakeInfoKey{}, chi)
+}
diff --git a/vendor/google.golang.org/grpc/internal/credentials/xds/handshake_info.go b/vendor/google.golang.org/grpc/internal/credentials/xds/handshake_info.go
new file mode 100644
index 00000000000..6789a4cf2e5
--- /dev/null
+++ b/vendor/google.golang.org/grpc/internal/credentials/xds/handshake_info.go
@@ -0,0 +1,311 @@
+/*
+ *
+ * Copyright 2020 gRPC authors.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ */
+
+// Package xds contains non-user facing functionality of the xds credentials.
+package xds
+
+import (
+	"context"
+	"crypto/tls"
+	"crypto/x509"
+	"errors"
+	"fmt"
+	"strings"
+	"sync"
+
+	"google.golang.org/grpc/attributes"
+	"google.golang.org/grpc/credentials/tls/certprovider"
+	"google.golang.org/grpc/internal"
+	xdsinternal "google.golang.org/grpc/internal/xds"
+	"google.golang.org/grpc/resolver"
+)
+
+func init() {
+	internal.GetXDSHandshakeInfoForTesting = GetHandshakeInfo
+}
+
+// handshakeAttrKey is the type used as the key to store HandshakeInfo in
+// the Attributes field of resolver.Address.
+type handshakeAttrKey struct{}
+
+// SetHandshakeInfo returns a copy of addr in which the Attributes field is
+// updated with hInfo.
+func SetHandshakeInfo(addr resolver.Address, hInfo *HandshakeInfo) resolver.Address {
+	addr.Attributes = addr.Attributes.WithValues(handshakeAttrKey{}, hInfo)
+	return addr
+}
+
+// GetHandshakeInfo returns a pointer to the HandshakeInfo stored in attr.
+func GetHandshakeInfo(attr *attributes.Attributes) *HandshakeInfo {
+	v := attr.Value(handshakeAttrKey{})
+	hi, _ := v.(*HandshakeInfo)
+	return hi
+}
+
+// HandshakeInfo wraps all the security configuration required by client and
+// server handshake methods in xds credentials. The xDS implementation will be
+// responsible for populating these fields.
+//
+// Safe for concurrent access.
+type HandshakeInfo struct {
+	mu                sync.Mutex
+	rootProvider      certprovider.Provider
+	identityProvider  certprovider.Provider
+	sanMatchers       []xdsinternal.StringMatcher // Only on the client side.
+	requireClientCert bool                        // Only on server side.
+}
+
+// SetRootCertProvider updates the root certificate provider.
+func (hi *HandshakeInfo) SetRootCertProvider(root certprovider.Provider) {
+	hi.mu.Lock()
+	hi.rootProvider = root
+	hi.mu.Unlock()
+}
+
+// SetIdentityCertProvider updates the identity certificate provider.
+func (hi *HandshakeInfo) SetIdentityCertProvider(identity certprovider.Provider) {
+	hi.mu.Lock()
+	hi.identityProvider = identity
+	hi.mu.Unlock()
+}
+
+// SetSANMatchers updates the list of SAN matchers.
+func (hi *HandshakeInfo) SetSANMatchers(sanMatchers []xdsinternal.StringMatcher) {
+	hi.mu.Lock()
+	hi.sanMatchers = sanMatchers
+	hi.mu.Unlock()
+}
+
+// SetRequireClientCert updates whether a client cert is required during the
+// ServerHandshake(). A value of true indicates that we are performing mTLS.
+func (hi *HandshakeInfo) SetRequireClientCert(require bool) {
+	hi.mu.Lock()
+	hi.requireClientCert = require
+	hi.mu.Unlock()
+}
+
+// UseFallbackCreds returns true when fallback credentials are to be used based
+// on the contents of the HandshakeInfo.
+func (hi *HandshakeInfo) UseFallbackCreds() bool {
+	if hi == nil {
+		return true
+	}
+
+	hi.mu.Lock()
+	defer hi.mu.Unlock()
+	return hi.identityProvider == nil && hi.rootProvider == nil
+}
+
+// GetSANMatchersForTesting returns the SAN matchers stored in HandshakeInfo.
+// To be used only for testing purposes.
+func (hi *HandshakeInfo) GetSANMatchersForTesting() []xdsinternal.StringMatcher {
+	hi.mu.Lock()
+	defer hi.mu.Unlock()
+	return append([]xdsinternal.StringMatcher{}, hi.sanMatchers...)
+}
+
+// ClientSideTLSConfig constructs a tls.Config to be used in a client-side
+// handshake based on the contents of the HandshakeInfo.
+func (hi *HandshakeInfo) ClientSideTLSConfig(ctx context.Context) (*tls.Config, error) {
+	hi.mu.Lock()
+	// On the client side, rootProvider is mandatory. IdentityProvider is
+	// optional based on whether the client is doing TLS or mTLS.
+	if hi.rootProvider == nil {
+		return nil, errors.New("xds: CertificateProvider to fetch trusted roots is missing, cannot perform TLS handshake. Please check configuration on the management server")
+	}
+	// Since the call to KeyMaterial() can block, we read the providers under
+	// the lock but call the actual function after releasing the lock.
+	rootProv, idProv := hi.rootProvider, hi.identityProvider
+	hi.mu.Unlock()
+
+	// InsecureSkipVerify needs to be set to true because we need to perform
+	// custom verification to check the SAN on the received certificate.
+	// Currently the Go stdlib does complete verification of the cert (which
+	// includes hostname verification) or none. We are forced to go with the
+	// latter and perform the normal cert validation ourselves.
+	cfg := &tls.Config{
+		InsecureSkipVerify: true,
+		NextProtos:         []string{"h2"},
+	}
+
+	km, err := rootProv.KeyMaterial(ctx)
+	if err != nil {
+		return nil, fmt.Errorf("xds: fetching trusted roots from CertificateProvider failed: %v", err)
+	}
+	cfg.RootCAs = km.Roots
+
+	if idProv != nil {
+		km, err := idProv.KeyMaterial(ctx)
+		if err != nil {
+			return nil, fmt.Errorf("xds: fetching identity certificates from CertificateProvider failed: %v", err)
+		}
+		cfg.Certificates = km.Certs
+	}
+	return cfg, nil
+}
+
+// ServerSideTLSConfig constructs a tls.Config to be used in a server-side
+// handshake based on the contents of the HandshakeInfo.
+func (hi *HandshakeInfo) ServerSideTLSConfig(ctx context.Context) (*tls.Config, error) {
+	cfg := &tls.Config{
+		ClientAuth: tls.NoClientCert,
+		NextProtos: []string{"h2"},
+	}
+	hi.mu.Lock()
+	// On the server side, identityProvider is mandatory. RootProvider is
+	// optional based on whether the server is doing TLS or mTLS.
+	if hi.identityProvider == nil {
+		return nil, errors.New("xds: CertificateProvider to fetch identity certificate is missing, cannot perform TLS handshake. Please check configuration on the management server")
+	}
+	// Since the call to KeyMaterial() can block, we read the providers under
+	// the lock but call the actual function after releasing the lock.
+	rootProv, idProv := hi.rootProvider, hi.identityProvider
+	if hi.requireClientCert {
+		cfg.ClientAuth = tls.RequireAndVerifyClientCert
+	}
+	hi.mu.Unlock()
+
+	// identityProvider is mandatory on the server side.
+	km, err := idProv.KeyMaterial(ctx)
+	if err != nil {
+		return nil, fmt.Errorf("xds: fetching identity certificates from CertificateProvider failed: %v", err)
+	}
+	cfg.Certificates = km.Certs
+
+	if rootProv != nil {
+		km, err := rootProv.KeyMaterial(ctx)
+		if err != nil {
+			return nil, fmt.Errorf("xds: fetching trusted roots from CertificateProvider failed: %v", err)
+		}
+		cfg.ClientCAs = km.Roots
+	}
+	return cfg, nil
+}
+
+// MatchingSANExists returns true if the SANs contained in cert match the
+// criteria enforced by the list of SAN matchers in HandshakeInfo.
+//
+// If the list of SAN matchers in the HandshakeInfo is empty, this function
+// returns true for all input certificates.
+func (hi *HandshakeInfo) MatchingSANExists(cert *x509.Certificate) bool {
+	hi.mu.Lock()
+	defer hi.mu.Unlock()
+	if len(hi.sanMatchers) == 0 {
+		return true
+	}
+
+	// SANs can be specified in any of these four fields on the parsed cert.
+	for _, san := range cert.DNSNames {
+		if hi.matchSAN(san, true) {
+			return true
+		}
+	}
+	for _, san := range cert.EmailAddresses {
+		if hi.matchSAN(san, false) {
+			return true
+		}
+	}
+	for _, san := range cert.IPAddresses {
+		if hi.matchSAN(san.String(), false) {
+			return true
+		}
+	}
+	for _, san := range cert.URIs {
+		if hi.matchSAN(san.String(), false) {
+			return true
+		}
+	}
+	return false
+}
+
+// Caller must hold mu.
+func (hi *HandshakeInfo) matchSAN(san string, isDNS bool) bool {
+	for _, matcher := range hi.sanMatchers {
+		if em := matcher.ExactMatch(); em != "" && isDNS {
+			// This is a special case which is documented in the xDS protos.
+			// If the DNS SAN is a wildcard entry, and the match criteria is
+			// `exact`, then we need to perform DNS wildcard matching
+			// instead of regular string comparison.
+			if dnsMatch(em, san) {
+				return true
+			}
+			continue
+		}
+		if matcher.Match(san) {
+			return true
+		}
+	}
+	return false
+}
+
+// dnsMatch implements a DNS wildcard matching algorithm based on RFC2828 and
+// grpc-java's implementation in `OkHostnameVerifier` class.
+//
+// NOTE: Here the `host` argument is the one from the set of string matchers in
+// the xDS proto and the `san` argument is a DNS SAN from the certificate, and
+// this is the one which can potentially contain a wildcard pattern.
+func dnsMatch(host, san string) bool {
+	// Add trailing "." and turn them into absolute domain names.
+	if !strings.HasSuffix(host, ".") {
+		host += "."
+	}
+	if !strings.HasSuffix(san, ".") {
+		san += "."
+	}
+	// Domain names are case-insensitive.
+	host = strings.ToLower(host)
+	san = strings.ToLower(san)
+
+	// If san does not contain a wildcard, do exact match.
+	if !strings.Contains(san, "*") {
+		return host == san
+	}
+
+	// Wildcard dns matching rules
+	// - '*' is only permitted in the left-most label and must be the only
+	//   character in that label. For example, *.example.com is permitted, while
+	//   *a.example.com, a*.example.com, a*b.example.com, a.*.example.com are
+	//   not permitted.
+	// - '*' matches a single domain name component. For example, *.example.com
+	//   matches test.example.com but does not match sub.test.example.com.
+	// - Wildcard patterns for single-label domain names are not permitted.
+	if san == "*." || !strings.HasPrefix(san, "*.") || strings.Contains(san[1:], "*") {
+		return false
+	}
+	// Optimization: at this point, we know that the san contains a '*' and
+	// is the first domain component of san. So, the host name must be at
+	// least as long as the san to be able to match.
+	if len(host) < len(san) {
+		return false
+	}
+	// Hostname must end with the non-wildcard portion of san.
+	if !strings.HasSuffix(host, san[1:]) {
+		return false
+	}
+	// At this point we know that the hostName and san share the same suffix
+	// (the non-wildcard portion of san). Now, we just need to make sure
+	// that the '*' does not match across domain components.
+	hostPrefix := strings.TrimSuffix(host, san[1:])
+	return !strings.Contains(hostPrefix, ".")
+}
+
+// NewHandshakeInfo returns a new instance of HandshakeInfo with the given root
+// and identity certificate providers.
+func NewHandshakeInfo(root, identity certprovider.Provider) *HandshakeInfo {
+	return &HandshakeInfo{rootProvider: root, identityProvider: identity}
+}
diff --git a/vendor/google.golang.org/grpc/internal/googlecloud/googlecloud.go b/vendor/google.golang.org/grpc/internal/googlecloud/googlecloud.go
new file mode 100644
index 00000000000..d6c9e03fc4c
--- /dev/null
+++ b/vendor/google.golang.org/grpc/internal/googlecloud/googlecloud.go
@@ -0,0 +1,128 @@
+/*
+ *
+ * Copyright 2021 gRPC authors.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ */
+
+// Package googlecloud contains internal helpful functions for google cloud.
+package googlecloud
+
+import (
+	"errors"
+	"fmt"
+	"io"
+	"io/ioutil"
+	"os"
+	"os/exec"
+	"regexp"
+	"runtime"
+	"strings"
+	"sync"
+
+	"google.golang.org/grpc/grpclog"
+	internalgrpclog "google.golang.org/grpc/internal/grpclog"
+)
+
+const (
+	linuxProductNameFile     = "/sys/class/dmi/id/product_name"
+	windowsCheckCommand      = "powershell.exe"
+	windowsCheckCommandArgs  = "Get-WmiObject -Class Win32_BIOS"
+	powershellOutputFilter   = "Manufacturer"
+	windowsManufacturerRegex = ":(.*)"
+
+	logPrefix = "[googlecloud]"
+)
+
+var (
+	// The following two variables will be reassigned in tests.
+	runningOS          = runtime.GOOS
+	manufacturerReader = func() (io.Reader, error) {
+		switch runningOS {
+		case "linux":
+			return os.Open(linuxProductNameFile)
+		case "windows":
+			cmd := exec.Command(windowsCheckCommand, windowsCheckCommandArgs)
+			out, err := cmd.Output()
+			if err != nil {
+				return nil, err
+			}
+			for _, line := range strings.Split(strings.TrimSuffix(string(out), "\n"), "\n") {
+				if strings.HasPrefix(line, powershellOutputFilter) {
+					re := regexp.MustCompile(windowsManufacturerRegex)
+					name := re.FindString(line)
+					name = strings.TrimLeft(name, ":")
+					return strings.NewReader(name), nil
+				}
+			}
+			return nil, errors.New("cannot determine the machine's manufacturer")
+		default:
+			return nil, fmt.Errorf("%s is not supported", runningOS)
+		}
+	}
+
+	vmOnGCEOnce sync.Once
+	vmOnGCE     bool
+
+	logger = internalgrpclog.NewPrefixLogger(grpclog.Component("googlecloud"), logPrefix)
+)
+
+// OnGCE returns whether the client is running on GCE.
+//
+// It provides similar functionality as metadata.OnGCE from the cloud library
+// package. We keep this to avoid depending on the cloud library module.
+func OnGCE() bool {
+	vmOnGCEOnce.Do(func() {
+		vmOnGCE = isRunningOnGCE()
+	})
+	return vmOnGCE
+}
+
+// isRunningOnGCE checks whether the local system, without doing a network request is
+// running on GCP.
+func isRunningOnGCE() bool {
+	manufacturer, err := readManufacturer()
+	if err != nil {
+		logger.Infof("failed to read manufacturer %v, returning OnGCE=false", err)
+		return false
+	}
+	name := string(manufacturer)
+	switch runningOS {
+	case "linux":
+		name = strings.TrimSpace(name)
+		return name == "Google" || name == "Google Compute Engine"
+	case "windows":
+		name = strings.Replace(name, " ", "", -1)
+		name = strings.Replace(name, "\n", "", -1)
+		name = strings.Replace(name, "\r", "", -1)
+		return name == "Google"
+	default:
+		return false
+	}
+}
+
+func readManufacturer() ([]byte, error) {
+	reader, err := manufacturerReader()
+	if err != nil {
+		return nil, err
+	}
+	if reader == nil {
+		return nil, errors.New("got nil reader")
+	}
+	manufacturer, err := ioutil.ReadAll(reader)
+	if err != nil {
+		return nil, fmt.Errorf("failed reading %v: %v", linuxProductNameFile, err)
+	}
+	return manufacturer, nil
+}
diff --git a/vendor/google.golang.org/grpc/internal/grpcutil/target.go b/vendor/google.golang.org/grpc/internal/grpcutil/target.go
index 80b33cdaf90..8833021da02 100644
--- a/vendor/google.golang.org/grpc/internal/grpcutil/target.go
+++ b/vendor/google.golang.org/grpc/internal/grpcutil/target.go
@@ -37,19 +37,53 @@ func split2(s, sep string) (string, string, bool) {
 }
 
 // ParseTarget splits target into a resolver.Target struct containing scheme,
-// authority and endpoint.
+// authority and endpoint. skipUnixColonParsing indicates that the parse should
+// not parse "unix:[path]" cases. This should be true in cases where a custom
+// dialer is present, to prevent a behavior change.
 //
-// If target is not a valid scheme://authority/endpoint, it returns {Endpoint:
-// target}.
-func ParseTarget(target string) (ret resolver.Target) {
+// If target is not a valid scheme://authority/endpoint as specified in
+// https://github.com/grpc/grpc/blob/master/doc/naming.md,
+// it returns {Endpoint: target}.
+func ParseTarget(target string, skipUnixColonParsing bool) (ret resolver.Target) {
 	var ok bool
+	if strings.HasPrefix(target, "unix-abstract:") {
+		if strings.HasPrefix(target, "unix-abstract://") {
+			// Maybe, with Authority specified, try to parse it
+			var remain string
+			ret.Scheme, remain, _ = split2(target, "://")
+			ret.Authority, ret.Endpoint, ok = split2(remain, "/")
+			if !ok {
+				// No Authority, add the "//" back
+				ret.Endpoint = "//" + remain
+			} else {
+				// Found Authority, add the "/" back
+				ret.Endpoint = "/" + ret.Endpoint
+			}
+		} else {
+			// Without Authority specified, split target on ":"
+			ret.Scheme, ret.Endpoint, _ = split2(target, ":")
+		}
+		return ret
+	}
 	ret.Scheme, ret.Endpoint, ok = split2(target, "://")
 	if !ok {
+		if strings.HasPrefix(target, "unix:") && !skipUnixColonParsing {
+			// Handle the "unix:[local/path]" and "unix:[/absolute/path]" cases,
+			// because splitting on :// only handles the
+			// "unix://[/absolute/path]" case. Only handle if the dialer is nil,
+			// to avoid a behavior change with custom dialers.
+			return resolver.Target{Scheme: "unix", Endpoint: target[len("unix:"):]}
+		}
 		return resolver.Target{Endpoint: target}
 	}
 	ret.Authority, ret.Endpoint, ok = split2(ret.Endpoint, "/")
 	if !ok {
 		return resolver.Target{Endpoint: target}
 	}
+	if ret.Scheme == "unix" {
+		// Add the "/" back in the unix case, so the unix resolver receives the
+		// actual endpoint in the "unix://[/absolute/path]" case.
+		ret.Endpoint = "/" + ret.Endpoint
+	}
 	return ret
 }
diff --git a/vendor/google.golang.org/grpc/internal/hierarchy/hierarchy.go b/vendor/google.golang.org/grpc/internal/hierarchy/hierarchy.go
new file mode 100644
index 00000000000..a2f990f552e
--- /dev/null
+++ b/vendor/google.golang.org/grpc/internal/hierarchy/hierarchy.go
@@ -0,0 +1,91 @@
+/*
+ *
+ * Copyright 2020 gRPC authors.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ */
+
+// Package hierarchy contains functions to set and get hierarchy string from
+// addresses.
+//
+// This package is experimental.
+package hierarchy
+
+import (
+	"google.golang.org/grpc/resolver"
+)
+
+type pathKeyType string
+
+const pathKey = pathKeyType("grpc.internal.address.hierarchical_path")
+
+// Get returns the hierarchical path of addr.
+func Get(addr resolver.Address) []string {
+	attrs := addr.Attributes
+	if attrs == nil {
+		return nil
+	}
+	path, _ := attrs.Value(pathKey).([]string)
+	return path
+}
+
+// Set overrides the hierarchical path in addr with path.
+func Set(addr resolver.Address, path []string) resolver.Address {
+	addr.Attributes = addr.Attributes.WithValues(pathKey, path)
+	return addr
+}
+
+// Group splits a slice of addresses into groups based on
+// the first hierarchy path. The first hierarchy path will be removed from the
+// result.
+//
+// Input:
+// [
+//   {addr0, path: [p0, wt0]}
+//   {addr1, path: [p0, wt1]}
+//   {addr2, path: [p1, wt2]}
+//   {addr3, path: [p1, wt3]}
+// ]
+//
+// Addresses will be split into p0/p1, and the p0/p1 will be removed from the
+// path.
+//
+// Output:
+// {
+//   p0: [
+//     {addr0, path: [wt0]},
+//     {addr1, path: [wt1]},
+//   ],
+//   p1: [
+//     {addr2, path: [wt2]},
+//     {addr3, path: [wt3]},
+//   ],
+// }
+//
+// If hierarchical path is not set, or has no path in it, the address is
+// dropped.
+func Group(addrs []resolver.Address) map[string][]resolver.Address {
+	ret := make(map[string][]resolver.Address)
+	for _, addr := range addrs {
+		oldPath := Get(addr)
+		if len(oldPath) == 0 {
+			continue
+		}
+		curPath := oldPath[0]
+		newPath := oldPath[1:]
+		newAddr := Set(addr, newPath)
+		ret[curPath] = append(ret[curPath], newAddr)
+	}
+	return ret
+}
diff --git a/vendor/google.golang.org/grpc/internal/internal.go b/vendor/google.golang.org/grpc/internal/internal.go
index 716d92800b9..1b596bf3579 100644
--- a/vendor/google.golang.org/grpc/internal/internal.go
+++ b/vendor/google.golang.org/grpc/internal/internal.go
@@ -38,12 +38,6 @@ var (
 	// KeepaliveMinPingTime is the minimum ping interval.  This must be 10s by
 	// default, but tests may wish to set it lower for convenience.
 	KeepaliveMinPingTime = 10 * time.Second
-	// NewRequestInfoContext creates a new context based on the argument context attaching
-	// the passed in RequestInfo to the new context.
-	NewRequestInfoContext interface{} // func(context.Context, credentials.RequestInfo) context.Context
-	// NewClientHandshakeInfoContext returns a copy of the input context with
-	// the passed in ClientHandshakeInfo struct added to it.
-	NewClientHandshakeInfoContext interface{} // func(context.Context, credentials.ClientHandshakeInfo) context.Context
 	// ParseServiceConfigForTesting is for creating a fake
 	// ClientConn for resolver testing only
 	ParseServiceConfigForTesting interface{} // func(string) *serviceconfig.ParseResult
@@ -57,6 +51,19 @@ var (
 	// bootstrap code while parsing certificate provider configs in the
 	// bootstrap file.
 	GetCertificateProviderBuilder interface{} // func(string) certprovider.Builder
+	// GetXDSHandshakeInfoForTesting returns a pointer to the xds.HandshakeInfo
+	// stored in the passed in attributes. This is set by
+	// credentials/xds/xds.go.
+	GetXDSHandshakeInfoForTesting interface{} // func (*attributes.Attributes) *xds.HandshakeInfo
+	// GetServerCredentials returns the transport credentials configured on a
+	// gRPC server. An xDS-enabled server needs to know what type of credentials
+	// is configured on the underlying gRPC server. This is set by server.go.
+	GetServerCredentials interface{} // func (*grpc.Server) credentials.TransportCredentials
+	// DrainServerTransports initiates a graceful close of existing connections
+	// on a gRPC server accepted on the provided listener address. An
+	// xDS-enabled server invokes this method on a grpc.Server when a particular
+	// listener moves to "not-serving" mode.
+	DrainServerTransports interface{} // func(*grpc.Server, string)
 )
 
 // HealthChecker defines the signature of the client-side LB channel health checking function.
diff --git a/vendor/google.golang.org/grpc/internal/metadata/metadata.go b/vendor/google.golang.org/grpc/internal/metadata/metadata.go
new file mode 100644
index 00000000000..302262613a0
--- /dev/null
+++ b/vendor/google.golang.org/grpc/internal/metadata/metadata.go
@@ -0,0 +1,50 @@
+/*
+ *
+ * Copyright 2020 gRPC authors.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ */
+
+// Package metadata contains functions to set and get metadata from addresses.
+//
+// This package is experimental.
+package metadata
+
+import (
+	"google.golang.org/grpc/metadata"
+	"google.golang.org/grpc/resolver"
+)
+
+type mdKeyType string
+
+const mdKey = mdKeyType("grpc.internal.address.metadata")
+
+// Get returns the metadata of addr.
+func Get(addr resolver.Address) metadata.MD {
+	attrs := addr.Attributes
+	if attrs == nil {
+		return nil
+	}
+	md, _ := attrs.Value(mdKey).(metadata.MD)
+	return md
+}
+
+// Set sets (overrides) the metadata in addr.
+//
+// When a SubConn is created with this address, the RPCs sent on it will all
+// have this metadata.
+func Set(addr resolver.Address, md metadata.MD) resolver.Address {
+	addr.Attributes = addr.Attributes.WithValues(mdKey, md)
+	return addr
+}
diff --git a/vendor/google.golang.org/grpc/internal/resolver/config_selector.go b/vendor/google.golang.org/grpc/internal/resolver/config_selector.go
new file mode 100644
index 00000000000..5e7f36703d4
--- /dev/null
+++ b/vendor/google.golang.org/grpc/internal/resolver/config_selector.go
@@ -0,0 +1,164 @@
+/*
+ *
+ * Copyright 2020 gRPC authors.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ */
+
+// Package resolver provides internal resolver-related functionality.
+package resolver
+
+import (
+	"context"
+	"sync"
+
+	"google.golang.org/grpc/internal/serviceconfig"
+	"google.golang.org/grpc/metadata"
+	"google.golang.org/grpc/resolver"
+)
+
+// ConfigSelector controls what configuration to use for every RPC.
+type ConfigSelector interface {
+	// Selects the configuration for the RPC, or terminates it using the error.
+	// This error will be converted by the gRPC library to a status error with
+	// code UNKNOWN if it is not returned as a status error.
+	SelectConfig(RPCInfo) (*RPCConfig, error)
+}
+
+// RPCInfo contains RPC information needed by a ConfigSelector.
+type RPCInfo struct {
+	// Context is the user's context for the RPC and contains headers and
+	// application timeout.  It is passed for interception purposes and for
+	// efficiency reasons.  SelectConfig should not be blocking.
+	Context context.Context
+	Method  string // i.e. "/Service/Method"
+}
+
+// RPCConfig describes the configuration to use for each RPC.
+type RPCConfig struct {
+	// The context to use for the remainder of the RPC; can pass info to LB
+	// policy or affect timeout or metadata.
+	Context      context.Context
+	MethodConfig serviceconfig.MethodConfig // configuration to use for this RPC
+	OnCommitted  func()                     // Called when the RPC has been committed (retries no longer possible)
+	Interceptor  ClientInterceptor
+}
+
+// ClientStream is the same as grpc.ClientStream, but defined here for circular
+// dependency reasons.
+type ClientStream interface {
+	// Header returns the header metadata received from the server if there
+	// is any. It blocks if the metadata is not ready to read.
+	Header() (metadata.MD, error)
+	// Trailer returns the trailer metadata from the server, if there is any.
+	// It must only be called after stream.CloseAndRecv has returned, or
+	// stream.Recv has returned a non-nil error (including io.EOF).
+	Trailer() metadata.MD
+	// CloseSend closes the send direction of the stream. It closes the stream
+	// when non-nil error is met. It is also not safe to call CloseSend
+	// concurrently with SendMsg.
+	CloseSend() error
+	// Context returns the context for this stream.
+	//
+	// It should not be called until after Header or RecvMsg has returned. Once
+	// called, subsequent client-side retries are disabled.
+	Context() context.Context
+	// SendMsg is generally called by generated code. On error, SendMsg aborts
+	// the stream. If the error was generated by the client, the status is
+	// returned directly; otherwise, io.EOF is returned and the status of
+	// the stream may be discovered using RecvMsg.
+	//
+	// SendMsg blocks until:
+	//   - There is sufficient flow control to schedule m with the transport, or
+	//   - The stream is done, or
+	//   - The stream breaks.
+	//
+	// SendMsg does not wait until the message is received by the server. An
+	// untimely stream closure may result in lost messages. To ensure delivery,
+	// users should ensure the RPC completed successfully using RecvMsg.
+	//
+	// It is safe to have a goroutine calling SendMsg and another goroutine
+	// calling RecvMsg on the same stream at the same time, but it is not safe
+	// to call SendMsg on the same stream in different goroutines. It is also
+	// not safe to call CloseSend concurrently with SendMsg.
+	SendMsg(m interface{}) error
+	// RecvMsg blocks until it receives a message into m or the stream is
+	// done. It returns io.EOF when the stream completes successfully. On
+	// any other error, the stream is aborted and the error contains the RPC
+	// status.
+	//
+	// It is safe to have a goroutine calling SendMsg and another goroutine
+	// calling RecvMsg on the same stream at the same time, but it is not
+	// safe to call RecvMsg on the same stream in different goroutines.
+	RecvMsg(m interface{}) error
+}
+
+// ClientInterceptor is an interceptor for gRPC client streams.
+type ClientInterceptor interface {
+	// NewStream produces a ClientStream for an RPC which may optionally use
+	// the provided function to produce a stream for delegation.  Note:
+	// RPCInfo.Context should not be used (will be nil).
+	//
+	// done is invoked when the RPC is finished using its connection, or could
+	// not be assigned a connection.  RPC operations may still occur on
+	// ClientStream after done is called, since the interceptor is invoked by
+	// application-layer operations.  done must never be nil when called.
+	NewStream(ctx context.Context, ri RPCInfo, done func(), newStream func(ctx context.Context, done func()) (ClientStream, error)) (ClientStream, error)
+}
+
+// ServerInterceptor is unimplementable; do not use.
+type ServerInterceptor interface {
+	notDefined()
+}
+
+type csKeyType string
+
+const csKey = csKeyType("grpc.internal.resolver.configSelector")
+
+// SetConfigSelector sets the config selector in state and returns the new
+// state.
+func SetConfigSelector(state resolver.State, cs ConfigSelector) resolver.State {
+	state.Attributes = state.Attributes.WithValues(csKey, cs)
+	return state
+}
+
+// GetConfigSelector retrieves the config selector from state, if present, and
+// returns it or nil if absent.
+func GetConfigSelector(state resolver.State) ConfigSelector {
+	cs, _ := state.Attributes.Value(csKey).(ConfigSelector)
+	return cs
+}
+
+// SafeConfigSelector allows for safe switching of ConfigSelector
+// implementations such that previous values are guaranteed to not be in use
+// when UpdateConfigSelector returns.
+type SafeConfigSelector struct {
+	mu sync.RWMutex
+	cs ConfigSelector
+}
+
+// UpdateConfigSelector swaps to the provided ConfigSelector and blocks until
+// all uses of the previous ConfigSelector have completed.
+func (scs *SafeConfigSelector) UpdateConfigSelector(cs ConfigSelector) {
+	scs.mu.Lock()
+	defer scs.mu.Unlock()
+	scs.cs = cs
+}
+
+// SelectConfig defers to the current ConfigSelector in scs.
+func (scs *SafeConfigSelector) SelectConfig(r RPCInfo) (*RPCConfig, error) {
+	scs.mu.RLock()
+	defer scs.mu.RUnlock()
+	return scs.cs.SelectConfig(r)
+}
diff --git a/vendor/google.golang.org/grpc/internal/resolver/dns/dns_resolver.go b/vendor/google.golang.org/grpc/internal/resolver/dns/dns_resolver.go
index 30423556658..03825bbe7b5 100644
--- a/vendor/google.golang.org/grpc/internal/resolver/dns/dns_resolver.go
+++ b/vendor/google.golang.org/grpc/internal/resolver/dns/dns_resolver.go
@@ -34,6 +34,7 @@ import (
 
 	grpclbstate "google.golang.org/grpc/balancer/grpclb/state"
 	"google.golang.org/grpc/grpclog"
+	"google.golang.org/grpc/internal/backoff"
 	"google.golang.org/grpc/internal/envconfig"
 	"google.golang.org/grpc/internal/grpcrand"
 	"google.golang.org/grpc/resolver"
@@ -46,6 +47,13 @@ var EnableSRVLookups = false
 
 var logger = grpclog.Component("dns")
 
+// Globals to stub out in tests. TODO: Perhaps these two can be combined into a
+// single variable for testing the resolver?
+var (
+	newTimer           = time.NewTimer
+	newTimerDNSResRate = time.NewTimer
+)
+
 func init() {
 	resolver.Register(NewBuilder())
 }
@@ -143,7 +151,6 @@ func (b *dnsBuilder) Build(target resolver.Target, cc resolver.ClientConn, opts
 
 	d.wg.Add(1)
 	go d.watcher()
-	d.ResolveNow(resolver.ResolveNowOptions{})
 	return d, nil
 }
 
@@ -201,28 +208,38 @@ func (d *dnsResolver) Close() {
 
 func (d *dnsResolver) watcher() {
 	defer d.wg.Done()
+	backoffIndex := 1
 	for {
-		select {
-		case <-d.ctx.Done():
-			return
-		case <-d.rn:
-		}
-
 		state, err := d.lookup()
 		if err != nil {
+			// Report error to the underlying grpc.ClientConn.
 			d.cc.ReportError(err)
 		} else {
-			d.cc.UpdateState(*state)
+			err = d.cc.UpdateState(*state)
 		}
 
-		// Sleep to prevent excessive re-resolutions. Incoming resolution requests
-		// will be queued in d.rn.
-		t := time.NewTimer(minDNSResRate)
+		var timer *time.Timer
+		if err == nil {
+			// Success resolving, wait for the next ResolveNow. However, also wait 30 seconds at the very least
+			// to prevent constantly re-resolving.
+			backoffIndex = 1
+			timer = newTimerDNSResRate(minDNSResRate)
+			select {
+			case <-d.ctx.Done():
+				timer.Stop()
+				return
+			case <-d.rn:
+			}
+		} else {
+			// Poll on an error found in DNS Resolver or an error received from ClientConn.
+			timer = newTimer(backoff.DefaultExponential.Backoff(backoffIndex))
+			backoffIndex++
+		}
 		select {
-		case <-t.C:
 		case <-d.ctx.Done():
-			t.Stop()
+			timer.Stop()
 			return
+		case <-timer.C:
 		}
 	}
 }
diff --git a/vendor/google.golang.org/grpc/internal/resolver/unix/unix.go b/vendor/google.golang.org/grpc/internal/resolver/unix/unix.go
new file mode 100644
index 00000000000..0d5a811ddfa
--- /dev/null
+++ b/vendor/google.golang.org/grpc/internal/resolver/unix/unix.go
@@ -0,0 +1,63 @@
+/*
+ *
+ * Copyright 2020 gRPC authors.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ */
+
+// Package unix implements a resolver for unix targets.
+package unix
+
+import (
+	"fmt"
+
+	"google.golang.org/grpc/internal/transport/networktype"
+	"google.golang.org/grpc/resolver"
+)
+
+const unixScheme = "unix"
+const unixAbstractScheme = "unix-abstract"
+
+type builder struct {
+	scheme string
+}
+
+func (b *builder) Build(target resolver.Target, cc resolver.ClientConn, _ resolver.BuildOptions) (resolver.Resolver, error) {
+	if target.Authority != "" {
+		return nil, fmt.Errorf("invalid (non-empty) authority: %v", target.Authority)
+	}
+	addr := resolver.Address{Addr: target.Endpoint}
+	if b.scheme == unixAbstractScheme {
+		// prepend "\x00" to address for unix-abstract
+		addr.Addr = "\x00" + addr.Addr
+	}
+	cc.UpdateState(resolver.State{Addresses: []resolver.Address{networktype.Set(addr, "unix")}})
+	return &nopResolver{}, nil
+}
+
+func (b *builder) Scheme() string {
+	return b.scheme
+}
+
+type nopResolver struct {
+}
+
+func (*nopResolver) ResolveNow(resolver.ResolveNowOptions) {}
+
+func (*nopResolver) Close() {}
+
+func init() {
+	resolver.Register(&builder{scheme: unixScheme})
+	resolver.Register(&builder{scheme: unixAbstractScheme})
+}
diff --git a/vendor/google.golang.org/grpc/internal/serviceconfig/serviceconfig.go b/vendor/google.golang.org/grpc/internal/serviceconfig/serviceconfig.go
index af3e2b5f7e8..c0634d152c2 100644
--- a/vendor/google.golang.org/grpc/internal/serviceconfig/serviceconfig.go
+++ b/vendor/google.golang.org/grpc/internal/serviceconfig/serviceconfig.go
@@ -22,8 +22,10 @@ package serviceconfig
 import (
 	"encoding/json"
 	"fmt"
+	"time"
 
 	"google.golang.org/grpc/balancer"
+	"google.golang.org/grpc/codes"
 	"google.golang.org/grpc/grpclog"
 	externalserviceconfig "google.golang.org/grpc/serviceconfig"
 )
@@ -44,6 +46,22 @@ type BalancerConfig struct {
 
 type intermediateBalancerConfig []map[string]json.RawMessage
 
+// MarshalJSON implements the json.Marshaler interface.
+//
+// It marshals the balancer and config into a length-1 slice
+// ([]map[string]config).
+func (bc *BalancerConfig) MarshalJSON() ([]byte, error) {
+	if bc.Config == nil {
+		// If config is nil, return empty config `{}`.
+		return []byte(fmt.Sprintf(`[{%q: %v}]`, bc.Name, "{}")), nil
+	}
+	c, err := json.Marshal(bc.Config)
+	if err != nil {
+		return nil, err
+	}
+	return []byte(fmt.Sprintf(`[{%q: %s}]`, bc.Name, c)), nil
+}
+
 // UnmarshalJSON implements the json.Unmarshaler interface.
 //
 // ServiceConfig contains a list of loadBalancingConfigs, each with a name and
@@ -104,3 +122,57 @@ func (bc *BalancerConfig) UnmarshalJSON(b []byte) error {
 	// case.
 	return fmt.Errorf("invalid loadBalancingConfig: no supported policies found")
 }
+
+// MethodConfig defines the configuration recommended by the service providers for a
+// particular method.
+type MethodConfig struct {
+	// WaitForReady indicates whether RPCs sent to this method should wait until
+	// the connection is ready by default (!failfast). The value specified via the
+	// gRPC client API will override the value set here.
+	WaitForReady *bool
+	// Timeout is the default timeout for RPCs sent to this method. The actual
+	// deadline used will be the minimum of the value specified here and the value
+	// set by the application via the gRPC client API.  If either one is not set,
+	// then the other will be used.  If neither is set, then the RPC has no deadline.
+	Timeout *time.Duration
+	// MaxReqSize is the maximum allowed payload size for an individual request in a
+	// stream (client->server) in bytes. The size which is measured is the serialized
+	// payload after per-message compression (but before stream compression) in bytes.
+	// The actual value used is the minimum of the value specified here and the value set
+	// by the application via the gRPC client API. If either one is not set, then the other
+	// will be used.  If neither is set, then the built-in default is used.
+	MaxReqSize *int
+	// MaxRespSize is the maximum allowed payload size for an individual response in a
+	// stream (server->client) in bytes.
+	MaxRespSize *int
+	// RetryPolicy configures retry options for the method.
+	RetryPolicy *RetryPolicy
+}
+
+// RetryPolicy defines the go-native version of the retry policy defined by the
+// service config here:
+// https://github.com/grpc/proposal/blob/master/A6-client-retries.md#integration-with-service-config
+type RetryPolicy struct {
+	// MaxAttempts is the maximum number of attempts, including the original RPC.
+	//
+	// This field is required and must be two or greater.
+	MaxAttempts int
+
+	// Exponential backoff parameters. The initial retry attempt will occur at
+	// random(0, initialBackoff). In general, the nth attempt will occur at
+	// random(0,
+	//   min(initialBackoff*backoffMultiplier**(n-1), maxBackoff)).
+	//
+	// These fields are required and must be greater than zero.
+	InitialBackoff    time.Duration
+	MaxBackoff        time.Duration
+	BackoffMultiplier float64
+
+	// The set of status codes which may be retried.
+	//
+	// Status codes are specified as strings, e.g., "UNAVAILABLE".
+	//
+	// This field is required and must be non-empty.
+	// Note: a set is used to store this for easy lookup.
+	RetryableStatusCodes map[codes.Code]bool
+}
diff --git a/vendor/google.golang.org/grpc/internal/syscall/syscall_linux.go b/vendor/google.golang.org/grpc/internal/syscall/syscall_linux.go
index 2fdcb76e6c7..4b2964f2a1e 100644
--- a/vendor/google.golang.org/grpc/internal/syscall/syscall_linux.go
+++ b/vendor/google.golang.org/grpc/internal/syscall/syscall_linux.go
@@ -44,25 +44,23 @@ func GetCPUTime() int64 {
 }
 
 // Rusage is an alias for syscall.Rusage under linux environment.
-type Rusage syscall.Rusage
+type Rusage = syscall.Rusage
 
 // GetRusage returns the resource usage of current process.
-func GetRusage() (rusage *Rusage) {
-	rusage = new(Rusage)
-	syscall.Getrusage(syscall.RUSAGE_SELF, (*syscall.Rusage)(rusage))
-	return
+func GetRusage() *Rusage {
+	rusage := new(Rusage)
+	syscall.Getrusage(syscall.RUSAGE_SELF, rusage)
+	return rusage
 }
 
 // CPUTimeDiff returns the differences of user CPU time and system CPU time used
 // between two Rusage structs.
 func CPUTimeDiff(first *Rusage, latest *Rusage) (float64, float64) {
-	f := (*syscall.Rusage)(first)
-	l := (*syscall.Rusage)(latest)
 	var (
-		utimeDiffs  = l.Utime.Sec - f.Utime.Sec
-		utimeDiffus = l.Utime.Usec - f.Utime.Usec
-		stimeDiffs  = l.Stime.Sec - f.Stime.Sec
-		stimeDiffus = l.Stime.Usec - f.Stime.Usec
+		utimeDiffs  = latest.Utime.Sec - first.Utime.Sec
+		utimeDiffus = latest.Utime.Usec - first.Utime.Usec
+		stimeDiffs  = latest.Stime.Sec - first.Stime.Sec
+		stimeDiffus = latest.Stime.Usec - first.Stime.Usec
 	)
 
 	uTimeElapsed := float64(utimeDiffs) + float64(utimeDiffus)*1.0e-6
diff --git a/vendor/google.golang.org/grpc/internal/syscall/syscall_nonlinux.go b/vendor/google.golang.org/grpc/internal/syscall/syscall_nonlinux.go
index adae60d6518..7913ef1dbfb 100644
--- a/vendor/google.golang.org/grpc/internal/syscall/syscall_nonlinux.go
+++ b/vendor/google.golang.org/grpc/internal/syscall/syscall_nonlinux.go
@@ -50,7 +50,7 @@ func GetCPUTime() int64 {
 type Rusage struct{}
 
 // GetRusage is a no-op function under non-linux or appengine environment.
-func GetRusage() (rusage *Rusage) {
+func GetRusage() *Rusage {
 	log()
 	return nil
 }
diff --git a/vendor/google.golang.org/grpc/internal/transport/controlbuf.go b/vendor/google.golang.org/grpc/internal/transport/controlbuf.go
index 40ef23923fd..f63a0137622 100644
--- a/vendor/google.golang.org/grpc/internal/transport/controlbuf.go
+++ b/vendor/google.golang.org/grpc/internal/transport/controlbuf.go
@@ -20,13 +20,17 @@ package transport
 
 import (
 	"bytes"
+	"errors"
 	"fmt"
 	"runtime"
+	"strconv"
 	"sync"
 	"sync/atomic"
 
 	"golang.org/x/net/http2"
 	"golang.org/x/net/http2/hpack"
+	"google.golang.org/grpc/internal/grpcutil"
+	"google.golang.org/grpc/status"
 )
 
 var updateHeaderTblSize = func(e *hpack.Encoder, v uint32) {
@@ -128,6 +132,14 @@ type cleanupStream struct {
 
 func (c *cleanupStream) isTransportResponseFrame() bool { return c.rst } // Results in a RST_STREAM
 
+type earlyAbortStream struct {
+	streamID       uint32
+	contentSubtype string
+	status         *status.Status
+}
+
+func (*earlyAbortStream) isTransportResponseFrame() bool { return false }
+
 type dataFrame struct {
 	streamID  uint32
 	endStream bool
@@ -749,6 +761,24 @@ func (l *loopyWriter) cleanupStreamHandler(c *cleanupStream) error {
 	return nil
 }
 
+func (l *loopyWriter) earlyAbortStreamHandler(eas *earlyAbortStream) error {
+	if l.side == clientSide {
+		return errors.New("earlyAbortStream not handled on client")
+	}
+
+	headerFields := []hpack.HeaderField{
+		{Name: ":status", Value: "200"},
+		{Name: "content-type", Value: grpcutil.ContentType(eas.contentSubtype)},
+		{Name: "grpc-status", Value: strconv.Itoa(int(eas.status.Code()))},
+		{Name: "grpc-message", Value: encodeGrpcMessage(eas.status.Message())},
+	}
+
+	if err := l.writeHeader(eas.streamID, true, headerFields, nil); err != nil {
+		return err
+	}
+	return nil
+}
+
 func (l *loopyWriter) incomingGoAwayHandler(*incomingGoAway) error {
 	if l.side == clientSide {
 		l.draining = true
@@ -787,6 +817,8 @@ func (l *loopyWriter) handle(i interface{}) error {
 		return l.registerStreamHandler(i)
 	case *cleanupStream:
 		return l.cleanupStreamHandler(i)
+	case *earlyAbortStream:
+		return l.earlyAbortStreamHandler(i)
 	case *incomingGoAway:
 		return l.incomingGoAwayHandler(i)
 	case *dataFrame:
diff --git a/vendor/google.golang.org/grpc/internal/transport/http2_client.go b/vendor/google.golang.org/grpc/internal/transport/http2_client.go
index e73b77a15a8..48c5e52edae 100644
--- a/vendor/google.golang.org/grpc/internal/transport/http2_client.go
+++ b/vendor/google.golang.org/grpc/internal/transport/http2_client.go
@@ -32,13 +32,14 @@ import (
 
 	"golang.org/x/net/http2"
 	"golang.org/x/net/http2/hpack"
-	"google.golang.org/grpc/internal/grpcutil"
-
 	"google.golang.org/grpc/codes"
 	"google.golang.org/grpc/credentials"
-	"google.golang.org/grpc/internal"
 	"google.golang.org/grpc/internal/channelz"
+	icredentials "google.golang.org/grpc/internal/credentials"
+	"google.golang.org/grpc/internal/grpcutil"
+	imetadata "google.golang.org/grpc/internal/metadata"
 	"google.golang.org/grpc/internal/syscall"
+	"google.golang.org/grpc/internal/transport/networktype"
 	"google.golang.org/grpc/keepalive"
 	"google.golang.org/grpc/metadata"
 	"google.golang.org/grpc/peer"
@@ -59,7 +60,7 @@ type http2Client struct {
 	cancel     context.CancelFunc
 	ctxDone    <-chan struct{} // Cache the ctx.Done() chan.
 	userAgent  string
-	md         interface{}
+	md         metadata.MD
 	conn       net.Conn // underlying communication channel
 	loopy      *loopyWriter
 	remoteAddr net.Addr
@@ -114,6 +115,9 @@ type http2Client struct {
 	// goAwayReason records the http2.ErrCode and debug data received with the
 	// GoAway frame.
 	goAwayReason GoAwayReason
+	// goAwayDebugMessage contains a detailed human readable string about a
+	// GoAway frame, useful for error messages.
+	goAwayDebugMessage string
 	// A condition variable used to signal when the keepalive goroutine should
 	// go dormant. The condition for dormancy is based on the number of active
 	// streams and the `PermitWithoutStream` keepalive client parameter. And
@@ -137,11 +141,27 @@ type http2Client struct {
 	connectionID uint64
 }
 
-func dial(ctx context.Context, fn func(context.Context, string) (net.Conn, error), addr string) (net.Conn, error) {
+func dial(ctx context.Context, fn func(context.Context, string) (net.Conn, error), addr resolver.Address, useProxy bool, grpcUA string) (net.Conn, error) {
+	address := addr.Addr
+	networkType, ok := networktype.Get(addr)
 	if fn != nil {
-		return fn(ctx, addr)
+		if networkType == "unix" && !strings.HasPrefix(address, "\x00") {
+			// For backward compatibility, if the user dialed "unix:///path",
+			// the passthrough resolver would be used and the user's custom
+			// dialer would see "unix:///path". Since the unix resolver is used
+			// and the address is now "/path", prepend "unix://" so the user's
+			// custom dialer sees the same address.
+			return fn(ctx, "unix://"+address)
+		}
+		return fn(ctx, address)
 	}
-	return (&net.Dialer{}).DialContext(ctx, "tcp", addr)
+	if !ok {
+		networkType, address = parseDialTarget(address)
+	}
+	if networkType == "tcp" && useProxy {
+		return proxyDial(ctx, address, grpcUA)
+	}
+	return (&net.Dialer{}).DialContext(ctx, networkType, address)
 }
 
 func isTemporary(err error) bool {
@@ -172,7 +192,7 @@ func newHTTP2Client(connectCtx, ctx context.Context, addr resolver.Address, opts
 		}
 	}()
 
-	conn, err := dial(connectCtx, opts.Dialer, addr.Addr)
+	conn, err := dial(connectCtx, opts.Dialer, addr, opts.UseProxy, opts.UserAgent)
 	if err != nil {
 		if opts.FailOnNonTempDialError {
 			return nil, connectionErrorf(isTemporary(err), err, "transport: error while dialing: %v", err)
@@ -220,12 +240,23 @@ func newHTTP2Client(connectCtx, ctx context.Context, addr resolver.Address, opts
 		// Attributes field of resolver.Address, which is shoved into connectCtx
 		// and passed to the credential handshaker. This makes it possible for
 		// address specific arbitrary data to reach the credential handshaker.
-		contextWithHandshakeInfo := internal.NewClientHandshakeInfoContext.(func(context.Context, credentials.ClientHandshakeInfo) context.Context)
-		connectCtx = contextWithHandshakeInfo(connectCtx, credentials.ClientHandshakeInfo{Attributes: addr.Attributes})
+		connectCtx = icredentials.NewClientHandshakeInfoContext(connectCtx, credentials.ClientHandshakeInfo{Attributes: addr.Attributes})
 		conn, authInfo, err = transportCreds.ClientHandshake(connectCtx, addr.ServerName, conn)
 		if err != nil {
 			return nil, connectionErrorf(isTemporary(err), err, "transport: authentication handshake failed: %v", err)
 		}
+		for _, cd := range perRPCCreds {
+			if cd.RequireTransportSecurity() {
+				if ci, ok := authInfo.(interface {
+					GetCommonAuthInfo() credentials.CommonAuthInfo
+				}); ok {
+					secLevel := ci.GetCommonAuthInfo().SecurityLevel
+					if secLevel != credentials.InvalidSecurityLevel && secLevel < credentials.PrivacyAndIntegrity {
+						return nil, connectionErrorf(true, nil, "transport: cannot send secure credentials on an insecure connection")
+					}
+				}
+			}
+		}
 		isSecure = true
 		if transportCreds.Info().SecurityProtocol == "tls" {
 			scheme = "https"
@@ -248,7 +279,6 @@ func newHTTP2Client(connectCtx, ctx context.Context, addr resolver.Address, opts
 		ctxDone:               ctx.Done(), // Cache Done chan.
 		cancel:                cancel,
 		userAgent:             opts.UserAgent,
-		md:                    addr.Metadata,
 		conn:                  conn,
 		remoteAddr:            conn.RemoteAddr(),
 		localAddr:             conn.LocalAddr(),
@@ -276,6 +306,12 @@ func newHTTP2Client(connectCtx, ctx context.Context, addr resolver.Address, opts
 		keepaliveEnabled:      keepaliveEnabled,
 		bufferPool:            newBufferPool(),
 	}
+
+	if md, ok := addr.Metadata.(*metadata.MD); ok {
+		t.md = *md
+	} else if md := imetadata.Get(addr); md != nil {
+		t.md = md
+	}
 	t.controlBuf = newControlBuffer(t.ctxDone)
 	if opts.InitialWindowSize >= defaultWindowSize {
 		t.initialWindowSize = opts.InitialWindowSize
@@ -312,12 +348,14 @@ func newHTTP2Client(connectCtx, ctx context.Context, addr resolver.Address, opts
 	// Send connection preface to server.
 	n, err := t.conn.Write(clientPreface)
 	if err != nil {
-		t.Close()
-		return nil, connectionErrorf(true, err, "transport: failed to write client preface: %v", err)
+		err = connectionErrorf(true, err, "transport: failed to write client preface: %v", err)
+		t.Close(err)
+		return nil, err
 	}
 	if n != len(clientPreface) {
-		t.Close()
-		return nil, connectionErrorf(true, err, "transport: preface mismatch, wrote %d bytes; want %d", n, len(clientPreface))
+		err = connectionErrorf(true, nil, "transport: preface mismatch, wrote %d bytes; want %d", n, len(clientPreface))
+		t.Close(err)
+		return nil, err
 	}
 	var ss []http2.Setting
 
@@ -335,14 +373,16 @@ func newHTTP2Client(connectCtx, ctx context.Context, addr resolver.Address, opts
 	}
 	err = t.framer.fr.WriteSettings(ss...)
 	if err != nil {
-		t.Close()
-		return nil, connectionErrorf(true, err, "transport: failed to write initial settings frame: %v", err)
+		err = connectionErrorf(true, err, "transport: failed to write initial settings frame: %v", err)
+		t.Close(err)
+		return nil, err
 	}
 	// Adjust the connection flow control window if needed.
 	if delta := uint32(icwz - defaultWindowSize); delta > 0 {
 		if err := t.framer.fr.WriteWindowUpdate(0, delta); err != nil {
-			t.Close()
-			return nil, connectionErrorf(true, err, "transport: failed to write window update: %v", err)
+			err = connectionErrorf(true, err, "transport: failed to write window update: %v", err)
+			t.Close(err)
+			return nil, err
 		}
 	}
 
@@ -379,6 +419,7 @@ func (t *http2Client) newStream(ctx context.Context, callHdr *CallHdr) *Stream {
 		buf:            newRecvBuffer(),
 		headerChan:     make(chan struct{}),
 		contentSubtype: callHdr.ContentSubtype,
+		doneFunc:       callHdr.DoneFunc,
 	}
 	s.wq = newWriteQuota(defaultWriteQuota, s.done)
 	s.requestRead = func(n int) {
@@ -418,7 +459,7 @@ func (t *http2Client) createHeaderFields(ctx context.Context, callHdr *CallHdr)
 		Method:   callHdr.Method,
 		AuthInfo: t.authInfo,
 	}
-	ctxWithRequestInfo := internal.NewRequestInfoContext.(func(context.Context, credentials.RequestInfo) context.Context)(ctx, ri)
+	ctxWithRequestInfo := icredentials.NewRequestInfoContext(ctx, ri)
 	authData, err := t.getTrAuthData(ctxWithRequestInfo, aud)
 	if err != nil {
 		return nil, err
@@ -481,25 +522,23 @@ func (t *http2Client) createHeaderFields(ctx context.Context, callHdr *CallHdr)
 		for _, vv := range added {
 			for i, v := range vv {
 				if i%2 == 0 {
-					k = v
+					k = strings.ToLower(v)
 					continue
 				}
 				// HTTP doesn't allow you to set pseudoheaders after non pseudoheaders were set.
 				if isReservedHeader(k) {
 					continue
 				}
-				headerFields = append(headerFields, hpack.HeaderField{Name: strings.ToLower(k), Value: encodeMetadataHeader(k, v)})
+				headerFields = append(headerFields, hpack.HeaderField{Name: k, Value: encodeMetadataHeader(k, v)})
 			}
 		}
 	}
-	if md, ok := t.md.(*metadata.MD); ok {
-		for k, vv := range *md {
-			if isReservedHeader(k) {
-				continue
-			}
-			for _, v := range vv {
-				headerFields = append(headerFields, hpack.HeaderField{Name: k, Value: encodeMetadataHeader(k, v)})
-			}
+	for k, vv := range t.md {
+		if isReservedHeader(k) {
+			continue
+		}
+		for _, v := range vv {
+			headerFields = append(headerFields, hpack.HeaderField{Name: k, Value: encodeMetadataHeader(k, v)})
 		}
 	}
 	return headerFields, nil
@@ -549,8 +588,11 @@ func (t *http2Client) getCallAuthData(ctx context.Context, audience string, call
 	// Note: if these credentials are provided both via dial options and call
 	// options, then both sets of credentials will be applied.
 	if callCreds := callHdr.Creds; callCreds != nil {
-		if !t.isSecure && callCreds.RequireTransportSecurity() {
-			return nil, status.Error(codes.Unauthenticated, "transport: cannot send secure credentials on an insecure connection")
+		if callCreds.RequireTransportSecurity() {
+			ri, _ := credentials.RequestInfoFromContext(ctx)
+			if !t.isSecure || credentials.CheckSecurityLevel(ri.AuthInfo, credentials.PrivacyAndIntegrity) != nil {
+				return nil, status.Error(codes.Unauthenticated, "transport: cannot send secure credentials on an insecure connection")
+			}
 		}
 		data, err := callCreds.GetRequestMetadata(ctx, audience)
 		if err != nil {
@@ -796,6 +838,9 @@ func (t *http2Client) closeStream(s *Stream, err error, rst bool, rstCode http2.
 	t.controlBuf.executeAndPut(addBackStreamQuota, cleanup)
 	// This will unblock write.
 	close(s.done)
+	if s.doneFunc != nil {
+		s.doneFunc()
+	}
 }
 
 // Close kicks off the shutdown process of the transport. This should be called
@@ -805,12 +850,12 @@ func (t *http2Client) closeStream(s *Stream, err error, rst bool, rstCode http2.
 // This method blocks until the addrConn that initiated this transport is
 // re-connected. This happens because t.onClose() begins reconnect logic at the
 // addrConn level and blocks until the addrConn is successfully connected.
-func (t *http2Client) Close() error {
+func (t *http2Client) Close(err error) {
 	t.mu.Lock()
 	// Make sure we only Close once.
 	if t.state == closing {
 		t.mu.Unlock()
-		return nil
+		return
 	}
 	// Call t.onClose before setting the state to closing to prevent the client
 	// from attempting to create new streams ASAP.
@@ -826,13 +871,19 @@ func (t *http2Client) Close() error {
 	t.mu.Unlock()
 	t.controlBuf.finish()
 	t.cancel()
-	err := t.conn.Close()
+	t.conn.Close()
 	if channelz.IsOn() {
 		channelz.RemoveEntry(t.channelzID)
 	}
+	// Append info about previous goaways if there were any, since this may be important
+	// for understanding the root cause for this connection to be closed.
+	_, goAwayDebugMessage := t.GetGoAwayReason()
+	if len(goAwayDebugMessage) > 0 {
+		err = fmt.Errorf("closing transport due to: %v, received prior goaway: %v", err, goAwayDebugMessage)
+	}
 	// Notify all active streams.
 	for _, s := range streams {
-		t.closeStream(s, ErrConnClosing, false, http2.ErrCodeNo, status.New(codes.Unavailable, ErrConnClosing.Desc), nil, false)
+		t.closeStream(s, err, false, http2.ErrCodeNo, status.New(codes.Unavailable, err.Error()), nil, false)
 	}
 	if t.statsHandler != nil {
 		connEnd := &stats.ConnEnd{
@@ -840,7 +891,6 @@ func (t *http2Client) Close() error {
 		}
 		t.statsHandler.HandleConn(t.ctx, connEnd)
 	}
-	return err
 }
 
 // GracefulClose sets the state to draining, which prevents new streams from
@@ -859,7 +909,7 @@ func (t *http2Client) GracefulClose() {
 	active := len(t.activeStreams)
 	t.mu.Unlock()
 	if active == 0 {
-		t.Close()
+		t.Close(ErrConnClosing)
 		return
 	}
 	t.controlBuf.put(&incomingGoAway{})
@@ -1105,9 +1155,9 @@ func (t *http2Client) handleGoAway(f *http2.GoAwayFrame) {
 		}
 	}
 	id := f.LastStreamID
-	if id > 0 && id%2 != 1 {
+	if id > 0 && id%2 == 0 {
 		t.mu.Unlock()
-		t.Close()
+		t.Close(connectionErrorf(true, nil, "received goaway with non-zero even-numbered numbered stream id: %v", id))
 		return
 	}
 	// A client can receive multiple GoAways from the server (see
@@ -1125,7 +1175,7 @@ func (t *http2Client) handleGoAway(f *http2.GoAwayFrame) {
 		// If there are multiple GoAways the first one should always have an ID greater than the following ones.
 		if id > t.prevGoAwayID {
 			t.mu.Unlock()
-			t.Close()
+			t.Close(connectionErrorf(true, nil, "received goaway with stream id: %v, which exceeds stream id of previous goaway: %v", id, t.prevGoAwayID))
 			return
 		}
 	default:
@@ -1155,7 +1205,7 @@ func (t *http2Client) handleGoAway(f *http2.GoAwayFrame) {
 	active := len(t.activeStreams)
 	t.mu.Unlock()
 	if active == 0 {
-		t.Close()
+		t.Close(connectionErrorf(true, nil, "received goaway and there are no active streams"))
 	}
 }
 
@@ -1171,12 +1221,13 @@ func (t *http2Client) setGoAwayReason(f *http2.GoAwayFrame) {
 			t.goAwayReason = GoAwayTooManyPings
 		}
 	}
+	t.goAwayDebugMessage = fmt.Sprintf("code: %s, debug data: %v", f.ErrCode, string(f.DebugData()))
 }
 
-func (t *http2Client) GetGoAwayReason() GoAwayReason {
+func (t *http2Client) GetGoAwayReason() (GoAwayReason, string) {
 	t.mu.Lock()
 	defer t.mu.Unlock()
-	return t.goAwayReason
+	return t.goAwayReason, t.goAwayDebugMessage
 }
 
 func (t *http2Client) handleWindowUpdate(f *http2.WindowUpdateFrame) {
@@ -1273,7 +1324,8 @@ func (t *http2Client) reader() {
 	// Check the validity of server preface.
 	frame, err := t.framer.fr.ReadFrame()
 	if err != nil {
-		t.Close() // this kicks off resetTransport, so must be last before return
+		err = connectionErrorf(true, err, "error reading server preface: %v", err)
+		t.Close(err) // this kicks off resetTransport, so must be last before return
 		return
 	}
 	t.conn.SetReadDeadline(time.Time{}) // reset deadline once we get the settings frame (we didn't time out, yay!)
@@ -1282,7 +1334,8 @@ func (t *http2Client) reader() {
 	}
 	sf, ok := frame.(*http2.SettingsFrame)
 	if !ok {
-		t.Close() // this kicks off resetTransport, so must be last before return
+		// this kicks off resetTransport, so must be last before return
+		t.Close(connectionErrorf(true, nil, "initial http2 frame from server is not a settings frame: %T", frame))
 		return
 	}
 	t.onPrefaceReceipt()
@@ -1318,7 +1371,7 @@ func (t *http2Client) reader() {
 				continue
 			} else {
 				// Transport error.
-				t.Close()
+				t.Close(connectionErrorf(true, err, "error reading from server: %v", err))
 				return
 			}
 		}
@@ -1377,7 +1430,7 @@ func (t *http2Client) keepalive() {
 				continue
 			}
 			if outstandingPing && timeoutLeft <= 0 {
-				t.Close()
+				t.Close(connectionErrorf(true, nil, "keepalive ping failed to receive ACK within timeout"))
 				return
 			}
 			t.mu.Lock()
diff --git a/vendor/google.golang.org/grpc/internal/transport/http2_server.go b/vendor/google.golang.org/grpc/internal/transport/http2_server.go
index 0cf1cc320bb..11be5599cd4 100644
--- a/vendor/google.golang.org/grpc/internal/transport/http2_server.go
+++ b/vendor/google.golang.org/grpc/internal/transport/http2_server.go
@@ -26,6 +26,7 @@ import (
 	"io"
 	"math"
 	"net"
+	"net/http"
 	"strconv"
 	"sync"
 	"sync/atomic"
@@ -355,26 +356,6 @@ func (t *http2Server) operateHeaders(frame *http2.MetaHeadersFrame, handle func(
 	if state.data.statsTrace != nil {
 		s.ctx = stats.SetIncomingTrace(s.ctx, state.data.statsTrace)
 	}
-	if t.inTapHandle != nil {
-		var err error
-		info := &tap.Info{
-			FullMethodName: state.data.method,
-		}
-		s.ctx, err = t.inTapHandle(s.ctx, info)
-		if err != nil {
-			if logger.V(logLevel) {
-				logger.Warningf("transport: http2Server.operateHeaders got an error from InTapHandle: %v", err)
-			}
-			t.controlBuf.put(&cleanupStream{
-				streamID: s.id,
-				rst:      true,
-				rstCode:  http2.ErrCodeRefusedStream,
-				onWrite:  func() {},
-			})
-			s.cancel()
-			return false
-		}
-	}
 	t.mu.Lock()
 	if t.state != reachable {
 		t.mu.Unlock()
@@ -402,6 +383,39 @@ func (t *http2Server) operateHeaders(frame *http2.MetaHeadersFrame, handle func(
 		return true
 	}
 	t.maxStreamID = streamID
+	if state.data.httpMethod != http.MethodPost {
+		t.mu.Unlock()
+		if logger.V(logLevel) {
+			logger.Warningf("transport: http2Server.operateHeaders parsed a :method field: %v which should be POST", state.data.httpMethod)
+		}
+		t.controlBuf.put(&cleanupStream{
+			streamID: streamID,
+			rst:      true,
+			rstCode:  http2.ErrCodeProtocol,
+			onWrite:  func() {},
+		})
+		s.cancel()
+		return false
+	}
+	if t.inTapHandle != nil {
+		var err error
+		if s.ctx, err = t.inTapHandle(s.ctx, &tap.Info{FullMethodName: state.data.method}); err != nil {
+			t.mu.Unlock()
+			if logger.V(logLevel) {
+				logger.Infof("transport: http2Server.operateHeaders got an error from InTapHandle: %v", err)
+			}
+			stat, ok := status.FromError(err)
+			if !ok {
+				stat = status.New(codes.PermissionDenied, err.Error())
+			}
+			t.controlBuf.put(&earlyAbortStream{
+				streamID:       s.id,
+				contentSubtype: s.contentSubtype,
+				status:         stat,
+			})
+			return false
+		}
+	}
 	t.activeStreams[streamID] = s
 	if len(t.activeStreams) == 1 {
 		t.idle = time.Time{}
diff --git a/vendor/google.golang.org/grpc/internal/transport/http_util.go b/vendor/google.golang.org/grpc/internal/transport/http_util.go
index 4d15afbf73f..c7dee140cf1 100644
--- a/vendor/google.golang.org/grpc/internal/transport/http_util.go
+++ b/vendor/google.golang.org/grpc/internal/transport/http_util.go
@@ -27,6 +27,7 @@ import (
 	"math"
 	"net"
 	"net/http"
+	"net/url"
 	"strconv"
 	"strings"
 	"time"
@@ -110,6 +111,7 @@ type parsedHeaderData struct {
 	timeoutSet bool
 	timeout    time.Duration
 	method     string
+	httpMethod string
 	// key-value metadata map from the peer.
 	mdata          map[string][]string
 	statsTags      []byte
@@ -362,6 +364,8 @@ func (d *decodeState) processHeaderField(f hpack.HeaderField) {
 		}
 		d.data.statsTrace = v
 		d.addMetadata(f.Name, string(v))
+	case ":method":
+		d.data.httpMethod = f.Value
 	default:
 		if isReservedHeader(f.Name) && !isWhitelistedHeader(f.Name) {
 			break
@@ -598,3 +602,31 @@ func newFramer(conn net.Conn, writeBufferSize, readBufferSize int, maxHeaderList
 	f.fr.ReadMetaHeaders = hpack.NewDecoder(http2InitHeaderTableSize, nil)
 	return f
 }
+
+// parseDialTarget returns the network and address to pass to dialer.
+func parseDialTarget(target string) (string, string) {
+	net := "tcp"
+	m1 := strings.Index(target, ":")
+	m2 := strings.Index(target, ":/")
+	// handle unix:addr which will fail with url.Parse
+	if m1 >= 0 && m2 < 0 {
+		if n := target[0:m1]; n == "unix" {
+			return n, target[m1+1:]
+		}
+	}
+	if m2 >= 0 {
+		t, err := url.Parse(target)
+		if err != nil {
+			return net, target
+		}
+		scheme := t.Scheme
+		addr := t.Path
+		if scheme == "unix" {
+			if addr == "" {
+				addr = t.Host
+			}
+			return scheme, addr
+		}
+	}
+	return net, target
+}
diff --git a/vendor/google.golang.org/grpc/internal/transport/networktype/networktype.go b/vendor/google.golang.org/grpc/internal/transport/networktype/networktype.go
new file mode 100644
index 00000000000..96967428b51
--- /dev/null
+++ b/vendor/google.golang.org/grpc/internal/transport/networktype/networktype.go
@@ -0,0 +1,46 @@
+/*
+ *
+ * Copyright 2020 gRPC authors.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ */
+
+// Package networktype declares the network type to be used in the default
+// dailer. Attribute of a resolver.Address.
+package networktype
+
+import (
+	"google.golang.org/grpc/resolver"
+)
+
+// keyType is the key to use for storing State in Attributes.
+type keyType string
+
+const key = keyType("grpc.internal.transport.networktype")
+
+// Set returns a copy of the provided address with attributes containing networkType.
+func Set(address resolver.Address, networkType string) resolver.Address {
+	address.Attributes = address.Attributes.WithValues(key, networkType)
+	return address
+}
+
+// Get returns the network type in the resolver.Address and true, or "", false
+// if not present.
+func Get(address resolver.Address) (string, bool) {
+	v := address.Attributes.Value(key)
+	if v == nil {
+		return "", false
+	}
+	return v.(string), true
+}
diff --git a/vendor/google.golang.org/grpc/proxy.go b/vendor/google.golang.org/grpc/internal/transport/proxy.go
similarity index 73%
rename from vendor/google.golang.org/grpc/proxy.go
rename to vendor/google.golang.org/grpc/internal/transport/proxy.go
index f8f69bfb70f..a662bf39a6c 100644
--- a/vendor/google.golang.org/grpc/proxy.go
+++ b/vendor/google.golang.org/grpc/internal/transport/proxy.go
@@ -16,13 +16,12 @@
  *
  */
 
-package grpc
+package transport
 
 import (
 	"bufio"
 	"context"
 	"encoding/base64"
-	"errors"
 	"fmt"
 	"io"
 	"net"
@@ -34,8 +33,6 @@ import (
 const proxyAuthHeaderKey = "Proxy-Authorization"
 
 var (
-	// errDisabled indicates that proxy is disabled for the address.
-	errDisabled = errors.New("proxy is disabled for the address")
 	// The following variable will be overwritten in the tests.
 	httpProxyFromEnvironment = http.ProxyFromEnvironment
 )
@@ -51,9 +48,6 @@ func mapAddress(ctx context.Context, address string) (*url.URL, error) {
 	if err != nil {
 		return nil, err
 	}
-	if url == nil {
-		return nil, errDisabled
-	}
 	return url, nil
 }
 
@@ -76,7 +70,7 @@ func basicAuth(username, password string) string {
 	return base64.StdEncoding.EncodeToString([]byte(auth))
 }
 
-func doHTTPConnectHandshake(ctx context.Context, conn net.Conn, backendAddr string, proxyURL *url.URL) (_ net.Conn, err error) {
+func doHTTPConnectHandshake(ctx context.Context, conn net.Conn, backendAddr string, proxyURL *url.URL, grpcUA string) (_ net.Conn, err error) {
 	defer func() {
 		if err != nil {
 			conn.Close()
@@ -115,32 +109,28 @@ func doHTTPConnectHandshake(ctx context.Context, conn net.Conn, backendAddr stri
 	return &bufConn{Conn: conn, r: r}, nil
 }
 
-// newProxyDialer returns a dialer that connects to proxy first if necessary.
-// The returned dialer checks if a proxy is necessary, dial to the proxy with the
-// provided dialer, does HTTP CONNECT handshake and returns the connection.
-func newProxyDialer(dialer func(context.Context, string) (net.Conn, error)) func(context.Context, string) (net.Conn, error) {
-	return func(ctx context.Context, addr string) (conn net.Conn, err error) {
-		var newAddr string
-		proxyURL, err := mapAddress(ctx, addr)
-		if err != nil {
-			if err != errDisabled {
-				return nil, err
-			}
-			newAddr = addr
-		} else {
-			newAddr = proxyURL.Host
-		}
+// proxyDial dials, connecting to a proxy first if necessary. Checks if a proxy
+// is necessary, dials, does the HTTP CONNECT handshake, and returns the
+// connection.
+func proxyDial(ctx context.Context, addr string, grpcUA string) (conn net.Conn, err error) {
+	newAddr := addr
+	proxyURL, err := mapAddress(ctx, addr)
+	if err != nil {
+		return nil, err
+	}
+	if proxyURL != nil {
+		newAddr = proxyURL.Host
+	}
 
-		conn, err = dialer(ctx, newAddr)
-		if err != nil {
-			return
-		}
-		if proxyURL != nil {
-			// proxy is disabled if proxyURL is nil.
-			conn, err = doHTTPConnectHandshake(ctx, conn, addr, proxyURL)
-		}
+	conn, err = (&net.Dialer{}).DialContext(ctx, "tcp", newAddr)
+	if err != nil {
 		return
 	}
+	if proxyURL != nil {
+		// proxy is disabled if proxyURL is nil.
+		conn, err = doHTTPConnectHandshake(ctx, conn, addr, proxyURL, grpcUA)
+	}
+	return
 }
 
 func sendHTTPRequest(ctx context.Context, req *http.Request, conn net.Conn) error {
diff --git a/vendor/google.golang.org/grpc/internal/transport/transport.go b/vendor/google.golang.org/grpc/internal/transport/transport.go
index b74030a9687..6cc1031fd92 100644
--- a/vendor/google.golang.org/grpc/internal/transport/transport.go
+++ b/vendor/google.golang.org/grpc/internal/transport/transport.go
@@ -241,6 +241,7 @@ type Stream struct {
 	ctx          context.Context    // the associated context of the stream
 	cancel       context.CancelFunc // always nil for client side Stream
 	done         chan struct{}      // closed at the end of stream to unblock writers. On the client side.
+	doneFunc     func()             // invoked at the end of stream on client side.
 	ctxDone      <-chan struct{}    // same as done chan but for server side. Cache of ctx.Done() (for performance)
 	method       string             // the associated RPC method of the stream
 	recvCompress string
@@ -569,6 +570,8 @@ type ConnectOptions struct {
 	ChannelzParentID int64
 	// MaxHeaderListSize sets the max (uncompressed) size of header list that is prepared to be received.
 	MaxHeaderListSize *uint32
+	// UseProxy specifies if a proxy should be used.
+	UseProxy bool
 }
 
 // NewClientTransport establishes the transport with the required ConnectOptions
@@ -609,6 +612,8 @@ type CallHdr struct {
 	ContentSubtype string
 
 	PreviousAttempts int // value of grpc-previous-rpc-attempts header to set
+
+	DoneFunc func() // called when the stream is finished
 }
 
 // ClientTransport is the common interface for all gRPC client-side transport
@@ -617,7 +622,7 @@ type ClientTransport interface {
 	// Close tears down this transport. Once it returns, the transport
 	// should not be accessed any more. The caller must make sure this
 	// is called only once.
-	Close() error
+	Close(err error)
 
 	// GracefulClose starts to tear down the transport: the transport will stop
 	// accepting new RPCs and NewStream will return error. Once all streams are
@@ -651,8 +656,9 @@ type ClientTransport interface {
 	// HTTP/2).
 	GoAway() <-chan struct{}
 
-	// GetGoAwayReason returns the reason why GoAway frame was received.
-	GetGoAwayReason() GoAwayReason
+	// GetGoAwayReason returns the reason why GoAway frame was received, along
+	// with a human readable string with debug info.
+	GetGoAwayReason() (GoAwayReason, string)
 
 	// RemoteAddr returns the remote network address.
 	RemoteAddr() net.Addr
diff --git a/vendor/google.golang.org/grpc/internal/wrr/edf.go b/vendor/google.golang.org/grpc/internal/wrr/edf.go
new file mode 100644
index 00000000000..b4fb3f9d3be
--- /dev/null
+++ b/vendor/google.golang.org/grpc/internal/wrr/edf.go
@@ -0,0 +1,92 @@
+/*
+ *
+ * Copyright 2019 gRPC authors.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package wrr
+
+import (
+	"container/heap"
+	"sync"
+)
+
+// edfWrr is a struct for EDF weighted round robin implementation.
+type edfWrr struct {
+	lock               sync.Mutex
+	items              edfPriorityQueue
+	currentOrderOffset uint64
+	currentTime        float64
+}
+
+// NewEDF creates Earliest Deadline First (EDF)
+// (https://en.wikipedia.org/wiki/Earliest_deadline_first_scheduling) implementation for weighted round robin.
+// Each pick from the schedule has the earliest deadline entry selected. Entries have deadlines set
+// at current time + 1 / weight, providing weighted round robin behavior with O(log n) pick time.
+func NewEDF() WRR {
+	return &edfWrr{}
+}
+
+// edfEntry is an internal wrapper for item that also stores weight and relative position in the queue.
+type edfEntry struct {
+	deadline    float64
+	weight      int64
+	orderOffset uint64
+	item        interface{}
+}
+
+// edfPriorityQueue is a heap.Interface implementation for edfEntry elements.
+type edfPriorityQueue []*edfEntry
+
+func (pq edfPriorityQueue) Len() int { return len(pq) }
+func (pq edfPriorityQueue) Less(i, j int) bool {
+	return pq[i].deadline < pq[j].deadline || pq[i].deadline == pq[j].deadline && pq[i].orderOffset < pq[j].orderOffset
+}
+func (pq edfPriorityQueue) Swap(i, j int) { pq[i], pq[j] = pq[j], pq[i] }
+
+func (pq *edfPriorityQueue) Push(x interface{}) {
+	*pq = append(*pq, x.(*edfEntry))
+}
+
+func (pq *edfPriorityQueue) Pop() interface{} {
+	old := *pq
+	*pq = old[0 : len(old)-1]
+	return old[len(old)-1]
+}
+
+func (edf *edfWrr) Add(item interface{}, weight int64) {
+	edf.lock.Lock()
+	defer edf.lock.Unlock()
+	entry := edfEntry{
+		deadline:    edf.currentTime + 1.0/float64(weight),
+		weight:      weight,
+		item:        item,
+		orderOffset: edf.currentOrderOffset,
+	}
+	edf.currentOrderOffset++
+	heap.Push(&edf.items, &entry)
+}
+
+func (edf *edfWrr) Next() interface{} {
+	edf.lock.Lock()
+	defer edf.lock.Unlock()
+	if len(edf.items) == 0 {
+		return nil
+	}
+	item := edf.items[0]
+	edf.currentTime = item.deadline
+	item.deadline = edf.currentTime + 1.0/float64(item.weight)
+	heap.Fix(&edf.items, 0)
+	return item.item
+}
diff --git a/vendor/google.golang.org/grpc/internal/wrr/random.go b/vendor/google.golang.org/grpc/internal/wrr/random.go
new file mode 100644
index 00000000000..ccf5113e9f3
--- /dev/null
+++ b/vendor/google.golang.org/grpc/internal/wrr/random.go
@@ -0,0 +1,79 @@
+/*
+ *
+ * Copyright 2019 gRPC authors.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package wrr
+
+import (
+	"fmt"
+	"sync"
+
+	"google.golang.org/grpc/internal/grpcrand"
+)
+
+// weightedItem is a wrapped weighted item that is used to implement weighted random algorithm.
+type weightedItem struct {
+	Item   interface{}
+	Weight int64
+}
+
+func (w *weightedItem) String() string {
+	return fmt.Sprint(*w)
+}
+
+// randomWRR is a struct that contains weighted items implement weighted random algorithm.
+type randomWRR struct {
+	mu           sync.RWMutex
+	items        []*weightedItem
+	sumOfWeights int64
+}
+
+// NewRandom creates a new WRR with random.
+func NewRandom() WRR {
+	return &randomWRR{}
+}
+
+var grpcrandInt63n = grpcrand.Int63n
+
+func (rw *randomWRR) Next() (item interface{}) {
+	rw.mu.RLock()
+	defer rw.mu.RUnlock()
+	if rw.sumOfWeights == 0 {
+		return nil
+	}
+	// Random number in [0, sum).
+	randomWeight := grpcrandInt63n(rw.sumOfWeights)
+	for _, item := range rw.items {
+		randomWeight = randomWeight - item.Weight
+		if randomWeight < 0 {
+			return item.Item
+		}
+	}
+
+	return rw.items[len(rw.items)-1].Item
+}
+
+func (rw *randomWRR) Add(item interface{}, weight int64) {
+	rw.mu.Lock()
+	defer rw.mu.Unlock()
+	rItem := &weightedItem{Item: item, Weight: weight}
+	rw.items = append(rw.items, rItem)
+	rw.sumOfWeights += weight
+}
+
+func (rw *randomWRR) String() string {
+	return fmt.Sprint(rw.items)
+}
diff --git a/vendor/google.golang.org/grpc/internal/wrr/wrr.go b/vendor/google.golang.org/grpc/internal/wrr/wrr.go
new file mode 100644
index 00000000000..d46bfad86ef
--- /dev/null
+++ b/vendor/google.golang.org/grpc/internal/wrr/wrr.go
@@ -0,0 +1,32 @@
+/*
+ *
+ * Copyright 2019 gRPC authors.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+// Package wrr contains the interface and common implementations of wrr
+// algorithms.
+package wrr
+
+// WRR defines an interface that implements weighted round robin.
+type WRR interface {
+	// Add adds an item with weight to the WRR set.
+	//
+	// Add and Next need to be thread safe.
+	Add(item interface{}, weight int64)
+	// Next returns the next picked item.
+	//
+	// Add and Next need to be thread safe.
+	Next() interface{}
+}
diff --git a/vendor/google.golang.org/grpc/internal/xds/bootstrap.go b/vendor/google.golang.org/grpc/internal/xds/bootstrap.go
new file mode 100644
index 00000000000..97ec8e17208
--- /dev/null
+++ b/vendor/google.golang.org/grpc/internal/xds/bootstrap.go
@@ -0,0 +1,134 @@
+/*
+ *
+ * Copyright 2021 gRPC authors.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ */
+
+package xds
+
+import (
+	"encoding/json"
+	"fmt"
+	"io/ioutil"
+	"os"
+
+	"google.golang.org/grpc/grpclog"
+	"google.golang.org/grpc/internal/xds/env"
+)
+
+var logger = grpclog.Component("internal/xds")
+
+// TransportAPI refers to the API version for xDS transport protocol.
+type TransportAPI int
+
+const (
+	// TransportV2 refers to the v2 xDS transport protocol.
+	TransportV2 TransportAPI = iota
+	// TransportV3 refers to the v3 xDS transport protocol.
+	TransportV3
+)
+
+// BootstrapOptions wraps the parameters passed to SetupBootstrapFile.
+type BootstrapOptions struct {
+	// Version is the xDS transport protocol version.
+	Version TransportAPI
+	// NodeID is the node identifier of the gRPC client/server node in the
+	// proxyless service mesh.
+	NodeID string
+	// ServerURI is the address of the management server.
+	ServerURI string
+	// ServerListenerResourceNameTemplate is the Listener resource name to fetch.
+	ServerListenerResourceNameTemplate string
+	// CertificateProviders is the certificate providers configuration.
+	CertificateProviders map[string]json.RawMessage
+}
+
+// SetupBootstrapFile creates a temporary file with bootstrap contents, based on
+// the passed in options, and updates the bootstrap environment variable to
+// point to this file.
+//
+// Returns a cleanup function which will be non-nil if the setup process was
+// completed successfully. It is the responsibility of the caller to invoke the
+// cleanup function at the end of the test.
+func SetupBootstrapFile(opts BootstrapOptions) (func(), error) {
+	f, err := ioutil.TempFile("", "test_xds_bootstrap_*")
+	if err != nil {
+		return nil, fmt.Errorf("failed to created bootstrap file: %v", err)
+	}
+
+	cfg := &bootstrapConfig{
+		XdsServers: []server{
+			{
+				ServerURI: opts.ServerURI,
+				ChannelCreds: []creds{
+					{
+						Type: "insecure",
+					},
+				},
+			},
+		},
+		Node: node{
+			ID: opts.NodeID,
+		},
+		CertificateProviders:               opts.CertificateProviders,
+		ServerListenerResourceNameTemplate: opts.ServerListenerResourceNameTemplate,
+	}
+	switch opts.Version {
+	case TransportV2:
+		// TODO: Add any v2 specific fields.
+	case TransportV3:
+		cfg.XdsServers[0].ServerFeatures = append(cfg.XdsServers[0].ServerFeatures, "xds_v3")
+	default:
+		return nil, fmt.Errorf("unsupported xDS transport protocol version: %v", opts.Version)
+	}
+
+	bootstrapContents, err := json.MarshalIndent(cfg, "", "  ")
+	if err != nil {
+		return nil, fmt.Errorf("failed to created bootstrap file: %v", err)
+	}
+	if err := ioutil.WriteFile(f.Name(), bootstrapContents, 0644); err != nil {
+		return nil, fmt.Errorf("failed to created bootstrap file: %v", err)
+	}
+	logger.Infof("Created bootstrap file at %q with contents: %s\n", f.Name(), bootstrapContents)
+
+	origBootstrapFileName := env.BootstrapFileName
+	env.BootstrapFileName = f.Name()
+	return func() {
+		os.Remove(f.Name())
+		env.BootstrapFileName = origBootstrapFileName
+	}, nil
+}
+
+type bootstrapConfig struct {
+	XdsServers                         []server                   `json:"xds_servers,omitempty"`
+	Node                               node                       `json:"node,omitempty"`
+	CertificateProviders               map[string]json.RawMessage `json:"certificate_providers,omitempty"`
+	ServerListenerResourceNameTemplate string                     `json:"server_listener_resource_name_template,omitempty"`
+}
+
+type server struct {
+	ServerURI      string   `json:"server_uri,omitempty"`
+	ChannelCreds   []creds  `json:"channel_creds,omitempty"`
+	ServerFeatures []string `json:"server_features,omitempty"`
+}
+
+type creds struct {
+	Type   string      `json:"type,omitempty"`
+	Config interface{} `json:"config,omitempty"`
+}
+
+type node struct {
+	ID string `json:"id,omitempty"`
+}
diff --git a/vendor/google.golang.org/grpc/internal/xds/env/env.go b/vendor/google.golang.org/grpc/internal/xds/env/env.go
new file mode 100644
index 00000000000..db9ac93b968
--- /dev/null
+++ b/vendor/google.golang.org/grpc/internal/xds/env/env.go
@@ -0,0 +1,97 @@
+/*
+ *
+ * Copyright 2020 gRPC authors.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ */
+
+// Package env acts a single source of definition for all environment variables
+// related to the xDS implementation in gRPC.
+package env
+
+import (
+	"os"
+	"strings"
+)
+
+const (
+	// BootstrapFileNameEnv is the env variable to set bootstrap file name.
+	// Do not use this and read from env directly. Its value is read and kept in
+	// variable BootstrapFileName.
+	//
+	// When both bootstrap FileName and FileContent are set, FileName is used.
+	BootstrapFileNameEnv = "GRPC_XDS_BOOTSTRAP"
+	// BootstrapFileContentEnv is the env variable to set bootstrapp file
+	// content. Do not use this and read from env directly. Its value is read
+	// and kept in variable BootstrapFileName.
+	//
+	// When both bootstrap FileName and FileContent are set, FileName is used.
+	BootstrapFileContentEnv = "GRPC_XDS_BOOTSTRAP_CONFIG"
+
+	circuitBreakingSupportEnv    = "GRPC_XDS_EXPERIMENTAL_CIRCUIT_BREAKING"
+	timeoutSupportEnv            = "GRPC_XDS_EXPERIMENTAL_ENABLE_TIMEOUT"
+	faultInjectionSupportEnv     = "GRPC_XDS_EXPERIMENTAL_FAULT_INJECTION"
+	clientSideSecuritySupportEnv = "GRPC_XDS_EXPERIMENTAL_SECURITY_SUPPORT"
+	aggregateAndDNSSupportEnv    = "GRPC_XDS_EXPERIMENTAL_ENABLE_AGGREGATE_AND_LOGICAL_DNS_CLUSTER"
+
+	c2pResolverSupportEnv                    = "GRPC_EXPERIMENTAL_GOOGLE_C2P_RESOLVER"
+	c2pResolverTestOnlyTrafficDirectorURIEnv = "GRPC_TEST_ONLY_GOOGLE_C2P_RESOLVER_TRAFFIC_DIRECTOR_URI"
+)
+
+var (
+	// BootstrapFileName holds the name of the file which contains xDS bootstrap
+	// configuration. Users can specify the location of the bootstrap file by
+	// setting the environment variable "GRPC_XDS_BOOSTRAP".
+	//
+	// When both bootstrap FileName and FileContent are set, FileName is used.
+	BootstrapFileName = os.Getenv(BootstrapFileNameEnv)
+	// BootstrapFileContent holds the content of the xDS bootstrap
+	// configuration. Users can specify the bootstrap config by
+	// setting the environment variable "GRPC_XDS_BOOSTRAP_CONFIG".
+	//
+	// When both bootstrap FileName and FileContent are set, FileName is used.
+	BootstrapFileContent = os.Getenv(BootstrapFileContentEnv)
+
+	// CircuitBreakingSupport indicates whether circuit breaking support is
+	// enabled, which can be disabled by setting the environment variable
+	// "GRPC_XDS_EXPERIMENTAL_CIRCUIT_BREAKING" to "false".
+	CircuitBreakingSupport = !strings.EqualFold(os.Getenv(circuitBreakingSupportEnv), "false")
+	// TimeoutSupport indicates whether support for max_stream_duration in
+	// route actions is enabled.  This can be disabled by setting the
+	// environment variable "GRPC_XDS_EXPERIMENTAL_ENABLE_TIMEOUT" to "false".
+	TimeoutSupport = !strings.EqualFold(os.Getenv(timeoutSupportEnv), "false")
+	// FaultInjectionSupport is used to control both fault injection and HTTP
+	// filter support.
+	FaultInjectionSupport = !strings.EqualFold(os.Getenv(faultInjectionSupportEnv), "false")
+	// ClientSideSecuritySupport is used to control processing of security
+	// configuration on the client-side.
+	//
+	// Note that there is no env var protection for the server-side because we
+	// have a brand new API on the server-side and users explicitly need to use
+	// the new API to get security integration on the server.
+	ClientSideSecuritySupport = strings.EqualFold(os.Getenv(clientSideSecuritySupportEnv), "true")
+	// AggregateAndDNSSupportEnv indicates whether processing of aggregated
+	// cluster and DNS cluster is enabled, which can be enabled by setting the
+	// environment variable
+	// "GRPC_XDS_EXPERIMENTAL_ENABLE_AGGREGATE_AND_LOGICAL_DNS_CLUSTER" to
+	// "true".
+	AggregateAndDNSSupportEnv = strings.EqualFold(os.Getenv(aggregateAndDNSSupportEnv), "true")
+
+	// C2PResolverSupport indicates whether support for C2P resolver is enabled.
+	// This can be enabled by setting the environment variable
+	// "GRPC_EXPERIMENTAL_GOOGLE_C2P_RESOLVER" to "true".
+	C2PResolverSupport = strings.EqualFold(os.Getenv(c2pResolverSupportEnv), "true")
+	// C2PResolverTestOnlyTrafficDirectorURI is the TD URI for testing.
+	C2PResolverTestOnlyTrafficDirectorURI = os.Getenv(c2pResolverTestOnlyTrafficDirectorURIEnv)
+)
diff --git a/vendor/google.golang.org/grpc/internal/xds/string_matcher.go b/vendor/google.golang.org/grpc/internal/xds/string_matcher.go
new file mode 100644
index 00000000000..21f15aad1b8
--- /dev/null
+++ b/vendor/google.golang.org/grpc/internal/xds/string_matcher.go
@@ -0,0 +1,183 @@
+/*
+ *
+ * Copyright 2021 gRPC authors.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ */
+
+// Package xds contains types that need to be shared between code under
+// google.golang.org/grpc/xds/... and the rest of gRPC.
+package xds
+
+import (
+	"errors"
+	"fmt"
+	"regexp"
+	"strings"
+
+	v3matcherpb "github.com/envoyproxy/go-control-plane/envoy/type/matcher/v3"
+)
+
+// StringMatcher contains match criteria for matching a string, and is an
+// internal representation of the `StringMatcher` proto defined at
+// https://github.com/envoyproxy/envoy/blob/main/api/envoy/type/matcher/v3/string.proto.
+type StringMatcher struct {
+	// Since these match fields are part of a `oneof` in the corresponding xDS
+	// proto, only one of them is expected to be set.
+	exactMatch    *string
+	prefixMatch   *string
+	suffixMatch   *string
+	regexMatch    *regexp.Regexp
+	containsMatch *string
+	// If true, indicates the exact/prefix/suffix/contains matching should be
+	// case insensitive. This has no effect on the regex match.
+	ignoreCase bool
+}
+
+// Match returns true if input matches the criteria in the given StringMatcher.
+func (sm StringMatcher) Match(input string) bool {
+	if sm.ignoreCase {
+		input = strings.ToLower(input)
+	}
+	switch {
+	case sm.exactMatch != nil:
+		return input == *sm.exactMatch
+	case sm.prefixMatch != nil:
+		return strings.HasPrefix(input, *sm.prefixMatch)
+	case sm.suffixMatch != nil:
+		return strings.HasSuffix(input, *sm.suffixMatch)
+	case sm.regexMatch != nil:
+		return sm.regexMatch.MatchString(input)
+	case sm.containsMatch != nil:
+		return strings.Contains(input, *sm.containsMatch)
+	}
+	return false
+}
+
+// StringMatcherFromProto is a helper function to create a StringMatcher from
+// the corresponding StringMatcher proto.
+//
+// Returns a non-nil error if matcherProto is invalid.
+func StringMatcherFromProto(matcherProto *v3matcherpb.StringMatcher) (StringMatcher, error) {
+	if matcherProto == nil {
+		return StringMatcher{}, errors.New("input StringMatcher proto is nil")
+	}
+
+	matcher := StringMatcher{ignoreCase: matcherProto.GetIgnoreCase()}
+	switch mt := matcherProto.GetMatchPattern().(type) {
+	case *v3matcherpb.StringMatcher_Exact:
+		matcher.exactMatch = &mt.Exact
+		if matcher.ignoreCase {
+			*matcher.exactMatch = strings.ToLower(*matcher.exactMatch)
+		}
+	case *v3matcherpb.StringMatcher_Prefix:
+		if matcherProto.GetPrefix() == "" {
+			return StringMatcher{}, errors.New("empty prefix is not allowed in StringMatcher")
+		}
+		matcher.prefixMatch = &mt.Prefix
+		if matcher.ignoreCase {
+			*matcher.prefixMatch = strings.ToLower(*matcher.prefixMatch)
+		}
+	case *v3matcherpb.StringMatcher_Suffix:
+		if matcherProto.GetSuffix() == "" {
+			return StringMatcher{}, errors.New("empty suffix is not allowed in StringMatcher")
+		}
+		matcher.suffixMatch = &mt.Suffix
+		if matcher.ignoreCase {
+			*matcher.suffixMatch = strings.ToLower(*matcher.suffixMatch)
+		}
+	case *v3matcherpb.StringMatcher_SafeRegex:
+		regex := matcherProto.GetSafeRegex().GetRegex()
+		re, err := regexp.Compile(regex)
+		if err != nil {
+			return StringMatcher{}, fmt.Errorf("safe_regex matcher %q is invalid", regex)
+		}
+		matcher.regexMatch = re
+	case *v3matcherpb.StringMatcher_Contains:
+		if matcherProto.GetContains() == "" {
+			return StringMatcher{}, errors.New("empty contains is not allowed in StringMatcher")
+		}
+		matcher.containsMatch = &mt.Contains
+		if matcher.ignoreCase {
+			*matcher.containsMatch = strings.ToLower(*matcher.containsMatch)
+		}
+	default:
+		return StringMatcher{}, fmt.Errorf("unrecognized string matcher: %+v", matcherProto)
+	}
+	return matcher, nil
+}
+
+// StringMatcherForTesting is a helper function to create a StringMatcher based
+// on the given arguments. Intended only for testing purposes.
+func StringMatcherForTesting(exact, prefix, suffix, contains *string, regex *regexp.Regexp, ignoreCase bool) StringMatcher {
+	sm := StringMatcher{
+		exactMatch:    exact,
+		prefixMatch:   prefix,
+		suffixMatch:   suffix,
+		regexMatch:    regex,
+		containsMatch: contains,
+		ignoreCase:    ignoreCase,
+	}
+	if ignoreCase {
+		switch {
+		case sm.exactMatch != nil:
+			*sm.exactMatch = strings.ToLower(*exact)
+		case sm.prefixMatch != nil:
+			*sm.prefixMatch = strings.ToLower(*prefix)
+		case sm.suffixMatch != nil:
+			*sm.suffixMatch = strings.ToLower(*suffix)
+		case sm.containsMatch != nil:
+			*sm.containsMatch = strings.ToLower(*contains)
+		}
+	}
+	return sm
+}
+
+// ExactMatch returns the value of the configured exact match or an empty string
+// if exact match criteria was not specified.
+func (sm StringMatcher) ExactMatch() string {
+	if sm.exactMatch != nil {
+		return *sm.exactMatch
+	}
+	return ""
+}
+
+// Equal returns true if other and sm are equivalent to each other.
+func (sm StringMatcher) Equal(other StringMatcher) bool {
+	if sm.ignoreCase != other.ignoreCase {
+		return false
+	}
+
+	if (sm.exactMatch != nil) != (other.exactMatch != nil) ||
+		(sm.prefixMatch != nil) != (other.prefixMatch != nil) ||
+		(sm.suffixMatch != nil) != (other.suffixMatch != nil) ||
+		(sm.regexMatch != nil) != (other.regexMatch != nil) ||
+		(sm.containsMatch != nil) != (other.containsMatch != nil) {
+		return false
+	}
+
+	switch {
+	case sm.exactMatch != nil:
+		return *sm.exactMatch == *other.exactMatch
+	case sm.prefixMatch != nil:
+		return *sm.prefixMatch == *other.prefixMatch
+	case sm.suffixMatch != nil:
+		return *sm.suffixMatch == *other.suffixMatch
+	case sm.regexMatch != nil:
+		return sm.regexMatch.String() == other.regexMatch.String()
+	case sm.containsMatch != nil:
+		return *sm.containsMatch == *other.containsMatch
+	}
+	return true
+}
diff --git a/vendor/google.golang.org/grpc/internal/xds_handshake_cluster.go b/vendor/google.golang.org/grpc/internal/xds_handshake_cluster.go
new file mode 100644
index 00000000000..3677c3f04f8
--- /dev/null
+++ b/vendor/google.golang.org/grpc/internal/xds_handshake_cluster.go
@@ -0,0 +1,40 @@
+/*
+ * Copyright 2021 gRPC authors.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package internal
+
+import (
+	"google.golang.org/grpc/attributes"
+	"google.golang.org/grpc/resolver"
+)
+
+// handshakeClusterNameKey is the type used as the key to store cluster name in
+// the Attributes field of resolver.Address.
+type handshakeClusterNameKey struct{}
+
+// SetXDSHandshakeClusterName returns a copy of addr in which the Attributes field
+// is updated with the cluster name.
+func SetXDSHandshakeClusterName(addr resolver.Address, clusterName string) resolver.Address {
+	addr.Attributes = addr.Attributes.WithValues(handshakeClusterNameKey{}, clusterName)
+	return addr
+}
+
+// GetXDSHandshakeClusterName returns cluster name stored in attr.
+func GetXDSHandshakeClusterName(attr *attributes.Attributes) (string, bool) {
+	v := attr.Value(handshakeClusterNameKey{})
+	name, ok := v.(string)
+	return name, ok
+}
diff --git a/vendor/google.golang.org/grpc/metadata/metadata.go b/vendor/google.golang.org/grpc/metadata/metadata.go
index cf6d1b94781..e4cbea91749 100644
--- a/vendor/google.golang.org/grpc/metadata/metadata.go
+++ b/vendor/google.golang.org/grpc/metadata/metadata.go
@@ -75,13 +75,9 @@ func Pairs(kv ...string) MD {
 		panic(fmt.Sprintf("metadata: Pairs got the odd number of input pairs for metadata: %d", len(kv)))
 	}
 	md := MD{}
-	var key string
-	for i, s := range kv {
-		if i%2 == 0 {
-			key = strings.ToLower(s)
-			continue
-		}
-		md[key] = append(md[key], s)
+	for i := 0; i < len(kv); i += 2 {
+		key := strings.ToLower(kv[i])
+		md[key] = append(md[key], kv[i+1])
 	}
 	return md
 }
@@ -195,12 +191,18 @@ func FromOutgoingContext(ctx context.Context) (MD, bool) {
 		return nil, false
 	}
 
-	mds := make([]MD, 0, len(raw.added)+1)
-	mds = append(mds, raw.md)
-	for _, vv := range raw.added {
-		mds = append(mds, Pairs(vv...))
+	out := raw.md.Copy()
+	for _, added := range raw.added {
+		if len(added)%2 == 1 {
+			panic(fmt.Sprintf("metadata: FromOutgoingContext got an odd number of input pairs for metadata: %d", len(added)))
+		}
+
+		for i := 0; i < len(added); i += 2 {
+			key := strings.ToLower(added[i])
+			out[key] = append(out[key], added[i+1])
+		}
 	}
-	return Join(mds...), ok
+	return out, ok
 }
 
 type rawMD struct {
diff --git a/vendor/google.golang.org/grpc/pickfirst.go b/vendor/google.golang.org/grpc/pickfirst.go
index 56e33f6c76b..b858c2a5e63 100644
--- a/vendor/google.golang.org/grpc/pickfirst.go
+++ b/vendor/google.golang.org/grpc/pickfirst.go
@@ -84,7 +84,7 @@ func (b *pickfirstBalancer) UpdateClientConnState(cs balancer.ClientConnState) e
 		b.cc.UpdateState(balancer.State{ConnectivityState: connectivity.Idle, Picker: &picker{result: balancer.PickResult{SubConn: b.sc}}})
 		b.sc.Connect()
 	} else {
-		b.sc.UpdateAddresses(cs.ResolverState.Addresses)
+		b.cc.UpdateAddresses(b.sc, cs.ResolverState.Addresses)
 		b.sc.Connect()
 	}
 	return nil
diff --git a/vendor/google.golang.org/grpc/reflection/grpc_reflection_v1alpha/reflection.pb.go b/vendor/google.golang.org/grpc/reflection/grpc_reflection_v1alpha/reflection.pb.go
index 6b8e0b77f06..1f859f76488 100644
--- a/vendor/google.golang.org/grpc/reflection/grpc_reflection_v1alpha/reflection.pb.go
+++ b/vendor/google.golang.org/grpc/reflection/grpc_reflection_v1alpha/reflection.pb.go
@@ -17,7 +17,7 @@
 // Code generated by protoc-gen-go. DO NOT EDIT.
 // versions:
 // 	protoc-gen-go v1.25.0
-// 	protoc        v3.3.0
+// 	protoc        v3.14.0
 // source: reflection/grpc_reflection_v1alpha/reflection.proto
 
 package grpc_reflection_v1alpha
diff --git a/vendor/google.golang.org/grpc/reflection/grpc_reflection_v1alpha/reflection_grpc.pb.go b/vendor/google.golang.org/grpc/reflection/grpc_reflection_v1alpha/reflection_grpc.pb.go
index 47f2ea55298..7d05c14ebd8 100644
--- a/vendor/google.golang.org/grpc/reflection/grpc_reflection_v1alpha/reflection_grpc.pb.go
+++ b/vendor/google.golang.org/grpc/reflection/grpc_reflection_v1alpha/reflection_grpc.pb.go
@@ -1,4 +1,8 @@
 // Code generated by protoc-gen-go-grpc. DO NOT EDIT.
+// versions:
+// - protoc-gen-go-grpc v1.1.0
+// - protoc             v3.14.0
+// source: reflection/grpc_reflection_v1alpha/reflection.proto
 
 package grpc_reflection_v1alpha
 
@@ -11,6 +15,7 @@ import (
 
 // This is a compile-time assertion to ensure that this generated file
 // is compatible with the grpc package it is being compiled against.
+// Requires gRPC-Go v1.32.0 or later.
 const _ = grpc.SupportPackageIsVersion7
 
 // ServerReflectionClient is the client API for ServerReflection service.
@@ -31,7 +36,7 @@ func NewServerReflectionClient(cc grpc.ClientConnInterface) ServerReflectionClie
 }
 
 func (c *serverReflectionClient) ServerReflectionInfo(ctx context.Context, opts ...grpc.CallOption) (ServerReflection_ServerReflectionInfoClient, error) {
-	stream, err := c.cc.NewStream(ctx, &_ServerReflection_serviceDesc.Streams[0], "/grpc.reflection.v1alpha.ServerReflection/ServerReflectionInfo", opts...)
+	stream, err := c.cc.NewStream(ctx, &ServerReflection_ServiceDesc.Streams[0], "/grpc.reflection.v1alpha.ServerReflection/ServerReflectionInfo", opts...)
 	if err != nil {
 		return nil, err
 	}
@@ -85,8 +90,8 @@ type UnsafeServerReflectionServer interface {
 	mustEmbedUnimplementedServerReflectionServer()
 }
 
-func RegisterServerReflectionServer(s *grpc.Server, srv ServerReflectionServer) {
-	s.RegisterService(&_ServerReflection_serviceDesc, srv)
+func RegisterServerReflectionServer(s grpc.ServiceRegistrar, srv ServerReflectionServer) {
+	s.RegisterService(&ServerReflection_ServiceDesc, srv)
 }
 
 func _ServerReflection_ServerReflectionInfo_Handler(srv interface{}, stream grpc.ServerStream) error {
@@ -115,7 +120,10 @@ func (x *serverReflectionServerReflectionInfoServer) Recv() (*ServerReflectionRe
 	return m, nil
 }
 
-var _ServerReflection_serviceDesc = grpc.ServiceDesc{
+// ServerReflection_ServiceDesc is the grpc.ServiceDesc for ServerReflection service.
+// It's only intended for direct use with grpc.RegisterService,
+// and not to be introspected or modified (even as a copy)
+var ServerReflection_ServiceDesc = grpc.ServiceDesc{
 	ServiceName: "grpc.reflection.v1alpha.ServerReflection",
 	HandlerType: (*ServerReflectionServer)(nil),
 	Methods:     []grpc.MethodDesc{},
diff --git a/vendor/google.golang.org/grpc/reflection/serverreflection.go b/vendor/google.golang.org/grpc/reflection/serverreflection.go
index d2696168b10..82a5ba7f244 100644
--- a/vendor/google.golang.org/grpc/reflection/serverreflection.go
+++ b/vendor/google.golang.org/grpc/reflection/serverreflection.go
@@ -54,9 +54,19 @@ import (
 	"google.golang.org/grpc/status"
 )
 
+// GRPCServer is the interface provided by a gRPC server. It is implemented by
+// *grpc.Server, but could also be implemented by other concrete types. It acts
+// as a registry, for accumulating the services exposed by the server.
+type GRPCServer interface {
+	grpc.ServiceRegistrar
+	GetServiceInfo() map[string]grpc.ServiceInfo
+}
+
+var _ GRPCServer = (*grpc.Server)(nil)
+
 type serverReflectionServer struct {
 	rpb.UnimplementedServerReflectionServer
-	s *grpc.Server
+	s GRPCServer
 
 	initSymbols  sync.Once
 	serviceNames []string
@@ -64,7 +74,7 @@ type serverReflectionServer struct {
 }
 
 // Register registers the server reflection service on the given gRPC server.
-func Register(s *grpc.Server) {
+func Register(s GRPCServer) {
 	rpb.RegisterServerReflectionServer(s, &serverReflectionServer{
 		s: s,
 	})
diff --git a/vendor/google.golang.org/grpc/regenerate.sh b/vendor/google.golang.org/grpc/regenerate.sh
index 3443ad97591..dfd3226a1d9 100644
--- a/vendor/google.golang.org/grpc/regenerate.sh
+++ b/vendor/google.golang.org/grpc/regenerate.sh
@@ -40,29 +40,14 @@ echo "go install cmd/protoc-gen-go-grpc"
 echo "git clone https://github.com/grpc/grpc-proto"
 git clone --quiet https://github.com/grpc/grpc-proto ${WORKDIR}/grpc-proto
 
+echo "git clone https://github.com/protocolbuffers/protobuf"
+git clone --quiet https://github.com/protocolbuffers/protobuf ${WORKDIR}/protobuf
+
 # Pull in code.proto as a proto dependency
 mkdir -p ${WORKDIR}/googleapis/google/rpc
 echo "curl https://raw.githubusercontent.com/googleapis/googleapis/master/google/rpc/code.proto"
 curl --silent https://raw.githubusercontent.com/googleapis/googleapis/master/google/rpc/code.proto > ${WORKDIR}/googleapis/google/rpc/code.proto
 
-# Pull in the following repos to build the MeshCA config proto.
-ENVOY_API_REPOS=(
-  "https://github.com/envoyproxy/data-plane-api"
-  "https://github.com/cncf/udpa"
-  "https://github.com/envoyproxy/protoc-gen-validate"
-)
-for repo in ${ENVOY_API_REPOS[@]}; do
-  dirname=$(basename ${repo})
-  mkdir -p ${WORKDIR}/${dirname}
-  echo "git clone ${repo}"
-  git clone --quiet ${repo} ${WORKDIR}/${dirname}
-done
-
-# Pull in the MeshCA service proto.
-mkdir -p ${WORKDIR}/istio/istio/google/security/meshca/v1
-echo "curl https://raw.githubusercontent.com/istio/istio/master/security/proto/providers/google/meshca.proto"
-curl --silent https://raw.githubusercontent.com/istio/istio/master/security/proto/providers/google/meshca.proto > ${WORKDIR}/istio/istio/google/security/meshca/v1/meshca.proto
-
 mkdir -p ${WORKDIR}/out
 
 # Generates sources without the embed requirement
@@ -84,15 +69,14 @@ SOURCES=(
   ${WORKDIR}/grpc-proto/grpc/lookup/v1/rls.proto
   ${WORKDIR}/grpc-proto/grpc/lookup/v1/rls_config.proto
   ${WORKDIR}/grpc-proto/grpc/service_config/service_config.proto
-  ${WORKDIR}/grpc-proto/grpc/tls/provider/meshca/experimental/config.proto
-  ${WORKDIR}/istio/istio/google/security/meshca/v1/meshca.proto
+  ${WORKDIR}/grpc-proto/grpc/testing/*.proto
+  ${WORKDIR}/grpc-proto/grpc/core/*.proto
 )
 
 # These options of the form 'Mfoo.proto=bar' instruct the codegen to use an
 # import path of 'bar' in the generated code when 'foo.proto' is imported in
 # one of the sources.
-OPTS=Mgrpc/service_config/service_config.proto=/internal/proto/grpc_service_config,\
-Menvoy/config/core/v3/config_source.proto=github.com/envoyproxy/go-control-plane/envoy/config/core/v3
+OPTS=Mgrpc/service_config/service_config.proto=/internal/proto/grpc_service_config,Mgrpc/core/stats.proto=google.golang.org/grpc/interop/grpc_testing/core
 
 for src in ${SOURCES[@]}; do
   echo "protoc ${src}"
@@ -100,9 +84,7 @@ for src in ${SOURCES[@]}; do
     -I"." \
     -I${WORKDIR}/grpc-proto \
     -I${WORKDIR}/googleapis \
-    -I${WORKDIR}/data-plane-api \
-    -I${WORKDIR}/udpa \
-    -I${WORKDIR}/protoc-gen-validate \
+    -I${WORKDIR}/protobuf/src \
     -I${WORKDIR}/istio \
     ${src}
 done
@@ -113,9 +95,7 @@ for src in ${LEGACY_SOURCES[@]}; do
     -I"." \
     -I${WORKDIR}/grpc-proto \
     -I${WORKDIR}/googleapis \
-    -I${WORKDIR}/data-plane-api \
-    -I${WORKDIR}/udpa \
-    -I${WORKDIR}/protoc-gen-validate \
+    -I${WORKDIR}/protobuf/src \
     -I${WORKDIR}/istio \
     ${src}
 done
@@ -132,8 +112,8 @@ rm ${WORKDIR}/out/google.golang.org/grpc/reflection/grpc_testingv3/*.pb.go
 # grpc/service_config/service_config.proto does not have a go_package option.
 mv ${WORKDIR}/out/grpc/service_config/service_config.pb.go internal/proto/grpc_service_config
 
-# istio/google/security/meshca/v1/meshca.proto does not have a go_package option.
-mkdir -p ${WORKDIR}/out/google.golang.org/grpc/credentials/tls/certprovider/meshca/internal/v1/
-mv ${WORKDIR}/out/istio/google/security/meshca/v1/* ${WORKDIR}/out/google.golang.org/grpc/credentials/tls/certprovider/meshca/internal/v1/
+# grpc/testing does not have a go_package option.
+mv ${WORKDIR}/out/grpc/testing/*.pb.go interop/grpc_testing/
+mv ${WORKDIR}/out/grpc/core/*.pb.go interop/grpc_testing/core/
 
 cp -R ${WORKDIR}/out/google.golang.org/grpc/* .
diff --git a/vendor/google.golang.org/grpc/resolver/manual/manual.go b/vendor/google.golang.org/grpc/resolver/manual/manual.go
index e141f96a62d..3679d702ab9 100644
--- a/vendor/google.golang.org/grpc/resolver/manual/manual.go
+++ b/vendor/google.golang.org/grpc/resolver/manual/manual.go
@@ -21,9 +21,6 @@
 package manual
 
 import (
-	"strconv"
-	"time"
-
 	"google.golang.org/grpc/resolver"
 )
 
@@ -81,13 +78,3 @@ func (*Resolver) Close() {}
 func (r *Resolver) UpdateState(s resolver.State) {
 	r.CC.UpdateState(s)
 }
-
-// GenerateAndRegisterManualResolver generates a random scheme and a Resolver
-// with it. It also registers this Resolver.
-// It returns the Resolver and a cleanup function to unregister it.
-func GenerateAndRegisterManualResolver() (*Resolver, func()) {
-	scheme := strconv.FormatInt(time.Now().UnixNano(), 36)
-	r := NewBuilderWithScheme(scheme)
-	resolver.Register(r)
-	return r, func() { resolver.UnregisterForTesting(scheme) }
-}
diff --git a/vendor/google.golang.org/grpc/resolver/resolver.go b/vendor/google.golang.org/grpc/resolver/resolver.go
index e9fa8e33d92..6a9d234a597 100644
--- a/vendor/google.golang.org/grpc/resolver/resolver.go
+++ b/vendor/google.golang.org/grpc/resolver/resolver.go
@@ -181,7 +181,7 @@ type State struct {
 // gRPC to add new methods to this interface.
 type ClientConn interface {
 	// UpdateState updates the state of the ClientConn appropriately.
-	UpdateState(State)
+	UpdateState(State) error
 	// ReportError notifies the ClientConn that the Resolver encountered an
 	// error.  The ClientConn will notify the load balancer and begin calling
 	// ResolveNow on the Resolver with exponential backoff.
diff --git a/vendor/google.golang.org/grpc/resolver_conn_wrapper.go b/vendor/google.golang.org/grpc/resolver_conn_wrapper.go
index f2d81968f9e..4118de571ab 100644
--- a/vendor/google.golang.org/grpc/resolver_conn_wrapper.go
+++ b/vendor/google.golang.org/grpc/resolver_conn_wrapper.go
@@ -22,7 +22,6 @@ import (
 	"fmt"
 	"strings"
 	"sync"
-	"time"
 
 	"google.golang.org/grpc/balancer"
 	"google.golang.org/grpc/credentials"
@@ -40,9 +39,6 @@ type ccResolverWrapper struct {
 	resolver   resolver.Resolver
 	done       *grpcsync.Event
 	curState   resolver.State
-
-	pollingMu sync.Mutex
-	polling   chan struct{}
 }
 
 // newCCResolverWrapper uses the resolver.Builder to build a Resolver and
@@ -93,59 +89,19 @@ func (ccr *ccResolverWrapper) close() {
 	ccr.resolverMu.Unlock()
 }
 
-// poll begins or ends asynchronous polling of the resolver based on whether
-// err is ErrBadResolverState.
-func (ccr *ccResolverWrapper) poll(err error) {
-	ccr.pollingMu.Lock()
-	defer ccr.pollingMu.Unlock()
-	if err != balancer.ErrBadResolverState {
-		// stop polling
-		if ccr.polling != nil {
-			close(ccr.polling)
-			ccr.polling = nil
-		}
-		return
-	}
-	if ccr.polling != nil {
-		// already polling
-		return
-	}
-	p := make(chan struct{})
-	ccr.polling = p
-	go func() {
-		for i := 0; ; i++ {
-			ccr.resolveNow(resolver.ResolveNowOptions{})
-			t := time.NewTimer(ccr.cc.dopts.resolveNowBackoff(i))
-			select {
-			case <-p:
-				t.Stop()
-				return
-			case <-ccr.done.Done():
-				// Resolver has been closed.
-				t.Stop()
-				return
-			case <-t.C:
-				select {
-				case <-p:
-					return
-				default:
-				}
-				// Timer expired; re-resolve.
-			}
-		}
-	}()
-}
-
-func (ccr *ccResolverWrapper) UpdateState(s resolver.State) {
+func (ccr *ccResolverWrapper) UpdateState(s resolver.State) error {
 	if ccr.done.HasFired() {
-		return
+		return nil
 	}
 	channelz.Infof(logger, ccr.cc.channelzID, "ccResolverWrapper: sending update to cc: %v", s)
 	if channelz.IsOn() {
 		ccr.addChannelzTraceEvent(s)
 	}
 	ccr.curState = s
-	ccr.poll(ccr.cc.updateResolverState(ccr.curState, nil))
+	if err := ccr.cc.updateResolverState(ccr.curState, nil); err == balancer.ErrBadResolverState {
+		return balancer.ErrBadResolverState
+	}
+	return nil
 }
 
 func (ccr *ccResolverWrapper) ReportError(err error) {
@@ -153,7 +109,7 @@ func (ccr *ccResolverWrapper) ReportError(err error) {
 		return
 	}
 	channelz.Warningf(logger, ccr.cc.channelzID, "ccResolverWrapper: reporting error to cc: %v", err)
-	ccr.poll(ccr.cc.updateResolverState(resolver.State{}, err))
+	ccr.cc.updateResolverState(resolver.State{}, err)
 }
 
 // NewAddress is called by the resolver implementation to send addresses to gRPC.
@@ -166,7 +122,7 @@ func (ccr *ccResolverWrapper) NewAddress(addrs []resolver.Address) {
 		ccr.addChannelzTraceEvent(resolver.State{Addresses: addrs, ServiceConfig: ccr.curState.ServiceConfig})
 	}
 	ccr.curState.Addresses = addrs
-	ccr.poll(ccr.cc.updateResolverState(ccr.curState, nil))
+	ccr.cc.updateResolverState(ccr.curState, nil)
 }
 
 // NewServiceConfig is called by the resolver implementation to send service
@@ -183,14 +139,13 @@ func (ccr *ccResolverWrapper) NewServiceConfig(sc string) {
 	scpr := parseServiceConfig(sc)
 	if scpr.Err != nil {
 		channelz.Warningf(logger, ccr.cc.channelzID, "ccResolverWrapper: error parsing service config: %v", scpr.Err)
-		ccr.poll(balancer.ErrBadResolverState)
 		return
 	}
 	if channelz.IsOn() {
 		ccr.addChannelzTraceEvent(resolver.State{Addresses: ccr.curState.Addresses, ServiceConfig: scpr})
 	}
 	ccr.curState.ServiceConfig = scpr
-	ccr.poll(ccr.cc.updateResolverState(ccr.curState, nil))
+	ccr.cc.updateResolverState(ccr.curState, nil)
 }
 
 func (ccr *ccResolverWrapper) ParseServiceConfig(scJSON string) *serviceconfig.ParseResult {
diff --git a/vendor/google.golang.org/grpc/rpc_util.go b/vendor/google.golang.org/grpc/rpc_util.go
index f0609f2a4e9..6db356fa56a 100644
--- a/vendor/google.golang.org/grpc/rpc_util.go
+++ b/vendor/google.golang.org/grpc/rpc_util.go
@@ -27,7 +27,6 @@ import (
 	"io"
 	"io/ioutil"
 	"math"
-	"net/url"
 	"strings"
 	"sync"
 	"time"
@@ -430,9 +429,10 @@ func (o ContentSubtypeCallOption) before(c *callInfo) error {
 }
 func (o ContentSubtypeCallOption) after(c *callInfo, attempt *csAttempt) {}
 
-// ForceCodec returns a CallOption that will set the given Codec to be
-// used for all request and response messages for a call. The result of calling
-// String() will be used as the content-subtype in a case-insensitive manner.
+// ForceCodec returns a CallOption that will set codec to be used for all
+// request and response messages for a call. The result of calling Name() will
+// be used as the content-subtype after converting to lowercase, unless
+// CallContentSubtype is also used.
 //
 // See Content-Type on
 // https://github.com/grpc/grpc/blob/master/doc/PROTOCOL-HTTP2.md#requests for
@@ -854,7 +854,17 @@ func toRPCErr(err error) error {
 // setCallInfoCodec should only be called after CallOptions have been applied.
 func setCallInfoCodec(c *callInfo) error {
 	if c.codec != nil {
-		// codec was already set by a CallOption; use it.
+		// codec was already set by a CallOption; use it, but set the content
+		// subtype if it is not set.
+		if c.contentSubtype == "" {
+			// c.codec is a baseCodec to hide the difference between grpc.Codec and
+			// encoding.Codec (Name vs. String method name).  We only support
+			// setting content subtype from encoding.Codec to avoid a behavior
+			// change with the deprecated version.
+			if ec, ok := c.codec.(encoding.Codec); ok {
+				c.contentSubtype = strings.ToLower(ec.Name())
+			}
+		}
 		return nil
 	}
 
@@ -872,40 +882,6 @@ func setCallInfoCodec(c *callInfo) error {
 	return nil
 }
 
-// parseDialTarget returns the network and address to pass to dialer
-func parseDialTarget(target string) (net string, addr string) {
-	net = "tcp"
-
-	m1 := strings.Index(target, ":")
-	m2 := strings.Index(target, ":/")
-
-	// handle unix:addr which will fail with url.Parse
-	if m1 >= 0 && m2 < 0 {
-		if n := target[0:m1]; n == "unix" {
-			net = n
-			addr = target[m1+1:]
-			return net, addr
-		}
-	}
-	if m2 >= 0 {
-		t, err := url.Parse(target)
-		if err != nil {
-			return net, target
-		}
-		scheme := t.Scheme
-		addr = t.Path
-		if scheme == "unix" {
-			net = scheme
-			if addr == "" {
-				addr = t.Host
-			}
-			return net, addr
-		}
-	}
-
-	return net, target
-}
-
 // channelzData is used to store channelz related data for ClientConn, addrConn and Server.
 // These fields cannot be embedded in the original structs (e.g. ClientConn), since to do atomic
 // operation on int64 variable on 32-bit machine, user is responsible to enforce memory alignment.
@@ -923,8 +899,7 @@ type channelzData struct {
 // buffer files to ensure compatibility with the gRPC version used.  The latest
 // support package version is 7.
 //
-// Older versions are kept for compatibility. They may be removed if
-// compatibility cannot be maintained.
+// Older versions are kept for compatibility.
 //
 // These constants should not be referenced from any other code.
 const (
diff --git a/vendor/google.golang.org/grpc/server.go b/vendor/google.golang.org/grpc/server.go
index 968eb598e1e..0a151dee4fc 100644
--- a/vendor/google.golang.org/grpc/server.go
+++ b/vendor/google.golang.org/grpc/server.go
@@ -40,6 +40,7 @@ import (
 	"google.golang.org/grpc/encoding"
 	"google.golang.org/grpc/encoding/proto"
 	"google.golang.org/grpc/grpclog"
+	"google.golang.org/grpc/internal"
 	"google.golang.org/grpc/internal/binarylog"
 	"google.golang.org/grpc/internal/channelz"
 	"google.golang.org/grpc/internal/grpcrand"
@@ -56,8 +57,24 @@ import (
 const (
 	defaultServerMaxReceiveMessageSize = 1024 * 1024 * 4
 	defaultServerMaxSendMessageSize    = math.MaxInt32
+
+	// Server transports are tracked in a map which is keyed on listener
+	// address. For regular gRPC traffic, connections are accepted in Serve()
+	// through a call to Accept(), and we use the actual listener address as key
+	// when we add it to the map. But for connections received through
+	// ServeHTTP(), we do not have a listener and hence use this dummy value.
+	listenerAddressForServeHTTP = "listenerAddressForServeHTTP"
 )
 
+func init() {
+	internal.GetServerCredentials = func(srv *Server) credentials.TransportCredentials {
+		return srv.opts.creds
+	}
+	internal.DrainServerTransports = func(srv *Server, addr string) {
+		srv.drainServerTransports(addr)
+	}
+}
+
 var statusOK = status.New(codes.OK, "")
 var logger = grpclog.Component("core")
 
@@ -100,9 +117,12 @@ type serverWorkerData struct {
 type Server struct {
 	opts serverOptions
 
-	mu       sync.Mutex // guards following
-	lis      map[net.Listener]bool
-	conns    map[transport.ServerTransport]bool
+	mu  sync.Mutex // guards following
+	lis map[net.Listener]bool
+	// conns contains all active server transports. It is a map keyed on a
+	// listener address with the value being the set of active transports
+	// belonging to that listener.
+	conns    map[string]map[transport.ServerTransport]bool
 	serve    bool
 	drain    bool
 	cv       *sync.Cond              // signaled when connections close for GracefulStop
@@ -259,6 +279,35 @@ func CustomCodec(codec Codec) ServerOption {
 	})
 }
 
+// ForceServerCodec returns a ServerOption that sets a codec for message
+// marshaling and unmarshaling.
+//
+// This will override any lookups by content-subtype for Codecs registered
+// with RegisterCodec.
+//
+// See Content-Type on
+// https://github.com/grpc/grpc/blob/master/doc/PROTOCOL-HTTP2.md#requests for
+// more details. Also see the documentation on RegisterCodec and
+// CallContentSubtype for more details on the interaction between encoding.Codec
+// and content-subtype.
+//
+// This function is provided for advanced users; prefer to register codecs
+// using encoding.RegisterCodec.
+// The server will automatically use registered codecs based on the incoming
+// requests' headers. See also
+// https://github.com/grpc/grpc-go/blob/master/Documentation/encoding.md#using-a-codec.
+// Will be supported throughout 1.x.
+//
+// Experimental
+//
+// Notice: This API is EXPERIMENTAL and may be changed or removed in a
+// later release.
+func ForceServerCodec(codec encoding.Codec) ServerOption {
+	return newFuncServerOption(func(o *serverOptions) {
+		o.codec = codec
+	})
+}
+
 // RPCCompressor returns a ServerOption that sets a compressor for outbound
 // messages.  For backward compatibility, all outbound messages will be sent
 // using this compressor, regardless of incoming message compression.  By
@@ -369,6 +418,11 @@ func ChainStreamInterceptor(interceptors ...StreamServerInterceptor) ServerOptio
 
 // InTapHandle returns a ServerOption that sets the tap handle for all the server
 // transport to be created. Only one can be installed.
+//
+// Experimental
+//
+// Notice: This API is EXPERIMENTAL and may be changed or removed in a
+// later release.
 func InTapHandle(h tap.ServerInHandle) ServerOption {
 	return newFuncServerOption(func(o *serverOptions) {
 		if o.inTapHandle != nil {
@@ -512,7 +566,7 @@ func NewServer(opt ...ServerOption) *Server {
 	s := &Server{
 		lis:      make(map[net.Listener]bool),
 		opts:     opts,
-		conns:    make(map[transport.ServerTransport]bool),
+		conns:    make(map[string]map[transport.ServerTransport]bool),
 		services: make(map[string]*serviceInfo),
 		quit:     grpcsync.NewEvent(),
 		done:     grpcsync.NewEvent(),
@@ -771,7 +825,7 @@ func (s *Server) Serve(lis net.Listener) error {
 		// s.conns before this conn can be added.
 		s.serveWG.Add(1)
 		go func() {
-			s.handleRawConn(rawConn)
+			s.handleRawConn(lis.Addr().String(), rawConn)
 			s.serveWG.Done()
 		}()
 	}
@@ -779,7 +833,7 @@ func (s *Server) Serve(lis net.Listener) error {
 
 // handleRawConn forks a goroutine to handle a just-accepted connection that
 // has not had any I/O performed on it yet.
-func (s *Server) handleRawConn(rawConn net.Conn) {
+func (s *Server) handleRawConn(lisAddr string, rawConn net.Conn) {
 	if s.quit.HasFired() {
 		rawConn.Close()
 		return
@@ -807,15 +861,24 @@ func (s *Server) handleRawConn(rawConn net.Conn) {
 	}
 
 	rawConn.SetDeadline(time.Time{})
-	if !s.addConn(st) {
+	if !s.addConn(lisAddr, st) {
 		return
 	}
 	go func() {
 		s.serveStreams(st)
-		s.removeConn(st)
+		s.removeConn(lisAddr, st)
 	}()
 }
 
+func (s *Server) drainServerTransports(addr string) {
+	s.mu.Lock()
+	conns := s.conns[addr]
+	for st := range conns {
+		st.Drain()
+	}
+	s.mu.Unlock()
+}
+
 // newHTTP2Transport sets up a http/2 transport (using the
 // gRPC http2 server transport in transport/http2_server.go).
 func (s *Server) newHTTP2Transport(c net.Conn, authInfo credentials.AuthInfo) transport.ServerTransport {
@@ -917,10 +980,10 @@ func (s *Server) ServeHTTP(w http.ResponseWriter, r *http.Request) {
 		http.Error(w, err.Error(), http.StatusInternalServerError)
 		return
 	}
-	if !s.addConn(st) {
+	if !s.addConn(listenerAddressForServeHTTP, st) {
 		return
 	}
-	defer s.removeConn(st)
+	defer s.removeConn(listenerAddressForServeHTTP, st)
 	s.serveStreams(st)
 }
 
@@ -948,7 +1011,7 @@ func (s *Server) traceInfo(st transport.ServerTransport, stream *transport.Strea
 	return trInfo
 }
 
-func (s *Server) addConn(st transport.ServerTransport) bool {
+func (s *Server) addConn(addr string, st transport.ServerTransport) bool {
 	s.mu.Lock()
 	defer s.mu.Unlock()
 	if s.conns == nil {
@@ -960,15 +1023,28 @@ func (s *Server) addConn(st transport.ServerTransport) bool {
 		// immediately.
 		st.Drain()
 	}
-	s.conns[st] = true
+
+	if s.conns[addr] == nil {
+		// Create a map entry if this is the first connection on this listener.
+		s.conns[addr] = make(map[transport.ServerTransport]bool)
+	}
+	s.conns[addr][st] = true
 	return true
 }
 
-func (s *Server) removeConn(st transport.ServerTransport) {
+func (s *Server) removeConn(addr string, st transport.ServerTransport) {
 	s.mu.Lock()
 	defer s.mu.Unlock()
-	if s.conns != nil {
-		delete(s.conns, st)
+
+	conns := s.conns[addr]
+	if conns != nil {
+		delete(conns, st)
+		if len(conns) == 0 {
+			// If the last connection for this address is being removed, also
+			// remove the map entry corresponding to the address. This is used
+			// in GracefulStop() when waiting for all connections to be closed.
+			delete(s.conns, addr)
+		}
 		s.cv.Broadcast()
 	}
 }
@@ -1632,7 +1708,7 @@ func (s *Server) Stop() {
 	s.mu.Lock()
 	listeners := s.lis
 	s.lis = nil
-	st := s.conns
+	conns := s.conns
 	s.conns = nil
 	// interrupt GracefulStop if Stop and GracefulStop are called concurrently.
 	s.cv.Broadcast()
@@ -1641,8 +1717,10 @@ func (s *Server) Stop() {
 	for lis := range listeners {
 		lis.Close()
 	}
-	for c := range st {
-		c.Close()
+	for _, cs := range conns {
+		for st := range cs {
+			st.Close()
+		}
 	}
 	if s.opts.numServerWorkers > 0 {
 		s.stopServerWorkers()
@@ -1679,8 +1757,10 @@ func (s *Server) GracefulStop() {
 	}
 	s.lis = nil
 	if !s.drain {
-		for st := range s.conns {
-			st.Drain()
+		for _, conns := range s.conns {
+			for st := range conns {
+				st.Drain()
+			}
 		}
 		s.drain = true
 	}
diff --git a/vendor/google.golang.org/grpc/service_config.go b/vendor/google.golang.org/grpc/service_config.go
index 5e434ca7f35..22c4240cf7e 100644
--- a/vendor/google.golang.org/grpc/service_config.go
+++ b/vendor/google.golang.org/grpc/service_config.go
@@ -41,29 +41,7 @@ const maxInt = int(^uint(0) >> 1)
 // Deprecated: Users should not use this struct. Service config should be received
 // through name resolver, as specified here
 // https://github.com/grpc/grpc/blob/master/doc/service_config.md
-type MethodConfig struct {
-	// WaitForReady indicates whether RPCs sent to this method should wait until
-	// the connection is ready by default (!failfast). The value specified via the
-	// gRPC client API will override the value set here.
-	WaitForReady *bool
-	// Timeout is the default timeout for RPCs sent to this method. The actual
-	// deadline used will be the minimum of the value specified here and the value
-	// set by the application via the gRPC client API.  If either one is not set,
-	// then the other will be used.  If neither is set, then the RPC has no deadline.
-	Timeout *time.Duration
-	// MaxReqSize is the maximum allowed payload size for an individual request in a
-	// stream (client->server) in bytes. The size which is measured is the serialized
-	// payload after per-message compression (but before stream compression) in bytes.
-	// The actual value used is the minimum of the value specified here and the value set
-	// by the application via the gRPC client API. If either one is not set, then the other
-	// will be used.  If neither is set, then the built-in default is used.
-	MaxReqSize *int
-	// MaxRespSize is the maximum allowed payload size for an individual response in a
-	// stream (server->client) in bytes.
-	MaxRespSize *int
-	// RetryPolicy configures retry options for the method.
-	retryPolicy *retryPolicy
-}
+type MethodConfig = internalserviceconfig.MethodConfig
 
 type lbConfig struct {
 	name string
@@ -127,34 +105,6 @@ type healthCheckConfig struct {
 	ServiceName string
 }
 
-// retryPolicy defines the go-native version of the retry policy defined by the
-// service config here:
-// https://github.com/grpc/proposal/blob/master/A6-client-retries.md#integration-with-service-config
-type retryPolicy struct {
-	// MaxAttempts is the maximum number of attempts, including the original RPC.
-	//
-	// This field is required and must be two or greater.
-	maxAttempts int
-
-	// Exponential backoff parameters. The initial retry attempt will occur at
-	// random(0, initialBackoff). In general, the nth attempt will occur at
-	// random(0,
-	//   min(initialBackoff*backoffMultiplier**(n-1), maxBackoff)).
-	//
-	// These fields are required and must be greater than zero.
-	initialBackoff    time.Duration
-	maxBackoff        time.Duration
-	backoffMultiplier float64
-
-	// The set of status codes which may be retried.
-	//
-	// Status codes are specified as strings, e.g., "UNAVAILABLE".
-	//
-	// This field is required and must be non-empty.
-	// Note: a set is used to store this for easy lookup.
-	retryableStatusCodes map[codes.Code]bool
-}
-
 type jsonRetryPolicy struct {
 	MaxAttempts          int
 	InitialBackoff       string
@@ -313,7 +263,7 @@ func parseServiceConfig(js string) *serviceconfig.ParseResult {
 			WaitForReady: m.WaitForReady,
 			Timeout:      d,
 		}
-		if mc.retryPolicy, err = convertRetryPolicy(m.RetryPolicy); err != nil {
+		if mc.RetryPolicy, err = convertRetryPolicy(m.RetryPolicy); err != nil {
 			logger.Warningf("grpc: parseServiceConfig error unmarshaling %s due to %v", js, err)
 			return &serviceconfig.ParseResult{Err: err}
 		}
@@ -359,7 +309,7 @@ func parseServiceConfig(js string) *serviceconfig.ParseResult {
 	return &serviceconfig.ParseResult{Config: &sc}
 }
 
-func convertRetryPolicy(jrp *jsonRetryPolicy) (p *retryPolicy, err error) {
+func convertRetryPolicy(jrp *jsonRetryPolicy) (p *internalserviceconfig.RetryPolicy, err error) {
 	if jrp == nil {
 		return nil, nil
 	}
@@ -381,19 +331,19 @@ func convertRetryPolicy(jrp *jsonRetryPolicy) (p *retryPolicy, err error) {
 		return nil, nil
 	}
 
-	rp := &retryPolicy{
-		maxAttempts:          jrp.MaxAttempts,
-		initialBackoff:       *ib,
-		maxBackoff:           *mb,
-		backoffMultiplier:    jrp.BackoffMultiplier,
-		retryableStatusCodes: make(map[codes.Code]bool),
+	rp := &internalserviceconfig.RetryPolicy{
+		MaxAttempts:          jrp.MaxAttempts,
+		InitialBackoff:       *ib,
+		MaxBackoff:           *mb,
+		BackoffMultiplier:    jrp.BackoffMultiplier,
+		RetryableStatusCodes: make(map[codes.Code]bool),
 	}
-	if rp.maxAttempts > 5 {
+	if rp.MaxAttempts > 5 {
 		// TODO(retry): Make the max maxAttempts configurable.
-		rp.maxAttempts = 5
+		rp.MaxAttempts = 5
 	}
 	for _, code := range jrp.RetryableStatusCodes {
-		rp.retryableStatusCodes[code] = true
+		rp.RetryableStatusCodes[code] = true
 	}
 	return rp, nil
 }
diff --git a/vendor/google.golang.org/grpc/status/status.go b/vendor/google.golang.org/grpc/status/status.go
index 01e182c306c..54d187186b8 100644
--- a/vendor/google.golang.org/grpc/status/status.go
+++ b/vendor/google.golang.org/grpc/status/status.go
@@ -73,9 +73,11 @@ func FromProto(s *spb.Status) *Status {
 	return status.FromProto(s)
 }
 
-// FromError returns a Status representing err if it was produced from this
-// package or has a method `GRPCStatus() *Status`. Otherwise, ok is false and a
-// Status is returned with codes.Unknown and the original error message.
+// FromError returns a Status representing err if it was produced by this
+// package or has a method `GRPCStatus() *Status`.
+// If err is nil, a Status is returned with codes.OK and no message.
+// Otherwise, ok is false and a Status is returned with codes.Unknown and
+// the original error message.
 func FromError(err error) (s *Status, ok bool) {
 	if err == nil {
 		return nil, true
diff --git a/vendor/google.golang.org/grpc/stream.go b/vendor/google.golang.org/grpc/stream.go
index 5fd856a3821..1f3e70d2c44 100644
--- a/vendor/google.golang.org/grpc/stream.go
+++ b/vendor/google.golang.org/grpc/stream.go
@@ -36,6 +36,8 @@ import (
 	"google.golang.org/grpc/internal/channelz"
 	"google.golang.org/grpc/internal/grpcrand"
 	"google.golang.org/grpc/internal/grpcutil"
+	iresolver "google.golang.org/grpc/internal/resolver"
+	"google.golang.org/grpc/internal/serviceconfig"
 	"google.golang.org/grpc/internal/transport"
 	"google.golang.org/grpc/metadata"
 	"google.golang.org/grpc/peer"
@@ -50,14 +52,20 @@ import (
 // of the RPC.
 type StreamHandler func(srv interface{}, stream ServerStream) error
 
-// StreamDesc represents a streaming RPC service's method specification.
+// StreamDesc represents a streaming RPC service's method specification.  Used
+// on the server when registering services and on the client when initiating
+// new streams.
 type StreamDesc struct {
-	StreamName string
-	Handler    StreamHandler
-
-	// At least one of these is true.
-	ServerStreams bool
-	ClientStreams bool
+	// StreamName and Handler are only used when registering handlers on a
+	// server.
+	StreamName string        // the name of the method excluding the service
+	Handler    StreamHandler // the handler called for the method
+
+	// ServerStreams and ClientStreams are used for registering handlers on a
+	// server as well as defining RPC behavior when passed to NewClientStream
+	// and ClientConn.NewStream.  At least one must be true.
+	ServerStreams bool // indicates the server can perform streaming sends
+	ClientStreams bool // indicates the client can perform streaming sends
 }
 
 // Stream defines the common interface a client or server stream has to satisfy.
@@ -164,13 +172,48 @@ func newClientStream(ctx context.Context, desc *StreamDesc, cc *ClientConn, meth
 			}
 		}()
 	}
-	c := defaultCallInfo()
 	// Provide an opportunity for the first RPC to see the first service config
 	// provided by the resolver.
 	if err := cc.waitForResolvedAddrs(ctx); err != nil {
 		return nil, err
 	}
-	mc := cc.GetMethodConfig(method)
+
+	var mc serviceconfig.MethodConfig
+	var onCommit func()
+	var newStream = func(ctx context.Context, done func()) (iresolver.ClientStream, error) {
+		return newClientStreamWithParams(ctx, desc, cc, method, mc, onCommit, done, opts...)
+	}
+
+	rpcInfo := iresolver.RPCInfo{Context: ctx, Method: method}
+	rpcConfig, err := cc.safeConfigSelector.SelectConfig(rpcInfo)
+	if err != nil {
+		return nil, toRPCErr(err)
+	}
+
+	if rpcConfig != nil {
+		if rpcConfig.Context != nil {
+			ctx = rpcConfig.Context
+		}
+		mc = rpcConfig.MethodConfig
+		onCommit = rpcConfig.OnCommitted
+		if rpcConfig.Interceptor != nil {
+			rpcInfo.Context = nil
+			ns := newStream
+			newStream = func(ctx context.Context, done func()) (iresolver.ClientStream, error) {
+				cs, err := rpcConfig.Interceptor.NewStream(ctx, rpcInfo, done, ns)
+				if err != nil {
+					return nil, toRPCErr(err)
+				}
+				return cs, nil
+			}
+		}
+	}
+
+	return newStream(ctx, func() {})
+}
+
+func newClientStreamWithParams(ctx context.Context, desc *StreamDesc, cc *ClientConn, method string, mc serviceconfig.MethodConfig, onCommit, doneFunc func(), opts ...CallOption) (_ iresolver.ClientStream, err error) {
+	c := defaultCallInfo()
 	if mc.WaitForReady != nil {
 		c.failFast = !*mc.WaitForReady
 	}
@@ -207,6 +250,7 @@ func newClientStream(ctx context.Context, desc *StreamDesc, cc *ClientConn, meth
 		Host:           cc.authority,
 		Method:         method,
 		ContentSubtype: c.contentSubtype,
+		DoneFunc:       doneFunc,
 	}
 
 	// Set our outgoing compression according to the UseCompressor CallOption, if
@@ -272,6 +316,7 @@ func newClientStream(ctx context.Context, desc *StreamDesc, cc *ClientConn, meth
 		cancel:       cancel,
 		beginTime:    beginTime,
 		firstAttempt: true,
+		onCommit:     onCommit,
 	}
 	if !cc.dopts.disableRetry {
 		cs.retryThrottler = cc.retryThrottler.Load().(*retryThrottler)
@@ -432,7 +477,8 @@ type clientStream struct {
 	// place where we need to check if the attempt is nil.
 	attempt *csAttempt
 	// TODO(hedging): hedging will have multiple attempts simultaneously.
-	committed  bool                       // active attempt committed for retry?
+	committed  bool // active attempt committed for retry?
+	onCommit   func()
 	buffer     []func(a *csAttempt) error // operations to replay on retry
 	bufferSize int                        // current size of buffer
 }
@@ -461,6 +507,9 @@ type csAttempt struct {
 }
 
 func (cs *clientStream) commitAttemptLocked() {
+	if !cs.committed && cs.onCommit != nil {
+		cs.onCommit()
+	}
 	cs.committed = true
 	cs.buffer = nil
 }
@@ -539,8 +588,8 @@ func (cs *clientStream) shouldRetry(err error) error {
 		code = status.Convert(err).Code()
 	}
 
-	rp := cs.methodConfig.retryPolicy
-	if rp == nil || !rp.retryableStatusCodes[code] {
+	rp := cs.methodConfig.RetryPolicy
+	if rp == nil || !rp.RetryableStatusCodes[code] {
 		return err
 	}
 
@@ -549,7 +598,7 @@ func (cs *clientStream) shouldRetry(err error) error {
 	if cs.retryThrottler.throttle() {
 		return err
 	}
-	if cs.numRetries+1 >= rp.maxAttempts {
+	if cs.numRetries+1 >= rp.MaxAttempts {
 		return err
 	}
 
@@ -558,9 +607,9 @@ func (cs *clientStream) shouldRetry(err error) error {
 		dur = time.Millisecond * time.Duration(pushback)
 		cs.numRetriesSincePushback = 0
 	} else {
-		fact := math.Pow(rp.backoffMultiplier, float64(cs.numRetriesSincePushback))
-		cur := float64(rp.initialBackoff) * fact
-		if max := float64(rp.maxBackoff); cur > max {
+		fact := math.Pow(rp.BackoffMultiplier, float64(cs.numRetriesSincePushback))
+		cur := float64(rp.InitialBackoff) * fact
+		if max := float64(rp.MaxBackoff); cur > max {
 			cur = max
 		}
 		dur = time.Duration(grpcrand.Int63n(int64(cur)))
diff --git a/vendor/google.golang.org/grpc/tap/tap.go b/vendor/google.golang.org/grpc/tap/tap.go
index caea1ebed6e..dbf34e6bb5f 100644
--- a/vendor/google.golang.org/grpc/tap/tap.go
+++ b/vendor/google.golang.org/grpc/tap/tap.go
@@ -37,16 +37,16 @@ type Info struct {
 	// TODO: More to be added.
 }
 
-// ServerInHandle defines the function which runs before a new stream is created
-// on the server side. If it returns a non-nil error, the stream will not be
-// created and a RST_STREAM will be sent back to the client with REFUSED_STREAM.
-// The client will receive an RPC error "code = Unavailable, desc = stream
-// terminated by RST_STREAM with error code: REFUSED_STREAM".
+// ServerInHandle defines the function which runs before a new stream is
+// created on the server side. If it returns a non-nil error, the stream will
+// not be created and an error will be returned to the client.  If the error
+// returned is a status error, that status code and message will be used,
+// otherwise PermissionDenied will be the code and err.Error() will be the
+// message.
 //
 // It's intended to be used in situations where you don't want to waste the
-// resources to accept the new stream (e.g. rate-limiting). And the content of
-// the error will be ignored and won't be sent back to the client. For other
-// general usages, please use interceptors.
+// resources to accept the new stream (e.g. rate-limiting). For other general
+// usages, please use interceptors.
 //
 // Note that it is executed in the per-connection I/O goroutine(s) instead of
 // per-RPC goroutine. Therefore, users should NOT have any
diff --git a/vendor/google.golang.org/grpc/version.go b/vendor/google.golang.org/grpc/version.go
index 90f28f62175..bfe5cf88703 100644
--- a/vendor/google.golang.org/grpc/version.go
+++ b/vendor/google.golang.org/grpc/version.go
@@ -19,4 +19,4 @@
 package grpc
 
 // Version is the current grpc version.
-const Version = "1.33.3"
+const Version = "1.38.0"
diff --git a/vendor/google.golang.org/grpc/vet.sh b/vendor/google.golang.org/grpc/vet.sh
index 48652f6040f..1a0dbd7ee5a 100644
--- a/vendor/google.golang.org/grpc/vet.sh
+++ b/vendor/google.golang.org/grpc/vet.sh
@@ -28,7 +28,8 @@ cleanup() {
 }
 trap cleanup EXIT
 
-PATH="${GOPATH}/bin:${GOROOT}/bin:${PATH}"
+PATH="${HOME}/go/bin:${GOROOT}/bin:${PATH}"
+go version
 
 if [[ "$1" = "-install" ]]; then
   # Check for module support
@@ -53,7 +54,7 @@ if [[ "$1" = "-install" ]]; then
   fi
   if [[ -z "${VET_SKIP_PROTO}" ]]; then
     if [[ "${TRAVIS}" = "true" ]]; then
-      PROTOBUF_VERSION=3.3.0
+      PROTOBUF_VERSION=3.14.0
       PROTOC_FILENAME=protoc-${PROTOBUF_VERSION}-linux-x86_64.zip
       pushd /home/travis
       wget https://github.com/google/protobuf/releases/download/v${PROTOBUF_VERSION}/${PROTOC_FILENAME}
@@ -61,7 +62,7 @@ if [[ "$1" = "-install" ]]; then
       bin/protoc --version
       popd
     elif [[ "${GITHUB_ACTIONS}" = "true" ]]; then
-      PROTOBUF_VERSION=3.3.0
+      PROTOBUF_VERSION=3.14.0
       PROTOC_FILENAME=protoc-${PROTOBUF_VERSION}-linux-x86_64.zip
       pushd /home/runner/go
       wget https://github.com/google/protobuf/releases/download/v${PROTOBUF_VERSION}/${PROTOC_FILENAME}
@@ -104,12 +105,6 @@ git grep '"github.com/envoyproxy/go-control-plane/envoy' -- '*.go' ':(exclude)*.
 # TODO: Remove when we drop Go 1.10 support
 go list -f {{.Dir}} ./... | xargs go run test/go_vet/vet.go
 
-# - gofmt, goimports, golint (with exceptions for generated code), go vet.
-gofmt -s -d -l . 2>&1 | fail_on_output
-goimports -l . 2>&1 | not grep -vE "\.pb\.go"
-golint ./... 2>&1 | not grep -vE "\.pb\.go:"
-go vet -all ./...
-
 misspell -error .
 
 # - Check that generated proto files are up to date.
@@ -119,12 +114,22 @@ if [[ -z "${VET_SKIP_PROTO}" ]]; then
     (git status; git --no-pager diff; exit 1)
 fi
 
-# - Check that our modules are tidy.
-if go help mod >& /dev/null; then
-  find . -name 'go.mod' | xargs -IXXX bash -c 'cd $(dirname XXX); go mod tidy'
+# - gofmt, goimports, golint (with exceptions for generated code), go vet,
+# go mod tidy.
+# Perform these checks on each module inside gRPC.
+for MOD_FILE in $(find . -name 'go.mod'); do
+  MOD_DIR=$(dirname ${MOD_FILE})
+  pushd ${MOD_DIR}
+  go vet -all ./... | fail_on_output
+  gofmt -s -d -l . 2>&1 | fail_on_output
+  goimports -l . 2>&1 | not grep -vE "\.pb\.go"
+  golint ./... 2>&1 | not grep -vE "/testv3\.pb\.go:"
+
+  go mod tidy
   git status --porcelain 2>&1 | fail_on_output || \
     (git status; git --no-pager diff; exit 1)
-fi
+  popd
+done
 
 # - Collection of static analysis checks
 #
@@ -141,8 +146,11 @@ not grep -Fv '.CredsBundle
 .NewAddress
 .NewServiceConfig
 .Type is deprecated: use Attributes
+BuildVersion is deprecated
 balancer.ErrTransientFailure
 balancer.Picker
+extDesc.Filename is deprecated
+github.com/golang/protobuf/jsonpb is deprecated
 grpc.CallCustomCodec
 grpc.Code
 grpc.Compressor
@@ -164,13 +172,7 @@ grpc.WithServiceConfig
 grpc.WithTimeout
 http.CloseNotifier
 info.SecurityVersion
-resolver.Backend
-resolver.GRPCLB
-extDesc.Filename is deprecated
-BuildVersion is deprecated
-github.com/golang/protobuf/jsonpb is deprecated
 proto is deprecated
-xxx_messageInfo_
 proto.InternalMessageInfo is deprecated
 proto.EnumName is deprecated
 proto.ErrInternalBadWireType is deprecated
@@ -184,7 +186,12 @@ proto.RegisterExtension is deprecated
 proto.RegisteredExtension is deprecated
 proto.RegisteredExtensions is deprecated
 proto.RegisterMapType is deprecated
-proto.Unmarshaler is deprecated' "${SC_OUT}"
+proto.Unmarshaler is deprecated
+resolver.Backend
+resolver.GRPCLB
+Target is deprecated: Use the Target field in the BuildOptions instead.
+xxx_messageInfo_
+' "${SC_OUT}"
 
 # - special golint on package comments.
 lint_package_comment_per_package() {
diff --git a/vendor/google.golang.org/grpc/xds/csds/csds.go b/vendor/google.golang.org/grpc/xds/csds/csds.go
new file mode 100644
index 00000000000..73b92e9443c
--- /dev/null
+++ b/vendor/google.golang.org/grpc/xds/csds/csds.go
@@ -0,0 +1,314 @@
+/*
+ *
+ * Copyright 2021 gRPC authors.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ */
+
+// Package csds implements features to dump the status (xDS responses) the
+// xds_client is using.
+//
+// Notice: This package is EXPERIMENTAL and may be changed or removed in a later
+// release.
+package csds
+
+import (
+	"context"
+	"fmt"
+	"io"
+	"time"
+
+	v3adminpb "github.com/envoyproxy/go-control-plane/envoy/admin/v3"
+	v2corepb "github.com/envoyproxy/go-control-plane/envoy/api/v2/core"
+	v3corepb "github.com/envoyproxy/go-control-plane/envoy/config/core/v3"
+	v3statusgrpc "github.com/envoyproxy/go-control-plane/envoy/service/status/v3"
+	v3statuspb "github.com/envoyproxy/go-control-plane/envoy/service/status/v3"
+	"github.com/golang/protobuf/proto"
+	"google.golang.org/grpc/codes"
+	"google.golang.org/grpc/grpclog"
+	"google.golang.org/grpc/status"
+	"google.golang.org/grpc/xds/internal/client"
+	"google.golang.org/grpc/xds/internal/client/bootstrap"
+	"google.golang.org/protobuf/types/known/timestamppb"
+
+	_ "google.golang.org/grpc/xds/internal/client/v2" // Register v2 xds_client.
+	_ "google.golang.org/grpc/xds/internal/client/v3" // Register v3 xds_client.
+)
+
+// xdsClientInterface contains methods from xdsClient.Client which are used by
+// the server. This is useful for overriding in unit tests.
+type xdsClientInterface interface {
+	DumpLDS() (string, map[string]client.UpdateWithMD)
+	DumpRDS() (string, map[string]client.UpdateWithMD)
+	DumpCDS() (string, map[string]client.UpdateWithMD)
+	DumpEDS() (string, map[string]client.UpdateWithMD)
+	BootstrapConfig() *bootstrap.Config
+	Close()
+}
+
+var (
+	logger       = grpclog.Component("xds")
+	newXDSClient = func() (xdsClientInterface, error) {
+		return client.New()
+	}
+)
+
+// ClientStatusDiscoveryServer implementations interface ClientStatusDiscoveryServiceServer.
+type ClientStatusDiscoveryServer struct {
+	// xdsClient will always be the same in practise. But we keep a copy in each
+	// server instance for testing.
+	xdsClient xdsClientInterface
+}
+
+// NewClientStatusDiscoveryServer returns an implementation of the CSDS server that can be
+// registered on a gRPC server.
+func NewClientStatusDiscoveryServer() (*ClientStatusDiscoveryServer, error) {
+	xdsC, err := newXDSClient()
+	if err != nil {
+		return nil, fmt.Errorf("failed to create xds client: %v", err)
+	}
+	return &ClientStatusDiscoveryServer{
+		xdsClient: xdsC,
+	}, nil
+}
+
+// StreamClientStatus implementations interface ClientStatusDiscoveryServiceServer.
+func (s *ClientStatusDiscoveryServer) StreamClientStatus(stream v3statusgrpc.ClientStatusDiscoveryService_StreamClientStatusServer) error {
+	for {
+		req, err := stream.Recv()
+		if err == io.EOF {
+			return nil
+		}
+		if err != nil {
+			return err
+		}
+		resp, err := s.buildClientStatusRespForReq(req)
+		if err != nil {
+			return err
+		}
+		if err := stream.Send(resp); err != nil {
+			return err
+		}
+	}
+}
+
+// FetchClientStatus implementations interface ClientStatusDiscoveryServiceServer.
+func (s *ClientStatusDiscoveryServer) FetchClientStatus(_ context.Context, req *v3statuspb.ClientStatusRequest) (*v3statuspb.ClientStatusResponse, error) {
+	return s.buildClientStatusRespForReq(req)
+}
+
+// buildClientStatusRespForReq fetches the status from the client, and returns
+// the response to be sent back to client.
+//
+// If it returns an error, the error is a status error.
+func (s *ClientStatusDiscoveryServer) buildClientStatusRespForReq(req *v3statuspb.ClientStatusRequest) (*v3statuspb.ClientStatusResponse, error) {
+	// Field NodeMatchers is unsupported, by design
+	// https://github.com/grpc/proposal/blob/master/A40-csds-support.md#detail-node-matching.
+	if len(req.NodeMatchers) != 0 {
+		return nil, status.Errorf(codes.InvalidArgument, "node_matchers are not supported, request contains node_matchers: %v", req.NodeMatchers)
+	}
+
+	ret := &v3statuspb.ClientStatusResponse{
+		Config: []*v3statuspb.ClientConfig{
+			{
+				Node: nodeProtoToV3(s.xdsClient.BootstrapConfig().NodeProto),
+				XdsConfig: []*v3statuspb.PerXdsConfig{
+					s.buildLDSPerXDSConfig(),
+					s.buildRDSPerXDSConfig(),
+					s.buildCDSPerXDSConfig(),
+					s.buildEDSPerXDSConfig(),
+				},
+			},
+		},
+	}
+	return ret, nil
+}
+
+// Close cleans up the resources.
+func (s *ClientStatusDiscoveryServer) Close() {
+	s.xdsClient.Close()
+}
+
+// nodeProtoToV3 converts the given proto into a v3.Node. n is from bootstrap
+// config, it can be either v2.Node or v3.Node.
+//
+// If n is already a v3.Node, return it.
+// If n is v2.Node, marshal and unmarshal it to v3.
+// Otherwise, return nil.
+//
+// The default case (not v2 or v3) is nil, instead of error, because the
+// resources in the response are more important than the node. The worst case is
+// that the user will receive no Node info, but will still get resources.
+func nodeProtoToV3(n proto.Message) *v3corepb.Node {
+	var node *v3corepb.Node
+	switch nn := n.(type) {
+	case *v3corepb.Node:
+		node = nn
+	case *v2corepb.Node:
+		v2, err := proto.Marshal(nn)
+		if err != nil {
+			logger.Warningf("Failed to marshal node (%v): %v", n, err)
+			break
+		}
+		node = new(v3corepb.Node)
+		if err := proto.Unmarshal(v2, node); err != nil {
+			logger.Warningf("Failed to unmarshal node (%v): %v", v2, err)
+		}
+	default:
+		logger.Warningf("node from bootstrap is %#v, only v2.Node and v3.Node are supported", nn)
+	}
+	return node
+}
+
+func (s *ClientStatusDiscoveryServer) buildLDSPerXDSConfig() *v3statuspb.PerXdsConfig {
+	version, dump := s.xdsClient.DumpLDS()
+	var resources []*v3adminpb.ListenersConfigDump_DynamicListener
+	for name, d := range dump {
+		configDump := &v3adminpb.ListenersConfigDump_DynamicListener{
+			Name:         name,
+			ClientStatus: serviceStatusToProto(d.MD.Status),
+		}
+		if (d.MD.Timestamp != time.Time{}) {
+			configDump.ActiveState = &v3adminpb.ListenersConfigDump_DynamicListenerState{
+				VersionInfo: d.MD.Version,
+				Listener:    d.Raw,
+				LastUpdated: timestamppb.New(d.MD.Timestamp),
+			}
+		}
+		if errState := d.MD.ErrState; errState != nil {
+			configDump.ErrorState = &v3adminpb.UpdateFailureState{
+				LastUpdateAttempt: timestamppb.New(errState.Timestamp),
+				Details:           errState.Err.Error(),
+				VersionInfo:       errState.Version,
+			}
+		}
+		resources = append(resources, configDump)
+	}
+	return &v3statuspb.PerXdsConfig{
+		PerXdsConfig: &v3statuspb.PerXdsConfig_ListenerConfig{
+			ListenerConfig: &v3adminpb.ListenersConfigDump{
+				VersionInfo:      version,
+				DynamicListeners: resources,
+			},
+		},
+	}
+}
+
+func (s *ClientStatusDiscoveryServer) buildRDSPerXDSConfig() *v3statuspb.PerXdsConfig {
+	_, dump := s.xdsClient.DumpRDS()
+	var resources []*v3adminpb.RoutesConfigDump_DynamicRouteConfig
+	for _, d := range dump {
+		configDump := &v3adminpb.RoutesConfigDump_DynamicRouteConfig{
+			VersionInfo:  d.MD.Version,
+			ClientStatus: serviceStatusToProto(d.MD.Status),
+		}
+		if (d.MD.Timestamp != time.Time{}) {
+			configDump.RouteConfig = d.Raw
+			configDump.LastUpdated = timestamppb.New(d.MD.Timestamp)
+		}
+		if errState := d.MD.ErrState; errState != nil {
+			configDump.ErrorState = &v3adminpb.UpdateFailureState{
+				LastUpdateAttempt: timestamppb.New(errState.Timestamp),
+				Details:           errState.Err.Error(),
+				VersionInfo:       errState.Version,
+			}
+		}
+		resources = append(resources, configDump)
+	}
+	return &v3statuspb.PerXdsConfig{
+		PerXdsConfig: &v3statuspb.PerXdsConfig_RouteConfig{
+			RouteConfig: &v3adminpb.RoutesConfigDump{
+				DynamicRouteConfigs: resources,
+			},
+		},
+	}
+}
+
+func (s *ClientStatusDiscoveryServer) buildCDSPerXDSConfig() *v3statuspb.PerXdsConfig {
+	version, dump := s.xdsClient.DumpCDS()
+	var resources []*v3adminpb.ClustersConfigDump_DynamicCluster
+	for _, d := range dump {
+		configDump := &v3adminpb.ClustersConfigDump_DynamicCluster{
+			VersionInfo:  d.MD.Version,
+			ClientStatus: serviceStatusToProto(d.MD.Status),
+		}
+		if (d.MD.Timestamp != time.Time{}) {
+			configDump.Cluster = d.Raw
+			configDump.LastUpdated = timestamppb.New(d.MD.Timestamp)
+		}
+		if errState := d.MD.ErrState; errState != nil {
+			configDump.ErrorState = &v3adminpb.UpdateFailureState{
+				LastUpdateAttempt: timestamppb.New(errState.Timestamp),
+				Details:           errState.Err.Error(),
+				VersionInfo:       errState.Version,
+			}
+		}
+		resources = append(resources, configDump)
+	}
+	return &v3statuspb.PerXdsConfig{
+		PerXdsConfig: &v3statuspb.PerXdsConfig_ClusterConfig{
+			ClusterConfig: &v3adminpb.ClustersConfigDump{
+				VersionInfo:           version,
+				DynamicActiveClusters: resources,
+			},
+		},
+	}
+}
+
+func (s *ClientStatusDiscoveryServer) buildEDSPerXDSConfig() *v3statuspb.PerXdsConfig {
+	_, dump := s.xdsClient.DumpEDS()
+	var resources []*v3adminpb.EndpointsConfigDump_DynamicEndpointConfig
+	for _, d := range dump {
+		configDump := &v3adminpb.EndpointsConfigDump_DynamicEndpointConfig{
+			VersionInfo:  d.MD.Version,
+			ClientStatus: serviceStatusToProto(d.MD.Status),
+		}
+		if (d.MD.Timestamp != time.Time{}) {
+			configDump.EndpointConfig = d.Raw
+			configDump.LastUpdated = timestamppb.New(d.MD.Timestamp)
+		}
+		if errState := d.MD.ErrState; errState != nil {
+			configDump.ErrorState = &v3adminpb.UpdateFailureState{
+				LastUpdateAttempt: timestamppb.New(errState.Timestamp),
+				Details:           errState.Err.Error(),
+				VersionInfo:       errState.Version,
+			}
+		}
+		resources = append(resources, configDump)
+	}
+	return &v3statuspb.PerXdsConfig{
+		PerXdsConfig: &v3statuspb.PerXdsConfig_EndpointConfig{
+			EndpointConfig: &v3adminpb.EndpointsConfigDump{
+				DynamicEndpointConfigs: resources,
+			},
+		},
+	}
+}
+
+func serviceStatusToProto(serviceStatus client.ServiceStatus) v3adminpb.ClientResourceStatus {
+	switch serviceStatus {
+	case client.ServiceStatusUnknown:
+		return v3adminpb.ClientResourceStatus_UNKNOWN
+	case client.ServiceStatusRequested:
+		return v3adminpb.ClientResourceStatus_REQUESTED
+	case client.ServiceStatusNotExist:
+		return v3adminpb.ClientResourceStatus_DOES_NOT_EXIST
+	case client.ServiceStatusACKed:
+		return v3adminpb.ClientResourceStatus_ACKED
+	case client.ServiceStatusNACKed:
+		return v3adminpb.ClientResourceStatus_NACKED
+	default:
+		return v3adminpb.ClientResourceStatus_UNKNOWN
+	}
+}
diff --git a/vendor/google.golang.org/grpc/xds/googledirectpath/googlec2p.go b/vendor/google.golang.org/grpc/xds/googledirectpath/googlec2p.go
new file mode 100644
index 00000000000..4ccec4ec412
--- /dev/null
+++ b/vendor/google.golang.org/grpc/xds/googledirectpath/googlec2p.go
@@ -0,0 +1,179 @@
+/*
+ *
+ * Copyright 2021 gRPC authors.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ */
+
+// Package googledirectpath implements a resolver that configures xds to make
+// cloud to prod directpath connection.
+//
+// It's a combo of DNS and xDS resolvers. It delegates to DNS if
+// - not on GCE, or
+// - xDS bootstrap env var is set (so this client needs to do normal xDS, not
+// direct path, and clients with this scheme is not part of the xDS mesh).
+package googledirectpath
+
+import (
+	"fmt"
+	"time"
+
+	v3corepb "github.com/envoyproxy/go-control-plane/envoy/config/core/v3"
+	"google.golang.org/grpc"
+	"google.golang.org/grpc/credentials/google"
+	"google.golang.org/grpc/grpclog"
+	"google.golang.org/grpc/internal/googlecloud"
+	internalgrpclog "google.golang.org/grpc/internal/grpclog"
+	"google.golang.org/grpc/internal/xds/env"
+	"google.golang.org/grpc/resolver"
+	_ "google.golang.org/grpc/xds" // To register xds resolvers and balancers.
+	xdsclient "google.golang.org/grpc/xds/internal/client"
+	"google.golang.org/grpc/xds/internal/client/bootstrap"
+	"google.golang.org/grpc/xds/internal/version"
+	"google.golang.org/protobuf/types/known/structpb"
+)
+
+const (
+	c2pScheme = "google-c2p"
+
+	tdURL          = "directpath-trafficdirector.googleapis.com"
+	httpReqTimeout = 10 * time.Second
+	zoneURL        = "http://metadata.google.internal/computeMetadata/v1/instance/zone"
+	ipv6URL        = "http://metadata.google.internal/computeMetadata/v1/instance/network-interfaces/0/ipv6s"
+
+	gRPCUserAgentName               = "gRPC Go"
+	clientFeatureNoOverprovisioning = "envoy.lb.does_not_support_overprovisioning"
+	ipv6CapableMetadataName         = "TRAFFICDIRECTOR_DIRECTPATH_C2P_IPV6_CAPABLE"
+
+	logPrefix = "[google-c2p-resolver]"
+
+	dnsName, xdsName = "dns", "xds"
+)
+
+type xdsClientInterface interface {
+	Close()
+}
+
+// For overriding in unittests.
+var (
+	onGCE = googlecloud.OnGCE
+
+	newClientWithConfig = func(config *bootstrap.Config) (xdsClientInterface, error) {
+		return xdsclient.NewWithConfig(config)
+	}
+
+	logger = internalgrpclog.NewPrefixLogger(grpclog.Component("directpath"), logPrefix)
+)
+
+func init() {
+	if env.C2PResolverSupport {
+		resolver.Register(c2pResolverBuilder{})
+	}
+}
+
+type c2pResolverBuilder struct{}
+
+func (c2pResolverBuilder) Build(t resolver.Target, cc resolver.ClientConn, opts resolver.BuildOptions) (resolver.Resolver, error) {
+	if !runDirectPath() {
+		// If not xDS, fallback to DNS.
+		t.Scheme = dnsName
+		return resolver.Get(dnsName).Build(t, cc, opts)
+	}
+
+	// Note that the following calls to getZone() and getIPv6Capable() does I/O,
+	// and has 10 seconds timeout each.
+	//
+	// This should be fine in most of the cases. In certain error cases, this
+	// could block Dial() for up to 10 seconds (each blocking call has its own
+	// goroutine).
+	zoneCh, ipv6CapableCh := make(chan string), make(chan bool)
+	go func() { zoneCh <- getZone(httpReqTimeout) }()
+	go func() { ipv6CapableCh <- getIPv6Capable(httpReqTimeout) }()
+
+	balancerName := env.C2PResolverTestOnlyTrafficDirectorURI
+	if balancerName == "" {
+		balancerName = tdURL
+	}
+	config := &bootstrap.Config{
+		BalancerName: balancerName,
+		Creds:        grpc.WithCredentialsBundle(google.NewDefaultCredentials()),
+		TransportAPI: version.TransportV3,
+		NodeProto:    newNode(<-zoneCh, <-ipv6CapableCh),
+	}
+
+	// Create singleton xds client with this config. The xds client will be
+	// used by the xds resolver later.
+	xdsC, err := newClientWithConfig(config)
+	if err != nil {
+		return nil, fmt.Errorf("failed to start xDS client: %v", err)
+	}
+
+	// Create and return an xDS resolver.
+	t.Scheme = xdsName
+	xdsR, err := resolver.Get(xdsName).Build(t, cc, opts)
+	if err != nil {
+		xdsC.Close()
+		return nil, err
+	}
+	return &c2pResolver{
+		Resolver: xdsR,
+		client:   xdsC,
+	}, nil
+}
+
+func (c2pResolverBuilder) Scheme() string {
+	return c2pScheme
+}
+
+type c2pResolver struct {
+	resolver.Resolver
+	client xdsClientInterface
+}
+
+func (r *c2pResolver) Close() {
+	r.Resolver.Close()
+	r.client.Close()
+}
+
+var ipv6EnabledMetadata = &structpb.Struct{
+	Fields: map[string]*structpb.Value{
+		ipv6CapableMetadataName: structpb.NewBoolValue(true),
+	},
+}
+
+// newNode makes a copy of defaultNode, and populate it's Metadata and
+// Locality fields.
+func newNode(zone string, ipv6Capable bool) *v3corepb.Node {
+	ret := &v3corepb.Node{
+		// Not all required fields are set in defaultNote. Metadata will be set
+		// if ipv6 is enabled. Locality will be set to the value from metadata.
+		Id:                   "C2P",
+		UserAgentName:        gRPCUserAgentName,
+		UserAgentVersionType: &v3corepb.Node_UserAgentVersion{UserAgentVersion: grpc.Version},
+		ClientFeatures:       []string{clientFeatureNoOverprovisioning},
+	}
+	ret.Locality = &v3corepb.Locality{Zone: zone}
+	if ipv6Capable {
+		ret.Metadata = ipv6EnabledMetadata
+	}
+	return ret
+}
+
+// runDirectPath returns whether this resolver should use direct path.
+//
+// direct path is enabled if this client is running on GCE, and the normal xDS
+// is not used (bootstrap env vars are not set).
+func runDirectPath() bool {
+	return env.BootstrapFileName == "" && env.BootstrapFileContent == "" && onGCE()
+}
diff --git a/vendor/google.golang.org/grpc/xds/googledirectpath/utils.go b/vendor/google.golang.org/grpc/xds/googledirectpath/utils.go
new file mode 100644
index 00000000000..60044197978
--- /dev/null
+++ b/vendor/google.golang.org/grpc/xds/googledirectpath/utils.go
@@ -0,0 +1,96 @@
+/*
+ *
+ * Copyright 2021 gRPC authors.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ */
+
+package googledirectpath
+
+import (
+	"bytes"
+	"fmt"
+	"io/ioutil"
+	"net/http"
+	"net/url"
+	"sync"
+	"time"
+)
+
+func getFromMetadata(timeout time.Duration, urlStr string) ([]byte, error) {
+	parsedURL, err := url.Parse(urlStr)
+	if err != nil {
+		return nil, err
+	}
+	client := &http.Client{Timeout: timeout}
+	req := &http.Request{
+		Method: http.MethodGet,
+		URL:    parsedURL,
+		Header: http.Header{"Metadata-Flavor": {"Google"}},
+	}
+	resp, err := client.Do(req)
+	if err != nil {
+		return nil, fmt.Errorf("failed communicating with metadata server: %v", err)
+	}
+	defer resp.Body.Close()
+	if resp.StatusCode != http.StatusOK {
+		return nil, fmt.Errorf("metadata server returned resp with non-OK: %v", resp)
+	}
+	body, err := ioutil.ReadAll(resp.Body)
+	if err != nil {
+		return nil, fmt.Errorf("failed reading from metadata server: %v", err)
+	}
+	return body, nil
+}
+
+var (
+	zone     string
+	zoneOnce sync.Once
+)
+
+// Defined as var to be overridden in tests.
+var getZone = func(timeout time.Duration) string {
+	zoneOnce.Do(func() {
+		qualifiedZone, err := getFromMetadata(timeout, zoneURL)
+		if err != nil {
+			logger.Warningf("could not discover instance zone: %v", err)
+			return
+		}
+		i := bytes.LastIndexByte(qualifiedZone, '/')
+		if i == -1 {
+			logger.Warningf("could not parse zone from metadata server: %s", qualifiedZone)
+			return
+		}
+		zone = string(qualifiedZone[i+1:])
+	})
+	return zone
+}
+
+var (
+	ipv6Capable     bool
+	ipv6CapableOnce sync.Once
+)
+
+// Defined as var to be overridden in tests.
+var getIPv6Capable = func(timeout time.Duration) bool {
+	ipv6CapableOnce.Do(func() {
+		_, err := getFromMetadata(timeout, ipv6URL)
+		if err != nil {
+			logger.Warningf("could not discover ipv6 capability: %v", err)
+			return
+		}
+		ipv6Capable = true
+	})
+	return ipv6Capable
+}
diff --git a/vendor/google.golang.org/grpc/xds/internal/balancer/balancer.go b/vendor/google.golang.org/grpc/xds/internal/balancer/balancer.go
new file mode 100644
index 00000000000..5883027a2c5
--- /dev/null
+++ b/vendor/google.golang.org/grpc/xds/internal/balancer/balancer.go
@@ -0,0 +1,27 @@
+/*
+ *
+ * Copyright 2020 gRPC authors.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ */
+
+// Package balancer installs all the xds balancers.
+package balancer
+
+import (
+	_ "google.golang.org/grpc/xds/internal/balancer/cdsbalancer"    // Register the CDS balancer
+	_ "google.golang.org/grpc/xds/internal/balancer/clustermanager" // Register the xds_cluster_manager balancer
+	_ "google.golang.org/grpc/xds/internal/balancer/edsbalancer"    // Register the EDS balancer
+	_ "google.golang.org/grpc/xds/internal/balancer/weightedtarget" // Register the weighted_target balancer
+)
diff --git a/vendor/google.golang.org/grpc/xds/internal/balancer/balancergroup/balancergroup.go b/vendor/google.golang.org/grpc/xds/internal/balancer/balancergroup/balancergroup.go
new file mode 100644
index 00000000000..5b6d42a25e4
--- /dev/null
+++ b/vendor/google.golang.org/grpc/xds/internal/balancer/balancergroup/balancergroup.go
@@ -0,0 +1,544 @@
+/*
+ * Copyright 2019 gRPC authors.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+// Package balancergroup implements a utility struct to bind multiple balancers
+// into one balancer.
+package balancergroup
+
+import (
+	"fmt"
+	"sync"
+	"time"
+
+	orcapb "github.com/cncf/udpa/go/udpa/data/orca/v1"
+	"google.golang.org/grpc/xds/internal/client/load"
+
+	"google.golang.org/grpc/balancer"
+	"google.golang.org/grpc/connectivity"
+	"google.golang.org/grpc/internal/cache"
+	"google.golang.org/grpc/internal/grpclog"
+	"google.golang.org/grpc/resolver"
+)
+
+// subBalancerWrapper is used to keep the configurations that will be used to start
+// the underlying balancer. It can be called to start/stop the underlying
+// balancer.
+//
+// When the config changes, it will pass the update to the underlying balancer
+// if it exists.
+//
+// TODO: move to a separate file?
+type subBalancerWrapper struct {
+	// subBalancerWrapper is passed to the sub-balancer as a ClientConn
+	// wrapper, only to keep the state and picker.  When sub-balancer is
+	// restarted while in cache, the picker needs to be resent.
+	//
+	// It also contains the sub-balancer ID, so the parent balancer group can
+	// keep track of SubConn/pickers and the sub-balancers they belong to. Some
+	// of the actions are forwarded to the parent ClientConn with no change.
+	// Some are forward to balancer group with the sub-balancer ID.
+	balancer.ClientConn
+	id    string
+	group *BalancerGroup
+
+	mu    sync.Mutex
+	state balancer.State
+
+	// The static part of sub-balancer. Keeps balancerBuilders and addresses.
+	// To be used when restarting sub-balancer.
+	builder balancer.Builder
+	// Options to be passed to sub-balancer at the time of creation.
+	buildOpts balancer.BuildOptions
+	// ccState is a cache of the addresses/balancer config, so when the balancer
+	// is restarted after close, it will get the previous update. It's a pointer
+	// and is set to nil at init, so when the balancer is built for the first
+	// time (not a restart), it won't receive an empty update. Note that this
+	// isn't reset to nil when the underlying balancer is closed.
+	ccState *balancer.ClientConnState
+	// The dynamic part of sub-balancer. Only used when balancer group is
+	// started. Gets cleared when sub-balancer is closed.
+	balancer balancer.Balancer
+}
+
+// UpdateState overrides balancer.ClientConn, to keep state and picker.
+func (sbc *subBalancerWrapper) UpdateState(state balancer.State) {
+	sbc.mu.Lock()
+	sbc.state = state
+	sbc.group.updateBalancerState(sbc.id, state)
+	sbc.mu.Unlock()
+}
+
+// NewSubConn overrides balancer.ClientConn, so balancer group can keep track of
+// the relation between subconns and sub-balancers.
+func (sbc *subBalancerWrapper) NewSubConn(addrs []resolver.Address, opts balancer.NewSubConnOptions) (balancer.SubConn, error) {
+	return sbc.group.newSubConn(sbc, addrs, opts)
+}
+
+func (sbc *subBalancerWrapper) updateBalancerStateWithCachedPicker() {
+	sbc.mu.Lock()
+	if sbc.state.Picker != nil {
+		sbc.group.updateBalancerState(sbc.id, sbc.state)
+	}
+	sbc.mu.Unlock()
+}
+
+func (sbc *subBalancerWrapper) startBalancer() {
+	b := sbc.builder.Build(sbc, sbc.buildOpts)
+	sbc.group.logger.Infof("Created child policy %p of type %v", b, sbc.builder.Name())
+	sbc.balancer = b
+	if sbc.ccState != nil {
+		b.UpdateClientConnState(*sbc.ccState)
+	}
+}
+
+func (sbc *subBalancerWrapper) updateSubConnState(sc balancer.SubConn, state balancer.SubConnState) {
+	b := sbc.balancer
+	if b == nil {
+		// This sub-balancer was closed. This can happen when EDS removes a
+		// locality. The balancer for this locality was already closed, and the
+		// SubConns are being deleted. But SubConn state change can still
+		// happen.
+		return
+	}
+	b.UpdateSubConnState(sc, state)
+}
+
+func (sbc *subBalancerWrapper) updateClientConnState(s balancer.ClientConnState) error {
+	sbc.ccState = &s
+	b := sbc.balancer
+	if b == nil {
+		// This sub-balancer was closed. This should never happen because
+		// sub-balancers are closed when the locality is removed from EDS, or
+		// the balancer group is closed. There should be no further address
+		// updates when either of this happened.
+		//
+		// This will be a common case with priority support, because a
+		// sub-balancer (and the whole balancer group) could be closed because
+		// it's the lower priority, but it can still get address updates.
+		return nil
+	}
+	return b.UpdateClientConnState(s)
+}
+
+func (sbc *subBalancerWrapper) resolverError(err error) {
+	b := sbc.balancer
+	if b == nil {
+		// This sub-balancer was closed. This should never happen because
+		// sub-balancers are closed when the locality is removed from EDS, or
+		// the balancer group is closed. There should be no further address
+		// updates when either of this happened.
+		//
+		// This will be a common case with priority support, because a
+		// sub-balancer (and the whole balancer group) could be closed because
+		// it's the lower priority, but it can still get address updates.
+		return
+	}
+	b.ResolverError(err)
+}
+
+func (sbc *subBalancerWrapper) stopBalancer() {
+	sbc.balancer.Close()
+	sbc.balancer = nil
+}
+
+// BalancerGroup takes a list of balancers, and make them into one balancer.
+//
+// Note that this struct doesn't implement balancer.Balancer, because it's not
+// intended to be used directly as a balancer. It's expected to be used as a
+// sub-balancer manager by a high level balancer.
+//
+// Updates from ClientConn are forwarded to sub-balancers
+//  - service config update
+//     - Not implemented
+//  - address update
+//  - subConn state change
+//     - find the corresponding balancer and forward
+//
+// Actions from sub-balances are forwarded to parent ClientConn
+//  - new/remove SubConn
+//  - picker update and health states change
+//     - sub-pickers are sent to an aggregator provided by the parent, which
+//     will group them into a group-picker. The aggregated connectivity state is
+//     also handled by the aggregator.
+//  - resolveNow
+//
+// Sub-balancers are only built when the balancer group is started. If the
+// balancer group is closed, the sub-balancers are also closed. And it's
+// guaranteed that no updates will be sent to parent ClientConn from a closed
+// balancer group.
+type BalancerGroup struct {
+	cc        balancer.ClientConn
+	buildOpts balancer.BuildOptions
+	logger    *grpclog.PrefixLogger
+	loadStore load.PerClusterReporter
+
+	// stateAggregator is where the state/picker updates will be sent to. It's
+	// provided by the parent balancer, to build a picker with all the
+	// sub-pickers.
+	stateAggregator BalancerStateAggregator
+
+	// outgoingMu guards all operations in the direction:
+	// ClientConn-->Sub-balancer. Including start, stop, resolver updates and
+	// SubConn state changes.
+	//
+	// The corresponding boolean outgoingStarted is used to stop further updates
+	// to sub-balancers after they are closed.
+	outgoingMu         sync.Mutex
+	outgoingStarted    bool
+	idToBalancerConfig map[string]*subBalancerWrapper
+	// Cache for sub-balancers when they are removed.
+	balancerCache *cache.TimeoutCache
+
+	// incomingMu is to make sure this balancer group doesn't send updates to cc
+	// after it's closed.
+	//
+	// We don't share the mutex to avoid deadlocks (e.g. a call to sub-balancer
+	// may call back to balancer group inline. It causes deaclock if they
+	// require the same mutex).
+	//
+	// We should never need to hold multiple locks at the same time in this
+	// struct. The case where two locks are held can only happen when the
+	// underlying balancer calls back into balancer group inline. So there's an
+	// implicit lock acquisition order that outgoingMu is locked before
+	// incomingMu.
+
+	// incomingMu guards all operations in the direction:
+	// Sub-balancer-->ClientConn. Including NewSubConn, RemoveSubConn. It also
+	// guards the map from SubConn to balancer ID, so updateSubConnState needs
+	// to hold it shortly to find the sub-balancer to forward the update.
+	//
+	// UpdateState is called by the balancer state aggretator, and it will
+	// decide when and whether to call.
+	//
+	// The corresponding boolean incomingStarted is used to stop further updates
+	// from sub-balancers after they are closed.
+	incomingMu      sync.Mutex
+	incomingStarted bool // This boolean only guards calls back to ClientConn.
+	scToSubBalancer map[balancer.SubConn]*subBalancerWrapper
+}
+
+// DefaultSubBalancerCloseTimeout is defined as a variable instead of const for
+// testing.
+//
+// TODO: make it a parameter for New().
+var DefaultSubBalancerCloseTimeout = 15 * time.Minute
+
+// New creates a new BalancerGroup. Note that the BalancerGroup
+// needs to be started to work.
+//
+// TODO(easwars): Pass an options struct instead of N args.
+func New(cc balancer.ClientConn, bOpts balancer.BuildOptions, stateAggregator BalancerStateAggregator, loadStore load.PerClusterReporter, logger *grpclog.PrefixLogger) *BalancerGroup {
+	return &BalancerGroup{
+		cc:        cc,
+		buildOpts: bOpts,
+		logger:    logger,
+		loadStore: loadStore,
+
+		stateAggregator: stateAggregator,
+
+		idToBalancerConfig: make(map[string]*subBalancerWrapper),
+		balancerCache:      cache.NewTimeoutCache(DefaultSubBalancerCloseTimeout),
+		scToSubBalancer:    make(map[balancer.SubConn]*subBalancerWrapper),
+	}
+}
+
+// Start starts the balancer group, including building all the sub-balancers,
+// and send the existing addresses to them.
+//
+// A BalancerGroup can be closed and started later. When a BalancerGroup is
+// closed, it can still receive address updates, which will be applied when
+// restarted.
+func (bg *BalancerGroup) Start() {
+	bg.incomingMu.Lock()
+	bg.incomingStarted = true
+	bg.incomingMu.Unlock()
+
+	bg.outgoingMu.Lock()
+	if bg.outgoingStarted {
+		bg.outgoingMu.Unlock()
+		return
+	}
+
+	for _, config := range bg.idToBalancerConfig {
+		config.startBalancer()
+	}
+	bg.outgoingStarted = true
+	bg.outgoingMu.Unlock()
+}
+
+// Add adds a balancer built by builder to the group, with given id.
+func (bg *BalancerGroup) Add(id string, builder balancer.Builder) {
+	// Store data in static map, and then check to see if bg is started.
+	bg.outgoingMu.Lock()
+	var sbc *subBalancerWrapper
+	// If outgoingStarted is true, search in the cache. Otherwise, cache is
+	// guaranteed to be empty, searching is unnecessary.
+	if bg.outgoingStarted {
+		if old, ok := bg.balancerCache.Remove(id); ok {
+			sbc, _ = old.(*subBalancerWrapper)
+			if sbc != nil && sbc.builder != builder {
+				// If the sub-balancer in cache was built with a different
+				// balancer builder, don't use it, cleanup this old-balancer,
+				// and behave as sub-balancer is not found in cache.
+				//
+				// NOTE that this will also drop the cached addresses for this
+				// sub-balancer, which seems to be reasonable.
+				sbc.stopBalancer()
+				// cleanupSubConns must be done before the new balancer starts,
+				// otherwise new SubConns created by the new balancer might be
+				// removed by mistake.
+				bg.cleanupSubConns(sbc)
+				sbc = nil
+			}
+		}
+	}
+	if sbc == nil {
+		sbc = &subBalancerWrapper{
+			ClientConn: bg.cc,
+			id:         id,
+			group:      bg,
+			builder:    builder,
+			buildOpts:  bg.buildOpts,
+		}
+		if bg.outgoingStarted {
+			// Only start the balancer if bg is started. Otherwise, we only keep the
+			// static data.
+			sbc.startBalancer()
+		}
+	} else {
+		// When brining back a sub-balancer from cache, re-send the cached
+		// picker and state.
+		sbc.updateBalancerStateWithCachedPicker()
+	}
+	bg.idToBalancerConfig[id] = sbc
+	bg.outgoingMu.Unlock()
+}
+
+// Remove removes the balancer with id from the group.
+//
+// But doesn't close the balancer. The balancer is kept in a cache, and will be
+// closed after timeout. Cleanup work (closing sub-balancer and removing
+// subconns) will be done after timeout.
+func (bg *BalancerGroup) Remove(id string) {
+	bg.outgoingMu.Lock()
+	if sbToRemove, ok := bg.idToBalancerConfig[id]; ok {
+		if bg.outgoingStarted {
+			bg.balancerCache.Add(id, sbToRemove, func() {
+				// After timeout, when sub-balancer is removed from cache, need
+				// to close the underlying sub-balancer, and remove all its
+				// subconns.
+				bg.outgoingMu.Lock()
+				if bg.outgoingStarted {
+					sbToRemove.stopBalancer()
+				}
+				bg.outgoingMu.Unlock()
+				bg.cleanupSubConns(sbToRemove)
+			})
+		}
+		delete(bg.idToBalancerConfig, id)
+	} else {
+		bg.logger.Infof("balancer group: trying to remove a non-existing locality from balancer group: %v", id)
+	}
+	bg.outgoingMu.Unlock()
+}
+
+// bg.remove(id) doesn't do cleanup for the sub-balancer. This function does
+// cleanup after the timeout.
+func (bg *BalancerGroup) cleanupSubConns(config *subBalancerWrapper) {
+	bg.incomingMu.Lock()
+	// Remove SubConns. This is only done after the balancer is
+	// actually closed.
+	//
+	// NOTE: if NewSubConn is called by this (closed) balancer later, the
+	// SubConn will be leaked. This shouldn't happen if the balancer
+	// implementation is correct. To make sure this never happens, we need to
+	// add another layer (balancer manager) between balancer group and the
+	// sub-balancers.
+	for sc, b := range bg.scToSubBalancer {
+		if b == config {
+			bg.cc.RemoveSubConn(sc)
+			delete(bg.scToSubBalancer, sc)
+		}
+	}
+	bg.incomingMu.Unlock()
+}
+
+// Following are actions from the parent grpc.ClientConn, forward to sub-balancers.
+
+// UpdateSubConnState handles the state for the subconn. It finds the
+// corresponding balancer and forwards the update.
+func (bg *BalancerGroup) UpdateSubConnState(sc balancer.SubConn, state balancer.SubConnState) {
+	bg.incomingMu.Lock()
+	config, ok := bg.scToSubBalancer[sc]
+	if !ok {
+		bg.incomingMu.Unlock()
+		return
+	}
+	if state.ConnectivityState == connectivity.Shutdown {
+		// Only delete sc from the map when state changed to Shutdown.
+		delete(bg.scToSubBalancer, sc)
+	}
+	bg.incomingMu.Unlock()
+
+	bg.outgoingMu.Lock()
+	config.updateSubConnState(sc, state)
+	bg.outgoingMu.Unlock()
+}
+
+// UpdateClientConnState handles ClientState (including balancer config and
+// addresses) from resolver. It finds the balancer and forwards the update.
+func (bg *BalancerGroup) UpdateClientConnState(id string, s balancer.ClientConnState) error {
+	bg.outgoingMu.Lock()
+	defer bg.outgoingMu.Unlock()
+	if config, ok := bg.idToBalancerConfig[id]; ok {
+		return config.updateClientConnState(s)
+	}
+	return nil
+}
+
+// ResolverError forwards resolver errors to all sub-balancers.
+func (bg *BalancerGroup) ResolverError(err error) {
+	bg.outgoingMu.Lock()
+	for _, config := range bg.idToBalancerConfig {
+		config.resolverError(err)
+	}
+	bg.outgoingMu.Unlock()
+}
+
+// Following are actions from sub-balancers, forward to ClientConn.
+
+// newSubConn: forward to ClientConn, and also create a map from sc to balancer,
+// so state update will find the right balancer.
+//
+// One note about removing SubConn: only forward to ClientConn, but not delete
+// from map. Delete sc from the map only when state changes to Shutdown. Since
+// it's just forwarding the action, there's no need for a removeSubConn()
+// wrapper function.
+func (bg *BalancerGroup) newSubConn(config *subBalancerWrapper, addrs []resolver.Address, opts balancer.NewSubConnOptions) (balancer.SubConn, error) {
+	// NOTE: if balancer with id was already removed, this should also return
+	// error. But since we call balancer.stopBalancer when removing the balancer, this
+	// shouldn't happen.
+	bg.incomingMu.Lock()
+	if !bg.incomingStarted {
+		bg.incomingMu.Unlock()
+		return nil, fmt.Errorf("NewSubConn is called after balancer group is closed")
+	}
+	sc, err := bg.cc.NewSubConn(addrs, opts)
+	if err != nil {
+		bg.incomingMu.Unlock()
+		return nil, err
+	}
+	bg.scToSubBalancer[sc] = config
+	bg.incomingMu.Unlock()
+	return sc, nil
+}
+
+// updateBalancerState: forward the new state to balancer state aggregator. The
+// aggregator will create an aggregated picker and an aggregated connectivity
+// state, then forward to ClientConn.
+func (bg *BalancerGroup) updateBalancerState(id string, state balancer.State) {
+	bg.logger.Infof("Balancer state update from locality %v, new state: %+v", id, state)
+	if bg.loadStore != nil {
+		// Only wrap the picker to do load reporting if loadStore was set.
+		state.Picker = newLoadReportPicker(state.Picker, id, bg.loadStore)
+	}
+
+	// Send new state to the aggregator, without holding the incomingMu.
+	// incomingMu is to protect all calls to the parent ClientConn, this update
+	// doesn't necessary trigger a call to ClientConn, and should already be
+	// protected by aggregator's mutex if necessary.
+	if bg.stateAggregator != nil {
+		bg.stateAggregator.UpdateState(id, state)
+	}
+}
+
+// Close closes the balancer. It stops sub-balancers, and removes the subconns.
+// The BalancerGroup can be restarted later.
+func (bg *BalancerGroup) Close() {
+	bg.incomingMu.Lock()
+	if bg.incomingStarted {
+		bg.incomingStarted = false
+		// Also remove all SubConns.
+		for sc := range bg.scToSubBalancer {
+			bg.cc.RemoveSubConn(sc)
+			delete(bg.scToSubBalancer, sc)
+		}
+	}
+	bg.incomingMu.Unlock()
+
+	// Clear(true) runs clear function to close sub-balancers in cache. It
+	// must be called out of outgoing mutex.
+	bg.balancerCache.Clear(true)
+
+	bg.outgoingMu.Lock()
+	if bg.outgoingStarted {
+		bg.outgoingStarted = false
+		for _, config := range bg.idToBalancerConfig {
+			config.stopBalancer()
+		}
+	}
+	bg.outgoingMu.Unlock()
+}
+
+const (
+	serverLoadCPUName    = "cpu_utilization"
+	serverLoadMemoryName = "mem_utilization"
+)
+
+type loadReportPicker struct {
+	p balancer.Picker
+
+	locality  string
+	loadStore load.PerClusterReporter
+}
+
+func newLoadReportPicker(p balancer.Picker, id string, loadStore load.PerClusterReporter) *loadReportPicker {
+	return &loadReportPicker{
+		p:         p,
+		locality:  id,
+		loadStore: loadStore,
+	}
+}
+
+func (lrp *loadReportPicker) Pick(info balancer.PickInfo) (balancer.PickResult, error) {
+	res, err := lrp.p.Pick(info)
+	if err != nil {
+		return res, err
+	}
+
+	lrp.loadStore.CallStarted(lrp.locality)
+	oldDone := res.Done
+	res.Done = func(info balancer.DoneInfo) {
+		if oldDone != nil {
+			oldDone(info)
+		}
+		lrp.loadStore.CallFinished(lrp.locality, info.Err)
+
+		load, ok := info.ServerLoad.(*orcapb.OrcaLoadReport)
+		if !ok {
+			return
+		}
+		lrp.loadStore.CallServerLoad(lrp.locality, serverLoadCPUName, load.CpuUtilization)
+		lrp.loadStore.CallServerLoad(lrp.locality, serverLoadMemoryName, load.MemUtilization)
+		for n, d := range load.RequestCost {
+			lrp.loadStore.CallServerLoad(lrp.locality, n, d)
+		}
+		for n, d := range load.Utilization {
+			lrp.loadStore.CallServerLoad(lrp.locality, n, d)
+		}
+	}
+	return res, err
+}
diff --git a/vendor/google.golang.org/grpc/xds/internal/balancer/balancergroup/balancerstateaggregator.go b/vendor/google.golang.org/grpc/xds/internal/balancer/balancergroup/balancerstateaggregator.go
new file mode 100644
index 00000000000..11639438505
--- /dev/null
+++ b/vendor/google.golang.org/grpc/xds/internal/balancer/balancergroup/balancerstateaggregator.go
@@ -0,0 +1,37 @@
+/*
+ *
+ * Copyright 2020 gRPC authors.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ */
+
+package balancergroup
+
+import (
+	"google.golang.org/grpc/balancer"
+)
+
+// BalancerStateAggregator aggregates sub-picker and connectivity states into a
+// state.
+//
+// It takes care of merging sub-picker into one picker. The picking config is
+// passed directly from the the parent to the aggregator implementation (instead
+// via balancer group).
+type BalancerStateAggregator interface {
+	// UpdateState updates the state of the id.
+	//
+	// It's up to the implementation whether this will trigger an update to the
+	// parent ClientConn.
+	UpdateState(id string, state balancer.State)
+}
diff --git a/vendor/google.golang.org/grpc/xds/internal/balancer/cdsbalancer/cdsbalancer.go b/vendor/google.golang.org/grpc/xds/internal/balancer/cdsbalancer/cdsbalancer.go
new file mode 100644
index 00000000000..bf1519bb8ce
--- /dev/null
+++ b/vendor/google.golang.org/grpc/xds/internal/balancer/cdsbalancer/cdsbalancer.go
@@ -0,0 +1,537 @@
+/*
+ * Copyright 2019 gRPC authors.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+// Package cdsbalancer implements a balancer to handle CDS responses.
+package cdsbalancer
+
+import (
+	"encoding/json"
+	"errors"
+	"fmt"
+
+	"google.golang.org/grpc/balancer"
+	"google.golang.org/grpc/balancer/base"
+	"google.golang.org/grpc/connectivity"
+	"google.golang.org/grpc/credentials"
+	"google.golang.org/grpc/credentials/tls/certprovider"
+	"google.golang.org/grpc/internal/buffer"
+	xdsinternal "google.golang.org/grpc/internal/credentials/xds"
+	"google.golang.org/grpc/internal/grpclog"
+	"google.golang.org/grpc/internal/grpcsync"
+	"google.golang.org/grpc/resolver"
+	"google.golang.org/grpc/serviceconfig"
+	"google.golang.org/grpc/xds/internal/balancer/edsbalancer"
+	xdsclient "google.golang.org/grpc/xds/internal/client"
+	"google.golang.org/grpc/xds/internal/client/bootstrap"
+)
+
+const (
+	cdsName = "cds_experimental"
+	edsName = "eds_experimental"
+)
+
+var (
+	errBalancerClosed = errors.New("cdsBalancer is closed")
+
+	// newEDSBalancer is a helper function to build a new edsBalancer and will be
+	// overridden in unittests.
+	newEDSBalancer = func(cc balancer.ClientConn, opts balancer.BuildOptions) (balancer.Balancer, error) {
+		builder := balancer.Get(edsName)
+		if builder == nil {
+			return nil, fmt.Errorf("xds: no balancer builder with name %v", edsName)
+		}
+		// We directly pass the parent clientConn to the
+		// underlying edsBalancer because the cdsBalancer does
+		// not deal with subConns.
+		return builder.Build(cc, opts), nil
+	}
+	newXDSClient  = func() (xdsClientInterface, error) { return xdsclient.New() }
+	buildProvider = buildProviderFunc
+)
+
+func init() {
+	balancer.Register(cdsBB{})
+}
+
+// cdsBB (short for cdsBalancerBuilder) implements the balancer.Builder
+// interface to help build a cdsBalancer.
+// It also implements the balancer.ConfigParser interface to help parse the
+// JSON service config, to be passed to the cdsBalancer.
+type cdsBB struct{}
+
+// Build creates a new CDS balancer with the ClientConn.
+func (cdsBB) Build(cc balancer.ClientConn, opts balancer.BuildOptions) balancer.Balancer {
+	b := &cdsBalancer{
+		bOpts:       opts,
+		updateCh:    buffer.NewUnbounded(),
+		closed:      grpcsync.NewEvent(),
+		done:        grpcsync.NewEvent(),
+		cancelWatch: func() {}, // No-op at this point.
+		xdsHI:       xdsinternal.NewHandshakeInfo(nil, nil),
+	}
+	b.logger = prefixLogger((b))
+	b.logger.Infof("Created")
+
+	client, err := newXDSClient()
+	if err != nil {
+		b.logger.Errorf("failed to create xds-client: %v", err)
+		return nil
+	}
+	b.xdsClient = client
+
+	var creds credentials.TransportCredentials
+	switch {
+	case opts.DialCreds != nil:
+		creds = opts.DialCreds
+	case opts.CredsBundle != nil:
+		creds = opts.CredsBundle.TransportCredentials()
+	}
+	if xc, ok := creds.(interface{ UsesXDS() bool }); ok && xc.UsesXDS() {
+		b.xdsCredsInUse = true
+	}
+	b.logger.Infof("xDS credentials in use: %v", b.xdsCredsInUse)
+
+	b.ccw = &ccWrapper{
+		ClientConn: cc,
+		xdsHI:      b.xdsHI,
+	}
+	go b.run()
+	return b
+}
+
+// Name returns the name of balancers built by this builder.
+func (cdsBB) Name() string {
+	return cdsName
+}
+
+// lbConfig represents the loadBalancingConfig section of the service config
+// for the cdsBalancer.
+type lbConfig struct {
+	serviceconfig.LoadBalancingConfig
+	ClusterName string `json:"Cluster"`
+}
+
+// ParseConfig parses the JSON load balancer config provided into an
+// internal form or returns an error if the config is invalid.
+func (cdsBB) ParseConfig(c json.RawMessage) (serviceconfig.LoadBalancingConfig, error) {
+	var cfg lbConfig
+	if err := json.Unmarshal(c, &cfg); err != nil {
+		return nil, fmt.Errorf("xds: unable to unmarshal lbconfig: %s, error: %v", string(c), err)
+	}
+	return &cfg, nil
+}
+
+// xdsClientInterface contains methods from xdsClient.Client which are used by
+// the cdsBalancer. This will be faked out in unittests.
+type xdsClientInterface interface {
+	WatchCluster(string, func(xdsclient.ClusterUpdate, error)) func()
+	BootstrapConfig() *bootstrap.Config
+	Close()
+}
+
+// ccUpdate wraps a clientConn update received from gRPC (pushed from the
+// xdsResolver). A valid clusterName causes the cdsBalancer to register a CDS
+// watcher with the xdsClient, while a non-nil error causes it to cancel the
+// existing watch and propagate the error to the underlying edsBalancer.
+type ccUpdate struct {
+	clusterName string
+	err         error
+}
+
+// scUpdate wraps a subConn update received from gRPC. This is directly passed
+// on to the edsBalancer.
+type scUpdate struct {
+	subConn balancer.SubConn
+	state   balancer.SubConnState
+}
+
+// watchUpdate wraps the information received from a registered CDS watcher. A
+// non-nil error is propagated to the underlying edsBalancer. A valid update
+// results in creating a new edsBalancer (if one doesn't already exist) and
+// pushing the update to it.
+type watchUpdate struct {
+	cds xdsclient.ClusterUpdate
+	err error
+}
+
+// cdsBalancer implements a CDS based LB policy. It instantiates an EDS based
+// LB policy to further resolve the serviceName received from CDS, into
+// localities and endpoints. Implements the balancer.Balancer interface which
+// is exposed to gRPC and implements the balancer.ClientConn interface which is
+// exposed to the edsBalancer.
+type cdsBalancer struct {
+	ccw            *ccWrapper            // ClientConn interface passed to child LB.
+	bOpts          balancer.BuildOptions // BuildOptions passed to child LB.
+	updateCh       *buffer.Unbounded     // Channel for gRPC and xdsClient updates.
+	xdsClient      xdsClientInterface    // xDS client to watch Cluster resource.
+	cancelWatch    func()                // Cluster watch cancel func.
+	edsLB          balancer.Balancer     // EDS child policy.
+	clusterToWatch string
+	logger         *grpclog.PrefixLogger
+	closed         *grpcsync.Event
+	done           *grpcsync.Event
+
+	// The certificate providers are cached here to that they can be closed when
+	// a new provider is to be created.
+	cachedRoot     certprovider.Provider
+	cachedIdentity certprovider.Provider
+	xdsHI          *xdsinternal.HandshakeInfo
+	xdsCredsInUse  bool
+}
+
+// handleClientConnUpdate handles a ClientConnUpdate received from gRPC. Good
+// updates lead to registration of a CDS watch. Updates with error lead to
+// cancellation of existing watch and propagation of the same error to the
+// edsBalancer.
+func (b *cdsBalancer) handleClientConnUpdate(update *ccUpdate) {
+	// We first handle errors, if any, and then proceed with handling the
+	// update, only if the status quo has changed.
+	if err := update.err; err != nil {
+		b.handleErrorFromUpdate(err, true)
+	}
+	if b.clusterToWatch == update.clusterName {
+		return
+	}
+	if update.clusterName != "" {
+		cancelWatch := b.xdsClient.WatchCluster(update.clusterName, b.handleClusterUpdate)
+		b.logger.Infof("Watch started on resource name %v with xds-client %p", update.clusterName, b.xdsClient)
+		b.cancelWatch = func() {
+			cancelWatch()
+			b.logger.Infof("Watch cancelled on resource name %v with xds-client %p", update.clusterName, b.xdsClient)
+		}
+		b.clusterToWatch = update.clusterName
+	}
+}
+
+// handleSecurityConfig processes the security configuration received from the
+// management server, creates appropriate certificate provider plugins, and
+// updates the HandhakeInfo which is added as an address attribute in
+// NewSubConn() calls.
+func (b *cdsBalancer) handleSecurityConfig(config *xdsclient.SecurityConfig) error {
+	// If xdsCredentials are not in use, i.e, the user did not want to get
+	// security configuration from an xDS server, we should not be acting on the
+	// received security config here. Doing so poses a security threat.
+	if !b.xdsCredsInUse {
+		return nil
+	}
+
+	// Security config being nil is a valid case where the management server has
+	// not sent any security configuration. The xdsCredentials implementation
+	// handles this by delegating to its fallback credentials.
+	if config == nil {
+		// We need to explicitly set the fields to nil here since this might be
+		// a case of switching from a good security configuration to an empty
+		// one where fallback credentials are to be used.
+		b.xdsHI.SetRootCertProvider(nil)
+		b.xdsHI.SetIdentityCertProvider(nil)
+		b.xdsHI.SetSANMatchers(nil)
+		return nil
+	}
+
+	bc := b.xdsClient.BootstrapConfig()
+	if bc == nil || bc.CertProviderConfigs == nil {
+		// Bootstrap did not find any certificate provider configs, but the user
+		// has specified xdsCredentials and the management server has sent down
+		// security configuration.
+		return errors.New("xds: certificate_providers config missing in bootstrap file")
+	}
+	cpc := bc.CertProviderConfigs
+
+	// A root provider is required whether we are using TLS or mTLS.
+	rootProvider, err := buildProvider(cpc, config.RootInstanceName, config.RootCertName, false, true)
+	if err != nil {
+		return err
+	}
+
+	// The identity provider is only present when using mTLS.
+	var identityProvider certprovider.Provider
+	if name, cert := config.IdentityInstanceName, config.IdentityCertName; name != "" {
+		var err error
+		identityProvider, err = buildProvider(cpc, name, cert, true, false)
+		if err != nil {
+			return err
+		}
+	}
+
+	// Close the old providers and cache the new ones.
+	if b.cachedRoot != nil {
+		b.cachedRoot.Close()
+	}
+	if b.cachedIdentity != nil {
+		b.cachedIdentity.Close()
+	}
+	b.cachedRoot = rootProvider
+	b.cachedIdentity = identityProvider
+
+	// We set all fields here, even if some of them are nil, since they
+	// could have been non-nil earlier.
+	b.xdsHI.SetRootCertProvider(rootProvider)
+	b.xdsHI.SetIdentityCertProvider(identityProvider)
+	b.xdsHI.SetSANMatchers(config.SubjectAltNameMatchers)
+	return nil
+}
+
+func buildProviderFunc(configs map[string]*certprovider.BuildableConfig, instanceName, certName string, wantIdentity, wantRoot bool) (certprovider.Provider, error) {
+	cfg, ok := configs[instanceName]
+	if !ok {
+		return nil, fmt.Errorf("certificate provider instance %q not found in bootstrap file", instanceName)
+	}
+	provider, err := cfg.Build(certprovider.BuildOptions{
+		CertName:     certName,
+		WantIdentity: wantIdentity,
+		WantRoot:     wantRoot,
+	})
+	if err != nil {
+		// This error is not expected since the bootstrap process parses the
+		// config and makes sure that it is acceptable to the plugin. Still, it
+		// is possible that the plugin parses the config successfully, but its
+		// Build() method errors out.
+		return nil, fmt.Errorf("xds: failed to get security plugin instance (%+v): %v", cfg, err)
+	}
+	return provider, nil
+}
+
+// handleWatchUpdate handles a watch update from the xDS Client. Good updates
+// lead to clientConn updates being invoked on the underlying edsBalancer.
+func (b *cdsBalancer) handleWatchUpdate(update *watchUpdate) {
+	if err := update.err; err != nil {
+		b.logger.Warningf("Watch error from xds-client %p: %v", b.xdsClient, err)
+		b.handleErrorFromUpdate(err, false)
+		return
+	}
+
+	b.logger.Infof("Watch update from xds-client %p, content: %+v", b.xdsClient, update.cds)
+
+	// Process the security config from the received update before building the
+	// child policy or forwarding the update to it. We do this because the child
+	// policy may try to create a new subConn inline. Processing the security
+	// configuration here and setting up the handshakeInfo will make sure that
+	// such attempts are handled properly.
+	if err := b.handleSecurityConfig(update.cds.SecurityCfg); err != nil {
+		// If the security config is invalid, for example, if the provider
+		// instance is not found in the bootstrap config, we need to put the
+		// channel in transient failure.
+		b.logger.Warningf("Invalid security config update from xds-client %p: %v", b.xdsClient, err)
+		b.handleErrorFromUpdate(err, false)
+		return
+	}
+
+	// The first good update from the watch API leads to the instantiation of an
+	// edsBalancer. Further updates/errors are propagated to the existing
+	// edsBalancer.
+	if b.edsLB == nil {
+		edsLB, err := newEDSBalancer(b.ccw, b.bOpts)
+		if err != nil {
+			b.logger.Errorf("Failed to create child policy of type %s, %v", edsName, err)
+			return
+		}
+		b.edsLB = edsLB
+		b.logger.Infof("Created child policy %p of type %s", b.edsLB, edsName)
+	}
+	lbCfg := &edsbalancer.EDSConfig{
+		EDSServiceName:        update.cds.ServiceName,
+		MaxConcurrentRequests: update.cds.MaxRequests,
+	}
+	if update.cds.EnableLRS {
+		// An empty string here indicates that the edsBalancer should use the
+		// same xDS server for load reporting as it does for EDS
+		// requests/responses.
+		lbCfg.LrsLoadReportingServerName = new(string)
+
+	}
+	ccState := balancer.ClientConnState{
+		BalancerConfig: lbCfg,
+	}
+	if err := b.edsLB.UpdateClientConnState(ccState); err != nil {
+		b.logger.Errorf("xds: edsBalancer.UpdateClientConnState(%+v) returned error: %v", ccState, err)
+	}
+}
+
+// run is a long-running goroutine which handles all updates from gRPC. All
+// methods which are invoked directly by gRPC or xdsClient simply push an
+// update onto a channel which is read and acted upon right here.
+func (b *cdsBalancer) run() {
+	for {
+		select {
+		case u := <-b.updateCh.Get():
+			b.updateCh.Load()
+			switch update := u.(type) {
+			case *ccUpdate:
+				b.handleClientConnUpdate(update)
+			case *scUpdate:
+				// SubConn updates are passthrough and are simply handed over to
+				// the underlying edsBalancer.
+				if b.edsLB == nil {
+					b.logger.Errorf("xds: received scUpdate {%+v} with no edsBalancer", update)
+					break
+				}
+				b.edsLB.UpdateSubConnState(update.subConn, update.state)
+			case *watchUpdate:
+				b.handleWatchUpdate(update)
+			}
+		case <-b.closed.Done():
+			b.cancelWatch()
+			b.cancelWatch = func() {}
+
+			if b.edsLB != nil {
+				b.edsLB.Close()
+				b.edsLB = nil
+			}
+			b.xdsClient.Close()
+			if b.cachedRoot != nil {
+				b.cachedRoot.Close()
+			}
+			if b.cachedIdentity != nil {
+				b.cachedIdentity.Close()
+			}
+			b.logger.Infof("Shutdown")
+			b.done.Fire()
+			return
+		}
+	}
+}
+
+// handleErrorFromUpdate handles both the error from parent ClientConn (from
+// resolver) and the error from xds client (from the watcher). fromParent is
+// true if error is from parent ClientConn.
+//
+// If the error is connection error, it's passed down to the child policy.
+// Nothing needs to be done in CDS (e.g. it doesn't go into fallback).
+//
+// If the error is resource-not-found:
+// - If it's from resolver, it means LDS resources were removed. The CDS watch
+// should be canceled.
+// - If it's from xds client, it means CDS resource were removed. The CDS
+// watcher should keep watching.
+//
+// In both cases, the error will be forwarded to EDS balancer. And if error is
+// resource-not-found, the child EDS balancer will stop watching EDS.
+func (b *cdsBalancer) handleErrorFromUpdate(err error, fromParent bool) {
+	// TODO: connection errors will be sent to the eds balancers directly, and
+	// also forwarded by the parent balancers/resolvers. So the eds balancer may
+	// see the same error multiple times. We way want to only forward the error
+	// to eds if it's not a connection error.
+	//
+	// This is not necessary today, because xds client never sends connection
+	// errors.
+	if fromParent && xdsclient.ErrType(err) == xdsclient.ErrorTypeResourceNotFound {
+		b.cancelWatch()
+	}
+	if b.edsLB != nil {
+		b.edsLB.ResolverError(err)
+	} else {
+		// If eds balancer was never created, fail the RPCs with
+		// errors.
+		b.ccw.UpdateState(balancer.State{
+			ConnectivityState: connectivity.TransientFailure,
+			Picker:            base.NewErrPicker(err),
+		})
+	}
+}
+
+// handleClusterUpdate is the CDS watch API callback. It simply pushes the
+// received information on to the update channel for run() to pick it up.
+func (b *cdsBalancer) handleClusterUpdate(cu xdsclient.ClusterUpdate, err error) {
+	if b.closed.HasFired() {
+		b.logger.Warningf("xds: received cluster update {%+v} after cdsBalancer was closed", cu)
+		return
+	}
+	b.updateCh.Put(&watchUpdate{cds: cu, err: err})
+}
+
+// UpdateClientConnState receives the serviceConfig (which contains the
+// clusterName to watch for in CDS) and the xdsClient object from the
+// xdsResolver.
+func (b *cdsBalancer) UpdateClientConnState(state balancer.ClientConnState) error {
+	if b.closed.HasFired() {
+		b.logger.Warningf("xds: received ClientConnState {%+v} after cdsBalancer was closed", state)
+		return errBalancerClosed
+	}
+
+	b.logger.Infof("Received update from resolver, balancer config: %+v", state.BalancerConfig)
+	// The errors checked here should ideally never happen because the
+	// ServiceConfig in this case is prepared by the xdsResolver and is not
+	// something that is received on the wire.
+	lbCfg, ok := state.BalancerConfig.(*lbConfig)
+	if !ok {
+		b.logger.Warningf("xds: unexpected LoadBalancingConfig type: %T", state.BalancerConfig)
+		return balancer.ErrBadResolverState
+	}
+	if lbCfg.ClusterName == "" {
+		b.logger.Warningf("xds: no clusterName found in LoadBalancingConfig: %+v", lbCfg)
+		return balancer.ErrBadResolverState
+	}
+	b.updateCh.Put(&ccUpdate{clusterName: lbCfg.ClusterName})
+	return nil
+}
+
+// ResolverError handles errors reported by the xdsResolver.
+func (b *cdsBalancer) ResolverError(err error) {
+	if b.closed.HasFired() {
+		b.logger.Warningf("xds: received resolver error {%v} after cdsBalancer was closed", err)
+		return
+	}
+	b.updateCh.Put(&ccUpdate{err: err})
+}
+
+// UpdateSubConnState handles subConn updates from gRPC.
+func (b *cdsBalancer) UpdateSubConnState(sc balancer.SubConn, state balancer.SubConnState) {
+	if b.closed.HasFired() {
+		b.logger.Warningf("xds: received subConn update {%v, %v} after cdsBalancer was closed", sc, state)
+		return
+	}
+	b.updateCh.Put(&scUpdate{subConn: sc, state: state})
+}
+
+// Close cancels the CDS watch, closes the child policy and closes the
+// cdsBalancer.
+func (b *cdsBalancer) Close() {
+	b.closed.Fire()
+	<-b.done.Done()
+}
+
+// ccWrapper wraps the balancer.ClientConn passed to the CDS balancer at
+// creation and intercepts the NewSubConn() and UpdateAddresses() call from the
+// child policy to add security configuration required by xDS credentials.
+//
+// Other methods of the balancer.ClientConn interface are not overridden and
+// hence get the original implementation.
+type ccWrapper struct {
+	balancer.ClientConn
+
+	// The certificate providers in this HandshakeInfo are updated based on the
+	// received security configuration in the Cluster resource.
+	xdsHI *xdsinternal.HandshakeInfo
+}
+
+// NewSubConn intercepts NewSubConn() calls from the child policy and adds an
+// address attribute which provides all information required by the xdsCreds
+// handshaker to perform the TLS handshake.
+func (ccw *ccWrapper) NewSubConn(addrs []resolver.Address, opts balancer.NewSubConnOptions) (balancer.SubConn, error) {
+	newAddrs := make([]resolver.Address, len(addrs))
+	for i, addr := range addrs {
+		newAddrs[i] = xdsinternal.SetHandshakeInfo(addr, ccw.xdsHI)
+	}
+	return ccw.ClientConn.NewSubConn(newAddrs, opts)
+}
+
+func (ccw *ccWrapper) UpdateAddresses(sc balancer.SubConn, addrs []resolver.Address) {
+	newAddrs := make([]resolver.Address, len(addrs))
+	for i, addr := range addrs {
+		newAddrs[i] = xdsinternal.SetHandshakeInfo(addr, ccw.xdsHI)
+	}
+	ccw.ClientConn.UpdateAddresses(sc, newAddrs)
+}
diff --git a/vendor/google.golang.org/grpc/xds/internal/balancer/cdsbalancer/logging.go b/vendor/google.golang.org/grpc/xds/internal/balancer/cdsbalancer/logging.go
new file mode 100644
index 00000000000..e179bb1bf16
--- /dev/null
+++ b/vendor/google.golang.org/grpc/xds/internal/balancer/cdsbalancer/logging.go
@@ -0,0 +1,34 @@
+/*
+ *
+ * Copyright 2020 gRPC authors.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ */
+
+package cdsbalancer
+
+import (
+	"fmt"
+
+	"google.golang.org/grpc/grpclog"
+	internalgrpclog "google.golang.org/grpc/internal/grpclog"
+)
+
+const prefix = "[cds-lb %p] "
+
+var logger = grpclog.Component("xds")
+
+func prefixLogger(p *cdsBalancer) *internalgrpclog.PrefixLogger {
+	return internalgrpclog.NewPrefixLogger(logger, fmt.Sprintf(prefix, p))
+}
diff --git a/vendor/google.golang.org/grpc/xds/internal/balancer/clustermanager/balancerstateaggregator.go b/vendor/google.golang.org/grpc/xds/internal/balancer/clustermanager/balancerstateaggregator.go
new file mode 100644
index 00000000000..35eb86c3590
--- /dev/null
+++ b/vendor/google.golang.org/grpc/xds/internal/balancer/clustermanager/balancerstateaggregator.go
@@ -0,0 +1,215 @@
+/*
+ *
+ * Copyright 2020 gRPC authors.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ */
+
+package clustermanager
+
+import (
+	"fmt"
+	"sync"
+
+	"google.golang.org/grpc/balancer"
+	"google.golang.org/grpc/balancer/base"
+	"google.golang.org/grpc/connectivity"
+	"google.golang.org/grpc/internal/grpclog"
+)
+
+type subBalancerState struct {
+	state balancer.State
+	// stateToAggregate is the connectivity state used only for state
+	// aggregation. It could be different from state.ConnectivityState. For
+	// example when a sub-balancer transitions from TransientFailure to
+	// connecting, state.ConnectivityState is Connecting, but stateToAggregate
+	// is still TransientFailure.
+	stateToAggregate connectivity.State
+}
+
+func (s *subBalancerState) String() string {
+	return fmt.Sprintf("picker:%p,state:%v,stateToAggregate:%v", s.state.Picker, s.state.ConnectivityState, s.stateToAggregate)
+}
+
+type balancerStateAggregator struct {
+	cc     balancer.ClientConn
+	logger *grpclog.PrefixLogger
+
+	mu sync.Mutex
+	// If started is false, no updates should be sent to the parent cc. A closed
+	// sub-balancer could still send pickers to this aggregator. This makes sure
+	// that no updates will be forwarded to parent when the whole balancer group
+	// and states aggregator is closed.
+	started bool
+	// All balancer IDs exist as keys in this map, even if balancer group is not
+	// started.
+	//
+	// If an ID is not in map, it's either removed or never added.
+	idToPickerState map[string]*subBalancerState
+}
+
+func newBalancerStateAggregator(cc balancer.ClientConn, logger *grpclog.PrefixLogger) *balancerStateAggregator {
+	return &balancerStateAggregator{
+		cc:              cc,
+		logger:          logger,
+		idToPickerState: make(map[string]*subBalancerState),
+	}
+}
+
+// Start starts the aggregator. It can be called after Close to restart the
+// aggretator.
+func (bsa *balancerStateAggregator) start() {
+	bsa.mu.Lock()
+	defer bsa.mu.Unlock()
+	bsa.started = true
+}
+
+// Close closes the aggregator. When the aggregator is closed, it won't call
+// parent ClientConn to update balancer state.
+func (bsa *balancerStateAggregator) close() {
+	bsa.mu.Lock()
+	defer bsa.mu.Unlock()
+	bsa.started = false
+	bsa.clearStates()
+}
+
+// add adds a sub-balancer state with weight. It adds a place holder, and waits
+// for the real sub-balancer to update state.
+//
+// This is called when there's a new child.
+func (bsa *balancerStateAggregator) add(id string) {
+	bsa.mu.Lock()
+	defer bsa.mu.Unlock()
+	bsa.idToPickerState[id] = &subBalancerState{
+		// Start everything in CONNECTING, so if one of the sub-balancers
+		// reports TransientFailure, the RPCs will still wait for the other
+		// sub-balancers.
+		state: balancer.State{
+			ConnectivityState: connectivity.Connecting,
+			Picker:            base.NewErrPicker(balancer.ErrNoSubConnAvailable),
+		},
+		stateToAggregate: connectivity.Connecting,
+	}
+}
+
+// remove removes the sub-balancer state. Future updates from this sub-balancer,
+// if any, will be ignored.
+//
+// This is called when a child is removed.
+func (bsa *balancerStateAggregator) remove(id string) {
+	bsa.mu.Lock()
+	defer bsa.mu.Unlock()
+	if _, ok := bsa.idToPickerState[id]; !ok {
+		return
+	}
+	// Remove id and picker from picker map. This also results in future updates
+	// for this ID to be ignored.
+	delete(bsa.idToPickerState, id)
+}
+
+// UpdateState is called to report a balancer state change from sub-balancer.
+// It's usually called by the balancer group.
+//
+// It calls parent ClientConn's UpdateState with the new aggregated state.
+func (bsa *balancerStateAggregator) UpdateState(id string, state balancer.State) {
+	bsa.mu.Lock()
+	defer bsa.mu.Unlock()
+	pickerSt, ok := bsa.idToPickerState[id]
+	if !ok {
+		// All state starts with an entry in pickStateMap. If ID is not in map,
+		// it's either removed, or never existed.
+		return
+	}
+	if !(pickerSt.state.ConnectivityState == connectivity.TransientFailure && state.ConnectivityState == connectivity.Connecting) {
+		// If old state is TransientFailure, and new state is Connecting, don't
+		// update the state, to prevent the aggregated state from being always
+		// CONNECTING. Otherwise, stateToAggregate is the same as
+		// state.ConnectivityState.
+		pickerSt.stateToAggregate = state.ConnectivityState
+	}
+	pickerSt.state = state
+
+	if !bsa.started {
+		return
+	}
+	bsa.cc.UpdateState(bsa.build())
+}
+
+// clearState Reset everything to init state (Connecting) but keep the entry in
+// map (to keep the weight).
+//
+// Caller must hold bsa.mu.
+func (bsa *balancerStateAggregator) clearStates() {
+	for _, pState := range bsa.idToPickerState {
+		pState.state = balancer.State{
+			ConnectivityState: connectivity.Connecting,
+			Picker:            base.NewErrPicker(balancer.ErrNoSubConnAvailable),
+		}
+		pState.stateToAggregate = connectivity.Connecting
+	}
+}
+
+// buildAndUpdate combines the sub-state from each sub-balancer into one state,
+// and update it to parent ClientConn.
+func (bsa *balancerStateAggregator) buildAndUpdate() {
+	bsa.mu.Lock()
+	defer bsa.mu.Unlock()
+	if !bsa.started {
+		return
+	}
+	bsa.cc.UpdateState(bsa.build())
+}
+
+// build combines sub-states into one. The picker will do a child pick.
+//
+// Caller must hold bsa.mu.
+func (bsa *balancerStateAggregator) build() balancer.State {
+	// TODO: the majority of this function (and UpdateState) is exactly the same
+	// as weighted_target's state aggregator. Try to make a general utility
+	// function/struct to handle the logic.
+	//
+	// One option: make a SubBalancerState that handles Update(State), including
+	// handling the special connecting after ready, as in UpdateState(). Then a
+	// function to calculate the aggregated connectivity state as in this
+	// function.
+	var readyN, connectingN int
+	for _, ps := range bsa.idToPickerState {
+		switch ps.stateToAggregate {
+		case connectivity.Ready:
+			readyN++
+		case connectivity.Connecting:
+			connectingN++
+		}
+	}
+	var aggregatedState connectivity.State
+	switch {
+	case readyN > 0:
+		aggregatedState = connectivity.Ready
+	case connectingN > 0:
+		aggregatedState = connectivity.Connecting
+	default:
+		aggregatedState = connectivity.TransientFailure
+	}
+
+	// The picker's return error might not be consistent with the
+	// aggregatedState. Because for this LB policy, we want to always build
+	// picker with all sub-pickers (not only ready sub-pickers), so even if the
+	// overall state is Ready, pick for certain RPCs can behave like Connecting
+	// or TransientFailure.
+	bsa.logger.Infof("Child pickers: %+v", bsa.idToPickerState)
+	return balancer.State{
+		ConnectivityState: aggregatedState,
+		Picker:            newPickerGroup(bsa.idToPickerState),
+	}
+}
diff --git a/vendor/google.golang.org/grpc/xds/internal/balancer/clustermanager/clustermanager.go b/vendor/google.golang.org/grpc/xds/internal/balancer/clustermanager/clustermanager.go
new file mode 100644
index 00000000000..b4ae3710cd2
--- /dev/null
+++ b/vendor/google.golang.org/grpc/xds/internal/balancer/clustermanager/clustermanager.go
@@ -0,0 +1,144 @@
+/*
+ *
+ * Copyright 2020 gRPC authors.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ */
+
+// Package clustermanager implements the cluster manager LB policy for xds.
+package clustermanager
+
+import (
+	"encoding/json"
+	"fmt"
+
+	"google.golang.org/grpc/balancer"
+	"google.golang.org/grpc/grpclog"
+	internalgrpclog "google.golang.org/grpc/internal/grpclog"
+	"google.golang.org/grpc/internal/hierarchy"
+	"google.golang.org/grpc/resolver"
+	"google.golang.org/grpc/serviceconfig"
+	"google.golang.org/grpc/xds/internal/balancer/balancergroup"
+)
+
+const balancerName = "xds_cluster_manager_experimental"
+
+func init() {
+	balancer.Register(builder{})
+}
+
+type builder struct{}
+
+func (builder) Build(cc balancer.ClientConn, opts balancer.BuildOptions) balancer.Balancer {
+	b := &bal{}
+	b.logger = prefixLogger(b)
+	b.stateAggregator = newBalancerStateAggregator(cc, b.logger)
+	b.stateAggregator.start()
+	b.bg = balancergroup.New(cc, opts, b.stateAggregator, nil, b.logger)
+	b.bg.Start()
+	b.logger.Infof("Created")
+	return b
+}
+
+func (builder) Name() string {
+	return balancerName
+}
+
+func (builder) ParseConfig(c json.RawMessage) (serviceconfig.LoadBalancingConfig, error) {
+	return parseConfig(c)
+}
+
+type bal struct {
+	logger *internalgrpclog.PrefixLogger
+
+	// TODO: make this package not dependent on xds specific code. Same as for
+	// weighted target balancer.
+	bg              *balancergroup.BalancerGroup
+	stateAggregator *balancerStateAggregator
+
+	children map[string]childConfig
+}
+
+func (b *bal) updateChildren(s balancer.ClientConnState, newConfig *lbConfig) {
+	update := false
+	addressesSplit := hierarchy.Group(s.ResolverState.Addresses)
+
+	// Remove sub-pickers and sub-balancers that are not in the new cluster list.
+	for name := range b.children {
+		if _, ok := newConfig.Children[name]; !ok {
+			b.stateAggregator.remove(name)
+			b.bg.Remove(name)
+			update = true
+		}
+	}
+
+	// For sub-balancers in the new cluster list,
+	// - add to balancer group if it's new,
+	// - forward the address/balancer config update.
+	for name, newT := range newConfig.Children {
+		if _, ok := b.children[name]; !ok {
+			// If this is a new sub-balancer, add it to the picker map.
+			b.stateAggregator.add(name)
+			// Then add to the balancer group.
+			b.bg.Add(name, balancer.Get(newT.ChildPolicy.Name))
+		}
+		// TODO: handle error? How to aggregate errors and return?
+		_ = b.bg.UpdateClientConnState(name, balancer.ClientConnState{
+			ResolverState: resolver.State{
+				Addresses:     addressesSplit[name],
+				ServiceConfig: s.ResolverState.ServiceConfig,
+				Attributes:    s.ResolverState.Attributes,
+			},
+			BalancerConfig: newT.ChildPolicy.Config,
+		})
+	}
+
+	b.children = newConfig.Children
+	if update {
+		b.stateAggregator.buildAndUpdate()
+	}
+}
+
+func (b *bal) UpdateClientConnState(s balancer.ClientConnState) error {
+	newConfig, ok := s.BalancerConfig.(*lbConfig)
+	if !ok {
+		return fmt.Errorf("unexpected balancer config with type: %T", s.BalancerConfig)
+	}
+	b.logger.Infof("update with config %+v, resolver state %+v", s.BalancerConfig, s.ResolverState)
+
+	b.updateChildren(s, newConfig)
+	return nil
+}
+
+func (b *bal) ResolverError(err error) {
+	b.bg.ResolverError(err)
+}
+
+func (b *bal) UpdateSubConnState(sc balancer.SubConn, state balancer.SubConnState) {
+	b.bg.UpdateSubConnState(sc, state)
+}
+
+func (b *bal) Close() {
+	b.stateAggregator.close()
+	b.bg.Close()
+	b.logger.Infof("Shutdown")
+}
+
+const prefix = "[xds-cluster-manager-lb %p] "
+
+var logger = grpclog.Component("xds")
+
+func prefixLogger(p *bal) *internalgrpclog.PrefixLogger {
+	return internalgrpclog.NewPrefixLogger(logger, fmt.Sprintf(prefix, p))
+}
diff --git a/vendor/google.golang.org/grpc/xds/internal/balancer/clustermanager/config.go b/vendor/google.golang.org/grpc/xds/internal/balancer/clustermanager/config.go
new file mode 100644
index 00000000000..3a5625ff19e
--- /dev/null
+++ b/vendor/google.golang.org/grpc/xds/internal/balancer/clustermanager/config.go
@@ -0,0 +1,46 @@
+/*
+ *
+ * Copyright 2020 gRPC authors.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ */
+
+package clustermanager
+
+import (
+	"encoding/json"
+
+	internalserviceconfig "google.golang.org/grpc/internal/serviceconfig"
+	"google.golang.org/grpc/serviceconfig"
+)
+
+type childConfig struct {
+	// ChildPolicy is the child policy and it's config.
+	ChildPolicy *internalserviceconfig.BalancerConfig
+}
+
+// lbConfig is the balancer config for xds routing policy.
+type lbConfig struct {
+	serviceconfig.LoadBalancingConfig
+	Children map[string]childConfig
+}
+
+func parseConfig(c json.RawMessage) (*lbConfig, error) {
+	cfg := &lbConfig{}
+	if err := json.Unmarshal(c, cfg); err != nil {
+		return nil, err
+	}
+
+	return cfg, nil
+}
diff --git a/vendor/google.golang.org/grpc/xds/internal/balancer/clustermanager/picker.go b/vendor/google.golang.org/grpc/xds/internal/balancer/clustermanager/picker.go
new file mode 100644
index 00000000000..015cd2b7af4
--- /dev/null
+++ b/vendor/google.golang.org/grpc/xds/internal/balancer/clustermanager/picker.go
@@ -0,0 +1,70 @@
+/*
+ *
+ * Copyright 2020 gRPC authors.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ */
+
+package clustermanager
+
+import (
+	"context"
+
+	"google.golang.org/grpc/balancer"
+	"google.golang.org/grpc/codes"
+	"google.golang.org/grpc/status"
+)
+
+// pickerGroup contains a list of pickers. If the picker isn't ready, the pick
+// will be queued.
+type pickerGroup struct {
+	pickers map[string]balancer.Picker
+}
+
+func newPickerGroup(idToPickerState map[string]*subBalancerState) *pickerGroup {
+	pickers := make(map[string]balancer.Picker)
+	for id, st := range idToPickerState {
+		pickers[id] = st.state.Picker
+	}
+	return &pickerGroup{
+		pickers: pickers,
+	}
+}
+
+func (pg *pickerGroup) Pick(info balancer.PickInfo) (balancer.PickResult, error) {
+	cluster := getPickedCluster(info.Ctx)
+	if p := pg.pickers[cluster]; p != nil {
+		return p.Pick(info)
+	}
+	return balancer.PickResult{}, status.Errorf(codes.Unavailable, "unknown cluster selected for RPC: %q", cluster)
+}
+
+type clusterKey struct{}
+
+func getPickedCluster(ctx context.Context) string {
+	cluster, _ := ctx.Value(clusterKey{}).(string)
+	return cluster
+}
+
+// GetPickedClusterForTesting returns the cluster in the context; to be used
+// for testing only.
+func GetPickedClusterForTesting(ctx context.Context) string {
+	return getPickedCluster(ctx)
+}
+
+// SetPickedCluster adds the selected cluster to the context for the
+// xds_cluster_manager LB policy to pick.
+func SetPickedCluster(ctx context.Context, cluster string) context.Context {
+	return context.WithValue(ctx, clusterKey{}, cluster)
+}
diff --git a/vendor/google.golang.org/grpc/xds/internal/balancer/edsbalancer/config.go b/vendor/google.golang.org/grpc/xds/internal/balancer/edsbalancer/config.go
new file mode 100644
index 00000000000..11c1338c81f
--- /dev/null
+++ b/vendor/google.golang.org/grpc/xds/internal/balancer/edsbalancer/config.go
@@ -0,0 +1,124 @@
+/*
+ *
+ * Copyright 2019 gRPC authors.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package edsbalancer
+
+import (
+	"encoding/json"
+	"fmt"
+
+	"google.golang.org/grpc/balancer"
+	"google.golang.org/grpc/serviceconfig"
+)
+
+// EDSConfig represents the loadBalancingConfig section of the service config
+// for EDS balancers.
+type EDSConfig struct {
+	serviceconfig.LoadBalancingConfig
+	// ChildPolicy represents the load balancing config for the child
+	// policy.
+	ChildPolicy *loadBalancingConfig
+	// FallBackPolicy represents the load balancing config for the
+	// fallback.
+	FallBackPolicy *loadBalancingConfig
+	// Name to use in EDS query.  If not present, defaults to the server
+	// name from the target URI.
+	EDSServiceName string
+	// MaxConcurrentRequests is the max number of concurrent request allowed for
+	// this service. If unset, default value 1024 is used.
+	//
+	// Note that this is not defined in the service config proto. And the reason
+	// is, we are dropping EDS and moving the features into cluster_impl. But in
+	// the mean time, to keep things working, we need to add this field. And it
+	// should be fine to add this extra field here, because EDS is only used in
+	// CDS today, so we have full control.
+	MaxConcurrentRequests *uint32
+	// LRS server to send load reports to.  If not present, load reporting
+	// will be disabled.  If set to the empty string, load reporting will
+	// be sent to the same server that we obtained CDS data from.
+	LrsLoadReportingServerName *string
+}
+
+// edsConfigJSON is the intermediate unmarshal result of EDSConfig. ChildPolicy
+// and Fallbackspolicy are post-processed, and for each, the first installed
+// policy is kept.
+type edsConfigJSON struct {
+	ChildPolicy                []*loadBalancingConfig
+	FallbackPolicy             []*loadBalancingConfig
+	EDSServiceName             string
+	MaxConcurrentRequests      *uint32
+	LRSLoadReportingServerName *string
+}
+
+// UnmarshalJSON parses the JSON-encoded byte slice in data and stores it in l.
+// When unmarshalling, we iterate through the childPolicy/fallbackPolicy lists
+// and select the first LB policy which has been registered.
+func (l *EDSConfig) UnmarshalJSON(data []byte) error {
+	var configJSON edsConfigJSON
+	if err := json.Unmarshal(data, &configJSON); err != nil {
+		return err
+	}
+
+	l.EDSServiceName = configJSON.EDSServiceName
+	l.MaxConcurrentRequests = configJSON.MaxConcurrentRequests
+	l.LrsLoadReportingServerName = configJSON.LRSLoadReportingServerName
+
+	for _, lbcfg := range configJSON.ChildPolicy {
+		if balancer.Get(lbcfg.Name) != nil {
+			l.ChildPolicy = lbcfg
+			break
+		}
+	}
+
+	for _, lbcfg := range configJSON.FallbackPolicy {
+		if balancer.Get(lbcfg.Name) != nil {
+			l.FallBackPolicy = lbcfg
+			break
+		}
+	}
+	return nil
+}
+
+// MarshalJSON returns a JSON encoding of l.
+func (l *EDSConfig) MarshalJSON() ([]byte, error) {
+	return nil, fmt.Errorf("EDSConfig.MarshalJSON() is unimplemented")
+}
+
+// loadBalancingConfig represents a single load balancing config,
+// stored in JSON format.
+type loadBalancingConfig struct {
+	Name   string
+	Config json.RawMessage
+}
+
+// MarshalJSON returns a JSON encoding of l.
+func (l *loadBalancingConfig) MarshalJSON() ([]byte, error) {
+	return nil, fmt.Errorf("loadBalancingConfig.MarshalJSON() is unimplemented")
+}
+
+// UnmarshalJSON parses the JSON-encoded byte slice in data and stores it in l.
+func (l *loadBalancingConfig) UnmarshalJSON(data []byte) error {
+	var cfg map[string]json.RawMessage
+	if err := json.Unmarshal(data, &cfg); err != nil {
+		return err
+	}
+	for name, config := range cfg {
+		l.Name = name
+		l.Config = config
+	}
+	return nil
+}
diff --git a/vendor/google.golang.org/grpc/xds/internal/balancer/edsbalancer/eds.go b/vendor/google.golang.org/grpc/xds/internal/balancer/edsbalancer/eds.go
new file mode 100644
index 00000000000..d1a226e9898
--- /dev/null
+++ b/vendor/google.golang.org/grpc/xds/internal/balancer/edsbalancer/eds.go
@@ -0,0 +1,400 @@
+/*
+ *
+ * Copyright 2019 gRPC authors.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ */
+
+// Package edsbalancer contains EDS balancer implementation.
+package edsbalancer
+
+import (
+	"encoding/json"
+	"fmt"
+
+	"github.com/google/go-cmp/cmp"
+	"github.com/google/go-cmp/cmp/cmpopts"
+
+	"google.golang.org/grpc/balancer"
+	"google.golang.org/grpc/balancer/roundrobin"
+	"google.golang.org/grpc/connectivity"
+	"google.golang.org/grpc/internal/buffer"
+	"google.golang.org/grpc/internal/grpclog"
+	"google.golang.org/grpc/internal/grpcsync"
+	"google.golang.org/grpc/serviceconfig"
+	xdsclient "google.golang.org/grpc/xds/internal/client"
+	"google.golang.org/grpc/xds/internal/client/load"
+)
+
+const edsName = "eds_experimental"
+
+// xdsClientInterface contains only the xds_client methods needed by EDS
+// balancer. It's defined so we can override xdsclient.New function in tests.
+type xdsClientInterface interface {
+	WatchEndpoints(clusterName string, edsCb func(xdsclient.EndpointsUpdate, error)) (cancel func())
+	ReportLoad(server string) (loadStore *load.Store, cancel func())
+	Close()
+}
+
+var (
+	newEDSBalancer = func(cc balancer.ClientConn, opts balancer.BuildOptions, enqueueState func(priorityType, balancer.State), lw load.PerClusterReporter, logger *grpclog.PrefixLogger) edsBalancerImplInterface {
+		return newEDSBalancerImpl(cc, opts, enqueueState, lw, logger)
+	}
+	newXDSClient = func() (xdsClientInterface, error) { return xdsclient.New() }
+)
+
+func init() {
+	balancer.Register(&edsBalancerBuilder{})
+}
+
+type edsBalancerBuilder struct{}
+
+// Build helps implement the balancer.Builder interface.
+func (b *edsBalancerBuilder) Build(cc balancer.ClientConn, opts balancer.BuildOptions) balancer.Balancer {
+	x := &edsBalancer{
+		cc:                cc,
+		closed:            grpcsync.NewEvent(),
+		done:              grpcsync.NewEvent(),
+		grpcUpdate:        make(chan interface{}),
+		xdsClientUpdate:   make(chan *edsUpdate),
+		childPolicyUpdate: buffer.NewUnbounded(),
+		lsw:               &loadStoreWrapper{},
+		config:            &EDSConfig{},
+	}
+	x.logger = prefixLogger(x)
+
+	client, err := newXDSClient()
+	if err != nil {
+		x.logger.Errorf("xds: failed to create xds-client: %v", err)
+		return nil
+	}
+
+	x.xdsClient = client
+	x.edsImpl = newEDSBalancer(x.cc, opts, x.enqueueChildBalancerState, x.lsw, x.logger)
+	x.logger.Infof("Created")
+	go x.run()
+	return x
+}
+
+func (b *edsBalancerBuilder) Name() string {
+	return edsName
+}
+
+func (b *edsBalancerBuilder) ParseConfig(c json.RawMessage) (serviceconfig.LoadBalancingConfig, error) {
+	var cfg EDSConfig
+	if err := json.Unmarshal(c, &cfg); err != nil {
+		return nil, fmt.Errorf("unable to unmarshal balancer config %s into EDSConfig, error: %v", string(c), err)
+	}
+	return &cfg, nil
+}
+
+// edsBalancerImplInterface defines the interface that edsBalancerImpl must
+// implement to communicate with edsBalancer.
+//
+// It's implemented by the real eds balancer and a fake testing eds balancer.
+type edsBalancerImplInterface interface {
+	// handleEDSResponse passes the received EDS message from traffic director
+	// to eds balancer.
+	handleEDSResponse(edsResp xdsclient.EndpointsUpdate)
+	// handleChildPolicy updates the eds balancer the intra-cluster load
+	// balancing policy to use.
+	handleChildPolicy(name string, config json.RawMessage)
+	// handleSubConnStateChange handles state change for SubConn.
+	handleSubConnStateChange(sc balancer.SubConn, state connectivity.State)
+	// updateState handle a balancer state update from the priority.
+	updateState(priority priorityType, s balancer.State)
+	// updateServiceRequestsConfig updates the service requests counter to the
+	// one for the given service name.
+	updateServiceRequestsConfig(serviceName string, max *uint32)
+	// updateClusterName updates the cluster name that will be attached to the
+	// address attributes.
+	updateClusterName(name string)
+	// close closes the eds balancer.
+	close()
+}
+
+// edsBalancer manages xdsClient and the actual EDS balancer implementation that
+// does load balancing.
+//
+// It currently has only an edsBalancer. Later, we may add fallback.
+type edsBalancer struct {
+	cc     balancer.ClientConn
+	closed *grpcsync.Event
+	done   *grpcsync.Event
+	logger *grpclog.PrefixLogger
+
+	// edsBalancer continuously monitors the channels below, and will handle
+	// events from them in sync.
+	grpcUpdate        chan interface{}
+	xdsClientUpdate   chan *edsUpdate
+	childPolicyUpdate *buffer.Unbounded
+
+	xdsClient xdsClientInterface
+	lsw       *loadStoreWrapper
+	config    *EDSConfig // may change when passed a different service config
+	edsImpl   edsBalancerImplInterface
+
+	// edsServiceName is the edsServiceName currently being watched, not
+	// necessary the edsServiceName from service config.
+	edsServiceName       string
+	cancelEndpointsWatch func()
+	loadReportServer     *string // LRS is disabled if loadReporterServer is nil.
+	cancelLoadReport     func()
+}
+
+// run gets executed in a goroutine once edsBalancer is created. It monitors
+// updates from grpc, xdsClient and load balancer. It synchronizes the
+// operations that happen inside edsBalancer. It exits when edsBalancer is
+// closed.
+func (x *edsBalancer) run() {
+	for {
+		select {
+		case update := <-x.grpcUpdate:
+			x.handleGRPCUpdate(update)
+		case update := <-x.xdsClientUpdate:
+			x.handleXDSClientUpdate(update)
+		case update := <-x.childPolicyUpdate.Get():
+			x.childPolicyUpdate.Load()
+			u := update.(*balancerStateWithPriority)
+			x.edsImpl.updateState(u.priority, u.s)
+		case <-x.closed.Done():
+			x.cancelWatch()
+			x.xdsClient.Close()
+			x.edsImpl.close()
+			x.logger.Infof("Shutdown")
+			x.done.Fire()
+			return
+		}
+	}
+}
+
+// handleErrorFromUpdate handles both the error from parent ClientConn (from CDS
+// balancer) and the error from xds client (from the watcher). fromParent is
+// true if error is from parent ClientConn.
+//
+// If the error is connection error, it should be handled for fallback purposes.
+//
+// If the error is resource-not-found:
+// - If it's from CDS balancer (shows as a resolver error), it means LDS or CDS
+// resources were removed. The EDS watch should be canceled.
+// - If it's from xds client, it means EDS resource were removed. The EDS
+// watcher should keep watching.
+// In both cases, the sub-balancers will be closed, and the future picks will
+// fail.
+func (x *edsBalancer) handleErrorFromUpdate(err error, fromParent bool) {
+	x.logger.Warningf("Received error: %v", err)
+	if xdsclient.ErrType(err) == xdsclient.ErrorTypeResourceNotFound {
+		if fromParent {
+			// This is an error from the parent ClientConn (can be the parent
+			// CDS balancer), and is a resource-not-found error. This means the
+			// resource (can be either LDS or CDS) was removed. Stop the EDS
+			// watch.
+			x.cancelWatch()
+		}
+		x.edsImpl.handleEDSResponse(xdsclient.EndpointsUpdate{})
+	}
+}
+
+func (x *edsBalancer) handleGRPCUpdate(update interface{}) {
+	switch u := update.(type) {
+	case *subConnStateUpdate:
+		x.edsImpl.handleSubConnStateChange(u.sc, u.state.ConnectivityState)
+	case *balancer.ClientConnState:
+		x.logger.Infof("Receive update from resolver, balancer config: %+v", u.BalancerConfig)
+		cfg, _ := u.BalancerConfig.(*EDSConfig)
+		if cfg == nil {
+			// service config parsing failed. should never happen.
+			return
+		}
+
+		if err := x.handleServiceConfigUpdate(cfg); err != nil {
+			x.logger.Warningf("failed to update xDS client: %v", err)
+		}
+
+		x.edsImpl.updateServiceRequestsConfig(cfg.EDSServiceName, cfg.MaxConcurrentRequests)
+
+		// We will update the edsImpl with the new child policy, if we got a
+		// different one.
+		if !cmp.Equal(cfg.ChildPolicy, x.config.ChildPolicy, cmpopts.EquateEmpty()) {
+			if cfg.ChildPolicy != nil {
+				x.edsImpl.handleChildPolicy(cfg.ChildPolicy.Name, cfg.ChildPolicy.Config)
+			} else {
+				x.edsImpl.handleChildPolicy(roundrobin.Name, nil)
+			}
+		}
+		x.config = cfg
+	case error:
+		x.handleErrorFromUpdate(u, true)
+	default:
+		// unreachable path
+		x.logger.Errorf("wrong update type: %T", update)
+	}
+}
+
+// handleServiceConfigUpdate applies the service config update, watching a new
+// EDS service name and restarting LRS stream, as required.
+func (x *edsBalancer) handleServiceConfigUpdate(config *EDSConfig) error {
+	// Restart EDS watch when the edsServiceName has changed.
+	if x.edsServiceName != config.EDSServiceName {
+		x.edsServiceName = config.EDSServiceName
+		x.startEndpointsWatch()
+		// TODO: this update for the LRS service name is too early. It should
+		// only apply to the new EDS response. But this is applied to the RPCs
+		// before the new EDS response. To fully fix this, the EDS balancer
+		// needs to do a graceful switch to another EDS implementation.
+		//
+		// This is OK for now, because we don't actually expect edsServiceName
+		// to change. Fix this (a bigger change) will happen later.
+		x.lsw.updateServiceName(x.edsServiceName)
+		x.edsImpl.updateClusterName(x.edsServiceName)
+	}
+
+	// Restart load reporting when the loadReportServer name has changed.
+	if !equalStringPointers(x.loadReportServer, config.LrsLoadReportingServerName) {
+		loadStore := x.startLoadReport(config.LrsLoadReportingServerName)
+		x.lsw.updateLoadStore(loadStore)
+	}
+
+	return nil
+}
+
+// startEndpointsWatch starts the EDS watch.
+//
+// This usually means load report needs to be restarted, but this function does
+// NOT do that. Caller needs to call startLoadReport separately.
+func (x *edsBalancer) startEndpointsWatch() {
+	if x.cancelEndpointsWatch != nil {
+		x.cancelEndpointsWatch()
+	}
+	cancelEDSWatch := x.xdsClient.WatchEndpoints(x.edsServiceName, func(update xdsclient.EndpointsUpdate, err error) {
+		x.logger.Infof("Watch update from xds-client %p, content: %+v", x.xdsClient, update)
+		x.handleEDSUpdate(update, err)
+	})
+	x.logger.Infof("Watch started on resource name %v with xds-client %p", x.edsServiceName, x.xdsClient)
+	x.cancelEndpointsWatch = func() {
+		cancelEDSWatch()
+		x.logger.Infof("Watch cancelled on resource name %v with xds-client %p", x.edsServiceName, x.xdsClient)
+	}
+}
+
+func (x *edsBalancer) cancelWatch() {
+	x.loadReportServer = nil
+	if x.cancelLoadReport != nil {
+		x.cancelLoadReport()
+	}
+	x.edsServiceName = ""
+	if x.cancelEndpointsWatch != nil {
+		x.cancelEndpointsWatch()
+	}
+}
+
+// startLoadReport starts load reporting. If there's already a load reporting in
+// progress, it cancels that.
+//
+// Caller can cal this when the loadReportServer name changes, but
+// edsServiceName doesn't (so we only need to restart load reporting, not EDS
+// watch).
+func (x *edsBalancer) startLoadReport(loadReportServer *string) *load.Store {
+	x.loadReportServer = loadReportServer
+	if x.cancelLoadReport != nil {
+		x.cancelLoadReport()
+	}
+	if loadReportServer == nil {
+		return nil
+	}
+	ls, cancel := x.xdsClient.ReportLoad(*loadReportServer)
+	x.cancelLoadReport = cancel
+	return ls
+}
+
+func (x *edsBalancer) handleXDSClientUpdate(update *edsUpdate) {
+	if err := update.err; err != nil {
+		x.handleErrorFromUpdate(err, false)
+		return
+	}
+	x.edsImpl.handleEDSResponse(update.resp)
+}
+
+type subConnStateUpdate struct {
+	sc    balancer.SubConn
+	state balancer.SubConnState
+}
+
+func (x *edsBalancer) UpdateSubConnState(sc balancer.SubConn, state balancer.SubConnState) {
+	update := &subConnStateUpdate{
+		sc:    sc,
+		state: state,
+	}
+	select {
+	case x.grpcUpdate <- update:
+	case <-x.closed.Done():
+	}
+}
+
+func (x *edsBalancer) ResolverError(err error) {
+	select {
+	case x.grpcUpdate <- err:
+	case <-x.closed.Done():
+	}
+}
+
+func (x *edsBalancer) UpdateClientConnState(s balancer.ClientConnState) error {
+	select {
+	case x.grpcUpdate <- &s:
+	case <-x.closed.Done():
+	}
+	return nil
+}
+
+type edsUpdate struct {
+	resp xdsclient.EndpointsUpdate
+	err  error
+}
+
+func (x *edsBalancer) handleEDSUpdate(resp xdsclient.EndpointsUpdate, err error) {
+	select {
+	case x.xdsClientUpdate <- &edsUpdate{resp: resp, err: err}:
+	case <-x.closed.Done():
+	}
+}
+
+type balancerStateWithPriority struct {
+	priority priorityType
+	s        balancer.State
+}
+
+func (x *edsBalancer) enqueueChildBalancerState(p priorityType, s balancer.State) {
+	x.childPolicyUpdate.Put(&balancerStateWithPriority{
+		priority: p,
+		s:        s,
+	})
+}
+
+func (x *edsBalancer) Close() {
+	x.closed.Fire()
+	<-x.done.Done()
+}
+
+// equalStringPointers returns true if
+// - a and b are both nil OR
+// - *a == *b (and a and b are both non-nil)
+func equalStringPointers(a, b *string) bool {
+	if a == nil && b == nil {
+		return true
+	}
+	if a == nil || b == nil {
+		return false
+	}
+	return *a == *b
+}
diff --git a/vendor/google.golang.org/grpc/xds/internal/balancer/edsbalancer/eds_impl.go b/vendor/google.golang.org/grpc/xds/internal/balancer/edsbalancer/eds_impl.go
new file mode 100644
index 00000000000..63b75caae8f
--- /dev/null
+++ b/vendor/google.golang.org/grpc/xds/internal/balancer/edsbalancer/eds_impl.go
@@ -0,0 +1,601 @@
+/*
+ * Copyright 2019 gRPC authors.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package edsbalancer
+
+import (
+	"encoding/json"
+	"reflect"
+	"sync"
+	"time"
+
+	"github.com/google/go-cmp/cmp"
+	"google.golang.org/grpc/balancer"
+	"google.golang.org/grpc/balancer/base"
+	"google.golang.org/grpc/balancer/roundrobin"
+	"google.golang.org/grpc/balancer/weightedroundrobin"
+	"google.golang.org/grpc/codes"
+	"google.golang.org/grpc/connectivity"
+	"google.golang.org/grpc/internal"
+	"google.golang.org/grpc/internal/grpclog"
+	"google.golang.org/grpc/internal/xds/env"
+	"google.golang.org/grpc/resolver"
+	"google.golang.org/grpc/status"
+	xdsi "google.golang.org/grpc/xds/internal"
+	"google.golang.org/grpc/xds/internal/balancer/balancergroup"
+	"google.golang.org/grpc/xds/internal/balancer/weightedtarget/weightedaggregator"
+	"google.golang.org/grpc/xds/internal/client"
+	xdsclient "google.golang.org/grpc/xds/internal/client"
+	"google.golang.org/grpc/xds/internal/client/load"
+)
+
+// TODO: make this a environment variable?
+var defaultPriorityInitTimeout = 10 * time.Second
+
+const defaultServiceRequestCountMax = 1024
+
+type localityConfig struct {
+	weight uint32
+	addrs  []resolver.Address
+}
+
+// balancerGroupWithConfig contains the localities with the same priority. It
+// manages all localities using a balancerGroup.
+type balancerGroupWithConfig struct {
+	bg              *balancergroup.BalancerGroup
+	stateAggregator *weightedaggregator.Aggregator
+	configs         map[xdsi.LocalityID]*localityConfig
+}
+
+// edsBalancerImpl does load balancing based on the EDS responses. Note that it
+// doesn't implement the balancer interface. It's intended to be used by a high
+// level balancer implementation.
+//
+// The localities are picked as weighted round robin. A configurable child
+// policy is used to manage endpoints in each locality.
+type edsBalancerImpl struct {
+	cc           balancer.ClientConn
+	buildOpts    balancer.BuildOptions
+	logger       *grpclog.PrefixLogger
+	loadReporter load.PerClusterReporter
+
+	enqueueChildBalancerStateUpdate func(priorityType, balancer.State)
+
+	subBalancerBuilder   balancer.Builder
+	priorityToLocalities map[priorityType]*balancerGroupWithConfig
+	respReceived         bool
+
+	// There's no need to hold any mutexes at the same time. The order to take
+	// mutex should be: priorityMu > subConnMu, but this is implicit via
+	// balancers (starting balancer with next priority while holding priorityMu,
+	// and the balancer may create new SubConn).
+
+	priorityMu sync.Mutex
+	// priorities are pointers, and will be nil when EDS returns empty result.
+	priorityInUse   priorityType
+	priorityLowest  priorityType
+	priorityToState map[priorityType]*balancer.State
+	// The timer to give a priority 10 seconds to connect. And if the priority
+	// doesn't go into Ready/Failure, start the next priority.
+	//
+	// One timer is enough because there can be at most one priority in init
+	// state.
+	priorityInitTimer *time.Timer
+
+	subConnMu         sync.Mutex
+	subConnToPriority map[balancer.SubConn]priorityType
+
+	pickerMu               sync.Mutex
+	dropConfig             []xdsclient.OverloadDropConfig
+	drops                  []*dropper
+	innerState             balancer.State // The state of the picker without drop support.
+	serviceRequestsCounter *client.ServiceRequestsCounter
+	serviceRequestCountMax uint32
+
+	clusterNameMu sync.Mutex
+	clusterName   string
+}
+
+// newEDSBalancerImpl create a new edsBalancerImpl.
+func newEDSBalancerImpl(cc balancer.ClientConn, bOpts balancer.BuildOptions, enqueueState func(priorityType, balancer.State), lr load.PerClusterReporter, logger *grpclog.PrefixLogger) *edsBalancerImpl {
+	edsImpl := &edsBalancerImpl{
+		cc:                 cc,
+		buildOpts:          bOpts,
+		logger:             logger,
+		subBalancerBuilder: balancer.Get(roundrobin.Name),
+		loadReporter:       lr,
+
+		enqueueChildBalancerStateUpdate: enqueueState,
+
+		priorityToLocalities:   make(map[priorityType]*balancerGroupWithConfig),
+		priorityToState:        make(map[priorityType]*balancer.State),
+		subConnToPriority:      make(map[balancer.SubConn]priorityType),
+		serviceRequestCountMax: defaultServiceRequestCountMax,
+	}
+	// Don't start balancer group here. Start it when handling the first EDS
+	// response. Otherwise the balancer group will be started with round-robin,
+	// and if users specify a different sub-balancer, all balancers in balancer
+	// group will be closed and recreated when sub-balancer update happens.
+	return edsImpl
+}
+
+// handleChildPolicy updates the child balancers handling endpoints. Child
+// policy is roundrobin by default. If the specified balancer is not installed,
+// the old child balancer will be used.
+//
+// HandleChildPolicy and HandleEDSResponse must be called by the same goroutine.
+func (edsImpl *edsBalancerImpl) handleChildPolicy(name string, config json.RawMessage) {
+	if edsImpl.subBalancerBuilder.Name() == name {
+		return
+	}
+	newSubBalancerBuilder := balancer.Get(name)
+	if newSubBalancerBuilder == nil {
+		edsImpl.logger.Infof("edsBalancerImpl: failed to find balancer with name %q, keep using %q", name, edsImpl.subBalancerBuilder.Name())
+		return
+	}
+	edsImpl.subBalancerBuilder = newSubBalancerBuilder
+	for _, bgwc := range edsImpl.priorityToLocalities {
+		if bgwc == nil {
+			continue
+		}
+		for lid, config := range bgwc.configs {
+			lidJSON, err := lid.ToString()
+			if err != nil {
+				edsImpl.logger.Errorf("failed to marshal LocalityID: %#v, skipping this locality", lid)
+				continue
+			}
+			// TODO: (eds) add support to balancer group to support smoothly
+			//  switching sub-balancers (keep old balancer around until new
+			//  balancer becomes ready).
+			bgwc.bg.Remove(lidJSON)
+			bgwc.bg.Add(lidJSON, edsImpl.subBalancerBuilder)
+			bgwc.bg.UpdateClientConnState(lidJSON, balancer.ClientConnState{
+				ResolverState: resolver.State{Addresses: config.addrs},
+			})
+			// This doesn't need to manually update picker, because the new
+			// sub-balancer will send it's picker later.
+		}
+	}
+}
+
+// updateDrops compares new drop policies with the old. If they are different,
+// it updates the drop policies and send ClientConn an updated picker.
+func (edsImpl *edsBalancerImpl) updateDrops(dropConfig []xdsclient.OverloadDropConfig) {
+	if cmp.Equal(dropConfig, edsImpl.dropConfig) {
+		return
+	}
+	edsImpl.pickerMu.Lock()
+	edsImpl.dropConfig = dropConfig
+	var newDrops []*dropper
+	for _, c := range edsImpl.dropConfig {
+		newDrops = append(newDrops, newDropper(c))
+	}
+	edsImpl.drops = newDrops
+	if edsImpl.innerState.Picker != nil {
+		// Update picker with old inner picker, new drops.
+		edsImpl.cc.UpdateState(balancer.State{
+			ConnectivityState: edsImpl.innerState.ConnectivityState,
+			Picker:            newDropPicker(edsImpl.innerState.Picker, newDrops, edsImpl.loadReporter, edsImpl.serviceRequestsCounter, edsImpl.serviceRequestCountMax)},
+		)
+	}
+	edsImpl.pickerMu.Unlock()
+}
+
+// handleEDSResponse handles the EDS response and creates/deletes localities and
+// SubConns. It also handles drops.
+//
+// HandleChildPolicy and HandleEDSResponse must be called by the same goroutine.
+func (edsImpl *edsBalancerImpl) handleEDSResponse(edsResp xdsclient.EndpointsUpdate) {
+	// TODO: Unhandled fields from EDS response:
+	//  - edsResp.GetPolicy().GetOverprovisioningFactor()
+	//  - locality.GetPriority()
+	//  - lbEndpoint.GetMetadata(): contains BNS name, send to sub-balancers
+	//    - as service config or as resolved address
+	//  - if socketAddress is not ip:port
+	//     - socketAddress.GetNamedPort(), socketAddress.GetResolverName()
+	//     - resolve endpoint's name with another resolver
+
+	// If the first EDS update is an empty update, nothing is changing from the
+	// previous update (which is the default empty value). We need to explicitly
+	// handle first update being empty, and send a transient failure picker.
+	//
+	// TODO: define Equal() on type EndpointUpdate to avoid DeepEqual. And do
+	// the same for the other types.
+	if !edsImpl.respReceived && reflect.DeepEqual(edsResp, xdsclient.EndpointsUpdate{}) {
+		edsImpl.cc.UpdateState(balancer.State{ConnectivityState: connectivity.TransientFailure, Picker: base.NewErrPicker(errAllPrioritiesRemoved)})
+	}
+	edsImpl.respReceived = true
+
+	edsImpl.updateDrops(edsResp.Drops)
+
+	// Filter out all localities with weight 0.
+	//
+	// Locality weighted load balancer can be enabled by setting an option in
+	// CDS, and the weight of each locality. Currently, without the guarantee
+	// that CDS is always sent, we assume locality weighted load balance is
+	// always enabled, and ignore all weight 0 localities.
+	//
+	// In the future, we should look at the config in CDS response and decide
+	// whether locality weight matters.
+	newLocalitiesWithPriority := make(map[priorityType][]xdsclient.Locality)
+	for _, locality := range edsResp.Localities {
+		if locality.Weight == 0 {
+			continue
+		}
+		priority := newPriorityType(locality.Priority)
+		newLocalitiesWithPriority[priority] = append(newLocalitiesWithPriority[priority], locality)
+	}
+
+	var (
+		priorityLowest  priorityType
+		priorityChanged bool
+	)
+
+	for priority, newLocalities := range newLocalitiesWithPriority {
+		if !priorityLowest.isSet() || priorityLowest.higherThan(priority) {
+			priorityLowest = priority
+		}
+
+		bgwc, ok := edsImpl.priorityToLocalities[priority]
+		if !ok {
+			// Create balancer group if it's never created (this is the first
+			// time this priority is received). We don't start it here. It may
+			// be started when necessary (e.g. when higher is down, or if it's a
+			// new lowest priority).
+			ccPriorityWrapper := edsImpl.ccWrapperWithPriority(priority)
+			stateAggregator := weightedaggregator.New(ccPriorityWrapper, edsImpl.logger, newRandomWRR)
+			bgwc = &balancerGroupWithConfig{
+				bg:              balancergroup.New(ccPriorityWrapper, edsImpl.buildOpts, stateAggregator, edsImpl.loadReporter, edsImpl.logger),
+				stateAggregator: stateAggregator,
+				configs:         make(map[xdsi.LocalityID]*localityConfig),
+			}
+			edsImpl.priorityToLocalities[priority] = bgwc
+			priorityChanged = true
+			edsImpl.logger.Infof("New priority %v added", priority)
+		}
+		edsImpl.handleEDSResponsePerPriority(bgwc, newLocalities)
+	}
+	edsImpl.priorityLowest = priorityLowest
+
+	// Delete priorities that are removed in the latest response, and also close
+	// the balancer group.
+	for p, bgwc := range edsImpl.priorityToLocalities {
+		if _, ok := newLocalitiesWithPriority[p]; !ok {
+			delete(edsImpl.priorityToLocalities, p)
+			bgwc.bg.Close()
+			delete(edsImpl.priorityToState, p)
+			priorityChanged = true
+			edsImpl.logger.Infof("Priority %v deleted", p)
+		}
+	}
+
+	// If priority was added/removed, it may affect the balancer group to use.
+	// E.g. priorityInUse was removed, or all priorities are down, and a new
+	// lower priority was added.
+	if priorityChanged {
+		edsImpl.handlePriorityChange()
+	}
+}
+
+func (edsImpl *edsBalancerImpl) handleEDSResponsePerPriority(bgwc *balancerGroupWithConfig, newLocalities []xdsclient.Locality) {
+	// newLocalitiesSet contains all names of localities in the new EDS response
+	// for the same priority. It's used to delete localities that are removed in
+	// the new EDS response.
+	newLocalitiesSet := make(map[xdsi.LocalityID]struct{})
+	var rebuildStateAndPicker bool
+	for _, locality := range newLocalities {
+		// One balancer for each locality.
+
+		lid := locality.ID
+		lidJSON, err := lid.ToString()
+		if err != nil {
+			edsImpl.logger.Errorf("failed to marshal LocalityID: %#v, skipping this locality", lid)
+			continue
+		}
+		newLocalitiesSet[lid] = struct{}{}
+
+		newWeight := locality.Weight
+		var newAddrs []resolver.Address
+		for _, lbEndpoint := range locality.Endpoints {
+			// Filter out all "unhealthy" endpoints (unknown and
+			// healthy are both considered to be healthy:
+			// https://www.envoyproxy.io/docs/envoy/latest/api-v2/api/v2/core/health_check.proto#envoy-api-enum-core-healthstatus).
+			if lbEndpoint.HealthStatus != xdsclient.EndpointHealthStatusHealthy &&
+				lbEndpoint.HealthStatus != xdsclient.EndpointHealthStatusUnknown {
+				continue
+			}
+
+			address := resolver.Address{
+				Addr: lbEndpoint.Address,
+			}
+			if edsImpl.subBalancerBuilder.Name() == weightedroundrobin.Name && lbEndpoint.Weight != 0 {
+				ai := weightedroundrobin.AddrInfo{Weight: lbEndpoint.Weight}
+				address = weightedroundrobin.SetAddrInfo(address, ai)
+				// Metadata field in resolver.Address is deprecated. The
+				// attributes field should be used to specify arbitrary
+				// attributes about the address. We still need to populate the
+				// Metadata field here to allow users of this field to migrate
+				// to the new one.
+				// TODO(easwars): Remove this once all users have migrated.
+				// See https://github.com/grpc/grpc-go/issues/3563.
+				address.Metadata = &ai
+			}
+			newAddrs = append(newAddrs, address)
+		}
+		var weightChanged, addrsChanged bool
+		config, ok := bgwc.configs[lid]
+		if !ok {
+			// A new balancer, add it to balancer group and balancer map.
+			bgwc.stateAggregator.Add(lidJSON, newWeight)
+			bgwc.bg.Add(lidJSON, edsImpl.subBalancerBuilder)
+			config = &localityConfig{
+				weight: newWeight,
+			}
+			bgwc.configs[lid] = config
+
+			// weightChanged is false for new locality, because there's no need
+			// to update weight in bg.
+			addrsChanged = true
+			edsImpl.logger.Infof("New locality %v added", lid)
+		} else {
+			// Compare weight and addrs.
+			if config.weight != newWeight {
+				weightChanged = true
+			}
+			if !cmp.Equal(config.addrs, newAddrs) {
+				addrsChanged = true
+			}
+			edsImpl.logger.Infof("Locality %v updated, weightedChanged: %v, addrsChanged: %v", lid, weightChanged, addrsChanged)
+		}
+
+		if weightChanged {
+			config.weight = newWeight
+			bgwc.stateAggregator.UpdateWeight(lidJSON, newWeight)
+			rebuildStateAndPicker = true
+		}
+
+		if addrsChanged {
+			config.addrs = newAddrs
+			bgwc.bg.UpdateClientConnState(lidJSON, balancer.ClientConnState{
+				ResolverState: resolver.State{Addresses: newAddrs},
+			})
+		}
+	}
+
+	// Delete localities that are removed in the latest response.
+	for lid := range bgwc.configs {
+		lidJSON, err := lid.ToString()
+		if err != nil {
+			edsImpl.logger.Errorf("failed to marshal LocalityID: %#v, skipping this locality", lid)
+			continue
+		}
+		if _, ok := newLocalitiesSet[lid]; !ok {
+			bgwc.stateAggregator.Remove(lidJSON)
+			bgwc.bg.Remove(lidJSON)
+			delete(bgwc.configs, lid)
+			edsImpl.logger.Infof("Locality %v deleted", lid)
+			rebuildStateAndPicker = true
+		}
+	}
+
+	if rebuildStateAndPicker {
+		bgwc.stateAggregator.BuildAndUpdate()
+	}
+}
+
+// handleSubConnStateChange handles the state change and update pickers accordingly.
+func (edsImpl *edsBalancerImpl) handleSubConnStateChange(sc balancer.SubConn, s connectivity.State) {
+	edsImpl.subConnMu.Lock()
+	var bgwc *balancerGroupWithConfig
+	if p, ok := edsImpl.subConnToPriority[sc]; ok {
+		if s == connectivity.Shutdown {
+			// Only delete sc from the map when state changed to Shutdown.
+			delete(edsImpl.subConnToPriority, sc)
+		}
+		bgwc = edsImpl.priorityToLocalities[p]
+	}
+	edsImpl.subConnMu.Unlock()
+	if bgwc == nil {
+		edsImpl.logger.Infof("edsBalancerImpl: priority not found for sc state change")
+		return
+	}
+	if bg := bgwc.bg; bg != nil {
+		bg.UpdateSubConnState(sc, balancer.SubConnState{ConnectivityState: s})
+	}
+}
+
+// updateServiceRequestsConfig handles changes to the circuit breaking configuration.
+func (edsImpl *edsBalancerImpl) updateServiceRequestsConfig(serviceName string, max *uint32) {
+	if !env.CircuitBreakingSupport {
+		return
+	}
+	edsImpl.pickerMu.Lock()
+	var updatePicker bool
+	if edsImpl.serviceRequestsCounter == nil || edsImpl.serviceRequestsCounter.ServiceName != serviceName {
+		edsImpl.serviceRequestsCounter = client.GetServiceRequestsCounter(serviceName)
+		updatePicker = true
+	}
+
+	var newMax uint32 = defaultServiceRequestCountMax
+	if max != nil {
+		newMax = *max
+	}
+	if edsImpl.serviceRequestCountMax != newMax {
+		edsImpl.serviceRequestCountMax = newMax
+		updatePicker = true
+	}
+	if updatePicker && edsImpl.innerState.Picker != nil {
+		// Update picker with old inner picker, new counter and counterMax.
+		edsImpl.cc.UpdateState(balancer.State{
+			ConnectivityState: edsImpl.innerState.ConnectivityState,
+			Picker:            newDropPicker(edsImpl.innerState.Picker, edsImpl.drops, edsImpl.loadReporter, edsImpl.serviceRequestsCounter, edsImpl.serviceRequestCountMax)},
+		)
+	}
+	edsImpl.pickerMu.Unlock()
+}
+
+func (edsImpl *edsBalancerImpl) updateClusterName(name string) {
+	edsImpl.clusterNameMu.Lock()
+	defer edsImpl.clusterNameMu.Unlock()
+	edsImpl.clusterName = name
+}
+
+func (edsImpl *edsBalancerImpl) getClusterName() string {
+	edsImpl.clusterNameMu.Lock()
+	defer edsImpl.clusterNameMu.Unlock()
+	return edsImpl.clusterName
+}
+
+// updateState first handles priority, and then wraps picker in a drop picker
+// before forwarding the update.
+func (edsImpl *edsBalancerImpl) updateState(priority priorityType, s balancer.State) {
+	_, ok := edsImpl.priorityToLocalities[priority]
+	if !ok {
+		edsImpl.logger.Infof("eds: received picker update from unknown priority")
+		return
+	}
+
+	if edsImpl.handlePriorityWithNewState(priority, s) {
+		edsImpl.pickerMu.Lock()
+		defer edsImpl.pickerMu.Unlock()
+		edsImpl.innerState = s
+		// Don't reset drops when it's a state change.
+		edsImpl.cc.UpdateState(balancer.State{ConnectivityState: s.ConnectivityState, Picker: newDropPicker(s.Picker, edsImpl.drops, edsImpl.loadReporter, edsImpl.serviceRequestsCounter, edsImpl.serviceRequestCountMax)})
+	}
+}
+
+func (edsImpl *edsBalancerImpl) ccWrapperWithPriority(priority priorityType) *edsBalancerWrapperCC {
+	return &edsBalancerWrapperCC{
+		ClientConn: edsImpl.cc,
+		priority:   priority,
+		parent:     edsImpl,
+	}
+}
+
+// edsBalancerWrapperCC implements the balancer.ClientConn API and get passed to
+// each balancer group. It contains the locality priority.
+type edsBalancerWrapperCC struct {
+	balancer.ClientConn
+	priority priorityType
+	parent   *edsBalancerImpl
+}
+
+func (ebwcc *edsBalancerWrapperCC) NewSubConn(addrs []resolver.Address, opts balancer.NewSubConnOptions) (balancer.SubConn, error) {
+	clusterName := ebwcc.parent.getClusterName()
+	newAddrs := make([]resolver.Address, len(addrs))
+	for i, addr := range addrs {
+		newAddrs[i] = internal.SetXDSHandshakeClusterName(addr, clusterName)
+	}
+	return ebwcc.parent.newSubConn(ebwcc.priority, newAddrs, opts)
+}
+
+func (ebwcc *edsBalancerWrapperCC) UpdateAddresses(sc balancer.SubConn, addrs []resolver.Address) {
+	clusterName := ebwcc.parent.getClusterName()
+	newAddrs := make([]resolver.Address, len(addrs))
+	for i, addr := range addrs {
+		newAddrs[i] = internal.SetXDSHandshakeClusterName(addr, clusterName)
+	}
+	ebwcc.ClientConn.UpdateAddresses(sc, newAddrs)
+}
+
+func (ebwcc *edsBalancerWrapperCC) UpdateState(state balancer.State) {
+	ebwcc.parent.enqueueChildBalancerStateUpdate(ebwcc.priority, state)
+}
+
+func (edsImpl *edsBalancerImpl) newSubConn(priority priorityType, addrs []resolver.Address, opts balancer.NewSubConnOptions) (balancer.SubConn, error) {
+	sc, err := edsImpl.cc.NewSubConn(addrs, opts)
+	if err != nil {
+		return nil, err
+	}
+	edsImpl.subConnMu.Lock()
+	edsImpl.subConnToPriority[sc] = priority
+	edsImpl.subConnMu.Unlock()
+	return sc, nil
+}
+
+// close closes the balancer.
+func (edsImpl *edsBalancerImpl) close() {
+	for _, bgwc := range edsImpl.priorityToLocalities {
+		if bg := bgwc.bg; bg != nil {
+			bgwc.stateAggregator.Stop()
+			bg.Close()
+		}
+	}
+}
+
+type dropPicker struct {
+	drops     []*dropper
+	p         balancer.Picker
+	loadStore load.PerClusterReporter
+	counter   *client.ServiceRequestsCounter
+	countMax  uint32
+}
+
+func newDropPicker(p balancer.Picker, drops []*dropper, loadStore load.PerClusterReporter, counter *client.ServiceRequestsCounter, countMax uint32) *dropPicker {
+	return &dropPicker{
+		drops:     drops,
+		p:         p,
+		loadStore: loadStore,
+		counter:   counter,
+		countMax:  countMax,
+	}
+}
+
+func (d *dropPicker) Pick(info balancer.PickInfo) (balancer.PickResult, error) {
+	var (
+		drop     bool
+		category string
+	)
+	for _, dp := range d.drops {
+		if dp.drop() {
+			drop = true
+			category = dp.c.Category
+			break
+		}
+	}
+	if drop {
+		if d.loadStore != nil {
+			d.loadStore.CallDropped(category)
+		}
+		return balancer.PickResult{}, status.Errorf(codes.Unavailable, "RPC is dropped")
+	}
+	if d.counter != nil {
+		if err := d.counter.StartRequest(d.countMax); err != nil {
+			// Drops by circuit breaking are reported with empty category. They
+			// will be reported only in total drops, but not in per category.
+			if d.loadStore != nil {
+				d.loadStore.CallDropped("")
+			}
+			return balancer.PickResult{}, status.Errorf(codes.Unavailable, err.Error())
+		}
+		pr, err := d.p.Pick(info)
+		if err != nil {
+			d.counter.EndRequest()
+			return pr, err
+		}
+		oldDone := pr.Done
+		pr.Done = func(doneInfo balancer.DoneInfo) {
+			d.counter.EndRequest()
+			if oldDone != nil {
+				oldDone(doneInfo)
+			}
+		}
+		return pr, err
+	}
+	// TODO: (eds) don't drop unless the inner picker is READY. Similar to
+	// https://github.com/grpc/grpc-go/issues/2622.
+	return d.p.Pick(info)
+}
diff --git a/vendor/google.golang.org/grpc/xds/internal/balancer/edsbalancer/eds_impl_priority.go b/vendor/google.golang.org/grpc/xds/internal/balancer/edsbalancer/eds_impl_priority.go
new file mode 100644
index 00000000000..53ac6ef5e87
--- /dev/null
+++ b/vendor/google.golang.org/grpc/xds/internal/balancer/edsbalancer/eds_impl_priority.go
@@ -0,0 +1,358 @@
+/*
+ *
+ * Copyright 2019 gRPC authors.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package edsbalancer
+
+import (
+	"errors"
+	"fmt"
+	"time"
+
+	"google.golang.org/grpc/balancer"
+	"google.golang.org/grpc/balancer/base"
+	"google.golang.org/grpc/connectivity"
+)
+
+var errAllPrioritiesRemoved = errors.New("eds: no locality is provided, all priorities are removed")
+
+// handlePriorityChange handles priority after EDS adds/removes a
+// priority.
+//
+// - If all priorities were deleted, unset priorityInUse, and set parent
+// ClientConn to TransientFailure
+// - If priorityInUse wasn't set, this is either the first EDS resp, or the
+// previous EDS resp deleted everything. Set priorityInUse to 0, and start 0.
+// - If priorityInUse was deleted, send the picker from the new lowest priority
+// to parent ClientConn, and set priorityInUse to the new lowest.
+// - If priorityInUse has a non-Ready state, and also there's a priority lower
+// than priorityInUse (which means a lower priority was added), set the next
+// priority as new priorityInUse, and start the bg.
+func (edsImpl *edsBalancerImpl) handlePriorityChange() {
+	edsImpl.priorityMu.Lock()
+	defer edsImpl.priorityMu.Unlock()
+
+	// Everything was removed by EDS.
+	if !edsImpl.priorityLowest.isSet() {
+		edsImpl.priorityInUse = newPriorityTypeUnset()
+		// Stop the init timer. This can happen if the only priority is removed
+		// shortly after it's added.
+		if timer := edsImpl.priorityInitTimer; timer != nil {
+			timer.Stop()
+			edsImpl.priorityInitTimer = nil
+		}
+		edsImpl.cc.UpdateState(balancer.State{ConnectivityState: connectivity.TransientFailure, Picker: base.NewErrPicker(errAllPrioritiesRemoved)})
+		return
+	}
+
+	// priorityInUse wasn't set, use 0.
+	if !edsImpl.priorityInUse.isSet() {
+		edsImpl.logger.Infof("Switching priority from unset to %v", 0)
+		edsImpl.startPriority(newPriorityType(0))
+		return
+	}
+
+	// priorityInUse was deleted, use the new lowest.
+	if _, ok := edsImpl.priorityToLocalities[edsImpl.priorityInUse]; !ok {
+		oldP := edsImpl.priorityInUse
+		edsImpl.priorityInUse = edsImpl.priorityLowest
+		edsImpl.logger.Infof("Switching priority from %v to %v, because former was deleted", oldP, edsImpl.priorityInUse)
+		if s, ok := edsImpl.priorityToState[edsImpl.priorityLowest]; ok {
+			edsImpl.cc.UpdateState(*s)
+		} else {
+			// If state for priorityLowest is not found, this means priorityLowest was
+			// started, but never sent any update. The init timer fired and
+			// triggered the next priority. The old_priorityInUse (that was just
+			// deleted EDS) was picked later.
+			//
+			// We don't have an old state to send to parent, but we also don't
+			// want parent to keep using picker from old_priorityInUse. Send an
+			// update to trigger block picks until a new picker is ready.
+			edsImpl.cc.UpdateState(balancer.State{ConnectivityState: connectivity.Connecting, Picker: base.NewErrPicker(balancer.ErrNoSubConnAvailable)})
+		}
+		return
+	}
+
+	// priorityInUse is not ready, look for next priority, and use if found.
+	if s, ok := edsImpl.priorityToState[edsImpl.priorityInUse]; ok && s.ConnectivityState != connectivity.Ready {
+		pNext := edsImpl.priorityInUse.nextLower()
+		if _, ok := edsImpl.priorityToLocalities[pNext]; ok {
+			edsImpl.logger.Infof("Switching priority from %v to %v, because latter was added, and former wasn't Ready")
+			edsImpl.startPriority(pNext)
+		}
+	}
+}
+
+// startPriority sets priorityInUse to p, and starts the balancer group for p.
+// It also starts a timer to fall to next priority after timeout.
+//
+// Caller must hold priorityMu, priority must exist, and edsImpl.priorityInUse
+// must be non-nil.
+func (edsImpl *edsBalancerImpl) startPriority(priority priorityType) {
+	edsImpl.priorityInUse = priority
+	p := edsImpl.priorityToLocalities[priority]
+	// NOTE: this will eventually send addresses to sub-balancers. If the
+	// sub-balancer tries to update picker, it will result in a deadlock on
+	// priorityMu in the update is handled synchronously. The deadlock is
+	// currently avoided by handling balancer update in a goroutine (the run
+	// goroutine in the parent eds balancer). When priority balancer is split
+	// into its own, this asynchronous state handling needs to be copied.
+	p.stateAggregator.Start()
+	p.bg.Start()
+	// startPriority can be called when
+	// 1. first EDS resp, start p0
+	// 2. a high priority goes Failure, start next
+	// 3. a high priority init timeout, start next
+	//
+	// In all the cases, the existing init timer is either closed, also already
+	// expired. There's no need to close the old timer.
+	edsImpl.priorityInitTimer = time.AfterFunc(defaultPriorityInitTimeout, func() {
+		edsImpl.priorityMu.Lock()
+		defer edsImpl.priorityMu.Unlock()
+		if !edsImpl.priorityInUse.isSet() || !edsImpl.priorityInUse.equal(priority) {
+			return
+		}
+		edsImpl.priorityInitTimer = nil
+		pNext := priority.nextLower()
+		if _, ok := edsImpl.priorityToLocalities[pNext]; ok {
+			edsImpl.startPriority(pNext)
+		}
+	})
+}
+
+// handlePriorityWithNewState start/close priorities based on the connectivity
+// state. It returns whether the state should be forwarded to parent ClientConn.
+func (edsImpl *edsBalancerImpl) handlePriorityWithNewState(priority priorityType, s balancer.State) bool {
+	edsImpl.priorityMu.Lock()
+	defer edsImpl.priorityMu.Unlock()
+
+	if !edsImpl.priorityInUse.isSet() {
+		edsImpl.logger.Infof("eds: received picker update when no priority is in use (EDS returned an empty list)")
+		return false
+	}
+
+	if edsImpl.priorityInUse.higherThan(priority) {
+		// Lower priorities should all be closed, this is an unexpected update.
+		edsImpl.logger.Infof("eds: received picker update from priority lower then priorityInUse")
+		return false
+	}
+
+	bState, ok := edsImpl.priorityToState[priority]
+	if !ok {
+		bState = &balancer.State{}
+		edsImpl.priorityToState[priority] = bState
+	}
+	oldState := bState.ConnectivityState
+	*bState = s
+
+	switch s.ConnectivityState {
+	case connectivity.Ready:
+		return edsImpl.handlePriorityWithNewStateReady(priority)
+	case connectivity.TransientFailure:
+		return edsImpl.handlePriorityWithNewStateTransientFailure(priority)
+	case connectivity.Connecting:
+		return edsImpl.handlePriorityWithNewStateConnecting(priority, oldState)
+	default:
+		// New state is Idle, should never happen. Don't forward.
+		return false
+	}
+}
+
+// handlePriorityWithNewStateReady handles state Ready and decides whether to
+// forward update or not.
+//
+// An update with state Ready:
+// - If it's from higher priority:
+//   - Forward the update
+//   - Set the priority as priorityInUse
+//   - Close all priorities lower than this one
+// - If it's from priorityInUse:
+//   - Forward and do nothing else
+//
+// Caller must make sure priorityInUse is not higher than priority.
+//
+// Caller must hold priorityMu.
+func (edsImpl *edsBalancerImpl) handlePriorityWithNewStateReady(priority priorityType) bool {
+	// If one priority higher or equal to priorityInUse goes Ready, stop the
+	// init timer. If update is from higher than priorityInUse,
+	// priorityInUse will be closed, and the init timer will become useless.
+	if timer := edsImpl.priorityInitTimer; timer != nil {
+		timer.Stop()
+		edsImpl.priorityInitTimer = nil
+	}
+
+	if edsImpl.priorityInUse.lowerThan(priority) {
+		edsImpl.logger.Infof("Switching priority from %v to %v, because latter became Ready", edsImpl.priorityInUse, priority)
+		edsImpl.priorityInUse = priority
+		for i := priority.nextLower(); !i.lowerThan(edsImpl.priorityLowest); i = i.nextLower() {
+			bgwc := edsImpl.priorityToLocalities[i]
+			bgwc.stateAggregator.Stop()
+			bgwc.bg.Close()
+		}
+		return true
+	}
+	return true
+}
+
+// handlePriorityWithNewStateTransientFailure handles state TransientFailure and
+// decides whether to forward update or not.
+//
+// An update with state Failure:
+// - If it's from a higher priority:
+//   - Do not forward, and do nothing
+// - If it's from priorityInUse:
+//   - If there's no lower:
+//     - Forward and do nothing else
+//   - If there's a lower priority:
+//     - Forward
+//     - Set lower as priorityInUse
+//     - Start lower
+//
+// Caller must make sure priorityInUse is not higher than priority.
+//
+// Caller must hold priorityMu.
+func (edsImpl *edsBalancerImpl) handlePriorityWithNewStateTransientFailure(priority priorityType) bool {
+	if edsImpl.priorityInUse.lowerThan(priority) {
+		return false
+	}
+	// priorityInUse sends a failure. Stop its init timer.
+	if timer := edsImpl.priorityInitTimer; timer != nil {
+		timer.Stop()
+		edsImpl.priorityInitTimer = nil
+	}
+	pNext := priority.nextLower()
+	if _, okNext := edsImpl.priorityToLocalities[pNext]; !okNext {
+		return true
+	}
+	edsImpl.logger.Infof("Switching priority from %v to %v, because former became TransientFailure", priority, pNext)
+	edsImpl.startPriority(pNext)
+	return true
+}
+
+// handlePriorityWithNewStateConnecting handles state Connecting and decides
+// whether to forward update or not.
+//
+// An update with state Connecting:
+// - If it's from a higher priority
+//   - Do nothing
+// - If it's from priorityInUse, the behavior depends on previous state.
+//
+// When new state is Connecting, the behavior depends on previous state. If the
+// previous state was Ready, this is a transition out from Ready to Connecting.
+// Assuming there are multiple backends in the same priority, this mean we are
+// in a bad situation and we should failover to the next priority (Side note:
+// the current connectivity state aggregating algorhtim (e.g. round-robin) is
+// not handling this right, because if many backends all go from Ready to
+// Connecting, the overall situation is more like TransientFailure, not
+// Connecting).
+//
+// If the previous state was Idle, we don't do anything special with failure,
+// and simply forward the update. The init timer should be in process, will
+// handle failover if it timeouts. If the previous state was TransientFailure,
+// we do not forward, because the lower priority is in use.
+//
+// Caller must make sure priorityInUse is not higher than priority.
+//
+// Caller must hold priorityMu.
+func (edsImpl *edsBalancerImpl) handlePriorityWithNewStateConnecting(priority priorityType, oldState connectivity.State) bool {
+	if edsImpl.priorityInUse.lowerThan(priority) {
+		return false
+	}
+
+	switch oldState {
+	case connectivity.Ready:
+		pNext := priority.nextLower()
+		if _, okNext := edsImpl.priorityToLocalities[pNext]; !okNext {
+			return true
+		}
+		edsImpl.logger.Infof("Switching priority from %v to %v, because former became Connecting from Ready", priority, pNext)
+		edsImpl.startPriority(pNext)
+		return true
+	case connectivity.Idle:
+		return true
+	case connectivity.TransientFailure:
+		return false
+	default:
+		// Old state is Connecting or Shutdown. Don't forward.
+		return false
+	}
+}
+
+// priorityType represents the priority from EDS response.
+//
+// 0 is the highest priority. The bigger the number, the lower the priority.
+type priorityType struct {
+	set bool
+	p   uint32
+}
+
+func newPriorityType(p uint32) priorityType {
+	return priorityType{
+		set: true,
+		p:   p,
+	}
+}
+
+func newPriorityTypeUnset() priorityType {
+	return priorityType{}
+}
+
+func (p priorityType) isSet() bool {
+	return p.set
+}
+
+func (p priorityType) equal(p2 priorityType) bool {
+	if !p.isSet() && !p2.isSet() {
+		return true
+	}
+	if !p.isSet() || !p2.isSet() {
+		return false
+	}
+	return p == p2
+}
+
+func (p priorityType) higherThan(p2 priorityType) bool {
+	if !p.isSet() || !p2.isSet() {
+		// TODO(menghanl): return an appropriate value instead of panic.
+		panic("priority unset")
+	}
+	return p.p < p2.p
+}
+
+func (p priorityType) lowerThan(p2 priorityType) bool {
+	if !p.isSet() || !p2.isSet() {
+		// TODO(menghanl): return an appropriate value instead of panic.
+		panic("priority unset")
+	}
+	return p.p > p2.p
+}
+
+func (p priorityType) nextLower() priorityType {
+	if !p.isSet() {
+		panic("priority unset")
+	}
+	return priorityType{
+		set: true,
+		p:   p.p + 1,
+	}
+}
+
+func (p priorityType) String() string {
+	if !p.set {
+		return "Nil"
+	}
+	return fmt.Sprint(p.p)
+}
diff --git a/vendor/google.golang.org/grpc/xds/internal/balancer/edsbalancer/eds_testutil.go b/vendor/google.golang.org/grpc/xds/internal/balancer/edsbalancer/eds_testutil.go
new file mode 100644
index 00000000000..5e37cdcb47c
--- /dev/null
+++ b/vendor/google.golang.org/grpc/xds/internal/balancer/edsbalancer/eds_testutil.go
@@ -0,0 +1,113 @@
+/*
+ * Copyright 2020 gRPC authors.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package edsbalancer
+
+import (
+	"fmt"
+	"net"
+	"strconv"
+
+	xdspb "github.com/envoyproxy/go-control-plane/envoy/api/v2"
+	corepb "github.com/envoyproxy/go-control-plane/envoy/api/v2/core"
+	endpointpb "github.com/envoyproxy/go-control-plane/envoy/api/v2/endpoint"
+	typepb "github.com/envoyproxy/go-control-plane/envoy/type"
+	"google.golang.org/grpc/xds/internal"
+	xdsclient "google.golang.org/grpc/xds/internal/client"
+)
+
+// parseEDSRespProtoForTesting parses EDS response, and panic if parsing fails.
+//
+// TODO: delete this. The EDS balancer tests should build an EndpointsUpdate
+// directly, instead of building and parsing a proto message.
+func parseEDSRespProtoForTesting(m *xdspb.ClusterLoadAssignment) xdsclient.EndpointsUpdate {
+	u, err := parseEDSRespProto(m)
+	if err != nil {
+		panic(err.Error())
+	}
+	return u
+}
+
+// parseEDSRespProto turns EDS response proto message to EndpointsUpdate.
+func parseEDSRespProto(m *xdspb.ClusterLoadAssignment) (xdsclient.EndpointsUpdate, error) {
+	ret := xdsclient.EndpointsUpdate{}
+	for _, dropPolicy := range m.GetPolicy().GetDropOverloads() {
+		ret.Drops = append(ret.Drops, parseDropPolicy(dropPolicy))
+	}
+	priorities := make(map[uint32]struct{})
+	for _, locality := range m.Endpoints {
+		l := locality.GetLocality()
+		if l == nil {
+			return xdsclient.EndpointsUpdate{}, fmt.Errorf("EDS response contains a locality without ID, locality: %+v", locality)
+		}
+		lid := internal.LocalityID{
+			Region:  l.Region,
+			Zone:    l.Zone,
+			SubZone: l.SubZone,
+		}
+		priority := locality.GetPriority()
+		priorities[priority] = struct{}{}
+		ret.Localities = append(ret.Localities, xdsclient.Locality{
+			ID:        lid,
+			Endpoints: parseEndpoints(locality.GetLbEndpoints()),
+			Weight:    locality.GetLoadBalancingWeight().GetValue(),
+			Priority:  priority,
+		})
+	}
+	for i := 0; i < len(priorities); i++ {
+		if _, ok := priorities[uint32(i)]; !ok {
+			return xdsclient.EndpointsUpdate{}, fmt.Errorf("priority %v missing (with different priorities %v received)", i, priorities)
+		}
+	}
+	return ret, nil
+}
+
+func parseAddress(socketAddress *corepb.SocketAddress) string {
+	return net.JoinHostPort(socketAddress.GetAddress(), strconv.Itoa(int(socketAddress.GetPortValue())))
+}
+
+func parseDropPolicy(dropPolicy *xdspb.ClusterLoadAssignment_Policy_DropOverload) xdsclient.OverloadDropConfig {
+	percentage := dropPolicy.GetDropPercentage()
+	var (
+		numerator   = percentage.GetNumerator()
+		denominator uint32
+	)
+	switch percentage.GetDenominator() {
+	case typepb.FractionalPercent_HUNDRED:
+		denominator = 100
+	case typepb.FractionalPercent_TEN_THOUSAND:
+		denominator = 10000
+	case typepb.FractionalPercent_MILLION:
+		denominator = 1000000
+	}
+	return xdsclient.OverloadDropConfig{
+		Category:    dropPolicy.GetCategory(),
+		Numerator:   numerator,
+		Denominator: denominator,
+	}
+}
+
+func parseEndpoints(lbEndpoints []*endpointpb.LbEndpoint) []xdsclient.Endpoint {
+	endpoints := make([]xdsclient.Endpoint, 0, len(lbEndpoints))
+	for _, lbEndpoint := range lbEndpoints {
+		endpoints = append(endpoints, xdsclient.Endpoint{
+			HealthStatus: xdsclient.EndpointHealthStatus(lbEndpoint.GetHealthStatus()),
+			Address:      parseAddress(lbEndpoint.GetEndpoint().GetAddress().GetSocketAddress()),
+			Weight:       lbEndpoint.GetLoadBalancingWeight().GetValue(),
+		})
+	}
+	return endpoints
+}
diff --git a/vendor/google.golang.org/grpc/xds/internal/balancer/edsbalancer/load_store_wrapper.go b/vendor/google.golang.org/grpc/xds/internal/balancer/edsbalancer/load_store_wrapper.go
new file mode 100644
index 00000000000..18904e47a42
--- /dev/null
+++ b/vendor/google.golang.org/grpc/xds/internal/balancer/edsbalancer/load_store_wrapper.go
@@ -0,0 +1,88 @@
+/*
+ *
+ * Copyright 2019 gRPC authors.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ */
+
+package edsbalancer
+
+import (
+	"sync"
+
+	"google.golang.org/grpc/xds/internal/client/load"
+)
+
+type loadStoreWrapper struct {
+	mu      sync.RWMutex
+	service string
+	// Both store and perCluster will be nil if load reporting is disabled (EDS
+	// response doesn't have LRS server name). Note that methods on Store and
+	// perCluster all handle nil, so there's no need to check nil before calling
+	// them.
+	store      *load.Store
+	perCluster load.PerClusterReporter
+}
+
+func (lsw *loadStoreWrapper) updateServiceName(service string) {
+	lsw.mu.Lock()
+	defer lsw.mu.Unlock()
+	if lsw.service == service {
+		return
+	}
+	lsw.service = service
+	lsw.perCluster = lsw.store.PerCluster(lsw.service, "")
+}
+
+func (lsw *loadStoreWrapper) updateLoadStore(store *load.Store) {
+	lsw.mu.Lock()
+	defer lsw.mu.Unlock()
+	if store == lsw.store {
+		return
+	}
+	lsw.store = store
+	lsw.perCluster = lsw.store.PerCluster(lsw.service, "")
+}
+
+func (lsw *loadStoreWrapper) CallStarted(locality string) {
+	lsw.mu.RLock()
+	defer lsw.mu.RUnlock()
+	if lsw.perCluster != nil {
+		lsw.perCluster.CallStarted(locality)
+	}
+}
+
+func (lsw *loadStoreWrapper) CallFinished(locality string, err error) {
+	lsw.mu.RLock()
+	defer lsw.mu.RUnlock()
+	if lsw.perCluster != nil {
+		lsw.perCluster.CallFinished(locality, err)
+	}
+}
+
+func (lsw *loadStoreWrapper) CallServerLoad(locality, name string, val float64) {
+	lsw.mu.RLock()
+	defer lsw.mu.RUnlock()
+	if lsw.perCluster != nil {
+		lsw.perCluster.CallServerLoad(locality, name, val)
+	}
+}
+
+func (lsw *loadStoreWrapper) CallDropped(category string) {
+	lsw.mu.RLock()
+	defer lsw.mu.RUnlock()
+	if lsw.perCluster != nil {
+		lsw.perCluster.CallDropped(category)
+	}
+}
diff --git a/vendor/google.golang.org/grpc/xds/internal/balancer/edsbalancer/logging.go b/vendor/google.golang.org/grpc/xds/internal/balancer/edsbalancer/logging.go
new file mode 100644
index 00000000000..be4d0a512d1
--- /dev/null
+++ b/vendor/google.golang.org/grpc/xds/internal/balancer/edsbalancer/logging.go
@@ -0,0 +1,34 @@
+/*
+ *
+ * Copyright 2020 gRPC authors.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ */
+
+package edsbalancer
+
+import (
+	"fmt"
+
+	"google.golang.org/grpc/grpclog"
+	internalgrpclog "google.golang.org/grpc/internal/grpclog"
+)
+
+const prefix = "[eds-lb %p] "
+
+var logger = grpclog.Component("xds")
+
+func prefixLogger(p *edsBalancer) *internalgrpclog.PrefixLogger {
+	return internalgrpclog.NewPrefixLogger(logger, fmt.Sprintf(prefix, p))
+}
diff --git a/vendor/google.golang.org/grpc/xds/internal/balancer/edsbalancer/util.go b/vendor/google.golang.org/grpc/xds/internal/balancer/edsbalancer/util.go
new file mode 100644
index 00000000000..13295042646
--- /dev/null
+++ b/vendor/google.golang.org/grpc/xds/internal/balancer/edsbalancer/util.go
@@ -0,0 +1,44 @@
+/*
+ * Copyright 2019 gRPC authors.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package edsbalancer
+
+import (
+	"google.golang.org/grpc/internal/wrr"
+	xdsclient "google.golang.org/grpc/xds/internal/client"
+)
+
+var newRandomWRR = wrr.NewRandom
+
+type dropper struct {
+	c xdsclient.OverloadDropConfig
+	w wrr.WRR
+}
+
+func newDropper(c xdsclient.OverloadDropConfig) *dropper {
+	w := newRandomWRR()
+	w.Add(true, int64(c.Numerator))
+	w.Add(false, int64(c.Denominator-c.Numerator))
+
+	return &dropper{
+		c: c,
+		w: w,
+	}
+}
+
+func (d *dropper) drop() (ret bool) {
+	return d.w.Next().(bool)
+}
diff --git a/vendor/google.golang.org/grpc/xds/internal/balancer/edsbalancer/xds_old.go b/vendor/google.golang.org/grpc/xds/internal/balancer/edsbalancer/xds_old.go
new file mode 100644
index 00000000000..6729e6801f1
--- /dev/null
+++ b/vendor/google.golang.org/grpc/xds/internal/balancer/edsbalancer/xds_old.go
@@ -0,0 +1,46 @@
+/*
+ *
+ * Copyright 2019 gRPC authors.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package edsbalancer
+
+import "google.golang.org/grpc/balancer"
+
+// The old xds balancer implements logic for both CDS and EDS. With the new
+// design, CDS is split and moved to a separate balancer, and the xds balancer
+// becomes the EDS balancer.
+//
+// To keep the existing tests working, this file regisger EDS balancer under the
+// old xds balancer name.
+//
+// TODO: delete this file when migration to new workflow (LDS, RDS, CDS, EDS) is
+// done.
+
+const xdsName = "xds_experimental"
+
+func init() {
+	balancer.Register(&xdsBalancerBuilder{})
+}
+
+// xdsBalancerBuilder register edsBalancerBuilder (now with name
+// "eds_experimental") under the old name "xds_experimental".
+type xdsBalancerBuilder struct {
+	edsBalancerBuilder
+}
+
+func (b *xdsBalancerBuilder) Name() string {
+	return xdsName
+}
diff --git a/vendor/google.golang.org/grpc/xds/internal/balancer/weightedtarget/logging.go b/vendor/google.golang.org/grpc/xds/internal/balancer/weightedtarget/logging.go
new file mode 100644
index 00000000000..e4061393071
--- /dev/null
+++ b/vendor/google.golang.org/grpc/xds/internal/balancer/weightedtarget/logging.go
@@ -0,0 +1,34 @@
+/*
+ *
+ * Copyright 2020 gRPC authors.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ */
+
+package weightedtarget
+
+import (
+	"fmt"
+
+	"google.golang.org/grpc/grpclog"
+	internalgrpclog "google.golang.org/grpc/internal/grpclog"
+)
+
+const prefix = "[weighted-target-lb %p] "
+
+var logger = grpclog.Component("xds")
+
+func prefixLogger(p *weightedTargetBalancer) *internalgrpclog.PrefixLogger {
+	return internalgrpclog.NewPrefixLogger(logger, fmt.Sprintf(prefix, p))
+}
diff --git a/vendor/google.golang.org/grpc/xds/internal/balancer/weightedtarget/weightedaggregator/aggregator.go b/vendor/google.golang.org/grpc/xds/internal/balancer/weightedtarget/weightedaggregator/aggregator.go
new file mode 100644
index 00000000000..6c36e2a69cd
--- /dev/null
+++ b/vendor/google.golang.org/grpc/xds/internal/balancer/weightedtarget/weightedaggregator/aggregator.go
@@ -0,0 +1,263 @@
+/*
+ *
+ * Copyright 2020 gRPC authors.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ */
+
+// Package weightedaggregator implements state aggregator for weighted_target
+// balancer.
+//
+// This is a separate package so it can be shared by weighted_target and eds.
+// The eds balancer will be refactored to use weighted_target directly. After
+// that, all functions and structs in this package can be moved to package
+// weightedtarget and unexported.
+package weightedaggregator
+
+import (
+	"fmt"
+	"sync"
+
+	"google.golang.org/grpc/balancer"
+	"google.golang.org/grpc/balancer/base"
+	"google.golang.org/grpc/connectivity"
+	"google.golang.org/grpc/internal/grpclog"
+	"google.golang.org/grpc/internal/wrr"
+)
+
+type weightedPickerState struct {
+	weight uint32
+	state  balancer.State
+	// stateToAggregate is the connectivity state used only for state
+	// aggregation. It could be different from state.ConnectivityState. For
+	// example when a sub-balancer transitions from TransientFailure to
+	// connecting, state.ConnectivityState is Connecting, but stateToAggregate
+	// is still TransientFailure.
+	stateToAggregate connectivity.State
+}
+
+func (s *weightedPickerState) String() string {
+	return fmt.Sprintf("weight:%v,picker:%p,state:%v,stateToAggregate:%v", s.weight, s.state.Picker, s.state.ConnectivityState, s.stateToAggregate)
+}
+
+// Aggregator is the weighted balancer state aggregator.
+type Aggregator struct {
+	cc     balancer.ClientConn
+	logger *grpclog.PrefixLogger
+	newWRR func() wrr.WRR
+
+	mu sync.Mutex
+	// If started is false, no updates should be sent to the parent cc. A closed
+	// sub-balancer could still send pickers to this aggregator. This makes sure
+	// that no updates will be forwarded to parent when the whole balancer group
+	// and states aggregator is closed.
+	started bool
+	// All balancer IDs exist as keys in this map, even if balancer group is not
+	// started.
+	//
+	// If an ID is not in map, it's either removed or never added.
+	idToPickerState map[string]*weightedPickerState
+}
+
+// New creates a new weighted balancer state aggregator.
+func New(cc balancer.ClientConn, logger *grpclog.PrefixLogger, newWRR func() wrr.WRR) *Aggregator {
+	return &Aggregator{
+		cc:              cc,
+		logger:          logger,
+		newWRR:          newWRR,
+		idToPickerState: make(map[string]*weightedPickerState),
+	}
+}
+
+// Start starts the aggregator. It can be called after Close to restart the
+// aggretator.
+func (wbsa *Aggregator) Start() {
+	wbsa.mu.Lock()
+	defer wbsa.mu.Unlock()
+	wbsa.started = true
+}
+
+// Stop stops the aggregator. When the aggregator is closed, it won't call
+// parent ClientConn to update balancer state.
+func (wbsa *Aggregator) Stop() {
+	wbsa.mu.Lock()
+	defer wbsa.mu.Unlock()
+	wbsa.started = false
+	wbsa.clearStates()
+}
+
+// Add adds a sub-balancer state with weight. It adds a place holder, and waits for
+// the real sub-balancer to update state.
+func (wbsa *Aggregator) Add(id string, weight uint32) {
+	wbsa.mu.Lock()
+	defer wbsa.mu.Unlock()
+	wbsa.idToPickerState[id] = &weightedPickerState{
+		weight: weight,
+		// Start everything in CONNECTING, so if one of the sub-balancers
+		// reports TransientFailure, the RPCs will still wait for the other
+		// sub-balancers.
+		state: balancer.State{
+			ConnectivityState: connectivity.Connecting,
+			Picker:            base.NewErrPicker(balancer.ErrNoSubConnAvailable),
+		},
+		stateToAggregate: connectivity.Connecting,
+	}
+}
+
+// Remove removes the sub-balancer state. Future updates from this sub-balancer,
+// if any, will be ignored.
+func (wbsa *Aggregator) Remove(id string) {
+	wbsa.mu.Lock()
+	defer wbsa.mu.Unlock()
+	if _, ok := wbsa.idToPickerState[id]; !ok {
+		return
+	}
+	// Remove id and picker from picker map. This also results in future updates
+	// for this ID to be ignored.
+	delete(wbsa.idToPickerState, id)
+}
+
+// UpdateWeight updates the weight for the given id. Note that this doesn't
+// trigger an update to the parent ClientConn. The caller should decide when
+// it's necessary, and call BuildAndUpdate.
+func (wbsa *Aggregator) UpdateWeight(id string, newWeight uint32) {
+	wbsa.mu.Lock()
+	defer wbsa.mu.Unlock()
+	pState, ok := wbsa.idToPickerState[id]
+	if !ok {
+		return
+	}
+	pState.weight = newWeight
+}
+
+// UpdateState is called to report a balancer state change from sub-balancer.
+// It's usually called by the balancer group.
+//
+// It calls parent ClientConn's UpdateState with the new aggregated state.
+func (wbsa *Aggregator) UpdateState(id string, newState balancer.State) {
+	wbsa.mu.Lock()
+	defer wbsa.mu.Unlock()
+	oldState, ok := wbsa.idToPickerState[id]
+	if !ok {
+		// All state starts with an entry in pickStateMap. If ID is not in map,
+		// it's either removed, or never existed.
+		return
+	}
+	if !(oldState.state.ConnectivityState == connectivity.TransientFailure && newState.ConnectivityState == connectivity.Connecting) {
+		// If old state is TransientFailure, and new state is Connecting, don't
+		// update the state, to prevent the aggregated state from being always
+		// CONNECTING. Otherwise, stateToAggregate is the same as
+		// state.ConnectivityState.
+		oldState.stateToAggregate = newState.ConnectivityState
+	}
+	oldState.state = newState
+
+	if !wbsa.started {
+		return
+	}
+	wbsa.cc.UpdateState(wbsa.build())
+}
+
+// clearState Reset everything to init state (Connecting) but keep the entry in
+// map (to keep the weight).
+//
+// Caller must hold wbsa.mu.
+func (wbsa *Aggregator) clearStates() {
+	for _, pState := range wbsa.idToPickerState {
+		pState.state = balancer.State{
+			ConnectivityState: connectivity.Connecting,
+			Picker:            base.NewErrPicker(balancer.ErrNoSubConnAvailable),
+		}
+		pState.stateToAggregate = connectivity.Connecting
+	}
+}
+
+// BuildAndUpdate combines the sub-state from each sub-balancer into one state,
+// and update it to parent ClientConn.
+func (wbsa *Aggregator) BuildAndUpdate() {
+	wbsa.mu.Lock()
+	defer wbsa.mu.Unlock()
+	if !wbsa.started {
+		return
+	}
+	wbsa.cc.UpdateState(wbsa.build())
+}
+
+// build combines sub-states into one.
+//
+// Caller must hold wbsa.mu.
+func (wbsa *Aggregator) build() balancer.State {
+	wbsa.logger.Infof("Child pickers with config: %+v", wbsa.idToPickerState)
+	m := wbsa.idToPickerState
+	var readyN, connectingN int
+	readyPickerWithWeights := make([]weightedPickerState, 0, len(m))
+	for _, ps := range m {
+		switch ps.stateToAggregate {
+		case connectivity.Ready:
+			readyN++
+			readyPickerWithWeights = append(readyPickerWithWeights, *ps)
+		case connectivity.Connecting:
+			connectingN++
+		}
+	}
+	var aggregatedState connectivity.State
+	switch {
+	case readyN > 0:
+		aggregatedState = connectivity.Ready
+	case connectingN > 0:
+		aggregatedState = connectivity.Connecting
+	default:
+		aggregatedState = connectivity.TransientFailure
+	}
+
+	// Make sure picker's return error is consistent with the aggregatedState.
+	var picker balancer.Picker
+	switch aggregatedState {
+	case connectivity.TransientFailure:
+		picker = base.NewErrPicker(balancer.ErrTransientFailure)
+	case connectivity.Connecting:
+		picker = base.NewErrPicker(balancer.ErrNoSubConnAvailable)
+	default:
+		picker = newWeightedPickerGroup(readyPickerWithWeights, wbsa.newWRR)
+	}
+	return balancer.State{ConnectivityState: aggregatedState, Picker: picker}
+}
+
+type weightedPickerGroup struct {
+	w wrr.WRR
+}
+
+// newWeightedPickerGroup takes pickers with weights, and groups them into one
+// picker.
+//
+// Note it only takes ready pickers. The map shouldn't contain non-ready
+// pickers.
+func newWeightedPickerGroup(readyWeightedPickers []weightedPickerState, newWRR func() wrr.WRR) *weightedPickerGroup {
+	w := newWRR()
+	for _, ps := range readyWeightedPickers {
+		w.Add(ps.state.Picker, int64(ps.weight))
+	}
+
+	return &weightedPickerGroup{
+		w: w,
+	}
+}
+
+func (pg *weightedPickerGroup) Pick(info balancer.PickInfo) (balancer.PickResult, error) {
+	p, ok := pg.w.Next().(balancer.Picker)
+	if !ok {
+		return balancer.PickResult{}, balancer.ErrNoSubConnAvailable
+	}
+	return p.Pick(info)
+}
diff --git a/vendor/google.golang.org/grpc/xds/internal/balancer/weightedtarget/weightedtarget.go b/vendor/google.golang.org/grpc/xds/internal/balancer/weightedtarget/weightedtarget.go
new file mode 100644
index 00000000000..a210816332b
--- /dev/null
+++ b/vendor/google.golang.org/grpc/xds/internal/balancer/weightedtarget/weightedtarget.go
@@ -0,0 +1,172 @@
+/*
+ *
+ * Copyright 2020 gRPC authors.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ */
+
+// Package weightedtarget implements the weighted_target balancer.
+package weightedtarget
+
+import (
+	"encoding/json"
+	"fmt"
+
+	"google.golang.org/grpc/balancer"
+	"google.golang.org/grpc/internal/grpclog"
+	"google.golang.org/grpc/internal/hierarchy"
+	"google.golang.org/grpc/internal/wrr"
+	"google.golang.org/grpc/resolver"
+	"google.golang.org/grpc/serviceconfig"
+	"google.golang.org/grpc/xds/internal/balancer/balancergroup"
+	"google.golang.org/grpc/xds/internal/balancer/weightedtarget/weightedaggregator"
+)
+
+// Name is the name of the weighted_target balancer.
+const Name = "weighted_target_experimental"
+
+// newRandomWRR is the WRR constructor used to pick sub-pickers from
+// sub-balancers. It's to be modified in tests.
+var newRandomWRR = wrr.NewRandom
+
+func init() {
+	balancer.Register(&weightedTargetBB{})
+}
+
+type weightedTargetBB struct{}
+
+func (wt *weightedTargetBB) Build(cc balancer.ClientConn, bOpts balancer.BuildOptions) balancer.Balancer {
+	b := &weightedTargetBalancer{}
+	b.logger = prefixLogger(b)
+	b.stateAggregator = weightedaggregator.New(cc, b.logger, newRandomWRR)
+	b.stateAggregator.Start()
+	b.bg = balancergroup.New(cc, bOpts, b.stateAggregator, nil, b.logger)
+	b.bg.Start()
+	b.logger.Infof("Created")
+	return b
+}
+
+func (wt *weightedTargetBB) Name() string {
+	return Name
+}
+
+func (wt *weightedTargetBB) ParseConfig(c json.RawMessage) (serviceconfig.LoadBalancingConfig, error) {
+	return parseConfig(c)
+}
+
+type weightedTargetBalancer struct {
+	logger *grpclog.PrefixLogger
+
+	// TODO: Make this package not dependent on any xds specific code.
+	// BalancerGroup uses xdsinternal.LocalityID as the key in the map of child
+	// policies that it maintains and reports load using LRS. Once these two
+	// dependencies are removed from the balancerGroup, this package will not
+	// have any dependencies on xds code.
+	bg              *balancergroup.BalancerGroup
+	stateAggregator *weightedaggregator.Aggregator
+
+	targets map[string]Target
+}
+
+// UpdateClientConnState takes the new targets in balancer group,
+// creates/deletes sub-balancers and sends them update. Addresses are split into
+// groups based on hierarchy path.
+func (w *weightedTargetBalancer) UpdateClientConnState(s balancer.ClientConnState) error {
+	newConfig, ok := s.BalancerConfig.(*LBConfig)
+	if !ok {
+		return fmt.Errorf("unexpected balancer config with type: %T", s.BalancerConfig)
+	}
+	addressesSplit := hierarchy.Group(s.ResolverState.Addresses)
+
+	var rebuildStateAndPicker bool
+
+	// Remove sub-pickers and sub-balancers that are not in the new config.
+	for name := range w.targets {
+		if _, ok := newConfig.Targets[name]; !ok {
+			w.stateAggregator.Remove(name)
+			w.bg.Remove(name)
+			// Trigger a state/picker update, because we don't want `ClientConn`
+			// to pick this sub-balancer anymore.
+			rebuildStateAndPicker = true
+		}
+	}
+
+	// For sub-balancers in the new config
+	// - if it's new. add to balancer group,
+	// - if it's old, but has a new weight, update weight in balancer group.
+	//
+	// For all sub-balancers, forward the address/balancer config update.
+	for name, newT := range newConfig.Targets {
+		oldT, ok := w.targets[name]
+		if !ok {
+			// If this is a new sub-balancer, add weights to the picker map.
+			w.stateAggregator.Add(name, newT.Weight)
+			// Then add to the balancer group.
+			w.bg.Add(name, balancer.Get(newT.ChildPolicy.Name))
+			// Not trigger a state/picker update. Wait for the new sub-balancer
+			// to send its updates.
+		} else if newT.ChildPolicy.Name != oldT.ChildPolicy.Name {
+			// If the child policy name is differet, remove from balancer group
+			// and re-add.
+			w.stateAggregator.Remove(name)
+			w.bg.Remove(name)
+			w.stateAggregator.Add(name, newT.Weight)
+			w.bg.Add(name, balancer.Get(newT.ChildPolicy.Name))
+			// Trigger a state/picker update, because we don't want `ClientConn`
+			// to pick this sub-balancer anymore.
+			rebuildStateAndPicker = true
+		} else if newT.Weight != oldT.Weight {
+			// If this is an existing sub-balancer, update weight if necessary.
+			w.stateAggregator.UpdateWeight(name, newT.Weight)
+			// Trigger a state/picker update, because we don't want `ClientConn`
+			// should do picks with the new weights now.
+			rebuildStateAndPicker = true
+		}
+
+		// Forwards all the update:
+		// - Addresses are from the map after splitting with hierarchy path,
+		// - Top level service config and attributes are the same,
+		// - Balancer config comes from the targets map.
+		//
+		// TODO: handle error? How to aggregate errors and return?
+		_ = w.bg.UpdateClientConnState(name, balancer.ClientConnState{
+			ResolverState: resolver.State{
+				Addresses:     addressesSplit[name],
+				ServiceConfig: s.ResolverState.ServiceConfig,
+				Attributes:    s.ResolverState.Attributes,
+			},
+			BalancerConfig: newT.ChildPolicy.Config,
+		})
+	}
+
+	w.targets = newConfig.Targets
+
+	if rebuildStateAndPicker {
+		w.stateAggregator.BuildAndUpdate()
+	}
+	return nil
+}
+
+func (w *weightedTargetBalancer) ResolverError(err error) {
+	w.bg.ResolverError(err)
+}
+
+func (w *weightedTargetBalancer) UpdateSubConnState(sc balancer.SubConn, state balancer.SubConnState) {
+	w.bg.UpdateSubConnState(sc, state)
+}
+
+func (w *weightedTargetBalancer) Close() {
+	w.stateAggregator.Stop()
+	w.bg.Close()
+}
diff --git a/vendor/google.golang.org/grpc/xds/internal/balancer/weightedtarget/weightedtarget_config.go b/vendor/google.golang.org/grpc/xds/internal/balancer/weightedtarget/weightedtarget_config.go
new file mode 100644
index 00000000000..52090cd67b0
--- /dev/null
+++ b/vendor/google.golang.org/grpc/xds/internal/balancer/weightedtarget/weightedtarget_config.go
@@ -0,0 +1,49 @@
+/*
+ *
+ * Copyright 2020 gRPC authors.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ */
+
+package weightedtarget
+
+import (
+	"encoding/json"
+
+	internalserviceconfig "google.golang.org/grpc/internal/serviceconfig"
+	"google.golang.org/grpc/serviceconfig"
+)
+
+// Target represents one target with the weight and the child policy.
+type Target struct {
+	// Weight is the weight of the child policy.
+	Weight uint32 `json:"weight,omitempty"`
+	// ChildPolicy is the child policy and it's config.
+	ChildPolicy *internalserviceconfig.BalancerConfig `json:"childPolicy,omitempty"`
+}
+
+// LBConfig is the balancer config for weighted_target.
+type LBConfig struct {
+	serviceconfig.LoadBalancingConfig `json:"-"`
+
+	Targets map[string]Target `json:"targets,omitempty"`
+}
+
+func parseConfig(c json.RawMessage) (*LBConfig, error) {
+	var cfg LBConfig
+	if err := json.Unmarshal(c, &cfg); err != nil {
+		return nil, err
+	}
+	return &cfg, nil
+}
diff --git a/vendor/google.golang.org/grpc/xds/internal/client/bootstrap/bootstrap.go b/vendor/google.golang.org/grpc/xds/internal/client/bootstrap/bootstrap.go
new file mode 100644
index 00000000000..f32c698b4f5
--- /dev/null
+++ b/vendor/google.golang.org/grpc/xds/internal/client/bootstrap/bootstrap.go
@@ -0,0 +1,322 @@
+/*
+ *
+ * Copyright 2019 gRPC authors.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ */
+
+// Package bootstrap provides the functionality to initialize certain aspects
+// of an xDS client by reading a bootstrap file.
+package bootstrap
+
+import (
+	"bytes"
+	"encoding/json"
+	"fmt"
+	"io/ioutil"
+
+	v2corepb "github.com/envoyproxy/go-control-plane/envoy/api/v2/core"
+	v3corepb "github.com/envoyproxy/go-control-plane/envoy/config/core/v3"
+	"github.com/golang/protobuf/jsonpb"
+	"github.com/golang/protobuf/proto"
+	"google.golang.org/grpc"
+	"google.golang.org/grpc/credentials/google"
+	"google.golang.org/grpc/credentials/insecure"
+	"google.golang.org/grpc/credentials/tls/certprovider"
+	"google.golang.org/grpc/internal"
+	"google.golang.org/grpc/internal/xds/env"
+	"google.golang.org/grpc/xds/internal/version"
+)
+
+const (
+	// The "server_features" field in the bootstrap file contains a list of
+	// features supported by the server. A value of "xds_v3" indicates that the
+	// server supports the v3 version of the xDS transport protocol.
+	serverFeaturesV3 = "xds_v3"
+
+	// Type name for Google default credentials.
+	credsGoogleDefault              = "google_default"
+	credsInsecure                   = "insecure"
+	gRPCUserAgentName               = "gRPC Go"
+	clientFeatureNoOverprovisioning = "envoy.lb.does_not_support_overprovisioning"
+)
+
+var gRPCVersion = fmt.Sprintf("%s %s", gRPCUserAgentName, grpc.Version)
+
+// For overriding in unit tests.
+var bootstrapFileReadFunc = ioutil.ReadFile
+
+// Config provides the xDS client with several key bits of information that it
+// requires in its interaction with the management server. The Config is
+// initialized from the bootstrap file.
+type Config struct {
+	// BalancerName is the name of the management server to connect to.
+	//
+	// The bootstrap file contains a list of servers (with name+creds), but we
+	// pick the first one.
+	BalancerName string
+	// Creds contains the credentials to be used while talking to the xDS
+	// server, as a grpc.DialOption.
+	Creds grpc.DialOption
+	// TransportAPI indicates the API version of xDS transport protocol to use.
+	// This describes the xDS gRPC endpoint and version of
+	// DiscoveryRequest/Response used on the wire.
+	TransportAPI version.TransportAPI
+	// NodeProto contains the Node proto to be used in xDS requests. The actual
+	// type depends on the transport protocol version used.
+	NodeProto proto.Message
+	// CertProviderConfigs contains a mapping from certificate provider plugin
+	// instance names to parsed buildable configs.
+	CertProviderConfigs map[string]*certprovider.BuildableConfig
+	// ServerListenerResourceNameTemplate is a template for the name of the
+	// Listener resource to subscribe to for a gRPC server. If the token `%s` is
+	// present in the string, it will be replaced with the server's listening
+	// "IP:port" (e.g., "0.0.0.0:8080", "[::]:8080"). For example, a value of
+	// "example/resource/%s" could become "example/resource/0.0.0.0:8080".
+	ServerListenerResourceNameTemplate string
+}
+
+type channelCreds struct {
+	Type   string          `json:"type"`
+	Config json.RawMessage `json:"config"`
+}
+
+type xdsServer struct {
+	ServerURI      string         `json:"server_uri"`
+	ChannelCreds   []channelCreds `json:"channel_creds"`
+	ServerFeatures []string       `json:"server_features"`
+}
+
+func bootstrapConfigFromEnvVariable() ([]byte, error) {
+	fName := env.BootstrapFileName
+	fContent := env.BootstrapFileContent
+
+	// Bootstrap file name has higher priority than bootstrap content.
+	if fName != "" {
+		// If file name is set
+		// - If file not found (or other errors), fail
+		// - Otherwise, use the content.
+		//
+		// Note that even if the content is invalid, we don't failover to the
+		// file content env variable.
+		logger.Debugf("xds: using bootstrap file with name %q", fName)
+		return bootstrapFileReadFunc(fName)
+	}
+
+	if fContent != "" {
+		return []byte(fContent), nil
+	}
+
+	return nil, fmt.Errorf("none of the bootstrap environment variables (%q or %q) defined", env.BootstrapFileNameEnv, env.BootstrapFileContentEnv)
+}
+
+// NewConfig returns a new instance of Config initialized by reading the
+// bootstrap file found at ${GRPC_XDS_BOOTSTRAP}.
+//
+// The format of the bootstrap file will be as follows:
+// {
+//    "xds_server": {
+//      "server_uri": <string containing URI of management server>,
+//      "channel_creds": [
+//        {
+//          "type": <string containing channel cred type>,
+//          "config": <JSON object containing config for the type>
+//        }
+//      ],
+//      "server_features": [ ... ],
+//    },
+//    "node": <JSON form of Node proto>,
+//    "certificate_providers" : {
+//      "default": {
+//        "plugin_name": "default-plugin-name",
+//        "config": { default plugin config in JSON }
+//       },
+//      "foo": {
+//        "plugin_name": "foo",
+//        "config": { foo plugin config in JSON }
+//      }
+//    },
+//    "server_listener_resource_name_template": "grpc/server?xds.resource.listening_address=%s"
+// }
+//
+// Currently, we support exactly one type of credential, which is
+// "google_default", where we use the host's default certs for transport
+// credentials and a Google oauth token for call credentials.
+//
+// This function tries to process as much of the bootstrap file as possible (in
+// the presence of the errors) and may return a Config object with certain
+// fields left unspecified, in which case the caller should use some sane
+// defaults.
+func NewConfig() (*Config, error) {
+	config := &Config{}
+
+	data, err := bootstrapConfigFromEnvVariable()
+	if err != nil {
+		return nil, fmt.Errorf("xds: Failed to read bootstrap config: %v", err)
+	}
+	logger.Debugf("Bootstrap content: %s", data)
+
+	var jsonData map[string]json.RawMessage
+	if err := json.Unmarshal(data, &jsonData); err != nil {
+		return nil, fmt.Errorf("xds: Failed to parse bootstrap config: %v", err)
+	}
+
+	serverSupportsV3 := false
+	m := jsonpb.Unmarshaler{AllowUnknownFields: true}
+	for k, v := range jsonData {
+		switch k {
+		case "node":
+			// We unconditionally convert the JSON into a v3.Node proto. The v3
+			// proto does not contain the deprecated field "build_version" from
+			// the v2 proto. We do not expect the bootstrap file to contain the
+			// "build_version" field. In any case, the unmarshal will succeed
+			// because we have set the `AllowUnknownFields` option on the
+			// unmarshaler.
+			n := &v3corepb.Node{}
+			if err := m.Unmarshal(bytes.NewReader(v), n); err != nil {
+				return nil, fmt.Errorf("xds: jsonpb.Unmarshal(%v) for field %q failed during bootstrap: %v", string(v), k, err)
+			}
+			config.NodeProto = n
+		case "xds_servers":
+			var servers []*xdsServer
+			if err := json.Unmarshal(v, &servers); err != nil {
+				return nil, fmt.Errorf("xds: json.Unmarshal(%v) for field %q failed during bootstrap: %v", string(v), k, err)
+			}
+			if len(servers) < 1 {
+				return nil, fmt.Errorf("xds: bootstrap file parsing failed during bootstrap: file doesn't contain any management server to connect to")
+			}
+			xs := servers[0]
+			config.BalancerName = xs.ServerURI
+			for _, cc := range xs.ChannelCreds {
+				// We stop at the first credential type that we support.
+				if cc.Type == credsGoogleDefault {
+					config.Creds = grpc.WithCredentialsBundle(google.NewDefaultCredentials())
+					break
+				} else if cc.Type == credsInsecure {
+					config.Creds = grpc.WithTransportCredentials(insecure.NewCredentials())
+					break
+				}
+			}
+			for _, f := range xs.ServerFeatures {
+				switch f {
+				case serverFeaturesV3:
+					serverSupportsV3 = true
+				}
+			}
+		case "certificate_providers":
+			var providerInstances map[string]json.RawMessage
+			if err := json.Unmarshal(v, &providerInstances); err != nil {
+				return nil, fmt.Errorf("xds: json.Unmarshal(%v) for field %q failed during bootstrap: %v", string(v), k, err)
+			}
+			configs := make(map[string]*certprovider.BuildableConfig)
+			getBuilder := internal.GetCertificateProviderBuilder.(func(string) certprovider.Builder)
+			for instance, data := range providerInstances {
+				var nameAndConfig struct {
+					PluginName string          `json:"plugin_name"`
+					Config     json.RawMessage `json:"config"`
+				}
+				if err := json.Unmarshal(data, &nameAndConfig); err != nil {
+					return nil, fmt.Errorf("xds: json.Unmarshal(%v) for field %q failed during bootstrap: %v", string(v), instance, err)
+				}
+
+				name := nameAndConfig.PluginName
+				parser := getBuilder(nameAndConfig.PluginName)
+				if parser == nil {
+					// We ignore plugins that we do not know about.
+					continue
+				}
+				bc, err := parser.ParseConfig(nameAndConfig.Config)
+				if err != nil {
+					return nil, fmt.Errorf("xds: Config parsing for plugin %q failed: %v", name, err)
+				}
+				configs[instance] = bc
+			}
+			config.CertProviderConfigs = configs
+		case "server_listener_resource_name_template":
+			if err := json.Unmarshal(v, &config.ServerListenerResourceNameTemplate); err != nil {
+				return nil, fmt.Errorf("xds: json.Unmarshal(%v) for field %q failed during bootstrap: %v", string(v), k, err)
+			}
+		}
+		// Do not fail the xDS bootstrap when an unknown field is seen. This can
+		// happen when an older version client reads a newer version bootstrap
+		// file with new fields.
+	}
+
+	if config.BalancerName == "" {
+		return nil, fmt.Errorf("xds: Required field %q not found in bootstrap %s", "xds_servers.server_uri", jsonData["xds_servers"])
+	}
+	if config.Creds == nil {
+		return nil, fmt.Errorf("xds: Required field %q doesn't contain valid value in bootstrap %s", "xds_servers.channel_creds", jsonData["xds_servers"])
+	}
+
+	// We end up using v3 transport protocol version only if the server supports
+	// v3, indicated by the presence of "xds_v3" in server_features. The default
+	// value of the enum type "version.TransportAPI" is v2.
+	if serverSupportsV3 {
+		config.TransportAPI = version.TransportV3
+	}
+
+	if err := config.updateNodeProto(); err != nil {
+		return nil, err
+	}
+	logger.Infof("Bootstrap config for creating xds-client: %+v", config)
+	return config, nil
+}
+
+// updateNodeProto updates the node proto read from the bootstrap file.
+//
+// Node proto in Config contains a v3.Node protobuf message corresponding to the
+// JSON contents found in the bootstrap file. This method performs some post
+// processing on it:
+// 1. If we don't find a nodeProto in the bootstrap file, we create an empty one
+// here. That way, callers of this function can always expect that the NodeProto
+// field is non-nil.
+// 2. If the transport protocol version to be used is not v3, we convert the
+// current v3.Node proto in a v2.Node proto.
+// 3. Some additional fields which are not expected to be set in the bootstrap
+// file are populated here.
+func (c *Config) updateNodeProto() error {
+	if c.TransportAPI == version.TransportV3 {
+		v3, _ := c.NodeProto.(*v3corepb.Node)
+		if v3 == nil {
+			v3 = &v3corepb.Node{}
+		}
+		v3.UserAgentName = gRPCUserAgentName
+		v3.UserAgentVersionType = &v3corepb.Node_UserAgentVersion{UserAgentVersion: grpc.Version}
+		v3.ClientFeatures = append(v3.ClientFeatures, clientFeatureNoOverprovisioning)
+		c.NodeProto = v3
+		return nil
+	}
+
+	v2 := &v2corepb.Node{}
+	if c.NodeProto != nil {
+		v3, err := proto.Marshal(c.NodeProto)
+		if err != nil {
+			return fmt.Errorf("xds: proto.Marshal(%v): %v", c.NodeProto, err)
+		}
+		if err := proto.Unmarshal(v3, v2); err != nil {
+			return fmt.Errorf("xds: proto.Unmarshal(%v): %v", v3, err)
+		}
+	}
+	c.NodeProto = v2
+
+	// BuildVersion is deprecated, and is replaced by user_agent_name and
+	// user_agent_version. But the management servers are still using the old
+	// field, so we will keep both set.
+	v2.BuildVersion = gRPCVersion
+	v2.UserAgentName = gRPCUserAgentName
+	v2.UserAgentVersionType = &v2corepb.Node_UserAgentVersion{UserAgentVersion: grpc.Version}
+	v2.ClientFeatures = append(v2.ClientFeatures, clientFeatureNoOverprovisioning)
+	return nil
+}
diff --git a/vendor/google.golang.org/grpc/xds/internal/client/bootstrap/logging.go b/vendor/google.golang.org/grpc/xds/internal/client/bootstrap/logging.go
new file mode 100644
index 00000000000..fdd811dd8a3
--- /dev/null
+++ b/vendor/google.golang.org/grpc/xds/internal/client/bootstrap/logging.go
@@ -0,0 +1,28 @@
+/*
+ *
+ * Copyright 2020 gRPC authors.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ */
+
+package bootstrap
+
+import (
+	"google.golang.org/grpc/grpclog"
+	internalgrpclog "google.golang.org/grpc/internal/grpclog"
+)
+
+const prefix = "[xds-bootstrap] "
+
+var logger = internalgrpclog.NewPrefixLogger(grpclog.Component("xds"), prefix)
diff --git a/vendor/google.golang.org/grpc/xds/internal/client/callback.go b/vendor/google.golang.org/grpc/xds/internal/client/callback.go
new file mode 100644
index 00000000000..da8e2f62d6c
--- /dev/null
+++ b/vendor/google.golang.org/grpc/xds/internal/client/callback.go
@@ -0,0 +1,272 @@
+/*
+ *
+ * Copyright 2020 gRPC authors.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ */
+
+package client
+
+type watcherInfoWithUpdate struct {
+	wi     *watchInfo
+	update interface{}
+	err    error
+}
+
+// scheduleCallback should only be called by methods of watchInfo, which checks
+// for watcher states and maintain consistency.
+func (c *clientImpl) scheduleCallback(wi *watchInfo, update interface{}, err error) {
+	c.updateCh.Put(&watcherInfoWithUpdate{
+		wi:     wi,
+		update: update,
+		err:    err,
+	})
+}
+
+func (c *clientImpl) callCallback(wiu *watcherInfoWithUpdate) {
+	c.mu.Lock()
+	// Use a closure to capture the callback and type assertion, to save one
+	// more switch case.
+	//
+	// The callback must be called without c.mu. Otherwise if the callback calls
+	// another watch() inline, it will cause a deadlock. This leaves a small
+	// window that a watcher's callback could be called after the watcher is
+	// canceled, and the user needs to take care of it.
+	var ccb func()
+	switch wiu.wi.rType {
+	case ListenerResource:
+		if s, ok := c.ldsWatchers[wiu.wi.target]; ok && s[wiu.wi] {
+			ccb = func() { wiu.wi.ldsCallback(wiu.update.(ListenerUpdate), wiu.err) }
+		}
+	case RouteConfigResource:
+		if s, ok := c.rdsWatchers[wiu.wi.target]; ok && s[wiu.wi] {
+			ccb = func() { wiu.wi.rdsCallback(wiu.update.(RouteConfigUpdate), wiu.err) }
+		}
+	case ClusterResource:
+		if s, ok := c.cdsWatchers[wiu.wi.target]; ok && s[wiu.wi] {
+			ccb = func() { wiu.wi.cdsCallback(wiu.update.(ClusterUpdate), wiu.err) }
+		}
+	case EndpointsResource:
+		if s, ok := c.edsWatchers[wiu.wi.target]; ok && s[wiu.wi] {
+			ccb = func() { wiu.wi.edsCallback(wiu.update.(EndpointsUpdate), wiu.err) }
+		}
+	}
+	c.mu.Unlock()
+
+	if ccb != nil {
+		ccb()
+	}
+}
+
+// NewListeners is called by the underlying xdsAPIClient when it receives an
+// xDS response.
+//
+// A response can contain multiple resources. They will be parsed and put in a
+// map from resource name to the resource content.
+func (c *clientImpl) NewListeners(updates map[string]ListenerUpdate, metadata UpdateMetadata) {
+	c.mu.Lock()
+	defer c.mu.Unlock()
+
+	if metadata.ErrState != nil {
+		// On NACK, update overall version to the NACKed resp.
+		c.ldsVersion = metadata.ErrState.Version
+		for name := range updates {
+			if _, ok := c.ldsWatchers[name]; ok {
+				// On error, keep previous version for each resource. But update
+				// status and error.
+				mdCopy := c.ldsMD[name]
+				mdCopy.ErrState = metadata.ErrState
+				mdCopy.Status = metadata.Status
+				c.ldsMD[name] = mdCopy
+				// TODO: send the NACK error to the watcher.
+			}
+		}
+		return
+	}
+
+	// If no error received, the status is ACK.
+	c.ldsVersion = metadata.Version
+	for name, update := range updates {
+		if s, ok := c.ldsWatchers[name]; ok {
+			// Only send the update if this is not an error.
+			for wi := range s {
+				wi.newUpdate(update)
+			}
+			// Sync cache.
+			c.logger.Debugf("LDS resource with name %v, value %+v added to cache", name, update)
+			c.ldsCache[name] = update
+			c.ldsMD[name] = metadata
+		}
+	}
+	// Resources not in the new update were removed by the server, so delete
+	// them.
+	for name := range c.ldsCache {
+		if _, ok := updates[name]; !ok {
+			// If resource exists in cache, but not in the new update, delete
+			// the resource from cache, and also send an resource not found
+			// error to indicate resource removed.
+			delete(c.ldsCache, name)
+			c.ldsMD[name] = UpdateMetadata{Status: ServiceStatusNotExist}
+			for wi := range c.ldsWatchers[name] {
+				wi.resourceNotFound()
+			}
+		}
+	}
+	// When LDS resource is removed, we don't delete corresponding RDS cached
+	// data. The RDS watch will be canceled, and cache entry is removed when the
+	// last watch is canceled.
+}
+
+// NewRouteConfigs is called by the underlying xdsAPIClient when it receives an
+// xDS response.
+//
+// A response can contain multiple resources. They will be parsed and put in a
+// map from resource name to the resource content.
+func (c *clientImpl) NewRouteConfigs(updates map[string]RouteConfigUpdate, metadata UpdateMetadata) {
+	c.mu.Lock()
+	defer c.mu.Unlock()
+
+	if metadata.ErrState != nil {
+		// On NACK, update overall version to the NACKed resp.
+		c.rdsVersion = metadata.ErrState.Version
+		for name := range updates {
+			if _, ok := c.rdsWatchers[name]; ok {
+				// On error, keep previous version for each resource. But update
+				// status and error.
+				mdCopy := c.rdsMD[name]
+				mdCopy.ErrState = metadata.ErrState
+				mdCopy.Status = metadata.Status
+				c.rdsMD[name] = mdCopy
+				// TODO: send the NACK error to the watcher.
+			}
+		}
+		return
+	}
+
+	// If no error received, the status is ACK.
+	c.rdsVersion = metadata.Version
+	for name, update := range updates {
+		if s, ok := c.rdsWatchers[name]; ok {
+			// Only send the update if this is not an error.
+			for wi := range s {
+				wi.newUpdate(update)
+			}
+			// Sync cache.
+			c.logger.Debugf("RDS resource with name %v, value %+v added to cache", name, update)
+			c.rdsCache[name] = update
+			c.rdsMD[name] = metadata
+		}
+	}
+}
+
+// NewClusters is called by the underlying xdsAPIClient when it receives an xDS
+// response.
+//
+// A response can contain multiple resources. They will be parsed and put in a
+// map from resource name to the resource content.
+func (c *clientImpl) NewClusters(updates map[string]ClusterUpdate, metadata UpdateMetadata) {
+	c.mu.Lock()
+	defer c.mu.Unlock()
+
+	if metadata.ErrState != nil {
+		// On NACK, update overall version to the NACKed resp.
+		c.cdsVersion = metadata.ErrState.Version
+		for name := range updates {
+			if _, ok := c.cdsWatchers[name]; ok {
+				// On error, keep previous version for each resource. But update
+				// status and error.
+				mdCopy := c.cdsMD[name]
+				mdCopy.ErrState = metadata.ErrState
+				mdCopy.Status = metadata.Status
+				c.cdsMD[name] = mdCopy
+				// TODO: send the NACK error to the watcher.
+			}
+		}
+		return
+	}
+
+	// If no error received, the status is ACK.
+	c.cdsVersion = metadata.Version
+	for name, update := range updates {
+		if s, ok := c.cdsWatchers[name]; ok {
+			// Only send the update if this is not an error.
+			for wi := range s {
+				wi.newUpdate(update)
+			}
+			// Sync cache.
+			c.logger.Debugf("CDS resource with name %v, value %+v added to cache", name, update)
+			c.cdsCache[name] = update
+			c.cdsMD[name] = metadata
+		}
+	}
+	// Resources not in the new update were removed by the server, so delete
+	// them.
+	for name := range c.cdsCache {
+		if _, ok := updates[name]; !ok {
+			// If resource exists in cache, but not in the new update, delete it
+			// from cache, and also send an resource not found error to indicate
+			// resource removed.
+			delete(c.cdsCache, name)
+			c.ldsMD[name] = UpdateMetadata{Status: ServiceStatusNotExist}
+			for wi := range c.cdsWatchers[name] {
+				wi.resourceNotFound()
+			}
+		}
+	}
+	// When CDS resource is removed, we don't delete corresponding EDS cached
+	// data. The EDS watch will be canceled, and cache entry is removed when the
+	// last watch is canceled.
+}
+
+// NewEndpoints is called by the underlying xdsAPIClient when it receives an
+// xDS response.
+//
+// A response can contain multiple resources. They will be parsed and put in a
+// map from resource name to the resource content.
+func (c *clientImpl) NewEndpoints(updates map[string]EndpointsUpdate, metadata UpdateMetadata) {
+	c.mu.Lock()
+	defer c.mu.Unlock()
+
+	if metadata.ErrState != nil {
+		// On NACK, update overall version to the NACKed resp.
+		c.edsVersion = metadata.ErrState.Version
+		for name := range updates {
+			if _, ok := c.edsWatchers[name]; ok {
+				// On error, keep previous version for each resource. But update
+				// status and error.
+				mdCopy := c.edsMD[name]
+				mdCopy.ErrState = metadata.ErrState
+				mdCopy.Status = metadata.Status
+				c.edsMD[name] = mdCopy
+				// TODO: send the NACK error to the watcher.
+			}
+		}
+		return
+	}
+
+	// If no error received, the status is ACK.
+	c.edsVersion = metadata.Version
+	for name, update := range updates {
+		if s, ok := c.edsWatchers[name]; ok {
+			// Only send the update if this is not an error.
+			for wi := range s {
+				wi.newUpdate(update)
+			}
+			// Sync cache.
+			c.logger.Debugf("EDS resource with name %v, value %+v added to cache", name, update)
+			c.edsCache[name] = update
+			c.edsMD[name] = metadata
+		}
+	}
+}
diff --git a/vendor/google.golang.org/grpc/xds/internal/client/client.go b/vendor/google.golang.org/grpc/xds/internal/client/client.go
new file mode 100644
index 00000000000..603632801b0
--- /dev/null
+++ b/vendor/google.golang.org/grpc/xds/internal/client/client.go
@@ -0,0 +1,676 @@
+/*
+ *
+ * Copyright 2019 gRPC authors.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ */
+
+// Package client implements a full fledged gRPC client for the xDS API used by
+// the xds resolver and balancer implementations.
+package client
+
+import (
+	"context"
+	"errors"
+	"fmt"
+	"regexp"
+	"sync"
+	"time"
+
+	v2corepb "github.com/envoyproxy/go-control-plane/envoy/api/v2/core"
+	v3corepb "github.com/envoyproxy/go-control-plane/envoy/config/core/v3"
+	"github.com/golang/protobuf/proto"
+	"google.golang.org/protobuf/types/known/anypb"
+
+	"google.golang.org/grpc/internal/xds"
+	"google.golang.org/grpc/xds/internal/client/load"
+	"google.golang.org/grpc/xds/internal/httpfilter"
+
+	"google.golang.org/grpc"
+	"google.golang.org/grpc/internal/backoff"
+	"google.golang.org/grpc/internal/buffer"
+	"google.golang.org/grpc/internal/grpclog"
+	"google.golang.org/grpc/internal/grpcsync"
+	"google.golang.org/grpc/keepalive"
+	"google.golang.org/grpc/xds/internal"
+	"google.golang.org/grpc/xds/internal/client/bootstrap"
+	"google.golang.org/grpc/xds/internal/version"
+)
+
+var (
+	m = make(map[version.TransportAPI]APIClientBuilder)
+)
+
+// RegisterAPIClientBuilder registers a client builder for xDS transport protocol
+// version specified by b.Version().
+//
+// NOTE: this function must only be called during initialization time (i.e. in
+// an init() function), and is not thread-safe. If multiple builders are
+// registered for the same version, the one registered last will take effect.
+func RegisterAPIClientBuilder(b APIClientBuilder) {
+	m[b.Version()] = b
+}
+
+// getAPIClientBuilder returns the client builder registered for the provided
+// xDS transport API version.
+func getAPIClientBuilder(version version.TransportAPI) APIClientBuilder {
+	if b, ok := m[version]; ok {
+		return b
+	}
+	return nil
+}
+
+// BuildOptions contains options to be passed to client builders.
+type BuildOptions struct {
+	// Parent is a top-level xDS client which has the intelligence to take
+	// appropriate action based on xDS responses received from the management
+	// server.
+	Parent UpdateHandler
+	// NodeProto contains the Node proto to be used in xDS requests. The actual
+	// type depends on the transport protocol version used.
+	NodeProto proto.Message
+	// Backoff returns the amount of time to backoff before retrying broken
+	// streams.
+	Backoff func(int) time.Duration
+	// Logger provides enhanced logging capabilities.
+	Logger *grpclog.PrefixLogger
+}
+
+// APIClientBuilder creates an xDS client for a specific xDS transport protocol
+// version.
+type APIClientBuilder interface {
+	// Build builds a transport protocol specific implementation of the xDS
+	// client based on the provided clientConn to the management server and the
+	// provided options.
+	Build(*grpc.ClientConn, BuildOptions) (APIClient, error)
+	// Version returns the xDS transport protocol version used by clients build
+	// using this builder.
+	Version() version.TransportAPI
+}
+
+// APIClient represents the functionality provided by transport protocol
+// version specific implementations of the xDS client.
+//
+// TODO: unexport this interface and all the methods after the PR to make
+// xdsClient sharable by clients. AddWatch and RemoveWatch are exported for
+// v2/v3 to override because they need to keep track of LDS name for RDS to use.
+// After the share xdsClient change, that's no longer necessary. After that, we
+// will still keep this interface for testing purposes.
+type APIClient interface {
+	// AddWatch adds a watch for an xDS resource given its type and name.
+	AddWatch(ResourceType, string)
+
+	// RemoveWatch cancels an already registered watch for an xDS resource
+	// given its type and name.
+	RemoveWatch(ResourceType, string)
+
+	// reportLoad starts an LRS stream to periodically report load using the
+	// provided ClientConn, which represent a connection to the management
+	// server.
+	reportLoad(ctx context.Context, cc *grpc.ClientConn, opts loadReportingOptions)
+
+	// Close cleans up resources allocated by the API client.
+	Close()
+}
+
+// loadReportingOptions contains configuration knobs for reporting load data.
+type loadReportingOptions struct {
+	loadStore *load.Store
+}
+
+// UpdateHandler receives and processes (by taking appropriate actions) xDS
+// resource updates from an APIClient for a specific version.
+type UpdateHandler interface {
+	// NewListeners handles updates to xDS listener resources.
+	NewListeners(map[string]ListenerUpdate, UpdateMetadata)
+	// NewRouteConfigs handles updates to xDS RouteConfiguration resources.
+	NewRouteConfigs(map[string]RouteConfigUpdate, UpdateMetadata)
+	// NewClusters handles updates to xDS Cluster resources.
+	NewClusters(map[string]ClusterUpdate, UpdateMetadata)
+	// NewEndpoints handles updates to xDS ClusterLoadAssignment (or tersely
+	// referred to as Endpoints) resources.
+	NewEndpoints(map[string]EndpointsUpdate, UpdateMetadata)
+}
+
+// ServiceStatus is the status of the update.
+type ServiceStatus int
+
+const (
+	// ServiceStatusUnknown is the default state, before a watch is started for
+	// the resource.
+	ServiceStatusUnknown ServiceStatus = iota
+	// ServiceStatusRequested is when the watch is started, but before and
+	// response is received.
+	ServiceStatusRequested
+	// ServiceStatusNotExist is when the resource doesn't exist in
+	// state-of-the-world responses (e.g. LDS and CDS), which means the resource
+	// is removed by the management server.
+	ServiceStatusNotExist // Resource is removed in the server, in LDS/CDS.
+	// ServiceStatusACKed is when the resource is ACKed.
+	ServiceStatusACKed
+	// ServiceStatusNACKed is when the resource is NACKed.
+	ServiceStatusNACKed
+)
+
+// UpdateErrorMetadata is part of UpdateMetadata. It contains the error state
+// when a response is NACKed.
+type UpdateErrorMetadata struct {
+	// Version is the version of the NACKed response.
+	Version string
+	// Err contains why the response was NACKed.
+	Err error
+	// Timestamp is when the NACKed response was received.
+	Timestamp time.Time
+}
+
+// UpdateMetadata contains the metadata for each update, including timestamp,
+// raw message, and so on.
+type UpdateMetadata struct {
+	// Status is the status of this resource, e.g. ACKed, NACKed, or
+	// Not_exist(removed).
+	Status ServiceStatus
+	// Version is the version of the xds response. Note that this is the version
+	// of the resource in use (previous ACKed). If a response is NACKed, the
+	// NACKed version is in ErrState.
+	Version string
+	// Timestamp is when the response is received.
+	Timestamp time.Time
+	// ErrState is set when the update is NACKed.
+	ErrState *UpdateErrorMetadata
+}
+
+// ListenerUpdate contains information received in an LDS response, which is of
+// interest to the registered LDS watcher.
+type ListenerUpdate struct {
+	// RouteConfigName is the route configuration name corresponding to the
+	// target which is being watched through LDS.
+	//
+	// Only one of RouteConfigName and InlineRouteConfig is set.
+	RouteConfigName string
+	// InlineRouteConfig is the inline route configuration (RDS response)
+	// returned inside LDS.
+	//
+	// Only one of RouteConfigName and InlineRouteConfig is set.
+	InlineRouteConfig *RouteConfigUpdate
+
+	// MaxStreamDuration contains the HTTP connection manager's
+	// common_http_protocol_options.max_stream_duration field, or zero if
+	// unset.
+	MaxStreamDuration time.Duration
+	// HTTPFilters is a list of HTTP filters (name, config) from the LDS
+	// response.
+	HTTPFilters []HTTPFilter
+	// InboundListenerCfg contains inbound listener configuration.
+	InboundListenerCfg *InboundListenerConfig
+
+	// Raw is the resource from the xds response.
+	Raw *anypb.Any
+}
+
+// HTTPFilter represents one HTTP filter from an LDS response's HTTP connection
+// manager field.
+type HTTPFilter struct {
+	// Name is an arbitrary name of the filter.  Used for applying override
+	// settings in virtual host / route / weighted cluster configuration (not
+	// yet supported).
+	Name string
+	// Filter is the HTTP filter found in the registry for the config type.
+	Filter httpfilter.Filter
+	// Config contains the filter's configuration
+	Config httpfilter.FilterConfig
+}
+
+// InboundListenerConfig contains information about the inbound listener, i.e
+// the server-side listener.
+type InboundListenerConfig struct {
+	// Address is the local address on which the inbound listener is expected to
+	// accept incoming connections.
+	Address string
+	// Port is the local port on which the inbound listener is expected to
+	// accept incoming connections.
+	Port string
+	// FilterChains is the list of filter chains associated with this listener.
+	FilterChains *FilterChainManager
+}
+
+// RouteConfigUpdate contains information received in an RDS response, which is
+// of interest to the registered RDS watcher.
+type RouteConfigUpdate struct {
+	VirtualHosts []*VirtualHost
+
+	// Raw is the resource from the xds response.
+	Raw *anypb.Any
+}
+
+// VirtualHost contains the routes for a list of Domains.
+//
+// Note that the domains in this slice can be a wildcard, not an exact string.
+// The consumer of this struct needs to find the best match for its hostname.
+type VirtualHost struct {
+	Domains []string
+	// Routes contains a list of routes, each containing matchers and
+	// corresponding action.
+	Routes []*Route
+	// HTTPFilterConfigOverride contains any HTTP filter config overrides for
+	// the virtual host which may be present.  An individual filter's override
+	// may be unused if the matching Route contains an override for that
+	// filter.
+	HTTPFilterConfigOverride map[string]httpfilter.FilterConfig
+}
+
+// Route is both a specification of how to match a request as well as an
+// indication of the action to take upon match.
+type Route struct {
+	Path   *string
+	Prefix *string
+	Regex  *regexp.Regexp
+	// Indicates if prefix/path matching should be case insensitive. The default
+	// is false (case sensitive).
+	CaseInsensitive bool
+	Headers         []*HeaderMatcher
+	Fraction        *uint32
+
+	// If the matchers above indicate a match, the below configuration is used.
+	WeightedClusters map[string]WeightedCluster
+	// If MaxStreamDuration is nil, it indicates neither of the route action's
+	// max_stream_duration fields (grpc_timeout_header_max nor
+	// max_stream_duration) were set.  In this case, the ListenerUpdate's
+	// MaxStreamDuration field should be used.  If MaxStreamDuration is set to
+	// an explicit zero duration, the application's deadline should be used.
+	MaxStreamDuration *time.Duration
+	// HTTPFilterConfigOverride contains any HTTP filter config overrides for
+	// the route which may be present.  An individual filter's override may be
+	// unused if the matching WeightedCluster contains an override for that
+	// filter.
+	HTTPFilterConfigOverride map[string]httpfilter.FilterConfig
+}
+
+// WeightedCluster contains settings for an xds RouteAction.WeightedCluster.
+type WeightedCluster struct {
+	// Weight is the relative weight of the cluster.  It will never be zero.
+	Weight uint32
+	// HTTPFilterConfigOverride contains any HTTP filter config overrides for
+	// the weighted cluster which may be present.
+	HTTPFilterConfigOverride map[string]httpfilter.FilterConfig
+}
+
+// HeaderMatcher represents header matchers.
+type HeaderMatcher struct {
+	Name         string
+	InvertMatch  *bool
+	ExactMatch   *string
+	RegexMatch   *regexp.Regexp
+	PrefixMatch  *string
+	SuffixMatch  *string
+	RangeMatch   *Int64Range
+	PresentMatch *bool
+}
+
+// Int64Range is a range for header range match.
+type Int64Range struct {
+	Start int64
+	End   int64
+}
+
+// SecurityConfig contains the security configuration received as part of the
+// Cluster resource on the client-side, and as part of the Listener resource on
+// the server-side.
+type SecurityConfig struct {
+	// RootInstanceName identifies the certProvider plugin to be used to fetch
+	// root certificates. This instance name will be resolved to the plugin name
+	// and its associated configuration from the certificate_providers field of
+	// the bootstrap file.
+	RootInstanceName string
+	// RootCertName is the certificate name to be passed to the plugin (looked
+	// up from the bootstrap file) while fetching root certificates.
+	RootCertName string
+	// IdentityInstanceName identifies the certProvider plugin to be used to
+	// fetch identity certificates. This instance name will be resolved to the
+	// plugin name and its associated configuration from the
+	// certificate_providers field of the bootstrap file.
+	IdentityInstanceName string
+	// IdentityCertName is the certificate name to be passed to the plugin
+	// (looked up from the bootstrap file) while fetching identity certificates.
+	IdentityCertName string
+	// SubjectAltNameMatchers is an optional list of match criteria for SANs
+	// specified on the peer certificate. Used only on the client-side.
+	//
+	// Some intricacies:
+	// - If this field is empty, then any peer certificate is accepted.
+	// - If the peer certificate contains a wildcard DNS SAN, and an `exact`
+	//   matcher is configured, a wildcard DNS match is performed instead of a
+	//   regular string comparison.
+	SubjectAltNameMatchers []xds.StringMatcher
+	// RequireClientCert indicates if the server handshake process expects the
+	// client to present a certificate. Set to true when performing mTLS. Used
+	// only on the server-side.
+	RequireClientCert bool
+}
+
+// ClusterType is the type of cluster from a received CDS response.
+type ClusterType int
+
+const (
+	// ClusterTypeEDS represents the EDS cluster type, which will delegate endpoint
+	// discovery to the management server.
+	ClusterTypeEDS ClusterType = iota
+	// ClusterTypeLogicalDNS represents the Logical DNS cluster type, which essentially
+	// maps to the gRPC behavior of using the DNS resolver with pick_first LB policy.
+	ClusterTypeLogicalDNS
+	// ClusterTypeAggregate represents the Aggregate Cluster type, which provides a
+	// prioritized list of clusters to use. It is used for failover between clusters
+	// with a different configuration.
+	ClusterTypeAggregate
+)
+
+// ClusterUpdate contains information from a received CDS response, which is of
+// interest to the registered CDS watcher.
+type ClusterUpdate struct {
+	ClusterType ClusterType
+	// ServiceName is the service name corresponding to the clusterName which
+	// is being watched for through CDS.
+	ServiceName string
+	// EnableLRS indicates whether or not load should be reported through LRS.
+	EnableLRS bool
+	// SecurityCfg contains security configuration sent by the control plane.
+	SecurityCfg *SecurityConfig
+	// MaxRequests for circuit breaking, if any (otherwise nil).
+	MaxRequests *uint32
+
+	// Raw is the resource from the xds response.
+	Raw *anypb.Any
+
+	// PrioritizedClusterNames is used only for cluster type aggregate. It represents
+	// a prioritized list of cluster names.
+	PrioritizedClusterNames []string
+}
+
+// OverloadDropConfig contains the config to drop overloads.
+type OverloadDropConfig struct {
+	Category    string
+	Numerator   uint32
+	Denominator uint32
+}
+
+// EndpointHealthStatus represents the health status of an endpoint.
+type EndpointHealthStatus int32
+
+const (
+	// EndpointHealthStatusUnknown represents HealthStatus UNKNOWN.
+	EndpointHealthStatusUnknown EndpointHealthStatus = iota
+	// EndpointHealthStatusHealthy represents HealthStatus HEALTHY.
+	EndpointHealthStatusHealthy
+	// EndpointHealthStatusUnhealthy represents HealthStatus UNHEALTHY.
+	EndpointHealthStatusUnhealthy
+	// EndpointHealthStatusDraining represents HealthStatus DRAINING.
+	EndpointHealthStatusDraining
+	// EndpointHealthStatusTimeout represents HealthStatus TIMEOUT.
+	EndpointHealthStatusTimeout
+	// EndpointHealthStatusDegraded represents HealthStatus DEGRADED.
+	EndpointHealthStatusDegraded
+)
+
+// Endpoint contains information of an endpoint.
+type Endpoint struct {
+	Address      string
+	HealthStatus EndpointHealthStatus
+	Weight       uint32
+}
+
+// Locality contains information of a locality.
+type Locality struct {
+	Endpoints []Endpoint
+	ID        internal.LocalityID
+	Priority  uint32
+	Weight    uint32
+}
+
+// EndpointsUpdate contains an EDS update.
+type EndpointsUpdate struct {
+	Drops      []OverloadDropConfig
+	Localities []Locality
+
+	// Raw is the resource from the xds response.
+	Raw *anypb.Any
+}
+
+// Function to be overridden in tests.
+var newAPIClient = func(apiVersion version.TransportAPI, cc *grpc.ClientConn, opts BuildOptions) (APIClient, error) {
+	cb := getAPIClientBuilder(apiVersion)
+	if cb == nil {
+		return nil, fmt.Errorf("no client builder for xDS API version: %v", apiVersion)
+	}
+	return cb.Build(cc, opts)
+}
+
+// clientImpl is the real implementation of the xds client. The exported Client
+// is a wrapper of this struct with a ref count.
+//
+// Implements UpdateHandler interface.
+// TODO(easwars): Make a wrapper struct which implements this interface in the
+// style of ccBalancerWrapper so that the Client type does not implement these
+// exported methods.
+type clientImpl struct {
+	done               *grpcsync.Event
+	config             *bootstrap.Config
+	cc                 *grpc.ClientConn // Connection to the management server.
+	apiClient          APIClient
+	watchExpiryTimeout time.Duration
+
+	logger *grpclog.PrefixLogger
+
+	updateCh *buffer.Unbounded // chan *watcherInfoWithUpdate
+	// All the following maps are to keep the updates/metadata in a cache.
+	// TODO: move them to a separate struct/package, to cleanup the xds_client.
+	// And CSDS handler can be implemented directly by the cache.
+	mu          sync.Mutex
+	ldsWatchers map[string]map[*watchInfo]bool
+	ldsVersion  string // Only used in CSDS.
+	ldsCache    map[string]ListenerUpdate
+	ldsMD       map[string]UpdateMetadata
+	rdsWatchers map[string]map[*watchInfo]bool
+	rdsVersion  string // Only used in CSDS.
+	rdsCache    map[string]RouteConfigUpdate
+	rdsMD       map[string]UpdateMetadata
+	cdsWatchers map[string]map[*watchInfo]bool
+	cdsVersion  string // Only used in CSDS.
+	cdsCache    map[string]ClusterUpdate
+	cdsMD       map[string]UpdateMetadata
+	edsWatchers map[string]map[*watchInfo]bool
+	edsVersion  string // Only used in CSDS.
+	edsCache    map[string]EndpointsUpdate
+	edsMD       map[string]UpdateMetadata
+
+	// Changes to map lrsClients and the lrsClient inside the map need to be
+	// protected by lrsMu.
+	lrsMu      sync.Mutex
+	lrsClients map[string]*lrsClient
+}
+
+// newWithConfig returns a new xdsClient with the given config.
+func newWithConfig(config *bootstrap.Config, watchExpiryTimeout time.Duration) (*clientImpl, error) {
+	switch {
+	case config.BalancerName == "":
+		return nil, errors.New("xds: no xds_server name provided in options")
+	case config.Creds == nil:
+		return nil, errors.New("xds: no credentials provided in options")
+	case config.NodeProto == nil:
+		return nil, errors.New("xds: no node_proto provided in options")
+	}
+
+	switch config.TransportAPI {
+	case version.TransportV2:
+		if _, ok := config.NodeProto.(*v2corepb.Node); !ok {
+			return nil, fmt.Errorf("xds: Node proto type (%T) does not match API version: %v", config.NodeProto, config.TransportAPI)
+		}
+	case version.TransportV3:
+		if _, ok := config.NodeProto.(*v3corepb.Node); !ok {
+			return nil, fmt.Errorf("xds: Node proto type (%T) does not match API version: %v", config.NodeProto, config.TransportAPI)
+		}
+	}
+
+	dopts := []grpc.DialOption{
+		config.Creds,
+		grpc.WithKeepaliveParams(keepalive.ClientParameters{
+			Time:    5 * time.Minute,
+			Timeout: 20 * time.Second,
+		}),
+	}
+
+	c := &clientImpl{
+		done:               grpcsync.NewEvent(),
+		config:             config,
+		watchExpiryTimeout: watchExpiryTimeout,
+
+		updateCh:    buffer.NewUnbounded(),
+		ldsWatchers: make(map[string]map[*watchInfo]bool),
+		ldsCache:    make(map[string]ListenerUpdate),
+		ldsMD:       make(map[string]UpdateMetadata),
+		rdsWatchers: make(map[string]map[*watchInfo]bool),
+		rdsCache:    make(map[string]RouteConfigUpdate),
+		rdsMD:       make(map[string]UpdateMetadata),
+		cdsWatchers: make(map[string]map[*watchInfo]bool),
+		cdsCache:    make(map[string]ClusterUpdate),
+		cdsMD:       make(map[string]UpdateMetadata),
+		edsWatchers: make(map[string]map[*watchInfo]bool),
+		edsCache:    make(map[string]EndpointsUpdate),
+		edsMD:       make(map[string]UpdateMetadata),
+		lrsClients:  make(map[string]*lrsClient),
+	}
+
+	cc, err := grpc.Dial(config.BalancerName, dopts...)
+	if err != nil {
+		// An error from a non-blocking dial indicates something serious.
+		return nil, fmt.Errorf("xds: failed to dial balancer {%s}: %v", config.BalancerName, err)
+	}
+	c.cc = cc
+	c.logger = prefixLogger((c))
+	c.logger.Infof("Created ClientConn to xDS management server: %s", config.BalancerName)
+
+	apiClient, err := newAPIClient(config.TransportAPI, cc, BuildOptions{
+		Parent:    c,
+		NodeProto: config.NodeProto,
+		Backoff:   backoff.DefaultExponential.Backoff,
+		Logger:    c.logger,
+	})
+	if err != nil {
+		return nil, err
+	}
+	c.apiClient = apiClient
+	c.logger.Infof("Created")
+	go c.run()
+	return c, nil
+}
+
+// BootstrapConfig returns the configuration read from the bootstrap file.
+// Callers must treat the return value as read-only.
+func (c *Client) BootstrapConfig() *bootstrap.Config {
+	return c.config
+}
+
+// run is a goroutine for all the callbacks.
+//
+// Callback can be called in watch(), if an item is found in cache. Without this
+// goroutine, the callback will be called inline, which might cause a deadlock
+// in user's code. Callbacks also cannot be simple `go callback()` because the
+// order matters.
+func (c *clientImpl) run() {
+	for {
+		select {
+		case t := <-c.updateCh.Get():
+			c.updateCh.Load()
+			if c.done.HasFired() {
+				return
+			}
+			c.callCallback(t.(*watcherInfoWithUpdate))
+		case <-c.done.Done():
+			return
+		}
+	}
+}
+
+// Close closes the gRPC connection to the management server.
+func (c *clientImpl) Close() {
+	if c.done.HasFired() {
+		return
+	}
+	c.done.Fire()
+	// TODO: Should we invoke the registered callbacks here with an error that
+	// the client is closed?
+	c.apiClient.Close()
+	c.cc.Close()
+	c.logger.Infof("Shutdown")
+}
+
+// ResourceType identifies resources in a transport protocol agnostic way. These
+// will be used in transport version agnostic code, while the versioned API
+// clients will map these to appropriate version URLs.
+type ResourceType int
+
+// Version agnostic resource type constants.
+const (
+	UnknownResource ResourceType = iota
+	ListenerResource
+	HTTPConnManagerResource
+	RouteConfigResource
+	ClusterResource
+	EndpointsResource
+)
+
+func (r ResourceType) String() string {
+	switch r {
+	case ListenerResource:
+		return "ListenerResource"
+	case HTTPConnManagerResource:
+		return "HTTPConnManagerResource"
+	case RouteConfigResource:
+		return "RouteConfigResource"
+	case ClusterResource:
+		return "ClusterResource"
+	case EndpointsResource:
+		return "EndpointsResource"
+	default:
+		return "UnknownResource"
+	}
+}
+
+// IsListenerResource returns true if the provider URL corresponds to an xDS
+// Listener resource.
+func IsListenerResource(url string) bool {
+	return url == version.V2ListenerURL || url == version.V3ListenerURL
+}
+
+// IsHTTPConnManagerResource returns true if the provider URL corresponds to an xDS
+// HTTPConnManager resource.
+func IsHTTPConnManagerResource(url string) bool {
+	return url == version.V2HTTPConnManagerURL || url == version.V3HTTPConnManagerURL
+}
+
+// IsRouteConfigResource returns true if the provider URL corresponds to an xDS
+// RouteConfig resource.
+func IsRouteConfigResource(url string) bool {
+	return url == version.V2RouteConfigURL || url == version.V3RouteConfigURL
+}
+
+// IsClusterResource returns true if the provider URL corresponds to an xDS
+// Cluster resource.
+func IsClusterResource(url string) bool {
+	return url == version.V2ClusterURL || url == version.V3ClusterURL
+}
+
+// IsEndpointsResource returns true if the provider URL corresponds to an xDS
+// Endpoints resource.
+func IsEndpointsResource(url string) bool {
+	return url == version.V2EndpointsURL || url == version.V3EndpointsURL
+}
diff --git a/vendor/google.golang.org/grpc/xds/internal/client/dump.go b/vendor/google.golang.org/grpc/xds/internal/client/dump.go
new file mode 100644
index 00000000000..3fd18f6103b
--- /dev/null
+++ b/vendor/google.golang.org/grpc/xds/internal/client/dump.go
@@ -0,0 +1,123 @@
+/*
+ *
+ * Copyright 2021 gRPC authors.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ */
+
+package client
+
+import anypb "github.com/golang/protobuf/ptypes/any"
+
+// UpdateWithMD contains the raw message of the update and the metadata,
+// including version, raw message, timestamp.
+//
+// This is to be used for config dump and CSDS, not directly by users (like
+// resolvers/balancers).
+type UpdateWithMD struct {
+	MD  UpdateMetadata
+	Raw *anypb.Any
+}
+
+func rawFromCache(s string, cache interface{}) *anypb.Any {
+	switch c := cache.(type) {
+	case map[string]ListenerUpdate:
+		v, ok := c[s]
+		if !ok {
+			return nil
+		}
+		return v.Raw
+	case map[string]RouteConfigUpdate:
+		v, ok := c[s]
+		if !ok {
+			return nil
+		}
+		return v.Raw
+	case map[string]ClusterUpdate:
+		v, ok := c[s]
+		if !ok {
+			return nil
+		}
+		return v.Raw
+	case map[string]EndpointsUpdate:
+		v, ok := c[s]
+		if !ok {
+			return nil
+		}
+		return v.Raw
+	default:
+		return nil
+	}
+}
+
+func (c *clientImpl) dump(t ResourceType) (string, map[string]UpdateWithMD) {
+	c.mu.Lock()
+	defer c.mu.Unlock()
+
+	var (
+		version string
+		md      map[string]UpdateMetadata
+		cache   interface{}
+	)
+	switch t {
+	case ListenerResource:
+		version = c.ldsVersion
+		md = c.ldsMD
+		cache = c.ldsCache
+	case RouteConfigResource:
+		version = c.rdsVersion
+		md = c.rdsMD
+		cache = c.rdsCache
+	case ClusterResource:
+		version = c.cdsVersion
+		md = c.cdsMD
+		cache = c.cdsCache
+	case EndpointsResource:
+		version = c.edsVersion
+		md = c.edsMD
+		cache = c.edsCache
+	default:
+		c.logger.Errorf("dumping resource of unknown type: %v", t)
+		return "", nil
+	}
+
+	ret := make(map[string]UpdateWithMD, len(md))
+	for s, md := range md {
+		ret[s] = UpdateWithMD{
+			MD:  md,
+			Raw: rawFromCache(s, cache),
+		}
+	}
+	return version, ret
+}
+
+// DumpLDS returns the status and contents of LDS.
+func (c *clientImpl) DumpLDS() (string, map[string]UpdateWithMD) {
+	return c.dump(ListenerResource)
+}
+
+// DumpRDS returns the status and contents of RDS.
+func (c *clientImpl) DumpRDS() (string, map[string]UpdateWithMD) {
+	return c.dump(RouteConfigResource)
+}
+
+// DumpCDS returns the status and contents of CDS.
+func (c *clientImpl) DumpCDS() (string, map[string]UpdateWithMD) {
+	return c.dump(ClusterResource)
+}
+
+// DumpEDS returns the status and contents of EDS.
+func (c *clientImpl) DumpEDS() (string, map[string]UpdateWithMD) {
+	return c.dump(EndpointsResource)
+}
diff --git a/vendor/google.golang.org/grpc/xds/internal/client/errors.go b/vendor/google.golang.org/grpc/xds/internal/client/errors.go
new file mode 100644
index 00000000000..34ae2738db0
--- /dev/null
+++ b/vendor/google.golang.org/grpc/xds/internal/client/errors.go
@@ -0,0 +1,60 @@
+/*
+ *
+ * Copyright 2020 gRPC authors.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ */
+
+package client
+
+import "fmt"
+
+// ErrorType is the type of the error that the watcher will receive from the xds
+// client.
+type ErrorType int
+
+const (
+	// ErrorTypeUnknown indicates the error doesn't have a specific type. It is
+	// the default value, and is returned if the error is not an xds error.
+	ErrorTypeUnknown ErrorType = iota
+	// ErrorTypeConnection indicates a connection error from the gRPC client.
+	ErrorTypeConnection
+	// ErrorTypeResourceNotFound indicates a resource is not found from the xds
+	// response. It's typically returned if the resource is removed in the xds
+	// server.
+	ErrorTypeResourceNotFound
+)
+
+type xdsClientError struct {
+	t    ErrorType
+	desc string
+}
+
+func (e *xdsClientError) Error() string {
+	return e.desc
+}
+
+// NewErrorf creates an xds client error. The callbacks are called with this
+// error, to pass additional information about the error.
+func NewErrorf(t ErrorType, format string, args ...interface{}) error {
+	return &xdsClientError{t: t, desc: fmt.Sprintf(format, args...)}
+}
+
+// ErrType returns the error's type.
+func ErrType(e error) ErrorType {
+	if xe, ok := e.(*xdsClientError); ok {
+		return xe.t
+	}
+	return ErrorTypeUnknown
+}
diff --git a/vendor/google.golang.org/grpc/xds/internal/client/filter_chain.go b/vendor/google.golang.org/grpc/xds/internal/client/filter_chain.go
new file mode 100644
index 00000000000..66d26d03b63
--- /dev/null
+++ b/vendor/google.golang.org/grpc/xds/internal/client/filter_chain.go
@@ -0,0 +1,633 @@
+/*
+ *
+ * Copyright 2021 gRPC authors.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ */
+
+package client
+
+import (
+	"errors"
+	"fmt"
+	"net"
+
+	v3listenerpb "github.com/envoyproxy/go-control-plane/envoy/config/listener/v3"
+	v3tlspb "github.com/envoyproxy/go-control-plane/envoy/extensions/transport_sockets/tls/v3"
+	"github.com/golang/protobuf/proto"
+
+	"google.golang.org/grpc/xds/internal/version"
+)
+
+const (
+	// Used as the map key for unspecified prefixes. The actual value of this
+	// key is immaterial.
+	unspecifiedPrefixMapKey = "unspecified"
+
+	// An unspecified destination or source prefix should be considered a less
+	// specific match than a wildcard prefix, `0.0.0.0/0` or `::/0`. Also, an
+	// unspecified prefix should match most v4 and v6 addresses compared to the
+	// wildcard prefixes which match only a specific network (v4 or v6).
+	//
+	// We use these constants when looking up the most specific prefix match. A
+	// wildcard prefix will match 0 bits, and to make sure that a wildcard
+	// prefix is considered a more specific match than an unspecified prefix, we
+	// use a value of -1 for the latter.
+	noPrefixMatch          = -2
+	unspecifiedPrefixMatch = -1
+)
+
+// FilterChain captures information from within a FilterChain message in a
+// Listener resource.
+//
+// Currently, this simply contains the security configuration found in the
+// 'transport_socket' field of the filter chain. The actual set of filters
+// associated with this filter chain are not captured here, since we do not
+// support these filters on the server-side yet.
+type FilterChain struct {
+	// SecurityCfg contains transport socket security configuration.
+	SecurityCfg *SecurityConfig
+}
+
+// SourceType specifies the connection source IP match type.
+type SourceType int
+
+const (
+	// SourceTypeAny matches connection attempts from any source.
+	SourceTypeAny SourceType = iota
+	// SourceTypeSameOrLoopback matches connection attempts from the same host.
+	SourceTypeSameOrLoopback
+	// SourceTypeExternal matches connection attempts from a different host.
+	SourceTypeExternal
+)
+
+// FilterChainManager contains all the match criteria specified through all
+// filter chains in a single Listener resource. It also contains the default
+// filter chain specified in the Listener resource. It provides two important
+// pieces of functionality:
+// 1. Validate the filter chains in an incoming Listener resource to make sure
+//    that there aren't filter chains which contain the same match criteria.
+// 2. As part of performing the above validation, it builds an internal data
+//    structure which will if used to look up the matching filter chain at
+//    connection time.
+//
+// The logic specified in the documentation around the xDS FilterChainMatch
+// proto mentions 8 criteria to match on.
+// The following order applies:
+//
+// 1. Destination port.
+// 2. Destination IP address.
+// 3. Server name (e.g. SNI for TLS protocol),
+// 4. Transport protocol.
+// 5. Application protocols (e.g. ALPN for TLS protocol).
+// 6. Source type (e.g. any, local or external network).
+// 7. Source IP address.
+// 8. Source port.
+type FilterChainManager struct {
+	// Destination prefix is the first match criteria that we support.
+	// Therefore, this multi-stage map is indexed on destination prefixes
+	// specified in the match criteria.
+	// Unspecified destination prefix matches end up as a wildcard entry here
+	// with a key of 0.0.0.0/0.
+	dstPrefixMap map[string]*destPrefixEntry
+
+	// At connection time, we do not have the actual destination prefix to match
+	// on. We only have the real destination address of the incoming connection.
+	// This means that we cannot use the above map at connection time. This list
+	// contains the map entries from the above map that we can use at connection
+	// time to find matching destination prefixes in O(n) time.
+	//
+	// TODO: Implement LC-trie to support logarithmic time lookups. If that
+	// involves too much time/effort, sort this slice based on the netmask size.
+	dstPrefixes []*destPrefixEntry
+
+	def *FilterChain // Default filter chain, if specified.
+}
+
+// destPrefixEntry is the value type of the map indexed on destination prefixes.
+type destPrefixEntry struct {
+	// The actual destination prefix. Set to nil for unspecified prefixes.
+	net *net.IPNet
+	// We need to keep track of the transport protocols seen as part of the
+	// config validation (and internal structure building) phase. The only two
+	// values that we support are empty string and "raw_buffer", with the latter
+	// taking preference. Once we have seen one filter chain with "raw_buffer",
+	// we can drop everything other filter chain with an empty transport
+	// protocol.
+	rawBufferSeen bool
+	// For each specified source type in the filter chain match criteria, this
+	// array points to the set of specified source prefixes.
+	// Unspecified source type matches end up as a wildcard entry here with an
+	// index of 0, which actually represents the source type `ANY`.
+	srcTypeArr sourceTypesArray
+}
+
+// An array for the fixed number of source types that we have.
+type sourceTypesArray [3]*sourcePrefixes
+
+// sourcePrefixes contains source prefix related information specified in the
+// match criteria. These are pointed to by the array of source types.
+type sourcePrefixes struct {
+	// These are very similar to the 'dstPrefixMap' and 'dstPrefixes' field of
+	// FilterChainManager. Go there for more info.
+	srcPrefixMap map[string]*sourcePrefixEntry
+	srcPrefixes  []*sourcePrefixEntry
+}
+
+// sourcePrefixEntry contains match criteria per source prefix.
+type sourcePrefixEntry struct {
+	// The actual destination prefix. Set to nil for unspecified prefixes.
+	net *net.IPNet
+	// Mapping from source ports specified in the match criteria to the actual
+	// filter chain. Unspecified source port matches en up as a wildcard entry
+	// here with a key of 0.
+	srcPortMap map[int]*FilterChain
+}
+
+// NewFilterChainManager parses the received Listener resource and builds a
+// FilterChainManager. Returns a non-nil error on validation failures.
+//
+// This function is only exported so that tests outside of this package can
+// create a FilterChainManager.
+func NewFilterChainManager(lis *v3listenerpb.Listener) (*FilterChainManager, error) {
+	// Parse all the filter chains and build the internal data structures.
+	fci := &FilterChainManager{dstPrefixMap: make(map[string]*destPrefixEntry)}
+	if err := fci.addFilterChains(lis.GetFilterChains()); err != nil {
+		return nil, err
+	}
+	// Build the source and dest prefix slices used by Lookup().
+	fcSeen := false
+	for _, dstPrefix := range fci.dstPrefixMap {
+		fci.dstPrefixes = append(fci.dstPrefixes, dstPrefix)
+		for _, st := range dstPrefix.srcTypeArr {
+			if st == nil {
+				continue
+			}
+			for _, srcPrefix := range st.srcPrefixMap {
+				st.srcPrefixes = append(st.srcPrefixes, srcPrefix)
+				for _, fc := range srcPrefix.srcPortMap {
+					if fc != nil {
+						fcSeen = true
+					}
+				}
+			}
+		}
+	}
+
+	// Retrieve the default filter chain. The match criteria specified on the
+	// default filter chain is never used. The default filter chain simply gets
+	// used when none of the other filter chains match.
+	var def *FilterChain
+	if dfc := lis.GetDefaultFilterChain(); dfc != nil {
+		var err error
+		if def, err = filterChainFromProto(dfc); err != nil {
+			return nil, err
+		}
+	}
+	fci.def = def
+
+	// If there are no supported filter chains and no default filter chain, we
+	// fail here. This will call the Listener resource to be NACK'ed.
+	if !fcSeen && fci.def == nil {
+		return nil, fmt.Errorf("no supported filter chains and no default filter chain")
+	}
+	return fci, nil
+}
+
+// addFilterChains parses the filter chains in fcs and adds the required
+// internal data structures corresponding to the match criteria.
+func (fci *FilterChainManager) addFilterChains(fcs []*v3listenerpb.FilterChain) error {
+	for _, fc := range fcs {
+		fcm := fc.GetFilterChainMatch()
+		if fcm.GetDestinationPort().GetValue() != 0 {
+			// Destination port is the first match criteria and we do not
+			// support filter chains which contains this match criteria.
+			logger.Warningf("Dropping filter chain %+v since it contains unsupported destination_port match field", fc)
+			continue
+		}
+
+		// Build the internal representation of the filter chain match fields.
+		if err := fci.addFilterChainsForDestPrefixes(fc); err != nil {
+			return err
+		}
+	}
+
+	return nil
+}
+
+func (fci *FilterChainManager) addFilterChainsForDestPrefixes(fc *v3listenerpb.FilterChain) error {
+	var dstPrefixes []*net.IPNet
+	for _, pr := range fc.GetFilterChainMatch().GetPrefixRanges() {
+		cidr := fmt.Sprintf("%s/%d", pr.GetAddressPrefix(), pr.GetPrefixLen().GetValue())
+		_, ipnet, err := net.ParseCIDR(cidr)
+		if err != nil {
+			return fmt.Errorf("failed to parse destination prefix range: %+v", pr)
+		}
+		dstPrefixes = append(dstPrefixes, ipnet)
+	}
+
+	if len(dstPrefixes) == 0 {
+		// Use the unspecified entry when destination prefix is unspecified, and
+		// set the `net` field to nil.
+		if fci.dstPrefixMap[unspecifiedPrefixMapKey] == nil {
+			fci.dstPrefixMap[unspecifiedPrefixMapKey] = &destPrefixEntry{}
+		}
+		return fci.addFilterChainsForServerNames(fci.dstPrefixMap[unspecifiedPrefixMapKey], fc)
+	}
+	for _, prefix := range dstPrefixes {
+		p := prefix.String()
+		if fci.dstPrefixMap[p] == nil {
+			fci.dstPrefixMap[p] = &destPrefixEntry{net: prefix}
+		}
+		if err := fci.addFilterChainsForServerNames(fci.dstPrefixMap[p], fc); err != nil {
+			return err
+		}
+	}
+	return nil
+}
+
+func (fci *FilterChainManager) addFilterChainsForServerNames(dstEntry *destPrefixEntry, fc *v3listenerpb.FilterChain) error {
+	// Filter chains specifying server names in their match criteria always fail
+	// a match at connection time. So, these filter chains can be dropped now.
+	if len(fc.GetFilterChainMatch().GetServerNames()) != 0 {
+		logger.Warningf("Dropping filter chain %+v since it contains unsupported server_names match field", fc)
+		return nil
+	}
+
+	return fci.addFilterChainsForTransportProtocols(dstEntry, fc)
+}
+
+func (fci *FilterChainManager) addFilterChainsForTransportProtocols(dstEntry *destPrefixEntry, fc *v3listenerpb.FilterChain) error {
+	tp := fc.GetFilterChainMatch().GetTransportProtocol()
+	switch {
+	case tp != "" && tp != "raw_buffer":
+		// Only allow filter chains with transport protocol set to empty string
+		// or "raw_buffer".
+		logger.Warningf("Dropping filter chain %+v since it contains unsupported value for transport_protocols match field", fc)
+		return nil
+	case tp == "" && dstEntry.rawBufferSeen:
+		// If we have already seen filter chains with transport protocol set to
+		// "raw_buffer", we can drop filter chains with transport protocol set
+		// to empty string, since the former takes precedence.
+		logger.Warningf("Dropping filter chain %+v since it contains unsupported value for transport_protocols match field", fc)
+		return nil
+	case tp != "" && !dstEntry.rawBufferSeen:
+		// This is the first "raw_buffer" that we are seeing. Set the bit and
+		// reset the source types array which might contain entries for filter
+		// chains with transport protocol set to empty string.
+		dstEntry.rawBufferSeen = true
+		dstEntry.srcTypeArr = sourceTypesArray{}
+	}
+	return fci.addFilterChainsForApplicationProtocols(dstEntry, fc)
+}
+
+func (fci *FilterChainManager) addFilterChainsForApplicationProtocols(dstEntry *destPrefixEntry, fc *v3listenerpb.FilterChain) error {
+	if len(fc.GetFilterChainMatch().GetApplicationProtocols()) != 0 {
+		logger.Warningf("Dropping filter chain %+v since it contains unsupported application_protocols match field", fc)
+		return nil
+	}
+	return fci.addFilterChainsForSourceType(dstEntry, fc)
+}
+
+// addFilterChainsForSourceType adds source types to the internal data
+// structures and delegates control to addFilterChainsForSourcePrefixes to
+// continue building the internal data structure.
+func (fci *FilterChainManager) addFilterChainsForSourceType(dstEntry *destPrefixEntry, fc *v3listenerpb.FilterChain) error {
+	var srcType SourceType
+	switch st := fc.GetFilterChainMatch().GetSourceType(); st {
+	case v3listenerpb.FilterChainMatch_ANY:
+		srcType = SourceTypeAny
+	case v3listenerpb.FilterChainMatch_SAME_IP_OR_LOOPBACK:
+		srcType = SourceTypeSameOrLoopback
+	case v3listenerpb.FilterChainMatch_EXTERNAL:
+		srcType = SourceTypeExternal
+	default:
+		return fmt.Errorf("unsupported source type: %v", st)
+	}
+
+	st := int(srcType)
+	if dstEntry.srcTypeArr[st] == nil {
+		dstEntry.srcTypeArr[st] = &sourcePrefixes{srcPrefixMap: make(map[string]*sourcePrefixEntry)}
+	}
+	return fci.addFilterChainsForSourcePrefixes(dstEntry.srcTypeArr[st].srcPrefixMap, fc)
+}
+
+// addFilterChainsForSourcePrefixes adds source prefixes to the internal data
+// structures and delegates control to addFilterChainsForSourcePorts to continue
+// building the internal data structure.
+func (fci *FilterChainManager) addFilterChainsForSourcePrefixes(srcPrefixMap map[string]*sourcePrefixEntry, fc *v3listenerpb.FilterChain) error {
+	var srcPrefixes []*net.IPNet
+	for _, pr := range fc.GetFilterChainMatch().GetSourcePrefixRanges() {
+		cidr := fmt.Sprintf("%s/%d", pr.GetAddressPrefix(), pr.GetPrefixLen().GetValue())
+		_, ipnet, err := net.ParseCIDR(cidr)
+		if err != nil {
+			return fmt.Errorf("failed to parse source prefix range: %+v", pr)
+		}
+		srcPrefixes = append(srcPrefixes, ipnet)
+	}
+
+	if len(srcPrefixes) == 0 {
+		// Use the unspecified entry when destination prefix is unspecified, and
+		// set the `net` field to nil.
+		if srcPrefixMap[unspecifiedPrefixMapKey] == nil {
+			srcPrefixMap[unspecifiedPrefixMapKey] = &sourcePrefixEntry{
+				srcPortMap: make(map[int]*FilterChain),
+			}
+		}
+		return fci.addFilterChainsForSourcePorts(srcPrefixMap[unspecifiedPrefixMapKey], fc)
+	}
+	for _, prefix := range srcPrefixes {
+		p := prefix.String()
+		if srcPrefixMap[p] == nil {
+			srcPrefixMap[p] = &sourcePrefixEntry{
+				net:        prefix,
+				srcPortMap: make(map[int]*FilterChain),
+			}
+		}
+		if err := fci.addFilterChainsForSourcePorts(srcPrefixMap[p], fc); err != nil {
+			return err
+		}
+	}
+	return nil
+}
+
+// addFilterChainsForSourcePorts adds source ports to the internal data
+// structures and completes the process of building the internal data structure.
+// It is here that we determine if there are multiple filter chains with
+// overlapping matching rules.
+func (fci *FilterChainManager) addFilterChainsForSourcePorts(srcEntry *sourcePrefixEntry, fcProto *v3listenerpb.FilterChain) error {
+	var srcPorts []int
+	for _, port := range fcProto.GetFilterChainMatch().GetSourcePorts() {
+		srcPorts = append(srcPorts, int(port))
+	}
+
+	fc, err := filterChainFromProto(fcProto)
+	if err != nil {
+		return err
+	}
+
+	if len(srcPorts) == 0 {
+		// Use the wildcard port '0', when source ports are unspecified.
+		if curFC := srcEntry.srcPortMap[0]; curFC != nil {
+			return errors.New("multiple filter chains with overlapping matching rules are defined")
+		}
+		srcEntry.srcPortMap[0] = fc
+		return nil
+	}
+	for _, port := range srcPorts {
+		if curFC := srcEntry.srcPortMap[port]; curFC != nil {
+			return errors.New("multiple filter chains with overlapping matching rules are defined")
+		}
+		srcEntry.srcPortMap[port] = fc
+	}
+	return nil
+}
+
+// filterChainFromProto extracts the relevant information from the FilterChain
+// proto and stores it in our internal representation. Currently, we only
+// process the security configuration stored in the transport_socket field.
+func filterChainFromProto(fc *v3listenerpb.FilterChain) (*FilterChain, error) {
+	// If the transport_socket field is not specified, it means that the control
+	// plane has not sent us any security config. This is fine and the server
+	// will use the fallback credentials configured as part of the
+	// xdsCredentials.
+	ts := fc.GetTransportSocket()
+	if ts == nil {
+		return &FilterChain{}, nil
+	}
+	if name := ts.GetName(); name != transportSocketName {
+		return nil, fmt.Errorf("transport_socket field has unexpected name: %s", name)
+	}
+	any := ts.GetTypedConfig()
+	if any == nil || any.TypeUrl != version.V3DownstreamTLSContextURL {
+		return nil, fmt.Errorf("transport_socket field has unexpected typeURL: %s", any.TypeUrl)
+	}
+	downstreamCtx := &v3tlspb.DownstreamTlsContext{}
+	if err := proto.Unmarshal(any.GetValue(), downstreamCtx); err != nil {
+		return nil, fmt.Errorf("failed to unmarshal DownstreamTlsContext in LDS response: %v", err)
+	}
+	if downstreamCtx.GetCommonTlsContext() == nil {
+		return nil, errors.New("DownstreamTlsContext in LDS response does not contain a CommonTlsContext")
+	}
+	sc, err := securityConfigFromCommonTLSContext(downstreamCtx.GetCommonTlsContext())
+	if err != nil {
+		return nil, err
+	}
+	if sc.IdentityInstanceName == "" {
+		return nil, errors.New("security configuration on the server-side does not contain identity certificate provider instance name")
+	}
+	sc.RequireClientCert = downstreamCtx.GetRequireClientCertificate().GetValue()
+	if sc.RequireClientCert && sc.RootInstanceName == "" {
+		return nil, errors.New("security configuration on the server-side does not contain root certificate provider instance name, but require_client_cert field is set")
+	}
+	return &FilterChain{SecurityCfg: sc}, nil
+}
+
+// FilterChainLookupParams wraps parameters to be passed to Lookup.
+type FilterChainLookupParams struct {
+	// IsUnspecified indicates whether the server is listening on a wildcard
+	// address, "0.0.0.0" for IPv4 and "::" for IPv6. Only when this is set to
+	// true, do we consider the destination prefixes specified in the filter
+	// chain match criteria.
+	IsUnspecifiedListener bool
+	// DestAddr is the local address of an incoming connection.
+	DestAddr net.IP
+	// SourceAddr is the remote address of an incoming connection.
+	SourceAddr net.IP
+	// SourcePort is the remote port of an incoming connection.
+	SourcePort int
+}
+
+// Lookup returns the most specific matching filter chain to be used for an
+// incoming connection on the server side.
+//
+// Returns a non-nil error if no matching filter chain could be found or
+// multiple matching filter chains were found, and in both cases, the incoming
+// connection must be dropped.
+func (fci *FilterChainManager) Lookup(params FilterChainLookupParams) (*FilterChain, error) {
+	dstPrefixes := filterByDestinationPrefixes(fci.dstPrefixes, params.IsUnspecifiedListener, params.DestAddr)
+	if len(dstPrefixes) == 0 {
+		if fci.def != nil {
+			return fci.def, nil
+		}
+		return nil, fmt.Errorf("no matching filter chain based on destination prefix match for %+v", params)
+	}
+
+	srcType := SourceTypeExternal
+	if params.SourceAddr.Equal(params.DestAddr) || params.SourceAddr.IsLoopback() {
+		srcType = SourceTypeSameOrLoopback
+	}
+	srcPrefixes := filterBySourceType(dstPrefixes, srcType)
+	if len(srcPrefixes) == 0 {
+		if fci.def != nil {
+			return fci.def, nil
+		}
+		return nil, fmt.Errorf("no matching filter chain based on source type match for %+v", params)
+	}
+	srcPrefixEntry, err := filterBySourcePrefixes(srcPrefixes, params.SourceAddr)
+	if err != nil {
+		return nil, err
+	}
+	if fc := filterBySourcePorts(srcPrefixEntry, params.SourcePort); fc != nil {
+		return fc, nil
+	}
+	if fci.def != nil {
+		return fci.def, nil
+	}
+	return nil, fmt.Errorf("no matching filter chain after all match criteria for %+v", params)
+}
+
+// filterByDestinationPrefixes is the first stage of the filter chain
+// matching algorithm. It takes the complete set of configured filter chain
+// matchers and returns the most specific matchers based on the destination
+// prefix match criteria (the prefixes which match the most number of bits).
+func filterByDestinationPrefixes(dstPrefixes []*destPrefixEntry, isUnspecified bool, dstAddr net.IP) []*destPrefixEntry {
+	if !isUnspecified {
+		// Destination prefix matchers are considered only when the listener is
+		// bound to the wildcard address.
+		return dstPrefixes
+	}
+
+	var matchingDstPrefixes []*destPrefixEntry
+	maxSubnetMatch := noPrefixMatch
+	for _, prefix := range dstPrefixes {
+		if prefix.net != nil && !prefix.net.Contains(dstAddr) {
+			// Skip prefixes which don't match.
+			continue
+		}
+		// For unspecified prefixes, since we do not store a real net.IPNet
+		// inside prefix, we do not perform a match. Instead we simply set
+		// the matchSize to -1, which is less than the matchSize (0) for a
+		// wildcard prefix.
+		matchSize := unspecifiedPrefixMatch
+		if prefix.net != nil {
+			matchSize, _ = prefix.net.Mask.Size()
+		}
+		if matchSize < maxSubnetMatch {
+			continue
+		}
+		if matchSize > maxSubnetMatch {
+			maxSubnetMatch = matchSize
+			matchingDstPrefixes = make([]*destPrefixEntry, 0, 1)
+		}
+		matchingDstPrefixes = append(matchingDstPrefixes, prefix)
+	}
+	return matchingDstPrefixes
+}
+
+// filterBySourceType is the second stage of the matching algorithm. It
+// trims the filter chains based on the most specific source type match.
+func filterBySourceType(dstPrefixes []*destPrefixEntry, srcType SourceType) []*sourcePrefixes {
+	var (
+		srcPrefixes      []*sourcePrefixes
+		bestSrcTypeMatch int
+	)
+	for _, prefix := range dstPrefixes {
+		var (
+			srcPrefix *sourcePrefixes
+			match     int
+		)
+		switch srcType {
+		case SourceTypeExternal:
+			match = int(SourceTypeExternal)
+			srcPrefix = prefix.srcTypeArr[match]
+		case SourceTypeSameOrLoopback:
+			match = int(SourceTypeSameOrLoopback)
+			srcPrefix = prefix.srcTypeArr[match]
+		}
+		if srcPrefix == nil {
+			match = int(SourceTypeAny)
+			srcPrefix = prefix.srcTypeArr[match]
+		}
+		if match < bestSrcTypeMatch {
+			continue
+		}
+		if match > bestSrcTypeMatch {
+			bestSrcTypeMatch = match
+			srcPrefixes = make([]*sourcePrefixes, 0)
+		}
+		if srcPrefix != nil {
+			// The source type array always has 3 entries, but these could be
+			// nil if the appropriate source type match was not specified.
+			srcPrefixes = append(srcPrefixes, srcPrefix)
+		}
+	}
+	return srcPrefixes
+}
+
+// filterBySourcePrefixes is the third stage of the filter chain matching
+// algorithm. It trims the filter chains based on the source prefix. At most one
+// filter chain with the most specific match progress to the next stage.
+func filterBySourcePrefixes(srcPrefixes []*sourcePrefixes, srcAddr net.IP) (*sourcePrefixEntry, error) {
+	var matchingSrcPrefixes []*sourcePrefixEntry
+	maxSubnetMatch := noPrefixMatch
+	for _, sp := range srcPrefixes {
+		for _, prefix := range sp.srcPrefixes {
+			if prefix.net != nil && !prefix.net.Contains(srcAddr) {
+				// Skip prefixes which don't match.
+				continue
+			}
+			// For unspecified prefixes, since we do not store a real net.IPNet
+			// inside prefix, we do not perform a match. Instead we simply set
+			// the matchSize to -1, which is less than the matchSize (0) for a
+			// wildcard prefix.
+			matchSize := unspecifiedPrefixMatch
+			if prefix.net != nil {
+				matchSize, _ = prefix.net.Mask.Size()
+			}
+			if matchSize < maxSubnetMatch {
+				continue
+			}
+			if matchSize > maxSubnetMatch {
+				maxSubnetMatch = matchSize
+				matchingSrcPrefixes = make([]*sourcePrefixEntry, 0, 1)
+			}
+			matchingSrcPrefixes = append(matchingSrcPrefixes, prefix)
+		}
+	}
+	if len(matchingSrcPrefixes) == 0 {
+		// Finding no match is not an error condition. The caller will end up
+		// using the default filter chain if one was configured.
+		return nil, nil
+	}
+	// We expect at most a single matching source prefix entry at this point. If
+	// we have multiple entries here, and some of their source port matchers had
+	// wildcard entries, we could be left with more than one matching filter
+	// chain and hence would have been flagged as an invalid configuration at
+	// config validation time.
+	if len(matchingSrcPrefixes) != 1 {
+		return nil, errors.New("multiple matching filter chains")
+	}
+	return matchingSrcPrefixes[0], nil
+}
+
+// filterBySourcePorts is the last stage of the filter chain matching
+// algorithm. It trims the filter chains based on the source ports.
+func filterBySourcePorts(spe *sourcePrefixEntry, srcPort int) *FilterChain {
+	if spe == nil {
+		return nil
+	}
+	// A match could be a wildcard match (this happens when the match
+	// criteria does not specify source ports) or a specific port match (this
+	// happens when the match criteria specifies a set of ports and the source
+	// port of the incoming connection matches one of the specified ports). The
+	// latter is considered to be a more specific match.
+	if fc := spe.srcPortMap[srcPort]; fc != nil {
+		return fc
+	}
+	if fc := spe.srcPortMap[0]; fc != nil {
+		return fc
+	}
+	return nil
+}
diff --git a/vendor/google.golang.org/grpc/xds/internal/client/load/reporter.go b/vendor/google.golang.org/grpc/xds/internal/client/load/reporter.go
new file mode 100644
index 00000000000..67e29e5bae1
--- /dev/null
+++ b/vendor/google.golang.org/grpc/xds/internal/client/load/reporter.go
@@ -0,0 +1,27 @@
+/*
+ *
+ * Copyright 2020 gRPC authors.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ */
+
+package load
+
+// PerClusterReporter wraps the methods from the loadStore that are used here.
+type PerClusterReporter interface {
+	CallStarted(locality string)
+	CallFinished(locality string, err error)
+	CallServerLoad(locality, name string, val float64)
+	CallDropped(category string)
+}
diff --git a/vendor/google.golang.org/grpc/xds/internal/client/load/store.go b/vendor/google.golang.org/grpc/xds/internal/client/load/store.go
new file mode 100644
index 00000000000..551a5147b6b
--- /dev/null
+++ b/vendor/google.golang.org/grpc/xds/internal/client/load/store.go
@@ -0,0 +1,426 @@
+/*
+ * Copyright 2020 gRPC authors.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+// Package load provides functionality to record and maintain load data.
+package load
+
+import (
+	"sync"
+	"sync/atomic"
+	"time"
+)
+
+const negativeOneUInt64 = ^uint64(0)
+
+// Store keeps the loads for multiple clusters and services to be reported via
+// LRS. It contains loads to reported to one LRS server. Create multiple stores
+// for multiple servers.
+//
+// It is safe for concurrent use.
+type Store struct {
+	// mu only protects the map (2 layers). The read/write to *perClusterStore
+	// doesn't need to hold the mu.
+	mu sync.Mutex
+	// clusters is a map with cluster name as the key. The second layer is a map
+	// with service name as the key. Each value (perClusterStore) contains data
+	// for a (cluster, service) pair.
+	//
+	// Note that new entries are added to this map, but never removed. This is
+	// potentially a memory leak. But the memory is allocated for each new
+	// (cluster,service) pair, and the memory allocated is just pointers and
+	// maps. So this shouldn't get too bad.
+	clusters map[string]map[string]*perClusterStore
+}
+
+// NewStore creates a Store.
+func NewStore() *Store {
+	return &Store{
+		clusters: make(map[string]map[string]*perClusterStore),
+	}
+}
+
+// Stats returns the load data for the given cluster names. Data is returned in
+// a slice with no specific order.
+//
+// If no clusterName is given (an empty slice), all data for all known clusters
+// is returned.
+//
+// If a cluster's Data is empty (no load to report), it's not appended to the
+// returned slice.
+func (s *Store) Stats(clusterNames []string) []*Data {
+	var ret []*Data
+	s.mu.Lock()
+	defer s.mu.Unlock()
+
+	if len(clusterNames) == 0 {
+		for _, c := range s.clusters {
+			ret = appendClusterStats(ret, c)
+		}
+		return ret
+	}
+
+	for _, n := range clusterNames {
+		if c, ok := s.clusters[n]; ok {
+			ret = appendClusterStats(ret, c)
+		}
+	}
+	return ret
+}
+
+// appendClusterStats gets Data for the given cluster, append to ret, and return
+// the new slice.
+//
+// Data is only appended to ret if it's not empty.
+func appendClusterStats(ret []*Data, cluster map[string]*perClusterStore) []*Data {
+	for _, d := range cluster {
+		data := d.stats()
+		if data == nil {
+			// Skip this data if it doesn't contain any information.
+			continue
+		}
+		ret = append(ret, data)
+	}
+	return ret
+}
+
+// PerCluster returns the perClusterStore for the given clusterName +
+// serviceName.
+func (s *Store) PerCluster(clusterName, serviceName string) PerClusterReporter {
+	if s == nil {
+		return nil
+	}
+
+	s.mu.Lock()
+	defer s.mu.Unlock()
+	c, ok := s.clusters[clusterName]
+	if !ok {
+		c = make(map[string]*perClusterStore)
+		s.clusters[clusterName] = c
+	}
+
+	if p, ok := c[serviceName]; ok {
+		return p
+	}
+	p := &perClusterStore{
+		cluster: clusterName,
+		service: serviceName,
+	}
+	c[serviceName] = p
+	return p
+}
+
+// perClusterStore is a repository for LB policy implementations to report store
+// load data. It contains load for a (cluster, edsService) pair.
+//
+// It is safe for concurrent use.
+//
+// TODO(easwars): Use regular maps with mutexes instead of sync.Map here. The
+// latter is optimized for two common use cases: (1) when the entry for a given
+// key is only ever written once but read many times, as in caches that only
+// grow, or (2) when multiple goroutines read, write, and overwrite entries for
+// disjoint sets of keys. In these two cases, use of a Map may significantly
+// reduce lock contention compared to a Go map paired with a separate Mutex or
+// RWMutex.
+// Neither of these conditions are met here, and we should transition to a
+// regular map with a mutex for better type safety.
+type perClusterStore struct {
+	cluster, service string
+	drops            sync.Map // map[string]*uint64
+	localityRPCCount sync.Map // map[string]*rpcCountData
+
+	mu               sync.Mutex
+	lastLoadReportAt time.Time
+}
+
+// Update functions are called by picker for each RPC. To avoid contention, all
+// updates are done atomically.
+
+// CallDropped adds one drop record with the given category to store.
+func (ls *perClusterStore) CallDropped(category string) {
+	if ls == nil {
+		return
+	}
+
+	p, ok := ls.drops.Load(category)
+	if !ok {
+		tp := new(uint64)
+		p, _ = ls.drops.LoadOrStore(category, tp)
+	}
+	atomic.AddUint64(p.(*uint64), 1)
+}
+
+// CallStarted adds one call started record for the given locality.
+func (ls *perClusterStore) CallStarted(locality string) {
+	if ls == nil {
+		return
+	}
+
+	p, ok := ls.localityRPCCount.Load(locality)
+	if !ok {
+		tp := newRPCCountData()
+		p, _ = ls.localityRPCCount.LoadOrStore(locality, tp)
+	}
+	p.(*rpcCountData).incrInProgress()
+}
+
+// CallFinished adds one call finished record for the given locality.
+// For successful calls, err needs to be nil.
+func (ls *perClusterStore) CallFinished(locality string, err error) {
+	if ls == nil {
+		return
+	}
+
+	p, ok := ls.localityRPCCount.Load(locality)
+	if !ok {
+		// The map is never cleared, only values in the map are reset. So the
+		// case where entry for call-finish is not found should never happen.
+		return
+	}
+	p.(*rpcCountData).decrInProgress()
+	if err == nil {
+		p.(*rpcCountData).incrSucceeded()
+	} else {
+		p.(*rpcCountData).incrErrored()
+	}
+}
+
+// CallServerLoad adds one server load record for the given locality. The
+// load type is specified by desc, and its value by val.
+func (ls *perClusterStore) CallServerLoad(locality, name string, d float64) {
+	if ls == nil {
+		return
+	}
+
+	p, ok := ls.localityRPCCount.Load(locality)
+	if !ok {
+		// The map is never cleared, only values in the map are reset. So the
+		// case where entry for callServerLoad is not found should never happen.
+		return
+	}
+	p.(*rpcCountData).addServerLoad(name, d)
+}
+
+// Data contains all load data reported to the Store since the most recent call
+// to stats().
+type Data struct {
+	// Cluster is the name of the cluster this data is for.
+	Cluster string
+	// Service is the name of the EDS service this data is for.
+	Service string
+	// TotalDrops is the total number of dropped requests.
+	TotalDrops uint64
+	// Drops is the number of dropped requests per category.
+	Drops map[string]uint64
+	// LocalityStats contains load reports per locality.
+	LocalityStats map[string]LocalityData
+	// ReportInternal is the duration since last time load was reported (stats()
+	// was called).
+	ReportInterval time.Duration
+}
+
+// LocalityData contains load data for a single locality.
+type LocalityData struct {
+	// RequestStats contains counts of requests made to the locality.
+	RequestStats RequestData
+	// LoadStats contains server load data for requests made to the locality,
+	// indexed by the load type.
+	LoadStats map[string]ServerLoadData
+}
+
+// RequestData contains request counts.
+type RequestData struct {
+	// Succeeded is the number of succeeded requests.
+	Succeeded uint64
+	// Errored is the number of requests which ran into errors.
+	Errored uint64
+	// InProgress is the number of requests in flight.
+	InProgress uint64
+}
+
+// ServerLoadData contains server load data.
+type ServerLoadData struct {
+	// Count is the number of load reports.
+	Count uint64
+	// Sum is the total value of all load reports.
+	Sum float64
+}
+
+func newData(cluster, service string) *Data {
+	return &Data{
+		Cluster:       cluster,
+		Service:       service,
+		Drops:         make(map[string]uint64),
+		LocalityStats: make(map[string]LocalityData),
+	}
+}
+
+// stats returns and resets all loads reported to the store, except inProgress
+// rpc counts.
+//
+// It returns nil if the store doesn't contain any (new) data.
+func (ls *perClusterStore) stats() *Data {
+	if ls == nil {
+		return nil
+	}
+
+	sd := newData(ls.cluster, ls.service)
+	ls.drops.Range(func(key, val interface{}) bool {
+		d := atomic.SwapUint64(val.(*uint64), 0)
+		if d == 0 {
+			return true
+		}
+		sd.TotalDrops += d
+		keyStr := key.(string)
+		if keyStr != "" {
+			// Skip drops without category. They are counted in total_drops, but
+			// not in per category. One example is drops by circuit breaking.
+			sd.Drops[keyStr] = d
+		}
+		return true
+	})
+	ls.localityRPCCount.Range(func(key, val interface{}) bool {
+		countData := val.(*rpcCountData)
+		succeeded := countData.loadAndClearSucceeded()
+		inProgress := countData.loadInProgress()
+		errored := countData.loadAndClearErrored()
+		if succeeded == 0 && inProgress == 0 && errored == 0 {
+			return true
+		}
+
+		ld := LocalityData{
+			RequestStats: RequestData{
+				Succeeded:  succeeded,
+				Errored:    errored,
+				InProgress: inProgress,
+			},
+			LoadStats: make(map[string]ServerLoadData),
+		}
+		countData.serverLoads.Range(func(key, val interface{}) bool {
+			sum, count := val.(*rpcLoadData).loadAndClear()
+			if count == 0 {
+				return true
+			}
+			ld.LoadStats[key.(string)] = ServerLoadData{
+				Count: count,
+				Sum:   sum,
+			}
+			return true
+		})
+		sd.LocalityStats[key.(string)] = ld
+		return true
+	})
+
+	ls.mu.Lock()
+	sd.ReportInterval = time.Since(ls.lastLoadReportAt)
+	ls.lastLoadReportAt = time.Now()
+	ls.mu.Unlock()
+
+	if sd.TotalDrops == 0 && len(sd.Drops) == 0 && len(sd.LocalityStats) == 0 {
+		return nil
+	}
+	return sd
+}
+
+type rpcCountData struct {
+	// Only atomic accesses are allowed for the fields.
+	succeeded  *uint64
+	errored    *uint64
+	inProgress *uint64
+
+	// Map from load desc to load data (sum+count). Loading data from map is
+	// atomic, but updating data takes a lock, which could cause contention when
+	// multiple RPCs try to report loads for the same desc.
+	//
+	// To fix the contention, shard this map.
+	serverLoads sync.Map // map[string]*rpcLoadData
+}
+
+func newRPCCountData() *rpcCountData {
+	return &rpcCountData{
+		succeeded:  new(uint64),
+		errored:    new(uint64),
+		inProgress: new(uint64),
+	}
+}
+
+func (rcd *rpcCountData) incrSucceeded() {
+	atomic.AddUint64(rcd.succeeded, 1)
+}
+
+func (rcd *rpcCountData) loadAndClearSucceeded() uint64 {
+	return atomic.SwapUint64(rcd.succeeded, 0)
+}
+
+func (rcd *rpcCountData) incrErrored() {
+	atomic.AddUint64(rcd.errored, 1)
+}
+
+func (rcd *rpcCountData) loadAndClearErrored() uint64 {
+	return atomic.SwapUint64(rcd.errored, 0)
+}
+
+func (rcd *rpcCountData) incrInProgress() {
+	atomic.AddUint64(rcd.inProgress, 1)
+}
+
+func (rcd *rpcCountData) decrInProgress() {
+	atomic.AddUint64(rcd.inProgress, negativeOneUInt64) // atomic.Add(x, -1)
+}
+
+func (rcd *rpcCountData) loadInProgress() uint64 {
+	return atomic.LoadUint64(rcd.inProgress) // InProgress count is not clear when reading.
+}
+
+func (rcd *rpcCountData) addServerLoad(name string, d float64) {
+	loads, ok := rcd.serverLoads.Load(name)
+	if !ok {
+		tl := newRPCLoadData()
+		loads, _ = rcd.serverLoads.LoadOrStore(name, tl)
+	}
+	loads.(*rpcLoadData).add(d)
+}
+
+// Data for server loads (from trailers or oob). Fields in this struct must be
+// updated consistently.
+//
+// The current solution is to hold a lock, which could cause contention. To fix,
+// shard serverLoads map in rpcCountData.
+type rpcLoadData struct {
+	mu    sync.Mutex
+	sum   float64
+	count uint64
+}
+
+func newRPCLoadData() *rpcLoadData {
+	return &rpcLoadData{}
+}
+
+func (rld *rpcLoadData) add(v float64) {
+	rld.mu.Lock()
+	rld.sum += v
+	rld.count++
+	rld.mu.Unlock()
+}
+
+func (rld *rpcLoadData) loadAndClear() (s float64, c uint64) {
+	rld.mu.Lock()
+	s = rld.sum
+	rld.sum = 0
+	c = rld.count
+	rld.count = 0
+	rld.mu.Unlock()
+	return
+}
diff --git a/vendor/google.golang.org/grpc/xds/internal/client/loadreport.go b/vendor/google.golang.org/grpc/xds/internal/client/loadreport.go
new file mode 100644
index 00000000000..be42a6e0c38
--- /dev/null
+++ b/vendor/google.golang.org/grpc/xds/internal/client/loadreport.go
@@ -0,0 +1,139 @@
+/*
+ *
+ * Copyright 2019 gRPC authors.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package client
+
+import (
+	"context"
+
+	"google.golang.org/grpc"
+	"google.golang.org/grpc/xds/internal/client/load"
+)
+
+// ReportLoad starts an load reporting stream to the given server. If the server
+// is not an empty string, and is different from the management server, a new
+// ClientConn will be created.
+//
+// The same options used for creating the Client will be used (including
+// NodeProto, and dial options if necessary).
+//
+// It returns a Store for the user to report loads, a function to cancel the
+// load reporting stream.
+func (c *clientImpl) ReportLoad(server string) (*load.Store, func()) {
+	c.lrsMu.Lock()
+	defer c.lrsMu.Unlock()
+
+	// If there's already a client to this server, use it. Otherwise, create
+	// one.
+	lrsC, ok := c.lrsClients[server]
+	if !ok {
+		lrsC = newLRSClient(c, server)
+		c.lrsClients[server] = lrsC
+	}
+
+	store := lrsC.ref()
+	return store, func() {
+		// This is a callback, need to hold lrsMu.
+		c.lrsMu.Lock()
+		defer c.lrsMu.Unlock()
+		if lrsC.unRef() {
+			// Delete the lrsClient from map if this is the last reference.
+			delete(c.lrsClients, server)
+		}
+	}
+}
+
+// lrsClient maps to one lrsServer. It contains:
+// - a ClientConn to this server (only if it's different from the management
+// server)
+// - a load.Store that contains loads only for this server
+type lrsClient struct {
+	parent *clientImpl
+	server string
+
+	cc           *grpc.ClientConn // nil if the server is same as the management server
+	refCount     int
+	cancelStream func()
+	loadStore    *load.Store
+}
+
+// newLRSClient creates a new LRS stream to the server.
+func newLRSClient(parent *clientImpl, server string) *lrsClient {
+	return &lrsClient{
+		parent:   parent,
+		server:   server,
+		refCount: 0,
+	}
+}
+
+// ref increments the refCount. If this is the first ref, it starts the LRS stream.
+//
+// Not thread-safe, caller needs to synchronize.
+func (lrsC *lrsClient) ref() *load.Store {
+	lrsC.refCount++
+	if lrsC.refCount == 1 {
+		lrsC.startStream()
+	}
+	return lrsC.loadStore
+}
+
+// unRef decrements the refCount, and closes the stream if refCount reaches 0
+// (and close the cc if cc is not xDS cc). It returns whether refCount reached 0
+// after this call.
+//
+// Not thread-safe, caller needs to synchronize.
+func (lrsC *lrsClient) unRef() (closed bool) {
+	lrsC.refCount--
+	if lrsC.refCount != 0 {
+		return false
+	}
+	lrsC.parent.logger.Infof("Stopping load report to server: %s", lrsC.server)
+	lrsC.cancelStream()
+	if lrsC.cc != nil {
+		lrsC.cc.Close()
+	}
+	return true
+}
+
+// startStream starts the LRS stream to the server. If server is not the same
+// management server from the parent, it also creates a ClientConn.
+func (lrsC *lrsClient) startStream() {
+	var cc *grpc.ClientConn
+
+	lrsC.parent.logger.Infof("Starting load report to server: %s", lrsC.server)
+	if lrsC.server == "" || lrsC.server == lrsC.parent.config.BalancerName {
+		// Reuse the xDS client if server is the same.
+		cc = lrsC.parent.cc
+	} else {
+		lrsC.parent.logger.Infof("LRS server is different from management server, starting a new ClientConn")
+		ccNew, err := grpc.Dial(lrsC.server, lrsC.parent.config.Creds)
+		if err != nil {
+			// An error from a non-blocking dial indicates something serious.
+			lrsC.parent.logger.Infof("xds: failed to dial load report server {%s}: %v", lrsC.server, err)
+			return
+		}
+		cc = ccNew
+		lrsC.cc = ccNew
+	}
+
+	var ctx context.Context
+	ctx, lrsC.cancelStream = context.WithCancel(context.Background())
+
+	// Create the store and stream.
+	lrsC.loadStore = load.NewStore()
+	go lrsC.parent.apiClient.reportLoad(ctx, cc, loadReportingOptions{loadStore: lrsC.loadStore})
+}
diff --git a/vendor/google.golang.org/grpc/xds/internal/client/logging.go b/vendor/google.golang.org/grpc/xds/internal/client/logging.go
new file mode 100644
index 00000000000..bff3fb1d3df
--- /dev/null
+++ b/vendor/google.golang.org/grpc/xds/internal/client/logging.go
@@ -0,0 +1,34 @@
+/*
+ *
+ * Copyright 2020 gRPC authors.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ */
+
+package client
+
+import (
+	"fmt"
+
+	"google.golang.org/grpc/grpclog"
+	internalgrpclog "google.golang.org/grpc/internal/grpclog"
+)
+
+const prefix = "[xds-client %p] "
+
+var logger = grpclog.Component("xds")
+
+func prefixLogger(p *clientImpl) *internalgrpclog.PrefixLogger {
+	return internalgrpclog.NewPrefixLogger(logger, fmt.Sprintf(prefix, p))
+}
diff --git a/vendor/google.golang.org/grpc/xds/internal/client/requests_counter.go b/vendor/google.golang.org/grpc/xds/internal/client/requests_counter.go
new file mode 100644
index 00000000000..f033e192099
--- /dev/null
+++ b/vendor/google.golang.org/grpc/xds/internal/client/requests_counter.go
@@ -0,0 +1,86 @@
+/*
+ *
+ * Copyright 2020 gRPC authors.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ */
+
+package client
+
+import (
+	"fmt"
+	"sync"
+	"sync/atomic"
+)
+
+type servicesRequestsCounter struct {
+	mu       sync.Mutex
+	services map[string]*ServiceRequestsCounter
+}
+
+var src = &servicesRequestsCounter{
+	services: make(map[string]*ServiceRequestsCounter),
+}
+
+// ServiceRequestsCounter is used to track the total inflight requests for a
+// service with the provided name.
+type ServiceRequestsCounter struct {
+	ServiceName string
+	numRequests uint32
+}
+
+// GetServiceRequestsCounter returns the ServiceRequestsCounter with the
+// provided serviceName. If one does not exist, it creates it.
+func GetServiceRequestsCounter(serviceName string) *ServiceRequestsCounter {
+	src.mu.Lock()
+	defer src.mu.Unlock()
+	c, ok := src.services[serviceName]
+	if !ok {
+		c = &ServiceRequestsCounter{ServiceName: serviceName}
+		src.services[serviceName] = c
+	}
+	return c
+}
+
+// StartRequest starts a request for a service, incrementing its number of
+// requests by 1. Returns an error if the max number of requests is exceeded.
+func (c *ServiceRequestsCounter) StartRequest(max uint32) error {
+	// Note that during race, the limits could be exceeded. This is allowed:
+	// "Since the implementation is eventually consistent, races between threads
+	// may allow limits to be potentially exceeded."
+	// https://www.envoyproxy.io/docs/envoy/latest/intro/arch_overview/upstream/circuit_breaking#arch-overview-circuit-break.
+	if atomic.LoadUint32(&c.numRequests) >= max {
+		return fmt.Errorf("max requests %v exceeded on service %v", max, c.ServiceName)
+	}
+	atomic.AddUint32(&c.numRequests, 1)
+	return nil
+}
+
+// EndRequest ends a request for a service, decrementing its number of requests
+// by 1.
+func (c *ServiceRequestsCounter) EndRequest() {
+	atomic.AddUint32(&c.numRequests, ^uint32(0))
+}
+
+// ClearCounterForTesting clears the counter for the service. Should be only
+// used in tests.
+func ClearCounterForTesting(serviceName string) {
+	src.mu.Lock()
+	defer src.mu.Unlock()
+	c, ok := src.services[serviceName]
+	if !ok {
+		return
+	}
+	c.numRequests = 0
+}
diff --git a/vendor/google.golang.org/grpc/xds/internal/client/singleton.go b/vendor/google.golang.org/grpc/xds/internal/client/singleton.go
new file mode 100644
index 00000000000..99f195341ac
--- /dev/null
+++ b/vendor/google.golang.org/grpc/xds/internal/client/singleton.go
@@ -0,0 +1,143 @@
+/*
+ *
+ * Copyright 2020 gRPC authors.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ */
+
+package client
+
+import (
+	"fmt"
+	"sync"
+	"time"
+
+	"google.golang.org/grpc/xds/internal/client/bootstrap"
+)
+
+const defaultWatchExpiryTimeout = 15 * time.Second
+
+// This is the Client returned by New(). It contains one client implementation,
+// and maintains the refcount.
+var singletonClient = &Client{}
+
+// To override in tests.
+var bootstrapNewConfig = bootstrap.NewConfig
+
+// Client is a full fledged gRPC client which queries a set of discovery APIs
+// (collectively termed as xDS) on a remote management server, to discover
+// various dynamic resources.
+//
+// The xds client is a singleton. It will be shared by the xds resolver and
+// balancer implementations, across multiple ClientConns and Servers.
+type Client struct {
+	*clientImpl
+
+	// This mu protects all the fields, including the embedded clientImpl above.
+	mu       sync.Mutex
+	refCount int
+}
+
+// New returns a new xdsClient configured by the bootstrap file specified in env
+// variable GRPC_XDS_BOOTSTRAP or GRPC_XDS_BOOTSTRAP_CONFIG.
+//
+// The returned xdsClient is a singleton. This function creates the xds client
+// if it doesn't already exist.
+//
+// Note that the first invocation of New() or NewWithConfig() sets the client
+// singleton. The following calls will return the singleton xds client without
+// checking or using the config.
+func New() (*Client, error) {
+	singletonClient.mu.Lock()
+	defer singletonClient.mu.Unlock()
+	// If the client implementation was created, increment ref count and return
+	// the client.
+	if singletonClient.clientImpl != nil {
+		singletonClient.refCount++
+		return singletonClient, nil
+	}
+
+	// Create the new client implementation.
+	config, err := bootstrapNewConfig()
+	if err != nil {
+		return nil, fmt.Errorf("xds: failed to read bootstrap file: %v", err)
+	}
+	c, err := newWithConfig(config, defaultWatchExpiryTimeout)
+	if err != nil {
+		return nil, err
+	}
+
+	singletonClient.clientImpl = c
+	singletonClient.refCount++
+	return singletonClient, nil
+}
+
+// NewWithConfig returns a new xdsClient configured by the given config.
+//
+// The returned xdsClient is a singleton. This function creates the xds client
+// if it doesn't already exist.
+//
+// Note that the first invocation of New() or NewWithConfig() sets the client
+// singleton. The following calls will return the singleton xds client without
+// checking or using the config.
+//
+// This function is internal only, for c2p resolver to use. DO NOT use this
+// elsewhere. Use New() instead.
+func NewWithConfig(config *bootstrap.Config) (*Client, error) {
+	singletonClient.mu.Lock()
+	defer singletonClient.mu.Unlock()
+	// If the client implementation was created, increment ref count and return
+	// the client.
+	if singletonClient.clientImpl != nil {
+		singletonClient.refCount++
+		return singletonClient, nil
+	}
+
+	// Create the new client implementation.
+	c, err := newWithConfig(config, defaultWatchExpiryTimeout)
+	if err != nil {
+		return nil, err
+	}
+
+	singletonClient.clientImpl = c
+	singletonClient.refCount++
+	return singletonClient, nil
+}
+
+// Close closes the client. It does ref count of the xds client implementation,
+// and closes the gRPC connection to the management server when ref count
+// reaches 0.
+func (c *Client) Close() {
+	c.mu.Lock()
+	defer c.mu.Unlock()
+	c.refCount--
+	if c.refCount == 0 {
+		c.clientImpl.Close()
+		// Set clientImpl back to nil. So if New() is called after this, a new
+		// implementation will be created.
+		c.clientImpl = nil
+	}
+}
+
+// NewWithConfigForTesting is exported for testing only.
+//
+// Note that this function doesn't set the singleton, so that the testing states
+// don't leak.
+func NewWithConfigForTesting(config *bootstrap.Config, watchExpiryTimeout time.Duration) (*Client, error) {
+	cl, err := newWithConfig(config, watchExpiryTimeout)
+	if err != nil {
+		return nil, err
+	}
+	return &Client{clientImpl: cl, refCount: 1}, nil
+}
diff --git a/vendor/google.golang.org/grpc/xds/internal/client/transport_helper.go b/vendor/google.golang.org/grpc/xds/internal/client/transport_helper.go
new file mode 100644
index 00000000000..671e5b3220f
--- /dev/null
+++ b/vendor/google.golang.org/grpc/xds/internal/client/transport_helper.go
@@ -0,0 +1,508 @@
+/*
+ *
+ * Copyright 2020 gRPC authors.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ */
+
+package client
+
+import (
+	"context"
+	"sync"
+	"time"
+
+	"github.com/golang/protobuf/proto"
+	"google.golang.org/grpc/xds/internal/client/load"
+
+	"google.golang.org/grpc"
+	"google.golang.org/grpc/internal/buffer"
+	"google.golang.org/grpc/internal/grpclog"
+)
+
+// ErrResourceTypeUnsupported is an error used to indicate an unsupported xDS
+// resource type. The wrapped ErrStr contains the details.
+type ErrResourceTypeUnsupported struct {
+	ErrStr string
+}
+
+// Error helps implements the error interface.
+func (e ErrResourceTypeUnsupported) Error() string {
+	return e.ErrStr
+}
+
+// VersionedClient is the interface to be provided by the transport protocol
+// specific client implementations. This mainly deals with the actual sending
+// and receiving of messages.
+type VersionedClient interface {
+	// NewStream returns a new xDS client stream specific to the underlying
+	// transport protocol version.
+	NewStream(ctx context.Context) (grpc.ClientStream, error)
+
+	// SendRequest constructs and sends out a DiscoveryRequest message specific
+	// to the underlying transport protocol version.
+	SendRequest(s grpc.ClientStream, resourceNames []string, rType ResourceType, version, nonce, errMsg string) error
+
+	// RecvResponse uses the provided stream to receive a response specific to
+	// the underlying transport protocol version.
+	RecvResponse(s grpc.ClientStream) (proto.Message, error)
+
+	// HandleResponse parses and validates the received response and notifies
+	// the top-level client which in turn notifies the registered watchers.
+	//
+	// Return values are: resourceType, version, nonce, error.
+	// If the provided protobuf message contains a resource type which is not
+	// supported, implementations must return an error of type
+	// ErrResourceTypeUnsupported.
+	HandleResponse(proto.Message) (ResourceType, string, string, error)
+
+	// NewLoadStatsStream returns a new LRS client stream specific to the underlying
+	// transport protocol version.
+	NewLoadStatsStream(ctx context.Context, cc *grpc.ClientConn) (grpc.ClientStream, error)
+
+	// SendFirstLoadStatsRequest constructs and sends the first request on the
+	// LRS stream.
+	SendFirstLoadStatsRequest(s grpc.ClientStream) error
+
+	// HandleLoadStatsResponse receives the first response from the server which
+	// contains the load reporting interval and the clusters for which the
+	// server asks the client to report load for.
+	//
+	// If the response sets SendAllClusters to true, the returned clusters is
+	// nil.
+	HandleLoadStatsResponse(s grpc.ClientStream) (clusters []string, _ time.Duration, _ error)
+
+	// SendLoadStatsRequest will be invoked at regular intervals to send load
+	// report with load data reported since the last time this method was
+	// invoked.
+	SendLoadStatsRequest(s grpc.ClientStream, loads []*load.Data) error
+}
+
+// TransportHelper contains all xDS transport protocol related functionality
+// which is common across different versioned client implementations.
+//
+// TransportHelper takes care of sending and receiving xDS requests and
+// responses on an ADS stream. It also takes care of ACK/NACK handling. It
+// delegates to the actual versioned client implementations wherever
+// appropriate.
+//
+// Implements the APIClient interface which makes it possible for versioned
+// client implementations to embed this type, and thereby satisfy the interface
+// requirements.
+type TransportHelper struct {
+	cancelCtx context.CancelFunc
+
+	vClient  VersionedClient
+	logger   *grpclog.PrefixLogger
+	backoff  func(int) time.Duration
+	streamCh chan grpc.ClientStream
+	sendCh   *buffer.Unbounded
+
+	mu sync.Mutex
+	// Message specific watch infos, protected by the above mutex. These are
+	// written to, after successfully reading from the update channel, and are
+	// read from when recovering from a broken stream to resend the xDS
+	// messages. When the user of this client object cancels a watch call,
+	// these are set to nil. All accesses to the map protected and any value
+	// inside the map should be protected with the above mutex.
+	watchMap map[ResourceType]map[string]bool
+	// versionMap contains the version that was acked (the version in the ack
+	// request that was sent on wire). The key is rType, the value is the
+	// version string, becaues the versions for different resource types should
+	// be independent.
+	versionMap map[ResourceType]string
+	// nonceMap contains the nonce from the most recent received response.
+	nonceMap map[ResourceType]string
+}
+
+// NewTransportHelper creates a new transport helper to be used by versioned
+// client implementations.
+func NewTransportHelper(vc VersionedClient, logger *grpclog.PrefixLogger, backoff func(int) time.Duration) *TransportHelper {
+	ctx, cancelCtx := context.WithCancel(context.Background())
+	t := &TransportHelper{
+		cancelCtx: cancelCtx,
+		vClient:   vc,
+		logger:    logger,
+		backoff:   backoff,
+
+		streamCh:   make(chan grpc.ClientStream, 1),
+		sendCh:     buffer.NewUnbounded(),
+		watchMap:   make(map[ResourceType]map[string]bool),
+		versionMap: make(map[ResourceType]string),
+		nonceMap:   make(map[ResourceType]string),
+	}
+
+	go t.run(ctx)
+	return t
+}
+
+// AddWatch adds a watch for an xDS resource given its type and name.
+func (t *TransportHelper) AddWatch(rType ResourceType, resourceName string) {
+	t.sendCh.Put(&watchAction{
+		rType:    rType,
+		remove:   false,
+		resource: resourceName,
+	})
+}
+
+// RemoveWatch cancels an already registered watch for an xDS resource
+// given its type and name.
+func (t *TransportHelper) RemoveWatch(rType ResourceType, resourceName string) {
+	t.sendCh.Put(&watchAction{
+		rType:    rType,
+		remove:   true,
+		resource: resourceName,
+	})
+}
+
+// Close closes the transport helper.
+func (t *TransportHelper) Close() {
+	t.cancelCtx()
+}
+
+// run starts an ADS stream (and backs off exponentially, if the previous
+// stream failed without receiving a single reply) and runs the sender and
+// receiver routines to send and receive data from the stream respectively.
+func (t *TransportHelper) run(ctx context.Context) {
+	go t.send(ctx)
+	// TODO: start a goroutine monitoring ClientConn's connectivity state, and
+	// report error (and log) when stats is transient failure.
+
+	retries := 0
+	for {
+		select {
+		case <-ctx.Done():
+			return
+		default:
+		}
+
+		if retries != 0 {
+			timer := time.NewTimer(t.backoff(retries))
+			select {
+			case <-timer.C:
+			case <-ctx.Done():
+				if !timer.Stop() {
+					<-timer.C
+				}
+				return
+			}
+		}
+
+		retries++
+		stream, err := t.vClient.NewStream(ctx)
+		if err != nil {
+			t.logger.Warningf("xds: ADS stream creation failed: %v", err)
+			continue
+		}
+		t.logger.Infof("ADS stream created")
+
+		select {
+		case <-t.streamCh:
+		default:
+		}
+		t.streamCh <- stream
+		if t.recv(stream) {
+			retries = 0
+		}
+	}
+}
+
+// send is a separate goroutine for sending watch requests on the xds stream.
+//
+// It watches the stream channel for new streams, and the request channel for
+// new requests to send on the stream.
+//
+// For each new request (watchAction), it's
+//  - processed and added to the watch map
+//    - so resend will pick them up when there are new streams
+//  - sent on the current stream if there's one
+//    - the current stream is cleared when any send on it fails
+//
+// For each new stream, all the existing requests will be resent.
+//
+// Note that this goroutine doesn't do anything to the old stream when there's a
+// new one. In fact, there should be only one stream in progress, and new one
+// should only be created when the old one fails (recv returns an error).
+func (t *TransportHelper) send(ctx context.Context) {
+	var stream grpc.ClientStream
+	for {
+		select {
+		case <-ctx.Done():
+			return
+		case stream = <-t.streamCh:
+			if !t.sendExisting(stream) {
+				// send failed, clear the current stream.
+				stream = nil
+			}
+		case u := <-t.sendCh.Get():
+			t.sendCh.Load()
+
+			var (
+				target                 []string
+				rType                  ResourceType
+				version, nonce, errMsg string
+				send                   bool
+			)
+			switch update := u.(type) {
+			case *watchAction:
+				target, rType, version, nonce = t.processWatchInfo(update)
+			case *ackAction:
+				target, rType, version, nonce, send = t.processAckInfo(update, stream)
+				if !send {
+					continue
+				}
+				errMsg = update.errMsg
+			}
+			if stream == nil {
+				// There's no stream yet. Skip the request. This request
+				// will be resent to the new streams. If no stream is
+				// created, the watcher will timeout (same as server not
+				// sending response back).
+				continue
+			}
+			if err := t.vClient.SendRequest(stream, target, rType, version, nonce, errMsg); err != nil {
+				t.logger.Warningf("ADS request for {target: %q, type: %v, version: %q, nonce: %q} failed: %v", target, rType, version, nonce, err)
+				// send failed, clear the current stream.
+				stream = nil
+			}
+		}
+	}
+}
+
+// sendExisting sends out xDS requests for registered watchers when recovering
+// from a broken stream.
+//
+// We call stream.Send() here with the lock being held. It should be OK to do
+// that here because the stream has just started and Send() usually returns
+// quickly (once it pushes the message onto the transport layer) and is only
+// ever blocked if we don't have enough flow control quota.
+func (t *TransportHelper) sendExisting(stream grpc.ClientStream) bool {
+	t.mu.Lock()
+	defer t.mu.Unlock()
+
+	// Reset the ack versions when the stream restarts.
+	t.versionMap = make(map[ResourceType]string)
+	t.nonceMap = make(map[ResourceType]string)
+
+	for rType, s := range t.watchMap {
+		if err := t.vClient.SendRequest(stream, mapToSlice(s), rType, "", "", ""); err != nil {
+			t.logger.Warningf("ADS request failed: %v", err)
+			return false
+		}
+	}
+
+	return true
+}
+
+// recv receives xDS responses on the provided ADS stream and branches out to
+// message specific handlers.
+func (t *TransportHelper) recv(stream grpc.ClientStream) bool {
+	success := false
+	for {
+		resp, err := t.vClient.RecvResponse(stream)
+		if err != nil {
+			t.logger.Warningf("ADS stream is closed with error: %v", err)
+			return success
+		}
+		rType, version, nonce, err := t.vClient.HandleResponse(resp)
+		if e, ok := err.(ErrResourceTypeUnsupported); ok {
+			t.logger.Warningf("%s", e.ErrStr)
+			continue
+		}
+		if err != nil {
+			t.sendCh.Put(&ackAction{
+				rType:   rType,
+				version: "",
+				nonce:   nonce,
+				errMsg:  err.Error(),
+				stream:  stream,
+			})
+			t.logger.Warningf("Sending NACK for response type: %v, version: %v, nonce: %v, reason: %v", rType, version, nonce, err)
+			continue
+		}
+		t.sendCh.Put(&ackAction{
+			rType:   rType,
+			version: version,
+			nonce:   nonce,
+			stream:  stream,
+		})
+		t.logger.Infof("Sending ACK for response type: %v, version: %v, nonce: %v", rType, version, nonce)
+		success = true
+	}
+}
+
+func mapToSlice(m map[string]bool) (ret []string) {
+	for i := range m {
+		ret = append(ret, i)
+	}
+	return
+}
+
+type watchAction struct {
+	rType    ResourceType
+	remove   bool // Whether this is to remove watch for the resource.
+	resource string
+}
+
+// processWatchInfo pulls the fields needed by the request from a watchAction.
+//
+// It also updates the watch map.
+func (t *TransportHelper) processWatchInfo(w *watchAction) (target []string, rType ResourceType, ver, nonce string) {
+	t.mu.Lock()
+	defer t.mu.Unlock()
+
+	var current map[string]bool
+	current, ok := t.watchMap[w.rType]
+	if !ok {
+		current = make(map[string]bool)
+		t.watchMap[w.rType] = current
+	}
+
+	if w.remove {
+		delete(current, w.resource)
+		if len(current) == 0 {
+			delete(t.watchMap, w.rType)
+		}
+	} else {
+		current[w.resource] = true
+	}
+
+	rType = w.rType
+	target = mapToSlice(current)
+	// We don't reset version or nonce when a new watch is started. The version
+	// and nonce from previous response are carried by the request unless the
+	// stream is recreated.
+	ver = t.versionMap[rType]
+	nonce = t.nonceMap[rType]
+	return target, rType, ver, nonce
+}
+
+type ackAction struct {
+	rType   ResourceType
+	version string // NACK if version is an empty string.
+	nonce   string
+	errMsg  string // Empty unless it's a NACK.
+	// ACK/NACK are tagged with the stream it's for. When the stream is down,
+	// all the ACK/NACK for this stream will be dropped, and the version/nonce
+	// won't be updated.
+	stream grpc.ClientStream
+}
+
+// processAckInfo pulls the fields needed by the ack request from a ackAction.
+//
+// If no active watch is found for this ack, it returns false for send.
+func (t *TransportHelper) processAckInfo(ack *ackAction, stream grpc.ClientStream) (target []string, rType ResourceType, version, nonce string, send bool) {
+	if ack.stream != stream {
+		// If ACK's stream isn't the current sending stream, this means the ACK
+		// was pushed to queue before the old stream broke, and a new stream has
+		// been started since. Return immediately here so we don't update the
+		// nonce for the new stream.
+		return nil, UnknownResource, "", "", false
+	}
+	rType = ack.rType
+
+	t.mu.Lock()
+	defer t.mu.Unlock()
+
+	// Update the nonce no matter if we are going to send the ACK request on
+	// wire. We may not send the request if the watch is canceled. But the nonce
+	// needs to be updated so the next request will have the right nonce.
+	nonce = ack.nonce
+	t.nonceMap[rType] = nonce
+
+	s, ok := t.watchMap[rType]
+	if !ok || len(s) == 0 {
+		// We don't send the request ack if there's no active watch (this can be
+		// either the server sends responses before any request, or the watch is
+		// canceled while the ackAction is in queue), because there's no resource
+		// name. And if we send a request with empty resource name list, the
+		// server may treat it as a wild card and send us everything.
+		return nil, UnknownResource, "", "", false
+	}
+	send = true
+	target = mapToSlice(s)
+
+	version = ack.version
+	if version == "" {
+		// This is a nack, get the previous acked version.
+		version = t.versionMap[rType]
+		// version will still be an empty string if rType isn't
+		// found in versionMap, this can happen if there wasn't any ack
+		// before.
+	} else {
+		t.versionMap[rType] = version
+	}
+	return target, rType, version, nonce, send
+}
+
+// reportLoad starts an LRS stream to report load data to the management server.
+// It blocks until the context is cancelled.
+func (t *TransportHelper) reportLoad(ctx context.Context, cc *grpc.ClientConn, opts loadReportingOptions) {
+	retries := 0
+	for {
+		if ctx.Err() != nil {
+			return
+		}
+
+		if retries != 0 {
+			timer := time.NewTimer(t.backoff(retries))
+			select {
+			case <-timer.C:
+			case <-ctx.Done():
+				if !timer.Stop() {
+					<-timer.C
+				}
+				return
+			}
+		}
+
+		retries++
+		stream, err := t.vClient.NewLoadStatsStream(ctx, cc)
+		if err != nil {
+			logger.Warningf("lrs: failed to create stream: %v", err)
+			continue
+		}
+		logger.Infof("lrs: created LRS stream")
+
+		if err := t.vClient.SendFirstLoadStatsRequest(stream); err != nil {
+			logger.Warningf("lrs: failed to send first request: %v", err)
+			continue
+		}
+
+		clusters, interval, err := t.vClient.HandleLoadStatsResponse(stream)
+		if err != nil {
+			logger.Warning(err)
+			continue
+		}
+
+		retries = 0
+		t.sendLoads(ctx, stream, opts.loadStore, clusters, interval)
+	}
+}
+
+func (t *TransportHelper) sendLoads(ctx context.Context, stream grpc.ClientStream, store *load.Store, clusterNames []string, interval time.Duration) {
+	tick := time.NewTicker(interval)
+	defer tick.Stop()
+	for {
+		select {
+		case <-tick.C:
+		case <-ctx.Done():
+			return
+		}
+		if err := t.vClient.SendLoadStatsRequest(stream, store.Stats(clusterNames)); err != nil {
+			logger.Warning(err)
+			return
+		}
+	}
+}
diff --git a/vendor/google.golang.org/grpc/xds/internal/client/v2/client.go b/vendor/google.golang.org/grpc/xds/internal/client/v2/client.go
new file mode 100644
index 00000000000..b6bc4908120
--- /dev/null
+++ b/vendor/google.golang.org/grpc/xds/internal/client/v2/client.go
@@ -0,0 +1,215 @@
+/*
+ *
+ * Copyright 2019 gRPC authors.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ */
+
+// Package v2 provides xDS v2 transport protocol specific functionality.
+package v2
+
+import (
+	"context"
+	"fmt"
+
+	"github.com/golang/protobuf/proto"
+	"google.golang.org/grpc"
+	"google.golang.org/grpc/codes"
+	"google.golang.org/grpc/internal/grpclog"
+	xdsclient "google.golang.org/grpc/xds/internal/client"
+	"google.golang.org/grpc/xds/internal/version"
+
+	v2xdspb "github.com/envoyproxy/go-control-plane/envoy/api/v2"
+	v2corepb "github.com/envoyproxy/go-control-plane/envoy/api/v2/core"
+	v2adsgrpc "github.com/envoyproxy/go-control-plane/envoy/service/discovery/v2"
+	statuspb "google.golang.org/genproto/googleapis/rpc/status"
+)
+
+func init() {
+	xdsclient.RegisterAPIClientBuilder(clientBuilder{})
+}
+
+var (
+	resourceTypeToURL = map[xdsclient.ResourceType]string{
+		xdsclient.ListenerResource:    version.V2ListenerURL,
+		xdsclient.RouteConfigResource: version.V2RouteConfigURL,
+		xdsclient.ClusterResource:     version.V2ClusterURL,
+		xdsclient.EndpointsResource:   version.V2EndpointsURL,
+	}
+)
+
+type clientBuilder struct{}
+
+func (clientBuilder) Build(cc *grpc.ClientConn, opts xdsclient.BuildOptions) (xdsclient.APIClient, error) {
+	return newClient(cc, opts)
+}
+
+func (clientBuilder) Version() version.TransportAPI {
+	return version.TransportV2
+}
+
+func newClient(cc *grpc.ClientConn, opts xdsclient.BuildOptions) (xdsclient.APIClient, error) {
+	nodeProto, ok := opts.NodeProto.(*v2corepb.Node)
+	if !ok {
+		return nil, fmt.Errorf("xds: unsupported Node proto type: %T, want %T", opts.NodeProto, (*v2corepb.Node)(nil))
+	}
+	v2c := &client{
+		cc:        cc,
+		parent:    opts.Parent,
+		nodeProto: nodeProto,
+		logger:    opts.Logger,
+	}
+	v2c.ctx, v2c.cancelCtx = context.WithCancel(context.Background())
+	v2c.TransportHelper = xdsclient.NewTransportHelper(v2c, opts.Logger, opts.Backoff)
+	return v2c, nil
+}
+
+type adsStream v2adsgrpc.AggregatedDiscoveryService_StreamAggregatedResourcesClient
+
+// client performs the actual xDS RPCs using the xDS v2 API. It creates a
+// single ADS stream on which the different types of xDS requests and responses
+// are multiplexed.
+type client struct {
+	*xdsclient.TransportHelper
+
+	ctx       context.Context
+	cancelCtx context.CancelFunc
+	parent    xdsclient.UpdateHandler
+	logger    *grpclog.PrefixLogger
+
+	// ClientConn to the xDS gRPC server. Owned by the parent xdsClient.
+	cc        *grpc.ClientConn
+	nodeProto *v2corepb.Node
+}
+
+func (v2c *client) NewStream(ctx context.Context) (grpc.ClientStream, error) {
+	return v2adsgrpc.NewAggregatedDiscoveryServiceClient(v2c.cc).StreamAggregatedResources(v2c.ctx, grpc.WaitForReady(true))
+}
+
+// sendRequest sends out a DiscoveryRequest for the given resourceNames, of type
+// rType, on the provided stream.
+//
+// version is the ack version to be sent with the request
+// - If this is the new request (not an ack/nack), version will be empty.
+// - If this is an ack, version will be the version from the response.
+// - If this is a nack, version will be the previous acked version (from
+//   versionMap). If there was no ack before, it will be empty.
+func (v2c *client) SendRequest(s grpc.ClientStream, resourceNames []string, rType xdsclient.ResourceType, version, nonce, errMsg string) error {
+	stream, ok := s.(adsStream)
+	if !ok {
+		return fmt.Errorf("xds: Attempt to send request on unsupported stream type: %T", s)
+	}
+	req := &v2xdspb.DiscoveryRequest{
+		Node:          v2c.nodeProto,
+		TypeUrl:       resourceTypeToURL[rType],
+		ResourceNames: resourceNames,
+		VersionInfo:   version,
+		ResponseNonce: nonce,
+	}
+	if errMsg != "" {
+		req.ErrorDetail = &statuspb.Status{
+			Code: int32(codes.InvalidArgument), Message: errMsg,
+		}
+	}
+	if err := stream.Send(req); err != nil {
+		return fmt.Errorf("xds: stream.Send(%+v) failed: %v", req, err)
+	}
+	v2c.logger.Debugf("ADS request sent: %v", req)
+	return nil
+}
+
+// RecvResponse blocks on the receipt of one response message on the provided
+// stream.
+func (v2c *client) RecvResponse(s grpc.ClientStream) (proto.Message, error) {
+	stream, ok := s.(adsStream)
+	if !ok {
+		return nil, fmt.Errorf("xds: Attempt to receive response on unsupported stream type: %T", s)
+	}
+
+	resp, err := stream.Recv()
+	if err != nil {
+		// TODO: call watch callbacks with error when stream is broken.
+		return nil, fmt.Errorf("xds: stream.Recv() failed: %v", err)
+	}
+	v2c.logger.Infof("ADS response received, type: %v", resp.GetTypeUrl())
+	v2c.logger.Debugf("ADS response received: %v", resp)
+	return resp, nil
+}
+
+func (v2c *client) HandleResponse(r proto.Message) (xdsclient.ResourceType, string, string, error) {
+	rType := xdsclient.UnknownResource
+	resp, ok := r.(*v2xdspb.DiscoveryResponse)
+	if !ok {
+		return rType, "", "", fmt.Errorf("xds: unsupported message type: %T", resp)
+	}
+
+	// Note that the xDS transport protocol is versioned independently of
+	// the resource types, and it is supported to transfer older versions
+	// of resource types using new versions of the transport protocol, or
+	// vice-versa. Hence we need to handle v3 type_urls as well here.
+	var err error
+	url := resp.GetTypeUrl()
+	switch {
+	case xdsclient.IsListenerResource(url):
+		err = v2c.handleLDSResponse(resp)
+		rType = xdsclient.ListenerResource
+	case xdsclient.IsRouteConfigResource(url):
+		err = v2c.handleRDSResponse(resp)
+		rType = xdsclient.RouteConfigResource
+	case xdsclient.IsClusterResource(url):
+		err = v2c.handleCDSResponse(resp)
+		rType = xdsclient.ClusterResource
+	case xdsclient.IsEndpointsResource(url):
+		err = v2c.handleEDSResponse(resp)
+		rType = xdsclient.EndpointsResource
+	default:
+		return rType, "", "", xdsclient.ErrResourceTypeUnsupported{
+			ErrStr: fmt.Sprintf("Resource type %v unknown in response from server", resp.GetTypeUrl()),
+		}
+	}
+	return rType, resp.GetVersionInfo(), resp.GetNonce(), err
+}
+
+// handleLDSResponse processes an LDS response received from the management
+// server. On receipt of a good response, it also invokes the registered watcher
+// callback.
+func (v2c *client) handleLDSResponse(resp *v2xdspb.DiscoveryResponse) error {
+	update, md, err := xdsclient.UnmarshalListener(resp.GetVersionInfo(), resp.GetResources(), v2c.logger)
+	v2c.parent.NewListeners(update, md)
+	return err
+}
+
+// handleRDSResponse processes an RDS response received from the management
+// server. On receipt of a good response, it caches validated resources and also
+// invokes the registered watcher callback.
+func (v2c *client) handleRDSResponse(resp *v2xdspb.DiscoveryResponse) error {
+	update, md, err := xdsclient.UnmarshalRouteConfig(resp.GetVersionInfo(), resp.GetResources(), v2c.logger)
+	v2c.parent.NewRouteConfigs(update, md)
+	return err
+}
+
+// handleCDSResponse processes an CDS response received from the management
+// server. On receipt of a good response, it also invokes the registered watcher
+// callback.
+func (v2c *client) handleCDSResponse(resp *v2xdspb.DiscoveryResponse) error {
+	update, md, err := xdsclient.UnmarshalCluster(resp.GetVersionInfo(), resp.GetResources(), v2c.logger)
+	v2c.parent.NewClusters(update, md)
+	return err
+}
+
+func (v2c *client) handleEDSResponse(resp *v2xdspb.DiscoveryResponse) error {
+	update, md, err := xdsclient.UnmarshalEndpoints(resp.GetVersionInfo(), resp.GetResources(), v2c.logger)
+	v2c.parent.NewEndpoints(update, md)
+	return err
+}
diff --git a/vendor/google.golang.org/grpc/xds/internal/client/v2/loadreport.go b/vendor/google.golang.org/grpc/xds/internal/client/v2/loadreport.go
new file mode 100644
index 00000000000..69405fcd9ad
--- /dev/null
+++ b/vendor/google.golang.org/grpc/xds/internal/client/v2/loadreport.go
@@ -0,0 +1,154 @@
+/*
+ *
+ * Copyright 2020 gRPC authors.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ */
+
+package v2
+
+import (
+	"context"
+	"errors"
+	"fmt"
+	"time"
+
+	"github.com/golang/protobuf/proto"
+	"github.com/golang/protobuf/ptypes"
+	"google.golang.org/grpc/xds/internal/client/load"
+
+	v2corepb "github.com/envoyproxy/go-control-plane/envoy/api/v2/core"
+	v2endpointpb "github.com/envoyproxy/go-control-plane/envoy/api/v2/endpoint"
+	lrsgrpc "github.com/envoyproxy/go-control-plane/envoy/service/load_stats/v2"
+	lrspb "github.com/envoyproxy/go-control-plane/envoy/service/load_stats/v2"
+	"google.golang.org/grpc"
+	"google.golang.org/grpc/xds/internal"
+)
+
+const clientFeatureLRSSendAllClusters = "envoy.lrs.supports_send_all_clusters"
+
+type lrsStream lrsgrpc.LoadReportingService_StreamLoadStatsClient
+
+func (v2c *client) NewLoadStatsStream(ctx context.Context, cc *grpc.ClientConn) (grpc.ClientStream, error) {
+	c := lrsgrpc.NewLoadReportingServiceClient(cc)
+	return c.StreamLoadStats(ctx)
+}
+
+func (v2c *client) SendFirstLoadStatsRequest(s grpc.ClientStream) error {
+	stream, ok := s.(lrsStream)
+	if !ok {
+		return fmt.Errorf("lrs: Attempt to send request on unsupported stream type: %T", s)
+	}
+	node := proto.Clone(v2c.nodeProto).(*v2corepb.Node)
+	if node == nil {
+		node = &v2corepb.Node{}
+	}
+	node.ClientFeatures = append(node.ClientFeatures, clientFeatureLRSSendAllClusters)
+
+	req := &lrspb.LoadStatsRequest{Node: node}
+	v2c.logger.Infof("lrs: sending init LoadStatsRequest: %v", req)
+	return stream.Send(req)
+}
+
+func (v2c *client) HandleLoadStatsResponse(s grpc.ClientStream) ([]string, time.Duration, error) {
+	stream, ok := s.(lrsStream)
+	if !ok {
+		return nil, 0, fmt.Errorf("lrs: Attempt to receive response on unsupported stream type: %T", s)
+	}
+
+	resp, err := stream.Recv()
+	if err != nil {
+		return nil, 0, fmt.Errorf("lrs: failed to receive first response: %v", err)
+	}
+	v2c.logger.Infof("lrs: received first LoadStatsResponse: %+v", resp)
+
+	interval, err := ptypes.Duration(resp.GetLoadReportingInterval())
+	if err != nil {
+		return nil, 0, fmt.Errorf("lrs: failed to convert report interval: %v", err)
+	}
+
+	if resp.ReportEndpointGranularity {
+		// TODO: fixme to support per endpoint loads.
+		return nil, 0, errors.New("lrs: endpoint loads requested, but not supported by current implementation")
+	}
+
+	clusters := resp.Clusters
+	if resp.SendAllClusters {
+		// Return nil to send stats for all clusters.
+		clusters = nil
+	}
+
+	return clusters, interval, nil
+}
+
+func (v2c *client) SendLoadStatsRequest(s grpc.ClientStream, loads []*load.Data) error {
+	stream, ok := s.(lrsStream)
+	if !ok {
+		return fmt.Errorf("lrs: Attempt to send request on unsupported stream type: %T", s)
+	}
+
+	var clusterStats []*v2endpointpb.ClusterStats
+	for _, sd := range loads {
+		var (
+			droppedReqs   []*v2endpointpb.ClusterStats_DroppedRequests
+			localityStats []*v2endpointpb.UpstreamLocalityStats
+		)
+		for category, count := range sd.Drops {
+			droppedReqs = append(droppedReqs, &v2endpointpb.ClusterStats_DroppedRequests{
+				Category:     category,
+				DroppedCount: count,
+			})
+		}
+		for l, localityData := range sd.LocalityStats {
+			lid, err := internal.LocalityIDFromString(l)
+			if err != nil {
+				return err
+			}
+			var loadMetricStats []*v2endpointpb.EndpointLoadMetricStats
+			for name, loadData := range localityData.LoadStats {
+				loadMetricStats = append(loadMetricStats, &v2endpointpb.EndpointLoadMetricStats{
+					MetricName:                    name,
+					NumRequestsFinishedWithMetric: loadData.Count,
+					TotalMetricValue:              loadData.Sum,
+				})
+			}
+			localityStats = append(localityStats, &v2endpointpb.UpstreamLocalityStats{
+				Locality: &v2corepb.Locality{
+					Region:  lid.Region,
+					Zone:    lid.Zone,
+					SubZone: lid.SubZone,
+				},
+				TotalSuccessfulRequests: localityData.RequestStats.Succeeded,
+				TotalRequestsInProgress: localityData.RequestStats.InProgress,
+				TotalErrorRequests:      localityData.RequestStats.Errored,
+				LoadMetricStats:         loadMetricStats,
+				UpstreamEndpointStats:   nil, // TODO: populate for per endpoint loads.
+			})
+		}
+
+		clusterStats = append(clusterStats, &v2endpointpb.ClusterStats{
+			ClusterName:           sd.Cluster,
+			ClusterServiceName:    sd.Service,
+			UpstreamLocalityStats: localityStats,
+			TotalDroppedRequests:  sd.TotalDrops,
+			DroppedRequests:       droppedReqs,
+			LoadReportInterval:    ptypes.DurationProto(sd.ReportInterval),
+		})
+
+	}
+
+	req := &lrspb.LoadStatsRequest{ClusterStats: clusterStats}
+	v2c.logger.Infof("lrs: sending LRS loads: %+v", req)
+	return stream.Send(req)
+}
diff --git a/vendor/google.golang.org/grpc/xds/internal/client/v3/client.go b/vendor/google.golang.org/grpc/xds/internal/client/v3/client.go
new file mode 100644
index 00000000000..55cae56d8cc
--- /dev/null
+++ b/vendor/google.golang.org/grpc/xds/internal/client/v3/client.go
@@ -0,0 +1,215 @@
+/*
+ *
+ * Copyright 2020 gRPC authors.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ */
+
+// Package v3 provides xDS v3 transport protocol specific functionality.
+package v3
+
+import (
+	"context"
+	"fmt"
+
+	"github.com/golang/protobuf/proto"
+	statuspb "google.golang.org/genproto/googleapis/rpc/status"
+	"google.golang.org/grpc"
+	"google.golang.org/grpc/codes"
+	"google.golang.org/grpc/internal/grpclog"
+	xdsclient "google.golang.org/grpc/xds/internal/client"
+	"google.golang.org/grpc/xds/internal/version"
+
+	v3corepb "github.com/envoyproxy/go-control-plane/envoy/config/core/v3"
+	v3adsgrpc "github.com/envoyproxy/go-control-plane/envoy/service/discovery/v3"
+	v3discoverypb "github.com/envoyproxy/go-control-plane/envoy/service/discovery/v3"
+)
+
+func init() {
+	xdsclient.RegisterAPIClientBuilder(clientBuilder{})
+}
+
+var (
+	resourceTypeToURL = map[xdsclient.ResourceType]string{
+		xdsclient.ListenerResource:    version.V3ListenerURL,
+		xdsclient.RouteConfigResource: version.V3RouteConfigURL,
+		xdsclient.ClusterResource:     version.V3ClusterURL,
+		xdsclient.EndpointsResource:   version.V3EndpointsURL,
+	}
+)
+
+type clientBuilder struct{}
+
+func (clientBuilder) Build(cc *grpc.ClientConn, opts xdsclient.BuildOptions) (xdsclient.APIClient, error) {
+	return newClient(cc, opts)
+}
+
+func (clientBuilder) Version() version.TransportAPI {
+	return version.TransportV3
+}
+
+func newClient(cc *grpc.ClientConn, opts xdsclient.BuildOptions) (xdsclient.APIClient, error) {
+	nodeProto, ok := opts.NodeProto.(*v3corepb.Node)
+	if !ok {
+		return nil, fmt.Errorf("xds: unsupported Node proto type: %T, want %T", opts.NodeProto, v3corepb.Node{})
+	}
+	v3c := &client{
+		cc:        cc,
+		parent:    opts.Parent,
+		nodeProto: nodeProto,
+		logger:    opts.Logger,
+	}
+	v3c.ctx, v3c.cancelCtx = context.WithCancel(context.Background())
+	v3c.TransportHelper = xdsclient.NewTransportHelper(v3c, opts.Logger, opts.Backoff)
+	return v3c, nil
+}
+
+type adsStream v3adsgrpc.AggregatedDiscoveryService_StreamAggregatedResourcesClient
+
+// client performs the actual xDS RPCs using the xDS v3 API. It creates a
+// single ADS stream on which the different types of xDS requests and responses
+// are multiplexed.
+type client struct {
+	*xdsclient.TransportHelper
+
+	ctx       context.Context
+	cancelCtx context.CancelFunc
+	parent    xdsclient.UpdateHandler
+	logger    *grpclog.PrefixLogger
+
+	// ClientConn to the xDS gRPC server. Owned by the parent xdsClient.
+	cc        *grpc.ClientConn
+	nodeProto *v3corepb.Node
+}
+
+func (v3c *client) NewStream(ctx context.Context) (grpc.ClientStream, error) {
+	return v3adsgrpc.NewAggregatedDiscoveryServiceClient(v3c.cc).StreamAggregatedResources(v3c.ctx, grpc.WaitForReady(true))
+}
+
+// sendRequest sends out a DiscoveryRequest for the given resourceNames, of type
+// rType, on the provided stream.
+//
+// version is the ack version to be sent with the request
+// - If this is the new request (not an ack/nack), version will be empty.
+// - If this is an ack, version will be the version from the response.
+// - If this is a nack, version will be the previous acked version (from
+//   versionMap). If there was no ack before, it will be empty.
+func (v3c *client) SendRequest(s grpc.ClientStream, resourceNames []string, rType xdsclient.ResourceType, version, nonce, errMsg string) error {
+	stream, ok := s.(adsStream)
+	if !ok {
+		return fmt.Errorf("xds: Attempt to send request on unsupported stream type: %T", s)
+	}
+	req := &v3discoverypb.DiscoveryRequest{
+		Node:          v3c.nodeProto,
+		TypeUrl:       resourceTypeToURL[rType],
+		ResourceNames: resourceNames,
+		VersionInfo:   version,
+		ResponseNonce: nonce,
+	}
+	if errMsg != "" {
+		req.ErrorDetail = &statuspb.Status{
+			Code: int32(codes.InvalidArgument), Message: errMsg,
+		}
+	}
+	if err := stream.Send(req); err != nil {
+		return fmt.Errorf("xds: stream.Send(%+v) failed: %v", req, err)
+	}
+	v3c.logger.Debugf("ADS request sent: %v", req)
+	return nil
+}
+
+// RecvResponse blocks on the receipt of one response message on the provided
+// stream.
+func (v3c *client) RecvResponse(s grpc.ClientStream) (proto.Message, error) {
+	stream, ok := s.(adsStream)
+	if !ok {
+		return nil, fmt.Errorf("xds: Attempt to receive response on unsupported stream type: %T", s)
+	}
+
+	resp, err := stream.Recv()
+	if err != nil {
+		// TODO: call watch callbacks with error when stream is broken.
+		return nil, fmt.Errorf("xds: stream.Recv() failed: %v", err)
+	}
+	v3c.logger.Infof("ADS response received, type: %v", resp.GetTypeUrl())
+	v3c.logger.Debugf("ADS response received: %+v", resp)
+	return resp, nil
+}
+
+func (v3c *client) HandleResponse(r proto.Message) (xdsclient.ResourceType, string, string, error) {
+	rType := xdsclient.UnknownResource
+	resp, ok := r.(*v3discoverypb.DiscoveryResponse)
+	if !ok {
+		return rType, "", "", fmt.Errorf("xds: unsupported message type: %T", resp)
+	}
+
+	// Note that the xDS transport protocol is versioned independently of
+	// the resource types, and it is supported to transfer older versions
+	// of resource types using new versions of the transport protocol, or
+	// vice-versa. Hence we need to handle v3 type_urls as well here.
+	var err error
+	url := resp.GetTypeUrl()
+	switch {
+	case xdsclient.IsListenerResource(url):
+		err = v3c.handleLDSResponse(resp)
+		rType = xdsclient.ListenerResource
+	case xdsclient.IsRouteConfigResource(url):
+		err = v3c.handleRDSResponse(resp)
+		rType = xdsclient.RouteConfigResource
+	case xdsclient.IsClusterResource(url):
+		err = v3c.handleCDSResponse(resp)
+		rType = xdsclient.ClusterResource
+	case xdsclient.IsEndpointsResource(url):
+		err = v3c.handleEDSResponse(resp)
+		rType = xdsclient.EndpointsResource
+	default:
+		return rType, "", "", xdsclient.ErrResourceTypeUnsupported{
+			ErrStr: fmt.Sprintf("Resource type %v unknown in response from server", resp.GetTypeUrl()),
+		}
+	}
+	return rType, resp.GetVersionInfo(), resp.GetNonce(), err
+}
+
+// handleLDSResponse processes an LDS response received from the management
+// server. On receipt of a good response, it also invokes the registered watcher
+// callback.
+func (v3c *client) handleLDSResponse(resp *v3discoverypb.DiscoveryResponse) error {
+	update, md, err := xdsclient.UnmarshalListener(resp.GetVersionInfo(), resp.GetResources(), v3c.logger)
+	v3c.parent.NewListeners(update, md)
+	return err
+}
+
+// handleRDSResponse processes an RDS response received from the management
+// server. On receipt of a good response, it caches validated resources and also
+// invokes the registered watcher callback.
+func (v3c *client) handleRDSResponse(resp *v3discoverypb.DiscoveryResponse) error {
+	update, md, err := xdsclient.UnmarshalRouteConfig(resp.GetVersionInfo(), resp.GetResources(), v3c.logger)
+	v3c.parent.NewRouteConfigs(update, md)
+	return err
+}
+
+// handleCDSResponse processes an CDS response received from the management
+// server. On receipt of a good response, it also invokes the registered watcher
+// callback.
+func (v3c *client) handleCDSResponse(resp *v3discoverypb.DiscoveryResponse) error {
+	update, md, err := xdsclient.UnmarshalCluster(resp.GetVersionInfo(), resp.GetResources(), v3c.logger)
+	v3c.parent.NewClusters(update, md)
+	return err
+}
+
+func (v3c *client) handleEDSResponse(resp *v3discoverypb.DiscoveryResponse) error {
+	update, md, err := xdsclient.UnmarshalEndpoints(resp.GetVersionInfo(), resp.GetResources(), v3c.logger)
+	v3c.parent.NewEndpoints(update, md)
+	return err
+}
diff --git a/vendor/google.golang.org/grpc/xds/internal/client/v3/loadreport.go b/vendor/google.golang.org/grpc/xds/internal/client/v3/loadreport.go
new file mode 100644
index 00000000000..74e18632aa0
--- /dev/null
+++ b/vendor/google.golang.org/grpc/xds/internal/client/v3/loadreport.go
@@ -0,0 +1,153 @@
+/*
+ *
+ * Copyright 2020 gRPC authors.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ */
+
+package v3
+
+import (
+	"context"
+	"errors"
+	"fmt"
+	"time"
+
+	"github.com/golang/protobuf/proto"
+	"github.com/golang/protobuf/ptypes"
+	"google.golang.org/grpc/xds/internal/client/load"
+
+	v3corepb "github.com/envoyproxy/go-control-plane/envoy/config/core/v3"
+	v3endpointpb "github.com/envoyproxy/go-control-plane/envoy/config/endpoint/v3"
+	lrsgrpc "github.com/envoyproxy/go-control-plane/envoy/service/load_stats/v3"
+	lrspb "github.com/envoyproxy/go-control-plane/envoy/service/load_stats/v3"
+	"google.golang.org/grpc"
+	"google.golang.org/grpc/xds/internal"
+)
+
+const clientFeatureLRSSendAllClusters = "envoy.lrs.supports_send_all_clusters"
+
+type lrsStream lrsgrpc.LoadReportingService_StreamLoadStatsClient
+
+func (v3c *client) NewLoadStatsStream(ctx context.Context, cc *grpc.ClientConn) (grpc.ClientStream, error) {
+	c := lrsgrpc.NewLoadReportingServiceClient(cc)
+	return c.StreamLoadStats(ctx)
+}
+
+func (v3c *client) SendFirstLoadStatsRequest(s grpc.ClientStream) error {
+	stream, ok := s.(lrsStream)
+	if !ok {
+		return fmt.Errorf("lrs: Attempt to send request on unsupported stream type: %T", s)
+	}
+	node := proto.Clone(v3c.nodeProto).(*v3corepb.Node)
+	if node == nil {
+		node = &v3corepb.Node{}
+	}
+	node.ClientFeatures = append(node.ClientFeatures, clientFeatureLRSSendAllClusters)
+
+	req := &lrspb.LoadStatsRequest{Node: node}
+	v3c.logger.Infof("lrs: sending init LoadStatsRequest: %v", req)
+	return stream.Send(req)
+}
+
+func (v3c *client) HandleLoadStatsResponse(s grpc.ClientStream) ([]string, time.Duration, error) {
+	stream, ok := s.(lrsStream)
+	if !ok {
+		return nil, 0, fmt.Errorf("lrs: Attempt to receive response on unsupported stream type: %T", s)
+	}
+
+	resp, err := stream.Recv()
+	if err != nil {
+		return nil, 0, fmt.Errorf("lrs: failed to receive first response: %v", err)
+	}
+	v3c.logger.Infof("lrs: received first LoadStatsResponse: %+v", resp)
+
+	interval, err := ptypes.Duration(resp.GetLoadReportingInterval())
+	if err != nil {
+		return nil, 0, fmt.Errorf("lrs: failed to convert report interval: %v", err)
+	}
+
+	if resp.ReportEndpointGranularity {
+		// TODO: fixme to support per endpoint loads.
+		return nil, 0, errors.New("lrs: endpoint loads requested, but not supported by current implementation")
+	}
+
+	clusters := resp.Clusters
+	if resp.SendAllClusters {
+		// Return nil to send stats for all clusters.
+		clusters = nil
+	}
+
+	return clusters, interval, nil
+}
+
+func (v3c *client) SendLoadStatsRequest(s grpc.ClientStream, loads []*load.Data) error {
+	stream, ok := s.(lrsStream)
+	if !ok {
+		return fmt.Errorf("lrs: Attempt to send request on unsupported stream type: %T", s)
+	}
+
+	var clusterStats []*v3endpointpb.ClusterStats
+	for _, sd := range loads {
+		var (
+			droppedReqs   []*v3endpointpb.ClusterStats_DroppedRequests
+			localityStats []*v3endpointpb.UpstreamLocalityStats
+		)
+		for category, count := range sd.Drops {
+			droppedReqs = append(droppedReqs, &v3endpointpb.ClusterStats_DroppedRequests{
+				Category:     category,
+				DroppedCount: count,
+			})
+		}
+		for l, localityData := range sd.LocalityStats {
+			lid, err := internal.LocalityIDFromString(l)
+			if err != nil {
+				return err
+			}
+			var loadMetricStats []*v3endpointpb.EndpointLoadMetricStats
+			for name, loadData := range localityData.LoadStats {
+				loadMetricStats = append(loadMetricStats, &v3endpointpb.EndpointLoadMetricStats{
+					MetricName:                    name,
+					NumRequestsFinishedWithMetric: loadData.Count,
+					TotalMetricValue:              loadData.Sum,
+				})
+			}
+			localityStats = append(localityStats, &v3endpointpb.UpstreamLocalityStats{
+				Locality: &v3corepb.Locality{
+					Region:  lid.Region,
+					Zone:    lid.Zone,
+					SubZone: lid.SubZone,
+				},
+				TotalSuccessfulRequests: localityData.RequestStats.Succeeded,
+				TotalRequestsInProgress: localityData.RequestStats.InProgress,
+				TotalErrorRequests:      localityData.RequestStats.Errored,
+				LoadMetricStats:         loadMetricStats,
+				UpstreamEndpointStats:   nil, // TODO: populate for per endpoint loads.
+			})
+		}
+
+		clusterStats = append(clusterStats, &v3endpointpb.ClusterStats{
+			ClusterName:           sd.Cluster,
+			ClusterServiceName:    sd.Service,
+			UpstreamLocalityStats: localityStats,
+			TotalDroppedRequests:  sd.TotalDrops,
+			DroppedRequests:       droppedReqs,
+			LoadReportInterval:    ptypes.DurationProto(sd.ReportInterval),
+		})
+	}
+
+	req := &lrspb.LoadStatsRequest{ClusterStats: clusterStats}
+	v3c.logger.Infof("lrs: sending LRS loads: %+v", req)
+	return stream.Send(req)
+}
diff --git a/vendor/google.golang.org/grpc/xds/internal/client/watchers.go b/vendor/google.golang.org/grpc/xds/internal/client/watchers.go
new file mode 100644
index 00000000000..9fafe5a60f8
--- /dev/null
+++ b/vendor/google.golang.org/grpc/xds/internal/client/watchers.go
@@ -0,0 +1,299 @@
+/*
+ *
+ * Copyright 2020 gRPC authors.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ */
+
+package client
+
+import (
+	"fmt"
+	"sync"
+	"time"
+)
+
+type watchInfoState int
+
+const (
+	watchInfoStateStarted watchInfoState = iota
+	watchInfoStateRespReceived
+	watchInfoStateTimeout
+	watchInfoStateCanceled
+)
+
+// watchInfo holds all the information from a watch() call.
+type watchInfo struct {
+	c      *clientImpl
+	rType  ResourceType
+	target string
+
+	ldsCallback func(ListenerUpdate, error)
+	rdsCallback func(RouteConfigUpdate, error)
+	cdsCallback func(ClusterUpdate, error)
+	edsCallback func(EndpointsUpdate, error)
+
+	expiryTimer *time.Timer
+
+	// mu protects state, and c.scheduleCallback().
+	// - No callback should be scheduled after watchInfo is canceled.
+	// - No timeout error should be scheduled after watchInfo is resp received.
+	mu    sync.Mutex
+	state watchInfoState
+}
+
+func (wi *watchInfo) newUpdate(update interface{}) {
+	wi.mu.Lock()
+	defer wi.mu.Unlock()
+	if wi.state == watchInfoStateCanceled {
+		return
+	}
+	wi.state = watchInfoStateRespReceived
+	wi.expiryTimer.Stop()
+	wi.c.scheduleCallback(wi, update, nil)
+}
+
+func (wi *watchInfo) resourceNotFound() {
+	wi.mu.Lock()
+	defer wi.mu.Unlock()
+	if wi.state == watchInfoStateCanceled {
+		return
+	}
+	wi.state = watchInfoStateRespReceived
+	wi.expiryTimer.Stop()
+	wi.sendErrorLocked(NewErrorf(ErrorTypeResourceNotFound, "xds: %v target %s not found in received response", wi.rType, wi.target))
+}
+
+func (wi *watchInfo) timeout() {
+	wi.mu.Lock()
+	defer wi.mu.Unlock()
+	if wi.state == watchInfoStateCanceled || wi.state == watchInfoStateRespReceived {
+		return
+	}
+	wi.state = watchInfoStateTimeout
+	wi.sendErrorLocked(fmt.Errorf("xds: %v target %s not found, watcher timeout", wi.rType, wi.target))
+}
+
+// Caller must hold wi.mu.
+func (wi *watchInfo) sendErrorLocked(err error) {
+	var (
+		u interface{}
+	)
+	switch wi.rType {
+	case ListenerResource:
+		u = ListenerUpdate{}
+	case RouteConfigResource:
+		u = RouteConfigUpdate{}
+	case ClusterResource:
+		u = ClusterUpdate{}
+	case EndpointsResource:
+		u = EndpointsUpdate{}
+	}
+	wi.c.scheduleCallback(wi, u, err)
+}
+
+func (wi *watchInfo) cancel() {
+	wi.mu.Lock()
+	defer wi.mu.Unlock()
+	if wi.state == watchInfoStateCanceled {
+		return
+	}
+	wi.expiryTimer.Stop()
+	wi.state = watchInfoStateCanceled
+}
+
+func (c *clientImpl) watch(wi *watchInfo) (cancel func()) {
+	c.mu.Lock()
+	defer c.mu.Unlock()
+	c.logger.Debugf("new watch for type %v, resource name %v", wi.rType, wi.target)
+	var (
+		watchers map[string]map[*watchInfo]bool
+		mds      map[string]UpdateMetadata
+	)
+	switch wi.rType {
+	case ListenerResource:
+		watchers = c.ldsWatchers
+		mds = c.ldsMD
+	case RouteConfigResource:
+		watchers = c.rdsWatchers
+		mds = c.rdsMD
+	case ClusterResource:
+		watchers = c.cdsWatchers
+		mds = c.cdsMD
+	case EndpointsResource:
+		watchers = c.edsWatchers
+		mds = c.edsMD
+	default:
+		c.logger.Errorf("unknown watch type: %v", wi.rType)
+		return nil
+	}
+
+	resourceName := wi.target
+	s, ok := watchers[wi.target]
+	if !ok {
+		// If this is a new watcher, will ask lower level to send a new request
+		// with the resource name.
+		//
+		// If this (type+name) is already being watched, will not notify the
+		// underlying versioned apiClient.
+		c.logger.Debugf("first watch for type %v, resource name %v, will send a new xDS request", wi.rType, wi.target)
+		s = make(map[*watchInfo]bool)
+		watchers[resourceName] = s
+		mds[resourceName] = UpdateMetadata{Status: ServiceStatusRequested}
+		c.apiClient.AddWatch(wi.rType, resourceName)
+	}
+	// No matter what, add the new watcher to the set, so it's callback will be
+	// call for new responses.
+	s[wi] = true
+
+	// If the resource is in cache, call the callback with the value.
+	switch wi.rType {
+	case ListenerResource:
+		if v, ok := c.ldsCache[resourceName]; ok {
+			c.logger.Debugf("LDS resource with name %v found in cache: %+v", wi.target, v)
+			wi.newUpdate(v)
+		}
+	case RouteConfigResource:
+		if v, ok := c.rdsCache[resourceName]; ok {
+			c.logger.Debugf("RDS resource with name %v found in cache: %+v", wi.target, v)
+			wi.newUpdate(v)
+		}
+	case ClusterResource:
+		if v, ok := c.cdsCache[resourceName]; ok {
+			c.logger.Debugf("CDS resource with name %v found in cache: %+v", wi.target, v)
+			wi.newUpdate(v)
+		}
+	case EndpointsResource:
+		if v, ok := c.edsCache[resourceName]; ok {
+			c.logger.Debugf("EDS resource with name %v found in cache: %+v", wi.target, v)
+			wi.newUpdate(v)
+		}
+	}
+
+	return func() {
+		c.logger.Debugf("watch for type %v, resource name %v canceled", wi.rType, wi.target)
+		wi.cancel()
+		c.mu.Lock()
+		defer c.mu.Unlock()
+		if s := watchers[resourceName]; s != nil {
+			// Remove this watcher, so it's callback will not be called in the
+			// future.
+			delete(s, wi)
+			if len(s) == 0 {
+				c.logger.Debugf("last watch for type %v, resource name %v canceled, will send a new xDS request", wi.rType, wi.target)
+				// If this was the last watcher, also tell xdsv2Client to stop
+				// watching this resource.
+				delete(watchers, resourceName)
+				delete(mds, resourceName)
+				c.apiClient.RemoveWatch(wi.rType, resourceName)
+				// Remove the resource from cache. When a watch for this
+				// resource is added later, it will trigger a xDS request with
+				// resource names, and client will receive new xDS responses.
+				switch wi.rType {
+				case ListenerResource:
+					delete(c.ldsCache, resourceName)
+				case RouteConfigResource:
+					delete(c.rdsCache, resourceName)
+				case ClusterResource:
+					delete(c.cdsCache, resourceName)
+				case EndpointsResource:
+					delete(c.edsCache, resourceName)
+				}
+			}
+		}
+	}
+}
+
+// WatchListener uses LDS to discover information about the provided listener.
+//
+// Note that during race (e.g. an xDS response is received while the user is
+// calling cancel()), there's a small window where the callback can be called
+// after the watcher is canceled. The caller needs to handle this case.
+func (c *clientImpl) WatchListener(serviceName string, cb func(ListenerUpdate, error)) (cancel func()) {
+	wi := &watchInfo{
+		c:           c,
+		rType:       ListenerResource,
+		target:      serviceName,
+		ldsCallback: cb,
+	}
+
+	wi.expiryTimer = time.AfterFunc(c.watchExpiryTimeout, func() {
+		wi.timeout()
+	})
+	return c.watch(wi)
+}
+
+// WatchRouteConfig starts a listener watcher for the service..
+//
+// Note that during race (e.g. an xDS response is received while the user is
+// calling cancel()), there's a small window where the callback can be called
+// after the watcher is canceled. The caller needs to handle this case.
+func (c *clientImpl) WatchRouteConfig(routeName string, cb func(RouteConfigUpdate, error)) (cancel func()) {
+	wi := &watchInfo{
+		c:           c,
+		rType:       RouteConfigResource,
+		target:      routeName,
+		rdsCallback: cb,
+	}
+
+	wi.expiryTimer = time.AfterFunc(c.watchExpiryTimeout, func() {
+		wi.timeout()
+	})
+	return c.watch(wi)
+}
+
+// WatchCluster uses CDS to discover information about the provided
+// clusterName.
+//
+// WatchCluster can be called multiple times, with same or different
+// clusterNames. Each call will start an independent watcher for the resource.
+//
+// Note that during race (e.g. an xDS response is received while the user is
+// calling cancel()), there's a small window where the callback can be called
+// after the watcher is canceled. The caller needs to handle this case.
+func (c *clientImpl) WatchCluster(clusterName string, cb func(ClusterUpdate, error)) (cancel func()) {
+	wi := &watchInfo{
+		c:           c,
+		rType:       ClusterResource,
+		target:      clusterName,
+		cdsCallback: cb,
+	}
+
+	wi.expiryTimer = time.AfterFunc(c.watchExpiryTimeout, func() {
+		wi.timeout()
+	})
+	return c.watch(wi)
+}
+
+// WatchEndpoints uses EDS to discover endpoints in the provided clusterName.
+//
+// WatchEndpoints can be called multiple times, with same or different
+// clusterNames. Each call will start an independent watcher for the resource.
+//
+// Note that during race (e.g. an xDS response is received while the user is
+// calling cancel()), there's a small window where the callback can be called
+// after the watcher is canceled. The caller needs to handle this case.
+func (c *clientImpl) WatchEndpoints(clusterName string, cb func(EndpointsUpdate, error)) (cancel func()) {
+	wi := &watchInfo{
+		c:           c,
+		rType:       EndpointsResource,
+		target:      clusterName,
+		edsCallback: cb,
+	}
+
+	wi.expiryTimer = time.AfterFunc(c.watchExpiryTimeout, func() {
+		wi.timeout()
+	})
+	return c.watch(wi)
+}
diff --git a/vendor/google.golang.org/grpc/xds/internal/client/xds.go b/vendor/google.golang.org/grpc/xds/internal/client/xds.go
new file mode 100644
index 00000000000..0cd373d5698
--- /dev/null
+++ b/vendor/google.golang.org/grpc/xds/internal/client/xds.go
@@ -0,0 +1,977 @@
+/*
+ *
+ * Copyright 2020 gRPC authors.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ */
+
+package client
+
+import (
+	"errors"
+	"fmt"
+	"net"
+	"regexp"
+	"strconv"
+	"strings"
+	"time"
+
+	v1typepb "github.com/cncf/udpa/go/udpa/type/v1"
+	v3clusterpb "github.com/envoyproxy/go-control-plane/envoy/config/cluster/v3"
+	v3corepb "github.com/envoyproxy/go-control-plane/envoy/config/core/v3"
+	v3endpointpb "github.com/envoyproxy/go-control-plane/envoy/config/endpoint/v3"
+	v3listenerpb "github.com/envoyproxy/go-control-plane/envoy/config/listener/v3"
+	v3routepb "github.com/envoyproxy/go-control-plane/envoy/config/route/v3"
+	v3aggregateclusterpb "github.com/envoyproxy/go-control-plane/envoy/extensions/clusters/aggregate/v3"
+	v3httppb "github.com/envoyproxy/go-control-plane/envoy/extensions/filters/network/http_connection_manager/v3"
+	v3tlspb "github.com/envoyproxy/go-control-plane/envoy/extensions/transport_sockets/tls/v3"
+	v3typepb "github.com/envoyproxy/go-control-plane/envoy/type/v3"
+	"github.com/golang/protobuf/proto"
+	"github.com/golang/protobuf/ptypes"
+	"google.golang.org/protobuf/types/known/anypb"
+
+	"google.golang.org/grpc/internal/grpclog"
+	"google.golang.org/grpc/internal/xds"
+	"google.golang.org/grpc/internal/xds/env"
+	"google.golang.org/grpc/xds/internal"
+	"google.golang.org/grpc/xds/internal/httpfilter"
+	"google.golang.org/grpc/xds/internal/version"
+)
+
+// TransportSocket proto message has a `name` field which is expected to be set
+// to this value by the management server.
+const transportSocketName = "envoy.transport_sockets.tls"
+
+// UnmarshalListener processes resources received in an LDS response, validates
+// them, and transforms them into a native struct which contains only fields we
+// are interested in.
+func UnmarshalListener(version string, resources []*anypb.Any, logger *grpclog.PrefixLogger) (map[string]ListenerUpdate, UpdateMetadata, error) {
+	update := make(map[string]ListenerUpdate)
+	md, err := processAllResources(version, resources, logger, update)
+	return update, md, err
+}
+
+func unmarshalListenerResource(r *anypb.Any, logger *grpclog.PrefixLogger) (string, ListenerUpdate, error) {
+	if !IsListenerResource(r.GetTypeUrl()) {
+		return "", ListenerUpdate{}, fmt.Errorf("unexpected resource type: %q ", r.GetTypeUrl())
+	}
+	// TODO: Pass version.TransportAPI instead of relying upon the type URL
+	v2 := r.GetTypeUrl() == version.V2ListenerURL
+	lis := &v3listenerpb.Listener{}
+	if err := proto.Unmarshal(r.GetValue(), lis); err != nil {
+		return "", ListenerUpdate{}, fmt.Errorf("failed to unmarshal resource: %v", err)
+	}
+	logger.Infof("Resource with name: %v, type: %T, contains: %v", lis.GetName(), lis, lis)
+
+	lu, err := processListener(lis, logger, v2)
+	if err != nil {
+		return lis.GetName(), ListenerUpdate{}, err
+	}
+	lu.Raw = r
+	return lis.GetName(), *lu, nil
+}
+
+func processListener(lis *v3listenerpb.Listener, logger *grpclog.PrefixLogger, v2 bool) (*ListenerUpdate, error) {
+	if lis.GetApiListener() != nil {
+		return processClientSideListener(lis, logger, v2)
+	}
+	return processServerSideListener(lis)
+}
+
+// processClientSideListener checks if the provided Listener proto meets
+// the expected criteria. If so, it returns a non-empty routeConfigName.
+func processClientSideListener(lis *v3listenerpb.Listener, logger *grpclog.PrefixLogger, v2 bool) (*ListenerUpdate, error) {
+	update := &ListenerUpdate{}
+
+	apiLisAny := lis.GetApiListener().GetApiListener()
+	if !IsHTTPConnManagerResource(apiLisAny.GetTypeUrl()) {
+		return nil, fmt.Errorf("unexpected resource type: %q", apiLisAny.GetTypeUrl())
+	}
+	apiLis := &v3httppb.HttpConnectionManager{}
+	if err := proto.Unmarshal(apiLisAny.GetValue(), apiLis); err != nil {
+		return nil, fmt.Errorf("failed to unmarshal api_listner: %v", err)
+	}
+
+	switch apiLis.RouteSpecifier.(type) {
+	case *v3httppb.HttpConnectionManager_Rds:
+		if apiLis.GetRds().GetConfigSource().GetAds() == nil {
+			return nil, fmt.Errorf("ConfigSource is not ADS: %+v", lis)
+		}
+		name := apiLis.GetRds().GetRouteConfigName()
+		if name == "" {
+			return nil, fmt.Errorf("empty route_config_name: %+v", lis)
+		}
+		update.RouteConfigName = name
+	case *v3httppb.HttpConnectionManager_RouteConfig:
+		routeU, err := generateRDSUpdateFromRouteConfiguration(apiLis.GetRouteConfig(), logger, v2)
+		if err != nil {
+			return nil, fmt.Errorf("failed to parse inline RDS resp: %v", err)
+		}
+		update.InlineRouteConfig = &routeU
+	case nil:
+		return nil, fmt.Errorf("no RouteSpecifier: %+v", apiLis)
+	default:
+		return nil, fmt.Errorf("unsupported type %T for RouteSpecifier", apiLis.RouteSpecifier)
+	}
+
+	if v2 {
+		return update, nil
+	}
+
+	// The following checks and fields only apply to xDS protocol versions v3+.
+
+	update.MaxStreamDuration = apiLis.GetCommonHttpProtocolOptions().GetMaxStreamDuration().AsDuration()
+
+	var err error
+	if update.HTTPFilters, err = processHTTPFilters(apiLis.GetHttpFilters(), false); err != nil {
+		return nil, err
+	}
+
+	return update, nil
+}
+
+func unwrapHTTPFilterConfig(config *anypb.Any) (proto.Message, string, error) {
+	// The real type name is inside the TypedStruct.
+	s := new(v1typepb.TypedStruct)
+	if !ptypes.Is(config, s) {
+		return config, config.GetTypeUrl(), nil
+	}
+	if err := ptypes.UnmarshalAny(config, s); err != nil {
+		return nil, "", fmt.Errorf("error unmarshalling TypedStruct filter config: %v", err)
+	}
+	return s, s.GetTypeUrl(), nil
+}
+
+func validateHTTPFilterConfig(cfg *anypb.Any, lds, optional bool) (httpfilter.Filter, httpfilter.FilterConfig, error) {
+	config, typeURL, err := unwrapHTTPFilterConfig(cfg)
+	if err != nil {
+		return nil, nil, err
+	}
+	filterBuilder := httpfilter.Get(typeURL)
+	if filterBuilder == nil {
+		if optional {
+			return nil, nil, nil
+		}
+		return nil, nil, fmt.Errorf("no filter implementation found for %q", typeURL)
+	}
+	parseFunc := filterBuilder.ParseFilterConfig
+	if !lds {
+		parseFunc = filterBuilder.ParseFilterConfigOverride
+	}
+	filterConfig, err := parseFunc(config)
+	if err != nil {
+		return nil, nil, fmt.Errorf("error parsing config for filter %q: %v", typeURL, err)
+	}
+	return filterBuilder, filterConfig, nil
+}
+
+func processHTTPFilterOverrides(cfgs map[string]*anypb.Any) (map[string]httpfilter.FilterConfig, error) {
+	if !env.FaultInjectionSupport || len(cfgs) == 0 {
+		return nil, nil
+	}
+	m := make(map[string]httpfilter.FilterConfig)
+	for name, cfg := range cfgs {
+		optional := false
+		s := new(v3routepb.FilterConfig)
+		if ptypes.Is(cfg, s) {
+			if err := ptypes.UnmarshalAny(cfg, s); err != nil {
+				return nil, fmt.Errorf("filter override %q: error unmarshalling FilterConfig: %v", name, err)
+			}
+			cfg = s.GetConfig()
+			optional = s.GetIsOptional()
+		}
+
+		httpFilter, config, err := validateHTTPFilterConfig(cfg, false, optional)
+		if err != nil {
+			return nil, fmt.Errorf("filter override %q: %v", name, err)
+		}
+		if httpFilter == nil {
+			// Optional configs are ignored.
+			continue
+		}
+		m[name] = config
+	}
+	return m, nil
+}
+
+func processHTTPFilters(filters []*v3httppb.HttpFilter, server bool) ([]HTTPFilter, error) {
+	if !env.FaultInjectionSupport {
+		return nil, nil
+	}
+
+	ret := make([]HTTPFilter, 0, len(filters))
+	seenNames := make(map[string]bool, len(filters))
+	for _, filter := range filters {
+		name := filter.GetName()
+		if name == "" {
+			return nil, errors.New("filter missing name field")
+		}
+		if seenNames[name] {
+			return nil, fmt.Errorf("duplicate filter name %q", name)
+		}
+		seenNames[name] = true
+
+		httpFilter, config, err := validateHTTPFilterConfig(filter.GetTypedConfig(), true, filter.GetIsOptional())
+		if err != nil {
+			return nil, err
+		}
+		if httpFilter == nil {
+			// Optional configs are ignored.
+			continue
+		}
+		if server {
+			if _, ok := httpFilter.(httpfilter.ServerInterceptorBuilder); !ok {
+				if filter.GetIsOptional() {
+					continue
+				}
+				return nil, fmt.Errorf("HTTP filter %q not supported server-side", name)
+			}
+		} else if _, ok := httpFilter.(httpfilter.ClientInterceptorBuilder); !ok {
+			if filter.GetIsOptional() {
+				continue
+			}
+			return nil, fmt.Errorf("HTTP filter %q not supported client-side", name)
+		}
+
+		// Save name/config
+		ret = append(ret, HTTPFilter{Name: name, Filter: httpFilter, Config: config})
+	}
+	return ret, nil
+}
+
+func processServerSideListener(lis *v3listenerpb.Listener) (*ListenerUpdate, error) {
+	if n := len(lis.ListenerFilters); n != 0 {
+		return nil, fmt.Errorf("unsupported field 'listener_filters' contains %d entries", n)
+	}
+	if useOrigDst := lis.GetUseOriginalDst(); useOrigDst != nil && useOrigDst.GetValue() {
+		return nil, errors.New("unsupported field 'use_original_dst' is present and set to true")
+	}
+	addr := lis.GetAddress()
+	if addr == nil {
+		return nil, fmt.Errorf("no address field in LDS response: %+v", lis)
+	}
+	sockAddr := addr.GetSocketAddress()
+	if sockAddr == nil {
+		return nil, fmt.Errorf("no socket_address field in LDS response: %+v", lis)
+	}
+	lu := &ListenerUpdate{
+		InboundListenerCfg: &InboundListenerConfig{
+			Address: sockAddr.GetAddress(),
+			Port:    strconv.Itoa(int(sockAddr.GetPortValue())),
+		},
+	}
+	chains := lis.GetFilterChains()
+	if def := lis.GetDefaultFilterChain(); def != nil {
+		chains = append(chains, def)
+	}
+	if err := validateNetworkFilterChains(chains); err != nil {
+		return nil, err
+	}
+
+	fcMgr, err := NewFilterChainManager(lis)
+	if err != nil {
+		return nil, err
+	}
+	lu.InboundListenerCfg.FilterChains = fcMgr
+	return lu, nil
+}
+
+func validateNetworkFilterChains(filterChains []*v3listenerpb.FilterChain) error {
+	for _, filterChain := range filterChains {
+		seenNames := make(map[string]bool, len(filterChain.GetFilters()))
+		seenHCM := false
+		for _, filter := range filterChain.GetFilters() {
+			name := filter.GetName()
+			if name == "" {
+				return fmt.Errorf("filter chain {%+v} is missing name field in filter: {%+v}", filterChain, filter)
+			}
+			if seenNames[name] {
+				return fmt.Errorf("filter chain {%+v} has duplicate filter name %q", filterChain, name)
+			}
+			seenNames[name] = true
+
+			// Network filters have a oneof field named `config_type` where we
+			// only support `TypedConfig` variant.
+			switch typ := filter.GetConfigType().(type) {
+			case *v3listenerpb.Filter_TypedConfig:
+				// The typed_config field has an `anypb.Any` proto which could
+				// directly contain the serialized bytes of the actual filter
+				// configuration, or it could be encoded as a `TypedStruct`.
+				// TODO: Add support for `TypedStruct`.
+				tc := filter.GetTypedConfig()
+
+				// The only network filter that we currently support is the v3
+				// HttpConnectionManager. So, we can directly check the type_url
+				// and unmarshal the config.
+				// TODO: Implement a registry of supported network filters (like
+				// we have for HTTP filters), when we have to support network
+				// filters other than HttpConnectionManager.
+				if tc.GetTypeUrl() != version.V3HTTPConnManagerURL {
+					return fmt.Errorf("filter chain {%+v} has unsupported network filter %q in filter {%+v}", filterChain, tc.GetTypeUrl(), filter)
+				}
+				hcm := &v3httppb.HttpConnectionManager{}
+				if err := ptypes.UnmarshalAny(tc, hcm); err != nil {
+					return fmt.Errorf("filter chain {%+v} failed unmarshaling of network filter {%+v}: %v", filterChain, filter, err)
+				}
+				// We currently don't support HTTP filters on the server-side.
+				// We will be adding support for it in the future. So, we want
+				// to make sure that the http_filters configuration is valid.
+				if _, err := processHTTPFilters(hcm.GetHttpFilters(), true); err != nil {
+					return err
+				}
+				seenHCM = true
+			default:
+				return fmt.Errorf("filter chain {%+v} has unsupported config_type %T in filter %s", filterChain, typ, filter.GetName())
+			}
+		}
+		if !seenHCM {
+			return fmt.Errorf("filter chain {%+v} missing HttpConnectionManager filter", filterChain)
+		}
+	}
+	return nil
+}
+
+// UnmarshalRouteConfig processes resources received in an RDS response,
+// validates them, and transforms them into a native struct which contains only
+// fields we are interested in. The provided hostname determines the route
+// configuration resources of interest.
+func UnmarshalRouteConfig(version string, resources []*anypb.Any, logger *grpclog.PrefixLogger) (map[string]RouteConfigUpdate, UpdateMetadata, error) {
+	update := make(map[string]RouteConfigUpdate)
+	md, err := processAllResources(version, resources, logger, update)
+	return update, md, err
+}
+
+func unmarshalRouteConfigResource(r *anypb.Any, logger *grpclog.PrefixLogger) (string, RouteConfigUpdate, error) {
+	if !IsRouteConfigResource(r.GetTypeUrl()) {
+		return "", RouteConfigUpdate{}, fmt.Errorf("unexpected resource type: %q ", r.GetTypeUrl())
+	}
+	rc := &v3routepb.RouteConfiguration{}
+	if err := proto.Unmarshal(r.GetValue(), rc); err != nil {
+		return "", RouteConfigUpdate{}, fmt.Errorf("failed to unmarshal resource: %v", err)
+	}
+	logger.Infof("Resource with name: %v, type: %T, contains: %v.", rc.GetName(), rc, rc)
+
+	// TODO: Pass version.TransportAPI instead of relying upon the type URL
+	v2 := r.GetTypeUrl() == version.V2RouteConfigURL
+	u, err := generateRDSUpdateFromRouteConfiguration(rc, logger, v2)
+	if err != nil {
+		return rc.GetName(), RouteConfigUpdate{}, err
+	}
+	u.Raw = r
+	return rc.GetName(), u, nil
+}
+
+// generateRDSUpdateFromRouteConfiguration checks if the provided
+// RouteConfiguration meets the expected criteria. If so, it returns a
+// RouteConfigUpdate with nil error.
+//
+// A RouteConfiguration resource is considered valid when only if it contains a
+// VirtualHost whose domain field matches the server name from the URI passed
+// to the gRPC channel, and it contains a clusterName or a weighted cluster.
+//
+// The RouteConfiguration includes a list of VirtualHosts, which may have zero
+// or more elements. We are interested in the element whose domains field
+// matches the server name specified in the "xds:" URI. The only field in the
+// VirtualHost proto that the we are interested in is the list of routes. We
+// only look at the last route in the list (the default route), whose match
+// field must be empty and whose route field must be set.  Inside that route
+// message, the cluster field will contain the clusterName or weighted clusters
+// we are looking for.
+func generateRDSUpdateFromRouteConfiguration(rc *v3routepb.RouteConfiguration, logger *grpclog.PrefixLogger, v2 bool) (RouteConfigUpdate, error) {
+	var vhs []*VirtualHost
+	for _, vh := range rc.GetVirtualHosts() {
+		routes, err := routesProtoToSlice(vh.Routes, logger, v2)
+		if err != nil {
+			return RouteConfigUpdate{}, fmt.Errorf("received route is invalid: %v", err)
+		}
+		vhOut := &VirtualHost{
+			Domains: vh.GetDomains(),
+			Routes:  routes,
+		}
+		if !v2 {
+			cfgs, err := processHTTPFilterOverrides(vh.GetTypedPerFilterConfig())
+			if err != nil {
+				return RouteConfigUpdate{}, fmt.Errorf("virtual host %+v: %v", vh, err)
+			}
+			vhOut.HTTPFilterConfigOverride = cfgs
+		}
+		vhs = append(vhs, vhOut)
+	}
+	return RouteConfigUpdate{VirtualHosts: vhs}, nil
+}
+
+func routesProtoToSlice(routes []*v3routepb.Route, logger *grpclog.PrefixLogger, v2 bool) ([]*Route, error) {
+	var routesRet []*Route
+
+	for _, r := range routes {
+		match := r.GetMatch()
+		if match == nil {
+			return nil, fmt.Errorf("route %+v doesn't have a match", r)
+		}
+
+		if len(match.GetQueryParameters()) != 0 {
+			// Ignore route with query parameters.
+			logger.Warningf("route %+v has query parameter matchers, the route will be ignored", r)
+			continue
+		}
+
+		pathSp := match.GetPathSpecifier()
+		if pathSp == nil {
+			return nil, fmt.Errorf("route %+v doesn't have a path specifier", r)
+		}
+
+		var route Route
+		switch pt := pathSp.(type) {
+		case *v3routepb.RouteMatch_Prefix:
+			route.Prefix = &pt.Prefix
+		case *v3routepb.RouteMatch_Path:
+			route.Path = &pt.Path
+		case *v3routepb.RouteMatch_SafeRegex:
+			regex := pt.SafeRegex.GetRegex()
+			re, err := regexp.Compile(regex)
+			if err != nil {
+				return nil, fmt.Errorf("route %+v contains an invalid regex %q", r, regex)
+			}
+			route.Regex = re
+		default:
+			return nil, fmt.Errorf("route %+v has an unrecognized path specifier: %+v", r, pt)
+		}
+
+		if caseSensitive := match.GetCaseSensitive(); caseSensitive != nil {
+			route.CaseInsensitive = !caseSensitive.Value
+		}
+
+		for _, h := range match.GetHeaders() {
+			var header HeaderMatcher
+			switch ht := h.GetHeaderMatchSpecifier().(type) {
+			case *v3routepb.HeaderMatcher_ExactMatch:
+				header.ExactMatch = &ht.ExactMatch
+			case *v3routepb.HeaderMatcher_SafeRegexMatch:
+				regex := ht.SafeRegexMatch.GetRegex()
+				re, err := regexp.Compile(regex)
+				if err != nil {
+					return nil, fmt.Errorf("route %+v contains an invalid regex %q", r, regex)
+				}
+				header.RegexMatch = re
+			case *v3routepb.HeaderMatcher_RangeMatch:
+				header.RangeMatch = &Int64Range{
+					Start: ht.RangeMatch.Start,
+					End:   ht.RangeMatch.End,
+				}
+			case *v3routepb.HeaderMatcher_PresentMatch:
+				header.PresentMatch = &ht.PresentMatch
+			case *v3routepb.HeaderMatcher_PrefixMatch:
+				header.PrefixMatch = &ht.PrefixMatch
+			case *v3routepb.HeaderMatcher_SuffixMatch:
+				header.SuffixMatch = &ht.SuffixMatch
+			default:
+				return nil, fmt.Errorf("route %+v has an unrecognized header matcher: %+v", r, ht)
+			}
+			header.Name = h.GetName()
+			invert := h.GetInvertMatch()
+			header.InvertMatch = &invert
+			route.Headers = append(route.Headers, &header)
+		}
+
+		if fr := match.GetRuntimeFraction(); fr != nil {
+			d := fr.GetDefaultValue()
+			n := d.GetNumerator()
+			switch d.GetDenominator() {
+			case v3typepb.FractionalPercent_HUNDRED:
+				n *= 10000
+			case v3typepb.FractionalPercent_TEN_THOUSAND:
+				n *= 100
+			case v3typepb.FractionalPercent_MILLION:
+			}
+			route.Fraction = &n
+		}
+
+		route.WeightedClusters = make(map[string]WeightedCluster)
+		action := r.GetRoute()
+		switch a := action.GetClusterSpecifier().(type) {
+		case *v3routepb.RouteAction_Cluster:
+			route.WeightedClusters[a.Cluster] = WeightedCluster{Weight: 1}
+		case *v3routepb.RouteAction_WeightedClusters:
+			wcs := a.WeightedClusters
+			var totalWeight uint32
+			for _, c := range wcs.Clusters {
+				w := c.GetWeight().GetValue()
+				if w == 0 {
+					continue
+				}
+				wc := WeightedCluster{Weight: w}
+				if !v2 {
+					cfgs, err := processHTTPFilterOverrides(c.GetTypedPerFilterConfig())
+					if err != nil {
+						return nil, fmt.Errorf("route %+v, action %+v: %v", r, a, err)
+					}
+					wc.HTTPFilterConfigOverride = cfgs
+				}
+				route.WeightedClusters[c.GetName()] = wc
+				totalWeight += w
+			}
+			if totalWeight != wcs.GetTotalWeight().GetValue() {
+				return nil, fmt.Errorf("route %+v, action %+v, weights of clusters do not add up to total total weight, got: %v, want %v", r, a, wcs.GetTotalWeight().GetValue(), totalWeight)
+			}
+			if totalWeight == 0 {
+				return nil, fmt.Errorf("route %+v, action %+v, has no valid cluster in WeightedCluster action", r, a)
+			}
+		case *v3routepb.RouteAction_ClusterHeader:
+			continue
+		}
+
+		msd := action.GetMaxStreamDuration()
+		// Prefer grpc_timeout_header_max, if set.
+		dur := msd.GetGrpcTimeoutHeaderMax()
+		if dur == nil {
+			dur = msd.GetMaxStreamDuration()
+		}
+		if dur != nil {
+			d := dur.AsDuration()
+			route.MaxStreamDuration = &d
+		}
+
+		if !v2 {
+			cfgs, err := processHTTPFilterOverrides(r.GetTypedPerFilterConfig())
+			if err != nil {
+				return nil, fmt.Errorf("route %+v: %v", r, err)
+			}
+			route.HTTPFilterConfigOverride = cfgs
+		}
+		routesRet = append(routesRet, &route)
+	}
+	return routesRet, nil
+}
+
+// UnmarshalCluster processes resources received in an CDS response, validates
+// them, and transforms them into a native struct which contains only fields we
+// are interested in.
+func UnmarshalCluster(version string, resources []*anypb.Any, logger *grpclog.PrefixLogger) (map[string]ClusterUpdate, UpdateMetadata, error) {
+	update := make(map[string]ClusterUpdate)
+	md, err := processAllResources(version, resources, logger, update)
+	return update, md, err
+}
+
+func unmarshalClusterResource(r *anypb.Any, logger *grpclog.PrefixLogger) (string, ClusterUpdate, error) {
+	if !IsClusterResource(r.GetTypeUrl()) {
+		return "", ClusterUpdate{}, fmt.Errorf("unexpected resource type: %q ", r.GetTypeUrl())
+	}
+
+	cluster := &v3clusterpb.Cluster{}
+	if err := proto.Unmarshal(r.GetValue(), cluster); err != nil {
+		return "", ClusterUpdate{}, fmt.Errorf("failed to unmarshal resource: %v", err)
+	}
+	logger.Infof("Resource with name: %v, type: %T, contains: %v", cluster.GetName(), cluster, cluster)
+	cu, err := validateClusterAndConstructClusterUpdate(cluster)
+	if err != nil {
+		return cluster.GetName(), ClusterUpdate{}, err
+	}
+	cu.Raw = r
+
+	return cluster.GetName(), cu, nil
+}
+
+func clusterTypeFromCluster(cluster *v3clusterpb.Cluster) (ClusterType, string, []string, error) {
+	if cluster.GetType() == v3clusterpb.Cluster_EDS {
+		if cluster.GetEdsClusterConfig().GetEdsConfig().GetAds() == nil {
+			return 0, "", nil, fmt.Errorf("unexpected edsConfig in response: %+v", cluster)
+		}
+		// If the Cluster message in the CDS response did not contain a
+		// serviceName, we will just use the clusterName for EDS.
+		if cluster.GetEdsClusterConfig().GetServiceName() == "" {
+			return ClusterTypeEDS, cluster.GetName(), nil, nil
+		}
+		return ClusterTypeEDS, cluster.GetEdsClusterConfig().GetServiceName(), nil, nil
+	}
+
+	if !env.AggregateAndDNSSupportEnv {
+		return 0, "", nil, fmt.Errorf("unsupported cluster type (%v, %v) in response: %+v", cluster.GetType(), cluster.GetClusterType(), cluster)
+	}
+
+	if cluster.GetType() == v3clusterpb.Cluster_LOGICAL_DNS {
+		return ClusterTypeLogicalDNS, cluster.GetName(), nil, nil
+	}
+
+	if cluster.GetClusterType() != nil && cluster.GetClusterType().Name == "envoy.clusters.aggregate" {
+		// Loop through ClusterConfig here to get cluster names.
+		clusters := &v3aggregateclusterpb.ClusterConfig{}
+		if err := proto.Unmarshal(cluster.GetClusterType().GetTypedConfig().GetValue(), clusters); err != nil {
+			return 0, "", nil, fmt.Errorf("failed to unmarshal resource: %v", err)
+		}
+		return ClusterTypeAggregate, cluster.GetName(), clusters.Clusters, nil
+	}
+	return 0, "", nil, fmt.Errorf("unsupported cluster type (%v, %v) in response: %+v", cluster.GetType(), cluster.GetClusterType(), cluster)
+}
+
+func validateClusterAndConstructClusterUpdate(cluster *v3clusterpb.Cluster) (ClusterUpdate, error) {
+	emptyUpdate := ClusterUpdate{ServiceName: "", EnableLRS: false}
+	if cluster.GetLbPolicy() != v3clusterpb.Cluster_ROUND_ROBIN {
+		return emptyUpdate, fmt.Errorf("unexpected lbPolicy %v in response: %+v", cluster.GetLbPolicy(), cluster)
+	}
+	clusterType, serviceName, prioritizedClusters, err := clusterTypeFromCluster(cluster)
+	if err != nil {
+		return emptyUpdate, err
+	}
+
+	// Process security configuration received from the control plane iff the
+	// corresponding environment variable is set.
+	var sc *SecurityConfig
+	if env.ClientSideSecuritySupport {
+		var err error
+		if sc, err = securityConfigFromCluster(cluster); err != nil {
+			return emptyUpdate, err
+		}
+	}
+
+	return ClusterUpdate{
+		ClusterType:             clusterType,
+		ServiceName:             serviceName,
+		EnableLRS:               cluster.GetLrsServer().GetSelf() != nil,
+		SecurityCfg:             sc,
+		MaxRequests:             circuitBreakersFromCluster(cluster),
+		PrioritizedClusterNames: prioritizedClusters,
+	}, nil
+}
+
+// securityConfigFromCluster extracts the relevant security configuration from
+// the received Cluster resource.
+func securityConfigFromCluster(cluster *v3clusterpb.Cluster) (*SecurityConfig, error) {
+	// The Cluster resource contains a `transport_socket` field, which contains
+	// a oneof `typed_config` field of type `protobuf.Any`. The any proto
+	// contains a marshaled representation of an `UpstreamTlsContext` message.
+	ts := cluster.GetTransportSocket()
+	if ts == nil {
+		return nil, nil
+	}
+	if name := ts.GetName(); name != transportSocketName {
+		return nil, fmt.Errorf("transport_socket field has unexpected name: %s", name)
+	}
+	any := ts.GetTypedConfig()
+	if any == nil || any.TypeUrl != version.V3UpstreamTLSContextURL {
+		return nil, fmt.Errorf("transport_socket field has unexpected typeURL: %s", any.TypeUrl)
+	}
+	upstreamCtx := &v3tlspb.UpstreamTlsContext{}
+	if err := proto.Unmarshal(any.GetValue(), upstreamCtx); err != nil {
+		return nil, fmt.Errorf("failed to unmarshal UpstreamTlsContext in CDS response: %v", err)
+	}
+	if upstreamCtx.GetCommonTlsContext() == nil {
+		return nil, errors.New("UpstreamTlsContext in CDS response does not contain a CommonTlsContext")
+	}
+
+	sc, err := securityConfigFromCommonTLSContext(upstreamCtx.GetCommonTlsContext())
+	if err != nil {
+		return nil, err
+	}
+	if sc.RootInstanceName == "" {
+		return nil, errors.New("security configuration on the client-side does not contain root certificate provider instance name")
+	}
+	return sc, nil
+}
+
+// common is expected to be not nil.
+func securityConfigFromCommonTLSContext(common *v3tlspb.CommonTlsContext) (*SecurityConfig, error) {
+	// The `CommonTlsContext` contains a
+	// `tls_certificate_certificate_provider_instance` field of type
+	// `CertificateProviderInstance`, which contains the provider instance name
+	// and the certificate name to fetch identity certs.
+	sc := &SecurityConfig{}
+	if identity := common.GetTlsCertificateCertificateProviderInstance(); identity != nil {
+		sc.IdentityInstanceName = identity.GetInstanceName()
+		sc.IdentityCertName = identity.GetCertificateName()
+	}
+
+	// The `CommonTlsContext` contains a `validation_context_type` field which
+	// is a oneof. We can get the values that we are interested in from two of
+	// those possible values:
+	//  - combined validation context:
+	//    - contains a default validation context which holds the list of
+	//      matchers for accepted SANs.
+	//    - contains certificate provider instance configuration
+	//  - certificate provider instance configuration
+	//    - in this case, we do not get a list of accepted SANs.
+	switch t := common.GetValidationContextType().(type) {
+	case *v3tlspb.CommonTlsContext_CombinedValidationContext:
+		combined := common.GetCombinedValidationContext()
+		var matchers []xds.StringMatcher
+		if def := combined.GetDefaultValidationContext(); def != nil {
+			for _, m := range def.GetMatchSubjectAltNames() {
+				matcher, err := xds.StringMatcherFromProto(m)
+				if err != nil {
+					return nil, err
+				}
+				matchers = append(matchers, matcher)
+			}
+		}
+		sc.SubjectAltNameMatchers = matchers
+		if pi := combined.GetValidationContextCertificateProviderInstance(); pi != nil {
+			sc.RootInstanceName = pi.GetInstanceName()
+			sc.RootCertName = pi.GetCertificateName()
+		}
+	case *v3tlspb.CommonTlsContext_ValidationContextCertificateProviderInstance:
+		pi := common.GetValidationContextCertificateProviderInstance()
+		sc.RootInstanceName = pi.GetInstanceName()
+		sc.RootCertName = pi.GetCertificateName()
+	case nil:
+		// It is valid for the validation context to be nil on the server side.
+	default:
+		return nil, fmt.Errorf("validation context contains unexpected type: %T", t)
+	}
+	return sc, nil
+}
+
+// circuitBreakersFromCluster extracts the circuit breakers configuration from
+// the received cluster resource. Returns nil if no CircuitBreakers or no
+// Thresholds in CircuitBreakers.
+func circuitBreakersFromCluster(cluster *v3clusterpb.Cluster) *uint32 {
+	if !env.CircuitBreakingSupport {
+		return nil
+	}
+	for _, threshold := range cluster.GetCircuitBreakers().GetThresholds() {
+		if threshold.GetPriority() != v3corepb.RoutingPriority_DEFAULT {
+			continue
+		}
+		maxRequestsPb := threshold.GetMaxRequests()
+		if maxRequestsPb == nil {
+			return nil
+		}
+		maxRequests := maxRequestsPb.GetValue()
+		return &maxRequests
+	}
+	return nil
+}
+
+// UnmarshalEndpoints processes resources received in an EDS response,
+// validates them, and transforms them into a native struct which contains only
+// fields we are interested in.
+func UnmarshalEndpoints(version string, resources []*anypb.Any, logger *grpclog.PrefixLogger) (map[string]EndpointsUpdate, UpdateMetadata, error) {
+	update := make(map[string]EndpointsUpdate)
+	md, err := processAllResources(version, resources, logger, update)
+	return update, md, err
+}
+
+func unmarshalEndpointsResource(r *anypb.Any, logger *grpclog.PrefixLogger) (string, EndpointsUpdate, error) {
+	if !IsEndpointsResource(r.GetTypeUrl()) {
+		return "", EndpointsUpdate{}, fmt.Errorf("unexpected resource type: %q ", r.GetTypeUrl())
+	}
+
+	cla := &v3endpointpb.ClusterLoadAssignment{}
+	if err := proto.Unmarshal(r.GetValue(), cla); err != nil {
+		return "", EndpointsUpdate{}, fmt.Errorf("failed to unmarshal resource: %v", err)
+	}
+	logger.Infof("Resource with name: %v, type: %T, contains: %v", cla.GetClusterName(), cla, cla)
+
+	u, err := parseEDSRespProto(cla)
+	if err != nil {
+		return cla.GetClusterName(), EndpointsUpdate{}, err
+	}
+	u.Raw = r
+	return cla.GetClusterName(), u, nil
+}
+
+func parseAddress(socketAddress *v3corepb.SocketAddress) string {
+	return net.JoinHostPort(socketAddress.GetAddress(), strconv.Itoa(int(socketAddress.GetPortValue())))
+}
+
+func parseDropPolicy(dropPolicy *v3endpointpb.ClusterLoadAssignment_Policy_DropOverload) OverloadDropConfig {
+	percentage := dropPolicy.GetDropPercentage()
+	var (
+		numerator   = percentage.GetNumerator()
+		denominator uint32
+	)
+	switch percentage.GetDenominator() {
+	case v3typepb.FractionalPercent_HUNDRED:
+		denominator = 100
+	case v3typepb.FractionalPercent_TEN_THOUSAND:
+		denominator = 10000
+	case v3typepb.FractionalPercent_MILLION:
+		denominator = 1000000
+	}
+	return OverloadDropConfig{
+		Category:    dropPolicy.GetCategory(),
+		Numerator:   numerator,
+		Denominator: denominator,
+	}
+}
+
+func parseEndpoints(lbEndpoints []*v3endpointpb.LbEndpoint) []Endpoint {
+	endpoints := make([]Endpoint, 0, len(lbEndpoints))
+	for _, lbEndpoint := range lbEndpoints {
+		endpoints = append(endpoints, Endpoint{
+			HealthStatus: EndpointHealthStatus(lbEndpoint.GetHealthStatus()),
+			Address:      parseAddress(lbEndpoint.GetEndpoint().GetAddress().GetSocketAddress()),
+			Weight:       lbEndpoint.GetLoadBalancingWeight().GetValue(),
+		})
+	}
+	return endpoints
+}
+
+func parseEDSRespProto(m *v3endpointpb.ClusterLoadAssignment) (EndpointsUpdate, error) {
+	ret := EndpointsUpdate{}
+	for _, dropPolicy := range m.GetPolicy().GetDropOverloads() {
+		ret.Drops = append(ret.Drops, parseDropPolicy(dropPolicy))
+	}
+	priorities := make(map[uint32]struct{})
+	for _, locality := range m.Endpoints {
+		l := locality.GetLocality()
+		if l == nil {
+			return EndpointsUpdate{}, fmt.Errorf("EDS response contains a locality without ID, locality: %+v", locality)
+		}
+		lid := internal.LocalityID{
+			Region:  l.Region,
+			Zone:    l.Zone,
+			SubZone: l.SubZone,
+		}
+		priority := locality.GetPriority()
+		priorities[priority] = struct{}{}
+		ret.Localities = append(ret.Localities, Locality{
+			ID:        lid,
+			Endpoints: parseEndpoints(locality.GetLbEndpoints()),
+			Weight:    locality.GetLoadBalancingWeight().GetValue(),
+			Priority:  priority,
+		})
+	}
+	for i := 0; i < len(priorities); i++ {
+		if _, ok := priorities[uint32(i)]; !ok {
+			return EndpointsUpdate{}, fmt.Errorf("priority %v missing (with different priorities %v received)", i, priorities)
+		}
+	}
+	return ret, nil
+}
+
+// processAllResources unmarshals and validates the resources, populates the
+// provided ret (a map), and returns metadata and error.
+//
+// The type of the resource is determined by the type of ret. E.g.
+// map[string]ListenerUpdate means this is for LDS.
+func processAllResources(version string, resources []*anypb.Any, logger *grpclog.PrefixLogger, ret interface{}) (UpdateMetadata, error) {
+	timestamp := time.Now()
+	md := UpdateMetadata{
+		Version:   version,
+		Timestamp: timestamp,
+	}
+	var topLevelErrors []error
+	perResourceErrors := make(map[string]error)
+
+	for _, r := range resources {
+		switch ret2 := ret.(type) {
+		case map[string]ListenerUpdate:
+			name, update, err := unmarshalListenerResource(r, logger)
+			if err == nil {
+				ret2[name] = update
+				continue
+			}
+			if name == "" {
+				topLevelErrors = append(topLevelErrors, err)
+				continue
+			}
+			perResourceErrors[name] = err
+			// Add place holder in the map so we know this resource name was in
+			// the response.
+			ret2[name] = ListenerUpdate{}
+		case map[string]RouteConfigUpdate:
+			name, update, err := unmarshalRouteConfigResource(r, logger)
+			if err == nil {
+				ret2[name] = update
+				continue
+			}
+			if name == "" {
+				topLevelErrors = append(topLevelErrors, err)
+				continue
+			}
+			perResourceErrors[name] = err
+			// Add place holder in the map so we know this resource name was in
+			// the response.
+			ret2[name] = RouteConfigUpdate{}
+		case map[string]ClusterUpdate:
+			name, update, err := unmarshalClusterResource(r, logger)
+			if err == nil {
+				ret2[name] = update
+				continue
+			}
+			if name == "" {
+				topLevelErrors = append(topLevelErrors, err)
+				continue
+			}
+			perResourceErrors[name] = err
+			// Add place holder in the map so we know this resource name was in
+			// the response.
+			ret2[name] = ClusterUpdate{}
+		case map[string]EndpointsUpdate:
+			name, update, err := unmarshalEndpointsResource(r, logger)
+			if err == nil {
+				ret2[name] = update
+				continue
+			}
+			if name == "" {
+				topLevelErrors = append(topLevelErrors, err)
+				continue
+			}
+			perResourceErrors[name] = err
+			// Add place holder in the map so we know this resource name was in
+			// the response.
+			ret2[name] = EndpointsUpdate{}
+		}
+	}
+
+	if len(topLevelErrors) == 0 && len(perResourceErrors) == 0 {
+		md.Status = ServiceStatusACKed
+		return md, nil
+	}
+
+	var typeStr string
+	switch ret.(type) {
+	case map[string]ListenerUpdate:
+		typeStr = "LDS"
+	case map[string]RouteConfigUpdate:
+		typeStr = "RDS"
+	case map[string]ClusterUpdate:
+		typeStr = "CDS"
+	case map[string]EndpointsUpdate:
+		typeStr = "EDS"
+	}
+
+	md.Status = ServiceStatusNACKed
+	errRet := combineErrors(typeStr, topLevelErrors, perResourceErrors)
+	md.ErrState = &UpdateErrorMetadata{
+		Version:   version,
+		Err:       errRet,
+		Timestamp: timestamp,
+	}
+	return md, errRet
+}
+
+func combineErrors(rType string, topLevelErrors []error, perResourceErrors map[string]error) error {
+	var errStrB strings.Builder
+	errStrB.WriteString(fmt.Sprintf("error parsing %q response: ", rType))
+	if len(topLevelErrors) > 0 {
+		errStrB.WriteString("top level errors: ")
+		for i, err := range topLevelErrors {
+			if i != 0 {
+				errStrB.WriteString(";\n")
+			}
+			errStrB.WriteString(err.Error())
+		}
+	}
+	if len(perResourceErrors) > 0 {
+		var i int
+		for name, err := range perResourceErrors {
+			if i != 0 {
+				errStrB.WriteString(";\n")
+			}
+			i++
+			errStrB.WriteString(fmt.Sprintf("resource %q: %v", name, err.Error()))
+		}
+	}
+	return errors.New(errStrB.String())
+}
diff --git a/vendor/google.golang.org/grpc/xds/internal/httpfilter/fault/fault.go b/vendor/google.golang.org/grpc/xds/internal/httpfilter/fault/fault.go
new file mode 100644
index 00000000000..ee2ed9fd492
--- /dev/null
+++ b/vendor/google.golang.org/grpc/xds/internal/httpfilter/fault/fault.go
@@ -0,0 +1,300 @@
+/*
+ *
+ * Copyright 2021 gRPC authors.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ */
+
+// Package fault implements the Envoy Fault Injection HTTP filter.
+package fault
+
+import (
+	"context"
+	"errors"
+	"fmt"
+	"io"
+	"strconv"
+	"sync/atomic"
+	"time"
+
+	"github.com/golang/protobuf/proto"
+	"github.com/golang/protobuf/ptypes"
+	"google.golang.org/grpc/codes"
+	"google.golang.org/grpc/internal/grpcrand"
+	iresolver "google.golang.org/grpc/internal/resolver"
+	"google.golang.org/grpc/internal/xds/env"
+	"google.golang.org/grpc/metadata"
+	"google.golang.org/grpc/status"
+	"google.golang.org/grpc/xds/internal/httpfilter"
+	"google.golang.org/protobuf/types/known/anypb"
+
+	cpb "github.com/envoyproxy/go-control-plane/envoy/extensions/filters/common/fault/v3"
+	fpb "github.com/envoyproxy/go-control-plane/envoy/extensions/filters/http/fault/v3"
+	tpb "github.com/envoyproxy/go-control-plane/envoy/type/v3"
+)
+
+const headerAbortHTTPStatus = "x-envoy-fault-abort-request"
+const headerAbortGRPCStatus = "x-envoy-fault-abort-grpc-request"
+const headerAbortPercentage = "x-envoy-fault-abort-request-percentage"
+
+const headerDelayPercentage = "x-envoy-fault-delay-request-percentage"
+const headerDelayDuration = "x-envoy-fault-delay-request"
+
+var statusMap = map[int]codes.Code{
+	400: codes.Internal,
+	401: codes.Unauthenticated,
+	403: codes.PermissionDenied,
+	404: codes.Unimplemented,
+	429: codes.Unavailable,
+	502: codes.Unavailable,
+	503: codes.Unavailable,
+	504: codes.Unavailable,
+}
+
+func init() {
+	if env.FaultInjectionSupport {
+		httpfilter.Register(builder{})
+	}
+}
+
+type builder struct {
+}
+
+type config struct {
+	httpfilter.FilterConfig
+	config *fpb.HTTPFault
+}
+
+func (builder) TypeURLs() []string {
+	return []string{"type.googleapis.com/envoy.extensions.filters.http.fault.v3.HTTPFault"}
+}
+
+// Parsing is the same for the base config and the override config.
+func parseConfig(cfg proto.Message) (httpfilter.FilterConfig, error) {
+	if cfg == nil {
+		return nil, fmt.Errorf("fault: nil configuration message provided")
+	}
+	any, ok := cfg.(*anypb.Any)
+	if !ok {
+		return nil, fmt.Errorf("fault: error parsing config %v: unknown type %T", cfg, cfg)
+	}
+	msg := new(fpb.HTTPFault)
+	if err := ptypes.UnmarshalAny(any, msg); err != nil {
+		return nil, fmt.Errorf("fault: error parsing config %v: %v", cfg, err)
+	}
+	return config{config: msg}, nil
+}
+
+func (builder) ParseFilterConfig(cfg proto.Message) (httpfilter.FilterConfig, error) {
+	return parseConfig(cfg)
+}
+
+func (builder) ParseFilterConfigOverride(override proto.Message) (httpfilter.FilterConfig, error) {
+	return parseConfig(override)
+}
+
+var _ httpfilter.ClientInterceptorBuilder = builder{}
+
+func (builder) BuildClientInterceptor(cfg, override httpfilter.FilterConfig) (iresolver.ClientInterceptor, error) {
+	if cfg == nil {
+		return nil, fmt.Errorf("fault: nil config provided")
+	}
+
+	c, ok := cfg.(config)
+	if !ok {
+		return nil, fmt.Errorf("fault: incorrect config type provided (%T): %v", cfg, cfg)
+	}
+
+	if override != nil {
+		// override completely replaces the listener configuration; but we
+		// still validate the listener config type.
+		c, ok = override.(config)
+		if !ok {
+			return nil, fmt.Errorf("fault: incorrect override config type provided (%T): %v", override, override)
+		}
+	}
+
+	icfg := c.config
+	if (icfg.GetMaxActiveFaults() != nil && icfg.GetMaxActiveFaults().GetValue() == 0) ||
+		(icfg.GetDelay() == nil && icfg.GetAbort() == nil) {
+		return nil, nil
+	}
+	return &interceptor{config: icfg}, nil
+}
+
+type interceptor struct {
+	config *fpb.HTTPFault
+}
+
+var activeFaults uint32 // global active faults; accessed atomically
+
+func (i *interceptor) NewStream(ctx context.Context, ri iresolver.RPCInfo, done func(), newStream func(ctx context.Context, done func()) (iresolver.ClientStream, error)) (iresolver.ClientStream, error) {
+	if maxAF := i.config.GetMaxActiveFaults(); maxAF != nil {
+		defer atomic.AddUint32(&activeFaults, ^uint32(0)) // decrement counter
+		if af := atomic.AddUint32(&activeFaults, 1); af > maxAF.GetValue() {
+			// Would exceed maximum active fault limit.
+			return newStream(ctx, done)
+		}
+	}
+
+	if err := injectDelay(ctx, i.config.GetDelay()); err != nil {
+		return nil, err
+	}
+
+	if err := injectAbort(ctx, i.config.GetAbort()); err != nil {
+		if err == errOKStream {
+			return &okStream{ctx: ctx}, nil
+		}
+		return nil, err
+	}
+	return newStream(ctx, done)
+}
+
+// For overriding in tests
+var randIntn = grpcrand.Intn
+var newTimer = time.NewTimer
+
+func injectDelay(ctx context.Context, delayCfg *cpb.FaultDelay) error {
+	numerator, denominator := splitPct(delayCfg.GetPercentage())
+	var delay time.Duration
+	switch delayType := delayCfg.GetFaultDelaySecifier().(type) {
+	case *cpb.FaultDelay_FixedDelay:
+		delay = delayType.FixedDelay.AsDuration()
+	case *cpb.FaultDelay_HeaderDelay_:
+		md, _ := metadata.FromOutgoingContext(ctx)
+		v := md[headerDelayDuration]
+		if v == nil {
+			// No delay configured for this RPC.
+			return nil
+		}
+		ms, ok := parseIntFromMD(v)
+		if !ok {
+			// Malformed header; no delay.
+			return nil
+		}
+		delay = time.Duration(ms) * time.Millisecond
+		if v := md[headerDelayPercentage]; v != nil {
+			if num, ok := parseIntFromMD(v); ok && num < numerator {
+				numerator = num
+			}
+		}
+	}
+	if delay == 0 || randIntn(denominator) >= numerator {
+		return nil
+	}
+	t := newTimer(delay)
+	select {
+	case <-t.C:
+	case <-ctx.Done():
+		t.Stop()
+		return ctx.Err()
+	}
+	return nil
+}
+
+func injectAbort(ctx context.Context, abortCfg *fpb.FaultAbort) error {
+	numerator, denominator := splitPct(abortCfg.GetPercentage())
+	code := codes.OK
+	okCode := false
+	switch errType := abortCfg.GetErrorType().(type) {
+	case *fpb.FaultAbort_HttpStatus:
+		code, okCode = grpcFromHTTP(int(errType.HttpStatus))
+	case *fpb.FaultAbort_GrpcStatus:
+		code, okCode = sanitizeGRPCCode(codes.Code(errType.GrpcStatus)), true
+	case *fpb.FaultAbort_HeaderAbort_:
+		md, _ := metadata.FromOutgoingContext(ctx)
+		if v := md[headerAbortHTTPStatus]; v != nil {
+			// HTTP status has priority over gRPC status.
+			if httpStatus, ok := parseIntFromMD(v); ok {
+				code, okCode = grpcFromHTTP(httpStatus)
+			}
+		} else if v := md[headerAbortGRPCStatus]; v != nil {
+			if grpcStatus, ok := parseIntFromMD(v); ok {
+				code, okCode = sanitizeGRPCCode(codes.Code(grpcStatus)), true
+			}
+		}
+		if v := md[headerAbortPercentage]; v != nil {
+			if num, ok := parseIntFromMD(v); ok && num < numerator {
+				numerator = num
+			}
+		}
+	}
+	if !okCode || randIntn(denominator) >= numerator {
+		return nil
+	}
+	if code == codes.OK {
+		return errOKStream
+	}
+	return status.Errorf(code, "RPC terminated due to fault injection")
+}
+
+var errOKStream = errors.New("stream terminated early with OK status")
+
+// parseIntFromMD returns the integer in the last header or nil if parsing
+// failed.
+func parseIntFromMD(header []string) (int, bool) {
+	if len(header) == 0 {
+		return 0, false
+	}
+	v, err := strconv.Atoi(header[len(header)-1])
+	return v, err == nil
+}
+
+func splitPct(fp *tpb.FractionalPercent) (num int, den int) {
+	if fp == nil {
+		return 0, 100
+	}
+	num = int(fp.GetNumerator())
+	switch fp.GetDenominator() {
+	case tpb.FractionalPercent_HUNDRED:
+		return num, 100
+	case tpb.FractionalPercent_TEN_THOUSAND:
+		return num, 10 * 1000
+	case tpb.FractionalPercent_MILLION:
+		return num, 1000 * 1000
+	}
+	return num, 100
+}
+
+func grpcFromHTTP(httpStatus int) (codes.Code, bool) {
+	if httpStatus < 200 || httpStatus >= 600 {
+		// Malformed; ignore this fault type.
+		return codes.OK, false
+	}
+	if c := statusMap[httpStatus]; c != codes.OK {
+		// OK = 0/the default for the map.
+		return c, true
+	}
+	// All undefined HTTP status codes convert to Unknown. HTTP status of 200
+	// is "success", but gRPC converts to Unknown due to missing grpc status.
+	return codes.Unknown, true
+}
+
+func sanitizeGRPCCode(c codes.Code) codes.Code {
+	if c > codes.Code(16) {
+		return codes.Unknown
+	}
+	return c
+}
+
+type okStream struct {
+	ctx context.Context
+}
+
+func (*okStream) Header() (metadata.MD, error) { return nil, nil }
+func (*okStream) Trailer() metadata.MD         { return nil }
+func (*okStream) CloseSend() error             { return nil }
+func (o *okStream) Context() context.Context   { return o.ctx }
+func (*okStream) SendMsg(m interface{}) error  { return io.EOF }
+func (*okStream) RecvMsg(m interface{}) error  { return io.EOF }
diff --git a/vendor/google.golang.org/grpc/xds/internal/httpfilter/httpfilter.go b/vendor/google.golang.org/grpc/xds/internal/httpfilter/httpfilter.go
new file mode 100644
index 00000000000..1f5f005e9bd
--- /dev/null
+++ b/vendor/google.golang.org/grpc/xds/internal/httpfilter/httpfilter.go
@@ -0,0 +1,99 @@
+/*
+ *
+ * Copyright 2021 gRPC authors.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ */
+
+// Package httpfilter contains the HTTPFilter interface and a registry for
+// storing and retrieving their implementations.
+package httpfilter
+
+import (
+	"github.com/golang/protobuf/proto"
+	iresolver "google.golang.org/grpc/internal/resolver"
+)
+
+// FilterConfig represents an opaque data structure holding configuration for a
+// filter.  Embed this interface to implement it.
+type FilterConfig interface {
+	isFilterConfig()
+}
+
+// Filter defines the parsing functionality of an HTTP filter.  A Filter may
+// optionally implement either ClientInterceptorBuilder or
+// ServerInterceptorBuilder or both, indicating it is capable of working on the
+// client side or server side or both, respectively.
+type Filter interface {
+	// TypeURLs are the proto message types supported by this filter.  A filter
+	// will be registered by each of its supported message types.
+	TypeURLs() []string
+	// ParseFilterConfig parses the provided configuration proto.Message from
+	// the LDS configuration of this filter.  This may be an anypb.Any or a
+	// udpa.type.v1.TypedStruct for filters that do not accept a custom type.
+	// The resulting FilterConfig will later be passed to Build.
+	ParseFilterConfig(proto.Message) (FilterConfig, error)
+	// ParseFilterConfigOverride parses the provided override configuration
+	// proto.Message from the RDS override configuration of this filter.  This
+	// may be an anypb.Any or a udpa.type.v1.TypedStruct for filters that do
+	// not accept a custom type.  The resulting FilterConfig will later be
+	// passed to Build.
+	ParseFilterConfigOverride(proto.Message) (FilterConfig, error)
+}
+
+// ClientInterceptorBuilder constructs a Client Interceptor.  If this type is
+// implemented by a Filter, it is capable of working on a client.
+type ClientInterceptorBuilder interface {
+	// BuildClientInterceptor uses the FilterConfigs produced above to produce
+	// an HTTP filter interceptor for clients.  config will always be non-nil,
+	// but override may be nil if no override config exists for the filter.  It
+	// is valid for Build to return a nil Interceptor and a nil error.  In this
+	// case, the RPC will not be intercepted by this filter.
+	BuildClientInterceptor(config, override FilterConfig) (iresolver.ClientInterceptor, error)
+}
+
+// ServerInterceptorBuilder constructs a Server Interceptor.  If this type is
+// implemented by a Filter, it is capable of working on a server.
+type ServerInterceptorBuilder interface {
+	// BuildServerInterceptor uses the FilterConfigs produced above to produce
+	// an HTTP filter interceptor for servers.  config will always be non-nil,
+	// but override may be nil if no override config exists for the filter.  It
+	// is valid for Build to return a nil Interceptor and a nil error.  In this
+	// case, the RPC will not be intercepted by this filter.
+	BuildServerInterceptor(config, override FilterConfig) (iresolver.ServerInterceptor, error)
+}
+
+var (
+	// m is a map from scheme to filter.
+	m = make(map[string]Filter)
+)
+
+// Register registers the HTTP filter Builder to the filter map. b.TypeURLs()
+// will be used as the types for this filter.
+//
+// NOTE: this function must only be called during initialization time (i.e. in
+// an init() function), and is not thread-safe. If multiple filters are
+// registered with the same type URL, the one registered last will take effect.
+func Register(b Filter) {
+	for _, u := range b.TypeURLs() {
+		m[u] = b
+	}
+}
+
+// Get returns the HTTPFilter registered with typeURL.
+//
+// If no filter is register with typeURL, nil will be returned.
+func Get(typeURL string) Filter {
+	return m[typeURL]
+}
diff --git a/vendor/google.golang.org/grpc/xds/internal/httpfilter/router/router.go b/vendor/google.golang.org/grpc/xds/internal/httpfilter/router/router.go
new file mode 100644
index 00000000000..b0f9d9d9a1e
--- /dev/null
+++ b/vendor/google.golang.org/grpc/xds/internal/httpfilter/router/router.go
@@ -0,0 +1,110 @@
+/*
+ *
+ * Copyright 2021 gRPC authors.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ */
+
+// Package router implements the Envoy Router HTTP filter.
+package router
+
+import (
+	"fmt"
+
+	"github.com/golang/protobuf/proto"
+	"github.com/golang/protobuf/ptypes"
+	iresolver "google.golang.org/grpc/internal/resolver"
+	"google.golang.org/grpc/xds/internal/httpfilter"
+	"google.golang.org/protobuf/types/known/anypb"
+
+	pb "github.com/envoyproxy/go-control-plane/envoy/extensions/filters/http/router/v3"
+)
+
+// TypeURL is the message type for the Router configuration.
+const TypeURL = "type.googleapis.com/envoy.extensions.filters.http.router.v3.Router"
+
+func init() {
+	httpfilter.Register(builder{})
+}
+
+// IsRouterFilter returns true iff a HTTP filter is a Router filter.
+func IsRouterFilter(b httpfilter.Filter) bool {
+	_, ok := b.(builder)
+	return ok
+}
+
+type builder struct {
+}
+
+func (builder) TypeURLs() []string { return []string{TypeURL} }
+
+func (builder) ParseFilterConfig(cfg proto.Message) (httpfilter.FilterConfig, error) {
+	// The gRPC router filter does not currently use any fields from the
+	// config.  Verify type only.
+	if cfg == nil {
+		return nil, fmt.Errorf("router: nil configuration message provided")
+	}
+	any, ok := cfg.(*anypb.Any)
+	if !ok {
+		return nil, fmt.Errorf("router: error parsing config %v: unknown type %T", cfg, cfg)
+	}
+	msg := new(pb.Router)
+	if err := ptypes.UnmarshalAny(any, msg); err != nil {
+		return nil, fmt.Errorf("router: error parsing config %v: %v", cfg, err)
+	}
+	return config{}, nil
+}
+
+func (builder) ParseFilterConfigOverride(override proto.Message) (httpfilter.FilterConfig, error) {
+	if override != nil {
+		return nil, fmt.Errorf("router: unexpected config override specified: %v", override)
+	}
+	return config{}, nil
+}
+
+var (
+	_ httpfilter.ClientInterceptorBuilder = builder{}
+	_ httpfilter.ServerInterceptorBuilder = builder{}
+)
+
+func (builder) BuildClientInterceptor(cfg, override httpfilter.FilterConfig) (iresolver.ClientInterceptor, error) {
+	if _, ok := cfg.(config); !ok {
+		return nil, fmt.Errorf("router: incorrect config type provided (%T): %v", cfg, cfg)
+	}
+	if override != nil {
+		return nil, fmt.Errorf("router: unexpected override configuration specified: %v", override)
+	}
+	// The gRPC router is implemented within the xds resolver's config
+	// selector, not as a separate plugin.  So we return a nil HTTPFilter,
+	// which will not be invoked.
+	return nil, nil
+}
+
+func (builder) BuildServerInterceptor(cfg, override httpfilter.FilterConfig) (iresolver.ServerInterceptor, error) {
+	if _, ok := cfg.(config); !ok {
+		return nil, fmt.Errorf("router: incorrect config type provided (%T): %v", cfg, cfg)
+	}
+	if override != nil {
+		return nil, fmt.Errorf("router: unexpected override configuration specified: %v", override)
+	}
+	// The gRPC router is currently unimplemented on the server side. So we
+	// return a nil HTTPFilter, which will not be invoked.
+	return nil, nil
+}
+
+// The gRPC router filter does not currently support any configuration.  Verify
+// type only.
+type config struct {
+	httpfilter.FilterConfig
+}
diff --git a/vendor/google.golang.org/grpc/xds/internal/internal.go b/vendor/google.golang.org/grpc/xds/internal/internal.go
new file mode 100644
index 00000000000..e4284ee02e0
--- /dev/null
+++ b/vendor/google.golang.org/grpc/xds/internal/internal.go
@@ -0,0 +1,55 @@
+/*
+ *
+ * Copyright 2019 gRPC authors.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+// Package internal contains functions/structs shared by xds
+// balancers/resolvers.
+package internal
+
+import (
+	"encoding/json"
+	"fmt"
+)
+
+// LocalityID is xds.Locality without XXX fields, so it can be used as map
+// keys.
+//
+// xds.Locality cannot be map keys because one of the XXX fields is a slice.
+type LocalityID struct {
+	Region  string `json:"region,omitempty"`
+	Zone    string `json:"zone,omitempty"`
+	SubZone string `json:"subZone,omitempty"`
+}
+
+// ToString generates a string representation of LocalityID by marshalling it into
+// json. Not calling it String() so printf won't call it.
+func (l LocalityID) ToString() (string, error) {
+	b, err := json.Marshal(l)
+	if err != nil {
+		return "", err
+	}
+	return string(b), nil
+}
+
+// LocalityIDFromString converts a json representation of locality, into a
+// LocalityID struct.
+func LocalityIDFromString(s string) (ret LocalityID, _ error) {
+	err := json.Unmarshal([]byte(s), &ret)
+	if err != nil {
+		return LocalityID{}, fmt.Errorf("%s is not a well formatted locality ID, error: %v", s, err)
+	}
+	return ret, nil
+}
diff --git a/vendor/google.golang.org/grpc/xds/internal/resolver/logging.go b/vendor/google.golang.org/grpc/xds/internal/resolver/logging.go
new file mode 100644
index 00000000000..746b85af255
--- /dev/null
+++ b/vendor/google.golang.org/grpc/xds/internal/resolver/logging.go
@@ -0,0 +1,34 @@
+/*
+ *
+ * Copyright 2020 gRPC authors.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ */
+
+package resolver
+
+import (
+	"fmt"
+
+	"google.golang.org/grpc/grpclog"
+	internalgrpclog "google.golang.org/grpc/internal/grpclog"
+)
+
+const prefix = "[xds-resolver %p] "
+
+var logger = grpclog.Component("xds")
+
+func prefixLogger(p *xdsResolver) *internalgrpclog.PrefixLogger {
+	return internalgrpclog.NewPrefixLogger(logger, fmt.Sprintf(prefix, p))
+}
diff --git a/vendor/google.golang.org/grpc/xds/internal/resolver/matcher.go b/vendor/google.golang.org/grpc/xds/internal/resolver/matcher.go
new file mode 100644
index 00000000000..06456a58557
--- /dev/null
+++ b/vendor/google.golang.org/grpc/xds/internal/resolver/matcher.go
@@ -0,0 +1,152 @@
+/*
+ *
+ * Copyright 2020 gRPC authors.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ */
+
+package resolver
+
+import (
+	"fmt"
+	"strings"
+
+	"google.golang.org/grpc/internal/grpcrand"
+	"google.golang.org/grpc/internal/grpcutil"
+	iresolver "google.golang.org/grpc/internal/resolver"
+	"google.golang.org/grpc/metadata"
+	xdsclient "google.golang.org/grpc/xds/internal/client"
+)
+
+func routeToMatcher(r *xdsclient.Route) (*compositeMatcher, error) {
+	var pathMatcher pathMatcherInterface
+	switch {
+	case r.Regex != nil:
+		pathMatcher = newPathRegexMatcher(r.Regex)
+	case r.Path != nil:
+		pathMatcher = newPathExactMatcher(*r.Path, r.CaseInsensitive)
+	case r.Prefix != nil:
+		pathMatcher = newPathPrefixMatcher(*r.Prefix, r.CaseInsensitive)
+	default:
+		return nil, fmt.Errorf("illegal route: missing path_matcher")
+	}
+
+	var headerMatchers []headerMatcherInterface
+	for _, h := range r.Headers {
+		var matcherT headerMatcherInterface
+		switch {
+		case h.ExactMatch != nil && *h.ExactMatch != "":
+			matcherT = newHeaderExactMatcher(h.Name, *h.ExactMatch)
+		case h.RegexMatch != nil:
+			matcherT = newHeaderRegexMatcher(h.Name, h.RegexMatch)
+		case h.PrefixMatch != nil && *h.PrefixMatch != "":
+			matcherT = newHeaderPrefixMatcher(h.Name, *h.PrefixMatch)
+		case h.SuffixMatch != nil && *h.SuffixMatch != "":
+			matcherT = newHeaderSuffixMatcher(h.Name, *h.SuffixMatch)
+		case h.RangeMatch != nil:
+			matcherT = newHeaderRangeMatcher(h.Name, h.RangeMatch.Start, h.RangeMatch.End)
+		case h.PresentMatch != nil:
+			matcherT = newHeaderPresentMatcher(h.Name, *h.PresentMatch)
+		default:
+			return nil, fmt.Errorf("illegal route: missing header_match_specifier")
+		}
+		if h.InvertMatch != nil && *h.InvertMatch {
+			matcherT = newInvertMatcher(matcherT)
+		}
+		headerMatchers = append(headerMatchers, matcherT)
+	}
+
+	var fractionMatcher *fractionMatcher
+	if r.Fraction != nil {
+		fractionMatcher = newFractionMatcher(*r.Fraction)
+	}
+	return newCompositeMatcher(pathMatcher, headerMatchers, fractionMatcher), nil
+}
+
+// compositeMatcher.match returns true if all matchers return true.
+type compositeMatcher struct {
+	pm  pathMatcherInterface
+	hms []headerMatcherInterface
+	fm  *fractionMatcher
+}
+
+func newCompositeMatcher(pm pathMatcherInterface, hms []headerMatcherInterface, fm *fractionMatcher) *compositeMatcher {
+	return &compositeMatcher{pm: pm, hms: hms, fm: fm}
+}
+
+func (a *compositeMatcher) match(info iresolver.RPCInfo) bool {
+	if a.pm != nil && !a.pm.match(info.Method) {
+		return false
+	}
+
+	// Call headerMatchers even if md is nil, because routes may match
+	// non-presence of some headers.
+	var md metadata.MD
+	if info.Context != nil {
+		md, _ = metadata.FromOutgoingContext(info.Context)
+		if extraMD, ok := grpcutil.ExtraMetadata(info.Context); ok {
+			md = metadata.Join(md, extraMD)
+			// Remove all binary headers. They are hard to match with. May need
+			// to add back if asked by users.
+			for k := range md {
+				if strings.HasSuffix(k, "-bin") {
+					delete(md, k)
+				}
+			}
+		}
+	}
+	for _, m := range a.hms {
+		if !m.match(md) {
+			return false
+		}
+	}
+
+	if a.fm != nil && !a.fm.match() {
+		return false
+	}
+	return true
+}
+
+func (a *compositeMatcher) String() string {
+	var ret string
+	if a.pm != nil {
+		ret += a.pm.String()
+	}
+	for _, m := range a.hms {
+		ret += m.String()
+	}
+	if a.fm != nil {
+		ret += a.fm.String()
+	}
+	return ret
+}
+
+type fractionMatcher struct {
+	fraction int64 // real fraction is fraction/1,000,000.
+}
+
+func newFractionMatcher(fraction uint32) *fractionMatcher {
+	return &fractionMatcher{fraction: int64(fraction)}
+}
+
+var grpcrandInt63n = grpcrand.Int63n
+
+func (fm *fractionMatcher) match() bool {
+	t := grpcrandInt63n(1000000)
+	return t <= fm.fraction
+}
+
+func (fm *fractionMatcher) String() string {
+	return fmt.Sprintf("fraction:%v", fm.fraction)
+}
diff --git a/vendor/google.golang.org/grpc/xds/internal/resolver/matcher_header.go b/vendor/google.golang.org/grpc/xds/internal/resolver/matcher_header.go
new file mode 100644
index 00000000000..05a92788d7b
--- /dev/null
+++ b/vendor/google.golang.org/grpc/xds/internal/resolver/matcher_header.go
@@ -0,0 +1,188 @@
+/*
+ *
+ * Copyright 2020 gRPC authors.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ */
+
+package resolver
+
+import (
+	"fmt"
+	"regexp"
+	"strconv"
+	"strings"
+
+	"google.golang.org/grpc/metadata"
+)
+
+type headerMatcherInterface interface {
+	match(metadata.MD) bool
+	String() string
+}
+
+// mdValuesFromOutgoingCtx retrieves metadata from context. If there are
+// multiple values, the values are concatenated with "," (comma and no space).
+//
+// All header matchers only match against the comma-concatenated string.
+func mdValuesFromOutgoingCtx(md metadata.MD, key string) (string, bool) {
+	vs, ok := md[key]
+	if !ok {
+		return "", false
+	}
+	return strings.Join(vs, ","), true
+}
+
+type headerExactMatcher struct {
+	key   string
+	exact string
+}
+
+func newHeaderExactMatcher(key, exact string) *headerExactMatcher {
+	return &headerExactMatcher{key: key, exact: exact}
+}
+
+func (hem *headerExactMatcher) match(md metadata.MD) bool {
+	v, ok := mdValuesFromOutgoingCtx(md, hem.key)
+	if !ok {
+		return false
+	}
+	return v == hem.exact
+}
+
+func (hem *headerExactMatcher) String() string {
+	return fmt.Sprintf("headerExact:%v:%v", hem.key, hem.exact)
+}
+
+type headerRegexMatcher struct {
+	key string
+	re  *regexp.Regexp
+}
+
+func newHeaderRegexMatcher(key string, re *regexp.Regexp) *headerRegexMatcher {
+	return &headerRegexMatcher{key: key, re: re}
+}
+
+func (hrm *headerRegexMatcher) match(md metadata.MD) bool {
+	v, ok := mdValuesFromOutgoingCtx(md, hrm.key)
+	if !ok {
+		return false
+	}
+	return hrm.re.MatchString(v)
+}
+
+func (hrm *headerRegexMatcher) String() string {
+	return fmt.Sprintf("headerRegex:%v:%v", hrm.key, hrm.re.String())
+}
+
+type headerRangeMatcher struct {
+	key        string
+	start, end int64 // represents [start, end).
+}
+
+func newHeaderRangeMatcher(key string, start, end int64) *headerRangeMatcher {
+	return &headerRangeMatcher{key: key, start: start, end: end}
+}
+
+func (hrm *headerRangeMatcher) match(md metadata.MD) bool {
+	v, ok := mdValuesFromOutgoingCtx(md, hrm.key)
+	if !ok {
+		return false
+	}
+	if i, err := strconv.ParseInt(v, 10, 64); err == nil && i >= hrm.start && i < hrm.end {
+		return true
+	}
+	return false
+}
+
+func (hrm *headerRangeMatcher) String() string {
+	return fmt.Sprintf("headerRange:%v:[%d,%d)", hrm.key, hrm.start, hrm.end)
+}
+
+type headerPresentMatcher struct {
+	key     string
+	present bool
+}
+
+func newHeaderPresentMatcher(key string, present bool) *headerPresentMatcher {
+	return &headerPresentMatcher{key: key, present: present}
+}
+
+func (hpm *headerPresentMatcher) match(md metadata.MD) bool {
+	vs, ok := mdValuesFromOutgoingCtx(md, hpm.key)
+	present := ok && len(vs) > 0
+	return present == hpm.present
+}
+
+func (hpm *headerPresentMatcher) String() string {
+	return fmt.Sprintf("headerPresent:%v:%v", hpm.key, hpm.present)
+}
+
+type headerPrefixMatcher struct {
+	key    string
+	prefix string
+}
+
+func newHeaderPrefixMatcher(key string, prefix string) *headerPrefixMatcher {
+	return &headerPrefixMatcher{key: key, prefix: prefix}
+}
+
+func (hpm *headerPrefixMatcher) match(md metadata.MD) bool {
+	v, ok := mdValuesFromOutgoingCtx(md, hpm.key)
+	if !ok {
+		return false
+	}
+	return strings.HasPrefix(v, hpm.prefix)
+}
+
+func (hpm *headerPrefixMatcher) String() string {
+	return fmt.Sprintf("headerPrefix:%v:%v", hpm.key, hpm.prefix)
+}
+
+type headerSuffixMatcher struct {
+	key    string
+	suffix string
+}
+
+func newHeaderSuffixMatcher(key string, suffix string) *headerSuffixMatcher {
+	return &headerSuffixMatcher{key: key, suffix: suffix}
+}
+
+func (hsm *headerSuffixMatcher) match(md metadata.MD) bool {
+	v, ok := mdValuesFromOutgoingCtx(md, hsm.key)
+	if !ok {
+		return false
+	}
+	return strings.HasSuffix(v, hsm.suffix)
+}
+
+func (hsm *headerSuffixMatcher) String() string {
+	return fmt.Sprintf("headerSuffix:%v:%v", hsm.key, hsm.suffix)
+}
+
+type invertMatcher struct {
+	m headerMatcherInterface
+}
+
+func newInvertMatcher(m headerMatcherInterface) *invertMatcher {
+	return &invertMatcher{m: m}
+}
+
+func (i *invertMatcher) match(md metadata.MD) bool {
+	return !i.m.match(md)
+}
+
+func (i *invertMatcher) String() string {
+	return fmt.Sprintf("invert{%s}", i.m)
+}
diff --git a/vendor/google.golang.org/grpc/xds/internal/resolver/matcher_path.go b/vendor/google.golang.org/grpc/xds/internal/resolver/matcher_path.go
new file mode 100644
index 00000000000..011d1a94c49
--- /dev/null
+++ b/vendor/google.golang.org/grpc/xds/internal/resolver/matcher_path.go
@@ -0,0 +1,101 @@
+/*
+ *
+ * Copyright 2020 gRPC authors.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ */
+
+package resolver
+
+import (
+	"regexp"
+	"strings"
+)
+
+type pathMatcherInterface interface {
+	match(path string) bool
+	String() string
+}
+
+type pathExactMatcher struct {
+	// fullPath is all upper case if caseInsensitive is true.
+	fullPath        string
+	caseInsensitive bool
+}
+
+func newPathExactMatcher(p string, caseInsensitive bool) *pathExactMatcher {
+	ret := &pathExactMatcher{
+		fullPath:        p,
+		caseInsensitive: caseInsensitive,
+	}
+	if caseInsensitive {
+		ret.fullPath = strings.ToUpper(p)
+	}
+	return ret
+}
+
+func (pem *pathExactMatcher) match(path string) bool {
+	if pem.caseInsensitive {
+		return pem.fullPath == strings.ToUpper(path)
+	}
+	return pem.fullPath == path
+}
+
+func (pem *pathExactMatcher) String() string {
+	return "pathExact:" + pem.fullPath
+}
+
+type pathPrefixMatcher struct {
+	// prefix is all upper case if caseInsensitive is true.
+	prefix          string
+	caseInsensitive bool
+}
+
+func newPathPrefixMatcher(p string, caseInsensitive bool) *pathPrefixMatcher {
+	ret := &pathPrefixMatcher{
+		prefix:          p,
+		caseInsensitive: caseInsensitive,
+	}
+	if caseInsensitive {
+		ret.prefix = strings.ToUpper(p)
+	}
+	return ret
+}
+
+func (ppm *pathPrefixMatcher) match(path string) bool {
+	if ppm.caseInsensitive {
+		return strings.HasPrefix(strings.ToUpper(path), ppm.prefix)
+	}
+	return strings.HasPrefix(path, ppm.prefix)
+}
+
+func (ppm *pathPrefixMatcher) String() string {
+	return "pathPrefix:" + ppm.prefix
+}
+
+type pathRegexMatcher struct {
+	re *regexp.Regexp
+}
+
+func newPathRegexMatcher(re *regexp.Regexp) *pathRegexMatcher {
+	return &pathRegexMatcher{re: re}
+}
+
+func (prm *pathRegexMatcher) match(path string) bool {
+	return prm.re.MatchString(path)
+}
+
+func (prm *pathRegexMatcher) String() string {
+	return "pathRegex:" + prm.re.String()
+}
diff --git a/vendor/google.golang.org/grpc/xds/internal/resolver/serviceconfig.go b/vendor/google.golang.org/grpc/xds/internal/resolver/serviceconfig.go
new file mode 100644
index 00000000000..ef7c37128c1
--- /dev/null
+++ b/vendor/google.golang.org/grpc/xds/internal/resolver/serviceconfig.go
@@ -0,0 +1,326 @@
+/*
+ *
+ * Copyright 2020 gRPC authors.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ */
+
+package resolver
+
+import (
+	"context"
+	"encoding/json"
+	"fmt"
+	"sync/atomic"
+	"time"
+
+	"google.golang.org/grpc/codes"
+	iresolver "google.golang.org/grpc/internal/resolver"
+	"google.golang.org/grpc/internal/wrr"
+	"google.golang.org/grpc/internal/xds/env"
+	"google.golang.org/grpc/status"
+	"google.golang.org/grpc/xds/internal/balancer/clustermanager"
+	xdsclient "google.golang.org/grpc/xds/internal/client"
+	"google.golang.org/grpc/xds/internal/httpfilter"
+	"google.golang.org/grpc/xds/internal/httpfilter/router"
+)
+
+const (
+	cdsName               = "cds_experimental"
+	xdsClusterManagerName = "xds_cluster_manager_experimental"
+)
+
+type serviceConfig struct {
+	LoadBalancingConfig balancerConfig `json:"loadBalancingConfig"`
+}
+
+type balancerConfig []map[string]interface{}
+
+func newBalancerConfig(name string, config interface{}) balancerConfig {
+	return []map[string]interface{}{{name: config}}
+}
+
+type cdsBalancerConfig struct {
+	Cluster string `json:"cluster"`
+}
+
+type xdsChildConfig struct {
+	ChildPolicy balancerConfig `json:"childPolicy"`
+}
+
+type xdsClusterManagerConfig struct {
+	Children map[string]xdsChildConfig `json:"children"`
+}
+
+// pruneActiveClusters deletes entries in r.activeClusters with zero
+// references.
+func (r *xdsResolver) pruneActiveClusters() {
+	for cluster, ci := range r.activeClusters {
+		if atomic.LoadInt32(&ci.refCount) == 0 {
+			delete(r.activeClusters, cluster)
+		}
+	}
+}
+
+// serviceConfigJSON produces a service config in JSON format representing all
+// the clusters referenced in activeClusters.  This includes clusters with zero
+// references, so they must be pruned first.
+func serviceConfigJSON(activeClusters map[string]*clusterInfo) (string, error) {
+	// Generate children (all entries in activeClusters).
+	children := make(map[string]xdsChildConfig)
+	for cluster := range activeClusters {
+		children[cluster] = xdsChildConfig{
+			ChildPolicy: newBalancerConfig(cdsName, cdsBalancerConfig{Cluster: cluster}),
+		}
+	}
+
+	sc := serviceConfig{
+		LoadBalancingConfig: newBalancerConfig(
+			xdsClusterManagerName, xdsClusterManagerConfig{Children: children},
+		),
+	}
+
+	bs, err := json.Marshal(sc)
+	if err != nil {
+		return "", fmt.Errorf("failed to marshal json: %v", err)
+	}
+	return string(bs), nil
+}
+
+type virtualHost struct {
+	// map from filter name to its config
+	httpFilterConfigOverride map[string]httpfilter.FilterConfig
+}
+
+// routeCluster holds information about a cluster as referenced by a route.
+type routeCluster struct {
+	name string
+	// map from filter name to its config
+	httpFilterConfigOverride map[string]httpfilter.FilterConfig
+}
+
+type route struct {
+	m                 *compositeMatcher // converted from route matchers
+	clusters          wrr.WRR           // holds *routeCluster entries
+	maxStreamDuration time.Duration
+	// map from filter name to its config
+	httpFilterConfigOverride map[string]httpfilter.FilterConfig
+}
+
+func (r route) String() string {
+	return fmt.Sprintf("%s -> { clusters: %v, maxStreamDuration: %v }", r.m.String(), r.clusters, r.maxStreamDuration)
+}
+
+type configSelector struct {
+	r                *xdsResolver
+	virtualHost      virtualHost
+	routes           []route
+	clusters         map[string]*clusterInfo
+	httpFilterConfig []xdsclient.HTTPFilter
+}
+
+var errNoMatchedRouteFound = status.Errorf(codes.Unavailable, "no matched route was found")
+
+func (cs *configSelector) SelectConfig(rpcInfo iresolver.RPCInfo) (*iresolver.RPCConfig, error) {
+	if cs == nil {
+		return nil, status.Errorf(codes.Unavailable, "no valid clusters")
+	}
+	var rt *route
+	// Loop through routes in order and select first match.
+	for _, r := range cs.routes {
+		if r.m.match(rpcInfo) {
+			rt = &r
+			break
+		}
+	}
+	if rt == nil || rt.clusters == nil {
+		return nil, errNoMatchedRouteFound
+	}
+	cluster, ok := rt.clusters.Next().(*routeCluster)
+	if !ok {
+		return nil, status.Errorf(codes.Internal, "error retrieving cluster for match: %v (%T)", cluster, cluster)
+	}
+	// Add a ref to the selected cluster, as this RPC needs this cluster until
+	// it is committed.
+	ref := &cs.clusters[cluster.name].refCount
+	atomic.AddInt32(ref, 1)
+
+	interceptor, err := cs.newInterceptor(rt, cluster)
+	if err != nil {
+		return nil, err
+	}
+
+	config := &iresolver.RPCConfig{
+		// Communicate to the LB policy the chosen cluster.
+		Context: clustermanager.SetPickedCluster(rpcInfo.Context, cluster.name),
+		OnCommitted: func() {
+			// When the RPC is committed, the cluster is no longer required.
+			// Decrease its ref.
+			if v := atomic.AddInt32(ref, -1); v == 0 {
+				// This entry will be removed from activeClusters when
+				// producing the service config for the empty update.
+				select {
+				case cs.r.updateCh <- suWithError{emptyUpdate: true}:
+				default:
+				}
+			}
+		},
+		Interceptor: interceptor,
+	}
+
+	if env.TimeoutSupport && rt.maxStreamDuration != 0 {
+		config.MethodConfig.Timeout = &rt.maxStreamDuration
+	}
+
+	return config, nil
+}
+
+func (cs *configSelector) newInterceptor(rt *route, cluster *routeCluster) (iresolver.ClientInterceptor, error) {
+	if len(cs.httpFilterConfig) == 0 {
+		return nil, nil
+	}
+	interceptors := make([]iresolver.ClientInterceptor, 0, len(cs.httpFilterConfig))
+	for _, filter := range cs.httpFilterConfig {
+		if router.IsRouterFilter(filter.Filter) {
+			// Ignore any filters after the router filter.  The router itself
+			// is currently a nop.
+			return &interceptorList{interceptors: interceptors}, nil
+		}
+		override := cluster.httpFilterConfigOverride[filter.Name] // cluster is highest priority
+		if override == nil {
+			override = rt.httpFilterConfigOverride[filter.Name] // route is second priority
+		}
+		if override == nil {
+			override = cs.virtualHost.httpFilterConfigOverride[filter.Name] // VH is third & lowest priority
+		}
+		ib, ok := filter.Filter.(httpfilter.ClientInterceptorBuilder)
+		if !ok {
+			// Should not happen if it passed xdsClient validation.
+			return nil, fmt.Errorf("filter does not support use in client")
+		}
+		i, err := ib.BuildClientInterceptor(filter.Config, override)
+		if err != nil {
+			return nil, fmt.Errorf("error constructing filter: %v", err)
+		}
+		if i != nil {
+			interceptors = append(interceptors, i)
+		}
+	}
+	return nil, fmt.Errorf("error in xds config: no router filter present")
+}
+
+// stop decrements refs of all clusters referenced by this config selector.
+func (cs *configSelector) stop() {
+	// The resolver's old configSelector may be nil.  Handle that here.
+	if cs == nil {
+		return
+	}
+	// If any refs drop to zero, we'll need a service config update to delete
+	// the cluster.
+	needUpdate := false
+	// Loops over cs.clusters, but these are pointers to entries in
+	// activeClusters.
+	for _, ci := range cs.clusters {
+		if v := atomic.AddInt32(&ci.refCount, -1); v == 0 {
+			needUpdate = true
+		}
+	}
+	// We stop the old config selector immediately after sending a new config
+	// selector; we need another update to delete clusters from the config (if
+	// we don't have another update pending already).
+	if needUpdate {
+		select {
+		case cs.r.updateCh <- suWithError{emptyUpdate: true}:
+		default:
+		}
+	}
+}
+
+// A global for testing.
+var newWRR = wrr.NewRandom
+
+// newConfigSelector creates the config selector for su; may add entries to
+// r.activeClusters for previously-unseen clusters.
+func (r *xdsResolver) newConfigSelector(su serviceUpdate) (*configSelector, error) {
+	cs := &configSelector{
+		r:                r,
+		virtualHost:      virtualHost{httpFilterConfigOverride: su.virtualHost.HTTPFilterConfigOverride},
+		routes:           make([]route, len(su.virtualHost.Routes)),
+		clusters:         make(map[string]*clusterInfo),
+		httpFilterConfig: su.ldsConfig.httpFilterConfig,
+	}
+
+	for i, rt := range su.virtualHost.Routes {
+		clusters := newWRR()
+		for cluster, wc := range rt.WeightedClusters {
+			clusters.Add(&routeCluster{
+				name:                     cluster,
+				httpFilterConfigOverride: wc.HTTPFilterConfigOverride,
+			}, int64(wc.Weight))
+
+			// Initialize entries in cs.clusters map, creating entries in
+			// r.activeClusters as necessary.  Set to zero as they will be
+			// incremented by incRefs.
+			ci := r.activeClusters[cluster]
+			if ci == nil {
+				ci = &clusterInfo{refCount: 0}
+				r.activeClusters[cluster] = ci
+			}
+			cs.clusters[cluster] = ci
+		}
+		cs.routes[i].clusters = clusters
+
+		var err error
+		cs.routes[i].m, err = routeToMatcher(rt)
+		if err != nil {
+			return nil, err
+		}
+		if rt.MaxStreamDuration == nil {
+			cs.routes[i].maxStreamDuration = su.ldsConfig.maxStreamDuration
+		} else {
+			cs.routes[i].maxStreamDuration = *rt.MaxStreamDuration
+		}
+
+		cs.routes[i].httpFilterConfigOverride = rt.HTTPFilterConfigOverride
+	}
+
+	// Account for this config selector's clusters.  Do this after no further
+	// errors may occur.  Note: cs.clusters are pointers to entries in
+	// activeClusters.
+	for _, ci := range cs.clusters {
+		atomic.AddInt32(&ci.refCount, 1)
+	}
+
+	return cs, nil
+}
+
+type clusterInfo struct {
+	// number of references to this cluster; accessed atomically
+	refCount int32
+}
+
+type interceptorList struct {
+	interceptors []iresolver.ClientInterceptor
+}
+
+func (il *interceptorList) NewStream(ctx context.Context, ri iresolver.RPCInfo, done func(), newStream func(ctx context.Context, done func()) (iresolver.ClientStream, error)) (iresolver.ClientStream, error) {
+	for i := len(il.interceptors) - 1; i >= 0; i-- {
+		ns := newStream
+		interceptor := il.interceptors[i]
+		newStream = func(ctx context.Context, done func()) (iresolver.ClientStream, error) {
+			return interceptor.NewStream(ctx, ri, done, ns)
+		}
+	}
+	return newStream(ctx, func() {})
+}
diff --git a/vendor/google.golang.org/grpc/xds/internal/resolver/watch_service.go b/vendor/google.golang.org/grpc/xds/internal/resolver/watch_service.go
new file mode 100644
index 00000000000..7667592ccd6
--- /dev/null
+++ b/vendor/google.golang.org/grpc/xds/internal/resolver/watch_service.go
@@ -0,0 +1,287 @@
+/*
+ *
+ * Copyright 2020 gRPC authors.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ */
+
+package resolver
+
+import (
+	"fmt"
+	"strings"
+	"sync"
+	"time"
+
+	"google.golang.org/grpc/internal/grpclog"
+	xdsclient "google.golang.org/grpc/xds/internal/client"
+)
+
+// serviceUpdate contains information received from the LDS/RDS responses which
+// are of interest to the xds resolver. The RDS request is built by first
+// making a LDS to get the RouteConfig name.
+type serviceUpdate struct {
+	// virtualHost contains routes and other configuration to route RPCs.
+	virtualHost *xdsclient.VirtualHost
+	// ldsConfig contains configuration that applies to all routes.
+	ldsConfig ldsConfig
+}
+
+// ldsConfig contains information received from the LDS responses which are of
+// interest to the xds resolver.
+type ldsConfig struct {
+	// maxStreamDuration is from the HTTP connection manager's
+	// common_http_protocol_options field.
+	maxStreamDuration time.Duration
+	httpFilterConfig  []xdsclient.HTTPFilter
+}
+
+// watchService uses LDS and RDS to discover information about the provided
+// serviceName.
+//
+// Note that during race (e.g. an xDS response is received while the user is
+// calling cancel()), there's a small window where the callback can be called
+// after the watcher is canceled. The caller needs to handle this case.
+func watchService(c xdsClientInterface, serviceName string, cb func(serviceUpdate, error), logger *grpclog.PrefixLogger) (cancel func()) {
+	w := &serviceUpdateWatcher{
+		logger:      logger,
+		c:           c,
+		serviceName: serviceName,
+		serviceCb:   cb,
+	}
+	w.ldsCancel = c.WatchListener(serviceName, w.handleLDSResp)
+
+	return w.close
+}
+
+// serviceUpdateWatcher handles LDS and RDS response, and calls the service
+// callback at the right time.
+type serviceUpdateWatcher struct {
+	logger      *grpclog.PrefixLogger
+	c           xdsClientInterface
+	serviceName string
+	ldsCancel   func()
+	serviceCb   func(serviceUpdate, error)
+	lastUpdate  serviceUpdate
+
+	mu        sync.Mutex
+	closed    bool
+	rdsName   string
+	rdsCancel func()
+}
+
+func (w *serviceUpdateWatcher) handleLDSResp(update xdsclient.ListenerUpdate, err error) {
+	w.logger.Infof("received LDS update: %+v, err: %v", update, err)
+	w.mu.Lock()
+	defer w.mu.Unlock()
+	if w.closed {
+		return
+	}
+	if err != nil {
+		// We check the error type and do different things. For now, the only
+		// type we check is ResourceNotFound, which indicates the LDS resource
+		// was removed, and besides sending the error to callback, we also
+		// cancel the RDS watch.
+		if xdsclient.ErrType(err) == xdsclient.ErrorTypeResourceNotFound && w.rdsCancel != nil {
+			w.rdsCancel()
+			w.rdsName = ""
+			w.rdsCancel = nil
+			w.lastUpdate = serviceUpdate{}
+		}
+		// The other error cases still return early without canceling the
+		// existing RDS watch.
+		w.serviceCb(serviceUpdate{}, err)
+		return
+	}
+
+	w.lastUpdate.ldsConfig = ldsConfig{
+		maxStreamDuration: update.MaxStreamDuration,
+		httpFilterConfig:  update.HTTPFilters,
+	}
+
+	if update.InlineRouteConfig != nil {
+		// If there was an RDS watch, cancel it.
+		w.rdsName = ""
+		if w.rdsCancel != nil {
+			w.rdsCancel()
+			w.rdsCancel = nil
+		}
+
+		// Handle the inline RDS update as if it's from an RDS watch.
+		w.updateVirtualHostsFromRDS(*update.InlineRouteConfig)
+		return
+	}
+
+	// RDS name from update is not an empty string, need RDS to fetch the
+	// routes.
+
+	if w.rdsName == update.RouteConfigName {
+		// If the new RouteConfigName is same as the previous, don't cancel and
+		// restart the RDS watch.
+		//
+		// If the route name did change, then we must wait until the first RDS
+		// update before reporting this LDS config.
+		if w.lastUpdate.virtualHost != nil {
+			// We want to send an update with the new fields from the new LDS
+			// (e.g. max stream duration), and old fields from the the previous
+			// RDS.
+			//
+			// But note that this should only happen when virtual host is set,
+			// which means an RDS was received.
+			w.serviceCb(w.lastUpdate, nil)
+		}
+		return
+	}
+	w.rdsName = update.RouteConfigName
+	if w.rdsCancel != nil {
+		w.rdsCancel()
+	}
+	w.rdsCancel = w.c.WatchRouteConfig(update.RouteConfigName, w.handleRDSResp)
+}
+
+func (w *serviceUpdateWatcher) updateVirtualHostsFromRDS(update xdsclient.RouteConfigUpdate) {
+	matchVh := findBestMatchingVirtualHost(w.serviceName, update.VirtualHosts)
+	if matchVh == nil {
+		// No matching virtual host found.
+		w.serviceCb(serviceUpdate{}, fmt.Errorf("no matching virtual host found for %q", w.serviceName))
+		return
+	}
+
+	w.lastUpdate.virtualHost = matchVh
+	w.serviceCb(w.lastUpdate, nil)
+}
+
+func (w *serviceUpdateWatcher) handleRDSResp(update xdsclient.RouteConfigUpdate, err error) {
+	w.logger.Infof("received RDS update: %+v, err: %v", update, err)
+	w.mu.Lock()
+	defer w.mu.Unlock()
+	if w.closed {
+		return
+	}
+	if w.rdsCancel == nil {
+		// This mean only the RDS watch is canceled, can happen if the LDS
+		// resource is removed.
+		return
+	}
+	if err != nil {
+		w.serviceCb(serviceUpdate{}, err)
+		return
+	}
+	w.updateVirtualHostsFromRDS(update)
+}
+
+func (w *serviceUpdateWatcher) close() {
+	w.mu.Lock()
+	defer w.mu.Unlock()
+	w.closed = true
+	w.ldsCancel()
+	if w.rdsCancel != nil {
+		w.rdsCancel()
+		w.rdsCancel = nil
+	}
+}
+
+type domainMatchType int
+
+const (
+	domainMatchTypeInvalid domainMatchType = iota
+	domainMatchTypeUniversal
+	domainMatchTypePrefix
+	domainMatchTypeSuffix
+	domainMatchTypeExact
+)
+
+// Exact > Suffix > Prefix > Universal > Invalid.
+func (t domainMatchType) betterThan(b domainMatchType) bool {
+	return t > b
+}
+
+func matchTypeForDomain(d string) domainMatchType {
+	if d == "" {
+		return domainMatchTypeInvalid
+	}
+	if d == "*" {
+		return domainMatchTypeUniversal
+	}
+	if strings.HasPrefix(d, "*") {
+		return domainMatchTypeSuffix
+	}
+	if strings.HasSuffix(d, "*") {
+		return domainMatchTypePrefix
+	}
+	if strings.Contains(d, "*") {
+		return domainMatchTypeInvalid
+	}
+	return domainMatchTypeExact
+}
+
+func match(domain, host string) (domainMatchType, bool) {
+	switch typ := matchTypeForDomain(domain); typ {
+	case domainMatchTypeInvalid:
+		return typ, false
+	case domainMatchTypeUniversal:
+		return typ, true
+	case domainMatchTypePrefix:
+		// abc.*
+		return typ, strings.HasPrefix(host, strings.TrimSuffix(domain, "*"))
+	case domainMatchTypeSuffix:
+		// *.123
+		return typ, strings.HasSuffix(host, strings.TrimPrefix(domain, "*"))
+	case domainMatchTypeExact:
+		return typ, domain == host
+	default:
+		return domainMatchTypeInvalid, false
+	}
+}
+
+// findBestMatchingVirtualHost returns the virtual host whose domains field best
+// matches host
+//
+// The domains field support 4 different matching pattern types:
+//  - Exact match
+//  - Suffix match (e.g. “*ABC”)
+//  - Prefix match (e.g. “ABC*)
+//  - Universal match (e.g. “*”)
+//
+// The best match is defined as:
+//  - A match is better if it’s matching pattern type is better
+//    - Exact match > suffix match > prefix match > universal match
+//  - If two matches are of the same pattern type, the longer match is better
+//    - This is to compare the length of the matching pattern, e.g. “*ABCDE” >
+//    “*ABC”
+func findBestMatchingVirtualHost(host string, vHosts []*xdsclient.VirtualHost) *xdsclient.VirtualHost {
+	var (
+		matchVh   *xdsclient.VirtualHost
+		matchType = domainMatchTypeInvalid
+		matchLen  int
+	)
+	for _, vh := range vHosts {
+		for _, domain := range vh.Domains {
+			typ, matched := match(domain, host)
+			if typ == domainMatchTypeInvalid {
+				// The rds response is invalid.
+				return nil
+			}
+			if matchType.betterThan(typ) || matchType == typ && matchLen >= len(domain) || !matched {
+				// The previous match has better type, or the previous match has
+				// better length, or this domain isn't a match.
+				continue
+			}
+			matchVh = vh
+			matchType = typ
+			matchLen = len(domain)
+		}
+	}
+	return matchVh
+}
diff --git a/vendor/google.golang.org/grpc/xds/internal/resolver/xds_resolver.go b/vendor/google.golang.org/grpc/xds/internal/resolver/xds_resolver.go
new file mode 100644
index 00000000000..d8c09db69b5
--- /dev/null
+++ b/vendor/google.golang.org/grpc/xds/internal/resolver/xds_resolver.go
@@ -0,0 +1,267 @@
+/*
+ * Copyright 2019 gRPC authors.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ */
+
+// Package resolver implements the xds resolver, that does LDS and RDS to find
+// the cluster to use.
+package resolver
+
+import (
+	"errors"
+	"fmt"
+
+	"google.golang.org/grpc/credentials"
+	"google.golang.org/grpc/internal/grpclog"
+	"google.golang.org/grpc/internal/grpcsync"
+	"google.golang.org/grpc/resolver"
+	"google.golang.org/grpc/xds/internal/client/bootstrap"
+
+	iresolver "google.golang.org/grpc/internal/resolver"
+	xdsclient "google.golang.org/grpc/xds/internal/client"
+)
+
+const xdsScheme = "xds"
+
+// For overriding in unittests.
+var newXDSClient = func() (xdsClientInterface, error) { return xdsclient.New() }
+
+func init() {
+	resolver.Register(&xdsResolverBuilder{})
+}
+
+type xdsResolverBuilder struct{}
+
+// Build helps implement the resolver.Builder interface.
+//
+// The xds bootstrap process is performed (and a new xds client is built) every
+// time an xds resolver is built.
+func (b *xdsResolverBuilder) Build(t resolver.Target, cc resolver.ClientConn, opts resolver.BuildOptions) (resolver.Resolver, error) {
+	r := &xdsResolver{
+		target:         t,
+		cc:             cc,
+		closed:         grpcsync.NewEvent(),
+		updateCh:       make(chan suWithError, 1),
+		activeClusters: make(map[string]*clusterInfo),
+	}
+	r.logger = prefixLogger((r))
+	r.logger.Infof("Creating resolver for target: %+v", t)
+
+	client, err := newXDSClient()
+	if err != nil {
+		return nil, fmt.Errorf("xds: failed to create xds-client: %v", err)
+	}
+	r.client = client
+
+	// If xds credentials were specified by the user, but bootstrap configs do
+	// not contain any certificate provider configuration, it is better to fail
+	// right now rather than failing when attempting to create certificate
+	// providers after receiving an CDS response with security configuration.
+	var creds credentials.TransportCredentials
+	switch {
+	case opts.DialCreds != nil:
+		creds = opts.DialCreds
+	case opts.CredsBundle != nil:
+		creds = opts.CredsBundle.TransportCredentials()
+	}
+	if xc, ok := creds.(interface{ UsesXDS() bool }); ok && xc.UsesXDS() {
+		bc := client.BootstrapConfig()
+		if len(bc.CertProviderConfigs) == 0 {
+			return nil, errors.New("xds: xdsCreds specified but certificate_providers config missing in bootstrap file")
+		}
+	}
+
+	// Register a watch on the xdsClient for the user's dial target.
+	cancelWatch := watchService(r.client, r.target.Endpoint, r.handleServiceUpdate, r.logger)
+	r.logger.Infof("Watch started on resource name %v with xds-client %p", r.target.Endpoint, r.client)
+	r.cancelWatch = func() {
+		cancelWatch()
+		r.logger.Infof("Watch cancel on resource name %v with xds-client %p", r.target.Endpoint, r.client)
+	}
+
+	go r.run()
+	return r, nil
+}
+
+// Name helps implement the resolver.Builder interface.
+func (*xdsResolverBuilder) Scheme() string {
+	return xdsScheme
+}
+
+// xdsClientInterface contains methods from xdsClient.Client which are used by
+// the resolver. This will be faked out in unittests.
+type xdsClientInterface interface {
+	WatchListener(serviceName string, cb func(xdsclient.ListenerUpdate, error)) func()
+	WatchRouteConfig(routeName string, cb func(xdsclient.RouteConfigUpdate, error)) func()
+	BootstrapConfig() *bootstrap.Config
+	Close()
+}
+
+// suWithError wraps the ServiceUpdate and error received through a watch API
+// callback, so that it can pushed onto the update channel as a single entity.
+type suWithError struct {
+	su          serviceUpdate
+	emptyUpdate bool
+	err         error
+}
+
+// xdsResolver implements the resolver.Resolver interface.
+//
+// It registers a watcher for ServiceConfig updates with the xdsClient object
+// (which performs LDS/RDS queries for the same), and passes the received
+// updates to the ClientConn.
+type xdsResolver struct {
+	target resolver.Target
+	cc     resolver.ClientConn
+	closed *grpcsync.Event
+
+	logger *grpclog.PrefixLogger
+
+	// The underlying xdsClient which performs all xDS requests and responses.
+	client xdsClientInterface
+	// A channel for the watch API callback to write service updates on to. The
+	// updates are read by the run goroutine and passed on to the ClientConn.
+	updateCh chan suWithError
+	// cancelWatch is the function to cancel the watcher.
+	cancelWatch func()
+
+	// activeClusters is a map from cluster name to a ref count.  Only read or
+	// written during a service update (synchronous).
+	activeClusters map[string]*clusterInfo
+
+	curConfigSelector *configSelector
+}
+
+// sendNewServiceConfig prunes active clusters, generates a new service config
+// based on the current set of active clusters, and sends an update to the
+// channel with that service config and the provided config selector.  Returns
+// false if an error occurs while generating the service config and the update
+// cannot be sent.
+func (r *xdsResolver) sendNewServiceConfig(cs *configSelector) bool {
+	// Delete entries from r.activeClusters with zero references;
+	// otherwise serviceConfigJSON will generate a config including
+	// them.
+	r.pruneActiveClusters()
+
+	if cs == nil && len(r.activeClusters) == 0 {
+		// There are no clusters and we are sending a failing configSelector.
+		// Send an empty config, which picks pick-first, with no address, and
+		// puts the ClientConn into transient failure.
+		r.cc.UpdateState(resolver.State{ServiceConfig: r.cc.ParseServiceConfig("{}")})
+		return true
+	}
+
+	// Produce the service config.
+	sc, err := serviceConfigJSON(r.activeClusters)
+	if err != nil {
+		// JSON marshal error; should never happen.
+		r.logger.Errorf("%v", err)
+		r.cc.ReportError(err)
+		return false
+	}
+	r.logger.Infof("Received update on resource %v from xds-client %p, generated service config: %v", r.target.Endpoint, r.client, sc)
+
+	// Send the update to the ClientConn.
+	state := iresolver.SetConfigSelector(resolver.State{
+		ServiceConfig: r.cc.ParseServiceConfig(sc),
+	}, cs)
+	r.cc.UpdateState(state)
+	return true
+}
+
+// run is a long running goroutine which blocks on receiving service updates
+// and passes it on the ClientConn.
+func (r *xdsResolver) run() {
+	for {
+		select {
+		case <-r.closed.Done():
+			return
+		case update := <-r.updateCh:
+			if update.err != nil {
+				r.logger.Warningf("Watch error on resource %v from xds-client %p, %v", r.target.Endpoint, r.client, update.err)
+				if xdsclient.ErrType(update.err) == xdsclient.ErrorTypeResourceNotFound {
+					// If error is resource-not-found, it means the LDS
+					// resource was removed. Ultimately send an empty service
+					// config, which picks pick-first, with no address, and
+					// puts the ClientConn into transient failure.  Before we
+					// can do that, we may need to send a normal service config
+					// along with an erroring (nil) config selector.
+					r.sendNewServiceConfig(nil)
+					// Stop and dereference the active config selector, if one exists.
+					r.curConfigSelector.stop()
+					r.curConfigSelector = nil
+					continue
+				}
+				// Send error to ClientConn, and balancers, if error is not
+				// resource not found.  No need to update resolver state if we
+				// can keep using the old config.
+				r.cc.ReportError(update.err)
+				continue
+			}
+			if update.emptyUpdate {
+				r.sendNewServiceConfig(r.curConfigSelector)
+				continue
+			}
+
+			// Create the config selector for this update.
+			cs, err := r.newConfigSelector(update.su)
+			if err != nil {
+				r.logger.Warningf("Error parsing update on resource %v from xds-client %p: %v", r.target.Endpoint, r.client, err)
+				r.cc.ReportError(err)
+				continue
+			}
+
+			if !r.sendNewServiceConfig(cs) {
+				// JSON error creating the service config (unexpected); erase
+				// this config selector and ignore this update, continuing with
+				// the previous config selector.
+				cs.stop()
+				continue
+			}
+
+			// Decrement references to the old config selector and assign the
+			// new one as the current one.
+			r.curConfigSelector.stop()
+			r.curConfigSelector = cs
+		}
+	}
+}
+
+// handleServiceUpdate is the callback which handles service updates. It writes
+// the received update to the update channel, which is picked by the run
+// goroutine.
+func (r *xdsResolver) handleServiceUpdate(su serviceUpdate, err error) {
+	if r.closed.HasFired() {
+		// Do not pass updates to the ClientConn once the resolver is closed.
+		return
+	}
+	// Remove any existing entry in updateCh and replace with the new one.
+	select {
+	case <-r.updateCh:
+	default:
+	}
+	r.updateCh <- suWithError{su: su, err: err}
+}
+
+// ResolveNow is a no-op at this point.
+func (*xdsResolver) ResolveNow(o resolver.ResolveNowOptions) {}
+
+// Close closes the resolver, and also closes the underlying xdsClient.
+func (r *xdsResolver) Close() {
+	r.cancelWatch()
+	r.client.Close()
+	r.closed.Fire()
+	r.logger.Infof("Shutdown")
+}
diff --git a/vendor/google.golang.org/grpc/xds/internal/server/conn_wrapper.go b/vendor/google.golang.org/grpc/xds/internal/server/conn_wrapper.go
new file mode 100644
index 00000000000..a02d75b2144
--- /dev/null
+++ b/vendor/google.golang.org/grpc/xds/internal/server/conn_wrapper.go
@@ -0,0 +1,155 @@
+/*
+ *
+ * Copyright 2021 gRPC authors.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ */
+
+package server
+
+import (
+	"errors"
+	"fmt"
+	"net"
+	"sync"
+	"time"
+
+	"google.golang.org/grpc/credentials/tls/certprovider"
+	xdsinternal "google.golang.org/grpc/internal/credentials/xds"
+	xdsclient "google.golang.org/grpc/xds/internal/client"
+)
+
+// connWrapper is a thin wrapper around a net.Conn returned by Accept(). It
+// provides the following additional functionality:
+// 1. A way to retrieve the configured deadline. This is required by the
+//    ServerHandshake() method of the xdsCredentials when it attempts to read
+//    key material from the certificate providers.
+// 2. Implements the XDSHandshakeInfo() method used by the xdsCredentials to
+//    retrieve the configured certificate providers.
+// 3. xDS filter_chain matching logic to select appropriate security
+//    configuration for the incoming connection.
+type connWrapper struct {
+	net.Conn
+
+	// The specific filter chain picked for handling this connection.
+	filterChain *xdsclient.FilterChain
+
+	// A reference fo the listenerWrapper on which this connection was accepted.
+	parent *listenerWrapper
+
+	// The certificate providers created for this connection.
+	rootProvider, identityProvider certprovider.Provider
+
+	// The connection deadline as configured by the grpc.Server on the rawConn
+	// that is returned by a call to Accept(). This is set to the connection
+	// timeout value configured by the user (or to a default value) before
+	// initiating the transport credential handshake, and set to zero after
+	// completing the HTTP2 handshake.
+	deadlineMu sync.Mutex
+	deadline   time.Time
+}
+
+// SetDeadline makes a copy of the passed in deadline and forwards the call to
+// the underlying rawConn.
+func (c *connWrapper) SetDeadline(t time.Time) error {
+	c.deadlineMu.Lock()
+	c.deadline = t
+	c.deadlineMu.Unlock()
+	return c.Conn.SetDeadline(t)
+}
+
+// GetDeadline returns the configured deadline. This will be invoked by the
+// ServerHandshake() method of the XdsCredentials, which needs a deadline to
+// pass to the certificate provider.
+func (c *connWrapper) GetDeadline() time.Time {
+	c.deadlineMu.Lock()
+	t := c.deadline
+	c.deadlineMu.Unlock()
+	return t
+}
+
+// XDSHandshakeInfo returns a HandshakeInfo with appropriate security
+// configuration for this connection. This method is invoked by the
+// ServerHandshake() method of the XdsCredentials.
+func (c *connWrapper) XDSHandshakeInfo() (*xdsinternal.HandshakeInfo, error) {
+	// Ideally this should never happen, since xdsCredentials are the only ones
+	// which will invoke this method at handshake time. But to be on the safe
+	// side, we avoid acting on the security configuration received from the
+	// control plane when the user has not configured the use of xDS
+	// credentials, by checking the value of this flag.
+	if !c.parent.xdsCredsInUse {
+		return nil, errors.New("user has not configured xDS credentials")
+	}
+
+	if c.filterChain.SecurityCfg == nil {
+		// If the security config is empty, this means that the control plane
+		// did not provide any security configuration and therefore we should
+		// return an empty HandshakeInfo here so that the xdsCreds can use the
+		// configured fallback credentials.
+		return xdsinternal.NewHandshakeInfo(nil, nil), nil
+	}
+
+	cpc := c.parent.xdsC.BootstrapConfig().CertProviderConfigs
+	// Identity provider name is mandatory on the server-side, and this is
+	// enforced when the resource is received at the xdsClient layer.
+	secCfg := c.filterChain.SecurityCfg
+	ip, err := buildProviderFunc(cpc, secCfg.IdentityInstanceName, secCfg.IdentityCertName, true, false)
+	if err != nil {
+		return nil, err
+	}
+	// Root provider name is optional and required only when doing mTLS.
+	var rp certprovider.Provider
+	if instance, cert := secCfg.RootInstanceName, secCfg.RootCertName; instance != "" {
+		rp, err = buildProviderFunc(cpc, instance, cert, false, true)
+		if err != nil {
+			return nil, err
+		}
+	}
+	c.identityProvider = ip
+	c.rootProvider = rp
+
+	xdsHI := xdsinternal.NewHandshakeInfo(c.rootProvider, c.identityProvider)
+	xdsHI.SetRequireClientCert(secCfg.RequireClientCert)
+	return xdsHI, nil
+}
+
+func (c *connWrapper) Close() error {
+	if c.identityProvider != nil {
+		c.identityProvider.Close()
+	}
+	if c.rootProvider != nil {
+		c.rootProvider.Close()
+	}
+	return c.Conn.Close()
+}
+
+func buildProviderFunc(configs map[string]*certprovider.BuildableConfig, instanceName, certName string, wantIdentity, wantRoot bool) (certprovider.Provider, error) {
+	cfg, ok := configs[instanceName]
+	if !ok {
+		return nil, fmt.Errorf("certificate provider instance %q not found in bootstrap file", instanceName)
+	}
+	provider, err := cfg.Build(certprovider.BuildOptions{
+		CertName:     certName,
+		WantIdentity: wantIdentity,
+		WantRoot:     wantRoot,
+	})
+	if err != nil {
+		// This error is not expected since the bootstrap process parses the
+		// config and makes sure that it is acceptable to the plugin. Still, it
+		// is possible that the plugin parses the config successfully, but its
+		// Build() method errors out.
+		return nil, fmt.Errorf("failed to get security plugin instance (%+v): %v", cfg, err)
+	}
+	return provider, nil
+}
diff --git a/vendor/google.golang.org/grpc/xds/internal/server/listener_wrapper.go b/vendor/google.golang.org/grpc/xds/internal/server/listener_wrapper.go
new file mode 100644
index 00000000000..17f31f28f57
--- /dev/null
+++ b/vendor/google.golang.org/grpc/xds/internal/server/listener_wrapper.go
@@ -0,0 +1,332 @@
+/*
+ *
+ * Copyright 2021 gRPC authors.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ */
+
+// Package server contains internal server-side functionality used by the public
+// facing xds package.
+package server
+
+import (
+	"fmt"
+	"net"
+	"sync"
+	"time"
+
+	"google.golang.org/grpc/backoff"
+	"google.golang.org/grpc/grpclog"
+	internalbackoff "google.golang.org/grpc/internal/backoff"
+	internalgrpclog "google.golang.org/grpc/internal/grpclog"
+	"google.golang.org/grpc/internal/grpcsync"
+	xdsclient "google.golang.org/grpc/xds/internal/client"
+	"google.golang.org/grpc/xds/internal/client/bootstrap"
+)
+
+var (
+	logger = grpclog.Component("xds")
+
+	// Backoff strategy for temporary errors received from Accept(). If this
+	// needs to be configurable, we can inject it through ListenerWrapperParams.
+	bs = internalbackoff.Exponential{Config: backoff.Config{
+		BaseDelay:  5 * time.Millisecond,
+		Multiplier: 2.0,
+		MaxDelay:   1 * time.Second,
+	}}
+	backoffFunc = bs.Backoff
+)
+
+// ServingMode indicates the current mode of operation of the server.
+//
+// This API exactly mirrors the one in the public xds package. We have to
+// redefine it here to avoid a cyclic dependency.
+type ServingMode int
+
+const (
+	// ServingModeStarting indicates that the serving is starting up.
+	ServingModeStarting ServingMode = iota
+	// ServingModeServing indicates the the server contains all required xDS
+	// configuration is serving RPCs.
+	ServingModeServing
+	// ServingModeNotServing indicates that the server is not accepting new
+	// connections. Existing connections will be closed gracefully, allowing
+	// in-progress RPCs to complete. A server enters this mode when it does not
+	// contain the required xDS configuration to serve RPCs.
+	ServingModeNotServing
+)
+
+func (s ServingMode) String() string {
+	switch s {
+	case ServingModeNotServing:
+		return "not-serving"
+	case ServingModeServing:
+		return "serving"
+	default:
+		return "starting"
+	}
+}
+
+// ServingModeCallback is the callback that users can register to get notified
+// about the server's serving mode changes. The callback is invoked with the
+// address of the listener and its new mode. The err parameter is set to a
+// non-nil error if the server has transitioned into not-serving mode.
+type ServingModeCallback func(addr net.Addr, mode ServingMode, err error)
+
+func prefixLogger(p *listenerWrapper) *internalgrpclog.PrefixLogger {
+	return internalgrpclog.NewPrefixLogger(logger, fmt.Sprintf("[xds-server-listener %p] ", p))
+}
+
+// XDSClientInterface wraps the methods on the xdsClient which are required by
+// the listenerWrapper.
+type XDSClientInterface interface {
+	WatchListener(string, func(xdsclient.ListenerUpdate, error)) func()
+	BootstrapConfig() *bootstrap.Config
+}
+
+// ListenerWrapperParams wraps parameters required to create a listenerWrapper.
+type ListenerWrapperParams struct {
+	// Listener is the net.Listener passed by the user that is to be wrapped.
+	Listener net.Listener
+	// ListenerResourceName is the xDS Listener resource to request.
+	ListenerResourceName string
+	// XDSCredsInUse specifies whether or not the user expressed interest to
+	// receive security configuration from the control plane.
+	XDSCredsInUse bool
+	// XDSClient provides the functionality from the xdsClient required here.
+	XDSClient XDSClientInterface
+	// ModeCallback is the callback to invoke when the serving mode changes.
+	ModeCallback ServingModeCallback
+}
+
+// NewListenerWrapper creates a new listenerWrapper with params. It returns a
+// net.Listener and a channel which is written to, indicating that the former is
+// ready to be passed to grpc.Serve().
+//
+// Only TCP listeners are supported.
+func NewListenerWrapper(params ListenerWrapperParams) (net.Listener, <-chan struct{}) {
+	lw := &listenerWrapper{
+		Listener:          params.Listener,
+		name:              params.ListenerResourceName,
+		xdsCredsInUse:     params.XDSCredsInUse,
+		xdsC:              params.XDSClient,
+		modeCallback:      params.ModeCallback,
+		isUnspecifiedAddr: params.Listener.Addr().(*net.TCPAddr).IP.IsUnspecified(),
+
+		closed:     grpcsync.NewEvent(),
+		goodUpdate: grpcsync.NewEvent(),
+	}
+	lw.logger = prefixLogger(lw)
+
+	// Serve() verifies that Addr() returns a valid TCPAddr. So, it is safe to
+	// ignore the error from SplitHostPort().
+	lisAddr := lw.Listener.Addr().String()
+	lw.addr, lw.port, _ = net.SplitHostPort(lisAddr)
+
+	cancelWatch := lw.xdsC.WatchListener(lw.name, lw.handleListenerUpdate)
+	lw.logger.Infof("Watch started on resource name %v", lw.name)
+	lw.cancelWatch = func() {
+		cancelWatch()
+		lw.logger.Infof("Watch cancelled on resource name %v", lw.name)
+	}
+	return lw, lw.goodUpdate.Done()
+}
+
+// listenerWrapper wraps the net.Listener associated with the listening address
+// passed to Serve(). It also contains all other state associated with this
+// particular invocation of Serve().
+type listenerWrapper struct {
+	net.Listener
+	logger *internalgrpclog.PrefixLogger
+
+	name          string
+	xdsCredsInUse bool
+	xdsC          XDSClientInterface
+	cancelWatch   func()
+	modeCallback  ServingModeCallback
+
+	// Set to true if the listener is bound to the IP_ANY address (which is
+	// "0.0.0.0" for IPv4 and "::" for IPv6).
+	isUnspecifiedAddr bool
+	// Listening address and port. Used to validate the socket address in the
+	// Listener resource received from the control plane.
+	addr, port string
+
+	// This is used to notify that a good update has been received and that
+	// Serve() can be invoked on the underlying gRPC server. Using an event
+	// instead of a vanilla channel simplifies the update handler as it need not
+	// keep track of whether the received update is the first one or not.
+	goodUpdate *grpcsync.Event
+	// A small race exists in the xdsClient code between the receipt of an xDS
+	// response and the user cancelling the associated watch. In this window,
+	// the registered callback may be invoked after the watch is canceled, and
+	// the user is expected to work around this. This event signifies that the
+	// listener is closed (and hence the watch is cancelled), and we drop any
+	// updates received in the callback if this event has fired.
+	closed *grpcsync.Event
+
+	// mu guards access to the current serving mode and the filter chains. The
+	// reason for using an rw lock here is that these fields are read in
+	// Accept() for all incoming connections, but writes happen rarely (when we
+	// get a Listener resource update).
+	mu sync.RWMutex
+	// Current serving mode.
+	mode ServingMode
+	// Filter chains received as part of the last good update.
+	filterChains *xdsclient.FilterChainManager
+}
+
+// Accept blocks on an Accept() on the underlying listener, and wraps the
+// returned net.connWrapper with the configured certificate providers.
+func (l *listenerWrapper) Accept() (net.Conn, error) {
+	var retries int
+	for {
+		conn, err := l.Listener.Accept()
+		if err != nil {
+			// Temporary() method is implemented by certain error types returned
+			// from the net package, and it is useful for us to not shutdown the
+			// server in these conditions. The listen queue being full is one
+			// such case.
+			if ne, ok := err.(interface{ Temporary() bool }); !ok || !ne.Temporary() {
+				return nil, err
+			}
+			retries++
+			timer := time.NewTimer(backoffFunc(retries))
+			select {
+			case <-timer.C:
+			case <-l.closed.Done():
+				timer.Stop()
+				// Continuing here will cause us to call Accept() again
+				// which will return a non-temporary error.
+				continue
+			}
+			continue
+		}
+		// Reset retries after a successful Accept().
+		retries = 0
+
+		// Since the net.Conn represents an incoming connection, the source and
+		// destination address can be retrieved from the local address and
+		// remote address of the net.Conn respectively.
+		destAddr, ok1 := conn.LocalAddr().(*net.TCPAddr)
+		srcAddr, ok2 := conn.RemoteAddr().(*net.TCPAddr)
+		if !ok1 || !ok2 {
+			// If the incoming connection is not a TCP connection, which is
+			// really unexpected since we check whether the provided listener is
+			// a TCP listener in Serve(), we return an error which would cause
+			// us to stop serving.
+			return nil, fmt.Errorf("received connection with non-TCP address (local: %T, remote %T)", conn.LocalAddr(), conn.RemoteAddr())
+		}
+
+		l.mu.RLock()
+		if l.mode == ServingModeNotServing {
+			// Close connections as soon as we accept them when we are in
+			// "not-serving" mode. Since we accept a net.Listener from the user
+			// in Serve(), we cannot close the listener when we move to
+			// "not-serving". Closing the connection immediately upon accepting
+			// is one of the other ways to implement the "not-serving" mode as
+			// outlined in gRFC A36.
+			l.mu.RUnlock()
+			conn.Close()
+			continue
+		}
+		fc, err := l.filterChains.Lookup(xdsclient.FilterChainLookupParams{
+			IsUnspecifiedListener: l.isUnspecifiedAddr,
+			DestAddr:              destAddr.IP,
+			SourceAddr:            srcAddr.IP,
+			SourcePort:            srcAddr.Port,
+		})
+		l.mu.RUnlock()
+		if err != nil {
+			// When a matching filter chain is not found, we close the
+			// connection right away, but do not return an error back to
+			// `grpc.Serve()` from where this Accept() was invoked. Returning an
+			// error to `grpc.Serve()` causes the server to shutdown. If we want
+			// to avoid the server from shutting down, we would need to return
+			// an error type which implements the `Temporary() bool` method,
+			// which is invoked by `grpc.Serve()` to see if the returned error
+			// represents a temporary condition. In the case of a temporary
+			// error, `grpc.Serve()` method sleeps for a small duration and
+			// therefore ends up blocking all connection attempts during that
+			// time frame, which is also not ideal for an error like this.
+			l.logger.Warningf("connection from %s to %s failed to find any matching filter chain", conn.RemoteAddr().String(), conn.LocalAddr().String())
+			conn.Close()
+			continue
+		}
+		return &connWrapper{Conn: conn, filterChain: fc, parent: l}, nil
+	}
+}
+
+// Close closes the underlying listener. It also cancels the xDS watch
+// registered in Serve() and closes any certificate provider instances created
+// based on security configuration received in the LDS response.
+func (l *listenerWrapper) Close() error {
+	l.closed.Fire()
+	l.Listener.Close()
+	if l.cancelWatch != nil {
+		l.cancelWatch()
+	}
+	return nil
+}
+
+func (l *listenerWrapper) handleListenerUpdate(update xdsclient.ListenerUpdate, err error) {
+	if l.closed.HasFired() {
+		l.logger.Warningf("Resource %q received update: %v with error: %v, after listener was closed", l.name, update, err)
+		return
+	}
+
+	if err != nil {
+		l.logger.Warningf("Received error for resource %q: %+v", l.name, err)
+		if xdsclient.ErrType(err) == xdsclient.ErrorTypeResourceNotFound {
+			l.switchMode(nil, ServingModeNotServing, err)
+		}
+		// For errors which are anything other than "resource-not-found", we
+		// continue to use the old configuration.
+		return
+	}
+	l.logger.Infof("Received update for resource %q: %+v", l.name, update)
+
+	// Make sure that the socket address on the received Listener resource
+	// matches the address of the net.Listener passed to us by the user. This
+	// check is done here instead of at the xdsClient layer because of the
+	// following couple of reasons:
+	// - xdsClient cannot know the listening address of every listener in the
+	//   system, and hence cannot perform this check.
+	// - this is a very context-dependent check and only the server has the
+	//   appropriate context to perform this check.
+	//
+	// What this means is that the xdsClient has ACKed a resource which can push
+	// the server into a "not serving" mode. This is not ideal, but this is
+	// what we have decided to do. See gRPC A36 for more details.
+	ilc := update.InboundListenerCfg
+	if ilc.Address != l.addr || ilc.Port != l.port {
+		l.switchMode(nil, ServingModeNotServing, fmt.Errorf("address (%s:%s) in Listener update does not match listening address: (%s:%s)", ilc.Address, ilc.Port, l.addr, l.port))
+		return
+	}
+
+	l.switchMode(ilc.FilterChains, ServingModeServing, nil)
+	l.goodUpdate.Fire()
+}
+
+func (l *listenerWrapper) switchMode(fcs *xdsclient.FilterChainManager, newMode ServingMode, err error) {
+	l.mu.Lock()
+	defer l.mu.Unlock()
+
+	l.filterChains = fcs
+	l.mode = newMode
+	if l.modeCallback != nil {
+		l.modeCallback(l.Listener.Addr(), newMode, err)
+	}
+	l.logger.Warningf("Listener %q entering mode: %q due to error: %v", l.Addr(), newMode, err)
+}
diff --git a/vendor/google.golang.org/grpc/xds/internal/version/version.go b/vendor/google.golang.org/grpc/xds/internal/version/version.go
new file mode 100644
index 00000000000..dbcb76ffd1f
--- /dev/null
+++ b/vendor/google.golang.org/grpc/xds/internal/version/version.go
@@ -0,0 +1,51 @@
+/*
+ *
+ * Copyright 2020 gRPC authors.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ */
+
+// Package version defines constants to distinguish between supported xDS API
+// versions.
+package version
+
+// TransportAPI refers to the API version for xDS transport protocol. This
+// describes the xDS gRPC endpoint and version of DiscoveryRequest/Response used
+// on the wire.
+type TransportAPI int
+
+const (
+	// TransportV2 refers to the v2 xDS transport protocol.
+	TransportV2 TransportAPI = iota
+	// TransportV3 refers to the v3 xDS transport protocol.
+	TransportV3
+)
+
+// Resource URLs. We need to be able to accept either version of the resource
+// regardless of the version of the transport protocol in use.
+const (
+	V2ListenerURL        = "type.googleapis.com/envoy.api.v2.Listener"
+	V2RouteConfigURL     = "type.googleapis.com/envoy.api.v2.RouteConfiguration"
+	V2ClusterURL         = "type.googleapis.com/envoy.api.v2.Cluster"
+	V2EndpointsURL       = "type.googleapis.com/envoy.api.v2.ClusterLoadAssignment"
+	V2HTTPConnManagerURL = "type.googleapis.com/envoy.config.filter.network.http_connection_manager.v2.HttpConnectionManager"
+
+	V3ListenerURL             = "type.googleapis.com/envoy.config.listener.v3.Listener"
+	V3RouteConfigURL          = "type.googleapis.com/envoy.config.route.v3.RouteConfiguration"
+	V3ClusterURL              = "type.googleapis.com/envoy.config.cluster.v3.Cluster"
+	V3EndpointsURL            = "type.googleapis.com/envoy.config.endpoint.v3.ClusterLoadAssignment"
+	V3HTTPConnManagerURL      = "type.googleapis.com/envoy.extensions.filters.network.http_connection_manager.v3.HttpConnectionManager"
+	V3UpstreamTLSContextURL   = "type.googleapis.com/envoy.extensions.transport_sockets.tls.v3.UpstreamTlsContext"
+	V3DownstreamTLSContextURL = "type.googleapis.com/envoy.extensions.transport_sockets.tls.v3.DownstreamTlsContext"
+)
diff --git a/vendor/google.golang.org/grpc/xds/server.go b/vendor/google.golang.org/grpc/xds/server.go
new file mode 100644
index 00000000000..3a2b629ae98
--- /dev/null
+++ b/vendor/google.golang.org/grpc/xds/server.go
@@ -0,0 +1,326 @@
+/*
+ *
+ * Copyright 2020 gRPC authors.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ */
+
+package xds
+
+import (
+	"context"
+	"errors"
+	"fmt"
+	"net"
+	"strings"
+	"sync"
+
+	"google.golang.org/grpc"
+	"google.golang.org/grpc/credentials"
+	"google.golang.org/grpc/grpclog"
+	"google.golang.org/grpc/internal"
+	"google.golang.org/grpc/internal/buffer"
+	internalgrpclog "google.golang.org/grpc/internal/grpclog"
+	"google.golang.org/grpc/internal/grpcsync"
+	xdsclient "google.golang.org/grpc/xds/internal/client"
+	"google.golang.org/grpc/xds/internal/client/bootstrap"
+	"google.golang.org/grpc/xds/internal/server"
+)
+
+const serverPrefix = "[xds-server %p] "
+
+var (
+	// These new functions will be overridden in unit tests.
+	newXDSClient = func() (xdsClientInterface, error) {
+		return xdsclient.New()
+	}
+	newGRPCServer = func(opts ...grpc.ServerOption) grpcServerInterface {
+		return grpc.NewServer(opts...)
+	}
+
+	grpcGetServerCreds    = internal.GetServerCredentials.(func(*grpc.Server) credentials.TransportCredentials)
+	drainServerTransports = internal.DrainServerTransports.(func(*grpc.Server, string))
+	logger                = grpclog.Component("xds")
+)
+
+func prefixLogger(p *GRPCServer) *internalgrpclog.PrefixLogger {
+	return internalgrpclog.NewPrefixLogger(logger, fmt.Sprintf(serverPrefix, p))
+}
+
+// xdsClientInterface contains methods from xdsClient.Client which are used by
+// the server. This is useful for overriding in unit tests.
+type xdsClientInterface interface {
+	WatchListener(string, func(xdsclient.ListenerUpdate, error)) func()
+	BootstrapConfig() *bootstrap.Config
+	Close()
+}
+
+// grpcServerInterface contains methods from grpc.Server which are used by the
+// GRPCServer type here. This is useful for overriding in unit tests.
+type grpcServerInterface interface {
+	RegisterService(*grpc.ServiceDesc, interface{})
+	Serve(net.Listener) error
+	Stop()
+	GracefulStop()
+}
+
+// GRPCServer wraps a gRPC server and provides server-side xDS functionality, by
+// communication with a management server using xDS APIs. It implements the
+// grpc.ServiceRegistrar interface and can be passed to service registration
+// functions in IDL generated code.
+type GRPCServer struct {
+	gs            grpcServerInterface
+	quit          *grpcsync.Event
+	logger        *internalgrpclog.PrefixLogger
+	xdsCredsInUse bool
+	opts          *serverOptions
+
+	// clientMu is used only in initXDSClient(), which is called at the
+	// beginning of Serve(), where we have to decide if we have to create a
+	// client or use an existing one.
+	clientMu sync.Mutex
+	xdsC     xdsClientInterface
+}
+
+// NewGRPCServer creates an xDS-enabled gRPC server using the passed in opts.
+// The underlying gRPC server has no service registered and has not started to
+// accept requests yet.
+func NewGRPCServer(opts ...grpc.ServerOption) *GRPCServer {
+	newOpts := []grpc.ServerOption{
+		grpc.ChainUnaryInterceptor(xdsUnaryInterceptor),
+		grpc.ChainStreamInterceptor(xdsStreamInterceptor),
+	}
+	newOpts = append(newOpts, opts...)
+	s := &GRPCServer{
+		gs:   newGRPCServer(newOpts...),
+		quit: grpcsync.NewEvent(),
+		opts: handleServerOptions(opts),
+	}
+	s.logger = prefixLogger(s)
+	s.logger.Infof("Created xds.GRPCServer")
+
+	// We type assert our underlying gRPC server to the real grpc.Server here
+	// before trying to retrieve the configured credentials. This approach
+	// avoids performing the same type assertion in the grpc package which
+	// provides the implementation for internal.GetServerCredentials, and allows
+	// us to use a fake gRPC server in tests.
+	if gs, ok := s.gs.(*grpc.Server); ok {
+		creds := grpcGetServerCreds(gs)
+		if xc, ok := creds.(interface{ UsesXDS() bool }); ok && xc.UsesXDS() {
+			s.xdsCredsInUse = true
+		}
+	}
+
+	s.logger.Infof("xDS credentials in use: %v", s.xdsCredsInUse)
+	return s
+}
+
+// handleServerOptions iterates through the list of server options passed in by
+// the user, and handles the xDS server specific options.
+func handleServerOptions(opts []grpc.ServerOption) *serverOptions {
+	so := &serverOptions{}
+	for _, opt := range opts {
+		if o, ok := opt.(serverOption); ok {
+			o.applyServerOption(so)
+		}
+	}
+	return so
+}
+
+// RegisterService registers a service and its implementation to the underlying
+// gRPC server. It is called from the IDL generated code. This must be called
+// before invoking Serve.
+func (s *GRPCServer) RegisterService(sd *grpc.ServiceDesc, ss interface{}) {
+	s.gs.RegisterService(sd, ss)
+}
+
+// initXDSClient creates a new xdsClient if there is no existing one available.
+func (s *GRPCServer) initXDSClient() error {
+	s.clientMu.Lock()
+	defer s.clientMu.Unlock()
+
+	if s.xdsC != nil {
+		return nil
+	}
+
+	client, err := newXDSClient()
+	if err != nil {
+		return fmt.Errorf("xds: failed to create xds-client: %v", err)
+	}
+	s.xdsC = client
+	s.logger.Infof("Created an xdsClient")
+	return nil
+}
+
+// Serve gets the underlying gRPC server to accept incoming connections on the
+// listener lis, which is expected to be listening on a TCP port.
+//
+// A connection to the management server, to receive xDS configuration, is
+// initiated here.
+//
+// Serve will return a non-nil error unless Stop or GracefulStop is called.
+func (s *GRPCServer) Serve(lis net.Listener) error {
+	s.logger.Infof("Serve() passed a net.Listener on %s", lis.Addr().String())
+	if _, ok := lis.Addr().(*net.TCPAddr); !ok {
+		return fmt.Errorf("xds: GRPCServer expects listener to return a net.TCPAddr. Got %T", lis.Addr())
+	}
+
+	// If this is the first time Serve() is being called, we need to initialize
+	// our xdsClient. If not, we can use the existing one.
+	if err := s.initXDSClient(); err != nil {
+		return err
+	}
+
+	cfg := s.xdsC.BootstrapConfig()
+	if cfg == nil {
+		return errors.New("bootstrap configuration is empty")
+	}
+
+	// If xds credentials were specified by the user, but bootstrap configs do
+	// not contain any certificate provider configuration, it is better to fail
+	// right now rather than failing when attempting to create certificate
+	// providers after receiving an LDS response with security configuration.
+	if s.xdsCredsInUse {
+		if len(cfg.CertProviderConfigs) == 0 {
+			return errors.New("xds: certificate_providers config missing in bootstrap file")
+		}
+	}
+
+	// The server listener resource name template from the bootstrap
+	// configuration contains a template for the name of the Listener resource
+	// to subscribe to for a gRPC server. If the token `%s` is present in the
+	// string, it will be replaced with the server's listening "IP:port" (e.g.,
+	// "0.0.0.0:8080", "[::]:8080"). The absence of a template will be treated
+	// as an error since we do not have any default value for this.
+	if cfg.ServerListenerResourceNameTemplate == "" {
+		return errors.New("missing server_listener_resource_name_template in the bootstrap configuration")
+	}
+	name := cfg.ServerListenerResourceNameTemplate
+	if strings.Contains(cfg.ServerListenerResourceNameTemplate, "%s") {
+		name = strings.Replace(cfg.ServerListenerResourceNameTemplate, "%s", lis.Addr().String(), -1)
+	}
+
+	modeUpdateCh := buffer.NewUnbounded()
+	go func() {
+		s.handleServingModeChanges(modeUpdateCh)
+	}()
+
+	// Create a listenerWrapper which handles all functionality required by
+	// this particular instance of Serve().
+	lw, goodUpdateCh := server.NewListenerWrapper(server.ListenerWrapperParams{
+		Listener:             lis,
+		ListenerResourceName: name,
+		XDSCredsInUse:        s.xdsCredsInUse,
+		XDSClient:            s.xdsC,
+		ModeCallback: func(addr net.Addr, mode server.ServingMode, err error) {
+			modeUpdateCh.Put(&modeChangeArgs{
+				addr: addr,
+				mode: mode,
+				err:  err,
+			})
+		},
+	})
+
+	// Block until a good LDS response is received or the server is stopped.
+	select {
+	case <-s.quit.Done():
+		// Since the listener has not yet been handed over to gs.Serve(), we
+		// need to explicitly close the listener. Cancellation of the xDS watch
+		// is handled by the listenerWrapper.
+		lw.Close()
+		return nil
+	case <-goodUpdateCh:
+	}
+	return s.gs.Serve(lw)
+}
+
+// modeChangeArgs wraps argument required for invoking mode change callback.
+type modeChangeArgs struct {
+	addr net.Addr
+	mode server.ServingMode
+	err  error
+}
+
+// handleServingModeChanges runs as a separate goroutine, spawned from Serve().
+// It reads a channel on to which mode change arguments are pushed, and in turn
+// invokes the user registered callback. It also calls an internal method on the
+// underlying grpc.Server to gracefully close existing connections, if the
+// listener moved to a "not-serving" mode.
+func (s *GRPCServer) handleServingModeChanges(updateCh *buffer.Unbounded) {
+	for {
+		select {
+		case <-s.quit.Done():
+			return
+		case u := <-updateCh.Get():
+			updateCh.Load()
+			args := u.(*modeChangeArgs)
+			if args.mode == ServingModeNotServing {
+				// We type assert our underlying gRPC server to the real
+				// grpc.Server here before trying to initiate the drain
+				// operation. This approach avoids performing the same type
+				// assertion in the grpc package which provides the
+				// implementation for internal.GetServerCredentials, and allows
+				// us to use a fake gRPC server in tests.
+				if gs, ok := s.gs.(*grpc.Server); ok {
+					drainServerTransports(gs, args.addr.String())
+				}
+			}
+			if s.opts.modeCallback != nil {
+				s.opts.modeCallback(args.addr, ServingModeChangeArgs{
+					Mode: args.mode,
+					Err:  args.err,
+				})
+			}
+		}
+	}
+}
+
+// Stop stops the underlying gRPC server. It immediately closes all open
+// connections. It cancels all active RPCs on the server side and the
+// corresponding pending RPCs on the client side will get notified by connection
+// errors.
+func (s *GRPCServer) Stop() {
+	s.quit.Fire()
+	s.gs.Stop()
+	if s.xdsC != nil {
+		s.xdsC.Close()
+	}
+}
+
+// GracefulStop stops the underlying gRPC server gracefully. It stops the server
+// from accepting new connections and RPCs and blocks until all the pending RPCs
+// are finished.
+func (s *GRPCServer) GracefulStop() {
+	s.quit.Fire()
+	s.gs.GracefulStop()
+	if s.xdsC != nil {
+		s.xdsC.Close()
+	}
+}
+
+// xdsUnaryInterceptor is the unary interceptor added to the gRPC server to
+// perform any xDS specific functionality on unary RPCs.
+//
+// This is a no-op at this point.
+func xdsUnaryInterceptor(ctx context.Context, req interface{}, _ *grpc.UnaryServerInfo, handler grpc.UnaryHandler) (resp interface{}, err error) {
+	return handler(ctx, req)
+}
+
+// xdsStreamInterceptor is the stream interceptor added to the gRPC server to
+// perform any xDS specific functionality on streaming RPCs.
+//
+// This is a no-op at this point.
+func xdsStreamInterceptor(srv interface{}, ss grpc.ServerStream, _ *grpc.StreamServerInfo, handler grpc.StreamHandler) error {
+	return handler(srv, ss)
+}
diff --git a/vendor/google.golang.org/grpc/xds/server_options.go b/vendor/google.golang.org/grpc/xds/server_options.go
new file mode 100644
index 00000000000..44b7b374fd0
--- /dev/null
+++ b/vendor/google.golang.org/grpc/xds/server_options.go
@@ -0,0 +1,84 @@
+/*
+ *
+ * Copyright 2021 gRPC authors.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ */
+
+package xds
+
+import (
+	"net"
+
+	"google.golang.org/grpc"
+	iserver "google.golang.org/grpc/xds/internal/server"
+)
+
+// ServingModeCallback returns a grpc.ServerOption which allows users to
+// register a callback to get notified about serving mode changes.
+func ServingModeCallback(cb ServingModeCallbackFunc) grpc.ServerOption {
+	return &smcOption{cb: cb}
+}
+
+type serverOption interface {
+	applyServerOption(*serverOptions)
+}
+
+// smcOption is a server option containing a callback to be invoked when the
+// serving mode changes.
+type smcOption struct {
+	// Embedding the empty server option makes it safe to pass it to
+	// grpc.NewServer().
+	grpc.EmptyServerOption
+	cb ServingModeCallbackFunc
+}
+
+func (s *smcOption) applyServerOption(o *serverOptions) {
+	o.modeCallback = s.cb
+}
+
+type serverOptions struct {
+	modeCallback ServingModeCallbackFunc
+}
+
+// ServingMode indicates the current mode of operation of the server.
+type ServingMode = iserver.ServingMode
+
+const (
+	// ServingModeServing indicates the the server contains all required xDS
+	// configuration is serving RPCs.
+	ServingModeServing = iserver.ServingModeServing
+	// ServingModeNotServing indicates that the server is not accepting new
+	// connections. Existing connections will be closed gracefully, allowing
+	// in-progress RPCs to complete. A server enters this mode when it does not
+	// contain the required xDS configuration to serve RPCs.
+	ServingModeNotServing = iserver.ServingModeNotServing
+)
+
+// ServingModeCallbackFunc is the callback that users can register to get
+// notified about the server's serving mode changes. The callback is invoked
+// with the address of the listener and its new mode.
+//
+// Users must not perform any blocking operations in this callback.
+type ServingModeCallbackFunc func(addr net.Addr, args ServingModeChangeArgs)
+
+// ServingModeChangeArgs wraps the arguments passed to the serving mode callback
+// function.
+type ServingModeChangeArgs struct {
+	// Mode is the new serving mode of the server listener.
+	Mode ServingMode
+	// Err is set to a non-nil error if the server has transitioned into
+	// not-serving mode.
+	Err error
+}
diff --git a/vendor/google.golang.org/grpc/xds/xds.go b/vendor/google.golang.org/grpc/xds/xds.go
new file mode 100644
index 00000000000..23c88903f40
--- /dev/null
+++ b/vendor/google.golang.org/grpc/xds/xds.go
@@ -0,0 +1,78 @@
+/*
+ *
+ * Copyright 2020 gRPC authors.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ */
+
+// Package xds contains an implementation of the xDS suite of protocols, to be
+// used by gRPC client and server applications.
+//
+// On the client-side, users simply need to import this package to get all xDS
+// functionality. On the server-side, users need to use the GRPCServer type
+// exported by this package instead of the regular grpc.Server.
+//
+// See https://github.com/grpc/grpc-go/tree/master/examples/features/xds for
+// example.
+//
+// Experimental
+//
+// Notice: All APIs in this package are experimental and may be removed in a
+// later release.
+package xds
+
+import (
+	"fmt"
+
+	v3statusgrpc "github.com/envoyproxy/go-control-plane/envoy/service/status/v3"
+	"google.golang.org/grpc"
+	internaladmin "google.golang.org/grpc/internal/admin"
+	"google.golang.org/grpc/xds/csds"
+
+	_ "google.golang.org/grpc/credentials/tls/certprovider/pemfile" // Register the file watcher certificate provider plugin.
+	_ "google.golang.org/grpc/xds/internal/balancer"                // Register the balancers.
+	_ "google.golang.org/grpc/xds/internal/client/v2"               // Register the v2 xDS API client.
+	_ "google.golang.org/grpc/xds/internal/client/v3"               // Register the v3 xDS API client.
+	_ "google.golang.org/grpc/xds/internal/httpfilter/fault"        // Register the fault injection filter.
+	_ "google.golang.org/grpc/xds/internal/resolver"                // Register the xds_resolver.
+)
+
+func init() {
+	internaladmin.AddService(func(registrar grpc.ServiceRegistrar) (func(), error) {
+		var grpcServer *grpc.Server
+		switch ss := registrar.(type) {
+		case *grpc.Server:
+			grpcServer = ss
+		case *GRPCServer:
+			sss, ok := ss.gs.(*grpc.Server)
+			if !ok {
+				logger.Warningf("grpc server within xds.GRPCServer is not *grpc.Server, CSDS will not be registered")
+				return nil, nil
+			}
+			grpcServer = sss
+		default:
+			// Returning an error would cause the top level admin.Register() to
+			// fail. Log a warning instead.
+			logger.Warningf("server to register service on is neither a *grpc.Server or a *xds.GRPCServer, CSDS will not be registered")
+			return nil, nil
+		}
+
+		csdss, err := csds.NewClientStatusDiscoveryServer()
+		if err != nil {
+			return nil, fmt.Errorf("failed to create csds server: %v", err)
+		}
+		v3statusgrpc.RegisterClientStatusDiscoveryServiceServer(grpcServer, csdss)
+		return csdss.Close, nil
+	})
+}
diff --git a/vendor/google.golang.org/protobuf/types/known/structpb/struct.pb.go b/vendor/google.golang.org/protobuf/types/known/structpb/struct.pb.go
new file mode 100644
index 00000000000..586690522a4
--- /dev/null
+++ b/vendor/google.golang.org/protobuf/types/known/structpb/struct.pb.go
@@ -0,0 +1,810 @@
+// Protocol Buffers - Google's data interchange format
+// Copyright 2008 Google Inc.  All rights reserved.
+// https://developers.google.com/protocol-buffers/
+//
+// Redistribution and use in source and binary forms, with or without
+// modification, are permitted provided that the following conditions are
+// met:
+//
+//     * Redistributions of source code must retain the above copyright
+// notice, this list of conditions and the following disclaimer.
+//     * Redistributions in binary form must reproduce the above
+// copyright notice, this list of conditions and the following disclaimer
+// in the documentation and/or other materials provided with the
+// distribution.
+//     * Neither the name of Google Inc. nor the names of its
+// contributors may be used to endorse or promote products derived from
+// this software without specific prior written permission.
+//
+// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+// "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+// LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
+// A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+// OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+// SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+// LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+// DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+// THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+// (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+// OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+
+// Code generated by protoc-gen-go. DO NOT EDIT.
+// source: google/protobuf/struct.proto
+
+// Package structpb contains generated types for google/protobuf/struct.proto.
+//
+// The messages (i.e., Value, Struct, and ListValue) defined in struct.proto are
+// used to represent arbitrary JSON. The Value message represents a JSON value,
+// the Struct message represents a JSON object, and the ListValue message
+// represents a JSON array. See https://json.org for more information.
+//
+// The Value, Struct, and ListValue types have generated MarshalJSON and
+// UnmarshalJSON methods such that they serialize JSON equivalent to what the
+// messages themselves represent. Use of these types with the
+// "google.golang.org/protobuf/encoding/protojson" package
+// ensures that they will be serialized as their JSON equivalent.
+//
+//
+// Conversion to and from a Go interface
+//
+// The standard Go "encoding/json" package has functionality to serialize
+// arbitrary types to a large degree. The Value.AsInterface, Struct.AsMap, and
+// ListValue.AsSlice methods can convert the protobuf message representation into
+// a form represented by interface{}, map[string]interface{}, and []interface{}.
+// This form can be used with other packages that operate on such data structures
+// and also directly with the standard json package.
+//
+// In order to convert the interface{}, map[string]interface{}, and []interface{}
+// forms back as Value, Struct, and ListValue messages, use the NewStruct,
+// NewList, and NewValue constructor functions.
+//
+//
+// Example usage
+//
+// Consider the following example JSON object:
+//
+//	{
+//		"firstName": "John",
+//		"lastName": "Smith",
+//		"isAlive": true,
+//		"age": 27,
+//		"address": {
+//			"streetAddress": "21 2nd Street",
+//			"city": "New York",
+//			"state": "NY",
+//			"postalCode": "10021-3100"
+//		},
+//		"phoneNumbers": [
+//			{
+//				"type": "home",
+//				"number": "212 555-1234"
+//			},
+//			{
+//				"type": "office",
+//				"number": "646 555-4567"
+//			}
+//		],
+//		"children": [],
+//		"spouse": null
+//	}
+//
+// To construct a Value message representing the above JSON object:
+//
+//	m, err := structpb.NewValue(map[string]interface{}{
+//		"firstName": "John",
+//		"lastName":  "Smith",
+//		"isAlive":   true,
+//		"age":       27,
+//		"address": map[string]interface{}{
+//			"streetAddress": "21 2nd Street",
+//			"city":          "New York",
+//			"state":         "NY",
+//			"postalCode":    "10021-3100",
+//		},
+//		"phoneNumbers": []interface{}{
+//			map[string]interface{}{
+//				"type":   "home",
+//				"number": "212 555-1234",
+//			},
+//			map[string]interface{}{
+//				"type":   "office",
+//				"number": "646 555-4567",
+//			},
+//		},
+//		"children": []interface{}{},
+//		"spouse":   nil,
+//	})
+//	if err != nil {
+//		... // handle error
+//	}
+//	... // make use of m as a *structpb.Value
+//
+package structpb
+
+import (
+	base64 "encoding/base64"
+	protojson "google.golang.org/protobuf/encoding/protojson"
+	protoreflect "google.golang.org/protobuf/reflect/protoreflect"
+	protoimpl "google.golang.org/protobuf/runtime/protoimpl"
+	math "math"
+	reflect "reflect"
+	sync "sync"
+	utf8 "unicode/utf8"
+)
+
+// `NullValue` is a singleton enumeration to represent the null value for the
+// `Value` type union.
+//
+//  The JSON representation for `NullValue` is JSON `null`.
+type NullValue int32
+
+const (
+	// Null value.
+	NullValue_NULL_VALUE NullValue = 0
+)
+
+// Enum value maps for NullValue.
+var (
+	NullValue_name = map[int32]string{
+		0: "NULL_VALUE",
+	}
+	NullValue_value = map[string]int32{
+		"NULL_VALUE": 0,
+	}
+)
+
+func (x NullValue) Enum() *NullValue {
+	p := new(NullValue)
+	*p = x
+	return p
+}
+
+func (x NullValue) String() string {
+	return protoimpl.X.EnumStringOf(x.Descriptor(), protoreflect.EnumNumber(x))
+}
+
+func (NullValue) Descriptor() protoreflect.EnumDescriptor {
+	return file_google_protobuf_struct_proto_enumTypes[0].Descriptor()
+}
+
+func (NullValue) Type() protoreflect.EnumType {
+	return &file_google_protobuf_struct_proto_enumTypes[0]
+}
+
+func (x NullValue) Number() protoreflect.EnumNumber {
+	return protoreflect.EnumNumber(x)
+}
+
+// Deprecated: Use NullValue.Descriptor instead.
+func (NullValue) EnumDescriptor() ([]byte, []int) {
+	return file_google_protobuf_struct_proto_rawDescGZIP(), []int{0}
+}
+
+// `Struct` represents a structured data value, consisting of fields
+// which map to dynamically typed values. In some languages, `Struct`
+// might be supported by a native representation. For example, in
+// scripting languages like JS a struct is represented as an
+// object. The details of that representation are described together
+// with the proto support for the language.
+//
+// The JSON representation for `Struct` is JSON object.
+type Struct struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// Unordered map of dynamically typed values.
+	Fields map[string]*Value `protobuf:"bytes,1,rep,name=fields,proto3" json:"fields,omitempty" protobuf_key:"bytes,1,opt,name=key,proto3" protobuf_val:"bytes,2,opt,name=value,proto3"`
+}
+
+// NewStruct constructs a Struct from a general-purpose Go map.
+// The map keys must be valid UTF-8.
+// The map values are converted using NewValue.
+func NewStruct(v map[string]interface{}) (*Struct, error) {
+	x := &Struct{Fields: make(map[string]*Value, len(v))}
+	for k, v := range v {
+		if !utf8.ValidString(k) {
+			return nil, protoimpl.X.NewError("invalid UTF-8 in string: %q", k)
+		}
+		var err error
+		x.Fields[k], err = NewValue(v)
+		if err != nil {
+			return nil, err
+		}
+	}
+	return x, nil
+}
+
+// AsMap converts x to a general-purpose Go map.
+// The map values are converted by calling Value.AsInterface.
+func (x *Struct) AsMap() map[string]interface{} {
+	vs := make(map[string]interface{})
+	for k, v := range x.GetFields() {
+		vs[k] = v.AsInterface()
+	}
+	return vs
+}
+
+func (x *Struct) MarshalJSON() ([]byte, error) {
+	return protojson.Marshal(x)
+}
+
+func (x *Struct) UnmarshalJSON(b []byte) error {
+	return protojson.Unmarshal(b, x)
+}
+
+func (x *Struct) Reset() {
+	*x = Struct{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_google_protobuf_struct_proto_msgTypes[0]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *Struct) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*Struct) ProtoMessage() {}
+
+func (x *Struct) ProtoReflect() protoreflect.Message {
+	mi := &file_google_protobuf_struct_proto_msgTypes[0]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use Struct.ProtoReflect.Descriptor instead.
+func (*Struct) Descriptor() ([]byte, []int) {
+	return file_google_protobuf_struct_proto_rawDescGZIP(), []int{0}
+}
+
+func (x *Struct) GetFields() map[string]*Value {
+	if x != nil {
+		return x.Fields
+	}
+	return nil
+}
+
+// `Value` represents a dynamically typed value which can be either
+// null, a number, a string, a boolean, a recursive struct value, or a
+// list of values. A producer of value is expected to set one of that
+// variants, absence of any variant indicates an error.
+//
+// The JSON representation for `Value` is JSON value.
+type Value struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// The kind of value.
+	//
+	// Types that are assignable to Kind:
+	//	*Value_NullValue
+	//	*Value_NumberValue
+	//	*Value_StringValue
+	//	*Value_BoolValue
+	//	*Value_StructValue
+	//	*Value_ListValue
+	Kind isValue_Kind `protobuf_oneof:"kind"`
+}
+
+// NewValue constructs a Value from a general-purpose Go interface.
+//
+//	╔════════════════════════╤════════════════════════════════════════════╗
+//	║ Go type                │ Conversion                                 ║
+//	╠════════════════════════╪════════════════════════════════════════════╣
+//	║ nil                    │ stored as NullValue                        ║
+//	║ bool                   │ stored as BoolValue                        ║
+//	║ int, int32, int64      │ stored as NumberValue                      ║
+//	║ uint, uint32, uint64   │ stored as NumberValue                      ║
+//	║ float32, float64       │ stored as NumberValue                      ║
+//	║ string                 │ stored as StringValue; must be valid UTF-8 ║
+//	║ []byte                 │ stored as StringValue; base64-encoded      ║
+//	║ map[string]interface{} │ stored as StructValue                      ║
+//	║ []interface{}          │ stored as ListValue                        ║
+//	╚════════════════════════╧════════════════════════════════════════════╝
+//
+// When converting an int64 or uint64 to a NumberValue, numeric precision loss
+// is possible since they are stored as a float64.
+func NewValue(v interface{}) (*Value, error) {
+	switch v := v.(type) {
+	case nil:
+		return NewNullValue(), nil
+	case bool:
+		return NewBoolValue(v), nil
+	case int:
+		return NewNumberValue(float64(v)), nil
+	case int32:
+		return NewNumberValue(float64(v)), nil
+	case int64:
+		return NewNumberValue(float64(v)), nil
+	case uint:
+		return NewNumberValue(float64(v)), nil
+	case uint32:
+		return NewNumberValue(float64(v)), nil
+	case uint64:
+		return NewNumberValue(float64(v)), nil
+	case float32:
+		return NewNumberValue(float64(v)), nil
+	case float64:
+		return NewNumberValue(float64(v)), nil
+	case string:
+		if !utf8.ValidString(v) {
+			return nil, protoimpl.X.NewError("invalid UTF-8 in string: %q", v)
+		}
+		return NewStringValue(v), nil
+	case []byte:
+		s := base64.StdEncoding.EncodeToString(v)
+		return NewStringValue(s), nil
+	case map[string]interface{}:
+		v2, err := NewStruct(v)
+		if err != nil {
+			return nil, err
+		}
+		return NewStructValue(v2), nil
+	case []interface{}:
+		v2, err := NewList(v)
+		if err != nil {
+			return nil, err
+		}
+		return NewListValue(v2), nil
+	default:
+		return nil, protoimpl.X.NewError("invalid type: %T", v)
+	}
+}
+
+// NewNullValue constructs a new null Value.
+func NewNullValue() *Value {
+	return &Value{Kind: &Value_NullValue{NullValue: NullValue_NULL_VALUE}}
+}
+
+// NewBoolValue constructs a new boolean Value.
+func NewBoolValue(v bool) *Value {
+	return &Value{Kind: &Value_BoolValue{BoolValue: v}}
+}
+
+// NewNumberValue constructs a new number Value.
+func NewNumberValue(v float64) *Value {
+	return &Value{Kind: &Value_NumberValue{NumberValue: v}}
+}
+
+// NewStringValue constructs a new string Value.
+func NewStringValue(v string) *Value {
+	return &Value{Kind: &Value_StringValue{StringValue: v}}
+}
+
+// NewStructValue constructs a new struct Value.
+func NewStructValue(v *Struct) *Value {
+	return &Value{Kind: &Value_StructValue{StructValue: v}}
+}
+
+// NewListValue constructs a new list Value.
+func NewListValue(v *ListValue) *Value {
+	return &Value{Kind: &Value_ListValue{ListValue: v}}
+}
+
+// AsInterface converts x to a general-purpose Go interface.
+//
+// Calling Value.MarshalJSON and "encoding/json".Marshal on this output produce
+// semantically equivalent JSON (assuming no errors occur).
+//
+// Floating-point values (i.e., "NaN", "Infinity", and "-Infinity") are
+// converted as strings to remain compatible with MarshalJSON.
+func (x *Value) AsInterface() interface{} {
+	switch v := x.GetKind().(type) {
+	case *Value_NumberValue:
+		if v != nil {
+			switch {
+			case math.IsNaN(v.NumberValue):
+				return "NaN"
+			case math.IsInf(v.NumberValue, +1):
+				return "Infinity"
+			case math.IsInf(v.NumberValue, -1):
+				return "-Infinity"
+			default:
+				return v.NumberValue
+			}
+		}
+	case *Value_StringValue:
+		if v != nil {
+			return v.StringValue
+		}
+	case *Value_BoolValue:
+		if v != nil {
+			return v.BoolValue
+		}
+	case *Value_StructValue:
+		if v != nil {
+			return v.StructValue.AsMap()
+		}
+	case *Value_ListValue:
+		if v != nil {
+			return v.ListValue.AsSlice()
+		}
+	}
+	return nil
+}
+
+func (x *Value) MarshalJSON() ([]byte, error) {
+	return protojson.Marshal(x)
+}
+
+func (x *Value) UnmarshalJSON(b []byte) error {
+	return protojson.Unmarshal(b, x)
+}
+
+func (x *Value) Reset() {
+	*x = Value{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_google_protobuf_struct_proto_msgTypes[1]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *Value) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*Value) ProtoMessage() {}
+
+func (x *Value) ProtoReflect() protoreflect.Message {
+	mi := &file_google_protobuf_struct_proto_msgTypes[1]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use Value.ProtoReflect.Descriptor instead.
+func (*Value) Descriptor() ([]byte, []int) {
+	return file_google_protobuf_struct_proto_rawDescGZIP(), []int{1}
+}
+
+func (m *Value) GetKind() isValue_Kind {
+	if m != nil {
+		return m.Kind
+	}
+	return nil
+}
+
+func (x *Value) GetNullValue() NullValue {
+	if x, ok := x.GetKind().(*Value_NullValue); ok {
+		return x.NullValue
+	}
+	return NullValue_NULL_VALUE
+}
+
+func (x *Value) GetNumberValue() float64 {
+	if x, ok := x.GetKind().(*Value_NumberValue); ok {
+		return x.NumberValue
+	}
+	return 0
+}
+
+func (x *Value) GetStringValue() string {
+	if x, ok := x.GetKind().(*Value_StringValue); ok {
+		return x.StringValue
+	}
+	return ""
+}
+
+func (x *Value) GetBoolValue() bool {
+	if x, ok := x.GetKind().(*Value_BoolValue); ok {
+		return x.BoolValue
+	}
+	return false
+}
+
+func (x *Value) GetStructValue() *Struct {
+	if x, ok := x.GetKind().(*Value_StructValue); ok {
+		return x.StructValue
+	}
+	return nil
+}
+
+func (x *Value) GetListValue() *ListValue {
+	if x, ok := x.GetKind().(*Value_ListValue); ok {
+		return x.ListValue
+	}
+	return nil
+}
+
+type isValue_Kind interface {
+	isValue_Kind()
+}
+
+type Value_NullValue struct {
+	// Represents a null value.
+	NullValue NullValue `protobuf:"varint,1,opt,name=null_value,json=nullValue,proto3,enum=google.protobuf.NullValue,oneof"`
+}
+
+type Value_NumberValue struct {
+	// Represents a double value.
+	NumberValue float64 `protobuf:"fixed64,2,opt,name=number_value,json=numberValue,proto3,oneof"`
+}
+
+type Value_StringValue struct {
+	// Represents a string value.
+	StringValue string `protobuf:"bytes,3,opt,name=string_value,json=stringValue,proto3,oneof"`
+}
+
+type Value_BoolValue struct {
+	// Represents a boolean value.
+	BoolValue bool `protobuf:"varint,4,opt,name=bool_value,json=boolValue,proto3,oneof"`
+}
+
+type Value_StructValue struct {
+	// Represents a structured value.
+	StructValue *Struct `protobuf:"bytes,5,opt,name=struct_value,json=structValue,proto3,oneof"`
+}
+
+type Value_ListValue struct {
+	// Represents a repeated `Value`.
+	ListValue *ListValue `protobuf:"bytes,6,opt,name=list_value,json=listValue,proto3,oneof"`
+}
+
+func (*Value_NullValue) isValue_Kind() {}
+
+func (*Value_NumberValue) isValue_Kind() {}
+
+func (*Value_StringValue) isValue_Kind() {}
+
+func (*Value_BoolValue) isValue_Kind() {}
+
+func (*Value_StructValue) isValue_Kind() {}
+
+func (*Value_ListValue) isValue_Kind() {}
+
+// `ListValue` is a wrapper around a repeated field of values.
+//
+// The JSON representation for `ListValue` is JSON array.
+type ListValue struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// Repeated field of dynamically typed values.
+	Values []*Value `protobuf:"bytes,1,rep,name=values,proto3" json:"values,omitempty"`
+}
+
+// NewList constructs a ListValue from a general-purpose Go slice.
+// The slice elements are converted using NewValue.
+func NewList(v []interface{}) (*ListValue, error) {
+	x := &ListValue{Values: make([]*Value, len(v))}
+	for i, v := range v {
+		var err error
+		x.Values[i], err = NewValue(v)
+		if err != nil {
+			return nil, err
+		}
+	}
+	return x, nil
+}
+
+// AsSlice converts x to a general-purpose Go slice.
+// The slice elements are converted by calling Value.AsInterface.
+func (x *ListValue) AsSlice() []interface{} {
+	vs := make([]interface{}, len(x.GetValues()))
+	for i, v := range x.GetValues() {
+		vs[i] = v.AsInterface()
+	}
+	return vs
+}
+
+func (x *ListValue) MarshalJSON() ([]byte, error) {
+	return protojson.Marshal(x)
+}
+
+func (x *ListValue) UnmarshalJSON(b []byte) error {
+	return protojson.Unmarshal(b, x)
+}
+
+func (x *ListValue) Reset() {
+	*x = ListValue{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_google_protobuf_struct_proto_msgTypes[2]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *ListValue) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*ListValue) ProtoMessage() {}
+
+func (x *ListValue) ProtoReflect() protoreflect.Message {
+	mi := &file_google_protobuf_struct_proto_msgTypes[2]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use ListValue.ProtoReflect.Descriptor instead.
+func (*ListValue) Descriptor() ([]byte, []int) {
+	return file_google_protobuf_struct_proto_rawDescGZIP(), []int{2}
+}
+
+func (x *ListValue) GetValues() []*Value {
+	if x != nil {
+		return x.Values
+	}
+	return nil
+}
+
+var File_google_protobuf_struct_proto protoreflect.FileDescriptor
+
+var file_google_protobuf_struct_proto_rawDesc = []byte{
+	0x0a, 0x1c, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2f, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75,
+	0x66, 0x2f, 0x73, 0x74, 0x72, 0x75, 0x63, 0x74, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x12, 0x0f,
+	0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x22,
+	0x98, 0x01, 0x0a, 0x06, 0x53, 0x74, 0x72, 0x75, 0x63, 0x74, 0x12, 0x3b, 0x0a, 0x06, 0x66, 0x69,
+	0x65, 0x6c, 0x64, 0x73, 0x18, 0x01, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x23, 0x2e, 0x67, 0x6f, 0x6f,
+	0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x53, 0x74, 0x72,
+	0x75, 0x63, 0x74, 0x2e, 0x46, 0x69, 0x65, 0x6c, 0x64, 0x73, 0x45, 0x6e, 0x74, 0x72, 0x79, 0x52,
+	0x06, 0x66, 0x69, 0x65, 0x6c, 0x64, 0x73, 0x1a, 0x51, 0x0a, 0x0b, 0x46, 0x69, 0x65, 0x6c, 0x64,
+	0x73, 0x45, 0x6e, 0x74, 0x72, 0x79, 0x12, 0x10, 0x0a, 0x03, 0x6b, 0x65, 0x79, 0x18, 0x01, 0x20,
+	0x01, 0x28, 0x09, 0x52, 0x03, 0x6b, 0x65, 0x79, 0x12, 0x2c, 0x0a, 0x05, 0x76, 0x61, 0x6c, 0x75,
+	0x65, 0x18, 0x02, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x16, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65,
+	0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x56, 0x61, 0x6c, 0x75, 0x65, 0x52,
+	0x05, 0x76, 0x61, 0x6c, 0x75, 0x65, 0x3a, 0x02, 0x38, 0x01, 0x22, 0xb2, 0x02, 0x0a, 0x05, 0x56,
+	0x61, 0x6c, 0x75, 0x65, 0x12, 0x3b, 0x0a, 0x0a, 0x6e, 0x75, 0x6c, 0x6c, 0x5f, 0x76, 0x61, 0x6c,
+	0x75, 0x65, 0x18, 0x01, 0x20, 0x01, 0x28, 0x0e, 0x32, 0x1a, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c,
+	0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x4e, 0x75, 0x6c, 0x6c, 0x56,
+	0x61, 0x6c, 0x75, 0x65, 0x48, 0x00, 0x52, 0x09, 0x6e, 0x75, 0x6c, 0x6c, 0x56, 0x61, 0x6c, 0x75,
+	0x65, 0x12, 0x23, 0x0a, 0x0c, 0x6e, 0x75, 0x6d, 0x62, 0x65, 0x72, 0x5f, 0x76, 0x61, 0x6c, 0x75,
+	0x65, 0x18, 0x02, 0x20, 0x01, 0x28, 0x01, 0x48, 0x00, 0x52, 0x0b, 0x6e, 0x75, 0x6d, 0x62, 0x65,
+	0x72, 0x56, 0x61, 0x6c, 0x75, 0x65, 0x12, 0x23, 0x0a, 0x0c, 0x73, 0x74, 0x72, 0x69, 0x6e, 0x67,
+	0x5f, 0x76, 0x61, 0x6c, 0x75, 0x65, 0x18, 0x03, 0x20, 0x01, 0x28, 0x09, 0x48, 0x00, 0x52, 0x0b,
+	0x73, 0x74, 0x72, 0x69, 0x6e, 0x67, 0x56, 0x61, 0x6c, 0x75, 0x65, 0x12, 0x1f, 0x0a, 0x0a, 0x62,
+	0x6f, 0x6f, 0x6c, 0x5f, 0x76, 0x61, 0x6c, 0x75, 0x65, 0x18, 0x04, 0x20, 0x01, 0x28, 0x08, 0x48,
+	0x00, 0x52, 0x09, 0x62, 0x6f, 0x6f, 0x6c, 0x56, 0x61, 0x6c, 0x75, 0x65, 0x12, 0x3c, 0x0a, 0x0c,
+	0x73, 0x74, 0x72, 0x75, 0x63, 0x74, 0x5f, 0x76, 0x61, 0x6c, 0x75, 0x65, 0x18, 0x05, 0x20, 0x01,
+	0x28, 0x0b, 0x32, 0x17, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74,
+	0x6f, 0x62, 0x75, 0x66, 0x2e, 0x53, 0x74, 0x72, 0x75, 0x63, 0x74, 0x48, 0x00, 0x52, 0x0b, 0x73,
+	0x74, 0x72, 0x75, 0x63, 0x74, 0x56, 0x61, 0x6c, 0x75, 0x65, 0x12, 0x3b, 0x0a, 0x0a, 0x6c, 0x69,
+	0x73, 0x74, 0x5f, 0x76, 0x61, 0x6c, 0x75, 0x65, 0x18, 0x06, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1a,
+	0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66,
+	0x2e, 0x4c, 0x69, 0x73, 0x74, 0x56, 0x61, 0x6c, 0x75, 0x65, 0x48, 0x00, 0x52, 0x09, 0x6c, 0x69,
+	0x73, 0x74, 0x56, 0x61, 0x6c, 0x75, 0x65, 0x42, 0x06, 0x0a, 0x04, 0x6b, 0x69, 0x6e, 0x64, 0x22,
+	0x3b, 0x0a, 0x09, 0x4c, 0x69, 0x73, 0x74, 0x56, 0x61, 0x6c, 0x75, 0x65, 0x12, 0x2e, 0x0a, 0x06,
+	0x76, 0x61, 0x6c, 0x75, 0x65, 0x73, 0x18, 0x01, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x16, 0x2e, 0x67,
+	0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x56,
+	0x61, 0x6c, 0x75, 0x65, 0x52, 0x06, 0x76, 0x61, 0x6c, 0x75, 0x65, 0x73, 0x2a, 0x1b, 0x0a, 0x09,
+	0x4e, 0x75, 0x6c, 0x6c, 0x56, 0x61, 0x6c, 0x75, 0x65, 0x12, 0x0e, 0x0a, 0x0a, 0x4e, 0x55, 0x4c,
+	0x4c, 0x5f, 0x56, 0x41, 0x4c, 0x55, 0x45, 0x10, 0x00, 0x42, 0x7f, 0x0a, 0x13, 0x63, 0x6f, 0x6d,
+	0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66,
+	0x42, 0x0b, 0x53, 0x74, 0x72, 0x75, 0x63, 0x74, 0x50, 0x72, 0x6f, 0x74, 0x6f, 0x50, 0x01, 0x5a,
+	0x2f, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x67, 0x6f, 0x6c, 0x61, 0x6e, 0x67, 0x2e, 0x6f,
+	0x72, 0x67, 0x2f, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2f, 0x74, 0x79, 0x70, 0x65,
+	0x73, 0x2f, 0x6b, 0x6e, 0x6f, 0x77, 0x6e, 0x2f, 0x73, 0x74, 0x72, 0x75, 0x63, 0x74, 0x70, 0x62,
+	0xf8, 0x01, 0x01, 0xa2, 0x02, 0x03, 0x47, 0x50, 0x42, 0xaa, 0x02, 0x1e, 0x47, 0x6f, 0x6f, 0x67,
+	0x6c, 0x65, 0x2e, 0x50, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x57, 0x65, 0x6c, 0x6c,
+	0x4b, 0x6e, 0x6f, 0x77, 0x6e, 0x54, 0x79, 0x70, 0x65, 0x73, 0x62, 0x06, 0x70, 0x72, 0x6f, 0x74,
+	0x6f, 0x33,
+}
+
+var (
+	file_google_protobuf_struct_proto_rawDescOnce sync.Once
+	file_google_protobuf_struct_proto_rawDescData = file_google_protobuf_struct_proto_rawDesc
+)
+
+func file_google_protobuf_struct_proto_rawDescGZIP() []byte {
+	file_google_protobuf_struct_proto_rawDescOnce.Do(func() {
+		file_google_protobuf_struct_proto_rawDescData = protoimpl.X.CompressGZIP(file_google_protobuf_struct_proto_rawDescData)
+	})
+	return file_google_protobuf_struct_proto_rawDescData
+}
+
+var file_google_protobuf_struct_proto_enumTypes = make([]protoimpl.EnumInfo, 1)
+var file_google_protobuf_struct_proto_msgTypes = make([]protoimpl.MessageInfo, 4)
+var file_google_protobuf_struct_proto_goTypes = []interface{}{
+	(NullValue)(0),    // 0: google.protobuf.NullValue
+	(*Struct)(nil),    // 1: google.protobuf.Struct
+	(*Value)(nil),     // 2: google.protobuf.Value
+	(*ListValue)(nil), // 3: google.protobuf.ListValue
+	nil,               // 4: google.protobuf.Struct.FieldsEntry
+}
+var file_google_protobuf_struct_proto_depIdxs = []int32{
+	4, // 0: google.protobuf.Struct.fields:type_name -> google.protobuf.Struct.FieldsEntry
+	0, // 1: google.protobuf.Value.null_value:type_name -> google.protobuf.NullValue
+	1, // 2: google.protobuf.Value.struct_value:type_name -> google.protobuf.Struct
+	3, // 3: google.protobuf.Value.list_value:type_name -> google.protobuf.ListValue
+	2, // 4: google.protobuf.ListValue.values:type_name -> google.protobuf.Value
+	2, // 5: google.protobuf.Struct.FieldsEntry.value:type_name -> google.protobuf.Value
+	6, // [6:6] is the sub-list for method output_type
+	6, // [6:6] is the sub-list for method input_type
+	6, // [6:6] is the sub-list for extension type_name
+	6, // [6:6] is the sub-list for extension extendee
+	0, // [0:6] is the sub-list for field type_name
+}
+
+func init() { file_google_protobuf_struct_proto_init() }
+func file_google_protobuf_struct_proto_init() {
+	if File_google_protobuf_struct_proto != nil {
+		return
+	}
+	if !protoimpl.UnsafeEnabled {
+		file_google_protobuf_struct_proto_msgTypes[0].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*Struct); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_google_protobuf_struct_proto_msgTypes[1].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*Value); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_google_protobuf_struct_proto_msgTypes[2].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*ListValue); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+	}
+	file_google_protobuf_struct_proto_msgTypes[1].OneofWrappers = []interface{}{
+		(*Value_NullValue)(nil),
+		(*Value_NumberValue)(nil),
+		(*Value_StringValue)(nil),
+		(*Value_BoolValue)(nil),
+		(*Value_StructValue)(nil),
+		(*Value_ListValue)(nil),
+	}
+	type x struct{}
+	out := protoimpl.TypeBuilder{
+		File: protoimpl.DescBuilder{
+			GoPackagePath: reflect.TypeOf(x{}).PkgPath(),
+			RawDescriptor: file_google_protobuf_struct_proto_rawDesc,
+			NumEnums:      1,
+			NumMessages:   4,
+			NumExtensions: 0,
+			NumServices:   0,
+		},
+		GoTypes:           file_google_protobuf_struct_proto_goTypes,
+		DependencyIndexes: file_google_protobuf_struct_proto_depIdxs,
+		EnumInfos:         file_google_protobuf_struct_proto_enumTypes,
+		MessageInfos:      file_google_protobuf_struct_proto_msgTypes,
+	}.Build()
+	File_google_protobuf_struct_proto = out.File
+	file_google_protobuf_struct_proto_rawDesc = nil
+	file_google_protobuf_struct_proto_goTypes = nil
+	file_google_protobuf_struct_proto_depIdxs = nil
+}
diff --git a/vendor/gopkg.in/fsnotify/fsnotify.v1/.editorconfig b/vendor/gopkg.in/fsnotify/fsnotify.v1/.editorconfig
deleted file mode 100644
index ba49e3c2349..00000000000
--- a/vendor/gopkg.in/fsnotify/fsnotify.v1/.editorconfig
+++ /dev/null
@@ -1,5 +0,0 @@
-root = true
-
-[*]
-indent_style = tab
-indent_size = 4
diff --git a/vendor/gopkg.in/fsnotify/fsnotify.v1/.gitignore b/vendor/gopkg.in/fsnotify/fsnotify.v1/.gitignore
deleted file mode 100644
index 4cd0cbaf432..00000000000
--- a/vendor/gopkg.in/fsnotify/fsnotify.v1/.gitignore
+++ /dev/null
@@ -1,6 +0,0 @@
-# Setup a Global .gitignore for OS and editor generated files:
-# https://help.github.com/articles/ignoring-files
-# git config --global core.excludesfile ~/.gitignore_global
-
-.vagrant
-*.sublime-project
diff --git a/vendor/gopkg.in/fsnotify/fsnotify.v1/.travis.yml b/vendor/gopkg.in/fsnotify/fsnotify.v1/.travis.yml
deleted file mode 100644
index 981d1bb8132..00000000000
--- a/vendor/gopkg.in/fsnotify/fsnotify.v1/.travis.yml
+++ /dev/null
@@ -1,30 +0,0 @@
-sudo: false
-language: go
-
-go:
-  - 1.8.x
-  - 1.9.x
-  - tip
-
-matrix:
-  allow_failures:
-    - go: tip
-  fast_finish: true
-
-before_script:
-  - go get -u github.com/golang/lint/golint
-
-script:
-  - go test -v --race ./...
-
-after_script:
-  - test -z "$(gofmt -s -l -w . | tee /dev/stderr)"
-  - test -z "$(golint ./...     | tee /dev/stderr)"
-  - go vet ./...
-
-os:
-  - linux
-  - osx
-
-notifications:
-  email: false
diff --git a/vendor/gopkg.in/fsnotify/fsnotify.v1/AUTHORS b/vendor/gopkg.in/fsnotify/fsnotify.v1/AUTHORS
deleted file mode 100644
index 5ab5d41c547..00000000000
--- a/vendor/gopkg.in/fsnotify/fsnotify.v1/AUTHORS
+++ /dev/null
@@ -1,52 +0,0 @@
-# Names should be added to this file as
-#	Name or Organization <email address>
-# The email address is not required for organizations.
-
-# You can update this list using the following command:
-#
-#   $ git shortlog -se | awk '{print $2 " " $3 " " $4}'
-
-# Please keep the list sorted.
-
-Aaron L <aaron@bettercoder.net>
-Adrien Bustany <adrien@bustany.org>
-Amit Krishnan <amit.krishnan@oracle.com>
-Anmol Sethi <me@anmol.io>
-Bjørn Erik Pedersen <bjorn.erik.pedersen@gmail.com>
-Bruno Bigras <bigras.bruno@gmail.com>
-Caleb Spare <cespare@gmail.com>
-Case Nelson <case@teammating.com>
-Chris Howey <chris@howey.me> <howeyc@gmail.com>
-Christoffer Buchholz <christoffer.buchholz@gmail.com>
-Daniel Wagner-Hall <dawagner@gmail.com>
-Dave Cheney <dave@cheney.net>
-Evan Phoenix <evan@fallingsnow.net>
-Francisco Souza <f@souza.cc>
-Hari haran <hariharan.uno@gmail.com>
-John C Barstow
-Kelvin Fo <vmirage@gmail.com>
-Ken-ichirou MATSUZAWA <chamas@h4.dion.ne.jp>
-Matt Layher <mdlayher@gmail.com>
-Nathan Youngman <git@nathany.com>
-Nickolai Zeldovich <nickolai@csail.mit.edu>
-Patrick <patrick@dropbox.com>
-Paul Hammond <paul@paulhammond.org>
-Pawel Knap <pawelknap88@gmail.com>
-Pieter Droogendijk <pieter@binky.org.uk>
-Pursuit92 <JoshChase@techpursuit.net>
-Riku Voipio <riku.voipio@linaro.org>
-Rob Figueiredo <robfig@gmail.com>
-Rodrigo Chiossi <rodrigochiossi@gmail.com>
-Slawek Ligus <root@ooz.ie>
-Soge Zhang <zhssoge@gmail.com>
-Tiffany Jernigan <tiffany.jernigan@intel.com>
-Tilak Sharma <tilaks@google.com>
-Tom Payne <twpayne@gmail.com>
-Travis Cline <travis.cline@gmail.com>
-Tudor Golubenco <tudor.g@gmail.com>
-Vahe Khachikyan <vahe@live.ca>
-Yukang <moorekang@gmail.com>
-bronze1man <bronze1man@gmail.com>
-debrando <denis.brandolini@gmail.com>
-henrikedwards <henrik.edwards@gmail.com>
-铁哥 <guotie.9@gmail.com>
diff --git a/vendor/gopkg.in/fsnotify/fsnotify.v1/CHANGELOG.md b/vendor/gopkg.in/fsnotify/fsnotify.v1/CHANGELOG.md
deleted file mode 100644
index be4d7ea2c14..00000000000
--- a/vendor/gopkg.in/fsnotify/fsnotify.v1/CHANGELOG.md
+++ /dev/null
@@ -1,317 +0,0 @@
-# Changelog
-
-## v1.4.7 / 2018-01-09
-
-* BSD/macOS: Fix possible deadlock on closing the watcher on kqueue (thanks @nhooyr and @glycerine)
-* Tests: Fix missing verb on format string (thanks @rchiossi)
-* Linux: Fix deadlock in Remove (thanks @aarondl)
-* Linux: Watch.Add improvements (avoid race, fix consistency, reduce garbage) (thanks @twpayne)
-* Docs: Moved FAQ into the README (thanks @vahe)
-* Linux: Properly handle inotify's IN_Q_OVERFLOW event (thanks @zeldovich)
-* Docs: replace references to OS X with macOS
-
-## v1.4.2 / 2016-10-10
-
-* Linux: use InotifyInit1 with IN_CLOEXEC to stop leaking a file descriptor to a child process when using fork/exec [#178](https://github.com/fsnotify/fsnotify/pull/178) (thanks @pattyshack)
-
-## v1.4.1 / 2016-10-04
-
-* Fix flaky inotify stress test on Linux [#177](https://github.com/fsnotify/fsnotify/pull/177) (thanks @pattyshack)
-
-## v1.4.0 / 2016-10-01
-
-* add a String() method to Event.Op [#165](https://github.com/fsnotify/fsnotify/pull/165) (thanks @oozie)
-
-## v1.3.1 / 2016-06-28
-
-* Windows: fix for double backslash when watching the root of a drive [#151](https://github.com/fsnotify/fsnotify/issues/151) (thanks @brunoqc)
-
-## v1.3.0 / 2016-04-19
-
-* Support linux/arm64 by [patching](https://go-review.googlesource.com/#/c/21971/) x/sys/unix and switching to to it from syscall (thanks @suihkulokki) [#135](https://github.com/fsnotify/fsnotify/pull/135)
-
-## v1.2.10 / 2016-03-02
-
-* Fix golint errors in windows.go [#121](https://github.com/fsnotify/fsnotify/pull/121) (thanks @tiffanyfj)
-
-## v1.2.9 / 2016-01-13
-
-kqueue: Fix logic for CREATE after REMOVE [#111](https://github.com/fsnotify/fsnotify/pull/111) (thanks @bep)
-
-## v1.2.8 / 2015-12-17
-
-* kqueue: fix race condition in Close [#105](https://github.com/fsnotify/fsnotify/pull/105) (thanks @djui for reporting the issue and @ppknap for writing a failing test)
-* inotify: fix race in test
-* enable race detection for continuous integration (Linux, Mac, Windows)
-
-## v1.2.5 / 2015-10-17
-
-* inotify: use epoll_create1 for arm64 support (requires Linux 2.6.27 or later) [#100](https://github.com/fsnotify/fsnotify/pull/100) (thanks @suihkulokki)
-* inotify: fix path leaks [#73](https://github.com/fsnotify/fsnotify/pull/73) (thanks @chamaken)
-* kqueue: watch for rename events on subdirectories [#83](https://github.com/fsnotify/fsnotify/pull/83) (thanks @guotie)
-* kqueue: avoid infinite loops from symlinks cycles [#101](https://github.com/fsnotify/fsnotify/pull/101) (thanks @illicitonion)
-
-## v1.2.1 / 2015-10-14
-
-* kqueue: don't watch named pipes [#98](https://github.com/fsnotify/fsnotify/pull/98) (thanks @evanphx)
-
-## v1.2.0 / 2015-02-08
-
-* inotify: use epoll to wake up readEvents [#66](https://github.com/fsnotify/fsnotify/pull/66) (thanks @PieterD)
-* inotify: closing watcher should now always shut down goroutine [#63](https://github.com/fsnotify/fsnotify/pull/63) (thanks @PieterD)
-* kqueue: close kqueue after removing watches, fixes [#59](https://github.com/fsnotify/fsnotify/issues/59)
-
-## v1.1.1 / 2015-02-05
-
-* inotify: Retry read on EINTR [#61](https://github.com/fsnotify/fsnotify/issues/61) (thanks @PieterD)
-
-## v1.1.0 / 2014-12-12
-
-* kqueue: rework internals [#43](https://github.com/fsnotify/fsnotify/pull/43)
-    * add low-level functions
-    * only need to store flags on directories
-    * less mutexes [#13](https://github.com/fsnotify/fsnotify/issues/13)
-    * done can be an unbuffered channel
-    * remove calls to os.NewSyscallError
-* More efficient string concatenation for Event.String() [#52](https://github.com/fsnotify/fsnotify/pull/52) (thanks @mdlayher)
-* kqueue: fix regression in  rework causing subdirectories to be watched [#48](https://github.com/fsnotify/fsnotify/issues/48)
-* kqueue: cleanup internal watch before sending remove event [#51](https://github.com/fsnotify/fsnotify/issues/51)
-
-## v1.0.4 / 2014-09-07
-
-* kqueue: add dragonfly to the build tags.
-* Rename source code files, rearrange code so exported APIs are at the top.
-* Add done channel to example code. [#37](https://github.com/fsnotify/fsnotify/pull/37) (thanks @chenyukang)
-
-## v1.0.3 / 2014-08-19
-
-* [Fix] Windows MOVED_TO now translates to Create like on BSD and Linux. [#36](https://github.com/fsnotify/fsnotify/issues/36)
-
-## v1.0.2 / 2014-08-17
-
-* [Fix] Missing create events on macOS. [#14](https://github.com/fsnotify/fsnotify/issues/14) (thanks @zhsso)
-* [Fix] Make ./path and path equivalent. (thanks @zhsso)
-
-## v1.0.0 / 2014-08-15
-
-* [API] Remove AddWatch on Windows, use Add.
-* Improve documentation for exported identifiers. [#30](https://github.com/fsnotify/fsnotify/issues/30)
-* Minor updates based on feedback from golint.
-
-## dev / 2014-07-09
-
-* Moved to [github.com/fsnotify/fsnotify](https://github.com/fsnotify/fsnotify).
-* Use os.NewSyscallError instead of returning errno (thanks @hariharan-uno)
-
-## dev / 2014-07-04
-
-* kqueue: fix incorrect mutex used in Close()
-* Update example to demonstrate usage of Op.
-
-## dev / 2014-06-28
-
-* [API] Don't set the Write Op for attribute notifications [#4](https://github.com/fsnotify/fsnotify/issues/4)
-* Fix for String() method on Event (thanks Alex Brainman)
-* Don't build on Plan 9 or Solaris (thanks @4ad)
-
-## dev / 2014-06-21
-
-* Events channel of type Event rather than *Event.
-* [internal] use syscall constants directly for inotify and kqueue.
-* [internal] kqueue: rename events to kevents and fileEvent to event.
-
-## dev / 2014-06-19
-
-* Go 1.3+ required on Windows (uses syscall.ERROR_MORE_DATA internally).
-* [internal] remove cookie from Event struct (unused).
-* [internal] Event struct has the same definition across every OS.
-* [internal] remove internal watch and removeWatch methods.
-
-## dev / 2014-06-12
-
-* [API] Renamed Watch() to Add() and RemoveWatch() to Remove().
-* [API] Pluralized channel names: Events and Errors.
-* [API] Renamed FileEvent struct to Event.
-* [API] Op constants replace methods like IsCreate().
-
-## dev / 2014-06-12
-
-* Fix data race on kevent buffer (thanks @tilaks) [#98](https://github.com/howeyc/fsnotify/pull/98)
-
-## dev / 2014-05-23
-
-* [API] Remove current implementation of WatchFlags.
-    * current implementation doesn't take advantage of OS for efficiency
-    * provides little benefit over filtering events as they are received, but has  extra bookkeeping and mutexes
-    * no tests for the current implementation
-    * not fully implemented on Windows [#93](https://github.com/howeyc/fsnotify/issues/93#issuecomment-39285195)
-
-## v0.9.3 / 2014-12-31
-
-* kqueue: cleanup internal watch before sending remove event [#51](https://github.com/fsnotify/fsnotify/issues/51)
-
-## v0.9.2 / 2014-08-17
-
-* [Backport] Fix missing create events on macOS. [#14](https://github.com/fsnotify/fsnotify/issues/14) (thanks @zhsso)
-
-## v0.9.1 / 2014-06-12
-
-* Fix data race on kevent buffer (thanks @tilaks) [#98](https://github.com/howeyc/fsnotify/pull/98)
-
-## v0.9.0 / 2014-01-17
-
-* IsAttrib() for events that only concern a file's metadata [#79][] (thanks @abustany)
-* [Fix] kqueue: fix deadlock [#77][] (thanks @cespare)
-* [NOTICE] Development has moved to `code.google.com/p/go.exp/fsnotify` in preparation for inclusion in the Go standard library.
-
-## v0.8.12 / 2013-11-13
-
-* [API] Remove FD_SET and friends from Linux adapter
-
-## v0.8.11 / 2013-11-02
-
-* [Doc] Add Changelog [#72][] (thanks @nathany)
-* [Doc] Spotlight and double modify events on macOS [#62][] (reported by @paulhammond)
-
-## v0.8.10 / 2013-10-19
-
-* [Fix] kqueue: remove file watches when parent directory is removed [#71][] (reported by @mdwhatcott)
-* [Fix] kqueue: race between Close and readEvents [#70][] (reported by @bernerdschaefer)
-* [Doc] specify OS-specific limits in README (thanks @debrando)
-
-## v0.8.9 / 2013-09-08
-
-* [Doc] Contributing (thanks @nathany)
-* [Doc] update package path in example code [#63][] (thanks @paulhammond)
-* [Doc] GoCI badge in README (Linux only) [#60][]
-* [Doc] Cross-platform testing with Vagrant  [#59][] (thanks @nathany)
-
-## v0.8.8 / 2013-06-17
-
-* [Fix] Windows: handle `ERROR_MORE_DATA` on Windows [#49][] (thanks @jbowtie)
-
-## v0.8.7 / 2013-06-03
-
-* [API] Make syscall flags internal
-* [Fix] inotify: ignore event changes
-* [Fix] race in symlink test [#45][] (reported by @srid)
-* [Fix] tests on Windows
-* lower case error messages
-
-## v0.8.6 / 2013-05-23
-
-* kqueue: Use EVT_ONLY flag on Darwin
-* [Doc] Update README with full example
-
-## v0.8.5 / 2013-05-09
-
-* [Fix] inotify: allow monitoring of "broken" symlinks (thanks @tsg)
-
-## v0.8.4 / 2013-04-07
-
-* [Fix] kqueue: watch all file events [#40][] (thanks @ChrisBuchholz)
-
-## v0.8.3 / 2013-03-13
-
-* [Fix] inoitfy/kqueue memory leak [#36][] (reported by @nbkolchin)
-* [Fix] kqueue: use fsnFlags for watching a directory [#33][] (reported by @nbkolchin)
-
-## v0.8.2 / 2013-02-07
-
-* [Doc] add Authors
-* [Fix] fix data races for map access [#29][] (thanks @fsouza)
-
-## v0.8.1 / 2013-01-09
-
-* [Fix] Windows path separators
-* [Doc] BSD License
-
-## v0.8.0 / 2012-11-09
-
-* kqueue: directory watching improvements (thanks @vmirage)
-* inotify: add `IN_MOVED_TO` [#25][] (requested by @cpisto)
-* [Fix] kqueue: deleting watched directory [#24][] (reported by @jakerr)
-
-## v0.7.4 / 2012-10-09
-
-* [Fix] inotify: fixes from https://codereview.appspot.com/5418045/ (ugorji)
-* [Fix] kqueue: preserve watch flags when watching for delete [#21][] (reported by @robfig)
-* [Fix] kqueue: watch the directory even if it isn't a new watch (thanks @robfig)
-* [Fix] kqueue: modify after recreation of file
-
-## v0.7.3 / 2012-09-27
-
-* [Fix] kqueue: watch with an existing folder inside the watched folder (thanks @vmirage)
-* [Fix] kqueue: no longer get duplicate CREATE events
-
-## v0.7.2 / 2012-09-01
-
-* kqueue: events for created directories
-
-## v0.7.1 / 2012-07-14
-
-* [Fix] for renaming files
-
-## v0.7.0 / 2012-07-02
-
-* [Feature] FSNotify flags
-* [Fix] inotify: Added file name back to event path
-
-## v0.6.0 / 2012-06-06
-
-* kqueue: watch files after directory created (thanks @tmc)
-
-## v0.5.1 / 2012-05-22
-
-* [Fix] inotify: remove all watches before Close()
-
-## v0.5.0 / 2012-05-03
-
-* [API] kqueue: return errors during watch instead of sending over channel
-* kqueue: match symlink behavior on Linux
-* inotify: add `DELETE_SELF` (requested by @taralx)
-* [Fix] kqueue: handle EINTR (reported by @robfig)
-* [Doc] Godoc example [#1][] (thanks @davecheney)
-
-## v0.4.0 / 2012-03-30
-
-* Go 1 released: build with go tool
-* [Feature] Windows support using winfsnotify
-* Windows does not have attribute change notifications
-* Roll attribute notifications into IsModify
-
-## v0.3.0 / 2012-02-19
-
-* kqueue: add files when watch directory
-
-## v0.2.0 / 2011-12-30
-
-* update to latest Go weekly code
-
-## v0.1.0 / 2011-10-19
-
-* kqueue: add watch on file creation to match inotify
-* kqueue: create file event
-* inotify: ignore `IN_IGNORED` events
-* event String()
-* linux: common FileEvent functions
-* initial commit
-
-[#79]: https://github.com/howeyc/fsnotify/pull/79
-[#77]: https://github.com/howeyc/fsnotify/pull/77
-[#72]: https://github.com/howeyc/fsnotify/issues/72
-[#71]: https://github.com/howeyc/fsnotify/issues/71
-[#70]: https://github.com/howeyc/fsnotify/issues/70
-[#63]: https://github.com/howeyc/fsnotify/issues/63
-[#62]: https://github.com/howeyc/fsnotify/issues/62
-[#60]: https://github.com/howeyc/fsnotify/issues/60
-[#59]: https://github.com/howeyc/fsnotify/issues/59
-[#49]: https://github.com/howeyc/fsnotify/issues/49
-[#45]: https://github.com/howeyc/fsnotify/issues/45
-[#40]: https://github.com/howeyc/fsnotify/issues/40
-[#36]: https://github.com/howeyc/fsnotify/issues/36
-[#33]: https://github.com/howeyc/fsnotify/issues/33
-[#29]: https://github.com/howeyc/fsnotify/issues/29
-[#25]: https://github.com/howeyc/fsnotify/issues/25
-[#24]: https://github.com/howeyc/fsnotify/issues/24
-[#21]: https://github.com/howeyc/fsnotify/issues/21
diff --git a/vendor/gopkg.in/fsnotify/fsnotify.v1/CONTRIBUTING.md b/vendor/gopkg.in/fsnotify/fsnotify.v1/CONTRIBUTING.md
deleted file mode 100644
index 828a60b24ba..00000000000
--- a/vendor/gopkg.in/fsnotify/fsnotify.v1/CONTRIBUTING.md
+++ /dev/null
@@ -1,77 +0,0 @@
-# Contributing
-
-## Issues
-
-* Request features and report bugs using the [GitHub Issue Tracker](https://github.com/fsnotify/fsnotify/issues).
-* Please indicate the platform you are using fsnotify on.
-* A code example to reproduce the problem is appreciated.
-
-## Pull Requests
-
-### Contributor License Agreement
-
-fsnotify is derived from code in the [golang.org/x/exp](https://godoc.org/golang.org/x/exp) package and it may be included [in the standard library](https://github.com/fsnotify/fsnotify/issues/1) in the future. Therefore fsnotify carries the same [LICENSE](https://github.com/fsnotify/fsnotify/blob/master/LICENSE) as Go. Contributors retain their copyright, so you need to fill out a short form before we can accept your contribution: [Google Individual Contributor License Agreement](https://developers.google.com/open-source/cla/individual).
-
-Please indicate that you have signed the CLA in your pull request.
-
-### How fsnotify is Developed
-
-* Development is done on feature branches.
-* Tests are run on BSD, Linux, macOS and Windows.
-* Pull requests are reviewed and [applied to master][am] using [hub][].
-  * Maintainers may modify or squash commits rather than asking contributors to.
-* To issue a new release, the maintainers will:
-  * Update the CHANGELOG
-  * Tag a version, which will become available through gopkg.in.
- 
-### How to Fork
-
-For smooth sailing, always use the original import path. Installing with `go get` makes this easy. 
-
-1. Install from GitHub (`go get -u github.com/fsnotify/fsnotify`)
-2. Create your feature branch (`git checkout -b my-new-feature`)
-3. Ensure everything works and the tests pass (see below)
-4. Commit your changes (`git commit -am 'Add some feature'`)
-
-Contribute upstream:
-
-1. Fork fsnotify on GitHub
-2. Add your remote (`git remote add fork git@github.com:mycompany/repo.git`)
-3. Push to the branch (`git push fork my-new-feature`)
-4. Create a new Pull Request on GitHub
-
-This workflow is [thoroughly explained by Katrina Owen](https://splice.com/blog/contributing-open-source-git-repositories-go/).
-
-### Testing
-
-fsnotify uses build tags to compile different code on Linux, BSD, macOS, and Windows.
-
-Before doing a pull request, please do your best to test your changes on multiple platforms, and list which platforms you were able/unable to test on.
-
-To aid in cross-platform testing there is a Vagrantfile for Linux and BSD.
-
-* Install [Vagrant](http://www.vagrantup.com/) and [VirtualBox](https://www.virtualbox.org/)
-* Setup [Vagrant Gopher](https://github.com/nathany/vagrant-gopher) in your `src` folder.
-* Run `vagrant up` from the project folder. You can also setup just one box with `vagrant up linux` or `vagrant up bsd` (note: the BSD box doesn't support Windows hosts at this time, and NFS may prompt for your host OS password)
-* Once setup, you can run the test suite on a given OS with a single command `vagrant ssh linux -c 'cd fsnotify/fsnotify; go test'`.
-* When you're done, you will want to halt or destroy the Vagrant boxes.
-
-Notice: fsnotify file system events won't trigger in shared folders. The tests get around this limitation by using the /tmp directory.
-
-Right now there is no equivalent solution for Windows and macOS, but there are Windows VMs [freely available from Microsoft](http://www.modern.ie/en-us/virtualization-tools#downloads).
-
-### Maintainers
-
-Help maintaining fsnotify is welcome. To be a maintainer:
-
-* Submit a pull request and sign the CLA as above.
-* You must be able to run the test suite on Mac, Windows, Linux and BSD.
-
-To keep master clean, the fsnotify project uses the "apply mail" workflow outlined in Nathaniel Talbott's post ["Merge pull request" Considered Harmful][am]. This requires installing [hub][].
-
-All code changes should be internal pull requests.
-
-Releases are tagged using [Semantic Versioning](http://semver.org/).
-
-[hub]: https://github.com/github/hub
-[am]: http://blog.spreedly.com/2014/06/24/merge-pull-request-considered-harmful/#.VGa5yZPF_Zs
diff --git a/vendor/gopkg.in/fsnotify/fsnotify.v1/LICENSE b/vendor/gopkg.in/fsnotify/fsnotify.v1/LICENSE
deleted file mode 100644
index f21e5408009..00000000000
--- a/vendor/gopkg.in/fsnotify/fsnotify.v1/LICENSE
+++ /dev/null
@@ -1,28 +0,0 @@
-Copyright (c) 2012 The Go Authors. All rights reserved.
-Copyright (c) 2012 fsnotify Authors. All rights reserved.
-
-Redistribution and use in source and binary forms, with or without
-modification, are permitted provided that the following conditions are
-met:
-
-   * Redistributions of source code must retain the above copyright
-notice, this list of conditions and the following disclaimer.
-   * Redistributions in binary form must reproduce the above
-copyright notice, this list of conditions and the following disclaimer
-in the documentation and/or other materials provided with the
-distribution.
-   * Neither the name of Google Inc. nor the names of its
-contributors may be used to endorse or promote products derived from
-this software without specific prior written permission.
-
-THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
-"AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
-LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
-A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
-OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
-SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
-LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
-DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
-THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
-(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
-OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
diff --git a/vendor/gopkg.in/fsnotify/fsnotify.v1/README.md b/vendor/gopkg.in/fsnotify/fsnotify.v1/README.md
deleted file mode 100644
index 3993207413a..00000000000
--- a/vendor/gopkg.in/fsnotify/fsnotify.v1/README.md
+++ /dev/null
@@ -1,79 +0,0 @@
-# File system notifications for Go
-
-[![GoDoc](https://godoc.org/github.com/fsnotify/fsnotify?status.svg)](https://godoc.org/github.com/fsnotify/fsnotify) [![Go Report Card](https://goreportcard.com/badge/github.com/fsnotify/fsnotify)](https://goreportcard.com/report/github.com/fsnotify/fsnotify)
-
-fsnotify utilizes [golang.org/x/sys](https://godoc.org/golang.org/x/sys) rather than `syscall` from the standard library. Ensure you have the latest version installed by running:
-
-```console
-go get -u golang.org/x/sys/...
-```
-
-Cross platform: Windows, Linux, BSD and macOS.
-
-|Adapter   |OS        |Status    |
-|----------|----------|----------|
-|inotify   |Linux 2.6.27 or later, Android\*|Supported [![Build Status](https://travis-ci.org/fsnotify/fsnotify.svg?branch=master)](https://travis-ci.org/fsnotify/fsnotify)|
-|kqueue    |BSD, macOS, iOS\*|Supported [![Build Status](https://travis-ci.org/fsnotify/fsnotify.svg?branch=master)](https://travis-ci.org/fsnotify/fsnotify)|
-|ReadDirectoryChangesW|Windows|Supported [![Build status](https://ci.appveyor.com/api/projects/status/ivwjubaih4r0udeh/branch/master?svg=true)](https://ci.appveyor.com/project/NathanYoungman/fsnotify/branch/master)|
-|FSEvents  |macOS         |[Planned](https://github.com/fsnotify/fsnotify/issues/11)|
-|FEN       |Solaris 11    |[In Progress](https://github.com/fsnotify/fsnotify/issues/12)|
-|fanotify  |Linux 2.6.37+ | |
-|USN Journals |Windows    |[Maybe](https://github.com/fsnotify/fsnotify/issues/53)|
-|Polling   |*All*         |[Maybe](https://github.com/fsnotify/fsnotify/issues/9)|
-
-\* Android and iOS are untested.
-
-Please see [the documentation](https://godoc.org/github.com/fsnotify/fsnotify) and consult the [FAQ](#faq) for usage information.
-
-## API stability
-
-fsnotify is a fork of [howeyc/fsnotify](https://godoc.org/github.com/howeyc/fsnotify) with a new API as of v1.0. The API is based on [this design document](http://goo.gl/MrYxyA). 
-
-All [releases](https://github.com/fsnotify/fsnotify/releases) are tagged based on [Semantic Versioning](http://semver.org/). Further API changes are [planned](https://github.com/fsnotify/fsnotify/milestones), and will be tagged with a new major revision number.
-
-Go 1.6 supports dependencies located in the `vendor/` folder. Unless you are creating a library, it is recommended that you copy fsnotify into `vendor/github.com/fsnotify/fsnotify` within your project, and likewise for `golang.org/x/sys`.
-
-## Contributing
-
-Please refer to [CONTRIBUTING][] before opening an issue or pull request.
-
-## Example
-
-See [example_test.go](https://github.com/fsnotify/fsnotify/blob/master/example_test.go).
-
-## FAQ
-
-**When a file is moved to another directory is it still being watched?**
-
-No (it shouldn't be, unless you are watching where it was moved to).
-
-**When I watch a directory, are all subdirectories watched as well?**
-
-No, you must add watches for any directory you want to watch (a recursive watcher is on the roadmap [#18][]).
-
-**Do I have to watch the Error and Event channels in a separate goroutine?**
-
-As of now, yes. Looking into making this single-thread friendly (see [howeyc #7][#7])
-
-**Why am I receiving multiple events for the same file on OS X?**
-
-Spotlight indexing on OS X can result in multiple events (see [howeyc #62][#62]). A temporary workaround is to add your folder(s) to the *Spotlight Privacy settings* until we have a native FSEvents implementation (see [#11][]).
-
-**How many files can be watched at once?**
-
-There are OS-specific limits as to how many watches can be created:
-* Linux: /proc/sys/fs/inotify/max_user_watches contains the limit, reaching this limit results in a "no space left on device" error.
-* BSD / OSX: sysctl variables "kern.maxfiles" and "kern.maxfilesperproc", reaching these limits results in a "too many open files" error.
-
-[#62]: https://github.com/howeyc/fsnotify/issues/62
-[#18]: https://github.com/fsnotify/fsnotify/issues/18
-[#11]: https://github.com/fsnotify/fsnotify/issues/11
-[#7]: https://github.com/howeyc/fsnotify/issues/7
-
-[contributing]: https://github.com/fsnotify/fsnotify/blob/master/CONTRIBUTING.md
-
-## Related Projects
-
-* [notify](https://github.com/rjeczalik/notify)
-* [fsevents](https://github.com/fsnotify/fsevents)
-
diff --git a/vendor/gopkg.in/fsnotify/fsnotify.v1/fen.go b/vendor/gopkg.in/fsnotify/fsnotify.v1/fen.go
deleted file mode 100644
index ced39cb881e..00000000000
--- a/vendor/gopkg.in/fsnotify/fsnotify.v1/fen.go
+++ /dev/null
@@ -1,37 +0,0 @@
-// Copyright 2010 The Go Authors. All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-// +build solaris
-
-package fsnotify
-
-import (
-	"errors"
-)
-
-// Watcher watches a set of files, delivering events to a channel.
-type Watcher struct {
-	Events chan Event
-	Errors chan error
-}
-
-// NewWatcher establishes a new watcher with the underlying OS and begins waiting for events.
-func NewWatcher() (*Watcher, error) {
-	return nil, errors.New("FEN based watcher not yet supported for fsnotify\n")
-}
-
-// Close removes all watches and closes the events channel.
-func (w *Watcher) Close() error {
-	return nil
-}
-
-// Add starts watching the named file or directory (non-recursively).
-func (w *Watcher) Add(name string) error {
-	return nil
-}
-
-// Remove stops watching the the named file or directory (non-recursively).
-func (w *Watcher) Remove(name string) error {
-	return nil
-}
diff --git a/vendor/gopkg.in/fsnotify/fsnotify.v1/fsnotify.go b/vendor/gopkg.in/fsnotify/fsnotify.v1/fsnotify.go
deleted file mode 100644
index 190bf0de575..00000000000
--- a/vendor/gopkg.in/fsnotify/fsnotify.v1/fsnotify.go
+++ /dev/null
@@ -1,66 +0,0 @@
-// Copyright 2012 The Go Authors. All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-// +build !plan9
-
-// Package fsnotify provides a platform-independent interface for file system notifications.
-package fsnotify
-
-import (
-	"bytes"
-	"errors"
-	"fmt"
-)
-
-// Event represents a single file system notification.
-type Event struct {
-	Name string // Relative path to the file or directory.
-	Op   Op     // File operation that triggered the event.
-}
-
-// Op describes a set of file operations.
-type Op uint32
-
-// These are the generalized file operations that can trigger a notification.
-const (
-	Create Op = 1 << iota
-	Write
-	Remove
-	Rename
-	Chmod
-)
-
-func (op Op) String() string {
-	// Use a buffer for efficient string concatenation
-	var buffer bytes.Buffer
-
-	if op&Create == Create {
-		buffer.WriteString("|CREATE")
-	}
-	if op&Remove == Remove {
-		buffer.WriteString("|REMOVE")
-	}
-	if op&Write == Write {
-		buffer.WriteString("|WRITE")
-	}
-	if op&Rename == Rename {
-		buffer.WriteString("|RENAME")
-	}
-	if op&Chmod == Chmod {
-		buffer.WriteString("|CHMOD")
-	}
-	if buffer.Len() == 0 {
-		return ""
-	}
-	return buffer.String()[1:] // Strip leading pipe
-}
-
-// String returns a string representation of the event in the form
-// "file: REMOVE|WRITE|..."
-func (e Event) String() string {
-	return fmt.Sprintf("%q: %s", e.Name, e.Op.String())
-}
-
-// Common errors that can be reported by a watcher
-var ErrEventOverflow = errors.New("fsnotify queue overflow")
diff --git a/vendor/gopkg.in/fsnotify/fsnotify.v1/inotify.go b/vendor/gopkg.in/fsnotify/fsnotify.v1/inotify.go
deleted file mode 100644
index d9fd1b88a05..00000000000
--- a/vendor/gopkg.in/fsnotify/fsnotify.v1/inotify.go
+++ /dev/null
@@ -1,337 +0,0 @@
-// Copyright 2010 The Go Authors. All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-// +build linux
-
-package fsnotify
-
-import (
-	"errors"
-	"fmt"
-	"io"
-	"os"
-	"path/filepath"
-	"strings"
-	"sync"
-	"unsafe"
-
-	"golang.org/x/sys/unix"
-)
-
-// Watcher watches a set of files, delivering events to a channel.
-type Watcher struct {
-	Events   chan Event
-	Errors   chan error
-	mu       sync.Mutex // Map access
-	fd       int
-	poller   *fdPoller
-	watches  map[string]*watch // Map of inotify watches (key: path)
-	paths    map[int]string    // Map of watched paths (key: watch descriptor)
-	done     chan struct{}     // Channel for sending a "quit message" to the reader goroutine
-	doneResp chan struct{}     // Channel to respond to Close
-}
-
-// NewWatcher establishes a new watcher with the underlying OS and begins waiting for events.
-func NewWatcher() (*Watcher, error) {
-	// Create inotify fd
-	fd, errno := unix.InotifyInit1(unix.IN_CLOEXEC)
-	if fd == -1 {
-		return nil, errno
-	}
-	// Create epoll
-	poller, err := newFdPoller(fd)
-	if err != nil {
-		unix.Close(fd)
-		return nil, err
-	}
-	w := &Watcher{
-		fd:       fd,
-		poller:   poller,
-		watches:  make(map[string]*watch),
-		paths:    make(map[int]string),
-		Events:   make(chan Event),
-		Errors:   make(chan error),
-		done:     make(chan struct{}),
-		doneResp: make(chan struct{}),
-	}
-
-	go w.readEvents()
-	return w, nil
-}
-
-func (w *Watcher) isClosed() bool {
-	select {
-	case <-w.done:
-		return true
-	default:
-		return false
-	}
-}
-
-// Close removes all watches and closes the events channel.
-func (w *Watcher) Close() error {
-	if w.isClosed() {
-		return nil
-	}
-
-	// Send 'close' signal to goroutine, and set the Watcher to closed.
-	close(w.done)
-
-	// Wake up goroutine
-	w.poller.wake()
-
-	// Wait for goroutine to close
-	<-w.doneResp
-
-	return nil
-}
-
-// Add starts watching the named file or directory (non-recursively).
-func (w *Watcher) Add(name string) error {
-	name = filepath.Clean(name)
-	if w.isClosed() {
-		return errors.New("inotify instance already closed")
-	}
-
-	const agnosticEvents = unix.IN_MOVED_TO | unix.IN_MOVED_FROM |
-		unix.IN_CREATE | unix.IN_ATTRIB | unix.IN_MODIFY |
-		unix.IN_MOVE_SELF | unix.IN_DELETE | unix.IN_DELETE_SELF
-
-	var flags uint32 = agnosticEvents
-
-	w.mu.Lock()
-	defer w.mu.Unlock()
-	watchEntry := w.watches[name]
-	if watchEntry != nil {
-		flags |= watchEntry.flags | unix.IN_MASK_ADD
-	}
-	wd, errno := unix.InotifyAddWatch(w.fd, name, flags)
-	if wd == -1 {
-		return errno
-	}
-
-	if watchEntry == nil {
-		w.watches[name] = &watch{wd: uint32(wd), flags: flags}
-		w.paths[wd] = name
-	} else {
-		watchEntry.wd = uint32(wd)
-		watchEntry.flags = flags
-	}
-
-	return nil
-}
-
-// Remove stops watching the named file or directory (non-recursively).
-func (w *Watcher) Remove(name string) error {
-	name = filepath.Clean(name)
-
-	// Fetch the watch.
-	w.mu.Lock()
-	defer w.mu.Unlock()
-	watch, ok := w.watches[name]
-
-	// Remove it from inotify.
-	if !ok {
-		return fmt.Errorf("can't remove non-existent inotify watch for: %s", name)
-	}
-
-	// We successfully removed the watch if InotifyRmWatch doesn't return an
-	// error, we need to clean up our internal state to ensure it matches
-	// inotify's kernel state.
-	delete(w.paths, int(watch.wd))
-	delete(w.watches, name)
-
-	// inotify_rm_watch will return EINVAL if the file has been deleted;
-	// the inotify will already have been removed.
-	// watches and pathes are deleted in ignoreLinux() implicitly and asynchronously
-	// by calling inotify_rm_watch() below. e.g. readEvents() goroutine receives IN_IGNORE
-	// so that EINVAL means that the wd is being rm_watch()ed or its file removed
-	// by another thread and we have not received IN_IGNORE event.
-	success, errno := unix.InotifyRmWatch(w.fd, watch.wd)
-	if success == -1 {
-		// TODO: Perhaps it's not helpful to return an error here in every case.
-		// the only two possible errors are:
-		// EBADF, which happens when w.fd is not a valid file descriptor of any kind.
-		// EINVAL, which is when fd is not an inotify descriptor or wd is not a valid watch descriptor.
-		// Watch descriptors are invalidated when they are removed explicitly or implicitly;
-		// explicitly by inotify_rm_watch, implicitly when the file they are watching is deleted.
-		return errno
-	}
-
-	return nil
-}
-
-type watch struct {
-	wd    uint32 // Watch descriptor (as returned by the inotify_add_watch() syscall)
-	flags uint32 // inotify flags of this watch (see inotify(7) for the list of valid flags)
-}
-
-// readEvents reads from the inotify file descriptor, converts the
-// received events into Event objects and sends them via the Events channel
-func (w *Watcher) readEvents() {
-	var (
-		buf   [unix.SizeofInotifyEvent * 4096]byte // Buffer for a maximum of 4096 raw events
-		n     int                                  // Number of bytes read with read()
-		errno error                                // Syscall errno
-		ok    bool                                 // For poller.wait
-	)
-
-	defer close(w.doneResp)
-	defer close(w.Errors)
-	defer close(w.Events)
-	defer unix.Close(w.fd)
-	defer w.poller.close()
-
-	for {
-		// See if we have been closed.
-		if w.isClosed() {
-			return
-		}
-
-		ok, errno = w.poller.wait()
-		if errno != nil {
-			select {
-			case w.Errors <- errno:
-			case <-w.done:
-				return
-			}
-			continue
-		}
-
-		if !ok {
-			continue
-		}
-
-		n, errno = unix.Read(w.fd, buf[:])
-		// If a signal interrupted execution, see if we've been asked to close, and try again.
-		// http://man7.org/linux/man-pages/man7/signal.7.html :
-		// "Before Linux 3.8, reads from an inotify(7) file descriptor were not restartable"
-		if errno == unix.EINTR {
-			continue
-		}
-
-		// unix.Read might have been woken up by Close. If so, we're done.
-		if w.isClosed() {
-			return
-		}
-
-		if n < unix.SizeofInotifyEvent {
-			var err error
-			if n == 0 {
-				// If EOF is received. This should really never happen.
-				err = io.EOF
-			} else if n < 0 {
-				// If an error occurred while reading.
-				err = errno
-			} else {
-				// Read was too short.
-				err = errors.New("notify: short read in readEvents()")
-			}
-			select {
-			case w.Errors <- err:
-			case <-w.done:
-				return
-			}
-			continue
-		}
-
-		var offset uint32
-		// We don't know how many events we just read into the buffer
-		// While the offset points to at least one whole event...
-		for offset <= uint32(n-unix.SizeofInotifyEvent) {
-			// Point "raw" to the event in the buffer
-			raw := (*unix.InotifyEvent)(unsafe.Pointer(&buf[offset]))
-
-			mask := uint32(raw.Mask)
-			nameLen := uint32(raw.Len)
-
-			if mask&unix.IN_Q_OVERFLOW != 0 {
-				select {
-				case w.Errors <- ErrEventOverflow:
-				case <-w.done:
-					return
-				}
-			}
-
-			// If the event happened to the watched directory or the watched file, the kernel
-			// doesn't append the filename to the event, but we would like to always fill the
-			// the "Name" field with a valid filename. We retrieve the path of the watch from
-			// the "paths" map.
-			w.mu.Lock()
-			name, ok := w.paths[int(raw.Wd)]
-			// IN_DELETE_SELF occurs when the file/directory being watched is removed.
-			// This is a sign to clean up the maps, otherwise we are no longer in sync
-			// with the inotify kernel state which has already deleted the watch
-			// automatically.
-			if ok && mask&unix.IN_DELETE_SELF == unix.IN_DELETE_SELF {
-				delete(w.paths, int(raw.Wd))
-				delete(w.watches, name)
-			}
-			w.mu.Unlock()
-
-			if nameLen > 0 {
-				// Point "bytes" at the first byte of the filename
-				bytes := (*[unix.PathMax]byte)(unsafe.Pointer(&buf[offset+unix.SizeofInotifyEvent]))
-				// The filename is padded with NULL bytes. TrimRight() gets rid of those.
-				name += "/" + strings.TrimRight(string(bytes[0:nameLen]), "\000")
-			}
-
-			event := newEvent(name, mask)
-
-			// Send the events that are not ignored on the events channel
-			if !event.ignoreLinux(mask) {
-				select {
-				case w.Events <- event:
-				case <-w.done:
-					return
-				}
-			}
-
-			// Move to the next event in the buffer
-			offset += unix.SizeofInotifyEvent + nameLen
-		}
-	}
-}
-
-// Certain types of events can be "ignored" and not sent over the Events
-// channel. Such as events marked ignore by the kernel, or MODIFY events
-// against files that do not exist.
-func (e *Event) ignoreLinux(mask uint32) bool {
-	// Ignore anything the inotify API says to ignore
-	if mask&unix.IN_IGNORED == unix.IN_IGNORED {
-		return true
-	}
-
-	// If the event is not a DELETE or RENAME, the file must exist.
-	// Otherwise the event is ignored.
-	// *Note*: this was put in place because it was seen that a MODIFY
-	// event was sent after the DELETE. This ignores that MODIFY and
-	// assumes a DELETE will come or has come if the file doesn't exist.
-	if !(e.Op&Remove == Remove || e.Op&Rename == Rename) {
-		_, statErr := os.Lstat(e.Name)
-		return os.IsNotExist(statErr)
-	}
-	return false
-}
-
-// newEvent returns an platform-independent Event based on an inotify mask.
-func newEvent(name string, mask uint32) Event {
-	e := Event{Name: name}
-	if mask&unix.IN_CREATE == unix.IN_CREATE || mask&unix.IN_MOVED_TO == unix.IN_MOVED_TO {
-		e.Op |= Create
-	}
-	if mask&unix.IN_DELETE_SELF == unix.IN_DELETE_SELF || mask&unix.IN_DELETE == unix.IN_DELETE {
-		e.Op |= Remove
-	}
-	if mask&unix.IN_MODIFY == unix.IN_MODIFY {
-		e.Op |= Write
-	}
-	if mask&unix.IN_MOVE_SELF == unix.IN_MOVE_SELF || mask&unix.IN_MOVED_FROM == unix.IN_MOVED_FROM {
-		e.Op |= Rename
-	}
-	if mask&unix.IN_ATTRIB == unix.IN_ATTRIB {
-		e.Op |= Chmod
-	}
-	return e
-}
diff --git a/vendor/gopkg.in/fsnotify/fsnotify.v1/inotify_poller.go b/vendor/gopkg.in/fsnotify/fsnotify.v1/inotify_poller.go
deleted file mode 100644
index cc7db4b22ef..00000000000
--- a/vendor/gopkg.in/fsnotify/fsnotify.v1/inotify_poller.go
+++ /dev/null
@@ -1,187 +0,0 @@
-// Copyright 2015 The Go Authors. All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-// +build linux
-
-package fsnotify
-
-import (
-	"errors"
-
-	"golang.org/x/sys/unix"
-)
-
-type fdPoller struct {
-	fd   int    // File descriptor (as returned by the inotify_init() syscall)
-	epfd int    // Epoll file descriptor
-	pipe [2]int // Pipe for waking up
-}
-
-func emptyPoller(fd int) *fdPoller {
-	poller := new(fdPoller)
-	poller.fd = fd
-	poller.epfd = -1
-	poller.pipe[0] = -1
-	poller.pipe[1] = -1
-	return poller
-}
-
-// Create a new inotify poller.
-// This creates an inotify handler, and an epoll handler.
-func newFdPoller(fd int) (*fdPoller, error) {
-	var errno error
-	poller := emptyPoller(fd)
-	defer func() {
-		if errno != nil {
-			poller.close()
-		}
-	}()
-	poller.fd = fd
-
-	// Create epoll fd
-	poller.epfd, errno = unix.EpollCreate1(0)
-	if poller.epfd == -1 {
-		return nil, errno
-	}
-	// Create pipe; pipe[0] is the read end, pipe[1] the write end.
-	errno = unix.Pipe2(poller.pipe[:], unix.O_NONBLOCK)
-	if errno != nil {
-		return nil, errno
-	}
-
-	// Register inotify fd with epoll
-	event := unix.EpollEvent{
-		Fd:     int32(poller.fd),
-		Events: unix.EPOLLIN,
-	}
-	errno = unix.EpollCtl(poller.epfd, unix.EPOLL_CTL_ADD, poller.fd, &event)
-	if errno != nil {
-		return nil, errno
-	}
-
-	// Register pipe fd with epoll
-	event = unix.EpollEvent{
-		Fd:     int32(poller.pipe[0]),
-		Events: unix.EPOLLIN,
-	}
-	errno = unix.EpollCtl(poller.epfd, unix.EPOLL_CTL_ADD, poller.pipe[0], &event)
-	if errno != nil {
-		return nil, errno
-	}
-
-	return poller, nil
-}
-
-// Wait using epoll.
-// Returns true if something is ready to be read,
-// false if there is not.
-func (poller *fdPoller) wait() (bool, error) {
-	// 3 possible events per fd, and 2 fds, makes a maximum of 6 events.
-	// I don't know whether epoll_wait returns the number of events returned,
-	// or the total number of events ready.
-	// I decided to catch both by making the buffer one larger than the maximum.
-	events := make([]unix.EpollEvent, 7)
-	for {
-		n, errno := unix.EpollWait(poller.epfd, events, -1)
-		if n == -1 {
-			if errno == unix.EINTR {
-				continue
-			}
-			return false, errno
-		}
-		if n == 0 {
-			// If there are no events, try again.
-			continue
-		}
-		if n > 6 {
-			// This should never happen. More events were returned than should be possible.
-			return false, errors.New("epoll_wait returned more events than I know what to do with")
-		}
-		ready := events[:n]
-		epollhup := false
-		epollerr := false
-		epollin := false
-		for _, event := range ready {
-			if event.Fd == int32(poller.fd) {
-				if event.Events&unix.EPOLLHUP != 0 {
-					// This should not happen, but if it does, treat it as a wakeup.
-					epollhup = true
-				}
-				if event.Events&unix.EPOLLERR != 0 {
-					// If an error is waiting on the file descriptor, we should pretend
-					// something is ready to read, and let unix.Read pick up the error.
-					epollerr = true
-				}
-				if event.Events&unix.EPOLLIN != 0 {
-					// There is data to read.
-					epollin = true
-				}
-			}
-			if event.Fd == int32(poller.pipe[0]) {
-				if event.Events&unix.EPOLLHUP != 0 {
-					// Write pipe descriptor was closed, by us. This means we're closing down the
-					// watcher, and we should wake up.
-				}
-				if event.Events&unix.EPOLLERR != 0 {
-					// If an error is waiting on the pipe file descriptor.
-					// This is an absolute mystery, and should never ever happen.
-					return false, errors.New("Error on the pipe descriptor.")
-				}
-				if event.Events&unix.EPOLLIN != 0 {
-					// This is a regular wakeup, so we have to clear the buffer.
-					err := poller.clearWake()
-					if err != nil {
-						return false, err
-					}
-				}
-			}
-		}
-
-		if epollhup || epollerr || epollin {
-			return true, nil
-		}
-		return false, nil
-	}
-}
-
-// Close the write end of the poller.
-func (poller *fdPoller) wake() error {
-	buf := make([]byte, 1)
-	n, errno := unix.Write(poller.pipe[1], buf)
-	if n == -1 {
-		if errno == unix.EAGAIN {
-			// Buffer is full, poller will wake.
-			return nil
-		}
-		return errno
-	}
-	return nil
-}
-
-func (poller *fdPoller) clearWake() error {
-	// You have to be woken up a LOT in order to get to 100!
-	buf := make([]byte, 100)
-	n, errno := unix.Read(poller.pipe[0], buf)
-	if n == -1 {
-		if errno == unix.EAGAIN {
-			// Buffer is empty, someone else cleared our wake.
-			return nil
-		}
-		return errno
-	}
-	return nil
-}
-
-// Close all poller file descriptors, but not the one passed to it.
-func (poller *fdPoller) close() {
-	if poller.pipe[1] != -1 {
-		unix.Close(poller.pipe[1])
-	}
-	if poller.pipe[0] != -1 {
-		unix.Close(poller.pipe[0])
-	}
-	if poller.epfd != -1 {
-		unix.Close(poller.epfd)
-	}
-}
diff --git a/vendor/gopkg.in/fsnotify/fsnotify.v1/kqueue.go b/vendor/gopkg.in/fsnotify/fsnotify.v1/kqueue.go
deleted file mode 100644
index 86e76a3d676..00000000000
--- a/vendor/gopkg.in/fsnotify/fsnotify.v1/kqueue.go
+++ /dev/null
@@ -1,521 +0,0 @@
-// Copyright 2010 The Go Authors. All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-// +build freebsd openbsd netbsd dragonfly darwin
-
-package fsnotify
-
-import (
-	"errors"
-	"fmt"
-	"io/ioutil"
-	"os"
-	"path/filepath"
-	"sync"
-	"time"
-
-	"golang.org/x/sys/unix"
-)
-
-// Watcher watches a set of files, delivering events to a channel.
-type Watcher struct {
-	Events chan Event
-	Errors chan error
-	done   chan struct{} // Channel for sending a "quit message" to the reader goroutine
-
-	kq int // File descriptor (as returned by the kqueue() syscall).
-
-	mu              sync.Mutex        // Protects access to watcher data
-	watches         map[string]int    // Map of watched file descriptors (key: path).
-	externalWatches map[string]bool   // Map of watches added by user of the library.
-	dirFlags        map[string]uint32 // Map of watched directories to fflags used in kqueue.
-	paths           map[int]pathInfo  // Map file descriptors to path names for processing kqueue events.
-	fileExists      map[string]bool   // Keep track of if we know this file exists (to stop duplicate create events).
-	isClosed        bool              // Set to true when Close() is first called
-}
-
-type pathInfo struct {
-	name  string
-	isDir bool
-}
-
-// NewWatcher establishes a new watcher with the underlying OS and begins waiting for events.
-func NewWatcher() (*Watcher, error) {
-	kq, err := kqueue()
-	if err != nil {
-		return nil, err
-	}
-
-	w := &Watcher{
-		kq:              kq,
-		watches:         make(map[string]int),
-		dirFlags:        make(map[string]uint32),
-		paths:           make(map[int]pathInfo),
-		fileExists:      make(map[string]bool),
-		externalWatches: make(map[string]bool),
-		Events:          make(chan Event),
-		Errors:          make(chan error),
-		done:            make(chan struct{}),
-	}
-
-	go w.readEvents()
-	return w, nil
-}
-
-// Close removes all watches and closes the events channel.
-func (w *Watcher) Close() error {
-	w.mu.Lock()
-	if w.isClosed {
-		w.mu.Unlock()
-		return nil
-	}
-	w.isClosed = true
-
-	// copy paths to remove while locked
-	var pathsToRemove = make([]string, 0, len(w.watches))
-	for name := range w.watches {
-		pathsToRemove = append(pathsToRemove, name)
-	}
-	w.mu.Unlock()
-	// unlock before calling Remove, which also locks
-
-	for _, name := range pathsToRemove {
-		w.Remove(name)
-	}
-
-	// send a "quit" message to the reader goroutine
-	close(w.done)
-
-	return nil
-}
-
-// Add starts watching the named file or directory (non-recursively).
-func (w *Watcher) Add(name string) error {
-	w.mu.Lock()
-	w.externalWatches[name] = true
-	w.mu.Unlock()
-	_, err := w.addWatch(name, noteAllEvents)
-	return err
-}
-
-// Remove stops watching the the named file or directory (non-recursively).
-func (w *Watcher) Remove(name string) error {
-	name = filepath.Clean(name)
-	w.mu.Lock()
-	watchfd, ok := w.watches[name]
-	w.mu.Unlock()
-	if !ok {
-		return fmt.Errorf("can't remove non-existent kevent watch for: %s", name)
-	}
-
-	const registerRemove = unix.EV_DELETE
-	if err := register(w.kq, []int{watchfd}, registerRemove, 0); err != nil {
-		return err
-	}
-
-	unix.Close(watchfd)
-
-	w.mu.Lock()
-	isDir := w.paths[watchfd].isDir
-	delete(w.watches, name)
-	delete(w.paths, watchfd)
-	delete(w.dirFlags, name)
-	w.mu.Unlock()
-
-	// Find all watched paths that are in this directory that are not external.
-	if isDir {
-		var pathsToRemove []string
-		w.mu.Lock()
-		for _, path := range w.paths {
-			wdir, _ := filepath.Split(path.name)
-			if filepath.Clean(wdir) == name {
-				if !w.externalWatches[path.name] {
-					pathsToRemove = append(pathsToRemove, path.name)
-				}
-			}
-		}
-		w.mu.Unlock()
-		for _, name := range pathsToRemove {
-			// Since these are internal, not much sense in propagating error
-			// to the user, as that will just confuse them with an error about
-			// a path they did not explicitly watch themselves.
-			w.Remove(name)
-		}
-	}
-
-	return nil
-}
-
-// Watch all events (except NOTE_EXTEND, NOTE_LINK, NOTE_REVOKE)
-const noteAllEvents = unix.NOTE_DELETE | unix.NOTE_WRITE | unix.NOTE_ATTRIB | unix.NOTE_RENAME
-
-// keventWaitTime to block on each read from kevent
-var keventWaitTime = durationToTimespec(100 * time.Millisecond)
-
-// addWatch adds name to the watched file set.
-// The flags are interpreted as described in kevent(2).
-// Returns the real path to the file which was added, if any, which may be different from the one passed in the case of symlinks.
-func (w *Watcher) addWatch(name string, flags uint32) (string, error) {
-	var isDir bool
-	// Make ./name and name equivalent
-	name = filepath.Clean(name)
-
-	w.mu.Lock()
-	if w.isClosed {
-		w.mu.Unlock()
-		return "", errors.New("kevent instance already closed")
-	}
-	watchfd, alreadyWatching := w.watches[name]
-	// We already have a watch, but we can still override flags.
-	if alreadyWatching {
-		isDir = w.paths[watchfd].isDir
-	}
-	w.mu.Unlock()
-
-	if !alreadyWatching {
-		fi, err := os.Lstat(name)
-		if err != nil {
-			return "", err
-		}
-
-		// Don't watch sockets.
-		if fi.Mode()&os.ModeSocket == os.ModeSocket {
-			return "", nil
-		}
-
-		// Don't watch named pipes.
-		if fi.Mode()&os.ModeNamedPipe == os.ModeNamedPipe {
-			return "", nil
-		}
-
-		// Follow Symlinks
-		// Unfortunately, Linux can add bogus symlinks to watch list without
-		// issue, and Windows can't do symlinks period (AFAIK). To  maintain
-		// consistency, we will act like everything is fine. There will simply
-		// be no file events for broken symlinks.
-		// Hence the returns of nil on errors.
-		if fi.Mode()&os.ModeSymlink == os.ModeSymlink {
-			name, err = filepath.EvalSymlinks(name)
-			if err != nil {
-				return "", nil
-			}
-
-			w.mu.Lock()
-			_, alreadyWatching = w.watches[name]
-			w.mu.Unlock()
-
-			if alreadyWatching {
-				return name, nil
-			}
-
-			fi, err = os.Lstat(name)
-			if err != nil {
-				return "", nil
-			}
-		}
-
-		watchfd, err = unix.Open(name, openMode, 0700)
-		if watchfd == -1 {
-			return "", err
-		}
-
-		isDir = fi.IsDir()
-	}
-
-	const registerAdd = unix.EV_ADD | unix.EV_CLEAR | unix.EV_ENABLE
-	if err := register(w.kq, []int{watchfd}, registerAdd, flags); err != nil {
-		unix.Close(watchfd)
-		return "", err
-	}
-
-	if !alreadyWatching {
-		w.mu.Lock()
-		w.watches[name] = watchfd
-		w.paths[watchfd] = pathInfo{name: name, isDir: isDir}
-		w.mu.Unlock()
-	}
-
-	if isDir {
-		// Watch the directory if it has not been watched before,
-		// or if it was watched before, but perhaps only a NOTE_DELETE (watchDirectoryFiles)
-		w.mu.Lock()
-
-		watchDir := (flags&unix.NOTE_WRITE) == unix.NOTE_WRITE &&
-			(!alreadyWatching || (w.dirFlags[name]&unix.NOTE_WRITE) != unix.NOTE_WRITE)
-		// Store flags so this watch can be updated later
-		w.dirFlags[name] = flags
-		w.mu.Unlock()
-
-		if watchDir {
-			if err := w.watchDirectoryFiles(name); err != nil {
-				return "", err
-			}
-		}
-	}
-	return name, nil
-}
-
-// readEvents reads from kqueue and converts the received kevents into
-// Event values that it sends down the Events channel.
-func (w *Watcher) readEvents() {
-	eventBuffer := make([]unix.Kevent_t, 10)
-
-loop:
-	for {
-		// See if there is a message on the "done" channel
-		select {
-		case <-w.done:
-			break loop
-		default:
-		}
-
-		// Get new events
-		kevents, err := read(w.kq, eventBuffer, &keventWaitTime)
-		// EINTR is okay, the syscall was interrupted before timeout expired.
-		if err != nil && err != unix.EINTR {
-			select {
-			case w.Errors <- err:
-			case <-w.done:
-				break loop
-			}
-			continue
-		}
-
-		// Flush the events we received to the Events channel
-		for len(kevents) > 0 {
-			kevent := &kevents[0]
-			watchfd := int(kevent.Ident)
-			mask := uint32(kevent.Fflags)
-			w.mu.Lock()
-			path := w.paths[watchfd]
-			w.mu.Unlock()
-			event := newEvent(path.name, mask)
-
-			if path.isDir && !(event.Op&Remove == Remove) {
-				// Double check to make sure the directory exists. This can happen when
-				// we do a rm -fr on a recursively watched folders and we receive a
-				// modification event first but the folder has been deleted and later
-				// receive the delete event
-				if _, err := os.Lstat(event.Name); os.IsNotExist(err) {
-					// mark is as delete event
-					event.Op |= Remove
-				}
-			}
-
-			if event.Op&Rename == Rename || event.Op&Remove == Remove {
-				w.Remove(event.Name)
-				w.mu.Lock()
-				delete(w.fileExists, event.Name)
-				w.mu.Unlock()
-			}
-
-			if path.isDir && event.Op&Write == Write && !(event.Op&Remove == Remove) {
-				w.sendDirectoryChangeEvents(event.Name)
-			} else {
-				// Send the event on the Events channel.
-				select {
-				case w.Events <- event:
-				case <-w.done:
-					break loop
-				}
-			}
-
-			if event.Op&Remove == Remove {
-				// Look for a file that may have overwritten this.
-				// For example, mv f1 f2 will delete f2, then create f2.
-				if path.isDir {
-					fileDir := filepath.Clean(event.Name)
-					w.mu.Lock()
-					_, found := w.watches[fileDir]
-					w.mu.Unlock()
-					if found {
-						// make sure the directory exists before we watch for changes. When we
-						// do a recursive watch and perform rm -fr, the parent directory might
-						// have gone missing, ignore the missing directory and let the
-						// upcoming delete event remove the watch from the parent directory.
-						if _, err := os.Lstat(fileDir); err == nil {
-							w.sendDirectoryChangeEvents(fileDir)
-						}
-					}
-				} else {
-					filePath := filepath.Clean(event.Name)
-					if fileInfo, err := os.Lstat(filePath); err == nil {
-						w.sendFileCreatedEventIfNew(filePath, fileInfo)
-					}
-				}
-			}
-
-			// Move to next event
-			kevents = kevents[1:]
-		}
-	}
-
-	// cleanup
-	err := unix.Close(w.kq)
-	if err != nil {
-		// only way the previous loop breaks is if w.done was closed so we need to async send to w.Errors.
-		select {
-		case w.Errors <- err:
-		default:
-		}
-	}
-	close(w.Events)
-	close(w.Errors)
-}
-
-// newEvent returns an platform-independent Event based on kqueue Fflags.
-func newEvent(name string, mask uint32) Event {
-	e := Event{Name: name}
-	if mask&unix.NOTE_DELETE == unix.NOTE_DELETE {
-		e.Op |= Remove
-	}
-	if mask&unix.NOTE_WRITE == unix.NOTE_WRITE {
-		e.Op |= Write
-	}
-	if mask&unix.NOTE_RENAME == unix.NOTE_RENAME {
-		e.Op |= Rename
-	}
-	if mask&unix.NOTE_ATTRIB == unix.NOTE_ATTRIB {
-		e.Op |= Chmod
-	}
-	return e
-}
-
-func newCreateEvent(name string) Event {
-	return Event{Name: name, Op: Create}
-}
-
-// watchDirectoryFiles to mimic inotify when adding a watch on a directory
-func (w *Watcher) watchDirectoryFiles(dirPath string) error {
-	// Get all files
-	files, err := ioutil.ReadDir(dirPath)
-	if err != nil {
-		return err
-	}
-
-	for _, fileInfo := range files {
-		filePath := filepath.Join(dirPath, fileInfo.Name())
-		filePath, err = w.internalWatch(filePath, fileInfo)
-		if err != nil {
-			return err
-		}
-
-		w.mu.Lock()
-		w.fileExists[filePath] = true
-		w.mu.Unlock()
-	}
-
-	return nil
-}
-
-// sendDirectoryEvents searches the directory for newly created files
-// and sends them over the event channel. This functionality is to have
-// the BSD version of fsnotify match Linux inotify which provides a
-// create event for files created in a watched directory.
-func (w *Watcher) sendDirectoryChangeEvents(dirPath string) {
-	// Get all files
-	files, err := ioutil.ReadDir(dirPath)
-	if err != nil {
-		select {
-		case w.Errors <- err:
-		case <-w.done:
-			return
-		}
-	}
-
-	// Search for new files
-	for _, fileInfo := range files {
-		filePath := filepath.Join(dirPath, fileInfo.Name())
-		err := w.sendFileCreatedEventIfNew(filePath, fileInfo)
-
-		if err != nil {
-			return
-		}
-	}
-}
-
-// sendFileCreatedEvent sends a create event if the file isn't already being tracked.
-func (w *Watcher) sendFileCreatedEventIfNew(filePath string, fileInfo os.FileInfo) (err error) {
-	w.mu.Lock()
-	_, doesExist := w.fileExists[filePath]
-	w.mu.Unlock()
-	if !doesExist {
-		// Send create event
-		select {
-		case w.Events <- newCreateEvent(filePath):
-		case <-w.done:
-			return
-		}
-	}
-
-	// like watchDirectoryFiles (but without doing another ReadDir)
-	filePath, err = w.internalWatch(filePath, fileInfo)
-	if err != nil {
-		return err
-	}
-
-	w.mu.Lock()
-	w.fileExists[filePath] = true
-	w.mu.Unlock()
-
-	return nil
-}
-
-func (w *Watcher) internalWatch(name string, fileInfo os.FileInfo) (string, error) {
-	if fileInfo.IsDir() {
-		// mimic Linux providing delete events for subdirectories
-		// but preserve the flags used if currently watching subdirectory
-		w.mu.Lock()
-		flags := w.dirFlags[name]
-		w.mu.Unlock()
-
-		flags |= unix.NOTE_DELETE | unix.NOTE_RENAME
-		return w.addWatch(name, flags)
-	}
-
-	// watch file to mimic Linux inotify
-	return w.addWatch(name, noteAllEvents)
-}
-
-// kqueue creates a new kernel event queue and returns a descriptor.
-func kqueue() (kq int, err error) {
-	kq, err = unix.Kqueue()
-	if kq == -1 {
-		return kq, err
-	}
-	return kq, nil
-}
-
-// register events with the queue
-func register(kq int, fds []int, flags int, fflags uint32) error {
-	changes := make([]unix.Kevent_t, len(fds))
-
-	for i, fd := range fds {
-		// SetKevent converts int to the platform-specific types:
-		unix.SetKevent(&changes[i], fd, unix.EVFILT_VNODE, flags)
-		changes[i].Fflags = fflags
-	}
-
-	// register the events
-	success, err := unix.Kevent(kq, changes, nil, nil)
-	if success == -1 {
-		return err
-	}
-	return nil
-}
-
-// read retrieves pending events, or waits until an event occurs.
-// A timeout of nil blocks indefinitely, while 0 polls the queue.
-func read(kq int, events []unix.Kevent_t, timeout *unix.Timespec) ([]unix.Kevent_t, error) {
-	n, err := unix.Kevent(kq, nil, events, timeout)
-	if err != nil {
-		return nil, err
-	}
-	return events[0:n], nil
-}
-
-// durationToTimespec prepares a timeout value
-func durationToTimespec(d time.Duration) unix.Timespec {
-	return unix.NsecToTimespec(d.Nanoseconds())
-}
diff --git a/vendor/gopkg.in/fsnotify/fsnotify.v1/open_mode_bsd.go b/vendor/gopkg.in/fsnotify/fsnotify.v1/open_mode_bsd.go
deleted file mode 100644
index 7d8de14513e..00000000000
--- a/vendor/gopkg.in/fsnotify/fsnotify.v1/open_mode_bsd.go
+++ /dev/null
@@ -1,11 +0,0 @@
-// Copyright 2013 The Go Authors. All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-// +build freebsd openbsd netbsd dragonfly
-
-package fsnotify
-
-import "golang.org/x/sys/unix"
-
-const openMode = unix.O_NONBLOCK | unix.O_RDONLY
diff --git a/vendor/gopkg.in/fsnotify/fsnotify.v1/open_mode_darwin.go b/vendor/gopkg.in/fsnotify/fsnotify.v1/open_mode_darwin.go
deleted file mode 100644
index 9139e17161b..00000000000
--- a/vendor/gopkg.in/fsnotify/fsnotify.v1/open_mode_darwin.go
+++ /dev/null
@@ -1,12 +0,0 @@
-// Copyright 2013 The Go Authors. All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-// +build darwin
-
-package fsnotify
-
-import "golang.org/x/sys/unix"
-
-// note: this constant is not defined on BSD
-const openMode = unix.O_EVTONLY
diff --git a/vendor/gopkg.in/fsnotify/fsnotify.v1/windows.go b/vendor/gopkg.in/fsnotify/fsnotify.v1/windows.go
deleted file mode 100644
index 09436f31d82..00000000000
--- a/vendor/gopkg.in/fsnotify/fsnotify.v1/windows.go
+++ /dev/null
@@ -1,561 +0,0 @@
-// Copyright 2011 The Go Authors. All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-// +build windows
-
-package fsnotify
-
-import (
-	"errors"
-	"fmt"
-	"os"
-	"path/filepath"
-	"runtime"
-	"sync"
-	"syscall"
-	"unsafe"
-)
-
-// Watcher watches a set of files, delivering events to a channel.
-type Watcher struct {
-	Events   chan Event
-	Errors   chan error
-	isClosed bool           // Set to true when Close() is first called
-	mu       sync.Mutex     // Map access
-	port     syscall.Handle // Handle to completion port
-	watches  watchMap       // Map of watches (key: i-number)
-	input    chan *input    // Inputs to the reader are sent on this channel
-	quit     chan chan<- error
-}
-
-// NewWatcher establishes a new watcher with the underlying OS and begins waiting for events.
-func NewWatcher() (*Watcher, error) {
-	port, e := syscall.CreateIoCompletionPort(syscall.InvalidHandle, 0, 0, 0)
-	if e != nil {
-		return nil, os.NewSyscallError("CreateIoCompletionPort", e)
-	}
-	w := &Watcher{
-		port:    port,
-		watches: make(watchMap),
-		input:   make(chan *input, 1),
-		Events:  make(chan Event, 50),
-		Errors:  make(chan error),
-		quit:    make(chan chan<- error, 1),
-	}
-	go w.readEvents()
-	return w, nil
-}
-
-// Close removes all watches and closes the events channel.
-func (w *Watcher) Close() error {
-	if w.isClosed {
-		return nil
-	}
-	w.isClosed = true
-
-	// Send "quit" message to the reader goroutine
-	ch := make(chan error)
-	w.quit <- ch
-	if err := w.wakeupReader(); err != nil {
-		return err
-	}
-	return <-ch
-}
-
-// Add starts watching the named file or directory (non-recursively).
-func (w *Watcher) Add(name string) error {
-	if w.isClosed {
-		return errors.New("watcher already closed")
-	}
-	in := &input{
-		op:    opAddWatch,
-		path:  filepath.Clean(name),
-		flags: sysFSALLEVENTS,
-		reply: make(chan error),
-	}
-	w.input <- in
-	if err := w.wakeupReader(); err != nil {
-		return err
-	}
-	return <-in.reply
-}
-
-// Remove stops watching the the named file or directory (non-recursively).
-func (w *Watcher) Remove(name string) error {
-	in := &input{
-		op:    opRemoveWatch,
-		path:  filepath.Clean(name),
-		reply: make(chan error),
-	}
-	w.input <- in
-	if err := w.wakeupReader(); err != nil {
-		return err
-	}
-	return <-in.reply
-}
-
-const (
-	// Options for AddWatch
-	sysFSONESHOT = 0x80000000
-	sysFSONLYDIR = 0x1000000
-
-	// Events
-	sysFSACCESS     = 0x1
-	sysFSALLEVENTS  = 0xfff
-	sysFSATTRIB     = 0x4
-	sysFSCLOSE      = 0x18
-	sysFSCREATE     = 0x100
-	sysFSDELETE     = 0x200
-	sysFSDELETESELF = 0x400
-	sysFSMODIFY     = 0x2
-	sysFSMOVE       = 0xc0
-	sysFSMOVEDFROM  = 0x40
-	sysFSMOVEDTO    = 0x80
-	sysFSMOVESELF   = 0x800
-
-	// Special events
-	sysFSIGNORED   = 0x8000
-	sysFSQOVERFLOW = 0x4000
-)
-
-func newEvent(name string, mask uint32) Event {
-	e := Event{Name: name}
-	if mask&sysFSCREATE == sysFSCREATE || mask&sysFSMOVEDTO == sysFSMOVEDTO {
-		e.Op |= Create
-	}
-	if mask&sysFSDELETE == sysFSDELETE || mask&sysFSDELETESELF == sysFSDELETESELF {
-		e.Op |= Remove
-	}
-	if mask&sysFSMODIFY == sysFSMODIFY {
-		e.Op |= Write
-	}
-	if mask&sysFSMOVE == sysFSMOVE || mask&sysFSMOVESELF == sysFSMOVESELF || mask&sysFSMOVEDFROM == sysFSMOVEDFROM {
-		e.Op |= Rename
-	}
-	if mask&sysFSATTRIB == sysFSATTRIB {
-		e.Op |= Chmod
-	}
-	return e
-}
-
-const (
-	opAddWatch = iota
-	opRemoveWatch
-)
-
-const (
-	provisional uint64 = 1 << (32 + iota)
-)
-
-type input struct {
-	op    int
-	path  string
-	flags uint32
-	reply chan error
-}
-
-type inode struct {
-	handle syscall.Handle
-	volume uint32
-	index  uint64
-}
-
-type watch struct {
-	ov     syscall.Overlapped
-	ino    *inode            // i-number
-	path   string            // Directory path
-	mask   uint64            // Directory itself is being watched with these notify flags
-	names  map[string]uint64 // Map of names being watched and their notify flags
-	rename string            // Remembers the old name while renaming a file
-	buf    [4096]byte
-}
-
-type indexMap map[uint64]*watch
-type watchMap map[uint32]indexMap
-
-func (w *Watcher) wakeupReader() error {
-	e := syscall.PostQueuedCompletionStatus(w.port, 0, 0, nil)
-	if e != nil {
-		return os.NewSyscallError("PostQueuedCompletionStatus", e)
-	}
-	return nil
-}
-
-func getDir(pathname string) (dir string, err error) {
-	attr, e := syscall.GetFileAttributes(syscall.StringToUTF16Ptr(pathname))
-	if e != nil {
-		return "", os.NewSyscallError("GetFileAttributes", e)
-	}
-	if attr&syscall.FILE_ATTRIBUTE_DIRECTORY != 0 {
-		dir = pathname
-	} else {
-		dir, _ = filepath.Split(pathname)
-		dir = filepath.Clean(dir)
-	}
-	return
-}
-
-func getIno(path string) (ino *inode, err error) {
-	h, e := syscall.CreateFile(syscall.StringToUTF16Ptr(path),
-		syscall.FILE_LIST_DIRECTORY,
-		syscall.FILE_SHARE_READ|syscall.FILE_SHARE_WRITE|syscall.FILE_SHARE_DELETE,
-		nil, syscall.OPEN_EXISTING,
-		syscall.FILE_FLAG_BACKUP_SEMANTICS|syscall.FILE_FLAG_OVERLAPPED, 0)
-	if e != nil {
-		return nil, os.NewSyscallError("CreateFile", e)
-	}
-	var fi syscall.ByHandleFileInformation
-	if e = syscall.GetFileInformationByHandle(h, &fi); e != nil {
-		syscall.CloseHandle(h)
-		return nil, os.NewSyscallError("GetFileInformationByHandle", e)
-	}
-	ino = &inode{
-		handle: h,
-		volume: fi.VolumeSerialNumber,
-		index:  uint64(fi.FileIndexHigh)<<32 | uint64(fi.FileIndexLow),
-	}
-	return ino, nil
-}
-
-// Must run within the I/O thread.
-func (m watchMap) get(ino *inode) *watch {
-	if i := m[ino.volume]; i != nil {
-		return i[ino.index]
-	}
-	return nil
-}
-
-// Must run within the I/O thread.
-func (m watchMap) set(ino *inode, watch *watch) {
-	i := m[ino.volume]
-	if i == nil {
-		i = make(indexMap)
-		m[ino.volume] = i
-	}
-	i[ino.index] = watch
-}
-
-// Must run within the I/O thread.
-func (w *Watcher) addWatch(pathname string, flags uint64) error {
-	dir, err := getDir(pathname)
-	if err != nil {
-		return err
-	}
-	if flags&sysFSONLYDIR != 0 && pathname != dir {
-		return nil
-	}
-	ino, err := getIno(dir)
-	if err != nil {
-		return err
-	}
-	w.mu.Lock()
-	watchEntry := w.watches.get(ino)
-	w.mu.Unlock()
-	if watchEntry == nil {
-		if _, e := syscall.CreateIoCompletionPort(ino.handle, w.port, 0, 0); e != nil {
-			syscall.CloseHandle(ino.handle)
-			return os.NewSyscallError("CreateIoCompletionPort", e)
-		}
-		watchEntry = &watch{
-			ino:   ino,
-			path:  dir,
-			names: make(map[string]uint64),
-		}
-		w.mu.Lock()
-		w.watches.set(ino, watchEntry)
-		w.mu.Unlock()
-		flags |= provisional
-	} else {
-		syscall.CloseHandle(ino.handle)
-	}
-	if pathname == dir {
-		watchEntry.mask |= flags
-	} else {
-		watchEntry.names[filepath.Base(pathname)] |= flags
-	}
-	if err = w.startRead(watchEntry); err != nil {
-		return err
-	}
-	if pathname == dir {
-		watchEntry.mask &= ^provisional
-	} else {
-		watchEntry.names[filepath.Base(pathname)] &= ^provisional
-	}
-	return nil
-}
-
-// Must run within the I/O thread.
-func (w *Watcher) remWatch(pathname string) error {
-	dir, err := getDir(pathname)
-	if err != nil {
-		return err
-	}
-	ino, err := getIno(dir)
-	if err != nil {
-		return err
-	}
-	w.mu.Lock()
-	watch := w.watches.get(ino)
-	w.mu.Unlock()
-	if watch == nil {
-		return fmt.Errorf("can't remove non-existent watch for: %s", pathname)
-	}
-	if pathname == dir {
-		w.sendEvent(watch.path, watch.mask&sysFSIGNORED)
-		watch.mask = 0
-	} else {
-		name := filepath.Base(pathname)
-		w.sendEvent(filepath.Join(watch.path, name), watch.names[name]&sysFSIGNORED)
-		delete(watch.names, name)
-	}
-	return w.startRead(watch)
-}
-
-// Must run within the I/O thread.
-func (w *Watcher) deleteWatch(watch *watch) {
-	for name, mask := range watch.names {
-		if mask&provisional == 0 {
-			w.sendEvent(filepath.Join(watch.path, name), mask&sysFSIGNORED)
-		}
-		delete(watch.names, name)
-	}
-	if watch.mask != 0 {
-		if watch.mask&provisional == 0 {
-			w.sendEvent(watch.path, watch.mask&sysFSIGNORED)
-		}
-		watch.mask = 0
-	}
-}
-
-// Must run within the I/O thread.
-func (w *Watcher) startRead(watch *watch) error {
-	if e := syscall.CancelIo(watch.ino.handle); e != nil {
-		w.Errors <- os.NewSyscallError("CancelIo", e)
-		w.deleteWatch(watch)
-	}
-	mask := toWindowsFlags(watch.mask)
-	for _, m := range watch.names {
-		mask |= toWindowsFlags(m)
-	}
-	if mask == 0 {
-		if e := syscall.CloseHandle(watch.ino.handle); e != nil {
-			w.Errors <- os.NewSyscallError("CloseHandle", e)
-		}
-		w.mu.Lock()
-		delete(w.watches[watch.ino.volume], watch.ino.index)
-		w.mu.Unlock()
-		return nil
-	}
-	e := syscall.ReadDirectoryChanges(watch.ino.handle, &watch.buf[0],
-		uint32(unsafe.Sizeof(watch.buf)), false, mask, nil, &watch.ov, 0)
-	if e != nil {
-		err := os.NewSyscallError("ReadDirectoryChanges", e)
-		if e == syscall.ERROR_ACCESS_DENIED && watch.mask&provisional == 0 {
-			// Watched directory was probably removed
-			if w.sendEvent(watch.path, watch.mask&sysFSDELETESELF) {
-				if watch.mask&sysFSONESHOT != 0 {
-					watch.mask = 0
-				}
-			}
-			err = nil
-		}
-		w.deleteWatch(watch)
-		w.startRead(watch)
-		return err
-	}
-	return nil
-}
-
-// readEvents reads from the I/O completion port, converts the
-// received events into Event objects and sends them via the Events channel.
-// Entry point to the I/O thread.
-func (w *Watcher) readEvents() {
-	var (
-		n, key uint32
-		ov     *syscall.Overlapped
-	)
-	runtime.LockOSThread()
-
-	for {
-		e := syscall.GetQueuedCompletionStatus(w.port, &n, &key, &ov, syscall.INFINITE)
-		watch := (*watch)(unsafe.Pointer(ov))
-
-		if watch == nil {
-			select {
-			case ch := <-w.quit:
-				w.mu.Lock()
-				var indexes []indexMap
-				for _, index := range w.watches {
-					indexes = append(indexes, index)
-				}
-				w.mu.Unlock()
-				for _, index := range indexes {
-					for _, watch := range index {
-						w.deleteWatch(watch)
-						w.startRead(watch)
-					}
-				}
-				var err error
-				if e := syscall.CloseHandle(w.port); e != nil {
-					err = os.NewSyscallError("CloseHandle", e)
-				}
-				close(w.Events)
-				close(w.Errors)
-				ch <- err
-				return
-			case in := <-w.input:
-				switch in.op {
-				case opAddWatch:
-					in.reply <- w.addWatch(in.path, uint64(in.flags))
-				case opRemoveWatch:
-					in.reply <- w.remWatch(in.path)
-				}
-			default:
-			}
-			continue
-		}
-
-		switch e {
-		case syscall.ERROR_MORE_DATA:
-			if watch == nil {
-				w.Errors <- errors.New("ERROR_MORE_DATA has unexpectedly null lpOverlapped buffer")
-			} else {
-				// The i/o succeeded but the buffer is full.
-				// In theory we should be building up a full packet.
-				// In practice we can get away with just carrying on.
-				n = uint32(unsafe.Sizeof(watch.buf))
-			}
-		case syscall.ERROR_ACCESS_DENIED:
-			// Watched directory was probably removed
-			w.sendEvent(watch.path, watch.mask&sysFSDELETESELF)
-			w.deleteWatch(watch)
-			w.startRead(watch)
-			continue
-		case syscall.ERROR_OPERATION_ABORTED:
-			// CancelIo was called on this handle
-			continue
-		default:
-			w.Errors <- os.NewSyscallError("GetQueuedCompletionPort", e)
-			continue
-		case nil:
-		}
-
-		var offset uint32
-		for {
-			if n == 0 {
-				w.Events <- newEvent("", sysFSQOVERFLOW)
-				w.Errors <- errors.New("short read in readEvents()")
-				break
-			}
-
-			// Point "raw" to the event in the buffer
-			raw := (*syscall.FileNotifyInformation)(unsafe.Pointer(&watch.buf[offset]))
-			buf := (*[syscall.MAX_PATH]uint16)(unsafe.Pointer(&raw.FileName))
-			name := syscall.UTF16ToString(buf[:raw.FileNameLength/2])
-			fullname := filepath.Join(watch.path, name)
-
-			var mask uint64
-			switch raw.Action {
-			case syscall.FILE_ACTION_REMOVED:
-				mask = sysFSDELETESELF
-			case syscall.FILE_ACTION_MODIFIED:
-				mask = sysFSMODIFY
-			case syscall.FILE_ACTION_RENAMED_OLD_NAME:
-				watch.rename = name
-			case syscall.FILE_ACTION_RENAMED_NEW_NAME:
-				if watch.names[watch.rename] != 0 {
-					watch.names[name] |= watch.names[watch.rename]
-					delete(watch.names, watch.rename)
-					mask = sysFSMOVESELF
-				}
-			}
-
-			sendNameEvent := func() {
-				if w.sendEvent(fullname, watch.names[name]&mask) {
-					if watch.names[name]&sysFSONESHOT != 0 {
-						delete(watch.names, name)
-					}
-				}
-			}
-			if raw.Action != syscall.FILE_ACTION_RENAMED_NEW_NAME {
-				sendNameEvent()
-			}
-			if raw.Action == syscall.FILE_ACTION_REMOVED {
-				w.sendEvent(fullname, watch.names[name]&sysFSIGNORED)
-				delete(watch.names, name)
-			}
-			if w.sendEvent(fullname, watch.mask&toFSnotifyFlags(raw.Action)) {
-				if watch.mask&sysFSONESHOT != 0 {
-					watch.mask = 0
-				}
-			}
-			if raw.Action == syscall.FILE_ACTION_RENAMED_NEW_NAME {
-				fullname = filepath.Join(watch.path, watch.rename)
-				sendNameEvent()
-			}
-
-			// Move to the next event in the buffer
-			if raw.NextEntryOffset == 0 {
-				break
-			}
-			offset += raw.NextEntryOffset
-
-			// Error!
-			if offset >= n {
-				w.Errors <- errors.New("Windows system assumed buffer larger than it is, events have likely been missed.")
-				break
-			}
-		}
-
-		if err := w.startRead(watch); err != nil {
-			w.Errors <- err
-		}
-	}
-}
-
-func (w *Watcher) sendEvent(name string, mask uint64) bool {
-	if mask == 0 {
-		return false
-	}
-	event := newEvent(name, uint32(mask))
-	select {
-	case ch := <-w.quit:
-		w.quit <- ch
-	case w.Events <- event:
-	}
-	return true
-}
-
-func toWindowsFlags(mask uint64) uint32 {
-	var m uint32
-	if mask&sysFSACCESS != 0 {
-		m |= syscall.FILE_NOTIFY_CHANGE_LAST_ACCESS
-	}
-	if mask&sysFSMODIFY != 0 {
-		m |= syscall.FILE_NOTIFY_CHANGE_LAST_WRITE
-	}
-	if mask&sysFSATTRIB != 0 {
-		m |= syscall.FILE_NOTIFY_CHANGE_ATTRIBUTES
-	}
-	if mask&(sysFSMOVE|sysFSCREATE|sysFSDELETE) != 0 {
-		m |= syscall.FILE_NOTIFY_CHANGE_FILE_NAME | syscall.FILE_NOTIFY_CHANGE_DIR_NAME
-	}
-	return m
-}
-
-func toFSnotifyFlags(action uint32) uint64 {
-	switch action {
-	case syscall.FILE_ACTION_ADDED:
-		return sysFSCREATE
-	case syscall.FILE_ACTION_REMOVED:
-		return sysFSDELETE
-	case syscall.FILE_ACTION_MODIFIED:
-		return sysFSMODIFY
-	case syscall.FILE_ACTION_RENAMED_OLD_NAME:
-		return sysFSMOVEDFROM
-	case syscall.FILE_ACTION_RENAMED_NEW_NAME:
-		return sysFSMOVEDTO
-	}
-	return 0
-}
diff --git a/vendor/modules.txt b/vendor/modules.txt
index c5a62b11e8a..81e3afdd91c 100644
--- a/vendor/modules.txt
+++ b/vendor/modules.txt
@@ -30,11 +30,11 @@ github.com/Azure/azure-storage-blob-go/azblob
 # github.com/Azure/go-autorest v14.2.0+incompatible
 ## explicit
 github.com/Azure/go-autorest
-# github.com/Azure/go-autorest/autorest v0.11.20
+# github.com/Azure/go-autorest/autorest v0.11.22
 ## explicit; go 1.15
 github.com/Azure/go-autorest/autorest
 github.com/Azure/go-autorest/autorest/azure
-# github.com/Azure/go-autorest/autorest/adal v0.9.15
+# github.com/Azure/go-autorest/autorest/adal v0.9.17
 ## explicit; go 1.15
 github.com/Azure/go-autorest/autorest/adal
 # github.com/Azure/go-autorest/autorest/azure/auth v0.5.8
@@ -77,7 +77,7 @@ github.com/alecthomas/kong
 ## explicit
 github.com/alecthomas/template
 github.com/alecthomas/template/parse
-# github.com/alecthomas/units v0.0.0-20210912230133-d1bdfacee922
+# github.com/alecthomas/units v0.0.0-20210927113745-59d0afb8317a
 ## explicit; go 1.15
 github.com/alecthomas/units
 # github.com/apache/thrift v0.15.0
@@ -90,7 +90,7 @@ github.com/armon/go-metrics/prometheus
 # github.com/asaskevich/govalidator v0.0.0-20210307081110-f21760c49a8d
 ## explicit; go 1.13
 github.com/asaskevich/govalidator
-# github.com/aws/aws-sdk-go v1.42.9
+# github.com/aws/aws-sdk-go v1.42.16
 ## explicit; go 1.11
 github.com/aws/aws-sdk-go/aws
 github.com/aws/aws-sdk-go/aws/arn
@@ -172,6 +172,16 @@ github.com/cespare/xxhash
 # github.com/cespare/xxhash/v2 v2.1.2
 ## explicit; go 1.11
 github.com/cespare/xxhash/v2
+# github.com/cncf/udpa/go v0.0.0-20201120205902-5459f2c99403
+## explicit; go 1.11
+github.com/cncf/udpa/go/udpa/data/orca/v1
+github.com/cncf/udpa/go/udpa/type/v1
+# github.com/cncf/xds/go v0.0.0-20211001041855-01bcc9b48dfe
+## explicit; go 1.11
+github.com/cncf/xds/go/udpa/annotations
+github.com/cncf/xds/go/xds/annotations/v3
+github.com/cncf/xds/go/xds/core/v3
+github.com/cncf/xds/go/xds/type/matcher/v3
 # github.com/coreos/etcd v3.3.25+incompatible
 ## explicit
 github.com/coreos/etcd/pkg/fileutil
@@ -188,7 +198,7 @@ github.com/coreos/go-systemd/v22/journal
 # github.com/coreos/pkg v0.0.0-20180928190104-399ea9e2e55f
 ## explicit
 github.com/coreos/pkg/capnslog
-# github.com/cortexproject/cortex v1.10.1-0.20211104100946-3f329a21cad4
+# github.com/cortexproject/cortex v1.10.1-0.20211214110443-07d6cfc4eb84
 ## explicit; go 1.16
 github.com/cortexproject/cortex/integration/e2e
 github.com/cortexproject/cortex/integration/e2e/db
@@ -267,6 +277,7 @@ github.com/cortexproject/cortex/pkg/storage/bucket
 github.com/cortexproject/cortex/pkg/storage/bucket/azure
 github.com/cortexproject/cortex/pkg/storage/bucket/filesystem
 github.com/cortexproject/cortex/pkg/storage/bucket/gcs
+github.com/cortexproject/cortex/pkg/storage/bucket/http
 github.com/cortexproject/cortex/pkg/storage/bucket/s3
 github.com/cortexproject/cortex/pkg/storage/bucket/swift
 github.com/cortexproject/cortex/pkg/storage/tsdb
@@ -325,6 +336,54 @@ github.com/eapache/queue
 # github.com/edsrzf/mmap-go v1.0.0
 ## explicit
 github.com/edsrzf/mmap-go
+# github.com/envoyproxy/go-control-plane v0.10.1
+## explicit; go 1.11
+github.com/envoyproxy/go-control-plane/envoy/admin/v3
+github.com/envoyproxy/go-control-plane/envoy/annotations
+github.com/envoyproxy/go-control-plane/envoy/api/v2
+github.com/envoyproxy/go-control-plane/envoy/api/v2/auth
+github.com/envoyproxy/go-control-plane/envoy/api/v2/cluster
+github.com/envoyproxy/go-control-plane/envoy/api/v2/core
+github.com/envoyproxy/go-control-plane/envoy/api/v2/endpoint
+github.com/envoyproxy/go-control-plane/envoy/api/v2/listener
+github.com/envoyproxy/go-control-plane/envoy/api/v2/route
+github.com/envoyproxy/go-control-plane/envoy/config/accesslog/v3
+github.com/envoyproxy/go-control-plane/envoy/config/bootstrap/v3
+github.com/envoyproxy/go-control-plane/envoy/config/cluster/v3
+github.com/envoyproxy/go-control-plane/envoy/config/common/matcher/v3
+github.com/envoyproxy/go-control-plane/envoy/config/core/v3
+github.com/envoyproxy/go-control-plane/envoy/config/endpoint/v3
+github.com/envoyproxy/go-control-plane/envoy/config/filter/accesslog/v2
+github.com/envoyproxy/go-control-plane/envoy/config/listener/v2
+github.com/envoyproxy/go-control-plane/envoy/config/listener/v3
+github.com/envoyproxy/go-control-plane/envoy/config/metrics/v3
+github.com/envoyproxy/go-control-plane/envoy/config/overload/v3
+github.com/envoyproxy/go-control-plane/envoy/config/route/v3
+github.com/envoyproxy/go-control-plane/envoy/config/tap/v3
+github.com/envoyproxy/go-control-plane/envoy/config/trace/v3
+github.com/envoyproxy/go-control-plane/envoy/extensions/clusters/aggregate/v3
+github.com/envoyproxy/go-control-plane/envoy/extensions/filters/common/fault/v3
+github.com/envoyproxy/go-control-plane/envoy/extensions/filters/http/fault/v3
+github.com/envoyproxy/go-control-plane/envoy/extensions/filters/http/router/v3
+github.com/envoyproxy/go-control-plane/envoy/extensions/filters/network/http_connection_manager/v3
+github.com/envoyproxy/go-control-plane/envoy/extensions/transport_sockets/tls/v3
+github.com/envoyproxy/go-control-plane/envoy/service/discovery/v2
+github.com/envoyproxy/go-control-plane/envoy/service/discovery/v3
+github.com/envoyproxy/go-control-plane/envoy/service/load_stats/v2
+github.com/envoyproxy/go-control-plane/envoy/service/load_stats/v3
+github.com/envoyproxy/go-control-plane/envoy/service/status/v3
+github.com/envoyproxy/go-control-plane/envoy/type
+github.com/envoyproxy/go-control-plane/envoy/type/http/v3
+github.com/envoyproxy/go-control-plane/envoy/type/matcher
+github.com/envoyproxy/go-control-plane/envoy/type/matcher/v3
+github.com/envoyproxy/go-control-plane/envoy/type/metadata/v2
+github.com/envoyproxy/go-control-plane/envoy/type/metadata/v3
+github.com/envoyproxy/go-control-plane/envoy/type/tracing/v2
+github.com/envoyproxy/go-control-plane/envoy/type/tracing/v3
+github.com/envoyproxy/go-control-plane/envoy/type/v3
+# github.com/envoyproxy/protoc-gen-validate v0.6.2
+## explicit; go 1.12
+github.com/envoyproxy/protoc-gen-validate/validate
 # github.com/facette/natsort v0.0.0-20181210072756-2cd4dd1e2dcb
 ## explicit
 github.com/facette/natsort
@@ -393,7 +452,7 @@ github.com/go-openapi/runtime/security
 # github.com/go-openapi/spec v0.20.4
 ## explicit; go 1.13
 github.com/go-openapi/spec
-# github.com/go-openapi/strfmt v0.21.0
+# github.com/go-openapi/strfmt v0.21.1
 ## explicit; go 1.13
 github.com/go-openapi/strfmt
 # github.com/go-openapi/swag v0.19.15
@@ -467,6 +526,7 @@ github.com/golang/protobuf/ptypes
 github.com/golang/protobuf/ptypes/any
 github.com/golang/protobuf/ptypes/duration
 github.com/golang/protobuf/ptypes/empty
+github.com/golang/protobuf/ptypes/struct
 github.com/golang/protobuf/ptypes/timestamp
 github.com/golang/protobuf/ptypes/wrappers
 # github.com/golang/snappy v0.0.4
@@ -481,11 +541,12 @@ github.com/google/flatbuffers/go
 # github.com/google/go-cmp v0.5.6
 ## explicit; go 1.8
 github.com/google/go-cmp/cmp
+github.com/google/go-cmp/cmp/cmpopts
 github.com/google/go-cmp/cmp/internal/diff
 github.com/google/go-cmp/cmp/internal/flags
 github.com/google/go-cmp/cmp/internal/function
 github.com/google/go-cmp/cmp/internal/value
-# github.com/google/pprof v0.0.0-20210827144239-02619b876842
+# github.com/google/pprof v0.0.0-20211122183932-1daafda22083
 ## explicit; go 1.14
 github.com/google/pprof/profile
 # github.com/google/uuid v1.3.0
@@ -559,7 +620,7 @@ github.com/grpc-ecosystem/grpc-opentracing/go/otgrpc
 # github.com/hailocab/go-hostpool v0.0.0-20160125115350-e80d13ce29ed
 ## explicit
 github.com/hailocab/go-hostpool
-# github.com/hashicorp/consul/api v1.10.1
+# github.com/hashicorp/consul/api v1.11.0
 ## explicit; go 1.12
 github.com/hashicorp/consul/api
 # github.com/hashicorp/errwrap v1.0.0
@@ -810,8 +871,8 @@ github.com/miekg/dns
 # github.com/minio/md5-simd v1.1.0
 ## explicit; go 1.14
 github.com/minio/md5-simd
-# github.com/minio/minio-go/v7 v7.0.10
-## explicit; go 1.12
+# github.com/minio/minio-go/v7 v7.0.16-0.20211116163909-d00629356463
+## explicit; go 1.15
 github.com/minio/minio-go/v7
 github.com/minio/minio-go/v7/pkg/credentials
 github.com/minio/minio-go/v7/pkg/encrypt
@@ -990,6 +1051,8 @@ github.com/prometheus/client_golang/prometheus/internal
 github.com/prometheus/client_golang/prometheus/promauto
 github.com/prometheus/client_golang/prometheus/promhttp
 github.com/prometheus/client_golang/prometheus/push
+github.com/prometheus/client_golang/prometheus/testutil
+github.com/prometheus/client_golang/prometheus/testutil/promlint
 # github.com/prometheus/client_model v0.2.0
 ## explicit; go 1.9
 github.com/prometheus/client_model/go
@@ -1004,7 +1067,7 @@ github.com/prometheus/common/version
 # github.com/prometheus/common/sigv4 v0.1.0
 ## explicit; go 1.15
 github.com/prometheus/common/sigv4
-# github.com/prometheus/exporter-toolkit v0.6.1
+# github.com/prometheus/exporter-toolkit v0.7.0
 ## explicit; go 1.14
 github.com/prometheus/exporter-toolkit/web
 # github.com/prometheus/node_exporter v1.0.0-rc.0.0.20200428091818-01054558c289
@@ -1015,7 +1078,7 @@ github.com/prometheus/node_exporter/https
 github.com/prometheus/procfs
 github.com/prometheus/procfs/internal/fs
 github.com/prometheus/procfs/internal/util
-# github.com/prometheus/prometheus v1.8.2-0.20211011171444-354d8d2ecfac
+# github.com/prometheus/prometheus v1.8.2-0.20211119115433-692a54649ed7
 ## explicit; go 1.14
 github.com/prometheus/prometheus/config
 github.com/prometheus/prometheus/discovery
@@ -1023,17 +1086,14 @@ github.com/prometheus/prometheus/discovery/dns
 github.com/prometheus/prometheus/discovery/file
 github.com/prometheus/prometheus/discovery/refresh
 github.com/prometheus/prometheus/discovery/targetgroup
+github.com/prometheus/prometheus/model/exemplar
+github.com/prometheus/prometheus/model/labels
+github.com/prometheus/prometheus/model/relabel
+github.com/prometheus/prometheus/model/rulefmt
+github.com/prometheus/prometheus/model/textparse
+github.com/prometheus/prometheus/model/timestamp
+github.com/prometheus/prometheus/model/value
 github.com/prometheus/prometheus/notifier
-github.com/prometheus/prometheus/pkg/exemplar
-github.com/prometheus/prometheus/pkg/gate
-github.com/prometheus/prometheus/pkg/labels
-github.com/prometheus/prometheus/pkg/logging
-github.com/prometheus/prometheus/pkg/pool
-github.com/prometheus/prometheus/pkg/relabel
-github.com/prometheus/prometheus/pkg/rulefmt
-github.com/prometheus/prometheus/pkg/textparse
-github.com/prometheus/prometheus/pkg/timestamp
-github.com/prometheus/prometheus/pkg/value
 github.com/prometheus/prometheus/prompb
 github.com/prometheus/prometheus/promql
 github.com/prometheus/prometheus/promql/parser
@@ -1054,8 +1114,11 @@ github.com/prometheus/prometheus/tsdb/record
 github.com/prometheus/prometheus/tsdb/tombstones
 github.com/prometheus/prometheus/tsdb/tsdbutil
 github.com/prometheus/prometheus/tsdb/wal
+github.com/prometheus/prometheus/util/gate
 github.com/prometheus/prometheus/util/httputil
+github.com/prometheus/prometheus/util/logging
 github.com/prometheus/prometheus/util/osutil
+github.com/prometheus/prometheus/util/pool
 github.com/prometheus/prometheus/util/stats
 github.com/prometheus/prometheus/util/strutil
 github.com/prometheus/prometheus/util/teststorage
@@ -1138,7 +1201,7 @@ github.com/stretchr/testify/require
 # github.com/subosito/gotenv v1.2.0
 ## explicit
 github.com/subosito/gotenv
-# github.com/thanos-io/thanos v0.22.0 => github.com/thanos-io/thanos v0.19.1-0.20210923155558-c15594a03c45
+# github.com/thanos-io/thanos v0.22.0 => github.com/thanos-io/thanos v0.19.1-0.20211208205607-d1acaea2a11a
 ## explicit; go 1.15
 github.com/thanos-io/thanos/pkg/block
 github.com/thanos-io/thanos/pkg/block/indexheader
@@ -1158,7 +1221,7 @@ github.com/thanos-io/thanos/pkg/exemplars/exemplarspb
 github.com/thanos-io/thanos/pkg/extprom
 github.com/thanos-io/thanos/pkg/extprom/http
 github.com/thanos-io/thanos/pkg/gate
-github.com/thanos-io/thanos/pkg/http
+github.com/thanos-io/thanos/pkg/httpconfig
 github.com/thanos-io/thanos/pkg/metadata/metadatapb
 github.com/thanos-io/thanos/pkg/model
 github.com/thanos-io/thanos/pkg/objstore
@@ -1271,7 +1334,7 @@ go.etcd.io/etcd/client/v3
 go.etcd.io/etcd/client/v3/credentials
 go.etcd.io/etcd/client/v3/internal/endpoint
 go.etcd.io/etcd/client/v3/internal/resolver
-# go.mongodb.org/mongo-driver v1.7.3
+# go.mongodb.org/mongo-driver v1.7.5
 ## explicit; go 1.10
 go.mongodb.org/mongo-driver/bson
 go.mongodb.org/mongo-driver/bson/bsoncodec
@@ -1414,7 +1477,7 @@ go.opentelemetry.io/otel/trace
 # go.uber.org/atomic v1.9.0
 ## explicit; go 1.13
 go.uber.org/atomic
-# go.uber.org/goleak v1.1.11-0.20210813005559-691160354723
+# go.uber.org/goleak v1.1.12
 ## explicit; go 1.13
 go.uber.org/goleak
 go.uber.org/goleak/internal/stack
@@ -1430,7 +1493,7 @@ go.uber.org/zap/internal/color
 go.uber.org/zap/internal/exit
 go.uber.org/zap/zapcore
 go.uber.org/zap/zapgrpc
-# golang.org/x/crypto v0.0.0-20210920023735-84f357641f63
+# golang.org/x/crypto v0.0.0-20210921155107-089bfa567519
 ## explicit; go 1.17
 golang.org/x/crypto/argon2
 golang.org/x/crypto/bcrypt
@@ -1440,7 +1503,7 @@ golang.org/x/crypto/md4
 golang.org/x/crypto/pbkdf2
 golang.org/x/crypto/pkcs12
 golang.org/x/crypto/pkcs12/internal/rc2
-# golang.org/x/net v0.0.0-20210917221730-978cfadd31cf
+# golang.org/x/net v0.0.0-20211123203042-d83791d6bcd9
 ## explicit; go 1.17
 golang.org/x/net/bpf
 golang.org/x/net/context
@@ -1460,7 +1523,7 @@ golang.org/x/net/netutil
 golang.org/x/net/proxy
 golang.org/x/net/publicsuffix
 golang.org/x/net/trace
-# golang.org/x/oauth2 v0.0.0-20211005180243-6b3c2da341f1
+# golang.org/x/oauth2 v0.0.0-20211104180415-d3ed0bb246c8
 ## explicit; go 1.11
 golang.org/x/oauth2
 golang.org/x/oauth2/authhandler
@@ -1474,7 +1537,7 @@ golang.org/x/oauth2/jwt
 ## explicit
 golang.org/x/sync/errgroup
 golang.org/x/sync/semaphore
-# golang.org/x/sys v0.0.0-20211013075003-97ac67df715c
+# golang.org/x/sys v0.0.0-20211124211545-fe61309f8881
 ## explicit; go 1.17
 golang.org/x/sys/cpu
 golang.org/x/sys/internal/unsafeheader
@@ -1488,14 +1551,14 @@ golang.org/x/text/transform
 golang.org/x/text/unicode/bidi
 golang.org/x/text/unicode/norm
 golang.org/x/text/width
-# golang.org/x/time v0.0.0-20210723032227-1f47c861a9ac
+# golang.org/x/time v0.0.0-20211116232009-f0f3c7e86c11
 ## explicit
 golang.org/x/time/rate
 # golang.org/x/xerrors v0.0.0-20200804184101-5ec99f83aff1
 ## explicit; go 1.11
 golang.org/x/xerrors
 golang.org/x/xerrors/internal
-# google.golang.org/api v0.58.0
+# google.golang.org/api v0.60.0
 ## explicit; go 1.11
 google.golang.org/api/cloudresourcemanager/v1
 google.golang.org/api/googleapi
@@ -1529,7 +1592,7 @@ google.golang.org/appengine/internal/socket
 google.golang.org/appengine/internal/urlfetch
 google.golang.org/appengine/socket
 google.golang.org/appengine/urlfetch
-# google.golang.org/genproto v0.0.0-20211016002631-37fc39342514
+# google.golang.org/genproto v0.0.0-20211129164237-f09f9a12af12
 ## explicit; go 1.11
 google.golang.org/genproto/googleapis/api/annotations
 google.golang.org/genproto/googleapis/api/httpbody
@@ -1544,7 +1607,7 @@ google.golang.org/genproto/googleapis/storage/v2
 google.golang.org/genproto/googleapis/type/date
 google.golang.org/genproto/googleapis/type/expr
 google.golang.org/genproto/protobuf/field_mask
-# google.golang.org/grpc v1.42.0 => google.golang.org/grpc v1.33.3
+# google.golang.org/grpc v1.42.0 => google.golang.org/grpc v1.38.0
 ## explicit; go 1.11
 google.golang.org/grpc
 google.golang.org/grpc/attributes
@@ -1555,6 +1618,7 @@ google.golang.org/grpc/balancer/grpclb
 google.golang.org/grpc/balancer/grpclb/grpc_lb_v1
 google.golang.org/grpc/balancer/grpclb/state
 google.golang.org/grpc/balancer/roundrobin
+google.golang.org/grpc/balancer/weightedroundrobin
 google.golang.org/grpc/binarylog/grpc_binarylog_v1
 google.golang.org/grpc/codes
 google.golang.org/grpc/connectivity
@@ -1567,7 +1631,10 @@ google.golang.org/grpc/credentials/alts/internal/handshaker
 google.golang.org/grpc/credentials/alts/internal/handshaker/service
 google.golang.org/grpc/credentials/alts/internal/proto/grpc_gcp
 google.golang.org/grpc/credentials/google
+google.golang.org/grpc/credentials/insecure
 google.golang.org/grpc/credentials/oauth
+google.golang.org/grpc/credentials/tls/certprovider
+google.golang.org/grpc/credentials/tls/certprovider/pemfile
 google.golang.org/grpc/encoding
 google.golang.org/grpc/encoding/gzip
 google.golang.org/grpc/encoding/proto
@@ -1575,23 +1642,35 @@ google.golang.org/grpc/grpclog
 google.golang.org/grpc/health
 google.golang.org/grpc/health/grpc_health_v1
 google.golang.org/grpc/internal
+google.golang.org/grpc/internal/admin
 google.golang.org/grpc/internal/backoff
 google.golang.org/grpc/internal/balancerload
 google.golang.org/grpc/internal/binarylog
 google.golang.org/grpc/internal/buffer
+google.golang.org/grpc/internal/cache
 google.golang.org/grpc/internal/channelz
 google.golang.org/grpc/internal/credentials
+google.golang.org/grpc/internal/credentials/xds
 google.golang.org/grpc/internal/envconfig
+google.golang.org/grpc/internal/googlecloud
 google.golang.org/grpc/internal/grpclog
 google.golang.org/grpc/internal/grpcrand
 google.golang.org/grpc/internal/grpcsync
 google.golang.org/grpc/internal/grpcutil
+google.golang.org/grpc/internal/hierarchy
+google.golang.org/grpc/internal/metadata
+google.golang.org/grpc/internal/resolver
 google.golang.org/grpc/internal/resolver/dns
 google.golang.org/grpc/internal/resolver/passthrough
+google.golang.org/grpc/internal/resolver/unix
 google.golang.org/grpc/internal/serviceconfig
 google.golang.org/grpc/internal/status
 google.golang.org/grpc/internal/syscall
 google.golang.org/grpc/internal/transport
+google.golang.org/grpc/internal/transport/networktype
+google.golang.org/grpc/internal/wrr
+google.golang.org/grpc/internal/xds
+google.golang.org/grpc/internal/xds/env
 google.golang.org/grpc/keepalive
 google.golang.org/grpc/metadata
 google.golang.org/grpc/peer
@@ -1603,6 +1682,28 @@ google.golang.org/grpc/serviceconfig
 google.golang.org/grpc/stats
 google.golang.org/grpc/status
 google.golang.org/grpc/tap
+google.golang.org/grpc/xds
+google.golang.org/grpc/xds/csds
+google.golang.org/grpc/xds/googledirectpath
+google.golang.org/grpc/xds/internal
+google.golang.org/grpc/xds/internal/balancer
+google.golang.org/grpc/xds/internal/balancer/balancergroup
+google.golang.org/grpc/xds/internal/balancer/cdsbalancer
+google.golang.org/grpc/xds/internal/balancer/clustermanager
+google.golang.org/grpc/xds/internal/balancer/edsbalancer
+google.golang.org/grpc/xds/internal/balancer/weightedtarget
+google.golang.org/grpc/xds/internal/balancer/weightedtarget/weightedaggregator
+google.golang.org/grpc/xds/internal/client
+google.golang.org/grpc/xds/internal/client/bootstrap
+google.golang.org/grpc/xds/internal/client/load
+google.golang.org/grpc/xds/internal/client/v2
+google.golang.org/grpc/xds/internal/client/v3
+google.golang.org/grpc/xds/internal/httpfilter
+google.golang.org/grpc/xds/internal/httpfilter/fault
+google.golang.org/grpc/xds/internal/httpfilter/router
+google.golang.org/grpc/xds/internal/resolver
+google.golang.org/grpc/xds/internal/server
+google.golang.org/grpc/xds/internal/version
 # google.golang.org/protobuf v1.27.1
 ## explicit; go 1.9
 google.golang.org/protobuf/encoding/protojson
@@ -1638,14 +1739,12 @@ google.golang.org/protobuf/types/known/anypb
 google.golang.org/protobuf/types/known/durationpb
 google.golang.org/protobuf/types/known/emptypb
 google.golang.org/protobuf/types/known/fieldmaskpb
+google.golang.org/protobuf/types/known/structpb
 google.golang.org/protobuf/types/known/timestamppb
 google.golang.org/protobuf/types/known/wrapperspb
 # gopkg.in/alecthomas/kingpin.v2 v2.2.6
 ## explicit
 gopkg.in/alecthomas/kingpin.v2
-# gopkg.in/fsnotify/fsnotify.v1 v1.4.7
-## explicit
-gopkg.in/fsnotify/fsnotify.v1
 # gopkg.in/inf.v0 v0.9.1
 ## explicit
 gopkg.in/inf.v0
@@ -1667,7 +1766,7 @@ rsc.io/binaryregexp/syntax
 # k8s.io/api => k8s.io/api v0.20.4
 # k8s.io/client-go => k8s.io/client-go v0.20.4
 # github.com/go-redis/redis/v8 => github.com/go-redis/redis/v8 v8.11.0
-# google.golang.org/grpc => google.golang.org/grpc v1.33.3
+# google.golang.org/grpc => google.golang.org/grpc v1.38.0
 # github.com/soheilhy/cmux => github.com/soheilhy/cmux v0.1.5
 # go.opentelemetry.io/otel/bridge/opentracing => github.com/bboreham/opentelemetry-go/bridge/opentracing v0.13.1-0.20210728105346-81ca3b18d348
 # go.opentelemetry.io/collector => github.com/grafana/opentelemetry-collector v0.4.1-0.20211201123047-86905635e8f8